It's strange, you even mention it yourself:
Source code is also obfuscated using a simple key to avoid extracting the string from the executable.
And in the home page, perhaps missed, was:
Takes a single perl script, converts the block using a simple encoding with an optionally defined key.
Which you can see from the usage involves the '-key' option.
-key <str> Specify key for encode/decode of embedded script
So your claim that the source code is provided intact is false.
And yes, it's weak encryption. Clearly if someone wants to attack an obfuscation like this, they'll do some sort of runtime attack rather than try to decode the script.
You also state:
"Finally, there's an implicit claim that an executable can be made from the generated .c file, but it's not obvious how to do that"
And again, from the usage:
-exe <exec> Compile the code into an executable
I think that's pretty simple
But to help make it clearer, I've added the compilation command to the comments at the top of the C output. |