I tried this on DonationCoder, but I thought it would be useful if I posted here as well.
I have been thinking about this for a while, and sadly I am not very good with Bash, so I was hoping someone could help me.
I am well aware of the warning on the Ubuntu forums:
http://ubuntuforums.org/announcement.php?f=39
about nasty people telling less knowledgeable people like me to carry out commands that would toast their install.
Now, I love to mess around with Bash, and basically learn as I go, reading forum posts and using other Bash scripts that people have posted. However, I am always worrying that someone could have posted a malicious bit of code in their Bash script for a laugh (I am meaning a script I find anywhere on the internets, not just from the Ubuntu forums). Obviously I only use scripts from what look like reputable sites where people have commented on the script afterwards, but still the risk exists.
I was wondering if it was possible to make a Bash script that reads another Bash script that you pass it (basically a text file) and looks for any nasty pieces of code in it (the nasty pieces of code taken from the examples given in the post above and then updated from time to time with other sources).
In a sense, it would be like a mini-anti-virus program. It would have a definitions file that contained the nasty pieces of code, and then you would get it to scan a text file for those pieces of code and it would tell you if it found anything nasty or not.
I know this should use either the sed, awk or gawk commands, but I don't know how to create a script that could search for multiple strings of commands from a given list (the definitions file).
Obviously, this isn't a fool proof solution and it is entirely possible that it will miss nasty code or a certain piece of nasty code isn't in the definitions file, but, hey, it's a start and it should help new users to Linux and provide a little bit more internet security. Once it is created, I'll host it on Google Code and publicise it on my Blog (so all 10 of my readers can learn about it!!).
So, does anyone have any suggestions how I might go about this, i.e. what would be the best commands to base the script on (I don't want to choose one command, only to find after reading about it and trying for hours to use it that there is a better command out there that I should have used to begin with). Cheers for any views on this
(Note, Bash is preferred, since it is a relatively easy language to understand and users would be able to see how it works and learn a bit about Bash along the way).
Bookmarks