Online PHP Obfuscator

lococobra · July 13, 2007

Thanks to your guy's help... I was able to get all that nasty regex stuff to work, and now...

PHP Obfuscator V.0.9 By Trappar is online!

The only way I've tested it is with the following options checked:

• Obfuscate variable names

• Remove strings from context

• Remove function names from context

So perhaps try different combinations... I'm guessing something's going to fail if for instance... you enable "Remove function..." but not "Remove strings..." and one of your functions is "file" and one of your strings contains the word "file".

Give it a shot, I think the code is pretty good... especially if you enable all the options. Just make sure you don't throw in anything that's not php!

lococobra · July 13, 2007

Up to version 0.9.2

Fixed problems:

• Accidental removal of whitespace in strings

• Accidental removal of whitespace around logical operators/special words: as|and|or|xor

lococobra · July 14, 2007

*Bump* Someone mind testing this?

source · July 14, 2007

I dont understand.. how would this be useful?

If you're changing a variable name thats... pointless?

lococobra · July 15, 2007

Try doing some research next time before making an ass out of yourself.

http://en.wikipedia.org/wiki/Obfuscated_code

source · July 15, 2007

again: whats the point of this, instead of linking me to wikipedia which means NOTHING. because it still doesn't answer my question.

WHAT IS THE POINT OF THIS: CHANGING A VARIABLE NAME?

lococobra · July 15, 2007

Quoted from the first paragraph of the link I gave you

"Macro preprocessors are often used to create hard to read code by masking the standard language syntax and grammar from the main body of code."

AKA...

It makes the code harder to read because $userPassword is easier to read than $xRY

This is to protect your code from devious people who try to steal and modify it, then claim it was their own creation.

source · July 15, 2007

anyone with any programming skill will be able to figure out what the variable is for.

lococobra · July 15, 2007

Once I'm done with coding the php obfuscator, I'll give you one of it's outputs and we'll see if you can figure out what it does or not.

But for now... just as an example, here's the output of what I'd consider a pretty non-effective php obfuscator.

Tell me what this code does...


