How To Obsure / Obfusticate Bash Shell Scripts

I had a requirement to make a shell script obsured or obfusticated.

The first step is to get your bash script and wrap it in some python.

Let take the bash script as an example: (hello.sh)

#!/bin/bash
echo "Hello World"
echo "Hopefully nobody can see these strings of text"

Next modify hello.sh to look like: (hello.sh.py)

#!/usr/bin/python
import zlib, binascii
data = '''
#!/bin/bash
echo "Hello World"
echo "Hopefully nobody can see these strings of text"
'''

compData = zlib.compress(data)
hexData = binascii.hexlify(compData)
print (hexData)

Next execute: python hello.sh.py
You should get the following output:

789c35c8cd0d80200c06d03b537ce200ace1069ef92942d2b4866222db7bf21d9fdbb
790ba8414ad39ca4de10f62569c3ab8f8bff4a6fa302f88262d0b390a8c08b391116c8e2e9741
2b26bdd3bb0fc3a51d13

Copy that string and insert into another file, replacing the data section as per below: (temp.py)

#!/usr/bin/python
import os, sys, stat, zlib, subprocess, tempfile, binascii

data = '789c35c8cd0d80200c06d03b537ce200ace1069ef92942d2b4866222db7bf21d9fdbb790ba8414
ad39ca4de10f62569c3ab8f8bff4a6fa302f88262d0b390a8c08b391116c8e2e97412b26bdd3bb0fc3a51d13'

data = binascii.unhexlify(data)
tmpFile = tempfile.mkstemp()
tmpFile = tmpFile[1]
try:
        fd = os.open(tmpFile, os.O_CREAT|os.O_RDWR)
        f = os.fdopen(fd, 'w')
        f.write(zlib.decompress(data))
        f.write('n')
        f.close()

        os.chmod(tmpFile, 0700) 
        #os.chmod(tmpFile, stat.S_IEXEC) 
        subprocess.Popen(["/bin/bash", tmpFile]).wait()
finally:
        os.remove(tmpFile)

Save that file and load your python interpretor and type the following:

$ python
Python 2.7.3 (default, Jul 24 2012, 10:05:38) 
[GCC 4.7.0 20120507 (Red Hat 4.7.0-5)] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import py_compile
>>> py_compile.compile("temp.py")
>>> exit() 

Now cat the .pyc that got created through base64

cat temp.pyc | base64

A/MNCgDqv1BjAAAAAAAAAAAFAAAAQAAAAHMcAQAAZAAAZAEAbAAAWgAAZAAAZAEAbAEAWgEAZAAA
ZAEAbAIAWgIAZAAAZAEAbAMAWgMAZAAAZAEAbAQAWgQAZAAAZAEAbAUAWgUAZAAAZAEAbAYAWgYA
ZAIAWgcAZQYAaggAZQcAgwEAWgcAZQUAagkAgwAAWgoAZQoAZAMAGVoKAHqIAGUAAGoLAGUKAGUA
AGoMAGUAAGoNAEKDAgBaDgBlAABqDwBlDgBkBACDAgBaEABlEABqEQBlAwBqEgBlBwCDAQCDAQAB
ZRAAahEAZAUAgwEAAWUQAGoTAIMAAAFlAABqFABlCgBkBgCDAgABZQQAahUAZAcAZQoAZwIAgwEA
ahYAgwAAAVdkAQBlAABqFwBlCgCDAQABWGQBAFMoCAAAAGn/////TnSmAAAANzg5YzM1YzhjZDBk
ODAyMDBjMDZkMDNiNTM3Y2UyMDBhY2UxMDY5ZWY5Mjk0MmQyYjQ4NjYyMjJkYjdiZjIxZDlmZGJi
NzkwYmE4NDE0YWQzOWNhNGRlMTBmNjI1NjljM2FiOGY4YmZmNGE2ZmEzMDJmODgyNjJkMGIzOTBh
OGMwOGIzOTExMTZjOGUyZTk3NDEyYjI2YmRkM2JiMGZjM2E1MWQxM2kBAAAAdAEAAAB3cwEAAAAK
acABAABzCQAAAC9iaW4vYmFzaCgYAAAAdAIAAABvc3QDAAAAc3lzdAQAAABzdGF0dAQAAAB6bGli
dAoAAABzdWJwcm9jZXNzdAgAAAB0ZW1wZmlsZXQIAAAAYmluYXNjaWl0BAAAAGRhdGF0CQAAAHVu
aGV4bGlmeXQHAAAAbWtzdGVtcHQHAAAAdG1wRmlsZXQEAAAAb3BlbnQHAAAAT19DUkVBVHQGAAAA
T19SRFdSdAIAAABmZHQGAAAAZmRvcGVudAEAAABmdAUAAAB3cml0ZXQKAAAAZGVjb21wcmVzc3QF
AAAAY2xvc2V0BQAAAGNobW9kdAUAAABQb3BlbnQEAAAAd2FpdHQGAAAAcmVtb3ZlKAAAAAAoAAAA
ACgAAAAAcwwAAABiYXNoLXRlbXAucHl0CAAAADxtb2R1bGU+AgAAAHMaAAAAVAIGAg8BDAEKAQMB
HAESARYBDQEKAhACHQI=

Copy that block of data into the following production ready script: (final-product.sh)

#!/bin/bash

DECODED=`mktemp`

cat << EOF | base64 -d > $DECODED
A/MNCgDqv1BjAAAAAAAAAAAFAAAAQAAAAHMcAQAAZAAAZAEAbAAAWgAAZAAAZAEAbAEAWgEAZAAA
ZAEAbAIAWgIAZAAAZAEAbAMAWgMAZAAAZAEAbAQAWgQAZAAAZAEAbAUAWgUAZAAAZAEAbAYAWgYA
ZAIAWgcAZQYAaggAZQcAgwEAWgcAZQUAagkAgwAAWgoAZQoAZAMAGVoKAHqIAGUAAGoLAGUKAGUA
AGoMAGUAAGoNAEKDAgBaDgBlAABqDwBlDgBkBACDAgBaEABlEABqEQBlAwBqEgBlBwCDAQCDAQAB
ZRAAahEAZAUAgwEAAWUQAGoTAIMAAAFlAABqFABlCgBkBgCDAgABZQQAahUAZAcAZQoAZwIAgwEA
ahYAgwAAAVdkAQBlAABqFwBlCgCDAQABWGQBAFMoCAAAAGn/////TnSmAAAANzg5YzM1YzhjZDBk
ODAyMDBjMDZkMDNiNTM3Y2UyMDBhY2UxMDY5ZWY5Mjk0MmQyYjQ4NjYyMjJkYjdiZjIxZDlmZGJi
NzkwYmE4NDE0YWQzOWNhNGRlMTBmNjI1NjljM2FiOGY4YmZmNGE2ZmEzMDJmODgyNjJkMGIzOTBh
OGMwOGIzOTExMTZjOGUyZTk3NDEyYjI2YmRkM2JiMGZjM2E1MWQxM2kBAAAAdAEAAAB3cwEAAAAK
acABAABzCQAAAC9iaW4vYmFzaCgYAAAAdAIAAABvc3QDAAAAc3lzdAQAAABzdGF0dAQAAAB6bGli
dAoAAABzdWJwcm9jZXNzdAgAAAB0ZW1wZmlsZXQIAAAAYmluYXNjaWl0BAAAAGRhdGF0CQAAAHVu
aGV4bGlmeXQHAAAAbWtzdGVtcHQHAAAAdG1wRmlsZXQEAAAAb3BlbnQHAAAAT19DUkVBVHQGAAAA
T19SRFdSdAIAAABmZHQGAAAAZmRvcGVudAEAAABmdAUAAAB3cml0ZXQKAAAAZGVjb21wcmVzc3QF
AAAAY2xvc2V0BQAAAGNobW9kdAUAAABQb3BlbnQEAAAAd2FpdHQGAAAAcmVtb3ZlKAAAAAAoAAAA
ACgAAAAAcwwAAABiYXNoLXRlbXAucHl0CAAAADxtb2R1bGU+AgAAAHMaAAAAVAIGAg8BDAEKAQMB
HAESARYBDQEKAhACHQI=
EOF

python $DECODED
rm $DECODED

Now run ./final-product.sh

Hello World
Hopefully nobody can see these strings of text

Hopefully you can make this useful with your own script! –Cam

Or just use SHC http://www.thegeekst … t-bash-shell-script/