MasterB0t
commented
2 years ago Yes, within 5 minutes I figure it out too .. its just a "stupid base64 encode script"
Open tbvinh opened 2 years ago
MasterB0t
commented
2 years ago Yes, within 5 minutes I figure it out too .. its just a "stupid base64 encode script"
pH-7
commented
2 years ago Thanks for your suggestions! I appreciate this. Would you like to add more level of complexity and obfuscation? I'm more than happy to review any of your PRs you want to add here 🥳
MasterB0t
commented
2 years ago Try this one https://github.com/pk-fr/yakpro-po its a really good one, it rename functions, classes, variable in to random characters it also add a lot of goto statement to make it even more hard to read.
2braincells2go
commented
2 years ago @MasterB0t How is Yak better and harder to decode? I assume you can tell us the difference and how it is better.
MasterB0t
commented
2 years ago @2braincells2go sure, This software use base64_encode and gzcompress to encode the php code you can use base64_decode and gzuncompress and you will get the original code. Those function are not to encode source code or obfuscate it, made it hard to understand.
Yakpro in other hard transform code, it rename variables, functions, class name, method into random characters so if you have a function something like this function login($username,$password) { } it turn it into function dd30d0uj09r03uru30r03ur($odj0303ui0d3ur,$fj03j0j30jf30) {} but also use the the goto statement so the code is not in order from line 1 to bottom ... you can read more about goto here
2braincells2go
commented
2 years ago @MasterB0t Thank you for explaining! Makes perfect sense now:)
parallels999
commented
1 year ago @tbvinh it works, it is just base64 encoding, it doesn't ofuscate anything
Edit the obfuscate file:
ORIGIN SOURCE\
\ \
"; ---------------------------------------
Please see the php code at my gist: https://gist.github.com/tbvinh/d3a833321b4ba7e292253aa5a76ef52e