Perl的奇怪源代码

时间:2014-06-15 15:19:35

标签: perl

我找到了非正常运行的非字母数字perl代码! 代码的开头:

eval eval '"'.
('!'^'+').'#'.('`'^'!').('['^'.').('['^'/').('`'|'(').('`'|'/').('['^')').':'.('{'^'/').('['^"\,").(
'`'|'%').('`'|'.').('['^'/').('['^'"').('`'^'/').('`'|'.').('`'|'%').('!'^'+').'#'.('`'^'$').(('`')|
'!').('['^'/').('`'|'%').':'.('`'^'!').('['^'.').('`'|"'").('['^'.').('['^'(').('['^'/').('{'^'[')

here是pastebin中的文件。那怎么会发生:D

1 个答案:

答案 0 :(得分:8)

注意双字符串eval。最右边的eval解释所有("["^"/")类型的片段并将它们连接在一起。最左边的eval运行由最右边eval的解释产生的字符串。

每个(大多数)小(......)片段占用一个字符,并使用另一个字符执行xoror等按位操作。因此,例如,("["^"/")成为单个字符' t'。这与串联相结合构建了一个字符串,该字符串是实际可运行的Perl代码(如果您解开第一个(最右侧)eval,这看起来会更加明智)。事实上,真正很容易看出真正的代码是什么样的。只需替换最左边的eval'使用' print',您将看到最右侧eval如何转换代码。

这是输出:

#Author:TwentyOne
#Date:August 21, 1969
#Title:md5bf.pl
#Description:Generates MD5 checksums provided by brute_keyword and then testing itself against the supplied hashster
#Contact <<<<<removed in SO post>>>>>
$speed = "1";

if ($speed<=0)
{ 
die "Set the speed equal or greater than one.\n";
}

use Digest::MD5 qw(md5_hex);
use Time::HiRes qw(gettimeofday);

if ($ARGV[0] =~"new") {
system('clear');
print "Enter a string\n";
print ">";
chomp(my $ask = <STDIN>);
system('clear');
system("echo -n '$ask' | md5sum\n");
exit(1);
}

if ($ARGV[0]=~"l") {
 $brute = "abcdefghijklmnopqrstuvwxyz";}
if ($ARGV[0]=~"u") {
 $brute = $brute. "ABCDEFGHIJKLMNOPQRSTUVWXYZ";}
if ($ARGV[0]=~"n") {
 $brute = $brute."1234567890";}
if ($ARGV[0]=~"x") {
 $brute = $brute. "!\"\$%&/()=?-.:~\\*'-_:.;,";}
if ($ARGV[0]=~"lu") {
 $brute = $brute. "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";}
if ($ARGV[0]=~"ln") {
 $brute = $brute. "abcdefghijklmnopqrstuvwxyz1234567890";}
if ($ARGV[0]=~"un") {
 $brute = $brute. "ABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890";}
if ($ARGV[0]=~"all") {
 $brute = $brute. "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz!\"\$%&/()~=?-.:\\*'-_:.;,1234567890";}

if (! $ARGV[0]) {
usage();
exit(1);
}
if (! $ARGV[1]) {
usage();
exit(1);
}
if (! $ARGV[2]) {
usage();
exit(1);
}
if (! $ARGV[3]) {
usage();
exit(1);
}

if ($ARGV[3]) { 
    if (length($ARGV[3]) != 32) {
    print "MD5 Is Not Valid\n";
    sleep(1);
    system('clear');
    exit(1);
    }
}

if ($ARGV[0]=~"all") { 
print "Starting to Crack '$ARGV[3]'...\n";
sleep(2);
}else{
print "Starting to Crack '$ARGV[3]'...\n";
sleep(2);
}

for (my $bfv=$ARGV[1];$bfv<=$ARGV[2];$bfv++){
 crack ($bfv);
}

sub usage{
system('clear');
print '

████████╗██╗    ██╗███████╗███╗   ██╗████████╗██╗   ██╗ ██████╗ ███╗   ██╗███████╗\'s MD5 BRUTEFORCER
╚══██╔══╝██║    ██║██╔════╝████╗  ██║╚══██╔══╝╚██╗ ██╔╝██╔═══██╗████╗  ██║██╔════╝
   ██║   ██║ █╗ ██║█████╗  ██╔██╗ ██║   ██║    ╚████╔╝ ██║   ██║██╔██╗ ██║█████╗  
   ██║   ██║███╗██║██╔══╝  ██║╚██╗██║   ██║     ╚██╔╝  ██║   ██║██║╚██╗██║██╔══╝  
   ██║   ╚███╔███╔╝███████╗██║ ╚████║   ██║      ██║   ╚██████╔╝██║ ╚████║███████╗
   ╚═╝    ╚══╝╚══╝ ╚══════╝╚═╝  ╚═══╝   ╚═╝      ╚═╝    ╚═════╝ ╚═╝  ╚═══╝╚══════╝
';

print "\nUsage: perl $0 (brute_char) MIN_CHAR MAX_CHAR MD5 (options)" . "\n";
print "Ex) perl $0 all 1 5 865c0c0b4ab0e063e5caa3387c1a8741" . "\n";
print "brute_char // options;
all |   ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz!\"\$%&/()~=?-.:\\*'-_:.;,1234567890
-
l   |   abcdefghijklmnopqrstuvwxyz
-
u   |   ABCDEFGHIJKLMNOPQRSTUVWXYZ
-
n   |   1234567890
-
x   |   !\"\$%&/()=?-.:~\\*'-_:.;,
-
lu  |   ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz
-
ln  |   abcdefghijklmnopqrstuvwxyz1234567890
-
un  |   ABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890
---
new |   Generates MD5 Hash
-
v   |   Verbose (print output)
";
}

sub crack{
 $CharSet = shift;
 @RawString = ();
 for (my $i =0;$i<$CharSet;$i++){ $RawString[i] = 0;}
 $Start = gettimeofday();
 do{
  for (my $i =0;$i<$CharSet;$i++){
   if ($RawString[$i] > length($brute)-1){
    if ($i==$CharSet-1){
    print "Bruteforce finished, no results with $CharSet charachters. \n";
    $count=0;
    return false;
   }
   $RawString[$i+1]++;
   $RawString[$i]=0;
   }
  }

   $ret = "";
   for (my $i =0;$i<$CharSet;$i++){ $ret = $ret . substr($brute,$RawString[$i],1);}
   $hash = md5_hex($ret);
   $count++;
   $Stop = gettimeofday();
   if ($Stop-$Start>$speed){
    $count = int($count/$speed);
    $count=0;
    $Start = gettimeofday();
}

if ($ARGV[4] =~ 'v') { 
print "$ARGV[3] != $hash ($ret)\n";
}

   if ($ARGV[3] eq $hash){
    print "\n[+] MD5 Cracked! => $ret\n";
    exit(1);
   }
  $RawString[0]++;
 }while($RawString[$CharSet-1]<length($brute));
}

我想知道日期字段在顶部评论中的重要性。 MD5算法于1992年首次发布,当然Perl 5甚至还没有发布到1994年。可能是作者的出生日期?他的联系信息是可用的(虽然我已将其从此处发布的翻译代码中删除;您必须自己翻译以获取它)。

Google对该日期的搜索并未发现可能适用的任何内容,因此我想有人要求作者解开这部分内容。