shell bypass 403

Cubjrnet7 Shell

: /home/eklavya/www/chakmak/chakmak/Dump/ [ drwxr-xr-x ]
upload mass deface mass delete console info server

name : thank-you_V21-Jan-13.php
<?php 
error_reporting(E_ALL);
session_start();

define("FROM_NAME",'Chakmak Blog');
define("FROM_EMAIL",'[email protected]');
define("TO_EMAIL",'[email protected]');
define("TO_EMAIL_1",'[email protected]');
define("TO_EMAIL_2",'[email protected]');
define("TO_EMAIL_3", '[email protected]');





define('SUBJECT','Chakmak Subscription Form Submission');

	$message = $_REQUEST['message'];
	$status = $_REQUEST['status'];
	$email = isset($_SESSION['CustEmail'])?$_SESSION['CustEmail']:'';
	$data = isset($_SESSION['data'])?$_SESSION['data']:'';
	$cust_data = isset($_SESSION['cust_data'])?$_SESSION['cust_data']:'';
	$custName = isset($_SESSION['name'])?$_SESSION['name']:'';

	unset($_SESSION['CustName']);
	unset($_SESSION['CustLastName']);
	unset($_SESSION['CustAddr']);
	unset($_SESSION['CustDist']);
	unset($_SESSION['CustState']);
	unset($_SESSION['CustPin']);
	unset($_SESSION['CustPhone']);
	unset($_SESSION['KnownSource']);
	unset($_SESSION['myorder']);
	unset($_SESSION['CustEmail']);
	unset($_SESSION['data']);
	unset($_SESSION['cust_data']);
	unset($_SESSION['name']);
	unset($_SESSION['CustMobile']);
	unset($_SESSION['CustNote']);
	
	define("TO_CC", $email);
	include('subscription/class.phpmailer.php');
	// To E mail
	$mail = new PHPMailer();
	$mail->From=FROM_EMAIL;
	$mail->FromName=FROM_NAME;
	$mail->ContentType ="text/html";
	$mail->AddAddress(TO_EMAIL);
	$mail->Subject=SUBJECT;
	
	$metter = $metter="We Get Subscription Enquiry From Chakmak Blog and Entered Details Are : <br /><br />";
	$metter .= $data.'<br />'.$cust_data;
		$metter.="<br /> <br /><strong>Please Contact This Person As Soon As Possible As We are Assuring Them, That They Will Contacted in 24 business Hours!!!</strong><br /><br />";
	  $content = '<html><head></head><body>'.$metter.'<br /></body></html>';
	  
	  
	
	$mail->Body = stripslashes($content);
	if($mail->Send())
	{
		$mail->ClearAddresses();
	}
	// To E mail 1
	$mail11 = new PHPMailer();
	$mail11->From=FROM_EMAIL;
	$mail11->FromName=FROM_NAME;
	$mail11->ContentType ="text/html";
	$mail11->AddAddress(TO_EMAIL_1);
	$mail11->Subject=SUBJECT;
	$mail11->Body = stripslashes($content);
	if($mail11->Send())
	{
		$mail11->ClearAddresses();
	}
	// To E mail 2
	$mail2 = new PHPMailer();
	$mail2->From=FROM_EMAIL;
	$mail2->FromName=FROM_NAME;
	$mail2->ContentType ="text/html";
	$mail2->AddAddress(TO_EMAIL_2);
	$mail2->Subject=SUBJECT;
	$mail2->Body = stripslashes($content);
	if($mail2->Send())
	{
		$mail2->ClearAddresses();
	}
	// To E mail 3
	$mail2 = new PHPMailer();
	$mail2->From=FROM_EMAIL;
	$mail2->FromName=FROM_NAME;
	$mail2->ContentType ="text/html";
	$mail2->AddAddress(TO_EMAIL_3);
	$mail2->Subject=SUBJECT;
	$mail2->Body = stripslashes($content);
	if($mail2->Send())
	{
		$mail2->ClearAddresses();
	}

	
	// To CC
	$mail1 = new PHPMailer();
	$mail1->From=FROM_EMAIL;
	$mail1->FromName=FROM_NAME;
	$mail1->ContentType ="text/html";
	$mail1->AddAddress(TO_CC);
	$mail1->Subject=SUBJECT;
	$metter ="<a href='http://chakmak-blog.blogspot.in/'><img alt='Visit Chakmak Blog' title='Visit Chakmak Blog' src='subscription/Blogheader.png'></a><br /><br />";
	$metter .= 'Dear '.$custName.', <br /><br />';
	$metter .= 'Thank you for chakmak subscription. Please see below for the details. ';
	$metter .= '<br /><br />With Regards, <br />Eklavya Chakmak Team<br /><br />';			 
  //Now put all the content together

	$metter .= $data.'<br />'.$cust_data;
	$metter.="<br /><br /><h3 align='center'>For Daily Updates Please Visit: <br><a href='https://www.facebook.com/chakmak.magazine'>https://www.facebook.com/chakmak.magazine</a></h3>";
	  $content = '<html><head></head><body>'.$metter.'<br /></body></html>';

	$mail1->Body = stripslashes($content);
	if($mail1->Send())
	{
		$mail1->ClearAddresses();
	}

?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>
Chakmak
</title>
<link rel="stylesheet" media="screen" type="text/css" href="script/control.css"/>
<link href="subscription/chakmak.css" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="subscription/chakmak.js"></script>
</head>
<body>
<div id="container">
	<div id="social">
		<table cellspacing="3 px" cellpadding="0">
			<tr>
				<td><p>Follow us on: </p></td>
				<td><a href="http://chakmak-blog.blogspot.com" target="_blank"><img src="images/blogger.png"/></a></td>
				<td><a href="http://twitter.com/chakmakmag" target="blank"><img src="images/twitter.png" /></a></td>
				<td><a href="http://www.facebook.com/pages/Chakmak/119248164817634" target="_blank"><img src="images/facebook.png" /></a></td>
			</tr>
		</table>
	</div>
	<div id="header">
		<a href="http://www.eklavya.in/chakmak/chakmak/"><img src="images/header.png" /></a>
	</div>
	<table id="nav">
		<tr>
			<td align="left" width="370 px"><a href="http://www.eklavya.in/go">Eklavya.in</a></td>
			<td width="80 px" align="center"><a href="http://chakmak.eklavya.in">Home</a></td>
            <td width="90 px" align="center"><a href="event.html">300th Issue</a></td>
            <td width="80 px" align="center"><a href="http://eklavya.in/go/index.php?option=com_content&task=category&sectionid=13&id=57&Itemid=84">Archive</a></td>
			<td width="80 px" align="center"><a href="subscribe.php">Subscribe</a></td>
			<td width="80 px" align="center"><a href="contribution.html">Contribute</a></td>
			<td width="80 px" align="center"><a href="http://chakmak-blog.blogspot.com">Blog</a></td>
			<td width="80 px" align="center"><a href="event.html">Contact us</a></td>
		</tr>
	</table>
<!--change the value of iframe src according to the month-->
<table width="100%">
           <tr style="float:left; text-align:center; padding-left:160px;">  <td>
<h2><?php echo $message; ?></h2>
<h3>We will get back to you In Next 24 Business Hours!!!</h3>
<p><a href="subscribe.php">Go back to the Subscription Form</a></p>
  </tr>
             
  
<tr style="float:right"> <td> <div id="sidebar" align="right">
          <table>
                
                <tr>
                    <td><a href="subscribe.php"><img src="images/rate.png" border="1px" /></a></a></td>
                </tr>
                
                <tr>
                    <td><br/>
                    
                    <div id="fb-root"></div>
        <script>(function(d, s, id) {
          var js, fjs = d.getElementsByTagName(s)[0];
          if (d.getElementById(id)) {return;}
          js = d.createElement(s); js.id = id;
          js.src = "//connect.facebook.net/en_US/all.js#xfbml=1";
          fjs.parentNode.insertBefore(js, fjs);
        }(document, 'script', 'facebook-jssdk'));</script>
        
        <div class="fb-like-box" data-href="http://www.facebook.com/chakmak.magazine" data-width="200" data-show-faces="true" data-stream="true" data-header="true"></div>
                    </td>
                </tr>
        </table>

</div>
</td></tr>
</table>

<div id="footer">
	<img src="images/footer.jpg"/>
	<hr width="100%" color="#33cc33">
	<table width="100%">
		<tr>
			<td align="left">&copy; Copyrights reserved by Eklavya Foundation</td>
			
		</tr>
	</table>
</div>
</div>
</body>
</html>

© 2025 Cubjrnet7