Below are selected solutions for the Chapter 13 workshop questions from Cybersecurity Ops with bash. Note - These are just examples, many possible solutions exist.

Question 1

Create a pipeline of commands that uses curl to retrieve a web page and then display any email addresses found on the page to the screen.

Answer

You can pipe the output from curl into grep to extract standard format email addresses.

The -s option for curl disables the status message.

The -P option for grep enables the Perl regular expression engine, and the -o option only outputs the part of the line that matches the given expression.

The regular expression is long, so lets break it down.

The first section of the expression matches the local-part of an email address. For example, if an email address is test@digadel.com, test is considered the local-part. This part of the email address can contain many, but not all of the printable characters.

The next part of the expression is the @ symbol, which separates the local-part and domain of an email address.

The last part of the expression is the domain portion of the email address. The domain portion can only contain letters, numbers, and the period and dash characters.

Note that this is not a perfect regular expression, and it may match on items that are similar to an email address. This method will not work if the email address is constructed on the client side using JavaScript or a similar technique since curl does not actually render the web page.