cvar1984/yapo

Yet another php obfuscator

0.0.2 2022-02-14 03:29 UTC

This package is auto-updated.

Last update: 2022-07-14 04:23:56 UTC


README

this tools able to (de)compress your php shellcode string and inject common file signature like jpeg to fuck webserver uploader or malware string scanner like what i made before. no need to install whole shit, just download the single phar executable file and fuck them all. you can download it from Here.

and also your shellcode won't works if the server disable fopen, fseek, fwrite, fclose, and include.

DISCLAIMER use eval to obfuscate is gay

pro tips

Move it to /usr/local/bin or save it to vendor/bin using composer global install cvar1984/yapo

command

yapo make <compression> <signature> <file>...

single compress

yapo make gzdeflate jpeg shell.php

multiple file compress without signature injection

yapo make gzdeflate whatever shell1.php shell2.php

multiple file compress using find

find ./myproject -type f -name \*.php -exec yapo make gzdeflate jpeg {} +\;

Deprecated Demo

asciicast