php - ioncube decryption in seconds -


i'm php developer , searching software protect php code. know there exist obfuscators , encoders (and both).. seems it's possible "decrypt" code encoded software.

so question is.. if possible decrypt source code produced major software companies (zend, ioncube, sourceguardian).. why produts still on market?

why these software continues sell if can (pay to) decrypt in seconds?

btw, asked on ioncube forum , message was.. deleted.

regards.

the answer reduces to: because there dumbasses stupid enough believe php can "securely encoded", same way there people stupid enough believe requiring serial code application automatically makes secure.

ioncube relies on pretty simplistic implementation - xor start finish, hardly "security measure". runs vm - , vulnerable vm side-channel attacks in addition flat-out reverse engineering (one presentation here: https://media.blackhat.com/ad-12/saher/bh-ad-12-stealing-from-thieves-saher-slides.pdf ). ioncube so? no. why? because dissuades large majority of script kiddies.

i not familiar sourceguardian, zend built in same fashion, albeit bit more secure , harder beat ioncube. however, whilst they're not trivial, they're not impossible beat, either.

the following taken zend guard page:

encoding process php source code converted intermediate machine readable format. format hard humans read , convert source code. result protects code casual browsing. means if people obtain access site's code not able use unintended purposes.

in other words, if user not casually browsing, not hold up. don't know you, not know single non-dev casually browses source code without purpose of understanding it, , often, breaking it.

the same thing true of every single drm method around. however, they're still on market. why? because, whilst not perfect, they're good enough dissuade large majority of people.

the law , final word of is: if build it, expect broken , plan it.


Comments

Post a Comment

Popular posts from this blog

blackberry 10 - how to add multiple markers on the google map just by url? -

i have android application, want convert blackberry 10 , google map needed in app,but blackberry 10 not support googlemap , blackberry developer web site supply way replace it.the sample below: @override public void oncreate(bundle savedinstancestate) { super.oncreate(savedinstancestate); setcontentview(r.layout.main); webview webview = (webview) findviewbyid(r.id.mywebview); webview.getsettings().setjavascriptenabled(true); webview.loadurl("http://maps.google.com/?ll=36.97, -122&lci=bike&z=13&t=p"); } i cannot understand it,i not know how add multiple markers on googlemap via url? can me? this worked me map shown in webview.
Read more

php - guestbook returning database data to flash -

i've been struggling problem long , unable make work, hope can me it. first, know php files correct , mysql database works fine. in flash, able submit comment database comments not display. did many tests such making returned_database flash separately , worked fine - can see old comments. long combine submitting 1 , returning 1 together, flash doesn't show comments more. put lower version flash effects on frame thinking doesn't collaborate returning flash, submitting flash works fine. since pretty complex problem hard me copy actionscript code because on different frames in flash. if has ideas fixing maybe can send file you?
Read more

delphi - Dynamic file type icon -

i want register file type in windows , make program delphi draw icon of file according contents (something custom icon format). how can this? thanks nortd , user539484 comments, searched internet "shell icon handler delphi" , found sample here , , shell+ components has component this.
Read more