2

I using Ioncube for scripts obfuscation and working but if script have a mysqli functions(db, connect or etc.), not working. example for worked script:

<?php
session_start();

$errorMessage = "";
header('Content-Type: text/html; charset=utf-8');

include_once('language.php');

if (isset($_SESSION['logged_in']) && $_SESSION['logged_in'] === true) {
   header('Location: index.php');
}

require_once('config.php');
if (isset($_POST['Username']) && isset($_POST['Password'])){
    $log_username = $_POST['Username'];
    $log_password = $_POST['Password'];

    if($log_username == $username && $log_password == $password){
        $_SESSION['logged_in'] = true;
        header('Location: index.php');
    }else{
        $errorMessage="Wrong username/password.";
    }       
}

And not work:

require_once("config.php");

$db = new mysqli($mysql_host, $mysql_user, $mysql_password) or die(__LINE__ . ' Invalid connect: ' . mysqli_error());
$db->select_db($mysql_database) or die( "Unable to select database. Run setup first.");

$stmt = $db->prepare("SELECT * FROM messages WHERE status = 0");
$success = $stmt->execute();
$stmt->store_result(); 
$num_rows_victim = $stmt->num_rows;
$stmt->close();

It gives such an error message:

[04-Dec-2016 11:15:26 Europe/Moscow] PHP Fatal error:  Class '[obfuscated]' not found in /home/u6820440/public_html/test/index.php on line 0

I looked for all forums but I did not find any solution.

Ö. Demir
  • 31
  • 1
  • Maybe this is a bug in the obfuscation tool. Those things are usually worthless as a determined attacker can always get the code back out of them. – tadman Dec 04 '16 at 21:40

0 Answers0