Encrypting and Compiling BASH code


If you are looking to protect your BASH script from prying eyes, try encrypting it and then compiling it.

1st: Encrypting
1] obfsh – You will want this tool from http://www.comp.eonworks.com/scripts/obfuscate_shell_script-20011012.html
obfsh is quite flexible and can obfuscate any type of shell script. The
obfuscated script version is printed to stdo. The original script is not

Using obfsh options cleverly, one may fool more then just a casual intruder
or snooper, and certainly make understanding of the obfuscated script harder
and more time consuming.

Read some of the options first.

You can vary the way it works.

So to encrypt it, take this tool and make your script hard to read.

2] ?(Another method is out there. Just have to find it again.)

2nd: Compile
Take your newly encrypted file from step 1 and use it here with the tool called shc.

Check your distro or goto http://www.datsi.fi.upm.es/~frosal/ and download shc (shc-3.8.9.tgz version of this posting).
Edit: After trying to get this to work smoothly, and failing to get “make” to work, I then tested version 3.8.7. This one ran “make” correctly and “make install”. I suggest using it instead. http://www.datsi.fi.upm.es/~frosal/sources/shc-3.8.7.tgz

Use -r, this will relax security to create a redistributable binary that executes on other systems that runs the same operating system as the one on which it was compiled.

3rd (optional): Specifying Expiration Date for Your Shell Script
This makes it so the compiled bash script will not run after the set date and will display a message instead.

If you get the following error messages upon give the shc command:

then install the following packages:

Last but not the least. There is no guarantee that this utility will provide you a very strong security protection. Experienced users or hackers who have sufficient knowledge about “gdb” or other debugger tools can decrypt your shell script(when using shc alone). Although it does provide a good starting point to encrypt (hide) shell scripts from “regular” users if you are a system administrator.

6,102 total views, 1 views today

Kippo scripts


This is to gather the IP addresses and the USERNAME and PASSWORDS that were used in the attempts to login to my machines.

# Only read todays and loop each line in the string
grep -i $todays_date /home/kris/kippo-0.5/log/kippo.log | while read -r line; do

# Only read the lines that contain login auths and IPs. All in one line in this case.
if [[

]]; then
# Cut out the different parts.



# Throw it all in together for outputing to a log of my own.
echo $output

# IF we do not already have it in the log, append the info to it.
if [ !

]; then
echo “$inIP|$inUSER|$inPASS” >> /root/kippo_ssh_auths.log

653 total views, no views today