cvar1984 / yapo
Yet another php obfuscator
Fund package maintenance!
paypal.me/Cvar1984"] # Replace with up to 4 custom sponsorship URLs e.g.
Installs: 6
Dependents: 0
Suggesters: 0
Security: 0
Stars: 14
Watchers: 4
Forks: 4
Open Issues: 0
Type:application
Requires
- cvar1984/app: ^1.0
- symfony/console: 4.*
Requires (Dev)
- humbug/box: ^3.8
README
this tools able to (de)compress your php shellcode string and inject common file signature like jpeg to fuck webserver uploader or malware string scanner like what i made before. no need to install whole shit, just download the single phar executable file and fuck them all. you can download it from Here.
and also your shellcode won't works if the server disable fopen, fseek, fwrite, fclose, and include.
DISCLAIMER use eval to obfuscate is gay
pro tips
Move it to /usr/local/bin
or save it to vendor/bin
using composer global install cvar1984/yapo
command
yapo make <compression> <signature> <file>...
single compress
yapo make gzdeflate jpeg shell.php
multiple file compress without signature injection
yapo make gzdeflate whatever shell1.php shell2.php
multiple file compress using find
find ./myproject -type f -name \*.php -exec yapo make gzdeflate jpeg {} +\;