Notes:
Bash 101 Course
When performing
security assessments, it is very import that you have a repeatable
process. As you become familiar with more tools, you will want to
incorporate them into your process. Bash scripting is an easy way
in which this can be accomplished. Learn how to read, edit and
parse critical information that you need from the output of various
tools. Take user's input and leverage multiple tools to perform
OSINT. Starting with the very basics and taking you through
functions and nested arrays, you will learn to build out your own
pentest framework that works for you.
A very import thing
to remember when scripting, is that there are many ways to solve a
particular problem. There is no right way. Whatever works for you,
is the best way.
Everything you do
from the command line can be scripted.
Many of the examples
in this class are the same types of commands, that when linked
together in a script, can create very useful programs.
My editors of
choice:
CLI - nano
GUI - gedit
Create a text file:
touch file
Creates an empty file.
pipe the output
of a command
ifconfig >
tmp
nano file
nano
ctrl v Next
page.
ctrl y
Previous page.
ctrl w Where
is (find).
ctrl k Cut
that line of test.
ctrl x Exit
editor.
Create a file and
append text to it:
ifconfig > tmp
echo >> tmp
How to view a file:
cat file
Show entire contents of file.
more file
Show one page at a time. Space bar for next page and (q) to
exit.
head file
Show the first 10 lines.
head -15 file
Show the first 15 lines.
tail file
Show the last 10 lines.
tail -15 file
Show the last 15 lines.
tail -f file
Useful when viewing the output of a log file.
pipe
Feeds the
output of one process to the input of another process.
cat tmp | grep
Bcast
Processes
ps aux
Show all running process for all users.
kill -9 PID
Nicely kill a PID.
Example
tab 2
ps aux | grep ping
kill -9 (ping PID)
tab 1
Verify that ping has stopped.
Example
tab 2
tail -f tmp2
tab 1
ctrl z (pauses the process), bg to background the process.
tab 2
You can still see the log growing.
tab 1
fg to foreground the process.
ctrl c to kill the
process.
tab 2
Verify the log file has stopped growing.
ctrl c to kill the
process.
Count the number of
lines in a file:
wc -l tmp2
cut
-d delimiter
-f fields
sort
sort -u file
Sort by unique.
Problem
Isolate the IP
address
cat tmp2 | cut
-d '(' -f2 | cut -d ')' -f1 | sort -u
awk
awk '{print
$1}' file Show the 1st
column.
awk '{print
$1,$5}' file Show the 1st
and 5th columns.
Problem
Show the 5
shortest and longest response times to a domain.
grep
grep -v
Remove a single string.
grep -v 'red' file
egrep -v
Remove multiple strings.
egrep -v '(red|white|blue)' file
sed
sed
's/FOO/BAR/g' file Replace
FOO with BAR.
sed 's/FOO//g'
file Replace FOO with
nothing.
sed '/^FOO/d'
file Remove lines that
start with FOO.
color
31=red 32=green
33=yellow 34=blue 35=magenta 36=cyan
echo -e
"\e[1;34mThis is a blue text.\e[0m"
Your first bash
script.
#!/bin/bash
clear
echo
echo
print "Hello
world."
Make a file
executable.
chmod +x file
chmod 755 file
Variables
name=Lee
echo $name
user=$(whoami)
echo $user
echo 'Hello'
$name. 'You are running as' $user.
Problem
Hello <your
name>. Your IP address is <your IP>.
Problem
Name <your
name>
IP <your IP>
Interface
<your interface>
User Input
read -p
"Domain: " domain
Check For No User
Input
if [ -z $domain
]; then
echo
echo
"#########################"
echo
echo
"Invalid choice."
echo
exit
Printable version of this article