Slash Boxes
NOTE: use Perl; is on undef hiatus. You can read content, but you can't post it. More info will be forthcoming forthcomingly.

All the Perl that's Practical to Extract and Report

use Perl Log In

Log In

[ Create a new account ]

Beatnik (493)

  (email not shown publicly)

A 29 year old belgian who likes Mountain Dew, Girl Scout Cookies, Tim Hortons French Vanilla Flavoured Cappucinno, Belgian beer, Belgian chocolate, Belgian women, Magners Cider, chocolate chipped cookies and Perl. Likes snowboarding, snorkling, sailing and silence. Bach can really cheer him up! He still misses his dog.

Project Daddy of Spine [], a mod_perl based CMS.

In his superhero time (8.30 AM to 5.30 PM), he works on world peace.

Journal of Beatnik (493)

Saturday December 21, 2002
09:06 PM

Source Code Encryption

[ #9592 ]
I was wondering through the monastery just now and I bumped onto a node on Source Code Encryption... Someone mentioned World Wide Perl Coder and I was intrigued how exactly this would work. I fired up Wine and installed the app. It warned me I needed at least a 433 mhz CPU and that this program would suck up all resources. It would also take at least 0 minutes to process source code. Now, that REALLY got me wondering how magical this all was. So I threw a simple Hello World snippet at it and it processed it in under a second (figures). So what did it generate??

An Obfu.

How the output looks like

Now, a few things struck me immediatly. First, it's storing the plain source code in there, causing perl to b0rk (2 points in 1 go). Secondly, it's basically stuffing 2 vars with "unreadable data". The first mostly filled with digits with the usual marker in there somewhere. The second is a huge concatenation of chr sequences. Next it evals that second var into something that basically reads from DATA, unpacks it into code and eval's it. That eval'ed code basically reads the first params, removes a few chars (they're obviously in there to confuse ppl), split on that obvious marker, unpack it and eval it.

Now, another thing is that this is a trial. The coder itself expires at some point (I think), the encrypted code isn't. Any normal perl programmer would figure this out in 2 seconds and rewrite it (in perl) in 5. There is no real art to this obfu, no great mystery behind the encryption. I can only hope that the full version has a totally different, (actual) encryption.

I'm not promoting Filter::CBC but at least THAT is real encryption.
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
More | Login | Reply
Loading... please wait.