Operating System - HP-UX
1839240 Members
2495 Online
110137 Solutions
New Discussion

Re: How to convert bash scripts into binary's, so no one can read it

 
SOLVED
Go to solution
Abii
Advisor

How to convert bash scripts into binary's, so no one can read it

Hi all,

Can you please help me to create a binary file for a bash script, I need step by step procedure for doing this .....decent points assured for helpfull answers ..Thanks in advance

Abi
22 REPLIES 22
VK2COT
Honored Contributor
Solution

Re: How to convert bash scripts into binary's, so no one can read it

Hello,

THis is what is commonly called
security through obscurity. Most
of those binary converters can be broken.

Anyway, one of the most popular ones
is Generic Shell Script Converter:

http://directory.fsf.org/project/shc/

or go directly to it:

http://www.datsi.fi.upm.es/~frosal/

Easy to use. Its current version is 3.8.6.
Typical install:

make test
make strings
make install

One example of usage:

shc -r -T -f myscript

C complier is required to compile this utility.

Cheers,

VK2COT
VK2COT - Dusan Baljevic
Abii
Advisor

Re: How to convert bash scripts into binary's, so no one can read it

Hi Dusan,

If have tried what you said ,but I am getting the below error .Please let me know where I am wrong .

FYI:- SHC has been installed .

root@hp:/var/abi/c/shc-3.7# ls
CHANGES c2s.sed s2c.sed shc.c test.csh
Copying match shc.1 shc.html
Makefile pru.sh shc.README test.bash
root@hp:/var/abi/c/shc-3.7# make test
cc -Wall -O6 -pedantic -o shc
(Bundled) cc: error 1914: bad form for `-W' option
*** Error exit code 1

Stop.

A. Clay Stephenson
Acclaimed Contributor

Re: How to convert bash scripts into binary's, so no one can read it

I rather doubt that you are going to be able to compile this utility using the Bundled C compiler. It is intended for building kernels and only understands K&R syntax. You probably need to install aCC (purchased) or gcc (free).
If it ain't broke, I can fix that.
Abii
Advisor

Re: How to convert bash scripts into binary's, so no one can read it

Hi Clay ,

Thanks for your advice , I will install ac++ developer bundle tomorrow and update you .

Abi
James R. Ferguson
Acclaimed Contributor

Re: How to convert bash scripts into binary's, so no one can read it

Hi Abi:

My first thought is the same as Dusan's. My curiosity is up.

I might guess that you don't work for a vendor who has and uses the tool about which you asked.

I might guess that you're a free-lance consultant who would like to make sure that any modifications your client might want to the shell you have provided requires them to come back (pay?) you.

Are you trying to hide the (human) readability of the code because it has a password buried in it? There are better ways.

Are you writing a shell script and trying to make it a 'setuid' script? There are ways to implement this without resort to translating shell into binary (C) code.

Since you responded that you were going to install the HP-UX C/aC++ bundle I assume that you are going to pay for the full version since the evaluation copy will expire leaving you high-and-dry when you want to change your shell script.

Frankly, I'd ask you, "What problem are you trying to solve?"

Regards!

...JRF...
Dennis Handly
Acclaimed Contributor

Re: How to convert bash scripts into binary's, so no one can read it

>but I am getting the below error
cc -Wall -O6 -pedantic -o shc
(Bundled) cc: error 1914: bad form for `-W' option

>Clay: I rather doubt that you are going to be able to compile this utility using the Bundled C compiler.

We don't know because the above error is related to using gcc options that HP's IPF compiler doesn't allow.

>I will install aC++ developer bundle tomorrow

You will have to remove these gcc options: -Wall -O6 -pedantic
James R. Ferguson
Acclaimed Contributor

Re: How to convert bash scripts into binary's, so no one can read it

Hi (again) Abii:

...and if you should want to use the GNU gcc compiler, you can obtain it free from either:

http://mirrors.develooper.com/hpux/

or:

http://hpux.connect.org.uk/hppd/hpux/Gnu/gcc-4.2.2/

Regards!

...JRF...

Abii
Advisor

Re: How to convert bash scripts into binary's, so no one can read it

Hi ,

Sorry ,let me clear about my requirement.

