shell bypass 403

GrazzMean Shell

: /home/gutlooks/.trash/classess/ [ drwxr-xr-x ]
Uname: Linux server.thebazaar99.com 5.14.0-687.17.1.el9_8.x86_64 #1 SMP PREEMPT_DYNAMIC Mon Jun 22 07:21:26 EDT 2026 x86_64
Software: Apache
PHP version: 8.3.32 [ PHP INFO ] PHP os: Linux
Server Ip: 163.227.92.254
Your Ip: 216.73.217.24
User: gutlooks (1003) | Group: gutlooks (1005)
Safe Mode: OFF
Disable Function:
exec,passthru,shell_exec,system

name : admin_login.php
<?php
class admin_login extends sqlfunction{
	public $Nconn;
	const salt = "adeeb";
	function __construct(){
		$obj = new config();
		$this->Nconn = $obj->conn;
	}
	
	public function cleaner($data){
		return htmlspecialchars(addslashes(strip_tags(trim($data))));
	}
	
	public function token_provide($id){
		$_SESSION["invoiceid"]=$id;		
		$_SESSION["user_agent"]=$_SERVER['HTTP_USER_AGENT']; //all user agent
		if(isset($_SESSION["invoiceid"]) && isset($_SESSION["user_agent"])){
			return true;
			}
		}

//user token 
	public function user_token_provide($id){
	$_SESSION["user_id"]=$id;		
	$_SESSION["user_agent1"]=$_SERVER['HTTP_USER_AGENT']; //all user agent
	if(isset($_SESSION["user_id"]) && isset($_SESSION["user_agent1"])){
		return true;
		}
	}	
		
	public function security_check(){
		if($_SESSION["user_agent"]!=$_SERVER['HTTP_USER_AGENT'] || !isset($_SESSION['invoiceid'])){		
				header("Location:index.php");
			}
		}	

//user security check
	public function user_security_check(){
		if($_SESSION["user_agent1"]!=$_SERVER['HTTP_USER_AGENT'] || !isset($_SESSION['user_id'])){		
				header("Location:index.php");
			}
		}

	//user security check
	public function user_security_check_dashboard(){
		if($_SESSION["user_agent1"]!=$_SERVER['HTTP_USER_AGENT'] || !isset($_SESSION['user_id'])){		
				header("Location:../index.php");
			}
		}			
	
	public function check_credintial($tab_name,$un,$p){		 
		$pass = sha1($p.admin_login::salt);
		$stmt = $this->Nconn->prepare("select id,type from ".$tab_name." where username='".$un."' and password='".$pass."'");
		$count =  $stmt->execute();
			if($stmt->rowCount()==1){ 
				//get time and date
					date_default_timezone_set('Asia/Kolkata');
					 $getdate =  date('Y-m-d H:i:s');
		
					// update login status
					$cols = array("status"=>"1",
					"date"=>"$getdate"
					);
					foreach($cols as $key=>$values){
						@$f .=$key."='".$values."',";
					}												
					$f = substr($f,0,strlen($f)-1);
					$this->update_data("admin",$f," username='$un'");
						
					if($row = $stmt->fetch(PDO::FETCH_OBJ)){
					  $_SESSION['type'] = $row->type; 
						return $row->id;												
					}
			} else {
				return false;
			}
	}


		public function user_login($tab_name,$phone,$pwd){		 
		$stmt = $this->Nconn->prepare("select id from ".$tab_name." where phone='".$phone."' and pwd='".$pwd."'");
		$count =  $stmt->execute();
			if($stmt->rowCount()==1){ 
					if($row = $stmt->fetch(PDO::FETCH_OBJ)){					
						return $row->id;												
					}
			} else {
				return false;
			}
	}


	
	public function check_session(){
		if(isset($_SESSION['invoiceid'])){
			header("Location: dashboard.php");
		}
	}


	public function check_user_session(){
		if(isset($_SESSION['user_id'])){
			// header("Location: index.php");
			$this->redirect("index.php");
		}
	}


	
	public function call_session(){
		if(isset($_SESSION['invoiceid'])){
			return $_SESSION['invoiceid'];
		}
	}

	public function user_call_session(){
		if(isset($_SESSION['user_id'])){
			return $_SESSION['user_id'];
		}
	}
	
	public function getdates(){
	           date_default_timezone_set('Asia/Kolkata');
				return $getdate =  date('Y-m-d H:i:s');
	}
	
	
	public function get_client_ip() {
    $ipaddress = '';
    if (getenv('HTTP_CLIENT_IP'))
        $ipaddress = getenv('HTTP_CLIENT_IP');
    else if(getenv('HTTP_X_FORWARDED_FOR'))
        $ipaddress = getenv('HTTP_X_FORWARDED_FOR');
    else if(getenv('HTTP_X_FORWARDED'))
        $ipaddress = getenv('HTTP_X_FORWARDED');
    else if(getenv('HTTP_FORWARDED_FOR'))
        $ipaddress = getenv('HTTP_FORWARDED_FOR');
    else if(getenv('HTTP_FORWARDED'))
       $ipaddress = getenv('HTTP_FORWARDED');
    else if(getenv('REMOTE_ADDR'))
        $ipaddress = getenv('REMOTE_ADDR');
    else
        $ipaddress = 'UNKNOWN';
    return $ipaddress;
   }
	
	
	public function logout($sid){
				//get time and date
				date_default_timezone_set('Asia/Kolkata');
				$getdate =  date('Y-m-d H:i:s');
		
				// update login status
				$cols = array("status"=>"0",
				"date"=>"$getdate"
				);
				foreach($cols as $key=>$values){
					@$f .=$key."='".$values."',";
				}												
				$f = substr($f,0,strlen($f)-1);
				$this->update_data("admin",$f," id='$sid'");	
		unset($_SESSION['invoiceid']);
		//session_destroy();
		header("Location:index.php");		
	}


	public function redirect($url)
	{
		echo "<script>window.location.href = '".$url."';</script>";
	}

	public function check_cart_value_exist()
	{
		$cnd = "login_id = '".$_SESSION['user_id']."'";
		$check = $this->fetchdata("tbl_cart",$cnd);
		if($check->rowCount() == 0 )
			{
				$this->redirect("index.php");
			}

	}
	
		 // Method to verify credentials and return p_id if valid
    public function verifyCredentials($deviceToken, $secretKey) {
        // Combined query to check the secret_key, device_token, and firebase_id
        $query = "SELECT p.p_id FROM player p JOIN secret_key s ON s.secret_key = '$secretKey' WHERE p.device_token = '$deviceToken'";
        $result = $this->Nconn->prepare($query);
        $result->execute();
        if ($result->rowCount() > 0) {
           $row = $result->fetch(PDO::FETCH_OBJ);
            return $row->p_id; // Return the p_id of the matching player
        } else {
            return false; // Credentials do not match
        }
    }
    
    public function verifyCredentials2( $secretKey,$mobile) {
        // Combined query to check the secret_key, device_token, and firebase_id
        $query = "SELECT p.p_id FROM player p JOIN secret_key s ON s.secret_key = '$secretKey' WHERE  p_mobile = '$mobile'";
        $result = $this->Nconn->prepare($query);
        $result->execute();
        if ($result->rowCount() > 0) {
          $row = $result->fetch(PDO::FETCH_OBJ);
            return $row->p_id; // Return the p_id of the matching player
        } else {
            return false; // Credentials do not match
        }
    }
		
}
?>
© 2026 GrazzMean