Difference between revisions of "The Script/Linux"

From Vista Ridge Cyberpatriot
Jump to navigation Jump to search
(Created page with "== Bash Scripting == Bash is a programming language commonly used to automate tasks in Linux because it's included in nearly every distribution of Linux. In fact any Linux ter...")
 
 
Line 1: Line 1:
 
== Bash Scripting ==
 
== Bash Scripting ==
 
Bash is a programming language commonly used to automate tasks in Linux because it's included in nearly every distribution of Linux. In fact any Linux terminal that you use is probably using bash to interpret what you type, but it can also be used non-interactively by writing Bash code into a file and executing it all at once. If you've programmed in other languages before, know that Bash's syntax is very different to other languages. The main reason that it's often better to write code for CyberPatriot in Bash instead of, for example, Python, is because it gives you easy access to many commands that are useful for interacting with the operating system, such as starting and stopping services, and the bash interpreter is preinstalled on almost all distributions of Linux. However Python should probably be used for scripts with more complex logic.
 
Bash is a programming language commonly used to automate tasks in Linux because it's included in nearly every distribution of Linux. In fact any Linux terminal that you use is probably using bash to interpret what you type, but it can also be used non-interactively by writing Bash code into a file and executing it all at once. If you've programmed in other languages before, know that Bash's syntax is very different to other languages. The main reason that it's often better to write code for CyberPatriot in Bash instead of, for example, Python, is because it gives you easy access to many commands that are useful for interacting with the operating system, such as starting and stopping services, and the bash interpreter is preinstalled on almost all distributions of Linux. However Python should probably be used for scripts with more complex logic.
====Here's an example of a bash program that asks the user for a password and compares it to a preset password.====
+
===Bash Scripting tutorial===
<nowiki>
+
https://www.youtube.com/watch?v=tK9Oc6AEnR4&t=2589s
printf "Enter your password: "
+
===Command Line tutorial===
read input
+
https://www.youtube.com/watch?v=ZtqBQ68cfJc&t=5139s
 
+
* This video is really really long so you can jump around, but it covers pretty much all of the essential commands
if [[ "$input" == "secretpassword" ]]; then
+
===More important commands===
printf "correct\n"
+
* sed
else
+
https://www.youtube.com/watch?v=nXLnx8ncZyE
printf "incorrect\n"
+
* cut
fi
+
https://www.youtube.com/watch?v=GYP2T34v56E
</nowiki>
+
===Useful one liners===
Here's a breakdown of how this code works:
+
These are useful commands or chains of commands to remember or write down for CyberPatriot
* <code>printf</code> is a command which prints text to the screen. The text is specified by its first argument.
+
<br></br>
* <code>read</code> is a command which takes user input, and puts it into a variable, specified by its first argument. The variable is named "input" here, but it can be named anything.
+
<code>grep "sh$" /etc/passwd</code>
* Next there's an "if statement". "if statements" start with the keyword "if", then a condition enclosed in double brackets (There must be a blank space surrounding both sides of the variables within), and lastly a semicolon and the keywork "then". This is equivalent to an opening brace in other programming languages. The code placed after the if statement but before the keyword "else", is executed if the condition is true. The code after "else", but before "fi", is executed if the condition is false. The indentation is not required.
+
* Lists all of the users on the system, plus the root user. It includes extra information, but the usernames are before the first colon.
* <code>printf</code> is used again to printf "correct" or "incorrect", but these times it includes a '\n' at the end, which represents a new line.
+
<br></br>
====Here's an example of another short script, but this time it's more relevant to CyberPatriot. It finds every user on the computer and changes their password to something.====
+
<code>find /home -name "*\.mp[34]" -o -name "*\.mov" -o -name "*\.webm"</code>
<nowiki>
+
* Finds all files which end in ".mp3", ".mp4", ".mov", or ".webm", which are usually not allowed to be in user's directories.
users=$(grep "sh$" /etc/passwd | cut -d':' -f1)
+
<br></br>
 
