Beefy Boxes and Bandwidth Generously Provided by pair Networks
Just another Perl shrine

Re: is it irreversible

by Anonymous Monk
on Mar 14, 2003 at 13:35 UTC ( #243019=note: print w/replies, xml ) Need Help??

in reply to Re: Here is a commercial obfuscator
in thread Here is a commercial obfuscator

Yes, you can analyze what the code does in such a short pieces of code like this. But will you be able to study the 500kb of obfuscated perl source of some app written in Perl - e.g. spamassaassin? Definitely no - it will take a lot of time. Anyway this is a *real* solution compared to Acme::* stuff that was written mainly for fun.

Replies are listed 'Best First'.
Re^2: is it irreversible
by diotalevi (Canon) on Mar 14, 2003 at 13:39 UTC

    I think that if the primary benefit of this script is to rename all the meaningful symbols away then I can do that just as well using my text editor's replace-all function. I get that for free.

    Seeking Green geeks in Minnesota

      Won't work - it's terribly time-consuming and difficult since only perl can parse Perl. How do you plan to continue development (say there appeared a need in some new feature) after you've obfuscated you sources? :)

        You don't think I'd obfuscate the sources I planned to distribute Edit [ work with ] do you? That'd be nuts. Anyhow, this would happen two ways - most of the time it doesn't matter that only the perl lexer/parser can completely parse perl. If the source is written correctly the first time then its trivial to do the first two of the major obfuscations - symbol renaming and text string encoding. I think that if I were serious about having "obfuscated code" I'd hack up B::Deparse (exempting BEGIN blocks which would have to be done by hand or another method) so that it did all the work for me anyhow which alleviates all the problems you've described.

        Seeking Green geeks in Minnesota

        it's terribly time-consuming and difficult since only perl can parse Perl

        cperl-mode comes darn close. I've seen it fooled a couple of times, but it's very rare. Almost all of the Obfuscated Perl Competition winners are correctly syntax-highlighted by cperl-mode, and excepting some disagreement between it and me about the correct indentation of lines that start with the catenation operator (I want subsequent ones to line up, and it indents each one further than the previous), automatically indented as well.

        cperl-mode, for those who don't know, is written in lisp, of course, and comes with Emacs.

        for(unpack("C*",'GGGG?GGGG?O__\?WccW?{GCw?Wcc{?Wcc~?Wcc{?~cc' .'W?')){$j=$_-63;++$a;for$p(0..7){$h[$p][$a]=$j%2;$j/=2}}for$ p(0..7){for$a(1..45){$_=($h[$p-1][$a])?'#':' ';print}print$/}
Re: Re: is it irreversible
by kodo (Hermit) on Mar 14, 2003 at 13:44 UTC
    Uhm well they want 1879$ for that tool. Really funny I guess you won't need more than some hours to write something much more obfuscating.
    Just rename all vars back to something more readable like $var_1 etc, and it's pretty readable I think.
    Of course it makes it a bit more hard to study the code but it's definitly not even worth 100$.

    kodo (

      I guess that depends on whether you put a dollar value on the time it takes to write that - I suppose the 1K-2K price might be reasonable if the perl programmer is somehow braindead and it'd take a long time to write (more than a few hours) or if the programmer has a high value at which point either something obvious and simple will arise or its just worth the money to buy a license.

      Just keep in mind through all this that there are other considerations outside of mere price tag.

      Seeking Green geeks in Minnesota

      I guess the development of this suite took more than a couple of weeks. So the price may look perfectly justified for some.
What would I want to study obfuscated software for?
by crenz (Priest) on Mar 14, 2003 at 15:07 UTC

    But will you be able to study the 500kb of obfuscated perl source

    Now, I won't, and I wouldn't want to, either. To be frank, the projects I am working on usually have tight budgets and schedules. It would simply cost too much time to wait for some external company to make the necessary changes to their software to suit our needs. Therefore, I rather rely on open-source software (be it free or commercial) with known code quality to make sure I can meet my deadlines.

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://243019]
and all is quiet...

How do I use this? | Other CB clients
Other Users?
Others surveying the Monastery: (5)
As of 2017-05-26 15:25 GMT
Find Nodes?
    Voting Booth?