Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

I can revert the code easily ;) #26

Open
tbvinh opened this issue Oct 31, 2021 · 8 comments
Open

I can revert the code easily ;) #26

tbvinh opened this issue Oct 31, 2021 · 8 comments

Comments

@tbvinh
Copy link

tbvinh commented Oct 31, 2021

#Edit the obfuscate file:

  1. Find the line: "$_();$_($_($_($))); $_____=$_();"
  2. Delete all to end of file
  3. Add some lines to see the original source code:
    --------------------------------------
    $source = base64_decode(gzuncompress(base64_decode($)));
    $idx = strpos($source, "eval(\$
    __)");
    $orgSource = substr($source, $idx + 24);
    echo "<br/>ORIGIN SOURCE<br/><pre> $orgSource </pre> <br/>";
    ---------------------------------------

Please see the php code at my gist:
https://gist.github.com/tbvinh/d3a833321b4ba7e292253aa5a76ef52e

@tbvinh tbvinh changed the title I can revert the code easy ;) I can revert the code easily ;) Oct 31, 2021
@MasterB0t
Copy link

Yes, within 5 minutes I figure it out too .. its just a "stupid base64 encode script"

@pH-7
Copy link
Owner

pH-7 commented Jan 14, 2022

Thanks for your suggestions! I appreciate this. Would you like to add more level of complexity and obfuscation? I'm more than happy to review any of your PRs you want to add here 🥳

@MasterB0t
Copy link

MasterB0t commented Apr 21, 2022

Try this one https://github.com/pk-fr/yakpro-po
its a really good one, it rename functions, classes, variable in to random characters it also add a lot of goto statement to make it even more hard to read.

@2braincells2go
Copy link

@MasterB0t How is Yak better and harder to decode? I assume you can tell us the difference and how it is better.

@MasterB0t
Copy link

@2braincells2go sure,
This software use base64_encode and gzcompress to encode the php code you can use base64_decode and gzuncompress and you will get the original code. Those function are not to encode source code or obfuscate it, made it hard to understand.

Yakpro in other hard transform code, it rename variables, functions, class name, method into random characters so if you have a function something like this
function login($username,$password) { }
it turn it into
function dd30d0uj09r03uru30r03ur($odj0303ui0d3ur,$fj03j0j30jf30) {}
but also use the the goto statement so the code is not in order from line 1 to bottom ... you can read more about goto here

@2braincells2go
Copy link

@MasterB0t Thank you for explaining! Makes perfect sense now:)

@parallels999
Copy link

parallels999 commented Oct 31, 2022

@tbvinh it works, it is just base64 encoding, it doesn't ofuscate anything
image

@parallels999
Copy link

**Not just a stupid `base64 encoding` script, but a real and effective obfuscation script.**

image

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

5 participants