PHP IDE :: NuSphere Forums :: View topic - Is NuExpress decoding the files encoded by NuCoder?

Posted: Thu Nov 06, 2008 9:50 am

Dear all,

I'm a user of ioncube encoder and I would like to know if NuCoder offers an alternative in its encoding mechanism.

Thanks

Posted: Thu Nov 06, 2008 1:08 pm

Dear all,

The one thing that I don't understand very well, is the encoding process.

For example, the following encoded file

<?php

print(phpinfo());

?>

is encoded like:

<?php //000a8
echo('Site error: the file <b>'.__FILE__.'</b> requires the ionCube PHP Loader '.basename($__ln).' to be installed by the site administrator.');exit(199);
?>
4+oV50SMjGph+WqZ/gWWB+A33CmLnw5or8YsZPMqPEWVl5/azza0xHlPKw2k6ZHnPVVsGVhQqfXE
TOwLtFFx4km82oN83/k3Qrp+ij2cw/HPHbCp/yjBrcC/Yf8CfLAuLNsaqP+8W/5n0KSgvztqwjn4
mRIcczLbwurR1t25b2+RQw3bL8pDFMv4B+rwXkcPEF8uejNS2fiGZ0Z8K2COWFT0W4t9/39yU93m
mGIFGMmOO4YmlVUcZOwvDMCFLjpEU/SRcG+kK1IE2mL5BuUrznAiXskknjyZ8K0ulXK0QCKsNKyo
mbNejum2WcQ6mx/VleTYaurbnaYJobUFqFA0nlEh6fzgUyRrz7fAmLagHaBoDfTVR9YFp7mxb9j7
A5ugln6H1r8jP8t396zMB2Wd1ZgP5QgVlHspXyMD7LiEAL7iIfOx1YzqPSWOix/ux3z6HxQawx2s
bZSsBG==

1- Is the above file only encrypted readable php code..?

2- Is the abode file first compiled into bytecode and then encrypted..?

2- Is the loader first decrypting the encoded file..?

4- Once decrypted, is the file parsed and compiled again by php or is php told not to compile it because it is already compiled bytecode..?

5- Is there any way to have a look at the bytecode of an encoded file..?

Thanks

Kind Regards,

Stephane

Posted: Fri Jan 16, 2009 4:49 pm

I'm also curious to know this. Please answer.

Posted: Sun Jan 18, 2009 12:02 am

Quote:

1- Is the above file only encrypted readable php code..?
2- Is the abode file first compiled into bytecode and then encrypted..?
2- Is the loader first decrypting the encoded file..?

You'd better ask ioncube engineers about how their encoded file is produced.
In case of nucoder the answers would be:

Quote:

1- Is the above file only encrypted readable php code..?

encrypted with aes128

Quote:

2- Is the abode file first compiled into bytecode and then encrypted..?

right

Quote:

2- Is the loader first decrypting the encoded file..?

right

In general, there are only two types of php encoders and I wrote about it before
road-map-t4404.html?highlight=protection

If we talk about encoders in-general (in opposite to "packers"), the answers are provided below:

Quote:

4- Once decrypted, is the file parsed and compiled again by php or is php told not to compile it because it is already compiled bytecode..?

latter. Bytecodes go stright to the executor. Compilation phase is bypassed.

Quote:

5- Is there any way to have a look at the bytecode of an encoded file..?

With debugger everything that can be executed, can also be hooked/trapped. Absolute protection is a myth. But it does not mean that it will be easy to re-produce the original php sources even though the opcodes are hooked.