Creating 2 variables from a multiple pattern grep


 
Thread Tools Search this Thread
Operating Systems Linux Creating 2 variables from a multiple pattern grep
# 1  
Old 11-12-2012
Creating 2 variables from a multiple pattern grep

first time poster here

Im pretty new to grep and linux in general and I spent pretty much all day yesterday researching and coming up with a grep command to help with my university project. I am attempting to create a proof of concept bash script to scan the network using ngrep, find appropriate cookies and then place them into a variable. I was basically wondering how I could achieve this using one line so that I can grab both variables from the one packet rather than grabbing one variable then moving on to the next grep (which would have to wait on the next packet containing the cookie) Would I need to dump these to a file perhaps then read in both the variables? and if so how?

Code:
cook=`ngrep -s 1000 -l -q -d eth1 "Cookie:" tcp and port 80 | grep -m 1 -Po '(?<=user=)[^;]+'`

cook2=`ngrep -s 1000 -l -q -d eth1 "Cookie:" tcp and port 80 | grep -m 1 -Po '(?<=ab=)[^;]+'`

so how can I store cookie & cookie2 from the ONE packet instead of having to ngrep twice? I'm sorry if my question is a bit vague, if theres any confusion just ask

thanks guys
# 2  
Old 11-12-2012
Could you show what output you get with
Code:
ngrep -s 1000 -l -q -d eth1 "Cookie:" tcp and port 80

?
# 3  
Old 11-12-2012
Quote:
Originally Posted by ctsgnb
Could you show what output you get with
Code:
ngrep -s 1000 -l -q -d eth1 &quot;Cookie:&quot; tcp and port 80

?
sure, the packets can of course vary... but it is typically like
Code:
 T 192.168.0.2:56062 -> 31.13.72.20:80 [AP]   GET /profile.php?id=9807353023&ref=tn_tnmn&ajaxpipe=1&ajaxpipe_token=AXiX35owSRCd-ZmH&quickling[version   ]=668610%3B0&__user=1807553033&__a=1&__adt=10 HTTP/1.1..Host: www.facebook.com..Connection: keep-alive.   .User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229   .94 Safari/537.4..Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8..Referer: htt   p://www.facebook.com/profile.php?id=1807553033..Accept-Encoding: gzip,deflate,sdch..Accept-Language: en   -US,en;q=0.8..Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3..Cookie: locale=en_GB; datr=PSyfUNE5pidOqg   HIbV4lwvWt; lu=Rgu8r-Dw_TIyeBHKKAL7X_3A; c_user=9807353023; fr=0uRMqfaB4gwsekhGX.AWUpswZDblxvmrs0hSu3Uh   712bQ.BQnyxH.Js.AWUGsO8H; xs=27%3BA45MaK-T6DLTkQ%3A0%3A1352716409; sub=32; p=57; presence=EM352743119Eu  serFA21807553033A2EstateFDsb2F0Et2F_5b_5dElm2FnullEuct2F1352715811BEtrFA2loadA2EtwF1024479246EatF13527431173

its c_user and xs im trying to store into a variable
# 4  
Old 11-12-2012
With the example of output you provided, your
cook variable would contain (according to the test i did on my ubuntu):

Code:
1807553033&__a=1&__adt=10 HTTP/1.1..Host: www.facebook.com..Connection: keep-alive.   .User-Agent: Mozilla/5.0 (Windows NT 6.1
9807353023

And your cook2 variable would be empty.

Could you please provide an output that demontrate better what you intend in your variables ?

If you want to set many variables a simple way is to build an environment file that you then can then execute.

Some ksh read can read multiple variables.

You can also do a search and see how set -- works.
(use "OLDIFS" as search key)

Last edited by ctsgnb; 11-12-2012 at 05:01 PM..
# 5  
Old 11-12-2012
Code:
cuser=$(ngrep -s 1000 -l -q -d eth1 "Cookie:" tcp and port 80 | grep -m 1 -Po '(?<=c_user=)[^;]+') 
xs=$(ngrep -s 1000 -l -q -d eth1 "Cookie:" tcp and port 80 | grep -m 1 -Po '(?<=xs=)[^;]+')

the above gives me

root@bt:~# echo $xs
27%3BA45MaK-T6DLTKq%3A0%3A1352716409
root@bt:~# echo $cuser
9807353023

what im trying to achieve is to get both of these variables set with the one ngrep command (on the one packet) rather than executing ngrep twice and setting both variables from seperate packets
# 6  
Old 11-12-2012
Suggestion:
Why don't you ngrep and store the output in a variable:-
Code:
ngrep_out=$( ngrep -s 1000 -l -q -d eth1 "Cookie:" tcp and port 80 )

Then grep on this variable value to get xs & cuser:-
Code:
cuser=$( echo $ngrep_out | grep -m 1 -Po '(?<=c_user=)[^;]+' )
xs=$( echo $ngrep_out |grep -m 1 -Po '(?<=xs=)[^;]+' )

