Solved

BASH - decrypt an shc encrypted file

Posted on 2007-12-03
9
2,973 Views
Last Modified: 2013-12-26
Hello, i've encrypted a file with SHC .. but i've lost the source .. is there any way to decrypt it and take the source, or i have to make it again ? :\
0
Comment
Question by:rares_dumitrescu
  • 5
  • 4
9 Comments
 
LVL 43

Expert Comment

by:ravenpl
Comment Utility
0
 

Author Comment

by:rares_dumitrescu
Comment Utility
Francisco García, the author of shc, recently released version 3.8. It uses somewhat different data structures and improves upon the security of the previous version ..
so .. seems that that site was helpfull but not any more :d

Does anyone have another ideea ? thanx
0
 
LVL 43

Expert Comment

by:ravenpl
Comment Utility
I know.
I just got another idea. Can You kill with SEGV signal the running script? It should dump a core file, and the core hopefully have decrypted script somewhere inside?
And another idea, use strace tool and grab all data passed with write() syscalls - it have to write the script content to real shell execution.
0
 

Author Comment

by:rares_dumitrescu
Comment Utility
first one made a file dialog.core

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^$
^@^@^@üÞó¦^O
^@^@^@üÜ÷ÿÿ)M^H}^Ü÷ÿÿE^Lÿt^HÿµÌ÷ÿÿèÄøÿÿÃè=øÿÿXé$^LÜ÷ÿÿÿt^PèÉøÿÿÄ^PPU^Lì^H
v^@ë^DÿÐ^CøÿuôX[ÉÃì^LèpòÿÿÄ^LÃ$FreeBSD: src/lib/csu/i386-elf/crti.S,v 1.7 2005/05/19 07:31:06 dfr Exp $^@0.4^@--create-rc^@--title^@--yesno^@--hline^@-$
ÀÆ^O
dialog version 0.3, by Savio Lam (lam836@cs.cuhk.hk).
À÷patched to version %s by Stuart Herbert (S.Herbert@shef.ac.uk)
ÀuChanges Copyright (C) 1995 by Andrey A. Chernov, Moscow, Russia¦^O
So ... no decrypted text

and for strace .. i dont really know how to work with it

any other ideeas ?
if not pff ... i will remake the script .. and i will remember that i am an idiot because i didn't save the script on my computer too :)
thanx
0
What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

 
LVL 43

Expert Comment

by:ravenpl
Comment Utility
I just grabbed shc-3.8.6, compiled simple bash script, killed with SEGV, verified generated core - it have the script code inside.
strace is tricky - the shc generated executeables verifies that it is not traced, terminates otherwise. One would have to create custom trace tool to detach parent as soon as child is forked.
0
 
LVL 43

Expert Comment

by:ravenpl
Comment Utility
Of course, You have to look throught all core file for the source.
0
 

Author Comment

by:rares_dumitrescu
Comment Utility
hmm .. how did you kill it with SEGV ?
kill -s SEGSEGV pid ?
0
 
LVL 43

Accepted Solution

by:
ravenpl earned 500 total points
Comment Utility
yes.

ulimit -c unlimited # make sure it will create the core file
./compiled_script &
sleep 1 #hope it will not finish in one second
kill -SEGV `/sbin/pidof compiled_script`
0
 

Author Comment

by:rares_dumitrescu
Comment Utility
didn't actually work but doesn't matter
i will remake it ... even better :)
thanx for your help ravenpl
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Envision that you are chipping away at another e-business site with a team of pundit developers and designers. Everything seems, by all accounts, to be going easily.
SSL stands for “Secure Sockets Layer” and an SSL certificate is a critical component to keeping your website safe, secured, and compliant. Any ecommerce website must have an SSL certificate to ensure the safe handling of sensitive information like…
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now