Created
June 26, 2014 11:16
-
-
Save p0c/65d0b2913b162d6f3bc4 to your computer and use it in GitHub Desktop.
#pentest #recipe: clean escape sequence codes from 'script' log
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
#----------------------------------------------------------------------------- | |
# Preconditions: | |
# | |
# You have a `script` command outputfile (typescript by default) | |
# | |
# $ script | |
# Script started, file is typescript | |
# <-- your commands and output here --> | |
# $ exit | |
# Script done, file is typescript | |
if [ -z "$1" ]; then | |
echo usage: $0 file | |
exit | |
fi | |
FILE=$1 | |
LINES=`wc -l ${FILE} | cut -d' ' -f1` | |
# screen session name --> $PID.strip | |
SESSION=${$}.strip | |
#----------------------------------------------------------------------------- | |
# Problem: | |
# | |
# Script output contains escape sequence codes and other non-readable data | |
# filtering or escaping with regexes is not an option (ex. cursor movement) | |
#----------------------------------------------------------------------------- | |
# Solution: | |
# | |
# Use screen hardcopy to copy output file contents after escape sequence | |
# interpretation | |
# (thxs to: http://superuser.com/questions/99128/removing-the-escape-\ | |
# characters-from-gnu-screens-screenlog-n) | |
#----------------------------------------------------------------------------- | |
# How to: | |
# | |
# Create new screen session (de-attached) | |
screen -d -m -S ${SESSION} | |
# Execute cat typescript in the created screen session | |
#screen -S ${SESSION} -X scrollback ${LINES} | |
# XXX hardcoded scrollback debug and fix | |
screen -S ${SESSION} -X scrollback 50000 | |
screen -S ${SESSION} -p 0 -X stuff "cat ${FILE}\n" | |
sleep 0.5 | |
# grab hardcopy of screen session buffer | |
# note: maybe its better to calculate typescript size and specify a buffer | |
screen -S ${SESSION} -X hardcopy -h .${FILE}.tmp | |
# finish session | |
screen -S ${SESSION} -X quit | |
# trim results to only get the script session output | |
sed -n -e '/^Script started on /,/^Script done on / p' .${FILE}.tmp > ${FILE}.clean | |
# add controls | |
rm .${FILE}.tmp |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment