Finding entry points
Branch analysis from position: 0
2 jumps found. (Code = 47) Position 1 = 4, Position 2 = 6
Branch analysis from position: 4
2 jumps found. (Code = 43) Position 1 = 7, Position 2 = 8
Branch analysis from position: 7
1 jumps found. (Code = 62) Position 1 = -2
Branch analysis from position: 8
2 jumps found. (Code = 43) Position 1 = 25, Position 2 = 57
Branch analysis from position: 25
2 jumps found. (Code = 43) Position 1 = 31, Position 2 = 57
Branch analysis from position: 31
1 jumps found. (Code = 62) Position 1 = -2
Branch analysis from position: 57
Branch analysis from position: 57
Branch analysis from position: 6
filename: /in/vsa80
function name: (null)
number of ops: 58
compiled vars: !0 = $md5_secret, !1 = $v, !2 = $data, !3 = $vars, !4 = $check_token, !5 = $md5Hash, !6 = $result
line #* E I O op fetch ext return operands
-------------------------------------------------------------------------------------
142 0 E > ASSIGN !0, '96b90f3b34525c54ff21c0caa1f71d19'
144 1 ISSET_ISEMPTY_VAR 2 ~8 '_POST'
2 BOOL_NOT ~9 ~8
3 > JMPNZ_EX ~9 ~9, ->6
4 > ISSET_ISEMPTY_VAR 3 ~10 '_POST'
5 BOOL ~9 ~10
6 > > JMPZ ~9, ->8
7 > > RETURN null
145 8 > INIT_FCALL 'array_shift'
9 FETCH_W global $11 '_POST'
10 SEND_REF $11
11 DO_ICALL $12
12 ASSIGN !1, $12
146 13 INIT_FCALL 'decrypt_reply_data'
14 INIT_FCALL 'dec_and_hash'
15 SEND_VAR !1
16 INIT_FCALL 'md5'
17 SEND_VAL 'dAaCZzzzaAsdASDa%21%23%23%40'
18 DO_ICALL $14
19 SEND_VAR $14
20 DO_FCALL 0 $15
21 SEND_VAR $15
22 DO_FCALL 0 $16
23 ASSIGN ~17 !2, $16
24 > JMPZ ~17, ->57
147 25 > INIT_FCALL 'parse_str'
26 SEND_VAR !2
27 SEND_REF !3
28 DO_ICALL
148 29 ISSET_ISEMPTY_DIM_OBJ 0 !3, 'check_token'
30 > JMPZ ~19, ->57
149 31 > FETCH_DIM_R ~20 !3, 'check_token'
32 ASSIGN !4, ~20
150 33 INIT_FCALL 'md5'
34 CONCAT ~22 !0, !4
35 SEND_VAL ~22
36 DO_ICALL $23
37 ASSIGN !5, $23
168 38 CONCAT ~25 '%3Cstatus%3EActive%3C%2Fstatus%3E%3Cregisteredname%3E%3C%2Fregisteredname%3E%5Cn%3Ccompanyname%3E%3C%2Fcompanyname%3E%5Cn%3Cemail%3E%3C%2Femail%3E%5Cn%3Cserviceid%3E1%3C%2Fserviceid%3E%5Cn%3Cproductid%3E1%3C%2Fproductid%3E%5Cn%3Cproductname%3E%3C%2Fproductname%3E%5Cn%3Cregdate%3E2015-02-15%3C%2Fregdate%3E%5Cn%3Cnextduedate%3E2050-12-15%3C%2Fnextduedate%3E%5Cn%3Cbillingcycle%3E%3C%2Fbillingcycle%3E%5Cn%3Cvaliddomain%3E%3C%2Fvaliddomain%3E%5Cn%3Cvalidip%3E%3C%2Fvalidip%3E%5Cn%3Cvaliddirectory%3E%3C%2Fvaliddirectory%3E%5Cn%3CSomething+is+wrongoptions%3EExtra+Load+Balancer+Servers%3D5%3C%2FSomething+is+wrongoptions%3E%5Cn%3Ccustomfields%3E%3C%2Fcustomfields%3E%5Cn%3Caddons%3Ename%3DCopyRights+Removal%3Bnextduedate%3D0000-00-00%3Bstatus%3DActive%7Cname%3DDetect+Reshares+with+No+permissions%3Bnextduedate%3D2015-04-15%3Bstatus%3DActive%3C%2Faddons%3E%5Cn%3Cmd5hash%3E', !5
