Create a gist now

Instantly share code, notes, and snippets.

What would you like to do?
A PHP code obfuscator implemented in java as a proof of concept

This is a PHP code obfuscator.

It is pretty plain and it's purpose is to demonstrate how a PHP obfuscator works in practice.

==Usage==

java -jar Coolphpobfuscator.jar phpfilename.php

The output will be printed in the standard output.

<?php
/**
* Better use arrays by reference
* http://php.net/manual/en/language.references.php
*
*/
$input = "this is my sample which is sorted and simple";
echo "Input: ".$input."<br/>";
foreach(explode(" ",$input) as $in)
{
if(isset($firstarray[strlen($in)][$in]))
$firstarray[strlen($in)][$in]++;
else
$firstarray[strlen($in)][$in] = 1;
}
ksort($firstarray);
foreach($firstarray as &$secarray)
{
ksort($secarray);
}
print_r($firstarray);
?>
package coolphpobfuscator;
import java.io.File;
import java.io.FileNotFoundException;
import java.math.BigInteger;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.Scanner;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
/**
*
* @author periklis master_ex ntanasis - pntanasis@gmail.com
*/
public class Coolphpobfuscator {
// found here: http://snippets.dzone.com/posts/show/3686
public static String md5(String s) throws Exception {
MessageDigest m = MessageDigest.getInstance("MD5");
m.update(s.getBytes(), 0, s.length());
return new BigInteger(1, m.digest()).toString(16);
}
public static void main(String[] args) throws FileNotFoundException, NoSuchAlgorithmException, Exception {
if (args.length == 0) {
System.err.println("Arguments are missing");
System.exit(1);
}
File input = new File(args[0]);
Scanner in = new Scanner(input);
String code = "";
while (in.hasNext()) {
code += in.nextLine() + "\n";
}
/**
* Here we'll start erasing and altering stuff
*/
code = code.replaceAll("\t", ""); // not tabs
code = code.replaceAll("\n+", " "); // not line breaks
code = code.replaceAll("/\\*.*\\*/", " "); // remove the comments
code = code.replaceAll(" *; *", ";"); // remove spaces after ;
code = code.replaceAll(" *[{] *", "{");
code = code.replaceAll(" *[}] *", "}");
code = code.replaceAll(" *[=] *", "=");
code = code.replaceAll(" *[<] *", "<");
code = code.replaceAll(" *[>] *", ">");
code = code.replaceAll(" *[(] *", "(");
code = code.replaceAll(" *[)] *", ")");
code = code.replaceAll(" *[,] *", ",");
code = code.replaceAll(" +", " ");
Pattern MY_PATTERN = Pattern.compile("\\$(\\w|\\d)+"); // match variable names
Matcher m = MY_PATTERN.matcher(code);
ArrayList<String> variables = new ArrayList();
// place every variable name in an array
int index = 0;
while (m.find(index)) {
if (!variables.contains(m.group())) {
variables.add(m.group());
}
index = m.end();
}
// rename the variables with their md5hash (with a leading a infront to
// ensure that their name will start with letter)
Iterator<String> itr = variables.iterator();
while (itr.hasNext()) {
String variablename = itr.next();
code = code.replaceAll("\\" + variablename, "\\$a" + Coolphpobfuscator.md5(variablename));
}
// Print the code after the changes
System.out.println(code);
}
}
<?php $a6c6f2ffa347ef13815db0c336428e5a1="this is my sample which is sorted and simple";echo "Input: ".$a6c6f2ffa347ef13815db0c336428e5a1."<br/>";foreach(explode(" ",$a6c6f2ffa347ef13815db0c336428e5a1)as $a679baf73baafa7c9f0ada0622c739c32){if(isset($ad490419709e2e8f3f8176b1dd07bb281[strlen($a679baf73baafa7c9f0ada0622c739c32)][$a679baf73baafa7c9f0ada0622c739c32]))$ad490419709e2e8f3f8176b1dd07bb281[strlen($a679baf73baafa7c9f0ada0622c739c32)][$a679baf73baafa7c9f0ada0622c739c32]++;else $ad490419709e2e8f3f8176b1dd07bb281[strlen($a679baf73baafa7c9f0ada0622c739c32)][$a679baf73baafa7c9f0ada0622c739c32]=1;}ksort($ad490419709e2e8f3f8176b1dd07bb281);foreach($ad490419709e2e8f3f8176b1dd07bb281 as &$a9b6dfdb0fc4e83a29530c5166ed7907f){ksort($a9b6dfdb0fc4e83a29530c5166ed7907f);}print_r($ad490419709e2e8f3f8176b1dd07bb281);?>
@rogeriolino

This comment has been minimized.

Show comment Hide comment
@rogeriolino

rogeriolino Jan 21, 2015

Compiling and running:

javac coolphpobfuscator/Coolphpobfuscator.java
jar cf obfuscator.jar coolphpobfuscator 
java -cp obfuscator.jar coolphpobfuscator.Coolphpobfuscator inputfile.php

Compiling and running:

javac coolphpobfuscator/Coolphpobfuscator.java
jar cf obfuscator.jar coolphpobfuscator 
java -cp obfuscator.jar coolphpobfuscator.Coolphpobfuscator inputfile.php
@rogeriolino

This comment has been minimized.

Show comment Hide comment
@rogeriolino

rogeriolino Jan 23, 2015

@MasterEx the remove comment regex will broken the source code when more than one comment.

To fix change it to:

    code = code.replaceAll("/\\*.*?\\*/", " "); // line 47

@MasterEx the remove comment regex will broken the source code when more than one comment.

To fix change it to:

    code = code.replaceAll("/\\*.*?\\*/", " "); // line 47
@KevinVR

This comment has been minimized.

Show comment Hide comment
@KevinVR

KevinVR Mar 5, 2016

@MasterEx

I don't think this will work if you have the below code:

 <?php
 echo "Show this ; to the      ;      ;      browser";
 echo "test <span style='color: green;'>ok</span>";
 ?>
  1. Since the spaces between the ";" will be removed.
  2. The space between "test" and "ok" will be removed.

I think the only way to get it 100% correct is by implementing a PHP parser. Of course the easiest solution would be to use the php_strip_whitespace() method, however it doesn't remove all spaces (it keeps 1 space).

KevinVR commented Mar 5, 2016

@MasterEx

I don't think this will work if you have the below code:

 <?php
 echo "Show this ; to the      ;      ;      browser";
 echo "test <span style='color: green;'>ok</span>";
 ?>
  1. Since the spaces between the ";" will be removed.
  2. The space between "test" and "ok" will be removed.

I think the only way to get it 100% correct is by implementing a PHP parser. Of course the easiest solution would be to use the php_strip_whitespace() method, however it doesn't remove all spaces (it keeps 1 space).

@RetiredQQ

This comment has been minimized.

Show comment Hide comment
@RetiredQQ

RetiredQQ May 20, 2017

Then first use php formatter before using the obfuscator.

Then first use php formatter before using the obfuscator.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment