Finding entry points
Branch analysis from position: 0
2 jumps found. (Code = 43) Position 1 = 1, Position 2 = 15
Branch analysis from position: 1
1 jumps found. (Code = 62) Position 1 = -2
Branch analysis from position: 15
filename: /in/Een7S
function name: (null)
number of ops: 21
compiled vars: none
line #* E I O op fetch ext return operands
-------------------------------------------------------------------------------------
12 0 E > > JMPZ <false>, ->15
14 1 > INIT_FCALL 'define'
2 SEND_VAL 'PASSWORD_BCRYPT'
3 SEND_VAL 1
4 DO_ICALL
15 5 INIT_FCALL 'define'
6 SEND_VAL 'PASSWORD_DEFAULT'
7 SEND_VAL '2y'
8 DO_ICALL
26 9 DECLARE_FUNCTION 'password_hash'
169 10 DECLARE_FUNCTION 'password_get_info'
195 11 DECLARE_FUNCTION 'password_needs_rehash'
219 12 DECLARE_FUNCTION 'password_verify'
237 13 DECLARE_FUNCTION '_strlen'
244 14 DECLARE_FUNCTION '_substr'
253 15 > INIT_FCALL 'password_hash'
16 SEND_VAL 'hola'
17 SEND_VAL '2y'
18 DO_ICALL $2
19 ECHO $2
20 > RETURN 1
Function %00password_hash%2Fin%2FEen7S%3A26%240:
Finding entry points
Branch analysis from position: 0
2 jumps found. (Code = 43) Position 1 = 8, Position 2 = 13
Branch analysis from position: 8
1 jumps found. (Code = 62) Position 1 = -2
Branch analysis from position: 13
2 jumps found. (Code = 43) Position 1 = 16, Position 2 = 21
Branch analysis from position: 16
1 jumps found. (Code = 62) Position 1 = -2
Branch analysis from position: 21
2 jumps found. (Code = 43) Position 1 = 24, Position 2 = 32
Branch analysis from position: 24
1 jumps found. (Code = 62) Position 1 = -2
Branch analysis from position: 32
3 jumps found. (Code = 188) Position 1 = 37, Position 2 = 65, Position 3 = 34
Branch analysis from position: 37
2 jumps found. (Code = 43) Position 1 = 40, Position 2 = 56
Branch analysis from position: 40
2 jumps found. (Code = 47) Position 1 = 44, Position 2 = 46
Branch analysis from position: 44
2 jumps found. (Code = 43) Position 1 = 47, Position 2 = 56
Branch analysis from position: 47
1 jumps found. (Code = 62) Position 1 = -2
Branch analysis from position: 56
1 jumps found. (Code = 42) Position 1 = 74
Branch analysis from position: 74
2 jumps found. (Code = 43) Position 1 = 77, Position 2 = 145
Branch analysis from position: 77
10 jumps found. (Code = 188) Position 1 = 97, Position 2 = 97, Position 3 = 97, Position 4 = 97, Position 5 = 97, Position 6 = 101, Position 7 = 111, Position 8 = 111, Position 9 = 111, Position 10 = 80
Branch analysis from position: 97
1 jumps found. (Code = 42) Position 1 = 117
Branch analysis from position: 117
2 jumps found. (Code = 43) Position 1 = 123, Position 2 = 137
Branch analysis from position: 123
1 jumps found. (Code = 62) Position 1 = -2
Branch analysis from position: 137
2 jumps found. (Code = 43) Position 1 = 143, Position 2 = 144
Branch analysis from position: 143
1 jumps found. (Code = 42) Position 1 = 254
Branch analysis from position: 254
2 jumps found. (Code = 43) Position 1 = 255, Position 2 = 271
Branch analysis from position: 255
2 jumps found. (Code = 47) Position 1 = 287, Position 2 = 292
Branch analysis from position: 287
