20160601 프로그래밍 기초
==================================================메 모==================================================
grep -i
/var/tmp 관리자 전용으로 예약된 폴더
과제#2 마감 5일전
================================================강의/실습================================================
■ 파일 점검 프로그램
점검할 파일을 file_list.txt 파일에 정의하고 이 파일들에 대해 백업파일을 만든후 하루에 한번씩 원본 파일과 백업파일의 내용이 같은지를 점검하는 프로그램이다. 매일 아침마다 리포트 형태로 출력하여 출근시에 보고를 받을수 있도록 메일을 보내는 형식으로 되어져 있다.
# cat check_file.sh
#!/bin/bash
# # crontab -e
# Min Hour Day Mon Week CMD
# 0 8 * * * /root/shell/check_file.sh
#
# # cat /root/shell/test/.mail_contents_OK.txt
# Have a Good Day !!!!!
#
# # cat /root/shell/test/check_file_list.txt
# .....
# /etc/passwd
# /etc/group
# /etc/hosts
# .....
F_LIST=/root/shell/test/file_list.txt # check file list
T_FILE=/var/tmp/.tmp1 # tempory file
F_RESULT=/root/shell/test/result.`date +'%m%d'` # check result for report file
EMAIL=root # admin email : root@example.com
cp /dev/null $F_RESULT # 결과파일 초기화
for F_NAME in `cat $F_LIST` # 점검해야 하는 파일 목록 읽기
do
if [ -f $F_NAME.orig ] ; then # 백업파일 존재 유무 확인
diff $F_NAME $F_NAME.orig > $T_FILE # 원본파일<-->백업파일 비교
if [ -s $T_FILE ] ; then
echo "$F_NAME [ WARN ]" >> $F_RESULT
else
echo "$F_NAME [ OK ]" >> $F_RESULT
fi
else
cp $F_NAME $F_NAME.orig
fi
done
if grep WARN $F_RESULT > /dev/null 2>&1 ; then
# mailx -s "Critical Satus. Check Files" $EMAIL < $F_RESULT
echo "WARNNING"
else
# mailx -s "OK" $EMAIL < $F_RESULT
echo "OK"
fi
# rm T_FILE # tempory file delete
-> 파일이 변경되었는가에 대한 점검할 수 있는 방법은 여러가지가 있다. ① 파일의 사이즈를 점검하거나 ② 파일의 mtime을 변경하거나 ③ diff, cmp 명령어를 사용하거나
# chmod 755 check_file.sh
# ./check_file.sh
OK
-> 첫번째 실행시켰을때이기 때문에 백업 파일들이 실행된다.
# ./check_file.sh
OK
# cat /root/shell/test/result.1226
/etc/passwd [ OK ]
/etc/group [ OK ]
/etc/hosts [ OK ]
# vi /root/bin/check_file.sh
----------------------------------------------
프로그램 작성
----------------------------------------------
(ㄱ) 첫번째 실행할때는 백업 파일을 생성한다.(EX: passwd -> passwd.old)
(ㄴ) 두번째 실행할때 부터는 백업 파일과 현재 파일을 비교한다.
