Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place! |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
01-07-2008, 09:49 AM
|
#1
|
LQ Newbie
Registered: Dec 2007
Posts: 22
Rep:
|
Encrypting scripts into Binary Executables
Hi,
Can anyone please tell me how to encrypt/encode shell scripts into binary executables so that scripts can be protected from modification or inspection. There is a good utility on the following link,
http://www.datsi.fi.upm.es/~frosal/
I have tried it successfully on RedHat Linux but its not working on HP-Unix.
Is there any other way to achieve this?
|
|
|
01-07-2008, 10:15 AM
|
#2
|
Moderator
Registered: May 2001
Posts: 29,415
|
BTW[0]: If it's about HP-UX it should be in the "other *NIX" forum. This one's for GNU/Linux.
BTW[1]: saying "its not working" doesn't help us help you. Provide exact details could help.
BTW[2]: Just so you don't think encrypting scripts provides protection against inspection search the Linux Security forum for threads about script encryption and its pitfalls or see http://tldp.org/LDP/abs/html/securityissues.html under "Hiding Shell Script Source".
|
|
|
01-08-2008, 01:40 AM
|
#3
|
LQ Newbie
Registered: Dec 2007
Posts: 22
Original Poster
Rep:
|
Its not only about Unix. I wanted to know if there exits any method to encrypt shell scripts on any *nix platform besides the utility i mentioned in my last post.
As far as error is concerned, when i try to run binary executable on HP-Unix, it gives following error,
psa1a: ...tmp20080104/shc-3.8.6 64 > shc -e 01/06/2008 -m "License Expired on 01/06/2008. Please contact Muaz Farooq." -f trstat
shc: Exec format error. Binary file not executable.
Exit 1
psa1a: ...tmp20080104/shc-3.8.6 65 >
Here trstat is my script for which I want to create an executable and shc is the utility which creates binary executables. Besides encrypting this utility (shc) also creates license. -e and -m are flags for creating license.
The script for which i am trying to create binary executable is written by me so no threat of virus or something. If encryption is not a good idea, is there any other way scripts can be protected from inspection.
|
|
|
01-08-2008, 02:30 AM
|
#4
|
Senior Member
Registered: Oct 2003
Location: UK
Distribution: Kubuntu 12.10 (using awesome wm though)
Posts: 3,530
Rep:
|
I would advise against using script obfuscation methods such as shc. These techniques will make it more difficult than is necessary to maintain your scripts, and more difficult to solve problems if they occur.
They also add a false sense of security. For example, someone taking security seriously would not consider compiling C code into a binary to add any security at all, and you should not consider a script obfuscator a security measure either. Just because the behaviour of the program is a little less readable doesn't help to secure it - a half competent analyst will be able to work out what such a program does fairly easily, and recover the likes of embedded passwords from such a script.
|
|
|
01-08-2008, 07:03 AM
|
#5
|
LQ Newbie
Registered: Dec 2007
Posts: 22
Original Poster
Rep:
|
Alright, then what do you recommend should be done to protect a script from inspection/modification provided chmod cant be used as all users have same access?
|
|
|
01-08-2008, 07:39 AM
|
#6
|
Senior Member
Registered: Oct 2003
Location: UK
Distribution: Kubuntu 12.10 (using awesome wm though)
Posts: 3,530
Rep:
|
If you are trying to prevent someone from copying your proprietary code, that is one use of copyright. You probably cannot stop them from reversing your obfuscated program and working out how to do it themselves (or from modifying it to make it do something else), but you can copyright your work to make it illegal for them to do so. Then you have legal recourse. You can also use contracts to agree what can and cannot be done with a program you provide to someone else.
If you are really interested in security (very different from protecting your revenue) there is not a reliable software-only method. A more reliable method is to use encrypted binaries and TPM, and even then there are going to be hardware attacks.
The problem boils down to the same one as trying to distribute "DRM-protected" media - the attacker and the recipient are the same person.
|
|
|
01-08-2008, 08:01 AM
|
#7
|
Senior Member
Registered: Oct 2003
Location: UK
Distribution: Kubuntu 12.10 (using awesome wm though)
Posts: 3,530
Rep:
|
Why do you want to do it by the way?
|
|
|
All times are GMT -5. The time now is 02:54 AM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|