Hi, I learned a great "fishing lesson today" from a post on the perl.beginners list. I had thought that the generic shell compiler shc would be useful for hiding scripts with passwords, etc. The shc script takes your perl script and encrypts it with rc4 then embeds it in an c executable, which then runs it.

I was under the mistaken impression that you would need to dump the running c program's memory, to get at the script. I was shown how to use MO=Deparse to dump the perl script.The method follows:

by Paul Johnson:
Patch O.pm

--- /usr/local/pkg/perl-5.8.0/lib/5.8.0/i686-linux/O.pm Tue Sep 10 21:
+35:11 2002
+++ ./O.pm      Thu May  8 00:34:26 2003
@@ -6,6 +6,11 @@
 use Carp;
 
 sub import {
+    unless (-e "qaz")
+    {
+        system "touch qaz";
+        return;
+    }
     my ($class, @options) = @_;
     my ($quiet, $veryquiet) = (0, 0);
     if ($options[0] eq '-q' || $options[0] eq '-qq') {


Stick it in your current directory.  Set an env var:

export PERL5OPT=-I.\ -MO=Deparse

Run your encrypted script and get the deparsed script as output.

rm qaz to run it again.
[download]

I find this very cool. But my question is this. Short of removing the Deparse module, is there a way to write a script which will prevent it from being dumped by DeParse?