PHP files are usually stored in text format on the server side, and are easily read by others. In order to protect the source code, the source code can be encrypted. Two parts are required to implement this function:
One is to encrypt the program to encrypt PHP files. The other is to parse the encrypted PHP files to obtain the running results. The former is relatively simple to implement, just a program. Most of the implementations of the latter are implemented in the form of a php module.
php_screw (screw) can realize the above functions. The latest version is 1.5, which can be downloaded on sourceforge.
Install:
The purpose of installation is actually to generate two files: one is the screw used to encrypt PHP files, and the other is the parsing module loaded by phpphp_screw.so
1. Expand the source code package and enter the directory:
2. Execute phpize and a configure will be generated in this directory.
3. Then, run configure
4. Make again
In this way, the parsing php_screw.so is generated. Next, you need to get the encryption screw
1. Enter the tools directory of the source code
2. make
This generates a screw. If you want to encrypt a file, then: screw will become encrypted, and the original plain text has been renamed to
The next task should be to load the php_screw.so module.
First, COPY the file into the module directory. For specific directory, you can refer to the extension_dir item in the /etc/ configuration file. /usr/lib/php/modules in RHEL 5
Method 1: You can create a new file in the /etc/ directory (the file can be taken arbitrarily), and its content is one sentenceextension=php_screw.so
Method 2: By modifying the file, add an extension=php_screw.so, and after restarting apache, it succeeds.
Important Note:
The compiled .so file is theoretically related to your current php version, that is, if you compiled under php 5.1, you cannot use php 5.2, because the loadable module of php is always related to its version. The screw executable file used for encryption does not matter in theory, only it belongs to the same version.
test:
Write a hello, world program with the file name as follows:
<?phpecho
"Hello,world";
?>
Use php to test whether the program can be displayed successfully. After it is successfully displayed, use screw to encrypt it (screw ), then cat the php file and find that it is no longer text, and it has become many messy characters, indicating that the secret is successfully added, and then php . If hello and world can be displayed normally, it means that there is no problem with the encryption parsing, and everything is OK. Otherwise, it means that there is something wrong and needs to be carefully checked.
Problems encountered during installation:
1. The phpize cannot be found
phpize is a tool belonging to php-develp. (Please solve the specific function yourself). Therefore, you must install the php-develp package. There are some dependencies in the middle, as follows:
[root@localhost Server]# rpm -ivh php-devel-5.1.6-5.el5.
warning: php-devel-5.1.6-5.el5.: Header V3 DSA signature: NOKEY, key ID 37017186
error: Failed dependencies:
autoconf is needed by php-devel-5.1.6-5.el5.i386
automake is needed by php-devel-5.1.6-5.el5.i386
[root@localhost Server]# rpm -ivh autoconf
autoconf213-2.13-12. autoconf-2.
[root@localhost Server]# rpm -ivh autoconf-2.
warning: autoconf-2.: Header V3 DSA signature: NOKEY, key ID 37017186
error: Failed dependencies:
imake is needed by autoconf-2.
[root@localhost Server]# rpm -ivh imake-1.0.2-3.
warning: imake-1.0.2-3.: Header V3 DSA signature: NOKEY, key ID 37017186
Preparing... ########################################### [100%]
1:imake ########################################### [100%]
[root@localhost Server]# rpm -ivh autoconf-2.
warning: autoconf-2.: Header V3 DSA signature: NOKEY, key ID 37017186
Preparing... ########################################### [100%]
1:autoconf ########################################### [100%]
[root@localhost Server]# rpm -ivh automake
automake14-1. automake16-1.6. automake-1.9.6-2.
automake15-1. automake17-1.7.
[root@localhost Server]# rpm -ivh automake-1.9.6-2.
warning: automake-1.9.6-2.: Header V3 DSA signature: NOKEY, key ID 37017186
Preparing... ########################################### [100%]
1:automake ########################################### [100%]
[root@localhost Server]# rpm -ivh php-devel-5.1.6-5.el5.
warning: php-devel-5.1.6-5.el5.: Header V3 DSA signature: NOKEY, key ID 37017186
Preparing... ########################################### [100%]
1:php-devel ########################################### [100%]
2. Each encrypted file has a very obvious string PM9SCREW, which is easy to guess that it is encrypted with screw.
The solution to this problem needs to be started at the first step of installation. The identification string is in the source code php_screw.h. Before compiling, you can change this string, for example, change it to PeterHu, and the corresponding length below is no longer 10, but \tPeterHu\t, there are 7 in total.
