<?php
$realPassword = str_repeat('a', 80) . '3F$^$S#^%$JFD';
$hash = password_hash($realPassword, PASSWORD_BCRYPT);
$attackerGuess = str_repeat('a', 80);
echo 'real password ' . (password_verify($realPassword, $hash) ? 'accepted' : 'rejected') . PHP_EOL;
echo "attacker's guess " . (password_verify($attackerGuess, $hash) ? 'accepted' : 'rejected') . PHP_EOL;
- Output for 5.5.24 - 5.5.35, 5.6.7 - 5.6.21, 7.0.0 - 7.0.20, 7.1.0 - 7.1.33, 7.2.0 - 7.2.25, 7.3.0 - 7.3.12, 7.4.0
- real password accepted
attacker's guess accepted
- Output for 5.0.0 - 5.0.5, 5.1.0 - 5.1.6, 5.2.0 - 5.2.17, 5.3.0 - 5.3.29, 5.4.0 - 5.4.45
- Fatal error: Call to undefined function password_hash() in /in/KIAGX on line 5
Process exited with code 255. - Output for 4.4.5 - 4.4.9
- Fatal error: Call to undefined function: password_hash() in /in/KIAGX on line 5
Process exited with code 255. - Output for 4.3.2 - 4.3.11, 4.4.0 - 4.4.4
- Fatal error: Call to undefined function: password_hash() in /in/KIAGX on line 5
Process exited with code 255. - Output for 4.3.0 - 4.3.1
- Fatal error: Call to undefined function: password_hash() in /in/KIAGX on line 5
preferences:
173.45 ms | 401 KiB | 208 Q