Jump to content
Hes

Can you turn a PHP script into an executable? (Linux)

Recommended Posts

Hi all,

I have "inherited" some PHP (command-line) scripts that are used on a Linux system for some small database calls (SOAP). I need to turn these scripts into standard linux executables. I have seen a number to projects (phc, HHVM, recki-ct), but none of those seem to be able to do the trick. phc was abandoned a while ago and isn't compileable anymore, HHVM does not create executables, and recki-ct only throws a ton of build errors on my system, so I can't even test it.

 

The scripts were written using PHP5.5 and are only a few hundred lines long. What can I do to turn them into an executable (ELF file format) for Linux (other than a complete rewrite in another language, which is way too time-consuming)?

 

Any help is appreciated.

 

Cheers, Frank.

 

 

Share this post


Link to post
Share on other sites

Actual executables? Or simply things you can run as ./script.php?

 

For actual executables... don't. It's not worth it. PHP code was not meant to be compiled into executables. There are projects out there which say they can, but seriously reconsider whether you actually need to do that. Consider what would happen with extensions and INI settings and all that: either you would have to have PHP installed on the system anyways, or all that would need to be baked into the program, or the executable would have to be bundled with all that stuff.

 

If ./script.php is sufficient, stick a

#!/usr/bin/php
(substitute the appropriate path to PHP) at the top of the file, then chmod +x it.

Share this post


Link to post
Share on other sites

Hi,

yes, I'd need actual executables (the "#!/usr/bin/php" you propose is the current state of affairs). The problem with that is the fact that the scripts can be read by anyone with access to the system, which include secret data. 

 

These scripts are called from within a C++ application, and there is no time to rewrite them in a completely different, compilable language. But I cannot leave passwords or encryption keys in the clear (or in easily reversible form) on the system, either. So my idea was to compile them. 

 

Is there any other way to hide this information (and/or the algorithms used to decrypt them), or to call the php scripts in such a way that this information can't be seen?

Share this post


Link to post
Share on other sites

If someone has access to the system then you're done for. Basic tenet of computer security. Obfuscating, hashing, compiling code, none of that will protect you for long.

 

If this information is so secretive that you don't want these people with access to be able to see it then don't give them access. It's that simple.

Share this post


Link to post
Share on other sites

I cannot keep people from just taking out the hard drive or whatever storage is being used when the device isn't standing behind bars at my place. By that same logic, no computer device may ever be put up in a public location. 

 

The information in question is about as sensitive as any login credential used for anything. I'm not a complete idiot and know very well that absolute security is impossible. But it should be harder to get to this information than just reading out a plain-text file, i.e. the php script. That's what I'm aiming for.

 

I could include the php script and its includes into a resource section of the main application executable (which is encrypted using a hardware dongle), but so far, I have found no way of executing the script from within that resource. I can access the file directly from within the executable, but I'd have to feed it (and its includes) to the php interpreter somehow. 

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.