I was provided a shell script that is self decrypting, self unzipping, and checks if the file has been tampered with using an encrypted MD5 sum. The file uses the filename, command line parameters and some trial data to create the encryption key in a shell variable which it uses to decrypt an embedded encrypted zip file and execute the actual code (which immediately deletes the unencrypted file after it executes).
I managed to decrypt the file because the code write a hidden file to /tmp before it deletes the unencrypted file and running chattr +a /tmp keeps the file from being deleted after it executes. The problem I'm having is that I can't run the command source filename.sh because the file is "binary". I cloned the source code from git and modified three .c source files to let me execute source filename.sh. This allowed me to actually view the password (because they don't clear the variables after execution) by typing in echo $PASSWORD_VARIABLE. The point is, their is a legitimate use for sourcing Binary Shell Scripts and BASH as is, won't let you do this. Maybe not allow it by default but have a parameter to ignore the file check to see if it is binary. Jason Hall
