0

I came across many ways and countless number of applications to encode php files, as in zend encoder and iconcube, as well as applications like php lockit.

my question is, what is the most effective way to ensure my encoded files wont be decoded.

the following criteria are a plus: no need for extra plugins for php. lightweight and no extensive resource power during decryption free and easy to use encoding via windows platform (i do not wish to encode files in the main server)

Charles
  • 50,943
  • 13
  • 104
  • 142
TDSii
  • 1,675
  • 4
  • 20
  • 29
  • 3
    The simplest answer is to run the files on _your_ server, and sell services to your customers. If you let them touch it, they can decode it. – sarnold Mar 31 '11 at 10:58
  • didn't Facebook recently release a library that compiles PHP to C++? http://developers.facebook.com/blog/post/358 – GordonM Mar 31 '11 at 11:01
  • 4
    the following criteria are a plus: `I want everything for free with no efforts` – Your Common Sense Mar 31 '11 at 11:01
  • 1
    Especially with your criteria "no need for extra plugins" is nearly impossible. – KingCrunch Mar 31 '11 at 11:03
  • 1
    I have a 1 mile high building and want to cover it with a giant plastic bag but it has to be free and you mustn't use any tools to put the plastic bag over that building. It also mustn't weight much and be easy and quick to put over. – ITroubs Mar 31 '11 at 11:41
  • Lol at @Col Shrapnel and @ITroubs's comments – Cogicero Mar 31 '11 at 15:12

1 Answers1

1

I've seen a lot of Wordpress malware obfuscated like this:

eval(base64_decode('some-base64-encoded-php-payload'));

This definitely won't ensure that your files can't be decoded, though. At best, it may make your program more "moron resistant." (I dare not say "moron proof".)

If people out there can reverse Stuxnet, they can reverse your PHP, you know? But if you're just trying to hide your code from casual reading, the above might be helpful.

Chris Allen Lane
  • 6,334
  • 5
  • 25
  • 31