3v4l.org

run code in 300+ PHP versions simultaneously
<? $defaultdata = array( "showpassword"=>"no", "bgcolor"=>"#ffffff"); function xor_encrypt($in) { //$key = '<censored>'; $key = 'U82q5TCMMQ9xuFoI3dYX61s7OZD9JKoK'; $text = $in; $outText = ''; // Iterate through each character for($i=0;$i<strlen($text);$i++) { $outText .= $text[$i] ^ $key[$i % strlen($key)]; } return $outText; } function loadData($def) { global $_COOKIE; $mydata = $def; if(array_key_exists("data", $_COOKIE)) { $tempdata = json_decode(xor_encrypt(base64_decode($_COOKIE["data"])), true); if(is_array($tempdata) && array_key_exists("showpassword", $tempdata) && array_key_exists("bgcolor", $tempdata)) { if (preg_match('/^#(?:[a-f\d]{6})$/i', $tempdata['bgcolor'])) { $mydata['showpassword'] = $tempdata['showpassword']; $mydata['bgcolor'] = $tempdata['bgcolor']; } } } return $mydata; } function saveData($d) { setcookie("data", base64_encode(xor_encrypt(json_encode($d)))); } // Taken from saveData() function encrypt($d){ return base64_encode(xor_encrypt(json_encode($d))); } function encrypt_step1($d){ return json_encode($d); } function encrypt_step2($d){ return xor_encrypt(json_encode($d)); } //Taken from loadData() function decrypt($d){ return json_decode(xor_encrypt(base64_decode($d)), true); } function decrypt_step1($d){ return base64_decode($d); } function decrypt_step2($d){ return xor_encrypt(base64_decode($d)); } /* $data = loadData($defaultdata); if(array_key_exists("bgcolor",$_REQUEST)) { if (preg_match('/^#(?:[a-f\d]{6})$/i', $_REQUEST['bgcolor'])) { $data['bgcolor'] = $_REQUEST['bgcolor']; } } saveData($data); */ /* */ $data = 'ClVLIh4ASCsCBE8lAxMacFMZV2hdVVotEhhUJQNVAmhSEV4sFxFeaAw%3D'; $data = "ClVLIh4ASCsCBE8lAxMacFMZV2hdVVotEhhUJQNVAmhSEV4vFBFeaAw="; $data = "ClVLIh4ASCsCBE8lAxMacFMZV2hdVVotEhhUJQNVAmhSEV4sFxFeaAw"; echo $data; echo "\nEvaluates to: \n"; $decrypted = decrypt($data); var_dump($decrypted); echo "\nDecrypt Step 1: \n"; echo decrypt_step1($data); // echo "\nDecrypt Step 2: \n"; // echo decrypt_step2($data); echo "Trying some shit:\n"; $injected_cookie = array( "showpassword"=>"yes", "bgcolor"=>"#ffffff"); var_dump($injected_cookie); echo "\nIn encyrpted form!\n"; $encrypted_good = encrypt($injected_cookie); var_dump($encrypted_good); ?> <h1>natas11</h1> <div id="content"> <body style="background: <?=$data['bgcolor']?>;"> Cookies are protected with XOR encryption<br/><br/> <? // THIS RIGH HERE IS THE KEY. YOU NEED TO MAKE SHOW PASSWORD = YES //if($data["showpassword"] == "yes") { // print "The password for natas12 is <censored><br>"; //} ?>
Output for 8.3.0 - 8.3.4, 8.3.6
<? $defaultdata = array( "showpassword"=>"no", "bgcolor"=>"#ffffff"); function xor_encrypt($in) { //$key = '<censored>'; $key = 'U82q5TCMMQ9xuFoI3dYX61s7OZD9JKoK'; $text = $in; $outText = ''; // Iterate through each character for($i=0;$i<strlen($text);$i++) { $outText .= $text[$i] ^ $key[$i % strlen($key)]; } return $outText; } function loadData($def) { global $_COOKIE; $mydata = $def; if(array_key_exists("data", $_COOKIE)) { $tempdata = json_decode(xor_encrypt(base64_decode($_COOKIE["data"])), true); if(is_array($tempdata) && array_key_exists("showpassword", $tempdata) && array_key_exists("bgcolor", $tempdata)) { if (preg_match('/^#(?:[a-f\d]{6})$/i', $tempdata['bgcolor'])) { $mydata['showpassword'] = $tempdata['showpassword']; $mydata['bgcolor'] = $tempdata['bgcolor']; } } } return $mydata; } function saveData($d) { setcookie("data", base64_encode(xor_encrypt(json_encode($d)))); } // Taken from saveData() function encrypt($d){ return base64_encode(xor_encrypt(json_encode($d))); } function encrypt_step1($d){ return json_encode($d); } function encrypt_step2($d){ return xor_encrypt(json_encode($d)); } //Taken from loadData() function decrypt($d){ return json_decode(xor_encrypt(base64_decode($d)), true); } function