I need to convert my Unix shell script file to binary file.

Clay ,
I have installed C developers bundle and gcc too ,still am getting the below error while doing make


fyi:-

# pwd
/var/abi/shc/shc-3.8.6
# ls
CHANGES Makefile pru.sh shc.1 shc.c test.bash
Copying match shc shc.README shc.html test.csh

# make test
*** Compiling script "match"
CFLAGS="-Wall -O6 -pedantic" ./shc -v -f match
/usr/bin/sh: ./shc: Execute permission denied.
*** Error exit code 1

Stop.

# swlist |grep -e aC++ -e gcc
B9007AA C.11.23.12 HP C/aC++ Developer's Bundle
gcc 4.2.2 gcc
#


Please help me to resolve this issue at the earliest

Thanks,
Abi
Dennis Handly
Acclaimed Contributor

Re: How to convert bash scripts into binary's, so no one can read it

>I need to convert my Unix shell script file to binary file.

(You still haven't said why.)

CFLAGS="-Wall -O6 -pedantic" ./shc -v -f match
sh: ./shc: Execute permission denied.

Was this the gcc or cc run?
Is shc executable?
You'll probably have to do a clean and then show all errors.

Abii
Advisor

Re: How to convert bash scripts into binary's, so no one can read it

Hi Dennis,

>(You still haven't said why.)

I don`t want others to view/modify the shell script contents.


>Was this the gcc or cc run?

I belive it is cc ,Makefile has been attached along with reply

>Is shc executable?

I couldn`t find shc executable file in directory ,but shc.c and shc.1 is available

# pwd;ls shc;ls -l
/var/abi/shc1/shc-3.7
shc not found
total 272
-rwxrwxr-x 1 root sys 2474 Jun 18 2003 CHANGES
-rwxrwxr-x 1 root sys 17982 May 9 1996 Copying
-rwxrwxr-x 1 root sys 1564 Jan 14 12:00 Makefile
-rwxrwxr-x 1 root sys 256 Apr 16 2002 c2s.sed
-rwxrwxr-x 1 root sys 336 Feb 21 2003 match
-rwxrwxr-x 1 root sys 155 Jun 19 2003 pru.sh
-rwxrwxr-x 1 root sys 325 Apr 16 2002 s2c.sed
-rwxrwxr-x 1 root sys 3136 Jun 19 2003 shc.1
-rwxrwxr-x 1 root sys 1544 Jun 19 2003 shc.README
-rwxrwxr-x 1 root sys 21437 Jun 19 2003 shc.c
-rwxrwxr-x 1 root sys 3796 Jun 19 2003 shc.html
-rwxrwxr-x 1 root sys 138 Feb 21 2003 test.bash
-rwxrwxr-x 1 root sys 52 Jun 19 2003 test.csh


Abii
Advisor

Re: How to convert bash scripts into binary's, so no one can read it

Hi Dennis,

I apologize for the wrong reply for the 3rd query , please forgive me and have the correct reply

Is shc executable?
-rwxr-xr-x 1 root sys 39767 Jul 10 2006 shc

for more information :-

# pwd;ls -l;file shc
/var/abi/shc/shc-3.8.6
total 336
-rw-r--r-- 1 root sys 3549 Jul 10 2006 CHANGES
-rw-r----- 1 root sys 17982 May 9 1996 Copying
-rw-r----- 1 root sys 1525 Jun 16 2005 Makefile
-rwxr-x--- 1 root sys 336 Feb 21 2003 match
-rwxr-x--- 1 root sys 155 Jun 19 2003 pru.sh
-rwxr-xr-x 1 root sys 39767 Jul 10 2006 shc
-rw-r----- 1 root sys 3136 Jul 8 2004 shc.1
-rw-r----- 1 root sys 1544 Jun 19 2003 shc.README
-rw-r----- 1 root sys 24715 Jul 10 2006 shc.c
-rw-r----- 1 root sys 4558 Jul 8 2004 shc.html
-rwxr-xr-x 1 root sys 138 Nov 12 2004 test.bash
-rwxr-x--- 1 root sys 52 Jun 19 2003 test.csh

shc: ELF-32 executable object file
#

Thanks,
Abi
VK2COT
Honored Contributor

Re: How to convert bash scripts into binary's, so no one can read it

Hello,

Let me try to help.

I did not see you setting environment variable
CC to gcc or HP-UX acc.

You should firstly set it up and then
try to compile cleanly.

If you are going to use GCC, then set

CC=/usr/local/bin/gcc
(or wherever your gcc binary is)

Leave Makefile as it is because
it will use the last definition for:

# For GNU C compiler
CFLAGS = -Wall -O6 -pedantic


On the other hand, if you intend to use
acc, the set CC accordingly and
then comment out ALL but the following CFLAGS
line:

# For HPUX
CFLAGS = -Wall -O -Ae

I am not at my desk so I cannot check it
at the moment. But try this and let us know.

Interesting enough, I just found out
HP-UX Porting and Archive Centre
SHC bundles for a very old version of the
O/S and shc:

http://hpux.cs.utah.edu/hppd/hpux/Shells/shc-2.4a/

If there is enough interest, we could send an
email to the porting guys asking for
an updated version :)

Frankly, I would never advise anyone
to convert Shell script into binary.
No real benefits are achieved.

VK2COT
VK2COT - Dusan Baljevic
Dennis Handly
Acclaimed Contributor

Re: How to convert bash scripts into binary's, so no one can read it

>I believe it is cc, Makefile has been attached

Yes, cc, so those CFLAGS aren't valid.

>Is shc executable?
-rwxr-xr-x Jul 10 2006 shc

It shouldn't have this old date. It is probably for some foreign devil hardware. What does "file shc" show?
Try a "make cleanall".

>VK2COT: if you intend to use HP's C compiler, ... and then comment out ALL but the following CFLAGS line:
# For HPUX
CFLAGS = -Wall -O -Ae

No, this line is still garbage. You need "-Ae -O +wlint".
Dennis Handly
Acclaimed Contributor

Re: How to convert bash scripts into binary's, so no one can read it

>ME: What does "file shc" show?

Sorry, it looks like you did this:
shc: ELF-32 executable object file

So it should run and not get that error, since you are on IPF.
You still could cleanall and make everything.
Abii
Advisor

Re: How to convert bash scripts into binary's, so no one can read it

Hi Dusan/Dennis ,

Thanks for your advice , I will confirm you back on tomorrow

Thanks,
Abi
OldSchool
Honored Contributor

Re: How to convert bash scripts into binary's, so no one can read it

i notice that you keep answering the question "why you are trying to do this" with "what you are trying to do".

as noted above, if we knew the "why" then there may be better methods of accomplishing it then obfuscating the script.
Abii
Advisor

Re: How to convert bash scripts into binary's, so no one can read it

Hi Oldschool,

Why you are trying to do this ?

I want to encrypt the script ( health check script) and execute the same in many servers by copying the script.

I tried crypt command ,but its not encoding well ,so I feel better to compile the script and copy to many customer site. If you can suggest better method than this its really help full for me and well appreciated .



Thanks,
Abi
Abii
Advisor

Re: How to convert bash scripts into binary's, so no one can read it

Hi Dusan,

Thanks for your helping mind.

I tried what you said,but sorry to say I couldn`t succeed.Please have the below error and steps which I have performed.

# echo $CC
/usr/local/bin/gcc
# ldd /usr/local/bin/gcc
libintl.so => /usr/local/lib/hpux32/libintl.so
libc.so.1 => /usr/lib/hpux32/libc.so.1
libiconv.so => /opt/gtk2.6/lib/libiconv.so
libc.so.1 => /usr/lib/hpux32/libc.so.1
libdl.so.1 => /usr/lib/hpux32/libdl.so.1
# make cleanall
rm -f *.o *~ *.x.c
rm -f shc *.x
# make test
/usr/local/bin/gcc -Wall -O6 -pedantic shc.c -o shc
*** Compiling script "match"
CFLAGS="-Wall -O6 -pedantic" ./shc -v -f match
shc shll=sh
shc [-i]=-c
shc [-x]=exec '%s' "$@"
shc [-l]=
shc opts=
shc: /usr/local/bin/gcc -Wall -O6 -pedantic match.x.c -o match.x
match.x.c:108: warning: string length '975' is greater than the length '509' ISO C90 compilers are required to support
match.x.c: In function 'untraceable':
match.x.c:289: error: too few arguments to function 'ptrace'
./shc: Error 0
*** Error exit code 1

Stop.

