awk 实战

时间  2019-12-14
标签 awk 实战 栏目 Linux 繁體版
原文   原文链接

awk 一些好玩的用法.有什么不错的点子能够留言,发挥出awk牛逼功能php

 

分离mac地址html

ifconfig wlan0 | grep eth | awk '{n=split($2,arr,":"); for(i=1;i<=n;i++)printf" "arr[i];print ""}'

 

提取eth0信息web

ifconfig   | awk 'NR==1 {print substr($1,1,4)"\n---------------------------------"};NR==2{split($0,a," "); print a[1]"\t\t"a[2]"\n"a[3]"\t\t"a[4]"\n"a[5]"\t"a[6]}NR==4{print $1"\t\t"$2"\n"}'

 

获取网卡信息shell

ifconfig | awk '
NR==1{d1=substr($1,1,4)}
NR==11{d2=substr($1,1,2)}
NR==20{d3=substr($1,1,5)}
NR==2||NR==4||NR==12||NR==21{
  if(NR==2)print d1"\t"$2;
  if(NR==4)print $1"\t"$2;
  if(NR==12)print d2"\t"$2;
  if(NR==21)print d3"\t"$2;
}'



重构输出端口服务信息bash

netstat -ntpl | awk "-F[\: /]+" '
BEGIN{
  print "Type\t IP\t\t PORT\t PID\t PName\t"
}
NR!=1 && NR!=2 {
  if($1=="tcp6"){
    print $1"\t\t\t "$4"\t "$7"\t"$8
  }else{
    print $1"\t " $4"\t " $5"\t " $9"\t " $10;
  }
}'

 

如何以特殊符号做为分隔符号tcp

echo -e  /11\\22'!'33\$44\'55\"/ |awk "-F[\\\\\ /\$\"\'\!]" '{print $1,$2,$3,$4,$5,$6}'

 

彩色字体打印字体

echo -e "\n\n\n\n\n" | awk '{
  for(i=NR;i>0;i--){
    printf "\033[3"i"maaaa "
  }
  printf("\n");
}
END{
   printf "\033[0m"
}'

echo -e "\n\n\n\n\n" | awk '{
  for(i=NR;i>0;i--){
    printf "\033[4"i"maaaa "
  }
  printf("\n")
}
END{
  printf "\033[0m"
}'

 

 

使用正则过滤网站

awk '!/bash$/' /etc/passwd
awk /bash$/ /etc/passwd

 

生成5个1-10内的随机数ui

awk 'BEGIN{
  srand();
  printf "%5d%5d%5d%5d%5d\n",
  rand()*10,rand()*10,rand()*10,rand()*10,rand()*10;
'}

 

结合nmap 主机范围扫描过滤重要信息google

nmap -n -v -T4 -sn 192.168.0.0/24    #一大长串,不少都是不想要的信息

Starting Nmap 7.25BETA1 ( https://nmap.org ) at 2018-02-06 11:06 CST
Initiating ARP Ping Scan at 11:06
Scanning 255 hosts [1 port/host]
Completed ARP Ping Scan at 11:06, 4.07s elapsed (255 total hosts)
Nmap scan report for 192.168.0.0 [host down]
Nmap scan report for 192.168.0.1
Host is up (0.0015s latency).
MAC Address: 04:95:E6:C4:98:90 (Unknown)
Nmap scan report for 192.168.0.2
Host is up (0.0015s latency).
MAC Address: 04:95:E6:C4:98:90 (Unknown)
Nmap scan report for 192.168.0.3 [host down]
Nmap scan report for 192.168.0.4 [host down]
Nmap scan report for 192.168.0.5 [host down]
...
Nmap scan report for 192.168.0.106 [host down]
Nmap scan report for 192.168.0.107 [host down]
Nmap scan report for 192.168.0.108
Host is up (0.22s latency).
MAC Address: 78:D3:8D:0F:A5:48 (Hongkong Yunlink Technology Limited)
Nmap scan report for 192.168.0.109 [host down]
...
Nmap scan report for 192.168.0.169 [host down]
Nmap scan report for 192.168.0.170 [host down]
Nmap scan report for 192.168.0.171
Host is up (0.25s latency).
MAC Address: 50:8F:4C:79:8D:CB (Unknown)
Nmap scan report for 192.168.0.172
Host is up (0.13s latency).
MAC Address: E8:65:D4:A6:36:58 (Unknown)
Nmap scan report for 192.168.0.173 [host down]
Nmap scan report for 192.168.0.174 [host down]
...
Nmap scan report for 192.168.0.255 [host down]
Nmap scan report for 192.168.0.141
Host is up.
Read data files from: /usr/bin/../share/nmap
Nmap done: 256 IP addresses (6 hosts up) scanned in 4.15 seconds
           Raw packets sent: 508 (14.224KB) | Rcvd: 7 (196B)

编辑一个shell 过滤脚本nmap-range.sh

grep -v "down"       |
awk 'NR>5{print $0}' |
awk '{
  if((NR-1)%3==0){
    printf $5
  }else if(NR%3==0){
     if($3 == "files"){
       print "\tThis is you\n"
     }
     else if(NR>4){
       print "\t"$3"\t"$4,$5,$6,$7,$8
     }
     else{ 
       print "\t"$3"\t"$4
     }
  }
}'

 

从新执行nmap 并管道传入过滤脚本处理

nmap -n -v -T4 -sn 192.168.0.0/24 | bash nmap-range.sh


内存百分比动态监控脚本

#!/bin/bash

while [ 1 ] 
do
clear
free -m | grep Mem: | awk '{per=$3*100/$2;print "\033[31mCurrent Mem\033[36m:"substr(per,1,5)"%\033[0m"}'
sleep 1
done

 

制做成绩表格 

源数据:sr

Marry   2143 78 84 77
Jack    2144 66 77 45
Tom     2145 80 83 61
Mike    2146 90 80 73
Bob     2148 91 93 92
Demon   2150 99 93 94

对成绩进行统计而且生成 表格

awk "-F[\t ]+" '
BEGIN{
  printf "%5s\t%5s\t%5s\t%5s\t%7s\t%9s\t%4s\n",
       "NR","Name","No","Math","Chinese","English","Total";
  printf "************************************";
  printf "**********************************\n";
  mat=0;chi=0;eng=0;tot=0;
}
{total=$3+$4+$5;printf "%5s\t%5s\t%5s\t%5s\t%7s\t%9s\t%4s\n",
        NR,$1,$2,$3,$4,$5,total;mat+=$3;chi+=$4;eng+=$5;tot+=total;
}
END{
   printf "************************************";
   printf "**********************************\n";
   mat /= NR;  chi /= NR; eng /= NR; tot /= NR;
   mat = substr(mat,1,4); 
   chi = substr(chi,1,4); 
   eng = substr(eng,1,4);  tot = substr(tot,1,5);
   printf "Avg\t\t\t%5s\t%7s\t%11s\t%6s\n",mat,chi,eng,tot;
}' sr

 

网站访问次数统计

源数据:

http://www.baidu.com/index.html
http://www.qq.com/index.html
http://www.qq.com/index.html
http://www.baidu.com/index.html
http://www.qq.com/index.html
http://www.baidu.com/index.html
http://www.baidu.com/index.html
http://www.163.com/1.html
http://www.demon.com/2.html
http://www.qq.com/index.html
http://www.163.com/1.html
http://www.demon.com/2.html
http://www.qq.com/index.html
http://www.163.com/1.html
http://www.demon.com/2.html
http://www.qq.com/index.html
http://www.163.com/1.html
http://www.demon.com/2.html
http://www.qq.com/index.html
http://www.demon.com/2.html
http://www.baidu.com/index.html
http://www.google.com/index.html
http://www.demon.com/2.html
http://www.baidu.com/index.html
http://www.163.com/1.html
http://www.demon.com/2.html
http://www.google.com/index.html
http://www.163.com/1.html
http://www.baidu.com/index.html
http://www.demon.com/2.html
http://www.163.com/1.html
http://www.google.com/index.html
http://www.baidu.com/index.html
http://www.demon.com/2.html
http://www.163.com/1.html
http://www.baidu.com/index.html
awk "-F[/]" '{arr[$3]++;}END{for(i in arr)print i"\t"arr[i]}' site

 

批量建立文件

awk -F: '{if(length($1)>7){print substr($1,1,5)}else{print $1}}' /etc/passwd > test
awk '{fileName = $1".php"; system("touch "fileName)}' test

 

使用awk防web页面爆破扫描

#!/bin/bash

HTTP_ERROR_LOG="/var/log/httpd/error_log"
WarnningCount=30


# $8 is ipaddress,                      e.g: "218.93.201.199]"
# /^[0-9]{1,3}(.[0-9]{1,3}){3}/         REGpattern match the IPaddress
# gsub(/]/,"",$8);                      delete the lastest character ']'
# iptables -I INPUT -s 185.222.209.151 -m state --state  NEW,RELATED,ESTABLISHED -j DROP

awk   -v "c=$WarnningCount" --posix '
  BEGIN{
    print "DangerIP\tScanCount";
  }

  $8 ~ /^[0-9]{1,3}(.[0-9]{1,3}){3}/   {
     gsub(/]/,"",$8); 
     IP[$8]++;
  }

  END {
    for(i in IP){
      if(IP[i]>=c){
        print i"\t"IP[i];
        system("iptables -I INPUT -s "i" -m state --state NEW,RELATED,ESTABLISHED -j DROP ");  
      }
    }
  }
' $HTTP_ERROR_LOG

 

 

cut切割字符串

head /etc/passwd | cut -c 1-13 | cut -d: -f1

 

awk 遇到的错误

使用awk正则匹配 passwd 文件里含有两个o的行:

awk  -F:  '/o{2}/'  /etc/passwd    

结果不管怎么尝试都匹配不出来,后面缩小范围肯定错误出在正则的量词上也就是那对大括号

通过资料查阅,解决办法就是须要加上一个参数: --posix  或--re-interval 选一个

awk --posix -F: '/o{2}/' /etc/passwd

 

转载请注明出处:http://www.cnblogs.com/demonxian3/p/8425247.html

awk参考网址 http://www.javashuo.com/article/p-qmtyfuku-m.html

相关文章
相关标签/搜索
每日一句
    每一个你不满意的现在,都有一个你没有努力的曾经。
本站公众号
   欢迎关注本站公众号,获取更多信息
联系我们 最近搜索 最新文章 沪ICP备13005482号-10 MyBatis教程 SQL 教程 MySQL教程 Java 教程 Thymeleaf 教程 Hibernate教程 Spring教程 Redis教程