PHP代码加密技术郭新华 PHPCON2018

下载 1

橙风

发布于

2303

人观看

信息技术

PHP作为一门脚本语言，部署的方式一般都是源码部署，这种方式无法安全的分发代码，黑客拿到源码后也很容易知道你的业务逻辑，实施有针对性的攻击，代码加密部署无疑会大大提高整个应用的安全性，我将逐一讲述如何实现PHP代码的加密，加密后有什么负面影响，以及数据加密相关的内容。

展开查看详情

1 .PHP —@swoole

2 .• pecl • swoole-src • • php-cp swoole-mysql-proxy swoole-serialize swoole-compiler

3 .• • • • etc…

4 .php AST opcodes vm PHP_OS opcodes

5 .—

6 .• ( ) • ( )

7 .— • $reflection->getDocComment ()

8 . — radius circum hash • $$var_name !0 => $radius • compact extract !1 => $circum • include stack stack • etc… Notice: Undefined variable: $_432345234

9 . — pass opcodes /* CSE, STRING construction */ /* Constant conversion and jumps */ /* ++, +=, series of jumps */ /* INIT_FCALL_BY_NAME -> DO_FCALL */ /* CFG based optimization */ /* DFA based optimization */ /* CALL GRAPH optimization */ /* SCCP (constant propagation) */ • optimize /* TMP VAR usage */ /* NOP removal */ • /* Merge equal constants */ /* Adjust used stack */ /* Remove unused variables */ separate /* DCE (dead code elimination) */ /* Collect constants */ /* Inline functions */ /* etc…*/ vm

10 .- • need to migrate from php72

11 .— ( )

12 . 1 3 4 2 • • recv send return • copy • jmp jmpz jmpnz • init fcall do fcall • opcodes • etc… • • etc… • etc… • • • etc…

13 .( )

14 . — llvm bitcode opcode llvm IR llvm pass bitcode llvm

15 .——————- ——————

16 .

17 . if(a==1) echo 1 if(a==2) echo 2 if(a==3) echo 3 echo ‘end’

18 . switch next if(a==1) if(a==2) if(a==2) if(a==3) next =1; echo 1; next =3; echo 2; next =3; echo 2; next =5; echo 3; else next = 6; else next = 6; else next = 6; else next = 6; next =2; next =4; next =4; next =6; echo ’end’; return;

19 . md5 _8739482343 hash hash zif_md5 zif_md5

20 ./ opcode handler vm handler opcode handler ZEND_ECHO echo_handler ZEND_MUL mul_handler ZEND_RETURN return_handler opcode / c .. .. .

21 .handler opcode handler c opcode handler opcode handler opcode handler opcode handler opcode handler .. c .. .

22 . (vmp) my_vm my_opcode my_handler my_opcode my_handler • zend_vm my_opcode my_handler • • my_opcode my_handler • handler my_opcode my_handler .. .. .

23 .my_jmpz_handler

24 .my_echo_handler

25 .• • • • •

26 .• •

27 .swoole compiler —---- + +

28 . swoole compiler php( + php git )

29 .thanks

0 点赞

0 收藏

1下载

PHP代码加密技术 郭新华 PHPCON2018

PHP代码加密技术郭新华 PHPCON2018