Security Basics mailing list archives

Re: scrambling perl source code

From: "Tim Greer" <chatmaster () charter net>
Date: Tue, 17 Jun 2003 20:31:06 -0700




From: "Dana Epp" <dana () vulscan com>
To: "Tim Greer" <chatmaster () charter net>; "Charles Lacroix"
<chuck () linuxquebec com>; <security-basics () securityfocus com>
Sent: Tuesday, June 17, 2003 6:09 PM
Subject: Re: scrambling perl source code

Hey Tim,

Even compiling it isn't enough. Its just as easy to use a decompiler and
then process it through some of perl's own back end translator routines
( -M0=Deparse etc) which can even de-obfuscate the code to some degree.
Although its better than doing "nothing", its not a far leap to get to the
sources from this stage with Perl.

I think following your thoughts at the end of your post (in looking for
alternatives) is a better way to go once we understand what Charles is
wanting to accomplish.


True, I've heard this, though I've not tried to do much in the way of this
method personally (I never had a reason to). I did test some stuff before
and didn't have much luck, but I only spent a few minutes on it, so it's not
surprising I didn't have any luck with it. Even so, depending on what
Charles wants, as we agree, someone could just perhaps use strings or
something to get the information that they want. As for the obtaining actual
code, could you do me a favor and provide me with some specific information?
I'd like to test some theories I have with that to see what I can do, or
deny people _from_ doing. Maybe it'll work. :-)
--
Regards,
Tim Greer  chatmaster () charter net
Server administration, security, programming, consulting.


---------------------------------------------------------------------------
Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts!
The Gartner Group just put Neoteris in the top of its Magic Quadrant,
while InStat has confirmed Neoteris as the leader in marketshare.
     
Find out why, and see how you can get plug-n-play secure remote access in
about an hour, with no client, server changes, or ongoing maintenance.
          
Visit us at: http://www.neoteris.com/promos/sf-6-9.htm
----------------------------------------------------------------------------

Current thread:

scrambling perl source code Charles Lacroix (Jun 17)
- Re: scrambling perl source code Tim Greer (Jun 17)
  - Re: scrambling perl source code Dana Epp (Jun 18)
    - Re: scrambling perl source code Tim Greer (Jun 18)
- Re: scrambling perl source code Dana Epp (Jun 18)
- Re: scrambling perl source code Benjamin A. Okopnik (Jun 18)