Not working on half of the scripts?

[rootTHC]

Love the idea but it does not seem to be reliable. Tested on a few scripts and 50% just wont work.

Here is a simple script that wont work (example):

john@hax-vm:~/research/Bashfuscator$ cat script.sh
#! /bin/bash
echo hello
for x in seq 1 10; do echo test $x; done
date

j@hax-vm:/research/Bashfuscator$ bashfuscator -f script.sh -o script-mutated.sh &>/dev/null
j@hax-vm:/research/Bashfuscator$ chmod 700 script-mutated.sh
j@hax-vm:/research/Bashfuscator$ ./script-mutated.sh
./script-mutated.sh: line 6: "${@/pD.H/s:C?$`Q9}" ${@/K\C6} ; ${/+.q1f\/(yTSw} p"r"i${,}ntf %s "${tCzgy~~}" ${@##emo6Vrs|} "${@%%L~Zrw"t}" $@ )" ${^} ${*%%_U{$Vmvk}

DATE
FOR X IN SEQ 1 10; DO ECHO TEST $X; DONE
${//bXY9dT(/8Z?v-0} ${!#} ${//nV~83AGv} $@ <<< "$( tCzgy=ECHO: No such file or directory

[capnspacehook]

What version of bash are you using? Bashfuscator needs 4.0+ to work properly I believe

[rootTHC]

bash --version GNU bash, version 4.4.19(1)-release (x86_64-pc-linux-gnu)

…

On Mon, Jan 27, 2020 at 5:40 PM Andrew LeFevre ***@***.***> wrote: What version of bash are you using? Bashfuscator needs 4.0+ to work properly I believe — You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub <#27?email_source=notifications&email_token=ANXXMJ7MTLAH7HP6QGV75NLQ74MBHA5CNFSM4KL5INZKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEKAMSZQ#issuecomment-578865510>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/ANXXMJ5FZKAWCMBKUAHXSELQ74MBHANCNFSM4KL5INZA> .

[rootTHC]

I love the idea and there are some neat tricks in Bashfuscator. Once it gets stable and is widely useable it would be a great addition to the cheat sheet. skyper

…

On Tue, Jan 28, 2020 at 8:59 AM root ***@***.***> wrote: bash --version GNU bash, version 4.4.19(1)-release (x86_64-pc-linux-gnu) On Mon, Jan 27, 2020 at 5:40 PM Andrew LeFevre ***@***.***> wrote: > What version of bash are you using? Bashfuscator needs 4.0+ to work > properly I believe > > — > You are receiving this because you authored the thread. > Reply to this email directly, view it on GitHub > <#27?email_source=notifications&email_token=ANXXMJ7MTLAH7HP6QGV75NLQ74MBHA5CNFSM4KL5INZKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEKAMSZQ#issuecomment-578865510>, > or unsubscribe > <https://github.com/notifications/unsubscribe-auth/ANXXMJ5FZKAWCMBKUAHXSELQ74MBHANCNFSM4KL5INZA> > . >

[fpestiaux-cplus]

I agree, this is an interesting idea but unfortunately don't work on real bash scripts with medium level of complexity. Also, script arguments seems to wont work either :

Original

./rmqStat.sh -h
[ Graylog Stack ] RabbitMQ cluster queue monitor.
Usage: rmqStat.sh

Options are:

-h,--help Print this help screen.

Obfuscated

./rmqStats-ob.sh -h
./rmqStats-ob.sh: line 2: -h: bad substitution

[dvershinin]

I thought it was nice until I found the same issue. Even with a quite newish bash (e.g. CentOS 8), most scripts are useless when obfuscated by bashfuscator.

Found shc (which is also readily available from EPEL repository) to be more reliable and working fine.
The only downside to it is that it would make the obfuscated script arch-dependent (e.g. x86_64).