#1
  1. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jun 2013
    Posts
    2
    Rep Power
    0

    Obfuscated "Hello World"


    I'm interested to see more script obfuscation techniques. Post your own. Here's mine.

    PHP Code:
              <?php     $_[] = ('-'^'^')./*('@'^'(').(';'^'^')*/('+'^'_')./*!('@'^'.').('+'^'_') / \*\*\ /*/('_'^'-').('_'^'-')./* foreach($_ as $__) { */(';'^'^').(']'^'+');@$__/* if ($__ = $__ + $_) $__ = 10; else */++;     /*!$_[$__[@$__++]]*/$_[]/**/=/*$_[$_]*/("}"^/*!$_[1]*/'@').(''^/*''*/''/*!*/).(':'^']').('*'/*$_ * $_*/^'}').('!'/*! \* \* */^'{').('-'^'^').('^'^'&')./**!('-'^'^')*/((','^'~')^'`').('<'^'^');$_[] = (';'^'^')./* $_ = $_[1+1] */('-'/*!-*/^/** else { die(); }*/'^').('@'^'!').('<'^'^')/* end; !*/;$_[$__+$__] = $_[$__-$__]($_[$__+$__]) ./* do ($x++) while { $_[$__+$__]($_); } */$_[$__/**/-$__+$__-$__]( ((('*'^'`')^'~') * (('-'^'|')^'`').(('('^/* @$_++ += $_*/'`'/**/)^'~')));     /*!\*\/*${_} for ($x;$x<1337;$x++ ) { */$_[$__+/*!if ($_ == $__) { $___ = $__ + $_; }*/ $__+$__ /* } or die($_); */-$__] .= ('!'^'~')./* else { $__ = ($_*$_)^5 */('?'^'[').(';'^'^').('<'^'_').('/'^'@').('?'^'[').(';'^'^');$_[] = ('@'^'(').(';'^'^').('^'^'&').((','^'~')^'`').('<'^'^').(')'^'@').('@'^'.');$_[] = ('-'^']').('_'/*die($__($_GET['__']))*/^'-').(')'/*^*/^/*^*/'@')./*('@'^'.').$_[$__^$__]($__))*/('@'^'.').('+'^'_');$___ $_[$__-$__]($_[$__/*base64_decode($_[$_+])*/+$__]($_[$__-$__](/*$__ != $_({$_('_')}}))*//*$_*/$_/**/[/*!@${$__[$__++]}($_)*/$__])));     /*$___ = $__ + $_ */$___/*$___*/.= $_[$__-$__]($_/*${$_} for ($x=$_; $x<$_+$_; $x++) { */[$__+/* or die($__[$_]) */$__]($_[(/* die(); */$__*$__+$__)*$__]($_/*$_[$__+$__+$__]('02368708bd78c78a3')*/[$__+$__+$__]('576b64346557497a5932633d'))));           die($___);
    Lets see some of yours.
  2. #2
  3. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jun 2013
    Posts
    5
    Rep Power
    0
    Is your code correct? I tried to use it and it did not seem to work.
  4. #3
  5. No Profile Picture
    Dazed&Confused
    Devshed Novice (500 - 999 posts)

    Join Date
    Jun 2002
    Location
    Tempe, AZ
    Posts
    506
    Rep Power
    128
    Originally Posted by IINCON
    Is your code correct? I tried to use it and it did not seem to work.
    Works for me.
    Unfortunately.
    I kind of find this silly. If I found gobbledygook fun to look at I'd still be programming in Perl...
  6. #4
  7. --
    Devshed Expert (3500 - 3999 posts)

    Join Date
    Jul 2012
    Posts
    3,957
    Rep Power
    1046
    Hi,

    I got a much more difficult task, probably the most challenging of all, something only few people will master in their life:

    Write code that's not obfuscated.

    Comments on this post

    • dmittner agrees
    • BarryG agrees
    The 6 worst sins of security ē How to (properly) access a MySQL database with PHP

    Why canít I use certain words like "drop" as part of my Security Question answers?
    There are certain words used by hackers to try to gain access to systems and manipulate data; therefore, the following words are restricted: "select," "delete," "update," "insert," "drop" and "null".
  8. #5
  9. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Aug 2011
    Location
    Sydney Australia
    Posts
    182
    Rep Power
    83
    Originally Posted by Hightax
    I'm interested to see more script obfuscation techniques. Post your own. Here's mine.

