Finding entry points
Branch analysis from position: 0
2 jumps found. (Code = 46) Position 1 = 5, Position 2 = 9
Branch analysis from position: 5
2 jumps found. (Code = 43) Position 1 = 10, Position 2 = 14
Branch analysis from position: 10
1 jumps found. (Code = 79) Position 1 = -2
Branch analysis from position: 14
2 jumps found. (Code = 47) Position 1 = 40, Position 2 = 45
Branch analysis from position: 40
2 jumps found. (Code = 43) Position 1 = 46, Position 2 = 72
Branch analysis from position: 46
1 jumps found. (Code = 79) Position 1 = -2
Branch analysis from position: 72
2 jumps found. (Code = 43) Position 1 = 75, Position 2 = 140
Branch analysis from position: 75
2 jumps found. (Code = 43) Position 1 = 84, Position 2 = 86
Branch analysis from position: 84
2 jumps found. (Code = 47) Position 1 = 91, Position 2 = 96
Branch analysis from position: 91
2 jumps found. (Code = 43) Position 1 = 97, Position 2 = 99
Branch analysis from position: 97
2 jumps found. (Code = 43) Position 1 = 117, Position 2 = 119
Branch analysis from position: 117
2 jumps found. (Code = 43) Position 1 = 122, Position 2 = 139
Branch analysis from position: 122
1 jumps found. (Code = 42) Position 1 = 141
Branch analysis from position: 141
2 jumps found. (Code = 43) Position 1 = 145, Position 2 = 151
Branch analysis from position: 145
1 jumps found. (Code = 42) Position 1 = 156
Branch analysis from position: 156
1 jumps found. (Code = 62) Position 1 = -2
Branch analysis from position: 151
1 jumps found. (Code = 62) Position 1 = -2
Branch analysis from position: 139
Branch analysis from position: 119
Branch analysis from position: 99
Branch analysis from position: 96
Branch analysis from position: 86
Branch analysis from position: 140
2 jumps found. (Code = 43) Position 1 = 145, Position 2 = 151
Branch analysis from position: 145
Branch analysis from position: 151
Branch analysis from position: 45
Branch analysis from position: 9
filename: /in/IubCD
function name: (null)
number of ops: 158
compiled vars: !0 = $query, !1 = $userdata, !2 = $err, !3 = $domain
line #* E I O op fetch ext return operands
-------------------------------------------------------------------------------------
1 0 E > ECHO '%3Chtml%3E%0A%3Cbody%3E%0A%3Cmeta+http-equiv%3D%22Content-Type%22+content%3D%22text%2Fhtml%3B+charset%3Dutf-8%22%3E%0A%3Ctitle%3EUntitled+Document%3C%2Ftitle%3E%0A%3Cstyle%3E%0A+++.colortext+%7B%0A++++background-color%3A+%23ffe%3B+%2F%2A+%D0%A6%D0%B2%D0%B5%D1%82+%D1%84%D0%BE%D0%BD%D0%B0+%2A%2F%0A++++color%3A+%23930%3B+%2F%2A+%D0%A6%D0%B2%D0%B5%D1%82+%D1%82%D0%B5%D0%BA%D1%81%D1%82%D0%B0+%2A%2F%0A+++%7D%0A%3C%2Fstyle%3E%0A'
13 1 FETCH_IS ~4 '_COOKIE'
2 ISSET_ISEMPTY_DIM_OBJ 0 ~5 ~4, 'id'
3 BOOL_NOT ~6 ~5
4 > JMPZ_EX ~6 ~6, ->9
5 > FETCH_IS ~7 '_COOKIE'
6 ISSET_ISEMPTY_DIM_OBJ 0 ~8 ~7, 'hash'
7 BOOL_NOT ~9 ~8
8 BOOL ~6 ~9
9 > > JMPZ ~6, ->14
15 10 > INIT_FCALL 'header'
11 SEND_VAL 'Location%3A+login.php'
12 DO_ICALL
13 > EXIT
