[oracle@rdbms ~]$ shc -f ora.sh -o ora
[oracle@rdbms ~]$ ./ora tsfree
./ora: Argument list too long: /bin/bash

cat /etc/issue

CentOS release 6.3 (Final)

Is there a way to install shc on debian, without having to compile it?
Can I install shc on debian from a repository?

compiled with AddressSanitizer
shc -f crash.sh -o crash

==28692==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x557d75d52d63 bp 0x60200000efb0 sp 0x7ffc5a81f9d0 T0)
    #0 0x557d75d52d62 in eval_shell /root/fuzz/shc/src/shc.c:714
    #1 0x557d75d5b6b3 in do_all /root/fuzz/shc/src/shc.c:1009
    #2 0x557d75d519d8 in main /root/fuzz/shc/src/shc.c:1021
    #3 0x7f746b27d2b0 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x202b0)
    #4 0x557d75d51a19 in _start (/root/fuzz/shc/src/shc+0x3a19)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV /root/fuzz/shc/src/shc.c:714 in eval_shell
==28692==ABORTING

crash.zip

../Am.sh.x.c:4703:19: warning: 'ePtAttachDeprecated' is deprecated: PT_ATTACH is deprecated. See PT_ATTACHEXC [-Wdeprecated-declarations]
mine = !ptrace(PTRACE_ATTACH, pid, 0, 0);
^
../Am.sh.x.c:4684:24: note: expanded from macro 'PTRACE_ATTACH'

define PTRACE_ATTACH PT_ATTACH

                            ^

/Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX10.12.sdk/usr/include/sys/ptrace.h:85:19: note: expanded from macro 'PT_ATTACH'
#define PT_ATTACH ePtAttachDeprecated /* trace some running process */
^
/Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX10.12.sdk/usr/include/sys/ptrace.h:71:2: note: 'ePtAttachDeprecated' has been explicitly marked deprecated here
ePtAttachDeprecated __deprecated_enum_msg("PT_ATTACH is deprecated. See PT_ATTACHEXC") = 10
^
1 warning generated.

As described in the past bugreports (which I believed to be a regression to #36 ):

#36 (comment)
#36 (comment)
#36 (comment)

I replied as follows:

Is it fixed ?

Unfortunately this "fix" causes a regression on my system (Fedora). When running a script with "sudo", then I'll be getting this kind of errors:

-bash-4.4$ sudo toucher.sh
toucher.sh: line 0: exec: (null): not found

I had to revert to the shc version before this "fix" to have shc behave normally again.

The current commits in the master branch seem to have fixed that issue.

Thanks.

Perhaps you could make it clear that the purpose of shc is to hide the source code of the shell script rather than to speed up the shell script.

Hi,

i get below error when compile the script with expect shell:

$ ./shc -rv -f vrun.sh
shc shll=expect
shc Unknown shell (expect): specify [-i][-x][-l]
./shc: Success

using shc-3.8.9.tgz version.

Thanks,

Suresh

Hi.

I copied the bash line in shc.c and added zsh, recompiled, installed and tested.

Worked fine.

Don't know if this is something you'd want to add to source...

Cheers!

Hello @neurobin

I tried for hours now, to compile SHC for arm & arm64, but without success.

so far, I only managed to SUCCESFULLY compile SHC for i386 ( see my below method ), then to use it, to create compiled bash-based binaries as arm/arm64 compatible.
This is only HALF the solution, since I need a PC for the bash->bin convertion.
( I wish to use SHC on phones ).

Can you please direct me on how to compile SHC for arm/arm 64 ?

P.S - for the internet record....
Thanks to a post by @Thiago Zilli Sarmento I managed to compile my bash script to arm & arm64 ( for android ) !!!! :-)

few notes:

1. for some reason, not "gcc-arm-linux-gnueabihf-gcc" nor
   "gcc-arm-linux-gnueabihf-gcc-6" was willing to compile at all - only
   when I used "gcc-arm-linux-gnueabihf-gcc-4.9" -> it worked (for arm)

2. 'make' didn't work till I installed 'automake'

3. I too get wierd output when I compiled of:
   "strip: Unable to recognise the format of the input file `SCRIPT_NAME'
   shc: never mind"
   just ignor it... no harm exist, AFAIK.

4. NEXT IMPORTANT STEP: what's left is to understand how to cross-compile SHC itself to arm/arm64 so that itself can run on these arch types.

5. here are the nessesary steps on lubuntu 16.04 i368 ( i.e x32 ):

aptitude install crossbuild-essential-armhf crossbuild-essential-arm64 automake gcc-4.9-arm-linux-gnueabihf
git clone https://github.com/neurobin...
cd shc

./configure --prefix=$prefix
make clean
make

** to compile script to ARM, run:

CC="arm-linux-gnueabihf-gcc-4.9" CFLAGS="-march=armv7-a -static" ./src/shc -r -f SCRIPT_NAME
mv SCRIPT_NAME.x SCRIPT_ARM

** to compile script to ARM64 (AARCH64), run:

CC="aarch64-linux-gnu-gcc" CFLAGS="-march=armv8-a -static" ./src/shc -r -f SCRIPT_NAME
mv SCRIPT_NAME.x SCRIPT_AARCH64

Is it possible to include a --noencrypt option that skips the arc4 encryption? I would like to be able to compare the performance on an encrypted binary script vs an unencrypted binary script.

Also, a lot of the time I don't care about obfuscation so much as I don't want anyone to modify a script.

I have compiled shc from source on Ubuntu 18.04, it does not work as it suppose to work
but its working fine on Ubuntu 16.04

Thanks,

Hi
I tried shc, and all binaries from bash scripts working fine but cannot execute from
menu or [desktop] files
Exec=mybinary_from_script.x OR Exec=/path/mybinary_from_script.x
the kde does not understand this, output in xsessions:
kdeinit5: Shutting down running client.
klauncher: Exiting on signal 15

this original script working:
Exec=mybinary_from_script.sh

Does anyone have any idea?

ugly workaround Exec=$(mybinary_from_script.x)

Tried this with multiple versions of shc, compiling with and without nearly every option. This is on a redhat/oracle linux 6.2 machine.

`

cat test.sh

#!/bin/sh
echo
echo $$
exit

shc -r -U -f test.sh -o test

for i in {1..20}; do echo $i;./test; done

1

[1]+ Stopped ./test
2

5067
3

5070
4

5073
5

5076
6

5079
7

5082
8

5085
9

5088
10

5091
11

5094
12

5097
13

5100
14

5103
15

5106
16

5109
17

5112
18

5115
19

5118
20

[2]+ Stopped ./test

pgrep -l test

5064 test
5066 test
5121 test
5122 test

ps auxwwf | grep 5064

root 5064 0.0 0.0 3924 372 pts/0 T 14:29 0:00 _ ./test
root 5198 0.0 0.0 6380 684 pts/0 S+ 14:30 0:00 _ grep 5064

ps auxwwf | grep test

root 5064 0.0 0.0 3924 372 pts/0 T 14:29 0:00 _ ./test
root 5066 0.0 0.0 0 0 pts/0 Z 14:29 0:00 | _ [test]
root 5121 0.0 0.0 3924 372 pts/0 T 14:29 0:00 _ ./test
root 5122 0.0 0.0 0 0 pts/0 Z 14:29 0:00 | _ [test]
root 5201 0.0 0.0 6380 688 pts/0 S+ 14:30 0:00 _ grep test

kill -SIGCONT 5064

5064

[1]- Done ./test

ps auxwwf | grep test

root 5121 0.0 0.0 3924 372 pts/0 T 14:29 0:00 _ ./test
root 5122 0.0 0.0 0 0 pts/0 Z 14:29 0:00 | _ [test]
root 5210 0.0 0.0 6380 688 pts/0 S+ 14:31 0:00 _ grep test`

Now, I have several scripts I have compiled and have been using for months, but they get very little use. Most of the time, they run fine, it's only a small random percentage do they get zombied. Has anyone else seen this issue and is there a fix? FYI the test.sh is only a quick script to be able to share and fill out this issue.

Hi,

Is untraceable binary still working?

shc -U -f script.sh -o binary # Untraceable binary (prevent strace, ptrace etc..)

So I tried it, and get the following:

$ shc -U -Df test.bash -o testshc

$ testshc
shll=main
argc=1
argv[0]=testshc
argv[1]=<null>
testshc: Operation not permitted
Killed

$ strace -f -o /tmp/shc testshc
shll=main
argc=1
argv[0]=testshc
argv[1]=<null>
testshc: Operation not permitted
Killed

$ tail /tmp/shc
18391 getppid()                         = 18390
18391 close(0)                          = 0
18391 openat(AT_FDCWD, "/proc/18390/as", O_RDWR|O_EXCL) = -1 ENOENT (No such file or directory)
18391 ptrace(PTRACE_ATTACH, 18390)      = -1 EPERM (Operation not permitted)
18391 write(2, "testshc: Operation not permitted"..., 33) = 33
18391 kill(18390, SIGKILL)              = 0
18390 <... wait4 resumed> <unfinished ...>) = ?
18391 exit_group(0)                     = ?
18391 +++ exited with 0 +++
18390 +++ killed by SIGKILL +++

Without the -U it works fine.

Hi.

I'm running on openSuSe 42.1 within a Virtual Machine.
I compiled my script with ./shc -U -f script.sh -o script
it ran fine using: ./script

Copied the compiled script file from the VM to my PC, restored my VM from on older backup, copied the compiled script back and ran it using: ./script

I now get:
6w���E�^���ʮ>�MX���`location has changed!

Any idea why I can't use the script on any of my 42.1 machines ?

Thanks

Hi again Jahidul,

What kind of metadata would you like to give to shc?

X: shc source: upstream-metadata-file-is-missing
N: 
N:    This source package is not Debian-native but it does not have a
N:    debian/upstream/metadata file.
N:    
N:    The Upstream MEtadata GAthered with YAml (UMEGAYA) project is an effort
N:    to collect meta-information about upstream projects from any source
N:    package. This file is in YAML format and it is used in to feed the data
N:    in the UltimateDebianDatabase. For example, it can contains the way the
N:    authors want their software be cited in publications and some
N:    bibliographic references about the software.
N:    
N:    Please add a debian/upstream/metadata file.
N:    
N:    Refer to https://dep-team.pages.debian.net/deps/dep12/ and
N:    https://wiki.debian.org/UpstreamMetadata for details.
N:    
N:    Severity: pedantic, Certainty: certain
N:    
N:    Check: upstream-metadata, Type: source

This branch did not apply the upstream patch, existz/shc-3.8.9@209a447

normalmente funciona

#!/bin/bash
while true; do
read -p "Ping Yahoo? [y|n]:" yn
case $yn in
[Yy]* ) ping www.yahoo.com; break;;
[Nn]* ) exit;;
* ) echo "Choose yes or no";;
esac
done

/tmp# prueba
Ping Yahoo? [y|n]:
PING fd-fp3.wg1.b.yahoo.com (98.139.180.149) 56(84) bytes of data.
64 bytes from ir1.fp.vip.bf1.yahoo.com (98.139.180.149): icmp_seq=1 ttl=48 time=78 ms

#########################################################
/tmp# shc -v -f prueba
/tmp# cp prueba.x /tmp/prueba2
/tmp#chmod +x prueba2
/tmp#prueba2

Este es el error después de compilar:
prueba2: -c: línea 4: error sintáctico cerca del elemento inesperado [Yy]*' /usr/bin/prueba: -c: línea 4: [Yy]* ) ping www.yahoo.com; break;;'

saludos

I'm having problem running shc compiled binary in a different shell. Here's my simple example shell script. The compiled binary runs fine in bash and zsh, but doesn't produce any output in other shell, such as csh.

#!/bin/bash

echo "Hello"
$ shc -f echo.sh
$ ./echo.sh.x
Hello
$ csh
% ./echo.sh.x
% 

I wonder if this is a known limitation of shc approach. Here's more output with debug option turned on.

$ ./echo.sh.x 
shll=main
argc=1
argv[0]=./echo.sh.x
argv[1]=<null>
getenv(xdb3b6767f85d98dd)=<null>
shll=/bin/bash
argc=4
argv[0]=./echo.sh.x
argv[1]=-c
argv[2]=exec '/home/sunhwan/./echo.sh.x' "$@"
argv[3]=./echo.sh.x
argv[4]=<null>
shll=main
argc=1
argv[0]=/home/sunhwan/./echo.sh.x
argv[1]=<null>
getenv(xdb3b6767f85d98dd)=15797333814178322653 1
shll=/bin/bash
argc=4
argv[0]=/home/sunhwan/./echo.sh.x
argv[1]=-c
argv[2]=                                                            
argv[3]=/home/sunhwan/./echo.sh.x
argv[4]=<null>
Hello
$ csh
% ./echo.sh.x
shll=main
argc=1
argv[0]=./echo.sh.x
argv[1]=<null>
getenv(xe1b72135949ef745)=<null>
shll=/bin/bash
argc=4
argv[0]=./echo.sh.x
argv[1]=-c
argv[2]=exec '/bin/csh' "$@"
argv[3]=./echo.sh.

