我从网上下了一个小软件,说是可以加密php代码,试了下,加密后果然看不出源码。请问下这是什么原理?比如一个文件test.php,只有一行内容.
<?php
phpinfo();
?>用它加密后生成加密后的文件,全部内容如下:<?php // This file is protected by copyright law & provided under license. Copyright(C) 2005-2009 www.vidun.com, All rights reserved.
$OOO0O0O00=__FILE__;
$OOO000000=urldecode('%74%68%36%73%62%65%68%71%6c%61%34%63%6f%5f%73%61%64%66%70%6e%72');
$OO00O0000=20;$OOO0000O0=$OOO000000{4}.$OOO000000{9}.$OOO000000{3}.$OOO000000{5};
$OOO0000O0.=$OOO000000{2}.$OOO000000{10}.$OOO000000{13}.$OOO000000{16};
$OOO0000O0.=$OOO0000O0{3}.$OOO000000{11}.$OOO000000{12}.$OOO0000O0{7}.$OOO000000{5};
$O0O0000O0='OOO0000O0';eval(($$O0O0000O0('JE9PME9PMDAwMD0kT09PMDAwMDAwezE3fS4k
T09PMDAwMDAwezEyfS4kT09PMDAwMDAwezE4fS4kT09PMDAwM
DAwezV9LiRPT08wMDAwMDB7MTl9O2lmKCEwKSRPMDAwTzBPMDA9JE9P
ME9PMDAwMCgkT09PME8wTzAwLCdyYicpOyRPTzBPTzAwME89JE9PT
zAwMDAwMHsxN30uJE9PTzAwMDAwMHsyMH0uJE9PTzAwMDAwMHs1fS4k
T09PMDAwMDAwezl9LiRPT08wMDAwMDB7MTZ9OyRPTzBPTzAwTzA9JE9
PTzAwMDAwMHsxNH0uJE9PTzAwMDAwMHswfS4kT09PMDAwMDAwe
zIwfS4kT09PMDAwMDAwezB9LiRPT08wMDAwMDB7MjB9OyRPTzBPTzAwME8o
JE8wMDBPME8wMCwxMjU5KTskT08wME8wME8wPSgkT09PMDAwME
8wKCRPTzBPTzAwTzAoJE9PME9PMDAwTygkTzAwME8wTzAwLDM4MCksJ0VudG
VyeW91d2toUkhZS05XT1VUQWFCYkNjRGRGZkdnSWlKakxsTW1
QcFFxU3NWdlh4WnowMTIzNDU2Nzg5Ky89JywnQUJDREVGR0hJSktMTU5PUFFSU
1RVVldYWVphYmNkZWZnaGlqa2xtbm9wcXJzdHV2d3h5ejAxMjM
0NTY3ODkrLycpKSk7ZXZhbCgkT08wME8wME8wKTs=')));return;?>
kr9NHenNHenNHe1zfukgFMaXdoyjcUImb19oUAxyb18mRtwmwJ4
LT09NHr8XTzEXRJwmwJXPkr9NTzEXHenNHtILT08XT08XHr8XhtONTznNTzE
XHr8Pkr8XHenNHr8XHtXLT08XHr8XHeEXhUXmOB50cbk5d3a3D
2iUUylRTlfNaaOnCAkJW2YrcrcMO2fkDApQToxYdanXAbyTF1c2BuiDGjExHjH
0YTC3KeLqRz0mRtfnWLYrOAcuUrlhU0xYTL9WAakTayaBa1ic
BMyJC2OlcMfPDBpqdo1Vd3nxFmY0fbc3Gul6HerZHzW1YjF4KUSvkZLphUL7cMYS
d3YlhtONHeEXTznNHeEpK2a2CBXPkr9NHenNHenNHtL7eWpXDunpdMcvhtL7eWP=这个加密后的文件可以单独运行,不依赖任何其它内容。而且加密后的文件不能修改,即使改了一个字母也报错.这是什么原理?百思不得其解那个软件下载地址:
http://www.vidun.com/vwsoft-vwphpcodelock-intro.html
发贴时说字符串太长,在中间加了些回车。
<?php
phpinfo();
?>用它加密后生成加密后的文件,全部内容如下:<?php // This file is protected by copyright law & provided under license. Copyright(C) 2005-2009 www.vidun.com, All rights reserved.
