LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices


Reply
  Search this Thread
Old 08-23-2010, 08:11 PM   #1
HuMan-BiEnG
Member
 
Registered: Jun 2010
Posts: 92

Rep: Reputation: 15
can i encrypt a shell script


Hello everyone ,

is there any good way to encrypt a bash script

to make no one view its contents & so cant edit it

thanks for everyone

Last edited by HuMan-BiEnG; 08-23-2010 at 08:13 PM.
 
Old 08-23-2010, 08:35 PM   #2
sag47
Senior Member
 
Registered: Sep 2009
Location: Orange County, CA
Distribution: Kubuntu x64, Raspbian, CentOS
Posts: 1,860
Blog Entries: 36

Rep: Reputation: 459Reputation: 459Reputation: 459Reputation: 459Reputation: 459
You're looking for code obfuscation.

Google "obfuscate shell script"

The first entry leads you here...
http://www.comp.eonworks.com/scripts...-20011012.html

I duno why you'd want to do that though. Kinda goes against the open source spirit amiright?
 
1 members found this post helpful.
Old 08-24-2010, 01:42 AM   #3
HuMan-BiEnG
Member
 
Registered: Jun 2010
Posts: 92

Original Poster
Rep: Reputation: 15
Smile

Quote:
Originally Posted by sag47 View Post
You're looking for code obfuscation.

Google "obfuscate shell script"

The first entry leads you here...
http://www.comp.eonworks.com/scripts...-20011012.html

I duno why you'd want to do that though. Kinda goes against the open source spirit amiright?
Hello SAG ,

first thank you for helping me man ,& i really apreciate this so much

second ,no i like open source, but i want this to encrypt a shell script that will do a project in our company & i want to be the only responsible one for this project ,as the company fired me since one month ago & returned me again then asked for this project, so i didnt want the company to take it,cuz it may fire me again or even if they did ,then they will feel that they really loose me,,

maybe i'm bad in this thing ,but life is hard & i have a house & wife

thanks again SAG & accept my best regards man
 
Old 08-24-2010, 01:49 AM   #4
EricTRA
LQ Guru
 
Registered: May 2009
Location: Gibraltar, Gibraltar
Distribution: Fedora 20 with Awesome WM
Posts: 6,805
Blog Entries: 1

Rep: Reputation: 1296Reputation: 1296Reputation: 1296Reputation: 1296Reputation: 1296Reputation: 1296Reputation: 1296Reputation: 1296Reputation: 1296
Hello,

This also may be helpfull:
Encrypting shell scripts
Encrypting shell scripts 2

Kind regards,

Eric
 
1 members found this post helpful.
Old 08-24-2010, 02:23 AM   #5
PankajRasuni
LQ Newbie
 
Registered: Nov 2009
Posts: 18

Rep: Reputation: 0
You can encrypt them using openssl modules.

but in that case running them in openssl requires password to decrypt them & execute it..Make an entry on crontab with some prerequisite details. May it works
 
Old 08-24-2010, 03:40 AM   #6
konsolebox
Senior Member
 
Registered: Oct 2005
Distribution: Gentoo, Slackware, LFS
Posts: 2,248
Blog Entries: 8

Rep: Reputation: 235Reputation: 235Reputation: 235
I wonder. They probably do the encryption this way:

Encrypt:

1) Encrypt text of script.
2) Bind the encrypted text with an executable.

Decrypt and Run:

1) Executable decrypts bound text.
2) Open a pipe. Run bash making it read the pipe just like a file. Send decrypted text to pipe.

However I think the decrypted text sent to pipe can be intercepted.. somewhere or somehow.

Last edited by konsolebox; 08-24-2010 at 03:41 AM.
 
Old 08-24-2010, 08:33 AM   #7
sag47
Senior Member
 
Registered: Sep 2009
Location: Orange County, CA
Distribution: Kubuntu x64, Raspbian, CentOS
Posts: 1,860
Blog Entries: 36

Rep: Reputation: 459Reputation: 459Reputation: 459Reputation: 459Reputation: 459
Quote:
Originally Posted by konsolebox View Post
I wonder. They probably do the encryption this way:

Encrypt:

1) Encrypt text of script.
2) Bind the encrypted text with an executable.

Decrypt and Run:

1) Executable decrypts bound text.
2) Open a pipe. Run bash making it read the pipe just like a file. Send decrypted text to pipe.

