Php_screw1.5: php encryption: installation and usage details

This article provides a detailed analysis of php_screw1.5: php encryption: Installation and Use. For more information, see the php file stored on the server in text format, it is easy for others to read the source code. to protect the source code, the source code can be encrypted. to implement this function, two parts are required:

First, the encryption program is used to encrypt the php file. the other is to parse the encrypted php file to get the running result. the implementation of the former is relatively simple, just a program. most of the implementations of the latter are implemented through the php module.

Php_screw (screw) can implement the above functions. The latest version is 1.5 and can be downloaded on sourceforge.
Installation:
The purpose of installation is to generate two files: one is to encrypt the screw of the php file, and the other is the parsing module loaded by php. Php_scresponso
1. expand the source code package and enter the directory:
2. execute phpize to generate a configure under this directory.
3. then, run configure
4. make again
In this way, the php_scresponso used for parsing is generated. Next we need to obtain the encrypted screw.
1. go to the tools Directory of the source code.
2. make
In this way, the screw is generated. if you want to encrypt a lx. php file, then: screw lx. php, lx. php becomes encrypted. the original plaintext lx. php was renamed lx. php. screw
The next task is to load the php_scresponso module,
First, COPY the file to the module directory. For more information, see/etc/php. extension_dir in The ini configuration file, which is/usr/lib/php/modules in RHEL 5.
Method 1: You can create a screw. ini file in the/etc/php. d Directory (the file can be retrieved at will). the content of this file is one sentence.Extension = php_scresponso
Method 2: Add extension = php_scresponso by modifying the php. ini file, and restart apache.
Important:
Compiled. in theory, the so file is related to your current php version. that is to say, if you compile the file in php 5.1, you will not be able to use it in php 5.2, because php's loadable modules are always related to their versions. in theory, it doesn't matter whether the encrypted screw executable file is used. so belongs to the same version.
Test:
Write a hello, world program named hello. php as follows:
The code is as follows:
"Hello, world ";
?>

Use php hello. if the php test program is successfully displayed, use the screw to encrypt it (screw helllo. php), then cat the php file and find that it is no longer a text, it becomes a lot of messy characters, it indicates that the encryption is successful, and then php hello. php. If hello, world is displayed normally, it indicates that the encryption resolution is no problem, and everything is OK. otherwise, it indicates that there is something wrong and you need to check it carefully.
Problems encountered during installation:
1. phpize not found
Phpize is a php-develp tool. you must install the php-develp package. there are some dependencies in it, as shown below:
The code is as follows:
[Root @ localhost Server] # rpm-ivh php-devel-5.1.6-5.el5.i386.rpm
Warning: php-devel-5.1.6-5.el5.i386.rpm: Header V3 DSA signature: NOKEY, key ID 37017186
Error: Failed dependencies:
Autoconf is needed by php-devel-5.1.6-5.el5.i386
Automake is needed by php-devel-5.1.6-5.el5.i386
[Root @ localhost Server] # rpm-ivh autoconf
Autoconf213-2.13-12.1.noarch.rpm autoconf-2.59-12.noarch.rpm
[Root @ localhost Server] # rpm-ivh autoconf-2.59-12.noarch.rpm
Warning: autoconf-2.59-12.noarch.rpm: Header V3 DSA signature: NOKEY, key ID 37017186
Error: Failed dependencies:
Imake is needed by autoconf-2.59-12.noarch
[Root @ localhost Server] # rpm-ivh imake-1.0.2-3.i386.rpm
Warning: imake-1.0.2-3.i386.rpm: Header V3 DSA signature: NOKEY, key ID 37017186
Preparing... ######################################## ### [100%]
1: imake ####################################### #### [100%]
[Root @ localhost Server] # rpm-ivh autoconf-2.59-12.noarch.rpm
Warning: autoconf-2.59-12.noarch.rpm: Header V3 DSA signature: NOKEY, key ID 37017186
Preparing... ######################################## ### [100%]
1: autoconf ####################################### #### [100%]
[Root @ localhost Server] # rpm-ivh automake
Automake14-1.4p6-13.noarch.rpm automake16-1.6.3-8.noarch.rpm automake-1.9.6-2.1.noarch.rpm
Automake15-1.5-16.noarch.rpm automake17-1.7.9-7.noarch.rpm
[Root @ localhost Server] # rpm-ivh automake-1.9.6-2.1.noarch.rpm
Warning: automake-1.9.6-2.1.noarch.rpm: Header V3 DSA signature: NOKEY, key ID 37017186
Preparing... ######################################## ### [100%]
1: automake ####################################### #### [100%]
[Root @ localhost Server] # rpm-ivh php-devel-5.1.6-5.el5.i386.rpm
Warning: php-devel-5.1.6-5.el5.i386.rpm: Header V3 DSA signature: NOKEY, key ID 37017186
Preparing... ######################################## ### [100%]
1: php-devel ##################################### ###### [100%]

2. each encrypted file header has a very obvious string PM9SCREW, which is easily guessed to be encrypted with screw.
To solve this problem, you must start the first step of installation. this identifier string is in the source code php_scresponh. before compilation, you can change this string. for example, if it is changed to PeterHu, the corresponding length below will not be 10, but \ tPeterHu \ t, a total of seven.
The code is as follows:
# Define PM9SCREW "\ tPM9SCREW \ t"
# Define PM9SCREW_LEN 10

========================================================== ========================================================== =
I have read a lot of PHP_SCREW installation articles on the Internet, and read READEME in the source code report several times.
This is a tough task. either the script cannot be executed, or the webpage cannot be displayed. after the indomitable tossing, the system finally rolled out ...... share the following methods... if you know the specific reason, give me some advice.
PS: CentOS release 5.8 (Final), php5.2.x
Download php-screw-1.5 for php4 with php-screw-1.3
SOURCE package: http://sourceforge.net/projects/php-screw/files/latest/download? Source = files
Put the source code package in/usr/local and start installation.
1. tar-zxvf php_screw-1.5.tar.gz (out of permission and other errors will add sudo)
2. cd php_screw_1.5
3. phpize (write the absolute path of phpize if it cannot be executed. if it is installed)
4. vi my_screw.h (the password is in it. if you want to change it, you 'd better not set it to more than 5 digits. remember it if you change it, because it should be used for re-compilation)
5. vi php_scresponh (which is an encrypted string. the default value is PM9SCREW. it is best to change it to another string. the length of the string must also be changed. if it is changed to LOVE, the length is 6, and the string should be noted down)
6 ../configure
7. make & make install
If it succeeds, the output will be: Installing shared extensions:/usr/lib64/php/modules/(the directory is php under/etc. directory specified by extension_dir in ini ). the php_scresponso file is here, of course, under the modules compiling directory.
8. cd tools/
9. make
In this way, the program screw for encryption is generated.
10. under cp screw/usr/bin
In this way, the screw file name can be directly used for encryption. you do not need to write the screw path.
11. modify ini
Cd/etc/php. d (various extensions loaded by php. ini can be written here. open other files and you will know)
Vi php_scresponini
Enter extension = php_scresponso to save and exit.
12. restart apache
Create hello. php in the root directory

Php hello. php
Output: hello
Screw hello. php
Output: Success Crypting (hello. php), indicates that the encryption is successful, and an extra file in the directory will be displayed hello. php. screw, now hello. php is already encrypted, while the more is the backup of the source file.
Cat hello. php displays garbled characters.
Php hello. php outputs hello. script to parse the encrypted file.
Create phpinfo in the root directory. if php_screw extension information exists, you can access the encrypted file through a browser. you don't have to continue reading. I have two php instances. ini, the web page is different from the ini called by script.
Next we need to re-compile it to display it normally on the webpage.
1. Compile the Directory
Make clean
Delete the directory.
2. decompress tar-zxvf php_scre%1.5.tar.gz again
3. phpize
4. the password and string in myscrew. h and php_screw.h should be the same as the previous one.
5../configure -- with-php-config = php-config path (available in the php installation directory)
6. make & make install
Output: Installing shared extensions:/var/www/php5/lib/php/extensions/no-debug-non-zts-20060613/
(This time, php_scresponso is in this directory)
7. copy php_scresponso to the directory specified by extension_dir in phpinfo, under/var/www/modules.
8. modify php. ini (in the php installation directory, phpinfo will show which ini is loaded and change it)
Add extension = php_scrw.so at the bottom
9. restart apache
10. in phpinfo, check that there is php_screw related information on the wood. if so, OK ~
At this point, the installation is complete. although there are some clues, I still don't quite understand why I have to compile it twice ......
PS: Several problems encountered during compilation are as follows (solution)
1. /Root/php_screw-1.5/php_scresponc: In function 'pm9screw _ compile_file ':
Solution:
You need to modify php_screw.c
Set org_compile_file (file_handle, type) in line 78, 84, and 93 );
To:
Org_compile_file (file_handle, type TSRMLS_CC );
Then make will be successful.
2. /opt/soft/php_screw-1.5/php_screw.c: In function 'zm _ startup_php_screw':/opt/soft/php_screw-1.5/php_screw.c: 124: error: 'zend _ compiler_globals' does not have a member named 'extended _ info'/opt/soft/php_screw-1.5/php_scre1_c: In function 'zm _ shutdown_php_screw ':/opt/soft/php_screw-1.5/php_screw.c: 133: Error: 'zend _ compiler_globals 'does not have the 'extended _ info' member make: *** [php_screw.lo] Error 1
Solution:
You need to modify php_screw.c
Set CG (extended_info) to 1;
To:
CG (compiler_options) | = ZEND_COMPILE_EXTENDED_INFO;
How does php_screw encrypt the files in the current directory and the files in the directory?
Find./-name "*. php"-print | xargs-n1 screw // encrypt all. php files
Find./-name "*. screw"-print/xargs-n1 rm // delete the backup files of all. php source files
The command has been tested successfully .....