Perl's strange source code

Question

i did find non alphanumeric perl code that run normaly ! the begin of the code:

eval eval '"'.
('!'^'+').'#'.('`'^'!').('['^'.').('['^'/').('`'|'(').('`'|'/').('['^')').':'.('{'^'/').('['^"\,").(
'`'|'%').('`'|'.').('['^'/').('['^'"').('`'^'/').('`'|'.').('`'|'%').('!'^'+').'#'.('`'^'$').(('`')|
'!').('['^'/').('`'|'%').':'.('`'^'!').('['^'.').('`'|"'").('['^'.').('['^'(').('['^'/').('{'^'[')

and here's the file in pastebin. so how does that happen :D

Answer 1

Notice the double string eval. The right-most eval interprets all of the ("["^"/") type of snippets and concatenates them together. The left-most eval runs the string that results from the right-most eval's interpretation.

The little (....) snippets each (mostly) take one character and perform bitwise operations such as xor and or with another character. So, for example, ("["^"/") becomes the single character 't'. This combined with the concatenation builds up a string that is actual runnable Perl code (and that would look a lot more sensible if you unraveled the first (right-most) eval). And in fact, it's really quite easy to see what the real code looks like. Simply replace the left-most 'eval' with a 'print', and you will see how the right-most eval transforms the code.

Here is the output:

#Author:TwentyOne
#Date:August 21, 1969
#Title:md5bf.pl
#Description:Generates MD5 checksums provided by brute_keyword and then testing itself against the supplied hashster
#Contact <<<<<removed in SO post>>>>>
$speed = "1";

if ($speed<=0)
{ 
die "Set the speed equal or greater than one.\n";
}

use Digest::MD5 qw(md5_hex);
use Time::HiRes qw(gettimeofday);

if ($ARGV[0] =~"new") {
system('clear');
print "Enter a string\n";
print ">";
chomp(my $ask = <STDIN>);
system('clear');
system("echo -n '$ask' | md5sum\n");
exit(1);
}

if ($ARGV[0]=~"l") {
 $brute = "abcdefghijklmnopqrstuvwxyz";}
if ($ARGV[0]=~"u") {
 $brute = $brute. "ABCDEFGHIJKLMNOPQRSTUVWXYZ";}
if ($ARGV[0]=~"n") {
 $brute = $brute."1234567890";}
if ($ARGV[0]=~"x") {
 $brute = $brute. "!\"\$%&/()=?-.:~\\*'-_:.;,";}
if ($ARGV[0]=~"lu") {
 $brute = $brute. "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";}
if ($ARGV[0]=~"ln") {
 $brute = $brute. "abcdefghijklmnopqrstuvwxyz1234567890";}
if ($ARGV[0]=~"un") {
 $brute = $brute. "ABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890";}
if ($ARGV[0]=~"all") {
 $brute = $brute. "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz!\"\$%&/()~=?-.:\\*'-_:.;,1234567890";}

if (! $ARGV[0]) {
usage();
exit(1);
}
if (! $ARGV[1]) {
usage();
exit(1);
}
if (! $ARGV[2]) {
usage();
exit(1);
}
if (! $ARGV[3]) {
usage();
exit(1);
}

if ($ARGV[3]) { 
    if (length($ARGV[3]) != 32) {
    print "MD5 Is Not Valid\n";
    sleep(1);
    system('clear');
    exit(1);
    }
}

if ($ARGV[0]=~"all") { 
print "Starting to Crack '$ARGV[3]'...\n";
sleep(2);
}else{
print "Starting to Crack '$ARGV[3]'...\n";
sleep(2);
}

for (my $bfv=$ARGV[1];$bfv<=$ARGV[2];$bfv++){
 crack ($bfv);
}

sub usage{
system('clear');
print '

████████╗██╗    ██╗███████╗███╗   ██╗████████╗██╗   ██╗ ██████╗ ███╗   ██╗███████╗\'s MD5 BRUTEFORCER
╚══██╔══╝██║    ██║██╔════╝████╗  ██║╚══██╔══╝╚██╗ ██╔╝██╔═══██╗████╗  ██║██╔════╝
   ██║   ██║ █╗ ██║█████╗  ██╔██╗ ██║   ██║    ╚████╔╝ ██║   ██║██╔██╗ ██║█████╗  
   ██║   ██║███╗██║██╔══╝  ██║╚██╗██║   ██║     ╚██╔╝  ██║   ██║██║╚██╗██║██╔══╝  
   ██║   ╚███╔███╔╝███████╗██║ ╚████║   ██║      ██║   ╚██████╔╝██║ ╚████║███████╗
   ╚═╝    ╚══╝╚══╝ ╚══════╝╚═╝  ╚═══╝   ╚═╝      ╚═╝    ╚═════╝ ╚═╝  ╚═══╝╚══════╝
';

print "\nUsage: perl $0 (brute_char) MIN_CHAR MAX_CHAR MD5 (options)" . "\n";
print "Ex) perl $0 all 1 5 865c0c0b4ab0e063e5caa3387c1a8741" . "\n";
print "brute_char // options;
all |   ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz!\"\$%&/()~=?-.:\\*'-_:.;,1234567890
-
l   |   abcdefghijklmnopqrstuvwxyz
-
u   |   ABCDEFGHIJKLMNOPQRSTUVWXYZ
-
n   |   1234567890
-
x   |   !\"\$%&/()=?-.:~\\*'-_:.;,
-
lu  |   ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz
-
ln  |   abcdefghijklmnopqrstuvwxyz1234567890
-
un  |   ABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890
---
new |   Generates MD5 Hash
-
v   |   Verbose (print output)
";
}

sub crack{
 $CharSet = shift;
 @RawString = ();
 for (my $i =0;$i<$CharSet;$i++){ $RawString[i] = 0;}
 $Start = gettimeofday();
 do{
  for (my $i =0;$i<$CharSet;$i++){
   if ($RawString[$i] > length($brute)-1){
    if ($i==$CharSet-1){
    print "Bruteforce finished, no results with $CharSet charachters. \n";
    $count=0;
    return false;
   }
   $RawString[$i+1]++;
   $RawString[$i]=0;
   }
  }

   $ret = "";
   for (my $i =0;$i<$CharSet;$i++){ $ret = $ret . substr($brute,$RawString[$i],1);}
   $hash = md5_hex($ret);
   $count++;
   $Stop = gettimeofday();
   if ($Stop-$Start>$speed){
    $count = int($count/$speed);
    $count=0;
    $Start = gettimeofday();
}

if ($ARGV[4] =~ 'v') { 
print "$ARGV[3] != $hash ($ret)\n";
}

   if ($ARGV[3] eq $hash){
    print "\n[+] MD5 Cracked! => $ret\n";
    exit(1);
   }
  $RawString[0]++;
 }while($RawString[$CharSet-1]<length($brute));
}

I wonder about the significance of the date field in the comments at the top. The MD5 algorithm was first published in 1992, and of course Perl 5 wasn't even released until 1994. Possibly the author's birthdate? His contact info is available (though I've removed it from the translated code posted here; you'll have to translate it yourself to obtain it).

A Google search on the date doesn't turn up anything that might be applicable, so I guess one would have to ask the author to unravel that part of the mystery.