===========================================================
.___ __ __
_________________ __ __ __| _/|__|/ |_
/ ___\_` __ \__ \ | | \/ __ | | \\_ __\
/ /_/ > | \// __ \| | / /_/ | | || |
\___ /|__| (____ /____/\____ | |__||__|
/_____/ \/ \/
grep rough audit - static analysis tool
v2.8 written by @Wireghoul
=================================[justanotherhacker.com]===
zeekctl-2.1.0+ds1/cmake/package_postupgrade.sh.in-13-if [ -e ${backupNamesFile} ]; then
zeekctl-2.1.0+ds1/cmake/package_postupgrade.sh.in:14: backupFileList=`cat ${backupNamesFile}`
zeekctl-2.1.0+ds1/cmake/package_postupgrade.sh.in-15-
zeekctl-2.1.0+ds1/cmake/package_postupgrade.sh.in-16- for backupFile in ${backupFileList}; do
zeekctl-2.1.0+ds1/cmake/package_postupgrade.sh.in:17: origFileName=`echo ${backupFile} | sed 's/\(.*\)\..*/\1/'`
zeekctl-2.1.0+ds1/cmake/package_postupgrade.sh.in-18-
##############################################
zeekctl-2.1.0+ds1/cmake/zeek-plugin-install-package.sh-8-if [ $# != 2 ]; then
zeekctl-2.1.0+ds1/cmake/zeek-plugin-install-package.sh:9: echo "usage: `basename $0` <canonical plugin name> <destination directory>"
zeekctl-2.1.0+ds1/cmake/zeek-plugin-install-package.sh-10- exit 1
##############################################
zeekctl-2.1.0+ds1/cmake/zeek-plugin-create-package.sh-9-if [ $# = 0 ]; then
zeekctl-2.1.0+ds1/cmake/zeek-plugin-create-package.sh:10: echo "usage: `basename $0` <canonical plugin name> [<additional files to include into binary distribution>]"
zeekctl-2.1.0+ds1/cmake/zeek-plugin-create-package.sh-11- exit 1
##############################################
zeekctl-2.1.0+ds1/cmake/zeek-plugin-create-package.sh-20- if [ -e ../$i ]; then
zeekctl-2.1.0+ds1/cmake/zeek-plugin-create-package.sh:21: dir=`dirname $i`
zeekctl-2.1.0+ds1/cmake/zeek-plugin-create-package.sh-22- mkdir -p ${dir}
##############################################
zeekctl-2.1.0+ds1/cmake/ZeekPluginDynamic.cmake-14- if ( BRO_DIST )
zeekctl-2.1.0+ds1/cmake/ZeekPluginDynamic.cmake:15: include(${BRO_DIST}/cmake/CommonCMakeConfig.cmake)
zeekctl-2.1.0+ds1/cmake/ZeekPluginDynamic.cmake-16-
##############################################
zeekctl-2.1.0+ds1/cmake/ZeekPluginDynamic.cmake-83-
zeekctl-2.1.0+ds1/cmake/ZeekPluginDynamic.cmake:84: include(${BRO_CONFIG_CMAKE_DIR}/CommonCMakeConfig.cmake)
zeekctl-2.1.0+ds1/cmake/ZeekPluginDynamic.cmake-85-
##############################################
zeekctl-2.1.0+ds1/ZeekControl/install.py-191- # Control definition. For now just reuse the manager information.
