16th IOCCC Winners Announced

chongo writes: "The winners of the 16th International Obfuscated C Code Contest (IOCCC) have been selected. The judges are in the process of notifying the winners by EMail. We expect to release the source code around mid April 2002 after the winners have had a chance to review our writeup of their entries."

Here's an idea for a contest

Write a program in one language, but make it appear to be in a different programming language. For example make a perl program look like a java program.

Re:Here's an idea for a contest

[donglekey]

This can already be done somewhat easily with a C preproccesor, I have seen FORTRAN examples in books in fact.

Re:Here's an idea for a contest

[Mayor+McPenisman]

Write a program to tell you if you have pants on. Then, when you have pants on, the program says, in a robot voice: "you have pants on" over and over. When you don't have pants on the robot voice says "you do not have pants on." The placing of pants will result in a modification of the voice warning within expected tolerances of 1.2 microseconds. The IEEE accepted definition of 'wearing pants' is having at least once pulled them so that the crotch area contacts the crotch of the person wearing said pants. Buttoning/zipping is not the prefered method of pants detection, seeing as many embarrassing situations arise from people having pants on but not having them properly secured. The robot voice would be the voice of the guy who did Kitt in Knight Rider and the pants detection algorhithim would be based on wither punch cards or mood rings.

Re:Here's an idea for a contest

[mcc]

You may be interested in a type of program called a "polyglot"-- a program which is simultaneously valid, and preferably does the same thing, in more than one language simultaneously. Several previous IOCCC winners have been polyglots. (You maybe should look in particular at the one entry-- i'm *pretty* sure this was last year-- for a program that #DEFINED a bunch of english words as chunks of C that did the same thing the english words did, and then wrote a short *compilable* program in totally readable pseudocode.. with the gimmick being that the program actually did something wholly other than what the pseudocode said it did! Even if you know this coming in, it still is near impossible even on several readings to figure out how exactly it works out. It was rather cute.)

Anyway, a few polyglot-related links:

• here is the only Polyglot archive anywhere on the internet that i am aware of. Please, please read this link. It's amazing. My favorite is i think the quine (!!) which is simultaneously valid in C and Scheme. (It exploits the fact that ; is a comment operator in scheme, and is a really neat little read..)
• Here is the only polyglot i'm aware of which is not in the above archive.
• Here's a short little writeup on polyglots i did for everything2.com. It isn't that interesting.

With the crazy-ass language redefinition capabilities in perl 6, i think we can expect to see a resurgence in some very odd polyglots very soon..

Grrr.. mean, mean slashdot editors.. telling us the IOCCC winners were announced just so we can wait in suspense for a full month to see the entries.. bleh. I love the IOCCC..

Re:Here's an idea for a contest

[ZaneMcAuley]

Thats easy, just code C# and it looks like Java.

Re:Here's an idea for a contest

[cpeterso]

Your quine [nyx.net] link did NOT contain any hybrid C/Scheme quines..

Re:Here's an idea for a contest

[LiquidPC]

Make perl look like java? Wouldn't that be kind of difficult with the whole #!/usr/bin/perl thing, and all of the variables prefixing with '$', i'm not an expert on java but I dont think they do that. Of course, i'm sure someone will think of some way.

Re:Here's an idea for a contest

[mcc]

The polyglot quines were on the polyglot page i linked, not the quine page i linked (both of which were on nyx.net..). The quine page was linked in case a given reader didn't know what a quine was. The C/LISP hybrid quine was the 10th entry on the polyglot page. It was this one.

Sorry if i was unclear.

Re:Here's an idea for a contest

[thogard]

perl has the concept of barewords. They are just like a normal variable but they don't have the $ in front. A STDIO is a common one that appears in many programs. With the right module, you can redefine perl to look like just about anything for example Perligata which changes the parsing rules to a latin form where the subject of the verb is defined by its suffix.

A few days ago /. had a story about many odd languages. While some (most?) of them seem quite useless, if writing a program in them opens your mind, it can make you a better coder. For example brainf*ck is a pure turing language with 8 instructions -- risc taken all the way down. Hardware desgined to run brainf*ck could be clocked at the several hundred Ghz and could be piplined like mad.

Re:Here's an idea for a contest

[mosch]

Unfortunately, I've yet to find a brainfuck interpreter for *nix that doesn't blow goats. The I/O sucks ass in the standard interpreter, making it very hard to write real software with it, but not for the intended reason. I dare you to try to gather entropy from /dev/random in a brainfuck program.

Re:Here's an idea for a contest

[Luminous+Coward]

[...] for a program that #DEFINED a bunch of english words as chunks of C that did the same thing the english words did, and then wrote a short *compilable* program in totally readable pseudocode...

You might also enjoy a different style: California codin'.

Re:Here's an idea for a contest

Nice quine page. There is even my INTERCAL quine there !

Cheers,

--fred

Re:Here's an idea for a contest

[sconeu]

One of the 2000 winners did that. He wrote code that was simulatneously a sh shell script, a makefile, and C code.

Notified via Email

[tcd004]

I think you just notified them via Slashdot.

The Shadow Government Knows
tcd004

Assembler

[rif42]

> We expect to release the source code
> around mid April 2002

Will we also get a translation in assembler to help clarify the soure code?

Re:Assembler

[Reality+Master+101]

I know you meant this as a joke in the sense of assembly language being so much more difficult than obfuscated C, but it's only funny to people who are ignorant of programming in assembly.

