3v4l.org

run code in 300+ PHP versions simultaneously
<?php $username="alex.everett@okstate.edu"; //LDAP rdn or dn $password="\x00\x41"; //associated password (poison null byte) // $username=$_POST['username']; //uncomment to test POST request // $password=$_POST['password']; //uncomment to test POST request if (!$username or !$password) { exit(); //typical check for no username or password } //end check 1 if (empty($username) or empty($password)) { exit(); //typical check for no username or password }//end check 2 if (is_null($username) or is_null($password)) { exit(); //typical check for no username or password }//end check 3 //notice that typical checks will not prevent the attack echo(strlen($password) . "\r\n"); //outputs the length of the string // connect to ldap server $ldapconn = ldap_connect("challenge01.root-me.org", "54013") //LDAP server or die("Could not connect to LDAP server"); if ($ldapconn) { // binding to ldap server $ldapbind = ldap_bind($ldapconn, $username, $password); //verify binding. Note that the complete data is not passed. if ($ldapbind) { echo "LDAP bind successful..."; } else { echo "LDAP bind failed..."; } } ?>
Output for git.master, git.master_jit, rfc.property-hooks
2 Fatal error: Uncaught Error: Call to undefined function ldap_connect() in /in/gg279:20 Stack trace: #0 {main} thrown in /in/gg279 on line 20
Process exited with code 255.

This tab shows result from various feature-branches currently under review by the php developers. Contact me to have additional branches featured.

Active branches

Archived branches

Once feature-branches are merged or declined, they are no longer available. Their functionality (when merged) can be viewed from the main output page

preferences:
105.6 ms | 401 KiB | 8 Q