[Tool] FCL.
#1
Hello GS, earlier today i was working with Ekultek on some SysAdmin related stuff. He needed a tool that would find all files and directories that had been modified in the last hour, copy them over to a temporary directory and subsequently save all this data in an encrypted archive. So i offered to help him out. And i came up with a pretty neat solution.

FCL which is short for "Find Copy Lock" does exactly that. It finds a series of files and directories that you are interested in and save them all to a password protected archive. The entire process is automated.

Besides this, i have also included functionality that automatically shreds all the files that have been gathered and copied over. Thereby securely deleting those files except for the encrypted data archive.

Check it out below.

Code:
#!/bin/bash
#____   ____             __                
#\   \ /   /____   _____/  |_  ___________
# \   Y   // __ \_/ ___\   __\/  _ \_  __ \
#  \     /\  ___/\  \___|  | (  <_> )  | \/
#   \___/  \___  >\___  >__|  \____/|__|  
#              \/     \/                  
#--Author : Vector/NullArray
#----Twitter: @Real__Vector
#--------Licensed under GNU GPL 3
##################################################


# Coloring scheme for notfications
ESC="\x1b["
RESET=$ESC"39;49;00m"
RED=$ESC"31;01m"
GREEN=$ESC"32;01m"

# Warning
function warning()
{    echo -e "\n$RED [!] $1 $RESET\n"
    }

# Green notification
function notification()
{    echo -e "\n$GREEN [+] $1 $RESET\n"
    }


function file_ops()
{    printf "Please be patient while we collect relevant files..."
    
     cwd=$(pwd)
     cd $output
     mkdir Archive
    
     # Set up array to copy relevant files
     while IFS= read -d $'\0' -r file ; do
         file_list=("${file_list[@]}" "$file")
     done < <( sudo find / -mmin -60 -print0)
     notification "All relevant data has been collected, processing..."
    
     # Copy files to the specified Dir +  temporary Archive directory
     for file in "${file_list[@]}"
     do
         sudo cp -p -f $file -t Archive
     done
    
     notification "Archiving data with password..."
    
     cd Archive
     7z a results.7z * -p
     mv results.7z ..
    
     read -p "Secure delete 'Archive' files and dir? [Y/n]: " choice
     if [[ $choice == 'y' || $choice == 'Y' ]]; then
         # Shred files and delete Archive dir
         cd ..
         find Archive -depth -type f -exec shred -v -n 1 -z -u {} \; && rm -rf Archive
         sleep 1 && clear
        
         cd $cwd
         notification "All operations completed."
         exit 0
        
     else
         cd $cwd
         notification "All operations completed."
         exit 0
     fi  
    }
    
# Funtion to handle operations related to a provided directory that does not exist    
function dir_ops()
{   read -p 'Create directory? [Y/n]: ' choice
    if [[ $choice == 'y' || $choice == 'Y' ]]; then
        mkdir $output
        stat $output || warning "Could not create directory. Exiting"  && exit 0
        
        file_ops
    else
        warning "Aborted..."
        exit 0
    fi
        
    }    

# Starting function    
function main()
{  printf "%b\nWelcome.
    
This script will copy all files and dirs that were
altered in the last hour to a directory of your
choosing and store them in an encrypted archive.\n\n\n"


    read -p 'Enter full path to output location : ' output
    
    printf "%b\n\n"
    notification "Checking output location..."
    stat $output || dirstat=0
    
    if [[ $dirstat == 0 ]]; then
        dir_ops
    fi
    
    notification "Directory checked, proceeding with file operations..."
    sleep 2
    
    # Call file operations function
    file_ops
    
    }

# Check for root
if [[ "$EUID" -ne 0 ]]; then
    warning "It is recommeded the script is run as root"
    
    read -p 'Continue without root? [Y/n]: ' choice
    if [[ $choice == 'y' || $choice == 'Y' ]]; then
        main
    else
        exit 0
    fi

else
    main
fi


You can also find a copy of the script as a Gist on my personal Github account by clicking here.

As you can see at line 41 the search operator resides:
Code:
done < <( sudo find / -mmin -60 -print0)

Get acquainted with the `find` utility and you can employ this script to find all manner of things and store them in an encrypted archive in an automated fashion. For instance if you change that line to:

Code:
done < <( sudo find / -name "*.log" -print0)

You will find all files that end with a .log extension, which of course will be sorted, encrypted and shredded save for the files that are now tucked safely away into your encrypted archive.
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  [Tool] rootOS thehappydino 3 23,892 03-03-2019, 09:15 AM
Last Post: Vector
  [TOOL] Blackpearl simple toolbox Whoami 2 22,654 10-09-2018, 06:21 PM
Last Post: Whoami
  [Tool] Automated PowerShell Installer for *Nix(Multi Distro Support) Vector 1 15,998 04-12-2018, 03:53 PM
Last Post: Vector
  [Tool]AutoSploit 2.0 Vector 3 19,486 03-02-2018, 09:47 PM
Last Post: code419