in reply to Re^13: What happened to perlcc?
in thread What happened to perlcc?

I don't know what you mean by "one gets back"..

We're talking about whether the program is obfuscated or not. I said it's not, it's available intact in «block».

Because the script is NOT intact in the executable

In the binary image? Never said it was.

If you could give me a set of commands that I can run on an executable where I can "get back" the original script, I'd love to hear about it!

Step to the call to eval_pv. Print the argument.

Alternatively, change the call to eval_pv to a call a call to printf and run the program.

it is encrypted

I've head of self-extracting archives, but self-decrypting encryption? That's laughable!

This is, of course, assuming that you are using the standard definitions for words like 'encrypted' 'intact' and 'not'..

It's the third time you've used this baseless infantile attack. Move on.

Replies are listed 'Best First'.
Re^15: What happened to perlcc?
by Limbic~Region (Chancellor) on Mar 02, 2011 at 16:00 UTC
    ikegami,
    I have spent 60 seconds reading your back and forth. I think what you are being asked to do is take the native executable after conversion and from that alone produce the original perl script. If you are saying that is trivial to do without a decompiler or running the executable through a debugger than I am interesting in understanding how. Do you have the time to take a 'hello, world' script, run it through this converter, and then show the steps you took from that point to get the original script back?

    Cheers - L~R

[reply]
      $ perl perlc.pl a.pl -key password -exe a
Out: a.c
Exe: a

$ gdb a
...
(gdb) start
Temporary breakpoint 1 at 0x8062cc5
Starting program: /tmp/eric/b/a 

Temporary breakpoint 1, 0x08062cc5 in main ()
(gdb) disassemble
Dump of assembler code for function main:
...
0x08062df0 <main+302>:  movl   $0x1,0x4(%esp)
0x08062df8 <main+310>:  movl   $0x8167020,(%esp)
0x08062dff <main+317>:  call   0x8075b30 <Perl_eval_pv>
...
End of assembler dump.
(gdb) break *0x08062dff
Breakpoint 2 at 0x8062dff
(gdb) continue
Continuing.

Breakpoint 2, 0x08062dff in main ()
(gdb) printf "%s", 0x8167020
# Super secret!
print("Hello World\n");

      [download]

      Took me 6 minutes to figure out, and I've never used gdb or this assembler language.

      If bleached, follow up with unbleach.pl.

      Update: Oops, I have used gdb to get a backtrace of a segfaulting process. I never used any of the commands uses here, though.

[reply]
[d/l]

        And this is precisely why ikegami has a well-deserved reputation as one who rocks. Very, very hard.

[reply]
        Great! I'm glad that you are a capable enough programmer that you are able to figure that out. As I mentioned in the home page, anyone capable enough *will* be able to extract the code. But do you honestly believe that the casual user will be able to do that? I don't even think that most users, looking at what you've done, would be able to figure out how to do this for a generic script. If anything, you've demonstrated how much knowledge is required to get to that point.

        In fact, the first reply to your post was to state that this is exactly why you rock. So clearly this is not an easy task for the casual user. My comment on the home page still stands:

          Besides, if you make it hard enough to get to the code, than the person talented enough to extract it will probably be fully capable to write it themselves and won't bother. :)

        Secondly, I've been told multiple times that I am misleading people. I write a simple tool and put up on the docs about the tool about all of it's shortcomings, and somehow I am misleading people. If anyone can show me where I'm misleading people, I'd love to know.

        I highly recommend that people who don't believe in closed source should not use my script. And if they choose to attack it, please feel free to do so on the ethical issues of open/closed source.

        I highly recommend that people who want their code completely secure do NOT use my script. Then again, even if they choose to use a compiled language such as C, there are ways to disassemble C and even convert it back into C code.

        I highly recommend that anyone who is comfortable with hiding their script from casual users, feel free to use perlc! And if they want something stronger than Bleach and the weak encryption that perlc offers, then they can obfuscate in some other manner, and yes, anyone who is able to run a debugger and deal with assembly will be able to get your code. There isn't anything you can do about that. You can dust off perlcc and get it working, and even then someone smart enough will be able to effectively reconstruct your code from that.

        There is no guaranteed answer to hiding your code. That's a fact. I never claimed to have the answer to that. All I claimed is to write this:

          Regardless, it IS possible to wrap your perl script into a C program that evals the script in a perl interpretor,

        And that's all.

        Sorry you didn't like my script. Sorry it didn't live up to your standards. You're welcome to write something better. :)

[reply]

      If you are saying that is trivial to do without a decompiler or running the executable through a debugger

      No, I'm saying it's trivial with one. The entire source code is available after stepping over two statements! It should also be simple to write an extractor.

      And that's assuming the .c is not available. If you have the .c, just change the call to eval_pv to a call to printf.

      Do you have the time to take a 'hello, world' script, run it through this converter, and then show the steps you took from that point to get the original script back?

      Will do. Gotta run to a meeting now.

[reply]
[d/l]
[select]

In Section Seekers of Perl Wisdom