Im thinking of buying it but it aint cheap and its time limmited ..
Do any know if the price is fair for this servie?
and has any used it or is using it?
all info is welcome ..
I have yet to see a Perl obfuscation engine that I haven't been able to reverse engineer and this may very well be the one that beats me. The problem is you have no idea as you can not see any sample output.
I use a similar style system though not for anti piracy reasons as I truly believe there will always be someone who can reverse engineer ANY protection system.
I use the following to reduce support calls from customers who change code, therefore leading to it breaking.
I compile a Perl script to an executable binary file using PP.
Info at CPAN - [search.cpan.org...]
On top of that and prior to compiling the script to an executable file I do have a licencing check that looks at the $ENV and runs a check there.
You may wish to only allow the application to run on certain IP addresses
You may wish to only allow the application to run on certain domain names
You may wish to have the application call your licencing server once per run to ensure legitimate use? (think about using Sockets or LWP)
All of the above are possible ways of getting to where I "think" you want to be without spending large amounts of money.
I hope it helps :)
Jason Duke
can you read this?
#!/usr/bin/perl
my $df = q~M"@D)=7-E($1I9V5S=#HZ340U.PH*"0DD;&EC96YS95]K97D@/2`B,SEE-64S
M83,V-S@V9&$T,&5B.#$P,C,Y8S0Q8F-D,34B.PH)"21U<V5R7VYA;64@("`]
M(")S;VAA:6(B.PH)"21E>'!I<GE?9&%T92`]("(P-R\P,R\R,#`S(CL*"0DD
M=7)L(#T@(FAT='`Z+R]W=W<N;7EO=VYE;6%I;"YI;F9O(CL*"@D)*"1T:6UE
the above code used md5 or something...
I am afraid the sample you posted doesn't run as is.
If you can post an example fully obfuscated script that runs then I can see if it is trivial or not to de obfuscate it.
Cheers
Jason
Please backup your script before using it, as I am afraid there is no easy way to decrypt after it's "bleached".
$ perldoc Acme::Bleach
use Acme::Bleach;
print "Hello world";
The first time you run a program under "use Acme::Bleach",
the module removes all the unsightly printable characters
from your source file. The code continues to work exactly
as it did before, but now it looks like this:
use Acme::Bleach;
It's a great and hugely funny Perl Module but no way usable to distribute intellectual property to 3rd parties
A person would have to hex-dump the binary to get the Perl script back if I'm not mistaken. It prints out a little 'made with' thing in the free version though. But if you use the paid version (it's only $10 or $15 if I recall), then no one would even know it was Perl because it doesn't have the nag thing.
You'd also have to make sure that your server allows for binary CGIs. Apache2 does by default and I think 1.3 does as well; just stick the binary in cgi-bin and (on windows) cut off the .exe extension and you're set.
That's the easiest, cheapest thing I can think of.
Jordan
Perl2Exe has a GPL competitor in PP.
Link above and works (from my tests) better as well.
So far the binary sizes have been about the same (windows target), least for the couple files I've converted so far; but free and open is always more fun, and it has a nicer default icon to boot! ;)
There is one big problem so far though -- I can't seem to get it to work with Apache2...it dies with the error:
[Fri Oct 03 13:39:41 2003] [error] [client 127.0.0.1] C:\path\to\cgi-bin\binary: creation of /\par_priv.1800.tmp\perl58.dll failed - aborting with 2.
I am thinking it's the stupid windows directory backslashes causing the extract path to be interpreted as "/par_priv.1800.tmpperl58.dll" :(
Any idea if that the is problem or how to fix?
Jordan
I'll be perfectly honest as I haven't tried the ouput binary on Apache 2 on Windows butit does sound like a blackslash problem.
Out of curiosity does the binary run at the command line?
Off topic(ish) is that using Perl2Exe will probably not give the security that is required as it is trivial to reverse engineer it using XOR
