Goodlookinguy
2009-05-22, 12:15 AM
EDIT 10/19/2010: I noticed that this is getting a lot of attention. I haven't touched this in ages, and it ISN'T made for obfuscating non-class files. On top of that, it has many, many, many, problems! I DO NOT RECOMMEND IT'S USAGE! Since this, I've had a much larger, true obfuscater on the way. So once again, I do not support this anymore!
Will some people here take this for a spin. I've only tested it with my stuff. I need to know if it works for more than just my code. Oh, and this is version 0.8. It isn't perfect, and probably has several bugs that I don't know about.
-----------------------------
Here's the code.
obfu.php
<?php
/*
* COPYRIGHT (c) 2009 Goodlookinguy under RWM Network LLC. All rights reserved.
* All material is intellectual property and is copyrighted. Unauthorized use
* may result in legal action against the party(s) accessing, modifying, plagiarizing,
* republishing, or redistributing copywritten content without proper authorization.
*
* IF YOU WISH TO USE THIS MATERIAL UNDER FREE OR OPEN SOURCE WORK. PLEASE CONTACT
* THE AUTHOR RESPECTIVELY AT [email protected] FOR AUTHORIZATION. COMMERCIAL
* USE IS FORBIDDEN BY THIS COPYRIGHT.
*
* Essencial Security 900
* * checkReferrer
* Essencial Security 990
* * checkMethod
*/
error_reporting(E_ALL & (~E_NOTICE&~E_WARNING));
/* Settings */
$your_domain = "localhost";
$ini_max_exec_time = 960;
$ini_max_input_time = 960;
$ini_memory_limit = 512; // In Mega Bytes (Not Mega Bits)
/* Set 'em */
if (intval(ini_get("max_execution_time")) < $ini_max_exec_time) {
ini_set("max_execution_time",$ini_max_exec_time."");
}
if (intval(ini_get("max_input_time")) < $ini_max_input_time) {
ini_set("max_input_time",$ini_max_input_time."");
}
if (intval(ini_get("memory_limit")) < $ini_memory_limit) {
ini_set("memory_limit", $ini_memory_limit."M");
}
/* Classes */
class security {
// ES900
// Check Referring Domain
// Good for data sent
public function checkReferrer($domain_name) {
// Prepare $is_domain for Regex
$is_domain = preg_replace("/\./","\.",$domain_name);
// Get Matches
preg_match("/http:\/\/".$is_domain."/",$_SERVER["HTTP_REFERER"], $matches);
// if no match
if (!$matches[0]) {
// return false
return false;
}
// if match
else {
// Get domain with http:// length
$length = strlen("http://".$domain_name);
// Set check to value of domain length
// e.g. http://example.com = 18 length
// http://example.com/dmam is cut to http://example.com
// $check = HTTP_REFERER cut to length of domain
$check = substr($_SERVER["HTTP_REFERER"],0,$length);
// Cleanup
unset($length);
// Check if Refererring domain is your domain
if ($check!="http://".$domain_name) {
// return false
return false;
}
else {
// return true
// However, there is an exception, this is not 100% effective
// http://example.com == http://example.com.tt
// That is a rare case though, so I wouldn't worry
return true;
}
}
}
// ES990
public function checkMethod($method) {
$sentMethod = $_SERVER["REQUEST_METHOD"];
if ($method == $sentMethod) {
return true;
}
else {
return false;
}
}
}
class temp {
public static function alter($input) {
// Magic Quotes should be turned off.
$input = stripslashes($input);
$input = htmlentities($input);
$input = preg_replace("/'/","'",$input);
//$input = preg_replace('/"/',""",$input);
return $input;
}
public static function dismiss($input) {
$input = preg_replace("/'/","'",$input);
$input = html_entity_decode($input);
//$input = preg_replace("/"/",'"',$input);
return $input;
}
}
function QuoteData($input,$method="decode") {
if ($method="encode") {
//while (preg_match('%"([^"].*?)(a|e|i|o|u|A|E|I|O|U|@|/)([^"].*?)"%',$input)) {
$input = preg_replace(array("/"(.*?)a(.*?)"/","/"(.*?)e(.*?)"/","/"(.*?)i(.*?)"/","/"(.*?)o(.*?)"/","/"(.*?)u(.*?)"/","/"(.*?)A(.*?)"/","/"(.*?)E(.*?)"/","/"(.*?)I(.*?)"/","/"(.*?)O(.*?)"/","/"(.*?)U(.*?)"/","/"(.*?)\@(.*?)"/","%"(.*?)/(.*?)"%"),array(""$1a$2"",""$1e$2"",""$1i$2"",""$1o$2"",""$1u$2"",""$1A$2"",""$1E$2"",""$1I$2"",""$1O$2"",""$1U$2"",""$1@$2"",""$1/$2""),$input);
//}
return $input;
}
else {
// Method Decode
//while (preg_match('%"([^"].*?)&#(97|101|105|111|117|65|69|73|79|85|64|47);([^"].*?)"%',$input)) {
$input = preg_replace(array("/"(.*?)a(.*?)"/","/"(.*?)e(.*?)"/","/"(.*?)i(.*?)"/","/"(.*?)o(.*?)"/","/"(.*?)u(.*?)"/","/"(.*?)A(.*?)"/","/"(.*?)E(.*?)"/","/"(.*?)I(.*?)"/","/"(.*?)O(.*?)"/;","/"(.*?)U(.*?)"/","/"(.*?)@(.*?)"/","/"(.*?)/(.*?)"/"),array(""$1a$2"",""$1e$2"",""$1i$2"",""$1o$2"",""$1u$2"",""$1A$2"",""$1E$2"",""$1I$2"",""$1O$2"",""$1U$2"",""$1@$2"",""$1/$2""),$input);
//}
return $input;
}
return $input;
}
function removeWhiteSpace($input) {
$input = QuoteData($input,"encode");
// Remove Comments From Code
$input = preg_replace(array("/\/\/(.*?)(\n|\r|\z)/","/&#(.*?);/","/#(.*?)(\n|\r|\z)/","/&-_-(.*?);/"),array("$2","&-_-$1;","$2","&#$1;"),$input);
// Remove Most White Space
$input = preg_replace(array("/\t/","/\s\s/","/(\n|\r)/",'%/\*(.*?)\*/%'),array("","","",""),$input);
// Remove Cetain Packs of White Space
$input = preg_replace(array("/\)(\s)?\{/","/([A-z0-9_])\s(\(|\{)/","/(\s)?(!|~|\||&|=|>|<|\/|\+|\*|\+|-|\^|%)(\s)?([^\+-\/\*])/"),array("){","$1$2","$2$4"),$input);
// Final White Space Remover
// Hopefully, all useless white space should be removed by this point.
$input = preg_replace(array("/(;|\}|\{|\)|\()(\s)+([A-z0-9_\$;\}\(\)\{])/","/(;|\}|\{|\)|\()(\s)+([A-z0-9_\$;\}\(\)\{])/","/(;|\}|\{|\)|\()(\s)+([A-z0-9_\$;\}\(\)\{])/","/(;|\}|\{|\)|\()(\s)+([A-z0-9_\$;\}\(\)\{])/"),array("$1$3","$1$3","$1$3","$1$3"),$input);
return QuoteData($input);
}
/* Functions */
function wrapPHP($input,$times,$obfu,$pack,$ver) {
$input = preg_replace("/nrgPlus/","+",$input);
$input = temp::alter($input);
/* Pack */
if ($pack == true) {
$input = removeWhiteSpace($input);
}
$input = temp::dismiss($input);
/* Obfuscation */
if ($obfu == true) {
$matches = array();
// Special Output Exclusions
$input = preg_replace("/nrgDollar(GLOBALS|_(SERVER|GET|POST|FILES|REQUEST| SESSION|ENV|COOKIE)|php_errormsg|HTTP_RAW_POST_DAT A|http_response_header|argc|argv|this|([0-9])+)/","nrgSpecial$1",$input);
preg_match_all("/(nrgDollar([A-z0-9_])+)(\w|\z)?/",$input,$matches);
if ($matches[0][0]!="") {
for ($x = 0; $x < count($matches[0]); $x++) {
$matches[0][$x] = preg_replace("/(nrgDollar([A-z0-9_])+)(\w|\z)?/","/\b$1\b/",$matches[0][$x]);
}
$outcome = "";
$outrepl = "";
$gogogo = array();
for ($x = 0; $x < count($matches[0]); $x++) {
preg_match_all($matches[0][$x],$outcome,$gogogo);
if ($gogogo[0][0]==""|NULL|FALSE) {
$outcome .= str_replace("\\b","",$matches[0][$x]).",";
}
}
$outcome = preg_replace("/,\z/","",$outcome);
$lower_alpha = array("a","b","c","d","e","f","g","h","i","j","k","l","m","n","o","p","q","r","s","t","u","v","w","x","y","z");
$find = split(",",$outcome);
for ($x = 0; $x < count($find); $x++) {
$find[$x] = preg_replace("/\/(.*?)\//","/\b$1\b/",$find[$x]);
}
// This is a rewrite of the previous Variable Maker (Below)
// New Version | Incomplete (Work in progress)
// This is even starting to confuse me. Too much math.
/*
$xZ = count($lower_alpha);
$xY = 0;
for ($x = 0; $xZ < count($find); $x++) {
if ($xZ^$x > count($find)) {
$xY = $xZ^$x;
}
}
if ($x === 0 || !!$x || $x == "") {
$x = 1;
$xY = $xZ^$x;
}
$internalSwitch = false;
$forValOne = 0;
for ($n = 0; $n < count($find) && count($find) >= count(split(",",$outrepl)); $n++) {
while (count($find) >
$outrepl .= $lower_alpha[$n];
if ($internalSwitch == true) {
for ($y = 0; $y < $x; $y++) {
$outrepl .= $lower_alpha[$forValOne];
$forValOne += 1;
}
}
if ($lower_alpha[$n] == $lower_alpha[count($lower_alpha)-1]) {
$internalSwitch = true;
}
$outrepl .= ",";
}*/
// Old Version | Max Variable Count is 702 = 26 * 26 + 26
$xZ = 0;
for ($x = 0; $x < count($find); $x++) {
if (count($find) > count($lower_alpha)) {
if ($xZ >= 26) {
$z = 0;
$xZ = 0;
for ($y = 0; $y < count($find); $y++) {
$outrepl .= $lower_alpha[$xZ].$lower_alpha[$z].",";
$z += 1;
if ($z == 26) {
$z = 0;
$x += 1;
$xZ += 1;
}
}
}
else {
$outrepl .= $lower_alpha[$x].",";
}
}
else {
$outrepl .= $lower_alpha[$x].",";
}
$xZ += 1;
}
$outrepl = preg_replace("/(([A-z])+)(\x{002C}|,)/","nrgDollar$1,",$outrepl);
$outrepl = preg_replace("/,\z/","",$outrepl);
$replace = split(",",$outrepl);
if (!!$find[0] && !!$replace[0]) {
$input = preg_replace($find,$replace,$input);
}
}
}
$input = str_replace("nrgAmp","&",preg_replace("/nrg(Dollar|Special)/","\$",$input));
/* Encode */
for ($x=0; $x <= $times; $x++) {
if ($ver === 0) {
$input = "eval(gzinflate(urldecode(str_rot13(base64_decode(\"".base64_encode(str_rot13(urlencode(gzdeflate($inpu t))))."\")))));";
}
else if ($ver === 1) {
$input = "eval(gzinflate(urldecode(str_rot13(base64_decode(\"".base64_encode(str_rot13(urlencode(gzdeflate($inpu t))))."\")))))";
}
}
return $input;
}
// ---------------------------------------- wrapHTML ---
function wrapHTML($input,$pack,$encode) {
$input = preg_replace("/nrgPlus/","+",$input);
/* Pack */
if ($pack == true) {
// First White Space and Comment Remover
$input = preg_replace("/(\s)+/"," ",$input);
$input = preg_replace(array("/(\n|\r)/","/>(\s)+?/","/(\s)+?</","/<!--(.*?)-->/","/\/\*(.*?)\*\//"),array("",">","<","",""),$input);
}
if ($encode == true) {
// Encode
}
return preg_replace("/nrgDollar/","\$",$input);
}
/* Program */
$security = new Security;
if (!!$security->checkReferrer($your_domain) && !!$security->checkMethod("POST")) {
if (isset($_GET["do"]) && $_GET["do"]!="") {
// obfuscate
if ($_GET["do"]=="obfuscate") {
// If Input is Empty or Null, exit void
if ($_POST["ob_data"]==""|NULL) {
echo "Null or Empty Request Sent";
exit(0);
}
// Set Variables Sent
$postValues = array();
if ($_POST["ob_times"]!="") { $postValues["ob_times"] = substr(intval($_POST["ob_times"]),0,2); } else { $postValues["ob_times"] = 10; }
if ($_POST["passkey_0"]!="") { $postValues["passkey_0"] = md5($_POST["passkey_0"]); } else { $postValues["passkey_0"] = ""; }
if ($_POST["passkey_1"]!="") { $postValues["passkey_0"] = md5($_POST["passkey_1"]); } else { $postValues["passkey_1"] = ""; }
if ($_POST["passkey_2"]!="") { $postValues["passkey_0"] = md5($_POST["passkey_2"]); } else { $postValues["passkey_2"] = ""; }
if ($_POST["passkey_3"]!="") { $postValues["passkey_0"] = md5($_POST["passkey_3"]); } else { $postValues["passkey_3"] = ""; }
/*
if ($postValues['passkey_0']!="") {
$postValues['ob_data'] = $postValues['ob_data'].$postValues['passkey_0'];
$postValues['ob_data'] = "preg_replace(\$pask0,\"\",".wrapUp($postValues['ob_data'],$postValues['ob_times'],0).")";
$writeUp = "\$pask0 = '/".wrapUp($postValues['passkey_0'],rand(0,999),0)."/';";
$postValues['ob_data'] = $writeUp.$postValues['ob_data'];
} */
echo "<div style=\"position:absolute;margin-top:-20px;\">Packed</div><textarea>".wrapPHP(urldecode($_POST['ob_data']),-1,false,true,0)."</textarea>";
echo "<br />Obfuscated<textarea>".wrapPHP(urldecode($_POST['ob_data']),-1,true,false,0)."</textarea>";
echo "<br />Encoded<textarea>".wrapPHP(urldecode($_POST['ob_data']),$postValues['ob_times'],false,false,0)."</textarea>";
echo "<br />Packed and Obfuscated<textarea>".wrapPHP(urldecode($_POST['ob_data']),-1,true,true,0)."</textarea>";
echo "<br />Obfuscated and Encoded<textarea>".wrapPHP(urldecode($_POST['ob_data']),$postValues['ob_times'],true,false,0)."</textarea>";
echo "<br />Packed and Encoded<textarea>".wrapPHP(urldecode($_POST['ob_data']),$postValues['ob_times'],false,true,0)."</textarea>";
echo "<br />Packed, Obfuscated, and Encoded<textarea>".wrapPHP(urldecode($_POST['ob_data']),$postValues['ob_times'],true,true,0)."</textarea>";
}
// unobfuscate
elseif ($_GET['do']=="unobfuscate") {
// Set Variables Sent
}
elseif ($_GET['do']=="htmlObfuscate") {
if ($_POST["ob_data"]==""|NULL) {
echo "Null or Empty Request Sent";
exit(0);
}
echo "<div style=\"position:absolute;margin-top:-20px;\">Packed</div><textarea>".wrapHTML(urldecode($_POST['ob_data']),true,false)."</textarea>";
echo "<br />Encoded<textarea>".wrapHTML(urldecode($_POST['ob_data']),false,true)."</textarea>";
echo "<br />Packed and Encoded<textarea>".wrapHTML(urldecode($_POST['ob_data']),true,true)."</textarea>";
}
}
}
?>
obfuscater.html
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>SupPack php v0.8</title>
<style type="text/css" media="all">
/* IE8+, Safari 3+, Opera ?, Maxathon ?, FireFox 2+ (including Minefield), Google Chrome 1.0+ */
* {
vertical-align:top;
margin:0;
padding:0;
}
body {
margin:0;
padding:0 15px 0 15px;
font-family:Verdana, Geneva, sans-serif;
font-size:.8em;
background-color:#FFF;
color:#000;
}
input {
padding:0;
margin:0 5px 4px 0;
border:#CCC 1px solid;
}
textarea {
width:100%;
height: 150px;
margin:-2px;
font-family:Arial, Helvetica, sans-serif;
font-size:.9em;
border:#CCC 1px solid;
overflow:auto;
}
form textarea[name=ob_data] {
width:100%;
height:160px;
}
table {
border-spacing:0;
border-collapse:collapse;
}
.short {
width:200px;
}
.shorty {
width:200px;
display:block;
color:#999;
}
fieldset {
border:#CCC 1px solid;
padding:0 10px 2px 10px;
}
fieldset:hover, input:hover, textarea:hover, input:focus, input:hover:focus, textarea:focus, textarea:hover:focus {
border:#000 1px solid;
}
button, input[type=submit], input[type=button] {
border:#CCC 1px solid;
background-color:#FFF;
}
a, a:link { /* Webkit a pseudo class hack/fix */
text-decoration:none;
color:#000;
border:#FFF 1px solid;
}
a:hover, a:focus {
color:#555;
}
a:visited, a:seleted {
color:#111;
}
.submitData {
border:#FFF 1px solid;
width:75px;
height:25px;
font-size:12px;
font-weight:normal;
}
.submitData:hover, .submitData:focus {
border:#000 1px solid;
color:#555;
}
sup {
color:#999;
font-size:.9em;
}
sup:hover {
color:#000;
}
input[type=checkbox] {
border:#FFF 1px solid;
background-color:#FFF;
}
</style>
<script type="text/javascript" language="javascript">
function ajaxStart() {
try {
return new XMLHttpRequest();
}
catch (e) {
try {
return new ActiveXObject("Msxml2.XMLHTTP");
}
catch (e) {
try {
return new ActiveXObject("Microsoft.XMLHTTP");
}
catch (e) {
alert("This won't work correctly unless you have AJAX support.");
return false;
};
};
};
};
function ajaxDo(command) {
var xmlHttp, xGen = "";
for (x = 0; x <= 3; x++) {
if (x == 3) {
xGen += "passkey_" + x + "=" + escape(encodeURI(document.getElementById('passkey_ '+x).value));
}
else {
xGen += "passkey_" + x + "=" + escape(encodeURI(document.getElementById('passkey_ '+x).value)) + "&";
};
};
var obData = document.getElementById('ob_data').value.replace(/(\u0024|\$|\x24)/g,"nrgDollar");
obData = obData.replace(/&/g,"nrgAmp");
obData = escape(encodeURI(obData)).replace(/\+/g,"nrgPlus");
obData = obData.replace(/\u0024|\$|\x24/g,"nrgDollar");
var generateSend = "ob_times="+escape(encodeURI(document.getElementById('ob_time s').value))+"&"+xGen+"&"+"ob_data="+obData;
xmlHttp = ajaxStart();
xmlHttp.onreadystatechange = function() {
if (xmlHttp.readyState == 1|2|3 ) {
document.getElementById("mainOutput").innerHTML = "Loading...this can take anywhere from one-second to ten-minutes";
};
if (xmlHttp.readyState == 4 && xmlHttp.status === 200) {
document.getElementById("mainOutput").innerHTML = xmlHttp.responseText;
};
};
xmlHttp.open("POST","obfu.php?do="+command,true);
xmlHttp.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
xmlHttp.send(generateSend);
};
function showWhat(sayWhat) {
var x = new Array();
x['obDataTimes'] = "This is how many times the data will be sent through and obfuscated.";
x['passkey'] = "Passkeys can be used to confuse and muck the data at random break points. There must be more than 10 characters per key.";
document.getElementById('info').innerHTML = x[sayWhat];
};
function killDesc() {
document.getElementById('info').innerHTML = " ";
};
/*function focus_passkey(keyNum) {
var self = document.getElementById('passkey_'+parseInt(keyNum ));
if (self.value=='Passkey '+parseInt(keyNum+1)){
self.value='';
};
self.style.color='#000';
};
function blur_passkey(keyNum) {
var self = document.getElementById('passkey_'+parseInt(keyNum ));
if (self.value==''){
self.value='Passkey '+parseInt(keyNum+1);
};
if (self.value=='Passkey '+parseInt(keyNum+1)){
self.style.color='#999';
};
}*/
var passkey = {
blur : function(keyNum) {
var self = document.getElementById('passkey_'+parseInt(keyNum ));
if (self.value==''){
self.value='Passkey '+parseInt(keyNum+1);
};
if (self.value=='Passkey '+parseInt(keyNum+1)){
self.style.color='#999';
};
},
focus : function(keyNum) {
var self = document.getElementById('passkey_'+parseInt(keyNum ));
if (self.value=='Passkey '+parseInt(keyNum+1)){
self.value='';
};
self.style.color='#000';
}
}
</script>
</head>
<body>
<div align="center" style="width:100%;">---------------------------------------------<br />
NRG's PHP Obfuscator and Encoder
<div style="font-size:.7em;" id="info"> </div>
---------------------------------------------<br /></div>
<table style="width:100%;">
<tr>
<td style="width:100%;">
<fieldset>
<legend style="margin-top:-5px;">Fieldset</legend>
<form action="" method="post" id="obfu" name="obfu">
<table style="width:100%;">
<tr>
<td>
<table style="width:400px;">
<tr>
<td>
<table style="width:400px;">
<tr>
<td style="text-align:right;cursor:default;">Obfuscate Data<sup onmouseover="javascript:showWhat('obDataTimes');" onmouseout="javascript:killDesc();">(<u>?</u>) </sup></td>
<td><input class="short" id="ob_times" name="ob_times" type="text" maxlength="3" value="" /></td>
</tr>
<tr>
<td style="text-align:right;cursor:default;">Passkey<sup onmouseover="javascript:showWhat('passkey');" onmouseout="javascript:killDesc();">(<u>?</u>) </sup></td>
<td><input class="shorty" id="passkey_0" name="passkey_0" type="text" maxlength="255" value="Passkey 1" onblur="passkey.blur(0)" onfocus="passkey.focus(0);" />
<input class="shorty" id="passkey_1" name="passkey_1" type="text" maxlength="255" value="Passkey 2" onblur="passkey.blur(1)" onfocus="passkey.focus(1);" />
<input class="shorty" id="passkey_2" name="passkey_2" type="text" maxlength="255" value="Passkey 3" onblur="passkey.blur(2)" onfocus="passkey.focus(2);" />
<input class="shorty" id="passkey_3" name="passkey_3" type="text" maxlength="255" value="Passkey 4" onblur="passkey.blur(3)" onfocus="passkey.focus(3);" />
</td>
</tr>
<tr>
<td colspan="2">
<fieldset style="width:350px;">
<legend>Settings/Output</legend>
<table style="width:350px;">
<tr>
<td>Pack</td><td><input type="checkbox" name="pack" checked="checked" /></td>
<td>Obfuscate</td><td><input type="checkbox" name="obfuscate" /></td>
</tr>
<tr>
<td>Encode</td><td><input type="checkbox" name="encode" checked="checked" /></td>
<td>Pack and Encode</td><td><input type="checkbox" name="packEncode" checked="checked" /></td>
</tr>
<tr>
<td>Pack and Obfuscate</td><td><input type="checkbox" name="packObfu" checked="checked" /></td>
<td>Obfuscate and Encode</td><td><input type="checkbox" name="obfuEncode" checked="checked" /></td>
</tr>
<tr>
<td colspan="4" style="text-align:center;">Pack, Obfuscate, and Encode <input type="checkbox" name="packObfuEncode" checked="checked" /></td>
</tr>
</table>
</fieldset>
</td>
</tr>
</table>
</td>
</tr>
</table>
</td>
<td style="width:100%;"><label>Input<textarea id="ob_data" name="ob_data"></textarea></label></td>
</tr>
</table>
<div align="center" style="margin-top:-20px;">
<button type="button" name="button" onclick="javascript:ajaxDo('obfuscate');" class="submitData">Submit</button>
</div>
</form>
</fieldset>
</td>
</tr>
</table>
<div id="mainOutput" name="mainOutput"></div>
</body>
</html>
Rules:
* Passkeys do not work
* Maximum Variables Amount = 702
* # inside quotes cause issues.
* <?php and ?> need to not be in the inserted data.
The reason I'm not running this live and giving the source code is because there are probably some leaks in it. That's because of my sloppy programming when I first started it trying to prevent errors I ended up with more. However, I think I've gotten rid of a good load of the errors.
Will some people here take this for a spin. I've only tested it with my stuff. I need to know if it works for more than just my code. Oh, and this is version 0.8. It isn't perfect, and probably has several bugs that I don't know about.
-----------------------------
Here's the code.
obfu.php
<?php
/*
* COPYRIGHT (c) 2009 Goodlookinguy under RWM Network LLC. All rights reserved.
* All material is intellectual property and is copyrighted. Unauthorized use
* may result in legal action against the party(s) accessing, modifying, plagiarizing,
* republishing, or redistributing copywritten content without proper authorization.
*
* IF YOU WISH TO USE THIS MATERIAL UNDER FREE OR OPEN SOURCE WORK. PLEASE CONTACT
* THE AUTHOR RESPECTIVELY AT [email protected] FOR AUTHORIZATION. COMMERCIAL
* USE IS FORBIDDEN BY THIS COPYRIGHT.
*
* Essencial Security 900
* * checkReferrer
* Essencial Security 990
* * checkMethod
*/
error_reporting(E_ALL & (~E_NOTICE&~E_WARNING));
/* Settings */
$your_domain = "localhost";
$ini_max_exec_time = 960;
$ini_max_input_time = 960;
$ini_memory_limit = 512; // In Mega Bytes (Not Mega Bits)
/* Set 'em */
if (intval(ini_get("max_execution_time")) < $ini_max_exec_time) {
ini_set("max_execution_time",$ini_max_exec_time."");
}
if (intval(ini_get("max_input_time")) < $ini_max_input_time) {
ini_set("max_input_time",$ini_max_input_time."");
}
if (intval(ini_get("memory_limit")) < $ini_memory_limit) {
ini_set("memory_limit", $ini_memory_limit."M");
}
/* Classes */
class security {
// ES900
// Check Referring Domain
// Good for data sent
public function checkReferrer($domain_name) {
// Prepare $is_domain for Regex
$is_domain = preg_replace("/\./","\.",$domain_name);
// Get Matches
preg_match("/http:\/\/".$is_domain."/",$_SERVER["HTTP_REFERER"], $matches);
// if no match
if (!$matches[0]) {
// return false
return false;
}
// if match
else {
// Get domain with http:// length
$length = strlen("http://".$domain_name);
// Set check to value of domain length
// e.g. http://example.com = 18 length
// http://example.com/dmam is cut to http://example.com
// $check = HTTP_REFERER cut to length of domain
$check = substr($_SERVER["HTTP_REFERER"],0,$length);
// Cleanup
unset($length);
// Check if Refererring domain is your domain
if ($check!="http://".$domain_name) {
// return false
return false;
}
else {
// return true
// However, there is an exception, this is not 100% effective
// http://example.com == http://example.com.tt
// That is a rare case though, so I wouldn't worry
return true;
}
}
}
// ES990
public function checkMethod($method) {
$sentMethod = $_SERVER["REQUEST_METHOD"];
if ($method == $sentMethod) {
return true;
}
else {
return false;
}
}
}
class temp {
public static function alter($input) {
// Magic Quotes should be turned off.
$input = stripslashes($input);
$input = htmlentities($input);
$input = preg_replace("/'/","'",$input);
//$input = preg_replace('/"/',""",$input);
return $input;
}
public static function dismiss($input) {
$input = preg_replace("/'/","'",$input);
$input = html_entity_decode($input);
//$input = preg_replace("/"/",'"',$input);
return $input;
}
}
function QuoteData($input,$method="decode") {
if ($method="encode") {
//while (preg_match('%"([^"].*?)(a|e|i|o|u|A|E|I|O|U|@|/)([^"].*?)"%',$input)) {
$input = preg_replace(array("/"(.*?)a(.*?)"/","/"(.*?)e(.*?)"/","/"(.*?)i(.*?)"/","/"(.*?)o(.*?)"/","/"(.*?)u(.*?)"/","/"(.*?)A(.*?)"/","/"(.*?)E(.*?)"/","/"(.*?)I(.*?)"/","/"(.*?)O(.*?)"/","/"(.*?)U(.*?)"/","/"(.*?)\@(.*?)"/","%"(.*?)/(.*?)"%"),array(""$1a$2"",""$1e$2"",""$1i$2"",""$1o$2"",""$1u$2"",""$1A$2"",""$1E$2"",""$1I$2"",""$1O$2"",""$1U$2"",""$1@$2"",""$1/$2""),$input);
//}
return $input;
}
else {
// Method Decode
//while (preg_match('%"([^"].*?)&#(97|101|105|111|117|65|69|73|79|85|64|47);([^"].*?)"%',$input)) {
$input = preg_replace(array("/"(.*?)a(.*?)"/","/"(.*?)e(.*?)"/","/"(.*?)i(.*?)"/","/"(.*?)o(.*?)"/","/"(.*?)u(.*?)"/","/"(.*?)A(.*?)"/","/"(.*?)E(.*?)"/","/"(.*?)I(.*?)"/","/"(.*?)O(.*?)"/;","/"(.*?)U(.*?)"/","/"(.*?)@(.*?)"/","/"(.*?)/(.*?)"/"),array(""$1a$2"",""$1e$2"",""$1i$2"",""$1o$2"",""$1u$2"",""$1A$2"",""$1E$2"",""$1I$2"",""$1O$2"",""$1U$2"",""$1@$2"",""$1/$2""),$input);
//}
return $input;
}
return $input;
}
function removeWhiteSpace($input) {
$input = QuoteData($input,"encode");
// Remove Comments From Code
$input = preg_replace(array("/\/\/(.*?)(\n|\r|\z)/","/&#(.*?);/","/#(.*?)(\n|\r|\z)/","/&-_-(.*?);/"),array("$2","&-_-$1;","$2","&#$1;"),$input);
// Remove Most White Space
$input = preg_replace(array("/\t/","/\s\s/","/(\n|\r)/",'%/\*(.*?)\*/%'),array("","","",""),$input);
// Remove Cetain Packs of White Space
$input = preg_replace(array("/\)(\s)?\{/","/([A-z0-9_])\s(\(|\{)/","/(\s)?(!|~|\||&|=|>|<|\/|\+|\*|\+|-|\^|%)(\s)?([^\+-\/\*])/"),array("){","$1$2","$2$4"),$input);
// Final White Space Remover
// Hopefully, all useless white space should be removed by this point.
$input = preg_replace(array("/(;|\}|\{|\)|\()(\s)+([A-z0-9_\$;\}\(\)\{])/","/(;|\}|\{|\)|\()(\s)+([A-z0-9_\$;\}\(\)\{])/","/(;|\}|\{|\)|\()(\s)+([A-z0-9_\$;\}\(\)\{])/","/(;|\}|\{|\)|\()(\s)+([A-z0-9_\$;\}\(\)\{])/"),array("$1$3","$1$3","$1$3","$1$3"),$input);
return QuoteData($input);
}
/* Functions */
function wrapPHP($input,$times,$obfu,$pack,$ver) {
$input = preg_replace("/nrgPlus/","+",$input);
$input = temp::alter($input);
/* Pack */
if ($pack == true) {
$input = removeWhiteSpace($input);
}
$input = temp::dismiss($input);
/* Obfuscation */
if ($obfu == true) {
$matches = array();
// Special Output Exclusions
$input = preg_replace("/nrgDollar(GLOBALS|_(SERVER|GET|POST|FILES|REQUEST| SESSION|ENV|COOKIE)|php_errormsg|HTTP_RAW_POST_DAT A|http_response_header|argc|argv|this|([0-9])+)/","nrgSpecial$1",$input);
preg_match_all("/(nrgDollar([A-z0-9_])+)(\w|\z)?/",$input,$matches);
if ($matches[0][0]!="") {
for ($x = 0; $x < count($matches[0]); $x++) {
$matches[0][$x] = preg_replace("/(nrgDollar([A-z0-9_])+)(\w|\z)?/","/\b$1\b/",$matches[0][$x]);
}
$outcome = "";
$outrepl = "";
$gogogo = array();
for ($x = 0; $x < count($matches[0]); $x++) {
preg_match_all($matches[0][$x],$outcome,$gogogo);
if ($gogogo[0][0]==""|NULL|FALSE) {
$outcome .= str_replace("\\b","",$matches[0][$x]).",";
}
}
$outcome = preg_replace("/,\z/","",$outcome);
$lower_alpha = array("a","b","c","d","e","f","g","h","i","j","k","l","m","n","o","p","q","r","s","t","u","v","w","x","y","z");
$find = split(",",$outcome);
for ($x = 0; $x < count($find); $x++) {
$find[$x] = preg_replace("/\/(.*?)\//","/\b$1\b/",$find[$x]);
}
// This is a rewrite of the previous Variable Maker (Below)
// New Version | Incomplete (Work in progress)
// This is even starting to confuse me. Too much math.
/*
$xZ = count($lower_alpha);
$xY = 0;
for ($x = 0; $xZ < count($find); $x++) {
if ($xZ^$x > count($find)) {
$xY = $xZ^$x;
}
}
if ($x === 0 || !!$x || $x == "") {
$x = 1;
$xY = $xZ^$x;
}
$internalSwitch = false;
$forValOne = 0;
for ($n = 0; $n < count($find) && count($find) >= count(split(",",$outrepl)); $n++) {
while (count($find) >
$outrepl .= $lower_alpha[$n];
if ($internalSwitch == true) {
for ($y = 0; $y < $x; $y++) {
$outrepl .= $lower_alpha[$forValOne];
$forValOne += 1;
}
}
if ($lower_alpha[$n] == $lower_alpha[count($lower_alpha)-1]) {
$internalSwitch = true;
}
$outrepl .= ",";
}*/
// Old Version | Max Variable Count is 702 = 26 * 26 + 26
$xZ = 0;
for ($x = 0; $x < count($find); $x++) {
if (count($find) > count($lower_alpha)) {
if ($xZ >= 26) {
$z = 0;
$xZ = 0;
for ($y = 0; $y < count($find); $y++) {
$outrepl .= $lower_alpha[$xZ].$lower_alpha[$z].",";
$z += 1;
if ($z == 26) {
$z = 0;
$x += 1;
$xZ += 1;
}
}
}
else {
$outrepl .= $lower_alpha[$x].",";
}
}
else {
$outrepl .= $lower_alpha[$x].",";
}
$xZ += 1;
}
$outrepl = preg_replace("/(([A-z])+)(\x{002C}|,)/","nrgDollar$1,",$outrepl);
$outrepl = preg_replace("/,\z/","",$outrepl);
$replace = split(",",$outrepl);
if (!!$find[0] && !!$replace[0]) {
$input = preg_replace($find,$replace,$input);
}
}
}
$input = str_replace("nrgAmp","&",preg_replace("/nrg(Dollar|Special)/","\$",$input));
/* Encode */
for ($x=0; $x <= $times; $x++) {
if ($ver === 0) {
$input = "eval(gzinflate(urldecode(str_rot13(base64_decode(\"".base64_encode(str_rot13(urlencode(gzdeflate($inpu t))))."\")))));";
}
else if ($ver === 1) {
$input = "eval(gzinflate(urldecode(str_rot13(base64_decode(\"".base64_encode(str_rot13(urlencode(gzdeflate($inpu t))))."\")))))";
}
}
return $input;
}
// ---------------------------------------- wrapHTML ---
function wrapHTML($input,$pack,$encode) {
$input = preg_replace("/nrgPlus/","+",$input);
/* Pack */
if ($pack == true) {
// First White Space and Comment Remover
$input = preg_replace("/(\s)+/"," ",$input);
$input = preg_replace(array("/(\n|\r)/","/>(\s)+?/","/(\s)+?</","/<!--(.*?)-->/","/\/\*(.*?)\*\//"),array("",">","<","",""),$input);
}
if ($encode == true) {
// Encode
}
return preg_replace("/nrgDollar/","\$",$input);
}
/* Program */
$security = new Security;
if (!!$security->checkReferrer($your_domain) && !!$security->checkMethod("POST")) {
if (isset($_GET["do"]) && $_GET["do"]!="") {
// obfuscate
if ($_GET["do"]=="obfuscate") {
// If Input is Empty or Null, exit void
if ($_POST["ob_data"]==""|NULL) {
echo "Null or Empty Request Sent";
exit(0);
}
// Set Variables Sent
$postValues = array();
if ($_POST["ob_times"]!="") { $postValues["ob_times"] = substr(intval($_POST["ob_times"]),0,2); } else { $postValues["ob_times"] = 10; }
if ($_POST["passkey_0"]!="") { $postValues["passkey_0"] = md5($_POST["passkey_0"]); } else { $postValues["passkey_0"] = ""; }
if ($_POST["passkey_1"]!="") { $postValues["passkey_0"] = md5($_POST["passkey_1"]); } else { $postValues["passkey_1"] = ""; }
if ($_POST["passkey_2"]!="") { $postValues["passkey_0"] = md5($_POST["passkey_2"]); } else { $postValues["passkey_2"] = ""; }
