unix – How come is this command returning “GET A LIFE!”? – Stack Overflow
Posted by jpluimers on 2025/06/11
Didn’t know nx had a scriptable RPN command-line calculator dc (for Desk Calculator) which does not seem to need white space characters in the input stream or input file.
It likely is a source for command-injection attacks given the question [Wayback/Archive] unix – How come is this command returning “GET A LIFE!”? – Stack Overflow, so I did a bit of digging and found this great platform:
- Site: [Wayback/Archive] Try It Online
What is TIO?
TIO is a family of online interpreters for an evergrowing list of practical and recreational programming languages.To use TIO, simply click the arrow below, pick a programming language, and start typing. Once you click the run button, your code is sent to a TIO arena, executed in a sandboxed environment, and the results are sent back to your browser. You can share your code by generating a client-side permalink that encodes code and input directly in the URL.…
Why TIO?
- TIO hosts 260 practical and 420 recreational programming languages, for a total of 681 languages.
- TIO listens: languages and features are added by request all the time. If you have a request or want to report a bug, use any of the contact options listed below.
- The TIO web app is free of charge, ad-free, and doesn’t use tracking cookies or third-party analytic scripts.
- The software that powers TIO is open source (MIT) and can be found on github.com/TryItOnline.
- TIO works great on mobile devices.
- Repositories: [Wayback/Archive] TryItOnline · GitHub
The best answer of the above question showed a, now dead, example on unix.com (which in the past presented itself as The UNIX and Linux Forums, but seems to have died from the end of 2024 until about mid februari 2025, and dislikes he Wayback Machine so none of their content was archived: web.archive.org/web//https://unix.com/ ), but luckily the the 2016 answer included the program called obfuscate to encode using dc quoted in full:
In UNIX fun stuff – echo and dc – obfuscate/garble a string sort of you can find the script to obfuscate strings like this, together with an explanation on how to use it:
If you save the following script in a file named obfuscate :
#!/bin/ksh # NAME: obfuscate -- obfuscate text read from one or more files into a # string that can be decrypted by the dc utility # # SYNOPSIS: obfuscate file... # # OPERANDS: file The name of a text file containing text to be # obfuscated or "-" to obfuscate text read from # standard input. # # APPLICATION USAGE: # To decrypt the obfuscated string produced by obfuscate, use: # obfuscate file | read string # Get obfuscated text # Note: Do not use "read -r string" in the above command! # printf '%s\n' "$string" # Show obfuscated text # echo "$string" | dc # Decrypt obfuscated text # # Although dc can produce artibrary length output, feeding the objuscated # string back into dc for decryption may be limited by {LINE_MAX} and/or # {ARG_MAX} restrictions. # Initialize a to ASCII character set (skipping NUL)... a='\1\2\3\4\5\6\7\10\11\12\13\14\15\16\17\20\21\22\23\24\25\26\27\30\31\32\33' a="$a"'\34\35\36\37 !"#$%&'"'"'()*+,-./0123456789:;<=>?@' a="$a"'ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`abcdefghijklmnopqrstuvwxyz{|}~\377' awk -v A="$a" ' function cline(inline, i) { printf("256*%d+\n", index(A, "\n")) for(i = length(inline); i; i--) { printf("256*%d+\n", index(A, substr(inline, i, 1))) } } BEGIN { print 0 } { line[NR] = $0 } END { for(i = NR; i; i--) cline(line[i]) printf("[[q]sa[ln0=aln256%%Pln256/snlbx]sb]Pn[snlbxq\n]Pq\n") }' "$@" | tee .dc_input | dcmake it executable with:
chmod +x obfuscateand execute the command:
printf "Hello World.\nAre we there yet?\nLet's go home, now!\n" | ./obfuscate - | read stringthen the command:
echo "$string"will give you:
[q]sa[ln0=aln256%Pln256/snlbx]sb26160072918627741401952510855241017735603346265259888938898171600856988789569756293233903076568696999873394858335331444040snlbxqand the command:
echo "$string"|dcwill give you:
Hello World. Are we there yet? Let's go home, now!(…) If won’t work with characters that aren’t in the 7-bit ASCII character set and it won’t work if the text you want to obfuscate contains any NUL bytes, and on many systems it won’t work if line in files you want to obfuscate are longer than LINE_MAX bytes and if the output produced by obfuscate produces a string longer than LINE_MAX, dc may not be able to decrypt it for you on some systems.
Anyway, I archived the link in that answer at least on Archive.is as [WaybackFailed/Archive] UNIX fun stuff – echo and dc – obfuscate/garble a string sort of – UNIX for Beginners Q & A / UNIX for Dummies Questions & Answers – Unix Linux Community
Via/related:
- [WaybackSave/Archive] nixCraft 🐧 on X: “step 1. open the terminal step 2. type the following command:
echo '[q]sa[ln0=aln256%Pln256/snlbx]sb5567320342535949633984860024054390510049758475925810612727383477870370412074937779308150930912981042snlbxq'|dcstep 3. enjoy!”
