Further to my shell obfuscation ideas from a previous post this is a derivative with ideas that work.
Firstly the file 'obfuscate_master.sh' is created and the access rights changed to the owner only.
It is called in ths particular case as:-
./obfuscate_master.sh 'source ./bash_verbose-substrings.shell'
Notice that $1 is __calling__ a file that does not exist yet but in this example the string can create some commands.
'echo', 'cat', and 'eval' come to mind quickly. Also note that the string is inside single quotes.
Next, the file now runs with the required data as $1 inside single quotes.
Next, two new files are created with access rights to the owner only. In my case, 'obfuscate.sh' and 'bash_verbose-substrings.sh'.
Next, the master file 'obfuscate_master.sh' is deleted as it is no longer required.
Finally, the script continues to the end although the file has now been deleted.
In ths DEMO both new files are saved into the current drawer.
From now on the file is called obfuscate.sh and in this particular case called as:-
./obfuscate.sh 'source ./bash_verbose-substrings.shell'
It goes without saying that once you have your initial variables that you can duplicate or more any or all of the characters needed on the fly.
Also you can overwrite the exisiting variables and re-arrange them in differing orders on the fly.
Also you could allocate variables to every character inside $1, something like 'xyz=${1:8:1}' for the 9th character.
This would give several of variables of the same character...
Boy oh boy what fun... ;oD
For example $1 has a whitespace in it and it is placed into sections of the obfuscated file.
Below is verbose version of the obfuscated code part.
Ensure these files don't exist before running for the first time inside your test drawer of preference...
bash_verbose-substrings.shell
obfuscate.sh
Place this file into your drawer of choice, allocate your access rights and run as previously described...
obfuscate_master.sh
Code:
# $1 autoruns a file to allocate the initial variables...
# $1 = source ./bash_verbose-substrings.shell
$1
# Notice the example _whitespace_ part of $1 placed randomly in the running section of the code, especially at the end of a line. <wink>
# eval function Ctrl_C() { echo "You can't do that... ;oD"; }
${1:5:1}${1:14:1}${1:10:1}${1:36:1}${1:6:1}$Af$Au$An$Ac$At$Ai$Ao$An$Bk$AC$At$Ar$Al$Cl$AC$Bs$Bt$Bk$Cn$Bk$Ae$Ac$Ah$Ao$Bk$Bm$AY$Ao$Au$Bk$Ac$Aa$An$Br$At$Bk$Ad$Ao$Bk$At$Ah$Aa$At$By$By$By$Bk$Ca$Ao$AD$Bm$Cb$Bk$Cp
# trap Ctrl_C SIGINT
$At$Ar$Aa$Ap$Bk$AC$At$Ar$Al$Cl$AC$Bk$AS$AI$AG$AI$AN$AT
# clear
$Ac$Al$Ae$Aa$Ar${1:6:1}
# eval name=""
$Ae$Av$Aa$Al$Bk$An$Aa$Am$Ae$Cd$Bm$Bm
# eval age=""
$Ae$Av$Aa$Al${1:6:1}$Aa$Ag$Ae$Cd$Bm$Bm
# eval printf "Enter your full name:-\n"
$Ae$Av$Aa$Al$Bk$Ap$Ar$Ai$An$At$Af$Bk$Bm$AE$An$At$Ae$Ar$Bk$Ay$Ao$Au$Ar${1:6:1}$Af$Au$Al$Al$Bk$An$Aa$Am$Ae$Ca$Bx$Ci$An$Bm
# read name
$Ar$Ae$Aa$Ad$Bk$An$Aa$Am$Ae${1:6:1}
# eval printf "Enter your age:-\n"
$Ae$Av$Aa$Al$Bk$Ap$Ar$Ai$An$At$Af${1:6:1}$Bm$AE$An$At$Ae$Ar$Bk$Ay$Ao$Au$Ar$Bk$Aa$Ag$Ae$Ca$Bx$Ci$An$Bm
