Hi all,
I have written a shell script to search a specified directory (e.g. /home/user) for a list of specific words (shown as ${TMPDIR}/wordlist below). The script works well enough, but I was wondering if there was a way to display the line number that the word is found on?
Thanks!
cat << EOF > ${TMPDIR}/scanit
rm -f ${TMPDIR}/strings
strings "\$1" | egrep -i -f ${TMPDIR}/wordlist >> ${TMPDIR}/strings
if [ -s ${TMPDIR}/strings ]
then
echo >> ${TMPDIR}/${HOSTNAME}.o
echo "File: \$1" >> ${TMPDIR}/${HOSTNAME}.o
file "\$1" >> ${TMPDIR}/${HOSTNAME}.o
cat ${TMPDIR}/strings >> ${TMPDIR}/${HOSTNAME}.o
fi
rm -f ${TMPDIR}/strings
EOF
HOSTNAME=`hostname`
export HOSTNHAME
if [ $# -eq 0 ]
then
echo "You must specify the start of the directory tree to search"
exit
fi
find $1 -type f 2> ${TMPDIR}/${HOSTNAME}_find_errors | tee ${TMPDIR}/${HOSTNAME}_filelist | \
head -100 |\
sed -e "s+^+sh -x ${TMPDIR}/scanit \"+" -e 's/$/"/' > ${TMPDIR}/scanitnow
sh -x ${TMPDIR}/scanitnow 1> ${TMPDIR}/${HOSTNAME}_scan_run 2>&1
cd ${TMPDIR}
if [ -s ${HOSTNAME}.o ]
then
date "+%Y%M%d_%H:%m:%S: indicators found on ${HOSTNAME}" > ${HOSTNAME}_scan_results.csv
cat ${HOSTNAME}.o >> ${HOSTNAME}_scan_results.csv
else
date "+%Y%M%d_%H:%m:%S: No indicators found on ${HOSTNAME}" > ${HOSTNAME}_scan_results.csv
fi