Created
April 7, 2024 13:44
-
-
Save DanielChuDC/36dbe7b0f88c99c01784c380aea75538 to your computer and use it in GitHub Desktop.
write a bash script that will print a report for 1. list the input director content(could be contain multiple children folders) 1.a. if the input is a directory, recursive do 1. 1.b. if the input is a file, check the content
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
target_dirs="/opt/" | |
target_tools=" | |
scp | |
ssh | |
" | |
function print_report() { | |
local input="$1" | |
local indent="$2" | |
if [ -d "$input" ]; then | |
echo "${indent}Contents of directory: $input" | |
for item in "$input"/*; do | |
if [ -d "$item" ]; then | |
print_report "$item" " $indent" | |
elif [ -f "$item" ]; then | |
echo "${indent}File: $item" | |
echo "${indent}Content:" | |
local line_number=1 | |
while IFS= read -r line; do | |
printf "%s%s: %s\n" "$indent" "$line_number" "$line" | |
((line_number++)) | |
done < "$item" | |
echo "" | |
echo "" | |
fi | |
done | |
elif [ -f "$input" ]; then | |
echo "${indent}File: $input" | |
echo "${indent}Content:" | |
local line_number=1 | |
while IFS= read -r line; do | |
printf "%s%s: %s\n" "$indent" "$line_number" "$line" | |
((line_number++)) | |
done < "$input" | |
echo "" | |
echo "" | |
else | |
echo "Error: Input is neither a file nor a directory" | |
fi | |
} | |
echo "Checking for system tools in target directories..." | |
echo "" | |
for tool in $target_tools; do | |
echo "Searching for tool: $tool" | |
echo "" | |
for directory in $target_dirs; do | |
echo "Directory: $directory" | |
echo "" | |
print_report "$directory" " " | |
done | |
done |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This script serve as a reminder for several potential vulnerabilities in the script that could be exploited:
Command Injection: The script uses variables directly in echo statements without proper sanitization.
Unsanitized Input: The script does not validate or sanitize user input.
File Path Manipulation: The script does not check for malicious file paths.
Arbitrary Code Execution: The script executes commands such as cat and printf without proper input validation.