# Create encoder encoder = IONCubeStyleDecoder(key="demo_secret_2024")
def _verify_magic_header(self, magic: str) -> bool: """Verify the magic header format""" return magic.startswith("IONCUBE_MAGIC_") and len(magic) == 32
def __init__(self, key: str = "demo_key_2024"): self.key = key self.encoding_layers = [] def encode_payload(self, data: str, layers: int = 3) -> str: """ Apply multiple encoding layers to simulate ionCube-style encoding """ current = data self.encoding_layers = [] for i in range(layers): # Layer 1: Base64 current = base64.b64encode(current.encode()).decode() self.encoding_layers.append("base64") # Layer 2: XOR with key (simple obfuscation) if i % 2 == 0: current = self._xor_obfuscate(current) self.encoding_layers.append("xor") # Layer 3: Compression if i == layers - 1: current = base64.b64encode( zlib.compress(current.encode(), level=9) ).decode() self.encoding_layers.append("zlib+base64") # Add magic header (simulates ionCube header) magic = self._generate_magic_header() return magic + current ioncube decoder python
# Original PHP-like code original_code = """<?php function calculate_total($items) { $total = 0; foreach($items as $item) { $total += $item['price'] * $item['quantity']; } return $total; } echo calculate_total([['price'=>10,'quantity'=>2]]); ?>"""
# Run demo demo_ioncube_style_encoding() magic: str) ->
def _xor_obfuscate(self, text: str) -> str: """Simple XOR obfuscation for demonstration""" result = [] key_bytes = self.key.encode() text_bytes = text.encode() for i, byte in enumerate(text_bytes): result.append(byte ^ key_bytes[i % len(key_bytes)]) return base64.b64encode(bytes(result)).decode()
def _xor_unobfuscate(self, text: str) -> str: """Reverse XOR obfuscation""" try: decoded_bytes = base64.b64decode(text) except: decoded_bytes = text.encode() result = [] key_bytes = self.key.encode() for i, byte in enumerate(decoded_bytes): result.append(byte ^ key_bytes[i % len(key_bytes)]) return bytes(result).decode() layers: int = 3) ->
@staticmethod def encode_php_function(func_name: str, php_code: str) -> str: """Encode PHP function to look like ionCube output""" encoded = { "function": func_name, "code": base64.b64encode(php_code.encode()).decode(), "hash": hashlib.sha256(php_code.encode()).hexdigest(), "timestamp": datetime.now().isoformat() } # Add fake ionCube signature signature = hashlib.md5( f"{func_name}{encoded['hash']}SECRET_KEY".encode() ).hexdigest() encoded["signature"] = signature return json.dumps(encoded, indent=2)