Login or Register to Ask a Question and Join Our Community


Programming

Obfuscate'ing a.out ... ???

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Top Forums Programming Obfuscate'ing a.out ... ???
# 1  
Old 05-30-2010
Obfuscate'ing a.out ... ???
Hi all,

I've search the forums regarding posts similar to this already but can't find the suitable response. Am actually looking for something very trivial I think. I just want to mask/obfuscate the a.out file and run it like a normal UNIX program. I've look at gpg and encryption but it requires a pass phrase which is not possible if I want to run the program via a cron job.

Any advise will be very much appreciated. Note that the code below is just an example. I suppose am looking for someting like a Base64 encoder/decoder kind of thing that some PHP sites uses so that the PHP codes are still runnable but the visitors does not see the actual PHP codes.

Thanks in advance.

Code:
#include<stdio.h>

main()
{
   /* system("monitor_standby_physical.sh"); */

  system("sqlplus system/oracle@test");
}

strings a.out:

Code:
/lib64/ld-linux-x86-64.so.2
_Jv_RegisterClasses
__gmon_start__
libc.so.6
system
__libc_start_main
GLIBC_2.2.5
sqlplus system/oracle@test

Last edited by Scott; 05-30-2010 at 08:27 AM.. Reason: Fixed code tags - [code][/code], not <code></code>
# 2  
Old 05-30-2010
Put that in the oracle crontab, place a.out (owned by oracle) with 700 protections in an oracle owned directory. Embedded passwords in code are always a problem.

Another choice is embed an encrypted passwd and decode it during runtime. And as long as the executable is in a protected directory with correct protections it will be reasonably safe.

If the oracle directory tree is wide open, you have so many other security problems, this one doesn't matter.
# 3  
Old 05-30-2010
You can also build the string one character at a time:

Code:
    char command[ 28 ];
    command[ 0 ] = 's';
    command[ 1 ] = 'q';
        .
        .
        .
    command[ 27 ] = '\0';

Of course, anyone on the server who runs a "ps" command will see your password anyway....
# 4  
Old 06-02-2010
Quote:
Originally Posted by achenle
You can also build the string one character at a time:

Code:
    char command[ 28 ];
    command[ 0 ] = 's';
    command[ 1 ] = 'q';
        .
        .
        .
    command[ 27 ] = '\0';

Of course, anyone on the server who runs a "ps" command will see your password anyway....
Good point...though, I'm not the OP...so maybe that doesn't matter to him. I wonder if you can restrict ps somehow....?
# 5  
Old 06-02-2010
If your system supports acl's you can limit ps that way. Or put users in a chroot jail.

Basically, if you want to protect an application password the way the OP wants to use one, you really should not let users get to the unix prompt.
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

UNIX fun stuff - echo and dc - obfuscate/garble a string sort of

Hi, Humorous UNIX Commands shows a fun way of using echo and dc to sort of obfuscate a string. % echo 'sasb3135071790101768542287578439snlbxq'|dc GET A LIFE! I am just wanting to know if there is a way to sort of use dc and echo to print out an obfuscated/garbled string instead... (3 Replies)
Discussion started by: newbie_01
3 Replies

2. Programming

How to hide from UNIX strings - obfuscate or hide a literal or constant?

Hi, I need to somehow pipe the password to a command and run some SQL, for example, something like echo $password | sqlplus -s system @query01.sql To make it not so obvious, I decided to try out writing a small C program that basically just do echo $password. So now I just do x9.out | sqlplus... (8 Replies)
Discussion started by: newbie_01
8 Replies

3. UNIX for Dummies Questions & Answers

Help with awk'ing formatting this

Hi, I have a file below that I am wanting to awk. The lines of relevance are lines 7 and 9 $ nl /tmp/x 1 ADRCI: Release 11.2.0.3.0 - Production on Sun Jun 23 17:01:02 2013 2 Copyright (c) 1982, 2011, Oracle and/or its affiliates. All rights reserved. 3 ADR base =... (2 Replies)
Discussion started by: newbie_01
2 Replies

4. Solaris

Zones - NAT'ing

Hi gurus. Not such a problem, more of a proof of concept. Ive got two zones :- database-1 and database-dr-1 on two different servers. Both zones have different ip addresses. I want to copy the whole zone database-1 over to database-dr-1, which is simple enough, but I want to install... (0 Replies)
Discussion started by: sbk1972
0 Replies

5. Shell Programming and Scripting

grep'ing and sed'ing chunks in bash... need help on speeding up a log parser.

I have a file that is 20 - 80+ MB in size that is a certain type of log file. It logs one of our processes and this process is multi-threaded. Therefore the log file is kind of a mess. Here's an example: The logfile looks like: "DATE TIME - THREAD ID - Details", and a new file is created... (4 Replies)
Discussion started by: elinenbe
4 Replies

6. UNIX for Dummies Questions & Answers

vi'ing with cron

I am familiar with cron, and vi, but i need to make a change to my /etc/hosts file, and would like to schedule it. Not sure how to run vi inside of cron. (4 Replies)
Discussion started by: trjones89
4 Replies

7. UNIX for Dummies Questions & Answers

tar'ing and zipping files

If I have a directory /directory1 and want to tar and zip everything in it into a file new_tar.tar.gz on disk (not tape) How can I do it? I tried tar -cv /new_tar.tar /directory1/* But I got an error: tar: /dev/rmt/0: No such device or address (4 Replies)
Discussion started by: FredSmith
4 Replies

8. Red Hat

ssh-ing to port 80.

i am using redhat 8.0 and trying to connect to my local port 80 to run some HTTP. i know this can easily be done with telnet localhost 80, however telnet is not running, ssh is. ssh localhost -p 80 gives me a "Connection refused" error. i've been trying to find out more information on the web,... (3 Replies)
Discussion started by: effigy
3 Replies

9. Shell Programming and Scripting

OR'ing condition in script

Hi, I have the following requirement. I am building a product on linux. The final build executables and libraries are all in different directories. I am writing a release script to collect all these final build items into a directory in /home/$USER/release. I have the following condition: ... (9 Replies)
Discussion started by: vino
9 Replies

10. Programming

fork()ing hell!!

Hello I am having serious trouble with the fork command, i basically want to create 9 or 10 child processes and store their pid numbers in array while the children stay resident until i kill() them later , i cannot seem to control how many are made as they all seem to create their own children. ... (16 Replies)
Discussion started by: theultimatechuf
16 Replies
Login or Register to Ask a Question