Welcome to WebmasterWorld Guest from

Forum Moderators: coopster & jatar k & phranque

Message Too Old, No Replies

Has any used perl encryption tool ...



12:49 pm on Sep 29, 2003 (gmt 0)

10+ Year Member

Has any one expiraince with the perl source code encryption tool named: Perlguardian from www.wcws.net/ or www.Perlguardian.com

Im thinking of buying it but it aint cheap and its time limmited ..

Do any know if the price is fair for this servie?
and has any used it or is using it?

all info is welcome ..


1:12 pm on Sep 29, 2003 (gmt 0)

10+ Year Member

I haven't used the application but would suggest that you take a look at some example output from the application before making a decision on whether this is the right tool for you to use.

I have yet to see a Perl obfuscation engine that I haven't been able to reverse engineer and this may very well be the one that beats me. The problem is you have no idea as you can not see any sample output.

I use a similar style system though not for anti piracy reasons as I truly believe there will always be someone who can reverse engineer ANY protection system.

I use the following to reduce support calls from customers who change code, therefore leading to it breaking.

I compile a Perl script to an executable binary file using PP.

Info at CPAN - [search.cpan.org...]

On top of that and prior to compiling the script to an executable file I do have a licencing check that looks at the $ENV and runs a check there.

You may wish to only allow the application to run on certain IP addresses

You may wish to only allow the application to run on certain domain names

You may wish to have the application call your licencing server once per run to ensure legitimate use? (think about using Sockets or LWP)

All of the above are possible ways of getting to where I "think" you want to be without spending large amounts of money.

I hope it helps :)

Jason Duke


2:04 pm on Sep 29, 2003 (gmt 0)

10+ Year Member

here is a peace of there sample ..
it should be the simpel hello script encrypted

can you read this?


my $df = q~M"@D)=7-E($1I9V5S=#HZ340U.PH*"0DD;&EC96YS95]K97D@/2`B,SEE-64S


2:07 pm on Sep 29, 2003 (gmt 0)

10+ Year Member

it helps a lot thanks Jason ..

the above code used md5 or something...


4:00 pm on Sep 29, 2003 (gmt 0)

10+ Year Member

Hi StopSpam.

I am afraid the sample you posted doesn't run as is.

If you can post an example fully obfuscated script that runs then I can see if it is trivial or not to de obfuscate it.




3:13 pm on Oct 2, 2003 (gmt 0)

WebmasterWorld Administrator brett_tabke is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

there is also a module called "filter" that will get all but the most dedicated code monkeys.


11:19 pm on Oct 2, 2003 (gmt 0)

10+ Year Member

Another free module:

Please backup your script before using it, as I am afraid there is no easy way to decrypt after it's "bleached".

$ perldoc Acme::Bleach

use Acme::Bleach;
print "Hello world";

The first time you run a program under "use Acme::Bleach",
the module removes all the unsightly printable characters
from your source file. The code continues to work exactly
as it did before, but now it looks like this:

use Acme::Bleach;


2:47 pm on Oct 3, 2003 (gmt 0)

10+ Year Member

The only problem with Acme::Bleach is the script is suddenly non portable :)

It's a great and hugely funny Perl Module but no way usable to distribute intellectual property to 3rd parties


4:41 pm on Oct 3, 2003 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member

You can use the free version of perl2exe (works with 5.8.0) to create PE (windows) or ELF (*nix) binaries (i.e., for whichever one your server is running).

A person would have to hex-dump the binary to get the Perl script back if I'm not mistaken. It prints out a little 'made with' thing in the free version though. But if you use the paid version (it's only $10 or $15 if I recall), then no one would even know it was Perl because it doesn't have the nag thing.

You'd also have to make sure that your server allows for binary CGIs. Apache2 does by default and I think 1.3 does as well; just stick the binary in cgi-bin and (on windows) cut off the .exe extension and you're set.

That's the easiest, cheapest thing I can think of.



5:41 pm on Oct 3, 2003 (gmt 0)

10+ Year Member


Perl2Exe has a GPL competitor in PP.

Link above and works (from my tests) better as well.


9:01 pm on Oct 3, 2003 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member

Thanks Jason, I missed the link before. Trying it out right now and looks good.

So far the binary sizes have been about the same (windows target), least for the couple files I've converted so far; but free and open is always more fun, and it has a nicer default icon to boot! ;)

There is one big problem so far though -- I can't seem to get it to work with Apache2...it dies with the error:

[Fri Oct 03 13:39:41 2003] [error] [client] C:\path\to\cgi-bin\binary: creation of /\par_priv.1800.tmp\perl58.dll failed - aborting with 2.

I am thinking it's the stupid windows directory backslashes causing the extract path to be interpreted as "/par_priv.1800.tmpperl58.dll" :(

Any idea if that the is problem or how to fix?



7:31 am on Oct 4, 2003 (gmt 0)

10+ Year Member

Hi Monkeesage.

I'll be perfectly honest as I haven't tried the ouput binary on Apache 2 on Windows butit does sound like a blackslash problem.

Out of curiosity does the binary run at the command line?

Off topic(ish) is that using Perl2Exe will probably not give the security that is required as it is trivial to reverse engineer it using XOR


Featured Threads

Hot Threads This Week

Hot Threads This Month