Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Make a password protected bash script resist/refuse “bash -x” when the password is given
Top Forums Shell Programming and Scripting Make a password protected bash script resist/refuse “bash -x” when the password is given Post 302878900 by Corona688 on Monday 9th of December 2013 12:36:07 PM
Old 12-09-2013
You cannot because, no matter how you hide it, when you run it, it will feed the complete unencrypted text into the shell. It has to, or else system() couldn't run it!

That is always the problem with rube goldberg solutions. The code will always still be there, and has to contain all the necessary steps for decrypting itself in plain, or it won't work.

Adding more hoops will not help, since they can ignore everything but the last "hoop" -- the shell.

We have been down this road many, many, many times before. There is no magic solution to keeping running code protected on a system you do not trust. Your real options remain as I gave them.
This User Gave Thanks to Corona688 For This Post:
frad
 

10 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

How to make script password protected

Hi All, I want to make my script password protected. i e: if somebody runs my script it should prompt for password. Can somebody help me in to execute the same?? Thanks in Advance :b: (11 Replies)
Discussion started by: achararun
11 Replies

2. OS X (Apple)

Bash script prompt for sudo password?

I'm making a script that will be a double clickable .command file and I need it to prompt for the users admin password. So far I have: if ]; then sudo -p "Please enter your admin password: " date 2>/dev/null 1>&2 if ; then echo "You entered an invalid password... (2 Replies)
Discussion started by: PatGmac
2 Replies

3. Shell Programming and Scripting

How to make files/folders Password protected

Any idea how to make files/folders password protected... I dont want to change the permissions of the files/folders... (1 Reply)
Discussion started by: know d unknown
1 Replies

4. Shell Programming and Scripting

Passing a MySql password from bash script

Hi all, I am running this script on Mandrakelinux release 10.1, 2.6.8.1-12mdksmp #1 SMP I have also installed 'expect' separately. I have created an Rsync script, but before any Rsync command does run, a MySql dump must be done first, and I am battling a bit to pass the MySql password from... (2 Replies)
Discussion started by: codenjanod
2 Replies

5. Shell Programming and Scripting

Best way to hide password in bash script?

Dear folks, The title of my thread says mostly all of what I want to do. Basically I want to auto-ssh to a remote host, and run a program on it (VLC is just an example). I wrote a script which calls xterm and then runs expect on it. The code is as follow #!/bin/bash export PASS="xxxxxxx"... (22 Replies)
Discussion started by: dukevn
22 Replies

6. Shell Programming and Scripting

bash script for password recovery

Hi all, I'm a complete newbie to bash scripting, although I have some experience in programming. The thing is that I have a .dmg file on my mac which I protected with a password, and now I've forgotten it. I remember the first few letters of the password and the characters that represent the... (4 Replies)
Discussion started by: sujay.jauhar
4 Replies

7. Shell Programming and Scripting

Feeding password in bash script

Hello I am doing some test. In a script I have to call a change password routine ( ldap ) which ask confirmation. This can be done from terminal. Is there a way to do something like this : #!/bin/bash # blabla blabla blabla blabla # changing_password_routine user_name... (2 Replies)
Discussion started by: jcdole
2 Replies

8. Shell Programming and Scripting

Masking Password from within a Bash Shell Script

Is there a way to mask the password inside of a script to minimize the impact of a comprimised server? So ssh -o "PasswordAuthentication no" -o "HostbasedAuthentication yes" -l testuser 192.168.3.1 "mysqldump --opt --all-databases -u root -pPassword| gzip" > $backup_dir/mysqldump.gz a... (2 Replies)
Discussion started by: metallica1973
2 Replies

9. Shell Programming and Scripting

Password check in bash script calling on expect

password check in bash script calling on expect Background: I have to copy a file from one server, to over 100 servers in a test environment. once the file is copied, it requires to have the permissions on the file changed/verified. These are all linux servers. most of them have the same... (1 Reply)
Discussion started by: 2legit2quit
1 Replies

10. Shell Programming and Scripting

Bash script for password changes help

I am super new to scripting and I am trying to create a bash script that is interactive that will change other user passwords as well as a few other thing (ie. change SMB pw, see pw expiration,lock/unlock user). I have started it by making it check to see if the username entered is in the... (2 Replies)
Discussion started by: thumbelina
2 Replies

LEARN ABOUT DEBIAN

devel::repl::profile

Devel::REPL::Profile(3pm)				User Contributed Perl Documentation				 Devel::REPL::Profile(3pm)

NAME

       Devel::REPL::Profile - code to execute when re.pl starts

SYNOPSIS

	package Devel::REPL::Profile::MyProject;

	use Moose;
	use namespace::clean -except => [ 'meta' ];

	with 'Devel::REPL::Profile';

	sub apply_profile {
	    my ($self, $repl) = @_;
	    # do something here
	}

	1;

DESCRIPTION

       For particular projects you might well end up running the same commands each time the REPL shell starts up - loading Perl modules, setting
       configuration, and so on.

       A mechanism called profiles exists to let you package and distribute these start-up scripts, as Perl modules.

USAGE

       Quite simply, follow the "SYNOPSIS" section above to create a boilerplate profile module. Within the "apply_profile" method, the $repl
       variable can be used to run any commands as the user would, within the context of their running "Devel::REPL" shell instance.

       For example, to load a module, you might have something like this:

	sub apply_profile {
	    my ($self, $repl) = @_;
	    $repl->eval('use Carp');
	}

       As you can see, the "eval" method is used to run any code. The user won't see any output from that, and the code can "safely" die without
       destroying the REPL shell. The return value of "eval" will be the return value of the code you gave, or else if it died then a
       "Devel::REPL::Error" object is returned.

       If you want to load a "Devel::REPL" plugin, then use the following method:

	$repl->load_plugin('Timing');

       The "load_plugin" and "eval" methods should cover most of what you would want to do before the user has access to the shell. Remember that
       plugin features are immediately available, so you can load for example the "LexEnv" plugin, and then declare "my" variables which the user
       will have access to.

   Selecting a Profile
       To run the shell with a particular profile, use the following command:

	system$ re.pl --profile MyProject

       Alternatively, you can set the environment variable "DEVEL_REPL_PROFILE" to MyProject.

       When the profile name is unqualified, as in the above example, the profile is assumed to be in the "Devel::REPL::Profile::" namespace.
       Otherwise if you pass something which contains the "::" character sequence, it will be loaded as-is.

AUTHOR

       Matt S Trout - mst (at) shadowcatsystems.co.uk (<http://www.shadowcatsystems.co.uk/>)

LICENSE

       This library is free software under the same terms as perl itself

perl v5.14.2							    2012-06-02						 Devel::REPL::Profile(3pm)
All times are GMT -4. The time now is 04:35 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy