How to make code unreadable?_问答_开发者_运维开发者技术经验分享

开发者 https://www.devze.com 2023-01-25 16:20 出处：网络

Like, we have this: 开发者_如何转开发<?php $titles[3] = \'three\'; $titles[2] = \'two\'; $titles[1] = \'one\';

Like, we have this:

<?php
$titles[3] = 'three'; 
$titles[2] = 'two'; 
$titles[1] = 'one'; 
print_r( $titles); 

foreach ($titles as $t ) { 
print "title=$t "; 
}
?>

How to turn it into something, like this?

<?php eval(gzinflate(str_rot13(base64_decode('PGRpdiBzdHlsZT0nPGRpdiBzdPGRpdiBzdHlsZT0nHlsZT0nandsoon')))); ?>

Absolutely don't understand how its done. What is the magic?

Please describe.

Thanks.

The term you are looking for is "obfuscate". If you simply do a google search for "php obfuscators", you'll find software into which you can copy and paste your code and it will obfuscate it for you.

How to make code unreadable? That's easy: Assign it to one of the programmers I work with here.

Try using an obfuscator: http://www.fopo.com.ar/

You're looking for something to obfuscate the code.

Here's an open-source PHP obfuscater: http://www.raizlabs.com/software/phpobfuscator/

well, just do the reverse on the original text, i.e., in this order, gzdeflate, str_rot13, base64_encode.

Doing something like this you are intentionally make your code take longer to execute without adding any benefits whatsoever. Since anyone can decode this code back to the original, it really serves no purpose other than just discovering some capabilities of php and being able to say "look Ma! I am a hacker now"

If you really want to prevent others from reading your code you need something like Zend encoder, which will make your code unreadable and still runnable as php.

Take a look at http://www.ideone.com/vaAXz for a demonstration of what's going on here.

Basically, use of base64_encode, str_rot13 and gzdeflate convert your string into an obfuscated string, which is then de-obfuscated by running it through the reverse functions in the reverse order (gzinflate, str_rot13 again (all it does is *rotate a string 13 places, so a <-> n, b <-> o, etc.), and base64_decode). Then the unobfuscated code is run through eval so that it can be executed.

This isn't a particularly good way of achieving "secure" code, if that's what you're going for, because by providing the steps to deobfuscate your code, you are inherently letting anyone with access to the code convert it back into plaintext. Generally, code obfuscators make your code unreadable by replacing meaningful variables names with things like $a, $b, etc., and by removing comments, whitespace, and whatever other conveniences we normally use to make code readable.