I want to have a bash script which:
I have the following, but the script output does not show any matches:
#!/bin/bash
echo "Searching files in directory for secrets and urls"
for file in ./*
do
echo "=====$file====="
strings ${file} | egrep -wi --color 'secret\|password\|key\|credential|\http'
done
I've also tried strings $file | egrep -wi --color 'secret\|password\|key\|credential|\http'
and eval "strings ${file} | egrep -wi --color 'secret\|password\|key\|credential|\http'"
but these do not appear to work. The script outputs the filenames, but not the matches.
You're using egrep
which is the same as grep -E
, i.e. it enables the use of extended regular expressions.
In an extended regular expression, |
is an alternation (which is what you want to use), and \|
matches a literal |
character.
You therefore want
grep -w -i -E 'secret|password|key|credential|http'
or
grep -i -E '\<(secret|password|key|credential|http)\>'
where \<
and \>
matches word boundaries.
Or
grep -w -i -F \
-e secret \
-e password \
-e key \
-e credential \
-e http
... if you want to do string comparisons rather than regular expression matches.
Additionally, you will want to always double quote variable expansions. This would allow you to also process files with names that contain whitespace characters (space, tab, newline) and names that contain filename globbing characters (*
, ?
, [...]
) correctly:
#!/bin/sh
for name in ./*; do
[ ! -f "$name" ] && continue # skip non-regular files
printf '==== %s ====\n' "$name"
strings "$name" | grep ...
done
See also
Collected from the Internet
Please contact [email protected] to delete if infringement.
Comments