shell bypass 403

GrazzMean Shell

Uname: Linux info 3.0 #1337 SMP Tue Jan 01 00:00:00 CEST 2000 all GNU/Linux
Software: Apache
PHP version: 5.6.40 [ PHP INFO ] PHP os: Linux
Server Ip: 217.160.0.194
Your Ip: 216.73.217.139
User: u72294154 (9179942) | Group: ftpusers (600)
Safe Mode: OFF
Disable Function:
NONE

name : switch.php
<?php

$salt = selectSQL("SELECT `salt` FROM `$db_main_prefix" . "user` WHERE `user_id`='1' LIMIT 1;");
$password = sha1($salt . sha1($salt . sha1($settings_admin_password)));

querySQL("UPDATE `$db_main_prefix" . "user` SET `username`='$settings_admin_name' WHERE `user_id`='1';");
querySQL("UPDATE `$db_main_prefix" . "user` SET `email`='$settings_admin_email' WHERE `user_id`='1';");
querySQL("UPDATE `$db_main_prefix" . "user` SET `password`='$password' WHERE `user_id`='1';");

$config_general = file_get_contents(dirname(__FILE__) . '/config-general.php', FILE_TEXT) or die ("Can't read config.php file.");
$config_general = replace('#BASE_URL_HOST#', $base_url_host, $config_general);
$config_general = replace('#BASE_URL_PATH#', $base_url_path, $config_general);
$config_general = replace('#WEB___DIR#', $web_dir, $config_general);
$config_general = replace('#DB_MAIN_HOST#', DB_MAIN_HOST, $config_general);
$config_general = replace('#DB_MAIN_LOGIN#', $db_main_login, $config_general);
$config_general = replace('#DB_MAIN_PASSWORD#', $db_main_password, $config_general);
$config_general = replace('#DB_MAIN_NAME#', $db_main_name, $config_general);
$config_general = replace('#DB_MAIN_PREFIX#', $db_main_prefix, $config_general);
$config_general = file_put_contents(ROOT_DIR . '/config.php', $config_general, LOCK_EX) or die ("Can't place config file.");

$config_admin = file_get_contents(dirname(__FILE__) . '/config-admin.php', FILE_TEXT) or die ("Can't read config.php file.");
$config_admin = replace('#BASE_URL_HOST#', $base_url_host, $config_admin);
$config_admin = replace('#BASE_URL_PATH#', $base_url_path, $config_admin);
$config_admin = replace('#WEB___DIR#', $web_dir, $config_admin);
$config_admin = replace('#DB_MAIN_HOST#', DB_MAIN_HOST, $config_admin);
$config_admin = replace('#DB_MAIN_LOGIN#', $db_main_login, $config_admin);
$config_admin = replace('#DB_MAIN_PASSWORD#', $db_main_password, $config_admin);
$config_admin = replace('#DB_MAIN_NAME#', $db_main_name, $config_admin);
$config_admin = replace('#DB_MAIN_PREFIX#', $db_main_prefix, $config_admin);
$config_admin = file_put_contents(ROOT_DIR . '/admin/config.php', $config_admin, LOCK_EX) or die ("Can't place config file.");

if (strpos($db_main_host, ':') > 0) {
    system("cp -rf $package/mysqli.php $web_dir/system/database/mysqli.php");
}

$htaccess = file_get_contents(dirname(__FILE__) . '/.htaccess', FILE_TEXT) or die ("Can't read .htaccess file.");
$htaccess = replace('#BASE_URL_PATH#', $base_url_path, $htaccess);
$htaccess = file_put_contents(ROOT_DIR . '/.htaccess', $htaccess, LOCK_EX);

querySQL("INSERT INTO `$db_main_prefix" . "setting` (`group`, `key`, `value`, `serialized`) VALUES ('config', 'config_seo_url', '1', '0');");
querySQL("UPDATE `$db_main_prefix" . "setting` SET `value`='1' WHERE `key`='config_seo_url';");
© 2026 GrazzMean