Will this work for you?
# 7  
Old 11-12-2012
Quote:
Originally Posted by bipinajith
Suggestion:
Why don't you ngrep and store the output in a variable:-
Code:
ngrep_out=$( ngrep -s 1000 -l -q -d eth1 "Cookie:" tcp and port 80 )

Then grep on this variable value to get xs & cuser:-
Code:
cuser=$( echo $ngrep_out | grep -m 1 -Po '(?<=c_user=)[^;]+' )
xs=$( echo $ngrep_out |grep -m 1 -Po '(?<=xs=)[^;]+' )

Will this work for you?
this does not give me any output on $ngrep_out for some reason

edit: sorry got it, I had to change the " to ' on the first line

thanks alot

---------- Post updated at 05:37 PM ---------- Previous update was at 05:07 PM ----------

the strange this is now it does work, but only intermittently

sometimes I get nothing in the variables and sometimes I do

Last edited by scottish_jason; 11-12-2012 at 06:37 PM..
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Grep multiple pattern

I have got a text from each line, I need to fetch port only if there is an ip a.text text and port=25 b.ip=(12.32.54.256) and port="52" c.ip=(55.251.253.12) and port=25" d.text text and port="5" e.ip=(45.211.155.15) and port="457" f.ip=(144.158.256.2) and port="588" I know how to... (6 Replies)
Discussion started by: arpagon
6 Replies

2. Shell Programming and Scripting

sed and awk usage to grep a pattern 1 and with reference to this grep a pattern 2 and pattern 3

Hi , I have a file where i have modifed certain things compared to original file . The difference of the original file and modified file is as follows. # diff mir_lex.c.modified mir_lex.c.orig 3209c3209 < if(yy_current_buffer -> yy_is_our_buffer == 0) { --- >... (5 Replies)
Discussion started by: breezevinay
5 Replies

3. Shell Programming and Scripting

Grep correct pattern with special character and variables

cat file time="north_south_east_west_08:00" location="A" start="left" status="ok" end="north" time="north_south_east_west_12:00" location="C" start="right" status="ok" end="south" time="north_south_east_west_23:00" location="G" start="left" status="ok" end="east"... (7 Replies)
Discussion started by: ctphua
7 Replies

4. Shell Programming and Scripting

Creating single pattern for matching multiple files.

Hi friends, I have a some files in a directory. for example 856-abc 856-def 851-abc 945-def 956-abc 852-abc i want to display only those files whose name starts with 856* 945* and 851* using a single pattern. i.e 856-abc 856-def 851-abc 945-def the rest of the two files... (2 Replies)
Discussion started by: Little
2 Replies

5. Shell Programming and Scripting

Grep text between multiple pattern

Hello everybody, I have been looking around but can't figure how to do a grep command, that find the text between multiple patterns, example: (pattern1 OR pattern2) AND (pattern3 OR pattern4) text that I want (pattern5 OR pattern6) AND (pattern7 OR pattern8) So how do I find the "text... (4 Replies)
Discussion started by: Benou
4 Replies

6. Shell Programming and Scripting

Grep command with multiple pattern

Hi, I want to search multiple patterns in a variable. DB_ERR=`echo "$DB_TRANS" | grep "SP2-" | grep "ORA-"` echo $DB_ERR But I am not getting anything in DB_ERR. I want to print each line on seperate line. Could you please help me out in this. Thanks in advance. (14 Replies)
Discussion started by: Poonamol
14 Replies

7. Shell Programming and Scripting

How to grep multiple pattern from XML file

Hi Everyone pls if anyone can help me in writing a script or correcting it what I have done. I want to write a script to grep record number for all those record which have abc xyd cat dog in one of the field say VALUE, I have thousand of file in a dir and I want to search every file for... (6 Replies)
Discussion started by: revertback
6 Replies

8. Shell Programming and Scripting

Grep with multiple instances of same pattern

Hi, This is my text file I'm trying to Grep. Apple Location Greenland Rdsds dsds fdfd ddsads http Received Return Immediately Received End My Grep command: grep only--matching 'Location.*Received' Because the keyword Received appears twice, the Grep command will stop at the last... (3 Replies)
Discussion started by: spywarebox
3 Replies

9. Shell Programming and Scripting

Grep with multiple instances of same pattern

Hi, This is my text file I'm trying to Grep. Apple Location Greenland Rdsds dsds fdfd ddsads http Received Return Immediately Received End My Grep command: grep only--matching 'Location.*Received' e. Because the keyword Received appears twice, the Grep command will stop at the last... (0 Replies)
Discussion started by: spywarebox
0 Replies

10. Solaris

Multiple pattern on same line using grep

Hi, I would like to search multiple patterns on same line, i.e. all patterns must present on same line. Please suggest. Thanx (2 Replies)
Discussion started by: sanjay1979
2 Replies
Login or Register to Ask a Question