Finding entry points
Branch analysis from position: 0
2 jumps found. (Code = 43) Position 1 = 6, Position 2 = 21
Branch analysis from position: 6
1 jumps found. (Code = 42) Position 1 = 22
Branch analysis from position: 22
1 jumps found. (Code = 62) Position 1 = -2
Branch analysis from position: 21
1 jumps found. (Code = 62) Position 1 = -2
filename: /in/sCXPi
function name: (null)
number of ops: 76
compiled vars: !0 = $plaintext, !1 = $salt
line #* E I O op fetch ext return operands
-------------------------------------------------------------------------------------
40 0 E > ASSIGN !0, 'mySuperSecretPassword'
41 1 ASSIGN !1, ''
42 2 INIT_FCALL 'function_exists'
3 SEND_VAL 'random_bytes'
4 DO_ICALL $4
5 > JMPZ $4, ->21
44 6 > INIT_FCALL 'substr'
7 INIT_FCALL 'md5'
8 INIT_FCALL 'random_bytes'
9 SEND_VAL 16
10 DO_ICALL $5
11 SEND_VAR $5
12 DO_ICALL $6
13 SEND_VAR $6
14 SEND_VAL 0
15 SEND_VAL 12
16 DO_ICALL $7
17 CONCAT ~8 '%242%24', $7
18 CONCAT ~9 ~8, '%24'
19 ASSIGN !1, ~9
20 > JMP ->22
49 21 > ASSIGN !1, '%242%249936b047ea8b%24'
51 22 > INIT_FCALL 'crypt'
23 SEND_VAR !0
24 INIT_FCALL 'substr'
25 INIT_FCALL 'md5'
26 INIT_FCALL 'random_bytes'
27 SEND_VAL 16
28 DO_ICALL $12
29 SEND_VAR $12
30 DO_ICALL $13
31 SEND_VAR $13
32 SEND_VAL 0
33 SEND_VAL 12
34 DO_ICALL $14
35 CONCAT ~15 '%242%24', $14
36 CONCAT ~16 ~15, '%24'
37 SEND_VAL ~16
38 DO_ICALL $17
39 STRLEN ~18 $17
40 CONCAT ~19 ~18, '%0A'
41 ECHO ~19
52 42 INIT_FCALL 'crypt'
43 SEND_VAR !0
44 INIT_FCALL 'substr'
45 INIT_FCALL 'md5'
46 INIT_FCALL 'random_bytes'
47 SEND_VAL 16
48 DO_ICALL $20
49 SEND_VAR $20
50 DO_ICALL $21
51 SEND_VAR $21
52 SEND_VAL 0
53 SEND_VAL 12
54 DO_ICALL $22
55 CONCAT ~23 '%242%24', $22
56 CONCAT ~24 ~23, '%24'
57 SEND_VAL ~24
58 DO_ICALL $25
59 CONCAT ~26 $25, '%0A'
60 ECHO ~26
53 61 INIT_FCALL 'getcryptedpassword'
62 SEND_VAR !0
63 SEND_VAR !1
64 SEND_VAL 'crypt-blowfish'
65 DO_FCALL 0 $27
66 STRLEN ~28 $27
67 CONCAT ~29 ~28, '%0A'
68 ECHO ~29
54 69 INIT_FCALL 'getcryptedpassword'
70 SEND_VAR !0
71 SEND_VAR !1
72 SEND_VAL 'crypt-blowfish'
73 DO_FCALL 0 $30
74 ECHO $30
75 > RETURN 1
Function getcryptedpassword:
Finding entry points
Branch analysis from position: 0
2 jumps found. (Code = 43) Position 1 = 5, Position 2 = 17
Branch analysis from position: 5
1 jumps found. (Code = 42) Position 1 = 37
Branch analysis from position: 37
9 jumps found. (Code = 188) Position 1 = 53, Position 2 = 54, Position 3 = 69, Position 4 = 69, Position 5 = 69, Position 6 = 69, Position 7 = 79, Position 8 = 79, Position 9 = 38
Branch analysis from position: 53
1 jumps found. (Code = 62) Position 1 = -2
Branch analysis from position: 54
2 jumps found. (Code = 43) Position 1 = 64, Position 2 = 67
Branch analysis from position: 64
1 jumps found. (Code = 42) Position 1 = 68
Branch analysis from position: 68
