Join Malcolm Shore for an in-depth discussion in this video Controlling the flow in a script, part of Penetration Testing Essential Training.
- [Instructor] Bash off is a number of flow control statements. One of the common ones we'll be using is the for statement. Let's look at a script which reads data from an array. Note that when we use the at character as an index, we get the number of elements in the array. And note that the first array element has an index of zero when we use the expression dollar I to use the value of the loop variable as an array index. We can now run the script to print out the list of names.
We can also script two of the similar loop mechanisms in a bash script. The Y loop and the until loop. Let's have a look at them. Firstly we set the start point at six and then loop, printing out the variable and decrementing it. While it remains greater than zero. Then we run an until loop. Printing it out and incrementing it until it's greater than six.
Now we can run the script. And we see the Y loop run down from six to one and then the until loop run back up to six. We've already seen an if else loop but let's look at this again to see how we can check whether a directory exists and if so, list its contents. We check the directory we provide by using the minus D operator. And if it does exist we use the LS command to list it out.
And we can run that with a missing directory name and we find the directory Barney doesn't exist. But Sniper does.
Cybersecurity expert Malcolm Shore reviews popular pen testing tools, as well as the Bash and Python scripting skills required to be able to acquire, modify, and re-use exploit code. He also provides a refresher on Kali Linux and introduces techniques for testing web services. At the end of this course, you'll be prepared to take more advanced training, and to pursue the popular Offensive Security Certified Professional (OSCP) certification.
- Pen testing overview
- Pen testing tools
- Bash scripting
- Python scripting
- Kali and Metasploit
- Web testing
- Finding exploit code