39 CONCAT ~26 ~25, '%3C%2Fmd5hash%3E'
151 40 ASSIGN !6, ~26
170 41 INIT_FCALL 'enc_and_hash'
42 INIT_FCALL 'enc_and_obfuscate'
43 SEND_VAR !6
44 INIT_FCALL 'gen_random_string'
45 SEND_VAL 32
46 DO_FCALL 0 $28
47 SEND_VAR $28
48 DO_FCALL 0 $29
49 SEND_VAR $29
50 INIT_FCALL 'md5'
51 SEND_VAL 'XTREAMCODES_FTW%21'
52 DO_ICALL $30
53 SEND_VAR $30
54 DO_FCALL 0 $31
55 ASSIGN !6, $31
171 56 ECHO !6
173 57 > > RETURN 1
Function gen_random_string:
Finding entry points
Branch analysis from position: 0
1 jumps found. (Code = 42) Position 1 = 13
Branch analysis from position: 13
2 jumps found. (Code = 44) Position 1 = 15, Position 2 = 6
Branch analysis from position: 15
1 jumps found. (Code = 62) Position 1 = -2
Branch analysis from position: 6
2 jumps found. (Code = 44) Position 1 = 15, Position 2 = 6
Branch analysis from position: 15
Branch analysis from position: 6
filename: /in/vsa80
function name: gen_random_string
number of ops: 17
compiled vars: !0 = $len, !1 = $dict, !2 = $dict_len, !3 = $res
line #* E I O op fetch ext return operands
-------------------------------------------------------------------------------------
3 0 E > RECV !0
1 RECV_INIT !1 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789'
5 2 STRLEN ~4 !1
3 ASSIGN !2, ~4
6 4 ASSIGN !3, ''
7 5 > JMP ->13
6 > INIT_FCALL 'mt_rand'
7 SEND_VAL 0
8 SUB ~7 !2, 1
9 SEND_VAL ~7
10 DO_ICALL $8
11 FETCH_DIM_R ~9 !1, $8
12 ASSIGN_OP 8 !3, ~9
13 > POST_DEC ~11 !0
14 > JMPNZ ~11, ->6
8 15 > > RETURN !3
9 16* > RETURN null
End of function gen_random_string
Function enc_and_obfuscate:
Finding entry points
Branch analysis from position: 0
1 jumps found. (Code = 62) Position 1 = -2
filename: /in/vsa80
function name: enc_and_obfuscate
number of ops: 45
compiled vars: !0 = $data, !1 = $enc_key, !2 = $iv_size, !3 = $iv, !4 = $enc_data, !5 = $result
line #* E I O op fetch ext return operands
-------------------------------------------------------------------------------------
11 0 E > RECV !0
1 RECV !1
13 2 INIT_FCALL_BY_NAME 'mcrypt_get_iv_size'
3 FETCH_CONSTANT ~6 'MCRYPT_RIJNDAEL_256'
4 SEND_VAL_EX ~6
5 FETCH_CONSTANT ~7 'MCRYPT_MODE_ECB'
6 SEND_VAL_EX ~7
7 DO_FCALL 0 $8
8 ASSIGN !2, $8
14 9 INIT_FCALL_BY_NAME 'mcrypt_create_iv'