18 14 > INIT_FCALL_BY_NAME 'mysql_connect'
15 SEND_VAL_EX 'localhost'
16 SEND_VAL_EX 'root'
17 SEND_VAL_EX 'root'
18 DO_FCALL 0
19 19 INIT_FCALL_BY_NAME 'mysql_select_db'
20 SEND_VAL_EX 'bifly'
21 DO_FCALL 0
20 22 INIT_FCALL_BY_NAME 'mysql_query'
23 FETCH_R global ~13 '_COOKIE'
24 FETCH_DIM_R ~14 ~13, 'id'
25 CAST 4 ~15 ~14
26 CONCAT ~16 'SELECT+%2A+FROM+users+WHERE+user_id+%3D+%27', ~15
27 CONCAT ~17 ~16, '%27+LIMIT+1'
28 SEND_VAL_EX ~17
29 DO_FCALL 0 $18
30 ASSIGN !0, $18
21 31 INIT_FCALL_BY_NAME 'mysql_fetch_assoc'
32 SEND_VAR_EX !0
33 DO_FCALL 0 $20
34 ASSIGN !1, $20
26 35 FETCH_DIM_R ~22 !1, 'user_hash'
36 FETCH_R global ~23 '_COOKIE'
37 FETCH_DIM_R ~24 ~23, 'hash'
38 IS_NOT_IDENTICAL ~25 ~22, ~24
39 > JMPNZ_EX ~25 ~25, ->45
40 > FETCH_DIM_R ~26 !1, 'user_id'
41 FETCH_R global ~27 '_COOKIE'
42 FETCH_DIM_R ~28 ~27, 'id'
43 IS_NOT_IDENTICAL ~29 ~26, ~28
44 BOOL ~25 ~29
45 > > JMPZ ~25, ->72
28 46 > INIT_FCALL 'setcookie'
47 SEND_VAL 'id'
48 SEND_VAL ''
49 INIT_FCALL 'time'
50 DO_ICALL $30
51 SUB ~31 $30, 31104000
52 SEND_VAL ~31
53 SEND_VAL '%2F'
54 DO_ICALL
29 55 INIT_FCALL 'setcookie'
56 SEND_VAL 'hash'
57 SEND_VAL ''
58 INIT_FCALL 'time'
59 DO_ICALL $33
60 SUB ~34 $33, 31104000
61 SEND_VAL ~34
62 SEND_VAL '%2F'
63 DO_ICALL
30 64 ECHO '%D0%A5%D0%BC%2C+%D1%87%D1%82%D0%BE-%D1%82%D0%BE+%D0%BD%D0%B5+%D0%BF%D0%BE%D0%BB%D1%83%D1%87%D0%B8%D0%BB%D0%BE%D1%81%D1%8C'
31 65 INIT_FCALL 'sleep'
66 SEND_VAL 3
67 DO_ICALL
32 68 INIT_FCALL 'header'
69 SEND_VAL 'Location%3A+login.php'
70 DO_ICALL
71 > EXIT
35 72 > FETCH_IS ~38 '_POST'
73 ISSET_ISEMPTY_DIM_OBJ 0 ~38, 'submit'
74 > JMPZ ~39, ->140
37 75 > ASSIGN !2, <array>
39 76 INIT_FCALL 'preg_match'
77 SEND_VAL '%2F%5E%5Ba-zA-Z%5D%2B%24%2F'
78 FETCH_R global ~41 '_POST'
79 FETCH_DIM_R ~42 ~41, 'domain'
80 SEND_VAL ~42
81 DO_ICALL $43
82 BOOL_NOT ~44 $43
83 > JMPZ ~44, ->86
41 84 > ASSIGN_DIM !2
85 OP_DATA '%D0%94%D0%BE%D0%BC%D0%B5%D0%BD+%D0%BC%D0%BE%D0%B6%D0%B5%D1%82+%D1%81%D0%BE%D1%81%D1%82%D0%BE%D1%8F%D1%82%D1%8C+%D1%82%D0%BE%D0%BB%D1%8C%D0%BA%D0%BE+%D0%B8%D0%B7+%D0%B1%D1%83%D0%BA%D0%B2+%D0%B0%D0%BD%D0%B3%D0%BB%D0%B8%D0%B9%D1%81%D0%BA%D0%BE%D0%B3%D0%BE+%D0%B0%D0%BB%D1%84%D0%B0%D0%B2%D0%B8%D1%82%D0%B0'
43 86 > FETCH_R global ~46 '_POST'
87 FETCH_DIM_R ~47 ~46, 'domain'
88 STRLEN ~48 ~47
89 IS_SMALLER ~49 ~48, 3
90 > JMPNZ_EX ~49 ~49, ->96
91 > FETCH_R global ~50 '_POST'
92 FETCH_DIM_R ~51 ~50, 'domain'
93 STRLEN ~52 ~51
94 IS_SMALLER ~53 16, ~52
95 BOOL ~49 ~53
96 > > JMPZ ~49, ->99
45 97 > ASSIGN_DIM !2
98 OP_DATA '%D0%94%D0%BE%D0%BC%D0%B5%D0%BD+%D0%B4%D0%BE%D0%BB%D0%B6%D0%B5%D0%BD+%D0%B1%D1%8B%D1%82%D1%8C+%D0%BD%D0%B5+%D0%BC%D0%B5%D0%BD%D1%8C%D1%88%D0%B5+3-%D1%85+%D1%81%D0%B8%D0%BC%D0%B2%D0%BE%D0%BB%D0%BE%D0%B2+%D0%B8+%D0%BD%D0%B5+%D0%B1%D0%BE%D0%BB%D1%8C%D1%88%D0%B5+16'
49 99 > INIT_FCALL_BY_NAME 'mysql_query'
100 INIT_FCALL_BY_NAME 'mysql_real_escape_string'
101 CHECK_FUNC_ARG
102 FETCH_FUNC_ARG global $55 '_POST'
103 FETCH_DIM_FUNC_ARG $56 $55, 'domain'
104 SEND_FUNC_ARG $56
105 DO_FCALL 0 $57
106 CONCAT ~58 'SELECT+COUNT%28user_id%29+FROM+users+WHERE+user_domain%3D%27', $57
107 CONCAT ~59 ~58, '%27'
108 SEND_VAL_EX ~59
109 DO_FCALL 0 $60
110 ASSIGN !0, $60
50 111 INIT_FCALL_BY_NAME 'mysql_result'
112 SEND_VAR_EX !0
113 SEND_VAL_EX 0
114 DO_FCALL 0 $62
115 IS_SMALLER 0, $62
116 > JMPZ ~63, ->119
52 117 > ASSIGN_DIM !2
118 OP_DATA '%D0%A2%D0%B0%D0%BA%D0%BE%D0%B9+%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD+%D1%83%D0%B6%D0%B5+%D1%81%D1%83%D1%89%D0%B5%D1%81%D1%82%D0%B2%D1%83%D0%B5%D1%82+%D0%B2+%D0%B1%D0%B0%D0%B7%D0%B5+%D0%B4%D0%B0%D0%BD%D0%BD%D1%8B%D1%85'
56 119 > COUNT ~65 !2
120 IS_EQUAL ~65, 0
121 > JMPZ ~66, ->139
58 122 > FETCH_R global ~67 '_POST'
123 FETCH_DIM_R ~68 ~67, 'domain'
124 ASSIGN !3, ~68
59 125 INIT_FCALL 'var_dump'
126 SEND_VAR !3
127 DO_ICALL
60 128 ECHO 'test'
62 129 INIT_FCALL_BY_NAME 'mysql_query'
130 CONCAT ~71 'UPDATE+users+SET+user_domain+%3D+%27', !3
131 CONCAT ~72 ~71, '%27+WHERE+user_id+%3D+%27'
132 FETCH_R global ~73 '_COOKIE'
133 FETCH_DIM_R ~74 ~73, 'id'
134 CAST 4 ~75 ~74
135 CONCAT ~76 ~72, ~75
136 CONCAT ~77 ~76, '%27'
137 SEND_VAL_EX ~77
138 DO_FCALL 0
139 > > JMP ->141
69 140 > ECHO '%3Cb%3E%D0%9F%D1%80%D0%B8+%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8+%D0%BF%D1%80%D0%BE%D0%B8%D0%B7%D0%BE%D1%88%D0%BB%D0%B8+%D1%81%D0%BB%D0%B5%D0%B4%D1%83%D1%8E%D1%89%D0%B8%D0%B5+%D0%BE%D1%88%D0%B8%D0%B1%D0%BA%D0%B8%3A%3C%2Fb%3E%3Cbr%3E'
76 141 > ECHO '%3Ch1%3E%D0%94%D0%BE%D0%B1%D1%80%D0%BE+%D0%BF%D0%BE%D0%B6%D0%B0%D0%BB%D0%BE%D0%B2%D0%B0%D1%82%D1%8C+%D0%B2+%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%B9+%D0%BA%D0%B0%D0%B1%D0%B8%D0%BD%D0%B5%D1%82%21%3C%2Fh1%3E'
79 142 FETCH_DIM_R ~79 !1, 'user_domain'
143 IS_EQUAL ~79, 'NULL'
144 > JMPZ ~80, ->151
81 145 > ROPE_INIT 3 ~83 '%3Cbr%3E%D0%92%D0%B0%D1%88%D0%B5+%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%BD%D0%BE%D0%B5+%D0%B8%D0%BC%D1%8F%3A+%3Cfont+color%3D%27green%27%3E'
146 FETCH_DIM_R ~81 !1, 'user_domain'
147 ROPE_ADD 1 ~83 ~83, ~81
148 ROPE_END 2 ~82 ~83, '%3C%2Ffont%3E'
149 ECHO ~82
150 > JMP ->156
85 151 > ECHO '%3Cbr%3E%D0%92%D0%B0%D1%88%D0%B5+%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%BD%D0%BE%D0%B5+%D0%B8%D0%BC%D1%8F%3A+%3Cfont+color%3D%27red%27%3E%D0%BE%D1%82%D1%81%D1%83%D1%82%D1%81%D1%82%D0%B2%D1%83%D0%B5%D1%82%3C%2Ffont%3E%0A'
86 152 ECHO '%3Cform+method%3D%27POST%27%3E%0A'
87 153 ECHO '%D0%92%D0%B2%D0%B5%D0%B4%D0%B8%D1%82%D0%B5+%D0%B8%D0%BC%D1%8F+%28%D1%82%D0%BE%D0%BB%D1%8C%D0%BA%D0%BE+%D0%BB%D0%B0%D1%82%D0%B8%D0%BD%D1%81%D0%BA%D0%B8%D0%B5+%D0%B1%D1%83%D0%BA%D0%B2%D1%8B%29+%3Cinput+name%3D%27domain%27+type%3D%27text%27%3E%3Cbr%3E%0A'
88 154 ECHO '%3Cinput+name%3D%27submit%27+type%3D%27submit%27+value%3D%27%D0%97%D0%B0%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D1%82%D1%8C%27%3E%0A'
89 155 ECHO '%3C%2Fform%3E%0A'
95 156 > ECHO '%0A%3C%2Fbody%3E%0A%3C%2Fhtml%3E'
97 157 > RETURN 1
Generated using Vulcan Logic Dumper, using php 8.0.0