SHC is a shell script compiler written in C programming language. The Shell Script Compiler (SHC) encodes and encrypts unix shell scripts into executable binaries. Compiling shell scripts into binaries provides protection against accidental changes, source modification and renders a way of hiding source code written in unix shell scripting language.
Contents
Mechanism
SHC takes a shell script which is specified on the command line by [ -f filename ] option and produces a C source code of the script with added cipher. The generated source code is then compiled and linked to produce a binary executable. Thus it's a two step process where, at first step, it creates a filename.x.c file of the shell script file filename. Then it is compiled with cc -$CFLAGS filename.x.c and thus build the binary from a C source code with the default C compiler available in any system.
The compiled binary will still be dependent on the shell specified in the first line of the shell code (i.e. Shebang: #!/bin/sh or such), thus shc does not create completely independent binaries.
shc itself is not a compiler such as the C compiler, it rather encodes and encrypts a shell script and generates C source code with the added expiration capability. It then uses the system C compiler to compile the source shell script and build a stripped binary which behaves exactly like the original script. Upon execution, the compiled binary will decrypt and execute the code with the shells' -c option.
Alternatives
- obfs
- shellcrypt
- obash