Thanks,
Abi

Dennis Handly
Acclaimed Contributor

Re: How to convert bash scripts into binary's, so no one can read it

>I couldn't succeed. Please have the below error and steps which I have performed.

(I only know and support cc, not gcc.)

>match.x.c: In function 'untraceable':
match.x.c:289: error: too few arguments to function 'ptrace'

This indicates you don't have have enough args for ptrace.
If this is ptrace(2), this isn't supported on IPF. See the man page.
Aneesh Mohan
Honored Contributor

Re: How to convert bash scripts into binary's, so no one can read it

Hi Dennis ,

I tried to do using ansi c too ,

# echo $CC
/opt/ansic/bin/cc
# ldd /opt/ansic/bin/cc
libstd.so.1 => /usr/lib/hpux32/libstd.so.1
libstream.so.1 => /usr/lib/hpux32/libstream.so.1
libCsup.so.1 => /usr/lib/hpux32/libCsup.so.1
libm.so.1 => /usr/lib/hpux32/libm.so.1
libunwind.so.1 => /usr/lib/hpux32/libunwind.so.1
libc.so.1 => /usr/lib/hpux32/libc.so.1
libdl.so.1 => /usr/lib/hpux32/libdl.so.1
libuca.so.1 => /usr/lib/hpux32/libuca.so.1
libdl.so.1 => /usr/lib/hpux32/libdl.so.1
# make cleanall
rm -f *.o *~ *.x.c
rm -f shc *.x

Edited Makefile :-

Comment out all the CFLAGS line except the below

# For HPUX
CFLAGS = -Ae -O +wlint

#make test


"shc.c", line 715, procedure do_all: warning #20202-D: Allocated memory may
potentially be leaked (at line 962)

*** Compiling script "match"
CFLAGS="-Ae -O +wlint" ./shc -v -f match
shc shll=sh
shc [-i]=-c
shc [-x]=exec '%s' "$@"
shc [-l]=
shc opts=
shc: /opt/ansic/bin/cc -Ae -O +wlint match.x.c -o match.x
"match.x.c", line 284: error #2165: too few arguments in function call
mine = !ptrace(PTRACE_ATTACH, pid, 0, 0);
^

1 error detected in the compilation of "match.x.c".
./shc: Error 0
*** Error exit code 1

Stop.

Thanks,
Abi
Dennis Handly
Acclaimed Contributor

Re: How to convert bash scripts into binary's, so no one can read it

>I tried to do using ansi C too,
"match.x.c", line 284: error #2165: too few arguments in function call
mine = !ptrace(PTRACE_ATTACH, pid, 0, 0);

Now that you are using a real compiler, it is obvious. You are hosed. You can't use ptrace on IPF since ptrace isn't supported. You must port to ttrace(2) instead.
http://docs.hp.com/en/B2355-60130/ttrace.2.html

>ME: If this is ptrace(2), this isn't supported on IPF. See the man page.
mark_gtz
Occasional Visitor

Re: How to convert bash scripts into binary's, so no one can read it

Hi Everyone!

I find a fix for shc ..

# export CC=/usr/local/bin/gcc

# ldd /usr/local/bin/gcc

make test
make strings
make install
***     Installing shc and shc.1 on /usr/local
-n ***  ¿Do you want to continue?
y
        install -c -s shc /usr/local/bin/
install: The -c, -f, -n options each require a directory following!
*** Error exit code 2
And this error is removed when executing these 2 commands manually (I need to put the DIR after the -c:)

# /usr/sbin/install  -c /usr/local/bin/ -s shc /usr/local/bin/

# /usr/sbin/install -c /usr/local/bin/ -m 644 shc.1 /usr/local/man/man1/

and the executable is installed by you!! :

/usr/local/bin/shc

# file /usr/local/bin/shc

/usr/local/bin/shc:     ELF-32 executable object file - IA64

example of usage:
shc -r -T -f myscript.sh

And generates the executable:

myscript.sh.x

Kind Regards.   !