However I think the decrypted text sent to pipe can be intercepted.. somewhere or somehow.
Do you mean for code obfuscation? If so then you're getting way too complicated. It's not encrypted with a key or anything like that. It's rewritten into such a way that it is unreadable for humans to easily edit.

There's two main methods of obfuscation that I can think of off of the top of my head.
1) take out all white spaces and comments and compact the code to a single line. (aka compacting)
2) Do same as #1 but in addition take and create an inhuman amount of variables and scramble them up in a confusing manner.

Here's an example using Javascript...
Plain text
PHP Code:
var a="Hello World!";
function 
MsgBox(msg)
{
    
alert(msg+"\n"+a);
}
MsgBox("OK"); 
Obfuscated JavaScript
PHP Code:
var _0x41a8=["\x48\x65\x6C\x6C\x6F\x20\x57\x6F\x72\x6C\x64\x21","\x0A","\x4F\x4B"];var a=_0x41a8[0];function MsgBox(_0x786dx3){alert(_0x786dx3+_0x41a8[1]+a);} ;MsgBox(_0x41a8[2]); 
When you run both of them in a browser they do the exact same thing. Now imagine a JavaScript program with 1500 lines of code which has been obfuscated. It would be nearly impossible to decrypt by a human. Hundreds of man hours would be wasted doing it even if it were decrypted. Either way the person trying to get the code has wasted time and money.

Quote:
Originally Posted by HuMan-BiEnG View Post
maybe i'm bad in this thing ,but life is hard & i have a house & wife
Ethically I don't think you're wrong. It all breaks down to company loyalty and the misunderstanding relationship between employee and company. If the company is not required to show loyalty to it's employees and fire them at any time then why should the employee have to show loyalty to the company? You should look into "whistle blowing" for more information on what I mean.

SAM

Last edited by sag47; 08-24-2010 at 08:44 AM.
 
Old 08-24-2010, 08:38 AM   #8
djsmiley2k
Member
 
Registered: Feb 2005
Location: Coventry, UK
Distribution: Home: Gentoo x86/amd64, Debian ppc. Work: Ubuntu, SuSe, CentOS
Posts: 343
Blog Entries: 1

Rep: Reputation: 72
I'd fire you for handing in code like that.

Something to concider.
 
1 members found this post helpful.
Old 08-24-2010, 08:25 PM   #9
konsolebox
Senior Member
 
Registered: Oct 2005
Distribution: Gentoo, Slackware, LFS
Posts: 2,248
Blog Entries: 8

Rep: Reputation: 235Reputation: 235Reputation: 235
@sag47 Then that's more on scrambling not encrypting since it's not intended to be read (decrypted to original source) on later part.

Last edited by konsolebox; 08-24-2010 at 08:28 PM.
 
Old 08-25-2010, 12:03 AM   #10
sag47
Senior Member
 
Registered: Sep 2009
Location: Orange County, CA
Distribution: Kubuntu x64, Raspbian, CentOS
Posts: 1,860
Blog Entries: 36

Rep: Reputation: 459Reputation: 459Reputation: 459Reputation: 459Reputation: 459
I never said it was encrypted, in fact I stated it was not encryption. He wanted to know how to hide the code. Code obfuscation is how one would do it without compiling it into a binary. People commonly mistake code obfuscation for encryption so usually when they ask for code encryption what they actually want is obfuscation. I seriously doubt the OP wants to enter a password just to have a script decoded each time it was ran. On top of any root level password needed.
 
Old 08-25-2010, 12:30 AM   #11
EricTRA
LQ Guru
 
Registered: May 2009
Location: Gibraltar, Gibraltar
Distribution: Fedora 20 with Awesome WM
Posts: 6,805
Blog Entries: 1

Rep: Reputation: 1296Reputation: 1296Reputation: 1296Reputation: 1296Reputation: 1296Reputation: 1296Reputation: 1296Reputation: 1296Reputation: 1296
Quote:
Originally Posted by sag47 View Post
I never said it was encrypted, in fact I stated it was not encryption. He wanted to know how to hide the code. Code obfuscation is how one would do it without compiling it into a binary. People commonly mistake code obfuscation for encryption so usually when they ask for code encryption what they actually want is obfuscation. I seriously doubt the OP wants to enter a password just to have a script decoded each time it was ran. On top of any root level password needed.
Hi,

If you don't mind, have a look at the first link I posted in post #4. From that page:
Quote:
The program "shc" creates C source code out of your shell script then encrypts it (script.sh.x.c). The encrypted shell script is: script.sh.x. Now copy the original "script.sh" file to a floppy disk or some other system for backup or in case you need to edit it in the future. Then, delete it from the server and delete the "script.sh.x.c" file it creates.