2 jumps found. (Code = 43) Position 1 = 293, Position 2 = 294
Branch analysis from position: 293
1 jumps found. (Code = 62) Position 1 = -2
Branch analysis from position: 294
1 jumps found. (Code = 62) Position 1 = -2
Branch analysis from position: 292
Branch analysis from position: 271
Branch analysis from position: 144
Branch analysis from position: 97
Branch analysis from position: 97
Branch analysis from position: 97
Branch analysis from position: 97
Branch analysis from position: 101
2 jumps found. (Code = 43) Position 1 = 107, Position 2 = 111
Branch analysis from position: 107
1 jumps found. (Code = 42) Position 1 = 117
Branch analysis from position: 117
Branch analysis from position: 111
1 jumps found. (Code = 62) Position 1 = -2
Branch analysis from position: 111
Branch analysis from position: 111
Branch analysis from position: 111
Branch analysis from position: 80
2 jumps found. (Code = 44) Position 1 = 82, Position 2 = 97
Branch analysis from position: 82
2 jumps found. (Code = 44) Position 1 = 84, Position 2 = 97
Branch analysis from position: 84
2 jumps found. (Code = 44) Position 1 = 86, Position 2 = 97
Branch analysis from position: 86
2 jumps found. (Code = 44) Position 1 = 88, Position 2 = 97
Branch analysis from position: 88
2 jumps found. (Code = 44) Position 1 = 90, Position 2 = 97
Branch analysis from position: 90
2 jumps found. (Code = 44) Position 1 = 92, Position 2 = 101
Branch analysis from position: 92
2 jumps found. (Code = 44) Position 1 = 94, Position 2 = 111
Branch analysis from position: 94
2 jumps found. (Code = 44) Position 1 = 96, Position 2 = 111
Branch analysis from position: 96
1 jumps found. (Code = 42) Position 1 = 111
Branch analysis from position: 111
Branch analysis from position: 111
Branch analysis from position: 111
Branch analysis from position: 101
Branch analysis from position: 97
Branch analysis from position: 97
Branch analysis from position: 97
Branch analysis from position: 97
Branch analysis from position: 97
Branch analysis from position: 145
2 jumps found. (Code = 46) Position 1 = 151, Position 2 = 154
Branch analysis from position: 151
2 jumps found. (Code = 43) Position 1 = 155, Position 2 = 163
Branch analysis from position: 155
2 jumps found. (Code = 43) Position 1 = 162, Position 2 = 163
Branch analysis from position: 162
2 jumps found. (Code = 46) Position 1 = 165, Position 2 = 169
Branch analysis from position: 165
2 jumps found. (Code = 43) Position 1 = 170, Position 2 = 176
Branch analysis from position: 170
2 jumps found. (Code = 43) Position 1 = 175, Position 2 = 176
Branch analysis from position: 175
2 jumps found. (Code = 46) Position 1 = 178, Position 2 = 184
Branch analysis from position: 178
2 jumps found. (Code = 43) Position 1 = 185, Position 2 = 213
Branch analysis from position: 185
1 jumps found. (Code = 42) Position 1 = 205
Branch analysis from position: 205
2 jumps found. (Code = 44) Position 1 = 207, Position 2 = 195
Branch analysis from position: 207
2 jumps found. (Code = 43) Position 1 = 212, Position 2 = 213
Branch analysis from position: 212
