Hi,
As stated in
https://github.com/neurobin/shc/issues/23#issuecomment-299035820 the
problem can be in a change in the way the kernel does the "Address space
layout randomization", different each time even when the same command
with the same PID re-executes itself recursively.
I use the address of a function of the code itself (chkenv) to try to
verify that the code is not "tampered / substituted" in order to
discover the unencrypted version of the original script.
I have made the attached patch from
https://github.com/neurobin/shc/blob/release/src/shc.c
I hope it will work.
Thanks,
Francisco Rosales.
On 04/05/17 21:44, Eriberto wrote:
Control: severity 861180 normal
2017-05-04 16:30 GMT-03:00 Tong Sun <suntong...@users.sourceforge.net>:
Hi Eriberto,
Hi,
Do you still want to mark the Severity: as grave
after Jörg Sommer has explained in
https://github.com/neurobin/shc/issues/23#issuecomment-299035820
that there is a workaround?
I tested this workaround yesterday. Setting normal.
Cheers,
Eriberto
--- shc-3.9.3.c 2016-10-11 23:25:11.000000000 +0200
+++ shc-3.9.4.c 2017-05-08 17:28:27.705206932 +0200
@@ -17,7 +17,7 @@
*/
static const char my_name[] = "shc";
-static const char version[] = "Version 3.9.3";
+static const char version[] = "Version 3.9.4";
static const char subject[] = "Generic Shell Script Compiler";
static const char cpright[] = "GNU GPL Version 3";
static const struct { const char * f, * s, * e; }
@@ -251,6 +251,8 @@
" *argv = argv[1];",
"}",
"",
+"void chkenv_end(void);",
+"",
"int chkenv(int argc)",
"{",
" char buff[512];",
@@ -259,8 +261,12 @@
" char * string;",
" extern char ** environ;",
"",
-" mask = (unsigned long)&chkenv;",
-" mask ^= (unsigned long)getpid() * ~mask;",
+" mask = (unsigned long)getpid();",
+" stte_0();",
+" key(&chkenv, (void*)&chkenv_end - (void*)&chkenv);",
+" key(&data, sizeof(data));",
+" key(&mask, sizeof(mask));",
+" arc4(&mask, sizeof(mask));",
" sprintf(buff, \"x%lx\", mask);",
" string = getenv(buff);",
"#if DEBUGEXEC",
@@ -282,6 +288,8 @@
" return -1;",
"}",
"",
+"void chkenv_end(void){}",
+"",
"#if !TRACEABLE",
"",
"#define _LINUX_SOURCE_COMPAT",
@@ -343,6 +351,7 @@
" char * me = getenv(\"_\");",
" if (me == NULL || !isFile(me)) { me = argv[0]; }",
"",
+" ret = chkenv(argc);",
" stte_0();",
" key(pswd, pswd_z);",
" arc4(msg1, msg1_z);",
@@ -358,7 +367,6 @@
" arc4(chk1, chk1_z);",
" if ((chk1_z != tst1_z) || memcmp(tst1, chk1, tst1_z))",
" return tst1;",
-" ret = chkenv(argc);",
" arc4(msg2, msg2_z);",
" if (ret < 0)",
" return msg2;",