shell bypass 403

Cubjrnet7 Shell

: /home/eklavya/backups/joomla3oldsite/modules/mod_flipbookmaster/ [ drwxr-xr-x ]
upload mass deface mass delete console info server

name : helper.php
<?php
/*
* @package 		mod_flipbookmaster - FlipBookMaster
* @version		V1.0.5
* @created		February 2017
* @author		ExtensionBase
* @email		[email protected]
* @website		http://www.extensionbase.com
* @support		Forum - http://www.extensionbase.com/forum.html
* @copyright	Copyright (C) 2016 ExtensionBase. All rights reserved.
* @license		http://www.gnu.org/licenses/gpl-2.0.html GNU/GPL
*/

	// no direct access
	defined('_JEXEC') or die('');
	
	class ModFlipBookMasterHelper
	{
		public static function cryptoJsAesDecrypt($passphrase, $jsonString){
			$jsondata = json_decode($jsonString, true);
			try {
				$salt = hex2bin($jsondata["s"]);
				$iv  = hex2bin($jsondata["iv"]);
			} catch(Exception $e) { return null; }
			$ct = base64_decode($jsondata["ct"]);
			$concatedPassphrase = $passphrase.$salt;
			$md5 = array();
			$md5[0] = md5($concatedPassphrase, true);
			$result = $md5[0];
			for ($i = 1; $i < 3; $i++) {
				$md5[$i] = md5($md5[$i - 1].$concatedPassphrase, true);
				$result .= $md5[$i];
			}
			$key = substr($result, 0, 32);
			$data = openssl_decrypt($ct, 'aes-256-cbc', $key, true, $iv);
			return json_decode($data, true);
		}

		/**
		* Encrypt value to a cryptojs compatiable json encoding string
		*
		* @param mixed $passphrase
		* @param mixed $value
		* @return string
		*/
		public static function cryptoJsAesEncrypt($passphrase, $value){
			$salt = openssl_random_pseudo_bytes(8);
			$salted = '';
			$dx = '';
			while (strlen($salted) < 48) {
				$dx = md5($dx.$passphrase.$salt, true);
				$salted .= $dx;
			}
			$key = substr($salted, 0, 32);
			$iv  = substr($salted, 32,16);
			$encrypted_data = openssl_encrypt(json_encode($value), 'aes-256-cbc', $key, true, $iv);
			$data = array("ct" => base64_encode($encrypted_data), "iv" => bin2hex($iv), "s" => bin2hex($salt));
			return json_encode($data);
		}
		
		public static function randomPassword($len) {
			$alphabet = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890@:?\/[]{}+_-';
			$pass = array(); //remember to declare $pass as an array
			$alphaLength = strlen($alphabet) - 1; // put the length -1 in cache
			for ($i = 0; $i < $len; $i++) {
				$n = rand(0, $alphaLength);
				$pass[] = $alphabet[$n];
			}
			return implode($pass); //turn the array into a string
		}		
		
	}

© 2025 Cubjrnet7