Decoding scripts
 

Is it possible and if yes,how easy it is?

An increase number of programmers encode their scripts which is understandable, but what happens when one day their support is gone and you have built a business on them?

post an example

Such as a php zend encoding? Or what type of encoding?

I know that Zend Encoding has not been decoded yet!

jDoG

Then you have a problem. So when you hire a programmerm, ask for the sources.

!/usr/bin/perl
#!/usr/local/bin/perl
####THIS PROGRAM IS COPYRIGHT 2002-2004XXXXXXXXXXXXXXXXX.
####YOU MAY NOT DISTRIBUTE, RESELL, MODIFY, OR ALTER THIS PROGRAM
####WITHOUT PRIOR AUTHORIZATION FROM XXXXXXXXXX####VISIT HTTP://XXXXXXXXXXXXXXXXXX
####TO VIEW THE ENTIRE LICENSING AGREEMENT THAT YOU MUST AGREE
####TO PRIOR TO INSTALLING OR USING THIS SOFTWARE
$AXXAAAXA="92Zl92l39l47l103l59l13l10l9l36l118l97l1 08l117l101=l32l61l126l32l115l47l92lX60l47l47l103l5 9l13l10l9l36l118l97l108l117l101l-32l61l126l32l115l47l92l62l47lZ47l103l59l13l10l9l36 l70l79l82+l77l123l36l110l97l109l101lZ125l32l61l32l 36l118l97l108l117l101l59l13l10=l9l125l13l10l36Xl10 2l101l101l100l98l97l99l107l95l+99l111l110l116lZ101 l110l116l32l61l32lX34l36l70l79l82l77l123-l39l102l=101Zl101l100l98l97l99l107l95l99l111l110l1 16l101l110l116=l39l125l34l59l13l10l36lX113l117l101 l114l121l32l61l32l36l69l78l86l123l39l-81l85l69l82l89l95l83l84l82lZ73l78l71l39l125l59l13l 10l36l105+l112l110l117l109l98l101l114lZ32l61l32l36 l69l78l86l123l39l82l69l77l79=l84l69l95l65l68Xl68l8 2l39l125l59l13l10l36l99l+117l114l114l101lZ110l116l 117l114l108l32lX61l32l36l69l78l86l123-l39l82l=69Zl81l85l69l83l84l";


etc

I dont think that there is anyway yet to decode zend but if the programer writes his own encoding routines then it is easy enough to decode it.

ok, thats not what i was thinking of... i cant decode that

zend from what i see looks impossible

check this funny one

http://www.scriptlance.com/projects/1073565347.shtml

you take it up the ass :(

no more high priced encoded scripts for me (bullshit scripts for $500 or less dont count) - I cant afford a guy vanishing on me and leaving me high and dry

Soul_Rebel: That code is what we call "obfuscated". It may have
some encryption involved but chances are all the info needed to
get the clean code back is in that file. The variable names are
complex and hard to read and the code has been "encoded" into
a representation of the characters in the original. However
usually with this process it's just to make it hard and doesn't
really totally hide the original code.

You'd need to find the function that turns that string of encoded
data back into the actual code and uses the eval function to run
it. If the eval is turned into a print chances are you'll have the full
code back.

I'd suggest contacting the coder if this is a commercial script
which is still being supported.

-Ben

thanks mryellow,

the above was just an example. As Steve said the problem occurs when you pay for an expensive commercial script and one day the company/programmer behind it dissapears. Some of them have security verifications and when their server is down you can access the script or even worse the script is non-functional. Custom programming is good, but has negative aspect as well. A decent script needs a lot of time, debuging, changes....it's not just a couple days process in most cases.