Back when I used to do a fair amount of assembly programming along with C, I would often run the debugger in assembly mode to see exactly what was happening. Very often I could uncover subtle bugs that way.

I don't really do it as much anymore, primarily because I'm not familiar with the assembly of my modern machines anymore (alas).

Re:Assembler

[sinserve]

I could NEVER debug C in source level debugger.

Actually, the only other tool I use when programming
on windows (other than the compiler.) is a disassembler.

--

Re:Assembler

[VAXman]

Assembler generated from IOCCC programs will definitely not be obfuscated. Most of the obfuscation comes from the preproccesor, and compilers generate regular, boring code.

However, it definitely is possible to write highly obfuscated assembly, which would be far worse than anything done in C. Heck, with "db" you can do anything you want, and with an instruction set like IA32 you can do all sorts of insane things. Self-modifying code is also a lot easier in assembly. :-)

Re:Assembler

[beppu]

Lighten up. :) I know assembly, and I thought it was funny.

Re:Assembler

[bentini]

Are I-caches smart enough to figure out when you modify the code? And wouldn't that make code that was slow as hell, because you have to flush the cache and pipeline?
-Dan

Re:Assembler

[Tower]

I know what you mean - I've spent a good portion of time recently parsing through compiled code (with two versions of a compiler) to make sure things were properly optimized in both (of course, they weren't). The tricks we must play to speed up memory copies with the least instructions possible... mmmmm. At least it was on a full register set machine (PowerPC 740)... Thank goodness for all of those GPRs :)

Re:Assembler

[Mr+Z]

Nah, real programmers just cat > program ; chmod +x ./program and get on with it.

--Joe

Re:Assembler

[rif42]

> I know you meant this as a joke in the sense
> of assembly language being so much more
> difficult than obfuscated C

Yeah, it sounds funny, but on the serious side seeing some of my colleagues unreadable C code, I sometime wish they would have written straight assembler in stead of attempting to get some weird optimisation through a strange C constructs.

Re:Assembler

[VAXman]

I don't know about other processors, but Willamette (aka Pentium 4) fully supports self-modifying code, and you can modify an instruction at any point (such as the next instruction - even if has already been speculatively executed), and the processor will correctly restart and execute the modified instruction.

Yes, this is terrible for performance (it invalidates the whole trace cache) but it is correct.

Officially, Intel says you have to execute a serializing instruction in between the point of modifcation and the actual instruction, although the newer processors are smart enough to do it automatically.

I wonder if any real software actually modifies in-flight instructions? It's conceivable that an OS loading/executing a really short program on a processor which is deeply speculative could hit that case.

Re:Assembler

[Tycho]

Another fun thing to do would be writing an obfucated program in MacOS 9 with self modifying code that mixed 68k assembly functions with PPC assembly functions.

Re:Assembler

[Ayende+Rahien]

Writing self modifying code is hard, it's even harder to debug, and thrice as hard to follow.
To the best of my knowledge, most common OS define text segments of processes as read & execute only.

Re:Assembler

[VAXman]

Well, yeah, but since most OS'es have flat addressing, you ust use your read/write flat data segment to modify the code in your read/execute flat code segment. If the _page_ is marked read-only you can't modify it, but you can just copy it to your own data segment, and then modify and execute it to your heart's content.

Plagerized?

[ProfMoriarty]

Have the judges submitted these to turnitin.com?

These may be very good test cases for the site.

The list of who won

[chongo]

An updated list of who won the 16th IOCCC may be found at:

http://www.ioccc.org/whowon.html

We have already had one anonymous winner request to become non-anonymous.

Re:The list of who won

[jallen02]

It is the Lavarand guy! With a /. ID lower than me. Oh my :-D

Jeremy

Bleh

The winning descriptions sound pretty ho hum again this year. Although the X program and the interactive games are usually somewhat interesting since they waste a lot of your allotted bytes to get them started. Still haven't seen a really slick X program since the julia/mandelbrot viewer from the early 90's. And I'm definitely going to still be waiting for someone to top theorem from 1990.

Re:Obfuscated code contests?

[erasmus_]

Of course it is silly, but why should it be counterproductive? It acknowledges that complex and obfuscated code does get created, so we might as well have fun with it. You don't say crossword puzzles are bad for encouraging word mangling, or that belly flop contents encourage overeating, do you? Lighten up :)

What was the point?

So... somebody won a contest. The percentage of Slashdot readers who might actually *know* a winner are probably miniscule. The character of the entries is unknown. There's no source code yet. In fact, to other than the 16 people who won, the losers, and their close personal friends... what's the friggin point of posting this to slashdot NOW? And they were all notified in e-mail anyway.

Try again when there's something to *see*.

Re:What was the point?

[RetroGeek]

percentage of Slashdot readers who might actually *know* .... are probably miniscule

As opposed to posting as an AC?

what's the friggin point of posting this to slashdot NOW?

You should ask......

Sigh

[martissimo]

i guess my obfuscated version of Hello World didnt win again!

10 minutes later and it's already /.

[LuxuryYacht]

Looks like this site is now the winner of todays International Obfuscated Website Contest due to the /. effect.

.

Re:10 minutes later and it's already /.

[Fweeky]

> International Obfuscated Website Contest

Good idea. There are so many technologies that could be used in a way that obfuscates sites; Flash, JavaScript, DHTML, tables, tag soup, box model abuse etc; unfortunately I suspect some existing and popular sites may well prove too hard to beat.