2 jumps found. (Code = 47) Position 1 = 215, Position 2 = 220
Branch analysis from position: 215
2 jumps found. (Code = 43) Position 1 = 221, Position 2 = 252
Branch analysis from position: 221
1 jumps found. (Code = 42) Position 1 = 250
Branch analysis from position: 250
2 jumps found. (Code = 44) Position 1 = 252, Position 2 = 227
Branch analysis from position: 252
2 jumps found. (Code = 43) Position 1 = 255, Position 2 = 271
Branch analysis from position: 255
Branch analysis from position: 271
Branch analysis from position: 227
2 jumps found. (Code = 43) Position 1 = 229, Position 2 = 241
Branch analysis from position: 229
1 jumps found. (Code = 42) Position 1 = 249
Branch analysis from position: 249
2 jumps found. (Code = 44) Position 1 = 252, Position 2 = 227
Branch analysis from position: 252
Branch analysis from position: 227
Branch analysis from position: 241
2 jumps found. (Code = 44) Position 1 = 252, Position 2 = 227
Branch analysis from position: 252
Branch analysis from position: 227
Branch analysis from position: 252
Branch analysis from position: 220
Branch analysis from position: 213
Branch analysis from position: 195
2 jumps found. (Code = 44) Position 1 = 207, Position 2 = 195
Branch analysis from position: 207
Branch analysis from position: 195
Branch analysis from position: 213
Branch analysis from position: 184
Branch analysis from position: 176
Branch analysis from position: 176
Branch analysis from position: 169
Branch analysis from position: 163
Branch analysis from position: 163
Branch analysis from position: 154
Branch analysis from position: 46
Branch analysis from position: 56
Branch analysis from position: 65
1 jumps found. (Code = 62) Position 1 = -2
Branch analysis from position: 34
2 jumps found. (Code = 44) Position 1 = 36, Position 2 = 37
Branch analysis from position: 36
1 jumps found. (Code = 42) Position 1 = 65
Branch analysis from position: 65
Branch analysis from position: 37
filename: /in/Een7S
function name: password_hash
number of ops: 296
compiled vars: !0 = $password, !1 = $algo, !2 = $options, !3 = $resultLength, !4 = $cost, !5 = $raw_salt_len, !6 = $required_salt_len, !7 = $hash_format, !8 = $salt_requires_encoding, !9 = $salt, !10 = $buffer, !11 = $buffer_valid, !12 = $f, !13 = $read, !14 = $bl, !15 = $i, !16 = $base64_digits, !17 = $bcrypt64_digits, !18 = $base64_string, !19 = $hash, !20 = $ret
line #* E I O op fetch ext return operands
-------------------------------------------------------------------------------------
26 0 E > RECV !0
1 RECV !1
2 RECV_INIT !2 <array>
27 3 INIT_FCALL 'function_exists'
4 SEND_VAL 'crypt'
5 DO_ICALL $21
6 BOOL_NOT ~22 $21
7 > JMPZ ~22, ->13
28 8 > INIT_FCALL 'trigger_error'
9 SEND_VAL 'Crypt+must+be+loaded+for+password_hash+to+function'
10 SEND_VAL 512
11 DO_ICALL
29 12 > RETURN null
31 13 > TYPE_CHECK 64 ~24 !0
14 BOOL_NOT ~25 ~24
15 > JMPZ ~25, ->21
32 16 > INIT_FCALL 'trigger_error'
17 SEND_VAL 'password_hash%28%29%3A+Password+must+be+a+string'
18 SEND_VAL 512
19 DO_ICALL
33 20 > RETURN null
35 21 > TYPE_CHECK 16 ~27 !1
22 BOOL_NOT ~28 ~27
23 > JMPZ ~28, ->32
36 24 > INIT_FCALL 'trigger_error'
