Upload
kristopher-mcdowell
View
218
Download
0
Embed Size (px)
Citation preview
Michael MusickCSC 415
BASHBOURNE AGAIN SHELL
A Brief History of bash
Language was named in tribute to Steve Bourne’s shell Brian Fox wrote the first versions of bash Official release date – January 10, 1988 Chet Ramey took over as the lead bash developer in
1993 He still maintains bash today up to its most recent 4.3
release Bash was created for use in the GNU project
Shell Shock!
Earlier this year a bash bug was discovered and then named shell shock
Roughly 25 years worth of bash versions affected by this Bug allows remote attackers to execute arbitrary code
This has been referred to as a cod injection attack
What does this mean?
An attacker can execute any shell command they want This bug left any system with bash on it vulnerable to this
type of attack An attacker with enough time could do whatever they
wanted to do Shell Shock has already been patched and is no longer a
concern
Actual BASH stuff (Variables)
Declaring variables in bash is simple COLOR=“black” NUMBER=“9”
Note the lack of spaces, this is required WRONG: color = “black” NOPE: number= “9” To see what is stored inside a variable a user can use $ to get
the content of a variable Echo “This is a string: $color” Echo “This is a number: $number”
More on variables
Even though all capital letters were used to declare the variables this is not required, it does help improve readability
Bash is case sensitive so how the variables are declared does matter
Scoping of bash
It’s a very basic concept with in bash All variables by default are treated as global variables
unless stated otherwise NUM=42 – global variable Local NUM=42 – local variable Global NUM=42 – global variable (why is this important?)
Why that last example was important
All variables with in any function are invisible outside the body of the function until that function is called
Local variables are treated the same way, global is a work around of that feature
Data Types
There are only 4 data types in bash (really?) Yes only 4
Strings Integers Constants Arrays
Every single variable is treated at a string until it is needed (wat?)
Data Types (continued)
Bash has a 50/50 shot at guessing what data type is needed for that variable if you look at the options
To declare an array – Unix[0]=‘Ubuntu’ Declare –a example=(‘Ubuntu’ ‘debian’)
To declare a constant – declare –r constant=“variable” 2 of the 4 data types have unique declarations leaving the
interpreter 2 options for what type of data type is needed for regular variables
How can I look at an array?
Simple…sort of echo ${example[@]} – this will display all elements of an array
${#example[@]} – this gives the length of an array Replace the @ with a numeric value to see a specific part
of an array The array index with bash starts at 0
Look at this neat trick!
Want to combine arrays? It is possible to concatenate two arrays into a single one!
How? LIKE THIS – Unixexample=(“${Unix[@]}” “${example[@]}”) The new array now all elements of both starting with the first
one entered into the command This array is called Unixexample
Last bit on array (tiny slide)
Where is all the cool info on multidimensional arrays? Bash does not have multidimensional arrays It is possible to “simulate” a multidimensional array but
unless you are Conal you do not want to go down that road.
Declare feature
A feature unique to bash is called the declare feature (it has a longer name “built in declare feature” its simpler to just shorten it up)
We have already seen declare –a used to declare an array and declare –r to declare a constant but there are many more such as declare –I to declare an integer
This feature is a work around for the previously mentioned trait where bash treats all variables as strings until otherwise mentioned
Expressions and Assignment Statements
Operator precedence is simple – left to right and basic order of operations (multiply, divide, add, then subtract)
Compound logical operators like && (and) || (or) have low precedence
Even though bash is a very basic language it still has all the neat expressions and assignment statements such as << >> (left and right shift) Var++ ++var (post and pre increment and decrement) Combination assignments (*=, +=, -= etc.)
File Testing
File test operators in bash check files to see if they contain certain properties
Examples: -f checks to see if the file is a regular file and not a directory or device file -x checks to see if the file has execute permission
There are a lot of these operators and are declared as such –xzvf then when the script executes it will run each of the checks present in the delcaration
Misc. stuff
Operator overloading is common in most modern languages but is not supported by bash
Due to the extremely limited data types in bash type conversion has not been implemented
Mixed mode assignments is not supported for the same reason
Statement Level Control Structures
If statements and for loops are pretty standard practice in comparison to other languages Example!if[ $1 –eq2 ]; then
return 1
Elif[ $(($1%2)) –eq0]; then
return 0
Else
For(( d=3; d*d <= $1; d+=2 )); do
if[ $(($1%$d)) –eq 0 ]; then
return 0
fi
Done
Return1
fi
I found where the semicolons went!
The semicolons indicate the end of the conditional part of the statement
Fi found at the end of the if statement is used to end if statements (if spelled backwards…duh right?)
Case statements do the same thing: esac (awful!) Bash contains all the control statements and loops found it
most other languages While loops If statements For loops
Subprograms
Subprograms are super simple with bash They are functions created within a bash script and run
their parameters when ever they are called These are obviously essential for the larger programs and
bash scripts
Hello World (a bit late)
#!/bin/bash
Function quit {
Exit
}
Function e {
Echo $1
}
E Hello
E World
quit
Issues with bash
Object oriented programming – not supported Abstract data types – not supported Encapsulation constructs – not supported Concurrency – not supported Exception and event handling – not supported
Evaluation
Readability Not too hard to read Strange syntax but easy to figure out even for newcomers
Writability Complex and strange rules make it difficult Strange spacing requirements make it easy to mess up
Reliability Aside from shell shock bash has been a pretty useful language
Cost?
Most of the software required to write and run bash scripts is free thanks to the GNU project
Cost of training or learning the language (tldp.org makes it free)
ITS ALL FREE!
Questions?