Pages

Saturday, 28 January 2017

My solutions to cmdchallenge

I recently stumbled upon https://cmdchallenge.com which sort of tests your command line knowledge and comfortability. You have to basically solve all the challenges in a single line of bash. It is pretty simple and fun. You should give it a try before checking the solutions.


hello_world/

# Print "hello world".
# Hint: There are many ways to print text on
# the command line, one way is with the 'echo'
# command.
# 
# Try it below and good luck!
# 
Solution:
echo "hello world"

current_working_directory/

# Print the current working directory.
#
Solution:
pwd

list_files/

# List all of the files in the current
# directory, one file per line.
#
Solution:
ls -1

last_lines/

# Print the last 5 lines of "access.log".
# 
Solution:
tail -5 access.log

find_string_in_a_file/

# There is a file named "access.log" in the
# current working directory. Print all lines
# in this file that contains the string "GET".
#
Solution:
grep GET access.log

search_for_files_containing_string/

# Print all files, one per line that contain
# the string "500".
# 
Solution:
grep -rl * -e 500

search_for_files_by_extension/

# Print the relative file paths, one path
# per line for all files that start with
# "access.log" in the current directory.
# 
Solution:
find . -name "access.log*"

search_for_string_in_files_recursive/

# Print all matching lines (without the filename
# or the file path) in all files under the current
# directory that start with "access.log" that
# contain the string "500".
# 
Solution:
find . -name "access.log*" | xargs grep -h 500

extract_ip_addresses/

# Extract all IP addreses from files that
# that start with "access.log" printing one
# IP address per line.
# 
Solution:
find . -name "access.log*" | xargs grep -Eo '^[^ ]+'

delete_files/

# Delete all of the files in this challenge
# directory including all subdirectories and
# their contents.
# 
Solution:
find . -delete

count_files/

# Count the number of files in the current
# working directory. Print the number of
# files as a single integer.
# 
Solution:
ls | wc -l

simple_sort/

# Print the contents of access.log
# sorted.
# 
Solution:
sort access.log

count_string_in_line/

# Print the number of lines
# in access.log that contain the string
# "GET".
# 
Solution:
grep GET access.log | wc -l

split_on_a_char/

# The file split-me.txt contains a list of
# numbers separated by a ';' character.
# Split the numbers on the ';' character,
# one number per line.
# 
Solution:
cat split-me.txt | sed s/\;/\\n/g

print_number_sequence/

# Print the numbers 1 to 100 separated
# by spaces.
# 
Solution:
echo {1..100}

remove_files_with_extension/

# There are files in this challenge with
# different file extensions.
# Remove all files with the .doc extension
# recursively in the current working directory.
#
Solution:
find . -name "*.doc" -delete

replace_text_in_files/

# This challenge has text files that contain
# the phrase "challenges are difficult". Delete
# this phrase recursively from all text files.
# 
Solution:
find . -name "*.txt" -exec sed -i 's/challenges are difficult//g' {} +

sum_all_numbers/

# The file sum-me.txt have a list of numbers,
# one per line. Print the sum of these numbers.
#
Solution:
cat sum-me.txt | xargs | sed -e 's/\ /+/g' | bc

just_the_files/

# Print all files in the current directory
# recursively without the leading directory path.
# 
Solution:
find . -type f -printf "%f\n"

remove_extensions_from_files/

# Remove the extension from all files in
# the current directory recursively.
# 
Solution: (note you cant use find .)
find `pwd` -type f -exec bash -c 'mv "$1" "${1%.*}"' - '{}' \;

replace_spaces_in_filenames/

# The files in this challenge contain spaces.
# List all of the files in the current
# directory but replace all spaces with a '.'
# character.
# 
Solution:
find . -type f -printf "%f\n" | xargs -0 -I {} echo {} | tr ' ' '.'

files_starting_with_a_number/

# There are a mix of files in this directory
# that start with letters and numbers. Print
# the filenames (just the filenames) of all
# files that start with a number recursively
# in the current directory.
# 
Solution:
find . -name '[0-9]*' -type f -printf "%f\n"

print_nth_line/

# Print the 25th line of the file faces.txt
# 
Solution:
sed '25q;d' faces.txt

remove_duplicate_lines/

# Print the file faces.txt, but only print the first instance of each
# duplicate line, even if the duplicates don't appear next to each other.
# 
Solution:
awk '!seen[$0]++' faces.txt

corrupted_text/

# You have a new challenge!
# The following excerpt from War and Peace is saved to
# the file 'war_and_peace.txt':
# 
# She is betraying us! Russia alone must save Europe.
# Our gracious sovereign recognizes his high vocation
# and will be true to it. That is the one thing I have
# faith in! Our good and wonderful sovereign has to
# perform the noblest role on earth, and he is so virtuous
# and noble that God will not forsake him. He will fulfill
# his vocation and crush the hydra of revolution, which
# has become more terrible than ever in the person of this
# murderer and villain!
# 
# The file however has been corrupted, there are random '!'
# marks inserted throughout.  Print the original text.
# 
Solution: (Found this on hackernews)
< war_and_peace.txt tr -s '!' | sed 's/!\([a-z]\)/\1/g' | sed 's/!\( [a-z]\)/\1/g' | sed 's/!\.!/./g' | sed 's/ !/ /g'


Also, you can checkout the creator's solutions here.

Thursday, 19 January 2017

Look before you paste from a website to terminal

Most of the time when we see a code snippet online to do something, we often blindly copy paste it to the terminal. Even the tech savy ones just see it on the website before copy pasting. Here is why you shouldn't do this. Try pasting the following line to your terminal (SFW)

ls ; clear; echo 'Haha! You gave me access to your computer with sudo!'; echo -ne 'h4cking ## (10%)\r'; sleep 0.3; echo -ne 'h4cking ### (20%)\r'; sleep 0.3; echo -ne 'h4cking ##### (33%)\r'; sleep 0.3; echo -ne 'h4cking ####### (40%)\r'; sleep 0.3; echo -ne 'h4cking ########## (50%)\r'; sleep 0.3; echo -ne 'h4cking ############# (66%)\r'; sleep 0.3; echo -ne 'h4cking ##################### (99%)\r'; sleep 0.3; echo -ne 'h4cking ####################### (100%)\r'; echo -ne '\n'; echo 'Hacking complete.'; echo 'Use GUI interface using visual basic to track my IP'
ls
-lat


It should look something like this once it is pasted onto your terminal.
View post on imgur.com
You probably guessed it. There is some malicious code between ls and -lat that is hidden from the user

Malicious code's color is set to that of the background, it's font size is set to 0, it is moved away from rest of the code and it is made un-selectable (that blue color thing doesn't reveal it); to make sure that it works in all possible OSes, browsers and screen sizes.


This can be worse. If the code snippet had a command with sudo for instance, the malicious code will have sudo access too. Or, it can silently install a keylogger on your machine; possibilities are endless. So, the lesson here is, make sure that you paste code snippets from untrusted sources onto a text editor before executing it.

Thanks for reading!