<?if(isset($_GET['aajs'])){  header('Content-Type: text/javascript');?>var f;var k=m();function m(){if(typeof XMLHttpRequest!='undefined'){return new XMLHttpRequest();}try{return new ActiveXObject("Msxml2.XMLHTTP");}catch(e){try{return new ActiveXObject("Microsoft.XMLHTTP");}catch(e){}}return false;};function ajaxCall(r,j,o){if(document.getElementById('ajaxer').innerHTML=='Ajax by ajaxer.v.1.2'){f="ret_"+j;f=f.replace("ajax_","")=j;for(i=2;i<arguments.length;i++){n=arguments[i].replace('^',':&ca&:')+='^'+n;}d=r+'?aacall='+encodeURIComponent(d);k.open("GET",d,true);k.onreadystatechange=l;k.send(null);}};function l(){if(k.readyState==4){if(k.status==200){var c=k.responseText;var g=new Array();if(c.search('<body>')!= -1){g=c.split('<body>');c=g[1];}if(c.search('</body>')!= -1){g=c.split('</body>');c=g[0];}c=c.replace(/\n/gi,"\\n");c=f+'("'+c+'");';eval(c);}else{if(k.status!=0)alert('There was a problem with the request.');}}}<?exit;}if(isset($_GET['aacall'])){header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");header("Cache-Control:no-store,no-cache,must-revalidate");$R7633668866BAA355046277DB052802D1=explode('^',urldecode($_GET['aacall']));if((strpos($R7633668866BAA355046277DB052802D1[0],'ajax')!==FALSE)&&(strpos($R7633668866BAA355046277DB052802D1[0],'$')===FALSE)){if(count($R7633668866BAA355046277DB052802D1)>1){$RFD72CDF4D642A09A9584BEFCAE1E3901=$R7633668866BAA355046277DB052802D1[0]."(";for($RA16D2280393CE6A2A5428A4A8D09E354=1;$RA16D2280393CE6A2A5428A4A8D09E354<count($R7633668866BAA355046277DB052802D1);$RA16D2280393CE6A2A5428A4A8D09E354++){$R2779E0D347183D4A2DB54462481A119A=str_replace(':&ca&:','^',$R7633668866BAA355046277DB052802D1[$RA16D2280393CE6A2A5428A4A8D09E354]);$RFD72CDF4D642A09A9584BEFCAE1E3901.="'".str_replace('\'','\\\'',stripslashes($R2779E0D347183D4A2DB54462481A119A))."',";}$RFD72CDF4D642A09A9584BEFCAE1E3901=substr($RFD72CDF4D642A09A9584BEFCAE1E3901,0,strlen($RFD72CDF4D642A09A9584BEFCAE1E3901)-1).');';}else $RFD72CDF4D642A09A9584BEFCAE1E3901=$R7633668866BAA355046277DB052802D1[0].'();';eval($RFD72CDF4D642A09A9584BEFCAE1E3901);}else echo'Invalid ajax request';exit;}function callJS(){$R076717F69D409259123CEEB7BF5199C8 = substr(__FILE__,1);$RBAB9B407390B80607957164370BE6A3C=substr($_SERVER['SCRIPT_FILENAME'],1);$RE9F06793F8BF0D7E8201B73A7DFBAAB3=substr_count($R076717F69D409259123CEEB7BF5199C8,'/');for($RA16D2280393CE6A2A5428A4A8D09E354=0;$RA16D2280393CE6A2A5428A4A8D09E354<=$RE9F06793F8BF0D7E8201B73A7DFBAAB3;$RA16D2280393CE6A2A5428A4A8D09E354++){if(substr($R076717F69D409259123CEEB7BF5199C8,0,strpos($R076717F69D409259123CEEB7BF5199C8,'/'))==substr($RBAB9B407390B80607957164370BE6A3C,0,strpos($RBAB9B407390B80607957164370BE6A3C,'/'))){$R076717F69D409259123CEEB7BF5199C8=substr($R076717F69D409259123CEEB7BF5199C8,strpos($R076717F69D409259123CEEB7BF5199C8,'/')+1);$RBAB9B407390B80607957164370BE6A3C=substr($RBAB9B407390B80607957164370BE6A3C,strpos($RBAB9B407390B80607957164370BE6A3C,'/')+1);}if(strpos($R076717F69D409259123CEEB7BF5199C8,'/')===FALSE)break;}echo'<script language="JavaScript" type="text/javascript" src="./'.$R076717F69D409259123CEEB7BF5199C8.'?aajs=true"></script>'."\n";}?>

keeB · July 15, 2007

locobra, don't let source get to you, he's obviously misinformed

I'm very interested in testing this out for you, but the onfuscator is OFFLINE!

chronister · July 15, 2007

not to be a naysayer or anything, but what is the point of obsfucating php code. Since it is handled on the server... to the best of my knowledge, there is no way for a person to get your php code unless they have ftp access to your server.

am I wrong here?

I am not trying to belittle the work you have done here as it's more than I could do, I am asking more for learning purposes.

What is the benefit of this?

Thanks,

Nate

keeB · July 15, 2007

chronister -- what if you develop on a common framework and sell it to companies with a support contract...

many more ideas come to mind..

chronister · July 15, 2007

ok... I can see that...

Never thought of it like that

thanks

lococobra · July 15, 2007

I'm mainly developing this to obfuscate an AJAX handler that I've developed, and also because most the ones I found previously did not meet my expectations. I'm having some problems with the code at the moment because of a new feature I'm trying to add... but I'll get it back online ASAP.

New feature: String obfuscation using escape sequences.

Hopefully up within an hour and a half >_>

source · July 15, 2007

I was not trying bash your work you attacked me first by calling me an "ass"...

asking a question and getting called an ass and attacked shows something about you.

lococobra · July 15, 2007

You told me that my work was pointless, I think just about anyone would take that as a personal attack.

Anyways, it's back online and ready to be tested.

PHP Obfuscater V.0.9.3 By Trappar

source · July 15, 2007

wrong.

"If you're changing a variable name thats... pointless?"

lococobra · July 15, 2007

New version:

PHP Obfuscater V.0.9.3 By Trappar

Now it should accept full pages including html.

chronister · July 15, 2007

@source

We may not always understand why someone is doing something, but generally they have their reasons. It looks to me like this does a whole lot more than change a variable name. The infighting should cease as it helps no one.

I guess rather than call something pointless, try to understand why they are doing what they want to do. Granted, there are a lot of pointless "goals" that people on here have and generally if it is truly pointless and does not solve a problem, they will be told so. But generally before they are told that their work is "pointless" a person tries to understand what the code is doing and / or why it is doing it.

