shell bypass 403

GrazzMean Shell

: /homepages/oneclick/Drupal/7.39/2/scripts/ [ drwxr-xr-x ]
Uname: Linux info 3.0 #1337 SMP Tue Jan 01 00:00:00 CEST 2000 all GNU/Linux
Software: Apache
PHP version: 5.6.40 [ PHP INFO ] PHP os: Linux
Server Ip: 217.160.0.194
Your Ip: 216.73.216.55
User: u72294154 (9179942) | Group: ftpusers (600)
Safe Mode: OFF
Disable Function:
NONE

name : switch.php
<?php

chdir(ROOT_DIR);

require_once ROOT_DIR . '/includes/bootstrap.inc';
require_once ROOT_DIR . '/includes/password.inc';

require_once dirname(__FILE__) . '/custom.php';

$config = file_get_contents(ROOT_DIR . '/sites/default/settings.php', FILE_TEXT);

if (false === $config) {
    echo "[ERROR]: Configuration file $config can't be read.";
    exit(1);
}

$config = replace($old_db_main_name, $db_main_name, $config);
$config = replace($old_db_main_login, $db_main_login, $config);
$config = replace(OLD_CONFIG_HOST, CONFIG_HOST, $config);

if (false !== $old_db_main_password) {
    $config = replace($old_db_main_password, $db_main_password, $config);
}

$config = file_put_contents(ROOT_DIR . '/sites/default/settings.php', $config, LOCK_EX);

if (false === $config) {
    echo "[ERROR]: Can't write configuration file.\n";
    exit(1);
}

querySQL("TRUNCATE TABLE `$db_main_prefix" . 'cache`;');
querySQL("TRUNCATE TABLE `$db_main_prefix" . 'cache_bootstrap`;');
querySQL("TRUNCATE TABLE `$db_main_prefix" . 'cache_field`;');
querySQL("TRUNCATE TABLE `$db_main_prefix" . 'cache_menu`;');
querySQL("TRUNCATE TABLE `$db_main_prefix" . 'cache_update`;');
querySQL("TRUNCATE TABLE `$db_main_prefix" . 'sessions`;');
querySQL("TRUNCATE TABLE `$db_main_prefix" . 'watchdog`;');

querySQL("UPDATE `$db_main_prefix" . "users` SET `name`='$settings_admin_name' WHERE `uid`='1';");
querySQL("UPDATE `$db_main_prefix" . "users` SET `pass`='". user_hash_password($settings_admin_password) . "' WHERE `uid`='1';");
querySQL("UPDATE `$db_main_prefix" . "users` SET `mail`='$settings_admin_email' WHERE `uid`='1';");
querySQL("UPDATE `$db_main_prefix" . "users` SET `timezone`='" . timezone() . "' WHERE `uid`='1';");

querySQL("UPDATE `$db_main_prefix" . "variable` SET `value`='s:" . strlen(timezone()) . ":\\\"" . timezone() . "\\\";' WHERE `name`='date_default_timezone';");
querySQL("UPDATE `$db_main_prefix" . "variable` SET `value`='s:2:\\\"" . substr(LOCALE, -2) . "\\\";' WHERE `name`='site_default_country';");
querySQL("UPDATE `$db_main_prefix" . "variable` SET `value`='s:" . strlen($settings_admin_email) . ":\\\"" . $settings_admin_email . "\\\";' WHERE `name`='site_mail';");
querySQL("UPDATE `$db_main_prefix" . "variable` SET `value`='s:" . strlen($settings_site_name) . ":\\\"" . $settings_site_name . "\\\";' WHERE `name`='site_name';");

$language = 'O:8:\"stdClass\":11:{s:8:\"language\";s:2:\"#LANGUAGE#\";s:4:\"name\";s:#LANGUAGE_NAME_ENGLISH_LENGTH#:\"#LANGUAGE_NAME_ENGLISH#\";s:6:\"native\";s:#LANGUAGE_NAME_NATIVE_LENGTH#:\"#LANGUAGE_NAME_NATIVE#\";s:9:\"direction\";s:1:\"0\";s:7:\"enabled\";s:1:\"1\";s:7:\"plurals\";s:1:\"#PLURALS#\";s:7:\"formula\";s:#FORMULA_LENGTH#:\"#FORMULA#\";s:6:\"domain\";s:0:\"\";s:6:\"prefix\";s:2:\"#LANGUAGE#\";s:6:\"weight\";s:1:\"0\";s:10:\"javascript\";s:#JAVASCRIPT_LENGTH#:\"#JAVASCRIPT#\";}';
$language = replace('#LANGUAGE#', substr(LOCALE, 0, 2), $language);
$language = replace('#LANGUAGE_NAME_ENGLISH#', language_name_english(), $language);
$language = replace('#LANGUAGE_NAME_ENGLISH_LENGTH#', strlen(language_name_english()), $language);
$language = replace('#LANGUAGE_NAME_NATIVE#', language_name_native(), $language);
$language = replace('#LANGUAGE_NAME_NATIVE_LENGTH#', strlen(language_name_native()), $language);
$language = replace('#PLURALS#', plurals(), $language);
$language = replace('#FORMULA#', formula(), $language);
$language = replace('#FORMULA_LENGTH#', strlen(formula()), $language);
$language = replace('#JAVASCRIPT#', javascript(), $language);
$language = replace('#JAVASCRIPT_LENGTH#', strlen(javascript()), $language);

querySQL("UPDATE `$db_main_prefix" . "variable` SET `value`='$language' WHERE `name`='language_default';");

$htaccess = file_get_contents(dirname(__FILE__) . '/.htaccess', FILE_TEXT);
if (false === $htaccess) {
    echo "[ERROR]: .htaccess file can't be read.";
    exit(1);
}
$htaccess = replace('#BASE_URL_PATH#', $base_url_path, $htaccess);
$htaccess = file_put_contents(ROOT_DIR . '/.htaccess', $htaccess, LOCK_EX);
if (false === $htaccess) {
    echo "[ERROR]: Can't write .htaccess file.\n";
    exit(1);
}
© 2026 GrazzMean