...

Danger :) I don't know that that obfu ever did anyting, but its fairly standard fare, try to hide when you're doing something tricy, transform nonsense into a message (or evil) 

#!/usr/bin/perl --
use strict;
use warnings;
use B::Deparse();
use Safe();
use Data::Dump qw/ dd /;
use Perl::Tidy();
use PPI();
use PPI::Dumper();

#~ [id://630435] on Aug 03, 2007 at 03:44 UTC
my $obfu3raw  = <<'__RAW__';
$==$';$;||$.|$|;$_='*$(^@(%_+&~~;#~~/.~~;_);;.);;#);~~~~;_,.~~,.*+,./|
+~~;_);@-,.;.);~~,./@@-__);;.);;#,.;.~~@-);;#);;;);~~,.*+,.;#);;;;#-(@
+-__);;.);;#,.;.~~@-););,./.);~~,./|,.*+,./|,.););;#;#-(@-__);;.);;#,.
+;.~~@-;;,.,.*+,./@,.;.;#__;#__;;,.,.*+,./|,.;;;#-(@-__@-__,.;_);@-,.;
+.,./|~~();.;#;.;;;;;;;;;.;.~~;.~~~~/@~~@-~~~~;#/|;#/|~~~~~~/@~~@-~~~~
+~~;_,.;;,.;.);,.~~;_,./|);;.,./@,./@~~~~~~*+;#-(@-__,.,.,.*+,./|,.;;~
+~()~~@-);;#);;.,.~~~~@-);-(@-__@-*+);~~,..%,.;;,.*+);~~~~@-,.*+,.,.~~
+@-~~.%,.;;~~@-,./.,./|,.;;~~@-~~.%););;#-(@-__@-*+);;.,./|,./@,.*+,./
+|,.-(~~@-,.*+,.,.~~@-~~.%,.,.~~@-,./.,./|,.;;~~@-~~.%););;#-(@-__);.%
+~~/@~~@-~~~~~~;_,.(),.;_,..%,.;.~~;_~~;;;#/|~~~~~~*+;#-(@-__);@-);~~,
+.*+,./|);;;~~@-~~~~;;__;;/.;.@-;;();./@,./|~~~~;#-(@-__&$#%^';$__='`'
+&'&';$___="````"|"$[`$["|'`%",';$~=("$___$__-$[``$__"|"$___"|("$___$_
+_-$[.%")).("'`"|"'$["|"'#").'/.*?&([^&]*)&.*/$'.++$=.("/``"|"/$[`"|"/
+#'").(";`/[\\`\\`$__]//`;"|";$[/[\\$[\\`$__]//`;"|";#/[\\\$\\.$__]//'
+").'@:=("@-","/.","~~",";#",";;",";.",",.",");","()","*+","__","-(","
+/@",".%","/|",";_");@:{@:}=$%..$#:;'.('`'|"$["|'#')."/(..)(..)/".("``
+`"|"``$["|'#("').'(($:{$'.$=.'}<<'.(++$=+$=).')|($:{$'.$=.'}))/'.("``
+`;"|"``$[;"|"%'#;").("````'$__"|"%$[``"|"%&!,").${$[};
return "$~$__>&$=";
##`$~$__>&$=`;
__RAW__

my $obfushell = <<'__RAW__';
perl -0ne 's/.*?&([^&]*)&.*/$1/sg;s/[\t\n ]//g;@:=("@-","/.","~~",";#"
+,";;",";.",",.",");","()","*+","__","-(","/@",".%","/|",";_");@:{@:}=
+$%..$#:;s/(..)(..)/chr(($:{$1}<<4)|($:{$2}))/egs;eval' - >&2
perl -0ne '
s/.*?&([^&]*)&.*/$1/sg;
s/[\t\n ]//g;
@:=("@-","/.","~~",";#",";;",";.",",.",");","()","*+","__","-(","/@","
+.%","/|",";_");
@:{@:}=$%..$#:;
s/(..)(..)/chr(($:{$1}<<4)|($:{$2}))/egs;
eval
' - >&2

__RAW__

my $obfushelled = <<'__RAW__';
$/ = "\000"; $\ = undef;
s/.*?&([^&]*)&.*/$1/sg;s/[\t\n ]//g;@:=("@-","/.","~~",";#",";;",";.",
+",.",");","()","*+","__","-(","/@",".%","/|",";_");@:{@:}=$%..$#:;s/(
+..)(..)/chr(($:{$1}<<4)|($:{$2}))/egs;
$_; ##eval
__RAW__


