Showing posts with label CLI. Show all posts
Showing posts with label CLI. Show all posts

Friday, September 8, 2017

Choosing the first available program from list of options

GNU tar accepts an external program to perform compression, via the option --use-compress-program. I'd normally want pigz if it's available, but if not, fallback to gzip. Is there a compact way to get represent this? Yes! 
which --skip-alias --skip-functions pigz gzip 2>/dev/null | head -1
GNU which accepts multiple arguments, printing out the resolution for each as they're found or an error if not. GNU which also allows finding only full-fledged binaries, not aliases or functions. This is exactly what we want: list the paths to these programs, in the order I gave, then pluck the first one.

Thursday, December 8, 2016

Identifying specific vulnerabilities in WordPress, by version

Exactly how vulnerable is your WordPress version? Ask the good folks over at the WordPress vulnerability database who have not only assembled a vulnerability list by version, but also provided a nice API for querying.

# WordPress 4.4.2 vulnerabilities, by type
$ curl -sS https://wpvulndb.com/api/v2/wordpresses/442 |\
  jq -r '.["4.4.2"]|.["vulnerabilities"]|.[].vuln_type' |\
  sort | uniq -c
      1 BYPASS
      1 CSRF
      1 LFI
      1 SSRF
      1 UNKNOWN
      5 XSS
Same thing, but list the titles and take a version as a parameter: 
wpvulndb() {
    version=${1:?Check which WordPress version for vulnerabilities (eg 4.8.3)?}
    curl -sS "https://wpvulndb.com/api/v2/wordpresses/${version//./}" | \
      jq -r --arg version "$version" '.[$version]|.["vulnerabilities"]|.[].title'
}

wpvulndb 4.8.3

Wednesday, November 30, 2016

Pasting a remote file into your local clipboard (* mouse not required)

So, I'm updating a configuration file on a remote server (using MobaXterm), and I need to copy the contents into some Trello documentation running in a browser on my local Windows machine.

The old fashioned way to do it is to select it with the mouse (which MobaXterm interprets as copying to my Windows clipboard), then Shift+Insert it into the browser. Well, turns out you can use the command line:

[Bishop@Cygwin]$ ssh user@host "< /path/to/file" | clip

On Windows, clip is a program to read from standard in and put into the Windows clipboard. On Mac OSX, replace clip with pbcopy for the same effect.

You could extend this approach: instead returning the whole file, return the result of a pipe line. Neat. Like magic, no more mouse needed.