3v4l.org

run code in 200+ php & hhvm versions
Bugs & Features
<?php function insecureEncryptDoNotUse(string $plaintext, string $key): string { return \openssl_encrypt( $plaintext, 'aes-128-ctr', $key, OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING, str_repeat("\x00", 16) ); } function insecureDecryptDoNotUse(string $ciphertext, string $key): string { return \openssl_decrypt( $ciphertext, 'aes-128-ctr', $key, OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING, str_repeat("\x00", 16) ); } $key = str_repeat("3.14", 4); $ciphertextA = insecureEncryptDoNotUse('0000000000000001', $key); $xor = str_repeat("\x00", mb_strlen($ciphertextA, '8bit') - 1) . "\x40"; $ciphertextB = $ciphertextA ^ $xor; var_dump(insecureDecryptDoNotUse($ciphertextB, $key));
based on 1XAGa