php代码加密-yakpro

一.技术方案:

php-obfusactor：开源免费，混淆型免扩展加密，较类似Android上的ProGuard。

yakpro-po：开源免费，混淆型免扩展加密，打乱了程序的运行流程。

Z5加密：商业，虚拟机型免扩展加密，Z-Blog团队出品。

Swoole Compiler：商业，有扩展加密，Swoole官方出品。

参考文档

https://www.anquanke.com/post/id/176767(PHP代码加密面面观)

https://github.com/pk-fr/yakpro-po

二. yak安装日志:

## Setup:

Note: This setup is also valid for Windows 10 Anniversary with bash installed…

1. Prerequisites: git and php-cli (command line interface) packages.

on ubuntu: (adapt according your linux distribution)

# apt install git

# apt install php-cli

do not forget to install all other php modules that you are using within your software:

for example: apt install php-mysql if you are using mysql…

2. Navigate to the directory where you want to install yakpro-po (/usr/local is a good idea):

# cd /usr/local

3. Then retrieve from GitHub:

# git clone https://github.com/pk-fr/yakpro-po.git

4. Go to the yakpro-po directory:

# cd yakpro-po

5. Then retrieve from GitHub:

# git clone https://github.com/nikic/PHP-Parser.git

6. Check that yakpro-po.php has execute rights, otherwise:

# chmod a+x yakpro-po.php

7. Create a symbolic link in the /usr/local/bin directory

# cd /usr/local/bin

# ln -s /usr/local/yakpro-po/yakpro-po.php yakpro-po

8. You can now run yakpro-po

# yakpro-po –help

# yakpro-po test.php

Modify a copy of the yakpro-po.cnf to fit your needs…

Read the “Configuration file loading algorithm” section of this document

to choose the best location suiting your needs!

That’s it! You’re done!

####

安装备注: 阅读yak包中的README.md 按步骤操作即可.如果git clone不下来, 直接下载zip 解压即可.

## Usage:

`yakpro-po`

Obfuscates according configuration file!

(See configuration file loading algorithm)

`yakpro-po source_filename`

Obfuscates code to stdout

`yakpro-po source_filename -o target_filename`

Obfuscates code to target_filename

`yakpro-po source_directory -o target_directory`

Recursivly obfuscates code to target_directory/yakpro-po (creates it if it does not already exist).

`yakpro-po –config-file config_file_path`

According to config_file_path.

`yakpro-po –clean`

Requires target_directory to be present in your config file!

Recursivly removes target_directory/yakpro-po

示例: 

yakpro 安装位置:  ~/yakpro-po/

默认配置文件: ~/yakpro-po/yakpro-po.cnf 不建议修改,更新代码会覆盖. 可复制配置文件到一个特定的conf目录下.

例如创建混淆代码目录: ~/test-yak/, 配置文件:  ~/test-yak/config/sp-api.cnf

配置文件修改:

分类: 1.普通变量 2.常量 3.函数 4.类名 5.类成员 6.类方法 7.类常量 

可加密: 普通变量 常量 类成员 类常量 设置为true

不可加密: 函数  类名 类方法 设置为false,

        原因: 1. 由于项目已经建立,类名和类方法的加密修改,会改变接口路由名称,所以不建议加密. 或者修改路由 并 解决加密后类名和文件名不同步的加载问题即可.

                 2. 由于函数和类方法,常常代码中有写死函数名调用的地方,加密后会造成调用找不到的错误, 所以不建议加密.

参考配置如下:

$conf->obfuscate_constant_name            = true; // self explanatory

$conf->obfuscate_variable_name             = true; // self explanatory

$conf->obfuscate_function_name             = false; // self explanatory

$conf->obfuscate_class_name                 = false; // self explanatory

$conf->obfuscate_interface_name           = false; // self explanatory

$conf->obfuscate_trait_name                   = false; // self explanatory

$conf->obfuscate_class_constant_name = true; // self explanatory

$conf->obfuscate_property_name           = true; // self explanatory

$conf->obfuscate_method_name            = false; // self explanatory

$conf->obfuscate_namespace_name     = false; // self explanatory

$conf->obfuscate_label_name                = true; // label: , goto label; obfuscation

$conf→obfuscate_if_statement               = true; // obfuscation of if else elseif statements

$conf->obfuscate_loop_statement          = true; // obfuscation of for while do while statements

$conf->obfuscate_string_literal               = true; // pseudo-obfuscation of string literals

$conf->source_directory = ‘/xxx/sp-api’; // self explanatory

$conf->target_directory  = ‘/xxx/test-yak/sp-api’; // self explanatory

常用操作如下:

创建配置文件位置: ~/test-yak/config/sp-api.cnf

cd ~/test-yak

yakpro-po –config-file ./config/sp-api.cnf                  加密整个sp-api项目

yakpro-po –clean –config-file ./config/sp-api.cnf      清除所有加密