Created
December 31, 2013 16:06
-
-
Save adhocore/8198901 to your computer and use it in GitHub Desktop.
Obfuscator - The naive and trivial PHP Code obfuscator | deobfuscator
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
/** | |
* Obfuscator - The naive and trivial PHP Code obfuscator | deobfuscator | |
* | |
* generate() Generates a obfuscated string of given code | |
* also gives the chunk value required by work() | |
* work() Reverses the obfuscated string using chunk value given by generate() | |
* to original code and then execute the code and returns response | |
* | |
* PS: Theoritically, both obfuscation and encryption can be deofuscated | |
* or decrypted or even the binaries can be reverse engineered. If you | |
* really want to protect your 'precious' PHP code, lock it up in the | |
* dungeon of your cranium for forever. | |
* | |
* @author adhocore | Jitendra Adhikari <jiten.adhikary@gmail.com> | |
* @copyright (c) 2013, Jitendra Adhikari | |
* @todo How about having 'key'ed cipher mechanism? | |
*/ | |
class Obfuscator { | |
const MAXCHUNK = 9; | |
const ROUTINES = 'str_rot13|base64_encode'; | |
const DEROUTINES = 'str_rot13|base64_decode'; | |
public static function generate($code) { | |
$label = array('obfsCode', 'chunk'); | |
for ($i = self::MAXCHUNK; $i > 1; $i--) { | |
if (self::obfuscate($obfs = self::obfuscate($code, $i), $i) == $code) { | |
return array_combine($label, array(self::routine($obfs), $i)); | |
} | |
} | |
return array_combine($label, array(self::routine($code), 0)); | |
} | |
public static function work($obfs, $chunk, array $data = array()) { | |
($data) and extract($data, EXTR_OVERWRITE); | |
ob_start(); | |
if ($chunk < 2) { | |
return eval(self::deroutine($obfs)) ?: ob_get_clean(); | |
} | |
return eval(self::obfuscate(self::deroutine($obfs), $chunk)) ?: ob_get_clean(); | |
} | |
private static function obfuscate($string, $chunk = 3) { | |
$obfsCode = ''; | |
$evalChunk = implode('.', array_map(function($digit) { | |
return '$string[$i+' . $digit . ']'; | |
}, range($chunk - 1, 0, -1))); | |
for ($i = 0; ($i + $chunk - 1) <= strlen($string); $i += $chunk) { | |
$obfsCode .= eval("return @$evalChunk;"); | |
} | |
return $obfsCode; | |
} | |
private static function routine($input) { | |
foreach (explode('|', self::ROUTINES) as $proc) { | |
if (is_callable($proc)) { | |
$input = $proc($input); | |
} | |
} | |
return $input; | |
} | |
private static function deroutine($input) { | |
foreach (array_reverse(explode('|', self::DEROUTINES)) as $proc) { | |
if (is_callable($proc)) { | |
$input = $proc($input); | |
} | |
} | |
return $input; | |
} | |
public static function dump($d) { | |
echo '<pre>', print_r($d, true), '</pre>'; | |
} | |
} | |
/********************************************************** | |
* Below are given some tests that are illustrative enough | |
* to hint you about its usage | |
********************************************************** | |
*/ | |
##################################################### | |
# 1. using https://gist.github.com/adhocore/7859738 | |
##################################################### | |
// generate obfuscated code | |
$block = <<<'BLOCK' | |
echo implode('<br/>', array_map(function($d){ | |
return ($d%15==0)?'fizzbuzz':($d%5==0?'buzz':($d%3==0?'fizz':$d)); | |
}, range(1,100))); | |
BLOCK; | |
$obfuscated = Obfuscator::generate($block); | |
Obfuscator::dump($obfuscated); // lets see what the obfuscates looks like | |
// work back the obfuscated code and execute and return the output | |
$output = Obfuscator::work($obfuscated['obfsCode'], $obfuscated['chunk']); | |
echo $output; // 1<br/>2<br/>fizz<br/>4<br/>buzz<br/>fizz<br/>7<br/>8<br/>fizz<br/>buzz<br/>11<br/>fizz<br/>13<br/>14<br/>fizzbuzz<br/>16<br/>17<br/>fizz<br/>19<br/>buzz<br/>fizz<br/>22<br/>23<br/>fizz<br/>buzz<br/>26<br/>fizz<br/>28<br/>29<br/>fizzbuzz<br/>31<br/>32<br/>fizz<br/>34<br/>buzz<br/>fizz<br/>37<br/>38<br/>fizz<br/>buzz<br/>41<br/>fizz<br/>43<br/>44<br/>fizzbuzz<br/>46<br/>47<br/>fizz<br/>49<br/>buzz<br/>fizz<br/>52<br/>53<br/>fizz<br/>buzz<br/>56<br/>fizz<br/>58<br/>59<br/>fizzbuzz<br/>61<br/>62<br/>fizz<br/>64<br/>buzz<br/>fizz<br/>67<br/>68<br/>fizz<br/>buzz<br/>71<br/>fizz<br/>73<br/>74<br/>fizzbuzz<br/>76<br/>77<br/>fizz<br/>79<br/>buzz<br/>fizz<br/>82<br/>83<br/>fizz<br/>buzz<br/>86<br/>fizz<br/>88<br/>89<br/>fizzbuzz<br/>91<br/>92<br/>fizz<br/>94<br/>buzz<br/>fizz<br/>97<br/>98<br/>fizz<br/>buzz | |
##################################################### | |
# 2. using https://gist.github.com/adhocore/8024324 | |
##################################################### | |
$block = <<<'BLOCK' | |
function maxBorderLen($S){ | |
$m = 0; | |
$l = (int) strlen($S) / 2; | |
for ($i = 1; $i < $l; $i++) { | |
if ($b = substr($S, 0, $i) and $b == substr($S, 0-$i) | |
and substr_count($S, $b) > 2 | |
) { | |
$m = $i; | |
} | |
} | |
return $m; | |
} | |
echo maxBorderLen('abczabczabc'); // 3 | |
echo maxBorderLen('abczbcazabcab'); // 2 | |
BLOCK; | |
$obfuscated = Obfuscator::generate($block); | |
Obfuscator::dump($obfuscated); | |
$output = Obfuscator::work($obfuscated['obfsCode'], $obfuscated['chunk']); | |
echo $output; // 32 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment