Finding entry points
Branch analysis from position: 0
2 jumps found. (Code = 43) Position 1 = 5, Position 2 = 17
Branch analysis from position: 5
1 jumps found. (Code = 42) Position 1 = 18
Branch analysis from position: 18
1 jumps found. (Code = 62) Position 1 = -2
Branch analysis from position: 17
1 jumps found. (Code = 62) Position 1 = -2
filename: /in/Is24j
function name: (null)
number of ops: 56
compiled vars: !0 = $plaintext, !1 = $salt
line #* E I O op fetch ext return operands
-----------------------------------------------------------------------------------------
40 0 E > ASSIGN !0, 'mySuperSecretPassword'
42 1 INIT_FCALL 'function_exists'
2 SEND_VAL 'random_bytes'
3 DO_ICALL $3
4 > JMPZ $3, ->17
44 5 > INIT_FCALL 'md5'
6 INIT_FCALL 'random_bytes'
7 SEND_VAL 16
8 DO_ICALL $4
9 SEND_VAR $4
10 DO_ICALL $5
11 FRAMELESS_ICALL_3 substr ~6 $5, 0
12 OP_DATA 12
13 CONCAT ~7 '%242%24', ~6
14 CONCAT ~8 ~7, '%24'
15 ASSIGN !1, ~8
42 16 > JMP ->18
51 17 > ASSIGN !1, '%242y%2409%24anexampl%24'
54 18 > STRLEN ~11 !1
19 CONCAT ~12 'salt+length+%3D+', ~11
20 CONCAT ~13 ~12, '%0A'
21 ECHO ~13
55 22 INIT_FCALL 'crypt'
23 SEND_VAR !0
24 SEND_VAR !1
25 DO_ICALL $14
26 STRLEN ~15 $14
27 CONCAT ~16 ~15, '%0A'
28 ECHO ~16
56 29 INIT_FCALL 'crypt'
30 SEND_VAL 'U%2AU'
31 SEND_VAL '%242a%24CCCCCCCCCCCCCCCCCCCCC.E5YPO9kmyuRGyh0XouQYb4YMJKvyOeW'
32 DO_ICALL $17
33 CONCAT ~18 $17, '%0A'
34 ECHO ~18
57 35 INIT_FCALL 'crypt'
36 SEND_VAR !0
37 SEND_VAR !1
38 DO_ICALL $19
39 CONCAT ~20 $19, '%0A'
40 ECHO ~20
58 41 INIT_FCALL 'getcryptedpassword'
42 SEND_VAR !0
43 SEND_VAR !1
44 SEND_VAL 'crypt-blowfish'
45 DO_FCALL 0 $21
46 STRLEN ~22 $21
47 CONCAT ~23 ~22, '%0A'
48 ECHO ~23
59 49 INIT_FCALL 'getcryptedpassword'
50 SEND_VAR !0
51 SEND_VAR !1
52 SEND_VAL 'crypt-blowfish'
53 DO_FCALL 0 $24
54 ECHO $24
55 > RETURN 1
Function getcryptedpassword:
Finding entry points
Branch analysis from position: 0
2 jumps found. (Code = 43) Position 1 = 5, Position 2 = 11
Branch analysis from position: 5
1 jumps found. (Code = 42) Position 1 = 28
Branch analysis from position: 28
9 jumps found. (Code = 188) Position 1 = 44, Position 2 = 45, Position 3 = 60, Position 4 = 60, Position 5 = 60, Position 6 = 60, Position 7 = 70, Position 8 = 70, Position 9 = 29
Branch analysis from position: 44
1 jumps found. (Code = 62) Position 1 = -2
Branch analysis from position: 45
2 jumps found. (Code = 43) Position 1 = 55, Position 2 = 58
Branch analysis from position: 55
1 jumps found. (Code = 42) Position 1 = 59
Branch analysis from position: 59
1 jumps found. (Code = 62) Position 1 = -2
Branch analysis from position: 58
1 jumps found. (Code = 62) Position 1 = -2
Branch analysis from position: 60
2 jumps found. (Code = 43) Position 1 = 61, Position 2 = 63
Branch analysis from position: 61
1 jumps found. (Code = 42) Position 1 = 64
Branch analysis from position: 64
1 jumps found. (Code = 62) Position 1 = -2
Branch analysis from position: 63
1 jumps found. (Code = 62) Position 1 = -2
Branch analysis from position: 60
Branch analysis from position: 60
Branch analysis from position: 60
Branch analysis from position: 70
2 jumps found. (Code = 43) Position 1 = 71, Position 2 = 77
Branch analysis from position: 71
1 jumps found. (Code = 42) Position 1 = 81
Branch analysis from position: 81
2 jumps found. (Code = 43) Position 1 = 83, Position 2 = 86
Branch analysis from position: 83
1 jumps found. (Code = 42) Position 1 = 87
Branch analysis from position: 87
1 jumps found. (Code = 62) Position 1 = -2
Branch analysis from position: 86
1 jumps found. (Code = 62) Position 1 = -2
Branch analysis from position: 77
2 jumps found. (Code = 43) Position 1 = 83, Position 2 = 86
Branch analysis from position: 83
Branch analysis from position: 86
Branch analysis from position: 70
Branch analysis from position: 29
2 jumps found. (Code = 44) Position 1 = 31, Position 2 = 44
Branch analysis from position: 31
2 jumps found. (Code = 44) Position 1 = 33, Position 2 = 45
Branch analysis from position: 33
2 jumps found. (Code = 44) Position 1 = 35, Position 2 = 60
Branch analysis from position: 35
2 jumps found. (Code = 44) Position 1 = 37, Position 2 = 60
Branch analysis from position: 37
2 jumps found. (Code = 44) Position 1 = 39, Position 2 = 60
Branch analysis from position: 39
2 jumps found. (Code = 44) Position 1 = 41, Position 2 = 60
Branch analysis from position: 41
2 jumps found. (Code = 44) Position 1 = 43, Position 2 = 70
Branch analysis from position: 43
1 jumps found. (Code = 42) Position 1 = 70
Branch analysis from position: 70
Branch analysis from position: 70
Branch analysis from position: 60
Branch analysis from position: 60
Branch analysis from position: 60
Branch analysis from position: 60
Branch analysis from position: 45
Branch analysis from position: 44
Branch analysis from position: 11
2 jumps found. (Code = 43) Position 1 = 15, Position 2 = 27
Branch analysis from position: 15
1 jumps found. (Code = 42) Position 1 = 28
Branch analysis from position: 28
Branch analysis from position: 27
9 jumps found. (Code = 188) Position 1 = 44, Position 2 = 45, Position 3 = 60, Position 4 = 60, Position 5 = 60, Position 6 = 60, Position 7 = 70, Position 8 = 70, Position 9 = 29
Branch analysis from position: 44
Branch analysis from position: 45
Branch analysis from position: 60
Branch analysis from position: 60
Branch analysis from position: 60
Branch analysis from position: 60
Branch analysis from position: 70
Branch analysis from position: 70
Branch analysis from position: 29
filename: /in/Is24j
function name: getCryptedPassword
number of ops: 89
compiled vars: !0 = $plaintext, !1 = $salt, !2 = $encryption, !3 = $show_encrypt, !4 = $encrypted
line #* E I O op fetch ext return operands
-----------------------------------------------------------------------------------------
2 0 E > RECV !0
1 RECV_INIT !1 ''
2 RECV_INIT !2 'crypt-blowfish'
3 RECV_INIT !3 <false>
5 4 > JMPZ !1, ->11
7 5 > FRAMELESS_ICALL_3 preg_replace ~5 '%7C%5E%7Bcrypt%7D%7Ci', ''
6 OP_DATA !1
7 FRAMELESS_ICALL_3 substr ~6 ~5, 0
8 OP_DATA 16
9 ASSIGN !1, ~6
5 10 > JMP ->28
11 11 > INIT_FCALL 'function_exists'
12 SEND_VAL 'random_bytes'
13 DO_ICALL $8
14 > JMPZ $8, ->27
13 15 > INIT_FCALL 'md5'
16 INIT_FCALL 'random_bytes'
17 SEND_VAL 16
18 DO_ICALL $9
19 SEND_VAR $9
20 DO_ICALL $10
21 FRAMELESS_ICALL_3 substr ~11 $10, 0
22 OP_DATA 12
23 CONCAT ~12 '%242%24', ~11
24 CONCAT ~13 ~12, '%24'
25 ASSIGN !1, ~13
11 26 > JMP ->28
18 27 > ASSIGN !1, '%242%249936b047ea8b%24'
22 28 > > SWITCH_STRING !2, [ 'plain':->44, 'sha':->45, 'crypt':->60, 'crypt-des':->60, 'crypt-md5':->60, 'crypt-blowfish':->60, 'md5-hex':->70, ], ->70
24 29 > IS_EQUAL !2, 'plain'
30 > JMPNZ ~16, ->44
26 31 > IS_EQUAL !2, 'sha'
32 > JMPNZ ~16, ->45
29 33 > IS_EQUAL !2, 'crypt'
34 > JMPNZ ~16, ->60
30 35 > IS_EQUAL !2, 'crypt-des'
36 > JMPNZ ~16, ->60
31 37 > IS_EQUAL !2, 'crypt-md5'
38 > JMPNZ ~16, ->60
32 39 > IS_EQUAL !2, 'crypt-blowfish'
40 > JMPNZ ~16, ->60
34 41 > IS_EQUAL !2, 'md5-hex'
42 > JMPNZ ~16, ->70
43 > > JMP ->70
25 44 > > RETURN !0
27 45 > INIT_FCALL 'base64_encode'
46 INIT_FCALL_BY_NAME 'mhash'
47 FETCH_CONSTANT ~17 'MHASH_SHA1'
48 SEND_VAL_EX ~17
49 SEND_VAR_EX !0
50 DO_FCALL 0 $18
51 SEND_VAR $18
52 DO_ICALL $19
53 ASSIGN !4, $19
28 54 > JMPZ !3, ->58
55 > CONCAT ~21 '%7BSHA%7D', !4
56 QM_ASSIGN ~22 ~21
57 > JMP ->59
58 > QM_ASSIGN ~22 !4
59 > > RETURN ~22
33 60 > > JMPZ !3, ->63
61 > QM_ASSIGN ~23 '%7Bcrypt%7D'
62 > JMP ->64
63 > QM_ASSIGN ~23 ''
64 > INIT_FCALL 'crypt'
65 SEND_VAR !0
66 SEND_VAR !1
67 DO_ICALL $24
68 CONCAT ~25 ~23, $24
69 > RETURN ~25
36 70 > > JMPZ !1, ->77
71 > INIT_FCALL 'md5'
72 CONCAT ~26 !0, !1
73 SEND_VAL ~26
74 DO_ICALL $27
75 QM_ASSIGN ~28 $27
76 > JMP ->81
77 > INIT_FCALL 'md5'
78 SEND_VAR !0
79 DO_ICALL $29
80 QM_ASSIGN ~28 $29
81 > ASSIGN !4, ~28
37 82 > JMPZ !3, ->86
83 > CONCAT ~31 '%7BMD5%7D', !4
84 QM_ASSIGN ~32 ~31
85 > JMP ->87
86 > QM_ASSIGN ~32 !4
87 > > RETURN ~32
39 88* > RETURN null
End of function getcryptedpassword
Generated using Vulcan Logic Dumper, using php 8.5.0