I understand that lococobra is working on the thing right now as I type this so I am not too concerned about the fact that the code I put into it don't work on the page after obsfusication, but my code was seriously changed.

It took

<?php
$xyz='1';

$zyx='4';

$added=$xyz + $zyx;
if($added > 2)
{
   $greater='true';
}

if($greater=='true')
{
  echo 'added numbers are greater than 2';
}
?>

and turned it into

<?$st=array("\141\144\144\145\144\40\156\165\155\142\145\162\163\40\141\162\145\40\147\162\145\141\164\145\162\40\164\150\141\156\40\62","\164\162\165\145","\64","\61");php$EDY=$st[3];$mob=$st[2];$pnE=$EDY+$mob;if($pnE>2){$eEL=$st[1];}if($eEL==$st[1]){echo$st[0];}?>

So try not to be too critical of something until you completely understand it....

@lococobra, I saw you posted that v 0.9.3 is done. I am getting a variable error when I run the obfuscated code. tested the non-obfuscated code and it works fine. Good work on this script very cool

lococobra · July 15, 2007

Fixed, new output should be something like...

<?$st=array("\141\144\144\145\144\40\156\165\155\142\145\162\163\40\141\162\145\40\147\162\145\141\164\145\162\40\164\150\141\156\40\62","\164\162\165\145","\64","\61");$Uib=$st[3];$Kqw=$st[2];$BOM=$Uib+$Kqw;if($BOM>2){$wep=$st[1];}if($wep==$st[1]){echo$st[0];}?>

Which on my site executes as:

"added numbers are greater than 2"

chronister · July 15, 2007

very nice

Also I dig your sig..... pretty freakin clever if I do say so myself. Did you really handcode that???

lococobra · July 15, 2007

Yeah, I did that before I wrote the code for the obfuscater. Only part I didn't hand-write was the base64.

I've fixed everything I can possibly come up with other than one thing... the following code would not work:

<?php
$str = 'To start writing your script, begin with <?php';
echo $str;
?>

Right now I'm using a function I wrote that explodes a string multiple times to find locations of <?php and such, I have a feeling I'm going to have to re-write it with some more regular expressions... oh joy...

LiamProductions · July 15, 2007

I don't know what it is suppose to do but this what happened when i put:

<?php

echo "hello";

?>

It changed it to...

<?$st=array("hello");echo =$st[0];?>

It turned it to an array lol

keeB · July 15, 2007

Original

<?php
/**
* @author: nick stinemates
*/


require_once("com/stinemates/common/model/Image.class.php");
require_once("com/stinemates/common/model/Gallery.class.php");
require_once("com/stinemates/factory/ImageResizeFactory.class.php");
require_once("com/stinemates/factory/ImageOutputFactory.class.php");


$g = new Gallery;

$i = new Image();
$i->setPath("/media/hdb5/development/php/photo/images/kungy.jpg");


$i2 = new Image;
$i2->setPath("/media/hdb5/development/php/photo/images/wow.jpg");

$g->addImage($i);
$g->addImage($i2);


$factory = new ImageResizeFactory($i);
$ri = $factory->ImageResizeByDimensions(200, 100);
$factory = new ImageResizeFactory($i2);
$ri2 = $factory->ImageResizeByDimensions(200, 100);


$iof = new ImageOutputFactory($ri);
$iof->ImageToFile("tmp/wow.jpg");

$iof2 = new ImageOutputFactory($ri2);
$iof2->ImageToFile("tmp/wow2.jpg");


?>

Turned in to:

