public
Last active

A PHP code obfuscator implemented in java as a proof of concept

  • Download Gist
Coolphpobfuscator.java
Java
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85
package coolphpobfuscator;
 
import java.io.File;
import java.io.FileNotFoundException;
import java.math.BigInteger;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.Scanner;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
 
/**
*
* @author periklis master_ex ntanasis - pntanasis@gmail.com
*/
public class Coolphpobfuscator {
 
// found here: http://snippets.dzone.com/posts/show/3686
public static String md5(String s) throws Exception {
MessageDigest m = MessageDigest.getInstance("MD5");
m.update(s.getBytes(), 0, s.length());
return new BigInteger(1, m.digest()).toString(16);
}
 
public static void main(String[] args) throws FileNotFoundException, NoSuchAlgorithmException, Exception {
if (args.length == 0) {
System.err.println("Arguments are missing");
System.exit(1);
}
 
File input = new File(args[0]);
Scanner in = new Scanner(input);
 
String code = "";
 
while (in.hasNext()) {
code += in.nextLine() + "\n";
}
 
/**
* Here we'll start erasing and altering stuff
*/
code = code.replaceAll("\t", ""); // not tabs
code = code.replaceAll("\n+", " "); // not line breaks
code = code.replaceAll("/\\*.*\\*/", " "); // remove the comments
code = code.replaceAll(" *; *", ";"); // remove spaces after ;
code = code.replaceAll(" *[{] *", "{");
code = code.replaceAll(" *[}] *", "}");
code = code.replaceAll(" *[=] *", "=");
code = code.replaceAll(" *[<] *", "<");
code = code.replaceAll(" *[>] *", ">");
code = code.replaceAll(" *[(] *", "(");
code = code.replaceAll(" *[)] *", ")");
code = code.replaceAll(" *[,] *", ",");
code = code.replaceAll(" +", " ");
 
Pattern MY_PATTERN = Pattern.compile("\\$(\\w|\\d)+"); // match variable names
Matcher m = MY_PATTERN.matcher(code);
 
ArrayList<String> variables = new ArrayList();
 
// place every variable name in an array
int index = 0;
while (m.find(index)) {
if (!variables.contains(m.group())) {
variables.add(m.group());
}
index = m.end();
}
 
// rename the variables with their md5hash (with a leading a infront to
// ensure that their name will start with letter)
Iterator<String> itr = variables.iterator();
while (itr.hasNext()) {
String variablename = itr.next();
code = code.replaceAll("\\" + variablename, "\\$a" + Coolphpobfuscator.md5(variablename));
}
 
// Print the code after the changes
System.out.println(code);
 
}
}
README.md
Markdown

This is a PHP code obfuscator.

It is pretty plain and it's purpose is to demonstrate how a PHP obfuscator works in practice.

==Usage==

java -jar Coolphpobfuscator.jar phpfilename.php

The output will be printed in the standard output.

code.php
PHP
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28
<?php
 
/**
* Better use arrays by reference
* http://php.net/manual/en/language.references.php
*
*/
 
$input = "this is my sample which is sorted and simple";
 
echo "Input: ".$input."<br/>";
 
foreach(explode(" ",$input) as $in)
{
if(isset($firstarray[strlen($in)][$in]))
$firstarray[strlen($in)][$in]++;
else
$firstarray[strlen($in)][$in] = 1;
}
 
ksort($firstarray);
foreach($firstarray as &$secarray)
{
ksort($secarray);
}
print_r($firstarray);
 
?>
output.php
PHP
1
<?php $a6c6f2ffa347ef13815db0c336428e5a1="this is my sample which is sorted and simple";echo "Input: ".$a6c6f2ffa347ef13815db0c336428e5a1."<br/>";foreach(explode(" ",$a6c6f2ffa347ef13815db0c336428e5a1)as $a679baf73baafa7c9f0ada0622c739c32){if(isset($ad490419709e2e8f3f8176b1dd07bb281[strlen($a679baf73baafa7c9f0ada0622c739c32)][$a679baf73baafa7c9f0ada0622c739c32]))$ad490419709e2e8f3f8176b1dd07bb281[strlen($a679baf73baafa7c9f0ada0622c739c32)][$a679baf73baafa7c9f0ada0622c739c32]++;else $ad490419709e2e8f3f8176b1dd07bb281[strlen($a679baf73baafa7c9f0ada0622c739c32)][$a679baf73baafa7c9f0ada0622c739c32]=1;}ksort($ad490419709e2e8f3f8176b1dd07bb281);foreach($ad490419709e2e8f3f8176b1dd07bb281 as &$a9b6dfdb0fc4e83a29530c5166ed7907f){ksort($a9b6dfdb0fc4e83a29530c5166ed7907f);}print_r($ad490419709e2e8f3f8176b1dd07bb281);?>

Please sign in to comment on this gist.

Something went wrong with that request. Please try again.