zeekctl-2.1.0+ds1/ZeekControl/install.py:192: ostr += '\t["control"] = [$node_type=Cluster::CONTROL, $ip=%s, $p=%s/tcp],\n' % (util.format_zeek_addr(manager.addr), zeekport.use_port(None))
zeekctl-2.1.0+ds1/ZeekControl/install.py-193-
##############################################
zeekctl-2.1.0+ds1/ZeekControl/install.py-195- for lognode in loggers:
zeekctl-2.1.0+ds1/ZeekControl/install.py:196: ostr += '\t["%s"] = [$node_type=Cluster::LOGGER, $ip=%s, $p=%s/tcp],\n' % (lognode.name, util.format_zeek_addr(lognode.addr), zeekport.use_port(lognode))
zeekctl-2.1.0+ds1/ZeekControl/install.py-197-
zeekctl-2.1.0+ds1/ZeekControl/install.py-198- # Manager definition
zeekctl-2.1.0+ds1/ZeekControl/install.py:199: ostr += '\t["%s"] = [$node_type=Cluster::MANAGER, $ip=%s, $p=%s/tcp],\n' % (manager.name, util.format_zeek_addr(manager.addr), zeekport.use_port(manager))
zeekctl-2.1.0+ds1/ZeekControl/install.py-200-
##############################################
zeekctl-2.1.0+ds1/ZeekControl/install.py-202- for p in proxies:
zeekctl-2.1.0+ds1/ZeekControl/install.py:203: ostr += '\t["%s"] = [$node_type=Cluster::PROXY, $ip=%s, $p=%s/tcp, $manager="%s"],\n' % (p.name, util.format_zeek_addr(p.addr), zeekport.use_port(p), manager.name)
zeekctl-2.1.0+ds1/ZeekControl/install.py-204-
##############################################
zeekctl-2.1.0+ds1/ZeekControl/install.py-207- p = w.count % len(proxies)
zeekctl-2.1.0+ds1/ZeekControl/install.py:208: ostr += '\t["%s"] = [$node_type=Cluster::WORKER, $ip=%s, $p=%s/tcp, $interface="%s", $manager="%s"],\n' % (w.name, util.format_zeek_addr(w.addr), zeekport.use_port(w), w.interface, manager.name)
zeekctl-2.1.0+ds1/ZeekControl/install.py-209-
##############################################
zeekctl-2.1.0+ds1/ZeekControl/execute.py-55- args = ['-rRl', '--delete', '--rsh="ssh -o BatchMode=yes -o LogLevel=error -o ConnectTimeout=30"']
zeekctl-2.1.0+ds1/ZeekControl/execute.py:56: dst = ["%s:/" % util.format_rsync_addr(n.addr)]
zeekctl-2.1.0+ds1/ZeekControl/execute.py-57- args += paths + dst
##############################################
zeekctl-2.1.0+ds1/ZeekControl/config.py-438-
zeekctl-2.1.0+ds1/ZeekControl/config.py:439: # Choose the first IPv4 addr (if any) in the list.
zeekctl-2.1.0+ds1/ZeekControl/config.py-440- for ip in addrs:
##############################################
zeekctl-2.1.0+ds1/ZeekControl/config.py-673- # is consistent regardless of which locale the system is using.
zeekctl-2.1.0+ds1/ZeekControl/config.py:674: proc = subprocess.Popen(["PATH=$PATH:/sbin:/usr/sbin LANG=C ifconfig", "-a"], stdout=subprocess.PIPE, stderr=subprocess.PIPE, shell=True)
zeekctl-2.1.0+ds1/ZeekControl/config.py-675- out, err = proc.communicate()
##############################################
zeekctl-2.1.0+ds1/ZeekControl/config.py-715-
zeekctl-2.1.0+ds1/ZeekControl/config.py:716: if _is_valid_addr(addrstr):
zeekctl-2.1.0+ds1/ZeekControl/config.py-717- localaddrs.append(addrstr)
##############################################
zeekctl-2.1.0+ds1/ZeekControl/config.py-727- # On Linux, "ip" is sometimes not in the user's standard PATH.
zeekctl-2.1.0+ds1/ZeekControl/config.py:728: proc = subprocess.Popen(["PATH=$PATH:/sbin:/usr/sbin ip address"], stdout=subprocess.PIPE, stderr=subprocess.PIPE, shell=True)
zeekctl-2.1.0+ds1/ZeekControl/config.py-729- out, err = proc.communicate()
##############################################
zeekctl-2.1.0+ds1/ZeekControl/config.py-755-
zeekctl-2.1.0+ds1/ZeekControl/config.py:756: if _is_valid_addr(addrstr):
zeekctl-2.1.0+ds1/ZeekControl/config.py-757- localaddrs.append(addrstr)
##############################################
zeekctl-2.1.0+ds1/ZeekControl/config.py-980-# Check if a string is a valid representation of an IP address or not.
zeekctl-2.1.0+ds1/ZeekControl/config.py:981:def _is_valid_addr(ipstr):
zeekctl-2.1.0+ds1/ZeekControl/config.py-982- try:
##############################################
zeekctl-2.1.0+ds1/ZeekControl/util.py-20-# with square brackets.
zeekctl-2.1.0+ds1/ZeekControl/util.py:21:def format_zeek_addr(addr):
zeekctl-2.1.0+ds1/ZeekControl/util.py-22- if ":" not in addr:
##############################################
zeekctl-2.1.0+ds1/ZeekControl/util.py-39-# quoting the brackets.
zeekctl-2.1.0+ds1/ZeekControl/util.py:40:def format_rsync_addr(addr):
zeekctl-2.1.0+ds1/ZeekControl/util.py-41- if ":" not in addr:
##############################################
zeekctl-2.1.0+ds1/configure-77- case "$1" in
zeekctl-2.1.0+ds1/configure:78: -*=*) optarg=`echo "$1" | sed 's/[-_a-zA-Z0-9]*=//'` ;;
zeekctl-2.1.0+ds1/configure-79- *) optarg= ;;
##############################################
zeekctl-2.1.0+ds1/bin/archive-log-34-
zeekctl-2.1.0+ds1/bin/archive-log:35:. `dirname $0`/zeekctl-config.sh
zeekctl-2.1.0+ds1/bin/archive-log-36-
##############################################
zeekctl-2.1.0+ds1/bin/archive-log-70-check_timestamp() {
zeekctl-2.1.0+ds1/bin/archive-log:71: res=`echo $2 | sed 's/[0-9][0-9]-[0-1][0-9]-[0-3][0-9]_[0-2][0-9][.][0-5][0-9][.][0-5][0-9]/VALID/'`
zeekctl-2.1.0+ds1/bin/archive-log-72- if [ "$res" != "VALID" ]; then
##############################################
zeekctl-2.1.0+ds1/bin/archive-log-82-century=`date +%C`
zeekctl-2.1.0+ds1/bin/archive-log:83:from=`echo $century$from | sed 's/[_.]/-/g'`
zeekctl-2.1.0+ds1/bin/archive-log:84:to=`echo $century$to | sed 's/[_.]/-/g'`
zeekctl-2.1.0+ds1/bin/archive-log-85-
##############################################
zeekctl-2.1.0+ds1/bin/archive-log-87-gzipped=0
zeekctl-2.1.0+ds1/bin/archive-log:88:ext=`echo $file_name | sed 's/^.*\.//'`
zeekctl-2.1.0+ds1/bin/archive-log-89-if [ "$ext" = "gz" ]; then
##############################################
zeekctl-2.1.0+ds1/bin/archive-log-92- fname=${file_name%.$ext}
zeekctl-2.1.0+ds1/bin/archive-log:93: ext=`echo $fname | sed 's/^.*\.//'`
zeekctl-2.1.0+ds1/bin/archive-log-94-fi
##############################################
zeekctl-2.1.0+ds1/bin/archive-log-100-# Compute the archived log filename
zeekctl-2.1.0+ds1/bin/archive-log:101:dest=`"${makearchivename}" $base_name.$ext $writer $from $to`
zeekctl-2.1.0+ds1/bin/archive-log-102-if [ -z "$dest" ]; then
##############################################
zeekctl-2.1.0+ds1/bin/archive-log-121-
zeekctl-2.1.0+ds1/bin/archive-log:122:dest_dir=`dirname "$dest"`
zeekctl-2.1.0+ds1/bin/archive-log-123-
##############################################
zeekctl-2.1.0+ds1/bin/run-zeek-28-
zeekctl-2.1.0+ds1/bin/run-zeek:29:. `dirname $0`/zeekctl-config.sh
zeekctl-2.1.0+ds1/bin/run-zeek-30-
##############################################
zeekctl-2.1.0+ds1/bin/run-zeek-83- fi
zeekctl-2.1.0+ds1/bin/run-zeek:84: myzeek=${tmpexecdir}/`basename "${zeek}"`
zeekctl-2.1.0+ds1/bin/run-zeek-85- rm -f "$myzeek"
##############################################
zeekctl-2.1.0+ds1/bin/crash-diag-8-
zeekctl-2.1.0+ds1/bin/crash-diag:9:. `dirname $0`/zeekctl-config.sh
zeekctl-2.1.0+ds1/bin/crash-diag-10-
##############################################
zeekctl-2.1.0+ds1/bin/crash-diag-33-# filenames contain the word "core" and do not end in ".log".
zeekctl-2.1.0+ds1/bin/crash-diag:34:core=`ls -t *core* 2> /dev/null | grep -v '\.log$'`
zeekctl-2.1.0+ds1/bin/crash-diag-35-
##############################################
zeekctl-2.1.0+ds1/bin/crash-diag-43-fi
zeekctl-2.1.0+ds1/bin/crash-diag:44:gdb_path=`which $gdb_name 2> /dev/null`
zeekctl-2.1.0+ds1/bin/crash-diag-45-
zeekctl-2.1.0+ds1/bin/crash-diag-46-if [ -f "${zeek}" ];then
zeekctl-2.1.0+ds1/bin/crash-diag:47: zeek_version=`"${zeek}" -v 2>/dev/null | awk '{print $3}'`
zeekctl-2.1.0+ds1/bin/crash-diag-48-else
##############################################
zeekctl-2.1.0+ds1/bin/crash-diag-57- if [ "${havenfs}" = "1" ]; then
zeekctl-2.1.0+ds1/bin/crash-diag:58: myzeek=${tmpexecdir}/`basename "${zeek}"`
zeekctl-2.1.0+ds1/bin/crash-diag-59- fi
##############################################
zeekctl-2.1.0+ds1/bin/crash-diag-102-
zeekctl-2.1.0+ds1/bin/crash-diag:103:zeekplugins=`"${zeek}" -N 2>/dev/null | grep -v "(built-in)"`
zeekctl-2.1.0+ds1/bin/crash-diag-104-if [ -z "$zeekplugins" ]; then
##############################################
zeekctl-2.1.0+ds1/bin/make-archive-name-36-
zeekctl-2.1.0+ds1/bin/make-archive-name:37:ext=`echo $1 | sed 's/^.*\.//'`
zeekctl-2.1.0+ds1/bin/make-archive-name:38:name=`basename $1 .$ext`
zeekctl-2.1.0+ds1/bin/make-archive-name-39-writer=$2
##############################################
zeekctl-2.1.0+ds1/bin/make-archive-name-42-
zeekctl-2.1.0+ds1/bin/make-archive-name:43:day=`echo $opened | awk -F - '{printf "%s-%s-%s", $1, $2, $3}'`
zeekctl-2.1.0+ds1/bin/make-archive-name:44:from=`echo $opened | awk -F - '{printf "%s:%s:%s", $4, $5, $6}'`
zeekctl-2.1.0+ds1/bin/make-archive-name:45:to=`echo $closed | awk -F - '{printf "%s:%s:%s", $4, $5, $6}'`
zeekctl-2.1.0+ds1/bin/make-archive-name-46-
##############################################
zeekctl-2.1.0+ds1/bin/helpers/top-8-
zeekctl-2.1.0+ds1/bin/helpers/top:9:. `dirname $0`/../zeekctl-config.sh
zeekctl-2.1.0+ds1/bin/helpers/top-10-
##############################################
zeekctl-2.1.0+ds1/bin/helpers/start-12-
zeekctl-2.1.0+ds1/bin/helpers/start:13:. `dirname $0`/../zeekctl-config.sh
zeekctl-2.1.0+ds1/bin/helpers/start-14-
##############################################
zeekctl-2.1.0+ds1/bin/helpers/df-6-
zeekctl-2.1.0+ds1/bin/helpers/df:7:. `dirname $0`/../zeekctl-config.sh
zeekctl-2.1.0+ds1/bin/helpers/df-8-
##############################################
zeekctl-2.1.0+ds1/bin/expire-logs-5-
zeekctl-2.1.0+ds1/bin/expire-logs:6:. `dirname $0`/zeekctl-config.sh
zeekctl-2.1.0+ds1/bin/expire-logs-7-
##############################################
zeekctl-2.1.0+ds1/bin/expire-logs-32- # (no output means all lines are older than the expire time).
zeekctl-2.1.0+ds1/bin/expire-logs:33: nl=`awk -v expiretime=$exptime '{ if ( $1 > expiretime ) { print NR-1; exit } }' "$slfile"`
zeekctl-2.1.0+ds1/bin/expire-logs-34-
##############################################
zeekctl-2.1.0+ds1/bin/postprocessors/summarize-connections-30-
zeekctl-2.1.0+ds1/bin/postprocessors/summarize-connections:31:. `dirname $0`/../zeekctl-config.sh
zeekctl-2.1.0+ds1/bin/postprocessors/summarize-connections-32-if [ $? -ne 0 ]; then
##############################################
zeekctl-2.1.0+ds1/bin/postprocessors/summarize-connections-76- # Convert timestamps to the format HH:MM:SS, and build the subject line.
zeekctl-2.1.0+ds1/bin/postprocessors/summarize-connections:77: start=`echo $open | sed 's/^..-..-.._//' | sed 's/\./:/g'`
zeekctl-2.1.0+ds1/bin/postprocessors/summarize-connections:78: end=`echo $close | sed 's/^..-..-.._//' | sed 's/\./:/g'`
zeekctl-2.1.0+ds1/bin/postprocessors/summarize-connections-79- subject="Connection summary from $start-$end"
##############################################
zeekctl-2.1.0+ds1/bin/send-mail-10-
zeekctl-2.1.0+ds1/bin/send-mail:11:. `dirname $0`/zeekctl-config.sh
zeekctl-2.1.0+ds1/bin/send-mail-12-if [ $? -ne 0 ]; then
##############################################
zeekctl-2.1.0+ds1/bin/check-config-17-
zeekctl-2.1.0+ds1/bin/check-config:18:. `dirname $0`/zeekctl-config.sh
zeekctl-2.1.0+ds1/bin/check-config-19-
##############################################
zeekctl-2.1.0+ds1/bin/post-terminate-41-dir=$2
zeekctl-2.1.0+ds1/bin/post-terminate:42:nodename=`basename $dir`
zeekctl-2.1.0+ds1/bin/post-terminate-43-
##############################################
zeekctl-2.1.0+ds1/bin/post-terminate-56-
zeekctl-2.1.0+ds1/bin/post-terminate:57:scriptdir=`dirname $0`
zeekctl-2.1.0+ds1/bin/post-terminate-58-. $scriptdir/zeekctl-config.sh
##############################################
zeekctl-2.1.0+ds1/bin/post-terminate-139- # to rename a log immediately after Zeek rotates it).
zeekctl-2.1.0+ds1/bin/post-terminate:140: tmp=`echo $filename | sed 's/[.][1-2][0-9][0-9][0-9]-[0-1][0-9]-[0-3][0-9]-[0-2][0-9]-[0-5][0-9]-[0-5][0-9]$//'`
zeekctl-2.1.0+ds1/bin/post-terminate-141- if [ "$filename" != "$tmp" ]; then
##############################################
zeekctl-2.1.0+ds1/bin/post-terminate-145- # Convert time from YYYY-MM-DD-HH-MM-SS to YY-MM-DD_HH.MM.SS
zeekctl-2.1.0+ds1/bin/post-terminate:146: strt=`echo $ts | awk -F '-' '{ printf("%s-%s-%s_%s.%s.%s",substr($1,3,2),$2,$3,$4,$5,$6) }'`
zeekctl-2.1.0+ds1/bin/post-terminate-147- else
##############################################
zeekctl-2.1.0+ds1/bin/post-terminate-149- # in Zeek, and is the format used by Zeek when a log is rotated).
zeekctl-2.1.0+ds1/bin/post-terminate:150: tmp=`echo $filename | sed 's/-[0-9][0-9]-[0-1][0-9]-[0-3][0-9]_[0-2][0-9][.][0-5][0-9][.][0-5][0-9]$//'`
zeekctl-2.1.0+ds1/bin/post-terminate-151- if [ "$filename" != "$tmp" ]; then
##############################################
zeekctl-2.1.0+ds1/bin/post-terminate-167- # Get the base name (such as "conn") by removing the file extension.