Still, could serve as a nice ironic way to point out why avoiding and abusing standards is Bad[tm].

Re:10 minutes later and it's already /.

[WetCat]

For example:

http://www.teleportacia.org

Or http://art.teleportacia.org

Net.Art ...

Re:Obfuscated code contests?

[Jesse+Duke]

You're missing the point. From the IOCCC website :

To write the most Obscure/Obfuscated C program under the rules below.

To show the importance of programming style, in an ironic way.

To stress C compilers with unusual code.

To illustrate some of the subtleties of the C language.

To provide a safe forum for poor C code. :-)

If you use gcc, you probably have benefited from fixes of bugs those programs have helped uncover.

Re:Obfuscated code contests?

Is it really a good idea to have contests like this which encourage slovenly, inscrutable, and altogether unmaintainable coding?

Actually, its easy to write bad code which is hard to read, but much much hard to write code that is intentionally convoluted (and still functions). This contest gets some of the most knowledgable programers both submitting and reveiwing the code, so it ends up with code that is logically and syntactically far more twisted than an average bador lazy programmer could come up with.

Re:Obfuscated code contests?

[brennan73]

Yeah! I said the same thing when they started giving out awards for the worst academic prose. But no one listened, and now there are hordes of people going into philosophy and English just to win prestigious awards for terrible prose. And don't get me started on the Razzies, which have clearly encouraged intentionally poor filmmaking. I mean, why would you purposely award bad things? Oh, the humanity!

GPL Abuser WINS the IOCCC CONTEST!

GPL ABUSER has WON the IOCCC CODE CONTEST!

I'm still waiting for the FORTRAN contest

[LM741N]

In that one the goal is to unobfuscate any code, I mean any at all that has ever been made in the last 40 years.

Re:I'm still waiting for the FORTRAN contest

[TeknoHog]

Your comment is weird and senf-contradictory in the light of your homepage. FORTRAN has a fairly clean syntax because it uses newlines and XX ... END XX statements instead of semicolons and braces. Not much unlike Python. Surely you jest.

Secret Society

[maddugan]

Is there a secret society of Grand Master programmers that use the results of this contest to test new initiates? Using only a ball of twine, a gumdrop, and a used stamp, with ten minutes on the clock, they are asked what the source code would do. Correct answers gain entry, will failed responses fate the initiate to forever program in JavaScript (or maybe VB).

Because everyone knows, grand master programmers don't need comments.

I just wish I didn't work with grand master wannabes.

Re:Secret Society

[Aaaaaargh!]

Is there a secret society of Grand Master programmers

I sense much fear in this one. Train you, I cannot.

Re:Obfuscated code contests?

[CJ+Hooknose]

it seems that enough people generate obfuscated code unintentionally that having a contest to encourage this sort of thing is silly and counterproductive to the advancement of programming techniques. I just hope the people who enter this contest are a bit cleaner coders when they have real work to do!

Creating the immense amount of obfuscation seen in these code snippets requires a great deal of skill, and the people who enter this contest definitely don't code like that in the course of their normal work. (Creating code like that takes too much time, and 2 of the main programmer virtues are "laziness" and "impatience".)

Part of the Linux kernel's oddness is caused by the fact that it's a kernel. Parts are in assembly (stuff under arch/ , and possibly some device drivers) and there are more "goto"s than one might like. These are there for efficiency. Speed is much more critical in the kernel than it is in userspace, since functions may be called while another part of the kernel is holding a spinlock, etcetera.

Also, many of the IOCCC entries become much more legible if you run "gcc -E ioccc.c > preprocessed-ioccc.c && indent preprocessed-ioccc.c" . A fair number of them rely on Fancy Preprocessor Tricks to achieve maximum obfuscation. HTH,

Re:Did Microsoft enter this year?

[chongo]

We (the judges) don't look at who submitted the entries that did not win, so we could not tell you.

There was the Bill Gates award that was given out back in 1993.

On a slightly related topic, one can use the Best Utility from 1998 to pootify Microsoft's web site for better reading. :-)

Re:Obfuscated code contests?

[saarbruck]

Is it good to have eating contests where people send themselves to the hospital? Is it good to have contests like the World's Strongest Man? Or how about Mr. Puni-verse? Is it good to have contests like the Olympics?

I'm just poking fun here, but my point is: Competition is part of human nature. No matter how worthwhile, odd, unhealthy, or just plain crazy. I can't think of anything we don't compete for or about, somewhere in some culture.

I see your point, that when bad behavior is glorified, more people will behave badly, but intellect will never fully triumph over human nature (i.e., we'll never become Vulcans. But that's a good thing).

It has been done

[EggplantMan]

... without just appearing to be in another language, but actually being so. Take a look here . Genius or travesty?

To Fill In Those Who Are Slashdotted

[Peridriga]

The winner on this years contest is Microsoft for their submission of

Microsoft Corporation End User Agreement

Contributed by an anonymous user.

Re:To Fill In Those Who Are Slashdotted

[rant-mode-on]

Hang on, isn't there a rule that says each entry has got to be workable?

GPL?

[gorehog]

Since this code is obfuscated I guess the GPL does not apply to it?

Re:GPL?

The GPL explicitly defines source code as the preferred form of a program for modifying it.

To find out whether the gobbletygook you distribute is source code or not is simple: if you normally add features to the program by editing the gobbletygook, it's source. If you instead edit the stuff that you compiled to gobbletygook and then recompile it, then the stuff you distributed isn't source and it's a clear-cut GPL violation.

Re:GPL?

[TheAwfulTruth]

Heh, if there were an obfuscated liscence contest the GPL would be the all-time winner! :)

Re:Obfuscated code contests?

I just wanted to clarify that obfuscated code is very different from bad code. Your vanilla variety bad code is not interesting, nor really clever, and generally not actually obfuscated. The point is to hide the intentions of the program; it's more about smoke and mirrors than confusion. For example, using ACII codes to represent text might be confusing, but you haven't really hidden anything. Now, writing a program that looks like it's calculating PI (or something) while actually the number that kinda looks like PI is the concatenation of ASCII codes for a program that actually calculates PI (or whatever) might be obfuscated. The apparent purpose of the code cleverly hides the real purpose. Really, the contest winners are more obfuscated algorithms than obfuscated code, which makes it a whole bunch more interesting. Take a look at some of the contest winners sometime, it can be a lot of fun. And therein lies the point of having the contest!

Silly

[The+Sojourner]

If you use gcc, you probably have benefited from fixes of bugs those programs have helped uncover.

When I say I'm not much of a programmer, I mean that I'm not a programmer at all :-) I don't use gcc, but if this contest has helped to improve it, then maybe I was wrong about it. Thanks for pointing that out to me!

This is so cruel...

[tunah]

We expect to release the source code around mid April 2002

To quote Homer: 40 seconds? But I want it NOW!

Any of the winners care to link to their source? (Obviously nothing would get past the lameness filter ;-)

An old anecdote

[frozenray]

Every time I hear about the IOCCC I'm reminded of this old anecdote:

The highlight of the annual Computer Bowl occurred when Bill Gates, who was a judge, posed the following question to the contestants:

"What contest, held via Usenet, is dedicated to examples of weird, obscure, bizarre, and really bad programming?"

After a moment of silence, Jean-Louis Gassee (ex-honcho at Apple) hit his buzzer and answered "Windows."

Mr. Bill's expression was, in the words of one who was there, "classic."

(source)

Re:An old anecdote

[frozenray]

This dates back to at least 1993 (link), I don't remember if video recorders had even been invented back then ;-)

I've never ran across a video of this ACB episode, so the whole thing could be just a rec.humor.funny joke. But as they say in Italy, "Se non è vero è ben trovato" (it might not be true, but it's good anyway).

By the way, at least one guy at Microsoft seems to have a sense of humor: see this page. Here's another good one I found there:

From: johnny99@sydney.dialix.oz.au
Two computer people discussing those old stories about Bill Gates' name adding up to 666 in ASCII:

``I hear that if you play the NT 4.0 CD backwards, you get a satanic message.''

``--That's nothing. If you play it forward, it installs NT 4.0!''

Re:Obfuscated code contests?

[jonathanjo]

* To write the most Obscure/Obfuscated C program under the rules below.
* To show the importance of programming style, in an ironic way.
* To stress C compilers with unusual code.
* To illustrate some of the subtleties of the C language.
* To provide a safe forum for poor C code. :-)

Kind of like Web Pages That Suck: Where you learn good Web design by looking at bad Web design.

winning entry

#include <stdio.h>
#define S(s)char x[]=#s;s
#define Q(x)x
#define A(x,y)y##x
#define B(x,y)A(y,x)
#define C(x,y)B(y,x)
#define Z(s,t,u)case s:if(*p!=32){t;}else{u;}break;
S(B( A( a ,m ),A(n ,i))() {B (A(h,c ),A(r ,a ))*p=x ;B(A( n, i),t)t
=0;B(A(n , i),t)s =0;B( f ,A(r, o )) (;*p;Q( p)++){C( B( A(c,t) ,h),B(A(
w, s),i))( s){ Z( 0,t+=8 *8-00 ,s ++)Z( 1,t+= 8 ;,s++ )Z
( 2, t++ ,putchar(t-73);t=s=0)}}})

Re:winning entry

[n8twj]

that is a teaser..it says not an offical entry

Look out of your good eye next time

Obfuscated Wok Contest

[ZiZ]

I believe that one of the entries:

Best Abuse of User: Edward Rosten (England) - Greasy mouse

also qualifies for the Iron Chef competition. Or am I alone in thinking that Greasy Mouse sounds like some sort of England variant on Chinese/Indian cookery? *grin* (I can't wait to see this entry. I love the Abuse of User programs...)

Heads up potential employers.

[sinserve]

The contributors, winners, judges and just about
anyone who has anything to do with IOCCC, should
be in your "not to hire" black-list.

Unless you want your project to be implemented as
a self-printing pelindromic asciiz, that has a built in tetris.

--

An easy way to do it in python

[Cheetah86]

You can make python have curly brackets for sections of code, just comment them out:

if x==z: # {
print y
x+=z
# }

(I can't get it to indent properly, everytime I hit tab IE goes to another part of the form)

Re:Obfuscated code contests?

[Mister_IQ]

And of course, let's not forget The Bulwer-Lytton Contest.

The 1996 Winner, my favorite sentence of all time:
"Ace, watch your head!" hissed Wanda urgently, yet somehow provocatively, through red, full, sensuous lips, but he couldn't you know, since nobody can actually watch more than part of his nose or a little cheek or lips if he really tries, but he appreciated her warning."

Re:Obfuscated code contests?

[ChadN]

When I was learning C, years ago, I came across these contest entries (this was probably around 1989). I learned a LOT (!!) from these pieces of code. Many of them are staggering in their cleverness and produced many "Aha!" moments when I thought about them. If I were teaching a C course, I would definitely use these as examples (later in the course).

Anonymous 4

[Dr.+Awktagon]

• Worst driver

Anonymous 4 (USA) - A driver game

Hey, I didn't know Anonymous 4 did programming too?

Har har. Anyway, compared to today's high-level languages, C is boring. Let's see some obfuscated Ruby programs.

Re:Anonymous 4

[cheezehead]

Let's see some obfuscated Ruby programs.

Or obfuscated perl scripts. Oh, wait a minute...

Re:Anonymous 4

[Fweeky]

> Let's see some obfuscated Ruby programs.

From Tomasz Wegrzanowski ([ruby-talk:30377]):

$\=(?c??d:?e).chr+%Q%\n%;$,=%q=o, =;;%q{leHrow}=~/(...)(...)/;print [$1,$2].map{|l|l.reverse+%q|l|}

Showing the more Perlish side of Ruby.

I recall seeing one that calculated Pi with code of a similar quality too, along with a few quines, although I'm yet to seen an obfuscated one.

Re:Obfuscated code contests?

[Shiny+Metal+S.]

I'll admit I don't know much about computer science, but I do know that it's important to keep your code clear, well-documented and easy to understand.

Well, unfortunately it's not always that simple. Let's take the Shiny Metal Brute Force Crypt Cracker v3.1.9 as an example. It can crack every single password encrypted with crypt(3) containing 1 to 8 lowercase latin letters. It uses a sophisticated cryptoanalysis method, which scientists call the "Brute Force". Its main purpose is to hide domain of my electronic-mail address from spammers (see my bio). Here's the source code:

#!/usr/bin/perl
#
# Shiny Metal Brute Force Crypt Cracker v3.1.9
#
# Copyright (C) 2001,2002 shiny@key.salt (shiny@output)
# http://slashdot.org/~Shiny+Metal+S./
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General
# Public License along with this program;
# if not, write to the Free Software Foundation, Inc.,
# 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
#
$x=substr$q,q,0,,q,2,if$q=q,plfeY04jaJnYI,;for
(++$_..$_<<3){qq,$q,eq crypt$_,$x and die
qq,$_.$x,for q,a,x$_..q,z,x$_}

As you can clearly see, the main algorithm used in this program (in the main loop) is able to always find every password (from the 1-8 lowercase latin characters set) but what does it mean? I had to use strong cryptography, because otherwise my electronic-mail address could be harvested by spambots (and therefore be used to perform unsolicited commercial mass mailing), but it also means, that this algorithm could be used to crack passwords from your /etc/passwd (or even from /etc/shadow), which usually contain passwords encrypted with crypt(3) and this could compromise the whole system security (imagine hackers having unlimited access to your PC). It's a very dangerous problem. Most of password cracking tools use the, so called, "Dictionary Method" to guess passwords, which mean that you're safe as long as you have a password like "wmctsbvg" or "obwhdrle" or even "awxolfrk", but this program will guess such passwords. My point is, that it can be to dangerous to publish a clear and well documented source code to such a dangerous tool. It could be used by one of many underground hacker groups, like the famous Script Kiddies, who don't even care that reverse engineering of this code is illegal under the DMCA. Fortunately, this program was written in Perl, which was found to be the only language, with mathematically proved possibility of secure one-way obfuscating (also known as WOL - "write only language", or WORN paradigm - "write once - read never"), so it is impossible to reverse engineer. The situation will be even improved when Perl 6 is released (read Apocalypse I, Apocalypse II, Exegesis II, Apocalypse III, Exegesis III and Apocalypse IV for a good introduction to this subject). That way, people can still use crypt(3) to encrypt their passwords, with no fear that hackers know how to crack them, the crypt(3) encryption method is as secure as before. When this program will be rewriten in Perl 6, the crypt(3) method will be actually even more secure than before, thanks to the strong source code obfuscation method. I hope I explained where the obfuscated code can be useful, but this is only one example, I'm sure there are many places where the good old obfuscation will be priceless for many decades. If you have any additional questions, feel free to contact me.

Re:Obfuscated code contests?

[TheAwfulTruth]

Actually, using gcc's built in C language extensions for dubius kernel hacks you should REALLY be able to show off some obfuscated C. Runtime dynamic "static" stack arrays anyone?

Re: Fear of reprisal

[Dark+Coder]

I bet the guy is afraid to get fired for not working on the job ;-)

Nonsense.

[cduffy]

It takes real skill to build good intentionally obfuscated C, and the folks who can do so effectively can generally write very clean C as well. The people who unintentionally create code that looks like a potential entry... now, they're to be watched for.

Re:Nonsense.

[cheezehead]

Sorry, but most of the winning entries (at least of previous years) consist of a whole heap of #defines and numbers formatted as ASCII art. That does not take skills that are useful in real life, just a whole lot of time on your hands.

Re:Nonsense.

[cduffy]

It implies knowledge of the preprocessor (which all too many "C programmers" don't have), and of what exactly the parser will accept; the X ones tend to use raw Xlib (which most lameos don't deal with well); and most important of all, a certain level of creativity is required to come up with a good one, and good problem-solving skills are needed to make them Work Right. (See the Makefile / shell script / C program for a simple example -- I'd put money that your average grad with a CS degree couldn't do that if asked).