10 SEND_VAR_EX !2
11 FETCH_CONSTANT ~10 'MCRYPT_RAND'
12 SEND_VAL_EX ~10
13 DO_FCALL 0 $11
14 ASSIGN !3, $11
15 15 INIT_FCALL_BY_NAME 'mcrypt_encrypt'
16 FETCH_CONSTANT ~13 'MCRYPT_RIJNDAEL_256'
17 SEND_VAL_EX ~13
18 SEND_VAR_EX !1
19 SEND_VAR_EX !0
20 FETCH_CONSTANT ~14 'MCRYPT_MODE_ECB'
21 SEND_VAL_EX ~14
22 SEND_VAR_EX !3
23 DO_FCALL 0 $15
24 ASSIGN !4, $15
16 25 INIT_FCALL 'base64_encode'
26 SEND_VAR !4
27 DO_ICALL $17
28 ASSIGN !5, $17
17 29 INIT_FCALL 'str_replace'
30 SEND_VAL <array>
31 SEND_VAL <array>
32 SEND_VAR !5
33 DO_ICALL $19
34 ASSIGN !5, $19
18 35 INIT_FCALL_BY_NAME 'mask_enc_key'
36 SEND_VAR_EX !5
37 SEND_VAR_EX !1
38 DO_FCALL 0 $21
39 ASSIGN !5, $21
19 40 INIT_FCALL 'trim'
41 SEND_VAR !5
42 DO_ICALL $23
43 > RETURN $23
20 44* > RETURN null
End of function enc_and_obfuscate
Function enc_and_hash:
Finding entry points
Branch analysis from position: 0
1 jumps found. (Code = 62) Position 1 = -2
filename: /in/vsa80
function name: enc_and_hash
number of ops: 58
compiled vars: !0 = $data, !1 = $enc_key, !2 = $iv, !3 = $sha_hash, !4 = $encryped_hash, !5 = $result
line #* E I O op fetch ext return operands
-------------------------------------------------------------------------------------
23 0 E > RECV !0
1 RECV !1
25 2 INIT_FCALL 'serialize'
3 SEND_VAR !0
4 DO_ICALL $6
5 ASSIGN !0, $6
26 6 INIT_FCALL_BY_NAME 'mcrypt_create_iv'
7 INIT_FCALL_BY_NAME 'mcrypt_get_iv_size'
8 FETCH_CONSTANT ~8 'MCRYPT_RIJNDAEL_256'
9 SEND_VAL_EX ~8
10 FETCH_CONSTANT ~9 'MCRYPT_MODE_CBC'
11 SEND_VAL_EX ~9
12 DO_FCALL 0 $10
13 SEND_VAR_NO_REF_EX $10
14 FETCH_CONSTANT ~11 'MCRYPT_DEV_URANDOM'
15 SEND_VAL_EX ~11
16 DO_FCALL 0 $12
17 ASSIGN !2, $12
27 18 INIT_FCALL 'pack'
19 SEND_VAL 'H%2A'
20 SEND_VAR !1
21 DO_ICALL $14
22 ASSIGN !1, $14
28 23 INIT_FCALL 'hash_hmac'
24 SEND_VAL 'sha256'
25 SEND_VAR !0
26 INIT_FCALL 'substr'
27 INIT_FCALL 'bin2hex'
28 SEND_VAR !1
29 DO_ICALL $16
30 SEND_VAR $16
31 SEND_VAL -32
32 DO_ICALL $17
33 SEND_VAR $17
34 DO_ICALL $18
35 ASSIGN !3, $18
29 36 INIT_FCALL_BY_NAME 'mcrypt_encrypt'
37 FETCH_CONSTANT ~20 'MCRYPT_RIJNDAEL_256'
38 SEND_VAL_EX ~20
39 SEND_VAR_EX !1
40 CONCAT ~21 !0, !3
41 SEND_VAL_EX ~21
42 FETCH_CONSTANT ~22 'MCRYPT_MODE_CBC'
43 SEND_VAL_EX ~22
44 SEND_VAR_EX !2
45 DO_FCALL 0 $23
46 ASSIGN !4, $23
30 47 INIT_FCALL 'base64_encode'
48 SEND_VAR !4
49 DO_ICALL $25
50 CONCAT ~26 $25, '%7C'
51 INIT_FCALL 'base64_encode'
52 SEND_VAR !2
53 DO_ICALL $27
54 CONCAT ~28 ~26, $27
55 ASSIGN !5, ~28
31 56 > RETURN !5
