Beefy Boxes and Bandwidth Generously Provided by pair Networks
There's more than one way to do things
 
PerlMonks  

Re^13: What happened to perlcc?

by daveola (Acolyte)
on Mar 02, 2011 at 11:22 UTC ( #890962=note: print w/replies, xml ) Need Help??


in reply to Re^12: What happened to perlcc?
in thread What happened to perlcc?

I don't know what you mean by "one gets back"..

If you could give me a set of commands that I can run on an executable where I can "get back" the original script, I'd love to hear about it!

Because the script is NOT intact in the executable, it is encrypted. This is, of course, assuming that you are using the standard definitions for words like 'encrypted' 'intact' and 'not'.. YMMV.

Replies are listed 'Best First'.
Re^14: What happened to perlcc?
by ikegami (Pope) on Mar 02, 2011 at 15:49 UTC

    I don't know what you mean by "one gets back"..

    We're talking about whether the program is obfuscated or not. I said it's not, it's available intact in «block».

    Because the script is NOT intact in the executable

    In the binary image? Never said it was.

    If you could give me a set of commands that I can run on an executable where I can "get back" the original script, I'd love to hear about it!

    Step to the call to eval_pv. Print the argument.

    Alternatively, change the call to eval_pv to a call a call to printf and run the program.

    it is encrypted

    I've head of self-extracting archives, but self-decrypting encryption? That's laughable!

    This is, of course, assuming that you are using the standard definitions for words like 'encrypted' 'intact' and 'not'..

    It's the third time you've used this baseless infantile attack. Move on.

      ikegami,
      I have spent 60 seconds reading your back and forth. I think what you are being asked to do is take the native executable after conversion and from that alone produce the original perl script. If you are saying that is trivial to do without a decompiler or running the executable through a debugger than I am interesting in understanding how. Do you have the time to take a 'hello, world' script, run it through this converter, and then show the steps you took from that point to get the original script back?

      Cheers - L~R

        $ perl perlc.pl a.pl -key password -exe a Out: a.c Exe: a $ gdb a ... (gdb) start Temporary breakpoint 1 at 0x8062cc5 Starting program: /tmp/eric/b/a Temporary breakpoint 1, 0x08062cc5 in main () (gdb) disassemble Dump of assembler code for function main: ... 0x08062df0 <main+302>: movl $0x1,0x4(%esp) 0x08062df8 <main+310>: movl $0x8167020,(%esp) 0x08062dff <main+317>: call 0x8075b30 <Perl_eval_pv> ... End of assembler dump. (gdb) break *0x08062dff Breakpoint 2 at 0x8062dff (gdb) continue Continuing. Breakpoint 2, 0x08062dff in main () (gdb) printf "%s", 0x8167020 # Super secret! print("Hello World\n");

        Took me 6 minutes to figure out, and I've never used gdb or this assembler language.

        If bleached, follow up with unbleach.pl.

        Update: Oops, I have used gdb to get a backtrace of a segfaulting process. I never used any of the commands uses here, though.

        If you are saying that is trivial to do without a decompiler or running the executable through a debugger

        No, I'm saying it's trivial with one. The entire source code is available after stepping over two statements! It should also be simple to write an extractor.

        And that's assuming the .c is not available. If you have the .c, just change the call to eval_pv to a call to printf.

        Do you have the time to take a 'hello, world' script, run it through this converter, and then show the steps you took from that point to get the original script back?

        Will do. Gotta run to a meeting now.

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://890962]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others surveying the Monastery: (4)
As of 2020-04-05 03:03 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?
    The most amusing oxymoron is:
















    Results (33 votes). Check out past polls.

    Notices?