The bad news...

[miracle69]

The winners will be notified by Obsfucated Email guised as spam.

Re:Obfuscated code contests?

[leob]

Incidentally, one of the IOCCC winners (Brian Westley) had a (dishonorable) mention in the Bulwer-Lytton contest in 1999; namely, for the following:

"So far this year, Cary Yamanaka's skill in karate had netted him three trophies--two bowling, one golf."

My perl is not as grand as it once was...

[Chloe+Dubois]

...but I do not think that perl is the "Write Once, Read Nowhere" langue you make it out to be ^_^ Just for a little fun, I thought I'd try out my rusting perl tricks and unroll your silly script.

$crypt = "plfeY04jaJnYI";
$salt = substr $crypt, 0, 2;
for($i = 1; $i <= 8; ++$i) {
foreach(('a' x $i) .. ('z' x $i)) {
if($crypt eq crypt($_, $salt)) {
print "key $_, salt $salt\n"; exit 0;
}
}
}

Not very difficile, Mister shiny@rfl.pl, but I shall compliment you for at least trying to obfuscate with the silly "q//" perl operateur ^_^ For those who are onlooking, here is a short explanation of how his original code works:

$x=substr$q,q,0,,q,2,if$q=q,plfeY04jaJnYI,;

Firstly, one must recall that the q// operateur works with any delimiteurs, including the virgule (,). One need only replace q,<x>, with 'x' to see that the code becomes:

$x = substr $q, '0', '2', if $q = 'plfeY04jaJnYI';

Since perl automatically changes the strings into numbres, it is really substr $q, 0, 2 which extracts the salt from the crypt hash. The last virgule between the 2 and the if is just a ruse, since substr only uses three arguments ^_^
The "if" statement is another ruse; suffixed "if" is in fact called before the condition of the "if" statement, and he uses this to initialise $q apparently after it's been first used. The above code is in fact equal to this:

$q = 'plfeY04jaJnYI';
$x = substr $q, 0, 2;

And it makes itself apparent that $q is the crypt hash (henceforth called $crypt) and $x is the salt ($salt).

for (++$_..$_<<3){...}

Now you are just being silly :-) $_ is not used yet and thus is 0, and ++0 is of course 1. 1<<3
is 8. So the above is just a simple for loop:

for($i = 1; $i <= 8; ++$i) {...}

Which not only looks simpler, but runs faster too ^_^

qq,$q,eq crypt$_,$x and die
qq,$_.$x,for q,a,x$_..q,z,x$_

This one's a bit tricker, but still not very difficile. One must simple look at the end where there is another "for" loop, once again overusing the q// operateur. This causes the $_ within the loop to be local and of a different value than the $_ outside of the loop (which we have renamed to $i for clairitie). Hence the loop morphoses itself to (with parentheses added for easier reading):

foreach(('a' x $i) .. ('z' x $i)) {
$crypt eq crypt($_, $salt) and die "$_.$salt";
}

The "and die" bit just is taking advantage of the short-circuit boolean operateur système. The "die" only is executing when $crypt (the origin hash) and the encrypted form of the current guess are equal, in which case the key has been found and we quit ^_^ I changed it to a nicer looking "print" statement for further clairitie.

Hopefully that wasn't too difficile to follow, my english is not perfect. Just remember, Mr. shiny@rfl.pl, no langue is completely impenetrable (except perhaps Intercal, but that's a small bit pathological :-)

Re:My perl is not as grand as it once was...

[Shiny+Metal+S.]

...but I do not think that perl is the "Write Once, Read Nowhere" langue you make it out to be ^_^

My post was actually a joke (I'm surprised that someone has moderated it as Troll! If that moderator thought I don't like Perl, he/she obviously hasn't read my code...) and this was a parody for Java's "write once, run everywhere".

Just for a little fun, I thought I'd try out my rusting perl tricks and unroll your silly script.

You're a first person I know about, who was ever interested in understanding this code. This is my original, clean version:

$c = 'plfeY04jaJnYI';
$s = substr $c, 0, 2;
for $l (1..8) {
for ('a' x $l .. 'z' x $l){
if($c eq crypt($_, $s)) {
print "$_.$s\n";
exit;
}
}
}

I'm amazed, that your code is almost identical, congratulations! I like this program, because looking at it (the clean version) it's impossible to know how long it would take to get the result. For example your domain voila.fr would be written if $c was frmHZ0u6Ne2HQ but it takes about an hour to crack on my machine, while my domain in plfeY04jaJnYI is cracked in only 4 seconds. It would take over 2 years and 7 months to crack this xxFHuIaD7CdpI, which is the worst case, zzzzzzzz, the last key guessed by my program. So, the average time for guessing random keys (containing 1 to 8 lowercase letters) is over one year!

If you want to see a really good password cracking program, check out Alec Muffett's great and famous Crack. It's really great, especially when you have good dictionaries. If you want to check if your password is easily cracked by Crack, you can use Alec Muffett's CrackLib. Check out my online Password-Guessability-O-Meter, I wrote it some time ago to demonstrate to one of my clients how does the CrackLib work. You just enter your desired password, and it tells you if (and why) it is easy to guess, using English, Polish, Czech, French and Latin dictionaries.

