|
Re: Problems Bleaching
by Abigail-II (Bishop) on Feb 13, 2003 at 14:42 UTC
|
Acme::Bleach has nothing to do with making your code unreadable.
It's like turning over a sheet of paper, and expecting your
writing to be unreadable.
Acme::Bleach is a joke module. I would have
thought the name and the manual page would give enough clues
to not take this module seriously. Think about it - perl (the
binary) still needs to see Perl (code). By having the source
self decoding, it becomes trivial to decode it. All you do is
increase the load on your server, and time your users have to
wait for their requested information.
Why would you want to make your code "unreadable" anyway?
Abigail | [reply] |
Re: Problems Bleaching
by tachyon (Chancellor) on Feb 13, 2003 at 14:03 UTC
|
What bleach does is to encode you script as binary and then convert the 0 and 1 to spaces and tabs so it appears invisible. It does this the first time you run the script so if you look at the script after it has been run once you should just see:
#!/usr/bin/perl
use Acme::Bleach
ie a couple of lines and a lot of whitespace. When the code is run Acme::Bleach converts it back to plaintext and passes this to perl ie it is a source filter. You script should run on the command line and print the header and the message Test ie:
$./myscript.pl
Content-type: text/html
Test
$
Provided this works then all should be well. The caveat is if for some reason Acme::Bleach is not available within your CGI environment. For security implications (ie lack of) see Unbleach.pl cheers
tachyon
s&&rsenoyhcatreve&&&s&n.+t&"$'$`$\"$\&"&ee&&y&srve&&d&&print
| [reply]
[d/l]
[select] |
|
|
Thanks for all the help guys, I tried everything you suggested but it still doesn't work for me...
I can run the script on the command line, and it encodes everything (i.e. changes for whitespace and tabs). I can get the output when run from the command line, but when I try to view through my browser I get nothing :-(
I think maybe it is because I am running Perl on windows and Apache2... does Bleach not work with this combination?
cheers,
Tom
| [reply] |
|
|
What does not working mean? No output, Internal server error, etc. Have you checked the error logs probably in C:\Program Files\Apache Group\Apache2\logs to see what Apache says????
cheers
tachyon
s&&rsenoyhcatreve&&&s&n.+t&"$'$`$\"$\&"&ee&&y&srve&&d&&print
| [reply] |
|
|
#!/path/to/perl -w
print "Content-type: text/text\n\n"; #or text/html, whatever
print "Hello, world!\n";
Oh, you're missing a space after Content-type: in your sample, I think. Don't know if that could be the source of your problem or not...
--
Mike | [reply]
[d/l] |
|
|
Re: Problems Bleaching
by diotalevi (Canon) on Feb 13, 2003 at 14:49 UTC
|
Two issues - first is that your source code needs to be encoded. So either run the program while logged in as someone who can alter the source or grant that ability to your web server user. Second - when Bleach runs it removes the shebang line from the source so you have to add that back in. Edit the source and add that first line that reads '#!/usr/bin/perl' or whatever is appropriate.
Seeking Green geeks in Minnesota
| [reply] |
Re: Problems Bleaching
by CountZero (Bishop) on Feb 13, 2003 at 16:36 UTC
|
If you make a dynamic web-page, i.e. a script which returns a web-page, and it runs correctly, all what your users see through their browsers is the result of your script and not the script itself. Unless of course your script did not run and gets output as text, in which case you need to check the set-up of your CGI and server.
So generally there is no need to "encode" the script as the users will never see it anyhow.
CountZero "If you have four groups working on a compiler, you'll get a 4-pass compiler." - Conway's Law
| [reply] |
Re: Problems Bleaching
by antirice (Priest) on Feb 13, 2003 at 19:35 UTC
|
Just wondering, but does the webserver have privileges to edit the script? If not, then that's your problem.
Of course, what you're doing is pretty pointless. If you're running this script on someone else's machine, they can just take the script and decode it themselves. In this case, get a host you can trust not to look at your stuff. If it's on your machine, then that's just so hilarious that I can hardly continue typing. If this is your security policy, might I suggest investing in a new one. I'm not trying to be a troll. Acme::Bleach is nice to look at and nice to show perl programmers just starting out, but it is not meant to be taken as a serious form of security.
antirice
The first rule of Perl club is - use Perl
The ith rule of Perl club is - follow rule i - 1 for i > 1 | [reply] |
Re: Problems Bleaching
by robartes (Priest) on Feb 13, 2003 at 13:07 UTC
|
Your problem is most likely not the Acme::Bleach (try your second piece of code without the bleaching, and I bet it still won't work), but the lack of proper html. Try this:
use Acme::Bleach;
print "HTTP/1.1 200 OK\n";
print "Content-type:text/html\n\n";
print "<html><head><title>Camels are hairy</title></head>",
print "<body><p>Test</p>";
print "<p>I will always write proper HTML</p>"x10;
print "<p>Or better yet, I will always <a href="http://www.perlmonks.o
+rg/index.pl?node_id=51012">use cgi;</a></p>";
print "</body></html>";
print "\n";
Does that help?
CU
Robartes- | [reply]
[d/l] |
|
|
tachyon@perlmonk>cat basic.pl
#!/usr/bin/perl
print "Content-type: text/html\n\n";
print "1";
tachyon@perlmonk>
http://tachyon.perlmonk.org/cgi-bin/basic.pl
cheers
tachyon
s&&rsenoyhcatreve&&&s&n.+t&"$'$`$\"$\&"&ee&&y&srve&&d&&print
| [reply]
[d/l] |
|
|
| [reply] |
Re: Problems Bleaching
by MadraghRua (Vicar) on Feb 13, 2003 at 20:22 UTC
|
| [reply] |
Re: Problems Bleaching
by JamesNC (Chaplain) on Feb 14, 2003 at 00:01 UTC
|
**Also when running Apache #!/perl/bin/perl
Or whatever the path is to your perl MUST be on the first line of all of your CGI scripts.. check the Apache's log.
I don't see it on yours.
Cheers...
James | [reply]
[d/l] |
Re: Problems Bleaching
by crenz (Priest) on Feb 13, 2003 at 22:58 UTC
|
print "Content-type:text/html\n\n";
That should be
print "Content-type: text/html\n\n";
Note the extra whitespace. Does it work now?
You are perfectly right in saying that Acme::Bleach makes your code unreadable (unless un-bleached). Why you would want to do that is beyond me, though :)
| [reply]
[d/l] |
Re: Problems Bleaching
by Desdinova (Friar) on Feb 15, 2003 at 10:37 UTC
|
If you really want your code to be unreadable just take some pointers from the Obfuscated Code section here ;)
Really though as alrady mentioned you won't get any security for you code through this method, nor with any other "encoding" scheme, if for whatever reason you need the source to hidden look into compilers available from activestate or Indigo Perl, beyond that it really depends on why you are trying to prevent from seeing the souce an why
Edit(03/14/2003 18:00 EST): Fixed typos and word switch so this closer to english
| [reply] |
Re: (nrd) Problems Bleaching
by newrisedesigns (Curate) on Feb 13, 2003 at 13:02 UTC
|
You need to send the header as plain text, so send it before you start bleaching.
Update: Abigail-II is correct. I'm way off base. Sorry for the unintended confusion.
John J Reiser
newrisedesigns.com
| [reply] |
|
|
| [reply] |
|
|
Sorry for jumping to the gun. I mistakenly remembered Acme::Bleach as a humorous application of SNOW-like encryption. I forgot the module does it to itself, not its output.
John J Reiser
newrisedesigns.com
| [reply] |