如何混淆shell脚本? [英] How to obfuscate a shell script?
问题描述
我正在使用Ubuntu 10.04.我已经创建了一个shell脚本.编写脚本后,右键单击文件并选择Gedit,即可编辑代码.我想知道如何使脚本在Gedit中不可读.
I am using Ubuntu 10.04. i have created a shell script. After writing the script, the code can be edited when right clicking the file and selecting Gedit. I want to know how to make the script unreadable in Gedit.
推荐答案
GEdit 只是另一个可用于编辑文件的工具,就像"vi"或"nano"一样.唯一的区别是,我相信它是图形的.尽管如此,看来原始的发帖人在这里试图做的只是使其他人无法查看某些脚本.如果是这样,那么有些解决方案可能值得研究.
GEdit is just another tool that can be used to edit a file, much like "vi" or "nano" is. Only difference is, I believe it is graphical. Nevertheless, it appears that what the original poster is attempting to do here is to simply make it impossible for others to view certain scripts. If that's true, there are solutions that may be worth investigating.
SHC:
SHC是用于此目的的出色工具.并且根据该线程的最后一篇帖子,看来OP已经尝试过了,但是在某些系统上不起作用.如果是这样,这就是原因. SHC的工作方式实际上非常简单.使用它混淆脚本时,必须针对要在其上运行该脚本的任何操作系统重新编译该脚本.这意味着,您不能在ubuntu框上运行SHC编译器,并且不能期望生成的脚本在Red Hat/CentOS框上运行.似乎可以通过在此处访问来访问SHC的最新版本.
SHC is a great tool to use for this purpose. and based on the last post in this thread, it appears the OP has already tried it but, it didn't work on certain systems. If that's the case, heres's the reason why. The way SHC works is actually pretty straight-forward. When using it to obfuscate a script, you have to re-compile the script for whichever OS you intend to run it on. What that means is, you cannot run the SHC compiler on a ubuntu box and expect the produced script to work on a Red Hat/CentOS box. It appears the latest version of SHC can be accessed here.
加密:
If your main goal is to discourage others from attempting to read your code, you can just paste your script to a site like this one. This site will automatically generate an obfuscated version of your script that should be able to run without issues on most common Unix systems.
如果您不希望出于任何原因将代码粘贴到上述站点或使用SHC,那么还有另一种解决方案.使用openssl!
If you do not wish to paste your code to the above site or use SHC for whatever reason, then, there's yet another solution. Use openssl!
OpenSSL:
如果您的脚本确实如此敏感,那么Openssl(或类似的工具)可能是您的最佳选择.为什么?因为特别是在大多数Unix系统上都存在openssl工具... Ubuntu,CentOS,Red Hat,Macs,AIX.它是默认安装的一部分.请注意,如果您决定采用这种方式,则需要以一种方式编写脚本,以便在脚本运行之前,用户必须提供密码.
If your scripts are really that sensitive, then Openssl(or a similar tool) is probably the best option for you. Why? Because the openssl tool in particular is present on most Unix systems...i.e. Ubuntu, CentOS, Red Hat, Macs, AIX. It comes as part of the default installation. If you decide to go this route, note, you will need to write your script in such a way that before it runs, the user has to provide a password.
使用OpenSSL加密脚本:
cat yourscript.sh | openssl aes-128-cbc -a -salt -k (specify-a-password-here) > yourscript.enc.sh
(OR)
openssl aes-128-cbc -a -salt -in yourscript.sh -k (specify-a-password-here) > yourscript.enc.sh
(OR)
openssl aes-128-cbc -a -salt -in yourscript.sh -out yourscript.enc.sh -k (specify-a-password-here)
使用OpenSSL解密脚本:
cat yourscript.enc.sh | openssl aes-128-cbc -a -d -salt -k (specify-a-password-here) > yourscript.dec.sh
(OR)
openssl aes-128-cbc -a -d -salt -in yourscript.sh -k (specify-a-password-here) > yourscript.dec.sh
(OR)
openssl aes-128-cbc -a -d -salt -in yourscript.sh -out yourscript.enc.sh -k (specify-a-password-here)
关于openssl加密机制" aes-128-cbc "的快速注意事项:
A quick thing to note about the openssl encryption mechanism 'aes-128-cbc':
可能存在更安全的机制.但是,您希望在其中运行加密脚本的某些系统没有这些机制,因此无法运行脚本.因此,如果您决定更改它,请记住这一点.
There are probably more secure mechanisms out there. But there is a good chance some of the systems you wish to run your encrypted scripts on wont have those mechanisms, thereby making it impossible to run your script. So keep that in mind if you decide to change it.
这篇关于如何混淆shell脚本?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
