Beefy Boxes and Bandwidth Generously Provided by pair Networks
Perl Monk, Perl Meditation

Re: [B::Deparse] Trying to find sub's code

by bulk88 (Priest)
on Jul 16, 2012 at 06:30 UTC ( #981970=note: print w/replies, xml ) Need Help??

in reply to [B::Deparse] Trying to find sub's code

Here is my favorite typical way of decompiling perl.
use Data::Dumper; use B::Deparse; use Devel::Size qw(size total_size); use B::Concise; use Devel::Peek; my $deparse = B::Deparse->new(); print $deparse->coderef2text(*Win32::LoadLibrary{CODE}); print "\n\n".size(\&Win32::LoadLibrary )."\n\n"; my $walker = B::Concise::compile('-src','-exec',*Win32::LoadLibrary); $walker->(); Dump(*Win32::LoadLibrary{CODE});
; 247 *Win32::LoadLibrary: *Win32::LoadLibrary is XS code SV = IV(0xcbaf78) at 0xcbaf7c REFCNT = 1 FLAGS = (TEMP,ROK) RV = 0xc45b3c SV = PVCV(0xc12a3c) at 0xc45b3c REFCNT = 2 FLAGS = () COMP_STASH = 0x0 XSUB = 0x3a2528 XSUBANY = 3 GVGV::GV = 0xc45b2c "Win32" :: "LoadLibrary" FILE = "Win32.xs" DEPTH = 0 FLAGS = 0x800 OUTSIDE_SEQ = 0 PADLIST = 0x0 OUTSIDE = 0x0 (null)
Deparse can't decompile C for you. Only pure perl functions. Try Ollydbg (shareware) or pay for Ida Pro if you need to decompile machine code.

update: WSD::Filter is a proprietary not-FOSS XS module with a EULA for an Apache webserver. To OP, either buy the license, or buy Ida Pro, or both (if you want to make sure your binary blob isn't a rootkit).

update: since you use linux, I strongly suggest not investing in a copy of Ida Pro since Ida Pro only understands MS symbol files, not GCC symbol data.

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://981970]
and all is quiet...

How do I use this? | Other CB clients
Other Users?
Others musing on the Monastery: (2)
As of 2018-05-26 01:22 GMT
Find Nodes?
    Voting Booth?