Just a quick note - Similar to my previous approach in JavaScript Stefan Esser from Month of PHP Security successfully tried to deobfuscate a PHP script today.
He developed a PHP extension called evalhook that, well, hooks into eval()calls in PHP, displays a code to be executed and asks for a confirmation to run it. That way all user space PHP obfuscators (usually called encoders) are pointless - so please don't use them to protect your script from being seen.
Funny thing is that Stefan took the same way as me to deobfuscate a code written in a dynamic language - just hook into eval() and you're done. It's THAT simple.
Go ahead and read more on decoding a user space PHP script.
Thursday, May 13, 2010
Subscribe to:
Post Comments (Atom)
Posts
1 comment:
Has anyone built evalhook for windows? Possibly as a .dll to add to PHP? I can't seem to get it working.
Post a Comment