Finding entry points
Branch analysis from position: 0
2 jumps found. (Code = 43) Position 1 = 1, Position 2 = 13
Branch analysis from position: 1
1 jumps found. (Code = 62) Position 1 = -2
Branch analysis from position: 13
filename: /in/ICJee
function name: (null)
number of ops: 21
compiled vars: none
line #* E I O op fetch ext return operands
-------------------------------------------------------------------------------------
10 0 E > > JMPZ <false>, ->13
12 1 > INIT_FCALL 'define'
2 SEND_VAL 'PASSWORD_BCRYPT'
3 SEND_VAL 1
4 DO_ICALL
13 5 INIT_FCALL 'define'
6 SEND_VAL 'PASSWORD_DEFAULT'
7 SEND_VAL '2y'
8 DO_ICALL
24 9 DECLARE_FUNCTION 'password_hash'
152 10 DECLARE_FUNCTION 'password_get_info'
178 11 DECLARE_FUNCTION 'password_needs_rehash'
202 12 DECLARE_FUNCTION 'password_verify'
223 13 > INIT_FCALL 'var_dump'
14 INIT_FCALL 'password_verify'
15 SEND_VAL 'Admin'
16 SEND_VAL '%242y%2410%24KUaL3Jaedp7zrNxIsgMNYuBWV5GybEUBCvFoGCP9sRuRLSINlbuai'
17 DO_ICALL $2
18 SEND_VAR $2
19 DO_ICALL
20 > RETURN 1
Function %00password_hash%2Fin%2FICJee%3A24%240:
Finding entry points
Branch analysis from position: 0
2 jumps found. (Code = 43) Position 1 = 8, Position 2 = 13
Branch analysis from position: 8
1 jumps found. (Code = 62) Position 1 = -2
Branch analysis from position: 13
2 jumps found. (Code = 43) Position 1 = 16, Position 2 = 21
Branch analysis from position: 16
1 jumps found. (Code = 62) Position 1 = -2
Branch analysis from position: 21
2 jumps found. (Code = 43) Position 1 = 24, Position 2 = 32
Branch analysis from position: 24
1 jumps found. (Code = 62) Position 1 = -2
Branch analysis from position: 32
3 jumps found. (Code = 188) Position 1 = 36, Position 2 = 63, Position 3 = 33
Branch analysis from position: 36
2 jumps found. (Code = 43) Position 1 = 39, Position 2 = 55
Branch analysis from position: 39
2 jumps found. (Code = 47) Position 1 = 43, Position 2 = 45
Branch analysis from position: 43
2 jumps found. (Code = 43) Position 1 = 46, Position 2 = 55
Branch analysis from position: 46
1 jumps found. (Code = 62) Position 1 = -2
Branch analysis from position: 55
1 jumps found. (Code = 42) Position 1 = 72
Branch analysis from position: 72
2 jumps found. (Code = 43) Position 1 = 74, Position 2 = 146
Branch analysis from position: 74
10 jumps found. (Code = 188) Position 1 = 94, Position 2 = 94, Position 3 = 94, Position 4 = 94, Position 5 = 94, Position 6 = 98, Position 7 = 108, Position 8 = 108, Position 9 = 108, Position 10 = 77
Branch analysis from position: 94
1 jumps found. (Code = 42) Position 1 = 114
Branch analysis from position: 114
2 jumps found. (Code = 43) Position 1 = 118, Position 2 = 130
Branch analysis from position: 118
1 jumps found. (Code = 62) Position 1 = -2
Branch analysis from position: 130
2 jumps found. (Code = 43) Position 1 = 136, Position 2 = 145
Branch analysis from position: 136
1 jumps found. (Code = 42) Position 1 = 252
Branch analysis from position: 252
2 jumps found. (Code = 47) Position 1 = 268, Position 2 = 271