# read age
$Ar$Ae$Aa$Ad$Bk$Aa$Ag$Ae
# eval printf "Hi Barry Walker, you are 64 years old.\n"
$Ae$Av$Aa$Al$Bk$Ap$Ar$Ai$An$At$Af$Bk$Bm$AH$Ai${1:6:1}$name$Bw$Bk$Ay$Ao$Au$Bk$Aa$Ar$Ae$Bk$age$Bk$Ay$Ae$Aa$Ar$As$Bk$Ao$Al$Ad$By$Ci$An$Bm
# exit 0
$Ae$Ax$Ai$At${1:6:1}$Ba
Now the master code:-
Code:
#/bin/bash --posix
for n in a b c d e f g h i j k l m n o p q r s t u v w x y z
do
eval A$n="$n"
done
for n in A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
do
eval A$n="$n"
done
num=0
for n in a b c d e f g h i j
do
eval B$n="$num"
num=$((num+1))
done
Bk=' ';Bl='!';Bm='"';Bn='#';Bo='$';Bp='%';Bq='&';Br="'"
Bs='(';Bt=')';Bu='*';Bv='+';Bw=',';Bx='-';By='.';Bz='/'
Ca=':';Cb=';';Cc='<';Cd='=';Ce='>';Cf='?';Cg='@';Ch='['
Ci='\';Cj=']';Ck='^';Cl='_';Cm='`';Cn='{';Co='|';Cp='}'
Cq='~'
sed '2,25d' < obfuscate_master.sh > obfuscate.sh
chmod 755 obfuscate.sh
sed '21,37d' < obfuscate_master.sh > bash_verbose-substrings.shell
chmod 700 bash_verbose-substrings.shell
rm obfuscate_master.sh
$1
${1:5:1}${1:14:1}${1:10:1}${1:36:1}${1:6:1}$Af$Au$An$Ac$At$Ai$Ao$An$Bk$AC$At$Ar$Al$Cl$AC$Bs$Bt$Bk$Cn$Bk$Ae$Ac$Ah$Ao$Bk$Bm$AY$Ao$Au$Bk$Ac$Aa$An$Br$At$Bk$Ad$Ao$Bk$At$Ah$Aa$At$By$By$By$Bk$Ca$Ao$AD$Bm$Cb$Bk$Cp
$At$Ar$Aa$Ap$Bk$AC$At$Ar$Al$Cl$AC$Bk$AS$AI$AG$AI$AN$AT
$Ac$Al$Ae$Aa$Ar${1:6:1}
$Ae$Av$Aa$Al$Bk$An$Aa$Am$Ae$Cd$Bm$Bm
$Ae$Av$Aa$Al${1:6:1}$Aa$Ag$Ae$Cd$Bm$Bm
$Ae$Av$Aa$Al$Bk$Ap$Ar$Ai$An$At$Af$Bk$Bm$AE$An$At$Ae$Ar$Bk$Ay$Ao$Au$Ar${1:6:1}$Af$Au$Al$Al$Bk$An$Aa$Am$Ae$Ca$Bx$Ci$An$Bm
$Ar$Ae$Aa$Ad$Bk$An$Aa$Am$Ae${1:6:1}
$Ae$Av$Aa$Al$Bk$Ap$Ar$Ai$An$At$Af${1:6:1}$Bm$AE$An$At$Ae$Ar$Bk$Ay$Ao$Au$Ar$Bk$Aa$Ag$Ae$Ca$Bx$Ci$An$Bm
$Ar$Ae$Aa$Ad$Bk$Aa$Ag$Ae
$Ae$Av$Aa$Al$Bk$Ap$Ar$Ai$An$At$Af$Bk$Bm$AH$Ai${1:6:1}$name$Bw$Bk$Ay$Ao$Au$Bk$Aa$Ar$Ae$Bk$age$Bk$Ay$Ae$Aa$Ar$As$Bk$Ao$Al$Ad$By$Ci$An$Bm
$Ae$Ax$Ai$At${1:6:1}$Ba
And your private code that you can put anywhere you like so long as you point to it in $1:-
Code:
#/bin/bash --posix
for n in a b c d e f g h i j k l m n o p q r s t u v w x y z
do
eval A$n="$n"
done
for n in A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
do
eval A$n="$n"
done
num=0
for n in a b c d e f g h i j
do
eval B$n="$num"
num=$((num+1))
done
Bk=' ';Bl='!';Bm='"';Bn='#';Bo='$';Bp='%';Bq='&';Br="'"
Bs='(';Bt=')';Bu='*';Bv='+';Bw=',';Bx='-';By='.';Bz='/'
Ca=':';Cb=';';Cc='<';Cd='=';Ce='>';Cf='?';Cg='@';Ch='['
Ci='\';Cj=']';Ck='^';Cl='_';Cm='`';Cn='{';Co='|';Cp='}'
Cq='~'
Results for the master file and the final pair:-
Code:
Last login: Tue Dec 23 19:50:14 on ttys000
AMIGA:barrywalker~> cd Desktop
AMIGA:barrywalker~/Desktop> cd Code
AMIGA:barrywalker~/Desktop/Code> cd Shell
AMIGA:barrywalker~/Desktop/Code/Shell> chmod 700 obfuscate_master.sh
AMIGA:barrywalker~/Desktop/Code/Shell> ./obfuscate_master.sh 'source ./bash_verbose-substrings.shell'
Enter your full name:-
Barry Walker
Enter your age:-
^CYou can't do that... :oD
^CYou can't do that... :oD
^CYou can't do that... :oD
^CYou can't do that... :oD
^CYou can't do that... :oD
64
Hi Barry Walker, you are 64 years old.
AMIGA:barrywalker~/Desktop/Code/Shell> ./obfuscate.sh 'source ./bash_verbose-substrings.shell'
Enter your full name:-
Barry Walker
Enter your age:-
^CYou can't do that... :oD
^CYou can't do that... :oD
64
Hi Barry Walker, you are 64 years old.
AMIGA:barrywalker~/Desktop/Code/Shell> _
Apart from knowing already with the way I have allocated the variables just try and decode the obfuscated code without knowing how it is run.
Enjoy fellas an fella-esses...
Moderator's Comments:
Moved to "Shell Programming and Scripting"
EDIT:
(Apologies, as this has only been tested on my OSX 10.7.5, default bash terminal, I put it in the Apple section.)
If you run 'obfuscate.sh' on its own without its relevant $1 nothing will happen.
The shell in its wisdom will temporarily regard all of the variables as empty and the script just appears as newlines.
Code:
Last login: Wed Dec 24 09:13:40 on ttys000
AMIGA:barrywalker~> cd Desktop
AMIGA:barrywalker~/Desktop> cd Code
AMIGA:barrywalker~/Desktop/Code> cd Shell
AMIGA:barrywalker~/Desktop/Code/Shell> ./obfuscate.sh
AMIGA:barrywalker~/Desktop/Code/Shell> _
And adding to the obfuscation IFS has tab, newline and space characters that you can obfuscate and use too.
Is there ANY other language that can do this?
Last edited by wisecracker; 12-24-2014 at 12:23 PM..
Reason: Added the EDIT lines right at the bottom and correct typos....
Hi All,
We've a VDI infrastructure in AWS (AWS workspaces) and we're planning to automate the process of provisioning workspaces. Instead of going to GUI console, and launching workspaces by selecting individual users is little time consuming. Thus, I want to create them in bunches from AWS CLI... (6 Replies)
I have on occasion been forced to divulge my address to the odd enterprise, here and there. Some time later I've mysteriously found myself on the receiving end of spam. I have a plan to copy said enterprise's domain or part thereof to a bash terminal and obfuscate it, then paste the obfuscated... (2 Replies)
Hi,
I have 80 large files, from which I want to get a specific value to run a Bash script. Firstly, I want to get the part of a file which contains this:
Name =A
xxxxxx
yyyyyy
zzzzzz
aaaaaa
bbbbbb
Value = 57
This is necessary because in a file there are written more lines which... (6 Replies)
Hi there,
I am lil confused with the following issue.
I have a File, which has the following header: IMSHRATE_043008_101016
a sample detailed record is :9820101 A982005000CAVG030108000000000000010169000MAR 2008
9820102 MAR 2008 D030108
... (1 Reply)
I have a vendor that needs to install a set of scripts (written in korn) that will be run as root through crontab every day. This set of scripts will need to ssh as root to other servers without getting challenged for user name or password. So I have set up ssh key pairing and authorized_keys... (2 Replies)
Ok well this isn't homework or classwork, I have been done with school for many years. I offered to help my co-worker who's daughter needs help. I didn't realize I had got rid of all of my UNIX books until after I agreed to help. (3 Replies)
12-23-2014
