Ode for getprotobyname

by ambrus (Abbot)
on May 03, 2005 at 09:42 UTC

getprotobyname y format quotemeta getprotobyname waitpid rand fileno join values our getprotobyname readline time q map or for getprotobyname print for qpgbeiatbhmneymnrehickmn x getprotobyname icmp

Update: posted the obfu generator for this obfu.

Re (Obfu generator for): Ode for getprotobyname
by ambrus (Abbot) on May 04, 2005 at 20:53 UTC

    Here's an example of a version that prints a newline after the message (I realized this was possible only after the post.)

    getprotobyname y for sysopen warn unless getprotobyname study wait eof log getprotobyname join until xor symlink for getprotobyname print for jtmpougawhlnielnrihucdlny x getprotobyname icmp

    Below I include the program that generated more of this kind.

    The obfu generator creates obfus in an infinite loop, and logs them to the file a. I have then selected an obfu from them that looks nice, and did some postprocessing on it. This is how I've got the above obfu.

    The code is not really maintainable, as it was supposed to be run only once. Also, this is not the original code, I did some fine-tuning and a bugfix since when I've posted the original thread.

    Anyway, here are some spoilers about how it works.


    The magic is in the back subroutine. It applies the inverse of a tr transformation to the message. Most of the times, this fails because some character in the message can not be generated. The code looks like this because this subroutine was a one-liner at once, then I found it's difficult to create a japh even with it. This is why I've written the rest of the code, which throws together keywords at randon, calls back on them, and logs the result on success. There are three constraints on the keywords though. The first is of course getprotobyname. The second is that there have to be three keywords with a letter f in each, the last one being for (why?). The third one is to always include join (the only keyword with j). I've added this third constraint so that the j in the long string would often be encoded (it's not in the above example, but it is in the original obfu).

    Update: retitled.

    Update 2006 Jun 27: should you need tons of obfus of this kind very fast, the thread The indisputable speed of tr/// contains hint on how to make this obfu generator faster.

Re: Ode for getprotobyname
by Roy Johnson (Monsignor) on May 04, 2005 at 21:38 UTC
    Fiendishly clever. I've modified it to give the canonical JAPH. It's a little bit of a giveaway; maybe it could be masked better.
    getprotobyname y format s quotemeta getprotobyname waitpid rand (fileno), join values our getprotobyname readline time q map or for getprotobyname print for JpgbeiatbhmnePmnrehickmns x getprotobyname icmp

Node Type: obfuscated
Approved by grinder
Front-paged by grinder
