Online PHP Obfuscator

Cobra Private PHP Obfuscator Private Version Available

Hello everyone, thanks for using this obfuscator. Every free public obfuscator, including this tool, can easily be decoded using online services such as unphp.net, decry.pt and ddecode.com. It is because of this that I have developed an ultra-secure private PHP obfuscator, called Cobra. Cobra PHP Obfuscator is available for sale and can not be deobfuscated/decoded using online tools and does not require server-side extensions in order to run. Check out the Cobra PHP Obfuscator homepage for information, features and purchase instructions - http://obfuscator.uk/

I am no longer supporting this public version of my obfuscator, but you are still free to use it.

Cobra Private PHP Obfuscator Obfusator Unavailable

The obfuscator is going to be unavailable until Janurary 2015. If you'd like to purchase lifetime access to Cobra PHP Obfuscator, please go here: Cobra PHP Obfuscator.

I am offering 30USD discount to users of atomiku.com obfuscator. Please mention atomiku.com when you are purchasing Cobra and I will give you the discount. Thanks.

73 Responses

  1. Lyle says:

    Muy bueno, mas no estoy de pacto con todo.

    Gracias por la información, bss

  2. Toto says:

    Hi you could not have 2 options eval with a preg_replace and one with ?
    And I ‘ve read the same eval Devil is so evil .
    Greetings from Germany Toto

  3. atomiku says:

    I made an update to the free obfuscator to fix this error on PHP 5.5:
    Deprecated: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead

    I’ve switched preg_replace to eval. Note this is still insecure and I recommend using Cobra http://obfuscator.uk/ if you do not want your code to be decrypted. I’ve just released an update to Cobra which introduces API functionality so that you can obfuscate code with Cobra using your own scripts.

  4. al says:

    i just dont get it.. it still shows the source as is when i view source on internet explorer and chrome, whats the point of encrypting then? can someone tell me?

    • atomiku says:

      It is the PHP that is obfuscated. The HTML and javascript that is outputted by the PHP will not be obfuscated too. But if you’d like to obfuscate the javascript, there are obfuscators available online if you have a look on Google.

  5. MAQ says:

    How i can call a variable that has been encoded, Because i want to encode a variable and later on i want to use it.

    • atomiku says:

      MAQ, usually I would recommend disabling ‘Encode variable names’ if you plan to access those variables outside of the obfuscated script. But if you only need to access a few variables, you can work out what the obfuscator has renamed them to. I have uploaded the variable encoding/renaming PHP function to my pastebin website. Check out this link, it also contains an example of how you should use it. http://pastebin.pw/nbrk9x

  6. Teb says:

    I used this code and as soon as I installed, my network reported a Backdoor.PHP.Agent.ut trojan. DO NOT USE

    • atomiku says:

      Hi Teb, thanks for taking the time to mention this. Another commenter also had a obfuscated PHP file flagged up as a virus. A number of people replied, confirming that this is a false-positive and there is no virus or trojan. If you scroll to the bottom of this page where the oldest comments are, you will see the discussion that took place about this.

      A person named Alex had wrote a deobfuscator for this, and he confirms that there is no backdoor added to the obfuscated code. Additionally, you are able to check this for yourself by submitting the code to a PHP decoder such as UnPHP.net.

      I hope this clears things up! After seeing your comment, I also decided to write a blog post about this issue. It can be located here: http://atomiku.com/2014/10/obfuscated-php-code-flagged-false-positives/

      For those who are interested in purchasing a license to my private PHP obfuscator named ‘Cobra’, please see http://obfuscator.uk/ – Cobra can not be decoded online and does not get flagged as a virus either.

      UPDATE: I looked into this further and have isolated which part of the obfuscated script is causing Avast to flag it as a trojan. This encoded string: ‘eval(gzinflate(base64_decode(‘. when I remove it, Avast no longer complains. I am releasing an algorithm update for Cobra to fix this issue. Turns out all public obfuscators have this issue, though. I will not be releasing an algorithm update for my public obfuscator at this time.

