Beefy Boxes and Bandwidth Generously Provided by pair Networks
Perl-Sensitive Sunglasses
 
PerlMonks  

Re: Here is a commercial obfuscator

by diotalevi (Canon)
on Mar 14, 2003 at 13:25 UTC ( #243016=note: print w/ replies, xml ) Need Help??


in reply to Here is a commercial obfuscator

That is certainly not irreversible. The output from Stunnix Perl-Obfus is more perl code. Running the output from that program through B::Deparse and/or PerlTidy cleans it up nicely. All the symbols are still named oddly but that shouldn't be a challenge to any would-be source code reader.

So yes, it makes the source painful to work with. Its a fallacy to assert that it is irreversable.

require(File::Temp); my($z5da4d3837d, $zc11e41b4ef) = File::Temp::tempfile('UNLINK', 1); my $z9e5935eea4; if (@z6a703c020a) { my($z5a5fa8125d, $zcc158ad3e0) = File::Temp::tempfile('UNLINK', 1) +; print $z5a5fa8125d "=over 8\n\n"; die q[Can't print ] . $zcc158ad3e0 . ': ' . $! unless print $z5a5f +a8125d @z6a703c020a; print $z5a5fa8125d "=back\n"; die q[Can't close ] . $zcc158ad3e0 . ': ' . $! unless close *$z5a5 +fa8125d; @z8374cc586e = $zcc158ad3e0; $z9e5935eea4 = 1; } foreach $_ (@z8374cc586e) { my $z8348550157 = $_; my $zbea0aee021; if ($opt_t) { 'Pod::Text'->z8c2ed69c0e->z4afc07e0ef($z8348550157, $z5da4d383 +7d); } elsif (not $opt_u) { my $z1dfa4cd057 = catfile($z1387c3e117, $z9101bb5154) . (' --l +ax ' . $z8348550157 . ' | ' . $opt_n . ' -man'); $z1dfa4cd057 .= ' | col -x' if $^O =~ /hpux/; my $z7d70dd4ea9 = `$z1dfa4cd057`; $z7d70dd4ea9 = z3d52c17699($z7d70dd4ea9) if $z9e5935eea4; unless ($zbea0aee021 = $?) { die q[Can't print ] . $zc11e41b4ef . ': ' . $! unless prin +t $z5da4d3837d $z7d70dd4ea9; } } if ($opt_u or $zbea0aee021) { die q[Can't open ] . $z8348550157 . ': ' . $! unless open zf9d +3fbdfa8, '<', $z8348550157; my $z5f7e4d50b8 = 1; local $_; while (defined($_ = <zf9d3fbdfa8>)) { $z5f7e4d50b8 = $1 eq 'cut' if /^=(\w+)/; next if $z5f7e4d50b8; die q[Can't print ] . $zc11e41b4ef . ': ' . $! unless prin +t $z5da4d3837d $_; } die q[Can't close ] . $z8348550157 . ': ' . $! unless close zf +9d3fbdfa8; } }


Comment on Re: Here is a commercial obfuscator
Download Code
Re: is it irreversible
by Anonymous Monk on Mar 14, 2003 at 13:35 UTC
    Yes, you can analyze what the code does in such a short pieces of code like this. But will you be able to study the 500kb of obfuscated perl source of some app written in Perl - e.g. spamassaassin? Definitely no - it will take a lot of time. Anyway this is a *real* solution compared to Acme::* stuff that was written mainly for fun.

      I think that if the primary benefit of this script is to rename all the meaningful symbols away then I can do that just as well using my text editor's replace-all function. I get that for free.


      Seeking Green geeks in Minnesota

        Won't work - it's terribly time-consuming and difficult since only perl can parse Perl. How do you plan to continue development (say there appeared a need in some new feature) after you've obfuscated you sources? :)
      Uhm well they want 1879$ for that tool. Really funny I guess you won't need more than some hours to write something much more obfuscating.
      Just rename all vars back to something more readable like $var_1 etc, and it's pretty readable I think.
      Of course it makes it a bit more hard to study the code but it's definitly not even worth 100$.

      kodo (http://kodo.me.uk)

        I guess that depends on whether you put a dollar value on the time it takes to write that - I suppose the 1K-2K price might be reasonable if the perl programmer is somehow braindead and it'd take a long time to write (more than a few hours) or if the programmer has a high value at which point either something obvious and simple will arise or its just worth the money to buy a license.

        Just keep in mind through all this that there are other considerations outside of mere price tag.


        Seeking Green geeks in Minnesota

        I guess the development of this suite took more than a couple of weeks. So the price may look perfectly justified for some.

      But will you be able to study the 500kb of obfuscated perl source

      Now, I won't, and I wouldn't want to, either. To be frank, the projects I am working on usually have tight budgets and schedules. It would simply cost too much time to wait for some external company to make the necessary changes to their software to suit our needs. Therefore, I rather rely on open-source software (be it free or commercial) with known code quality to make sure I can meet my deadlines.

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://243016]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others browsing the Monastery: (9)
As of 2014-08-02 08:03 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    Who would be the most fun to work for?















    Results (55 votes), past polls