Using a php script to batch-encrypt the php code，report error “segmentation fault (core dumped)”.
Here is the php script:

$path='/home/PHPmi/phpmi.txt';
if(file_exists($path)){
    $res=file_get_contents($path);
    $arr=explode(',',$res);
    foreach($arr as $k=>$v){
        if($v){
            $script=file_get_contents($v);
            $encode=screwim_encrypt($script);
            $result=file_put_contents($v,$encode);
            if($result){
                echo $v."--Successed !\n";
            }else{
                echo $v."--failed !\n";
            }
        }
    }
    echo  count($arr)."Complete\n";
}

phpmi.txt is a file with the paths of php code's files.

Bug Environments

• Product Version : 1.0.3
• PHP Version: 7.4.16
• PHP SAPI:
• OS : CentOS 7.7

Describe the bug

A clear and concise description of what the bug is.

To Reproduce

Steps to reproduce the behavior:

1. Compile as usual
2. Install module via make install
3. add php file name test.php with print_r (screwim_seed ());
4. execute php -f test.php

Expected behavior

A clear and concise description of what you expected to happen.
Should see error like "PHP Fatal error: screwim_decrypt(): ScrewIm decode error. A preset dictionary is required. The adler field shall be set to the Adler-32 checksum of the dictionary chosen by the compressor. In this case, you should suspect that ScrewIm's encode key is not correct. in /var/www/test.php on line 10"

But we can see

[keybyte] => 660be24db113c74072239d0fe7123420
[keystr] => 2918, 19938, 5041, 16583, 9074, 3997, 4839, 8244
[headerlen] => 14

Screenshots

Additional context

So using key from this output we can do "screwim -k 660be24db113c74072239d0fe7123420 enc.php" end get decoded file

[이슈]
Ubuntu 18 , php 7.4.5 환경에서 mod_serewim 컴파일 안됨
(PHP 7.4.5 (cli) (built: Apr 19 2020 07:36:30) ( NTS )
Copyright (c) The PHP Group
Zend Engine v3.4.0, Copyright (c) Zend Technologies
with Zend OPcache v7.4.5, Copyright (c), by Zend Technologies )

make install 시도시, 다음과 같은 에러 발생

• mod_screwim/php_screwim.c:198:38 : error : 'zned_stream {aka struct _zend_stream}' has no member named 'mmap'

• mod_screwim/php_screwim.c:227:28 : error : 'ZEND_HANDLE_MAPPED' undeclared (first use in this function); did you mean 'ZEND_HANDLE_FP'?

[상황]

• zlib extention 확인 ( )
• php.ini 설정 완료 ( extention = screwm,so & screwim.enable =1 )
• PHP Warning: PHP Startup: screwim: Unable to initialize module
  Module compiled with module API=20170718
  PHP compiled with module API=20190902
  These options need to match

Currently, mod_screwim does not issue a compile warning message.
We will add the -Wall option.

Is your feature request related to a problem? Please describe:

For example I have several servers, installed on the client site and development is going right on them.
I want to encode files on this servers but not decode them.

Describe the solution you'd like:
There should be encode only binary, so I can run it and encode file with no parameters passed.
Or better way: binary, which will encode without additional params, but Decoding must ask for a key / password.

Describe alternatives you've considered:
A clear and concise description of any alternative solutions or features you've considered.

For now I can't use the same binary to encode, because it can be also used to decode with no problem.

Additional context:
Add any other context or screenshots about the feature request here.

Basically new binary should copy behaviour of api. Code anything, decode to file — only with key / password (and key / password must not be given as parameter, because shell history can store it).

Can you make universal clii tool, which will ask for keybyte for decode and encode? So we can use one binary for all installations/customers?

If -k is not passed, then keybyte should be asked, so keybyte will not goes to .bash_history

Segfault occurs in the screwim_compile_file API in the following cases:

1. zdecode API fails memory allocation
2. the deflate API(zlib) return value is not Z_OK and Z_STREAM_END

no contents.

I hope the author can support the encryption of phar packages. I'm using hyperf framework and I haven't been able to find an encryption protection scheme.

I implore the author to consider helping.

Thank you very much.

Bug Environments

• Product Version : 1.0.2 and master branch
• PHP Version: 8.0 and before
• PHP SAPI: mayby all

Describe the bug

If the input value of screwim_decrypt is not encrypted, Integer orverflow occurs.

Warning: no Crypted data in /path/z.php on line 2
PHP Fatal error:  Possible integer overflow in memory allocation (18446744073709551605 + 4096) in /path/z.php on line 2

Fatal error: Possible integer overflow in memory allocation (18446744073709551605 + 4096) in /path/z.php on line 2

To Reproduce

<?php
$data = "11";
$val = screwim_decrypt ($data);
?>

Expected behavior

Fatal error should not occur.

following arginfo constant support:

• ZEND_BEGIN_ARG_WITH_RETURN_TYPE_INFO_EX
• ZEND_ARG_TYPE_INFO
• ZEND_ARG_TYPE_INFO_WITH_DEFAULT_VALUE

Change version of master branch to 1.0.4

hi is this ext support windows? i tried to build in windows but file config.w32 are missing.

thanks

Change version of master branch to 1.0.5

Describes how to extract the encode key from the module file (php_screw.so or screwim.so) file using objdump on https://github.com/dehydr8/php_unscrew .

안녕하세요.

make시 add_property_string 매크로에 오류가 발생 하여 문의 드립니다.

[컴파일 환경]
PHP 5.6.31 (cli) (built: Sep 25 2017 14:34:20)
Copyright (c) 1997-2016 The PHP Group
Zend Engine v2.6.0, Copyright (c) 1998-2016 Zend Technologies
with Zend Guard Loader v3.3, Copyright (c) 1998-2014, by Zend Technologies
with Zend OPcache v7.0.4-dev, Copyright (c) 1999-2015, by Zend Technologies
with Suhosin v0.9.37.1, Copyright (c) 2007-2014, by SektionEins GmbH

[root@localhost:/usr/local/src/mod_screwim-master]# make
/bin/sh /usr/local/src/mod_screwim-master/libtool --mode=compile gcc -m64 -I. -I/usr/local/src/mod_screwim-master -DPHP_ATOM_INC -I/usr/local/src/mod_screwim-master/include -I/usr/local/src/mod_screwim-master/main -I/usr/local/src/mod_screwim-master -I/usr/local/include/php -I/usr/local/include/php/main -I/usr/local/include/php/TSRM -I/usr/local/include/php/Zend -I/usr/local/include/php/ext -I/usr/local/include/php/ext/date/lib -DHAVE_CONFIG_H -march=nocona -O2 -pipe -c /usr/local/src/mod_screwim-master/php_screwim.c -o php_screwim.lo
mkdir .libs
gcc -m64 -I. -I/usr/local/src/mod_screwim-master -DPHP_ATOM_INC -I/usr/local/src/mod_screwim-master/include -I/usr/local/src/mod_screwim-master/main -I/usr/local/src/mod_screwim-master -I/usr/local/include/php -I/usr/local/include/php/main -I/usr/local/include/php/TSRM -I/usr/local/include/php/Zend -I/usr/local/include/php/ext -I/usr/local/include/php/ext/date/lib -DHAVE_CONFIG_H -march=nocona -O2 -pipe -c /usr/local/src/mod_screwim-master/php_screwim.c -fPIC -DPIC -o .libs/php_screwim.o
/usr/local/src/mod_screwim-master/php_screwim.c:535:55: error: macro "add_property_string" requires 4 arguments, but only 3 given
/usr/local/src/mod_screwim-master/php_screwim.c: In function ‘zif_screwim_seed’:
/usr/local/src/mod_screwim-master/php_screwim.c:535: error: ‘add_property_string’ undeclared (first use in this function)
/usr/local/src/mod_screwim-master/php_screwim.c:535: error: (Each undeclared identifier is reported only once
/usr/local/src/mod_screwim-master/php_screwim.c:535: error: for each function it appears in.)
/usr/local/src/mod_screwim-master/php_screwim.c:536:53: error: macro "add_property_string" requires 4 arguments, but only 3 given
make: *** [php_screwim.lo] 오류 1

즐거운 시간 되세요.

우선, 좋은 툴을 공개해주셔서 감사드립니다.
설치해서 테스트해보고 있는데요.... 아래의 이슈가 있어서 문의 드립니다.

이슈

암호화된 파일 확장자가 php 인 경우 오류

상황

1. (원본)test.php 파일을 백업(test.backup.php) 한 후 암호화 한다. (test.php.screw 파일 생성)
2. (암호화된)test.php.screw 파일을 test.php 로 변경할 경우 에러발생
3. (암호화된)test.php.screw 파일을 그대로 사용할 경우 기존 (원본)test.php 파일 기능 정상작동

(암호화된)test.php.screw 파일을 test.abc 로 변경해도 기존 (원본)test.php 파일 기능 정상작동
즉, 확장자가 php 가 아닌 경우는 암호화된 파일이 원본 파일 기능을 정상적으로 수행합니다.

배경

본 Tool 을 사용해서 특정(중요) 파일을 암호화해서 타인에게 제공한 경우 만약, 암호화된 파일 확장자가 php 가 아닌 다른 확장자라면 암호화되었다는 지표가 되어 타인의 복호화 의도를 도울 수 있을 것으로
판단됩니다.

