isaac_cm Posted October 6, 2007 Share Posted October 6, 2007 Hello, I use zend guard to obfuscate my PHP pages but the problem that I heard so many times there is tools can decompile (deobfuscate) what zend guard does to the files, Is it true ? if so what is the best way to protect PHP code ? Thanks Quote Link to comment https://forums.phpfreaks.com/topic/72093-deobfuscation/ Share on other sites More sharing options...
tibberous Posted October 6, 2007 Share Posted October 6, 2007 Ioncube Quote Link to comment https://forums.phpfreaks.com/topic/72093-deobfuscation/#findComment-363330 Share on other sites More sharing options...
Wuhtzu Posted October 6, 2007 Share Posted October 6, 2007 My guess would be if someone wants your code they'll get it, even though it requires them to somehow obtain your encrypted code (hacking server or something like that) and then decode your code. This discussion supports my thoughts: http://www.webhostingtalk.com/archive/index.php/t-476659.html Back to the protection part.... How about letting no one except yourself have access to the code? Have your own server running "at home" and then just keep it as plain text php code. Or is it a matter of distributing (selling or similar) the code? Quote Link to comment https://forums.phpfreaks.com/topic/72093-deobfuscation/#findComment-363333 Share on other sites More sharing options...
MadTechie Posted October 6, 2007 Share Posted October 6, 2007 Ioncube IonCube Encoder does not offer any protection against oparray_dumping or oparray disassembly but then again nor does ZendEncoder, its alittle better but with a littel time to can decrypt the opcodes, short and simple, if you give the source to someone they will hack it after X time.. its just how long X takes.. Quote Link to comment https://forums.phpfreaks.com/topic/72093-deobfuscation/#findComment-363341 Share on other sites More sharing options...
isaac_cm Posted October 6, 2007 Author Share Posted October 6, 2007 Here is my experience: This is very dangerous situation I cant let any one take my code because this way I only sell one copy and the owner will sell it as much as he want !! I test encode using zend guard and decoded with dezender and I found dezender can only decode ver 3.6 I am just afraid that another tool popup to decode zend guard 4 or 5 What about sourceguardian ver 7 , did any one try it ? Quote Link to comment https://forums.phpfreaks.com/topic/72093-deobfuscation/#findComment-363354 Share on other sites More sharing options...
MadTechie Posted October 6, 2007 Share Posted October 6, 2007 when looking for the protection remember thats statements like # Allows you to distribute time limited scripts for shareware purposes # Allows you to distribute Domain and IP limited scripts that will only run on the IP or Domain you specify when encoding are only true of the system is NOT reversed.. These system have all been hacked. Zend Encoder * SafeGuard 3.6 ionCube up to 6.5 SourceGuardian * phpcipher * codelock * SourceCop (all version, from what i know - useless) unsure of version, i'm sure theirs been a few new releases since i last checked Quote Link to comment https://forums.phpfreaks.com/topic/72093-deobfuscation/#findComment-363365 Share on other sites More sharing options...
MasterACE14 Posted October 6, 2007 Share Posted October 6, 2007 your practically talking about piracy :-\ What sought of scripts need this security anyway? Quote Link to comment https://forums.phpfreaks.com/topic/72093-deobfuscation/#findComment-363367 Share on other sites More sharing options...
isaac_cm Posted October 6, 2007 Author Share Posted October 6, 2007 your practically talking about piracy :-\ What sought of scripts need this security anyway? CMS software ofcourse what else !!! Quote Link to comment https://forums.phpfreaks.com/topic/72093-deobfuscation/#findComment-363382 Share on other sites More sharing options...
MasterACE14 Posted October 6, 2007 Share Posted October 6, 2007 lol ok, I had in mind, "Nuclear Launch Codes" but thats just me Quote Link to comment https://forums.phpfreaks.com/topic/72093-deobfuscation/#findComment-363384 Share on other sites More sharing options...
isaac_cm Posted October 6, 2007 Author Share Posted October 6, 2007 These system have all been hacked. Zend Encoder * SafeGuard 3.6 ionCube up to 6.5 SourceGuardian * phpcipher * codelock * SourceCop (all version, from what i know - useless) unsure of version, i'm sure theirs been a few new releases since i last checked seems you have the tool to hack all of them, however as I said zend 4 and 5 not hacked yet I hope they still that way I am testing SourceGuardian now Quote Link to comment https://forums.phpfreaks.com/topic/72093-deobfuscation/#findComment-363385 Share on other sites More sharing options...
isaac_cm Posted October 6, 2007 Author Share Posted October 6, 2007 lol ok, I had in mind, "Nuclear Launch Codes" but thats just me I hope I can do system like that I would be so rich Quote Link to comment https://forums.phpfreaks.com/topic/72093-deobfuscation/#findComment-363387 Share on other sites More sharing options...
MasterACE14 Posted October 6, 2007 Share Posted October 6, 2007 yeah , kick Bill Gates out the window. Quote Link to comment https://forums.phpfreaks.com/topic/72093-deobfuscation/#findComment-363397 Share on other sites More sharing options...
tibberous Posted October 8, 2007 Share Posted October 8, 2007 Ioncube IonCube Encoder does not offer any protection against oparray_dumping or oparray disassembly but then again nor does ZendEncoder, its alittle better but with a littel time to can decrypt the opcodes, short and simple, if you give the source to someone they will hack it after X time.. its just how long X takes.. Agreed of course, but more practically it can be thought of as How long it takes to hack vs How long it takes to rewrite. If you make a 100 page facebook clone script, and ioncube every damn page, I'm not going to go through 100 pages of your opt codes - I'm going to open notepad and start typing. Quote Link to comment https://forums.phpfreaks.com/topic/72093-deobfuscation/#findComment-364460 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.