Download and install shc source.
wget http://www.datsi.fi.upm.es/~frosal/sources/shc-3.8.7.tgz
tar xzvf shc-3.8.7.tgz
cd shc-3.8.7
make
make install
Create simple script file with following codes
#!/bin/bash
echo -e -n "Enter the first value \t:"
read a
echo -e -n "Enter the second value \t:"
read b
sum=$(expr $a + $b)
echo "Result is $sum"
Encrypt the test.sh script file with shc as below.
$ ./shc -f test.sh
List the files with ls command Now we have 2 more files with .sh.x and .sh.x.c extensions
[root@core scripts]# ls
test.sh test.sh.x test.sh.x.c
Execute the Encrypted script file with following command
./test.sh.x
Additional parameter that can be used with shc are below
Setting expiration date on the script file with the message.
shc -e '28/09/2015' -m "This script file is expired" -f test.sh
Execute the script before expiration date.
./test.sh.x
Change date and time with following command
sudo date +%Y%m%d -s '20150928'
Execute the script after expiration date.
[dilli@core scripts]$ ./test.sh.x
./test.sh.x: has expired!
This script file is expired
ulimit -c
If output is zero means that core file is not created.
Now we set core file size limit to 70000 byte
ulimit -c 70000
Now we start binary & segfault it right away.I used IP-Digger binary to get plain text from it.
./IP-Digger4.sh.x& ( sleep 0.02 && kill -SIGSEGV $! )
sleep 0.02 will give the binary enough time to start up and decrypt the original script. The variable $! contains the pid of the last background process started, so we can easily kill it with the segmentation fault signal SIGSEGV (same as kill -11 $!).
+ segmentation fault (core dumped) ./IP-Digger4.sh.x
cat core | strings >plain_text
No comments:
Post a Comment