Modify the Zend engine to implement the principle of PHP source code encryption and practice _php skills

First, the basic principle
Consider intercepting the interface that PHP reads from the source file. In the beginning, I considered processing from the interface between Apache and PHP, see Apache's src/modules/php4/mod_php4.c (this is the file that PHP compiles into apache,make install in a static way), Intercepts the file pointer in the send_php () function, using the temporary file, and decrypting and replacing the file pointer. This method has been proved to be feasible by testing and practice. However, must use two times file operation, inefficient, and for the DSO method can not be used. Double Margin Nursing Home
Thus, the process of intercepting PHP to read the file and loading it into the cache is reconsidered, and it is found that ZEND-SCANNER.C is doing this in the Zend engine. Start modifying this file. Lighting Engineering

Second, the realization method signals

Using Libmcrypt as the encryption module, the Des method is now used for ECB mode encryption,

The following is the source code for the file encryption:

C + + code
/* ECB.C-------------------cut here-----------* *
/* Encrypt for PHP source code version 0.99 Beta
We are using Libmcrypt to encrypt codes, please
Install it.
Compile command line:
Gcc-o6-lmcrypt-lm-o encryptphp ECB.C
Please set ld_library_path before to use.
GNU copyleft, designed by WangSu, Miweicong * *

#define MCRYPT_BACKWARDS_COMPATIBLE 1
#define Php_cachesize 8192
#include < mcrypt.h >
#include < stdio.h >
#include < stdlib.h >
#include < math.h >
#include < sys/types.h >
#include < sys/stat.h >
#include < fcntl.h >


Main (int argc, char** argv)
{

int TD, I,j,inputfilesize,filelength;
Char filename[255];
Char password[12];
File* IFP;
int READFD;
Char *key;
void *block_buffer;
void *file_buffer;
int keysize;
int decode=0;
int realbufsize=0;
struct stat *filestat;


if (argc = = 3) {
strcpy (password,argv[1]);
strcpy (filename,argv[2]);
else if (argc = = 4 &&!strcmp (argv[1], "-D")) {
strcpy (password,argv[2]);
strcpy (Filename,argv[3]);
decode=1;
printf ("Entering decode mode ... n");
} else {
printf ("usage:encryptphp [d] Password filenamen");
Exit (1);
}


Keysize=mcrypt_get_key_size (DES);
Key=calloc (1, Mcrypt_get_key_size (DES));

GEN_KEY_SHA1 (key, NULL, 0, keysize, password, strlen (password));
TD=INIT_MCRYPT_ECB (DES, Key, KeySize);

if (Readfd=open (filename,o_rdonly,s_irusr| s_iwusr| S_IRGRP) ==-1) {
printf ("Fatal:can ' t open file to read");
Exit (3);
}

Filestat=malloc (sizeof (STAT));

Fstat (Readfd,filestat);
inputfilesize=filestat->st_size;
printf ("FileSize is%d n", inputfilesize);
Filelength=inputfilesize;

inputfilesize= ((int) (Floor (inputfilesize/php_cachesize)) +1 *php_cachesize;

if ((File_buffer=malloc (inputfilesize)) ==null) {
printf ("Fatal:can ' t malloc file BUFFER.N");
Exit (2);
}
if ((Block_buffer=malloc (php_cachesize)) ==null) {
printf ("Fatal:can ' t malloc encrypt block BUFFER.N");
Exit (2);
}

j=0;
while (Realbufsize=read (Readfd,block_buffer, php_cachesize)) {
printf (".");
if (!decode) {
if (realbufsize< php_cachesize) {
for (i=realbufsize;i< php_cachesize;i++) {
((char *) block_buffer) [i]= ';
}
}
MCRYPT_ECB (TD, Block_buffer, Php_cachesize);
} else {
MDECRYPT_ECB (TD, Block_buffer, Realbufsize);
}
memcpy (file_buffer+j*php_cachesize,block_buffer,php_cachesize);
j + +;
}

Close (READFD);

if (Ifp=fopen (filename, "WB") ==null) {
printf ("Fatal:file access ERROR.N");
Exit (3);
}
Fwrite (File_buffer, Inputfilesize, 1, IFP);

Free (block_buffer);
Free (file_buffer);
Free (FILESTAT);
Fclose (IFP);
printf ("n");

return 0;

}
/*---End of ecb.c------------------------------------* *
Because the ECB model is block-length-determined block encryption, some empty characters are populated here. International Exhibitions

Then, modify the PHP code in ZEND/ZEND-SCANNER.C as follows:

(My PHP version is 4.01PL2, Sunsparc/solaris 2.7, gcc 2.95;)

File before adding:

#define MCRYPT_BACKWARDS_COMPATIBLE 1
#include < mcrypt.h >

Then, comment out the definition of yy_input around 3510 lines.

Then, modify the Yy_get_next_buffer () function around 5150 lines:
function header Plus definition:
void *tempbuf;
Char *key;
Char debugstr[255];
int td,keysize;
int x,y;
FILE *FP;
Then, comment out
Yy_input ((&yy_current_buffer->yy_ch_buf[number_to_move]),
Yy_n_chars, Num_to_read);
This sentence.
To

Tempbuf=malloc (Num_to_read);
if ((Yy_n_chars=fread (Tempbuf,1,num_to_read,yyin))!=0) {
/*decode*/
#define PASSWORD "PHPphp111222"
#define DEBUG 0

Keysize=mcrypt_get_key_size (DES);
Key=calloc (1, Mcrypt_get_key_size (DES));
GEN_KEY_SHA1 (key, NULL, 0, keysize, password, strlen (password));
TD=INIT_MCRYPT_ECB (DES, Key, KeySize);
MDECRYPT_ECB (TD, Tempbuf, Yy_n_chars);
memcpy ((&yy_current_buffer->yy_ch_buf[number_to_move]), tempbuf,yy_n_chars);
if (Debug) {
Fp=fopen ("/tmp/logs", "WB");
Fwrite ("Nstartn", 7,1,FP);
Fwrite (TEMPBUF,1,YY_N_CHARS,FP);
Fwrite ("Nenditn", 7,1,FP);
Fclose (FP);
}
}
Free (TEMPBUF);

Then, compile PHP, the normal way to install it, because I am not familiar with the libtool, so I chose the static mode, and in the Configure when I joined the--with-mcrypt, so I do not have to manually modify the makefile cable tray

III. Testing and Results

After compiling the Php,apache, ECB.C compiled the encryptphp to encrypt several files, respectively < 1k,10k+, and 40k+, when processing 40K size file error, other files are normal. Plastic Flooring
This is because the ECB encryption of the block determines the need to use fixed-length blocks, so let's all have a look at what kind of streaming encryption can take into account the Zend each read 8192 bytes of cache processing mode. (Zend per read block length may vary on other platforms)