Obfuscating human-readable text by using hexadecimal views.
How to convert to and from hex dumps using xxd
Motivation
In an earlier article, I explained the use of compiled binary files to hide the code run within them:
https://daniel-ellis.medium.com/compiling-a-shell-script-to-binary-8dac07b770df
However, it is not possible to set environmental variables using this method. MD5 checksums were considered, however, these are NOT reversible, so naturally, we ended up using the hexadecimal representation of our text.
XXD
Text File Conversion
Conventionally xxd
is used to convert a text file — e.g.
echo "Magic Text " > text_dump
into a hex dump file. Although it is possible to convert into a binary dump using the -b
flag, this includes a copy of the initial string which defeats the purpose of what we are after.
Instead, we use the postscript continuous hex dump style produced with the -p
flag.
xxd -p text_dump > dump
To reverse the process we can use the -r
flag
xxd -r -p dump
String to Plain HexDump format
Applying the same principle to a text string. Using echo we can redirect a string into xxd
and use the same plain hex dump style as before.
xxd -p <(echo "Hi how are you?")
This produces the following output:
486920686f772061726520796f753f0a
To convert this back into the string we can use the reverse flag:
xxd -p -r <(echo "486920686f772061726520796f753f0a")
and re-obtain our original string.
Setting the ENV variables
Combining this with a pipe we can now set our environmental variables using this non-human readable code:
export MYVAR=`xxd -p -r <(echo "486920686f772061726520796f753f0a")`
And here the variable $MYVAR
now returns:
echo $MYVAR;>> Hi how are you?
And there we have it, a way to set environmental variables using non-human readable text.