Tag: grep

Kolmogorov Complexity, Natural Language Programming and the Bash shell

by on Jan.14, 2012, under Code, Posts

The following post superficially applies the concepts of Kolmogorov complexity of an object and natural language programming using the bash shell. Part of the inspiration for this post came from this video: http://www.youtube.com/watch?v=KyB13PD-UME

In this post we will be treating strings as objects in a similar sense of Kolmogorov complexity. Then we will apply an alias name or function name to the object which then the alias/function name can be perceived as a natural language sentence.

Take the following object:

sudo nmap -sP -n -T4 $(netstat -rn | awk ‘{print $2}’ | egrep ‘[[:digit:]]{1,3}\.[[:digit:]]{1,3}\.[[:digit:]]{1,3}\.[[:digit:]]{1,3}’ | fgrep -v “” | sed -e ‘s/\([0-9]\)\{1,3\}$/1-254/g’)

To individuals who are not familiar with the bash shell or bash shell programming, this object does not make a whole lot of sense. What does it do? What does it mean? Why is this one-liner algorithm useful to some individuals?

For those of who you aren’t sure, this one-liner algorithm is used for ping sweeping your local subnet based upon the gateway’s IP address. So if your gateway is then when the bash shell expands and processes the sub-shell variable $(netstat -rn | awk ‘{print $2}’ | egrep ‘[[:digit:]]{1,3}\.[[:digit:]]{1,3}\.[[:digit:]]{1,3}\.[[:digit:]]{1,3}’ | fgrep -v “” | sed -e ‘s/\([0-9]\)\{1,3\}$/1-254/g’‘), it would result with Lastly, the string would result with sudo nmap -sP -n -T4

To take the time to type out this 196 character object each time you connect to a network that you’re exploring, would be extremely tedious and time consuming. Ergo to save an individual some time and keystrokes, this is where we will apply the ‘alias’ function that is built into the bash shell:

alias PingSweepLocalSubnet=”sudo nmap -sP -n -T4 $(netstat -rn | awk ‘{print $2}’ | egrep ‘[[:digit:]]{1,3}\.[[:digit:]]{1,3}\.[[:digit:]]{1,3}\.[[:digit:]]{1,3}’ | fgrep -v “” | sed -e ‘s/\([0-9]\)\{1,3\}$/1-254/g’)”

Here the 20 character alias PingSweepLocalSubnet saves the end user 176 characters to type and makes more sense depending on if the user is familiar with networking terminologies. Granted this may not be, “the shortest description of this object” and the proper simplifying algorithm according to Kolmogorov complexity method, but this is where the idea of natural language programming is applied. With this object, if we use the Kolmogorov complexity concept, is nearly incompressible. I wanted this alias to be time saving and to be almost a form of natural language programming.

We must also remember that we do not necessarily need to use the ‘alias’ function from the bash shell. We can also achieve the same result by using ‘function’ from bash shell:

function PingSweepLocalSubnet()
sudo nmap -sP -n -T4 $(netstat -rn | awk ‘{print $2}’ | egrep ‘[[:digit:]]{1,3}\.[[:digit:]]{1,3}\.[[:digit:]]{1,3}\.[[:digit:]]{1,3}’ | fgrep -v “” | sed -e ‘s/\([0-9]\)\{1,3\}$/1-254/g’

In turn end users may want to use function assignments rather than aliases. Aliases are limited and are simply string substitutions. For further reading on using aliases or functions take a look at: http://linuxgazette.net/issue53/eyler.html Whether or not the end user decides to use ‘alias’ or ‘function’ is subjective to the user.

Leave a Comment :, , , , , , , , , , , , , , , , , , , , , , more...

Passively finding MDNS names (.local)

by on May.16, 2010, under Code, Posts

Just a quicky:

If you’re in a local area network and you’re trying to do some passive information gathering using a sniffer, here is a great way to find .local host names:

tcpdump -i wlan0 -vv 2&>1 | egrep '*.local'

What’s beautiful about this method is you can usually find people’s full names, especially if they’re using Apple devices. Along with that, you’re not probing or alerting the targets.

Also, if you’re not in range of a wifi access point and can barely see the AP, you can use this method while trying to connect (it makes this method a little less passive..), but I’ve discovered Iphone device names via this method.

And now…. back to the books. 🙂

PS: I’m going to set aside time this week to put more effort into ettersploit.

Leave a Comment :, , , , , , , more...

Looking for something?

Use the form below to search the site:

Still not finding what you're looking for? Drop a comment on a post or contact us so we can take care of it!