3v4l.org

run code in 300+ PHP versions simultaneously
<?php $dn="cn=admin"; $pass="\x00\x41"; if (empty($dn) or empty($pass)) { exit(); } //check for empty strings //if (preg_match('/[^a-zA-Z]/',$dn) or preg_match('/[^a-zA-Z0-9\x20!@#$%^&*()]/',$pass)) { exit(); } //check for expected values (whitelisting) //if (preg_match('/\x00/',$dn) or preg_match('/\x00/',$pass)) { exit(); } //check for null byte (blacklisting) $ldapconn=ldap_connect("challenge01.root-me.org", "54013") or die("Could not connect to LDAP server."); if ($ldapconn) { ldap_set_option($ldapconn, LDAP_OPT_PROTOCOL_VERSION, 3); $ldapbind=ldap_bind($ldapconn, $dn, $pass); if ($ldapbind) { echo("success"); } else { echo("fail"); } } ?>
Finding entry points
Branch analysis from position: 0
2 jumps found. (Code = 47) Position 1 = 4, Position 2 = 6
Branch analysis from position: 4
2 jumps found. (Code = 43) Position 1 = 7, Position 2 = 8
Branch analysis from position: 7
1 jumps found. (Code = 79) Position 1 = -2
Branch analysis from position: 8
2 jumps found. (Code = 47) Position 1 = 14, Position 2 = 16
Branch analysis from position: 14
1 jumps found. (Code = 79) Position 1 = -2
Branch analysis from position: 16
2 jumps found. (Code = 43) Position 1 = 17, Position 2 = 33
Branch analysis from position: 17
2 jumps found. (Code = 43) Position 1 = 30, Position 2 = 32
Branch analysis from position: 30
1 jumps found. (Code = 42) Position 1 = 33
Branch analysis from position: 33
1 jumps found. (Code = 62) Position 1 = -2
Branch analysis from position: 32
1 jumps found. (Code = 62) Position 1 = -2
Branch analysis from position: 33
Branch analysis from position: 6
filename:       /in/umN77
function name:  (null)
number of ops:  34
compiled vars:  !0 = $dn, !1 = $pass, !2 = $ldapconn, !3 = $ldapbind
line      #* E I O op                           fetch          ext  return  operands
-------------------------------------------------------------------------------------
    2     0  E >   ASSIGN                                                   !0, 'cn%3Dadmin'
    3     1        ASSIGN                                                   !1, '%00A'
    4     2        ISSET_ISEMPTY_CV                                 ~6      !0
          3      > JMPNZ_EX                                         ~6      ~6, ->6
          4    >   ISSET_ISEMPTY_CV                                 ~7      !1
          5        BOOL                                             ~6      ~7
          6    > > JMPZ                                                     ~6, ->8
          7    > > EXIT                                                     
    7     8    >   INIT_FCALL_BY_NAME                                       'ldap_connect'
          9        SEND_VAL_EX                                              'challenge01.root-me.org'
         10        SEND_VAL_EX                                              '54013'
         11        DO_FCALL                                      0  $8      
         12        ASSIGN                                           ~9      !2, $8
         13      > JMPNZ_EX                                         ~9      ~9, ->16
         14    > > EXIT                                                     'Could+not+connect+to+LDAP+server.'
         15*       BOOL                                             ~9      <true>
    8    16    > > JMPZ                                                     !2, ->33
    9    17    >   INIT_FCALL_BY_NAME                                       'ldap_set_option'
         18        SEND_VAR_EX                                              !2
         19        FETCH_CONSTANT                                   ~10     'LDAP_OPT_PROTOCOL_VERSION'
         20        SEND_VAL_EX                                              ~10
         21        SEND_VAL_EX                                              3
         22        DO_FCALL                                      0          
   10    23        INIT_FCALL_BY_NAME                                       'ldap_bind'
         24        SEND_VAR_EX                                              !2
         25        SEND_VAR_EX                                              !0
         26        SEND_VAR_EX                                              !1
         27        DO_FCALL                                      0  $12     
         28        ASSIGN                                                   !3, $12
   11    29      > JMPZ                                                     !3, ->32
   12    30    >   ECHO                                                     'success'
         31      > JMP                                                      ->33
   14    32    >   ECHO                                                     'fail'
   17    33    > > RETURN                                                   1

Generated using Vulcan Logic Dumper, using php 8.0.0

preferences:
175.28 ms | 1399 KiB | 13 Q