I believe these obfuscators work by forcing you to install a binary-only .so zend extension in php.ini, which intercepts these encoded files. The files themselves should decode to already-halfway-parsed PHP opcodes or so, which is probably injected into the PHP/Zend virtual machine.
Figuring out the encoding scheme is probably a lot of boring disassembly work, which in the end just lets you decode a bunch of PHP opcodes which themselves would take a lot of work to make sense of.
Figuring out the encoding scheme is probably a lot of boring disassembly work, which in the end just lets you decode a bunch of PHP opcodes which themselves would take a lot of work to make sense of.
But perhaps the Vulcan Logic Dumper could help out a little bit. http://derickrethans.nl/projects.html#vld