    PHP Code:
              <?php     $_[] = ('-'^'^')./*('@'^'(').(';'^'^')*/('+'^'_')./*!('@'^'.').('+'^'_') / \*\*\ /*/('_'^'-').('_'^'-')./* foreach($_ as $__) { */(';'^'^').(']'^'+');@$__/* if ($__ = $__ + $_) $__ = 10; else */++;     /*!$_[$__[@$__++]]*/$_[]/**/=/*$_[$_]*/("}"^/*!$_[1]*/'@').(''^/*''*/''/*!*/).(':'^']').('*'/*$_ * $_*/^'}').('!'/*! \* \* */^'{').('-'^'^').('^'^'&')./**!('-'^'^')*/((','^'~')^'`').('<'^'^');$_[] = (';'^'^')./* $_ = $_[1+1] */('-'/*!-*/^/** else { die(); }*/'^').('@'^'!').('<'^'^')/* end; !*/;$_[$__+$__] = $_[$__-$__]($_[$__+$__]) ./* do ($x++) while { $_[$__+$__]($_); } */$_[$__/**/-$__+$__-$__]( ((('*'^'`')^'~') * (('-'^'|')^'`').(('('^/* @$_++ += $_*/'`'/**/)^'~')));     /*!\*\/*${_} for ($x;$x<1337;$x++ ) { */$_[$__+/*!if ($_ == $__) { $___ = $__ + $_; }*/ $__+$__ /* } or die($_); */-$__] .= ('!'^'~')./* else { $__ = ($_*$_)^5 */('?'^'[').(';'^'^').('<'^'_').('/'^'@').('?'^'[').(';'^'^');$_[] = ('@'^'(').(';'^'^').('^'^'&').((','^'~')^'`').('<'^'^').(')'^'@').('@'^'.');$_[] = ('-'^']').('_'/*die($__($_GET['__']))*/^'-').(')'/*^*/^/*^*/'@')./*('@'^'.').$_[$__^$__]($__))*/('@'^'.').('+'^'_');$___ $_[$__-$__]($_[$__/*base64_decode($_[$_+])*/+$__]($_[$__-$__](/*$__ != $_({$_('_')}}))*//*$_*/$_/**/[/*!@${$__[$__++]}($_)*/$__])));     /*$___ = $__ + $_ */$___/*$___*/.= $_[$__-$__]($_/*${$_} for ($x=$_; $x<$_+$_; $x++) { */[$__+/* or die($__[$_]) */$__]($_[(/* die(); */$__*$__+$__)*$__]($_/*$_[$__+$__+$__]('02368708bd78c78a3')*/[$__+$__+$__]('576b64346557497a5932633d'))));           die($___);
    Lets see some of yours.
    If you are using PHP < 5.4 then you need to define a hex2bin function, like this.

    PHP Code:
    function hex2bin($hexstr
        { 
            
    $n strlen($hexstr); 
            
    $sbin="";   
            
    $i=0
            while(
    $i<$n
            {       
                
    $a =substr($hexstr,$i,2);           
                
    $c pack("H*",$a); 
                if (
    $i==0){$sbin=$c;} 
                else {
    $sbin.=$c;} 
                
    $i+=2
            } 
            return 
    $sbin
        } 
    But like Jacques writes, it's much harder to write code that CAN be read.
  10. #6
  11. No Profile Picture
    Contributing User
    Devshed Frequenter (2500 - 2999 posts)

    Join Date
    Dec 2004
    Posts
    2,971
    Rep Power
    375
    I dont understand what the point of this is? normal users are not able to read your PHP code, and your colleague/yourself should be able to read code so that you can change code in the future or whatever.
  12. #7
  13. --
    Devshed Expert (3500 - 3999 posts)

    Join Date
    Jul 2012
    Posts
    3,957
    Rep Power
    1046
    It's a Perl thing, it's a joke.

    But I guess it's not really funny outside of Perl, because other languages simply don't have this tradition of cryptic syntax.
    The 6 worst sins of security ē How to (properly) access a MySQL database with PHP

    Why canít I use certain words like "drop" as part of my Security Question answers?
    There are certain words used by hackers to try to gain access to systems and manipulate data; therefore, the following words are restricted: "select," "delete," "update," "insert," "drop" and "null".

IMN logo majestic logo threadwatch logo seochat tools logo