1 jumps found. (Code = 62) Position 1 = -2
Branch analysis from position: 67
1 jumps found. (Code = 62) Position 1 = -2
Branch analysis from position: 69
2 jumps found. (Code = 43) Position 1 = 70, Position 2 = 72
Branch analysis from position: 70
1 jumps found. (Code = 42) Position 1 = 73
Branch analysis from position: 73
1 jumps found. (Code = 62) Position 1 = -2
Branch analysis from position: 72
1 jumps found. (Code = 62) Position 1 = -2
Branch analysis from position: 69
Branch analysis from position: 69
Branch analysis from position: 69
Branch analysis from position: 79
2 jumps found. (Code = 43) Position 1 = 80, Position 2 = 86
Branch analysis from position: 80
1 jumps found. (Code = 42) Position 1 = 90
Branch analysis from position: 90
2 jumps found. (Code = 43) Position 1 = 92, Position 2 = 95
Branch analysis from position: 92
1 jumps found. (Code = 42) Position 1 = 96
Branch analysis from position: 96
1 jumps found. (Code = 62) Position 1 = -2
Branch analysis from position: 95
1 jumps found. (Code = 62) Position 1 = -2
Branch analysis from position: 86
2 jumps found. (Code = 43) Position 1 = 92, Position 2 = 95
Branch analysis from position: 92
Branch analysis from position: 95
Branch analysis from position: 79
Branch analysis from position: 38
2 jumps found. (Code = 44) Position 1 = 40, Position 2 = 53
Branch analysis from position: 40
2 jumps found. (Code = 44) Position 1 = 42, Position 2 = 54
Branch analysis from position: 42
2 jumps found. (Code = 44) Position 1 = 44, Position 2 = 69
Branch analysis from position: 44
2 jumps found. (Code = 44) Position 1 = 46, Position 2 = 69
Branch analysis from position: 46
2 jumps found. (Code = 44) Position 1 = 48, Position 2 = 69
Branch analysis from position: 48
2 jumps found. (Code = 44) Position 1 = 50, Position 2 = 69
Branch analysis from position: 50
2 jumps found. (Code = 44) Position 1 = 52, Position 2 = 79
Branch analysis from position: 52
1 jumps found. (Code = 42) Position 1 = 79
Branch analysis from position: 79
Branch analysis from position: 79
Branch analysis from position: 69
Branch analysis from position: 69
Branch analysis from position: 69
Branch analysis from position: 69
Branch analysis from position: 54
Branch analysis from position: 53
Branch analysis from position: 17
2 jumps found. (Code = 43) Position 1 = 21, Position 2 = 36
Branch analysis from position: 21
1 jumps found. (Code = 42) Position 1 = 37
Branch analysis from position: 37
Branch analysis from position: 36
9 jumps found. (Code = 188) Position 1 = 53, Position 2 = 54, Position 3 = 69, Position 4 = 69, Position 5 = 69, Position 6 = 69, Position 7 = 79, Position 8 = 79, Position 9 = 38
Branch analysis from position: 53
Branch analysis from position: 54
Branch analysis from position: 69
Branch analysis from position: 69
