shc encrypts the shell commands and arguments so that you cannot use the strings command to see what the script is doing.
If you use a disassembler and spend many hours you can resurrect the shell script.
From previous reiterations of this eternally popping up thread, I recall that it feeds the script into /bin/sh as plaintext. Might take a little fiddling with a chroot or something like strace to dump it but doesn't sound anywhere near as bad as disassembly. [edit] interesting, it pre-emptively ptrace's itself so other things can't.
Last edited by Corona688; 10-23-2014 at 12:40 PM..
Location: Saint Paul, MN USA / BSD, CentOS, Debian, OS X, Solaris
Posts: 2,288
Thanks Given: 430
Thanked 480 Times in 395 Posts
Hi.
In post #4, jlliagre suggested the only method that I can think of. Building on his suggestion, you could set the permissions of the executable to execute-only. Then, if run only on a machine where you have control over the file, no real information can be obtained. Here's an example, showing that the file can only be executed, and the system calls traced, but nothing else (and, of course, if you can't read it, you can't copy it):
$ ./s1
Environment: LC_ALL = C, LANG = C
(Versions displayed with local utility "version")
OS, ker|rel, machine: Linux, 2.6.26-2-amd64, x86_64
Distribution : Debian 5.0.8 (lenny, workstation)
bash GNU bash 3.2.39
file - ( /usr/bin/file, 2008-09-08 )
objdump GNU objdump (GNU Binutils for Debian) 2.18.0.20080103
gdb GNU gdb 6.8-debian
strace -- version 4.5.17
-----
Input c source file t.c:
#include <stdio.h>
#include <string.h>
#define VERSION "1.0"
#define PROGRAM "main"
int
main (int argc, char *argv[])
{
{ /* separate scope for version processing */
char *ver = "--version";
if (argc == 2 && (strstr (ver, argv[1]) != NULL))
{
printf ("%s %s\n", PROGRAM, VERSION);
return 0;
}
}
int j = 1;
printf (" Hello, world from c: %s, %s.\n", PROGRAM, VERSION);
while (--argc > 0)
printf ("(%d) %s%s", j++, *++argv, (argc > 1) ? " " : "");
printf ("\n");
return (0);
}
-----
Results:
-rwxr-xr-x 1 9290 Oct 23 10:33 a.out
-----
Execute only results:
---x--x--x 1 9290 Oct 23 10:33 a.out
Hello, world from c: main, 1.0.
-----
Results, attempt to read a.out with file, objdump:
a.out: executable, regular file, no read permission
objdump: a.out: Permission denied
-----
Results, debug execution of execute only file:
GNU gdb 6.8-debian
Copyright (C) 2008 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu"...
./a.out: Permission denied.
(gdb) quit
-----
Results, trace execution of execute only file, I/O calls:
open("/etc/ld.so.cache", O_RDONLY) = 3
close(3) = 0
open("/lib/libc.so.6", O_RDONLY) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\300\342\1\0\0\0\0\0@"..., 832) = 832
close(3) = 0
write(1, " Hello, world from c: main, 1.0.\n"..., 34 Hello, world from c: main, 1.0.
However, I think this is an XY problem. You want to do X, and your solution is Y: making the file unreadable. You said that you don't want others to see your code, but you have not told us why not.
From previous reiterations of this eternally popping up thread, I recall that it feeds the script into /bin/sh as plaintext. Might take a little fiddling with a chroot or something like strace to dump it but doesn't sound anywhere near as bad as disassembly. [edit] interesting, it pre-emptively ptrace's itself so other things can't.
Oh yes they can. That's almost trivial to work around. LD_PRELOAD can be used to load a library that preemptively intercepts system calls and returns what's needed to keep the obfuscated script running despite it being traced already. Worst case you can write you own kernel module that fudges the return values of system calls as necessary to keep the traced obfuscated script running.
I want to compile cryptsetup keyslot_checker , but I get error
gcc -lm -lcryptsetup chk_luks_keyslots.c -o chk_luks_keyslots chk_luks_keyslots.c:39:27: fatal error: libcryptsetup.h: No such file or directory #include <libcryptsetup.h>in FAQ they say
There is a tool that automatizes this in the... (0 Replies)
I know about bash -x, set -x and -v but disappears from Command Line Interface in fraction of second ......
I am looking for a command or script ..complies each line and shows the output after executing each line ....( similar what we have in C )
Thanks in Advance (2 Replies)
I'm trying to write a bash script and call it "compile" such that running it allows me to compile multiple files with the options "-help," "-backup," and "-clean". I've got the code for the options written, i just can't figure out how to read the input string and then translate that into option... (5 Replies)
I have just installed OpenBSD on a 333MHz PPC iMac G3. It has a 6GB HDD that has been partitioned as 1GB MacOS 8.5.1, 3GB MacOS X 10.3.9, 2GB OpenBSD 4.8. I now need to install a bootloader so that my computer can recognize the OpenBSD partition at startup. I have been trying to install... (0 Replies)
Hi there,
I have written the shell script to illustrate arithmetic operations using case command as shown below:
#!/bin/bash
echo -n "Enter any two numbers :"
read a
read b
MENU="
Select any one option
1) Addition
2) Substraction
3) Multiplication
4) Division
5) Quit"
clear
$x=0;... (5 Replies)
Dear other forum members,
I'm writing a script for my homework, but I'm scratching all over my head and still can't figure out what I did wrong. Please help me. I just started to learn about bash scripting, and I appreciate if anyone of you can point out my errors. I thank you in advance.
... (3 Replies)
Hi everybody,
I have a small opensource project http://hpaftpd.sourceforge.net (single-threaded ftp-server for heavy network traffic). It tested with FreeBSD and Linux. Can anybody try it with another Unix system? I'm interesting about HP/UX and Solaris. Thanks. (1 Reply)
Hello everybody,
I have a small opensource project http://hpaftpd.sourceforge.net (single-threaded ftp-server). It tested with FreeBSD and Linux. Can anybody try it with another UNIX system ? I'm interesting about HP/UX and Solaris. I would very much appreciate receiving any results about it.
... (2 Replies)