32 57* > RETURN null
End of function enc_and_hash
Function dec_and_hash:
Finding entry points
Branch analysis from position: 0
2 jumps found. (Code = 43) Position 1 = 27, Position 2 = 28
Branch analysis from position: 27
1 jumps found. (Code = 62) Position 1 = -2
Branch analysis from position: 28
2 jumps found. (Code = 43) Position 1 = 72, Position 2 = 73
Branch analysis from position: 72
1 jumps found. (Code = 62) Position 1 = -2
Branch analysis from position: 73
1 jumps found. (Code = 62) Position 1 = -2
filename: /in/vsa80
function name: dec_and_hash
number of ops: 79
compiled vars: !0 = $data, !1 = $enc_key, !2 = $enc_data, !3 = $iv, !4 = $result, !5 = $sha_hash_from_result, !6 = $sha_hash
line #* E I O op fetch ext return operands
-------------------------------------------------------------------------------------
34 0 E > RECV !0
1 RECV !1
36 2 INIT_FCALL 'explode'
3 SEND_VAL '%7C'
4 CONCAT ~7 !0, '%7C'
5 SEND_VAL ~7
6 DO_ICALL $8
7 ASSIGN !0, $8
37 8 INIT_FCALL 'base64_decode'
9 FETCH_DIM_R ~10 !0, 0
10 SEND_VAL ~10
11 DO_ICALL $11
12 ASSIGN !2, $11
38 13 INIT_FCALL 'base64_decode'
14 FETCH_DIM_R ~13 !0, 1
15 SEND_VAL ~13
16 DO_ICALL $14
17 ASSIGN !3, $14
39 18 STRLEN ~16 !3
19 INIT_FCALL_BY_NAME 'mcrypt_get_iv_size'
20 FETCH_CONSTANT ~17 'MCRYPT_RIJNDAEL_256'
21 SEND_VAL_EX ~17
22 FETCH_CONSTANT ~18 'MCRYPT_MODE_CBC'
23 SEND_VAL_EX ~18
24 DO_FCALL 0 $19
25 IS_NOT_IDENTICAL $19, ~16
26 > JMPZ ~20, ->28
40 27 > > RETURN <false>
42 28 > INIT_FCALL 'pack'
29 SEND_VAL 'H%2A'
30 SEND_VAR !1
31 DO_ICALL $21
32 ASSIGN !1, $21
43 33 INIT_FCALL 'trim'
34 INIT_FCALL_BY_NAME 'mcrypt_decrypt'
35 FETCH_CONSTANT ~23 'MCRYPT_RIJNDAEL_256'
36 SEND_VAL_EX ~23
37 SEND_VAR_EX !1
38 SEND_VAR_EX !2
39 FETCH_CONSTANT ~24 'MCRYPT_MODE_CBC'
40 SEND_VAL_EX ~24
41 SEND_VAR_EX !3
42 DO_FCALL 0 $25
43 SEND_VAR $25
44 DO_ICALL $26
45 ASSIGN !4, $26
44 46 INIT_FCALL 'substr'
47 SEND_VAR !4
48 SEND_VAL -64
49 DO_ICALL $28
50 ASSIGN !5, $28
45 51 INIT_FCALL 'substr'
52 SEND_VAR !4
53 SEND_VAL 0
54 SEND_VAL -64
55 DO_ICALL $30
56 ASSIGN !4, $30
46 57 INIT_FCALL 'hash_hmac'
58 SEND_VAL 'sha256'
59 SEND_VAR !4
60 INIT_FCALL 'substr'
61 INIT_FCALL 'bin2hex'
62 SEND_VAR !1
63 DO_ICALL $32
64 SEND_VAR $32
65 SEND_VAL -32
66 DO_ICALL $33
67 SEND_VAR $33
68 DO_ICALL $34
69 ASSIGN !6, $34
47 70 IS_NOT_IDENTICAL !6, !5
71 > JMPZ ~36, ->73
48 72 > > RETURN <false>
50 73 > INIT_FCALL 'unserialize'
74 SEND_VAR !4
75 DO_ICALL $37
76 ASSIGN !4, $37
51 77 > RETURN !4
