We have some scripts which will run in other project..So the requirement is that we dont want that they should see our code though they can run it. I have done some searching about how to encrypt the shell script and found SHC utillity as the answer.
Can anybody please suggest how will i do it. I tried to install it using wget command but this command is not available here. i am using solaris.
And is it dependent on the OS? What i mean here is, if i encrypt the scripts in solaris after installing SHC, will these run in HPux or Linux even though no SHC installed there?Or do you see any disadvantage of using this utillity.
I tried your solution.. changed the permission to 744..after i downloaded those and put it in another server it 's default permission changed to 644 because of the umask value in that server.
So i dont think this is the appropriate solution of what i m looking for.
shc converts a shell script to a C source code and then uses the available compiler to compile it to a binary. The binary is just like any other executable and though I have not used this shc utility myself, I don't see a reason why it shouldn't work on other linux machines.
To know how to work with shc, please look into the man pages. They should be pretty comprehensive.
Never tried, but it should be possible to replace the interpreter shc is calling (/bin/bash /bin/sh etc) with our own code that simply saved it's input. I wouldn't trust anything in a shc compiled script as secure.
It will be very difficult to get the shell code out of a shc'ed program, since I think it's all turned into assembly. They could disassemble it but it'd be an immense amount of detective work to retrace its steps.
I don't think shc depends on an external shell. There'd be precious little point.
Text strings are another matter. They may be directly extractable via the strings utility.
If you cannot protect the destination file itself, shc is about the best you can manage.
Strings will not work because the script is encrypted within the binary, so it's by no means a trivial job to get at the script source, but I would not be putting any credit card numbers, banking details or passwords in there!