zeekctl-2.1.0+ds1/bin/post-terminate:168: basename=`basename "$logname" .log`
zeekctl-2.1.0+ds1/bin/post-terminate-169-
##############################################
zeekctl-2.1.0+ds1/bin/post-terminate-191- # time.
zeekctl-2.1.0+ds1/bin/post-terminate:192: strt=`cat .rotated.$basename`
zeekctl-2.1.0+ds1/bin/post-terminate-193-
##############################################
zeekctl-2.1.0+ds1/bin/expire-crash-4-
zeekctl-2.1.0+ds1/bin/expire-crash:5:. `dirname $0`/zeekctl-config.sh
zeekctl-2.1.0+ds1/bin/expire-crash-6-if [ $? -ne 0 ]; then
##############################################
zeekctl-2.1.0+ds1/bin/run-zeek-on-trace-12-
zeekctl-2.1.0+ds1/bin/run-zeek-on-trace:13:. `dirname $0`/zeekctl-config.sh
zeekctl-2.1.0+ds1/bin/run-zeek-on-trace-14-
##############################################
zeekctl-2.1.0+ds1/testing/Scripts/build-zeek-68- # FreeBSD /home is actually a symlink to /usr/home).
zeekctl-2.1.0+ds1/testing/Scripts/build-zeek:69: oldpath=`grep '^ZEEKSCRIPTDIR' lib/zeekctl/ZeekControl/version.py | awk -F \" '{ print $2 }'`
zeekctl-2.1.0+ds1/testing/Scripts/build-zeek:70: newpath=`canonicalpath "$oldpath"`
zeekctl-2.1.0+ds1/testing/Scripts/build-zeek-71- if [ "$newpath" != "$oldpath" ]; then
##############################################
zeekctl-2.1.0+ds1/testing/Scripts/build-zeek-86-canonicalpath() {
zeekctl-2.1.0+ds1/testing/Scripts/build-zeek:87: newpath=`python -c "from __future__ import print_function; import os,sys; print(os.path.realpath(sys.argv[1]))" "$1"`
zeekctl-2.1.0+ds1/testing/Scripts/build-zeek-88- test $? -ne 0 && exit 1
##############################################
zeekctl-2.1.0+ds1/testing/Scripts/build-zeek-110- # Path to the top-level ZeekControl source code directory.
zeekctl-2.1.0+ds1/testing/Scripts/build-zeek:111: ZEEKCTLSRCDIR=`dirname "$0"`/../..
zeekctl-2.1.0+ds1/testing/Scripts/build-zeek-112-
##############################################
zeekctl-2.1.0+ds1/testing/Scripts/build-zeek-116- # Path to the ZeekControl "build" directory.
zeekctl-2.1.0+ds1/testing/Scripts/build-zeek:117: ZEEKCTLBUILDDIR=`canonicalpath "${ZEEKCTLSRCDIR}/build"`
zeekctl-2.1.0+ds1/testing/Scripts/build-zeek-118-
##############################################
zeekctl-2.1.0+ds1/testing/Scripts/zeekctl-test-setup-141-canonicalpath() {
zeekctl-2.1.0+ds1/testing/Scripts/zeekctl-test-setup:142: newpath=`python -c "from __future__ import print_function; import os,sys; print(os.path.realpath(sys.argv[1]))" "$1"`
zeekctl-2.1.0+ds1/testing/Scripts/zeekctl-test-setup-143- test $? -ne 0 && exit 1
##############################################
zeekctl-2.1.0+ds1/testing/Scripts/zeekctl-test-setup-201- # the directory path of the Zeek install.
zeekctl-2.1.0+ds1/testing/Scripts/zeekctl-test-setup:202: export ZEEKCTL_INSTALL_PREFIX=`canonicalpath "$basedir/test.$$"`
zeekctl-2.1.0+ds1/testing/Scripts/zeekctl-test-setup-203-