decrypt_step1($d){ return base64_decode($d); } function decrypt_step2($d){ return xor_encrypt(base64_decode($d)); } /* $data = loadData($defaultdata); if(array_key_exists("bgcolor",$_REQUEST)) { if (preg_match('/^#(?:[a-f\d]{6})$/i', $_REQUEST['bgcolor'])) { $data['bgcolor'] = $_REQUEST['bgcolor']; } } saveData($data); */ /* */ $data = 'ClVLIh4ASCsCBE8lAxMacFMZV2hdVVotEhhUJQNVAmhSEV4sFxFeaAw%3D'; $data = "ClVLIh4ASCsCBE8lAxMacFMZV2hdVVotEhhUJQNVAmhSEV4vFBFeaAw="; $data = "ClVLIh4ASCsCBE8lAxMacFMZV2hdVVotEhhUJQNVAmhSEV4sFxFeaAw"; echo $data; echo "\nEvaluates to: \n"; $decrypted = decrypt($data); var_dump($decrypted); echo "\nDecrypt Step 1: \n"; echo decrypt_step1($data); // echo "\nDecrypt Step 2: \n"; // echo decrypt_step2($data); echo "Trying some shit:\n"; $injected_cookie = array( "showpassword"=>"yes", "bgcolor"=>"#ffffff"); var_dump($injected_cookie); echo "\nIn encyrpted form!\n"; $encrypted_good = encrypt($injected_cookie); var_dump($encrypted_good); ?> <h1>natas11</h1> <div id="content"> <body style="background: Warning: Undefined variable $data in /in/FgBRt on line 109 Warning: Trying to access array offset on null in /in/FgBRt on line 109 ;"> Cookies are protected with XOR encryption<br/><br/> <? // THIS RIGH HERE IS THE KEY. YOU NEED TO MAKE SHOW PASSWORD = YES //if($data["showpassword"] == "yes") { // print "The password for natas12 is <censored><br>"; //} ?>
Output for 8.3.5
Warning: PHP Startup: Unable to load dynamic library 'sodium.so' (tried: /usr/lib/php/8.3.5/modules/sodium.so (libsodium.so.23: cannot open shared object file: No such file or directory), /usr/lib/php/8.3.5/modules/sodium.so.so (/usr/lib/php/8.3.5/modules/sodium.so.so: cannot open shared object file: No such file or directory)) in Unknown on line 0 <? $defaultdata = array( "showpassword"=>"no", "bgcolor"=>"#ffffff"); function xor_encrypt($in) { //$key = '<censored>'; $key = 'U82q5TCMMQ9xuFoI3dYX61s7OZD9JKoK'; $text = $in; $outText = ''; // Iterate through each character for($i=0;$i<strlen($text);$i++) { $outText .= $text[$i] ^ $key[$i % strlen($key)]; } return $outText; } function loadData($def) { global $_COOKIE; $mydata = $def; if(array_key_exists("data", $_COOKIE)) { $tempdata = json_decode(xor_encrypt(base64_decode($_COOKIE["data"])), true); if(is_array($tempdata) && array_key_exists("showpassword", $tempdata) && array_key_exists("bgcolor", $tempdata)) { if (preg_match('/^#(?:[a-f\d]{6})$/i', $tempdata['bgcolor'])) { $mydata['showpassword'] = $tempdata['showpassword']; $mydata['bgcolor'] = $tempdata['bgcolor']; } } } return $mydata; } function saveData($d) { setcookie("data", base64_encode(xor_encrypt(json_encode($d)))); } // Taken from saveData() function encrypt($d){ return base64_encode(xor_encrypt(json_encode($d))); } function encrypt_step1($d){ return json_encode($d); } function encrypt_step2($d){ return xor_encrypt(json_encode($d)); } //Taken from loadData() function decrypt($d){ return json_decode(xor_encrypt(base64_decode($d)), true); } function decrypt_step1($d){ return base64_decode($d); } function decrypt_step2($d){ return xor_encrypt(base64_decode($d)); } /* $data = loadData($defaultdata); if(array_key_exists("bgcolor",$_REQUEST)) { if (preg_match('/^#(?:[a-f\d]{6})$/i', $_REQUEST['bgcolor'])) { $data['bgcolor'] = $_REQUEST['bgcolor']; } } saveData($data); */ /* */ $data = 'ClVLIh4ASCsCBE8lAxMacFMZV2hdVVotEhhUJQNVAmhSEV4sFxFeaAw%3D'; $data = "ClVLIh4ASCsCBE8lAxMacFMZV2hdVVotEhhUJQNVAmhSEV4vFBFeaAw="; $data = "ClVLIh4ASCsCBE8lAxMacFMZV2hdVVotEhhUJQNVAmhSEV4sFxFeaAw"; echo $data; echo "\nEvaluates to: \n"; $decrypted = decrypt($data); var_dump($decrypted); echo "\nDecrypt Step 1: \n"; echo decrypt_step1($data); // echo "\nDecrypt Step 2: \n"; // echo decrypt_step2($data); echo "Trying some shit:\n"; $injected_cookie = array( "showpassword"=>"yes", "bgcolor"=>"#ffffff"); var_dump($injected_cookie); echo "\nIn encyrpted form!\n"; $encrypted_good = encrypt($injected_cookie); var_dump($encrypted_good); ?> <h1>natas11</h1> <div id="content"> <body style="background: Warning: Undefined variable $data in /in/FgBRt on line 109 Warning: Trying to access array offset on null in /in/FgBRt on line 109 ;"> Cookies are protected with XOR encryption<br/><br/> <? // THIS RIGH HERE IS THE KEY. YOU NEED TO MAKE SHOW PASSWORD = YES //if($data["showpassword"] == "yes") { // print "The password for natas12 is <censored><br>"; //} ?>
Output for 8.0.0 - 8.0.12, 8.0.14 - 8.0.30, 8.1.0 - 8.1.28, 8.2.0 - 8.2.18
<? $defaultdata = array( "showpassword"=>"no", "bgcolor"=>"#ffffff"); function xor_encrypt($in) { //$key = '<censored>'; $key = 'U82q5TCMMQ9xuFoI3dYX61s7OZD9JKoK'; $text = $in; $outText = ''; // Iterate through each character for($i=0;$i<strlen($text);$i++) { $outText .= $text[$i] ^ $key[$i % strlen($key)]; } return $outText; } function loadData($def) { global $_COOKIE; $mydata = $def; if(array_key_exists("data", $_COOKIE)) { $tempdata = json_decode(xor_encrypt(base64_decode($_COOKIE["data"])), true); if(is_array($tempdata) && array_key_exists("showpassword", $tempdata) && array_key_exists("bgcolor", $tempdata)) { if (preg_match('/^#(?:[a-f\d]{6})$/i', $tempdata['bgcolor'])) { $mydata['showpassword'] = $tempdata['showpassword']; $mydata['bgcolor'] = $tempdata['bgcolor']; } } } return $mydata; } function saveData($d) { setcookie("data", base64_encode(xor_encrypt(json_encode($d)))); } // Taken from saveData() function encrypt($d){ return base64_encode(xor_encrypt(json_encode($d))); } function encrypt_step1($d){ return json_encode($d); } function encrypt_step2($d){ return xor_encrypt(json_encode($d)); } //Taken from loadData() function decrypt($d){ return json_decode(xor_encrypt(base64_decode($d)), true); } function decrypt_step1($d){ return base64_decode($d); } function decrypt_step2($d){ return xor_encrypt(base64_decode($d)); } /* $data = loadData($defaultdata); if(array_key_exists("bgcolor",$_REQUEST)) { if (preg_match('/^#(?:[a-f\d]{6})$/i', $_REQUEST['bgcolor'])) { $data['bgcolor'] = $_REQUEST['bgcolor']; } } saveData($data); */ /* */ $data = 'ClVLIh4ASCsCBE8lAxMacFMZV2hdVVotEhhUJQNVAmhSEV4sFxFeaAw%3D'; $data = "ClVLIh4ASCsCBE8lAxMacFMZV2hdVVotEhhUJQNVAmhSEV4vFBFeaAw="; $data = "ClVLIh4ASCsCBE8lAxMacFMZV2hdVVotEhhUJQNVAmhSEV4sFxFeaAw"; echo $data; echo "\nEvaluates to: \n"; $decrypted = decrypt($data); var_dump($decrypted); echo "\nDecrypt Step 1: \n"; echo decrypt_step1($data); // echo "\nDecrypt Step 2: \n"; // echo decrypt_step2($data); echo "Trying some shit:\n"; $injected_cookie = array( "showpassword"=>"yes", "bgcolor"=>"#ffffff"); var_dump($injected_cookie); echo "\nIn encyrpted form!\n"; $encrypted_good = encrypt($injected_cookie); var_dump($encrypted_good); ?> <h1>natas11</h1> <div id="content"> <body style="background: Warning: Undefined variable $data in /in/FgBRt on line 109 Warning: Trying to access array offset on value of type null in /in/FgBRt on line 109 ;"> Cookies are protected with XOR encryption<br/><br/> <? // THIS RIGH HERE IS THE KEY. YOU NEED TO MAKE SHOW PASSWORD = YES //if($data["showpassword"] == "yes") { // print "The password for natas12 is <censored><br>"; //} ?>
Output for 8.0.13
ClVLIh4ASCsCBE8lAxMacFMZV2hdVVotEhhUJQNVAmhSEV4sFxFeaAw Evaluates to: NULL Decrypt Step 1: UK"H+O%pSWh]UZ-T%UhR^,^h Trying some shit: array(2) { ["showpassword"]=> string(3) "yes" ["bgcolor"]=> string(7) "#ffffff" } In encyrpted form! string(56) "LhpBGVojMyw+Ik4XByJNcxEdPCsUHVFVKDkrVSU5TXF3G1QXUzIlK28s" <h1>natas11</h1> <div id="content"> <body style="background: Fatal error: Uncaught TypeError: Cannot access offset of type string on string in /in/FgBRt:109 Stack trace: #0 {main} thrown in /in/FgBRt on line 109
Process exited with code 255.
Output for 7.0.0 - 7.0.20, 7.1.0 - 7.1.20, 7.2.0 - 7.2.6, 7.3.32 - 7.3.33, 7.4.33
ClVLIh4ASCsCBE8lAxMacFMZV2hdVVotEhhUJQNVAmhSEV4sFxFeaAw Evaluates to: NULL Decrypt Step 1: UK"H+O%pSWh]UZ-T%UhR^,^h Trying some shit: array(2) { ["showpassword"]=> string(3) "yes" ["bgcolor"]=> string(7) "#ffffff" } In encyrpted form! string(56) "LhpBGVojMyw+Ik4XByJNcxEdPCsUHVFVKDkrVSU5TXF3G1QXUzIlK28s" <h1>natas11</h1> <div id="content"> <body style="background: Warning: Illegal string offset 'bgcolor' in /in/FgBRt on line 109 C;"> Cookies are protected with XOR encryption<br/><br/>
Output for 7.4.0 - 7.4.32
<? $defaultdata = array( "showpassword"=>"no", "bgcolor"=>"#ffffff"); function xor_encrypt($in) { //$key = '<censored>'; $key = 'U82q5TCMMQ9xuFoI3dYX61s7OZD9JKoK'; $text = $in; $outText = ''; // Iterate through each character for($i=0;$i<strlen($text);$i++) { $outText .= $text[$i] ^ $key[$i % strlen($key)]; } return $outText; } function loadData($def) { global $_COOKIE; $mydata = $def; if(array_key_exists("data", $_COOKIE)) { $tempdata = json_decode(xor_encrypt(base64_decode($_COOKIE["data"])), true); if(is_array($tempdata) && array_key_exists("showpassword", $tempdata) && array_key_exists("bgcolor", $tempdata)) { if (preg_match('/^#(?:[a-f\d]{6})$/i', $tempdata['bgcolor'])) { $mydata['showpassword'] = $tempdata['showpassword']; $mydata['bgcolor'] = $tempdata['bgcolor']; } } } return $mydata; } function saveData($d) { setcookie("data", base64_encode(xor_encrypt(json_encode($d)))); } // Taken from saveData() function encrypt($d){ return base64_encode(xor_encrypt(json_encode($d))); } function encrypt_step1($d){ return json_encode($d); } function encrypt_step2($d){ return xor_encrypt(json_encode($d)); } //Taken from loadData() function decrypt($d){ return json_decode(xor_encrypt(base64_decode($d)), true); } function decrypt_step1($d){ return base64_decode($d); } function decrypt_step2($d){ return xor_encrypt(base64_decode($d)); } /* $data = loadData($defaultdata); if(array_key_exists("bgcolor",$_REQUEST)) { if (preg_match('/^#(?:[a-f\d]{6})$/i', $_REQUEST['bgcolor'])) { $data['bgcolor'] = $_REQUEST['bgcolor']; } } saveData($data); */ /* */ $data = 'ClVLIh4ASCsCBE8lAxMacFMZV2hdVVotEhhUJQNVAmhSEV4sFxFeaAw%3D'; $data = "ClVLIh4ASCsCBE8lAxMacFMZV2hdVVotEhhUJQNVAmhSEV4vFBFeaAw="; $data = "ClVLIh4ASCsCBE8lAxMacFMZV2hdVVotEhhUJQNVAmhSEV4sFxFeaAw"; echo $data; echo "\nEvaluates to: \n"; $decrypted = decrypt($data); var_dump($decrypted); echo "\nDecrypt Step 1: \n"; echo decrypt_step1($data); // echo "\nDecrypt Step 2: \n"; // echo decrypt_step2($data); echo "Trying some shit:\n"; $injected_cookie = array( "showpassword"=>"yes", "bgcolor"=>"#ffffff"); var_dump($injected_cookie); echo "\nIn encyrpted form!\n"; $encrypted_good = encrypt($injected_cookie); var_dump($encrypted_good); ?> <h1>natas11</h1> <div id="content"> <body style="background: Notice: Undefined variable: data in /in/FgBRt on line 109 Notice: Trying to access array offset on value of type null in /in/FgBRt on line 109 ;"> Cookies are protected with XOR encryption<br/><br/> <? // THIS RIGH HERE IS THE KEY. YOU NEED TO MAKE SHOW PASSWORD = YES //if($data["showpassword"] == "yes") { // print "The password for natas12 is <censored><br>"; //} ?>
Output for 7.2.29 - 7.2.33, 7.3.16 - 7.3.31
<? $defaultdata = array( "showpassword"=>"no", "bgcolor"=>"#ffffff"); function xor_encrypt($in) { //$key = '<censored>'; $key = 'U82q5TCMMQ9xuFoI3dYX61s7OZD9JKoK'; $text = $in; $outText = ''; // Iterate through each character for($i=0;$i<strlen($text);$i++) { $outText .= $text[$i] ^ $key[$i % strlen($key)]; } return $outText; } function loadData($def) { global $_COOKIE; $mydata = $def; if(array_key_exists("data", $_COOKIE)) { $tempdata = json_decode(xor_encrypt(base64_decode($_COOKIE["data"])), true); if(is_array($tempdata) && array_key_exists("showpassword", $tempdata) && array_key_exists("bgcolor", $tempdata)) { if (preg_match('/^#(?:[a-f\d]{6})$/i', $tempdata['bgcolor'])) { $mydata['showpassword'] = $tempdata['showpassword']; $mydata['bgcolor'] = $tempdata['bgcolor']; } } } return $mydata; } function saveData($d) { setcookie("data", base64_encode(xor_encrypt(json_encode($d)))); } // Taken from saveData() function encrypt($d){ return base64_encode(xor_encrypt(json_encode($d))); } function encrypt_step1($d){ return json_encode($d); } function encrypt_step2($d){ return xor_encrypt(json_encode($d)); } //Taken from loadData() function decrypt($d){ return json_decode(xor_encrypt(base64_decode($d)), true); } function decrypt_step1($d){ return base64_decode($d); } function decrypt_step2($d){ return xor_encrypt(base64_decode($d)); } /* $data = loadData($defaultdata); if(array_key_exists("bgcolor",$_REQUEST)) { if (preg_match('/^#(?:[a-f\d]{6})$/i', $_REQUEST['bgcolor'])) { $data['bgcolor'] = $_REQUEST['bgcolor']; } } saveData($data); */ /* */ $data = 'ClVLIh4ASCsCBE8lAxMacFMZV2hdVVotEhhUJQNVAmhSEV4sFxFeaAw%3D'; $data = "ClVLIh4ASCsCBE8lAxMacFMZV2hdVVotEhhUJQNVAmhSEV4vFBFeaAw="; $data = "ClVLIh4ASCsCBE8lAxMacFMZV2hdVVotEhhUJQNVAmhSEV4sFxFeaAw"; echo $data; echo "\nEvaluates to: \n"; $decrypted = decrypt($data); var_dump($decrypted); echo "\nDecrypt Step 1: \n"; echo decrypt_step1($data); // echo "\nDecrypt Step 2: \n"; // echo decrypt_step2($data); echo "Trying some shit:\n"; $injected_cookie = array( "showpassword"=>"yes", "bgcolor"=>"#ffffff"); var_dump($injected_cookie); echo "\nIn encyrpted form!\n"; $encrypted_good = encrypt($injected_cookie); var_dump($encrypted_good); ?> <h1>natas11</h1> <div id="content"> <body style="background: Notice: Undefined variable: data in /in/FgBRt on line 109 ;"> Cookies are protected with XOR encryption<br/><br/> <? // THIS RIGH HERE IS THE KEY. YOU NEED TO MAKE SHOW PASSWORD = YES //if($data["showpassword"] == "yes") { // print "The password for natas12 is <censored><br>"; //} ?>
preferences:
178.66 ms | 409 KiB | 172 Q