Hello,

I tried shc on some small scripts, and once they worked fine, I tried to compile a slightly larger one
(~200 line bash script). When tried to run, I see garbage characters!

$ ./script.sh.x args
./script.sh.x: ��Oy�(��ʛ��W__��@��)

The reason I wanted to use shc was - I had to run the script with privileges, so instead of making
the script itself a SUID executable, I wanted to compile it and then make it an SUID program!

if the final result is compiled with -U -f, it fails to execute for any non-root user, which are exactly my users
Operation not permitted

I'm getting this error when moving compiled binaries to another similar system. The program in question just runs a single ping command, applies a regular expression to the output and echoes a result back to the console.

First system is a TrueOS FreeBSD install, second is a minimal FreeBSD install.

I've tried compiling for sh, csh and tcsh. The binary runs fine on the TrueOS system, just won't run on the target system.

I'm guessing there's an unmet dependency or library on the minimal system but was hoping someone could point me in the right direction on installing. Haven't had any luck with Google on figuring that out.

Thanks!

I have a script in bash where I export some variables so that I can use them in another shell script. Now when I use shc and convert into executable script and I run it I am not able to source those variables.

For ex: say I have a script
test.sh
#!/bin/bash
owner=tcmp
export tcmp

I run this in bash as
./test.sh

and when I do

echo $owner

it displays tcmp

Now I convert test.sh using shc compiler and I get test.sh.x script

when I run this script
./test.sh.x
and then try to do echo $owner it gives me empty output. Can you please assist how to achieve this when I use shc compiler.

Good morning! Please, tell me, can I make only *.c file from *.sh file without binary compilation? Thak you in advance!

I have two shell scripts which have dependencies. Using shc compiler i created two binaries. But while running one binary, it is unable to resolve depended binary.i am seeing below error
line 1 : ???? :command not found
How to deal with shell scripts which have dependencies.

When running make && make install this error is prioduced in Manjaro 4.4.13.

[root@yokai shc]# make cd . && /bin/sh /root/shc/config/missing automake-1.14 --gnu /root/shc/config/missing: line 81: automake-1.14: command not found WARNING: 'automake-1.14' is missing on your system. You should only need it if you modified 'Makefile.am' or 'configure.ac' or m4 files included by 'configure.ac'. The 'automake' program is part of the GNU Automake package: <http://www.gnu.org/software/automake> It also requires GNU Autoconf, GNU m4 and Perl in order to run: <http://www.gnu.org/software/autoconf> <http://www.gnu.org/software/m4/> <http://www.perl.org/> Makefile:320: recipe for target 'Makefile.in' failed make: *** [Makefile.in] Error 1

Current version of aclocal is 1.15. Automake is not missing it is just a newer version than in the script.

[root@sys1 shc]# ./test_prograss_bar.sh
Start run: /BG: 22
[root@sys1 shc]# shc -f test_prograss_bar.sh -o test_prograss_bar.bin
shc: WARNING!!
Scripts of length near to (or higher than) the current System limit on
"maximum size of arguments to EXEC", could comprise its binary execution.
In the current System the call sysconf(_SC_ARG_MAX) returns -1 bytes
and your script "test_prograss_bar.sh" is 432 bytes length.
[root@deepdell shc]# ./test_prograss_bar.bin
Start run: /./test_prograss_bar.bin: line 25: wait: %1: no such job
BG: 127
[root@sys1 shc]# cat ./test_prograss_bar.sh
#!/bin/bash

cmd="sleep 5; exit 22" #runs Good
LOGFILE="/tmp/tmp.tmp"

bar(){

printf "running command:\n $1:\nResults:\n" &>>$LOGFILE
sh -c "$1" &>>$LOGFILE &
pid=$!
spin[0]="-"
spin[1]="\"
spin[2]="|"
spin[3]="/"

printf "$2: ${spin[0]}"
while kill -0 $pid 2>/dev/null
do
for i in "${spin[@]}"
do
echo -ne "\b$i"
sleep 0.1
done
done

wait %1
#judge the output
printf "BG: $?\n"

}

bar "$cmd" "Start run"
[root@sys1 shc]#

I am running it under RHEL 7.4 with the zip file downloaded from git hub, the git clone one reports error after compiled aclocal-1.15.1:

[root@sys1 shc]# make
CDPATH="${ZSH_VERSION+.}:" && cd . && /bin/sh /backup/frank/shc/shc/config/missing aclocal-1.15 -I m4
Can't locate Automake/Config.pm in @inc (@inc contains: /usr/local/share/automake-1.15 /usr/local/lib64/perl5 /usr/local/share/perl5 /usr/lib64/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib64/perl5 /usr/share/perl5 .) at /backup/frank/shc/automake-1.15.1/bin/aclocal-1.15 line 37.
BEGIN failed--compilation aborted at /backup/frank/shc/automake-1.15.1/bin/aclocal-1.15 line 37.
make: *** [aclocal.m4] Error 2

Produced binaries not work if compiled with -m64 mode on Solaris 10. And will never work on Solaris 11, because of it is pure 64-bit, without 32-bit ABI.

What does it mean "not work"? Compiled script output show garbage, for example:
// Compiling C-source

gcc -O3 -m64 -c -o ramdisk.sh.x.o ramdisk.sh.x.c -I.

// Linking C-source

gcc -s -m64 -o ramdisk ramdisk.sh.x.o

// Running (should show "# ./ramdisk
Usage ./ramdisk <start|stop|backup|restore>"):

./ramdisk

./ramdisk: 6lkП&*3§1z1C¥

I use shc to encrypt a shell script. Anything is ok but until i restart my mac.

The error message: "
uE?A@1??G??oAg!X??^I'
?_??8?has expired!
Please contact your provider [email protected]

hi
we have bash for windows when I install git, then i have bash.
is it possible to compile in bash and run in windows?
another question is, should I compile for each platform 32 and 64 bit on linux?

Hi i compile my script but it works only on my machine while i want to compile to works on other machines (without see my script code)
i compile my script but output of compile doesn't work on same OS
my os is:

but this output doesn't run on same os on another machine something like:

it's my script and compiled file:
compile.zip

There has been radical changes in Linux kernel "fs/proc/cmdline.c" and now shc compiled script can be extracted completely using /proc/[pid]/cmdline!

Note that this will happen with all kernel versions starting from 4.2. Example below is from Ubuntu 15.10 that is using 4.2.0-19-generic. I have also tested all available versions of shc.

It seems that copying example here is not exactly accurate (due to github web). There is lots of space betwen "./test.sh.x-c" and "#! /bin/bash" when you watch it from /proc/22366/cmdline.

$ cat test.sh

! /bin/bash

while true
do
sleep 10
done

$ shc -f test.sh
$ ./test.sh.x &
[1] 22366
$ cat /proc/22366/cmdline
./test.sh.x-c #! /bin/bash

while true
do
sleep 10
done

Hello I've tried shc on my csh scripts. For example my test.csh is here below:
#!/bin/csh
echo Hello world

A comment

After a shc -v -U -f test.csh -r I got:
shc shll=csh
shc [-i]=-c
shc [-x]=exec '%s' $argv
shc [-l]=-b
shc opts=
shc: cc test.csh.x.c -o test.csh.x
shc: strip test.csh.x
shc: chmod ug=rwx,o=rx test.csh.x

but running test.csh.x from the command line
produces:

/bin/csh: Event not found.
Hello world
#: Command not found.

It seems unable to recognize both csh and comments like #
Any idea? My shc version is 3.9.6.
Bye

Hello.
I've this simple script called "spy.sh":
#!/bin/bash
ncat -l -p 80 &

And after executing shc -f spy.sh -o spy.exe , if I do...:
setcap cap_net_bind_service=eip spy.exe

...I get this error: "Ncat: bind to :::80: Permission denied. QUITTING."

I understand this error is given by Ncat, which it hasn't any assigned capability but...should it happen like this? Isn't my binary independent from others?

