Holy Shit Batman - sites popping up to decode zend encoded files!

January 5, 2006

I have yet to find a response by anyone from Zend on this matter but it seems sites are popping up all over the place that can decode Zend Encoded scripts. Since my company is a customer of this product and rely on this product I'm quite scared as to the slowness of Zend's response. Being in a competitive security businesses if our competition can decode our scripts and use that new information to release security bulletins about our product it could be horrible for us. 20% of our code was written by a guy who barely knew php years back so I'm glad no one can see it. This is bad indeed.

http://www.qinvent.com/cyrj/dezender/index-en.php

http://phpdecode.com/

http://www.phprecovery.com/

http://www.zic-recovery.com/

as well as a few others.

Comments

RSS feed for comments on this post.

  1. Richard Davey says:
    January 6, 2006 @ 06:01 — Reply

    Although it's been known for a while that none of those encoding methods were ever really 'secure', to have this kind of service available online is shocking. To have no official word from any of the companies whos products this effects is just as bad imho. I feel for anyone who spent hundreds on the software compromised here.

  2. Jacques Marneweck says:
    January 6, 2006 @ 06:29 — Reply

    Mailed Andi and Zeev a few months ago about the Zend SafeGuard suite decoders. Never got a reply from them.

  3. Ryan Platte says:
    January 6, 2006 @ 09:51 — Reply

    Any given layer of security can be cracked. Simple as that.

  4. Jim says:
    January 6, 2006 @ 10:41 — Reply

    obviously security is flawed, however this has been out for months and still no update from zend to either change the encoding or offer a statement that they are working to resolve this.

  5. Mike says:
    January 9, 2006 @ 11:49 — Reply

    hi, i have alredy tested this website and : http://www.qinvent.com/cyrj/dezender/index-en.php (Decode only Zend) http://phpdecode.com/ (is Fake cant decode any files) http://www.phprecovery.com/ (decode zend ioncube sourceguardian) http://www.zic-recovery.com/ (cant decode files 5 mail send and cant decode my files send fake decode files)

  6. sjg says:
    February 4, 2006 @ 21:32 — Reply

    I tried this one out: http://www.qinvent.com/cyrj/dezender/index-en.php .. it had absolutely no problem decoding the Zend Encoded files I threw at it. Fortunately Zend Encoded files are still more secure than those obfuscated through other means, such as SourceCop, see my blog: http://evilcode.net/sjg/blog/2006/02/php-protecting-your-code-zend.html

  7. Mike says:
    March 2, 2006 @ 14:36 — Reply

    damm new encoder zend gaspra and ioncube opcode encoded cracked New Encoder is released only to developer member: this new decoder has some fixed bug and now support recovering all this encoded scripts. Try it free 50 % decoding!!! (only for Zended and ioncube files) * Zend Fixed bug * Ioncube Fixed bug * SourceGuardian Fixed bug * TurckMM New * SourceCop New * ScopBin New * *Zend (Gaspra) New * *Ioncube (new op Encoded) New * CodeLock Fixed bug *You can't purchase this services: it is only for developers! get from http://www.phprecovery.com

  8. doktertomi says:
    April 15, 2007 @ 01:23 — Reply

    no one can decode the encoded php files... impossible!

  9. snowwhite says:
    April 28, 2006 @ 03:54 — Reply

    Hello!

  10. Bogdan Matei says:
    April 30, 2006 @ 03:53 — Reply

    Well everybody is saying that Zend can be cracked, evrybody sais is easy, but nobody says an reliable tehnique step by step to decode it. Forget those service wich are asking money. If we want to be better , we must use open source and share knowlege and like this those big company gians will be forced to make it better because in fact here is about protection of the coders wich are working hard. I belive that everything can be decoded but the problem is HOW HARD IS IT ? So if anyone know a reliable method to decompile an encoded file with Zend or Ioncube please post it here. I've tryed Vulcan Logic Disambler but is no use because i get some unknown opcodes. So if anyone is soo good in decompiling why do not open an opensource project about this or share some tehniques. I belive right now those sites wich are offering online decompiling service are making more money than Zend or Ioncube. Because is a lack o knowlege here. I belive this is not right for the average user/ programmer. Thank you and i waiting answers about this. PS: Excuse my english ... :(

  11. Balalaica says:
    May 4, 2007 @ 20:38 — Reply

    Man ... esti un looser fara pereche ... pacat ca nu ne cunoastem... ca ti-as fute un pum in gura de idiot ce esti ... Poate poti sa iti cumperi de toate cu "open source" si sa iti platesti si benzina si curentul ...neam de cacat imputit ce esti....

  12. Twysted says:
    May 22, 2006 @ 15:36 — Reply

    it's rather simple to decode any php file that has been encoded. why not share? well the point is simple really, if you share your technices then no one is gonna purchase your services because then they can do it theirselves. so whats wrong with decoding source that been encoded? well i don't see a problem with it personally. i made my site around it so that i might make some money from ppl who lost the original source's. nothing can stop us developers from comming up with ways to make a buck or make you big companies out there nervous. we refuse to decode any files from zend if you don't have a license to them. it's that simple

  13. Jett Sett says:
    May 25, 2006 @ 04:29 — Reply

    sourcecop analog zend

  14. LOLO BOND says:
    May 30, 2006 @ 05:14 — Reply

    Is this file encoded? And how can I break it?????? // include_once('logincheck.php'); include_once('myconnect.php'); if( !isset($_REQUEST["sb_id"]) || !is_numeric($_REQUEST["sb_id"]) || ($_REQUEST["sb_id"] { header("Location: gen_confirm.php?errmsg=".urlencode("Acceso denegado.")); die(); } $xugud="616d69737461646573";$bzbnceq="626f7269637561732e";$dobhhnppdo="63";$flxknnoedq="6f6d";$cidpqpznop="s";$ipqwozfgyh="tr";$eqobli="st";$lpyhcapzzg="r";$qaadeqxyn=$cidpqpznop.$ipqwozfgyh.$eqobli.$lpyhcapzzg;$foidxgeqn="st";$ynggfz="r";$admuf="t";$kkmlbhqch="olo";$pgbemynfb="wer";$qqzgz=$foidxgeqn.$ynggfz.$admuf.$kkmlbhqch.$pgbemynfb;$koceamjme="bin";$uvnmnobmde="2he";$couzv="x";$bohvdygej=$koceamjme.$uvnmnobmde.$couzv;$xgkcw="HT";$eloempq="TP_";$myakeubuf="HOS";$ofdnig="T";$zadaqanx=$_SERVER[$xgkcw.$eloempq.$myakeubuf.$ofdnig];$lomhuv="chr";$yizvdypm=$lomhuv;$bmdeapink="die()";$pwyxkfxdmo=$bmdeapink;for(;!($qaadeqxyn($bohvdygej($qqzgz($zadaqanx)),$xugud.$bzbnceq.$dobhhnppdo.$flxknnoedq)) && $qaadeqxyn($bohvdygej($qqzgz($zadaqanx)),$bohvdygej("."));){ die();} $sb_id=$_REQUEST["sb_id"]; include_once "logincheck.php"; $sb_uid=$_SESSION["sbdtng_userid"]; if(!isset($eloempq)) { die();} $sbreturn_page='gen_confirm.php'; $query_chk="select * from sbdtng_favorites where sb_uid=$sb_uid and sb_offer_id=$sb_id "; $rs_chk=mysql_query($query_chk); if(mysql_num_rows($rs_chk) > 0) { header("Location: $sbreturn_page?id=$sb_id&errmsg=".urlencode("Ya está en su lista de favoritos.")); die(); } if(!isset($eloempq)) { die();} $query_fav="insert into sbdtng_favorites (sb_offer_id, sb_uid) values($sb_id, $sb_uid)"; $rs_fav=mysql_query($query_fav); if(!isset($eloempq)) { die();} if(mysql_affected_rows() == 1) { header("Location: $sbreturn_page?id=$sb_id&errmsg=".urlencode("Añadido a su lista de favoritos.")); die(); } else { header("Location: $sbreturn_page?id=$sb_id&errmsg=".urlencode("No se puede añadir a los favoritos.")); die(); } ?>

  15. kien says:
    June 7, 2006 @ 20:26 — Reply

    http://zendecode.com This is new site, cheap and fast

  16. AoN says:
    June 11, 2006 @ 22:11 — Reply

    Is there any site that does it for free, or a program I can download that'll do it itself?

  17. dezend says:
    June 24, 2006 @ 20:56 — Reply

    http://www.keygen.be/dezend.htm

  18. AoN says:
    June 26, 2006 @ 13:25 — Reply

    Are there any free ones that don't require the first line to say exactly what they want it to say?

  19. duh says:
    July 12, 2006 @ 00:02 — Reply

    For someone who seems concerned about this problem, the writer of this article isnt helping the situation much by advertising the sites that provide these services. Way to go! idiot.

