Archive for January, 2011

Zend encoded PHP files

Posted in Hacking with tags , , on January 31, 2011 by Xacker

I know it’s been a while since my last pointless post 😛 but today I’m gonna have to note and publish this small piece of information in the hope someone will find it useful.

Long story short, I was working on some encoded PHP script with Zend Guard.

The decoding tools were all over the Internet but my attempts went in vain with some kind of weird report stating that the file was corrupted.

I was almost sure that the files had no error, even though I’ve used my lousy Python skills to pull off the file from the vulnerable server 🙂

After like 3 hours (to be exact.. over 9 hours) of scratching, I figured – thanks to CRC – that my Python script were converting the God damned LF character into CRLF character!

By Googling and checking some other Zend protected files, I was sure that Zend is avoiding the use of the CR character.

All I had to do was to replace all 0x0D0A’s with 0x0A’s and that was it, I was back on the track cracking the encoded scripts in a second.

Less than a half hour later, I was in PHPMyAdmin panel looking at all the goods 🙂

Until next time, All your PHP files belong to us 😉