如何缩小/混淆 bash 脚本
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/9907200/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
How to minify/obfuscate a bash script
提问by Christian
Of course a bash file cannot be truly obfuscated and will always be readable. And I don't want to wrap them in some binary package. And renaming local variables wouldn't be worth the trouble.
当然,一个 bash 文件不能真正被混淆,而且总是可读的。而且我不想将它们包装在一些二进制包中。重命名局部变量不值得麻烦。
But is there a reliable simple bash obfuscator or minifier which at least removes all the indentation, all the empty lines and all whitespace without breaking anything? And especially the comments and commented out portions of the script which might contain sensitive documents or information?
但是是否有一个可靠的简单 bash 混淆器或压缩器,它至少可以在不破坏任何内容的情况下删除所有缩进、所有空行和所有空格?尤其是脚本中可能包含敏感文档或信息的注释和注释部分?
I would be afraid of simple grep/sed-lines to do this because "HEREDOCs" must not be modified of course, so a little bit of real parsing is necessary.
我会害怕简单的 grep/sed-lines 来做到这一点,因为“ HEREDOCs”当然不能被修改,所以一些真正的解析是必要的。
Maybe there's a tool to do this, that would be great!
也许有一个工具可以做到这一点,那就太好了!
采纳答案by Vsevolod Kulaga
Here is a tool that I created for bash scripts minification: https://github.com/precious/bash_minifier– it tries to remove all comments and as many spaces/tabs/newlines as possible. It is also available as a service here https://bash-minifier.appspot.com/.
这是我为 bash 脚本缩小创建的工具:https: //github.com/precious/bash_minifier——它试图删除所有注释和尽可能多的空格/制表符/换行符。它也可以作为服务使用https://bash-minifier.appspot.com/。
To minify your bash script run this command:
要缩小您的 bash 脚本,请运行以下命令:
python minifier.py /path/to/shell/script.sh
回答by c00kiemon5ter
:P here is something funny.
:P 这里有一些有趣的事情。
say your script is named originand the obfuscated one is named obsf.
假设您的脚本已命名origin,而混淆的脚本已命名为obsf。
here is origin:
这是origin:
#!/bin/sh
echo "fooo"
here is obsf
这是 obsf
$ echo "echo $(base64 origin)" > obsf
$ cat obsf
echo IyEvYmluL3NoCmVjaG8gImZvb28iCg==
$ chmod +x obsf
now rm originand run obsflike this:
现在像这样rm origin运行obsf:
$ sh obsf | base64 -d | sh
fooo
heh :3
呵呵 :3
回答by Daniel Gray
Even though this is an old question, it seems to be popular on Google. I was also looking for a bash minifer/obfuscator, and didn't like the one in the answer.
尽管这是一个老问题,但它似乎在 Google 上很受欢迎。我也在寻找一个 bash minifer/混淆器,但不喜欢答案中的那个。
I didn't want to add gibberish either, or compile the script. So I wrote one that did what I wanted in Perl, and put it on GitHub at https://github.com/Aralhach/bashobfus/tree/master
It can:
我也不想添加胡言乱语,也不想编译脚本。所以我写了一个在 Perl 中做我想做的事情,并把它放在 GitHub 上https://github.com/Aralhach/bashobfus/tree/master
它可以:
- Flatten indentation
- Remove full-line comments (except the initial hashbang (#!)) and blank lines
- Renames all lowercasevariables in basic declarations (to avoid renaming variables like PATH), for loops, array access, and 'read' statements.
- 压平压痕
- 删除全行注释(初始 hashbang (#!) 除外)和空行
- 重命名基本声明中的所有小写变量(以避免重命名变量,如 PATH)、for 循环、数组访问和“读取”语句。
There might be some case where it fails, but I tested it with a fairly big bash script, and the listed cases of variable replacing popped up. It also leaves variables within single quotes (') alone--this popped up when printing an AWK script-- but replaces between single quotes (') when the statement is already inside double quotes (")--this popped up when printing an MySQL statement.