Branch analysis from position: 69
Branch analysis from position: 69
Branch analysis from position: 79
Branch analysis from position: 79
Branch analysis from position: 38
filename: /in/sCXPi
function name: getCryptedPassword
number of ops: 98
compiled vars: !0 = $plaintext, !1 = $salt, !2 = $encryption, !3 = $show_encrypt, !4 = $encrypted
line #* E I O op fetch ext return operands
-------------------------------------------------------------------------------------
2 0 E > RECV !0
1 RECV_INIT !1 ''
2 RECV_INIT !2 'crypt-blowfish'
3 RECV_INIT !3 <false>
5 4 > JMPZ !1, ->17
7 5 > INIT_FCALL 'substr'
6 INIT_FCALL 'preg_replace'
7 SEND_VAL '%7C%5E%7Bcrypt%7D%7Ci'
8 SEND_VAL ''
9 SEND_VAR !1
10 DO_ICALL $5
11 SEND_VAR $5
12 SEND_VAL 0
13 SEND_VAL 16
14 DO_ICALL $6
15 ASSIGN !1, $6
16 > JMP ->37
11 17 > INIT_FCALL 'function_exists'
18 SEND_VAL 'random_bytes'
19 DO_ICALL $8
20 > JMPZ $8, ->36
13 21 > INIT_FCALL 'substr'
22 INIT_FCALL 'md5'
23 INIT_FCALL 'random_bytes'
24 SEND_VAL 16
25 DO_ICALL $9
26 SEND_VAR $9
27 DO_ICALL $10
28 SEND_VAR $10
29 SEND_VAL 0
30 SEND_VAL 12
31 DO_ICALL $11
32 CONCAT ~12 '%242%24', $11
33 CONCAT ~13 ~12, '%24'
34 ASSIGN !1, ~13
35 > JMP ->37
18 36 > ASSIGN !1, '%242%249936b047ea8b%24'
22 37 > > SWITCH_STRING !2, [ 'plain':->53, 'sha':->54, 'crypt':->69, 'crypt-des':->69, 'crypt-md5':->69, 'crypt-blowfish':->69, 'md5-hex':->79, ], ->79
24 38 > IS_EQUAL !2, 'plain'
39 > JMPNZ ~16, ->53
26 40 > IS_EQUAL !2, 'sha'
41 > JMPNZ ~16, ->54
29 42 > IS_EQUAL !2, 'crypt'
43 > JMPNZ ~16, ->69
30 44 > IS_EQUAL !2, 'crypt-des'
45 > JMPNZ ~16, ->69
31 46 > IS_EQUAL !2, 'crypt-md5'
47 > JMPNZ ~16, ->69
32 48 > IS_EQUAL !2, 'crypt-blowfish'
49 > JMPNZ ~16, ->69
34 50 > IS_EQUAL !2, 'md5-hex'
51 > JMPNZ ~16, ->79
52 > > JMP ->79
25 53 > > RETURN !0
27 54 > INIT_FCALL 'base64_encode'
55 INIT_FCALL_BY_NAME 'mhash'
56 FETCH_CONSTANT ~17 'MHASH_SHA1'
57 SEND_VAL_EX ~17
58 SEND_VAR_EX !0
59 DO_FCALL 0 $18
60 SEND_VAR $18
61 DO_ICALL $19
62 ASSIGN !4, $19
28 63 > JMPZ !3, ->67
64 > CONCAT ~21 '%7BSHA%7D', !4
65 QM_ASSIGN ~22 ~21
66 > JMP ->68
67 > QM_ASSIGN ~22 !4
68 > > RETURN ~22
33 69 > > JMPZ !3, ->72
70 > QM_ASSIGN ~23 '%7Bcrypt%7D'
71 > JMP ->73
72 > QM_ASSIGN ~23 ''
73 > INIT_FCALL 'crypt'
74 SEND_VAR !0
75 SEND_VAR !1
76 DO_ICALL $24
77 CONCAT ~25 ~23, $24
78 > RETURN ~25
36 79 > > JMPZ !1, ->86
80 > INIT_FCALL 'md5'
81 CONCAT ~26 !0, !1
82 SEND_VAL ~26
83 DO_ICALL $27
84 QM_ASSIGN ~28 $27
85 > JMP ->90
86 > INIT_FCALL 'md5'
87 SEND_VAR !0
88 DO_ICALL $29
89 QM_ASSIGN ~28 $29
90 > ASSIGN !4, ~28
37 91 > JMPZ !3, ->95
92 > CONCAT ~31 '%7BMD5%7D', !4
93 QM_ASSIGN ~32 ~31
94 > JMP ->96
95 > QM_ASSIGN ~32 !4
96 > > RETURN ~32
39 97* > RETURN null
End of function getcryptedpassword
Generated using Vulcan Logic Dumper, using php 8.0.0