(EX: passwd <-cmp CMD-> passwd.old)
# /root/bin/check_file.sh
-------------------------------------
/root/bin/passwd [ OK ]
/root/bin/group [ OK ]
/root/bin/hosts [ OK ]
-------------------------------------
[실습]
# vi /root/bin/check_file.sh
# chmod 755 /root/bin/check_file.sh
# vi /root/bin/check_file.txt
----------------------------------------
/root/bin/passwd
/root/bin/group
/root/bin/hosts
----------------------------------------
# cp /etc/passwd /etc/group /etc/hosts /root/bin
# /root/bin/check_file.sh
(정상화면)
-------------------------------------
/root/bin/passwd [ OK ]
/root/bin/group [ OK ]
/root/bin/hosts [ OK ]
-------------------------------------
(비정상화면)
-------------------------------------
/root/bin/passwd [ OK ]
/root/bin/group [ OK ]
/root/bin/hosts [ WARN ]
-------------------------------------
★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★
★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★
#!/bin/bash
SOURCE=`cat /root/bin/check_file.txt`
for L_FILE in $SOURCE
do
if [ -a $L_FILE.old ] ;
then
diff $L_FILE $L_FILE.old > /dev/null
case $? in
0) echo "$L_FILE [ OK ]" ;;
1) echo "$L_FILE [ WARN ]" ;;
*) exit 1;;
esac
else cp $L_FILE $L_FILE.old
fi
done
이것은 실패한것 오류수정을 해야함
#!/bin/bash
SOURCE=`cat /root/bin/check_file.txt`
TTMP=/var/tmp/.tmp1
echo "-----------------------------------------"
for FILE in $SOURCE
do
if [ -a $FILE.old ] ;
then
diff $FILE $FILE.old
case $? in
0) echo -e "$FILE \t\t [ OK ]" ;;
1) echo -e "$FILE \t\t [ WARN ]" ;;
*) exit 1;;
esac
else cp $FILE $FILE.old
fi
done
echo "-----------------------------------------"
.old 파일이 없을 경우에는 출력이 안됨
수정을 더 해야한다 case문으로는 안되는걸까
예제코드를 이용했는데도 문제가 있음
.old 파일이 없을때 출력이 안됨
그렇다고 새로 생성하지도 않는거 같기도..
★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★
★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★
■ 환경 설정 스크립트
# vi ENV_main.sh
-----------------------------
./ENV1.sh
./ENV2.sh
./ENV3.sh
-----------------------------
# vi ENV1.sh
-----------------------------
telnet 서비스(root 사용자로 접근 가능)
# chkconfig krb5-telnet on
# service xinetd restart
# echo "pts/1" >> /etc/securetty
vsftpd 서비스(root 사용자로 접근 가능)
# chkconfig vsftpd on
# service vsftpd restart
# grep -v root /etc/vsftpd/ftpusers
# grep -v root /etc/vsftpd/user_list
-----------------------------
# vi ENV2.sh
-----------------------------
~/.bashrc
# echo "set -o vi" >> ~/.bashrc
# echo "export EDITOR=/usr/bin/vim" >> ~/.bashrc
# echo "alias vi='/usr/bin/vim'" >> ~/.bashrc
~/.bash_logout
# sed 's/clear/#clear/g' ~/.bash_logout
-----------------------------
# vi ENV3.sh
-----------------------------
gcc packages
# yum -y install gcc
-----------------------------
[샘플 예제1]
telnet 서비스(root 사용자로 접근 가능)
# chkconfig krb5-telnet on
# service xinetd restart
# echo "pts/1" >> /etc/securetty
# vi ENV1.sh
------------------------------------------
chkconfig --list krb5-telnet > /dev/null 2>&1
if [ $? -eq 0 ] ; then
echo "[ Phase 1 ] : krb5-telnet exist"
else
echo "[ Phase 1 ] : krb5-telnet not exist"
exit 1
fi
chkconfig krb5-telnet on
if [ $? -eq 0 ] ; then
echo "[ Phase 2 ] : krb5-telnet running"
else
echo "[ Phase 2 ] : krb5-telnet not running"
exit 2
fi
service xinetd restart > /dev/null 2>&1
START=1
END=11
while [ $START -le $END ]
do
echo "pts/$START" >> /etc/securetty
START=`expr $START + 1`
done
------------------------------------------
[샘플 예제2]
# grep -v '^root' /etc/vsftpd/ftpusers > /tmp/.tmp1
# cp -f /tmp/.tmp1 /etc/vsftpd/ftpusers
■ CPU/MEM/DISK
/Process 부하량 주는 스크립트/프로그램
# cd /root/bin
# vi cpuhog.sh
#!/bin/bash
while true
do
a=1
done
[TERM2] # gnome-system-monitor &
# chmod 755 *.sh
# ./cpuhog.sh
# vi cpuhog2.sh
#!/bin/bash
trap 'pkill -9 cpuhog.sh ; exit 1' 2 3
/root/bin/cpuhog.sh &
sleep 10
/root/bin/cpuhog.sh &
sleep 10
/root/bin/cpuhog.sh &
sleep 6000
trap 2 3
# vi cpuhog3.sh
#!/bin/bash
a=1
while true
do
a=`expr $a + 1`
done
# vi cpuhog4.sh
#!/bin/bash
trap 'pkill -9 cpuhog3.sh ; exit 1' 2 3
/root/bin/cpuhog3.sh &
sleep 10
/root/bin/cpuhog3.sh &
sleep 10
/root/bin/cpuhog3.sh &
sleep 6000
trap 2 3
# poweroff
VMware > VM > MEM(1G) -> MEM(4G)
# cd /root/bin
# vi mem.c
#include<stdlib.h>
main()
{
char *m;
while (1)
m=malloc(1);
}
[TERM2] # gnome-system-monitor &
# gcc -o mem mem.c
# ./mem
# vi disk.c
#include<fcntl.h>
#include<sys/types.h>
#include<sys/stat.h>
main()
{
int fd;
char buf[10000];
fd=open("tempfile", O_WRONLY | O_CREAT, 0777);
unlink("./tempfile");
while(1)
write(fd, buf, sizeof(buf));
}
[TERM2] # gnome-system-monitor &
# gcc -o disk disk.c
# ./disk
# vi process.c
#include<unistd.h>
#include<sys/types.h>
main()
{
while(1)
fork();
return(0);
}
# while true
do
ps -ef | wc -l
sleep 1
done
# gcc -o process process.c
# ./process
[root@linux220 ~/bin]# free
total used free shared buffers cached
Mem: 1035008 869604 165404 0 65556 661088
-/+ buffers/cache: 142960 892048
Swap: 2097144 0 2097144
[root@linux220 ~/bin]# free | grep Mem
Mem: 1035008 869336 165672 0 65572 661088
[root@linux220 ~/bin]# free | grep Mem | awk '{print $2, $3}'
1035008 869336
[root@linux220 ~/bin]# free | grep Mem | awk '{print $2, $3}' | while read TOTAL USED
> do
> echo $TOTAL
> echo $USED
> done
1035008
869212
■ ping 테스트 프로그램
# vi ping.sh
(동작원리)
------------------------------------
ping 172.16.10.200
......
ping 172.16.10.230
------------------------------------
(출력 결과)
------------------------------------
172.16.10.200 : alive
172.16.10.201 : dead
172.16.10.202 : dead
.......
172.16.10.230 : alive
------------------------------------
# cat ping.sh
---------------------------------------------------
#!/bin/bash
NET=172.16.10.
START=200
END=230
while [ $START -le $END ]
do
ping -c 1 ${NET}${START} >/dev/null 2>&1
if [ $? -eq 0 ] ; then
echo "${NET}${START} : alive"
else
echo "${NET}${START} : dead"
fi
START=`expr $START + 1`
done
---------------------------------------------------
# chmod 755 ping.sh
# ./ping.sh
# cp ping.sh arp2.sh
# vi arp2.sh
---------------------------------------------------
#!/bin/bash
NET=172.16.10.
START=200
END=230
while [ $START -le $END ]
do
ping -c 1 ${NET}${START} >/dev/null 2>&1
if [ $? -eq 0 ] ; then
echo "${NET}${START} : alive"
else
echo "${NET}${START} : dead"
fi
START=`expr $START + 1`
done
echo "=========== ARP Caching Table =============="
arp -an | grep $NET
echo ; echo
---------------------------------------------------
# chmod 755 arp2.sh
# ./arp2.sh
■ 네트워크 설정 점검 스크립트
# ping 172.16.10.249
# ping 168.126.63.1
# nslookup www.daum.net (# ping www.google.com)
# ./check_network.sh
------------------------------------
프로그램 작성
------------------------------------
[*] : 실행
[+] : 실행 성공
[-] : 실행 실패
■ 실행 성공
# ./check_network.sh
----------------------------------
[*] ping 172.16.10.249
[+] [ OK ] Local Network Connection
[*] ping 168.126.63.1
[+] [ OK ] External Netwrok Connection
[*] nslookup www.daum.net
[+] [ OK ] DNS Client Configuration
----------------------------------
■ 실행 실패 1
(에러) # ifconfig eth0 192.168.20.2XX netmask 255.255.255.0 up
(복원) # service network restart
# ./check_network.sh
----------------------------------
[*] ping 172.16.10.249
[-] [ FAIL ] Local Network Connection
(ㄱ) VMware > Edit > Virtual Network Editor
(ㄴ) VMware > VM > Settings > Network Adapter
(ㄷ) # ifconfig
----------------------------------
■ 실행 실패 2
(에러) # route del default gw 172.16.0.1
(복원) # route add default gw 172.16.10.1
or
# service network restart
# ./check_network.sh
----------------------------------
[*] ping 172.16.10.249
[+] [ OK ] Local Network Connection
[*] ping 168.126.63.1
[-] [ FAIL ] External Network Connection
(ㄱ) # netstat -nr (# route -n)
----------------------------------
■ 실행 실패 3
(에러) # vi /etc/resolv.conf
nameserver 172.16.10.1
(복원) # vi /etc/resolv.conf
nameserver 168.126.63.1
# ./check_network.sh
----------------------------------
[*] ping 172.16.10.249
[+] [ OK ] Local Network Connection
[*] ping 168.126.63.1
[+] [ OK ] External Netwrok Connection
[*] nslookup www.daum.net
[-] [ FAIL ] DNS Client Configuration
(ㄱ) # cat /etc/resolv.conf
----------------------------------
1) # ping 172.16.6.5
-> connection
# ethtool eth0
# nstat -i
# ifconfig eth0
2) # ping 168.126.63.1
-> default router(# netstat -nr)
3) # ping www.google.com
-> DNS(# cat resolve.conf)
[root@linux220 ~/bin]# ifconfig eth0 192.168.20.220 netmask 255.255.255.0 up
[root@linux220 ~/bin]# ./check_network.sh
[*] ping 172.16.6.249
[-] FAIL
(A) VMware > Edit > Virtual Network Editor
(B) VMware > VM > Settings > Network Adapter
(C) # ifconfig
[root@linux220 ~/bin]# service network restart
Shutting down interface eth0: [ OK ]
Shutting down loopback interface: [ OK ]
Bringing up loopback interface: [ OK ]
Bringing up interface eth0: [ OK ]
[root@linux220 ~/bin]# route del default gw 172.16.0.1
[root@linux220 ~/bin]# ./check_network.sh
[*] ping 172.16.6.249
[+] OK
[*] ping 168.126.63.1
[-] FAIL
(A) # netstat -nr (# route -n)
[root@linux220 ~/bin]# service network restart
Shutting down interface eth0: [ OK ]
Shutting down loopback interface: [ OK ]
Bringing up loopback interface: [ OK ]
Bringing up interface eth0: [ OK ]
[root@linux220 ~/bin]# vi /etc/resolv.conf
[root@linux220 ~/bin]# ./check_network.sh
[*] ping 172.16.6.249
[+] OK
[*] ping 168.126.63.1
[+] OK
[*] nslookup www.google.com
[-] FAIL
(A) # cat /etc/resolv.conf
[root@linux220 ~/bin]# vi /etc/resolv.conf
[root@linux220 ~/bin]# cat check_network.sh
#!/bin/bash
TEMP=/var/tmp/.tmp1
echo "[*] ping 172.16.6.249"
ping -c 3 172.16.6.249 >> $TEMP 2>&1
if [ $? -eq 0 ] ;
then
echo "[+] OK"
else
echo "[-] FAIL"
echo " (A) VMware > Edit > Virtual Network Editor"
echo " (B) VMware > VM > Settings > Network Adapter"
echo " (C) # ifconfig"
exit 1
fi
echo "[*] ping 168.126.63.1"
ping -c 3 168.126.63.1 >> $TEMP 2>&1
if [ $? -eq 0 ] ;
then
echo "[+] OK"
else
echo "[-] FAIL"
echo " (A) # netstat -nr (# route -n)"
exit 2
fi
echo "[*] nslookup www.google.com"
nslookup www.google.com | grep -i 'authoritative answer:' >> $TEMP 2>&1
if [ $? -eq 0 ] ;
then
echo "[+] OK"
else
echo "[-] FAIL"
echo " (A) # cat /etc/resolv.conf"
exit 3
fi
■ 설치 스크립트 예제
# ./install.sh
--------------------------------
0 % |>
--------------------------------
# ./install.sh
--------------------------------
10% |=>
--------------------------------
# ./install.sh
--------------------------------
20% |==>
--------------------------------
# ./install.sh
--------------------------------
50% |=====>
--------------------------------
# ./install.sh
--------------------------------
100%|==========| complete
--------------------------------
[참고] escape character
# man bash
/escape character
echo [-neE] [arg ...]
Output the args, separated by spaces, followed by a newline.
The return status is always 0. If -n is specified, the
trailing newline is suppressed. If the -e option is given,
interpretation of the following backslash-escaped characters
is enabled. The -E option disables the interpretation of
these escape characters, even on systems where they are
interpreted by default. The xpg_echo shell option may be
used to dynamically determine whether or not echo expands
these escape characters by default. echo does not interpret
-- to mean the end of options. echo interprets the follow-
ing escape sequences:
\a alert (bell)
\b backspace
\c suppress trailing newline
\e an escape character
\f form feed
\n new line
\r carriage return
\t horizontal tab
\v vertical tab
\\ backslash
\0nnn the eight-bit character whose value is the octal
value nnn (zero to three octal digits)
\xHH the eight-bit character whose value is the hexadeci-
mal value HH (one or two hex digits)
# vi test.sh
-------------------------------
#!/bin/bash
NUM=1
while [ $NUM -le 10 ]
do
echo -ne "="
sleep 1
NUM=`expr $NUM + 1`
done
-------------------------------
# vi test2.sh
-------------------------------
#!/bin/bash
NUM=1
while [ $NUM -le 10 ]
do
echo -ne "=\r"
sleep 1
NUM=`expr $NUM + 1`
done
-------------------------------
# vi test3.sh
--------------------------------
#!/bin/bash
(출력화면)
20% |==>
NUM=1
echo -ne "20% |"
while [ $NUM -le 2 ]
do
echo -ne "="
sleep 1
NUM=`expr $NUM + 1`
done
echo -ne '>\n'
--------------------------------
★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★
★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★
[root@linux220 ~/bin]# cat install.sh
#!/bin/bash
for ((NUM=1; NUM=100; NUM++))
do
while [ $NUM -le 100 ]
do
echo -ne "$NUM% |\r\b"
echo -ne "="
sleep 1
NUM=`expr $NUM + 1`
done
done
echo -ne '>\n'
실패 이거 안됨
시행착오중임
★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★
★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★
'모의해킹 침해대응 전문가 과정' 카테고리의 다른 글
| 20160602 프로젝트#1 (0) | 2016.06.03 |
|---|---|
| 20160602 프로그래밍 기초 (0) | 2016.06.03 |
| 20160531 과제#1 (0) | 2016.06.01 |
| 20160531 프로그래밍 기초 (0) | 2016.06.01 |
| 20160530 정보수집단계/프로그래밍 기초 (0) | 2016.05.31 |