在某些情况下它可能会失败,但我用一个相当大的 bash 脚本对其进行了测试,并且弹出了列出的变量替换案例。它还将变量单独保留在单引号 (') 内——这在打印 AWK 脚本时弹出——但是当语句已经在双引号 (") 内时在单引号 (') 之间替换——这在打印一个MySQL 语句。
This makes me think I've covered all the big use cases, but I've been wrong before. If you find any bugs, feel free to report them (or fix them! :D). I was also thinking of adding a feature to join short lines into one with ";" but the cases were too many to analyze while making my deadline.
这让我觉得我已经涵盖了所有的大用例,但我以前错了。如果您发现任何错误,请随时报告它们(或修复它们!:D)。我还考虑添加一个功能,将短行与“;”连接在一起。但是案例太多了,无法在截止日期前进行分析。
I hope people find it useful!
我希望人们觉得它有用!
回答by Eduardo Cuomo
Original file script.sh:
原始文件script.sh:
#!/usr/bin/env bash
echo "foo"
Create other.sh
创建 other.sh
$ echo '#!/usr/bin/env bash' > other.sh
$ echo "echo '$(base64 script.sh)' | base64 -d | sh" >> other.sh
$ chmod +x other.sh
Result (cat other.sh):
结果 ( cat other.sh):
#!/usr/bin/env bash
echo 'IyEvdXNyL2Jpbi9lbnYgYmFzaAplY2hvICJmb28iCg==' | base64 -d | sh
Try:
尝试:
$ ./other.sh
foo
回答by linuxnut
A Tool to obfuscate shell scripts: http://www.comp.eonworks.com/scripts/obfuscate_shell_script-20011012.html
混淆shell脚本的工具:http: //www.comp.eonworks.com/scripts/obfuscate_shell_script-20011012.html
Sort of silly to do, but that's up to you. There are also ways to "compile" your shell script into an executable. This post'saccepted answer gives several links with tools to do that.
这样做有点傻,但这取决于你。还有一些方法可以将您的 shell 脚本“编译”为可执行文件。这篇文章的接受答案提供了几个链接,其中包含可以执行此操作的工具。
回答by RoyMWell
Minification and Obfuscation of a shell script are two different things.
shell 脚本的缩小和混淆是两件不同的事情。
Minification means reducing the size of a script by removing all unnecessary characters from source code without changing its functionality. Obfuscation on the other hand means making the script difficult, if not impossible, to read.
缩小意味着通过从源代码中删除所有不必要的字符而不改变其功能来减小脚本的大小。另一方面,混淆意味着使脚本难以阅读,如果不是不可能的话。
Minification:
缩小:
To minify a big script, you can run the following code against the actual script you want to minify:
要缩小大脚本,您可以针对要缩小的实际脚本运行以下代码:
#!/bin/sh
Script=
if [ ! -z "${Script}" ] && [ -f ${Script} ] ; then
CurrenTime=$(date | sed -e 's~ ~_~g' -e 's~:~~g')
cp ${Script} ${Script}_${CurrenTime}
#### Remove all empty lines
#### Remove lines that begin with spaces and a comment sign #
#### Remove all comment lines (meaning, lines that begin with a "#")
awk '
(/.*/ || /#!/) && (!/^#$/) &&
(!/^#[[:blank:]]/) && (!/^#[a-z]/) &&
(!/^#[A-Z]/) && (!/^##/) &&
(!/^\t#/) && (!/^[[:space:]]*$/) &&
( /^#.*!/ || !/^[[:space:]]*#/)
' ${Script} | sed 's_^[[:space:]]*__g' > ${Script}.tmp 2>/dev/null
#' ${Script} > ${Script}.tmp 2>/dev/null (comment out the above line and uncomment this line if your HEREDOCS are affected)
ExitCode=$?
if [ ${ExitCode} -eq 0 ] && [ -s ${Script}.tmp ] ; then
echo
echo "SUCCESS: Your newly [ minified ] script can be found here [ ${Script}.tmp ]."
echo "Review the script [ ${Script}.tmp ] and if happy with it, replace your original script with it!"
