php_screw 1.5:php encryption: detailed explanation of installation and use

PHP files are usually stored on the server side in text format, and the source code can easily be read by others. In order to protect the source code, the source code can be encrypted. To implement this function, two parts are required:

One is an encryption program to encrypt PHP files. The other is to parse the encrypted PHP files to get the running results. The implementation of the former is relatively simple, it is just a program. Most of the implementations of the latter are It is implemented in the form of php module.

php_screw (screw) can achieve the above functions. The latest version is 1.5, which can be downloaded from sourceforge.
Installation:
The purpose of installation is actually to generate two files: one is screw for encrypting PHP files, and the other is the parsing module loaded by php php_screw.so
1. Expand the source code package and enter Enter the directory:
2. Execute phpize, and a configure
3 will be generated in this directory. Then, run configure
4. Then make
In this way, the php_screw used for analysis is used. so is generated. Next, you need to get the encryption screw
1. Enter the tools directory of the source code
2. make
This way, screw is generated. If you want to encrypt an lx.php file , then: screw lx.php, lx.php becomes encrypted, and the original plain text lx.php is renamed lx.php.screw
The next task should be to load the php_screw.so module,
First, copy the file to the module directory. For the specific directory, please refer to the extension_dir item in the /etc/php.ini configuration file. In RHEL 5, it is /usr/lib/php/modules
Method 1: You can create a new screw.ini file in the /etc/php.d directory (the file can be taken at will), the content of which is one sentence extension=php_screw.so
Method 2: Modify the php.ini file, add extension=php_screw.so, and restart apache and it will be successful.
Important note:
The compiled .so file is theoretically related to your current PHP version. That is to say, if you compiled it under PHP 5.1, you cannot get PHP 5.2 to use it, because PHP Loadable modules are always version-specific. Theoretically, the screw executable file used for encryption does not matter, as long as it and screw.so belong to the same version.
Test:
Write a hello, world program, file The name hello.php is as follows:

Copy the code The code is as follows:

"Hello, world ";
?>

Use php hello.php to test whether the program can be successfully displayed. After it is successfully displayed, use screw to encrypt it (screw helllo.php), and then cat the program. php file, it is found that it is no longer text, but has become a lot of garbled characters, indicating that the encryption is successful, and then php hello.php. If hello and world can be displayed normally, it means that there is no problem with the encryption analysis, and everything is OK. Otherwise, it means there is something wrong and you need to check it carefully.
Problems encountered during the installation process:
1. Cannot find phpize
phpize is a tool that belongs to php-develp, (please figure out the specific function by yourself) Therefore, you must install the php-develp package. There are some dependencies in the middle, as follows:

Copy code The code is as follows:

[root@localhost Server]# rpm -ivh php-devel-5.1.6-5.el5.i386.rpm 
 warning: php-devel-5.1.6-5.el5.i386.rpm: Header V3 DSA signature: NOKEY, key ID 37017186
 error: Failed dependencies:
 autoconf is needed by php-devel-5.1.6-5.el5.i386
 automake is needed by php-devel-5.1.6-5.el5.i386
 [root@localhost Server]# rpm -ivh autoconf
 autoconf213-2.13-12.1.noarch.rpm autoconf-2.59-12.noarch.rpm 
 [root@localhost Server]# rpm -ivh autoconf-2.59-12.noarch.rpm 
 warning: autoconf-2.59-12.noarch.rpm: Header V3 DSA signature: NOKEY, key ID 37017186
 error: Failed dependencies:
 imake is needed by autoconf-2.59-12.noarch
 [root@localhost Server]# rpm -ivh imake-1.0.2-3.i386.rpm 
 warning: imake-1.0.2-3.i386.rpm: Header V3 DSA signature: NOKEY, key ID 37017186
 Preparing... ########################################### [100%]
 1:imake ########################################### [100%]
 [root@localhost Server]# rpm -ivh autoconf-2.59-12.noarch.rpm 
 warning: autoconf-2.59-12.noarch.rpm: Header V3 DSA signature: NOKEY, key ID 37017186
 Preparing... ########################################### [100%]
 1:autoconf ########################################### [100%]
 [root@localhost Server]# rpm -ivh automake
 automake14-1.4p6-13.noarch.rpm automake16-1.6.3-8.noarch.rpm automake-1.9.6-2.1.noarch.rpm 
 automake15-1.5-16.noarch.rpm automake17-1.7.9-7.noarch.rpm 
 [root@localhost Server]# rpm -ivh automake-1.9.6-2.1.noarch.rpm 
 warning: automake-1.9.6-2.1.noarch.rpm: Header V3 DSA signature: NOKEY, key ID 37017186
 Preparing... ########################################### [100%]
 1:automake ########################################### [100%]
 [root@localhost Server]# rpm -ivh php-devel-5.1.6-5.el5.i386.rpm 
 warning: php-devel-5.1.6-5.el5.i386.rpm: Header V3 DSA signature: NOKEY, key ID 37017186
 Preparing... ########################################### [100%]
 1:php-devel ########################################### [100%] 

2.每个加密的文件头部都一个很明显的字符串PM9SCREW, 这样很容易被人猜到是用screw加密的.
这个问题的解决需要在安装的第一步就开始. 该标识串在源码的php_screw.h中. 在编译之前, 可以更改这个字符串, 例如,更改为PeterHu, 相应的下面的长度就不再是10了, 而是tPeterHut,一共7个了.

复制代码代码如下:

#define PM9SCREW        "tPM9SCREWt"
#define PM9SCREW_LEN     10

================================================== ===================================
I have read a lot of PHP_SCREW installation articles on the Internet. I have also read several README.
in the source code report is really frustrating, either the script cannot be executed, or the web page cannot be displayed. After unremitting tossing, I finally figured it out... Share the following method... If anyone knows the details You might as well give some advice on the reasons.
PS: CentOS release 5.8 (Final), php5.2.x
Download php-screw-1.5, if php4 use php-screw-1.3
Source code package: http://sourceforge.net/projects/php-screw/files/latest/download?source=files
Put the source code package under /usr/local and start the installation
1.tar -zxvf php_screw-1.5.tar.gz (Add sudo if there is an error such as permission)
2.cd php_screw_1.5
3.phpize (If it cannot be executed, write the absolute path of phpize, assuming it is installed)
4.vi my_screw.h (It contains the password, change it if you want. It is best not to exceed 5 digits. If you change it, remember it because it will be used when recompiling)
5.vi php_screw.h( There is an encrypted string inside. The default is PM9SCREW. It is best to change it to another string. If the string changes, the length will also change. If it is changed to LOVE, the length will be 6. The string should be written down)
6. ./configure
7. make && make install
If successful, it will output: Installing shared extensions: /usr/lib64/php/modules/ (this directory is the directory specified by extension_dir in php.ini under /etc). The php_screw.so file is here, of course it is also under the modules of the compilation directory.
8. cd tools/
9. make
In this way, the encryption program screw is generated
10. cp screw / Under usr/bin
In this way, when encrypting, you can screw the file name directly without writing the screw path
11. Modify ini
cd /etc/php.d (here are the various files loaded by php.ini Extensions can be written here, just open other files and you will know)
vi php_screw.ini
Write extension=php_screw.so in it, save and exit
12. Restart apache
In the root directory Create hello.php

php hello.php
Output: hello
screw hello.php
Output: Success Crypting(hello.php) , indicating that the encryption is successful, there will be an extra file hello.php.screw in the directory. The current hello.php has been encrypted, and the extra file is a backup of the source file.
cat hello.php displays garbled characters .
php hello.php outputs hello. The script method successfully parsed the encrypted file.
Create phpinfo in the root directory. If there is information related to the php_screw extension, it means that the encrypted file can be accessed through the browser. No need to continue. Look down. I have two php.ini. The web page and the ini called by the script are different.
Next, I need to recompile it so that it can be displayed normally on the web page.
1. Go to the compilation directory
make clean
Then delete the directory.
2.tar -zxvf php_screw.1.5.tar.gz Re-decompress
3. phpize
4. myscrew.h and php_screw.h The password and string must be the same as before
5. ./configure --with-php-config=php-config path (available in the php installation directory)
6.make && make install
Output: Installing shared extensions: /var/www/php5/lib/php/extensions/no-debug-non-zts-20060613/
(This time php_screw.so is in this directory)
7. Copy php_screw.so to the directory specified by extension_dir in phpinfo, mine is under /var/www/modules
8. Modify php.ini (in the php installation directory, phpinfo will show which ini is loaded, just Change that)
Add extension=php_scrw.so at the bottom
9. Restart apache
10. Check if there is any php_screw related information in phpinfo, if there is, it will be ok ~
That’s it , the installation is over. Although I have some clues, I still don’t quite understand why it has to be compiled twice...
PS: Several problems encountered during the compilation process As follows (solution)
1. /root/php_screw-1.5/php_screw.c: In function 'pm9screw_compile_file':
Solution:
Need to modify php_screw.c
to 78, 84, 93 The line org_compile_file(file_handle, type);
is modified to:
org_compile_file(file_handle, type TSRMLS_CC);
and then make succeeds.
2. /opt/soft/php_screw-1.5/php_screw.c: In function 'zm_startup_php_screw':/opt/soft/php_screw-1.5/php_screw.c:124: Error: 'zend_compiler_globals' No member named 'extended_info' /opt/soft/php_screw-1.5/php_screw.c: In function 'zm_shutdown_php_screw':/opt/soft/php_screw-1.5/php_screw.c:133: Error: 'zend_compiler_globals' has no member named 'extended_info' member make: *** [php_screw.lo] Error 1
Solution:
Need to modify php_screw.c
Put CG(extended_info) = 1;
Modify to:
CG(compiler_options) |= ZEND_COMPILE_EXTENDED_INFO;
How php_screw encrypts the current directory, the files contained in the directory, and the files in the containing directory as a whole
find ./ -name "*.php" -print|xargs -n1 screw //Encrypt all .php files
find ./ -name "*.screw" -print/xargs -n1 rm //Delete all The backup file
command of the .php source file has been successfully tested... There should be nothing to add...