Sciweavers

RAID
2015
Springer

Security Analysis of PHP Bytecode Protection Mechanisms

8 years 6 months ago
Security Analysis of PHP Bytecode Protection Mechanisms
Abstract. PHP is the most popular scripting language for web applications. Because no native solution to compile or protect PHP scripts exists, PHP applications are usually shipped as plain source code which is easily understood or copied by an adversary. In order to prevent such attacks, commercial products such as ionCube, Zend Guard, and Source Guardian promise a source code protection. In this paper, we analyze the inner working and security of these tools and propose a method to recover the source code by leveraging static and dynamic analysis techniques. We introduce a generic approach for decompilation of obfuscated bytecode and show that it is possible to automatically recover the original source code of protected software. As a result, we discovered previously unknown vulnerabilities and backdoors in 1 million lines of recovered source code of 10 protected applications.
Dario Weißer, Johannes Dahse, Thorsten Holz
Added 17 Apr 2016
Updated 17 Apr 2016
Type Journal
Year 2015
Where RAID
Authors Dario Weißer, Johannes Dahse, Thorsten Holz
Comments (0)