Ali’s Blog

ZenCrypt — PHP Encoder

Last night, I was searching the internet for PHP Encoders, I always knew that ZendGuard and IONCUBE are the best. However, I thought of giving others a chance. While searching I came across ZenCrypt. One of the good things about it that it doesn’t need a loader on the server-side. Thus, the scripts are self-decodable. But this makes it easy to decrypt. On thier website, they have two scripts. One is the source, and the other is the encoded script.

My Attempt to understand its way of encoding to see if it worth the USD45.

Source PHP Code:

<?php
/* -------------------------------------------------
               www.ZenCrypt.com
             ZenCrypt simple demo

User Manual: http://www.zencrypt.com/INFO/ZenCrypt_PHP_Encoder.pdf
------------------------------------------------- */

//{{{PHP_INSERT_a1}}}
// Encoded chunk of code will be inserted here by ZenCrypt
// Encoded version - test_encoded.php was generated by running ZenCrypt with this command:
//    php -f zencrypt.php infile=test_plain.php outfile=test_encoded.php enccycles=10 stripcomments=yes
//{{{/PHP_INSERT_a1}}}

// This code client will see
$encrypted_number = 52728;

$resulted_number = ZEN_encrypt ($encrypted_number);
echo "\nEncrypted number=$resulted_number";
$resulted_number = ZEN_decrypt ($resulted_number);
echo "\nDecrypted number=$resulted_number";

//{{{PHP_ENCODE_a1}}}
// This part will be encoded and moved above (in between PHP_INSERT tags).
// We do not want to expose these "super secret" encryption functions to the clients.
function ZEN_encrypt ($input)
{
return ($input+5432);
}

function ZEN_decrypt ($input)
{
return ($input-5432);
}
//{{{/PHP_ENCODE_a1}}}

?>

Encoded Code:

<?php
/* -------------------------------------------------
               www.ZenCrypt.com
             ZenCrypt simple demo

User Manual: http://www.zencrypt.com/INFO/ZenCrypt_PHP_Encoder.pdf
------------------------------------------------- */

$juTSvfNAGsrLGell='=ch/5z/T/fd3E73dPj+i+/rRNYcW/rz/sr6zjSNreaXN+nf/W876jLfWtd9fYXR5F3mtYCRhWNW7dOXGPsM19c920z3acnzSfxYMLFxg/Lz0nIz1FfpnLVdf/xksrTZqs55rpk///93fz27zHki6/oWYz1+9boz693v+vwQE52qDxffRSPNxjIf7xOfHb07GgxXHS/CawCIAXw9xuOY/EVs2KuqrxeJFCMTjEENA0ny6gTRUnndy30KTE/uyY77Pa0TWPVyHmqmYQ98Vf+dgq80ne2FgRkZzz1I103xrDgFjbVdXrcq4coJhOlJwGfXOMVavufyVOwpoIna3qQ5ldM+cVFUwoIHxuEbp3t6HEKKHnhi8rDY6aBfCxM9HkjSCeDP5gWj8GO2zaLsMsrsmLaLw605dRJDxFQZcyTe/X5RDaN9pJ0JTlyEzs0b6ds4cIeRg0uf7/INtfOgFECfah6aJz5Z8WbW5XorpGJZQAk/0H4sxB6GZiXZT44QtxETrhcqSgW5rtxHBxfDN6o8R8m7tbItO7uy3VBIRCi7f1Z+g6qkDoFRh3oiPBehlfbWHOCxdljFFxBjWwZhwOG/tAPA/EtX8LOkw3h04N+Ju7F25yDu6L7itrTU2jJ4dhqbPfBXzXg73fIzmZCyYxdmischnH+1voRzSntcnhxhyLfEriTCyEOhlOlzadH8WzfTUst9O3HBBP0U2JxDBRaLNQUeZjSpFWaDrQGUz3zWFYzBrYHUEtIjENWe0YsQpaFChodc7xDgaegxTTZNNb/il0sihsr6TdlVaq6HCfBywAK92VzCMeIJ7/7TfVgUvBr/zeaZJxuB1JTzT5n5KL1Kn04GldNUuQ+Zfyu3tcSd4UZDmMCFO2G9JmLQP6lurmNLUrcNO1dTalveKGhbqjZBOKro9Yi4MSS05BPcE+uBGP+wmqsaFP/CCMQvKopFeye2W282Dhwvnt743mYkfm0f1zeyox6ftiQ0KU3X3MjQgtkHG97Ob1iS/VZ+NZRf+c7GCztrRNKRZnElL2tA5GZMIfDXn5kUzCElSANn82mCOe+QXjpImZLFxb+Uh1X0jjsOyBTiZZbNJcFuebnG92TO+p/q1FXf9F9p7CQL32aBFxrtQG1hn6jlq3CjazvZ2k7i3wWbWnMSkyWfKOZtJcFLMvAEH+RPFEnaezjbZpUHR+4a7nYoCD9TUVkmukb7U0xti00EBIIxSVNyZrku/xnuuDAln/k/0IL/JaVQpof19rFjY4yHedvkhCiES1bOWeTO4LhhTJuJMmigCUWH4hobXlpr4cwvUnvNpFJrHJmGTYnCL/Sm+RMd0urBbOcuPDdS1M4whnim/+oEPx9VU4PbEmFy2YscLp8Zeczp8JT7mXnKF5VXK0glSAemv8vlmr/rcc/g34sXfPTqjYhZsc4K2ZuXbbYsWUUc9lJTfc2pSJyJaXcwxnezRpTVzwxkIbE2gr6RFBhmBLD2VNCQlx9Mlq3ib1v0czH2DbK7uqQ8mBEmXFmextYLxOKlUyKi561bLibKNCtMwAu/CJqA7gH9ImS/MP1LCZ6Iq8sYvu6nZvOgpXj5SiTGjZvaj2H0uDkx0E653Ngfd2RPIidVbrIPo/bDjFH5JNbWGTZiwCpi3LZAZ2Jh7CQyiL6qCKyJRMU2mC1KapSxqxZzoZ1IDI5j+ZjJzdyb/N82DRWQ5TKP9GYWLiB6m9Jmku3I31DNv0Wfs0uVuqXFU3kNM3ejaeXtT2ZolhmEhuiYS6fpTXEmym65ITt646EAEfnnSTDy9Ybt7L5xukkRuaHG3DKRJm/I48XOQkubAcY3ZuRHKIl8OcQeyd2jIY06sMvd5Ud8wiqvTtxHuyJV+S9cTmo2NsL/LZV/c19kmOMpKd0N1d62IdjeeufMxGxM42QFe+NS+rZeD5jY9KOe6c4adcJMToZDt7F8mEN4isP9okCSxpN1Wvr8cpj+Rwn6xFslssE60hp54EwDmogCfgu1xz9dLGUCP4hk8BQAEPxCJ3+8KALk/4ry59SEHgAsPZW3QeuBJ1xQWsQQHnvphTU/hFcFApGOYgiqw+P2bHPAtahgbhG4g5twGhSmwIIAggBccUccjnrn9Z2wn+ZbQAB1eN9CTMBQMBEE98OApvjbJ2EAYeui/+/PE0n78g542p9K1FhlIIT7xFwOvff919+OIkX675p2SBB7YNRuCWYXBZyvDISuj3SVb';$QynVyKBtA_laXYfjkJ=';))))yyrTYefTNAsiFGhw$(ireegf(rqbprq_46rfno(rgnysavmt(ynir';$LoMOYHmyNmPlxD=strrev($QynVyKBtA_laXYfjkJ);$lUETluMevSaLCDV=str_rot13($LoMOYHmyNmPlxD);eval($lUETluMevSaLCDV);

// This code client will see
$encrypted_number = 52728;

$resulted_number = ZEN_encrypt ($encrypted_number);
echo "\nEncrypted number=$resulted_number";
$resulted_number = ZEN_decrypt ($resulted_number);
echo "\nDecrypted number=$resulted_number";

?>

My Attempt to Decode the Code:

<?php
/* ————————————————-
www.ZenCrypt.com
ZenCrypt simple demo

User Manual: http://www.zencrypt.com/INFO/ZenCrypt_PHP_Encoder.pdf
————————————————- */

$juTSvfNAGsrLGell=’=ch/5z/T/fd3E73dPj+i+/rRNYcW/rz/sr6zjSNreaXN+nf/W876jLfWtd9fYXR5F3mtYCRhWNW7dOXGPsM19c920z3acnzSfxYMLFxg/Lz0nIz1FfpnLVdf/xksrTZqs55rpk///93fz27zHki6/oWYz1+9boz693v+vwQE52qDxffRSPNxjIf7xOfHb07GgxXHS/CawCIAXw9xuOY/EVs2KuqrxeJFCMTjEENA0ny6gTRUnndy30KTE/uyY77Pa0TWPVyHmqmYQ98Vf+dgq80ne2FgRkZzz1I103xrDgFjbVdXrcq4coJhOlJwGfXOMVavufyVOwpoIna3qQ5ldM+cVFUwoIHxuEbp3t6HEKKHnhi8rDY6aBfCxM9HkjSCeDP5gWj8GO2zaLsMsrsmLaLw605dRJDxFQZcyTe/X5RDaN9pJ0JTlyEzs0b6ds4cIeRg0uf7/INtfOgFECfah6aJz5Z8WbW5XorpGJZQAk/0H4sxB6GZiXZT44QtxETrhcqSgW5rtxHBxfDN6o8R8m7tbItO7uy3VBIRCi7f1Z+g6qkDoFRh3oiPBehlfbWHOCxdljFFxBjWwZhwOG/tAPA/EtX8LOkw3h04N+Ju7F25yDu6L7itrTU2jJ4dhqbPfBXzXg73fIzmZCyYxdmischnH+1voRzSntcnhxhyLfEriTCyEOhlOlzadH8WzfTUst9O3HBBP0U2JxDBRaLNQUeZjSpFWaDrQGUz3zWFYzBrYHUEtIjENWe0YsQpaFChodc7xDgaegxTTZNNb/il0sihsr6TdlVaq6HCfBywAK92VzCMeIJ7/7TfVgUvBr/zeaZJxuB1JTzT5n5KL1Kn04GldNUuQ+Zfyu3tcSd4UZDmMCFO2G9JmLQP6lurmNLUrcNO1dTalveKGhbqjZBOKro9Yi4MSS05BPcE+uBGP+wmqsaFP/CCMQvKopFeye2W282Dhwvnt743mYkfm0f1zeyox6ftiQ0KU3X3MjQgtkHG97Ob1iS/VZ+NZRf+c7GCztrRNKRZnElL2tA5GZMIfDXn5kUzCElSANn82mCOe+QXjpImZLFxb+Uh1X0jjsOyBTiZZbNJcFuebnG92TO+p/q1FXf9F9p7CQL32aBFxrtQG1hn6jlq3CjazvZ2k7i3wWbWnMSkyWfKOZtJcFLMvAEH+RPFEnaezjbZpUHR+4a7nYoCD9TUVkmukb7U0xti00EBIIxSVNyZrku/xnuuDAln/k/0IL/JaVQpof19rFjY4yHedvkhCiES1bOWeTO4LhhTJuJMmigCUWH4hobXlpr4cwvUnvNpFJrHJmGTYnCL/Sm+RMd0urBbOcuPDdS1M4whnim/+oEPx9VU4PbEmFy2YscLp8Zeczp8JT7mXnKF5VXK0glSAemv8vlmr/rcc/g34sXfPTqjYhZsc4K2ZuXbbYsWUUc9lJTfc2pSJyJaXcwxnezRpTVzwxkIbE2gr6RFBhmBLD2VNCQlx9Mlq3ib1v0czH2DbK7uqQ8mBEmXFmextYLxOKlUyKi561bLibKNCtMwAu/CJqA7gH9ImS/MP1LCZ6Iq8sYvu6nZvOgpXj5SiTGjZvaj2H0uDkx0E653Ngfd2RPIidVbrIPo/bDjFH5JNbWGTZiwCpi3LZAZ2Jh7CQyiL6qCKyJRMU2mC1KapSxqxZzoZ1IDI5j+ZjJzdyb/N82DRWQ5TKP9GYWLiB6m9Jmku3I31DNv0Wfs0uVuqXFU3kNM3ejaeXtT2ZolhmEhuiYS6fpTXEmym65ITt646EAEfnnSTDy9Ybt7L5xukkRuaHG3DKRJm/I48XOQkubAcY3ZuRHKIl8OcQeyd2jIY06sMvd5Ud8wiqvTtxHuyJV+S9cTmo2NsL/LZV/c19kmOMpKd0N1d62IdjeeufMxGxM42QFe+NS+rZeD5jY9KOe6c4adcJMToZDt7F8mEN4isP9okCSxpN1Wvr8cpj+Rwn6xFslssE60hp54EwDmogCfgu1xz9dLGUCP4hk8BQAEPxCJ3+8KALk/4ry59SEHgAsPZW3QeuBJ1xQWsQQHnvphTU/hFcFApGOYgiqw+P2bHPAtahgbhG4g5twGhSmwIIAggBccUccjnrn9Z2wn+ZbQAB1eN9CTMBQMBEE98OApvjbJ2EAYeui/+/PE0n78g542p9K1FhlIIT7xFwOvff919+OIkX675p2SBB7YNRuCWYXBZyvDISuj3SVb’;$QynVyKBtA_laXYfjkJ=’;))))yyrTYefTNAsiFGhw$(ireegf(rqbprq_46rfno(rgnysavmt(ynir’;$LoMOYHmyNmPlxD=strrev($QynVyKBtA_laXYfjkJ);$lUETluMevSaLCDV=str_rot13($LoMOYHmyNmPlxD);eval($lUETluMevSaLCDV);

//print gzinflate(base64_decode(strrev($juTSvfNAGsrLGell)));

$str=str_replace(“eval”,”\$str=”, gzinflate(base64_decode(strrev($juTSvfNAGsrLGell))));
eval($str);
print $str.”\n–\n”;
//print “–\n”;
for($icount=0; $icount<17; $icount++) {
$str=str_replace(“eval”,”\$str=”, $str);
print $str.”\n$icount–\n”;
eval($str);
print $str.”\n$icount–\n”;
}

// This code client will see
$encrypted_number = 52728;

$resulted_number = ZEN_encrypt ($encrypted_number);
echo “\nEncrypted number=$resulted_number”;
$resulted_number = ZEN_decrypt ($resulted_number);
echo “\nDecrypted number=$resulted_number”;
?>

Conclusion:

What I see that it doesn’t worth the the USD45. Maybe if it was encoded with ZendGuard or ionCube and produces a file that requires a PHP Loader. Just like PHPCipher.
However, from this attempt. I thought that I will write my own encoder. It will be using the same method, however, the output will be encoded in both ZendGuard and ionCube. Stay tuned!

Tags: Ali, Ali Almahdi, Ali Encoder, Almahdi, php, PHP Encoder, ZenCrypt

Programming | Ali | February 5, 2010 11:01 pm

1 Comment

By haythoo, February 23, 2010 @ 10:44 am

without PHP loader!
This mean slow and weak.

if you want my advise, combine zendguard and ioncube, and if anybody could decode it, then he deserve it, because he is decoding god!

Made from the best stuff on earth

ZenCrypt — PHP Encoder

1 Comment

Other Links to this Post

Leave a comment

Follow Me

Search

Categories

Archives

Meta

Ali’s Blog

Made from the best stuff on earth

ZenCrypt — PHP Encoder

1 Comment

Other Links to this Post

Leave a comment

Subscribe

Follow Me

Search

Categories

Archives

Meta