Full Disclosure mailing list archives
Re: Ioncube Encoded PHP Files
From: Stefan Esser <sesser () hardened-php net>
Date: Wed, 21 Dec 2005 15:27:40 +0100
Hello, Ioncube encoded PHP files can be easily disassembled with tools like the Vulcan Logic PHP Bytecode Disassembler. Because there is no obfuscation at the bytecode level in Ioncube the disassembler results look very similiar to the bytecode disassembly of not encrypted files. Zend tools are not as weak at Ioncube but they can also be disassembled (if you know how to decrypt the opcode arrays in memory). Of course there is some work to get useable source code from this disassembly, but if you only want to store variables in a way that their content cannot be read then these protections are simply too weak, because you can read their values from the disassembly. Stefan Esser -- -------------------------------------------------------------------------- Stefan Esser sesser () php net Hardened-PHP Project http://www.hardened-php.net/ GPG-Key gpg --keyserver pgp.mit.edu --recv-key 0x15ABDA78 Key fingerprint 7806 58C8 CFA8 CE4A 1C2C 57DD 4AE1 795E 15AB DA78 -------------------------------------------------------------------------- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Ioncube Encoded PHP Files mz4ph0d (Dec 21)
- Re: Ioncube Encoded PHP Files Joachim Schipper (Dec 21)
- Re: Ioncube Encoded PHP Files mz4ph0d (Dec 21)
- Re: Ioncube Encoded PHP Files Joachim Schipper (Dec 21)
- Re: Ioncube Encoded PHP Files Valdis . Kletnieks (Dec 21)
- Re: Ioncube Encoded PHP Files Joachim Schipper (Dec 22)
- Re: Ioncube Encoded PHP Files mz4ph0d (Dec 21)
- Re: Ioncube Encoded PHP Files Stefan Esser (Dec 21)
- Re: Ioncube Encoded PHP Files Joachim Schipper (Dec 21)