Dobfu( $obfu3raw );
Dobfu( $obfushelled );

exit( 0 );

sub Dobfu {
    my $dobfu = shift;
    print "\n\n##src2deparse\n", src2deparse( \$dobfu ),
          "\n\n##src2ppidumper\n", src2ppidumper( \$dobfu ),
          "\n\n##src2perltidy\n", src2perltidy( \$dobfu ),
          "\n\n##src2ppistrings\n", join "\n\n", src2ppistrings( \$dob
+fu ),
          "\n\n##SafestUndumper src2ppistrings\n", SafestUndumper( "jo
+in ',', ".join(',', src2ppistrings( \$dobfu ) )  ),
          "\n\n##SafestUndumper raw\n", join "\n\n", SafestUndumper( \
+$dobfu ),
          "\n\n";
}

 

sub src2deparse {
    use Path::Tiny qw/ path /;
    use B::Deparse;
    my $modfile = shift  or die "need one modfile or \'string'";
    my $mod = ref $modfile ? $$modfile : path( $modfile )->slurp_raw;
    die "NO WAY STUPID!! " if $mod =~ /\b(?:BEGIN|CHECK|INIT|UNITCHECK
+|END|sub)\b/;
    my $modsub = do { no strict; no warnings;  eval " sub { return ; $
+mod } " or die $@ };
    my $deparsed = B::Deparse->new(
        "-p", ## extra parens for disambiguation
        "-sC", ## cuddle elsif
        "-si2", ## indent by 2 instead of 4
    )->coderef2text( $modsub ) ;
    return $deparsed;
}

sub src2ppidumper {
    use PPI();
    use PPI::Dumper();
    my $modfile = shift or die "need one modfile or \'string'";
    my $Module = PPI::Document->new( 
        $modfile,
        readonly => 1,
    );
    my $errstr = PPI::Document->errstr ;
    my $Dumper = PPI::Dumper->new( $Module,
        memaddr    =>   0,
        indent     =>   2,
        class      => ! 0,
        content    => ! 0,
        whitespace => ! 1,
        comments   => ! 0,
        locations  =>   0,
    );
    
    $Dumper = $Dumper->string; ## grr
    
    wantarray ? return( $Dumper, $errstr ) : return( $Dumper );;
}

sub src2perltidy {
    use Perl::Tidy();
    my $modfile = shift or die "need one modfile or \'string'";
    my $html = "";
    my $stderr = "";
    Perl::Tidy::perltidy(
        source => $modfile,
        destination => \$html,
        stderr => \$stderr,
    );
    wantarray ? return( $html, $stderr ) : return( $html );
}



use PPIx::XPath;
use Tree::XPathEngine;
sub PPI::Token::xf { goto &PPI::Node::xf }
sub PPI::Node::xf {
    my( $node, $query ) = @_;
    $query = PPIx::XPath->clean_xpath_expr( $query );
    $::pxp ||= Tree::XPathEngine->new();
    return $::pxp->findnodes( $query, $node );
}
sub src2ppistrings {
    use PPI();
    use PPI::Dumper();
    my $modfile = shift or die "need one modfile or \'string'";
    my $Module = PPI::Document->new( 
        $modfile,
        readonly => 1,
    );
    my $errstr = PPI::Document->errstr ;
    die "Could not parse [$modfile] for PPI: $errstr " if $errstr;



    return map { "$_" } $Module->xf( q{
        //Token::Quote::Double
        | //Token::Quote::Single    
    } );
##        | //Token::Quote::Interpolate ## the potential evil ones 
## qq{
##   evil @{[    eval die   ]}
##   evil @{[    `exit`     ]}
## }
}



sub SafestUndumper {
    use Safe;
    my $s = Safe->new;
# http://perl5.git.perl.org/perl.git/blob?f=regen/opcodes
    $s->permit_only(
        "anonlist",
        "anonhash",
        "pushmark",

# perlcall says "PUSHMARK macro tells Perl to make a mental note of th
+e current stack pointer."
        "const",
        "undef",
        "list",
        "lineseq",
        "padany",
        "leaveeval",    # needed for Safe to operate, is safe without 
+entereval

# needed for self-referentialnes
        "sassign",
        "rv2sv",
        "rv2hv",
        "helem",

# dd-style do-block self-referentialnes
        "enter",
        "null",
    );
    local $@;
    my(@ret)=$s->reval( @_ );
    warn $@ if $@;
    return @ret;
} ## end sub SafestUndumper
__END__

[download]

In reply to Re^5: using Safe.pm ( Safe::Deparse ) by Anonymous Monk
in thread using Safe.pm by Aldebaran

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.