Zend Decoder! -- Fake or Not?

fr600

This site: 18yuan says that they can decode scripts that are encded with zend encoder or safeguard suite. I personally believe they are faking, but I'm really interested to know what you guys think.

goldbug

I believe it. At some point the "decoder" that reads the encoded files has to decode the scripts and pass them to the Zend engine. If you intercept the script at that point (modify PHP source, for example), you can see the scripts unencrypted.

Jason_Batten

How does one intercept the script at "that point" though 😐

drew010

well, it doesnt really ever get turned to php code again, its basically just compiled to bytecode which is later executed. bytecode is a machine independent type of code which is unique to its interpreter, i.e. java bytecode, which is compiled and then executed by the jvm.
im not able to pull that url up for some reason, but how much are these people "charging" and do they give you the software or do you send the code to them.
i highly doubt its real. its just about the same as the mythical decompilers.

Doto

hi, i have purchase whit this site http://www.phprecovery.com 1 decoding files crypted zend

i put here encoded files Zend
this is source recovered by this site

<?
##########################################################################
#                                                                       #
#                  Created by PhpRecovery 1.0.1                       #
#                                                                       #
# Phprescue   :    Version 1.0.1(Public)                                #
#                   Decoder for Zend Encoder/SafeGuard                  #
# Created 25/09/05              Last Modified 19/11/05                  #
# Thank you to chose  PhpRescue    http://www.phprecovery.com         #
#                                                                       #
##########################################################################


  $kb_pub_path = str_replace ('index.php', '', '');
  $kb_pub_path = str_replace ('index.php', '', $kb_pub_path);
  if (@filesize ('admin/engine.inc.php') == '0')
  {
    echo 'It does not appear the software is isntalled.  Please run <a href="admin/install.php">install.php</a> to install the software.';
    exit ();
  }

  include 'admin/engine.inc.php';
  include 'includes/global.php';
  require_once 'includes/function.php';
  require_once './includes/smarty/Smarty.class.php';
  require_once 'includes/context.php';
  require_once 'includes/smarty_plugins/modifier.i18n.php';
  if (!(is_writable ('./includes/smarty/templates_c')))
  {
    echo '<B>A directory has invalid permissions.  You must set the /kb/includes/smarty/templates_c folder to be fully writable.  On linux this would be done by changing the files settings using CHMOD to 777</b><P>';
    exit ();
  }

  if ($_GET['index_v1'])
  {
    $_GET['category'] = $_GET['index_v1'];
  }

  if ($_GET['index_v2'])
  {
    $_GET['article'] = $_GET['index_v2'];
  }

  $options = get_global_opts ();
      if ($_GET['article'])
    {
      $alert = save_article ('1', $_GET['article']);
    }
  }

  if ($_GET['general'] == 'saved')
  {
    if ($_GET['clear'] == '1')
    {
      $alert = save_article ('2', $_GET['article']);
    }
  }

  if ($_GET['general'] == 'saved')
  {
    if ($_GET['clear'] == '2')
    {
      $alert = save_article ('3', $_GET['delid']);
    }
  }

  if ($_GET['article'])
  {
    $sql = mysql_fetch_array (mysql_query ('SELECT cat FROM faqarticles WHERE id = \'' . $_GET['article'] . '\''));
    $category = $sql['cat'];
    $article = $_GET['article'];
  }

  if (!($article))
  {
    $article = $_POST['article'];
  }

  if ($_GET['category'])
  {
    $category = $_GET['category'];
  }

  $breadcrumb = find_crumb ($article, $category);
  $smarty->assign ('breadcrumb', $breadcrumb);
  $nextTemplate = context_switch ($smarty);
  if (is_a ($nextTemplate, 'ContextError'))
  {
    switch ($nextTemplate->getType ())
    {
      case contexterror::AUTHENTICATION_ERROR ():
      {
        $smarty->assign ('content_template', 'login.htm');
        $smarty->assign ('returntopage', 'index.php?' . $_SERVER['QUERY_STRING']);
        $smarty->assign ('context', 'login');
        break;
      }

  case contexterror::AUTHORIZATION_ERROR ():
  {
    $smarty->assign ('content_template', 'category_unauthorized.htm');
    $smarty->assign ('context', 'unauthorized');
    break;
  }
}

while (true)
{
  if ()
  {
    break;
  }
}
  }
  else
  {
    $smarty->assign ('content_template', $nextTemplate);
  }

  $pos = strpos ($prop_site[serial], 'TRIAL-');
  if ($pos === false)
  {
    $st_glob_trial = '0';
  }
  else
  {
      $context = $smarty->get_template_vars ('context');
  if ($context == 'print')
  {
    $oldValue = get_magic_quotes_runtime ();
    set_magic_quotes_runtime (false);
    $smarty->display ('print.htm');
    set_magic_quotes_runtime ($oldValue);
    return 1;
  }

  $oldValue = get_magic_quotes_runtime ();
  set_magic_quotes_runtime (false);
  $smarty->display ('index.htm');
  set_magic_quotes_runtime ($oldValue);
?>

maybe really cracked this system 🙁

Doto

<?
##########################################################################
#                                                                        #
#                  Created by PhpRecovery 1.0.5                          #
#                                                                        #
# Phprescue   :    Version 1.0.5(Private)                                #
# Decoder for Zend Encoder/SafeGuard/Ioncube/Sourceguardian/codelock     #
# Created 25/09/05              Last Modified 04/01/06                   #
# Thank you to chose  PhpRescue    [url]http://www.phprecovery.com[/url]            #
#                 Special Test decocoding Version                        #
##########################################################################
   echo 'Date Test by Doto Really decode it!' 

?>

this is example ioncube 🙁 🙁

bubblenut

drew010 wrote:
its just about the same as the mythical decompilers.

What's mythical about decompilers? There a number of examples for java which work very well. I have source code at work that was decompiled from jars when we lost the source.

fff25

Hi there! I saw www.phprecovery.com, but I don't know, how can I decode this sample index.txt. Doto send this file, and decode. Could somebody help me?
Thanks!
Mike

8ta8ta

Terrible News!!!

p1_p1_p1

please can somebody send me phprescue?

dougal85

p1_p1_p1 wrote:
please can somebody send me phprescue?

probably not.