View previous topic :: View next topic |
Author |
Message |
TRUSTAbyss -
Joined: 29 Oct 2003 Posts: 3752 Location: USA, GA
|
Posted: Wed Apr 25, 2007 7:52 pm Post subject: A treat for you PHP folks. |
|
|
Hello Everyone,
I've been looking for a good PHP Obfuscator for a while and I finally found it!
PHP Obfuscator is a Free Open Source obfuscating tool, written in C# that will
rename all of your variables, classes, and defined functions.
I was amazed when I found out it was Free! The cool thing about it is that it
comes with a Command Line Tool, so you can easily create a PHP script that
uses the tool to Obfuscate code in real time.
This will be the tool to Encode my commercial PHP projects when they're
invented. I have Big plans for the near future!
Check it out!
http://www.raizlabs.com/software/phpobfuscator/
Sincerely, Josh (TRUSTAbyss)
Last edited by TRUSTAbyss on Wed Apr 25, 2007 8:06 pm; edited 1 time in total |
|
Back to top |
|
|
cmxflash -
Joined: 11 Dec 2004 Posts: 872
|
Posted: Wed Apr 25, 2007 8:05 pm Post subject: |
|
|
I'm not really sure how this does add protection to your scripts, most text editors have a "rename all"-function and it shouldn't take too long to rename all variables and classes. |
|
Back to top |
|
|
TRUSTAbyss -
Joined: 29 Oct 2003 Posts: 3752 Location: USA, GA
|
Posted: Wed Apr 25, 2007 8:07 pm Post subject: |
|
|
When you make the variables, classes, functions non-readable, it could be pretty hard to disect it. |
|
Back to top |
|
|
pkSML -
Joined: 29 May 2006 Posts: 952 Location: Michigan, USA
|
Posted: Fri Apr 27, 2007 9:30 pm Post subject: |
|
|
Here's a webpage I just ran across. How? Now that's a good question...
It's some rather obfuscated PHP code.
Anyways, the URL: http://perdu.ch/cgi-bin/u
It seems to be a PHP script to log someone in to a game server????
I was able to successfully extract the "usable" code. _________________ Stephen
Need a LitlURL?
http://CodeBin.yi.org |
|
Back to top |
|
|
TRUSTAbyss -
Joined: 29 Oct 2003 Posts: 3752 Location: USA, GA
|
Posted: Fri Apr 27, 2007 9:34 pm Post subject: |
|
|
pkSML,
That's not Obfuscated code. Obfuscated code is code that has unqiue names for the Variables, Classes, and Functions with no whitespaces. The eval function in the code you showed me can be changed to echo to get the real unencrypted PHP code. I hope to someday write my own PHP extensions to change this. |
|
Back to top |
|
|
pkSML -
Joined: 29 May 2006 Posts: 952 Location: Michigan, USA
|
Posted: Fri Apr 27, 2007 10:46 pm Post subject: |
|
|
I think the definition of obfuscated is pertinent to the code I pointed to.
Dictionary.com says "to make obscure or unclear" - with the etymology meaning "to darken".
It sure looks hard to understand. But, yes, I cracked the code. It was a little more difficult than just looking at all the base64 code. _________________ Stephen
Need a LitlURL?
http://CodeBin.yi.org |
|
Back to top |
|
|
cmxflash -
Joined: 11 Dec 2004 Posts: 872
|
Posted: Fri Apr 27, 2007 10:56 pm Post subject: |
|
|
TRUSTAbyss wrote: | The eval function in the code you showed me can be changed to echo to get the real unencrypted PHP code. I hope to someday write my own PHP extensions to change this. |
The script also used a very simple chipper to prevent you from simply using echo instead of eval.
Here's the full source code to the "encrypted" script, in case anyone wants it:
http://pastebin.ca/461830 (Will be removed in three days due to copyright reasons)
As far as I know, it's not possible to compile PHP. After searching Google for the same topic I also found out that the Zend Encoder doesn't really compile the code, it only "cleans it up" and makes it faster. |
|
Back to top |
|
|
loloyd -
Joined: 03 Mar 2006 Posts: 435 Location: Philippines
|
Posted: Thu May 03, 2007 5:15 pm Post subject: |
|
|
the obfuscation examples sure make long function and variable names. *sigh*. i dunno much about compilers but these things may take more time than normal to "compile" imo. _________________
http://home.loloyd.com/ is online if the logo graphic at left is showing. |
|
Back to top |
|
|
|