if ($_POST["passkey_3"]!="") { $postValues["passkey_0"] = md5($_POST["passkey_3"]); } else { $postValues["passkey_3"] = ""; }
/*
if ($postValues['passkey_0']!="") {
$postValues['ob_data'] = $postValues['ob_data'].$postValues['passkey_0'];
$postValues['ob_data'] = "preg_replace(\$pask0,\"\",".wrapUp($postValues['ob_data'],$postValues['ob_times'],0).")";
$writeUp = "\$pask0 = '/".wrapUp($postValues['passkey_0'],rand(0,999),0)."/';";
$postValues['ob_data'] = $writeUp.$postValues['ob_data'];
} */
echo "<div style=\"position:absolute;margin-top:-20px;\">Packed</div><textarea>".wrapPHP(urldecode($_POST['ob_data']),-1,false,true,0)."</textarea>";
echo "<br />Obfuscated<textarea>".wrapPHP(urldecode($_POST['ob_data']),-1,true,false,0)."</textarea>";
echo "<br />Encoded<textarea>".wrapPHP(urldecode($_POST['ob_data']),$postValues['ob_times'],false,false,0)."</textarea>";
echo "<br />Packed and Obfuscated<textarea>".wrapPHP(urldecode($_POST['ob_data']),-1,true,true,0)."</textarea>";
echo "<br />Obfuscated and Encoded<textarea>".wrapPHP(urldecode($_POST['ob_data']),$postValues['ob_times'],true,false,0)."</textarea>";
echo "<br />Packed and Encoded<textarea>".wrapPHP(urldecode($_POST['ob_data']),$postValues['ob_times'],false,true,0)."</textarea>";
echo "<br />Packed, Obfuscated, and Encoded<textarea>".wrapPHP(urldecode($_POST['ob_data']),$postValues['ob_times'],true,true,0)."</textarea>";
}
// unobfuscate
elseif ($_GET['do']=="unobfuscate") {
// Set Variables Sent
}
elseif ($_GET['do']=="htmlObfuscate") {
if ($_POST["ob_data"]==""|NULL) {
echo "Null or Empty Request Sent";
exit(0);
}
echo "<div style=\"position:absolute;margin-top:-20px;\">Packed</div><textarea>".wrapHTML(urldecode($_POST['ob_data']),true,false)."</textarea>";
echo "<br />Encoded<textarea>".wrapHTML(urldecode($_POST['ob_data']),false,true)."</textarea>";
echo "<br />Packed and Encoded<textarea>".wrapHTML(urldecode($_POST['ob_data']),true,true)."</textarea>";
}
}
}
?>
obfuscater.html
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>SupPack php v0.8</title>
<style type="text/css" media="all">
/* IE8+, Safari 3+, Opera ?, Maxathon ?, FireFox 2+ (including Minefield), Google Chrome 1.0+ */
* {
vertical-align:top;
margin:0;
padding:0;
}
body {
margin:0;
padding:0 15px 0 15px;
font-family:Verdana, Geneva, sans-serif;
font-size:.8em;
background-color:#FFF;
color:#000;
}
input {
padding:0;
margin:0 5px 4px 0;
border:#CCC 1px solid;
}
textarea {
width:100%;
height: 150px;
margin:-2px;
font-family:Arial, Helvetica, sans-serif;
font-size:.9em;
border:#CCC 1px solid;
overflow:auto;
}
form textarea[name=ob_data] {
width:100%;
height:160px;
}
table {
border-spacing:0;
border-collapse:collapse;
}
.short {
width:200px;
}
.shorty {
width:200px;
display:block;
color:#999;
}
fieldset {
border:#CCC 1px solid;
padding:0 10px 2px 10px;
}
fieldset:hover, input:hover, textarea:hover, input:focus, input:hover:focus, textarea:focus, textarea:hover:focus {
border:#000 1px solid;
}
button, input[type=submit], input[type=button] {
border:#CCC 1px solid;
background-color:#FFF;
}
a, a:link { /* Webkit a pseudo class hack/fix */
text-decoration:none;
color:#000;
border:#FFF 1px solid;
}
a:hover, a:focus {
color:#555;
}
a:visited, a:seleted {
color:#111;
}
.submitData {
border:#FFF 1px solid;
width:75px;
height:25px;
font-size:12px;
font-weight:normal;
}
.submitData:hover, .submitData:focus {
border:#000 1px solid;
color:#555;
}
sup {
color:#999;
font-size:.9em;
}
sup:hover {
color:#000;
}
input[type=checkbox] {
border:#FFF 1px solid;
background-color:#FFF;
}
</style>
<script type="text/javascript" language="javascript">
function ajaxStart() {
try {
return new XMLHttpRequest();
}
catch (e) {
try {
return new ActiveXObject("Msxml2.XMLHTTP");
}
catch (e) {
try {
return new ActiveXObject("Microsoft.XMLHTTP");
}
catch (e) {
alert("This won't work correctly unless you have AJAX support.");
return false;
};
};
};
};
function ajaxDo(command) {
var xmlHttp, xGen = "";
for (x = 0; x <= 3; x++) {
if (x == 3) {
xGen += "passkey_" + x + "=" + escape(encodeURI(document.getElementById('passkey_ '+x).value));
}
else {
xGen += "passkey_" + x + "=" + escape(encodeURI(document.getElementById('passkey_ '+x).value)) + "&";
};
};
var obData = document.getElementById('ob_data').value.replace(/(\u0024|\$|\x24)/g,"nrgDollar");
obData = obData.replace(/&/g,"nrgAmp");
obData = escape(encodeURI(obData)).replace(/\+/g,"nrgPlus");
obData = obData.replace(/\u0024|\$|\x24/g,"nrgDollar");
var generateSend = "ob_times="+escape(encodeURI(document.getElementById('ob_time s').value))+"&"+xGen+"&"+"ob_data="+obData;
xmlHttp = ajaxStart();
xmlHttp.onreadystatechange = function() {
if (xmlHttp.readyState == 1|2|3 ) {
document.getElementById("mainOutput").innerHTML = "Loading...this can take anywhere from one-second to ten-minutes";
};
if (xmlHttp.readyState == 4 && xmlHttp.status === 200) {
document.getElementById("mainOutput").innerHTML = xmlHttp.responseText;
};
};
xmlHttp.open("POST","obfu.php?do="+command,true);
xmlHttp.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
xmlHttp.send(generateSend);
};
function showWhat(sayWhat) {
var x = new Array();
x['obDataTimes'] = "This is how many times the data will be sent through and obfuscated.";
x['passkey'] = "Passkeys can be used to confuse and muck the data at random break points. There must be more than 10 characters per key.";
document.getElementById('info').innerHTML = x[sayWhat];
};
function killDesc() {
document.getElementById('info').innerHTML = " ";
};
/*function focus_passkey(keyNum) {
var self = document.getElementById('passkey_'+parseInt(keyNum ));
if (self.value=='Passkey '+parseInt(keyNum+1)){
self.value='';
};
self.style.color='#000';
};
function blur_passkey(keyNum) {
var self = document.getElementById('passkey_'+parseInt(keyNum ));
if (self.value==''){
self.value='Passkey '+parseInt(keyNum+1);
};
if (self.value=='Passkey '+parseInt(keyNum+1)){
self.style.color='#999';
};
}*/
var passkey = {
blur : function(keyNum) {
var self = document.getElementById('passkey_'+parseInt(keyNum ));
if (self.value==''){
self.value='Passkey '+parseInt(keyNum+1);
};
if (self.value=='Passkey '+parseInt(keyNum+1)){
self.style.color='#999';
};
},
focus : function(keyNum) {
var self = document.getElementById('passkey_'+parseInt(keyNum ));
if (self.value=='Passkey '+parseInt(keyNum+1)){
self.value='';
};
self.style.color='#000';
}
}
</script>
</head>
<body>
<div align="center" style="width:100%;">---------------------------------------------<br />
NRG's PHP Obfuscator and Encoder
<div style="font-size:.7em;" id="info"> </div>
---------------------------------------------<br /></div>
<table style="width:100%;">
<tr>
<td style="width:100%;">
<fieldset>
<legend style="margin-top:-5px;">Fieldset</legend>
<form action="" method="post" id="obfu" name="obfu">
<table style="width:100%;">
<tr>
<td>
<table style="width:400px;">
<tr>
<td>
<table style="width:400px;">
<tr>
<td style="text-align:right;cursor:default;">Obfuscate Data<sup onmouseover="javascript:showWhat('obDataTimes');" onmouseout="javascript:killDesc();">(<u>?</u>) </sup></td>
<td><input class="short" id="ob_times" name="ob_times" type="text" maxlength="3" value="" /></td>
</tr>
<tr>
<td style="text-align:right;cursor:default;">Passkey<sup onmouseover="javascript:showWhat('passkey');" onmouseout="javascript:killDesc();">(<u>?</u>) </sup></td>
<td><input class="shorty" id="passkey_0" name="passkey_0" type="text" maxlength="255" value="Passkey 1" onblur="passkey.blur(0)" onfocus="passkey.focus(0);" />
<input class="shorty" id="passkey_1" name="passkey_1" type="text" maxlength="255" value="Passkey 2" onblur="passkey.blur(1)" onfocus="passkey.focus(1);" />
<input class="shorty" id="passkey_2" name="passkey_2" type="text" maxlength="255" value="Passkey 3" onblur="passkey.blur(2)" onfocus="passkey.focus(2);" />
<input class="shorty" id="passkey_3" name="passkey_3" type="text" maxlength="255" value="Passkey 4" onblur="passkey.blur(3)" onfocus="passkey.focus(3);" />
</td>
</tr>
<tr>
<td colspan="2">
<fieldset style="width:350px;">
<legend>Settings/Output</legend>
<table style="width:350px;">
<tr>
<td>Pack</td><td><input type="checkbox" name="pack" checked="checked" /></td>
<td>Obfuscate</td><td><input type="checkbox" name="obfuscate" /></td>
</tr>
<tr>
<td>Encode</td><td><input type="checkbox" name="encode" checked="checked" /></td>
<td>Pack and Encode</td><td><input type="checkbox" name="packEncode" checked="checked" /></td>
</tr>
<tr>
<td>Pack and Obfuscate</td><td><input type="checkbox" name="packObfu" checked="checked" /></td>
<td>Obfuscate and Encode</td><td><input type="checkbox" name="obfuEncode" checked="checked" /></td>
</tr>
<tr>
<td colspan="4" style="text-align:center;">Pack, Obfuscate, and Encode <input type="checkbox" name="packObfuEncode" checked="checked" /></td>
</tr>
</table>
</fieldset>
</td>
</tr>
</table>
</td>
</tr>
</table>
</td>
<td style="width:100%;"><label>Input<textarea id="ob_data" name="ob_data"></textarea></label></td>
</tr>
</table>
<div align="center" style="margin-top:-20px;">
<button type="button" name="button" onclick="javascript:ajaxDo('obfuscate');" class="submitData">Submit</button>
</div>
</form>
</fieldset>
</td>
</tr>
</table>
<div id="mainOutput" name="mainOutput"></div>
</body>
</html>
Rules:
* Passkeys do not work
* Maximum Variables Amount = 702
* # inside quotes cause issues.
* <?php and ?> need to not be in the inserted data.
The reason I'm not running this live and giving the source code is because there are probably some leaks in it. That's because of my sloppy programming when I first started it trying to prevent errors I ended up with more. However, I think I've gotten rid of a good load of the errors.