Topic: Online PHP Obfuscator

[lococobra]

You told me that my work was pointless, I think just about anyone would take that as a personal attack.

Anyways, it's back online and ready to be tested.

PHP Obfuscater V.0.9.3 By Trappar

[source]

wrong.

"If you're changing a variable name thats... pointless?"

[lococobra]

New version:

PHP Obfuscater V.0.9.3 By Trappar

Now it should accept full pages including html.

[chronister]

@source

We may not always understand why someone is doing something, but generally they have their reasons. It looks to me like this does a whole lot more than change a variable name. The infighting should cease as it helps no one.

I guess rather than call something pointless, try to understand why they are doing what they want to do. Granted, there are a lot of pointless "goals" that people on here have and generally if it is truly pointless and does not solve a problem, they will be told so. But generally before they are told that their work is "pointless" a person tries to understand what the code is doing and / or why it is doing it.

I understand that lococobra is working on the thing right now as I type this so I am not too concerned about the fact that the code I put into it don't work on the page after obsfusication, but my code was seriously changed.

It took

Code: [Select]

<?php
$xyz='1';

$zyx='4';

$added=$xyz + $zyx;
if($added > 2)
{
   $greater='true';
}

if($greater=='true')
{
  echo 'added numbers are greater than 2';
}
?>

and turned it into

Code: [Select]

<?$st=array("\141\144\144\145\144\40\156\165\155\142\145\162\163\40\141\162\145\40\147\162\145\141\164\145\162\40\164\150\141\156\40\62","\164\162\165\145","\64","\61");php$EDY=$st[3];$mob=$st[2];$pnE=$EDY+$mob;if($pnE>2){$eEL=$st[1];}if($eEL==$st[1]){echo$st[0];}?>


So try not to be too critical of something until you completely understand it....


@lococobra, I saw you posted that v 0.9.3 is done. I am getting a variable error when I run the obfuscated code. tested the non-obfuscated code and it works fine. Good work on this script very cool

[lococobra]

Fixed, new output should be something like...

Code: [Select]

<?$st=array("\141\144\144\145\144\40\156\165\155\142\145\162\163\40\141\162\145\40\147\162\145\141\164\145\162\40\164\150\141\156\40\62","\164\162\165\145","\64","\61");$Uib=$st[3];$Kqw=$st[2];$BOM=$Uib+$Kqw;if($BOM>2){$wep=$st[1];}if($wep==$st[1]){echo$st[0];}?>

Which on my site executes as:
"added numbers are greater than 2"

[chronister]

very nice


Also I dig your sig..... pretty freakin clever if I do say so myself. Did you really handcode that???


 

[lococobra]

Yeah, I did that before I wrote the code for the obfuscater. Only part I didn't hand-write was the base64.

I've fixed everything I can possibly come up with other than one thing... the following code would not work:

Code: [Select]

<?php
$str = 'To start writing your script, begin with <?php';
echo $str;
?>
Right now I'm using a function I wrote that explodes a string multiple times to find locations of <?php and such, I have a feeling I'm going to have to re-write it with some more regular expressions... oh joy...

[LiamProductions]

I don't know what it is suppose to do but this what happened when i put:

Code: [Select]

<?php

echo "hello";

?>
It changed it to...

Code: [Select]

<?$st=array("hello");echo =$st[0];?>

It turned it to an array lol

[keeB]

Original

Code: [Select]

<?php
/**
 * @author: nick stinemates
 */
 
 
require_once("com/stinemates/common/model/Image.class.php");
require_once("com/stinemates/common/model/Gallery.class.php");
require_once("com/stinemates/factory/ImageResizeFactory.class.php");
require_once("com/stinemates/factory/ImageOutputFactory.class.php");


$g = new Gallery;

$i = new Image();
$i->setPath("/media/hdb5/development/php/photo/images/kungy.jpg");


$i2 = new Image;
$i2->setPath("/media/hdb5/development/php/photo/images/wow.jpg");

$g->addImage($i);
$g->addImage($i2);


$factory = new ImageResizeFactory($i);
$ri = $factory->ImageResizeByDimensions(200, 100);
$factory = new ImageResizeFactory($i2);
$ri2 = $factory->ImageResizeByDimensions(200, 100);


$iof = new ImageOutputFactory($ri);
$iof->ImageToFile("tmp/wow.jpg");

$iof2 = new ImageOutputFactory($ri2);
$iof2->ImageToFile("tmp/wow2.jpg");


?>


Turned in to:

Code: [Select]

