Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Obfuscator - The naive and trivial PHP Code obfuscator | deobfuscator
<?php
/**
* Obfuscator - The naive and trivial PHP Code obfuscator | deobfuscator
*
* generate() Generates a obfuscated string of given code
* also gives the chunk value required by work()
* work() Reverses the obfuscated string using chunk value given by generate()
* to original code and then execute the code and returns response
*
* PS: Theoritically, both obfuscation and encryption can be deofuscated
* or decrypted or even the binaries can be reverse engineered. If you
* really want to protect your 'precious' PHP code, lock it up in the
* dungeon of your cranium for forever.
*
* @author adhocore | Jitendra Adhikari <jiten.adhikary@gmail.com>
* @copyright (c) 2013, Jitendra Adhikari
* @todo How about having 'key'ed cipher mechanism?
*/
class Obfuscator {
const MAXCHUNK = 9;
const ROUTINES = 'str_rot13|base64_encode';
const DEROUTINES = 'str_rot13|base64_decode';
public static function generate($code) {
$label = array('obfsCode', 'chunk');
for ($i = self::MAXCHUNK; $i > 1; $i--) {
if (self::obfuscate($obfs = self::obfuscate($code, $i), $i) == $code) {
return array_combine($label, array(self::routine($obfs), $i));
}
}
return array_combine($label, array(self::routine($code), 0));
}
public static function work($obfs, $chunk, array $data = array()) {
($data) and extract($data, EXTR_OVERWRITE);
ob_start();
if ($chunk < 2) {
return eval(self::deroutine($obfs)) ?: ob_get_clean();
}
return eval(self::obfuscate(self::deroutine($obfs), $chunk)) ?: ob_get_clean();
}
private static function obfuscate($string, $chunk = 3) {
$obfsCode = '';
$evalChunk = implode('.', array_map(function($digit) {
return '$string[$i+' . $digit . ']';
}, range($chunk - 1, 0, -1)));
for ($i = 0; ($i + $chunk - 1) <= strlen($string); $i += $chunk) {
$obfsCode .= eval("return @$evalChunk;");
}
return $obfsCode;
}
private static function routine($input) {
foreach (explode('|', self::ROUTINES) as $proc) {
if (is_callable($proc)) {
$input = $proc($input);
}
}
return $input;
}
private static function deroutine($input) {
foreach (array_reverse(explode('|', self::DEROUTINES)) as $proc) {
if (is_callable($proc)) {
$input = $proc($input);
}
}
return $input;
}
public static function dump($d) {
echo '<pre>', print_r($d, true), '</pre>';
}
}
/**********************************************************
* Below are given some tests that are illustrative enough
* to hint you about its usage
**********************************************************
*/
#####################################################
# 1. using https://gist.github.com/adhocore/7859738
#####################################################
// generate obfuscated code
$block = <<<'BLOCK'
echo implode('<br/>', array_map(function($d){
return ($d%15==0)?'fizzbuzz':($d%5==0?'buzz':($d%3==0?'fizz':$d));
}, range(1,100)));
BLOCK;
$obfuscated = Obfuscator::generate($block);
Obfuscator::dump($obfuscated); // lets see what the obfuscates looks like
// work back the obfuscated code and execute and return the output
$output = Obfuscator::work($obfuscated['obfsCode'], $obfuscated['chunk']);
echo $output; // 1<br/>2<br/>fizz<br/>4<br/>buzz<br/>fizz<br/>7<br/>8<br/>fizz<br/>buzz<br/>11<br/>fizz<br/>13<br/>14<br/>fizzbuzz<br/>16<br/>17<br/>fizz<br/>19<br/>buzz<br/>fizz<br/>22<br/>23<br/>fizz<br/>buzz<br/>26<br/>fizz<br/>28<br/>29<br/>fizzbuzz<br/>31<br/>32<br/>fizz<br/>34<br/>buzz<br/>fizz<br/>37<br/>38<br/>fizz<br/>buzz<br/>41<br/>fizz<br/>43<br/>44<br/>fizzbuzz<br/>46<br/>47<br/>fizz<br/>49<br/>buzz<br/>fizz<br/>52<br/>53<br/>fizz<br/>buzz<br/>56<br/>fizz<br/>58<br/>59<br/>fizzbuzz<br/>61<br/>62<br/>fizz<br/>64<br/>buzz<br/>fizz<br/>67<br/>68<br/>fizz<br/>buzz<br/>71<br/>fizz<br/>73<br/>74<br/>fizzbuzz<br/>76<br/>77<br/>fizz<br/>79<br/>buzz<br/>fizz<br/>82<br/>83<br/>fizz<br/>buzz<br/>86<br/>fizz<br/>88<br/>89<br/>fizzbuzz<br/>91<br/>92<br/>fizz<br/>94<br/>buzz<br/>fizz<br/>97<br/>98<br/>fizz<br/>buzz
#####################################################
# 2. using https://gist.github.com/adhocore/8024324
#####################################################
$block = <<<'BLOCK'
function maxBorderLen($S){
$m = 0;
$l = (int) strlen($S) / 2;
for ($i = 1; $i < $l; $i++) {
if ($b = substr($S, 0, $i) and $b == substr($S, 0-$i)
and substr_count($S, $b) > 2
) {
$m = $i;
}
}
return $m;
}
echo maxBorderLen('abczabczabc'); // 3
echo maxBorderLen('abczbcazabcab'); // 2
BLOCK;
$obfuscated = Obfuscator::generate($block);
Obfuscator::dump($obfuscated);
$output = Obfuscator::work($obfuscated['obfsCode'], $obfuscated['chunk']);
echo $output; // 32
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment