Option
Description
-type f
Hereby, we define the type of the searched object. In this case, ‘f’ stands for ‘file’.
-name *.conf
With ‘-name’, we indicate the name of the file we are looking for. The asterisk (*) stands for ‘all’ files with the ‘.conf’ extension.
-user root
This option filters all files whose owner is the root user.
-size +20k
We can then filter all the located files and specify that we only want to see the files that are larger than 20 KiB.
-newermt 2020-03-03
With this option, we set the date. Only files newer than the specified date will be presented.
-exec ls -al {} \;
This option executes the specified command, using the curly brackets as placeholders for each result. The backslash escapes the next character from being interpreted by the shell because otherwise, the semicolon would terminate the command and not reach the redirection.
2>/dev/null
This is a STDERR redirection to the ‘null device’, which we will come back to in the next section. This redirection ensures that no errors are displayed in the terminal. This redirection must not be an option of the ‘find’ command.
File Descriptors Link to heading
A file descriptor (FD) in Unix/Linux operating systems is an indicator of connection maintained by the kernel to perform Input/Output (I/O) operations. In Windows-based operating systems, it is called filehandle. It is the connection (generally to a file) from the Operating system to perform I/O operations (Input/Output of Bytes). By default, the first three file descriptors in Linux are:
- Data Stream for Input
STDIN – 0
- Data Stream for Output
STDOUT – 1
- Data Stream for Output that relates to an error occurring.
STDERR – 2
Redirect STDOUT to a File Link to heading
Now we can see that all errors (STDERR) previously presented with “Permission denied” are no longer displayed. The only result we see now is the standard output (STDOUT), which we can also redirect to a file with the name results.txt that will only contain standard output without the standard errors.
Redirect STDOUT to a File
Dale Gribble@htb[/htb]$ find /etc/ -name shadow 2>/dev/null > results.txt
Redirect STDOUT and Append to a File Link to heading
When we use the greater-than sign (>) to redirect our STDOUT, a new file is automatically created if it does not already exist. If this file exists, it will be overwritten without asking for confirmation. If we want to append STDOUT to our existing file, we can use the double greater-than sign (>>).
Redirect STDOUT and Append to a File
Dale Gribble@htb[/htb]$ find /etc/ -name passwd >> stdout.txt 2>/dev/null
Redirect STDIN Stream to a File Link to heading
We can also use the double lower-than characters (<<) to add our standard input through a stream. We can use the so-called End-Of-File (EOF) function of a Linux system file, which defines the input’s end. In the next example, we will use the cat command to read our streaming input through the stream and direct it to a file called “stream.txt.”
Redirect STDIN Stream to a File
Dale Gribble@htb[/htb]$ cat << EOF > stream.txt
Pipes Link to heading
Another way to redirect STDOUT is to use pipes (|). These are useful when we want to use the STDOUT from one program to be processed by another. One of the most commonly used tools is grep, which we will use in the next example. Grep is used to filter STDOUT according to the pattern we define. In the next example, we use the find command to search for all files in the “/etc/” directory with a “.conf” extension. Any errors are redirected to the “null device” (/dev/null). Using grep, we filter out the results and specify that only the lines containing the pattern “systemd” should be displayed.
Pipes
Dale Gribble@htb[/htb]$ find /etc/ -name *.conf 2>/dev/null | grep systemd
The redirections work, not only once. We can use the obtained results to redirect them to another program. For the next example, we will use the tool called wc, which should count the total number of obtained results.
Pipes
Dale Gribble@htb[/htb]$ find /etc/ -name *.conf 2>/dev/null | grep systemd | wc -l
