April 2019
Intermediate to advanced
303 pages
6h 16m
English
Content preview from Cybersecurity Ops with bash
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
Chapter 14. Script Obfuscation
Bash scripts are easily human readable, which is a feature of the language by design. Readability is a desirable attribute for most applications, but not so for penetration testing. In most cases, you do not want your target to be able to easily read or reverse engineer your tools when performing offensive operations. To counter that, you can use obfuscation.
Obfuscation is a suite of techniques used to make something purposely difficult to read or understand. There are three main methods for obfuscating scripts:
-
Obfuscate the syntax
-
Obfuscate the logic
-
Encode or encrypt
We look at each of these methods in detail in the sections that follow.
Commands in Use
We introduce base64 for data conversions and the eval command to execute arbitrary command statements.
base64
The base64 command is used to encode data using the Base64 format.
Tip
For additional information on Base64 encoding, see RFC 4648.
Common command options
- -d
-
Decode Base64-encoded data
Command example
To encode a string into Base64:
$ echo 'Rapid Cybersecurity Ops' | base64 UmFwaWQgQ3liZXJzZWN1cml0eSBPcHMK
To decode from Base64:
$ echo 'UmFwaWQgQ3liZXJzZWN1cml0eSBPcHMK' | base64 -d Rapid Cybersecurity Ops
eval
The eval command executes the arguments given to it in the context of the current shell. For example, you can provide shell commands and arguments in the format of a string to eval, and it will execute it as if it were a shell command. This is particularly useful ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.