$OOO0O0O00=__FILE__;
$OOO000000=urldecode('%74%68%36%73%62%65%68%71%6c%61%34%63%6f%5f%73%61%64%66%70%6e%72');
$OO00O0000=20;$OOO0000O0=$OOO000000{4}.$OOO000000{9}.$OOO000000{3}.$OOO000000{5};
$OOO0000O0.=$OOO000000{2}.$OOO000000{10}.$OOO000000{13}.$OOO000000{16};
$OOO0000O0.=$OOO0000O0{3}.$OOO000000{11}.$OOO000000{12}.$OOO0000O0{7}.$OOO000000{5};
$O0O0000O0='OOO0000O0';eval(($$O0O0000O0('JE9PME9PMDAwMD0kT09PMDAwMDAwezE3fS4k
T09PMDAwMDAwezEyfS4kT09PMDAwMDAwezE4fS4kT09PMDAwM
DAwezV9LiRPT08wMDAwMDB7MTl9O2lmKCEwKSRPMDAwTzBPMDA9JE9P
ME9PMDAwMCgkT09PME8wTzAwLCdyYicpOyRPTzBPTzAwME89JE9PT
zAwMDAwMHsxN30uJE9PTzAwMDAwMHsyMH0uJE9PTzAwMDAwMHs1fS4k
T09PMDAwMDAwezl9LiRPT08wMDAwMDB7MTZ9OyRPTzBPTzAwTzA9JE9
PTzAwMDAwMHsxNH0uJE9PTzAwMDAwMHswfS4kT09PMDAwMDAwe
zIwfS4kT09PMDAwMDAwezB9LiRPT08wMDAwMDB7MjB9OyRPTzBPTzAwME8o
JE8wMDBPME8wMCwxMjU5KTskT08wME8wME8wPSgkT09PMDAwME
8wKCRPTzBPTzAwTzAoJE9PME9PMDAwTygkTzAwME8wTzAwLDM4MCksJ0VudG
VyeW91d2toUkhZS05XT1VUQWFCYkNjRGRGZkdnSWlKakxsTW1
QcFFxU3NWdlh4WnowMTIzNDU2Nzg5Ky89JywnQUJDREVGR0hJSktMTU5PUFFSU
1RVVldYWVphYmNkZWZnaGlqa2xtbm9wcXJzdHV2d3h5ejAxMjM
0NTY3ODkrLycpKSk7ZXZhbCgkT08wME8wME8wKTs=')));return;?>
kr9NHenNHenNHe1zfukgFMaXdoyjcUImb19oUAxyb18mRtwmwJ4
LT09NHr8XTzEXRJwmwJXPkr9NTzEXHenNHtILT08XT08XHr8XhtONTznNTzE
XHr8Pkr8XHenNHr8XHtXLT08XHr8XHeEXhUXmOB50cbk5d3a3D
2iUUylRTlfNaaOnCAkJW2YrcrcMO2fkDApQToxYdanXAbyTF1c2BuiDGjExHjH
0YTC3KeLqRz0mRtfnWLYrOAcuUrlhU0xYTL9WAakTayaBa1ic
BMyJC2OlcMfPDBpqdo1Vd3nxFmY0fbc3Gul6HerZHzW1YjF4KUSvkZLphUL7cMYS
d3YlhtONHeEXTznNHeEpK2a2CBXPkr9NHenNHenNHtL7eWpXDunpdMcvhtL7eWP=这个加密后的文件可以单独运行,不依赖任何其它内容。而且加密后的文件不能修改,即使改了一个字母也报错.这是什么原理?百思不得其解那个软件下载地址:
http://www.vidun.com/vwsoft-vwphpcodelock-intro.html
发贴时说字符串太长,在中间加了些回车。
$OOO000000=urldecode('%74%68%36%73%62%65%68%71%6c%61%34%63%6f%5f%73%61%64%66%70%6e%72');
变量名其实是大写的o,拼接上数字0来构成,建议将大写o利用文本编辑器变换成小写o,方便查看.然后urldecode('%74%68%36%73%62%65%68%71%6c%61%34%63%6f%5f%73%61%64%66%70%6e%72');这样得到的是一个
th6sbehqla4co_sadfpnr 这样的一个串,这个串里面有4个关键函数
1.base64_decode (原串的第4,9,3,5,2,10,13,16.....)
2.fopen(读取__FILE__,本文件)(原串的)(17,12,18,5,19)
3.fread(读至某个位置)(17,20,5,9,16)
4.strtr(替换)(14,0,20,0,20)
最后在两层eval,得到原文件的代码串.
大概就是利用这几个函数进行操作的..没时间深入..