Some PHP files we get from Extension developers for Magento have Bytecode encoding on them, which means if we want to change the functionality or layout of certain parts of the code, even if we’ve paid for it, we can’t.
Obviously this is rather frustrating, however it is possible to reverse engineer the files as follows to make the changes you need.
1. The three component parts
Each file has 3 main parts to it:
$_F=__FILE__;
$_X='a-string-of-text-and-numbers';
eval(base64_decode('a-string-of-text-and-numbers');
These parts are as follows:
$_F - a holder to do the ereg_replace of the obfuscater code with the unencryption keys
$_X - the encrypted PHP code
eval(base64_decode() - the decryption code for $_X
2. Getting the decryption code
To get the decryption code, we need to change the eval(base64_decode()); code to be an echo instead.
In our case above this would be:
echo(base64_decode(‘a-string-of-text-and-numbers’);
and this gives us the decryption code for the main $_X values;
$_X=base64_decode($_X);$_X=strtr($_X,'123456aouie','aouie123456');$_R=ereg_replace('__FILE__',"'".$_F."'",$_X);eval($_R);$_R=0;$_X=0;
If we break this apart into it’s core lines we have:
//decode our main string with base64_decode
$_X=base64_decode($_X);
//replace obfuscater characters in the result with the correct ones
$_X=strtr($_X,'123456aouie','aouie123456');
//replace the contents of $_R with our unencrypted file/PHP code
$_R=ereg_replace('__FILE__',"'".$_F."'",$_X);
//run the contents of the unencrypted file/PHP code
eval($_R);
//clear the contents of $_R so you can't access it
$_R=0;
//clear the contents of $_X so you can't access it
$_X=0;
3. Decrypting the encoded code
So now we just need to run the decryption code as far as it replacing the contents of $_R with the un-encrypted result, and echo that out to the screen.
Here’s the code:
//decode our main string with base64_decode
$_X=base64_decode($_X);
//replace obfuscater characters in the result with the correct ones
$_X=strtr($_X,'123456aouie','aouie123456');
//replace the contents of $_R with our unencrypted file/PHP code
$_R=ereg_replace('__FILE__',"'".$_F."'",$_X);
//print the contents of the unencrypted file/PHP code
echo($_R);
4. Final code
So we end up with:
And we can now make the changes we need