Why do we get upset or feel upset?

PHP Obfuscators and Encoders

A common problem with Interpreted Languages (eg. PHP, Javascript, Java, Python) is that its really hard to protect the source code. Today, I will talk about PHP Obfuscators and Encoders.
Two types of protection can be found for PHP, first type which is the easiest, Obfuscation. Making the code not human readable. An example of such product is ZenCrypt (I wrote a semi-review about it last year). However, a good developer or a reverse engineer can go about that, and alter the code to change its behavior, like bypass the license verification.

The second type is encoding, the encoder encodes the PHP script to some encrypted text (I don’t want to go into details here, but that’s the general idea). Those encoded scripts requires a loader, this loader decodes the script and runs it via the PHP Interpreter. Those loaders are simply PHP extensions. Example of those are ZendGuard and IonCube.

It is not hard to write a PHP extension, but it wont be adapted easily with most online hosts. Maybe Enterprise! But again, maintaining cross platforms is not an easy task.

Since IonCube and ZendGuard are widely supported with most hosts some came up with the idea of creating a hybrid obfuscator. The idea is to encrypt the code and have a php script to decrypt. But the decrypting script is encoded using ZendGuard or Ioncube. An example of such is phpCipher.

Last year in my post I wrote that I will be writing an encoder, I have been very busy since then. But last week I had the chance to start writing my encoder. I have most of the logic done. Once I am done writing my loader script, I will start writing the desktop app to encode the scripts. I am planing to release it on Mac App Store and online on my website for a small amount of money.

On a side note, I may offer my source for sale.

What is beauty?

This question popped up to my mind and it is inspired by the previous post (What is Love?).

Beauty is an interpretation of some kind of love or let me say liking. When we see something we like, we say its beautiful. Defining the word “like” will take another post, so I will stick with the word “beauty”.

When we see a person who is beautiful, it means that we either love this person, so we like everything about this person, then he/she becomes the most beautiful person in the world. Or we like something about this him/her, so it could be the shape of his/her face, the color of the eyes, or his/her hair cut/style. People sometimes look beautiful for the way they dress and depending on your mood.

If you notice, sometimes you see a beautiful person, and another day, they are just like the rest, the beauty is just gone. It could be that she/he was wearing something you like.

This word has a very complex meaning, I tried to express it in my own simple words.

Disclaimer

Every blog needs this. I should have done it earlier, but I guess I never knew what other write. But now, I created a page that contains my blog disclaimer. This disclaimer applies to my blog and twitter, considering twitter as a microblogging tool.

This link for my disclaimer: http://almahdi.cc/disclaimer/

What is love?

What is love? It is a question that have been asked by Hussain Nasser (@hnasr). So, here is my answer. Keeping in mind that everything I write here is my own opinion, some people may agree and some don’t.. So please don’t flood me with comments saying that I wrote the wrong thing or I have a weirdo opinion.

Love can be applied to everything, you can love a person, or a computer or even a pet. But I will define love based on loving people.

When I chat with my friends, we joke and we say that love is a band-pass-filter. What it means is that when we love, we only see what we like. Love is like glasses with filters, that makes us not only see what we like, it may even makes us like things we didn’t like.

Love is the butterfly effect when you see the person you love. Love is when you feel alone without this person around you, even though everyone else is around.

In love, beauty doesn’t count. It doesn’t matter if the person you love is beautiful/handsome or not, because love makes everything beautiful.

Love is when you want to spend the rest of your life with this person with no regrets! Love is happiness. Love is the most beautiful thing in this life. Love is what makes us. We can’t live without love…

Sometimes people mix love with sex, this is not true! Sex has nothing to do with love. Sex is a physical thing while love is a feeling. Attraction is not love. Liking an attitude is not love.

Viva Bahrain 3G network and Phone battery life!

If you haven’t noticed, using Viva 3G network consumes more battery than any other network in bahrain, zain and batelco to be specific. To make the story short, Viva 3G network is actually setup on HSPA+ which consumes more power than 3G.

Brief Technical Information: Quoted from Wikipedia:

High-Speed Downlink Packet Access (HSDPA) is an enhanced 3G (third generation) mobile telephony communications protocol in the High-Speed Packet Access (HSPA) family, also dubbed 3.5G, 3G+ or turbo 3G, which allows networks based on Universal Mobile Telecommunications System (UMTS) to have higher data transfer speeds and capacity.

zain and Batelco provide HSPA+, however, the phone has to switch to it when it requires high speed access, but on Viva, HSPA is the default.

I bought myself a Dell Streak

Few days ago, I sold my iPad.. For few reasons.. 1st, I couldn’t find a proper use for it. I used it for browsing, but its size was too big for me. I thought of purchasing the Galaxy Tab, since its 7-inch… I went and I grabbed one and I tested holding it and walking with it. Didn’t wasn’t good either. The Dell Streak is the perfect size, yet, good screen. I immediately fell in love with the Streak. So, I bought one.

Why I don’t jailbreak my iOS device?

I just had a conversation with my friends. Why I don’t jailbreak my iOS devices.

A basic overview:
Jailbreaking the device basicly means getting root access to the device. It’s a Unix term to get administrative access to the device. Allowing you to install apps and customize the system.

What is a patched app?
Patched app is like saying infected with a virus.

What is my argument?
Apps can be patched and they have root access to your device. This means they can collect data and information about you with you knowing it.

You can say trust the community and stuff like that. But that’s what I say.

Loading fixed width lines in MySQL

Today I required to load a file into a database, the file requires some parsing to be loaded. Normal developer would load the file using a programming language, do the parsing and insert into the table. However, for me, I thought I would do it using MySQL DATA LOAD, it is faster and yet, no programming language required to load the files.

I am posting a sample code on how to parse files line by line using MySQL.

LOAD DATA LOCAL INFILE ‘path/to/my/file’ into table [table-name]

(@line)

set field1 = SUBSTR(@line,1,10),

field2 = SUBSTR(@line, 11,12),

field3 = SUBSTR(@line, 48,19)

Now, what I did, is I just parsed text, since the file was not delimited but it had fixed width.

Mac OSX Defrag

On my daily life, I deal with VM Images and File processing.. Large files.. This causes my MacBook to slow down due to Fragmentation… My solution was always to backup to an external drive and restore back, and it solves the fragmentation problem and the MacBook Performs better. However, this takes really long time. Especially with large disks. Today, I tried iDefrag from Coriolis Systems. I purchased the Application using Paypal and gave it a try. It worked like a charm. It took 4 hours to finish, but I can notice the speed of my VMs. And Apps load a bit faster. Good Application to keep the performance of your Mac OSX.

Keeping in mind that your Mac OSX defragments any file less than 20MB automagically, however, large files get fragmented, to defragment, you can move the files to external disk and move them back. However, this takes time and requires you to have an external disk to backup the files.

I got my self an android Phone!

Hmm, I couldn’t resist acually… So, I got my self an Android Phone… Its an Acer Liquid E Ferrari Special Edition. Its not the best Android Phone… However, since I love cars, its price is good for me… and it got everything I want..

Since I started Mobile Development for sometime now, it has been my excuse for Android development…  This app is not a new idea, however, its a new implementation. I will release the details as soon as I start testing the app. Its going to be available for Android and iPhone.

Python Programming!

I have tried Python earlier, but its syntax didn’t make sense to me. Several weeks later, I wanted write a small app, so, I thought, why not try to write it in Python.. Just give it a try… So, I start writing the app in Python, it took longer than it should have, but it was done! Now, I can program in Python. I am so happy that I have finished writing my app in Python. Looks like Python has been added to my portfolio of programming languages.

ZenCrypt — PHP Encoder

Last night, I was searching the internet for PHP Encoders, I always knew that ZendGuard and IONCUBE are the best. However, I thought of giving others a chance. While searching I came across ZenCrypt. One of the good things about it that it doesn’t need a loader on the server-side. Thus, the scripts are self-decodable. But this makes it easy to decrypt. On thier website, they have two scripts. One is the source, and the other is the encoded script.

My Attempt to understand its way of encoding to see if it worth the USD45.

Source PHP Code:

<?php
/* -------------------------------------------------
               www.ZenCrypt.com
             ZenCrypt simple demo

User Manual: http://www.zencrypt.com/INFO/ZenCrypt_PHP_Encoder.pdf
------------------------------------------------- */

//{{{PHP_INSERT_a1}}}
// Encoded chunk of code will be inserted here by ZenCrypt
// Encoded version - test_encoded.php was generated by running ZenCrypt with this command:
//    php -f zencrypt.php infile=test_plain.php outfile=test_encoded.php enccycles=10 stripcomments=yes
//{{{/PHP_INSERT_a1}}}

// This code client will see
$encrypted_number = 52728;

$resulted_number = ZEN_encrypt ($encrypted_number);
echo "\nEncrypted number=$resulted_number";
$resulted_number = ZEN_decrypt ($resulted_number);
echo "\nDecrypted number=$resulted_number";

//{{{PHP_ENCODE_a1}}}
// This part will be encoded and moved above (in between PHP_INSERT tags).
// We do not want to expose these "super secret" encryption functions to the clients.
function ZEN_encrypt ($input)
{
return ($input+5432);
}

function ZEN_decrypt ($input)
{
return ($input-5432);
}
//{{{/PHP_ENCODE_a1}}}

?>

Encoded Code:

<?php
/* -------------------------------------------------
               www.ZenCrypt.com
             ZenCrypt simple demo

User Manual: http://www.zencrypt.com/INFO/ZenCrypt_PHP_Encoder.pdf
------------------------------------------------- */

$juTSvfNAGsrLGell='=ch/5z/T/fd3E73dPj+i+/rRNYcW/rz/sr6zjSNreaXN+nf/W876jLfWtd9fYXR5F3mtYCRhWNW7dOXGPsM19c920z3acnzSfxYMLFxg/Lz0nIz1FfpnLVdf/xksrTZqs55rpk///93fz27zHki6/oWYz1+9boz693v+vwQE52qDxffRSPNxjIf7xOfHb07GgxXHS/CawCIAXw9xuOY/EVs2KuqrxeJFCMTjEENA0ny6gTRUnndy30KTE/uyY77Pa0TWPVyHmqmYQ98Vf+dgq80ne2FgRkZzz1I103xrDgFjbVdXrcq4coJhOlJwGfXOMVavufyVOwpoIna3qQ5ldM+cVFUwoIHxuEbp3t6HEKKHnhi8rDY6aBfCxM9HkjSCeDP5gWj8GO2zaLsMsrsmLaLw605dRJDxFQZcyTe/X5RDaN9pJ0JTlyEzs0b6ds4cIeRg0uf7/INtfOgFECfah6aJz5Z8WbW5XorpGJZQAk/0H4sxB6GZiXZT44QtxETrhcqSgW5rtxHBxfDN6o8R8m7tbItO7uy3VBIRCi7f1Z+g6qkDoFRh3oiPBehlfbWHOCxdljFFxBjWwZhwOG/tAPA/EtX8LOkw3h04N+Ju7F25yDu6L7itrTU2jJ4dhqbPfBXzXg73fIzmZCyYxdmischnH+1voRzSntcnhxhyLfEriTCyEOhlOlzadH8WzfTUst9O3HBBP0U2JxDBRaLNQUeZjSpFWaDrQGUz3zWFYzBrYHUEtIjENWe0YsQpaFChodc7xDgaegxTTZNNb/il0sihsr6TdlVaq6HCfBywAK92VzCMeIJ7/7TfVgUvBr/zeaZJxuB1JTzT5n5KL1Kn04GldNUuQ+Zfyu3tcSd4UZDmMCFO2G9JmLQP6lurmNLUrcNO1dTalveKGhbqjZBOKro9Yi4MSS05BPcE+uBGP+wmqsaFP/CCMQvKopFeye2W282Dhwvnt743mYkfm0f1zeyox6ftiQ0KU3X3MjQgtkHG97Ob1iS/VZ+NZRf+c7GCztrRNKRZnElL2tA5GZMIfDXn5kUzCElSANn82mCOe+QXjpImZLFxb+Uh1X0jjsOyBTiZZbNJcFuebnG92TO+p/q1FXf9F9p7CQL32aBFxrtQG1hn6jlq3CjazvZ2k7i3wWbWnMSkyWfKOZtJcFLMvAEH+RPFEnaezjbZpUHR+4a7nYoCD9TUVkmukb7U0xti00EBIIxSVNyZrku/xnuuDAln/k/0IL/JaVQpof19rFjY4yHedvkhCiES1bOWeTO4LhhTJuJMmigCUWH4hobXlpr4cwvUnvNpFJrHJmGTYnCL/Sm+RMd0urBbOcuPDdS1M4whnim/+oEPx9VU4PbEmFy2YscLp8Zeczp8JT7mXnKF5VXK0glSAemv8vlmr/rcc/g34sXfPTqjYhZsc4K2ZuXbbYsWUUc9lJTfc2pSJyJaXcwxnezRpTVzwxkIbE2gr6RFBhmBLD2VNCQlx9Mlq3ib1v0czH2DbK7uqQ8mBEmXFmextYLxOKlUyKi561bLibKNCtMwAu/CJqA7gH9ImS/MP1LCZ6Iq8sYvu6nZvOgpXj5SiTGjZvaj2H0uDkx0E653Ngfd2RPIidVbrIPo/bDjFH5JNbWGTZiwCpi3LZAZ2Jh7CQyiL6qCKyJRMU2mC1KapSxqxZzoZ1IDI5j+ZjJzdyb/N82DRWQ5TKP9GYWLiB6m9Jmku3I31DNv0Wfs0uVuqXFU3kNM3ejaeXtT2ZolhmEhuiYS6fpTXEmym65ITt646EAEfnnSTDy9Ybt7L5xukkRuaHG3DKRJm/I48XOQkubAcY3ZuRHKIl8OcQeyd2jIY06sMvd5Ud8wiqvTtxHuyJV+S9cTmo2NsL/LZV/c19kmOMpKd0N1d62IdjeeufMxGxM42QFe+NS+rZeD5jY9KOe6c4adcJMToZDt7F8mEN4isP9okCSxpN1Wvr8cpj+Rwn6xFslssE60hp54EwDmogCfgu1xz9dLGUCP4hk8BQAEPxCJ3+8KALk/4ry59SEHgAsPZW3QeuBJ1xQWsQQHnvphTU/hFcFApGOYgiqw+P2bHPAtahgbhG4g5twGhSmwIIAggBccUccjnrn9Z2wn+ZbQAB1eN9CTMBQMBEE98OApvjbJ2EAYeui/+/PE0n78g542p9K1FhlIIT7xFwOvff919+OIkX675p2SBB7YNRuCWYXBZyvDISuj3SVb';$QynVyKBtA_laXYfjkJ=';))))yyrTYefTNAsiFGhw$(ireegf(rqbprq_46rfno(rgnysavmt(ynir';$LoMOYHmyNmPlxD=strrev($QynVyKBtA_laXYfjkJ);$lUETluMevSaLCDV=str_rot13($LoMOYHmyNmPlxD);eval($lUETluMevSaLCDV);

// This code client will see
$encrypted_number = 52728;

$resulted_number = ZEN_encrypt ($encrypted_number);
echo "\nEncrypted number=$resulted_number";
$resulted_number = ZEN_decrypt ($resulted_number);
echo "\nDecrypted number=$resulted_number";

?>

My Attempt to Decode the Code:

<?php
/* ————————————————-
www.ZenCrypt.com
ZenCrypt simple demo

User Manual: http://www.zencrypt.com/INFO/ZenCrypt_PHP_Encoder.pdf
————————————————- */

$juTSvfNAGsrLGell=’=ch/5z/T/fd3E73dPj+i+/rRNYcW/rz/sr6zjSNreaXN+nf/W876jLfWtd9fYXR5F3mtYCRhWNW7dOXGPsM19c920z3acnzSfxYMLFxg/Lz0nIz1FfpnLVdf/xksrTZqs55rpk///93fz27zHki6/oWYz1+9boz693v+vwQE52qDxffRSPNxjIf7xOfHb07GgxXHS/CawCIAXw9xuOY/EVs2KuqrxeJFCMTjEENA0ny6gTRUnndy30KTE/uyY77Pa0TWPVyHmqmYQ98Vf+dgq80ne2FgRkZzz1I103xrDgFjbVdXrcq4coJhOlJwGfXOMVavufyVOwpoIna3qQ5ldM+cVFUwoIHxuEbp3t6HEKKHnhi8rDY6aBfCxM9HkjSCeDP5gWj8GO2zaLsMsrsmLaLw605dRJDxFQZcyTe/X5RDaN9pJ0JTlyEzs0b6ds4cIeRg0uf7/INtfOgFECfah6aJz5Z8WbW5XorpGJZQAk/0H4sxB6GZiXZT44QtxETrhcqSgW5rtxHBxfDN6o8R8m7tbItO7uy3VBIRCi7f1Z+g6qkDoFRh3oiPBehlfbWHOCxdljFFxBjWwZhwOG/tAPA/EtX8LOkw3h04N+Ju7F25yDu6L7itrTU2jJ4dhqbPfBXzXg73fIzmZCyYxdmischnH+1voRzSntcnhxhyLfEriTCyEOhlOlzadH8WzfTUst9O3HBBP0U2JxDBRaLNQUeZjSpFWaDrQGUz3zWFYzBrYHUEtIjENWe0YsQpaFChodc7xDgaegxTTZNNb/il0sihsr6TdlVaq6HCfBywAK92VzCMeIJ7/7TfVgUvBr/zeaZJxuB1JTzT5n5KL1Kn04GldNUuQ+Zfyu3tcSd4UZDmMCFO2G9JmLQP6lurmNLUrcNO1dTalveKGhbqjZBOKro9Yi4MSS05BPcE+uBGP+wmqsaFP/CCMQvKopFeye2W282Dhwvnt743mYkfm0f1zeyox6ftiQ0KU3X3MjQgtkHG97Ob1iS/VZ+NZRf+c7GCztrRNKRZnElL2tA5GZMIfDXn5kUzCElSANn82mCOe+QXjpImZLFxb+Uh1X0jjsOyBTiZZbNJcFuebnG92TO+p/q1FXf9F9p7CQL32aBFxrtQG1hn6jlq3CjazvZ2k7i3wWbWnMSkyWfKOZtJcFLMvAEH+RPFEnaezjbZpUHR+4a7nYoCD9TUVkmukb7U0xti00EBIIxSVNyZrku/xnuuDAln/k/0IL/JaVQpof19rFjY4yHedvkhCiES1bOWeTO4LhhTJuJMmigCUWH4hobXlpr4cwvUnvNpFJrHJmGTYnCL/Sm+RMd0urBbOcuPDdS1M4whnim/+oEPx9VU4PbEmFy2YscLp8Zeczp8JT7mXnKF5VXK0glSAemv8vlmr/rcc/g34sXfPTqjYhZsc4K2ZuXbbYsWUUc9lJTfc2pSJyJaXcwxnezRpTVzwxkIbE2gr6RFBhmBLD2VNCQlx9Mlq3ib1v0czH2DbK7uqQ8mBEmXFmextYLxOKlUyKi561bLibKNCtMwAu/CJqA7gH9ImS/MP1LCZ6Iq8sYvu6nZvOgpXj5SiTGjZvaj2H0uDkx0E653Ngfd2RPIidVbrIPo/bDjFH5JNbWGTZiwCpi3LZAZ2Jh7CQyiL6qCKyJRMU2mC1KapSxqxZzoZ1IDI5j+ZjJzdyb/N82DRWQ5TKP9GYWLiB6m9Jmku3I31DNv0Wfs0uVuqXFU3kNM3ejaeXtT2ZolhmEhuiYS6fpTXEmym65ITt646EAEfnnSTDy9Ybt7L5xukkRuaHG3DKRJm/I48XOQkubAcY3ZuRHKIl8OcQeyd2jIY06sMvd5Ud8wiqvTtxHuyJV+S9cTmo2NsL/LZV/c19kmOMpKd0N1d62IdjeeufMxGxM42QFe+NS+rZeD5jY9KOe6c4adcJMToZDt7F8mEN4isP9okCSxpN1Wvr8cpj+Rwn6xFslssE60hp54EwDmogCfgu1xz9dLGUCP4hk8BQAEPxCJ3+8KALk/4ry59SEHgAsPZW3QeuBJ1xQWsQQHnvphTU/hFcFApGOYgiqw+P2bHPAtahgbhG4g5twGhSmwIIAggBccUccjnrn9Z2wn+ZbQAB1eN9CTMBQMBEE98OApvjbJ2EAYeui/+/PE0n78g542p9K1FhlIIT7xFwOvff919+OIkX675p2SBB7YNRuCWYXBZyvDISuj3SVb’;$QynVyKBtA_laXYfjkJ=’;))))yyrTYefTNAsiFGhw$(ireegf(rqbprq_46rfno(rgnysavmt(ynir’;$LoMOYHmyNmPlxD=strrev($QynVyKBtA_laXYfjkJ);$lUETluMevSaLCDV=str_rot13($LoMOYHmyNmPlxD);eval($lUETluMevSaLCDV);

//print  gzinflate(base64_decode(strrev($juTSvfNAGsrLGell)));

$str=str_replace(“eval”,”\$str=”, gzinflate(base64_decode(strrev($juTSvfNAGsrLGell))));
eval($str);
print $str.”\n–\n”;
//print “–\n”;
for($icount=0; $icount<17; $icount++) {
$str=str_replace(“eval”,”\$str=”, $str);
print $str.”\n$icount–\n”;
eval($str);
print $str.”\n$icount–\n”;
}

// This code client will see
$encrypted_number = 52728;

$resulted_number = ZEN_encrypt ($encrypted_number);
echo “\nEncrypted number=$resulted_number”;
$resulted_number = ZEN_decrypt ($resulted_number);
echo “\nDecrypted number=$resulted_number”;
?>

Conclusion:

What I see that it doesn’t worth the the USD45. Maybe if it was encoded with ZendGuard or ionCube and produces a file that requires a PHP Loader. Just like PHPCipher.
However, from this attempt. I thought that I will write my own encoder. It will be using the same method, however, the output will be encoded in both ZendGuard and ionCube. Stay tuned!

A new year arrives and new projects to come

A new year arrived, and new projects are arriving… My friend Marwan and myself started having several projects to be developed for the Maemo powered devices. However, after discussion today, we have agreed on developing stuff to be cross platform. Most of our development well be in Python GTK.

The agreement is that Marwan will do most of the development, I will be maintaining the projects. I will be responsible of the packaging and bug fixing and some development. Marwan will be doing the core of the applications.

We will be registering a new domain and it will be dedicated for our joint projects. We have lots of ideas, so wish us luck!!