52 78* > RETURN null
End of function dec_and_hash
Function decrypt_reply_data:
Finding entry points
Branch analysis from position: 0
1 jumps found. (Code = 42) Position 1 = 19
Branch analysis from position: 19
2 jumps found. (Code = 44) Position 1 = 21, Position 2 = 11
Branch analysis from position: 21
2 jumps found. (Code = 43) Position 1 = 67, Position 2 = 72
Branch analysis from position: 67
1 jumps found. (Code = 62) Position 1 = -2
Branch analysis from position: 72
Branch analysis from position: 11
2 jumps found. (Code = 44) Position 1 = 21, Position 2 = 11
Branch analysis from position: 21
Branch analysis from position: 11
filename: /in/vsa80
function name: decrypt_reply_data
number of ops: 101
compiled vars: !0 = $data, !1 = $vars, !2 = $count_vars, !3 = $enc_key, !4 = $i, !5 = $data_length, !6 = $preg_result, !7 = $base64_data, !8 = $base64_data_parity, !9 = $enc_data, !10 = $iv_size, !11 = $iv, !12 = $decrypted_result
line #* E I O op fetch ext return operands
-------------------------------------------------------------------------------------
54 0 E > RECV !0
56 1 INIT_FCALL 'explode'
2 SEND_VAL '%3A'
3 SEND_VAR !0
4 DO_ICALL $13
5 ASSIGN !1, $13
57 6 COUNT ~15 !1
7 ASSIGN !2, ~15
58 8 ASSIGN !3, ''
59 9 ASSIGN !4, 1
10 > JMP ->19
60 11 > INIT_FCALL 'substr'
12 FETCH_DIM_R ~19 !1, !4
13 SEND_VAL ~19
14 SEND_VAL 0
15 SEND_VAL 1
16 DO_ICALL $20
17 ASSIGN_OP 8 !3, $20
59 18 PRE_INC !4
19 > IS_SMALLER !4, !2
20 > JMPNZ ~23, ->11
63 21 > INIT_FCALL 'substr'
22 SEND_VAR !0
23 SEND_VAL 0
24 SEND_VAL 1
25 DO_ICALL $24
26 ASSIGN !5, $24
64 27 INIT_FCALL 'substr'
28 SEND_VAR !0
29 SEND_VAL -1
30 DO_ICALL $26
31 ASSIGN_OP 8 !5, $26
65 32 INIT_FCALL 'substr'
33 SEND_VAR !0
34 SEND_VAL 1
35 DO_ICALL $28
36 ASSIGN !0, $28
66 37 INIT_FCALL 'substr'
38 SEND_VAR !0
39 SEND_VAL 0
40 SEND_VAL -1
41 DO_ICALL $30
42 ASSIGN !0, $30
67 43 INIT_FCALL 'preg_match_all'
44 CONCAT ~32 '%2F%5B0-9a-zA-Z%5D%7B', !5
45 CONCAT ~33 ~32, '%7D%5C%3A.%2F'
46 SEND_VAL ~33
47 SEND_VAR !0
48 SEND_REF !6
49 DO_ICALL
68 50 INIT_FCALL 'str_replace'
51 FETCH_DIM_R ~35 !6, 0
52 SEND_VAL ~35
53 SEND_VAL <array>
54 SEND_VAR !0
55 DO_ICALL $36
56 ASSIGN !0, $36
69 57 INIT_FCALL 'str_replace'
58 SEND_VAL <array>
59 SEND_VAL <array>
60 SEND_VAR !0
61 DO_ICALL $38
62 ASSIGN !7, $38
70 63 STRLEN ~40 !7
64 MOD ~41 ~40, 4
65 ASSIGN !8, ~41
71 66 > JMPZ !8, ->72
72 67 > INIT_FCALL 'substr'
68 SEND_VAL '%3D%3D%3D%3D'
69 SEND_VAR !8
70 DO_ICGenerated using Vulcan Logic Dumper, using php 8.0.0