Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

binarysafe/binsh

BranchesTags
Open more actions menu
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
2 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
binsh.c
binsh.c
 
 
build.sh
build.sh
 
 
encrypt.c
encrypt.c
 
 

Repository files navigation

binsh - obfuscate shell scripts

Overview

This tool allows to obfuscate shell scripts by embedding them in a compiled program, encrypting and passphrase-protect them.

The script is included in the compiled C program as a constant, when you run the program the script is executed using the specified shell's command (by default: /bin/sh -c --).

The running environment (arguments, environement variables, fds) is "forwarded" to the script.

Usage

To build the program that embeds the script

build.sh <script> <passphrase>|- [<output>] [<shell> <exec> <command> <...>]"

To run the program that embeds the script (compiled as binsh)

./binsh <passphrase>|- [<script> <arguments> <...>]

How does it work

The main idea is not to be able to determine what does the script do just by opening the script file.

First of all, the script is included as a constant in a compiled program so it's harder to understand what it does by just opening the file.

The script is encrypted using a simple key-based symetric encryption algorithm before the compilation so it's not possible to determine what the binary file does using softwares such as strings.

In the end, the script is decrypted at run time using the key in order to avoid the binary to be analysed using softwares such a strace (without the key you can't run the script).

Examples

Compile then run a script using a passphrase

./build.sh script.sh p4ssphras3 script
# Build of 'script' successful

./script p4ssphras3 --opt 123
# ...

Compile then run a script using a key file

dd if=/dev/urandom of=keyfile bs=512 count=1
# 512 bytes (512 B) copied, ...

./build.sh script.sh - script < keyfile
# Build of 'script' successful

./script - --opt 123 < keyfile
# ...

Compile then run a Perl script

cat <<'EOF' > script.pl
use strict;
print 'ARGV: ["' . join('", "', @ARGV) . "\"]\n";
print 'ENV["TEST"]: ' . $ENV{"TEST"} . "\n";
EOF

./build.sh script.pl p4ssphras3 script /usr/bin/perl -w -- -
# Build of 'script' successful

TEST=123 ./script p4ssphras3 --abc "def hij" --klm
#ARGV: ["--abc", "def hij", "--klm"]
#ENV["TEST"]: 123

Compile then run a Python script

cat <<'EOF' > script.py
import sys
import os
print 'ARGV: ' + repr(sys.argv[1:])
print 'ENV["TEST"]: ' + os.environ.get('TEST')
EOF

./build.sh script.py p4ssphras3 script /usr/bin/python -Wall -
# Build of 'script' successful

TEST=123 ./script p4ssphras3 --abc "def hij" --klm
#ARGV: ['--abc', 'def hij', '--klm']
#ENV["TEST"]: 123

Compile then run a Ruby script

cat <<'EOF' > script.rb
puts "ARGV: " + ARGV.inspect
puts 'ENV["TEST"]: ' + ENV['TEST']
EOF

./build.sh script.rb p4ssphras3 script /usr/bin/ruby -w -- -
# Build of 'script' successful

TEST=123 ./script p4ssphras3 --abc "def hij" --klm
#ARGV: ["--abc", "def hij", "--klm"]
#ENV["TEST"]: 123

About

Shell script obfuscation tool (compile, encrypt and passphrase-protect)

Resources

Readme

License

GPL-3.0 license
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages

  • C 80.0%
  • Shell 20.0%
Morty Proxy This is a proxified and sanitized view of the page, visit original site.