The Power of Chaining Commands in Linux

This took me about two hours to fiddle with. I’m trying to get better at writing my own scripts and chaining commands instead of relying on the ready-made scripts of other hackers, to whom I am eternally grateful for because without them I would never have learned how to even do half of what I do.

I thought I’d share with you a quick way I extracted info I needed from Searchsploit which is a great tool but once you find the exploit you’re looking for you have to specifically go into the directory where it is and then view the contents.

In Kali the exploits are in the /usr/share/exploitdb/platforms/ directory in a subdirectory for their particular language.

If you type it out it can get tiring and if you go through Nautilus it’s just as tiring to double click.

So I set out to see if I could get the info from these directories in one line in Bash.

For the purposes of our test, let’s say I want to search for exploits for Sendmail v 8. The first step is to see what we can see:

 

 

Eww. That’s way too much information.

Those Arbitrary Code Exec sploits look interesting. Let’s see just those using grep.

 

 

 

Okay that’s a little better but in order to get to each individual exploit I would have to type the following:

 

And that would get old fast. So I thought about how to do a bunch of commands that would create a script to do the following:

1. Search the tool Searchsploit for all Arbitrary Code Execution exploits for the program Sendmail 8
2. Cut the last few lines of each sploit with the paths to each filename
3. Append cat /usr/share/exploitdb/platforms/ path to the beginning of each line
4. Add a > character to the end of each line
5. Add numbers which increase by one to the end of each line
6. Create a script called “test.sh”
7. Give it executable rights
4. Then run the script it just created which would then dump the contents of each exploit file into four numerically sequenced files so I could view them.

 

In order to do this I had to find the column numbers for linux/local/…..

The final command structure is thus:

searchsploit Sendmail 8 | grep "Code Execution" | cut -c 195-220 | sed -e 's#^#cat /usr/share/exploitdb/platforms/#' | awk '{print $0">"}' | awk '{ print $0,NR}' | awk '{ print $0".txt"}' >test.sh | chmod +x /root/Desktop/test.sh | sh /root/Desktop/test.sh

 

In closing, this isn’t perfect and I realize that. Also, for some strange reason, after an hour of testing various things, the column numbers were changing on me. I do not know why. I’m really in the beginning stages of shell scripting and I know I can write a script which will extract all this information and put it into the four files as I like without having to run each of these commands.

I’ll work on tweaking this and doing just that next time but I had a need for a few exploits and I figured I would use this as a way to illustrate how powerful Linux is and how useful chaining commands really is.

 

One thought on “The Power of Chaining Commands in Linux

Comments are closed.