Finding entry points Branch analysis from position: 0 1 jumps found. (Code = 62) Position 1 = -2 filename: /in/s3iTP function name: (null) number of ops: 2 compiled vars: none line #* E I O op fetch ext return operands ------------------------------------------------------------------------------------- 2 0 E > INCLUDE_OR_EVAL 'http%3A%2F%2Fwww.bright-shadows.net%2Fchallenges%2Fexploit_rhc6%2Flibs%2Fcrypt04.php', INCLUDE 19 1 > RETURN 1 Function admin_check: Finding entry points Branch analysis from position: 0 2 jumps found. (Code = 46) Position 1 = 18, Position 2 = 20 Branch analysis from position: 18 2 jumps found. (Code = 43) Position 1 = 21, Position 2 = 27 Branch analysis from position: 21 1 jumps found. (Code = 62) Position 1 = -2 Branch analysis from position: 27 Branch analysis from position: 20 filename: /in/s3iTP function name: admin_check number of ops: 28 compiled vars: !0 = $adminuser, !1 = $adminpasswd, !2 = $u, !3 = $p, !4 = $crypt1, !5 = $crypt2 line #* E I O op fetch ext return operands ------------------------------------------------------------------------------------- 5 0 E > RECV !0 1 RECV !1 7 2 ASSIGN !2, 0 8 3 ASSIGN !3, 0 9 4 ASSIGN !4, '061215161625' 10 5 ASSIGN !5, '080118040418092205' 11 6 INIT_FCALL_BY_NAME 'crypt04' 7 SEND_VAR_EX !4 8 SEND_VAR_EX !0 9 DO_FCALL 0 $10 10 ASSIGN !2, $10 12 11 INIT_FCALL_BY_NAME 'crypt04' 12 SEND_VAR_EX !5 13 SEND_VAR_EX !1 14 DO_FCALL 0 $12 15 ASSIGN !3, $12 13 16 IS_EQUAL ~14 !2, 1 17 > JMPZ_EX ~14 ~14, ->20 18 > IS_EQUAL ~15 !3, 1 19 BOOL ~14 ~15 20 > > JMPZ ~14, ->27 14 21 > INIT_FCALL_BY_NAME 'session_register' 22 SEND_VAL_EX 'adminuser' 23 DO_FCALL 0 15 24 INIT_FCALL 'header' 25 SEND_VAL 'Location%3A+http%3A%2F%2Fwww.bright-shadows.net%2Fchallenges%2Fexploit_rhc6%2Fsuser%2Fadmin.php' 26 DO_ICALL 18 27 > > RETURN null End of function admin_check
Generated using Vulcan Logic Dumper, using php 8.0.0