Beefy Boxes and Bandwidth Generously Provided by pair Networks
go ahead... be a heretic
 
PerlMonks  

Transformation

by Alex the Serb (Monk)
on Jan 28, 2002 at 15:58 UTC ( #142042=sourcecode: print w/ replies, xml ) Need Help??

Category: Cryptography
Author/Contact Info Alex the Serb
Description: This script is tested on Linux platform, but could probably be run under Cygwin if Perl and GNU C compiler are installed. The script changes the original Perl script text by some values stored in @codes variable. Then, it makes the C file and make script for it to be compiled. After compilation the script is embeded in exe file, but its not visible in original form, so it will be not easy to change it in Hex editor. You could use this script with changed numbers in @codes variable every time you compile a new script. This will add additional difficulties to anyone who tries to crack it. Many thanks goes to Damian Conway, who told me to read perlembed, perlxs and stuff like that, because his module Morse.pm was not good enough! .. thanks dude! You call this script with one argument that points to Perl script that you want to transform. After transformation of the script, you should run make that was created during transformation. After that the file called "exe" is created. That is executable created from your script that will be executed real fast, much faster than using Damian's Morse or Bleach modules!!!

Important: This script was tested on many Perl scripts, however, because the Perl interpreter is statically linked into executable, the size of new script will be: (the size of Perl interpretter) + (the size of integer) * (number of characters of your script)

Also, the modules that are dinamically linked during execution must be available on the server that you are porting to. However, the most of you are like me (I don't port the scripts from one server to another that often), so you should probably compile Perl interpreter with dinamic library option libperl.so that will render Perl interpreter to only 15 Kb or so!

Important2: Its after nearly 3-4 months of succesfull execution of executables made by this script that I dared myself to put it in here .. so there is no fear of bad stuff happening to your computer :)

So, if you are paranoic like me or if you are surrounded by sharks .. like me .. feel free to use this script to protect your work from "accidental" change.

Update: Its acctually a good thing to repeat some of the codes, because the fact that every code is different from any other incresses the probability of cracking!
#!/usr/bin/perl -w

use strict;

die if !(@ARGV);

my @codes = qw(61 31 21 1 44 16 21 11 7 9 37 39 33 3 2 1 0 32 51 41 10
+);

open TARGET,"$ARGV[0]";
open NEW,">$ARGV[0]\.c";

print NEW "#include <EXTERN.h>\n#include <perl.h>\n\n";
print NEW "extern void xs_init();\n";
print NEW "static PerlInterpreter *perl;\n\nvoid main() {\n";
print NEW "        int execute[] = {";
my $total = 0;
my $counter = 0;
my $beginning = 1;
while(<TARGET>) {
    my @tmp = split //,$_;
    $total += $#tmp;
    for(my $i=0;$i<=$#tmp;$i++) {
        my $check = $tmp[$i];
        if($beginning) { $beginning = 0;
                   $tmp[$i] = ord($tmp[$i])+$codes[$counter];
                   print NEW $tmp[$i];
        }
        else { 
            $tmp[$i] = ord($tmp[$i])+$codes[$counter];
            print NEW ",".$tmp[$i];
        }
        $counter++;
        $counter = 0 if $counter>$#codes;
    }
    $total++;
}

print NEW ",0};\n    int i = 0;\n    int codes[] = {61,31,21,1,44,16,2
+1,11,7,9,37,39,33,3,2,1,0,32,51,41,10};\n        char *embedding[] = 
+{ \"\",\"-e\",\"0\" };\n";
print NEW "    char str[".$total."];\n";
print NEW "        int count = 0;\n";
print NEW "    while(execute[i]!=0) {\n                str[i] = (char)
+(execute[i] - codes[count]);\n";
print NEW "                i++;\n              count++;\n             
+     if(count>40) count=0;\n        }\n        str[i]='\0';\n";
print NEW "    perl = perl_alloc();\n        perl_construct(perl);\n  
+      perl_parse(perl,xs_init,3,embedding,NULL);\n        perl_run(pe
+rl);\n        eval_pv(str,TRUE);\n        perl_destruct(perl);\n  per
+l_free(perl);\n}";

close TARGET;
close NEW;

open MAKE,">make";
my $name = $ARGV[0];
print MAKE "perl -MExtUtils::Embed -e xsinit -- -o perlxsi.c ";
while(shift @ARGV) { if($ARGV[0]) { print MAKE $ARGV[0]," "; } }
print MAKE "\n";
print MAKE "cc -c perlxsi.c `perl -MExtUtils::Embed -e ccopts`\n";
print MAKE "cc -c $name\.c  `perl -MExtUtils::Embed -e ccopts`\n";
print MAKE "cc -o exe perlxsi.o $name\.o `perl -MExtUtils::Embed -e ld
+opts -- -std DynaLoader `\n";
`chmod 700 ./make`;
close MAKE;

Comment on Transformation
Download Code
Re: Transformation
by Anonymous Monk on Jan 28, 2002 at 16:35 UTC
    How about saving us from ourselves?
    my @codes = qw(61 31 21 1 44 16 21 11 7 9 37 39 33 3 2 1 0 32 51 41 10 +); my %codes; $codes{$_}++ for @codes; $codes{$_} > 1 ? die "You can't have two of `$_'" : 1 for @codes;
    :)! ( my testing code)
    $>perl -e"@a=qw, 1 23 354 3 3 2 2 3 1134 ,;$a{$_}++ for @a;$a{$_}>1? d +ie 'hey there STUPID '.$_:1 for @a" hey there STUPID 3 at -e line 1.
      this is the most stupid thing I'v ever heard of, you would actualy help crackers. The fact that there are no two same digits eliminate the number of possibilities thus rendering cracking much easier. Sorry, man, but you missunderstood the point!
Re: Transformation
by Juerd (Abbot) on Jan 28, 2002 at 18:48 UTC
    Security through obscurity is BAD and EVIL.

    Anyway - if you want an executable, use perlcc. perlcc will create faster executables that will also not be easy to read :)

    But I still ++ your post, because I haven't seen such a script before and I think originality should be rewarded.
    Update - After voting ++, the rep on his node was -2. Why? It's his very first useful contribution. Does anyone care to explain? Or are some people voting based on his personality? (Note: I don't like him or his trolling either, but that's no reason to downvote this particular post)

    2;0 juerd@ouranos:~$ perl -e'undef christmas' Segmentation fault 2;139 juerd@ouranos:~$

Re: Transformation
by talexb (Canon) on Jan 28, 2002 at 19:33 UTC
    As a matter of code cleanliness, it's important to add or die "Some message: $!" after your open statements. This will save the sanity of you and your users.

    You could also use heredocs when writing to both the NEW and MAKE file handles -- this would make the code easier to read, and would also mean you don't have to wrry about escaping all of the various magic characters. Try it -- you'd be amazed at how much cleaner the code will look. Easier to maintain, too.

    --t. alex

    "Of course, you realize that this means war." -- Bugs Bunny.

Back to Code Catacombs

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: sourcecode [id://142042]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others chilling in the Monastery: (7)
As of 2014-12-21 02:57 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    Is guessing a good strategy for surviving in the IT business?





    Results (101 votes), past polls