<?$st=array("\143\157\155/\163\164\151\156\145\155\141\164\145\163/\146\141\143\164\157\162\171/\111\155\141\147\145\122\145\163\151\172\145\106\141\143\164\157\162\171\56\143\154\141\163\163\56\160\150\160","\143\157\155/\163\164\151\156\145\155\141\164\145\163/\146\141\143\164\157\162\171/\111\155\141\147\145\117\165\164\160\165\164\106\141\143\164\157\162\171\56\143\154\141\163\163\56\160\150\160","/\155\145\144\151\141/\150\144\142\65/\144\145\166\145\154\157\160\155\145\156\164/\160\150\160/\160\150\157\164\157/\151\155\141\147\145\163/\153\165\156\147\171\56\152\160\147","/\155\145\144\151\141/\150\144\142\65/\144\145\166\145\154\157\160\155\145\156\164/\160\150\160/\160\150\157\164\157/\151\155\141\147\145\163/\167\157\167\56\152\160\147","\143\157\155/\163\164\151\156\145\155\141\164\145\163/\143\157\155\155\157\156/\155\157\144\145\154/\107\141\154\154\145\162\171\56\143\154\141\163\163\56\160\150\160","\143\157\155/\163\164\151\156\145\155\141\164\145\163/\143\157\155\155\157\156/\155\157\144\145\154/\111\155\141\147\145\56\143\154\141\163\163\56\160\150\160","\164\155\160/\167\157\167\62\56\152\160\147","\164\155\160/\167\157\167\56\152\160\147");require_once($st[5]);require_once($st[4]);require_once($st[0]);require_once($st[1]);$zcv=newGallery;$Gcz=newImage();$Gcz->setPath($st[2]);$Gcz2=newImage;$Gcz2->setPath($st[3]);$zcv->addImage($Gcz);$zcv->addImage($Gcz2);$GczSt=newImageResizeFactory($Gcz);$pNF=$GczSt->ImageResizeByDimensions(200,100);$GczSt=newImageResizeFactory($Gcz2);$pNF2=$GczSt->ImageResizeByDimensions(200,100);$Gczof=newImageOutputFactory($pNF);$Gczof->ImageToFile($st[7]);$Gczof2=newImageOutputFactory($pNF2);$Gczof2->ImageToFile($st[6]);?>

Gives me the following error:
Fatal error: Call to undefined function newImage() in /media/hdb5/development/php/photo/index.php on line 48

Looks like it's not putting a space between new (Classname)

[lococobra]

Should be fixed, I added new and else to the reverse lookback that determines if whitespace can be removed.

New code is:

Code: [Select]

<?$st=array("\143\157\155/\163\164\151\156\145\155\141\164\145\163/\146\141\143\164\157\162\171/\111\155\141\147\145\122\145\163\151\172\145\106\141\143\164\157\162\171\56\143\154\141\163\163\56\160\150\160","\143\157\155/\163\164\151\156\145\155\141\164\145\163/\146\141\143\164\157\162\171/\111\155\141\147\145\117\165\164\160\165\164\106\141\143\164\157\162\171\56\143\154\141\163\163\56\160\150\160","/\155\145\144\151\141/\150\144\142\65/\144\145\166\145\154\157\160\155\145\156\164/\160\150\160/\160\150\157\164\157/\151\155\141\147\145\163/\153\165\156\147\171\56\152\160\147","/\155\145\144\151\141/\150\144\142\65/\144\145\166\145\154\157\160\155\145\156\164/\160\150\160/\160\150\157\164\157/\151\155\141\147\145\163/\167\157\167\56\152\160\147","\143\157\155/\163\164\151\156\145\155\141\164\145\163/\143\157\155\155\157\156/\155\157\144\145\154/\107\141\154\154\145\162\171\56\143\154\141\163\163\56\160\150\160","\143\157\155/\163\164\151\156\145\155\141\164\145\163/\143\157\155\155\157\156/\155\157\144\145\154/\111\155\141\147\145\56\143\154\141\163\163\56\160\150\160","\164\155\160/\167\157\167\62\56\152\160\147","\164\155\160/\167\157\167\56\152\160\147");require_once($st[5]);require_once($st[4]);require_once($st[0]);require_once($st[1]);$Ocj=new Gallery;$cSI=new Image();$cSI->setPath($st[2]);$cSI2=new Image;$cSI2->setPath($st[3]);$Ocj->addImage($cSI);$Ocj->addImage($cSI2);$Zlb=new ImageResizeFactory($cSI);$PkO=$Zlb->ImageResizeByDimensions(200,100);$Zlb=new ImageResizeFactory($cSI2);$PkO2=$Zlb->ImageResizeByDimensions(200,100);$cSIof=new ImageOutputFactory($PkO);$cSIof->ImageToFile($st[7]);$cSIof2=new ImageOutputFactory($PkO2);$cSIof2->ImageToFile($st[6]);?>

I can't test it because it uses requires Image.class.php

[pyrodude]

Did a simple test

Code: [Select]

<?php
$test="test";
?>

and the top of the page has

Code: [Select]

"Array ( [0] => "test" )
Also, the hyperlink at the bottom is displaying as

Code: [Select]

<a href="/obfuscator/index.php>Obfuscate some more code
rather than the actual link

[GuiltyGear]

It worked smoothly for a not so short code i entered. Pretty complex thing u got there
Oh and yeah the link at the bottom is a bit messed up 

[lococobra]

Yeah, there are still some problems, but at this point... It's become unmanageably complex. If someone wants to step in and help me out with it... I'd be glad to have the help.

PM me about it and I'll set you up with FTP access.

[Warptweet]

SWEET I'm using this!
Very useful.

[xylex]

Now I'm not trying to say your work is pointless, but it can easily be switched back to code that is much easier to read.  Your script may stop the casaul hacker from making a quick edit, but I would question the protection that it would offer on any expensive or wide distro project.

A basic decode script-

Note that this errors out if there are escaped quotes in the encoded script, but that could be easily fixed as well. 

Code: [Select]

<?php
if (get_magic_quotes_gpc) $value = stripslashes($_REQUEST['code']);
else $value = $_REQUEST['code'];

$search = array ('"','$','?>','<?', ';');

$replace = array ('\"', '\$', '?&gt', '&lt?', ";\n");

$value = str_replace($search, $replace, $value);

eval ('echo "<pre>'.$value.'</pre>";');

?>
<h3>Enter Code</h3>

<form method="post">
<textarea name="code"></textarea>
<input type="submit">