Further to my shell obfuscation ideas from a previous post this is a derivative with ideas that work.
Firstly the file 'obfuscate_master.sh' is created and the access rights changed to the owner only.
It is called in ths particular case as:-
./obfuscate_master.sh 'source ./bash_verbose-substrings.shell'
Notice that $1 is __calling__ a file that does not exist yet but in this example the string can create some commands.
'echo', 'cat', and 'eval' come to mind quickly. Also note that the string is inside single quotes.
Next, the file now runs with the required data as $1 inside single quotes.
Next, two new files are created with access rights to the owner only. In my case, 'obfuscate.sh' and 'bash_verbose-substrings.sh'.
Next, the master file 'obfuscate_master.sh' is deleted as it is no longer required.
Finally, the script continues to the end although the file has now been deleted.
In ths DEMO both new files are saved into the current drawer.
From now on the file is called obfuscate.sh and in this particular case called as:-
./obfuscate.sh 'source ./bash_verbose-substrings.shell'
It goes without saying that once you have your initial variables that you can duplicate or more any or all of the characters needed on the fly.
Also you can overwrite the exisiting variables and re-arrange them in differing orders on the fly.
Also you could allocate variables to every character inside $1, something like 'xyz=${1:8:1}' for the 9th character.
This would give several of variables of the same character...
Boy oh boy what fun... ;oD
For example $1 has a whitespace in it and it is placed into sections of the obfuscated file.
Below is verbose version of the obfuscated code part.
Ensure these files don't exist before running for the first time inside your test drawer of preference...
bash_verbose-substrings.shell
obfuscate.sh
Place this file into your drawer of choice, allocate your access rights and run as previously described...
obfuscate_master.sh
Now the master code:-
The obfuscated code:-
And your private code that you can put anywhere you like so long as you point to it in $1:-
Results for the master file and the final pair:-
Apart from knowing already with the way I have allocated the variables just try and decode the obfuscated code without knowing how it is run.
Enjoy fellas an fella-esses...
Moderator's Comments:
Moved to "Shell Programming and Scripting"
EDIT:
(Apologies, as this has only been tested on my OSX 10.7.5, default bash terminal, I put it in the Apple section.)
If you run 'obfuscate.sh' on its own without its relevant $1 nothing will happen.
The shell in its wisdom will temporarily regard all of the variables as empty and the script just appears as newlines.
And adding to the obfuscation IFS has tab, newline and space characters that you can obfuscate and use too.
Is there ANY other language that can do this?
Last edited by wisecracker; 12-24-2014 at 12:23 PM..
Reason: Added the EDIT lines right at the bottom and correct typos....
Hi All,
We've a VDI infrastructure in AWS (AWS workspaces) and we're planning to automate the process of provisioning workspaces. Instead of going to GUI console, and launching workspaces by selecting individual users is little time consuming. Thus, I want to create them in bunches from AWS CLI... (6 Replies)
I have on occasion been forced to divulge my address to the odd enterprise, here and there. Some time later I've mysteriously found myself on the receiving end of spam. I have a plan to copy said enterprise's domain or part thereof to a bash terminal and obfuscate it, then paste the obfuscated... (2 Replies)
Hi,
I have 80 large files, from which I want to get a specific value to run a Bash script. Firstly, I want to get the part of a file which contains this:
Name =A
xxxxxx
yyyyyy
zzzzzz
aaaaaa
bbbbbb
Value = 57
This is necessary because in a file there are written more lines which... (6 Replies)
Hi there,
I am lil confused with the following issue.
I have a File, which has the following header: IMSHRATE_043008_101016
a sample detailed record is :9820101 A982005000CAVG030108000000000000010169000MAR 2008
9820102 MAR 2008 D030108
... (1 Reply)
I have a vendor that needs to install a set of scripts (written in korn) that will be run as root through crontab every day. This set of scripts will need to ssh as root to other servers without getting challenged for user name or password. So I have set up ssh key pairing and authorized_keys... (2 Replies)
Ok well this isn't homework or classwork, I have been done with school for many years. I offered to help my co-worker who's daughter needs help. I didn't realize I had got rid of all of my UNIX books until after I agreed to help. (3 Replies)