The scariest code in my life
Most of the projects on which he worked, quickly erased from memory. But some are memorized by the coffin of life. About this further and will be discussed.
It happened a long time ago in one company, whose name we will not name. It was necessary to work with the program code, which is the core of the accounting system and fully written and accompanied by the guy who had just been fired.
In general, nothing unusual, companies often discover that important knowledge is contained in one single head only when something happens to its owner. As a rule, it takes several days in a light panic and violent reading of documents, and life enters its mainstream.
But not at this time.
')
Some mistake began to come out, and the guy who was instructed to correct it soon began to giggle nervously and mumble something incoherent like “calling a pizza hamburger requires brandy.”
The programmer who wrote the system code had a special sense of humor and his own vision of “protecting intellectual property”. Everyone has heard stories about accounting modules that erase all the records, unless you transfer money to an offshore account within 48 hours after the developer’s firing. It is quite easy to cope with this, even if you take them all for truth, although I have never come across such a thing.
In the program that the developer created, there were no logical bombs or similar nasty things, it compiled quietly and, except for the described error, it worked stably. But just imagine: all the functions and variables in the program were named after the food. Pizza, tomatoes, various types of cheese, fruits, vegetables, drinks and so on. One endless page after another. The only thing that could be recognized on the fly is the main 'ssh' and calls to stdlib.
As a result, I was forced to do ungrateful work on bringing the program to a readable form.
It was truly a virtuoso encryption method, and only having the key could understand something in such a vinaigrette from the code. Step by step, I converted the program, renaming functions and variables into something more meaningful, and the further I moved, the easier it was to do.
Working with source codes is much easier than doing reverse analysis of an unknown code (because at the beginning you need to separate data from code and understand what a high-level presentation was, in this case I had a high-level representation in text form), so the work was not impossible or even particularly difficult. The work was just tedious. As soon as it was possible to establish the true meaning of a function or variable, everything else was done with the “replace” command.
Another problem was the quality of the code. In fact, the noodles in the code made it much more difficult to understand than the lack of a semantic name. In general, as soon as I finished renaming functions and variables, I rewrote a large part of it to make it easier to understand and increase efficiency.
I never found out if he had an unencrypted version of the code, which he chased through the obfuscator, deleting any comments and replacing all the names with meaningless ones. For a start, it's just hard to imagine the way of thinking of a person doing such a thing, but it is even more difficult to imagine a person who would write such code directly, such a madness would be worth singing a song.
In short, if you think that you will not be fired (or taken back) just because it is impossible to understand your code, you are delirious. Whatever goal that guy pursued, his expectations failed in the most terrible way (I can hardly imagine that he could get recommendations from his employer). But, nevertheless, you can give someone a couple of happy weeks and a happy client.
Written by Jacques Mattheij, original in English .
Translated unconnected in the name of the bright side of power.
It happened a long time ago in one company, whose name we will not name. It was necessary to work with the program code, which is the core of the accounting system and fully written and accompanied by the guy who had just been fired.
In general, nothing unusual, companies often discover that important knowledge is contained in one single head only when something happens to its owner. As a rule, it takes several days in a light panic and violent reading of documents, and life enters its mainstream.
But not at this time.
')
Some mistake began to come out, and the guy who was instructed to correct it soon began to giggle nervously and mumble something incoherent like “calling a pizza hamburger requires brandy.”
The programmer who wrote the system code had a special sense of humor and his own vision of “protecting intellectual property”. Everyone has heard stories about accounting modules that erase all the records, unless you transfer money to an offshore account within 48 hours after the developer’s firing. It is quite easy to cope with this, even if you take them all for truth, although I have never come across such a thing.
In the program that the developer created, there were no logical bombs or similar nasty things, it compiled quietly and, except for the described error, it worked stably. But just imagine: all the functions and variables in the program were named after the food. Pizza, tomatoes, various types of cheese, fruits, vegetables, drinks and so on. One endless page after another. The only thing that could be recognized on the fly is the main 'ssh' and calls to stdlib.
As a result, I was forced to do ungrateful work on bringing the program to a readable form.
It was truly a virtuoso encryption method, and only having the key could understand something in such a vinaigrette from the code. Step by step, I converted the program, renaming functions and variables into something more meaningful, and the further I moved, the easier it was to do.
Working with source codes is much easier than doing reverse analysis of an unknown code (because at the beginning you need to separate data from code and understand what a high-level presentation was, in this case I had a high-level representation in text form), so the work was not impossible or even particularly difficult. The work was just tedious. As soon as it was possible to establish the true meaning of a function or variable, everything else was done with the “replace” command.
Another problem was the quality of the code. In fact, the noodles in the code made it much more difficult to understand than the lack of a semantic name. In general, as soon as I finished renaming functions and variables, I rewrote a large part of it to make it easier to understand and increase efficiency.
I never found out if he had an unencrypted version of the code, which he chased through the obfuscator, deleting any comments and replacing all the names with meaningless ones. For a start, it's just hard to imagine the way of thinking of a person doing such a thing, but it is even more difficult to imagine a person who would write such code directly, such a madness would be worth singing a song.
In short, if you think that you will not be fired (or taken back) just because it is impossible to understand your code, you are delirious. Whatever goal that guy pursued, his expectations failed in the most terrible way (I can hardly imagine that he could get recommendations from his employer). But, nevertheless, you can give someone a couple of happy weeks and a happy client.
Written by Jacques Mattheij, original in English .
Translated unconnected in the name of the bright side of power.
Source: https://habr.com/ru/post/115923/
All Articles