Today I decided to obfuscate my gmail script which contains both my gmail
username and password. Initially, I had the files hidden as a dot file, however
I decided to use shc to convert my .sh file into a binary file. Then edit
the permissions to make it execute only.
Caution: While this method prevents a casual observer from seeing the password in your file, it does not prevent someone who understands shc from reading your files. However, changing the script to a hidden execute only binary is significantly more protected than a hidden script file.
Installing and using shc
You can install shc by running:
1
pacman -S shc
Now run:
1
shc -f .mail.sh
This will give two files as the output:
1
2
.mail.sh.x.c
.mail.sh.x
Now test if your binary file works:
1
2
chmod +x .mail.sh.x
./.mail.sh.x
If you get ./mail.sh.x: Operation not permitted , then you would need to
rerun shc. After searching online, I found that you can fix the probelm by
rerunning shc with additional flags:
1
shc -r -v -T -f .mail.sh
Now your binary script should work.
Makeing the binary execute only
Now change to owner of your binary to root using chown:
1
sudo chown root .mail.sh.x
Now use chmod to make the file execute only for those other than you:
1
sudo chmod 711 .mail.sh.x