From time to time people ask if it is possible to use the Hardening-Patch together with the IonCube Encoder or the ZendEncoder. I usually answer, that they should ask the IonCube support or the Zend support, to simply create compatible versions.

This will change in the future. I had a look at both encoders that are most probably the most famous ones and I am kinda shocked. The IonCube Encoder does not offer any protection against oparray_dumping or oparray disassembly. If you want to see this for yourself, then download derick and andrei's vld and apply the following patch: vle-request-hack.diff. After you have applied this, simply load the IonCube Loader as normal and activate vld as usual.

You will see the disassembly of the encoded PHP script in ZendEngine Opcodes and you will most probably not notice any obfuscation at all... (You can always compare the output to the output of the not encoded version)

The good news for all the users of ZendEncoder (or however it is called nowadays) is, that it is a little bit harder to get the disassembly of scripts that were encoded with ZendEncoder, because you will notice that the Opcodes are encrypted. But anyone skilled with runtime encryption layers will be able to decrypt those opcodes. When you have broken the opcode encryption they look like the output of ZendOptimizer. Which means there are some ZentOptimizer specific opcodes in it, that have something todo with cached functionnames...