|
|
shc介绍
shc是shell编译器(Shell Compiler)的缩写, 它可以对shell脚本进行编译和加密。它能够将shell脚本编译为可执行的二进制文件,其中包含了脚本的功能和逻辑,而不暴露源代码。可以说shc就是一个加密shell脚本的工具。shc的官方网址为:http://www.datsi.fi.upm.es/~frosal/sources/。shc在github上没有对应的链接。其实也能理解,不是每一个人都喜欢将自己的项目上传到github上。
官方文档关于shc的描述说明如下:- shc creates a stripped binary executable version of the
- script specified with -f on the command line.
- The binary version will get a .x extension appended and will
- usually be a bit larger in size than the original ascii
- code. Generated C source code is saved in a file with the
- extension .x.c
- If you supply an expiration date with the -e option the com-
- piled binary will refuse to run after the date specified.
- The message "Please contact your provider" will be displayed
- instead. This message can be changed with the -m option.
- You can compile any kind of shell script, but you need to
- supply valid -i, -x and -l options.
- The compiled binary will still be dependent on the shell
- specified in the first line of the shell code (i.e.
- #!/bin/sh), thus shc does not create completely independent
- binaries.
- shc itself is not a compiler such as cc, it rather encodes
- and encrypts a shell script and generates C source code with
- the added expiration capability. It then uses the system
- compiler to compile a stripped binary which behaves exactly
- like the original script. Upon execution, the compiled
- binary will decrypt and execute the code with the shell -c
- option. Unfortunatelly, it will not give you any speed
- improvement as a real C program would.
- shc's main purpose is to protect your shell scripts from
- modification or inspection. You can use it if you wish to
- distribute your scripts but don't want them to be easily
- readable by other people.
sqc的安装有多种方式,可以根据适合自己的方式来安装,因为各自环境不一样,可能选择的安装方式不一样。
yum安装
不过有些Linux版本的yum源可能没有shc包,所以这种方式只适用yum源有shc包的环境。
离线安装
根据对应的Linux发行版本,从https://pkgs.org/ 搜索shc对应平台的rpm包,如下所示,当前测试环境的rpm包下载地址[1]- # yum install -y shc-4.0.3-1.el8.x86_64.rpms
源码下载地址http://www.datsi.fi.upm.es/~frosal/sources/- mkdir /usr/local/man
- mkdir /usr/local/man/man1 #install时会把man文件放入该目录。
- tar vxf shc-3.8.9.tgz && cd shc-3.8.9
- make test
- make strings
- make install
下面是shc比较常用的参数说明,更多参数说明请参考man手册或官方文档。
参数参数说明-h显示帮助信息并退出-f指定需要加密的shell脚本-v参数-v表示verbose模式,输出更详细的编译日志-r可以在相同操作系统的不同系统中执行,也就是放宽安全限制,生成可再分发的二进制文件-o输出文件名,也可以不指定-f指定shell脚本名称-e指定过期日期-m指定过期后的提示信息-U使二进制无法被追踪,默认不开启-H强化:额外的安全保护,默认不开启,它需要shell不支持参数加密shell脚本的例子- # shc -v -f monitor_long_trx.sh
- shc shll=bash
- shc [-i]=-c
- shc [-x]=exec '%s' "$@"
- shc [-l]=
- shc opts=
- shc: cc monitor_long_trx.sh.x.c -o monitor_long_trx.sh.x
- shc: strip monitor_long_trx.sh.x
- shc: chmod ug=rwx,o=rx monitor_long_trx.sh.x
- # ls -lrt monitor_long_trx*
- -rw-r--r-- 1 root root 10185 Sep 27 15:51 monitor_long_trx.sh
- -rw-r--r-- 1 root root 70193 Sep 29 22:16 monitor_long_trx.sh.x.c
- -rwxrwxr-x 1 root root 24584 Sep 29 22:16 monitor_long_trx.sh.x
- # file monitor_long_trx.sh.x
- monitor_long_trx.sh.x: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 3.2.0, BuildID[sha1]=906ccbd32b4e0fa3307be46ff7736bbfac9be25c, stripped
- # file monitor_long_trx.sh.x.c
- monitor_long_trx.sh.x.c: ASCII text
shc还提供了一种设定有效执行期限的方法,编译生成的可执行二进制文件在过了这个有效性后,就不能执行。- shc -e 09/20/2024 -v -f monitor_long_trx.sh
- 或
- shc -e 09/20/2024 -v -m "the script has expired, please contact your provierder xxx@xxx.com" -f monitor_long_trx.sh
- # shc -e 09/20/2024 -v -f monitor_long_trx.sh
- shc shll=bash
- shc [-i]=-c
- shc [-x]=exec '%s' "$@"
- shc [-l]=
- shc opts=
- shc: cc monitor_long_trx.sh.x.c -o monitor_long_trx.sh.x
- shc: strip monitor_long_trx.sh.x
- shc: chmod ug=rwx,o=rx monitor_long_trx.sh.x
- shc -f monitor_long_trx.sh
- shc -v -r -f monitor_long_trx.sh -o mon_long_trx.sh
- shc -v -r -u -H -f monitor_long_trx.sh -o mon_long_trx.sh
- shc -v -r -e 09/20/2025 -m "the script has expired..." -f monitor_long_trx.sh -o mon_long_trx.sh
shc编译出来的二进制可执行文件,可能比原shell脚本在文件大小上稍微大上一些,相比gzexe和Bashfuscator等工具,它要可靠很多(Bashfuscator就非常不可靠,有些混淆出来的脚本执行会报错)。从个人简单的测试和实践来看,这个工具非常好用,而且用途非常广泛。
那么shc加密过后的可执行二进制文件,能否被解密呢? 答案是低版本sqc生成的加密二进制可执行文件可以被解密,可以被工具UnSHc[2]解密。而高版本shc(4.x)生成加密文件越来越难解密(暂时不能解密,不代表不能被后续的工具或方法解密)。
下面是UnSHc中的介绍说明,有兴趣可以看看了解一下
Due to the many problems since shc 4.0.3, there seems to be a need for clarification. In shc 4.0.3 many structural changes have been incorporated, so that shc now makes use of various security mechanisms provided by the linux-kernel itself. Therefore, it is now almost impossible to extract the original shell script at all with current UnSHc version, if the new shc version was used. This requires a more in-depth approach, which means that a modified bash or a modified linux-kernel is needed to bypass the security measures.`
参考资料[1] 1: https://dl.fedoraproject.org/pub/epel/8/Everything/x86_64/Packages/s/shc-4.0.3-1.el8.x86_64.rpm
[2] 2: https://github.com/yanncam/UnSHc/
扫描上面二维码关注我如果你真心觉得文章写得不错,而且对你有所帮助,那就不妨帮忙“推荐"一下,您的“推荐”和”打赏“将是我最大的写作动力!本文版权归作者所有,欢迎转载,但未经作者同意必须保留此段声明,且在文章页面明显位置给出原文连接.
来源:https://www.cnblogs.com/kerrycode/p/18441188
免责声明:由于采集信息均来自互联网,如果侵犯了您的权益,请联系我们【E-Mail:cb@itdo.tech】 我们会及时删除侵权内容,谢谢合作! |
本帖子中包含更多资源
您需要 登录 才可以下载或查看,没有账号?立即注册
x
|