Thanks!

uname -a
Linux dove 2.6.32-573.1.1.el6.x86_64 #1 SMP Tue Jul 14 02:46:51 EDT 2015 x86_64 x86_64 x86_64 GNU/Linux

ksh --version
  version         sh (AT&T Research) 93u+ 2012-08-01

cat /etc/redhat-release
Red Hat Enterprise Linux Server release 6.7 (Santiago)

I compiled a simple ksh shell script with shc (it does not matter which options are used or what the shell script actually does, the result is the same).

./a.out

shll=main
argc=1
argv[0]=./a.out
argv[1]=<null>
getenv(xffffffe4ac74559f)=<null>
shll=/bin/ksh
argc=4
argv[0]=./a.out
argv[1]=-c
argv[2]=exec '*23612*./a.out' "$@"
argv[3]=./a.out
argv[4]=<null>
./a.out: exec: *23612*./a.out: not found

The ksh environment has a strange entry for $_

env

_=*23612*/bin/env
DBPATH=/cms/db/inf
DB_LOCALE=en_us.utf8
G_BROKEN_FILENAMES=1
HISTCONTROL=ignoredups
HISTSIZE=1000
HOME=/root
...

The problem is in the xsh function and here is how I fixed it temporarily:

        //char * me = getenv("_");
        //if (me == NULL) { me = argv[0]; }
        char * me = argv[0];

I am sure there is a better way to fix this permanently.

I am trying to compile my shell script for 32 bit

CFLAGS=-m32
shc -f script -r

Using file command, I got this:

> file -L script.x
script.x: ELF 64-bit LSB  executable, x86-64, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.6.24, BuildID[sha1]=b4f378e46a4f34301d5dd5fff9f8de1c63d3ad45, stripped

To overcome this problem i compile the source code myself. But i hope that you fix this issue soon

gcc script.x.c -m32

I'm not sure if this is outside the scope of this project, but it would be nice if the #!/usr/bin/env pattern.

% cat bisect.sh
#!/usr/bin/env bash

set -ex

export NIXPKGS=${NIXPKGS:-$HOME/packages/nixpkgs}
nix-env --file "$NIXPKGS" -iA autojump
autojump --help

% shc -U -f bisect.sh
shc Unknown shell (env): specify [-i][-x][-l]
shc: Success

SHC is licensed under GPL3. Technically, shell scripts obfuscted with SHC are embedded into SHC C code and then compiled.

How does SHC avoid putting shell scripts under GPL, seeing as how the GPL would be antithetical to the purpose of SHC, which is to avoid the necessity of distributing the source code of programs written in bash?

System: Linux zibrixnb 4.8.0-30-generic #32-Ubuntu SMP Fri Dec 2 03:43:27 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux

cat >test.sh
#!/bin/bash
echo ciao
read a
echo $a

$ shc -o tst -f test.sh

./tst

(the program hangs.. no errors..nothing... I exit with ctrl-c)

attached is the generated C file.
test.zip

Any chance we can have a pre-compiled binary for arm processors? For usage on the raspberry pi for example?

I realize I can compile it on a raspberry pi myself. But if I want the binary to be portable, so I can copy it on more raspberry pi's, which files must I copy over?

Thanks

Getting these error messages, when trying to make the binary untraceable:

~/Code/bin/myscript.sh.x.c:2722:19: warning: 'ePtAttachDeprecated' is deprecated: PT_ATTACH is deprecated. See PT_ATTACHEXC
      [-Wdeprecated-declarations]
                        mine = !ptrace(PTRACE_ATTACH, pid, 0, 0);
                                       ^
~/Code/bin/myscript.sh.x.c:2703:24: note: expanded from macro 'PTRACE_ATTACH'
#       define PTRACE_ATTACH    PT_ATTACH
                                ^
/usr/include/sys/ptrace.h:85:19: note: expanded from macro 'PT_ATTACH'
#define PT_ATTACH       ePtAttachDeprecated     /* trace some running process */
                        ^
/usr/include/sys/ptrace.h:71:22: note: 'ePtAttachDeprecated' has been explicitly marked deprecated here
        ePtAttachDeprecated __deprecated_enum_msg("PT_ATTACH is deprecated. See PT_ATTACHEXC") = 10
                            ^
/usr/include/sys/cdefs.h:186:38: note: expanded from macro '__deprecated_enum_msg'
        #define __deprecated_enum_msg(_msg) __deprecated_msg(_msg)
                                            ^
/usr/include/sys/cdefs.h:180:48: note: expanded from macro '__deprecated_msg'
        #define __deprecated_msg(_msg) __attribute__((deprecated(_msg)))
                                                      ^
1 warning generated.

