I am a pentester working on a project and I stumbled on an encrypted PHP file. My idea is trying to modify PHP's source code so it dumps every function called name, arg names, arg types, and values.
I tried modifying the _zend_vm_stack_push_call_frame_ex function in the zend_execute.c according to the picture bellow but dumping the arg names is not working.
Does anyone know how to implement this properly or at least tell me what I am doing wrong on dumping the arg names?
Found the answer.
So basically there are internal functions and user functions. User functions contains an array of arg_info of type zend_string while internal functions contains an array of internal_arg_info of type const char*.
This is the current code which dumps arg names properly: