http://qs321.pair.com?node_id=340773


in reply to Re: Re: Decompile Perl2EXE back to original source
in thread Decompile Perl2EXE back to original source

Ok, I did not realize it was storing opcodes and not perl. Interesting.

Anyway, this is still assuming the opcodes are there as opcodes...it could (well it could do anything) store them encoded in some format as a weak attempt at obfuscation. I don't think you can run -MO=Deparse directly on a PAR executable either (or can you?).

  • Comment on Re: Re: Re: Decompile Perl2EXE back to original source

Replies are listed 'Best First'.
Re: Re: Re: Re: Decompile Perl2EXE back to original source
by diotalevi (Canon) on Mar 30, 2004 at 02:08 UTC
    You further misunderstand. That is how perl itself and those modules work. Whether perl2exe includes source or a serialized form of the optree is unknown to me. I'd guess it stores source though since that's at least doable.
[reply]
      No, I don't really misunderstand -- but perhaps you misunderstood my reply. Yes, it may include source or an optree, but that is not preventing some sort of encoding in the internal representation, as an attempt to prevent reverse engineering at some trivial level. I'm not the greatest of C hackers, though I am one of some regard, and I would have done something to make opcode (or source) extraction non-trivial. Many of these support some form of Crypt voodoo, as say the docs.
[reply]
        Oh I'm sure of that. The perl2exe reference I saw online mentioned that some versions just XOR the source against some key and had a step-by-step instruction process for extracting the source.
[reply]

In Section Seekers of Perl Wisdom