Abstract
PHP is the most popular scripting language for web applications. Because no native solution to compile or protect PHP scripts exists, PHP applications are usually shipped as plain source code which is easily understood or copied by an adversary. In order to prevent such attacks, commercial products such as ionCube, Zend Guard, and Source Guardian promise a source code protection.In this paper, we analyze the inner working and security of these tools and propose a method to recover the source code by leveraging sta- tic and dynamic analysis techniques. We introduce a generic approach for decompilation of obfuscated bytecode and show that it is possible to automatically recover the original source code of protected software. As a result, we discovered previously unknown vulnerabilities and backdoors in 1 million lines of recovered source code of 10 protected applications.
Author supplied keywords
Cite
CITATION STYLE
Weißer, D., Dahse, J., & Holz, T. (2015). Security analysis of PHP bytecode protection mechanisms. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 9404, pp. 493–514). Springer Verlag. https://doi.org/10.1007/978-3-319-26362-5_23
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
