Re: XLS files scrambling

Hi, George.

Long time ago I was used to work for one paranoid,
who was thinking that if he encrypt the source code
of some perl scripts - he benefit on a long run.
He got that scrambling in 2-3 days.

I think that the pattern of scrambling XSL, perl or
whatever other interpreter is common and
straightforward:

1. Write propriatary 'crypt' utility  ( use DES-based
encryption,  it is strong and  there are open sources
hanging around ).

2. crypt script.xsl >  script.xsl

The produced ( scrambled ) script.xsl will have a
magic signature in the first few bytes, or  e t.c.

3. Find the place in perl ( XSL, whatever ) code
which is loading the stylesheet. If the stylesheet
starts with magic signature - decrypt it first.

 In case of XSL re-capturing SAX Eception
could work - I mean - "if it is not XML - it is encrypted"

4. To run hacked stylesheets - ship hacked
interpreter.

5. There are some interesting twists here.
For example, with perl if was not straightforward,
because there was more than one place that
has to be 'closed'. Hacked interpreter written in
java could also be decompiled e t.c.  e t.c.

Pafranaoya has no limits

Conclusion. If you want to hack XT, for example,
to read  encrypted stylesheets - just write your
own ( decrypting ) SAXParser ( similar to
UxSpecialParser ) and  that's all you need.
No code changes to XT.  The same could be
done for any other 'reasonable'  XSLT Engine,
which has no particular parser hardcoded, but
allows usage of other SAXParsers.

For detailes on UxSpecialParser - you can
download Ux source code from  http://www.pault.com/Ux

Rgds.Paul.


----- Original Message -----
From: George Prezerakos

> Cmon you guys,
>
> I don't mean to start a new thread here but...
>
> We gotta separate between personal and corporate views. Of course I like open source
source projects and freeware distribution (and I have actually developed free or low-cost
s/w a lot of times).
>
> However, when working for a company and writing software for the company's clients you
might (just might) be asked to encrypt some stuff. I haven't come across this situation
yet but I posted my original question just in case.
>
> Think about it before starting to flame me once more :)
>
> Regards,
>
> George Prezerakos
>



 XSL-List info and archive:  http://www.mulberrytech.com/xsl/xsl-list

Current Thread
Re: XLS files scrambling [off-topic], (continued) Francis Norton - Fri, 23 Jun 2000 20:29:14 +0100 Matt Sergeant - Fri, 23 Jun 2000 15:11:57 +0100 (BST) Dan Morrison - Sat, 24 Jun 2000 02:20:11 +1200 George Prezerakos (ETG) - Fri, 23 Jun 2000 16:58:57 +0200 Paul Tchistopolskii - Fri, 23 Jun 2000 12:27:19 -0700 <= Anjul Srivastava - Fri, 23 Jun 2000 13:27:27 -0400 Anjul Srivastava - Fri, 23 Jun 2000 17:32:29 -0400 Wendell Piez - Mon, 26 Jun 2000 01:23:56 +0100 G. Ken Holman - Fri, 30 Jun 2000 12:04:23 -0400

Current Thread

Re: XLS files scrambling [off-topic], (continued)
- George Prezerakos (ETG) - Fri, 23 Jun 2000 16:58:57 +0200
  - Paul Tchistopolskii - Fri, 23 Jun 2000 12:27:19 -0700 <=
- Anjul Srivastava - Fri, 23 Jun 2000 13:27:27 -0400
- Anjul Srivastava - Fri, 23 Jun 2000 17:32:29 -0400
  - Wendell Piez - Mon, 26 Jun 2000 01:23:56 +0100
- G. Ken Holman - Fri, 30 Jun 2000 12:04:23 -0400

<- Previous	Index	Next ->
RE: XLS files scrambling, George Prezerakos (E	Thread	RE: RE: XLS files scrambling, Anjul Srivastava
Re: anchors - links on the same .x, Robert Koberg*	Date	Re: XLS files scrambling [off-topic, Francis Norton
	Month

<-prev [Thread] next->	<-prev [Date] next->
Month Index \| List Home