capnspacehook
commented
4 years ago What version of bash are you using? Bashfuscator needs 4.0+ to work properly I believe
Open rootTHC opened 4 years ago
capnspacehook
commented
4 years ago What version of bash are you using? Bashfuscator needs 4.0+ to work properly I believe
rootTHC
commented
4 years ago bash --version GNU bash, version 4.4.19(1)-release (x86_64-pc-linux-gnu)
On Mon, Jan 27, 2020 at 5:40 PM Andrew LeFevre notifications@github.com wrote:
What version of bash are you using? Bashfuscator needs 4.0+ to work properly I believe
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/Bashfuscator/Bashfuscator/issues/27?email_source=notifications&email_token=ANXXMJ7MTLAH7HP6QGV75NLQ74MBHA5CNFSM4KL5INZKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEKAMSZQ#issuecomment-578865510, or unsubscribe https://github.com/notifications/unsubscribe-auth/ANXXMJ5FZKAWCMBKUAHXSELQ74MBHANCNFSM4KL5INZA .
rootTHC
commented
4 years ago I love the idea and there are some neat tricks in Bashfuscator. Once it gets stable and is widely useable it would be a great addition to the cheat sheet.
skyper
On Tue, Jan 28, 2020 at 8:59 AM root root@thc.org wrote:
bash --version GNU bash, version 4.4.19(1)-release (x86_64-pc-linux-gnu)
On Mon, Jan 27, 2020 at 5:40 PM Andrew LeFevre notifications@github.com wrote:
What version of bash are you using? Bashfuscator needs 4.0+ to work properly I believe
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/Bashfuscator/Bashfuscator/issues/27?email_source=notifications&email_token=ANXXMJ7MTLAH7HP6QGV75NLQ74MBHA5CNFSM4KL5INZKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEKAMSZQ#issuecomment-578865510, or unsubscribe https://github.com/notifications/unsubscribe-auth/ANXXMJ5FZKAWCMBKUAHXSELQ74MBHANCNFSM4KL5INZA .
fpestiaux-cplus
commented
4 years ago I agree, this is an interesting idea but unfortunately don't work on real bash scripts with medium level of complexity. Also, script arguments seems to wont work either :
Original
./rmqStat.sh -h [ Graylog Stack ] RabbitMQ cluster queue monitor. Usage: rmqStat.sh
Options are:
-h,--help Print this help screen.
Obfuscated
./rmqStats-ob.sh -h ./rmqStats-ob.sh: line 2: -h: bad substitution
dvershinin
commented
4 years ago I thought it was nice until I found the same issue. Even with a quite newish bash (e.g. CentOS 8), most scripts are useless when obfuscated by bashfuscator.
Found shc (which is also readily available from EPEL repository) to be more reliable and working fine.
The only downside to it is that it would make the obfuscated script arch-dependent (e.g. x86_64).
Love the idea but it does not seem to be reliable. Tested on a few scripts and 50% just wont work.
Here is a simple script that wont work (example):
john@hax-vm:~/research/Bashfuscator$ cat script.sh
! /bin/bash
echo hello for x in
seq 1 10; do echo test $x; done datej@hax-vm:~/research/Bashfuscator$ bashfuscator -f script.sh -o script-mutated.sh &>/dev/null j@hax-vm:~/research/Bashfuscator$ chmod 700 script-mutated.sh j@hax-vm:~/research/Bashfuscator$ ./script-mutated.sh ./script-mutated.sh: line 6: "${@/pD.H/s:C?$`Q9}" ${@/K\C~6} ; ${/+.q1f\/(yTSw} p"r"i${,}ntf %s "${tCzgy~~}" ${@##emo6Vrs|} "${@%%L~Zrw\"t}" $@ )" ${^} ${*%%_U{$Vmvk}
DATE FOR X IN
SEQ 1 10; DO ECHO TEST $X; DONE ${//bXY9dT(/8Z?v-0} ${!#} ${//nV~83AGv} $@ <<< "$( tCzgy=ECHO: No such file or directory