BASH - decrypt an shc encrypted file

Posted on 2007-12-03
Last Modified: 2013-12-26
Hello, i've encrypted a file with SHC .. but i've lost the source .. is there any way to decrypt it and take the source, or i have to make it again ? :\
Question by:rares_dumitrescu
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
LVL 43

Expert Comment

ID: 20401493

Author Comment

ID: 20404318
Francisco García, the author of shc, recently released version 3.8. It uses somewhat different data structures and improves upon the security of the previous version ..
so .. seems that that site was helpfull but not any more :d

Does anyone have another ideea ? thanx
LVL 43

Expert Comment

ID: 20404408
I know.
I just got another idea. Can You kill with SEGV signal the running script? It should dump a core file, and the core hopefully have decrypted script somewhere inside?
And another idea, use strace tool and grab all data passed with write() syscalls - it have to write the script content to real shell execution.
Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.


Author Comment

ID: 20411436
first one made a file dialog.core

v^@ë^DÿÐ^CøÿuôX[ÉÃì^LèpòÿÿÄ^LÃ$FreeBSD: src/lib/csu/i386-elf/crti.S,v 1.7 2005/05/19 07:31:06 dfr Exp $^@0.4^@--create-rc^@--title^@--yesno^@--hline^@-$
dialog version 0.3, by Savio Lam (
À÷patched to version %s by Stuart Herbert (
ÀuChanges Copyright (C) 1995 by Andrey A. Chernov, Moscow, Russia¦^O
So ... no decrypted text

and for strace .. i dont really know how to work with it

any other ideeas ?
if not pff ... i will remake the script .. and i will remember that i am an idiot because i didn't save the script on my computer too :)
LVL 43

Expert Comment

ID: 20414499
I just grabbed shc-3.8.6, compiled simple bash script, killed with SEGV, verified generated core - it have the script code inside.
strace is tricky - the shc generated executeables verifies that it is not traced, terminates otherwise. One would have to create custom trace tool to detach parent as soon as child is forked.
LVL 43

Expert Comment

ID: 20414504
Of course, You have to look throught all core file for the source.

Author Comment

ID: 20426486
hmm .. how did you kill it with SEGV ?
kill -s SEGSEGV pid ?
LVL 43

Accepted Solution

ravenpl earned 500 total points
ID: 20426641

ulimit -c unlimited # make sure it will create the core file
./compiled_script &
sleep 1 #hope it will not finish in one second
kill -SEGV `/sbin/pidof compiled_script`

Author Comment

ID: 20431158
didn't actually work but doesn't matter
i will remake it ... even better :)
thanx for your help ravenpl

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

As a financial services provider, your business is impacted by two of the strictest federal regulations on record: the Sarbanes-Oxley Act and the Gramm-Leach-Bliley Act. Correctly implementing faxing into your organization to provide secure, real-ti…
Encryption for Business Encryption ( ensures the safety of our data when sending emails. In most cases, to read an encrypted email you must enter a secret key that will enable you to decrypt the email. T…
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question