Software:Shc the shell script compiler
SHC is a shell script compiler for Unix-like operating systems written in C programming language. The Shell Script Compiler (SHC) encodes and encrypts unix shell scripts into executable binaries. Compiling shell scripts into binaries provides protection against accidental changes and source modification, and is a way of hiding source code written in unix shell scripting language.[1]
Mechanism
SHC takes a shell script which is specified on the command line by [ -f filename ]
option and produces a C source code of the script with added cipher. The generated source code is then compiled and linked to produce a binary executable. Thus it's a two step process where, at first step, it creates a filename.x.c
file of the shell script file filename
. Then it is compiled with cc -$CFLAGS filename.x.c
and thus build the binary from a C source code with the default C compiler available in any system.[1]
The compiled binary will still be dependent on the shell specified in the first line of the shell code (i.e. Shebang: #!/bin/sh
or such), thus shc
does not create completely independent binaries.[2]
shc
itself is not a compiler such as the C compiler, it rather encodes and encrypts a shell script and generates C source code with the added expiration capability. It then uses the system C compiler to compile the source shell script and build a stripped binary which behaves exactly like the original script. Upon execution, the compiled binary will decrypt and execute the code with the shells' -c option.[2]
Versions
Version | Release Date | Changes | |
---|---|---|---|
shc-3.9.3 | 30-Jul-2016 | zsh support and fix for ksh shell[4] | |
shc-3.9.2 | 21-Aug-2015 | Added Busybox support ( -B flag to compile for Busybox[2]). | |
shc-3.9.1 | 03-Apr-2015 | Set -T option as default, and renaming it to -U to its counter logic | |
shc-3.9.0 | 01-Apr-2015 | Adding output file option with [-o filename] and bug fixes | |
shc-3.8.9 | 04-Dec-2013 | Fixing a long-standing bug making the source not hidden | |
shc-3.8.7 | 10-Feb-2010 | Bug on 64bit systems with expiration dates | |
shc-3.8.5 | 10-Feb-2010 | ||
shc-3.8.3 | 10-Jul-2006 | Fixed untraceable() problems on FreeBSD | |
shc-3.8.2 | 06-Jul-2006 | Read permission of the script.x exposes it to disassembling.
Group and others read permission is now removed by default. | |
shc-3.7 | 28-Jun-2005 | Removed all strings in the compiled script. Improved program output and error messages.
The -m option allows to define the *complete* expiration message. Updated manpage shc.1 | |
shc-3.6 | 16-Jun-2005 | Two new options:
-D switch on Debug exec calls. -T switch off unTraceable. | |
shc-3.4 | 19-Jun-2003 | Remove "bad alignment" problem on AIX and other systems.
Where exists, use /proc/<pid>/as in untraceable. | |
shc-3.3 | 21-Apr-2003 | Prevent to ptrace the process | |
shc-3.2 | 05-Aug-2002 | Find ancient pclose that must be fclose | |
shc-3.1 | 05-Aug-2002 | Fixed a misbehavior on scripts with a in-first-line option equal to "end of options"
(i.e. #!/bin/sh -- ) GCC "warning: return type of `main' is not `int'" removed | |
shc-2.4 | 05-Aug-2002 |
Alternatives
References
- ↑ 1.0 1.1 Günther, Karsten. "SHC Shell Compiler » Linux Magazine". http://www.linux-magazine.com/Online/Features/SHC-Shell-Compiler.
- ↑ 2.0 2.1 2.2 "Man page of shc". https://neurobin.github.io/shc/man.html. Retrieved 2015-08-25.
- ↑ "Index of /~frosal/sources". http://www.datsi.fi.upm.es/~frosal/sources/.
- ↑ 4.0 4.1 "Archived copy". Archived from the original on 2015-04-02. https://web.archive.org/web/20150402120802/https://raw.githubusercontent.com/neurobin/shc/release/CHANGES. Retrieved 2015-04-01.
- ↑ "shell script obfuscator". http://www.comp.eonworks.com/scripts/obfuscate_shell_script-20011012.html.
External links