Lect11 / 12 - Basic Analysis Flashcards
Explain the following ls commands:
- # ls -l
- # ls -R
- # ls -lt
- # ls -Rlth
- # ls -l => long list (size and dates)
- # ls -R => recursive list
- # ls -lt => sort by modification date
- # ls -Rlth => show human readable size
How does this command looks like:
“find, starting in /mnt/analysis, by name, file with .jpg extension”
find /mnt/analysis -name *jpg
Other Parameters:
- -type f : files
- -type d : directories
- -name : by name
- -iname : by name (case insensitive)
- -many others : read the man page
How can you execute a command based on the find result (e.g. md5hash)?
# find /mnt/analysis -type f -exec md5sum {} \;
or
# find /mnt/analysis -name *.jpg -exec md5sum {} \;
How can you determine the filetype by showing the first line in hex?
# xxd cat_Warmer.jpg | head -n 1
Explain the following grep options:
- # grep -i
- # grep -v
- # grep ^string
- # grep string$
- # grep [char]
- # grep ^$
- :case insensitive
- :reverse grep (exclude)
- :string at beginning of a line
- :string at the end of a line
- :group of characters
- :blank line
How can you use a keyword list with grep?
# grep -abif analysis/searchlist.txt fat_fs.raw > analysis/hits.txt
Parameters are:
- -f <filename> : Use filename as keyword list</filename>
- -i : Case insensitive
- -a : Search binary as text
- -b : Return bit offset of keyword hits
How can you replace control characters with new line characters using grep?
# tr ’[:cntrl:]’ ’\n’ < fat_fs.raw | grep -abif analysis/searchlist.txt
Viewing of different file types. How can you:
- stream the contents of a file to STDOUT
- paging viewer for documents (and command output)
- view MS Office docs from the command line (install first)
- view MS Office xml format files (.docx, etc.)
- for PDF files
- to view graphics from the command line
- cat
- less
- catdoc
- catdocx
- xpdf (or evince)
- xv or display
How to seek into the file to a specified number of bytes?
# xxd -s 75441 fat_fs.raw | head
Name commands to parse structured data:
- display contents of a file to STDOUT
- same, but reverse the contents
- search for patterns and strings in an object
- sort the contents [reverse, unique, etc]
- counts the number of words, lines and bytes in output
- “an output processing tool”.
- Replace or “translate” characters and sets
- “Stream editor” - processes text in a stream
- cat
- tac
- grep
- sort
- wc
- awk
- tr
- sed
How can you sort in alphabetical order and removes duplicates?
# cat names.txt | sort -u
How can you change the field delimiter in awk?
# cat file.txt | awk -F “,” ‘{print $1 $2 $3”\t”$NF}’
or
# awk -F “,” ‘{print $1 $2 $3”\t”$NF}’ <filename></filename>
$NF is normally the last field of a line as it stands for “number of fields”.
awk examples:
How to add tabulator in the output?
cat text.txt | awk ‘{print $1 “\t” $2}’
awk examples?
How to omit the header record?
# awk ‘NR!=1{print $1}’ file1
awk examples:
Print entire file content?
# awk ‘{print $0}’ file1
or
# awk ‘1’ file1
