Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Not working on half of the scripts? #27

Open
rootTHC opened this issue Jan 27, 2020 · 5 comments
Open

Not working on half of the scripts? #27

rootTHC opened this issue Jan 27, 2020 · 5 comments

Comments

@rootTHC
Copy link

rootTHC commented Jan 27, 2020

Love the idea but it does not seem to be reliable. Tested on a few scripts and 50% just wont work.

Here is a simple script that wont work (example):

john@hax-vm:~/research/Bashfuscator$ cat script.sh
#! /bin/bash
echo hello
for x in seq 1 10; do echo test $x; done
date

j@hax-vm:/research/Bashfuscator$ bashfuscator -f script.sh -o script-mutated.sh &>/dev/null
j@hax-vm:
/research/Bashfuscator$ chmod 700 script-mutated.sh
j@hax-vm:/research/Bashfuscator$ ./script-mutated.sh
./script-mutated.sh: line 6: "${@/pD.H/s:C?$`Q9}" ${@/K\C
6} ; ${/+.q1f\/(yTSw} p"r"i${,}ntf %s "${tCzgy~~}" ${@##emo6Vrs|} "${@%%L~Zrw"t}" $@ )" ${^} ${*%%_U{$Vmvk}

DATE
FOR X IN SEQ 1 10; DO ECHO TEST $X; DONE
${//bXY9dT(/8Z?v-0} ${!#} ${//nV~83AGv} $@ <<< "$( tCzgy=ECHO: No such file or directory

@capnspacehook
Copy link
Member

What version of bash are you using? Bashfuscator needs 4.0+ to work properly I believe

@rootTHC
Copy link
Author

rootTHC commented Jan 28, 2020 via email

@rootTHC
Copy link
Author

rootTHC commented Jan 28, 2020 via email

@fpestiaux-cplus
Copy link

fpestiaux-cplus commented Mar 6, 2020

I agree, this is an interesting idea but unfortunately don't work on real bash scripts with medium level of complexity. Also, script arguments seems to wont work either :

Original

./rmqStat.sh -h
[ Graylog Stack ] RabbitMQ cluster queue monitor.
Usage: rmqStat.sh

Options are:

-h,--help Print this help screen.

Obfuscated

./rmqStats-ob.sh -h
./rmqStats-ob.sh: line 2: -h: bad substitution

@dvershinin
Copy link

I thought it was nice until I found the same issue. Even with a quite newish bash (e.g. CentOS 8), most scripts are useless when obfuscated by bashfuscator.

Found shc (which is also readily available from EPEL repository) to be more reliable and working fine.
The only downside to it is that it would make the obfuscated script arch-dependent (e.g. x86_64).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

4 participants