Reverse engineering binary coded TCL scripts
diablo
Is there any way of reverse engineering a binary coded tcl script (compiled
using the tclpro procomp utility) ? I have looked at tcl pro however there
is nothing available that will do this. Does anybody have a process or
procedure that will do this? Is it possible to run a trace to see what the
script is doing and what variables it is using? Any tips appreciated .
Many thanks
Dean
hellomo...@yahoo.com
In general, no. In theory, it might be possible, but hardly worth the
effort.
A little bit of context here would be helpful. Is this a publicly
available package or a commercial app? What is it called? Have you
tried contacting the original authors? Are you trying to bypass the
copyrights associated with it?
SM Ryan
# > using the tclpro procomp utility) ? I have looked at tcl pro however there
It is always possible, and some companies make a living doing that. It's
like encryption: no cipher is perfect, but you can make it slow enough
and painful enough and expensive enough, your secrets will remain safe
until you no longer care.
--
SM Ryan http://www.rawbw.com/~wyrmwif/
I think that's kinda of personal; I don't think I should answer that.
diablo
the script is callect procoll.tcl . it is a small part of the ehpt mediation
software (ehpt went bust and were bought out by ericsson) for manipulating a
unix socket. We use the old ehpt mediator platform and are unable to obtain
support or the source code for the software. I beleice the script has less
than 50 lines of 'pretty simple' code.
I have tcl/perl/python experience but cannot do a thing without the original
code.
Regards
dean
<hellomo...@yahoo.com> wrote in message
news:64262059.04080...@posting.google.com...
diablo
it can be done. Contact info of anyone that can do it is also appreciated.
Many thanks
Dean
"diablo" <dlic...@btinternet.com> wrote in message
news:cf30d2$rr9$1...@hercules.btinternet.com...
Michael Schlenker
> Thanks for the responses to date, I would like to know how to do it not if
> it can be done. Contact info of anyone that can do it is also appreciated.
Best bet are probably the guys at ActiveState as they more or less
developed the the tclpro compiler (or its successor).
Otherwise get someone strong in cryptography and the deep innards of the
tcl bytecode engine... this is non-trivial stuff and other kinds of
reverse engineering may be faster and better.
Michael
hellomo...@yahoo.com
> diablo wrote:
> > Thanks for the responses to date, I would like to know how to do it not if
> > it can be done. Contact info of anyone that can do it is also appreciated.
>
> Best bet are probably the guys at ActiveState as they more or less
> developed the the tclpro compiler (or its successor).
Interesting. I would hope that the good people at ActiveState have
taken measures to make compilation a one way process. A major value
proposition behind "compiling" a script is to keep it from those that
do not (or should not) have access to the source. It would definitely
not look good for them if they also provide their services to those
wishing to bypass the efforts of their original customers.
Michael Schlenker
Probably they won't offer such services for obvious reasons, but they
should have the best working knowledge how hard it would be to do it.
Diablo just asked who can or could do it, not if they really would ;-)
Michael
Donal K. Fellows
> Interesting. I would hope that the good people at ActiveState have
> taken measures to make compilation a one way process.
Well, it can't be made completely one-way because a computer has to
eventually work out what it is to execute. This means that it is at
least theoretically possible to reverse-engineer *any* encrypted encoded
binary and get back something that is recognizably similar to the
original source code. But not necessarily easy at all...
Donal.
Jeff Hobbs
It is correct that I am well-versed in the theory of how to
get the code back (for the most part), but it is not something
that we have ever done or would offer, for obvious reasons.
If it is all of a 50-line script, it would be easier to rewrite
it anyway (there can't be that much magic in 50 lines ... ;) ).
--
Jeff Hobbs, The Tcl Guy
http://www.ActiveState.com/, a division of Sophos
Gerald W. Lester
That includes compiled languages such as Fortran and Pascal.
Back in college a couple of us reversed a Fortran program (only way to
learn how to get a perfect score in Advent).
At my first job I did it to a Pascal program (disk crash on a disk that was
not being backed up (Oh, we forgot to add the new disks to the backup set)).
I would assume that any person worth their salt with a Computer Science
degree could reverse it given enough time -- That being said, I suspect it
would be easier/faster in this case to rewrite, both those cases were
complete programs.
--
+--------------------------------+---------------------------------------+
| Gerald W. Lester | "The man who fights for his ideals is |
| Gerald...@cox.net | the man who is alive." -- Cervantes |
+--------------------------------+---------------------------------------+
hellomo...@yahoo.com
That is right. I pointed that out in my first email:
> In general, no. In theory, it might be possible, but hardly worth the effort.
My comment about the one-way thing was within the context of
ActiveState support, about providing one tool to compile, and another
to decompile.
I also see Jeff's comment to this effect. I am glad to hear it.
Kevin Kenny
Tclpro is open source, so you're welcome to look at tbcload and
see how it loads .tbc files.
Some people have looked into what it might take to implement a
decompiler. But you are unlikely to get any guidance from those
individuals on how to do it, because it's very much a grey area
in the law; there is too much legal risk.
http://www.eff.org/IP/DMCA/20031003_unintended_cons.php
"You can ignore politics, but politics won't ignore you."
--
73 de ke9tv/2, Kevin