I use CrackLib for online registrations CGI scripts etc. so users can't have silly and easy to guess passwords. It can also be used with passwd program. Great library, and easy to use (there's Crypt::Cracklib Perl interface), but may be quite difficult to set up for the first time.

Not very difficile, Mister shiny@rfl.pl, but I shall compliment you for at least trying to obfuscate with the silly "q//" perl operateur ^_^

Thanks. :) I like it too. That's the most recent obfuscation, if I remember correctly. When I started to experiment with q// using q,x, and q.x. and q;x; etc. I was even trying to use something like this:

$q=q,p,.q,l,.q,f,.q,e,.q,Y,.q,0,.q,4,.q,j,.q,a,.q, J,.q,n,.q,Y,.q,I,;

(in one line and with no spaces) but it looks terrible, as you can see.

The "if" statement is another ruse; suffixed "if" is in fact called before the condition of the "if" statement, and he uses this to initialise $q apparently after it's been first used. The above code is in fact equal to this:

$q = 'plfeY04jaJnYI';
$x = substr $q, 0, 2;

Yes, this is exactly the original code, and this is exactly the way I was thinking. You're very good. :)

And it makes itself apparent that $q is the crypt hash (henceforth called $crypt) and $x is the salt ($salt).

The original variables were $c and $s, I changed them to $q and $x for easy mistakes with q// quoting and x repetition operator.

for (++$_..$_<<3){...}

Now you are just being silly :-) $_ is not used yet and thus is 0, and ++0 is of course 1. 1<<3 is 8.

:) 1..8 looked just to clear and simple... And that way I have 3 independent values of $_ variable (i.e. the original global $::_ is two times localized) in 3 nested scopes (main program, outer loop and inner loop), which makes it more interesting.

for($i = 1; $i <= 8; ++$i) {...}

Which not only looks simpler, but runs faster too ^_^

Actually in newer versions of Perl, the foreach loop is faster than the C-style for loop. See perlop manpage: Range Operators and perlsyn manpage: Foreach Loops.

I just run this benchmark:

#!/usr/bin/perl -w

use Benchmark;

sub s1{ for ($i = 1; $i <= 1_000_000; ++$i) { } }
sub s2{ for (1 .. 1_000_000) { } }

$t1 = timestr timeit 100, \
$t2 = timestr timeit 100, \

print "1. $t1\n2. $t2\n";

and with Perl 5.6.1 I got this results:

1. 103 wallclock secs (87.77 usr + 0.15 sys = 87.92 CPU) @ 1.14/s (n=100)
2. 60 wallclock secs (51.93 usr + 0.04 sys = 51.97 CPU) @ 1.92/s (n=100)

But in my code this loop has only eight iterations, where the 8th one takes two years, so the loop control overhead itself doesn't really matter here. The inner loop is more important but crack() function takes most of the time, anyway.

Older versions of Perl (I don't know which exactly) created a temporary array for the range operator in foreach loop, so the code like:

for (1 .. 1_000_000_000) { ... }

could easily take all of the memory, but now it's fixed. Fortunately, it doesn't create a temporary array any more, and it's highly optimized, so it's safe to use it now for large ranges.

The "and die" bit just is taking advantage of the short-circuit boolean operateur système. The "die" only is executing when $crypt (the origin hash) and the encrypted form of the current guess are equal, in which case the key has been found and we quit ^_^ I changed it to a nicer looking "print" statement for further clairitie.

Yes, there were print and exit in the original version. You have exactly reconstructed my way of thinking. Well done. :)

I think you're very good, really. Most of people have no idea how to analyze such obfuscated code. Actually I'm quite disappointed that decrypting my code was so easy for you... :)

I'll tell you why and how I wrote this program. I was inspired by this code:

#!/usr/bin/perl
@a=(Lbzjoftt,Inqbujfodf,
Hvcsjt); $b="Lbssz Wbmm"
;$b =~ y/b-z/a-z/ ; $c =
" Tif ". @a ." hsfbu wj"
."suvft pg b qsphsbnnfs"
. ":\n";$c =~y/b-y/a-z/;
print"\n\n$c ";for($i=0;
$i<@a; $i++) { $a[$i] =~
y/b-y/a-z/;if($a[$i]eq$a
[-1]){print"and $a[$i]."
;}else{ print"$a[$i], ";
}}print"\n\t\t--$b\n\n";

and few JAPH signatures. I wanted to write a small program, that it would be impossible to tell what it writes, until you run it. Most of such programs are very obfuscated but after enough work you can usually find the printed message, without running them. So I thought that the message could be ciphered using some one-way alghoritm, like crypt(3) or MD5, and the code would just brute-force crack it. That way it's really impossible to tell what the message is, until you run the code. The code itself only cracks, but doesn't know what is being cracked and when it finishes. Using crypt(3) had this advantage, that it has 2-character salt, which can act as country code in domain name.

So I wrote the first working version and started to make it as small as possible. Originally it didn't have to be obfuscated, just small. This is the smallest version I've written so far:

$c='plfeY04jaJnYI';$s=substr$c,0,
2;for(1..8){for('a'x$_..'z'x$_){
die"$_.$s\n"if crypt($_,$s)eq$c}}

with 98 characters. But today I shrinked it some more, to 93 characters:

$c='plfeY04jaJnYI';$s=substr$c,
0,2;for(1..8){$c eq crypt$_,$s
and die"$_.$s"for'a'x$_..'z'x$_}

and few minutes ago (while I write this comment!) I found a better idea and wrote this:

$c='plfeY04jaJnYI';$s=substr$c,0,2;$k=
'a';$k++while$c ne crypt$k,$s;die"$k.$s";

which having only 79 characters is my record so far (thanks to Perl's magical auto-increment operator) and finally fits in one line!

