Today I took some time to do a quick write up about Bash. I am very interested in programming and scripting. If their is one piece of advice that stuck with me, its the fact that automation is essential. Looking back to a company I worked for briefly, the technician was doing a job which required him to map network drives. I remember how tedious this was as it was being performed on several machines. Years later when I took a deeper dive into my passion I found that this could have all been avoided.
One method within a Linux environment is Bash. To my understanding it is essentially a programming language or often referred to as a scripting language. Giving the developer the ability to write code within a shell. Allowing for the same syntax used within Linux. Super cool! Unlimited opportunity. Many professional hackers and those alike develop these small programs to automate scanning and pen-testing. Today’s example is a script that updates the system along with some small logging functionality.
Starting with the Shebang (#!) this line signifies how the file will be executed. For this example we are writing a script in Bash. Followed by the variables d and t. These defined the date and time along with its format. The name of the variable is able to be changed to whatever you see fit. Notes are very useful when writing a program or script. In this case it was not necessary but I wanted to highlight the importance and show how its done. Simply place a # followed by the comment (ex: # Greeting). This way if I were to come back and wanted to update the Greeting message I can find it with ease.
The next line is the code we execute in order to update/upgrade the system. This may change from one Linux distribution to the next, within Kali the apt-get is used. The update command will pull the necessary information followed by the upgrade command. The upgrade command will perform the installation. The -y option allows this script to run without any interaction from the user.
Two things I did not mention include echo and >>. The echo command allows for text to be displayed to the user executing the file. The >> command writes to a file. So in this case instead of writing to screen we decided to write the update started with time/day to a update.log file. Once this update is complete it will then write out that the update is complete within the .log file. If this file does not exist it will create its own. You can also decide the path for the file, otherwise it will create within its current directory.
Awesome! We now have a file called update. Lets run it. Well first before we can do that we must give the permissions. With listing the files using the -la options we noticed that update file is showing rw-r–r–. I can explain this in another writeup but for the purpose of this example we are looking for an x. The x will grant the permission to execute said file.
A quick way to do this would be running the chmod +x update command. The +x option will add the executable option for all users/groups.
Another way we could do this is by setting the individual permissions with its associated binary. For instance to set read/write/executable rights for the owner we would use chmod 700 update. As you can see rwx——. The color of the file has also changed, showing its ability to be executed.
In order to run the application you will use the sudo ./ command, followed by the filename. As you can see in the picture above it started the update/upgrade process. Since everything was up to date nothing was changed.
At this point we know that it writes to a .log file. This can be useful when trying to figure out when the last time it was updated. We can view the file by using the cat command. This will read out the file to screen. We could also use the less command. The less will allow scrolling and get rid of everything else for a better view of what is actually going on. Since their is not much on this .log we can stick to the cat for now.
One of my favorite commands and functions within Linux is grep. Lets say this log file has grown over time. We now have multiple pages showing various updates being completed or not completed. We can cat the update.log file along with piping it to the grep command. With grep we can then search for a particular string of text. In this example I was concerned about updates being performed on 2021-07-06. It will then only display updates or actions performed on that day and nothing else.
Although very simple, I had a lot of fun with this. I have been running a similar setup for sometime now for my own labs just for fun. The update.log functionality I added recently. This was because I want to internalize the idea that logging/monitoring is critical to a successful environment. We could also go a lot further with this by automating the script. For example we can place this in a directory that runs on startup this way it will update on each login. Or we can look into using a function called cronjobs. This will allow scheduling for anything we deem necessary. I hope whoever reads this can take something away, I know I did! #NeverStopLearning