Login or Register to Ask a Question and Join Our Community


UNIX for Advanced & Expert Users

How to hide command line parameters?

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Top Forums UNIX for Advanced & Expert Users How to hide command line parameters?
# 1  
Old 08-24-2009
How to hide command line parameters?
Hello

I want to hide command line parameters of my programs/scripts to not to be seen with 'ps' command.
How can I do that?
thanks in advance.
# 2  
Old 08-24-2009
One way I've seen it done is to save the parameters in variables, export them, then immediately exec a different script. The new script will obtain values through environment variables and not display them in its commandline, while the program that called it no longer exists, having been replaced with whatever it exec'd. This makes it difficult -- though not impossible -- to catch in the act.

Another way to avoid parameters being visible is to not have them visible in the first place, transferring them to scripts through methods like pipes and so forth.
# 3  
Old 08-24-2009
Using variables doesn't totally hide them though, a BSD ps with the 'e' flag will show them
# 4  
Old 08-27-2009
If you can push the argument out past 80 characters, it shouldn't show up on the "normal" ps output on both Linux and Solaris. IIRC both those copy the args to a structure available in /proc that's only 80 chars long.

Now, there may very well be other ways to get the arguments than from /proc via ps, and any user that can read the address space of the process certainly can get them. But that's at least a start.

That's a horrible kludge, though. It's best to not put sensitive data on command lines. If the data is sensitive enough that you don't want it visible, put it in a file and closely control the file permissions. You don't want to do that? Why? You were willing to put the sensitive data on a command line in a script, and a script is nothing more than a file.
# 5  
Old 08-28-2009
cat noargs.sh

Code:
#!/usr/bin/bash


ps -ef | grep "n[o]args.sh"

echo $VAR1
echo $VAR2

ps -ef | grep "n[o]args.sh"

Execute:
# VAR1="this is the 1st argument" VAR2="this is the 2nd argument" ./noargs.sh

root 25177 23762 0 22:14:16 pts/1 0:00 /usr/bin/bash ./noargs.sh
this is the 1st argument
this is the 2nd argument
root 25177 23762 0 22:14:16 pts/1 0:00 /usr/bin/bash ./noargs.sh
#

Note: There is a SPACE and not a ";" between the command line parts.
# 6  
Old 08-29-2009
True, but that is not a BSD-style "e"-option. You have to leave out the "-" for that.

Code:
#!/usr/bin/bash
ps axe | grep "n[o]args.sh"
echo $VAR1
echo $VAR2
ps axe | grep "n[o]args.sh"

# VAR1="this is the 1st argument" VAR2="this is the 2nd argument" ./noargs.sh

17834 pts/0 R+ 0:00 /bin/bash ./noargs.sh VAR1=this is the 1st argument VAR2=this is the 2nd argument TERM=....
this is the 1st argument
this is the 2nd argument
17834 pts/0 R+ 0:00 /bin/bash ./noargs.sh VAR1=this is the 1st argument VAR2=this is the 2nd argument TERM=....
# 7  
Old 08-31-2009
Quote:
Originally Posted by Scrutinizer
True, but that is not a BSD-style "e"-option. You have to leave out the "-" for that.

Code:
#!/usr/bin/bash
ps axe | grep "n[o]args.sh"
echo $VAR1
echo $VAR2
ps axe | grep "n[o]args.sh"

# VAR1="this is the 1st argument" VAR2="this is the 2nd argument" ./noargs.sh

17834 pts/0 R+ 0:00 /bin/bash ./noargs.sh VAR1=this is the 1st argument VAR2=this is the 2nd argument TERM=....
this is the 1st argument
this is the 2nd argument
17834 pts/0 R+ 0:00 /bin/bash ./noargs.sh VAR1=this is the 1st argument VAR2=this is the 2nd argument TERM=....
I assume the intention of all of this is to hide the arguments for others. The -e option for the BSD ps only always you the see the environment for your own processes (unless you are root ofcourse).
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Passing command line parameters into script

Not a good post. (1 Reply)
Discussion started by: bash_in_my_head
1 Replies

2. Programming

How to hide from UNIX strings - obfuscate or hide a literal or constant?

Hi, I need to somehow pipe the password to a command and run some SQL, for example, something like echo $password | sqlplus -s system @query01.sql To make it not so obvious, I decided to try out writing a small C program that basically just do echo $password. So now I just do x9.out | sqlplus... (8 Replies)
Discussion started by: newbie_01
8 Replies

3. Shell Programming and Scripting

Selective command line parameters.

Hi, I have a script which has 3 command line parameters.But sometimes it will also take 2 command line parameters or 1.How to do it? I am using $1,$2... to specify the command line parameters. The script which i have written is given below. #!/bin/sh echo "database="$1 echo... (3 Replies)
Discussion started by: arijitsaha
3 Replies

4. UNIX for Dummies Questions & Answers

command line parameters

hi again question on how to change code so that script will prompt to enter parameter if they are missing. . . code I have so far : #!/bin/bash two="200" three=500 if ; then echo " first line parameter is $one " else echo -n " first parameter is missing , please write... (2 Replies)
Discussion started by: me.
2 Replies

5. UNIX for Dummies Questions & Answers

Problem with command line parameters

hi, This is actually realted to a Abinitio command in a unix script. my code is #!/bin/ksh GRAPH_NAME=$1 shift air sandbox run $GRAPH_NAME $* > file.lst 2>&1 if ]; then echo "Pass" fi when i run this script with this command "script.ksh graph_name parameters" the script... (1 Reply)
Discussion started by: siva1612
1 Replies

6. UNIX for Advanced & Expert Users

Reading putty command line parameters from Linux

I am running Putty 0.60 from Windows XP and I am connecting to a Linux box. I would like to be able to pass a command line parameter to my Linux session so that my Linux session can execute a specific command, depending on the command line parameter. I have looked on the Internet and tried... (1 Reply)
Discussion started by: SFNYC
1 Replies

7. UNIX for Dummies Questions & Answers

How to use parameters in command line while submitting a report

Iam running a report(.rdf) file from UNIX command line. using the following syntax for eg xxx.rdf is the report rdf ar60run batch=yes userid=username/paswd@database report=xxx.rdf destype=file desname=xxx.dat now i need to submit this with three pameters pls suggest (1 Reply)
Discussion started by: sreenusola
1 Replies

8. Shell Programming and Scripting

Building command line parameters of arbitrary length

I couldn't find an existing thread that addressed this question, so hopefully this isn't redundant with anything previously posted. Here goes: I am writing a C-Shell script that runs a program that takes an arbitrary number of parameters: myprog -a file1 \ -b file2 \ -c file3 ... \ -n... (2 Replies)
Discussion started by: cmcnorgan
2 Replies

9. UNIX for Dummies Questions & Answers

How do you take in variables/parameters from the command line?

I need to take in two parameters from the command line...help! (1 Reply)
Discussion started by: avisram
1 Replies

10. Shell Programming and Scripting

passing command line parameters to functions - sh

All, I have a sh script of the following tune: function a () { #functionality.. } function b () { #functionnlity.. } function check () { # this function checks for env and if all fine call build } function usage () { #sh usage details } function build () { #calls either a or b or... (5 Replies)
Discussion started by: vino
5 Replies
Login or Register to Ask a Question