49

I want to convert my shell scripts into binary executable so that nobody else could edit or read it. Is there a way to convert it into a binary executable?

Peter Mortensen
  • 1,025
munish
  • 7,987

3 Answers3

51

shc is what you're looking for. get it here: shc
Extract, cd into dir, make and then ./shc -f SCRIPT. Done.

Everything you need to do this, you find here:
SHC Howto

xx4h
  • 2,400
  • 9
    +1 wow, that is interesting. Just beware that if the process is exactly as it is described, this is a weak method of concealing a password -- it could still be extracted by someone who knows how executables are structured. However, it would be very effective for obscuring a script from casual observers. I'd be interested to learn if scripts pre-compiled this way are faster to execute. – goldilocks Feb 14 '13 at 06:48
  • 28
    Note that it doesn't work with bash (or sh based on bash), as one can do: env SHELLOPTS=verbose ./script.x to see the content of the script. There's probably easy ways to bypass with other shells as well. – Stéphane Chazelas Feb 14 '13 at 11:14
  • 4
    From the shc man page, "Unfortunatelly, it will not give you any speed improvement as a real C program would." http://www.datsi.fi.upm.es/~frosal/sources/shc.html – Adam Feb 14 '13 at 19:35
  • shc has been updated to 3.9.0: https://github.com/neurobin/shc – Jahid Apr 01 '15 at 10:53
  • Although SHC might not give you a speed improvement you hope for, it offers the possibility of hacking SHC itself to obtain a better translation of your script. Writing a clean shell script and then improving SHC could be more productive than writing a C program from scratch, or convoluting a shell script to make it faster. – Kaz Jun 30 '15 at 19:06
  • @StéphaneChazelas with version 4.0.3 of shc, option -U is provided, this is preventing tracing. – user2067125 Feb 12 '21 at 18:02
-1

If the goal here is to hide your shell script so it cant be read or modified, try pasting it to the following website:

Combined Encryption & Obfuscation

When you submit your script to this site, a zip file will be produced for you. Perform the following steps to generate a standalone executable from this zip file.

  1. After submitting your script, right click on the download link
  2. Go to your Unix host and wget or (curl -O) the download link
  3. Unzip the zip file
  4. cd EnScryption.com
  5. ./(your-script.sh)

Step 5 will automatically configure the script and will generate a standalone copy for you. You can then scp this standalone copy to different hosts or distribute it however you want. Note, once encrypted, you cannot change the name of your script. This is for security reasons.

Another option available to you, if you have the time, is to come up with your own secure obfuscation algorithm. If your script is to be portable, you must use tools that are readily available on most Unix systems...ie. openssl or base64. This requires a lot of time. But if the motivation is there, it is indeed possible to make unveiling your scripts impossible or at very least, extremely time consuming!

Jake
  • 7
  • 19
    I would recommend against such a service. You can never be sure they doesn't inject any malware in it before handing it to you. Even if the creators themselves are not trying to do so then adversary can compromise their server to do such injections secretly. – ddnomad Apr 03 '17 at 01:31
  • 6
    "After submitting your script" is exactly the opposite of protecting your code. – Giuseppe Urso Nov 22 '19 at 12:44
  • 4
    Downvote because this is COMPLETELY opposite of what the questioner wants. – Yokai Dec 02 '19 at 17:34
  • 3
    This is also a (very expensive) paid service - $30 for a month's access seems to be the minimum cost – Michael Firth Jul 13 '20 at 11:15
-1

bzexe can convert and also compress the file

user352325
  • 1
  • 6
    I don't quite see how this would prevent anyone from extracting the file to get the original shell script, which is what the user wanted to prevent. Compression is not hiding anything. – Kusalananda May 10 '19 at 14:32