Security Analysis of PHP Bytecode Protection Mechanisms
نویسندگان
چکیده
PHP is the most popular scripting language for web applications. Because no native solution to compile or protect PHP scripts exists, PHP applications are usually shipped as plain source code which is easily understood or copied by an adversary. In order to prevent such attacks, commercial products such as ionCube, Zend Guard, and Source Guardian promise a source code protection. In this paper, we analyze the inner working and security of these tools and propose a method to recover the source code by leveraging static and dynamic analysis techniques. We introduce a generic approach for decompilation of obfuscated bytecode and show that it is possible to automatically recover the original source code of protected software. As a result, we discovered previously unknown vulnerabilities and backdoors in 1 million lines of recovered source code of 10 protected applications.
منابع مشابه
Reasoning about safety properties in a JVM-like environment
Type-based protection mechanisms in a JVM-like environment must be administrated by the code consumer at the bytecode level. Unfortunately, formulating a sound static type system for the full JVM bytecode language can be a daunting task. It is therefore counter-productive for the designer of a bytecode-level type system to address the full complexity of the VM environment in the early stage of ...
متن کاملSecurity Analysis of PHP Encoder
As an open source server-side scripts language, PHP is used more and more widely by Web developers now. Protecting PHP code from being plagiarized is also a hot research issue especially with the rapid development of dynamic web industry and people’s copyright protection consciousness. Usually the developers use PHP encoders to encrypt the PHP codes before selling them out. There are several di...
متن کاملJava Bytecode Dependence Analysis for Secure Information Flow
Java programs can be transmitted and executed on another host in bytecode format, thus the sensitive information of the host may be leaked via these assembly-like programs. Information flow policy can ensure data confidentiality, however, conventional information flow analysis mainly focused on the programs written in high-level programming languages and is generally performed by type checking ...
متن کاملThe structure of a type safe operating system
The architecture of traditional operating systems relies on address-based memory protection. To achieve flexibility at a low cost operating system research has recently started to explore alternative protection mechanisms, such as type safety. This dissertation presents an operating system architecture that completely replaces address-based protection with type-based protection. Replacing such ...
متن کاملTiming Aware Information Flow Security for a JavaCard-like Bytecode
Common protection mechanisms fail to provide end-to-end security; programs with legitimate access to secret information are not prevented from leaking this to the world. Information-flow aware analyses track the flow of information through the program to prevent such leakages, but often ignore information flows through covert channels even though they pose a serious threat. A typical covert cha...
متن کامل