  7. Hari says:

    Hey please tell me the method of deleting this file. I encoded main file by using this technique but after 2 days it’s become empty file with permission 000 and even not able to delete this file and modify permission as well. Kindly suggest me the solution on urgent basis.

    • atomiku says:

      I’m not sure, perhaps something has happened with the webhost. A few users have reported the obfuscated being flagged as a false-positive by certain anti-viruses, perhaps an anti-virus running on the webhost has quarantined the file or something. Have you tried chmodding the file to 777 and then deleting it?

  8. atomiku says:

    Hey guys. Despite the fact that my public obfuscator isn’t supported or developed anymore, I thought I would release a small update. I have fixed the PHP warnings that you get when ‘Scramble Slice’ is enabled, by removing the feature completely. Considering this tool can be decrypted anyway, it doesn’t make much of a difference having sramble slice anyway.

    I recently updated my private obfuscator, too. If you’d like to purchase lifetime access to it, go to http://obfuscator.uk/ – currently none of the online decoders can crack it. I am offering a 10% discount until the end of October.

    Kind Regards
    Matt

  9. David says:

    I wrote a de-obfuscator for this in Python http://pastebin.com/7eDN5Fkt

    Your obfuscator is actually more difficult to decode than most of the paid software that does the same thing :P

    • atomiku says:

      Nice work! The private version of the obfuscator would be much much harder to write a decoder for. I’d like to send you a sample if you’re up for the challenge. But if you manage to do it, I’ll have to update my obfuscator and send it out to all my customers hehe.

      • David says:

        Thanks, I’d be up for that challenge. Please email me a couple samples and their plain-text equivalents and I’ll give it a go :)

  10. nikhil says:

    is there any malicious code in it ? file get deleted by antivirus !!!!!

  11. Ayush says:

    Hey do you have any desktop version of this script? How can you help me to perfectly hide my codes?

    Thank You

    • atomiku says:

      My private version will perfectly hide your code and if you buy it you get support, too, so I could ‘help you perfectly hide your codes’ too if you wanted some help, no problem! There isn’t a desktop version, as it requires to be run on Apache or IIS with PHP installed… but you could install a web server on your local machine if you wanted to. Contact me if you’re interested.

  12. John says:

    It doesn’t work! I entered “Matt is a cocksucker” and all it did was returned “boy, you are sure right on there!”

    • atomiku says:

      How strange! I think you’ve just discovered a bug, there. I was unable to replicate the bug myself so I am unsure how I can fix this, would anybody like to commit a patch to the code?

      Regards
      Matt

  13. Hello Matt

    Like I said you before your tool is proving extremely util

  14. ShayanKM says:

    Thanks for this useful tool.!! I use it in many cases… ;)

  15. Johne492 says:

    Hi, Neat post. There’s a problem with your site in internet explorer, would test this IE still is the market leader and a good portion of people will miss your excellent writing because of this problem. efkeekkddkgb

  16. Jack says:

    AWESOME tool, i love using this!

  17. atomiku says:

    Hello everyone, thanks for using this obfuscator. It has recently come to my attention that my obfuscator, and almost every other public obfuscator can easily be decoded using tools such as unphp.net and lombokcyber.com/detools/welcome/cdecodeatomiku

    It is because of this, that I am no longer supporting this public version of my obfuscator. I have private versions for sale, that can not be deobfuscated by anything, if you are interested please use the contact form on my website.

    Regards
    atomiku

  18. Sander says:

    Very good. Only problem I see is that my logs are getting a lot of records because of the old reg_replace

    Deprecated functionality: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead

    Can we fix this?

    • atomiku says:

      You can add error_reporting(0); to the code. But I am going to replace preg_replace with eval instead. I would like to say that this obfuscator isn’t supported any more. Only my private versions. Seeing as this and every other public obfuscator can easily be decoded by online decoders, it doesn’t make sense for me to update this.

