Script to get checksum of itself


 
Thread Tools Search this Thread
Top Forums Shell Programming and Scripting Script to get checksum of itself
# 1  
Old 02-09-2017
Script to get checksum of itself

is there a way to get a script to do a checksum on itself?

something like this:

Code:
#!/bin/sh

myexpectedsig=$(cksum $0 | awk '{print $1}')
if [ ${myexpectedsig} -ne 83373373737 ] ; then
     exit
else
   who
   uptime
   date
fi

im looking for something that would always represent the running script, which is why im using "$0" above. but $0 may not be reliable. as in, it may not always refer to the running script file.
# 2  
Old 02-09-2017
If you want to prevent that someone changes this script, that person can also just comment those lines.
Maybe an IDS (Intrusion Detection System) like Tripewire etc. is the better choice to watch files.
This User Gave Thanks to zaxxon For This Post:
# 3  
Old 02-09-2017
If you update the file to insert the correct checksum, then that will change the checksum for the next run. You would be extremely unlikely to ever be able to guess the checksum and be able to put it in the script.

You could consider:-
  • Change the permissions
  • Have the script read a file holding the checksum
  • Use and IDS as zaxxon suggests
  • Regularly checksum your code and compare to the previous run
Of course, all of these can be bypassed by someone with appropriate authority, so it comes down to a question of who is trusted and only granting access to those you can trust. A script that can be read can be copied and adjusted before running the local copy anyway, if the user has the authority to do so, so you should be thinking of denying all access except where you are comfortable granting it.

Making the scripts' permissions as rwx --- --- and having a sudo rule to allow specific people to execute it may be the way to go.


I hope that this gives you some ideas to ponder further.
Robin

Last edited by rbatte1; 02-09-2017 at 05:14 AM.. Reason: Closing message & signature
This User Gave Thanks to rbatte1 For This Post:
# 4  
Old 02-09-2017
Hi.

Perhaps use the calculated checksum as the name of the file. That way the checksum is outside the content of the file, yet is still associated with it.

Just a thought experiment.

Best wishes ... cheers, drl
This User Gave Thanks to drl For This Post:
# 5  
Old 02-09-2017
What is your operating system ?

On Linux systems, use inotifywatch on that file to check if it's modified and take appropriate action.

Upon modify action (or any action you require supported by inotify subsystem), take action to prevent unwanted behavior.
chown a monitored file not to execute, mv a monitored file ,check the PID with fuser, run an antivirus check on monitored file etc.
This can be done from screen session, crontab or as a background job in while loop.

Check if script unchanged from script itself makes no sense whatsoever, as zaxxon mentioned.
It should be an external script/utility/software.

I have found that a lot of software actually uses inotify subsystem builtin, like clamav for instance.

On other OS-es you can use audit systems (perhaps overhead for one script/file), or script from cron using while loop and cksum (or equivalent tool) with a bit logic.

Hope that helps
Regards
Peasant.
This User Gave Thanks to Peasant For This Post:
# 6  
Old 02-09-2017
thank you all. I really appreciate the thoughtful and detailed responses provided. i'll mull them over.

thanks again.
# 7  
Old 02-09-2017
Hi.

Here is a brief example of a self-checksumming, creation and verification script on file s1:
Code:
#!/usr/bin/env bash

# @(#) (calculated)     Demonstrate checksum as script name.

LC_ALL=C ; LANG=C ; export LC_ALL LANG
pe() { for _i;do printf "%s" "$_i";done; printf "\n"; }
pl() { pe;pe "-----" ;pe "$*"; }
em() { pe "$*" >&2 ; }
db() { ( printf " db, ";for _i;do printf "%s" "$_i";done;printf "\n" ) >&2 ; }
db() { : ; }
# C=$HOME/bin/context && [ -f $C ] && $C

# Calculate checksum, compare with name.
program=$( basename $0 )
checksum=$( cksum < $0 )
name=$( echo "$checksum" | sed 's/ /_/' )

# Intermediate output if debugging.
db " program name        = $program"
db " calculated checksum = $name"

if [ "$name" != "$program" ]
then
  db " Checksums [ $name | $program ] do not match, aborting."
  em " Checksums [ $name | $program ] do not match, aborting."
  exit 1
else
  db " Checksums [$name] match, continuing."
fi

echo ""
echo " Hello, world from $program."

exit 0

Running it as is will fail, but produce a checksum:
Code:
$ ./s1
 Checksums [ 2207913779_881 | s1 ] do not match, aborting.

Now we can copy the script to a a filename that is the string of the checksum:
Code:
cp s1 2207913779_881

And now run the code from the new filename:
Code:
$ ./2207913779_881 

 Hello, world from 2207913779_881.

Testing to see if the checksum works by changing the period at the end of the comment:
Code:
# @(#) (calculated) Demonstrate checksum as script name;

and re-running the script:
Code:
$ ./2207913779_881 
 Checksums [ 1941515329_881 | 2207913779_881 ] do not match, aborting.

See man pages for details.

Best wishes ... cheers, drl
This User Gave Thanks to drl For This Post:
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. UNIX for Beginners Questions & Answers

Need UNIX script to check checksum and dummy file creation.

Hi Folks, I need a UNIX script which will copy files(Table wise) from source directory to destination directory (Under table directory) and also creates 2 additional files after getting copied to destination directory with extension .pdy and .ldy , . pdy file will be zero byte file should get... (4 Replies)
Discussion started by: Nicks1412
4 Replies

2. Shell Programming and Scripting

Needed script to FTP a File and generate a quality checksum file

hi all i want a script to FTP a file and should generate a quality checksum file means when I FTP a file from one server to another server it should generate a QC file which should contain timestamp,no.of records in that file Thanks in advance saikumar (3 Replies)
Discussion started by: hemanthsaikumar
3 Replies

3. Solaris

MD5 checksum

Hi Guys, I have about MD5 checksum so many times but I can't figure out how to use it. Can someone please show me how to perform an MD5 checksum? Thanks a lot guys. (1 Reply)
Discussion started by: cjashu
1 Replies

4. IP Networking

Wireshark UDP checksum bad checksum

Hello I am communicating with two devices using my computer over UDP protocol. The application is running fine. When I monitored the UDP traffic using Wireshark software, I found that there were too many Checksum errors. Please find attached the png file showing this error. I am about to... (0 Replies)
Discussion started by: AustinCann
0 Replies

5. Shell Programming and Scripting

FTP and Checksum

Hi Guys, Sometimes, I have a problem with transferred files in ftp session. Thats why I want to produce checksum value in my local server and remote server. But I could not find anyway to produce checksum value of transferred files in remote server. Do you have any idea? Thanks, Emre (3 Replies)
Discussion started by: ce_emre21
3 Replies

6. Shell Programming and Scripting

Extracting the checksum

I wanted a script that can give the checksum of a particular zipped file. Can somebody help me in writing a shell script in getting the checksum of a particular tar file. (1 Reply)
Discussion started by: vkca
1 Replies

7. Solaris

checksum

Anyone can tell me the different between "cksum" and "sum" command on Solaris? I read the man pages but still not get it. And how to display the md5 checksum for a file. Thanks, (1 Reply)
Discussion started by: redstone
1 Replies

8. SCO

checksum

Does anyone know the answer to this? When I run "sum -r" on a file that I've down loaded from the sco website, the 1st set of numbers differs from the checksum on the download page but the 2nd set matches. If I try to install the patch, I get errors. Anyone has an answer? (3 Replies)
Discussion started by: jn5519
3 Replies

9. Shell Programming and Scripting

Checksum question

in HPUX: I am copying oracle datafiles from one mountpoint to another the total size is about 250Gb. I wanted to perform a checksum on the target and make sure the files came overy properly. Mountpoints: /s01 to /u01 /s02 to /u02 I tried using "SUM" on these mountpoints but its taking... (1 Reply)
Discussion started by: jigarlakhani
1 Replies

10. Shell Programming and Scripting

First time help, please - checksum script...

Hello all! I'm a recent college grad now working for a contractor. I've been tasked with writing a program/script that will verify that something was copied correctly. This is how the system is used - The user will get a distribution tape (a 4mm tape DDS3). On this tape are a bunch of... (6 Replies)
Discussion started by: kapolani
6 Replies
Login or Register to Ask a Question