2025 is the year of the Linux on desktop. - [WaybackSave/Archive] mrdoornbos on X: “@nixcraft If you’re gonna run code from the internet you don’t understand, maybe start with:
docker run -it --rm alpine:latest shand then run it ;-)”
[Wayback/Archive] GgtiXBYWgAAfHEH.png:orig (491×157) via [Wayback/Archive] Tweet JSON
- [WaybackSave/Archive] Robert.Weber on X: “@nixcraft Powershell version
[string][char[]]("5569636765780784637269768063698669828979786912636685846369866982897978696367657863726976806383797769797869"-split'(..)'|?{$_}|%{32+$_;})-replace '‘”
- [Wayback/Archive] Thread by @pjacklam on Thread Reader App
@nixcraft Same output, but shorter input:
echo '[q]sa[ln0=aln122%Pln122/snlbx]sb360698489202065413784300826589719987121833731339886700900991472244598171071068839018178snlbxq'|dc1/2
@nixcraft … or with bash, an even shorter variant:dc<<<'[q]sa[ln0=aln122%Pln122/snlbx]sb360698489202065413784300826589719987121833731339886700900991472244598171071068839018178snlbxq'2/2
- [Wayback/Archive] Thread by @jcamdr70 on Thread Reader App (the Python script likely needs indentation; indentation is one of the things that Thread Reader App breaks)
#!/usr/bin/env python3
import sysdef string_to_large_number(input_string):
"""Convert a string into a large number representation."""
large_number = 0
for char in reversed(input_string): # Reverse the string before encoding
large_number = large_number * 256 + ord(char) # Shift existing digits and add ASCII value
return large_numberdef generate_dc_command(input_string):
"""Generate a `dc` shell command to encode a string into a large number."""
large_number = string_to_large_number(input_string + '\n') # Add newline at the end of the string
dc_command = (
f"echo '[q]sa[ln0=aln256%Pln256/snlbx]sb{large_number}snlbxq'|dc"
)
return dc_commanddef main():
if len(sys.argv) != 2:
print("Usage: ./text2dc.py \"\"")
sys.exit(1)input_string = sys.argv[1]
dc_command = generate_dc_command(input_string)
print(dc_command)if __name__ == "__main__":
main()
@nixcraft/text2dc.py "Hello, have a great day!"
echo '[q]sa[ln0=aln256%Pln256/snlbx]sb63591800935315900249655707427721863943623874439373208184136snlbxq'|dc
@nixcraftecho '[q]sa[ln0=aln256%Pln256/snlbx]sb63591800935315900249655707427721863943623874439373208184136snlbxq'|dc
Hello, have a great day!Yes it does: [WaybackSave/Archive] jcamdr on X: “@nixcraft #!/usr/bin/env python3 import sys def string_to_large_number(input_string): “””Convert a string into a large number representation.””” large_number = 0 for char in reversed(input_string): # Reverse the string before encoding large_number = large_number * 256″
#!/usr/bin/env python3 import sys def string_to_large_number(input_string): """Convert a string into a large number representation.""" large_number = 0 for char in reversed(input_string): # Reverse the string before encoding large_number = large_number * 256 + ord(char) # Shift existing digits and add ASCII value return large_number def generate_dc_command(input_string): """Generate a `dc` shell command to encode a string into a large number.""" large_number = string_to_large_number(input_string + '\n') # Add newline at the end of the string dc_command = ( f"echo '[q]sa[ln0=aln256%Pln256/snlbx]sb{large_number}snlbxq'|dc" ) return dc_command def main(): if len(sys.argv) != 2: print("Usage: ./text2dc.py \"<string>\"") sys.exit(1) input_string = sys.argv[1] dc_command = generate_dc_command(input_string) print(dc_command) if __name__ == "__main__": main() - [WaybackSave/Archive] Daniel Merja on X: “@nixcraft This command uses the dc utility, which is a reverse-polish notation (RPN) calculator found in Unix-like operating systems. The dc command processes the input script in RPN and performs mathematical operations or string manipulations.”
- [Wayback/Archive] dc: an arbitrary precision calculator | bc Commands | Man Pages | ManKier
…
dc is a reverse-polish desk calculator which supports unlimited precision arithmetic. It also allows you to define and call macros. Normally dc reads from the standard input; if any command arguments are given to it, they are filenames, and dc reads and executes the contents of the files before reading from standard input. All normal output is to standard output; all error output is to standard error.
…
Queries:
- [Wayback/Archive] “unix.com” – Google Search
- [Wayback/Archive] # Although dc can produce artibrary length output, feeding the objuscated # string back into dc for decryption may be limited by {LINE_MAX} and/or # {ARG_MAX} restrictions. – Google Search
--jeroen
The Wiert Corner - irregular stream of stuff 
Leave a comment