echo "NOTE: Your original script [ ${Script} ] was backed up as [ ${Script}_${CurrenTime} ]!"
echo
exit 0
else
echo
echo "FAILURE: Unable to [ minify ] the specified script [ ${Script} ]!!!"
echo
exit 2
fi
else
echo
echo "USAGE: To encrypt your script using Openssl:
1. cat <your-script> | openssl aes-128-cbc -a -salt -k "specify-a-password" > yourscript.enc
OR
2. openssl aes-128-cbc -a-salt -in <path-to-your-script> -k "yourpassword"
To decrypt a script using Openssl (notice the '-d'):
1. cat yourscript.enc | openssl aes-128-cbc -a -d -salt -k "specify-a-password" > yourscript.dec
OR
2. openssl aes-128-cbc -a -d -salt -in <path-to-your-script> -k "yourpassword" > yourscript.dec
<your-script>"
echo
exit 3
fi
Note, minification tends to make a difference only if the script being minified is big...with several hundred or even thousands of lines. I was able to trim off a few Megabytes from a script using the above code.
请注意,只有当被缩小的脚本很大时,缩小才会产生影响……数百甚至数千行。我能够使用上面的代码从脚本中剪掉几兆字节。
Obfuscation:
混淆:
After the above minification is completed, you can just stop right there if size reduction is what you're going for. If however, after the minification, you also wish to obfuscate your script as well, you have options.
完成上述缩小后,如果您想要缩小尺寸,则可以直接停在那里。但是,如果在缩小之后,您还希望混淆您的脚本,您可以选择。
The simplest way to obfuscate your script is through the use of encryption tools such as as Openssl.
混淆脚本的最简单方法是使用加密工具,例如 Openssl。
#!/bin/bash
#
# Usage:
# obfuscate scrript.sh > script_obfuscated.sh
#
PIXIE=$(mktemp)
base64 -d >${PIXIE}<<DIXIE
IyEvYmluL2Jhc2ggClBJWElFPSQobWt0ZW1wKQpiYXNlNjQgLWQgID4ke1BJWElFfTw8RElYSUUK
SXlFdlltbHVMMkpoYzJnS2FXWWdXeUFnTFdZZ0lpUXhJaUJkSUFwMGFHVnVDbU5oZENBOFBGQkpX
RWxGSUFvaklTOWlhVzR2WW1GegphQ0FLVUVsWVNVVTlYQ1FvYld0MFpXMXdLUXBpWVhObE5qUWdM
V1FnSUQ1Y0pIdFFTVmhKUlgwOFBFUkpXRWxGQ2lRb1ltRnpaVFkwCklDUXhLUXBFU1ZoSlJRcHpi
M1Z5WTJVZ1hDUjdVRWxZU1VWOUNuSnRJQzF5WmlCY0pIdFFTVmhKUlgwS1VFbFlTVVVLWlhocGRD
QXcKQ21acENtTmhkRHc4VGtWU1JBb2dJQ0IxYzJGblpUb2diMkoxYzJOaGRHVWdjMk55YVhCMENn
b2dJQ0JYYVd4c0lHZGxibVZ5WVhSbApJQ0p6WTNKcGNIUXViMkp6YUNJS1RrVlNSQW89CkRJWElF
CnNvdXJjZSAke1BJWElFfQpybSAtcmYgJHtQSVhJRX0K
DIXIE
source ${PIXIE}
rm -rf ${PIXIE}
Encryption/Obfuscation:
加密/混淆:
- If your ultimate goal is to make it difficult to others to read your script, try pasting it hereto have an encrypted copy generated for you.
- In case you change your mind about SHC, the latest version can be downloaded here.
回答by RSG
Based on c00kiemon5ter idea, here you have THE script
基于 c00kiemon5ter 的想法,这里有脚本
Your twisted recursive minds will love it, since this is not the original script, but the obfuscated(obfuscated(original))
你扭曲的递归思维会喜欢它,因为这不是原始脚本,而是混淆(混淆(原始))
##代码##