Perl2Exe Obfuscation Vulnerability

vendor:

Perl2Exe

by:

SecurityFocus

3.3

CVSS

MEDIUM

Obfuscation Vulnerability

N/A

CWE

Product Name: Perl2Exe

Affected Version From: N/A

Affected Version To: N/A

Patch Exists: NO

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2002

Perl2Exe Obfuscation Vulnerability

Perl2Exe is a tool used to convert Perl source code into an executable format. When the 'encrypt' option is selected, the source code is obfuscated using a reversible algorithm. However, this obfuscation can be reversed by using the known cipher and plain text to calculate the key, which can then be used to decrypt the unknown cipher.

Mitigation:

Disable the 'encrypt' option when using Perl2Exe.

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/6909/info

Perl2Exe obfuscates Perl source code using a reversible algorithm when converting it to an executable format. This occurs when the "encrypt" option is selected. Those who use Perl2Exe with the expectation that the source code will be concealed from the end user may have a false sense of security as a result. 

#!/usr/bin/perl

$known_plain = `cat sample.pl`;
$known_cipher_file = "sample";
$sizeline = `tail -c +811048 $known_cipher_file | strings | grep
NAME=_main.pl`;
@line = split /;/, $sizeline;
@size = split /\=/, $line[1];
$known_cipher = `tail -c +811048 $known_cipher_file | head -c $size[1]`;
$key = $known_cipher ^ $known_plain;

$unknown_cipher = `tail -c +811048 perl2exe | head -c $size[1]`;

$unknown_plain = $unknown_cipher ^ $key;
print $unknown_plain, "\n";