jump to navigation

Free Encrypt Your PHP Scripts December 29, 2011

Posted by Tournas Dimitrios in PHP.

There’re free and paid tools for encode – obfuscate (scramble) your php scripts . Personally I like Byterun , an online Free PHP Encoder for a small job ,  it’s an online tool and cost nothing but if you’re in a big project you may looking for other tools . Basically the encrypted script runs like a normal php code , but to the human eye , it just looks like a mess .

<!--?<span class="hiddenSpellError" pre=""-->php
echo "Hello world !!!! " ;


// After encryption

<!--?php $_F=__FILE__;$_X='Pz48P3BocA0KDQo1Y2gyICJINWxsMiB3MnJsZCAhISEhICIgOw0KDQo/Pg==';eval(base64_decode('<span class="hiddenSpellError" pre=""-->JF9YPWJhc2U2NF9kZWNvZGUoJF9YKTskX1g9c3RydHIoJF9YLCcxMjM0NTZhb3VpZScsJ2FvdWllMTIzNDU2Jyk7JF9SPWVyZWdfcmVwbGFjZSgnX19GSUxFX18nLCInIi4kX0YuIiciLCRfWCk7ZXZhbCgkX1IpOyRfUj0wOyRfWD0wOw=='));?>


I don’t have the knowledge to explain what’s going on behind the scenes to produce the encrypted result ,  but I have the sense that the encoder  will rename your variables , functions and classes , as well as remove whitespace and comments . There are those who argue that an scrambled script will not stop someone from reverse-engineering the PHP source code . (In principle , no protection scheme of any kind will stop an adversary with unlimited patience and resources but most adversaries stop when it is easier to just write their own code) . Often the basis of this argument is some small piece of obfuscated code of a dozen lines , whose function is already known , and in this case the argument is right .
Read this post on StackOverflow’s  forum .


No comments yet — be the first.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s