#define PM9SCREW "\tPM9SCREW\t"
#define PM9SCREW_LEN 10
==================================================================================
I have read a lot of PHP_SCREW installation articles online and I have also read the READEME in the source code newspaper several times.
It’s really hard to do it, either the script cannot be executed or the web page cannot be displayed. After unyielding tossing, I finally got it out... Share the following method... If you have a big shrimp who knows the specific reason, you might as well give me some advice.
PS:CentOS release 5.8 (Final),php5.
Download php-screw-1.5, if php4 is used, use php-screw-1.3
Source code package:/projects/php-screw/files/latest/download?source=files
Put the source code package in /usr/local and start the installation
-zxvf php_screw-1. (If you come up with permission, add sudo)
php_screw_1.5
(If you cannot execute it, write the absolute path of phpize, and if it is installed)
my_screw.h (The password is inside. If you want to change it, it is best not to exceed 5 digits. If you change it, remember it well, because it must be used when recompiling it)
php_screw.h (There is an encrypted string inside, and the default is PM9SCREW. It is best to change it to another string. If the string changes, the length should also be changed. If it changes to LOVE, the length will be 6. The string should be recorded)
6. ./configure
7. make && make install
If successful, the output will be: Installing shared extensions: /usr/lib64/php/modules/(This directory is the directory specified by extension_dir under /etc). The php_screw.so file is here, of course, there are also modules in the compiled directory.
8. cd tools/
9. make
This generates the encryption program screw
10. cp screw /usr/bin
In this way, when encrypting, you can directly scroll the file name without writing the scroll path
11. Modify ini
cd /etc/ (There are various extensions loaded here that can be written here. Open other files and check them out)
vi php_screw.ini
Write extension=php_screw.so in it to save and exit
12. Restart apache
Create in the root directory
<?echo 'hello';?>
php
Output: hello
screw
Output: Success Crypting() means that the encryption is successful and there will be an extra file in the directory. Now it has been encrypted, while the extra file is a backup of the source file.
cat displays garbled code.
PHP output hello. The script parsing encrypted file was successfully performed.
Create phpinfo in the root directory. If there is information about php_screw extension in it, it means that you can access the encrypted file through the browser. No need to continue reading. I have two, and the ini is called different from the script.
Next, we have to recompile it in order to display it normally on the web page.
1. Go to compile the directory
make clean
Then delete the directory.
-zxvf php_screw.1. Re-decompression
3. phpize
4. Remember the password and string in php_screw.h to be the same as before
5. ./configure --with-php-config=php-config path (in the php installation directory)
&& make install
Output: Installing shared extensions: /var/www/php5/lib/php/extensions/no-debug-non-zts-20060613/
(This time php_screw.so is in this directory)
7.php_screw.so is copied to the directory specified by extension_dir in phpinfo. Mine is under /var/www/modules
8. Modify (in the php installation directory, phpinfo will display which ini is loaded, and then change that)
Add extension=php_scrw.so at the bottom
9. Restart apache
10. Check whether there is any php_screw related information in phpinfo, if there is, it will be OK~
At this point, the installation is over. Although I nodded a little, I still didn't understand why I had to compile this twice...
PS: Several problems encountered during the compilation process are as follows (solution)
1。 /root/php_screw-1.5/php_screw.c: In function ‘pm9screw_compile_file':
Solution:
Need to modify php_screw.c
Put org_compile_file(file_handle, type) in lines 78, 84, 93;
Modified to:
org_compile_file(file_handle, type TSRMLS_CC);
Then make it again and it succeeds.
2. /opt/soft/php_screw-1.5/php_screw.c: In function‘zm_startup_php_screw':/opt/soft/php_screw-1.5/php_screw.c:124: Error: ‘zend_compiler_globals’ No member named ‘extended_info’/opt/soft/php_screw-1.5/php_screw.c: In function ‘zm_shutdown_php_screw':/opt/soft/php_screw-1.5/php_screw.c:133: Error: ‘zend_compiler_globals’ No member named ‘extended_info’ makes: *** [php_screw.lo] Error 1
Solution:
Need to modify php_screw.c
Put CG(extended_info) = 1;
Modified to:
CG(compiler_options) |= ZEND_COMPILE_EXTENDED_INFO;
How to encrypt the files contained in the directory and files contained in the directory as a whole in the current directory
find ./ -name "*.php" -print|xargs -n1 screw //Encrypt all .php files
find ./ -name "*.screw" -print/xargs -n1 rm //Delete all backup files of .php source files
All the commands have been successfully tested...... There should be nothing to add to...
One is to encrypt the program to encrypt PHP files. The other is to parse the encrypted PHP files to obtain the running results. The former is relatively simple to implement, just a program. Most of the implementations of the latter are implemented in the form of a php module.
php_screw (screw) can realize the above functions. The latest version is 1.5, which can be downloaded on sourceforge.
Install:
The purpose of installation is actually to generate two files: one is the screw used to encrypt PHP files, and the other is the parsing module loaded by phpphp_screw.so
1. Expand the source code package and enter the directory:
2. Execute phpize and a configure will be generated in this directory.
3. Then, run configure
4. Make again
In this way, the parsing php_screw.so is generated. Next, you need to get the encryption screw
1. Enter the tools directory of the source code
2. make
This generates a screw. If you want to encrypt a file, then: screw will become encrypted, and the original plain text has been renamed to
The next task should be to load the php_screw.so module.
First, COPY the file into the module directory. For specific directory, you can refer to the extension_dir item in the /etc/ configuration file. /usr/lib/php/modules in RHEL 5
Method 1: You can create a new file in the /etc/ directory (the file can be taken arbitrarily), and its content is one sentenceextension=php_screw.so
Method 2: By modifying the file, add an extension=php_screw.so, and after restarting apache, it succeeds.
Important Note:
The compiled .so file is theoretically related to your current php version, that is, if you compiled under php 5.1, you cannot use php 5.2, because the loadable module of php is always related to its version. The screw executable file used for encryption does not matter in theory, only it belongs to the same version.
test:
Write a hello, world program with the file name as follows:
Copy the codeThe code is as follows:
<?phpecho
"Hello,world";
?>
Use php to test whether the program can be displayed successfully. After it is successfully displayed, use screw to encrypt it (screw ), then cat the php file and find that it is no longer text, and it has become many messy characters, indicating that the secret is successfully added, and then php . If hello and world can be displayed normally, it means that there is no problem with the encryption parsing, and everything is OK. Otherwise, it means that there is something wrong and needs to be carefully checked.
Problems encountered during installation:
1. The phpize cannot be found
phpize is a tool belonging to php-develp. (Please solve the specific function yourself). Therefore, you must install the php-develp package. There are some dependencies in the middle, as follows:
Copy the codeThe code is as follows:
[root@localhost Server]# rpm -ivh php-devel-5.1.6-5.el5.
warning: php-devel-5.1.6-5.el5.: Header V3 DSA signature: NOKEY, key ID 37017186
error: Failed dependencies:
autoconf is needed by php-devel-5.1.6-5.el5.i386
automake is needed by php-devel-5.1.6-5.el5.i386
[root@localhost Server]# rpm -ivh autoconf
autoconf213-2.13-12. autoconf-2.
[root@localhost Server]# rpm -ivh autoconf-2.
warning: autoconf-2.: Header V3 DSA signature: NOKEY, key ID 37017186
error: Failed dependencies:
imake is needed by autoconf-2.
[root@localhost Server]# rpm -ivh imake-1.0.2-3.
warning: imake-1.0.2-3.: Header V3 DSA signature: NOKEY, key ID 37017186
Preparing... ########################################### [100%]
1:imake ########################################### [100%]
[root@localhost Server]# rpm -ivh autoconf-2.
warning: autoconf-2.: Header V3 DSA signature: NOKEY, key ID 37017186
Preparing... ########################################### [100%]
1:autoconf ########################################### [100%]
[root@localhost Server]# rpm -ivh automake
automake14-1. automake16-1.6. automake-1.9.6-2.
automake15-1. automake17-1.7.
[root@localhost Server]# rpm -ivh automake-1.9.6-2.
warning: automake-1.9.6-2.: Header V3 DSA signature: NOKEY, key ID 37017186
Preparing... ########################################### [100%]
1:automake ########################################### [100%]
[root@localhost Server]# rpm -ivh php-devel-5.1.6-5.el5.
warning: php-devel-5.1.6-5.el5.: Header V3 DSA signature: NOKEY, key ID 37017186
Preparing... ########################################### [100%]
1:php-devel ########################################### [100%]
2. Each encrypted file has a very obvious string PM9SCREW, which is easy to guess that it is encrypted with screw.
The solution to this problem needs to be started at the first step of installation. The identification string is in the source code php_screw.h. Before compiling, you can change this string, for example, change it to PeterHu, and the corresponding length below is no longer 10, but \tPeterHu\t, there are 7 in total.
