Obfuscate PHP code

So you write some software in PHP and are about to upload it to the server. But what if the server is not secure, what if it gets compromised, what if somebody steals your intellectual property? There may be situations where you are really concerned about it.

In most situations the best practical solution is to simply obfuscate your code, by making it unreadable to humans. It can still get stolen and used as it is, but it is very hard to practically impossible to restore the logic behind the code. And that is sufficient in most situations.

Quite good tool for that is YAK Pro. It works really well for small projects. As your project gets big and complicated, it begins to mess up the code, which makes the output unusable. But for small projects it is just fine. See for yourself, if you can make use of it.

The easiest way to install it is to use git.

1) Go to the directory where you want to have the obfuscator directory created, then type:

git clone https://github.com/pk-fr/yakpro-po.git

2) Change into the newly created directory and again type:

git clone –branch=1.x https://github.com/nikic/PHP-Parser.git

NOTE: It is “branch” with two dashes “-” before it, WordPress may mess up the text formatting.

Afterwards you may test it in action.

Create a test file hello.php.


Then run: ./yakpro-po.php hello.php > obfuscated.php When you look into the new file you see this:


The code does not make much sense, if you ask me, but nevertheless it works perfectly well. Just run it as you normally would and see for yourself:

php -f obfuscated.php

Advertisements

One Comment on “Obfuscate PHP code”

  1. Geri says:

    Heckuva good job. I sure apetcpiare it.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s