Re: Malicious Perl Scripts & Web Development

As long as there isn't any personal or corporate information included in the script it should be fine to paste it here. You could add a warning that it's potentially malicious and include it inside code tags like this: <code> ... </code>. Since you posted anonymously you can't edit your node and you'll have to post it in a new one.

If it is obfuscated it might be difficult to tell what it contains. In that case you could use Perl's B::Deparse module to deparse it and get an idea of what the script would do without actually running it. Here are some examples: Debunk Perl's magic with B::Deparse, 804232

Try this:

perl -MO=Deparse byyl.pl

Comment on Re: Malicious Perl Scripts & Web Development Select or Download Code

Replies are listed 'Best First'.
Re^2: Malicious Perl Scripts & Web Development by webdev419 (Initiate) on Apr 12, 2019 at 19:31 UTC
here is the malicious script below Read more... (112 kB)	[reply] [d/l]
Re^3: Malicious Perl Scripts & Web Development by Lotus1 (Vicar) on Apr 12, 2019 at 20:35 UTC
Interesting. I'll let the Monks who are more experienced with web development comment overall but I noticed the `print decode_base64("PHNj....` and decided to try to decode it. It is some JavaScript(?) that has been encoded. It seems to just be doing keyword color highlighting for some program code. I first used a webpage to decode it and then the following script. Read more... (4 kB) The result is: Read more... (3 kB) I reformatted it slightly to try to make sense of it but I don't have the time or patience to take this any further. Good luck. Read more... (3 kB)	[reply] [d/l] [select]