25 GET_TYPE ~29 !1
26 CONCAT ~30 'password_hash%28%29+expects+parameter+2+to+be+long%2C+', ~29
27 CONCAT ~31 ~30, '+given'
28 SEND_VAL ~31
29 SEND_VAL 512
30 DO_ICALL
37 31 > RETURN null
39 32 > ASSIGN !3, 0
40 33 > SWITCH_STRING !1, [ '2y':->37, ], ->65
34 > IS_EQUAL !1, '2y'
35 > JMPNZ ~34, ->37
36 > > JMP ->65
43 37 > ASSIGN !4, 10
44 38 ISSET_ISEMPTY_DIM_OBJ 0 !2, 'cost'
39 > JMPZ ~36, ->56
45 40 > FETCH_DIM_R ~37 !2, 'cost'
41 ASSIGN !4, ~37
46 42 IS_SMALLER ~39 !4, 4
43 > JMPNZ_EX ~39 ~39, ->46
44 > IS_SMALLER ~40 31, !4
45 BOOL ~39 ~40
46 > > JMPZ ~39, ->56
47 47 > INIT_FCALL 'trigger_error'
48 INIT_FCALL 'sprintf'
49 SEND_VAL 'password_hash%28%29%3A+Invalid+bcrypt+cost+parameter+specified%3A+%25d'
50 SEND_VAR !4
51 DO_ICALL $41
52 SEND_VAR $41
53 SEND_VAL 512
54 DO_ICALL
48 55 > RETURN null
52 56 > ASSIGN !5, 16
54 57 ASSIGN !6, 22
55 58 INIT_FCALL 'sprintf'
59 SEND_VAL '%242y%24%2502d%24'
60 SEND_VAR !4
61 DO_ICALL $45
62 ASSIGN !7, $45
57 63 ASSIGN !3, 60
58 64 > JMP ->74
60 65 > INIT_FCALL 'trigger_error'
66 INIT_FCALL 'sprintf'
67 SEND_VAL 'password_hash%28%29%3A+Unknown+password+hashing+algorithm%3A+%25s'
68 SEND_VAR !1
69 DO_ICALL $48
70 SEND_VAR $48
71 SEND_VAL 512
72 DO_ICALL
61 73 > RETURN null
63 74 > ASSIGN !8, <false>
64 75 ISSET_ISEMPTY_DIM_OBJ 0 !2, 'salt'
76 > JMPZ ~51, ->145
65 77 > FETCH_DIM_R ~52 !2, 'salt'
78 GET_TYPE ~53 ~52
79 > SWITCH_STRING ~53, [ 'NULL':->97, 'boolean':->97, 'integer':->97, 'double':->97, 'string':->97, 'object':->101, 'array':->111, 'resource':->111, ], ->111
66 80 > CASE ~53, 'NULL'
81 > JMPNZ ~54, ->97
67 82 > CASE ~53, 'boolean'
83 > JMPNZ ~54, ->97
68 84 > CASE ~53, 'integer'
85 > JMPNZ ~54, ->97
69 86 > CASE ~53, 'double'
87 > JMPNZ ~54, ->97
70 88 > CASE ~53, 'string'
89 > JMPNZ ~54, ->97
73 90 > CASE ~53, 'object'
91 > JMPNZ ~54, ->101
78 92 > CASE ~53, 'array'
93 > JMPNZ ~54, ->111
79 94 > CASE ~53, 'resource'
95 > JMPNZ ~54, ->111
96 > > JMP ->111
71 97 > FETCH_DIM_R ~55 !2, 'salt'
98 CAST 6 ~56 ~55
99 ASSIGN !9, ~56
72 100 > JMP ->117
74 101 > INIT_FCALL 'method_exists'
102 FETCH_DIM_R ~58 !2, 'salt'
103 SEND_VAL ~58
104 SEND_VAL '__tostring'
105 DO_ICALL $59
106 > JMPZ $59, ->111
75 107 > FETCH_DIM_R ~60 !2, 'salt'
108 CAST 6 ~61 ~60
109 ASSIGN !9, ~61
76 110 > JMP ->117
81 111 > INIT_FCALL 'trigger_error'
112 SEND_VAL 'password_hash%28%29%3A+Non-string+salt+parameter+supplied'
113 SEND_VAL 512
114 DO_ICALL
82 115 FREE ~53
116 > RETURN null
117 > FREE ~53
84 118 INIT_FCALL_BY_NAME '_strlen'
119 SEND_VAR_EX !9
120 DO_FCALL 0 $64
121 IS_SMALLER $64, !6
122 > JMPZ ~65, ->137
85 123 > INIT_FCALL 'trigger_error'
124 INIT_FCALL 'sprintf'
125 SEND_VAL 'password_hash%28%29%3A+Provided+salt+is+too+short%3A+%25d+expecting+%25d'
126 INIT_FCALL_BY_NAME '_strlen'
127 SEND_VAR_EX !9
128 DO_FCALL 0 $66
129 SEND_VAR $66
130 SEND_VAR !6
131 DO_ICALL $67
132 SEND_VAR $67
133 SEND_VAL 512
134 DO_ICALL
86 135 > RETURN null
136* JMP ->144
87 137 > INIT_FCALL 'preg_match'
138 SEND_VAL '%23%5E%5Ba-zA-Z0-9.%2F%5D%2B%24%23D'
139 SEND_VAR !9
140 DO_ICALL $69
141 IS_EQUAL $69, 0
142 > JMPZ ~70, ->144
