Loading ...
Sorry, an error occurred while loading the content.
 

Re: [linux_forensics] Script for downloads

Expand Messages
  • Luis Salazar
    Thank you for the heads up. ... You re welcome. I should point out that the help output in the script assumes the script is named downloads.bash (the name I
    Message 1 of 4 , Oct 3, 2011
      Thank you for the heads up.

      >>> "Jacques B." <jjrboucher@...> 9/30/2011 2:28 PM >>>
      You're welcome. I should point out that the help output in the script
      assumes the script is named downloads.bash (the name I gave it). I
      could have used $0 there so the actual script name and full path would
      have been displayed to properly reflect whatever name you give it.
      But I didn't want the full path displayed and didn't have time to look
      through my old scripts to see how to extract only the filename portion
      of a string (I've done it in other scripts). So you'll want to either
      change that Usage variable to $0 instead of downloads.bash so it puts
      your script name there, or hard code it to whatever name you give it.

      Jacques

      On Fri, Sep 30, 2011 at 6:07 PM, Luis Salazar <Luis.Salazar@...> wrote:
      > Thank you for sharing.
      >
      >>>> "Jacques B." <jjrboucher@...> 9/30/2011 6:42 AM >>>
      > This isn't a forensics script, however I thought it might have some
      > value to others in the Linux forensic community. I often find myself
      > downloading some tools or documents and then having to go to the
      > downloads folder and sift through it for the stuff I just downloaded
      > in order to copy or move it over to another location. I wrote this
      > bash script to take care of that. By default it will look at all
      > files from the ~/Downloads folder that have a change date of 5 minutes
      > or less. You can change that setting via a command line option. If
      > you specify no command line parameters, it will simply list the files
      > from the last 5 minutes (so you can make sure it's what you want to
      > copy/move). You can specify the options:
      > -o <move,copy> (as the names imply, move will move the files, and copy
      > will copy them. Any other option (misspelling or otherwise) will
      > simply list the files).
      >
      > and you must provide a destination folder as follows:
      > -d <destination_folder>
      >
      > If you want to copy/move/list files from the past 10 minutes, use -t
      > 10. Of course you can specify however many minutes you want until you
      > see only the files you wish to copy/move.
      >
      > Jacques
      >
      > -------instructions--------
      >
      > Here is the script. Feel free to adapt to your needs. Copy/paste it
      > into a text file and save it. Chmod it to make it executable and then
      > edit your PATH in .bashrc to add your script folder where you save
      > this script so that you can run it without specifying the full path
      > for the script. Certainly there is room for more error checking. But
      > it has some basic error checking. And of course I could have used the
      > case command instead of a few if statements near the end. But it was
      > quick and dirty scripting and does what I want it to do.
      >
      > ----------script-------------
      > #!/bin/bash
      > #
      > # Written by jjrboucher@...
      > #
      > #####################
      > #Declaring Variables#
      > #####################
      > Usage="\nUsage:\n------\n\ndownloads.bash -t <number of minutes>
      > (default is 5) -d <destination_folder> -o <move,copy>\nAny invalid -o
      > option will simply list the files even if a destination folder is
      > specified."
      > #default value - 5 minutes. In other words files with a change time
      > of 5 minutes or less.
      > declare -i how_old=5
      > target=""
      > option="z"
      > #exit values in case you want to use this script inside another one.
      > declare -i Need_help=1
      > declare -i Notarget=2
      >
      > #checks which command line options were specified.
      > while getopts ":t:d:o:" opt; do
      > case $opt in
      > t ) how_old=$OPTARG ;;
      > d ) target=$OPTARG ;;
      > o ) option=$OPTARG ;;
      > h | \? | -help ) echo -e $Usage
      > exit $Need_help ;;
      > esac
      > done
      >
      > #if the person specified the option copy or move and did not specify a
      > destination folder,
      > #advise them that they must specify a destination folder.
      > if [ \( "$option" = "copy" \) -o \( "$option" = "move" \) ] && [ -z
      > "$target" ]; then
      > echo -e "\nDestination folder (-d) not specified\n".
      > exit $Notarget
      > # fi
      > fi
      >
      > # -o move
      > if [ "$option" = "move" ]; then
      > echo "***Moving files from last $how_old mins"
      > echo "======================================"
      > find ~/Downloads/* -cmin -$how_old -type f -exec echo "Moving {}
      > to $target" \; -exec mv '{}' $target \;
      > # -o copy
      > elif [ "$option" = "copy" ]; then
      > echo "***Copying files from last $how_old mins"
      > echo "======================================"
      > find ~/Downloads/* -cmin -$how_old -type f -exec echo "Copying {}
      > to $target" \; -exec cp '{}' $target \;
      > else
      > # -o anything but "move" or "copy"
      > echo "***Listing files from last $how_old mins"
      > echo "======================================"
      > find ~/Downloads/* -cmin -$how_old -type f -exec echo "{}" \;
      > fi
      >
      >
      > CONFIDENTIALITY NOTICE: This communication with its contents may contain confidential and/or legally privileged information. It is solely for the use of the intended recipient(s). Unauthorized interception, review, use or disclosure is prohibited and may violate applicable laws including the Electronic Communications Privacy Act. If you are not the intended recipient, please contact the sender and destroy all copies of the communication.
      >
      >
      > ------------------------------------
      >
      > Yahoo! Groups Links
      >
      >
      >
      >


      CONFIDENTIALITY NOTICE: This communication with its contents may contain confidential and/or legally privileged information. It is solely for the use of the intended recipient(s). Unauthorized interception, review, use or disclosure is prohibited and may violate applicable laws including the Electronic Communications Privacy Act. If you are not the intended recipient, please contact the sender and destroy all copies of the communication.
    Your message has been successfully submitted and would be delivered to recipients shortly.