After using the shc 4.0.3 encrypted shell script in Centos7, running the encrypted script and using ps ax can reveal the source code #159
Comments
|
It's a known limitation of shc. |
Thank you for your answer. I will try |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I found that after using
shc - r - f test.sh - o testencryption, running./test &, usingps ax | grep test, you can see the source code.The kernel is 3.10.0-1160.el7.x86_64
[root@localhost ~]# ps ax | grep test
10804 pts/0 S 0:00 ./test -c #!/bin/sh while true do sleep 1 done ./test
10844 pts/0 R+ 0:00 grep --color=auto test
After seeing someone using - U or - H to solve similar problems, I tried it and found that - U did not work. - H does not see the source code, but there will be a lot of processes.After I shut down the process related to test and used ps - A, I can see that there are still sh and sleep running
[root@localhost ~]# shc -o test -rH -f test.sh
[root@localhost ~]# sudo ./test &
[1] 11398
[root@localhost ~]#
[root@localhost ~]# ps ax | grep test
11398 pts/0 S 0:00 sudo ./test
11400 pts/0 S 0:00 ./test
11401 pts/0 S 0:00 ./test
11436 pts/0 R+ 0:00 grep --color=auto test
[root@localhost ~]# kill -9 11401
[root@localhost ~]# ps ax | grep test
11498 pts/0 R+ 0:00 grep --color=auto test
[root@localhost ~]# ps -A
......................................
11412 pts/0 00:00:00 sh
11513 pts/0 00:00:00 sleep
11514 pts/0 00:00:00 ps
[root@localhost ~]#
What are some good ways I can solve this problem? I hope someone who knows or has experience can help me. Thank you very much
The text was updated successfully, but these errors were encountered: