Lesson 10 D Identify Basics of Scripting

Question 1

Coding

Answer 1

means writing a series of instructions in the syntax of a particular language so that a computer will execute a series of tasks. There are many types of coding language

Question 2

There are many types of coding language and many ways of categorizing them, but three helpful distinctions are as follows:

Answer 2

• A shell scripting language uses commands that are specific to an operating system.
• A general-purpose scripting language uses statements and modules that are independent of the operating system. This type of script is executed by an interpreter. The interpreter implements the language for a particular OS.
• A programming language is used to compile an executable file that can be installed to an OS and run as an app.

Question 3

script

Answer 3

!/bin/bash

You can develop a script in any basic text editor, but using an editor with script support is more productive. Script support means the editor can parse the syntax of the script and highlight elements of it appropriately. For complex scripts and programming languages, you might use an integrated development environment (IDE). This will provide autocomplete features to help you write and edit code and debugging tools to help identify whether the script or program is executing correctly.

A Linux shell script uses the .SH extension by convention. Every shell script starts with a shebang line that designates which interpreter to use, such as Bash or Ksh. Each statement comprising the actions that the script will perform is then typically added on separate lines. For example, the following script instructs the OS to execute in the Bash interpreter and uses the echo command to write “Hello World” to the terminal:

echo ‘Hello World’

Remember that in Linux, the script file must have the execute permission set to run. Execute can be set as a permission for the user, group, or world (everyone). If a PATH variable to the script has not been configured, execute it from the working directory by preceding the filename with ./ (for example, ./hello.sh ), or use the full path.

Question 4

scripting languages

Answer 4

To develop a script in a particular language, you must understand the syntax of the language. Most scripting languages share similar constructs, but it is important to use the specific syntax correctly. A syntax error will prevent the script from running, while a logical error could cause it to operate in a way that is different from what was intended.

Question 5

Comments

Answer 5

!/bin/bash

It is best practice to add comments in code to assist with maintaining it. A comment line is ignored by the compiler or interpreter. A comment line is indicated by a special delimiter. In Bash and several other languages, the comment delimiter is the hash or pound sign ( # ).

Greet the world

echo ‘Hello World’

Question 6

Variables

Answer 6

A variable is a label for some value that can change as the script executes. For example, you might assign the variable FirstName to a stored value that contains a user’s first name. Variables are usually declared, defined as a particular data type (such as text string or number), and given an initial value at the start of the routine in which they are used.

An argument or parameter is a variable that is passed to the script when it is executed. In Bash, the values $1, $2 , and so on are used to refer to arguments by position (the order in which they are entered when executing the script). Other languages support passing named arguments.

Question 7

Branches and Loops

Answer 7

A script contains one or more statements. In the normal scheme of execution, each statement is processed in turn from top to bottom. Many tasks require more complex structures, however. You can change the order in which statements are executed based on logical conditions evaluated within the script. There are two main types of conditional execution: branches and loops.

Question 8

Branches

Answer 8

!/bin/bash

A branch is an instruction to execute a different sequence of instructions based on the outcome of some logical test. For example, the following code will display “Hello Bobby” if run as ./hello.sh Bobby , executing the statement under “else”. If run with no argument, it prints “Hello World”:

Demonstrate If syntax in Bash

if [ -z “$1” ]

then

echo ‘Hello World’

else

echo “Hello $1”

fi

-z tests whether the first positional parameter ( $1 ) is unset or empty.

Question 9

Loops

Answer 9

!/bin/bash

A loop allows a statement block to be repeated based on some type of condition. A “For” loop can be used when the number of iterations is predictable. The following command executes the ping command for each host address in 192.168.1.0/24:

Demonstrate For syntax in Bash

for i in {1..254}

do

ping -c1 “192.168.1.$i”

done

As well as “For” structures, loops can also be implemented by “While” statements. A “While” or “Until” loop repeats an indeterminate number of times until a logical condition is met. The following script pings the address supplied as an argument until a reply is received:

Demonstrate Until syntax in Bash

until ping -c1 “$1” &>/dev/null

do

echo “192.168.1.$1 not up”

done

echo “192.168.1.$1 up”

The condition executes the ping command and tests the result. When a reply is received, ping returns true. The &>/dev/null part stops the usual ping output from being written to the terminal by redirecting it to a null device.

Question 10

Operators

Answer 10

Looping and branching structures depend on logical tests to determine which branch to follow or whether to continue the loop. A logical test is one that resolves to a TRUE or FALSE value. You need to be familiar with basic comparison and logical operators:
look at pic

Question 11

Windows supports several distinct shell coding environments. The three commonly used are

Answer 11

PowerShell, Visual Basic Script, and the CMD interpreter.

Question 12

Windows PowerShell (PS)

Answer 12

Windows PowerShell (PS) combines a script language with hundreds of prebuilt modules called cmdlets that can access and change most components and features of Windows and Active Directory. Cmdlets use a Verb-Noun naming convention. For example, Write-Host sends output to the terminal, while Read-Host prompts for user input.

Microsoft provides the Windows PowerShell Integrated Scripting Environment (ISE) for rapid development. PowerShell script files are identified by the .PS1 extension.

Question 13

VBScript

Answer 13

VBScript is a scripting language based on Microsoft’s Visual Basic programming language. VBScript predates PowerShell. VBScript files are identified by the .VBS extension. VBScript is executed by the wscript.exe interpreter by default. Wscript.exe displays any output from the script in a desktop window or dialog. A script can also be run with cscript.exe to show output in a command prompt.

Question 14

Batch Files

Answer 14

A shell script written for the basic Windows CMD interpreter is often described as a batch file. Batch files use the .BAT extension.

Question 15

Bash and PowerShell/VBScript are closely tied

Answer 15

to the Linux and Windows operating systems respectively. There are many other platform-independent scripting and programming languages.

Question 16

JavaScript

Answer 16

JavaScript is a scripting language that is designed to implement interactive web-based content and web apps. Most web servers and browsers are configured with a JavaScript interpreter. This means that JavaScript can be executed automatically by placing it in the HTML code for a web page.

If not embedded within another file, JavaScript script files are identified by the .JS extension. The Windows Script Host (wscript.exe and cscript.exe) supports JavaScript. JavaScript is also supported on macOS for automation (along with AppleScript). This is referred to as JavaScript for Automation (JXA).

Question 17

Python

Answer 17

Python is a general-purpose scripting and programming language that can be used to develop both automation scripts and software apps. A Python project can either be run via an interpreter or compiled as a binary executable. There are several interpreters, including CPython (python.org) and PyPy (pypy.org). CPython is the simplest environment to set up for Windows.

Python script files are identified by the .PY extension. When using CPython in Windows, there is a console interpreter (python.exe) and a windowed interpreter (pythonw.exe). The extension .PYW is associated with pythonw.exe.

Question 18

One of the primary use cases for scripting is

Answer 18

basic automation. Automation means performing some series of tasks that are supported by an OS or by an app via a script rather than manually. When using a local script environment, such as Bash on Linux or PowerShell on Windows, the script can use the built-in command environment.

Question 19

Restarting Machines

Answer 19

In an ideal world, no OS would ever need restarting. While Windows has made some improvements in this respect, many types of installation or update still require a reboot. In PowerShell, you can use the Restart-Computer cmdlet. The -Force parameter can be used to ignore any warnings that might be generated.

Linux is famous for its ability to run for any period without requiring a restart. However, should the need arise, the command to restart the host in Bash is shutdown -r

Question 20

application programming interface (API)

Answer 20

When using a general-purpose language, such as Python, the script must use the operating system’s application programming interface (API) to “call” functions. These API calls must be implemented as modules. Python has many prebuilt modules for automating Windows, Linux, and macOS. For example, the os module implements file system, user/permission functions, and process manipulation for whatever environment the interpreter is installed to. You can also use the interpreter in a more specific context. For example, mod_python implements a Python interpreter for the Apache web server software.

Question 21

Remapping Network Drives

Answer 21

In a Windows batch file, the net use command performs drive mapping. The same thing can be done with PowerShell using the New-PSDrive cmdlet. This type of script demonstrates the need for error handling. If you try to map a drive using a letter that has been assigned already, the script will return an error. You can anticipate this by using an If condition to remove an existing mapping, if present:

If (Test-Path L:) {

Get-PSdrive L | Remove-PSDrive

}

New-PSDrive -Name “L” -Persist -PSProvider FileSystem -Root “\MS10\LABFILES”

Error handling is an important part of developing robust scripts.

Network drive mapping is a Windows-only concept. In Linux, a file system is made available by mounting it within the root file system, using the mount and umount commands.

Question 22

Installation of Applications

Answer 22

In Windows, a setup file can be executed in silent mode by using the command switches for its installer. Installers are typically implemented either as .EXE files or as Windows Installer (.MSI) packages. To use an EXE setup in a batch file, just add the path to the installer plus switches:

C:\David\Downloads\setup.exe /S /desktopicon=yes

To use a Windows Installer, add the msiexec command:

msiexec C:\David\Downloads\install.msi /qn

You can also run these commands directly in a PowerShell script. However, the Start-Process cmdlet gives you more options for controlling the installation and handling errors.

In Linux, scripts are often used to compile apps from source code. You could also use a script to automate APT or YUM package management.

Question 23

Initiating Updates

Answer 23

In Windows, the wusa.exe process can be called from a batch file to perform typical update tasks. In PowerShell, the PSWindowsUpdate module contains numerous cmdlets for managing the update process. Most third-party applications should support update-checking via an API.

In Linux, you can call apt-get/ apt or yum from your Bash script. The -y option can be used to suppress confirmation messages.

Question 24

Automated Backups

Answer 24

At the command prompt, a simple type of backup can be performed by using the ordinary file-copy tools, such as robocopy in Windows, or the script could call functions of a proper backup utility. The script can be set to run automatically by using Windows Task Scheduler or via cron in Linux.

Question 25

Gathering of Information/Data

Answer 25

In Windows PowerShell, there are hundreds of Get verb cmdlets that will return configuration and state data from a Windows subsystem. For example, Get-NetAdapter returns properties of network adapters and Get-WinEvent returns log data. You can pipe the results to the Where-Object and Select-Object cmdlets to apply filters.

Bash supports numerous commands to manipulate text. You can gather data from the output of a command such as ps or df , filter it using grep , format it using tools like awk or cut , and then redirect the output to a file.

printf “Processes run by $1 on $(date +%F) at $(date +%T) \n”&raquo_space; “ps-$1.log”

ps -ef | grep “$1” | cut “$((${#1}+9))-“&raquo_space; “ps-$1.log”

This script reports processes by the username supplied as an argument to a log file, using the argument variable to name the file. The printf command appends a header with the date, time, and username. The second line filters ps output by the username, uses the length of the argument variable plus nine to cut characters from each line, and appends the output to the same log file.

Question 26

Deploying any type of code comes with the risk of

Answer 26

introducing vulnerabilities. This means that deployment of scripts must be subject to best practices.

Question 27

Malware Risks

Answer 27

There are several ways that a custom script could be compromised to allow a threat actor to install malware or perform some type of privilege escalation.

If the interpreter is not a default feature, enabling it expands the attack surface. Threat actors use environments such as PowerShell to craft fileless malware.
The threat actor could modify the source code to make it act as malware. In effect, the threat actor is using the script as a Trojan.
The script could open a network port or expose some type of user form for input. If the script does not handle this input correctly, the threat actor could exploit a vulnerability to return unauthorized data or run arbitrary code.
To mitigate these risks, all script source code should be subject to access and version controls to prevent unauthorized changes. Code should be scanned and tested for vulnerabilities and errors before it can be deployed. Scripts should be configured to run with the minimum privileges necessary for the task.

Question 28

Inadvertent System-Settings Changes

Answer 28

Another risk is from non-malicious or inadvertent threat where a script performs some unforeseen or unexpected system change. One example is accidental DoS, where a script powers off a system rather than restarting it or locks out remote access, perhaps by changing a firewall configuration. Other examples include weakening the security configuration by enabling the script environment, creating port exceptions, disabling scanning software so that the script executes successfully, and so on. Scripts that can only be made to work by disabling security mechanisms are not safe enough to consider running. Test all code in a development environment, and ensure that any changes to hosts that are required to run the scripts are included and updated/monitored through new configuration baselines.

Question 29

Browser or System Crashes Due to Mishandling of Resources

Answer 29

Another way for a script to cause accidental DoS is through mishandling of resources. Some programming languages, such as C/C++, require very careful use of coding techniques to avoid creating vulnerabilities in the way the instructions manipulate system RAM. Scripting languages don’t suffer from this type of vulnerability (they are considered safe with respect to memory handling), but coding mistakes can still lead to situations where the script mishandles computer or storage resources. Some examples are:

• Creating files that deplete disk storage resources, such as log files or temp files.
• Using a faulty loop code construct that does not terminate and causes the script to hang.
• Making a faulty API call to some other process, such as the host browser, that causes it to crash.

Every script must be tested to try to eliminate these kinds of mistakes before it is deployed, and its execution should be monitored to pick up any bugs that were not found in the test phase.