http://www.perlmonks.org?node_id=699842

sameerperl has asked for the wisdom of the Perl Monks concerning the following question:

This node falls below the community's threshold of quality. You may see it by logging in.

Replies are listed 'Best First'.
Re: Acme Bleach
by shmem (Chancellor) on Jul 24, 2008 at 12:18 UTC
    I have used Acme::Bleach module to encrypt my cgi source code.

    Beware, that is no encryption, just funny transliteration. Modules of the Acme namespace are generally not fit for production. There are exceptions, though - e.g. Acme::Code::Police.

    after encrypting, my cgi source file just contains invisible character.

    They are not invisible, they are just bleached. Perhaps rubbing them with tar adds some contrast.

    Is their any specification related Acme::Bleach module and cgi.

    No. You have to check the source to see where it breaks. But again, Acme::Bleach is for fun only. You might try encoding your code base64 (MIME::Base64), and have it decoded and executed on the fly on invocation. You could bleach that script... ;-)

    --shmem

    _($_=" "x(1<<5)."?\n".q·/)Oo.  G°\        /
                                  /\_¯/(q    /
    ----------------------------  \__(m.====·.(_("always off the crowd"))."·
    ");sub _{s./.($e="'Itrs `mnsgdq Gdbj O`qkdq")=~y/"-y/#-z/;$e.e && print}
Re: Acme Bleach
by marto (Cardinal) on Jul 24, 2008 at 12:16 UTC
    sameerperl,

    Did you post Acme Enc, as perlsameer?

    Regardless, have you checked your web servers error log file to find out what is wrong with your script? Does it run from the command line without any problems? Have you looked at any of the posts in CGI Programming from the tutorials section of this site?

    Read How do I post a question effectively? since you have, again, not given us much to go on (No example code, which you seem to be obfuscating despite the advice given in Acme Enc, no error messages, no information about your web server setup).

    Try and make some effort in posting, and choosing the title you give your post Acme::Bleach and Acme::Enc are hardly descriptive titles.

    Update: s/five/give/ thanks wfsp

    Martin
    A reply falls below the community's threshold of quality. You may see it by logging in.
Re: Acme Bleach
by eyepopslikeamosquito (Archbishop) on Jul 24, 2008 at 13:18 UTC

    I have used Acme::Bleach module to encrypt my cgi source code. after encrypting, my cgi source file just contains invisible character.
    Okay, okay, you caught us out. We were just joking before when we advised you not to use Acme modules to protect your source code. Your code is not functioning correctly only because its invisibility attribute is causing it to be ignored by a recent security fix made to the Perl interpreter to protect it from spoofed backscatter attacks. To fix your problem, you simply need to restore your code's visibility attribute by using one of following modules: Give them a try and let us know which one fixes your problem.

      (Seriously- there is hope.)

      sameerperl, you may want to try this out to unbleach.. If you're stuck. (Dunno where this came from, it was lying around on one of my systems- I tried it out.)

      #!/usr/bin/perl # unbleach.pl - for really dirty programs use strict; my $washing = pop or carp("Usage: unbleach [file]"); open white,"<$washing" or carp("Can't get $washing"); local $/; $_=<white>; s/(.*)^\s*use\s+Acme::Bleach\s*;\n(?: \t){8}/$1/ or carp("$washing is not bleached!"); open line,">$washing" or carp("Can't dry $washing"); print line out($_); sub out {s/\n//g;tr/ \t/01/;pack "b*",$_;} sub carp {print shift and exit} =head1 NAME unbleach.pl - For I<really> unclean programs =head1 SYNOPSIS unbleach.pl [file] =head1 DESCRIPTION This script will replace all the unsighted unprintable characters bleached out of your source file by Acme::Bleach. And turn it into directive with elegant (perhaps) ASCII perl code. It also removes the use bleach line when it rewrites the source code. The code continues to work exactly as it did before, but now looks like normal! =head1 DIAGNOSTICS =item C<Can't get '%s'> unbleach.pl could not read the source file. =item C<'%s' is not bleached!> unbleach.pl will only process files that have been previously bleached and have the expected format. =item C<Can't dry '%s'> unbleach.pl could not open the source file to modify it. =head1 SEE ALSO http://www.cpan.org/authors/id/DCONWAY/Acme-Bleach-1.12.tar.gz http://www.perlmonks.com =head1 AUTHOR not Damian Conway (as if you couldn't guess)

      I personally believe it would be correct of you -since you certainly know- to remind the OP that he could and should use one or more of those modules, as the more the better: ain't it so?

      --
      If you can't understand the incipit, then please check the IPB Campaign.
Re: Acme Bleach
by leocharre (Priest) on Jul 24, 2008 at 13:13 UTC

    Just because a script works as cli (command line interface) does not mean the thing works as cgi.

    Did you try running the thing as cgi before you used bleach?

    Did you really read Acme::Bleach documentation? Why not?

    You are not increasing security by 'hiding' your code. Perl is an interpreted language- *something* has to read the source. (Yes, I know). The way to hide sensitive data is not by hiding 'where' it is. That's like making a better cake by using more sugar. My point is you won't be able to hide it especially from admins, if that's what you're trying to do.

    You may be interested in compiled vs interpreted languages.

    If you're trying to hide stuff from someone with authority- the program does not need to be read or understood from the inside to know what it does.

Re: Acme Bleach
by olus (Curate) on Jul 24, 2008 at 13:07 UTC

    If that 'Premature Error' is premature end of script headers, then you may have forgotten to send the Content-type header.