Grep: Don't Leave Home Without It
Kali Linux has an awesome offline repository of known exploits. As you can see in the first image below a lot of these files can have innocuous names that on a surface level really don't mean anything.
In this blog article I am going to give you a quick demonstration of a powerful search tool called "grep." Many folks already implement this into their Linux terminal navigation. For me my most common use of grep is when I create text files from scan outputs and I want to match a pattern in the file.
The power of grep is evident in the previous example but let's expand to searching for content in ALL files in a directory.
Consider the following pentesting scenario. I am analyzing a target and I have determined that the target is using FTP service of a particular version.
I want to use a piece of code to plant a reverse shell on my target that calls back to the mother ship.
I have no idea where to start. (so for pentesters we know that "searchsploit" exists and does some of this work, the the ftp scenario is just an example of using grep)
Lucky for us GREP exists and we can harness it to help us out.
Let's say that I want to find all the files that contain the string "ftp."
#grep -rnw "/file/location/you/want/to/search/in" -e "ftp"
The above comand will search in the specified file location recursively (-r), list the line number (-n), match the whole word (-w) and also state the string (-e) (in this case it is "ftp").
Below is a screen shot of the command in use.
Check out the attached video to see this command in action.