Beefy Boxes and Bandwidth Generously Provided by pair Networks
Perl: the Markov chain saw

Obfuscation: Text munging techniques

by FoxtrotUniform (Prior)
on Aug 09, 2002 at 17:18 UTC ( #188973=perlquestion: print w/replies, xml ) Need Help??

FoxtrotUniform has asked for the wisdom of the Perl Monks concerning the following question:

Caution: A bit spoily for Ceci n'est pas un obfu. You was warned.

In Ceci n'est pas un obfu, my first real obfuscation, I started with a bunch of source text and transformed it to what I wanted to eventually print out. Aside from one moderately clever technique, this transformation was done by a bunch of jumbled trs. Acceptable once, maybe, but not three times in the same obfu. Unfortunately, I couldn't come up with anything better.

What other ways have people come up with to munge text in obfuscated code?

F o x t r o t U n i f o r m
Found a typo in this node? /msg me
The hell with paco, vote for Erudil!

Replies are listed 'Best First'.
Re: Obfuscation: Text munging techniques
by jynx (Priest) on Aug 09, 2002 at 18:33 UTC

    A few more ways to do it:

    • Build functions that will create the text when given certain input. vis-a-vis this by jake.
    • Fluff the text and weed out extraneous information a la this by gmax (which is the spoiler to this.)
    • Use built-in or standard off-site strings to construct the string without actually showing which strings you're constructing from (two examples being here and here; caveat to those using eval to generate strings -- error messages are not necesarily ubiquitous).
    • Format the text in an interesting way such as this obfu by Len.
    • Just give the text (reasonably) straight-forward (like Dominus does here) because no-one can figure out what you're doing with it anyway :)
    • trivially: you can bit-or, bit-and, or bit-xor the text to other text to hide what your original string is (ie this), just know that it's not a very good obfu technique by itself (there are much better examples of this one, i just don't have the time to search for one right now; it will hopefully be updated in the future...)
    Just a few suggestions, hopefully they help more than hurt...


    PS: please feel free to /msg me with what you think are better examples for any of the points above (i didn't spend too much time searching...)

    Update: added a trivial case and moved around some text to make it more readable...

      Just give the text (reasonably) straight-forward (like Dominus does here) because no-one can figure out what you're doing with it anyway :)
      To me, this is the heart of obfu -- find some interesting or unexpected Perl behavior, and use it as the core of the obfu. Sure you can uuencode your text, or replace all the variables with punctuation vars, but for taking the time to unravel these things, the reader deserves to be rewarded with some nugget of "aha".


Re: Obfuscation: Text munging techniques
by Chady (Priest) on Aug 09, 2002 at 17:44 UTC

    Well, not very cryptic, but in 3D Japh I sorta had the ASCII art thing and mapped it onto diffrent characters. If you check it out, you'll see this:

    1. the DATA line is a bunch of encoded characters, lines are seperated by ; and elements seperated by :
    2. after that, each element that matches ^0(\d+)$ is like '0' x $1, the other elements are just as is.
    3. now we have the screen, so we translate that back to the real character set using a tr and print it.

    same technique used in 3D JAPH II (animated).. not quite clever too, but I had fun coming up with it.

    He who asks will be a fool for five minutes, but he who doesn't ask will remain a fool for life.

    Chady |
Re: Obfuscation: Text munging techniques
by vladb (Vicar) on Aug 09, 2002 at 17:45 UTC
    This is a nice piece of obfuscation.

    One way I would go about 'improving' it (err.. obfuscating it further) is remove the warnings (-w) option and 'strict' pragma. This will allow you to do a number of illegal moves and get away with it relatively clean. One thing I'll do is remove all occurances of the 'my ' declarations, they will no longer be needed. You could also look at replacing lengthy and rather descriptive variable names with something less readable.

    Update: I'm not sure if this change would be most applicable if you were to write a japh, but you could also replace this:
    $magritte = pack q\C4\, split /,/, qq; 80, 101, 114, 108; ;
    with just:
    $magritte = "\u$^X";
    Initially, the former line looked to me quite obvious. However, as I look at it now.. the updated line doesn't seam as puzzling either. ;/ Oh, well, as I said, it might be good for a japh.

    # Under Construction

      OTOH, writing under warnings/strict is somwhat harder. It keeps you from using some tricks, and makes you either "my" your vars, or use vars that are exempt, which mostly means magic vars from perlvar... which, in turn, sometimes clues you in on "interesting" uses of them, such as relying on obscure defaults for things like $;, or using $, instead of join.

      Confession: It does an Immortal Body good.

Re: Obfuscation: Text munging techniques
by kschwab (Vicar) on Aug 09, 2002 at 17:47 UTC
    Mundane, but...: I look forward to seeing more clever repsonses :)
Re: Obfuscation: Text munging techniques
by jryan (Vicar) on Aug 09, 2002 at 22:55 UTC
    Replace recognizable pieces of code with stuff that does the same thing. Try to remove constants and temporary variables as much as possible, since they'll jump out at the viewer as something recognizable among all of the "junk". For instance, instead of
    $var =~ s/[a-z]//g; print $var;
    you could do:
    eval qq|@{[print=>q<grep!y,\x61-\x7a,,,split''>]}|
    Sure its longer, but how many people can guess what it will do by first glance? :)
Re: Obfuscation: Text munging techniques
by fsn (Friar) on Aug 09, 2002 at 20:47 UTC
    I used Huffman coding, but in the end it's just a cheap trick with ord and char. See the node Huffman once again. I'm embarrased by the fact that I gave away the solution in the title already. But the hints from jynx are a great introduction to obfuscation, I think. Also, see jynx's homenode.
Re: Obfuscation: Text munging techniques
by sauoq (Abbot) on Aug 12, 2002 at 01:16 UTC
    A ++ for starting this thread. Some of the replies have been enlightening. My own attempts at obfuscation are pretty juvenile so reading the links below won't spoil much of anything. :-)

    In FWIW II I used a golfed version of the solution I suggested in my reply to this thread about a simple polyalphabetic cipher.

    "My two cents aren't worth a dime.";
Re: Obfuscation: Text munging techniques
by Anonymous Monk on Aug 11, 2002 at 17:20 UTC
    when i want to obfuscate my code, i use Perl. done! but for extra-strength obfuscation, rot-13 the source not once, but twice!

Log In?

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: perlquestion [id://188973]
Front-paged by TStanley
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others having an uproarious good time at the Monastery: (4)
As of 2022-08-15 01:15 GMT
Find Nodes?
    Voting Booth?

    No recent polls found