+
<code>sudo rm /directory/of/files/to/delete/*</code>
for user in ${users[@]}; do
+
* This deletes all of the files within a certain directory (make sure to include the asterisk at the end). Fore example <code>sudo rm /home/jim/Music/*</code>
    printf "SuperSecretPassword\nSuperSecretPassword\n" | passwd $user
+
==Baselining Technique==
done
+
A good way to get a lot of points with scripts is trying to get the configuration files of the computer that you're working on to be as close as possible to configurations that you know are secure. Some of the most important configuration files to do this for are /etc/pam.d/common-password, /etc/sudoers, /etc/ssh/sshd_config, /etc/login.defs, /etc/apt/sources.list and /etc/sysctl.conf. A secure version of these configuration files can be created by creating a virtual machine of Ubuntu, and then researching how to secure these files. You can then transfer these files to a computer that you're working on during a competition. Before you overwrite the original files on that computer however you should do two things:
</nowiki>
+
* Check the README for specific configurations they may want. For example they may want SSH to be on a different port than default, or give a user special sudo rights. These have to be integrated into your config files before you copy those files into their locations.
In Progress
+
* Make a backup of the original file. (this can be scripted). For example to make a backup of the sources.list file:
 +
<br>
 +
<code>sudo cp /etc/apt/sources.list /etc/apt/sources.list.bak</code>
 +
<br></br>
 +
Then copy your secure config to its correct location in the computer (cp overwrites files):
 +
<br>
 +
<code>sudo cp ./sources.list /etc/apt/sources.list</code>

Latest revision as of 02:06, 21 July 2024

Bash Scripting[edit | edit source]

Bash is a programming language commonly used to automate tasks in Linux because it's included in nearly every distribution of Linux. In fact any Linux terminal that you use is probably using bash to interpret what you type, but it can also be used non-interactively by writing Bash code into a file and executing it all at once. If you've programmed in other languages before, know that Bash's syntax is very different to other languages. The main reason that it's often better to write code for CyberPatriot in Bash instead of, for example, Python, is because it gives you easy access to many commands that are useful for interacting with the operating system, such as starting and stopping services, and the bash interpreter is preinstalled on almost all distributions of Linux. However Python should probably be used for scripts with more complex logic.

Bash Scripting tutorial[edit | edit source]

https://www.youtube.com/watch?v=tK9Oc6AEnR4&t=2589s

Command Line tutorial[edit | edit source]

https://www.youtube.com/watch?v=ZtqBQ68cfJc&t=5139s

  • This video is really really long so you can jump around, but it covers pretty much all of the essential commands

More important commands[edit | edit source]

  • sed

https://www.youtube.com/watch?v=nXLnx8ncZyE

  • cut

https://www.youtube.com/watch?v=GYP2T34v56E

Useful one liners[edit | edit source]

These are useful commands or chains of commands to remember or write down for CyberPatriot

grep "sh$" /etc/passwd

  • Lists all of the users on the system, plus the root user. It includes extra information, but the usernames are before the first colon.



find /home -name "*\.mp[34]" -o -name "*\.mov" -o -name "*\.webm"

  • Finds all files which end in ".mp3", ".mp4", ".mov", or ".webm", which are usually not allowed to be in user's directories.



sudo rm /directory/of/files/to/delete/*

  • This deletes all of the files within a certain directory (make sure to include the asterisk at the end). Fore example sudo rm /home/jim/Music/*

Baselining Technique[edit | edit source]

A good way to get a lot of points with scripts is trying to get the configuration files of the computer that you're working on to be as close as possible to configurations that you know are secure. Some of the most important configuration files to do this for are /etc/pam.d/common-password, /etc/sudoers, /etc/ssh/sshd_config, /etc/login.defs, /etc/apt/sources.list and /etc/sysctl.conf. A secure version of these configuration files can be created by creating a virtual machine of Ubuntu, and then researching how to secure these files. You can then transfer these files to a computer that you're working on during a competition. Before you overwrite the original files on that computer however you should do two things:

  • Check the README for specific configurations they may want. For example they may want SSH to be on a different port than default, or give a user special sudo rights. These have to be integrated into your config files before you copy those files into their locations.
  • Make a backup of the original file. (this can be scripted). For example to make a backup of the sources.list file:


sudo cp /etc/apt/sources.list /etc/apt/sources.list.bak

Then copy your secure config to its correct location in the computer (cp overwrites files):
sudo cp ./sources.list /etc/apt/sources.list

Retrieved from "https://cypat.rainbowunicorn.org/index.php?title=The_Script/Linux&oldid=325"