Free Encrypt Your PHP Scripts December 29, 2011Posted by Tournas Dimitrios in PHP.
There’re free and paid tools for encode – obfuscate (scramble) your php scripts . Personally I like Byterun , an online Free PHP Encoder for a small job , it’s an online tool and cost nothing but if you’re in a big project you may looking for other tools . Basically the encrypted script runs like a normal php code , but to the human eye , it just looks like a mess .
<!--?<span class="hiddenSpellError" pre=""-->php echo "Hello world !!!! " ; ?> // After encryption <!--?php $_F=__FILE__;$_X='Pz48P3BocA0KDQo1Y2gyICJINWxsMiB3MnJsZCAhISEhICIgOw0KDQo/Pg==';eval(base64_decode('<span class="hiddenSpellError" pre=""-->JF9YPWJhc2U2NF9kZWNvZGUoJF9YKTskX1g9c3RydHIoJF9YLCcxMjM0NTZhb3VpZScsJ2FvdWllMTIzNDU2Jyk7JF9SPWVyZWdfcmVwbGFjZSgnX19GSUxFX18nLCInIi4kX0YuIiciLCRfWCk7ZXZhbCgkX1IpOyRfUj0wOyRfWD0wOw=='));?>
I don’t have the knowledge to explain what’s going on behind the scenes to produce the encrypted result , but I have the sense that the encoder will rename your variables , functions and classes , as well as remove whitespace and comments . There are those who argue that an scrambled script will not stop someone from reverse-engineering the PHP source code . (In principle , no protection scheme of any kind will stop an adversary with unlimited patience and resources but most adversaries stop when it is easier to just write their own code) . Often the basis of this argument is some small piece of obfuscated code of a dozen lines , whose function is already known , and in this case the argument is right .
Read this post on StackOverflow’s forum .