Hopefully that wasn't too difficile to follow, my english is not perfect.

Your english is OK, don't worry. Actually, I like the way you use French spelling for some words, like difficile. It's like a French accent in written text, very nice in my opinion.

Just remember, Mr. shiny@rfl.pl, no langue is completely impenetrable (except perhaps Intercal, but that's a small bit pathological :-)

Good point. :) I wonder if these guys tried Intercal when proving the impossibility of obfuscating programs... I personally like Unlambda and Brainf***.

This Unlambda program "calculates and prints the Fibonacci numbers (as lines of asterisks)":

```s``s``sii`ki
`k.*``s``s`ks
``s`k`s`ks``s``s`ks``s`k`s`kr``s`k`sikk
`k``s`ksk

I wanted to show a Hello world example of Brainf***, but I got this error:

Lameness filter encountered. Post aborted!
Reason: Please use fewer 'junk' characters.

Visit Esoteric Topics in Computer Programming, great stuff if you want to go mad.

You like Perl, so if you know Inline::C and Inline::CPR (if you don't, read Pathologically Polluting Perl by Brian Ingerson) you may enjoy understanding this code:

#!/usr/bin/cpr
int main(void) {
CPR_eval("use Inline (C => q{
char* greet() {
return \"Hello world\";
}
})");
printf("%s, I'm running under Perl version %s\n",
CPR_eval("&greet"),
CPR_eval("use Config; $Config{version}"));
return 0;
}

It's great, once you really understand it.

Are you up to date with Perl 6 development? It's going to be great and extremely powerful language. Read Larry Wall's Apocalypses and Damian Conway's Exegeses if you're interested:

• Apocalypse 1: The Ugly, the Bad, and the Good (April 2, 2001)
• Apocalypse 2: Fundamental data types, variables and the context and scoping of the language (May 3, 2001)
• Exegesis 2 (May 15, 2001)
• Apocalypse 3: Operators (October 2, 2001)
• Exegesis 3 (October 3, 2001)
• Apocalypse 4: Syntax (January 18, 2002)

It's my favorite language already, and it's not even fully designed yet.

Re:Obfuscated code contests?

[Coppit]

If you use gcc, you probably have benefited from fixes of bugs those programs have helped uncover.

If one of my programs triggers a bug that these programs do, it's time to toss it and try again. ;)

wouldn't it have been better...

[IanA]

to not post this until source was released?

Re:Obfuscated code contests?

[EnderWiggnz]

bleh... you're sick.

teach people that "goto" can be very useful and a part of beautiful code, and i'd be happy.

Re: Fear of reprisal

[antijava]

A friend of mine was bored at work one day and did something similar.

He wrote (in raw machine code) a program to uudecode a text file. If that wasn't impressive enough, he limited his op-code usage to only bytes that had a text representation (32-127), so you could simply paste some text at the begging of the uuencoded data, rename it to foo.com and run it!

He's one of the few truly amazing programmers I have met.

Re:Obfuscated code contests?

[Peridriga]

I'm sorry... If I were mod'ing I woulda got ya up... I got + 4 right know for a shitty "Funny" post... and you post in a very informed and intellectual manner and you've been modded down to 0....

My personal sorry.... For whats it's worth... I woulda modded you up... Just let your Karma Suffer for now...

interesting tidbit

[cybercuzco]

I live with the winner of the small program category. He does programming contests "for fun" In his own words "I dont remember how it works anymore"

Compiling Oneself?

[Webz]

I can't find the post on /. that already explained this, but since I'm not a programmer...

What, again, is the point of a program that can compile itself? (see Best Abuse of the Rules winner)

Re:Compiling Oneself?

[leob]

If you have a compiler that can compile itself,
you do not need anything else to keep developing the compiler.

updated list of who won

[chongo]

We have had 3 winners convert to non-anonymous status. The list of recent winners is now:

Best of Show

Jason Orendorff (USA) - An Adventure-like game

Most likely to amaze

Anonymous (Great Britain) - x86/ELF dynamic binary translator

Best abuse of the rules (Most complete program)

Fabrice Bellard (France) - A C subset programming system for x86 that can compile and execute itself

Best X11 Game

John Williams (USA) - Missile Command

Best Short Program

Raymond Cheong (USA) - Arbitrary precision square root

Best position-independent code

Brian Westley (USA) - A punch card printer/sorter

Best Abuse of CPP

Immanuel Herrmann (Germany) - A Turing machine

Best Abuse of User

Edward Rosten (England) - Greasy mouse

Best One-Liner

Jens Schweikhardt (Germany) - A shell glob matcher

Best curses Game

Kevin Pulo (Australia) - A Pong-like game across network

Most eye-crossing

Immanuel Herrmann (Germany) - A SIRDS-shaped SIRDS generator

Most obfuscated sound

Pierre-Philippe Coupard (USA) - A talking clock

Best primal ASCII graphics

Nicolas Ollinger (France) - Prints primes with a sieve graph

Best AI

Doug Beardsley (USA) - A suicide chess program

Worst driver

Chris King (USA) - A driver game