Branch analysis from position: 268
2 jumps found. (Code = 43) Position 1 = 272, Position 2 = 273
Branch analysis from position: 272
1 jumps found. (Code = 62) Position 1 = -2
Branch analysis from position: 273
1 jumps found. (Code = 62) Position 1 = -2
Branch analysis from position: 271
Branch analysis from position: 145
Branch analysis from position: 94
Branch analysis from position: 94
Branch analysis from position: 94
Branch analysis from position: 94
Branch analysis from position: 98
2 jumps found. (Code = 43) Position 1 = 104, Position 2 = 108
Branch analysis from position: 104
1 jumps found. (Code = 42) Position 1 = 114
Branch analysis from position: 114
Branch analysis from position: 108
1 jumps found. (Code = 62) Position 1 = -2
Branch analysis from position: 108
Branch analysis from position: 108
Branch analysis from position: 108
Branch analysis from position: 77
2 jumps found. (Code = 44) Position 1 = 79, Position 2 = 94
Branch analysis from position: 79
2 jumps found. (Code = 44) Position 1 = 81, Position 2 = 94
Branch analysis from position: 81
2 jumps found. (Code = 44) Position 1 = 83, Position 2 = 94
Branch analysis from position: 83
2 jumps found. (Code = 44) Position 1 = 85, Position 2 = 94
Branch analysis from position: 85
2 jumps found. (Code = 44) Position 1 = 87, Position 2 = 94
Branch analysis from position: 87
2 jumps found. (Code = 44) Position 1 = 89, Position 2 = 98
Branch analysis from position: 89
2 jumps found. (Code = 44) Position 1 = 91, Position 2 = 108
Branch analysis from position: 91
2 jumps found. (Code = 44) Position 1 = 93, Position 2 = 108
Branch analysis from position: 93
1 jumps found. (Code = 42) Position 1 = 108
Branch analysis from position: 108
Branch analysis from position: 108
Branch analysis from position: 108
Branch analysis from position: 98
Branch analysis from position: 94
Branch analysis from position: 94
Branch analysis from position: 94
Branch analysis from position: 94
Branch analysis from position: 94
Branch analysis from position: 146
2 jumps found. (Code = 46) Position 1 = 152, Position 2 = 155
Branch analysis from position: 152
2 jumps found. (Code = 43) Position 1 = 156, Position 2 = 164
Branch analysis from position: 156
2 jumps found. (Code = 43) Position 1 = 163, Position 2 = 164
Branch analysis from position: 163
2 jumps found. (Code = 46) Position 1 = 166, Position 2 = 170
Branch analysis from position: 166
2 jumps found. (Code = 43) Position 1 = 171, Position 2 = 177
Branch analysis from position: 171
2 jumps found. (Code = 43) Position 1 = 176, Position 2 = 177
Branch analysis from position: 176
2 jumps found. (Code = 46) Position 1 = 179, Position 2 = 183
Branch analysis from position: 179
2 jumps found. (Code = 43) Position 1 = 184, Position 2 = 208
Branch analysis from position: 184
1 jumps found. (Code = 42) Position 1 = 200
Branch analysis from position: 200
2 jumps found. (Code = 44) Position 1 = 202, Position 2 = 192
Branch analysis from position: 202
2 jumps found. (Code = 43) Position 1 = 207, Position 2 = 208
Branch analysis from position: 207
2 jumps found. (Code = 47) Position 1 = 210, Position 2 = 213
Branch analysis from position: 210
2 jumps found. (Code = 43) Position 1 = 214, Position 2 = 243
Branch analysis from position: 214
1 jumps found. (Code = 42) Position 1 = 241
Branch analysis from position: 241
2 jumps found. (Code = 44) Position 1 = 243, Position 2 = 218
Branch analysis from position: 243
2 jumps found. (Code = 47) Position 1 = 268, Position 2 = 271
Branch analysis from position: 268
Branch analysis from position: 271
Branch analysis from position: 218
2 jumps found. (Code = 43) Position 1 = 220, Position 2 = 232
Branch analysis from position: 220
1 jumps found. (Code = 42) Position 1 = 240
Branch analysis from position: 240
2 jumps found. (Code = 44) Position 1 = 243, Position 2 = 218
Branch analysis from position: 243
Branch analysis from position: 218
Branch analysis from position: 232
2 jumps found. (Code = 44) Position 1 = 243, Position 2 = 218
Branch analysis from position: 243
Branch analysis from position: 218
Branch analysis from position: 243
Branch analysis from position: 213
Branch analysis from position: 208
Branch analysis from position: 192
2 jumps found. (Code = 44) Position 1 = 202, Position 2 = 192
Branch analysis from position: 202
Branch analysis from position: 192
Branch analysis from position: 208
Branch analysis from position: 183
Branch analysis from position: 177
Branch analysis from position: 177
Branch analysis from position: 170
Branch analysis from position: 164
Branch analysis from position: 164
Branch analysis from position: 155
Branch analysis from position: 45
Branch analysis from position: 55
Branch analysis from position: 63
1 jumps found. (Code = 62) Position 1 = -2
Branch analysis from position: 33
2 jumps found. (Code = 44) Position 1 = 35, Position 2 = 36
Branch analysis from position: 35
1 jumps found. (Code = 42) Position 1 = 63
Branch analysis from position: 63
Branch analysis from position: 36
filename: /in/ICJee
function name: password_hash
number of ops: 275
compiled vars: !0 = $password, !1 = $algo, !2 = $options, !3 = $cost, !4 = $raw_salt_len, !5 = $required_salt_len, !6 = $hash_format, !7 = $salt, !8 = $buffer, !9 = $buffer_valid, !10 = $f, !11 = $read, !12 = $bl, !13 = $i, !14 = $hash, !15 = $ret
line #* E I O op fetch ext return operands
-------------------------------------------------------------------------------------
24 0 E > RECV !0
1 RECV !1
2 RECV_INIT !2 <array>
25 3 INIT_FCALL 'function_exists'
4 SEND_VAL 'crypt'
5 DO_ICALL $16
6 BOOL_NOT ~17 $16
7 > JMPZ ~17, ->13
26 8 > INIT_FCALL 'trigger_error'
9 SEND_VAL 'Crypt+must+be+loaded+for+password_hash+to+function'
10 SEND_VAL 512
11 DO_ICALL
27 12 > RETURN null
29 13 > TYPE_CHECK 64 ~19 !0
14 BOOL_NOT ~20 ~19
15 > JMPZ ~20, ->21
30 16 > INIT_FCALL 'trigger_error'
17 SEND_VAL 'password_hash%28%29%3A+Password+must+be+a+string'
18 SEND_VAL 512
19 DO_ICALL
31 20 > RETURN null
33 21 > TYPE_CHECK 16 ~22 !1
22 BOOL_NOT ~23 ~22
23 > JMPZ ~23, ->32
34 24 > INIT_FCALL 'trigger_error'
25 GET_TYPE ~24 !1
26 CONCAT ~25 'password_hash%28%29+expects+parameter+2+to+be+long%2C+', ~24
27 CONCAT ~26 ~25, '+given'
28 SEND_VAL ~26
29 SEND_VAL 512
30 DO_ICALL
35 31 > RETURN null
37 32 > > SWITCH_STRING !1, [ '2y':->36, ], ->63
33 > IS_EQUAL !1, '2y'
34 > JMPNZ ~28, ->36
35 > > JMP ->63
40 36 > ASSIGN !3, 10
41 37 ISSET_ISEMPTY_DIM_OBJ 0 !2, 'cost'
38 > JMPZ ~30, ->55
42 39 > FETCH_DIM_R ~31 !2, 'cost'
40 ASSIGN !3, ~31
43 41 IS_SMALLER ~33 !3, 4
42 > JMPNZ_EX ~33 ~33, ->45
43 > IS_SMALLER ~34 31, !3
44 BOOL ~33 ~34
45 > > JMPZ ~33, ->55
44 46 > INIT_FCALL 'trigger_error'
47 INIT_FCALL 'sprintf'
48 SEND_VAL 'password_hash%28%29%3A+Invalid+bcrypt+cost+parameter+specified%3A+%25d'
49 SEND_VAR !3
50 DO_ICALL $35
51 SEND_VAR $35
52 SEND_VAL 512
53 DO_ICALL
45 54 > RETURN null
49 55 > ASSIGN !4, 16
51 56 ASSIGN !5, 22
52 57 INIT_FCALL 'sprintf'
58 SEND_VAL '%242y%24%2502d%24'
59 SEND_VAR !3
60 DO_ICALL $39
61 ASSIGN !6, $39
53 62 > JMP ->72
55 63 > INIT_FCALL 'trigger_error'
64 INIT_FCALL 'sprintf'
65 SEND_VAL 'password_hash%28%29%3A+Unknown+password+hashing+algorithm%3A+%25s'
66 SEND_VAR !1
67 DO_ICALL $41
68 SEND_VAR $41
69 SEND_VAL 512
70 DO_ICALL
56 71 > RETURN null
58 72 > ISSET_ISEMPTY_DIM_OBJ 0 !2, 'salt'
73 > JMPZ ~43, ->146
59 74 > FETCH_DIM_R ~44 !2, 'salt'
75 GET_TYPE ~45 ~44
76 > SWITCH_STRING ~45, [ 'NULL':->94, 'boolean':->94, 'integer':->94, 'double':->94, 'string':->94, 'object':->98, 'array':->108, 'resource':->108, ], ->108
60 77 > CASE ~45, 'NULL'
78 > JMPNZ ~46, ->94
61 79 > CASE ~45, 'boolean'
80 > JMPNZ ~46, ->94
62 81 > CASE ~45, 'integer'
82 > JMPNZ ~46, ->94
63 83 > CASE ~45, 'double'
84 > JMPNZ ~46, ->94
64 85 > CASE ~45, 'string'
86 > JMPNZ ~46, ->94
67 87 > CASE ~45, 'object'
88 > JMPNZ ~46, ->98
72 89 > CASE ~45, 'array'
90 > JMPNZ ~46, ->108
73 91 > CASE ~45, 'resource'
92 > JMPNZ ~46, ->108
93 > > JMP ->108
65 94 > FETCH_DIM_R ~47 !2, 'salt'
95 CAST 6 ~48 ~47
96 ASSIGN !7, ~48
66 97 > JMP ->114
68 98 > INIT_FCALL 'method_exists'
99 FETCH_DIM_R ~50 !2, 'salt'
100 SEND_VAL ~50
101 SEND_VAL '__tostring'
102 DO_ICALL $51
103 > JMPZ $51, ->108
69 104 > FETCH_DIM_R ~52 !2, 'salt'
105 CAST 6 ~53 ~52
106 ASSIGN !7, ~53
70 107 > JMP ->114
75 108 > INIT_FCALL 'trigger_error'
109 SEND_VAL 'password_hash%28%29%3A+Non-string+salt+parameter+supplied'
110 SEND_VAL 512
111 DO_ICALL
76 112 FREE ~45
113 > RETURN null
114 > FREE ~45
78 115 STRLEN ~56 !7
116 IS_SMALLER ~56, !5
117 > JMPZ ~57, ->130
79 118 > INIT_FCALL 'trigger_error'
119 INIT_FCALL 'sprintf'
120 SEND_VAL 'password_hash%28%29%3A+Provided+salt+is+too+short%3A+%25d+expecting+%25d'
121 STRLEN ~58 !7
122 SEND_VAL ~58
123 SEND_VAR !5
124 DO_ICALL $59
125 SEND_VAR $59
126 SEND_VAL 512
127 DO_ICALL
80 128 > RETURN null
129* JMP ->145
81 130 > INIT_FCALL 'preg_match'
131 SEND_VAL '%23%5E%5Ba-zA-Z0-9.%2F%5D%2B%24%23D'
132 SEND_VAR !7
133 DO_ICALL $61
134 IS_EQUAL $61, 0
135 > JMPZ ~62, ->145
82 136 > INIT_FCALL 'str_replace'
137 SEND_VAL '%2B'
138 SEND_VAL '.'
139 INIT_FCALL 'base64_encode'
140 SEND_VAR !7
141 DO_ICALL $63
142 SEND_VAR $63
143 DO_ICALL $64
144 ASSIGN !7, $64
145 > > JMP ->252
85 146 > ASSIGN !8, ''
86 147 ASSIGN !9, <false>
87 148 INIT_FCALL 'function_exists'
149 SEND_VAL 'mcrypt_create_iv'
150 DO_ICALL $68
151 > JMPZ_EX ~69 $68, ->155
152 > DEFINED ~70 'PHALANGER'
153 BOOL_NOT ~71 ~70
154 BOOL ~69 ~71
155 > > JMPZ ~69, ->164
88 156 > INIT_FCALL_BY_NAME 'mcrypt_create_iv'
157 SEND_VAR_EX !4
158 FETCH_CONSTANT ~72 'MCRYPT_DEV_URANDOM'
159 SEND_VAL_EX ~72
160 DO_FCALL 0 $73
161 ASSIGN !8, $73
89 162 > JMPZ !8, ->164
90 163 > ASSIGN !9, <true>
93 164 > BOOL_NOT ~76 !9
165 > JMPZ_EX ~76 ~76, ->170
166 > INIT_FCALL 'function_exists'
167 SEND_VAL 'openssl_random_pseudo_bytes'
168 DO_ICALL $77
169 BOOL ~76 $77
170 > > JMPZ ~76, ->177
94 171 > INIT_FCALL_BY_NAME 'openssl_random_pseudo_bytes'
172 SEND_VAR_EX !4
173 DO_FCALL 0 $78
174 ASSIGN !8, $78
95 175 > JMPZ !8, ->177
96 176 > ASSIGN !9, <true>
99 177 > BOOL_NOT ~81 !9
178 > JMPZ_EX ~81 ~81, ->183
179 > INIT_FCALL 'is_readable'
180 SEND_VAL '%2Fdev%2Furandom'
181 DO_ICALL $82
182 BOOL ~81 $82
183 > > JMPZ ~81, ->208
100 184 > INIT_FCALL 'fopen'
185 SEND_VAL '%2Fdev%2Furandom'
186 SEND_VAL 'r'
187 DO_ICALL $83
188 ASSIGN !10, $83
101 189 STRLEN ~85 !8
190 ASSIGN !11, ~85
102 191 > JMP ->200
103 192 > INIT_FCALL 'fread'
193 SEND_VAR !10
194 SUB ~87 !4, !11
195 SEND_VAL ~87
196 DO_ICALL $88
197 ASSIGN_OP 8 !8, $88
104 198 STRLEN ~90 !8
199 ASSIGN !11, ~90
102 200 > IS_SMALLER !11, !4
201 > JMPNZ ~92, ->192
106 202 > INIT_FCALL 'fclose'
203 SEND_VAR !10
204 DO_ICALL
107 205 IS_SMALLER_OR_EQUAL !4, !11
206 > JMPZ ~94, ->208
108 207 > ASSIGN !9, <true>
111 208 > BOOL_NOT ~96 !9
209 > JMPNZ_EX ~96 ~96, ->213
210 > STRLEN ~97 !8
211 IS_SMALLER ~98 ~97, !4
212 BOOL ~96 ~98
213 > > JMPZ ~96, ->243
112 214 > STRLEN ~99 !8
215 ASSIGN !12, ~99
113 216 ASSIGN !13, 0
217 > JMP ->241
114 218 > IS_SMALLER !13, !12
219 > JMPZ ~102, ->232
115 220 > FETCH_DIM_R ~104 !8, !13
221 INIT_FCALL 'chr'
222 INIT_FCALL 'mt_rand'
223 SEND_VAL 0
224 SEND_VAL 255
225 DO_ICALL $105
226 SEND_VAR $105
227 DO_ICALL $106
228 BW_XOR ~107 $106, ~104
229 ASSIGN_DIM !8, !13
230 OP_DATA ~107
231 > JMP ->240
117 232 > INIT_FCALL 'chr'
233 INIT_FCALL 'mt_rand'
234 SEND_VAL 0
235 SEND_VAL 255
236 DO_ICALL $108
237 SEND_VAR $108
238 DO_ICALL $109
239 ASSIGN_OP 8 !8, $109
113 240 > PRE_INC !13
241 > IS_SMALLER !13, !4
242 > JMPNZ ~112, ->218
121 243 > INIT_FCALL 'str_replace'
244 SEND_VAL '%2B'
245 SEND_VAL '.'
246 INIT_FCALL 'base64_encode'
247 SEND_VAR !8
248 DO_ICALL $113
249 SEND_VAR $113
250 DO_ICALL $114
251 ASSIGN !7, $114
123 252 > INIT_FCALL 'substr'
253 SEND_VAR !7
254 SEND_VAL 0
255 SEND_VAR !5
256 DO_ICALL $116
257 ASSIGN !7, $116
125 258 CONCAT ~118 !6, !7
259 ASSIGN !14, ~118
127 260 INIT_FCALL 'crypt'
261 SEND_VAR !0
262 SEND_VAR !14
263 DO_ICALL $120
264 ASSIGN !15, $120
129 265 TYPE_CHECK 64 ~122 !15
266 BOOL_NOT ~123 ~122
267 > JMPNZ_EX ~123 ~123, ->2Generated using Vulcan Logic Dumper, using php 8.0.0