linux poison RSS
linux poison Email

Creating executable of Shell Script

Many times it happen that shell scripts that we write contains sensitive information like password or some sort of keys or path to some sensitive files and if you running such script it become very easy for the normal user to have a look inside the script and get the sensitive information from the code.
There is a program called "shc" which can provide the protection from such cases that developer wants.

shc itself is not a compiler such as cc, it rather encodes and encrypts a shell script and generates C source code with the added expiration capability. It then uses the system compiler to compile a stripped binary which behaves exactly like the original script. Upon execution, the compiled binary will decrypt and execute the code with the shell -c option. Unfortunatelly, it will not give you any speed improvement as a real C program would.

shc's main purpose is to protect your shell scripts from modification or inspection. You can use it if you wish to distribute your scripts but don't want them to be easily readable by other people.

Download shc (here) and untar it:
tar -xzvf shc-X.X.tgz
cd shc-X.X/
make
make install
This will install the shc binary on your box.

Create a file called: script.sh and add the following contents for testing purpose

############################### script.sh ##############################
#!/bin/sh
echo "This is a test shell script by Nikesh"
############################### script.sh ##############################

Now run the command:
shc -f script.sh

The switch "-f" specifies the source script to encrypt. The above command will create two files: script.sh.x.c and script.sh.x. The encrypted shell script is: script.sh.x. Run that binary and see the output:

./script.sh.x
This is a test shell script by Nikesh
Now you can distibute the script.sh.x without any fear

You can also specify a time limit on the shell script so that it will no longer execute after a certain date (expire) and you can specify a custom message to echo back to the user.

shc -e 09/12/2008 -m "Licence expire, please contact author - Nikesh" -f script.sh
./script.sh.x
./script.sh.x has expired!
Licence expire, please contact author - Nikesh

Check out the man pages for more info on "shc".


16 comments:

Post a Comment

Related Posts with Thumbnails