Nikhil Kumar bio photo

Nikhil Kumar

A stylish blog on my code

Google+ Gmail LinkedIn Github Résumé
Changelog:

Today I decided to obfuscate my gmail script which contains both my gmail username and password. Initially, I had the files hidden as a dot file, however I decided to use shc to convert my .sh file into a binary file. Then edit the permissions to make it execute only.

Caution: While this method prevents a casual observer from seeing the password in your file, it does not prevent someone who understands shc from reading your files. However, changing the script to a hidden execute only binary is significantly more protected than a hidden script file.

Installing and using shc

You can install shc by running:

1
pacman -S shc

Now run:

1
shc -f .mail.sh

This will give two files as the output:

1
2
.mail.sh.x.c
.mail.sh.x

Now test if your binary file works:

1
2
chmod +x .mail.sh.x
./.mail.sh.x

If you get ./mail.sh.x: Operation not permitted , then you would need to rerun shc. After searching online, I found that you can fix the probelm by rerunning shc with additional flags:

1
shc -r -v -T -f .mail.sh

Now your binary script should work.

Makeing the binary execute only

Now change to owner of your binary to root using chown:

1
 sudo chown root .mail.sh.x

Now use chmod to make the file execute only for those other than you:

1
sudo chmod 711 .mail.sh.x