Читать книгу Kali Linux Penetration Testing Bible - Gus Khawaja - Страница 42

One more thing to learn in the world of text files is the search mechanism. There are so many ways to search and filter out text, but the popular ones are as follows:

 grep

 awk

 cut

You've seen me using the grep command a lot. This filter command is structured in the following way:

$grep [options] [pattern] [file name]

Let's say you want to search for the word password in all the files starting from the root system ( / ).

root@kali:/# grep -irl "password" / /boot/grub/i386-pc/zfscrypt.mod /boot/grub/i386-pc/normal.mod /boot/grub/i386-pc/legacycfg.mod

Here's what the options mean:

 ‐i : To ignore case and include all the uppercase/lowercase letters

 ‐r : To search recursively inside subfolders

 ‐l : To print the filenames where the filter matches

As another example, let's say you want to count the number of occurrences of the word password in the dictionary file rockyou.txt :

root@kali:/# cd /usr/share/wordlists/ root@kali:/usr/share/wordlists# grep -c "password" rockyou.txt 3959

The awk command is an advanced tool for filtering text files, and it uses the following pattern:

$awk /[search criteria]/ [options] [file name]

For example, let's say you want to search for the text root inside the /etc/passwd file:

root@kali:/# awk '/root/' /etc/passwd root:x:0:0:root:/root:/bin/bash nm-openvpn:x:125:130:NetworkManager OpenVPN,,,:/var/lib/openvpn/chroot:/usr/sbin/nologin

Let's take the challenge one more step further. Let's say you want to extract the password of the root in the /etc/shadow file (you can print the whole thing first so you can visualize the difference of before and after):

root@kali:/# awk '/root/' /etc/shadow root:$6$uf2Jy/R8HS5Tx$Vw1wHuBV7unq1hImYGTJdNrRwMwRtf0yd/aSH0zOhhdzWofAT5WUSduQTjWj8AbdmT62rLbcs6kP3xwdiLk.:18414:0:99999:7::: root@kali:/# awk -F ':' '/root/{print $2}' /etc/shadow $6$uf2Jy/R8HS5Tx$Vw1wHuBV7unq1hImYGTJdNrRwMwRtf0yd/aSH0zOhhdzWofAT5WUSduQTjWj8AbdmT62rLbcs6kP3xwdiLk.

We know that the shadow file is using the : delimiter to separate the sections, so we use ‐F ':' to get the job done. Then, we tell the tool to print only the second part of the delimiter {print $2} , which is the hashed password contents.

Another popular way to extract substrings is the cut command. In the following example, we use the cat command to open the shadow file; then we use the grep command to filter out the root account, and finally, we use the cut command to extract the password:

root@kali:/# cat /etc/shadow | grep "root" | cut -d ":" -f 2 $6$uf2Jy/R8HS5Tx$Vw1wHuBV7unq1hImYGTJdNrRwMwRtf0yd/aSH0zOhhdzWofAT5WUSduQTjWj8AbdmT62rLbcs6kP3xwdiLk.