lets speak about php Encryption to protection config.php

lets speak about php Encryption to protection config.php ???

Permalink Reply by System Daemonologist on October 2, 2008 at 12:58am: The big problem, is the key will be store some where as available as the config.php... So it doesn't do much.; ▶ Reply to This

Permalink Reply by k3vin mitnick on October 2, 2008 at 10:45pm: coool but what do you think about the last Zend_Guard ???; ▶ Reply to This

Permalink Reply by System Daemonologist on October 3, 2008 at 3:41am: So encryption like Zend_guard.

config.php can't be encrypted directly using zend_guard. By encrypted it by mcrypt fonctions, it can be done, if there is a key in a crypted file. But, the php bitcode, is available to third party after it's decrypt and send to the php execution engine. So, if you have access to the file, just modify the php.ini and use a bitcode decoder.

Yes, it's more secure, will create some difficulty for the majority of pirates. But any good hackers, it's not a big problem. Using a server licence, the attacker will need to run the decoder on the server, and not offline.; ▶ Reply to This

Permalink Reply by System Daemonologist on October 3, 2008 at 10:27pm: So did I answer with a good response?; ▶ Reply to This

Permalink Reply by k3vin mitnick on October 4, 2008 at 2:47pm: cooool ;-)) we need to protect all the system; ▶ Reply to This

Permalink Reply by System Daemonologist on October 4, 2008 at 5:31pm: I'm doing PHP security audit, if you ever need it.; ▶ Reply to This

Permalink Reply by k3vin mitnick on October 7, 2008 at 7:34am: thankss man its cooool; ▶ Reply to This

Welcome to
House of Hackers

Sign Up
or Sign In

About

pdp created this Ning Network.