.TH "shc" "1" "January 14, 2019" "shc user manual" "" .SH NAME .PP shc \- Generic shell script compiler .SH SYNOPSIS .PP \f[B]shc\f[] [ \-e \f[I]date\f[] ] [ \-m \f[I]addr\f[] ] [ \-i \f[I]iopt\f[] ] [ \-x \f[I]cmnd\f[] ] [ \-l \f[I]lopt\f[] ] [ \-o \f[I]outfile\f[] ] [ \-ABCDhUHvSr ] \-f \f[I]script\f[] .SH DESCRIPTION .PP \f[B]shc\f[] creates a stripped binary executable version of the script specified with \f[C]\-f\f[] on the command line. .PP The binary version will get a \f[C]\&.x\f[] extension appended by default if \f[I]outfile\f[] is not defined with [\-o \f[I]outfile\f[]] option and will usually be a bit larger in size than the original ascii code. Generated C source code is saved in a file with the extension \f[C]\&.x.c\f[] or in a file specified with appropriate option. .PP If you supply an expiration date with the \f[C]\-e\f[] option, the compiled binary will refuse to run after the date specified. The message \f[B]Please contact your provider\f[] will be displayed instead. This message can be changed with the \f[C]\-m\f[] option. .PP You can compile any kind of shell script, but you need to supply valid \f[C]\-i\f[], \f[C]\-x\f[] and \f[C]\-l\f[] options. .PP The compiled binary will still be dependent on the shell specified in the first line of the shell code (i.e. \f[C]#!/bin/sh\f[]), thus \f[B]shc\f[] does not create completely independent binaries. .PP \f[B]shc\f[] itself is not a compiler such as cc, it rather encodes and encrypts a shell script and generates C source code with the added expiration capability. It then uses the system compiler to compile a stripped binary which behaves exactly like the original script. Upon execution, the compiled binary will decrypt and execute the code with the shell \f[C]\-c\f[] option. Unfortunately, it will not give you any speed improvement as a real C program would. .PP \f[B]shc\f[]\[aq]s main purpose is to protect your shell scripts from modification or inspection. You can use it if you wish to distribute your scripts but don\[aq]t want them to be easily readable by other people. .SH OPTIONS .PP \-e \f[I]date\f[] : Expiration date in \f[I]dd/mm/yyyy\f[] format \f[C][none]\f[] .PP \-m \f[I]message\f[] : message to display upon expiration \f[C]["Please\ contact\ your\ provider"]\f[] .PP \-f \f[I]script_name\f[] : File path of the script to compile .PP \-i \f[I]inline_option\f[] : Inline option for the shell interpreter i.e: \f[C]\-e\f[] .PP \-x \f[I]command\f[] : eXec command, as a printf format i.e: \f[C]exec(\\\\\[aq]%s\\\\\[aq],\@ARGV);\f[] .PP \-l \f[I]last_option\f[] : Last shell option i.e: \f[C]\-\-\f[] .PP \-o \f[I]outfile\f[] : output to the file specified by outfile .PP \-r : Relax security. Make a redistributable binary which executes on different systems running the same operating system. You can release your binary with this option for others to use .PP \-v : Verbose compilation .PP \-S : Switch ON setuid for root callable programs [OFF] .PP \-D : Switch on debug exec calls .PP \-U : Make binary to be untraceable (using \f[I]strace\f[], \f[I]ptrace\f[], \f[I]truss\f[], etc.) .PP \-H : Hardening. Extra security flag without root access requirement that protects against dumping, code injection, \f[C]cat\ /proc/pid/cmdline\f[], ptrace, etc.. This feature is \f[B]experimental\f[] and may not work on all systems. it require bourne shell (sh) scripts any positional parameters. .PP \-C : Display license and exit .PP \-A : Display abstract and exit .PP \-B : Compile for BusyBox .PP \-h : Display help and exit .SH ENVIRONMENT VARIABLES .PP CC : C compiler command \f[C][cc]\f[] .PP CFLAGS : C compiler flags \f[C][none]\f[] .PP LDFLAGS : Linker flags \f[C][none]\f[] .SH EXAMPLES .PP Compile a script which can be run on other systems with the trace option enabled (without \f[C]\-U\f[] flag): .IP .nf \f[C] shc\ \-f\ myscript\ \-o\ mybinary \f[] .fi .PP Compile an untraceable binary: .IP .nf \f[C] shc\ \-Uf\ myscript\ \-o\ mybinary \f[] .fi .PP Compile an untraceable binary that doesn\[aq]t require root access (experimental): .IP .nf \f[C] shc\ \-Hf\ myscript\ \-o\ mybinary \f[] .fi .SH LIMITATIONS .PP The maximum size of the script that could be executed once compiled is limited by the operating system configuration parameter \f[C]_SC_ARG_MAX\f[] (see sysconf(2)) .SH AUTHORS .PP Francisco Rosales .PP intika .PP Md Jahidul Hamid .SH REPORT BUGS TO .PP