shell bypass 403

UnknownSec Shell

: /home/az2015/public_html/admin/ [ drwxr-xr-x ]
Uname: Linux gains.arrowcloudlinux.com 4.18.0-553.22.1.lve.1.el8.x86_64 #1 SMP Tue Oct 8 15:52:54 UTC 2024 x86_64
Software: Apache
PHP version: 7.4.33 [ PHP INFO ] PHP os: Linux
Server Ip: 131.153.51.35
Your Ip: 18.225.55.42
User: az2015 (2658) | Group: az2015 (2661)
Safe Mode: OFF
Disable Function:
allow_url_include,show_source,symlink,system, passthru, exec, popen, pclose, proc_open, proc_terminate, proc_get_status, proc_close, proc_nice, allow_url_fopen, shell-exec, shell_exec, fpassthru, base64_encodem, escapeshellcmd, escapeshellarg, crack_check, crack_closedict, crack_getlastmessage, crack_opendict, posix_kill, posix_mkfifo, posix_setpgid, posix_setsid, posix_setuid, dl, escap,phpinfo

name : add_eventmore.php
<?php

session_start();

include('../include/dbconnect.php');

include('include/sessioncheck.php');

$m_id=$_REQUEST["add_mor"];

$Msg="";

	if(isset($_POST["slid_add"])){

		if(!empty($_FILES["s_img"]["name"]))

		{

			if(isImage($_FILES["s_img"]["type"]))

			{

				$img_extension=explode('.',$_FILES["s_img"]["name"]);

				$s_img="images/"."event_".uniqid().".".end($img_extension);

				$move_img=move_uploaded_file($_FILES["s_img"]["tmp_name"],"../".$s_img);

				

				$add_slider_sql="INSERT INTO add_prj_more(proj_id,mor_img) VALUES ('".$m_id."','".$s_img."')"; //echo $add_slider_sql;	die();

				$m=mysqli_query($con,$add_slider_sql) or die('Insert Failed');

				$Msg=showSuccessAlert('Project Images Added Successfully',$con);

			}

			else{

				$Msg=showErrorAlert('Please Upload a Valid Image',$con);

			}

		}

	}

	

	if(isset($_REQUEST["del_mor"]))

	{

		$del_slider_sql="DELETE FROM add_prj_more WHERE proj_mor_id='".$_REQUEST["del_mor"]."'";

		mysqli_query($con,$del_slider_sql);

		$Msg=showSuccessAlert('Project Images Deleted Successfully',$con);

		echo "<script>setTimeout(function() { window.location.href='add_eventmore.php?add_mor=".$_REQUEST['add_mor']."'  } , 2000);

		</script>";

	}

?>

<!DOCTYPE html>

<html lang="en">

   <head>

      <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">

      <!-- Meta, title, CSS, favicons, etc. -->

      <meta charset="utf-8">

      <meta http-equiv="X-UA-Compatible" content="IE=edge">

      <meta name="viewport" content="width=device-width, initial-scale=1">

      <title><?php echo TITLE; ?></title>

      <!-- Bootstrap -->

      <link href="css/bootstrap.min.css" rel="stylesheet">

      <link rel="stylesheet" type="text/css" href="css/bootstrap-fileupload.css">

      <!-- Font Awesome -->

      <link rel="stylesheet" href="http://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.6.3/css/font-awesome.min.css">

      <link href="css/font-awesome.min.css" rel="stylesheet">

      <!-- iCheck -->

      <link href="../vendors/iCheck/skins/flat/green.css" rel="stylesheet">

      <!-- Custom Theme Style -->

      <link href="css/custom.min.css" rel="stylesheet">

   </head>

   <body class="nav-md">

      <div class="container body">

         <div class="main_container">

            <div class="col-md-3 left_col">

               <div class="left_col scroll-view">

                  <?php include('include/sidebar.php'); ?>

                  <!-- /menu footer buttons -->

                  <div class="sidebar-footer hidden-small">

                     <a data-toggle="tooltip" data-placement="top" title="Settings">

                     <span class="glyphicon glyphicon-cog" aria-hidden="true"></span>

                     </a>

                     <a data-toggle="tooltip" data-placement="top" title="FullScreen">

                     <span class="glyphicon glyphicon-fullscreen" aria-hidden="true"></span>

                     </a>

                     <a data-toggle="tooltip" data-placement="top" title="Lock">

                     <span class="glyphicon glyphicon-eye-close" aria-hidden="true"></span>

                     </a>

                     <a data-toggle="tooltip" data-placement="top" title="Logout">

                     <span class="glyphicon glyphicon-off" aria-hidden="true"></span>

                     </a>

                  </div>

                  <!-- /menu footer buttons -->

               </div>

            </div>

            <!-- top navigation -->

            <?php include('include/header.php'); ?>

            <!-- /top navigation -->

            <!-- page content -->

            <div class="right_col" role="main">

               <div class="">

                  <div class="clearfix"></div>

                  <div class="row">

                     <div class="col-md-12 col-sm-12 col-xs-12">

                        <div class="x_panel">

                           <div class="x_title">

                              <h2> add more images <!--<small>different form elements</small>--></h2>

                              <ul class="nav navbar-right panel_toolbox">

                                 <li><a class="collapse-link"><i class="fa fa-chevron-up"></i></a>

                                 </li>

                                 <li><a class="close-link"><i class="fa fa-close"></i></a>

                                 </li>

                              </ul>

                              <div class="clearfix"></div>

                           </div>

                           <div class="x_content">

                              <br />

                              <form method="post" enctype="multipart/form-data" data-parsley-validate class="form-horizontal form-label-left">

                                   <div class="form-group">

                                <label class="col-md-3 control-label">Image <span class="required">*</span></label>

                                <div class="col-md-8">

                                    <div class="fileupload fileupload-new" data-provides="fileupload">

                                        <div class="fileupload-new thumbnail" style="width: 200px; height: 150px;">

                                            <img src="http://www.placehold.it/200x150/EFEFEF/AAAAAA&amp;text=no+image" alt="" />

                                        </div>

                                        <div class="fileupload-preview fileupload-exists thumbnail" style="max-width: 200px; max-height: 150px; line-height: 20px;"></div>

                                        <div>

                                            <span class="btn btn-white btn-file">

                                                <span class="fileupload-new"><i class="fa fa-paper-clip"></i> Select image</span>

                                                <span class="fileupload-exists"><i class="fa fa-undo"></i> Change</span>

                                                <input type="file" name="s_img" accept="image/*" class="default" required />

                                            </span>

                                            <a href="#" class="btn btn-danger fileupload-exists" data-dismiss="fileupload"><i class="fa fa-trash"></i> Remove</a>

                                        </div>
                                    </div>
                                </div>
                            </div>     

                            <div class="ln_solid"></div>

                               <div class="form-group">

                                    <div class="col-md-6 col-sm-6 col-xs-12 col-md-offset-3">

                                       <button type="submit" class="btn btn-primary">Cancel</button>

                                       <button type="submit" name="slid_add" class="btn btn-success">Submit</button>

                                    </div>

                                 </div>

                              </form>

                           </div>

                        </div>

                     </div>

                  </div>

                  <!--Table code starts here-->

                  <div class="row">

              <div class="col-md-12 col-sm-12 col-xs-12">

                <div class="x_panel">

                  <div class="x_title">

                    <h2>Image Table</h2>

                    <ul class="nav navbar-right panel_toolbox">

                      <li><a class="collapse-link"><i class="fa fa-chevron-up"></i></a>

                      </li>

                      <li><a class="close-link"><i class="fa fa-close"></i></a>

                      </li>

                    </ul>

                    <div class="clearfix"></div>

                  </div>

                  <div class="x_content">

                    <div class="dataTables_wrapper form-inline dt-bootstrap no-footer" id="datatable-responsive_wrapper"><div class="row"><div class="col-sm-12"><table style="width: 100%;" aria-describedby="datatable-responsive_info" role="grid" id="datatable-responsive" class="table table-striped table-bordered dt-responsive nowrap dataTable no-footer dtr-inline" cellspacing="0" width="100%">

                      <thead>

                        <tr role="row"> 

                          <th aria-label="First name: activate to sort column descending" aria-sort="ascending" colspan="1" rowspan="1" aria-controls="datatable-responsive" tabindex="0" class="sorting_asc">S.No</th> 

                          <th aria-label="Position: activate to sort column ascending"  colspan="1" rowspan="1" aria-controls="datatable-responsive" tabindex="0" class="sorting">Image</th>

                          <th aria-label="Office: activate to sort column ascending"  colspan="1" rowspan="1" aria-controls="datatable-responsive" tabindex="0" class="sorting">Action</th>

                        </tr>

                      </thead>

                      <tbody>

                        <?php

									$sno=1;

									$dis_slider_sql="SELECT * FROM add_prj_more WHERE proj_id='".$m_id."' ORDER BY proj_mor_id DESC";

									//die($dis_slider_sql);

									$dis_slider_exe=mysqli_query($con,$dis_slider_sql);

									while($dis_slider_result=mysqli_fetch_array($dis_slider_exe))

									{

								?>

                      <tr class="odd" role="row">

                          <td class="sorting_1" tabindex="0"><?php echo $sno; ?></td>

                          <td><img id="imgErr" src="<?php echo "../".$dis_slider_result["mor_img"]; ?>" alt="" style="width: 18%;"/>
						  
						  
						  <?php // echo $dis_slider_result["more_img"]; ?></td>

                         <td><a href="edit_eventmore.php?e_i=<?php echo $dis_slider_result["proj_mor_id"]; ?>&add_mor=<?php echo $dis_slider_result["proj_id"]; ?>"><i class="fa fa-pencil-square-o" aria-hidden="true">&nbsp;&nbsp;</i></a>

                         <a href="add_eventmore.php?del_mor=<?php echo $dis_slider_result["proj_mor_id"]; ?>&add_mor=<?php echo $dis_slider_result["proj_id"]; ?>" class="delete" onclick="if(!confirm('Are you sure?You want to delete?')) return false;"><i class="fa fa-trash-o" aria-hidden="true"></i></a></td>

                        </tr>

                        <?php $sno++;} ?>

                      </tbody>

                    </table></div></div></div>



                  </div>

                </div>

              </div>

            </div>

                  <!--Table code ends here-->

           <?php include('include/footer.php'); ?>

         </div>

      </div>

      <!-- jQuery -->

       <script src="js/jquery.min.js"></script>
       <script src="js/bootstrap.min.js"></script>
      <script src="validate/parsley.min.js"></script>
       <script src="js/jquery.js"></script>
      <script src="js/jquery-1.8.3.min.js"></script>

      <!--<script src="js/jquery-1.8.3.min.js"></script>-->

      <!-- Bootstrap -->

      <script type="text/javascript" src="js/bootstrap-fileupload.js"></script>

      <script src="js/bootstrap.min.js"></script>

      <script src="js/moment.min.js"></script>

      <script src="js/daterangepicker.js"></script>

      <!-- Custom Theme Scripts -->

      <script src="js/custom.min.js"></script>

   </body>

</html>



© 2024 UnknownSec