shc加密shell脚本总结
shc介绍shc是shell编译器(Shell Compiler)的缩写, 它可以对shell脚本进行编译和加密。它能够将shell脚本编译为可执行的二进制文件,其中包含了脚本的功能和逻辑,而不暴露源代码。可以说shc就是一个加密shell脚本的工具。shc的官方网址为:http://www.datsi.fi.upm.es/~frosal/sources/。shc在github上没有对应的链接。其实也能理解,不是每一个人都喜欢将自己的项目上传到github上。
官方文档关于shc的描述说明如下:
shc creates a stripped binary executable version of the<br> script specified with -f on the command line.<br><br> The binary version will get a .x extension appended and will<br> usually be a bit larger in size than the original ascii<br> code. Generated C source code is saved in a file with the<br> extension .x.c<br><br> If you supply an expiration date with the -e option the com-<br> piled binary will refuse to run after the date specified.<br> The message "Please contact your provider" will be displayed<br> instead. This message can be changed with the -m option.<br><br> You can compile any kind of shell script, but you need to<br> supply valid -i, -x and -l options.<br><br> The compiled binary will still be dependent on the shell<br> specified in the first line of the shell code (i.e.<br> #!/bin/sh), thus shc does not create completely independent<br> binaries.<br><br> shc itself is not a compiler such as cc, it rather encodes<br> and encrypts a shell script and generates C source code with<br> the added expiration capability. It then uses the system<br> compiler to compile a stripped binary which behaves exactly<br> like the original script. Upon execution, the compiled<br> binary will decrypt and execute the code with the shell -c<br> option. Unfortunatelly, it will not give you any speed<br> improvement as a real C program would.<br><br> shc's main purpose is to protect your shell scripts from<br> modification or inspection. You can use it if you wish to<br> distribute your scripts but don't want them to be easily<br> readable by other people.<br>shc安装
sqc的安装有多种方式,可以根据适合自己的方式来安装,因为各自环境不一样,可能选择的安装方式不一样。
yum安装
# yum -y install shc<br>不过有些Linux版本的yum源可能没有shc包,所以这种方式只适用yum源有shc包的环境。
离线安装
根据对应的Linux发行版本,从https://pkgs.org/ 搜索shc对应平台的rpm包,如下所示,当前测试环境的rpm包下载地址
# yum install -y shc-4.0.3-1.el8.x86_64.rpms<br>源码安装
源码下载地址http://www.datsi.fi.upm.es/~frosal/sources/
mkdir /usr/local/man<br>mkdir /usr/local/man/man1 #install时会把man文件放入该目录。<br><br>tar vxf shc-3.8.9.tgz && cd shc-3.8.9<br>make test<br>make strings<br>make install<br>shc使用
下面是shc比较常用的参数说明,更多参数说明请参考man手册或官方文档。
参数参数说明-h显示帮助信息并退出-f指定需要加密的shell脚本-v参数-v表示verbose模式,输出更详细的编译日志-r可以在相同操作系统的不同系统中执行,也就是放宽安全限制,生成可再分发的二进制文件-o输出文件名,也可以不指定-f指定shell脚本名称-e指定过期日期-m指定过期后的提示信息-U使二进制无法被追踪,默认不开启-H强化:额外的安全保护,默认不开启,它需要shell不支持参数加密shell脚本的例子
# shc -v -f monitor_long_trx.sh<br>shc shll=bash<br>shc [-i]=-c<br>shc [-x]=exec '%s' "$@"<br>shc [-l]=<br>shc opts=<br>shc: cc monitor_long_trx.sh.x.c -o monitor_long_trx.sh.x<br>shc: strip monitor_long_trx.sh.x<br>shc: chmod ug=rwx,o=rx monitor_long_trx.sh.x<br>如下所示,脚本执行后生成了两个文件,其中monitor_long_trx.sh.x是加密过后的可执行的二进制文件。monitor_long_trx.sh.x.c是生成monitor_long_trx.sh.x的原文件(C语言),也就是说编译这个C源代码文件可以创建上面加密的monitor_long_trx.sh.x文件。
# ls -lrt monitor_long_trx*<br>-rw-r--r-- 1 root root 10185 Sep 27 15:51 monitor_long_trx.sh<br>-rw-r--r-- 1 root root 70193 Sep 29 22:16 monitor_long_trx.sh.x.c<br>-rwxrwxr-x 1 root root 24584 Sep 29 22:16 monitor_long_trx.sh.x<br># file monitor_long_trx.sh.x<br>monitor_long_trx.sh.x: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 3.2.0, BuildID=906ccbd32b4e0fa3307be46ff7736bbfac9be25c, stripped<br># file monitor_long_trx.sh.x.c<br>monitor_long_trx.sh.x.c: ASCII text<br>不过这个C源代码文件,跟你想象的C语言源代码文件可能有点不一样。如下所示,
shc还提供了一种设定有效执行期限的方法,编译生成的可执行二进制文件在过了这个有效性后,就不能执行。
shc -e 09/20/2024 -v -f monitor_long_trx.sh<br>或<br>shc -e 09/20/2024 -v -m "the script has expired, please contact your provierder xxx@xxx.com" -f monitor_long_trx.sh <br># shc -e 09/20/2024 -v -f monitor_long_trx.sh<br>shc shll=bash<br>shc [-i]=-c<br>shc [-x]=exec '%s' "$@"<br>shc [-l]=<br>shc opts=<br>shc: cc monitor_long_trx.sh.x.c -o monitor_long_trx.sh.x<br>shc: strip monitor_long_trx.sh.x<br>shc: chmod ug=rwx,o=rx monitor_long_trx.sh.x<br>一些简单常用的例子
<br><br>shc -f monitor_long_trx.sh<br><br>shc -v -r -f monitor_long_trx.sh -o mon_long_trx.sh<br><br>shc -v -r -u -H -f monitor_long_trx.sh -o mon_long_trx.sh<br><br>shc -v -r -e 09/20/2025 -m "the script has expired..." -f monitor_long_trx.sh -o mon_long_trx.sh<br>shc评测
shc编译出来的二进制可执行文件,可能比原shell脚本在文件大小上稍微大上一些,相比gzexe和Bashfuscator等工具,它要可靠很多(Bashfuscator就非常不可靠,有些混淆出来的脚本执行会报错)。从个人简单的测试和实践来看,这个工具非常好用,而且用途非常广泛。
那么shc加密过后的可执行二进制文件,能否被解密呢? 答案是低版本sqc生成的加密二进制可执行文件可以被解密,可以被工具UnSHc解密。而高版本shc(4.x)生成加密文件越来越难解密(暂时不能解密,不代表不能被后续的工具或方法解密)。
下面是UnSHc中的介绍说明,有兴趣可以看看了解一下
Due to the many problems since shc 4.0.3, there seems to be a need for clarification. In shc 4.0.3 many structural changes have been incorporated, so that shc now makes use of various security mechanisms provided by the linux-kernel itself. Therefore, it is now almost impossible to extract the original shell script at all with current UnSHc version, if the new shc version was used. This requires a more in-depth approach, which means that a modified bash or a modified linux-kernel is needed to bypass the security measures.`
参考资料 1: https://dl.fedoraproject.org/pub/epel/8/Everything/x86_64/Packages/s/shc-4.0.3-1.el8.x86_64.rpm
2: https://github.com/yanncam/UnSHc/
扫描上面二维码关注我如果你真心觉得文章写得不错,而且对你有所帮助,那就不妨帮忙“推荐"一下,您的“推荐”和”打赏“将是我最大的写作动力!本文版权归作者所有,欢迎转载,但未经作者同意必须保留此段声明,且在文章页面明显位置给出原文连接.
来源:程序园用户自行投稿发布,如果侵权,请联系站长删除
免责声明:如果侵犯了您的权益,请联系站长,我们会及时删除侵权内容,谢谢合作!
页:
[1]