Finding entry points
Branch analysis from position: 0
2 jumps found. (Code = 43) Position 1 = 13, Position 2 = 32
Branch analysis from position: 13
1 jumps found. (Code = 42) Position 1 = 40
Branch analysis from position: 40
1 jumps found. (Code = 62) Position 1 = -2
Branch analysis from position: 32
2 jumps found. (Code = 46) Position 1 = 34, Position 2 = 36
Branch analysis from position: 34
2 jumps found. (Code = 43) Position 1 = 37, Position 2 = 39
Branch analysis from position: 37
1 jumps found. (Code = 42) Position 1 = 40
Branch analysis from position: 40
Branch analysis from position: 39
1 jumps found. (Code = 62) Position 1 = -2
Branch analysis from position: 36
filename: /in/cOmU1
function name: (null)
number of ops: 44
compiled vars: !0 = $imei, !1 = $hw
line #* E I O op fetch ext return operands
-------------------------------------------------------------------------------------
54 0 E > ECHO '%3Chead%3E%3Ctitle%3EHuawei+Code+Calculator%3C%2Ftitle%3E%3C%2Fhead%3E%0A%09%09%09Huawei+E303+%7C+E369+%7C+E357+Code+calculator%3Cbr%3E%3Cbr%3E'
58 1 INIT_FCALL 'htmlspecialchars'
2 FETCH_R global ~2 '_POST'
3 FETCH_DIM_R ~3 ~2, 'imei'
4 SEND_VAL ~3
5 DO_ICALL $4
6 ASSIGN !0, $4
59 7 NEW $6 'hw'
8 DO_FCALL 0
9 ASSIGN !1, $6
61 10 STRLEN ~9 !0
11 IS_EQUAL ~9, 15
12 > JMPZ ~10, ->32
62 13 > INIT_FCALL 'htmlspecialchars'
14 SEND_VAR !0
15 DO_ICALL $11
16 ASSIGN !0, $11
63 17 ECHO 'Results%3A%3Cbr%3E'
64 18 INIT_METHOD_CALL !1, 'calculate'
19 SEND_VAR_EX !0
20 SEND_VAL_EX 'unlock'
21 DO_FCALL 0 $13
22 CONCAT ~14 'Unlock++', $13
23 ECHO ~14
65 24 ECHO '%3Cbr%3E'
66 25 INIT_METHOD_CALL !1, 'calculate'
26 SEND_VAR_EX !0
27 SEND_VAL_EX 'flash'
28 DO_FCALL 0 $15
29 CONCAT ~16 'Flash++', $15
30 ECHO ~16
61 31 > JMP ->40
69 32 > IS_SMALLER ~17 !0, 15
33 > JMPZ_EX ~17 ~17, ->36
34 > IS_SMALLER ~18 1, !0
35 BOOL ~17 ~18
36 > > JMPZ ~17, ->39
70 37 > ECHO 'Error+%3A+Invalid+IMEI'
69 38 > JMP ->40
73 39 > ECHO 'Enter+imei+on+box+to+calculate'
78 40 > ECHO '%3Cbr%3E%3Cbr%3E%0A%09%09%09%3Cform+method%3D%27post%27+action%3D%27%27%3E%0A%09%09%09IMEI+%3A+%3Cinput+type%3D%27text%27+name%3D%27imei%27+maxlength%3D%2715%27%3E%3Cbr%3E%0A%09%09%09%3Cinput+type%3D%27submit%27+value%3D%27CALCULATE%27%3E%0A%09%09%3C%2Fform%3E'
84 41 ECHO '%3Chr%3E'
85 42 ECHO 'Credits+to+Original+algo+sharer%3Cbr%3E%0A%09%09%09Script+Kiddie+PHP%3Cbr%3E'
87 43 > RETURN 1
Class hw:
Function calculate:
Finding entry points
Branch analysis from position: 0
1 jumps found. (Code = 62) Position 1 = -2
filename: /in/cOmU1
function name: calculate
number of ops: 20
compiled vars: !0 = $imei, !1 = $mode, !2 = $arrayofbytes, !3 = $digesthash
line #* E I O op fetch ext return operands
-------------------------------------------------------------------------------------
9 0 E > RECV !0
1 RECV !1
10 2 ASSIGN !2, <array>
11 3 INIT_FCALL 'md5'
4 INIT_METHOD_CALL 'mode'
5 SEND_VAR_EX !1
6 DO_FCALL 0 $5
7 CONCAT ~6 !0, $5
8 SEND_VAL ~6
9 DO_ICALL $7
10 ASSIGN !3, $7
12 11 INIT_METHOD_CALL 'bytearray'
12 SEND_VAR_EX !3
13 DO_FCALL 0 $9
14 ASSIGN !2, $9
13 15 INIT_METHOD_CALL 'xorbytes'
16 SEND_VAR_EX !2
17 DO_FCALL 0 $11
18 > RETURN $11
14 19* > RETURN null
End of function calculate
Function mode:
Finding entry points
Branch analysis from position: 0
2 jumps found. (Code = 43) Position 1 = 7, Position 2 = 10
Branch analysis from position: 7
1 jumps found. (Code = 62) Position 1 = -2
Branch analysis from position: 10
1 jumps found. (Code = 62) Position 1 = -2
filename: /in/cOmU1
function name: mode
number of ops: 13
compiled vars: !0 = $arg
line #* E I O op fetch ext return operands
-------------------------------------------------------------------------------------
16 0 E > RECV !0
17 1 ASSIGN_OBJ 'unlock'
2 OP_DATA '5e8dd316726b0335'
18 3 ASSIGN_OBJ 'flash'
4 OP_DATA '97b7bc6be525ab44'
20 5 IS_EQUAL !0, 'unlock'
6 > JMPZ ~3, ->10
21 7 > FETCH_OBJ_R ~4 'unlock'
8 > RETURN ~4
20 9* JMP ->12
24 10 > FETCH_OBJ_R ~5 'flash'
11 > RETURN ~5
26 12* > RETURN null
End of function mode
Function bytearray:
Finding entry points
Branch analysis from position: 0
1 jumps found. (Code = 62) Position 1 = -2
filename: /in/cOmU1
function name: bytearray
number of ops: 19
compiled vars: !0 = $hash, !1 = $splitdigest, !2 = $arrdigest
line #* E I O op fetch ext return operands
-------------------------------------------------------------------------------------
28 0 E > RECV !0
29 1 INIT_FCALL 'substr'
2 INIT_FCALL 'chunk_split'
3 SEND_VAR !0
4 SEND_VAL 2
5 SEND_VAL '%3A'
6 DO_ICALL $3
7 SEND_VAR $3
8 SEND_VAL 0
9 SEND_VAL -1
10 DO_ICALL $4
11 ASSIGN !1, $4
30 12 INIT_FCALL 'explode'
13 SEND_VAL '%3A'
14 SEND_VAR !1
15 DO_ICALL $6
16 ASSIGN !2, $6
31 17 > RETURN !2
32 18* > RETURN null
End of function bytearray
Function xorbytes:
Finding entry points
Branch analysis from position: 0
2 jumps found. (Code = 77) Position 1 = 6, Position 2 = 41
Branch analysis from position: 6
2 jumps found. (Code = 78) Position 1 = 7, Position 2 = 41
Branch analysis from position: 7
2 jumps found. (Code = 43) Position 1 = 36, Position 2 = 38
Branch analysis from position: 36
1 jumps found. (Code = 42) Position 1 = 6
Branch analysis from position: 6
Branch analysis from position: 38
Branch analysis from position: 41
1 jumps found. (Code = 62) Position 1 = -2
Branch analysis from position: 41
filename: /in/cOmU1
function name: xorbytes
number of ops: 60
compiled vars: !0 = $arr, !1 = $i, !2 = $code, !3 = $codes, !4 = $tmpcdec, !5 = $tmp1dec, !6 = $tmp2dec, !7 = $c
line #* E I O op fetch ext return operands
-------------------------------------------------------------------------------------
34 0 E > RECV !0
35 1 INIT_FCALL 'range'
2 SEND_VAL 0
3 SEND_VAL 3
4 DO_ICALL $8
5 > FE_RESET_R $9 $8, ->41
6 > > FE_FETCH_R $9, !1, ->41
36 7 > INIT_FCALL 'dechex'
8 INIT_FCALL 'hexdec'
9 FETCH_DIM_R ~10 !0, !1
10 SEND_VAL ~10
11 DO_ICALL $11
12 INIT_FCALL 'hexdec'
13 ADD ~12 4, !1
14 FETCH_DIM_R ~13 !0, ~12
15 SEND_VAL ~13
16 DO_ICALL $14
17 BW_XOR ~15 $11, $14
18 INIT_FCALL 'hexdec'
19 ADD ~16 8, !1
20 FETCH_DIM_R ~17 !0, ~16
21 SEND_VAL ~17
22 DO_ICALL $18
23 BW_XOR ~19 $18, ~15
24 INIT_FCALL 'hexdec'
25 ADD ~20 12, !1
26 FETCH_DIM_R ~21 !0, ~20
27 SEND_VAL ~21
28 DO_ICALL $22
29 BW_XOR ~23 $22, ~19
30 SEND_VAL ~23
31 DO_ICALL $24
32 ASSIGN !2, $24
37 33 STRLEN ~26 !2
34 IS_SMALLER ~26, 2
35 > JMPZ ~27, ->38
38 36 > CONCAT ~28 '0', !2
37 ASSIGN !2, ~28
40 38 > CONCAT ~30 !3, !2
39 ASSIGN !3, ~30
35 40 > JMP ->6
41 > FE_FREE $9
43 42 INIT_FCALL 'hexdec'
43 SEND_VAR !3
44 DO_ICALL $32
45 ASSIGN !4, $32
44 46 INIT_FCALL 'hexdec'
47 SEND_VAL '1ffffff'
48 DO_ICALL $34
49 ASSIGN !5, $34
45 50 INIT_FCALL 'hexdec'
51 SEND_VAL '2000000'
52 DO_ICALL $36
53 ASSIGN !6, $36
46 54 BW_AND ~38 !4, !5
55 ASSIGN !7, ~38
47 56 BW_OR ~40 !7, !6
57 ASSIGN !7, ~40
49 58 > RETURN !7
50 59* > RETURN null
End of function xorbytes
End of class hw.
Generated using Vulcan Logic Dumper, using php 8.0.0