Beefy Boxes and Bandwidth Generously Provided by pair Networks
Perl-Sensitive Sunglasses
 
PerlMonks  

Learning from Obfuscation

by flyingmoose (Priest)
on Jan 23, 2004 at 14:37 UTC ( [id://323567]=perlmeditation: print w/replies, xml ) Need Help??

Perl Obfuscation is more of a game, per se, but perhaps there is something that can be learned from it. I'm stating this, simply enough, because I have yet to uncover any basic guides to the obfuscation techniques and/or thought processes employed on this forum.

I'd like to understand them. I can understand everyone's "regular" code, perfectly well, but I'm lost when it comes to reading "ugly" Perl code, pretty much because my brain doesn't want to overcome the pain threshold. I can see how writing some sort of interpreter would help in writing these obfuscations, but then the interpreter source is pretty darn obscure too, so that doesn't appear to be the route most folks take.

My question is this...would anyone like to provide a basic guide or a few short examples on obfuscation techniques, or otherwise unravel (section by section) a few sample obfuscations, or take some normal basic Hello World code and show a few obfuscations being applied? Possibly with a few contrasting techniques? I'm not doing this to enter the "obfuscation contests" on Perl Monks, I just think there is some really interesting/bizarre thought processes going on, and it's a shame if the obfuscations are posted without details.

Again, obfuscations have no value in commercial programs, in major projects, or even throwaway scripts...but I feel that I'm missing something essential without some basic ability to grok the evil dark corners of the Perl. I want to go there. Take me to the dark corners....

Also, random (and insane) question -- why isn't there any Lisp obfuscation? It seems writing an entire program out of nothing but parenthesis all on one line would have some EXCELLENT chances at giving us a run for our money. Sure, it would be longer, but probably even harder to grok.

Replies are listed 'Best First'.
Re: Learning from Obfuscation
by domm (Chaplain) on Jan 23, 2004 at 14:59 UTC
Re: Learning from Obfuscation
by Abigail-II (Bishop) on Jan 23, 2004 at 15:13 UTC
      While those sites are nice (and somewhat informative -- abigail's page is especially good and shiny!), I think I'm still not grasping the thought process. It's like "try this, or try that", or "this does this and that does this". That's all well and good, but how did you decide to try this and try that?

      "Why?" is my question, the "How" is usually less interesting to me... That is "Why was this approach chosen" rather than "How does this particular approach work". Perhaps the answer is evolutionary, and "why" is "because it works" and "because someone else tried this and I changed it", in which case it's not possible to approach this from my Software Design mentality and these things must instead be created out of a different thought process.

      On the other hand, maybe my brain would just explode and I don't need to know :)

        It's like "try this, or try that", or "this does this and that does this". That's all well and good, but how did you decide to try this and try that?

        I addressed this in the first JAPH talk I gave. It went like First you get an idea, then you work out the details. Getting the idea can come from many sources: studying the manual page, reading Perl forums like comp.lang.perl.misc, p5p, The Perl Journal, or from IRC. If you look at my first set of slides, there's a section labelled "The making of a Japh". It discusses the process that started with seeing someone use &%%hole in a non-Perl related usenet group and ended with the Japh:

        split // => '"'; ${"@_"} = "/"; split // => eval join "+" => 1 .. 7; *{"@_"} = sub {foreach (sort keys %_) {print "$_ $_{$_} "}}; %{"@_"} = %_ = (Just => another => Perl => Hacker); &{%{%_}};
        (The code above will not always work correctly with 5.8.1 or later).

        Abigail

Re: Learning from Obfuscation
by hardburn (Abbot) on Jan 23, 2004 at 16:22 UTC

    Pretty much by definition, Obfu is free-form and lacks any set, rational design. Though there is certainly an underlieing thought processes, it likely varies widely from programmer to programmer, and each person may not be conciously aware of it.

    As for obfu LISP, I'd be surprised if there wasn't such a beast. There may not be actual obfu contests like there are for Perl and C, but I'm sure somebody has tried making obfu LISP on purpose. Frell, I've made some lines of obfu Java back when I was programming that language a lot. If it can be done in Java, it can be done anywhere.

    ----
    I wanted to explore how Perl's closures can be manipulated, and ended up creating an object system by accident.
    -- Schemer

    : () { :|:& };:

    Note: All code is untested, unless otherwise stated

      Any Java app over a couple hundred files is automatically obfuscated, that's just the way the language works (over encouraging inheritance hierachies when they don't make sense, way too many objects, non-data-driven constructs,"thick" connections and inflexible interfaces, lots of object-interdependancies, etc). The Java API is assuredly an obfuscation masterwork! It's Politically Correct Sphagetti (sp) coding and it's well loved by bad coders everywhere! Yes, in Java, bad coders can keep their jobs!

      Postulated: Any sufficiently large java program is indistinguishable from Chaucer's Canterbury Tales

      I may have to start the obfu-Lisp competition now. Lots of Insignificant Parenthesis = fun :)

        Any Java app over a couple hundred files is automatically obfuscated,

        But I could do it in just a few lines! Not that hard, really--just chain a bunch of method calls with short names. The hard part is finding a series of Java method calls with short names.

        ----
        I wanted to explore how Perl's closures can be manipulated, and ended up creating an object system by accident.
        -- Schemer

        : () { :|:& };:

        Note: All code is untested, unless otherwise stated

      As for obfu LISP, I'd be surprised if there wasn't such a beast. There may not be actual obfu contests like there are for Perl and C, but I'm sure somebody has tried making obfu LISP on purpose.
      I did a couple of Google searches, and it seems that there's not really any obfuscated Lisp out there. Maybe it was so horrendous that the authors couldn't in good conscience unleash it on the world.

      Plus, it seems that Lisp obfuscations would generally consist of "Hey! Let's add more parentheses!" One of the great things about Perl obfuscation is that you can use so many cryptic non-alphanumeric characters.

      I think Lisp hackers tend to prefer writing things like quines and polyglots in their spare time.

      I considered downvoting you for using Farscape swear words, but thought better of it :) (just kidding folks, move along!)

        Bah, what kind of dren is that? :)

      If it can be done in Java, it can be done anywhere.
      Even Python? :)
Re: Learning from Obfuscation
by dbwiz (Curate) on Jan 23, 2004 at 23:28 UTC
Re: Learning from Obfuscation
by Mr. Muskrat (Canon) on Jan 24, 2004 at 03:01 UTC
    To truly understand obfuscation, you have to be able to break any piece of code down to it's simplest form. And it doesn't hurt if you can think like perl. (Learn the operators, functions, and precedence).
Re: Learning from Obfuscation
by Anonymous Monk on Jan 26, 2004 at 03:35 UTC

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: perlmeditation [id://323567]
Approved by jdtoronto
Front-paged by Courage
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others examining the Monastery: (4)
As of 2024-03-29 11:10 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found