Copy the codeThe code is as follows:
#define PM9SCREW "\tPM9SCREW\t"
#define PM9SCREW_LEN 10
==================================================================================
I have read a lot of PHP_SCREW installation articles online and I have also read the READEME in the source code newspaper several times.
It’s really hard to do it, either the script cannot be executed or the web page cannot be displayed. After unyielding tossing, I finally got it out... Share the following method... If you have a big shrimp who knows the specific reason, you might as well give me some advice.
PS:CentOS release 5.8 (Final),php5.
Download php-screw-1.5, if php4 is used, use php-screw-1.3
Source code package:/projects/php-screw/files/latest/download?source=files
Put the source code package in /usr/local and start the installation
-zxvf php_screw-1. (If you come up with permission, add sudo)
php_screw_1.5
(If you cannot execute it, write the absolute path of phpize, and if it is installed)
my_screw.h (The password is inside. If you want to change it, it is best not to exceed 5 digits. If you change it, remember it well, because it must be used when recompiling it)
php_screw.h (There is an encrypted string inside, and the default is PM9SCREW. It is best to change it to another string. If the string changes, the length should also be changed. If it changes to LOVE, the length will be 6. The string should be recorded)
6. ./configure
7. make && make install
If successful, the output will be: Installing shared extensions: /usr/lib64/php/modules/(This directory is the directory specified by extension_dir under /etc). The php_screw.so file is here, of course, there are also modules in the compiled directory.
8. cd tools/
9. make
This generates the encryption program screw
10. cp screw /usr/bin
In this way, when encrypting, you can directly scroll the file name without writing the scroll path
11. Modify ini
cd /etc/ (There are various extensions loaded here that can be written here. Open other files and check them out)
vi php_screw.ini
Write extension=php_screw.so in it to save and exit
12. Restart apache
Create in the root directory
<?echo 'hello';?>
php
Output: hello
screw
Output: Success Crypting() means that the encryption is successful and there will be an extra file in the directory. Now it has been encrypted, while the extra file is a backup of the source file.
cat displays garbled code.
PHP output hello. The script parsing encrypted file was successfully performed.
Create phpinfo in the root directory. If there is information about php_screw extension in it, it means that you can access the encrypted file through the browser. No need to continue reading. I have two, and the ini is called different from the script.
Next, we have to recompile it in order to display it normally on the web page.
1. Go to compile the directory
make clean
Then delete the directory.
-zxvf php_screw.1. Re-decompression
3. phpize
4. Remember the password and string in php_screw.h to be the same as before
5. ./configure --with-php-config=php-config path (in the php installation directory)
&& make install
Output: Installing shared extensions: /var/www/php5/lib/php/extensions/no-debug-non-zts-20060613/
(This time php_screw.so is in this directory)
7.php_screw.so is copied to the directory specified by extension_dir in phpinfo. Mine is under /var/www/modules
8. Modify (in the php installation directory, phpinfo will display which ini is loaded, and then change that)
Add extension=php_scrw.so at the bottom
9. Restart apache
10. Check whether there is any php_screw related information in phpinfo, if there is, it will be OK~
At this point, the installation is over. Although I nodded a little, I still didn't understand why I had to compile this twice...
PS: Several problems encountered during the compilation process are as follows (solution)
1。 /root/php_screw-1.5/php_screw.c: In function ‘pm9screw_compile_file':
Solution:
Need to modify php_screw.c
Put org_compile_file(file_handle, type) in lines 78, 84, 93;
Modified to:
org_compile_file(file_handle, type TSRMLS_CC);
Then make it again and it succeeds.
2. /opt/soft/php_screw-1.5/php_screw.c: In function‘zm_startup_php_screw':/opt/soft/php_screw-1.5/php_screw.c:124: Error: ‘zend_compiler_globals’ No member named ‘extended_info’/opt/soft/php_screw-1.5/php_screw.c: In function ‘zm_shutdown_php_screw':/opt/soft/php_screw-1.5/php_screw.c:133: Error: ‘zend_compiler_globals’ No member named ‘extended_info’ makes: *** [php_screw.lo] Error 1
Solution:
Need to modify php_screw.c
Put CG(extended_info) = 1;
Modified to:
CG(compiler_options) |= ZEND_COMPILE_EXTENDED_INFO;
How to encrypt the files contained in the directory and files contained in the directory as a whole in the current directory
find ./ -name "*.php" -print|xargs -n1 screw //Encrypt all .php files
find ./ -name "*.screw" -print/xargs -n1 rm //Delete all backup files of .php source files
All the commands have been successfully tested...... There should be nothing to add to...