Neat feature

You can also specify a time limit on the shell script so that it will no longer execute after a certain date and you can specify a custom message to echo back to the user. Run this command on the "script.sh" file we created earlier in this tut:

shc -e 09/10/2004 -m "Dude it is too late to run this script." -f script.sh
./script.sh.x
./script.sh.x has expired!
Dude it is too late to run this script.

In the above command the date October 9, 2004 is set as the expiration date (-e 09/10/2004) and the custom message was set to display to the user (-m "Dude it is too late to run this script.") when the binary is executed. Note the date format is dd/mm/yyyy.
By using shc there's no need at all to decrypt a script before running it. If OP want encryption then I believe this is the easiest way to go. The encrypted script is the only one he has to leave on the server, is executable but unreadable. I've used it on various occasions and it does the trick.

Kind regards,

Eric
 
Old 08-25-2010, 01:06 AM   #12
HuMan-BiEnG
Member
 
Registered: Jun 2010
Posts: 92

Original Poster
Rep: Reputation: 15
Quote:
yeah, you are right SAM , & soon i will leave the company ,but the stillnt come

Quote:

This also may be helpfull:
Encrypting shell scripts
Encrypting shell scripts 2
Hello ERIC ,,

thanks alot for you ERIC & SAM

& both of you accept my best regards
 
Old 08-25-2010, 01:08 AM   #13
EricTRA
LQ Guru
 
Registered: May 2009
Location: Gibraltar, Gibraltar
Distribution: Fedora 20 with Awesome WM
Posts: 6,805
Blog Entries: 1

Rep: Reputation: 1296Reputation: 1296Reputation: 1296Reputation: 1296Reputation: 1296Reputation: 1296Reputation: 1296Reputation: 1296Reputation: 1296
Hi,

You're welcome and I hope all goes well for you. Have a nice day.

Kind regards,

Eric
 
Old 08-25-2010, 02:52 AM   #14
konsolebox
Senior Member
 
Registered: Oct 2005
Distribution: Gentoo, Slackware, LFS
Posts: 2,248
Blog Entries: 8

Rep: Reputation: 235Reputation: 235Reputation: 235
Quote:
Do you mean for code obfuscation? If so then you're getting way too complicated. It's not encrypted with a key or anything like that. It's rewritten into such a way that it is unreadable for humans to easily edit.
No I never meant "code obfuscation". You're the only one who made an assumption for that. And I don't think it is that complicated in fact the concept is way too simple for me.

Quote:
Originally Posted by sag47 View Post
I never said it was encrypted, in fact I stated it was not encryption. He wanted to know how to hide the code. Code obfuscation is how one would do it without compiling it into a binary. People commonly mistake code obfuscation for encryption so usually when they ask for code encryption what they actually want is obfuscation. I seriously doubt the OP wants to enter a password just to have a script decoded each time it was ran. On top of any root level password needed.
Yup but unfortunately that was what the OP requested (see title). You're the only one who decided that it's not. Making a reply based on his question I think could never be a bad move on my part.
 
Old 08-25-2010, 11:34 AM   #15
sag47
Senior Member
 
Registered: Sep 2009
Location: Orange County, CA
Distribution: Kubuntu x64, Raspbian, CentOS
Posts: 1,860
Blog Entries: 36

Rep: Reputation: 459Reputation: 459Reputation: 459Reputation: 459Reputation: 459
@konsolebox: why are you breaking my balls man? The OP said it answered his question.

At any rate this is my last reply to this thread since it is now off topic.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
crypt() perl function to encrypt Password in shell scripts or How Encrypt passwords ? balakrishnay Linux - General 13 01-14-2010 09:35 AM
How can I encrypt a perl script? abefroman Programming 15 11-17-2009 10:45 PM
[SOLVED] how to encrypt shell script bkcreddy17 Linux - Newbie 2 04-08-2009 06:51 AM
encrypt shell script Swakoo Linux - Security 29 02-08-2007 07:16 PM
Compile/Encrypt Bash Script DoubleOTeC Programming 6 10-09-2005 07:33 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - General

All times are GMT -5. The time now is 10:13 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration