Encrypt

micky · Post by **micky** » Wed Dec 29, 2004 3:43 pm

Some of you know how encrypt tcl? (http://mini.net/tcl/728)
Maybe some of you would be so kind and tell me how i can encrypt scripts or how to use obfuscation.

^DooM^ · Post by **^DooM^** » Wed Dec 29, 2004 3:48 pm

why would you want to encrypt a script?

demond · Post by **demond** » Wed Dec 29, 2004 3:53 pm

you can compile your script with TclPro, it will produce a .tbc file which has a little loader header in clear Tcl (which of course depends on external library - libtbcload) and the rest is compiled bytecode stuff, similar to that in Java .class files (needless to say, there are .tbc decompilers, I hear user wrote one

so your script will never be safe from cracking)

demond · Post by **demond** » Wed Dec 29, 2004 4:12 pm

alternatively, if you need script encryption as a preventive measure against peeking at your files on the shell, you can store your scripts encrypted with a key (of course, you'll need to patch your bot to be able to load those scripts)

Ofloo · Post by **Ofloo** » Wed Dec 29, 2004 4:13 pm

hmm i don't see the point using tcl as an ecrypter knowning that.. if you read the script that is gone encrypt it that it can be used to decrypt it ..

you will need to write a module to encrypt it .. when its compiled you can use a key or something which can't be read from the binary file.. when it is compiled .. well everything is possible if you know how but still its gone be a hard and for sur when you use hex chars .. to hide that code .. or encrypt the variables within the c code..

micky · Post by **micky** » Wed Dec 29, 2004 4:37 pm

no, no, i need crypt like that http://www.tclshack.com/modules.php?op= ... tit&lid=22

demond · Post by **demond** » Wed Dec 29, 2004 4:48 pm

micky wrote:no, no, i need crypt like that http://www.tclshack.com/modules.php?op= ... tit&lid=22

lame and primitive obfuscation scriptlet, presumably hiding even lamer script (hard-coded parsing of HTML, will stop working when they change the webpage)

Ofloo · Post by **Ofloo** » Wed Dec 29, 2004 9:02 pm

micky wrote:no, no, i need crypt like that http://www.tclshack.com/modules.php?op= ... tit&lid=22

i think i understand verry well what you wana do you wana encrypt the script so its only readable to the module..

you wana hide the script source ..

then if you wana do that you need a module not a script a module can decrypt or crypt a script you load the crypt into memory then decrypt it.. thats how u can do it .. and eval the code.. in the variable .. but making this work you should use a C module cause if you use a tcl script then there is no use crypting it .. you will be able to read how to decrypt it from the script cause the encrypter or decrypter still will be open source if you use a tcl script to crypt or decrypt it !!!!!

or do you mean a script that decrypts encrypted text that passes by in a channel ??

^DooM^ · Post by **^DooM^** » Wed Dec 29, 2004 9:48 pm

try saying that after a few pints Ofloo

Post by **user** » Wed Jan 05, 2005 9:51 pm

this is a slightly modified version of my code from this post...

Code: Select all

# turn a string into random (octal/hexadecimal/unicode) escapes
proc lamesc str {
	set o ""
	foreach c [split $str ""] {
		if {[string is space $c]} {
			append o $c
		} {
			append o [switch [expr {int(rand()*3)}] {
				0 {format \\%o [scan $c %c]}
				1 {format \\x%x [scan $c %c]}
				2 {format \\u%x [scan $c %c]}
			}]
		}
	}
	set o
}

# obfuscate a piece of code
proc obfuscate code {
	foreach c [split $code ""] {set tmp($c) ""}
	set chrs [array names tmp]
	set i [array size tmp]
	set forward [set back [list]]
	foreach c $chrs {
		set r [expr {int(rand()*$i)}]
		incr i -1
		lappend forward $c [lindex $chrs $r]
		set back [concat [list [lindex $chrs $r] $c] $back]
		set chrs [lreplace $chrs $r $r]
	}
	switch [expr {int(rand()*3)}] {
		0 {set cmd "if [expr {1+int(rand()*(1<<24))}]"}
		1 {set cmd eval}
		2 {set cmd "uplevel 0"}
	}
	set code "[lamesc $cmd] \[[lamesc "string map"] [list $back [string map $forward $code]]\]"
}

# obfuscate everything between #OBF and #/OBF in one file and dump the result to another file
proc OBF {infile {outfile {}} {A "#OBF\n"} {B "\n#/OBF\n"}} {
	set i [set c 0]
	set j [string len $A]
	set k [string len $B]
	set data [read [set f [open $infile]]][close $f]
	if {$outfile=={}} {set f [open $infile w]} {set f [open $outfile w]}
	while {
		[set a [string first $A $data $i]]>-1
						&&
		[set b [string first $B $data $a]]>-1
	} {
		puts -nonewline $f [string range $data $i [expr {$a-1}]]
		puts $f [obfuscate [string range $data [incr a $j] [expr {$b-1}]]]
		set i [expr {$b+$k}]
		incr c
	}
	puts -nonewline $f [string range $data $i end]
	close $f
	set c
}

# look for command line parameters and invoke OBF if there are any
if $argc {
	if {[catch [concat OBF $argv] err]} {
		puts $err
	} else {
		puts "$err part[expr {$err==1?"":"s"}] obfuscated."
	}
	exit
}

source the script and invoke the procs you want
...or save it to a file and do 'tclsh file input.tcl output.tcl' in your shell (will run the OBF proc on input.tcl and write the result to output.tcl)

Example:

Code: Select all

proc demobf args {
#OBF
	return "Hello world"
#/OBF
}

...was turned into the beautiful code below by OBF

Code: Select all

proc demobf args {
\x75\u70\154\u65\u76\145\u6c \60 [\163\x74\x72\151\u6e\147 \x6d\141\160 {o o r n e l d {	} n H w w {	} u t e H t {"} d u {"} l r { } { }} {dltH	lr unteeo wole"u}]
}

Using it to obfuscate only the body of a proc, like I did here, is not recommended.

mm · Post by mm » Wed Jan 05, 2005 11:18 pm

Hi,
demond

alternatively, if you need script encryption as a preventive measure against peeking at your files on the shell, you can store your scripts encrypted with a key (of course, you'll need to patch your bot to be able to load those scripts)

demond, where can i find a patch?

thanks

demond · Post by **demond** » Wed Jan 05, 2005 11:58 pm

mm wrote:Hi,
demond
alternatively, if you need script encryption as a preventive measure against peeking at your files on the shell, you can store your scripts encrypted with a key (of course, you'll need to patch your bot to be able to load those scripts)

demond, where can i find a patch?

thanks

I don't believe you'll find such a patch available publicly; after all, the whole point of that is to conceal how the actual encryption (respectivelly decryption/loading) is done, in order to prevent potential crackers/takeover monkeys from patching your scripts (or at least to make their task harder; if they want your channel really bad and have some skills, they'd crack the bot binary anyway; besides, there are other methods for hacking ops from encrypted bot, such as connection hijacking, using ptrace() to attach to & control bot's process, etc.)

I once wrote similar patch for eggdrop 1.4, but it's not much of a use today anyway

metroid · Post by **metroid** » Thu Jan 06, 2005 3:58 am

User, how would you go about deobfuscating that script you obfuscate with your code so you can actually use it? :p

Post by **user** » Thu Jan 06, 2005 4:30 am

just run it

lsn · Post by **lsn** » Fri Dec 23, 2005 8:21 am

I write that code into a file named tcl
I run the code:

Code: Select all

tclsh8.4 tcl x.tcl z.tcl

I get this

0 parts obfuscated.

And the file z.tcl was identical with x.tcl, nothing has changed.. What goes wrong ?

egghelp/eggheads community

Encrypt

Encrypt

Maybe a bit too late... :)