Skip to content

Instantly share code, notes, and snippets.

@MasterEx
Last active April 6, 2021 15:58
Show Gist options
  • Star 2 You must be signed in to star a gist
  • Fork 1 You must be signed in to fork a gist
  • Save MasterEx/1171816 to your computer and use it in GitHub Desktop.
Save MasterEx/1171816 to your computer and use it in GitHub Desktop.
A PHP code obfuscator implemented in java as a proof of concept

This is a PHP code obfuscator.

It is pretty plain and it's purpose is to demonstrate how a PHP obfuscator works in practice.

==Usage==

java -jar Coolphpobfuscator.jar phpfilename.php

The output will be printed in the standard output.

<?php
/**
* Better use arrays by reference
* http://php.net/manual/en/language.references.php
*
*/
$input = "this is my sample which is sorted and simple";
echo "Input: ".$input."<br/>";
foreach(explode(" ",$input) as $in)
{
if(isset($firstarray[strlen($in)][$in]))
$firstarray[strlen($in)][$in]++;
else
$firstarray[strlen($in)][$in] = 1;
}
ksort($firstarray);
foreach($firstarray as &$secarray)
{
ksort($secarray);
}
print_r($firstarray);
?>
package coolphpobfuscator;
import java.io.File;
import java.io.FileNotFoundException;
import java.math.BigInteger;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.Scanner;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
/**
*
* @author periklis master_ex ntanasis - pntanasis@gmail.com
*/
public class Coolphpobfuscator {
// found here: http://snippets.dzone.com/posts/show/3686
public static String md5(String s) throws Exception {
MessageDigest m = MessageDigest.getInstance("MD5");
m.update(s.getBytes(), 0, s.length());
return new BigInteger(1, m.digest()).toString(16);
}
public static void main(String[] args) throws FileNotFoundException, NoSuchAlgorithmException, Exception {
if (args.length == 0) {
System.err.println("Arguments are missing");
System.exit(1);
}
File input = new File(args[0]);
Scanner in = new Scanner(input);
String code = "";
while (in.hasNext()) {
code += in.nextLine() + "\n";
}
/**
* Here we'll start erasing and altering stuff
*/
code = code.replaceAll("\t", ""); // not tabs
code = code.replaceAll("\n+", " "); // not line breaks
code = code.replaceAll("/\\*.*\\*/", " "); // remove the comments
code = code.replaceAll(" *; *", ";"); // remove spaces after ;
code = code.replaceAll(" *[{] *", "{");
code = code.replaceAll(" *[}] *", "}");
code = code.replaceAll(" *[=] *", "=");
code = code.replaceAll(" *[<] *", "<");
code = code.replaceAll(" *[>] *", ">");
code = code.replaceAll(" *[(] *", "(");
code = code.replaceAll(" *[)] *", ")");
code = code.replaceAll(" *[,] *", ",");
code = code.replaceAll(" +", " ");
Pattern MY_PATTERN = Pattern.compile("\\$(\\w|\\d)+"); // match variable names
Matcher m = MY_PATTERN.matcher(code);
ArrayList<String> variables = new ArrayList();
// place every variable name in an array
int index = 0;
while (m.find(index)) {
if (!variables.contains(m.group())) {
variables.add(m.group());
}
index = m.end();
}
// rename the variables with their md5hash (with a leading a infront to
// ensure that their name will start with letter)
Iterator<String> itr = variables.iterator();
while (itr.hasNext()) {
String variablename = itr.next();
code = code.replaceAll("\\" + variablename, "\\$a" + Coolphpobfuscator.md5(variablename));
}
// Print the code after the changes
System.out.println(code);
}
}
<?php $a6c6f2ffa347ef13815db0c336428e5a1="this is my sample which is sorted and simple";echo "Input: ".$a6c6f2ffa347ef13815db0c336428e5a1."<br/>";foreach(explode(" ",$a6c6f2ffa347ef13815db0c336428e5a1)as $a679baf73baafa7c9f0ada0622c739c32){if(isset($ad490419709e2e8f3f8176b1dd07bb281[strlen($a679baf73baafa7c9f0ada0622c739c32)][$a679baf73baafa7c9f0ada0622c739c32]))$ad490419709e2e8f3f8176b1dd07bb281[strlen($a679baf73baafa7c9f0ada0622c739c32)][$a679baf73baafa7c9f0ada0622c739c32]++;else $ad490419709e2e8f3f8176b1dd07bb281[strlen($a679baf73baafa7c9f0ada0622c739c32)][$a679baf73baafa7c9f0ada0622c739c32]=1;}ksort($ad490419709e2e8f3f8176b1dd07bb281);foreach($ad490419709e2e8f3f8176b1dd07bb281 as &$a9b6dfdb0fc4e83a29530c5166ed7907f){ksort($a9b6dfdb0fc4e83a29530c5166ed7907f);}print_r($ad490419709e2e8f3f8176b1dd07bb281);?>
@rogeriolino
Copy link

Compiling and running:

javac coolphpobfuscator/Coolphpobfuscator.java
jar cf obfuscator.jar coolphpobfuscator 
java -cp obfuscator.jar coolphpobfuscator.Coolphpobfuscator inputfile.php

@rogeriolino
Copy link

@MasterEx the remove comment regex will broken the source code when more than one comment.

To fix change it to:

    code = code.replaceAll("/\\*.*?\\*/", " "); // line 47

@KevinVR
Copy link

KevinVR commented Mar 5, 2016

@MasterEx

I don't think this will work if you have the below code:

 <?php
 echo "Show this ; to the      ;      ;      browser";
 echo "test <span style='color: green;'>ok</span>";
 ?>
  1. Since the spaces between the ";" will be removed.
  2. The space between "test" and "ok" will be removed.

I think the only way to get it 100% correct is by implementing a PHP parser. Of course the easiest solution would be to use the php_strip_whitespace() method, however it doesn't remove all spaces (it keeps 1 space).

@RetiredQQ
Copy link

Then first use php formatter before using the obfuscator.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment