Bash Flashcards
How can you quickly verify the version of Bash running on your system?
bash –version
What are Bash environment variables?
When running in a terminal, Bash loads a set of environment variables with every new session that gets invoked. Programs can use these environment variables for various purposes, such as discovering the identity of the user running the script, the location of their home directory, and their default shell.
How can you list the environment variables set by Bash?
- ‘printenv’
- ‘env’ with no additional arguments
The ‘env’ command can also be used to set specific environment variables and then execute a command with those variables.
What are the advantages of this shebang over simply hardcoding the full path to the desired interpreter?
’#!/usr/bin/env python’
Hardcoded shebang:
’#!/usr/bin/python’
Using ‘env’ in the shebang is better because ‘env’ will search for the specified utility (interpreter) with the PATH environment variable.
This means that the script will likely still work across different machines even if Python is installed in different locations.
From the ‘env’ documentation:
“The ‘env’ utility uses the PATH environment variable to locate the requested utility if the name contains no ‘/’ characters, unless the -P option has been specified”
What are some common default environment variables present in Bash?
BASH_VERSION: The bash version running
BASHPID: The process identifier (PID) of the current bash process
GROUPS: A list of groups the running user is a member of
HOSTNAME: The name of the host
OSTYPE: The type of operating system
PWD: The current working directory
RANDOM: A random number from 0 to 32,767
UID: The user ID (UID) of the current user
SHELL: The full pathname to the shell
What shebang makes your Bash scripts more portable?
!/usr/bin/env bash
The shebang line can also take optional arguments to change how the script executes. Examples include:
’#!/bin/bash -x’ prints all commands and their arguments as they are executed to the terminal (useful for debugging)
’#!/bin/bash -r’ creates a restricted bash shell, which restricts certain potentially dangerous commands (navigating to certain directories or modifying sensitive environment variables)
Suppose you have a Bash script named ‘map.sh’ that doesn’t have a shebang line and also doesn’t have an executable permission (+x) set. How can you run this script?
bash map.sh
Suppose you want to run a Bash script in ‘verbose mode’ to let you see the commands being executed for the purpose of debugging. How can you do this?
bash -x
The ‘-x’ option prints commands and their arguments as they are executed
How can you use debugging mode for just a certain section of your script?
Use the ‘set’ command to enable/disable debugging mode (-x) for just a subsection of your script:
set -x cat /etc/passwd | grep rpcbind echo $UID set +x ls -l
‘set’ is used to change/display shell options and positional parameters
In the above script, debugging mode is active for every command except for ‘ls -l’
How can you check the syntax of your Bash script without actually executing the commands?
bash -n
The ‘-n’ option tells Bash to read the commands but not execute them (essentially does a dry run of the script)
What is command substitution in Bash?
Command substitution allows you to use the output of a command as part of another command.
You can also use it to assign command output to a variable.
For command substitution, place your command(s) within the following characters:
$()
Is it valid syntax to assign a variable with spaces around the equals symbol?
No.
This is valid variable assignment syntax:
motd=“Welcome to the company network.”
How can you unassign a variable that has already been assigned?
Assume the variable “salt” has already been assigned.
‘unset salt’
The unset command in Bash is used to remove variables or functions from the current shell environment.
How do you create a local variable in Bash?
You can create a local variable in Bash by using the “local” keyword. Take the following code for example:
#!/bin/bash
function my_function() {
local my_variable="Hello World"
echo $my_variable
}
echo $my_variable
my_function prints “Hello World”echo $my_variable prints nothing, as the variable is local to the function
What are three common different methods of performing arithmetic operations in Bash?
- The “let” command
let "x = 5 + 3" - The double parentheses syntax “$(())”
x=$((5 + 3)) - The “expr” command
result=$(expr 5 + 3)
How could you find the sum of 4 and 5 using the following three arithmetic methods?
let $(()) expr
let "result=4 + 5” result=$((4 + 5)) result=$(expr 4 + 5)
Suppose you want to create an array named “addresses” that contains the following three IP addresses:
172.16.1.1
172.16.1.2
172.16.1.3
How could you do this?
addresses=(172.16.1.1 172.16.1.2 172.16.1.3)
Suppose you have the following array:
addresses=(172.16.1.1 172.16.1.2 172.16.1.3)
How could you use “echo” to quickly print all addresses in the array?
echo “${addresses[*]}”
The asterisk is a representation of every array element.
Suppose you have the following array:
addresses=(172.16.1.1 172.16.1.2 172.16.1.3)
How could you remove just the second element in the array?
unset addresses[1]
What are streams in Bash?
In Bash, “streams” refer to the channels used to transfer data between processes, commands, or files. Streams are central to how input and output are managed in Linux and Unix-like systems.
The three main streams are:
Standard Input (file descriptor: 0)
Standard Output (file descriptor: 1)
Standard Error (file descriptor: 2)
A file descriptor is a reference to an open file or resource maintained by the kernel.
Suppose you want to create two files named ‘test1’ and ‘test2’ but you only want to create the second file if the first file is successfully created. How can you do this in one simple line?
touch test1 && touch test2
If the && operator is found between two commands, the second command will only execute if the first command executes successfully.
Suppose you have three files in your current directory each named ‘conf1’, ‘conf2’ and ‘conf3’ respectively. With one line, how can you search for the text ‘## port:’ in these files but stop the search once you find the first file containing this text?
grep ‘## port:’ conf1 || grep ‘## port:’ conf2 || grep ‘## port:’ conf3
When there are two commands surrounding the || operator, the second command will only execute if the first command fails (exit code greater than 1) to execute successfully.
Suppose you want to list the contents of the root directory and you want to send the standard output to a file named ‘stdout.txt’ while sending the standard error to the ‘stderr.txt’ file. How could you do this in one simple line?
ls -l / 1> stdout.txt 2> stderr.txt
This above example uses the file descripter numbers to redirect command output to the standard output and standard error streams.
Suppose you want to list the contents of the root directory and you want to write (not append) both the standard output and the standard error to the ‘results.txt’ file. How could you do this in one simple line?
ls -l / &> results.txt
The ‘&>’ operator redirects both standard output and standard error.
If the ‘&»’ operator had been used then both the standard output and standard error would have been appended to ‘results.txt’ rather than written to the file.
What is here document redirection?
cat «_space;EOF
Black Hat Bash
by No Starch Press
EOF
——————————————–
The above ‘cat’ command will print out those two lines from the here document while preserving the newline characters.
‘EOF’ is the most commonly used delimiter for here documents. The delimiter marks the start and end points of the input.
In Bash, what is the difference between the ‘$@’ and ‘$*’ special variables?
The “$” with the quotes included will expand arguments into a single word. For example:
./script.sh “1” “2” “3”
“1 2 3”
On the other hand, the “$@” (again including the quotes), will expand arguments into separate words:
./script.sh “1” “2” “3”
“1” “2” “3”
The quotes in the script results are just for readability.
How could you prompt the user for input in a script while preserving all special characters and then store that input in a varible named “password’ ?
read -r -p "Please supply a password: " password
The ‘-p’ option allows you to display a prompt message to the user.
No special interpretation or escaping occurs for backslashes when using the ‘-r’ option with the ‘read’ command.
Without ‘-r’, if your input contains paths, regex patterns, or other strings where backslashes are significant, they might get unintentionally modified.
What are some of the most common options related to testing files with the Bash ‘test’ command?
‘-d’ checks whether the file is a directory
‘-r’ checks whether the file is readable
‘-x’ checks whether the file is executable
‘-w’ checks whether the file is writable
‘-f’ checks whether the file is a regular file
‘-s’ checks whether the file size is greater than zero
What are some of the most common string comparison operators used with the Bash ‘test’ command?
’==’ checks whether a string is equal to another string
’!=’ checks whether a string is not equal to another string
’<’ checks whether a string comes before another string (in
alphabetical order)
’>’ checks whether a string comes after another string (in
alphabetical order)
‘-z’ checks whether a string is null
‘-n’ checks whether a string is not null
What are some of the most common integer comparison operators used with the Bash ‘test’ command?
‘-eq’ checks whether a number is equal to another number
‘-ne’ checks whether a number is not equal to another number
‘-ge’ checks whether a number is greater than or equal to another number
‘-gt’ checks whether a number is greater than another number
‘-lt’ checks whether a number is less than another number
‘-le’ checks whether a number is less than or equal to another
number
What is the general outline for creating an ‘if else’ statement in Bash?
if [[condition]]; then
“do something if condition is true”
else
“do something if condition is fale”
fi
In some shells other than Bash, you may want to use single square
brackets ([…]) rather than double to enclose your condition.
This use of single brackets meets the Portable Operating System Interface standard and should work on almost any Unix derivative, including Linux.
Suppose you have to write a Bash function named “arg_print” that takes three arguments and then prints them out in sequence. How could you do this?
arg_print() {
echo “${1}”
echo “${2}”
echo “${3}”
}
You could then call this function as such (this example uses arg1, arg2 and arg3 as the commandline argumetn strings):
arg_print arg1 arg2 arg3
How could you write a ‘while’ loop that infinitely continues printing the text “Looping…” every 2 seconds?
while true; do
echo “Looping…”
sleep 2
done
This loop will continue forever until the script is interrupted with “Ctrl+C”
What is the difference between a ‘while’ loop and an ‘until’ loop in Bash?
A ‘while’ loop runs while a condition is true whereas an ‘until’ loop runs while a condition is false (or until a condition is true).
Other than the terms while/until, their syntax is identical.
How could one use a ‘for’ loop to iterate through and print out the following three IP addresses?
10.0.0.1
10.0.0.2
10.0.0.3
for address in “$@”; do
echo “${address}”
done
The use of “$@” in the above example is assuming that the addresses were all passed as commandline arguments.
Which ‘grep’ option allows you to print only the matched pattern, and not the entire line at which the matched pattern was found?
grep -o
How could you use ‘sed’ to delete the last line in the ‘log.txt’ file?
sed ‘$d’ log.txt
’$’ represents the last line while ‘d’ represents delete.
Using ‘sed’, how could you print only lines 2 through 15 of the ‘log.txt’ file?
sed -n ‘2,15 p’ log.txt
‘p’ stands for print in the ‘sed’ command.
The ‘-n’ option suppresses seds’ default behavior of echoing each line of input to the standard output after the processing is complete.
Suppose you have a script named ‘recon.sh’ and you wish to run it in the background and have it persist even if the terminal window is closed or the user logs out. How could you do this?
Assume you’re in the directory where ‘recon.sh’ is located.
nohup ./recon.sh &
Executing a command with the ‘nohup’ command prepended will tell the command to ignore the SIGHUP signal.
Another important thing about ‘nohup’ is that it will create a file named ‘nohup.out’ with standard output stream data.
What is the ‘source’ command in Bash?
The ‘source’ command executes the script within the current shell session. It does not start a new subshell in which to execute the script.
The ‘.’ command can also be used to source a file.
Variables, functions, and settings defined or modified in the script will persist in the current shell after the script completes.
What is the ‘script’ command in Bash?
The ‘script’ command allows one to capture terminal session activity in some output file. If no argument is supplied, the output file name will default to ‘typescript’.
The ‘-q’ option runs ‘script’ in quiet mode, suppressing messages that would normally be displayed to the terminal (this refers to messages at beginning and end of ‘script’ session).
The ‘-f’ option forces the output to the log file to be flushed immediately instead of being buffered.
What are the ‘-w’ and ‘-W’ options for the ‘ping’ command in Bash?
The ‘-w’ option defines a deadline. This is, in seconds, the total time to run the ‘ping’ command before it exits, regardless of how many packets that have been sent or received.
The ‘-W’ option defines a timeout which is, in seconds, how long ‘ping’ should wait for each individual ping request before considering the packet lost.
These options are useful for enumerating over a giant list of hosts, enabling you to ensure that ‘ping’ doesn’t get stuck on a single host.
Which command can be prepended to other commands to force them to exit after a certain amount of time?
‘timeout’
For example:
timeout 5s ping 8.8.8.8
The ‘s’ in ‘5s’ stands for seconds.
The ‘timeout’ command takes an interval in seconds, minutes, hours or days.
Suppose you have a variable named “$address” and you wish to sanitize by trimming all leading/trailing whitespace from the string. How could you do this and store the output in another variable named “$sanitzed_address”?
sanitzed_addres=$(echo "${address}" | xargs)
‘xargs’ can be used in its most basic form here to process the output of the ‘echo’ command by trimming the whitespace.
Suppose you want to use a “while read -r line” style loop to iterate over the output of a command as if it were a file. How could this be done?
Suppose you are iterating over the output returned by a curl request.
while read -r line; do
echo "${line}"
done < <(curl -s "${URL}")
The <(...) syntax, known in Bash as process substitution, creates a temporary file-like stream from the output of the command. It allows you to use the output of a command as input without creating an intermediate file.
Then, the ‘done <’ instructs Bash to take input from a file. This works because the previous process substitution will redirect its output in a file-like format.
How could you sort a file so that you have no duplicate lines in the output?
sort -u “file.txt”
The ‘-u’ option stands for unique. This will output only the first occurrence of a line, removing any duplicates from the output.
