...

View Full Version : How to retrieve the OpCode?



kaisellgren
05-07-2009, 07:29 PM
Hi,

How could I retrieve the OpCode that PHP Engine generated for a script?

Fou-Lu
05-07-2009, 09:56 PM
PHP is interpreted, so you're going to have a heck of a time getting this.
You can get the source from the php website though, its through the QA but I can't remember what their link is off heart (at work, no bookmarks).
Anyway, you can use that to determine what C instructions are used when PHP commands are issued. You can probably run that though a debugger and step though to the assembly to see what opcode is in use.
Have fun, this will be the most painful task ever.

kaisellgren
05-07-2009, 09:59 PM
I know.

I'm already working on it..

CFMaBiSmAd
05-07-2009, 10:04 PM
http://www.php.net/manual/en/ref.bcompiler.php

Fou-Lu
05-07-2009, 10:05 PM
I forgot to ask, why would you need to know the opcode used for a specific script? I don't see any reason to handle this - there is a reason why we have high level programming languages nowadays.

kaisellgren
05-07-2009, 10:28 PM
I forgot to ask, why would you need to know the opcode used for a specific script? I don't see any reason to handle this - there is a reason why we have high level programming languages nowadays.

I need to analyze PHP code and I figured it would be easier to analyze the OpCode instead of PHP code itself.

By analyzing I need to know exactly how everything is executed and what variables contain and what is outputted to where and what is passed into functions, etc.

bazz
05-08-2009, 12:48 AM
Sounds like you are trying to clean the params passed between pages so that your db etc won't be corrupted by injection attacks.

I would have thought regex's and the 'escape string' or 'strip slashes' would do the trick. Sorry I am not proficient enough with php to recall properly, the mysql_escape_string syntax or the 'strip slashes' one.

And if I have misunderstood , apologies for that too.

bazz

kaisellgren
05-08-2009, 12:51 AM
Sounds like you are trying to clean the params passed between pages so that your db etc won't be corrupted by injection attacks.

I would have thought regex's and the 'escape string' or 'strip slashes' would do the trick. Sorry I am not proficient enough with php to recall properly, the mysql_escape_string syntax or the 'strip slashes' one.

And if I have misunderstood , apologies for that too.

bazz
No need to apologize anything. Not exactly what I want to do, but the principles are the same - I want to know what happens in that PHP code what is passed to where.

The BCompiler link was interesting.



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum