sch 助shell指令碼加密 02

標籤：

sch 助shell指令碼加密 02

一、  簡介

SHC(shell script compiler)，即shell指令碼編譯器。通過SHC編譯過的指令碼對普通使用者而言是不可讀的，因此如果你想讓你的代碼實現加密功能，讓其有效屏蔽一些敏感資訊，這個時候可以考慮使用SHC；它通常情況下是不太容易被破解的，但是還是有些人可以通過反編譯SHC的方法來實現破解加密過的指令碼。

二、  實驗測試開始
2.1 下載並編譯SHC

[[email protected] ~]# wget http://www.datsi.fi.upm.es/~frosal/sources/shc-3.8.3.tgz[[email protected] ~]# ll shc-3.8.3.tgz-rw-r--r-- 1 root root 19874 Dec 31 20:40 shc-3.8.3.tgz[[email protected] ~]# tar -zxvf shc-3.8.3.tgzshc-3.8.3/CHANGESshc-3.8.3/Copyingshc-3.8.3/Makefileshc-3.8.3/matchshc-3.8.3/pru.shshc-3.8.3/shc.1shc-3.8.3/shc.cshc-3.8.3/shc.htmlshc-3.8.3/shc.READMEshc-3.8.3/test.bashshc-3.8.3/test.csh[[email protected] ~]# cd shc-3.8.3[[email protected] shc-3.8.3]# make && make install*** ?Do you want to probe shc with a test script?*** Please try... make test[[email protected] shc-3.8.3]#

2.2 編譯完成之後，我們切換到oracle使用者下編輯一個指令碼

[[email protected] ~]# su - oracle[[email protected] ~]$ vi sqlscript.sql#!/bin/shsqlplus -S system/oracle << EOFset pagesize 0 linesize 80 feedback offselect 'The database ' || instance_name ||        ' has been running since '||to_char(startup_time, 'HH24:MI MM/DD/YYYY')from v\$instance;select 'There are ' || count(status) ||        ' data files with a status of ' || statusfrom dba_data_filesgroup by statusorder by status;exit;EOF

2.3 執行加密前的指令碼

[[email protected] ~]$ ./sqlscript.sqlThe database woo has been running since 18:17 12/23/2014There are 4 data files with a status of AVAILABLE

2.4 對指令碼進行加密操作，會在原來的基礎上多出兩個檔案

[[email protected] shc-3.8.3]# shc -r -f /home/oracle/sqlscript.sql[[email protected] ~]$ ll sqlscript*-rwxr-xr-x 1 oracle oinstall 365 Dec 31 18:55 sqlscript.sql --運行檔案-rwx--x--x 1 root root 12048 Dec 31 22:00 sqlscript.sql.x –加密後的二進位檔案-rw-r--r-- 1 root root 11416 Dec 31 22:00 sqlscript.sql.x.c --x源檔案(c語言)

2.5 執行加密後的檔案，輸出結果和加密前是一樣的

[[email protected] ~]$ ./sqlscript.sql.xThe database woo has been running since 18:17 12/23/2014There are 4 data files with a status of AVAILABLE

2.6 SHC選擇性參數

[[email protected] shc-3.8.3]# ./shc -vshc parse(-f): No source file specifiedshc Usage: shc [-e date] [-m addr] [-i iopt] [-x cmnd] [-l lopt] [-rvDTCAh] -f script[[email protected] shc-3.8.3]#[[email protected] shc-3.8.3]# ./shc --help./shc: invalid option -- '-'shc parse: Unknown optionshc Version 3.8.3, Generic Script Compilershc Copyright (c) 1994-2005 Francisco Rosales <[email protected]>shc Usage: shc [-e date] [-m addr] [-i iopt] [-x cmnd] [-l lopt] [-rvDTCAh] -f script#設定到期時間-e %s  Expiration date in dd/mm/yyyy format [none]       #到期資訊提示-m %s  Message to display upon expiration ["Please contact your provider"]       #加密指令碼名稱    -f %s  File name of the script to compile    -i %s  Inline option for the shell interpreter i.e: -e    -x %s  eXec command, as a printf format i.e: exec('%s',@ARGV);-l %s  Last shell option i.e: --        #寬鬆的安全性，可以想通作業系統的不同機器中運行    -r     Relax security. Make a redistributable binary    -v     Verbose compilation    -D     Switch ON debug exec calls [OFF]-T     Allow binary to be traceable [no]         #顯示許可證並退出    -C     Display license and exit-A     Display abstract and exit          #顯示協助和退出    -h     Display help and exit    Environment variables used:    Name    Default  Usage    CC      cc       C compiler command    CFLAGS  <none>   C compiler flags    Please consult the shc(1) man page.

sch 助shell指令碼加密 02