-
-
Notifications
You must be signed in to change notification settings - Fork 345
/
ChangeLog
242 lines (124 loc) · 5.94 KB
/
ChangeLog
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
CHANGES
4.0.3 Tue Nov 20 08:22:20 UTC 2018
* Enhance -H flag by intika <https://github.com/intika> (Hide commands arguments from ps and cmdline)
* Remove -s flag (experimental feature not working as expected by intika <https://github.com/intika>)
4.0.2 Mon 01 Jul 2019 02:57:36 PM UTC
* Fix typo
* Fix NULL-ptr dereference in shll string (Thanks to Ren Kimura<https://github.com/RKX1209>)
4.0.1 Tue Nov 20 08:22:20 UTC 2018
* Add LDFLAGS environment variable (Thanks to zboszor <https://github.com/zboszor>)
4.0.0 Mon Nov 12 16:54:56 UTC 2018
* Add -H option for extra security without root (Thanks to intika <https://github.com/intika>). It protects against dumping, code injection, `cat /proc/pid/cmdline`, ptrace, etc.. (only works with Bourne shell (sh) scripts with no parameter)
* Add -s option to force single process for hardening features (requires -H) <https://github.com/intika>. (only works with Bourne shell (sh) scripts with no parameter)
* dash support
3.9.8 Sat Oct 20 17:49:28 UTC 2018
* Add setuid option -S (Thanks to Boon Pang <https://github.com/wombat78>)
3.9.7 Sat Oct 20 15:25:13 UTC 2018
* Fix issue #58
3.9.6 Sat Jun 3 10:05:03 UTC 2017
* Fix issue #38
3.9.5 Wed May 31 01:35:33 UTC 2017
* Fix issue #36
3.9.4 Sat May 13 18:46:05 UTC 2017
* Fix issue #23 (debian bug #861180) (Thanks to original author Francisco Rosales <frosal@fi.upm.es>)
3.9.3 Sat Jul 30 18:46:34 BDT 2016
* zsh support
* Fix issue #13 (https://github.com/neurobin/shc/issues/13)
3.9.2 Fri Aug 21 16:12:33 BDT 2015
Added BusyBox support with patch taken from:
https://onedrive.live.com/prev?cid=18a41d08a9f3c543&id=18A41D08A9F3C543!231&authkey=!AJQ6Iah_5D3WJ60&v=TextFileEditor
as suggested by https://github.com/marcoburatto
3.9.1 Fri Apr 03 00:22:11 GMT 2015
Renamed option -T to -U and reversed it's logic.
So now, the executable prepared will execute without using sudo,
by default.
3.9.0 Wed Apr 01 08:35:22 AM GMT 2015
(http://github.com/neurobin)
Added output file option with [-o filename]
and fixed bug on make install (manual install failed)
Now you can access manual by entering command: man shc
in a terminal.
3.8.9 Wed Apr 25 09:24:25 CEST 2012
Thanks to Giacomo Picconi <giacomo.picconi@gpstudio.com> for:
- Fixing a long standing bug making the source not hidden.
3.8.8 Mon Nov 28 11:26:25 CEST 2012
"me".
3.8.7 Wed Feb 10 20:40:37 CET 2010
- Bug on 64bit systems with expiration dates.
3.8.6 Fri Jul 7 15:54:39 CEST 2006
Thanks to George Danchev <danchev@spnet.net> for:
- License clarification about the rc4 implementation.
3.8.5 Fri Oct 21 13:11:36 CEST 2005
Thanks to Jukka A. Ukkonen <jau(a)iki.fi> for:
- Fixed untraceable() problems on FreeBSD.
3.8.4 Tue Oct 4 16:52:15 CEST 2005
Thanks to Ron McOuat for:
- Fixed sma11 -d option bug.
3.8.3 Tue Jun 28 21:29:06 CEST 2005
Thanks to Jacek Kalinski <jacek@dyski.one.pl> for:
- Fixed bug: "vfork" fails on multiprocessor systems.
3.8.2 Thu Jun 16 17:15:59 CEST 2005
Thanks to Arjen Visser <arjen.visser@avisit.co.nz> for:
- Fixed bug: "rlax" used after encryption.
Thanks to Nalneesh Gaur <Nalneesh.Gaur@accenture.com> for:
- Read permision of the script.x exposes it to disassembling.
- Group and others read permision is now removed by default.
3.8 Thu Nov 4 20:33:52 CET 2004
Fixed incorrect implementation on rc4.
Hidden all the binary executable symbols but one.
Expiration date and most strings are encrypted too.
All the encrypted payload is now randomized.
3.7 Wed Jun 18 16:32:26 CEST 2003
Thanks to Philipp Koller <philipp@open.ch> for:
- Removed all strings in the compiled script.
- Improved program output and error messages.
- The -m option allows to define the *complete* expiration message.
- Updated manpage shc.1.
Thanks to Bryan <bryan.hogan@dstintl.com> for:
- Fix wrong $0 on ksh.
3.6 Fri Feb 21 09:40:32 CET 2003
Two new options:
-D switch on Debug exec calls.
-T switch off unTraceable.
Bash does not need -- after -c.
3.5 Mon Jan 20 19:08:43 CET 2003
Rewrite of large strings to silence the ISO C89 compiler
warnings about strings larger than 509 characters.
3.4 Tue Apr 16 17:43:12 CEST 2002
Remove "bad alignment" problem on AIX and other systems.
Where exists, use /proc/<pid>/as in untraceable.
3.3 Thu Jan 24 21:27:07 CET 2002
Prevent to ptrace the process.
3.2 Tue Mar 9 19:03:54 CET 1999
Find ancient pclose that must be fclose.
3.1 Tue Feb 16 21:36:59 CET 1999
Fixed a misbehavior on scripts with a in-frist-line option
equal to "end of options" (i.e. #!/bin/sh -- )
(Thanks to Bernard Blundell <blundell@lts.sel.alcatel.de>)
Stupid GCC "warning: return type of `main' is not `int'" removed.
3.0 Tue Oct 14 14:20:52 MET DST 1997
Added a new option "-r" to force a relaxed security and
so make a redistributable binary.
Modified expiration day format. Now is dd/mm/yyyy.
3.0b3 Fri Jun 6 22:09:05 WET DST 1997
Yet other few bugs fixed.
Output format simplified.
-pedantic compilation.
3.0b2 Tue Jun 3 17:51:51 GMT 1997
Some explicit type conversions removed.
Fixed the bug "END_OF_FILE" when compiling the generated code.
A flush is needed before a pclose.
st_blksize and st_blocks struct stat fields does not exist on
SCO, both not used now.
3.0b1 Wed Feb 26 14:27:22 WET 1997
The main difference with 2.4 is that in it the script was
compressed an then shuffle around, now int 3.0 the script is encripted
with an inline code, so not needend any external comand to work, and been
faster at startup. Other related adventage is that the only information
not encripted in .x.c is an stamp, expiration date and provider email
address.
Something equivalent to cheksums have been used to enforced at
execution that the executing shell has not been modified from the time
the script was compiled. If anybody tries to change the excuting shell,
.x will refuse to execute.
The generated .x.c source code is now readable.