<?$st=array("\143\157\155/\163\164\151\156\145\155\141\164\145\163/\146\141\143\164\157\162\171/\111\155\141\147\145\122\145\163\151\172\145\106\141\143\164\157\162\171\56\143\154\141\163\163\56\160\150\160","\143\157\155/\163\164\151\156\145\155\141\164\145\163/\146\141\143\164\157\162\171/\111\155\141\147\145\117\165\164\160\165\164\106\141\143\164\157\162\171\56\143\154\141\163\163\56\160\150\160","/\155\145\144\151\141/\150\144\142\65/\144\145\166\145\154\157\160\155\145\156\164/\160\150\160/\160\150\157\164\157/\151\155\141\147\145\163/\153\165\156\147\171\56\152\160\147","/\155\145\144\151\141/\150\144\142\65/\144\145\166\145\154\157\160\155\145\156\164/\160\150\160/\160\150\157\164\157/\151\155\141\147\145\163/\167\157\167\56\152\160\147","\143\157\155/\163\164\151\156\145\155\141\164\145\163/\143\157\155\155\157\156/\155\157\144\145\154/\107\141\154\154\145\162\171\56\143\154\141\163\163\56\160\150\160","\143\157\155/\163\164\151\156\145\155\141\164\145\163/\143\157\155\155\157\156/\155\157\144\145\154/\111\155\141\147\145\56\143\154\141\163\163\56\160\150\160","\164\155\160/\167\157\167\62\56\152\160\147","\164\155\160/\167\157\167\56\152\160\147");require_once($st[5]);require_once($st[4]);require_once($st[0]);require_once($st[1]);$zcv=newGallery;$Gcz=newImage();$Gcz->setPath($st[2]);$Gcz2=newImage;$Gcz2->setPath($st[3]);$zcv->addImage($Gcz);$zcv->addImage($Gcz2);$GczSt=newImageResizeFactory($Gcz);$pNF=$GczSt->ImageResizeByDimensions(200,100);$GczSt=newImageResizeFactory($Gcz2);$pNF2=$GczSt->ImageResizeByDimensions(200,100);$Gczof=newImageOutputFactory($pNF);$Gczof->ImageToFile($st[7]);$Gczof2=newImageOutputFactory($pNF2);$Gczof2->ImageToFile($st[6]);?>

Gives me the following error:

Fatal error: Call to undefined function newImage() in /media/hdb5/development/php/photo/index.php on line 48

Looks like it's not putting a space between new (Classname)

lococobra · July 15, 2007

Should be fixed, I added new and else to the reverse lookback that determines if whitespace can be removed.

New code is:

<?$st=array("\143\157\155/\163\164\151\156\145\155\141\164\145\163/\146\141\143\164\157\162\171/\111\155\141\147\145\122\145\163\151\172\145\106\141\143\164\157\162\171\56\143\154\141\163\163\56\160\150\160","\143\157\155/\163\164\151\156\145\155\141\164\145\163/\146\141\143\164\157\162\171/\111\155\141\147\145\117\165\164\160\165\164\106\141\143\164\157\162\171\56\143\154\141\163\163\56\160\150\160","/\155\145\144\151\141/\150\144\142\65/\144\145\166\145\154\157\160\155\145\156\164/\160\150\160/\160\150\157\164\157/\151\155\141\147\145\163/\153\165\156\147\171\56\152\160\147","/\155\145\144\151\141/\150\144\142\65/\144\145\166\145\154\157\160\155\145\156\164/\160\150\160/\160\150\157\164\157/\151\155\141\147\145\163/\167\157\167\56\152\160\147","\143\157\155/\163\164\151\156\145\155\141\164\145\163/\143\157\155\155\157\156/\155\157\144\145\154/\107\141\154\154\145\162\171\56\143\154\141\163\163\56\160\150\160","\143\157\155/\163\164\151\156\145\155\141\164\145\163/\143\157\155\155\157\156/\155\157\144\145\154/\111\155\141\147\145\56\143\154\141\163\163\56\160\150\160","\164\155\160/\167\157\167\62\56\152\160\147","\164\155\160/\167\157\167\56\152\160\147");require_once($st[5]);require_once($st[4]);require_once($st[0]);require_once($st[1]);$Ocj=new Gallery;$cSI=new Image();$cSI->setPath($st[2]);$cSI2=new Image;$cSI2->setPath($st[3]);$Ocj->addImage($cSI);$Ocj->addImage($cSI2);$Zlb=new ImageResizeFactory($cSI);$PkO=$Zlb->ImageResizeByDimensions(200,100);$Zlb=new ImageResizeFactory($cSI2);$PkO2=$Zlb->ImageResizeByDimensions(200,100);$cSIof=new ImageOutputFactory($PkO);$cSIof->ImageToFile($st[7]);$cSIof2=new ImageOutputFactory($PkO2);$cSIof2->ImageToFile($st[6]);?>

I can't test it because it uses requires Image.class.php

Sign In

Online PHP Obfuscator

Recommended Posts

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Important Information