Beefy Boxes and Bandwidth Generously Provided by pair Networks
Don't ask to ask, just ask

Re: Malicious Perl Scripts & Web Development

by Lotus1 (Vicar)
on Apr 12, 2019 at 19:04 UTC ( #1232507=note: print w/replies, xml ) Need Help??

in reply to Malicious Perl Scripts & Web Development

As long as there isn't any personal or corporate information included in the script it should be fine to paste it here. You could add a warning that it's potentially malicious and include it inside code tags like this:  <code> ... </code>. Since you posted anonymously you can't edit your node and you'll have to post it in a new one.

If it is obfuscated it might be difficult to tell what it contains. In that case you could use Perl's B::Deparse module to deparse it and get an idea of what the script would do without actually running it. Here are some examples: Debunk Perl's magic with B::Deparse, 804232

Try this:

perl -MO=Deparse

Replies are listed 'Best First'.
Re^2: Malicious Perl Scripts & Web Development
by webdev419 (Initiate) on Apr 12, 2019 at 19:31 UTC

      Interesting. I'll let the Monks who are more experienced with web development comment overall but I noticed the print decode_base64("PHNj.... and decided to try to decode it. It is some JavaScript(?) that has been encoded. It seems to just be doing keyword color highlighting for some program code. I first used a webpage to decode it and then the following script.

      The result is:

      I reformatted it slightly to try to make sense of it but I don't have the time or patience to take this any further. Good luck.

Log In?

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://1232507]
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others meditating upon the Monastery: (3)
As of 2022-11-29 00:21 GMT
Find Nodes?
    Voting Booth?