3v4l.org

run code in 300+ PHP versions simultaneously
<?php $testData = [ // this is the demo email used in the proof of concept of the exploit '"attacker\" -oQ/tmp/ -X/var/www/cache/phpcode.php "@email.com', // trying more adresses '"Attacker -Param2 -Param3"@test.com', '\'Attacker -Param2 -Param3\'@test.com', '"Attacker \" -Param2 -Param3"@test.com', "'Attacker \\' -Param2 -Param3'@test.com", '"attacker\" -oQ/tmp/ -X/var/www/cache/phpcode.php "@email.com', // and even more variants '"attacker\"\ -oQ/tmp/\ -X/var/www/cache/phpcode.php"@email.com', "\"attacker\\\"\0-oQ/tmp/\0-X/var/www/cache/phpcode.php\"@email.com", '"attacker@cebe.cc\"-Xbeep"@email.com', "'attacker\\' -oQ/tmp/ -X/var/www/cache/phpcode.php'@email.com", "'attacker\\\\' -oQ/tmp/ -X/var/www/cache/phpcode.php'@email.com", "'attacker\\\\'\\ -oQ/tmp/ -X/var/www/cache/phpcode.php'@email.com", "'attacker\\';touch /tmp/hackme'@email.com", "'attacker\\\\';touch /tmp/hackme'@email.com", "'attacker\\';touch/tmp/hackme'@email.com", "'attacker\\\\';touch/tmp/hackme'@email.com", '"attacker\" -oQ/tmp/ -X/var/www/cache/phpcode.php "@email.com', ]; foreach ($testData as $email) { echo "$email: " . (filter_var($email, FILTER_VALIDATE_EMAIL) ? 'Valid' : 'Invalid') . "\n"; }
Finding entry points
Branch analysis from position: 0
2 jumps found. (Code = 77) Position 1 = 2, Position 2 = 17
Branch analysis from position: 2
2 jumps found. (Code = 78) Position 1 = 3, Position 2 = 17
Branch analysis from position: 3
2 jumps found. (Code = 43) Position 1 = 10, Position 2 = 12
Branch analysis from position: 10
1 jumps found. (Code = 42) Position 1 = 13
Branch analysis from position: 13
1 jumps found. (Code = 42) Position 1 = 2
Branch analysis from position: 2
Branch analysis from position: 12
1 jumps found. (Code = 42) Position 1 = 2
Branch analysis from position: 2
Branch analysis from position: 17
1 jumps found. (Code = 62) Position 1 = -2
Branch analysis from position: 17
filename:       /in/4oslP
function name:  (null)
number of ops:  19
compiled vars:  !0 = $testData, !1 = $email
line      #* E I O op                           fetch          ext  return  operands
-------------------------------------------------------------------------------------
    3     0  E >   ASSIGN                                                   !0, <array>
   27     1      > FE_RESET_R                                       $3      !0, ->17
          2    > > FE_FETCH_R                                               $3, !1, ->17
   28     3    >   NOP                                                      
          4        FAST_CONCAT                                      ~4      !1, '%3A+'
          5        INIT_FCALL                                               'filter_var'
          6        SEND_VAR                                                 !1
          7        SEND_VAL                                                 274
          8        DO_ICALL                                         $5      
          9      > JMPZ                                                     $5, ->12
         10    >   QM_ASSIGN                                        ~6      'Valid'
         11      > JMP                                                      ->13
         12    >   QM_ASSIGN                                        ~6      'Invalid'
         13    >   CONCAT                                           ~7      ~4, ~6
         14        CONCAT                                           ~8      ~7, '%0A'
         15        ECHO                                                     ~8
   27    16      > JMP                                                      ->2
         17    >   FE_FREE                                                  $3
   29    18      > RETURN                                                   1

Generated using Vulcan Logic Dumper, using php 8.0.0

preferences:
143.82 ms | 1013 KiB | 14 Q