[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 3316
  • Last Modified:

BASH - decrypt an shc encrypted file

Hello, i've encrypted a file with SHC .. but i've lost the source .. is there any way to decrypt it and take the source, or i have to make it again ? :\
0
rares_dumitrescu
Asked:
rares_dumitrescu
  • 5
  • 4
1 Solution
 
ravenplCommented:
0
 
rares_dumitrescuAuthor Commented:
Francisco García, the author of shc, recently released version 3.8. It uses somewhat different data structures and improves upon the security of the previous version ..
so .. seems that that site was helpfull but not any more :d

Does anyone have another ideea ? thanx
0
 
ravenplCommented:
I know.
I just got another idea. Can You kill with SEGV signal the running script? It should dump a core file, and the core hopefully have decrypted script somewhere inside?
And another idea, use strace tool and grab all data passed with write() syscalls - it have to write the script content to real shell execution.
0
Never miss a deadline with monday.com

The revolutionary project management tool is here!   Plan visually with a single glance and make sure your projects get done.

 
rares_dumitrescuAuthor Commented:
first one made a file dialog.core

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^$
^@^@^@üÞó¦^O
^@^@^@üÜ÷ÿÿ)M^H}^Ü÷ÿÿE^Lÿt^HÿµÌ÷ÿÿèÄøÿÿÃè=øÿÿXé$^LÜ÷ÿÿÿt^PèÉøÿÿÄ^PPU^Lì^H
v^@ë^DÿÐ^CøÿuôX[ÉÃì^LèpòÿÿÄ^LÃ$FreeBSD: src/lib/csu/i386-elf/crti.S,v 1.7 2005/05/19 07:31:06 dfr Exp $^@0.4^@--create-rc^@--title^@--yesno^@--hline^@-$
ÀÆ^O
dialog version 0.3, by Savio Lam (lam836@cs.cuhk.hk).
À÷patched to version %s by Stuart Herbert (S.Herbert@shef.ac.uk)
ÀuChanges Copyright (C) 1995 by Andrey A. Chernov, Moscow, Russia¦^O
So ... no decrypted text

and for strace .. i dont really know how to work with it

any other ideeas ?
if not pff ... i will remake the script .. and i will remember that i am an idiot because i didn't save the script on my computer too :)
thanx
0
 
ravenplCommented:
I just grabbed shc-3.8.6, compiled simple bash script, killed with SEGV, verified generated core - it have the script code inside.
strace is tricky - the shc generated executeables verifies that it is not traced, terminates otherwise. One would have to create custom trace tool to detach parent as soon as child is forked.
0
 
ravenplCommented:
Of course, You have to look throught all core file for the source.
0
 
rares_dumitrescuAuthor Commented:
hmm .. how did you kill it with SEGV ?
kill -s SEGSEGV pid ?
0
 
ravenplCommented:
yes.

ulimit -c unlimited # make sure it will create the core file
./compiled_script &
sleep 1 #hope it will not finish in one second
kill -SEGV `/sbin/pidof compiled_script`
0
 
rares_dumitrescuAuthor Commented:
didn't actually work but doesn't matter
i will remake it ... even better :)
thanx for your help ravenpl
0

Featured Post

Upgrade your Question Security!

Your question, your audience. Choose who sees your identity—and your question—with question security.

  • 5
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now