Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Ioncube Encoded PHP Files

From: Stefan Esser <sesser () hardened-php net>
Date: Wed, 21 Dec 2005 15:27:40 +0100
Hello,

Ioncube encoded PHP files can be easily disassembled with tools like the
Vulcan Logic PHP Bytecode Disassembler. Because there is no obfuscation
at the bytecode level in Ioncube the disassembler results look very
similiar to the bytecode disassembly of not encrypted files. Zend tools
are not as weak at Ioncube but they can also be disassembled (if you
know how to decrypt the opcode arrays in memory). Of course there is
some work to get useable source code from this disassembly, but if you
only want to store variables in a way that their content cannot be read
then these protections are simply too weak, because you can read their
values from the disassembly.

Stefan Esser

-- 
--------------------------------------------------------------------------
 Stefan Esser                                               sesser () php net
 Hardened-PHP Project                         http://www.hardened-php.net/

 GPG-Key                gpg --keyserver pgp.mit.edu --recv-key 0x15ABDA78
 Key fingerprint       7806 58C8 CFA8 CE4A 1C2C  57DD 4AE1 795E 15AB DA78
--------------------------------------------------------------------------

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: