Web Analytics Made Easy - Statcounter

Shell Script Upload

README

For a seamless obfuscation of your shell scripts, please abide by the following rules:

  1. Ensure all shell scripts submitted are properly named:
    • Uploaded shell scripts must have the appropriate .sh/.bash/.ksh/.ksh94/.csh extension:
      • my_fantastic_script.sh
      • my_fantastic_script.bash
      • my_fantastic_script.ksh
    • Avoid spaces in the names of your scripts:
      • my fantastic script.sh
  2. When the "Obfuscate Now" button is clicked, be aware of the following:
    • The download page will be opened in a new tab or window, depending on your browser.
      • The obfuscated script will be in a zip file, under link titled "Zip Link".

NOTE: All obfuscated scripts generated through this free portal will expire within 24 to 48 hours.

Try each of the settings below to see which ones work best for your specific script:

  • default
    • This setting should work on all Linux based systems
  • sbash
    • This setting should work on all Solaris based systems (try this or the solaris option)
  • solaris
    • This setting should work on all Solaris based systems (try this or the sbash option)
  • custom (available for subscribed users)
    • Pick this option if and only if your intended system uses a custom shell...i.e. embedded systems such as androids, busybox etc.

If no option is selected, the default option will be used.

For subscribers:

In the space provided for User List, specify the comma seperated list of usernames you wish to grant access to your encrypted scripts. Note, the username(s) provided during encryption will be only usernames able to run the encrypted script(s). The script will not function for any other user!

For subscribers:

In the space provided for Host List, specify the comma seperated list of hostnames(fqdns) you wish to grant access to your encrypted scripts. Note, the hostname(s) provided during encryption will be only hosts on which the encrypted script(s) can be run. The script(s) will not function on any other host!

In the space provided, specify when you wish for your script to expire.

    Examples:

    • 7d = 7 Days
    • 2w = 2 Weeks
    • 4mo = 4 Months
    • 7000d = 19+ Years
    • July-18-2022_15:00 = Specific date

If no option is selected, the default option will be "off". Which means your script will not expire!

In the space provided for Function names, specify the comma seperated list of functions you wish to protect, if using RStudio/Rconsole.

Choose 'no' (recommended) to disable the ability to debug your encrypted script

This setting forces your protected shell script to validate itself with our servers before allowing users to run it.

  • NOTE: If an attempt is made to run a satelite enabled obfuscated shell script on a host without internet connectivity, the obfuscated script will abort.

For subscribers:

To restrict your shell scripts to allow imports only from other obfuscated scripts, configure the following settings:

    Currently available only for Python scripts:

    • Unique Company Name = Set this to your companyname....(.i.e. apple.com, google.com, cnn.com)
    • Import Access Key = Set a password here to be assigned to all scripts being encrypted
      • Note, this is only needed if Admin Imports and Allowed Importers have values. Do not enter anything here if you're not encrypting imported modules
    • Admin Imports = Specify the names of the main/master scripts which will be importing other scripts
    • Allowed Importers = Specify here the names of other scripts which the main/master scripts will be importing

Bash Obfuscator - Obfuscate shell scripts of all types

The complexity of your bash / shell script does not matter.

Any bash/shell script obfuscated by us should be expected to work exactly as the original. If your original plain text bash/shell script has bugs in it, then, yes, the obfuscated version will also have bugs. Therefore, we strongly recommend confirming the plain text bash / shell script you're uploading actually works.

We are very confident our bash obfuscation tool can thoroughly obfuscate any bash script given to it and we welcome you to test and confirm for yourself. If your obfuscated bash script is unable to execute for some odd reason, there's no need panic or feel dejected. Just notify us immediately so we can address it.

Each obfuscated script produced by the Trial version on this page must validate itself over the internet with our servers. This validation ensures the integrity of the obfuscated code. Therefore, the time it takes for your obfuscated bash/shell code to validate itself with our servers will be added to the execution time of the script.

The paid version of this obfuscation will give users the option to disable remote validation and opt for alternatives.
No. The obfuscated version of your bash script will behave exactly as the original. No special modules will be needed to execute it. All functionalities available in the plain text version will also be available in the obfuscated version.

Yes. However, the size of an obfuscated shell script can be reduced through the settings applied to it during obfuscation.

While we understand the need to be watchful of script sizes, please note that in the grand scheme of things it is quite irrelevant, so long as it delivers on protecting your code and it isn't noticeably slow.

Protecting Bash Code - Self Defending, Monitor Usage

All bash scripts uploaded through this free portal will have strict security settings enabled by default.

Default Security Settings

  1. Duplication Prevention
    • This feature ensures the script name of your obfuscated code at the time of obfuscation is the name it will be forever known by. If changed, script will abort.

  2. Expiration Date Control
    • This feature ensures all submitted bash scripts expire within 24 to 48 hours. The allowed time is verified remotely, with our servers. This means we will be notified of all unauthorized attempts to prolong the usage of the obfuscated bash code.

  3. Self-Defend/Self-Destruction
    • This feature handles the process of terminating the execution of a protected bash script whenever it is under attack. We understand once an obfuscated bash script is sent out into the wild, there will be attempts to hack it. As such, we built in some self defense capabilities in all obfuscated bash/shell scripts. If during execution of a protected bash/shell script, we sense that it has been maliciously altered, we will cause the script to abort, and self destruct!
IMPORTANT NOTE

  1. Although the code protection features listed here are quite advanced and do protect your bash scripts as described, from our perspective, they should still be considered basic.
    • In order to ensure that trial versions of obfuscated shell scripts work everywhere (portable), a number of features were disabled or removed. They can be added back, if needed.
    • There is a wide variety of settings available to further enhance the security of your code. But at the same time, not all features and settings are necessary. Each client is different.
      • Just reach out to us to start a conversation on what your requirements are and we'll advise you on the options available and the way forward.
Yes. All paid customers are allowed to specify expiration dates (among other settings) and decide how their protected script should behave in the event of a hack attack.
We are different in a number of ways. We'll name a few common ones.

  1. Our bash obfuscator converts a plain text bash script, in its entirety, into a format that bears no resemblance to the original plain text version. Yes, we do much more than just scramble variable names.
  2. Additionally, we go far beyond the already herculean task of protecting source code. We track them as well.

    • We figured out rather quickly that, in addition to code obfuscation, it is also absolutely necessary to be able to track where in the world one's intellectual property (i.e. scripts) is being utilized.

      • And as such, we have readymade satelite features available for users to enable if they wish to monitor the whereabouts of their source code.

  3. We require no addons. Yes, you can easily obfuscate any of your bash scripts and begin using the obfuscated copies without needing to install any extra modules.
Yes. But we cannot and will not put such a record in the public domain.

Bash Obfuscator - Upload & Obfuscate Shell Scripts



Register/Login to begin Uploading & Obfuscating Shell (.sh/.ksh/.csh/.bash) scripts