Being Evil against Encoded PHP Files

Lets say a server has been exploited and an attacker wants to intercept data coming from a web application in order to gain sensitive information such as plaintext server passwords. Lets also say that application is WHMCS. One of the requirements is IonCube Loader which protects PHP source code from easy observation, theft and change by compiling into bytecode. Sample of WHMCS with IonCube encoded source code When an encoded Ioncube file is changed in any way a 500 internal server error occurs....

June 28, 2017 · 2 min · Naz Markuta