Re^3: Code hiding in Perl

in reply to Re^2: Code hiding in Perl
in thread Code hiding in Perl

The encryption is done through custom C executable and the execution of encrypted binary code can only be done through another C executable (dummy Perl interpreter) and it does in-memory execution like this.
perl_run(my_perl);
eval_pv(buffer, TRUE);
[download]

Easily broken:

start a debugger
load the "encrypted" program from the debugger
set a breakpoint at the call to eval_pv(), or at the first instruction of eval_pv()
start the program
instruct the debugger to show the contents of buffer
copy contents of buffer to a text file
kill the program
exit the debugger

It was explained a thousand times or more, but once more for you:

Perl is designed to evaluate unencrypted source code, so at some point, you have to decrypt the encrypted code. Alternatively, you can feed perl a prepared parse tree, in unencrypted form. Again, you have to decrypt the encrypted tree before passing it to perl. B::Deparse can reconstruct perl source code from the tree, so you gain exactly nothing from using a tree.

Both ways, you have to decrypt the encrypted data, so your executable must contain the decryption algorithm and the required decryption key. Both can be exctracted from the executable to create an independant decryption tool. Or, as I explained above, one can simply stop the execution of the program at the point where the decrypted data is passed to perl API functions. That's usually much less work.

And there is NO WAY to prevent that.

See also:

Alexander

--
Today I will gladly share my knowledge and experience, for there are no sweeter words than "I told you so". ;-)

Comment on Re^3: Code hiding in Perl Select or Download Code

Replies are listed 'Best First'.
Re^4: Code hiding in Perl by sumanta (Novice) on Jun 29, 2015 at 06:58 UTC
I have already explained that the purpose of this work is to make it harder for them to dig inside the logical portion of the code .. Now ofcourse I know it can't be hidden completely, there is always a way out for everything and if you go by that logic, nothing seems to be correct .. anyway , the process I adopted, you just can't debug that .. because it is disabled.	[reply]
Re^5: Code hiding in Perl by afoken (Chancellor) on Jun 29, 2015 at 18:48 UTC
you just can't debug that .. because it is disabled. That's just ridiculous. Perhaps you can disable the Perl build-in debugger. But you can't disable external debuggers. Sure, you can add code to the executable that makes them harder to use, but you can not prevent your program from being run under a debugger or in a virtualised environment. If you think you can, show your code! Alexander -- Today I will gladly share my knowledge and experience, for there are no sweeter words than "I told you so". ;-)	[reply]
Re^5: Code hiding in Perl by Anonymous Monk on Jun 29, 2015 at 07:04 UTC
I have already explained that the purpose of this work is to make it harder for them to dig inside the logical portion of the code .. Now ofcourse I know it can't be hidden completely, there is always a way out for everything and if you go by that logic, nothing seems to be correct .. anyway , the process I adopted, you just can't debug that .. because it is disabled. sounds like nonsense :)	[reply]

In Section Seekers of Perl Wisdom