  19. I deobfuscate a ‘hello world’ in 3 minutes. Interesting obfuscator, but deprecated since php 5.5.0 due to the modifier ‘/e’ (PREG_REPLACE_EVAL).

    • atomiku says:

      Thanks for your comment. Yes, any obfuscated code can eventually be deobfuscated (even manually) by a decent PHP coder. It just takes time sometimes, that’s all. Which is why with this obfuscator I introduce recursion, so the person would have to go through the iterations manually replacing eval with echo.

  20. Bharat says:

    its not working ?

  21. DGea says:

    Dear friend,
    Could you share to me your source code? or any idea? Thanks.

  22. cocco says:

    I decrypted the result, there is NO malicious code or else.
    However this encoder is good job, now the first time I needed to decode a file because I lost the original one, I spent an hour with it.

  23. Jake says:

    Hi mate, I like this obfuscator. Any where I can get the source code?

  24. Jimmy says:

    this is excellent..!!! thnk u so much…..

  25. cartem says:

    thanks :)) nice job.

  26. Ivan says:

    Constantly obfuscation page does not load until the end. Have to try again and again until you get a full page.

  27. Samet says:

    But i get error when i try on two different files to obfuscate… ( this two files included on single file… )

  28. Samet says:

    Great work. I hope your publishing soon this tool on desktop version… I always used x3 depth encode but i’m not sure about performance… Maybe not prevent this method for prof. thief , but absolutely stopped junior thief :) Thanks…

  29. Сергей says:

    Спасибо за ресурс! Отличная работа и хорошая защита!

  30. Matrixclub says:

    nice job

  31. Anirban Nath says:

    Notice: Undefined variable: xcfcd in C:\xampp\htdocs\**\***.php on line 2
    Notice: Undefined variable: xce84 in C:\xampp\htdocs\**\**.php on line 3
    Notice: Undefined variable: x6222 in C:\xampp\htdocs\**\**.php on line 4
    Notice: Undefined variable: x6d4a in C:\xampp\htdocs\**\**.php on line 5

    Keeps on getting this errors , any help will be much appreciated !

    • atomiku says:

      Have you tried disabling the ‘Encode variable names’ option?

      • Anirban Nath says:

        yep , But now getting a different error :( !

        Notice: Undefined variable: xcfcd in C:\xampp\htdocs\test\studyroom.php(2) : regexp code(1) : eval()’d code on line 1
        Notice: Undefined variable: xce84 in C:\xampp\htdocs\test\studyroom.php(2) : regexp code(1) : eval()’d code on line 2
        Notice: Undefined variable: x6222 in C:\xampp\htdocs\test\studyroom.php(2) : regexp code(1) : eval()’d code on line 3
        Notice: Undefined variable: x6d4a in C:\xampp\htdocs\test\studyroom.php(2) : regexp code(1) : eval()’d code on line 4

      • Anirban Nath says:

        If i uncheck all option and just keep encryption depth its working fine ! But is it a good chioice ?? Was wondering u have any standalone (desktop) version of this php obfuscator !

        Anyways Nice work ! Thanks for replying

  32. Kyle Coots says:

    Thanks, works great!

    You should consider coming up with some kinda of API for this or a way to obfuscate a whole framework/project at one time. That wouold be awesome!

  33. Root(RED) says:

    :) Thanks (y) Like it.. works like a charm :D LOL

  34. walt says:

    Hi,
    I think there is a little bug.
    if I obfuscate this code : phpinfo();

    your programme give me :

    When I execute this code, it show me phpinfo(); instead executing this function.

    When I decode de preg_prelace, I found if I remove this ‘\x3f\x3e’, the code work fine.

    $xcfcd .= “\x3f\x3e\x70\x68″;
    $xa87f .= “\x70\x69\x6e\x66″;
    $xc9f0 .= “\x6f\x28\x29\x3b”;
    eval($xcfcd . $xa87f . $xc9f0);

  35. Derry says:

    very nice

  36. Aziz Mazgour says:

    This works perfectly.

  37. none says:

    strip white space and comment not seems to work

    I put

    and i get

    ?>

    with space , comment and php tag for bonus ;)

  38. none says:

    hello

    http://www.php.net/manual/en/reference.pcre.pattern.modifiers.php

    => regex /e Warning This feature has been DEPRECATED as of PHP 5.5.0. Relying on this feature is highly discouraged.

  39. Nice utility!
    Good work!
    Ketan

  40. Rojo says:

    There is a problem. If you have a structure where there is an include in one file. If you encode the include file and then also encode the file that calls the include file, there are errors thrown. Settings are level 3.

  41. Rahul says:

    Is there any way to decrypt this encrypted code?
    I mean, are your sure they cant reverse engineer to get original code?

    • atomiku says:

      Yes, someone has made a decrypter for my obfuscator. It was bound to happen eventually, as I say in the post, all obfuscated code can be decrypted. It’s impossible to make an obfuscator thats fool proof, unless you use server side extensions.

  42. Mahesh says:

    This works perfectly. Thanks.

  43. bertrand says:

    hello,

    c’est dommage que c’est outils n’exécute pas le code php lors du décodage?? du coup il me sert strictement à rien, je comprend pas même à quoi il sert pour obscusifier du php??

    j’ai tenté un eval( devant en vain…

    merci quand même

  44. adh says:

    Hi
    I have tow php file after code by your site give under error

    Parse error: syntax error, unexpected ‘.’ in 2.php(2) : regexp code(1) : eval()’d code(4) : eval()’d code on line 1

    file 1.php

    <?php
    for($i=1;$i

    file 2.php
    <?php
    for($i=1;$i<=3;$i++)
    echo "$i”;
    ?>

    Please help

  45. BEnas says:

    Cleans perfectly

  46. Rapture says:

    Thanks for this tool, I’ve used a lot of obfuscators but this one is the best I’ve found, no errors, clean and very useful :)

  47. HOST RAZOR says:

    I am a system administrator for a company and I deal with these alerts on a daily basis; basically any antivirus be on win32 (kaspersky/avg/sophos) and even on linux/unix systems such as clamav will have signatures set and these detect false positives, one lucky example is a plugin for WHM(cPanel) called WHMXtra, they had obfuscated code hidden in there plugin that nobody knew about, it was to login to a database and enter the number 1 every time somebody used it (so they could get an estimate on plugin usage) and this was flagged on my system as a virus, after decrypting the code I found it and emailed them (they had completley forgot that it was there) and planned to move it after next release.

    If your not sure open it up in a sandbox and test first, watch any changes that may occur. Just because an anti virus flags it up as a threat does not 100% guarantee its a virus.

    Viruses/Trojans/Malware these days are often not detected by your anti virus anyway! “Real Hackers” use crypted programming and hide the data from anti virus scanners making it impossible to detect unless they have an heuristic scanner or more advanced technology – so your never safe unless you sandbox something unknown first!! – “lol @ hacker”

  48. wewt says:

    I can confirm this is not a virus.

  49. hacker says:

    this is a virusssssssssss……….liarss………….fake.

    • atomiku says:

      Hey there. This isn’t a virus, and hopefully someone with a bit of skill will be able to look into the obfuscated code to see what it’s doing to prove that it’s not a virus.

      Why do you think it’s a virus? If it’s because your virus scanner is picking it up, it would be because when people make PHP backdoors they obfuscate it with the same methods that this obfuscator uses. Any online PHP obfuscator you use will have the same result.

      What I’m trying to say is: It’s just a false positive! This PHP obfuscator isn’t a virus.
      Someone please back me up on this.

    • mahmoud says:

      It not a virus, i just decode it.

  1. November 7, 2014

    […] online http://atomiku.com/online-php-code-obfuscator/ […]

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>