88 143 > ASSIGN !8, <true>
144 > > JMP ->254
91 145 > ASSIGN !10, ''
92 146 ASSIGN !11, <false>
93 147 INIT_FCALL 'function_exists'
148 SEND_VAL 'mcrypt_create_iv'
149 DO_ICALL $74
150 > JMPZ_EX ~75 $74, ->154
151 > DEFINED ~76 'PHALANGER'
152 BOOL_NOT ~77 ~76
153 BOOL ~75 ~77
154 > > JMPZ ~75, ->163
94 155 > INIT_FCALL_BY_NAME 'mcrypt_create_iv'
156 SEND_VAR_EX !5
157 FETCH_CONSTANT ~78 'MCRYPT_DEV_URANDOM'
158 SEND_VAL_EX ~78
159 DO_FCALL 0 $79
160 ASSIGN !10, $79
95 161 > JMPZ !10, ->163
96 162 > ASSIGN !11, <true>
99 163 > BOOL_NOT ~82 !11
164 > JMPZ_EX ~82 ~82, ->169
165 > INIT_FCALL 'function_exists'
166 SEND_VAL 'openssl_random_pseudo_bytes'
167 DO_ICALL $83
168 BOOL ~82 $83
169 > > JMPZ ~82, ->176
100 170 > INIT_FCALL_BY_NAME 'openssl_random_pseudo_bytes'
171 SEND_VAR_EX !5
172 DO_FCALL 0 $84
173 ASSIGN !10, $84
101 174 > JMPZ !10, ->176
102 175 > ASSIGN !11, <true>
105 176 > BOOL_NOT ~87 !11
177 > JMPZ_EX ~87 ~87, ->184
178 > BEGIN_SILENCE ~88
179 INIT_FCALL 'is_readable'
180 SEND_VAL '%2Fdev%2Furandom'
181 DO_ICALL $89
182 END_SILENCE ~88
183 BOOL ~87 $89
184 > > JMPZ ~87, ->213
106 185 > INIT_FCALL 'fopen'
186 SEND_VAL '%2Fdev%2Furandom'
187 SEND_VAL 'r'
188 DO_ICALL $90
189 ASSIGN !12, $90
107 190 INIT_FCALL_BY_NAME '_strlen'
191 SEND_VAR_EX !10
192 DO_FCALL 0 $92
193 ASSIGN !13, $92
108 194 > JMP ->205
109 195 > INIT_FCALL 'fread'
196 SEND_VAR !12
197 SUB ~94 !5, !13
198 SEND_VAL ~94
199 DO_ICALL $95
200 ASSIGN_OP 8 !10, $95
110 201 INIT_FCALL_BY_NAME '_strlen'
202 SEND_VAR_EX !10
203 DO_FCALL 0 $97
204 ASSIGN !13, $97
108 205 > IS_SMALLER !13, !5
206 > JMPNZ ~99, ->195
112 207 > INIT_FCALL 'fclose'
208 SEND_VAR !12
209 DO_ICALL
113 210 IS_SMALLER_OR_EQUAL !5, !13
211 > JMPZ ~101, ->213
114 212 > ASSIGN !11, <true>
117 213 > BOOL_NOT ~103 !11
214 > JMPNZ_EX ~103 ~103, ->220
215 > INIT_FCALL_BY_NAME '_strlen'
216 SEND_VAR_EX !10
217 DO_FCALL 0 $104
218 IS_SMALLER ~105 $104, !5
219 BOOL ~103 ~105
220 > > JMPZ ~103, ->252
118 221 > INIT_FCALL_BY_NAME '_strlen'
222 SEND_VAR_EX !10
223 DO_FCALL 0 $106
224 ASSIGN !14, $106
119 225 ASSIGN !15, 0
226 > JMP ->250
120 227 > IS_SMALLER !15, !14
228 > JMPZ ~109, ->241
121 229 > FETCH_DIM_R ~111 !10, !15
230 INIT_FCALL 'chr'
231 INIT_FCALL 'mt_rand'
232 SEND_VAL 0
233 SEND_VAL 255
234 DO_ICALL $112
235 SEND_VAR $112
236 DO_ICALL $113
237 BW_XOR ~114 $113, ~111
238 ASSIGN_DIM !10, !15
239 OP_DATA ~114
240 > JMP ->249
123 241 > INIT_FCALL 'chr'
242 INIT_FCALL 'mt_rand'
243 SEND_VAL 0
244 SEND_VAL 255
245 DO_ICALL $115
246 SEND_VAR $115
247 DO_ICALL $116
248 ASSIGN_OP 8 !10, $116
119 249 > PRE_INC !15
250 > IS_SMALLER !15, !5
251 > JMPNZ ~119, ->227
127 252 > ASSIGN !9, !10
128 253 ASSIGN !8, <true>
130 254 > > JMPZ !8, ->271
132 255 > ASSIGN !16, 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789%2B%2F'
134 256 ASSIGN !17, '.%2FABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789'
137 257 INIT_FCALL 'base64_encode'
258 SEND_VAR !9
259 DO_ICALL $124
260 ASSIGN !18, $124
138 261 INIT_FCALL 'strtr'
262 INIT_FCALL 'rtrim'
263 SEND_VARGenerated using Vulcan Logic Dumper, using php 8.0.0