my $script_text = 'whatever'; # list var/sub names without %$@ # ensure vars can't pop up in other contexts - eg messages my @obsf = qw (var1 var2 sub1 sub2 ...); # remove comments - note I use "# ## to denote comment # to ensure only comments get removed $script_text =~ s/\s*# ##[^\n]+\n\s*/\n/gis; # remove extraneous CRs $script_text =~ s/;\s*\n\s*/;\n/gis; # and a few other things - html tags - tidy up $script_text =~ s/>\s+</></gis; # mess up indenting - make random $script_text =~ s/\t+/"\t" x (int(rand 6))/ges; # remove some crs $script_text =~ s/;\s+\}/; }/gis; $script_text =~ s/\}\s+elsif/} elsif/gis; $script_text =~ s/\{\s+/{ /gis; $script_text =~ s/\}\s+\}/} }/gis; $script_text =~ s/;\s+my/; my/gis; $script_text =~ s/if\s+\(/if \(/gis; # obfuscate array stuff majorly my $i=1; foreach (@obsf) { # create replacement my $replace = unpack ("B32", pack("N", $i)); $replace =~ s/^0+(?=\d)//; $replace =~ s/0/I/g; $replace =~ s/1/l/g; # replace in script $script_text =~ s/$_/$replace/gs; # move on... $i++; }
Makes it ugly to read, but anyone with time can unravel it.
Another option is using the Filter packages, but be prepared spending some time reading up on crypto - you have to write your own encryption, I believe. This is a lot more secure than plain obfuscation, but still readable by a determined hacker.
cLive ;-)
In reply to Re: Obfuscation of code...
by cLive ;-)
in thread Obfuscation of code...
by Stamp_Guy
| For: | Use: | ||
| & | & | ||
| < | < | ||
| > | > | ||
| [ | [ | ||
| ] | ] |