즉, 암호화된 파일과 일반 파일을 확장자로 구분해줘야 하는 상황이 되어 본 Tool 의 기본의도를 훼손하는 게 아닌가 하는 생각이 듭니다.

이 이슈를 해결할 방법이 없는지 궁금합니다.

감사합니다.

ScrewIm module is basically to compare force the magic key at the beginning of a file.

Therefore, ScrewIm does not matter whether the file is encoded, it opens all the files and checks for a magic key.

Considering normal server operation, most files will not be encoded with ScrewIm. And, in such environment, checking the magic key of whole files is very damaging to performance.

So, I suggest adding the screwim.enable INI option.

The default value of this option is false. If this value is not true, ScrewIm will not work.

For example:

# PHP ini configuration
fcrewim.enable = 1

# mod_php
<Directory /path>
    php_falg screwim.enable on
</Directory>

# PHP Cli envionments
[root@host ~]$ php -d screwim.enable=1 encrypted.php

# embeded php code
<?php
ini_set ('screwim.enable', true);
require_once 'encrypted.php';
ini_set ('screwim.enable', false);
require_once 'normal.php';

blah_blah();
?>

Do you also support php8.0?

please...

우선, 좋은 툴을 공개해주셔서 감사드립니다.
설치해서 테스트해보고 있는데요.... 아래의 이슈가 있어서 문의 드립니다.

이슈

아래의 기능을 원천적으로 제거할 방법이 없는지요?

1. 복호기능 : /usr/bin/screwim -d test.php.screw --> ( test.php.screw.discrew)
2. 복호함수: screwim_decrypt()

배경

본 Tool 을 사용하여 암호화한 중요 파일을 패키지화 해서 타인에게 제공한 이유 타인이 해당 파일을
복호화 할 수 있다면 본 Tool 의 의미가 없어지는 것 아닌지요?

참고로, 아래의 가이드 대로 configure 시에 --enable-screwim-decrypt 옵션을 주지 않았서 복호화를
막으려고 했는데... 이 옵션과 상관 없이.... CLI 모드에서 /usr/bin/screwim -d *.screw 명령어로 복호 파일이 생성되야 하는 이유를 모르겠습니다.

-- 아래 ---
configure 시에, --enable-screwim-decrypt 옵션을 주면, 복호화 기능(screwim_decrypt(), screwim_seed())이 추가 됩니다. 즉, 암호화된 PHP 파일을 복호화 할 수 있다 는 의미입니다.

--enable-screwim-decrypt 옵션은 배포용으로 빌드를 할 경우에는 절대 추가하면 안됩니다!

답변 부탁드립니다.

감사합니다.

Bug Environments

• Product Version : 1.0.4
• PHP Version: >= 8.1.0
• PHP SAPI: ALL
• OS : CentOS 7.10

Describe the bug

On PHP 8.1.0 and after, screwim-encrypt function returns wrong data.

Since PHP 8.1, the screwim_encrypt function malfunctions as the filename member of the zend_file_handle structure changes from character point to zend_string point.

Before PHP 8.1

typedef struct _zend_file_handle {
    union {
        FILE          *fp;
        zend_stream   stream;
    } handle;
    const char        *filename;
    zend_string       *opened_path;
    zend_stream_type  type;
    /* free_filename is used by wincache */
    /* TODO: Clean up filename vs opened_path mess */
    zend_bool         free_filename;
    char              *buf;
    size_t            len;
} zend_file_handle;

Since PHP 8.1:

typedef struct _zend_file_handle {
    union {
        FILE          *fp;
        zend_stream   stream;
    } handle;
    zend_string       *filename;
    zend_string       *opened_path;
    zend_uchar        type; /* packed zend_stream_type */
    bool              primary_script;
    bool              in_list; /* added into CG(open_file) */
    char              *buf;
    size_t            len;
} zend_file_handle;

To Reproduce

[user@host mod_screwim]$ php -n -d 'extension_dir=./modules/' -d 'extension=screwim.so' <<<-EOL
<?php
$ctx = <<<EOL
<?php
echo "I'm OK\n";
EOL;

$data = screwim_encrypt ($ctx);
$fp = fopen ('test-sub.php', 'wb');
fwrite ($fp, $data, strlen ($data));
fclose ($fp);

ini_set ('screwim.enable', true);
require_once ('./test-sub.php');
?>
EOL

Expected behavior

retruns "I'm OK" strings when execute upper code.

When a file is opened using include or require, the file_handle structure already has the file data in the handle.stream.mmap.buf member.

Therefore, if the value of file_handle-> type is ZEND_HANDLE_MAPPED, you do not need to reopen the encoded file, and you can use the value of file_handle-> handle.stream.mmap.buf.

This implementation can improve performance by allowing the file open to be made less once.