Uninitiated people often ask questions like “How do I decode an obfuscated PHP-script?”, “Is PHP-script obfuscation safe enough?” and even like “Would you help me to deobfuscate it please, wouldn’t you?”. The main purpose of this article is to show, that obfuscators provide absolutely no protection in 90% cases (which are able to provide protection only from people, who got acquainted with programming language for the first time in their lives). It can be removed in 10 to 20 minutes, as a result you get PHP script in its original form. The rest 10% cases demonstrate slightly stronger protection, which can be removed in similar ways though. If you wish to learn how to remove obfuscation from scripts on your own, then this article is what you need!
Here is a nice PHP-code obfuscator.
[+] obfuscate variable names
[+] obfuscate function names
[+] encode static strings
[+] obfuscate built-in PHP functions names
[+] obfuscate INTEGERs
[+] compress the script
[+] archivate the script
[+] add some trash-comments
[+++] do lots of other interesting functions
The obfuscator does not support eval() and $$var_name constructions.
Here is the script allowing you to check the integrity of your site’s files.
Site File Checker script will help you to know, that all of files on your site was not changed without your notice, that they don’t contain any virus, exploit or backdoor inserts. Script will count checksums of all of your files situated in the script root directory and also in nested directories. Then script will also save all last change timestamps of files.
While checking, the script will show directory changes (it will show new ones and deleted), file changes (it will display deleted, created and modified files).
It is recommended to remove the script from your server each time you create checksums to make it safe to hacker’s changes.
Before the first use, open the script in the notepad and edit your administrator’s login and password.
The script can be downloaded here.