This code (at least what I saw before it was removed) was not the most complicated Perl in the world. And from what I understood of it, the virus was painfully obvious. It was certainly clearly written and documented. Imagine the same thing in obfuscated form, that didn't simply insert itself at the top of a script where you can see it.

I don't think posting this code is immoral, and I think censoring the discussion is. Imagine if SecurityFocus incident reports were as crippled as the above discussion. The exploit description would be worthless, since only those in the "inner circle" would even know what was happening.

That said, I find this interesting because it raises the question of how to defend against this. Given crackings at places like SourceForge, is it so hard to imagine trojaned scripts out there?

Nothing I could come up with off the top of my head would be surefire, but is there a way to embed an MD5 hash into a script and perhaps use a module to test the script against the hash and exit on non-validation?
#/usr/bin/perl -wT
use strict;
print "Hello, world!\n";

[download]
run hello.pl through validatination.pl to get 
#/usr/bin/perl -wT
use strict;

#example of MD5 protection
use Validate::MD5;

print "Hello, world!\n";

#not a real hash this is off the top of my head
__HASH__
1A2E8584399E234F290C

[download]

In reply to (ichimunki) Re: Immoral? by ichimunki
in thread Morality of posting Perl "virus" code? by tachyon

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.