5.1.9. Code Obfuscation

There are various schemes for PHP code obfuscation, including encrypted files, obfuscation, virtual machine-based encryption, opcode-based encryption, extension-based encryption, etc.

Encrypting files refers to directly encrypting all php files, decrypting them in a specific way, and executing them through eval, etc. This method is the easiest to restore. Obfuscation is a method of removing variable names and changing the code organization to a certain extent through AST to reduce code readability. This method can be partially restored by corresponding reverse substitution. The virtual machine-based approach implements a virtual machine and converts PHP into specific code. This approach is basically impossible to restore, but the execution efficiency is very low. Encryption based on opcode is a method used by tools such as zend guard, and the code is compiled into opcode and then executed. Extension-based encryption needs to introduce additional extensions to implement operations such as adding garbage code, modifying control flow, and encrypting plaintext strings.