Below are selected solutions for the Chapter 5 workshop questions from Cybersecurity Ops with bash.
Question 1
Write the command to search the filesystem for any file named dog.png.
Answer
You can use the find command to search the file system:
Question 3
Write the command to search the file system for any file containing the text secret or confidential and copy the file to your current working directory.
Answer
You can combine the find command with the exec option to invoke the egrep command to search the content of each file, and then the cp command to copy any matching files to the current working directory:
Question 8
Modify winlogs.sh to indicate its progress by printing the logfile name over the top of the previous logfile name. (Hint: Use a return character rather than a newline.)
Answer
The winlogs.sh script contains the line below that prints the name of each log file to the screen.
The echo command automatically prints a newline after each iteration. To print everything on the same line you can replace echo with the printf command and the carriage return (\r) character.
Note that the carriage return only moves the cursor to the beginning of the line, it does not clear the line. If the next item to print is shorter than the previous item some of the previous item's text will remain on the line. We will discuss how to solve this in Chapter 12 with the tput command.
Anyone solve question 5? I am curious about the answer.
Answer to Question 6.
#!/bin/bash -
#
# Cybersecurity Ops with bash
# mod-hashsearch.sh
#
# Description:
# Recursively search a given directory for a file that
# matches a given SHA-1 hash
#
# Usage:
# hashsearch.sh [-1] <hash> <directory>
# -1 - option to quit search after finding a match. If the option is not specified, it will keep searching for additional matches.
# hash - SHA-1 hash value to file to find
# directory - Top directory to start search
#
NEG1=0
if (( $# > 0 ))
then
if [[ ${1:0:2} == '-1' ]]
then
NEG1=1 # flag to quit after finding a hash match
shift