I am getting the warning that call sysconf(_SC_ARG_MAX) returns -1 bytes when ARG_MAX is 4611686018427387903. My script is is 133040 bytes length and its not running.

Hi folks,

I'm using ksh, once I generated my binary executable
cmd : shc -v -r -T -f myscript.ksh

I can easly retreive the code in ps command

you can reproduce the issue :
while the script is running try to run in another console in the same machine

'ps -ef | grep <name_of-the_script> '

let you see the result ..
the original script is exposed via the use of ps -ef !!
and will require not too much effort to re-construct the code

info my env
build machins is : 2.6.32-504.el6.x86_64
run machine : 3.10.0-327.el7.x86_64

note : I googled a bit and found that some other people are exposing quit a tricky methode to retreive the code

Questions :

• are developpers aware about this ?
• any plan to fix or not fix ?

br,
M

In my shell script i am reading value from some text file say
cat /tmp/file and i am using this value to check condition in shell script and later again i am populating the same file 'echo 1 > /tmp/file'. There is some delay in these performances. After creating shc binary i am seeing performance degrade of my shell script, previously it was fast.Please help me to know is there any limitation with shc

Feeding a file that contains only #!0 to shc triggers a null pointer dereference and crash.

echo '#!0' > test.sh && ./shc -f test.sh -o /dev/null

==22425==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x000000402ccf sp 0x7ffe41c46e70 bp 0x000000000000 T0)
    #0 0x402cce in eval_shell /root/shc/src/shc.c:708
    #1 0x40b083 in do_all /root/shc/src/shc.c:1001
    #2 0x401806 in main /root/shc/src/shc.c:1013
    #3 0x7fea3d22ab44 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21b44)
    #4 0x4018ec (/root/shc/src/shc+0x4018ec)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV /root/shc/src/shc.c:708 eval_shell
==22425==ABORTING

shc files are not compatible with Busybox and so one cannot use it in order to build an initrd-compatible executable.

Found this patch over the Internet (credits to its coder) and it works great.
https://onedrive.live.com/prev?cid=18a41d08a9f3c543&id=18A41D08A9F3C543!231&authkey=!AJQ6Iah_5D3WJ60&v=TextFileEditor

Tested on Debian 7 initrd.

$ shc -v -U -f mytest.ksh -r
shc shll=ksh
shc [-i]=-c
shc [-x]=exec '%s' "$@"
shc [-l]=
shc opts=-x
shc: cc mytest.ksh.x.c -o mytest.ksh.x
shc: strip mytest.ksh.x
shc: chmod ug=rwx,o=rx mytest.ksh.x
$ ./mytest.ksh.x
[1] + Stopped (SIGSTOP) ./mytest.ksh.x
$ shc -v -f mytest.ksh -r
shc shll=ksh
shc [-i]=-c
shc [-x]=exec '%s' "$@"
shc [-l]=
shc opts=-x
shc: cc mytest.ksh.x.c -o mytest.ksh.x
shc: strip mytest.ksh.x
shc: chmod ug=rwx,o=rx mytest.ksh.x
--- DBATEST.DEV1@nzrmg@cmcbluntzasrv01-01 /tools/static/nzrmg/tt_tools/REFRESH_production/DBATEST/.SHC/shc-release/test
$ ./mytest.ksh.x
./mytest.ksh.x: exec: 9014./mytest.ksh.x: not found

./shc -v -r -f run-command.sh
shc shll=expect
shc Unknown shell (expect): specify [-i][-x][-l]
./shc: Success

I've been looking into #7 and I think the real problem here is not that command arguments are being leaked, but that SHC is using command arguments to pass sensitive information (the script) to the shell.

Instead of something of the form:
$ bash -c "script goes here"
Something of the form:

script="script goes here"
echo $script | bash

Would be more secure.

I'd make the PR myself but I have no idea how to express that in C.

I need to know what exactly "Make binary untraceable" means?
Please explain briefly internet doesn't have any clear explanations