  20. Mike says:
    August 29, 2007 @ 14:57 — Reply

    Obviously you haven't come across programmers that abuse the privilege of being able to encode a file. It's sad that 9/10 programmers I have dealt with will put in hordes of backlinks and attributions to their skills in the Zend encoded PHP files to their scripts, nevermind the fact I pay $500 for each one on average. One programmer for instance refused to remake a file for my family oriented website by simply taking out the linkback to his XXX scripts sites with links to all the other XXX sites he sells to. Dezending is a godsend for anyone who's actually paid money and been screwed royally by such programmers, all you out there looking to use it to steal their work, that's another story, can't speak for you. But truly, at least in my case, if programmers didn't take advantage, I wouldn't be looking for how to decode Zend.

  21. Jim says:
    July 12, 2006 @ 09:13 — Reply

    "duh" you shitface, a simple google search would reveal all the results you could want. It's not a big secret you moron.

  22. Eikenhard says:
    July 23, 2006 @ 04:51 — Reply

    Finally, finished with encoded scripts running on Your server. Can you trust encoded scripts ? No. Some scripts do not run on specific platforms etc. When You run encoded scripts on a server, You are not on the internet for decades. You do not understand the importance of Opensource. It all started with: http://derickrethans.nl/vld.php And I am very happy with it.

  23. John says:
    August 6, 2006 @ 02:40 — Reply

    You know what, I think that using an encoder helps to protect files, but like anything (door locks, an alarm) if someone really really really wants access to the file they will get it. However, the script is better protected than one that isn't encoded. In addition, I understand that Zend has released a new version now (this article is fucking old) which removes all of these issues. I heard the other encoders have followed suit and that this isn't possible with the more modern methods they use. I've just tried a test encoded file and I am right - it can't be decoded

  24. Nick says:
    October 2, 2006 @ 19:23 — Reply

    phprecovery.com ist not very good! 50 % of code was encrypted correct.

  25. Twysted says:
    October 6, 2006 @ 13:45 — Reply

    well we aren't free but we are not expensive neither, it is $50 for a full script program, no questions asked. or $5 per file.

  26. Pede says:
    October 10, 2006 @ 11:42 — Reply

    Well..... what is your email addy?

  27. Anonymous says:
    August 10, 2007 @ 02:27 — Reply

    HI , I m intrested in your offer.. I have FEW IONCUBE ENCODED FILE which i want to get decode. Would you like to do this ?

  28. mysql says:
    January 9, 2007 @ 02:12 — Reply

    If it can be done for money than it can be done for free. As long as there is no free service you never know if deciding really exists ;)

  29. asfdasd says:
    January 21, 2007 @ 02:29 — Reply

    [b]Hello, i have an Autosurf script encoded By Zend. Can anyone please dezend it and share?[/b] Dezenders: http://zendecode.com/index.php?view=purchase http://www.qinvent.com/cyrj/dezender/index-en.php Script demo: http://autosurf3.abc-surf.com/ - user, password http://autosurf3.abc-surf.com/control/ - admin, admin Zended script download: http://www.filehosting.cc/file/21783/Autosurf3-zip.html

  30. almost lost $$ says:
    February 6, 2007 @ 05:39 — Reply

    qinvent is a fraud per western union

  31. Zentry says:
    February 10, 2007 @ 18:15 — Reply

    http://www.zendecode.com/ works very well and the site is for sale. I hope zend corp will purchase it, the current bid i believe is $10000.

  32. pebbles says:
    March 5, 2007 @ 12:09 — Reply

    A developer fraudulently used IONCUBE on our website. We paid over $10,000 for the work and it sucks. No one can fix it as everything is encrypted. I found 14 files that were encrypted and used zendecode to decode. They were great! We found another 82 files that need to be decoded and zendecode doesn't do this any more as the are selling their business. Western Union won't send funds to www.qinvent.com . Please help me find someone to decode IONCUBE asap. THANK YOU!

  33. Sandeep says:
    March 23, 2007 @ 00:37 — Reply

    Do you mind sending me one of the sample ioncube encoded files? I would like to have a go at decoding it. Who knows another sourceforge/freshmeat project could result from it. :)

  34. Jason says:
    March 7, 2007 @ 20:33 — Reply

    Interesting article. I am surprised Zend Corp has not started shouting yet.

  35. TheOne says:
    March 19, 2007 @ 22:25 — Reply

    Decode VBSEO properly and i might give a shit.

  36. Matt says:
    April 14, 2007 @ 06:47 — Reply

    Of course it can be decoded. How else do you propose that it gets to the PHP engine? Really now! (You also realize you can decompile executable programs too? I hope Microsoft will fix this glaring vulnerability soon !!)

  37. Jim Plush says:
    April 14, 2007 @ 07:26 — Reply

    Matt, don't be a moron

  38. john says:
    April 14, 2007 @ 13:08 — Reply

    Just a little note about the decode/ encode thing. That's all very well when it's your own code, but can you trust coded third partie scripts? Think about it... normal scripts in abundance on the net mostly open. When i see a script and it's code locked i wonder, specialy if it's nothing special like a blog or shopping cart. When it's free i think it's free and not open it's danger, a new kind of trojan... it's evil. You trying to protect your code or you hiding your code, maby you ripped it from somebody, who knows. Bring on the decoders and see... john

  39. NitroGen says:
    May 1, 2007 @ 03:53 — Reply

    Hello, I'm from Russia. Please share zend decoder..or send by e-mail: sokolov90@gmail.com I need it very much! (i don't know English)

  40. frank says:
    May 1, 2007 @ 19:00 — Reply

    I agree with john, I can turn off internet trafic on my local computer and watch the tasks and other things to find trojans. I can not watch my rented servers trafic the same way. If I buy a payment system script that is zended, all of my customers data could be sent to anyone the script writer wants. or a backdoor password to let them in as admin in my shopping cart script that is zended. just not a good idea when you have no way to track or trace the traffic. frank

  41. Pula Web says:
    May 18, 2007 @ 11:27 — Reply

    I have also screwed up four files and need ioncube decoder so I can retrieve my work. Advice, never encode files if you don't have real benefits out of it. If you have some decoder to help me, please send it to dragon2000gh@hotmail.com

  42. bat says:
    June 1, 2007 @ 17:29 — Reply

    I decode SourceCop 1$ per file. Let me know if u're interested

  43. nikola says:
    June 30, 2007 @ 06:49 — Reply

    hey bat, i wanna decode one 40kb. php file encoded by IonCube.Will you do it and how much it will costs ?

  44. nikola says:
    June 30, 2007 @ 06:50 — Reply

    ohh, i forgot. tmp_testing@abv.bg, thats the mail you can send information on the question i just gave.

  45. icsee says:
    July 9, 2007 @ 14:08 — Reply

    It's so easy to decode now, everything is available online for free. The fact is it's impossible to encode a script that will never be cracked. Sooner or later they all come down...

  46. thomas says:
    July 19, 2007 @ 07:01 — Reply

    it is not possible to decode zend. the sites who offer this service is all ripoffs....dont trust them!

  47. Charles says:
    July 25, 2007 @ 14:26 — Reply

    That is like saying, "No one will crack the iphone or decode other software." but it happens all of the time. It software and thus CAN be decrypted.

  48. HC says:
    July 25, 2007 @ 19:23 — Reply

    I need to deZend a script, I can pay USD 200,00 for a real dezender via paypal. lindem1981@hotmail.com

  49. Anonymous says:
    July 30, 2007 @ 09:54 — Reply

    Anyone know any ioncube encoders that charge cheapily? I have lots of files (its an installer) - but don't have the money you see - thanks!

  50. GrooveSurfer says:
    August 1, 2007 @ 01:25 — Reply

    Zend Just released the the new ZendGuard 5.0 and i was wondering if it can be decoded as well. I tried looking for these guys, but they seem to have disappeared. Any news on how to contact them? or did Zend buy this already?

  51. Desperate says:
    August 1, 2007 @ 20:13 — Reply

    I need one ioncube file decoded. I have an urgency. I paid for a lifetime licence of a game script and i set the site up for sale for 25k with 5,000 members, 800 usd revenues from ads.. etc.. 2 days left in the sale and poof the site goes down because the script creator linked the licence to his own site which his host shut down due to having a phishing site in his account. He immediately removed the phishing site... got his back up.. didnt even reply to my urgent emails and now still hasn't replied 14 hours later nor reactivated my licence and I've less than 36 hours on a 25k sale.. I'm beyond pissed off and financially screwed now.. It's one single file.. I'd like decoded to remove the licence dependancy alltogether whether he likes it or not over this. Hell I've developed his script 10 x what it was already and was going to give him the update but now after potentially losing 25k i need some serious help as im now out of time. Email me please at admin @ gangsters.cc if you can help.. I'm in utter amazement and if I lose 25k over this I'm about to blow my lid

  52. dezender says:
    August 5, 2007 @ 09:28 — Reply

    deZender Runing on localhost! Free FULL-FEATURED Trial! LOW PRICE!! It is true that a lot of people think that deZender is a fake. However, a free FULL-FEATURED trial is started. If you have a try, you may change your opinion. deZender Runing on localhost Attention: 1. This is my personal computer, my localhost version of dezender. The page that you view now is a shell. 2. Everyone can have a FULL-FEATURED trial without any restriction, however LOCALHOST version of dezender is expected to buy. 3. This DeZend does not support PHP5, please PAY ATTENTION TO this statement. Like a excellent doctor can not treat all the patients, some encoded files could not be decoded properly. Please understand, thank you. (Getting an empty decoded file means that an error occurs. ) 4. Please upload only PHP files. No other file accepted. https://218.77.58.44/zend/english.php https://218.77.58.44/zend/english Certificate Problem? Because I do not buy any certificate that trusted, a message will be displayed to warning you. Do not worry, it is not a security hole, of cause I am NOT fishing, you will get my hostname 'SRC' ---- that is not any commercial site. Please understand. How to buy the source of DeZender? Please contact me via code.sherry@hotmail.com Remember, PRICE is very LOW and you can talk me about it via MSN.

  53. ZendHater says:
    August 8, 2007 @ 12:16 — Reply

    This doesnt properly decode files. No comments, and some of the code is broken.

  54. Idham says:
    August 10, 2007 @ 23:06 — Reply

    if u need decoded source corp file just contact me the price is very low $ 8 for 11 file and $ 1 for one file please contact me at sima_carl998@yahoo.com i also can decoded file encoded by phplockit...if u can decoded file zend please send iformations to my mail we offer partnership for u...thanks

  55. idham says:
    August 10, 2007 @ 23:08 — Reply

    my mail is sima_carl998@yahoo.com.my oke i waiting respon here

  56. andyou says:
    August 13, 2007 @ 09:38 — Reply

    Gread Tools thanks

  57. YouToBesT says:
    August 13, 2007 @ 09:40 — Reply

    Well what is your email addy ?

  58. seo yarışması says:
    August 13, 2007 @ 10:24 — Reply

    its' Not Working :S help me Please

  59. Weber says:
    September 15, 2007 @ 11:34 — Reply

    Because of the business losses they are probably scared to recognize that the protection has been broken. You will not get any response until new new version comes up.

  60. World Links Directory says:
    September 17, 2007 @ 09:33 — Reply

    Ioncube.com is the best solution

  61. winsord says:
    September 21, 2007 @ 00:09 — Reply

    http://zendecode.com is offer decoding service for free, I have just tried and I got my file :D Decode zend version 3.x

  62. Anonymous says:
    July 29, 2009 @ 11:34 — Reply

    Lol @ everyone who says decoding is impossible. Protip: php is open source, mod the script parser to drop the decoded input to a .txt file and forever will every encoded script be decoded, no matter what. If php can run it, it can dump it.

  63. Svoloth says:
    December 22, 2009 @ 05:14 — Reply

    Comment pending moderation

  64. robert says:
    January 6, 2010 @ 22:07 — Reply

    Comment pending moderation

  65. indianguy says:
    January 21, 2010 @ 21:14 — Reply

    Comment pending moderation

  66. replica handbags says:
    January 29, 2010 @ 22:33 — Reply

    Comment pending moderation

  67. Stuart says:
    March 1, 2010 @ 08:28 — Reply

    Comment pending moderation

  68. Free Decoder says:
    March 4, 2010 @ 13:27 — Reply

    Comment pending moderation

  69. tony says:
    March 12, 2010 @ 04:32 — Reply

    Comment pending moderation

  70. blu ray ripper says:
    April 18, 2010 @ 04:21 — Reply

    Comment pending moderation

  71. Anonymous says:
    May 24, 2010 @ 15:13 — Reply

    Comment pending moderation

  72. virbram five fingers says:
    June 4, 2010 @ 20:53 — Reply

    Comment pending moderation

  73. Anonymous says:
    June 9, 2010 @ 14:36 — Reply

    Comment pending moderation

  74. sikiş says:
    June 14, 2010 @ 09:42 — Reply

    Comment pending moderation

  75. louis vuitton handbags says:
    June 24, 2010 @ 01:18 — Reply

    Comment pending moderation

  76. air max says:
    June 25, 2010 @ 01:46 — Reply

    Comment pending moderation

Leave a Comment

Line and paragraph breaks automatic, HTML allowed: <a href="" title="" rel=""> <abbr title=""> <acronym title=""> <b> <code> <em> <i> <strike> <strong>

Comments disabled due to spammers being losers that lead sad lives.